-== List of softwares used to build IPFire Version: 2.3 ==
+== List of softwares used to build IPFire Version: 2.3-beta1 ==
* Archive-Tar-1.29
* Archive-Zip-1.16
* BerkeleyDB-0.27
+++ /dev/null
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-###############################################################################
-# Definitions
-###############################################################################
-
-include Config
-
-VER = 2.6
-
-THISAPP = dm9601-$(VER)
-DL_FILE = $(THISAPP).tgz
-DL_FROM = $(URL_IPFIRE)
-DIR_APP = $(DIR_SRC)/$(THISAPP)
-ifeq "$(SMP)" "1"
- TARGET = $(DIR_INFO)/$(THISAPP)-smp
-else
- TARGET = $(DIR_INFO)/$(THISAPP)
-endif
-
-
-###############################################################################
-# Top-level Rules
-###############################################################################
-
-objects = $(DL_FILE)
-
-$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-
-$(DL_FILE)_MD5 = e041c02477d8e19d79ae07d168ab3f73
-
-install : $(TARGET)
-
-check : $(patsubst %,$(DIR_CHK)/%,$(objects))
-
-download :$(patsubst %,$(DIR_DL)/%,$(objects))
-
-md5 : $(subst %,%_MD5,$(objects))
-
-dist:
- $(PAK)
-
-###############################################################################
-# Downloading, checking, md5sum
-###############################################################################
-
-$(patsubst %,$(DIR_CHK)/%,$(objects)) :
- @$(CHECK)
-
-$(patsubst %,$(DIR_DL)/%,$(objects)) :
- @$(LOAD)
-
-$(subst %,%_MD5,$(objects)) :
- @$(MD5)
-
-###############################################################################
-# Installation Details
-###############################################################################
-
-$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
- @$(PREBUILD)
- @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dm9601-make+ids.patch
-ifeq "$(SMP)" "1"
- cd $(DIR_APP) && make clean
- cd $(DIR_APP) && make -C /lib/modules/$(KVER)-ipfire-smp/build/ SUBDIRS=$(DIR_APP) modules
- cd $(DIR_APP) && install -m 644 dm9601.ko /lib/modules/$(KVER)-ipfire-smp/kernel/drivers/usb/net
-else
- cd $(DIR_APP) && make clean
- cd $(DIR_APP) && make -C /lib/modules/$(KVER)-ipfire/build/ SUBDIRS=$(DIR_APP) modules
- cd $(DIR_APP) && install -m 644 dm9601.ko /lib/modules/$(KVER)-ipfire/kernel/drivers/usb/net
-endif
- @rm -rf $(DIR_APP)
- @$(POSTBUILD)
+++ /dev/null
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-###############################################################################
-# Definitions
-###############################################################################
-
-include Config
-
-VER = 060926
-
-THISAPP = mcs7830-$(VER)
-DL_FILE = $(THISAPP).tar.bz2
-DL_FROM = $(URL_IPFIRE)
-DIR_APP = $(DIR_SRC)/$(THISAPP)
-ifeq "$(SMP)" "1"
- TARGET = $(DIR_INFO)/$(THISAPP)-smp
-else
- TARGET = $(DIR_INFO)/$(THISAPP)
-endif
-
-
-###############################################################################
-# Top-level Rules
-###############################################################################
-
-objects = $(DL_FILE)
-
-$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-
-$(DL_FILE)_MD5 = 234b18d71a55ee70b06c87fc4e7516a1
-
-install : $(TARGET)
-
-check : $(patsubst %,$(DIR_CHK)/%,$(objects))
-
-download :$(patsubst %,$(DIR_DL)/%,$(objects))
-
-md5 : $(subst %,%_MD5,$(objects))
-
-dist:
- $(PAK)
-
-###############################################################################
-# Downloading, checking, md5sum
-###############################################################################
-
-$(patsubst %,$(DIR_CHK)/%,$(objects)) :
- @$(CHECK)
-
-$(patsubst %,$(DIR_DL)/%,$(objects)) :
- @$(LOAD)
-
-$(subst %,%_MD5,$(objects)) :
- @$(MD5)
-
-###############################################################################
-# Installation Details
-###############################################################################
-
-$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
- @$(PREBUILD)
- @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
-
-ifeq "$(SMP)" "1"
- cd $(DIR_APP) && make clean
- cd $(DIR_APP) && make -C /lib/modules/$(KVER)-ipfire-smp/build/ SUBDIRS=$(DIR_APP) modules
- cd $(DIR_APP) && install -m 644 mcs7830.ko /lib/modules/$(KVER)-ipfire-smp/kernel/drivers/usb/net
-else
- cd $(DIR_APP) && make clean
- cd $(DIR_APP) && make -C /lib/modules/$(KVER)-ipfire/build/ SUBDIRS=$(DIR_APP) modules
- cd $(DIR_APP) && install -m 644 mcs7830.ko /lib/modules/$(KVER)-ipfire/kernel/drivers/usb/net
-endif
- @rm -rf $(DIR_APP)
- @$(POSTBUILD)
+++ /dev/null
-Submitted By: Dan Nicholson <dnicholson_at_linuxfromscratch_dot_org>
-Date: 2006-04-25
-Initial Package Version: 2.1.21
-Upstream Status: Applied
-Origin: Upstream CVS
- $ cvs log cmulocal/openldap.m4
- ...
- RCS file: /cvs/src/cmulocal/openldap.m4,v
- Working file: cmulocal/openldap.m4
- ...
- ----------------------------
- revision 1.2
- date: 2006/03/13 19:16:11; author: mel; state: Exp; lines: +3 -1
- Allow for OpenLDAP 2.3+
-Description: Allow OpenLDAP => 2.3
-
-diff -pur cyrus-sasl-2.1.21.orig/configure cyrus-sasl-2.1.21/configure
---- cyrus-sasl-2.1.21.orig/configure 2006-03-30 14:24:55.000000000 +0000
-+++ cyrus-sasl-2.1.21/configure 2006-03-30 21:00:35.388580365 +0000
-@@ -12253,6 +12253,8 @@ cat >>conftest.$ac_ext <<_ACEOF
- char *__openldap_compat = "2.1.27 or better okay";
- #elif LDAP_VENDOR_VERSION_MAJOR == 2 && LDAP_VENDOR_VERSION_MINOR == 2 && LDAP_VENDOR_VERSION_PATCH > 5
- char *__openldap_compat = "2.2.6 or better okay";
-+#elif LDAP_VENDOR_VERSION_MAJOR == 2 && LDAP_VENDOR_VERSION_MINOR > 2
-+char *__openldap_compat = "2.3 or better okay"
- #endif
-
- _ACEOF
+++ /dev/null
-Submitted By: Dan Nicholson <dnicholson_at_linuxfromscratch_dot_org>
-Date: 2006-04-25
-Initial Package Version: 2.1.21
-Upstream Status: Applied
-Origin: Upstream CVS
- http://asg.web.cmu.edu/archive/message.php?mailbox=org.acs.asg.project.sasl.commits&msg=1519
- http://asg.web.cmu.edu/archive/message.php?mailbox=org.acs.asg.project.sasl.commits&msg=1578
-Description: Adds needed headers for plugins when compiled with OpenSSL-0.9.8
-
-diff -pNur cyrus-sasl-2.1.21.orig/plugins/ntlm.c cyrus-sasl-2.1.21/plugins/ntlm.c
---- cyrus-sasl-2.1.21.orig/plugins/ntlm.c 2004-12-24 16:06:14.000000000 +0000
-+++ cyrus-sasl-2.1.21/plugins/ntlm.c 2006-04-25 18:46:24.433487794 +0000
-@@ -74,6 +74,7 @@
- #endif /* WIN32 */
-
- #include <openssl/md4.h>
-+#include <openssl/md5.h>
- #include <openssl/hmac.h>
- #include <openssl/des.h>
- #include <openssl/opensslv.h>
-diff -pNur cyrus-sasl-2.1.21.orig/plugins/passdss.c cyrus-sasl-2.1.21/plugins/passdss.c
---- cyrus-sasl-2.1.21.orig/plugins/passdss.c 2004-11-27 16:17:43.000000000 +0000
-+++ cyrus-sasl-2.1.21/plugins/passdss.c 2006-04-25 18:46:36.131787252 +0000
-@@ -67,6 +67,9 @@
- /* for digest and cipher support */
- #include <openssl/evp.h>
- #include <openssl/hmac.h>
-+#include <openssl/md5.h>
-+#include <openssl/sha.h>
-+#include <openssl/dsa.h>
-
- #include <sasl.h>
- #define MD5_H /* suppress internal MD5 */
-diff -pNur cyrus-sasl-2.1.21.orig/plugins/srp.c cyrus-sasl-2.1.21/plugins/srp.c
---- cyrus-sasl-2.1.21.orig/plugins/srp.c 2004-06-23 18:43:37.000000000 +0000
-+++ cyrus-sasl-2.1.21/plugins/srp.c 2006-04-25 18:46:36.135785645 +0000
-@@ -87,6 +87,7 @@ typedef unsigned short uint32;
- /* for digest and cipher support */
- #include <openssl/evp.h>
- #include <openssl/hmac.h>
-+#include <openssl/md5.h>
-
- #include <sasl.h>
- #define MD5_H /* suppress internal MD5 */
+++ /dev/null
-diff -Naur dm9601-2.6.org/dm9601.h dm9601-2.6/dm9601.h
---- dm9601-2.6.org/dm9601.h 2006-11-24 10:06:02.000000000 +0100
-+++ dm9601-2.6/dm9601.h 2008-04-04 09:54:06.000000000 +0200
-@@ -162,6 +162,8 @@
- DEFAULT_GPIO_RESET )\r
- DM9601_DEV( "Davicom USB-100", 0x3334, 0x1701,\r
- DEFAULT_GPIO_RESET )\r
-+DM9601_DEV( "ShanTou ST268 USB", 0x0a46, 0x0268,\r
-+ DEFAULT_GPIO_RESET )\r
- DM9601_DEV( "Billionton USB-100", VENDOR_BILLIONTON, 0x0986,\r
- DEFAULT_GPIO_RESET )\r
- DM9601_DEV( "Billionton USBLP-100", VENDOR_BILLIONTON, 0x0987,\r
-diff -Naur dm9601-2.6.org/Makefile dm9601-2.6/Makefile
---- dm9601-2.6.org/Makefile 2006-11-24 10:06:04.000000000 +0100
-+++ dm9601-2.6/Makefile 2008-04-03 22:34:04.000000000 +0200
-@@ -1,51 +1,17 @@
--##================================================================
--## Davicom Semiconductor Inc. For DM9601 V0.00
--## --------------------------------------------------------
--## Description:
--## Compile driver dm9601.c to dm9601.o
--##
--## Modification List:
--## 09/05/2000 Fixed SMPFALGS wrong on smp & smp_mod
--## 08/02/2000 Changed some description string & include file path
--## 07/25/2000 Append smp_mod and changed some descriptions
--## 01/25/2000 by Sten Wang
--##================================================================
--# Comment/uncomment the following line to disable/enable debugging
--#DEBUG = y
-+obj-m := dm9601.o
-
--# Add your debugging flag (or not) to CFLAGS
--ifeq ($(DEBUG),y)
-- DEBFLAGS = -O -g # "-O" is needed to expand inlines
--else
-- DEBFLAGS = -O2
--endif
--
--CFLAGS += $(DEBFLAGS) -I$(LDDINCDIR)
--
--ifneq ($(KERNELRELEASE),)
--# call from kernel build system
--
--obj-m := dm9601.o
--
--else
--
--KERNELDIR ?= /lib/modules/$(shell uname -r)/build
--PWD := $(shell pwd)
-+KDIR := /lib/modules/$(shell uname -r)/build
-+PWD := $(shell pwd)
-
- default:
-- $(MAKE) -C $(KERNELDIR) M=$(PWD) LDDINCDIR=$(PWD)/../include modules
--
--endif
--
--
-+ $(MAKE) -C $(KDIR) SUBDIRS=$(PWD) modules;
-+install:
-+ insmod dm9601.ko
-+remove:
-+ rmmod dm9601
-
- clean:
-- rm -rf *.o *~ core .depend .*.cmd *.ko *.mod.c .tmp_versions
--
--depend .depend dep:
-- $(CC) $(CFLAGS) -M *.c > .depend
-+ rm -rf .tmp_versions Modules.symvers *.mod.c *.o *.ko .*.cmd
-
-+
-
--ifeq (.depend,$(wildcard .depend))
--include .depend
--endif
+++ /dev/null
-*** orgdriver/ide/pci/via82cxxx.c Thu May 3 21:49:52 2007
---- drivers/ide/pci/via82cxxx.c Thu May 10 11:51:49 2007
-***************
-*** 67,72 ****
---- 67,76 ----
- #define VIA_NO_UNMASK 0x080 /* Doesn't work with IRQ unmasking on */
- #define VIA_BAD_ID 0x100 /* Has wrong vendor ID (0x1107) */
- #define VIA_BAD_AST 0x200 /* Don't touch Address Setup Timing */
-+ #define PCI_DEVICE_ID_VIA_VT8251 0x3287
-+ #define PCI_DEVICE_ID_VIA_VT8237A 0x3337
-+ #define PCI_DEVICE_ID_VIA_CX700 0x8324
-+ #define PCI_DEVICE_ID_VIA_CX700_IDE 0x5324
-
- /*
- * VIA SouthBridge chips.
-***************
-*** 79,84 ****
---- 83,91 ----
- u8 rev_max;
- u16 flags;
- } via_isa_bridges[] = {
-+ { "vt8251", PCI_DEVICE_ID_VIA_VT8251 , 0x00, 0x2f, VIA_UDMA_133 | VIA_BAD_AST },
-+ { "vt8237a", PCI_DEVICE_ID_VIA_VT8237A , 0x00, 0x2f, VIA_UDMA_133 | VIA_BAD_AST },
-+ { "cx700", PCI_DEVICE_ID_VIA_CX700, 0x00, 0x2f, VIA_UDMA_133 | VIA_BAD_AST },
- { "vt6410", PCI_DEVICE_ID_VIA_6410, 0x00, 0x2f, VIA_UDMA_133 | VIA_BAD_AST },
- { "vt8251", PCI_DEVICE_ID_VIA_8251, 0x00, 0x2f, VIA_UDMA_133 | VIA_BAD_AST },
- { "vt8237", PCI_DEVICE_ID_VIA_8237, 0x00, 0x2f, VIA_UDMA_133 | VIA_BAD_AST },
-***************
-*** 498,503 ****
---- 505,511 ----
- static struct pci_device_id via_pci_tbl[] = {
- { PCI_VENDOR_ID_VIA, PCI_DEVICE_ID_VIA_82C576_1, PCI_ANY_ID, PCI_ANY_ID, 0, 0, 0},
- { PCI_VENDOR_ID_VIA, PCI_DEVICE_ID_VIA_82C586_1, PCI_ANY_ID, PCI_ANY_ID, 0, 0, 0},
-+ { PCI_VENDOR_ID_VIA, PCI_DEVICE_ID_VIA_CX700_IDE, PCI_ANY_ID, PCI_ANY_ID, 0, 0,0},
- { PCI_VENDOR_ID_VIA, PCI_DEVICE_ID_VIA_6410, PCI_ANY_ID, PCI_ANY_ID, 0, 0, 1},
- { 0, },
- };
+++ /dev/null
-Submitted By: Randy McMurchy <randy_at_linuxfromscratch_dot_org>
-Date: 2006-01-12
-Initial Package Version: 0.4.9-pre1
-Upstream Status: Applied in upstream CVS
-Origin: MPlayer-1.0pre7try2 version of FFmpeg (upstream CVS)
-Description: Fixes building with AMR code
-
-
-diff -Naur ffmpeg-0.4.9-pre1-orig/libavcodec/Makefile ffmpeg-0.4.9-pre1/libavcodec/Makefile
---- ffmpeg-0.4.9-pre1-orig/libavcodec/Makefile 2004-06-18 13:11:15.000000000 +0000
-+++ ffmpeg-0.4.9-pre1/libavcodec/Makefile 2006-01-12 18:27:33.000000000 +0000
-@@ -7,7 +7,7 @@
- VPATH=$(SRC_PATH)/libavcodec
-
- # NOTE: -I.. is needed to include config.h
--CFLAGS=$(OPTFLAGS) -DHAVE_AV_CONFIG_H -I.. -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_GNU_SOURCE
-+CFLAGS=$(OPTFLAGS) -DHAVE_AV_CONFIG_H -I.. -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_GNU_SOURCE $(AMR_CFLAGS)
-
- OBJS= common.o utils.o mem.o allcodecs.o \
- mpegvideo.o jrevdct.o jfdctfst.o jfdctint.o\
-@@ -22,14 +22,16 @@
- smc.o parser.o flicvideo.o truemotion1.o vmdav.o lcl.o qtrle.o g726.o \
- flac.o vp3dsp.o integer.o
-
-+AMROBJS=
- ifeq ($(AMR_NB),yes)
- ifeq ($(AMR_NB_FIXED),yes)
--OBJS+= amr.o
-+AMROBJS= amr.o
- AMREXTRALIBS+= amr/*.o
- AMRLIBS=amrlibs
- CLEANAMR=cleanamr
- else
--OBJS+= amr.o amr_float/sp_dec.o amr_float/sp_enc.o amr_float/interf_dec.o amr_float/interf_enc.o
-+AMROBJS= amr.o
-+OBJS+= amr_float/sp_dec.o amr_float/sp_enc.o amr_float/interf_dec.o amr_float/interf_enc.o
- CLEANAMR=cleanamrfloat
- endif
- endif
-@@ -43,13 +45,15 @@
- endif
-
- ifeq ($(AMR_WB),yes)
--OBJS+= amr.o amrwb_float/dec_acelp.o amrwb_float/dec_dtx.o amrwb_float/dec_gain.o \
-+AMROBJS= amr.o
-+OBJS+= amrwb_float/dec_acelp.o amrwb_float/dec_dtx.o amrwb_float/dec_gain.o \
- amrwb_float/dec_if.o amrwb_float/dec_lpc.o amrwb_float/dec_main.o \
- amrwb_float/dec_rom.o amrwb_float/dec_util.o amrwb_float/enc_acelp.o \
- amrwb_float/enc_dtx.o amrwb_float/enc_gain.o amrwb_float/enc_if.o \
- amrwb_float/enc_lpc.o amrwb_float/enc_main.o amrwb_float/enc_rom.o \
- amrwb_float/enc_util.o amrwb_float/if_rom.o
- endif
-+OBJS+= $(AMROBJS)
- CLEANAMRWB=cleanamrwbfloat
- ASM_OBJS=
-
-diff -Naur ffmpeg-0.4.9-pre1-orig/libavcodec/amr.c ffmpeg-0.4.9-pre1/libavcodec/amr.c
---- ffmpeg-0.4.9-pre1-orig/libavcodec/amr.c 2004-05-21 14:37:16.000000000 +0000
-+++ ffmpeg-0.4.9-pre1/libavcodec/amr.c 2006-01-12 18:27:33.000000000 +0000
-@@ -411,27 +411,32 @@
- AMRContext *s = (AMRContext*)avctx->priv_data;
-
- uint8_t*amrData=buf;
-- int offset=0;
- static short block_size[16]={ 12, 13, 15, 17, 19, 20, 26, 31, 5, 0, 0, 0, 0, 0, 0, 0 };
- enum Mode dec_mode;
- int packet_size;
-
-- //printf("amr_decode_frame data_size=%i buf=0x%X buf_size=%d frameCount=%d!!\n",*data_size,buf,buf_size,s->frameCount);
-+ /* av_log(NULL,AV_LOG_DEBUG,"amr_decode_frame buf=%p buf_size=%d frameCount=%d!!\n",buf,buf_size,s->frameCount); */
-+
-+ if(buf_size==0) {
-+ /* nothing to do */
-+ return 0;
-+ }
-
-- while(offset<buf_size)
-- {
-- dec_mode = (amrData[offset] >> 3) & 0x000F;
-- packet_size = block_size[dec_mode];
-+ dec_mode = (buf[0] >> 3) & 0x000F;
-+ packet_size = block_size[dec_mode]+1;
-+
-+ if(packet_size > buf_size) {
-+ av_log(avctx, AV_LOG_ERROR, "amr frame too short (%u, should be %u)\n", buf_size, packet_size);
-+ return -1;
-+ }
-
-- s->frameCount++;
-- //printf("offset=%d, packet_size=%d amrData= 0x%X %X %X %X\n",offset,packet_size,amrData[offset],amrData[offset+1],amrData[offset+2],amrData[offset+3]);
-- /* call decoder */
-- Decoder_Interface_Decode(s->decState, &amrData[offset], data+*data_size, 0);
-- *data_size+=160*2;
-+ s->frameCount++;
-+ /* av_log(NULL,AV_LOG_DEBUG,"packet_size=%d amrData= 0x%X %X %X %X\n",packet_size,amrData[0],amrData[1],amrData[2],amrData[3]); */
-+ /* call decoder */
-+ Decoder_Interface_Decode(s->decState, amrData, data, 0);
-+ *data_size=160*2;
-
-- offset+=packet_size+1;
-- }
-- return buf_size;
-+ return packet_size;
- }
-
- static int amr_nb_encode_frame(AVCodecContext *avctx,
-@@ -445,6 +450,7 @@
- data,
- frame,
- 0);
-+ /* av_log(NULL,AV_LOG_DEBUG,"amr_nb_encode_frame encoded %u bytes, bitrate %u, first byte was %#02x\n",written, s->enc_bitrate, frame[0] ); */
-
- return written;
- }
-@@ -598,20 +604,26 @@
- AMRWBContext *s = (AMRWBContext*)avctx->priv_data;
-
- uint8_t*amrData=buf;
-- int offset=0;
- int mode;
- int packet_size;
-
-- while(offset<buf_size)
-- {
-- s->frameCount++;
-- mode = (Word16)((amrData[offset] >> 3) & 0x0F);
-- packet_size = block_size[mode];
-- D_IF_decode( s->state, &amrData[offset], data+*data_size, _good_frame);
-- *data_size+=320*2;
-- offset+=packet_size;
-+ if(buf_size==0) {
-+ /* nothing to do */
-+ return 0;
- }
-- return buf_size;
-+
-+ mode = (amrData[0] >> 3) & 0x000F;
-+ packet_size = block_size[mode];
-+
-+ if(packet_size > buf_size) {
-+ av_log(avctx, AV_LOG_ERROR, "amr frame too short (%u, should be %u)\n", buf_size, packet_size+1);
-+ return -1;
-+ }
-+
-+ s->frameCount++;
-+ D_IF_decode( s->state, amrData, data, _good_frame);
-+ *data_size=320*2;
-+ return packet_size;
- }
-
- static int amr_wb_decode_close(AVCodecContext * avctx)
-
-diff -Naur ffmpeg-0.4.9-pre1-orig/libavcodec/avcodec.h ffmpeg-0.4.9-pre1/libavcodec/avcodec.h
---- ffmpeg-0.4.9-pre1-orig/libavcodec/avcodec.h 2004-07-09 12:49:55.000000000 +0000
-+++ ffmpeg-0.4.9-pre1/libavcodec/avcodec.h 2006-01-12 18:27:33.000000000 +0000
-@@ -124,7 +124,7 @@
- CODEC_ID_ADPCM_G726,
-
- /* AMR */
-- CODEC_ID_AMR_NB,
-+ CODEC_ID_AMR_NB= 0x12000,
- CODEC_ID_AMR_WB,
-
- /* RealAudio codecs*/
-
-diff -Naur ffmpeg-0.4.9-pre1-orig/libavformat/Makefile ffmpeg-0.4.9-pre1/libavformat/Makefile
---- ffmpeg-0.4.9-pre1-orig/libavformat/Makefile 2004-04-24 15:16:23.000000000 +0000
-+++ ffmpeg-0.4.9-pre1/libavformat/Makefile 2006-01-12 18:27:33.000000000 +0000
-@@ -23,15 +23,17 @@
- OBJS+= asf-enc.o
- endif
-
-+AMROBJS=
- ifeq ($(AMR_NB),yes)
--OBJS+= amr.o
-+AMROBJS= amr.o
- endif
- ifeq ($(AMR_NB_FIXED),yes)
--OBJS+= amr.o
-+AMROBJS= amr.o
- endif
- ifeq ($(AMR_WB),yes)
--OBJS+= amr.o
-+AMROBJS= amr.o
- endif
-+OBJS+= $(AMROBJS)
-
- # image formats
- OBJS+= pnm.o yuv.o png.o jpeg.o gifdec.o sgi.o
-
+++ /dev/null
-Submitted By: Randy McMurchy <randy_at_linuxfromscratch_dot_org>
-Date: 2005-09-07
-Initial Package Version: 0.4.9-pre1
-Upstream Status: Some fixes unknown, the MMX fix is from upstream CVS
-Origin: Frugalware Linux (frugalware.org)
- http://frugalware.org/pipermail/frugalware-darcs/2005-August/003296.html
- Also the MMX fix is from upstream CVS
- http://www1.mplayerhq.hu/cgi-bin/cvsweb.cgi/ffmpeg/libavcodec/i386/dsputil_mmx.c.diff?r1=1.88&r2=1.89&cvsroot=FFMpeg
-Description: Fixes GCC-4.0.1 build problems
-
-
-diff -Naur ffmpeg-0.4.9-pre1-orig/libavcodec/ac3.h ffmpeg-0.4.9-pre1/libavcodec/ac3.h
---- ffmpeg-0.4.9-pre1-orig/libavcodec/ac3.h 2003-03-06 11:32:04.000000000 +0000
-+++ ffmpeg-0.4.9-pre1/libavcodec/ac3.h 2005-09-07 18:50:35.000000000 +0000
-@@ -43,6 +43,7 @@
- int cplfleak, cplsleak;
- } AC3BitAllocParameters;
-
-+#if 0
- extern const uint16_t ac3_freqs[3];
- extern const uint16_t ac3_bitratetab[19];
- extern const int16_t ac3_window[256];
-@@ -52,6 +53,7 @@
- extern const uint16_t dbkneetab[4];
- extern const uint16_t floortab[8];
- extern const uint16_t fgaintab[8];
-+#endif
-
- void ac3_common_init(void);
- void ac3_parametric_bit_allocation(AC3BitAllocParameters *s, uint8_t *bap,
-
-diff -Naur ffmpeg-0.4.9-pre1-orig/libavcodec/avcodec.h ffmpeg-0.4.9-pre1/libavcodec/avcodec.h
---- ffmpeg-0.4.9-pre1-orig/libavcodec/avcodec.h 2004-07-09 12:49:55.000000000 +0000
-+++ ffmpeg-0.4.9-pre1/libavcodec/avcodec.h 2005-09-07 18:49:40.000000000 +0000
-@@ -1657,6 +1657,14 @@
- #define FF_OPT_MAX_DEPTH 10
- } AVOption;
-
-+struct AVOption;
-+#ifdef HAVE_MMX
-+extern const struct AVOption avoptions_common[3 + 5];
-+#else
-+extern const struct AVOption avoptions_common[3];
-+#endif
-+extern const struct AVOption avoptions_workaround_bug[11];
-+
- /**
- * Parse option(s) and sets fields in passed structure
- * @param strct structure where the parsed results will be written
-
-diff -Naur ffmpeg-0.4.9-pre1-orig/libavcodec/common.h ffmpeg-0.4.9-pre1/libavcodec/common.h
---- ffmpeg-0.4.9-pre1-orig/libavcodec/common.h 2004-07-01 12:33:07.000000000 +0000
-+++ ffmpeg-0.4.9-pre1/libavcodec/common.h 2005-09-07 18:49:40.000000000 +0000
-@@ -62,14 +62,6 @@
- #define AVOPTION_SUB(ptr) { .name = NULL, .help = (const char*)ptr }
- #define AVOPTION_END() AVOPTION_SUB(NULL)
-
--struct AVOption;
--#ifdef HAVE_MMX
--extern const struct AVOption avoptions_common[3 + 5];
--#else
--extern const struct AVOption avoptions_common[3];
--#endif
--extern const struct AVOption avoptions_workaround_bug[11];
--
- #endif /* HAVE_AV_CONFIG_H */
-
- /* Suppress restrict if it was not defined in config.h. */
-
-diff -Naur ffmpeg-0.4.9-pre1-orig/libavcodec/i386/dsputil_mmx.c ffmpeg-0.4.9-pre1/libavcodec/i386/dsputil_mmx.c
---- ffmpeg-0.4.9-pre1-orig/libavcodec/i386/dsputil_mmx.c 2004-06-08 02:13:44.000000000 +0000
-+++ ffmpeg-0.4.9-pre1/libavcodec/i386/dsputil_mmx.c 2005-09-07 18:54:04.000000000 +0000
-@@ -644,26 +644,22 @@
- "punpcklwd %%mm0, %%mm1 \n\t"
- "punpckhwd %%mm4, %%mm3 \n\t"
- "punpckhwd %%mm0, %%mm6 \n\t"
-- "movd %%mm5, %0 \n\t"
-- "punpckhdq %%mm5, %%mm5 \n\t"
-- "movd %%mm5, %1 \n\t"
-- "movd %%mm3, %2 \n\t"
-- "punpckhdq %%mm3, %%mm3 \n\t"
-- "movd %%mm3, %3 \n\t"
-- "movd %%mm1, %4 \n\t"
-- "punpckhdq %%mm1, %%mm1 \n\t"
-- "movd %%mm1, %5 \n\t"
-- "movd %%mm6, %6 \n\t"
-- "punpckhdq %%mm6, %%mm6 \n\t"
-- "movd %%mm6, %7 \n\t"
-- : "=m" (*(uint32_t*)(src + 0*stride)),
-- "=m" (*(uint32_t*)(src + 1*stride)),
-- "=m" (*(uint32_t*)(src + 2*stride)),
-- "=m" (*(uint32_t*)(src + 3*stride)),
-- "=m" (*(uint32_t*)(src + 4*stride)),
-- "=m" (*(uint32_t*)(src + 5*stride)),
-- "=m" (*(uint32_t*)(src + 6*stride)),
-- "=m" (*(uint32_t*)(src + 7*stride))
-+ "movd %%mm5, (%0) \n\t"
-+ "punpckhdq %%mm5, %%mm5 \n\t"
-+ "movd %%mm5, (%0,%2) \n\t"
-+ "movd %%mm3, (%0,%2,2) \n\t"
-+ "punpckhdq %%mm3, %%mm3 \n\t"
-+ "movd %%mm3, (%0,%3) \n\t"
-+ "movd %%mm1, (%1) \n\t"
-+ "punpckhdq %%mm1, %%mm1 \n\t"
-+ "movd %%mm1, (%1,%2) \n\t"
-+ "movd %%mm6, (%1,%2,2) \n\t"
-+ "punpckhdq %%mm6, %%mm6 \n\t"
-+ "movd %%mm6, (%1,%3) \n\t"
-+ :: "r" (src),
-+ "r" (src + 4*stride),
-+ "r" ((long) stride ),
-+ "r" ((long)(3*stride))
- );
- }
-
+++ /dev/null
---- libavcodec/libpostproc/postprocess_template.orig.c 2005-05-04 00:13:55.809595776 -0400
-+++ libavcodec/libpostproc/postprocess_template.c 2005-05-04 00:17:44.090891744 -0400
-@@ -2646,7 +2646,7 @@
- * accurate deblock filter
- */
- static always_inline void RENAME(do_a_deblock)(uint8_t *src, int step, int stride, PPContext *c){
-- int64_t dc_mask, eq_mask;
-+ int64_t dc_mask, eq_mask, both_masks;
- int64_t sums[10*8*2];
- src+= step*3; // src points to begin of the 8x8 Block
- //START_TIMER
-@@ -2755,7 +2755,9 @@
- : "%eax"
- );
-
-- if(dc_mask & eq_mask){
-+ both_masks = dc_mask & eq_mask;
-+
-+ if (both_masks){
- int offset= -8*step;
- int64_t *temp_sums= sums;
-
-@@ -2930,7 +2932,7 @@
- " js 1b \n\t"
-
- : "+r"(offset), "+r"(temp_sums)
-- : "r" (step), "r"(src - offset), "m"(dc_mask & eq_mask)
-+ : "r" (step), "r"(src - offset), "m"(both_masks)
- );
- }else
- src+= step; // src points to begin of the 8x8 Block
+++ /dev/null
-diff -ruw ipac-ng-1.31_iptables-1.3.1/agents/iptables/iptables.c ipac-ng-1.31/agents/iptables/iptables.c
---- ipac-ng-1.31_iptables-1.3.1/agents/iptables/iptables.c 2005-05-02 12:00:48.000000000 +0200
-+++ ipac-ng-1.31/agents/iptables/iptables.c 2005-05-11 22:15:59.558139120 +0200
-@@ -1144,6 +1144,7 @@
- rule = new_rule();
-
- chain = new_rule();
-+ chain->pkts = 1;
-
- strncpy(rule->name, cp+1, MAX_RULE_NAME_LENGTH);
- strncpy(chain->name, nextline->line, cp-nextline->line);
+++ /dev/null
-diff -Nur ipac-ng-1.31.orig/agents/iptables/iptables.c ipac-ng-1.31/agents/iptables/iptables.c
---- ipac-ng-1.31.orig/agents/iptables/iptables.c 2004-06-27 22:08:54.000000000 +0000
-+++ ipac-ng-1.31/agents/iptables/iptables.c 2006-01-11 21:49:40.000000000 +0000
-@@ -62,10 +62,6 @@
- #define FALSE 0
- #endif
-
--#ifndef IPT_LIB_DIR
--#define IPT_LIB_DIR "/lib/iptables"
--#endif
--
- #define FMT_NUMERIC 0x0001
- #define FMT_NOCOUNTS 0x0002
- #define FMT_KILOMEGAGIGA 0x0004
-@@ -91,7 +87,6 @@
- static struct option *opts = original_opts;
- static unsigned int global_option_offset = 0;
-
--extern char *authhost;
-
- /* - T.Mohan 5/7/2001
- * interface structure to pass to append rule
-@@ -106,6 +101,14 @@
- typedef struct iface_struct s_iface;
-
-
-+struct iptables_rule_match
-+{
-+ struct iptables_rule_match *next;
-+
-+ struct iptables_match *match;
-+};
-+
-+
- /* Include file for additions: new matches and targets. */
- struct iptables_match
- {
-@@ -113,6 +116,9 @@
-
- ipt_chainlabel name;
-
-+ /* Revision of match (0 by default). */
-+ u_int8_t revision;
-+
- const char *version;
-
- /* Size of match data. */
-@@ -152,7 +158,6 @@
- unsigned int option_offset;
- struct ipt_entry_match *m;
- unsigned int mflags;
-- unsigned int used;
- };
-
- struct iptables_target
-@@ -161,6 +166,9 @@
-
- ipt_chainlabel name;
-
-+ /* Revision of target (0 by default). */
-+ u_int8_t revision;
-+
- const char *version;
-
- /* Size of target data. */
-@@ -202,6 +210,7 @@
- unsigned int used;
- };
-
-+
- enum ipt_tryload {
- DONT_LOAD,
- TRY_LOAD,
-@@ -246,6 +255,9 @@
- * compiler warning.
- */
-
-+char *lib_dir = "/lib/iptables";
-+
-+
- void
- exit_error(enum exittype status, char *msg, ...)
- {
-@@ -367,7 +379,7 @@
- * iptables-1.2.2 file:iptables.c
- */
-
--void
-+static void
- parse_interface(const char *arg, char *vianame, unsigned char *mask)
- {
- int vialen = strlen(arg);
-@@ -382,23 +394,25 @@
- " (%i)", arg, IFNAMSIZ-1);
-
- strcpy(vianame, arg);
-- if (vialen == 0)
-+ if ((vialen == 0) || (vialen == 1 && vianame[0] == '+'))
- memset(mask, 0, IFNAMSIZ);
- else if (vianame[vialen - 1] == '+') {
- memset(mask, 0xFF, vialen - 1);
- memset(mask + vialen - 1, 0, IFNAMSIZ - vialen + 1);
-+ /* Don't remove `+' here! -HW */
- } else {
- /* Include nul-terminator in match */
- memset(mask, 0xFF, vialen + 1);
- memset(mask + vialen + 1, 0, IFNAMSIZ - vialen - 1);
-- }
- for (i = 0; vianame[i]; i++) {
- if (!isalnum(vianame[i])
- && vianame[i] != '_'
-- && vianame[i] != '+'
- && vianame[i] != '.') {
-- exit_error(PARAMETER_PROBLEM, "Warning: weird character in interface"
-- " `%s' (No aliases, :, ! or *).\n", vianame);
-+ printf("Warning: wierd character in interface"
-+ " `%s' (No aliases, :, ! or *).\n",
-+ vianame);
-+ break;
-+ }
- }
- }
- }
-@@ -429,20 +443,27 @@
- }
-
- int
--check_inverse(const char option[], int *invert)
-+check_inverse(const char option[], int *invert, int *optind, int argc)
- {
- if (option && strcmp(option, "!") == 0) {
- if (*invert)
- exit_error(PARAMETER_PROBLEM,
- "Multiple `!' flags not allowed");
--
- *invert = TRUE;
-+ if (optind) {
-+ *optind = *optind+1;
-+ if (argc && *optind > argc)
-+ exit_error(PARAMETER_PROBLEM,
-+ "no argument following `!'");
-+ }
-+
- return TRUE;
- }
- return FALSE;
- }
-
- // ---------------------------------------------------------------------
-+/* code copied from iptables 1.3.1 */
- // ---------------------------------------------------------------------
-
- static char *
-@@ -509,7 +530,7 @@
- return addr_to_dotted(addr);
- }
-
--static char *
-+char *
- mask_to_dotted(const struct in_addr *mask)
- {
- int i;
-@@ -535,22 +556,19 @@
- return buf;
- }
-
-+
- static struct ipt_entry *
- generate_entry(const struct ipt_entry *fw,
-- struct iptables_match *matches,
-+ struct iptables_rule_match *matches,
- struct ipt_entry_target *target)
- {
- unsigned int size;
-- struct iptables_match *m;
-+ struct iptables_rule_match *matchp;
- struct ipt_entry *e;
-
- size = sizeof(struct ipt_entry);
-- for (m = matches; m; m = m->next) {
-- if (!m->used)
-- continue;
--
-- size += m->m->u.match_size;
-- }
-+ for (matchp = matches; matchp; matchp = matchp->next)
-+ size += matchp->match->m->u.match_size;
-
- e = xmalloc(size + target->u.target_size);
- *e = *fw;
-@@ -558,12 +576,9 @@
- e->next_offset = size + target->u.target_size;
-
- size = 0;
-- for (m = matches; m; m = m->next) {
-- if (!m->used)
-- continue;
--
-- memcpy(e->elems + size, m->m, m->m->u.match_size);
-- size += m->m->u.match_size;
-+ for (matchp = matches; matchp; matchp = matchp->next) {
-+ memcpy(e->elems + size, matchp->match->m, matchp->match->m->u.match_size);
-+ size += matchp->match->m->u.match_size;
- }
- memcpy(e->elems + size, target, target->u.target_size);
-
-@@ -575,15 +590,17 @@
- int procfile;
- char *ret;
-
-+#define PROCFILE_BUFSIZ 1024
- procfile = open(PROC_SYS_MODPROBE, O_RDONLY);
- if (procfile < 0)
- return NULL;
-
-- ret = malloc(1024);
-+ ret = (char *) malloc(PROCFILE_BUFSIZ);
- if (ret) {
-- switch (read(procfile, ret, 1024)) {
-+ memset(ret, 0, PROCFILE_BUFSIZ);
-+ switch (read(procfile, ret, PROCFILE_BUFSIZ)) {
- case -1: goto fail;
-- case 1024: goto fail; /* Partial read. Wierd */
-+ case PROCFILE_BUFSIZ: goto fail; /* Partial read. Wierd */
- }
- if (ret[strlen(ret)-1]=='\n')
- ret[strlen(ret)-1]=0;
-@@ -618,22 +635,22 @@
- }
-
- if (!ptr && tryload != DONT_LOAD) {
-- char path[sizeof(IPT_LIB_DIR) + sizeof("/libipt_.so")
-+ char path[strlen(lib_dir) + sizeof("/libipt_.so")
- + strlen(name)];
-- sprintf(path, IPT_LIB_DIR "/libipt_%s.so", name);
-+ sprintf(path, "%s/libipt_%s.so", lib_dir, name);
- if (dlopen(path, RTLD_NOW)) {
- /* Found library. If it didn't register itself,
- maybe they specified match as a target. */
- ptr = find_target(name, DONT_LOAD);
- if (!ptr) {
-- fprintf(stderr, "Couldn't load target `%s'\n",
-+ exit_error(PARAMETER_PROBLEM,
-+ "Couldn't load target `%s'\n",
- name);
-- exit(1);
- }
- } else if (tryload == LOAD_MUST_SUCCEED) {
-- fprintf(stderr, "Couldn't load target `%s':%s\n",
-+ exit_error(PARAMETER_PROBLEM,
-+ "Couldn't load target `%s':%s\n",
- name, dlerror());
-- exit(1);
- }
- }
-
-@@ -647,8 +664,9 @@
- {
- char *buf = NULL;
- char *argv[3];
-+ int status;
-
--// If they don't explicitly set it, read out of kernel
-+ /* If they don't explicitly set it, read out of kernel */
- if (!modprobe) {
- buf = get_modprobe();
- if (!buf)
-@@ -664,16 +682,18 @@
- execv(argv[0], argv);
-
- // not usually reached
-- exit(0);
-+ exit(1);
- case -1:
- return -1;
-
- default: // parent
-- wait(NULL);
-+ wait(&status);
- }
-
- free(buf);
-+ if (WIFEXITED(status) && WEXITSTATUS(status) == 0)
- return 0;
-+ return -1;
- }
-
- void
-@@ -687,7 +707,7 @@
-
- if (me->size != IPT_ALIGN(me->size)) {
- fprintf(stderr, "%s: target `%s' has invalid size %u.\n",
-- "fddfgdsse", me->name, me->size);
-+ "fddfgdsse", me->name, (unsigned int)me->size);
- exit(1);
- }
-
-@@ -698,20 +718,17 @@
- me->tflags = 0;
- }
-
--unsigned char * make_delete_mask(struct ipt_entry *fw)
-+static unsigned char *
-+make_delete_mask(struct ipt_entry *fw, struct iptables_rule_match *matches)
- {
- /* Establish mask for comparison */
- unsigned int size;
-- struct iptables_match *m;
-+ struct iptables_rule_match *matchp;
- unsigned char *mask, *mptr;
-
- size = sizeof(struct ipt_entry);
-- for (m = iptables_matches; m; m = m->next) {
-- if (!m->used)
-- continue;
--
-- size += IPT_ALIGN(sizeof(struct ipt_entry_match)) + m->size;
-- }
-+ for (matchp = matches; matchp; matchp = matchp->next)
-+ size += IPT_ALIGN(sizeof(struct ipt_entry_match)) + matchp->match->size;
-
- mask = xcalloc(1, size
- + IPT_ALIGN(sizeof(struct ipt_entry_target))
-@@ -720,14 +737,11 @@
- memset(mask, 0xFF, sizeof(struct ipt_entry));
- mptr = mask + sizeof(struct ipt_entry);
-
-- for (m = iptables_matches; m; m = m->next) {
-- if (!m->used)
-- continue;
--
-+ for (matchp = matches; matchp; matchp = matchp->next) {
- memset(mptr, 0xFF,
- IPT_ALIGN(sizeof(struct ipt_entry_match))
-- + m->userspacesize);
-- mptr += IPT_ALIGN(sizeof(struct ipt_entry_match)) + m->size;
-+ + matchp->match->userspacesize);
-+ mptr += IPT_ALIGN(sizeof(struct ipt_entry_match)) + matchp->match->size;
- }
-
- memset(mptr, 0xFF,
-@@ -738,7 +752,7 @@
- }
-
- struct iptables_match *
--find_match(const char *name, enum ipt_tryload tryload)
-+find_match(const char *name, enum ipt_tryload tryload, struct iptables_rule_match **matches)
- {
- struct iptables_match *ptr;
-
-@@ -748,28 +762,37 @@
- }
-
- if (!ptr && tryload != DONT_LOAD) {
-- char path[sizeof(IPT_LIB_DIR) + sizeof("/libipt_.so")
-+ char path[strlen(lib_dir) + sizeof("/libipt_.so")
- + strlen(name)];
-- sprintf(path, IPT_LIB_DIR "/libipt_%s.so", name);
-+ sprintf(path, "%s/libipt_%s.so", lib_dir, name);
- if (dlopen(path, RTLD_NOW)) {
- /* Found library. If it didn't register itself,
- maybe they specified target as match. */
-- ptr = find_match(name, DONT_LOAD);
-+ ptr = find_match(name, DONT_LOAD, NULL);
-
- if (!ptr) {
-- fprintf(stderr, "Couldn't load match `%s'\n",
-+ exit_error(PARAMETER_PROBLEM,
-+ "Couldn't load match `%s'\n",
- name);
-- exit(1);
- }
- } else if (tryload == LOAD_MUST_SUCCEED) {
-- fprintf(stderr, "Couldn't load match `%s':%s\n",
-+ exit_error(PARAMETER_PROBLEM,
-+ "Couldn't load match `%s':%s\n",
- name, dlerror());
-- exit(1);
- }
- }
-
-- if (ptr)
-- ptr->used = 1;
-+ if (ptr && matches) {
-+ struct iptables_rule_match **i;
-+ struct iptables_rule_match *newentry;
-+
-+ newentry = xmalloc(sizeof(struct iptables_rule_match));
-+
-+ for (i = matches; *i; i = &(*i)->next);
-+ newentry->match = ptr;
-+ newentry->next = NULL;
-+ *i = newentry;
-+ }
-
- return ptr;
- }
-@@ -779,7 +802,7 @@
- {
- struct iptables_match **i;
-
-- if (find_match(me->name, DONT_LOAD)) {
-+ if (find_match(me->name, DONT_LOAD, NULL)) {
- fprintf(stderr, "%s: match `%s' already registered.\n",
- "fetchipac??", me->name);
- exit(1);
-@@ -787,7 +810,7 @@
-
- if (me->size != IPT_ALIGN(me->size)) {
- fprintf(stderr, "%s: match `%s' has invalid size %u.\n",
-- "fetchipac??", me->name, me->size);
-+ "fetchipac??", me->name, (unsigned int)me->size);
- exit(1);
- }
-
-@@ -801,16 +824,21 @@
- }
-
-
-+/* Christophe Burki wants `-p 6' to imply `-m tcp'. */
- static struct iptables_match *
--find_proto(const char *pname, enum ipt_tryload tryload, int nolookup)
-+find_proto(const char *pname, enum ipt_tryload tryload, int nolookup, struct iptables_rule_match **matches)
- {
-- int proto;
-+ unsigned int proto;
-
-- proto = string_to_number(pname, 0, 255);
-- if (proto != -1)
-- return find_match(proto_to_name(proto, nolookup), tryload);
-+ if ((proto = string_to_number(pname, 0, 255)) != -1) {
-+ char *protoname = proto_to_name(proto, nolookup);
-
-- return find_match(pname, tryload);
-+ if (protoname)
-+ return find_match(protoname, tryload, matches);
-+ } else
-+ return find_match(pname, tryload, matches);
-+
-+ return NULL;
- }
-
- static void
-@@ -823,15 +851,19 @@
- number = (number + 500) / 1000;
- if (number > 9999) {
- number = (number + 500) / 1000;
-- printf(FMT("%4lluG ","%lluG "),number);
-+ if (number > 9999) {
-+ number = (number + 500) / 1000;
-+ printf(FMT("%4lluT ","%lluT "), (unsigned long long)number);
- }
-- else printf(FMT("%4lluM ","%lluM "), number);
-+ else printf(FMT("%4lluG ","%lluG "), (unsigned long long)number);
-+ }
-+ else printf(FMT("%4lluM ","%lluM "), (unsigned long long)number);
- } else
-- printf(FMT("%4lluK ","%lluK "), number);
-+ printf(FMT("%4lluK ","%lluK "), (unsigned long long)number);
- } else
-- printf(FMT("%5llu ","%llu "), number);
-+ printf(FMT("%5llu ","%llu "), (unsigned long long)number);
- } else
-- printf(FMT("%8llu ","%llu "), number);
-+ printf(FMT("%8llu ","%llu "), (unsigned long long)number);
- }
-
- static int
-@@ -839,7 +871,7 @@
- const struct ipt_ip *ip,
- int numeric)
- {
-- struct iptables_match *match = find_match(m->u.user.name, TRY_LOAD);
-+ struct iptables_match *match = find_match(m->u.user.name, TRY_LOAD, NULL);
-
- if (match) {
- if (match->print)
-@@ -867,9 +899,6 @@
- u_int8_t flags;
- char buf[BUFSIZ];
-
-- /* User creates a chain called "REJECT": this overrides the
-- `REJECT' target module. Keep feeding them rope until the
-- revolution... Bwahahahahah */
- if (!iptc_is_chain(targname, handle))
- target = find_target(targname, TRY_LOAD);
- else
-@@ -917,10 +946,6 @@
-
- if (fw->ip.iniface[0] != '\0') {
- strcat(iface, fw->ip.iniface);
-- /* If it doesn't compare the nul-term, it's a
-- wildcard. */
-- if (fw->ip.iniface_mask[strlen(fw->ip.iniface)] == 0)
-- strcat(iface, "+");
- }
- else if (format & FMT_NUMERIC) strcat(iface, "*");
- else strcat(iface, "any");
-@@ -934,10 +959,6 @@
-
- if (fw->ip.outiface[0] != '\0') {
- strcat(iface, fw->ip.outiface);
-- /* If it doesn't compare the nul-term, it's a
-- wildcard. */
-- if (fw->ip.outiface_mask[strlen(fw->ip.outiface)] == 0)
-- strcat(iface, "+");
- }
- else if (format & FMT_NUMERIC) strcat(iface, "*");
- else strcat(iface, "any");
-@@ -979,7 +1000,7 @@
- target->print(&fw->ip, t, format & FMT_NUMERIC);
- } else if (t->u.target_size != sizeof(*t))
- printf("[%u bytes of unknown target data] ",
-- t->u.target_size - sizeof(*t));
-+ (unsigned int)(t->u.target_size - sizeof(*t)));
-
- if (!(format & FMT_NONEWLINE))
- fputc('\n', stdout);
-@@ -996,6 +1017,15 @@
- }
-
-
-+static void set_revision(char *name, u_int8_t revision)
-+{
-+ /* Old kernel sources don't have ".revision" field,
-+ but we stole a byte from name. */
-+ name[IPT_FUNCTION_MAXNAMELEN - 2] = '\0';
-+ name[IPT_FUNCTION_MAXNAMELEN - 1] = revision;
-+}
-+
-+
- // ---------------------------------------------------------------------
-
-
-@@ -1129,8 +1159,7 @@
- chain->pkts++;
- continue;
- }
--
-- counters = iptc_read_counter(chain->name, chain->pkts, &handle);
-+ counters = iptc_read_counter(chain->name, chain->pkts, &handle); // ???? why chain->pkts
- if (counters) {
- iptc_zero_counter(chain->name, chain->pkts, &handle);
- chain->pkts++;
-@@ -1192,7 +1221,7 @@
- *
- */
- static int
--prepare_entry (raw_rule_type *d, struct ipt_entry **e)
-+prepare_entry (raw_rule_type *d, struct ipt_entry **e, struct iptables_rule_match **matches)
- {
- struct ipt_entry fw;
- unsigned int naddrs = 0;
-@@ -1200,10 +1229,14 @@
- struct iptables_match *m;
- struct iptables_target *target = NULL;
- struct iptables_target *t;
-+
-+ struct iptables_rule_match *matchp;
-+
- size_t size;
- int inverse;
- int c,argc;
- int invert = 0;
-+ int proto_used = 0;
-
- bzero(&fw, sizeof(fw));
-
-@@ -1233,7 +1266,6 @@
-
- for (m = iptables_matches; m; m = m->next) {
- m->mflags = 0;
-- m->used = 0;
- }
-
- for (t = iptables_targets; t; t = t->next) {
-@@ -1279,6 +1311,8 @@
- target->t = xcalloc(1, size);
- target->t->u.target_size = size;
- strcpy(target->t->u.user.name, d->target);
-+ set_revision(target->t->u.user.name, target->revision);
-+ if (target->init != NULL)
- target->init(target->t, &fw.nfcache);
-
- if(check_inverse_type(d->protocol))
-@@ -1290,7 +1324,7 @@
- }
-
- if (d->protocol[0] != '\0' && d->protocol[0] != 'i') {
-- m = find_proto(d->protocol, LOAD_MUST_SUCCEED, 0);
-+ m = find_proto(d->protocol, LOAD_MUST_SUCCEED, 0, matches);
- size = IPT_ALIGN(sizeof(struct ipt_entry_match)) + m->size;
- m->m = xcalloc(size, 1);
- m->m->u.match_size = size;
-@@ -1338,7 +1372,7 @@
- while ((c = getopt_long(argc, d->extension,"-m:", opts, NULL))!= -1) {
- switch (c) {
- case 'm':
-- m = find_match(optarg, LOAD_MUST_SUCCEED);
-+ m = find_match(optarg, LOAD_MUST_SUCCEED, matches);
- size = IPT_ALIGN(sizeof(struct ipt_entry_match)) + m->size;
- m->m = xcalloc(1, size);
- m->m->u.match_size = size;
-@@ -1361,32 +1395,80 @@
- exit(1);
-
- default:
-- for (m = iptables_matches; m; m = m->next) {
-- if (!m->used)
-- continue;
-- if (m->parse(c - m->option_offset,
-+
-+ /* FIXME: This scheme doesn't allow two of the same
-+ matches --RR */
-+ if (!target
-+ || !(target->parse(c - target->option_offset,
-+ d->extension, invert,
-+ &target->tflags,
-+ &fw, &target->t))) {
-+ for (matchp = *matches; matchp; matchp = matchp->next) {
-+ if (matchp->match->parse(c - matchp->match->option_offset,
- d->extension, invert,
-- &m->mflags,
-- &fw, &fw.nfcache, &m->m))
-+ &matchp->match->mflags,
-+ &fw,
-+ &fw.nfcache,
-+ &matchp->match->m))
- break;
- }
-- break;
-+
-+ if (m == NULL
-+ && d->protocol
-+ && (!find_proto(d->protocol, DONT_LOAD,
-+ 0, NULL)
-+ || (find_proto(d->protocol, DONT_LOAD,
-+ 0, NULL)
-+ && (proto_used == 0))
-+ )
-+ && (m = find_proto(d->protocol, TRY_LOAD,
-+ 0, matches))) {
-+ /* Try loading protocol */
-+ size_t size;
-+
-+ proto_used = 1;
-+
-+ size = IPT_ALIGN(sizeof(struct ipt_entry_match))
-+ + m->size;
-+
-+ m->m = xcalloc(1, size);
-+ m->m->u.match_size = size;
-+ strcpy(m->m->u.user.name, m->name);
-+ set_revision(m->m->u.user.name,
-+ m->revision);
-+ if (m->init != NULL)
-+ m->init(m->m, &fw.nfcache);
-+
-+ opts = merge_options(opts,
-+ m->extra_opts, &m->option_offset);
-+
-+ optind--;
-+ continue;
-+ }
-+
-+ m = matchp ? matchp->match : NULL;
-+ if (!m)
-+ exit_error(PARAMETER_PROBLEM,
-+ "Unknown arg `%s'",
-+ d->extension);
- }
- }
- }
-- for (m = iptables_matches; m; m = m->next) {
-- if (!m->used)
-- continue;
-- m->final_check(m->mflags);
- }
-
-+ for (matchp = *matches; matchp; matchp = matchp->next)
-+ matchp->match->final_check(matchp->match->mflags);
-+
-+ if (target)
- target->final_check(target->tflags);
-- *e = generate_entry(&fw, iptables_matches, target->t);
-+
-+ *e = generate_entry(&fw, *matches, target->t);
-+ free(target->t);
-+
-
- if (!handle) if (!(handle = iptc_init("filter")))
- exit_error(PARAMETER_PROBLEM,
- "iptables: %s\n", iptc_strerror(errno));
--
- return 0;
- }
-
-@@ -1399,9 +1481,11 @@
- insert_rule(raw_rule_type *d, int rule_num)
- {
- struct ipt_entry *e = NULL;
-+ struct iptables_rule_match *matches = NULL;
-+
- int ret=1;
-
-- if (prepare_entry(d, &e)!=0)
-+ if (prepare_entry(d, &e, &matches)!=0)
- return (1);
- if (verbose>1) {
- printf("Inserting rule\n");
-@@ -1412,28 +1496,6 @@
- return ret;
- }
-
--/*
-- * Try to atomically replace rule in kernel return 0 in case all right, 1 otherwice
-- */
--static int
--//replace_rule (char *chain, char *saddr, char *sport, char *daddr, char *dport,
--// char *proto, char *targ, int rule_num, char *iface)
--replace_rule (raw_rule_type *d, int rule_num)
--{
-- struct ipt_entry *e = NULL;
-- int ret=1;
--
-- if (prepare_entry(d, &e)!=0)
-- return (1);
--
-- if (verbose>1) {
-- printf("Replacing rule %d in '%s'\n", rule_num, d->dest);
-- print_firewall_line(e, handle);
-- }
-- ret &= iptc_replace_entry(d->dest, e, rule_num, &handle);
-- free(e);
-- return ret;
--}
-
- /*
- * Try to append rule into kernel return 0 in case all right, 1 otherwice
-@@ -1449,8 +1511,9 @@
- append_rule (raw_rule_type *d)
- {
- struct ipt_entry *e = NULL;
-+ struct iptables_rule_match *matches = NULL;
-
-- if (prepare_entry(d, &e)!=0)
-+ if (prepare_entry(d, &e, &matches)!=0)
- return (1);
-
- if (verbose>1) {
-@@ -1472,9 +1535,11 @@
- {
- struct ipt_entry *e = NULL;
- unsigned char *mask = NULL;
-+ struct iptables_rule_match *matches = NULL;
-+
- int ret=1;
-
-- if (prepare_entry(d, &e)!=0)
-+ if (prepare_entry(d, &e, &matches)!=0)
- return (1);
-
- if (verbose>1) {
-@@ -1482,26 +1547,12 @@
- print_firewall_line(e, handle);
- }
-
-- mask = make_delete_mask(e);
-+ mask = make_delete_mask(e, matches);
- ret &= iptc_delete_entry(d->dest, e, mask, &handle);
- free(e);
- return ret;
- }
-
--static int
--delete_num_rule (char *chain, int num)
--{
-- struct ipt_entry *e = NULL;
-- unsigned char *mask = NULL;
-- int ret = 1;
--
-- mask = make_delete_mask(e);
-- ret &= iptc_delete_num_entry(chain, num, &handle);
-- free(e);
-- return ret;
--}
--
--
-
- /** Setup chains if they doesn't exist
- *
-@@ -1588,11 +1639,9 @@
- if (!handle)
- handle = iptc_init("filter");
-
-- if (!handle) {
--// try to insmod the module if iptc_init failed
-- iptables_insmod("ip_tables", modprobe);
-+ /* try to insmod the module if iptc_init failed */
-+ if (!handle && iptables_insmod("ip_tables", modprobe) != -1)
- handle = iptc_init("filter");
-- }
-
- if (!handle) {
- fprintf(stderr, "ipac-ng: can't initialize iptables table `filter'\n"
-@@ -1617,7 +1666,6 @@
- setup_rules(void)
- {
- raw_rule_type *d, *d1;
-- char targ[MAX_RULE_NAME_LENGTH+2];
- char chain[MAX_RULE_NAME_LENGTH+2];
- FILE *frunfile;
-
-diff -Nur ipac-ng-1.31.orig/agents/iptables/libip4tc.c ipac-ng-1.31/agents/iptables/libip4tc.c
---- ipac-ng-1.31.orig/agents/iptables/libip4tc.c 2003-07-06 10:33:23.000000000 +0000
-+++ ipac-ng-1.31/agents/iptables/libip4tc.c 2006-01-11 21:51:46.000000000 +0000
-@@ -16,6 +16,7 @@
- #include <errno.h>
- #include <stdlib.h>
- #include <stdio.h>
-+#include <unistd.h>
-
- #ifdef DEBUG_CONNTRACK
- #define inline
-@@ -90,6 +91,7 @@
- #define TC_SET_POLICY iptc_set_policy
- #define TC_GET_RAW_SOCKET iptc_get_raw_socket
- #define TC_INIT iptc_init
-+#define TC_FREE iptc_free
- #define TC_COMMIT iptc_commit
- #define TC_STRERROR iptc_strerror
-
-@@ -121,121 +123,49 @@
-
- #define IP_PARTS(n) IP_PARTS_NATIVE(ntohl(n))
-
--int
--dump_entry(STRUCT_ENTRY *e, const TC_HANDLE_T handle)
--{
-- size_t i;
-- STRUCT_ENTRY_TARGET *t;
--
-- printf("Entry %u (%lu):\n", entry2index(handle, e),
-- entry2offset(handle, e));
-- printf("SRC IP: %u.%u.%u.%u/%u.%u.%u.%u\n",
-- IP_PARTS(e->ip.src.s_addr),IP_PARTS(e->ip.smsk.s_addr));
-- printf("DST IP: %u.%u.%u.%u/%u.%u.%u.%u\n",
-- IP_PARTS(e->ip.dst.s_addr),IP_PARTS(e->ip.dmsk.s_addr));
-- printf("Interface: `%s'/", e->ip.iniface);
-- for (i = 0; i < IFNAMSIZ; i++)
-- printf("%c", e->ip.iniface_mask[i] ? 'X' : '.');
-- printf("to `%s'/", e->ip.outiface);
-- for (i = 0; i < IFNAMSIZ; i++)
-- printf("%c", e->ip.outiface_mask[i] ? 'X' : '.');
-- printf("\nProtocol: %u\n", e->ip.proto);
-- printf("Flags: %02X\n", e->ip.flags);
-- printf("Invflags: %02X\n", e->ip.invflags);
-- printf("Counters: %llu packets, %llu bytes\n",
-- e->counters.pcnt, e->counters.bcnt);
-- printf("Cache: %08X ", e->nfcache);
-- if (e->nfcache & NFC_ALTERED) printf("ALTERED ");
-- if (e->nfcache & NFC_UNKNOWN) printf("UNKNOWN ");
-- if (e->nfcache & NFC_IP_SRC) printf("IP_SRC ");
-- if (e->nfcache & NFC_IP_DST) printf("IP_DST ");
-- if (e->nfcache & NFC_IP_IF_IN) printf("IP_IF_IN ");
-- if (e->nfcache & NFC_IP_IF_OUT) printf("IP_IF_OUT ");
-- if (e->nfcache & NFC_IP_TOS) printf("IP_TOS ");
-- if (e->nfcache & NFC_IP_PROTO) printf("IP_PROTO ");
-- if (e->nfcache & NFC_IP_OPTIONS) printf("IP_OPTIONS ");
-- if (e->nfcache & NFC_IP_TCPFLAGS) printf("IP_TCPFLAGS ");
-- if (e->nfcache & NFC_IP_SRC_PT) printf("IP_SRC_PT ");
-- if (e->nfcache & NFC_IP_DST_PT) printf("IP_DST_PT ");
-- if (e->nfcache & NFC_IP_PROTO_UNKNOWN) printf("IP_PROTO_UNKNOWN ");
-- printf("\n");
--
-- IPT_MATCH_ITERATE(e, print_match);
--
-- t = GET_TARGET(e);
-- printf("Target name: `%s' [%u]\n", t->u.user.name, t->u.target_size);
-- if (strcmp(t->u.user.name, STANDARD_TARGET) == 0) {
-- int pos = *(int *)t->data;
-- if (pos < 0)
-- printf("verdict=%s\n",
-- pos == -NF_ACCEPT-1 ? "NF_ACCEPT"
-- : pos == -NF_DROP-1 ? "NF_DROP"
-- : pos == -NF_QUEUE-1 ? "NF_QUEUE"
-- : pos == RETURN ? "RETURN"
-- : "UNKNOWN");
-- else
-- printf("verdict=%u\n", pos);
-- } else if (strcmp(t->u.user.name, IPT_ERROR_TARGET) == 0)
-- printf("error=`%s'\n", t->data);
--
-- printf("\n");
-- return 0;
--}
-
--static int
-+static unsigned char *
- is_same(const STRUCT_ENTRY *a, const STRUCT_ENTRY *b, unsigned char *matchmask)
- {
- unsigned int i;
-- STRUCT_ENTRY_TARGET *ta, *tb;
- unsigned char *mptr;
-
- /* Always compare head structures: ignore mask here. */
- if (a->ip.src.s_addr != b->ip.src.s_addr
- || a->ip.dst.s_addr != b->ip.dst.s_addr
- || a->ip.smsk.s_addr != b->ip.smsk.s_addr
-- || a->ip.smsk.s_addr != b->ip.smsk.s_addr
-+ || a->ip.dmsk.s_addr != b->ip.dmsk.s_addr
- || a->ip.proto != b->ip.proto
- || a->ip.flags != b->ip.flags
- || a->ip.invflags != b->ip.invflags)
-- return 0;
-+ return NULL;
-
- for (i = 0; i < IFNAMSIZ; i++) {
- if (a->ip.iniface_mask[i] != b->ip.iniface_mask[i])
-- return 0;
-+ return NULL;
- if ((a->ip.iniface[i] & a->ip.iniface_mask[i])
- != (b->ip.iniface[i] & b->ip.iniface_mask[i]))
-- return 0;
-+ return NULL;
- if (a->ip.outiface_mask[i] != b->ip.outiface_mask[i])
-- return 0;
-+ return NULL;
- if ((a->ip.outiface[i] & a->ip.outiface_mask[i])
- != (b->ip.outiface[i] & b->ip.outiface_mask[i]))
-- return 0;
-+ return NULL;
- }
-
- if (a->nfcache != b->nfcache
- || a->target_offset != b->target_offset
- || a->next_offset != b->next_offset)
-- return 0;
-+ return NULL;
-
- mptr = matchmask + sizeof(STRUCT_ENTRY);
- if (IPT_MATCH_ITERATE(a, match_different, a->elems, b->elems, &mptr))
-- return 0;
-+ return NULL;
-
-- ta = GET_TARGET((STRUCT_ENTRY *)a);
-- tb = GET_TARGET((STRUCT_ENTRY *)b);
-- if (ta->u.target_size != tb->u.target_size)
-- return 0;
-- if (strcmp(ta->u.user.name, tb->u.user.name) != 0)
-- return 0;
--
-- mptr += sizeof(*ta);
-- if (target_different(ta->data, tb->data,
-- ta->u.target_size - sizeof(*ta), mptr))
-- return 0;
--
-- return 1;
-+ return mptr;
- }
-
-+#if 0
- /***************************** DEBUGGING ********************************/
- static inline int
- unconditional(const struct ipt_ip *ip)
-@@ -290,20 +220,20 @@
- assert(t->verdict == -NF_DROP-1
- || t->verdict == -NF_ACCEPT-1
- || t->verdict == RETURN
-- || t->verdict < (int)h->entries.size);
-+ || t->verdict < (int)h->entries->size);
-
- if (t->verdict >= 0) {
- STRUCT_ENTRY *te = get_entry(h, t->verdict);
- int idx;
-
-- idx = entry2index(h, te);
-+ idx = iptcb_entry2index(h, te);
- assert(strcmp(GET_TARGET(te)->u.user.name,
- IPT_ERROR_TARGET)
- != 0);
- assert(te != e);
-
- /* Prior node must be error node, or this node. */
-- assert(t->verdict == entry2offset(h, e)+e->next_offset
-+ assert(t->verdict == iptcb_entry2offset(h, e)+e->next_offset
- || strcmp(GET_TARGET(index2entry(h, idx-1))
- ->u.user.name, IPT_ERROR_TARGET)
- == 0);
-@@ -335,7 +265,7 @@
- return 0;
- }
-
--#ifndef NDEBUG
-+#ifdef IPTC_DEBUG
- /* Do every conceivable sanity check on the handle */
- static void
- do_check(TC_HANDLE_T h, unsigned int line)
-@@ -364,35 +294,90 @@
-
- user_offset = h->info.hook_entry[NF_IP_LOCAL_OUT];
- } else if (strcmp(h->info.name, "nat") == 0) {
-- assert(h->info.valid_hooks
-+ assert((h->info.valid_hooks
- == (1 << NF_IP_PRE_ROUTING
- | 1 << NF_IP_POST_ROUTING
-- | 1 << NF_IP_LOCAL_OUT));
-+ | 1 << NF_IP_LOCAL_OUT)) ||
-+ (h->info.valid_hooks
-+ == (1 << NF_IP_PRE_ROUTING
-+ | 1 << NF_IP_LOCAL_IN
-+ | 1 << NF_IP_POST_ROUTING
-+ | 1 << NF_IP_LOCAL_OUT)));
-
- assert(h->info.hook_entry[NF_IP_PRE_ROUTING] == 0);
-
- n = get_chain_end(h, 0);
-+
- n += get_entry(h, n)->next_offset;
- assert(h->info.hook_entry[NF_IP_POST_ROUTING] == n);
--
- n = get_chain_end(h, n);
-+
- n += get_entry(h, n)->next_offset;
- assert(h->info.hook_entry[NF_IP_LOCAL_OUT] == n);
--
- user_offset = h->info.hook_entry[NF_IP_LOCAL_OUT];
-+
-+ if (h->info.valid_hooks & (1 << NF_IP_LOCAL_IN)) {
-+ n = get_chain_end(h, n);
-+ n += get_entry(h, n)->next_offset;
-+ assert(h->info.hook_entry[NF_IP_LOCAL_IN] == n);
-+ user_offset = h->info.hook_entry[NF_IP_LOCAL_IN];
-+ }
-+
- } else if (strcmp(h->info.name, "mangle") == 0) {
-+ /* This code is getting ugly because linux < 2.4.18-pre6 had
-+ * two mangle hooks, linux >= 2.4.18-pre6 has five mangle hooks
-+ * */
-+ assert((h->info.valid_hooks
-+ == (1 << NF_IP_PRE_ROUTING
-+ | 1 << NF_IP_LOCAL_OUT)) ||
-+ (h->info.valid_hooks
-+ == (1 << NF_IP_PRE_ROUTING
-+ | 1 << NF_IP_LOCAL_IN
-+ | 1 << NF_IP_FORWARD
-+ | 1 << NF_IP_LOCAL_OUT
-+ | 1 << NF_IP_POST_ROUTING)));
-+
-+ /* Hooks should be first five */
-+ assert(h->info.hook_entry[NF_IP_PRE_ROUTING] == 0);
-+
-+ n = get_chain_end(h, 0);
-+
-+ if (h->info.valid_hooks & (1 << NF_IP_LOCAL_IN)) {
-+ n += get_entry(h, n)->next_offset;
-+ assert(h->info.hook_entry[NF_IP_LOCAL_IN] == n);
-+ n = get_chain_end(h, n);
-+ }
-+
-+ if (h->info.valid_hooks & (1 << NF_IP_FORWARD)) {
-+ n += get_entry(h, n)->next_offset;
-+ assert(h->info.hook_entry[NF_IP_FORWARD] == n);
-+ n = get_chain_end(h, n);
-+ }
-+
-+ n += get_entry(h, n)->next_offset;
-+ assert(h->info.hook_entry[NF_IP_LOCAL_OUT] == n);
-+ user_offset = h->info.hook_entry[NF_IP_LOCAL_OUT];
-+
-+ if (h->info.valid_hooks & (1 << NF_IP_POST_ROUTING)) {
-+ n = get_chain_end(h, n);
-+ n += get_entry(h, n)->next_offset;
-+ assert(h->info.hook_entry[NF_IP_POST_ROUTING] == n);
-+ user_offset = h->info.hook_entry[NF_IP_POST_ROUTING];
-+ }
-+ } else if (strcmp(h->info.name, "raw") == 0) {
- assert(h->info.valid_hooks
- == (1 << NF_IP_PRE_ROUTING
- | 1 << NF_IP_LOCAL_OUT));
-
-- /* Hooks should be first two */
-+ /* Hooks should be first three */
- assert(h->info.hook_entry[NF_IP_PRE_ROUTING] == 0);
-
-- n = get_chain_end(h, 0);
-+ n = get_chain_end(h, n);
- n += get_entry(h, n)->next_offset;
- assert(h->info.hook_entry[NF_IP_LOCAL_OUT] == n);
-
- user_offset = h->info.hook_entry[NF_IP_LOCAL_OUT];
-+
- #ifdef NF_IP_DROPPING
- } else if (strcmp(h->info.name, "drop") == 0) {
- assert(h->info.valid_hooks == (1 << NF_IP_DROPPING));
-@@ -425,8 +410,8 @@
- assert(unconditional(&e->ip));
- assert(e->target_offset == sizeof(*e));
- t = (STRUCT_STANDARD_TARGET *)GET_TARGET(e);
-- assert(t->target.u.target_size == IPT_ALIGN(sizeof(*t)));
-- assert(e->next_offset == sizeof(*e) + IPT_ALIGN(sizeof(*t)));
-+ assert(t->target.u.target_size == ALIGN(sizeof(*t)));
-+ assert(e->next_offset == sizeof(*e) + ALIGN(sizeof(*t)));
-
- assert(strcmp(t->target.u.user.name, STANDARD_TARGET)==0);
- assert(t->verdict == -NF_DROP-1 || t->verdict == -NF_ACCEPT-1);
-@@ -458,6 +443,8 @@
- /* Final entry must be error node */
- assert(strcmp(GET_TARGET(index2entry(h, h->new_number-1))
- ->u.user.name,
-- IPT_ERROR_TARGET) == 0);
-+ ERROR_TARGET) == 0);
- }
--#endif /*NDEBUG*/
-+#endif /*IPTC_DEBUG*/
-+
-+#endif
-diff -Nur ipac-ng-1.31.orig/agents/iptables/libiptc.c ipac-ng-1.31/agents/iptables/libiptc.c
---- ipac-ng-1.31.orig/agents/iptables/libiptc.c 2003-07-06 11:34:52.000000000 +0000
-+++ ipac-ng-1.31/agents/iptables/libiptc.c 2006-01-10 21:01:39.000000000 +0000
-@@ -9,21 +9,43 @@
- */
-
- /* (C)1999 Paul ``Rusty'' Russell - Placed under the GNU GPL (See
-- COPYING for details). */
-+ * COPYING for details).
-+ * (C) 2000-2004 by the Netfilter Core Team <coreteam@netfilter.org>
-+ *
-+ * 2003-Jun-20: Harald Welte <laforge@netfilter.org>:
-+ * - Reimplementation of chain cache to use offsets instead of entries
-+ * 2003-Jun-23: Harald Welte <laforge@netfilter.org>:
-+ * - performance optimization, sponsored by Astaro AG (http://www.astaro.com/)
-+ * don't rebuild the chain cache after every operation, instead fix it
-+ * up after a ruleset change.
-+ * 2004-Aug-18: Harald Welte <laforge@netfilter.org>:
-+ * - futher performance work: total reimplementation of libiptc.
-+ * - libiptc now has a real internal (linked-list) represntation of the
-+ * ruleset and a parser/compiler from/to this internal representation
-+ * - again sponsored by Astaro AG (http://www.astaro.com/)
-+ */
-+#include <sys/types.h>
-+#include <sys/socket.h>
-
--#ifndef IPT_LIB_DIR
--#define IPT_LIB_DIR "/lib/iptables"
-+#include "linux_list.h"
-+
-+//#define IPTC_DEBUG2 1
-+
-+#ifdef IPTC_DEBUG2
-+#include <fcntl.h>
-+#define DEBUGP(x, args...) fprintf(stderr, "%s: " x, __FUNCTION__, ## args)
-+#define DEBUGP_C(x, args...) fprintf(stderr, x, ## args)
-+#else
-+#define DEBUGP(x, args...)
-+#define DEBUGP_C(x, args...)
- #endif
-
--#ifndef __OPTIMIZE__
--STRUCT_ENTRY_TARGET *
--GET_TARGET(STRUCT_ENTRY *e)
--{
-- return (void *)e + e->target_offset;
--}
-+#ifndef IPT_LIB_DIR
-+#define IPT_LIB_DIR "/usr/local/lib/iptables"
- #endif
-
- static int sockfd = -1;
-+static int sockfd_use = 0;
- static void *iptc_fn = NULL;
-
- static const char *hooknames[]
-@@ -37,6 +59,16 @@
- #endif
- };
-
-+/* Convenience structures */
-+struct ipt_error_target
-+{
-+ STRUCT_ENTRY_TARGET t;
-+ char error[TABLE_MAXNAMELEN];
-+};
-+
-+struct chain_head;
-+struct rule_head;
-+
- struct counter_map
- {
- enum {
-@@ -48,59 +80,95 @@
- unsigned int mappos;
- };
-
--/* Convenience structures */
--struct ipt_error_target
-+enum iptcc_rule_type {
-+ IPTCC_R_STANDARD, /* standard target (ACCEPT, ...) */
-+ IPTCC_R_MODULE, /* extension module (SNAT, ...) */
-+ IPTCC_R_FALLTHROUGH, /* fallthrough rule */
-+ IPTCC_R_JUMP, /* jump to other chain */
-+};
-+
-+struct rule_head
- {
-- STRUCT_ENTRY_TARGET t;
-- char error[TABLE_MAXNAMELEN];
-+ struct list_head list;
-+ struct chain_head *chain;
-+ struct counter_map counter_map;
-+
-+ unsigned int index; /* index (needed for counter_map) */
-+ unsigned int offset; /* offset in rule blob */
-+
-+ enum iptcc_rule_type type;
-+ struct chain_head *jump; /* jump target, if IPTCC_R_JUMP */
-+
-+ unsigned int size; /* size of entry data */
-+ STRUCT_ENTRY entry[0];
- };
-
--struct chain_cache
-+struct chain_head
- {
-+ struct list_head list;
- char name[TABLE_MAXNAMELEN];
-- /* This is the first rule in chain. */
-- STRUCT_ENTRY *start;
-- /* Last rule in chain */
-- STRUCT_ENTRY *end;
-+ unsigned int hooknum; /* hook number+1 if builtin */
-+ unsigned int references; /* how many jumps reference us */
-+ int verdict; /* verdict if builtin */
-+
-+ STRUCT_COUNTERS counters; /* per-chain counters */
-+ struct counter_map counter_map;
-+
-+ unsigned int num_rules; /* number of rules in list */
-+ struct list_head rules; /* list of rules */
-+
-+ unsigned int index; /* index (needed for jump resolval) */
-+ unsigned int head_offset; /* offset in rule blob */
-+ unsigned int foot_index; /* index (needed for counter_map) */
-+ unsigned int foot_offset; /* offset in rule blob */
- };
-
- STRUCT_TC_HANDLE
- {
-- /* Have changes been made? */
-- int changed;
-- /* Size in here reflects original state. */
-- STRUCT_GETINFO info;
-+ int changed; /* Have changes been made? */
-+
-+ struct list_head chains;
-+
-+ struct chain_head *chain_iterator_cur;
-+ struct rule_head *rule_iterator_cur;
-
-- struct counter_map *counter_map;
-- /* Array of hook names */
-- const char **hooknames;
--
-- /* Cached position of chain heads (NULL = no cache). */
-- unsigned int cache_num_chains;
-- unsigned int cache_num_builtins;
-- struct chain_cache *cache_chain_heads;
--
-- /* Chain iterator: current chain cache entry. */
-- struct chain_cache *cache_chain_iteration;
--
-- /* Rule iterator: terminal rule */
-- STRUCT_ENTRY *cache_rule_end;
--
-- /* Number in here reflects current state. */
-- unsigned int new_number;
-- STRUCT_GET_ENTRIES entries;
-+ STRUCT_GETINFO info;
-+ STRUCT_GET_ENTRIES *entries;
- };
-
-+/* allocate a new chain head for the cache */
-+static struct chain_head *iptcc_alloc_chain_head(const char *name, int hooknum)
-+{
-+ struct chain_head *c = malloc(sizeof(*c));
-+ if (!c)
-+ return NULL;
-+ memset(c, 0, sizeof(*c));
-+
-+ strncpy(c->name, name, TABLE_MAXNAMELEN);
-+ c->hooknum = hooknum;
-+ INIT_LIST_HEAD(&c->rules);
-+
-+ return c;
-+}
-+
-+/* allocate and initialize a new rule for the cache */
-+static struct rule_head *iptcc_alloc_rule(struct chain_head *c, unsigned int size)
-+{
-+ struct rule_head *r = malloc(sizeof(*r)+size);
-+ if (!r)
-+ return NULL;
-+ memset(r, 0, sizeof(*r));
-+
-+ r->chain = c;
-+ r->size = size;
-+
-+ return r;
-+}
-+
-+/* notify us that the ruleset has been modified by the user */
- static void
- set_changed(TC_HANDLE_T h)
- {
-- if (h->cache_chain_heads) {
-- free(h->cache_chain_heads);
-- h->cache_chain_heads = NULL;
-- h->cache_num_chains = 0;
-- h->cache_chain_iteration = NULL;
-- h->cache_rule_end = NULL;
-- }
- h->changed = 1;
- }
-
-@@ -111,8 +179,13 @@
- #define CHECK(h)
- #endif
-
-+
-+/**********************************************************************
-+ * iptc blob utility functions (iptcb_*)
-+ **********************************************************************/
-+
- static inline int
--get_number(const STRUCT_ENTRY *i,
-+iptcb_get_number(const STRUCT_ENTRY *i,
- const STRUCT_ENTRY *seek,
- unsigned int *pos)
- {
-@@ -122,22 +195,8 @@
- return 0;
- }
-
--static unsigned int
--entry2index(const TC_HANDLE_T h, const STRUCT_ENTRY *seek)
--{
-- unsigned int pos = 0;
--
-- if (ENTRY_ITERATE(h->entries.entrytable, h->entries.size,
-- get_number, seek, &pos) == 0) {
-- fprintf(stderr, "ERROR: offset %i not an entry!\n",
-- (char *)seek - (char *)h->entries.entrytable);
-- abort();
-- }
-- return pos;
--}
--
- static inline int
--get_entry_n(STRUCT_ENTRY *i,
-+iptcb_get_entry_n(STRUCT_ENTRY *i,
- unsigned int number,
- unsigned int *pos,
- STRUCT_ENTRY **pe)
-@@ -150,51 +209,556 @@
- return 0;
- }
-
--static STRUCT_ENTRY *
--index2entry(TC_HANDLE_T h, unsigned int index)
-+static inline STRUCT_ENTRY *
-+iptcb_get_entry(TC_HANDLE_T h, unsigned int offset)
- {
-- unsigned int pos = 0;
-- STRUCT_ENTRY *ret = NULL;
-+ return (STRUCT_ENTRY *)((char *)h->entries->entrytable + offset);
-+}
-
-- ENTRY_ITERATE(h->entries.entrytable, h->entries.size,
-- get_entry_n, index, &pos, &ret);
-+static unsigned int
-+iptcb_entry2index(const TC_HANDLE_T h, const STRUCT_ENTRY *seek)
-+{
-+ unsigned int pos = 0;
-
-- return ret;
-+ if (ENTRY_ITERATE(h->entries->entrytable, h->entries->size,
-+ iptcb_get_number, seek, &pos) == 0) {
-+ fprintf(stderr, "ERROR: offset %u not an entry!\n",
-+ (unsigned int)((char *)seek - (char *)h->entries->entrytable));
-+ abort();
-+ }
-+ return pos;
- }
-
- static inline STRUCT_ENTRY *
--get_entry(TC_HANDLE_T h, unsigned int offset)
-+iptcb_offset2entry(TC_HANDLE_T h, unsigned int offset)
- {
-- return (STRUCT_ENTRY *)((char *)h->entries.entrytable + offset);
-+ return (STRUCT_ENTRY *) ((void *)h->entries->entrytable+offset);
- }
-
-+
- static inline unsigned long
--entry2offset(const TC_HANDLE_T h, const STRUCT_ENTRY *e)
-+iptcb_entry2offset(const TC_HANDLE_T h, const STRUCT_ENTRY *e)
- {
-- return (char *)e - (char *)h->entries.entrytable;
-+ return (void *)e - (void *)h->entries->entrytable;
- }
-
--static unsigned long
--index2offset(TC_HANDLE_T h, unsigned int index)
-+static inline unsigned int
-+iptcb_offset2index(const TC_HANDLE_T h, unsigned int offset)
- {
-- return entry2offset(h, index2entry(h, index));
-+ return iptcb_entry2index(h, iptcb_offset2entry(h, offset));
- }
-
--static const char *
--get_errorlabel(TC_HANDLE_T h, unsigned int offset)
-+/* Returns 0 if not hook entry, else hooknumber + 1 */
-+static inline unsigned int
-+iptcb_ent_is_hook_entry(STRUCT_ENTRY *e, TC_HANDLE_T h)
- {
-- STRUCT_ENTRY *e;
-+ unsigned int i;
-
-- e = get_entry(h, offset);
-- if (strcmp(GET_TARGET(e)->u.user.name, ERROR_TARGET) != 0) {
-- fprintf(stderr, "ERROR: offset %u not an error node!\n",
-- offset);
-- abort();
-+ for (i = 0; i < NUMHOOKS; i++) {
-+ if ((h->info.valid_hooks & (1 << i))
-+ && iptcb_get_entry(h, h->info.hook_entry[i]) == e)
-+ return i+1;
-+ }
-+ return 0;
-+}
-+
-+
-+/**********************************************************************
-+ * iptc cache utility functions (iptcc_*)
-+ **********************************************************************/
-+
-+/* Is the given chain builtin (1) or user-defined (0) */
-+static unsigned int iptcc_is_builtin(struct chain_head *c)
-+{
-+ return (c->hooknum ? 1 : 0);
-+}
-+
-+/* Get a specific rule within a chain */
-+static struct rule_head *iptcc_get_rule_num(struct chain_head *c,
-+ unsigned int rulenum)
-+{
-+ struct rule_head *r;
-+ unsigned int num = 0;
-+
-+ list_for_each_entry(r, &c->rules, list) {
-+ num++;
-+ if (num == rulenum)
-+ return r;
-+ }
-+ return NULL;
-+}
-+
-+/* Get a specific rule within a chain backwards */
-+static struct rule_head *iptcc_get_rule_num_reverse(struct chain_head *c,
-+ unsigned int rulenum)
-+{
-+ struct rule_head *r;
-+ unsigned int num = 0;
-+
-+ list_for_each_entry_reverse(r, &c->rules, list) {
-+ num++;
-+ if (num == rulenum)
-+ return r;
-+ }
-+ return NULL;
-+}
-+
-+/* Returns chain head if found, otherwise NULL. */
-+static struct chain_head *
-+iptcc_find_chain_by_offset(TC_HANDLE_T handle, unsigned int offset)
-+{
-+ struct list_head *pos;
-+
-+ if (list_empty(&handle->chains))
-+ return NULL;
-+
-+ list_for_each(pos, &handle->chains) {
-+ struct chain_head *c = list_entry(pos, struct chain_head, list);
-+ if (offset >= c->head_offset && offset <= c->foot_offset)
-+ return c;
-+ }
-+
-+ return NULL;
-+}
-+/* Returns chain head if found, otherwise NULL. */
-+static struct chain_head *
-+iptcc_find_label(const char *name, TC_HANDLE_T handle)
-+{
-+ struct list_head *pos;
-+
-+ if (list_empty(&handle->chains))
-+ return NULL;
-+
-+ list_for_each(pos, &handle->chains) {
-+ struct chain_head *c = list_entry(pos, struct chain_head, list);
-+ if (!strcmp(c->name, name))
-+ return c;
-+ }
-+
-+ return NULL;
-+}
-+
-+/* called when rule is to be removed from cache */
-+static void iptcc_delete_rule(struct rule_head *r)
-+{
-+ DEBUGP("deleting rule %p (offset %u)\n", r, r->offset);
-+ /* clean up reference count of called chain */
-+ if (r->type == IPTCC_R_JUMP
-+ && r->jump)
-+ r->jump->references--;
-+
-+ list_del(&r->list);
-+ free(r);
-+}
-+
-+
-+/**********************************************************************
-+ * RULESET PARSER (blob -> cache)
-+ **********************************************************************/
-+
-+/* Delete policy rule of previous chain, since cache doesn't contain
-+ * chain policy rules.
-+ * WARNING: This function has ugly design and relies on a lot of context, only
-+ * to be called from specific places within the parser */
-+static int __iptcc_p_del_policy(TC_HANDLE_T h, unsigned int num)
-+{
-+ if (h->chain_iterator_cur) {
-+ /* policy rule is last rule */
-+ struct rule_head *pr = (struct rule_head *)
-+ h->chain_iterator_cur->rules.prev;
-+
-+ /* save verdict */
-+ h->chain_iterator_cur->verdict =
-+ *(int *)GET_TARGET(pr->entry)->data;
-+
-+ /* save counter and counter_map information */
-+ h->chain_iterator_cur->counter_map.maptype =
-+ COUNTER_MAP_NORMAL_MAP;
-+ h->chain_iterator_cur->counter_map.mappos = num-1;
-+ memcpy(&h->chain_iterator_cur->counters, &pr->entry->counters,
-+ sizeof(h->chain_iterator_cur->counters));
-+
-+ /* foot_offset points to verdict rule */
-+ h->chain_iterator_cur->foot_index = num;
-+ h->chain_iterator_cur->foot_offset = pr->offset;
-+
-+ /* delete rule from cache */
-+ iptcc_delete_rule(pr);
-+ h->chain_iterator_cur->num_rules--;
-+
-+ return 1;
-+ }
-+ return 0;
-+}
-+
-+/* alphabetically insert a chain into the list */
-+static inline void iptc_insert_chain(TC_HANDLE_T h, struct chain_head *c)
-+{
-+ struct chain_head *tmp;
-+
-+ /* sort only user defined chains */
-+ if (!c->hooknum) {
-+ list_for_each_entry(tmp, &h->chains, list) {
-+ if (strcmp(c->name, tmp->name) <= 0) {
-+ list_add(&c->list, tmp->list.prev);
-+ return;
-+ }
-+ }
-+ }
-+
-+ /* survived till end of list: add at tail */
-+ list_add_tail(&c->list, &h->chains);
-+}
-+
-+/* Another ugly helper function split out of cache_add_entry to make it less
-+ * spaghetti code */
-+static void __iptcc_p_add_chain(TC_HANDLE_T h, struct chain_head *c,
-+ unsigned int offset, unsigned int *num)
-+{
-+ __iptcc_p_del_policy(h, *num);
-+
-+ c->head_offset = offset;
-+ c->index = *num;
-+
-+ iptc_insert_chain(h, c);
-+
-+ h->chain_iterator_cur = c;
-+}
-+
-+/* main parser function: add an entry from the blob to the cache */
-+static int cache_add_entry(STRUCT_ENTRY *e,
-+ TC_HANDLE_T h,
-+ STRUCT_ENTRY **prev,
-+ unsigned int *num)
-+{
-+ unsigned int builtin;
-+ unsigned int offset = (char *)e - (char *)h->entries->entrytable;
-+
-+ DEBUGP("entering...");
-+
-+ /* Last entry ("policy rule"). End it.*/
-+ if (iptcb_entry2offset(h,e) + e->next_offset == h->entries->size) {
-+ /* This is the ERROR node at the end of the chain */
-+ DEBUGP_C("%u:%u: end of table:\n", *num, offset);
-+
-+ __iptcc_p_del_policy(h, *num);
-+
-+ h->chain_iterator_cur = NULL;
-+ goto out_inc;
-+ }
-+
-+ /* We know this is the start of a new chain if it's an ERROR
-+ * target, or a hook entry point */
-+
-+ if (strcmp(GET_TARGET(e)->u.user.name, ERROR_TARGET) == 0) {
-+ struct chain_head *c =
-+ iptcc_alloc_chain_head((const char *)GET_TARGET(e)->data, 0);
-+ DEBUGP_C("%u:%u:new userdefined chain %s: %p\n", *num, offset,
-+ (char *)c->name, c);
-+ if (!c) {
-+ errno = -ENOMEM;
-+ return -1;
-+ }
-+
-+ __iptcc_p_add_chain(h, c, offset, num);
-+
-+ } else if ((builtin = iptcb_ent_is_hook_entry(e, h)) != 0) {
-+ struct chain_head *c =
-+ iptcc_alloc_chain_head((char *)hooknames[builtin-1],
-+ builtin);
-+ DEBUGP_C("%u:%u new builtin chain: %p (rules=%p)\n",
-+ *num, offset, c, &c->rules);
-+ if (!c) {
-+ errno = -ENOMEM;
-+ return -1;
-+ }
-+
-+ c->hooknum = builtin;
-+
-+ __iptcc_p_add_chain(h, c, offset, num);
-+
-+ /* FIXME: this is ugly. */
-+ goto new_rule;
-+ } else {
-+ /* has to be normal rule */
-+ struct rule_head *r;
-+new_rule:
-+
-+ if (!(r = iptcc_alloc_rule(h->chain_iterator_cur,
-+ e->next_offset))) {
-+ errno = ENOMEM;
-+ return -1;
-+ }
-+ DEBUGP_C("%u:%u normal rule: %p: ", *num, offset, r);
-+
-+ r->index = *num;
-+ r->offset = offset;
-+ memcpy(r->entry, e, e->next_offset);
-+ r->counter_map.maptype = COUNTER_MAP_NORMAL_MAP;
-+ r->counter_map.mappos = r->index;
-+
-+ /* handling of jumps, etc. */
-+ if (!strcmp(GET_TARGET(e)->u.user.name, STANDARD_TARGET)) {
-+ STRUCT_STANDARD_TARGET *t;
-+
-+ t = (STRUCT_STANDARD_TARGET *)GET_TARGET(e);
-+ if (t->target.u.target_size
-+ != ALIGN(sizeof(STRUCT_STANDARD_TARGET))) {
-+ errno = EINVAL;
-+ return -1;
-+ }
-+
-+ if (t->verdict < 0) {
-+ DEBUGP_C("standard, verdict=%d\n", t->verdict);
-+ r->type = IPTCC_R_STANDARD;
-+ } else if (t->verdict == r->offset+e->next_offset) {
-+ DEBUGP_C("fallthrough\n");
-+ r->type = IPTCC_R_FALLTHROUGH;
-+ } else {
-+ DEBUGP_C("jump, target=%u\n", t->verdict);
-+ r->type = IPTCC_R_JUMP;
-+ /* Jump target fixup has to be deferred
-+ * until second pass, since we migh not
-+ * yet have parsed the target */
-+ }
-+ } else {
-+ DEBUGP_C("module, target=%s\n", GET_TARGET(e)->u.user.name);
-+ r->type = IPTCC_R_MODULE;
-+ }
-+
-+ list_add_tail(&r->list, &h->chain_iterator_cur->rules);
-+ h->chain_iterator_cur->num_rules++;
-+ }
-+out_inc:
-+ (*num)++;
-+ return 0;
-+}
-+
-+
-+/* parse an iptables blob into it's pieces */
-+static int parse_table(TC_HANDLE_T h)
-+{
-+ STRUCT_ENTRY *prev;
-+ unsigned int num = 0;
-+ struct chain_head *c;
-+
-+ /* First pass: over ruleset blob */
-+ ENTRY_ITERATE(h->entries->entrytable, h->entries->size,
-+ cache_add_entry, h, &prev, &num);
-+
-+ /* Second pass: fixup parsed data from first pass */
-+ list_for_each_entry(c, &h->chains, list) {
-+ struct rule_head *r;
-+ list_for_each_entry(r, &c->rules, list) {
-+ struct chain_head *c;
-+ STRUCT_STANDARD_TARGET *t;
-+
-+ if (r->type != IPTCC_R_JUMP)
-+ continue;
-+
-+ t = (STRUCT_STANDARD_TARGET *)GET_TARGET(r->entry);
-+ c = iptcc_find_chain_by_offset(h, t->verdict);
-+ if (!c)
-+ return -1;
-+ r->jump = c;
-+ c->references++;
-+ }
-+ }
-+
-+ /* FIXME: sort chains */
-+
-+ return 1;
-+}
-+
-+
-+/**********************************************************************
-+ * RULESET COMPILATION (cache -> blob)
-+ **********************************************************************/
-+
-+/* Convenience structures */
-+struct iptcb_chain_start{
-+ STRUCT_ENTRY e;
-+ struct ipt_error_target name;
-+};
-+#define IPTCB_CHAIN_START_SIZE (sizeof(STRUCT_ENTRY) + \
-+ ALIGN(sizeof(struct ipt_error_target)))
-+
-+struct iptcb_chain_foot {
-+ STRUCT_ENTRY e;
-+ STRUCT_STANDARD_TARGET target;
-+};
-+#define IPTCB_CHAIN_FOOT_SIZE (sizeof(STRUCT_ENTRY) + \
-+ ALIGN(sizeof(STRUCT_STANDARD_TARGET)))
-+
-+struct iptcb_chain_error {
-+ STRUCT_ENTRY entry;
-+ struct ipt_error_target target;
-+};
-+#define IPTCB_CHAIN_ERROR_SIZE (sizeof(STRUCT_ENTRY) + \
-+ ALIGN(sizeof(struct ipt_error_target)))
-+
-+
-+
-+/* compile rule from cache into blob */
-+static inline int iptcc_compile_rule (TC_HANDLE_T h, STRUCT_REPLACE *repl, struct rule_head *r)
-+{
-+ /* handle jumps */
-+ if (r->type == IPTCC_R_JUMP) {
-+ STRUCT_STANDARD_TARGET *t;
-+ t = (STRUCT_STANDARD_TARGET *)GET_TARGET(r->entry);
-+ /* memset for memcmp convenience on delete/replace */
-+ memset(t->target.u.user.name, 0, FUNCTION_MAXNAMELEN);
-+ strcpy(t->target.u.user.name, STANDARD_TARGET);
-+ /* Jumps can only happen to builtin chains, so we
-+ * can safely assume that they always have a header */
-+ t->verdict = r->jump->head_offset + IPTCB_CHAIN_START_SIZE;
-+ } else if (r->type == IPTCC_R_FALLTHROUGH) {
-+ STRUCT_STANDARD_TARGET *t;
-+ t = (STRUCT_STANDARD_TARGET *)GET_TARGET(r->entry);
-+ t->verdict = r->offset + r->size;
-+ }
-+
-+ /* copy entry from cache to blob */
-+ memcpy((char *)repl->entries+r->offset, r->entry, r->size);
-+
-+ return 1;
-+}
-+
-+/* compile chain from cache into blob */
-+static int iptcc_compile_chain(TC_HANDLE_T h, STRUCT_REPLACE *repl, struct chain_head *c)
-+{
-+ int ret;
-+ struct rule_head *r;
-+ struct iptcb_chain_start *head;
-+ struct iptcb_chain_foot *foot;
-+
-+ /* only user-defined chains have heaer */
-+ if (!iptcc_is_builtin(c)) {
-+ /* put chain header in place */
-+ head = (void *)repl->entries + c->head_offset;
-+ head->e.target_offset = sizeof(STRUCT_ENTRY);
-+ head->e.next_offset = IPTCB_CHAIN_START_SIZE;
-+ strcpy(head->name.t.u.user.name, ERROR_TARGET);
-+ head->name.t.u.target_size =
-+ ALIGN(sizeof(struct ipt_error_target));
-+ strcpy(head->name.error, c->name);
-+ } else {
-+ repl->hook_entry[c->hooknum-1] = c->head_offset;
-+ repl->underflow[c->hooknum-1] = c->foot_offset;
-+ }
-+
-+ /* iterate over rules */
-+ list_for_each_entry(r, &c->rules, list) {
-+ ret = iptcc_compile_rule(h, repl, r);
-+ if (ret < 0)
-+ return ret;
-+ }
-+
-+ /* put chain footer in place */
-+ foot = (void *)repl->entries + c->foot_offset;
-+ foot->e.target_offset = sizeof(STRUCT_ENTRY);
-+ foot->e.next_offset = IPTCB_CHAIN_FOOT_SIZE;
-+ strcpy(foot->target.target.u.user.name, STANDARD_TARGET);
-+ foot->target.target.u.target_size =
-+ ALIGN(sizeof(STRUCT_STANDARD_TARGET));
-+ /* builtin targets have verdict, others return */
-+ if (iptcc_is_builtin(c))
-+ foot->target.verdict = c->verdict;
-+ else
-+ foot->target.verdict = RETURN;
-+ /* set policy-counters */
-+ memcpy(&foot->e.counters, &c->counters, sizeof(STRUCT_COUNTERS));
-+
-+ return 0;
-+}
-+
-+/* calculate offset and number for every rule in the cache */
-+static int iptcc_compile_chain_offsets(TC_HANDLE_T h, struct chain_head *c,
-+ int *offset, int *num)
-+{
-+ struct rule_head *r;
-+
-+ c->head_offset = *offset;
-+ DEBUGP("%s: chain_head %u, offset=%u\n", c->name, *num, *offset);
-+
-+ if (!iptcc_is_builtin(c)) {
-+ /* Chain has header */
-+ *offset += sizeof(STRUCT_ENTRY)
-+ + ALIGN(sizeof(struct ipt_error_target));
-+ (*num)++;
-+ }
-+
-+ list_for_each_entry(r, &c->rules, list) {
-+ DEBUGP("rule %u, offset=%u, index=%u\n", *num, *offset, *num);
-+ r->offset = *offset;
-+ r->index = *num;
-+ *offset += r->size;
-+ (*num)++;
-+ }
-+
-+ DEBUGP("%s; chain_foot %u, offset=%u, index=%u\n", c->name, *num,
-+ *offset, *num);
-+ c->foot_offset = *offset;
-+ c->foot_index = *num;
-+ *offset += sizeof(STRUCT_ENTRY)
-+ + ALIGN(sizeof(STRUCT_STANDARD_TARGET));
-+ (*num)++;
-+
-+ return 1;
-+}
-+
-+/* put the pieces back together again */
-+static int iptcc_compile_table_prep(TC_HANDLE_T h, unsigned int *size)
-+{
-+ struct chain_head *c;
-+ unsigned int offset = 0, num = 0;
-+ int ret = 0;
-+
-+ /* First pass: calculate offset for every rule */
-+ list_for_each_entry(c, &h->chains, list) {
-+ ret = iptcc_compile_chain_offsets(h, c, &offset, &num);
-+ if (ret < 0)
-+ return ret;
- }
-
-- return (const char *)GET_TARGET(e)->data;
-+ /* Append one error rule at end of chain */
-+ num++;
-+ offset += sizeof(STRUCT_ENTRY)
-+ + ALIGN(sizeof(struct ipt_error_target));
-+
-+ /* ruleset size is now in offset */
-+ *size = offset;
-+ return num;
- }
-
-+static int iptcc_compile_table(TC_HANDLE_T h, STRUCT_REPLACE *repl)
-+{
-+ struct chain_head *c;
-+ struct iptcb_chain_error *error;
-+
-+ /* Second pass: copy from cache to offsets, fill in jumps */
-+ list_for_each_entry(c, &h->chains, list) {
-+ int ret = iptcc_compile_chain(h, repl, c);
-+ if (ret < 0)
-+ return ret;
-+ }
-+
-+ /* Append error rule at end of chain */
-+ error = (void *)repl->entries + repl->size - IPTCB_CHAIN_ERROR_SIZE;
-+ error->entry.target_offset = sizeof(STRUCT_ENTRY);
-+ error->entry.next_offset = IPTCB_CHAIN_ERROR_SIZE;
-+ error->target.t.u.user.target_size =
-+ ALIGN(sizeof(struct ipt_error_target));
-+ strcpy((char *)&error->target.t.u.user.name, ERROR_TARGET);
-+ strcpy((char *)&error->target.error, "ERROR");
-+
-+ return 1;
-+}
-+
-+/**********************************************************************
-+ * EXTERNAL API (operates on cache only)
-+ **********************************************************************/
-+
- /* Allocate handle of given size */
- static TC_HANDLE_T
- alloc_handle(const char *tablename, unsigned int size, unsigned int num_rules)
-@@ -202,94 +766,139 @@
- size_t len;
- TC_HANDLE_T h;
-
-- len = sizeof(STRUCT_TC_HANDLE)
-- + size
-- + num_rules * sizeof(struct counter_map);
-+ len = sizeof(STRUCT_TC_HANDLE) + size;
-
-- if ((h = malloc(len)) == NULL) {
-+ h = malloc(sizeof(STRUCT_TC_HANDLE));
-+ if (!h) {
- errno = ENOMEM;
- return NULL;
- }
--
-- h->changed = 0;
-- h->cache_num_chains = 0;
-- h->cache_chain_heads = NULL;
-- h->counter_map = (void *)h
-- + sizeof(STRUCT_TC_HANDLE)
-- + size;
-+ memset(h, 0, sizeof(*h));
-+ INIT_LIST_HEAD(&h->chains);
- strcpy(h->info.name, tablename);
-- strcpy(h->entries.name, tablename);
-+
-+ h->entries = malloc(sizeof(STRUCT_GET_ENTRIES) + size);
-+ if (!h->entries)
-+ goto out_free_handle;
-+
-+ strcpy(h->entries->name, tablename);
-+ h->entries->size = size;
-
- return h;
-+
-+out_free_handle:
-+ free(h);
-+
-+ return NULL;
- }
-
-+
- TC_HANDLE_T
- TC_INIT(const char *tablename)
- {
- TC_HANDLE_T h;
- STRUCT_GETINFO info;
-- unsigned int i;
- int tmp;
- socklen_t s;
-
- iptc_fn = TC_INIT;
-
-- if (sockfd != -1)
-- close(sockfd);
-+ if (strlen(tablename) >= TABLE_MAXNAMELEN) {
-+ errno = EINVAL;
-+ return NULL;
-+ }
-
-+ if (sockfd_use == 0) {
- sockfd = socket(TC_AF, SOCK_RAW, IPPROTO_RAW);
- if (sockfd < 0)
- return NULL;
-+ }
-+ sockfd_use++;
-
- s = sizeof(info);
-- if (strlen(tablename) >= TABLE_MAXNAMELEN) {
-- errno = EINVAL;
-- return NULL;
-- }
-+
- strcpy(info.name, tablename);
-- if (getsockopt(sockfd, TC_IPPROTO, SO_GET_INFO, &info, &s) < 0)
-+ if (getsockopt(sockfd, TC_IPPROTO, SO_GET_INFO, &info, &s) < 0) {
-+ if (--sockfd_use == 0) {
-+ close(sockfd);
-+ sockfd = -1;
-+ }
- return NULL;
-+ }
-
-- if ((h = alloc_handle(info.name, info.size, info.num_entries))
-- == NULL)
-- return NULL;
-+ DEBUGP("valid_hooks=0x%08x, num_entries=%u, size=%u\n",
-+ info.valid_hooks, info.num_entries, info.size);
-
--/* Too hard --RR */
--#if 0
-- sprintf(pathname, "%s/%s", IPT_LIB_DIR, info.name);
-- dynlib = dlopen(pathname, RTLD_NOW);
-- if (!dynlib) {
-- errno = ENOENT;
-- return NULL;
-+ if ((h = alloc_handle(info.name, info.size, info.num_entries))
-+ == NULL) {
-+ if (--sockfd_use == 0) {
-+ close(sockfd);
-+ sockfd = -1;
- }
-- h->hooknames = dlsym(dynlib, "hooknames");
-- if (!h->hooknames) {
-- errno = ENOENT;
- return NULL;
- }
--#else
-- h->hooknames = hooknames;
--#endif
-
- /* Initialize current state */
- h->info = info;
-- h->new_number = h->info.num_entries;
-- for (i = 0; i < h->info.num_entries; i++)
-- h->counter_map[i]
-- = ((struct counter_map){COUNTER_MAP_NORMAL_MAP, i});
-
-- h->entries.size = h->info.size;
-+ h->entries->size = h->info.size;
-
- tmp = sizeof(STRUCT_GET_ENTRIES) + h->info.size;
-
-- if (getsockopt(sockfd, TC_IPPROTO, SO_GET_ENTRIES, &h->entries,
-- &tmp) < 0) {
-- free(h);
-- return NULL;
-+ if (getsockopt(sockfd, TC_IPPROTO, SO_GET_ENTRIES, h->entries,
-+ &tmp) < 0)
-+ goto error;
-+
-+#ifdef IPTC_DEBUG2
-+ {
-+ int fd = open("/tmp/libiptc-so_get_entries.blob",
-+ O_CREAT|O_WRONLY);
-+ if (fd >= 0) {
-+ write(fd, h->entries, tmp);
-+ close(fd);
-+ }
- }
-+#endif
-+
-+ if (parse_table(h) < 0)
-+ goto error;
-
- CHECK(h);
- return h;
-+error:
-+ if (--sockfd_use == 0) {
-+ close(sockfd);
-+ sockfd = -1;
-+ }
-+ TC_FREE(&h);
-+ return NULL;
-+}
-+
-+void
-+TC_FREE(TC_HANDLE_T *h)
-+{
-+ struct chain_head *c, *tmp;
-+
-+ iptc_fn = TC_FREE;
-+ if (--sockfd_use == 0) {
-+ close(sockfd);
-+ sockfd = -1;
-+ }
-+
-+ list_for_each_entry_safe(c, tmp, &(*h)->chains, list) {
-+ struct rule_head *r, *rtmp;
-+
-+ list_for_each_entry_safe(r, rtmp, &c->rules, list) {
-+ free(r);
-+ }
-+
-+ free(c);
-+ }
-+
-+ free((*h)->entries);
-+ free(*h);
-+
-+ *h = NULL;
- }
-
- static inline int
-@@ -304,11 +913,11 @@
- void
- TC_DUMP_ENTRIES(const TC_HANDLE_T handle)
- {
-+ iptc_fn = TC_DUMP_ENTRIES;
- CHECK(handle);
--
-- printf("libiptc v%s. %u entries, %u bytes.\n",
-- NETFILTER_VERSION,
-- handle->new_number, handle->entries.size);
-+#if 0
-+ printf("libiptc v%s. %u bytes.\n",
-+ IPTABLES_VERSION, handle->entries->size);
- printf("Table `%s'\n", handle->info.name);
- printf("Hooks: pre/in/fwd/out/post = %u/%u/%u/%u/%u\n",
- handle->info.hook_entry[HOOK_PRE_ROUTING],
-@@ -323,516 +932,277 @@
- handle->info.underflow[HOOK_LOCAL_OUT],
- handle->info.underflow[HOOK_POST_ROUTING]);
-
-- ENTRY_ITERATE(handle->entries.entrytable, handle->entries.size,
-+ ENTRY_ITERATE(handle->entries->entrytable, handle->entries->size,
- dump_entry, handle);
--}
--
--/* Returns 0 if not hook entry, else hooknumber + 1 */
--static inline unsigned int
--is_hook_entry(STRUCT_ENTRY *e, TC_HANDLE_T h)
--{
-- unsigned int i;
--
-- for (i = 0; i < NUMHOOKS; i++) {
-- if ((h->info.valid_hooks & (1 << i))
-- && get_entry(h, h->info.hook_entry[i]) == e)
-- return i+1;
-- }
-- return 0;
--}
--
--static inline int
--add_chain(STRUCT_ENTRY *e, TC_HANDLE_T h, STRUCT_ENTRY **prev)
--{
-- unsigned int builtin;
--
-- /* Last entry. End it. */
-- if (entry2offset(h, e) + e->next_offset == h->entries.size) {
-- /* This is the ERROR node at end of the table */
-- h->cache_chain_heads[h->cache_num_chains-1].end = *prev;
-- return 0;
-- }
--
-- /* We know this is the start of a new chain if it's an ERROR
-- target, or a hook entry point */
-- if (strcmp(GET_TARGET(e)->u.user.name, ERROR_TARGET) == 0) {
-- /* prev was last entry in previous chain */
-- h->cache_chain_heads[h->cache_num_chains-1].end
-- = *prev;
--
-- strcpy(h->cache_chain_heads[h->cache_num_chains].name,
-- (const char *)GET_TARGET(e)->data);
-- h->cache_chain_heads[h->cache_num_chains].start
-- = (void *)e + e->next_offset;
-- h->cache_num_chains++;
-- } else if ((builtin = is_hook_entry(e, h)) != 0) {
-- if (h->cache_num_chains > 0)
-- /* prev was last entry in previous chain */
-- h->cache_chain_heads[h->cache_num_chains-1].end
-- = *prev;
--
-- strcpy(h->cache_chain_heads[h->cache_num_chains].name,
-- h->hooknames[builtin-1]);
-- h->cache_chain_heads[h->cache_num_chains].start
-- = (void *)e;
-- h->cache_num_chains++;
-- }
--
-- *prev = e;
-- return 0;
--}
--
--static int alphasort(const void *a, const void *b)
--{
-- return strcmp(((struct chain_cache *)a)->name,
-- ((struct chain_cache *)b)->name);
--}
--
--static int populate_cache(TC_HANDLE_T h)
--{
-- unsigned int i;
-- STRUCT_ENTRY *prev;
--
-- /* # chains < # rules / 2 + num builtins - 1 */
-- h->cache_chain_heads = malloc((h->new_number / 2 + 4)
-- * sizeof(struct chain_cache));
-- if (!h->cache_chain_heads) {
-- errno = ENOMEM;
-- return 0;
-- }
--
-- h->cache_num_chains = 0;
-- h->cache_num_builtins = 0;
--
-- /* Count builtins */
-- for (i = 0; i < NUMHOOKS; i++) {
-- if (h->info.valid_hooks & (1 << i))
-- h->cache_num_builtins++;
-- }
--
-- prev = NULL;
-- ENTRY_ITERATE(h->entries.entrytable, h->entries.size,
-- add_chain, h, &prev);
--
-- qsort(h->cache_chain_heads + h->cache_num_builtins,
-- h->cache_num_chains - h->cache_num_builtins,
-- sizeof(struct chain_cache), alphasort);
--
-- return 1;
--}
--
--/* Returns cache ptr if found, otherwise NULL. */
--static struct chain_cache *
--find_label(const char *name, TC_HANDLE_T handle)
--{
-- unsigned int i;
--
-- if (handle->cache_chain_heads == NULL
-- && !populate_cache(handle))
-- return NULL;
--
-- /* FIXME: Linear search through builtins, then binary --RR */
-- for (i = 0; i < handle->cache_num_chains; i++) {
-- if (strcmp(handle->cache_chain_heads[i].name, name) == 0)
-- return &handle->cache_chain_heads[i];
-- }
--
-- return NULL;
-+#endif
- }
-
- /* Does this chain exist? */
- int TC_IS_CHAIN(const char *chain, const TC_HANDLE_T handle)
- {
-- return find_label(chain, handle) != NULL;
-+ iptc_fn = TC_IS_CHAIN;
-+ return iptcc_find_label(chain, handle) != NULL;
- }
-
--/* Returns the position of the final (ie. unconditional) element. */
--static unsigned int
--get_chain_end(const TC_HANDLE_T handle, unsigned int start)
-+static void iptcc_chain_iterator_advance(TC_HANDLE_T handle)
- {
-- unsigned int last_off, off;
-- STRUCT_ENTRY *e;
--
-- last_off = start;
-- e = get_entry(handle, start);
--
-- /* Terminate when we meet a error label or a hook entry. */
-- for (off = start + e->next_offset;
-- off < handle->entries.size;
-- last_off = off, off += e->next_offset) {
-- STRUCT_ENTRY_TARGET *t;
-- unsigned int i;
--
-- e = get_entry(handle, off);
--
-- /* We hit an entry point. */
-- for (i = 0; i < NUMHOOKS; i++) {
-- if ((handle->info.valid_hooks & (1 << i))
-- && off == handle->info.hook_entry[i])
-- return last_off;
-- }
-+ struct chain_head *c = handle->chain_iterator_cur;
-
-- /* We hit a user chain label */
-- t = GET_TARGET(e);
-- if (strcmp(t->u.user.name, ERROR_TARGET) == 0)
-- return last_off;
-- }
-- /* SHOULD NEVER HAPPEN */
-- fprintf(stderr, "ERROR: Off end (%u) of chain from %u!\n",
-- handle->entries.size, off);
-- abort();
-+ if (c->list.next == &handle->chains)
-+ handle->chain_iterator_cur = NULL;
-+ else
-+ handle->chain_iterator_cur =
-+ list_entry(c->list.next, struct chain_head, list);
- }
-
- /* Iterator functions to run through the chains. */
- const char *
- TC_FIRST_CHAIN(TC_HANDLE_T *handle)
- {
-- if ((*handle)->cache_chain_heads == NULL
-- && !populate_cache(*handle))
-+ struct chain_head *c = list_entry((*handle)->chains.next,
-+ struct chain_head, list);
-+
-+ iptc_fn = TC_FIRST_CHAIN;
-+
-+
-+ if (list_empty(&(*handle)->chains)) {
-+ DEBUGP(": no chains\n");
- return NULL;
-+ }
-
-- (*handle)->cache_chain_iteration
-- = &(*handle)->cache_chain_heads[0];
-+ (*handle)->chain_iterator_cur = c;
-+ iptcc_chain_iterator_advance(*handle);
-
-- return (*handle)->cache_chain_iteration->name;
-+ DEBUGP(": returning `%s'\n", c->name);
-+ return c->name;
- }
-
- /* Iterator functions to run through the chains. Returns NULL at end. */
- const char *
- TC_NEXT_CHAIN(TC_HANDLE_T *handle)
- {
-- (*handle)->cache_chain_iteration++;
-+ struct chain_head *c = (*handle)->chain_iterator_cur;
-
-- if ((*handle)->cache_chain_iteration - (*handle)->cache_chain_heads
-- == (*handle)->cache_num_chains)
-+ iptc_fn = TC_NEXT_CHAIN;
-+
-+ if (!c) {
-+ DEBUGP(": no more chains\n");
- return NULL;
-+ }
-
-- return (*handle)->cache_chain_iteration->name;
-+ iptcc_chain_iterator_advance(*handle);
-+
-+ DEBUGP(": returning `%s'\n", c->name);
-+ return c->name;
- }
-
- /* Get first rule in the given chain: NULL for empty chain. */
- const STRUCT_ENTRY *
- TC_FIRST_RULE(const char *chain, TC_HANDLE_T *handle)
- {
-- struct chain_cache *c;
-+ struct chain_head *c;
-+ struct rule_head *r;
-+
-+ iptc_fn = TC_FIRST_RULE;
-+
-+ DEBUGP("first rule(%s): ", chain);
-
-- c = find_label(chain, *handle);
-+ c = iptcc_find_label(chain, *handle);
- if (!c) {
- errno = ENOENT;
- return NULL;
- }
-
- /* Empty chain: single return/policy rule */
-- if (c->start == c->end)
-+ if (list_empty(&c->rules)) {
-+ DEBUGP_C("no rules, returning NULL\n");
- return NULL;
-+ }
-+
-+ r = list_entry(c->rules.next, struct rule_head, list);
-+ (*handle)->rule_iterator_cur = r;
-+ DEBUGP_C("%p\n", r);
-
-- (*handle)->cache_rule_end = c->end;
-- return c->start;
-+ return r->entry;
- }
-
- /* Returns NULL when rules run out. */
- const STRUCT_ENTRY *
- TC_NEXT_RULE(const STRUCT_ENTRY *prev, TC_HANDLE_T *handle)
- {
-- if ((void *)prev + prev->next_offset
-- == (void *)(*handle)->cache_rule_end)
-+ struct rule_head *r;
-+
-+ iptc_fn = TC_NEXT_RULE;
-+ DEBUGP("rule_iterator_cur=%p...", (*handle)->rule_iterator_cur);
-+
-+ if (!(*handle)->rule_iterator_cur) {
-+ DEBUGP_C("returning NULL\n");
-+ return NULL;
-+ }
-+
-+ r = list_entry((*handle)->rule_iterator_cur->list.next,
-+ struct rule_head, list);
-+
-+ iptc_fn = TC_NEXT_RULE;
-+
-+ DEBUGP_C("next=%p, head=%p...", &r->list,
-+ &(*handle)->rule_iterator_cur->chain->rules);
-+
-+ if (&r->list == &(*handle)->rule_iterator_cur->chain->rules) {
-+ (*handle)->rule_iterator_cur = NULL;
-+ DEBUGP_C("finished, returning NULL\n");
- return NULL;
-+ }
-+
-+ (*handle)->rule_iterator_cur = r;
-
-- return (void *)prev + prev->next_offset;
-+ /* NOTE: prev is without any influence ! */
-+ DEBUGP_C("returning rule %p\n", r);
-+ return r->entry;
- }
-
--#if 0
- /* How many rules in this chain? */
- unsigned int
- TC_NUM_RULES(const char *chain, TC_HANDLE_T *handle)
- {
-- unsigned int off = 0;
-- STRUCT_ENTRY *start, *end;
--
-+ struct chain_head *c;
-+ iptc_fn = TC_NUM_RULES;
- CHECK(*handle);
-- if (!find_label(&off, chain, *handle)) {
-+
-+ c = iptcc_find_label(chain, *handle);
-+ if (!c) {
- errno = ENOENT;
- return (unsigned int)-1;
- }
-
-- start = get_entry(*handle, off);
-- end = get_entry(*handle, get_chain_end(*handle, off));
--
-- return entry2index(*handle, end) - entry2index(*handle, start);
-+ return c->num_rules;
- }
-
--/* Get n'th rule in this chain. */
- const STRUCT_ENTRY *TC_GET_RULE(const char *chain,
- unsigned int n,
- TC_HANDLE_T *handle)
- {
-- unsigned int pos = 0, chainindex;
-+ struct chain_head *c;
-+ struct rule_head *r;
-+
-+ iptc_fn = TC_GET_RULE;
-
- CHECK(*handle);
-- if (!find_label(&pos, chain, *handle)) {
-+
-+ c = iptcc_find_label(chain, *handle);
-+ if (!c) {
- errno = ENOENT;
- return NULL;
- }
-
-- chainindex = entry2index(*handle, get_entry(*handle, pos));
--
-- return index2entry(*handle, chainindex + n);
-+ r = iptcc_get_rule_num(c, n);
-+ if (!r)
-+ return NULL;
-+ return r->entry;
- }
--#endif
-
--static const char *
--target_name(TC_HANDLE_T handle, const STRUCT_ENTRY *ce)
-+/* Returns a pointer to the target name of this position. */
-+const char *standard_target_map(int verdict)
- {
-- int spos;
-- unsigned int labelidx;
-- STRUCT_ENTRY *jumpto;
--
-- /* To avoid const warnings */
-- STRUCT_ENTRY *e = (STRUCT_ENTRY *)ce;
--
-- if (strcmp(GET_TARGET(e)->u.user.name, STANDARD_TARGET) != 0)
-- return GET_TARGET(e)->u.user.name;
--
-- /* Standard target: evaluate */
-- spos = *(int *)GET_TARGET(e)->data;
-- if (spos < 0) {
-- if (spos == RETURN)
-+ switch (verdict) {
-+ case RETURN:
- return LABEL_RETURN;
-- else if (spos == -NF_ACCEPT-1)
-+ break;
-+ case -NF_ACCEPT-1:
- return LABEL_ACCEPT;
-- else if (spos == -NF_DROP-1)
-+ break;
-+ case -NF_DROP-1:
- return LABEL_DROP;
-- else if (spos == -NF_QUEUE-1)
-+ break;
-+ case -NF_QUEUE-1:
- return LABEL_QUEUE;
--
-- fprintf(stderr, "ERROR: off %lu/%u not a valid target (%i)\n",
-- entry2offset(handle, e), handle->entries.size,
-- spos);
-+ break;
-+ default:
-+ fprintf(stderr, "ERROR: %d not a valid target)\n",
-+ verdict);
- abort();
-+ break;
- }
--
-- jumpto = get_entry(handle, spos);
--
-- /* Fall through rule */
-- if (jumpto == (void *)e + e->next_offset)
-- return "";
--
-- /* Must point to head of a chain: ie. after error rule */
-- labelidx = entry2index(handle, jumpto) - 1;
-- return get_errorlabel(handle, index2offset(handle, labelidx));
-+ /* not reached */
-+ return NULL;
- }
-
- /* Returns a pointer to the target name of this position. */
--const char *TC_GET_TARGET(const STRUCT_ENTRY *e,
-+const char *TC_GET_TARGET(const STRUCT_ENTRY *ce,
- TC_HANDLE_T *handle)
- {
-- return target_name(*handle, e);
-+ STRUCT_ENTRY *e = (STRUCT_ENTRY *)ce;
-+ struct rule_head *r = container_of(e, struct rule_head, entry[0]);
-+
-+ iptc_fn = TC_GET_TARGET;
-+
-+ switch(r->type) {
-+ int spos;
-+ case IPTCC_R_FALLTHROUGH:
-+ return "";
-+ break;
-+ case IPTCC_R_JUMP:
-+ DEBUGP("r=%p, jump=%p, name=`%s'\n", r, r->jump, r->jump->name);
-+ return r->jump->name;
-+ break;
-+ case IPTCC_R_STANDARD:
-+ spos = *(int *)GET_TARGET(e)->data;
-+ DEBUGP("r=%p, spos=%d'\n", r, spos);
-+ return standard_target_map(spos);
-+ break;
-+ case IPTCC_R_MODULE:
-+ return GET_TARGET(e)->u.user.name;
-+ break;
-+}
-+ return NULL;
- }
--
- /* Is this a built-in chain? Actually returns hook + 1. */
- int
- TC_BUILTIN(const char *chain, const TC_HANDLE_T handle)
- {
-- unsigned int i;
-+ struct chain_head *c;
-
-- for (i = 0; i < NUMHOOKS; i++) {
-- if ((handle->info.valid_hooks & (1 << i))
-- && handle->hooknames[i]
-- && strcmp(handle->hooknames[i], chain) == 0)
-- return i+1;
-- }
-+ iptc_fn = TC_BUILTIN;
-+
-+ c = iptcc_find_label(chain, handle);
-+ if (!c) {
-+ errno = ENOENT;
- return 0;
- }
-
-+ return iptcc_is_builtin(c);
-+}
-+
- /* Get the policy of a given built-in chain */
- const char *
- TC_GET_POLICY(const char *chain,
- STRUCT_COUNTERS *counters,
-- TC_HANDLE_T *handle)
--{
-- unsigned int start;
-- STRUCT_ENTRY *e;
-- int hook;
--
-- hook = TC_BUILTIN(chain, *handle);
-- if (hook != 0)
-- start = (*handle)->info.hook_entry[hook-1];
-- else
-- return NULL;
--
-- e = get_entry(*handle, get_chain_end(*handle, start));
-- *counters = e->counters;
--
-- return target_name(*handle, e);
--}
--
--static int
--correct_verdict(STRUCT_ENTRY *e,
-- char *base,
-- unsigned int offset, int delta_offset)
--{
-- STRUCT_STANDARD_TARGET *t = (void *)GET_TARGET(e);
-- unsigned int curr = (char *)e - base;
--
-- /* Trap: insert of fall-through rule. Don't change fall-through
-- verdict to jump-over-next-rule. */
-- if (strcmp(t->target.u.user.name, STANDARD_TARGET) == 0
-- && t->verdict > (int)offset
-- && !(curr == offset &&
-- t->verdict == curr + e->next_offset)) {
-- t->verdict += delta_offset;
-- }
--
-- return 0;
--}
--
--/* Adjusts standard verdict jump positions after an insertion/deletion. */
--static int
--set_verdict(unsigned int offset, int delta_offset, TC_HANDLE_T *handle)
--{
-- ENTRY_ITERATE((*handle)->entries.entrytable,
-- (*handle)->entries.size,
-- correct_verdict, (char *)(*handle)->entries.entrytable,
-- offset, delta_offset);
--
-- set_changed(*handle);
-- return 1;
--}
--
--/* If prepend is set, then we are prepending to a chain: if the
-- * insertion position is an entry point, keep the entry point. */
--static int
--insert_rules(unsigned int num_rules, unsigned int rules_size,
-- const STRUCT_ENTRY *insert,
-- unsigned int offset, unsigned int num_rules_offset,
-- int prepend,
- TC_HANDLE_T *handle)
- {
-- TC_HANDLE_T newh;
-- STRUCT_GETINFO newinfo;
-- unsigned int i;
--
-- if (offset >= (*handle)->entries.size) {
-- errno = EINVAL;
-- return 0;
-- }
-+ struct chain_head *c;
-
-- newinfo = (*handle)->info;
--
-- /* Fix up entry points. */
-- for (i = 0; i < NUMHOOKS; i++) {
-- /* Entry points to START of chain, so keep same if
-- inserting on at that point. */
-- if ((*handle)->info.hook_entry[i] > offset)
-- newinfo.hook_entry[i] += rules_size;
--
-- /* Underflow always points to END of chain (policy),
-- so if something is inserted at same point, it
-- should be advanced. */
-- if ((*handle)->info.underflow[i] >= offset)
-- newinfo.underflow[i] += rules_size;
-- }
--
-- newh = alloc_handle((*handle)->info.name,
-- (*handle)->entries.size + rules_size,
-- (*handle)->new_number + num_rules);
-- if (!newh)
-- return 0;
-- newh->info = newinfo;
--
-- /* Copy pre... */
-- memcpy(newh->entries.entrytable, (*handle)->entries.entrytable,offset);
-- /* ... Insert new ... */
-- memcpy((char *)newh->entries.entrytable + offset, insert, rules_size);
-- /* ... copy post */
-- memcpy((char *)newh->entries.entrytable + offset + rules_size,
-- (char *)(*handle)->entries.entrytable + offset,
-- (*handle)->entries.size - offset);
--
-- /* Move counter map. */
-- /* Copy pre... */
-- memcpy(newh->counter_map, (*handle)->counter_map,
-- sizeof(struct counter_map) * num_rules_offset);
-- /* ... copy post */
-- memcpy(newh->counter_map + num_rules_offset + num_rules,
-- (*handle)->counter_map + num_rules_offset,
-- sizeof(struct counter_map) * ((*handle)->new_number
-- - num_rules_offset));
-- /* Set intermediates to no counter copy */
-- for (i = 0; i < num_rules; i++)
-- newh->counter_map[num_rules_offset+i]
-- = ((struct counter_map){ COUNTER_MAP_SET, 0 });
--
-- newh->new_number = (*handle)->new_number + num_rules;
-- newh->entries.size = (*handle)->entries.size + rules_size;
-- newh->hooknames = (*handle)->hooknames;
--
-- if ((*handle)->cache_chain_heads)
-- free((*handle)->cache_chain_heads);
-- free(*handle);
-- *handle = newh;
--
-- return set_verdict(offset, rules_size, handle);
--}
--
--static int
--delete_rules(unsigned int num_rules, unsigned int rules_size,
-- unsigned int offset, unsigned int num_rules_offset,
-- TC_HANDLE_T *handle)
--{
-- unsigned int i;
-+ iptc_fn = TC_GET_POLICY;
-
-- if (offset + rules_size > (*handle)->entries.size) {
-- errno = EINVAL;
-- return 0;
-- }
-+ DEBUGP("called for chain %s\n", chain);
-
-- /* Fix up entry points. */
-- for (i = 0; i < NUMHOOKS; i++) {
-- /* In practice, we never delete up to a hook entry,
-- since the built-in chains are always first,
-- so these two are never equal */
-- if ((*handle)->info.hook_entry[i] >= offset + rules_size)
-- (*handle)->info.hook_entry[i] -= rules_size;
-- else if ((*handle)->info.hook_entry[i] > offset) {
-- fprintf(stderr, "ERROR: Deleting entry %u %u %u\n",
-- i, (*handle)->info.hook_entry[i], offset);
-- abort();
-+ c = iptcc_find_label(chain, *handle);
-+ if (!c) {
-+ errno = ENOENT;
-+ return NULL;
- }
-
-- /* Underflow points to policy (terminal) rule in
-- built-in, so sequality is valid here (when deleting
-- the last rule). */
-- if ((*handle)->info.underflow[i] >= offset + rules_size)
-- (*handle)->info.underflow[i] -= rules_size;
-- else if ((*handle)->info.underflow[i] > offset) {
-- fprintf(stderr, "ERROR: Deleting uflow %u %u %u\n",
-- i, (*handle)->info.underflow[i], offset);
-- abort();
-- }
-- }
-+ if (!iptcc_is_builtin(c))
-+ return NULL;
-
-- /* Move the rules down. */
-- memmove((char *)(*handle)->entries.entrytable + offset,
-- (char *)(*handle)->entries.entrytable + offset + rules_size,
-- (*handle)->entries.size - (offset + rules_size));
--
-- /* Move the counter map down. */
-- memmove(&(*handle)->counter_map[num_rules_offset],
-- &(*handle)->counter_map[num_rules_offset + num_rules],
-- sizeof(struct counter_map)
-- * ((*handle)->new_number - (num_rules + num_rules_offset)));
--
-- /* Fix numbers */
-- (*handle)->new_number -= num_rules;
-- (*handle)->entries.size -= rules_size;
-+ *counters = c->counters;
-
-- return set_verdict(offset, -(int)rules_size, handle);
-+ return standard_target_map(c->verdict);
- }
-
- static int
--standard_map(STRUCT_ENTRY *e, int verdict)
-+iptcc_standard_map(struct rule_head *r, int verdict)
- {
-+ STRUCT_ENTRY *e = r->entry;
- STRUCT_STANDARD_TARGET *t;
-
- t = (STRUCT_STANDARD_TARGET *)GET_TARGET(e);
-@@ -847,64 +1217,62 @@
- strcpy(t->target.u.user.name, STANDARD_TARGET);
- t->verdict = verdict;
-
-+ r->type = IPTCC_R_STANDARD;
-+
- return 1;
- }
-
- static int
--map_target(const TC_HANDLE_T handle,
-- STRUCT_ENTRY *e,
-- unsigned int offset,
-- STRUCT_ENTRY_TARGET *old)
-+iptcc_map_target(const TC_HANDLE_T handle,
-+ struct rule_head *r)
- {
-+ STRUCT_ENTRY *e = r->entry;
- STRUCT_ENTRY_TARGET *t = GET_TARGET(e);
-
-- /* Save old target (except data, which we don't change, except for
-- standard case, where we don't care). */
-- *old = *t;
--
- /* Maybe it's empty (=> fall through) */
-- if (strcmp(t->u.user.name, "") == 0)
-- return standard_map(e, offset + e->next_offset);
-+ if (strcmp(t->u.user.name, "") == 0) {
-+ r->type = IPTCC_R_FALLTHROUGH;
-+ return 1;
-+ }
- /* Maybe it's a standard target name... */
- else if (strcmp(t->u.user.name, LABEL_ACCEPT) == 0)
-- return standard_map(e, -NF_ACCEPT - 1);
-+ return iptcc_standard_map(r, -NF_ACCEPT - 1);
- else if (strcmp(t->u.user.name, LABEL_DROP) == 0)
-- return standard_map(e, -NF_DROP - 1);
-+ return iptcc_standard_map(r, -NF_DROP - 1);
- else if (strcmp(t->u.user.name, LABEL_QUEUE) == 0)
-- return standard_map(e, -NF_QUEUE - 1);
-+ return iptcc_standard_map(r, -NF_QUEUE - 1);
- else if (strcmp(t->u.user.name, LABEL_RETURN) == 0)
-- return standard_map(e, RETURN);
-+ return iptcc_standard_map(r, RETURN);
- else if (TC_BUILTIN(t->u.user.name, handle)) {
- /* Can't jump to builtins. */
- errno = EINVAL;
- return 0;
- } else {
- /* Maybe it's an existing chain name. */
-- struct chain_cache *c;
-+ struct chain_head *c;
-+ DEBUGP("trying to find chain `%s': ", t->u.user.name);
-
-- c = find_label(t->u.user.name, handle);
-- if (c)
-- return standard_map(e, entry2offset(handle, c->start));
-+ c = iptcc_find_label(t->u.user.name, handle);
-+ if (c) {
-+ DEBUGP_C("found!\n");
-+ r->type = IPTCC_R_JUMP;
-+ r->jump = c;
-+ c->references++;
-+ return 1;
-+}
-+ DEBUGP_C("not found :(\n");
- }
-
- /* Must be a module? If not, kernel will reject... */
-- /* memset to all 0 for your memcmp convenience. */
-+ /* memset to all 0 for your memcmp convenience: don't clear version */
- memset(t->u.user.name + strlen(t->u.user.name),
- 0,
-- FUNCTION_MAXNAMELEN - strlen(t->u.user.name));
-+ FUNCTION_MAXNAMELEN - 1 - strlen(t->u.user.name));
-+ r->type = IPTCC_R_MODULE;
-+ set_changed(handle);
- return 1;
- }
-
--static void
--unmap_target(STRUCT_ENTRY *e, STRUCT_ENTRY_TARGET *old)
--{
-- STRUCT_ENTRY_TARGET *t = GET_TARGET(e);
--
-- /* Save old target (except data, which we don't change, except for
-- standard case, where we don't care). */
-- *t = *old;
--}
--
- /* Insert the entry `fw' in chain `chain' into position `rulenum'. */
- int
- TC_INSERT_ENTRY(const IPT_CHAINLABEL chain,
-@@ -912,36 +1280,56 @@
- unsigned int rulenum,
- TC_HANDLE_T *handle)
- {
-- unsigned int chainindex, offset;
-- STRUCT_ENTRY_TARGET old;
-- struct chain_cache *c;
-- STRUCT_ENTRY *tmp;
-- int ret;
-+ struct chain_head *c;
-+ struct rule_head *r;
-+ struct list_head *prev;
-
- iptc_fn = TC_INSERT_ENTRY;
-- if (!(c = find_label(chain, *handle))) {
-+
-+ if (!(c = iptcc_find_label(chain, *handle))) {
- errno = ENOENT;
- return 0;
- }
-
-- chainindex = entry2index(*handle, c->start);
--
-- tmp = index2entry(*handle, chainindex + rulenum);
-- if (!tmp || tmp > c->end) {
-+ /* first rulenum index = 0
-+ first c->num_rules index = 1 */
-+ if (rulenum > c->num_rules) {
- errno = E2BIG;
- return 0;
- }
-- offset = index2offset(*handle, chainindex + rulenum);
-
-- /* Mapping target actually alters entry, but that's
-- transparent to the caller. */
-- if (!map_target(*handle, (STRUCT_ENTRY *)e, offset, &old))
-+ /* If we are inserting at the end just take advantage of the
-+ double linked list, insert will happen before the entry
-+ prev points to. */
-+ if (rulenum == c->num_rules) {
-+ prev = &c->rules;
-+ } else if (rulenum + 1 <= c->num_rules/2) {
-+ r = iptcc_get_rule_num(c, rulenum + 1);
-+ prev = &r->list;
-+ } else {
-+ r = iptcc_get_rule_num_reverse(c, c->num_rules - rulenum);
-+ prev = &r->list;
-+ }
-+
-+ if (!(r = iptcc_alloc_rule(c, e->next_offset))) {
-+ errno = ENOMEM;
-+ return 0;
-+ }
-+
-+ memcpy(r->entry, e, e->next_offset);
-+ r->counter_map.maptype = COUNTER_MAP_SET;
-+
-+ if (!iptcc_map_target(*handle, r)) {
-+ free(r);
- return 0;
-+ }
-+
-+ list_add_tail(&r->list, prev);
-+ c->num_rules++;
-+
-+ set_changed(*handle);
-
-- ret = insert_rules(1, e->next_offset, e, offset,
-- chainindex + rulenum, rulenum == 0, handle);
-- unmap_target((STRUCT_ENTRY *)e, &old);
-- return ret;
-+ return 1;
- }
-
- /* Atomically replace rule `rulenum' in `chain' with `fw'. */
-@@ -951,40 +1339,47 @@
- unsigned int rulenum,
- TC_HANDLE_T *handle)
- {
-- unsigned int chainindex, offset;
-- STRUCT_ENTRY_TARGET old;
-- struct chain_cache *c;
-- STRUCT_ENTRY *tmp;
-- int ret;
-+ struct chain_head *c;
-+ struct rule_head *r, *old;
-
- iptc_fn = TC_REPLACE_ENTRY;
-
-- if (!(c = find_label(chain, *handle))) {
-+ if (!(c = iptcc_find_label(chain, *handle))) {
- errno = ENOENT;
- return 0;
- }
-
-- chainindex = entry2index(*handle, c->start);
--
-- tmp = index2entry(*handle, chainindex + rulenum);
-- if (!tmp || tmp >= c->end) {
-+ if (rulenum >= c->num_rules) {
- errno = E2BIG;
- return 0;
- }
-
-- offset = index2offset(*handle, chainindex + rulenum);
-- /* Replace = delete and insert. */
-- if (!delete_rules(1, get_entry(*handle, offset)->next_offset,
-- offset, chainindex + rulenum, handle))
-+ /* Take advantage of the double linked list if possible. */
-+ if (rulenum + 1 <= c->num_rules/2) {
-+ old = iptcc_get_rule_num(c, rulenum + 1);
-+ } else {
-+ old = iptcc_get_rule_num_reverse(c, c->num_rules - rulenum);
-+ }
-+
-+ if (!(r = iptcc_alloc_rule(c, e->next_offset))) {
-+ errno = ENOMEM;
- return 0;
-+ }
-
-- if (!map_target(*handle, (STRUCT_ENTRY *)e, offset, &old))
-+ memcpy(r->entry, e, e->next_offset);
-+ r->counter_map.maptype = COUNTER_MAP_SET;
-+
-+ if (!iptcc_map_target(*handle, r)) {
-+ free(r);
- return 0;
-+ }
-+
-+ list_add(&r->list, &old->list);
-+ iptcc_delete_rule(old);
-+
-+ set_changed(*handle);
-
-- ret = insert_rules(1, e->next_offset, e, offset,
-- chainindex + rulenum, 1, handle);
-- unmap_target((STRUCT_ENTRY *)e, &old);
-- return ret;
-+ return 1;
- }
-
- /* Append entry `fw' to chain `chain'. Equivalent to insert with
-@@ -994,26 +1389,37 @@
- const STRUCT_ENTRY *e,
- TC_HANDLE_T *handle)
- {
-- struct chain_cache *c;
-- STRUCT_ENTRY_TARGET old;
-- int ret;
-+ struct chain_head *c;
-+ struct rule_head *r;
-
- iptc_fn = TC_APPEND_ENTRY;
-- if (!(c = find_label(chain, *handle))) {
-+ if (!(c = iptcc_find_label(chain, *handle))) {
-+ DEBUGP("unable to find chain `%s'\n", chain);
- errno = ENOENT;
- return 0;
- }
-
-- if (!map_target(*handle, (STRUCT_ENTRY *)e,
-- entry2offset(*handle, c->end), &old))
-+ if (!(r = iptcc_alloc_rule(c, e->next_offset))) {
-+ DEBUGP("unable to allocate rule for chain `%s'\n", chain);
-+ errno = ENOMEM;
-+ return 0;
-+ }
-+
-+ memcpy(r->entry, e, e->next_offset);
-+ r->counter_map.maptype = COUNTER_MAP_SET;
-+
-+ if (!iptcc_map_target(*handle, r)) {
-+ DEBUGP("unable to map target of rule for chain `%s'\n", chain);
-+ free(r);
- return 0;
-+ }
-+
-+ list_add_tail(&r->list, &c->rules);
-+ c->num_rules++;
-+
-+ set_changed(*handle);
-
-- ret = insert_rules(1, e->next_offset, e,
-- entry2offset(*handle, c->end),
-- entry2index(*handle, c->end),
-- 0, handle);
-- unmap_target((STRUCT_ENTRY *)e, &old);
-- return ret;
-+ return 1;
- }
-
- static inline int
-@@ -1044,20 +1450,42 @@
- }
-
- static inline int
--target_different(const unsigned char *a_targdata,
-- const unsigned char *b_targdata,
-- unsigned int tdatasize,
-- const unsigned char *mask)
-+target_same(struct rule_head *a, struct rule_head *b,const unsigned char *mask)
- {
- unsigned int i;
-- for (i = 0; i < tdatasize; i++)
-- if (((a_targdata[i] ^ b_targdata[i]) & mask[i]) != 0)
-+ STRUCT_ENTRY_TARGET *ta, *tb;
-+
-+ if (a->type != b->type)
-+ return 0;
-+
-+ ta = GET_TARGET(a->entry);
-+ tb = GET_TARGET(b->entry);
-+
-+ switch (a->type) {
-+ case IPTCC_R_FALLTHROUGH:
- return 1;
-+ case IPTCC_R_JUMP:
-+ return a->jump == b->jump;
-+ case IPTCC_R_STANDARD:
-+ return ((STRUCT_STANDARD_TARGET *)ta)->verdict
-+ == ((STRUCT_STANDARD_TARGET *)tb)->verdict;
-+ case IPTCC_R_MODULE:
-+ if (ta->u.target_size != tb->u.target_size)
-+ return 0;
-+ if (strcmp(ta->u.user.name, tb->u.user.name) != 0)
-+ return 0;
-
-+ for (i = 0; i < ta->u.target_size - sizeof(*ta); i++)
-+ if (((ta->data[i] ^ tb->data[i]) & mask[i]) != 0)
- return 0;
-+ return 1;
-+ default:
-+ fprintf(stderr, "ERROR: bad type %i\n", a->type);
-+ abort();
-+ }
- }
-
--static int
-+static unsigned char *
- is_same(const STRUCT_ENTRY *a,
- const STRUCT_ENTRY *b,
- unsigned char *matchmask);
-@@ -1069,88 +1497,106 @@
- unsigned char *matchmask,
- TC_HANDLE_T *handle)
- {
-- unsigned int offset;
-- struct chain_cache *c;
-- STRUCT_ENTRY *e, *fw;
-+ struct chain_head *c;
-+ struct rule_head *r, *i;
-
- iptc_fn = TC_DELETE_ENTRY;
-- if (!(c = find_label(chain, *handle))) {
-+ if (!(c = iptcc_find_label(chain, *handle))) {
- errno = ENOENT;
- return 0;
- }
-
-- fw = malloc(origfw->next_offset);
-- if (fw == NULL) {
-+ /* Create a rule_head from origfw. */
-+ r = iptcc_alloc_rule(c, origfw->next_offset);
-+ if (!r) {
- errno = ENOMEM;
- return 0;
- }
-
-- for (offset = entry2offset(*handle, c->start);
-- offset < entry2offset(*handle, c->end);
-- offset += e->next_offset) {
-- STRUCT_ENTRY_TARGET discard;
--
-- memcpy(fw, origfw, origfw->next_offset);
--
-- /* FIXME: handle this in is_same --RR */
-- if (!map_target(*handle, fw, offset, &discard)) {
-- free(fw);
-+ memcpy(r->entry, origfw, origfw->next_offset);
-+ r->counter_map.maptype = COUNTER_MAP_NOMAP;
-+ if (!iptcc_map_target(*handle, r)) {
-+ DEBUGP("unable to map target of rule for chain `%s'\n", chain);
-+ free(r);
- return 0;
- }
-- e = get_entry(*handle, offset);
-
--#if 0
-- printf("Deleting:\n");
-- dump_entry(newe);
--#endif
-- if (is_same(e, fw, matchmask)) {
-- int ret;
-- ret = delete_rules(1, e->next_offset,
-- offset, entry2index(*handle, e),
-- handle);
-- free(fw);
-- return ret;
-+ list_for_each_entry(i, &c->rules, list) {
-+ unsigned char *mask;
-+
-+ mask = is_same(r->entry, i->entry, matchmask);
-+ if (!mask)
-+ continue;
-+
-+ if (!target_same(r, i, mask))
-+ continue;
-+
-+ /* If we are about to delete the rule that is the
-+ * current iterator, move rule iterator back. next
-+ * pointer will then point to real next node */
-+ if (i == (*handle)->rule_iterator_cur) {
-+ (*handle)->rule_iterator_cur =
-+ list_entry((*handle)->rule_iterator_cur->list.prev,
-+ struct rule_head, list);
- }
-+
-+ c->num_rules--;
-+ iptcc_delete_rule(i);
-+
-+ set_changed(*handle);
-+ free(r);
-+ return 1;
- }
-
-- free(fw);
-+ free(r);
- errno = ENOENT;
- return 0;
- }
-
-+
- /* Delete the rule in position `rulenum' in `chain'. */
- int
- TC_DELETE_NUM_ENTRY(const IPT_CHAINLABEL chain,
- unsigned int rulenum,
- TC_HANDLE_T *handle)
- {
-- unsigned int index;
-- int ret;
-- STRUCT_ENTRY *e;
-- struct chain_cache *c;
-+ struct chain_head *c;
-+ struct rule_head *r;
-
- iptc_fn = TC_DELETE_NUM_ENTRY;
-- if (!(c = find_label(chain, *handle))) {
-+
-+ if (!(c = iptcc_find_label(chain, *handle))) {
- errno = ENOENT;
- return 0;
- }
-
-- index = entry2index(*handle, c->start) + rulenum;
--
-- if (index >= entry2index(*handle, c->end)) {
-+ if (rulenum >= c->num_rules) {
- errno = E2BIG;
- return 0;
- }
-
-- e = index2entry(*handle, index);
-- if (e == NULL) {
-- errno = EINVAL;
-- return 0;
-+ /* Take advantage of the double linked list if possible. */
-+ if (rulenum + 1 <= c->num_rules/2) {
-+ r = iptcc_get_rule_num(c, rulenum + 1);
-+ } else {
-+ r = iptcc_get_rule_num_reverse(c, c->num_rules - rulenum);
-+ }
-+
-+ /* If we are about to delete the rule that is the current
-+ * iterator, move rule iterator back. next pointer will then
-+ * point to real next node */
-+ if (r == (*handle)->rule_iterator_cur) {
-+ (*handle)->rule_iterator_cur =
-+ list_entry((*handle)->rule_iterator_cur->list.prev,
-+ struct rule_head, list);
- }
-
-- ret = delete_rules(1, e->next_offset, entry2offset(*handle, e),
-- index, handle);
-- return ret;
-+ c->num_rules--;
-+ iptcc_delete_rule(r);
-+
-+ set_changed(*handle);
-+
-+ return 1;
- }
-
- /* Check the packet `fw' on chain `chain'. Returns the verdict, or
-@@ -1160,6 +1606,7 @@
- STRUCT_ENTRY *entry,
- TC_HANDLE_T *handle)
- {
-+ iptc_fn = TC_CHECK_PACKET;
- errno = ENOSYS;
- return NULL;
- }
-@@ -1168,44 +1615,44 @@
- int
- TC_FLUSH_ENTRIES(const IPT_CHAINLABEL chain, TC_HANDLE_T *handle)
- {
-- unsigned int startindex, endindex;
-- struct chain_cache *c;
-- int ret;
-+ struct chain_head *c;
-+ struct rule_head *r, *tmp;
-
- iptc_fn = TC_FLUSH_ENTRIES;
-- if (!(c = find_label(chain, *handle))) {
-+ if (!(c = iptcc_find_label(chain, *handle))) {
- errno = ENOENT;
- return 0;
- }
-- startindex = entry2index(*handle, c->start);
-- endindex = entry2index(*handle, c->end);
-
-- ret = delete_rules(endindex - startindex,
-- (char *)c->end - (char *)c->start,
-- entry2offset(*handle, c->start), startindex,
-- handle);
-- return ret;
-+ list_for_each_entry_safe(r, tmp, &c->rules, list) {
-+ iptcc_delete_rule(r);
-+ }
-+
-+ c->num_rules = 0;
-+
-+ set_changed(*handle);
-+
-+ return 1;
- }
-
- /* Zeroes the counters in a chain. */
- int
- TC_ZERO_ENTRIES(const IPT_CHAINLABEL chain, TC_HANDLE_T *handle)
- {
-- unsigned int i, end;
-- struct chain_cache *c;
-+ struct chain_head *c;
-+ struct rule_head *r;
-
-- if (!(c = find_label(chain, *handle))) {
-+ iptc_fn = TC_ZERO_ENTRIES;
-+ if (!(c = iptcc_find_label(chain, *handle))) {
- errno = ENOENT;
- return 0;
- }
-
-- i = entry2index(*handle, c->start);
-- end = entry2index(*handle, c->end);
--
-- for (; i <= end; i++) {
-- if ((*handle)->counter_map[i].maptype ==COUNTER_MAP_NORMAL_MAP)
-- (*handle)->counter_map[i].maptype = COUNTER_MAP_ZEROED;
-+ list_for_each_entry(r, &c->rules, list) {
-+ if (r->counter_map.maptype == COUNTER_MAP_NORMAL_MAP)
-+ r->counter_map.maptype = COUNTER_MAP_ZEROED;
- }
-+
- set_changed(*handle);
-
- return 1;
-@@ -1216,29 +1663,23 @@
- unsigned int rulenum,
- TC_HANDLE_T *handle)
- {
-- STRUCT_ENTRY *e;
-- struct chain_cache *c;
-- unsigned int chainindex, end;
-+ struct chain_head *c;
-+ struct rule_head *r;
-
- iptc_fn = TC_READ_COUNTER;
- CHECK(*handle);
-
-- if (!(c = find_label(chain, *handle))) {
-+ if (!(c = iptcc_find_label(chain, *handle))) {
- errno = ENOENT;
- return NULL;
- }
-
-- chainindex = entry2index(*handle, c->start);
-- end = entry2index(*handle, c->end);
--
-- if (chainindex + rulenum > end) {
-+ if (!(r = iptcc_get_rule_num(c, rulenum))) {
- errno = E2BIG;
- return NULL;
- }
-
-- e = index2entry(*handle, chainindex + rulenum);
--
-- return &e->counters;
-+ return &r->entry[0].counters;
- }
-
- int
-@@ -1246,33 +1687,24 @@
- unsigned int rulenum,
- TC_HANDLE_T *handle)
- {
-- STRUCT_ENTRY *e;
-- struct chain_cache *c;
-- unsigned int chainindex, end;
-+ struct chain_head *c;
-+ struct rule_head *r;
-
- iptc_fn = TC_ZERO_COUNTER;
- CHECK(*handle);
-
-- if (!(c = find_label(chain, *handle))) {
-+ if (!(c = iptcc_find_label(chain, *handle))) {
- errno = ENOENT;
- return 0;
- }
-
-- chainindex = entry2index(*handle, c->start);
-- end = entry2index(*handle, c->end);
--
-- if (chainindex + rulenum > end) {
-+ if (!(r = iptcc_get_rule_num(c, rulenum))) {
- errno = E2BIG;
- return 0;
- }
-
-- e = index2entry(*handle, chainindex + rulenum);
--
--// if ((*handle)->counter_map[chainindex + rulenum].maptype
--// == COUNTER_MAP_NORMAL_MAP) {
-- (*handle)->counter_map[chainindex + rulenum].maptype
-- = COUNTER_MAP_ZEROED;
--// }
-+ if (r->counter_map.maptype == COUNTER_MAP_NORMAL_MAP)
-+ r->counter_map.maptype = COUNTER_MAP_ZEROED;
-
- set_changed(*handle);
-
-@@ -1285,30 +1717,25 @@
- STRUCT_COUNTERS *counters,
- TC_HANDLE_T *handle)
- {
-+ struct chain_head *c;
-+ struct rule_head *r;
- STRUCT_ENTRY *e;
-- struct chain_cache *c;
-- unsigned int chainindex, end;
-
- iptc_fn = TC_SET_COUNTER;
- CHECK(*handle);
-
-- if (!(c = find_label(chain, *handle))) {
-+ if (!(c = iptcc_find_label(chain, *handle))) {
- errno = ENOENT;
- return 0;
- }
-
-- chainindex = entry2index(*handle, c->start);
-- end = entry2index(*handle, c->end);
--
-- if (chainindex + rulenum > end) {
-+ if (!(r = iptcc_get_rule_num(c, rulenum))) {
- errno = E2BIG;
- return 0;
- }
-
-- e = index2entry(*handle, chainindex + rulenum);
--
-- (*handle)->counter_map[chainindex + rulenum].maptype
-- = COUNTER_MAP_SET;
-+ e = r->entry;
-+ r->counter_map.maptype = COUNTER_MAP_SET;
-
- memcpy(&e->counters, counters, sizeof(STRUCT_COUNTERS));
-
-@@ -1323,71 +1750,42 @@
- int
- TC_CREATE_CHAIN(const IPT_CHAINLABEL chain, TC_HANDLE_T *handle)
- {
-- int ret;
-- struct {
-- STRUCT_ENTRY head;
-- struct ipt_error_target name;
-- STRUCT_ENTRY ret;
-- STRUCT_STANDARD_TARGET target;
-- } newc;
-+ static struct chain_head *c;
-
- iptc_fn = TC_CREATE_CHAIN;
-
- /* find_label doesn't cover built-in targets: DROP, ACCEPT,
- QUEUE, RETURN. */
-- if (find_label(chain, *handle)
-+ if (iptcc_find_label(chain, *handle)
- || strcmp(chain, LABEL_DROP) == 0
- || strcmp(chain, LABEL_ACCEPT) == 0
- || strcmp(chain, LABEL_QUEUE) == 0
- || strcmp(chain, LABEL_RETURN) == 0) {
-+ DEBUGP("Chain `%s' already exists\n", chain);
- errno = EEXIST;
- return 0;
- }
-
- if (strlen(chain)+1 > sizeof(IPT_CHAINLABEL)) {
-+ DEBUGP("Chain name `%s' too long\n", chain);
- errno = EINVAL;
- return 0;
- }
-
-- memset(&newc, 0, sizeof(newc));
-- newc.head.target_offset = sizeof(STRUCT_ENTRY);
-- newc.head.next_offset
-- = sizeof(STRUCT_ENTRY)
-- + ALIGN(sizeof(struct ipt_error_target));
-- strcpy(newc.name.t.u.user.name, ERROR_TARGET);
-- newc.name.t.u.target_size = ALIGN(sizeof(struct ipt_error_target));
-- strcpy(newc.name.error, chain);
--
-- newc.ret.target_offset = sizeof(STRUCT_ENTRY);
-- newc.ret.next_offset
-- = sizeof(STRUCT_ENTRY)
-- + ALIGN(sizeof(STRUCT_STANDARD_TARGET));
-- strcpy(newc.target.target.u.user.name, STANDARD_TARGET);
-- newc.target.target.u.target_size
-- = ALIGN(sizeof(STRUCT_STANDARD_TARGET));
-- newc.target.verdict = RETURN;
--
-- /* Add just before terminal entry */
-- ret = insert_rules(2, sizeof(newc), &newc.head,
-- index2offset(*handle, (*handle)->new_number - 1),
-- (*handle)->new_number - 1,
-- 0, handle);
-- return ret;
--}
-+ c = iptcc_alloc_chain_head(chain, 0);
-+ if (!c) {
-+ DEBUGP("Cannot allocate memory for chain `%s'\n", chain);
-+ errno = ENOMEM;
-+ return 0;
-
--static int
--count_ref(STRUCT_ENTRY *e, unsigned int offset, unsigned int *ref)
--{
-- STRUCT_STANDARD_TARGET *t;
-+ }
-
-- if (strcmp(GET_TARGET(e)->u.user.name, STANDARD_TARGET) == 0) {
-- t = (STRUCT_STANDARD_TARGET *)GET_TARGET(e);
-+ DEBUGP("Creating chain `%s'\n", chain);
-+ list_add_tail(&c->list, &(*handle)->chains);
-
-- if (t->verdict == offset)
-- (*ref)++;
-- }
-+ set_changed(*handle);
-
-- return 0;
-+ return 1;
- }
-
- /* Get the number of references to this chain. */
-@@ -1395,17 +1793,16 @@
- TC_GET_REFERENCES(unsigned int *ref, const IPT_CHAINLABEL chain,
- TC_HANDLE_T *handle)
- {
-- struct chain_cache *c;
-+ struct chain_head *c;
-
-- if (!(c = find_label(chain, *handle))) {
-+ iptc_fn = TC_GET_REFERENCES;
-+ if (!(c = iptcc_find_label(chain, *handle))) {
- errno = ENOENT;
- return 0;
- }
-
-- *ref = 0;
-- ENTRY_ITERATE((*handle)->entries.entrytable,
-- (*handle)->entries.size,
-- count_ref, entry2offset(*handle, c->start), ref);
-+ *ref = c->references;
-+
- return 1;
- }
-
-@@ -1413,45 +1810,53 @@
- int
- TC_DELETE_CHAIN(const IPT_CHAINLABEL chain, TC_HANDLE_T *handle)
- {
-- unsigned int labelidx, labeloff;
- unsigned int references;
-- struct chain_cache *c;
-- int ret;
--
-- if (!TC_GET_REFERENCES(&references, chain, handle))
-- return 0;
-+ struct chain_head *c;
-
- iptc_fn = TC_DELETE_CHAIN;
-
-+ if (!(c = iptcc_find_label(chain, *handle))) {
-+ DEBUGP("cannot find chain `%s'\n", chain);
-+ errno = ENOENT;
-+ return 0;
-+ }
-+
- if (TC_BUILTIN(chain, *handle)) {
-+ DEBUGP("cannot remove builtin chain `%s'\n", chain);
- errno = EINVAL;
- return 0;
- }
-
-- if (references > 0) {
-- errno = EMLINK;
-+ if (!TC_GET_REFERENCES(&references, chain, handle)) {
-+ DEBUGP("cannot get references on chain `%s'\n", chain);
- return 0;
- }
-
-- if (!(c = find_label(chain, *handle))) {
-- errno = ENOENT;
-+ if (references > 0) {
-+ DEBUGP("chain `%s' still has references\n", chain);
-+ errno = EMLINK;
- return 0;
- }
-
-- if ((void *)c->start != c->end) {
-+ if (c->num_rules) {
-+ DEBUGP("chain `%s' is not empty\n", chain);
- errno = ENOTEMPTY;
- return 0;
- }
-
-- /* Need label index: preceeds chain start */
-- labelidx = entry2index(*handle, c->start) - 1;
-- labeloff = index2offset(*handle, labelidx);
--
-- ret = delete_rules(2,
-- get_entry(*handle, labeloff)->next_offset
-- + c->start->next_offset,
-- labeloff, labelidx, handle);
-- return ret;
-+ /* If we are about to delete the chain that is the current
-+ * iterator, move chain iterator firward. */
-+ if (c == (*handle)->chain_iterator_cur)
-+ iptcc_chain_iterator_advance(*handle);
-+
-+ list_del(&c->list);
-+ free(c);
-+
-+ DEBUGP("chain `%s' deleted\n", chain);
-+
-+ set_changed(*handle);
-+
-+ return 1;
- }
-
- /* Renames a chain. */
-@@ -1459,15 +1864,12 @@
- const IPT_CHAINLABEL newname,
- TC_HANDLE_T *handle)
- {
-- unsigned int labeloff, labelidx;
-- struct chain_cache *c;
-- struct ipt_error_target *t;
--
-+ struct chain_head *c;
- iptc_fn = TC_RENAME_CHAIN;
-
- /* find_label doesn't cover built-in targets: DROP, ACCEPT,
- QUEUE, RETURN. */
-- if (find_label(newname, *handle)
-+ if (iptcc_find_label(newname, *handle)
- || strcmp(newname, LABEL_DROP) == 0
- || strcmp(newname, LABEL_ACCEPT) == 0
- || strcmp(newname, LABEL_QUEUE) == 0
-@@ -1476,7 +1878,7 @@
- return 0;
- }
-
-- if (!(c = find_label(oldname, *handle))
-+ if (!(c = iptcc_find_label(oldname, *handle))
- || TC_BUILTIN(oldname, *handle)) {
- errno = ENOENT;
- return 0;
-@@ -1487,15 +1889,8 @@
- return 0;
- }
-
-- /* Need label index: preceeds chain start */
-- labelidx = entry2index(*handle, c->start) - 1;
-- labeloff = index2offset(*handle, labelidx);
-+ strncpy(c->name, newname, sizeof(IPT_CHAINLABEL));
-
-- t = (struct ipt_error_target *)
-- GET_TARGET(get_entry(*handle, labeloff));
--
-- memset(t->error, 0, sizeof(t->error));
-- strcpy(t->error, newname);
- set_changed(*handle);
-
- return 1;
-@@ -1508,51 +1903,37 @@
- STRUCT_COUNTERS *counters,
- TC_HANDLE_T *handle)
- {
-- unsigned int hook;
-- unsigned int policyoff, ctrindex;
-- STRUCT_ENTRY *e;
-- STRUCT_STANDARD_TARGET *t;
-+ struct chain_head *c;
-
- iptc_fn = TC_SET_POLICY;
-- /* Figure out which chain. */
-- hook = TC_BUILTIN(chain, *handle);
-- if (hook == 0) {
-+
-+ if (!(c = iptcc_find_label(chain, *handle))) {
-+ DEBUGP("cannot find chain `%s'\n", chain);
- errno = ENOENT;
- return 0;
-- } else
-- hook--;
-+ }
-
-- policyoff = get_chain_end(*handle, (*handle)->info.hook_entry[hook]);
-- if (policyoff != (*handle)->info.underflow[hook]) {
-- printf("ERROR: Policy for `%s' offset %u != underflow %u\n",
-- chain, policyoff, (*handle)->info.underflow[hook]);
-+ if (!iptcc_is_builtin(c)) {
-+ DEBUGP("cannot set policy of userdefinedchain `%s'\n", chain);
-+ errno = ENOENT;
- return 0;
- }
-
-- e = get_entry(*handle, policyoff);
-- t = (STRUCT_STANDARD_TARGET *)GET_TARGET(e);
--
- if (strcmp(policy, LABEL_ACCEPT) == 0)
-- t->verdict = -NF_ACCEPT - 1;
-+ c->verdict = -NF_ACCEPT - 1;
- else if (strcmp(policy, LABEL_DROP) == 0)
-- t->verdict = -NF_DROP - 1;
-+ c->verdict = -NF_DROP - 1;
- else {
- errno = EINVAL;
- return 0;
- }
-
-- ctrindex = entry2index(*handle, e);
--
- if (counters) {
- /* set byte and packet counters */
-- memcpy(&e->counters, counters, sizeof(STRUCT_COUNTERS));
--
-- (*handle)->counter_map[ctrindex].maptype
-- = COUNTER_MAP_SET;
--
-+ memcpy(&c->counters, counters, sizeof(STRUCT_COUNTERS));
-+ c->counter_map.maptype = COUNTER_MAP_SET;
- } else {
-- (*handle)->counter_map[ctrindex]
-- = ((struct counter_map){ COUNTER_MAP_NOMAP, 0 });
-+ c->counter_map.maptype = COUNTER_MAP_NOMAP;
- }
-
- set_changed(*handle);
-@@ -1575,31 +1956,100 @@
- answer->bcnt = a->bcnt - b->bcnt;
- }
-
-+
-+static void counters_nomap(STRUCT_COUNTERS_INFO *newcounters,
-+ unsigned int index)
-+{
-+ newcounters->counters[index] = ((STRUCT_COUNTERS) { 0, 0});
-+ DEBUGP_C("NOMAP => zero\n");
-+}
-+
-+static void counters_normal_map(STRUCT_COUNTERS_INFO *newcounters,
-+ STRUCT_REPLACE *repl,
-+ unsigned int index,
-+ unsigned int mappos)
-+{
-+ /* Original read: X.
-+ * Atomic read on replacement: X + Y.
-+ * Currently in kernel: Z.
-+ * Want in kernel: X + Y + Z.
-+ * => Add in X + Y
-+ * => Add in replacement read.
-+ */
-+ newcounters->counters[index] = repl->counters[mappos];
-+ DEBUGP_C("NORMAL_MAP => mappos %u \n", mappos);
-+}
-+
-+static void counters_map_zeroed(STRUCT_COUNTERS_INFO *newcounters,
-+ STRUCT_REPLACE *repl,
-+ unsigned int index,
-+ unsigned int mappos,
-+ STRUCT_COUNTERS *counters)
-+{
-+ /* Original read: X.
-+ * Atomic read on replacement: X + Y.
-+ * Currently in kernel: Z.
-+ * Want in kernel: Y + Z.
-+ * => Add in Y.
-+ * => Add in (replacement read - original read).
-+ */
-+ subtract_counters(&newcounters->counters[index],
-+ &repl->counters[mappos],
-+ counters);
-+ DEBUGP_C("ZEROED => mappos %u\n", mappos);
-+}
-+
-+static void counters_map_set(STRUCT_COUNTERS_INFO *newcounters,
-+ unsigned int index,
-+ STRUCT_COUNTERS *counters)
-+{
-+ /* Want to set counter (iptables-restore) */
-+
-+ memcpy(&newcounters->counters[index], counters,
-+ sizeof(STRUCT_COUNTERS));
-+
-+ DEBUGP_C("SET\n");
-+}
-+
-+
- int
- TC_COMMIT(TC_HANDLE_T *handle)
- {
- /* Replace, then map back the counters. */
- STRUCT_REPLACE *repl;
- STRUCT_COUNTERS_INFO *newcounters;
-- unsigned int i;
-- size_t counterlen
-- = sizeof(STRUCT_COUNTERS_INFO)
-- + sizeof(STRUCT_COUNTERS) * (*handle)->new_number;
-+ struct chain_head *c;
-+ int ret;
-+ size_t counterlen;
-+ int new_number;
-+ unsigned int new_size;
-
-+ iptc_fn = TC_COMMIT;
- CHECK(*handle);
--#if 0
-- TC_DUMP_ENTRIES(*handle);
--#endif
-
- /* Don't commit if nothing changed. */
- if (!(*handle)->changed)
- goto finished;
-
-- repl = malloc(sizeof(*repl) + (*handle)->entries.size);
-+ new_number = iptcc_compile_table_prep(*handle, &new_size);
-+ if (new_number < 0) {
-+ errno = ENOMEM;
-+ return 0;
-+ }
-+
-+ repl = malloc(sizeof(*repl) + new_size);
- if (!repl) {
- errno = ENOMEM;
- return 0;
- }
-+ memset(repl, 0, sizeof(*repl) + new_size);
-+
-+#if 0
-+ TC_DUMP_ENTRIES(*handle);
-+#endif
-+
-+ counterlen = sizeof(STRUCT_COUNTERS_INFO)
-+ + sizeof(STRUCT_COUNTERS) * new_number;
-
- /* These are the old counters we will get from kernel */
- repl->counters = malloc(sizeof(STRUCT_COUNTERS)
-@@ -1609,7 +2059,6 @@
- errno = ENOMEM;
- return 0;
- }
--
- /* These are the counters we're going to put back, later. */
- newcounters = malloc(counterlen);
- if (!newcounters) {
-@@ -1618,21 +2067,40 @@
- errno = ENOMEM;
- return 0;
- }
-+ memset(newcounters, 0, counterlen);
-
- strcpy(repl->name, (*handle)->info.name);
-- repl->num_entries = (*handle)->new_number;
-- repl->size = (*handle)->entries.size;
-- memcpy(repl->hook_entry, (*handle)->info.hook_entry,
-- sizeof(repl->hook_entry));
-- memcpy(repl->underflow, (*handle)->info.underflow,
-- sizeof(repl->underflow));
-+ repl->num_entries = new_number;
-+ repl->size = new_size;
-+
- repl->num_counters = (*handle)->info.num_entries;
- repl->valid_hooks = (*handle)->info.valid_hooks;
-- memcpy(repl->entries, (*handle)->entries.entrytable,
-- (*handle)->entries.size);
-+
-+ DEBUGP("num_entries=%u, size=%u, num_counters=%u\n",
-+ repl->num_entries, repl->size, repl->num_counters);
-+
-+ ret = iptcc_compile_table(*handle, repl);
-+ if (ret < 0) {
-+ errno = ret;
-+ free(repl->counters);
-+ free(repl);
-+ return 0;
-+ }
-+
-+
-+#ifdef IPTC_DEBUG2
-+ {
-+ int fd = open("/tmp/libiptc-so_set_replace.blob",
-+ O_CREAT|O_WRONLY);
-+ if (fd >= 0) {
-+ write(fd, repl, sizeof(*repl) + repl->size);
-+ close(fd);
-+ }
-+ }
-+#endif
-
- if (setsockopt(sockfd, TC_IPPROTO, SO_SET_REPLACE, repl,
-- sizeof(*repl) + (*handle)->entries.size) < 0) {
-+ sizeof(*repl) + repl->size) < 0) {
- free(repl->counters);
- free(repl);
- free(newcounters);
-@@ -1641,49 +2109,64 @@
-
- /* Put counters back. */
- strcpy(newcounters->name, (*handle)->info.name);
-- newcounters->num_counters = (*handle)->new_number;
-- for (i = 0; i < (*handle)->new_number; i++) {
-- unsigned int mappos = (*handle)->counter_map[i].mappos;
-- switch ((*handle)->counter_map[i].maptype) {
-+ newcounters->num_counters = new_number;
-+
-+ list_for_each_entry(c, &(*handle)->chains, list) {
-+ struct rule_head *r;
-+
-+ /* Builtin chains have their own counters */
-+ if (iptcc_is_builtin(c)) {
-+ DEBUGP("counter for chain-index %u: ", c->foot_index);
-+ switch(c->counter_map.maptype) {
-+ case COUNTER_MAP_NOMAP:
-+ counters_nomap(newcounters, c->foot_index);
-+ break;
-+ case COUNTER_MAP_NORMAL_MAP:
-+ counters_normal_map(newcounters, repl,
-+ c->foot_index,
-+ c->counter_map.mappos);
-+ break;
-+ case COUNTER_MAP_ZEROED:
-+ counters_map_zeroed(newcounters, repl,
-+ c->foot_index,
-+ c->counter_map.mappos,
-+ &c->counters);
-+ break;
-+ case COUNTER_MAP_SET:
-+ counters_map_set(newcounters, c->foot_index,
-+ &c->counters);
-+ break;
-+ }
-+ }
-+
-+ list_for_each_entry(r, &c->rules, list) {
-+ DEBUGP("counter for index %u: ", r->index);
-+ switch (r->counter_map.maptype) {
- case COUNTER_MAP_NOMAP:
-- newcounters->counters[i]
-- = ((STRUCT_COUNTERS){ 0, 0 });
-+ counters_nomap(newcounters, r->index);
- break;
-
- case COUNTER_MAP_NORMAL_MAP:
-- /* Original read: X.
-- * Atomic read on replacement: X + Y.
-- * Currently in kernel: Z.
-- * Want in kernel: X + Y + Z.
-- * => Add in X + Y
-- * => Add in replacement read.
-- */
-- newcounters->counters[i] = repl->counters[mappos];
-+ counters_normal_map(newcounters, repl,
-+ r->index,
-+ r->counter_map.mappos);
- break;
-
- case COUNTER_MAP_ZEROED:
-- /* Original read: X.
-- * Atomic read on replacement: X + Y.
-- * Currently in kernel: Z.
-- * Want in kernel: Y + Z.
-- * => Add in Y.
-- * => Add in (replacement read - original read).
-- */
-- subtract_counters(&newcounters->counters[i],
-- &repl->counters[mappos],
-- &index2entry(*handle, i)->counters);
-+ counters_map_zeroed(newcounters, repl,
-+ r->index,
-+ r->counter_map.mappos,
-+ &r->entry->counters);
- break;
-
- case COUNTER_MAP_SET:
-- /* Want to set counter (iptables-restore) */
--
-- memcpy(&newcounters->counters[i],
-- &index2entry(*handle, i)->counters,
-- sizeof(STRUCT_COUNTERS));
--
-+ counters_map_set(newcounters, r->index,
-+ &r->entry->counters);
- break;
- }
- }
-+ }
-+
-
- #ifdef KERNEL_64_USERSPACE_32
- {
-@@ -1696,10 +2179,21 @@
- "counters alignment incorrect! Mail rusty!\n");
- abort();
- }
-- *kernptr = &newcounters->counters;
-+ *kernptr = newcounters->counters;
- }
- #endif /* KERNEL_64_USERSPACE_32 */
-
-+#ifdef IPTC_DEBUG2
-+ {
-+ int fd = open("/tmp/libiptc-so_set_add_counters.blob",
-+ O_CREAT|O_WRONLY);
-+ if (fd >= 0) {
-+ write(fd, newcounters, counterlen);
-+ close(fd);
-+ }
-+ }
-+#endif
-+
- if (setsockopt(sockfd, TC_IPPROTO, SO_SET_ADD_COUNTERS,
- newcounters, counterlen) < 0) {
- free(repl->counters);
-@@ -1713,10 +2207,7 @@
- free(newcounters);
-
- finished:
-- if ((*handle)->cache_chain_heads)
-- free((*handle)->cache_chain_heads);
-- free(*handle);
-- *handle = NULL;
-+ TC_FREE(handle);
- return 1;
- }
-
-diff -Nur ipac-ng-1.31.orig/agents/iptables/libiptc.h ipac-ng-1.31/agents/iptables/libiptc.h
---- ipac-ng-1.31.orig/agents/iptables/libiptc.h 2003-07-06 10:33:17.000000000 +0000
-+++ ipac-ng-1.31/agents/iptables/libiptc.h 2006-01-10 21:01:39.000000000 +0000
-@@ -1,7 +1,3 @@
--#ifndef NETFILTER_VERSION
--#define NETFILTER_VERSION "1.2.5"
--#endif
--
- #ifndef _LIBIPTC_H
- #define _LIBIPTC_H
- /* Library which manipulates filtering rules. */
-@@ -38,6 +34,9 @@
- /* Take a snapshot of the rules. Returns NULL on error. */
- iptc_handle_t iptc_init(const char *tablename);
-
-+/* Cleanup after iptc_init(). */
-+void iptc_free(iptc_handle_t *h);
-+
- /* Iterator functions to run through the chains. Returns NULL at end. */
- const char *iptc_first_chain(iptc_handle_t *handle);
- const char *iptc_next_chain(iptc_handle_t *handle);
-diff -Nur ipac-ng-1.31.orig/agents/iptables/linux_list.h ipac-ng-1.31/agents/iptables/linux_list.h
---- ipac-ng-1.31.orig/agents/iptables/linux_list.h 1970-01-01 00:00:00.000000000 +0000
-+++ ipac-ng-1.31/agents/iptables/linux_list.h 2006-01-10 21:01:39.000000000 +0000
-@@ -0,0 +1,723 @@
-+#ifndef _LINUX_LIST_H
-+#define _LINUX_LIST_H
-+
-+#undef offsetof
-+#define offsetof(TYPE, MEMBER) ((size_t) &((TYPE *)0)->MEMBER)
-+
-+/**
-+ * container_of - cast a member of a structure out to the containing structure
-+ *
-+ * @ptr: the pointer to the member.
-+ * @type: the type of the container struct this is embedded in.
-+ * @member: the name of the member within the struct.
-+ *
-+ */
-+#define container_of(ptr, type, member) ({ \
-+ const typeof( ((type *)0)->member ) *__mptr = (ptr); \
-+ (type *)( (char *)__mptr - offsetof(type,member) );})
-+
-+/*
-+ * Check at compile time that something is of a particular type.
-+ * Always evaluates to 1 so you may use it easily in comparisons.
-+ */
-+#define typecheck(type,x) \
-+({ type __dummy; \
-+ typeof(x) __dummy2; \
-+ (void)(&__dummy == &__dummy2); \
-+ 1; \
-+})
-+
-+#define prefetch(x) 1
-+
-+/* empty define to make this work in userspace -HW */
-+#define smp_wmb()
-+
-+/*
-+ * These are non-NULL pointers that will result in page faults
-+ * under normal circumstances, used to verify that nobody uses
-+ * non-initialized list entries.
-+ */
-+#define LIST_POISON1 ((void *) 0x00100100)
-+#define LIST_POISON2 ((void *) 0x00200200)
-+
-+/*
-+ * Simple doubly linked list implementation.
-+ *
-+ * Some of the internal functions ("__xxx") are useful when
-+ * manipulating whole lists rather than single entries, as
-+ * sometimes we already know the next/prev entries and we can
-+ * generate better code by using them directly rather than
-+ * using the generic single-entry routines.
-+ */
-+
-+struct list_head {
-+ struct list_head *next, *prev;
-+};
-+
-+#define LIST_HEAD_INIT(name) { &(name), &(name) }
-+
-+#define LIST_HEAD(name) \
-+ struct list_head name = LIST_HEAD_INIT(name)
-+
-+#define INIT_LIST_HEAD(ptr) do { \
-+ (ptr)->next = (ptr); (ptr)->prev = (ptr); \
-+} while (0)
-+
-+/*
-+ * Insert a new entry between two known consecutive entries.
-+ *
-+ * This is only for internal list manipulation where we know
-+ * the prev/next entries already!
-+ */
-+static inline void __list_add(struct list_head *new,
-+ struct list_head *prev,
-+ struct list_head *next)
-+{
-+ next->prev = new;
-+ new->next = next;
-+ new->prev = prev;
-+ prev->next = new;
-+}
-+
-+/**
-+ * list_add - add a new entry
-+ * @new: new entry to be added
-+ * @head: list head to add it after
-+ *
-+ * Insert a new entry after the specified head.
-+ * This is good for implementing stacks.
-+ */
-+static inline void list_add(struct list_head *new, struct list_head *head)
-+{
-+ __list_add(new, head, head->next);
-+}
-+
-+/**
-+ * list_add_tail - add a new entry
-+ * @new: new entry to be added
-+ * @head: list head to add it before
-+ *
-+ * Insert a new entry before the specified head.
-+ * This is useful for implementing queues.
-+ */
-+static inline void list_add_tail(struct list_head *new, struct list_head *head)
-+{
-+ __list_add(new, head->prev, head);
-+}
-+
-+/*
-+ * Insert a new entry between two known consecutive entries.
-+ *
-+ * This is only for internal list manipulation where we know
-+ * the prev/next entries already!
-+ */
-+static inline void __list_add_rcu(struct list_head * new,
-+ struct list_head * prev, struct list_head * next)
-+{
-+ new->next = next;
-+ new->prev = prev;
-+ smp_wmb();
-+ next->prev = new;
-+ prev->next = new;
-+}
-+
-+/**
-+ * list_add_rcu - add a new entry to rcu-protected list
-+ * @new: new entry to be added
-+ * @head: list head to add it after
-+ *
-+ * Insert a new entry after the specified head.
-+ * This is good for implementing stacks.
-+ *
-+ * The caller must take whatever precautions are necessary
-+ * (such as holding appropriate locks) to avoid racing
-+ * with another list-mutation primitive, such as list_add_rcu()
-+ * or list_del_rcu(), running on this same list.
-+ * However, it is perfectly legal to run concurrently with
-+ * the _rcu list-traversal primitives, such as
-+ * list_for_each_entry_rcu().
-+ */
-+static inline void list_add_rcu(struct list_head *new, struct list_head *head)
-+{
-+ __list_add_rcu(new, head, head->next);
-+}
-+
-+/**
-+ * list_add_tail_rcu - add a new entry to rcu-protected list
-+ * @new: new entry to be added
-+ * @head: list head to add it before
-+ *
-+ * Insert a new entry before the specified head.
-+ * This is useful for implementing queues.
-+ *
-+ * The caller must take whatever precautions are necessary
-+ * (such as holding appropriate locks) to avoid racing
-+ * with another list-mutation primitive, such as list_add_tail_rcu()
-+ * or list_del_rcu(), running on this same list.
-+ * However, it is perfectly legal to run concurrently with
-+ * the _rcu list-traversal primitives, such as
-+ * list_for_each_entry_rcu().
-+ */
-+static inline void list_add_tail_rcu(struct list_head *new,
-+ struct list_head *head)
-+{
-+ __list_add_rcu(new, head->prev, head);
-+}
-+
-+/*
-+ * Delete a list entry by making the prev/next entries
-+ * point to each other.
-+ *
-+ * This is only for internal list manipulation where we know
-+ * the prev/next entries already!
-+ */
-+static inline void __list_del(struct list_head * prev, struct list_head * next)
-+{
-+ next->prev = prev;
-+ prev->next = next;
-+}
-+
-+/**
-+ * list_del - deletes entry from list.
-+ * @entry: the element to delete from the list.
-+ * Note: list_empty on entry does not return true after this, the entry is
-+ * in an undefined state.
-+ */
-+static inline void list_del(struct list_head *entry)
-+{
-+ __list_del(entry->prev, entry->next);
-+ entry->next = LIST_POISON1;
-+ entry->prev = LIST_POISON2;
-+}
-+
-+/**
-+ * list_del_rcu - deletes entry from list without re-initialization
-+ * @entry: the element to delete from the list.
-+ *
-+ * Note: list_empty on entry does not return true after this,
-+ * the entry is in an undefined state. It is useful for RCU based
-+ * lockfree traversal.
-+ *
-+ * In particular, it means that we can not poison the forward
-+ * pointers that may still be used for walking the list.
-+ *
-+ * The caller must take whatever precautions are necessary
-+ * (such as holding appropriate locks) to avoid racing
-+ * with another list-mutation primitive, such as list_del_rcu()
-+ * or list_add_rcu(), running on this same list.
-+ * However, it is perfectly legal to run concurrently with
-+ * the _rcu list-traversal primitives, such as
-+ * list_for_each_entry_rcu().
-+ *
-+ * Note that the caller is not permitted to immediately free
-+ * the newly deleted entry. Instead, either synchronize_kernel()
-+ * or call_rcu() must be used to defer freeing until an RCU
-+ * grace period has elapsed.
-+ */
-+static inline void list_del_rcu(struct list_head *entry)
-+{
-+ __list_del(entry->prev, entry->next);
-+ entry->prev = LIST_POISON2;
-+}
-+
-+/**
-+ * list_del_init - deletes entry from list and reinitialize it.
-+ * @entry: the element to delete from the list.
-+ */
-+static inline void list_del_init(struct list_head *entry)
-+{
-+ __list_del(entry->prev, entry->next);
-+ INIT_LIST_HEAD(entry);
-+}
-+
-+/**
-+ * list_move - delete from one list and add as another's head
-+ * @list: the entry to move
-+ * @head: the head that will precede our entry
-+ */
-+static inline void list_move(struct list_head *list, struct list_head *head)
-+{
-+ __list_del(list->prev, list->next);
-+ list_add(list, head);
-+}
-+
-+/**
-+ * list_move_tail - delete from one list and add as another's tail
-+ * @list: the entry to move
-+ * @head: the head that will follow our entry
-+ */
-+static inline void list_move_tail(struct list_head *list,
-+ struct list_head *head)
-+{
-+ __list_del(list->prev, list->next);
-+ list_add_tail(list, head);
-+}
-+
-+/**
-+ * list_empty - tests whether a list is empty
-+ * @head: the list to test.
-+ */
-+static inline int list_empty(const struct list_head *head)
-+{
-+ return head->next == head;
-+}
-+
-+/**
-+ * list_empty_careful - tests whether a list is
-+ * empty _and_ checks that no other CPU might be
-+ * in the process of still modifying either member
-+ *
-+ * NOTE: using list_empty_careful() without synchronization
-+ * can only be safe if the only activity that can happen
-+ * to the list entry is list_del_init(). Eg. it cannot be used
-+ * if another CPU could re-list_add() it.
-+ *
-+ * @head: the list to test.
-+ */
-+static inline int list_empty_careful(const struct list_head *head)
-+{
-+ struct list_head *next = head->next;
-+ return (next == head) && (next == head->prev);
-+}
-+
-+static inline void __list_splice(struct list_head *list,
-+ struct list_head *head)
-+{
-+ struct list_head *first = list->next;
-+ struct list_head *last = list->prev;
-+ struct list_head *at = head->next;
-+
-+ first->prev = head;
-+ head->next = first;
-+
-+ last->next = at;
-+ at->prev = last;
-+}
-+
-+/**
-+ * list_splice - join two lists
-+ * @list: the new list to add.
-+ * @head: the place to add it in the first list.
-+ */
-+static inline void list_splice(struct list_head *list, struct list_head *head)
-+{
-+ if (!list_empty(list))
-+ __list_splice(list, head);
-+}
-+
-+/**
-+ * list_splice_init - join two lists and reinitialise the emptied list.
-+ * @list: the new list to add.
-+ * @head: the place to add it in the first list.
-+ *
-+ * The list at @list is reinitialised
-+ */
-+static inline void list_splice_init(struct list_head *list,
-+ struct list_head *head)
-+{
-+ if (!list_empty(list)) {
-+ __list_splice(list, head);
-+ INIT_LIST_HEAD(list);
-+ }
-+}
-+
-+/**
-+ * list_entry - get the struct for this entry
-+ * @ptr: the &struct list_head pointer.
-+ * @type: the type of the struct this is embedded in.
-+ * @member: the name of the list_struct within the struct.
-+ */
-+#define list_entry(ptr, type, member) \
-+ container_of(ptr, type, member)
-+
-+/**
-+ * list_for_each - iterate over a list
-+ * @pos: the &struct list_head to use as a loop counter.
-+ * @head: the head for your list.
-+ */
-+#define list_for_each(pos, head) \
-+ for (pos = (head)->next, prefetch(pos->next); pos != (head); \
-+ pos = pos->next, prefetch(pos->next))
-+
-+/**
-+ * __list_for_each - iterate over a list
-+ * @pos: the &struct list_head to use as a loop counter.
-+ * @head: the head for your list.
-+ *
-+ * This variant differs from list_for_each() in that it's the
-+ * simplest possible list iteration code, no prefetching is done.
-+ * Use this for code that knows the list to be very short (empty
-+ * or 1 entry) most of the time.
-+ */
-+#define __list_for_each(pos, head) \
-+ for (pos = (head)->next; pos != (head); pos = pos->next)
-+
-+/**
-+ * list_for_each_prev - iterate over a list backwards
-+ * @pos: the &struct list_head to use as a loop counter.
-+ * @head: the head for your list.
-+ */
-+#define list_for_each_prev(pos, head) \
-+ for (pos = (head)->prev, prefetch(pos->prev); pos != (head); \
-+ pos = pos->prev, prefetch(pos->prev))
-+
-+/**
-+ * list_for_each_safe - iterate over a list safe against removal of list entry
-+ * @pos: the &struct list_head to use as a loop counter.
-+ * @n: another &struct list_head to use as temporary storage
-+ * @head: the head for your list.
-+ */
-+#define list_for_each_safe(pos, n, head) \
-+ for (pos = (head)->next, n = pos->next; pos != (head); \
-+ pos = n, n = pos->next)
-+
-+/**
-+ * list_for_each_entry - iterate over list of given type
-+ * @pos: the type * to use as a loop counter.
-+ * @head: the head for your list.
-+ * @member: the name of the list_struct within the struct.
-+ */
-+#define list_for_each_entry(pos, head, member) \
-+ for (pos = list_entry((head)->next, typeof(*pos), member), \
-+ prefetch(pos->member.next); \
-+ &pos->member != (head); \
-+ pos = list_entry(pos->member.next, typeof(*pos), member), \
-+ prefetch(pos->member.next))
-+
-+/**
-+ * list_for_each_entry_reverse - iterate backwards over list of given type.
-+ * @pos: the type * to use as a loop counter.
-+ * @head: the head for your list.
-+ * @member: the name of the list_struct within the struct.
-+ */
-+#define list_for_each_entry_reverse(pos, head, member) \
-+ for (pos = list_entry((head)->prev, typeof(*pos), member), \
-+ prefetch(pos->member.prev); \
-+ &pos->member != (head); \
-+ pos = list_entry(pos->member.prev, typeof(*pos), member), \
-+ prefetch(pos->member.prev))
-+
-+/**
-+ * list_prepare_entry - prepare a pos entry for use as a start point in
-+ * list_for_each_entry_continue
-+ * @pos: the type * to use as a start point
-+ * @head: the head of the list
-+ * @member: the name of the list_struct within the struct.
-+ */
-+#define list_prepare_entry(pos, head, member) \
-+ ((pos) ? : list_entry(head, typeof(*pos), member))
-+
-+/**
-+ * list_for_each_entry_continue - iterate over list of given type
-+ * continuing after existing point
-+ * @pos: the type * to use as a loop counter.
-+ * @head: the head for your list.
-+ * @member: the name of the list_struct within the struct.
-+ */
-+#define list_for_each_entry_continue(pos, head, member) \
-+ for (pos = list_entry(pos->member.next, typeof(*pos), member), \
-+ prefetch(pos->member.next); \
-+ &pos->member != (head); \
-+ pos = list_entry(pos->member.next, typeof(*pos), member), \
-+ prefetch(pos->member.next))
-+
-+/**
-+ * list_for_each_entry_safe - iterate over list of given type safe against removal of list entry
-+ * @pos: the type * to use as a loop counter.
-+ * @n: another type * to use as temporary storage
-+ * @head: the head for your list.
-+ * @member: the name of the list_struct within the struct.
-+ */
-+#define list_for_each_entry_safe(pos, n, head, member) \
-+ for (pos = list_entry((head)->next, typeof(*pos), member), \
-+ n = list_entry(pos->member.next, typeof(*pos), member); \
-+ &pos->member != (head); \
-+ pos = n, n = list_entry(n->member.next, typeof(*n), member))
-+
-+/**
-+ * list_for_each_rcu - iterate over an rcu-protected list
-+ * @pos: the &struct list_head to use as a loop counter.
-+ * @head: the head for your list.
-+ *
-+ * This list-traversal primitive may safely run concurrently with
-+ * the _rcu list-mutation primitives such as list_add_rcu()
-+ * as long as the traversal is guarded by rcu_read_lock().
-+ */
-+#define list_for_each_rcu(pos, head) \
-+ for (pos = (head)->next, prefetch(pos->next); pos != (head); \
-+ pos = pos->next, ({ smp_read_barrier_depends(); 0;}), prefetch(pos->next))
-+
-+#define __list_for_each_rcu(pos, head) \
-+ for (pos = (head)->next; pos != (head); \
-+ pos = pos->next, ({ smp_read_barrier_depends(); 0;}))
-+
-+/**
-+ * list_for_each_safe_rcu - iterate over an rcu-protected list safe
-+ * against removal of list entry
-+ * @pos: the &struct list_head to use as a loop counter.
-+ * @n: another &struct list_head to use as temporary storage
-+ * @head: the head for your list.
-+ *
-+ * This list-traversal primitive may safely run concurrently with
-+ * the _rcu list-mutation primitives such as list_add_rcu()
-+ * as long as the traversal is guarded by rcu_read_lock().
-+ */
-+#define list_for_each_safe_rcu(pos, n, head) \
-+ for (pos = (head)->next, n = pos->next; pos != (head); \
-+ pos = n, ({ smp_read_barrier_depends(); 0;}), n = pos->next)
-+
-+/**
-+ * list_for_each_entry_rcu - iterate over rcu list of given type
-+ * @pos: the type * to use as a loop counter.
-+ * @head: the head for your list.
-+ * @member: the name of the list_struct within the struct.
-+ *
-+ * This list-traversal primitive may safely run concurrently with
-+ * the _rcu list-mutation primitives such as list_add_rcu()
-+ * as long as the traversal is guarded by rcu_read_lock().
-+ */
-+#define list_for_each_entry_rcu(pos, head, member) \
-+ for (pos = list_entry((head)->next, typeof(*pos), member), \
-+ prefetch(pos->member.next); \
-+ &pos->member != (head); \
-+ pos = list_entry(pos->member.next, typeof(*pos), member), \
-+ ({ smp_read_barrier_depends(); 0;}), \
-+ prefetch(pos->member.next))
-+
-+
-+/**
-+ * list_for_each_continue_rcu - iterate over an rcu-protected list
-+ * continuing after existing point.
-+ * @pos: the &struct list_head to use as a loop counter.
-+ * @head: the head for your list.
-+ *
-+ * This list-traversal primitive may safely run concurrently with
-+ * the _rcu list-mutation primitives such as list_add_rcu()
-+ * as long as the traversal is guarded by rcu_read_lock().
-+ */
-+#define list_for_each_continue_rcu(pos, head) \
-+ for ((pos) = (pos)->next, prefetch((pos)->next); (pos) != (head); \
-+ (pos) = (pos)->next, ({ smp_read_barrier_depends(); 0;}), prefetch((pos)->next))
-+
-+/*
-+ * Double linked lists with a single pointer list head.
-+ * Mostly useful for hash tables where the two pointer list head is
-+ * too wasteful.
-+ * You lose the ability to access the tail in O(1).
-+ */
-+
-+struct hlist_head {
-+ struct hlist_node *first;
-+};
-+
-+struct hlist_node {
-+ struct hlist_node *next, **pprev;
-+};
-+
-+#define HLIST_HEAD_INIT { .first = NULL }
-+#define HLIST_HEAD(name) struct hlist_head name = { .first = NULL }
-+#define INIT_HLIST_HEAD(ptr) ((ptr)->first = NULL)
-+#define INIT_HLIST_NODE(ptr) ((ptr)->next = NULL, (ptr)->pprev = NULL)
-+
-+static inline int hlist_unhashed(const struct hlist_node *h)
-+{
-+ return !h->pprev;
-+}
-+
-+static inline int hlist_empty(const struct hlist_head *h)
-+{
-+ return !h->first;
-+}
-+
-+static inline void __hlist_del(struct hlist_node *n)
-+{
-+ struct hlist_node *next = n->next;
-+ struct hlist_node **pprev = n->pprev;
-+ *pprev = next;
-+ if (next)
-+ next->pprev = pprev;
-+}
-+
-+static inline void hlist_del(struct hlist_node *n)
-+{
-+ __hlist_del(n);
-+ n->next = LIST_POISON1;
-+ n->pprev = LIST_POISON2;
-+}
-+
-+/**
-+ * hlist_del_rcu - deletes entry from hash list without re-initialization
-+ * @n: the element to delete from the hash list.
-+ *
-+ * Note: list_unhashed() on entry does not return true after this,
-+ * the entry is in an undefined state. It is useful for RCU based
-+ * lockfree traversal.
-+ *
-+ * In particular, it means that we can not poison the forward
-+ * pointers that may still be used for walking the hash list.
-+ *
-+ * The caller must take whatever precautions are necessary
-+ * (such as holding appropriate locks) to avoid racing
-+ * with another list-mutation primitive, such as hlist_add_head_rcu()
-+ * or hlist_del_rcu(), running on this same list.
-+ * However, it is perfectly legal to run concurrently with
-+ * the _rcu list-traversal primitives, such as
-+ * hlist_for_each_entry().
-+ */
-+static inline void hlist_del_rcu(struct hlist_node *n)
-+{
-+ __hlist_del(n);
-+ n->pprev = LIST_POISON2;
-+}
-+
-+static inline void hlist_del_init(struct hlist_node *n)
-+{
-+ if (n->pprev) {
-+ __hlist_del(n);
-+ INIT_HLIST_NODE(n);
-+ }
-+}
-+
-+#define hlist_del_rcu_init hlist_del_init
-+
-+static inline void hlist_add_head(struct hlist_node *n, struct hlist_head *h)
-+{
-+ struct hlist_node *first = h->first;
-+ n->next = first;
-+ if (first)
-+ first->pprev = &n->next;
-+ h->first = n;
-+ n->pprev = &h->first;
-+}
-+
-+
-+/**
-+ * hlist_add_head_rcu - adds the specified element to the specified hlist,
-+ * while permitting racing traversals.
-+ * @n: the element to add to the hash list.
-+ * @h: the list to add to.
-+ *
-+ * The caller must take whatever precautions are necessary
-+ * (such as holding appropriate locks) to avoid racing
-+ * with another list-mutation primitive, such as hlist_add_head_rcu()
-+ * or hlist_del_rcu(), running on this same list.
-+ * However, it is perfectly legal to run concurrently with
-+ * the _rcu list-traversal primitives, such as
-+ * hlist_for_each_entry(), but only if smp_read_barrier_depends()
-+ * is used to prevent memory-consistency problems on Alpha CPUs.
-+ * Regardless of the type of CPU, the list-traversal primitive
-+ * must be guarded by rcu_read_lock().
-+ *
-+ * OK, so why don't we have an hlist_for_each_entry_rcu()???
-+ */
-+static inline void hlist_add_head_rcu(struct hlist_node *n,
-+ struct hlist_head *h)
-+{
-+ struct hlist_node *first = h->first;
-+ n->next = first;
-+ n->pprev = &h->first;
-+ smp_wmb();
-+ if (first)
-+ first->pprev = &n->next;
-+ h->first = n;
-+}
-+
-+/* next must be != NULL */
-+static inline void hlist_add_before(struct hlist_node *n,
-+ struct hlist_node *next)
-+{
-+ n->pprev = next->pprev;
-+ n->next = next;
-+ next->pprev = &n->next;
-+ *(n->pprev) = n;
-+}
-+
-+static inline void hlist_add_after(struct hlist_node *n,
-+ struct hlist_node *next)
-+{
-+ next->next = n->next;
-+ n->next = next;
-+ next->pprev = &n->next;
-+
-+ if(next->next)
-+ next->next->pprev = &next->next;
-+}
-+
-+#define hlist_entry(ptr, type, member) container_of(ptr,type,member)
-+
-+#define hlist_for_each(pos, head) \
-+ for (pos = (head)->first; pos && ({ prefetch(pos->next); 1; }); \
-+ pos = pos->next)
-+
-+#define hlist_for_each_safe(pos, n, head) \
-+ for (pos = (head)->first; pos && ({ n = pos->next; 1; }); \
-+ pos = n)
-+
-+/**
-+ * hlist_for_each_entry - iterate over list of given type
-+ * @tpos: the type * to use as a loop counter.
-+ * @pos: the &struct hlist_node to use as a loop counter.
-+ * @head: the head for your list.
-+ * @member: the name of the hlist_node within the struct.
-+ */
-+#define hlist_for_each_entry(tpos, pos, head, member) \
-+ for (pos = (head)->first; \
-+ pos && ({ prefetch(pos->next); 1;}) && \
-+ ({ tpos = hlist_entry(pos, typeof(*tpos), member); 1;}); \
-+ pos = pos->next)
-+
-+/**
-+ * hlist_for_each_entry_continue - iterate over a hlist continuing after existing point
-+ * @tpos: the type * to use as a loop counter.
-+ * @pos: the &struct hlist_node to use as a loop counter.
-+ * @member: the name of the hlist_node within the struct.
-+ */
-+#define hlist_for_each_entry_continue(tpos, pos, member) \
-+ for (pos = (pos)->next; \
-+ pos && ({ prefetch(pos->next); 1;}) && \
-+ ({ tpos = hlist_entry(pos, typeof(*tpos), member); 1;}); \
-+ pos = pos->next)
-+
-+/**
-+ * hlist_for_each_entry_from - iterate over a hlist continuing from existing point
-+ * @tpos: the type * to use as a loop counter.
-+ * @pos: the &struct hlist_node to use as a loop counter.
-+ * @member: the name of the hlist_node within the struct.
-+ */
-+#define hlist_for_each_entry_from(tpos, pos, member) \
-+ for (; pos && ({ prefetch(pos->next); 1;}) && \
-+ ({ tpos = hlist_entry(pos, typeof(*tpos), member); 1;}); \
-+ pos = pos->next)
-+
-+/**
-+ * hlist_for_each_entry_safe - iterate over list of given type safe against removal of list entry
-+ * @tpos: the type * to use as a loop counter.
-+ * @pos: the &struct hlist_node to use as a loop counter.
-+ * @n: another &struct hlist_node to use as temporary storage
-+ * @head: the head for your list.
-+ * @member: the name of the hlist_node within the struct.
-+ */
-+#define hlist_for_each_entry_safe(tpos, pos, n, head, member) \
-+ for (pos = (head)->first; \
-+ pos && ({ n = pos->next; 1; }) && \
-+ ({ tpos = hlist_entry(pos, typeof(*tpos), member); 1;}); \
-+ pos = n)
-+
-+/**
-+ * hlist_for_each_entry_rcu - iterate over rcu list of given type
-+ * @pos: the type * to use as a loop counter.
-+ * @pos: the &struct hlist_node to use as a loop counter.
-+ * @head: the head for your list.
-+ * @member: the name of the hlist_node within the struct.
-+ *
-+ * This list-traversal primitive may safely run concurrently with
-+ * the _rcu list-mutation primitives such as hlist_add_rcu()
-+ * as long as the traversal is guarded by rcu_read_lock().
-+ */
-+#define hlist_for_each_entry_rcu(tpos, pos, head, member) \
-+ for (pos = (head)->first; \
-+ pos && ({ prefetch(pos->next); 1;}) && \
-+ ({ tpos = hlist_entry(pos, typeof(*tpos), member); 1;}); \
-+ pos = pos->next, ({ smp_read_barrier_depends(); 0; }) )
-+
-+#endif
+++ /dev/null
-diff -Nru linux-2.6.16/drivers/net/Kconfig linux-2.6.16-imq/drivers/net/Kconfig
---- linux-2.6.16/drivers/net/Kconfig 2006-03-20 05:53:29.000000000 +0000
-+++ linux-2.6.16-imq/drivers/net/Kconfig 2006-03-25 20:57:14.000000000 +0000
-@@ -93,6 +93,129 @@
- To compile this driver as a module, choose M here: the module
- will be called eql. If unsure, say N.
-
-+config IMQ
-+ tristate "IMQ (intermediate queueing device) support"
-+ depends on NETDEVICES && NETFILTER
-+ ---help---
-+ The IMQ device(s) is used as placeholder for QoS queueing disciplines.
-+ Every packet entering/leaving the IP stack can be directed through
-+ the IMQ device where it's enqueued/dequeued to the attached qdisc.
-+ This allows you to treat network devices as classes and distribute
-+ bandwidth among them. Iptables is used to specify through which IMQ
-+ device, if any, packets travel.
-+
-+ More information at: http://www.linuximq.net/
-+
-+ To compile this driver as a module, choose M here: the module
-+ will be called imq. If unsure, say N.
-+
-+choice
-+ prompt "IMQ behavior (PRE/POSTROUTING)"
-+ depends on IMQ
-+ default IMQ_BEHAVIOR_BA
-+ help
-+
-+ This settings defines how IMQ behaves in respect to its
-+ hooking in PREROUTING and POSTROUTING.
-+
-+ IMQ can work in any of the following ways:
-+
-+ PREROUTING | POSTROUTING
-+ -----------------|-------------------
-+ #1 After NAT | After NAT
-+ #2 After NAT | Before NAT
-+ #3 Before NAT | After NAT
-+ #4 Before NAT | Before NAT
-+
-+ The default behavior is to hook before NAT on PREROUTING
-+ and after NAT on POSTROUTING (#3).
-+
-+ This settings are specially usefull when trying to use IMQ
-+ to shape NATed clients.
-+
-+ More information can be found at: www.linuximq.net
-+
-+ If not sure leave the default settings alone.
-+
-+config IMQ_BEHAVIOR_AA
-+ bool "IMQ AA"
-+ help
-+ This settings defines how IMQ behaves in respect to its
-+ hooking in PREROUTING and POSTROUTING.
-+
-+ Choosing this option will make IMQ hook like this:
-+
-+ PREROUTING: After NAT
-+ POSTROUTING: After NAT
-+
-+ More information can be found at: www.linuximq.net
-+
-+ If not sure leave the default settings alone.
-+
-+config IMQ_BEHAVIOR_AB
-+ bool "IMQ AB"
-+ help
-+ This settings defines how IMQ behaves in respect to its
-+ hooking in PREROUTING and POSTROUTING.
-+
-+ Choosing this option will make IMQ hook like this:
-+
-+ PREROUTING: After NAT
-+ POSTROUTING: Before NAT
-+
-+ More information can be found at: www.linuximq.net
-+
-+ If not sure leave the default settings alone.
-+
-+config IMQ_BEHAVIOR_BA
-+ bool "IMQ BA"
-+ help
-+ This settings defines how IMQ behaves in respect to its
-+ hooking in PREROUTING and POSTROUTING.
-+
-+ Choosing this option will make IMQ hook like this:
-+
-+ PREROUTING: Before NAT
-+ POSTROUTING: After NAT
-+
-+ More information can be found at: www.linuximq.net
-+
-+ If not sure leave the default settings alone.
-+
-+config IMQ_BEHAVIOR_BB
-+ bool "IMQ BB"
-+ help
-+ This settings defines how IMQ behaves in respect to its
-+ hooking in PREROUTING and POSTROUTING.
-+
-+ Choosing this option will make IMQ hook like this:
-+
-+ PREROUTING: Before NAT
-+ POSTROUTING: Before NAT
-+
-+ More information can be found at: www.linuximq.net
-+
-+ If not sure leave the default settings alone.
-+
-+endchoice
-+
-+config IMQ_NUM_DEVS
-+
-+ int "Number of IMQ devices"
-+ range 2 8
-+ depends on IMQ
-+ default "2"
-+ help
-+
-+ This settings defines how many IMQ devices will be
-+ created.
-+
-+ The default value is 2.
-+
-+ More information can be found at: www.linuximq.net
-+
-+ If not sure leave the default settings alone.
-+
- config TUN
- tristate "Universal TUN/TAP device driver support"
- select CRC32
-diff -Nru linux-2.6.16/drivers/net/Makefile linux-2.6.16-imq/drivers/net/Makefile
---- linux-2.6.16/drivers/net/Makefile 2006-03-20 05:53:29.000000000 +0000
-+++ linux-2.6.16-imq/drivers/net/Makefile 2006-03-25 21:04:53.000000000 +0000
-@@ -125,6 +125,7 @@
- endif
-
- obj-$(CONFIG_DUMMY) += dummy.o
-+obj-$(CONFIG_IMQ) += imq.o
- obj-$(CONFIG_IFB) += ifb.o
- obj-$(CONFIG_DE600) += de600.o
- obj-$(CONFIG_DE620) += de620.o
-diff -Nru linux-2.6.16/drivers/net/imq.c linux-2.6.16-imq/drivers/net/imq.c
---- linux-2.6.16/drivers/net/imq.c 1970-01-01 00:00:00.000000000 +0000
-+++ linux-2.6.16-imq/drivers/net/imq.c 2006-03-25 20:57:14.000000000 +0000
-@@ -0,0 +1,403 @@
-+/*
-+ * Pseudo-driver for the intermediate queue device.
-+ *
-+ * This program is free software; you can redistribute it and/or
-+ * modify it under the terms of the GNU General Public License
-+ * as published by the Free Software Foundation; either version
-+ * 2 of the License, or (at your option) any later version.
-+ *
-+ * Authors: Patrick McHardy, <kaber@trash.net>
-+ *
-+ * The first version was written by Martin Devera, <devik@cdi.cz>
-+ *
-+ * Credits: Jan Rafaj <imq2t@cedric.vabo.cz>
-+ * - Update patch to 2.4.21
-+ * Sebastian Strollo <sstrollo@nortelnetworks.com>
-+ * - Fix "Dead-loop on netdevice imq"-issue
-+ * Marcel Sebek <sebek64@post.cz>
-+ * - Update to 2.6.2-rc1
-+ *
-+ * After some time of inactivity there is a group taking care
-+ * of IMQ again: http://www.linuximq.net
-+ *
-+ *
-+ * 2004/06/30 - New version of IMQ patch to kernels <=2.6.7 including
-+ * the following changes:
-+ *
-+ * - Correction of ipv6 support "+"s issue (Hasso Tepper)
-+ * - Correction of imq_init_devs() issue that resulted in
-+ * kernel OOPS unloading IMQ as module (Norbert Buchmuller)
-+ * - Addition of functionality to choose number of IMQ devices
-+ * during kernel config (Andre Correa)
-+ * - Addition of functionality to choose how IMQ hooks on
-+ * PRE and POSTROUTING (after or before NAT) (Andre Correa)
-+ * - Cosmetic corrections (Norbert Buchmuller) (Andre Correa)
-+ *
-+ *
-+ * 2005/12/16 - IMQ versions between 2.6.7 and 2.6.13 were
-+ * released with almost no problems. 2.6.14-x was released
-+ * with some important changes: nfcache was removed; After
-+ * some weeks of trouble we figured out that some IMQ fields
-+ * in skb were missing in skbuff.c - skb_clone and copy_skb_header.
-+ * These functions are correctly patched by this new patch version.
-+ *
-+ * Thanks for all who helped to figure out all the problems with
-+ * 2.6.14.x: Patrick McHardy, Rune Kock, VeNoMouS, Max CtRiX,
-+ * Kevin Shanahan, Richard Lucassen, Valery Dachev (hopefully
-+ * I didn't forget anybody). I apologize again for my lack of time.
-+ *
-+ * More info at: http://www.linuximq.net/ (Andre Correa)
-+ */
-+
-+#include <linux/config.h>
-+#include <linux/module.h>
-+#include <linux/kernel.h>
-+#include <linux/moduleparam.h>
-+#include <linux/skbuff.h>
-+#include <linux/netdevice.h>
-+#include <linux/rtnetlink.h>
-+#include <linux/if_arp.h>
-+#include <linux/netfilter.h>
-+#include <linux/netfilter_ipv4.h>
-+#if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE)
-+ #include <linux/netfilter_ipv6.h>
-+#endif
-+#include <linux/imq.h>
-+#include <net/pkt_sched.h>
-+
-+static nf_hookfn imq_nf_hook;
-+
-+static struct nf_hook_ops imq_ingress_ipv4 = {
-+ .hook = imq_nf_hook,
-+ .owner = THIS_MODULE,
-+ .pf = PF_INET,
-+ .hooknum = NF_IP_PRE_ROUTING,
-+#if defined(CONFIG_IMQ_BEHAVIOR_BA) || defined(CONFIG_IMQ_BEHAVIOR_BB)
-+ .priority = NF_IP_PRI_MANGLE + 1
-+#else
-+ .priority = NF_IP_PRI_NAT_DST + 1
-+#endif
-+};
-+
-+static struct nf_hook_ops imq_egress_ipv4 = {
-+ .hook = imq_nf_hook,
-+ .owner = THIS_MODULE,
-+ .pf = PF_INET,
-+ .hooknum = NF_IP_POST_ROUTING,
-+#if defined(CONFIG_IMQ_BEHAVIOR_AA) || defined(CONFIG_IMQ_BEHAVIOR_BA)
-+ .priority = NF_IP_PRI_LAST
-+#else
-+ .priority = NF_IP_PRI_NAT_SRC - 1
-+#endif
-+};
-+
-+#if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE)
-+static struct nf_hook_ops imq_ingress_ipv6 = {
-+ .hook = imq_nf_hook,
-+ .owner = THIS_MODULE,
-+ .pf = PF_INET6,
-+ .hooknum = NF_IP6_PRE_ROUTING,
-+#if defined(CONFIG_IMQ_BEHAVIOR_BA) || defined(CONFIG_IMQ_BEHAVIOR_BB)
-+ .priority = NF_IP6_PRI_MANGLE + 1
-+#else
-+ .priority = NF_IP6_PRI_NAT_DST + 1
-+#endif
-+};
-+
-+static struct nf_hook_ops imq_egress_ipv6 = {
-+ .hook = imq_nf_hook,
-+ .owner = THIS_MODULE,
-+ .pf = PF_INET6,
-+ .hooknum = NF_IP6_POST_ROUTING,
-+#if defined(CONFIG_IMQ_BEHAVIOR_AA) || defined(CONFIG_IMQ_BEHAVIOR_BA)
-+ .priority = NF_IP6_PRI_LAST
-+#else
-+ .priority = NF_IP6_PRI_NAT_SRC - 1
-+#endif
-+};
-+#endif
-+
-+#if defined(CONFIG_IMQ_NUM_DEVS)
-+static unsigned int numdevs = CONFIG_IMQ_NUM_DEVS;
-+#else
-+static unsigned int numdevs = 2;
-+#endif
-+
-+static struct net_device *imq_devs;
-+
-+static struct net_device_stats *imq_get_stats(struct net_device *dev)
-+{
-+ return (struct net_device_stats *)dev->priv;
-+}
-+
-+/* called for packets kfree'd in qdiscs at places other than enqueue */
-+static void imq_skb_destructor(struct sk_buff *skb)
-+{
-+ struct nf_info *info = skb->nf_info;
-+
-+ if (info) {
-+ if (info->indev)
-+ dev_put(info->indev);
-+ if (info->outdev)
-+ dev_put(info->outdev);
-+ kfree(info);
-+ }
-+}
-+
-+static int imq_dev_xmit(struct sk_buff *skb, struct net_device *dev)
-+{
-+ struct net_device_stats *stats = (struct net_device_stats*) dev->priv;
-+
-+ stats->tx_bytes += skb->len;
-+ stats->tx_packets++;
-+
-+ skb->imq_flags = 0;
-+ skb->destructor = NULL;
-+
-+ dev->trans_start = jiffies;
-+ nf_reinject(skb, skb->nf_info, NF_ACCEPT);
-+ return 0;
-+}
-+
-+static int imq_nf_queue(struct sk_buff *skb, struct nf_info *info, unsigned queue_num, void *data)
-+{
-+ struct net_device *dev;
-+ struct net_device_stats *stats;
-+ struct sk_buff *skb2 = NULL;
-+ struct Qdisc *q;
-+ unsigned int index = skb->imq_flags&IMQ_F_IFMASK;
-+ int ret = -1;
-+
-+ if (index > numdevs)
-+ return -1;
-+
-+ dev = imq_devs + index;
-+ if (!(dev->flags & IFF_UP)) {
-+ skb->imq_flags = 0;
-+ nf_reinject(skb, info, NF_ACCEPT);
-+ return 0;
-+ }
-+ dev->last_rx = jiffies;
-+
-+ if (skb->destructor) {
-+ skb2 = skb;
-+ skb = skb_clone(skb, GFP_ATOMIC);
-+ if (!skb)
-+ return -1;
-+ }
-+ skb->nf_info = info;
-+
-+ stats = (struct net_device_stats *)dev->priv;
-+ stats->rx_bytes+= skb->len;
-+ stats->rx_packets++;
-+
-+ spin_lock_bh(&dev->queue_lock);
-+ q = dev->qdisc;
-+ if (q->enqueue) {
-+ q->enqueue(skb_get(skb), q);
-+ if (skb_shared(skb)) {
-+ skb->destructor = imq_skb_destructor;
-+ kfree_skb(skb);
-+ ret = 0;
-+ }
-+ }
-+ if (spin_is_locked(&dev->xmit_lock))
-+ netif_schedule(dev);
-+ else
-+
-+ while (!netif_queue_stopped(dev) &&
-+ qdisc_restart(dev)<0)
-+ /* NOTHING */;
-+
-+ spin_unlock_bh(&dev->queue_lock);
-+
-+ if (skb2)
-+ kfree_skb(ret ? skb : skb2);
-+
-+ return ret;
-+}
-+
-+static struct nf_queue_handler nfqh = {
-+ .name = "imq",
-+ .outfn = imq_nf_queue,
-+};
-+
-+static unsigned int imq_nf_hook(unsigned int hook, struct sk_buff **pskb,
-+ const struct net_device *indev,
-+ const struct net_device *outdev,
-+ int (*okfn)(struct sk_buff *))
-+{
-+ if ((*pskb)->imq_flags & IMQ_F_ENQUEUE)
-+ return NF_QUEUE;
-+
-+ return NF_ACCEPT;
-+}
-+
-+
-+static int __init imq_init_hooks(void)
-+{
-+ int err;
-+
-+ err = nf_register_queue_handler(PF_INET, &nfqh);
-+ if (err > 0)
-+ goto err1;
-+ if ((err = nf_register_hook(&imq_ingress_ipv4)))
-+ goto err2;
-+ if ((err = nf_register_hook(&imq_egress_ipv4)))
-+ goto err3;
-+#if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE)
-+ if ((err = nf_register_queue_handler(PF_INET6, &nfqh)))
-+ goto err4;
-+ if ((err = nf_register_hook(&imq_ingress_ipv6)))
-+ goto err5;
-+ if ((err = nf_register_hook(&imq_egress_ipv6)))
-+ goto err6;
-+#endif
-+
-+ return 0;
-+
-+#if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE)
-+err6:
-+ nf_unregister_hook(&imq_ingress_ipv6);
-+err5:
-+ nf_unregister_queue_handler(PF_INET6);
-+err4:
-+ nf_unregister_hook(&imq_egress_ipv6);
-+#endif
-+err3:
-+ nf_unregister_hook(&imq_ingress_ipv4);
-+err2:
-+ nf_unregister_queue_handler(PF_INET);
-+err1:
-+ return err;
-+}
-+
-+static void __exit imq_unhook(void)
-+{
-+ nf_unregister_hook(&imq_ingress_ipv4);
-+ nf_unregister_hook(&imq_egress_ipv4);
-+ nf_unregister_queue_handler(PF_INET);
-+#if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE)
-+ nf_unregister_hook(&imq_ingress_ipv6);
-+ nf_unregister_hook(&imq_egress_ipv6);
-+ nf_unregister_queue_handler(PF_INET6);
-+#endif
-+}
-+
-+static int __init imq_dev_init(struct net_device *dev)
-+{
-+ dev->hard_start_xmit = imq_dev_xmit;
-+ dev->type = ARPHRD_VOID;
-+ dev->mtu = 1500;
-+ dev->tx_queue_len = 30;
-+ dev->flags = IFF_NOARP;
-+ dev->priv = kmalloc(sizeof(struct net_device_stats), GFP_KERNEL);
-+ if (dev->priv == NULL)
-+ return -ENOMEM;
-+ memset(dev->priv, 0, sizeof(struct net_device_stats));
-+ dev->get_stats = imq_get_stats;
-+
-+ return 0;
-+}
-+
-+static void imq_dev_uninit(struct net_device *dev)
-+{
-+ kfree(dev->priv);
-+}
-+
-+static int __init imq_init_devs(void)
-+{
-+ struct net_device *dev;
-+ int i,j;
-+ j = numdevs;
-+
-+ if (!numdevs || numdevs > IMQ_MAX_DEVS) {
-+ printk(KERN_ERR "IMQ: numdevs has to be betweed 1 and %u\n",
-+ IMQ_MAX_DEVS);
-+ return -EINVAL;
-+ }
-+
-+ imq_devs = kmalloc(sizeof(struct net_device) * numdevs, GFP_KERNEL);
-+ if (!imq_devs)
-+ return -ENOMEM;
-+ memset(imq_devs, 0, sizeof(struct net_device) * numdevs);
-+
-+ /* we start counting at zero */
-+ numdevs--;
-+
-+ for (i = 0, dev = imq_devs; i <= numdevs; i++, dev++) {
-+ SET_MODULE_OWNER(dev);
-+ strcpy(dev->name, "imq%d");
-+ dev->init = imq_dev_init;
-+ dev->uninit = imq_dev_uninit;
-+
-+ if (register_netdev(dev) < 0)
-+ goto err_register;
-+ }
-+ printk(KERN_INFO "IMQ starting with %u devices...\n", j);
-+ return 0;
-+
-+err_register:
-+ for (; i; i--)
-+ unregister_netdev(--dev);
-+ kfree(imq_devs);
-+ return -EIO;
-+}
-+
-+static void imq_cleanup_devs(void)
-+{
-+ int i;
-+ struct net_device *dev = imq_devs;
-+
-+ for (i = 0; i <= numdevs; i++)
-+ unregister_netdev(dev++);
-+
-+ kfree(imq_devs);
-+}
-+
-+static int __init imq_init_module(void)
-+{
-+ int err;
-+
-+ if ((err = imq_init_devs())) {
-+ printk(KERN_ERR "IMQ: Error trying imq_init_devs()\n");
-+ return err;
-+ }
-+ if ((err = imq_init_hooks())) {
-+ printk(KERN_ERR "IMQ: Error trying imq_init_hooks()\n");
-+ imq_cleanup_devs();
-+ return err;
-+ }
-+
-+ printk(KERN_INFO "IMQ driver loaded successfully.\n");
-+
-+#if defined(CONFIG_IMQ_BEHAVIOR_BA) || defined(CONFIG_IMQ_BEHAVIOR_BB)
-+ printk(KERN_INFO "\tHooking IMQ before NAT on PREROUTING.\n");
-+#else
-+ printk(KERN_INFO "\tHooking IMQ after NAT on PREROUTING.\n");
-+#endif
-+#if defined(CONFIG_IMQ_BEHAVIOR_AB) || defined(CONFIG_IMQ_BEHAVIOR_BB)
-+ printk(KERN_INFO "\tHooking IMQ before NAT on POSTROUTING.\n");
-+#else
-+ printk(KERN_INFO "\tHooking IMQ after NAT on POSTROUTING.\n");
-+#endif
-+
-+ return 0;
-+}
-+
-+static void __exit imq_cleanup_module(void)
-+{
-+ imq_unhook();
-+ imq_cleanup_devs();
-+ printk(KERN_INFO "IMQ driver unloaded successfully.\n");
-+}
-+
-+
-+module_init(imq_init_module);
-+module_exit(imq_cleanup_module);
-+
-+module_param(numdevs, int, 0);
-+MODULE_PARM_DESC(numdevs, "number of IMQ devices (how many imq* devices will be created)");
-+MODULE_AUTHOR("http://www.linuximq.net");
-+MODULE_DESCRIPTION("Pseudo-driver for the intermediate queue device. See http://www.linuximq.net/ for more information.");
-+MODULE_LICENSE("GPL");
-diff -Nru linux-2.6.16/include/linux/imq.h linux-2.6.16-imq/include/linux/imq.h
---- linux-2.6.16/include/linux/imq.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-2.6.16-imq/include/linux/imq.h 2006-03-25 20:57:14.000000000 +0000
-@@ -0,0 +1,9 @@
-+#ifndef _IMQ_H
-+#define _IMQ_H
-+
-+#define IMQ_MAX_DEVS 16
-+
-+#define IMQ_F_IFMASK 0x7f
-+#define IMQ_F_ENQUEUE 0x80
-+
-+#endif /* _IMQ_H */
-diff -Nru linux-2.6.16/include/linux/netfilter_ipv4/ipt_IMQ.h linux-2.6.16-imq/include/linux/netfilter_ipv4/ipt_IMQ.h
---- linux-2.6.16/include/linux/netfilter_ipv4/ipt_IMQ.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-2.6.16-imq/include/linux/netfilter_ipv4/ipt_IMQ.h 2006-03-25 20:57:14.000000000 +0000
-@@ -0,0 +1,8 @@
-+#ifndef _IPT_IMQ_H
-+#define _IPT_IMQ_H
-+
-+struct ipt_imq_info {
-+ unsigned int todev; /* target imq device */
-+};
-+
-+#endif /* _IPT_IMQ_H */
-diff -Nru linux-2.6.16/include/linux/netfilter_ipv6/ip6t_IMQ.h linux-2.6.16-imq/include/linux/netfilter_ipv6/ip6t_IMQ.h
---- linux-2.6.16/include/linux/netfilter_ipv6/ip6t_IMQ.h 1970-01-01 00:00:00.000000000 +0000
-+++ linux-2.6.16-imq/include/linux/netfilter_ipv6/ip6t_IMQ.h 2006-03-25 20:57:14.000000000 +0000
-@@ -0,0 +1,8 @@
-+#ifndef _IP6T_IMQ_H
-+#define _IP6T_IMQ_H
-+
-+struct ip6t_imq_info {
-+ unsigned int todev; /* target imq device */
-+};
-+
-+#endif /* _IP6T_IMQ_H */
-diff -Nru linux-2.6.16/include/linux/skbuff.h linux-2.6.16-imq/include/linux/skbuff.h
---- linux-2.6.16/include/linux/skbuff.h 2006-03-20 05:53:29.000000000 +0000
-+++ linux-2.6.16-imq/include/linux/skbuff.h 2006-03-25 20:57:14.000000000 +0000
-@@ -275,6 +275,10 @@
- #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
- struct sk_buff *nfct_reasm;
- #endif
-+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
-+ unsigned char imq_flags;
-+ struct nf_info *nf_info;
-+#endif
- #ifdef CONFIG_BRIDGE_NETFILTER
- struct nf_bridge_info *nf_bridge;
- #endif
-diff -Nru linux-2.6.16/net/core/skbuff.c linux-2.6.16-imq/net/core/skbuff.c
---- linux-2.6.16/net/core/skbuff.c 2006-03-20 05:53:29.000000000 +0000
-+++ linux-2.6.16-imq/net/core/skbuff.c 2006-03-25 20:57:14.000000000 +0000
-@@ -425,6 +425,10 @@
- C(nfct_reasm);
- nf_conntrack_get_reasm(skb->nfct_reasm);
- #endif
-+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
-+ C(imq_flags);
-+ C(nf_info);
-+#endif /*CONFIG_IMQ*/
- #ifdef CONFIG_BRIDGE_NETFILTER
- C(nf_bridge);
- nf_bridge_get(skb->nf_bridge);
-@@ -489,6 +493,10 @@
- #if defined(CONFIG_IP_VS) || defined(CONFIG_IP_VS_MODULE)
- new->ipvs_property = old->ipvs_property;
- #endif
-+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
-+ new->imq_flags = old->imq_flags;
-+ new->nf_info = old->nf_info;
-+#endif /*CONFIG_IMQ*/
- #ifdef CONFIG_BRIDGE_NETFILTER
- new->nf_bridge = old->nf_bridge;
- nf_bridge_get(old->nf_bridge);
-diff -Nru linux-2.6.16/net/ipv4/netfilter/Kconfig linux-2.6.16-imq/net/ipv4/netfilter/Kconfig
---- linux-2.6.16/net/ipv4/netfilter/Kconfig 2006-03-20 05:53:29.000000000 +0000
-+++ linux-2.6.16-imq/net/ipv4/netfilter/Kconfig 2006-03-25 21:54:10.000000000 +0000
-@@ -505,6 +505,17 @@
-
- To compile it as a module, choose M here. If unsure, say N.
-
-+config IP_NF_TARGET_IMQ
-+ tristate "IMQ target support"
-+ depends on IP_NF_MANGLE
-+ help
-+ This option adds a `IMQ' target which is used to specify if and
-+ to which IMQ device packets should get enqueued/dequeued.
-+
-+ For more information visit: http://www.linuximq.net/
-+
-+ To compile it as a module, choose M here. If unsure, say N.
-+
- config IP_NF_TARGET_TOS
- tristate "TOS target support"
- depends on IP_NF_MANGLE
-diff -Nru linux-2.6.16/net/ipv4/netfilter/Makefile linux-2.6.16-imq/net/ipv4/netfilter/Makefile
---- linux-2.6.16/net/ipv4/netfilter/Makefile 2006-03-20 05:53:29.000000000 +0000
-+++ linux-2.6.16-imq/net/ipv4/netfilter/Makefile 2006-03-25 21:06:00.000000000 +0000
-@@ -64,6 +64,7 @@
- obj-$(CONFIG_IP_NF_TARGET_TOS) += ipt_TOS.o
- obj-$(CONFIG_IP_NF_TARGET_ECN) += ipt_ECN.o
- obj-$(CONFIG_IP_NF_TARGET_DSCP) += ipt_DSCP.o
-+obj-$(CONFIG_IP_NF_TARGET_IMQ) += ipt_IMQ.o
- obj-$(CONFIG_IP_NF_TARGET_MASQUERADE) += ipt_MASQUERADE.o
- obj-$(CONFIG_IP_NF_TARGET_REDIRECT) += ipt_REDIRECT.o
- obj-$(CONFIG_IP_NF_TARGET_NETMAP) += ipt_NETMAP.o
-diff -Nru linux-2.6.16/net/ipv4/netfilter/ipt_IMQ.c linux-2.6.16-imq/net/ipv4/netfilter/ipt_IMQ.c
---- linux-2.6.16/net/ipv4/netfilter/ipt_IMQ.c 1970-01-01 00:00:00.000000000 +0000
-+++ linux-2.6.16-imq/net/ipv4/netfilter/ipt_IMQ.c 2006-03-25 20:57:14.000000000 +0000
-@@ -0,0 +1,80 @@
-+/*
-+ * This target marks packets to be enqueued to an imq device
-+ */
-+#include <linux/module.h>
-+#include <linux/skbuff.h>
-+#include <linux/netfilter_ipv4/ip_tables.h>
-+#include <linux/netfilter_ipv4/ipt_IMQ.h>
-+#include <linux/imq.h>
-+
-+static unsigned int imq_target(struct sk_buff **pskb,
-+ const struct net_device *in,
-+ const struct net_device *out,
-+ unsigned int hooknum,
-+ const void *targinfo,
-+ void *userdata)
-+{
-+ struct ipt_imq_info *mr = (struct ipt_imq_info*)targinfo;
-+
-+ (*pskb)->imq_flags = mr->todev | IMQ_F_ENQUEUE;
-+
-+ return IPT_CONTINUE;
-+}
-+
-+static int imq_checkentry(const char *tablename,
-+ const struct ipt_entry *e,
-+ void *targinfo,
-+ unsigned int targinfosize,
-+ unsigned int hook_mask)
-+{
-+ struct ipt_imq_info *mr;
-+
-+ if (targinfosize != IPT_ALIGN(sizeof(struct ipt_imq_info))) {
-+ printk(KERN_WARNING "IMQ: invalid targinfosize\n");
-+ return 0;
-+ }
-+ mr = (struct ipt_imq_info*)targinfo;
-+
-+ if (strcmp(tablename, "mangle") != 0) {
-+ printk(KERN_WARNING
-+ "IMQ: IMQ can only be called from \"mangle\" table, not \"%s\"\n",
-+ tablename);
-+ return 0;
-+ }
-+
-+ if (mr->todev > IMQ_MAX_DEVS) {
-+ printk(KERN_WARNING
-+ "IMQ: invalid device specified, highest is %u\n",
-+ IMQ_MAX_DEVS);
-+ return 0;
-+ }
-+
-+ return 1;
-+}
-+
-+static struct ipt_target ipt_imq_reg = {
-+ .name = "IMQ",
-+ .target = imq_target,
-+ .checkentry = imq_checkentry,
-+ .me = THIS_MODULE
-+};
-+
-+static int __init init(void)
-+{
-+ if (ipt_register_target(&ipt_imq_reg))
-+ return -EINVAL;
-+
-+ return 0;
-+}
-+
-+static void __exit fini(void)
-+{
-+ ipt_unregister_target(&ipt_imq_reg);
-+}
-+
-+module_init(init);
-+module_exit(fini);
-+
-+MODULE_AUTHOR("http://www.linuximq.net");
-+MODULE_DESCRIPTION("Pseudo-driver for the intermediate queue device. See http://www.linuximq.net/ for more information.");
-+MODULE_LICENSE("GPL");
-diff -Nru linux-2.6.16/net/ipv6/netfilter/Kconfig linux-2.6.16-imq/net/ipv6/netfilter/Kconfig
---- linux-2.6.16/net/ipv6/netfilter/Kconfig 2006-03-20 05:53:29.000000000 +0000
-+++ linux-2.6.16-imq/net/ipv6/netfilter/Kconfig 2006-03-25 21:54:48.000000000 +0000
-@@ -183,6 +183,15 @@
-
- To compile it as a module, choose M here. If unsure, say N.
-
-+config IP6_NF_TARGET_IMQ
-+ tristate "IMQ target support"
-+ depends on IP6_NF_MANGLE
-+ help
-+ This option adds a `IMQ' target which is used to specify if and
-+ to which imq device packets should get enqueued/dequeued.
-+
-+ To compile it as a module, choose M here. If unsure, say N.
-+
- config IP6_NF_TARGET_HL
- tristate 'HL (hoplimit) target support'
- depends on IP6_NF_MANGLE
-diff -Nru linux-2.6.16/net/ipv6/netfilter/Makefile linux-2.6.16-imq/net/ipv6/netfilter/Makefile
---- linux-2.6.16/net/ipv6/netfilter/Makefile 2006-03-20 05:53:29.000000000 +0000
-+++ linux-2.6.16-imq/net/ipv6/netfilter/Makefile 2006-03-25 21:07:08.000000000 +0000
-@@ -15,6 +15,7 @@
- obj-$(CONFIG_IP6_NF_MATCH_OWNER) += ip6t_owner.o
- obj-$(CONFIG_IP6_NF_FILTER) += ip6table_filter.o
- obj-$(CONFIG_IP6_NF_MANGLE) += ip6table_mangle.o
-+obj-$(CONFIG_IP6_NF_TARGET_IMQ) += ip6t_IMQ.o
- obj-$(CONFIG_IP6_NF_TARGET_HL) += ip6t_HL.o
- obj-$(CONFIG_IP6_NF_QUEUE) += ip6_queue.o
- obj-$(CONFIG_IP6_NF_TARGET_LOG) += ip6t_LOG.o
-diff -Nru linux-2.6.16/net/ipv6/netfilter/ip6t_IMQ.c linux-2.6.16-imq/net/ipv6/netfilter/ip6t_IMQ.c
---- linux-2.6.16/net/ipv6/netfilter/ip6t_IMQ.c 1970-01-01 00:00:00.000000000 +0000
-+++ linux-2.6.16-imq/net/ipv6/netfilter/ip6t_IMQ.c 2006-03-25 20:57:14.000000000 +0000
-@@ -0,0 +1,80 @@
-+/*
-+ * This target marks packets to be enqueued to an imq device
-+ */
-+#include <linux/module.h>
-+#include <linux/skbuff.h>
-+#include <linux/netfilter_ipv6/ip6_tables.h>
-+#include <linux/netfilter_ipv6/ip6t_IMQ.h>
-+#include <linux/imq.h>
-+
-+static unsigned int imq_target(struct sk_buff **pskb,
-+ unsigned int hooknum,
-+ const struct net_device *in,
-+ const struct net_device *out,
-+ const void *targinfo,
-+ void *userdata)
-+{
-+ struct ip6t_imq_info *mr = (struct ip6t_imq_info*)targinfo;
-+
-+ (*pskb)->imq_flags = mr->todev | IMQ_F_ENQUEUE;
-+
-+ return IP6T_CONTINUE;
-+}
-+
-+static int imq_checkentry(const char *tablename,
-+ const struct ip6t_entry *e,
-+ void *targinfo,
-+ unsigned int targinfosize,
-+ unsigned int hook_mask)
-+{
-+ struct ip6t_imq_info *mr;
-+
-+ if (targinfosize != IP6T_ALIGN(sizeof(struct ip6t_imq_info))) {
-+ printk(KERN_WARNING "IMQ: invalid targinfosize\n");
-+ return 0;
-+ }
-+ mr = (struct ip6t_imq_info*)targinfo;
-+
-+ if (strcmp(tablename, "mangle") != 0) {
-+ printk(KERN_WARNING
-+ "IMQ: IMQ can only be called from \"mangle\" table, not \"%s\"\n",
-+ tablename);
-+ return 0;
-+ }
-+
-+ if (mr->todev > IMQ_MAX_DEVS) {
-+ printk(KERN_WARNING
-+ "IMQ: invalid device specified, highest is %u\n",
-+ IMQ_MAX_DEVS);
-+ return 0;
-+ }
-+
-+ return 1;
-+}
-+
-+static struct ip6t_target ip6t_imq_reg = {
-+ .name = "IMQ",
-+ .target = imq_target,
-+ .checkentry = imq_checkentry,
-+ .me = THIS_MODULE
-+};
-+
-+static int __init init(void)
-+{
-+ if (ip6t_register_target(&ip6t_imq_reg))
-+ return -EINVAL;
-+
-+ return 0;
-+}
-+
-+static void __exit fini(void)
-+{
-+ ip6t_unregister_target(&ip6t_imq_reg);
-+}
-+
-+module_init(init);
-+module_exit(fini);
-+
-+MODULE_AUTHOR("http://www.linuximq.net");
-+MODULE_DESCRIPTION("Pseudo-driver for the intermediate queue device. See http://www.linuximq.net/ for more information.");
-+MODULE_LICENSE("GPL");
-diff -Nru linux-2.6.16/net/sched/sch_generic.c linux-2.6.16-imq/net/sched/sch_generic.c
---- linux-2.6.16/net/sched/sch_generic.c 2006-03-20 05:53:29.000000000 +0000
-+++ linux-2.6.16-imq/net/sched/sch_generic.c 2006-03-25 20:57:14.000000000 +0000
-@@ -29,6 +29,9 @@
- #include <linux/netdevice.h>
- #include <linux/skbuff.h>
- #include <linux/rtnetlink.h>
-+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
-+#include <linux/imq.h>
-+#endif
- #include <linux/init.h>
- #include <linux/rcupdate.h>
- #include <linux/list.h>
-@@ -136,7 +139,13 @@
-
- if (!netif_queue_stopped(dev)) {
- int ret;
-- if (netdev_nit)
-+
-+ if (netdev_nit
-+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
-+ && !(skb->imq_flags & IMQ_F_ENQUEUE)
-+#endif
-+ )
-+
- dev_queue_xmit_nit(skb, dev);
-
- ret = dev->hard_start_xmit(skb, dev);
+++ /dev/null
-Submitted by: Alexander E. Patrakov <patrakov@ums.usu.ru>
-Signed-off-by: Alexander E. Patrakov <patrakov@ums.usu.ru>
-Date: 2005-10-18
-Initial Package Version: 2.6.15
-Upstream Status: Rejected: they say it modifies the meaning of an existing ioctl
-Origin: http://chris.heathens.co.nz/linux/downloads/patches-2.6.4-cdh1.tar.gz
- Porting to linux-2.6.16 by Alexander E. Patrakov
-Description: This patch fixes dead keys and copy/paste of non-ASCII characters
- in UTF-8 mode on Linux console.
- See more details about the original patch at:
- http://chris.heathens.co.nz/linux/utf8.html
-
-diff -ur linux-2.6.15-rc6.orig/drivers/char/consolemap.c linux-2.6.15-rc6.my/drivers/char/consolemap.c
---- linux-2.6.15-rc6.orig/drivers/char/consolemap.c 2005-12-25 10:00:12.000000000 +0500
-+++ linux-2.6.15-rc6.my/drivers/char/consolemap.c 2005-12-25 10:01:22.000000000 +0500
-@@ -178,6 +178,7 @@
- unsigned long refcount;
- unsigned long sum;
- unsigned char *inverse_translations[4];
-+ u16 *inverse_trans_unicode;
- int readonly;
- };
-
-@@ -208,6 +209,41 @@
- }
- }
-
-+static void set_inverse_trans_unicode(struct vc_data *conp,
-+ struct uni_pagedir *p)
-+{
-+ int i, j, k, glyph;
-+ u16 **p1, *p2;
-+ u16 *q;
-+
-+ if (!p) return;
-+ q = p->inverse_trans_unicode;
-+ if (!q) {
-+ q = p->inverse_trans_unicode =
-+ kmalloc(MAX_GLYPH * sizeof(u16), GFP_KERNEL);
-+ if (!q)
-+ return;
-+ }
-+ memset(q, 0, MAX_GLYPH * sizeof(u16));
-+
-+ for (i = 0; i < 32; i++) {
-+ p1 = p->uni_pgdir[i];
-+ if (!p1)
-+ continue;
-+ for (j = 0; j < 32; j++) {
-+ p2 = p1[j];
-+ if (!p2)
-+ continue;
-+ for (k = 0; k < 64; k++) {
-+ glyph = p2[k];
-+ if (glyph >= 0 && glyph < MAX_GLYPH
-+ && q[glyph] < 32)
-+ q[glyph] = (i << 11) + (j << 6) + k;
-+ }
-+ }
-+ }
-+}
-+
- unsigned short *set_translate(int m, struct vc_data *vc)
- {
- inv_translate[vc->vc_num] = m;
-@@ -218,19 +254,29 @@
- * Inverse translation is impossible for several reasons:
- * 1. The font<->character maps are not 1-1.
- * 2. The text may have been written while a different translation map
-- * was active, or using Unicode.
-+ * was active.
- * Still, it is now possible to a certain extent to cut and paste non-ASCII.
- */
--unsigned char inverse_translate(struct vc_data *conp, int glyph)
-+u16 inverse_translate(struct vc_data *conp, int glyph, int use_unicode)
- {
- struct uni_pagedir *p;
-+ int m;
- if (glyph < 0 || glyph >= MAX_GLYPH)
- return 0;
-- else if (!(p = (struct uni_pagedir *)*conp->vc_uni_pagedir_loc) ||
-- !p->inverse_translations[inv_translate[conp->vc_num]])
-+ else if (!(p = (struct uni_pagedir *)*conp->vc_uni_pagedir_loc))
- return glyph;
-- else
-- return p->inverse_translations[inv_translate[conp->vc_num]][glyph];
-+ else if (use_unicode) {
-+ if (!p->inverse_trans_unicode)
-+ return glyph;
-+ else
-+ return p->inverse_trans_unicode[glyph];
-+ } else {
-+ m = inv_translate[conp->vc_num];
-+ if (!p->inverse_translations[m])
-+ return glyph;
-+ else
-+ return p->inverse_translations[m][glyph];
-+ }
- }
-
- static void update_user_maps(void)
-@@ -244,6 +290,7 @@
- p = (struct uni_pagedir *)*vc_cons[i].d->vc_uni_pagedir_loc;
- if (p && p != q) {
- set_inverse_transl(vc_cons[i].d, p, USER_MAP);
-+ set_inverse_trans_unicode(vc_cons[i].d, p);
- q = p;
- }
- }
-@@ -354,6 +401,10 @@
- kfree(p->inverse_translations[i]);
- p->inverse_translations[i] = NULL;
- }
-+ if (p->inverse_trans_unicode) {
-+ kfree(p->inverse_trans_unicode);
-+ p->inverse_trans_unicode = NULL;
-+ }
- }
-
- void con_free_unimap(struct vc_data *vc)
-@@ -512,6 +563,7 @@
-
- for (i = 0; i <= 3; i++)
- set_inverse_transl(vc, p, i); /* Update all inverse translations */
-+ set_inverse_trans_unicode(vc, p);
-
- return err;
- }
-@@ -562,6 +614,7 @@
-
- for (i = 0; i <= 3; i++)
- set_inverse_transl(vc, p, i); /* Update all inverse translations */
-+ set_inverse_trans_unicode(vc, p);
- dflt = p;
- return err;
- }
-@@ -618,6 +671,19 @@
- p->readonly = rdonly;
- }
-
-+/* may be called during an interrupt */
-+u32 conv_8bit_to_uni(unsigned char c)
-+{
-+ /*
-+ * Always use USER_MAP. This function is used by the keyboard,
-+ * which shouldn't be affected by G0/G1 switching, etc.
-+ * If the user map still contains default values, i.e. the
-+ * direct-to-font mapping, then assume user is using Latin1.
-+ */
-+ unsigned short uni = translations[USER_MAP][c];
-+ return uni == (0xf000 | c) ? c : uni;
-+}
-+
- int
- conv_uni_to_pc(struct vc_data *conp, long ucs)
- {
-diff -ur linux-2.6.15-rc6.orig/drivers/char/keyboard.c linux-2.6.15-rc6.my/drivers/char/keyboard.c
---- linux-2.6.15-rc6.orig/drivers/char/keyboard.c 2005-12-25 10:00:12.000000000 +0500
-+++ linux-2.6.15-rc6.my/drivers/char/keyboard.c 2005-12-25 10:01:22.000000000 +0500
-@@ -34,6 +34,7 @@
- #include <linux/init.h>
- #include <linux/slab.h>
-
-+#include <linux/consolemap.h>
- #include <linux/kbd_kern.h>
- #include <linux/kbd_diacr.h>
- #include <linux/vt_kern.h>
-@@ -329,10 +330,9 @@
- * Many other routines do put_queue, but I think either
- * they produce ASCII, or they produce some user-assigned
- * string, and in both cases we might assume that it is
-- * in utf-8 already. UTF-8 is defined for words of up to 31 bits,
-- * but we need only 16 bits here
-+ * in utf-8 already.
- */
--static void to_utf8(struct vc_data *vc, ushort c)
-+static void to_utf8(struct vc_data *vc, uint c)
- {
- if (c < 0x80)
- /* 0******* */
-@@ -341,14 +341,33 @@
- /* 110***** 10****** */
- put_queue(vc, 0xc0 | (c >> 6));
- put_queue(vc, 0x80 | (c & 0x3f));
-- } else {
-+ } else if (c < 0x10000) {
-+ if (c >= 0xD800 && c < 0xE000)
-+ return;
-+ if (c == 0xFFFF)
-+ return;
- /* 1110**** 10****** 10****** */
- put_queue(vc, 0xe0 | (c >> 12));
- put_queue(vc, 0x80 | ((c >> 6) & 0x3f));
- put_queue(vc, 0x80 | (c & 0x3f));
-+ } else if (c < 0x110000) {
-+ /* 11110*** 10****** 10****** 10****** */
-+ put_queue(vc, 0xf0 | (c >> 18));
-+ put_queue(vc, 0x80 | ((c >> 12) & 0x3f));
-+ put_queue(vc, 0x80 | ((c >> 6) & 0x3f));
-+ put_queue(vc, 0x80 | (c & 0x3f));
- }
- }
-
-+static void put_8bit(struct vc_data *vc, u8 c)
-+{
-+ if (kbd->kbdmode != VC_UNICODE || c < 32 || c == 127)
-+ /* Don't translate control chars */
-+ put_queue(vc, c);
-+ else
-+ to_utf8(vc, conv_8bit_to_uni(c));
-+}
-+
- /*
- * Called after returning from RAW mode or when changing consoles - recompute
- * shift_down[] and shift_state from key_down[] maybe called when keymap is
-@@ -409,7 +428,7 @@
- if (ch == ' ' || ch == d)
- return d;
-
-- put_queue(vc, d);
-+ put_8bit(vc, d);
- return ch;
- }
-
-@@ -419,7 +438,7 @@
- static void fn_enter(struct vc_data *vc, struct pt_regs *regs)
- {
- if (diacr) {
-- put_queue(vc, diacr);
-+ put_8bit(vc, diacr);
- diacr = 0;
- }
- put_queue(vc, 13);
-@@ -628,7 +647,7 @@
- diacr = value;
- return;
- }
-- put_queue(vc, value);
-+ put_8bit(vc, value);
- }
-
- /*
-@@ -774,7 +793,7 @@
- /* kludge */
- if (up_flag && shift_state != old_state && npadch != -1) {
- if (kbd->kbdmode == VC_UNICODE)
-- to_utf8(vc, npadch & 0xffff);
-+ to_utf8(vc, npadch);
- else
- put_queue(vc, npadch & 0xff);
- npadch = -1;
-diff -ur linux-2.6.15-rc6.orig/drivers/char/selection.c linux-2.6.15-rc6.my/drivers/char/selection.c
---- linux-2.6.15-rc6.orig/drivers/char/selection.c 2005-12-25 10:00:12.000000000 +0500
-+++ linux-2.6.15-rc6.my/drivers/char/selection.c 2005-12-25 10:01:22.000000000 +0500
-@@ -20,6 +20,7 @@
-
- #include <asm/uaccess.h>
-
-+#include <linux/kbd_kern.h>
- #include <linux/vt_kern.h>
- #include <linux/consolemap.h>
- #include <linux/selection.h>
-@@ -34,6 +35,7 @@
- /* Variables for selection control. */
- /* Use a dynamic buffer, instead of static (Dec 1994) */
- struct vc_data *sel_cons; /* must not be disallocated */
-+static int use_unicode;
- static volatile int sel_start = -1; /* cleared by clear_selection */
- static int sel_end;
- static int sel_buffer_lth;
-@@ -54,10 +56,11 @@
- complement_pos(sel_cons, where);
- }
-
--static unsigned char
-+static u16
- sel_pos(int n)
- {
-- return inverse_translate(sel_cons, screen_glyph(sel_cons, n));
-+ return inverse_translate(sel_cons, screen_glyph(sel_cons, n),
-+ use_unicode);
- }
-
- /* remove the current selection highlight, if any,
-@@ -86,8 +89,8 @@
- 0xFF7FFFFF /* latin-1 accented letters, not division sign */
- };
-
--static inline int inword(const unsigned char c) {
-- return ( inwordLut[c>>5] >> (c & 0x1F) ) & 1;
-+static inline int inword(const u16 c) {
-+ return c > 0xff || (( inwordLut[c>>5] >> (c & 0x1F) ) & 1);
- }
-
- /* set inwordLut contents. Invoked by ioctl(). */
-@@ -108,13 +111,36 @@
- return (v > u) ? u : v;
- }
-
-+/* stores the char in UTF8 and returns the number of bytes used (1-3) */
-+int store_utf8(u16 c, char *p)
-+{
-+ if (c < 0x80) {
-+ /* 0******* */
-+ p[0] = c;
-+ return 1;
-+ } else if (c < 0x800) {
-+ /* 110***** 10****** */
-+ p[0] = 0xc0 | (c >> 6);
-+ p[1] = 0x80 | (c & 0x3f);
-+ return 2;
-+ } else {
-+ /* 1110**** 10****** 10****** */
-+ p[0] = 0xe0 | (c >> 12);
-+ p[1] = 0x80 | ((c >> 6) & 0x3f);
-+ p[2] = 0x80 | (c & 0x3f);
-+ return 3;
-+ }
-+}
-+
- /* set the current selection. Invoked by ioctl() or by kernel code. */
- int set_selection(const struct tiocl_selection __user *sel, struct tty_struct *tty)
- {
- struct vc_data *vc = vc_cons[fg_console].d;
- int sel_mode, new_sel_start, new_sel_end, spc;
- char *bp, *obp;
-- int i, ps, pe;
-+ int i, ps, pe, multiplier;
-+ u16 c;
-+ struct kbd_struct *kbd = kbd_table + fg_console;
-
- poke_blanked_console();
-
-@@ -158,7 +184,8 @@
- clear_selection();
- sel_cons = vc_cons[fg_console].d;
- }
--
-+ use_unicode = kbd && kbd->kbdmode == VC_UNICODE;
-+
- switch (sel_mode)
- {
- case TIOCL_SELCHAR: /* character-by-character selection */
-@@ -240,7 +267,8 @@
- sel_end = new_sel_end;
-
- /* Allocate a new buffer before freeing the old one ... */
-- bp = kmalloc((sel_end-sel_start)/2+1, GFP_KERNEL);
-+ multiplier = use_unicode ? 3 : 1; /* chars can take up to 3 bytes */
-+ bp = kmalloc((sel_end-sel_start)/2*multiplier+1, GFP_KERNEL);
- if (!bp) {
- printk(KERN_WARNING "selection: kmalloc() failed\n");
- clear_selection();
-@@ -251,8 +279,12 @@
-
- obp = bp;
- for (i = sel_start; i <= sel_end; i += 2) {
-- *bp = sel_pos(i);
-- if (!isspace(*bp++))
-+ c = sel_pos(i);
-+ if (use_unicode)
-+ bp += store_utf8(c, bp);
-+ else
-+ *bp++ = c;
-+ if (!isspace(c))
- obp = bp;
- if (! ((i + 2) % vc->vc_size_row)) {
- /* strip trailing blanks from line and add newline,
-diff -ur linux-2.6.15-rc6.orig/include/linux/consolemap.h linux-2.6.15-rc6.my/include/linux/consolemap.h
---- linux-2.6.15-rc6.orig/include/linux/consolemap.h 2005-12-25 10:00:13.000000000 +0500
-+++ linux-2.6.15-rc6.my/include/linux/consolemap.h 2005-12-25 10:01:22.000000000 +0500
-@@ -10,6 +10,7 @@
-
- struct vc_data;
-
--extern unsigned char inverse_translate(struct vc_data *conp, int glyph);
-+extern u16 inverse_translate(struct vc_data *conp, int glyph, int use_unicode);
- extern unsigned short *set_translate(int m, struct vc_data *vc);
- extern int conv_uni_to_pc(struct vc_data *conp, long ucs);
-+extern u32 conv_8bit_to_uni(unsigned char c);
+++ /dev/null
---- mc-4.6.1.orig/debian/dirs
-+++ mc-4.6.1/debian/dirs
-@@ -0,0 +1,2 @@
-+/etc/mc
-+/usr/share/pixmaps
---- mc-4.6.1.orig/debian/docs
-+++ mc-4.6.1/debian/docs
-@@ -0,0 +1,8 @@
-+FAQ
-+NEWS
-+README
-+AUTHORS
-+TODO
-+AUTHORS
-+ABOUT-NLS
-+HACKING
---- mc-4.6.1.orig/debian/menu
-+++ mc-4.6.1/debian/menu
-@@ -0,0 +1,8 @@
-+?package(mc):\
-+ needs="text"\
-+ section="Apps/Tools"\
-+ title="mc"\
-+ longtitle="Midnight Commander"\
-+ hints="File managers"\
-+ command="/usr/bin/mc"\
-+ icon="/usr/share/pixmaps/mc.xpm"
---- mc-4.6.1.orig/debian/control
-+++ mc-4.6.1/debian/control
-@@ -0,0 +1,21 @@
-+Source: mc
-+Section: utils
-+Priority: optional
-+Maintainer: Stefano Melchior <stefano.melchior@openlabs.it>
-+Uploaders: Ludovic Drolez <ldrolez@debian.org>
-+Build-Depends: debhelper (>> 4.0.0), libglib2.0-dev, libgpmg1-dev |not+linux-gnu, gettext, libslang2-dev
-+Standards-Version: 3.7.2
-+
-+Package: mc
-+Architecture: any
-+Depends: ${shlibs:Depends}
-+Suggests: perl, mime-support, zip, unzip, bzip2, links | w3m | lynx, arj
-+Conflicts: mc-common, suidmanager (<< 0.52)
-+Replaces: mc-common, manpages-pl (<= 20030210)
-+Description: midnight commander - a powerful file manager
-+ GNU Midnight Commander is a text-mode full-screen file manager. It
-+ uses a two panel interface and a subshell for command execution. It
-+ includes an internal editor with syntax highlighting and an internal
-+ viewer with support for binary files. Also included is Virtual
-+ Filesystem (VFS), that allows files on remote systems (e.g. FTP, SSH,
-+ SMB servers) and files inside archives to be manipulated like real files.
---- mc-4.6.1.orig/debian/extra/icon.xpm
-+++ mc-4.6.1/debian/extra/icon.xpm
-@@ -0,0 +1,45 @@
-+/* XPM */
-+static char *icon[] = {
-+/* columns rows colors chars-per-pixel */
-+"32 32 7 1",
-+" c black",
-+". c gray20",
-+"X c blue",
-+"o c cyan",
-+"O c yellow",
-+"+ c gray80",
-+"@ c gray90",
-+/* pixels */
-+"+@+@+@++@++@+@+@+@+@++@@++@++@+@",
-+"+XXXXXXXXXoXXXXXoXXXXXXXXXoXXXX.",
-+"@XXOOOOOXXoXOOXXoXXXOOOOXXoXOOX.",
-+"+XXXXXXXXXoXXXXXoXXXXXXXXXoXXXX.",
-+"+XXXXXXXXXoXXXXXoXXXXXXXXXoXXXX.",
-+"@XoooooooXoXooXXoXoooooooXoXooX.",
-+"+XXXXXXXXXoXXXXXoXXXXXXXXXoXXXX.",
-+"@XoooooooXoXooXXoXoooooooXoXooX.",
-+"+XXXXXXXXXoXXXXXoXXXXXXXXXoXXXX.",
-+"@XoooooooXoXooXXoXoooooooXoXooX.",
-+"+XXXXXXXXXoXXXXXoXXXXXXXXXoXXXX.",
-+"@XoooooooXoXooXXoXoooooooXoXooX.",
-+"+XXXXXXXXXoXXXXXoXXXXXXXXXoXXXX.",
-+"@XoooooooXoXooXXoXoooooooXoXooX.",
-+"+XXXXXXXXXoXXXXXoXXXXXXXXXoXXXX.",
-+"+XoooooooXoXooXXoXoooooooXoXooX.",
-+"+XXXXXXXXXoXXXXXoXXXXXXXXXoXXXX.",
-+"@XXXXXXXXXoXXXXXoXoooooooXoXooX.",
-+"+XXXXXXXXXoXXXXXoXXXXXXXXXoXXXX.",
-+"@XXXXXXXXXoXXXXXoXoooooooXoXooX.",
-+"+XXXXXXXXXoXXXXXoXXXXXXXXXoXXXX.",
-+"@oooooooooooooooooooooooooooooo ",
-+"+XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.",
-+"@XooooooXoXoooXXXXooooooXooXooX.",
-+"+XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.",
-+"+oooooooooooooooooooooooooooooo.",
-+"@ .",
-+"+ .",
-+"+.+ .",
-+"@ .",
-+"++O++ ++++ O++O +O++O +O++ ++O+.",
-+"+..............................."
-+};
---- mc-4.6.1.orig/debian/extra/mcview-debian.1
-+++ mc-4.6.1/debian/extra/mcview-debian.1
-@@ -0,0 +1,19 @@
-+.TH MCVIEW-DEBIAN 1
-+.SH NAME
-+mcview-debian \- mcview wrapper
-+.br
-+.SH DESCRIPTION
-+This script is just a wrapper for
-+.B mcview,
-+(the Midnight Commander internal viewer) to use with Debian
-+alternatives system.
-+.SH OPTIONS
-+Full list of supported options could be found on the
-+.BR mcview (1)
-+manpage.
-+.SH SEE ALSO
-+.BR mcview (1),
-+.BR mc (1)
-+.SH AUTHOR
-+This manual page was written by Adam Byrtek <alpha@debian.org>, for
-+the Debian GNU/Linux system.
---- mc-4.6.1.orig/debian/extra/mcedit-debian
-+++ mc-4.6.1/debian/extra/mcedit-debian
-@@ -0,0 +1,5 @@
-+#!/bin/sh
-+
-+# mcedit wrapper for Debian alternatives system
-+
-+mcedit $@
---- mc-4.6.1.orig/debian/extra/mcmfmt.1
-+++ mc-4.6.1/debian/extra/mcmfmt.1
-@@ -0,0 +1,14 @@
-+.TH MCMFMT 1
-+.SH NAME
-+mcmfmt \- sets bold and underline for mail files
-+.br
-+.SH "DESCRIPTION"
-+.B mcmfmt
-+is a program for internal use by the Midnight Commander only. It sets bold and underline for mail files.
-+.SH OPTIONS
-+There are no options for this program.
-+.SH "SEE ALSO"
-+mc(1)
-+.SH AUTHOR
-+This manual page was written by Paul Seelig <pseelig@goofy.zdv.uni-mainz.de>,
-+for the Debian GNU/Linux system (but may be used by others).
---- mc-4.6.1.orig/debian/extra/mcview-debian
-+++ mc-4.6.1/debian/extra/mcview-debian
-@@ -0,0 +1,5 @@
-+#!/bin/sh
-+
-+# mcview wrapper for Debian alternatives system
-+
-+mcview $@
---- mc-4.6.1.orig/debian/extra/mcedit-debian.1
-+++ mc-4.6.1/debian/extra/mcedit-debian.1
-@@ -0,0 +1,19 @@
-+.TH MCEDIT-DEBIAN 1
-+.SH NAME
-+mcedit-debian \- mcedit wrapper
-+.br
-+.SH DESCRIPTION
-+This script is just a wrapper for
-+.B mcedit,
-+(the Midnight Commander internal editor) to use with Debian
-+alternatives system.
-+.SH OPTIONS
-+Full list of supported options could be found on the
-+.BR mcedit (1)
-+manpage.
-+.SH SEE ALSO
-+.BR mcedit (1),
-+.BR mc (1)
-+.SH AUTHOR
-+This manual page was written by Adam Byrtek <alpha@debian.org>, for
-+the Debian GNU/Linux system.
---- mc-4.6.1.orig/debian/links
-+++ mc-4.6.1/debian/links
-@@ -0,0 +1,3 @@
-+/etc/mc/mc.ext /usr/share/mc/mc.ext
-+/etc/mc/mc.menu /usr/share/mc/mc.menu
-+/etc/mc/mc.lib /usr/share/mc/mc.lib
---- mc-4.6.1.orig/debian/rocks
-+++ mc-4.6.1/debian/rocks
-@@ -0,0 +1,45 @@
-+# custom tweaks to cbs' debian/rules
-+
-+DEB_CONFIGURE_EXTRA_FLAGS := --with-glib2 --without-ext2undel \
-+ --enable-charset --with-samba --with-screen=slang
-+
-+deb-extra-clean::
-+ rm -f config.sub config.guess
-+ rm -f po/ru.gmo
-+
-+deb-binary-hook-mc:
-+ cp debian/extra/icon.xpm debian/mc/usr/share/pixmaps/mc.xpm
-+
-+ cp debian/extra/mcview-debian debian/mc/usr/bin/
-+ cp debian/extra/mcedit-debian debian/mc/usr/bin/
-+
-+ chmod a+x debian/mc/usr/share/mc/edit.spell.rc
-+ chmod a+x debian/mc/usr/share/mc/edit.indent.rc
-+ chmod a-x debian/mc/usr/share/mc/bin/*
-+
-+ -mv debian/mc/usr/share/mc/mc.ext debian/mc/etc/mc/mc.ext
-+ -mv debian/mc/usr/share/mc/mc.menu debian/mc/etc/mc/mc.menu
-+ -mv debian/mc/usr/share/mc/mc.lib debian/mc/etc/mc/mc.lib
-+
-+ # convert docs to UTF8
-+ cd debian/mc/usr/share/mc && \
-+ iconv -f ISO-8859-1 -t UTF-8 mc.hint > tmp && mv tmp mc.hint && \
-+ iconv -f ISO-8859-1 -t UTF-8 mc.hlp > tmp && mv tmp mc.hlp && \
-+ iconv -f ISO-8859-1 -t UTF-8 mc.hint.es > tmp && mv tmp mc.hint.es && \
-+ iconv -f ISO-8859-1 -t UTF-8 mc.hlp.es > tmp && mv tmp mc.hlp.es && \
-+ iconv -f ISO-8859-1 -t UTF-8 mc.hint.it > tmp && mv tmp mc.hint.it && \
-+ iconv -f ISO-8859-1 -t UTF-8 mc.hlp.it > tmp && mv tmp mc.hlp.it && \
-+ iconv -f ISO-8859-1 -t UTF-8 mc.hint.nl > tmp && mv tmp mc.hint.nl && \
-+ iconv -f ISO-8859-2 -t UTF-8 mc.hint.cs > tmp && mv tmp mc.hint.cs && \
-+ iconv -f ISO-8859-2 -t UTF-8 mc.hint.hu > tmp && mv tmp mc.hint.hu && \
-+ iconv -f ISO-8859-2 -t UTF-8 mc.hlp.hu > tmp && mv tmp mc.hlp.hu && \
-+ iconv -f ISO-8859-2 -t UTF-8 mc.hint.pl > tmp && mv tmp mc.hint.pl && \
-+ iconv -f ISO-8859-2 -t UTF-8 mc.hlp.pl > tmp && mv tmp mc.hlp.pl && \
-+ iconv -f ISO-8859-5 -t UTF-8 mc.hint.sr > tmp && mv tmp mc.hint.sr && \
-+ iconv -f ISO-8859-5 -t UTF-8 mc.hlp.sr > tmp && mv tmp mc.hlp.sr && \
-+ iconv -f ISO-8859-5 -t UTF-8 mc.menu.sr > tmp && mv tmp mc.menu.sr && \
-+ iconv -f koi8-r -t UTF-8 mc.hint.ru > tmp && mv tmp mc.hint.ru && \
-+ iconv -f koi8-r -t UTF-8 mc.hlp.ru > tmp && mv tmp mc.hlp.ru && \
-+ iconv -f koi8-u -t UTF-8 mc.hint.uk > tmp && mv tmp mc.hint.uk && \
-+ iconv -f big5 -t UTF-8 mc.hint.zh > tmp && mv tmp mc.hint.zh
-+
---- mc-4.6.1.orig/debian/rules
-+++ mc-4.6.1/debian/rules
-@@ -0,0 +1,551 @@
-+#!/usr/bin/make -f
-+# -*- mode: makefile; coding: utf-8 -*-
-+# Colin's Build System
-+# Copyright © 2002 Colin Walters <walters@debian.org>
-+# $Id: rules,v 1.3 2005/10/16 15:03:43 ldrolez Exp $
-+
-+####################################
-+# DO NOT MODIFY THIS FILE DIRECTLY #
-+####################################
-+
-+### Introduction to Colin's Build System #############################
-+# This file is shared between all the packages which use Colin's Build
-+# System. The idea is that this file contains sane defaults, and
-+# stuff specific to a package should go into the debian/rocks Makefile
-+# fragment. There generic hooks where you can override and add
-+# functionality for a specific package.
-+
-+# The big motivating factor for CBS was originally that more and more
-+# programs today are created using GNU configure scripts and GNU
-+# automake, and as such they are all very similar to configure and
-+# build. CBS takes advantage of this by doing stuff like looking for
-+# an executable file named "configure"; if it exists, CBS tries
-+# treating it like a GNU configure script, and passes it sane
-+# arguments (like --prefix=/usr). This will work for like 90% of the
-+# cases out there (including at least all my packages). But if it
-+# doesn't work, no problem; you can customize or just completely
-+# override it the debian/rocks file. For example, suppose that you
-+# need to pass "--enable-foo" to the configure script. In that case,
-+# all you need to do is create a file named debian/rocks, which
-+# contains:
-+
-+# DEB_CONFIGURE_EXTRA_FLAGS := --enable-foo
-+
-+# And that's it! Everything else happens automagically. However,
-+# suppose that your "configure" script isn't made by autoconf, and
-+# instead expects the user to interactively configure the program
-+# (e.g. Perl). In that case, you can just override the
-+# "deb-common-configure" rule, by putting something like the following
-+# in your debian/rocks:
-+
-+# deb-common-configure:
-+# ./configure --blah --blargh < debian/answers
-+
-+# All of the rules which are overridable are listed below, up to the
-+# line "-include debian/rocks". There are also a large group of
-+# variables you may customize to affect a default rule, instead of of
-+# just overriding the rule completely.
-+
-+# CBS also helps you keep up-to-date with the latest policy; when
-+# there is a new DEB_BUILD_OPTIONS entry, or they change semantics (as
-+# in the latest "debug" => "noopt" change), you shouldn't have to
-+# change anything in your packages (besides rebuilding them with the
-+# latest CBS version); CBS will just handle it.
-+
-+### CBS and Debhelper ################################################
-+# Colin's Build System currently relies heavily on debhelper version
-+# 4, so you must have a Build-Depends: debhelper (>= 4.0.0).
-+
-+### Single vs. Multi Binary packages #################################
-+# If you have a single binary package, CBS tries to use the upstream
-+# Makefile to install everything into debian/packagename, so it will
-+# all appear in the binary package. To remove files, move them
-+# around, just override the deb-binary-hook-<packagename> target in
-+# the debian/rocks file, like:
-+
-+# deb-binary-hook-mypackage:
-+# mv debian/mypackage/usr/sbin/myprogram debian/mypackage/usr/bin/myprogram
-+# rm debian/mypackage/usr/share/doc/mypackage/INSTALL
-+
-+# If you have a multi-binary package, CBS (by default) uses the
-+# upstream Makefile to install everything in debian/tmp. After this,
-+# the recommended method is to use dh_install to copy these files into
-+# the appropriate package. To do this, just create
-+# "packagename.install" files; see the dh_install man page.
-+
-+### Common Problems ##################################################
-+
-+# Are you having problems with your package not building with the
-+# default deb-common-build rule? This could be because of CFLAGS
-+# issues. If it doesn't work, then your upstream's build system is
-+# broken. You should be able to set CFLAGS to contain the
-+# optimization and debugging settings you want, and this shouldn't
-+# frob any -I or other internal arguments the upstream build system
-+# needs. One way to fix this is to have upstream fix their Makefile
-+# to do something like:
-+
-+# # This is the default set of optimization and debugging flags, which
-+# # can be overridden with a CFLAGS passed to the make invocation.
-+# CFLAGS = -g -O2
-+# # Now add specific stuff we need.
-+# override CFLAGS += -I. -I.. -ffrob-stuff
-+
-+# On a related note, if you want to have a nice, easy-to-maintain,
-+# working build system, try to convince your upstream to switch to
-+# automake, autoconf, and libtool.
-+
-+### The latest version of CBS ########################################
-+# The canonical source for Colin's Build System is:
-+# http://cvs.verbum.org/debian/rules
-+
-+# Note that you can easily update your current version by running:
-+# debian/rules update
-+
-+# Are you keeping your Debian packages in CVS? In that case, it would
-+# probably be a good idea to disable keyword expansion for this file,
-+# so debian/rules update won't get confused. Run:
-+# cvs admin -ko debian/rules
-+
-+### Hooks which are overridable ######################################
-+
-+## This target is called before almost anything else; in particular,
-+## it is called even before patches are applied. This is a good place
-+## to do stuff like generate a debian/control from debian/control.xml,
-+## etc.
-+deb-pre-build:
-+ if [ -x $(CURDIR)/autogen.sh ]; then \
-+ $(CURDIR)/autogen.sh || echo -n "Failed to run autogen.sh script"; \
-+ fi
-+
-+## This target is called after patches are applied, but before
-+## configure scripts or anything else are run. This is a good place
-+## to do wacky stuff like:
-+## 'find . -name 'Makefile.in' -exec touch {} \;'.
-+deb-post-patches:
-+ # Nothing to do by default.
-+
-+## This target is called after patches are applied (i.e. after
-+## deb-post-patches). It is, as its name implies, a good place to run
-+## GNU configure scripts or the like.
-+deb-common-configure:
-+ if [ -x ./configure ]; then $(DEB_CONFIGURE_INVOKE) --prefix=$(DEB_CONFIGURE_PREFIX) --mandir=$(DEB_CONFIGURE_MANDIR) --infodir=$(DEB_CONFIGURE_INFODIR) --sysconfdir=$(DEB_CONFIGURE_SYSCONFDIR) --localstatedir=$(DEB_CONFIGURE_LOCALSTATEDIR) --libexecdir=$(DEB_CONFIGURE_LIBEXECDIR) --disable-maintainer-mode $(DEB_CONFIGURE_EXTRA_FLAGS) $(DEB_USER_CONFIGURE_FLAGS); fi
-+
-+## This target is for configuring a specific package. It is called
-+## once for each package.
-+deb-configure-%:
-+ # Nothing to do by default.
-+
-+## This is an "extra" rule, where you may prefix arbitrary commands to
-+## the general build, but not override the default. It is called
-+## before deb-common-build.
-+deb-extra-pre-common-build::
-+ # Nothing to do by default.
-+
-+## This target is called after common configuration (but not
-+## necessarily after package-specific configuration). Generally, this
-+## is a good place to invoke make and the like. Note that if you do
-+## package-specific configuration, you should likely override this
-+## rule to do nothing, and then do package-specific building in
-+## deb-build-<package>.
-+deb-common-build:
-+ if [ -f Makefile ]; then \
-+ $(DEB_MAKE_ENVVARS) $(MAKE) CFLAGS="$(CFLAGS)" CXXFLAGS="$(CXXFLAGS)" $(DEB_BUILD_MAKE_TARGET); \
-+ fi
-+
-+## This is an "extra" rule, where you may add arbitrary commands to
-+## the general build, but not override the default. It is called
-+## after deb-common-build.
-+deb-extra-common-build:: deb-common-build
-+ # Nothing to do by default.
-+
-+## This target is called once for each package, after package-specific
-+## configuration; it is for doing any building to a specific package.
-+deb-build-%:
-+ # Nothing to do by default.
-+
-+## This is an "extra" rule, where you may add arbitrary commands to
-+## the package-specific build, but not override the default. It is
-+## called after deb-build-<package>.
-+deb-extra-build-%: deb-build-%
-+ # Nothing to do by default.
-+
-+## This target is called after pre-build, and before any configuration
-+## takes place. It is designed to automatically update
-+## config.{sub,guess} files which are used by packages which use GNU
-+## autoconf. You should not generally need to override this target.
-+## You may need to set DEB_AC_AUX_DIR if upstream used the autoconf
-+## macro AC_CONFIG_AUX_DIR.
-+deb-autotools-setup:
-+ if [ -r /usr/share/misc/config.sub ]; then \
-+ if [ -r $(DEB_AC_AUX_DIR)/config.sub -a ! -f $(DEB_AC_AUX_DIR)/config.sub.orig-cbs ]; then \
-+ mv $(DEB_AC_AUX_DIR)/config.sub $(DEB_AC_AUX_DIR)/config.sub.orig-cbs; \
-+ cp -f /usr/share/misc/config.sub $(DEB_AC_AUX_DIR)/config.sub; \
-+ fi; \
-+ fi
-+ if [ -r /usr/share/misc/config.guess ]; then \
-+ if [ -r $(DEB_AC_AUX_DIR)/config.guess -a ! -f $(DEB_AC_AUX_DIR)/config.guess.orig-cbs ]; then \
-+ mv $(DEB_AC_AUX_DIR)/config.guess $(DEB_AC_AUX_DIR)/config.guess.orig-cbs; \
-+ cp -f /usr/share/misc/config.guess $(DEB_AC_AUX_DIR)/config.guess; \
-+ fi; \
-+ fi
-+
-+## This target is called during the clean process; it is designed to
-+## undo the effects of deb-autotools-setup, so that you won't get
-+## spurious bits in your Debian diff. You should not generally need
-+## to override this target.
-+deb-autotools-clean:
-+ if [ -r $(DEB_AC_AUX_DIR)/config.sub.orig-cbs ]; then \
-+ mv $(DEB_AC_AUX_DIR)/config.sub.orig-cbs $(DEB_AC_AUX_DIR)/config.sub; \
-+ fi
-+ if [ -r $(DEB_AC_AUX_DIR)/config.guess.orig-cbs ]; then \
-+ mv $(DEB_AC_AUX_DIR)/config.guess.orig-cbs $(DEB_AC_AUX_DIR)/config.guess; \
-+ fi
-+
-+## This target is called during the cleaning process.
-+deb-clean:
-+ if [ -f Makefile ]; then $(MAKE) distclean || $(MAKE) clean || true; fi
-+ if test -f config.log; then \
-+ if grep -i -q 'generated by GNU Autoconf' config.log || grep -i -q 'to aid debugging if configure ' config.log; then \
-+ rm -f config.log; \
-+ fi; \
-+ fi
-+ if test -f config.status && grep -i -q 'Generated.*by configure.' config.status; then rm -f config.status; fi
-+ if test -f config.cache && grep -i -q 'shell.*script.*caches.*results.*configure' config.cache; then rm -f config.cache; fi
-+ rm -f po/it.gmo po/de.gmo
-+
-+## This is an "extra" rule, where you may add arbitrary commands to
-+## the cleaning process, but not override the default.
-+deb-extra-clean:: deb-clean
-+ # Nothing to do by default.
-+
-+## This target is called after the common installation step. It
-+## should install your package into its destination, e.g. debian/tmp
-+## (for single-binary packages, into debian/<packagename>).
-+deb-common-install:
-+ if [ -f Makefile ]; then \
-+ if grep -q DESTDIR Makefile || grep -q -i 'generated.*by.*automake' Makefile; then \
-+ $(DEB_MAKE_ENVVARS) $(MAKE) install DESTDIR=$(DEB_DESTDIR); \
-+ else \
-+ echo "This Makefile doesn't appear to support DESTDIR; you must override $@ in debian/rocks"; \
-+ exit 1; \
-+ fi; \
-+ else \
-+ echo "No default install action, you must override $@ in debian/rocks"; \
-+ exit 1; \
-+ fi
-+
-+## This is an "extra" rule, where you may add arbitrary commands to
-+## the common installation process, but not override the default.
-+deb-extra-common-install:: deb-common-install
-+ # Nothing to do by default.
-+
-+## This target is called once for each package, after that package's
-+## specific build step.
-+deb-install-%:
-+ # Nothing to do by default.
-+
-+## This is an "extra" rule, where you may add arbitrary commands to
-+## the installation process for a specific package, but not override
-+## the default.
-+deb-extra-install-%: deb-install-%
-+ # Nothing to do by default.
-+
-+## This is a sort of "catchall" rule to do post-installation cleanup.
-+## It is called by deb-binary-<packagename> after everything should be
-+## installed in debian/tmp or debian/<packagename>. This is a good
-+## place to do things like move binaries from debian/tmp/usr/bin to
-+## debian/tmp/usr/sbin, convert HTML documentation into plain text,
-+## etc.
-+deb-binary-hook-%:
-+ # Nothing to do by default.
-+
-+## This rule is called after the installation for a package. It does
-+## all the work of installing things like changelogs, README.Debian
-+## files, etc., and also actually builds the .deb files. It relies
-+## heavily on Debhelper, so please see the docs for those commands to
-+## understand how it works and to customize things more. You may
-+## override this target if you have special needs, but it is not
-+## recommended. It is better instead to use one of the provided
-+## hooks, or add a hook where necessary and send in a patch for CBS.
-+deb-binary-%:
-+ dh_installdocs $(DEB_ALL_DOCS) $(DEB_INSTALL_DOCS_$(DEB_CURPACKAGE)) -p$(DEB_CURPACKAGE)
-+ dh_installexamples $(DEB_INSTALL_EXAMPLES_$(DEB_CURPACKAGE)) -p$(DEB_CURPACKAGE)
-+ dh_installman $(DEB_INSTALL_MANPAGES_$(DEB_CURPACKAGE)) -p$(DEB_CURPACKAGE)
-+ dh_installinfo $(DEB_INSTALL_INFO_$(DEB_CURPACKAGE)) -p$(DEB_CURPACKAGE)
-+ dh_installmenu -p$(DEB_CURPACKAGE)
-+ dh_installcron -p$(DEB_CURPACKAGE)
-+ dh_installdebconf -p$(DEB_CURPACKAGE)
-+ dh_installpam -p$(DEB_CURPACKAGE)
-+ dh_installchangelogs -p$(DEB_CURPACKAGE)
-+ dh_install -p$(DEB_CURPACKAGE)
-+ $(internal_invoke) deb-binary-hook-$(DEB_CURPACKAGE)
-+ $(internal_invoke) deb-strip-$(DEB_CURPACKAGE)
-+ dh_link -p$(DEB_CURPACKAGE)
-+ dh_compress -p$(DEB_CURPACKAGE) $(foreach entry,$(DEB_COMPRESS_EXCLUDE),$(patsubst %,-X %,$(entry))) \
-+ $(foreach entry,$(DEB_COMPRESS_EXCLUDE_$(DEB_CURPACKAGE)),$(patsubst %,-X %,$(entry)))
-+ dh_fixperms -p$(DEB_CURPACKAGE) $(foreach entry,$(DEB_FIXPERMS_EXCLUDE),$(patsubst %,-X %,$(entry))) \
-+ $(foreach entry,$(DEB_FIXPERMS_EXCLUDE_$(DEB_CURPACKAGE)),$(patsubst %,-X %,$(entry)))
-+ $(internal_invoke) deb-makeshlibs-$(DEB_CURPACKAGE)
-+ $(internal_invoke) deb-post-fixperms-binary-$(DEB_CURPACKAGE)
-+ dh_installdeb -p$(DEB_CURPACKAGE)
-+ $(internal_invoke) deb-shlibdeps-$(DEB_CURPACKAGE)
-+ dh_gencontrol -p$(DEB_CURPACKAGE)
-+ dh_md5sums -p$(DEB_CURPACKAGE)
-+ dh_builddeb -p$(DEB_CURPACKAGE)
-+
-+## This rule is called by the default deb-binary-<package>
-+## implementation, after all package data has been installed, and
-+## after the deb-binary-hook-<packagename> has been called. As its
-+## name implies, it is where you should strip binaries.
-+deb-strip-%:
-+ dh_strip -p$(DEB_CURPACKAGE)
-+
-+## This rule is called by the default deb-binary-<package>
-+## implementation, *after* permissions have been sanitized. This is
-+## an excellent place to make binaries setuid where necessary, for
-+## example.
-+deb-post-fixperms-binary-%:
-+ # Nothing to do by default.
-+
-+## This rule is called by the default deb-binary-<package>
-+## implementation, right before the final Debian package building
-+## process. This is where you should generate a "shlibs" file for
-+## your package, if necessary.
-+deb-makeshlibs-%:
-+ dh_makeshlibs -p$(DEB_CURPACKAGE)
-+
-+## This rule is called by the default deb-binary-<package>
-+## implementation, during the final Debian package building
-+## process. This is where you should determine
-+deb-shlibdeps-%:
-+ dh_shlibdeps -p$(DEB_CURPACKAGE) $(if $(DEB_SHLIBDEPS_LIBRARY_$(DEB_CURPACKAGE)),-L $(DEB_SHLIBDEPS_LIBRARY_$(DEB_CURPACKAGE))) $(if $(DEB_SHLIBDEPS_INCLUDE_$(DEB_CURPACKAGE))$(DEB_SHLIBDEPS_INCLUDE),-l $(DEB_SHLIBDEPS_INCLUDE_$(DEB_CURPACKAGE)):$(DEB_SHLIBDEPS_INCLUDE))
-+
-+-include debian/rocks
-+
-+### Overridable variables #######################################
-+
-+# Some common variables; usually you shouldn't have to set these.
-+DEB_ARCH_PACKAGES ?= $(shell dh_listpackages -a 2>/dev/null || true)
-+DEB_INDEP_PACKAGES ?= $(shell dh_listpackages -i 2>/dev/null || true)
-+DEB_ALL_PACKAGES ?= $(DEB_ARCH_PACKAGES) $(DEB_INDEP_PACKAGES)
-+DEB_SOURCE_PACKAGE ?= $(strip $(shell egrep '^Source: ' debian/control | cut -f 2 -d ':'))
-+
-+export DH_COMPAT=4
-+
-+DEB_VERSION ?= $(shell dpkg-parsechangelog | egrep '^Version:' | cut -f 2 -d ' ')
-+
-+DEB_HOST_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE)
-+DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE)
-+DEB_HOST_ARCH ?= $(shell dpkg-architecture -qDEB_HOST_ARCH)
-+DEB_BUILD_ARCH ?= $(shell dpkg-architecture -qDEB_BUILD_ARCH)
-+
-+DEB_C_DEFAULT_OPT ?= -O2
-+DEB_CXX_DEFAULT_OPT ?= $(DEB_C_DEFAULT_OPT)
-+CFLAGS ?= -Wall -g
-+CXXFLAGS ?= -Wall -g
-+ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS)))
-+ CFLAGS += -O0
-+ CXXFLAGS += -O0
-+else
-+ CFLAGS += $(DEB_C_DEFAULT_OPT)
-+ CXXFLAGS += $(DEB_CXX_DEFAULT_OPT)
-+endif
-+
-+DEB_PATCHDIRS ?= debian/patches
-+DEB_PATCHES ?= $(foreach dir,$(DEB_PATCHDIRS),$(shell echo $(wildcard $(dir)/*.patch) $(wildcard $(dir)/*.diff)))
-+
-+DEB_CONFIGURE_INVOKE ?= ./configure --host=$(DEB_HOST_GNU_TYPE) --build=$(DEB_BUILD_GNU_TYPE)
-+DEB_CONFIGURE_PREFIX ?=/usr
-+DEB_CONFIGURE_MANDIR ?="\$${prefix}/share/man"
-+DEB_CONFIGURE_INFODIR ?="\$${prefix}/share/info"
-+DEB_CONFIGURE_SYSCONFDIR ?=/etc
-+DEB_CONFIGURE_LOCALSTATEDIR ?=/var
-+DEB_CONFIGURE_LIBEXECDIR ?="\$${prefix}/lib/$(DEB_SOURCE_PACKAGE)"
-+DEB_CONFIGURE_EXTRA_FLAGS ?=
-+DEB_MAKE_ENVVARS ?=
-+DEB_BUILD_MAKE_TARGET ?=
-+DEB_DIRS ?=
-+DEB_CLEAN ?=
-+DEB_CLEAN_EXCLUDE ?=
-+DEB_ALL_DOCS ?=
-+DEB_KEEP_CHANGELOG_NAME ?=
-+DEB_ALL_CHANGELOG ?= $(if $(DEB_ISNATIVE),,$(shell if test -r ChangeLog; then echo ChangeLog; fi))
-+DEB_FIXPERMS_EXCLUDE ?=
-+DEB_COMPRESS_EXCLUDE ?=
-+# This variable should be a colon-separated list of paths
-+DEB_SHLIBDEPS_INCLUDE ?=
-+DEB_EXAMPLES ?=
-+DEB_CHANGELOGS ?=
-+DEB_AC_AUX_DIR ?=.
-+
-+DEB_PHONY_RULES ?=
-+
-+ifeq ($(strip $(shell echo $(DEB_ALL_PACKAGES) | wc -w)),1)
-+ DEB_DESTDIR ?= `pwd`/debian/$(strip $(DEB_ALL_PACKAGES))
-+else
-+ DEB_DESTDIR ?= `pwd`/debian/tmp
-+endif
-+
-+### Other variables ##################################################
-+
-+DEB_ISNATIVE := $(shell dpkg-parsechangelog | egrep '^Version:' | perl -ne 'print if not /^Version:\s*.*-/;')
-+
-+### Internal implementation ##########################################
-+update:
-+ @if [ -f debian/rules ]; then \
-+ curversion=`head debian/rules | perl -lne 'if (/Id: rules,v (.*?) /) { print $$1; }'`; \
-+ echo "Installed version: " $$curversion; \
-+ rm -rf debian/cbs-update ; mkdir -p debian/cbs-update && cd debian/cbs-update; \
-+ echo -n "Downloading latest version from :pserver:anoncvs@cvs.verbum.org:/cvs..."; \
-+ cvs -Q -d :pserver:anoncvs@cvs.verbum.org:/cvs co debian/rules; \
-+ echo "done."; \
-+ newversion=`head debian/rules | perl -lne 'if (/Id: rules,v (.*?) /) { print $$1; }'`; \
-+ if [ "$$newversion" != "$$curversion" ]; then \
-+ echo "Retrieving log for revisions $$curversion to $$newversion..."; \
-+ cvs -q -d :pserver:anoncvs@cvs.verbum.org:/cvs log "-r$$curversion:$$newversion" debian/rules; \
-+ else \
-+ echo "No changes."; \
-+ fi; \
-+ mv debian/rules .. ; cd .. ; rm -rf cbs-update ; chmod a+x rules; \
-+ else \
-+ echo "Couldn't find debian/rules; you must execute this target as debian/rules update"; \
-+ fi
-+
-+internal_invoke := debian/rules "DEB_ARCH_PACKAGES=$(DEB_ARCH_PACKAGES)" "DEB_INDEP_PACKAGES=$(DEB_INDEP_PACKAGES)" "DEB_ALL_PACKAGES=$(DEB_ALL_PACKAGES)" "DEB_VERSION=$(DEB_VERSION)" "DEB_HOST_GNU_TYPE=$(DEB_HOST_GNU_TYPE)" "DEB_BUILD_GNU_TYPE=$(DEB_BUILD_GNU_TYPE)" "DEB_DESTDIR=$(DEB_DESTDIR)" "DEB_PATCHES=$(DEB_PATCHES)"
-+
-+pre-build: debian/stamp-pre-build
-+debian/stamp-pre-build:
-+ $(internal_invoke) deb-pre-build
-+ touch $@
-+
-+# The patch subsystem
-+apply-patches: pre-build debian/stamp-patched
-+debian/stamp-patched: $(DEB_PATCHES)
-+debian/stamp-patched reverse-patches:
-+ @echo "patches: $(DEB_PATCHES)"
-+ @set -e ; \
-+ DPATCHES="$(DEB_PATCHES)"; \
-+ [ "$@" = "reverse-patches" ] && DPATCHES="`ls -r $(DEB_PATCHES)`"; \
-+ for patch in $$DPATCHES; do \
-+ level=$(head $$patch | egrep '^#DPATCHLEVEL=' | cut -f 2 -d '='); \
-+ reverse=""; \
-+ if [ "$@" = "reverse-patches" ]; then reverse="-R"; fi; \
-+ success=""; \
-+ if [ -z "$$level" ]; then \
-+ echo -n "Trying "; if test -n "$$reverse"; then echo -n "reversed "; fi; echo -n "patch $$patch at level "; \
-+ for level in 0 1 2; do \
-+ if test -z "$$success"; then \
-+ echo -n "$$level..."; \
-+ if cat $$patch | patch $$reverse --dry-run -p$$level --verbose 1>$$patch.level-$$level.log 2>&1; then \
-+ if cat $$patch | patch $$reverse --no-backup-if-mismatch -V never -p$$level 1>$$patch.level-$$level.log 2>&1; then \
-+ success=yes; \
-+ touch debian/stamp-patch-$$(basename $$patch); \
-+ echo "success."; \
-+ fi; \
-+ fi; \
-+ fi; \
-+ done; \
-+ if test -z "$$success"; then \
-+ if test -z "$$reverse"; then \
-+ echo "failure."; \
-+ exit 1; \
-+ else \
-+ echo "failure (ignored)."; \
-+ fi \
-+ fi; \
-+ else \
-+ echo -n "Trying patch $$patch at level $$level..."; \
-+ if cat $$patch | patch $$reverse --no-backup-if-mismatch -V never -p$$level 1>$$patch.log 2>&1; then \
-+ touch debian/stamp-patch-$$(basename $$patch); \
-+ echo "success."; \
-+ else \
-+ echo "failure:"; \
-+ cat $$patch.log; \
-+ if test -z "$$reverse"; then exit 1; fi; \
-+ fi; \
-+ fi; \
-+ done
-+ if [ "$@" = "debian/stamp-patched" ]; then touch debian/stamp-patched; fi
-+
-+post-patches: debian/stamp-post-patches
-+debian/stamp-post-patches: apply-patches
-+ $(internal_invoke) deb-post-patches
-+ touch $@
-+
-+# The general targets
-+common-configure: post-patches debian/stamp-common-configure
-+debian/stamp-common-configure:
-+ dh_testdir
-+ $(internal_invoke) deb-autotools-setup
-+ $(internal_invoke) deb-common-configure
-+ touch $@
-+$(patsubst %,configure-%,$(DEB_ALL_PACKAGES)) : configure-% : common-configure debian/stamp-configure-%
-+$(patsubst %,debian/stamp-configure-%,$(DEB_ALL_PACKAGES)) : debian/stamp-configure-%: debian/stamp-patched
-+ dh_testdir
-+ $(internal_invoke) deb-configure-package-$(patsubst debian/stamp-configure-%,%,$@) DEB_CURPACKAGE=$(patsubst debian/stamp-configure-%,%,$@)
-+ touch $@
-+
-+# Required Debian target
-+build: build-arch build-indep
-+
-+common-build: debian/stamp-common-build
-+debian/stamp-common-build: $(patsubst %,configure-%,$(DEB_ALL_PACKAGES))
-+ dh_testdir
-+ $(internal_invoke) deb-extra-pre-common-build
-+ $(internal_invoke) deb-extra-common-build
-+ touch $@
-+$(patsubst %,build-%,$(DEB_ALL_PACKAGES)) :: build-% : debian/stamp-build-%
-+$(patsubst %,debian/stamp-build-%,$(DEB_ALL_PACKAGES)) : debian/stamp-build-% : common-build configure-%
-+ dh_testdir
-+ $(internal_invoke) deb-extra-build-$(patsubst debian/stamp-build-%,%,$@) DEB_CURPACKAGE=$(patsubst debian/stamp-build-%,%,$@)
-+ touch $@
-+
-+build-arch: $(patsubst %,build-%,$(DEB_ARCH_PACKAGES))
-+build-indep: $(patsubst %,build-%,$(DEB_INDEP_PACKAGES))
-+
-+# Required Debian target
-+clean: clean-dh-tests reverse-patches clean-impl
-+clean-dh-tests:
-+ dh_testdir
-+ dh_testroot
-+clean-impl:
-+ $(internal_invoke) deb-autotools-clean
-+ $(internal_invoke) deb-extra-clean
-+ for dir in $(DEB_PATCHDIRS); do rm -f $$dir/*.log; done
-+ rm -f debian/stamp-*
-+ dh_clean $(DEB_CLEAN) $(foreach entry,$(DEB_CLEAN_EXCLUDE),$(patsubst %,-X %,$(entry)))
-+
-+common-install: debian/stamp-common-install
-+debian/stamp-common-install: $(patsubst %,build-%,$(DEB_ALL_PACKAGES))
-+ dh_testdir
-+ dh_clean -k
-+ dh_installdirs -A $(DEB_DIRS)
-+ $(internal_invoke) deb-extra-common-install DEB_CURPACKAGE=
-+ touch $@
-+install-arch: $(patsubst %,install-%,$(DEB_ARCH_PACKAGES))
-+install-indep: $(patsubst %,install-%,$(DEB_INDEP_PACKAGES))
-+$(patsubst %,install-%,$(DEB_ALL_PACKAGES)) :: install-% : common-install build-%
-+ dh_testdir
-+ dh_testroot
-+ $(internal_invoke) deb-extra-install-$(patsubst install-%,%,$@) DEB_CURPACKAGE=$(patsubst install-%,%,$@)
-+
-+common-binary: debian/stamp-common-binary
-+debian/stamp-common-binary: $(patsubst %,install-%,$(DEB_ALL_PACKAGES)) common-install
-+ dh_testdir
-+ dh_testroot
-+ dh_installchangelogs $(if $(DEB_KEEP_CHANGELOG_NAME),-k) $(DEB_ALL_CHANGELOG)
-+ touch $@
-+
-+# Required Debian targets
-+binary-indep: common-binary $(patsubst %,binary-%,$(DEB_INDEP_PACKAGES))
-+binary-arch: common-binary $(patsubst %,binary-%,$(DEB_ARCH_PACKAGES))
-+
-+binary-% :: common-binary install-%
-+ dh_testdir
-+ dh_testroot
-+ $(internal_invoke) deb-binary-$(patsubst binary-%,%,$@) DEB_CURPACKAGE=$(patsubst binary-%,%,$@)
-+
-+# Required Debian target
-+binary: binary-indep binary-arch
-+
-+.PHONY: pre-build apply-patches reverse-patches post-patches common-configure build common-build build-% build-arch build-indep clean clean-dh-tests clean-impl common-install install-arch install-indep install-% common-binary binary-% binary-indep binary-arch binary deb-common-configure deb-common-build deb-clean deb-common-install deb-strip deb-makeshlibs $(DEB_PHONY_RULES)
---- mc-4.6.1.orig/debian/watch
-+++ mc-4.6.1/debian/watch
-@@ -0,0 +1,2 @@
-+version=2
-+http://pavelsh.pp.ru/mc/ mc-([0-9\-\.pre]+).tar.gz debian uupdate
---- mc-4.6.1.orig/debian/changelog
-+++ mc-4.6.1/debian/changelog
-@@ -0,0 +1,985 @@
-+mc (1:4.6.1-7) unstable; urgency=medium
-+
-+ * Fixed Anton Pak's recode patch which can cause a segfault.
-+ Closes: #382206, #382857, #400927
-+ * Mode display bug fixed. Patch added to 50_utf8-more.patch. Closes: #415097
-+ * Shift-Enter bug fixed. The line editing widget went crazy when seeing a litteral newline
-+ (Shift+enter or Ctrl-q+enter). Patch added to 50_utf8-more.patch
-+ Downloaded from https://svn.uhulinux.hu/packages/dev/mc/patches/
-+
-+ -- Ludovic Drolez <ldrolez@debian.org> Mon, 2 Apr 2007 8:44:35 +0200
-+
-+mc (1:4.6.1-6) unstable; urgency=medium
-+
-+ * debian/rules modified to fix a FTBFS during the 2nd build. Closes: #384302
-+ * added 05_symcrash.patch to fix a segfault (should be in mc's CVS). Closes: #383341
-+ * mpg123 title view fixed. Closes: #391644
-+
-+ -- Ludovic Drolez <ldrolez@debian.org> Thu, 24 Aug 2006 22:19:03 +0200
-+
-+mc (1:4.6.1-5) unstable; urgency=low
-+
-+ * Removed the Ctrl-t accelerator from 60_recode.patch. Closes: #380417
-+ * Modified 47_mc.menu.patch to use 'editor' instead of the hardcoded 'vi'
-+ so that mc makes use of /etc/alternatives. Closes: #373144
-+ * .tar view fixed in 01_mc.ext.in.mime.patch. Closes: #381353
-+ * still 68 bugs in the BTS...
-+
-+ -- Ludovic Drolez <ldrolez@debian.org> Mon, 31 Jul 2006 22:25:47 +0200
-+
-+mc (1:4.6.1-4) unstable; urgency=medium
-+
-+ * added 52_utf8-8bits-slang2.patch. Closes: #359016, #378786
-+ * added 55_mc-utf8-look-and-feel.patch : nicer look and feel
-+ * added 60_recode.patch : a patch to choose the charset from mc
-+ * 77 bugs should still remain after this upload... If you have some time please join
-+ the Debian MC team.
-+
-+ -- Ludovic Drolez <ldrolez@debian.org> Thu, 12 Jul 2006 20:00:00 +0200
-+
-+mc (1:4.6.1-3) unstable; urgency=low
-+
-+ * Changelog removed. Closes: #317707
-+ * Lowered the alternative priority on 'view' and 'edit'. Closes: #367991
-+ * Patched the UTF8 patch to allow compiling mc without UTF8. Closes: #367187
-+ * html files can be opened with links, w3m or lynx. Closes: #332910
-+ * added 04_off64t.patch to fix problems with tar archives
-+ larger than 2GB. Already added in mc's CVS. Closes: #324755
-+ * in 50_utf8-more.patch added a small patch for a problem in the status
-+ line with UTF-8 locales. Closes: #360427
-+ * 78 bugs should still remain after this upload...
-+
-+ -- Ludovic Drolez <ldrolez@debian.org> Thu, 22 Jun 2006 16:55:12 +0200
-+
-+mc (1:4.6.1-2) unstable; urgency=medium
-+
-+ * mc with UTF-8 support upload. Closes: #354691, #309398, #126077, #242194
-+ * added Ubuntu UTF-8 patches: 48_utf8-slang2.patch
-+ Many thanks to Leonard den Ottolander and Sebastian Droge
-+ * removed 27_menu-generation.patch because of UTF-8 problems
-+ * convert help and hint files to UTF-8 in the Debian makefile
-+ * 49_64bit.patch: patch to solve some 64bit problems from Gentoo
-+ * use arj instead of unarj. Closes: #340089
-+
-+ -- Ludovic Drolez <ldrolez@debian.org> Mon, 20 Mar 2006 23:41:40 +0200
-+
-+mc (1:4.6.1-1) unstable; urgency=low
-+
-+ * New upstream release. Closes: #321805, #298345
-+ getgrouplist() is not used anymore. Closes: #313401
-+ * View jpegs with /usr/bin/exif. Closes: #207655
-+ * Handle .ipk like .tgz. Closes: #323927
-+ * Filter for .mo files. Closes: #318077
-+ * Obsolete patches: 07_mc-tar-name-length-fix.patch,
-+ 24_mc-complete-show-all-fix.patch, 33_mc-iconv-error.patch.
-+ * 79 bugs should still remain after this upload...
-+
-+ -- Ludovic Drolez <ldrolez@debian.org> Mon, 5 Sep 2005 22:02:24 +0200
-+
-+mc (1:4.6.0-4.6.1-pre4-2) unstable; urgency=low
-+
-+ * Build against libslang2-dev. Closes: #315241
-+ * Added 07_mc-tar-name-length-fix.patch. Closes: #315597
-+ * Modified 35_mc.ext.in.patch to improve to deb vfs view. Closes: #198691
-+ * Added 09_de.po.patch to fix some typos in mc's de.po. Closes: #313796, #309957
-+ * Combined 35_mc.ext.in.patch, 04_dpkg_and_apt_vfs.patch, 01_mime.patch,
-+ 41_antiword_mc.ext.patch
-+ to 01_mc.ext.in.mime.patch to fix build problems.
-+
-+ -- Ludovic Drolez <ldrolez@debian.org> Tue, 21 Jun 2005 20:01:31 +0200
-+
-+mc (1:4.6.0-4.6.1-pre4-1) unstable; urgency=low
-+
-+ * New upstream release. Closes: #309630
-+ 20_german_translation.patch, 23_php.singlequote_fix.patch,
-+ 30_mc-spaceprompt1.patch, 43_AUTHORS.patch, 32_lang-with-env.patch removed
-+ * Build with debian slang1-dev
-+ * Do not remove /etc/mc/mc.ini. Closes: #198954
-+
-+ -- Ludovic Drolez <ldrolez@debian.org> Wed, 18 May 2005 23:15:05 +0200
-+
-+mc (1:4.6.0-4.6.1-pre3-3) unstable; urgency=medium
-+
-+ * urgency=medium because of 3 important bugs introduced by the last upload.
-+ * removed 46_dotdotdir.patch to fix the tar bug. Closes: #308546
-+ * replaced the iconv patch, 33_mc-iconv-error.patch, with a new
-+ one provided by Roland Illig. Closes: #308296
-+ * added cxx.syntax by copying the old c.syntax to it. Closes: #308794
-+ * removed the useless 44_str_unconst.patch.
-+
-+ -- Ludovic Drolez <ldrolez@debian.org> Wed, 11 May 2005 22:57:44 +0200
-+
-+mc (1:4.6.0-4.6.1-pre3-2) unstable; urgency=medium
-+
-+ * Urgency set to medium because of LOTS of annoying bugs fixed and
-+ the segfault in mcedit.
-+ * Fixed German po translation with upstream, 20_german_translation.patch.
-+ Closes: #253869
-+ * Added Antiword to view .doc files, 41_antiword_mc.ext.patch
-+ Closes: #305649
-+ * Added menu entry for Debian source packages, 47_mc.menu.diff
-+ Closes: #307344
-+ * Fixed Samba enabling. Closes: #264890
-+ * Fixed Build-Depend on libgpm for GNU/non-Linux. Closes: #226987
-+ * Added colored syntax for man pages by Michelle Konzack,
-+ 13_syntax.patch. Closes: #298322
-+ * Improved shell syntax highlighting by Michelle Konzack: 18_sh_syntax.patch.
-+ Closes: #299210
-+ * Improved php syntax HL with 23_php.singlequote_fix.patch
-+ * Fixed colored syntax highlighting and hostname in the title bar,
-+ 22_main.c.patch
-+ * Fixed tar file system glitch for "tar -cvzlf file.tgz / /home/"
-+ Closes: #89350
-+ * Fixed problems with View and Edit when used with LANG=hu_HU. Closes: #103242
-+ * Fixed unprintable control sequences in PS1 cause broken prompt
-+ Closes: #83447
-+ * Fixed: mcedit: subshell changes directory. Closes: #208867
-+ * Fixed the #utar archive content viewer missing files. Closes: #228934
-+ * Enabled charset conversion feature. Closes: #109956, #167986
-+ * Added new keybinding by Vitja Makarov with 42_keybindings-0.2.2.patch
-+ * Added const_cast to be replaced by str_unconst, 44_str_unconst.patch
-+ by Roland Illig.
-+ * Improved symlink handling in ftpfs (45_ftpfs_symlink*.patch) by P.Tsekov.
-+ * Parent directory's patch by Leonard den Ottolander with 46_dotdotdir.patch
-+ * Fixed user@hostname in the term emulation title bar.
-+ * Added new menu generation patch by Roland Illig
-+ with 27_menu-generation.patch
-+ * Fixed: possible data loss when quota exedeed by Jindrich Novy.
-+ * Fixed uarj bug from Savannah with 29_uarj_bug.patch (Savannah #12406).
-+ * Added patch to view inside udebs by Mantas Kriauciunas, 35_mc.ext.in.patch
-+ (Sannavah #3899)
-+ * Added "space on prompt bugfix" by Jindrich Novy with
-+ 30_mc-spaceprompt1.patch. Closes: #305859
-+ * Added Bad error checking after iconv() call patch by Jindrich Novy with
-+ 33_mc-iconv-error.patch
-+ * Added syntax patches for c vs. cxx with 32_c-vs-cxx.patch
-+ * Added syntax patches for scripts starting with /usr/bin/env with
-+ 32_lang-with-env.patch
-+ * Added a substitute for --enable-maintainer-mode with 36_developer_mode.patch
-+ by Roland Illig.
-+ * Fixed mc core dumps when not find "context default" section in syntax section
-+ with 37_mcedit-segv.patch by Ian Zagorskih.
-+ * Added the ext2 quote fixing hunks by Leonard den Ottolander.
-+ * Added AUTHORS patch, 43_AUTHORS.patch, by Leonard den Ottolander.
-+ * Added mcedit position remember bugfix by Christian Hamar with
-+ 31_mc_filepos_bugfix_461pre4a.patch
-+ * Added fix for End key in viewer by Jindrich Makovicka with 40_view.c.patch
-+ * Added Vietnamese translation with 26_vietnamese_po.patch
-+ * Fixed 11_extfs_missing.patch because of problems with .jar files.
-+ Closes: #299932.
-+ * added zip, unzip, bzip2 to 'Suggests'.
-+
-+ -- Ludovic Drolez <ldrolez@debian.org> Sun, 6 Mar 2005 12:06:32 +0100
-+
-+mc (1:4.6.0-4.6.1-pre3-1) unstable; urgency=high
-+
-+ * New maintainers: Stefano Melchior and Ludovic Drolez (closes: #282301).
-+ * Urgency set to high because of security bug fixes.
-+ * Missing quoting in ext2 and i18n fix.
-+ * Samba lib warning (netmask.c) fixed by 12_netmask_c.patch.
-+ * Security upload to handle DSA 639 (references: CAN-2004-1004,
-+ CAN-2004-1005, CAN-2004-1009, CAN-2004-1090, CAN-2004-1091, CAN-2004-1092,
-+ CAN-2004-1093, CAN-2004-1174, CAN-2004-1175, CAN-2004-1176),
-+ Fixed upstream in the pre3 release (Closes: #295261).
-+ * Pre3 release includes fix for CAN-2004-0226 (closes: #286395).
-+ * Fixed ftp filesystem impossibility to list dirs when password contains #
-+ (closes: #92121).
-+ * Fixed subshell impossibility to be started (closes: #241891).
-+ * Fixed CAN-2004-0494 (closes: #267596).
-+ * Fixed buffer overflow and format string vulnerabilities (closes: #295259).
-+ * Italian hotkey translation changed (closes: #231071).
-+ * New upstream pre-release.
-+
-+ -- Ludovic Drolez <ldrolez@debian.org> Mon, 17 Feb 2005 22:45:32 +0100
-+
-+mc (1:4.6.0-4.6.1-pre1-3) unstable; urgency=low
-+
-+ * Polish documentation fix no longer needed.
-+
-+ -- Adam Byrtek <alpha@debian.org> Wed, 5 May 2004 00:08:26 +0200
-+
-+mc (1:4.6.0-4.6.1-pre1-2) unstable; urgency=high
-+
-+ * Security upload to handle DSA-497-1 (references: CAN-2004-0226,
-+ CAN-2004-0231, CAN-2004-0232). Patch by Jakub Jelinek ported to
-+ 4.6.1-pre1 by Adam Byrtek.
-+
-+ -- Adam Byrtek <alpha@debian.org> Tue, 4 May 2004 09:28:26 +0200
-+
-+mc (1:4.6.0-4.6.1-pre1-1) unstable; urgency=high
-+
-+ * Security upload to fix buffer overflow, 4.6.1 final will be there
-+ soon (closes: #226737).
-+ * --without-x configure flag removed as mc now libX11 is loaded
-+ dynamically using gmodule, if possible.
-+
-+ -- Adam Byrtek <alpha@debian.org> Thu, 15 Jan 2004 15:55:52 +0100
-+
-+mc (1:4.6.0-5) unstable; urgency=low
-+
-+ * Fix segfault when TERM is unset (closes: #191867).
-+ * Removed conflict with gmc, which works with 4.6.0. Note that gmc
-+ installation still requires some --force (closes: #192493).
-+ * Files in /var/log are no longer treated as manpages
-+ (closes: #179350).
-+
-+ -- Adam Byrtek <alpha@debian.org> Tue, 17 Jun 2003 15:37:05 +0200
-+
-+mc (1:4.6.0-4) unstable; urgency=low
-+
-+ * Standard `awk' detected first by configure, not the specific
-+ implmentation (closes: #181972).
-+ * Polish translation breakage fixed (closes: #183275).
-+
-+ -- Adam Byrtek <alpha@debian.org> Wed, 19 Mar 2003 22:17:16 +0100
-+
-+mc (1:4.6.0-3) unstable; urgency=low
-+
-+ * `mcview' and `mcedit' added as alternatives for `editor' and `view'
-+ (closes: #116518).
-+
-+ -- Adam Byrtek <alpha@debian.org> Tue, 11 Feb 2003 22:05:00 +0100
-+
-+mc (1:4.6.0-2) unstable; urgency=low
-+
-+ * Control field 'Replaces: manpages-pl' added to replace Polish
-+ manual from this package with official one (closes: #180442).
-+ * 'Replaces: mc-common' added to make upgrade smoother.
-+ * 'Conflicts: suidmanager' because mc used to use it, but it is now
-+ deprecated (closes: #180431).
-+ * Doesn't depend on libgpm when compiling on HURD.
-+
-+ * README.Debian now mentions -P syntax changes (close: #180551).
-+
-+ -- Adam Byrtek <alpha@debian.org> Tue, 11 Feb 2003 13:55:47 +0100
-+
-+mc (1:4.6.0-1) unstable; urgency=low
-+
-+ * New upstream release.
-+ * First 4.6.0 official upload, and package takeover.
-+
-+ -- Adam Byrtek <alpha@debian.org> Wed, 5 Feb 2003 20:34:46 +0100
-+
-+mc (4.6.0-pre3-1) unstable; urgency=low
-+
-+ * New upstream prerelease.
-+
-+ -- Adam Byrtek <alpha@debian.org> Wed, 22 Jan 2003 09:54:58 +0100
-+
-+mc (4.6.0-pre2-2) unstable; urgency=low
-+
-+ * Patches checked, unneccesary removed, others reviewed.
-+
-+ -- Adam Byrtek <alpha@debian.org> Wed, 15 Jan 2003 00:35:20 +0100
-+
-+mc (4.6.0-pre2-1) unstable; urgency=low
-+
-+ * New upstream release (gmc, mc-common packages removed).
-+ * New maintainer, some cleanups.
-+ * Menu icon added (credits for the icon go to BigVax, bigvax@mail.ru).
-+ * New description (taken from freshmeat.net).
-+
-+ -- Adam Byrtek <alpha@debian.org> Sun, 29 Dec 2002 16:18:18 +0100
-+
-+mc (4.5.55-1.2) unstable; urgency=low
-+
-+ * Non-maintainer upload.
-+ * Make /etc/CORBA/servers/gmc.gnorba a conffile (closes: #132831).
-+ * Correct spelling mistakes in descriptions (closes: #124680, #125121).
-+ * Update convert-metadata.db to deal with libgnome32 linking against db3
-+ rather than db2, and add a new debconf question prompting the admin to
-+ run it. I've left the db1->db2 question there temporarily for historical
-+ and translation interest (closes: #103102).
-+ * Upgrades from slink need both libdb2-util and libdb3-util. Fortunately,
-+ they can coexist. I'll leave it up to the maintainers what to do about
-+ this after the woody release.
-+
-+ -- Colin Watson <cjwatson@debian.org> Sat, 16 Feb 2002 23:09:34 +0000
-+
-+mc (4.5.55-1.1) unstable; urgency=low
-+
-+ * Non-maintainer upload, with Martin's permission.
-+ * Build-depend on docbook-utils, not cygnus-stylesheets (closes: #123161).
-+ * Remove bashism in debian/rules (closes: #126733).
-+ * Depend on perl rather than on dummy packages (closes: #113208).
-+
-+ -- Colin Watson <cjwatson@debian.org> Tue, 15 Jan 2002 01:20:08 +0000
-+
-+mc (4.5.55-1) unstable; urgency=low
-+
-+ * New upstream release
-+ * Enable mouse for Eterm TERM value
-+ * mc.ext stabilized again upstream, so make it more Debian compliant
-+ again, closes: #105935, #98827
-+ * gmc documentation is fixed, closes: #107936
-+ * Fix german locale, closes: #108302
-+
-+ -- Martin Bialasinski <martinb@debian.org> Sun, 2 Sep 2001 17:07:56 +0200
-+
-+mc (4.5.54-2) unstable; urgency=low
-+
-+ * Use new config.guess and config.sub to allow compilation on hppa
-+
-+ -- Martin Bialasinski <martinb@debian.org> Fri, 13 Jul 2001 23:47:18 +0200
-+
-+mc (4.5.54-1) unstable; urgency=low
-+
-+ * New upstream release, closes: #99127
-+ * make gzip, compress, bzip, bzip2 entries in mc.ext more specific
-+ closes: #97242, #103800, #102512, #97896, #96649, #104111
-+ (Oskar Liljeblad)
-+ * Updated syntax highlighting for debian files, closes: #93228
-+ (Lenart Janos)
-+ * Fix regexp for rexx files in mc.ext, closes: #98432 (Michel Casabona)
-+ * Build fixes for the hurd, closes: #101542, #101543 (Marcus Brinkmann)
-+ * Danish translation for the debconf template, closes: #100335
-+ (Jesper R. Meyer)
-+ * Dutch translation for the debconf template, closes: #95738
-+ (Thomas J. Zeeman)
-+ * Spanish translation for the debconf template, closes: #102903
-+ (Carlos Valdivia Yague)
-+
-+ -- Martin Bialasinski <martinb@debian.org> Sun, 8 Jul 2001 12:19:24 +0200
-+
-+mc (4.5.51-16) unstable; urgency=low
-+
-+ * Update zu the uzip extfs
-+
-+ -- Martin Bialasinski <martinb@debian.org> Sun, 4 Mar 2001 20:57:25 +0100
-+
-+mc (4.5.51-15) unstable; urgency=low
-+
-+ * Update uzip extfs, closes: #86913
-+ * Fix compilation, closes: #87414
-+
-+ -- Martin Bialasinski <martinb@debian.org> Wed, 28 Feb 2001 19:32:44 +0100
-+
-+mc (4.5.51-14) unstable; urgency=low
-+
-+ * Translations for the gmc debconf template, thanks to
-+ fr by Thomas Morin, closes: #83765
-+ sv by Andre Dahlqvist, closes: #83677
-+
-+ -- Martin Bialasinski <martinb@debian.org> Sat, 3 Feb 2001 21:55:27 +0100
-+
-+mc (4.5.51-13) unstable; urgency=high
-+
-+ * Added libgnorba-dev to the build-depends. It is not pulled in by
-+ libgnome-dev on the m68k autobuilder, closes: #81200
-+ * Fixed dependancy on perl (lintian)
-+ * Fix for devfs in cons.saver, closes: #57557
-+ * Patch for proxy support in ftpfs from Mandrake
-+ * [gmc] Disabled checking of owner on file rename as a dirty fix
-+ closes: #80544
-+ * [gmc] Don't let the use confirm twice that he wants to exit,
-+ closes: #48523
-+ * Updated FAQ to reflect rename of mc mailinglists
-+ * Fix security bug using quick patch by Andrew V. Samoilov
-+ see http://www.securityfocus.com/vdb/?id=2016
-+ * Statoverride adaption
-+
-+ -- Martin Bialasinski <martinb@debian.org> Thu, 11 Jan 2001 20:07:02 +0100
-+
-+mc (4.5.51-12) unstable; urgency=high
-+
-+ * Added build-depends
-+ * Recompiled with latest glibc, closes: #74905, #74906, #75134, #77172
-+ * Added menu hints, closes: #80014, #80038
-+ * Fix problems with file selection code, closes: #79639
-+ Thanks to Alexander Viro
-+
-+ -- Martin Bialasinski <martinb@debian.org> Thu, 21 Dec 2000 14:48:35 +0100
-+
-+mc (4.5.51-11) unstable; urgency=high
-+
-+ * Security fix for cons.saver, bugtraq id 1945
-+ serious local DoS possibility
-+
-+ -- Martin Bialasinski <martinb@debian.org> Wed, 15 Nov 2000 20:05:20 +0100
-+
-+mc (4.5.51-10) unstable; urgency=low
-+
-+ * Fix for ftpfs, closes: #61239
-+
-+ -- Martin Bialasinski <martinb@debian.org> Sun, 12 Nov 2000 20:37:50 +0100
-+
-+mc (4.5.51-9) unstable; urgency=low
-+
-+ * Upstream patch to fix storing on root directory on a ftp server
-+
-+ -- Martin Bialasinski <martinb@debian.org> Wed, 8 Nov 2000 01:01:40 +0100
-+
-+mc (4.5.51-8) unstable; urgency=low
-+
-+ * Small fix to the .deb entry in mc.ext to make it work with new
-+ and old tar
-+ * New uzip extfs by Oskar Liljeblad, closes: #75353
-+
-+ -- Martin Bialasinski <martinb@debian.org> Sat, 4 Nov 2000 00:05:08 +0100
-+
-+mc (4.5.51-7) unstable; urgency=low
-+
-+ * Quote pathname on C-x p and C-x P, closes: #72632
-+ Thanks to Lois Lefort (sorry, missed the report somehow)
-+
-+ -- Martin Bialasinski <martinb@debian.org> Sat, 21 Oct 2000 14:50:12 +0200
-+
-+mc (4.5.51-6) unstable; urgency=low
-+
-+ * Changed F3 view of .deb and .rpm files like done on advanced mc,
-+ changed dependancies a bit to suit this
-+ * Correcting small spelling error (#21825 in the GNOME BTS)
-+ * Make mouse work in rxvt, closes: #74400
-+
-+ -- Martin Bialasinski <martinb@debian.org> Wed, 18 Oct 2000 20:22:45 +0200
-+
-+mc (4.5.51-5) unstable; urgency=low
-+
-+ * Upstream patch to fix %e behaviour on opening files for edit in gmc
-+
-+ -- Martin Bialasinski <martinb@debian.org> Wed, 4 Oct 2000 22:27:04 +0200
-+
-+mc (4.5.51-4) unstable; urgency=low
-+
-+ * Fix typo in mc.ext and mc-gnome.ext, thanks to Robert Luberda
-+ Closes: #71788
-+
-+ -- Martin Bialasinski <martinb@debian.org> Sat, 16 Sep 2000 09:33:57 +0200
-+
-+mc (4.5.51-3) unstable; urgency=low
-+
-+ * Fix to the patchfs by Loic Lefort, Closes: #71430
-+ * Fix filelocations in the manpages
-+ * Add the patchfs to mc.ext, so you can enter a (compressed)
-+ patch with <RET>
-+
-+ -- Martin Bialasinski <martinb@debian.org> Fri, 15 Sep 2000 00:16:50 +0200
-+
-+mc (4.5.51-2) unstable; urgency=low
-+
-+ * Fixed some strange problems with the patches, Closes: #69516
-+
-+ -- Martin Bialasinski <martinb@debian.org> Mon, 21 Aug 2000 01:13:21 +0200
-+
-+mc (4.5.51-1) unstable; urgency=low
-+
-+ * New upstream release, closes: #62261, #64975
-+ * Fixed description, closes: #62260
-+ * Moved locales data into mc-common, closes: #67577
-+ * Move documentation to /usr/share/doc and make a symlink in
-+ /usr/share/gnome/help
-+ * Fix gmc doc-base description, closes: #68671
-+ * Don't install a wrong manpage
-+
-+ -- Martin Bialasinski <martinb@debian.org> Mon, 14 Aug 2000 23:39:48 +0200
-+
-+mc (4.5.42-16) unstable; urgency=low
-+
-+ * Fix path in doc-base and create a missing symlink
-+
-+ -- Martin Bialasinski <martinb@debian.org> Sun, 26 Mar 2000 22:52:15 +0200
-+
-+mc (4.5.42-15) unstable; urgency=low
-+
-+ * Fix usage of debconf. Don't issue the warning on new installs
-+ * Move convert.metadata.db from /usr/lib/mc to /usr/bin
-+
-+ -- Martin Bialasinski <martinb@debian.org> Sun, 26 Mar 2000 14:37:36 +0200
-+
-+mc (4.5.42-14) unstable; urgency=low
-+
-+ * make convert-metadata.db executable in the postinst
-+
-+ -- Martin Bialasinski <martinb@debian.org> Sun, 19 Mar 2000 23:43:44 +0100
-+
-+mc (4.5.42-13) unstable; urgency=low
-+
-+ * Changed the undelfs example in mc.sgml and mc.1.in as well
-+ * Fix build from source bug, closes: #60289
-+
-+ -- Martin Bialasinski <martinb@debian.org> Mon, 13 Mar 2000 18:19:34 +0100
-+
-+mc (4.5.42-12) unstable; urgency=low
-+
-+ * Fix problem with hex view, roll-over on first position.
-+ Patch by Loic Lefort
-+
-+ -- Martin Bialasinski <martinb@debian.org> Mon, 13 Mar 2000 12:17:16 +0100
-+
-+mc (4.5.42-11) frozen unstable; urgency=low
-+
-+ * [gmc] Let the admin know that he must run convert-metadata.db
-+ via debconf. Closes: #58707
-+
-+ -- Martin Bialasinski <martinb@debian.org> Sun, 12 Mar 2000 20:27:56 +0100
-+
-+mc (4.5.42-10) frozen unstable; urgency=low
-+
-+ * Fixed documentation bug, closes: #60045
-+ * Fixed terminfo searchpath in internal slang, closes: #56272
-+ * [gmc] added dependancy on eject and made some comments in README.Debian,
-+ closes: #59214
-+
-+ -- Martin Bialasinski <martinb@debian.org> Sun, 12 Mar 2000 01:16:41 +0100
-+
-+mc (4.5.42-9) frozen unstable; urgency=low
-+
-+ * convert-metadata.db : set gid and egid before setting uid and euid. Doh!
-+ * Helpfile mentioned non-existing file. Closes: #56053
-+ * Fix small typo in mc.ext.in, part of #55897
-+ * Upload with full sources due to the change in the packaging method
-+
-+ -- Martin Bialasinski <martinb@debian.org> Mon, 6 Mar 2000 16:06:37 +0100
-+
-+mc (4.5.42-8) frozen unstable; urgency=low
-+
-+ * Switched to the Multipatch System the X packages use.
-+ * Patch from Andrew V. Samoilov, so the display is correct
-+ when selecting more than 2GB of files, closes: #53980, #58920
-+ * Added "or" and "and" keywords to perl sytnax file - patch by
-+ Tomasz Wegrzanowski, closes: #58437
-+ * Fix german translation, closes: #55401
-+ partly closes #56117
-+ * compile with --with-netrc
-+
-+ -- Martin Bialasinski <martinb@debian.org> Wed, 1 Mar 2000 01:50:05 +0100
-+
-+mc (4.5.42-7) unstable; urgency=low
-+
-+ * Fixes missing esac in mc.menu, thanks to Michel Casabona
-+ Closes: #54108
-+
-+ -- Martin Bialasinski <martinb@debian.org> Wed, 12 Jan 2000 21:22:47 +0100
-+
-+mc (4.5.42-6) unstable; urgency=low
-+
-+ * Fixes a y2k bug in the apt and dpkg vfs, closes: #54037
-+
-+ -- Martin Bialasinski <martinb@debian.org> Wed, 5 Jan 2000 17:39:43 +0100
-+
-+mc (4.5.42-5) unstable; urgency=low
-+
-+ * [gmc] Added dependancy on libdb-util* for convert-metadata.db
-+
-+ -- Martin Bialasinski <martinb@debian.org> Tue, 4 Jan 2000 14:20:05 +0100
-+
-+mc (4.5.42-4) unstable; urgency=low
-+
-+ * [gmc] Revised patch for the icon handling, closes: #53814
-+
-+ -- Martin Bialasinski <martinb@debian.org> Sat, 1 Jan 2000 17:53:13 +0100
-+
-+mc (4.5.42-3) unstable; urgency=low
-+
-+ * [gmc] Applied patch for icon misplacement, closes: #51571
-+ * SEP, closes #52250
-+ * Fixed lintian warnings about copyright file location
-+
-+ -- Martin Bialasinski <martinb@debian.org> Mon, 27 Dec 1999 18:43:18 +0100
-+
-+mc (4.5.42-2) unstable; urgency=low
-+
-+ * New version of the apt/dpkg vfs
-+
-+ -- Martin Bialasinski <martinb@debian.org> Mon, 20 Dec 1999 11:18:26 +0100
-+
-+mc (4.5.42-1) unstable; urgency=low
-+
-+ * New upstream release
-+ * [gmc] Remove notice how to fix broken desktop icons from postinst
-+ * enable NLS
-+
-+ -- Martin Bialasinski <martinb@debian.org> Wed, 8 Dec 1999 12:22:13 +0100
-+
-+mc (4.5.40-8) unstable; urgency=low
-+
-+ * Small fix to the apt and dpkg vfs.
-+
-+ -- Martin Bialasinski <martinb@debian.org> Fri, 3 Dec 1999 18:16:41 +0100
-+
-+mc (4.5.40-7) unstable; urgency=low
-+
-+ * Really fixes all zip,jar archive problems,
-+ thanks again to Oskar Liljeblad. Closes: #50528, #51779
-+ * Amazing new vfs by Piotr Roszatycki <dexter@fnet.pl>, a
-+ dpkg and apt frontend! See README.Debian for info.
-+ Closes: #46694
-+
-+ -- Martin Bialasinski <martinb@debian.org> Fri, 3 Dec 1999 00:11:07 +0100
-+
-+mc (4.5.40-6) unstable; urgency=low
-+
-+ * Fixed problem with ~/.gnome/metadata.db
-+ libc switch from DB 1.85 to DB 2, so the file has to be recreated.
-+ Shipping a conversion script as /usr/lib/mc/convert-metadata.db
-+ Closes: #47115, #46491
-+ * Don't wait for upstream to include the new Debian logo, Closes: #46502
-+
-+ -- Martin Bialasinski <martinb@debian.org> Tue, 30 Nov 1999 21:24:35 +0100
-+
-+mc (4.5.40-5) unstable; urgency=low
-+
-+ * Patch for mc.ext by Tomasz Wegrzanowski <maniek@beer.com>
-+ to use sensible-* Closes: #50210
-+ * Patch for mc.ext by Oskar Liljeblad <osk@hem.passagen.se>
-+ to use run-mailcap Closes: #50732
-+ * Missing closing bracket in uzip.in (thanks to Andreas Wappel),
-+ fixed the other repored problems. Closes: #48003
-+ (Also #50528, #50452, but has to be checked)
-+ * Using a better fix for the tar problem in the deb vfs
-+
-+ -- Martin Bialasinski <martinb@debian.org> Thu, 25 Nov 1999 23:45:20 +0100
-+
-+mc (4.5.40-4) unstable; urgency=low
-+
-+ * Use mc's own slang, which has some modifications.
-+ Closes: #47487
-+ * mc doesn't have a mtools vfs for some time now, closes: #26821
-+ * Included syntax highlighting definitions for debian/changelog,
-+ debian/rules, debian/control and sources.list, closes: #47403
-+ Thanks to Radovan Garabik <garabik@melkor.dnp.fmph.uniba.sk>
-+
-+ -- Martin Bialasinski <martinb@debian.org> Sat, 31 Oct 1999 13:59:54 +0200
-+
-+mc (4.5.40-3) unstable; urgency=low
-+
-+ * Recompiled with slang 1.3 - Fixes the dreadful
-+ "right border is not cleaned" and other display bugs.
-+ Closes: #34315, #40496, #41166, #47328 and part of #47197
-+
-+ -- Martin Bialasinski <martinb@debian.org> Thu, 14 Oct 1999 19:03:32 +0200
-+
-+mc (4.5.40-2) unstable; urgency=low
-+
-+ * Added conflicts to the versions before mc-common was introduced
-+
-+ -- Martin Bialasinski <martinb@debian.org> Sat, 2 Oct 1999 12:34:06 +0200
-+
-+mc (4.5.40-1) unstable; urgency=low
-+
-+ * New upstream release
-+
-+ -- Martin Bialasinski <martinb@debian.org> Thu, 30 Sep 1999 00:51:33 +0200
-+
-+mc (4.5.39-1) unstable; urgency=low
-+
-+ * New upstream version
-+ * Uploading as a co-maintainer
-+ * New package setup
-+ - mc-common, mc and gmc
-+ - mc and gmc don't conflict anymore
-+ Closes: #43761
-+ * Using debhelper, no more fhs problems, closes: #45962
-+ * Applied fixes for new tar format (without leading ./)
-+ Closes: #45473, #45432, #45145, #45131, #44965, #45340
-+ * Suidregister only in the mc package, closes: #45014
-+ * smbfs was removed before, closes: #45481, #45267, #45339
-+ * Added xterm-color to the list of color capable TERMs in mc.ini
-+ * Added note in README about fixing ~/.mc/ini to enable colored mc
-+ Closes: #26820
-+ * Added TODO and upstream changelogs to the packages
-+
-+ -- Martin Bialasinski <martinb@debian.org> Tue, 28 Sep 1999 03:09:32 +0200
-+
-+mc (4.5.38-4) unstable; urgency=low
-+
-+ * add -f to the rm's in debian/rules (Close: #45650)
-+
-+ -- Michael Bramer <grisu@debian.org> Fri, 24 Sep 1999 07:58:57 +0200
-+
-+mc (4.5.38-3) unstable; urgency=low
-+
-+ * remove mc.real to mc and remove the --with-samba option. I must
-+ work with the sources.
-+ Sorry, for the last problems.
-+
-+ -- Michael Bramer <grisu@debian.org> Sun, 19 Sep 1999 14:25:57 +0200
-+
-+mc (4.5.38-2) unstable; urgency=low
-+
-+ * add .real to mc in /usr/bin/mc
-+
-+ -- Michael Bramer <grisu@debian.org> Wed, 15 Sep 1999 13:23:44 +0200
-+
-+mc (4.5.38-1) unstable; urgency=low
-+
-+ * add patch from viro@math.psu.edu (Close:#29176)
-+ * add --with-samba to configure
-+ * move /usr/bin/mc to /usr/bin/mc.real and add the
-+ script /usr/bin/mc (Close:#43168)
-+ * recompiled with slang1-dev 1.2.2-3 (Close:#44359)
-+ * add link from /usr/bin/mcedit to /usr/bin/mc (Close:#40943)
-+ * new upstream version
-+
-+ -- Michael Bramer <grisu@debian.org> Tue, 7 Sep 1999 22:34:18 +0200
-+
-+mc (4.5.37-2) unstable; urgency=low
-+
-+ * rebuild with newer gpm. (now should use /var/run/gpmctl and not
-+ /dev/gpmctl)
-+
-+ -- Michael Bramer <grisu@debian.org> Wed, 4 Aug 1999 11:41:32 +0200
-+
-+mc (4.5.37-1) unstable; urgency=low
-+
-+ * new upstream version
-+
-+ -- Michael Bramer <grisu@debian.org> Tue, 3 Aug 1999 22:29:21 +0200
-+
-+mc (4.5.33-6) unstable; urgency=low
-+
-+ * set auto_save_setup to no in mc.ini
-+
-+ -- Michael Bramer <grisu@debian.org> Sat, 3 Jul 1999 11:32:50 +0200
-+
-+mc (4.5.33-5) unstable; urgency=low
-+
-+ * add link from /usr/lib/mc/mc.ini to /etc/mc/
-+
-+ -- Michael Bramer <grisu@debian.org> Sat, 3 Jul 1999 09:02:00 +0200
-+
-+mc (4.5.33-4) unstable; urgency=low
-+
-+ * add 'AWK="awk"' in debian/rules
-+ * remove /usr/etc/mc (change rules and Makefiles.in's) (close: 37070)
-+ * remove changelog_intl.gz (close: 36683)
-+ * remove README.debian (close: 36682)
-+ * add 'color_terminals=linux,xterm-debian,screen' in debian/addons/mc.ini
-+ (close: 26820)
-+ * move /usr/lib/mc/term/ to /urs/doc/mc/ (close: 26022)
-+
-+ -- Michael Bramer <grisu@debian.org> Fri, 2 Jul 1999 14:54:14 +0200
-+
-+mc (4.5.33-3) unstable; urgency=low
-+
-+ * Add 'Provides: mc' in gmc-package controlfile (close: #35005)
-+
-+ -- Michael Bramer <grisu@debian.org> Tue, 29 Jun 1999 23:52:56 +0200
-+
-+mc (4.5.33-2) unstable; urgency=low
-+
-+ * now compiled with the installed package e2fslibs-dev (close: 40335)
-+
-+ -- Michael Bramer <grisu@debian.org> Tue, 29 Jun 1999 00:44:50 +0200
-+
-+mc (4.5.33-1) unstable; urgency=low
-+
-+ * new upstream version
-+
-+ -- Michael Bramer <grisu@debian.org> Wed, 9 Jun 1999 05:02:23 +0200
-+
-+mc (4.5.30-2) unstable; urgency=low
-+
-+ * Patch from Martin Bialasinski <martin@internet-treff.uni-koeln.de> close:#36246
-+
-+ -- Michael Bramer <grisu@debian.org> Mon, 19 Apr 1999 12:19:25 +0200
-+
-+mc (4.5.30-1) unstable; urgency=low
-+
-+ * new upstream version
-+
-+ -- Michael Bramer <grisu@debian.org> Wed, 14 Apr 1999 17:41:15 +0200
-+
-+mc (4.5.25-1) unstable; urgency=low
-+
-+ * change the download source to:
-+ ftp://ftp.sunsite.org.uk/packages/gnome/sources/mc
-+ * add --sysconfdir=/etc in the rule file
-+ * new upstream version (with my patches :-)
-+
-+ -- Michael Bramer <grisu@debian.org> Tue, 16 Mar 1999 13:38:32 +0100
-+
-+mc (4.5.22-1) unstable; urgency=low
-+
-+ * change ee to eeyes in lib/mc-gnome.ext.in
-+ * new upstream version
-+
-+ -- Michael Bramer <grisu@debian.org> Thu, 4 Mar 1999 23:47:37 +0100
-+
-+mc (4.5.21-1) unstable; urgency=low
-+
-+ * remove usr/share/pixmaps/ from mc
-+ (from the 'first' 4.5.21-1 upload in gnome-staging)
-+ * remove usr/bin/plain-gmc from mc
-+ (from the 'first' 4.5.21-1 upload in gnome-staging)
-+ * add patch from viro@math.psu.edu close:29176
-+ * new config files: mc.global and mc-gnome.ext
-+ * add link from /usr/lib/etc/mc.global to /etc/mc/mc.global
-+ * add links from /usr/lib/mc/* to /etc/mc/
-+ * new upstream version
-+ * add a '-f' to -rm gnome/gmc in debian/rule
-+ * change 'ee' in 'eeyes' in lib/mc-gnome.ext
-+ * add the conffiles in the gmc-package
-+
-+ -- Michael Bramer <grisu@debian.org> Sat, 27 Feb 1999 00:11:28 +0100
-+
-+mc (4.5.1-1.1) frozen; urgency=medium
-+
-+ * NMU in behalf of Michael Bramer as he has not got a pure slink system
-+ * Fixes Bug#33341, priority important (buffer overrun) for slink
-+
-+ -- Martin Bialasinski <martinb@debian.org> Wed, 17 Feb 1999 00:26:48 +0100
-+
-+mc (4.5.1-1) unstable; urgency=low
-+
-+ * new (beta) version
-+
-+ -- Michael Bramer <grisu@debian.org> Thu, 22 Oct 1998 19:48:42 +0200
-+
-+mc (4.1.36-1) unstable; urgency=low
-+
-+ * change from +Z to -Z for zsh (close:#26428)
-+ * add Suggests:rpm (close:#26137)
-+ * remove /usr/doc/mc/README.edit (close:#26047)
-+ * add patch from Patrik Rak in deb.in (close:#25838)
-+ * add link from /usr/lib/mc/mc.ext to /etc/mc/mc.ext (close#25719)
-+ * New upsteam release
-+
-+ -- Michael Bramer <grisu@debian.org> Thu, 15 Oct 1998 11:41:11 +0200
-+
-+mc (4.1.35-6) unstable; urgency=low
-+
-+ * don't print debug-code in gnome/*.c (#25587)
-+ * move usr/doc/mc/changelog_src.gz to usr/doc/mc/changelog.gz
-+ * Change menue from Apps/Misc to Apps/Tools
-+
-+ -- Michael Bramer <grisu@debian.org> Wed, 26 Aug 1998 10:23:43 +0200
-+
-+mc (4.1.35-5) unstable; urgency=low
-+
-+ * make the menufiles in the new format
-+ * change from ee to eeyes for *.jpeg etc. in mc.ext
-+
-+ -- Michael Bramer <grisu@debian.org> Tue, 25 Aug 1998 18:35:11 +0200
-+
-+mc (4.1.35-4) unstable; urgency=low
-+
-+ * add to debstd the -u option
-+ * make a new build with gonme0.27 and co.
-+
-+ -- Michael Bramer <grisu@debian.org> Mon, 17 Aug 1998 13:07:11 +0200
-+
-+mc (4.1.35-3) unstable; urgency=low
-+
-+ * add all changelog-files in /usr/doc/[g]mc
-+ * make for gmc a /usr/doc/gmc/
-+ * add a '!' in the first line from mcfn_install.in, now: #!/bin/sh
-+ * typo in the Description (thanks to joey)
-+ * don't print debug-code in gdesktop.c (#25587)
-+
-+ -- Michael Bramer <grisu@debian.org> Mon, 10 Aug 1998 23:29:33 +0200
-+
-+mc (4.1.35-2) unstable; urgency=low
-+
-+ * the multi-package is not nice, but it should work
-+ * add gmc support in a multi-binary-package
-+ * new maintainer
-+
-+ -- Michael Bramer <grisu@debian.org> Fri, 31 Jul 1998 13:04:28 +0200
-+
-+mc (4.1.35-1) frozen unstable; urgency=low
-+
-+ * New upsteam release fixes a bug introduced by last version,
-+ which made the history input lines stop working. Since this
-+ is one of the essential useability features of MC which will
-+ most certainly provoke bug reports this here should still go
-+ into frozen.
-+
-+ -- Paul Seelig <pseelig@goofy.zdv.uni-mainz.de> Tue, 26 May 1998 05:00:05 +0100
-+
-+mc (4.1.34-1) frozen unstable; urgency=low
-+
-+ * New upsteam release really fixes Bug#20727 and some bugs no one
-+ has even bothered to report until now. :-)
-+ * Added "--without-gnome" and "--disable-nls" flags to debian/rules.
-+ The internationalized Gnome version of MC is becoming pretty mature,
-+ but will not go into frozen, sorry.
-+
-+ -- Paul Seelig <pseelig@goofy.zdv.uni-mainz.de> Fri, 15 May 1998 21:36:56 +0100
-+
-+mc (4.1.28-3) frozen unstable; urgency=low
-+
-+ * Rebuild using ss-dev, comerr-dev and e2fslibs-dev closing Bug#21749
-+
-+ -- Paul Seelig <pseelig@goofy.zdv.uni-mainz.de> Tue, 28 Apr 1998 22:32:15 +0100
-+
-+mc (4.1.28-2) frozen unstable; urgency=low
-+
-+ * Changed debian/postinst to address and close Bug#20871. I wonder why
-+ this didn't show up earlier?
-+
-+ -- Paul Seelig <pseelig@goofy.zdv.uni-mainz.de> Wed, 08 Apr 1998 21:29:51 +0100
-+
-+mc (4.1.28-1) frozen unstable; urgency=low
-+
-+ * New upstream release.
-+ * Compiled with ext2undel feature closing Bug#20752.
-+ * Fixes an upstream bug which made MC crash when trying to copy an
-+ unreadable file via FTP.
-+
-+ -- Paul Seelig <pseelig@goofy.zdv.uni-mainz.de> Mon, 06 Apr 1998 17:23:15 +0100
-+
-+mc (4.1.27-1) unstable; urgency=low
-+
-+ * New upstream release.
-+
-+ -- Paul Seelig <pseelig@goofy.zdv.uni-mainz.de> Fri, 27 Feb 1998 07:44:29 +0100
-+
-+mc (4.1.26-1) unstable; urgency=low
-+
-+ * New upstream release.
-+ * Updated to standards version 2.4.0.0
-+ * Updated postal address of FSF in copyright file
-+ * Added manual page for 'mcmfmt'.
-+ * Adapted control file to place package in section "utils"
-+ with priority "optional".
-+
-+ -- Paul Seelig <pseelig@goofy.zdv.uni-mainz.de> Fri, 20 Feb 1998 03:41:38 +0100
-+
-+mc (4.1.24-1) unstable; urgency=low
-+
-+ * New upstream release version
-+ * Binary package now smaller because upstream maintainer truncated
-+ the src/Changelog file which has grown far too large over time. ;-)
-+ * Changed "Architecture: i386" to "Architecture: any" in control file.
-+ This addresses and closes bug #17226 as reported by James Troup.
-+
-+ -- Paul Seelig <pseelig@goofy.zdv.uni-mainz.de> Thu, 22 Jan 1998 18:32:55 +0100
-+
-+mc (4.1.22-2) unstable; urgency=low
-+
-+ * Adapted debian/changelog to reflect official Debian release history
-+ * Added debian/menu file from former maintainer
-+ * Closing supposedly outdated bugs #9868, #14744, #14768, #16050
-+ and #11968 due to increase of upstream version number.
-+
-+ -- Paul Seelig <pseelig@goofy.zdv.uni-mainz.de> Fri, 16 Jan 1998 23:41:32 +0100
-+
-+mc (4.1.22-1) unstable; urgency=low
-+
-+ * New maintainer
-+ * New upstream version
-+
-+ -- Paul Seelig <pseelig@goofy.zdv.uni-mainz.de> Fri, 16 Jan 1998 17:41:32 +0100
-+
-+mc (4.1.9-1) unstable; urgency=low
-+
-+ * Upgraded to latest upstream release (Bugs #13145, #14012).
-+ * Use pristine source.
-+ * Wrote patch to build with libc6.
-+ * Orphaned the package (Unfixed since 6 months).
-+ * Recommends file (Bug #7338).
-+ * #11864 sould be fixed (libgpmg problem).
-+ * Depend on login-970616-1 and don't install cons.saver suid root
-+ (Bug #13440).
-+ * Corrected debian/rules (make clean shouldn't fail).
-+
-+ -- Vincent Renardias <vincent@waw.com> Mon, 10 Nov 1997 00:05:02 +0100
-+
-+mc (3.5.17-1) unstable; urgency=low
-+
-+ * Upgraded to latest upstream release
-+ * Sources converted to new format
-+
-+ -- Fernando Alegre <alegre@debian.org> Mon, 24 Feb 1997 12:56:43 +0100
-+
---- mc-4.6.1.orig/debian/slang.c
-+++ mc-4.6.1/debian/slang.c
-@@ -0,0 +1,19 @@
-+#include <stdio.h>
-+#include <slang.h>
-+
-+void main(void)
-+{
-+ SLtt_get_terminfo ();
-+ SLang_init_tty (-1, 0, 0);
-+ SLsmg_init_smg ();
-+
-+ /* do stuff .... */
-+ SLsmg_write_nchars("éàç", 3);
-+ SLsmg_printf (" éàç ");
-+ SLsmg_write_char ('à');
-+ SLsmg_refresh();
-+ sleep(5);
-+
-+ SLsmg_reset_smg ();
-+ SLang_reset_tty ();
-+}
---- mc-4.6.1.orig/debian/mc.postinst
-+++ mc-4.6.1/debian/mc.postinst
-@@ -0,0 +1,14 @@
-+#! /bin/sh
-+
-+set -e
-+
-+case "$1" in
-+ configure|abort-upgrade)
-+ update-alternatives --install /usr/bin/view view /usr/bin/mcview-debian 25 \
-+ --slave /usr/share/man/man1/view.1.gz view.1.gz /usr/share/man/man1/mcview.1.gz
-+ update-alternatives --install /usr/bin/editor editor /usr/bin/mcedit-debian 25 \
-+ --slave /usr/share/man/man1/editor.1.gz editor.1.gz /usr/share/man/man1/mcedit.1.gz
-+ ;;
-+esac
-+
-+#DEBHELPER#
---- mc-4.6.1.orig/debian/manpages
-+++ mc-4.6.1/debian/manpages
-@@ -0,0 +1,3 @@
-+debian/extra/mcmfmt.1
-+debian/extra/mcedit-debian.1
-+debian/extra/mcview-debian.1
---- mc-4.6.1.orig/debian/mc.postrm
-+++ mc-4.6.1/debian/mc.postrm
-@@ -0,0 +1,12 @@
-+#! /bin/sh
-+
-+set -e
-+
-+case "$1" in
-+ purge)
-+ rm -f /etc/mc/mc.lib /etc/mc/mc.ext /etc/mc/mc.menu
-+ rmdir /etc/mc 2>/dev/null || true
-+ ;;
-+esac
-+
-+#DEBHELPER#
---- mc-4.6.1.orig/debian/README.Debian
-+++ mc-4.6.1/debian/README.Debian
-@@ -0,0 +1,34 @@
-+mc for Debian
-+-------------
-+
-+ Debian mc package patches: http://alioth.debian.org/projects/pkg-mc/
-+
-+
-+ The 4.6.1-pre3 introduces the charset and samba enabling in the mc package
-+ compilation.
-+
-+ The current is a pre-release for 4.6.1 where the aim is to include as
-+ many bug fixes as possible. In particular DSA 639-1 vulnerabilities.
-+
-+ -- Stefano Melchior <stefano.melchior@openlabs.it> Mon, 31 Jan 2005 23:50:45 +0100
-+
-+ Starting with version 4.6.0 Midnight Commander doesn't include any
-+ GUI interface. The GNOME interface has been removed so that the
-+ developers could concentrate on the text edition of the program. If
-+ you need a GUI file manager, there are many of them available in the
-+ Debian archive - pick one and use it.
-+
-+ Because of some issues a method to stay in the last working directory
-+ after exit has changed with 4.6.0. See the description of the -P
-+ option in the Options section of the manual and new wrapper scripts
-+ in /usr/share/mc/bin/.
-+
-+ If you want to learn some interesting usage tips, you should read the
-+ Midnight Commander FAQ (/usr/share/doc/mc/FAQ, also available through
-+ the Debian doc-base interface).
-+
-+ Midnight Commander supports apt and dpkg archive managment through
-+ it's ExtFS feature. Just "cd #apt" or "cd #dpkg" at the mc command
-+ line and try it.
-+
-+ -- Adam Byrtek <alpha@debian.org> Wed, 5 Feb 2003 20:34:46 +0100
---- mc-4.6.1.orig/debian/patches/13_syntax.patch
-+++ mc-4.6.1/debian/patches/13_syntax.patch
-@@ -0,0 +1,13 @@
-+--- syntax/Syntax Sun Mar 6 14:11:31 2005
-++++ syntax/Syntax Sun Mar 6 19:00:44 2005
-+@@ -41,8 +41,9 @@
-+ file ..\*\\.(rb|RB)$ Ruby\sProgram ^#!\s\*/.\*/ruby
-+ include ruby.syntax
-+
-+-file ..\*\\.(man|[0-9n]|[0-9]x)$ NROFF\sSource
-++file ..\*\\.(man|[0-9n]|[0-9](x|ncurses|ssl|p|pm|menu|form|vga|t|td))$ NROFF\sSource
-+ include nroff.syntax
-++
-+
-+ file ..\*\\.(htm|html|HTM|HTML)$ HTML\sFile
-+ include html.syntax
---- mc-4.6.1.orig/debian/patches/48_utf8-slang2.patch
-+++ mc-4.6.1/debian/patches/48_utf8-slang2.patch
-@@ -0,0 +1,5119 @@
-+diff -Naur mc-4.6.1-old/edit/edit.c mc-4.6.1/edit/edit.c
-+--- mc-4.6.1-old/edit/edit.c 2005-05-27 16:19:18.000000000 +0200
-++++ mc-4.6.1/edit/edit.c 2005-10-28 10:08:07.736247264 +0200
-+@@ -93,7 +93,7 @@
-+
-+ #ifndef NO_INLINE_GETBYTE
-+
-+-int edit_get_byte (WEdit * edit, long byte_index)
-++mc_wchar_t edit_get_byte (WEdit * edit, long byte_index)
-+ {
-+ unsigned long p;
-+ if (byte_index >= (edit->curs1 + edit->curs2) || byte_index < 0)
-+@@ -125,7 +125,7 @@
-+
-+ edit->curs1 = 0;
-+ edit->curs2 = 0;
-+- edit->buffers2[0] = g_malloc (EDIT_BUF_SIZE);
-++ edit->buffers2[0] = g_malloc (EDIT_BUF_SIZE * sizeof(mc_wchar_t));
-+ }
-+
-+ /*
-+@@ -152,7 +152,7 @@
-+ }
-+
-+ if (!edit->buffers2[buf2])
-+- edit->buffers2[buf2] = g_malloc (EDIT_BUF_SIZE);
-++ edit->buffers2[buf2] = g_malloc (EDIT_BUF_SIZE * sizeof(mc_wchar_t));
-+
-+ mc_read (file,
-+ (char *) edit->buffers2[buf2] + EDIT_BUF_SIZE -
-+@@ -162,7 +162,7 @@
-+ for (buf = buf2 - 1; buf >= 0; buf--) {
-+ /* edit->buffers2[0] is already allocated */
-+ if (!edit->buffers2[buf])
-+- edit->buffers2[buf] = g_malloc (EDIT_BUF_SIZE);
-++ edit->buffers2[buf] = g_malloc (EDIT_BUF_SIZE * sizeof(mc_wchar_t));
-+ mc_read (file, (char *) edit->buffers2[buf], EDIT_BUF_SIZE);
-+ }
-+
-+@@ -242,9 +242,44 @@
-+ {
-+ int c;
-+ long i = 0;
-+- while ((c = fgetc (f)) >= 0) {
-++#ifndef UTF8
-++ while ((c = fgetc (f)) != EOF) {
-+ edit_insert (edit, c);
-+ i++;
-++#else /* UTF8 */
-++ unsigned char buf[MB_LEN_MAX];
-++ int charpos = 0;
-++ mbstate_t mbs;
-++
-++ while ((c = fgetc (f)) != EOF) {
-++ mc_wchar_t wc;
-++ int size;
-++ int j;
-++
-++ buf[charpos++] = c;
-++
-++ memset (&mbs, 0, sizeof (mbs));
-++ size = mbrtowc(&wc, (char *)buf, charpos, &mbs);
-++
-++ if (size == -2)
-++ continue; /* incomplete */
-++
-++ else if (size >= 0) {
-++ edit_insert (edit, wc);
-++ i++;
-++ charpos = 0;
-++ continue;
-++ }
-++ else {
-++
-++ /* invalid */
-++#ifdef __STDC_ISO_10646__
-++ for (j=0; j<charpos; j++)
-++ edit_insert (edit, BINARY_CHAR_OFFSET + (mc_wchar_t)buf[j]);
-++#endif
-++ charpos = 0;
-++ }
-++#endif /* UTF8 */
-+ }
-+ return i;
-+ }
-+@@ -252,9 +287,32 @@
-+ long edit_write_stream (WEdit * edit, FILE * f)
-+ {
-+ long i;
-++#ifndef UTF8
-+ for (i = 0; i < edit->last_byte; i++)
-+ if (fputc (edit_get_byte (edit, i), f) < 0)
-+ break;
-++#else /* UTF8 */
-++ for (i = 0; i < edit->last_byte; i++) {
-++ mc_wchar_t wc = edit_get_byte (edit, i);
-++ int res;
-++ char tmpbuf[MB_LEN_MAX];
-++ mbstate_t mbs;
-++
-++ memset (&mbs, 0, sizeof (mbs));
-++
-++#ifdef __STDC_ISO_10646__
-++ if (wc >= BINARY_CHAR_OFFSET && wc < (BINARY_CHAR_OFFSET + 256)) {
-++ res = 1;
-++ tmpbuf[0] = (char) (wc - BINARY_CHAR_OFFSET);
-++ } else
-++#endif
-++ res = wcrtomb(tmpbuf, wc, &mbs);
-++ if (res > 0) {
-++ if (fwrite(tmpbuf, res, 1, f) != 1)
-++ break;
-++ }
-++ }
-++#endif /* UTF8 */
-+ return i;
-+ }
-+
-+@@ -294,12 +352,46 @@
-+ int i, file, blocklen;
-+ long current = edit->curs1;
-+ unsigned char *buf;
-++#ifdef UTF8
-++ mbstate_t mbs;
-++ int bufstart = 0;
-++
-++ memset (&mbs, 0, sizeof (mbs));
-++#endif /* UTF8 */
-+ if ((file = mc_open (filename, O_RDONLY | O_BINARY)) == -1)
-+ return 0;
-+ buf = g_malloc (TEMP_BUF_LEN);
-++#ifndef UTF8
-+ while ((blocklen = mc_read (file, (char *) buf, TEMP_BUF_LEN)) > 0) {
-+ for (i = 0; i < blocklen; i++)
-+ edit_insert (edit, buf[i]);
-++#else /* UTF8 */
-++ while ((blocklen = mc_read (file, (char *) buf + bufstart, TEMP_BUF_LEN - bufstart)) > 0) {
-++ blocklen += bufstart;
-++ bufstart = 0;
-++ for (i = 0; i < blocklen; ) {
-++ mc_wchar_t wc;
-++ int j;
-++ int size = mbrtowc(&wc, (char *)buf + i, blocklen - i, &mbs);
-++ if (size == -2) { /*incomplete char*/
-++ bufstart = blocklen - i;
-++ memcpy(buf, buf+i, bufstart);
-++ i = blocklen;
-++ memset (&mbs, 0, sizeof (mbs));
-++ }
-++ else if (size <= 0) {
-++#ifdef __STDC_ISO_10646__
-++ edit_insert (edit, BINARY_CHAR_OFFSET + (mc_wchar_t)buf[i]);
-++#endif
-++ memset (&mbs, 0, sizeof (mbs));
-++ i++; /* skip broken char */
-++ }
-++ else {
-++ edit_insert (edit, wc);
-++ i+=size;
-++ }
-++ }
-++#endif /* UTF8 */
-+ }
-+ edit_cursor_move (edit, current - edit->curs1);
-+ g_free (buf);
-+@@ -393,7 +485,11 @@
-+ static int
-+ edit_load_file (WEdit *edit)
-+ {
-++#ifndef UTF8
-+ int fast_load = 1;
-++#else /* UTF8 */
-++ int fast_load = 0; /* can't be used with multibyte characters */
-++#endif /* UTF8 */
-+
-+ /* Cannot do fast load if a filter is used */
-+ if (edit_find_filter (edit->filename) >= 0)
-+@@ -540,7 +636,7 @@
-+ edit_set_filename (edit, filename);
-+ edit->stack_size = START_STACK_SIZE;
-+ edit->stack_size_mask = START_STACK_SIZE - 1;
-+- edit->undo_stack = g_malloc ((edit->stack_size + 10) * sizeof (long));
-++ edit->undo_stack = g_malloc ((edit->stack_size + 10) * sizeof (struct action));
-+ if (edit_load_file (edit)) {
-+ /* edit_load_file already gives an error message */
-+ if (to_free)
-+@@ -565,7 +661,9 @@
-+ edit_move_display (edit, line - 1);
-+ edit_move_to_line (edit, line - 1);
-+ }
-+-
-++#ifdef UTF8
-++ edit->charpoint = 0;
-++#endif
-+ return edit;
-+ }
-+
-+@@ -693,13 +789,23 @@
-+ {
-+ unsigned long sp = edit->stack_pointer;
-+ unsigned long spm1;
-+- long *t;
-++
-++ struct action *t;
-++ mc_wchar_t ch = 0;
-++
-++ if (c == CHAR_INSERT || c == CHAR_INSERT_AHEAD) {
-++ va_list ap;
-++ va_start (ap, c);
-++ ch = va_arg (ap, mc_wint_t);
-++ va_end (ap);
-++ }
-++
-+ /* first enlarge the stack if necessary */
-+ if (sp > edit->stack_size - 10) { /* say */
-+ if (option_max_undo < 256)
-+ option_max_undo = 256;
-+ if (edit->stack_size < (unsigned long) option_max_undo) {
-+- t = g_realloc (edit->undo_stack, (edit->stack_size * 2 + 10) * sizeof (long));
-++ t = g_realloc (edit->undo_stack, (edit->stack_size * 2 + 10) * sizeof (struct action));
-+ if (t) {
-+ edit->undo_stack = t;
-+ edit->stack_size <<= 1;
-+@@ -714,7 +820,7 @@
-+ #ifdef FAST_MOVE_CURSOR
-+ if (c == CURS_LEFT_LOTS || c == CURS_RIGHT_LOTS) {
-+ va_list ap;
-+- edit->undo_stack[sp] = c == CURS_LEFT_LOTS ? CURS_LEFT : CURS_RIGHT;
-++ edit->undo_stack[sp].flags = c == CURS_LEFT_LOTS ? CURS_LEFT : CURS_RIGHT;
-+ edit->stack_pointer = (edit->stack_pointer + 1) & edit->stack_size_mask;
-+ va_start (ap, c);
-+ c = -(va_arg (ap, int));
-+@@ -725,12 +831,14 @@
-+ && spm1 != edit->stack_bottom
-+ && ((sp - 2) & edit->stack_size_mask) != edit->stack_bottom) {
-+ int d;
-+- if (edit->undo_stack[spm1] < 0) {
-+- d = edit->undo_stack[(sp - 2) & edit->stack_size_mask];
-+- if (d == c) {
-+- if (edit->undo_stack[spm1] > -1000000000) {
-++ mc_wchar_t d_ch;
-++ if (edit->undo_stack[spm1].flags < 0) {
-++ d = edit->undo_stack[(sp - 2) & edit->stack_size_mask].flags;
-++ d_ch = edit->undo_stack[(sp - 2) & edit->stack_size_mask].ch;
-++ if (d == c && d_ch == ch) {
-++ if (edit->undo_stack[spm1].flags > -1000000000) {
-+ if (c < KEY_PRESS) /* --> no need to push multiple do-nothings */
-+- edit->undo_stack[spm1]--;
-++ edit->undo_stack[spm1].flags--;
-+ return;
-+ }
-+ }
-+@@ -738,19 +846,20 @@
-+ #ifndef NO_STACK_CURSMOVE_ANIHILATION
-+ else if ((c == CURS_LEFT && d == CURS_RIGHT)
-+ || (c == CURS_RIGHT && d == CURS_LEFT)) { /* a left then a right anihilate each other */
-+- if (edit->undo_stack[spm1] == -2)
-++ if (edit->undo_stack[spm1].flags == -2)
-+ edit->stack_pointer = spm1;
-+ else
-+- edit->undo_stack[spm1]++;
-++ edit->undo_stack[spm1].flags++;
-+ return;
-+ }
-+ #endif
-+ } else {
-+- d = edit->undo_stack[spm1];
-+- if (d == c) {
-++ d = edit->undo_stack[spm1].flags;
-++ d_ch = edit->undo_stack[spm1].ch;
-++ if (d == c && d_ch == ch) {
-+ if (c >= KEY_PRESS)
-+ return; /* --> no need to push multiple do-nothings */
-+- edit->undo_stack[sp] = -2;
-++ edit->undo_stack[sp].flags = -2;
-+ goto check_bottom;
-+ }
-+ #ifndef NO_STACK_CURSMOVE_ANIHILATION
-+@@ -762,7 +871,9 @@
-+ #endif
-+ }
-+ }
-+- edit->undo_stack[sp] = c;
-++ edit->undo_stack[sp].flags = c;
-++ edit->undo_stack[sp].ch = ch;
-++
-+ check_bottom:
-+
-+ edit->stack_pointer = (edit->stack_pointer + 1) & edit->stack_size_mask;
-+@@ -775,10 +886,10 @@
-+ (((unsigned long) c + 1) & edit->stack_size_mask) == edit->stack_bottom)
-+ do {
-+ edit->stack_bottom = (edit->stack_bottom + 1) & edit->stack_size_mask;
-+- } while (edit->undo_stack[edit->stack_bottom] < KEY_PRESS && edit->stack_bottom != edit->stack_pointer);
-++ } while (edit->undo_stack[edit->stack_bottom].flags < KEY_PRESS && edit->stack_bottom != edit->stack_pointer);
-+
-+ /*If a single key produced enough pushes to wrap all the way round then we would notice that the [stack_bottom] does not contain KEY_PRESS. The stack is then initialised: */
-+- if (edit->stack_pointer != edit->stack_bottom && edit->undo_stack[edit->stack_bottom] < KEY_PRESS)
-++ if (edit->stack_pointer != edit->stack_bottom && edit->undo_stack[edit->stack_bottom].flags < KEY_PRESS)
-+ edit->stack_bottom = edit->stack_pointer = 0;
-+ }
-+
-+@@ -787,30 +898,30 @@
-+ then the file should be as it was when he loaded up. Then set edit->modified to 0.
-+ */
-+ static long
-+-pop_action (WEdit * edit)
-++pop_action (WEdit * edit, struct action *c)
-+ {
-+- long c;
-+ unsigned long sp = edit->stack_pointer;
-+ if (sp == edit->stack_bottom) {
-+- return STACK_BOTTOM;
-++ c->flags = STACK_BOTTOM;
-++ return c->flags;
-+ }
-+ sp = (sp - 1) & edit->stack_size_mask;
-+- if ((c = edit->undo_stack[sp]) >= 0) {
-+-/* edit->undo_stack[sp] = '@'; */
-++ *c = edit->undo_stack[sp];
-++ if (edit->undo_stack[sp].flags >= 0) {
-+ edit->stack_pointer = (edit->stack_pointer - 1) & edit->stack_size_mask;
-+- return c;
-++ return c->flags;
-+ }
-+ if (sp == edit->stack_bottom) {
-+ return STACK_BOTTOM;
-+ }
-+- c = edit->undo_stack[(sp - 1) & edit->stack_size_mask];
-+- if (edit->undo_stack[sp] == -2) {
-+-/* edit->undo_stack[sp] = '@'; */
-++ *c = edit->undo_stack[(sp - 1) & edit->stack_size_mask];
-++
-++ if (edit->undo_stack[sp].flags == -2) {
-+ edit->stack_pointer = sp;
-+ } else
-+- edit->undo_stack[sp]++;
-++ edit->undo_stack[sp].flags++;
-+
-+- return c;
-++ return c->flags;
-+ }
-+
-+ /* is called whenever a modification is made by one of the four routines below */
-+@@ -831,7 +942,7 @@
-+ */
-+
-+ void
-+-edit_insert (WEdit *edit, int c)
-++edit_insert (WEdit *edit, mc_wchar_t c)
-+ {
-+ /* check if file has grown to large */
-+ if (edit->last_byte >= SIZE_LIMIT)
-+@@ -869,12 +980,11 @@
-+ /* add a new buffer if we've reached the end of the last one */
-+ if (!(edit->curs1 & M_EDIT_BUF_SIZE))
-+ edit->buffers1[edit->curs1 >> S_EDIT_BUF_SIZE] =
-+- g_malloc (EDIT_BUF_SIZE);
-++ g_malloc (EDIT_BUF_SIZE * sizeof(mc_wchar_t));
-+
-+ /* perform the insertion */
-+- edit->buffers1[edit->curs1 >> S_EDIT_BUF_SIZE][edit->
-+- curs1 & M_EDIT_BUF_SIZE]
-+- = (unsigned char) c;
-++ edit->buffers1[edit->curs1 >> S_EDIT_BUF_SIZE]
-++ [edit->curs1 & M_EDIT_BUF_SIZE] = c;
-+
-+ /* update file length */
-+ edit->last_byte++;
-+@@ -885,7 +995,7 @@
-+
-+
-+ /* same as edit_insert and move left */
-+-void edit_insert_ahead (WEdit * edit, int c)
-++void edit_insert_ahead (WEdit * edit, mc_wchar_t c)
-+ {
-+ if (edit->last_byte >= SIZE_LIMIT)
-+ return;
-+@@ -908,7 +1018,7 @@
-+ edit->last_get_rule += (edit->last_get_rule >= edit->curs1);
-+
-+ if (!((edit->curs2 + 1) & M_EDIT_BUF_SIZE))
-+- edit->buffers2[(edit->curs2 + 1) >> S_EDIT_BUF_SIZE] = g_malloc (EDIT_BUF_SIZE);
-++ edit->buffers2[(edit->curs2 + 1) >> S_EDIT_BUF_SIZE] = g_malloc (EDIT_BUF_SIZE * sizeof(mc_wchar_t));
-+ edit->buffers2[edit->curs2 >> S_EDIT_BUF_SIZE][EDIT_BUF_SIZE - (edit->curs2 & M_EDIT_BUF_SIZE) - 1] = c;
-+
-+ edit->last_byte++;
-+@@ -918,7 +1028,7 @@
-+
-+ int edit_delete (WEdit * edit)
-+ {
-+- int p;
-++ mc_wint_t p;
-+ if (!edit->curs2)
-+ return 0;
-+
-+@@ -942,7 +1052,7 @@
-+ edit->total_lines--;
-+ edit->force |= REDRAW_AFTER_CURSOR;
-+ }
-+- edit_push_action (edit, p + 256);
-++ edit_push_action (edit, CHAR_INSERT_AHEAD, p);
-+ if (edit->curs1 < edit->start_display) {
-+ edit->start_display--;
-+ if (p == '\n')
-+@@ -956,7 +1066,7 @@
-+ static int
-+ edit_backspace (WEdit * edit)
-+ {
-+- int p;
-++ mc_wint_t p;
-+ if (!edit->curs1)
-+ return 0;
-+
-+@@ -980,7 +1090,7 @@
-+ edit->total_lines--;
-+ edit->force |= REDRAW_AFTER_CURSOR;
-+ }
-+- edit_push_action (edit, p);
-++ edit_push_action (edit, CHAR_INSERT, p);
-+
-+ if (edit->curs1 < edit->start_display) {
-+ edit->start_display--;
-+@@ -993,10 +1103,18 @@
-+
-+ #ifdef FAST_MOVE_CURSOR
-+
-+-static void memqcpy (WEdit * edit, unsigned char *dest, unsigned char *src, int n)
-++static void memqcpy (WEdit * edit, mc_wchar_t *dest, mc_wchar_t *src, int n)
-+ {
-+ unsigned long next;
-++#ifndef UTF8
-+ while ((next = (unsigned long) memccpy (dest, src, '\n', n))) {
-++#else /* UTF8 */
-++ while (n) {
-++ next = 0;
-++ while (next < n && src[next]!='\n') next++;
-++ if (next < n) next++;
-++ wmemcpy (dest, src, next)
-++#endif /* UTF8 */
-+ edit->curs_line--;
-+ next -= (unsigned long) dest;
-+ n -= next;
-+@@ -1009,7 +1127,7 @@
-+ edit_move_backward_lots (WEdit *edit, long increment)
-+ {
-+ int r, s, t;
-+- unsigned char *p;
-++ mc_wchar_t *p;
-+
-+ if (increment > edit->curs1)
-+ increment = edit->curs1;
-+@@ -1049,7 +1167,7 @@
-+ edit->buffers2[edit->curs2 >> S_EDIT_BUF_SIZE] = p;
-+ else
-+ edit->buffers2[edit->curs2 >> S_EDIT_BUF_SIZE] =
-+- g_malloc (EDIT_BUF_SIZE);
-++ g_malloc (EDIT_BUF_SIZE * sizeof(mc_wchar_t));
-+ } else {
-+ g_free (p);
-+ }
-+@@ -1087,7 +1205,7 @@
-+ edit->buffers2[edit->curs2 >> S_EDIT_BUF_SIZE] = p;
-+ else
-+ edit->buffers2[edit->curs2 >> S_EDIT_BUF_SIZE] =
-+- g_malloc (EDIT_BUF_SIZE);
-++ g_malloc (EDIT_BUF_SIZE * sizeof(mc_wchar_t));
-+ } else {
-+ g_free (p);
-+ }
-+@@ -1119,7 +1237,7 @@
-+
-+ c = edit_get_byte (edit, edit->curs1 - 1);
-+ if (!((edit->curs2 + 1) & M_EDIT_BUF_SIZE))
-+- edit->buffers2[(edit->curs2 + 1) >> S_EDIT_BUF_SIZE] = g_malloc (EDIT_BUF_SIZE);
-++ edit->buffers2[(edit->curs2 + 1) >> S_EDIT_BUF_SIZE] = g_malloc (EDIT_BUF_SIZE * sizeof(mc_wchar_t));
-+ edit->buffers2[edit->curs2 >> S_EDIT_BUF_SIZE][EDIT_BUF_SIZE - (edit->curs2 & M_EDIT_BUF_SIZE) - 1] = c;
-+ edit->curs2++;
-+ c = edit->buffers1[(edit->curs1 - 1) >> S_EDIT_BUF_SIZE][(edit->curs1 - 1) & M_EDIT_BUF_SIZE];
-+@@ -1144,7 +1262,7 @@
-+
-+ c = edit_get_byte (edit, edit->curs1);
-+ if (!(edit->curs1 & M_EDIT_BUF_SIZE))
-+- edit->buffers1[edit->curs1 >> S_EDIT_BUF_SIZE] = g_malloc (EDIT_BUF_SIZE);
-++ edit->buffers1[edit->curs1 >> S_EDIT_BUF_SIZE] = g_malloc (EDIT_BUF_SIZE * sizeof(mc_wchar_t));
-+ edit->buffers1[edit->curs1 >> S_EDIT_BUF_SIZE][edit->curs1 & M_EDIT_BUF_SIZE] = c;
-+ edit->curs1++;
-+ c = edit->buffers2[(edit->curs2 - 1) >> S_EDIT_BUF_SIZE][EDIT_BUF_SIZE - ((edit->curs2 - 1) & M_EDIT_BUF_SIZE) - 1];
-+@@ -1251,7 +1369,7 @@
-+ q = edit->last_byte + 2;
-+
-+ for (col = 0, p = current; p < q; p++) {
-+- int c;
-++ mc_wchar_t c;
-+ if (cols != -10) {
-+ if (col == cols)
-+ return p;
-+@@ -1269,7 +1387,7 @@
-+ } else if (c < 32 || c == 127)
-+ col += 2; /* Caret notation for control characters */
-+ else
-+- col++;
-++ col += wcwidth(c);
-+ }
-+ return col;
-+ }
-+@@ -1402,7 +1520,7 @@
-+ is_blank (WEdit *edit, long offset)
-+ {
-+ long s, f;
-+- int c;
-++ mc_wchar_t c;
-+ s = edit_bol (edit, offset);
-+ f = edit_eol (edit, offset) - 1;
-+ while (s <= f) {
-+@@ -1774,13 +1892,13 @@
-+ static void
-+ edit_do_undo (WEdit * edit)
-+ {
-+- long ac;
-++ struct action ac;
-+ long count = 0;
-+
-+ edit->stack_disable = 1; /* don't record undo's onto undo stack! */
-+
-+- while ((ac = pop_action (edit)) < KEY_PRESS) {
-+- switch ((int) ac) {
-++ while (pop_action (edit, &ac) < KEY_PRESS) {
-++ switch ((int) ac.flags) {
-+ case STACK_BOTTOM:
-+ goto done_undo;
-+ case CURS_RIGHT:
-+@@ -1801,31 +1919,33 @@
-+ case COLUMN_OFF:
-+ column_highlighting = 0;
-+ break;
-++ case CHAR_INSERT:
-++ edit_insert (edit, ac.ch);
-++ break;
-++ case CHAR_INSERT_AHEAD:
-++ edit_insert_ahead (edit, ac.ch);
-++ break;
-+ }
-+- if (ac >= 256 && ac < 512)
-+- edit_insert_ahead (edit, ac - 256);
-+- if (ac >= 0 && ac < 256)
-+- edit_insert (edit, ac);
-+
-+- if (ac >= MARK_1 - 2 && ac < MARK_2 - 2) {
-+- edit->mark1 = ac - MARK_1;
-++ if (ac.flags >= MARK_1 - 2 && ac.flags < MARK_2 - 2) {
-++ edit->mark1 = ac.flags - MARK_1;
-+ edit->column1 = edit_move_forward3 (edit, edit_bol (edit, edit->mark1), 0, edit->mark1);
-+- } else if (ac >= MARK_2 - 2 && ac < KEY_PRESS) {
-+- edit->mark2 = ac - MARK_2;
-++ } else if (ac.flags >= MARK_2 - 2 && ac.flags < KEY_PRESS) {
-++ edit->mark2 = ac.flags - MARK_2;
-+ edit->column2 = edit_move_forward3 (edit, edit_bol (edit, edit->mark2), 0, edit->mark2);
-+ }
-+ if (count++)
-+ edit->force |= REDRAW_PAGE; /* more than one pop usually means something big */
-+ }
-+
-+- if (edit->start_display > ac - KEY_PRESS) {
-+- edit->start_line -= edit_count_lines (edit, ac - KEY_PRESS, edit->start_display);
-++ if (edit->start_display > ac.flags - KEY_PRESS) {
-++ edit->start_line -= edit_count_lines (edit, ac.flags - KEY_PRESS, edit->start_display);
-+ edit->force |= REDRAW_PAGE;
-+- } else if (edit->start_display < ac - KEY_PRESS) {
-+- edit->start_line += edit_count_lines (edit, edit->start_display, ac - KEY_PRESS);
-++ } else if (edit->start_display < ac.flags - KEY_PRESS) {
-++ edit->start_line += edit_count_lines (edit, edit->start_display, ac.flags - KEY_PRESS);
-+ edit->force |= REDRAW_PAGE;
-+ }
-+- edit->start_display = ac - KEY_PRESS; /* see push and pop above */
-++ edit->start_display = ac.flags - KEY_PRESS; /* see push and pop above */
-+ edit_update_curs_row (edit);
-+
-+ done_undo:;
-+@@ -2102,7 +2222,7 @@
-+ * passed as -1. Commands are executed, and char_for_insertion is
-+ * inserted at the cursor.
-+ */
-+-void edit_execute_key_command (WEdit *edit, int command, int char_for_insertion)
-++void edit_execute_key_command (WEdit *edit, int command, mc_wint_t char_for_insertion)
-+ {
-+ if (command == CK_Begin_Record_Macro) {
-+ edit->macro_i = 0;
-+@@ -2137,7 +2257,7 @@
-+ all of them. It also does not check for the Undo command.
-+ */
-+ void
-+-edit_execute_cmd (WEdit *edit, int command, int char_for_insertion)
-++edit_execute_cmd (WEdit *edit, int command, mc_wint_t char_for_insertion)
-+ {
-+ edit->force |= REDRAW_LINE;
-+
-+@@ -2170,7 +2290,7 @@
-+ }
-+
-+ /* An ordinary key press */
-+- if (char_for_insertion >= 0) {
-++ if (char_for_insertion != (mc_wint_t) -1) {
-+ if (edit->overwrite) {
-+ if (edit_get_byte (edit, edit->curs1) != '\n')
-+ edit_delete (edit);
-+diff -Naur mc-4.6.1-old/edit/editcmd.c mc-4.6.1/edit/editcmd.c
-+--- mc-4.6.1-old/edit/editcmd.c 2005-05-27 16:19:18.000000000 +0200
-++++ mc-4.6.1/edit/editcmd.c 2005-10-28 10:08:07.687254712 +0200
-+@@ -46,7 +46,7 @@
-+ #define edit_get_save_file(f,h) input_expand_dialog (h, _(" Enter file name: "), f)
-+
-+ struct selection {
-+- unsigned char * text;
-++ mc_wchar_t *text;
-+ int len;
-+ };
-+
-+@@ -69,12 +69,16 @@
-+ #define MAX_REPL_LEN 1024
-+
-+ static int edit_save_cmd (WEdit *edit);
-+-static unsigned char *edit_get_block (WEdit *edit, long start,
-++static mc_wchar_t *edit_get_block (WEdit *edit, long start,
-+ long finish, int *l);
-+
-+-static inline int my_lower_case (int c)
-++static inline mc_wchar_t my_lower_case (mc_wchar_t c)
-+ {
-++#ifndef UTF8
-+ return tolower(c & 0xFF);
-++#else
-++ return towlower(c);
-++#endif
-+ }
-+
-+ static const char *strcasechr (const unsigned char *s, int c)
-+@@ -108,11 +112,11 @@
-+ #endif /* !HAVE_MEMMOVE */
-+
-+ /* #define itoa MY_itoa <---- this line is now in edit.h */
-+-static char *
-++static mc_wchar_t *
-+ MY_itoa (int i)
-+ {
-+- static char t[14];
-+- char *s = t + 13;
-++ static mc_wchar_t t[14];
-++ mc_wchar_t *s = t + 13;
-+ int j = i;
-+ *s-- = 0;
-+ do {
-+@@ -196,6 +200,48 @@
-+ doupdate();
-+ }
-+
-++#ifdef UTF8
-++
-++static size_t
-++wchar_write(int fd, mc_wchar_t *buf, size_t len)
-++{
-++ char *tmpbuf = g_malloc(len + MB_LEN_MAX);
-++ mbstate_t mbs;
-++ size_t i;
-++ size_t outlen = 0;
-++ size_t res;
-++
-++ for (i = 0; i < len; i++) {
-++ if (outlen >= len) {
-++ if ((res = mc_write(fd, tmpbuf, outlen)) != outlen) {
-++ g_free(tmpbuf);
-++ return -1;
-++ }
-++ outlen = 0;
-++ }
-++ memset (&mbs, 0, sizeof (mbs));
-++#ifdef __STDC_ISO_10646__
-++ if (buf[i] >= BINARY_CHAR_OFFSET && buf[i] < (BINARY_CHAR_OFFSET + 256)) {
-++ res = 1;
-++ tmpbuf[outlen] = (char) (buf[i] - BINARY_CHAR_OFFSET);
-++
-++ } else
-++#endif
-++ res = wcrtomb(tmpbuf + outlen, buf[i], &mbs);
-++ if (res > 0) {
-++ outlen += res;
-++ }
-++ }
-++ if ((res = mc_write(fd, tmpbuf, outlen)) != outlen) {
-++ g_free(tmpbuf);
-++ return -1;
-++ }
-++ g_free(tmpbuf);
-++ return len;
-++}
-++
-++#endif /* UTF8 */
-++
-+ /* If 0 (quick save) then a) create/truncate <filename> file,
-+ b) save to <filename>;
-+ if 1 (safe save) then a) save to <tempnam>,
-+@@ -303,32 +349,48 @@
-+ buf = 0;
-+ filelen = edit->last_byte;
-+ while (buf <= (edit->curs1 >> S_EDIT_BUF_SIZE) - 1) {
-++#ifndef UTF8
-+ if (mc_write (fd, (char *) edit->buffers1[buf], EDIT_BUF_SIZE)
-++#else /* UTF8 */
-++ if (wchar_write (fd, edit->buffers1[buf], EDIT_BUF_SIZE)
-++#endif /* UTF8 */
-+ != EDIT_BUF_SIZE) {
-+ mc_close (fd);
-+ goto error_save;
-+ }
-+ buf++;
-+ }
-++#ifndef UTF8
-+ if (mc_write
-+ (fd, (char *) edit->buffers1[buf],
-++#else /* UTF8 */
-++ if (wchar_write
-++ (fd, edit->buffers1[buf],
-++#endif /* UTF8 */
-+ edit->curs1 & M_EDIT_BUF_SIZE) !=
-+ (edit->curs1 & M_EDIT_BUF_SIZE)) {
-+ filelen = -1;
-+ } else if (edit->curs2) {
-+ edit->curs2--;
-+ buf = (edit->curs2 >> S_EDIT_BUF_SIZE);
-+- if (mc_write
-+- (fd,
-+- (char *) edit->buffers2[buf] + EDIT_BUF_SIZE -
-++#ifndef UTF8
-++ if (mc_write(fd, (char *) edit->buffers2[buf] + EDIT_BUF_SIZE -
-++#else /* UTF8 */
-++ if (wchar_write(fd, edit->buffers2[buf] + EDIT_BUF_SIZE -
-++#endif /* UTF8 */
-+ (edit->curs2 & M_EDIT_BUF_SIZE) - 1,
-+ 1 + (edit->curs2 & M_EDIT_BUF_SIZE)) !=
-+ 1 + (edit->curs2 & M_EDIT_BUF_SIZE)) {
-+ filelen = -1;
-+ } else {
-+ while (--buf >= 0) {
-++#ifndef UTF8
-+ if (mc_write
-+ (fd, (char *) edit->buffers2[buf],
-++#else /* UTF8 */
-++ if (wchar_write
-++ (fd, edit->buffers2[buf],
-++#endif /* UTF8 */
-+ EDIT_BUF_SIZE) != EDIT_BUF_SIZE) {
-+ filelen = -1;
-+ break;
-+@@ -643,13 +705,21 @@
-+ if (!n || n == EOF)
-+ break;
-+ n = 0;
-++#ifndef UTF8
-+ while (fscanf (f, "%hd %hd, ", ¯o[n].command, ¯o[n].ch))
-++#else /* UTF8 */
-++ while (fscanf (f, "%hd %lu, ", ¯o[n].command, ¯o[n].ch))
-++#endif /* UTF8 */
-+ n++;
-+ fscanf (f, ";\n");
-+ if (s != k) {
-+ fprintf (g, ("key '%d 0': "), s);
-+ for (i = 0; i < n; i++)
-++#ifndef UTF8
-+ fprintf (g, "%hd %hd, ", macro[i].command, macro[i].ch);
-++#else /* UTF8 */
-++ fprintf (g, "%hd %lu, ", macro[i].command, macro[i].ch);
-++#endif /* UTF8 */
-+ fprintf (g, ";\n");
-+ }
-+ }
-+@@ -685,7 +755,11 @@
-+ if (f) {
-+ fprintf (f, ("key '%d 0': "), s);
-+ for (i = 0; i < n; i++)
-++#ifndef UTF8
-+ fprintf (f, "%hd %hd, ", macro[i].command, macro[i].ch);
-++#else /* UTF8 */
-++ fprintf (f, "%hd %lu, ", macro[i].command, macro[i].ch);
-++#endif /* UTF8 */
-+ fprintf (f, ";\n");
-+ fclose (f);
-+ if (saved_macros_loaded) {
-+@@ -734,10 +808,18 @@
-+ saved_macro[i++] = s;
-+ if (!found) {
-+ *n = 0;
-++#ifndef UTF8
-+ while (*n < MAX_MACRO_LENGTH && 2 == fscanf (f, "%hd %hd, ", ¯o[*n].command, ¯o[*n].ch))
-++#else /* UTF8 */
-++ while (*n < MAX_MACRO_LENGTH && 2 == fscanf (f, "%hd %lu, ", ¯o[*n].command, ¯o[*n].ch))
-++#endif /* UTF8 */
-+ (*n)++;
-+ } else {
-++#ifndef UTF8
-+ while (2 == fscanf (f, "%hd %hd, ", &dummy.command, &dummy.ch));
-++#else /* UTF8 */
-++ while (2 == fscanf (f, "%hd %lu, ", &dummy.command, &dummy.ch));
-++#endif /* UTF8 */
-+ }
-+ fscanf (f, ";\n");
-+ if (s == k)
-+@@ -886,7 +968,7 @@
-+ #define space_width 1
-+
-+ static void
-+-edit_insert_column_of_text (WEdit * edit, unsigned char *data, int size, int width)
-++edit_insert_column_of_text (WEdit * edit, mc_wchar_t *data, int size, int width)
-+ {
-+ long cursor;
-+ int i, col;
-+@@ -934,7 +1016,7 @@
-+ {
-+ long start_mark, end_mark, current = edit->curs1;
-+ int size, x;
-+- unsigned char *copy_buf;
-++ mc_wchar_t *copy_buf;
-+
-+ edit_update_curs_col (edit);
-+ x = edit->curs_col;
-+@@ -979,7 +1061,7 @@
-+ {
-+ long count;
-+ long current;
-+- unsigned char *copy_buf;
-++ mc_wchar_t *copy_buf;
-+ long start_mark, end_mark;
-+ int deleted = 0;
-+ int x = 0;
-+@@ -1040,7 +1122,7 @@
-+ edit_push_action (edit, COLUMN_ON);
-+ column_highlighting = 0;
-+ } else {
-+- copy_buf = g_malloc (end_mark - start_mark);
-++ copy_buf = g_malloc ((end_mark - start_mark) * sizeof(mc_wchar_t));
-+ edit_cursor_move (edit, start_mark - edit->curs1);
-+ edit_scroll_screen_over_cursor (edit);
-+ count = start_mark;
-+@@ -1371,7 +1453,11 @@
-+ /* This function is a modification of mc-3.2.10/src/view.c:regexp_view_search() */
-+ /* returns -3 on error in pattern, -1 on not found, found_len = 0 if either */
-+ static int
-++#ifndef UTF8
-+ string_regexp_search (char *pattern, char *string, int len, int match_type,
-++#else /* UTF8 */
-++string_regexp_search (char *pattern, mc_wchar_t *wstring, int match_type,
-++#endif /* UTF8 */
-+ int match_bol, int icase, int *found_len, void *d)
-+ {
-+ static regex_t r;
-+@@ -1380,6 +1466,11 @@
-+ regmatch_t *pmatch;
-+ static regmatch_t s[1];
-+
-++#ifdef UTF8
-++ char *string;
-++ int i;
-++#endif /* UTF8 */
-++
-+ pmatch = (regmatch_t *) d;
-+ if (!pmatch)
-+ pmatch = s;
-+@@ -1399,13 +1490,51 @@
-+ old_type = match_type;
-+ old_icase = icase;
-+ }
-++
-++#ifdef UTF8
-++ string = wchar_to_mbstr(wstring);
-++ if (string == NULL)
-++ return -1;
-++#endif /* UTF8 */
-++
-+ if (regexec
-+ (&r, string, d ? NUM_REPL_ARGS : 1, pmatch,
-+ ((match_bol
-+ || match_type != match_normal) ? 0 : REG_NOTBOL)) != 0) {
-+ *found_len = 0;
-++
-++#ifdef UTF8
-++ g_free(string);
-++#endif /* UTF8 */
-++
-+ return -1;
-+ }
-++
-++#ifdef UTF8
-++ for (i = 0; i < (d ? NUM_REPL_ARGS : 1); i++) {
-++ char tmp;
-++ int new_o;
-++
-++ if (pmatch[i].rm_so < 0)
-++ continue;
-++ tmp = string[pmatch[i].rm_so];
-++ string[pmatch[i].rm_so] = 0;
-++ new_o = mbstrlen(string);
-++ string[pmatch[i].rm_so] = tmp;
-++ pmatch[i].rm_so = new_o;
-++
-++ if (pmatch[i].rm_eo < 0)
-++ continue;
-++ tmp = string[pmatch[i].rm_eo];
-++ string[pmatch[i].rm_eo] = 0;
-++ new_o = mbstrlen(string);
-++ string[pmatch[i].rm_eo] = tmp;
-++ pmatch[i].rm_eo = new_o;
-++ }
-++
-++ g_free(string);
-++#endif /* UTF8 */
-++
-+ *found_len = pmatch[0].rm_eo - pmatch[0].rm_so;
-+ return (pmatch[0].rm_so);
-+ }
-+@@ -1413,13 +1542,29 @@
-+ /* thanks to Liviu Daia <daia@stoilow.imar.ro> for getting this
-+ (and the above) routines to work properly - paul */
-+
-++#ifndef UTF8
-+ typedef int (*edit_getbyte_fn) (WEdit *, long);
-++#else /* UTF8 */
-++typedef mc_wchar_t (*edit_getbyte_fn) (WEdit *, long);
-++#endif /* UTF8 */
-+
-+ static long
-++#ifndef UTF8
-+ edit_find_string (long start, unsigned char *exp, int *len, long last_byte, edit_getbyte_fn get_byte, void *data, int once_only, void *d)
-++#else /* UTF8 */
-++edit_find_string (long start, unsigned char *exp_mb, int *len, long last_byte, edit_getbyte_fn get_byte, void *data, int once_only, void *d)
-++#endif /* UTF8 */
-+ {
-+ long p, q = 0;
-+- long l = strlen ((char *) exp), f = 0;
-++ long f = 0;
-++
-++#ifndef UTF8
-++ long l = strlen ((char *) exp);
-++#else /* UTF8 */
-++ mc_wchar_t *exp = mbstr_to_wchar((char *)exp_mb);
-++ mc_wchar_t *exp_backup = exp;
-++ long l = wcslen(exp);
-++#endif /* UTF8 */
-+ int n = 0;
-+
-+ for (p = 0; p < l; p++) /* count conversions... */
-+@@ -1428,19 +1573,22 @@
-+ n++;
-+
-+ if (replace_scanf || replace_regexp) {
-+- int c;
-+- unsigned char *buf;
-+- unsigned char mbuf[MAX_REPL_LEN * 2 + 3];
-++ mc_wint_t c;
-++ mc_wchar_t *buf;
-++ mc_wchar_t mbuf[MAX_REPL_LEN * 2 + 3];
-+
-+ replace_scanf = (!replace_regexp); /* can't have both */
-+
-+ buf = mbuf;
-+
-+ if (replace_scanf) {
-+- unsigned char e[MAX_REPL_LEN];
-+- if (n >= NUM_REPL_ARGS)
-+- return -3;
-+-
-++ mc_wchar_t e[MAX_REPL_LEN];
-++ if (n >= NUM_REPL_ARGS) {
-++#ifdef UTF8
-++ g_free(exp_backup);
-++#endif /* UTF8 */
-++ return -3;
-++ }
-+ if (replace_case) {
-+ for (p = start; p < last_byte && p < start + MAX_REPL_LEN; p++)
-+ buf[p - start] = (*get_byte) (data, p);
-+@@ -1454,20 +1602,36 @@
-+ }
-+
-+ buf[(q = p - start)] = 0;
-++#ifndef UTF8
-+ strcpy ((char *) e, (char *) exp);
-+ strcat ((char *) e, "%n");
-++#else /* UTF8 */
-++ wcscpy (e, exp);
-++ wcscat (e, L"%n");
-++#endif /* UTF8 */
-+ exp = e;
-+
-+ while (q) {
-+ *((int *) sargs[n]) = 0; /* --> here was the problem - now fixed: good */
-++#ifndef UTF8
-+ if (n == sscanf ((char *) buf, (char *) exp, SCANF_ARGS)) {
-++#else /* UTF8 */
-++ if (n == swscanf (buf, exp, SCANF_ARGS)) {
-++#endif /* UTF8 */
-+ if (*((int *) sargs[n])) {
-+ *len = *((int *) sargs[n]);
-++#ifdef UTF8
-++ g_free(exp_backup);
-++#endif /* UTF8 */
-+ return start;
-+ }
-+ }
-+- if (once_only)
-++ if (once_only) {
-++#ifdef UTF8
-++ g_free(exp_backup);
-++#endif /* UTF8 */
-+ return -2;
-++ }
-+ if (q + start < last_byte) {
-+ if (replace_case) {
-+ buf[q] = (*get_byte) (data, q + start);
-+@@ -1481,7 +1645,11 @@
-+ start++;
-+ buf++; /* move the window along */
-+ if (buf == mbuf + MAX_REPL_LEN) { /* the window is about to go past the end of array, so... */
-++#ifndef UTF8
-+ memmove (mbuf, buf, strlen ((char *) buf) + 1); /* reset it */
-++#else /* UTF8 */
-++ wmemmove (mbuf, buf, (wcslen (buf) + 1)); /* reset it */
-++#endif /* UTF8 */
-+ buf = mbuf;
-+ }
-+ q--;
-+@@ -1507,10 +1675,17 @@
-+
-+ buf = mbuf;
-+ while (q) {
-++#ifndef UTF8
-+ found_start = string_regexp_search ((char *) exp, (char *) buf, q, match_normal, match_bol, !replace_case, len, d);
-++#else /* UTF8 */
-++ found_start = string_regexp_search ((char *) exp_mb, buf, match_normal, match_bol, !replace_case, len, d);
-++#endif /* UTF8 */
-+
-+ if (found_start <= -2) { /* regcomp/regexec error */
-+ *len = 0;
-++#ifdef UTF8
-++ g_free (exp_backup);
-++#endif /* UTF8 */
-+ return -3;
-+ }
-+ else if (found_start == -1) /* not found: try next line */
-+@@ -1521,15 +1696,27 @@
-+ match_bol = 0;
-+ continue;
-+ }
-+- else /* found */
-++ else { /* found */
-++#ifdef UTF8
-++ g_free(exp_backup);
-++#endif /* UTF8 */
-+ return (start + offset - q + found_start);
-++ }
-+ }
-+- if (once_only)
-++ if (once_only) {
-++#ifdef UTF8
-++ g_free(exp_backup);
-++#endif /* UTF8 */
-+ return -2;
-++ }
-+
-+ if (buf[q - 1] != '\n') { /* incomplete line: try to recover */
-+ buf = mbuf + MAX_REPL_LEN / 2;
-++#ifndef UTF8
-+ q = strlen ((const char *) buf);
-++#else /* UTF8 */
-++ q = wcslen (buf);
-++#endif /* UTF8 */
-+ memmove (mbuf, buf, q);
-+ p = start + q;
-+ move_win = 1;
-+@@ -1539,36 +1726,59 @@
-+ }
-+ }
-+ } else {
-++#ifndef UTF8
-+ *len = strlen ((const char *) exp);
-++#else /* UTF8 */
-++ *len = wcslen (exp);
-++#endif /* UTF8 */
-+ if (replace_case) {
-+ for (p = start; p <= last_byte - l; p++) {
-+- if ((*get_byte) (data, p) == (unsigned char)exp[0]) { /* check if first char matches */
-++ if ((*get_byte) (data, p) == exp[0]) { /* check if first char matches */
-+ for (f = 0, q = 0; q < l && f < 1; q++)
-+- if ((*get_byte) (data, q + p) != (unsigned char)exp[q])
-++ if ((*get_byte) (data, q + p) != exp[q])
-+ f = 1;
-+- if (f == 0)
-++ if (f == 0) {
-++#ifdef UTF8
-++ g_free (exp_backup);
-++#endif /* UTF8 */
-+ return p;
-++ }
-+ }
-+- if (once_only)
-++ if (once_only) {
-++#ifdef UTF8
-++ g_free(exp_backup);
-++#endif /* UTF8 */
-+ return -2;
-++ }
-+ }
-+ } else {
-+ for (p = 0; exp[p] != 0; p++)
-+ exp[p] = my_lower_case (exp[p]);
-+
-+ for (p = start; p <= last_byte - l; p++) {
-+- if (my_lower_case ((*get_byte) (data, p)) == (unsigned char)exp[0]) {
-++ if (my_lower_case ((*get_byte) (data, p)) == exp[0]) {
-+ for (f = 0, q = 0; q < l && f < 1; q++)
-+- if (my_lower_case ((*get_byte) (data, q + p)) != (unsigned char)exp[q])
-++ if (my_lower_case ((*get_byte) (data, q + p)) != exp[q])
-+ f = 1;
-+- if (f == 0)
-++ if (f == 0) {
-++#ifdef UTF8
-++ g_free (exp_backup);
-++#endif /* UTF8 */
-+ return p;
-++ }
-+ }
-+- if (once_only)
-++ if (once_only) {
-++#ifdef UTF8
-++ g_free (exp_backup);
-++#endif /* UTF8 */
-+ return -2;
-++ }
-+ }
-+ }
-+ }
-++#ifdef UTF8
-++ g_free (exp_backup);
-++#endif /* UTF8 */
-+ return -2;
-+ }
-+
-+@@ -1582,9 +1792,14 @@
-+
-+ while ((p = edit_find_string (p, exp, len, last_byte, get_byte, data, once_only, d)) >= 0) {
-+ if (replace_whole) {
-++#ifndef UTF8
-+ /*If the bordering chars are not in option_whole_chars_search then word is whole */
-+ if (!strcasechr (option_whole_chars_search, (*get_byte) (data, p - 1))
-+ && !strcasechr (option_whole_chars_search, (*get_byte) (data, p + *len)))
-++#else /* UTF8 */
-++ if (!iswalnum((*get_byte) (data, p - 1))
-++ && !iswalnum((*get_byte) (data, p + *len)))
-++#endif /* UTF8 */
-+ return p;
-+ if (once_only)
-+ return -2;
-+@@ -1616,6 +1831,7 @@
-+
-+ #define is_digit(x) ((x) >= '0' && (x) <= '9')
-+
-++#ifndef UTF8
-+ #define snprint(v) { \
-+ *p1++ = *p++; \
-+ *p1 = '\0'; \
-+@@ -1623,33 +1839,48 @@
-+ if (n >= (size_t) (e - s)) goto nospc; \
-+ s += n; \
-+ }
-++#else /* UTF8 */
-++#define snprint(v) { \
-++ *p1++ = *p++; \
-++ *p1 = '\0'; \
-++ n = swprintf(s, e-s, q1,v); \
-++ if (n >= (size_t) (e - s)) goto nospc; \
-++ s += n; \
-++ }
-++#endif /* UTF8 */
-+
-+ /* this function uses the sprintf command to do a vprintf */
-+ /* it takes pointers to arguments instead of the arguments themselves */
-+ /* The return value is the number of bytes written excluding '\0'
-+ if successfull, -1 if the resulting string would be too long and
-+ -2 if the format string is errorneous. */
-+-static int snprintf_p (char *str, size_t size, const char *fmt,...)
-+- __attribute__ ((format (printf, 3, 4)));
-+-
-+-static int snprintf_p (char *str, size_t size, const char *fmt,...)
-++static int snprintf_p (mc_wchar_t *str, size_t size, const mc_wchar_t *fmt,...)
-+ {
-+ va_list ap;
-+ size_t n;
-+- const char *q, *p;
-+- char *s = str, *e = str + size;
-+- char q1[40];
-+- char *p1;
-++ const mc_wchar_t *q, *p;
-++ mc_wchar_t *s = str, *e = str + size;
-++ mc_wchar_t q1[40];
-++
-++ mc_wchar_t *p1;
-+ int nargs = 0;
-+
-+ va_start (ap, fmt);
-+ p = q = fmt;
-+
-++#ifndef UTF8
-+ while ((p = strchr (p, '%'))) {
-++#else /* UTF8 */
-++ while ((p = wcschr (p, L'%'))) {
-++#endif /* UTF8 */
-+ n = p - q;
-+ if (n >= (size_t) (e - s))
-+ goto nospc;
-++#ifndef UTF8
-+ memcpy (s, q, n); /* copy stuff between format specifiers */
-++#else /* UTF8 */
-++ wmemcpy (s, q, n); /* copy stuff between format specifiers */
-++#endif /* UTF8 */
-+ s += n;
-+ q = p;
-+ p1 = q1;
-+@@ -1677,45 +1908,78 @@
-+ *p1++ = *p++;
-+ if (*p == '*') {
-+ p++;
-++#ifndef UTF8
-+ strcpy (p1, MY_itoa (*va_arg (ap, int *))); /* replace field width with a number */
-+ p1 += strlen (p1);
-++#else /* UTF8 */
-++ wcscpy (p1, MY_itoa (*va_arg (ap, int *))); /* replace field width with a number */
-++ p1 += wcslen (p1);
-++#endif /* UTF8 */
-+ } else {
-+- while (is_digit (*p) && p1 < q1 + 20)
-++#ifndef UTF8
-++ while (is_digit (*p)
-++#else /* UTF8 */
-++ while (iswdigit (*p)
-++#endif /* UTF8 */
-++ && p1 < q1 + 20)
-+ *p1++ = *p++;
-+- if (is_digit (*p))
-++#ifndef UTF8
-++ if (is_digit (*p))
-++#else /* UTF8 */
-++ if (iswdigit (*p))
-++#endif /* UTF8 */
-+ goto err;
-+ }
-+ if (*p == '.')
-+ *p1++ = *p++;
-+ if (*p == '*') {
-+ p++;
-++#ifndef UTF8
-+ strcpy (p1, MY_itoa (*va_arg (ap, int *))); /* replace precision with a number */
-+ p1 += strlen (p1);
-++#else /* UTF8 */
-++ wcscpy (p1, MY_itoa (*va_arg (ap, int *))); /* replace precision with a number */
-++ p1 += wcslen (p1);
-++#endif /* UTF8 */
-+ } else {
-+- while (is_digit (*p) && p1 < q1 + 32)
-++#ifndef UTF8
-++ while (is_digit (*p)
-++#else /* UTF8 */
-++ while (iswdigit (*p)
-++#endif /* UTF8 */
-++ && p1 < q1 + 32)
-+ *p1++ = *p++;
-+- if (is_digit (*p))
-++#ifndef UTF8
-++ if (is_digit (*p))
-++#else /* UTF8 */
-++ if (iswdigit (*p))
-++#endif /* UTF8 */
-+ goto err;
-+ }
-+ /* flags done, now get argument */
-+ if (*p == 's') {
-++#ifndef UTF8
-+ snprint (va_arg (ap, char *));
-++#else /* UTF8 */
-++ *p1++ = 'l';
-++ snprint (va_arg (ap, mc_wchar_t *));
-++#endif /* UTF8 */
-+ } else if (*p == 'h') {
-+- if (strchr ("diouxX", *p))
-++ if (*p < 128 && strchr ("diouxX", *p))
-+ snprint (*va_arg (ap, short *));
-+ } else if (*p == 'l') {
-+ *p1++ = *p++;
-+- if (strchr ("diouxX", *p))
-++ if (*p < 128 && strchr ("diouxX", *p))
-+ snprint (*va_arg (ap, long *));
-+- } else if (strchr ("cdiouxX", *p)) {
-++ } else if (*p < 128 && strchr ("cdiouxX", *p)) {
-+ snprint (*va_arg (ap, int *));
-+ } else if (*p == 'L') {
-+ *p1++ = *p++;
-+- if (strchr ("EefgG", *p))
-++ if (*p < 128 && strchr ("EefgG", *p))
-+ snprint (*va_arg (ap, double *)); /* should be long double */
-+- } else if (strchr ("EefgG", *p)) {
-++ } else if (*p < 128 && strchr ("EefgG", *p)) {
-+ snprint (*va_arg (ap, double *));
-+- } else if (strchr ("DOU", *p)) {
-++ } else if (*p < 128 && strchr ("DOU", *p)) {
-+ snprint (*va_arg (ap, long *));
-+ } else if (*p == 'p') {
-+ snprint (*va_arg (ap, void **));
-+@@ -1724,10 +1988,17 @@
-+ q = p;
-+ }
-+ va_end (ap);
-++#ifndef UTF8
-+ n = strlen (q);
-+ if (n >= (size_t) (e - s))
-+ return -1;
-+ memcpy (s, q, n + 1);
-++#else /* UTF8 */
-++ n = wcslen (q);
-++ if (n >= (size_t) (e - s))
-++ return -1;
-++ wmemcpy (s, q, n + 1);
-++#endif /* UTF8 */
-+ return s + n - str;
-+ nospc:
-+ va_end (ap);
-+@@ -1902,8 +2173,11 @@
-+ }
-+ }
-+ if (replace_yes) { /* delete then insert new */
-++#ifdef UTF8
-++ mc_wchar_t *winput2 = mbstr_to_wchar(exp2);
-++#endif /* UTF8 */
-+ if (replace_scanf || replace_regexp) {
-+- char repl_str[MAX_REPL_LEN + 2];
-++ mc_wchar_t repl_str[MAX_REPL_LEN + 2];
-+ int ret = 0;
-+
-+ /* we need to fill in sargs just like with scanf */
-+@@ -1912,17 +2186,25 @@
-+ for (k = 1;
-+ k < NUM_REPL_ARGS && pmatch[k].rm_eo >= 0;
-+ k++) {
-++#ifndef UTF8
-+ unsigned char *t;
-++#else /* UTF8 */
-++ mc_wchar_t *t;
-++#endif
-+
-+ if (pmatch[k].rm_eo - pmatch[k].rm_so > 255) {
-+ ret = -1;
-+ break;
-+ }
-++#ifndef UTF8
-+ t = (unsigned char *) &sargs[k - 1][0];
-++#else /* UTF8 */
-++ t = (mc_wchar_t *) &sargs[k - 1][0];
-++#endif /* UTF8 */
-+ for (j = 0;
-+ j < pmatch[k].rm_eo - pmatch[k].rm_so
-+ && j < 255; j++, t++)
-+- *t = (unsigned char) edit_get_byte (edit,
-++ *t = edit_get_byte (edit,
-+ edit->
-+ search_start
-+ -
-+@@ -1939,13 +2221,22 @@
-+ sargs[k - 1][0] = 0;
-+ }
-+ if (!ret)
-++#ifndef UTF8
-+ ret = snprintf_p (repl_str, MAX_REPL_LEN + 2, exp2, PRINTF_ARGS);
-++#else /* UTF8 */
-++ ret = snprintf_p (repl_str, MAX_REPL_LEN + 2, winput2, PRINTF_ARGS);
-++#endif /* UTF8 */
-+ if (ret >= 0) {
-+ times_replaced++;
-+ while (i--)
-+ edit_delete (edit);
-++#ifndef UTF8
-+ while (repl_str[++i])
-+ edit_insert (edit, repl_str[i]);
-++#else /* UTF8 */
-++ while (winput2[++i])
-++ edit_insert (edit, winput2[i]);
-++#endif /* UTF8 */
-+ } else {
-+ edit_error_dialog (_(" Replace "),
-+ ret == -2
-+@@ -1957,10 +2248,18 @@
-+ times_replaced++;
-+ while (i--)
-+ edit_delete (edit);
-++#ifndef UTF8
-+ while (exp2[++i])
-+ edit_insert (edit, exp2[i]);
-++#else /* UTF8 */
-++ while (winput2[++i])
-++ edit_insert (edit, winput2[i]);
-++#endif
-+ }
-+ edit->found_len = i;
-++#ifdef UTF8
-++ g_free (winput2);
-++#endif /* UTF8 */
-+ }
-+ /* so that we don't find the same string again */
-+ if (replace_backwards) {
-+@@ -2132,16 +2431,17 @@
-+ #define TEMP_BUF_LEN 1024
-+
-+ /* Return a null terminated length of text. Result must be g_free'd */
-+-static unsigned char *
-++static mc_wchar_t *
-+ edit_get_block (WEdit *edit, long start, long finish, int *l)
-+ {
-+- unsigned char *s, *r;
-+- r = s = g_malloc (finish - start + 1);
-++ mc_wchar_t *s, *r;
-++ r = s = g_malloc ((finish - start + 1) * sizeof(mc_wchar_t));
-+ if (column_highlighting) {
-+ *l = 0;
-+ /* copy from buffer, excluding chars that are out of the column 'margins' */
-+ while (start < finish) {
-+- int c, x;
-++ mc_wchar_t c;
-++ int x;
-+ x = edit_move_forward3 (edit, edit_bol (edit, start), 0,
-+ start);
-+ c = edit_get_byte (edit, start);
-+@@ -2174,11 +2474,15 @@
-+ return 0;
-+
-+ if (column_highlighting) {
-+- unsigned char *block, *p;
-++ mc_wchar_t *block, *p;
-+ int r;
-+ p = block = edit_get_block (edit, start, finish, &len);
-+ while (len) {
-++#ifndef UTF8
-+ r = mc_write (file, p, len);
-++#else /* UTF8 */
-++ r = wchar_write (file, p, len);
-++#endif /* UTF8 */
-+ if (r < 0)
-+ break;
-+ p += r;
-+@@ -2186,15 +2490,19 @@
-+ }
-+ g_free (block);
-+ } else {
-+- unsigned char *buf;
-++ mc_wchar_t *buf;
-+ int i = start, end;
-+ len = finish - start;
-+- buf = g_malloc (TEMP_BUF_LEN);
-++ buf = g_malloc (TEMP_BUF_LEN * sizeof(mc_wchar_t));
-+ while (start != finish) {
-+ end = min (finish, start + TEMP_BUF_LEN);
-+ for (; i < end; i++)
-+ buf[i - start] = edit_get_byte (edit, i);
-++#ifndef UTF8
-+ len -= mc_write (file, (char *) buf, end - start);
-++#else /* UTF8 */
-++ len -= wchar_write (file, buf, end - start);
-++#endif /* UTF8 */
-+ start = end;
-+ }
-+ g_free (buf);
-+@@ -2531,17 +2839,20 @@
-+
-+ /* prints at the cursor */
-+ /* returns the number of chars printed */
-++#ifndef UTF8
-+ int edit_print_string (WEdit * e, const char *s)
-++#else /* UTF8 */
-++int edit_print_wstring (WEdit * e, mc_wchar_t *s)
-++#endif /* UTF8 */
-+ {
-+ int i = 0;
-+ while (s[i])
-+- edit_execute_cmd (e, -1, (unsigned char) s[i++]);
-++ edit_execute_cmd (e, -1, s[i++]);
-+ e->force |= REDRAW_COMPLETELY;
-+ edit_update_screen (e);
-+ return i;
-+ }
-+
-+-
-+ static void pipe_mail (WEdit *edit, char *to, char *subject, char *cc)
-+ {
-+ FILE *p = 0;
-+@@ -2635,15 +2946,20 @@
-+ /* find first character of current word */
-+ static int edit_find_word_start (WEdit *edit, long *word_start, int *word_len)
-+ {
-+- int i, c, last;
-++ int i;
-++ mc_wint_t c, last;
-+
-+ /* return if at begin of file */
-+ if (edit->curs1 <= 0)
-+ return 0;
-+
-+- c = (unsigned char) edit_get_byte (edit, edit->curs1 - 1);
-++ c = edit_get_byte (edit, edit->curs1 - 1);
-+ /* return if not at end or in word */
-++#ifndef UTF8
-+ if (isspace (c) || !(isalnum (c) || c == '_'))
-++#else /* UTF8 */
-++ if (iswspace (c) || !(iswalnum (c) || c == '_'))
-++#endif /* UTF8 */
-+ return 0;
-+
-+ /* search start of word to be completed */
-+@@ -2653,11 +2969,19 @@
-+ return 0;
-+
-+ last = c;
-+- c = (unsigned char) edit_get_byte (edit, edit->curs1 - i);
-++ c = edit_get_byte (edit, edit->curs1 - i);
-+
-++#ifndef UTF8
-+ if (!(isalnum (c) || c == '_')) {
-++#else /* UTF8 */
-++ if (!(iswalnum (c) || c == '_')) {
-++#endif /* UTF8 */
-+ /* return if word starts with digit */
-++#ifndef UTF8
-+ if (isdigit (last))
-++#else /* UTF8 */
-++ if (iswdigit (last))
-++#endif /* UTF8 */
-+ return 0;
-+
-+ *word_start = edit->curs1 - (i - 1); /* start found */
-+@@ -2690,7 +3014,7 @@
-+ int *num)
-+ {
-+ int len, max_len = 0, i, skip;
-+- char *bufpos;
-++ mc_wchar_t *bufpos;
-+
-+ /* collect max MAX_WORD_COMPLETIONS completions */
-+ while (*num < MAX_WORD_COMPLETIONS) {
-+@@ -2711,9 +3035,16 @@
-+ buffers1[start >> S_EDIT_BUF_SIZE][start & M_EDIT_BUF_SIZE];
-+ skip = 0;
-+ for (i = 0; i < *num; i++) {
-++#ifndef UTF8
-+ if (strncmp
-+ (&compl[i].text[word_len], &bufpos[word_len],
-+- max (len, compl[i].len) - word_len) == 0) {
-++ max (len,
-++#else /* UTF8 */
-++ if (wcsncmp
-++ ((wchar_t *) &compl[i].text[word_len],
-++ (wchar_t *) &bufpos[word_len], max (len,
-++#endif /* UTF8 */
-++ compl[i].len) - word_len) == 0) {
-+ skip = 1;
-+ break; /* skip it, already added */
-+ }
-+@@ -2721,7 +3052,7 @@
-+ if (skip)
-+ continue;
-+
-+- compl[*num].text = g_malloc (len + 1);
-++ compl[*num].text = g_malloc ((len + 1) * sizeof(mc_wchar_t));
-+ compl[*num].len = len;
-+ for (i = 0; i < len; i++)
-+ compl[*num].text[i] = *(bufpos + i);
-+@@ -2735,6 +3066,18 @@
-+ return max_len;
-+ }
-+
-++#ifdef UTF8
-++int edit_print_string (WEdit * e, const char *s)
-++{
-++ int i;
-++ mc_wchar_t *ws = mbstr_to_wchar(s);
-++ i = edit_print_wstring (e, ws);
-++ g_free(ws);
-++ return i;
-++}
-++
-++#endif /* UTF8 */
-++
-+
-+ /* let the user select its preferred completion */
-+ static void
-+@@ -2747,6 +3090,10 @@
-+ WListbox *compl_list;
-+ int compl_dlg_h; /* completion dialog height */
-+ int compl_dlg_w; /* completion dialog width */
-++#ifdef UTF8
-++ char *mbtext;
-++#endif /* UTF8 */
-++
-+
-+ /* calculate the dialog metrics */
-+ compl_dlg_h = num_compl + 2;
-+@@ -2782,8 +3129,16 @@
-+ add_widget (compl_dlg, compl_list);
-+
-+ /* fill the listbox with the completions */
-++#ifndef UTF8
-+ for (i = 0; i < num_compl; i++)
-+ listbox_add_item (compl_list, 0, 0, compl[i].text, NULL);
-++#else /* UTF8 */
-++ for (i = 0; i < num_compl; i++) {
-++ mbtext = wchar_to_mbstr(compl[i].text);
-++ listbox_add_item (compl_list, 0, 0, mbtext, NULL);
-++ g_free(mbtext);
-++ }
-++#endif /* UTF8 */
-+
-+ /* pop up the dialog */
-+ run_dlg (compl_dlg);
-+@@ -2791,9 +3146,17 @@
-+ /* apply the choosen completion */
-+ if (compl_dlg->ret_value == B_ENTER) {
-+ listbox_get_current (compl_list, &curr, NULL);
-+- if (curr)
-++ if (curr){
-++#ifndef UTF8
-+ for (curr += word_len; *curr; curr++)
-+ edit_insert (edit, *curr);
-++#else /* UTF8 */
-++ mc_wchar_t *wc, *wccurr = mbstr_to_wchar(curr);
-++ for (wc = wccurr + word_len; *wc; wc++)
-++ edit_insert (edit, *wc);
-++ g_free(wccurr);
-++#endif /* UTF8 */
-++ }
-+ }
-+
-+ /* destroy dialog before return */
-+@@ -2810,8 +3173,9 @@
-+ {
-+ int word_len = 0, i, num_compl = 0, max_len;
-+ long word_start = 0;
-+- char *bufpos;
-+- char *match_expr;
-++ mc_wchar_t *bufpos;
-++ mc_wchar_t *match_expr;
-++ char *mbmatch_expr;
-+ struct selection compl[MAX_WORD_COMPLETIONS]; /* completions */
-+
-+ /* don't want to disturb another search */
-+@@ -2828,16 +3192,32 @@
-+ /* prepare match expression */
-+ bufpos = &edit->buffers1[word_start >> S_EDIT_BUF_SIZE]
-+ [word_start & M_EDIT_BUF_SIZE];
-++
-++ match_expr = g_malloc((word_len + 14) * sizeof(mc_wchar_t));
-++#ifndef UTF8
-+ match_expr = g_strdup_printf ("%.*s[a-zA-Z_0-9]+", word_len, bufpos);
-++#else /* UTF8 */
-++ wcsncpy (match_expr, bufpos, word_len);
-++ match_expr[word_len] = '\0';
-++ wcscat (match_expr, L"[a-zA-Z_0-9]+");
-++#endif /* UTF8 */
-+
-+ /* init search: backward, regexp, whole word, case sensitive */
-+ edit_set_search_parameters (0, 1, 1, 1, 1);
-+
-+ /* collect the possible completions */
-+ /* start search from curs1 down to begin of file */
-++#ifndef UTF8
-+ max_len =
-+ edit_collect_completions (edit, word_start, word_len, match_expr,
-+ (struct selection *) &compl, &num_compl);
-++#else /* UTF8 */
-++ mbmatch_expr = wchar_to_mbstr(match_expr);
-++ max_len =
-++ edit_collect_completions (edit, word_start, word_len, mbmatch_expr,
-++ (struct selection *) &compl, &num_compl);
-++ g_free(mbmatch_expr);
-++#endif /* UTF8 */
-+
-+ if (num_compl > 0) {
-+ /* insert completed word if there is only one match */
-+diff -Naur mc-4.6.1-old/edit/editdraw.c mc-4.6.1/edit/editdraw.c
-+--- mc-4.6.1-old/edit/editdraw.c 2005-05-27 16:19:18.000000000 +0200
-++++ mc-4.6.1/edit/editdraw.c 2005-10-28 10:08:07.657259272 +0200
-+@@ -48,7 +48,7 @@
-+
-+ static void status_string (WEdit * edit, char *s, int w)
-+ {
-+- char byte_str[16];
-++ char byte_str[32];
-+
-+ /*
-+ * If we are at the end of file, print <EOF>,
-+@@ -56,11 +56,16 @@
-+ * as decimal and as hex.
-+ */
-+ if (edit->curs1 < edit->last_byte) {
-+- unsigned char cur_byte = edit_get_byte (edit, edit->curs1);
-++ mc_wchar_t cur_byte = edit_get_byte (edit, edit->curs1);
-++#ifndef UTF8
-+ g_snprintf (byte_str, sizeof (byte_str), "%c %3d 0x%02X",
-+ is_printable (cur_byte) ? cur_byte : '.',
-+- (int) cur_byte,
-+- (unsigned) cur_byte);
-++#else /* UTF8 */
-++ g_snprintf (byte_str, sizeof(byte_str), "%lc %3d 0x%02X",
-++ iswprint(cur_byte) ? cur_byte : '.',
-++#endif /* UTF8 */
-++ (int) cur_byte,
-++ (unsigned) cur_byte);
-+ } else {
-+ strcpy (byte_str, "<EOF>");
-+ }
-+@@ -183,11 +188,16 @@
-+ #define lowlevel_set_color(x) attrset(MY_COLOR_PAIR(color))
-+ #endif
-+
-++struct line_s {
-++ mc_wchar_t ch;
-++ unsigned int style;
-++};
-++
-+ static void
-+ print_to_widget (WEdit *edit, long row, int start_col, int start_col_real,
-+- long end_col, unsigned int line[])
-++ long end_col, struct line_s line[])
-+ {
-+- unsigned int *p;
-++ struct line_s *p;
-+
-+ int x = start_col_real + EDIT_TEXT_HORIZONTAL_OFFSET;
-+ int x1 = start_col + EDIT_TEXT_HORIZONTAL_OFFSET;
-+@@ -201,9 +211,9 @@
-+ edit_move (x1 + FONT_OFFSET_X, y + FONT_OFFSET_Y);
-+ p = line;
-+
-+- while (*p) {
-++ while (p->ch) {
-+ int style;
-+- int textchar;
-++ mc_wchar_t textchar;
-+ int color;
-+
-+ if (cols_to_skip) {
-+@@ -212,9 +222,9 @@
-+ continue;
-+ }
-+
-+- style = *p & 0xFF00;
-+- textchar = *p & 0xFF;
-+- color = *p >> 16;
-++ style = p->style & 0xFF00;
-++ textchar = p->ch;
-++ color = p->style >> 16;
-+
-+ if (style & MOD_ABNORMAL) {
-+ /* Non-printable - use black background */
-+@@ -228,8 +238,11 @@
-+ } else {
-+ lowlevel_set_color (color);
-+ }
-+-
-++#ifdef UTF8
-++ SLsmg_write_char(textchar);
-++#else
-+ addch (textchar);
-++#endif
-+ p++;
-+ }
-+ }
-+@@ -239,11 +252,11 @@
-+ edit_draw_this_line (WEdit *edit, long b, long row, long start_col,
-+ long end_col)
-+ {
-+- static unsigned int line[MAX_LINE_LEN];
-+- unsigned int *p = line;
-++ struct line_s line[MAX_LINE_LEN];
-++ struct line_s *p = line;
-+ long m1 = 0, m2 = 0, q, c1, c2;
-+ int col, start_col_real;
-+- unsigned int c;
-++ mc_wint_t c;
-+ int color;
-+ int i, book_mark = -1;
-+
-+@@ -265,66 +278,96 @@
-+
-+ if (row <= edit->total_lines - edit->start_line) {
-+ while (col <= end_col - edit->start_col) {
-+- *p = 0;
-++ p->ch = 0;
-++ p->style = 0;
-+ if (q == edit->curs1)
-+- *p |= MOD_CURSOR;
-++ p->style |= MOD_CURSOR;
-+ if (q >= m1 && q < m2) {
-+ if (column_highlighting) {
-+ int x;
-+ x = edit_move_forward3 (edit, b, 0, q);
-+ if (x >= c1 && x < c2)
-+- *p |= MOD_MARKED;
-++ p->style |= MOD_MARKED;
-+ } else
-+- *p |= MOD_MARKED;
-++ p->style |= MOD_MARKED;
-+ }
-+ if (q == edit->bracket)
-+- *p |= MOD_BOLD;
-++ p->style |= MOD_BOLD;
-+ if (q >= edit->found_start
-+ && q < edit->found_start + edit->found_len)
-+- *p |= MOD_BOLD;
-++ p->style |= MOD_BOLD;
-+ c = edit_get_byte (edit, q);
-+ /* we don't use bg for mc - fg contains both */
-+ if (book_mark == -1) {
-+ edit_get_syntax_color (edit, q, &color);
-+- *p |= color << 16;
-++ p->style |= color << 16;
-+ } else {
-+- *p |= book_mark << 16;
-++ p->style |= book_mark << 16;
-+ }
-+ q++;
-+ switch (c) {
-+ case '\n':
-+ col = end_col - edit->start_col + 1; /* quit */
-+- *(p++) |= ' ';
-++ p->ch = ' ';
-++ p++;
-+ break;
-+ case '\t':
-+ i = TAB_SIZE - ((int) col % TAB_SIZE);
-+- *p |= ' ';
-+- c = *(p++) & ~MOD_CURSOR;
-++ p->ch = ' ';
-++ c = p->style & ~MOD_CURSOR;
-++ p++;
-+ col += i;
-+- while (--i)
-+- *(p++) = c;
-++ while (--i) {
-++ p->ch = ' '; p->style = c;
-++ p++;
-++ }
-+ break;
-+ default:
-+ c = convert_to_display_c (c);
-+
-+ /* Caret notation for control characters */
-+ if (c < 32) {
-+- *(p++) = '^' | MOD_ABNORMAL;
-+- *(p++) = (c + 0x40) | MOD_ABNORMAL;
-++ p->ch = '^';
-++ p->style = MOD_ABNORMAL;
-++ p++;
-++ p->ch = c + 0x40;
-++ p->style = MOD_ABNORMAL;
-+ col += 2;
-+ break;
-+ }
-+ if (c == 127) {
-+- *(p++) = '^' | MOD_ABNORMAL;
-+- *(p++) = '?' | MOD_ABNORMAL;
-++ p->ch = '^';
-++ p->style = MOD_ABNORMAL;
-++ p++;
-++ p->ch = '?';
-++ p->style = MOD_ABNORMAL;
-++ p++;
-+ col += 2;
-+ break;
-+ }
-+
-+- if (is_printable (c)) {
-+- *(p++) |= c;
-++#ifndef UTF8
-++ if (is_printable (c)
-++#else /* UTF8 */
-++ if (iswprint (c)
-++#ifdef __STDC_ISO_10646__
-++ && (c < BINARY_CHAR_OFFSET || c >= (BINARY_CHAR_OFFSET + 256))
-++#endif
-++#endif /* UTF8 */
-++ ) {
-++ p->ch = c;
-++ p++;
-++
-++#ifdef UTF8
-++ i = wcwidth(c);
-++ if (i > 1) {
-++ col += i - 1;
-++ }
-++#endif /* UTF8 */
-+ } else {
-+- *(p++) = '.' | MOD_ABNORMAL;
-++ p->ch = '.';
-++ p->style = MOD_ABNORMAL;
-++ p++;
-+ }
-+ col++;
-+ break;
-+@@ -334,7 +377,7 @@
-+ } else {
-+ start_col_real = start_col = 0;
-+ }
-+- *p = 0;
-++ p->ch = 0;
-+
-+ print_to_widget (edit, row, start_col, start_col_real, end_col, line);
-+ }
-+diff -Naur mc-4.6.1-old/edit/edit.h mc-4.6.1/edit/edit.h
-+--- mc-4.6.1-old/edit/edit.h 2005-05-27 16:19:18.000000000 +0200
-++++ mc-4.6.1/edit/edit.h 2005-10-28 10:08:07.768242400 +0200
-+@@ -39,6 +39,27 @@
-+
-+ #include "../src/global.h"
-+
-++#include "src/tty.h"
-++
-++#ifdef UTF8
-++#include <wchar.h>
-++#include <wctype.h>
-++
-++#define mc_wchar_t wchar_t
-++#define mc_wint_t wint_t
-++
-++#else
-++
-++#define mc_wchar_t unsigned char
-++#define mc_wint_t int
-++
-++#endif
-++
-++
-++/* unicode private use area */
-++#define BINARY_CHAR_OFFSET 0xFFE00
-++
-++
-+ #define N_menus 5
-+
-+ #define SEARCH_DIALOG_OPTION_NO_SCANF 1
-+@@ -99,6 +120,8 @@
-+ #define START_STACK_SIZE 32
-+
-+ /* Some codes that may be pushed onto or returned from the undo stack */
-++#define CHAR_INSERT 65
-++#define CHAR_INSERT_AHEAD 66
-+ #define CURS_LEFT 601
-+ #define CURS_RIGHT 602
-+ #define DELCHAR 603
-+@@ -118,7 +141,7 @@
-+
-+ struct macro {
-+ short command;
-+- short ch;
-++ mc_wchar_t ch;
-+ };
-+
-+ struct WEdit;
-+@@ -132,26 +155,8 @@
-+ void menu_save_mode_cmd (void);
-+ int edit_raw_key_query (const char *heading, const char *query, int cancel);
-+ int edit_file (const char *_file, int line);
-+-int edit_translate_key (WEdit *edit, long x_key, int *cmd, int *ch);
-+-
-+-#ifndef NO_INLINE_GETBYTE
-+-int edit_get_byte (WEdit * edit, long byte_index);
-+-#else
-+-static inline int edit_get_byte (WEdit * edit, long byte_index)
-+-{
-+- unsigned long p;
-+- if (byte_index >= (edit->curs1 + edit->curs2) || byte_index < 0)
-+- return '\n';
-+-
-+- if (byte_index >= edit->curs1) {
-+- p = edit->curs1 + edit->curs2 - byte_index - 1;
-+- return edit->buffers2[p >> S_EDIT_BUF_SIZE][EDIT_BUF_SIZE - (p & M_EDIT_BUF_SIZE) - 1];
-+- } else {
-+- return edit->buffers1[byte_index >> S_EDIT_BUF_SIZE][byte_index & M_EDIT_BUF_SIZE];
-+- }
-+-}
-+-#endif
-+-
-++int edit_translate_key (WEdit *edit, long x_key, int *cmd, mc_wint_t *ch);
-++mc_wchar_t edit_get_byte (WEdit * edit, long byte_index);
-+ int edit_count_lines (WEdit * edit, long current, int upto);
-+ long edit_move_forward (WEdit * edit, long current, int lines, long upto);
-+ long edit_move_forward3 (WEdit * edit, long current, int cols, long upto);
-+@@ -176,11 +181,11 @@
-+ void edit_delete_line (WEdit * edit);
-+
-+ int edit_delete (WEdit * edit);
-+-void edit_insert (WEdit * edit, int c);
-++void edit_insert (WEdit * edit, mc_wchar_t c);
-+ int edit_cursor_move (WEdit * edit, long increment);
-+ void edit_push_action (WEdit * edit, long c, ...);
-+ void edit_push_key_press (WEdit * edit);
-+-void edit_insert_ahead (WEdit * edit, int c);
-++void edit_insert_ahead (WEdit * edit, mc_wchar_t c);
-+ long edit_write_stream (WEdit * edit, FILE * f);
-+ char *edit_get_write_filter (const char *writename, const char *filename);
-+ int edit_save_confirm_cmd (WEdit * edit);
-+@@ -212,7 +217,7 @@
-+ int eval_marks (WEdit * edit, long *start_mark, long *end_mark);
-+ void edit_status (WEdit * edit);
-+ void edit_execute_key_command (WEdit *edit, int command,
-+- int char_for_insertion);
-++ mc_wint_t char_for_insertion);
-+ void edit_update_screen (WEdit * edit);
-+ int edit_print_string (WEdit * e, const char *s);
-+ void edit_move_to_line (WEdit * e, long line);
-+@@ -256,7 +261,7 @@
-+ void format_paragraph (WEdit *edit, int force);
-+
-+ /* either command or char_for_insertion must be passed as -1 */
-+-void edit_execute_cmd (WEdit *edit, int command, int char_for_insertion);
-++void edit_execute_cmd (WEdit *edit, int command, mc_wint_t char_for_insertion);
-+
-+ #define get_sys_error(s) (s)
-+
-+diff -Naur mc-4.6.1-old/edit/editkeys.c mc-4.6.1/edit/editkeys.c
-+--- mc-4.6.1-old/edit/editkeys.c 2005-05-27 16:19:18.000000000 +0200
-++++ mc-4.6.1/edit/editkeys.c 2005-10-28 10:08:07.659258968 +0200
-+@@ -162,10 +162,10 @@
-+ * 'command' is one of the editor commands from editcmddef.h.
-+ */
-+ int
-+-edit_translate_key (WEdit *edit, long x_key, int *cmd, int *ch)
-++edit_translate_key (WEdit *edit, long x_key, int *cmd, mc_wint_t *ch)
-+ {
-+ int command = CK_Insert_Char;
-+- int char_for_insertion = -1;
-++ mc_wint_t char_for_insertion = -1;
-+ int i = 0;
-+ static const long *key_map;
-+
-+@@ -242,9 +242,30 @@
-+ /* an ordinary insertable character */
-+ if (x_key < 256) {
-+ int c = convert_from_input_c (x_key);
-+-
-++#ifdef UTF8
-++ mbstate_t mbs;
-++ int res;
-++ mc_wchar_t wc;
-++
-++ memset (&mbs, 0, sizeof (mbs));
-++
-++ if (edit->charpoint >= MB_CUR_MAX) edit->charpoint = 0;
-++
-++ edit->charbuf[edit->charpoint++] = c;
-++
-++ res = mbrtowc(&wc, (char *)edit->charbuf, edit->charpoint, &mbs);
-++ if (res < 0) {
-++ if (res != -2) edit->charpoint = 0; /* broken multibyte char, skip */
-++ return 0;
-++ }
-++ edit->charpoint = 0;
-++
-++ if (iswprint (wc)) {
-++ char_for_insertion = wc;
-++#else
-+ if (is_printable (c)) {
-+ char_for_insertion = c;
-++#endif /* UTF8 */
-+ goto fin;
-+ }
-+ }
-+@@ -285,7 +306,7 @@
-+ *cmd = command;
-+ *ch = char_for_insertion;
-+
-+- if (command == CK_Insert_Char && char_for_insertion == -1) {
-++ if (command == CK_Insert_Char && char_for_insertion == (mc_wint_t)-1) {
-+ /* unchanged, key has no function here */
-+ return 0;
-+ }
-+diff -Naur mc-4.6.1-old/edit/editwidget.c mc-4.6.1/edit/editwidget.c
-+--- mc-4.6.1-old/edit/editwidget.c 2005-05-27 16:19:18.000000000 +0200
-++++ mc-4.6.1/edit/editwidget.c 2005-10-28 10:08:07.664258208 +0200
-+@@ -337,7 +337,8 @@
-+
-+ case WIDGET_KEY:
-+ {
-+- int cmd, ch;
-++ int cmd;
-++ mc_wint_t ch;
-+
-+ /* first check alt-f, alt-e, alt-s, etc for drop menus */
-+ if (edit_drop_hotkey_menu (e, parm))
-+diff -Naur mc-4.6.1-old/edit/edit-widget.h mc-4.6.1/edit/edit-widget.h
-+--- mc-4.6.1-old/edit/edit-widget.h 2003-10-29 09:54:47.000000000 +0100
-++++ mc-4.6.1/edit/edit-widget.h 2005-10-28 10:08:07.750245136 +0200
-+@@ -24,6 +24,11 @@
-+ unsigned char border;
-+ };
-+
-++struct action {
-++ mc_wchar_t ch;
-++ long flags;
-++};
-++
-+ struct WEdit {
-+ Widget widget;
-+
-+@@ -36,8 +41,17 @@
-+ /* dynamic buffers and cursor position for editor: */
-+ long curs1; /* position of the cursor from the beginning of the file. */
-+ long curs2; /* position from the end of the file */
-++#ifndef UTF8
-+ unsigned char *buffers1[MAXBUFF + 1]; /* all data up to curs1 */
-+ unsigned char *buffers2[MAXBUFF + 1]; /* all data from end of file down to curs2 */
-++#else /* UTF8 */
-++ mc_wchar_t *buffers1[MAXBUFF + 1]; /* all data up to curs1 */
-++ mc_wchar_t *buffers2[MAXBUFF + 1]; /* all data from end of file down to curs2 */
-++
-++ unsigned char charbuf[MB_LEN_MAX];
-++ int charpoint;
-++#endif /* UTF8 */
-++
-+
-+ /* search variables */
-+ long search_start; /* First character to start searching from */
-+@@ -81,7 +95,7 @@
-+
-+ /* undo stack and pointers */
-+ unsigned long stack_pointer;
-+- long *undo_stack;
-++ struct action *undo_stack;
-+ unsigned long stack_size;
-+ unsigned long stack_size_mask;
-+ unsigned long stack_bottom;
-+diff -Naur mc-4.6.1-old/edit/wordproc.c mc-4.6.1/edit/wordproc.c
-+--- mc-4.6.1-old/edit/wordproc.c 2005-05-27 16:19:18.000000000 +0200
-++++ mc-4.6.1/edit/wordproc.c 2005-10-28 10:08:07.668257600 +0200
-+@@ -24,7 +24,12 @@
-+
-+ #define tab_width option_tab_spacing
-+
-++#ifndef UTF8
-+ #define NO_FORMAT_CHARS_START "-+*\\,.;:&>"
-++#else /* UTF8 */
-++#define NO_FORMAT_CHARS_START L"-+*\\,.;:&>"
-++#endif /* UTF8 */
-++
-+ #define FONT_MEAN_WIDTH 1
-+
-+ static long
-+@@ -41,14 +46,21 @@
-+ p = edit_move_forward (edit, p, line - l, 0);
-+
-+ p = edit_bol (edit, p);
-++
-++#ifndef UTF8
-+ while (strchr ("\t ", edit_get_byte (edit, p)))
-++#else /* UTF8 */
-++ while (wcschr (L"\t ", edit_get_byte (edit, p)))
-++#endif /* UTF8 */
-++
-+ p++;
-+ return p;
-+ }
-+
-+ static int bad_line_start (WEdit * edit, long p)
-+ {
-+- int c;
-++ mc_wint_t c;
-++
-+ c = edit_get_byte (edit, p);
-+ if (c == '.') { /* `...' is acceptable */
-+ if (edit_get_byte (edit, p + 1) == '.')
-+@@ -62,7 +74,13 @@
-+ return 0; /* `---' is acceptable */
-+ return 1;
-+ }
-++
-++#ifndef UTF8
-+ if (strchr (NO_FORMAT_CHARS_START, c))
-++#else /* UTF8 */
-++ if (wcschr (NO_FORMAT_CHARS_START, c))
-++#endif /* UTF8 */
-++
-+ return 1;
-+ return 0;
-+ }
-+@@ -115,33 +133,37 @@
-+ i - edit->curs_line, 0));
-+ }
-+
-+-static unsigned char *
-++static mc_wchar_t *
-+ get_paragraph (WEdit *edit, long p, long q, int indent, int *size)
-+ {
-+- unsigned char *s, *t;
-++ mc_wchar_t *s, *t;
-+ #if 0
-+- t = g_malloc ((q - p) + 2 * (q - p) / option_word_wrap_line_length +
-+- 10);
-++ t = g_malloc (((q - p) + 2 * (q - p) / option_word_wrap_line_length +
-++ 10) * sizeof(mc_wchar_t));
-+ #else
-+- t = g_malloc (2 * (q - p) + 100);
-++ t = g_malloc ((2 * (q - p) + 100) * sizeof(mc_wchar_t));
-+ #endif
-+ if (!t)
-+ return 0;
-+ for (s = t; p < q; p++, s++) {
-+ if (indent)
-+ if (edit_get_byte (edit, p - 1) == '\n')
-++#ifndef UTF8
-+ while (strchr ("\t ", edit_get_byte (edit, p)))
-++#else /* UTF8 */
-++ while (wcschr (L"\t ", edit_get_byte (edit, p)))
-++#endif /* UTF8 */
-+ p++;
-+ *s = edit_get_byte (edit, p);
-+ }
-+- *size = (unsigned long) s - (unsigned long) t;
-++ *size = s - t;
-+ t[*size] = '\n';
-+ return t;
-+ }
-+
-+-static void strip_newlines (unsigned char *t, int size)
-++static void strip_newlines (mc_wchar_t *t, int size)
-+ {
-+- unsigned char *p = t;
-++ mc_wchar_t *p = t;
-+ while (size--) {
-+ *p = *p == '\n' ? ' ' : *p;
-+ p++;
-+@@ -158,7 +180,7 @@
-+ {
-+ return x += tab_width - x % tab_width;
-+ }
-+-static int line_pixel_length (unsigned char *t, long b, int l)
-++static int line_pixel_length (mc_wchar_t *t, long b, int l)
-+ {
-+ int x = 0, c, xn = 0;
-+ for (;;) {
-+@@ -182,7 +204,7 @@
-+ }
-+
-+ /* find the start of a word */
-+-static int next_word_start (unsigned char *t, int q, int size)
-++static int next_word_start (mc_wchar_t *t, int q, int size)
-+ {
-+ int i;
-+ for (i = q;; i++) {
-+@@ -203,7 +225,7 @@
-+ }
-+
-+ /* find the start of a word */
-+-static int word_start (unsigned char *t, int q, int size)
-++static int word_start (mc_wchar_t *t, int q, int size)
-+ {
-+ int i = q;
-+ if (t[q] == ' ' || t[q] == '\t')
-+@@ -222,7 +244,7 @@
-+ }
-+
-+ /* replaces ' ' with '\n' to properly format a paragraph */
-+-static void format_this (unsigned char *t, int size, int indent)
-++static void format_this (mc_wchar_t *t, int size, int indent)
-+ {
-+ int q = 0, ww;
-+ strip_newlines (t, size);
-+@@ -250,7 +272,7 @@
-+ }
-+ }
-+
-+-static void replace_at (WEdit * edit, long q, int c)
-++static void replace_at (WEdit * edit, long q, mc_wint_t c)
-+ {
-+ edit_cursor_move (edit, q - edit->curs1);
-+ edit_delete (edit);
-+@@ -258,18 +280,27 @@
-+ }
-+
-+ /* replaces a block of text */
-+-static void put_paragraph (WEdit * edit, unsigned char *t, long p, long q, int indent, int size)
-++static void put_paragraph (WEdit * edit, mc_wchar_t *t, long p, long q, int indent, int size)
-+ {
-+ long cursor;
-+- int i, c = 0;
-++ int i;
-++ mc_wchar_t c = 0;
-+ cursor = edit->curs1;
-+ if (indent)
-++#ifndef UTF8
-+ while (strchr ("\t ", edit_get_byte (edit, p)))
-++#else /* UTF8 */
-++ while (wcschr (L"\t ", edit_get_byte (edit, p)))
-++#endif /* UTF8 */
-+ p++;
-+ for (i = 0; i < size; i++, p++) {
-+ if (i && indent) {
-+ if (t[i - 1] == '\n' && c == '\n') {
-++#ifndef UTF8
-+ while (strchr ("\t ", edit_get_byte (edit, p)))
-++#else /* UTF8 */
-++ while (wcschr (L"\t ", edit_get_byte (edit, p)))
-++#endif /* UTF8 */
-+ p++;
-+ } else if (t[i - 1] == '\n') {
-+ long curs;
-+@@ -281,7 +312,11 @@
-+ p = edit->curs1;
-+ } else if (c == '\n') {
-+ edit_cursor_move (edit, p - edit->curs1);
-++#ifndef UTF8
-+ while (strchr ("\t ", edit_get_byte (edit, p))) {
-++#else /* UTF8 */
-++ while (wcschr (L"\t ", edit_get_byte (edit, p))) {
-++#endif /* UTF8 */
-+ edit_delete (edit);
-+ if (cursor > edit->curs1)
-+ cursor--;
-+@@ -314,7 +349,7 @@
-+ {
-+ long p, q;
-+ int size;
-+- unsigned char *t;
-++ mc_wchar_t *t;
-+ int indent = 0;
-+ if (option_word_wrap_line_length < 2)
-+ return;
-+@@ -324,17 +359,25 @@
-+ q = end_paragraph (edit, force);
-+ indent = test_indent (edit, p, q);
-+ t = get_paragraph (edit, p, q, indent, &size);
-+- if (!t)
-++ if (!t)
-+ return;
-+ if (!force) {
-+ int i;
-++#ifndef UTF8
-+ if (strchr (NO_FORMAT_CHARS_START, *t)) {
-++#else /* UTF8 */
-++ if (wcschr (NO_FORMAT_CHARS_START, *t)) {
-++#endif /* UTF8 */
-+ g_free (t);
-+ return;
-+ }
-+ for (i = 0; i < size - 1; i++) {
-+ if (t[i] == '\n') {
-++#ifndef UTF8
-+ if (strchr (NO_FORMAT_CHARS_START "\t ", t[i + 1])) {
-++#else /* UTF8 */
-++ if (wcschr (NO_FORMAT_CHARS_START "\t", t[i + 1])) {
-++#endif /* UTF8 */
-+ g_free (t);
-+ return;
-+ }
-+diff -Naur mc-4.6.1-old/src/achown.c mc-4.6.1/src/achown.c
-+--- mc-4.6.1-old/src/achown.c 2005-07-23 18:52:02.000000000 +0200
-++++ mc-4.6.1/src/achown.c 2005-10-28 10:08:08.094192848 +0200
-+@@ -583,6 +583,12 @@
-+ b_att[2] = button_new (XTRACT (6));
-+ b_user = button_new (XTRACT (5));
-+ b_group = button_new (XTRACT (4));
-++#ifdef UTF8
-++ if (SLsmg_Is_Unicode) {
-++ b_user->text = g_realloc (b_user->text, MB_CUR_MAX * 15 + 1);
-++ b_group->text = g_realloc (b_group->text, MB_CUR_MAX * 15 + 1);
-++ }
-++#endif
-+
-+ add_widget (ch_dlg, b_group);
-+ add_widget (ch_dlg, b_user);
-+diff -Naur mc-4.6.1-old/src/boxes.c mc-4.6.1/src/boxes.c
-+--- mc-4.6.1-old/src/boxes.c 2005-05-27 16:19:18.000000000 +0200
-++++ mc-4.6.1/src/boxes.c 2005-10-28 10:08:08.079195128 +0200
-+@@ -150,23 +150,23 @@
-+ display_title = _(display_title);
-+ for (i = 0; i < LIST_TYPES; i++) {
-+ displays[i] = _(displays[i]);
-+- if ((l = strlen (displays[i])) > maxlen)
-++ if ((l = mbstrlen (displays[i])) > maxlen)
-+ maxlen = l;
-+ }
-+
-+- i = strlen (ok_button) + 5;
-+- l = strlen (cancel_button) + 3;
-++ i = mbstrlen (ok_button) + 5;
-++ l = mbstrlen (cancel_button) + 3;
-+ l = max (i, l);
-+
-+ i = maxlen + l + 16;
-+ if (i > DISPLAY_X)
-+ DISPLAY_X = i;
-+
-+- i = strlen (user_mini_status) + 13;
-++ i = mbstrlen (user_mini_status) + 13;
-+ if (i > DISPLAY_X)
-+ DISPLAY_X = i;
-+
-+- i = strlen (display_title) + 10;
-++ i = mbstrlen (display_title) + 10;
-+ if (i > DISPLAY_X)
-+ DISPLAY_X = i;
-+
-+@@ -285,20 +285,20 @@
-+ int maxlen = 0;
-+ for (i = SORT_TYPES - 1; i >= 0; i--) {
-+ sort_orders_names[i] = _(sort_orders[i].sort_name);
-+- r = strlen (sort_orders_names[i]);
-++ r = mbstrlen (sort_orders_names[i]);
-+ if (r > maxlen)
-+ maxlen = r;
-+ }
-+
-+ check_pos = maxlen + 9;
-+
-+- r = strlen (reverse_label) + 4;
-+- i = strlen (case_label) + 4;
-++ r = mbstrlen (reverse_label) + 4;
-++ i = mbstrlen (case_label) + 4;
-+ if (i > r)
-+ r = i;
-+
-+- l = strlen (ok_button) + 6;
-+- i = strlen (cancel_button) + 4;
-++ l = mbstrlen (ok_button) + 6;
-++ i = mbstrlen (cancel_button) + 4;
-+ if (i > l)
-+ l = i;
-+
-+@@ -307,7 +307,7 @@
-+ if (i > SORT_X)
-+ SORT_X = i;
-+
-+- i = strlen (sort_title) + 6;
-++ i = mbstrlen (sort_title) + 6;
-+ if (i > SORT_X)
-+ SORT_X = i;
-+
-+@@ -402,7 +402,7 @@
-+ while (i--)
-+ {
-+ conf_widgets [i].text = _(conf_widgets [i].text);
-+- l1 = strlen (conf_widgets [i].text) + 3;
-++ l1 = mbstrlen (conf_widgets [i].text) + 3;
-+ if (l1 > maxlen)
-+ maxlen = l1;
-+ }
-+@@ -417,8 +417,8 @@
-+ * And this for the case when buttons with some space to the right
-+ * do not fit within 2/6
-+ */
-+- l1 = strlen (conf_widgets [0].text) + 3;
-+- i = strlen (conf_widgets [1].text) + 5;
-++ l1 = mbstrlen (conf_widgets [0].text) + 3;
-++ i = mbstrlen (conf_widgets [1].text) + 5;
-+ if (i > l1)
-+ l1 = i;
-+
-+@@ -489,11 +489,11 @@
-+ {
-+ display_widgets [i].text = _(display_widgets[i].text);
-+ display_bits_str [i] = _(display_bits_str [i]);
-+- l1 = strlen (display_bits_str [i]);
-++ l1 = mbstrlen (display_bits_str [i]);
-+ if (l1 > maxlen)
-+ maxlen = l1;
-+ }
-+- l1 = strlen (display_widgets [2].text);
-++ l1 = mbstrlen (display_widgets [2].text);
-+ if (l1 > maxlen)
-+ maxlen = l1;
-+
-+@@ -501,8 +501,8 @@
-+ display_bits.xlen = (maxlen + 5) * 6 / 4;
-+
-+ /* See above confirm_box */
-+- l1 = strlen (display_widgets [0].text) + 3;
-+- i = strlen (display_widgets [1].text) + 5;
-++ l1 = mbstrlen (display_widgets [0].text) + 3;
-++ i = mbstrlen (display_widgets [1].text) + 5;
-+ if (i > l1)
-+ l1 = i;
-+
-+@@ -597,7 +597,7 @@
-+
-+ cpname = _("&Select");
-+ add_widget (dbits_dlg,
-+- button_new (4, DISPX - 8 - strlen (cpname), B_USER,
-++ button_new (4, DISPX - 8 - mbstrlen (cpname), B_USER,
-+ NORMAL_BUTTON, cpname, sel_charset_button));
-+
-+ return dbits_dlg;
-+@@ -803,7 +803,7 @@
-+ quick_widgets [1].y_divisions =
-+ quick_widgets [0].y_divisions = Quick_input.ylen = 5;
-+
-+- len = strlen (quick_widgets [1].text);
-++ len = mbstrlen (quick_widgets [1].text);
-+
-+ quick_widgets [0].relative_x =
-+ quick_widgets [1].relative_x + len + 1;
-+@@ -962,7 +962,7 @@
-+ {
-+ job_buttons [i].name = _(job_buttons [i].name);
-+
-+- len = strlen (job_buttons [i].name) + 4;
-++ len = mbstrlen (job_buttons [i].name) + 4;
-+ JOBS_X = max (JOBS_X, startx + len + 3);
-+
-+ job_buttons [i].xpos = startx;
-+@@ -971,7 +971,7 @@
-+
-+ /* Last button - Ok a.k.a. Cancel :) */
-+ job_buttons [n_buttons - 1].xpos =
-+- JOBS_X - strlen (job_buttons [n_buttons - 1].name) - 7;
-++ JOBS_X - mbstrlen (job_buttons [n_buttons - 1].name) - 7;
-+
-+ i18n_flag = 1;
-+ }
-+@@ -1029,7 +1029,7 @@
-+
-+ while (i--)
-+ {
-+- l1 = strlen (labs [i] = _(labs [i]));
-++ l1 = mbstrlen (labs [i] = _(labs [i]));
-+ if (l1 > maxlen)
-+ maxlen = l1;
-+ }
-+@@ -1039,7 +1039,7 @@
-+
-+ for (i = sizeof(buts)/sizeof(buts[0]), l1 = 0; i--; )
-+ {
-+- l1 += strlen (buts [i] = _(buts [i]));
-++ l1 += mbstrlen (buts [i] = _(buts [i]));
-+ }
-+ l1 += 15;
-+ if (l1 > dialog_x)
-+@@ -1048,7 +1048,7 @@
-+ ilen = dialog_x - 7 - maxlen; /* for the case of very long buttons :) */
-+ istart = dialog_x - 3 - ilen;
-+
-+- b2 = dialog_x - (strlen(buts[1]) + 6);
-++ b2 = dialog_x - (mbstrlen(buts[1]) + 6);
-+
-+ i18n_flag = 1;
-+ }
-+diff -Naur mc-4.6.1-old/src/dialog.c mc-4.6.1/src/dialog.c
-+--- mc-4.6.1-old/src/dialog.c 2005-05-27 16:19:18.000000000 +0200
-++++ mc-4.6.1/src/dialog.c 2005-10-28 10:08:07.891223704 +0200
-+@@ -162,7 +162,7 @@
-+
-+ if (h->title) {
-+ attrset (HOT_NORMALC);
-+- dlg_move (h, space, (h->cols - strlen (h->title)) / 2);
-++ dlg_move (h, space, (h->cols - mbstrlen (h->title)) / 2);
-+ addstr (h->title);
-+ }
-+ }
-+diff -Naur mc-4.6.1-old/src/file.c mc-4.6.1/src/file.c
-+--- mc-4.6.1-old/src/file.c 2005-05-27 16:19:18.000000000 +0200
-++++ mc-4.6.1/src/file.c 2005-10-28 10:08:08.002206832 +0200
-+@@ -165,15 +165,20 @@
-+ do_transform_source (FileOpContext *ctx, const unsigned char *source)
-+ {
-+ size_t j, k, l, len;
-+- unsigned const char *fnsource = x_basename (source);
-++ unsigned const char *fnsource = g_strdup (x_basename (source));
-+ int next_reg;
-+ enum CaseConvs case_conv = NO_CONV;
-+ static unsigned char fntarget[MC_MAXPATHLEN];
-+
-++#ifdef UTF8
-++ fix_utf8(fnsource);
-++#endif
-++
-+ len = strlen (fnsource);
-+ j = re_match (&ctx->rx, fnsource, len, 0, &ctx->regs);
-+ if (j != len) {
-+ transform_error = FILE_SKIP;
-++ g_free(fnsource);
-+ return NULL;
-+ }
-+ for (next_reg = 1, j = 0, k = 0; j < strlen (ctx->dest_mask); j++) {
-+@@ -217,6 +222,7 @@
-+ || ctx->regs.start[next_reg] < 0) {
-+ message (1, MSG_ERROR, _(" Invalid target mask "));
-+ transform_error = FILE_ABORT;
-++ g_free(fnsource);
-+ return NULL;
-+ }
-+ for (l = (size_t) ctx->regs.start[next_reg];
-+@@ -231,6 +237,7 @@
-+ }
-+ }
-+ fntarget[k] = 0;
-++ g_free(fnsource);
-+ return fntarget;
-+ }
-+
-+diff -Naur mc-4.6.1-old/src/filegui.c mc-4.6.1/src/filegui.c
-+--- mc-4.6.1-old/src/filegui.c 2005-05-27 16:19:18.000000000 +0200
-++++ mc-4.6.1/src/filegui.c 2005-10-28 10:08:08.140185856 +0200
-+@@ -69,6 +69,7 @@
-+ #include "filegui.h"
-+ #include "key.h" /* get_event */
-+ #include "util.h" /* strip_password() */
-++#include "tty.h"
-+
-+ /* }}} */
-+
-+@@ -564,8 +565,8 @@
-+ * longest of "Overwrite..." labels
-+ * (assume "Target date..." are short enough)
-+ */
-+- l1 = max (strlen (rd_widgets[6].text),
-+- strlen (rd_widgets[11].text));
-++ l1 = max (mbstrlen (rd_widgets[6].text),
-++ mbstrlen (rd_widgets[11].text));
-+
-+ /* longest of button rows */
-+ i = sizeof (rd_widgets) / sizeof (rd_widgets[0]);
-+@@ -576,7 +577,7 @@
-+ l2 = max (l2, l);
-+ l = 0;
-+ }
-+- l += strlen (rd_widgets[i].text) + 4;
-++ l += mbstrlen (rd_widgets[i].text) + 4;
-+ }
-+ }
-+ l2 = max (l2, l); /* last row */
-+@@ -594,12 +595,12 @@
-+ l = l1;
-+ }
-+ rd_widgets[i].xpos = l;
-+- l += strlen (rd_widgets[i].text) + 4;
-++ l += mbstrlen (rd_widgets[i].text) + 4;
-+ }
-+ }
-+ /* Abort button is centered */
-+ rd_widgets[1].xpos =
-+- (rd_xlen - strlen (rd_widgets[1].text) - 3) / 2;
-++ (rd_xlen - mbstrlen (rd_widgets[1].text) - 3) / 2;
-+ }
-+ #endif /* ENABLE_NLS */
-+
-+@@ -618,7 +619,7 @@
-+
-+ ADD_RD_LABEL (ui, 0,
-+ name_trunc (ui->replace_filename,
-+- rd_trunc - strlen (rd_widgets[0].text)), 0);
-++ rd_trunc - mbstrlen (rd_widgets[0].text)), 0);
-+ ADD_RD_BUTTON (1);
-+
-+ ADD_RD_BUTTON (2);
-+@@ -805,36 +806,36 @@
-+ if (fmd_widgets[i].text[0] != '\0')
-+ fmd_widgets[i].text = _(fmd_widgets[i].text);
-+
-+- len = strlen (fmd_widgets[FMCB11].text)
-+- + strlen (fmd_widgets[FMCB21].text) + 15;
-++ len = mbstrlen (fmd_widgets[FMCB11].text)
-++ + mbstrlen (fmd_widgets[FMCB21].text) + 15;
-+ fmd_xlen = max (fmd_xlen, len);
-+
-+- len = strlen (fmd_widgets[FMCB12].text)
-+- + strlen (fmd_widgets[FMCB22].text) + 15;
-++ len = mbstrlen (fmd_widgets[FMCB12].text)
-++ + mbstrlen (fmd_widgets[FMCB22].text) + 15;
-+ fmd_xlen = max (fmd_xlen, len);
-+
-+- len = strlen (fmd_widgets[FMBRGT].text)
-+- + strlen (fmd_widgets[FMBLFT].text) + 11;
-++ len = mbstrlen (fmd_widgets[FMBRGT].text)
-++ + mbstrlen (fmd_widgets[FMBLFT].text) + 11;
-+
-+ #ifdef FMBMID
-+- len += strlen (fmd_widgets[FMBMID].text) + 6;
-++ len += mbstrlen (fmd_widgets[FMBMID].text) + 6;
-+ #endif
-+
-+ fmd_xlen = max (fmd_xlen, len + 4);
-+
-+ len = (fmd_xlen - (len + 6)) / 2;
-+ i = fmd_widgets[FMBLFT].relative_x = len + 3;
-+- i += strlen (fmd_widgets[FMBLFT].text) + 8;
-++ i += mbstrlen (fmd_widgets[FMBLFT].text) + 8;
-+
-+ #ifdef FMBMID
-+ fmd_widgets[FMBMID].relative_x = i;
-+- i += strlen (fmd_widgets[FMBMID].text) + 6;
-++ i += mbstrlen (fmd_widgets[FMBMID].text) + 6;
-+ #endif
-+
-+ fmd_widgets[FMBRGT].relative_x = i;
-+
-+ #define chkbox_xpos(i) \
-+- fmd_widgets [i].relative_x = fmd_xlen - strlen (fmd_widgets [i].text) - 6
-++ fmd_widgets [i].relative_x = fmd_xlen - mbstrlen (fmd_widgets [i].text) - 6
-+
-+ chkbox_xpos (FMCB0);
-+ chkbox_xpos (FMCB21);
-+@@ -856,7 +857,7 @@
-+
-+ char *
-+ file_mask_dialog (FileOpContext *ctx, FileOperation operation, const char *text,
-+- const char *def_text, int only_one, int *do_background)
-++ const char *def_text_orig, int only_one, int *do_background)
-+ {
-+ int source_easy_patterns = easy_patterns;
-+ char *source_mask, *orig_mask, *dest_dir, *tmpdest;
-+@@ -865,12 +866,20 @@
-+ struct stat buf;
-+ int val;
-+ QuickDialog Quick_input;
-+-
-++ char *def_text;
-+ g_return_val_if_fail (ctx != NULL, NULL);
-++
-++ def_text = g_strdup(def_text_orig);
-++
-+ #if 0
-+ message (1, __FUNCTION__, "text = `%s' \n def_text = `%s'", text,
-+ def_text);
-+ #endif
-++
-++#ifdef UTF8
-++ fix_utf8(def_text);
-++#endif
-++
-+ fmd_init_i18n (FALSE);
-+
-+ /* Set up the result pointers */
-+@@ -929,6 +938,7 @@
-+ orig_mask = source_mask;
-+ if (!dest_dir || !*dest_dir) {
-+ g_free (source_mask);
-++ g_free(def_text);
-+ return dest_dir;
-+ }
-+ if (source_easy_patterns) {
-+@@ -982,5 +992,6 @@
-+ }
-+ if (val == B_USER)
-+ *do_background = 1;
-++ g_free(def_text);
-+ return dest_dir;
-+ }
-+diff -Naur mc-4.6.1-old/src/find.c mc-4.6.1/src/find.c
-+--- mc-4.6.1-old/src/find.c 2005-05-27 16:19:18.000000000 +0200
-++++ mc-4.6.1/src/find.c 2005-10-28 10:08:08.049199688 +0200
-+@@ -205,7 +205,7 @@
-+ int l1, maxlen = 0;
-+
-+ while (i--) {
-+- l1 = strlen (labs[i] = _(labs[i]));
-++ l1 = mbstrlen (labs[i] = _(labs[i]));
-+ if (l1 > maxlen)
-+ maxlen = l1;
-+ }
-+@@ -214,7 +214,7 @@
-+ FIND_X = i;
-+
-+ for (i = sizeof (buts) / sizeof (buts[0]), l1 = 0; i--;) {
-+- l1 += strlen (buts[i] = _(buts[i]));
-++ l1 += mbstrlen (buts[i] = _(buts[i]));
-+ }
-+ l1 += 21;
-+ if (l1 > FIND_X)
-+@@ -223,8 +223,8 @@
-+ ilen = FIND_X - 7 - maxlen; /* for the case of very long buttons :) */
-+ istart = FIND_X - 3 - ilen;
-+
-+- b1 = b0 + strlen (buts[0]) + 7;
-+- b2 = FIND_X - (strlen (buts[2]) + 6);
-++ b1 = b0 + mbstrlen (buts[0]) + 7;
-++ b2 = FIND_X - (mbstrlen (buts[2]) + 6);
-+
-+ i18n_flag = 1;
-+ case_label = _(case_label);
-+@@ -813,7 +813,7 @@
-+ if (!i18n_flag) {
-+ register int i = sizeof (fbuts) / sizeof (fbuts[0]);
-+ while (i--)
-+- fbuts[i].len = strlen (fbuts[i].text = _(fbuts[i].text)) + 3;
-++ fbuts[i].len = mbstrlen (fbuts[i].text = _(fbuts[i].text)) + 3;
-+ fbuts[2].len += 2; /* DEFPUSH_BUTTON */
-+ i18n_flag = 1;
-+ }
-+diff -Naur mc-4.6.1-old/src/global.h mc-4.6.1/src/global.h
-+--- mc-4.6.1-old/src/global.h 2004-09-25 15:46:23.000000000 +0200
-++++ mc-4.6.1/src/global.h 2005-10-28 10:11:08.071832088 +0200
-+@@ -146,6 +146,13 @@
-+ # define N_(String) (String)
-+ #endif /* !ENABLE_NLS */
-+
-++#include <slang.h>
-++#if SLANG_VERSION >= 20000
-++#define UTF8 1
-++#define SLsmg_Is_Unicode SLsmg_is_utf8_mode()
-++void SLsmg_write_nwchars(wchar_t *s, size_t n);
-++#endif
-++
-+ #include "fs.h"
-+ #include "util.h"
-+
-+diff -Naur mc-4.6.1-old/src/help.c mc-4.6.1/src/help.c
-+--- mc-4.6.1-old/src/help.c 2005-05-27 16:19:18.000000000 +0200
-++++ mc-4.6.1/src/help.c 2005-10-28 10:09:53.961098632 +0200
-+@@ -445,10 +445,28 @@
-+ #ifndef HAVE_SLANG
-+ addch (acs_map [c]);
-+ #else
-++#if defined(UTF8) && SLANG_VERSION < 20000
-++ SLsmg_draw_object (h->y + line + 2, h->x + col + 2, acs_map [c]);
-++#else
-+ SLsmg_draw_object (h->y + line + 2, h->x + col + 2, c);
-++#endif /* UTF8 */
-+ #endif
-++ } else {
-++#ifdef UTF8
-++ if (SLsmg_Is_Unicode) {
-++ int len;
-++ mbstate_t mbs;
-++ wchar_t wc;
-++ memset (&mbs, 0, sizeof (mbs));
-++ len = mbrtowc(&wc, p, MB_CUR_MAX, &mbs);
-++ if (len <= 0) len = 1; /* skip broken multibyte chars */
-++
-++ SLsmg_write_char(wc);
-++ p += len - 1;
-+ } else
-++#endif
-+ addch (c);
-++ }
-+ col++;
-+ break;
-+ }
-+@@ -771,6 +789,12 @@
-+ message (1, MSG_ERROR, _(" Cannot open file %s \n %s "), filename ? filename : hlpfile,
-+ unix_error_string (errno));
-+ }
-++ else
-++ {
-++ char *conv = utf8_to_local(data);
-++ g_free(data);
-++ data = conv;
-++ }
-+
-+ if (!filename)
-+ g_free (hlpfile);
-+diff -Naur mc-4.6.1-old/src/hotlist.c mc-4.6.1/src/hotlist.c
-+--- mc-4.6.1-old/src/hotlist.c 2005-05-27 16:19:18.000000000 +0200
-++++ mc-4.6.1/src/hotlist.c 2005-10-28 10:08:07.918219600 +0200
-+@@ -555,7 +555,7 @@
-+
-+ row = hotlist_but [i].y;
-+ ++count [row];
-+- len [row] += strlen (hotlist_but [i].text) + 5;
-++ len [row] += mbstrlen (hotlist_but [i].text) + 5;
-+ if (hotlist_but [i].flags == DEFPUSH_BUTTON)
-+ len [row] += 2;
-+ }
-+@@ -580,12 +580,12 @@
-+ /* not first int the row */
-+ if (!strcmp (hotlist_but [i].text, cancel_but))
-+ hotlist_but [i].x =
-+- cols - strlen (hotlist_but [i].text) - 13;
-++ cols - mbstrlen (hotlist_but [i].text) - 13;
-+ else
-+ hotlist_but [i].x = cur_x [row];
-+ }
-+
-+- cur_x [row] += strlen (hotlist_but [i].text) + 2
-++ cur_x [row] += mbstrlen (hotlist_but [i].text) + 2
-+ + (hotlist_but [i].flags == DEFPUSH_BUTTON ? 5 : 3);
-+ }
-+ }
-+@@ -814,7 +814,7 @@
-+ for (i = 0; i < 3; i++)
-+ {
-+ qw [i].text = _(qw [i].text);
-+- l[i] = strlen (qw [i].text) + 3;
-++ l[i] = mbstrlen (qw [i].text) + 3;
-+ }
-+ space = (len - 4 - l[0] - l[1] - l[2]) / 4;
-+
-+@@ -860,7 +860,7 @@
-+ static int i18n_flag = 0;
-+ #endif /* ENABLE_NLS */
-+
-+- len = max (strlen (header), (size_t) msglen (text1, &lines1));
-++ len = max ((int) mbstrlen (header), (size_t) msglen (text1, &lines1));
-+ len = max (len, (size_t) msglen (text2, &lines2)) + 4;
-+ len = max (len, 64);
-+
-+@@ -955,7 +955,7 @@
-+ static int i18n_flag = 0;
-+ #endif /* ENABLE_NLS */
-+
-+- len = max (strlen (header), (size_t) msglen (label, &lines)) + 4;
-++ len = max ((int) mbstrlen (header), (size_t) msglen (label, &lines)) + 4;
-+ len = max (len, 64);
-+
-+ #ifdef ENABLE_NLS
-+@@ -1011,7 +1011,7 @@
-+ {
-+ char *prompt, *label;
-+ const char *cp = _("Label for \"%s\":");
-+- int l = strlen (cp);
-++ int l = mbstrlen (cp);
-+ char *label_string = g_strdup (current_panel->cwd);
-+
-+ strip_password (label_string, 1);
-+diff -Naur mc-4.6.1-old/src/layout.c mc-4.6.1/src/layout.c
-+--- mc-4.6.1-old/src/layout.c 2005-05-27 16:19:18.000000000 +0200
-++++ mc-4.6.1/src/layout.c 2005-10-28 10:08:07.947215192 +0200
-+@@ -362,36 +362,36 @@
-+
-+ while (i--) {
-+ s_split_direction[i] = _(s_split_direction[i]);
-+- l1 = strlen (s_split_direction[i]) + 7;
-++ l1 = mbstrlen (s_split_direction[i]) + 7;
-+ if (l1 > first_width)
-+ first_width = l1;
-+ }
-+
-+ for (i = 0; i <= 8; i++) {
-+ check_options[i].text = _(check_options[i].text);
-+- l1 = strlen (check_options[i].text) + 7;
-++ l1 = mbstrlen (check_options[i].text) + 7;
-+ if (l1 > first_width)
-+ first_width = l1;
-+ }
-+
-+- l1 = strlen (title1) + 1;
-++ l1 = mbstrlen (title1) + 1;
-+ if (l1 > first_width)
-+ first_width = l1;
-+
-+- l1 = strlen (title2) + 1;
-++ l1 = mbstrlen (title2) + 1;
-+ if (l1 > first_width)
-+ first_width = l1;
-+
-+
-+- second_width = strlen (title3) + 1;
-++ second_width = mbstrlen (title3) + 1;
-+ for (i = 0; i < 6; i++) {
-+ check_options[i].text = _(check_options[i].text);
-+- l1 = strlen (check_options[i].text) + 7;
-++ l1 = mbstrlen (check_options[i].text) + 7;
-+ if (l1 > second_width)
-+ second_width = l1;
-+ }
-+ if (console_flag) {
-+- l1 = strlen (output_lines_label) + 13;
-++ l1 = mbstrlen (output_lines_label) + 13;
-+ if (l1 > second_width)
-+ second_width = l1;
-+ }
-+@@ -405,14 +405,14 @@
-+ *
-+ * Now the last thing to do - properly space buttons...
-+ */
-+- l1 = 11 + strlen (ok_button) /* 14 - all brackets and inner space */
-+- +strlen (save_button) /* notice: it is 3 char less because */
-+- +strlen (cancel_button); /* of '&' char in button text */
-++ l1 = 11 + mbstrlen (ok_button) /* 14 - all brackets and inner space */
-++ +mbstrlen (save_button) /* notice: it is 3 char less because */
-++ +mbstrlen (cancel_button); /* of '&' char in button text */
-+
-+ i = (first_width + second_width - l1) / 4;
-+ b1 = 5 + i;
-+- b2 = b1 + strlen (ok_button) + i + 6;
-+- b3 = b2 + strlen (save_button) + i + 4;
-++ b2 = b1 + mbstrlen (ok_button) + i + 6;
-++ b3 = b2 + mbstrlen (save_button) + i + 4;
-+
-+ i18n_layt_flag = 1;
-+ }
-+@@ -684,7 +684,7 @@
-+ panel_do_cols (0);
-+ panel_do_cols (1);
-+
-+- promptl = strlen (prompt);
-++ promptl = mbstrlen (prompt);
-+
-+ widget_set_size (&the_menubar->widget, 0, 0, 1, COLS);
-+
-+diff -Naur mc-4.6.1-old/src/learn.c mc-4.6.1/src/learn.c
-+--- mc-4.6.1-old/src/learn.c 2005-05-27 16:19:18.000000000 +0200
-++++ mc-4.6.1/src/learn.c 2005-10-28 10:08:07.787239512 +0200
-+@@ -236,7 +236,7 @@
-+ learn_but[0].x = 78 / 2 + 4;
-+
-+ learn_but[1].text = _(learn_but[1].text);
-+- learn_but[1].x = 78 / 2 - (strlen (learn_but[1].text) + 9);
-++ learn_but[1].x = 78 / 2 - (mbstrlen (learn_but[1].text) + 9);
-+
-+ learn_title = _(learn_title);
-+ i18n_flag = 1;
-+diff -Naur mc-4.6.1-old/src/main.c mc-4.6.1/src/main.c
-+--- mc-4.6.1-old/src/main.c 2005-07-23 18:52:02.000000000 +0200
-++++ mc-4.6.1/src/main.c 2005-10-28 10:08:07.816235104 +0200
-+@@ -1609,7 +1609,11 @@
-+ if (xterm_flag && xterm_title) {
-+ p = s = g_strdup (strip_home_and_password (current_panel->cwd));
-+ do {
-++#ifndef UTF8
-+ if (!is_printable (*s))
-++#else /* UTF8 */
-++ if (*s < ' ')
-++#endif /* UTF8 */
-+ *s = '?';
-+ } while (*++s);
-+ fprintf (stdout, "\33]0;mc - %s\7", p);
-+diff -Naur mc-4.6.1-old/src/menu.c mc-4.6.1/src/menu.c
-+--- mc-4.6.1-old/src/menu.c 2005-05-27 16:19:18.000000000 +0200
-++++ mc-4.6.1/src/menu.c 2005-10-28 10:08:08.110190416 +0200
-+@@ -20,6 +20,8 @@
-+ #include <stdarg.h>
-+ #include <sys/types.h>
-+ #include <ctype.h>
-++#include <wchar.h>
-++
-+ #include "global.h"
-+ #include "tty.h"
-+ #include "menu.h"
-+@@ -50,33 +52,96 @@
-+ {
-+ Menu *menu;
-+ const char *cp;
-++ int wlen = 0;
-++ mbstate_t s;
-+
-+ menu = (Menu *) g_malloc (sizeof (*menu));
-+ menu->count = count;
-+ menu->max_entry_len = 20;
-+ menu->entries = entries;
-++ menu->name = g_strdup (name);
-++ menu_scan_hotkey (menu);
-++#ifdef UTF8
-++ menu->wentries = NULL;
-++ menu->wname = NULL;
-++ if (SLsmg_Is_Unicode) {
-++ const char *str = menu->name;
-++ memset (&s, 0, sizeof (s));
-++ wlen = mbsrtowcs (NULL, &str, -1, &s);
-++ if (wlen > 0)
-++ ++wlen;
-++ else {
-++ wlen = 0;
-++ memset (&s, 0, sizeof (s));
-++ }
-++ }
-++#endif
-+
-+ if (entries != (menu_entry*) NULL) {
-+ register menu_entry* mp;
-+ for (mp = entries; count--; mp++) {
-+ if (mp->text[0] != '\0') {
-++ int len;
-+ #ifdef ENABLE_NLS
-+ mp->text = _(mp->text);
-+ #endif /* ENABLE_NLS */
-+ cp = strchr (mp->text,'&');
-+
-++#ifdef UTF8
-++ if (SLsmg_Is_Unicode) {
-++ len = mbstrlen(mp->text) + 1;
-++ wlen += len;
-++ menu->max_entry_len = max (len - 1, menu->max_entry_len);
-++ } else
-++#endif
-++ len = strlen (mp->text);
-++
-+ if (cp != NULL && *(cp+1) != '\0') {
-+ mp->hot_key = tolower (*(cp+1));
-+- menu->max_entry_len = max ((int) (strlen (mp->text) - 1),
-+- menu->max_entry_len);
-++ menu->max_entry_len = max (len - 1, menu->max_entry_len);
-+ } else {
-+- menu->max_entry_len = max ((int) strlen (mp->text),
-+- menu->max_entry_len);
-++ menu->max_entry_len = max (len, menu->max_entry_len);
-+ }
-+ }
-+ }
-+ }
-+
-++#ifdef UTF8
-++ if (wlen) {
-++ wchar_t *wp;
-++ const char *str;
-++ int len;
-++
-++ menu->wentries = (wchar_t **)
-++ g_malloc (sizeof (wchar_t *) * menu->count
-++ + wlen * sizeof (wchar_t));
-++ wp = (wchar_t *) (menu->wentries + menu->count);
-++ str = menu->name;
-++ len = mbsrtowcs (wp, &str, wlen, &s);
-++ if (len > 0) {
-++ menu->wname = wp;
-++ wlen -= len + 1;
-++ wp += len + 1;
-++ } else
-++ memset (&s, 0, sizeof (s));
-++ if (menu->entries != NULL)
-++ for (count = 0; count < menu->count; ++count)
-++ if (menu->entries[count].text[0] != '\0') {
-++ str = menu->entries[count].text;
-++ menu->wentries[count] = wp;
-++ len = mbsrtowcs (wp, &str, wlen, &s);
-++ if (len > 0) {
-++ wlen -= len + 1;
-++ wp += len + 1;
-++ } else {
-++ memset (&s, 0, sizeof (s));
-++ *wp++ = L'\0';
-++ --wlen;
-++ }
-++ }
-++ }
-++#endif
-++
-+ menu->name = g_strdup (name);
-+ menu_scan_hotkey(menu);
-+ menu->start_x = 0;
-+@@ -109,8 +174,26 @@
-+ const unsigned char *text;
-+
-+ addch((unsigned char)menu->entries [idx].first_letter);
-+- for (text = menu->entries [idx].text; *text; text++)
-+- {
-++#ifdef UTF8
-++ if (menu->wentries) {
-++ wchar_t *wtext, *wp;
-++
-++ for (wtext = wp = menu->wentries [idx]; *wtext; wtext++) {
-++ if (*wtext == L'&') {
-++ if (wtext > wp)
-++ SLsmg_write_nwchars (wp, wtext - wp);
-++ attrset (color == MENU_SELECTED_COLOR ?
-++ MENU_HOTSEL_COLOR : MENU_HOT_COLOR);
-++ SLsmg_write_nwchars (++wtext, 1);
-++ attrset (color);
-++ wp = wtext + 1;
-++ }
-++ }
-++ if (wtext > wp)
-++ SLsmg_write_nwchars (wp, wtext - wp);
-++ } else
-++#endif
-++ for (text = menu->entries [idx].text; *text; text++) {
-+ if (*text != '&')
-+ addch(*text);
-+ else {
-+@@ -119,7 +202,7 @@
-+ addch(*(++text));
-+ attrset(color);
-+ }
-+- }
-++ }
-+ }
-+ widget_move (&menubar->widget, y, x + 1);
-+ }
-+@@ -167,7 +250,13 @@
-+ if (menubar->active)
-+ attrset(i == menubar->selected?MENU_SELECTED_COLOR:SELECTED_COLOR);
-+ widget_move (&menubar->widget, 0, menubar->menu [i]->start_x);
-+- printw ("%s", menubar->menu [i]->name);
-++#ifdef UTF8
-++ if (menubar->menu [i]->wname)
-++ SLsmg_write_nwchars (menubar->menu [i]->wname,
-++ wcslen (menubar->menu [i]->wname));
-++ else
-++#endif
-++ printw ("%s", menubar->menu [i]->name);
-+ }
-+
-+ if (menubar->dropped)
-+@@ -489,7 +578,13 @@
-+
-+ for (i = 0; i < items; i++)
-+ {
-+- int len = strlen(menubar->menu[i]->name);
-++ int len;
-++#ifdef UTF8
-++ if (menubar->menu[i]->wname)
-++ len = wcslen (menubar->menu[i]->wname);
-++ else
-++#endif
-++ len = strlen(menubar->menu[i]->name);
-+ menubar->menu[i]->start_x = start_x;
-+ start_x += len + gap;
-+ }
-+@@ -502,7 +597,13 @@
-+ for (i = 0; i < items; i++)
-+ {
-+ /* preserve length here, to be used below */
-+- gap -= (menubar->menu[i]->start_x = strlen(menubar->menu[i]->name));
-++#ifdef UTF8
-++ if (menubar->menu[i]->wname)
-++ menubar->menu[i]->start_x = wcslen (menubar->menu[i]->wname);
-++ else
-++#endif
-++ menubar->menu[i]->start_x = strlen (menubar->menu[i]->name);
-++ gap -= menubar->menu[i]->start_x;
-+ }
-+
-+ gap /= (items - 1);
-+@@ -526,6 +627,9 @@
-+ void
-+ destroy_menu (Menu *menu)
-+ {
-++#ifdef UTF8
-++ g_free (menu->wentries);
-++#endif
-+ g_free (menu->name);
-+ g_free (menu->help_node);
-+ g_free (menu);
-+diff -Naur mc-4.6.1-old/src/menu.h mc-4.6.1/src/menu.h
-+--- mc-4.6.1-old/src/menu.h 2004-09-18 16:30:59.000000000 +0200
-++++ mc-4.6.1/src/menu.h 2005-10-28 10:08:07.949214888 +0200
-+@@ -21,6 +21,8 @@
-+ menu_entry *entries;
-+ int start_x; /* position relative to menubar start */
-+ char *help_node;
-++ wchar_t **wentries;
-++ wchar_t *wname;
-+ } Menu;
-+
-+ extern int menubar_visible;
-+diff -Naur mc-4.6.1-old/src/myslang.h mc-4.6.1/src/myslang.h
-+--- mc-4.6.1-old/src/myslang.h 2004-10-12 06:32:04.000000000 +0200
-++++ mc-4.6.1/src/myslang.h 2005-10-28 10:08:07.831232824 +0200
-+@@ -11,6 +11,10 @@
-+ #endif /* HAVE_SLANG_SLANG_H */
-+ #endif
-+
-++#ifdef UTF8
-++# include <wchar.h>
-++#endif
-++
-+ enum {
-+ KEY_BACKSPACE = 400,
-+ KEY_END, KEY_UP, KEY_DOWN, KEY_LEFT, KEY_RIGHT,
-+diff -Naur mc-4.6.1-old/src/option.c mc-4.6.1/src/option.c
-+--- mc-4.6.1-old/src/option.c 2005-05-27 16:19:18.000000000 +0200
-++++ mc-4.6.1/src/option.c 2005-10-28 10:08:08.121188744 +0200
-+@@ -124,12 +124,12 @@
-+ title2 = _(" Pause after run... ");
-+ title3 = _(" Other options ");
-+
-+- first_width = strlen (title1) + 1;
-+- second_width = strlen (title3) + 1;
-++ first_width = mbstrlen (title1) + 1;
-++ second_width = mbstrlen (title3) + 1;
-+
-+ for (i = 0; check_options[i].text; i++) {
-+ check_options[i].text = _(check_options[i].text);
-+- l1 = strlen (check_options[i].text) + 7;
-++ l1 = mbstrlen (check_options[i].text) + 7;
-+ if (i >= OTHER_OPTIONS) {
-+ if (l1 > first_width)
-+ first_width = l1;
-+@@ -142,23 +142,23 @@
-+ i = PAUSE_OPTIONS;
-+ while (i--) {
-+ pause_options[i] = _(pause_options[i]);
-+- l1 = strlen (pause_options[i]) + 7;
-++ l1 = mbstrlen (pause_options[i]) + 7;
-+ if (l1 > first_width)
-+ first_width = l1;
-+ }
-+
-+- l1 = strlen (title2) + 1;
-++ l1 = mbstrlen (title2) + 1;
-+ if (l1 > first_width)
-+ first_width = l1;
-+
-+- l1 = 11 + strlen (ok_button)
-+- + strlen (save_button)
-+- + strlen (cancel_button);
-++ l1 = 11 + mbstrlen (ok_button)
-++ + mbstrlen (save_button)
-++ + mbstrlen (cancel_button);
-+
-+ i = (first_width + second_width - l1) / 4;
-+ b1 = 5 + i;
-+- b2 = b1 + strlen (ok_button) + i + 6;
-+- b3 = b2 + strlen (save_button) + i + 4;
-++ b2 = b1 + mbstrlen (ok_button) + i + 6;
-++ b3 = b2 + mbstrlen (save_button) + i + 4;
-+
-+ i18n_config_flag = 1;
-+ }
-+diff -Naur mc-4.6.1-old/src/panelize.c mc-4.6.1/src/panelize.c
-+--- mc-4.6.1-old/src/panelize.c 2005-05-27 16:19:18.000000000 +0200
-++++ mc-4.6.1/src/panelize.c 2005-10-28 10:08:07.933217320 +0200
-+@@ -127,7 +127,7 @@
-+ i = sizeof (panelize_but) / sizeof (panelize_but[0]);
-+ while (i--) {
-+ panelize_but[i].text = _(panelize_but[i].text);
-+- maxlen += strlen (panelize_but[i].text) + 5;
-++ maxlen += mbstrlen (panelize_but[i].text) + 5;
-+ }
-+ maxlen += 10;
-+
-+@@ -136,11 +136,11 @@
-+ panelize_cols = max (panelize_cols, maxlen);
-+
-+ panelize_but[2].x =
-+- panelize_but[3].x + strlen (panelize_but[3].text) + 7;
-++ panelize_but[3].x + mbstrlen (panelize_but[3].text) + 7;
-+ panelize_but[1].x =
-+- panelize_but[2].x + strlen (panelize_but[2].text) + 5;
-++ panelize_but[2].x + mbstrlen (panelize_but[2].text) + 5;
-+ panelize_but[0].x =
-+- panelize_cols - strlen (panelize_but[0].text) - 8 - BX;
-++ panelize_cols - mbstrlen (panelize_but[0].text) - 8 - BX;
-+
-+ #endif /* ENABLE_NLS */
-+
-+diff -Naur mc-4.6.1-old/src/screen.c mc-4.6.1/src/screen.c
-+--- mc-4.6.1-old/src/screen.c 2005-05-27 16:19:18.000000000 +0200
-++++ mc-4.6.1/src/screen.c 2005-10-28 10:08:07.987209112 +0200
-+@@ -169,22 +169,59 @@
-+ static const char *
-+ string_file_name (file_entry *fe, int len)
-+ {
-+- static char buffer [BUF_SMALL];
-+ size_t i;
-++#ifdef UTF8
-++ static char buffer [BUF_SMALL * 4];
-++ mbstate_t s;
-++ int mbmax = MB_CUR_MAX;
-++ const char *str = fe->fname;
-+
-+- for (i = 0; i < sizeof(buffer) - 1; i++) {
-+- char c;
-++ memset (&s, 0, sizeof (s));
-++#else
-++ static char buffer [BUF_SMALL];
-++#endif
-+
-+- c = fe->fname[i];
-++#ifdef UTF8
-++ if (SLsmg_Is_Unicode)
-++ for (i = 0; i < sizeof (buffer) - 1; i++) {
-++ wchar_t wc;
-++ int len;
-+
-+- if (!c)
-+- break;
-++ len = mbrtowc (&wc, str, mbmax, &s);
-++ if (!len)
-++ break;
-++ if (len < 0) {
-++ memset (&s, 0, sizeof (s));
-++ buffer[i] = '?';
-++ str++;
-++ continue;
-++ }
-++ if (!is_printable (wc)) {
-++ buffer[i] = '?';
-++ str++;
-++ continue;
-++ }
-++ if (i >= sizeof (buffer) - len)
-++ break;
-++ memcpy (buffer + i, str, len);
-++ i += len - 1;
-++ str += len;
-++ }
-++ else
-++#endif
-++ for (i = 0; i < sizeof(buffer) - 1; i++) {
-++ char c;
-+
-+- if (!is_printable(c))
-+- c = '?';
-++ c = fe->fname[i];
-+
-+- buffer[i] = c;
-+- }
-++ if (!c)
-++ break;
-++
-++ if (!is_printable(c))
-++ c = '?';
-++
-++ buffer[i] = c;
-++ }
-+
-+ buffer[i] = 0;
-+ return buffer;
-+@@ -425,42 +462,6 @@
-+ { "dot", 1, 0, J_RIGHT, " ", 0, string_dot, NULL },
-+ };
-+
-+-static char *
-+-to_buffer (char *dest, int just_mode, int len, const char *txt)
-+-{
-+- int txtlen = strlen (txt);
-+- int still, over;
-+-
-+- /* Fill buffer with spaces */
-+- memset (dest, ' ', len);
-+-
-+- still = (over=(txtlen > len)) ? (txtlen - len) : (len - txtlen);
-+-
-+- switch (HIDE_FIT(just_mode)){
-+- case J_LEFT:
-+- still = 0;
-+- break;
-+- case J_CENTER:
-+- still /= 2;
-+- break;
-+- case J_RIGHT:
-+- default:
-+- break;
-+- }
-+-
-+- if (over){
-+- if (IS_FIT(just_mode))
-+- strcpy (dest, name_trunc(txt, len));
-+- else
-+- strncpy (dest, txt+still, len);
-+- } else
-+- strncpy (dest+still, txt, txtlen);
-+-
-+- dest[len] = '\0';
-+-
-+- return (dest + len);
-+-}
-+-
-+ static int
-+ file_compute_color (int attr, file_entry *fe)
-+ {
-+@@ -514,14 +515,18 @@
-+
-+ /* Formats the file number file_index of panel in the buffer dest */
-+ static void
-+-format_file (char *dest, int limit, WPanel *panel, int file_index, int width, int attr, int isstatus)
-++format_file (WPanel *panel, int file_index, int width, int attr, int isstatus)
-+ {
-+ int color, length, empty_line;
-+ const char *txt;
-+- char *old_pos;
-+- char *cdest = dest;
-+ format_e *format, *home;
-+ file_entry *fe;
-++#ifdef UTF8
-++ char buffer[BUF_MEDIUM * sizeof (wchar_t)];
-++#else
-++ char buffer[BUF_MEDIUM];
-++#endif
-++ int txtwidth;
-+
-+ length = 0;
-+ empty_line = (file_index >= panel->count);
-+@@ -539,34 +544,137 @@
-+ break;
-+
-+ if (format->string_fn){
-+- int len;
-++ int len, still, over, perm, txtlen, wide;
-+
-+ if (empty_line)
-+ txt = " ";
-+ else
-+ txt = (*format->string_fn)(fe, format->field_len);
-+
-+- old_pos = cdest;
-+-
-+ len = format->field_len;
-+ if (len + length > width)
-+ len = width - length;
-+- if (len + (cdest - dest) > limit)
-+- len = limit - (cdest - dest);
-++ if (len >= BUF_MEDIUM)
-++ len = BUF_MEDIUM - 1;
-+ if (len <= 0)
-+ break;
-+- cdest = to_buffer (cdest, format->just_mode, len, txt);
-+- length += len;
-+
-+- attrset (color);
-++ perm = 0;
-++ if (permission_mode) {
-++ if (!strcmp(format->id, "perm"))
-++ perm = 1;
-++ else if (!strcmp(format->id, "mode"))
-++ perm = 2;
-++ }
-++
-++ wide = 0;
-++#ifdef UTF8
-++ if (SLsmg_Is_Unicode && !empty_line && !perm) {
-++ mbstate_t s;
-++ const char *str = txt;
-++
-++ memset (&s, 0, sizeof (s));
-++ txtlen = mbsrtowcs ((wchar_t *) buffer, &str,
-++ sizeof (buffer) / sizeof (wchar_t), &s);
-++ if (txtlen < 0) {
-++ txt = " ";
-++ txtlen = 1;
-++ } else {
-++ wide = 1;
-++ txtwidth = wcswidth((wchar_t*)buffer, txtlen);
-++ }
-++ } else
-++#endif
-++ {
-++ txtlen = strlen (txt);
-++ txtwidth = txtlen;
-++ }
-++
-++ over = txtwidth > len;
-++ still = over ? txtlen - len : len - txtlen;
-+
-+- if (permission_mode && !strcmp(format->id, "perm"))
-+- add_permission_string (old_pos, format->field_len, fe, attr, color, 0);
-+- else if (permission_mode && !strcmp(format->id, "mode"))
-+- add_permission_string (old_pos, format->field_len, fe, attr, color, 1);
-+- else
-+- addstr (old_pos);
-++ switch (HIDE_FIT(format->just_mode)) {
-++ case J_LEFT:
-++ still = 0;
-++ break;
-++ case J_CENTER:
-++ still /= 2;
-++ break;
-++ case J_RIGHT:
-++ default:
-++ break;
-++ }
-++
-++ attrset (color);
-++
-++ if (wide) {
-++#ifdef UTF8
-++ if (over) {
-++ if (IS_FIT (format->just_mode)) {
-++ int n1 = 0;
-++ int width1 = 0;
-++ int n2 = 0;
-++ int width2 = 0;
-++ int len1 = len / 2;
-++ int len2;
-++
-++ while (1) {
-++ int w = wcwidth(((wchar_t *) buffer)[n1]);
-++ if (width1 + w <= len1) {
-++ width1 += w;
-++ n1++;
-++ }
-++ else
-++ break;
-++ }
-++ len2 = len - width1 - 1;
-++
-++ while (1) {
-++ int w = wcwidth(((wchar_t *) buffer)[txtlen - n2 - 1]);
-++ if (width2 + w <= len2) {
-++ width2 += w;
-++ n2++;
-++ }
-++ else
-++ break;
-++ }
-++
-++
-++ SLsmg_write_nwchars ((wchar_t *) buffer, n1);
-++ SLsmg_write_nwchars (L"~", 1);
-++ printw ("%*s", len - width1 - width2 - 1, "");
-++ SLsmg_write_nwchars (((wchar_t *) buffer)
-++ + txtlen - n2, n2);
-++ } else
-++ SLsmg_write_nwchars ((wchar_t *) buffer, len);
-++ } else {
-++ printw ("%*s", still, "");
-++ SLsmg_write_nwchars ((wchar_t *) buffer, txtlen);
-++ printw ("%*s", len - txtwidth - still, "");
-++ }
-++#endif
-++ } else {
-++ if (over) {
-++ if (IS_FIT (format->just_mode))
-++ strcpy (buffer, name_trunc(txt, len));
-++ else
-++ memcpy (buffer, txt + still, len);
-++ } else {
-++ memset (buffer, ' ', still);
-++ memcpy (buffer + still, txt, txtlen);
-++ memset (buffer + still + txtlen, ' ',
-++ len - txtlen - still);
-++ }
-++ buffer[len] = '\0';
-+
-++ if (perm)
-++ add_permission_string (buffer, format->field_len, fe,
-++ attr, color, perm - 1);
-++ else
-++ addstr (buffer);
-++ }
-++
-++ length += len;
-+ } else {
-+ if (attr == SELECTED || attr == MARKED_SELECTED)
-+ attrset (SELECTED_COLOR);
-+@@ -589,7 +697,6 @@
-+ {
-+ int second_column = 0;
-+ int width, offset;
-+- char buffer [BUF_MEDIUM];
-+
-+ offset = 0;
-+ if (!isstatus && panel->split){
-+@@ -618,7 +725,7 @@
-+ widget_move (&panel->widget, file_index - panel->top_file + 2, 1);
-+ }
-+
-+- format_file (buffer, sizeof(buffer), panel, file_index, width, attr, isstatus);
-++ format_file (panel, file_index, width, attr, isstatus);
-+
-+ if (!isstatus && panel->split){
-+ if (second_column)
-+@@ -1068,6 +1175,12 @@
-+ int side, width;
-+
-+ const char *txt;
-++#ifdef UTF8
-++ char buffer[30 * sizeof (wchar_t)];
-++ mbstate_t s;
-++
-++ memset (&s, 0, sizeof (s));
-++#endif
-+ if (!panel->split)
-+ adjust_top_file (panel);
-+
-+@@ -1092,16 +1205,37 @@
-+ if (format->string_fn){
-+ txt = format->title;
-+
-++ attrset (MARKED_COLOR);
-++ width -= format->field_len;
-++#ifdef UTF8
-++ if (SLsmg_Is_Unicode) {
-++ const char *str = txt;
-++ header_len = mbsrtowcs ((wchar_t *) buffer, &str,
-++ sizeof (buffer) / sizeof (wchar_t),
-++ &s);
-++ if (header_len < 0) {
-++ memset (&s, 0, sizeof (s));
-++ printw ("%*s", format->field_len, "");
-++ continue;
-++ }
-++ if (header_len > format->field_len)
-++ header_len = format->field_len;
-++ spaces = (format->field_len - header_len) / 2;
-++ extra = (format->field_len - header_len) % 2;
-++ printw ("%*s", spaces, "");
-++ SLsmg_write_nwchars ((wchar_t *) buffer, header_len);
-++ printw ("%*s", spaces + extra, "");
-++ continue;
-++ }
-++#endif
-+ header_len = strlen (txt);
-+ if (header_len > format->field_len)
-+ header_len = format->field_len;
-+
-+- attrset (MARKED_COLOR);
-+ spaces = (format->field_len - header_len) / 2;
-+ extra = (format->field_len - header_len) % 2;
-+ printw ("%*s%.*s%*s", spaces, "",
-+ header_len, txt, spaces+extra, "");
-+- width -= 2 * spaces + extra + header_len;
-+ } else {
-+ attrset (NORMAL_COLOR);
-+ one_vline ();
-+diff -Naur mc-4.6.1-old/src/slint.c mc-4.6.1/src/slint.c
-+--- mc-4.6.1-old/src/slint.c 2005-05-27 16:19:18.000000000 +0200
-++++ mc-4.6.1/src/slint.c 2005-10-28 10:08:35.422038384 +0200
-+@@ -180,6 +180,9 @@
-+ struct sigaction act, oact;
-+
-+ SLtt_get_terminfo ();
-++#if SLANG_VERSION >= 20000
-++ SLutf8_enable (-1);
-++#endif
-+
-+ /*
-+ * If the terminal in not in terminfo but begins with a well-known
-+diff -Naur mc-4.6.1-old/src/util.c mc-4.6.1/src/util.c
-+--- mc-4.6.1-old/src/util.c 2005-05-27 16:19:18.000000000 +0200
-++++ mc-4.6.1/src/util.c 2005-10-28 10:19:11.683311968 +0200
-+@@ -32,7 +32,11 @@
-+ #include <stdarg.h>
-+ #include <string.h>
-+ #include <ctype.h>
-++#include <iconv.h>
-++#include <langinfo.h>
-++#include <errno.h>
-+
-++#include "tty.h"
-+ #include "global.h"
-+ #include "profile.h"
-+ #include "main.h" /* mc_home */
-+@@ -44,9 +48,22 @@
-+ #include "charsets.h"
-+ #endif
-+
-++#ifdef UTF8
-++#include <wctype.h>
-++#include <wchar.h>
-++#endif
-++
-+ static const char app_text [] = "Midnight-Commander";
-+ int easy_patterns = 1;
-+
-++#if SLANG_VERSION >= 20000
-++void SLsmg_write_nwchars(wchar_t *s, size_t n)
-++{
-++ while(n--)
-++ SLsmg_write_char(*s++);
-++}
-++#endif
-++
-+ extern void str_replace(char *s, char from, char to)
-+ {
-+ for (; *s != '\0'; s++) {
-+@@ -77,9 +94,106 @@
-+ return (c > 31 && c != 127 && c != 155);
-+ }
-+
-++size_t
-++mbstrlen (const char *str)
-++{
-++#ifdef UTF8
-++ if (SLsmg_Is_Unicode) {
-++ size_t width = 0;
-++
-++ for (; *str; str++) {
-++ wchar_t c;
-++ size_t len;
-++
-++ len = mbrtowc (&c, str, MB_CUR_MAX, NULL);
-++
-++ if (len == (size_t)(-1) || len == (size_t)(-2)) break;
-++
-++ if (len > 0) {
-++ int wcsize = wcwidth(c);
-++ width += wcsize > 0 ? wcsize : 0;
-++ str += len-1;
-++ }
-++ }
-++
-++ return width;
-++ } else
-++#endif
-++ return strlen (str);
-++}
-++
-++#ifdef UTF8
-++
-++void
-++fix_utf8(char *str)
-++{
-++ mbstate_t mbs;
-++
-++ char *p = str;
-++
-++ while (*p) {
-++ int len;
-++ memset (&mbs, 0, sizeof (mbs));
-++ len = mbrlen(p, MB_CUR_MAX, &mbs);
-++ if (len == -1) {
-++ *p = '?';
-++ p++;
-++ } else if (len > 0) {
-++ p += len;
-++ } else {
-++ p++;
-++ }
-++ }
-++}
-++#endif
-++
-++
-++
-++#ifdef UTF8
-++wchar_t *
-++mbstr_to_wchar (const char *str)
-++{
-++ int len = mbstrlen(str);
-++ wchar_t *buf = g_malloc((len+1) * sizeof(wchar_t));
-++ mbstate_t mbs;
-++ memset (&mbs, 0, sizeof (mbs));
-++ mbsrtowcs (buf, &str, len, &mbs);
-++ buf[len] = 0;
-++ return buf;
-++}
-++
-++char *
-++wchar_to_mbstr (const wchar_t *wstr)
-++{
-++ mbstate_t mbs;
-++ const wchar_t *wstr2;
-++ char * string;
-++ int len;
-++
-++ memset (&mbs, 0, sizeof (mbs));
-++ wstr2 = wstr;
-++ len = wcsrtombs(NULL, &wstr2, 0, &mbs);
-++ if (len <= 0)
-++ return NULL;
-++
-++ string = g_malloc(len + 1);
-++
-++ wstr2 = wstr;
-++ wcsrtombs(string, &wstr2, len, &mbs);
-++ string[len] = 0;
-++ return string;
-++}
-++#endif
-++
-++
-++
-+ int
-+ is_printable (int c)
-+ {
-++#ifdef UTF8
-++ if (SLsmg_Is_Unicode)
-++ return iswprint (c);
-++#endif
-+ c &= 0xff;
-+
-+ #ifdef HAVE_CHARSET
-+@@ -97,7 +211,7 @@
-+ #endif /* !HAVE_CHARSET */
-+ }
-+
-+-/* Returns the message dimensions (lines and columns) */
-++/* Returns the message dimensions columns */
-+ int msglen (const char *text, int *lines)
-+ {
-+ int max = 0;
-+@@ -108,8 +222,18 @@
-+ line_len = 0;
-+ (*lines)++;
-+ } else {
-+- line_len++;
-+- if (line_len > max)
-++#ifdef UTF8
-++ size_t len;
-++ wchar_t c;
-++
-++ len = mbrtowc (&c, text, MB_CUR_MAX, NULL);
-++ if (len > 0 && len != (size_t)(-1) && len != (size_t)(-2)) {
-++ int wcsize = wcwidth(c);
-++ line_len += wcsize > 0 ? wcsize-1 : -1;
-++ text += len-1;
-++ }
-++#endif
-++ if (++line_len > max)
-+ max = line_len;
-+ }
-+ }
-+@@ -201,7 +325,24 @@
-+ *d++ = '\\';
-+ break;
-+ }
-++#ifndef UTF8
-+ *d = *s;
-++#else /* UTF8 */
-++ {
-++ mbstate_t mbs;
-++ int len;
-++ memset (&mbs, 0, sizeof (mbs));
-++ len = mbrlen(s, MB_CUR_MAX, &mbs);
-++ if (len > 0) {
-++ while (len-- > 1)
-++ *d++ = *s++;
-++ *d = *s;
-++ } else {
-++ *d = '?';
-++ }
-++
-++ }
-++#endif /* UTF8 */
-+ }
-+ *d = '\0';
-+ return ret;
-+@@ -222,25 +363,90 @@
-+ name_trunc (const char *txt, int trunc_len)
-+ {
-+ static char x[MC_MAXPATHLEN + MC_MAXPATHLEN];
-+- int txt_len;
-++ int txt_len, first, skip;
-+ char *p;
-++ const char *str;
-+
-+ if ((size_t) trunc_len > sizeof (x) - 1) {
-+ trunc_len = sizeof (x) - 1;
-+ }
-+- txt_len = strlen (txt);
-+- if (txt_len <= trunc_len) {
-+- strcpy (x, txt);
-+- } else {
-+- int y = (trunc_len / 2) + (trunc_len % 2);
-+- strncpy (x, txt, y);
-+- strncpy (x + y, txt + txt_len - (trunc_len / 2), trunc_len / 2);
-+- x[y] = '~';
-+- }
-+- x[trunc_len] = 0;
-+- for (p = x; *p; p++)
-+- if (!is_printable (*p))
-+- *p = '?';
-++ txt_len = mbstrlen (txt);
-++ first = 0;
-++ skip = 0;
-++ if (txt_len > trunc_len) {
-++ first = trunc_len / 2;
-++ skip = txt_len - trunc_len + 1;
-++ }
-++
-++#ifdef UTF8
-++ if (SLsmg_Is_Unicode) {
-++ mbstate_t s;
-++ int mbmax;
-++
-++ str = txt;
-++ memset (&s, 0, sizeof (s));
-++ mbmax = MB_CUR_MAX;
-++ p = x;
-++ while (p < x + sizeof (x) - 1 && trunc_len) {
-++ wchar_t wc;
-++ int len;
-++
-++ len = mbrtowc (&wc, str, mbmax, &s);
-++ if (!len)
-++ break;
-++ if (len < 0) {
-++ memset (&s, 0, sizeof (s));
-++ *p = '?';
-++ len = 1;
-++ str++;
-++ } else if (!is_printable (wc)) {
-++ *p = '?';
-++ str += len;
-++ len = 1;
-++ } else if (p >= x + sizeof (x) - len)
-++ break;
-++ else {
-++ memcpy (p, str, len);
-++ str += len;
-++ }
-++ if (first) {
-++ --trunc_len;
-++ --first;
-++ p += len;
-++ if (!first && p < x + sizeof (x) - 1 && trunc_len) {
-++ *p++ = '~';
-++ --trunc_len;
-++ }
-++ } else if (skip)
-++ --skip;
-++ else {
-++ --trunc_len;
-++ p += len;
-++ }
-++ }
-++ } else
-++#endif
-++ {
-++ str = txt;
-++ p = x;
-++ while (p < x + sizeof (x) - 1) {
-++ if (*str == '\0')
-++ break;
-++ else if (!is_printable (*str))
-++ *p++ = '?';
-++ else
-++ *p++ = *str;
-++ ++str;
-++ if (first) {
-++ --first;
-++ if (!first) {
-++ *p++ = '~';
-++ str += skip;
-++ }
-++ }
-++ }
-++ }
-++ *p = '\0';
-+ return x;
-+ }
-+
-+@@ -650,11 +856,66 @@
-+ }
-+
-+ char *
-++utf8_to_local(char *str)
-++{
-++ iconv_t cd;
-++ size_t buflen;
-++ char *output;
-++ int retry = 1;
-++
-++ if (str == NULL)
-++ return NULL;
-++ else
-++ buflen = strlen(str);
-++
-++ cd = iconv_open (nl_langinfo(CODESET), "UTF-8");
-++ if (cd == (iconv_t) -1) {
-++ return g_strdup(str);
-++ }
-++
-++ output = g_malloc(buflen + 1);
-++
-++ while (retry)
-++ {
-++ char *wrptr = output;
-++ char *inptr = str;
-++ size_t insize = buflen;
-++ size_t avail = buflen;
-++ size_t nconv;
-++
-++ nconv = iconv (cd, &inptr, &insize, &wrptr, &avail);
-++ if (nconv == (size_t) -1)
-++ {
-++ if (errno == E2BIG)
-++ {
-++ buflen *= 2;
-++ g_free(output);
-++ output = g_malloc(buflen + 1);
-++ }
-++ else
-++ {
-++ g_free(output);
-++ return g_strdup(str);
-++ }
-++ }
-++ else {
-++ retry = 0;
-++ *wrptr = 0;
-++ }
-++ }
-++
-++ iconv_close (cd);
-++
-++ return output;
-++}
-++
-++char *
-+ load_mc_home_file (const char *filename, char **allocated_filename)
-+ {
-+ char *hintfile_base, *hintfile;
-+ char *lang;
-+ char *data;
-++ char *conv_data;
-+
-+ hintfile_base = concat_dir_and_file (mc_home, filename);
-+ lang = guess_message_value ();
-+@@ -687,7 +948,10 @@
-+ else
-+ g_free (hintfile);
-+
-+- return data;
-++ conv_data = utf8_to_local(data);
-++ g_free(data);
-++
-++ return conv_data;
-+ }
-+
-+ /* Check strftime() results. Some systems (i.e. Solaris) have different
-+@@ -695,12 +959,14 @@
-+ size_t i18n_checktimelength (void)
-+ {
-+ size_t length, a, b;
-+- char buf [MAX_I18NTIMELENGTH + 1];
-++ char buf [4 * MAX_I18NTIMELENGTH + 1];
-+ time_t testtime = time (NULL);
-+
-+- a = strftime (buf, sizeof(buf)-1, _("%b %e %H:%M"), localtime(&testtime));
-+- b = strftime (buf, sizeof(buf)-1, _("%b %e %Y"), localtime(&testtime));
-+-
-++ strftime (buf, sizeof(buf)-1, _("%b %e %H:%M"), localtime(&testtime));
-++ a = mbstrlen (buf);
-++ strftime (buf, sizeof(buf)-1, _("%b %e %Y"), localtime(&testtime));
-++ b = mbstrlen (buf);
-++
-+ length = max (a, b);
-+
-+ /* Don't handle big differences. Use standard value (email bug, please) */
-+@@ -712,15 +978,12 @@
-+
-+ const char *file_date (time_t when)
-+ {
-+- static char timebuf [MAX_I18NTIMELENGTH + 1];
-++ static char timebuf [4 * MAX_I18NTIMELENGTH + 1];
-+ time_t current_time = time ((time_t) 0);
-+- static size_t i18n_timelength = 0;
-+ static const char *fmtyear, *fmttime;
-+ const char *fmt;
-+
-+- if (i18n_timelength == 0){
-+- i18n_timelength = i18n_checktimelength() + 1;
-+-
-++ if (fmtyear == NULL) {
-+ /* strftime() format string for old dates */
-+ fmtyear = _("%b %e %Y");
-+ /* strftime() format string for recent dates */
-+@@ -740,7 +1003,7 @@
-+ else
-+ fmt = fmttime;
-+
-+- strftime (timebuf, i18n_timelength, fmt, localtime(&when));
-++ strftime (timebuf, sizeof (timebuf) - 1, fmt, localtime(&when));
-+ return timebuf;
-+ }
-+
-+@@ -863,10 +1126,27 @@
-+ r++;
-+ continue;
-+ }
-+-
-++#ifndef UTF8
-+ if (is_printable(*r))
-+ *w++ = *r;
-+ ++r;
-++#else /* UTF8 */
-++ {
-++ mbstate_t mbs;
-++ int len;
-++ memset (&mbs, 0, sizeof (mbs));
-++ len = mbrlen(r, MB_CUR_MAX, &mbs);
-++
-++ if (len > 0 && (unsigned char)*r >= ' ')
-++ while (len--)
-++ *w++ = *r++;
-++ else {
-++ if (len == -1)
-++ *w++ = '?';
-++ r++;
-++ }
-++ }
-++#endif /* UTF8 */
-+ }
-+ *w = 0;
-+ return s;
-+diff -Naur mc-4.6.1-old/src/util.h mc-4.6.1/src/util.h
-+--- mc-4.6.1-old/src/util.h 2005-01-13 20:20:47.000000000 +0100
-++++ mc-4.6.1/src/util.h 2005-10-28 10:08:07.852229632 +0200
-+@@ -93,6 +93,13 @@
-+ char *get_group (int);
-+ char *get_owner (int);
-+
-++void fix_utf8(char *str);
-++size_t mbstrlen (const char *);
-++wchar_t *mbstr_to_wchar (const char *);
-++char *wchar_to_mbstr (const wchar_t *);
-++char *utf8_to_local(char *str);
-++
-++
-+ #define MAX_I18NTIMELENGTH 14
-+ #define MIN_I18NTIMELENGTH 10
-+ #define STD_I18NTIMELENGTH 12
-+diff -Naur mc-4.6.1-old/src/view.c mc-4.6.1/src/view.c
-+--- mc-4.6.1-old/src/view.c 2005-05-27 16:19:18.000000000 +0200
-++++ mc-4.6.1/src/view.c 2005-10-28 10:08:08.023203640 +0200
-+@@ -36,6 +36,10 @@
-+ #include <errno.h>
-+ #include <limits.h>
-+
-++#ifdef UTF8
-++#include <wctype.h>
-++#endif /* UTF8 */
-++
-+ #include "global.h"
-+ #include "tty.h"
-+ #include "cmd.h" /* For view_other_cmd */
-+@@ -793,7 +797,7 @@
-+
-+ if (!i18n_adjust) {
-+ file_label = _("File: %s");
-+- i18n_adjust = strlen (file_label) - 2;
-++ i18n_adjust = mbstrlen (file_label) - 2;
-+ }
-+
-+ if (w < i18n_adjust + 6)
-+@@ -849,7 +853,11 @@
-+ widget_erase ((Widget *) view);
-+ }
-+
-++#ifndef UTF8
-+ #define view_add_character(view,c) addch (c)
-++#else /* UTF8 */
-++#define view_add_character(view,c) SLsmg_write_char(c)
-++#endif /* UTF8 */
-+ #define view_add_one_vline() one_vline()
-+ #define view_add_string(view,s) addstr (s)
-+ #define view_gotoyx(v,r,c) widget_move (v,r,c)
-+@@ -1071,6 +1079,12 @@
-+ if (view->growing_buffer && from == view->last_byte)
-+ get_byte (view, from);
-+ for (; row < height && from < view->last_byte; from++) {
-++#ifdef UTF8
-++ mbstate_t mbs;
-++ char mbbuf[MB_LEN_MAX];
-++ int mblen;
-++ wchar_t wc;
-++#endif /* UTF8 */
-+ c = get_byte (view, from);
-+ if ((c == '\n') || (col >= width && view->wrap_mode)) {
-+ col = frame_shift;
-+@@ -1084,7 +1098,37 @@
-+ col = ((col - frame_shift) / 8) * 8 + 8 + frame_shift;
-+ continue;
-+ }
-++#ifndef UTF8
-+ if (view->viewer_nroff_flag && c == '\b') {
-++#else /* UTF8 */
-++ mblen = 1;
-++ mbbuf[0] = convert_to_display_c (c);
-++
-++ while (mblen < MB_LEN_MAX) {
-++ int res;
-++ memset (&mbs, 0, sizeof (mbs));
-++ res = mbrtowc (&wc, mbbuf, mblen, &mbs);
-++ if (res <= 0 && res != -2) {
-++ wc = '.';
-++ mblen = 1;
-++ break;
-++ }
-++ if (res == mblen)
-++ break;
-++
-++ mbbuf[mblen] = convert_to_display_c (get_byte (view, from + mblen));
-++ mblen++;
-++ }
-++
-++ if (mblen == MB_LEN_MAX) {
-++ wc = '.';
-++ mblen = 1;
-++ }
-++
-++ from += mblen - 1;
-++
-++ if (view->viewer_nroff_flag && wc == '\b') {
-++#endif /* UTF8 */
-+ int c_prev;
-+ int c_next;
-+
-+@@ -1122,12 +1166,23 @@
-+ && col < width - view->start_col) {
-+ view_gotoyx (view, row, col + view->start_col);
-+
-++#ifndef UTF8
-+ c = convert_to_display_c (c);
-+-
-+ if (!is_printable (c))
-+ c = '.';
-+-
-+ view_add_character (view, c);
-++#else /* UTF8 */
-++ if (!iswprint (wc))
-++ wc = '.';
-++ view_add_character (view, wc);
-++
-++ {
-++ int cw = wcwidth(wc);
-++ if (cw > 1)
-++ col+= cw - 1;
-++ }
-++#endif /* UTF8 */
-++
-+ }
-+ col++;
-+ if (boldflag != MARK_NORMAL) {
-+diff -Naur mc-4.6.1-old/src/widget.c mc-4.6.1/src/widget.c
-+--- mc-4.6.1-old/src/widget.c 2005-05-27 16:19:19.000000000 +0200
-++++ mc-4.6.1/src/widget.c 2005-10-28 10:08:07.888224160 +0200
-+@@ -33,6 +33,9 @@
-+ #include <ctype.h>
-+ #include "global.h"
-+ #include "tty.h"
-++#ifdef UTF8
-++#include <wctype.h>
-++#endif /* UTF8 */
-+ #include "color.h"
-+ #include "mouse.h"
-+ #include "dialog.h"
-+@@ -148,6 +151,11 @@
-+ if (b->hotpos >= 0) {
-+ attrset ((b->selected) ? HOT_FOCUSC : HOT_NORMALC);
-+ widget_move (&b->widget, 0, b->hotpos + off);
-++#ifdef UTF8
-++ if (SLsmg_Is_Unicode)
-++ SLsmg_write_nwchars (&b->hotwc, 1);
-++ else
-++#endif
-+ addch ((unsigned char) b->text[b->hotpos]);
-+ }
-+ return MSG_HANDLED;
-+@@ -179,7 +187,7 @@
-+ static int
-+ button_len (const char *text, unsigned int flags)
-+ {
-+- int ret = strlen (text);
-++ int ret = mbstrlen (text);
-+ switch (flags){
-+ case DEFPUSH_BUTTON:
-+ ret += 6;
-+@@ -202,14 +210,36 @@
-+ * the button text is g_malloc()ed, we can safely change and shorten it.
-+ */
-+ static void
-+-button_scan_hotkey (WButton *b)
-++scan_hotkey (char *text, int *hotposp, int *hotkeyp, wchar_t *hotwcp)
-+ {
-+- char *cp = strchr (b->text, '&');
-++ char *cp = strchr (text, '&');
-+
-+ if (cp != NULL && cp[1] != '\0') {
-+- g_strlcpy (cp, cp + 1, strlen (cp));
-+- b->hotkey = tolower (*cp);
-+- b->hotpos = cp - b->text;
-++#ifdef UTF8
-++ if (SLsmg_Is_Unicode) {
-++ mbstate_t s;
-++ int len;
-++
-++ *cp = '\0';
-++ memset (&s, 0, sizeof (s));
-++ len = mbrtowc (hotwcp, cp + 1, MB_CUR_MAX, &s);
-++ if (len > 0) {
-++ *hotposp = mbstrlen (text);
-++ if (*hotposp < 0) {
-++ *hotposp = -1;
-++ } else {
-++ /* FIXME */
-++ *hotkeyp = tolower (*hotwcp);
-++ }
-++ }
-++ } else
-++#endif
-++ {
-++ *hotkeyp = tolower (cp[1]);
-++ *hotposp = cp - text;
-++ }
-++
-++ memmove (cp, cp + 1, strlen (cp + 1) + 1);
-+ }
-+ }
-+
-+@@ -231,22 +261,23 @@
-+ widget_want_hotkey (b->widget, 1);
-+ b->hotkey = 0;
-+ b->hotpos = -1;
-++ b->hotwc = L'\0';
-+
-+- button_scan_hotkey(b);
-++ scan_hotkey(b->text, &b->hotpos, &b->hotkey, &b->hotwc);
-+ return b;
-+ }
-+
-+ void
-+ button_set_text (WButton *b, const char *text)
-+ {
-+- g_free (b->text);
-++ g_free (b->text);
-+ b->text = g_strdup (text);
-+ b->widget.cols = button_len (text, b->flags);
-+- button_scan_hotkey(b);
-++ scan_hotkey(b->text, &b->hotpos, &b->hotkey, &b->hotwc);
-+ dlg_redraw (b->widget.parent);
-+ }
-+
-+-\f
-++
-+ /* Radio button widget */
-+ static int radio_event (Gpm_Event *event, WRadio *r);
-+
-+@@ -320,16 +351,37 @@
-+ widget_move (&r->widget, i, 0);
-+
-+ printw ("(%c) ", (r->sel == i) ? '*' : ' ');
-+- for (cp = r->texts[i]; *cp; cp++) {
-+- if (*cp == '&') {
-+- attrset ((i == r->pos && msg == WIDGET_FOCUS)
-+- ? HOT_FOCUSC : HOT_NORMALC);
-+- addch (*++cp);
-+- attrset ((i == r->pos
-+- && msg == WIDGET_FOCUS) ? FOCUSC : NORMALC);
-++ cp = strchr (r->texts[i], '&');
-++ if (cp != NULL) {
-++#ifdef UTF8
-++ mbstate_t s;
-++ wchar_t wc;
-++ int len;
-++#endif
-++ printw ("%.*s", (int) ((char *) cp - r->texts[i]),
-++ r->texts[i]);
-++ attrset ((i == r->pos && msg == WIDGET_FOCUS)
-++ ? HOT_FOCUSC : HOT_NORMALC);
-++#ifdef UTF8
-++ if (SLsmg_Is_Unicode) {
-++ memset (&s, 0, sizeof (s));
-++ len = mbrtowc (&wc, cp + 1, MB_CUR_MAX, &s);
-++ ++cp;
-++ if (len > 0) {
-++ printw ("%.*s", len, cp);
-++ cp += len;
-++ }
-+ } else
-+- addch (*cp);
-+- }
-++#endif
-++ {
-++ addch (*++cp);
-++ ++cp;
-++ }
-++ attrset ((i == r->pos && msg == WIDGET_FOCUS)
-++ ? FOCUSC : NORMALC);
-++ } else
-++ cp = r->texts[i];
-++ addstr ((char *) cp);
-+ }
-+ return MSG_HANDLED;
-+
-+@@ -365,7 +417,7 @@
-+ /* Compute the longest string */
-+ max = 0;
-+ for (i = 0; i < count; i++){
-+- m = strlen (texts [i]);
-++ m = mbstrlen (texts [i]);
-+ if (m > max)
-+ max = m;
-+ }
-+@@ -426,6 +478,11 @@
-+ if (c->hotpos >= 0) {
-+ attrset ((msg == WIDGET_FOCUS) ? HOT_FOCUSC : HOT_NORMALC);
-+ widget_move (&c->widget, 0, +c->hotpos + 4);
-++#ifdef UTF8
-++ if (SLsmg_Is_Unicode)
-++ SLsmg_write_nwchars (&c->hotwc, 1);
-++ else
-++#endif
-+ addch ((unsigned char) c->text[c->hotpos]);
-+ }
-+ return MSG_HANDLED;
-+@@ -460,32 +517,18 @@
-+ check_new (int y, int x, int state, const char *text)
-+ {
-+ WCheck *c = g_new (WCheck, 1);
-+- const char *s;
-+- char *t;
-+
-+- init_widget (&c->widget, y, x, 1, strlen (text),
-++ init_widget (&c->widget, y, x, 1, mbstrlen (text),
-+ (callback_fn)check_callback,
-+ (mouse_h) check_event);
-+ c->state = state ? C_BOOL : 0;
-+ c->text = g_strdup (text);
-+ c->hotkey = 0;
-+ c->hotpos = -1;
-++ c->hotwc = L'\0';
-+ widget_want_hotkey (c->widget, 1);
-+
-+- /* Scan for the hotkey */
-+- for (s = text, t = c->text; *s; s++, t++){
-+- if (*s != '&'){
-+- *t = *s;
-+- continue;
-+- }
-+- s++;
-+- if (*s){
-+- c->hotkey = tolower (*s);
-+- c->hotpos = t - c->text;
-+- }
-+- *t = *s;
-+- }
-+- *t = 0;
-++ scan_hotkey (c->text, &c->hotpos, &c->hotkey, &c->hotwc);
-+ return c;
-+ }
-+
-+@@ -527,7 +570,7 @@
-+ }
-+ widget_move (&l->widget, y, 0);
-+ printw ("%s", p);
-+- xlen = l->widget.cols - strlen (p);
-++ xlen = l->widget.cols - mbstrlen (p);
-+ if (xlen > 0)
-+ printw ("%*s", xlen, " ");
-+ if (!q)
-+@@ -561,7 +604,7 @@
-+ if (text){
-+ label->text = g_strdup (text);
-+ if (label->auto_adjust_cols) {
-+- newcols = strlen (text);
-++ newcols = mbstrlen (text);
-+ if (newcols > label->widget.cols)
-+ label->widget.cols = newcols;
-+ }
-+@@ -585,7 +628,7 @@
-+ if (!text || strchr(text, '\n'))
-+ width = 1;
-+ else
-+- width = strlen (text);
-++ width = mbstrlen (text);
-+
-+ l = g_new (WLabel, 1);
-+ init_widget (&l->widget, y, x, 1, width,
-+@@ -734,13 +777,69 @@
-+ /* Pointer to killed data */
-+ static char *kill_buffer = 0;
-+
-++#ifdef UTF8
-++static int
-++charpos(WInput *in, int idx)
-++{
-++ int i, pos, l, len;
-++ mbstate_t mbs;
-++ memset (&mbs, 0, sizeof (mbs));
-++ i = 0;
-++ pos = 0;
-++ len = strlen(in->buffer);
-++
-++ while (in->buffer[pos]) {
-++ if (i == idx)
-++ return pos;
-++ l = mbrlen(in->buffer + pos, len - pos, &mbs);
-++ if (l <= 0)
-++ return pos;
-++ pos+=l;
-++ i++;
-++ };
-++ return pos;
-++}
-++
-++static int
-++charcolumn(WInput *in, int idx)
-++{
-++ int i, pos, l, width, len;
-++ mbstate_t mbs;
-++ memset (&mbs, 0, sizeof (mbs));
-++ i = 0;
-++ pos = 0; width = 0;
-++ len = strlen(in->buffer);
-++
-++ while (in->buffer[pos]) {
-++ wchar_t wc;
-++ if (i == idx)
-++ return width;
-++ l = mbrtowc(&wc, in->buffer + pos, len - pos, &mbs);
-++ if (l <= 0)
-++ return width;
-++ pos += l; width += wcwidth(wc);
-++ i++;
-++ };
-++ return width;
-++}
-++#else
-++#define charpos(in, idx) (idx)
-++#define charcolumn(in, idx) (idx)
-++#endif /* UTF8 */
-++
-+ void
-+ update_input (WInput *in, int clear_first)
-+ {
-+ int has_history = 0;
-+ int i, j;
-+- unsigned char c;
-+- int buf_len = strlen (in->buffer);
-++ int buf_len = mbstrlen (in->buffer);
-++#ifndef UTF8
-++ unsigned char c;
-++#else /* UTF8 */
-++ wchar_t c;
-++ mbstate_t mbs;
-++ memset (&mbs, 0, sizeof (mbs));
-++#endif /* UTF8 */
-+
-+ if (should_show_history_button (in))
-+ has_history = HISTORY_BUTTON_WIDTH;
-+@@ -750,7 +849,7 @@
-+
-+ /* Make the point visible */
-+ if ((in->point < in->first_shown) ||
-+- (in->point >= in->first_shown+in->field_len - has_history)){
-++ (charcolumn(in, in->point) >= charcolumn(in, in->first_shown) + in->field_len - has_history)){
-+ in->first_shown = in->point - (in->field_len / 3);
-+ if (in->first_shown < 0)
-+ in->first_shown = 0;
-+@@ -770,14 +869,29 @@
-+ addch (' ');
-+ widget_move (&in->widget, 0, 0);
-+
-++#ifndef UTF8
-+ for (i = 0, j = in->first_shown; i < in->field_len - has_history && in->buffer [j]; i++){
-+ c = in->buffer [j++];
-+ c = is_printable (c) ? c : '.';
-+- if (in->is_password)
-++#else /* UTF8 */
-++ for (i = 0, j = in->first_shown; (i < in->field_len - has_history) && (j < buf_len); i++,j++){
-++ char * chp = in->buffer + charpos(in,j);
-++ size_t res = mbrtowc(&c, chp, strlen(chp), &mbs);
-++ c = (res && iswprint (c)) ? 0 : '.';
-++#endif /* UTF8 */
-++ if (in->is_password)
-+ c = '*';
-++#ifndef UTF8
-+ addch (c);
-++#else /* UTF8 */
-++ if (c) {
-++ addch (c);
-++ }
-++ else
-++ SLsmg_write_nchars (chp, res);
-++#endif /* UTF8 */
-+ }
-+- widget_move (&in->widget, 0, in->point - in->first_shown);
-++ widget_move (&in->widget, 0, charcolumn(in, in->point) - charcolumn(in, in->first_shown));
-+
-+ if (clear_first)
-+ in->first = 0;
-+@@ -919,7 +1033,7 @@
-+ show_hist (GList *history, int widget_x, int widget_y)
-+ {
-+ GList *hi, *z;
-+- size_t maxlen = strlen (i18n_htitle ()), i, count = 0;
-++ size_t maxlen = mbstrlen (i18n_htitle ()), i, count = 0;
-+ int x, y, w, h;
-+ char *q, *r = 0;
-+ Dlg_head *query_dlg;
-+@@ -932,7 +1046,7 @@
-+ z = g_list_first (history);
-+ hi = z;
-+ while (hi) {
-+- if ((i = strlen ((char *) hi->data)) > maxlen)
-++ if ((i = mbstrlen ((char *) hi->data)) > maxlen)
-+ maxlen = i;
-+ count++;
-+ hi = g_list_next (hi);
-+@@ -1104,35 +1218,83 @@
-+ in->need_push = 1;
-+ in->buffer [0] = 0;
-+ in->point = 0;
-++ in->charpoint = 0;
-+ in->mark = 0;
-+ free_completions (in);
-+ update_input (in, 0);
-+ }
-+
-++static void
-++move_buffer_backward (WInput *in, int point)
-++{
-++ int i, pos, len;
-++ int str_len = mbstrlen (in->buffer);
-++ if (point >= str_len) return;
-++
-++ pos = charpos(in,point);
-++ len = charpos(in,point + 1) - pos;
-++
-++ for (i = pos; in->buffer [i + len - 1]; i++)
-++ in->buffer [i] = in->buffer [i + len];
-++}
-++
-+ static cb_ret_t
-+ insert_char (WInput *in, int c_code)
-+ {
-+ size_t i;
-++#ifdef UTF8
-++ mbstate_t mbs;
-++ int res;
-++
-++ memset (&mbs, 0, sizeof (mbs));
-++#else
-++ in->charpoint = 0;
-++#endif /* UTF8 */
-+
-+ if (c_code == -1)
-+ return MSG_NOT_HANDLED;
-+
-++#ifdef UTF8
-++ if (in->charpoint >= MB_CUR_MAX) return 1;
-++
-++ in->charbuf[in->charpoint++] = c_code;
-++
-++ res = mbrlen((char *)in->charbuf, in->charpoint, &mbs);
-++ if (res < 0) {
-++ if (res != -2) in->charpoint = 0; /* broken multibyte char, skip */
-++ return 1;
-++ }
-++
-++#endif /* UTF8 */
-+ in->need_push = 1;
-+- if (strlen (in->buffer)+1 == (size_t) in->current_max_len){
-++ if (strlen (in->buffer) + 1 + in->charpoint >= (size_t) in->current_max_len){
-+ /* Expand the buffer */
-+- char *narea = g_realloc (in->buffer, in->current_max_len + in->field_len);
-++ char *narea = g_realloc (in->buffer, in->current_max_len + in->field_len + in->charpoint);
-+ if (narea){
-+ in->buffer = narea;
-+- in->current_max_len += in->field_len;
-++ in->current_max_len += in->field_len + in->charpoint;
-+ }
-+ }
-++#ifndef UTF8
-+ if (strlen (in->buffer)+1 < (size_t) in->current_max_len){
-+ size_t l = strlen (&in->buffer [in->point]);
-+ for (i = l+1; i > 0; i--)
-+ in->buffer [in->point+i] = in->buffer [in->point+i-1];
-+ in->buffer [in->point] = c_code;
-++#else /* UTF8 */
-++ if (strlen (in->buffer) + in->charpoint < in->current_max_len){
-++ size_t ins_point = charpos(in,in->point); /* bytes from begin */
-++ /* move chars */
-++ size_t rest_bytes = strlen (in->buffer + ins_point);
-++
-++ for (i = rest_bytes + 1; i > 0; i--)
-++ in->buffer [ins_point + i + in->charpoint - 1] = in->buffer [ins_point + i - 1];
-++
-++ memcpy(in->buffer + ins_point, in->charbuf, in->charpoint);
-++#endif /* UTF8 */
-+ in->point++;
-+ }
-++ in->charpoint = 0;
-+ return MSG_HANDLED;
-+ }
-+
-+@@ -1140,12 +1302,14 @@
-+ beginning_of_line (WInput *in)
-+ {
-+ in->point = 0;
-++ in->charpoint = 0;
-+ }
-+
-+ static void
-+ end_of_line (WInput *in)
-+ {
-+- in->point = strlen (in->buffer);
-++ in->point = mbstrlen (in->buffer);
-++ in->charpoint = 0;
-+ }
-+
-+ static void
-+@@ -1153,18 +1317,21 @@
-+ {
-+ if (in->point)
-+ in->point--;
-++ in->charpoint = 0;
-+ }
-+
-+ static void
-+ forward_char (WInput *in)
-+ {
-+- if (in->buffer [in->point])
-++ if (in->buffer [charpos(in,in->point)])
-+ in->point++;
-++ in->charpoint = 0;
-+ }
-+
-+ static void
-+ forward_word (WInput *in)
-+ {
-++#ifndef UTF8
-+ unsigned char *p = in->buffer+in->point;
-+
-+ while (*p && (isspace (*p) || ispunct (*p)))
-+@@ -1172,11 +1339,39 @@
-+ while (*p && isalnum (*p))
-+ p++;
-+ in->point = p - in->buffer;
-++#else /* UTF8 */
-++ mbstate_t mbs;
-++ int len = mbstrlen (in->buffer);
-++ memset (&mbs, 0, sizeof (mbs));
-++
-++ while (in->point < len) {
-++ wchar_t c;
-++ char *p = in->buffer + charpos(in,in->point);
-++ size_t res = mbrtowc(&c, p, strlen(p), &mbs);
-++ if (res <= 0 || !(iswspace (c) || iswpunct (c)))
-++ break;
-++ in->point++;
-++ }
-++
-++ memset (&mbs, 0, sizeof (mbs));
-++
-++ while (in->point < len) {
-++ wchar_t c;
-++ char *p = in->buffer + charpos(in,in->point);
-++ size_t res = mbrtowc(&c, p, strlen(p), &mbs);
-++ if (res <= 0 || !iswalnum (c))
-++ break;
-++ in->point++;
-++ }
-++
-++ in->charpoint = 0;
-++#endif /* UTF8 */
-+ }
-+
-+ static void
-+ backward_word (WInput *in)
-+ {
-++#ifndef UTF8
-+ unsigned char *p = in->buffer+in->point;
-+
-+ while (p-1 > in->buffer-1 && (isspace (*(p-1)) || ispunct (*(p-1))))
-+@@ -1184,6 +1379,32 @@
-+ while (p-1 > in->buffer-1 && isalnum (*(p-1)))
-+ p--;
-+ in->point = p - in->buffer;
-++#else /* UTF8 */
-++ mbstate_t mbs;
-++
-++ memset (&mbs, 0, sizeof (mbs));
-++ while (in->point > 0) {
-++ wchar_t c;
-++ char *p = in->buffer + charpos(in,in->point);
-++ size_t res = mbrtowc(&c, p, strlen(p), &mbs);
-++ if (*p && (res <= 0 || !(iswspace (c) || iswpunct (c))))
-++ break;
-++ in->point--;
-++ }
-++
-++ memset (&mbs, 0, sizeof (mbs));
-++
-++ while (in->point > 0) {
-++ wchar_t c;
-++ char *p = in->buffer + charpos(in,in->point);
-++ size_t res = mbrtowc(&c, p, strlen(p), &mbs);
-++ if (*p && (res <= 0 || !iswalnum (c)))
-++ break;
-++ in->point--;
-++ }
-++
-++ in->charpoint = 0;
-++#endif /* UTF8 */
-+ }
-+
-+ static void
-+@@ -1216,8 +1437,9 @@
-+
-+ if (!in->point)
-+ return;
-+- for (i = in->point; in->buffer [i-1]; i++)
-+- in->buffer [i-1] = in->buffer [i];
-++
-++ move_buffer_backward(in, in->point - 1);
-++ in->charpoint = 0;
-+ in->need_push = 1;
-+ in->point--;
-+ }
-+@@ -1225,10 +1447,8 @@
-+ static void
-+ delete_char (WInput *in)
-+ {
-+- int i;
-+-
-+- for (i = in->point; in->buffer [i]; i++)
-+- in->buffer [i] = in->buffer [i+1];
-++ move_buffer_backward(in, in->point);
-++ in->charpoint = 0;
-+ in->need_push = 1;
-+ }
-+
-+@@ -1243,6 +1463,9 @@
-+
-+ g_free (kill_buffer);
-+
-++ first=charpos(in,first);
-++ last=charpos(in,last);
-++
-+ kill_buffer = g_strndup(in->buffer+first,last-first);
-+ }
-+
-+@@ -1251,11 +1474,13 @@
-+ {
-+ int first = min (x_first, x_last);
-+ int last = max (x_first, x_last);
-+- size_t len = strlen (&in->buffer [last]) + 1;
-++ size_t len;
-+
-+ in->point = first;
-+ in->mark = first;
-+- memmove (&in->buffer [first], &in->buffer [last], len);
-++ len = strlen (&in->buffer [charpos(in,last)]) + 1;
-++ memmove (&in->buffer [charpos(in,first)], &in->buffer [charpos(in,last)], len);
-++ in->charpoint = 0;
-+ in->need_push = 1;
-+ }
-+
-+@@ -1272,6 +1497,8 @@
-+ copy_region (in, old_point, new_point);
-+ delete_region (in, old_point, new_point);
-+ in->need_push = 1;
-++ in->charpoint = 0;
-++ in->charpoint = 0;
-+ }
-+
-+ static void
-+@@ -1315,16 +1542,20 @@
-+
-+ if (!kill_buffer)
-+ return;
-++ in->charpoint = 0;
-+ for (p = kill_buffer; *p; p++)
-+ insert_char (in, *p);
-++ in->charpoint = 0;
-+ }
-+
-+ static void
-+ kill_line (WInput *in)
-+ {
-++ int chp = charpos(in,in->point);
-+ g_free (kill_buffer);
-+- kill_buffer = g_strdup (&in->buffer [in->point]);
-+- in->buffer [in->point] = 0;
-++ kill_buffer = g_strdup (&in->buffer [chp]);
-++ in->buffer [chp] = 0;
-++ in->charpoint = 0;
-+ }
-+
-+ void
-+@@ -1334,9 +1565,10 @@
-+ g_free (in->buffer);
-+ in->buffer = g_strdup (text); /* was in->buffer->text */
-+ in->current_max_len = strlen (in->buffer) + 1;
-+- in->point = strlen (in->buffer);
-++ in->point = mbstrlen (in->buffer);
-+ in->mark = 0;
-+ in->need_push = 1;
-++ in->charpoint = 0;
-+ }
-+
-+ static void
-+@@ -1461,6 +1693,7 @@
-+ *in->buffer = 0;
-+ in->point = 0;
-+ in->first = 0;
-++ in->charpoint = 0;
-+ }
-+
-+ cb_ret_t
-+@@ -1489,7 +1722,11 @@
-+ }
-+ }
-+ if (!input_map [i].fn){
-++#ifndef UTF8
-+ if (c_code > 255 || !is_printable (c_code))
-++#else /* UTF8 */
-++ if (c_code > 255)
-++#endif /* UTF8 */
-+ return MSG_NOT_HANDLED;
-+ if (in->first){
-+ port_region_marked_for_delete (in);
-+@@ -1523,6 +1760,9 @@
-+ if (pos != in->point)
-+ free_completions (in);
-+ in->point = pos;
-++#ifdef UTF8
-++ in->charpoint = 0;
-++#endif /* UTF8 */
-+ update_input (in, 1);
-+ }
-+
-+@@ -1562,7 +1802,7 @@
-+ return MSG_HANDLED;
-+
-+ case WIDGET_CURSOR:
-+- widget_move (&in->widget, 0, in->point - in->first_shown);
-++ widget_move (&in->widget, 0, charcolumn(in, in->point) - charcolumn(in, in->first_shown));
-+ return MSG_HANDLED;
-+
-+ case WIDGET_DESTROY:
-+@@ -1584,7 +1824,7 @@
-+ && should_show_history_button (in)) {
-+ do_show_hist (in);
-+ } else {
-+- in->point = strlen (in->buffer);
-++ in->point = mbstrlen (in->buffer);
-+ if (event->x - in->first_shown - 1 < in->point)
-+ in->point = event->x - in->first_shown - 1;
-+ if (in->point < 0)
-+@@ -1642,7 +1882,8 @@
-+ in->is_password = 0;
-+
-+ strcpy (in->buffer, def_text);
-+- in->point = strlen (in->buffer);
-++ in->point = mbstrlen (in->buffer);
-++ in->charpoint = 0;
-+ return in;
-+ }
-+
-+diff -Naur mc-4.6.1-old/src/widget.h mc-4.6.1/src/widget.h
-+--- mc-4.6.1-old/src/widget.h 2004-08-29 20:46:16.000000000 +0200
-++++ mc-4.6.1/src/widget.h 2005-10-28 10:08:08.064197408 +0200
-+@@ -25,6 +25,7 @@
-+ char *text; /* text of button */
-+ int hotkey; /* hot KEY */
-+ int hotpos; /* offset hot KEY char in text */
-++ wchar_t hotwc;
-+ bcback callback; /* Callback function */
-+ } WButton;
-+
-+@@ -43,6 +44,7 @@
-+ char *text; /* text of check button */
-+ int hotkey; /* hot KEY */
-+ int hotpos; /* offset hot KEY char in text */
-++ wchar_t hotwc;
-+ } WCheck;
-+
-+ typedef struct WGauge {
-+@@ -58,16 +60,20 @@
-+
-+ typedef struct {
-+ Widget widget;
-+- int point; /* cursor position in the input line */
-+- int mark; /* The mark position */
-+- int first_shown; /* Index of the first shown character */
-+- int current_max_len; /* Maximum length of input line */
-+- int field_len; /* Length of the editing field */
-++ int point; /* cursor position in the input line (mb chars) */
-++ int mark; /* The mark position (mb chars) */
-++ int first_shown; /* Index of the first shown character (mb chars) */
-++ int current_max_len; /* Maximum length of input line (bytes) */
-++ int field_len; /* Length of the editing field (mb chars) */
-+ int color; /* color used */
-+ int first; /* Is first keystroke? */
-+ int disable_update; /* Do we want to skip updates? */
-+ int is_password; /* Is this a password input line? */
-+ unsigned char *buffer; /* pointer to editing buffer */
-++#ifdef UTF8
-++ unsigned char charbuf[MB_LEN_MAX];
-++#endif /* UTF8 */
-++ int charpoint;
-+ GList *history; /* The history */
-+ int need_push; /* need to push the current Input on hist? */
-+ char **completions; /* Possible completions array */
-+diff -Naur mc-4.6.1-old/src/wtools.c mc-4.6.1/src/wtools.c
-+--- mc-4.6.1-old/src/wtools.c 2005-05-27 16:19:19.000000000 +0200
-++++ mc-4.6.1/src/wtools.c 2005-10-28 10:08:08.036201664 +0200
-+@@ -48,11 +48,11 @@
-+ /* Adjust sizes */
-+ lines = (lines > LINES - 6) ? LINES - 6 : lines;
-+
-+- if (title && (cols < (len = strlen (title) + 2)))
-++ if (title && (cols < (len = mbstrlen (title) + 2)))
-+ cols = len;
-+
-+ /* no &, but 4 spaces around button for brackets and such */
-+- if (cols < (len = strlen (cancel_string) + 3))
-++ if (cols < (len = mbstrlen (cancel_string) + 3))
-+ cols = len;
-+
-+ cols = cols > COLS - 6 ? COLS - 6 : cols;
-+@@ -123,7 +123,7 @@
-+ va_start (ap, count);
-+ for (i = 0; i < count; i++) {
-+ char *cp = va_arg (ap, char *);
-+- win_len += strlen (cp) + 6;
-++ win_len += mbstrlen (cp) + 6;
-+ if (strchr (cp, '&') != NULL)
-+ win_len--;
-+ }
-+@@ -131,7 +131,7 @@
-+ }
-+
-+ /* count coordinates */
-+- cols = 6 + max (win_len, max ((int) strlen (header), msglen (text, &lines)));
-++ cols = 6 + max (win_len, max ((int) mbstrlen (header), msglen (text, &lines)));
-+ lines += 4 + (count > 0 ? 2 : 0);
-+ xpos = COLS / 2 - cols / 2;
-+ ypos = LINES / 3 - (lines - 3) / 2;
-+@@ -146,7 +146,7 @@
-+ va_start (ap, count);
-+ for (i = 0; i < count; i++) {
-+ cur_name = va_arg (ap, char *);
-+- xpos = strlen (cur_name) + 6;
-++ xpos = mbstrlen (cur_name) + 6;
-+ if (strchr (cur_name, '&') != NULL)
-+ xpos--;
-+
-+@@ -457,7 +457,7 @@
-+ g_strlcpy (histname + 3, header, 61);
-+ quick_widgets[2].histname = histname;
-+
-+- len = max ((int) strlen (header), msglen (text, &lines)) + 4;
-++ len = max ((int) mbstrlen (header), msglen (text, &lines)) + 4;
-+ len = max (len, 64);
-+
-+ /* The special value of def_text is used to identify password boxes
-+@@ -477,7 +477,7 @@
-+ */
-+ quick_widgets[0].relative_x = len / 2 + 4;
-+ quick_widgets[1].relative_x =
-+- len / 2 - (strlen (_(quick_widgets[1].text)) + 9);
-++ len / 2 - (mbstrlen (_(quick_widgets[1].text)) + 9);
-+ quick_widgets[0].x_divisions = quick_widgets[1].x_divisions = len;
-+ #endif /* ENABLE_NLS */
-+
---- mc-4.6.1.orig/debian/patches/03_conffiles_in_mans.patch
-+++ mc-4.6.1/debian/patches/03_conffiles_in_mans.patch
-@@ -0,0 +1,90 @@
-+diff -urN mc-4.6.0-pre3.orig/doc/mc.1.in mc-4.6.0-pre3/doc/mc.1.in
-+--- mc-4.6.0-pre3.orig/doc/mc.1.in 2003-01-14 21:01:34.000000000 +0100
-++++ mc-4.6.0-pre3/doc/mc.1.in 2003-01-14 21:59:38.000000000 +0100
-+@@ -1337,7 +1337,7 @@
-+ but only if it is owned by user or root and is not world-writable.
-+ If no such file found, ~/.mc/menu is tried in the same way,
-+ and otherwise mc uses the default system-wide menu
-+-@prefix@/share/mc/mc.menu.
-++/etc/mc/mc.menu.
-+ .PP
-+ The format of the menu file is very simple. Lines that start with
-+ anything but space or tab are considered entries for the menu (in
-+@@ -1855,7 +1855,7 @@
-+ At startup the Midnight Commander will try to load initialization
-+ information from the ~/.mc/ini file. If this file doesn't exist, it will
-+ load the information from the system-wide configuration file, located in
-+-@prefix@/share/mc/mc.ini. If the system-wide configuration file doesn't
-++/etc/mc/mc.ini. If the system-wide configuration file doesn't
-+ exist, MC uses the default settings.
-+ .PP
-+ The
-+@@ -3045,7 +3045,7 @@
-+ .IP
-+ The help file for the program.
-+ .PP
-+-.I @prefix@/share/mc/mc.ext
-++.I /etc/mc/mc.ext
-+ .IP
-+ The default system-wide extensions file.
-+ .PP
-+@@ -3054,12 +3054,12 @@
-+ User's own extension, view configuration and edit configuration
-+ file. They override the contents of the system wide files if present.
-+ .PP
-+-.I @prefix@/share/mc/mc.ini
-++.I /etc/mc/mc.ini
-+ .IP
-+ The default system-wide setup for the Midnight Commander, used only if
-+ the user doesn't have his own ~/.mc/ini file.
-+ .PP
-+-.I @prefix@/share/mc/mc.lib
-++.I /etc/mc/mc.lib
-+ .IP
-+ Global settings for the Midnight Commander. Settings in this file
-+ affect all users, whether they have ~/.mc/ini or not. Currently, only
-+@@ -3077,7 +3077,7 @@
-+ .IP
-+ This file contains the hints (cookies) displayed by the program.
-+ .PP
-+-.I @prefix@/share/mc/mc.menu
-++.I /etc/mc/mc.menu
-+ .IP
-+ This file contains the default system-wide applications menu.
-+ .PP
-+diff -urN mc-4.6.0-pre3.orig/doc/mcedit.1.in mc-4.6.0-pre3/doc/mcedit.1.in
-+--- mc-4.6.0-pre3.orig/doc/mcedit.1.in 2003-01-20 15:18:36.000000000 +0100
-++++ mc-4.6.0-pre3/doc/mcedit.1.in 2003-01-23 18:57:57.000000000 +0100
-+@@ -436,12 +436,12 @@
-+ .IP
-+ The help file for the program.
-+ .PP
-+-.I @prefix@/share/mc/mc.ini
-++.I /etc/mc/mc.ini
-+ .IP
-+ The default system-wide setup for GNU Midnight Commander, used only if
-+ the user's own ~/.mc/ini file is missing.
-+ .PP
-+-.I @prefix@/share/mc/mc.lib
-++.I /etc/mc/mc.lib
-+ .IP
-+ Global settings for the Midnight Commander. Settings in this file
-+ affect all users, whether they have ~/.mc/ini or not.
-+diff -urN mc-4.6.0-pre3.orig/doc/mcview.1.in mc-4.6.0-pre3/doc/mcview.1.in
-+--- mc-4.6.0-pre3.orig/doc/mcview.1.in 2003-01-20 15:18:36.000000000 +0100
-++++ mc-4.6.0-pre3/doc/mcview.1.in 2003-01-23 18:58:24.000000000 +0100
-+@@ -65,12 +65,12 @@
-+ .IP
-+ The help file for the program.
-+ .PP
-+-.I @prefix@/share/mc/mc.ini
-++.I /etc/mc/mc.ini
-+ .IP
-+ The default system-wide setup for GNU Midnight Commander, used only if
-+ the user's own ~/.mc/ini file is missing.
-+ .PP
-+-.I @prefix@/share/mc/mc.lib
-++.I /etc/mc/mc.lib
-+ .IP
-+ Global settings for the Midnight Commander. Settings in this file
-+ affect all users, whether they have ~/.mc/ini or not.
---- mc-4.6.1.orig/debian/patches/55_mc-utf8-look-and-feel.patch
-+++ mc-4.6.1/debian/patches/55_mc-utf8-look-and-feel.patch
-@@ -0,0 +1,204 @@
-+--- mc-4.6.1/src/main.c.laf 2005-11-24 16:55:06.000000000 +0100
-++++ mc-4.6.1/src/main.c 2005-11-24 16:56:27.000000000 +0100
-+@@ -274,6 +274,9 @@
-+ /* The user's shell */
-+ const char *shell = NULL;
-+
-++/* Is the LANG UTF-8 ? */
-++gboolean is_utf8 = FALSE;
-++
-+ /* mc_home: The home of MC */
-+ char *mc_home = NULL;
-+
-+@@ -2167,6 +2170,16 @@ main (int argc, char *argv[])
-+ /* if on, it displays the information that files have been moved to ~/.mc */
-+ int show_change_notice = 0;
-+
-++ /* Check whether we have UTF-8 locale */
-++ char *lang = getenv("LANG");
-++ size_t len = 0;
-++
-++ if ( lang )
-++ len = strlen(lang);
-++
-++ if ( len >= 5 && !strcasecmp(&lang[len-5],"UTF-8") )
-++ is_utf8 = TRUE;
-++
-+ /* We had LC_CTYPE before, LC_ALL includs LC_TYPE as well */
-+ setlocale (LC_ALL, "");
-+ bindtextdomain ("mc", LOCALEDIR);
-+--- mc-4.6.1a/src/main.h.laf 2005-11-24 16:55:06.000000000 +0100
-++++ mc-4.6.1a/src/main.h 2005-11-24 16:55:06.000000000 +0100
-+@@ -64,6 +64,7 @@
-+ extern int only_leading_plus_minus;
-+ extern int output_starts_shell;
-+ extern int midnight_shutdown;
-++extern gboolean is_utf8;
-+ extern char cmd_buf [512];
-+ extern const char *shell;
-+
-+--- mc-4.6.1a/src/widget.c.laf 2005-11-24 16:55:06.000000000 +0100
-++++ mc-4.6.1a/src/widget.c 2005-11-24 16:55:06.000000000 +0100
-+@@ -1948,52 +1948,86 @@ input_new (int y, int x, int color, int
-+ return in;
-+ }
-+
-+-\f
-+-/* Listbox widget */
-+-
-+-/* Should draw the scrollbar, but currently draws only
-+- * indications that there is more information
-+- */
-+-static int listbox_cdiff (WLEntry *s, WLEntry *e);
-++/* Vertical scrollbar widget */
-+
-+-static void
-+-listbox_drawscroll (WListbox *l)
-++void
-++vscrollbar (Widget widget, int height, int width, int tpad, int bpad,
-++ int selected, int count, gboolean color)
-+ {
-+ int line;
-+- int i, top;
-+- int max_line = l->height-1;
-+-
-++ int i;
-++
-+ /* Are we at the top? */
-+- widget_move (&l->widget, 0, l->width);
-+- if (l->list == l->top)
-+- one_vline ();
-++ widget_move (&widget, tpad, width);
-++#ifndef UTF8
-++ if (!selected)
-++ one_vline ();
-+ else
-+- addch ('^');
-++ addch ('^');
-++#else
-++ if (color) attrset (MARKED_COLOR);
-++ if (is_utf8)
-++ SLsmg_write_string("▲");
-++ else
-++ addch ('^');
-++ if (color) attrset (NORMAL_COLOR);
-++#endif
-+
-+ /* Are we at the bottom? */
-+- widget_move (&l->widget, max_line, l->width);
-+- top = listbox_cdiff (l->list, l->top);
-+- if ((top + l->height == l->count) || l->height >= l->count)
-+- one_vline ();
-++ widget_move (&widget, height-1-bpad, width);
-++#ifndef UTF8
-++ if (selected == count-1)
-++ one_vline ();
-++ else
-++ addch ('v');
-++#else
-++ if (color) attrset (MARKED_COLOR);
-++ if (is_utf8)
-++ SLsmg_write_string("▼");
-+ else
-+- addch ('v');
-++ addch('v');
-++ if (color) attrset (NORMAL_COLOR);
-++#endif
-+
-+ /* Now draw the nice relative pointer */
-+- if (l->count)
-+- line = 1+ ((l->pos * (l->height-2)) / l->count);
-++ if (count > 1)
-++ line = tpad + 1 + ((selected * (height-3-tpad-bpad)) / (count-1));
-+ else
-+- line = 0;
-+-
-+- for (i = 1; i < max_line; i++){
-+- widget_move (&l->widget, i, l->width);
-+- if (i != line)
-+- one_vline ();
-+- else
-+- addch ('*');
-++ line = 0;
-++
-++ for (i = tpad + 1; i < height-1-bpad; i++){
-++ widget_move (&widget, i, width);
-++ if (i != line)
-++#ifndef UTF8
-++ one_vline ();
-++ else
-++ addch ('*');
-++#else
-++ if (is_utf8)
-++ SLsmg_write_string("▒");
-++ else
-++ one_vline();
-++ else {
-++ if (color) attrset (MARKED_COLOR);
-++ if (is_utf8)
-++ SLsmg_write_string("●");
-++ else
-++ addch('*');
-++ if (color) attrset (NORMAL_COLOR);
-++ }
-++#endif
-+ }
-+ }
-+-
-+-static void
-++
-++\f
-++/* Listbox widget */
-++
-++/* Should draw the scrollbar, but currently draws only
-++ * indications that there is more information
-++ */
-++static int listbox_cdiff (WLEntry *s, WLEntry *e);
-++
-++void
-+ listbox_draw (WListbox *l, int focused)
-+ {
-+ WLEntry *e;
-+@@ -2034,7 +2068,7 @@ listbox_draw (WListbox *l, int focused)
-+ if (!l->scrollbar)
-+ return;
-+ attrset (normalc);
-+- listbox_drawscroll (l);
-++ vscrollbar (l->widget, l->height, l->width, 0, 0, l->pos, l->count, FALSE);
-+ }
-+
-+ /* Returns the number of items between s and e,
-+--- mc-4.6.1a/src/screen.c.laf 2005-11-24 16:55:06.000000000 +0100
-++++ mc-4.6.1a/src/screen.c 2005-11-24 16:55:06.000000000 +0100
-+@@ -888,6 +888,9 @@ show_dir (WPanel *panel)
-+ }
-+ #endif /* HAVE_SLANG */
-+
-++ vscrollbar (panel->widget, panel->widget.lines, panel->widget.cols-1, 2, 2,
-++ panel->selected, panel->count, TRUE);
-++
-+ if (panel->active)
-+ attrset (REVERSE_COLOR);
-+
-+@@ -1504,7 +1507,7 @@ use_display_format (WPanel *panel, const
-+ panel->dirty = 1;
-+
-+ /* Status needn't to be split */
-+- usable_columns = ((panel->widget.cols-2)/((isstatus)
-++ usable_columns = ((panel->widget.cols-3)/((isstatus)
-+ ? 1
-+ : (panel->split+1))) - (!isstatus && panel->split);
-+
-+--- mc-4.6.1a/src/widget.h.laf 2005-11-24 16:55:06.000000000 +0100
-++++ mc-4.6.1a/src/widget.h 2005-11-24 16:55:06.000000000 +0100
-+@@ -170,6 +170,10 @@ void button_set_text (WButton *b, const
-+ /* Listbox manager */
-+ WLEntry *listbox_get_data (WListbox *l, int pos);
-+
-++/* Vertical scrollbar */
-++void vscrollbar (Widget widget, int height, int width, int tpad, int bpad,
-++ int selected, int count, gboolean color);
-++
-+ /* search text int listbox entries */
-+ WLEntry *listbox_search_text (WListbox *l, const char *text);
-+ void listbox_select_entry (WListbox *l, WLEntry *dest);
---- mc-4.6.1.orig/debian/patches/26_vietnamese_po.patch
-+++ mc-4.6.1/debian/patches/26_vietnamese_po.patch
-@@ -0,0 +1,4459 @@
-+--- /dev/null 2005-03-28 19:01:57.000000000 +0200
-++++ po/vi.po 2005-04-03 00:46:14.000000000 +0200
-+@@ -0,0 +1,4456 @@
-++# Vietnamese translation of Midnight Commander
-++# Copyright (C) 1998-2003, 2005 Free Software Foundation, Inc.
-++# First translator(s): Phan Vinh Thinh <teppi@vnlinux.org>, 2005.
-++#
-++#
-++msgid ""
-++msgstr ""
-++"Project-Id-Version: mc 4.6.1\n"
-++"Report-Msgid-Bugs-To: \n"
-++"POT-Creation-Date: 2003-12-24 12:16-0500\n"
-++"PO-Revision-Date: 2005-03-29 01:20+0300\n"
-++"Last-Translator: Phan Vinh Thinh <teppi@vnlinux.org>\n"
-++"Language-Team: Vietnamese <gnomevi-list@lists.sourceforge.net>\n"
-++"MIME-Version: 1.0\n"
-++"Content-Type: text/plain; charset=UTF-8\n"
-++"Content-Transfer-Encoding: 8bit\n"
-++"X-Generator: KBabel 1.9.1\n"
-++
-++#: edit/edit.c:146 edit/edit.c:277 edit/edit.c:285 edit/edit.c:333
-++#: edit/edit.c:348 edit/edit.c:359 edit/edit.c:375 edit/edit.c:2665
-++#: edit/editcmd.c:282 edit/editcmd.c:290 edit/editcmd.c:1719 src/wtools.c:120
-++#: src/wtools.c:275
-++msgid "Error"
-++msgstr "Lỗi"
-++
-++#: edit/edit.c:149 edit/edit.c:336
-++msgid " Cannot open file for reading: "
-++msgstr " Không thể mở tập tin để đọc: "
-++
-++#: edit/edit.c:279
-++msgid " Error reading from pipe: "
-++msgstr " Lỗi đọc từ đường ống (pipe): "
-++
-++#: edit/edit.c:288
-++msgid " Cannot open pipe for reading: "
-++msgstr " Không thể mở đường ống để đọc: "
-++
-++#: edit/edit.c:351
-++msgid " Cannot get size/permissions info for file: "
-++msgstr " Không lấy được thông tin kích thước/quyền hạn của tập tin: "
-++
-++#: edit/edit.c:360
-++msgid " Not an ordinary file: "
-++msgstr " Tập tin không thông thường: "
-++
-++#: edit/edit.c:376
-++msgid " File is too large: "
-++msgstr " Tập tin quá lớn: "
-++
-++#: edit/edit.c:2665
-++msgid "Macro recursion is too deep"
-++msgstr "Đệ qui của macro quá sâu"
-++
-++#: edit/edit.h:262
-++msgid "&Dismiss"
-++msgstr "Đó&ng"
-++
-++#: edit/edit.h:264 edit/editcmd.c:382 edit/editcmd.c:1228 edit/editcmd.c:1310
-++#: edit/editcmd.c:2569 edit/editmenu.c:37 edit/editoptions.c:71
-++#: src/boxes.c:139 src/boxes.c:276 src/boxes.c:372 src/boxes.c:464
-++#: src/boxes.c:590 src/boxes.c:713 src/boxes.c:835 src/boxes.c:945
-++#: src/boxes.c:1013 src/filegui.c:763 src/find.c:184 src/layout.c:348
-++#: src/option.c:113 src/subshell.c:323 src/view.c:2107 src/wtools.c:441
-++msgid "&OK"
-++msgstr "Đồng ý &="
-++
-++#: edit/editcmd.c:45 edit/editcmd.c:46
-++msgid " Enter file name: "
-++msgstr " Hãy nhập tên tập tin: "
-++
-++#: edit/editcmd.c:283
-++msgid " Error writing to pipe: "
-++msgstr " Lỗi ghi vào đường ống: "
-++
-++#: edit/editcmd.c:293
-++msgid " Cannot open pipe for writing: "
-++msgstr " Không thể mở đường ống để ghi: "
-++
-++#: edit/editcmd.c:375
-++msgid "Quick save "
-++msgstr "&Lưu nhanh"
-++
-++#: edit/editcmd.c:376
-++msgid "Safe save "
-++msgstr "Lưu &an toàn"
-++
-++#: edit/editcmd.c:377
-++msgid "Do backups -->"
-++msgstr "&Sao lưu -->"
-++
-++#: edit/editcmd.c:380 edit/editcmd.c:1169 edit/editcmd.c:1226
-++#: edit/editcmd.c:1308 edit/editcmd.c:2567 edit/editoptions.c:68
-++#: src/achown.c:68 src/boxes.c:140 src/boxes.c:277 src/boxes.c:370
-++#: src/boxes.c:462 src/boxes.c:588 src/boxes.c:711 src/boxes.c:833
-++#: src/boxes.c:1013 src/chmod.c:96 src/chown.c:72 src/cmd.c:856
-++#: src/filegui.c:745 src/find.c:184 src/hotlist.c:121 src/hotlist.c:523
-++#: src/hotlist.c:830 src/hotlist.c:926 src/layout.c:349 src/learn.c:58
-++#: src/option.c:114 src/panelize.c:66 src/view.c:441 src/view.c:2104
-++#: src/wtools.c:46 src/wtools.c:439
-++msgid "&Cancel"
-++msgstr "Đóng hộp thoại &-"
-++
-++#: edit/editcmd.c:386
-++msgid "Extension:"
-++msgstr "&Mở rộng:"
-++
-++#: edit/editcmd.c:392
-++msgid " Edit Save Mode "
-++msgstr " Chế độ ghi nhớ "
-++
-++#: edit/editcmd.c:465 edit/editcmd.c:524
-++msgid " Save As "
-++msgstr " Ghi như "
-++
-++#: edit/editcmd.c:482 edit/editcmd.c:804 edit/editcmd.c:841
-++#: edit/editcmd.c:1000 edit/editcmd.c:1113 src/file.c:599 src/help.c:318
-++#: src/main.c:424 src/screen.c:1415 src/selcodepage.c:105 src/subshell.c:319
-++#: src/subshell.c:653 src/utilunix.c:401 src/utilunix.c:405 src/utilunix.c:427
-++#: vfs/mcfs.c:138
-++msgid "Warning"
-++msgstr "Cảnh báo"
-++
-++#: edit/editcmd.c:483
-++msgid " A file already exists with this name. "
-++msgstr " Tập tin có tên như vậy đã tồn tại. "
-++
-++#: edit/editcmd.c:484
-++msgid "Overwrite"
-++msgstr "Ghi chèn"
-++
-++#: edit/editcmd.c:484 edit/editcmd.c:569 edit/editcmd.c:768 edit/editcmd.c:804
-++#: edit/editcmd.c:844 edit/editcmd.c:1003 edit/editcmd.c:1116
-++msgid "Cancel"
-++msgstr "Hủy bỏ"
-++
-++#: edit/editcmd.c:526 edit/editcmd.c:2293 src/view.c:440
-++msgid " Cannot save file. "
-++msgstr " Không thể ghi nhớ tập tin. "
-++
-++#: edit/editcmd.c:626 edit/editcmd.c:634 edit/editcmd.c:659 edit/editcmd.c:706
-++msgid " Delete macro "
-++msgstr " Xóa macro "
-++
-++#: edit/editcmd.c:628
-++msgid " Cannot open temp file "
-++msgstr " Không thể mở tập tin tạm thời "
-++
-++#: edit/editcmd.c:636 edit/editcmd.c:697 edit/editcmd.c:754
-++msgid " Cannot open macro file "
-++msgstr " Không thể mở tập tin chứa các macro "
-++
-++#: edit/editcmd.c:660
-++msgid " Cannot overwrite macro file "
-++msgstr " Không thể ghi chèn lên tập tin chứa các macro "
-++
-++#: edit/editcmd.c:676 edit/editcmd.c:697
-++msgid " Save macro "
-++msgstr " Ghi nhớ macro "
-++
-++#: edit/editcmd.c:678
-++msgid " Press the macro's new hotkey: "
-++msgstr " Hãy nhấn phím tắt mới của macro: "
-++
-++#: edit/editcmd.c:707 edit/editkeys.c:195 edit/editkeys.c:225
-++msgid " Press macro hotkey: "
-++msgstr " Hãy nhấn phím tắt của macro: "
-++
-++#: edit/editcmd.c:753
-++msgid " Load macro "
-++msgstr " Nạp macro "
-++
-++#: edit/editcmd.c:766
-++msgid " Confirm save file? : "
-++msgstr " Phê chuẩn việc ghi nhớ tập tin?: "
-++
-++#: edit/editcmd.c:768 src/view.c:439
-++msgid " Save file "
-++msgstr " Ghi nhớ tập tin "
-++
-++#: edit/editcmd.c:768 edit/editwidget.c:288 src/view.c:2220
-++msgid "Save"
-++msgstr "Ghinhớ"
-++
-++#: edit/editcmd.c:804 edit/editcmd.c:842
-++msgid ""
-++" Current text was modified without a file save. \n"
-++" Continue discards these changes. "
-++msgstr ""
-++" Văn bản hiện thời đã thay đổi và chưa được ghi nhớ. \n"
-++" Tiếp tục thao tác sẽ làm mất những thay đổi này. "
-++
-++#: edit/editcmd.c:804 edit/editcmd.c:843 edit/editcmd.c:1003
-++#: edit/editcmd.c:1116
-++msgid "Continue"
-++msgstr "Tiếp tục"
-++
-++#: edit/editcmd.c:850
-++msgid " Load "
-++msgstr " Nạp "
-++
-++#: edit/editcmd.c:1002 edit/editcmd.c:1115
-++msgid " Block is large, you may not be able to undo this action. "
-++msgstr " Khối quá lớn, có thể bạn sẽ không hủy bỏ được bước này. "
-++
-++#: edit/editcmd.c:1171
-++msgid "O&ne"
-++msgstr "&Một"
-++
-++#: edit/editcmd.c:1173 src/file.c:2210 src/filegui.c:521
-++msgid "A&ll"
-++msgstr "&Tất cả"
-++
-++#: edit/editcmd.c:1175 src/file.c:2147 src/filegui.c:210
-++msgid "&Skip"
-++msgstr "&Bỏ qua"
-++
-++#: edit/editcmd.c:1177
-++msgid "&Replace"
-++msgstr "&Thay thế"
-++
-++#: edit/editcmd.c:1184 edit/editcmd.c:1191
-++msgid " Replace with: "
-++msgstr " Thay thế bằng: "
-++
-++#: edit/editcmd.c:1196
-++msgid " Confirm replace "
-++msgstr " Phê chuẩn thay thế "
-++
-++#: edit/editcmd.c:1230 edit/editcmd.c:1312
-++msgid "scanf &Expression"
-++msgstr "biểu thức &Scanf"
-++
-++#: edit/editcmd.c:1232
-++msgid "replace &All"
-++msgstr "&Thay thế tất cả"
-++
-++#: edit/editcmd.c:1234
-++msgid "pr&Ompt on replace"
-++msgstr "&Hỏi trước khi thay"
-++
-++#: edit/editcmd.c:1236 edit/editcmd.c:1314 src/view.c:2110
-++msgid "&Backwards"
-++msgstr "&Tìm ngược lại"
-++
-++#: edit/editcmd.c:1238 edit/editcmd.c:1316
-++msgid "&Regular expression"
-++msgstr "&Biểu thức chính quy"
-++
-++#: edit/editcmd.c:1240 edit/editcmd.c:1318
-++msgid "&Whole words only"
-++msgstr "&Chỉ những từ đầy đủ"
-++
-++#: edit/editcmd.c:1242 edit/editcmd.c:1320 src/find.c:176
-++msgid "case &Sensitive"
-++msgstr "có tính &Kiểu chữ"
-++
-++#: edit/editcmd.c:1246
-++msgid " Enter replacement argument order eg. 3,2,1,4 "
-++msgstr " Hãy nhập thứ tự của tham số thay thế, ví dụ 3,2,1,4 "
-++
-++#: edit/editcmd.c:1250
-++msgid " Enter replacement string:"
-++msgstr " Nhập chuỗi thay thế:"
-++
-++#: edit/editcmd.c:1254 edit/editcmd.c:1324 src/view.c:2115
-++msgid " Enter search string:"
-++msgstr " Nhập chuỗi tìm kiếm:"
-++
-++#: edit/editcmd.c:1273 edit/editcmd.c:1925 edit/editcmd.c:1949
-++msgid " Replace "
-++msgstr " Thay thế "
-++
-++#: edit/editcmd.c:1338 edit/editcmd.c:2036 edit/editcmd.c:2038
-++#: edit/editcmd.c:2066 edit/editwidget.c:293 src/view.c:1594 src/view.c:1673
-++#: src/view.c:1826 src/view.c:1838 src/view.c:2060 src/view.c:2113
-++#: src/view.c:2120 src/view.c:2236
-++msgid "Search"
-++msgstr "Tìm"
-++
-++#: edit/editcmd.c:1719
-++msgid " Invalid regular expression, or scanf expression with to many conversions "
-++msgstr " Biểu thức chính quy không đúng, hoặc biểu thức scanf có quá nhiều biến đổi "
-++
-++#: edit/editcmd.c:1927
-++msgid " Error in replacement format string. "
-++msgstr " Lỗi trong định dạng chuỗi thay thế. "
-++
-++#: edit/editcmd.c:1957
-++#, c-format
-++msgid " %ld replacements made. "
-++msgstr " %ld thay thế được thực hiện. "
-++
-++#: edit/editcmd.c:1960 edit/editcmd.c:2038 edit/editcmd.c:2066 src/view.c:1673
-++#: src/view.c:1838
-++msgid " Search string not found "
-++msgstr " Không tìm thấy chuỗi tìm kiếm "
-++
-++#: edit/editcmd.c:2036
-++#, c-format
-++msgid " %d finds made, %d bookmarks added "
-++msgstr " tìm thấy %d , thêm %d thẻ đánh dấu (bookmark) "
-++
-++#: edit/editcmd.c:2088 edit/editwidget.c:296 src/help.c:826 src/main.c:1208
-++#: src/view.c:456 src/view.c:2215 src/view.c:2246
-++msgid "Quit"
-++msgstr "Thoát"
-++
-++#: edit/editcmd.c:2088 src/view.c:457
-++msgid " File was modified, Save with exit? "
-++msgstr "Tập tin đã thay đổi, ghi nhớ khi thoát? "
-++
-++#: edit/editcmd.c:2089 src/view.c:458
-++msgid "Cancel quit"
-++msgstr "Không thoát"
-++
-++#: edit/editcmd.c:2089 src/cmd.c:195 src/file.c:1837 src/file.c:2209
-++#: src/filegui.c:526 src/hotlist.c:1049 src/main.c:471 src/screen.c:1952
-++#: src/subshell.c:654 src/tree.c:708 src/view.c:458 vfs/mcfs.c:143
-++msgid "&Yes"
-++msgstr "&Có"
-++
-++#: edit/editcmd.c:2089 src/cmd.c:195 src/file.c:1837 src/file.c:2209
-++#: src/filegui.c:525 src/hotlist.c:1049 src/main.c:471 src/screen.c:1953
-++#: src/subshell.c:654 src/tree.c:708 src/view.c:458 vfs/mcfs.c:143
-++msgid "&No"
-++msgstr "&Không"
-++
-++#: edit/editcmd.c:2202
-++msgid " Copy to clipboard "
-++msgstr "Sao chép vào bộ đệm "
-++
-++#: edit/editcmd.c:2202 edit/editcmd.c:2215
-++msgid " Unable to save to file. "
-++msgstr "Không ghi nhớ được tập tin. "
-++
-++#: edit/editcmd.c:2215
-++msgid " Cut to clipboard "
-++msgstr "Cắt vào bộ đệm "
-++
-++#: edit/editcmd.c:2243 src/view.c:2005
-++msgid " Goto line "
-++msgstr "Chuyển tới dòng "
-++
-++#: edit/editcmd.c:2243
-++msgid " Enter line: "
-++msgstr "Hãy nhập số thứ tự dòng: "
-++
-++#: edit/editcmd.c:2278 edit/editcmd.c:2291
-++msgid " Save Block "
-++msgstr "Ghi nhớ khối "
-++
-++#: edit/editcmd.c:2307 edit/editcmd.c:2320
-++msgid " Insert File "
-++msgstr "Chèn tập tin "
-++
-++#: edit/editcmd.c:2322
-++msgid " Cannot insert file. "
-++msgstr "Không chèn được tập tin. "
-++
-++#: edit/editcmd.c:2339
-++msgid " Sort block "
-++msgstr "Sắp xếp khối "
-++
-++#: edit/editcmd.c:2339 edit/editcmd.c:2465
-++msgid " You must first highlight a block of text. "
-++msgstr "Đầu tiên bạn phải chọn một khối văn bản. "
-++
-++#: edit/editcmd.c:2346
-++msgid " Run Sort "
-++msgstr "Thực hiện sắp xếp "
-++
-++#: edit/editcmd.c:2347
-++msgid " Enter sort options (see manpage) separated by whitespace: "
-++msgstr "Nhập tùy chọn sắp xếp (xem trang man), phân cách nhau bởi khoảng trắng: "
-++
-++#: edit/editcmd.c:2358 edit/editcmd.c:2363
-++msgid " Sort "
-++msgstr "Sắp xếp "
-++
-++#: edit/editcmd.c:2359
-++msgid " Cannot execute sort command "
-++msgstr "Không thể thực hiện câu lệnh sort "
-++
-++#: edit/editcmd.c:2364
-++msgid " Sort returned non-zero: "
-++msgstr "Sắp xếp trả lại giá trị khác không: "
-++
-++#: edit/editcmd.c:2388
-++msgid "Paste output of external command"
-++msgstr "Dán kết quả của lệnh ngoại trú"
-++
-++#: edit/editcmd.c:2389
-++msgid "Enter shell command(s):"
-++msgstr "Nhập (các) câu lệnh shell:"
-++
-++#: edit/editcmd.c:2398
-++msgid "External command"
-++msgstr "Lệnh ngoại trú"
-++
-++#: edit/editcmd.c:2399
-++msgid "Cannot execute command"
-++msgstr "Không thực hiện được câu lệnh"
-++
-++#: edit/editcmd.c:2433
-++msgid "Error creating script:"
-++msgstr "Lỗi tạo script:"
-++
-++#: edit/editcmd.c:2441
-++msgid "Error reading script:"
-++msgstr "Lỗi đọc script:"
-++
-++#: edit/editcmd.c:2450
-++msgid "Error closing script:"
-++msgstr "Lỗi đóng script:"
-++
-++#: edit/editcmd.c:2456
-++msgid "Script created:"
-++msgstr "Đã tạo script:"
-++
-++#: edit/editcmd.c:2463
-++msgid "Process block"
-++msgstr "Xử lý khối"
-++
-++#: edit/editcmd.c:2562
-++msgid " Mail "
-++msgstr " Thư "
-++
-++#: edit/editcmd.c:2573
-++msgid " Copies to"
-++msgstr " Sao chép tới"
-++
-++#: edit/editcmd.c:2577
-++msgid " Subject"
-++msgstr " Tên thư"
-++
-++#: edit/editcmd.c:2581
-++msgid " To"
-++msgstr " Người nhận"
-++
-++#: edit/editcmd.c:2583
-++msgid " mail -s <subject> -c <cc> <to>"
-++msgstr " mail -s <Tên thư> -c <cc> <Người nhận>"
-++
-++#: edit/editkeys.c:180
-++msgid " Emacs key: "
-++msgstr "Phím Emacs: "
-++
-++#: edit/editkeys.c:194 edit/editkeys.c:225
-++msgid " Execute Macro "
-++msgstr "Thực hiện Macro "
-++
-++#: edit/editkeys.c:217
-++msgid " Insert Literal "
-++msgstr " Chèn văn bản thuần túy "
-++
-++#: edit/editkeys.c:218
-++msgid " Press any key: "
-++msgstr " Nhấn phím bất kỳ: "
-++
-++#: edit/editlock.c:148
-++#, c-format
-++msgid ""
-++"File \"%s\" is already being edited\n"
-++"User: %s\n"
-++"Process ID: %d"
-++msgstr ""
-++"Tập tin \"%s\" đang được soạn thảo\n"
-++"Ngưòi dùng: %s\n"
-++"ID tiến trình: %d"
-++
-++#: edit/editlock.c:153
-++msgid "File locked"
-++msgstr "Tập tin bị khóa"
-++
-++#: edit/editlock.c:153
-++msgid "&Grab lock"
-++msgstr "&Chiếm đoạt khóa"
-++
-++#: edit/editlock.c:154
-++msgid "&Ignore lock"
-++msgstr "&Lời đi khóa"
-++
-++#: edit/editmenu.c:55
-++msgid " About "
-++msgstr " Về chương trình "
-++
-++#: edit/editmenu.c:56
-++msgid ""
-++"\n"
-++" Cooledit v3.11.5\n"
-++"\n"
-++" Copyright (C) 1996 the Free Software Foundation\n"
-++"\n"
-++" A user friendly text editor written\n"
-++" for the Midnight Commander.\n"
-++msgstr ""
-++"\n"
-++" Cooledit v3.11.5\n"
-++"\n"
-++" Copyright (C) 1996 the Free Software Foundation\n"
-++"\n"
-++" Trình soạn thảo với giao diện người dùng thân thiện.\n"
-++" Được viết cho Midnight Commander.\n"
-++
-++#: edit/editmenu.c:283 edit/editmenu.c:301
-++msgid "&Open file..."
-++msgstr "&Mở tập tin..."
-++
-++#: edit/editmenu.c:284
-++msgid "&New C-n"
-++msgstr "&Tập tin mới C-n"
-++
-++#: edit/editmenu.c:286 edit/editmenu.c:304
-++msgid "&Save F2"
-++msgstr "&Ghi nhớ F2"
-++
-++#: edit/editmenu.c:287 edit/editmenu.c:305
-++msgid "Save &as... F12"
-++msgstr "Ghi &như... F12"
-++
-++#: edit/editmenu.c:289 edit/editmenu.c:307
-++msgid "&Insert file... F15"
-++msgstr "&Chèn tập tin... F15"
-++
-++#: edit/editmenu.c:290
-++msgid "Copy to &file... C-f"
-++msgstr "Ché&p vào tập tin... C-f"
-++
-++#: edit/editmenu.c:292 edit/editmenu.c:310
-++msgid "&User menu... F11"
-++msgstr "Trình đơn người &dùng... F11"
-++
-++#: edit/editmenu.c:294 edit/editmenu.c:312
-++msgid "A&bout... "
-++msgstr "&Về chương trình... "
-++
-++#: edit/editmenu.c:296 edit/editmenu.c:314
-++msgid "&Quit F10"
-++msgstr "T&hoát F10"
-++
-++#: edit/editmenu.c:302
-++msgid "&New C-x k"
-++msgstr "&Tập tin mới C-x k"
-++
-++#: edit/editmenu.c:308
-++msgid "Copy to &file... "
-++msgstr "S&ao chép vào tập tin... "
-++
-++#: edit/editmenu.c:319
-++msgid "&Toggle Mark F3"
-++msgstr "&Bật/tắt bôi đen F3"
-++
-++#: edit/editmenu.c:320
-++msgid "&Mark Columns S-F3"
-++msgstr "Bôi đen &cột S-F3"
-++
-++#: edit/editmenu.c:322
-++msgid "Toggle &ins/overw Ins"
-++msgstr "Chế độ chèn/&thay thế Ins"
-++
-++#: edit/editmenu.c:324
-++msgid "&Copy F5"
-++msgstr "&Sao chép F5"
-++
-++#: edit/editmenu.c:325
-++msgid "&Move F6"
-++msgstr "&Di chuyển F6"
-++
-++#: edit/editmenu.c:326
-++msgid "&Delete F8"
-++msgstr "&Xóa F8"
-++
-++#: edit/editmenu.c:328
-++msgid "&Undo C-u"
-++msgstr "&Hủy bước C-u"
-++
-++#: edit/editmenu.c:330
-++msgid "&Beginning C-PgUp"
-++msgstr "Đầ&u tập tin C-PgUp"
-++
-++#: edit/editmenu.c:331
-++msgid "&End C-PgDn"
-++msgstr "Cuố&i tập tin C-PgDn"
-++
-++#: edit/editmenu.c:338
-++msgid "&Search... F7"
-++msgstr "Tìm &kiếm... F7"
-++
-++#: edit/editmenu.c:339
-++msgid "Search &again F17"
-++msgstr "&Tìm kiếm lại lần nữa F17"
-++
-++#: edit/editmenu.c:340
-++msgid "&Replace... F4"
-++msgstr "Th&ay thế... F4"
-++
-++#: edit/editmenu.c:347 edit/editmenu.c:371
-++msgid "&Go to line... M-l"
-++msgstr "&Chuyển tới dòng... M-l"
-++
-++#: edit/editmenu.c:348 edit/editmenu.c:372
-++msgid "Go to matching &bracket M-b"
-++msgstr "Chuyển &tới dấu ngoặc tạo cặp M-b"
-++
-++#: edit/editmenu.c:350 edit/editmenu.c:374
-++msgid "Insert &literal... C-q"
-++msgstr "Chèn &văn bản thuần túy... C-q"
-++
-++#: edit/editmenu.c:352 edit/editmenu.c:376
-++msgid "&Refresh screen C-l"
-++msgstr "&Làm mới màn hình C-l"
-++
-++#: edit/editmenu.c:354 edit/editmenu.c:378
-++msgid "&Start record macro C-r"
-++msgstr "&Bắt đầu ghi macro C-r"
-++
-++#: edit/editmenu.c:355 edit/editmenu.c:379
-++msgid "&Finish record macro... C-r"
-++msgstr "&Kết thúc ghi macro... C-r"
-++
-++#: edit/editmenu.c:356
-++msgid "&Execute macro... C-a, KEY"
-++msgstr "Chạy ¯o... C-a, KEY"
-++
-++#: edit/editmenu.c:357 edit/editmenu.c:381
-++msgid "Delete macr&o... "
-++msgstr "&Xóa macro... "
-++
-++#: edit/editmenu.c:359 edit/editmenu.c:383
-++msgid "Insert &date/time "
-++msgstr "Chèn &ngày/giờ "
-++
-++#: edit/editmenu.c:361 edit/editmenu.c:385
-++msgid "Format p&aragraph M-p"
-++msgstr "Định &dạng đoạn văn M-p"
-++
-++#: edit/editmenu.c:362
-++msgid "'ispell' s&pell check C-p"
-++msgstr "Kiểm tra chính tả '&ispell' C-p"
-++
-++#: edit/editmenu.c:363 edit/editmenu.c:387
-++msgid "Sor&t... M-t"
-++msgstr "&Sắp xếp... M-t"
-++
-++#: edit/editmenu.c:364 edit/editmenu.c:388
-++msgid "Paste o&utput of... M-u"
-++msgstr "Dán &kết quả của lệnh... M-u"
-++
-++#: edit/editmenu.c:365 edit/editmenu.c:389
-++msgid "E&xternal Formatter F19"
-++msgstr "T&rình định dạng ngoài F19"
-++
-++#: edit/editmenu.c:366 edit/editmenu.c:390
-++msgid "&Mail... "
-++msgstr "T&hư điện tử... "
-++
-++#: edit/editmenu.c:380
-++msgid "&Execute macro... C-x e, KEY"
-++msgstr "Thực hiện ¯o... C-x e, KEY"
-++
-++#: edit/editmenu.c:386
-++msgid "'ispell' s&pell check M-$"
-++msgstr "Kiểm tra chính tả '&ispell' M-$"
-++
-++#: edit/editmenu.c:395
-++msgid "&General... "
-++msgstr "Ch&ung... "
-++
-++#: edit/editmenu.c:396
-++msgid "&Save mode..."
-++msgstr "&Chế độ ghi nhớ..."
-++
-++#: edit/editmenu.c:397 src/main.c:909
-++msgid "learn &Keys..."
-++msgstr "&Tạo phím tắt... "
-++
-++#: edit/editmenu.c:408 edit/editmenu.c:422 src/chmod.c:146 src/chown.c:119
-++msgid " File "
-++msgstr " Tập tin "
-++
-++#: edit/editmenu.c:410 edit/editmenu.c:424
-++msgid " Edit "
-++msgstr " Soạn thảo "
-++
-++#: edit/editmenu.c:412 edit/editmenu.c:426
-++msgid " Sear/Repl "
-++msgstr " Tìm kiếm/Thay thế "
-++
-++#: edit/editmenu.c:414 edit/editmenu.c:428
-++msgid " Command "
-++msgstr " Câu lệnh "
-++
-++#: edit/editmenu.c:416 edit/editmenu.c:430
-++msgid " Options "
-++msgstr " Tùy chọn "
-++
-++#: edit/editoptions.c:36
-++msgid "Intuitive"
-++msgstr "T&rực giác"
-++
-++#: edit/editoptions.c:36
-++msgid "Emacs"
-++msgstr "&Emacs"
-++
-++#: edit/editoptions.c:39
-++msgid "None"
-++msgstr "&Không"
-++
-++#: edit/editoptions.c:39
-++msgid "Dynamic paragraphing"
-++msgstr "Định &dạng đoạn văn động"
-++
-++#: edit/editoptions.c:39
-++msgid "Type writer wrap"
-++msgstr "Tự độ&ng chuyển dòng"
-++
-++#: edit/editoptions.c:75
-++msgid "Word wrap line length: "
-++msgstr "Vị trí chuyển dòng: "
-++
-++#: edit/editoptions.c:81
-++msgid "Tab spacing: "
-++msgstr "Độ rộng tab: "
-++
-++#: edit/editoptions.c:88
-++msgid "Synta&x highlighting"
-++msgstr "&Chiếu sáng cú pháp"
-++
-++#: edit/editoptions.c:91
-++msgid "Save file &position"
-++msgstr "&Ghi nhớ vị trí trong tập tin"
-++
-++#: edit/editoptions.c:94
-++msgid "Confir&m before saving"
-++msgstr "&Hỏi lại trước khi ghi nhớ"
-++
-++#: edit/editoptions.c:97
-++msgid "Fill tabs with &spaces"
-++msgstr "&Làm đầy tab bằng khoảng trắng"
-++
-++#: edit/editoptions.c:100
-++msgid "&Return does autoindent"
-++msgstr "&Enter tự động thụt dòng"
-++
-++#: edit/editoptions.c:103
-++msgid "&Backspace through tabs"
-++msgstr "&Backpace xóa hết tab"
-++
-++#: edit/editoptions.c:106
-++msgid "&Fake half tabs"
-++msgstr "&Tạo một nửa tab"
-++
-++#: edit/editoptions.c:112
-++msgid "Wrap mode"
-++msgstr "Chế độ chuyển dòng"
-++
-++#: edit/editoptions.c:119
-++msgid "Key emulation"
-++msgstr "Giả tạo phím"
-++
-++#: edit/editoptions.c:124
-++msgid " Editor options "
-++msgstr " Cấu hình trình soạn thảo "
-++
-++#: edit/editwidget.c:287 src/help.c:793 src/help.c:814 src/main.c:1205
-++#: src/screen.c:2184 src/tree.c:970 src/view.c:2213
-++msgid "Help"
-++msgstr "Giúpđỡ"
-++
-++#: edit/editwidget.c:289
-++msgid "Mark"
-++msgstr "Bôiđen"
-++
-++#: edit/editwidget.c:290
-++msgid "Replac"
-++msgstr "Thayth"
-++
-++#: edit/editwidget.c:291 src/file.c:803 src/screen.c:2188 src/tree.c:975
-++msgid "Copy"
-++msgstr "Cópi "
-++
-++#: edit/editwidget.c:292
-++msgid "Move"
-++msgstr "Chuyển"
-++
-++#: edit/editwidget.c:294 src/screen.c:2191
-++msgid "Delete"
-++msgstr "Xóa "
-++
-++#: edit/editwidget.c:295 src/main.c:1207
-++msgid "PullDn"
-++msgstr "GọiTĐ "
-++
-++#: edit/syntax.c:1100 edit/syntax.c:1107
-++msgid " Load syntax file "
-++msgstr " Nạp tập tin cú pháp "
-++
-++#: edit/syntax.c:1101 src/help.c:764 src/user.c:711
-++#, c-format
-++msgid ""
-++" Cannot open file %s \n"
-++" %s "
-++msgstr ""
-++" Không mở được tập tin %s \n"
-++" %s "
-++
-++#: edit/syntax.c:1108
-++#, c-format
-++msgid " Error in file %s on line %d "
-++msgstr " Lỗi trong tập tin %s trên dòng %d "
-++
-++#: src/achown.c:69 src/chmod.c:97 src/chown.c:73
-++msgid "&Set"
-++msgstr "Đồ&ng ý"
-++
-++#: src/achown.c:70
-++msgid "S&kip"
-++msgstr "&Bỏ qua"
-++
-++#: src/achown.c:71 src/chmod.c:101 src/chown.c:76
-++msgid "Set &all"
-++msgstr "Đặt &tất cả"
-++
-++#: src/achown.c:250 src/achown.c:338 src/achown.c:345
-++msgid "owner"
-++msgstr "sở hữu"
-++
-++#: src/achown.c:250 src/achown.c:340 src/achown.c:347
-++msgid "group"
-++msgstr "nhóm"
-++
-++#: src/achown.c:342
-++msgid "other"
-++msgstr "khác"
-++
-++#: src/achown.c:350
-++msgid "On"
-++msgstr "Trên"
-++
-++#: src/achown.c:352
-++msgid "Flag"
-++msgstr "Cờ"
-++
-++#: src/achown.c:354
-++msgid "Mode"
-++msgstr "Chếđộ"
-++
-++#: src/achown.c:358
-++#, c-format
-++msgid "%6d of %d"
-++msgstr "%6d của %d"
-++
-++#: src/achown.c:549
-++msgid " Chown advanced command "
-++msgstr " Câu lệnh chown mở rộng"
-++
-++#: src/achown.c:607 src/achown.c:623 src/achown.c:669 src/chmod.c:241
-++#: src/chmod.c:311
-++#, c-format
-++msgid ""
-++" Cannot chmod \"%s\" \n"
-++" %s "
-++msgstr ""
-++" Không chmod được \"%s\" \n"
-++" %s "
-++
-++#: src/achown.c:612 src/achown.c:627 src/achown.c:673 src/chown.c:214
-++#: src/chown.c:322
-++#, c-format
-++msgid ""
-++" Cannot chown \"%s\" \n"
-++" %s "
-++msgstr ""
-++" Không thay thế được chủ sở hữu \"%s\" \n"
-++" %s "
-++
-++#: src/background.c:205 src/file.c:2145
-++msgid " Background process error "
-++msgstr " Lỗi của tiến trình nền sau "
-++
-++#: src/background.c:211
-++msgid " Unknown error in child "
-++msgstr " Lỗi không rõ trong tiến trình con "
-++
-++#: src/background.c:219
-++msgid " Child died unexpectedly "
-++msgstr " Tiến trình con bất đắc kỳ tử "
-++
-++#: src/background.c:226
-++msgid " Background protocol error "
-++msgstr " Lỗi giao thức nền sau "
-++
-++#: src/background.c:227
-++msgid ""
-++" Background process sent us a request for more arguments \n"
-++" than we can handle. \n"
-++msgstr ""
-++" Tiến trình nền sau yêu cầu nhiều tham số hơn, \n"
-++" số chúng ta có thể điều khiển. \n"
-++
-++#: src/boxes.c:75
-++msgid "&Full file list"
-++msgstr "&Danh sách đầy đủ"
-++
-++#: src/boxes.c:76
-++msgid "&Brief file list"
-++msgstr "&Thu gọn"
-++
-++#: src/boxes.c:77
-++msgid "&Long file list"
-++msgstr "&Mở rộng"
-++
-++#: src/boxes.c:78
-++msgid "&User defined:"
-++msgstr "&Người dùng tự xác định:"
-++
-++#: src/boxes.c:136
-++msgid "Listing mode"
-++msgstr "Dạng danh sách"
-++
-++#: src/boxes.c:138
-++msgid "user &Mini status"
-++msgstr "t&Rạng thái mini"
-++
-++#: src/boxes.c:278
-++msgid "&Reverse"
-++msgstr "&Ngược lại"
-++
-++#: src/boxes.c:279
-++msgid "case sensi&tive"
-++msgstr "tính đến kiể&U chữ"
-++
-++#: src/boxes.c:280
-++msgid "Sort order"
-++msgstr "Thứ tự sắp xếp"
-++
-++#: src/boxes.c:375
-++msgid " confirm &Exit "
-++msgstr " trước khi th&Oát "
-++
-++#: src/boxes.c:377
-++msgid " confirm e&Xecute "
-++msgstr " trước &Khi thực hiện "
-++
-++#: src/boxes.c:379
-++msgid " confirm o&Verwrite "
-++msgstr " &Trước khi ghi chèn "
-++
-++#: src/boxes.c:381
-++msgid " confirm &Delete "
-++msgstr " hỏi lại trước khi &Xóa "
-++
-++#: src/boxes.c:387 src/cmd.c:194
-++msgid " Confirmation "
-++msgstr " Hỏi xác nhận "
-++
-++#: src/boxes.c:459
-++msgid "Full 8 bits output"
-++msgstr "Đầu ra 8 bit đầy đủ"
-++
-++#: src/boxes.c:459
-++msgid "ISO 8859-1"
-++msgstr "ISO.8859-1"
-++
-++#: src/boxes.c:459
-++msgid "7 bits"
-++msgstr "7 bit"
-++
-++#: src/boxes.c:466 src/boxes.c:594
-++msgid "F&ull 8 bits input"
-++msgstr "Đầ&u vào 8 bit đầy đủ"
-++
-++#: src/boxes.c:474 src/boxes.c:575
-++msgid " Display bits "
-++msgstr " Ký tự hiển thị "
-++
-++#: src/boxes.c:556 src/boxes.c:581 src/selcodepage.c:70
-++msgid "Other 8 bit"
-++msgstr "8 bit khác"
-++
-++#: src/boxes.c:578
-++msgid "Input / display codepage:"
-++msgstr "Bảng mã đầu vào / hiển thị:"
-++
-++#: src/boxes.c:597
-++msgid "&Select"
-++msgstr "&Lựa chọn"
-++
-++#: src/boxes.c:716
-++msgid "Use &passive mode"
-++msgstr "Sử &dụng chế độ thụ động"
-++
-++#: src/boxes.c:718
-++msgid "&Use ~/.netrc"
-++msgstr "&Sử dụng ~/.netrc"
-++
-++#: src/boxes.c:722
-++msgid "&Always use ftp proxy"
-++msgstr "&Luôn luôn sử dụng ftp proxy"
-++
-++#: src/boxes.c:724
-++msgid "sec"
-++msgstr "giây"
-++
-++#: src/boxes.c:728
-++msgid "ftpfs directory cache timeout:"
-++msgstr "Thời gian chờ của cache thư mục ftp:"
-++
-++#: src/boxes.c:732
-++msgid "ftp anonymous password:"
-++msgstr "Mật khẩu ftp nặc danh:"
-++
-++#: src/boxes.c:739
-++msgid "Timeout for freeing VFSs:"
-++msgstr "Thời gian chờ giải phóng VFS:"
-++
-++#: src/boxes.c:745
-++msgid " Virtual File System Setting "
-++msgstr " Thiết lập hệ thống tập tin ảo "
-++
-++#: src/boxes.c:799
-++msgid "Quick cd"
-++msgstr "cd nhanh"
-++
-++#: src/boxes.c:802
-++msgid "cd"
-++msgstr "cd"
-++
-++#: src/boxes.c:837
-++msgid "Symbolic link filename:"
-++msgstr "Tên của liên kết mềm:"
-++
-++#: src/boxes.c:841
-++msgid "Existing filename (filename symlink will point to):"
-++msgstr "Tên tập tin đã có (liên kết mềm sẽ chỉ đến):"
-++
-++#: src/boxes.c:848
-++msgid "Symbolic link"
-++msgstr "Liên kết mềm"
-++
-++#: src/boxes.c:881
-++msgid "Running "
-++msgstr "Đang chạy "
-++
-++#: src/boxes.c:882 src/find.c:721
-++msgid "Stopped"
-++msgstr "Đã dừng"
-++
-++#: src/boxes.c:942
-++msgid "&Stop"
-++msgstr "&Dừng"
-++
-++#: src/boxes.c:943
-++msgid "&Resume"
-++msgstr "&Phục hồi"
-++
-++#: src/boxes.c:944
-++msgid "&Kill"
-++msgstr "&Diệt"
-++
-++#: src/boxes.c:981
-++msgid "Background Jobs"
-++msgstr " Công việc nền sau"
-++
-++#: src/boxes.c:1012
-++msgid "Domain:"
-++msgstr "Miền (domain):"
-++
-++#: src/boxes.c:1012
-++msgid "Username:"
-++msgstr "Tên người dùng:"
-++
-++#: src/boxes.c:1012
-++msgid "Password:"
-++msgstr "Mật khẩu:"
-++
-++#: src/boxes.c:1063
-++#, c-format
-++msgid "Password for \\\\%s\\%s"
-++msgstr "Mật khẩu cho \\\\%s\\%s"
-++
-++#: src/charsets.c:51 vfs/extfs.c:1260 vfs/sfs.c:318
-++#, c-format
-++msgid "Warning: file %s not found\n"
-++msgstr "Cảnh báo: không tìm thấy tập tin %s\n"
-++
-++#: src/charsets.c:198 src/charsets.c:212
-++#, c-format
-++msgid "Cannot translate from %s to %s"
-++msgstr "Không chuyển được bảng mã từ %s thành %s"
-++
-++#: src/chmod.c:77
-++msgid "execute/search by others"
-++msgstr "người khác có quyền chạy/tìm"
-++
-++#: src/chmod.c:78
-++msgid "write by others"
-++msgstr "người khác có quyền ghi nhớ"
-++
-++#: src/chmod.c:79
-++msgid "read by others"
-++msgstr "người khác có quyền đọc"
-++
-++#: src/chmod.c:80
-++msgid "execute/search by group"
-++msgstr "nhóm có quyền chạy/tìm kiếm"
-++
-++#: src/chmod.c:81
-++msgid "write by group"
-++msgstr "nhóm có quyền ghi nhớ"
-++
-++#: src/chmod.c:82
-++msgid "read by group"
-++msgstr "nhóm có quyền đọc"
-++
-++#: src/chmod.c:83
-++msgid "execute/search by owner"
-++msgstr "chủ sở hữu có quyền chạy/tìm"
-++
-++#: src/chmod.c:84
-++msgid "write by owner"
-++msgstr "chủ sở hữu có quyền ghi nhớ"
-++
-++#: src/chmod.c:85
-++msgid "read by owner"
-++msgstr "chủ sở hữu có quyền đọc"
-++
-++#: src/chmod.c:86
-++msgid "sticky bit"
-++msgstr "bit dính (sticky)"
-++
-++#: src/chmod.c:87
-++msgid "set group ID on execution"
-++msgstr "đặt ID nhóm khi chạy"
-++
-++#: src/chmod.c:88
-++msgid "set user ID on execution"
-++msgstr "đặt ID người dùng khi chạy"
-++
-++#: src/chmod.c:98
-++msgid "C&lear marked"
-++msgstr "&Xóa đánh dấu"
-++
-++#: src/chmod.c:99
-++msgid "S&et marked"
-++msgstr "Đá&nh dấu"
-++
-++#: src/chmod.c:100
-++msgid "&Marked all"
-++msgstr "Đánh &dấu tất cả"
-++
-++#: src/chmod.c:124 src/screen.c:405
-++msgid "Name"
-++msgstr "Tên"
-++
-++#: src/chmod.c:126
-++msgid "Permissions (Octal)"
-++msgstr "Quyền hạn (Hệ tám)"
-++
-++#: src/chmod.c:128
-++msgid "Owner name"
-++msgstr "Tên chủ sở hữu"
-++
-++#: src/chmod.c:130
-++msgid "Group name"
-++msgstr "Tên nhóm"
-++
-++#: src/chmod.c:133
-++msgid "Use SPACE to change"
-++msgstr "Dùng PHÍM TRẮNG để thay đổi"
-++
-++#: src/chmod.c:135
-++msgid "an option, ARROW KEYS"
-++msgstr "tùy chọn, PHÍM MŨI TÊN"
-++
-++#: src/chmod.c:137
-++msgid "to move between options"
-++msgstr "để di chuyển giữa các tùy chọn"
-++
-++#: src/chmod.c:139
-++msgid "and T or INS to mark"
-++msgstr "và T hoặc INS để đánh dấu"
-++
-++#: src/chmod.c:144 src/chown.c:111
-++msgid " Permission "
-++msgstr " Quyền truy cập "
-++
-++#: src/chmod.c:196
-++msgid "Chmod command"
-++msgstr " Câu lệnh chmod "
-++
-++#: src/chown.c:74
-++msgid "Set &users"
-++msgstr "Đặt &người dùng"
-++
-++#: src/chown.c:75
-++msgid "Set &groups"
-++msgstr "Đặt &nhóm"
-++
-++#: src/chown.c:103
-++msgid " Name "
-++msgstr " Tên "
-++
-++#: src/chown.c:105
-++msgid " Owner name "
-++msgstr " Tên chủ sở hữu "
-++
-++#: src/chown.c:107 src/chown.c:117
-++msgid " Group name "
-++msgstr " Tên nhóm "
-++
-++#: src/chown.c:109
-++msgid " Size "
-++msgstr " Kích thước "
-++
-++#: src/chown.c:115
-++msgid " User name "
-++msgstr " Tên người dùng "
-++
-++#: src/chown.c:158
-++msgid " Chown command "
-++msgstr " Câu lệnh chown "
-++
-++#: src/chown.c:178
-++msgid "<Unknown user>"
-++msgstr "<không rõ người dùng>"
-++
-++#: src/chown.c:179
-++msgid "<Unknown group>"
-++msgstr "<không rõ nhóm>"
-++
-++#: src/cmd.c:194
-++msgid "Files tagged, want to cd?"
-++msgstr "Đã đánh dấu các tập tin, chuyển thư mục?"
-++
-++#: src/cmd.c:200 src/cmd.c:670 src/cmd.c:727 src/main.c:681 src/screen.c:1933
-++msgid "Cannot change directory"
-++msgstr "Không thay đổi được thư mục"
-++
-++#: src/cmd.c:233
-++msgid " View file "
-++msgstr " Xem tập tin "
-++
-++#: src/cmd.c:233
-++msgid " Filename:"
-++msgstr " Tên tập tin:"
-++
-++#: src/cmd.c:255
-++msgid " Filtered view "
-++msgstr " Lọc rồi xem "
-++
-++#: src/cmd.c:256
-++msgid " Filter command and arguments:"
-++msgstr " Lệnh lọc và tham số:"
-++
-++#: src/cmd.c:355
-++msgid "Create a new Directory"
-++msgstr "Tạo thư mục mới"
-++
-++#: src/cmd.c:356
-++msgid " Enter directory name:"
-++msgstr " Hãy nhập tên thư mục:"
-++
-++#: src/cmd.c:428
-++msgid " Filter "
-++msgstr " Đầu lọc "
-++
-++#: src/cmd.c:429
-++msgid " Set expression for filtering filenames"
-++msgstr " Đặt biểu thức để lọc tên tập tin (nhấn F1 để xem trợ giúp)"
-++
-++#: src/cmd.c:482
-++msgid " Select "
-++msgstr " Chọn "
-++
-++#: src/cmd.c:510 src/cmd.c:555 src/find.c:147
-++msgid " Malformed regular expression "
-++msgstr " Biểu thức chính quy không đúng "
-++
-++#: src/cmd.c:528
-++msgid " Unselect "
-++msgstr " Bỏ chọn "
-++
-++#: src/cmd.c:596
-++msgid "Extension file edit"
-++msgstr "Soạn thảo phần mở rộng tập tin"
-++
-++#: src/cmd.c:597
-++msgid " Which extension file you want to edit? "
-++msgstr " Soạn thảo phần mở rộng tập tin nào? "
-++
-++#: src/cmd.c:598 src/cmd.c:701
-++msgid "&User"
-++msgstr "&Người dùng"
-++
-++#: src/cmd.c:598 src/cmd.c:627 src/cmd.c:701
-++msgid "&System Wide"
-++msgstr "&Hệ thống"
-++
-++#: src/cmd.c:624
-++msgid " Menu edit "
-++msgstr " Soạn thảo tập tin trình đơn "
-++
-++#: src/cmd.c:625
-++msgid " Which menu file do you want to edit? "
-++msgstr " Soạn thảo tập tin trình đơn nào? "
-++
-++#: src/cmd.c:627
-++msgid "&Local"
-++msgstr "&Nội bộ máy"
-++
-++#: src/cmd.c:627
-++msgid "&Home"
-++msgstr "&Cá nhân"
-++
-++#: src/cmd.c:699
-++msgid "Syntax file edit"
-++msgstr "Soạn thảo tập tin cú pháp"
-++
-++#: src/cmd.c:700
-++msgid " Which syntax file you want to edit? "
-++msgstr " Soạn thảo tập tin cú pháp nào? "
-++
-++#: src/cmd.c:854
-++msgid " Compare directories "
-++msgstr " So sánh thư mục "
-++
-++#: src/cmd.c:855
-++msgid " Select compare method: "
-++msgstr " Chọn phương pháp so sánh: "
-++
-++#: src/cmd.c:855
-++msgid "&Quick"
-++msgstr "&Nhanh"
-++
-++#: src/cmd.c:856
-++msgid "&Size only"
-++msgstr "&Chỉ theo kích thước"
-++
-++#: src/cmd.c:856
-++msgid "&Thorough"
-++msgstr "&Theo từng byte"
-++
-++#: src/cmd.c:869
-++msgid " Both panels should be in the listing mode to use this command "
-++msgstr "Để thực hiện câu lệnh này cả hai bảng phải ở trong chế độ danh sách "
-++
-++#: src/cmd.c:885
-++msgid " The command history is empty "
-++msgstr " Lịch sử dòng lệnh rỗng "
-++
-++#: src/cmd.c:889
-++msgid " Command history "
-++msgstr " Lịch sử dòng lệnh "
-++
-++#: src/cmd.c:925
-++msgid ""
-++" Not an xterm or Linux console; \n"
-++" the panels cannot be toggled. "
-++msgstr ""
-++" Đây không phải là xterm hay kênh giao tác Linux; \n"
-++" bảng sẽ không thể bị tắt. "
-++
-++#: src/cmd.c:939
-++#, c-format
-++msgid "Link %s to:"
-++msgstr "Tạo liên kết tới %s:"
-++
-++#: src/cmd.c:940
-++msgid " Link "
-++msgstr " Liên kết "
-++
-++#: src/cmd.c:950
-++#, c-format
-++msgid " link: %s "
-++msgstr " liên kết: %s "
-++
-++#: src/cmd.c:978
-++#, c-format
-++msgid " symlink: %s "
-++msgstr " liên kết mềm: %s "
-++
-++#: src/cmd.c:1012
-++#, c-format
-++msgid " Symlink `%s' points to: "
-++msgstr " Liên kết mềm %s chỉ tới: "
-++
-++#: src/cmd.c:1017
-++msgid " Edit symlink "
-++msgstr " Sửa liên kết mềm "
-++
-++#: src/cmd.c:1022
-++#, c-format
-++msgid " edit symlink, unable to remove %s: %s "
-++msgstr " sửa liên kết mềm, không thể xóa %s: %s "
-++
-++#: src/cmd.c:1026
-++#, c-format
-++msgid " edit symlink: %s "
-++msgstr " sửa liên kết mềm: %s "
-++
-++#: src/cmd.c:1037
-++#, c-format
-++msgid "`%s' is not a symbolic link"
-++msgstr "`%s' không phải là một liên kết mềm"
-++
-++#: src/cmd.c:1155
-++#, c-format
-++msgid " Cannot chdir to %s "
-++msgstr " Không thể chdir vào %s "
-++
-++#: src/cmd.c:1164
-++msgid " Enter machine name (F1 for details): "
-++msgstr " Hãy nhập tên máy (nhấn F1 để biết chi tiết): "
-++
-++#: src/cmd.c:1169 src/widget.c:1051
-++msgid " Link to a remote machine "
-++msgstr " Kiết nối tới máy ở xa "
-++
-++#: src/cmd.c:1176 src/widget.c:1052
-++msgid " FTP to machine "
-++msgstr " FTP tới máy ở xa "
-++
-++#: src/cmd.c:1182
-++msgid " Shell link to machine "
-++msgstr " Kết nối shell tới máy ở xa"
-++
-++#: src/cmd.c:1189 src/widget.c:1053
-++msgid " SMB link to machine "
-++msgstr " Kết nối SMB tới máy ở xa"
-++
-++#: src/cmd.c:1198
-++msgid " Undelete files on an ext2 file system "
-++msgstr " Phục hồi tập tin trên hệ thống tập tin ext2 sau khi xóa "
-++
-++#: src/cmd.c:1199
-++msgid ""
-++" Enter device (without /dev/) to undelete\n"
-++" files on: (F1 for details)"
-++msgstr ""
-++" Nhập tên thiết bị (không có /dev/), để\n"
-++" phục hồi tập tin của nó: (nhấn F1 để biết chi tiết)"
-++
-++#: src/cmd.c:1249
-++msgid " Setup saved to ~/"
-++msgstr " Tham số ghi nhớ trong ~/"
-++
-++#: src/cmd.c:1251
-++msgid " Setup "
-++msgstr " Cấu hình "
-++
-++#: src/command.c:177 src/screen.c:2174 src/tree.c:823
-++#, c-format
-++msgid ""
-++" Cannot chdir to \"%s\" \n"
-++" %s "
-++msgstr ""
-++" Không chdir được tới \"%s\" \n"
-++" %s "
-++
-++#: src/command.c:210 src/user.c:694
-++msgid " Cannot execute commands on non-local filesystems"
-++msgstr " Chỉ có thể thực hiện câu lệnh trên hệ thống tập tin nội bộ"
-++
-++#: src/command.c:219 src/execute.c:183
-++msgid " The shell is already running a command "
-++msgstr " shell đang chạy một câu lệnh"
-++
-++#: src/dir.c:49
-++msgid "&Unsorted"
-++msgstr "không &Sắp xếp"
-++
-++#: src/dir.c:50
-++msgid "&Name"
-++msgstr "th&Eo tên"
-++
-++#: src/dir.c:51
-++msgid "&Extension"
-++msgstr "&Phần mở rộng"
-++
-++#: src/dir.c:52
-++msgid "&Modify time"
-++msgstr "&Thời gian sửa đổi"
-++
-++#: src/dir.c:53
-++msgid "&Access time"
-++msgstr "thời &Gian truy cập"
-++
-++#: src/dir.c:54
-++msgid "&Change time"
-++msgstr "thời gi&An thay đổi"
-++
-++#: src/dir.c:55
-++msgid "&Size"
-++msgstr "&Kích thước"
-++
-++#: src/dir.c:56
-++msgid "&Inode"
-++msgstr "&Chỉ mục inode"
-++
-++#: src/dir.c:59
-++msgid "&Type"
-++msgstr "&Loại"
-++
-++#: src/dir.c:60
-++msgid "&Links"
-++msgstr "&Liên kết"
-++
-++#: src/dir.c:61
-++msgid "N&GID"
-++msgstr "N&GID"
-++
-++#: src/dir.c:62
-++msgid "N&UID"
-++msgstr "N&UID"
-++
-++#: src/dir.c:63
-++msgid "&Owner"
-++msgstr "&Chủ sở hữu"
-++
-++#: src/dir.c:64
-++msgid "&Group"
-++msgstr "&Nhóm"
-++
-++#: src/dir.c:475 src/dir.c:577
-++msgid "Cannot read directory contents"
-++msgstr "Không đọc được nội dung thư mục"
-++
-++#: src/execute.c:133 src/utilunix.c:380
-++msgid "Press any key to continue..."
-++msgstr "Để tiếp tục nhấn phím bất kỳ..."
-++
-++#: src/execute.c:235
-++msgid "Type `exit' to return to the Midnight Commander"
-++msgstr "Hãy gõ \"exit\" để quay trở lại Midnight Commander"
-++
-++#: src/execute.c:343
-++#, c-format
-++msgid " Cannot fetch a local copy of %s "
-++msgstr " Không thể lấy được bản sao nội bộ của %s "
-++
-++#: src/ext.c:106 src/user.c:566
-++#, c-format
-++msgid ""
-++" Cannot create temporary command file \n"
-++" %s "
-++msgstr ""
-++" Không tạo được tập tin câu lệnh tạm thời\n"
-++" %s "
-++
-++#: src/ext.c:119 src/user.c:589
-++msgid " Parameter "
-++msgstr " Tham số "
-++
-++#: src/ext.c:462 src/ext.c:481
-++msgid " file error "
-++msgstr " lỗi tập tin "
-++
-++#: src/ext.c:464 src/ext.c:483
-++msgid "Format of the "
-++msgstr "Định dạng của "
-++
-++#: src/ext.c:465
-++msgid ""
-++"mc.ext file has changed\n"
-++"with version 3.0. It seems that installation\n"
-++"failed. Please fetch a fresh new copy from the\n"
-++"Midnight Commander package."
-++msgstr ""
-++"Tập tin mc.ext đã thay đổi\n"
-++"từ phiên bản 3.0. Rất có thể có sự cố khi cài đặt.\n"
-++"Xin hãy lấy bản sao mới nhất từ gói \n"
-++"Midnight Commander."
-++
-++#: src/ext.c:484
-++msgid ""
-++" file has changed\n"
-++"with version 3.0. You may want either to\n"
-++"copy it from "
-++msgstr ""
-++" tập tin đã thay đổi\n"
-++"trong phiên bản 3.0. Có thể nên sao\n"
-++"chép nó từ "
-++
-++#: src/ext.c:487
-++msgid ""
-++"mc.ext or use that\n"
-++"file as an example of how to write it.\n"
-++msgstr ""
-++"mc.ext, hoặc sử dụng tập tin này làm\n"
-++"ví dụ để biết cách viết.\n"
-++
-++#: src/ext.c:490
-++msgid "mc.ext will be used for this moment."
-++msgstr "mc.ext sẽ được sử dụng trong thời điểm này."
-++
-++#: src/file.c:122 src/tree.c:593
-++msgid " Copy "
-++msgstr " Sao chép "
-++
-++#: src/file.c:123 src/tree.c:634
-++msgid " Move "
-++msgstr " Di chuyển "
-++
-++#: src/file.c:124 src/tree.c:708
-++msgid " Delete "
-++msgstr " Xóa "
-++
-++#: src/file.c:217
-++msgid " Invalid target mask "
-++msgstr " Dấu hiệu đích đến không đúng "
-++
-++#: src/file.c:316
-++msgid " Cannot make the hardlink "
-++msgstr " Không thể tạo liên kết cứng "
-++
-++#: src/file.c:359
-++#, c-format
-++msgid ""
-++" Cannot read source link \"%s\" \n"
-++" %s "
-++msgstr ""
-++" Không thể đọc liên kết nguồn \"%s\" \n"
-++" %s "
-++
-++#: src/file.c:370
-++msgid ""
-++" Cannot make stable symlinks across non-local filesystems: \n"
-++"\n"
-++" Option Stable Symlinks will be disabled "
-++msgstr ""
-++" Không tạo được liên kết mềm bền vững giữa các hệ thống tập tin không phải nội bộ:\n"
-++"\n"
-++" Tùy chọn \"Liên kết mềm Bền vững\" sẽ bị tắt "
-++
-++#: src/file.c:419
-++#, c-format
-++msgid ""
-++" Cannot create target symlink \"%s\" \n"
-++" %s "
-++msgstr ""
-++" Khônt tạo được liên kết mềm đích \"%s\" \n"
-++" %s "
-++
-++#: src/file.c:493
-++#, c-format
-++msgid ""
-++" Cannot overwrite directory \"%s\" \n"
-++" %s "
-++msgstr ""
-++" Không thể ghi chèn lên thư mục \"%s\" \n"
-++" %s "
-++
-++#: src/file.c:504
-++#, c-format
-++msgid ""
-++" Cannot stat source file \"%s\" \n"
-++" %s "
-++msgstr ""
-++" Không lấy được tính chất (stat) của tập tin nguồn \"%s\" \n"
-++" %s "
-++
-++#: src/file.c:514 src/file.c:1115
-++#, c-format
-++msgid " `%s' and `%s' are the same file "
-++msgstr " `%s' và `%s' là một tập tin "
-++
-++#: src/file.c:552
-++#, c-format
-++msgid ""
-++" Cannot create special file \"%s\" \n"
-++" %s "
-++msgstr ""
-++" Không tạo được tập tin đặc biệt \"%s\" \n"
-++" %s "
-++
-++#: src/file.c:564 src/file.c:813
-++#, c-format
-++msgid ""
-++" Cannot chown target file \"%s\" \n"
-++" %s "
-++msgstr ""
-++" Không thay đổi được chủ sở hữu của tập tin đích đến \"%s\" \n"
-++" %s "
-++
-++#: src/file.c:575 src/file.c:830
-++#, c-format
-++msgid ""
-++" Cannot chmod target file \"%s\" \n"
-++" %s "
-++msgstr ""
-++" Không thay đổi được quyền hạn (chmod) của tập tin đích đến \"%s\" \n"
-++" %s "
-++
-++#: src/file.c:589
-++#, c-format
-++msgid ""
-++" Cannot open source file \"%s\" \n"
-++" %s "
-++msgstr ""
-++" Không mở được tập tin nguồn \"%s\" \n"
-++" %s "
-++
-++#: src/file.c:600
-++msgid " Reget failed, about to overwrite file "
-++msgstr " Lấy phần còn lại của tập tin không thành công, tập tin sẽ bị ghi đè "
-++
-++#: src/file.c:607
-++#, c-format
-++msgid ""
-++" Cannot fstat source file \"%s\" \n"
-++" %s "
-++msgstr ""
-++" Không lấy được tính chất (fstat) tập tin nguồn \"%s\" \n"
-++" %s "
-++
-++#: src/file.c:631
-++#, c-format
-++msgid ""
-++" Cannot create target file \"%s\" \n"
-++" %s "
-++msgstr ""
-++" Không tạo được tập tin đích \"%s\" \n"
-++" %s "
-++
-++#: src/file.c:646
-++#, c-format
-++msgid ""
-++" Cannot fstat target file \"%s\" \n"
-++" %s "
-++msgstr ""
-++" Không lấy được tính chất (fstat) tập tin đích \"%s\" \n"
-++" %s "
-++
-++#: src/file.c:680
-++#, c-format
-++msgid ""
-++" Cannot read source file \"%s\" \n"
-++" %s "
-++msgstr ""
-++" Không đọc được tập tin nguồn \"%s\" \n"
-++" %s "
-++
-++#: src/file.c:715
-++#, c-format
-++msgid ""
-++" Cannot write target file \"%s\" \n"
-++" %s "
-++msgstr ""
-++" Không ghi nhớ được tập tin nguồn \"%s\" \n"
-++" %s "
-++
-++#: src/file.c:733
-++msgid "(stalled)"
-++msgstr "(bị nhốt)"
-++
-++#: src/file.c:780
-++#, c-format
-++msgid ""
-++" Cannot close source file \"%s\" \n"
-++" %s "
-++msgstr ""
-++" Không đóng được tập tin nguồn \"%s\" \n"
-++" %s "
-++
-++#: src/file.c:791
-++#, c-format
-++msgid ""
-++" Cannot close target file \"%s\" \n"
-++" %s "
-++msgstr ""
-++" Không đóng được tập tin đính \"%s\" \n"
-++" %s "
-++
-++#: src/file.c:804
-++msgid "Incomplete file was retrieved. Keep it?"
-++msgstr "Nhận được tập tin không đầy đủ. Giữ tập tin?"
-++
-++#: src/file.c:805
-++msgid "&Delete"
-++msgstr "&Xóa"
-++
-++#: src/file.c:805
-++msgid "&Keep"
-++msgstr "&Giữ"
-++
-++#: src/file.c:873
-++#, c-format
-++msgid ""
-++" Cannot stat source directory \"%s\" \n"
-++" %s "
-++msgstr ""
-++" Không lấy được thông tin (stat) thư mục nguồn \"%s\" \n"
-++" %s "
-++
-++#: src/file.c:900
-++#, c-format
-++msgid ""
-++" Source directory \"%s\" is not a directory \n"
-++" %s "
-++msgstr ""
-++" Thư mục nguồn \"%s\" không phải là một thư mục \n"
-++" %s "
-++
-++#: src/file.c:910
-++#, c-format
-++msgid ""
-++" Cannot copy cyclic symbolic link \n"
-++" `%s' "
-++msgstr ""
-++" Không sao chép được liên kết mềm vòng lặp \n"
-++" `%s' "
-++
-++#: src/file.c:945 src/file.c:1985 src/tree.c:648
-++#, c-format
-++msgid ""
-++" Destination \"%s\" must be a directory \n"
-++" %s "
-++msgstr ""
-++" Nơi đến \"%s\" phải là một thư mục \n"
-++" %s "
-++
-++#: src/file.c:975
-++#, c-format
-++msgid ""
-++" Cannot create target directory \"%s\" \n"
-++" %s "
-++msgstr ""
-++" Không tạo được thư mục đích đến \"%s\" \n"
-++" %s "
-++
-++#: src/file.c:994
-++#, c-format
-++msgid ""
-++" Cannot chown target directory \"%s\" \n"
-++" %s "
-++msgstr ""
-++" Không thay đổi được chủ sở hữu (chown) của thư mục đích đến \"%s\" \n"
-++" %s "
-++
-++#: src/file.c:1096
-++#, c-format
-++msgid ""
-++" Cannot stat file \"%s\" \n"
-++" %s "
-++msgstr ""
-++" Không nhận được tính chất (stat) của tập tin \"%s\" \n"
-++" %s "
-++
-++#: src/file.c:1122
-++#, c-format
-++msgid " Cannot overwrite directory `%s' "
-++msgstr " Không thể ghi đè lên thư mục `%s' "
-++
-++#: src/file.c:1157
-++#, c-format
-++msgid ""
-++" Cannot move file \"%s\" to \"%s\" \n"
-++" %s "
-++msgstr ""
-++" Không thể di chuyển tập tin \"%s\" vào \"%s\" \n"
-++" %s "
-++
-++#: src/file.c:1181
-++#, c-format
-++msgid ""
-++" Cannot remove file \"%s\" \n"
-++" %s "
-++msgstr ""
-++" Không thể xóa tập tin \"%s\" \n"
-++" %s "
-++
-++#: src/file.c:1233
-++#, c-format
-++msgid " `%s' and `%s' are the same directory "
-++msgstr " %s và %s - là một thư mục "
-++
-++#: src/file.c:1252
-++#, c-format
-++msgid " Cannot overwrite directory \"%s\" %s "
-++msgstr " Không thể ghi đè lên thư mục \"%s\" %s "
-++
-++#: src/file.c:1256
-++#, c-format
-++msgid " Cannot overwrite file \"%s\" %s "
-++msgstr " Không thể ghi đè tập tin \"%s\" %s "
-++
-++#: src/file.c:1282
-++#, c-format
-++msgid ""
-++" Cannot move directory \"%s\" to \"%s\" \n"
-++" %s "
-++msgstr ""
-++" Không thể di chuyển thư mục \"%s\" vào \"%s\" \n"
-++" %s "
-++
-++#: src/file.c:1352
-++#, c-format
-++msgid ""
-++" Cannot delete file \"%s\" \n"
-++" %s "
-++msgstr ""
-++" Không thể xóa tập tin \"%s\" \n"
-++" %s "
-++
-++#: src/file.c:1412 src/file.c:1481 src/file.c:1509
-++#, c-format
-++msgid ""
-++" Cannot remove directory \"%s\" \n"
-++" %s "
-++msgstr ""
-++" Không thể xóa thư mục \"%s\" \n"
-++" %s "
-++
-++#: src/file.c:1657
-++msgid "1Copy"
-++msgstr "1Sao chép"
-++
-++#: src/file.c:1657
-++msgid "1Move"
-++msgstr "1Di chuyển"
-++
-++#: src/file.c:1657
-++msgid "1Delete"
-++msgstr "1Xóa"
-++
-++#: src/file.c:1672
-++#, no-c-format
-++msgid "%o %f \"%s\"%m"
-++msgstr "%o %f \"%s\"%m"
-++
-++# msgfmt warnings/errors must be ignored. mc parse this pattern itself.
-++#: src/file.c:1674
-++#, no-c-format
-++msgid "%o %d %f%m"
-++msgstr "%o (%d cái) %f%m"
-++
-++#: src/file.c:1676 vfs/fish.c:561
-++msgid "file"
-++msgstr "tập tin"
-++
-++#: src/file.c:1676
-++msgid "files"
-++msgstr "các tập tin"
-++
-++#: src/file.c:1676
-++msgid "directory"
-++msgstr "thư mục"
-++
-++#: src/file.c:1676
-++msgid "directories"
-++msgstr "Các thư mục"
-++
-++#: src/file.c:1677
-++msgid "files/directories"
-++msgstr "tập tin/thư mục"
-++
-++#: src/file.c:1677
-++msgid " with source mask:"
-++msgstr " với nhãn ban đầu:"
-++
-++#: src/file.c:1677
-++msgid " to:"
-++msgstr " vào:"
-++
-++#: src/file.c:1821
-++msgid " Cannot operate on \"..\"! "
-++msgstr " Không thể thao tác trên \"..\"! "
-++
-++#: src/file.c:1877
-++msgid " Sorry, I could not put the job in background "
-++msgstr " Xin lỗi, không thể đặt công việc nào vào chế độ nền sau "
-++
-++#: src/file.c:2147 src/view.c:441
-++msgid "&Retry"
-++msgstr "&Thử lại"
-++
-++#: src/file.c:2148 src/file.c:2211 src/filegui.c:207 src/filegui.c:517
-++msgid "&Abort"
-++msgstr "&Dừng"
-++
-++#: src/file.c:2200
-++msgid ""
-++"\n"
-++" Directory not empty. \n"
-++" Delete it recursively? "
-++msgstr ""
-++"\n"
-++" Thư mục không rỗng. \n"
-++" Xóa toàn bộ (đệ quy)? "
-++
-++#: src/file.c:2202
-++msgid ""
-++"\n"
-++" Background process: Directory not empty \n"
-++" Delete it recursively? "
-++msgstr ""
-++"\n"
-++" Tiến trình nền sau: Thư mục không rỗng \n"
-++" Xóa toàn bộ (đệ quy)? "
-++
-++#: src/file.c:2204
-++msgid " Delete: "
-++msgstr " Xóa: "
-++
-++#: src/file.c:2210 src/filegui.c:519
-++msgid "Non&e"
-++msgstr "&Không"
-++
-++#: src/filegui.c:324
-++#, c-format
-++msgid "ETA %d:%02d.%02d"
-++msgstr "Còn lại %d:%02d.%02d"
-++
-++#: src/filegui.c:347
-++#, c-format
-++msgid "%.2f MB/s"
-++msgstr "%.2f МB/giây"
-++
-++#: src/filegui.c:350
-++#, c-format
-++msgid "%.2f KB/s"
-++msgstr "%.2f KB/giây"
-++
-++#: src/filegui.c:353
-++#, c-format
-++msgid "%ld B/s"
-++msgstr "%ld B/giây"
-++
-++#: src/filegui.c:376
-++msgid "File"
-++msgstr "Tập tin"
-++
-++#: src/filegui.c:399
-++msgid "Count"
-++msgstr "Đếm"
-++
-++#: src/filegui.c:420
-++msgid "Bytes"
-++msgstr "Byte"
-++
-++#: src/filegui.c:453
-++msgid "Source"
-++msgstr "Nguồn"
-++
-++#: src/filegui.c:476
-++msgid "Target"
-++msgstr "Đích"
-++
-++#: src/filegui.c:498
-++msgid "Deleting"
-++msgstr "Đang xóa"
-++
-++#: src/filegui.c:516
-++#, c-format
-++msgid "Target file \"%s\" already exists!"
-++msgstr "Tập tin đích \"%s\" đã tồn tại!"
-++
-++#: src/filegui.c:518
-++msgid "If &size differs"
-++msgstr "&Nếu kích thước khác nhau"
-++
-++#: src/filegui.c:520
-++msgid "&Update"
-++msgstr "&Cập nhật"
-++
-++#: src/filegui.c:522
-++msgid "Overwrite all targets?"
-++msgstr "Khi đè lên mọi tập tin đích?"
-++
-++#: src/filegui.c:523
-++msgid "&Reget"
-++msgstr "&Lấy lại"
-++
-++#: src/filegui.c:524
-++msgid "A&ppend"
-++msgstr "&Thêm vào cuối"
-++
-++#: src/filegui.c:527
-++msgid "Overwrite this target?"
-++msgstr "Khi đè lên tập tin này?"
-++
-++#: src/filegui.c:528
-++#, c-format
-++msgid "Target date: %s, size %d"
-++msgstr "Thời gian sửa đổi của tập tin đích: %s, kích thước %d"
-++
-++#: src/filegui.c:529
-++#, c-format
-++msgid "Source date: %s, size %d"
-++msgstr "Thời gian sửa đổi của tập tin nguồn: %s, kích thước %d"
-++
-++#: src/filegui.c:604
-++msgid " File exists "
-++msgstr " Tập tin tồn tại "
-++
-++#: src/filegui.c:606
-++msgid " Background process: File exists "
-++msgstr " Tiến trình nền sau: tập tin tồn tại "
-++
-++#: src/filegui.c:728
-++msgid "preserve &Attributes"
-++msgstr "&Ghi nhớ thuộc tính"
-++
-++#: src/filegui.c:730
-++msgid "follow &Links"
-++msgstr "đi theo &Liên kết"
-++
-++#: src/filegui.c:732
-++msgid "to:"
-++msgstr "vào:"
-++
-++#: src/filegui.c:733
-++msgid "&Using shell patterns"
-++msgstr "&Sử dụng mẫu (pattern) của shell"
-++
-++#: src/filegui.c:754
-++msgid "&Background"
-++msgstr "&Trong nền sau"
-++
-++#: src/filegui.c:764
-++msgid "&Stable Symlinks"
-++msgstr "liên kết &Bền vững"
-++
-++#: src/filegui.c:766
-++msgid "&Dive into subdir if exists"
-++msgstr "&Vào thư mục con, nếu có"
-++
-++#: src/filegui.c:938
-++#, c-format
-++msgid ""
-++"Invalid source pattern `%s' \n"
-++" %s "
-++msgstr ""
-++"Mẫu không đúng `%s' \n"
-++" %s "
-++
-++#: src/find.c:99
-++msgid "&Suspend"
-++msgstr "&Hoãn"
-++
-++#: src/find.c:100
-++msgid "Con&tinue"
-++msgstr "&Tiếp tục"
-++
-++#: src/find.c:101
-++msgid "&Chdir"
-++msgstr "&Chuyển thư mục"
-++
-++#: src/find.c:102
-++msgid "&Again"
-++msgstr "&Lặp lại"
-++
-++#: src/find.c:103 src/subshell.c:323
-++msgid "&Quit"
-++msgstr "&Thoát"
-++
-++#: src/find.c:104 src/panelize.c:69
-++msgid "Pane&lize"
-++msgstr "&Bảng"
-++
-++#: src/find.c:105
-++msgid "&View - F3"
-++msgstr "X&em - F3"
-++
-++#: src/find.c:106
-++msgid "&Edit - F4"
-++msgstr "&Soạn thảo - F4"
-++
-++#: src/find.c:183
-++msgid "Start at:"
-++msgstr "Bắt đầu từ:"
-++
-++#: src/find.c:183
-++msgid "Filename:"
-++msgstr "Tên tập tin:"
-++
-++#: src/find.c:183
-++msgid "Content: "
-++msgstr "Nội dung: "
-++
-++#: src/find.c:184 src/main.c:795 src/main.c:819
-++msgid "&Tree"
-++msgstr "&Cây thư mục"
-++
-++#: src/find.c:232 src/find.c:792
-++msgid "Find File"
-++msgstr "Tìm tập tin"
-++
-++#: src/find.c:464
-++#, c-format
-++msgid "Grepping in %s"
-++msgstr "Tìm trong %s"
-++
-++#: src/find.c:538
-++msgid "Finished"
-++msgstr "Kết thúc"
-++
-++#: src/find.c:565 src/view.c:1594
-++#, c-format
-++msgid "Searching %s"
-++msgstr "Tìm %s"
-++
-++#: src/find.c:721 src/find.c:818
-++msgid "Searching"
-++msgstr "Tìm"
-++
-++#: src/help.c:279
-++msgid " Help file format error\n"
-++msgstr " Lỗi định dạng tập tin trợ giúp\n"
-++
-++#: src/help.c:318
-++msgid " Internal bug: Double start of link area "
-++msgstr " Lỗi (bug) nội bộ: vùng liên kết có hai đầu "
-++
-++#: src/help.c:554 src/help.c:778
-++#, c-format
-++msgid " Cannot find node %s in help file "
-++msgstr " Không tìm thấy nút %s trong tập tin trợ giúp "
-++
-++#: src/help.c:816
-++msgid "Index"
-++msgstr "Chỉ mục"
-++
-++#: src/help.c:818
-++msgid "Prev"
-++msgstr "Quay lại"
-++
-++#: src/hotlist.c:115
-++msgid "&Move"
-++msgstr "&Di chuyển"
-++
-++#: src/hotlist.c:116 src/panelize.c:68
-++msgid "&Remove"
-++msgstr "&Xóa"
-++
-++#: src/hotlist.c:117 src/hotlist.c:834 src/hotlist.c:930
-++msgid "&Append"
-++msgstr "&Thêm vào"
-++
-++#: src/hotlist.c:118 src/hotlist.c:832 src/hotlist.c:928
-++msgid "&Insert"
-++msgstr "c&Hèn"
-++
-++#: src/hotlist.c:119
-++msgid "New &Entry"
-++msgstr "tạo &Mục mới"
-++
-++#: src/hotlist.c:120
-++msgid "New &Group"
-++msgstr "&Nhóm mới"
-++
-++#: src/hotlist.c:122
-++msgid "&Up"
-++msgstr "&Lên"
-++
-++#: src/hotlist.c:123
-++msgid "&Add current"
-++msgstr "&Thêm hiện thời"
-++
-++#: src/hotlist.c:125
-++msgid "&Refresh"
-++msgstr "&Làm mới"
-++
-++#: src/hotlist.c:126
-++msgid "Fr&ee VFSs now"
-++msgstr "&Giải phóng"
-++
-++#: src/hotlist.c:128
-++msgid "Change &To"
-++msgstr "&Chuyển tới"
-++
-++#: src/hotlist.c:177
-++msgid "Subgroup - press ENTER to see list"
-++msgstr "Nhóm con - nhấn ENTER để xem danh sách"
-++
-++#: src/hotlist.c:609
-++msgid "Active VFS directories"
-++msgstr "Thư mục VFS hoạt động"
-++
-++#: src/hotlist.c:612
-++msgid "Directory hotlist"
-++msgstr "Danh sách thư mục thường dùng"
-++
-++#: src/hotlist.c:640
-++msgid " Directory path "
-++msgstr " Đường dẫn tới thư mục "
-++
-++#: src/hotlist.c:643 src/hotlist.c:692
-++msgid " Directory label "
-++msgstr " Nhãn thư mục"
-++
-++#: src/hotlist.c:668
-++#, c-format
-++msgid "Moving %s"
-++msgstr "Di chuyển %s"
-++
-++#: src/hotlist.c:907
-++msgid "New hotlist entry"
-++msgstr " Thêm bản ghi vào tra cứu"
-++
-++#: src/hotlist.c:907
-++msgid "Directory label"
-++msgstr " Tên nhãn thư mục"
-++
-++#: src/hotlist.c:907
-++msgid "Directory path"
-++msgstr " Đường dẫn tới thư mục"
-++
-++#: src/hotlist.c:987
-++msgid " New hotlist group "
-++msgstr " Thêm nhóm vào tra cứu "
-++
-++#: src/hotlist.c:987
-++msgid "Name of new group"
-++msgstr " Tên nhóm mới"
-++
-++#: src/hotlist.c:1002
-++#, c-format
-++msgid "Label for \"%s\":"
-++msgstr " Tên nhãn cho \"%s\":"
-++
-++#: src/hotlist.c:1006
-++msgid " Add to hotlist "
-++msgstr " Thêm vào tra cứu "
-++
-++#: src/hotlist.c:1043
-++msgid " Remove: "
-++msgstr " Xóa: "
-++
-++#: src/hotlist.c:1047
-++msgid ""
-++"\n"
-++" Group not empty.\n"
-++" Remove it?"
-++msgstr ""
-++"\n"
-++" Nhóm không rỗng.\n"
-++" Xóa nó?"
-++
-++#: src/hotlist.c:1391
-++msgid " Top level group "
-++msgstr "Nhóm cấp độ cao nhất "
-++
-++#: src/hotlist.c:1414
-++msgid "MC was unable to write ~/"
-++msgstr "MC không thể ghi nhớ ~/"
-++
-++#: src/hotlist.c:1415
-++msgid " file, your old hotlist entries were not deleted"
-++msgstr " tập tin, tra cứu thư mục cũ chưa bị xóa"
-++
-++#: src/hotlist.c:1417
-++msgid " Hotlist Load "
-++msgstr " Nạp tra cứu "
-++
-++#: src/info.c:74
-++#, c-format
-++msgid "Midnight Commander %s"
-++msgstr "Midnight Commander %s"
-++
-++#: src/info.c:91
-++#, c-format
-++msgid "File: %s"
-++msgstr "Tập tin: %s"
-++
-++#: src/info.c:103
-++#, c-format
-++msgid "Free nodes: %d (%d%%) of %d"
-++msgstr "Nút tự do: %d (%d%%) trong tổng số %d"
-++
-++#: src/info.c:109
-++msgid "No node information"
-++msgstr "Không có thông tin về nút (node)"
-++
-++#: src/info.c:117
-++#, c-format
-++msgid "Free space: %s (%d%%) of %s"
-++msgstr "Chỗ trống: %s (%d%%) của %s"
-++
-++#: src/info.c:121
-++msgid "No space information"
-++msgstr "Không có thông tin về khoảng trống"
-++
-++#: src/info.c:125
-++#, c-format
-++msgid "Type: %s "
-++msgstr "Loại: %s "
-++
-++#: src/info.c:125
-++msgid "non-local vfs"
-++msgstr "không phải vfs cục bộ"
-++
-++#: src/info.c:131
-++#, c-format
-++msgid "Device: %s"
-++msgstr "Thiết bị: %s"
-++
-++#: src/info.c:135
-++#, c-format
-++msgid "Filesystem: %s"
-++msgstr "Hệ thống tập tin: %s"
-++
-++#: src/info.c:140
-++#, c-format
-++msgid "Accessed: %s"
-++msgstr "Truy cập: %s"
-++
-++#: src/info.c:144
-++#, c-format
-++msgid "Modified: %s"
-++msgstr "Sửa đổi: %s"
-++
-++#: src/info.c:148
-++#, c-format
-++msgid "Created: %s"
-++msgstr "Tạo ra: %s"
-++
-++#: src/info.c:163
-++#, c-format
-++msgid "Size: %s"
-++msgstr "Kích thước: %s"
-++
-++#: src/info.c:166
-++#, c-format
-++msgid " (%d block)"
-++msgstr " (%d khối)"
-++
-++#: src/info.c:166
-++#, c-format
-++msgid " (%d blocks)"
-++msgstr " (%d khối)"
-++
-++#: src/info.c:172
-++#, c-format
-++msgid "Owner: %s/%s"
-++msgstr "Chủ sở hữu: %s/%s"
-++
-++#: src/info.c:177
-++#, c-format
-++msgid "Links: %d"
-++msgstr "Liên kết: %d"
-++
-++#: src/info.c:181
-++#, c-format
-++msgid "Mode: %s (%04o)"
-++msgstr "Quyền hạn: %s (%04o)"
-++
-++#: src/info.c:186
-++#, c-format
-++msgid "Location: %Xh:%Xh"
-++msgstr "Vị trí: %Xh:%Xh"
-++
-++#: src/info.c:196
-++msgid "File: None"
-++msgstr "Tập tin: Không có"
-++
-++#: src/layout.c:151
-++msgid "&Vertical"
-++msgstr "&Thẳng đứng"
-++
-++#: src/layout.c:152
-++msgid "&Horizontal"
-++msgstr "&Nằm ngang"
-++
-++#: src/layout.c:162
-++msgid "&Xterm window title"
-++msgstr "tiê&U đề cửa sổ xterm"
-++
-++#: src/layout.c:163
-++msgid "h&Intbar visible"
-++msgstr "dòng &Gợi ý"
-++
-++#: src/layout.c:164
-++msgid "&Keybar visible"
-++msgstr "&Hiển thị thanh phím tắt"
-++
-++#: src/layout.c:165
-++msgid "command &Prompt"
-++msgstr "&Dòng lệnh"
-++
-++#: src/layout.c:166
-++msgid "show &Mini status"
-++msgstr "hiện trạng thái m&Ini"
-++
-++#: src/layout.c:167
-++msgid "menu&Bar visible"
-++msgstr "thAnh trình đơn"
-++
-++#: src/layout.c:168
-++msgid "&Equal split"
-++msgstr "&Kích thước bằng nhau"
-++
-++#: src/layout.c:169
-++msgid "pe&Rmissions"
-++msgstr "&Quyền truy cập"
-++
-++#: src/layout.c:170
-++msgid "&File types"
-++msgstr "&Loại tập tin"
-++
-++#: src/layout.c:350 src/learn.c:59 src/learn.c:174 src/option.c:115
-++msgid "&Save"
-++msgstr "Ghi nhớ &+"
-++
-++#: src/layout.c:358
-++msgid " Panel split "
-++msgstr " Chia bảng "
-++
-++#: src/layout.c:359
-++msgid " Highlight... "
-++msgstr " Chiếu sáng... "
-++
-++#: src/layout.c:360 src/option.c:125
-++msgid " Other options "
-++msgstr " Cấu hình khác "
-++
-++#: src/layout.c:361
-++msgid "output lines"
-++msgstr "dòng kết quả"
-++
-++#: src/layout.c:423
-++msgid "Layout"
-++msgstr "Vẻ ngoài"
-++
-++#: src/learn.c:73
-++msgid "Learn keys"
-++msgstr "Tạo phím tắt"
-++
-++#: src/learn.c:79
-++msgid " Teach me a key "
-++msgstr " Dạy tôi một phím "
-++
-++#: src/learn.c:80
-++#, c-format
-++msgid ""
-++"Please press the %s\n"
-++"and then wait until this message disappears.\n"
-++"\n"
-++"Then, press it again to see if OK appears\n"
-++"next to its button.\n"
-++"\n"
-++"If you want to escape, press a single Escape key\n"
-++"and wait as well."
-++msgstr ""
-++"Xin hãy nhấn lên %s\n"
-++"và đợi cho thông báo này biến mất.\n"
-++"\n"
-++"Sau đó hãy nhấn một lần nữa để chắc chắn là ở bên phải\n"
-++"của tên xuất hiện \"OK\".\n"
-++"\n"
-++"Nếu bạn muốn dừng việc dạy phím, thì hãy nhấn\n"
-++"phím Esc và cũng cần đợi một chút."
-++
-++#: src/learn.c:114
-++msgid " Cannot accept this key "
-++msgstr " Không thể chấp nhận phím này "
-++
-++#: src/learn.c:115
-++#, c-format
-++msgid " You have entered \"%s\""
-++msgstr " Đã nhập vào \"%s\""
-++
-++#. TRANSLATORS: This label appears near learned keys. Keep it short.
-++#: src/learn.c:164
-++msgid "OK"
-++msgstr "OK"
-++
-++#: src/learn.c:172
-++msgid ""
-++"It seems that all your keys already\n"
-++"work fine. That's great."
-++msgstr ""
-++"Có vẻ như tất cả các phím của bạn\n"
-++"làm việc tốt. Thật là tuyệt."
-++
-++#: src/learn.c:174
-++msgid "&Discard"
-++msgstr "&Vứt bỏ"
-++
-++#: src/learn.c:179
-++msgid ""
-++"Great! You have a complete terminal database!\n"
-++"All your keys work well."
-++msgstr ""
-++"Tuyệt! Chúng ta có một cơ sở dữ liệu mô tả terminal đầy đủ!\n"
-++"Tất cả các phím đều làm việc tốt."
-++
-++#: src/learn.c:287
-++msgid "Press all the keys mentioned here. After you have done it, check"
-++msgstr "Hãy nhấn tất cả những phím liệt kê ở trên. Sau khi nhấn xong, hãy kiểm tra"
-++
-++#: src/learn.c:291
-++msgid "which keys are not marked with OK. Press space on the missing"
-++msgstr "xem những phím nào không có dấu hiệu \"OK\". Nhấn phím space trên những"
-++
-++#: src/learn.c:295
-++msgid "key, or click with the mouse to define it. Move around with Tab."
-++msgstr "phím bị thiếu, hoặc nhấn chuột để xác định. Di chuyển bằng Tab."
-++
-++#: src/main.c:425
-++msgid ""
-++" The Commander can't change to the directory that \n"
-++" the subshell claims you are in. Perhaps you have \n"
-++" deleted your working directory, or given yourself \n"
-++" extra access permissions with the \"su\" command? "
-++msgstr ""
-++" MC không thể chuyển vào thư mục, mà tiến trình shell \n"
-++" con thông báo. Rất có thể, bạn đã xóa thư mục làm việc \n"
-++" hoặc thêm cho mình quyền truy cập mở rộng bằng câu \n"
-++" lệnh \"su\"? "
-++
-++#: src/main.c:469 src/screen.c:1951
-++msgid " The Midnight Commander "
-++msgstr " Midnight Commander "
-++
-++#: src/main.c:470
-++msgid " Do you really want to quit the Midnight Commander? "
-++msgstr " Thực sự muốn thoát Midnight Commander? "
-++
-++#: src/main.c:792 src/main.c:816
-++msgid "&Listing mode..."
-++msgstr "&Dạng danh sách..."
-++
-++#: src/main.c:793 src/main.c:817
-++msgid "&Quick view C-x q"
-++msgstr "&Xem nhanh C-x q"
-++
-++#: src/main.c:794 src/main.c:818
-++msgid "&Info C-x i"
-++msgstr "&Thông tin C-x i"
-++
-++#: src/main.c:797 src/main.c:821
-++msgid "&Sort order..."
-++msgstr "t&Hứ tự sắp xếp..."
-++
-++#: src/main.c:799 src/main.c:823
-++msgid "&Filter..."
-++msgstr "&Lọc tập tin..."
-++
-++#: src/main.c:803 src/main.c:827
-++msgid "&Network link..."
-++msgstr "&Kết nối mạng..."
-++
-++#: src/main.c:805 src/main.c:829
-++msgid "FT&P link..."
-++msgstr "kết nối &FTP..."
-++
-++#: src/main.c:806 src/main.c:830
-++msgid "S&hell link..."
-++msgstr "kết nối &Shell..."
-++
-++#: src/main.c:808 src/main.c:832
-++msgid "SM&B link..."
-++msgstr "kết nối SM&B..."
-++
-++#: src/main.c:812 src/main.c:836
-++msgid "&Rescan C-r"
-++msgstr "&Quét lại C-r"
-++
-++#: src/main.c:840
-++msgid "&User menu F2"
-++msgstr "&Trình đơn người dùng F2"
-++
-++#: src/main.c:841
-++msgid "&View F3"
-++msgstr "&Xem F3"
-++
-++#: src/main.c:842
-++msgid "Vie&w file... "
-++msgstr "x&Em tập tin... "
-++
-++#: src/main.c:843
-++msgid "&Filtered view M-!"
-++msgstr "xe&M đã lọc M-!"
-++
-++#: src/main.c:844
-++msgid "&Edit F4"
-++msgstr "&Soạn thảo F4"
-++
-++#: src/main.c:845
-++msgid "&Copy F5"
-++msgstr "sao &Chép F5"
-++
-++#: src/main.c:846
-++msgid "c&Hmod C-x c"
-++msgstr "c&Hmod C-x c"
-++
-++#: src/main.c:847
-++msgid "&Link C-x l"
-++msgstr "&Liên kết cứng C-x l"
-++
-++#: src/main.c:848
-++msgid "&SymLink C-x s"
-++msgstr "liên &Kết mềm C-x s"
-++
-++#: src/main.c:849
-++msgid "edit s&Ymlink C-x C-s"
-++msgstr "sử&A liên kết mềm C-x C-s"
-++
-++#: src/main.c:850
-++msgid "ch&Own C-x o"
-++msgstr "cho&Wn C-x o"
-++
-++#: src/main.c:851
-++msgid "&Advanced chown "
-++msgstr "chown &Nâng cao "
-++
-++#: src/main.c:852
-++msgid "&Rename/Move F6"
-++msgstr "Đổi tên/&Di chuyển F6"
-++
-++#: src/main.c:853
-++msgid "&Mkdir F7"
-++msgstr "mkdi&R F7"
-++
-++#: src/main.c:854
-++msgid "&Delete F8"
-++msgstr "xó&A F8"
-++
-++#: src/main.c:855
-++msgid "&Quick cd M-c"
-++msgstr "cd nhanh &> M-c"
-++
-++#: src/main.c:857
-++msgid "select &Group M-+"
-++msgstr "Chọn Nhóm &+ M-+"
-++
-++#: src/main.c:858
-++msgid "u&Nselect group M-\\"
-++msgstr "&Bỏ chọn nhóm M-\\"
-++
-++#: src/main.c:859
-++msgid "reverse selec&Tion M-*"
-++msgstr "Chọn ngược lạ&I M-*"
-++
-++#: src/main.c:861
-++msgid "e&Xit F10"
-++msgstr "Th&Oát F10"
-++
-++#: src/main.c:869
-++msgid "&Directory tree"
-++msgstr "cây thư &Mục"
-++
-++#: src/main.c:870
-++msgid "&Find file M-?"
-++msgstr "&Tìm tập tin M-?"
-++
-++#: src/main.c:871
-++msgid "s&Wap panels C-u"
-++msgstr "đổi chỗ h&Ai bảng C-u"
-++
-++#: src/main.c:872
-++msgid "switch &Panels on/off C-o"
-++msgstr "&Bật/tắt bảng C-o"
-++
-++#: src/main.c:873
-++msgid "&Compare directories C-x d"
-++msgstr "&So sánh thư mục C-x d"
-++
-++#: src/main.c:874
-++msgid "e&Xternal panelize C-x !"
-++msgstr "bản&G ngoài C-x !"
-++
-++#: src/main.c:875
-++msgid "show directory s&Izes"
-++msgstr "&Hiển thị kích thước thư mục"
-++
-++#: src/main.c:877
-++msgid "command &History"
-++msgstr "&Lịch sử câu lệnh"
-++
-++#: src/main.c:878
-++msgid "di&Rectory hotlist C-\\"
-++msgstr "Thư mục thường dùng &* C-\\"
-++
-++#: src/main.c:880
-++msgid "&Active VFS list C-x a"
-++msgstr "&Danh sách VFS hoạt động C-x a"
-++
-++#: src/main.c:883
-++msgid "&Background jobs C-x j"
-++msgstr "&Công việc nền sau C-x j"
-++
-++#: src/main.c:887
-++msgid "&Undelete files (ext2fs only)"
-++msgstr "&Phục hồi tập tin đã xóa (chỉ ext2fs)"
-++
-++#: src/main.c:890
-++msgid "&Listing format edit"
-++msgstr "&Soạn thảo định dạng danh sách"
-++
-++#: src/main.c:895
-++msgid "Edit &extension file"
-++msgstr "soạn thảo tập tin phần mở &Rộng"
-++
-++#: src/main.c:896
-++msgid "Edit &menu file"
-++msgstr "soạ&N thảo tập tin trình đơn"
-++
-++#: src/main.c:898
-++msgid "Edit edi&tor menu file"
-++msgstr "sửa trình đơn của trình s&Oạn thảo"
-++
-++#: src/main.c:899
-++msgid "Edit &syntax file"
-++msgstr "sửa tập tin cú &Pháp"
-++
-++#: src/main.c:905
-++msgid "&Configuration..."
-++msgstr "&Cấu hình..."
-++
-++#: src/main.c:906
-++msgid "&Layout..."
-++msgstr "&Vẻ ngoài..."
-++
-++#: src/main.c:907
-++msgid "c&Onfirmation..."
-++msgstr "&Xác nhận..."
-++
-++#: src/main.c:908
-++msgid "&Display bits..."
-++msgstr "bit &Hiển thị..."
-++
-++#: src/main.c:911
-++msgid "&Virtual FS..."
-++msgstr "&FS ảo..."
-++
-++#: src/main.c:914
-++msgid "&Save setup"
-++msgstr "&Ghi nhớ cấu hình"
-++
-++#: src/main.c:925
-++msgid " &Above "
-++msgstr " Ở &trên "
-++
-++#: src/main.c:925
-++msgid " &Left "
-++msgstr " &Bảng trái "
-++
-++#: src/main.c:929
-++msgid " &File "
-++msgstr " &Tập tin "
-++
-++#: src/main.c:932
-++msgid " &Command "
-++msgstr " &Câu lệnh "
-++
-++#: src/main.c:935
-++msgid " &Options "
-++msgstr " &Cấu hình "
-++
-++#: src/main.c:938
-++msgid " &Below "
-++msgstr " Ở &dưới "
-++
-++#: src/main.c:938
-++msgid " &Right "
-++msgstr " Bảng &phải "
-++
-++#: src/main.c:981
-++msgid " Information "
-++msgstr " Thông tin "
-++
-++#: src/main.c:983
-++msgid ""
-++" Using the fast reload option may not reflect the exact \n"
-++" directory contents. In this case you'll need to do a \n"
-++" manual reload of the directory. See the man page for \n"
-++" the details. "
-++msgstr ""
-++" Sử dụng tùy chọn nạp lại nhanh có thể không phản ánh \n"
-++" đúng nội dung hiện thời của thư mục. Trong trường hợp \n"
-++" này cần nạp lại thư mục một cách thủ công. Hãy xem \n"
-++" trang hướng dẫn sử dụng man để biết them chi tiết. "
-++
-++#: src/main.c:1206 src/screen.c:2185
-++msgid "Menu"
-++msgstr "Trđơn "
-++
-++#: src/main.c:1340
-++msgid "The TERM environment variable is unset!\n"
-++msgstr "Biến môi trườn TERM chưa được xác định!\n"
-++
-++#: src/main.c:1642 src/textconf.c:116
-++#, c-format
-++msgid "GNU Midnight Commander %s\n"
-++msgstr "GNU Midnight Commander %s\n"
-++
-++#: src/main.c:1848
-++msgid "[flags] [this_dir] [other_panel_dir]\n"
-++msgstr "[cờ] [thư_mục_này] [thư_mục_bảng_còn_lại]\n"
-++
-++#: src/main.c:1852
-++msgid "+number"
-++msgstr "+số"
-++
-++#: src/main.c:1853
-++msgid "Set initial line number for the internal editor"
-++msgstr "Đặt số dòng ban đầu cho trình soạn thảo nội bộ"
-++
-++#: src/main.c:1855
-++msgid ""
-++"\n"
-++"Please send any bug reports (including the output of `mc -V')\n"
-++"to mc-devel@gnome.org\n"
-++msgstr ""
-++"\n"
-++"Xin hãy gửi bất kỳ báo cáo lỗi (bug) nào (gồm cả kết quả của lệnh `mc -V')\n"
-++"tới mc-devel@gnome.org\n"
-++
-++#: src/main.c:1870
-++msgid ""
-++"--colors KEYWORD={FORE},{BACK}\n"
-++"\n"
-++"{FORE} and {BACK} can be omitted, and the default will be used\n"
-++"\n"
-++"Keywords:\n"
-++" Global: errors, reverse, gauge, input\n"
-++" File display: normal, selected, marked, markselect\n"
-++" Dialog boxes: dnormal, dfocus, dhotnormal, dhotfocus\n"
-++" Menus: menu, menuhot, menusel, menuhotsel\n"
-++" Help: helpnormal, helpitalic, helplink, helpslink\n"
-++" File types: directory, executable, link, stalelink, device, special, "
-++"core\n"
-++"\n"
-++"Colors:\n"
-++" black, gray, red, brightred, green, brightgreen, brown,\n"
-++" yellow, blue, brightblue, magenta, brightmagenta, cyan,\n"
-++" brightcyan, lightgray and white\n"
-++"\n"
-++msgstr ""
-++"--colors TỪ_KHÓA={VĂN BẢN},{NỀN}\n"
-++"\n"
-++"có thể bỏ qua {VĂN BẢN} và {NỀN}, và sử dụng giá trị theo mặc định\n"
-++"\n"
-++"Từ khóa:\n"
-++" Toàn cầu: errors, reverse, gauge, input\n"
-++" Hiển thị tập tin: normal, selected, marked, markselect\n"
-++" Hộp thoại: dnormal, dfocus, dhotnormal, dhotfocus\n"
-++" Trình đơn: menu, menuhot, menusel, menuhotsel\n"
-++" Trợ giúp: helpnormal, helpitalic, helplink, helpslink\n"
-++" Dạng tập tin: directory, executable, link, stalelink, device, special, core\n"
-++"\n"
-++"Màu sắc:\n"
-++" black, gray, red, brightred, green, brightgreen, brown,\n"
-++" yellow, blue, brightblue, magenta, brightmagenta, cyan,\n"
-++" brightcyan, lightgray, white\n"
-++"\n"
-++
-++#: src/main.c:1945
-++msgid "Displays this help message"
-++msgstr "Hiển thị thông báo trợ giúp này"
-++
-++#: src/main.c:1947
-++msgid "Displays the current version"
-++msgstr "Hiển thị số phiên bản hiện thời"
-++
-++#: src/main.c:1951
-++msgid "Forces xterm features"
-++msgstr "Bắt buộc dùng tính năng của xterm"
-++
-++#: src/main.c:1953
-++msgid "Disable mouse support in text version"
-++msgstr "Bỏ hỗ trợ chuột trong phiên bản văn bản (text)"
-++
-++#: src/main.c:1956
-++msgid "Tries to use termcap instead of terminfo"
-++msgstr "Thử sử dụng termcap thay cho terminfo"
-++
-++#: src/main.c:1959
-++msgid "Resets soft keys on HP terminals"
-++msgstr "Đặt lại phím phần mềm trên các terminal HP"
-++
-++#: src/main.c:1961
-++msgid "To run on slow terminals"
-++msgstr "Để chạy trên các terminal chậm"
-++
-++#: src/main.c:1963
-++msgid "Use stickchars to draw"
-++msgstr "Sử dụng ký tự thẳng đứng để vẽ"
-++
-++#: src/main.c:1967
-++msgid "Requests to run in black and white"
-++msgstr "Yêu cầu chạy trong chế độ đen trắng"
-++
-++#: src/main.c:1969
-++msgid "Request to run in color mode"
-++msgstr "Yêu cầu chạy trong chế độ màu"
-++
-++#: src/main.c:1971
-++msgid "Specifies a color configuration"
-++msgstr "Xác định cấu hình màu sắc"
-++
-++#: src/main.c:1973
-++msgid "Displays a help screen on how to change the color scheme"
-++msgstr "Hiển thị cửa sổ trợ giúp cách thay đổi bộ phối hợp màu"
-++
-++#: src/main.c:1978
-++msgid "Log ftp dialog to specified file"
-++msgstr "Ghi hội thoại FTP vào một tập tin"
-++
-++#: src/main.c:1981
-++msgid "Set debug level"
-++msgstr "Đặt mức độ tìm sửa lỗi (debug)"
-++
-++#: src/main.c:1987
-++msgid "Print data directory"
-++msgstr "In ra tên thư mục dữ liệu"
-++
-++#: src/main.c:1989
-++msgid "Print last working directory to specified file"
-++msgstr "Ghi thư mục làm việc cuối cùng vào tập tin chỉ ra"
-++
-++#: src/main.c:1994
-++msgid "Enables subshell support (default)"
-++msgstr "Bật hỗ trợ shell con (mặc định)"
-++
-++#: src/main.c:1996
-++msgid "Disables subshell support"
-++msgstr "Tắt hỗ trợ shell con"
-++
-++#: src/main.c:2001
-++msgid "Launches the file viewer on a file"
-++msgstr "Xem tập tin"
-++
-++#: src/main.c:2004
-++msgid "Edits one file"
-++msgstr "Soạn thảo tập tin"
-++
-++#: src/main.c:2218
-++msgid " Notice "
-++msgstr " Cảnh báo "
-++
-++#: src/main.c:2219
-++msgid ""
-++" The Midnight Commander configuration files \n"
-++" are now stored in the ~/.mc directory, the \n"
-++" files have been moved now\n"
-++msgstr ""
-++" Các tập tin cấu hình Midnight Commander \n"
-++" bây giờ đặt trong thư mục ~/.mc, các \n"
-++" tập tin cũ bây giờ được chuyển tới đó\n"
-++
-++#: src/option.c:56
-++msgid "safe de&Lete"
-++msgstr "Xóa một cách &An toàn"
-++
-++#: src/option.c:57
-++msgid "cd follows lin&Ks"
-++msgstr "cd th&Eo liên kết"
-++
-++#: src/option.c:58
-++msgid "L&ynx-like motion"
-++msgstr "di chuyển giống trong l&Ynx"
-++
-++#: src/option.c:59
-++msgid "rotatin&G dash"
-++msgstr "cái chỉ &Quay"
-++
-++#: src/option.c:60
-++msgid "co&Mplete: show all"
-++msgstr "tự động hoàn thành: hiện tất cả"
-++
-++#: src/option.c:61
-++msgid "&Use internal view"
-++msgstr "trình xem nội &Bộ"
-++
-++#: src/option.c:62
-++msgid "use internal ed&It"
-++msgstr "sử dụng s&Oạn thảo nội bộ"
-++
-++#: src/option.c:63
-++msgid "auto m&Enus"
-++msgstr "t&Rình đơn tự động"
-++
-++#: src/option.c:64
-++msgid "&Auto save setup"
-++msgstr "tự động gh&I nhớ cấu hình"
-++
-++#: src/option.c:65
-++msgid "shell &Patterns"
-++msgstr "&Mẫu dạng shell"
-++
-++#: src/option.c:66
-++msgid "Compute &Totals"
-++msgstr "tính tổn&G kích thước"
-++
-++#: src/option.c:67
-++msgid "&Verbose operation"
-++msgstr "thao tác với thông báo &Dài dòng"
-++
-++#: src/option.c:69
-++msgid "&Fast dir reload"
-++msgstr "nạ&P nhanh thư mục"
-++
-++#: src/option.c:70
-++msgid "mi&X all files"
-++msgstr "trộn lẫn tất &Cả tập tin"
-++
-++#: src/option.c:71
-++msgid "&Drop down menus"
-++msgstr "đẩy &Xuống trình đơn"
-++
-++#: src/option.c:72
-++msgid "ma&Rk moves down"
-++msgstr "&Nhãn di chuyển xuống"
-++
-++#: src/option.c:73
-++msgid "show &Hidden files"
-++msgstr "&Hiển thị tập tin ẩn"
-++
-++#: src/option.c:74
-++msgid "show &Backup files"
-++msgstr "hiển thị tập tin sao &Lưu"
-++
-++#: src/option.c:85
-++msgid "&Never"
-++msgstr "&Không bao giờ"
-++
-++#: src/option.c:86
-++msgid "on dumb &Terminals"
-++msgstr "&Trên terminal ngu"
-++
-++#: src/option.c:87
-++msgid "Alwa&ys"
-++msgstr "&Luôn luôn"
-++
-++#: src/option.c:123
-++msgid " Panel options "
-++msgstr " Cấu hình bảng "
-++
-++#: src/option.c:124
-++msgid " Pause after run... "
-++msgstr " Tạm ngừng sau khi chạy... "
-++
-++#: src/option.c:170
-++msgid "Configure options"
-++msgstr "Tùy chọn cấu hình"
-++
-++#: src/panelize.c:67
-++msgid "&Add new"
-++msgstr "&Thêm mới"
-++
-++#: src/panelize.c:154 src/panelize.c:420
-++msgid "External panelize"
-++msgstr "Bảng ngoài"
-++
-++#: src/panelize.c:169
-++msgid "Command"
-++msgstr "Câu lệnh"
-++
-++#: src/panelize.c:185 src/panelize.c:242 src/panelize.c:313 src/panelize.c:334
-++msgid "Other command"
-++msgstr "Lệnh khác"
-++
-++#: src/panelize.c:226
-++msgid " Add to external panelize "
-++msgstr " Thêm vào bảng ngoài "
-++
-++#: src/panelize.c:227
-++msgid " Enter command label: "
-++msgstr " Nhập tên câu lệnh: "
-++
-++#: src/panelize.c:267
-++msgid " Cannot run external panelize in a non-local directory "
-++msgstr " Không thể chạy câu lệnh này trên một thư mục không phải nội bộ "
-++
-++#: src/panelize.c:316
-++msgid "Find rejects after patching"
-++msgstr "Tìm những loại bỏ sau khi vá lỗi (patch)"
-++
-++#: src/panelize.c:317
-++msgid "Find *.orig after patching"
-++msgstr "Tìm *.orig) sau khi vá lỗi (patch)"
-++
-++#: src/panelize.c:318
-++msgid "Find SUID and SGID programs"
-++msgstr "Tìm chương trình có các bit SUID/SGID"
-++
-++#: src/panelize.c:369
-++msgid "Cannot invoke command."
-++msgstr "Không thực hiện được câu lệnh."
-++
-++#: src/panelize.c:420
-++msgid "Pipe close failed"
-++msgstr "Đóng đường ống không thành công"
-++
-++#: src/popt.c:547
-++msgid "missing argument"
-++msgstr "thiếu tham số"
-++
-++#: src/popt.c:549
-++msgid "unknown option"
-++msgstr "tùy chọn không rõ"
-++
-++#: src/popt.c:555
-++msgid "invalid numeric value"
-++msgstr "giá trị số không thích hợp"
-++
-++#: src/popthelp.c:31
-++msgid "Show this help message"
-++msgstr "Hiển thị thông báo trợ giúp này"
-++
-++#: src/popthelp.c:32
-++msgid "Display brief usage message"
-++msgstr "Hiển thị chỉ dẫn ngắn gọn"
-++
-++#: src/popthelp.c:60
-++msgid "ARG"
-++msgstr "ARG"
-++
-++#: src/popthelp.c:179
-++msgid "Usage:"
-++msgstr "Sử dụng:"
-++
-++#: src/screen.c:201
-++msgid "UP--DIR"
-++msgstr "LÊNTRÊN"
-++
-++#: src/screen.c:222
-++msgid "SYMLINK"
-++msgstr "LIÊNKẾTMỀM"
-++
-++#: src/screen.c:226
-++msgid "SUB-DIR"
-++msgstr "THƯMỤCCON"
-++
-++#: src/screen.c:406 src/screen.c:407
-++msgid "Size"
-++msgstr "Kích cỡ"
-++
-++#: src/screen.c:409
-++msgid "MTime"
-++msgstr "Thời gian sửa"
-++
-++#: src/screen.c:410
-++msgid "ATime"
-++msgstr "Truy cập cuối cùng"
-++
-++#: src/screen.c:411
-++msgid "CTime"
-++msgstr "Thời gian thay đổi"
-++
-++#: src/screen.c:412
-++msgid "Permission"
-++msgstr "Quyền hạn"
-++
-++#: src/screen.c:413
-++msgid "Perm"
-++msgstr "Quyền"
-++
-++#: src/screen.c:414
-++msgid "Nl"
-++msgstr "Nl"
-++
-++#: src/screen.c:415
-++msgid "Inode"
-++msgstr "Nút"
-++
-++#: src/screen.c:416
-++msgid "UID"
-++msgstr "UID"
-++
-++#: src/screen.c:417
-++msgid "GID"
-++msgstr "GID"
-++
-++#: src/screen.c:418
-++msgid "Owner"
-++msgstr "Chủ sở hữu"
-++
-++#: src/screen.c:419
-++msgid "Group"
-++msgstr "Nhóm"
-++
-++#: src/screen.c:655
-++#, c-format
-++msgid "%s bytes in %d file"
-++msgstr "%s byte trong %d tập tin"
-++
-++#: src/screen.c:655
-++#, c-format
-++msgid "%s bytes in %d files"
-++msgstr "%s byte trong %d tập tin"
-++
-++#: src/screen.c:681
-++msgid "<readlink failed>"
-++msgstr "<đọc liên kết không thành công>"
-++
-++#: src/screen.c:1289
-++msgid "Unknown tag on display format: "
-++msgstr "Thẻ ghi không rõ trong định dạng hiển thị: "
-++
-++#: src/screen.c:1415
-++msgid "User supplied format looks invalid, reverting to default."
-++msgstr "Định dạng người dùng đưa ra có vẻ không thích hợp, chuyển lại thành mặc định."
-++
-++#: src/screen.c:1952
-++msgid " Do you really want to execute? "
-++msgstr " Thực sự muốn thực hiện? "
-++
-++#: src/screen.c:2186
-++msgid "View"
-++msgstr "Xem "
-++
-++#: src/screen.c:2187 src/view.c:2231
-++msgid "Edit"
-++msgstr "Soạn "
-++
-++#: src/screen.c:2189 src/tree.c:977
-++msgid "RenMov"
-++msgstr "Chuyển"
-++
-++#: src/screen.c:2190 src/tree.c:981
-++msgid "Mkdir"
-++msgstr "Tạotm "
-++
-++#: src/selcodepage.c:54
-++msgid " Choose input codepage "
-++msgstr " Chọn bảng mã dữ liệu vào "
-++
-++#: src/selcodepage.c:58
-++msgid "- < No translation >"
-++msgstr "- < Không có dịch >"
-++
-++#: src/selcodepage.c:106
-++msgid ""
-++"To use this feature select your codepage in\n"
-++"Setup / Display Bits dialog!\n"
-++"Do not forget to save options."
-++msgstr ""
-++"Để sử dụng tính năng này, hãy chọn bảng mã trong\n"
-++"trình đơn Cấu hình / hộp thoại Bit hiển thị!\n"
-++"Đừng quên ghi nhớ lại cấu hình."
-++
-++#: src/slint.c:188
-++#, c-format
-++msgid ""
-++"Screen size %dx%d is not supported.\n"
-++"Check the TERM environment variable.\n"
-++msgstr ""
-++"Kích thước màn hình %dx%d không được hỗ trợ.\n"
-++"Hãy kiểm tra biến môi trường TERM.\n"
-++
-++#: src/subshell.c:320
-++msgid ""
-++"GNU Midnight Commander is already\n"
-++"running on this terminal.\n"
-++"Subshell support will be disabled."
-++msgstr ""
-++"Một GNU Midnight Commander đã làm việc\n"
-++"trên terminal này. Sẽ không có hỗ trợ\n"
-++"shell con."
-++
-++#: src/subshell.c:425
-++#, c-format
-++msgid "Cannot open named pipe %s\n"
-++msgstr "Không mở được đường ống tên (named pipe) %s\n"
-++
-++#: src/subshell.c:653
-++msgid " The shell is still active. Quit anyway? "
-++msgstr " Shell vẫn còn hoạt động. Vẫn thoát? "
-++
-++#: src/subshell.c:790
-++#, c-format
-++msgid "Warning: Cannot change to %s.\n"
-++msgstr "Cảnh báo: Không chuyển được vào %s.\n"
-++
-++#: src/textconf.c:50
-++msgid "With builtin Editor\n"
-++msgstr "Với Trình soạn thảo nội trú\n"
-++
-++#: src/textconf.c:56
-++msgid "Using system-installed S-Lang library"
-++msgstr "Sử dụng thư việc của S-Lang hệ thống"
-++
-++#: src/textconf.c:58
-++msgid "Using included S-Lang library"
-++msgstr "Sử dụng thư việc S-Lang bao gồm"
-++
-++#: src/textconf.c:64
-++msgid "with termcap database"
-++msgstr "với cơ sở dữ liệu termcap"
-++
-++#: src/textconf.c:66
-++msgid "with terminfo database"
-++msgstr "với cơ sở dữ liệu terminfo"
-++
-++#: src/textconf.c:70
-++msgid "Using the ncurses library"
-++msgstr "Dùng thư viện ncurses"
-++
-++#: src/textconf.c:79
-++msgid "With optional subshell support"
-++msgstr "Với hỗ trợ shell con không bắt buộc"
-++
-++#: src/textconf.c:81
-++msgid "With subshell support as default"
-++msgstr "Với hỗ trợ shell con mặc định"
-++
-++#: src/textconf.c:87
-++msgid "With support for background operations\n"
-++msgstr "Với hỗ trợ thao tác nền sau\n"
-++
-++#: src/textconf.c:91
-++msgid "With mouse support on xterm and Linux console\n"
-++msgstr "Với hỗ trợ chuột trong xterm và kênh giao tác Linux\n"
-++
-++#: src/textconf.c:93
-++msgid "With mouse support on xterm\n"
-++msgstr "Với hỗ trợ chuột trong xterm\n"
-++
-++#: src/textconf.c:97
-++msgid "With support for X11 events\n"
-++msgstr "Với hỗ trợ sự kiện X11\n"
-++
-++#: src/textconf.c:101
-++msgid "With internationalization support\n"
-++msgstr "Với hỗ trợ các ngôn ngữ khác\n"
-++
-++#: src/textconf.c:105
-++msgid "With multiple codepages support\n"
-++msgstr "Với hỗ trợ nhiều bảng mã\n"
-++
-++#: src/textconf.c:121
-++msgid "Virtual File System:"
-++msgstr "Hệ thống tập tin ảo:"
-++
-++#: src/tree.c:147
-++#, c-format
-++msgid ""
-++"Cannot open the %s file for writing:\n"
-++"%s\n"
-++msgstr ""
-++"Không mở được tập tin %s để ghi nhớ:\n"
-++"%s\n"
-++
-++#: src/tree.c:591
-++#, c-format
-++msgid "Copy \"%s\" directory to:"
-++msgstr " Sao chép thư mục \"%s\" vào:"
-++
-++#: src/tree.c:632
-++#, c-format
-++msgid "Move \"%s\" directory to:"
-++msgstr " Di chuyển thư mục \"%s\" vào:"
-++
-++#: src/tree.c:642
-++#, c-format
-++msgid ""
-++" Cannot stat the destination \n"
-++" %s "
-++msgstr ""
-++" Không lấy (stat) được thuộc tính của đích đến \n"
-++" %s "
-++
-++#: src/tree.c:705
-++#, c-format
-++msgid " Delete %s? "
-++msgstr " Xóa %s? "
-++
-++#: src/tree.c:735
-++msgid "Static"
-++msgstr "Tĩnh"
-++
-++#: src/tree.c:735
-++msgid "Dynamc"
-++msgstr "Động"
-++
-++#: src/tree.c:971
-++msgid "Rescan"
-++msgstr "Quét lại"
-++
-++#: src/tree.c:973
-++msgid "Forget"
-++msgstr "Quên"
-++
-++#: src/tree.c:986
-++msgid "Rmdir"
-++msgstr "Xóa thư mục"
-++
-++#: src/treestore.c:343
-++#, c-format
-++msgid ""
-++"Cannot write to the %s file:\n"
-++"%s\n"
-++msgstr ""
-++"Không ghi nhớ được vào tập tin %s:\n"
-++"%s\n"
-++
-++#: src/user.c:133
-++msgid " Format error on file Extensions File "
-++msgstr " Lỗi định dạng tập tin \"Phần mở rộng của tập tin\" "
-++
-++#: src/user.c:134
-++#, c-format
-++msgid " The %%var macro has no default "
-++msgstr " Macro %%var không có giá trị mặc định "
-++
-++#: src/user.c:135
-++#, c-format
-++msgid " The %%var macro has no variable "
-++msgstr " Macro %%var không có giá trị biến "
-++
-++#: src/user.c:447
-++msgid " Debug "
-++msgstr " Sửa lỗi "
-++
-++#: src/user.c:456
-++msgid " ERROR: "
-++msgstr " LỖI: "
-++
-++#: src/user.c:460
-++msgid " True: "
-++msgstr " Đúng: "
-++
-++#: src/user.c:462
-++msgid " False: "
-++msgstr " Sai: "
-++
-++#: src/user.c:669
-++msgid " Warning -- ignoring file "
-++msgstr " Cảnh báo - tập tin bị lờ đi "
-++
-++#: src/user.c:670
-++#, c-format
-++msgid ""
-++"File %s is not owned by root or you or is world writable.\n"
-++"Using it may compromise your security"
-++msgstr ""
-++"Tập tin %s không thuộc quyền sở hữu của root, hay của bạn,\n"
-++"hoặc ai cũng có thể ghi. Sử dụng tập tin này có thể không an toàn"
-++
-++#: src/user.c:792
-++#, c-format
-++msgid " No suitable entries found in %s "
-++msgstr " Không tìm thấy mục thích hợp trong %s"
-++
-++#: src/user.c:798
-++msgid " User menu "
-++msgstr " Trình đơn người dùng "
-++
-++#: src/util.c:671 src/util.c:697
-++msgid "%b %e %H:%M"
-++msgstr "%b %e %H:%M"
-++
-++#: src/util.c:672 src/util.c:695
-++msgid "%b %e %Y"
-++msgstr "%b %e %Y"
-++
-++#: src/utilunix.c:333
-++#, c-format
-++msgid "%s is not a directory\n"
-++msgstr "%s không phải là một thư mục\n"
-++
-++#: src/utilunix.c:335
-++#, c-format
-++msgid "Directory %s is not owned by you\n"
-++msgstr "Bạn không sở hữu thư mục %s\n"
-++
-++#: src/utilunix.c:338
-++#, c-format
-++msgid "Cannot set correct permissions for directory %s\n"
-++msgstr "Không đặt được quyền hạn đúng cho thư mục %s\n"
-++
-++#: src/utilunix.c:343
-++#, c-format
-++msgid "Cannot create temporary directory %s: %s\n"
-++msgstr "Không tạo được thư mục tạm thời %s: %s\n"
-++
-++#: src/utilunix.c:373
-++#, c-format
-++msgid "Temporary files will be created in %s\n"
-++msgstr "Tập tin tạm thời sẽ được tạo trong thư mục %s\n"
-++
-++#: src/utilunix.c:376
-++msgid "Temporary files will not be created\n"
-++msgstr "Tập tin tạm thời sẽ không được tạo ra\n"
-++
-++#: src/utilunix.c:401
-++msgid " Pipe failed "
-++msgstr " Lỗi đường ống "
-++
-++#: src/utilunix.c:405
-++msgid " Dup failed "
-++msgstr " Lỗi lặp lại "
-++
-++#: src/view.c:502
-++msgid " Cannot spawn child program "
-++msgstr " Không sinh ra được tiến trình con "
-++
-++#: src/view.c:513
-++msgid "Empty output from child filter"
-++msgstr "Bộ lọc con trả lại kết quả rỗng"
-++
-++#: src/view.c:519
-++msgid " Cannot open file "
-++msgstr " Không mở được tập tin "
-++
-++#: src/view.c:618
-++#, c-format
-++msgid ""
-++" Cannot open \"%s\"\n"
-++" %s "
-++msgstr ""
-++" Không mở được \"%s\"\n"
-++" %s "
-++
-++#: src/view.c:627
-++#, c-format
-++msgid ""
-++" Cannot stat \"%s\"\n"
-++" %s "
-++msgstr ""
-++" Không lấy (stat) được thuộc tính \"%s\"\n"
-++" %s "
-++
-++#: src/view.c:636
-++msgid " Cannot view: not a regular file "
-++msgstr " Không xem được vì lý do: không\n"
-++" phải tập tin thông thường "
-++
-++#: src/view.c:775
-++#, c-format
-++msgid "File: %s"
-++msgstr "Tập tin: %s"
-++
-++#: src/view.c:790
-++#, c-format
-++msgid "Offset 0x%08lx"
-++msgstr "Bộ offset 0x%08lx"
-++
-++#: src/view.c:792
-++#, c-format
-++msgid "Col %d"
-++msgstr "Cột %d"
-++
-++#: src/view.c:796
-++#, c-format
-++msgid "%s bytes"
-++msgstr "%s byte"
-++
-++#: src/view.c:801
-++msgid " [grow]"
-++msgstr " [lớn lên]"
-++
-++#: src/view.c:1826
-++msgid "Invalid hex search expression"
-++msgstr "Biểu thức tìm kiếm hex không đúng"
-++
-++#: src/view.c:1880
-++msgid " Invalid regular expression "
-++msgstr " Biểu thức chính quy không đúng"
-++
-++#: src/view.c:2003
-++#, c-format
-++msgid ""
-++" The current line number is %d.\n"
-++" Enter the new line number:"
-++msgstr ""
-++" Số thứ tự dòng hiện thời %d.\n"
-++" Hãy nhập số thứ tự dòng muốn chuyển đến:"
-++
-++#: src/view.c:2026
-++#, c-format
-++msgid ""
-++" The current address is 0x%lx.\n"
-++" Enter the new address:"
-++msgstr ""
-++" Địa chỉ hiện thời - 0x%lx.\n"
-++" Hãy nhập địa chỉ mới:"
-++
-++#: src/view.c:2028
-++msgid " Goto Address "
-++msgstr " Đi tới địa chỉ "
-++
-++#: src/view.c:2060
-++msgid " Enter regexp:"
-++msgstr " Nhập biểu thức chính quy:"
-++
-++#: src/view.c:2216
-++msgid "Ascii"
-++msgstr "Ascii"
-++
-++#: src/view.c:2216
-++msgid "Hex"
-++msgstr "Hex"
-++
-++#: src/view.c:2218
-++msgid "Goto"
-++msgstr "ĐiTới"
-++
-++#: src/view.c:2218
-++msgid "Line"
-++msgstr "Dòng"
-++
-++#: src/view.c:2220
-++msgid "RxSrch"
-++msgstr "TìmRx"
-++
-++#: src/view.c:2225
-++msgid "EdHex"
-++msgstr "SoạnHex"
-++
-++#: src/view.c:2225
-++msgid "EdText"
-++msgstr "SoạnVb"
-++
-++#: src/view.c:2233
-++msgid "UnWrap"
-++msgstr "BỏWrap"
-++
-++#: src/view.c:2233
-++msgid "Wrap"
-++msgstr "CóWrap"
-++
-++#: src/view.c:2236
-++msgid "HxSrch"
-++msgstr "TìmHx"
-++
-++#: src/view.c:2239
-++msgid "Raw"
-++msgstr "Thô"
-++
-++#: src/view.c:2239
-++msgid "Parse"
-++msgstr "Phtích"
-++
-++#: src/view.c:2244
-++msgid "Unform"
-++msgstr "K0dạng"
-++
-++#: src/view.c:2244
-++msgid "Format"
-++msgstr "CóDạng"
-++
-++#: src/widget.c:911
-++msgid " History "
-++msgstr " Lịch sử"
-++
-++#: src/win.c:159
-++msgid "Function key 1"
-++msgstr "Phím chức năng 1"
-++
-++#: src/win.c:160
-++msgid "Function key 2"
-++msgstr "Phím chức năng 2"
-++
-++#: src/win.c:161
-++msgid "Function key 3"
-++msgstr "Phím chức năng 3"
-++
-++#: src/win.c:162
-++msgid "Function key 4"
-++msgstr "Phím chức năng 4"
-++
-++#: src/win.c:163
-++msgid "Function key 5"
-++msgstr "Phím chức năng 5"
-++
-++#: src/win.c:164
-++msgid "Function key 6"
-++msgstr "Phím chức năng 6"
-++
-++#: src/win.c:165
-++msgid "Function key 7"
-++msgstr "Phím chức năng 7"
-++
-++#: src/win.c:166
-++msgid "Function key 8"
-++msgstr "Phím chức năng 8"
-++
-++#: src/win.c:167
-++msgid "Function key 9"
-++msgstr "Phím chức năng 9"
-++
-++#: src/win.c:168
-++msgid "Function key 10"
-++msgstr "Phím chức năng 10"
-++
-++#: src/win.c:169
-++msgid "Function key 11"
-++msgstr "Phím chức năng 11"
-++
-++#: src/win.c:170
-++msgid "Function key 12"
-++msgstr "Phím chức năng 12"
-++
-++#: src/win.c:171
-++msgid "Function key 13"
-++msgstr "Phím chức năng 13"
-++
-++#: src/win.c:172
-++msgid "Function key 14"
-++msgstr "Phím chức năng 14"
-++
-++#: src/win.c:173
-++msgid "Function key 15"
-++msgstr "Phím chức năng 15"
-++
-++#: src/win.c:174
-++msgid "Function key 16"
-++msgstr "Phím chức năng 16"
-++
-++#: src/win.c:175
-++msgid "Function key 17"
-++msgstr "Phím chức năng 17"
-++
-++#: src/win.c:176
-++msgid "Function key 18"
-++msgstr "Phím chức năng 18"
-++
-++#: src/win.c:177
-++msgid "Function key 19"
-++msgstr "Phím chức năng 19"
-++
-++#: src/win.c:178
-++msgid "Function key 20"
-++msgstr "Phím chức năng 20"
-++
-++#: src/win.c:179
-++msgid "Backspace key"
-++msgstr "Phím Backspace"
-++
-++#: src/win.c:180
-++msgid "End key"
-++msgstr "Phím End"
-++
-++#: src/win.c:181
-++msgid "Up arrow key"
-++msgstr "Phím mũi tên lên"
-++
-++#: src/win.c:182
-++msgid "Down arrow key"
-++msgstr "Phím mũi tên xuống"
-++
-++#: src/win.c:183
-++msgid "Left arrow key"
-++msgstr "Phím mũi tên sang trái"
-++
-++#: src/win.c:184
-++msgid "Right arrow key"
-++msgstr "Phím mũi tên sang phải"
-++
-++#: src/win.c:185
-++msgid "Home key"
-++msgstr "Phím Home"
-++
-++#: src/win.c:186
-++msgid "Page Down key"
-++msgstr "Phím Page Down"
-++
-++#: src/win.c:187
-++msgid "Page Up key"
-++msgstr "Phím Page Up"
-++
-++#: src/win.c:188
-++msgid "Insert key"
-++msgstr "Phím Insert"
-++
-++#: src/win.c:189
-++msgid "Delete key"
-++msgstr "Phím Delete"
-++
-++#: src/win.c:190
-++msgid "Completion/M-tab"
-++msgstr "Hoàn thành/M-Tab"
-++
-++#: src/win.c:191
-++msgid "+ on keypad"
-++msgstr "+ trên phần keypad"
-++
-++#: src/win.c:192
-++msgid "- on keypad"
-++msgstr "- trên phần keypad"
-++
-++#: src/win.c:193
-++msgid "* on keypad"
-++msgstr "* trên phần keypad"
-++
-++#: src/win.c:195
-++msgid "Left arrow keypad"
-++msgstr "Mũi tên sang trái trên phần keypad"
-++
-++#: src/win.c:196
-++msgid "Right arrow keypad"
-++msgstr "Mũi tên sang phải trên phần keypad"
-++
-++#: src/win.c:197
-++msgid "Up arrow keypad"
-++msgstr "Mũi tên lên trên của phần keypad"
-++
-++#: src/win.c:198
-++msgid "Down arrow keypad"
-++msgstr "Mũi tên xuống dưới của phần keypad"
-++
-++#: src/win.c:199
-++msgid "Home on keypad"
-++msgstr "Home trên keypad"
-++
-++#: src/win.c:200
-++msgid "End on keypad"
-++msgstr "End trên keypad"
-++
-++#: src/win.c:201
-++msgid "Page Down keypad"
-++msgstr "Page Down trên keypad"
-++
-++#: src/win.c:202
-++msgid "Page Up keypad"
-++msgstr "Page Up trên keypad"
-++
-++#: src/win.c:203
-++msgid "Insert on keypad"
-++msgstr "Insert trên keypad"
-++
-++#: src/win.c:204
-++msgid "Delete on keypad"
-++msgstr "Delete trên keypad"
-++
-++#: src/win.c:205
-++msgid "Enter on keypad"
-++msgstr "Enter trên keypad"
-++
-++#: src/win.c:206
-++msgid "Slash on keypad"
-++msgstr "Slash trên keypad"
-++
-++#: src/win.c:207
-++msgid "NumLock on keypad"
-++msgstr "NumLock trên keypad"
-++
-++#: src/wtools.c:256
-++msgid "Background process:"
-++msgstr "Tiến trình nền sau:"
-++
-++#: vfs/cpio.c:142 vfs/cpio.c:158
-++#, c-format
-++msgid ""
-++"Cannot open cpio archive\n"
-++"%s"
-++msgstr ""
-++"Không mở được tập tin nén cpio\n"
-++"%s"
-++
-++#: vfs/cpio.c:223
-++#, c-format
-++msgid ""
-++"Premature end of cpio archive\n"
-++"%s"
-++msgstr ""
-++"Phần cuối của tập tin nén cpio bị hỏng\n"
-++"%s"
-++
-++#: vfs/cpio.c:309 vfs/cpio.c:359
-++#, c-format
-++msgid ""
-++"Corrupted cpio header encountered in\n"
-++"%s"
-++msgstr ""
-++"Lỗi phần đầu cpio phát hiện trong\n"
-++"%s"
-++
-++#: vfs/cpio.c:432
-++#, c-format
-++msgid ""
-++"Inconsistent hardlinks of\n"
-++"%s\n"
-++"in cpio archive\n"
-++"%s"
-++msgstr ""
-++"Liên kết cứng không thích hợp \n"
-++"%s\n"
-++"trong tập tin nén cpio\n"
-++"%s"
-++
-++#: vfs/cpio.c:457
-++#, c-format
-++msgid "%s contains duplicate entries! Skipping!"
-++msgstr "%s chứa mục lặp lại! Nhảy qua!"
-++
-++#: vfs/cpio.c:526
-++#, c-format
-++msgid ""
-++"Unexpected end of file\n"
-++"%s"
-++msgstr ""
-++"Kết thúc tập tin không mong đợi\n"
-++"%s"
-++
-++#: vfs/direntry.c:326
-++#, c-format
-++msgid "Directory cache expired for %s"
-++msgstr "Cache thư mục hết hạn cho %s"
-++
-++#: vfs/direntry.c:749
-++msgid "Starting linear transfer..."
-++msgstr "Chạy truyền tải theo đường thẳng..."
-++
-++#: vfs/direntry.c:886
-++#, c-format
-++msgid "%s: %s: %s %3d%% (%lu bytes transferred)"
-++msgstr "%s: %s: %s %3d%% (đã truyền tải %lu byte)"
-++
-++#: vfs/direntry.c:887
-++#, c-format
-++msgid "%s: %s: %s %lu bytes transferred"
-++msgstr "%s: %s: %s đã truyền tải %lu byte"
-++
-++#: vfs/direntry.c:933
-++msgid "Getting file"
-++msgstr "Nhận tập tin"
-++
-++#: vfs/extfs.c:303
-++#, c-format
-++msgid ""
-++"Cannot open %s archive\n"
-++"%s"
-++msgstr ""
-++"Không mở được tập tin nén %s\n"
-++"%s"
-++
-++#: vfs/extfs.c:343 vfs/extfs.c:365 vfs/extfs.c:415
-++msgid "Inconsistent extfs archive"
-++msgstr "Tập tin nén extfs không thích hợp"
-++
-++#: vfs/fish.c:157
-++#, c-format
-++msgid "fish: Disconnecting from %s"
-++msgstr "fish: Ngừng kết nối từ %s"
-++
-++#: vfs/fish.c:232
-++msgid "fish: Waiting for initial line..."
-++msgstr "fish: Đang chời dòng đầu tiên..."
-++
-++#: vfs/fish.c:244
-++msgid "Sorry, we cannot do password authenticated connections for now."
-++msgstr "Xin lỗi, bây giờ không thể tạo kết nối xác thực theo mật khẩu."
-++
-++#: vfs/fish.c:249
-++msgid " fish: Password required for "
-++msgstr "fish: yêu cầu mật khẩu cho "
-++
-++#: vfs/fish.c:258
-++msgid "fish: Sending password..."
-++msgstr "fish: Đang gửi mật khẩu..."
-++
-++#: vfs/fish.c:264
-++msgid "fish: Sending initial line..."
-++msgstr "fish: Đang gửi dòng đầu tiên..."
-++
-++#: vfs/fish.c:275
-++msgid "fish: Handshaking version..."
-++msgstr "fish: Đang xác nhận phiên bản..."
-++
-++#: vfs/fish.c:289
-++msgid "fish: Setting up current directory..."
-++msgstr "fish: Đang đặt thư mục hiện thời..."
-++
-++#: vfs/fish.c:291
-++#, c-format
-++msgid "fish: Connected, home %s."
-++msgstr "fish: Kết nối thành công, thư mục cá nhân %s."
-++
-++#: vfs/fish.c:375
-++#, c-format
-++msgid "fish: Reading directory %s..."
-++msgstr "fish: Đọc thư mục %s..."
-++
-++#: vfs/fish.c:477 vfs/ftpfs.c:1277 vfs/undelfs.c:343
-++#, c-format
-++msgid "%s: done."
-++msgstr "%s: xong."
-++
-++#: vfs/fish.c:482 vfs/ftpfs.c:1247 vfs/undelfs.c:346
-++#, c-format
-++msgid "%s: failure"
-++msgstr "%s: lỗi"
-++
-++#: vfs/fish.c:507
-++#, c-format
-++msgid "fish: store %s: sending command..."
-++msgstr "fish: bản ghi %s: đang gửi câu lệnh..."
-++
-++#: vfs/fish.c:548
-++msgid "fish: Local read failed, sending zeros"
-++msgstr "fish: Lỗi đọc nội bộ, đang gửi các số không"
-++
-++#: vfs/fish.c:560
-++#, c-format
-++msgid "fish: storing %s %d (%lu)"
-++msgstr "fish: ghi %s %d (%lu)"
-++
-++#: vfs/fish.c:561
-++msgid "zeros"
-++msgstr "các số không"
-++
-++#: vfs/fish.c:613
-++msgid "Aborting transfer..."
-++msgstr "Dừng truyền tải..."
-++
-++#: vfs/fish.c:622
-++msgid "Error reported after abort."
-++msgstr "Có lỗi báo cáo sau khi dừng."
-++
-++#: vfs/fish.c:624
-++msgid "Aborted transfer would be successful."
-++msgstr "Dừng truyền tải thành công."
-++
-++#: vfs/ftpfs.c:378
-++#, c-format
-++msgid "ftpfs: Disconnecting from %s"
-++msgstr "ftpfs: Ngắt kết nối từ %s"
-++
-++#: vfs/ftpfs.c:433
-++msgid " FTP: Password required for "
-++msgstr " FTP: Cần mật khẩu cho "
-++
-++#: vfs/ftpfs.c:469
-++msgid "ftpfs: sending login name"
-++msgstr "ftpfs: đang gửi tên đăng nhập"
-++
-++#: vfs/ftpfs.c:473
-++msgid "ftpfs: sending user password"
-++msgstr "ftpfs: đang gửi mật khẩu người dùng"
-++
-++#: vfs/ftpfs.c:479
-++#, c-format
-++msgid "FTP: Account required for user %s"
-++msgstr "FTP: Yêu cầu tài khoản cho người dùng %s"
-++
-++#: vfs/ftpfs.c:481
-++msgid "Account:"
-++msgstr "Tài khoản:"
-++
-++#: vfs/ftpfs.c:485
-++msgid "ftpfs: sending user account"
-++msgstr "ftpfs: đang gửi tài khoản người dùng"
-++
-++#: vfs/ftpfs.c:495
-++msgid "ftpfs: logged in"
-++msgstr "ftpfs: đã đăng nhập"
-++
-++#: vfs/ftpfs.c:509
-++#, c-format
-++msgid "ftpfs: Login incorrect for user %s "
-++msgstr "ftpfs: lỗi đăng nhập cho người dùng %s "
-++
-++#: vfs/ftpfs.c:633
-++msgid "ftpfs: Invalid host name."
-++msgstr "ftpfs: Tên máy không đúng."
-++
-++#: vfs/ftpfs.c:651
-++msgid "ftpfs: Invalid host address."
-++msgstr "ftpfs: Địa chỉ không đúng."
-++
-++#: vfs/ftpfs.c:673
-++#, c-format
-++msgid "ftpfs: making connection to %s"
-++msgstr "ftpfs: Thực hiện kết nối với %s"
-++
-++#: vfs/ftpfs.c:683
-++msgid "ftpfs: connection interrupted by user"
-++msgstr "ftpfs: người dùng dừng kết nối giữa chừng"
-++
-++#: vfs/ftpfs.c:685
-++#, c-format
-++msgid "ftpfs: connection to server failed: %s"
-++msgstr "ftpfs: kết nối tới máy chủ không thành công: %s"
-++
-++#: vfs/ftpfs.c:726
-++#, c-format
-++msgid "Waiting to retry... %d (Control-C to cancel)"
-++msgstr "Chờ thử lại... %d (Control-C để hủy bỏ)"
-++
-++#: vfs/ftpfs.c:906
-++msgid "ftpfs: could not setup passive mode"
-++msgstr "ftpfs: không đặt được chế độ bị động (passive)"
-++
-++#: vfs/ftpfs.c:985
-++msgid "ftpfs: aborting transfer."
-++msgstr "ftpfs: dừng truyền tải."
-++
-++#: vfs/ftpfs.c:987
-++#, c-format
-++msgid "ftpfs: abort error: %s"
-++msgstr "ftpfs: lỗi thoát: %s"
-++
-++#: vfs/ftpfs.c:995
-++msgid "ftpfs: abort failed"
-++msgstr "ftpfs: sự cố thoát"
-++
-++#: vfs/ftpfs.c:1099 vfs/ftpfs.c:1203
-++msgid "ftpfs: CWD failed."
-++msgstr "ftpfs: CWD (thay đổi thư mục) không thành công."
-++
-++#: vfs/ftpfs.c:1109 vfs/ftpfs.c:1116
-++msgid "ftpfs: couldn't resolve symlink"
-++msgstr "ftpfs: không tìm được liên kết mềm"
-++
-++#: vfs/ftpfs.c:1167
-++msgid "Resolving symlink..."
-++msgstr "Đang tìm liên kết mềm..."
-++
-++#: vfs/ftpfs.c:1189
-++#, c-format
-++msgid "ftpfs: Reading FTP directory %s... %s%s"
-++msgstr "ftpfs: Đọc thư mục FTP %s... %s%s"
-++
-++#: vfs/ftpfs.c:1192
-++msgid "(strict rfc959)"
-++msgstr "(hạn chế rfc959)"
-++
-++#: vfs/ftpfs.c:1193
-++msgid "(chdir first)"
-++msgstr "(đầu tiên chdir)"
-++
-++#: vfs/ftpfs.c:1290
-++msgid "ftpfs: failed; nowhere to fallback to"
-++msgstr "ftpfs: lỗi; không có nơi nào để quay lại về"
-++
-++#: vfs/ftpfs.c:1355
-++#, c-format
-++msgid "ftpfs: storing file %lu (%lu)"
-++msgstr "ftpfs: ghi tập tin %lu (%lu)"
-++
-++#: vfs/ftpfs.c:1740
-++msgid ""
-++"~/.netrc file has incorrect mode.\n"
-++"Remove password or correct mode."
-++msgstr ""
-++"Tập tin ~/.netrc có chế độ truy cập/sở hữu không đúng.\n"
-++"Hãy xóa mật khẩu hoặc sửa lại chế độ cho đúng."
-++
-++#: vfs/mcfs.c:122 vfs/mcfs.c:167
-++msgid " MCFS "
-++msgstr " MCFS "
-++
-++#: vfs/mcfs.c:123
-++msgid " The server does not support this version "
-++msgstr " Máy chủ không hỗ trợ phiên bản này "
-++
-++#: vfs/mcfs.c:140
-++msgid ""
-++" The remote server is not running on a system port \n"
-++" you need a password to log in, but the information may \n"
-++" not be safe on the remote side. Continue? \n"
-++msgstr ""
-++" Máy chủ ở xa không chạy trên một cổng hệ thống. Cần \n"
-++" mật khẩu để đăng nhập vào, nhưng điều này có thể \n"
-++" không an toàn cho thông tin phía ở xa. Tiếp tục?\n"
-++
-++#: vfs/mcfs.c:153
-++msgid " MCFS Password required "
-++msgstr " Yêu cầu mật khẩu MCFS "
-++
-++#: vfs/mcfs.c:167
-++msgid " Invalid password "
-++msgstr " Mật khẩu không đúng "
-++
-++#: vfs/mcfs.c:227
-++#, c-format
-++msgid " Cannot locate hostname: %s "
-++msgstr " Không xác định được tên máy ở xa: %s"
-++
-++#: vfs/mcfs.c:246
-++#, c-format
-++msgid " Cannot create socket: %s "
-++msgstr " Không tạo được socket: %s "
-++
-++#: vfs/mcfs.c:252
-++#, c-format
-++msgid " Cannot connect to server: %s "
-++msgstr " Không kết nối được tới máy chủ: %s "
-++
-++#: vfs/mcfs.c:322
-++msgid " Too many open connections "
-++msgstr " Quá nhiều kết nối mở "
-++
-++#: vfs/sfs.c:346
-++#, c-format
-++msgid ""
-++"Warning: Invalid line in %s:\n"
-++"%s\n"
-++msgstr ""
-++"Cảnh báo: dòng không đúng trong %s:\n"
-++"%s\n"
-++
-++#: vfs/sfs.c:358
-++#, c-format
-++msgid ""
-++"Warning: Invalid flag %c in %s:\n"
-++"%s\n"
-++msgstr ""
-++"Cảnh báo: Cờ không đúng %c trong %s:\n"
-++"%s\n"
-++
-++#: vfs/smbfs.c:576
-++#, c-format
-++msgid ""
-++" smbfs_reconnect to %s failed\n"
-++" "
-++msgstr ""
-++" smbfs_reconnect (kết nối lại) tới %s không thành công\n"
-++" "
-++
-++#: vfs/smbfs.c:1120
-++msgid " Authentication failed "
-++msgstr " Xác thực không thành công "
-++
-++#: vfs/smbfs.c:1632
-++#, c-format
-++msgid " Error %s creating directory %s "
-++msgstr " Lỗi %s khi tạo thư mục %s "
-++
-++#: vfs/smbfs.c:1655
-++#, c-format
-++msgid " Error %s removing directory %s "
-++msgstr " Lỗi %s khi xóa thư mục %s "
-++
-++#: vfs/smbfs.c:1744
-++#, c-format
-++msgid " %s opening remote file %s "
-++msgstr " %s khi mở tập tin ở xa %s "
-++
-++#: vfs/smbfs.c:1817
-++#, c-format
-++msgid " %s removing remote file %s "
-++msgstr " %s khi xoá tập tin ở xa %s "
-++
-++#: vfs/smbfs.c:1855
-++#, c-format
-++msgid " %s renaming files\n"
-++msgstr " %s khi đổi tên các tập tin\n"
-++
-++#: vfs/tar.c:212 vfs/tar.c:229
-++#, c-format
-++msgid ""
-++"Cannot open tar archive\n"
-++"%s"
-++msgstr ""
-++"Không mở được tập tin nén tar\n"
-++"%s"
-++
-++#: vfs/tar.c:424
-++msgid "Unexpected EOF on archive file"
-++msgstr "Kết thúc tập tin EOF nén không mong đợi"
-++
-++#: vfs/tar.c:476 vfs/tar.c:483
-++msgid "Inconsistent tar archive"
-++msgstr "Tập tin tar không thích hợp"
-++
-++#: vfs/tar.c:561
-++#, c-format
-++msgid ""
-++"Hmm,...\n"
-++"%s\n"
-++"doesn't look like a tar archive."
-++msgstr ""
-++"Hừm,...\n"
-++"%s\n"
-++"không giống tập tin tar."
-++
-++#: vfs/undelfs.c:82
-++msgid " undelfs: error "
-++msgstr " undelfs: lỗi "
-++
-++#: vfs/undelfs.c:189
-++msgid " not enough memory "
-++msgstr " không đủ bộ nhớ "
-++
-++#: vfs/undelfs.c:194
-++msgid " while allocating block buffer "
-++msgstr " khi phân phối bộ đệm khối "
-++
-++#: vfs/undelfs.c:198
-++#, c-format
-++msgid " open_inode_scan: %d "
-++msgstr " open_inode_scan: %d "
-++
-++#: vfs/undelfs.c:202
-++#, c-format
-++msgid " while starting inode scan %d "
-++msgstr " khi bắt đầu quét chỉ mục nút inode %d "
-++
-++#: vfs/undelfs.c:211
-++#, c-format
-++msgid "undelfs: loading deleted files information %d inodes"
-++msgstr "undelfs: nạp thông tin về những tập tin bị xóa %d inode"
-++
-++#: vfs/undelfs.c:229
-++#, c-format
-++msgid " while calling ext2_block_iterate %d "
-++msgstr " khi gọi ext2_block_iterate %d "
-++
-++#: vfs/undelfs.c:241
-++msgid " no more memory while reallocating array "
-++msgstr " không đủ bộ nhớ khi phân phối lại chuỗi "
-++
-++#: vfs/undelfs.c:262
-++#, c-format
-++msgid " while doing inode scan %d "
-++msgstr " khi quét chỉ mục nút inode %d "
-++
-++#: vfs/undelfs.c:297
-++msgid " Ext2lib error "
-++msgstr " Lỗi Ext2lib "
-++
-++#: vfs/undelfs.c:325 vfs/undelfs.c:644
-++#, c-format
-++msgid " Cannot open file %s "
-++msgstr " Không mở được tập tin %s "
-++
-++#: vfs/undelfs.c:328
-++msgid "undelfs: reading inode bitmap..."
-++msgstr "undelfs: đọc sơ đồ bit của nút inode..."
-++
-++#: vfs/undelfs.c:331
-++#, c-format
-++msgid ""
-++" Cannot load inode bitmap from: \n"
-++" %s \n"
-++msgstr ""
-++" Không nạp được sơ đồ bit của nút inode từ:\n"
-++" %s \n"
-++
-++#: vfs/undelfs.c:334
-++msgid "undelfs: reading block bitmap..."
-++msgstr "undelfs: đọc sơ đồ bit của khối..."
-++
-++#: vfs/undelfs.c:337
-++#, c-format
-++msgid ""
-++" Cannot load block bitmap from: \n"
-++" %s \n"
-++msgstr ""
-++" Không nạp được sơ đồ bit của khối từ:\n"
-++" %s \n"
-++
-++#: vfs/undelfs.c:360
-++msgid " vfs_info is not fs! "
-++msgstr " vfs_info không phải là hệ thống tập tin! "
-++
-++#: vfs/undelfs.c:416 vfs/undelfs.c:600
-++msgid " You have to chdir to extract files first "
-++msgstr " Đầu tiên bạn phải chdir để chuyển tới thư mục chứa tập tin cần giản nén "
-++
-++#: vfs/undelfs.c:539
-++msgid " while iterating over blocks "
-++msgstr " khi lặp lại khối "
-++
-++#: vfs/vfs.c:880
-++msgid "Changes to file lost"
-++msgstr "Thay đổi tới tập tin bị mất"
-++
---- mc-4.6.1.orig/debian/patches/22_main.c.patch
-+++ mc-4.6.1/debian/patches/22_main.c.patch
-@@ -0,0 +1,51 @@
-+--- src/main.c Fri Nov 14 21:43:12 2003
-++++ src/main.c Fri Mar 18 15:36:41 2005
-+@@ -1597,21 +1597,45 @@
-+
-+ #define xtoolkit_panel_setup()
-+
-+-/* Show current directory in the xterm title */
-++/* Show hostname and current directory in the xterm title */
-+ void
-+ update_xterm_title_path (void)
-+ {
-+ unsigned char *p, *s;
-++ char *pvp;
-++ size_t pvlen;
-++ int pvresult;
-+
-+ if (xterm_flag && xterm_title) {
-++ // currrent path
-+ p = s = g_strdup (strip_home_and_password (current_panel->cwd));
-++ // hostname
-++ pvlen = strlen(p);
-++ pvp = g_malloc (pvlen + 64); //approach - max hostname length
-++ pvresult = gethostname(pvp, 63);
-++ if (pvresult) { // print just current path
-++ g_free (pvp);
-++ pvp = p;
-++ } else {
-++ s = pvp;
-++ do { // merge hostname with path
-++ if (!is_printable (*s))
-++ *s = '?';
-++ } while (*++s!=0x00);
-++ *s++=':';
-++ strcpy (s, p);
-++ g_free (p);
-++ }
-++
-+ do {
-+ if (!is_printable (*s))
-+ *s = '?';
-+ } while (*++s);
-+- fprintf (stdout, "\33]0;mc - %s\7", p);
-++// fprintf (stdout, "\33]0;mc - %s\7", p);
-++ fprintf (stdout, "\33]0;mc - %s\7", pvp);
-+ fflush (stdout);
-+- g_free (p);
-++// g_free (p);
-++ g_free (pvp);
-+ }
-+ }
-+
---- mc-4.6.1.orig/debian/patches/05_symcrash.patch
-+++ mc-4.6.1/debian/patches/05_symcrash.patch
-@@ -0,0 +1,45 @@
-+--- mc-4.6.1/src/util.c.symcrash 2005-09-13 12:32:54.000000000 +0200
-++++ mc-4.6.1/src/util.c 2005-09-13 12:39:09.000000000 +0200
-+@@ -1406,21 +1406,23 @@
-+ * as needed up in first and then goes down using second */
-+ char *diff_two_paths (const char *first, const char *second)
-+ {
-+- char *p, *q, *r, *s, *buf = 0;
-++ char *p, *q, *r, *s, *buf = NULL;
-+ int i, j, prevlen = -1, currlen;
-+ char *my_first = NULL, *my_second = NULL;
-+
-+ my_first = resolve_symlinks (first);
-+ if (my_first == NULL)
-+ return NULL;
-++ my_second= resolve_symlinks (second);
-++ if (my_second == NULL) {
-++ g_free (my_first);
-++ return NULL;
-++ }
-+ for (j = 0; j < 2; j++) {
-+ p = my_first;
-+ if (j) {
-+- my_second = resolve_symlinks (second);
-+- if (my_second == NULL) {
-+- g_free (my_first);
-++ if (my_second == NULL)
-+ return buf;
-+- }
-+ }
-+ q = my_second;
-+ for (;;) {
-+--- mc-4.6.1/src/file.c.symcrash 2005-09-13 12:32:54.000000000 +0200
-++++ mc-4.6.1/src/file.c 2005-09-13 12:29:16.000000000 +0200
-+@@ -387,9 +387,9 @@
-+ char *p, *q, *s;
-+
-+ const char *r = strrchr (src_path, PATH_SEP);
-+-
-++
-+ if (r) {
-+- p = g_strndup (src_path, r - src_path);
-++ p = g_strndup (src_path, r - src_path + 1);
-+ if (*dst_path == PATH_SEP)
-+ q = g_strdup (dst_path);
-+ else
---- mc-4.6.1.orig/debian/patches/36_developer_mode.patch
-+++ mc-4.6.1/debian/patches/36_developer_mode.patch
-@@ -0,0 +1,42 @@
-+--- configure.ac 2005-04-19 23:12:27.000000000 +0200
-++++ configure.ac 2005-04-19 23:14:32.000000000 +0200
-+@@ -556,15 +556,7 @@
-+ AC_DEFINE(USE_INCLUDED_SLANG, 1, [Use the S-Lang included here])
-+ fi
-+
-+-if test x"$USE_MAINTAINER_MODE" = x"yes"; then
-+- if test x"${enable_gcc_warnings+set}" != x"set"; then
-+- if test x"${GCC}" = x"yes"; then
-+- CFLAGS="-Wall $CFLAGS"
-+- fi
-+- fi
-+-fi
-+-
-+-ri_GCC_WARNINGS
-++MC_ARG_ENABLE_DEVELOPER_MODE()
-+
-+ AC_SUBST(CFLAGS)
-+ AC_SUBST(CPPFLAGS)
-+--- acinclude.m4 2005-01-11 10:15:33.000000000 +0100
-++++ acinclude.m4 2005-04-19 23:12:27.000000000 +0200
-+@@ -898,3 +898,20 @@
-+ [Define if functions cannot be renamed by asm labels])
-+ fi
-+ ])
-++
-++AC_DEFUN([MC_ARG_ENABLE_DEVELOPER_MODE],
-++[AC_ARG_ENABLE([developer-mode],
-++ AS_HELP_STRING([--enable-developer-mode], [Enable debugging help]))
-++AM_CONDITIONAL([DEVELOPER], [test x"$enable_developer_mode" = x"yes"])
-++if test x"$enable_developer_mode" = x"yes"; then
-++ AC_DEFINE([MC_ENABLE_DEBUGGING_CODE], [1], [Enable debugging code])
-++ if test x"$GCC" = x"yes"; then
-++dnl Developers get some useful warnings and debugging support.
-++dnl This will make the backtrace output more readable.
-++ CFLAGS="-W -Wall -ggdb ${CFLAGS}"
-++ fi
-++elif test x"$GCC" = x"yes"; then
-++dnl Some warnings cannot hurt at all
-++ CFLAGS="-Wall"
-++fi
-++])
---- mc-4.6.1.orig/debian/patches/10_it.po.patch
-+++ mc-4.6.1/debian/patches/10_it.po.patch
-@@ -0,0 +1,11 @@
-+--- mc-4.6.0-4.6.1-pre4.orig/po/it.po
-++++ mc-4.6.0-4.6.1-pre4/po/it.po
-+@@ -2097,7 +2097,7 @@
-+
-+ #: src/filegui.c:524
-+ msgid "A&ppend"
-+-msgstr "Atta&cca"
-++msgstr "atta&Cca"
-+
-+ #: src/filegui.c:527
-+ msgid "Overwrite this target?"
---- mc-4.6.1.orig/debian/patches/09_de.po.patch
-+++ mc-4.6.1/debian/patches/09_de.po.patch
-@@ -0,0 +1,56 @@
-+--- po/de.po.orig 2005-06-11 16:42:51.000000000 +0200
-++++ po/de.po 2005-06-14 18:55:30.000000000 +0200
-+@@ -1411,7 +1411,7 @@
-+ #: src/cmd.c:988
-+ #, c-format
-+ msgid " edit symlink: %s "
-+-msgstr " symbolschen Link barbeiten: %s"
-++msgstr " symbolschen Link bearbeiten: %s"
-+
-+ #: src/cmd.c:999
-+ #, c-format
-+@@ -1561,7 +1561,7 @@
-+ " Cannot create temporary command file \n"
-+ " %s "
-+ msgstr ""
-+-" Kann temporäre Befehlsdaei nicht anlegen \n"
-++" Kann temporäre Befehlsdatei nicht anlegen \n"
-+ " %s "
-+
-+ #: src/ext.c:117 src/user.c:585
-+@@ -1669,7 +1669,7 @@
-+ " Cannot stat source file \"%s\" \n"
-+ " %s "
-+ msgstr ""
-+-" Kann Quelldaei \"%s\" nicht untersuchen \n"
-++" Kann Quelldatei \"%s\" nicht untersuchen \n"
-+ " %s "
-+
-+ #: src/file.c:517 src/file.c:1058
-+@@ -2575,7 +2575,7 @@
-+ #: src/learn.c:115
-+ #, c-format
-+ msgid " You have entered \"%s\""
-+-msgstr " Sie haben \"%s\" einggeben"
-++msgstr " Sie haben \"%s\" eingegeben"
-+
-+ #. TRANSLATORS: This label appears near learned keys. Keep it short.
-+ #: src/learn.c:164
-+@@ -2667,7 +2667,7 @@
-+
-+ #: src/main.c:811 src/main.c:835
-+ msgid "S&hell link..."
-+-msgstr "Shell-Verbindung..."
-++msgstr "S&hell-Verbindung..."
-+
-+ #: src/main.c:813 src/main.c:837
-+ msgid "SM&B link..."
-+@@ -4199,7 +4199,7 @@
-+ #: vfs/ftpfs.c:684
-+ #, c-format
-+ msgid "ftpfs: connection to server failed: %s"
-+-msgstr "ftpfs: Verbindung zum Server fehlgeschlgen: %s"
-++msgstr "ftpfs: Verbindung zum Server fehlgeschlagen: %s"
-+
-+ #: vfs/ftpfs.c:725
-+ #, c-format
---- mc-4.6.1.orig/debian/patches/60_recode.patch
-+++ mc-4.6.1/debian/patches/60_recode.patch
-@@ -0,0 +1,1550 @@
-+diff -urN mc-4.6.1-orig/edit/editkeys.c mc-4.6.1/edit/editkeys.c
-+--- mc-4.6.1-orig/edit/editkeys.c 2005-05-27 21:19:18.000000000 +0700
-++++ mc-4.6.1/edit/editkeys.c 2005-07-30 23:13:14.000000000 +0700
-+@@ -205,7 +205,7 @@
-+
-+ #ifdef HAVE_CHARSET
-+ if (x_key == XCTRL ('t')) {
-+- do_select_codepage ();
-++ do_select_codepage (_(" Choose codepage "));
-+
-+ edit->force = REDRAW_COMPLETELY;
-+ command = CK_Refresh;
-+ä×ÏÉÞÎÙÅ ÆÁÊÌÙ mc-4.6.1-orig/po/ru.gmo É mc-4.6.1/po/ru.gmo ÒÁÚÌÉÞÁÀÔÓÑ
-+diff -urN mc-4.6.1-orig/po/ru.po mc-4.6.1/po/ru.po
-+--- mc-4.6.1-orig/po/ru.po 2005-07-23 23:53:30.000000000 +0700
-++++ mc-4.6.1/po/ru.po 2005-07-30 23:17:02.000000000 +0700
-+@@ -4503,3 +4503,32 @@
-+ #: vfs/vfs.c:894
-+ msgid "Changes to file lost"
-+ msgstr "éÚÍÅÎÅÎÉÑ ÄÌÑ ÆÁÊÌÁ ÐÏÔÅÒÑÎÙ"
-++
-++#: messages for recode patch
-++msgid "Panel &codepage"
-++msgstr "ëÏÄÉÒÏ×ËÁ ÐÁÎÅÌÉ"
-++
-++msgid " Choose codepage "
-++msgstr " ÷ÙÂÅÒÉÔÅ ËÏÄÉÒÏ×ËÕ"
-++
-++msgid " Choose panel codepage "
-++msgstr " ÷ÙÂÅÒÉÔÅ ËÏÄÉÒÏ×ËÕ ÐÁÎÅÌÉ "
-++
-++msgid " Choose default FTP codepage "
-++msgstr " ÷ÙÂÅÒÉÔÅ ËÏÄÉÒÏ×ËÕ FTP ÐÏ ÕÍÏÌÞÁÎÉÀ "
-++
-++msgid "FTP default codepage:"
-++msgstr "ëÏÄÉÒÏ×ËÁ FTP ÐÏ ÕÍÏÌÞÁÎÉÀ:"
-++
-++msgid "Recode file names:"
-++msgstr "ðÅÒÅËÏÄÉÒÏ×ÁÔØ ÉÍÅÎÁ:"
-++
-++msgid "Recoding works only with COPY/MOVE operation"
-++msgstr "ðÅÒÅËÏÄÉÒÏ×ËÁ ÒÁÂÏÔÁÅÔ ÔÏÌØËÏ ÄÌÑ ÏÐÅÒÁÃÉÊ ËÏÐÉÒÏ×ÁÎÉÑ/ÐÅÒÅÍÅÝÅÎÉÑ"
-++
-++msgid " Choose \"FROM\" codepage for COPY/MOVE operaion "
-++msgstr" ÷ÙÂÅÒÉÔÅ ÎÁÞÁÌØÎÕÀ ËÏÄÉÒÏ×ËÕ ÄÌÑ ÏÐÅÒÁÃÉÉ ËÏÐÉÒÏ×ÁÎÉÑ/ÐÅÒÅÍÅÝÅÎÉÑ "
-++
-++msgid " Choose \"TO\" codepage for COPY/MOVE operaion "
-++msgstr" ÷ÙÂÅÒÉÔÅ ËÏÎÅÞÎÕÀ ËÏÄÉÒÏ×ËÕ ÄÌÑ ÏÐÅÒÁÃÉÉ ËÏÐÉÒÏ×ÁÎÉÑ/ÐÅÒÅÍÅÝÅÎÉÑ "
-++
-+diff -urN mc-4.6.1-orig/src/boxes.c mc-4.6.1/src/boxes.c
-+--- mc-4.6.1-orig/src/boxes.c 2005-05-27 21:19:18.000000000 +0700
-++++ mc-4.6.1/src/boxes.c 2005-07-31 01:20:52.000000000 +0700
-+@@ -49,6 +49,7 @@
-+ #ifdef HAVE_CHARSET
-+ #include "charsets.h"
-+ #include "selcodepage.h"
-++#include "recode.h"
-+ #endif
-+
-+ #ifdef USE_NETCODE
-+@@ -446,8 +447,8 @@
-+ }
-+ }
-+
-+-#define DISPY 11
-+-#define DISPX 46
-++#define DISPY 13
-++#define DISPX 35
-+
-+
-+ #ifndef HAVE_CHARSET
-+@@ -543,26 +544,61 @@
-+
-+
-+ static int new_display_codepage;
-++static int new_ftp_codepage;
-+
-+-static WLabel *cplabel;
-+ static WCheck *inpcheck;
-+
-++static WButton *cpbutton;
-++static WButton *cpbutton_ftp;
-++
-+ static int
-+ sel_charset_button (int action)
-+ {
-+ const char *cpname;
-+ char buf[64];
-+- new_display_codepage = select_charset (new_display_codepage, 1);
-++ new_display_codepage = select_charset (new_display_codepage, 1, _(" Choose input codepage "));
-+ cpname = (new_display_codepage < 0)
-+ ? _("Other 8 bit")
-+ : codepages[new_display_codepage].name;
-+
-+ /* avoid strange bug with label repainting */
-+- g_snprintf (buf, sizeof (buf), "%-27s", cpname);
-+- label_set_text (cplabel, buf);
-++ sprintf( buf, "%s", cpname );
-++ button_set_text (cpbutton, buf);
-++
-++ if(new_display_codepage<0) new_ftp_codepage=-1;
-++ cpname = (new_ftp_codepage < 0)
-++ ? _("Other 8 bit")
-++ : codepages[ new_ftp_codepage ].name;
-++ sprintf( buf, "%s", cpname );
-++ button_set_text (cpbutton_ftp, buf);
-++
-+ return 0;
-+ }
-+
-++static int sel_charset_button_ftp(int action) {
-++ char *cpname, buf[64];
-++ if(new_display_codepage>0) {
-++ new_ftp_codepage = select_charset(new_ftp_codepage, 0, _(" Choose default FTP codepage "));
-++ cpname = (new_display_codepage < 0)
-++ ? _("Other 8 bit")
-++ : codepages[ new_display_codepage ].name;
-++ sprintf( buf, "%s", cpname );
-++ button_set_text( cpbutton, buf );
-++ cpname = (new_ftp_codepage < 0)
-++ ? _("Other 8 bit")
-++ : codepages[ new_ftp_codepage ].name;
-++ sprintf( buf, "%s", cpname );
-++ button_set_text( cpbutton_ftp, buf );
-++ }
-++ else {
-++ message( 1, _(" Warning "),
-++ _("To use this feature select your codepage in\n"
-++ "Setup / Display Bits dialog!\n"
-++ "Do not forget to save options." ));
-++ }
-++ return 0;
-++}
-++
-+ static Dlg_head *
-+ init_disp_bits_box (void)
-+ {
-+@@ -581,9 +617,6 @@
-+ cpname = (new_display_codepage < 0)
-+ ? _("Other 8 bit")
-+ : codepages[new_display_codepage].name;
-+- cplabel = label_new (4, 4, cpname);
-+- add_widget (dbits_dlg, cplabel);
-+-
-+ add_widget (dbits_dlg,
-+ button_new (DISPY - 3, DISPX / 2 + 3, B_CANCEL,
-+ NORMAL_BUTTON, _("&Cancel"), 0));
-+@@ -592,13 +625,30 @@
-+ 0));
-+
-+ inpcheck =
-+- check_new (6, 4, !use_8th_bit_as_meta, _("F&ull 8 bits input"));
-++ check_new (8, 4, !use_8th_bit_as_meta, _("F&ull 8 bits input"));
-+ add_widget (dbits_dlg, inpcheck);
-+
-+- cpname = _("&Select");
-+- add_widget (dbits_dlg,
-+- button_new (4, DISPX - 8 - mbstrlen (cpname), B_USER,
-+- NORMAL_BUTTON, cpname, sel_charset_button));
-++
-++ add_widget( dbits_dlg, label_new( 5, 4, _("FTP default codepage:")));
-++ if(n_codepages>0) {
-++ cpname = (new_display_codepage < 0)
-++ ? _("Other 8 bit")
-++ : codepages[ new_display_codepage ].name;
-++ }
-++ else cpname= _("Other 8 bit");
-++ cpbutton=button_new(4, 5, B_USER,
-++ NORMAL_BUTTON, cpname, sel_charset_button);
-++
-++ if(n_codepages>0) {
-++ cpname = (new_ftp_codepage < 0)
-++ ? _("Other 8 bit")
-++ : codepages[ new_ftp_codepage ].name;
-++ }
-++ else cpname= _("Other 8 bit");
-++ cpbutton_ftp=button_new(6, 5, B_USER,
-++ NORMAL_BUTTON, cpname, sel_charset_button_ftp);
-++ add_widget( dbits_dlg, cpbutton_ftp);
-++ add_widget (dbits_dlg, cpbutton);
-+
-+ return dbits_dlg;
-+ }
-+@@ -608,6 +658,7 @@
-+ {
-+ Dlg_head *dbits_dlg;
-+ new_display_codepage = display_codepage;
-++ new_ftp_codepage = ftp_codepage;
-+
-+ application_keypad_mode ();
-+ dbits_dlg = init_disp_bits_box ();
-+@@ -628,6 +679,17 @@
-+ && display_codepage != 1) ? 128 : 160;
-+ #endif
-+ use_8th_bit_as_meta = !(inpcheck->state & C_BOOL);
-++
-++ ftp_codepage=new_ftp_codepage;
-++ if(display_codepage<=0) {
-++ panel_reset_codepage(left_panel);
-++ paint_dir(left_panel);
-++ display_mini_info(left_panel);
-++ panel_reset_codepage(right_panel);
-++ paint_dir(right_panel);
-++ display_mini_info(right_panel);
-++ }
-++
-+ }
-+ destroy_dlg (dbits_dlg);
-+ repaint_screen ();
-+diff -urN mc-4.6.1-orig/src/charsets.c mc-4.6.1/src/charsets.c
-+--- mc-4.6.1-orig/src/charsets.c 2005-07-23 23:52:02.000000000 +0700
-++++ mc-4.6.1/src/charsets.c 2005-07-30 23:31:28.000000000 +0700
-+@@ -119,8 +119,6 @@
-+ }
-+ }
-+
-+-#define OTHER_8BIT "Other_8_bit"
-+-
-+ const char *
-+ get_codepage_id (int n)
-+ {
-+@@ -139,7 +137,7 @@
-+ return -1;
-+ }
-+
-+-static char
-++char
-+ translate_character (iconv_t cd, char c)
-+ {
-+ char outbuf[4], *obuf;
-+diff -urN mc-4.6.1-orig/src/charsets.h mc-4.6.1/src/charsets.h
-+--- mc-4.6.1-orig/src/charsets.h 2004-08-30 17:38:00.000000000 +0700
-++++ mc-4.6.1/src/charsets.h 2005-07-30 23:32:37.000000000 +0700
-+@@ -6,6 +6,7 @@
-+ #define UNKNCHAR '\001'
-+
-+ #define CHARSETS_INDEX "mc.charsets"
-++#define OTHER_8BIT "Other_8_bit"
-+
-+ extern int n_codepages;
-+
-+@@ -19,6 +20,10 @@
-+
-+ extern struct codepage_desc *codepages;
-+
-++#include <iconv.h>
-++extern char translate_character(iconv_t cd, char c);
-++extern char errbuf[255];
-++
-+ const char *get_codepage_id (int n);
-+ int get_codepage_index (const char *id);
-+ int load_codepages_list (void);
-+diff -urN mc-4.6.1-orig/src/cmd.c mc-4.6.1/src/cmd.c
-+--- mc-4.6.1-orig/src/cmd.c 2005-05-27 21:19:18.000000000 +0700
-++++ mc-4.6.1/src/cmd.c 2005-07-30 23:41:23.000000000 +0700
-+@@ -74,6 +74,10 @@
-+ # include "../edit/edit.h"
-+ #endif
-+
-++#ifdef HAVE_CHARSET
-++#include "recode.h"
-++#endif
-++
-+ /* If set and you don't have subshell support,then C-o will give you a shell */
-+ int output_starts_shell = 0;
-+
-+@@ -350,6 +354,9 @@
-+ {
-+ char *tempdir;
-+ char *dir;
-++#ifdef HAVE_CHARSET
-++ char *recoded_dir;
-++#endif
-+
-+ dir =
-+ input_expand_dialog (_("Create a new Directory"),
-+@@ -360,8 +367,17 @@
-+
-+ if (dir[0] == '/' || dir[0] == '~')
-+ tempdir = g_strdup (dir);
-+- else
-+- tempdir = concat_dir_and_file (current_panel->cwd, dir);
-++ else {
-++#ifdef HAVE_CHARSET
-++ recoded_dir=g_strdup(dir);
-++ my_translate_string(dir,strlen(dir), recoded_dir,current_panel->tr_table_input);
-++ tempdir = concat_dir_and_file (current_panel->cwd, recoded_dir);
-++ g_free(recoded_dir);
-++#else
-++ tempdir = concat_dir_and_file (current_panel->cwd, dir);
-++#endif
-++ }
-++
-+ g_free (dir);
-+
-+ save_cwds_stat ();
-+diff -urN mc-4.6.1-orig/src/file.c mc-4.6.1/src/file.c
-+--- mc-4.6.1-orig/src/file.c 2005-05-27 21:19:18.000000000 +0700
-++++ mc-4.6.1/src/file.c 2005-07-30 23:55:00.000000000 +0700
-+@@ -77,6 +77,9 @@
-+ #include "../vfs/vfs-impl.h"
-+
-+ /* }}} */
-++#ifdef HAVE_CHARSET
-++#include "recode.h"
-++#endif
-+
-+ int verbose = 1;
-+
-+@@ -914,7 +917,11 @@
-+ }
-+ /* Dive into subdir if exists */
-+ if (toplevel && ctx->dive_into_subdirs) {
-+- dest_dir = concat_dir_and_file (d, x_basename (s));
-++#ifdef HAVE_CHARSET
-++ dest_dir = concat_dir_and_recoded_fname(d, x_basename (s), ctx);
-++#else
-++ dest_dir = concat_dir_and_file (d, x_basename (s));
-++#endif
-+ } else {
-+ dest_dir = g_strdup (d);
-+ goto dont_mkdir;
-+@@ -964,7 +971,11 @@
-+
-+ (*ctx->stat_func) (path, &buf);
-+ if (S_ISDIR (buf.st_mode)) {
-+- mdpath = concat_dir_and_file (dest_dir, next->d_name);
-++#ifdef HAVE_CHARSET
-++ mdpath = concat_dir_and_recoded_fname(dest_dir, next->d_name, ctx);
-++#else
-++ mdpath = concat_dir_and_file (dest_dir, next->d_name);
-++#endif
-+ /*
-+ * From here, we just intend to recursively copy subdirs, not
-+ * the double functionality of copying different when the target
-+@@ -975,7 +986,11 @@
-+ parent_dirs, progress_count, progress_bytes);
-+ g_free (mdpath);
-+ } else {
-+- dest_file = concat_dir_and_file (dest_dir, x_basename (path));
-++#ifdef HAVE_CHARSET
-++ dest_file=concat_dir_and_recoded_fname(dest_dir, x_basename(path),ctx);
-++#else
-++ dest_file = concat_dir_and_file (dest_dir, x_basename (path));
-++#endif
-+ return_status = copy_file_file (ctx, path, dest_file, 1,
-+ progress_count, progress_bytes, 0);
-+ g_free (dest_file);
-+@@ -1159,7 +1174,12 @@
-+ destdir = g_strdup (d);
-+ move_over = 1;
-+ } else
-+- destdir = concat_dir_and_file (d, x_basename (s));
-++#ifdef HAVE_CHARSET
-++ destdir = concat_dir_and_recoded_fname(d, x_basename (s), ctx);
-++#else
-++ destdir = concat_dir_and_file (d, x_basename (s));
-++#endif
-++
-+
-+ if (sbuf.st_dev == dbuf.st_dev && sbuf.st_ino == dbuf.st_ino) {
-+ int msize = COLS - 36;
-+@@ -1875,7 +1895,12 @@
-+ if (temp == NULL) {
-+ value = transform_error;
-+ } else {
-+- char *temp2 = concat_dir_and_file (dest, temp);
-++#ifdef HAVE_CHARSET
-++ char *temp2 = concat_dir_and_recoded_fname (dest, temp, ctx);
-++#else
-++ char *temp2 = concat_dir_and_file (dest, temp);
-++#endif
-++
-+ g_free (dest);
-+ dest = temp2;
-+ temp = NULL;
-+@@ -1969,7 +1994,12 @@
-+ if (temp == NULL)
-+ value = transform_error;
-+ else {
-+- char *temp2 = concat_dir_and_file (dest, temp);
-++#ifdef HAVE_CHARSET
-++ char *temp2 = concat_dir_and_recoded_fname(dest, temp, ctx);
-++#else
-++ char *temp2 = concat_dir_and_file (dest, temp);
-++#endif
-++
-+
-+ switch (operation) {
-+ case OP_COPY:
-+diff -urN mc-4.6.1-orig/src/filegui.c mc-4.6.1/src/filegui.c
-+--- mc-4.6.1-orig/src/filegui.c 2006-06-13 00:53:19.000000000 +0700
-++++ mc-4.6.1/src/filegui.c 2006-06-13 01:18:24.000000000 +0700
-+@@ -71,6 +71,10 @@
-+ #include "util.h" /* strip_password() */
-+ #include "tty.h"
-+
-++#ifdef HAVE_CHARSET
-++#include "recode.h"
-++#endif
-++
-+ /* }}} */
-+
-+ /* This structure describes the UI and internal data required by a file
-+@@ -722,57 +726,79 @@
-+ }
-+ }
-+
-++#ifdef HAVE_CHARSET
-++#define FMDY 15
-++#else
-+ #define FMDY 13
-++#endif
-++
-+ #define FMD_XLEN 64
-+ extern int fmd_xlen;
-+ static QuickWidget fmd_widgets[] = {
-+
-+-#define FMCB0 FMDC
-+-#define FMCB12 0
-+-#define FMCB11 1
-+- /* follow symlinks and preserve Attributes must be the first */
-+- {quick_checkbox, 3, 64, 8, FMDY, N_("preserve &Attributes"), 9, 0,
-+- 0 /* &op_preserve */ , 0, "preserve"},
-+- {quick_checkbox, 3, 64, 7, FMDY, N_("follow &Links"), 7, 0,
-+- 0 /* &file_mask_op_follow_links */ , 0, "follow"},
-+- {quick_label, 3, 64, 5, FMDY, N_("to:"), 0, 0, 0, 0, "to"},
-+- {quick_checkbox, 37, 64, 4, FMDY, N_("&Using shell patterns"), 0, 0,
-+- 0 /* &source_easy_patterns */ , 0, "using-shell"},
-+- {quick_input, 3, 64, 3, FMDY, "", 58,
-+- 0, 0, 0, "input-def"},
-+-#define FMDI1 4
-+-#define FMDI2 5
-+-#define FMDC 3
-+- {quick_input, 3, 64, 6, FMDY, "", 58, 0,
-+- 0, 0, "input2"},
-+-#define FMDI0 6
-+- {quick_label, 3, 64, 2, FMDY, "", 0, 0, 0, 0, "ql"},
-+-#define FMBRGT 7
-+- {quick_button, 42, 64, 9, FMDY, N_("&Cancel"), 0, B_CANCEL, 0, 0,
-+- "cancel"},
-+-#undef SKIP
-++#ifdef HAVE_CHARSET
-++ #define Y_OK 12
-++#else
-++ #define Y_OK 9
-++#endif
-++
-+ #ifdef WITH_BACKGROUND
-+-# define SKIP 5
-+-# define FMCB21 11
-+-# define FMCB22 10
-+-# define FMBLFT 9
-+-# define FMBMID 8
-+- {quick_button, 25, 64, 9, FMDY, N_("&Background"), 0, B_USER, 0, 0,
-+- "back"},
-+-#else /* WITH_BACKGROUND */
-+-# define SKIP 4
-+-# define FMCB21 10
-+-# define FMCB22 9
-+-# define FMBLFT 8
-+-# undef FMBMID
-+-#endif
-+- {quick_button, 14, 64, 9, FMDY, N_("&OK"), 0, B_ENTER, 0, 0, "ok"},
-+- {quick_checkbox, 42, 64, 8, FMDY, N_("&Stable Symlinks"), 0, 0,
-+- 0 /* &file_mask_stable_symlinks */ , 0, "stab-sym"},
-+- {quick_checkbox, 31, 64, 7, FMDY, N_("&Dive into subdir if exists"), 0,
-+- 0,
-+- 0 /* &dive_into_subdirs */ , 0, "dive"},
-+- NULL_QuickWidget
-++ #define ADD 0
-++#else
-++ #define ADD -1
-++#endif
-++
-++ #define FM_STAB_SYM 0
-++ #define FM_DIVE_INTO_SUBDIR 1
-++ #define FM_PRES_ATTR 2
-++ #define FM_FOLLOW_LINKS 3
-++ #define FM_DST_INPUT 4
-++ #define FM_DST_TITLE 5
-++ #define FM_USING_SHELL_PATT 6
-++ #define FM_SRC_INPUT 7
-++ #define FM_SRC_TITLE 8
-++ #define FM_CANCEL 9
-++#ifdef WITH_BACKGROUND
-++ #define FM_BKGND 10
-++#endif
-++ #define FM_OK 11+ADD
-++#ifdef HAVE_CHARSET
-++ #define FM_TO_CODEPAGE 12+ADD
-++ #define FM_FROM_CODEPAGE 13+ADD
-++ #define FM_RECODE_TITLE 14+ADD
-++ #define FM_RECODE_ARROW 15+ADD
-++#endif // HAVE_CHARSET
-++
-++
-++#ifdef HAVE_CHARSET
-++ #define SKIP 10
-++ #define B_FROM B_USER+1
-++ #define B_TO B_USER+2
-++#else
-++ #define SKIP 10
-++#endif
-++
-++ {quick_checkbox, 42,64, 8, FMDY, N_("&Stable Symlinks"),0,0,0,0,"stab-sym"},
-++ {quick_checkbox, 31,64, 7, FMDY, N_("&Dive into subdir if exists"),0,0,0,0,"dive"},
-++ {quick_checkbox, 3, 64, 8, FMDY, N_("preserve &Attributes"),9,0,0,0,"preserve"},
-++ {quick_checkbox, 3, 64, 7, FMDY, N_("follow &Links"),7,0,0,0,"follow"},
-++ {quick_input, 3, 64, 6, FMDY, "", 58, 0, 0, 0, "input2"},
-++ {quick_label, 3, 64, 5, FMDY, N_("to:"), 0, 0, 0, 0, "to"},
-++ {quick_checkbox, 37,64, 4, FMDY, N_("&Using shell patterns"),0,0, 0,0,"us-sh"},
-++ {quick_input, 3, 64, 3, FMDY, "", 58, 0, 0, 0, "input-def"},
-++ {quick_label, 3, 64, 2, FMDY, "", 0, 0, 0, 0, "ql"},
-++ {quick_button, 42,64, Y_OK, FMDY, N_("&Cancel"), 0, B_CANCEL, 0,0, "cancel"},
-++#ifdef WITH_BACKGROUND
-++ {quick_button, 25,64, Y_OK, FMDY, N_("&Background"), 0, B_USER, 0,0, "back"},
-++#endif
-++ {quick_button, 14,64, Y_OK, FMDY, N_("&OK"), 0, B_ENTER, 0, 0, "ok"},
-++#ifdef HAVE_CHARSET
-++ {quick_button, 46,64, 10, FMDY,"to codepage", 0, B_TO, 0, 0, "ql"},
-++ {quick_button, 25,64, 10, FMDY, "from codepage", 0, B_FROM, 0, 0, "ql"},
-++ {quick_label, 3, 64, 10, FMDY, N_("Recode file names:"), 0, 0, 0, 0, "ql"},
-++ {quick_label, 42,64, 10, FMDY, "->", 0, 0, 0, 0, "ql"},
-++#endif
-++ {0}
-+ };
-+
-+ static int
-+@@ -806,48 +832,48 @@
-+ if (fmd_widgets[i].text[0] != '\0')
-+ fmd_widgets[i].text = _(fmd_widgets[i].text);
-+
-+- len = mbstrlen (fmd_widgets[FMCB11].text)
-+- + mbstrlen (fmd_widgets[FMCB21].text) + 15;
-++ len = mbstrlen (fmd_widgets[FM_FOLLOW_LINKS].text)
-++ + mbstrlen (fmd_widgets[FM_DIVE_INTO_SUBDIR].text) + 15;
-+ fmd_xlen = max (fmd_xlen, len);
-+
-+- len = mbstrlen (fmd_widgets[FMCB12].text)
-+- + mbstrlen (fmd_widgets[FMCB22].text) + 15;
-++ len = mbstrlen (fmd_widgets[FM_PRES_ATTR].text)
-++ + mbstrlen (fmd_widgets[FM_STAB_SYM].text) + 15;
-+ fmd_xlen = max (fmd_xlen, len);
-+
-+- len = mbstrlen (fmd_widgets[FMBRGT].text)
-+- + mbstrlen (fmd_widgets[FMBLFT].text) + 11;
-++ len = mbstrlen (fmd_widgets[FM_CANCEL].text)
-++ + mbstrlen (fmd_widgets[FM_OK].text) + 11;
-+
-+-#ifdef FMBMID
-+- len += mbstrlen (fmd_widgets[FMBMID].text) + 6;
-++#ifdef FM_BKGND
-++ len += mbstrlen (fmd_widgets[FM_BKGND].text) + 6;
-+ #endif
-+
-+ fmd_xlen = max (fmd_xlen, len + 4);
-+
-+ len = (fmd_xlen - (len + 6)) / 2;
-+- i = fmd_widgets[FMBLFT].relative_x = len + 3;
-+- i += mbstrlen (fmd_widgets[FMBLFT].text) + 8;
-++ i = fmd_widgets[FM_OK].relative_x = len + 3;
-++ i += mbstrlen (fmd_widgets[FM_OK].text) + 8;
-+
-+-#ifdef FMBMID
-+- fmd_widgets[FMBMID].relative_x = i;
-+- i += mbstrlen (fmd_widgets[FMBMID].text) + 6;
-++#ifdef FM_BKGND
-++ fmd_widgets[FM_BKGND].relative_x = i;
-++ i += mbstrlen (fmd_widgets[FM_BKGND].text) + 6;
-+ #endif
-+
-+- fmd_widgets[FMBRGT].relative_x = i;
-++ fmd_widgets[FM_CANCEL].relative_x = i;
-+
-+ #define chkbox_xpos(i) \
-+ fmd_widgets [i].relative_x = fmd_xlen - mbstrlen (fmd_widgets [i].text) - 6
-+
-+- chkbox_xpos (FMCB0);
-+- chkbox_xpos (FMCB21);
-+- chkbox_xpos (FMCB22);
-++ chkbox_xpos (FM_USING_SHELL_PATT);
-++ chkbox_xpos (FM_DIVE_INTO_SUBDIR);
-++ chkbox_xpos (FM_STAB_SYM);
-+
-+ if (fmd_xlen != FMD_XLEN) {
-+ i = sizeof (fmd_widgets) / sizeof (fmd_widgets[0]) - 1;
-+ while (i--)
-+ fmd_widgets[i].x_divisions = fmd_xlen;
-+
-+- fmd_widgets[FMDI1].hotkey_pos =
-+- fmd_widgets[FMDI2].hotkey_pos = fmd_xlen - 6;
-++ fmd_widgets[FM_SRC_INPUT].hotkey_pos =
-++ fmd_widgets[FM_DST_INPUT].hotkey_pos = fmd_xlen - 6;
-+ }
-+ #undef chkbox_xpos
-+
-+@@ -867,6 +893,9 @@
-+ int val;
-+ QuickDialog Quick_input;
-+ char *def_text;
-++#ifdef HAVE_CHARSET
-++ char *errmsg;
-++#endif
-+ g_return_val_if_fail (ctx != NULL, NULL);
-+
-+ def_text = g_strdup(def_text_orig);
-+@@ -884,10 +913,11 @@
-+
-+ /* Set up the result pointers */
-+
-+- fmd_widgets[FMCB12].result = &ctx->op_preserve;
-+- fmd_widgets[FMCB11].result = &ctx->follow_links;
-+- fmd_widgets[FMCB22].result = &ctx->stable_symlinks;
-+- fmd_widgets[FMCB21].result = &ctx->dive_into_subdirs;
-++ fmd_widgets[FM_PRES_ATTR].result = &ctx->op_preserve;
-++ fmd_widgets[FM_FOLLOW_LINKS].result = &ctx->follow_links;
-++ fmd_widgets[FM_STAB_SYM].result = &ctx->stable_symlinks;
-++ fmd_widgets[FM_DIVE_INTO_SUBDIR].result = &ctx->dive_into_subdirs;
-++
-+
-+ /* filter out a possible password from def_text */
-+ def_text_secure = strip_password (g_strdup (def_text), 1);
-+@@ -895,8 +925,9 @@
-+ /* Create the dialog */
-+
-+ ctx->stable_symlinks = 0;
-+- fmd_widgets[FMDC].result = &source_easy_patterns;
-+- fmd_widgets[FMDI1].text = easy_patterns ? "*" : "^\\(.*\\)$";
-++ fmd_widgets[FM_USING_SHELL_PATT].result = &source_easy_patterns;
-++ fmd_widgets[FM_SRC_INPUT].text = easy_patterns ? "*" : "^\\(.*\\)$";
-++
-+ Quick_input.xlen = fmd_xlen;
-+ Quick_input.xpos = -1;
-+ Quick_input.title = op_names[operation];
-+@@ -904,19 +935,37 @@
-+ Quick_input.ylen = FMDY;
-+ Quick_input.i18n = 1;
-+ Quick_input.widgets = fmd_widgets;
-+- fmd_widgets[FMDI0].text = text;
-+- fmd_widgets[FMDI2].text = def_text_secure;
-+- fmd_widgets[FMDI2].str_result = &dest_dir;
-+- fmd_widgets[FMDI1].str_result = &source_mask;
-++ fmd_widgets[FM_SRC_TITLE].text = text;
-++ fmd_widgets[FM_DST_INPUT].text = def_text_secure;
-++ fmd_widgets[FM_DST_INPUT].str_result = &dest_dir;
-++ fmd_widgets[FM_SRC_INPUT].str_result = &source_mask;
-+
-+ *do_background = 0;
-++
-++#ifdef HAVE_CHARSET
-++ ctx->from_codepage=current_panel->src_codepage;
-++ ctx->to_codepage=left_panel->src_codepage;
-++ if (left_panel) {
-++ ctx->to_codepage=left_panel->src_codepage;
-++ if( (current_panel==left_panel) && right_panel ) ctx->to_codepage=right_panel->src_codepage;
-++ }
-++#endif
-++
-+ ask_file_mask:
-+
-++#ifdef HAVE_CHARSET
-++ if(operation!=OP_COPY && operation!=OP_MOVE) {
-++ ctx->from_codepage=-1;
-++ ctx->to_codepage=-1;
-++ }
-++ fmd_widgets[FM_FROM_CODEPAGE].text=get_codepage_id(ctx->from_codepage);
-++ fmd_widgets[FM_TO_CODEPAGE].text=get_codepage_id(ctx->to_codepage);
-++#endif
-++
-+ if ((val = quick_dialog_skip (&Quick_input, SKIP)) == B_CANCEL) {
-+ g_free (def_text_secure);
-+ return 0;
-+ }
-+- g_free (def_text_secure);
-+
-+ if (ctx->follow_links)
-+ ctx->stat_func = (mc_stat_fn) mc_stat;
-+@@ -938,6 +984,7 @@
-+ orig_mask = source_mask;
-+ if (!dest_dir || !*dest_dir) {
-+ g_free (source_mask);
-++ g_free (def_text_secure);
-+ g_free(def_text);
-+ return dest_dir;
-+ }
-+@@ -992,6 +1039,48 @@
-+ }
-+ if (val == B_USER)
-+ *do_background = 1;
-++#ifdef HAVE_CHARSET
-++ if(val == B_FROM) {
-++ if(operation==OP_COPY || operation==OP_MOVE) {
-++ if(display_codepage<=0) {
-++ message( 1, _(" Warning "),
-++ _("To use this feature select your codepage in\n"
-++ "Setup / Display Bits dialog!\n"
-++ "Do not forget to save options." ));
-++ goto ask_file_mask;
-++ }
-++ ctx->from_codepage=select_charset(ctx->from_codepage,0,
-++ _(" Choose \"FROM\" codepage for COPY/MOVE operaion "));
-++ }
-++ else
-++ message(1,"Warning",_("Recoding works only with COPY or MOVE operation"));
-++ goto ask_file_mask;
-++ }
-++ if(val == B_TO) {
-++ if(operation==OP_COPY || operation==OP_MOVE) {
-++ if(display_codepage<=0) {
-++ message( 1, _(" Warning "),
-++ _("To use this feature select your codepage in\n"
-++ "Setup / Display Bits dialog!\n"
-++ "Do not forget to save options." ));
-++ goto ask_file_mask;
-++ }
-++ ctx->to_codepage=select_charset(ctx->to_codepage,0,
-++ _(" Choose \"TO\" codepage for COPY/MOVE operaion "));
-++ }
-++ else
-++ message(1,"Warning",_("Recoding works only with COPY or MOVE operation"));
-++ goto ask_file_mask;
-++ }
-++
-++ errmsg=my_init_tt(ctx->to_codepage,ctx->from_codepage,ctx->tr_table);
-++ if(errmsg) {
-++ my_reset_tt(ctx->tr_table,256);
-++ message( 1, MSG_ERROR, "%s", errmsg);
-++ }
-++#endif
-++
-++ g_free(def_text_secure);
-+ g_free(def_text);
-+ return dest_dir;
-+ }
-+diff -urN mc-4.6.1-orig/src/fileopctx.c mc-4.6.1/src/fileopctx.c
-+--- mc-4.6.1-orig/src/fileopctx.c 2005-05-27 21:19:18.000000000 +0700
-++++ mc-4.6.1/src/fileopctx.c 2005-07-31 00:01:14.000000000 +0700
-+@@ -24,8 +24,12 @@
-+ #include <unistd.h>
-+
-+ #include "global.h"
-+-#include "fileopctx.h"
-+
-++#ifdef HAVE_CHARSET
-++#include "recode.h"
-++#endif
-++
-++#include "fileopctx.h"
-+
-+ /**
-+ * file_op_context_new:
-+@@ -52,6 +56,12 @@
-+ ctx->umask_kill = 0777777;
-+ ctx->erase_at_end = TRUE;
-+
-++#ifdef HAVE_CHARSET
-++ ctx->from_codepage=-1;
-++ ctx->to_codepage=-1;
-++ my_reset_tt(ctx->tr_table,256);
-++#endif
-++
-+ return ctx;
-+ }
-+
-+diff -urN mc-4.6.1-orig/src/fileopctx.h mc-4.6.1/src/fileopctx.h
-+--- mc-4.6.1-orig/src/fileopctx.h 2004-10-07 01:06:26.000000000 +0700
-++++ mc-4.6.1/src/fileopctx.h 2005-07-31 00:03:00.000000000 +0700
-+@@ -108,6 +108,14 @@
-+ /* User interface data goes here */
-+
-+ void *ui;
-++
-++#ifdef HAVE_CHARSET
-++ /* Recode data */
-++ int from_codepage, to_codepage;
-++ unsigned char tr_table[256];
-++ unsigned char recode_buf[MC_MAXPATHLEN];
-++#endif
-++
-+ } FileOpContext;
-+
-+
-+diff -urN mc-4.6.1-orig/src/main.c mc-4.6.1/src/main.c
-+--- mc-4.6.1-orig/src/main.c 2005-07-23 23:52:02.000000000 +0700
-++++ mc-4.6.1/src/main.c 2005-07-31 00:08:01.000000000 +0700
-+@@ -86,6 +86,7 @@
-+
-+ #ifdef HAVE_CHARSET
-+ #include "charsets.h"
-++#include "recode.h"
-+ #endif /* HAVE_CHARSET */
-+
-+ #ifdef USE_VFS
-+@@ -102,6 +103,7 @@
-+ /* The structures for the panels */
-+ WPanel *left_panel = NULL;
-+ WPanel *right_panel = NULL;
-++WPanel* ret_panel=NULL;
-+
-+ /* The pointer to the tree */
-+ WTree *the_tree = NULL;
-+@@ -585,6 +587,7 @@
-+ }
-+ directory = *new_dir ? new_dir : home_dir;
-+
-++ ret_panel=panel;
-+ if (mc_chdir (directory) == -1) {
-+ strcpy (panel->cwd, olddir);
-+ g_free (olddir);
-+@@ -798,6 +801,10 @@
-+ {' ', N_("&Quick view C-x q"), 'Q', quick_view_cmd},
-+ {' ', N_("&Info C-x i"), 'I', info_cmd},
-+ {' ', N_("&Tree"), 'T', tree_cmd},
-++#ifdef HAVE_CHARSET
-++ {' ', "", ' ', 0},
-++ {' ', N_("Panel &codepage"), 'C', fnc_l_cmd},
-++#endif
-+ {' ', "", ' ', 0},
-+ {' ', N_("&Sort order..."), 'S', sort_cmd},
-+ {' ', "", ' ', 0},
-+@@ -822,6 +829,10 @@
-+ {' ', N_("&Quick view C-x q"), 'Q', quick_view_cmd},
-+ {' ', N_("&Info C-x i"), 'I', info_cmd},
-+ {' ', N_("&Tree"), 'T', tree_cmd},
-++#ifdef HAVE_CHARSET
-++ {' ', "", ' ', 0},
-++ {' ', N_("Panel &codepage"), 'C', fnc_r_cmd},
-++#endif
-+ {' ', "", ' ', 0},
-+ {' ', N_("&Sort order..."), 'S', sort_cmd},
-+ {' ', "", ' ', 0},
-+diff -urN mc-4.6.1-orig/src/Makefile.am mc-4.6.1/src/Makefile.am
-+--- mc-4.6.1-orig/src/Makefile.am 2005-06-08 19:27:19.000000000 +0700
-++++ mc-4.6.1/src/Makefile.am 2005-07-31 01:30:09.000000000 +0700
-+@@ -40,7 +40,8 @@
-+ mc_LDADD = $(EDITLIB) $(SLANGLIB) $(VFSLIB) \
-+ $(INTLLIBS) $(GLIB_LIBS) $(MCLIBS) $(LIBICONV)
-+
-+-CHARSET_SRC = charsets.c charsets.h selcodepage.c selcodepage.h
-++CHARSET_SRC = charsets.c charsets.h selcodepage.c selcodepage.h \
-++ recode.c recode.h
-+
-+ SRCS = achown.c achown.h background.c background.h boxes.c boxes.h \
-+ chmod.c chmod.h chown.c chown.h cmd.c cmd.h color.c color.h \
-+@@ -55,8 +56,8 @@
-+ menu.c menu.h mountlist.c mountlist.h mouse.c mouse.h myslang.h \
-+ option.c option.h panel.h panelize.c panelize.h poptalloca.h \
-+ popt.c poptconfig.c popt.h popthelp.c poptint.h poptparse.c \
-+- profile.c profile.h regex.c rxvt.c screen.c setup.c setup.h \
-+- slint.c subshell.c subshell.h textconf.c textconf.h \
-++ profile.c profile.h regex.c rxvt.c screen.c screen.h setup.c \
-++ setup.h slint.c subshell.c subshell.h textconf.c textconf.h \
-+ tree.c tree.h treestore.c treestore.h tty.h user.c user.h \
-+ util.c util.h utilunix.c view.c view.h vfsdummy.h widget.c \
-+ widget.h win.c win.h wtools.c wtools.h \
-+diff -urN mc-4.6.1-orig/src/Makefile.in mc-4.6.1/src/Makefile.in
-+--- mc-4.6.1-orig/src/Makefile.in 2005-07-23 23:53:15.000000000 +0700
-++++ mc-4.6.1/src/Makefile.in 2005-07-31 01:47:59.000000000 +0700
-+@@ -84,12 +84,12 @@
-+ mouse.c mouse.h myslang.h option.c option.h panel.h panelize.c \
-+ panelize.h poptalloca.h popt.c poptconfig.c popt.h popthelp.c \
-+ poptint.h poptparse.c profile.c profile.h regex.c rxvt.c \
-+- screen.c setup.c setup.h slint.c subshell.c subshell.h \
-++ screen.c screen.h setup.c setup.h slint.c subshell.c subshell.h \
-+ textconf.c textconf.h tree.c tree.h treestore.c treestore.h \
-+ tty.h user.c user.h util.c util.h utilunix.c view.c view.h \
-+ vfsdummy.h widget.c widget.h win.c win.h wtools.c wtools.h \
-+ x11conn.h x11conn.c charsets.c charsets.h selcodepage.c \
-+- selcodepage.h
-++ selcodepage.h recode.c recode.h
-+ am__objects_1 = achown.$(OBJEXT) background.$(OBJEXT) boxes.$(OBJEXT) \
-+ chmod.$(OBJEXT) chown.$(OBJEXT) cmd.$(OBJEXT) color.$(OBJEXT) \
-+ command.$(OBJEXT) complete.$(OBJEXT) cons.handler.$(OBJEXT) \
-+@@ -109,7 +109,8 @@
-+ util.$(OBJEXT) utilunix.$(OBJEXT) view.$(OBJEXT) \
-+ widget.$(OBJEXT) win.$(OBJEXT) wtools.$(OBJEXT) \
-+ x11conn.$(OBJEXT)
-+-am__objects_2 = charsets.$(OBJEXT) selcodepage.$(OBJEXT)
-++am__objects_2 = charsets.$(OBJEXT) selcodepage.$(OBJEXT) recode.$(OBJEXT)
-++
-+ @CHARSET_FALSE@am_mc_OBJECTS = $(am__objects_1)
-+ @CHARSET_TRUE@am_mc_OBJECTS = $(am__objects_1) $(am__objects_2)
-+ mc_OBJECTS = $(am_mc_OBJECTS)
-+@@ -342,7 +343,8 @@
-+ mc_LDADD = $(EDITLIB) $(SLANGLIB) $(VFSLIB) \
-+ $(INTLLIBS) $(GLIB_LIBS) $(MCLIBS) $(LIBICONV)
-+
-+-CHARSET_SRC = charsets.c charsets.h selcodepage.c selcodepage.h
-++CHARSET_SRC = charsets.c charsets.h selcodepage.c selcodepage.h \
-++ recode.c recode.h
-+ SRCS = achown.c achown.h background.c background.h boxes.c boxes.h \
-+ chmod.c chmod.h chown.c chown.h cmd.c cmd.h color.c color.h \
-+ command.c command.h complete.c complete.h cons.handler.c \
-+@@ -356,8 +358,8 @@
-+ menu.c menu.h mountlist.c mountlist.h mouse.c mouse.h myslang.h \
-+ option.c option.h panel.h panelize.c panelize.h poptalloca.h \
-+ popt.c poptconfig.c popt.h popthelp.c poptint.h poptparse.c \
-+- profile.c profile.h regex.c rxvt.c screen.c setup.c setup.h \
-+- slint.c subshell.c subshell.h textconf.c textconf.h \
-++ profile.c profile.h regex.c rxvt.c screen.c screen.h setup.c \
-++ setup.h slint.c subshell.c subshell.h textconf.c textconf.h \
-+ tree.c tree.h treestore.c treestore.h tty.h user.c user.h \
-+ util.c util.h utilunix.c view.c view.h vfsdummy.h widget.c \
-+ widget.h win.c win.h wtools.c wtools.h \
-+diff -urN mc-4.6.1-orig/src/panel.h mc-4.6.1/src/panel.h
-+--- mc-4.6.1-orig/src/panel.h 2004-08-29 23:55:51.000000000 +0700
-++++ mc-4.6.1/src/panel.h 2005-07-31 00:12:04.000000000 +0700
-+@@ -71,6 +71,19 @@
-+
-+ int searching;
-+ char search_buffer [256];
-++
-++#ifdef HAVE_CHARSET
-++ int src_codepage;
-++ unsigned char tr_table[256], tr_table_input[256];
-++#endif
-++
-++#ifdef USE_VFS
-++ #ifdef HAVE_CHARSET
-++ int ret_codepage;
-++ #endif
-++ int is_return;
-++ char retdir[MC_MAXPATHLEN];
-++#endif
-+ } WPanel;
-+
-+ WPanel *panel_new (const char *panel_name);
-+@@ -96,6 +109,7 @@
-+ extern WPanel *left_panel;
-+ extern WPanel *right_panel;
-+ extern WPanel *current_panel;
-++extern WPanel* ret_panel;
-+
-+ void try_to_select (WPanel *panel, const char *name);
-+
-+diff -urN mc-4.6.1-orig/src/recode.c mc-4.6.1/src/recode.c
-+--- mc-4.6.1-orig/src/recode.c 1970-01-01 07:00:00.000000000 +0700
-++++ mc-4.6.1/src/recode.c 2005-07-31 02:39:42.000000000 +0700
-+@@ -0,0 +1,153 @@
-++#include "recode.h"
-++#ifdef HAVE_CHARSET
-++
-++char *lang;
-++char lang_codepage_name[256];
-++int lang_codepage;
-++
-++int ftp_codepage=-1;
-++
-++// recode buffer for displaying file names
-++unsigned char recode_buf[MC_MAXPATHLEN];
-++
-++WPanel* recode_panel;
-++
-++//--- get codepage from $LANG
-++void get_locale_codepage() {
-++ char* a;
-++ char* b;
-++ int len;
-++
-++ lang=getenv("LANG");
-++ if(!lang) {
-++ strncpy(lang_codepage_name,OTHER_8BIT, sizeof(OTHER_8BIT));
-++ lang_codepage=-1;
-++ return;
-++ }
-++
-++ a=strchr(lang,'.');
-++ if(!a) {
-++ strncpy(lang_codepage_name,OTHER_8BIT, sizeof(OTHER_8BIT));
-++ lang_codepage=-1;
-++ return;
-++ }
-++ ++a;
-++
-++ b=strchr(lang,'@');
-++ if(!b) b=lang+strlen(lang);
-++
-++ len=b-a;
-++ if(len>=sizeof(lang_codepage_name)) len=sizeof(lang_codepage_name)-1;
-++
-++ memcpy(lang_codepage_name,a, len);
-++ lang_codepage_name[len]='\0';
-++ lang_codepage=get_codepage_index(lang_codepage_name);
-++ if(lang_codepage<0) strncpy(lang_codepage_name,OTHER_8BIT, sizeof(OTHER_8BIT));
-++}
-++
-++//--- reset translation table
-++void my_reset_tt(unsigned char *table,int n) {
-++ int i;
-++ for(i=0;i<n;i++) table[i]=i;
-++}
-++
-++//--- reset panel codepage
-++void panel_reset_codepage(WPanel *p) {
-++ p->src_codepage=-1;
-++ my_reset_tt(p->tr_table,256);
-++ my_reset_tt(p->tr_table_input,256);
-++}
-++
-++//--- Initialize translation table
-++// i need this function because init_translation_table from
-++// charsets.c fills only fixed translation tables conv_displ and conv_input
-++//---
-++char* my_init_tt( int from, int to, unsigned char *table) {
-++ int i;
-++ iconv_t cd;
-++ char *cpfrom, *cpto;
-++
-++ if(from < 0 || to < 0 || from == to) {
-++ my_reset_tt(table,256);
-++ return NULL;
-++ }
-++ my_reset_tt(table,128);
-++ cpfrom=codepages[from ].id;
-++ cpto=codepages[to].id;
-++ cd=iconv_open(cpfrom, cpto);
-++ if(cd==(iconv_t)-1) {
-++ snprintf(errbuf, 255, _("Cannot translate from %s to %s"), cpfrom, cpto);
-++ return errbuf;
-++ }
-++ for(i=128; i<=255; ++i) table[i] = translate_character(cd, i);
-++ iconv_close(cd);
-++ return NULL;
-++}
-++
-++//--- Translate string from one codepage to another
-++void my_translate_string(unsigned char *s1,int l1, unsigned char *s2, unsigned char *table) {
-++ int i=0;
-++ if(!s1) return;
-++ while(i<l1) {
-++ s2[i]=table[s1[i]];
-++ i++;
-++ }
-++ s2[i]=0;
-++}
-++
-++//--- Recode filename and concat in to dir
-++char* concat_dir_and_recoded_fname(const char *dir, const char *fname, FileOpContext *ctx) {
-++ int i = strlen (dir);
-++
-++ my_translate_string((unsigned char*)fname,strlen(fname),ctx->recode_buf,ctx->tr_table);
-++ if (dir [i-1] == PATH_SEP)
-++ return g_strconcat (dir, ctx->recode_buf, NULL);
-++ else
-++ return g_strconcat (dir, PATH_SEP_STR, ctx->recode_buf, NULL);
-++ return 0;
-++}
-++
-++
-++//--- Internal handler for "Panel codepage"
-++static void fnc_cmd(WPanel *p) {
-++ char *errmsg;
-++ if(display_codepage > 0) {
-++ p->src_codepage=select_charset(p->src_codepage, 0, _(" Choose panel codepage "));
-++ errmsg=my_init_tt(display_codepage,p->src_codepage,p->tr_table);
-++ if(errmsg) {
-++ panel_reset_codepage(p);
-++ message( 1, MSG_ERROR, "%s", errmsg);
-++ }
-++ errmsg=my_init_tt(p->src_codepage,display_codepage,p->tr_table_input);
-++ if (errmsg) {
-++ panel_reset_codepage(p);
-++ message( 1, MSG_ERROR, "%s", errmsg );
-++ }
-++ paint_dir(p);
-++ show_dir(p);
-++ display_mini_info(p);
-++ }
-++ else {
-++ message( 1, _(" Warning "),
-++ _("To use this feature select your codepage in\n"
-++ "Setup / Display Bits dialog!\n"
-++ "Do not forget to save options." ));
-++ }
-++}
-++
-++//--- Menu handlers for "Panel codepage" for left and right panel menu
-++
-++void fnc_l_cmd() {
-++ fnc_cmd(left_panel);
-++}
-++
-++void fnc_r_cmd() {
-++ fnc_cmd(right_panel);
-++}
-++
-++//--- screen handler for "Panel codepage"
-++void fnc_c_cmd(WPanel *panel) {
-++ fnc_cmd(current_panel);
-++}
-++
-++#endif //HAVE_CHARSET
-+diff -urN mc-4.6.1-orig/src/recode.h mc-4.6.1/src/recode.h
-+--- mc-4.6.1-orig/src/recode.h 1970-01-01 07:00:00.000000000 +0700
-++++ mc-4.6.1/src/recode.h 2005-07-31 02:39:13.000000000 +0700
-+@@ -0,0 +1,48 @@
-++#ifndef __RECODE_H__
-++#define __RECODE_H__
-++#include <config.h>
-++#ifdef HAVE_CHARSET
-++
-++#include <stdio.h>
-++#include <locale.h>
-++#include <iconv.h>
-++
-++#include "global.h"
-++#include "wtools.h"
-++#include "panel.h"
-++#include "charsets.h"
-++#include "selcodepage.h"
-++#include "screen.h"
-++#include "main.h"
-++#include "fileopctx.h"
-++
-++extern char *lang;
-++extern char lang_codepage_name[256];
-++extern int lang_codepage;
-++
-++extern int ftp_codepage;
-++
-++// recode buffer for displaying file names
-++extern unsigned char recode_buf[MC_MAXPATHLEN];
-++extern WPanel* recode_panel;
-++
-++//--- get codepage from $LANG
-++extern void get_locale_codepage();
-++
-++//--- reset translation table
-++extern void my_reset_tt(unsigned char *table,int n);
-++//--- reset panel codepage
-++extern void panel_reset_codepage(WPanel *p);
-++//--- Initialize translation table
-++extern char* my_init_tt( int from, int to, unsigned char *table);
-++//--- Translate string from one codepage to another
-++extern void my_translate_string(unsigned char *s1,int l1, unsigned char *s2, unsigned char *table);
-++//--- Recode filename and concat in to dir
-++extern char* concat_dir_and_recoded_fname(const char *dir, const char *fname, FileOpContext *ctx);
-++//--- handlers for "Panel codepage"
-++extern void fnc_l_cmd();
-++extern void fnc_r_cmd();
-++extern void fnc_c_cmd(WPanel *panel);
-++
-++#endif // HAVE_CHARSET
-++#endif //__RECODE_H__
-+diff -urN mc-4.6.1-orig/src/screen.c mc-4.6.1/src/screen.c
-+--- mc-4.6.1-orig/src/screen.c 2006-06-13 00:21:48.000000000 +0700
-++++ mc-4.6.1/src/screen.c 2006-06-13 00:42:17.000000000 +0700
-+@@ -48,6 +48,10 @@
-+ #define WANT_WIDGETS
-+ #include "main.h" /* the_menubar */
-+
-++#ifdef HAVE_CHARSET
-++#include "recode.h"
-++#endif
-++
-+ #define ELEMENTS(arr) ( sizeof(arr) / sizeof((arr)[0]) )
-+
-+ #define J_LEFT 1
-+@@ -170,6 +174,7 @@
-+ string_file_name (file_entry *fe, int len)
-+ {
-+ size_t i;
-++ char* filename;
-+ #ifdef UTF8
-+ static char buffer [BUF_SMALL * 4];
-+ mbstate_t s;
-+@@ -181,6 +186,13 @@
-+ static char buffer [BUF_SMALL];
-+ #endif
-+
-++#ifdef HAVE_CHARSET
-++ my_translate_string(fe->fname,fe->fnamelen, recode_buf, recode_panel->tr_table);
-++ filename= recode_buf;
-++#else
-++ filename=fe->fname;
-++#endif
-++
-+ #ifdef UTF8
-+ if (SLsmg_Is_Unicode)
-+ for (i = 0; i < sizeof (buffer) - 1; i++) {
-+@@ -212,7 +224,7 @@
-+ for (i = 0; i < sizeof(buffer) - 1; i++) {
-+ char c;
-+
-+- c = fe->fname[i];
-++ c= filename[i];
-+
-+ if (!c)
-+ break;
-+@@ -698,6 +710,10 @@
-+ int second_column = 0;
-+ int width, offset;
-+
-++#ifdef HAVE_CHARSET
-++ recode_panel=panel;
-++#endif
-++
-+ offset = 0;
-+ if (!isstatus && panel->split){
-+
-+@@ -737,7 +753,7 @@
-+ }
-+ }
-+
-+-static void
-++void
-+ display_mini_info (WPanel *panel)
-+ {
-+ if (!show_mini_info)
-+@@ -798,7 +814,7 @@
-+ return;
-+ }
-+
-+-static void
-++void
-+ paint_dir (WPanel *panel)
-+ {
-+ int i;
-+@@ -836,7 +852,7 @@
-+ #endif /* !HAVE_SLANG */
-+ }
-+
-+-static void
-++void
-+ show_dir (WPanel *panel)
-+ {
-+ char *tmp;
-+@@ -864,8 +880,15 @@
-+ tmp = g_malloc (panel->widget.cols + 1);
-+ tmp[panel->widget.cols] = '\0';
-+
-++#ifdef HAVE_CHARSET
-++ my_translate_string(panel->cwd,strlen(panel->cwd),recode_buf, panel->tr_table);
-++ trim (strip_home_and_password (recode_buf), tmp,
-++ min (max (panel->widget.cols - 7, 0), panel->widget.cols) );
-++#else
-+ trim (strip_home_and_password (panel->cwd), tmp,
-+ min (max (panel->widget.cols - 7, 0), panel->widget.cols) );
-++#endif
-++
-+ addstr (tmp);
-+ g_free (tmp);
-+ widget_move (&panel->widget, 0, 1);
-+@@ -1077,6 +1100,17 @@
-+ mc_get_current_wd (panel->cwd, sizeof (panel->cwd) - 2);
-+ strcpy (panel->lwd, ".");
-+
-++#ifdef HAVE_CHARSET
-++ panel_reset_codepage(panel);
-++#endif
-++
-++#ifdef USE_VFS
-++ panel->is_return=0;
-++ #ifdef HAVE_CHARSET
-++ panel->ret_codepage=-1;
-++ #endif
-++#endif
-++
-+ panel->hist_name = g_strconcat ("Dir Hist ", panel_name, (char *) NULL);
-+ panel->dir_history = history_get (panel->hist_name);
-+ directory_history_add (panel, panel->cwd);
-+@@ -2234,7 +2268,12 @@
-+ { XCTRL('n'), move_down }, /* C-n like emacs */
-+ { XCTRL('s'), start_search }, /* C-s like emacs */
-+ { ALT('s'), start_search }, /* M-s not like emacs */
-++#ifndef HAVE_CHARSET
-+ { XCTRL('t'), mark_file },
-++#endif
-++#ifdef HAVE_CHARSET
-++ { XCTRL('t'), mark_file }, /* was 'fnc_c_cmd' */
-++#endif
-+ { ALT('o'), chdir_other_panel },
-+ { ALT('l'), chdir_to_readlink },
-+ { ALT('H'), directory_history_list },
-+diff -urN mc-4.6.1-orig/src/screen.h mc-4.6.1/src/screen.h
-+--- mc-4.6.1-orig/src/screen.h 1970-01-01 07:00:00.000000000 +0700
-++++ mc-4.6.1/src/screen.h 2005-07-31 00:26:59.000000000 +0700
-+@@ -0,0 +1,11 @@
-++#ifndef __SCREEN_H__
-++#define __SCREEN_H__
-++#include <config.h>
-++
-++#include "global.h"
-++
-++extern void paint_dir (WPanel *panel);
-++extern void display_mini_info (WPanel *panel);
-++extern void show_dir(WPanel *panel);
-++#endif //__SCREEN_H__
-++
-+diff -urN mc-4.6.1-orig/src/selcodepage.c mc-4.6.1/src/selcodepage.c
-+--- mc-4.6.1-orig/src/selcodepage.c 2005-05-27 21:19:18.000000000 +0700
-++++ mc-4.6.1/src/selcodepage.c 2005-07-31 00:31:43.000000000 +0700
-+@@ -44,14 +44,16 @@
-+ }
-+
-+ int
-+-select_charset (int current_charset, int seldisplay)
-++select_charset (int current_charset, int seldisplay, const char *title)
-+ {
-++ int new_charset;
-++
-+ int i, menu_lines = n_codepages + 1;
-+ char buffer[255];
-+
-+ /* Create listbox */
-+ Listbox *listbox = create_listbox_window (ENTRY_LEN + 2, menu_lines,
-+- _(" Choose input codepage "),
-++ title,
-+ "[Codepages Translation]");
-+
-+ if (!seldisplay)
-+@@ -81,20 +83,26 @@
-+
-+ i = run_listbox (listbox);
-+
-+- return (seldisplay) ? ((i >= n_codepages) ? -1 : i)
-+- : (i - 1);
-++ if(i==-1)
-++ i = (seldisplay)
-++ ? ((current_charset < 0) ? n_codepages : current_charset)
-++ : (current_charset + 1);
-++
-++ new_charset =(seldisplay) ? ( (i >= n_codepages) ? -1 : i ) : ( i-1 );
-++ new_charset = (new_charset==-2) ? current_charset:new_charset;
-++ return new_charset;
-+ }
-+
-+ /* Helper functions for codepages support */
-+
-+
-+ int
-+-do_select_codepage (void)
-++do_select_codepage (const char *title)
-+ {
-+ const char *errmsg;
-+
-+ if (display_codepage > 0) {
-+- source_codepage = select_charset (source_codepage, 0);
-++ source_codepage = select_charset (source_codepage, 0, title);
-+ errmsg =
-+ init_translation_table (source_codepage, display_codepage);
-+ if (errmsg) {
-+diff -urN mc-4.6.1-orig/src/selcodepage.h mc-4.6.1/src/selcodepage.h
-+--- mc-4.6.1-orig/src/selcodepage.h 2002-10-31 05:16:16.000000000 +0600
-++++ mc-4.6.1/src/selcodepage.h 2005-07-31 00:31:33.000000000 +0700
-+@@ -2,8 +2,8 @@
-+ #ifndef __SELCODEPAGE_H__
-+ #define __SELCODEPAGE_H__
-+
-+-int select_charset (int current_charset, int seldisplay);
-+-int do_select_codepage (void);
-++int select_charset (int current_charset, int seldisplay, const char *title);
-++int do_select_codepage (const char *title);
-+
-+ #endif /* __SELCODEPAGE_H__ */
-+ #endif /* HAVE_CHARSET */
-+diff -urN mc-4.6.1-orig/src/setup.c mc-4.6.1/src/setup.c
-+--- mc-4.6.1-orig/src/setup.c 2005-05-27 21:19:18.000000000 +0700
-++++ mc-4.6.1/src/setup.c 2005-07-31 00:36:33.000000000 +0700
-+@@ -47,6 +47,8 @@
-+
-+ #ifdef HAVE_CHARSET
-+ #include "charsets.h"
-++#include"recode.h"
-++#include "wtools.h"
-+ #endif
-+
-+ #ifdef USE_NETCODE
-+@@ -255,6 +257,11 @@
-+ g_snprintf (buffer, sizeof (buffer), "%d", panel->user_mini_status);
-+ save_string (section, "user_mini_status", buffer,
-+ profile_name);
-++
-++#ifdef HAVE_CHARSET
-++ // save panel codepage
-++ save_string(section, "panel_display_codepage", get_codepage_id(panel->src_codepage), profile_name);
-++#endif
-+ }
-+
-+ void
-+@@ -352,6 +359,7 @@
-+ #ifdef HAVE_CHARSET
-+ save_string( "Misc", "display_codepage",
-+ get_codepage_id( display_codepage ), profile_name );
-++ save_string( "Misc", "ftp_codepage", get_codepage_id(ftp_codepage), profile_name);
-+ #endif /* HAVE_CHARSET */
-+
-+ g_free (profile);
-+@@ -401,6 +409,31 @@
-+ panel->user_mini_status =
-+ load_int (section, "user_mini_status", 0);
-+
-++#ifdef HAVE_CHARSET
-++//--- Loading panel codepage
-++ panel_reset_codepage(panel);
-++ if(load_codepages_list()>0) {
-++ char cpname[128];
-++ char *errmsg;
-++
-++
-++ if(display_codepage>=0) {
-++ load_string(section, "panel_display_codepage", "", cpname, sizeof(cpname));
-++ if(cpname[0]!='\0') panel->src_codepage = get_codepage_index(cpname);
-++ }
-++
-++ errmsg=my_init_tt(display_codepage,panel->src_codepage,panel->tr_table);
-++ if(errmsg) {
-++ panel_reset_codepage(panel);
-++ message( 1, MSG_ERROR, "%s", errmsg );
-++ }
-++ errmsg=my_init_tt(panel->src_codepage,display_codepage,panel->tr_table_input);
-++ if(errmsg) {
-++ panel_reset_codepage(panel);
-++ message( 1, MSG_ERROR, "%s", errmsg );
-++ }
-++ }
-++#endif
-+ }
-+
-+ static void
-+@@ -543,12 +576,18 @@
-+ #endif /* USE_VFS && USE_NETCODE */
-+
-+ #ifdef HAVE_CHARSET
-+- if ( load_codepages_list() > 0 ) {
-+- char cpname[128];
-+- load_string( "Misc", "display_codepage", "",
-+- cpname, sizeof(cpname) );
-+- if ( cpname[0] != '\0' )
-+- display_codepage = get_codepage_index( cpname );
-++ if(load_codepages_list() > 0) {
-++ char cpname[128];
-++ get_locale_codepage();
-++ load_string("Misc", "display_codepage", "", cpname, sizeof(cpname));
-++ if(cpname[0] != '\0') display_codepage=get_codepage_index(cpname);
-++ else display_codepage=lang_codepage;
-++
-++ ftp_codepage=-1;
-++ if(display_codepage >= 0) {
-++ load_string( "Misc", "ftp_codepage", "", cpname, sizeof(cpname));
-++ if(cpname[0] != '\0') ftp_codepage=get_codepage_index(cpname);
-++ }
-+ }
-+
-+ init_translation_table( source_codepage, display_codepage );
-+diff -urN mc-4.6.1-orig/src/view.c mc-4.6.1/src/view.c
-+--- mc-4.6.1-orig/src/view.c 2005-05-27 21:19:18.000000000 +0700
-++++ mc-4.6.1/src/view.c 2005-07-31 00:37:29.000000000 +0700
-+@@ -2534,7 +2534,7 @@
-+
-+ #ifdef HAVE_CHARSET
-+ case XCTRL ('t'):
-+- do_select_codepage ();
-++ do_select_codepage (_(" Choose codepage "));
-+ view->dirty++;
-+ view_update (view, TRUE);
-+ return MSG_HANDLED;
-+diff -urN mc-4.6.1-orig/vfs/vfs.c mc-4.6.1/vfs/vfs.c
-+--- mc-4.6.1-orig/vfs/vfs.c 2005-05-27 21:19:19.000000000 +0700
-++++ mc-4.6.1/vfs/vfs.c 2005-07-31 00:42:45.000000000 +0700
-+@@ -49,6 +49,11 @@
-+ #include "smbfs.h"
-+ #include "local.h"
-+
-++#include "../src/panel.h"
-++#ifdef HAVE_CHARSET
-++#include "../src/recode.h"
-++#endif
-++
-+ /* They keep track of the current directory */
-+ static struct vfs_class *current_vfs;
-+ static char *current_dir;
-+@@ -681,8 +686,66 @@
-+ vfsid old_vfsid;
-+ int result;
-+
-++#ifdef HAVE_CHARSET
-++ char* errmsg;
-++#endif
-++ WPanel* p=ret_panel;
-++
-+ new_dir = vfs_canon (path);
-+ new_vfs = vfs_get_class (new_dir);
-++ old_vfsid = vfs_getid (current_vfs, current_dir);
-++ old_vfs = current_vfs;
-++
-++ if(p) {
-++
-++ // Change from localfs to ftpfs
-++ ret_panel=NULL;
-++ if( (strcmp(old_vfs->name,"localfs")==0) &&
-++ (strcmp(new_vfs->name,"ftpfs")==0)){
-++ p->is_return=1;
-++ strncpy(p->retdir,current_dir, MC_MAXPATHLEN);
-++#ifdef HAVE_CHARSET
-++ p->ret_codepage=p->src_codepage;
-++ p->src_codepage=ftp_codepage;
-++ errmsg=my_init_tt(display_codepage,p->src_codepage,p->tr_table);
-++ if(errmsg) {
-++ panel_reset_codepage(p);
-++ message( 1, MSG_ERROR, "%s", errmsg );
-++ }
-++ errmsg=my_init_tt(p->src_codepage,display_codepage,p->tr_table_input);
-++ if(errmsg) {
-++ panel_reset_codepage(p);
-++ message( 1, MSG_ERROR, "%s", errmsg );
-++ }
-++#endif
-++ }
-++
-++ // Change from ftpfs to localfs
-++ if( (strcmp(old_vfs->name,"ftpfs")==0) &&
-++ (strcmp(new_vfs->name,"localfs")==0) &&
-++ p->is_return){
-++ p->is_return=0;
-++ g_free(new_dir);
-++ new_dir = vfs_canon (p->retdir);
-++ new_vfs = vfs_get_class (new_dir);
-++#ifdef HAVE_CHARSET
-++ p->src_codepage=p->ret_codepage;
-++ errmsg=my_init_tt(display_codepage,p->src_codepage,p->tr_table);
-++ if(errmsg) {
-++ panel_reset_codepage(p);
-++ message( 1, MSG_ERROR, "%s", errmsg );
-++ }
-++ errmsg=my_init_tt(p->src_codepage,display_codepage,p->tr_table_input);
-++ if(errmsg) {
-++ panel_reset_codepage(p);
-++ message( 1, MSG_ERROR, "%s", errmsg );
-++ }
-++#endif
-++ }
-++ }
-++
-++
-++
-+ if (!new_vfs->chdir) {
-+ g_free (new_dir);
-+ return -1;
-+@@ -696,9 +759,6 @@
-+ return -1;
-+ }
-+
-+- old_vfsid = vfs_getid (current_vfs, current_dir);
-+- old_vfs = current_vfs;
-+-
-+ /* Actually change directory */
-+ g_free (current_dir);
-+ current_dir = new_dir;
---- mc-4.6.1.orig/debian/patches/02_debian_syntax.patch
-+++ mc-4.6.1/debian/patches/02_debian_syntax.patch
-@@ -0,0 +1,118 @@
-+diff -urN mc-4.6.0-pre2.orig/syntax/debian-changelog.syntax mc-4.6.0-pre2/syntax/debian-changelog.syntax
-+--- mc-4.6.0-pre2.orig/syntax/debian-changelog.syntax 1970-01-01 01:00:00.000000000 +0100
-++++ mc-4.6.0-pre2/syntax/debian-changelog.syntax 2002-12-29 18:11:08.000000000 +0100
-+@@ -0,0 +1,20 @@
-++context default
-++
-++ keyword linestart \s\s\* brightcyan/17
-++ keyword linestart \s-- brightred/19
-++ keyword linestart \s\s\s\s\+ cyan/17
-++
-++ keyword <*@*> brightred/19
-++ keyword whole experimental; brightmagenta/magenta
-++ keyword whole unstable; brightmagenta/magenta
-++ keyword whole stable; brightmagenta/magenta
-++ keyword whole urgency=low yellow/24
-++ keyword whole urgency=medium brightgreen/6
-++ keyword whole urgency=high white/25
-++ keyword whole urgency=LOW yellow/24
-++ keyword whole urgency=MEDIUM brightgreen/6
-++ keyword whole urgency=HIGH white/25
-++
-++ keyword whole bug white/25
-++ keyword whole Bug white/25
-++ keyword whole BUG white/25
-+diff -urN mc-4.6.0-pre2.orig/syntax/debian-control.syntax mc-4.6.0-pre2/syntax/debian-control.syntax
-+--- mc-4.6.0-pre2.orig/syntax/debian-control.syntax 1970-01-01 01:00:00.000000000 +0100
-++++ mc-4.6.0-pre2/syntax/debian-control.syntax 2002-12-29 18:11:13.000000000 +0100
-+@@ -0,0 +1,23 @@
-++context default
-++ keyword linestart Source brightmagenta/20
-++ keyword linestart Section brightmagenta/20
-++ keyword linestart Priority brightmagenta/20
-++ keyword linestart Maintainer brightmagenta/20
-++ keyword linestart Standards-Version brightmagenta/20
-++ keyword linestart Package green/6
-++ keyword linestart Architecture green/6
-++ keyword linestart Depends green/6
-++ keyword linestart Recommends green/6
-++ keyword linestart Suggests green/6
-++ keyword linestart Conflicts green/6
-++ keyword linestart Replaces green/6
-++ keyword linestart Provides green/6
-++ keyword linestart Pre-Depends green/6
-++ keyword linestart Build-Depends green/6
-++ keyword linestart Build-Depends-Indep green/6
-++ keyword linestart Build-Conflicts green/6
-++ keyword linestart Build-Conflicts-Indep green/6
-++ keyword linestart Description green/6
-++ keyword <*@*> brightred/19
-++
-++context linestart \s \n brown/22
-+diff -urN mc-4.6.0-pre2.orig/syntax/debian-sources-list.syntax mc-4.6.0-pre2/syntax/debian-sources-list.syntax
-+--- mc-4.6.0-pre2.orig/syntax/debian-sources-list.syntax 1970-01-01 01:00:00.000000000 +0100
-++++ mc-4.6.0-pre2/syntax/debian-sources-list.syntax 2002-12-29 18:11:16.000000000 +0100
-+@@ -0,0 +1,12 @@
-++context default
-++ keyword linestart deb-src brightmagenta/20
-++ keyword linestart deb brightmagenta/20
-++ keyword \$\(ARCH\) brightred/18
-++
-++context # \n brown/22
-++context ftp\:\/\/ \s green/6
-++context http\:\/\/ \s green/6
-++context cdrom\:\/ \s yellow/24
-++context file\:\/ \s brightcyan/14
-++
-++###############################################################################
-+diff -urN mc-4.6.0-pre2.orig/syntax/Makefile.am mc-4.6.0-pre2/syntax/Makefile.am
-+--- mc-4.6.0-pre2.orig/syntax/Makefile.am 2002-09-22 02:06:27.000000000 +0200
-++++ mc-4.6.0-pre2/syntax/Makefile.am 2002-12-29 18:01:24.000000000 +0100
-+@@ -5,6 +5,9 @@
-+ ada95.syntax \
-+ c.syntax \
-+ changelog.syntax \
-++ debian-changelog.syntax \
-++ debian-control.syntax \
-++ debian-sources-list.syntax \
-+ diff.syntax \
-+ dos.syntax \
-+ fortran.syntax \
-+diff -urN mc-4.6.0-pre2.orig/syntax/Makefile.in mc-4.6.0-pre2/syntax/Makefile.in
-+--- mc-4.6.0-pre2.orig/syntax/Makefile.in 2002-12-26 22:38:19.000000000 +0100
-++++ mc-4.6.0-pre2/syntax/Makefile.in 2002-12-29 18:01:45.000000000 +0100
-+@@ -190,6 +190,9 @@
-+ ada95.syntax \
-+ c.syntax \
-+ changelog.syntax \
-++ debian-changelog.syntax \
-++ debian-control.syntax \
-++ debian-sources-list.syntax \
-+ diff.syntax \
-+ dos.syntax \
-+ fortran.syntax \
-+diff -urN mc-4.6.0-pre2.orig/syntax/Syntax mc-4.6.0-pre2/syntax/Syntax
-+--- mc-4.6.0-pre2.orig/syntax/Syntax 2003-01-14 22:26:40.000000000 +0100
-++++ mc-4.6.0-pre2/syntax/Syntax 2002-12-13 09:12:52.000000000 +0100
-+@@ -116,6 +116,21 @@
-+ file [Ss]yntax$ Syntax\sHighlighting\sdefinitions ^#\ssyntax\srules\sversion\s
-+ include syntax.syntax
-+
-++file sources.list$ sources\slist
-++include debian-sources-list.syntax
-++
-++file control$ Debian\scontrol\sfile
-++include debian-control.syntax
-++
-++file (rules|rocks)$ Debian\srules
-++include makefile.syntax
-++
-++file .\*changelog$ Debian\schangelog\sfile
-++include debian-changelog.syntax
-++
-++file changelog.Debian$ Debian\schangelog\sfile
-++include debian-changelog.syntax
-++
-+ file .\* unknown
-+ include unknown.syntax
-+
---- mc-4.6.1.orig/debian/patches/28_mc-ctype.patch
-+++ mc-4.6.1/debian/patches/28_mc-ctype.patch
-@@ -0,0 +1,10 @@
-+--- edit/editcmd.c 2005-03-17 22:18:23.000000000 +0100
-++++ edit/editcmd.c 2005-03-30 10:05:48.983156480 +0200
-+@@ -24,7 +24,6 @@
-+ /* #define PIPE_BLOCKS_SO_READ_BYTE_BY_BYTE */
-+
-+ #include <config.h>
-+-#include <ctype.h>
-+
-+ #include <stdio.h>
-+ #include <stdarg.h>
---- mc-4.6.1.orig/debian/patches/06_smbconf_path.patch
-+++ mc-4.6.1/debian/patches/06_smbconf_path.patch
-@@ -0,0 +1,11 @@
-+--- vfs/smbfs.c.orig 2002-12-13 15:57:39.000000000 +0100
-++++ vfs/smbfs.c 2002-12-13 15:57:46.000000000 +0100
-+@@ -259,7 +259,7 @@
-+ static int
-+ smbfs_init (struct vfs_class * me)
-+ {
-+- const char *servicesf = CONFIGDIR PATH_SEP_STR "smb.conf";
-++ const char *servicesf = CONFIGDIR PATH_SEP_STR "samba/smb.conf";
-+
-+ /* DEBUGLEVEL = 4; */
-+
---- mc-4.6.1.orig/debian/patches/08_awk.patch
-+++ mc-4.6.1/debian/patches/08_awk.patch
-@@ -0,0 +1,12 @@
-+diff -urN mc-4.6.0.orig/configure mc-4.6.0/configure
-+--- mc-4.6.0.orig/configure 2003-02-05 19:09:04.000000000 +0100
-++++ mc-4.6.0/configure 2003-03-03 21:23:03.000000000 +0100
-+@@ -1489,7 +1489,7 @@
-+ echo "$as_me: WARNING: \`missing' script is too old or missing" >&2;}
-+ fi
-+
-+-for ac_prog in gawk mawk nawk awk
-++for ac_prog in awk gawk mawk nawk
-+ do
-+ # Extract the first word of "$ac_prog", so it can be a program name with args.
-+ set dummy $ac_prog; ac_word=$2
---- mc-4.6.1.orig/debian/patches/11_extfs_missing.patch
-+++ mc-4.6.1/debian/patches/11_extfs_missing.patch
-@@ -0,0 +1,127 @@
-+diff -pruN vfs/extfs/uzip.in vfs/extfs/uzip.in
-+--- vfs/extfs/uzip.in 2004-09-03 14:40:11.000000000 +0200
-++++ vfs/extfs/uzip.in 2005-02-06 13:02:49.000000000 +0100
-+@@ -34,6 +34,14 @@ my $cmd_delete = "$app_zip -d";
-+ # Command used to extract a file to standard out
-+ my $cmd_extract = "$app_unzip -p";
-+
-++# -rw-r--r-- 2.2 unx 2891 tx 1435 defN 20000330.211927 ./edit.html
-++# (perm) (?) (?) (size) (?) (zippedsize) (method) (yyyy)(mm)(dd)(HH)(MM) (fname)
-++my $regex_zipinfo_line = qr"^(\S{7,10})\s+(\d+\.\d+)\s+(\S+)\s+(\d+)\s+(\S\S)\s+(\d+)\s+(\S{4})\s+(\d{4})(\d\d)(\d\d)\.(\d\d)(\d\d)(\d\d)\s(.*)$";
-++
-++# 2891 Defl:N 1435 50% 03-30-00 21:19 50cbaaf8 ./edit.html
-++# (size) (method) (zippedsize) (zipratio) (mm)(dd)(yy)(HH)(MM) (cksum) (fname)
-++my $regex_nonzipinfo_line = qr"^\s*(\d+)\s+(\S+)\s+(\d+)\s+(-?\d+\%)\s+(\d?\d)-(\d?\d)-(\d\d)\s+(\d?\d):(\d\d)\s+([0-9a-f]+)\s\s(.*)$";
-++
-+ #
-+ # Main code
-+ #
-+@@ -50,6 +58,50 @@ my $aarchive = absolutize($archive, $old
-+ my $cmd_list = ($op_has_zipinfo ? $cmd_list_zi : $cmd_list_nzi);
-+ my ($qarchive, $aqarchive) = map (quotemeta, $archive, $aarchive);
-+
-++# Strip all "." and ".." path components from a pathname.
-++sub zipfs_canonicalize_pathname($) {
-++ my ($fname) = @_;
-++ $fname =~ s,/+,/,g;
-++ $fname =~ s,(^|/)(?:\.?\./)+,$1,;
-++ return $fname;
-++}
-++
-++# The Midnight Commander never calls this script with archive pathnames
-++# starting with either "./" or "../". Some ZIP files contain such names,
-++# so we need to build a translation table for them.
-++my $zipfs_realpathname_table = undef;
-++sub zipfs_realpathname($) {
-++ my ($fname) = @_;
-++
-++ if (!defined($zipfs_realpathname_table)) {
-++ $zipfs_realpathname_table = {};
-++ if (!open(ZIP, "$cmd_list $qarchive |")) {
-++ return $fname;
-++ }
-++ foreach my $line (<ZIP>) {
-++ $line =~ s/\r*\n*$//;
-++ if ($op_has_zipinfo) {
-++ if ($line =~ $regex_zipinfo_line) {
-++ my ($fname) = ($14);
-++ $zipfs_realpathname_table->{zipfs_canonicalize_pathname($fname)} = $fname;
-++ }
-++ } else {
-++ if ($line =~ $regex_nonzipinfo_line) {
-++ my ($fname) = ($11);
-++ $zipfs_realpathname_table->{zipfs_canonicalize_pathname($fname)} = $fname;
-++ }
-++ }
-++ }
-++ if (!close(ZIP)) {
-++ return $fname;
-++ }
-++ }
-++ if (exists($zipfs_realpathname_table->{$fname})) {
-++ return $zipfs_realpathname_table->{$fname};
-++ }
-++ return $fname;
-++}
-++
-+ if ($cmd eq 'list') { &mczipfs_list(@ARGV); }
-+ if ($cmd eq 'rm') { &mczipfs_rm(@ARGV); }
-+ if ($cmd eq 'rmdir') { &mczipfs_rmdir(@ARGV); }
-+@@ -63,7 +115,12 @@ exit 1;
-+
-+ # Remove a file from the archive.
-+ sub mczipfs_rm {
-+- my ($qfile) = map { &zipquotemeta($_) } @_;
-++ my ($qfile) = map { &zipquotemeta(zipfs_realpathname($_)) } @_;
-++
-++ # "./" at the beginning of pathnames is stripped by Info-ZIP,
-++ # so convert it to "[.]/" to prevent stripping.
-++ $qfile =~ s/^\\\./[.]/;
-++
-+ &checkargs(1, 'archive file', @_);
-+ &safesystem("$cmd_delete $qarchive $qfile >/dev/null");
-+ exit;
-+@@ -74,7 +131,7 @@ sub mczipfs_rm {
-+ # additional slash to the directory name to remove. I am not
-+ # sure this is absolutely necessary, but it doesn't hurt.
-+ sub mczipfs_rmdir {
-+- my ($qfile) = map { &zipquotemeta($_) } @_;
-++ my ($qfile) = map { &zipquotemeta(zipfs_realpathname($_)) } @_;
-+ &checkargs(1, 'archive directory', @_);
-+ &safesystem("$cmd_delete $qarchive $qfile/ >/dev/null", 12);
-+ exit;
-+@@ -84,7 +141,7 @@ sub mczipfs_rmdir {
-+ # Note that we don't need to check if the file is a link,
-+ # because mc apparently doesn't call copyout for symbolic links.
-+ sub mczipfs_copyout {
-+- my ($qafile, $qfsfile) = map { &zipquotemeta($_) } @_;
-++ my ($qafile, $qfsfile) = map { &zipquotemeta(zipfs_realpathname($_)) } @_;
-+ &checkargs(1, 'archive file', @_);
-+ &checkargs(2, 'local file', @_);
-+ &safesystem("$cmd_extract $qarchive $qafile > $qfsfile", 11);
-+@@ -195,14 +252,14 @@ sub mczipfs_list {
-+ next if /^Archive:/;
-+ next if /^\d+ file/;
-+ next if /^Empty zipfile\.$/;
-+- my @match = /^(.{10}) +([\d.]+) +([a-z\d]+) +(\d+) +([^ ]{2}) +(\d+) +([^ ]{4}) +(\d{4})(\d\d)(\d\d)\.(\d\d)(\d\d)(\d\d) +(.*)$/;
-++ my @match = /$regex_zipinfo_line/;
-+ next if ($#match != 13);
-+ &checked_print_file(@match);
-+ }
-+ } else {
-+ while (<PIPE>) {
-+ chomp;
-+- my @match = /^ *(\d+) +([^ ]+) +(\d+) +(-?\d+\%) +(\d?\d)-(\d?\d)-(\d\d) (\d?\d):(\d\d) +([0-9a-f]+) +(.*)$/;
-++ my @match = /$regex_nonzipinfo_line/;
-+ next if ($#match != 10);
-+ my @rmatch = ('', '', 'unknown', $match[0], '', $match[2], $match[1],
-+ $match[6] + ($match[6] < 70 ? 2000 : 1900), $match[4], $match[5],
-+@@ -230,7 +287,7 @@ sub mczipfs_list {
-+ sub mczipfs_run {
-+ my ($afile) = @_;
-+ &checkargs(1, 'archive file', @_);
-+- my $qafile = &zipquotemeta($afile);
-++ my $qafile = &zipquotemeta(zipfs_realpathname($afile));
-+ my $tmpdir = &mktmpdir();
-+ my $tmpfile = File::Basename::basename($afile);
-+
---- mc-4.6.1.orig/debian/patches/04_off64t.patch
-+++ mc-4.6.1/debian/patches/04_off64t.patch
-@@ -0,0 +1,189 @@
-+diff -N -r -u -x config.log mc-4.6.1-pre4.debian/vfs/cpio.c mc-4.6.1-pre4/vfs/cpio.c
-+--- mc-4.6.1-pre4.debian/vfs/cpio.c 2005-05-27 16:19:19.000000000 +0200
-++++ mc-4.6.1-pre4/vfs/cpio.c 2005-08-23 21:32:39.306219927 +0200
-+@@ -83,7 +83,7 @@
-+ struct vfs_s_inode *inode;
-+ };
-+
-+-static int cpio_position;
-++static off_t cpio_position;
-+
-+ static int cpio_find_head(struct vfs_class *me, struct vfs_s_super *super);
-+ static int cpio_read_bin_head(struct vfs_class *me, struct vfs_s_super *super);
-+@@ -107,7 +107,7 @@
-+ return l;
-+ }
-+
-+-static int cpio_skip_padding(struct vfs_s_super *super)
-++static off_t cpio_skip_padding(struct vfs_s_super *super)
-+ {
-+ switch(super->u.arch.type) {
-+ case CPIO_BIN:
-+diff -N -r -u -x config.log mc-4.6.1-pre4.debian/vfs/direntry.c mc-4.6.1-pre4/vfs/direntry.c
-+--- mc-4.6.1-pre4.debian/vfs/direntry.c 2004-11-29 19:44:49.000000000 +0100
-++++ mc-4.6.1-pre4/vfs/direntry.c 2005-08-23 21:32:39.307219773 +0200
-+@@ -836,13 +836,13 @@
-+ return 0;
-+ }
-+
-+-static int
-++static off_t
-+ vfs_s_lseek (void *fh, off_t offset, int whence)
-+ {
-+ off_t size = FH->ino->st.st_size;
-+
-+ if (FH->handle != -1){ /* If we have local file opened, we want to work with it */
-+- int retval = lseek (FH->handle, offset, whence);
-++ off_t retval = lseek (FH->handle, offset, whence);
-+ if (retval == -1)
-+ FH->ino->super->me->verrno = errno;
-+ return retval;
-+diff -N -r -u -x config.log mc-4.6.1-pre4.debian/vfs/extfs.c mc-4.6.1-pre4/vfs/extfs.c
-+--- mc-4.6.1-pre4.debian/vfs/extfs.c 2005-05-27 16:19:19.000000000 +0200
-++++ mc-4.6.1-pre4/vfs/extfs.c 2005-08-23 21:32:39.309219464 +0200
-+@@ -1125,7 +1125,7 @@
-+ return 0;
-+ }
-+
-+-static int extfs_lseek (void *data, off_t offset, int whence)
-++static off_t extfs_lseek (void *data, off_t offset, int whence)
-+ {
-+ struct pseudofile *file = (struct pseudofile *) data;
-+
-+diff -N -r -u -x config.log mc-4.6.1-pre4.debian/vfs/local.c mc-4.6.1-pre4/vfs/local.c
-+--- mc-4.6.1-pre4.debian/vfs/local.c 2004-09-25 01:00:18.000000000 +0200
-++++ mc-4.6.1-pre4/vfs/local.c 2005-08-23 21:32:39.310219310 +0200
-+@@ -197,7 +197,7 @@
-+ return chdir (path);
-+ }
-+
-+-int
-++off_t
-+ local_lseek (void *data, off_t offset, int whence)
-+ {
-+ int fd = * (int *) data;
-+diff -N -r -u -x config.log mc-4.6.1-pre4.debian/vfs/local.h mc-4.6.1-pre4/vfs/local.h
-+--- mc-4.6.1-pre4.debian/vfs/local.h 2004-08-17 11:17:43.000000000 +0200
-++++ mc-4.6.1-pre4/vfs/local.h 2005-08-23 21:32:39.318218076 +0200
-+@@ -11,7 +11,7 @@
-+ extern int local_read (void *data, char *buffer, int count);
-+ extern int local_fstat (void *data, struct stat *buf);
-+ extern int local_errno (struct vfs_class *me);
-+-extern int local_lseek (void *data, off_t offset, int whence);
-++extern off_t local_lseek (void *data, off_t offset, int whence);
-+ #ifdef HAVE_MMAP
-+ extern caddr_t local_mmap (struct vfs_class *me, caddr_t addr, size_t len,
-+ int prot, int flags, void *data, off_t offset);
-+diff -N -r -u -x config.log mc-4.6.1-pre4.debian/vfs/mcfs.c mc-4.6.1-pre4/vfs/mcfs.c
-+--- mc-4.6.1-pre4.debian/vfs/mcfs.c 2005-05-27 16:19:19.000000000 +0200
-++++ mc-4.6.1-pre4/vfs/mcfs.c 2005-08-23 21:32:39.315218539 +0200
-+@@ -1037,7 +1037,7 @@
-+ return 0;
-+ }
-+
-+-static int
-++static off_t
-+ mcfs_lseek (void *data, off_t offset, int whence)
-+ {
-+ mcfs_handle *info = (mcfs_handle *) data;
-+diff -N -r -u -x config.log mc-4.6.1-pre4.debian/vfs/smbfs.c mc-4.6.1-pre4/vfs/smbfs.c
-+--- mc-4.6.1-pre4.debian/vfs/smbfs.c 2005-05-27 16:19:19.000000000 +0200
-++++ mc-4.6.1-pre4/vfs/smbfs.c 2005-08-23 21:32:39.317218231 +0200
-+@@ -1585,7 +1585,7 @@
-+
-+ #define smbfs_lstat smbfs_stat /* no symlinks on smb filesystem? */
-+
-+-static int
-++static off_t
-+ smbfs_lseek (void *data, off_t offset, int whence)
-+ {
-+ smbfs_handle *info = (smbfs_handle *) data;
-+diff -N -r -u -x config.log mc-4.6.1-pre4.debian/vfs/tar.c mc-4.6.1-pre4/vfs/tar.c
-+--- mc-4.6.1-pre4.debian/vfs/tar.c 2005-05-27 16:19:19.000000000 +0200
-++++ mc-4.6.1-pre4/vfs/tar.c 2005-08-23 21:32:39.311219156 +0200
-+@@ -194,7 +194,7 @@
-+ }
-+
-+ /* As we open one archive at a time, it is safe to have this static */
-+-static int current_tar_position = 0;
-++static off_t current_tar_position = 0;
-+
-+ /* Returns fd of the open tar file */
-+ static int
-+@@ -457,7 +457,7 @@
-+ struct stat st;
-+ struct vfs_s_entry *entry;
-+ struct vfs_s_inode *inode, *parent;
-+- long data_position;
-++ off_t data_position;
-+ char *q;
-+ int len;
-+ char *current_file_name, *current_link_name;
-+@@ -642,8 +642,9 @@
-+ int fd = FH_SUPER->u.arch.fd;
-+ struct vfs_class *me = FH_SUPER->me;
-+
-+- if (mc_lseek (fd, begin + FH->pos, SEEK_SET) !=
-+- begin + FH->pos) ERRNOR (EIO, -1);
-++
-++ off_t o = mc_lseek(fd, begin + FH->pos, SEEK_SET);
-++ if ( o != begin + FH->pos) ERRNOR (EIO, -1);
-+
-+ count = MIN(count, FH->ino->st.st_size - FH->pos);
-+
-+diff -N -r -u -x config.log mc-4.6.1-pre4.debian/vfs/undelfs.c mc-4.6.1-pre4/vfs/undelfs.c
-+--- mc-4.6.1-pre4.debian/vfs/undelfs.c 2005-05-27 16:19:19.000000000 +0200
-++++ mc-4.6.1-pre4/vfs/undelfs.c 2005-08-23 21:32:39.313218847 +0200
-+@@ -645,7 +645,7 @@
-+ }
-+
-+ /* this has to stay here for now: vfs layer does not know how to emulate it */
-+-static int
-++static off_t
-+ undelfs_lseek(void *vfs_info, off_t offset, int whence)
-+ {
-+ return -1;
-+diff -N -r -u -x config.log mc-4.6.1-pre4.debian/vfs/vfs-impl.h mc-4.6.1-pre4/vfs/vfs-impl.h
-+--- mc-4.6.1-pre4.debian/vfs/vfs-impl.h 2004-09-02 15:57:59.000000000 +0200
-++++ mc-4.6.1-pre4/vfs/vfs-impl.h 2005-08-23 21:32:39.318218076 +0200
-+@@ -53,7 +53,7 @@
-+ int (*rename) (struct vfs_class *me, const char *p1, const char *p2);
-+ int (*chdir) (struct vfs_class *me, const char *path);
-+ int (*ferrno) (struct vfs_class *me);
-+- int (*lseek) (void *vfs_info, off_t offset, int whence);
-++ off_t (*lseek) (void *vfs_info, off_t offset, int whence);
-+ int (*mknod) (struct vfs_class *me, const char *path, int mode, int dev);
-+
-+ vfsid (*getid) (struct vfs_class *me, const char *path);
-+diff -N -r -u -x config.log mc-4.6.1-pre4.debian/vfs/vfs.c mc-4.6.1-pre4/vfs/vfs.c
-+--- mc-4.6.1-pre4.debian/vfs/vfs.c 2005-05-27 16:19:19.000000000 +0200
-++++ mc-4.6.1-pre4/vfs/vfs.c 2005-08-23 21:32:39.312219002 +0200
-+@@ -623,14 +623,14 @@
-+ off_t mc_lseek (int fd, off_t offset, int whence)
-+ {
-+ struct vfs_class *vfs;
-+- int result;
-++ off_t result;
-+
-+ if (fd == -1)
-+ return -1;
-+
-+ vfs = vfs_op (fd);
-+ result = vfs->lseek ? (*vfs->lseek)(vfs_info (fd), offset, whence) : -1;
-+- if (result == -1)
-++ if (result == (off_t)-1)
-+ errno = vfs->lseek ? ferrno (vfs) : E_NOTSUPP;
-+ return result;
-+ }
-+diff -N -r -u -x config.log mc-4.6.1-pre4.debian/vfs/xdirentry.h mc-4.6.1-pre4/vfs/xdirentry.h
-+--- mc-4.6.1-pre4.debian/vfs/xdirentry.h 2004-10-06 20:04:15.000000000 +0200
-++++ mc-4.6.1-pre4/vfs/xdirentry.h 2005-08-23 21:32:39.326216843 +0200
-+@@ -90,7 +90,7 @@
-+ char *linkname; /* Symlink's contents */
-+ char *localname; /* Filename of local file, if we have one */
-+ struct timeval timestamp; /* Subclass specific */
-+- long data_offset; /* Subclass specific */
-++ off_t data_offset; /* Subclass specific */
-+ };
-+
-+ /* Data associated with an open file */
---- mc-4.6.1.orig/debian/patches/40_view.c.patch
-+++ mc-4.6.1/debian/patches/40_view.c.patch
-@@ -0,0 +1,16 @@
-+--- src/view.c 2005-04-27 23:34:30.000000000 +0200
-++++ src/view.c 2005-04-27 23:36:20.000000000 +0200
-+@@ -1239,7 +1239,12 @@
-+ if (lines != -1 && line >= lines)
-+ return p;
-+
-+- c = get_byte (view, p);
-++ if ((c = get_byte (view, p)) == -1) {
-++ if (upto)
-++ return line;
-++ else
-++ return p;
-++ }
-+
-+ if (view->wrap_mode) {
-+ if (c == '\r')
---- mc-4.6.1.orig/debian/patches/47_mc.menu.patch
-+++ mc-4.6.1/debian/patches/47_mc.menu.patch
-@@ -0,0 +1,30 @@
-+--- lib/mc.menu 2005-05-02 18:08:11.000000000 +0200
-++++ lib/mc.menu 2005-05-02 18:08:37.000000000 +0200
-+@@ -15,7 +15,7 @@ shell_patterns=0
-+
-+ 0 Edit a bug report and send it to root
-+ I=`mktemp ${MC_TMPDIR:-/tmp}/mail.XXXXXX` || exit 1
-+- ${EDITOR-vi} $I
-++ ${EDITOR-editor} $I
-+ test -r $I && mail root < $I
-+ rm -f $I
-+
-+@@ -330,3 +330,7 @@
-+ o Open next a free console
-+ open -s -- sh
-+
-++=+ f \.dsc$ & t r
-++x Extract the contents of a Debian source package
-++ dpkg-source -x %f
-++
-+--- src/util.h 2006-06-13 04:39:20.000000000 +0300
-++++ src/util.h 2006-06-13 04:39:53.000000000 +0300
-+@@ -217,7 +217,7 @@ void save_file_position (const char *fil
-+ #define PATH_ENV_SEP ':'
-+ #define TMPDIR_DEFAULT "/tmp"
-+ #define SCRIPT_SUFFIX ""
-+-#define get_default_editor() "vi"
-++#define get_default_editor() "editor"
-+ #define OS_SORT_CASE_SENSITIVE_DEFAULT 1
-+ #define STRCOMP strcmp
-+ #define STRNCOMP strncmp
---- mc-4.6.1.orig/debian/patches/18_sh_syntax.patch
-+++ mc-4.6.1/debian/patches/18_sh_syntax.patch
-@@ -0,0 +1,468 @@
-+/* Creator: Michelle Konzack */
-+/* E-Mail: <linux4michelle@freenet.de> */
-+/* */
-+/* Creation-Date: Sat, 12 Mar 2005 16:59:01 +0100 */
-+
-+
-+--- syntax/sh.syntax Sat Mar 12 16:54:56 2005
-++++ syntax/sh.syntax Sat Mar 12 16:57:47 2005
-+@@ -41,7 +41,9 @@ wholechars abcdefghijklmnopqrstuvwxyzABC
-+ keyword whole bg yellow
-+ keyword whole break yellow
-+ keyword whole case yellow
-++ keyword whole clear yellow
-+ keyword whole continue yellow
-++ keyword whole declare yellow
-+ keyword whole done yellow
-+ keyword whole do yellow
-+ keyword whole elif yellow
-+@@ -56,11 +58,13 @@ wholechars abcdefghijklmnopqrstuvwxyzABC
-+ keyword whole for yellow
-+ keyword whole if yellow
-+ keyword whole in yellow
-++ keyword whole let yellow
-+ keyword whole read yellow
-+ keyword whole return yellow
-+ keyword whole select yellow
-+ keyword whole set yellow
-+ keyword whole shift yellow
-++ keyword whole source yellow
-+ keyword whole then yellow
-+ keyword whole trap yellow
-+ keyword whole umask yellow
-+@@ -69,6 +73,8 @@ wholechars abcdefghijklmnopqrstuvwxyzABC
-+ keyword whole wait yellow
-+ keyword whole while yellow
-+
-++ keyword whole apt-get cyan
-++ keyword whole ar cyan
-+ keyword whole arch cyan
-+ keyword whole ash cyan
-+ keyword whole awk cyan
-+@@ -77,90 +83,204 @@ wholechars abcdefghijklmnopqrstuvwxyzABC
-+ keyword whole bg_backup cyan
-+ keyword whole bg_restore cyan
-+ keyword whole bsh cyan
-++ keyword whole bzip cyan
-++ keyword whole bzip2 cyan
-++ keyword whole cam cyan
-+ keyword whole cat cyan
-+ keyword whole cd cyan
-++ keyword whole cdda2wav cyan
-+ keyword whole chgrp cyan
-+ keyword whole chmod cyan
-+ keyword whole chown cyan
-++ keyword whole cmp cyan
-++ keyword whole col cyan
-++ keyword whole compress cyan
-+ keyword whole cp cyan
-+ keyword whole cpio cyan
-++ keyword whole cpp cyan
-+ keyword whole csh cyan
-++ keyword whole curl cyan
-++ keyword whole cut cyan
-+ keyword whole date cyan
-+ keyword whole dd cyan
-+ keyword whole df cyan
-++ keyword whole dialog cyan
-++ keyword whole diff cyan
-++ keyword whole dirname cyan
-+ keyword whole dmesg cyan
-+ keyword whole dnsdomainname cyan
-+ keyword whole doexec cyan
-+ keyword whole domainname cyan
-++ keyword whole dpkg cyan
-++ keyword whole dpkg-buildpackage cyan
-++ keyword whole dpkg-scanpackages cyan
-++ keyword whole dpkg-scansources cyan
-+ keyword whole echo cyan
-+ keyword whole ed cyan
-++ keyword whole editor cyan
-+ keyword whole egrep cyan
-+ keyword whole ex cyan
-++ keyword whole fakeroot cyan
-+ keyword whole false cyan
-++ keyword whole fdformat cyan
-++ keyword whole fetchmail cyan
-+ keyword whole fgrep cyan
-+ keyword whole find cyan
-++ keyword whole formail cyan
-++ keyword whole free cyan
-++ keyword whole freeze cyan
-+ keyword whole fsconf cyan
-+ keyword whole gawk cyan
-++ keyword whole gdb cyan
-++ keyword whole gcc cyan
-+ keyword whole grep cyan
-+ keyword whole gunzip cyan
-+ keyword whole gzip cyan
-++ keyword whole ha cyan
-+ keyword whole hostname cyan
-+ keyword whole igawk cyan
-++ keyword whole insmod cyan
-+ keyword whole ipcalc cyan
-++ keyword whole iptables cyan
-+ keyword whole kill cyan
-+ keyword whole ksh cyan
-++ keyword whole lame cyan
-++ keyword whole less cyan
-++ keyword whole lharc cyan
-++ keyword whole lilo cyan
-++ keyword whole linux_logo cyan
-+ keyword whole linuxconf cyan
-+ keyword whole ln cyan
-++ keyword whole locale cyan
-++ keyword whole logger cyan
-+ keyword whole login cyan
-+ keyword whole lpdconf cyan
-+ keyword whole ls cyan
-++ keyword whole lynx cyan
-+ keyword whole mail cyan
-++ keyword whole man cyan
-++ keyword whole mc cyan
-++ keyword whole mcedit cyan
-++ keyword whole mcview cyan
-++ keyword whole mimedecode cyan
-+ keyword whole mkdir cyan
-++ keyword whole mkdirhier cyan
-++ keyword whole mkfs.ext2 cyan
-++ keyword whole mkfs.ext3 cyan
-++ keyword whole mkfs.minix cyan
-++ keyword whole mkfs.msdos cyan
-++ keyword whole mke2fs cyan
-++ keyword whole mkdosfs cyan
-++ keyword whole mkinitrd cyan
-+ keyword whole mknod cyan
-+ keyword whole mktemp cyan
-++ keyword whole modprobe cyan
-+ keyword whole more cyan
-+ keyword whole mount cyan
-++ keyword whole mozilla cyan
-++ keyword whole mp3info cyan
-++ keyword whole munpack cyan
-++ keyword whole msgfmt cyan
-+ keyword whole mt cyan
-++ keyword whole mutt cyan
-+ keyword whole mv cyan
-+ keyword whole netconf cyan
-+ keyword whole netstat cyan
-+ keyword whole nice cyan
-+ keyword whole nisdomainname cyan
-++ keyword whole nm cyan
-++ keyword whole patch cyan
-++ keyword whole pinfo cyan
-+ keyword whole ping cyan
-++ keyword whole procmail cyan
-+ keyword whole ps cyan
-+ keyword whole pwd cyan
-++ keyword whole rar cyan
-+ keyword whole red cyan
-+ keyword whole remadmin cyan
-++ keyword whole rename cyan
-+ keyword whole rm cyan
-+ keyword whole rmdir cyan
-++ keyword whole rmmod cyan
-++ keyword whole rplay cyan
-+ keyword whole rpm cyan
-++ keyword whole rpm2cpio cyan
-+ keyword whole sed cyan
-+ keyword whole set cyan
-+ keyword whole setserial cyan
-+ keyword whole sh cyan
-+ keyword whole sleep cyan
-+ keyword whole sort cyan
-++ keyword whole sa-learn cyan
-++ keyword whole spamassassin cyan
-++ keyword whole spamc cyan
-++ keyword whole spamd cyan
-++ keyword whole ssmtp cyan
-++ keyword whole strace cyan
-+ keyword whole stty cyan
-+ keyword whole su cyan
-+ keyword whole sync cyan
-+ keyword whole taper cyan
-+ keyword whole tar cyan
-++ keyword whole tcpdump cyan
-+ keyword whole tcsh cyan
-+ keyword whole test cyan
-++ keyword whole tempfile cyan
-+ keyword whole time cyan
-++ keyword whole tnef cyan
-+ keyword whole touch cyan
-++ keyword whole tr cyan
-+ keyword whole true cyan
-++ keyword whole tune2fs cyan
-+ keyword whole umount cyan
-+ keyword whole uname cyan
-++ keyword whole unarj cyan
-++ keyword whole uniq cyan
-++ keyword whole unzip cyan
-++ keyword whole uptime cyan
-+ keyword whole userconf cyan
-+ keyword whole usleep cyan
-+ keyword whole vi cyan
-+ keyword whole view cyan
-+ keyword whole vim cyan
-++ keyword whole wc cyan
-++ keyword whole wget cyan
-++ keyword whole whiptail cyan
-++ keyword whole wvWare cyan
-+ keyword whole xconf cyan
-++ keyword whole xgettext cyan
-++ keyword whole xmessage cyan
-++ keyword whole xmodmap cyan
-++ keyword whole xterm cyan
-+ keyword whole ypdomainname cyan
-+ keyword whole zcat cyan
-++ keyword whole zgv cyan
-++ keyword whole zip cyan
-++ keyword whole zoo cyan
-+ keyword whole zsh cyan
-++ keyword whole Xdialog cyan
-++
-++ keyword whole gpg red
-++ keyword whole md5sum red
-++ keyword whole openssl red
-++ keyword whole ssh red
-++
-++ keyword whole TEXTDOMAINDIR magenta
-++ keyword whole TEXTDOMAIN magenta
-++ keyword whole VERSION magenta
-++
-++ keyword whole jpegtopnm cyan
-++ keyword whole pnmscale cyan
-++ keyword whole ppmtoxpm cyan
-++
-++ keyword whole /dev/audio brightblue
-++ keyword whole /dev/dsp brightblue
-++ keyword whole /dev/null brightblue
-++ keyword whole /dev/mixed brightblue
-++ keyword whole /dev/stdin brightblue
-++ keyword whole /dev/stdout brightblue
-++ keyword whole /dev/stderr brightblue
-++ keyword whole /dev/zero brightblue
-+
-+ wholechars abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_
-+
-+@@ -224,7 +344,9 @@ wholechars abcdefghijklmnopqrstuvwxyzABC
-+
-+ keyword whole break yellow
-+ keyword whole case yellow
-++ keyword whole clear yellow
-+ keyword whole continue yellow
-++ keyword whole declare yellow
-+ keyword whole done yellow
-+ keyword whole do yellow
-+ keyword whole elif yellow
-+@@ -238,11 +360,15 @@ wholechars abcdefghijklmnopqrstuvwxyzABC
-+ keyword whole return yellow
-+ keyword whole select yellow
-+ keyword whole shift yellow
-++ keyword whole source yellow
-+ keyword whole then yellow
-+ keyword whole trap yellow
-+ keyword whole until yellow
-++ keyword whole wait yellow
-+ keyword whole while yellow
-+
-++ keyword whole apt-get cyan
-++ keyword whole ar cyan
-+ keyword whole arch cyan
-+ keyword whole ash cyan
-+ keyword whole awk cyan
-+@@ -251,89 +377,194 @@ wholechars abcdefghijklmnopqrstuvwxyzABC
-+ keyword whole bg_backup cyan
-+ keyword whole bg_restore cyan
-+ keyword whole bsh cyan
-++ keyword whole bzip cyan
-++ keyword whole bzip2 cyan
-++ keyword whole cam cyan
-+ keyword whole cat cyan
-+ keyword whole cd cyan
-++ keyword whole cdda2wav cyan
-+ keyword whole chgrp cyan
-+ keyword whole chmod cyan
-+ keyword whole chown cyan
-++ keyword whole cmp cyan
-++ keyword whole col cyan
-++ keyword whole compress cyan
-+ keyword whole cp cyan
-+ keyword whole cpio cyan
-++ keyword whole cpp cyan
-+ keyword whole csh cyan
-++ keyword whole curl cyan
-++ keyword whole cut cyan
-+ keyword whole date cyan
-+ keyword whole dd cyan
-+ keyword whole df cyan
-++ keyword whole dialog cyan
-++ keyword whole diff cyan
-++ keyword whole dirname cyan
-+ keyword whole dmesg cyan
-+ keyword whole dnsdomainname cyan
-+ keyword whole doexec cyan
-+ keyword whole domainname cyan
-++ keyword whole dpkg cyan
-++ keyword whole dpkg-buildpackage cyan
-++ keyword whole dpkg-scanpackages cyan
-++ keyword whole dpkg-scansources cyan
-+ keyword whole echo cyan
-+ keyword whole ed cyan
-++ keyword whole editor cyan
-+ keyword whole egrep cyan
-+ keyword whole ex cyan
-++ keyword whole fakeroot cyan
-+ keyword whole false cyan
-++ keyword whole fdformat cyan
-++ keyword whole fetchmail cyan
-+ keyword whole fgrep cyan
-+ keyword whole find cyan
-++ keyword whole free cyan
-++ keyword whole freeze cyan
-+ keyword whole fsconf cyan
-+ keyword whole gawk cyan
-++ keyword whole gdb cyan
-++ keyword whole gcc cyan
-+ keyword whole grep cyan
-+ keyword whole gunzip cyan
-+ keyword whole gzip cyan
-++ keyword whole ha cyan
-+ keyword whole hostname cyan
-+ keyword whole igawk cyan
-++ keyword whole insmod cyan
-++ keyword whole iptables cyan
-+ keyword whole ipcalc cyan
-+ keyword whole kill cyan
-+ keyword whole ksh cyan
-++ keyword whole lame cyan
-++ keyword whole less cyan
-++ keyword whole lharc cyan
-++ keyword whole lilo cyan
-++ keyword whole linux_logo cyan
-+ keyword whole linuxconf cyan
-+ keyword whole ln cyan
-++ keyword whole locale cyan
-++ keyword whole logger cyan
-+ keyword whole login cyan
-+ keyword whole lpdconf cyan
-+ keyword whole ls cyan
-++ keyword whole lynx cyan
-+ keyword whole mail cyan
-++ keyword whole man cyan
-++ keyword whole mc cyan
-++ keyword whole mcedit cyan
-++ keyword whole mcview cyan
-++ keyword whole mimedecode cyan
-+ keyword whole mkdir cyan
-++ keyword whole mkdirhier cyan
-++ keyword whole mkfs.ext2 cyan
-++ keyword whole mkfs.ext3 cyan
-++ keyword whole mkfs.minix cyan
-++ keyword whole mkfs.msdos cyan
-++ keyword whole mke2fs cyan
-++ keyword whole mkdosfs cyan
-++ keyword whole mkinitrd cyan
-+ keyword whole mknod cyan
-+ keyword whole mktemp cyan
-++ keyword whole modprobe cyan
-+ keyword whole more cyan
-+ keyword whole mount cyan
-++ keyword whole mozilla cyan
-++ keyword whole mp3info cyan
-++ keyword whole msgfmt cyan
-+ keyword whole mt cyan
-++ keyword whole mutt cyan
-+ keyword whole mv cyan
-+ keyword whole netconf cyan
-+ keyword whole netstat cyan
-+ keyword whole nice cyan
-+ keyword whole nisdomainname cyan
-++ keyword whole nm cyan
-++ keyword whole patch cyan
-++ keyword whole pinfo cyan
-+ keyword whole ping cyan
-+ keyword whole ps cyan
-+ keyword whole pwd cyan
-++ keyword whole rar cyan
-+ keyword whole red cyan
-+ keyword whole remadmin cyan
-++ keyword whole rename cyan
-+ keyword whole rm cyan
-+ keyword whole rmdir cyan
-++ keyword whole rmmod cyan
-++ keyword whole rplay cyan
-+ keyword whole rpm cyan
-++ keyword whole rpm2cpio cyan
-+ keyword whole sed cyan
-+ keyword whole set cyan
-+ keyword whole setserial cyan
-+ keyword whole sh cyan
-+ keyword whole sleep cyan
-+ keyword whole sort cyan
-++ keyword whole sa-learn cyan
-++ keyword whole spamassassin cyan
-++ keyword whole spamc cyan
-++ keyword whole spamd cyan
-++ keyword whole ssmtp cyan
-++ keyword whole strace cyan
-+ keyword whole stty cyan
-+ keyword whole su cyan
-+ keyword whole sync cyan
-+ keyword whole taper cyan
-+ keyword whole tar cyan
-++ keyword whole tcpdump cyan
-+ keyword whole tcsh cyan
-++ keyword whole tempfile cyan
-+ keyword whole test cyan
-+ keyword whole time cyan
-++ keyword whole tnef cyan
-+ keyword whole touch cyan
-++ keyword whole tr cyan
-+ keyword whole true cyan
-++ keyword whole tune2fs cyan
-+ keyword whole umount cyan
-+ keyword whole uname cyan
-++ keyword whole unarj cyan
-++ keyword whole uniq cyan
-++ keyword whole unzip cyan
-++ keyword whole uptime cyan
-+ keyword whole userconf cyan
-+ keyword whole usleep cyan
-+ keyword whole vi cyan
-+ keyword whole view cyan
-+ keyword whole vim cyan
-++ keyword whole wc cyan
-++ keyword whole wget cyan
-++ keyword whole whiptail cyan
-++ keyword whole wvWare cyan
-+ keyword whole xconf cyan
-++ keyword whole xgettext cyan
-++ keyword whole xmessage cyan
-++ keyword whole xmodmap cyan
-++ keyword whole xterm cyan
-+ keyword whole ypdomainname cyan
-+ keyword whole zcat cyan
-++ keyword whole zgv cyan
-++ keyword whole zoo cyan
-++ keyword whole zip cyan
-+ keyword whole zsh cyan
-++ keyword whole Xdialog cyan
-+
-+-
-++ keyword whole gpg red
-++ keyword whole md5sum red
-++ keyword whole openssl red
-++ keyword whole ssh red
-++
-++ keyword whole TEXTDOMAINDIR magenta
-++ keyword whole TEXTDOMAIN magenta
-++ keyword whole VERSION magenta
-++
-++ keyword whole /dev/audio brightblue
-++ keyword whole /dev/dsp brightblue
-++ keyword whole /dev/null brightblue
-++ keyword whole /dev/mixed brightblue
-++ keyword whole /dev/stdin brightblue
-++ keyword whole /dev/stdout brightblue
-++ keyword whole /dev/stderr brightblue
-++ keyword whole /dev/zero brightblue
---- mc-4.6.1.orig/debian/patches/49_64bit.patch
-+++ mc-4.6.1/debian/patches/49_64bit.patch
-@@ -0,0 +1,54 @@
-+--- mc-4.6.1a/src/mountlist.c.64bit 2005-02-08 23:33:52.000000000 +0100
-++++ mc-4.6.1a/src/mountlist.c 2005-05-10 17:09:24.122853504 +0200
-+@@ -131,11 +131,19 @@ struct mount_entry
-+
-+ struct fs_usage
-+ {
-++#ifndef HAVE_SYS_STATVFS_H
-+ long fsu_blocks; /* Total blocks. */
-+ long fsu_bfree; /* Free blocks available to superuser. */
-+ long fsu_bavail; /* Free blocks available to non-superuser. */
-+ long fsu_files; /* Total file nodes. */
-+ long fsu_ffree; /* Free file nodes. */
-++#else /* We have sys/statvfs.h, use proper data types when _FILE_OFFSET_BITS=64 */
-++ fsblkcnt_t fsu_blocks;
-++ fsblkcnt_t fsu_bfree;
-++ fsblkcnt_t fsu_bavail;
-++ fsblkcnt_t fsu_files;
-++ fsblkcnt_t fsu_ffree;
-++#endif /* HAVE_SYS_STATVFS_H */
-+ };
-+
-+ static int get_fs_usage (char *path, struct fs_usage *fsp);
-+@@ -665,6 +673,7 @@ my_statfs (struct my_statfs *myfs_stats,
-+ BLOCKS FROMSIZE-byte blocks, rounding away from zero.
-+ TOSIZE must be positive. Return -1 if FROMSIZE is not positive. */
-+
-++#if !defined(HAVE_SYS_STATFS_H) || !defined(STAT_STATVFS)
-+ static long
-+ fs_adjust_blocks (long blocks, int fromsize, int tosize)
-+ {
-+@@ -672,13 +681,21 @@ fs_adjust_blocks (long blocks, int froms
-+ abort ();
-+ if (fromsize <= 0)
-+ return -1;
-+-
-++#else
-++static fsblkcnt_t
-++fs_adjust_blocks (fsblkcnt_t blocks, unsigned long fromsize, unsigned long tosize)
-++{
-++ if (!tosize)
-++ abort ();
-++ if (!fromsize)
-++ return -1;
-++#endif
-+ if (fromsize == tosize) /* E.g., from 512 to 512. */
-+ return blocks;
-+ else if (fromsize > tosize) /* E.g., from 2048 to 512. */
-+ return blocks * (fromsize / tosize);
-+ else /* E.g., from 256 to 512. */
-+- return (blocks + (blocks < 0 ? -1 : 1)) / (tosize / fromsize);
-++ return (blocks + 1) / (tosize / fromsize);
-+ }
-+
-+ #if defined(_AIX) && defined(_I386)
---- mc-4.6.1.orig/debian/patches/52_utf8-8bits-slang2.patch
-+++ mc-4.6.1/debian/patches/52_utf8-8bits-slang2.patch
-@@ -0,0 +1,68 @@
-+diff -ruN mc-4.6.1.orig/edit/editdraw.c mc-4.6.1/edit/editdraw.c
-+--- mc-4.6.1.orig/edit/editdraw.c 2006-06-25 20:34:28.000000000 +0700
-++++ mc-4.6.1/edit/editdraw.c 2006-06-25 20:35:35.475890000 +0700
-+@@ -239,7 +239,7 @@
-+ lowlevel_set_color (color);
-+ }
-+ #ifdef UTF8
-+- SLsmg_write_char(textchar);
-++ SLsmg_write_nwchars(&textchar, 1);
-+ #else
-+ addch (textchar);
-+ #endif
-+diff -ruN mc-4.6.1.orig/src/help.c mc-4.6.1/src/help.c
-+--- mc-4.6.1.orig/src/help.c 2006-06-25 20:34:28.000000000 +0700
-++++ mc-4.6.1/src/help.c 2006-06-25 20:36:13.406260500 +0700
-+@@ -461,7 +461,7 @@
-+ len = mbrtowc(&wc, p, MB_CUR_MAX, &mbs);
-+ if (len <= 0) len = 1; /* skip broken multibyte chars */
-+
-+- SLsmg_write_char(wc);
-++ SLsmg_write_nwchars(&wc, 1);
-+ p += len - 1;
-+ } else
-+ #endif
-+diff -ruN mc-4.6.1.orig/src/util.c mc-4.6.1/src/util.c
-+--- mc-4.6.1.orig/src/util.c 2006-06-25 20:34:28.000000000 +0700
-++++ mc-4.6.1/src/util.c 2006-06-25 20:37:52.592459250 +0700
-+@@ -59,8 +59,26 @@
-+ #if SLANG_VERSION >= 20000
-+ void SLsmg_write_nwchars(wchar_t *s, size_t n)
-+ {
-+- while(n--)
-+- SLsmg_write_char(*s++);
-++ if (SLsmg_is_utf8_mode()) { /* slang can handle it directly */
-++ while(n-- && *s)
-++ SLsmg_write_char(*s++);
-++ }
-++ else { /* convert wchars back to 8bit encoding */
-++ mbstate_t mbs;
-++ memset (&mbs, 0, sizeof (mbs));
-++ while (n-- && *s) {
-++ char buf[MB_LEN_MAX + 1]; /* should use 1 char, but to be sure */
-++ if (*s < 0x80) {
-++ SLsmg_write_char(*s++); /* ASCII */
-++ }
-++ else {
-++ if (wcrtomb(buf, *s++, &mbs) == 1)
-++ SLsmg_write_char((wchar_t)(buf[0]));
-++ else
-++ SLsmg_write_char('?'); /* should not happen */
-++ }
-++ }
-++ }
-+ }
-+ #endif
-+
-+diff -ruN mc-4.6.1.orig/src/view.c mc-4.6.1/src/view.c
-+--- mc-4.6.1.orig/src/view.c 2006-06-25 20:34:28.000000000 +0700
-++++ mc-4.6.1/src/view.c 2006-06-25 20:38:50.788096250 +0700
-+@@ -856,7 +856,7 @@
-+ #ifndef UTF8
-+ #define view_add_character(view,c) addch (c)
-+ #else /* UTF8 */
-+-#define view_add_character(view,c) SLsmg_write_char(c)
-++#define view_add_character(view,c) {wchar_t tmp=c; SLsmg_write_nwchars(&tmp, 1);}
-+ #endif /* UTF8 */
-+ #define view_add_one_vline() one_vline()
-+ #define view_add_string(view,s) addstr (s)
---- mc-4.6.1.orig/debian/patches/45_ftpfs_symlink1.patch
-+++ mc-4.6.1/debian/patches/45_ftpfs_symlink1.patch
-@@ -0,0 +1,11 @@
-+--- vfs/ftpfs.c 22 Feb 2005 18:35:23 -0000 1.176
-++++ vfs/ftpfs.c 5 Apr 2005 18:13:23 -0000
-+@@ -117,7 +117,7 @@ int ftpfs_use_passive_connections = 1;
-+ int ftpfs_use_unix_list_options = 1;
-+
-+ /* First "CWD <path>", then "LIST -la ." */
-+-int ftpfs_first_cd_then_ls;
-++int ftpfs_first_cd_then_ls = 1;
-+
-+ /* Use the ~/.netrc */
-+ int use_netrc = 1;
---- mc-4.6.1.orig/debian/patches/37_mcedit-segv.patch
-+++ mc-4.6.1/debian/patches/37_mcedit-segv.patch
-@@ -0,0 +1,50 @@
-+--- edit/edit-widget.h 3 Dec 2004 17:09:27 -0000 1.24
-++++ edit/edit-widget.h 15 Apr 2005 21:33:35 -0000
-+@@ -93,6 +93,7 @@ struct WEdit {
-+ /* syntax higlighting */
-+ struct _syntax_marker *syntax_marker;
-+ struct context_rule **rules;
-++ size_t rules_count; /* number of rules that are defined */
-+ long last_get_rule;
-+ struct syntax_rule rule;
-+ char *syntax_type; /* description of syntax highlighting type being used */
-+--- edit/syntax.c 22 Feb 2005 17:00:38 -0000 1.73
-++++ edit/syntax.c 15 Apr 2005 21:33:35 -0000
-+@@ -678,6 +678,7 @@ edit_read_syntax_rules (WEdit *edit, FIL
-+ strcpy (whole_right, "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_01234567890");
-+
-+ r = edit->rules = g_malloc (alloc_contexts * sizeof (struct context_rule *));
-++ edit->rules_count = 0;
-+
-+ if (!edit->defines)
-+ edit->defines = g_tree_new ((GCompareFunc) strcmp);
-+@@ -908,6 +909,7 @@ edit_read_syntax_rules (WEdit *edit, FIL
-+ if (num_contexts == -1) {
-+ return line;
-+ }
-++ edit->rules_count = num_contexts;
-+
-+ {
-+ char *first_chars, *p;
-+@@ -932,17 +934,18 @@ edit_read_syntax_rules (WEdit *edit, FIL
-+
-+ void edit_free_syntax_rules (WEdit * edit)
-+ {
-+- int i, j;
-++ size_t i, j;
-+ if (!edit)
-+ return;
-+ if (edit->defines)
-+ destroy_defines (&edit->defines);
-+ if (!edit->rules)
-+ return;
-+- edit_get_rule (edit, -1);
-++ if (edit->rules_count > 0)
-++ edit_get_rule (edit, -1);
-+ syntax_g_free (edit->syntax_type);
-+ edit->syntax_type = 0;
-+- for (i = 0; edit->rules[i]; i++) {
-++ for (i = 0; i < edit->rules_count; i++) {
-+ if (edit->rules[i]->keyword) {
-+ for (j = 0; edit->rules[i]->keyword[j]; j++) {
-+ syntax_g_free (edit->rules[i]->keyword[j]->keyword);
---- mc-4.6.1.orig/debian/patches/32_c-vs-cxx.patch
-+++ mc-4.6.1/debian/patches/32_c-vs-cxx.patch
-@@ -0,0 +1,57 @@
-+--- syntax/Makefile.am 6 Dec 2004 23:14:43 -0000 1.22
-++++ syntax/Makefile.am 20 Feb 2005 09:42:01 -0000
-+@@ -4,4 +4,5 @@
-+ aspx.syntax \
-+ c.syntax \
-++ cxx.syntax \
-+ cs.syntax \
-+ changelog.syntax \
-+--- syntax/Syntax 3 Nov 2004 20:16:48 -0000 1.27
-++++ syntax/Syntax 20 Feb 2005 09:42:01 -0000
-+@@ -69,7 +69,10 @@
-+ include texinfo.syntax
-+
-+-file ..\*\\.([chC]|CC|cxx|cc|cpp|CPP|CXX|hxx|h\.in)$ C/C\+\+\sProgram
-++file ..\*\\.c$ C\sProgram
-+ include c.syntax
-+
-++file ..\*\\.([hC]|CC|cxx|cc|cpp|CPP|CXX|hxx|h\.in)$ C/C\+\+\sProgram
-++include cxx.syntax
-++
-+ file ..\*\\.[fF]$ Fortran\sProgram
-+ include fortran.syntax
-+--- syntax/c.syntax 15 Mar 2003 04:41:20 -0000 1.15
-++++ syntax/c.syntax 20 Feb 2005 09:42:01 -0000
-+@@ -33,32 +33,5 @@
-+ keyword whole while yellow
-+ keyword whole asm yellow
-+- keyword whole catch yellow
-+- keyword whole class yellow
-+- keyword whole friend yellow
-+- keyword whole delete yellow
-+ keyword whole inline yellow
-+- keyword whole new yellow
-+- keyword whole operator yellow
-+- keyword whole private yellow
-+- keyword whole protected yellow
-+- keyword whole public yellow
-+- keyword whole this yellow
-+- keyword whole throw yellow
-+- keyword whole template yellow
-+- keyword whole try yellow
-+- keyword whole virtual yellow
-+- keyword whole bool yellow
-+- keyword whole const_cast yellow
-+- keyword whole dynamic_cast yellow
-+- keyword whole explicit yellow
-+- keyword whole false yellow
-+- keyword whole mutable yellow
-+- keyword whole namespace yellow
-+- keyword whole reinterpret_cast yellow
-+- keyword whole static_cast yellow
-+- keyword whole true yellow
-+- keyword whole typeid yellow
-+- keyword whole typename yellow
-+- keyword whole using yellow
-+ keyword whole wchar_t yellow
-+ keyword whole ... yellow
---- mc-4.6.1.orig/debian/patches/28_mc-dontrewrite.patch
-+++ mc-4.6.1/debian/patches/28_mc-dontrewrite.patch
-@@ -0,0 +1,11 @@
-+--- edit/editcmd.c 2005-03-17 22:18:23.000000000 +0100
-++++ edit/editcmd.c 2005-03-30 09:28:25.076282176 +0200
-+@@ -240,7 +240,7 @@ edit_save_file (WEdit *edit, const char
-+ }
-+
-+ if (!vfs_file_is_local (filename) ||
-+- (fd = mc_open (filename, O_WRONLY | O_BINARY)) == -1) {
-++ (fd = mc_open (filename, O_RDONLY | O_BINARY)) == -1) {
-+ /*
-+ * The file does not exists yet, so no safe save or
-+ * backup are necessary.
---- mc-4.6.1.orig/debian/patches/50_utf8-more.patch
-+++ mc-4.6.1/debian/patches/50_utf8-more.patch
-@@ -0,0 +1,48 @@
-+## Small patch for a problem in the status
-+## line with UTF-8 locales. Closes: #360427
-+--- mc-4.6.1.orig/src/screen.c.orig 2006-06-22 17:50:36.000000000 +0200
-++++ mc-4.6.1/src/screen.c 2006-06-22 17:51:39.000000000 +0200
-+@@ -658,7 +658,7 @@
-+ g_snprintf (buffer, sizeof (buffer), (panel->marked == 1) ?
-+ _("%s bytes in %d file") : _("%s bytes in %d files"),
-+ size_trunc_sep (panel->total), panel->marked);
-+- if ((int) strlen (buffer) > cols-2){
-++ if ((int) mbstrlen (buffer) > cols-2){
-+ buffer [cols] = 0;
-+ p += 2;
-+ } else
-+# Shift-Enter fix.
-+--- mc-4.6.1.orig/src/util.c 2006-08-03 14:09:22.000000000 +0200
-++++ mc-4.6.1/src/util.c 2006-08-03 14:17:11.000000000 +0200
-+@@ -102,7 +102,7 @@ mbstrlen (const char *str)
-+
-+ if (len > 0) {
-+ int wcsize = wcwidth(c);
-+- width += wcsize > 0 ? wcsize : 0;
-++ width += wcsize >= 0 ? wcsize : 1;
-+ str += len-1;
-+ }
-+ }
-+--- mc-4.6.1.orig/src/widget.c 2006-08-03 13:46:47.000000000 +0200
-++++ mc-4.6.1/src/widget.c 2006-08-03 14:17:04.000000000 +0200
-+@@ -817,7 +817,7 @@ charcolumn(WInput *in, int idx)
-+ l = mbrtowc(&wc, in->buffer + pos, len - pos, &mbs);
-+ if (l <= 0)
-+ return width;
-+- pos += l; width += wcwidth(wc);
-++ pos += l; width += (wcwidth(wc) >= 0 ? wcwidth(wc) : 1);
-+ i++;
-+ };
-+ return width;
-+# Wrong mode display patch
-+--- mc-4.6.1.orig/src/screen.c 2007-03-18 03:00:48.000000000 +0200
-++++ mc-4.6.1/src/screen.c 2007-03-18 02:58:32.000000000 +0200
-+@@ -648,7 +648,7 @@
-+ SLsmg_write_nwchars (((wchar_t *) buffer)
-+ + txtlen - n2, n2);
-+ } else
-+- SLsmg_write_nwchars ((wchar_t *) buffer, len);
-++ SLsmg_write_nwchars (((wchar_t *) buffer + still), len);
-+ } else {
-+ printw ("%*s", still, "");
-+ SLsmg_write_nwchars ((wchar_t *) buffer, txtlen);
---- mc-4.6.1.orig/debian/patches/45_ftpfs_symlink2.patch
-+++ mc-4.6.1/debian/patches/45_ftpfs_symlink2.patch
-@@ -0,0 +1,32 @@
-+--- vfs/direntry.c 22 Feb 2005 18:35:23 -0000 1.116
-++++ vfs/direntry.c 6 Apr 2005 14:04:54 -0000
-+@@ -251,7 +251,13 @@ vfs_s_find_entry_tree (struct vfs_class
-+ char * const pathref = g_strdup (a_path);
-+ char *path = pathref;
-+
-+- canonicalize_pathname (path);
-++ if (strncmp(me->name, "ftpfs", 5) != 0)
-++ canonicalize_pathname (path);
-++ else {
-++ char *p = path + strlen (path) - 1;
-++ while (p > path && *p == PATH_SEP)
-++ *p-- = 0;
-++ }
-+
-+ while (root) {
-+ while (*path == PATH_SEP) /* Strip leading '/' */
-+@@ -324,7 +330,13 @@ vfs_s_find_entry_linear (struct vfs_clas
-+ if (root->super->root != root)
-+ vfs_die ("We have to use _real_ root. Always. Sorry.");
-+
-+- canonicalize_pathname (path);
-++ if (strncmp (me->name, "ftpfs", 5) != 0)
-++ canonicalize_pathname (path);
-++ else {
-++ char *p = path + strlen (path) - 1;
-++ while (p > path && *p == PATH_SEP)
-++ *p-- = 0;
-++ }
-+
-+ if (!(flags & FL_DIR)) {
-+ char *dirname, *name, *save;
---- mc-4.6.1.orig/debian/patches/01_mc.ext.in.mime.patch
-+++ mc-4.6.1/debian/patches/01_mc.ext.in.mime.patch
-@@ -0,0 +1,317 @@
-+--- lib/mc.ext.in.orig 2006-06-22 21:05:05.000000000 +0200
-++++ lib/mc.ext.in 2006-10-10 17:53:46.000000000 +0200
-+@@ -106,8 +106,8 @@
-+
-+ ### Archives ###
-+
-+-# .tgz, .tpz, .tar.gz, .tar.z, .tar.Z
-+-regex/\.t([gp]?z|ar\.g?[zZ])$
-++# .tgz, .tpz, .tar.gz, .tar.z, .tar.Z, .ipk
-++regex/\.t([gp]?z|ar\.g?[zZ])$|\.ipk$
-+ Open=%cd %p#utar
-+ View=%view{ascii} gzip -dc %f 2>/dev/null | tar tvvf -
-+
-+@@ -132,7 +132,7 @@
-+ # tar
-+ regex/\.(tar|TAR)$
-+ Open=%cd %p#utar
-+- View=%view{ascii} tar tvvf %f
-++ View=%view{ascii} tar tvvf - < %f
-+
-+ # lha
-+ type/^LHa\ .*archive
-+@@ -142,7 +142,7 @@
-+ # arj
-+ regex/\.a(rj|[0-9][0-9])$
-+ Open=%cd %p#uarj
-+- View=%view{ascii} unarj l %f
-++ View=%view{ascii} arj l %f
-+
-+ # ha
-+ regex/\.([Hh][Aa])$
-+@@ -194,7 +194,16 @@
-+ # deb
-+ regex/\.u?deb$
-+ Open=%cd %p#deb
-+- View=%view{ascii} dpkg-deb -c %f
-++ View=%view{ascii} dpkg-deb -I %f && echo && dpkg-deb -c %f
-++
-++# dpkg
-++shell/.debd
-++ Open=%cd %p#debd
-++ View=%view{ascii} dpkg -s `echo %p | sed 's/\([0-9a-z.-]*\).*/\1/'`
-++# apt
-++shell/.deba
-++ Open=%cd %p#deba
-++ View=%view{ascii} apt-cache show `echo %p | sed 's/\([0-9a-z.-]*\).*/\1/'`
-+
-+ # ISO9660
-+ regex/\.iso$
-+@@ -210,28 +219,28 @@
-+
-+ # C
-+ shell/.c
-+- Open=%var{EDITOR:vi} %f
-++ Open=sensible-editor %f
-+
-+ # Fortran
-+ shell/.f
-+- Open=%var{EDITOR:vi} %f
-++ Open=sensible-editor %f
-+
-+ # Header
-+ regex/\.(h|hpp)$
-+- Open=%var{EDITOR:vi} %f
-++ Open=sensible-editor %f
-+
-+ # Object
-+ shell/.o
-+- #Open=%var{PAGER:more} %f
-++ #Open=sensible-pager %f
-+ View=%view{ascii} file %f && nm %f
-+
-+ # Asm
-+ shell/.s
-+- Open=%var{EDITOR:vi} %f
-++ Open=sensible-editor %f
-+
-+ # C++
-+ regex/\.(C|cc|cpp)$
-+- Open=%var{EDITOR:vi} %f
-++ Open=sensible-editor %f
-+
-+
-+ ### Documentation ###
-+@@ -252,7 +261,7 @@
-+ View=%view{ascii} file %f && nm %f
-+
-+ regex/(([^0-9]|^[^\.]*)\.([1-9][A-Za-z]*|[ln])|\.man)$
-+- Open=case %d/%f in */log/*|*/logs/*) cat %f ;; *) nroff @MAN_FLAGS@ @MANDOC@ %f ;; esac | %var{PAGER:more}
-++ Open=case %d/%f in */log/*|*/logs/*) cat %f ;; *) nroff @MAN_FLAGS@ @MANDOC@ %f ;; esac | sensible-pager
-+ View=%view{ascii,nroff} case %d/%f in */log/*|*/logs/*) cat %f ;; *) nroff @MAN_FLAGS@ @MANDOC@ %f ;; esac
-+
-+ # Troff with me macros.
-+@@ -262,25 +271,25 @@
-+ View=
-+
-+ shell/.me
-+- Open=nroff @MAN_FLAGS@ -me %f | %var{PAGER:more}
-++ Open=nroff @MAN_FLAGS@ -me %f | sensible-pager
-+ View=%view{ascii,nroff} nroff @MAN_FLAGS@ -me %f
-+
-+ # Troff with ms macros.
-+ shell/.ms
-+- Open=nroff @MAN_FLAGS@ -ms %f | %var{PAGER:more}
-++ Open=nroff @MAN_FLAGS@ -ms %f | sensible-pager
-+ View=%view{ascii,nroff} nroff @MAN_FLAGS@ -ms %f
-+
-+ # Manual page - compressed
-+ regex/([^0-9]|^[^\.]*)\.([1-9][A-Za-z]*|[ln])\.g?[Zz]$
-+- Open=case %d/%f in */log/*|*/logs/*) gzip -dc %f ;; *) gzip -dc %f | nroff @MAN_FLAGS@ @MANDOC@ ;; esac | %var{PAGER:more}
-++ Open=case %d/%f in */log/*|*/logs/*) gzip -dc %f ;; *) gzip -dc %f | nroff @MAN_FLAGS@ @MANDOC@ ;; esac | sensible-pager
-+ View=%view{ascii,nroff} case %d/%f in */log/*|*/logs/*) gzip -dc %f ;; *) gzip -dc %f | nroff @MAN_FLAGS@ @MANDOC@ ;; esac
-+
-+ regex/([^0-9]|^[^\.]*)\.([1-9][A-Za-z]*|[ln])\.bz$
-+- Open=case %d/%f in */log/*|*/logs/*) bzip -dc %f ;; *) bzip -dc %f | nroff @MAN_FLAGS@ @MANDOC@ ;; esac | %var{PAGER:more}
-++ Open=case %d/%f in */log/*|*/logs/*) bzip -dc %f ;; *) bzip -dc %f | nroff @MAN_FLAGS@ @MANDOC@ ;; esac | sensible-pager
-+ View=%view{ascii,nroff} case %d/%f in */log/*|*/logs/*) bzip -dc %f ;; *) bzip -dc %f | nroff @MAN_FLAGS@ @MANDOC@ ;; esac
-+
-+ regex/([^0-9]|^[^\.]*)\.([1-9][A-Za-z]*|[ln])\.bz2$
-+- Open=case %d/%f in */log/*|*/logs/*) bzip2 -dc %f ;; *) bzip2 -dc %f | nroff @MAN_FLAGS@ @MANDOC@ ;; esac | %var{PAGER:more}
-++ Open=case %d/%f in */log/*|*/logs/*) bzip2 -dc %f ;; *) bzip2 -dc %f | nroff @MAN_FLAGS@ @MANDOC@ ;; esac | sensible-pager
-+ View=%view{ascii,nroff} case %d/%f in */log/*|*/logs/*) bzip2 -dc %f ;; *) bzip2 -dc %f | nroff @MAN_FLAGS@ @MANDOC@ ;; esac
-+
-+
-+@@ -290,6 +299,7 @@
-+ Include=image
-+
-+ type/^JPEG
-++ View=%view{ascii} identify %f; test -x /usr/bin/exif && echo && exif %f
-+ Include=image
-+
-+ type/^PC\ bitmap
-+@@ -317,14 +327,16 @@
-+ Open=gimp %f
-+
-+ shell/.xbm
-+- Open=bitmap %f
-++ Include=image
-++ #Open=bitmap %f
-+
-+ shell/.xpm
-+ Include=image
-+ View=sxpm %f
-+
-+ include/image
-+- Open=if [ "$DISPLAY" = "" ]; then zgv %f; else (gqview %f &); fi
-++ Open=see %f
-++ #Open=if [ "$DISPLAY" = "" ]; then zgv %f; else (gqview %f &); fi
-+ View=%view{ascii} identify %f
-+ #View=%view{ascii} asciiview %f
-+
-+@@ -332,25 +344,30 @@
-+ ### Sound files ###
-+
-+ regex/\.([wW][aA][vV]|[sS][nN][dD]|[vV][oO][cC]|[aA][uU]|[sS][mM][pP]|[aA][iI][fF][fF]|[sS][nN][dD])$
-+- Open=if [ "$DISPLAY" = "" ]; then play %f; else (xmms -e %f 1>/dev/null 2>&1 &); fi
-++ Open=run-mailcap audio/x-wav:%f
-++ #Open=if [ "$DISPLAY" = "" ]; then play %f; else (xmms -e %f 1>/dev/null 2>&1 &); fi
-+
-+ regex/\.([mM][oO][dD]|[sS]3[mM]|[xX][mM]|[iI][tT]|[mM][tT][mM]|669|[sS][tT][mM]|[uU][lL][tT]|[fF][aA][rR])$
-+- Open=mikmod %f
-+- #Open=tracker %f
-++ Open=run-mailcap application/x-mod:%f
-++ #Open=mikmod %f
-++ #Open=tracker %f
-+
-+ regex/\.([wW][aA][wW]22)$
-+ Open=vplay -s 22 %f
-+
-+ regex/\.([mM][pP]3)$
-+- Open=if [ "$DISPLAY" = "" ]; then mpg123 %f; else (xmms %f &); fi
-+- View=%view{ascii} mpg123 -vtn1 %f 2>&1 | sed -n '/^Title/,/^Comment/p;/^MPEG/,/^Audio/p'
-++ Open=run-mailcap audio/mpeg:%f
-++ #Open=if [ "$DISPLAY" = "" ]; then mpg123 %f; else (xmms %f &); fi
-++ View=%view{ascii} mpg123 -vtn1 %f 2>&1 | sed -n '/Title:/,/Comment:/p;/^MPEG/,/^Audio/p'
-+
-+ regex/\.([oO][gG][gG])$
-+- Open=if [ "$DISPLAY" = "" ]; then ogg123 %f; else (xmms %f &); fi
-++ Open=run-mailcap application/x-ogg:%f &
-++ #Open=if [ "$DISPLAY" = "" ]; then ogg123 %f; else (xmms %f &); fi
-+ View=%view{ascii} ogginfo %s
-+
-+ regex/\.([mM][iI][dD][iI]?|[rR][mM][iI][dD]?)$
-+- Open=timidity %f
-++ Open=run-mailcap audio/midi:%f
-++ #Open=timidity %f
-+
-+ regex/\.([wW][mM][aA])$
-+ Open=mplayer -vo null %f
-+@@ -390,10 +407,12 @@
-+ Include=video
-+
-+ regex/\.([rR][aA]?[mM])$
-+- Open=(realplay %f >/dev/null 2>&1 &)
-++ Open=run-mailcap audio/x-pn-realaudio:%f
-++ #Open=(realplay %f >/dev/null 2>&1 &)
-+
-+ include/video
-+- Open=(mplayer %f >/dev/null 2>&1 &)
-++ Open=see %f
-++ #Open=(mplayer %f >/dev/null 2>&1 &)
-+ #Open=(gtv %f >/dev/null 2>&1 &)
-+ #Open=(xanim %f >/dev/null 2>&1 &)
-+
-+@@ -402,12 +421,14 @@
-+
-+ # Postscript
-+ type/^PostScript
-+- Open=(gv %f &)
-++ Open=run-mailcap application/postscript:%f
-++ #Open=(gv %f &)
-+ View=%view{ascii} ps2ascii %f
-+
-+ # PDF
-+ type/^PDF
-+- Open=(xpdf %f &)
-++ Open=run-mailcap application/pdf:%f &
-++ #Open=(xpdf %f &)
-+ #Open=(acroread %f &)
-+ #Open=(ghostview %f &)
-+ View=%view{ascii} pdftotext %f -
-+@@ -417,8 +438,9 @@
-+
-+ # html
-+ regex/\.([hH][tT][mM][lL]?)$
-+- Open=(if test -n "@X11_WWW@" && test -n "$DISPLAY"; then (@X11_WWW@ file://%d/%p &) 1>&2; else links %f || lynx -force_html %f || ${PAGER:-more} %f; fi) 2>/dev/null
-+- View=%view{ascii} lynx -dump -force_html %f
-++ Open=run-mailcap text/html:%f
-++ #Open=(if test -n "@X11_WWW@" && test -n "$DISPLAY"; then (@X11_WWW@ file://%d/%p &) 1>&2; else links %f || lynx -force_html %f || ${PAGER:-more} %f; fi) 2>/dev/null
-++ View=%view{ascii} links -dump %f 2>/dev/null || w3m -dump %f 2>/dev/null || lynx -dump -force_html %f
-+
-+ # StarOffice 5.2
-+ shell/.sdw
-+@@ -435,22 +457,26 @@
-+
-+ # Microsoft Word Document
-+ regex/\.([Dd][oO][cCtT]|[Ww][rR][iI])$
-+- Open=(abiword %f >/dev/null 2>&1 &)
-+- View=%view{ascii} catdoc -w %f || word2x -f text %f - || strings %f
-++ Open=run-mailcap application/msword:%f
-++ #Open=(abiword %f >/dev/null 2>&1 &)
-++ View=%view{ascii} antiword -t %f || catdoc -w %f || word2x -f text %f - || strings %f
-+ type/^Microsoft\ Word
-+ Open=(abiword %f >/dev/null 2>&1 &)
-+- View=%view{ascii} catdoc -w %f || word2x -f text %f - || strings %f
-++ View=%view{ascii} antiword -t %f || catdoc -w %f || word2x -f text %f - || strings %f
-+
-+ # RTF document
-+ regex/\.([rR][tT][fF])$
-+- Open=(abiword %f >/dev/null 2>&1 &)
-++ Open=run-mailcap text/rtf:%f
-++ #Open=(abiword %f >/dev/null 2>&1 &)
-+
-+ # Microsoft Excel Worksheet
-+ regex/\.([xX][lL][sSwW])$
-+- Open=(gnumeric %f >/dev/null 2>&1 &)
-++ Open=run-mailcap application/vnd.ms-excel:%f
-++ #Open=(gnumeric %f >/dev/null 2>&1 &)
-+ View=%view{ascii} xls2csv %f || strings %f
-+ type/^Microsoft\ Excel
-+- Open=(gnumeric %f >/dev/null 2>&1 &)
-++ Open=run-mailcap application/vnd.ms-excel:%f
-++ #Open=(gnumeric %f >/dev/null 2>&1 &)
-+ View=%view{ascii} xls2csv %f || strings %f
-+
-+ # Use OpenOffice.org to open any MS Office documents
-+@@ -463,12 +489,14 @@
-+
-+ # DVI
-+ regex/\.([dD][vV][iI])$
-+- Open=if [ x$DISPLAY = x ]; then dvisvga %f; else (xdvi %f &); fi
-++ Open=run-mailcap application/x-dvi:%f
-++ #Open=if [ x$DISPLAY = x ]; then dvisvga %f; else (xdvi %f &); fi
-+ View=%view{ascii} dvi2tty %f
-+
-+ # TeX
-+ regex/\.([Tt][Ee][Xx])$
-+- Open=%var{EDITOR:vi} %f
-++ Open=sensible-editor %f
-++ #Open=%var{EDITOR:vi} %f
-+
-+
-+ ### Miscellaneous ###
-+@@ -509,24 +537,29 @@
-+
-+ # gzip
-+ type/^gzip
-+- Open=gzip -dc %f | %var{PAGER:more}
-++ Open=gzip -dc %f | sensible-pager
-+ View=%view{ascii} gzip -dc %f 2>/dev/null
-+
-+ # bzip2
-+ type/^bzip2
-+- Open=bzip2 -dc %f | %var{PAGER:more}
-++ Open=bzip2 -dc %f | sensible-pager
-+ View=%view{ascii} bzip2 -dc %f 2>/dev/null
-+
-+ # bzip
-+ type/^bzip
-+- Open=bzip -dc %f | %var{PAGER:more}
-++ Open=bzip -dc %f | sensible-pager
-+ View=%view{ascii} bzip -dc %f 2>/dev/null
-+
-+ # compress
-+ type/^compress
-+- Open=gzip -dc %f | %var{PAGER:more}
-++ Open=gzip -dc %f | sensible-pager
-+ View=%view{ascii} gzip -dc %f 2>/dev/null
-+
-++### Debian additions ###
-++
-++# Gettext Catalogs
-++shell/.mo
-++ View=%view{ascii} msgunfmt %f || cat %f
-+
-+ ### Default ###
-+
---- mc-4.6.1.orig/debian/patches/14_cxx.syntax.patch
-+++ mc-4.6.1/debian/patches/14_cxx.syntax.patch
-@@ -0,0 +1,141 @@
-+--- mc-4.6.0-4.6.1-pre4.orig/syntax/Makefile.in
-++++ mc-4.6.0-4.6.1-pre4/syntax/Makefile.in
-+@@ -227,6 +227,7 @@
-+ aspx.syntax \
-+ assembler.syntax \
-+ c.syntax \
-++ cxx.syntax \
-+ cs.syntax \
-+ changelog.syntax \
-+ diff.syntax \
-+--- mc-4.6.0-4.6.1-pre4.orig/syntax/cxx.syntax
-++++ mc-4.6.0-4.6.1-pre4/syntax/cxx.syntax
-+@@ -0,0 +1,128 @@
-++context default
-++ keyword whole auto yellow
-++ keyword whole break yellow
-++ keyword whole case yellow
-++ keyword whole char yellow
-++ keyword whole const yellow
-++ keyword whole continue yellow
-++ keyword whole default yellow
-++ keyword whole do yellow
-++ keyword whole double yellow
-++ keyword whole else yellow
-++ keyword whole enum yellow
-++ keyword whole extern yellow
-++ keyword whole float yellow
-++ keyword whole for yellow
-++ keyword whole goto yellow
-++ keyword whole if yellow
-++ keyword whole int yellow
-++ keyword whole long yellow
-++ keyword whole register yellow
-++ keyword whole return yellow
-++ keyword whole short yellow
-++ keyword whole signed yellow
-++ keyword whole sizeof yellow
-++ keyword whole static yellow
-++ keyword whole struct yellow
-++ keyword whole switch yellow
-++ keyword whole typedef yellow
-++ keyword whole union yellow
-++ keyword whole unsigned yellow
-++ keyword whole void yellow
-++ keyword whole volatile yellow
-++ keyword whole while yellow
-++ keyword whole asm yellow
-++ keyword whole catch yellow
-++ keyword whole class yellow
-++ keyword whole friend yellow
-++ keyword whole delete yellow
-++ keyword whole inline yellow
-++ keyword whole new yellow
-++ keyword whole operator yellow
-++ keyword whole private yellow
-++ keyword whole protected yellow
-++ keyword whole public yellow
-++ keyword whole this yellow
-++ keyword whole throw yellow
-++ keyword whole template yellow
-++ keyword whole try yellow
-++ keyword whole virtual yellow
-++ keyword whole bool yellow
-++ keyword whole const_cast yellow
-++ keyword whole dynamic_cast yellow
-++ keyword whole explicit yellow
-++ keyword whole false yellow
-++ keyword whole mutable yellow
-++ keyword whole namespace yellow
-++ keyword whole reinterpret_cast yellow
-++ keyword whole static_cast yellow
-++ keyword whole true yellow
-++ keyword whole typeid yellow
-++ keyword whole typename yellow
-++ keyword whole using yellow
-++ keyword whole wchar_t yellow
-++ keyword whole ... yellow
-++ keyword whole linestart \{\s\t\}\[\s\t\]#*\n brightmagenta
-++
-++ keyword /\* brown
-++ keyword \*/ brown
-++ keyword // brown
-++
-++ keyword '\\\{"abtnvfr\}' brightgreen
-++ keyword '\\\{0123\}\{01234567\}\{01234567\}' brightgreen
-++ keyword '\\'' brightgreen
-++ keyword '\\\\' brightgreen
-++ keyword '\\0' brightgreen
-++ keyword '\{\s!"#$%&()\*\+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_`abcdefghijklmnopqrstuvwxyz{|}~ ¡¢£¤¥¦§¨©ª«¬®¯°±²³´µ¶·¸¹º»¼½¾¿ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿ\}' brightgreen
-++
-++ keyword > yellow
-++ keyword < yellow
-++ keyword \+ yellow
-++ keyword - yellow
-++ keyword \* yellow
-++ keyword / yellow
-++ keyword % yellow
-++ keyword = yellow
-++ keyword != yellow
-++ keyword == yellow
-++ keyword { brightcyan
-++ keyword } brightcyan
-++ keyword ( brightcyan
-++ keyword ) brightcyan
-++ keyword [ brightcyan
-++ keyword ] brightcyan
-++ keyword , brightcyan
-++ keyword : brightcyan
-++ keyword ? brightcyan
-++ keyword ; brightmagenta
-++
-++context exclusive /\* \*/ brown
-++ spellcheck
-++
-++context exclusive // \n brown
-++ spellcheck
-++
-++context linestart # \n brightred
-++ keyword \\\n yellow
-++ keyword /\**\*/ brown
-++ keyword //*\n brown
-++ keyword "+" red
-++ keyword <+> red
-++
-++context " " green
-++ spellcheck
-++ keyword \\" brightgreen
-++ keyword %% brightgreen
-++ keyword %\[#0\s-\+,\]\[0123456789\*\]\[.\]\[0123456789\*\]\[L\]\{eEfgGoxX\} brightgreen
-++ keyword %\[0\s-\+,\]\[0123456789\*\]\[.\]\[0123456789\*\]\[hl\]\{diuxX\} brightgreen
-++ keyword %\[hl\]n brightgreen
-++ keyword %\[-\]\[0123456789\*\]\[.\]\[0123456789\*\]s brightgreen
-++ keyword %[*] brightgreen
-++ keyword %c brightgreen
-++ keyword %p brightgreen
-++ keyword \\\{0123\}\{01234567\}\{01234567\} brightgreen
-++ keyword \\\\ brightgreen
-++ keyword \\' brightgreen
-++ keyword \\\{abtnvfr\} brightgreen
-++
-++
---- mc-4.6.1.orig/debian/copyright
-+++ mc-4.6.1/debian/copyright
-@@ -0,0 +1,22 @@
-+This package was debianized by Paul Seelig <pseelig@mail.uni-mainz.de>
-+on Tue Apr 1 14:32:15 1997. It has been maintained by Michael Bramer
-+and Martin Bialasinski <mc@internet-treff.uni-koeln.de>.
-+
-+From Jan 2004 this package is maintained by:
-+ Stefano Melchior <stefano.melchior@openlabs.it> and Ludovic Drolez <ldrolez@free.fr>
-+
-+From Dec 2002 to Dec 2004 this package was maintained by:
-+ Adam Byrtek <alpha@debian.org>
-+
-+It was downloaded from:
-+ http://www.ibiblio.org/pub/Linux/utils/file/managers/mc/
-+
-+Homepage:
-+ http://www.ibiblio.org/mc/
-+
-+Authors:
-+ See /usr/share/doc/mc/AUTHORS
-+
-+Copyright:
-+ This software is released under a GPL license - see the
-+ /usr/share/common-licenses/GPL file.
---- mc-4.6.1.orig/debian/doc-base
-+++ mc-4.6.1/debian/doc-base
-@@ -0,0 +1,8 @@
-+Document: MC-FAQ
-+Title: Midnight Commander FAQ
-+Author: Janne Kukonlehto <janne@gnome.org>
-+Abstract: Midnight Commander Frequently Asked Questions and the Answers
-+Section: Apps/Tools
-+
-+Format: text
-+Files: /usr/share/doc/mc/FAQ.gz
---- mc-4.6.1.orig/debian/mc.prerm
-+++ mc-4.6.1/debian/mc.prerm
-@@ -0,0 +1,12 @@
-+#! /bin/sh
-+
-+set -e
-+
-+case "$1" in
-+ remove)
-+ update-alternatives --remove editor /usr/bin/mcedit-debian
-+ update-alternatives --remove view /usr/bin/mcview-debian
-+ ;;
-+esac
-+
-+#DEBHELPER#
+++ /dev/null
-Submitted By: Robert Connolly <robert at linuxfromscratch dot org>
-Date: 2005-11-13
-Initial Package Version: 0.9.8a
-Upstream Status: Submitted upstream
-Origin: Anderson Lizardo
-Description: This patch fixes conflicts between man pages
- installed by OpenSSL and those found on other
- packages (particulary Shadow, Perl, and
- Man-pages). It also fixes syntax errors on some
- POD files that generates slightly broken man
- pages.
-
-$LastChangedBy: igor $
-$Date: 2005-04-03 16:54:23 -0600 (Sun, 03 Apr 2005) $
-
---- openssl-0.9.8a.orig/FAQ 2006-09-11 08:56:58.000000000 -0500
-+++ openssl-0.9.8a/FAQ 2006-09-11 08:57:19.000000000 -0500
-@@ -680,7 +680,7 @@
-
- Multi-threaded applications must provide two callback functions to
- OpenSSL by calling CRYPTO_set_locking_callback() and
--CRYPTO_set_id_callback(). This is described in the threads(3)
-+CRYPTO_set_id_callback(). This is described in the openssl_threads(3)
- manpage.
-
- * I've compiled a program under Windows and it crashes: why?
-diff -Naur openssl-0.9.8a.orig/crypto/rand/md_rand.c openssl-0.9.8a/crypto/rand/md_rand.c
---- openssl-0.9.8a.orig/crypto/rand/md_rand.c 2005-04-07 22:53:35.000000000 +0000
-+++ openssl-0.9.8a/crypto/rand/md_rand.c 2005-11-14 03:59:59.000000000 +0000
-@@ -196,7 +196,7 @@
- int do_not_lock;
-
- /*
-- * (Based on the rand(3) manpage)
-+ * (Based on the openssl_rand(3) manpage)
- *
- * The input is chopped up into units of 20 bytes (or less for
- * the last block). Each of these blocks is run through the hash
-@@ -351,7 +351,7 @@
- num_ceil = (1 + (num-1)/(MD_DIGEST_LENGTH/2)) * (MD_DIGEST_LENGTH/2);
-
- /*
-- * (Based on the rand(3) manpage:)
-+ * (Based on the openssl_rand(3) manpage)
- *
- * For each group of 10 bytes (or less), we do the following:
- *
-diff -Naur openssl-0.9.8a.orig/doc/apps/openssl-passwd.pod openssl-0.9.8a/doc/apps/openssl-passwd.pod
---- openssl-0.9.8a.orig/doc/apps/openssl-passwd.pod 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-0.9.8a/doc/apps/openssl-passwd.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -0,0 +1,82 @@
-+=pod
-+
-+=head1 NAME
-+
-+openssl-passwd - compute password hashes
-+
-+=head1 SYNOPSIS
-+
-+B<openssl passwd>
-+[B<-crypt>]
-+[B<-1>]
-+[B<-apr1>]
-+[B<-salt> I<string>]
-+[B<-in> I<file>]
-+[B<-stdin>]
-+[B<-noverify>]
-+[B<-quiet>]
-+[B<-table>]
-+{I<password>}
-+
-+=head1 DESCRIPTION
-+
-+The B<passwd> command computes the hash of a password typed at
-+run-time or the hash of each password in a list. The password list is
-+taken from the named file for option B<-in file>, from stdin for
-+option B<-stdin>, or from the command line, or from the terminal otherwise.
-+The Unix standard algorithm B<crypt> and the MD5-based BSD password
-+algorithm B<1> and its Apache variant B<apr1> are available.
-+
-+=head1 OPTIONS
-+
-+=over 4
-+
-+=item B<-crypt>
-+
-+Use the B<crypt> algorithm (default).
-+
-+=item B<-1>
-+
-+Use the MD5 based BSD password algorithm B<1>.
-+
-+=item B<-apr1>
-+
-+Use the B<apr1> algorithm (Apache variant of the BSD algorithm).
-+
-+=item B<-salt> I<string>
-+
-+Use the specified salt.
-+When reading a password from the terminal, this implies B<-noverify>.
-+
-+=item B<-in> I<file>
-+
-+Read passwords from I<file>.
-+
-+=item B<-stdin>
-+
-+Read passwords from B<stdin>.
-+
-+=item B<-noverify>
-+
-+Don't verify when reading a password from the terminal.
-+
-+=item B<-quiet>
-+
-+Don't output warnings when passwords given at the command line are truncated.
-+
-+=item B<-table>
-+
-+In the output list, prepend the cleartext password and a TAB character
-+to each password hash.
-+
-+=back
-+
-+=head1 EXAMPLES
-+
-+B<openssl passwd -crypt -salt xx password> prints B<xxj31ZMTZzkVA>.
-+
-+B<openssl passwd -1 -salt xxxxxxxx password> prints B<$1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.>.
-+
-+B<openssl passwd -apr1 -salt xxxxxxxx password> prints B<$apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0>.
-+
-+=cut
-diff -Naur openssl-0.9.8a.orig/doc/apps/openssl.pod openssl-0.9.8a/doc/apps/openssl.pod
---- openssl-0.9.8a.orig/doc/apps/openssl.pod 2004-01-04 18:59:14.000000000 +0000
-+++ openssl-0.9.8a/doc/apps/openssl.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -125,7 +125,7 @@
-
- Online Certificate Status Protocol utility.
-
--=item L<B<passwd>|passwd(1)>
-+=item L<B<passwd>|openssl-passwd(1)>
-
- Generation of hashed passwords.
-
-@@ -325,7 +325,7 @@
- L<dhparam(1)|dhparam(1)>, L<dsa(1)|dsa(1)>, L<dsaparam(1)|dsaparam(1)>,
- L<enc(1)|enc(1)>, L<gendsa(1)|gendsa(1)>,
- L<genrsa(1)|genrsa(1)>, L<nseq(1)|nseq(1)>, L<openssl(1)|openssl(1)>,
--L<passwd(1)|passwd(1)>,
-+L<openssl-passwd(1)|openssl-passwd(1)>,
- L<pkcs12(1)|pkcs12(1)>, L<pkcs7(1)|pkcs7(1)>, L<pkcs8(1)|pkcs8(1)>,
- L<rand(1)|rand(1)>, L<req(1)|req(1)>, L<rsa(1)|rsa(1)>,
- L<rsautl(1)|rsautl(1)>, L<s_client(1)|s_client(1)>,
-diff -Naur openssl-0.9.8a.orig/doc/apps/passwd.pod openssl-0.9.8a/doc/apps/passwd.pod
---- openssl-0.9.8a.orig/doc/apps/passwd.pod 2002-10-04 12:59:00.000000000 +0000
-+++ openssl-0.9.8a/doc/apps/passwd.pod 1970-01-01 00:00:00.000000000 +0000
-@@ -1,82 +0,0 @@
--=pod
--
--=head1 NAME
--
--passwd - compute password hashes
--
--=head1 SYNOPSIS
--
--B<openssl passwd>
--[B<-crypt>]
--[B<-1>]
--[B<-apr1>]
--[B<-salt> I<string>]
--[B<-in> I<file>]
--[B<-stdin>]
--[B<-noverify>]
--[B<-quiet>]
--[B<-table>]
--{I<password>}
--
--=head1 DESCRIPTION
--
--The B<passwd> command computes the hash of a password typed at
--run-time or the hash of each password in a list. The password list is
--taken from the named file for option B<-in file>, from stdin for
--option B<-stdin>, or from the command line, or from the terminal otherwise.
--The Unix standard algorithm B<crypt> and the MD5-based BSD password
--algorithm B<1> and its Apache variant B<apr1> are available.
--
--=head1 OPTIONS
--
--=over 4
--
--=item B<-crypt>
--
--Use the B<crypt> algorithm (default).
--
--=item B<-1>
--
--Use the MD5 based BSD password algorithm B<1>.
--
--=item B<-apr1>
--
--Use the B<apr1> algorithm (Apache variant of the BSD algorithm).
--
--=item B<-salt> I<string>
--
--Use the specified salt.
--When reading a password from the terminal, this implies B<-noverify>.
--
--=item B<-in> I<file>
--
--Read passwords from I<file>.
--
--=item B<-stdin>
--
--Read passwords from B<stdin>.
--
--=item B<-noverify>
--
--Don't verify when reading a password from the terminal.
--
--=item B<-quiet>
--
--Don't output warnings when passwords given at the command line are truncated.
--
--=item B<-table>
--
--In the output list, prepend the cleartext password and a TAB character
--to each password hash.
--
--=back
--
--=head1 EXAMPLES
--
--B<openssl passwd -crypt -salt xx password> prints B<xxj31ZMTZzkVA>.
--
--B<openssl passwd -1 -salt xxxxxxxx password> prints B<$1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.>.
--
--B<openssl passwd -apr1 -salt xxxxxxxx password> prints B<$apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0>.
--
--=cut
-diff -Naur openssl-0.9.8a.orig/doc/crypto/BN_generate_prime.pod openssl-0.9.8a/doc/crypto/BN_generate_prime.pod
---- openssl-0.9.8a.orig/doc/crypto/BN_generate_prime.pod 2003-01-13 13:18:22.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/BN_generate_prime.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -90,7 +90,7 @@
-
- =head1 SEE ALSO
-
--L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>
-+L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>
-
- =head1 HISTORY
-
-diff -Naur openssl-0.9.8a.orig/doc/crypto/BN_rand.pod openssl-0.9.8a/doc/crypto/BN_rand.pod
---- openssl-0.9.8a.orig/doc/crypto/BN_rand.pod 2002-09-25 13:33:26.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/BN_rand.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -45,7 +45,7 @@
-
- =head1 SEE ALSO
-
--L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-+L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>,
- L<RAND_add(3)|RAND_add(3)>, L<RAND_bytes(3)|RAND_bytes(3)>
-
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/CONF_modules_free.pod openssl-0.9.8a/doc/crypto/CONF_modules_free.pod
---- openssl-0.9.8a.orig/doc/crypto/CONF_modules_free.pod 2004-03-02 13:31:32.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/CONF_modules_free.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -37,7 +37,7 @@
- =head1 SEE ALSO
-
- L<conf(5)|conf(5)>, L<OPENSSL_config(3)|OPENSSL_config(3)>,
--L<CONF_modules_load_file(3), CONF_modules_load_file(3)>
-+L<CONF_modules_load_file(3)|CONF_modules_load_file(3)>
-
- =head1 HISTORY
-
-diff -Naur openssl-0.9.8a.orig/doc/crypto/CONF_modules_load_file.pod openssl-0.9.8a/doc/crypto/CONF_modules_load_file.pod
---- openssl-0.9.8a.orig/doc/crypto/CONF_modules_load_file.pod 2004-03-02 13:31:32.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/CONF_modules_load_file.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -51,7 +51,7 @@
- =head1 SEE ALSO
-
- L<conf(5)|conf(5)>, L<OPENSSL_config(3)|OPENSSL_config(3)>,
--L<CONF_free(3), CONF_free(3)>, L<err(3),err(3)>
-+L<CONF_free(3)|CONF_free(3)>, L<openssl_err(3)|openssl_err(3)>
-
- =head1 HISTORY
-
-diff -Naur openssl-0.9.8a.orig/doc/crypto/DH_generate_key.pod openssl-0.9.8a/doc/crypto/DH_generate_key.pod
---- openssl-0.9.8a.orig/doc/crypto/DH_generate_key.pod 2002-09-25 13:33:27.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/DH_generate_key.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -40,7 +40,7 @@
-
- =head1 SEE ALSO
-
--L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<DH_size(3)|DH_size(3)>
-+L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>, L<DH_size(3)|DH_size(3)>
-
- =head1 HISTORY
-
-diff -Naur openssl-0.9.8a.orig/doc/crypto/DH_generate_parameters.pod openssl-0.9.8a/doc/crypto/DH_generate_parameters.pod
---- openssl-0.9.8a.orig/doc/crypto/DH_generate_parameters.pod 2002-09-25 13:33:27.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/DH_generate_parameters.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -59,7 +59,7 @@
-
- =head1 SEE ALSO
-
--L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-+L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>,
- L<DH_free(3)|DH_free(3)>
-
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/DSA_do_sign.pod openssl-0.9.8a/doc/crypto/DSA_do_sign.pod
---- openssl-0.9.8a.orig/doc/crypto/DSA_do_sign.pod 2002-09-25 13:33:27.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/DSA_do_sign.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -36,7 +36,7 @@
-
- =head1 SEE ALSO
-
--L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-+L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>,
- L<DSA_SIG_new(3)|DSA_SIG_new(3)>,
- L<DSA_sign(3)|DSA_sign(3)>
-
-diff -Naur openssl-0.9.8a.orig/doc/crypto/DSA_generate_key.pod openssl-0.9.8a/doc/crypto/DSA_generate_key.pod
---- openssl-0.9.8a.orig/doc/crypto/DSA_generate_key.pod 2002-09-25 13:33:27.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/DSA_generate_key.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -24,7 +24,7 @@
-
- =head1 SEE ALSO
-
--L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-+L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>,
- L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>
-
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/DSA_generate_parameters.pod openssl-0.9.8a/doc/crypto/DSA_generate_parameters.pod
---- openssl-0.9.8a.orig/doc/crypto/DSA_generate_parameters.pod 2002-09-25 13:33:27.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/DSA_generate_parameters.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -90,7 +90,7 @@
-
- =head1 SEE ALSO
-
--L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-+L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>,
- L<DSA_free(3)|DSA_free(3)>
-
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/DSA_sign.pod openssl-0.9.8a/doc/crypto/DSA_sign.pod
---- openssl-0.9.8a.orig/doc/crypto/DSA_sign.pod 2002-09-25 13:33:27.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/DSA_sign.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -55,7 +55,7 @@
-
- =head1 SEE ALSO
-
--L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-+L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>,
- L<DSA_do_sign(3)|DSA_do_sign(3)>
-
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_GET_LIB.pod openssl-0.9.8a/doc/crypto/ERR_GET_LIB.pod
---- openssl-0.9.8a.orig/doc/crypto/ERR_GET_LIB.pod 2000-02-01 01:36:58.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/ERR_GET_LIB.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -41,7 +41,7 @@
-
- =head1 SEE ALSO
-
--L<err(3)|err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
-+L<openssl_err(3)|openssl_err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
-
- =head1 HISTORY
-
-diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_clear_error.pod openssl-0.9.8a/doc/crypto/ERR_clear_error.pod
---- openssl-0.9.8a.orig/doc/crypto/ERR_clear_error.pod 2000-02-01 01:36:58.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/ERR_clear_error.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -20,7 +20,7 @@
-
- =head1 SEE ALSO
-
--L<err(3)|err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
-+L<openssl_err(3)|openssl_err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
-
- =head1 HISTORY
-
-diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_error_string.pod openssl-0.9.8a/doc/crypto/ERR_error_string.pod
---- openssl-0.9.8a.orig/doc/crypto/ERR_error_string.pod 2004-11-14 15:11:37.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/ERR_error_string.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -60,7 +60,7 @@
-
- =head1 SEE ALSO
-
--L<err(3)|err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
-+L<openssl_err(3)|openssl_err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
- L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
- L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>
- L<ERR_print_errors(3)|ERR_print_errors(3)>
-diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_get_error.pod openssl-0.9.8a/doc/crypto/ERR_get_error.pod
---- openssl-0.9.8a.orig/doc/crypto/ERR_get_error.pod 2002-11-29 14:21:54.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/ERR_get_error.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -61,7 +61,7 @@
-
- =head1 SEE ALSO
-
--L<err(3)|err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>,
-+L<openssl_err(3)|openssl_err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>,
- L<ERR_GET_LIB(3)|ERR_GET_LIB(3)>
-
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_load_crypto_strings.pod openssl-0.9.8a/doc/crypto/ERR_load_crypto_strings.pod
---- openssl-0.9.8a.orig/doc/crypto/ERR_load_crypto_strings.pod 2000-02-24 11:55:08.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/ERR_load_crypto_strings.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -35,7 +35,7 @@
-
- =head1 SEE ALSO
-
--L<err(3)|err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>
-+L<openssl_err(3)|openssl_err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>
-
- =head1 HISTORY
-
-diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_load_strings.pod openssl-0.9.8a/doc/crypto/ERR_load_strings.pod
---- openssl-0.9.8a.orig/doc/crypto/ERR_load_strings.pod 2000-02-24 11:55:08.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/ERR_load_strings.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -43,7 +43,7 @@
-
- =head1 SEE ALSO
-
--L<err(3)|err(3)>, L<ERR_load_strings(3)|ERR_load_strings(3)>
-+L<openssl_err(3)|openssl_err(3)>, L<ERR_load_strings(3)|ERR_load_strings(3)>
-
- =head1 HISTORY
-
-diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_print_errors.pod openssl-0.9.8a/doc/crypto/ERR_print_errors.pod
---- openssl-0.9.8a.orig/doc/crypto/ERR_print_errors.pod 2000-02-01 01:36:59.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/ERR_print_errors.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -38,7 +38,7 @@
-
- =head1 SEE ALSO
-
--L<err(3)|err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>,
-+L<openssl_err(3)|openssl_err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>,
- L<ERR_get_error(3)|ERR_get_error(3)>,
- L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
- L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>
-diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_put_error.pod openssl-0.9.8a/doc/crypto/ERR_put_error.pod
---- openssl-0.9.8a.orig/doc/crypto/ERR_put_error.pod 2000-02-24 11:55:08.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/ERR_put_error.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -34,7 +34,7 @@
-
- =head1 SEE ALSO
-
--L<err(3)|err(3)>, L<ERR_load_strings(3)|ERR_load_strings(3)>
-+L<openssl_err(3)|openssl_err(3)>, L<ERR_load_strings(3)|ERR_load_strings(3)>
-
- =head1 HISTORY
-
-diff -Naur openssl-0.9.8a.orig/doc/crypto/ERR_remove_state.pod openssl-0.9.8a/doc/crypto/ERR_remove_state.pod
---- openssl-0.9.8a.orig/doc/crypto/ERR_remove_state.pod 2000-05-19 07:54:42.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/ERR_remove_state.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -25,7 +25,7 @@
-
- =head1 SEE ALSO
-
--L<err(3)|err(3)>
-+L<openssl_err(3)|openssl_err(3)>
-
- =head1 HISTORY
-
-diff -Naur openssl-0.9.8a.orig/doc/crypto/EVP_BytesToKey.pod openssl-0.9.8a/doc/crypto/EVP_BytesToKey.pod
---- openssl-0.9.8a.orig/doc/crypto/EVP_BytesToKey.pod 2004-11-25 17:47:30.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/EVP_BytesToKey.pod 2005-11-14 04:00:45.000000000 +0000
-@@ -59,7 +59,7 @@
-
- =head1 SEE ALSO
-
--L<evp(3)|evp(3)>, L<rand(3)|rand(3)>,
-+L<evp(3)|evp(3)>, L<openssl_rand(3)|openssl_rand(3)>,
- L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>
-
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/EVP_OpenInit.pod openssl-0.9.8a/doc/crypto/EVP_OpenInit.pod
---- openssl-0.9.8a.orig/doc/crypto/EVP_OpenInit.pod 2000-09-23 07:16:14.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/EVP_OpenInit.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -54,7 +54,7 @@
-
- =head1 SEE ALSO
-
--L<evp(3)|evp(3)>, L<rand(3)|rand(3)>,
-+L<evp(3)|evp(3)>, L<openssl_rand(3)|openssl_rand(3)>,
- L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>,
- L<EVP_SealInit(3)|EVP_SealInit(3)>
-
-diff -Naur openssl-0.9.8a.orig/doc/crypto/EVP_SealInit.pod openssl-0.9.8a/doc/crypto/EVP_SealInit.pod
---- openssl-0.9.8a.orig/doc/crypto/EVP_SealInit.pod 2005-03-29 17:50:08.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/EVP_SealInit.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -74,7 +74,7 @@
-
- =head1 SEE ALSO
-
--L<evp(3)|evp(3)>, L<rand(3)|rand(3)>,
-+L<evp(3)|evp(3)>, L<openssl_rand(3)|openssl_rand(3)>,
- L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>,
- L<EVP_OpenInit(3)|EVP_OpenInit(3)>
-
-diff -Naur openssl-0.9.8a.orig/doc/crypto/EVP_SignInit.pod openssl-0.9.8a/doc/crypto/EVP_SignInit.pod
---- openssl-0.9.8a.orig/doc/crypto/EVP_SignInit.pod 2005-03-22 17:55:33.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/EVP_SignInit.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -80,7 +80,7 @@
- =head1 SEE ALSO
-
- L<EVP_VerifyInit(3)|EVP_VerifyInit(3)>,
--L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
-+L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<openssl_err(3)|openssl_err(3)>,
- L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
- L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
- L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
-diff -Naur openssl-0.9.8a.orig/doc/crypto/EVP_VerifyInit.pod openssl-0.9.8a/doc/crypto/EVP_VerifyInit.pod
---- openssl-0.9.8a.orig/doc/crypto/EVP_VerifyInit.pod 2002-07-10 19:35:46.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/EVP_VerifyInit.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -71,7 +71,7 @@
-
- L<evp(3)|evp(3)>,
- L<EVP_SignInit(3)|EVP_SignInit(3)>,
--L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
-+L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<openssl_err(3)|openssl_err(3)>,
- L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
- L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
- L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
-diff -Naur openssl-0.9.8a.orig/doc/crypto/OPENSSL_config.pod openssl-0.9.8a/doc/crypto/OPENSSL_config.pod
---- openssl-0.9.8a.orig/doc/crypto/OPENSSL_config.pod 2005-06-02 23:17:38.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/OPENSSL_config.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -73,7 +73,7 @@
- =head1 SEE ALSO
-
- L<conf(5)|conf(5)>, L<CONF_load_modules_file(3)|CONF_load_modules_file(3)>,
--L<CONF_modules_free(3),CONF_modules_free(3)>
-+L<CONF_modules_free(3)|CONF_modules_free(3)>
-
- =head1 HISTORY
-
-diff -Naur openssl-0.9.8a.orig/doc/crypto/RAND_add.pod openssl-0.9.8a/doc/crypto/RAND_add.pod
---- openssl-0.9.8a.orig/doc/crypto/RAND_add.pod 2000-03-22 15:30:03.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/RAND_add.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -65,7 +65,7 @@
-
- =head1 SEE ALSO
-
--L<rand(3)|rand(3)>, L<RAND_egd(3)|RAND_egd(3)>,
-+L<openssl_rand(3)|openssl_rand(3)>, L<RAND_egd(3)|RAND_egd(3)>,
- L<RAND_load_file(3)|RAND_load_file(3)>, L<RAND_cleanup(3)|RAND_cleanup(3)>
-
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/RAND_bytes.pod openssl-0.9.8a/doc/crypto/RAND_bytes.pod
---- openssl-0.9.8a.orig/doc/crypto/RAND_bytes.pod 2002-09-25 13:33:27.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/RAND_bytes.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -35,7 +35,7 @@
-
- =head1 SEE ALSO
-
--L<rand(3)|rand(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
-+L<openssl_rand(3)|openssl_rand(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
- L<RAND_add(3)|RAND_add(3)>
-
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/RAND_cleanup.pod openssl-0.9.8a/doc/crypto/RAND_cleanup.pod
---- openssl-0.9.8a.orig/doc/crypto/RAND_cleanup.pod 2000-01-27 01:25:06.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/RAND_cleanup.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -20,7 +20,7 @@
-
- =head1 SEE ALSO
-
--L<rand(3)|rand(3)>
-+L<openssl_rand(3)|openssl_rand(3)>
-
- =head1 HISTORY
-
-diff -Naur openssl-0.9.8a.orig/doc/crypto/RAND_egd.pod openssl-0.9.8a/doc/crypto/RAND_egd.pod
---- openssl-0.9.8a.orig/doc/crypto/RAND_egd.pod 2001-02-10 19:10:36.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/RAND_egd.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -69,7 +69,7 @@
-
- =head1 SEE ALSO
-
--L<rand(3)|rand(3)>, L<RAND_add(3)|RAND_add(3)>,
-+L<openssl_rand(3)|openssl_rand(3)>, L<RAND_add(3)|RAND_add(3)>,
- L<RAND_cleanup(3)|RAND_cleanup(3)>
-
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/RAND_load_file.pod openssl-0.9.8a/doc/crypto/RAND_load_file.pod
---- openssl-0.9.8a.orig/doc/crypto/RAND_load_file.pod 2001-03-21 15:25:56.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/RAND_load_file.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -43,7 +43,7 @@
-
- =head1 SEE ALSO
-
--L<rand(3)|rand(3)>, L<RAND_add(3)|RAND_add(3)>, L<RAND_cleanup(3)|RAND_cleanup(3)>
-+L<openssl_rand(3)|openssl_rand(3)>, L<RAND_add(3)|RAND_add(3)>, L<RAND_cleanup(3)|RAND_cleanup(3)>
-
- =head1 HISTORY
-
-diff -Naur openssl-0.9.8a.orig/doc/crypto/RAND_set_rand_method.pod openssl-0.9.8a/doc/crypto/RAND_set_rand_method.pod
---- openssl-0.9.8a.orig/doc/crypto/RAND_set_rand_method.pod 2002-08-05 16:27:01.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/RAND_set_rand_method.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -67,7 +67,7 @@
-
- =head1 SEE ALSO
-
--L<rand(3)|rand(3)>, L<engine(3)|engine(3)>
-+L<openssl_rand(3)|openssl_rand(3)>, L<engine(3)|engine(3)>
-
- =head1 HISTORY
-
-diff -Naur openssl-0.9.8a.orig/doc/crypto/RSA_blinding_on.pod openssl-0.9.8a/doc/crypto/RSA_blinding_on.pod
---- openssl-0.9.8a.orig/doc/crypto/RSA_blinding_on.pod 2000-02-24 11:55:10.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/RSA_blinding_on.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -34,7 +34,7 @@
-
- =head1 SEE ALSO
-
--L<rsa(3)|rsa(3)>, L<rand(3)|rand(3)>
-+L<rsa(3)|rsa(3)>, L<openssl_rand(3)|openssl_rand(3)>
-
- =head1 HISTORY
-
-diff -Naur openssl-0.9.8a.orig/doc/crypto/RSA_generate_key.pod openssl-0.9.8a/doc/crypto/RSA_generate_key.pod
---- openssl-0.9.8a.orig/doc/crypto/RSA_generate_key.pod 2002-09-25 13:33:27.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/RSA_generate_key.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -59,7 +59,7 @@
-
- =head1 SEE ALSO
-
--L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>,
-+L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>, L<rsa(3)|rsa(3)>,
- L<RSA_free(3)|RSA_free(3)>
-
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/RSA_public_encrypt.pod openssl-0.9.8a/doc/crypto/RSA_public_encrypt.pod
---- openssl-0.9.8a.orig/doc/crypto/RSA_public_encrypt.pod 2004-03-23 21:01:34.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/RSA_public_encrypt.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -73,7 +73,7 @@
-
- =head1 SEE ALSO
-
--L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>,
-+L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>, L<rsa(3)|rsa(3)>,
- L<RSA_size(3)|RSA_size(3)>
-
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod openssl-0.9.8a/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod
---- openssl-0.9.8a.orig/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod 2002-09-25 13:33:28.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -48,7 +48,7 @@
- =head1 SEE ALSO
-
- L<ERR_get_error(3)|ERR_get_error(3)>, L<objects(3)|objects(3)>,
--L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<RSA_sign(3)|RSA_sign(3)>,
-+L<openssl_rand(3)|openssl_rand(3)>, L<rsa(3)|rsa(3)>, L<RSA_sign(3)|RSA_sign(3)>,
- L<RSA_verify(3)|RSA_verify(3)>
-
- =head1 HISTORY
-diff -Naur openssl-0.9.8a.orig/doc/crypto/X509_NAME_ENTRY_get_object.pod openssl-0.9.8a/doc/crypto/X509_NAME_ENTRY_get_object.pod
---- openssl-0.9.8a.orig/doc/crypto/X509_NAME_ENTRY_get_object.pod 2005-03-30 11:50:14.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/X509_NAME_ENTRY_get_object.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -63,7 +63,7 @@
- =head1 SEE ALSO
-
- L<ERR_get_error(3)|ERR_get_error(3)>, L<d2i_X509_NAME(3)|d2i_X509_NAME(3)>,
--L<OBJ_nid2obj(3),OBJ_nid2obj(3)>
-+L<OBJ_nid2obj(3)|OBJ_nid2obj(3)>
-
- =head1 HISTORY
-
-diff -Naur openssl-0.9.8a.orig/doc/crypto/bn.pod openssl-0.9.8a/doc/crypto/bn.pod
---- openssl-0.9.8a.orig/doc/crypto/bn.pod 2005-04-29 15:07:34.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/bn.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -167,7 +167,7 @@
- =head1 SEE ALSO
-
- L<bn_internal(3)|bn_internal(3)>,
--L<dh(3)|dh(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>,
-+L<dh(3)|dh(3)>, L<openssl_err(3)|openssl_err(3)>, L<openssl_rand(3)|openssl_rand(3)>, L<rsa(3)|rsa(3)>,
- L<BN_new(3)|BN_new(3)>, L<BN_CTX_new(3)|BN_CTX_new(3)>,
- L<BN_copy(3)|BN_copy(3)>, L<BN_swap(3)|BN_swap(3)>, L<BN_num_bytes(3)|BN_num_bytes(3)>,
- L<BN_add(3)|BN_add(3)>, L<BN_add_word(3)|BN_add_word(3)>,
-diff -Naur openssl-0.9.8a.orig/doc/crypto/crypto.pod openssl-0.9.8a/doc/crypto/crypto.pod
---- openssl-0.9.8a.orig/doc/crypto/crypto.pod 2002-10-06 12:59:25.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/crypto.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -46,7 +46,7 @@
-
- =item AUXILIARY FUNCTIONS
-
--L<err(3)|err(3)>, L<threads(3)|threads(3)>, L<rand(3)|rand(3)>,
-+L<openssl_err(3)|openssl_err(3)>, L<openssl_threads(3)|openssl_threads(3)>, L<openssl_rand(3)|openssl_rand(3)>,
- L<OPENSSL_VERSION_NUMBER(3)|OPENSSL_VERSION_NUMBER(3)>
-
- =item INPUT/OUTPUT, DATA ENCODING
-diff -Naur openssl-0.9.8a.orig/doc/crypto/des.pod openssl-0.9.8a/doc/crypto/des.pod
---- openssl-0.9.8a.orig/doc/crypto/des.pod 2003-10-01 15:02:45.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/des.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -115,7 +115,7 @@
- the key; it is used to speed the encryption process.
-
- DES_random_key() generates a random key. The PRNG must be seeded
--prior to using this function (see L<rand(3)|rand(3)>). If the PRNG
-+prior to using this function (see L<openssl_rand(3)|openssl_rand(3)>). If the PRNG
- could not generate a secure key, 0 is returned.
-
- Before a DES key can be used, it must be converted into the
-@@ -317,7 +317,7 @@
-
- =head1 SEE ALSO
-
--crypt(3), L<des_modes(7)|des_modes(7)>, L<evp(3)|evp(3)>, L<rand(3)|rand(3)>
-+crypt(3), L<des_modes(7)|des_modes(7)>, L<evp(3)|evp(3)>, L<openssl_rand(3)|openssl_rand(3)>
-
- =head1 HISTORY
-
-diff -Naur openssl-0.9.8a.orig/doc/crypto/dh.pod openssl-0.9.8a/doc/crypto/dh.pod
---- openssl-0.9.8a.orig/doc/crypto/dh.pod 2002-08-05 16:27:01.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/dh.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -67,8 +67,8 @@
-
- =head1 SEE ALSO
-
--L<dhparam(1)|dhparam(1)>, L<bn(3)|bn(3)>, L<dsa(3)|dsa(3)>, L<err(3)|err(3)>,
--L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<engine(3)|engine(3)>,
-+L<dhparam(1)|dhparam(1)>, L<bn(3)|bn(3)>, L<dsa(3)|dsa(3)>, L<openssl_err(3)|openssl_err(3)>,
-+L<openssl_rand(3)|openssl_rand(3)>, L<rsa(3)|rsa(3)>, L<engine(3)|engine(3)>,
- L<DH_set_method(3)|DH_set_method(3)>, L<DH_new(3)|DH_new(3)>,
- L<DH_get_ex_new_index(3)|DH_get_ex_new_index(3)>,
- L<DH_generate_parameters(3)|DH_generate_parameters(3)>,
-diff -Naur openssl-0.9.8a.orig/doc/crypto/dsa.pod openssl-0.9.8a/doc/crypto/dsa.pod
---- openssl-0.9.8a.orig/doc/crypto/dsa.pod 2002-08-05 16:27:01.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/dsa.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -100,7 +100,7 @@
-
- =head1 SEE ALSO
-
--L<bn(3)|bn(3)>, L<dh(3)|dh(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>,
-+L<bn(3)|bn(3)>, L<dh(3)|dh(3)>, L<openssl_err(3)|openssl_err(3)>, L<openssl_rand(3)|openssl_rand(3)>,
- L<rsa(3)|rsa(3)>, L<sha(3)|sha(3)>, L<engine(3)|engine(3)>,
- L<DSA_new(3)|DSA_new(3)>,
- L<DSA_size(3)|DSA_size(3)>,
-diff -Naur openssl-0.9.8a.orig/doc/crypto/engine.pod openssl-0.9.8a/doc/crypto/engine.pod
---- openssl-0.9.8a.orig/doc/crypto/engine.pod 2004-06-17 23:40:14.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/engine.pod 2005-11-14 04:01:19.000000000 +0000
-@@ -594,6 +594,6 @@
-
- =head1 SEE ALSO
-
--L<rsa(3)|rsa(3)>, L<dsa(3)|dsa(3)>, L<dh(3)|dh(3)>, L<rand(3)|rand(3)>
-+L<rsa(3)|rsa(3)>, L<dsa(3)|dsa(3)>, L<dh(3)|dh(3)>, L<openssl_rand(3)|openssl_rand(3)>
-
- =cut
-diff -Naur openssl-0.9.8a.orig/doc/crypto/err.pod openssl-0.9.8a/doc/crypto/err.pod
---- openssl-0.9.8a.orig/doc/crypto/err.pod 2002-07-10 19:35:46.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/err.pod 1970-01-01 00:00:00.000000000 +0000
-@@ -1,187 +0,0 @@
--=pod
--
--=head1 NAME
--
--err - error codes
--
--=head1 SYNOPSIS
--
-- #include <openssl/err.h>
--
-- unsigned long ERR_get_error(void);
-- unsigned long ERR_peek_error(void);
-- unsigned long ERR_get_error_line(const char **file, int *line);
-- unsigned long ERR_peek_error_line(const char **file, int *line);
-- unsigned long ERR_get_error_line_data(const char **file, int *line,
-- const char **data, int *flags);
-- unsigned long ERR_peek_error_line_data(const char **file, int *line,
-- const char **data, int *flags);
--
-- int ERR_GET_LIB(unsigned long e);
-- int ERR_GET_FUNC(unsigned long e);
-- int ERR_GET_REASON(unsigned long e);
--
-- void ERR_clear_error(void);
--
-- char *ERR_error_string(unsigned long e, char *buf);
-- const char *ERR_lib_error_string(unsigned long e);
-- const char *ERR_func_error_string(unsigned long e);
-- const char *ERR_reason_error_string(unsigned long e);
--
-- void ERR_print_errors(BIO *bp);
-- void ERR_print_errors_fp(FILE *fp);
--
-- void ERR_load_crypto_strings(void);
-- void ERR_free_strings(void);
--
-- void ERR_remove_state(unsigned long pid);
--
-- void ERR_put_error(int lib, int func, int reason, const char *file,
-- int line);
-- void ERR_add_error_data(int num, ...);
--
-- void ERR_load_strings(int lib,ERR_STRING_DATA str[]);
-- unsigned long ERR_PACK(int lib, int func, int reason);
-- int ERR_get_next_error_library(void);
--
--=head1 DESCRIPTION
--
--When a call to the OpenSSL library fails, this is usually signalled
--by the return value, and an error code is stored in an error queue
--associated with the current thread. The B<err> library provides
--functions to obtain these error codes and textual error messages.
--
--The L<ERR_get_error(3)|ERR_get_error(3)> manpage describes how to
--access error codes.
--
--Error codes contain information about where the error occurred, and
--what went wrong. L<ERR_GET_LIB(3)|ERR_GET_LIB(3)> describes how to
--extract this information. A method to obtain human-readable error
--messages is described in L<ERR_error_string(3)|ERR_error_string(3)>.
--
--L<ERR_clear_error(3)|ERR_clear_error(3)> can be used to clear the
--error queue.
--
--Note that L<ERR_remove_state(3)|ERR_remove_state(3)> should be used to
--avoid memory leaks when threads are terminated.
--
--=head1 ADDING NEW ERROR CODES TO OPENSSL
--
--See L<ERR_put_error(3)> if you want to record error codes in the
--OpenSSL error system from within your application.
--
--The remainder of this section is of interest only if you want to add
--new error codes to OpenSSL or add error codes from external libraries.
--
--=head2 Reporting errors
--
--Each sub-library has a specific macro XXXerr() that is used to report
--errors. Its first argument is a function code B<XXX_F_...>, the second
--argument is a reason code B<XXX_R_...>. Function codes are derived
--from the function names; reason codes consist of textual error
--descriptions. For example, the function ssl23_read() reports a
--"handshake failure" as follows:
--
-- SSLerr(SSL_F_SSL23_READ, SSL_R_SSL_HANDSHAKE_FAILURE);
--
--Function and reason codes should consist of upper case characters,
--numbers and underscores only. The error file generation script translates
--function codes into function names by looking in the header files
--for an appropriate function name, if none is found it just uses
--the capitalized form such as "SSL23_READ" in the above example.
--
--The trailing section of a reason code (after the "_R_") is translated
--into lower case and underscores changed to spaces.
--
--When you are using new function or reason codes, run B<make errors>.
--The necessary B<#define>s will then automatically be added to the
--sub-library's header file.
--
--Although a library will normally report errors using its own specific
--XXXerr macro, another library's macro can be used. This is normally
--only done when a library wants to include ASN1 code which must use
--the ASN1err() macro.
--
--=head2 Adding new libraries
--
--When adding a new sub-library to OpenSSL, assign it a library number
--B<ERR_LIB_XXX>, define a macro XXXerr() (both in B<err.h>), add its
--name to B<ERR_str_libraries[]> (in B<crypto/err/err.c>), and add
--C<ERR_load_XXX_strings()> to the ERR_load_crypto_strings() function
--(in B<crypto/err/err_all.c>). Finally, add an entry
--
-- L XXX xxx.h xxx_err.c
--
--to B<crypto/err/openssl.ec>, and add B<xxx_err.c> to the Makefile.
--Running B<make errors> will then generate a file B<xxx_err.c>, and
--add all error codes used in the library to B<xxx.h>.
--
--Additionally the library include file must have a certain form.
--Typically it will initially look like this:
--
-- #ifndef HEADER_XXX_H
-- #define HEADER_XXX_H
--
-- #ifdef __cplusplus
-- extern "C" {
-- #endif
--
-- /* Include files */
--
-- #include <openssl/bio.h>
-- #include <openssl/x509.h>
--
-- /* Macros, structures and function prototypes */
--
--
-- /* BEGIN ERROR CODES */
--
--The B<BEGIN ERROR CODES> sequence is used by the error code
--generation script as the point to place new error codes, any text
--after this point will be overwritten when B<make errors> is run.
--The closing #endif etc will be automatically added by the script.
--
--The generated C error code file B<xxx_err.c> will load the header
--files B<stdio.h>, B<openssl/err.h> and B<openssl/xxx.h> so the
--header file must load any additional header files containing any
--definitions it uses.
--
--=head1 USING ERROR CODES IN EXTERNAL LIBRARIES
--
--It is also possible to use OpenSSL's error code scheme in external
--libraries. The library needs to load its own codes and call the OpenSSL
--error code insertion script B<mkerr.pl> explicitly to add codes to
--the header file and generate the C error code file. This will normally
--be done if the external library needs to generate new ASN1 structures
--but it can also be used to add more general purpose error code handling.
--
--TBA more details
--
--=head1 INTERNALS
--
--The error queues are stored in a hash table with one B<ERR_STATE>
--entry for each pid. ERR_get_state() returns the current thread's
--B<ERR_STATE>. An B<ERR_STATE> can hold up to B<ERR_NUM_ERRORS> error
--codes. When more error codes are added, the old ones are overwritten,
--on the assumption that the most recent errors are most important.
--
--Error strings are also stored in hash table. The hash tables can
--be obtained by calling ERR_get_err_state_table(void) and
--ERR_get_string_table(void) respectively.
--
--=head1 SEE ALSO
--
--L<CRYPTO_set_id_callback(3)|CRYPTO_set_id_callback(3)>,
--L<CRYPTO_set_locking_callback(3)|CRYPTO_set_locking_callback(3)>,
--L<ERR_get_error(3)|ERR_get_error(3)>,
--L<ERR_GET_LIB(3)|ERR_GET_LIB(3)>,
--L<ERR_clear_error(3)|ERR_clear_error(3)>,
--L<ERR_error_string(3)|ERR_error_string(3)>,
--L<ERR_print_errors(3)|ERR_print_errors(3)>,
--L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
--L<ERR_remove_state(3)|ERR_remove_state(3)>,
--L<ERR_put_error(3)|ERR_put_error(3)>,
--L<ERR_load_strings(3)|ERR_load_strings(3)>,
--L<SSL_get_error(3)|SSL_get_error(3)>
--
--=cut
-diff -Naur openssl-0.9.8a.orig/doc/crypto/openssl_err.pod openssl-0.9.8a/doc/crypto/openssl_err.pod
---- openssl-0.9.8a.orig/doc/crypto/openssl_err.pod 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/openssl_err.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -0,0 +1,187 @@
-+=pod
-+
-+=head1 NAME
-+
-+openssl_err - error codes
-+
-+=head1 SYNOPSIS
-+
-+ #include <openssl/err.h>
-+
-+ unsigned long ERR_get_error(void);
-+ unsigned long ERR_peek_error(void);
-+ unsigned long ERR_get_error_line(const char **file, int *line);
-+ unsigned long ERR_peek_error_line(const char **file, int *line);
-+ unsigned long ERR_get_error_line_data(const char **file, int *line,
-+ const char **data, int *flags);
-+ unsigned long ERR_peek_error_line_data(const char **file, int *line,
-+ const char **data, int *flags);
-+
-+ int ERR_GET_LIB(unsigned long e);
-+ int ERR_GET_FUNC(unsigned long e);
-+ int ERR_GET_REASON(unsigned long e);
-+
-+ void ERR_clear_error(void);
-+
-+ char *ERR_error_string(unsigned long e, char *buf);
-+ const char *ERR_lib_error_string(unsigned long e);
-+ const char *ERR_func_error_string(unsigned long e);
-+ const char *ERR_reason_error_string(unsigned long e);
-+
-+ void ERR_print_errors(BIO *bp);
-+ void ERR_print_errors_fp(FILE *fp);
-+
-+ void ERR_load_crypto_strings(void);
-+ void ERR_free_strings(void);
-+
-+ void ERR_remove_state(unsigned long pid);
-+
-+ void ERR_put_error(int lib, int func, int reason, const char *file,
-+ int line);
-+ void ERR_add_error_data(int num, ...);
-+
-+ void ERR_load_strings(int lib,ERR_STRING_DATA str[]);
-+ unsigned long ERR_PACK(int lib, int func, int reason);
-+ int ERR_get_next_error_library(void);
-+
-+=head1 DESCRIPTION
-+
-+When a call to the OpenSSL library fails, this is usually signalled
-+by the return value, and an error code is stored in an error queue
-+associated with the current thread. The B<err> library provides
-+functions to obtain these error codes and textual error messages.
-+
-+The L<ERR_get_error(3)|ERR_get_error(3)> manpage describes how to
-+access error codes.
-+
-+Error codes contain information about where the error occurred, and
-+what went wrong. L<ERR_GET_LIB(3)|ERR_GET_LIB(3)> describes how to
-+extract this information. A method to obtain human-readable error
-+messages is described in L<ERR_error_string(3)|ERR_error_string(3)>.
-+
-+L<ERR_clear_error(3)|ERR_clear_error(3)> can be used to clear the
-+error queue.
-+
-+Note that L<ERR_remove_state(3)|ERR_remove_state(3)> should be used to
-+avoid memory leaks when threads are terminated.
-+
-+=head1 ADDING NEW ERROR CODES TO OPENSSL
-+
-+See L<ERR_put_error(3)> if you want to record error codes in the
-+OpenSSL error system from within your application.
-+
-+The remainder of this section is of interest only if you want to add
-+new error codes to OpenSSL or add error codes from external libraries.
-+
-+=head2 Reporting errors
-+
-+Each sub-library has a specific macro XXXerr() that is used to report
-+errors. Its first argument is a function code B<XXX_F_...>, the second
-+argument is a reason code B<XXX_R_...>. Function codes are derived
-+from the function names; reason codes consist of textual error
-+descriptions. For example, the function ssl23_read() reports a
-+"handshake failure" as follows:
-+
-+ SSLerr(SSL_F_SSL23_READ, SSL_R_SSL_HANDSHAKE_FAILURE);
-+
-+Function and reason codes should consist of upper case characters,
-+numbers and underscores only. The error file generation script translates
-+function codes into function names by looking in the header files
-+for an appropriate function name, if none is found it just uses
-+the capitalized form such as "SSL23_READ" in the above example.
-+
-+The trailing section of a reason code (after the "_R_") is translated
-+into lower case and underscores changed to spaces.
-+
-+When you are using new function or reason codes, run B<make errors>.
-+The necessary B<#define>s will then automatically be added to the
-+sub-library's header file.
-+
-+Although a library will normally report errors using its own specific
-+XXXerr macro, another library's macro can be used. This is normally
-+only done when a library wants to include ASN1 code which must use
-+the ASN1err() macro.
-+
-+=head2 Adding new libraries
-+
-+When adding a new sub-library to OpenSSL, assign it a library number
-+B<ERR_LIB_XXX>, define a macro XXXerr() (both in B<err.h>), add its
-+name to B<ERR_str_libraries[]> (in B<crypto/err/err.c>), and add
-+C<ERR_load_XXX_strings()> to the ERR_load_crypto_strings() function
-+(in B<crypto/err/err_all.c>). Finally, add an entry
-+
-+ L XXX xxx.h xxx_err.c
-+
-+to B<crypto/err/openssl.ec>, and add B<xxx_err.c> to the Makefile.
-+Running B<make errors> will then generate a file B<xxx_err.c>, and
-+add all error codes used in the library to B<xxx.h>.
-+
-+Additionally the library include file must have a certain form.
-+Typically it will initially look like this:
-+
-+ #ifndef HEADER_XXX_H
-+ #define HEADER_XXX_H
-+
-+ #ifdef __cplusplus
-+ extern "C" {
-+ #endif
-+
-+ /* Include files */
-+
-+ #include <openssl/bio.h>
-+ #include <openssl/x509.h>
-+
-+ /* Macros, structures and function prototypes */
-+
-+
-+ /* BEGIN ERROR CODES */
-+
-+The B<BEGIN ERROR CODES> sequence is used by the error code
-+generation script as the point to place new error codes, any text
-+after this point will be overwritten when B<make errors> is run.
-+The closing #endif etc will be automatically added by the script.
-+
-+The generated C error code file B<xxx_err.c> will load the header
-+files B<stdio.h>, B<openssl/err.h> and B<openssl/xxx.h> so the
-+header file must load any additional header files containing any
-+definitions it uses.
-+
-+=head1 USING ERROR CODES IN EXTERNAL LIBRARIES
-+
-+It is also possible to use OpenSSL's error code scheme in external
-+libraries. The library needs to load its own codes and call the OpenSSL
-+error code insertion script B<mkerr.pl> explicitly to add codes to
-+the header file and generate the C error code file. This will normally
-+be done if the external library needs to generate new ASN1 structures
-+but it can also be used to add more general purpose error code handling.
-+
-+TBA more details
-+
-+=head1 INTERNALS
-+
-+The error queues are stored in a hash table with one B<ERR_STATE>
-+entry for each pid. ERR_get_state() returns the current thread's
-+B<ERR_STATE>. An B<ERR_STATE> can hold up to B<ERR_NUM_ERRORS> error
-+codes. When more error codes are added, the old ones are overwritten,
-+on the assumption that the most recent errors are most important.
-+
-+Error strings are also stored in hash table. The hash tables can
-+be obtained by calling ERR_get_err_state_table(void) and
-+ERR_get_string_table(void) respectively.
-+
-+=head1 SEE ALSO
-+
-+L<CRYPTO_set_id_callback(3)|CRYPTO_set_id_callback(3)>,
-+L<CRYPTO_set_locking_callback(3)|CRYPTO_set_locking_callback(3)>,
-+L<ERR_get_error(3)|ERR_get_error(3)>,
-+L<ERR_GET_LIB(3)|ERR_GET_LIB(3)>,
-+L<ERR_clear_error(3)|ERR_clear_error(3)>,
-+L<ERR_error_string(3)|ERR_error_string(3)>,
-+L<ERR_print_errors(3)|ERR_print_errors(3)>,
-+L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
-+L<ERR_remove_state(3)|ERR_remove_state(3)>,
-+L<ERR_put_error(3)|ERR_put_error(3)>,
-+L<ERR_load_strings(3)|ERR_load_strings(3)>,
-+L<SSL_get_error(3)|SSL_get_error(3)>
-+
-+=cut
-diff -Naur openssl-0.9.8a.orig/doc/crypto/openssl_rand.pod openssl-0.9.8a/doc/crypto/openssl_rand.pod
---- openssl-0.9.8a.orig/doc/crypto/openssl_rand.pod 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/openssl_rand.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -0,0 +1,175 @@
-+=pod
-+
-+=head1 NAME
-+
-+openssl_rand - pseudo-random number generator
-+
-+=head1 SYNOPSIS
-+
-+ #include <openssl/rand.h>
-+
-+ int RAND_set_rand_engine(ENGINE *engine);
-+
-+ int RAND_bytes(unsigned char *buf, int num);
-+ int RAND_pseudo_bytes(unsigned char *buf, int num);
-+
-+ void RAND_seed(const void *buf, int num);
-+ void RAND_add(const void *buf, int num, int entropy);
-+ int RAND_status(void);
-+
-+ int RAND_load_file(const char *file, long max_bytes);
-+ int RAND_write_file(const char *file);
-+ const char *RAND_file_name(char *file, size_t num);
-+
-+ int RAND_egd(const char *path);
-+
-+ void RAND_set_rand_method(const RAND_METHOD *meth);
-+ const RAND_METHOD *RAND_get_rand_method(void);
-+ RAND_METHOD *RAND_SSLeay(void);
-+
-+ void RAND_cleanup(void);
-+
-+ /* For Win32 only */
-+ void RAND_screen(void);
-+ int RAND_event(UINT, WPARAM, LPARAM);
-+
-+=head1 DESCRIPTION
-+
-+Since the introduction of the ENGINE API, the recommended way of controlling
-+default implementations is by using the ENGINE API functions. The default
-+B<RAND_METHOD>, as set by RAND_set_rand_method() and returned by
-+RAND_get_rand_method(), is only used if no ENGINE has been set as the default
-+"rand" implementation. Hence, these two functions are no longer the recommened
-+way to control defaults.
-+
-+If an alternative B<RAND_METHOD> implementation is being used (either set
-+directly or as provided by an ENGINE module), then it is entirely responsible
-+for the generation and management of a cryptographically secure PRNG stream. The
-+mechanisms described below relate solely to the software PRNG implementation
-+built in to OpenSSL and used by default.
-+
-+These functions implement a cryptographically secure pseudo-random
-+number generator (PRNG). It is used by other library functions for
-+example to generate random keys, and applications can use it when they
-+need randomness.
-+
-+A cryptographic PRNG must be seeded with unpredictable data such as
-+mouse movements or keys pressed at random by the user. This is
-+described in L<RAND_add(3)|RAND_add(3)>. Its state can be saved in a seed file
-+(see L<RAND_load_file(3)|RAND_load_file(3)>) to avoid having to go through the
-+seeding process whenever the application is started.
-+
-+L<RAND_bytes(3)|RAND_bytes(3)> describes how to obtain random data from the
-+PRNG.
-+
-+=head1 INTERNALS
-+
-+The RAND_SSLeay() method implements a PRNG based on a cryptographic
-+hash function.
-+
-+The following description of its design is based on the SSLeay
-+documentation:
-+
-+First up I will state the things I believe I need for a good RNG.
-+
-+=over 4
-+
-+=item 1
-+
-+A good hashing algorithm to mix things up and to convert the RNG 'state'
-+to random numbers.
-+
-+=item 2
-+
-+An initial source of random 'state'.
-+
-+=item 3
-+
-+The state should be very large. If the RNG is being used to generate
-+4096 bit RSA keys, 2 2048 bit random strings are required (at a minimum).
-+If your RNG state only has 128 bits, you are obviously limiting the
-+search space to 128 bits, not 2048. I'm probably getting a little
-+carried away on this last point but it does indicate that it may not be
-+a bad idea to keep quite a lot of RNG state. It should be easier to
-+break a cipher than guess the RNG seed data.
-+
-+=item 4
-+
-+Any RNG seed data should influence all subsequent random numbers
-+generated. This implies that any random seed data entered will have
-+an influence on all subsequent random numbers generated.
-+
-+=item 5
-+
-+When using data to seed the RNG state, the data used should not be
-+extractable from the RNG state. I believe this should be a
-+requirement because one possible source of 'secret' semi random
-+data would be a private key or a password. This data must
-+not be disclosed by either subsequent random numbers or a
-+'core' dump left by a program crash.
-+
-+=item 6
-+
-+Given the same initial 'state', 2 systems should deviate in their RNG state
-+(and hence the random numbers generated) over time if at all possible.
-+
-+=item 7
-+
-+Given the random number output stream, it should not be possible to determine
-+the RNG state or the next random number.
-+
-+=back
-+
-+The algorithm is as follows.
-+
-+There is global state made up of a 1023 byte buffer (the 'state'), a
-+working hash value ('md'), and a counter ('count').
-+
-+Whenever seed data is added, it is inserted into the 'state' as
-+follows.
-+
-+The input is chopped up into units of 20 bytes (or less for
-+the last block). Each of these blocks is run through the hash
-+function as follows: The data passed to the hash function
-+is the current 'md', the same number of bytes from the 'state'
-+(the location determined by in incremented looping index) as
-+the current 'block', the new key data 'block', and 'count'
-+(which is incremented after each use).
-+The result of this is kept in 'md' and also xored into the
-+'state' at the same locations that were used as input into the
-+hash function. I
-+believe this system addresses points 1 (hash function; currently
-+SHA-1), 3 (the 'state'), 4 (via the 'md'), 5 (by the use of a hash
-+function and xor).
-+
-+When bytes are extracted from the RNG, the following process is used.
-+For each group of 10 bytes (or less), we do the following:
-+
-+Input into the hash function the local 'md' (which is initialized from
-+the global 'md' before any bytes are generated), the bytes that are to
-+be overwritten by the random bytes, and bytes from the 'state'
-+(incrementing looping index). From this digest output (which is kept
-+in 'md'), the top (up to) 10 bytes are returned to the caller and the
-+bottom 10 bytes are xored into the 'state'.
-+
-+Finally, after we have finished 'num' random bytes for the caller,
-+'count' (which is incremented) and the local and global 'md' are fed
-+into the hash function and the results are kept in the global 'md'.
-+
-+I believe the above addressed points 1 (use of SHA-1), 6 (by hashing
-+into the 'state' the 'old' data from the caller that is about to be
-+overwritten) and 7 (by not using the 10 bytes given to the caller to
-+update the 'state', but they are used to update 'md').
-+
-+So of the points raised, only 2 is not addressed (but see
-+L<RAND_add(3)|RAND_add(3)>).
-+
-+=head1 SEE ALSO
-+
-+L<BN_rand(3)|BN_rand(3)>, L<RAND_add(3)|RAND_add(3)>,
-+L<RAND_load_file(3)|RAND_load_file(3)>, L<RAND_egd(3)|RAND_egd(3)>,
-+L<RAND_bytes(3)|RAND_bytes(3)>,
-+L<RAND_set_rand_method(3)|RAND_set_rand_method(3)>,
-+L<RAND_cleanup(3)|RAND_cleanup(3)>
-+
-+=cut
-diff -Naur openssl-0.9.8a.orig/doc/crypto/openssl_threads.pod openssl-0.9.8a/doc/crypto/openssl_threads.pod
---- openssl-0.9.8a.orig/doc/crypto/openssl_threads.pod 1970-01-01 00:00:00.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/openssl_threads.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -0,0 +1,175 @@
-+=pod
-+
-+=head1 NAME
-+
-+CRYPTO_set_locking_callback, CRYPTO_set_id_callback, CRYPTO_num_locks,
-+CRYPTO_set_dynlock_create_callback, CRYPTO_set_dynlock_lock_callback,
-+CRYPTO_set_dynlock_destroy_callback, CRYPTO_get_new_dynlockid,
-+CRYPTO_destroy_dynlockid, CRYPTO_lock - OpenSSL thread support
-+
-+=head1 SYNOPSIS
-+
-+ #include <openssl/crypto.h>
-+
-+ void CRYPTO_set_locking_callback(void (*locking_function)(int mode,
-+ int n, const char *file, int line));
-+
-+ void CRYPTO_set_id_callback(unsigned long (*id_function)(void));
-+
-+ int CRYPTO_num_locks(void);
-+
-+
-+ /* struct CRYPTO_dynlock_value needs to be defined by the user */
-+ struct CRYPTO_dynlock_value;
-+
-+ void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *
-+ (*dyn_create_function)(char *file, int line));
-+ void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function)
-+ (int mode, struct CRYPTO_dynlock_value *l,
-+ const char *file, int line));
-+ void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function)
-+ (struct CRYPTO_dynlock_value *l, const char *file, int line));
-+
-+ int CRYPTO_get_new_dynlockid(void);
-+
-+ void CRYPTO_destroy_dynlockid(int i);
-+
-+ void CRYPTO_lock(int mode, int n, const char *file, int line);
-+
-+ #define CRYPTO_w_lock(type) \
-+ CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
-+ #define CRYPTO_w_unlock(type) \
-+ CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
-+ #define CRYPTO_r_lock(type) \
-+ CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__)
-+ #define CRYPTO_r_unlock(type) \
-+ CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__)
-+ #define CRYPTO_add(addr,amount,type) \
-+ CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__)
-+
-+=head1 DESCRIPTION
-+
-+OpenSSL can safely be used in multi-threaded applications provided
-+that at least two callback functions are set.
-+
-+locking_function(int mode, int n, const char *file, int line) is
-+needed to perform locking on shared data structures.
-+(Note that OpenSSL uses a number of global data structures that
-+will be implicitly shared whenever multiple threads use OpenSSL.)
-+Multi-threaded applications will crash at random if it is not set.
-+
-+locking_function() must be able to handle up to CRYPTO_num_locks()
-+different mutex locks. It sets the B<n>-th lock if B<mode> &
-+B<CRYPTO_LOCK>, and releases it otherwise.
-+
-+B<file> and B<line> are the file number of the function setting the
-+lock. They can be useful for debugging.
-+
-+id_function(void) is a function that returns a thread ID, for example
-+pthread_self() if it returns an integer (see NOTES below). It isn't
-+needed on Windows nor on platforms where getpid() returns a different
-+ID for each thread (see NOTES below).
-+
-+Additionally, OpenSSL supports dynamic locks, and sometimes, some parts
-+of OpenSSL need it for better performance. To enable this, the following
-+is required:
-+
-+=over 4
-+
-+=item *
-+Three additional callback function, dyn_create_function, dyn_lock_function
-+and dyn_destroy_function.
-+
-+=item *
-+A structure defined with the data that each lock needs to handle.
-+
-+=back
-+
-+struct CRYPTO_dynlock_value has to be defined to contain whatever structure
-+is needed to handle locks.
-+
-+dyn_create_function(const char *file, int line) is needed to create a
-+lock. Multi-threaded applications might crash at random if it is not set.
-+
-+dyn_lock_function(int mode, CRYPTO_dynlock *l, const char *file, int line)
-+is needed to perform locking off dynamic lock numbered n. Multi-threaded
-+applications might crash at random if it is not set.
-+
-+dyn_destroy_function(CRYPTO_dynlock *l, const char *file, int line) is
-+needed to destroy the lock l. Multi-threaded applications might crash at
-+random if it is not set.
-+
-+CRYPTO_get_new_dynlockid() is used to create locks. It will call
-+dyn_create_function for the actual creation.
-+
-+CRYPTO_destroy_dynlockid() is used to destroy locks. It will call
-+dyn_destroy_function for the actual destruction.
-+
-+CRYPTO_lock() is used to lock and unlock the locks. mode is a bitfield
-+describing what should be done with the lock. n is the number of the
-+lock as returned from CRYPTO_get_new_dynlockid(). mode can be combined
-+from the following values. These values are pairwise exclusive, with
-+undefined behaviour if misused (for example, CRYPTO_READ and CRYPTO_WRITE
-+should not be used together):
-+
-+ CRYPTO_LOCK 0x01
-+ CRYPTO_UNLOCK 0x02
-+ CRYPTO_READ 0x04
-+ CRYPTO_WRITE 0x08
-+
-+=head1 RETURN VALUES
-+
-+CRYPTO_num_locks() returns the required number of locks.
-+
-+CRYPTO_get_new_dynlockid() returns the index to the newly created lock.
-+
-+The other functions return no values.
-+
-+=head1 NOTES
-+
-+You can find out if OpenSSL was configured with thread support:
-+
-+ #define OPENSSL_THREAD_DEFINES
-+ #include <openssl/opensslconf.h>
-+ #if defined(OPENSSL_THREADS)
-+ // thread support enabled
-+ #else
-+ // no thread support
-+ #endif
-+
-+Also, dynamic locks are currently not used internally by OpenSSL, but
-+may do so in the future.
-+
-+Defining id_function(void) has it's own issues. Generally speaking,
-+pthread_self() should be used, even on platforms where getpid() gives
-+different answers in each thread, since that may depend on the machine
-+the program is run on, not the machine where the program is being
-+compiled. For instance, Red Hat 8 Linux and earlier used
-+LinuxThreads, whose getpid() returns a different value for each
-+thread. Red Hat 9 Linux and later use NPTL, which is
-+Posix-conformant, and has a getpid() that returns the same value for
-+all threads in a process. A program compiled on Red Hat 8 and run on
-+Red Hat 9 will therefore see getpid() returning the same value for
-+all threads.
-+
-+There is still the issue of platforms where pthread_self() returns
-+something other than an integer. This is a bit unusual, and this
-+manual has no cookbook solution for that case.
-+
-+=head1 EXAMPLES
-+
-+B<crypto/threads/mttest.c> shows examples of the callback functions on
-+Solaris, Irix and Win32.
-+
-+=head1 HISTORY
-+
-+CRYPTO_set_locking_callback() and CRYPTO_set_id_callback() are
-+available in all versions of SSLeay and OpenSSL.
-+CRYPTO_num_locks() was added in OpenSSL 0.9.4.
-+All functions dealing with dynamic locks were added in OpenSSL 0.9.5b-dev.
-+
-+=head1 SEE ALSO
-+
-+L<crypto(3)|crypto(3)>
-+
-+=cut
-diff -Naur openssl-0.9.8a.orig/doc/crypto/rand.pod openssl-0.9.8a/doc/crypto/rand.pod
---- openssl-0.9.8a.orig/doc/crypto/rand.pod 2002-08-05 16:27:01.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/rand.pod 1970-01-01 00:00:00.000000000 +0000
-@@ -1,175 +0,0 @@
--=pod
--
--=head1 NAME
--
--rand - pseudo-random number generator
--
--=head1 SYNOPSIS
--
-- #include <openssl/rand.h>
--
-- int RAND_set_rand_engine(ENGINE *engine);
--
-- int RAND_bytes(unsigned char *buf, int num);
-- int RAND_pseudo_bytes(unsigned char *buf, int num);
--
-- void RAND_seed(const void *buf, int num);
-- void RAND_add(const void *buf, int num, int entropy);
-- int RAND_status(void);
--
-- int RAND_load_file(const char *file, long max_bytes);
-- int RAND_write_file(const char *file);
-- const char *RAND_file_name(char *file, size_t num);
--
-- int RAND_egd(const char *path);
--
-- void RAND_set_rand_method(const RAND_METHOD *meth);
-- const RAND_METHOD *RAND_get_rand_method(void);
-- RAND_METHOD *RAND_SSLeay(void);
--
-- void RAND_cleanup(void);
--
-- /* For Win32 only */
-- void RAND_screen(void);
-- int RAND_event(UINT, WPARAM, LPARAM);
--
--=head1 DESCRIPTION
--
--Since the introduction of the ENGINE API, the recommended way of controlling
--default implementations is by using the ENGINE API functions. The default
--B<RAND_METHOD>, as set by RAND_set_rand_method() and returned by
--RAND_get_rand_method(), is only used if no ENGINE has been set as the default
--"rand" implementation. Hence, these two functions are no longer the recommened
--way to control defaults.
--
--If an alternative B<RAND_METHOD> implementation is being used (either set
--directly or as provided by an ENGINE module), then it is entirely responsible
--for the generation and management of a cryptographically secure PRNG stream. The
--mechanisms described below relate solely to the software PRNG implementation
--built in to OpenSSL and used by default.
--
--These functions implement a cryptographically secure pseudo-random
--number generator (PRNG). It is used by other library functions for
--example to generate random keys, and applications can use it when they
--need randomness.
--
--A cryptographic PRNG must be seeded with unpredictable data such as
--mouse movements or keys pressed at random by the user. This is
--described in L<RAND_add(3)|RAND_add(3)>. Its state can be saved in a seed file
--(see L<RAND_load_file(3)|RAND_load_file(3)>) to avoid having to go through the
--seeding process whenever the application is started.
--
--L<RAND_bytes(3)|RAND_bytes(3)> describes how to obtain random data from the
--PRNG.
--
--=head1 INTERNALS
--
--The RAND_SSLeay() method implements a PRNG based on a cryptographic
--hash function.
--
--The following description of its design is based on the SSLeay
--documentation:
--
--First up I will state the things I believe I need for a good RNG.
--
--=over 4
--
--=item 1
--
--A good hashing algorithm to mix things up and to convert the RNG 'state'
--to random numbers.
--
--=item 2
--
--An initial source of random 'state'.
--
--=item 3
--
--The state should be very large. If the RNG is being used to generate
--4096 bit RSA keys, 2 2048 bit random strings are required (at a minimum).
--If your RNG state only has 128 bits, you are obviously limiting the
--search space to 128 bits, not 2048. I'm probably getting a little
--carried away on this last point but it does indicate that it may not be
--a bad idea to keep quite a lot of RNG state. It should be easier to
--break a cipher than guess the RNG seed data.
--
--=item 4
--
--Any RNG seed data should influence all subsequent random numbers
--generated. This implies that any random seed data entered will have
--an influence on all subsequent random numbers generated.
--
--=item 5
--
--When using data to seed the RNG state, the data used should not be
--extractable from the RNG state. I believe this should be a
--requirement because one possible source of 'secret' semi random
--data would be a private key or a password. This data must
--not be disclosed by either subsequent random numbers or a
--'core' dump left by a program crash.
--
--=item 6
--
--Given the same initial 'state', 2 systems should deviate in their RNG state
--(and hence the random numbers generated) over time if at all possible.
--
--=item 7
--
--Given the random number output stream, it should not be possible to determine
--the RNG state or the next random number.
--
--=back
--
--The algorithm is as follows.
--
--There is global state made up of a 1023 byte buffer (the 'state'), a
--working hash value ('md'), and a counter ('count').
--
--Whenever seed data is added, it is inserted into the 'state' as
--follows.
--
--The input is chopped up into units of 20 bytes (or less for
--the last block). Each of these blocks is run through the hash
--function as follows: The data passed to the hash function
--is the current 'md', the same number of bytes from the 'state'
--(the location determined by in incremented looping index) as
--the current 'block', the new key data 'block', and 'count'
--(which is incremented after each use).
--The result of this is kept in 'md' and also xored into the
--'state' at the same locations that were used as input into the
--hash function. I
--believe this system addresses points 1 (hash function; currently
--SHA-1), 3 (the 'state'), 4 (via the 'md'), 5 (by the use of a hash
--function and xor).
--
--When bytes are extracted from the RNG, the following process is used.
--For each group of 10 bytes (or less), we do the following:
--
--Input into the hash function the local 'md' (which is initialized from
--the global 'md' before any bytes are generated), the bytes that are to
--be overwritten by the random bytes, and bytes from the 'state'
--(incrementing looping index). From this digest output (which is kept
--in 'md'), the top (up to) 10 bytes are returned to the caller and the
--bottom 10 bytes are xored into the 'state'.
--
--Finally, after we have finished 'num' random bytes for the caller,
--'count' (which is incremented) and the local and global 'md' are fed
--into the hash function and the results are kept in the global 'md'.
--
--I believe the above addressed points 1 (use of SHA-1), 6 (by hashing
--into the 'state' the 'old' data from the caller that is about to be
--overwritten) and 7 (by not using the 10 bytes given to the caller to
--update the 'state', but they are used to update 'md').
--
--So of the points raised, only 2 is not addressed (but see
--L<RAND_add(3)|RAND_add(3)>).
--
--=head1 SEE ALSO
--
--L<BN_rand(3)|BN_rand(3)>, L<RAND_add(3)|RAND_add(3)>,
--L<RAND_load_file(3)|RAND_load_file(3)>, L<RAND_egd(3)|RAND_egd(3)>,
--L<RAND_bytes(3)|RAND_bytes(3)>,
--L<RAND_set_rand_method(3)|RAND_set_rand_method(3)>,
--L<RAND_cleanup(3)|RAND_cleanup(3)>
--
--=cut
-diff -Naur openssl-0.9.8a.orig/doc/crypto/rsa.pod openssl-0.9.8a/doc/crypto/rsa.pod
---- openssl-0.9.8a.orig/doc/crypto/rsa.pod 2002-08-04 21:08:36.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/rsa.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -108,7 +108,7 @@
- =head1 SEE ALSO
-
- L<rsa(1)|rsa(1)>, L<bn(3)|bn(3)>, L<dsa(3)|dsa(3)>, L<dh(3)|dh(3)>,
--L<rand(3)|rand(3)>, L<engine(3)|engine(3)>, L<RSA_new(3)|RSA_new(3)>,
-+L<openssl_rand(3)|openssl_rand(3)>, L<engine(3)|engine(3)>, L<RSA_new(3)|RSA_new(3)>,
- L<RSA_public_encrypt(3)|RSA_public_encrypt(3)>,
- L<RSA_sign(3)|RSA_sign(3)>, L<RSA_size(3)|RSA_size(3)>,
- L<RSA_generate_key(3)|RSA_generate_key(3)>,
-diff -Naur openssl-0.9.8a.orig/doc/crypto/threads.pod openssl-0.9.8a/doc/crypto/threads.pod
---- openssl-0.9.8a.orig/doc/crypto/threads.pod 2005-06-18 05:52:23.000000000 +0000
-+++ openssl-0.9.8a/doc/crypto/threads.pod 1970-01-01 00:00:00.000000000 +0000
-@@ -1,175 +0,0 @@
--=pod
--
--=head1 NAME
--
--CRYPTO_set_locking_callback, CRYPTO_set_id_callback, CRYPTO_num_locks,
--CRYPTO_set_dynlock_create_callback, CRYPTO_set_dynlock_lock_callback,
--CRYPTO_set_dynlock_destroy_callback, CRYPTO_get_new_dynlockid,
--CRYPTO_destroy_dynlockid, CRYPTO_lock - OpenSSL thread support
--
--=head1 SYNOPSIS
--
-- #include <openssl/crypto.h>
--
-- void CRYPTO_set_locking_callback(void (*locking_function)(int mode,
-- int n, const char *file, int line));
--
-- void CRYPTO_set_id_callback(unsigned long (*id_function)(void));
--
-- int CRYPTO_num_locks(void);
--
--
-- /* struct CRYPTO_dynlock_value needs to be defined by the user */
-- struct CRYPTO_dynlock_value;
--
-- void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *
-- (*dyn_create_function)(char *file, int line));
-- void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function)
-- (int mode, struct CRYPTO_dynlock_value *l,
-- const char *file, int line));
-- void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function)
-- (struct CRYPTO_dynlock_value *l, const char *file, int line));
--
-- int CRYPTO_get_new_dynlockid(void);
--
-- void CRYPTO_destroy_dynlockid(int i);
--
-- void CRYPTO_lock(int mode, int n, const char *file, int line);
--
-- #define CRYPTO_w_lock(type) \
-- CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
-- #define CRYPTO_w_unlock(type) \
-- CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
-- #define CRYPTO_r_lock(type) \
-- CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__)
-- #define CRYPTO_r_unlock(type) \
-- CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__)
-- #define CRYPTO_add(addr,amount,type) \
-- CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__)
--
--=head1 DESCRIPTION
--
--OpenSSL can safely be used in multi-threaded applications provided
--that at least two callback functions are set.
--
--locking_function(int mode, int n, const char *file, int line) is
--needed to perform locking on shared data structures.
--(Note that OpenSSL uses a number of global data structures that
--will be implicitly shared whenever multiple threads use OpenSSL.)
--Multi-threaded applications will crash at random if it is not set.
--
--locking_function() must be able to handle up to CRYPTO_num_locks()
--different mutex locks. It sets the B<n>-th lock if B<mode> &
--B<CRYPTO_LOCK>, and releases it otherwise.
--
--B<file> and B<line> are the file number of the function setting the
--lock. They can be useful for debugging.
--
--id_function(void) is a function that returns a thread ID, for example
--pthread_self() if it returns an integer (see NOTES below). It isn't
--needed on Windows nor on platforms where getpid() returns a different
--ID for each thread (see NOTES below).
--
--Additionally, OpenSSL supports dynamic locks, and sometimes, some parts
--of OpenSSL need it for better performance. To enable this, the following
--is required:
--
--=over 4
--
--=item *
--Three additional callback function, dyn_create_function, dyn_lock_function
--and dyn_destroy_function.
--
--=item *
--A structure defined with the data that each lock needs to handle.
--
--=back
--
--struct CRYPTO_dynlock_value has to be defined to contain whatever structure
--is needed to handle locks.
--
--dyn_create_function(const char *file, int line) is needed to create a
--lock. Multi-threaded applications might crash at random if it is not set.
--
--dyn_lock_function(int mode, CRYPTO_dynlock *l, const char *file, int line)
--is needed to perform locking off dynamic lock numbered n. Multi-threaded
--applications might crash at random if it is not set.
--
--dyn_destroy_function(CRYPTO_dynlock *l, const char *file, int line) is
--needed to destroy the lock l. Multi-threaded applications might crash at
--random if it is not set.
--
--CRYPTO_get_new_dynlockid() is used to create locks. It will call
--dyn_create_function for the actual creation.
--
--CRYPTO_destroy_dynlockid() is used to destroy locks. It will call
--dyn_destroy_function for the actual destruction.
--
--CRYPTO_lock() is used to lock and unlock the locks. mode is a bitfield
--describing what should be done with the lock. n is the number of the
--lock as returned from CRYPTO_get_new_dynlockid(). mode can be combined
--from the following values. These values are pairwise exclusive, with
--undefined behaviour if misused (for example, CRYPTO_READ and CRYPTO_WRITE
--should not be used together):
--
-- CRYPTO_LOCK 0x01
-- CRYPTO_UNLOCK 0x02
-- CRYPTO_READ 0x04
-- CRYPTO_WRITE 0x08
--
--=head1 RETURN VALUES
--
--CRYPTO_num_locks() returns the required number of locks.
--
--CRYPTO_get_new_dynlockid() returns the index to the newly created lock.
--
--The other functions return no values.
--
--=head1 NOTES
--
--You can find out if OpenSSL was configured with thread support:
--
-- #define OPENSSL_THREAD_DEFINES
-- #include <openssl/opensslconf.h>
-- #if defined(OPENSSL_THREADS)
-- // thread support enabled
-- #else
-- // no thread support
-- #endif
--
--Also, dynamic locks are currently not used internally by OpenSSL, but
--may do so in the future.
--
--Defining id_function(void) has it's own issues. Generally speaking,
--pthread_self() should be used, even on platforms where getpid() gives
--different answers in each thread, since that may depend on the machine
--the program is run on, not the machine where the program is being
--compiled. For instance, Red Hat 8 Linux and earlier used
--LinuxThreads, whose getpid() returns a different value for each
--thread. Red Hat 9 Linux and later use NPTL, which is
--Posix-conformant, and has a getpid() that returns the same value for
--all threads in a process. A program compiled on Red Hat 8 and run on
--Red Hat 9 will therefore see getpid() returning the same value for
--all threads.
--
--There is still the issue of platforms where pthread_self() returns
--something other than an integer. This is a bit unusual, and this
--manual has no cookbook solution for that case.
--
--=head1 EXAMPLES
--
--B<crypto/threads/mttest.c> shows examples of the callback functions on
--Solaris, Irix and Win32.
--
--=head1 HISTORY
--
--CRYPTO_set_locking_callback() and CRYPTO_set_id_callback() are
--available in all versions of SSLeay and OpenSSL.
--CRYPTO_num_locks() was added in OpenSSL 0.9.4.
--All functions dealing with dynamic locks were added in OpenSSL 0.9.5b-dev.
--
--=head1 SEE ALSO
--
--L<crypto(3)|crypto(3)>
--
--=cut
-diff -Naur openssl-0.9.8a.orig/doc/ssl/SSL_get_error.pod openssl-0.9.8a/doc/ssl/SSL_get_error.pod
---- openssl-0.9.8a.orig/doc/ssl/SSL_get_error.pod 2005-03-30 11:50:14.000000000 +0000
-+++ openssl-0.9.8a/doc/ssl/SSL_get_error.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -105,7 +105,7 @@
-
- =head1 SEE ALSO
-
--L<ssl(3)|ssl(3)>, L<err(3)|err(3)>
-+L<ssl(3)|ssl(3)>, L<openssl_err(3)|openssl_err(3)>
-
- =head1 HISTORY
-
-diff -Naur openssl-0.9.8a.orig/doc/ssl/SSL_want.pod openssl-0.9.8a/doc/ssl/SSL_want.pod
---- openssl-0.9.8a.orig/doc/ssl/SSL_want.pod 2005-03-30 11:50:14.000000000 +0000
-+++ openssl-0.9.8a/doc/ssl/SSL_want.pod 2005-11-14 03:59:59.000000000 +0000
-@@ -72,6 +72,6 @@
-
- =head1 SEE ALSO
-
--L<ssl(3)|ssl(3)>, L<err(3)|err(3)>, L<SSL_get_error(3)|SSL_get_error(3)>
-+L<ssl(3)|ssl(3)>, L<openssl_err(3)|openssl_err(3)>, L<SSL_get_error(3)|SSL_get_error(3)>
-
- =cut
+++ /dev/null
---- /dev/null 2008-04-27 15:35:57.000000000 +0200
-+++ linux/net/ipsec/version.c 2008-05-17 18:35:27.000000000 +0200
-@@ -0,0 +1,44 @@
-+/*
-+ * return IPsec version information
-+ * Copyright (C) 2001 Henry Spencer.
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: version.in.c,v 1.2 2004/04/14 05:09:46 ken Exp $
-+ */
-+
-+#ifdef __KERNEL__
-+#include <linux/netdevice.h>
-+#endif
-+
-+#include "openswan.h"
-+
-+#define V "2.4.12" /* substituted in by Makefile */
-+static const char openswan_number[] = V;
-+static const char openswan_string[] = "Openswan " V;
-+
-+/*
-+ - ipsec_version_code - return IPsec version number/code, as string
-+ */
-+const char *
-+ipsec_version_code()
-+{
-+ return openswan_number;
-+}
-+
-+/*
-+ - ipsec_version_string - return full version string
-+ */
-+const char *
-+ipsec_version_string()
-+{
-+ return openswan_string;
-+}
---- /dev/null 2008-04-27 15:35:57.000000000 +0200
-+++ linux/net/ipsec/zutil.c 2008-05-16 17:28:08.000000000 +0200
-@@ -0,0 +1,227 @@
-+/* zutil.c -- target dependent utility functions for the compression library
-+ * Copyright (C) 1995-2002 Jean-loup Gailly.
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+/* @(#) $Id: zutil.c,v 1.5 2004/07/10 07:48:40 mcr Exp $ */
-+
-+#include <zlib/zutil.h>
-+
-+#define MY_ZCALLOC
-+
-+struct internal_state {int dummy;}; /* for buggy compilers */
-+
-+#ifndef STDC
-+extern void exit OF((int));
-+#endif
-+
-+const char *z_errmsg[10] = {
-+"need dictionary", /* Z_NEED_DICT 2 */
-+"stream end", /* Z_STREAM_END 1 */
-+"", /* Z_OK 0 */
-+"file error", /* Z_ERRNO (-1) */
-+"stream error", /* Z_STREAM_ERROR (-2) */
-+"data error", /* Z_DATA_ERROR (-3) */
-+"insufficient memory", /* Z_MEM_ERROR (-4) */
-+"buffer error", /* Z_BUF_ERROR (-5) */
-+"incompatible version",/* Z_VERSION_ERROR (-6) */
-+""};
-+
-+
-+const char * ZEXPORT zlibVersion()
-+{
-+ return ZLIB_VERSION;
-+}
-+
-+#ifdef DEBUG
-+
-+# ifndef verbose
-+# define verbose 0
-+# endif
-+int z_verbose = verbose;
-+
-+void z_error (m)
-+ char *m;
-+{
-+ fprintf(stderr, "%s\n", m);
-+ exit(1);
-+}
-+#endif
-+
-+/* exported to allow conversion of error code to string for compress() and
-+ * uncompress()
-+ */
-+const char * ZEXPORT zError(err)
-+ int err;
-+{
-+ return ERR_MSG(err);
-+}
-+
-+
-+#ifndef HAVE_MEMCPY
-+
-+void zmemcpy(dest, source, len)
-+ Bytef* dest;
-+ const Bytef* source;
-+ uInt len;
-+{
-+ if (len == 0) return;
-+ do {
-+ *dest++ = *source++; /* ??? to be unrolled */
-+ } while (--len != 0);
-+}
-+
-+int zmemcmp(s1, s2, len)
-+ const Bytef* s1;
-+ const Bytef* s2;
-+ uInt len;
-+{
-+ uInt j;
-+
-+ for (j = 0; j < len; j++) {
-+ if (s1[j] != s2[j]) return 2*(s1[j] > s2[j])-1;
-+ }
-+ return 0;
-+}
-+
-+void zmemzero(dest, len)
-+ Bytef* dest;
-+ uInt len;
-+{
-+ if (len == 0) return;
-+ do {
-+ *dest++ = 0; /* ??? to be unrolled */
-+ } while (--len != 0);
-+}
-+#endif
-+
-+#ifdef __TURBOC__
-+#if (defined( __BORLANDC__) || !defined(SMALL_MEDIUM)) && !defined(__32BIT__)
-+/* Small and medium model in Turbo C are for now limited to near allocation
-+ * with reduced MAX_WBITS and MAX_MEM_LEVEL
-+ */
-+# define MY_ZCALLOC
-+
-+/* Turbo C malloc() does not allow dynamic allocation of 64K bytes
-+ * and farmalloc(64K) returns a pointer with an offset of 8, so we
-+ * must fix the pointer. Warning: the pointer must be put back to its
-+ * original form in order to free it, use zcfree().
-+ */
-+
-+#define MAX_PTR 10
-+/* 10*64K = 640K */
-+
-+local int next_ptr = 0;
-+
-+typedef struct ptr_table_s {
-+ voidpf org_ptr;
-+ voidpf new_ptr;
-+} ptr_table;
-+
-+local ptr_table table[MAX_PTR];
-+/* This table is used to remember the original form of pointers
-+ * to large buffers (64K). Such pointers are normalized with a zero offset.
-+ * Since MSDOS is not a preemptive multitasking OS, this table is not
-+ * protected from concurrent access. This hack doesn't work anyway on
-+ * a protected system like OS/2. Use Microsoft C instead.
-+ */
-+
-+voidpf zcalloc (voidpf opaque, unsigned items, unsigned size)
-+{
-+ voidpf buf = opaque; /* just to make some compilers happy */
-+ ulg bsize = (ulg)items*size;
-+
-+ /* If we allocate less than 65520 bytes, we assume that farmalloc
-+ * will return a usable pointer which doesn't have to be normalized.
-+ */
-+ if (bsize < 65520L) {
-+ buf = farmalloc(bsize);
-+ if (*(ush*)&buf != 0) return buf;
-+ } else {
-+ buf = farmalloc(bsize + 16L);
-+ }
-+ if (buf == NULL || next_ptr >= MAX_PTR) return NULL;
-+ table[next_ptr].org_ptr = buf;
-+
-+ /* Normalize the pointer to seg:0 */
-+ *((ush*)&buf+1) += ((ush)((uch*)buf-0) + 15) >> 4;
-+ *(ush*)&buf = 0;
-+ table[next_ptr++].new_ptr = buf;
-+ return buf;
-+}
-+
-+void zcfree (voidpf opaque, voidpf ptr)
-+{
-+ int n;
-+ if (*(ush*)&ptr != 0) { /* object < 64K */
-+ farfree(ptr);
-+ return;
-+ }
-+ /* Find the original pointer */
-+ for (n = 0; n < next_ptr; n++) {
-+ if (ptr != table[n].new_ptr) continue;
-+
-+ farfree(table[n].org_ptr);
-+ while (++n < next_ptr) {
-+ table[n-1] = table[n];
-+ }
-+ next_ptr--;
-+ return;
-+ }
-+ ptr = opaque; /* just to make some compilers happy */
-+ Assert(0, "zcfree: ptr not found");
-+}
-+#endif
-+#endif /* __TURBOC__ */
-+
-+
-+#if defined(M_I86) && !defined(__32BIT__)
-+/* Microsoft C in 16-bit mode */
-+
-+# define MY_ZCALLOC
-+
-+#if (!defined(_MSC_VER) || (_MSC_VER <= 600))
-+# define _halloc halloc
-+# define _hfree hfree
-+#endif
-+
-+voidpf zcalloc (voidpf opaque, unsigned items, unsigned size)
-+{
-+ if (opaque) opaque = 0; /* to make compiler happy */
-+ return _halloc((long)items, size);
-+}
-+
-+void zcfree (voidpf opaque, voidpf ptr)
-+{
-+ if (opaque) opaque = 0; /* to make compiler happy */
-+ _hfree(ptr);
-+}
-+
-+#endif /* MSC */
-+
-+
-+#ifndef MY_ZCALLOC /* Any system without a special alloc function */
-+
-+#ifndef STDC
-+extern voidp calloc OF((uInt items, uInt size));
-+extern void free OF((voidpf ptr));
-+#endif
-+
-+voidpf zcalloc (opaque, items, size)
-+ voidpf opaque;
-+ unsigned items;
-+ unsigned size;
-+{
-+ if (opaque) items += size - size; /* make compiler happy */
-+ return (voidpf)calloc(items, size);
-+}
-+
-+void zcfree (opaque, ptr)
-+ voidpf opaque;
-+ voidpf ptr;
-+{
-+ free(ptr);
-+ if (opaque) return; /* make compiler happy */
-+}
-+
-+#endif /* MY_ZCALLOC */
+++ /dev/null
-packaging/utils/kernelpatch 2.6
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/README.openswan-2 Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,112 @@
-+*
-+* RCSID $Id: README.openswan-2,v 1.1 2003-12-10 01:07:49 mcr Exp $
-+*
-+
-+ ****************************************
-+ * IPSEC for Linux, Release 2.xx series *
-+ ****************************************
-+
-+
-+
-+1. Files
-+
-+The contents of linux/net/ipsec/ (see below) join the linux kernel source tree.
-+as provided for higher up.
-+
-+The programs/ directory contains the user-level utilities which you need
-+to run IPSEC. See the top-level top/INSTALL to compile and install them.
-+
-+The testing/ directory contains test scripts.
-+
-+The doc/ directory contains -- what else -- documentation.
-+
-+1.1. Kernel files
-+
-+The following are found in net/ipsec/:
-+
-+Makefile The Makefile
-+Config.in The configuration script for make menuconfig
-+defconfig Configuration defaults for first time.
-+
-+radij.c General-purpose radix-tree operations
-+
-+ipsec_ipcomp.c IPCOMP encapsulate/decapsulate code.
-+ipsec_ah.c Authentication Header (AH) encapsulate/decapsulate code.
-+ipsec_esp.c Encapsulated Security Payload (ESP) encap/decap code.
-+
-+pfkey_v2.c PF_KEYv2 socket interface code.
-+pfkey_v2_parser.c PF_KEYv2 message parsing and processing code.
-+
-+ipsec_init.c Initialization code, /proc interface.
-+ipsec_radij.c Interface with the radix tree code.
-+ipsec_netlink.c Interface with the netlink code.
-+ipsec_xform.c Routines and structures common to transforms.
-+ipsec_tunnel.c The outgoing packet processing code.
-+ipsec_rcv.c The incoming packet processing code.
-+ipsec_md5c.c Somewhat modified RSADSI MD5 C code.
-+ipsec_sha1.c Somewhat modified Steve Reid SHA-1 C code.
-+
-+sysctl_net_ipsec.c /proc/sys/net/ipsec/* variable definitions.
-+
-+version.c symbolic link to project version.
-+
-+radij.h Headers for radij.c
-+
-+ipcomp.h Headers used by IPCOMP code.
-+
-+ipsec_radij.h Interface with the radix tree code.
-+ipsec_netlink.h Headers used by the netlink interface.
-+ipsec_encap.h Headers defining encapsulation structures.
-+ipsec_xform.h Transform headers.
-+ipsec_tunnel.h Headers used by tunneling code.
-+ipsec_ipe4.h Headers for the IP-in-IP code.
-+ipsec_ah.h Headers common to AH transforms.
-+ipsec_md5h.h RSADSI MD5 headers.
-+ipsec_sha1.h SHA-1 headers.
-+ipsec_esp.h Headers common to ESP transfroms.
-+ipsec_rcv.h Headers for incoming packet processing code.
-+
-+1.2. User-level files.
-+
-+The following are found in utils/:
-+
-+eroute.c Create an "extended route" source code
-+spi.c Set up Security Associations source code
-+spigrp.c Link SPIs together source code.
-+tncfg.c Configure the tunneling features of the virtual interface
-+ source code
-+klipsdebug.c Set/reset klips debugging features source code.
-+version.c symbolic link to project version.
-+
-+eroute.8 Create an "extended route" manual page
-+spi.8 Set up Security Associations manual page
-+spigrp.8 Link SPIs together manual page
-+tncfg.8 Configure the tunneling features of the virtual interface
-+ manual page
-+klipsdebug.8 Set/reset klips debugging features manual page
-+
-+eroute.5 /proc/net/ipsec_eroute format manual page
-+spi.5 /proc/net/ipsec_spi format manual page
-+spigrp.5 /proc/net/ipsec_spigrp format manual page
-+tncfg.5 /proc/net/ipsec_tncfg format manual page
-+klipsdebug.5 /proc/net/ipsec_klipsdebug format manual page
-+version.5 /proc/net/ipsec_version format manual page
-+pf_key.5 /proc/net/pf_key format manual page
-+
-+Makefile Utilities makefile.
-+
-+*.8 Manpages for the respective utils.
-+
-+
-+1.3. Test files
-+
-+The test scripts are locate in testing/ and and documentation is found
-+at doc/src/umltesting.html. Automated testing via "make check" is available
-+provided that the User-Mode-Linux patches are available.
-+
-+*
-+* $Log: README.openswan-2,v $
-+* Revision 1.1 2003-12-10 01:07:49 mcr
-+* documentation for additions.
-+*
-+*
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/crypto/ciphers/aes/test_main.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,41 @@
-+#include <stdio.h>
-+#include <string.h>
-+#include <sys/types.h>
-+#include "aes_cbc.h"
-+#define AES_BLOCK_SIZE 16
-+#define KEY_SIZE 128 /* bits */
-+#define KEY "1234567890123456"
-+#define STR "hola guaso como estaisss ... 012"
-+#define STRSZ (sizeof(STR)-1)
-+
-+#define EMT_AESCBC_BLKLEN AES_BLOCK_SIZE
-+#define AES_CONTEXT_T aes_context
-+#define EMT_ESPAES_KEY_SZ 16
-+int pretty_print(const unsigned char *buf, int count) {
-+ int i=0;
-+ for (;i<count;i++) {
-+ if (i%8==0) putchar(' ');
-+ if (i%16==0) putchar('\n');
-+ printf ("%02hhx ", buf[i]);
-+ }
-+ putchar('\n');
-+ return i;
-+}
-+//#define SIZE STRSZ/2
-+#define SIZE STRSZ
-+int main() {
-+ int ret;
-+ char buf0[SIZE+1], buf1[SIZE+1];
-+ char IV[AES_BLOCK_SIZE]="\0\0\0\0\0\0\0\0" "\0\0\0\0\0\0\0\0";
-+ aes_context ac;
-+ AES_set_key(&ac, KEY, KEY_SIZE);
-+ //pretty_print((char *)&ac.aes_e_key, sizeof(ac.aes_e_key));
-+ memset(buf0, 0, sizeof (buf0));
-+ memset(buf1, 0, sizeof (buf1));
-+ ret=AES_cbc_encrypt(&ac, STR, buf0, SIZE, IV, 1);
-+ pretty_print(buf0, SIZE);
-+ printf("size=%d ret=%d\n%s\n", SIZE, ret, buf0);
-+ ret=AES_cbc_encrypt(&ac, buf0, buf1, SIZE, IV, 0);
-+ printf("size=%d ret=%d\n%s\n", SIZE, ret, buf1);
-+ return 0;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/crypto/ciphers/aes/test_main_mac.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,30 @@
-+#include <stdio.h>
-+#include <sys/types.h>
-+#include <string.h>
-+#include "aes.h"
-+#include "aes_xcbc_mac.h"
-+#define STR "Hola guasssso c|mo estais ...012"
-+void print_hash(const __u8 *hash) {
-+ printf("%08x %08x %08x %08x\n",
-+ *(__u32*)(&hash[0]),
-+ *(__u32*)(&hash[4]),
-+ *(__u32*)(&hash[8]),
-+ *(__u32*)(&hash[12]));
-+}
-+int main(int argc, char *argv[]) {
-+ aes_block key= { 0xdeadbeef, 0xceedcaca, 0xcafebabe, 0xff010204 };
-+ __u8 hash[16];
-+ char *str = argv[1];
-+ aes_context_mac ctx;
-+ if (str==NULL) {
-+ fprintf(stderr, "pasame el str\n");
-+ return 255;
-+ }
-+ AES_xcbc_mac_set_key(&ctx, (__u8 *)&key, sizeof(key));
-+ AES_xcbc_mac_hash(&ctx, str, strlen(str), hash);
-+ print_hash(hash);
-+ str[2]='x';
-+ AES_xcbc_mac_hash(&ctx, str, strlen(str), hash);
-+ print_hash(hash);
-+ return 0;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/crypto/aes.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,97 @@
-+// I retain copyright in this code but I encourage its free use provided
-+// that I don't carry any responsibility for the results. I am especially
-+// happy to see it used in free and open source software. If you do use
-+// it I would appreciate an acknowledgement of its origin in the code or
-+// the product that results and I would also appreciate knowing a little
-+// about the use to which it is being put. I am grateful to Frank Yellin
-+// for some ideas that are used in this implementation.
-+//
-+// Dr B. R. Gladman <brg@gladman.uk.net> 6th April 2001.
-+//
-+// This is an implementation of the AES encryption algorithm (Rijndael)
-+// designed by Joan Daemen and Vincent Rijmen. This version is designed
-+// to provide both fixed and dynamic block and key lengths and can also
-+// run with either big or little endian internal byte order (see aes.h).
-+// It inputs block and key lengths in bytes with the legal values being
-+// 16, 24 and 32.
-+
-+/*
-+ * Modified by Jari Ruusu, May 1 2001
-+ * - Fixed some compile warnings, code was ok but gcc warned anyway.
-+ * - Changed basic types: byte -> unsigned char, word -> u_int32_t
-+ * - Major name space cleanup: Names visible to outside now begin
-+ * with "aes_" or "AES_". A lot of stuff moved from aes.h to aes.c
-+ * - Removed C++ and DLL support as part of name space cleanup.
-+ * - Eliminated unnecessary recomputation of tables. (actual bug fix)
-+ * - Merged precomputed constant tables to aes.c file.
-+ * - Removed data alignment restrictions for portability reasons.
-+ * - Made block and key lengths accept bit count (128/192/256)
-+ * as well byte count (16/24/32).
-+ * - Removed all error checks. This change also eliminated the need
-+ * to preinitialize the context struct to zero.
-+ * - Removed some totally unused constants.
-+ */
-+
-+#ifndef _AES_H
-+#define _AES_H
-+
-+#if defined(__linux__) && defined(__KERNEL__)
-+# include <linux/types.h>
-+#else
-+# include <sys/types.h>
-+#endif
-+
-+// CONFIGURATION OPTIONS (see also aes.c)
-+//
-+// Define AES_BLOCK_SIZE to set the cipher block size (16, 24 or 32) or
-+// leave this undefined for dynamically variable block size (this will
-+// result in much slower code).
-+// IMPORTANT NOTE: AES_BLOCK_SIZE is in BYTES (16, 24, 32 or undefined). If
-+// left undefined a slower version providing variable block length is compiled
-+
-+#define AES_BLOCK_SIZE 16
-+
-+// The number of key schedule words for different block and key lengths
-+// allowing for method of computation which requires the length to be a
-+// multiple of the key length
-+//
-+// Nk = 4 6 8
-+// -------------
-+// Nb = 4 | 60 60 64
-+// 6 | 96 90 96
-+// 8 | 120 120 120
-+
-+#if !defined(AES_BLOCK_SIZE) || (AES_BLOCK_SIZE == 32)
-+#define AES_KS_LENGTH 120
-+#define AES_RC_LENGTH 29
-+#else
-+#define AES_KS_LENGTH 4 * AES_BLOCK_SIZE
-+#define AES_RC_LENGTH (9 * AES_BLOCK_SIZE) / 8 - 8
-+#endif
-+
-+typedef struct
-+{
-+ u_int32_t aes_Nkey; // the number of words in the key input block
-+ u_int32_t aes_Nrnd; // the number of cipher rounds
-+ u_int32_t aes_e_key[AES_KS_LENGTH]; // the encryption key schedule
-+ u_int32_t aes_d_key[AES_KS_LENGTH]; // the decryption key schedule
-+#if !defined(AES_BLOCK_SIZE)
-+ u_int32_t aes_Ncol; // the number of columns in the cipher state
-+#endif
-+} aes_context;
-+
-+// THE CIPHER INTERFACE
-+
-+#if !defined(AES_BLOCK_SIZE)
-+extern void aes_set_blk(aes_context *, const int);
-+#endif
-+extern void aes_set_key(aes_context *, const unsigned char [], const int, const int);
-+extern void aes_encrypt(const aes_context *, const unsigned char [], unsigned char []);
-+extern void aes_decrypt(const aes_context *, const unsigned char [], unsigned char []);
-+
-+// The block length inputs to aes_set_block and aes_set_key are in numbers
-+// of bytes or bits. The calls to subroutines must be made in the above
-+// order but multiple calls can be made without repeating earlier calls
-+// if their parameters have not changed.
-+
-+#endif // _AES_H
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/crypto/aes_cbc.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,4 @@
-+/* Glue header */
-+#include "aes.h"
-+int AES_set_key(aes_context *aes_ctx, const u_int8_t * key, int keysize);
-+int AES_cbc_encrypt(aes_context *ctx, const u_int8_t * in, u_int8_t * out, int ilen, const u_int8_t * iv, int encrypt);
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/crypto/aes_xcbc_mac.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,12 @@
-+#ifndef _AES_XCBC_MAC_H
-+#define _AES_XCBC_MAC_H
-+
-+typedef u_int32_t aes_block[4];
-+typedef struct {
-+ aes_context ctx_k1;
-+ aes_block k2;
-+ aes_block k3;
-+} aes_context_mac;
-+int AES_xcbc_mac_set_key(aes_context_mac *ctxm, const u_int8_t *key, int keylen);
-+int AES_xcbc_mac_hash(const aes_context_mac *ctxm, const u_int8_t * in, int ilen, u_int8_t hash[16]);
-+#endif /* _AES_XCBC_MAC_H */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/crypto/cbc_generic.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,110 @@
-+#ifndef _CBC_GENERIC_H
-+#define _CBC_GENERIC_H
-+/*
-+ * CBC macro helpers
-+ *
-+ * Author: JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ */
-+
-+/*
-+ * Heavily inspired in loop_AES
-+ */
-+#define CBC_IMPL_BLK16(name, ctx_type, addr_type, enc_func, dec_func) \
-+int name(ctx_type *ctx, const u_int8_t * in, u_int8_t * out, int ilen, const u_int8_t * iv, int encrypt) { \
-+ int ret=ilen, pos; \
-+ const u_int32_t *iv_i; \
-+ if ((ilen) % 16) return 0; \
-+ if (encrypt) { \
-+ pos=0; \
-+ while(pos<ilen) { \
-+ if (pos==0) \
-+ iv_i=(const u_int32_t*) iv; \
-+ else \
-+ iv_i=(const u_int32_t*) (out-16); \
-+ *((u_int32_t *)(&out[ 0])) = iv_i[0]^*((const u_int32_t *)(&in[ 0])); \
-+ *((u_int32_t *)(&out[ 4])) = iv_i[1]^*((const u_int32_t *)(&in[ 4])); \
-+ *((u_int32_t *)(&out[ 8])) = iv_i[2]^*((const u_int32_t *)(&in[ 8])); \
-+ *((u_int32_t *)(&out[12])) = iv_i[3]^*((const u_int32_t *)(&in[12])); \
-+ enc_func(ctx, (addr_type) out, (addr_type) out); \
-+ in+=16; \
-+ out+=16; \
-+ pos+=16; \
-+ } \
-+ } else { \
-+ pos=ilen-16; \
-+ in+=pos; \
-+ out+=pos; \
-+ while(pos>=0) { \
-+ dec_func(ctx, (const addr_type) in, (addr_type) out); \
-+ if (pos==0) \
-+ iv_i=(const u_int32_t*) (iv); \
-+ else \
-+ iv_i=(const u_int32_t*) (in-16); \
-+ *((u_int32_t *)(&out[ 0])) ^= iv_i[0]; \
-+ *((u_int32_t *)(&out[ 4])) ^= iv_i[1]; \
-+ *((u_int32_t *)(&out[ 8])) ^= iv_i[2]; \
-+ *((u_int32_t *)(&out[12])) ^= iv_i[3]; \
-+ in-=16; \
-+ out-=16; \
-+ pos-=16; \
-+ } \
-+ } \
-+ return ret; \
-+}
-+#define CBC_IMPL_BLK8(name, ctx_type, addr_type, enc_func, dec_func) \
-+int name(ctx_type *ctx, u_int8_t * in, u_int8_t * out, int ilen, const u_int8_t * iv, int encrypt) { \
-+ int ret=ilen, pos; \
-+ const u_int32_t *iv_i; \
-+ if ((ilen) % 8) return 0; \
-+ if (encrypt) { \
-+ pos=0; \
-+ while(pos<ilen) { \
-+ if (pos==0) \
-+ iv_i=(const u_int32_t*) iv; \
-+ else \
-+ iv_i=(const u_int32_t*) (out-8); \
-+ *((u_int32_t *)(&out[ 0])) = iv_i[0]^*((const u_int32_t *)(&in[ 0])); \
-+ *((u_int32_t *)(&out[ 4])) = iv_i[1]^*((const u_int32_t *)(&in[ 4])); \
-+ enc_func(ctx, (addr_type)out, (addr_type)out); \
-+ in+=8; \
-+ out+=8; \
-+ pos+=8; \
-+ } \
-+ } else { \
-+ pos=ilen-8; \
-+ in+=pos; \
-+ out+=pos; \
-+ while(pos>=0) { \
-+ dec_func(ctx, (const addr_type)in, (addr_type)out); \
-+ if (pos==0) \
-+ iv_i=(const u_int32_t*) (iv); \
-+ else \
-+ iv_i=(const u_int32_t*) (in-8); \
-+ *((u_int32_t *)(&out[ 0])) ^= iv_i[0]; \
-+ *((u_int32_t *)(&out[ 4])) ^= iv_i[1]; \
-+ in-=8; \
-+ out-=8; \
-+ pos-=8; \
-+ } \
-+ } \
-+ return ret; \
-+}
-+#define CBC_DECL(name, ctx_type) \
-+int name(ctx_type *ctx, u_int8_t * in, u_int8_t * out, int ilen, const u_int8_t * iv, int encrypt)
-+/*
-+Eg.:
-+CBC_IMPL_BLK16(AES_cbc_encrypt, aes_context, u_int8_t *, aes_encrypt, aes_decrypt);
-+CBC_DECL(AES_cbc_encrypt, aes_context);
-+*/
-+#endif /* _CBC_GENERIC_H */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/crypto/des.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,298 @@
-+/* crypto/des/des.org */
-+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
-+ * All rights reserved.
-+ *
-+ * This package is an SSL implementation written
-+ * by Eric Young (eay@cryptsoft.com).
-+ * The implementation was written so as to conform with Netscapes SSL.
-+ *
-+ * This library is free for commercial and non-commercial use as long as
-+ * the following conditions are aheared to. The following conditions
-+ * apply to all code found in this distribution, be it the RC4, RSA,
-+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
-+ * included with this distribution is covered by the same copyright terms
-+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
-+ *
-+ * Copyright remains Eric Young's, and as such any Copyright notices in
-+ * the code are not to be removed.
-+ * If this package is used in a product, Eric Young should be given attribution
-+ * as the author of the parts of the library used.
-+ * This can be in the form of a textual message at program startup or
-+ * in documentation (online or textual) provided with the package.
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions
-+ * are met:
-+ * 1. Redistributions of source code must retain the copyright
-+ * notice, this list of conditions and the following disclaimer.
-+ * 2. Redistributions in binary form must reproduce the above copyright
-+ * notice, this list of conditions and the following disclaimer in the
-+ * documentation and/or other materials provided with the distribution.
-+ * 3. All advertising materials mentioning features or use of this software
-+ * must display the following acknowledgement:
-+ * "This product includes cryptographic software written by
-+ * Eric Young (eay@cryptsoft.com)"
-+ * The word 'cryptographic' can be left out if the rouines from the library
-+ * being used are not cryptographic related :-).
-+ * 4. If you include any Windows specific code (or a derivative thereof) from
-+ * the apps directory (application code) you must include an acknowledgement:
-+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
-+ *
-+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-+ * SUCH DAMAGE.
-+ *
-+ * The licence and distribution terms for any publically available version or
-+ * derivative of this code cannot be changed. i.e. this code cannot simply be
-+ * copied and put under another distribution licence
-+ * [including the GNU Public Licence.]
-+ */
-+
-+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
-+ *
-+ * Always modify des.org since des.h is automatically generated from
-+ * it during SSLeay configuration.
-+ *
-+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
-+ */
-+
-+#ifndef HEADER_DES_H
-+#define HEADER_DES_H
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+
-+/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
-+ * %20 speed up (longs are 8 bytes, int's are 4). */
-+/* Must be unsigned int on ia64/Itanium or DES breaks badly */
-+
-+#ifdef __KERNEL__
-+#include <linux/types.h>
-+#else
-+#include <sys/types.h>
-+#endif
-+
-+#ifndef DES_LONG
-+#define DES_LONG u_int32_t
-+#endif
-+
-+typedef unsigned char des_cblock[8];
-+typedef struct { des_cblock ks; } des_key_schedule[16];
-+
-+#define DES_KEY_SZ (sizeof(des_cblock))
-+#define DES_SCHEDULE_SZ (sizeof(des_key_schedule))
-+
-+#define DES_ENCRYPT 1
-+#define DES_DECRYPT 0
-+
-+#define DES_CBC_MODE 0
-+#define DES_PCBC_MODE 1
-+
-+#define des_ecb2_encrypt(i,o,k1,k2,e) \
-+ des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
-+
-+#define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
-+ des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
-+
-+#define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
-+ des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
-+
-+#define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
-+ des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
-+
-+#define C_Block des_cblock
-+#define Key_schedule des_key_schedule
-+#ifdef KERBEROS
-+#define ENCRYPT DES_ENCRYPT
-+#define DECRYPT DES_DECRYPT
-+#endif
-+#define KEY_SZ DES_KEY_SZ
-+#define string_to_key des_string_to_key
-+#define read_pw_string des_read_pw_string
-+#define random_key des_random_key
-+#define pcbc_encrypt des_pcbc_encrypt
-+#define set_key des_set_key
-+#define key_sched des_key_sched
-+#define ecb_encrypt des_ecb_encrypt
-+#define cbc_encrypt des_cbc_encrypt
-+#define ncbc_encrypt des_ncbc_encrypt
-+#define xcbc_encrypt des_xcbc_encrypt
-+#define cbc_cksum des_cbc_cksum
-+#define quad_cksum des_quad_cksum
-+
-+/* For compatibility with the MIT lib - eay 20/05/92 */
-+typedef des_key_schedule bit_64;
-+#define des_fixup_key_parity des_set_odd_parity
-+#define des_check_key_parity check_parity
-+
-+extern int des_check_key; /* defaults to false */
-+extern int des_rw_mode; /* defaults to DES_PCBC_MODE */
-+
-+/* The next line is used to disable full ANSI prototypes, if your
-+ * compiler has problems with the prototypes, make sure this line always
-+ * evaluates to true :-) */
-+#if defined(MSDOS) || defined(__STDC__)
-+#undef NOPROTO
-+#endif
-+#ifndef NOPROTO
-+char *des_options(void);
-+void des_ecb3_encrypt(des_cblock *input,des_cblock *output,
-+ des_key_schedule ks1,des_key_schedule ks2,
-+ des_key_schedule ks3, int enc);
-+DES_LONG des_cbc_cksum(des_cblock *input,des_cblock *output,
-+ long length,des_key_schedule schedule,des_cblock *ivec);
-+void des_cbc_encrypt(des_cblock *input,des_cblock *output,long length,
-+ des_key_schedule schedule,des_cblock *ivec,int enc);
-+void des_ncbc_encrypt(des_cblock *input,des_cblock *output,long length,
-+ des_key_schedule schedule,des_cblock *ivec,int enc);
-+void des_xcbc_encrypt(des_cblock *input,des_cblock *output,long length,
-+ des_key_schedule schedule,des_cblock *ivec,
-+ des_cblock *inw,des_cblock *outw,int enc);
-+void des_cfb_encrypt(unsigned char *in,unsigned char *out,int numbits,
-+ long length,des_key_schedule schedule,des_cblock *ivec,int enc);
-+void des_ecb_encrypt(des_cblock *input,des_cblock *output,
-+ des_key_schedule ks,int enc);
-+void des_encrypt(DES_LONG *data,des_key_schedule ks, int enc);
-+void des_encrypt2(DES_LONG *data,des_key_schedule ks, int enc);
-+void des_encrypt3(DES_LONG *data, des_key_schedule ks1,
-+ des_key_schedule ks2, des_key_schedule ks3);
-+void des_decrypt3(DES_LONG *data, des_key_schedule ks1,
-+ des_key_schedule ks2, des_key_schedule ks3);
-+void des_ede3_cbc_encrypt(des_cblock *input, des_cblock *output,
-+ long length, des_key_schedule ks1, des_key_schedule ks2,
-+ des_key_schedule ks3, des_cblock *ivec, int enc);
-+void des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
-+ long length, des_key_schedule ks1, des_key_schedule ks2,
-+ des_key_schedule ks3, des_cblock *ivec, int *num, int enc);
-+void des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
-+ long length, des_key_schedule ks1, des_key_schedule ks2,
-+ des_key_schedule ks3, des_cblock *ivec, int *num);
-+
-+void des_xwhite_in2out(des_cblock (*des_key), des_cblock (*in_white),
-+ des_cblock (*out_white));
-+
-+int des_enc_read(int fd,char *buf,int len,des_key_schedule sched,
-+ des_cblock *iv);
-+int des_enc_write(int fd,char *buf,int len,des_key_schedule sched,
-+ des_cblock *iv);
-+char *des_fcrypt(const char *buf,const char *salt, char *ret);
-+#ifdef PERL5
-+char *des_crypt(const char *buf,const char *salt);
-+#else
-+/* some stupid compilers complain because I have declared char instead
-+ * of const char */
-+#ifndef __KERNEL__
-+#ifdef HEADER_DES_LOCL_H
-+char *crypt(const char *buf,const char *salt);
-+#else /* HEADER_DES_LOCL_H */
-+char *crypt(void);
-+#endif /* HEADER_DES_LOCL_H */
-+#endif /* __KERNEL__ */
-+#endif /* PERL5 */
-+void des_ofb_encrypt(unsigned char *in,unsigned char *out,
-+ int numbits,long length,des_key_schedule schedule,des_cblock *ivec);
-+void des_pcbc_encrypt(des_cblock *input,des_cblock *output,long length,
-+ des_key_schedule schedule,des_cblock *ivec,int enc);
-+DES_LONG des_quad_cksum(des_cblock *input,des_cblock *output,
-+ long length,int out_count,des_cblock *seed);
-+void des_random_seed(des_cblock key);
-+void des_random_key(des_cblock ret);
-+int des_read_password(des_cblock *key,char *prompt,int verify);
-+int des_read_2passwords(des_cblock *key1,des_cblock *key2,
-+ char *prompt,int verify);
-+int des_read_pw_string(char *buf,int length,char *prompt,int verify);
-+void des_set_odd_parity(des_cblock *key);
-+int des_is_weak_key(des_cblock *key);
-+int des_set_key(des_cblock *key,des_key_schedule schedule);
-+int des_key_sched(des_cblock *key,des_key_schedule schedule);
-+void des_string_to_key(char *str,des_cblock *key);
-+void des_string_to_2keys(char *str,des_cblock *key1,des_cblock *key2);
-+void des_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
-+ des_key_schedule schedule, des_cblock *ivec, int *num, int enc);
-+void des_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
-+ des_key_schedule schedule, des_cblock *ivec, int *num);
-+int des_read_pw(char *buf, char *buff, int size, char *prompt, int verify);
-+
-+/* Extra functions from Mark Murray <mark@grondar.za> */
-+/* The following functions are not in the normal unix build or the
-+ * SSLeay build. When using the SSLeay build, use RAND_seed()
-+ * and RAND_bytes() instead. */
-+int des_new_random_key(des_cblock *key);
-+void des_init_random_number_generator(des_cblock *key);
-+void des_set_random_generator_seed(des_cblock *key);
-+void des_set_sequence_number(des_cblock new_sequence_number);
-+void des_generate_random_block(des_cblock *block);
-+
-+#else
-+
-+char *des_options();
-+void des_ecb3_encrypt();
-+DES_LONG des_cbc_cksum();
-+void des_cbc_encrypt();
-+void des_ncbc_encrypt();
-+void des_xcbc_encrypt();
-+void des_cfb_encrypt();
-+void des_ede3_cfb64_encrypt();
-+void des_ede3_ofb64_encrypt();
-+void des_ecb_encrypt();
-+void des_encrypt();
-+void des_encrypt2();
-+void des_encrypt3();
-+void des_decrypt3();
-+void des_ede3_cbc_encrypt();
-+int des_enc_read();
-+int des_enc_write();
-+char *des_fcrypt();
-+#ifdef PERL5
-+char *des_crypt();
-+#else
-+char *crypt();
-+#endif
-+void des_ofb_encrypt();
-+void des_pcbc_encrypt();
-+DES_LONG des_quad_cksum();
-+void des_random_seed();
-+void des_random_key();
-+int des_read_password();
-+int des_read_2passwords();
-+int des_read_pw_string();
-+void des_set_odd_parity();
-+int des_is_weak_key();
-+int des_set_key();
-+int des_key_sched();
-+void des_string_to_key();
-+void des_string_to_2keys();
-+void des_cfb64_encrypt();
-+void des_ofb64_encrypt();
-+int des_read_pw();
-+void des_xwhite_in2out();
-+
-+/* Extra functions from Mark Murray <mark@grondar.za> */
-+/* The following functions are not in the normal unix build or the
-+ * SSLeay build. When using the SSLeay build, use RAND_seed()
-+ * and RAND_bytes() instead. */
-+#ifdef FreeBSD
-+int des_new_random_key();
-+void des_init_random_number_generator();
-+void des_set_random_generator_seed();
-+void des_set_sequence_number();
-+void des_generate_random_block();
-+#endif
-+
-+#endif
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+
-+#endif
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/des/des_locl.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,515 @@
-+/* crypto/des/des_locl.org */
-+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
-+ * All rights reserved.
-+ *
-+ * This package is an SSL implementation written
-+ * by Eric Young (eay@cryptsoft.com).
-+ * The implementation was written so as to conform with Netscapes SSL.
-+ *
-+ * This library is free for commercial and non-commercial use as long as
-+ * the following conditions are aheared to. The following conditions
-+ * apply to all code found in this distribution, be it the RC4, RSA,
-+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
-+ * included with this distribution is covered by the same copyright terms
-+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
-+ *
-+ * Copyright remains Eric Young's, and as such any Copyright notices in
-+ * the code are not to be removed.
-+ * If this package is used in a product, Eric Young should be given attribution
-+ * as the author of the parts of the library used.
-+ * This can be in the form of a textual message at program startup or
-+ * in documentation (online or textual) provided with the package.
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions
-+ * are met:
-+ * 1. Redistributions of source code must retain the copyright
-+ * notice, this list of conditions and the following disclaimer.
-+ * 2. Redistributions in binary form must reproduce the above copyright
-+ * notice, this list of conditions and the following disclaimer in the
-+ * documentation and/or other materials provided with the distribution.
-+ * 3. All advertising materials mentioning features or use of this software
-+ * must display the following acknowledgement:
-+ * "This product includes cryptographic software written by
-+ * Eric Young (eay@cryptsoft.com)"
-+ * The word 'cryptographic' can be left out if the rouines from the library
-+ * being used are not cryptographic related :-).
-+ * 4. If you include any Windows specific code (or a derivative thereof) from
-+ * the apps directory (application code) you must include an acknowledgement:
-+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
-+ *
-+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-+ * SUCH DAMAGE.
-+ *
-+ * The licence and distribution terms for any publically available version or
-+ * derivative of this code cannot be changed. i.e. this code cannot simply be
-+ * copied and put under another distribution licence
-+ * [including the GNU Public Licence.]
-+ */
-+
-+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
-+ *
-+ * Always modify des_locl.org since des_locl.h is automatically generated from
-+ * it during SSLeay configuration.
-+ *
-+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
-+ */
-+
-+#ifndef HEADER_DES_LOCL_H
-+#define HEADER_DES_LOCL_H
-+
-+#if defined(WIN32) || defined(WIN16)
-+#ifndef MSDOS
-+#define MSDOS
-+#endif
-+#endif
-+
-+#include "crypto/des.h"
-+
-+#ifndef DES_DEFAULT_OPTIONS
-+/* the following is tweaked from a config script, that is why it is a
-+ * protected undef/define */
-+#ifndef DES_PTR
-+#define DES_PTR
-+#endif
-+
-+/* This helps C compiler generate the correct code for multiple functional
-+ * units. It reduces register dependancies at the expense of 2 more
-+ * registers */
-+#ifndef DES_RISC1
-+#define DES_RISC1
-+#endif
-+
-+#ifndef DES_RISC2
-+#undef DES_RISC2
-+#endif
-+
-+#if defined(DES_RISC1) && defined(DES_RISC2)
-+YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
-+#endif
-+
-+/* Unroll the inner loop, this sometimes helps, sometimes hinders.
-+ * Very mucy CPU dependant */
-+#ifndef DES_UNROLL
-+#define DES_UNROLL
-+#endif
-+
-+/* These default values were supplied by
-+ * Peter Gutman <pgut001@cs.auckland.ac.nz>
-+ * They are only used if nothing else has been defined */
-+#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
-+/* Special defines which change the way the code is built depending on the
-+ CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
-+ even newer MIPS CPU's, but at the moment one size fits all for
-+ optimization options. Older Sparc's work better with only UNROLL, but
-+ there's no way to tell at compile time what it is you're running on */
-+
-+#if defined( sun ) /* Newer Sparc's */
-+ #define DES_PTR
-+ #define DES_RISC1
-+ #define DES_UNROLL
-+#elif defined( __ultrix ) /* Older MIPS */
-+ #define DES_PTR
-+ #define DES_RISC2
-+ #define DES_UNROLL
-+#elif defined( __osf1__ ) /* Alpha */
-+ #define DES_PTR
-+ #define DES_RISC2
-+#elif defined ( _AIX ) /* RS6000 */
-+ /* Unknown */
-+#elif defined( __hpux ) /* HP-PA */
-+ /* Unknown */
-+#elif defined( __aux ) /* 68K */
-+ /* Unknown */
-+#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */
-+ #define DES_UNROLL
-+#elif defined( __sgi ) /* Newer MIPS */
-+ #define DES_PTR
-+ #define DES_RISC2
-+ #define DES_UNROLL
-+#elif defined( i386 ) /* x86 boxes, should be gcc */
-+ #define DES_PTR
-+ #define DES_RISC1
-+ #define DES_UNROLL
-+#endif /* Systems-specific speed defines */
-+#endif
-+
-+#endif /* DES_DEFAULT_OPTIONS */
-+
-+#ifdef MSDOS /* Visual C++ 2.1 (Windows NT/95) */
-+#include <stdlib.h>
-+#include <errno.h>
-+#include <time.h>
-+#include <io.h>
-+#ifndef RAND
-+#define RAND
-+#endif
-+#undef NOPROTO
-+#endif
-+
-+#if defined(__STDC__) || defined(VMS) || defined(M_XENIX) || defined(MSDOS)
-+#ifndef __KERNEL__
-+#include <string.h>
-+#else
-+#include <linux/string.h>
-+#endif
-+#endif
-+
-+#ifndef RAND
-+#define RAND
-+#endif
-+
-+#ifdef linux
-+#undef RAND
-+#endif
-+
-+#ifdef MSDOS
-+#define getpid() 2
-+#define RAND
-+#undef NOPROTO
-+#endif
-+
-+#if defined(NOCONST)
-+#define const
-+#endif
-+
-+#ifdef __STDC__
-+#undef NOPROTO
-+#endif
-+
-+#ifdef RAND
-+#define srandom(s) srand(s)
-+#define random rand
-+#endif
-+
-+#define ITERATIONS 16
-+#define HALF_ITERATIONS 8
-+
-+/* used in des_read and des_write */
-+#define MAXWRITE (1024*16)
-+#define BSIZE (MAXWRITE+4)
-+
-+#define c2l(c,l) (l =((DES_LONG)(*((c)++))) , \
-+ l|=((DES_LONG)(*((c)++)))<< 8L, \
-+ l|=((DES_LONG)(*((c)++)))<<16L, \
-+ l|=((DES_LONG)(*((c)++)))<<24L)
-+
-+/* NOTE - c is not incremented as per c2l */
-+#define c2ln(c,l1,l2,n) { \
-+ c+=n; \
-+ l1=l2=0; \
-+ switch (n) { \
-+ case 8: l2 =((DES_LONG)(*(--(c))))<<24L; \
-+ case 7: l2|=((DES_LONG)(*(--(c))))<<16L; \
-+ case 6: l2|=((DES_LONG)(*(--(c))))<< 8L; \
-+ case 5: l2|=((DES_LONG)(*(--(c)))); \
-+ case 4: l1 =((DES_LONG)(*(--(c))))<<24L; \
-+ case 3: l1|=((DES_LONG)(*(--(c))))<<16L; \
-+ case 2: l1|=((DES_LONG)(*(--(c))))<< 8L; \
-+ case 1: l1|=((DES_LONG)(*(--(c)))); \
-+ } \
-+ }
-+
-+#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
-+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-+ *((c)++)=(unsigned char)(((l)>>24L)&0xff))
-+
-+/* replacements for htonl and ntohl since I have no idea what to do
-+ * when faced with machines with 8 byte longs. */
-+#define HDRSIZE 4
-+
-+#define n2l(c,l) (l =((DES_LONG)(*((c)++)))<<24L, \
-+ l|=((DES_LONG)(*((c)++)))<<16L, \
-+ l|=((DES_LONG)(*((c)++)))<< 8L, \
-+ l|=((DES_LONG)(*((c)++))))
-+
-+#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
-+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-+ *((c)++)=(unsigned char)(((l) )&0xff))
-+
-+/* NOTE - c is not incremented as per l2c */
-+#define l2cn(l1,l2,c,n) { \
-+ c+=n; \
-+ switch (n) { \
-+ case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
-+ case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
-+ case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
-+ case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
-+ case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
-+ case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
-+ case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
-+ case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
-+ } \
-+ }
-+
-+#if defined(WIN32)
-+#define ROTATE(a,n) (_lrotr(a,n))
-+#else
-+#define ROTATE(a,n) (((a)>>(n))+((a)<<(32-(n))))
-+#endif
-+
-+/* Don't worry about the LOAD_DATA() stuff, that is used by
-+ * fcrypt() to add it's little bit to the front */
-+
-+#ifdef DES_FCRYPT
-+
-+#define LOAD_DATA_tmp(R,S,u,t,E0,E1) \
-+ { DES_LONG tmp; LOAD_DATA(R,S,u,t,E0,E1,tmp); }
-+
-+#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
-+ t=R^(R>>16L); \
-+ u=t&E0; t&=E1; \
-+ tmp=(u<<16); u^=R^s[S ]; u^=tmp; \
-+ tmp=(t<<16); t^=R^s[S+1]; t^=tmp
-+#else
-+#define LOAD_DATA_tmp(a,b,c,d,e,f) LOAD_DATA(a,b,c,d,e,f,g)
-+#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
-+ u=R^s[S ]; \
-+ t=R^s[S+1]
-+#endif
-+
-+/* The changes to this macro may help or hinder, depending on the
-+ * compiler and the achitecture. gcc2 always seems to do well :-).
-+ * Inspired by Dana How <how@isl.stanford.edu>
-+ * DO NOT use the alternative version on machines with 8 byte longs.
-+ * It does not seem to work on the Alpha, even when DES_LONG is 4
-+ * bytes, probably an issue of accessing non-word aligned objects :-( */
-+#ifdef DES_PTR
-+
-+/* It recently occured to me that 0^0^0^0^0^0^0 == 0, so there
-+ * is no reason to not xor all the sub items together. This potentially
-+ * saves a register since things can be xored directly into L */
-+
-+#if defined(DES_RISC1) || defined(DES_RISC2)
-+#ifdef DES_RISC1
-+#define D_ENCRYPT(LL,R,S) { \
-+ unsigned int u1,u2,u3; \
-+ LOAD_DATA(R,S,u,t,E0,E1,u1); \
-+ u2=(int)u>>8L; \
-+ u1=(int)u&0xfc; \
-+ u2&=0xfc; \
-+ t=ROTATE(t,4); \
-+ u>>=16L; \
-+ LL^= *(DES_LONG *)((unsigned char *)des_SP +u1); \
-+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x200+u2); \
-+ u3=(int)(u>>8L); \
-+ u1=(int)u&0xfc; \
-+ u3&=0xfc; \
-+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x400+u1); \
-+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x600+u3); \
-+ u2=(int)t>>8L; \
-+ u1=(int)t&0xfc; \
-+ u2&=0xfc; \
-+ t>>=16L; \
-+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x100+u1); \
-+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x300+u2); \
-+ u3=(int)t>>8L; \
-+ u1=(int)t&0xfc; \
-+ u3&=0xfc; \
-+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x500+u1); \
-+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x700+u3); }
-+#endif
-+#ifdef DES_RISC2
-+#define D_ENCRYPT(LL,R,S) { \
-+ unsigned int u1,u2,s1,s2; \
-+ LOAD_DATA(R,S,u,t,E0,E1,u1); \
-+ u2=(int)u>>8L; \
-+ u1=(int)u&0xfc; \
-+ u2&=0xfc; \
-+ t=ROTATE(t,4); \
-+ LL^= *(DES_LONG *)((unsigned char *)des_SP +u1); \
-+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x200+u2); \
-+ s1=(int)(u>>16L); \
-+ s2=(int)(u>>24L); \
-+ s1&=0xfc; \
-+ s2&=0xfc; \
-+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x400+s1); \
-+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x600+s2); \
-+ u2=(int)t>>8L; \
-+ u1=(int)t&0xfc; \
-+ u2&=0xfc; \
-+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x100+u1); \
-+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x300+u2); \
-+ s1=(int)(t>>16L); \
-+ s2=(int)(t>>24L); \
-+ s1&=0xfc; \
-+ s2&=0xfc; \
-+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x500+s1); \
-+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x700+s2); }
-+#endif
-+#else
-+#define D_ENCRYPT(LL,R,S) { \
-+ LOAD_DATA_tmp(R,S,u,t,E0,E1); \
-+ t=ROTATE(t,4); \
-+ LL^= \
-+ *(DES_LONG *)((unsigned char *)des_SP +((u )&0xfc))^ \
-+ *(DES_LONG *)((unsigned char *)des_SP+0x200+((u>> 8L)&0xfc))^ \
-+ *(DES_LONG *)((unsigned char *)des_SP+0x400+((u>>16L)&0xfc))^ \
-+ *(DES_LONG *)((unsigned char *)des_SP+0x600+((u>>24L)&0xfc))^ \
-+ *(DES_LONG *)((unsigned char *)des_SP+0x100+((t )&0xfc))^ \
-+ *(DES_LONG *)((unsigned char *)des_SP+0x300+((t>> 8L)&0xfc))^ \
-+ *(DES_LONG *)((unsigned char *)des_SP+0x500+((t>>16L)&0xfc))^ \
-+ *(DES_LONG *)((unsigned char *)des_SP+0x700+((t>>24L)&0xfc)); }
-+#endif
-+
-+#else /* original version */
-+
-+#if defined(DES_RISC1) || defined(DES_RISC2)
-+#ifdef DES_RISC1
-+#define D_ENCRYPT(LL,R,S) {\
-+ unsigned int u1,u2,u3; \
-+ LOAD_DATA(R,S,u,t,E0,E1,u1); \
-+ u>>=2L; \
-+ t=ROTATE(t,6); \
-+ u2=(int)u>>8L; \
-+ u1=(int)u&0x3f; \
-+ u2&=0x3f; \
-+ u>>=16L; \
-+ LL^=des_SPtrans[0][u1]; \
-+ LL^=des_SPtrans[2][u2]; \
-+ u3=(int)u>>8L; \
-+ u1=(int)u&0x3f; \
-+ u3&=0x3f; \
-+ LL^=des_SPtrans[4][u1]; \
-+ LL^=des_SPtrans[6][u3]; \
-+ u2=(int)t>>8L; \
-+ u1=(int)t&0x3f; \
-+ u2&=0x3f; \
-+ t>>=16L; \
-+ LL^=des_SPtrans[1][u1]; \
-+ LL^=des_SPtrans[3][u2]; \
-+ u3=(int)t>>8L; \
-+ u1=(int)t&0x3f; \
-+ u3&=0x3f; \
-+ LL^=des_SPtrans[5][u1]; \
-+ LL^=des_SPtrans[7][u3]; }
-+#endif
-+#ifdef DES_RISC2
-+#define D_ENCRYPT(LL,R,S) {\
-+ unsigned int u1,u2,s1,s2; \
-+ LOAD_DATA(R,S,u,t,E0,E1,u1); \
-+ u>>=2L; \
-+ t=ROTATE(t,6); \
-+ u2=(int)u>>8L; \
-+ u1=(int)u&0x3f; \
-+ u2&=0x3f; \
-+ LL^=des_SPtrans[0][u1]; \
-+ LL^=des_SPtrans[2][u2]; \
-+ s1=(int)u>>16L; \
-+ s2=(int)u>>24L; \
-+ s1&=0x3f; \
-+ s2&=0x3f; \
-+ LL^=des_SPtrans[4][s1]; \
-+ LL^=des_SPtrans[6][s2]; \
-+ u2=(int)t>>8L; \
-+ u1=(int)t&0x3f; \
-+ u2&=0x3f; \
-+ LL^=des_SPtrans[1][u1]; \
-+ LL^=des_SPtrans[3][u2]; \
-+ s1=(int)t>>16; \
-+ s2=(int)t>>24L; \
-+ s1&=0x3f; \
-+ s2&=0x3f; \
-+ LL^=des_SPtrans[5][s1]; \
-+ LL^=des_SPtrans[7][s2]; }
-+#endif
-+
-+#else
-+
-+#define D_ENCRYPT(LL,R,S) {\
-+ LOAD_DATA_tmp(R,S,u,t,E0,E1); \
-+ t=ROTATE(t,4); \
-+ LL^=\
-+ des_SPtrans[0][(u>> 2L)&0x3f]^ \
-+ des_SPtrans[2][(u>>10L)&0x3f]^ \
-+ des_SPtrans[4][(u>>18L)&0x3f]^ \
-+ des_SPtrans[6][(u>>26L)&0x3f]^ \
-+ des_SPtrans[1][(t>> 2L)&0x3f]^ \
-+ des_SPtrans[3][(t>>10L)&0x3f]^ \
-+ des_SPtrans[5][(t>>18L)&0x3f]^ \
-+ des_SPtrans[7][(t>>26L)&0x3f]; }
-+#endif
-+#endif
-+
-+ /* IP and FP
-+ * The problem is more of a geometric problem that random bit fiddling.
-+ 0 1 2 3 4 5 6 7 62 54 46 38 30 22 14 6
-+ 8 9 10 11 12 13 14 15 60 52 44 36 28 20 12 4
-+ 16 17 18 19 20 21 22 23 58 50 42 34 26 18 10 2
-+ 24 25 26 27 28 29 30 31 to 56 48 40 32 24 16 8 0
-+
-+ 32 33 34 35 36 37 38 39 63 55 47 39 31 23 15 7
-+ 40 41 42 43 44 45 46 47 61 53 45 37 29 21 13 5
-+ 48 49 50 51 52 53 54 55 59 51 43 35 27 19 11 3
-+ 56 57 58 59 60 61 62 63 57 49 41 33 25 17 9 1
-+
-+ The output has been subject to swaps of the form
-+ 0 1 -> 3 1 but the odd and even bits have been put into
-+ 2 3 2 0
-+ different words. The main trick is to remember that
-+ t=((l>>size)^r)&(mask);
-+ r^=t;
-+ l^=(t<<size);
-+ can be used to swap and move bits between words.
-+
-+ So l = 0 1 2 3 r = 16 17 18 19
-+ 4 5 6 7 20 21 22 23
-+ 8 9 10 11 24 25 26 27
-+ 12 13 14 15 28 29 30 31
-+ becomes (for size == 2 and mask == 0x3333)
-+ t = 2^16 3^17 -- -- l = 0 1 16 17 r = 2 3 18 19
-+ 6^20 7^21 -- -- 4 5 20 21 6 7 22 23
-+ 10^24 11^25 -- -- 8 9 24 25 10 11 24 25
-+ 14^28 15^29 -- -- 12 13 28 29 14 15 28 29
-+
-+ Thanks for hints from Richard Outerbridge - he told me IP&FP
-+ could be done in 15 xor, 10 shifts and 5 ands.
-+ When I finally started to think of the problem in 2D
-+ I first got ~42 operations without xors. When I remembered
-+ how to use xors :-) I got it to its final state.
-+ */
-+#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
-+ (b)^=(t),\
-+ (a)^=((t)<<(n)))
-+
-+#define IP(l,r) \
-+ { \
-+ register DES_LONG tt; \
-+ PERM_OP(r,l,tt, 4,0x0f0f0f0fL); \
-+ PERM_OP(l,r,tt,16,0x0000ffffL); \
-+ PERM_OP(r,l,tt, 2,0x33333333L); \
-+ PERM_OP(l,r,tt, 8,0x00ff00ffL); \
-+ PERM_OP(r,l,tt, 1,0x55555555L); \
-+ }
-+
-+#define FP(l,r) \
-+ { \
-+ register DES_LONG tt; \
-+ PERM_OP(l,r,tt, 1,0x55555555L); \
-+ PERM_OP(r,l,tt, 8,0x00ff00ffL); \
-+ PERM_OP(l,r,tt, 2,0x33333333L); \
-+ PERM_OP(r,l,tt,16,0x0000ffffL); \
-+ PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \
-+ }
-+
-+extern const DES_LONG des_SPtrans[8][64];
-+
-+#ifndef NOPROTO
-+void fcrypt_body(DES_LONG *out,des_key_schedule ks,
-+ DES_LONG Eswap0, DES_LONG Eswap1);
-+#else
-+void fcrypt_body();
-+#endif
-+
-+#endif
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/des/des_ver.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,60 @@
-+/* crypto/des/des_ver.h */
-+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
-+ * All rights reserved.
-+ *
-+ * This package is an SSL implementation written
-+ * by Eric Young (eay@cryptsoft.com).
-+ * The implementation was written so as to conform with Netscapes SSL.
-+ *
-+ * This library is free for commercial and non-commercial use as long as
-+ * the following conditions are aheared to. The following conditions
-+ * apply to all code found in this distribution, be it the RC4, RSA,
-+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
-+ * included with this distribution is covered by the same copyright terms
-+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
-+ *
-+ * Copyright remains Eric Young's, and as such any Copyright notices in
-+ * the code are not to be removed.
-+ * If this package is used in a product, Eric Young should be given attribution
-+ * as the author of the parts of the library used.
-+ * This can be in the form of a textual message at program startup or
-+ * in documentation (online or textual) provided with the package.
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions
-+ * are met:
-+ * 1. Redistributions of source code must retain the copyright
-+ * notice, this list of conditions and the following disclaimer.
-+ * 2. Redistributions in binary form must reproduce the above copyright
-+ * notice, this list of conditions and the following disclaimer in the
-+ * documentation and/or other materials provided with the distribution.
-+ * 3. All advertising materials mentioning features or use of this software
-+ * must display the following acknowledgement:
-+ * "This product includes cryptographic software written by
-+ * Eric Young (eay@cryptsoft.com)"
-+ * The word 'cryptographic' can be left out if the rouines from the library
-+ * being used are not cryptographic related :-).
-+ * 4. If you include any Windows specific code (or a derivative thereof) from
-+ * the apps directory (application code) you must include an acknowledgement:
-+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
-+ *
-+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-+ * SUCH DAMAGE.
-+ *
-+ * The licence and distribution terms for any publically available version or
-+ * derivative of this code cannot be changed. i.e. this code cannot simply be
-+ * copied and put under another distribution licence
-+ * [including the GNU Public Licence.]
-+ */
-+
-+extern char *DES_version; /* SSLeay version string */
-+extern char *libdes_version; /* old libdes version string */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/des/podd.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,75 @@
-+/* crypto/des/podd.h */
-+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
-+ * All rights reserved.
-+ *
-+ * This package is an SSL implementation written
-+ * by Eric Young (eay@cryptsoft.com).
-+ * The implementation was written so as to conform with Netscapes SSL.
-+ *
-+ * This library is free for commercial and non-commercial use as long as
-+ * the following conditions are aheared to. The following conditions
-+ * apply to all code found in this distribution, be it the RC4, RSA,
-+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
-+ * included with this distribution is covered by the same copyright terms
-+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
-+ *
-+ * Copyright remains Eric Young's, and as such any Copyright notices in
-+ * the code are not to be removed.
-+ * If this package is used in a product, Eric Young should be given attribution
-+ * as the author of the parts of the library used.
-+ * This can be in the form of a textual message at program startup or
-+ * in documentation (online or textual) provided with the package.
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions
-+ * are met:
-+ * 1. Redistributions of source code must retain the copyright
-+ * notice, this list of conditions and the following disclaimer.
-+ * 2. Redistributions in binary form must reproduce the above copyright
-+ * notice, this list of conditions and the following disclaimer in the
-+ * documentation and/or other materials provided with the distribution.
-+ * 3. All advertising materials mentioning features or use of this software
-+ * must display the following acknowledgement:
-+ * "This product includes cryptographic software written by
-+ * Eric Young (eay@cryptsoft.com)"
-+ * The word 'cryptographic' can be left out if the rouines from the library
-+ * being used are not cryptographic related :-).
-+ * 4. If you include any Windows specific code (or a derivative thereof) from
-+ * the apps directory (application code) you must include an acknowledgement:
-+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
-+ *
-+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-+ * SUCH DAMAGE.
-+ *
-+ * The licence and distribution terms for any publically available version or
-+ * derivative of this code cannot be changed. i.e. this code cannot simply be
-+ * copied and put under another distribution licence
-+ * [including the GNU Public Licence.]
-+ */
-+
-+static const unsigned char odd_parity[256]={
-+ 1, 1, 2, 2, 4, 4, 7, 7, 8, 8, 11, 11, 13, 13, 14, 14,
-+ 16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
-+ 32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47,
-+ 49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62,
-+ 64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79,
-+ 81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94,
-+ 97, 97, 98, 98,100,100,103,103,104,104,107,107,109,109,110,110,
-+112,112,115,115,117,117,118,118,121,121,122,122,124,124,127,127,
-+128,128,131,131,133,133,134,134,137,137,138,138,140,140,143,143,
-+145,145,146,146,148,148,151,151,152,152,155,155,157,157,158,158,
-+161,161,162,162,164,164,167,167,168,168,171,171,173,173,174,174,
-+176,176,179,179,181,181,182,182,185,185,186,186,188,188,191,191,
-+193,193,194,194,196,196,199,199,200,200,203,203,205,205,206,206,
-+208,208,211,211,213,213,214,214,217,217,218,218,220,220,223,223,
-+224,224,227,227,229,229,230,230,233,233,234,234,236,236,239,239,
-+241,241,242,242,244,244,247,247,248,248,251,251,253,253,254,254};
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/des/sk.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,204 @@
-+/* crypto/des/sk.h */
-+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
-+ * All rights reserved.
-+ *
-+ * This package is an SSL implementation written
-+ * by Eric Young (eay@cryptsoft.com).
-+ * The implementation was written so as to conform with Netscapes SSL.
-+ *
-+ * This library is free for commercial and non-commercial use as long as
-+ * the following conditions are aheared to. The following conditions
-+ * apply to all code found in this distribution, be it the RC4, RSA,
-+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
-+ * included with this distribution is covered by the same copyright terms
-+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
-+ *
-+ * Copyright remains Eric Young's, and as such any Copyright notices in
-+ * the code are not to be removed.
-+ * If this package is used in a product, Eric Young should be given attribution
-+ * as the author of the parts of the library used.
-+ * This can be in the form of a textual message at program startup or
-+ * in documentation (online or textual) provided with the package.
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions
-+ * are met:
-+ * 1. Redistributions of source code must retain the copyright
-+ * notice, this list of conditions and the following disclaimer.
-+ * 2. Redistributions in binary form must reproduce the above copyright
-+ * notice, this list of conditions and the following disclaimer in the
-+ * documentation and/or other materials provided with the distribution.
-+ * 3. All advertising materials mentioning features or use of this software
-+ * must display the following acknowledgement:
-+ * "This product includes cryptographic software written by
-+ * Eric Young (eay@cryptsoft.com)"
-+ * The word 'cryptographic' can be left out if the rouines from the library
-+ * being used are not cryptographic related :-).
-+ * 4. If you include any Windows specific code (or a derivative thereof) from
-+ * the apps directory (application code) you must include an acknowledgement:
-+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
-+ *
-+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-+ * SUCH DAMAGE.
-+ *
-+ * The licence and distribution terms for any publically available version or
-+ * derivative of this code cannot be changed. i.e. this code cannot simply be
-+ * copied and put under another distribution licence
-+ * [including the GNU Public Licence.]
-+ */
-+
-+static const DES_LONG des_skb[8][64]={
-+{
-+/* for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
-+0x00000000L,0x00000010L,0x20000000L,0x20000010L,
-+0x00010000L,0x00010010L,0x20010000L,0x20010010L,
-+0x00000800L,0x00000810L,0x20000800L,0x20000810L,
-+0x00010800L,0x00010810L,0x20010800L,0x20010810L,
-+0x00000020L,0x00000030L,0x20000020L,0x20000030L,
-+0x00010020L,0x00010030L,0x20010020L,0x20010030L,
-+0x00000820L,0x00000830L,0x20000820L,0x20000830L,
-+0x00010820L,0x00010830L,0x20010820L,0x20010830L,
-+0x00080000L,0x00080010L,0x20080000L,0x20080010L,
-+0x00090000L,0x00090010L,0x20090000L,0x20090010L,
-+0x00080800L,0x00080810L,0x20080800L,0x20080810L,
-+0x00090800L,0x00090810L,0x20090800L,0x20090810L,
-+0x00080020L,0x00080030L,0x20080020L,0x20080030L,
-+0x00090020L,0x00090030L,0x20090020L,0x20090030L,
-+0x00080820L,0x00080830L,0x20080820L,0x20080830L,
-+0x00090820L,0x00090830L,0x20090820L,0x20090830L,
-+},{
-+/* for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 */
-+0x00000000L,0x02000000L,0x00002000L,0x02002000L,
-+0x00200000L,0x02200000L,0x00202000L,0x02202000L,
-+0x00000004L,0x02000004L,0x00002004L,0x02002004L,
-+0x00200004L,0x02200004L,0x00202004L,0x02202004L,
-+0x00000400L,0x02000400L,0x00002400L,0x02002400L,
-+0x00200400L,0x02200400L,0x00202400L,0x02202400L,
-+0x00000404L,0x02000404L,0x00002404L,0x02002404L,
-+0x00200404L,0x02200404L,0x00202404L,0x02202404L,
-+0x10000000L,0x12000000L,0x10002000L,0x12002000L,
-+0x10200000L,0x12200000L,0x10202000L,0x12202000L,
-+0x10000004L,0x12000004L,0x10002004L,0x12002004L,
-+0x10200004L,0x12200004L,0x10202004L,0x12202004L,
-+0x10000400L,0x12000400L,0x10002400L,0x12002400L,
-+0x10200400L,0x12200400L,0x10202400L,0x12202400L,
-+0x10000404L,0x12000404L,0x10002404L,0x12002404L,
-+0x10200404L,0x12200404L,0x10202404L,0x12202404L,
-+},{
-+/* for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 */
-+0x00000000L,0x00000001L,0x00040000L,0x00040001L,
-+0x01000000L,0x01000001L,0x01040000L,0x01040001L,
-+0x00000002L,0x00000003L,0x00040002L,0x00040003L,
-+0x01000002L,0x01000003L,0x01040002L,0x01040003L,
-+0x00000200L,0x00000201L,0x00040200L,0x00040201L,
-+0x01000200L,0x01000201L,0x01040200L,0x01040201L,
-+0x00000202L,0x00000203L,0x00040202L,0x00040203L,
-+0x01000202L,0x01000203L,0x01040202L,0x01040203L,
-+0x08000000L,0x08000001L,0x08040000L,0x08040001L,
-+0x09000000L,0x09000001L,0x09040000L,0x09040001L,
-+0x08000002L,0x08000003L,0x08040002L,0x08040003L,
-+0x09000002L,0x09000003L,0x09040002L,0x09040003L,
-+0x08000200L,0x08000201L,0x08040200L,0x08040201L,
-+0x09000200L,0x09000201L,0x09040200L,0x09040201L,
-+0x08000202L,0x08000203L,0x08040202L,0x08040203L,
-+0x09000202L,0x09000203L,0x09040202L,0x09040203L,
-+},{
-+/* for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 */
-+0x00000000L,0x00100000L,0x00000100L,0x00100100L,
-+0x00000008L,0x00100008L,0x00000108L,0x00100108L,
-+0x00001000L,0x00101000L,0x00001100L,0x00101100L,
-+0x00001008L,0x00101008L,0x00001108L,0x00101108L,
-+0x04000000L,0x04100000L,0x04000100L,0x04100100L,
-+0x04000008L,0x04100008L,0x04000108L,0x04100108L,
-+0x04001000L,0x04101000L,0x04001100L,0x04101100L,
-+0x04001008L,0x04101008L,0x04001108L,0x04101108L,
-+0x00020000L,0x00120000L,0x00020100L,0x00120100L,
-+0x00020008L,0x00120008L,0x00020108L,0x00120108L,
-+0x00021000L,0x00121000L,0x00021100L,0x00121100L,
-+0x00021008L,0x00121008L,0x00021108L,0x00121108L,
-+0x04020000L,0x04120000L,0x04020100L,0x04120100L,
-+0x04020008L,0x04120008L,0x04020108L,0x04120108L,
-+0x04021000L,0x04121000L,0x04021100L,0x04121100L,
-+0x04021008L,0x04121008L,0x04021108L,0x04121108L,
-+},{
-+/* for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
-+0x00000000L,0x10000000L,0x00010000L,0x10010000L,
-+0x00000004L,0x10000004L,0x00010004L,0x10010004L,
-+0x20000000L,0x30000000L,0x20010000L,0x30010000L,
-+0x20000004L,0x30000004L,0x20010004L,0x30010004L,
-+0x00100000L,0x10100000L,0x00110000L,0x10110000L,
-+0x00100004L,0x10100004L,0x00110004L,0x10110004L,
-+0x20100000L,0x30100000L,0x20110000L,0x30110000L,
-+0x20100004L,0x30100004L,0x20110004L,0x30110004L,
-+0x00001000L,0x10001000L,0x00011000L,0x10011000L,
-+0x00001004L,0x10001004L,0x00011004L,0x10011004L,
-+0x20001000L,0x30001000L,0x20011000L,0x30011000L,
-+0x20001004L,0x30001004L,0x20011004L,0x30011004L,
-+0x00101000L,0x10101000L,0x00111000L,0x10111000L,
-+0x00101004L,0x10101004L,0x00111004L,0x10111004L,
-+0x20101000L,0x30101000L,0x20111000L,0x30111000L,
-+0x20101004L,0x30101004L,0x20111004L,0x30111004L,
-+},{
-+/* for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 */
-+0x00000000L,0x08000000L,0x00000008L,0x08000008L,
-+0x00000400L,0x08000400L,0x00000408L,0x08000408L,
-+0x00020000L,0x08020000L,0x00020008L,0x08020008L,
-+0x00020400L,0x08020400L,0x00020408L,0x08020408L,
-+0x00000001L,0x08000001L,0x00000009L,0x08000009L,
-+0x00000401L,0x08000401L,0x00000409L,0x08000409L,
-+0x00020001L,0x08020001L,0x00020009L,0x08020009L,
-+0x00020401L,0x08020401L,0x00020409L,0x08020409L,
-+0x02000000L,0x0A000000L,0x02000008L,0x0A000008L,
-+0x02000400L,0x0A000400L,0x02000408L,0x0A000408L,
-+0x02020000L,0x0A020000L,0x02020008L,0x0A020008L,
-+0x02020400L,0x0A020400L,0x02020408L,0x0A020408L,
-+0x02000001L,0x0A000001L,0x02000009L,0x0A000009L,
-+0x02000401L,0x0A000401L,0x02000409L,0x0A000409L,
-+0x02020001L,0x0A020001L,0x02020009L,0x0A020009L,
-+0x02020401L,0x0A020401L,0x02020409L,0x0A020409L,
-+},{
-+/* for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 */
-+0x00000000L,0x00000100L,0x00080000L,0x00080100L,
-+0x01000000L,0x01000100L,0x01080000L,0x01080100L,
-+0x00000010L,0x00000110L,0x00080010L,0x00080110L,
-+0x01000010L,0x01000110L,0x01080010L,0x01080110L,
-+0x00200000L,0x00200100L,0x00280000L,0x00280100L,
-+0x01200000L,0x01200100L,0x01280000L,0x01280100L,
-+0x00200010L,0x00200110L,0x00280010L,0x00280110L,
-+0x01200010L,0x01200110L,0x01280010L,0x01280110L,
-+0x00000200L,0x00000300L,0x00080200L,0x00080300L,
-+0x01000200L,0x01000300L,0x01080200L,0x01080300L,
-+0x00000210L,0x00000310L,0x00080210L,0x00080310L,
-+0x01000210L,0x01000310L,0x01080210L,0x01080310L,
-+0x00200200L,0x00200300L,0x00280200L,0x00280300L,
-+0x01200200L,0x01200300L,0x01280200L,0x01280300L,
-+0x00200210L,0x00200310L,0x00280210L,0x00280310L,
-+0x01200210L,0x01200310L,0x01280210L,0x01280310L,
-+},{
-+/* for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 */
-+0x00000000L,0x04000000L,0x00040000L,0x04040000L,
-+0x00000002L,0x04000002L,0x00040002L,0x04040002L,
-+0x00002000L,0x04002000L,0x00042000L,0x04042000L,
-+0x00002002L,0x04002002L,0x00042002L,0x04042002L,
-+0x00000020L,0x04000020L,0x00040020L,0x04040020L,
-+0x00000022L,0x04000022L,0x00040022L,0x04040022L,
-+0x00002020L,0x04002020L,0x00042020L,0x04042020L,
-+0x00002022L,0x04002022L,0x00042022L,0x04042022L,
-+0x00000800L,0x04000800L,0x00040800L,0x04040800L,
-+0x00000802L,0x04000802L,0x00040802L,0x04040802L,
-+0x00002800L,0x04002800L,0x00042800L,0x04042800L,
-+0x00002802L,0x04002802L,0x00042802L,0x04042802L,
-+0x00000820L,0x04000820L,0x00040820L,0x04040820L,
-+0x00000822L,0x04000822L,0x00040822L,0x04040822L,
-+0x00002820L,0x04002820L,0x00042820L,0x04042820L,
-+0x00002822L,0x04002822L,0x00042822L,0x04042822L,
-+}};
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/des/spr.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,204 @@
-+/* crypto/des/spr.h */
-+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
-+ * All rights reserved.
-+ *
-+ * This package is an SSL implementation written
-+ * by Eric Young (eay@cryptsoft.com).
-+ * The implementation was written so as to conform with Netscapes SSL.
-+ *
-+ * This library is free for commercial and non-commercial use as long as
-+ * the following conditions are aheared to. The following conditions
-+ * apply to all code found in this distribution, be it the RC4, RSA,
-+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
-+ * included with this distribution is covered by the same copyright terms
-+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
-+ *
-+ * Copyright remains Eric Young's, and as such any Copyright notices in
-+ * the code are not to be removed.
-+ * If this package is used in a product, Eric Young should be given attribution
-+ * as the author of the parts of the library used.
-+ * This can be in the form of a textual message at program startup or
-+ * in documentation (online or textual) provided with the package.
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions
-+ * are met:
-+ * 1. Redistributions of source code must retain the copyright
-+ * notice, this list of conditions and the following disclaimer.
-+ * 2. Redistributions in binary form must reproduce the above copyright
-+ * notice, this list of conditions and the following disclaimer in the
-+ * documentation and/or other materials provided with the distribution.
-+ * 3. All advertising materials mentioning features or use of this software
-+ * must display the following acknowledgement:
-+ * "This product includes cryptographic software written by
-+ * Eric Young (eay@cryptsoft.com)"
-+ * The word 'cryptographic' can be left out if the rouines from the library
-+ * being used are not cryptographic related :-).
-+ * 4. If you include any Windows specific code (or a derivative thereof) from
-+ * the apps directory (application code) you must include an acknowledgement:
-+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
-+ *
-+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-+ * SUCH DAMAGE.
-+ *
-+ * The licence and distribution terms for any publically available version or
-+ * derivative of this code cannot be changed. i.e. this code cannot simply be
-+ * copied and put under another distribution licence
-+ * [including the GNU Public Licence.]
-+ */
-+
-+const DES_LONG des_SPtrans[8][64]={
-+{
-+/* nibble 0 */
-+0x02080800L, 0x00080000L, 0x02000002L, 0x02080802L,
-+0x02000000L, 0x00080802L, 0x00080002L, 0x02000002L,
-+0x00080802L, 0x02080800L, 0x02080000L, 0x00000802L,
-+0x02000802L, 0x02000000L, 0x00000000L, 0x00080002L,
-+0x00080000L, 0x00000002L, 0x02000800L, 0x00080800L,
-+0x02080802L, 0x02080000L, 0x00000802L, 0x02000800L,
-+0x00000002L, 0x00000800L, 0x00080800L, 0x02080002L,
-+0x00000800L, 0x02000802L, 0x02080002L, 0x00000000L,
-+0x00000000L, 0x02080802L, 0x02000800L, 0x00080002L,
-+0x02080800L, 0x00080000L, 0x00000802L, 0x02000800L,
-+0x02080002L, 0x00000800L, 0x00080800L, 0x02000002L,
-+0x00080802L, 0x00000002L, 0x02000002L, 0x02080000L,
-+0x02080802L, 0x00080800L, 0x02080000L, 0x02000802L,
-+0x02000000L, 0x00000802L, 0x00080002L, 0x00000000L,
-+0x00080000L, 0x02000000L, 0x02000802L, 0x02080800L,
-+0x00000002L, 0x02080002L, 0x00000800L, 0x00080802L,
-+},{
-+/* nibble 1 */
-+0x40108010L, 0x00000000L, 0x00108000L, 0x40100000L,
-+0x40000010L, 0x00008010L, 0x40008000L, 0x00108000L,
-+0x00008000L, 0x40100010L, 0x00000010L, 0x40008000L,
-+0x00100010L, 0x40108000L, 0x40100000L, 0x00000010L,
-+0x00100000L, 0x40008010L, 0x40100010L, 0x00008000L,
-+0x00108010L, 0x40000000L, 0x00000000L, 0x00100010L,
-+0x40008010L, 0x00108010L, 0x40108000L, 0x40000010L,
-+0x40000000L, 0x00100000L, 0x00008010L, 0x40108010L,
-+0x00100010L, 0x40108000L, 0x40008000L, 0x00108010L,
-+0x40108010L, 0x00100010L, 0x40000010L, 0x00000000L,
-+0x40000000L, 0x00008010L, 0x00100000L, 0x40100010L,
-+0x00008000L, 0x40000000L, 0x00108010L, 0x40008010L,
-+0x40108000L, 0x00008000L, 0x00000000L, 0x40000010L,
-+0x00000010L, 0x40108010L, 0x00108000L, 0x40100000L,
-+0x40100010L, 0x00100000L, 0x00008010L, 0x40008000L,
-+0x40008010L, 0x00000010L, 0x40100000L, 0x00108000L,
-+},{
-+/* nibble 2 */
-+0x04000001L, 0x04040100L, 0x00000100L, 0x04000101L,
-+0x00040001L, 0x04000000L, 0x04000101L, 0x00040100L,
-+0x04000100L, 0x00040000L, 0x04040000L, 0x00000001L,
-+0x04040101L, 0x00000101L, 0x00000001L, 0x04040001L,
-+0x00000000L, 0x00040001L, 0x04040100L, 0x00000100L,
-+0x00000101L, 0x04040101L, 0x00040000L, 0x04000001L,
-+0x04040001L, 0x04000100L, 0x00040101L, 0x04040000L,
-+0x00040100L, 0x00000000L, 0x04000000L, 0x00040101L,
-+0x04040100L, 0x00000100L, 0x00000001L, 0x00040000L,
-+0x00000101L, 0x00040001L, 0x04040000L, 0x04000101L,
-+0x00000000L, 0x04040100L, 0x00040100L, 0x04040001L,
-+0x00040001L, 0x04000000L, 0x04040101L, 0x00000001L,
-+0x00040101L, 0x04000001L, 0x04000000L, 0x04040101L,
-+0x00040000L, 0x04000100L, 0x04000101L, 0x00040100L,
-+0x04000100L, 0x00000000L, 0x04040001L, 0x00000101L,
-+0x04000001L, 0x00040101L, 0x00000100L, 0x04040000L,
-+},{
-+/* nibble 3 */
-+0x00401008L, 0x10001000L, 0x00000008L, 0x10401008L,
-+0x00000000L, 0x10400000L, 0x10001008L, 0x00400008L,
-+0x10401000L, 0x10000008L, 0x10000000L, 0x00001008L,
-+0x10000008L, 0x00401008L, 0x00400000L, 0x10000000L,
-+0x10400008L, 0x00401000L, 0x00001000L, 0x00000008L,
-+0x00401000L, 0x10001008L, 0x10400000L, 0x00001000L,
-+0x00001008L, 0x00000000L, 0x00400008L, 0x10401000L,
-+0x10001000L, 0x10400008L, 0x10401008L, 0x00400000L,
-+0x10400008L, 0x00001008L, 0x00400000L, 0x10000008L,
-+0x00401000L, 0x10001000L, 0x00000008L, 0x10400000L,
-+0x10001008L, 0x00000000L, 0x00001000L, 0x00400008L,
-+0x00000000L, 0x10400008L, 0x10401000L, 0x00001000L,
-+0x10000000L, 0x10401008L, 0x00401008L, 0x00400000L,
-+0x10401008L, 0x00000008L, 0x10001000L, 0x00401008L,
-+0x00400008L, 0x00401000L, 0x10400000L, 0x10001008L,
-+0x00001008L, 0x10000000L, 0x10000008L, 0x10401000L,
-+},{
-+/* nibble 4 */
-+0x08000000L, 0x00010000L, 0x00000400L, 0x08010420L,
-+0x08010020L, 0x08000400L, 0x00010420L, 0x08010000L,
-+0x00010000L, 0x00000020L, 0x08000020L, 0x00010400L,
-+0x08000420L, 0x08010020L, 0x08010400L, 0x00000000L,
-+0x00010400L, 0x08000000L, 0x00010020L, 0x00000420L,
-+0x08000400L, 0x00010420L, 0x00000000L, 0x08000020L,
-+0x00000020L, 0x08000420L, 0x08010420L, 0x00010020L,
-+0x08010000L, 0x00000400L, 0x00000420L, 0x08010400L,
-+0x08010400L, 0x08000420L, 0x00010020L, 0x08010000L,
-+0x00010000L, 0x00000020L, 0x08000020L, 0x08000400L,
-+0x08000000L, 0x00010400L, 0x08010420L, 0x00000000L,
-+0x00010420L, 0x08000000L, 0x00000400L, 0x00010020L,
-+0x08000420L, 0x00000400L, 0x00000000L, 0x08010420L,
-+0x08010020L, 0x08010400L, 0x00000420L, 0x00010000L,
-+0x00010400L, 0x08010020L, 0x08000400L, 0x00000420L,
-+0x00000020L, 0x00010420L, 0x08010000L, 0x08000020L,
-+},{
-+/* nibble 5 */
-+0x80000040L, 0x00200040L, 0x00000000L, 0x80202000L,
-+0x00200040L, 0x00002000L, 0x80002040L, 0x00200000L,
-+0x00002040L, 0x80202040L, 0x00202000L, 0x80000000L,
-+0x80002000L, 0x80000040L, 0x80200000L, 0x00202040L,
-+0x00200000L, 0x80002040L, 0x80200040L, 0x00000000L,
-+0x00002000L, 0x00000040L, 0x80202000L, 0x80200040L,
-+0x80202040L, 0x80200000L, 0x80000000L, 0x00002040L,
-+0x00000040L, 0x00202000L, 0x00202040L, 0x80002000L,
-+0x00002040L, 0x80000000L, 0x80002000L, 0x00202040L,
-+0x80202000L, 0x00200040L, 0x00000000L, 0x80002000L,
-+0x80000000L, 0x00002000L, 0x80200040L, 0x00200000L,
-+0x00200040L, 0x80202040L, 0x00202000L, 0x00000040L,
-+0x80202040L, 0x00202000L, 0x00200000L, 0x80002040L,
-+0x80000040L, 0x80200000L, 0x00202040L, 0x00000000L,
-+0x00002000L, 0x80000040L, 0x80002040L, 0x80202000L,
-+0x80200000L, 0x00002040L, 0x00000040L, 0x80200040L,
-+},{
-+/* nibble 6 */
-+0x00004000L, 0x00000200L, 0x01000200L, 0x01000004L,
-+0x01004204L, 0x00004004L, 0x00004200L, 0x00000000L,
-+0x01000000L, 0x01000204L, 0x00000204L, 0x01004000L,
-+0x00000004L, 0x01004200L, 0x01004000L, 0x00000204L,
-+0x01000204L, 0x00004000L, 0x00004004L, 0x01004204L,
-+0x00000000L, 0x01000200L, 0x01000004L, 0x00004200L,
-+0x01004004L, 0x00004204L, 0x01004200L, 0x00000004L,
-+0x00004204L, 0x01004004L, 0x00000200L, 0x01000000L,
-+0x00004204L, 0x01004000L, 0x01004004L, 0x00000204L,
-+0x00004000L, 0x00000200L, 0x01000000L, 0x01004004L,
-+0x01000204L, 0x00004204L, 0x00004200L, 0x00000000L,
-+0x00000200L, 0x01000004L, 0x00000004L, 0x01000200L,
-+0x00000000L, 0x01000204L, 0x01000200L, 0x00004200L,
-+0x00000204L, 0x00004000L, 0x01004204L, 0x01000000L,
-+0x01004200L, 0x00000004L, 0x00004004L, 0x01004204L,
-+0x01000004L, 0x01004200L, 0x01004000L, 0x00004004L,
-+},{
-+/* nibble 7 */
-+0x20800080L, 0x20820000L, 0x00020080L, 0x00000000L,
-+0x20020000L, 0x00800080L, 0x20800000L, 0x20820080L,
-+0x00000080L, 0x20000000L, 0x00820000L, 0x00020080L,
-+0x00820080L, 0x20020080L, 0x20000080L, 0x20800000L,
-+0x00020000L, 0x00820080L, 0x00800080L, 0x20020000L,
-+0x20820080L, 0x20000080L, 0x00000000L, 0x00820000L,
-+0x20000000L, 0x00800000L, 0x20020080L, 0x20800080L,
-+0x00800000L, 0x00020000L, 0x20820000L, 0x00000080L,
-+0x00800000L, 0x00020000L, 0x20000080L, 0x20820080L,
-+0x00020080L, 0x20000000L, 0x00000000L, 0x00820000L,
-+0x20800080L, 0x20020080L, 0x20020000L, 0x00800080L,
-+0x20820000L, 0x00000080L, 0x00800080L, 0x20020000L,
-+0x20820080L, 0x00800000L, 0x20800000L, 0x20000080L,
-+0x00820000L, 0x00020080L, 0x20020080L, 0x20800000L,
-+0x00000080L, 0x20820000L, 0x00820080L, 0x00000000L,
-+0x20000000L, 0x20800080L, 0x00020000L, 0x00820080L,
-+}};
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/mast.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,33 @@
-+struct mast_callbacks {
-+ int (*packet_encap)(struct device *mast, void *context,
-+ struct sk_buff *skb, int flowref);
-+ int (*link_inquire)(struct device *mast, void *context);
-+};
-+
-+
-+struct device *mast_init (int family,
-+ struct mast_callbacks *callbacks,
-+ unsigned int flags,
-+ unsigned int desired_unit,
-+ unsigned int max_flowref,
-+ void *context);
-+
-+int mast_destroy(struct device *mast);
-+
-+int mast_recv(struct device *mast, struct sk_buff *skb, int flowref);
-+
-+/* free this skb as being useless, increment failure count. */
-+int mast_toast(struct device *mast, struct sk_buff *skb, int flowref);
-+
-+int mast_linkstat (struct device *mast, int flowref,
-+ int status);
-+
-+int mast_setreference (struct device *mast,
-+ int defaultSA);
-+
-+int mast_setneighbor (struct device *mast,
-+ struct sockaddr *source,
-+ struct sockaddr *destination,
-+ int flowref);
-+
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,518 @@
-+#ifndef _OPENSWAN_H
-+/*
-+ * header file for FreeS/WAN library functions
-+ * Copyright (C) 1998, 1999, 2000 Henry Spencer.
-+ * Copyright (C) 1999, 2000, 2001 Richard Guy Briggs
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: openswan.h,v 1.93 2005-04-14 20:21:51 mcr Exp $
-+ */
-+#define _OPENSWAN_H /* seen it, no need to see it again */
-+
-+/* you'd think this should be builtin to compiler... */
-+#ifndef TRUE
-+#define TRUE 1
-+#endif
-+
-+#ifndef FALSE
-+#define FALSE 0
-+#endif
-+
-+
-+
-+/*
-+ * We've just got to have some datatypes defined... And annoyingly, just
-+ * where we get them depends on whether we're in userland or not.
-+ */
-+/* things that need to come from one place or the other, depending */
-+#ifdef __KERNEL__
-+#include <linux/types.h>
-+#include <linux/socket.h>
-+#include <linux/in.h>
-+#include <linux/string.h>
-+#include <linux/ctype.h>
-+#define user_assert(foo) /*nothing*/
-+#else
-+#include <sys/types.h>
-+#include <netinet/in.h>
-+#include <string.h>
-+#include <ctype.h>
-+#include <assert.h>
-+#define user_assert(foo) assert(foo)
-+#include <stdio.h>
-+
-+# define uint8_t u_int8_t
-+# define uint16_t u_int16_t
-+# define uint32_t u_int32_t
-+# define uint64_t u_int64_t
-+
-+
-+# define DEBUG_NO_STATIC static
-+
-+#endif
-+
-+#include <openswan/ipsec_param.h>
-+
-+
-+/*
-+ * Grab the kernel version to see if we have NET_21, and therefore
-+ * IPv6. Some of this is repeated from ipsec_kversions.h. Of course,
-+ * we aren't really testing if the kernel has IPv6, but rather if the
-+ * the include files do.
-+ */
-+#include <linux/version.h>
-+#ifndef KERNEL_VERSION
-+#define KERNEL_VERSION(x,y,z) (((x)<<16)+((y)<<8)+(z))
-+#endif
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,1,0)
-+#define NET_21
-+#endif
-+
-+#ifndef IPPROTO_COMP
-+# define IPPROTO_COMP 108
-+#endif /* !IPPROTO_COMP */
-+
-+#ifndef IPPROTO_INT
-+# define IPPROTO_INT 61
-+#endif /* !IPPROTO_INT */
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+#ifndef DEBUG_NO_STATIC
-+# define DEBUG_NO_STATIC
-+#endif
-+#else /* CONFIG_KLIPS_DEBUG */
-+#ifndef DEBUG_NO_STATIC
-+# define DEBUG_NO_STATIC static
-+#endif
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+#if !defined(ESPINUDP_WITH_NON_IKE)
-+#define ESPINUDP_WITH_NON_IKE 1 /* draft-ietf-ipsec-nat-t-ike-00/01 */
-+#define ESPINUDP_WITH_NON_ESP 2 /* draft-ietf-ipsec-nat-t-ike-02 */
-+#endif
-+
-+/*
-+ * Basic data types for the address-handling functions.
-+ * ip_address and ip_subnet are supposed to be opaque types; do not
-+ * use their definitions directly, they are subject to change!
-+ */
-+
-+/* first, some quick fakes in case we're on an old system with no IPv6 */
-+#ifndef s6_addr16
-+struct in6_addr {
-+ union
-+ {
-+ __u8 u6_addr8[16];
-+ __u16 u6_addr16[8];
-+ __u32 u6_addr32[4];
-+ } in6_u;
-+#define s6_addr in6_u.u6_addr8
-+#define s6_addr16 in6_u.u6_addr16
-+#define s6_addr32 in6_u.u6_addr32
-+};
-+struct sockaddr_in6 {
-+ unsigned short int sin6_family; /* AF_INET6 */
-+ __u16 sin6_port; /* Transport layer port # */
-+ __u32 sin6_flowinfo; /* IPv6 flow information */
-+ struct in6_addr sin6_addr; /* IPv6 address */
-+ __u32 sin6_scope_id; /* scope id (new in RFC2553) */
-+};
-+#endif /* !s6_addr16 */
-+
-+/* then the main types */
-+typedef struct {
-+ union {
-+ struct sockaddr_in v4;
-+ struct sockaddr_in6 v6;
-+ } u;
-+} ip_address;
-+typedef struct {
-+ ip_address addr;
-+ int maskbits;
-+} ip_subnet;
-+
-+/* and the SA ID stuff */
-+#ifdef __KERNEL__
-+typedef __u32 ipsec_spi_t;
-+#else
-+typedef u_int32_t ipsec_spi_t;
-+#endif
-+typedef struct { /* to identify an SA, we need: */
-+ ip_address dst; /* A. destination host */
-+ ipsec_spi_t spi; /* B. 32-bit SPI, assigned by dest. host */
-+# define SPI_PASS 256 /* magic values... */
-+# define SPI_DROP 257 /* ...for use... */
-+# define SPI_REJECT 258 /* ...with SA_INT */
-+# define SPI_HOLD 259
-+# define SPI_TRAP 260
-+# define SPI_TRAPSUBNET 261
-+ int proto; /* C. protocol */
-+# define SA_ESP 50 /* IPPROTO_ESP */
-+# define SA_AH 51 /* IPPROTO_AH */
-+# define SA_IPIP 4 /* IPPROTO_IPIP */
-+# define SA_COMP 108 /* IPPROTO_COMP */
-+# define SA_INT 61 /* IANA reserved for internal use */
-+} ip_said;
-+
-+/* misc */
-+typedef const char *err_t; /* error message, or NULL for success */
-+struct prng { /* pseudo-random-number-generator guts */
-+ unsigned char sbox[256];
-+ int i, j;
-+ unsigned long count;
-+};
-+
-+
-+/*
-+ * definitions for user space, taken from freeswan/ipsec_sa.h
-+ */
-+typedef uint32_t IPsecSAref_t;
-+
-+#define IPSEC_SA_REF_FIELD_WIDTH (8 * sizeof(IPsecSAref_t))
-+
-+#define IPsecSAref2NFmark(x) ((x) << (IPSEC_SA_REF_FIELD_WIDTH - IPSEC_SA_REF_TABLE_IDX_WIDTH))
-+#define NFmark2IPsecSAref(x) ((x) >> (IPSEC_SA_REF_FIELD_WIDTH - IPSEC_SA_REF_TABLE_IDX_WIDTH))
-+
-+#define IPSEC_SAREF_NULL (~((IPsecSAref_t)0))
-+
-+/* GCC magic for use in function definitions! */
-+#ifdef GCC_LINT
-+# define PRINTF_LIKE(n) __attribute__ ((format(printf, n, n+1)))
-+# define NEVER_RETURNS __attribute__ ((noreturn))
-+# define UNUSED __attribute__ ((unused))
-+# define BLANK_FORMAT " " /* GCC_LINT whines about empty formats */
-+#else
-+# define PRINTF_LIKE(n) /* ignore */
-+# define NEVER_RETURNS /* ignore */
-+# define UNUSED /* ignore */
-+# define BLANK_FORMAT ""
-+#endif
-+
-+
-+
-+
-+
-+/*
-+ * new IPv6-compatible functions
-+ */
-+
-+/* text conversions */
-+err_t ttoul(const char *src, size_t srclen, int format, unsigned long *dst);
-+size_t ultot(unsigned long src, int format, char *buf, size_t buflen);
-+#define ULTOT_BUF (22+1) /* holds 64 bits in octal */
-+err_t ttoaddr(const char *src, size_t srclen, int af, ip_address *dst);
-+err_t tnatoaddr(const char *src, size_t srclen, int af, ip_address *dst);
-+size_t addrtot(const ip_address *src, int format, char *buf, size_t buflen);
-+/* RFC 1886 old IPv6 reverse-lookup format is the bulkiest */
-+#define ADDRTOT_BUF (32*2 + 3 + 1 + 3 + 1 + 1)
-+err_t ttosubnet(const char *src, size_t srclen, int af, ip_subnet *dst);
-+size_t subnettot(const ip_subnet *src, int format, char *buf, size_t buflen);
-+#define SUBNETTOT_BUF (ADDRTOT_BUF + 1 + 3)
-+size_t subnetporttot(const ip_subnet *src, int format, char *buf, size_t buflen);
-+#define SUBNETPROTOTOT_BUF (SUBNETTOTO_BUF + ULTOT_BUF)
-+err_t ttosa(const char *src, size_t srclen, ip_said *dst);
-+size_t satot(const ip_said *src, int format, char *bufptr, size_t buflen);
-+#define SATOT_BUF (5 + ULTOA_BUF + 1 + ADDRTOT_BUF)
-+err_t ttodata(const char *src, size_t srclen, int base, char *buf,
-+ size_t buflen, size_t *needed);
-+err_t ttodatav(const char *src, size_t srclen, int base,
-+ char *buf, size_t buflen, size_t *needed,
-+ char *errp, size_t errlen, unsigned int flags);
-+#define TTODATAV_BUF 40 /* ttodatav's largest non-literal message */
-+#define TTODATAV_IGNORESPACE (1<<1) /* ignore spaces in base64 encodings*/
-+#define TTODATAV_SPACECOUNTS 0 /* do not ignore spaces in base64 */
-+
-+size_t datatot(const char *src, size_t srclen, int format, char *buf,
-+ size_t buflen);
-+size_t keyblobtoid(const unsigned char *src, size_t srclen, char *dst,
-+ size_t dstlen);
-+size_t splitkeytoid(const unsigned char *e, size_t elen, const unsigned char *m,
-+ size_t mlen, char *dst, size_t dstlen);
-+#define KEYID_BUF 10 /* up to 9 text digits plus NUL */
-+err_t ttoprotoport(char *src, size_t src_len, u_int8_t *proto, u_int16_t *port,
-+ int *has_port_wildcard);
-+
-+/* initializations */
-+void initsaid(const ip_address *addr, ipsec_spi_t spi, int proto, ip_said *dst);
-+err_t loopbackaddr(int af, ip_address *dst);
-+err_t unspecaddr(int af, ip_address *dst);
-+err_t anyaddr(int af, ip_address *dst);
-+err_t initaddr(const unsigned char *src, size_t srclen, int af, ip_address *dst);
-+err_t initsubnet(const ip_address *addr, int maskbits, int clash, ip_subnet *dst);
-+err_t addrtosubnet(const ip_address *addr, ip_subnet *dst);
-+
-+/* misc. conversions and related */
-+err_t rangetosubnet(const ip_address *from, const ip_address *to, ip_subnet *dst);
-+int addrtypeof(const ip_address *src);
-+int subnettypeof(const ip_subnet *src);
-+size_t addrlenof(const ip_address *src);
-+size_t addrbytesptr(const ip_address *src, const unsigned char **dst);
-+size_t addrbytesof(const ip_address *src, unsigned char *dst, size_t dstlen);
-+int masktocount(const ip_address *src);
-+void networkof(const ip_subnet *src, ip_address *dst);
-+void maskof(const ip_subnet *src, ip_address *dst);
-+
-+/* tests */
-+int sameaddr(const ip_address *a, const ip_address *b);
-+int addrcmp(const ip_address *a, const ip_address *b);
-+int samesubnet(const ip_subnet *a, const ip_subnet *b);
-+int addrinsubnet(const ip_address *a, const ip_subnet *s);
-+int subnetinsubnet(const ip_subnet *a, const ip_subnet *b);
-+int subnetishost(const ip_subnet *s);
-+int samesaid(const ip_said *a, const ip_said *b);
-+int sameaddrtype(const ip_address *a, const ip_address *b);
-+int samesubnettype(const ip_subnet *a, const ip_subnet *b);
-+int isanyaddr(const ip_address *src);
-+int isunspecaddr(const ip_address *src);
-+int isloopbackaddr(const ip_address *src);
-+
-+/* low-level grot */
-+int portof(const ip_address *src);
-+void setportof(int port, ip_address *dst);
-+struct sockaddr *sockaddrof(ip_address *src);
-+size_t sockaddrlenof(const ip_address *src);
-+
-+/* PRNG */
-+void prng_init(struct prng *prng, const unsigned char *key, size_t keylen);
-+void prng_bytes(struct prng *prng, unsigned char *dst, size_t dstlen);
-+unsigned long prng_count(struct prng *prng);
-+void prng_final(struct prng *prng);
-+
-+/* odds and ends */
-+const char *ipsec_version_code(void);
-+const char *ipsec_version_string(void);
-+const char **ipsec_copyright_notice(void);
-+
-+const char *dns_string_rr(int rr, char *buf, int bufsize);
-+const char *dns_string_datetime(time_t seconds,
-+ char *buf,
-+ int bufsize);
-+
-+
-+/*
-+ * old functions, to be deleted eventually
-+ */
-+
-+/* unsigned long */
-+const char * /* NULL for success, else string literal */
-+atoul(
-+ const char *src,
-+ size_t srclen, /* 0 means strlen(src) */
-+ int base, /* 0 means figure it out */
-+ unsigned long *resultp
-+);
-+size_t /* space needed for full conversion */
-+ultoa(
-+ unsigned long n,
-+ int base,
-+ char *dst,
-+ size_t dstlen
-+);
-+#define ULTOA_BUF 21 /* just large enough for largest result, */
-+ /* assuming 64-bit unsigned long! */
-+
-+/* Internet addresses */
-+const char * /* NULL for success, else string literal */
-+atoaddr(
-+ const char *src,
-+ size_t srclen, /* 0 means strlen(src) */
-+ struct in_addr *addr
-+);
-+size_t /* space needed for full conversion */
-+addrtoa(
-+ struct in_addr addr,
-+ int format, /* character; 0 means default */
-+ char *dst,
-+ size_t dstlen
-+);
-+#define ADDRTOA_BUF 16 /* just large enough for largest result */
-+
-+/* subnets */
-+const char * /* NULL for success, else string literal */
-+atosubnet(
-+ const char *src,
-+ size_t srclen, /* 0 means strlen(src) */
-+ struct in_addr *addr,
-+ struct in_addr *mask
-+);
-+size_t /* space needed for full conversion */
-+subnettoa(
-+ struct in_addr addr,
-+ struct in_addr mask,
-+ int format, /* character; 0 means default */
-+ char *dst,
-+ size_t dstlen
-+);
-+#define SUBNETTOA_BUF 32 /* large enough for worst case result */
-+
-+/* ranges */
-+const char * /* NULL for success, else string literal */
-+atoasr(
-+ const char *src,
-+ size_t srclen, /* 0 means strlen(src) */
-+ char *type, /* 'a', 's', 'r' */
-+ struct in_addr *addrs /* two-element array */
-+);
-+size_t /* space needed for full conversion */
-+rangetoa(
-+ struct in_addr *addrs, /* two-element array */
-+ int format, /* character; 0 means default */
-+ char *dst,
-+ size_t dstlen
-+);
-+#define RANGETOA_BUF 34 /* large enough for worst case result */
-+
-+/* data types for SA conversion functions */
-+
-+/* generic data, e.g. keys */
-+const char * /* NULL for success, else string literal */
-+atobytes(
-+ const char *src,
-+ size_t srclen, /* 0 means strlen(src) */
-+ char *dst,
-+ size_t dstlen,
-+ size_t *lenp /* NULL means don't bother telling me */
-+);
-+size_t /* 0 failure, else true size */
-+bytestoa(
-+ const char *src,
-+ size_t srclen,
-+ int format, /* character; 0 means default */
-+ char *dst,
-+ size_t dstlen
-+);
-+
-+/* old versions of generic-data functions; deprecated */
-+size_t /* 0 failure, else true size */
-+atodata(
-+ const char *src,
-+ size_t srclen, /* 0 means strlen(src) */
-+ char *dst,
-+ size_t dstlen
-+);
-+size_t /* 0 failure, else true size */
-+datatoa(
-+ const char *src,
-+ size_t srclen,
-+ int format, /* character; 0 means default */
-+ char *dst,
-+ size_t dstlen
-+);
-+
-+/* part extraction and special addresses */
-+struct in_addr
-+subnetof(
-+ struct in_addr addr,
-+ struct in_addr mask
-+);
-+struct in_addr
-+hostof(
-+ struct in_addr addr,
-+ struct in_addr mask
-+);
-+struct in_addr
-+broadcastof(
-+ struct in_addr addr,
-+ struct in_addr mask
-+);
-+
-+/* mask handling */
-+int
-+goodmask(
-+ struct in_addr mask
-+);
-+int
-+masktobits(
-+ struct in_addr mask
-+);
-+struct in_addr
-+bitstomask(
-+ int n
-+);
-+
-+
-+
-+/*
-+ * general utilities
-+ */
-+
-+#ifndef __KERNEL__
-+/* option pickup from files (userland only because of use of FILE) */
-+const char *optionsfrom(const char *filename, int *argcp, char ***argvp,
-+ int optind, FILE *errorreport);
-+
-+/* sanitize a string */
-+extern size_t sanitize_string(char *buf, size_t size);
-+
-+#endif
-+
-+
-+/*
-+ * ENUM of klips debugging values. Not currently used in klips.
-+ * debug flag is actually 32 -bits, but only one bit is ever used,
-+ * so we can actually pack it all into a single 32-bit word.
-+ */
-+enum klips_debug_flags {
-+ KDF_VERBOSE = 0,
-+ KDF_XMIT = 1,
-+ KDF_NETLINK = 2, /* obsolete */
-+ KDF_XFORM = 3,
-+ KDF_EROUTE = 4,
-+ KDF_SPI = 5,
-+ KDF_RADIJ = 6,
-+ KDF_ESP = 7,
-+ KDF_AH = 8, /* obsolete */
-+ KDF_RCV = 9,
-+ KDF_TUNNEL = 10,
-+ KDF_PFKEY = 11,
-+ KDF_COMP = 12
-+};
-+
-+
-+/*
-+ * Debugging levels for pfkey_lib_debug
-+ */
-+#define PF_KEY_DEBUG_PARSE_NONE 0
-+#define PF_KEY_DEBUG_PARSE_PROBLEM 1
-+#define PF_KEY_DEBUG_PARSE_STRUCT 2
-+#define PF_KEY_DEBUG_PARSE_FLOW 4
-+#define PF_KEY_DEBUG_BUILD 8
-+#define PF_KEY_DEBUG_PARSE_MAX 15
-+
-+extern unsigned int pfkey_lib_debug; /* bits selecting what to report */
-+
-+/*
-+ * pluto and lwdnsq need to know the maximum size of the commands to,
-+ * and replies from lwdnsq.
-+ */
-+
-+#define LWDNSQ_CMDBUF_LEN 1024
-+#define LWDNSQ_RESULT_LEN_MAX 4096
-+
-+
-+/* syntax for passthrough SA */
-+#ifndef PASSTHROUGHNAME
-+#define PASSTHROUGHNAME "%passthrough"
-+#define PASSTHROUGH4NAME "%passthrough4"
-+#define PASSTHROUGH6NAME "%passthrough6"
-+#define PASSTHROUGHIS "tun0@0.0.0.0"
-+#define PASSTHROUGH4IS "tun0@0.0.0.0"
-+#define PASSTHROUGH6IS "tun0@::"
-+#define PASSTHROUGHTYPE "tun"
-+#define PASSTHROUGHSPI 0
-+#define PASSTHROUGHDST 0
-+#endif
-+
-+
-+
-+#endif /* _OPENSWAN_H */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipcomp.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,61 @@
-+/*
-+ * IPCOMP zlib interface code.
-+ * Copyright (C) 2000 Svenning Soerensen <svenning@post5.tele.dk>
-+ * Copyright (C) 2000, 2001 Richard Guy Briggs <rgb@conscoop.ottawa.on.ca>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+
-+ RCSID $Id: ipcomp.h,v 1.14 2004-07-10 19:08:41 mcr Exp $
-+
-+ */
-+
-+/* SSS */
-+
-+#ifndef _IPCOMP_H
-+#define _IPCOMP_H
-+
-+/* Prefix all global deflate symbols with "ipcomp_" to avoid collisions with ppp_deflate & ext2comp */
-+#ifndef IPCOMP_PREFIX
-+#define IPCOMP_PREFIX
-+#endif /* IPCOMP_PREFIX */
-+
-+#ifndef IPPROTO_COMP
-+#define IPPROTO_COMP 108
-+#endif /* IPPROTO_COMP */
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+extern int sysctl_ipsec_debug_ipcomp;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+struct ipcomphdr { /* IPCOMP header */
-+ __u8 ipcomp_nh; /* Next header (protocol) */
-+ __u8 ipcomp_flags; /* Reserved, must be 0 */
-+ __u16 ipcomp_cpi; /* Compression Parameter Index */
-+};
-+
-+extern struct inet_protocol comp_protocol;
-+extern int sysctl_ipsec_debug_ipcomp;
-+
-+#define IPCOMP_UNCOMPRESSABLE 0x000000001
-+#define IPCOMP_COMPRESSIONERROR 0x000000002
-+#define IPCOMP_PARMERROR 0x000000004
-+#define IPCOMP_DECOMPRESSIONERROR 0x000000008
-+
-+#define IPCOMP_ADAPT_INITIAL_TRIES 8
-+#define IPCOMP_ADAPT_INITIAL_SKIP 4
-+#define IPCOMP_ADAPT_SUBSEQ_TRIES 2
-+#define IPCOMP_ADAPT_SUBSEQ_SKIP 8
-+
-+/* Function prototypes */
-+struct sk_buff *skb_compress(struct sk_buff *skb, struct ipsec_sa *ips, unsigned int *flags);
-+struct sk_buff *skb_decompress(struct sk_buff *skb, struct ipsec_sa *ips, unsigned int *flags);
-+
-+#endif /* _IPCOMP_H */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_ah.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,200 @@
-+/*
-+ * Authentication Header declarations
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998, 1999, 2000, 2001 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_ah.h,v 1.26 2004-09-13 02:22:10 mcr Exp $
-+ */
-+
-+#include "ipsec_md5h.h"
-+#include "ipsec_sha1.h"
-+
-+#ifndef IPPROTO_AH
-+#define IPPROTO_AH 51
-+#endif /* IPPROTO_AH */
-+
-+#include "ipsec_auth.h"
-+
-+#ifdef __KERNEL__
-+
-+extern struct inet_protocol ah_protocol;
-+
-+struct options;
-+
-+struct ahhdr /* Generic AH header */
-+{
-+ __u8 ah_nh; /* Next header (protocol) */
-+ __u8 ah_hl; /* AH length, in 32-bit words */
-+ __u16 ah_rv; /* reserved, must be 0 */
-+ __u32 ah_spi; /* Security Parameters Index */
-+ __u32 ah_rpl; /* Replay prevention */
-+ __u8 ah_data[AHHMAC_HASHLEN];/* Authentication hash */
-+};
-+#define AH_BASIC_LEN 8 /* basic AH header is 8 bytes, nh,hl,rv,spi
-+ * and the ah_hl, says how many bytes after that
-+ * to cover. */
-+
-+extern struct xform_functions ah_xform_funcs[];
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+extern int debug_ah;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+#endif /* __KERNEL__ */
-+
-+/*
-+ * $Log: ipsec_ah.h,v $
-+ * Revision 1.26 2004-09-13 02:22:10 mcr
-+ * #define inet_protocol if necessary.
-+ *
-+ * Revision 1.25 2004/09/06 18:35:41 mcr
-+ * 2.6.8.1 gets rid of inet_protocol->net_protocol compatibility,
-+ * so adjust for that.
-+ *
-+ * Revision 1.24 2004/07/10 19:08:41 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.23 2004/04/05 19:55:04 mcr
-+ * Moved from linux/include/freeswan/ipsec_ah.h,v
-+ *
-+ * Revision 1.22 2004/04/05 19:41:05 mcr
-+ * merged alg-branch code.
-+ *
-+ * Revision 1.21 2003/12/13 19:10:16 mcr
-+ * refactored rcv and xmit code - same as FS 2.05.
-+ *
-+ * Revision 1.22 2003/12/11 20:14:58 mcr
-+ * refactored the xmit code, to move all encapsulation
-+ * code into protocol functions. Note that all functions
-+ * are essentially done by a single function, which is probably
-+ * wrong.
-+ * the rcv_functions structures are renamed xform_functions.
-+ *
-+ * Revision 1.21 2003/12/06 21:21:19 mcr
-+ * split up receive path into per-transform files, for
-+ * easier later removal.
-+ *
-+ * Revision 1.20.8.1 2003/12/22 15:25:52 jjo
-+ * Merged algo-0.8.1-rc11-test1 into alg-branch
-+ *
-+ * Revision 1.20 2003/02/06 02:21:34 rgb
-+ *
-+ * Moved "struct auth_alg" from ipsec_rcv.c to ipsec_ah.h .
-+ * Changed "struct ah" to "struct ahhdr" and "struct esp" to "struct esphdr".
-+ * Removed "#ifdef INBOUND_POLICY_CHECK_eroute" dead code.
-+ *
-+ * Revision 1.19 2002/09/16 21:19:13 mcr
-+ * fixes for west-ah-icmp-01 - length of AH header must be
-+ * calculated properly, and next_header field properly copied.
-+ *
-+ * Revision 1.18 2002/05/14 02:37:02 rgb
-+ * Change reference from _TDB to _IPSA.
-+ *
-+ * Revision 1.17 2002/04/24 07:36:46 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_ah.h,v
-+ *
-+ * Revision 1.16 2002/02/20 01:27:06 rgb
-+ * Ditched a pile of structs only used by the old Netlink interface.
-+ *
-+ * Revision 1.15 2001/12/11 02:35:57 rgb
-+ * Change "struct net_device" to "struct device" for 2.2 compatibility.
-+ *
-+ * Revision 1.14 2001/11/26 09:23:47 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.13.2.1 2001/09/25 02:18:24 mcr
-+ * replace "struct device" with "struct netdevice"
-+ *
-+ * Revision 1.13 2001/06/14 19:35:08 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.12 2000/09/12 03:21:20 rgb
-+ * Cleared out unused htonq.
-+ *
-+ * Revision 1.11 2000/09/08 19:12:55 rgb
-+ * Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
-+ *
-+ * Revision 1.10 2000/01/21 06:13:10 rgb
-+ * Tidied up spacing.
-+ * Added macros for HMAC padding magic numbers.(kravietz)
-+ *
-+ * Revision 1.9 1999/12/07 18:16:23 rgb
-+ * Fixed comments at end of #endif lines.
-+ *
-+ * Revision 1.8 1999/04/11 00:28:56 henry
-+ * GPL boilerplate
-+ *
-+ * Revision 1.7 1999/04/06 04:54:25 rgb
-+ * Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+ * patch shell fixes.
-+ *
-+ * Revision 1.6 1999/01/26 02:06:01 rgb
-+ * Removed CONFIG_IPSEC_ALGO_SWITCH macro.
-+ *
-+ * Revision 1.5 1999/01/22 06:17:49 rgb
-+ * Updated macro comments.
-+ * Added context types to support algorithm switch code.
-+ * 64-bit clean-up -- converting 'u long long' to __u64.
-+ *
-+ * Revision 1.4 1998/07/14 15:54:56 rgb
-+ * Add #ifdef __KERNEL__ to protect kernel-only structures.
-+ *
-+ * Revision 1.3 1998/06/30 18:05:16 rgb
-+ * Comment out references to htonq.
-+ *
-+ * Revision 1.2 1998/06/25 19:33:46 rgb
-+ * Add prototype for protocol receive function.
-+ * Rearrange for more logical layout.
-+ *
-+ * Revision 1.1 1998/06/18 21:27:43 henry
-+ * move sources from klips/src to klips/net/ipsec, to keep stupid
-+ * kernel-build scripts happier in the presence of symlinks
-+ *
-+ * Revision 1.4 1998/05/18 22:28:43 rgb
-+ * Disable key printing facilities from /proc/net/ipsec_*.
-+ *
-+ * Revision 1.3 1998/04/21 21:29:07 rgb
-+ * Rearrange debug switches to change on the fly debug output from user
-+ * space. Only kernel changes checked in at this time. radij.c was also
-+ * changed to temporarily remove buggy debugging code in rj_delete causing
-+ * an OOPS and hence, netlink device open errors.
-+ *
-+ * Revision 1.2 1998/04/12 22:03:17 rgb
-+ * Updated ESP-3DES-HMAC-MD5-96,
-+ * ESP-DES-HMAC-MD5-96,
-+ * AH-HMAC-MD5-96,
-+ * AH-HMAC-SHA1-96 since Henry started freeswan cvs repository
-+ * from old standards (RFC182[5-9] to new (as of March 1998) drafts.
-+ *
-+ * Fixed eroute references in /proc/net/ipsec*.
-+ *
-+ * Started to patch module unloading memory leaks in ipsec_netlink and
-+ * radij tree unloading.
-+ *
-+ * Revision 1.1 1998/04/09 03:05:55 henry
-+ * sources moved up from linux/net/ipsec
-+ *
-+ * Revision 1.1.1.1 1998/04/08 05:35:02 henry
-+ * RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
-+ *
-+ * Revision 0.4 1997/01/15 01:28:15 ji
-+ * Added definitions for new AH transforms.
-+ *
-+ * Revision 0.3 1996/11/20 14:35:48 ji
-+ * Minor Cleanup.
-+ * Rationalized debugging code.
-+ *
-+ * Revision 0.2 1996/11/02 00:18:33 ji
-+ * First limited release.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_alg.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,248 @@
-+/*
-+ * Modular extensions service and registration functions interface
-+ *
-+ * Author: JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar>
-+ *
-+ * ipsec_alg.h,v 1.1.2.1 2003/11/21 18:12:23 jjo Exp
-+ *
-+ */
-+/*
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ */
-+#ifndef IPSEC_ALG_H
-+#define IPSEC_ALG_H
-+
-+/*
-+ * gcc >= 3.2 has removed __FUNCTION__, replaced by C99 __func__
-+ * *BUT* its a compiler variable.
-+ */
-+#if (__GNUC__ >= 3)
-+#ifndef __FUNCTION__
-+#define __FUNCTION__ __func__
-+#endif
-+#endif
-+
-+/* Version 0.8.1-0 */
-+#define IPSEC_ALG_VERSION 0x00080100
-+
-+#include <linux/types.h>
-+#include <linux/list.h>
-+#include <asm/atomic.h>
-+#include <pfkey.h>
-+
-+/*
-+ * The following structs are used via pointers in ipsec_alg object to
-+ * avoid ipsec_alg.h coupling with freeswan headers, thus simplifying
-+ * module development
-+ */
-+struct ipsec_sa;
-+struct esp;
-+
-+/**************************************
-+ *
-+ * Main registration object
-+ *
-+ *************************************/
-+#define IPSEC_ALG_VERSION_QUAD(v) \
-+ (v>>24),((v>>16)&0xff),((v>>8)&0xff),(v&0xff)
-+/*
-+ * Main ipsec_alg objects: "OOPrograming wannabe"
-+ * Hierachy (carefully handled with _minimal_ cast'ing):
-+ *
-+ * ipsec_alg+
-+ * +->ipsec_alg_enc (ixt_alg_type=SADB_EXT_SUPPORTED_ENCRYPT)
-+ * +->ipsec_alg_auth (ixt_alg_type=SADB_EXT_SUPPORTED_AUTH)
-+ */
-+
-+/***************************************************************
-+ *
-+ * INTERFACE object: struct ipsec_alg
-+ *
-+ ***************************************************************/
-+
-+#define ixt_alg_type ixt_support.ias_exttype
-+#define ixt_alg_id ixt_support.ias_id
-+
-+#define IPSEC_ALG_ST_SUPP 0x01
-+#define IPSEC_ALG_ST_REGISTERED 0x02
-+#define IPSEC_ALG_ST_EXCL 0x04
-+struct ipsec_alg {
-+ unsigned ixt_version; /* only allow this version (or 'near')*/ \
-+ struct list_head ixt_list; /* dlinked list */ \
-+ struct module *ixt_module; /* THIS_MODULE */ \
-+ unsigned ixt_state; /* state flags */ \
-+ atomic_t ixt_refcnt; /* ref. count when pointed from ipsec_sa */ \
-+ char ixt_name[16]; /* descriptive short name, eg. "3des" */ \
-+ void *ixt_data; /* private for algo implementation */ \
-+ uint8_t ixt_blocksize; /* blocksize in bytes */ \
-+
-+ struct ipsec_alg_supported ixt_support;
-+};
-+/*
-+ * Note the const in cbc_encrypt IV arg:
-+ * some ciphers like to toast passed IV (eg. 3DES): make a local IV copy
-+ */
-+struct ipsec_alg_enc {
-+ struct ipsec_alg ixt_common;
-+ unsigned ixt_e_keylen; /* raw key length in bytes */
-+ unsigned ixt_e_ctx_size; /* sa_p->key_e_size */
-+ int (*ixt_e_set_key)(struct ipsec_alg_enc *alg, __u8 *key_e, const __u8 *key, size_t keysize);
-+ __u8 *(*ixt_e_new_key)(struct ipsec_alg_enc *alg, const __u8 *key, size_t keysize);
-+ void (*ixt_e_destroy_key)(struct ipsec_alg_enc *alg, __u8 *key_e);
-+ int (*ixt_e_cbc_encrypt)(struct ipsec_alg_enc *alg, __u8 *key_e, __u8 *in, int ilen, const __u8 *iv, int encrypt);
-+};
-+struct ipsec_alg_auth {
-+ struct ipsec_alg ixt_common;
-+ unsigned ixt_a_keylen; /* raw key length in bytes */
-+ unsigned ixt_a_ctx_size; /* sa_p->key_a_size */
-+ unsigned ixt_a_authlen; /* 'natural' auth. hash len (bytes) */
-+ int (*ixt_a_hmac_set_key)(struct ipsec_alg_auth *alg, __u8 *key_a, const __u8 *key, int keylen);
-+ int (*ixt_a_hmac_hash)(struct ipsec_alg_auth *alg, __u8 *key_a, const __u8 *dat, int len, __u8 *hash, int hashlen);
-+};
-+/*
-+ * These are _copies_ of SADB_EXT_SUPPORTED_{AUTH,ENCRYPT},
-+ * to avoid header coupling for true constants
-+ * about headers ... "cp is your friend" --Linus
-+ */
-+#define IPSEC_ALG_TYPE_AUTH 14
-+#define IPSEC_ALG_TYPE_ENCRYPT 15
-+
-+/***************************************************************
-+ *
-+ * INTERFACE for module loading,testing, and unloading
-+ *
-+ ***************************************************************/
-+/* - registration calls */
-+int register_ipsec_alg(struct ipsec_alg *);
-+int unregister_ipsec_alg(struct ipsec_alg *);
-+/* - optional (simple test) for algos */
-+int ipsec_alg_test(unsigned alg_type, unsigned alg_id, int testparm);
-+/* inline wrappers (usefull for type validation */
-+static inline int register_ipsec_alg_enc(struct ipsec_alg_enc *ixt) {
-+ return register_ipsec_alg((struct ipsec_alg*)ixt);
-+}
-+static inline int unregister_ipsec_alg_enc(struct ipsec_alg_enc *ixt) {
-+ return unregister_ipsec_alg((struct ipsec_alg*)ixt);
-+}
-+static inline int register_ipsec_alg_auth(struct ipsec_alg_auth *ixt) {
-+ return register_ipsec_alg((struct ipsec_alg*)ixt);
-+}
-+static inline int unregister_ipsec_alg_auth(struct ipsec_alg_auth *ixt) {
-+ return unregister_ipsec_alg((struct ipsec_alg*)ixt);
-+}
-+
-+/*****************************************************************
-+ *
-+ * INTERFACE for ENC services: key creation, encrypt function
-+ *
-+ *****************************************************************/
-+
-+#define IPSEC_ALG_ENCRYPT 1
-+#define IPSEC_ALG_DECRYPT 0
-+
-+/* encryption key context creation function */
-+int ipsec_alg_enc_key_create(struct ipsec_sa *sa_p);
-+/*
-+ * ipsec_alg_esp_encrypt(): encrypt ilen bytes in idat returns
-+ * 0 or ERR<0
-+ */
-+int ipsec_alg_esp_encrypt(struct ipsec_sa *sa_p, __u8 *idat, int ilen, const __u8 *iv, int action);
-+
-+/***************************************************************
-+ *
-+ * INTERFACE for AUTH services: key creation, hash functions
-+ *
-+ ***************************************************************/
-+int ipsec_alg_auth_key_create(struct ipsec_sa *sa_p);
-+int ipsec_alg_sa_esp_hash(const struct ipsec_sa *sa_p, const __u8 *espp, int len, __u8 *hash, int hashlen) ;
-+#define ipsec_alg_sa_esp_update(c,k,l) ipsec_alg_sa_esp_hash(c,k,l,NULL,0)
-+
-+/* only called from ipsec_init.c */
-+int ipsec_alg_init(void);
-+
-+/* algo module glue for static algos */
-+void ipsec_alg_static_init(void);
-+typedef int (*ipsec_alg_init_func_t) (void);
-+
-+/**********************************************
-+ *
-+ * INTERFACE for ipsec_sa init and wipe
-+ *
-+ **********************************************/
-+
-+/* returns true if ipsec_sa has ipsec_alg obj attached */
-+/*
-+ * Initializes ipsec_sa's ipsec_alg object, using already loaded
-+ * proto, authalg, encalg.; links ipsec_alg objects (enc, auth)
-+ */
-+int ipsec_alg_sa_init(struct ipsec_sa *sa_p);
-+/*
-+ * Destroys ipsec_sa's ipsec_alg object
-+ * unlinking ipsec_alg objects
-+ */
-+int ipsec_alg_sa_wipe(struct ipsec_sa *sa_p);
-+
-+#define IPSEC_ALG_MODULE_INIT_MOD( func_name ) \
-+ static int func_name(void); \
-+ module_init(func_name); \
-+ static int __init func_name(void)
-+#define IPSEC_ALG_MODULE_EXIT_MOD( func_name ) \
-+ static void func_name(void); \
-+ module_exit(func_name); \
-+ static void __exit func_name(void)
-+
-+#define IPSEC_ALG_MODULE_INIT_STATIC( func_name ) \
-+ extern int func_name(void); \
-+ int func_name(void)
-+#define IPSEC_ALG_MODULE_EXIT_STATIC( func_name ) \
-+ extern void func_name(void); \
-+ void func_name(void)
-+
-+/**********************************************
-+ *
-+ * 2.2 backport for some 2.4 useful module stuff
-+ *
-+ **********************************************/
-+#ifdef MODULE
-+#ifndef THIS_MODULE
-+#define THIS_MODULE (&__this_module)
-+#endif
-+#ifndef module_init
-+typedef int (*__init_module_func_t)(void);
-+typedef void (*__cleanup_module_func_t)(void);
-+
-+#define module_init(x) \
-+ int init_module(void) __attribute__((alias(#x))); \
-+ static inline __init_module_func_t __init_module_inline(void) \
-+ { return x; }
-+#define module_exit(x) \
-+ void cleanup_module(void) __attribute__((alias(#x))); \
-+ static inline __cleanup_module_func_t __cleanup_module_inline(void) \
-+ { return x; }
-+#endif
-+#define IPSEC_ALG_MODULE_INIT( func_name ) IPSEC_ALG_MODULE_INIT_MOD( func_name )
-+#define IPSEC_ALG_MODULE_EXIT( func_name ) IPSEC_ALG_MODULE_EXIT_MOD( func_name )
-+
-+#else /* not MODULE */
-+#ifndef THIS_MODULE
-+#define THIS_MODULE NULL
-+#endif
-+/*
-+ * I only want module_init() magic
-+ * when algo.c file *is THE MODULE*, in all other
-+ * cases, initialization is called explicitely from ipsec_alg_init()
-+ */
-+#define IPSEC_ALG_MODULE_INIT( func_name ) IPSEC_ALG_MODULE_INIT_STATIC(func_name)
-+#define IPSEC_ALG_MODULE_EXIT( func_name ) IPSEC_ALG_MODULE_EXIT_STATIC(func_name)
-+#endif
-+
-+#endif /* IPSEC_ALG_H */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_alg_3des.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,12 @@
-+struct TripleDES_context {
-+ des_key_schedule s1;
-+ des_key_schedule s2;
-+ des_key_schedule s3;
-+};
-+typedef struct TripleDES_context TripleDES_context;
-+
-+#define ESP_3DES_KEY_SZ 3*(sizeof(des_cblock))
-+#define ESP_3DES_CBC_BLK_LEN 8
-+
-+
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_auth.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,100 @@
-+/*
-+ * Authentication Header declarations
-+ * Copyright (C) 2003 Michael Richardson <mcr@sandelman.ottawa.on.ca>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_auth.h,v 1.3 2004-04-06 02:49:08 mcr Exp $
-+ */
-+
-+#include "ipsec_md5h.h"
-+#include "ipsec_sha1.h"
-+
-+#ifndef IPSEC_AUTH_H
-+#define IPSEC_AUTH_H
-+
-+#define AH_FLENGTH 12 /* size of fixed part */
-+#define AHMD5_KMAX 64 /* MD5 max 512 bits key */
-+#define AHMD5_AMAX 12 /* MD5 96 bits of authenticator */
-+
-+#define AHMD596_KLEN 16 /* MD5 128 bits key */
-+#define AHSHA196_KLEN 20 /* SHA1 160 bits key */
-+
-+#define AHMD596_ALEN 16 /* MD5 128 bits authentication length */
-+#define AHSHA196_ALEN 20 /* SHA1 160 bits authentication length */
-+
-+#define AHMD596_BLKLEN 64 /* MD5 block length */
-+#define AHSHA196_BLKLEN 64 /* SHA1 block length */
-+#define AHSHA2_256_BLKLEN 64 /* SHA2-256 block length */
-+#define AHSHA2_384_BLKLEN 128 /* SHA2-384 block length (?) */
-+#define AHSHA2_512_BLKLEN 128 /* SHA2-512 block length */
-+
-+#define AH_BLKLEN_MAX 128 /* keep up to date! */
-+
-+
-+#define AH_AMAX AHSHA196_ALEN /* keep up to date! */
-+#define AHHMAC_HASHLEN 12 /* authenticator length of 96bits */
-+#define AHHMAC_RPLLEN 4 /* 32 bit replay counter */
-+
-+#define DB_AH_PKTRX 0x0001
-+#define DB_AH_PKTRX2 0x0002
-+#define DB_AH_DMP 0x0004
-+#define DB_AH_IPSA 0x0010
-+#define DB_AH_XF 0x0020
-+#define DB_AH_INAU 0x0040
-+#define DB_AH_REPLAY 0x0100
-+
-+#ifdef __KERNEL__
-+
-+/* General HMAC algorithm is described in RFC 2104 */
-+
-+#define HMAC_IPAD 0x36
-+#define HMAC_OPAD 0x5C
-+
-+struct md5_ctx {
-+ MD5_CTX ictx; /* context after H(K XOR ipad) */
-+ MD5_CTX octx; /* context after H(K XOR opad) */
-+};
-+
-+struct sha1_ctx {
-+ SHA1_CTX ictx; /* context after H(K XOR ipad) */
-+ SHA1_CTX octx; /* context after H(K XOR opad) */
-+};
-+
-+struct auth_alg {
-+ void (*init)(void *ctx);
-+ void (*update)(void *ctx, unsigned char *bytes, __u32 len);
-+ void (*final)(unsigned char *hash, void *ctx);
-+ int hashlen;
-+};
-+
-+struct options;
-+
-+#endif /* __KERNEL__ */
-+#endif /* IPSEC_AUTH_H */
-+
-+/*
-+ * $Log: ipsec_auth.h,v $
-+ * Revision 1.3 2004-04-06 02:49:08 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.2 2004/04/05 19:55:04 mcr
-+ * Moved from linux/include/freeswan/ipsec_auth.h,v
-+ *
-+ * Revision 1.1 2003/12/13 19:10:16 mcr
-+ * refactored rcv and xmit code - same as FS 2.05.
-+ *
-+ * Revision 1.1 2003/12/06 21:21:19 mcr
-+ * split up receive path into per-transform files, for
-+ * easier later removal.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_encap.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,149 @@
-+/*
-+ * declarations relevant to encapsulation-like operations
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998, 1999, 2000, 2001 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_encap.h,v 1.19 2004-04-05 19:55:04 mcr Exp $
-+ */
-+
-+#ifndef _IPSEC_ENCAP_H_
-+
-+#define SENT_IP4 16 /* data is two struct in_addr + proto + ports*/
-+ /* (2 * sizeof(struct in_addr)) */
-+ /* sizeof(struct sockaddr_encap)
-+ - offsetof(struct sockaddr_encap, Sen.Sip4.Src) */
-+
-+struct sockaddr_encap
-+{
-+ __u8 sen_len; /* length */
-+ __u8 sen_family; /* AF_ENCAP */
-+ __u16 sen_type; /* see SENT_* */
-+ union
-+ {
-+ struct /* SENT_IP4 */
-+ {
-+ struct in_addr Src;
-+ struct in_addr Dst;
-+ __u8 Proto;
-+ __u16 Sport;
-+ __u16 Dport;
-+ } Sip4;
-+ } Sen;
-+};
-+
-+#define sen_ip_src Sen.Sip4.Src
-+#define sen_ip_dst Sen.Sip4.Dst
-+#define sen_proto Sen.Sip4.Proto
-+#define sen_sport Sen.Sip4.Sport
-+#define sen_dport Sen.Sip4.Dport
-+
-+#ifndef AF_ENCAP
-+#define AF_ENCAP 26
-+#endif /* AF_ENCAP */
-+
-+#define _IPSEC_ENCAP_H_
-+#endif /* _IPSEC_ENCAP_H_ */
-+
-+/*
-+ * $Log: ipsec_encap.h,v $
-+ * Revision 1.19 2004-04-05 19:55:04 mcr
-+ * Moved from linux/include/freeswan/ipsec_encap.h,v
-+ *
-+ * Revision 1.18 2003/10/31 02:27:05 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.17.30.1 2003/09/21 13:59:38 mcr
-+ * pre-liminary X.509 patch - does not yet pass tests.
-+ *
-+ * Revision 1.17 2002/04/24 07:36:46 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_encap.h,v
-+ *
-+ * Revision 1.16 2001/11/26 09:23:47 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.15.2.1 2001/09/25 02:18:54 mcr
-+ * struct eroute moved to ipsec_eroute.h
-+ *
-+ * Revision 1.15 2001/09/14 16:58:36 rgb
-+ * Added support for storing the first and last packets through a HOLD.
-+ *
-+ * Revision 1.14 2001/09/08 21:13:31 rgb
-+ * Added pfkey ident extension support for ISAKMPd. (NetCelo)
-+ *
-+ * Revision 1.13 2001/06/14 19:35:08 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.12 2001/05/27 06:12:10 rgb
-+ * Added structures for pid, packet count and last access time to eroute.
-+ * Added packet count to beginning of /proc/net/ipsec_eroute.
-+ *
-+ * Revision 1.11 2000/09/08 19:12:56 rgb
-+ * Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
-+ *
-+ * Revision 1.10 2000/03/22 16:15:36 rgb
-+ * Fixed renaming of dev_get (MB).
-+ *
-+ * Revision 1.9 2000/01/21 06:13:26 rgb
-+ * Added a macro for AF_ENCAP
-+ *
-+ * Revision 1.8 1999/12/31 14:56:55 rgb
-+ * MB fix for 2.3 dev-use-count.
-+ *
-+ * Revision 1.7 1999/11/18 04:09:18 rgb
-+ * Replaced all kernel version macros to shorter, readable form.
-+ *
-+ * Revision 1.6 1999/09/24 00:34:13 rgb
-+ * Add Marc Boucher's support for 2.3.xx+.
-+ *
-+ * Revision 1.5 1999/04/11 00:28:57 henry
-+ * GPL boilerplate
-+ *
-+ * Revision 1.4 1999/04/06 04:54:25 rgb
-+ * Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+ * patch shell fixes.
-+ *
-+ * Revision 1.3 1998/10/19 14:44:28 rgb
-+ * Added inclusion of freeswan.h.
-+ * sa_id structure implemented and used: now includes protocol.
-+ *
-+ * Revision 1.2 1998/07/14 18:19:33 rgb
-+ * Added #ifdef __KERNEL__ directives to restrict scope of header.
-+ *
-+ * Revision 1.1 1998/06/18 21:27:44 henry
-+ * move sources from klips/src to klips/net/ipsec, to keep stupid
-+ * kernel-build scripts happier in the presence of symlinks
-+ *
-+ * Revision 1.2 1998/04/21 21:29:10 rgb
-+ * Rearrange debug switches to change on the fly debug output from user
-+ * space. Only kernel changes checked in at this time. radij.c was also
-+ * changed to temporarily remove buggy debugging code in rj_delete causing
-+ * an OOPS and hence, netlink device open errors.
-+ *
-+ * Revision 1.1 1998/04/09 03:05:58 henry
-+ * sources moved up from linux/net/ipsec
-+ *
-+ * Revision 1.1.1.1 1998/04/08 05:35:02 henry
-+ * RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
-+ *
-+ * Revision 0.4 1997/01/15 01:28:15 ji
-+ * Minor cosmetic changes.
-+ *
-+ * Revision 0.3 1996/11/20 14:35:48 ji
-+ * Minor Cleanup.
-+ * Rationalized debugging code.
-+ *
-+ * Revision 0.2 1996/11/02 00:18:33 ji
-+ * First limited release.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_eroute.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,112 @@
-+/*
-+ * @(#) declarations of eroute structures
-+ *
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998, 1999, 2000, 2001 Richard Guy Briggs <rgb@freeswan.org>
-+ * Copyright (C) 2001 Michael Richardson <mcr@freeswan.org>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_eroute.h,v 1.5 2004-04-05 19:55:05 mcr Exp $
-+ *
-+ * derived from ipsec_encap.h 1.15 on 2001/9/18 by mcr.
-+ *
-+ */
-+
-+#ifndef _IPSEC_EROUTE_H_
-+
-+#include "radij.h"
-+#include "ipsec_encap.h"
-+#include "ipsec_radij.h"
-+
-+/*
-+ * The "type" is really part of the address as far as the routing
-+ * system is concerned. By using only one bit in the type field
-+ * for each type, we sort-of make sure that different types of
-+ * encapsulation addresses won't be matched against the wrong type.
-+ */
-+
-+/*
-+ * An entry in the radix tree
-+ */
-+
-+struct rjtentry
-+{
-+ struct radij_node rd_nodes[2]; /* tree glue, and other values */
-+#define rd_key(r) ((struct sockaddr_encap *)((r)->rd_nodes->rj_key))
-+#define rd_mask(r) ((struct sockaddr_encap *)((r)->rd_nodes->rj_mask))
-+ short rd_flags;
-+ short rd_count;
-+};
-+
-+struct ident
-+{
-+ __u16 type; /* identity type */
-+ __u64 id; /* identity id */
-+ __u8 len; /* identity len */
-+ caddr_t data; /* identity data */
-+};
-+
-+/*
-+ * An encapsulation route consists of a pointer to a
-+ * radix tree entry and a SAID (a destination_address/SPI/protocol triple).
-+ */
-+
-+struct eroute
-+{
-+ struct rjtentry er_rjt;
-+ ip_said er_said;
-+ uint32_t er_pid;
-+ uint32_t er_count;
-+ uint64_t er_lasttime;
-+ struct sockaddr_encap er_eaddr; /* MCR get rid of _encap, it is silly*/
-+ struct sockaddr_encap er_emask;
-+ struct ident er_ident_s;
-+ struct ident er_ident_d;
-+ struct sk_buff* er_first;
-+ struct sk_buff* er_last;
-+};
-+
-+#define er_dst er_said.dst
-+#define er_spi er_said.spi
-+
-+#define _IPSEC_EROUTE_H_
-+#endif /* _IPSEC_EROUTE_H_ */
-+
-+/*
-+ * $Log: ipsec_eroute.h,v $
-+ * Revision 1.5 2004-04-05 19:55:05 mcr
-+ * Moved from linux/include/freeswan/ipsec_eroute.h,v
-+ *
-+ * Revision 1.4 2003/10/31 02:27:05 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.3.30.2 2003/10/29 01:10:19 mcr
-+ * elimited "struct sa_id"
-+ *
-+ * Revision 1.3.30.1 2003/09/21 13:59:38 mcr
-+ * pre-liminary X.509 patch - does not yet pass tests.
-+ *
-+ * Revision 1.3 2002/04/24 07:36:46 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_eroute.h,v
-+ *
-+ * Revision 1.2 2001/11/26 09:16:13 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.1.2.1 2001/09/25 02:18:54 mcr
-+ * struct eroute moved to ipsec_eroute.h
-+ *
-+ *
-+ * Local variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_errs.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,53 @@
-+/*
-+ * @(#) definition of ipsec_errs structure
-+ *
-+ * Copyright (C) 2001 Richard Guy Briggs <rgb@freeswan.org>
-+ * and Michael Richardson <mcr@freeswan.org>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_errs.h,v 1.4 2004-04-05 19:55:05 mcr Exp $
-+ *
-+ */
-+
-+/*
-+ * This file describes the errors/statistics that FreeSWAN collects.
-+ *
-+ */
-+
-+struct ipsec_errs {
-+ __u32 ips_alg_errs; /* number of algorithm errors */
-+ __u32 ips_auth_errs; /* # of authentication errors */
-+ __u32 ips_encsize_errs; /* # of encryption size errors*/
-+ __u32 ips_encpad_errs; /* # of encryption pad errors*/
-+ __u32 ips_replaywin_errs; /* # of pkt sequence errors */
-+};
-+
-+/*
-+ * $Log: ipsec_errs.h,v $
-+ * Revision 1.4 2004-04-05 19:55:05 mcr
-+ * Moved from linux/include/freeswan/ipsec_errs.h,v
-+ *
-+ * Revision 1.3 2002/04/24 07:36:46 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_errs.h,v
-+ *
-+ * Revision 1.2 2001/11/26 09:16:13 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.1.2.1 2001/09/25 02:25:57 mcr
-+ * lifetime structure created and common functions created.
-+ *
-+ *
-+ * Local variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_esp.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,157 @@
-+/*
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998, 1999, 2000, 2001 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_esp.h,v 1.28 2004-09-13 02:22:10 mcr Exp $
-+ */
-+
-+#include "openswan/ipsec_md5h.h"
-+#include "openswan/ipsec_sha1.h"
-+
-+#include "crypto/des.h"
-+
-+#ifndef IPPROTO_ESP
-+#define IPPROTO_ESP 50
-+#endif /* IPPROTO_ESP */
-+
-+#define ESP_HEADER_LEN 8 /* 64 bits header (spi+rpl)*/
-+
-+#define EMT_ESPDESCBC_ULEN 20 /* coming from user mode */
-+#define EMT_ESPDES_KMAX 64 /* 512 bit secret key enough? */
-+#define EMT_ESPDES_KEY_SZ 8 /* 56 bit secret key with parity = 64 bits */
-+#define EMT_ESP3DES_KEY_SZ 24 /* 168 bit secret key with parity = 192 bits */
-+#define EMT_ESPDES_IV_SZ 8 /* IV size */
-+#define ESP_DESCBC_BLKLEN 8 /* DES-CBC block size */
-+
-+#define ESP_IV_MAXSZ 16 /* This is _critical_ */
-+#define ESP_IV_MAXSZ_INT (ESP_IV_MAXSZ/sizeof(int))
-+
-+#define DB_ES_PKTRX 0x0001
-+#define DB_ES_PKTRX2 0x0002
-+#define DB_ES_IPSA 0x0010
-+#define DB_ES_XF 0x0020
-+#define DB_ES_IPAD 0x0040
-+#define DB_ES_INAU 0x0080
-+#define DB_ES_OINFO 0x0100
-+#define DB_ES_OINFO2 0x0200
-+#define DB_ES_OH 0x0400
-+#define DB_ES_REPLAY 0x0800
-+
-+#ifdef __KERNEL__
-+struct des_eks {
-+ des_key_schedule ks;
-+};
-+
-+extern struct inet_protocol esp_protocol;
-+
-+struct options;
-+
-+struct esphdr
-+{
-+ __u32 esp_spi; /* Security Parameters Index */
-+ __u32 esp_rpl; /* Replay counter */
-+ __u8 esp_iv[8]; /* iv */
-+};
-+
-+extern struct xform_functions esp_xform_funcs[];
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+extern int debug_esp;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+#endif /* __KERNEL__ */
-+
-+/*
-+ * $Log: ipsec_esp.h,v $
-+ * Revision 1.28 2004-09-13 02:22:10 mcr
-+ * #define inet_protocol if necessary.
-+ *
-+ * Revision 1.27 2004/09/06 18:35:41 mcr
-+ * 2.6.8.1 gets rid of inet_protocol->net_protocol compatibility,
-+ * so adjust for that.
-+ *
-+ * Revision 1.26 2004/07/10 19:08:41 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.25 2004/04/06 02:49:08 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.24 2004/04/05 19:55:05 mcr
-+ * Moved from linux/include/freeswan/ipsec_esp.h,v
-+ *
-+ * Revision 1.23 2004/04/05 19:41:05 mcr
-+ * merged alg-branch code.
-+ *
-+ * Revision 1.22 2003/12/13 19:10:16 mcr
-+ * refactored rcv and xmit code - same as FS 2.05.
-+ *
-+ * Revision 1.23 2003/12/11 20:14:58 mcr
-+ * refactored the xmit code, to move all encapsulation
-+ * code into protocol functions. Note that all functions
-+ * are essentially done by a single function, which is probably
-+ * wrong.
-+ * the rcv_functions structures are renamed xform_functions.
-+ *
-+ * Revision 1.22 2003/12/06 21:21:19 mcr
-+ * split up receive path into per-transform files, for
-+ * easier later removal.
-+ *
-+ * Revision 1.21.8.1 2003/12/22 15:25:52 jjo
-+ * Merged algo-0.8.1-rc11-test1 into alg-branch
-+ *
-+ * Revision 1.21 2003/02/06 02:21:34 rgb
-+ *
-+ * Moved "struct auth_alg" from ipsec_rcv.c to ipsec_ah.h .
-+ * Changed "struct ah" to "struct ahhdr" and "struct esp" to "struct esphdr".
-+ * Removed "#ifdef INBOUND_POLICY_CHECK_eroute" dead code.
-+ *
-+ * Revision 1.20 2002/05/14 02:37:02 rgb
-+ * Change reference from _TDB to _IPSA.
-+ *
-+ * Revision 1.19 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.18 2002/04/24 07:36:46 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_esp.h,v
-+ *
-+ * Revision 1.17 2002/02/20 01:27:07 rgb
-+ * Ditched a pile of structs only used by the old Netlink interface.
-+ *
-+ * Revision 1.16 2001/12/11 02:35:57 rgb
-+ * Change "struct net_device" to "struct device" for 2.2 compatibility.
-+ *
-+ * Revision 1.15 2001/11/26 09:23:48 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.14.2.3 2001/10/23 04:16:42 mcr
-+ * get definition of des_key_schedule from des.h
-+ *
-+ * Revision 1.14.2.2 2001/10/22 20:33:13 mcr
-+ * use "des_key_schedule" structure instead of cooking our own.
-+ *
-+ * Revision 1.14.2.1 2001/09/25 02:18:25 mcr
-+ * replace "struct device" with "struct netdevice"
-+ *
-+ * Revision 1.14 2001/06/14 19:35:08 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.13 2000/09/08 19:12:56 rgb
-+ * Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
-+ *
-+ * Revision 1.12 2000/08/01 14:51:50 rgb
-+ * Removed _all_ remaining traces of DES.
-+ *
-+ * Revision 1.11 2000/01/10 16:36:20 rgb
-+ * Ditch last of EME option flags, including initiator.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_ipcomp.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,94 @@
-+/*
-+ * IP compression header declations
-+ *
-+ * Copyright (C) 2003 Michael Richardson <mcr@sandelman.ottawa.on.ca>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_ipcomp.h,v 1.4 2004-07-10 19:08:41 mcr Exp $
-+ */
-+
-+#ifndef IPSEC_IPCOMP_H
-+#define IPSEC_IPCOMP_H
-+
-+#include "openswan/ipsec_auth.h"
-+
-+/* Prefix all global deflate symbols with "ipcomp_" to avoid collisions with ppp_deflate & ext2comp */
-+#ifndef IPCOMP_PREFIX
-+#define IPCOMP_PREFIX
-+#endif /* IPCOMP_PREFIX */
-+
-+#ifndef IPPROTO_COMP
-+#define IPPROTO_COMP 108
-+#endif /* IPPROTO_COMP */
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+extern int sysctl_ipsec_debug_ipcomp;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+struct ipcomphdr { /* IPCOMP header */
-+ __u8 ipcomp_nh; /* Next header (protocol) */
-+ __u8 ipcomp_flags; /* Reserved, must be 0 */
-+ __u16 ipcomp_cpi; /* Compression Parameter Index */
-+};
-+
-+extern struct inet_protocol comp_protocol;
-+extern int sysctl_ipsec_debug_ipcomp;
-+
-+#define IPCOMP_UNCOMPRESSABLE 0x000000001
-+#define IPCOMP_COMPRESSIONERROR 0x000000002
-+#define IPCOMP_PARMERROR 0x000000004
-+#define IPCOMP_DECOMPRESSIONERROR 0x000000008
-+
-+#define IPCOMP_ADAPT_INITIAL_TRIES 8
-+#define IPCOMP_ADAPT_INITIAL_SKIP 4
-+#define IPCOMP_ADAPT_SUBSEQ_TRIES 2
-+#define IPCOMP_ADAPT_SUBSEQ_SKIP 8
-+
-+/* Function prototypes */
-+struct sk_buff *skb_compress(struct sk_buff *skb, struct ipsec_sa *ips, unsigned int *flags);
-+struct sk_buff *skb_decompress(struct sk_buff *skb, struct ipsec_sa *ips, unsigned int *flags);
-+
-+extern struct xform_functions ipcomp_xform_funcs[];
-+
-+#endif /* IPSEC_IPCOMP_H */
-+
-+/*
-+ * $Log: ipsec_ipcomp.h,v $
-+ * Revision 1.4 2004-07-10 19:08:41 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.3 2004/04/06 02:49:08 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.2 2004/04/05 19:55:05 mcr
-+ * Moved from linux/include/freeswan/ipsec_ipcomp.h,v
-+ *
-+ * Revision 1.1 2003/12/13 19:10:16 mcr
-+ * refactored rcv and xmit code - same as FS 2.05.
-+ *
-+ * Revision 1.2 2003/12/11 20:14:58 mcr
-+ * refactored the xmit code, to move all encapsulation
-+ * code into protocol functions. Note that all functions
-+ * are essentially done by a single function, which is probably
-+ * wrong.
-+ * the rcv_functions structures are renamed xform_functions.
-+ *
-+ * Revision 1.1 2003/12/06 21:21:19 mcr
-+ * split up receive path into per-transform files, for
-+ * easier later removal.
-+ *
-+ *
-+ *
-+ */
-+
-+
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_ipe4.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,68 @@
-+/*
-+ * IP-in-IP Header declarations
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998, 1999, 2000, 2001 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_ipe4.h,v 1.6 2004-04-05 19:55:05 mcr Exp $
-+ */
-+
-+/* The packet header is an IP header! */
-+
-+struct ipe4_xdata /* transform table data */
-+{
-+ struct in_addr i4_src;
-+ struct in_addr i4_dst;
-+};
-+
-+#define EMT_IPE4_ULEN 8 /* coming from user mode */
-+
-+
-+/*
-+ * $Log: ipsec_ipe4.h,v $
-+ * Revision 1.6 2004-04-05 19:55:05 mcr
-+ * Moved from linux/include/freeswan/ipsec_ipe4.h,v
-+ *
-+ * Revision 1.5 2002/04/24 07:36:46 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_ipe4.h,v
-+ *
-+ * Revision 1.4 2001/06/14 19:35:08 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.3 1999/04/11 00:28:57 henry
-+ * GPL boilerplate
-+ *
-+ * Revision 1.2 1999/04/06 04:54:25 rgb
-+ * Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+ * patch shell fixes.
-+ *
-+ * Revision 1.1 1998/06/18 21:27:47 henry
-+ * move sources from klips/src to klips/net/ipsec, to keep stupid
-+ * kernel-build scripts happier in the presence of symlinks
-+ *
-+ * Revision 1.1 1998/04/09 03:06:07 henry
-+ * sources moved up from linux/net/ipsec
-+ *
-+ * Revision 1.1.1.1 1998/04/08 05:35:03 henry
-+ * RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
-+ *
-+ * Revision 0.4 1997/01/15 01:28:15 ji
-+ * No changes.
-+ *
-+ * Revision 0.3 1996/11/20 14:48:53 ji
-+ * Release update only.
-+ *
-+ * Revision 0.2 1996/11/02 00:18:33 ji
-+ * First limited release.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_ipip.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,45 @@
-+/*
-+ * Copyright (C) 2003 Michael Richardson <mcr@sandelman.ottawa.on.ca>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_ipip.h,v 1.2 2004-04-05 19:55:05 mcr Exp $
-+ */
-+
-+#ifndef _IPSEC_IPIP_H_
-+
-+#ifndef IPPROTO_IPIP
-+#define IPPROTO_IPIP 4
-+#endif /* IPPROTO_ESP */
-+
-+extern struct xform_functions ipip_xform_funcs[];
-+
-+#define _IPSEC_IPIP_H_
-+
-+#endif /* _IPSEC_IPIP_H_ */
-+
-+/*
-+ * $Log: ipsec_ipip.h,v $
-+ * Revision 1.2 2004-04-05 19:55:05 mcr
-+ * Moved from linux/include/freeswan/ipsec_ipip.h,v
-+ *
-+ * Revision 1.1 2003/12/13 19:10:16 mcr
-+ * refactored rcv and xmit code - same as FS 2.05.
-+ *
-+ * Revision 1.1 2003/12/11 20:14:58 mcr
-+ * refactored the xmit code, to move all encapsulation
-+ * code into protocol functions. Note that all functions
-+ * are essentially done by a single function, which is probably
-+ * wrong.
-+ * the rcv_functions structures are renamed xform_functions.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_kern24.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,61 @@
-+/*
-+ * @(#) routines to makes kernel 2.4 compatible with 2.6 usage.
-+ *
-+ * Copyright (C) 2004 Michael Richardson <mcr@sandelman.ottawa.on.ca>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_kern24.h,v 1.4 2005-05-20 03:19:18 mcr Exp $
-+ */
-+
-+#ifndef _IPSEC_KERN24_H
-+
-+#ifndef NET_26
-+#define sk_receive_queue receive_queue
-+#define sk_destruct destruct
-+#define sk_reuse reuse
-+#define sk_zapped zapped
-+#define sk_family family
-+#define sk_protocol protocol
-+#define sk_protinfo protinfo
-+#define sk_sleep sleep
-+#define sk_state_change state_change
-+#define sk_shutdown shutdown
-+#define sk_err err
-+#define sk_stamp stamp
-+#define sk_socket socket
-+#define sk_sndbuf sndbuf
-+#define sock_flag(sk, flag) sk->dead
-+#define sk_for_each(sk, node, plist) for(sk=*plist; sk!=NULL; sk = sk->next)
-+#endif
-+
-+/* deal with 2.4 vs 2.6 issues with module counts */
-+
-+/* in 2.6, all refcounts are maintained *outside* of the
-+ * module to deal with race conditions.
-+ */
-+
-+#ifdef NET_26
-+#define KLIPS_INC_USE /* nothing */
-+#define KLIPS_DEC_USE /* nothing */
-+
-+#else
-+#define KLIPS_INC_USE MOD_INC_USE_COUNT
-+#define KLIPS_DEC_USE MOD_DEC_USE_COUNT
-+#endif
-+
-+extern int printk_ratelimit(void);
-+
-+
-+#define _IPSEC_KERN24_H 1
-+
-+#endif /* _IPSEC_KERN24_H */
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_kversion.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,429 @@
-+#ifndef _OPENSWAN_KVERSIONS_H
-+/*
-+ * header file for FreeS/WAN library functions
-+ * Copyright (C) 1998, 1999, 2000 Henry Spencer.
-+ * Copyright (C) 1999, 2000, 2001 Richard Guy Briggs
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: ipsec_kversion.h,v 1.15.2.21 2008-02-17 20:35:35 paul Exp $
-+ */
-+#define _OPENSWAN_KVERSIONS_H /* seen it, no need to see it again */
-+
-+/*
-+ * this file contains a series of atomic defines that depend upon
-+ * kernel version numbers. The kernel versions are arranged
-+ * in version-order number (which is often not chronological)
-+ * and each clause enables or disables a feature.
-+ */
-+
-+/*
-+ * First, assorted kernel-version-dependent trickery.
-+ */
-+#include <linux/version.h>
-+#ifndef KERNEL_VERSION
-+#define KERNEL_VERSION(x,y,z) (((x)<<16)+((y)<<8)+(z))
-+#endif
-+
-+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,1,0)
-+#define HEADER_CACHE_BIND_21
-+#error "KLIPS is no longer supported on Linux 2.0. Sorry"
-+#endif
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,1,0)
-+#define SPINLOCK
-+#define PROC_FS_21
-+#define NETLINK_SOCK
-+#define NET_21
-+#endif
-+
-+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,1,19)
-+#define net_device_stats enet_statistics
-+#endif
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,3,0)
-+#define SPINLOCK_23
-+#define NETDEV_23
-+# ifndef CONFIG_IP_ALIAS
-+# define CONFIG_IP_ALIAS
-+# endif
-+#include <linux/socket.h>
-+#include <linux/skbuff.h>
-+#include <linux/netlink.h>
-+# ifdef NETLINK_XFRM
-+# define NETDEV_25
-+# endif
-+#endif
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,3,25)
-+#define PROC_FS_2325
-+#undef PROC_FS_21
-+#endif
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,3,30)
-+#define PROC_NO_DUMMY
-+#endif
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,3,35)
-+#define SKB_COPY_EXPAND
-+#endif
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,3,37)
-+#define IP_SELECT_IDENT
-+#endif
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,3,50)
-+# if(LINUX_VERSION_CODE < KERNEL_VERSION(2,6,23) && defined(CONFIG_NETFILTER))
-+# define SKB_RESET_NFCT
-+# elif LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,23)
-+# if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
-+# define SKB_RESET_NFCT
-+# endif
-+# endif
-+#endif
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,4,2)
-+#define IP_SELECT_IDENT_NEW
-+#endif
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,4,4)
-+#define IPH_is_SKB_PULLED
-+#define SKB_COW_NEW
-+#define PROTO_HANDLER_SINGLE_PARM
-+#define IP_FRAGMENT_LINEARIZE 1
-+#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,4,4) */
-+# ifdef REDHAT_BOGOSITY
-+# define IP_SELECT_IDENT_NEW
-+# define IPH_is_SKB_PULLED
-+# define SKB_COW_NEW
-+# define PROTO_HANDLER_SINGLE_PARM
-+# endif /* REDHAT_BOGOSITY */
-+#endif /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,4,4) */
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,4,9)
-+#define MALLOC_SLAB
-+#define LINUX_KERNEL_HAS_SNPRINTF
-+#endif
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
-+#define HAVE_NETDEV_PRINTK 1
-+#define NET_26
-+#endif
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,8)
-+#define NEED_INET_PROTOCOL
-+#endif
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,12)
-+#define HAVE_SOCK_ZAPPED
-+#define NET_26_12_SKALLOC
-+#endif
-+
-+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,13)
-+#define HAVE_SOCK_SECURITY
-+/* skb->nf_debug disappared completely in 2.6.13 */
-+#define HAVE_SKB_NF_DEBUG
-+#endif
-+
-+#define SYSCTL_IPSEC_DEFAULT_TTL sysctl_ip_default_ttl
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,14)
-+/* skb->stamp changed to skb->tstamp in 2.6.14 */
-+#define HAVE_TSTAMP
-+#define HAVE_INET_SK_SPORT
-+#undef SYSCTL_IPSEC_DEFAULT_TTL
-+#define SYSCTL_IPSEC_DEFAULT_TTL IPSEC_DEFAULT_TTL
-+#else
-+#define HAVE_SKB_LIST
-+#endif
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,18) || SLE_VERSION_CODE >= 655616
-+#define HAVE_NEW_SKB_LINEARIZE
-+#endif
-+
-+/* this is the best we can do to detect XEN, which makes
-+ * * patches to linux/skbuff.h, making it look like 2.6.18 version
-+ * */
-+#ifdef CONFIG_XEN
-+#define HAVE_NEW_SKB_LINEARIZE
-+#endif
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,19)
-+#define VOID_SOCK_UNREGISTER
-+#endif
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,20)
-+/* skb->nfmark changed to skb->mark in 2.6.20 */
-+#define nfmark mark
-+#endif
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
-+/* need to include ip.h early, no longer pick it up in skbuff.h */
-+#include <linux/ip.h>
-+# define HAVE_KERNEL_TSTAMP
-+/* type of sock.sk_stamp changed from timeval to ktime */
-+# define grab_socket_timeval(tv, sock) { (tv) = ktime_to_timeval((sock).sk_stamp); }
-+#else
-+# define grab_socket_timeval(tv, sock) { (tv) = (sock).sk_stamp; }
-+/* internals of struct skbuff changed */
-+# define HAVE_DEV_NEXT
-+# define ip_hdr(skb) ((skb)->nh.iph)
-+# define skb_tail_pointer(skb) ((skb)->tail)
-+# define skb_end_pointer(skb) ((skb)->end)
-+# define skb_network_header(skb) ((skb)->nh.raw)
-+# define skb_set_network_header(skb,off) ((skb)->nh.raw = (skb)->data + (off))
-+# define tcp_hdr(skb) ((skb)->h.th)
-+# define udp_hdr(skb) ((skb)->h.uh)
-+# define skb_transport_header(skb) ((skb)->h.raw)
-+# define skb_set_transport_header(skb,off) ((skb)->h.raw = (skb)->data + (off))
-+# define skb_mac_header(skb) ((skb)->mac.raw)
-+# define skb_set_mac_header(skb,off) ((skb)->mac.raw = (skb)->data + (off))
-+#endif
-+/* turn a pointer into an offset for above macros */
-+#define ipsec_skb_offset(skb, ptr) (((unsigned char *)(ptr)) - (skb)->data)
-+
-+#ifdef NET_21
-+# include <linux/in6.h>
-+#else
-+ /* old kernel in.h has some IPv6 stuff, but not quite enough */
-+# define s6_addr16 s6_addr
-+# define AF_INET6 10
-+# define uint8_t __u8
-+# define uint16_t __u16
-+# define uint32_t __u32
-+# define uint64_t __u64
-+#endif
-+
-+#ifdef NET_21
-+# define ipsec_kfree_skb(a) kfree_skb(a)
-+#else /* NET_21 */
-+# define ipsec_kfree_skb(a) kfree_skb(a, FREE_WRITE)
-+#endif /* NET_21 */
-+
-+#ifdef NETDEV_23
-+#if 0
-+#ifndef NETDEV_25
-+#define device net_device
-+#endif
-+#endif
-+# define ipsec_dev_get dev_get_by_name
-+# define __ipsec_dev_get __dev_get_by_name
-+# define ipsec_dev_put(x) dev_put(x)
-+# define __ipsec_dev_put(x) __dev_put(x)
-+# define ipsec_dev_hold(x) dev_hold(x)
-+#else /* NETDEV_23 */
-+# define ipsec_dev_get dev_get
-+# define __ipsec_dev_put(x)
-+# define ipsec_dev_put(x)
-+# define ipsec_dev_hold(x)
-+#endif /* NETDEV_23 */
-+
-+#ifndef SPINLOCK
-+# include <linux/bios32.h>
-+ /* simulate spin locks and read/write locks */
-+ typedef struct {
-+ volatile char lock;
-+ } spinlock_t;
-+
-+ typedef struct {
-+ volatile unsigned int lock;
-+ } rwlock_t;
-+
-+# define spin_lock_init(x) { (x)->lock = 0;}
-+# define rw_lock_init(x) { (x)->lock = 0; }
-+
-+# define spin_lock(x) { while ((x)->lock) barrier(); (x)->lock=1;}
-+# define spin_lock_irq(x) { cli(); spin_lock(x);}
-+# define spin_lock_irqsave(x,flags) { save_flags(flags); spin_lock_irq(x);}
-+
-+# define spin_unlock(x) { (x)->lock=0;}
-+# define spin_unlock_irq(x) { spin_unlock(x); sti();}
-+# define spin_unlock_irqrestore(x,flags) { spin_unlock(x); restore_flags(flags);}
-+
-+# define read_lock(x) spin_lock(x)
-+# define read_lock_irq(x) spin_lock_irq(x)
-+# define read_lock_irqsave(x,flags) spin_lock_irqsave(x,flags)
-+
-+# define read_unlock(x) spin_unlock(x)
-+# define read_unlock_irq(x) spin_unlock_irq(x)
-+# define read_unlock_irqrestore(x,flags) spin_unlock_irqrestore(x,flags)
-+
-+# define write_lock(x) spin_lock(x)
-+# define write_lock_irq(x) spin_lock_irq(x)
-+# define write_lock_irqsave(x,flags) spin_lock_irqsave(x,flags)
-+
-+# define write_unlock(x) spin_unlock(x)
-+# define write_unlock_irq(x) spin_unlock_irq(x)
-+# define write_unlock_irqrestore(x,flags) spin_unlock_irqrestore(x,flags)
-+#endif /* !SPINLOCK */
-+
-+#ifndef SPINLOCK_23
-+# define spin_lock_bh(x) spin_lock_irq(x)
-+# define spin_unlock_bh(x) spin_unlock_irq(x)
-+
-+# define read_lock_bh(x) read_lock_irq(x)
-+# define read_unlock_bh(x) read_unlock_irq(x)
-+
-+# define write_lock_bh(x) write_lock_irq(x)
-+# define write_unlock_bh(x) write_unlock_irq(x)
-+#endif /* !SPINLOCK_23 */
-+
-+#ifndef HAVE_NETDEV_PRINTK
-+#define netdev_printk(sevlevel, netdev, msglevel, format, arg...) \
-+ printk(sevlevel "%s: " format , netdev->name , ## arg)
-+#endif
-+
-+#if LINUX_VERSION_CODE <= KERNEL_VERSION(2,6,0)
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,4,0)
-+#include "openswan/ipsec_kern24.h"
-+#else
-+#error "kernels before 2.4 are not supported at this time"
-+#endif
-+#endif
-+
-+
-+#endif /* _OPENSWAN_KVERSIONS_H */
-+
-+/*
-+ * $Log: ipsec_kversion.h,v $
-+ * Revision 1.15.2.21 2008-02-17 20:35:35 paul
-+ * enable HAVE_NEW_SKB_LINEARIZE for Suse Linux SLES10 SP1
-+ *
-+ * Revision 1.15.2.20 2007-11-16 06:16:10 paul
-+ * Fix brackets on SKB_RESET_NFCT case
-+ *
-+ * Revision 1.15.2.19 2007-11-16 06:01:27 paul
-+ * On 2.6.23+, sk->nfct is part of skbut only when CONFIG_NF_CONNTRACK or
-+ * CONFIG_NF_CONNTRACK_MODUE is set, where previously this was handled with
-+ * CONFIG_NETFILTER.
-+ *
-+ * Revision 1.15.2.18 2007-11-07 14:17:56 paul
-+ * Xen modifies skb structures, so xen kernels < 2.6.18 need to have
-+ * HAVE_NEW_SKB_LINEARIZE defined.
-+ *
-+ * Revision 1.15.2.17 2007-10-31 19:57:40 paul
-+ * type of sock.sk_stamp changed from timeval to ktime [dhr]
-+ *
-+ * Revision 1.15.2.16 2007-10-30 22:17:02 paul
-+ * Move the define for ktime_to_timeval() from "not 2.6.22" to "< 2.6.16",
-+ * where it belongs.
-+ *
-+ * Revision 1.15.2.15 2007-10-30 21:44:00 paul
-+ * added a backport definition for define skb_end_pointer [dhr]
-+ *
-+ * Revision 1.15.2.14 2007-10-28 00:26:03 paul
-+ * Start of fix for 2.6.22+ kernels and skb_tail_pointer()
-+ *
-+ * Revision 1.15.2.13 2007/09/05 02:28:27 paul
-+ * Patch by David McCullough for 2.6.22 compatibility (HAVE_KERNEL_TSTAMP,
-+ * HAVE_DEV_NEXT and other header surgery)
-+ *
-+ * Revision 1.15.2.12 2007/08/10 01:40:49 paul
-+ * Fix for sock_unregister for 2.6.19 by Sergeil
-+ *
-+ * Revision 1.15.2.11 2007/02/20 03:53:16 paul
-+ * Added comment, made layout consistent with other checks.
-+ *
-+ * Revision 1.15.2.10 2007/02/16 19:08:12 paul
-+ * Fix for compiling on 2.6.20 (nfmark is now called mark in sk_buff)
-+ *
-+ * Revision 1.15.2.9 2006/07/29 05:00:40 paul
-+ * Added HAVE_NEW_SKB_LINEARIZE for 2.6.18+ kernels where skb_linearize
-+ * only takes 1 argument.
-+ *
-+ * Revision 1.15.2.8 2006/05/01 14:31:52 mcr
-+ * FREESWAN->OPENSWAN in #ifdef.
-+ *
-+ * Revision 1.15.2.7 2006/01/11 02:02:59 mcr
-+ * updated patches and DEFAULT_TTL code to work
-+ *
-+ * Revision 1.15.2.6 2006/01/03 19:25:02 ken
-+ * Remove duplicated #ifdef for TTL fix - bad patch
-+ *
-+ * Revision 1.15.2.5 2006/01/03 18:06:33 ken
-+ * Fix for missing sysctl default ttl
-+ *
-+ * Revision 1.15.2.4 2005/11/27 21:40:14 paul
-+ * Pull down TTL fixes from head. this fixes "Unknown symbol sysctl_ip_default_ttl"
-+ * in for klips as module.
-+ *
-+ * Revision 1.15.2.3 2005/11/22 04:11:52 ken
-+ * Backport fixes for 2.6.14 kernels from HEAD
-+ *
-+ * Revision 1.15.2.2 2005/09/01 01:57:19 paul
-+ * michael's fixes for 2.6.13 from head
-+ *
-+ * Revision 1.15.2.1 2005/08/27 23:13:48 paul
-+ * Fix for:
-+ * 7 weeks ago: [NET]: Remove unused security member in sk_buff
-+ * changeset 4280: 328ea53f5fee
-+ * parent 4279: beb0afb0e3f8
-+ * author: Thomas Graf <tgraf@suug.ch>
-+ * date: Tue Jul 5 21:12:44 2005
-+ * files: include/linux/skbuff.h include/linux/tc_ematch/tc_em_meta.h net/core/skbuff.c net/ipv4/ip_output.c net/ipv6/ip6_output.c net/sched/em_meta.c
-+ *
-+ * This should fix compilation on 2.6.13(rc) kernels
-+ *
-+ * Revision 1.15 2005/07/19 20:02:15 mcr
-+ * sk_alloc() interface change.
-+ *
-+ * Revision 1.14 2005/07/08 16:20:05 mcr
-+ * fix for 2.6.12 disapperance of sk_zapped field -> sock_flags.
-+ *
-+ * Revision 1.13 2005/05/20 03:19:18 mcr
-+ * modifications for use on 2.4.30 kernel, with backported
-+ * printk_ratelimit(). all warnings removed.
-+ *
-+ * Revision 1.12 2005/04/13 22:46:21 mcr
-+ * note that KLIPS does not work on Linux 2.0.
-+ *
-+ * Revision 1.11 2004/09/13 02:22:26 mcr
-+ * #define inet_protocol if necessary.
-+ *
-+ * Revision 1.10 2004/08/03 18:17:15 mcr
-+ * in 2.6, use "net_device" instead of #define device->net_device.
-+ * this probably breaks 2.0 compiles.
-+ *
-+ * Revision 1.9 2004/04/05 19:55:05 mcr
-+ * Moved from linux/include/freeswan/ipsec_kversion.h,v
-+ *
-+ * Revision 1.8 2003/12/13 19:10:16 mcr
-+ * refactored rcv and xmit code - same as FS 2.05.
-+ *
-+ * Revision 1.7 2003/07/31 22:48:08 mcr
-+ * derive NET25-ness from presence of NETLINK_XFRM macro.
-+ *
-+ * Revision 1.6 2003/06/24 20:22:32 mcr
-+ * added new global: ipsecdevices[] so that we can keep track of
-+ * the ipsecX devices. They will be referenced with dev_hold(),
-+ * so 2.2 may need this as well.
-+ *
-+ * Revision 1.5 2003/04/03 17:38:09 rgb
-+ * Centralised ipsec_kfree_skb and ipsec_dev_{get,put}.
-+ *
-+ * Revision 1.4 2002/04/24 07:36:46 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_kversion.h,v
-+ *
-+ * Revision 1.3 2002/04/12 03:21:17 mcr
-+ * three parameter version of ip_select_ident appears first
-+ * in 2.4.2 (RH7.1) not 2.4.4.
-+ *
-+ * Revision 1.2 2002/03/08 21:35:22 rgb
-+ * Defined LINUX_KERNEL_HAS_SNPRINTF to shut up compiler warnings after
-+ * 2.4.9. (Andreas Piesk).
-+ *
-+ * Revision 1.1 2002/01/29 02:11:42 mcr
-+ * removal of kversions.h - sources that needed it now use ipsec_param.h.
-+ * updating of IPv6 structures to match latest in6.h version.
-+ * removed dead code from freeswan.h that also duplicated kversions.h
-+ * code.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_life.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,112 @@
-+/*
-+ * Definitions relevant to IPSEC lifetimes
-+ * Copyright (C) 2001 Richard Guy Briggs <rgb@freeswan.org>
-+ * and Michael Richardson <mcr@freeswan.org>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_life.h,v 1.4 2004-04-05 19:55:05 mcr Exp $
-+ *
-+ * This file derived from ipsec_xform.h on 2001/9/18 by mcr.
-+ *
-+ */
-+
-+/*
-+ * This file describes the book keeping fields for the
-+ * IPsec Security Association Structure. ("ipsec_sa")
-+ *
-+ * This structure is never allocated directly by kernel code,
-+ * (it is always a static/auto or is part of a structure)
-+ * so it does not have a reference count.
-+ *
-+ */
-+
-+#ifndef _IPSEC_LIFE_H_
-+
-+/*
-+ * _count is total count.
-+ * _hard is hard limit (kill SA after this number)
-+ * _soft is soft limit (try to renew SA after this number)
-+ * _last is used in some special cases.
-+ *
-+ */
-+
-+struct ipsec_lifetime64
-+{
-+ __u64 ipl_count;
-+ __u64 ipl_soft;
-+ __u64 ipl_hard;
-+ __u64 ipl_last;
-+};
-+
-+struct ipsec_lifetimes
-+{
-+ /* number of bytes processed */
-+ struct ipsec_lifetime64 ipl_bytes;
-+
-+ /* number of packets processed */
-+ struct ipsec_lifetime64 ipl_packets;
-+
-+ /* time since SA was added */
-+ struct ipsec_lifetime64 ipl_addtime;
-+
-+ /* time since SA was first used */
-+ struct ipsec_lifetime64 ipl_usetime;
-+
-+ /* from rfc2367:
-+ * For CURRENT, the number of different connections,
-+ * endpoints, or flows that the association has been
-+ * allocated towards. For HARD and SOFT, the number of
-+ * these the association may be allocated towards
-+ * before it expires. The concept of a connection,
-+ * flow, or endpoint is system specific.
-+ *
-+ * mcr(2001-9-18) it is unclear what purpose these serve for FreeSWAN.
-+ * They are maintained for PF_KEY compatibility.
-+ */
-+ struct ipsec_lifetime64 ipl_allocations;
-+};
-+
-+enum ipsec_life_alive {
-+ ipsec_life_harddied = -1,
-+ ipsec_life_softdied = 0,
-+ ipsec_life_okay = 1
-+};
-+
-+enum ipsec_life_type {
-+ ipsec_life_timebased = 1,
-+ ipsec_life_countbased= 0
-+};
-+
-+#define _IPSEC_LIFE_H_
-+#endif /* _IPSEC_LIFE_H_ */
-+
-+
-+/*
-+ * $Log: ipsec_life.h,v $
-+ * Revision 1.4 2004-04-05 19:55:05 mcr
-+ * Moved from linux/include/freeswan/ipsec_life.h,v
-+ *
-+ * Revision 1.3 2002/04/24 07:36:46 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_life.h,v
-+ *
-+ * Revision 1.2 2001/11/26 09:16:14 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.1.2.1 2001/09/25 02:25:58 mcr
-+ * lifetime structure created and common functions created.
-+ *
-+ *
-+ * Local variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_md5h.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,143 @@
-+/*
-+ * RCSID $Id: ipsec_md5h.h,v 1.10 2004-09-08 17:21:35 ken Exp $
-+ */
-+
-+/*
-+ * The rest of this file is Copyright RSA DSI. See the following comments
-+ * for the full Copyright notice.
-+ */
-+
-+#ifndef _IPSEC_MD5H_H_
-+#define _IPSEC_MD5H_H_
-+
-+/* GLOBAL.H - RSAREF types and constants
-+ */
-+
-+/* PROTOTYPES should be set to one if and only if the compiler supports
-+ function argument prototyping.
-+ The following makes PROTOTYPES default to 0 if it has not already
-+ been defined with C compiler flags.
-+ */
-+#ifndef PROTOTYPES
-+#define PROTOTYPES 1
-+#endif /* !PROTOTYPES */
-+
-+/* POINTER defines a generic pointer type */
-+typedef __u8 *POINTER;
-+
-+/* UINT2 defines a two byte word */
-+typedef __u16 UINT2;
-+
-+/* UINT4 defines a four byte word */
-+typedef __u32 UINT4;
-+
-+/* PROTO_LIST is defined depending on how PROTOTYPES is defined above.
-+ If using PROTOTYPES, then PROTO_LIST returns the list, otherwise it
-+ returns an empty list.
-+ */
-+
-+#if PROTOTYPES
-+#define PROTO_LIST(list) list
-+#else /* PROTOTYPES */
-+#define PROTO_LIST(list) ()
-+#endif /* PROTOTYPES */
-+
-+
-+/* MD5.H - header file for MD5C.C
-+ */
-+
-+/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
-+rights reserved.
-+
-+License to copy and use this software is granted provided that it
-+is identified as the "RSA Data Security, Inc. MD5 Message-Digest
-+Algorithm" in all material mentioning or referencing this software
-+or this function.
-+
-+License is also granted to make and use derivative works provided
-+that such works are identified as "derived from the RSA Data
-+Security, Inc. MD5 Message-Digest Algorithm" in all material
-+mentioning or referencing the derived work.
-+
-+RSA Data Security, Inc. makes no representations concerning either
-+the merchantability of this software or the suitability of this
-+software for any particular purpose. It is provided "as is"
-+without express or implied warranty of any kind.
-+
-+These notices must be retained in any copies of any part of this
-+documentation and/or software.
-+ */
-+
-+/* MD5 context. */
-+typedef struct {
-+ UINT4 state[4]; /* state (ABCD) */
-+ UINT4 count[2]; /* number of bits, modulo 2^64 (lsb first) */
-+ unsigned char buffer[64]; /* input buffer */
-+} MD5_CTX;
-+
-+void osMD5Init PROTO_LIST ((void *));
-+void osMD5Update PROTO_LIST
-+ ((void *, unsigned char *, __u32));
-+void osMD5Final PROTO_LIST ((unsigned char [16], void *));
-+
-+#endif /* _IPSEC_MD5H_H_ */
-+
-+/*
-+ * $Log: ipsec_md5h.h,v $
-+ * Revision 1.10 2004-09-08 17:21:35 ken
-+ * Rename MD5* -> osMD5 functions to prevent clashes with other symbols exported by kernel modules (CIFS in 2.6 initiated this)
-+ *
-+ * Revision 1.9 2004/04/05 19:55:05 mcr
-+ * Moved from linux/include/freeswan/ipsec_md5h.h,v
-+ *
-+ * Revision 1.8 2002/09/10 01:45:09 mcr
-+ * changed type of MD5_CTX and SHA1_CTX to void * so that
-+ * the function prototypes would match, and could be placed
-+ * into a pointer to a function.
-+ *
-+ * Revision 1.7 2002/04/24 07:36:46 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_md5h.h,v
-+ *
-+ * Revision 1.6 1999/12/13 13:59:13 rgb
-+ * Quick fix to argument size to Update bugs.
-+ *
-+ * Revision 1.5 1999/12/07 18:16:23 rgb
-+ * Fixed comments at end of #endif lines.
-+ *
-+ * Revision 1.4 1999/04/06 04:54:26 rgb
-+ * Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+ * patch shell fixes.
-+ *
-+ * Revision 1.3 1999/01/22 06:19:58 rgb
-+ * 64-bit clean-up.
-+ *
-+ * Revision 1.2 1998/11/30 13:22:54 rgb
-+ * Rationalised all the klips kernel file headers. They are much shorter
-+ * now and won't conflict under RH5.2.
-+ *
-+ * Revision 1.1 1998/06/18 21:27:48 henry
-+ * move sources from klips/src to klips/net/ipsec, to keep stupid
-+ * kernel-build scripts happier in the presence of symlinks
-+ *
-+ * Revision 1.2 1998/04/23 20:54:03 rgb
-+ * Fixed md5 and sha1 include file nesting issues, to be cleaned up when
-+ * verified.
-+ *
-+ * Revision 1.1 1998/04/09 03:04:21 henry
-+ * sources moved up from linux/net/ipsec
-+ * these two include files modified not to include others except in kernel
-+ *
-+ * Revision 1.1.1.1 1998/04/08 05:35:03 henry
-+ * RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
-+ *
-+ * Revision 0.4 1997/01/15 01:28:15 ji
-+ * No changes.
-+ *
-+ * Revision 0.3 1996/11/20 14:48:53 ji
-+ * Release update only.
-+ *
-+ * Revision 0.2 1996/11/02 00:18:33 ji
-+ * First limited release.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_param.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,397 @@
-+/*
-+ * @(#) Openswan tunable paramaters
-+ *
-+ * Copyright (C) 2001 Richard Guy Briggs <rgb@freeswan.org>
-+ * and Michael Richardson <mcr@freeswan.org>
-+ * Copyright (C) 2004 Michael Richardson <mcr@xelerance.com>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_param.h,v 1.29.6.5 2008-02-18 16:27:19 paul Exp $
-+ *
-+ */
-+
-+/*
-+ * This file provides a set of #define's which may be tuned by various
-+ * people/configurations. It keeps all compile-time tunables in one place.
-+ *
-+ * This file should be included before all other IPsec kernel-only files.
-+ *
-+ */
-+
-+#ifndef _IPSEC_PARAM_H_
-+
-+#ifdef __KERNEL__
-+#include "ipsec_kversion.h"
-+
-+/* Set number of ipsecX virtual devices here. */
-+/* This must be < exp(field width of IPSEC_DEV_FORMAT) */
-+/* It must also be reasonable so as not to overload the memory and CPU */
-+/* constraints of the host. */
-+#define IPSEC_NUM_IF 4
-+/* The field width must be < IF_NAM_SIZ - strlen("ipsec") - 1. */
-+/* With "ipsec" being 5 characters, that means 10 is the max field width */
-+/* but machine memory and CPU constraints are not likely to tollerate */
-+/* more than 3 digits. The default is one digit. */
-+/* Update: userland scripts get upset if they can't find "ipsec0", so */
-+/* for now, no "0"-padding should be used (which would have been helpful */
-+/* to make text-searches work */
-+#define IPSEC_DEV_FORMAT "ipsec%d"
-+/* For, say, 500 virtual ipsec devices, I would recommend: */
-+/* #define IPSEC_NUM_IF 500 */
-+/* #define IPSEC_DEV_FORMAT "ipsec%03d" */
-+/* Note that the "interfaces=" line in /etc/ipsec.conf would be, um, challenging. */
-+
-+/* use dynamic ipsecX device allocation */
-+#ifndef CONFIG_KLIPS_DYNDEV
-+#define CONFIG_KLIPS_DYNDEV 1
-+#endif /* CONFIG_KLIPS_DYNDEV */
-+
-+
-+#ifdef CONFIG_KLIPS_BIGGATE
-+# define SADB_HASHMOD 8069
-+#else /* CONFIG_KLIPS_BIGGATE */
-+# define SADB_HASHMOD 257
-+#endif /* CONFIG_KLIPS_BIGGATE */
-+#endif /* __KERNEL__ */
-+
-+/*
-+ * This is for the SA reference table. This number is related to the
-+ * maximum number of SAs that KLIPS can concurrently deal with, plus enough
-+ * space for keeping expired SAs around.
-+ *
-+ * TABLE_MAX_WIDTH is the number of bits that we will use.
-+ * MAIN_TABLE_WIDTH is the number of bits used for the primary index table.
-+ *
-+ */
-+#ifndef IPSEC_SA_REF_TABLE_IDX_WIDTH
-+# define IPSEC_SA_REF_TABLE_IDX_WIDTH 16
-+#endif
-+
-+#ifndef IPSEC_SA_REF_MAINTABLE_IDX_WIDTH
-+# define IPSEC_SA_REF_MAINTABLE_IDX_WIDTH 4
-+#endif
-+
-+#ifndef IPSEC_SA_REF_FREELIST_NUM_ENTRIES
-+# define IPSEC_SA_REF_FREELIST_NUM_ENTRIES 256
-+#endif
-+
-+#ifndef IPSEC_SA_REF_CODE
-+# define IPSEC_SA_REF_CODE 1
-+#endif
-+
-+#ifdef __KERNEL__
-+/* This is defined for 2.4, but not 2.2.... */
-+#ifndef ARPHRD_VOID
-+# define ARPHRD_VOID 0xFFFF
-+#endif
-+
-+/* always turn on IPIP mode */
-+#ifndef CONFIG_KLIPS_IPIP
-+#define CONFIG_KLIPS_IPIP 1
-+#endif
-+
-+/*
-+ * Worry about PROC_FS stuff
-+ */
-+#if defined(PROC_FS_2325)
-+/* kernel 2.4 */
-+# define IPSEC_PROC_LAST_ARG ,int *eof,void *data
-+# define IPSEC_PROCFS_DEBUG_NO_STATIC
-+# define IPSEC_PROC_SUBDIRS
-+#else
-+/* kernel <2.4 */
-+# define IPSEC_PROCFS_DEBUG_NO_STATIC DEBUG_NO_STATIC
-+
-+# ifndef PROC_NO_DUMMY
-+# define IPSEC_PROC_LAST_ARG , int dummy
-+# else
-+# define IPSEC_PROC_LAST_ARG
-+# endif /* !PROC_NO_DUMMY */
-+#endif /* PROC_FS_2325 */
-+
-+#if !defined(LINUX_KERNEL_HAS_SNPRINTF)
-+/* GNU CPP specific! */
-+# define snprintf(buf, len, fmt...) sprintf(buf, ##fmt)
-+#endif /* !LINUX_KERNEL_HAS_SNPRINTF */
-+
-+#ifdef SPINLOCK
-+# ifdef SPINLOCK_23
-+# include <linux/spinlock.h> /* *lock* */
-+# else /* SPINLOCK_23 */
-+# include <asm/spinlock.h> /* *lock* */
-+# endif /* SPINLOCK_23 */
-+#endif /* SPINLOCK */
-+
-+#ifndef KLIPS_FIXES_DES_PARITY
-+# define KLIPS_FIXES_DES_PARITY 1
-+#endif /* !KLIPS_FIXES_DES_PARITY */
-+
-+/* we don't really want to print these unless there are really big problems */
-+#ifndef KLIPS_DIVULGE_CYPHER_KEY
-+# define KLIPS_DIVULGE_CYPHER_KEY 0
-+#endif /* !KLIPS_DIVULGE_CYPHER_KEY */
-+
-+#ifndef KLIPS_DIVULGE_HMAC_KEY
-+# define KLIPS_DIVULGE_HMAC_KEY 0
-+#endif /* !KLIPS_DIVULGE_HMAC_KEY */
-+
-+#ifndef IPSEC_DISALLOW_IPOPTIONS
-+# define IPSEC_DISALLOW_IPOPTIONS 1
-+#endif /* !KLIPS_DIVULGE_HMAC_KEY */
-+
-+/* extra toggles for regression testing */
-+#ifdef CONFIG_KLIPS_REGRESS
-+
-+/*
-+ * should pfkey_acquire() become 100% lossy?
-+ *
-+ */
-+extern int sysctl_ipsec_regress_pfkey_lossage;
-+#ifndef KLIPS_PFKEY_ACQUIRE_LOSSAGE
-+# ifdef CONFIG_KLIPS_PFKEY_ACQUIRE_LOSSAGE
-+# define KLIPS_PFKEY_ACQUIRE_LOSSAGE 100
-+# endif /* CONFIG_KLIPS_PFKEY_ACQUIRE_LOSSAGE */
-+#else
-+#define KLIPS_PFKEY_ACQUIRE_LOSSAGE 0
-+#endif /* KLIPS_PFKEY_ACQUIRE_LOSSAGE */
-+
-+#else /* CONFIG_KLIPS_REGRESS */
-+#define KLIPS_PFKEY_ACQUIRE_LOSSAGE 0
-+
-+#endif /* CONFIG_KLIPS_REGRESS */
-+
-+
-+/*
-+ * debugging routines.
-+ */
-+#define KLIPS_ERROR(flag, format, args...) if(printk_ratelimit() || flag) printk(KERN_ERR "KLIPS " format, ## args)
-+#ifdef CONFIG_KLIPS_DEBUG
-+#include <linux/ip.h>
-+extern void ipsec_print_ip(struct iphdr *ip);
-+
-+ #define KLIPS_PRINT(flag, format, args...) \
-+ ((flag) ? printk(KERN_INFO format , ## args) : 0)
-+ #define KLIPS_PRINTMORE(flag, format, args...) \
-+ ((flag) ? printk(format , ## args) : 0)
-+ #define KLIPS_IP_PRINT(flag, ip) \
-+ ((flag) ? ipsec_print_ip(ip) : 0)
-+ #define KLIPS_SATOT(flag, sa, format, dst, dstlen) \
-+ ((flag) ? satot(sa, format, dst, dstlen) : 0)
-+#else /* CONFIG_KLIPS_DEBUG */
-+ #define KLIPS_PRINT(flag, format, args...) do ; while(0)
-+ #define KLIPS_PRINTMORE(flag, format, args...) do ; while(0)
-+ #define KLIPS_IP_PRINT(flag, ip) do ; while(0)
-+ #define KLIPS_SATOT(flag, sa, format, dst, dstlen) (0)
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+
-+/*
-+ * Stupid kernel API differences in APIs. Not only do some
-+ * kernels not have ip_select_ident, but some have differing APIs,
-+ * and SuSE has one with one parameter, but no way of checking to
-+ * see what is really what.
-+ */
-+
-+#ifdef SUSE_LINUX_2_4_19_IS_STUPID
-+#define KLIPS_IP_SELECT_IDENT(iph, skb) ip_select_ident(iph)
-+#else
-+
-+/* simplest case, nothing */
-+#if !defined(IP_SELECT_IDENT)
-+#define KLIPS_IP_SELECT_IDENT(iph, skb) do { iph->id = htons(ip_id_count++); } while(0)
-+#endif
-+
-+/* kernels > 2.3.37-ish */
-+#if defined(IP_SELECT_IDENT) && !defined(IP_SELECT_IDENT_NEW)
-+#define KLIPS_IP_SELECT_IDENT(iph, skb) ip_select_ident(iph, skb->dst)
-+#endif
-+
-+/* kernels > 2.4.2 */
-+#if defined(IP_SELECT_IDENT) && defined(IP_SELECT_IDENT_NEW)
-+#define KLIPS_IP_SELECT_IDENT(iph, skb) ip_select_ident(iph, skb->dst, NULL)
-+#endif
-+
-+#endif /* SUSE_LINUX_2_4_19_IS_STUPID */
-+
-+/*
-+ * make klips fail test:east-espiv-01.
-+ * exploit is at testing/attacks/espiv
-+ *
-+ */
-+#define KLIPS_IMPAIRMENT_ESPIV_CBC_ATTACK 0
-+
-+
-+/* IP_FRAGMENT_LINEARIZE is set in freeswan.h if Kernel > 2.4.4 */
-+#ifndef IP_FRAGMENT_LINEARIZE
-+# define IP_FRAGMENT_LINEARIZE 0
-+#endif /* IP_FRAGMENT_LINEARIZE */
-+#endif /* __KERNEL__ */
-+
-+#ifdef NEED_INET_PROTOCOL
-+#define inet_protocol net_protocol
-+#endif
-+
-+#if defined(CONFIG_IPSEC_NAT_TRAVERSAL) && CONFIG_IPSEC_NAT_TRAVERSAL
-+#define NAT_TRAVERSAL 1
-+#else
-+/* let people either #undef, or #define = 0 it */
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+#undef CONFIG_IPSEC_NAT_TRAVERSAL
-+#endif
-+#endif
-+
-+#ifndef IPSEC_DEFAULT_TTL
-+#define IPSEC_DEFAULT_TTL 64
-+#endif
-+
-+#define _IPSEC_PARAM_H_
-+#endif /* _IPSEC_PARAM_H_ */
-+
-+/*
-+ * $Log: ipsec_param.h,v $
-+ * Revision 1.29.6.5 2008-02-18 16:27:19 paul
-+ * include linux/ip.h for struct iphdr (bug 814) - patch by sedrez
-+ *
-+ * Revision 1.29.6.4 2007/09/05 02:30:06 paul
-+ * KLIPS_SATOT macro. Patch by David McCullough
-+ *
-+ * Revision 1.29.6.3 2006/05/01 14:32:31 mcr
-+ * added KLIPS_ERROR and make sure that things work without CONFIG_KLIPS_REGRESS.
-+ *
-+ * Revision 1.29.6.2 2005/11/27 21:40:14 paul
-+ * Pull down TTL fixes from head. this fixes "Unknown symbol sysctl_ip_default_ttl"
-+ * in for klips as module.
-+ *
-+ * Revision 1.29.6.1 2005/08/12 16:24:18 ken
-+ * Pull in NAT-T compile logic from HEAD
-+ *
-+ * Revision 1.29 2005/01/26 00:50:35 mcr
-+ * adjustment of confusion of CONFIG_IPSEC_NAT vs CONFIG_KLIPS_NAT,
-+ * and make sure that NAT_TRAVERSAL is set as well to match
-+ * userspace compiles of code.
-+ *
-+ * Revision 1.28 2004/09/13 15:50:15 mcr
-+ * spell NEED_INET properly, not NET_INET.
-+ *
-+ * Revision 1.27 2004/09/13 02:21:45 mcr
-+ * always turn on IPIP mode.
-+ * #define inet_protocol if necessary.
-+ *
-+ * Revision 1.26 2004/08/17 03:25:43 mcr
-+ * freeswan->openswan.
-+ *
-+ * Revision 1.25 2004/07/10 19:08:41 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.24 2004/04/05 19:55:06 mcr
-+ * Moved from linux/include/freeswan/ipsec_param.h,v
-+ *
-+ * Revision 1.23 2003/12/13 19:10:16 mcr
-+ * refactored rcv and xmit code - same as FS 2.05.
-+ *
-+ * Revision 1.22 2003/10/31 02:27:05 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.21.4.1 2003/10/29 01:10:19 mcr
-+ * elimited "struct sa_id"
-+ *
-+ * Revision 1.21 2003/04/03 17:38:18 rgb
-+ * Centralised ipsec_kfree_skb and ipsec_dev_{get,put}.
-+ * Change indentation for readability.
-+ *
-+ * Revision 1.20 2003/03/14 08:09:26 rgb
-+ * Fixed up CONFIG_IPSEC_DYNDEV definitions.
-+ *
-+ * Revision 1.19 2003/01/30 02:31:43 rgb
-+ *
-+ * Rename SAref table macro names for clarity.
-+ *
-+ * Revision 1.18 2002/09/30 19:06:26 rgb
-+ * Reduce default table to 16 bits width.
-+ *
-+ * Revision 1.17 2002/09/20 15:40:29 rgb
-+ * Define switch to activate new SAref code.
-+ * Prefix macros with "IPSEC_".
-+ * Rework saref freelist.
-+ * Restrict some bits to kernel context for use to klips utils.
-+ *
-+ * Revision 1.16 2002/09/20 05:00:31 rgb
-+ * Define switch to divulge hmac keys for debugging.
-+ * Added IPOPTIONS switch.
-+ *
-+ * Revision 1.15 2002/09/19 02:34:24 mcr
-+ * define IPSEC_PROC_SUBDIRS if we are 2.4, and use that in ipsec_proc.c
-+ * to decide if we are to create /proc/net/ipsec/.
-+ *
-+ * Revision 1.14 2002/08/30 01:20:54 mcr
-+ * reorganized 2.0/2.2/2.4 procfs support macro so match
-+ * 2.4 values/typedefs.
-+ *
-+ * Revision 1.13 2002/07/28 22:03:28 mcr
-+ * added some documentation to SA_REF_*
-+ * turned on fix for ESPIV attack, now that we have the attack code.
-+ *
-+ * Revision 1.12 2002/07/26 08:48:31 rgb
-+ * Added SA ref table code.
-+ *
-+ * Revision 1.11 2002/07/23 02:57:45 rgb
-+ * Define ARPHRD_VOID for < 2.4 kernels.
-+ *
-+ * Revision 1.10 2002/05/27 21:37:28 rgb
-+ * Set the defaults sanely for those adventurous enough to try more than 1
-+ * digit of ipsec devices.
-+ *
-+ * Revision 1.9 2002/05/27 18:56:07 rgb
-+ * Convert to dynamic ipsec device allocation.
-+ *
-+ * Revision 1.8 2002/04/24 07:36:47 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_param.h,v
-+ *
-+ * Revision 1.7 2002/04/20 00:12:25 rgb
-+ * Added esp IV CBC attack fix, disabled.
-+ *
-+ * Revision 1.6 2002/01/29 02:11:42 mcr
-+ * removal of kversions.h - sources that needed it now use ipsec_param.h.
-+ * updating of IPv6 structures to match latest in6.h version.
-+ * removed dead code from freeswan.h that also duplicated kversions.h
-+ * code.
-+ *
-+ * Revision 1.5 2002/01/28 19:22:01 mcr
-+ * by default, turn off LINEARIZE option
-+ * (let kversions.h turn it on)
-+ *
-+ * Revision 1.4 2002/01/20 20:19:36 mcr
-+ * renamed option to IP_FRAGMENT_LINEARIZE.
-+ *
-+ * Revision 1.3 2002/01/12 02:57:25 mcr
-+ * first regression test causes acquire messages to be lost
-+ * 100% of the time. This is to help testing of pluto.
-+ *
-+ * Revision 1.2 2001/11/26 09:16:14 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.1.2.3 2001/10/23 04:40:16 mcr
-+ * added #define for DIVULGING session keys in debug output.
-+ *
-+ * Revision 1.1.2.2 2001/10/22 20:53:25 mcr
-+ * added a define to control forcing of DES parity.
-+ *
-+ * Revision 1.1.2.1 2001/09/25 02:20:19 mcr
-+ * many common kernel configuration questions centralized.
-+ * more things remain that should be moved from freeswan.h.
-+ *
-+ *
-+ * Local variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_policy.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,217 @@
-+#ifndef _IPSEC_POLICY_H
-+/*
-+ * policy interface file between pluto and applications
-+ * Copyright (C) 2003 Michael Richardson <mcr@freeswan.org>
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: ipsec_policy.h,v 1.7.6.1 2005-07-26 01:53:07 ken Exp $
-+ */
-+#define _IPSEC_POLICY_H /* seen it, no need to see it again */
-+
-+
-+/*
-+ * this file defines an interface between an application (or rather an
-+ * application library) and a key/policy daemon. It provides for inquiries
-+ * as to the current state of a connected socket, as well as for general
-+ * questions.
-+ *
-+ * In general, the interface is defined as a series of functional interfaces,
-+ * and the policy messages should be internal. However, because this is in
-+ * fact an ABI between pieces of the system that may get compiled and revised
-+ * seperately, this ABI must be public and revision controlled.
-+ *
-+ * It is expected that the daemon will always support previous versions.
-+ */
-+
-+#define IPSEC_POLICY_MSG_REVISION (unsigned)200305061
-+
-+enum ipsec_policy_command {
-+ IPSEC_CMD_QUERY_FD = 1,
-+ IPSEC_CMD_QUERY_HOSTPAIR = 2,
-+ IPSEC_CMD_QUERY_DSTONLY = 3,
-+};
-+
-+struct ipsec_policy_msg_head {
-+ u_int32_t ipm_version;
-+ u_int32_t ipm_msg_len;
-+ u_int32_t ipm_msg_type;
-+ u_int32_t ipm_msg_seq;
-+};
-+
-+enum ipsec_privacy_quality {
-+ IPSEC_PRIVACY_NONE = 0,
-+ IPSEC_PRIVACY_INTEGRAL = 4, /* not private at all. AH-like */
-+ IPSEC_PRIVACY_UNKNOWN = 8, /* something is claimed, but details unavail */
-+ IPSEC_PRIVACY_ROT13 = 12, /* trivially breakable, i.e. 1DES */
-+ IPSEC_PRIVACY_GAK = 16, /* known eavesdroppers */
-+ IPSEC_PRIVACY_PRIVATE = 32, /* secure for at least a decade */
-+ IPSEC_PRIVACY_STRONG = 64, /* ridiculously secure */
-+ IPSEC_PRIVACY_TORTOISE = 192, /* even stronger, but very slow */
-+ IPSEC_PRIVACY_OTP = 224, /* some kind of *true* one time pad */
-+};
-+
-+enum ipsec_bandwidth_quality {
-+ IPSEC_QOS_UNKNOWN = 0, /* unknown bandwidth */
-+ IPSEC_QOS_INTERACTIVE = 16, /* reasonably moderate jitter, moderate fast.
-+ Good enough for telnet/ssh. */
-+ IPSEC_QOS_VOIP = 32, /* faster crypto, predicable jitter */
-+ IPSEC_QOS_FTP = 64, /* higher throughput crypto, perhaps hardware
-+ offloaded, but latency/jitter may be bad */
-+ IPSEC_QOS_WIRESPEED = 128, /* expect to be able to fill your pipe */
-+};
-+
-+/* moved from programs/pluto/constants.h */
-+/* IPsec AH transform values
-+ * RFC2407 The Internet IP security Domain of Interpretation for ISAKMP 4.4.3
-+ * and in http://www.iana.org/assignments/isakmp-registry
-+ */
-+enum ipsec_authentication_algo {
-+ AH_MD5=2,
-+ AH_SHA=3,
-+ AH_DES=4,
-+ AH_SHA2_256=5,
-+ AH_SHA2_384=6,
-+ AH_SHA2_512=7
-+};
-+
-+/* IPsec ESP transform values
-+ * RFC2407 The Internet IP security Domain of Interpretation for ISAKMP 4.4.4
-+ * and from http://www.iana.org/assignments/isakmp-registry
-+ */
-+
-+enum ipsec_cipher_algo {
-+ ESP_reserved=0,
-+ ESP_DES_IV64=1,
-+ ESP_DES=2,
-+ ESP_3DES=3,
-+ ESP_RC5=4,
-+ ESP_IDEA=5,
-+ ESP_CAST=6,
-+ ESP_BLOWFISH=7,
-+ ESP_3IDEA=8,
-+ ESP_DES_IV32=9,
-+ ESP_RC4=10,
-+ ESP_NULL=11,
-+ ESP_AES=12, /* 128 bit AES */
-+};
-+
-+/* IPCOMP transform values
-+ * RFC2407 The Internet IP security Domain of Interpretation for ISAKMP 4.4.5
-+ */
-+
-+enum ipsec_comp_algo {
-+ IPCOMP_OUI= 1,
-+ IPCOMP_DEFLATE= 2,
-+ IPCOMP_LZS= 3,
-+ IPCOMP_V42BIS= 4
-+};
-+
-+/* Identification type values
-+ * RFC 2407 The Internet IP security Domain of Interpretation for ISAKMP 4.6.2.1
-+ */
-+
-+enum ipsec_id_type {
-+ ID_IMPOSSIBLE= (-2), /* private to Pluto */
-+ ID_MYID= (-1), /* private to Pluto */
-+ ID_NONE= 0, /* private to Pluto */
-+ ID_IPV4_ADDR= 1,
-+ ID_FQDN= 2,
-+ ID_USER_FQDN= 3,
-+ ID_IPV4_ADDR_SUBNET= 4,
-+ ID_IPV6_ADDR= 5,
-+ ID_IPV6_ADDR_SUBNET= 6,
-+ ID_IPV4_ADDR_RANGE= 7,
-+ ID_IPV6_ADDR_RANGE= 8,
-+ ID_DER_ASN1_DN= 9,
-+ ID_DER_ASN1_GN= 10,
-+ ID_KEY_ID= 11
-+};
-+
-+/* Certificate type values
-+ * RFC 2408 ISAKMP, chapter 3.9
-+ */
-+enum ipsec_cert_type {
-+ CERT_NONE= 0, /* none, or guess from file contents */
-+ CERT_PKCS7_WRAPPED_X509= 1, /* self-signed certificate from disk */
-+ CERT_PGP= 2,
-+ CERT_DNS_SIGNED_KEY= 3, /* KEY RR from DNS */
-+ CERT_X509_SIGNATURE= 4,
-+ CERT_X509_KEY_EXCHANGE= 5,
-+ CERT_KERBEROS_TOKENS= 6,
-+ CERT_CRL= 7,
-+ CERT_ARL= 8,
-+ CERT_SPKI= 9,
-+ CERT_X509_ATTRIBUTE= 10,
-+ CERT_RAW_RSA= 11, /* raw RSA from config file */
-+};
-+
-+/* a SIG record in ASCII */
-+struct ipsec_dns_sig {
-+ char fqdn[256];
-+ char dns_sig[768]; /* empty string if not signed */
-+};
-+
-+struct ipsec_raw_key {
-+ char id_name[256];
-+ char fs_keyid[8];
-+};
-+
-+struct ipsec_identity {
-+ enum ipsec_id_type ii_type;
-+ enum ipsec_cert_type ii_format;
-+ union {
-+ struct ipsec_dns_sig ipsec_dns_signed;
-+ /* some thing for PGP */
-+ /* some thing for PKIX */
-+ struct ipsec_raw_key ipsec_raw_key;
-+ } ii_credential;
-+};
-+
-+#define IPSEC_MAX_CREDENTIALS 32
-+
-+struct ipsec_policy_cmd_query {
-+ struct ipsec_policy_msg_head head;
-+
-+ /* Query section */
-+ ip_address query_local; /* us */
-+ ip_address query_remote; /* them */
-+ u_int8_t proto; /* TCP, ICMP, etc. */
-+ u_short src_port, dst_port;
-+
-+ /* Answer section */
-+ enum ipsec_privacy_quality strength;
-+ enum ipsec_bandwidth_quality bandwidth;
-+ enum ipsec_authentication_algo auth_detail;
-+ enum ipsec_cipher_algo esp_detail;
-+ enum ipsec_comp_algo comp_detail;
-+
-+ int credential_count;
-+
-+ struct ipsec_identity credentials[IPSEC_MAX_CREDENTIALS];
-+};
-+
-+#define IPSEC_POLICY_SOCKET "/var/run/pluto/pluto.info"
-+
-+/* prototypes */
-+extern err_t ipsec_policy_lookup(int fd, struct ipsec_policy_cmd_query *result);
-+extern err_t ipsec_policy_init(void);
-+extern err_t ipsec_policy_final(void);
-+extern err_t ipsec_policy_readmsg(int policysock,
-+ unsigned char *buf, size_t buflen);
-+extern err_t ipsec_policy_sendrecv(unsigned char *buf, size_t buflen);
-+extern err_t ipsec_policy_cgilookup(struct ipsec_policy_cmd_query *result);
-+
-+
-+extern const char *ipsec_policy_version_code(void);
-+extern const char *ipsec_policy_version_string(void);
-+
-+#endif /* _IPSEC_POLICY_H */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_proto.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,199 @@
-+/*
-+ * @(#) prototypes for FreeSWAN functions
-+ *
-+ * Copyright (C) 2001 Richard Guy Briggs <rgb@freeswan.org>
-+ * and Michael Richardson <mcr@freeswan.org>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_proto.h,v 1.14 2005-04-29 04:50:03 mcr Exp $
-+ *
-+ */
-+
-+#ifndef _IPSEC_PROTO_H_
-+
-+#include "ipsec_param.h"
-+
-+/*
-+ * This file is a kernel only file that declares prototypes for
-+ * all intra-module function calls and global data structures.
-+ *
-+ * Include this file last.
-+ *
-+ */
-+
-+/* forward references */
-+enum ipsec_direction;
-+enum ipsec_life_type;
-+struct ipsec_lifetime64;
-+struct ident;
-+struct sockaddr_encap;
-+struct ipsec_sa;
-+
-+/* ipsec_init.c */
-+extern struct prng ipsec_prng;
-+
-+/* ipsec_sa.c */
-+extern struct ipsec_sa *ipsec_sadb_hash[SADB_HASHMOD];
-+extern spinlock_t tdb_lock;
-+extern int ipsec_sadb_init(void);
-+extern int ipsec_sadb_cleanup(__u8);
-+
-+extern struct ipsec_sa *ipsec_sa_alloc(int*error);
-+
-+
-+extern struct ipsec_sa *ipsec_sa_getbyid(ip_said *);
-+extern int ipsec_sa_put(struct ipsec_sa *);
-+extern /* void */ int ipsec_sa_del(struct ipsec_sa *);
-+extern /* void */ int ipsec_sa_delchain(struct ipsec_sa *);
-+extern /* void */ int ipsec_sa_add(struct ipsec_sa *);
-+
-+extern int ipsec_sa_init(struct ipsec_sa *ipsp);
-+extern int ipsec_sa_wipe(struct ipsec_sa *ipsp);
-+
-+/* debug declarations */
-+
-+/* ipsec_proc.c */
-+extern int ipsec_proc_init(void);
-+extern void ipsec_proc_cleanup(void);
-+
-+/* ipsec_rcv.c */
-+extern int ipsec_rcv(struct sk_buff *skb);
-+extern int klips26_rcv_encap(struct sk_buff *skb, __u16 encap_type);
-+
-+/* ipsec_xmit.c */
-+struct ipsec_xmit_state;
-+extern enum ipsec_xmit_value ipsec_xmit_sanity_check_dev(struct ipsec_xmit_state *ixs);
-+extern enum ipsec_xmit_value ipsec_xmit_sanity_check_skb(struct ipsec_xmit_state *ixs);
-+extern void ipsec_print_ip(struct iphdr *ip);
-+
-+
-+
-+/* ipsec_radij.c */
-+extern int ipsec_makeroute(struct sockaddr_encap *ea,
-+ struct sockaddr_encap *em,
-+ ip_said said,
-+ uint32_t pid,
-+ struct sk_buff *skb,
-+ struct ident *ident_s,
-+ struct ident *ident_d);
-+
-+extern int ipsec_breakroute(struct sockaddr_encap *ea,
-+ struct sockaddr_encap *em,
-+ struct sk_buff **first,
-+ struct sk_buff **last);
-+
-+int ipsec_radijinit(void);
-+int ipsec_cleareroutes(void);
-+int ipsec_radijcleanup(void);
-+
-+/* ipsec_life.c */
-+extern enum ipsec_life_alive ipsec_lifetime_check(struct ipsec_lifetime64 *il64,
-+ const char *lifename,
-+ const char *saname,
-+ enum ipsec_life_type ilt,
-+ enum ipsec_direction idir,
-+ struct ipsec_sa *ips);
-+
-+
-+extern int ipsec_lifetime_format(char *buffer,
-+ int buflen,
-+ char *lifename,
-+ enum ipsec_life_type timebaselife,
-+ struct ipsec_lifetime64 *lifetime);
-+
-+extern void ipsec_lifetime_update_hard(struct ipsec_lifetime64 *lifetime,
-+ __u64 newvalue);
-+
-+extern void ipsec_lifetime_update_soft(struct ipsec_lifetime64 *lifetime,
-+ __u64 newvalue);
-+
-+/* ipsec_snprintf.c */
-+extern int ipsec_snprintf(char * buf, ssize_t size, const char *fmt, ...);
-+extern void ipsec_dmp_block(char *s, caddr_t bb, int len);
-+
-+
-+/* ipsec_alg.c */
-+extern int ipsec_alg_init(void);
-+
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+
-+extern int debug_xform;
-+extern int debug_eroute;
-+extern int debug_spi;
-+extern int debug_netlink;
-+
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+
-+
-+
-+#define _IPSEC_PROTO_H
-+#endif /* _IPSEC_PROTO_H_ */
-+
-+/*
-+ * $Log: ipsec_proto.h,v $
-+ * Revision 1.14 2005-04-29 04:50:03 mcr
-+ * prototypes for xmit and alg code.
-+ *
-+ * Revision 1.13 2005/04/17 03:46:07 mcr
-+ * added prototypes for ipsec_rcv() routines.
-+ *
-+ * Revision 1.12 2005/04/14 20:28:37 mcr
-+ * added additional prototypes.
-+ *
-+ * Revision 1.11 2005/04/14 01:16:28 mcr
-+ * add prototypes for snprintf.
-+ *
-+ * Revision 1.10 2005/04/13 22:47:28 mcr
-+ * make sure that forward references are available.
-+ *
-+ * Revision 1.9 2004/07/10 19:08:41 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.8 2004/04/05 19:55:06 mcr
-+ * Moved from linux/include/freeswan/ipsec_proto.h,v
-+ *
-+ * Revision 1.7 2003/10/31 02:27:05 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.6.30.1 2003/10/29 01:10:19 mcr
-+ * elimited "struct sa_id"
-+ *
-+ * Revision 1.6 2002/05/23 07:13:48 rgb
-+ * Added ipsec_sa_put() for releasing an ipsec_sa refcount.
-+ *
-+ * Revision 1.5 2002/05/14 02:36:40 rgb
-+ * Converted reference from ipsec_sa_put to ipsec_sa_add to avoid confusion
-+ * with "put" usage in the kernel.
-+ *
-+ * Revision 1.4 2002/04/24 07:36:47 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_proto.h,v
-+ *
-+ * Revision 1.3 2002/04/20 00:12:25 rgb
-+ * Added esp IV CBC attack fix, disabled.
-+ *
-+ * Revision 1.2 2001/11/26 09:16:15 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.1.2.1 2001/09/25 02:21:01 mcr
-+ * ipsec_proto.h created to keep prototypes rather than deal with
-+ * cyclic dependancies of structures and prototypes in .h files.
-+ *
-+ *
-+ *
-+ * Local variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_radij.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,179 @@
-+/*
-+ * @(#) Definitions relevant to the IPSEC <> radij tree interfacing
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998, 1999, 2000, 2001 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_radij.h,v 1.22 2004-07-10 19:08:41 mcr Exp $
-+ */
-+
-+#ifndef _IPSEC_RADIJ_H
-+
-+#include <openswan.h>
-+
-+int ipsec_walk(char *);
-+
-+int ipsec_rj_walker_procprint(struct radij_node *, void *);
-+int ipsec_rj_walker_delete(struct radij_node *, void *);
-+
-+/* This structure is used to pass information between
-+ * ipsec_eroute_get_info and ipsec_rj_walker_procprint
-+ * (through rj_walktree) and between calls of ipsec_rj_walker_procprint.
-+ */
-+struct wsbuf
-+{
-+ /* from caller of ipsec_eroute_get_info: */
-+ char *const buffer; /* start of buffer provided */
-+ const int length; /* length of buffer provided */
-+ const off_t offset; /* file position of first character of interest */
-+ /* accumulated by ipsec_rj_walker_procprint: */
-+ int len; /* number of character filled into buffer */
-+ off_t begin; /* file position contained in buffer[0] (<=offset) */
-+};
-+
-+extern struct radij_node_head *rnh;
-+extern spinlock_t eroute_lock;
-+
-+struct eroute * ipsec_findroute(struct sockaddr_encap *);
-+
-+#define O1(x) (int)(((x)>>24)&0xff)
-+#define O2(x) (int)(((x)>>16)&0xff)
-+#define O3(x) (int)(((x)>>8)&0xff)
-+#define O4(x) (int)(((x))&0xff)
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+extern int debug_radij;
-+void rj_dumptrees(void);
-+
-+#define DB_RJ_DUMPTREES 0x0001
-+#define DB_RJ_FINDROUTE 0x0002
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+#define _IPSEC_RADIJ_H
-+#endif
-+
-+/*
-+ * $Log: ipsec_radij.h,v $
-+ * Revision 1.22 2004-07-10 19:08:41 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.21 2004/04/29 11:06:42 ken
-+ * Last bits from 2.06 procfs updates
-+ *
-+ * Revision 1.20 2004/04/06 02:49:08 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.19 2004/04/05 19:55:06 mcr
-+ * Moved from linux/include/freeswan/ipsec_radij.h,v
-+ *
-+ * Revision 1.18 2002/04/24 07:36:47 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_radij.h,v
-+ *
-+ * Revision 1.17 2001/11/26 09:23:49 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.16.2.1 2001/09/25 02:21:17 mcr
-+ * ipsec_proto.h created to keep prototypes rather than deal with
-+ * cyclic dependancies of structures and prototypes in .h files.
-+ *
-+ * Revision 1.16 2001/09/15 16:24:04 rgb
-+ * Re-inject first and last HOLD packet when an eroute REPLACE is done.
-+ *
-+ * Revision 1.15 2001/09/14 16:58:37 rgb
-+ * Added support for storing the first and last packets through a HOLD.
-+ *
-+ * Revision 1.14 2001/09/08 21:13:32 rgb
-+ * Added pfkey ident extension support for ISAKMPd. (NetCelo)
-+ *
-+ * Revision 1.13 2001/06/14 19:35:09 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.12 2001/05/27 06:12:11 rgb
-+ * Added structures for pid, packet count and last access time to eroute.
-+ * Added packet count to beginning of /proc/net/ipsec_eroute.
-+ *
-+ * Revision 1.11 2000/09/08 19:12:56 rgb
-+ * Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
-+ *
-+ * Revision 1.10 1999/11/17 15:53:39 rgb
-+ * Changed all occurrences of #include "../../../lib/freeswan.h"
-+ * to #include <freeswan.h> which works due to -Ilibfreeswan in the
-+ * klips/net/ipsec/Makefile.
-+ *
-+ * Revision 1.9 1999/10/01 00:01:23 rgb
-+ * Added eroute structure locking.
-+ *
-+ * Revision 1.8 1999/04/11 00:28:59 henry
-+ * GPL boilerplate
-+ *
-+ * Revision 1.7 1999/04/06 04:54:26 rgb
-+ * Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+ * patch shell fixes.
-+ *
-+ * Revision 1.6 1999/01/22 06:23:26 rgb
-+ * Cruft clean-out.
-+ *
-+ * Revision 1.5 1998/10/25 02:42:08 rgb
-+ * Change return type on ipsec_breakroute and ipsec_makeroute and add an
-+ * argument to be able to transmit more infomation about errors.
-+ *
-+ * Revision 1.4 1998/10/19 14:44:29 rgb
-+ * Added inclusion of freeswan.h.
-+ * sa_id structure implemented and used: now includes protocol.
-+ *
-+ * Revision 1.3 1998/07/28 00:03:31 rgb
-+ * Comment out temporary inet_nto4u() kluge.
-+ *
-+ * Revision 1.2 1998/07/14 18:22:00 rgb
-+ * Add function to clear the eroute table.
-+ *
-+ * Revision 1.1 1998/06/18 21:27:49 henry
-+ * move sources from klips/src to klips/net/ipsec, to keep stupid
-+ * kernel-build scripts happier in the presence of symlinks
-+ *
-+ * Revision 1.5 1998/05/25 20:30:38 rgb
-+ * Remove temporary ipsec_walk, rj_deltree and rj_delnodes functions.
-+ *
-+ * Rename ipsec_rj_walker (ipsec_walk) to ipsec_rj_walker_procprint and
-+ * add ipsec_rj_walker_delete.
-+ *
-+ * Revision 1.4 1998/05/21 13:02:56 rgb
-+ * Imported definitions from ipsec_radij.c and radij.c to support /proc 3k
-+ * limit fix.
-+ *
-+ * Revision 1.3 1998/04/21 21:29:09 rgb
-+ * Rearrange debug switches to change on the fly debug output from user
-+ * space. Only kernel changes checked in at this time. radij.c was also
-+ * changed to temporarily remove buggy debugging code in rj_delete causing
-+ * an OOPS and hence, netlink device open errors.
-+ *
-+ * Revision 1.2 1998/04/14 17:30:39 rgb
-+ * Fix up compiling errors for radij tree memory reclamation.
-+ *
-+ * Revision 1.1 1998/04/09 03:06:10 henry
-+ * sources moved up from linux/net/ipsec
-+ *
-+ * Revision 1.1.1.1 1998/04/08 05:35:04 henry
-+ * RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
-+ *
-+ * Revision 0.4 1997/01/15 01:28:15 ji
-+ * No changes.
-+ *
-+ * Revision 0.3 1996/11/20 14:39:04 ji
-+ * Minor cleanups.
-+ * Rationalized debugging code.
-+ *
-+ * Revision 0.2 1996/11/02 00:18:33 ji
-+ * First limited release.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_rcv.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,199 @@
-+/*
-+ *
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998, 1999, 2000, 2001 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_rcv.h,v 1.28.2.2 2006-10-06 21:39:26 paul Exp $
-+ */
-+
-+#ifndef IPSEC_RCV_H
-+#define IPSEC_RCV_H
-+
-+#include "openswan/ipsec_auth.h"
-+
-+#define DB_RX_PKTRX 0x0001
-+#define DB_RX_PKTRX2 0x0002
-+#define DB_RX_DMP 0x0004
-+#define DB_RX_IPSA 0x0010
-+#define DB_RX_XF 0x0020
-+#define DB_RX_IPAD 0x0040
-+#define DB_RX_INAU 0x0080
-+#define DB_RX_OINFO 0x0100
-+#define DB_RX_OINFO2 0x0200
-+#define DB_RX_OH 0x0400
-+#define DB_RX_REPLAY 0x0800
-+
-+#ifdef __KERNEL__
-+/* struct options; */
-+
-+#define __NO_VERSION__
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h> /* for CONFIG_IP_FORWARD */
-+#endif
-+#ifdef CONFIG_MODULES
-+#include <linux/module.h>
-+#endif
-+#include <linux/version.h>
-+#include <openswan.h>
-+
-+#define IPSEC_BIRTH_TEMPLATE_MAXLEN 256
-+
-+struct ipsec_birth_reply {
-+ int packet_template_len;
-+ unsigned char packet_template[IPSEC_BIRTH_TEMPLATE_MAXLEN];
-+};
-+
-+extern struct ipsec_birth_reply ipsec_ipv4_birth_packet;
-+extern struct ipsec_birth_reply ipsec_ipv6_birth_packet;
-+
-+enum ipsec_rcv_value {
-+ IPSEC_RCV_LASTPROTO=1,
-+ IPSEC_RCV_OK=0,
-+ IPSEC_RCV_BADPROTO=-1,
-+ IPSEC_RCV_BADLEN=-2,
-+ IPSEC_RCV_ESP_BADALG=-3,
-+ IPSEC_RCV_3DES_BADBLOCKING=-4,
-+ IPSEC_RCV_ESP_DECAPFAIL=-5,
-+ IPSEC_RCV_DECAPFAIL=-6,
-+ IPSEC_RCV_SAIDNOTFOUND=-7,
-+ IPSEC_RCV_IPCOMPALONE=-8,
-+ IPSEC_RCV_IPCOMPFAILED=-10,
-+ IPSEC_RCV_SAIDNOTLIVE=-11,
-+ IPSEC_RCV_FAILEDINBOUND=-12,
-+ IPSEC_RCV_LIFETIMEFAILED=-13,
-+ IPSEC_RCV_BADAUTH=-14,
-+ IPSEC_RCV_REPLAYFAILED=-15,
-+ IPSEC_RCV_AUTHFAILED=-16,
-+ IPSEC_RCV_REPLAYROLLED=-17,
-+ IPSEC_RCV_BAD_DECRYPT=-18
-+};
-+
-+struct ipsec_rcv_state {
-+ struct sk_buff *skb;
-+ struct net_device_stats *stats;
-+ struct iphdr *ipp; /* the IP header */
-+ struct ipsec_sa *ipsp; /* current SA being processed */
-+ int len; /* length of packet */
-+ int ilen; /* length of inner payload (-authlen) */
-+ int authlen; /* how big is the auth data at end */
-+ int hard_header_len; /* layer 2 size */
-+ int iphlen; /* how big is IP header */
-+ struct auth_alg *authfuncs;
-+ ip_said said;
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+ __u8 next_header;
-+ __u8 hash[AH_AMAX];
-+ char ipsaddr_txt[ADDRTOA_BUF];
-+ char ipdaddr_txt[ADDRTOA_BUF];
-+ __u8 *octx;
-+ __u8 *ictx;
-+ int ictx_len;
-+ int octx_len;
-+ union {
-+ struct {
-+ struct esphdr *espp;
-+ } espstuff;
-+ struct {
-+ struct ahhdr *ahp;
-+ } ahstuff;
-+ struct {
-+ struct ipcomphdr *compp;
-+ } ipcompstuff;
-+ } protostuff;
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ __u8 natt_type;
-+ __u16 natt_sport;
-+ __u16 natt_dport;
-+ int natt_len;
-+#endif
-+};
-+
-+extern int
-+#ifdef PROTO_HANDLER_SINGLE_PARM
-+ipsec_rcv(struct sk_buff *skb);
-+#else /* PROTO_HANDLER_SINGLE_PARM */
-+ipsec_rcv(struct sk_buff *skb,
-+ unsigned short xlen);
-+#endif /* PROTO_HANDLER_SINGLE_PARM */
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+extern int debug_rcv;
-+#define ipsec_rcv_dmp(_x,_y, _z) if (debug_rcv && sysctl_ipsec_debug_verbose) ipsec_dmp_block(_x,_y,_z)
-+#else
-+#define ipsec_rcv_dmp(_x,_y, _z) do {} while(0)
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+extern int sysctl_ipsec_inbound_policy_check;
-+#endif /* __KERNEL__ */
-+
-+extern int klips26_rcv_encap(struct sk_buff *skb, __u16 encap_type);
-+
-+
-+#endif /* IPSEC_RCV_H */
-+
-+/*
-+ * $Log: ipsec_rcv.h,v $
-+ * Revision 1.28.2.2 2006-10-06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.28.2.1 2006/07/10 15:52:20 paul
-+ * Fix for bug #642 by Bart Trojanowski
-+ *
-+ * Revision 1.28 2005/05/11 00:59:45 mcr
-+ * do not call debug routines if !defined KLIPS_DEBUG.
-+ *
-+ * Revision 1.27 2005/04/29 04:59:46 mcr
-+ * use ipsec_dmp_block.
-+ *
-+ * Revision 1.26 2005/04/13 22:48:35 mcr
-+ * added comments, and removed some log.
-+ * removed Linux 2.0 support.
-+ *
-+ * Revision 1.25 2005/04/08 18:25:37 mcr
-+ * prototype klips26 encap receive function
-+ *
-+ * Revision 1.24 2004/08/20 21:45:37 mcr
-+ * CONFIG_KLIPS_NAT_TRAVERSAL is not used in an attempt to
-+ * be 26sec compatible. But, some defines where changed.
-+ *
-+ * Revision 1.23 2004/08/03 18:17:40 mcr
-+ * in 2.6, use "net_device" instead of #define device->net_device.
-+ * this probably breaks 2.0 compiles.
-+ *
-+ * Revision 1.22 2004/07/10 19:08:41 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.21 2004/04/06 02:49:08 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.20 2004/04/05 19:55:06 mcr
-+ * Moved from linux/include/freeswan/ipsec_rcv.h,v
-+ *
-+ * Revision 1.19 2003/12/15 18:13:09 mcr
-+ * when compiling with NAT traversal, don't assume that the
-+ * kernel has been patched, unless CONFIG_IPSEC_NAT_NON_ESP
-+ * is set.
-+ *
-+ * history elided 2005-04-12.
-+ *
-+ * Local Variables:
-+ * c-basic-offset:8
-+ * c-style:linux
-+ * End:
-+ *
-+ */
-+
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_sa.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,361 @@
-+/*
-+ * @(#) Definitions of IPsec Security Association (ipsec_sa)
-+ *
-+ * Copyright (C) 2001, 2002, 2003
-+ * Richard Guy Briggs <rgb@freeswan.org>
-+ * and Michael Richardson <mcr@freeswan.org>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_sa.h,v 1.23.2.1 2007-09-05 02:31:15 paul Exp $
-+ *
-+ * This file derived from ipsec_xform.h on 2001/9/18 by mcr.
-+ *
-+ */
-+
-+/*
-+ * This file describes the IPsec Security Association Structure.
-+ *
-+ * This structure keeps track of a single transform that may be done
-+ * to a set of packets. It can describe applying the transform or
-+ * apply the reverse. (e.g. compression vs expansion). However, it
-+ * only describes one at a time. To describe both, two structures would
-+ * be used, but since the sides of the transform are performed
-+ * on different machines typically it is usual to have only one side
-+ * of each association.
-+ *
-+ */
-+
-+#ifndef _IPSEC_SA_H_
-+
-+#ifdef __KERNEL__
-+#include "openswan/ipsec_stats.h"
-+#include "openswan/ipsec_life.h"
-+#include "openswan/ipsec_eroute.h"
-+#endif /* __KERNEL__ */
-+#include "openswan/ipsec_param.h"
-+
-+#include "pfkeyv2.h"
-+
-+
-+/* SAs are held in a table.
-+ * Entries in this table are referenced by IPsecSAref_t values.
-+ * IPsecSAref_t values are conceptually subscripts. Because
-+ * we want to allocate the table piece-meal, the subscripting
-+ * is implemented with two levels, a bit like paged virtual memory.
-+ * This representation mechanism is known as an Iliffe Vector.
-+ *
-+ * The Main table (AKA the refTable) consists of 2^IPSEC_SA_REF_MAINTABLE_IDX_WIDTH
-+ * pointers to subtables.
-+ * Each subtable has 2^IPSEC_SA_REF_SUBTABLE_IDX_WIDTH entries, each of which
-+ * is a pointer to an SA.
-+ *
-+ * An IPsecSAref_t contains either an exceptional value (signified by the
-+ * high-order bit being on) or a reference to a table entry. A table entry
-+ * reference has the subtable subscript in the low-order
-+ * IPSEC_SA_REF_SUBTABLE_IDX_WIDTH bits and the Main table subscript
-+ * in the next lowest IPSEC_SA_REF_MAINTABLE_IDX_WIDTH bits.
-+ *
-+ * The Maintable entry for an IPsecSAref_t x, a pointer to its subtable, is
-+ * IPsecSAref2table(x). It is of type struct IPsecSArefSubTable *.
-+ *
-+ * The pointer to the SA for x is IPsecSAref2SA(x). It is of type
-+ * struct ipsec_sa*. The macro definition clearly shows the two-level
-+ * access needed to find the SA pointer.
-+ *
-+ * The Maintable is allocated when IPsec is initialized.
-+ * Each subtable is allocated when needed, but the first is allocated
-+ * when IPsec is initialized.
-+ *
-+ * IPsecSAref_t is designed to be smaller than an NFmark so that
-+ * they can be stored in NFmarks and still leave a few bits for other
-+ * purposes. The spare bits are in the low order of the NFmark
-+ * but in the high order of the IPsecSAref_t, so conversion is required.
-+ * We pick the upper bits of NFmark on the theory that they are less likely to
-+ * interfere with more pedestrian uses of nfmark.
-+ */
-+
-+
-+typedef unsigned short int IPsecRefTableUnusedCount;
-+
-+#define IPSEC_SA_REF_TABLE_NUM_ENTRIES (1 << IPSEC_SA_REF_TABLE_IDX_WIDTH)
-+
-+#ifdef __KERNEL__
-+#if ((IPSEC_SA_REF_TABLE_IDX_WIDTH - (1 + IPSEC_SA_REF_MAINTABLE_IDX_WIDTH)) < 0)
-+#error "IPSEC_SA_REF_TABLE_IDX_WIDTH("IPSEC_SA_REF_TABLE_IDX_WIDTH") MUST be < 1 + IPSEC_SA_REF_MAINTABLE_IDX_WIDTH("IPSEC_SA_REF_MAINTABLE_IDX_WIDTH")"
-+#endif
-+
-+#define IPSEC_SA_REF_SUBTABLE_IDX_WIDTH (IPSEC_SA_REF_TABLE_IDX_WIDTH - IPSEC_SA_REF_MAINTABLE_IDX_WIDTH)
-+
-+#define IPSEC_SA_REF_MAINTABLE_NUM_ENTRIES (1 << IPSEC_SA_REF_MAINTABLE_IDX_WIDTH)
-+#define IPSEC_SA_REF_SUBTABLE_NUM_ENTRIES (1 << IPSEC_SA_REF_SUBTABLE_IDX_WIDTH)
-+
-+#ifdef CONFIG_NETFILTER
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,20)
-+#define nfmark mark
-+#endif
-+#define IPSEC_SA_REF_HOST_FIELD(x) ((struct sk_buff*)(x))->nfmark
-+#define IPSEC_SA_REF_HOST_FIELD_TYPE typeof(IPSEC_SA_REF_HOST_FIELD(NULL))
-+#else /* CONFIG_NETFILTER */
-+/* just make it work for now, it doesn't matter, since there is no nfmark */
-+#define IPSEC_SA_REF_HOST_FIELD_TYPE unsigned long
-+#endif /* CONFIG_NETFILTER */
-+#define IPSEC_SA_REF_HOST_FIELD_WIDTH (8 * sizeof(IPSEC_SA_REF_HOST_FIELD_TYPE))
-+#define IPSEC_SA_REF_FIELD_WIDTH (8 * sizeof(IPsecSAref_t))
-+
-+#define IPSEC_SA_REF_MASK (IPSEC_SAREF_NULL >> (IPSEC_SA_REF_FIELD_WIDTH - IPSEC_SA_REF_TABLE_IDX_WIDTH))
-+#define IPSEC_SA_REF_TABLE_MASK ((IPSEC_SAREF_NULL >> (IPSEC_SA_REF_FIELD_WIDTH - IPSEC_SA_REF_MAINTABLE_IDX_WIDTH)) << IPSEC_SA_REF_SUBTABLE_IDX_WIDTH)
-+#define IPSEC_SA_REF_ENTRY_MASK (IPSEC_SAREF_NULL >> (IPSEC_SA_REF_FIELD_WIDTH - IPSEC_SA_REF_SUBTABLE_IDX_WIDTH))
-+
-+#define IPsecSAref2table(x) (((x) & IPSEC_SA_REF_TABLE_MASK) >> IPSEC_SA_REF_SUBTABLE_IDX_WIDTH)
-+#define IPsecSAref2entry(x) ((x) & IPSEC_SA_REF_ENTRY_MASK)
-+#define IPsecSArefBuild(x,y) (((x) << IPSEC_SA_REF_SUBTABLE_IDX_WIDTH) + (y))
-+
-+#define IPsecSAref2SA(x) (ipsec_sadb.refTable[IPsecSAref2table(x)]->entry[IPsecSAref2entry(x)])
-+#define IPsecSA2SAref(x) ((x)->ips_ref)
-+
-+#define EMT_INBOUND 0x01 /* SA direction, 1=inbound */
-+
-+/* 'struct ipsec_sa' should be 64bit aligned when allocated. */
-+struct ipsec_sa
-+{
-+ IPsecSAref_t ips_ref; /* reference table entry number */
-+ atomic_t ips_refcount; /* reference count for this struct */
-+ struct ipsec_sa *ips_hnext; /* next in hash chain */
-+ struct ipsec_sa *ips_inext; /* pointer to next xform */
-+ struct ipsec_sa *ips_onext; /* pointer to prev xform */
-+
-+ struct ifnet *ips_rcvif; /* related rcv encap interface */
-+
-+ ip_said ips_said; /* SA ID */
-+
-+ __u32 ips_seq; /* seq num of msg that initiated this SA */
-+ __u32 ips_pid; /* PID of process that initiated this SA */
-+ __u8 ips_authalg; /* auth algorithm for this SA */
-+ __u8 ips_encalg; /* enc algorithm for this SA */
-+
-+ struct ipsec_stats ips_errs;
-+
-+ __u8 ips_replaywin; /* replay window size */
-+ enum sadb_sastate ips_state; /* state of SA */
-+ __u32 ips_replaywin_lastseq; /* last pkt sequence num */
-+ __u64 ips_replaywin_bitmap; /* bitmap of received pkts */
-+ __u32 ips_replaywin_maxdiff; /* max pkt sequence difference */
-+
-+ __u32 ips_flags; /* generic xform flags */
-+
-+
-+ struct ipsec_lifetimes ips_life; /* lifetime records */
-+
-+ /* selector information */
-+ __u8 ips_transport_protocol; /* protocol for this SA, if ports are involved */
-+ struct sockaddr*ips_addr_s; /* src sockaddr */
-+ struct sockaddr*ips_addr_d; /* dst sockaddr */
-+ struct sockaddr*ips_addr_p; /* proxy sockaddr */
-+ __u16 ips_addr_s_size;
-+ __u16 ips_addr_d_size;
-+ __u16 ips_addr_p_size;
-+ ip_address ips_flow_s;
-+ ip_address ips_flow_d;
-+ ip_address ips_mask_s;
-+ ip_address ips_mask_d;
-+
-+ __u16 ips_key_bits_a; /* size of authkey in bits */
-+ __u16 ips_auth_bits; /* size of authenticator in bits */
-+ __u16 ips_key_bits_e; /* size of enckey in bits */
-+ __u16 ips_iv_bits; /* size of IV in bits */
-+ __u8 ips_iv_size;
-+ __u16 ips_key_a_size;
-+ __u16 ips_key_e_size;
-+
-+ caddr_t ips_key_a; /* authentication key */
-+ caddr_t ips_key_e; /* encryption key */
-+ caddr_t ips_iv; /* Initialisation Vector */
-+
-+ struct ident ips_ident_s; /* identity src */
-+ struct ident ips_ident_d; /* identity dst */
-+
-+ /* these are included even if CONFIG_KLIPS_IPCOMP is off */
-+ __u16 ips_comp_adapt_tries; /* ipcomp self-adaption tries */
-+ __u16 ips_comp_adapt_skip; /* ipcomp self-adaption to-skip */
-+ __u64 ips_comp_ratio_cbytes; /* compressed bytes */
-+ __u64 ips_comp_ratio_dbytes; /* decompressed (or uncompressed) bytes */
-+
-+ /* these are included even if CONFIG_IPSEC_NAT_TRAVERSAL is off */
-+ __u8 ips_natt_type;
-+ __u8 ips_natt_reserved[3];
-+ __u16 ips_natt_sport;
-+ __u16 ips_natt_dport;
-+
-+ struct sockaddr *ips_natt_oa;
-+ __u16 ips_natt_oa_size;
-+ __u16 ips_natt_reserved2;
-+
-+#if 0
-+ __u32 ips_sens_dpd;
-+ __u8 ips_sens_sens_level;
-+ __u8 ips_sens_sens_len;
-+ __u64* ips_sens_sens_bitmap;
-+ __u8 ips_sens_integ_level;
-+ __u8 ips_sens_integ_len;
-+ __u64* ips_sens_integ_bitmap;
-+#endif
-+ struct ipsec_alg_enc *ips_alg_enc;
-+ struct ipsec_alg_auth *ips_alg_auth;
-+ IPsecSAref_t ips_ref_rel;
-+};
-+
-+struct IPsecSArefSubTable
-+{
-+ struct ipsec_sa* entry[IPSEC_SA_REF_SUBTABLE_NUM_ENTRIES];
-+};
-+
-+struct ipsec_sadb {
-+ struct IPsecSArefSubTable* refTable[IPSEC_SA_REF_MAINTABLE_NUM_ENTRIES];
-+ IPsecSAref_t refFreeList[IPSEC_SA_REF_FREELIST_NUM_ENTRIES];
-+ int refFreeListHead;
-+ int refFreeListTail;
-+ IPsecSAref_t refFreeListCont;
-+ IPsecSAref_t said_hash[SADB_HASHMOD];
-+ spinlock_t sadb_lock;
-+};
-+
-+extern struct ipsec_sadb ipsec_sadb;
-+
-+extern int ipsec_SAref_recycle(void);
-+extern int ipsec_SArefSubTable_alloc(unsigned table);
-+extern int ipsec_saref_freelist_init(void);
-+extern int ipsec_sadb_init(void);
-+extern struct ipsec_sa *ipsec_sa_alloc(int*error); /* pass in error var by pointer */
-+extern IPsecSAref_t ipsec_SAref_alloc(int*erorr); /* pass in error var by pointer */
-+extern int ipsec_sa_free(struct ipsec_sa* ips);
-+extern int ipsec_sa_put(struct ipsec_sa *ips);
-+extern int ipsec_sa_add(struct ipsec_sa *ips);
-+extern int ipsec_sa_del(struct ipsec_sa *ips);
-+extern int ipsec_sa_delchain(struct ipsec_sa *ips);
-+extern int ipsec_sadb_cleanup(__u8 proto);
-+extern int ipsec_sadb_free(void);
-+extern int ipsec_sa_wipe(struct ipsec_sa *ips);
-+#endif /* __KERNEL__ */
-+
-+enum ipsec_direction {
-+ ipsec_incoming = 1,
-+ ipsec_outgoing = 2
-+};
-+
-+#define _IPSEC_SA_H_
-+#endif /* _IPSEC_SA_H_ */
-+
-+/*
-+ * $Log: ipsec_sa.h,v $
-+ * Revision 1.23.2.1 2007-09-05 02:31:15 paul
-+ * Fix an nfmark -> mark occurance. Patch by David McCullough
-+ *
-+ * Revision 1.23 2005/05/11 01:18:59 mcr
-+ * do not change structure based upon options, to avoid
-+ * too many #ifdef.
-+ *
-+ * Revision 1.22 2005/04/14 01:17:09 mcr
-+ * change sadb_state to an enum.
-+ *
-+ * Revision 1.21 2004/08/20 21:45:37 mcr
-+ * CONFIG_KLIPS_NAT_TRAVERSAL is not used in an attempt to
-+ * be 26sec compatible. But, some defines where changed.
-+ *
-+ * Revision 1.20 2004/07/10 19:08:41 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.19 2004/04/05 19:55:06 mcr
-+ * Moved from linux/include/freeswan/ipsec_sa.h,v
-+ *
-+ * Revision 1.18 2004/04/05 19:41:05 mcr
-+ * merged alg-branch code.
-+ *
-+ * Revision 1.17.2.1 2003/12/22 15:25:52 jjo
-+ * . Merged algo-0.8.1-rc11-test1 into alg-branch
-+ *
-+ * Revision 1.17 2003/12/10 01:20:06 mcr
-+ * NAT-traversal patches to KLIPS.
-+ *
-+ * Revision 1.16 2003/10/31 02:27:05 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.15.4.1 2003/10/29 01:10:19 mcr
-+ * elimited "struct sa_id"
-+ *
-+ * Revision 1.15 2003/05/11 00:53:09 mcr
-+ * IPsecSAref_t and macros were moved to freeswan.h.
-+ *
-+ * Revision 1.14 2003/02/12 19:31:55 rgb
-+ * Fixed bug in "file seen" machinery.
-+ * Updated copyright year.
-+ *
-+ * Revision 1.13 2003/01/30 02:31:52 rgb
-+ *
-+ * Re-wrote comments describing SAref system for accuracy.
-+ * Rename SAref table macro names for clarity.
-+ * Convert IPsecSAref_t from signed to unsigned to fix apparent SAref exhaustion bug.
-+ * Transmit error code through to caller from callee for better diagnosis of problems.
-+ * Enclose all macro arguments in parens to avoid any possible obscrure bugs.
-+ *
-+ * Revision 1.12 2002/10/07 18:31:19 rgb
-+ * Change comment to reflect the flexible nature of the main and sub-table widths.
-+ * Added a counter for the number of unused entries in each subtable.
-+ * Further break up host field type macro to host field.
-+ * Move field width sanity checks to ipsec_sa.c
-+ * Define a mask for an entire saref.
-+ *
-+ * Revision 1.11 2002/09/20 15:40:33 rgb
-+ * Re-write most of the SAref macros and types to eliminate any pointer references to Entrys.
-+ * Fixed SAref/nfmark macros.
-+ * Rework saref freeslist.
-+ * Place all ipsec sadb globals into one struct.
-+ * Restrict some bits to kernel context for use to klips utils.
-+ *
-+ * Revision 1.10 2002/09/20 05:00:34 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.9 2002/09/17 17:19:29 mcr
-+ * make it compile even if there is no netfilter - we lost
-+ * functionality, but it works, especially on 2.2.
-+ *
-+ * Revision 1.8 2002/07/28 22:59:53 mcr
-+ * clarified/expanded one comment.
-+ *
-+ * Revision 1.7 2002/07/26 08:48:31 rgb
-+ * Added SA ref table code.
-+ *
-+ * Revision 1.6 2002/05/31 17:27:48 rgb
-+ * Comment fix.
-+ *
-+ * Revision 1.5 2002/05/27 18:55:03 rgb
-+ * Remove final vistiges of tdb references via IPSEC_KLIPS1_COMPAT.
-+ *
-+ * Revision 1.4 2002/05/23 07:13:36 rgb
-+ * Convert "usecount" to "refcount" to remove ambiguity.
-+ *
-+ * Revision 1.3 2002/04/24 07:36:47 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_sa.h,v
-+ *
-+ * Revision 1.2 2001/11/26 09:16:15 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.1.2.1 2001/09/25 02:24:58 mcr
-+ * struct tdb -> struct ipsec_sa.
-+ * sa(tdb) manipulation functions renamed and moved to ipsec_sa.c
-+ * ipsec_xform.c removed. header file still contains useful things.
-+ *
-+ *
-+ * Local variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_sha1.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,79 @@
-+/*
-+ * RCSID $Id: ipsec_sha1.h,v 1.8 2004-04-05 19:55:07 mcr Exp $
-+ */
-+
-+/*
-+ * Here is the original comment from the distribution:
-+
-+SHA-1 in C
-+By Steve Reid <steve@edmweb.com>
-+100% Public Domain
-+
-+ * Adapted for use by the IPSEC code by John Ioannidis
-+ */
-+
-+
-+#ifndef _IPSEC_SHA1_H_
-+#define _IPSEC_SHA1_H_
-+
-+typedef struct
-+{
-+ __u32 state[5];
-+ __u32 count[2];
-+ __u8 buffer[64];
-+} SHA1_CTX;
-+
-+void SHA1Transform(__u32 state[5], __u8 buffer[64]);
-+void SHA1Init(void *context);
-+void SHA1Update(void *context, unsigned char *data, __u32 len);
-+void SHA1Final(unsigned char digest[20], void *context);
-+
-+
-+#endif /* _IPSEC_SHA1_H_ */
-+
-+/*
-+ * $Log: ipsec_sha1.h,v $
-+ * Revision 1.8 2004-04-05 19:55:07 mcr
-+ * Moved from linux/include/freeswan/ipsec_sha1.h,v
-+ *
-+ * Revision 1.7 2002/09/10 01:45:09 mcr
-+ * changed type of MD5_CTX and SHA1_CTX to void * so that
-+ * the function prototypes would match, and could be placed
-+ * into a pointer to a function.
-+ *
-+ * Revision 1.6 2002/04/24 07:36:47 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_sha1.h,v
-+ *
-+ * Revision 1.5 1999/12/13 13:59:13 rgb
-+ * Quick fix to argument size to Update bugs.
-+ *
-+ * Revision 1.4 1999/12/07 18:16:23 rgb
-+ * Fixed comments at end of #endif lines.
-+ *
-+ * Revision 1.3 1999/04/06 04:54:27 rgb
-+ * Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+ * patch shell fixes.
-+ *
-+ * Revision 1.2 1998/11/30 13:22:54 rgb
-+ * Rationalised all the klips kernel file headers. They are much shorter
-+ * now and won't conflict under RH5.2.
-+ *
-+ * Revision 1.1 1998/06/18 21:27:50 henry
-+ * move sources from klips/src to klips/net/ipsec, to keep stupid
-+ * kernel-build scripts happier in the presence of symlinks
-+ *
-+ * Revision 1.2 1998/04/23 20:54:05 rgb
-+ * Fixed md5 and sha1 include file nesting issues, to be cleaned up when
-+ * verified.
-+ *
-+ * Revision 1.1 1998/04/09 03:04:21 henry
-+ * sources moved up from linux/net/ipsec
-+ * these two include files modified not to include others except in kernel
-+ *
-+ * Revision 1.1.1.1 1998/04/08 05:35:04 henry
-+ * RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
-+ *
-+ * Revision 0.4 1997/01/15 01:28:15 ji
-+ * New transform
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_stats.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,76 @@
-+/*
-+ * @(#) definition of ipsec_stats structure
-+ *
-+ * Copyright (C) 2001 Richard Guy Briggs <rgb@freeswan.org>
-+ * and Michael Richardson <mcr@freeswan.org>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_stats.h,v 1.7 2005-04-14 01:17:45 mcr Exp $
-+ *
-+ */
-+
-+/*
-+ * This file describes the errors/statistics that FreeSWAN collects.
-+ */
-+
-+#ifndef _IPSEC_STATS_H_
-+
-+struct ipsec_stats {
-+ __u32 ips_alg_errs; /* number of algorithm errors */
-+ __u32 ips_auth_errs; /* # of authentication errors */
-+ __u32 ips_encsize_errs; /* # of encryption size errors*/
-+ __u32 ips_encpad_errs; /* # of encryption pad errors*/
-+ __u32 ips_replaywin_errs; /* # of pkt sequence errors */
-+};
-+
-+#define _IPSEC_STATS_H_
-+#endif /* _IPSEC_STATS_H_ */
-+
-+/*
-+ * $Log: ipsec_stats.h,v $
-+ * Revision 1.7 2005-04-14 01:17:45 mcr
-+ * add prototypes for snprintf.
-+ *
-+ * Revision 1.6 2004/04/05 19:55:07 mcr
-+ * Moved from linux/include/freeswan/ipsec_stats.h,v
-+ *
-+ * Revision 1.5 2004/04/05 19:41:05 mcr
-+ * merged alg-branch code.
-+ *
-+ * Revision 1.4 2004/03/28 20:27:19 paul
-+ * Included tested and confirmed fixes mcr made and dhr verified for
-+ * snprint statements. Changed one other snprintf to use ipsec_snprintf
-+ * so it wouldnt break compatibility with 2.0/2.2 kernels. Verified with
-+ * dhr. (thanks dhr!)
-+ *
-+ * Revision 1.4 2004/03/24 01:58:31 mcr
-+ * sprintf->snprintf for formatting into proc buffer.
-+ *
-+ * Revision 1.3.34.1 2004/04/05 04:30:46 mcr
-+ * patches for alg-branch to compile/work with 2.x openswan
-+ *
-+ * Revision 1.3 2002/04/24 07:36:47 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_stats.h,v
-+ *
-+ * Revision 1.2 2001/11/26 09:16:16 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.1.2.1 2001/09/25 02:27:00 mcr
-+ * statistics moved to seperate structure.
-+ *
-+ *
-+ *
-+ * Local variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_tunnel.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,280 @@
-+/*
-+ * IPSEC tunneling code
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_tunnel.h,v 1.33 2005-06-04 16:06:05 mcr Exp $
-+ */
-+
-+
-+#ifdef NET_21
-+# define DEV_QUEUE_XMIT(skb, device, pri) {\
-+ skb->dev = device; \
-+ neigh_compat_output(skb); \
-+ /* skb->dst->output(skb); */ \
-+ }
-+# define ICMP_SEND(skb_in, type, code, info, dev) \
-+ icmp_send(skb_in, type, code, htonl(info))
-+# define IP_SEND(skb, dev) \
-+ ip_send(skb);
-+#else /* NET_21 */
-+# define DEV_QUEUE_XMIT(skb, device, pri) {\
-+ dev_queue_xmit(skb, device, pri); \
-+ }
-+# define ICMP_SEND(skb_in, type, code, info, dev) \
-+ icmp_send(skb_in, type, code, info, dev)
-+# define IP_SEND(skb, dev) \
-+ if(ntohs(iph->tot_len) > physmtu) { \
-+ ip_fragment(NULL, skb, dev, 0); \
-+ ipsec_kfree_skb(skb); \
-+ } else { \
-+ dev_queue_xmit(skb, dev, SOPRI_NORMAL); \
-+ }
-+#endif /* NET_21 */
-+
-+
-+/*
-+ * Heavily based on drivers/net/new_tunnel.c. Lots
-+ * of ideas also taken from the 2.1.x version of drivers/net/shaper.c
-+ */
-+
-+struct ipsectunnelconf
-+{
-+ __u32 cf_cmd;
-+ union
-+ {
-+ char cfu_name[12];
-+ } cf_u;
-+#define cf_name cf_u.cfu_name
-+};
-+
-+#define IPSEC_SET_DEV (SIOCDEVPRIVATE)
-+#define IPSEC_DEL_DEV (SIOCDEVPRIVATE + 1)
-+#define IPSEC_CLR_DEV (SIOCDEVPRIVATE + 2)
-+
-+#ifdef __KERNEL__
-+#include <linux/version.h>
-+#ifndef KERNEL_VERSION
-+# define KERNEL_VERSION(x,y,z) (((x)<<16)+((y)<<8)+(z))
-+#endif
-+struct ipsecpriv
-+{
-+ struct sk_buff_head sendq;
-+ struct net_device *dev;
-+ struct wait_queue *wait_queue;
-+ char locked;
-+ int (*hard_start_xmit) (struct sk_buff *skb,
-+ struct net_device *dev);
-+ int (*hard_header) (struct sk_buff *skb,
-+ struct net_device *dev,
-+ unsigned short type,
-+ void *daddr,
-+ void *saddr,
-+ unsigned len);
-+#ifdef NET_21
-+ int (*rebuild_header)(struct sk_buff *skb);
-+#else /* NET_21 */
-+ int (*rebuild_header)(void *buff, struct net_device *dev,
-+ unsigned long raddr, struct sk_buff *skb);
-+#endif /* NET_21 */
-+ int (*set_mac_address)(struct net_device *dev, void *addr);
-+#ifndef NET_21
-+ void (*header_cache_bind)(struct hh_cache **hhp, struct net_device *dev,
-+ unsigned short htype, __u32 daddr);
-+#endif /* !NET_21 */
-+ void (*header_cache_update)(struct hh_cache *hh, struct net_device *dev, unsigned char * haddr);
-+ struct net_device_stats *(*get_stats)(struct net_device *dev);
-+ struct net_device_stats mystats;
-+ int mtu; /* What is the desired MTU? */
-+};
-+
-+extern char ipsec_tunnel_c_version[];
-+
-+extern struct net_device *ipsecdevices[IPSEC_NUM_IF];
-+
-+int ipsec_tunnel_init_devices(void);
-+
-+/* void */ int ipsec_tunnel_cleanup_devices(void);
-+
-+extern /* void */ int ipsec_init(void);
-+
-+extern int ipsec_tunnel_start_xmit(struct sk_buff *skb, struct net_device *dev);
-+extern struct net_device *ipsec_get_device(int inst);
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+extern int debug_tunnel;
-+extern int sysctl_ipsec_debug_verbose;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+#endif /* __KERNEL__ */
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+#define DB_TN_INIT 0x0001
-+#define DB_TN_PROCFS 0x0002
-+#define DB_TN_XMIT 0x0010
-+#define DB_TN_OHDR 0x0020
-+#define DB_TN_CROUT 0x0040
-+#define DB_TN_OXFS 0x0080
-+#define DB_TN_REVEC 0x0100
-+#define DB_TN_ENCAP 0x0200
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+/*
-+ * $Log: ipsec_tunnel.h,v $
-+ * Revision 1.33 2005-06-04 16:06:05 mcr
-+ * better patch for nat-t rcv-device code.
-+ *
-+ * Revision 1.32 2005/05/21 03:18:35 mcr
-+ * added additional debug flag tunnelling.
-+ *
-+ * Revision 1.31 2004/08/03 18:18:02 mcr
-+ * in 2.6, use "net_device" instead of #define device->net_device.
-+ * this probably breaks 2.0 compiles.
-+ *
-+ * Revision 1.30 2004/07/10 19:08:41 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.29 2004/04/05 19:55:07 mcr
-+ * Moved from linux/include/freeswan/ipsec_tunnel.h,v
-+ *
-+ * Revision 1.28 2003/06/24 20:22:32 mcr
-+ * added new global: ipsecdevices[] so that we can keep track of
-+ * the ipsecX devices. They will be referenced with dev_hold(),
-+ * so 2.2 may need this as well.
-+ *
-+ * Revision 1.27 2003/04/03 17:38:09 rgb
-+ * Centralised ipsec_kfree_skb and ipsec_dev_{get,put}.
-+ *
-+ * Revision 1.26 2003/02/12 19:32:20 rgb
-+ * Updated copyright year.
-+ *
-+ * Revision 1.25 2002/05/27 18:56:07 rgb
-+ * Convert to dynamic ipsec device allocation.
-+ *
-+ * Revision 1.24 2002/04/24 07:36:48 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_tunnel.h,v
-+ *
-+ * Revision 1.23 2001/11/06 19:50:44 rgb
-+ * Moved IP_SEND, ICMP_SEND, DEV_QUEUE_XMIT macros to ipsec_tunnel.h for
-+ * use also by pfkey_v2_parser.c
-+ *
-+ * Revision 1.22 2001/09/15 16:24:05 rgb
-+ * Re-inject first and last HOLD packet when an eroute REPLACE is done.
-+ *
-+ * Revision 1.21 2001/06/14 19:35:10 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.20 2000/09/15 11:37:02 rgb
-+ * Merge in heavily modified Svenning Soerensen's <svenning@post5.tele.dk>
-+ * IPCOMP zlib deflate code.
-+ *
-+ * Revision 1.19 2000/09/08 19:12:56 rgb
-+ * Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
-+ *
-+ * Revision 1.18 2000/07/28 13:50:54 rgb
-+ * Changed enet_statistics to net_device_stats and added back compatibility
-+ * for pre-2.1.19.
-+ *
-+ * Revision 1.17 1999/11/19 01:12:15 rgb
-+ * Purge unneeded proc_info prototypes, now that static linking uses
-+ * dynamic proc_info registration.
-+ *
-+ * Revision 1.16 1999/11/18 18:51:00 rgb
-+ * Changed all device registrations for static linking to
-+ * dynamic to reduce the number and size of patches.
-+ *
-+ * Revision 1.15 1999/11/18 04:14:21 rgb
-+ * Replaced all kernel version macros to shorter, readable form.
-+ * Added CONFIG_PROC_FS compiler directives in case it is shut off.
-+ * Added Marc Boucher's 2.3.25 proc patches.
-+ *
-+ * Revision 1.14 1999/05/25 02:50:10 rgb
-+ * Fix kernel version macros for 2.0.x static linking.
-+ *
-+ * Revision 1.13 1999/05/25 02:41:06 rgb
-+ * Add ipsec_klipsdebug support for static linking.
-+ *
-+ * Revision 1.12 1999/05/05 22:02:32 rgb
-+ * Add a quick and dirty port to 2.2 kernels by Marc Boucher <marc@mbsi.ca>.
-+ *
-+ * Revision 1.11 1999/04/29 15:19:50 rgb
-+ * Add return values to init and cleanup functions.
-+ *
-+ * Revision 1.10 1999/04/16 16:02:39 rgb
-+ * Bump up macro to 4 ipsec I/Fs.
-+ *
-+ * Revision 1.9 1999/04/15 15:37:25 rgb
-+ * Forward check changes from POST1_00 branch.
-+ *
-+ * Revision 1.5.2.1 1999/04/02 04:26:14 rgb
-+ * Backcheck from HEAD, pre1.0.
-+ *
-+ * Revision 1.8 1999/04/11 00:29:01 henry
-+ * GPL boilerplate
-+ *
-+ * Revision 1.7 1999/04/06 04:54:28 rgb
-+ * Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+ * patch shell fixes.
-+ *
-+ * Revision 1.6 1999/03/31 05:44:48 rgb
-+ * Keep PMTU reduction private.
-+ *
-+ * Revision 1.5 1999/02/10 22:31:20 rgb
-+ * Change rebuild_header member to reflect generality of link layer.
-+ *
-+ * Revision 1.4 1998/12/01 13:22:04 rgb
-+ * Added support for debug printing of version info.
-+ *
-+ * Revision 1.3 1998/07/29 20:42:46 rgb
-+ * Add a macro for clearing all tunnel devices.
-+ * Rearrange structures and declarations for sharing with userspace.
-+ *
-+ * Revision 1.2 1998/06/25 20:01:45 rgb
-+ * Make prototypes available for ipsec_init and ipsec proc_dir_entries
-+ * for static linking.
-+ *
-+ * Revision 1.1 1998/06/18 21:27:50 henry
-+ * move sources from klips/src to klips/net/ipsec, to keep stupid
-+ * kernel-build scripts happier in the presence of symlinks
-+ *
-+ * Revision 1.3 1998/05/18 21:51:50 rgb
-+ * Added macros for num of I/F's and a procfs debug switch.
-+ *
-+ * Revision 1.2 1998/04/21 21:29:09 rgb
-+ * Rearrange debug switches to change on the fly debug output from user
-+ * space. Only kernel changes checked in at this time. radij.c was also
-+ * changed to temporarily remove buggy debugging code in rj_delete causing
-+ * an OOPS and hence, netlink device open errors.
-+ *
-+ * Revision 1.1 1998/04/09 03:06:13 henry
-+ * sources moved up from linux/net/ipsec
-+ *
-+ * Revision 1.1.1.1 1998/04/08 05:35:05 henry
-+ * RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
-+ *
-+ * Revision 0.5 1997/06/03 04:24:48 ji
-+ * Added transport mode.
-+ * Changed the way routing is done.
-+ * Lots of bug fixes.
-+ *
-+ * Revision 0.4 1997/01/15 01:28:15 ji
-+ * No changes.
-+ *
-+ * Revision 0.3 1996/11/20 14:39:04 ji
-+ * Minor cleanups.
-+ * Rationalized debugging code.
-+ *
-+ * Revision 0.2 1996/11/02 00:18:33 ji
-+ * First limited release.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_xform.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,257 @@
-+/*
-+ * Definitions relevant to IPSEC transformations
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998, 1999, 2000, 2001 Richard Guy Briggs.
-+ * COpyright (C) 2003 Michael Richardson <mcr@sandelman.ottawa.on.ca>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_xform.h,v 1.41 2004-07-10 19:08:41 mcr Exp $
-+ */
-+
-+#ifndef _IPSEC_XFORM_H_
-+
-+#include <openswan.h>
-+
-+#define XF_NONE 0 /* No transform set */
-+#define XF_IP4 1 /* IPv4 inside IPv4 */
-+#define XF_AHMD5 2 /* AH MD5 */
-+#define XF_AHSHA 3 /* AH SHA */
-+#define XF_ESP3DES 5 /* ESP DES3-CBC */
-+#define XF_AHHMACMD5 6 /* AH-HMAC-MD5 with opt replay prot */
-+#define XF_AHHMACSHA1 7 /* AH-HMAC-SHA1 with opt replay prot */
-+#define XF_ESP3DESMD5 9 /* triple DES, HMAC-MD-5, 128-bits of authentication */
-+#define XF_ESP3DESMD596 10 /* triple DES, HMAC-MD-5, 96-bits of authentication */
-+#define XF_ESPNULLMD596 12 /* NULL, HMAC-MD-5 with 96-bits of authentication */
-+#define XF_ESPNULLSHA196 13 /* NULL, HMAC-SHA-1 with 96-bits of authentication */
-+#define XF_ESP3DESSHA196 14 /* triple DES, HMAC-SHA-1, 96-bits of authentication */
-+#define XF_IP6 15 /* IPv6 inside IPv6 */
-+#define XF_COMPDEFLATE 16 /* IPCOMP deflate */
-+
-+#define XF_CLR 126 /* Clear SA table */
-+#define XF_DEL 127 /* Delete SA */
-+
-+/* IPsec AH transform values
-+ * RFC 2407
-+ * draft-ietf-ipsec-doi-tc-mib-02.txt
-+ */
-+
-+#define AH_NONE 0
-+#define AH_MD5 2
-+#define AH_SHA 3
-+/* draft-ietf-ipsec-ciph-aes-cbc-03.txt */
-+#define AH_SHA2_256 5
-+#define AH_SHA2_384 6
-+#define AH_SHA2_512 7
-+#define AH_RIPEMD 8
-+#define AH_MAX 15
-+
-+/* IPsec ESP transform values */
-+
-+#define ESP_NONE 0
-+#define ESP_DES 2
-+#define ESP_3DES 3
-+#define ESP_RC5 4
-+#define ESP_IDEA 5
-+#define ESP_CAST 6
-+#define ESP_BLOWFISH 7
-+#define ESP_3IDEA 8
-+#define ESP_RC4 10
-+#define ESP_NULL 11
-+#define ESP_AES 12
-+
-+/* as draft-ietf-ipsec-ciph-aes-cbc-02.txt */
-+#define ESP_MARS 249
-+#define ESP_RC6 250
-+#define ESP_SERPENT 252
-+#define ESP_TWOFISH 253
-+
-+/* IPCOMP transform values */
-+
-+#define IPCOMP_NONE 0
-+#define IPCOMP_OUI 1
-+#define IPCOMP_DEFLAT 2
-+#define IPCOMP_LZS 3
-+#define IPCOMP_V42BIS 4
-+
-+#define XFT_AUTH 0x0001
-+#define XFT_CONF 0x0100
-+
-+/* available if CONFIG_KLIPS_DEBUG is defined */
-+#define DB_XF_INIT 0x0001
-+
-+#define PROTO2TXT(x) \
-+ (x) == IPPROTO_AH ? "AH" : \
-+ (x) == IPPROTO_ESP ? "ESP" : \
-+ (x) == IPPROTO_IPIP ? "IPIP" : \
-+ (x) == IPPROTO_COMP ? "COMP" : \
-+ "UNKNOWN_proto"
-+static inline const char *enc_name_id (unsigned id) {
-+ static char buf[16];
-+ snprintf(buf, sizeof(buf), "_ID%d", id);
-+ return buf;
-+}
-+static inline const char *auth_name_id (unsigned id) {
-+ static char buf[16];
-+ snprintf(buf, sizeof(buf), "_ID%d", id);
-+ return buf;
-+}
-+#define IPS_XFORM_NAME(x) \
-+ PROTO2TXT((x)->ips_said.proto), \
-+ (x)->ips_said.proto == IPPROTO_COMP ? \
-+ ((x)->ips_encalg == SADB_X_CALG_DEFLATE ? \
-+ "_DEFLATE" : "_UNKNOWN_comp") : \
-+ (x)->ips_encalg == ESP_NONE ? "" : \
-+ (x)->ips_encalg == ESP_3DES ? "_3DES" : \
-+ (x)->ips_encalg == ESP_AES ? "_AES" : \
-+ (x)->ips_encalg == ESP_SERPENT ? "_SERPENT" : \
-+ (x)->ips_encalg == ESP_TWOFISH ? "_TWOFISH" : \
-+ enc_name_id(x->ips_encalg)/* "_UNKNOWN_encr" */, \
-+ (x)->ips_authalg == AH_NONE ? "" : \
-+ (x)->ips_authalg == AH_MD5 ? "_HMAC_MD5" : \
-+ (x)->ips_authalg == AH_SHA ? "_HMAC_SHA1" : \
-+ (x)->ips_authalg == AH_SHA2_256 ? "_HMAC_SHA2_256" : \
-+ (x)->ips_authalg == AH_SHA2_384 ? "_HMAC_SHA2_384" : \
-+ (x)->ips_authalg == AH_SHA2_512 ? "_HMAC_SHA2_512" : \
-+ auth_name_id(x->ips_authalg) /* "_UNKNOWN_auth" */ \
-+
-+#ifdef __KERNEL__
-+struct ipsec_rcv_state;
-+struct ipsec_xmit_state;
-+
-+struct xform_functions {
-+ enum ipsec_rcv_value (*rcv_checks)(struct ipsec_rcv_state *irs,
-+ struct sk_buff *skb);
-+ enum ipsec_rcv_value (*rcv_decrypt)(struct ipsec_rcv_state *irs);
-+
-+ enum ipsec_rcv_value (*rcv_setup_auth)(struct ipsec_rcv_state *irs,
-+ struct sk_buff *skb,
-+ __u32 *replay,
-+ unsigned char **authenticator);
-+ enum ipsec_rcv_value (*rcv_calc_auth)(struct ipsec_rcv_state *irs,
-+ struct sk_buff *skb);
-+
-+ enum ipsec_xmit_value (*xmit_setup)(struct ipsec_xmit_state *ixs);
-+ enum ipsec_xmit_value (*xmit_encrypt)(struct ipsec_xmit_state *ixs);
-+
-+ enum ipsec_xmit_value (*xmit_setup_auth)(struct ipsec_xmit_state *ixs,
-+ struct sk_buff *skb,
-+ __u32 *replay,
-+ unsigned char **authenticator);
-+ enum ipsec_xmit_value (*xmit_calc_auth)(struct ipsec_xmit_state *ixs,
-+ struct sk_buff *skb);
-+ int xmit_headroom;
-+ int xmit_needtailroom;
-+};
-+
-+#endif /* __KERNEL__ */
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+extern void ipsec_dmp(char *s, caddr_t bb, int len);
-+#else /* CONFIG_KLIPS_DEBUG */
-+#define ipsec_dmp(_x, _y, _z)
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+
-+#define _IPSEC_XFORM_H_
-+#endif /* _IPSEC_XFORM_H_ */
-+
-+/*
-+ * $Log: ipsec_xform.h,v $
-+ * Revision 1.41 2004-07-10 19:08:41 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.40 2004/04/06 02:49:08 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.39 2004/04/05 19:55:07 mcr
-+ * Moved from linux/include/freeswan/ipsec_xform.h,v
-+ *
-+ * Revision 1.38 2004/04/05 19:41:05 mcr
-+ * merged alg-branch code.
-+ *
-+ * Revision 1.37 2003/12/13 19:10:16 mcr
-+ * refactored rcv and xmit code - same as FS 2.05.
-+ *
-+ * Revision 1.36.34.1 2003/12/22 15:25:52 jjo
-+ * Merged algo-0.8.1-rc11-test1 into alg-branch
-+ *
-+ * Revision 1.36 2002/04/24 07:36:48 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_xform.h,v
-+ *
-+ * Revision 1.35 2001/11/26 09:23:51 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.33.2.1 2001/09/25 02:24:58 mcr
-+ * struct tdb -> struct ipsec_sa.
-+ * sa(tdb) manipulation functions renamed and moved to ipsec_sa.c
-+ * ipsec_xform.c removed. header file still contains useful things.
-+ *
-+ * Revision 1.34 2001/11/06 19:47:17 rgb
-+ * Changed lifetime_packets to uint32 from uint64.
-+ *
-+ * Revision 1.33 2001/09/08 21:13:34 rgb
-+ * Added pfkey ident extension support for ISAKMPd. (NetCelo)
-+ *
-+ * Revision 1.32 2001/07/06 07:40:01 rgb
-+ * Reformatted for readability.
-+ * Added inbound policy checking fields for use with IPIP SAs.
-+ *
-+ * Revision 1.31 2001/06/14 19:35:11 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.30 2001/05/30 08:14:03 rgb
-+ * Removed vestiges of esp-null transforms.
-+ *
-+ * Revision 1.29 2001/01/30 23:42:47 rgb
-+ * Allow pfkey msgs from pid other than user context required for ACQUIRE
-+ * and subsequent ADD or UDATE.
-+ *
-+ * Revision 1.28 2000/11/06 04:30:40 rgb
-+ * Add Svenning's adaptive content compression.
-+ *
-+ * Revision 1.27 2000/09/19 00:38:25 rgb
-+ * Fixed algorithm name bugs introduced for ipcomp.
-+ *
-+ * Revision 1.26 2000/09/17 21:36:48 rgb
-+ * Added proto2txt macro.
-+ *
-+ * Revision 1.25 2000/09/17 18:56:47 rgb
-+ * Added IPCOMP support.
-+ *
-+ * Revision 1.24 2000/09/12 19:34:12 rgb
-+ * Defined XF_IP6 from Gerhard for ipv6 tunnel support.
-+ *
-+ * Revision 1.23 2000/09/12 03:23:14 rgb
-+ * Cleaned out now unused tdb_xform and tdb_xdata members of struct tdb.
-+ *
-+ * Revision 1.22 2000/09/08 19:12:56 rgb
-+ * Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
-+ *
-+ * Revision 1.21 2000/09/01 18:32:43 rgb
-+ * Added (disabled) sensitivity members to tdb struct.
-+ *
-+ * Revision 1.20 2000/08/30 05:31:01 rgb
-+ * Removed all the rest of the references to tdb_spi, tdb_proto, tdb_dst.
-+ * Kill remainder of tdb_xform, tdb_xdata, xformsw.
-+ *
-+ * Revision 1.19 2000/08/01 14:51:52 rgb
-+ * Removed _all_ remaining traces of DES.
-+ *
-+ * Revision 1.18 2000/01/21 06:17:45 rgb
-+ * Tidied up spacing.
-+ *
-+ *
-+ * Local variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_xmit.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,198 @@
-+/*
-+ * IPSEC tunneling code
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_xmit.h,v 1.14 2005-05-11 01:00:26 mcr Exp $
-+ */
-+
-+#include "openswan/ipsec_sa.h"
-+
-+enum ipsec_xmit_value
-+{
-+ IPSEC_XMIT_STOLEN=2,
-+ IPSEC_XMIT_PASS=1,
-+ IPSEC_XMIT_OK=0,
-+ IPSEC_XMIT_ERRMEMALLOC=-1,
-+ IPSEC_XMIT_ESP_BADALG=-2,
-+ IPSEC_XMIT_BADPROTO=-3,
-+ IPSEC_XMIT_ESP_PUSHPULLERR=-4,
-+ IPSEC_XMIT_BADLEN=-5,
-+ IPSEC_XMIT_AH_BADALG=-6,
-+ IPSEC_XMIT_SAIDNOTFOUND=-7,
-+ IPSEC_XMIT_SAIDNOTLIVE=-8,
-+ IPSEC_XMIT_REPLAYROLLED=-9,
-+ IPSEC_XMIT_LIFETIMEFAILED=-10,
-+ IPSEC_XMIT_CANNOTFRAG=-11,
-+ IPSEC_XMIT_MSSERR=-12,
-+ IPSEC_XMIT_ERRSKBALLOC=-13,
-+ IPSEC_XMIT_ENCAPFAIL=-14,
-+ IPSEC_XMIT_NODEV=-15,
-+ IPSEC_XMIT_NOPRIVDEV=-16,
-+ IPSEC_XMIT_NOPHYSDEV=-17,
-+ IPSEC_XMIT_NOSKB=-18,
-+ IPSEC_XMIT_NOIPV6=-19,
-+ IPSEC_XMIT_NOIPOPTIONS=-20,
-+ IPSEC_XMIT_TTLEXPIRED=-21,
-+ IPSEC_XMIT_BADHHLEN=-22,
-+ IPSEC_XMIT_PUSHPULLERR=-23,
-+ IPSEC_XMIT_ROUTEERR=-24,
-+ IPSEC_XMIT_RECURSDETECT=-25,
-+ IPSEC_XMIT_IPSENDFAILURE=-26,
-+ IPSEC_XMIT_ESPUDP=-27,
-+ IPSEC_XMIT_ESPUDP_BADTYPE=-28,
-+};
-+
-+struct ipsec_xmit_state
-+{
-+ struct sk_buff *skb; /* working skb pointer */
-+ struct net_device *dev; /* working dev pointer */
-+ struct ipsecpriv *prv; /* Our device' private space */
-+ struct sk_buff *oskb; /* Original skb pointer */
-+ struct net_device_stats *stats; /* This device's statistics */
-+ struct iphdr *iph; /* Our new IP header */
-+ __u32 newdst; /* The other SG's IP address */
-+ __u32 orgdst; /* Original IP destination address */
-+ __u32 orgedst; /* 1st SG's IP address */
-+ __u32 newsrc; /* The new source SG's IP address */
-+ __u32 orgsrc; /* Original IP source address */
-+ __u32 innersrc; /* Innermost IP source address */
-+ int iphlen; /* IP header length */
-+ int pyldsz; /* upper protocol payload size */
-+ int headroom;
-+ int tailroom;
-+ int authlen;
-+ int max_headroom; /* The extra header space needed */
-+ int max_tailroom; /* The extra stuffing needed */
-+ int ll_headroom; /* The extra link layer hard_header space needed */
-+ int tot_headroom; /* The total header space needed */
-+ int tot_tailroom; /* The totalstuffing needed */
-+ __u8 *saved_header; /* saved copy of the hard header */
-+ unsigned short sport, dport;
-+
-+ struct sockaddr_encap matcher; /* eroute search key */
-+ struct eroute *eroute;
-+ struct ipsec_sa *ipsp, *ipsq; /* ipsec_sa pointers */
-+ char sa_txt[SATOT_BUF];
-+ size_t sa_len;
-+ int hard_header_stripped; /* has the hard header been removed yet? */
-+ int hard_header_len;
-+ struct net_device *physdev;
-+/* struct device *virtdev; */
-+ short physmtu;
-+ short cur_mtu; /* copy of prv->mtu, cause prv may == NULL */
-+ short mtudiff;
-+#ifdef NET_21
-+ struct rtable *route;
-+#endif /* NET_21 */
-+ ip_said outgoing_said;
-+#ifdef NET_21
-+ int pass;
-+#endif /* NET_21 */
-+ int error;
-+ uint32_t eroute_pid;
-+ struct ipsec_sa ips;
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ uint8_t natt_type;
-+ uint8_t natt_head;
-+ uint16_t natt_sport;
-+ uint16_t natt_dport;
-+#endif
-+};
-+
-+enum ipsec_xmit_value
-+ipsec_xmit_sanity_check_dev(struct ipsec_xmit_state *ixs);
-+
-+enum ipsec_xmit_value
-+ipsec_xmit_sanity_check_skb(struct ipsec_xmit_state *ixs);
-+
-+enum ipsec_xmit_value
-+ipsec_xmit_encap_bundle(struct ipsec_xmit_state *ixs);
-+
-+extern void ipsec_extract_ports(struct iphdr * iph, struct sockaddr_encap * er);
-+
-+
-+extern int ipsec_xmit_trap_count;
-+extern int ipsec_xmit_trap_sendcount;
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+extern int debug_tunnel;
-+
-+#define debug_xmit debug_tunnel
-+
-+#define ipsec_xmit_dmp(_x,_y, _z) if (debug_xmit && sysctl_ipsec_debug_verbose) ipsec_dmp_block(_x,_y,_z)
-+#else
-+#define ipsec_xmit_dmp(_x,_y, _z) do {} while(0)
-+
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+extern int sysctl_ipsec_debug_verbose;
-+extern int sysctl_ipsec_icmp;
-+extern int sysctl_ipsec_tos;
-+
-+
-+/*
-+ * $Log: ipsec_xmit.h,v $
-+ * Revision 1.14 2005-05-11 01:00:26 mcr
-+ * do not call debug routines if !defined KLIPS_DEBUG.
-+ *
-+ * Revision 1.13 2005/04/29 05:01:38 mcr
-+ * use ipsec_dmp_block.
-+ * added cur_mtu to ixs instead of using ixs->dev.
-+ *
-+ * Revision 1.12 2004/08/20 21:45:37 mcr
-+ * CONFIG_KLIPS_NAT_TRAVERSAL is not used in an attempt to
-+ * be 26sec compatible. But, some defines where changed.
-+ *
-+ * Revision 1.11 2004/08/03 18:18:21 mcr
-+ * in 2.6, use "net_device" instead of #define device->net_device.
-+ * this probably breaks 2.0 compiles.
-+ *
-+ * Revision 1.10 2004/07/10 19:08:41 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.9 2004/04/06 02:49:08 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.8 2004/04/05 19:55:07 mcr
-+ * Moved from linux/include/freeswan/ipsec_xmit.h,v
-+ *
-+ * Revision 1.7 2004/02/03 03:11:40 mcr
-+ * new xmit type if the UDP encapsulation is wrong.
-+ *
-+ * Revision 1.6 2003/12/13 19:10:16 mcr
-+ * refactored rcv and xmit code - same as FS 2.05.
-+ *
-+ * Revision 1.5 2003/12/10 01:20:06 mcr
-+ * NAT-traversal patches to KLIPS.
-+ *
-+ * Revision 1.4 2003/12/06 16:37:04 mcr
-+ * 1.4.7a X.509 patch applied.
-+ *
-+ * Revision 1.3 2003/10/31 02:27:05 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.2.4.2 2003/10/29 01:10:19 mcr
-+ * elimited "struct sa_id"
-+ *
-+ * Revision 1.2.4.1 2003/09/21 13:59:38 mcr
-+ * pre-liminary X.509 patch - does not yet pass tests.
-+ *
-+ * Revision 1.2 2003/06/20 01:42:13 mcr
-+ * added counters to measure how many ACQUIREs we send to pluto,
-+ * and how many are successfully sent.
-+ *
-+ * Revision 1.1 2003/02/12 19:31:03 rgb
-+ * Refactored from ipsec_tunnel.c
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/passert.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,75 @@
-+/*
-+ * sanitize a string into a printable format.
-+ *
-+ * Copyright (C) 1998-2002 D. Hugh Redelmeier.
-+ * Copyright (C) 2003 Michael Richardson <mcr@freeswan.org>
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: passert.h,v 1.7.8.1 2007-09-05 02:32:24 paul Exp $
-+ */
-+
-+#include "openswan.h"
-+
-+#ifndef _OPENSWAN_PASSERT_H
-+#define _OPENSWAN_PASSERT_H
-+/* our versions of assert: log result */
-+
-+#ifdef DEBUG
-+
-+typedef void (*openswan_passert_fail_t)(const char *pred_str,
-+ const char *file_str,
-+ unsigned long line_no) NEVER_RETURNS;
-+
-+extern openswan_passert_fail_t openswan_passert_fail;
-+
-+extern void pexpect_log(const char *pred_str
-+ , const char *file_str, unsigned long line_no);
-+
-+# define impossible() do { \
-+ if(openswan_passert_fail) { \
-+ (*openswan_passert_fail)("impossible", __FILE__, __LINE__); \
-+ }} while(0)
-+
-+extern void switch_fail(int n
-+ , const char *file_str, unsigned long line_no) NEVER_RETURNS;
-+
-+# define bad_case(n) switch_fail((int) n, __FILE__, __LINE__)
-+
-+# define passert(pred) do { \
-+ if (!(pred)) \
-+ if(openswan_passert_fail) { \
-+ (*openswan_passert_fail)(#pred, __FILE__, __LINE__); \
-+ } \
-+ } while(0)
-+
-+# define pexpect(pred) do { \
-+ if (!(pred)) \
-+ pexpect_log(#pred, __FILE__, __LINE__); \
-+ } while(0)
-+
-+/* assert that an err_t is NULL; evaluate exactly once */
-+# define happy(x) { \
-+ err_t ugh = x; \
-+ if (ugh != NULL) \
-+ if(openswan_passert_fail) { (*openswan_passert_fail)(ugh, __FILE__, __LINE__); } \
-+ }
-+
-+#else /*!DEBUG*/
-+
-+# define impossible() abort()
-+# define bad_case(n) abort()
-+# define passert(pred) { } /* do nothing */
-+# define happy(x) { (void) x; } /* evaluate non-judgementally */
-+
-+#endif /*!DEBUG*/
-+
-+#endif /* _OPENSWAN_PASSERT_H */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/pfkey_debug.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,54 @@
-+/*
-+ * sanitize a string into a printable format.
-+ *
-+ * Copyright (C) 1998-2002 D. Hugh Redelmeier.
-+ * Copyright (C) 2003 Michael Richardson <mcr@freeswan.org>
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: pfkey_debug.h,v 1.3 2004-04-05 19:55:07 mcr Exp $
-+ */
-+
-+#ifndef _FREESWAN_PFKEY_DEBUG_H
-+#define _FREESWAN_PFKEY_DEBUG_H
-+
-+#ifdef __KERNEL__
-+
-+/* note, kernel version ignores pfkey levels */
-+# define DEBUGGING(level,args...) \
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:" args)
-+
-+# define ERROR(args...) printk(KERN_ERR "klips:" args)
-+
-+#else
-+
-+extern unsigned int pfkey_lib_debug;
-+
-+extern void (*pfkey_debug_func)(const char *message, ...) PRINTF_LIKE(1);
-+extern void (*pfkey_error_func)(const char *message, ...) PRINTF_LIKE(1);
-+
-+#define DEBUGGING(level,args...) if(pfkey_lib_debug & level) { \
-+ if(pfkey_debug_func != NULL) { \
-+ (*pfkey_debug_func)("pfkey_lib_debug:" args); \
-+ } else { \
-+ printf("pfkey_lib_debug:" args); \
-+ } }
-+
-+#define ERROR(args...) if(pfkey_error_func != NULL) { \
-+ (*pfkey_error_func)("pfkey_lib_debug:" args); \
-+ }
-+
-+# define MALLOC(size) malloc(size)
-+# define FREE(obj) free(obj)
-+
-+#endif
-+
-+#endif
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/radij.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,280 @@
-+/*
-+ * RCSID $Id: radij.h,v 1.13 2004-04-05 19:55:08 mcr Exp $
-+ */
-+
-+/*
-+ * This file is defived from ${SRC}/sys/net/radix.h of BSD 4.4lite
-+ *
-+ * Variable and procedure names have been modified so that they don't
-+ * conflict with the original BSD code, as a small number of modifications
-+ * have been introduced and we may want to reuse this code in BSD.
-+ *
-+ * The `j' in `radij' is pronounced as a voiceless guttural (like a Greek
-+ * chi or a German ch sound (as `doch', not as in `milch'), or even a
-+ * spanish j as in Juan. It is not as far back in the throat like
-+ * the corresponding Hebrew sound, nor is it a soft breath like the English h.
-+ * It has nothing to do with the Dutch ij sound.
-+ *
-+ * Here is the appropriate copyright notice:
-+ */
-+
-+/*
-+ * Copyright (c) 1988, 1989, 1993
-+ * The Regents of the University of California. All rights reserved.
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions
-+ * are met:
-+ * 1. Redistributions of source code must retain the above copyright
-+ * notice, this list of conditions and the following disclaimer.
-+ * 2. Redistributions in binary form must reproduce the above copyright
-+ * notice, this list of conditions and the following disclaimer in the
-+ * documentation and/or other materials provided with the distribution.
-+ * 3. All advertising materials mentioning features or use of this software
-+ * must display the following acknowledgement:
-+ * This product includes software developed by the University of
-+ * California, Berkeley and its contributors.
-+ * 4. Neither the name of the University nor the names of its contributors
-+ * may be used to endorse or promote products derived from this software
-+ * without specific prior written permission.
-+ *
-+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
-+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
-+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-+ * SUCH DAMAGE.
-+ *
-+ * @(#)radix.h 8.1 (Berkeley) 6/10/93
-+ */
-+
-+#ifndef _RADIJ_H_
-+#define _RADIJ_H_
-+
-+/*
-+#define RJ_DEBUG
-+*/
-+
-+#ifdef __KERNEL__
-+
-+#ifndef __P
-+#ifdef __STDC__
-+#define __P(x) x
-+#else
-+#define __P(x) ()
-+#endif
-+#endif
-+
-+/*
-+ * Radix search tree node layout.
-+ */
-+
-+struct radij_node
-+{
-+ struct radij_mask *rj_mklist; /* list of masks contained in subtree */
-+ struct radij_node *rj_p; /* parent */
-+ short rj_b; /* bit offset; -1-index(netmask) */
-+ char rj_bmask; /* node: mask for bit test*/
-+ u_char rj_flags; /* enumerated next */
-+#define RJF_NORMAL 1 /* leaf contains normal route */
-+#define RJF_ROOT 2 /* leaf is root leaf for tree */
-+#define RJF_ACTIVE 4 /* This node is alive (for rtfree) */
-+ union {
-+ struct { /* leaf only data: */
-+ caddr_t rj_Key; /* object of search */
-+ caddr_t rj_Mask; /* netmask, if present */
-+ struct radij_node *rj_Dupedkey;
-+ } rj_leaf;
-+ struct { /* node only data: */
-+ int rj_Off; /* where to start compare */
-+ struct radij_node *rj_L;/* progeny */
-+ struct radij_node *rj_R;/* progeny */
-+ }rj_node;
-+ } rj_u;
-+#ifdef RJ_DEBUG
-+ int rj_info;
-+ struct radij_node *rj_twin;
-+ struct radij_node *rj_ybro;
-+#endif
-+};
-+
-+#define rj_dupedkey rj_u.rj_leaf.rj_Dupedkey
-+#define rj_key rj_u.rj_leaf.rj_Key
-+#define rj_mask rj_u.rj_leaf.rj_Mask
-+#define rj_off rj_u.rj_node.rj_Off
-+#define rj_l rj_u.rj_node.rj_L
-+#define rj_r rj_u.rj_node.rj_R
-+
-+/*
-+ * Annotations to tree concerning potential routes applying to subtrees.
-+ */
-+
-+extern struct radij_mask {
-+ short rm_b; /* bit offset; -1-index(netmask) */
-+ char rm_unused; /* cf. rj_bmask */
-+ u_char rm_flags; /* cf. rj_flags */
-+ struct radij_mask *rm_mklist; /* more masks to try */
-+ caddr_t rm_mask; /* the mask */
-+ int rm_refs; /* # of references to this struct */
-+} *rj_mkfreelist;
-+
-+#define MKGet(m) {\
-+ if (rj_mkfreelist) {\
-+ m = rj_mkfreelist; \
-+ rj_mkfreelist = (m)->rm_mklist; \
-+ } else \
-+ R_Malloc(m, struct radij_mask *, sizeof (*(m))); }\
-+
-+#define MKFree(m) { (m)->rm_mklist = rj_mkfreelist; rj_mkfreelist = (m);}
-+
-+struct radij_node_head {
-+ struct radij_node *rnh_treetop;
-+ int rnh_addrsize; /* permit, but not require fixed keys */
-+ int rnh_pktsize; /* permit, but not require fixed keys */
-+#if 0
-+ struct radij_node *(*rnh_addaddr) /* add based on sockaddr */
-+ __P((void *v, void *mask,
-+ struct radij_node_head *head, struct radij_node nodes[]));
-+#endif
-+ int (*rnh_addaddr) /* add based on sockaddr */
-+ __P((void *v, void *mask,
-+ struct radij_node_head *head, struct radij_node nodes[]));
-+ struct radij_node *(*rnh_addpkt) /* add based on packet hdr */
-+ __P((void *v, void *mask,
-+ struct radij_node_head *head, struct radij_node nodes[]));
-+#if 0
-+ struct radij_node *(*rnh_deladdr) /* remove based on sockaddr */
-+ __P((void *v, void *mask, struct radij_node_head *head));
-+#endif
-+ int (*rnh_deladdr) /* remove based on sockaddr */
-+ __P((void *v, void *mask, struct radij_node_head *head, struct radij_node **node));
-+ struct radij_node *(*rnh_delpkt) /* remove based on packet hdr */
-+ __P((void *v, void *mask, struct radij_node_head *head));
-+ struct radij_node *(*rnh_matchaddr) /* locate based on sockaddr */
-+ __P((void *v, struct radij_node_head *head));
-+ struct radij_node *(*rnh_matchpkt) /* locate based on packet hdr */
-+ __P((void *v, struct radij_node_head *head));
-+ int (*rnh_walktree) /* traverse tree */
-+ __P((struct radij_node_head *head, int (*f)(struct radij_node *rn, void *w), void *w));
-+ struct radij_node rnh_nodes[3]; /* empty tree for common case */
-+};
-+
-+
-+#define Bcmp(a, b, n) memcmp(((caddr_t)(b)), ((caddr_t)(a)), (unsigned)(n))
-+#define Bcopy(a, b, n) memmove(((caddr_t)(b)), ((caddr_t)(a)), (unsigned)(n))
-+#define Bzero(p, n) memset((caddr_t)(p), 0, (unsigned)(n))
-+#define R_Malloc(p, t, n) ((p = (t) kmalloc((size_t)(n), GFP_ATOMIC)), Bzero((p),(n)))
-+#define Free(p) kfree((caddr_t)p);
-+
-+void rj_init __P((void));
-+int rj_inithead __P((void **, int));
-+int rj_refines __P((void *, void *));
-+int rj_walktree __P((struct radij_node_head *head, int (*f)(struct radij_node *rn, void *w), void *w));
-+struct radij_node
-+ *rj_addmask __P((void *, int, int)) /* , rgb */ ;
-+int /* * */ rj_addroute __P((void *, void *, struct radij_node_head *,
-+ struct radij_node [2])) /* , rgb */ ;
-+int /* * */ rj_delete __P((void *, void *, struct radij_node_head *, struct radij_node **)) /* , rgb */ ;
-+struct radij_node /* rgb */
-+ *rj_insert __P((void *, struct radij_node_head *, int *,
-+ struct radij_node [2])),
-+ *rj_match __P((void *, struct radij_node_head *)),
-+ *rj_newpair __P((void *, int, struct radij_node[2])),
-+ *rj_search __P((void *, struct radij_node *)),
-+ *rj_search_m __P((void *, struct radij_node *, void *));
-+
-+void rj_deltree(struct radij_node_head *);
-+void rj_delnodes(struct radij_node *);
-+void rj_free_mkfreelist(void);
-+int radijcleartree(void);
-+int radijcleanup(void);
-+
-+extern struct radij_node_head *mask_rjhead;
-+extern int maj_keylen;
-+#endif /* __KERNEL__ */
-+
-+#endif /* _RADIJ_H_ */
-+
-+
-+/*
-+ * $Log: radij.h,v $
-+ * Revision 1.13 2004-04-05 19:55:08 mcr
-+ * Moved from linux/include/freeswan/radij.h,v
-+ *
-+ * Revision 1.12 2002/04/24 07:36:48 mcr
-+ * Moved from ./klips/net/ipsec/radij.h,v
-+ *
-+ * Revision 1.11 2001/09/20 15:33:00 rgb
-+ * Min/max cleanup.
-+ *
-+ * Revision 1.10 1999/11/18 04:09:20 rgb
-+ * Replaced all kernel version macros to shorter, readable form.
-+ *
-+ * Revision 1.9 1999/05/05 22:02:33 rgb
-+ * Add a quick and dirty port to 2.2 kernels by Marc Boucher <marc@mbsi.ca>.
-+ *
-+ * Revision 1.8 1999/04/29 15:24:58 rgb
-+ * Add check for existence of macros min/max.
-+ *
-+ * Revision 1.7 1999/04/11 00:29:02 henry
-+ * GPL boilerplate
-+ *
-+ * Revision 1.6 1999/04/06 04:54:29 rgb
-+ * Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+ * patch shell fixes.
-+ *
-+ * Revision 1.5 1999/01/22 06:30:32 rgb
-+ * 64-bit clean-up.
-+ *
-+ * Revision 1.4 1998/11/30 13:22:55 rgb
-+ * Rationalised all the klips kernel file headers. They are much shorter
-+ * now and won't conflict under RH5.2.
-+ *
-+ * Revision 1.3 1998/10/25 02:43:27 rgb
-+ * Change return type on rj_addroute and rj_delete and add and argument
-+ * to the latter to be able to transmit more infomation about errors.
-+ *
-+ * Revision 1.2 1998/07/14 18:09:51 rgb
-+ * Add a routine to clear eroute table.
-+ * Added #ifdef __KERNEL__ directives to restrict scope of header.
-+ *
-+ * Revision 1.1 1998/06/18 21:30:22 henry
-+ * move sources from klips/src to klips/net/ipsec to keep stupid kernel
-+ * build scripts happier about symlinks
-+ *
-+ * Revision 1.4 1998/05/25 20:34:16 rgb
-+ * Remove temporary ipsec_walk, rj_deltree and rj_delnodes functions.
-+ *
-+ * Rename ipsec_rj_walker (ipsec_walk) to ipsec_rj_walker_procprint and
-+ * add ipsec_rj_walker_delete.
-+ *
-+ * Recover memory for eroute table on unload of module.
-+ *
-+ * Revision 1.3 1998/04/22 16:51:37 rgb
-+ * Tidy up radij debug code from recent rash of modifications to debug code.
-+ *
-+ * Revision 1.2 1998/04/14 17:30:38 rgb
-+ * Fix up compiling errors for radij tree memory reclamation.
-+ *
-+ * Revision 1.1 1998/04/09 03:06:16 henry
-+ * sources moved up from linux/net/ipsec
-+ *
-+ * Revision 1.1.1.1 1998/04/08 05:35:04 henry
-+ * RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
-+ *
-+ * Revision 0.4 1997/01/15 01:28:15 ji
-+ * No changes.
-+ *
-+ * Revision 0.3 1996/11/20 14:44:45 ji
-+ * Release update only.
-+ *
-+ * Revision 0.2 1996/11/02 00:18:33 ji
-+ * First limited release.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/pfkey.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,529 @@
-+/*
-+ * FreeS/WAN specific PF_KEY headers
-+ * Copyright (C) 1999, 2000, 2001 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: pfkey.h,v 1.49 2005-05-11 00:57:29 mcr Exp $
-+ */
-+
-+#ifndef __NET_IPSEC_PF_KEY_H
-+#define __NET_IPSEC_PF_KEY_H
-+#ifdef __KERNEL__
-+extern struct proto_ops pfkey_proto_ops;
-+typedef struct sock pfkey_sock;
-+extern int debug_pfkey;
-+
-+extern /* void */ int pfkey_init(void);
-+extern /* void */ int pfkey_cleanup(void);
-+
-+struct socket_list
-+{
-+ struct socket *socketp;
-+ struct socket_list *next;
-+};
-+extern int pfkey_list_insert_socket(struct socket*, struct socket_list**);
-+extern int pfkey_list_remove_socket(struct socket*, struct socket_list**);
-+extern struct socket_list *pfkey_open_sockets;
-+extern struct socket_list *pfkey_registered_sockets[];
-+
-+struct ipsec_alg_supported
-+{
-+ uint16_t ias_exttype;
-+ uint8_t ias_id;
-+ uint8_t ias_ivlen;
-+ uint16_t ias_keyminbits;
-+ uint16_t ias_keymaxbits;
-+ char *ias_name;
-+};
-+
-+extern struct supported_list *pfkey_supported_list[];
-+struct supported_list
-+{
-+ struct ipsec_alg_supported *supportedp;
-+ struct supported_list *next;
-+};
-+extern int pfkey_list_insert_supported(struct ipsec_alg_supported*, struct supported_list**);
-+extern int pfkey_list_remove_supported(struct ipsec_alg_supported*, struct supported_list**);
-+
-+struct sockaddr_key
-+{
-+ uint16_t key_family; /* PF_KEY */
-+ uint16_t key_pad; /* not used */
-+ uint32_t key_pid; /* process ID */
-+};
-+
-+struct pfkey_extracted_data
-+{
-+ struct ipsec_sa* ips;
-+ struct ipsec_sa* ips2;
-+ struct eroute *eroute;
-+};
-+
-+/* forward reference */
-+struct sadb_ext;
-+struct sadb_msg;
-+struct sockaddr;
-+struct sadb_comb;
-+struct sadb_sadb;
-+struct sadb_alg;
-+
-+extern int
-+pfkey_alloc_eroute(struct eroute** eroute);
-+
-+extern int
-+pfkey_sa_process(struct sadb_ext *pfkey_ext,
-+ struct pfkey_extracted_data* extr);
-+
-+extern int
-+pfkey_lifetime_process(struct sadb_ext *pfkey_ext,
-+ struct pfkey_extracted_data* extr);
-+
-+extern int
-+pfkey_address_process(struct sadb_ext *pfkey_ext,
-+ struct pfkey_extracted_data* extr);
-+
-+extern int
-+pfkey_key_process(struct sadb_ext *pfkey_ext,
-+ struct pfkey_extracted_data* extr);
-+
-+extern int
-+pfkey_ident_process(struct sadb_ext *pfkey_ext,
-+ struct pfkey_extracted_data* extr);
-+
-+extern int
-+pfkey_sens_process(struct sadb_ext *pfkey_ext,
-+ struct pfkey_extracted_data* extr);
-+
-+extern int
-+pfkey_prop_process(struct sadb_ext *pfkey_ext,
-+ struct pfkey_extracted_data* extr);
-+
-+extern int
-+pfkey_supported_process(struct sadb_ext *pfkey_ext,
-+ struct pfkey_extracted_data* extr);
-+
-+extern int
-+pfkey_spirange_process(struct sadb_ext *pfkey_ext,
-+ struct pfkey_extracted_data* extr);
-+
-+extern int
-+pfkey_x_kmprivate_process(struct sadb_ext *pfkey_ext,
-+ struct pfkey_extracted_data* extr);
-+
-+extern int
-+pfkey_x_satype_process(struct sadb_ext *pfkey_ext,
-+ struct pfkey_extracted_data* extr);
-+
-+extern int
-+pfkey_x_debug_process(struct sadb_ext *pfkey_ext,
-+ struct pfkey_extracted_data* extr);
-+
-+extern int pfkey_upmsg(struct socket *, struct sadb_msg *);
-+extern int pfkey_expire(struct ipsec_sa *, int);
-+extern int pfkey_acquire(struct ipsec_sa *);
-+#else /* ! __KERNEL__ */
-+
-+extern void (*pfkey_debug_func)(const char *message, ...);
-+extern void (*pfkey_error_func)(const char *message, ...);
-+extern void pfkey_print(struct sadb_msg *msg, FILE *out);
-+
-+
-+#endif /* __KERNEL__ */
-+
-+extern uint8_t satype2proto(uint8_t satype);
-+extern uint8_t proto2satype(uint8_t proto);
-+extern char* satype2name(uint8_t satype);
-+extern char* proto2name(uint8_t proto);
-+
-+struct key_opt
-+{
-+ uint32_t key_pid; /* process ID */
-+ struct sock *sk;
-+};
-+
-+#define key_pid(sk) ((struct key_opt*)&((sk)->sk_protinfo))->key_pid
-+
-+/* XXX-mcr this is not an alignment, this is because the count is in 64-bit
-+ * words.
-+ */
-+#define IPSEC_PFKEYv2_ALIGN (sizeof(uint64_t)/sizeof(uint8_t))
-+#define BITS_PER_OCTET 8
-+#define OCTETBITS 8
-+#define PFKEYBITS 64
-+#define DIVUP(x,y) ((x + y -1) / y) /* divide, rounding upwards */
-+#define ALIGN_N(x,y) (DIVUP(x,y) * y) /* align on y boundary */
-+
-+#define IPSEC_PFKEYv2_LEN(x) ((x) * IPSEC_PFKEYv2_ALIGN)
-+#define IPSEC_PFKEYv2_WORDS(x) ((x) / IPSEC_PFKEYv2_ALIGN)
-+
-+
-+#define PFKEYv2_MAX_MSGSIZE 4096
-+
-+/*
-+ * PF_KEYv2 permitted and required extensions in and out bitmaps
-+ */
-+struct pf_key_ext_parsers_def {
-+ int (*parser)(struct sadb_ext*);
-+ char *parser_name;
-+};
-+
-+
-+#define SADB_EXTENSIONS_MAX 31
-+extern unsigned int extensions_bitmaps[2/*in/out*/][2/*perm/req*/][SADB_EXTENSIONS_MAX];
-+#define EXT_BITS_IN 0
-+#define EXT_BITS_OUT 1
-+#define EXT_BITS_PERM 0
-+#define EXT_BITS_REQ 1
-+
-+extern void pfkey_extensions_init(struct sadb_ext *extensions[]);
-+extern void pfkey_extensions_free(struct sadb_ext *extensions[]);
-+extern void pfkey_msg_free(struct sadb_msg **pfkey_msg);
-+
-+extern int pfkey_msg_parse(struct sadb_msg *pfkey_msg,
-+ struct pf_key_ext_parsers_def *ext_parsers[],
-+ struct sadb_ext **extensions,
-+ int dir);
-+
-+extern int pfkey_register_reply(int satype, struct sadb_msg *sadb_msg);
-+
-+/*
-+ * PF_KEYv2 build function prototypes
-+ */
-+
-+int
-+pfkey_msg_hdr_build(struct sadb_ext** pfkey_ext,
-+ uint8_t msg_type,
-+ uint8_t satype,
-+ uint8_t msg_errno,
-+ uint32_t seq,
-+ uint32_t pid);
-+
-+int
-+pfkey_sa_ref_build(struct sadb_ext ** pfkey_ext,
-+ uint16_t exttype,
-+ uint32_t spi, /* in network order */
-+ uint8_t replay_window,
-+ uint8_t sa_state,
-+ uint8_t auth,
-+ uint8_t encrypt,
-+ uint32_t flags,
-+ uint32_t/*IPsecSAref_t*/ ref);
-+
-+int
-+pfkey_sa_build(struct sadb_ext ** pfkey_ext,
-+ uint16_t exttype,
-+ uint32_t spi, /* in network order */
-+ uint8_t replay_window,
-+ uint8_t sa_state,
-+ uint8_t auth,
-+ uint8_t encrypt,
-+ uint32_t flags);
-+
-+int
-+pfkey_lifetime_build(struct sadb_ext ** pfkey_ext,
-+ uint16_t exttype,
-+ uint32_t allocations,
-+ uint64_t bytes,
-+ uint64_t addtime,
-+ uint64_t usetime,
-+ uint32_t packets);
-+
-+int
-+pfkey_address_build(struct sadb_ext** pfkey_ext,
-+ uint16_t exttype,
-+ uint8_t proto,
-+ uint8_t prefixlen,
-+ struct sockaddr* address);
-+
-+int
-+pfkey_key_build(struct sadb_ext** pfkey_ext,
-+ uint16_t exttype,
-+ uint16_t key_bits,
-+ char* key);
-+
-+int
-+pfkey_ident_build(struct sadb_ext** pfkey_ext,
-+ uint16_t exttype,
-+ uint16_t ident_type,
-+ uint64_t ident_id,
-+ uint8_t ident_len,
-+ char* ident_string);
-+
-+#ifdef __KERNEL__
-+extern int pfkey_nat_t_new_mapping(struct ipsec_sa *, struct sockaddr *, __u16);
-+extern int pfkey_x_nat_t_type_process(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr);
-+extern int pfkey_x_nat_t_port_process(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr);
-+#endif /* __KERNEL__ */
-+int
-+pfkey_x_nat_t_type_build(struct sadb_ext** pfkey_ext,
-+ uint8_t type);
-+int
-+pfkey_x_nat_t_port_build(struct sadb_ext** pfkey_ext,
-+ uint16_t exttype,
-+ uint16_t port);
-+
-+int
-+pfkey_sens_build(struct sadb_ext** pfkey_ext,
-+ uint32_t dpd,
-+ uint8_t sens_level,
-+ uint8_t sens_len,
-+ uint64_t* sens_bitmap,
-+ uint8_t integ_level,
-+ uint8_t integ_len,
-+ uint64_t* integ_bitmap);
-+
-+int pfkey_x_protocol_build(struct sadb_ext **, uint8_t);
-+
-+
-+int
-+pfkey_prop_build(struct sadb_ext** pfkey_ext,
-+ uint8_t replay,
-+ unsigned int comb_num,
-+ struct sadb_comb* comb);
-+
-+int
-+pfkey_supported_build(struct sadb_ext** pfkey_ext,
-+ uint16_t exttype,
-+ unsigned int alg_num,
-+ struct sadb_alg* alg);
-+
-+int
-+pfkey_spirange_build(struct sadb_ext** pfkey_ext,
-+ uint16_t exttype,
-+ uint32_t min,
-+ uint32_t max);
-+
-+int
-+pfkey_x_kmprivate_build(struct sadb_ext** pfkey_ext);
-+
-+int
-+pfkey_x_satype_build(struct sadb_ext** pfkey_ext,
-+ uint8_t satype);
-+
-+int
-+pfkey_x_debug_build(struct sadb_ext** pfkey_ext,
-+ uint32_t tunnel,
-+ uint32_t netlink,
-+ uint32_t xform,
-+ uint32_t eroute,
-+ uint32_t spi,
-+ uint32_t radij,
-+ uint32_t esp,
-+ uint32_t ah,
-+ uint32_t rcv,
-+ uint32_t pfkey,
-+ uint32_t ipcomp,
-+ uint32_t verbose);
-+
-+int
-+pfkey_msg_build(struct sadb_msg** pfkey_msg,
-+ struct sadb_ext* extensions[],
-+ int dir);
-+
-+/* in pfkey_v2_debug.c - routines to decode numbers -> strings */
-+const char *
-+pfkey_v2_sadb_ext_string(int extnum);
-+
-+const char *
-+pfkey_v2_sadb_type_string(int sadb_type);
-+
-+
-+#endif /* __NET_IPSEC_PF_KEY_H */
-+
-+/*
-+ * $Log: pfkey.h,v $
-+ * Revision 1.49 2005-05-11 00:57:29 mcr
-+ * rename struct supported -> struct ipsec_alg_supported.
-+ * make pfkey.h more standalone.
-+ *
-+ * Revision 1.48 2005/05/01 03:12:50 mcr
-+ * include name of algorithm in datastructure.
-+ *
-+ * Revision 1.47 2004/08/21 00:44:14 mcr
-+ * simplify definition of nat_t related prototypes.
-+ *
-+ * Revision 1.46 2004/08/04 16:27:22 mcr
-+ * 2.6 sk_ options.
-+ *
-+ * Revision 1.45 2004/04/06 02:49:00 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.44 2003/12/10 01:20:01 mcr
-+ * NAT-traversal patches to KLIPS.
-+ *
-+ * Revision 1.43 2003/10/31 02:26:44 mcr
-+ * pulled up port-selector patches.
-+ *
-+ * Revision 1.42.2.2 2003/10/29 01:09:32 mcr
-+ * added debugging for pfkey library.
-+ *
-+ * Revision 1.42.2.1 2003/09/21 13:59:34 mcr
-+ * pre-liminary X.509 patch - does not yet pass tests.
-+ *
-+ * Revision 1.42 2003/08/25 22:08:19 mcr
-+ * removed pfkey_proto_init() from pfkey.h for 2.6 support.
-+ *
-+ * Revision 1.41 2003/05/07 17:28:57 mcr
-+ * new function pfkey_debug_func added for us in debugging from
-+
-+ * pfkey library.
-+ *
-+ * Revision 1.40 2003/01/30 02:31:34 rgb
-+ *
-+ * Convert IPsecSAref_t from signed to unsigned to fix apparent SAref exhaustion bug.
-+ *
-+ * Revision 1.39 2002/09/20 15:40:21 rgb
-+ * Switch from pfkey_alloc_ipsec_sa() to ipsec_sa_alloc().
-+ * Added ref parameter to pfkey_sa_build().
-+ * Cleaned out unused cruft.
-+ *
-+ * Revision 1.38 2002/05/14 02:37:24 rgb
-+ * Change all references to tdb, TDB or Tunnel Descriptor Block to ips,
-+ * ipsec_sa or ipsec_sa.
-+ * Added function prototypes for the functions moved to
-+ * pfkey_v2_ext_process.c.
-+ *
-+ * Revision 1.37 2002/04/24 07:36:49 mcr
-+ * Moved from ./lib/pfkey.h,v
-+ *
-+ * Revision 1.36 2002/01/20 20:34:49 mcr
-+ * added pfkey_v2_sadb_type_string to decode sadb_type to string.
-+ *
-+ * Revision 1.35 2001/11/27 05:27:47 mcr
-+ * pfkey parses are now maintained by a structure
-+ * that includes their name for debug purposes.
-+ *
-+ * Revision 1.34 2001/11/26 09:23:53 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.33 2001/11/06 19:47:47 rgb
-+ * Added packet parameter to lifetime and comb structures.
-+ *
-+ * Revision 1.32 2001/09/08 21:13:34 rgb
-+ * Added pfkey ident extension support for ISAKMPd. (NetCelo)
-+ *
-+ * Revision 1.31 2001/06/14 19:35:16 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.30 2001/02/27 07:04:52 rgb
-+ * Added satype2name prototype.
-+ *
-+ * Revision 1.29 2001/02/26 19:59:33 rgb
-+ * Ditch unused sadb_satype2proto[], replaced by satype2proto().
-+ *
-+ * Revision 1.28 2000/10/10 20:10:19 rgb
-+ * Added support for debug_ipcomp and debug_verbose to klipsdebug.
-+ *
-+ * Revision 1.27 2000/09/21 04:20:45 rgb
-+ * Fixed array size off-by-one error. (Thanks Svenning!)
-+ *
-+ * Revision 1.26 2000/09/12 03:26:05 rgb
-+ * Added pfkey_acquire prototype.
-+ *
-+ * Revision 1.25 2000/09/08 19:21:28 rgb
-+ * Fix pfkey_prop_build() parameter to be only single indirection.
-+ *
-+ * Revision 1.24 2000/09/01 18:46:42 rgb
-+ * Added a supported algorithms array lists, one per satype and registered
-+ * existing algorithms.
-+ * Fixed pfkey_list_{insert,remove}_{socket,support}() to allow change to
-+ * list.
-+ *
-+ * Revision 1.23 2000/08/27 01:55:26 rgb
-+ * Define OCTETBITS and PFKEYBITS to avoid using 'magic' numbers in code.
-+ *
-+ * Revision 1.22 2000/08/20 21:39:23 rgb
-+ * Added kernel prototypes for kernel funcitions pfkey_upmsg() and
-+ * pfkey_expire().
-+ *
-+ * Revision 1.21 2000/08/15 17:29:23 rgb
-+ * Fixes from SZI to untested pfkey_prop_build().
-+ *
-+ * Revision 1.20 2000/05/10 20:14:19 rgb
-+ * Fleshed out sensitivity, proposal and supported extensions.
-+ *
-+ * Revision 1.19 2000/03/16 14:07:23 rgb
-+ * Renamed ALIGN macro to avoid fighting with others in kernel.
-+ *
-+ * Revision 1.18 2000/01/22 23:24:06 rgb
-+ * Added prototypes for proto2satype(), satype2proto() and proto2name().
-+ *
-+ * Revision 1.17 2000/01/21 06:26:59 rgb
-+ * Converted from double tdb arguments to one structure (extr)
-+ * containing pointers to all temporary information structures.
-+ * Added klipsdebug switching capability.
-+ * Dropped unused argument to pfkey_x_satype_build().
-+ *
-+ * Revision 1.16 1999/12/29 21:17:41 rgb
-+ * Changed pfkey_msg_build() I/F to include a struct sadb_msg**
-+ * parameter for cleaner manipulation of extensions[] and to guard
-+ * against potential memory leaks.
-+ * Changed the I/F to pfkey_msg_free() for the same reason.
-+ *
-+ * Revision 1.15 1999/12/09 23:12:54 rgb
-+ * Added macro for BITS_PER_OCTET.
-+ * Added argument to pfkey_sa_build() to do eroutes.
-+ *
-+ * Revision 1.14 1999/12/08 20:33:25 rgb
-+ * Changed sa_family_t to uint16_t for 2.0.xx compatibility.
-+ *
-+ * Revision 1.13 1999/12/07 19:53:40 rgb
-+ * Removed unused first argument from extension parsers.
-+ * Changed __u* types to uint* to avoid use of asm/types.h and
-+ * sys/types.h in userspace code.
-+ * Added function prototypes for pfkey message and extensions
-+ * initialisation and cleanup.
-+ *
-+ * Revision 1.12 1999/12/01 22:19:38 rgb
-+ * Change pfkey_sa_build to accept an SPI in network byte order.
-+ *
-+ * Revision 1.11 1999/11/27 11:55:26 rgb
-+ * Added extern sadb_satype2proto to enable moving protocol lookup table
-+ * to lib/pfkey_v2_parse.c.
-+ * Delete unused, moved typedefs.
-+ * Add argument to pfkey_msg_parse() for direction.
-+ * Consolidated the 4 1-d extension bitmap arrays into one 4-d array.
-+ *
-+ * Revision 1.10 1999/11/23 22:29:21 rgb
-+ * This file has been moved in the distribution from klips/net/ipsec to
-+ * lib.
-+ * Add macros for dealing with alignment and rounding up more opaquely.
-+ * The uint<n>_t type defines have been moved to freeswan.h to avoid
-+ * chicken-and-egg problems.
-+ * Add macros for dealing with alignment and rounding up more opaque.
-+ * Added prototypes for using extention header bitmaps.
-+ * Added prototypes of all the build functions.
-+ *
-+ * Revision 1.9 1999/11/20 21:59:48 rgb
-+ * Moved socketlist type declarations and prototypes for shared use.
-+ * Slightly modified scope of sockaddr_key declaration.
-+ *
-+ * Revision 1.8 1999/11/17 14:34:25 rgb
-+ * Protect sa_family_t from being used in userspace with GLIBC<2.
-+ *
-+ * Revision 1.7 1999/10/27 19:40:35 rgb
-+ * Add a maximum PFKEY packet size macro.
-+ *
-+ * Revision 1.6 1999/10/26 16:58:58 rgb
-+ * Created a sockaddr_key and key_opt socket extension structures.
-+ *
-+ * Revision 1.5 1999/06/10 05:24:41 rgb
-+ * Renamed variables to reduce confusion.
-+ *
-+ * Revision 1.4 1999/04/29 15:21:11 rgb
-+ * Add pfkey support to debugging.
-+ * Add return values to init and cleanup functions.
-+ *
-+ * Revision 1.3 1999/04/15 17:58:07 rgb
-+ * Add RCSID labels.
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/pfkeyv2.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,472 @@
-+/*
-+ * RCSID $Id: pfkeyv2.h,v 1.31 2005-04-14 01:14:54 mcr Exp $
-+ */
-+
-+/*
-+RFC 2367 PF_KEY Key Management API July 1998
-+
-+
-+Appendix D: Sample Header File
-+
-+This file defines structures and symbols for the PF_KEY Version 2
-+key management interface. It was written at the U.S. Naval Research
-+Laboratory. This file is in the public domain. The authors ask that
-+you leave this credit intact on any copies of this file.
-+*/
-+#ifndef __PFKEY_V2_H
-+#define __PFKEY_V2_H 1
-+
-+#define PF_KEY_V2 2
-+#define PFKEYV2_REVISION 199806L
-+
-+#define SADB_RESERVED 0
-+#define SADB_GETSPI 1
-+#define SADB_UPDATE 2
-+#define SADB_ADD 3
-+#define SADB_DELETE 4
-+#define SADB_GET 5
-+#define SADB_ACQUIRE 6
-+#define SADB_REGISTER 7
-+#define SADB_EXPIRE 8
-+#define SADB_FLUSH 9
-+#define SADB_DUMP 10
-+#define SADB_X_PROMISC 11
-+#define SADB_X_PCHANGE 12
-+#define SADB_X_GRPSA 13
-+#define SADB_X_ADDFLOW 14
-+#define SADB_X_DELFLOW 15
-+#define SADB_X_DEBUG 16
-+#define SADB_X_NAT_T_NEW_MAPPING 17
-+#define SADB_MAX 17
-+
-+struct sadb_msg {
-+ uint8_t sadb_msg_version;
-+ uint8_t sadb_msg_type;
-+ uint8_t sadb_msg_errno;
-+ uint8_t sadb_msg_satype;
-+ uint16_t sadb_msg_len;
-+ uint16_t sadb_msg_reserved;
-+ uint32_t sadb_msg_seq;
-+ uint32_t sadb_msg_pid;
-+};
-+
-+struct sadb_ext {
-+ uint16_t sadb_ext_len;
-+ uint16_t sadb_ext_type;
-+};
-+
-+struct sadb_sa {
-+ uint16_t sadb_sa_len;
-+ uint16_t sadb_sa_exttype;
-+ uint32_t sadb_sa_spi;
-+ uint8_t sadb_sa_replay;
-+ uint8_t sadb_sa_state;
-+ uint8_t sadb_sa_auth;
-+ uint8_t sadb_sa_encrypt;
-+ uint32_t sadb_sa_flags;
-+ uint32_t /*IPsecSAref_t*/ sadb_x_sa_ref; /* 32 bits */
-+ uint8_t sadb_x_reserved[4];
-+};
-+
-+struct sadb_sa_v1 {
-+ uint16_t sadb_sa_len;
-+ uint16_t sadb_sa_exttype;
-+ uint32_t sadb_sa_spi;
-+ uint8_t sadb_sa_replay;
-+ uint8_t sadb_sa_state;
-+ uint8_t sadb_sa_auth;
-+ uint8_t sadb_sa_encrypt;
-+ uint32_t sadb_sa_flags;
-+};
-+
-+struct sadb_lifetime {
-+ uint16_t sadb_lifetime_len;
-+ uint16_t sadb_lifetime_exttype;
-+ uint32_t sadb_lifetime_allocations;
-+ uint64_t sadb_lifetime_bytes;
-+ uint64_t sadb_lifetime_addtime;
-+ uint64_t sadb_lifetime_usetime;
-+ uint32_t sadb_x_lifetime_packets;
-+ uint32_t sadb_x_lifetime_reserved;
-+};
-+
-+struct sadb_address {
-+ uint16_t sadb_address_len;
-+ uint16_t sadb_address_exttype;
-+ uint8_t sadb_address_proto;
-+ uint8_t sadb_address_prefixlen;
-+ uint16_t sadb_address_reserved;
-+};
-+
-+struct sadb_key {
-+ uint16_t sadb_key_len;
-+ uint16_t sadb_key_exttype;
-+ uint16_t sadb_key_bits;
-+ uint16_t sadb_key_reserved;
-+};
-+
-+struct sadb_ident {
-+ uint16_t sadb_ident_len;
-+ uint16_t sadb_ident_exttype;
-+ uint16_t sadb_ident_type;
-+ uint16_t sadb_ident_reserved;
-+ uint64_t sadb_ident_id;
-+};
-+
-+struct sadb_sens {
-+ uint16_t sadb_sens_len;
-+ uint16_t sadb_sens_exttype;
-+ uint32_t sadb_sens_dpd;
-+ uint8_t sadb_sens_sens_level;
-+ uint8_t sadb_sens_sens_len;
-+ uint8_t sadb_sens_integ_level;
-+ uint8_t sadb_sens_integ_len;
-+ uint32_t sadb_sens_reserved;
-+};
-+
-+struct sadb_prop {
-+ uint16_t sadb_prop_len;
-+ uint16_t sadb_prop_exttype;
-+ uint8_t sadb_prop_replay;
-+ uint8_t sadb_prop_reserved[3];
-+};
-+
-+struct sadb_comb {
-+ uint8_t sadb_comb_auth;
-+ uint8_t sadb_comb_encrypt;
-+ uint16_t sadb_comb_flags;
-+ uint16_t sadb_comb_auth_minbits;
-+ uint16_t sadb_comb_auth_maxbits;
-+ uint16_t sadb_comb_encrypt_minbits;
-+ uint16_t sadb_comb_encrypt_maxbits;
-+ uint32_t sadb_comb_reserved;
-+ uint32_t sadb_comb_soft_allocations;
-+ uint32_t sadb_comb_hard_allocations;
-+ uint64_t sadb_comb_soft_bytes;
-+ uint64_t sadb_comb_hard_bytes;
-+ uint64_t sadb_comb_soft_addtime;
-+ uint64_t sadb_comb_hard_addtime;
-+ uint64_t sadb_comb_soft_usetime;
-+ uint64_t sadb_comb_hard_usetime;
-+ uint32_t sadb_x_comb_soft_packets;
-+ uint32_t sadb_x_comb_hard_packets;
-+};
-+
-+struct sadb_supported {
-+ uint16_t sadb_supported_len;
-+ uint16_t sadb_supported_exttype;
-+ uint32_t sadb_supported_reserved;
-+};
-+
-+struct sadb_alg {
-+ uint8_t sadb_alg_id;
-+ uint8_t sadb_alg_ivlen;
-+ uint16_t sadb_alg_minbits;
-+ uint16_t sadb_alg_maxbits;
-+ uint16_t sadb_alg_reserved;
-+};
-+
-+struct sadb_spirange {
-+ uint16_t sadb_spirange_len;
-+ uint16_t sadb_spirange_exttype;
-+ uint32_t sadb_spirange_min;
-+ uint32_t sadb_spirange_max;
-+ uint32_t sadb_spirange_reserved;
-+};
-+
-+struct sadb_x_kmprivate {
-+ uint16_t sadb_x_kmprivate_len;
-+ uint16_t sadb_x_kmprivate_exttype;
-+ uint32_t sadb_x_kmprivate_reserved;
-+};
-+
-+struct sadb_x_satype {
-+ uint16_t sadb_x_satype_len;
-+ uint16_t sadb_x_satype_exttype;
-+ uint8_t sadb_x_satype_satype;
-+ uint8_t sadb_x_satype_reserved[3];
-+};
-+
-+struct sadb_x_policy {
-+ uint16_t sadb_x_policy_len;
-+ uint16_t sadb_x_policy_exttype;
-+ uint16_t sadb_x_policy_type;
-+ uint8_t sadb_x_policy_dir;
-+ uint8_t sadb_x_policy_reserved;
-+ uint32_t sadb_x_policy_id;
-+ uint32_t sadb_x_policy_reserved2;
-+};
-+
-+struct sadb_x_debug {
-+ uint16_t sadb_x_debug_len;
-+ uint16_t sadb_x_debug_exttype;
-+ uint32_t sadb_x_debug_tunnel;
-+ uint32_t sadb_x_debug_netlink;
-+ uint32_t sadb_x_debug_xform;
-+ uint32_t sadb_x_debug_eroute;
-+ uint32_t sadb_x_debug_spi;
-+ uint32_t sadb_x_debug_radij;
-+ uint32_t sadb_x_debug_esp;
-+ uint32_t sadb_x_debug_ah;
-+ uint32_t sadb_x_debug_rcv;
-+ uint32_t sadb_x_debug_pfkey;
-+ uint32_t sadb_x_debug_ipcomp;
-+ uint32_t sadb_x_debug_verbose;
-+ uint8_t sadb_x_debug_reserved[4];
-+};
-+
-+struct sadb_x_nat_t_type {
-+ uint16_t sadb_x_nat_t_type_len;
-+ uint16_t sadb_x_nat_t_type_exttype;
-+ uint8_t sadb_x_nat_t_type_type;
-+ uint8_t sadb_x_nat_t_type_reserved[3];
-+};
-+struct sadb_x_nat_t_port {
-+ uint16_t sadb_x_nat_t_port_len;
-+ uint16_t sadb_x_nat_t_port_exttype;
-+ uint16_t sadb_x_nat_t_port_port;
-+ uint16_t sadb_x_nat_t_port_reserved;
-+};
-+
-+/*
-+ * A protocol structure for passing through the transport level
-+ * protocol. It contains more fields than are actually used/needed
-+ * but it is this way to be compatible with the structure used in
-+ * OpenBSD (http://www.openbsd.org/cgi-bin/cvsweb/src/sys/net/pfkeyv2.h)
-+ */
-+struct sadb_protocol {
-+ uint16_t sadb_protocol_len;
-+ uint16_t sadb_protocol_exttype;
-+ uint8_t sadb_protocol_proto;
-+ uint8_t sadb_protocol_direction;
-+ uint8_t sadb_protocol_flags;
-+ uint8_t sadb_protocol_reserved2;
-+};
-+
-+#define SADB_EXT_RESERVED 0
-+#define SADB_EXT_SA 1
-+#define SADB_EXT_LIFETIME_CURRENT 2
-+#define SADB_EXT_LIFETIME_HARD 3
-+#define SADB_EXT_LIFETIME_SOFT 4
-+#define SADB_EXT_ADDRESS_SRC 5
-+#define SADB_EXT_ADDRESS_DST 6
-+#define SADB_EXT_ADDRESS_PROXY 7
-+#define SADB_EXT_KEY_AUTH 8
-+#define SADB_EXT_KEY_ENCRYPT 9
-+#define SADB_EXT_IDENTITY_SRC 10
-+#define SADB_EXT_IDENTITY_DST 11
-+#define SADB_EXT_SENSITIVITY 12
-+#define SADB_EXT_PROPOSAL 13
-+#define SADB_EXT_SUPPORTED_AUTH 14
-+#define SADB_EXT_SUPPORTED_ENCRYPT 15
-+#define SADB_EXT_SPIRANGE 16
-+#define SADB_X_EXT_KMPRIVATE 17
-+#define SADB_X_EXT_SATYPE2 18
-+#ifdef KERNEL26_HAS_KAME_DUPLICATES
-+#define SADB_X_EXT_POLICY 18
-+#endif
-+#define SADB_X_EXT_SA2 19
-+#define SADB_X_EXT_ADDRESS_DST2 20
-+#define SADB_X_EXT_ADDRESS_SRC_FLOW 21
-+#define SADB_X_EXT_ADDRESS_DST_FLOW 22
-+#define SADB_X_EXT_ADDRESS_SRC_MASK 23
-+#define SADB_X_EXT_ADDRESS_DST_MASK 24
-+#define SADB_X_EXT_DEBUG 25
-+#define SADB_X_EXT_PROTOCOL 26
-+#define SADB_X_EXT_NAT_T_TYPE 27
-+#define SADB_X_EXT_NAT_T_SPORT 28
-+#define SADB_X_EXT_NAT_T_DPORT 29
-+#define SADB_X_EXT_NAT_T_OA 30
-+#define SADB_EXT_MAX 30
-+
-+/* SADB_X_DELFLOW required over and above SADB_X_SAFLAGS_CLEARFLOW */
-+#define SADB_X_EXT_ADDRESS_DELFLOW \
-+ ( (1<<SADB_X_EXT_ADDRESS_SRC_FLOW) \
-+ | (1<<SADB_X_EXT_ADDRESS_DST_FLOW) \
-+ | (1<<SADB_X_EXT_ADDRESS_SRC_MASK) \
-+ | (1<<SADB_X_EXT_ADDRESS_DST_MASK))
-+
-+#define SADB_SATYPE_UNSPEC 0
-+#define SADB_SATYPE_AH 2
-+#define SADB_SATYPE_ESP 3
-+#define SADB_SATYPE_RSVP 5
-+#define SADB_SATYPE_OSPFV2 6
-+#define SADB_SATYPE_RIPV2 7
-+#define SADB_SATYPE_MIP 8
-+#define SADB_X_SATYPE_IPIP 9
-+#ifdef KERNEL26_HAS_KAME_DUPLICATES
-+#define SADB_X_SATYPE_IPCOMP 9 /* ICK! */
-+#endif
-+#define SADB_X_SATYPE_COMP 10
-+#define SADB_X_SATYPE_INT 11
-+#define SADB_SATYPE_MAX 11
-+
-+enum sadb_sastate {
-+ SADB_SASTATE_LARVAL=0,
-+ SADB_SASTATE_MATURE=1,
-+ SADB_SASTATE_DYING=2,
-+ SADB_SASTATE_DEAD=3
-+};
-+#define SADB_SASTATE_MAX 3
-+
-+#define SADB_SAFLAGS_PFS 1
-+#define SADB_X_SAFLAGS_REPLACEFLOW 2
-+#define SADB_X_SAFLAGS_CLEARFLOW 4
-+#define SADB_X_SAFLAGS_INFLOW 8
-+
-+/* not obvious, but these are the same values as used in isakmp,
-+ * and in freeswan/ipsec_policy.h. If you need to add any, they
-+ * should be added as according to
-+ * http://www.iana.org/assignments/isakmp-registry
-+ *
-+ * and if not, then please try to use a private-use value, and
-+ * consider asking IANA to assign a value.
-+ */
-+#define SADB_AALG_NONE 0
-+#define SADB_AALG_MD5HMAC 2
-+#define SADB_AALG_SHA1HMAC 3
-+#define SADB_X_AALG_SHA2_256HMAC 5
-+#define SADB_X_AALG_SHA2_384HMAC 6
-+#define SADB_X_AALG_SHA2_512HMAC 7
-+#define SADB_X_AALG_RIPEMD160HMAC 8
-+#define SADB_X_AALG_NULL 251 /* kame */
-+#define SADB_AALG_MAX 251
-+
-+#define SADB_EALG_NONE 0
-+#define SADB_EALG_DESCBC 2
-+#define SADB_EALG_3DESCBC 3
-+#define SADB_X_EALG_CASTCBC 6
-+#define SADB_X_EALG_BLOWFISHCBC 7
-+#define SADB_EALG_NULL 11
-+#define SADB_X_EALG_AESCBC 12
-+#define SADB_EALG_MAX 255
-+
-+#define SADB_X_CALG_NONE 0
-+#define SADB_X_CALG_OUI 1
-+#define SADB_X_CALG_DEFLATE 2
-+#define SADB_X_CALG_LZS 3
-+#define SADB_X_CALG_V42BIS 4
-+#ifdef KERNEL26_HAS_KAME_DUPLICATES
-+#define SADB_X_CALG_LZJH 4
-+#endif
-+#define SADB_X_CALG_MAX 4
-+
-+#define SADB_X_TALG_NONE 0
-+#define SADB_X_TALG_IPv4_in_IPv4 1
-+#define SADB_X_TALG_IPv6_in_IPv4 2
-+#define SADB_X_TALG_IPv4_in_IPv6 3
-+#define SADB_X_TALG_IPv6_in_IPv6 4
-+#define SADB_X_TALG_MAX 4
-+
-+
-+#define SADB_IDENTTYPE_RESERVED 0
-+#define SADB_IDENTTYPE_PREFIX 1
-+#define SADB_IDENTTYPE_FQDN 2
-+#define SADB_IDENTTYPE_USERFQDN 3
-+#define SADB_X_IDENTTYPE_CONNECTION 4
-+#define SADB_IDENTTYPE_MAX 4
-+
-+#define SADB_KEY_FLAGS_MAX 0
-+#endif /* __PFKEY_V2_H */
-+
-+/*
-+ * $Log: pfkeyv2.h,v $
-+ * Revision 1.31 2005-04-14 01:14:54 mcr
-+ * change sadb_state to an enum.
-+ *
-+ * Revision 1.30 2004/04/06 02:49:00 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.29 2003/12/22 21:35:58 mcr
-+ * new patches from Dr{Who}.
-+ *
-+ * Revision 1.28 2003/12/22 19:33:15 mcr
-+ * added 0.6c NAT-T patch.
-+ *
-+ * Revision 1.27 2003/12/10 01:20:01 mcr
-+ * NAT-traversal patches to KLIPS.
-+ *
-+ * Revision 1.26 2003/10/31 02:26:44 mcr
-+ * pulled up port-selector patches.
-+ *
-+ * Revision 1.25.4.1 2003/09/21 13:59:34 mcr
-+ * pre-liminary X.509 patch - does not yet pass tests.
-+ *
-+ * Revision 1.25 2003/07/31 23:59:17 mcr
-+ * re-introduce kernel 2.6 duplicate values for now.
-+ * hope to get them changed!
-+ *
-+ * Revision 1.24 2003/07/31 22:55:27 mcr
-+ * added some definitions to keep pfkeyv2.h files in sync.
-+ *
-+ * Revision 1.23 2003/05/11 00:43:48 mcr
-+ * added comment about origin of values used
-+ *
-+ * Revision 1.22 2003/01/30 02:31:34 rgb
-+ *
-+ * Convert IPsecSAref_t from signed to unsigned to fix apparent SAref exhaustion bug.
-+ *
-+ * Revision 1.21 2002/12/16 19:26:49 mcr
-+ * added definition of FS 1.xx sadb structure
-+ *
-+ * Revision 1.20 2002/09/20 15:40:25 rgb
-+ * Added sadb_x_sa_ref to struct sadb_sa.
-+ *
-+ * Revision 1.19 2002/04/24 07:36:49 mcr
-+ * Moved from ./lib/pfkeyv2.h,v
-+ *
-+ * Revision 1.18 2001/11/06 19:47:47 rgb
-+ * Added packet parameter to lifetime and comb structures.
-+ *
-+ * Revision 1.17 2001/09/08 21:13:35 rgb
-+ * Added pfkey ident extension support for ISAKMPd. (NetCelo)
-+ *
-+ * Revision 1.16 2001/07/06 19:49:46 rgb
-+ * Added SADB_X_SAFLAGS_INFLOW for supporting incoming policy checks.
-+ *
-+ * Revision 1.15 2001/02/26 20:00:43 rgb
-+ * Added internal IP protocol 61 for magic SAs.
-+ *
-+ * Revision 1.14 2001/02/08 18:51:05 rgb
-+ * Include RFC document title and appendix subsection title.
-+ *
-+ * Revision 1.13 2000/10/10 20:10:20 rgb
-+ * Added support for debug_ipcomp and debug_verbose to klipsdebug.
-+ *
-+ * Revision 1.12 2000/09/15 06:41:50 rgb
-+ * Added V42BIS constant.
-+ *
-+ * Revision 1.11 2000/09/12 22:35:37 rgb
-+ * Restructured to remove unused extensions from CLEARFLOW messages.
-+ *
-+ * Revision 1.10 2000/09/12 18:50:09 rgb
-+ * Added IPIP tunnel types as algo support.
-+ *
-+ * Revision 1.9 2000/08/21 16:47:19 rgb
-+ * Added SADB_X_CALG_* macros for IPCOMP.
-+ *
-+ * Revision 1.8 2000/08/09 20:43:34 rgb
-+ * Fixed bitmask value for SADB_X_SAFLAGS_CLEAREROUTE.
-+ *
-+ * Revision 1.7 2000/01/21 06:28:37 rgb
-+ * Added flow add/delete message type macros.
-+ * Added flow address extension type macros.
-+ * Tidied up spacing.
-+ * Added klipsdebug switching capability.
-+ *
-+ * Revision 1.6 1999/11/27 11:56:08 rgb
-+ * Add SADB_X_SATYPE_COMP for compression, eventually.
-+ *
-+ * Revision 1.5 1999/11/23 22:23:16 rgb
-+ * This file has been moved in the distribution from klips/net/ipsec to
-+ * lib.
-+ *
-+ * Revision 1.4 1999/04/29 15:23:29 rgb
-+ * Add GRPSA support.
-+ * Add support for a second SATYPE, SA and DST_ADDRESS.
-+ * Add IPPROTO_IPIP support.
-+ *
-+ * Revision 1.3 1999/04/15 17:58:08 rgb
-+ * Add RCSID labels.
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/zlib/zconf.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,309 @@
-+/* zconf.h -- configuration of the zlib compression library
-+ * Copyright (C) 1995-2002 Jean-loup Gailly.
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+/* @(#) $Id: zconf.h,v 1.4 2004-07-10 07:48:40 mcr Exp $ */
-+
-+#ifndef _ZCONF_H
-+#define _ZCONF_H
-+
-+/*
-+ * If you *really* need a unique prefix for all types and library functions,
-+ * compile with -DZ_PREFIX. The "standard" zlib should be compiled without it.
-+ */
-+#ifdef IPCOMP_PREFIX
-+# define deflateInit_ ipcomp_deflateInit_
-+# define deflate ipcomp_deflate
-+# define deflateEnd ipcomp_deflateEnd
-+# define inflateInit_ ipcomp_inflateInit_
-+# define inflate ipcomp_inflate
-+# define inflateEnd ipcomp_inflateEnd
-+# define deflateInit2_ ipcomp_deflateInit2_
-+# define deflateSetDictionary ipcomp_deflateSetDictionary
-+# define deflateCopy ipcomp_deflateCopy
-+# define deflateReset ipcomp_deflateReset
-+# define deflateParams ipcomp_deflateParams
-+# define inflateInit2_ ipcomp_inflateInit2_
-+# define inflateSetDictionary ipcomp_inflateSetDictionary
-+# define inflateSync ipcomp_inflateSync
-+# define inflateSyncPoint ipcomp_inflateSyncPoint
-+# define inflateReset ipcomp_inflateReset
-+# define compress ipcomp_compress
-+# define compress2 ipcomp_compress2
-+# define uncompress ipcomp_uncompress
-+# define adler32 ipcomp_adler32
-+# define crc32 ipcomp_crc32
-+# define get_crc_table ipcomp_get_crc_table
-+/* SSS: these also need to be prefixed to avoid clash with ppp_deflate and ext2compression */
-+# define inflate_blocks ipcomp_deflate_blocks
-+# define inflate_blocks_free ipcomp_deflate_blocks_free
-+# define inflate_blocks_new ipcomp_inflate_blocks_new
-+# define inflate_blocks_reset ipcomp_inflate_blocks_reset
-+# define inflate_blocks_sync_point ipcomp_inflate_blocks_sync_point
-+# define inflate_set_dictionary ipcomp_inflate_set_dictionary
-+# define inflate_codes ipcomp_inflate_codes
-+# define inflate_codes_free ipcomp_inflate_codes_free
-+# define inflate_codes_new ipcomp_inflate_codes_new
-+# define inflate_fast ipcomp_inflate_fast
-+# define inflate_trees_bits ipcomp_inflate_trees_bits
-+# define inflate_trees_dynamic ipcomp_inflate_trees_dynamic
-+# define inflate_trees_fixed ipcomp_inflate_trees_fixed
-+# define inflate_flush ipcomp_inflate_flush
-+# define inflate_mask ipcomp_inflate_mask
-+# define _dist_code _ipcomp_dist_code
-+# define _length_code _ipcomp_length_code
-+# define _tr_align _ipcomp_tr_align
-+# define _tr_flush_block _ipcomp_tr_flush_block
-+# define _tr_init _ipcomp_tr_init
-+# define _tr_stored_block _ipcomp_tr_stored_block
-+# define _tr_tally _ipcomp_tr_tally
-+# define zError ipcomp_zError
-+# define z_errmsg ipcomp_z_errmsg
-+# define zlibVersion ipcomp_zlibVersion
-+# define match_init ipcomp_match_init
-+# define longest_match ipcomp_longest_match
-+#endif
-+
-+#ifdef Z_PREFIX
-+# define Byte z_Byte
-+# define uInt z_uInt
-+# define uLong z_uLong
-+# define Bytef z_Bytef
-+# define charf z_charf
-+# define intf z_intf
-+# define uIntf z_uIntf
-+# define uLongf z_uLongf
-+# define voidpf z_voidpf
-+# define voidp z_voidp
-+#endif
-+
-+#if (defined(_WIN32) || defined(__WIN32__)) && !defined(WIN32)
-+# define WIN32
-+#endif
-+#if defined(__GNUC__) || defined(WIN32) || defined(__386__) || defined(i386)
-+# ifndef __32BIT__
-+# define __32BIT__
-+# endif
-+#endif
-+#if defined(__MSDOS__) && !defined(MSDOS)
-+# define MSDOS
-+#endif
-+
-+/*
-+ * Compile with -DMAXSEG_64K if the alloc function cannot allocate more
-+ * than 64k bytes at a time (needed on systems with 16-bit int).
-+ */
-+#if defined(MSDOS) && !defined(__32BIT__)
-+# define MAXSEG_64K
-+#endif
-+#ifdef MSDOS
-+# define UNALIGNED_OK
-+#endif
-+
-+#if (defined(MSDOS) || defined(_WINDOWS) || defined(WIN32)) && !defined(STDC)
-+# define STDC
-+#endif
-+#if defined(__STDC__) || defined(__cplusplus) || defined(__OS2__)
-+# ifndef STDC
-+# define STDC
-+# endif
-+#endif
-+
-+#ifndef STDC
-+# ifndef const /* cannot use !defined(STDC) && !defined(const) on Mac */
-+# define const
-+# endif
-+#endif
-+
-+/* Some Mac compilers merge all .h files incorrectly: */
-+#if defined(__MWERKS__) || defined(applec) ||defined(THINK_C) ||defined(__SC__)
-+# define NO_DUMMY_DECL
-+#endif
-+
-+/* Old Borland C incorrectly complains about missing returns: */
-+#if defined(__BORLANDC__) && (__BORLANDC__ < 0x500)
-+# define NEED_DUMMY_RETURN
-+#endif
-+
-+
-+/* Maximum value for memLevel in deflateInit2 */
-+#ifndef MAX_MEM_LEVEL
-+# ifdef MAXSEG_64K
-+# define MAX_MEM_LEVEL 8
-+# else
-+# define MAX_MEM_LEVEL 9
-+# endif
-+#endif
-+
-+/* Maximum value for windowBits in deflateInit2 and inflateInit2.
-+ * WARNING: reducing MAX_WBITS makes minigzip unable to extract .gz files
-+ * created by gzip. (Files created by minigzip can still be extracted by
-+ * gzip.)
-+ */
-+#ifndef MAX_WBITS
-+# define MAX_WBITS 15 /* 32K LZ77 window */
-+#endif
-+
-+/* The memory requirements for deflate are (in bytes):
-+ (1 << (windowBits+2)) + (1 << (memLevel+9))
-+ that is: 128K for windowBits=15 + 128K for memLevel = 8 (default values)
-+ plus a few kilobytes for small objects. For example, if you want to reduce
-+ the default memory requirements from 256K to 128K, compile with
-+ make CFLAGS="-O -DMAX_WBITS=14 -DMAX_MEM_LEVEL=7"
-+ Of course this will generally degrade compression (there's no free lunch).
-+
-+ The memory requirements for inflate are (in bytes) 1 << windowBits
-+ that is, 32K for windowBits=15 (default value) plus a few kilobytes
-+ for small objects.
-+*/
-+
-+ /* Type declarations */
-+
-+#ifndef OF /* function prototypes */
-+# ifdef STDC
-+# define OF(args) args
-+# else
-+# define OF(args) ()
-+# endif
-+#endif
-+
-+/* The following definitions for FAR are needed only for MSDOS mixed
-+ * model programming (small or medium model with some far allocations).
-+ * This was tested only with MSC; for other MSDOS compilers you may have
-+ * to define NO_MEMCPY in zutil.h. If you don't need the mixed model,
-+ * just define FAR to be empty.
-+ */
-+#if (defined(M_I86SM) || defined(M_I86MM)) && !defined(__32BIT__)
-+ /* MSC small or medium model */
-+# define SMALL_MEDIUM
-+# ifdef _MSC_VER
-+# define FAR _far
-+# else
-+# define FAR far
-+# endif
-+#endif
-+#if defined(__BORLANDC__) && (defined(__SMALL__) || defined(__MEDIUM__))
-+# ifndef __32BIT__
-+# define SMALL_MEDIUM
-+# define FAR _far
-+# endif
-+#endif
-+
-+/* Compile with -DZLIB_DLL for Windows DLL support */
-+#if defined(ZLIB_DLL)
-+# if defined(_WINDOWS) || defined(WINDOWS)
-+# ifdef FAR
-+# undef FAR
-+# endif
-+# include <windows.h>
-+# define ZEXPORT WINAPI
-+# ifdef WIN32
-+# define ZEXPORTVA WINAPIV
-+# else
-+# define ZEXPORTVA FAR _cdecl _export
-+# endif
-+# endif
-+# if defined (__BORLANDC__)
-+# if (__BORLANDC__ >= 0x0500) && defined (WIN32)
-+# include <windows.h>
-+# define ZEXPORT __declspec(dllexport) WINAPI
-+# define ZEXPORTRVA __declspec(dllexport) WINAPIV
-+# else
-+# if defined (_Windows) && defined (__DLL__)
-+# define ZEXPORT _export
-+# define ZEXPORTVA _export
-+# endif
-+# endif
-+# endif
-+#endif
-+
-+#if defined (__BEOS__)
-+# if defined (ZLIB_DLL)
-+# define ZEXTERN extern __declspec(dllexport)
-+# else
-+# define ZEXTERN extern __declspec(dllimport)
-+# endif
-+#endif
-+
-+#ifndef ZEXPORT
-+# define ZEXPORT
-+#endif
-+#ifndef ZEXPORTVA
-+# define ZEXPORTVA
-+#endif
-+#ifndef ZEXTERN
-+# define ZEXTERN extern
-+#endif
-+
-+#ifndef FAR
-+# define FAR
-+#endif
-+
-+#if !defined(MACOS) && !defined(TARGET_OS_MAC)
-+typedef unsigned char Byte; /* 8 bits */
-+#endif
-+typedef unsigned int uInt; /* 16 bits or more */
-+typedef unsigned long uLong; /* 32 bits or more */
-+
-+#ifdef SMALL_MEDIUM
-+ /* Borland C/C++ and some old MSC versions ignore FAR inside typedef */
-+# define Bytef Byte FAR
-+#else
-+ typedef Byte FAR Bytef;
-+#endif
-+typedef char FAR charf;
-+typedef int FAR intf;
-+typedef uInt FAR uIntf;
-+typedef uLong FAR uLongf;
-+
-+#ifdef STDC
-+ typedef void FAR *voidpf;
-+ typedef void *voidp;
-+#else
-+ typedef Byte FAR *voidpf;
-+ typedef Byte *voidp;
-+#endif
-+
-+#ifdef HAVE_UNISTD_H
-+# include <sys/types.h> /* for off_t */
-+# include <unistd.h> /* for SEEK_* and off_t */
-+# define z_off_t off_t
-+#endif
-+#ifndef SEEK_SET
-+# define SEEK_SET 0 /* Seek from beginning of file. */
-+# define SEEK_CUR 1 /* Seek from current position. */
-+# define SEEK_END 2 /* Set file pointer to EOF plus "offset" */
-+#endif
-+#ifndef z_off_t
-+# define z_off_t long
-+#endif
-+
-+/* MVS linker does not support external names larger than 8 bytes */
-+#if defined(__MVS__)
-+# pragma map(deflateInit_,"DEIN")
-+# pragma map(deflateInit2_,"DEIN2")
-+# pragma map(deflateEnd,"DEEND")
-+# pragma map(inflateInit_,"ININ")
-+# pragma map(inflateInit2_,"ININ2")
-+# pragma map(inflateEnd,"INEND")
-+# pragma map(inflateSync,"INSY")
-+# pragma map(inflateSetDictionary,"INSEDI")
-+# pragma map(inflate_blocks,"INBL")
-+# pragma map(inflate_blocks_new,"INBLNE")
-+# pragma map(inflate_blocks_free,"INBLFR")
-+# pragma map(inflate_blocks_reset,"INBLRE")
-+# pragma map(inflate_codes_free,"INCOFR")
-+# pragma map(inflate_codes,"INCO")
-+# pragma map(inflate_fast,"INFA")
-+# pragma map(inflate_flush,"INFLU")
-+# pragma map(inflate_mask,"INMA")
-+# pragma map(inflate_set_dictionary,"INSEDI2")
-+# pragma map(ipcomp_inflate_copyright,"INCOPY")
-+# pragma map(inflate_trees_bits,"INTRBI")
-+# pragma map(inflate_trees_dynamic,"INTRDY")
-+# pragma map(inflate_trees_fixed,"INTRFI")
-+# pragma map(inflate_trees_free,"INTRFR")
-+#endif
-+
-+#endif /* _ZCONF_H */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/zlib/zlib.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,893 @@
-+/* zlib.h -- interface of the 'zlib' general purpose compression library
-+ version 1.1.4, March 11th, 2002
-+
-+ Copyright (C) 1995-2002 Jean-loup Gailly and Mark Adler
-+
-+ This software is provided 'as-is', without any express or implied
-+ warranty. In no event will the authors be held liable for any damages
-+ arising from the use of this software.
-+
-+ Permission is granted to anyone to use this software for any purpose,
-+ including commercial applications, and to alter it and redistribute it
-+ freely, subject to the following restrictions:
-+
-+ 1. The origin of this software must not be misrepresented; you must not
-+ claim that you wrote the original software. If you use this software
-+ in a product, an acknowledgment in the product documentation would be
-+ appreciated but is not required.
-+ 2. Altered source versions must be plainly marked as such, and must not be
-+ misrepresented as being the original software.
-+ 3. This notice may not be removed or altered from any source distribution.
-+
-+ Jean-loup Gailly Mark Adler
-+ jloup@gzip.org madler@alumni.caltech.edu
-+
-+
-+ The data format used by the zlib library is described by RFCs (Request for
-+ Comments) 1950 to 1952 in the files ftp://ds.internic.net/rfc/rfc1950.txt
-+ (zlib format), rfc1951.txt (deflate format) and rfc1952.txt (gzip format).
-+*/
-+
-+#ifndef _ZLIB_H
-+#define _ZLIB_H
-+
-+#include "zconf.h"
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+#define ZLIB_VERSION "1.1.4"
-+
-+/*
-+ The 'zlib' compression library provides in-memory compression and
-+ decompression functions, including integrity checks of the uncompressed
-+ data. This version of the library supports only one compression method
-+ (deflation) but other algorithms will be added later and will have the same
-+ stream interface.
-+
-+ Compression can be done in a single step if the buffers are large
-+ enough (for example if an input file is mmap'ed), or can be done by
-+ repeated calls of the compression function. In the latter case, the
-+ application must provide more input and/or consume the output
-+ (providing more output space) before each call.
-+
-+ The library also supports reading and writing files in gzip (.gz) format
-+ with an interface similar to that of stdio.
-+
-+ The library does not install any signal handler. The decoder checks
-+ the consistency of the compressed data, so the library should never
-+ crash even in case of corrupted input.
-+*/
-+
-+typedef voidpf (*alloc_func) OF((voidpf opaque, uInt items, uInt size));
-+typedef void (*free_func) OF((voidpf opaque, voidpf address));
-+
-+struct internal_state;
-+
-+typedef struct z_stream_s {
-+ Bytef *next_in; /* next input byte */
-+ uInt avail_in; /* number of bytes available at next_in */
-+ uLong total_in; /* total nb of input bytes read so far */
-+
-+ Bytef *next_out; /* next output byte should be put there */
-+ uInt avail_out; /* remaining free space at next_out */
-+ uLong total_out; /* total nb of bytes output so far */
-+
-+ const char *msg; /* last error message, NULL if no error */
-+ struct internal_state FAR *state; /* not visible by applications */
-+
-+ alloc_func zalloc; /* used to allocate the internal state */
-+ free_func zfree; /* used to free the internal state */
-+ voidpf opaque; /* private data object passed to zalloc and zfree */
-+
-+ int data_type; /* best guess about the data type: ascii or binary */
-+ uLong adler; /* adler32 value of the uncompressed data */
-+ uLong reserved; /* reserved for future use */
-+} z_stream;
-+
-+typedef z_stream FAR *z_streamp;
-+
-+/*
-+ The application must update next_in and avail_in when avail_in has
-+ dropped to zero. It must update next_out and avail_out when avail_out
-+ has dropped to zero. The application must initialize zalloc, zfree and
-+ opaque before calling the init function. All other fields are set by the
-+ compression library and must not be updated by the application.
-+
-+ The opaque value provided by the application will be passed as the first
-+ parameter for calls of zalloc and zfree. This can be useful for custom
-+ memory management. The compression library attaches no meaning to the
-+ opaque value.
-+
-+ zalloc must return Z_NULL if there is not enough memory for the object.
-+ If zlib is used in a multi-threaded application, zalloc and zfree must be
-+ thread safe.
-+
-+ On 16-bit systems, the functions zalloc and zfree must be able to allocate
-+ exactly 65536 bytes, but will not be required to allocate more than this
-+ if the symbol MAXSEG_64K is defined (see zconf.h). WARNING: On MSDOS,
-+ pointers returned by zalloc for objects of exactly 65536 bytes *must*
-+ have their offset normalized to zero. The default allocation function
-+ provided by this library ensures this (see zutil.c). To reduce memory
-+ requirements and avoid any allocation of 64K objects, at the expense of
-+ compression ratio, compile the library with -DMAX_WBITS=14 (see zconf.h).
-+
-+ The fields total_in and total_out can be used for statistics or
-+ progress reports. After compression, total_in holds the total size of
-+ the uncompressed data and may be saved for use in the decompressor
-+ (particularly if the decompressor wants to decompress everything in
-+ a single step).
-+*/
-+
-+ /* constants */
-+
-+#define Z_NO_FLUSH 0
-+#define Z_PARTIAL_FLUSH 1 /* will be removed, use Z_SYNC_FLUSH instead */
-+#define Z_SYNC_FLUSH 2
-+#define Z_FULL_FLUSH 3
-+#define Z_FINISH 4
-+/* Allowed flush values; see deflate() below for details */
-+
-+#define Z_OK 0
-+#define Z_STREAM_END 1
-+#define Z_NEED_DICT 2
-+#define Z_ERRNO (-1)
-+#define Z_STREAM_ERROR (-2)
-+#define Z_DATA_ERROR (-3)
-+#define Z_MEM_ERROR (-4)
-+#define Z_BUF_ERROR (-5)
-+#define Z_VERSION_ERROR (-6)
-+/* Return codes for the compression/decompression functions. Negative
-+ * values are errors, positive values are used for special but normal events.
-+ */
-+
-+#define Z_NO_COMPRESSION 0
-+#define Z_BEST_SPEED 1
-+#define Z_BEST_COMPRESSION 9
-+#define Z_DEFAULT_COMPRESSION (-1)
-+/* compression levels */
-+
-+#define Z_FILTERED 1
-+#define Z_HUFFMAN_ONLY 2
-+#define Z_DEFAULT_STRATEGY 0
-+/* compression strategy; see deflateInit2() below for details */
-+
-+#define Z_BINARY 0
-+#define Z_ASCII 1
-+#define Z_UNKNOWN 2
-+/* Possible values of the data_type field */
-+
-+#define Z_DEFLATED 8
-+/* The deflate compression method (the only one supported in this version) */
-+
-+#define Z_NULL 0 /* for initializing zalloc, zfree, opaque */
-+
-+#define zlib_version zlibVersion()
-+/* for compatibility with versions < 1.0.2 */
-+
-+ /* basic functions */
-+
-+ZEXTERN const char * ZEXPORT zlibVersion OF((void));
-+/* The application can compare zlibVersion and ZLIB_VERSION for consistency.
-+ If the first character differs, the library code actually used is
-+ not compatible with the zlib.h header file used by the application.
-+ This check is automatically made by deflateInit and inflateInit.
-+ */
-+
-+/*
-+ZEXTERN int ZEXPORT deflateInit OF((z_streamp strm, int level));
-+
-+ Initializes the internal stream state for compression. The fields
-+ zalloc, zfree and opaque must be initialized before by the caller.
-+ If zalloc and zfree are set to Z_NULL, deflateInit updates them to
-+ use default allocation functions.
-+
-+ The compression level must be Z_DEFAULT_COMPRESSION, or between 0 and 9:
-+ 1 gives best speed, 9 gives best compression, 0 gives no compression at
-+ all (the input data is simply copied a block at a time).
-+ Z_DEFAULT_COMPRESSION requests a default compromise between speed and
-+ compression (currently equivalent to level 6).
-+
-+ deflateInit returns Z_OK if success, Z_MEM_ERROR if there was not
-+ enough memory, Z_STREAM_ERROR if level is not a valid compression level,
-+ Z_VERSION_ERROR if the zlib library version (zlib_version) is incompatible
-+ with the version assumed by the caller (ZLIB_VERSION).
-+ msg is set to null if there is no error message. deflateInit does not
-+ perform any compression: this will be done by deflate().
-+*/
-+
-+
-+ZEXTERN int ZEXPORT deflate OF((z_streamp strm, int flush));
-+/*
-+ deflate compresses as much data as possible, and stops when the input
-+ buffer becomes empty or the output buffer becomes full. It may introduce some
-+ output latency (reading input without producing any output) except when
-+ forced to flush.
-+
-+ The detailed semantics are as follows. deflate performs one or both of the
-+ following actions:
-+
-+ - Compress more input starting at next_in and update next_in and avail_in
-+ accordingly. If not all input can be processed (because there is not
-+ enough room in the output buffer), next_in and avail_in are updated and
-+ processing will resume at this point for the next call of deflate().
-+
-+ - Provide more output starting at next_out and update next_out and avail_out
-+ accordingly. This action is forced if the parameter flush is non zero.
-+ Forcing flush frequently degrades the compression ratio, so this parameter
-+ should be set only when necessary (in interactive applications).
-+ Some output may be provided even if flush is not set.
-+
-+ Before the call of deflate(), the application should ensure that at least
-+ one of the actions is possible, by providing more input and/or consuming
-+ more output, and updating avail_in or avail_out accordingly; avail_out
-+ should never be zero before the call. The application can consume the
-+ compressed output when it wants, for example when the output buffer is full
-+ (avail_out == 0), or after each call of deflate(). If deflate returns Z_OK
-+ and with zero avail_out, it must be called again after making room in the
-+ output buffer because there might be more output pending.
-+
-+ If the parameter flush is set to Z_SYNC_FLUSH, all pending output is
-+ flushed to the output buffer and the output is aligned on a byte boundary, so
-+ that the decompressor can get all input data available so far. (In particular
-+ avail_in is zero after the call if enough output space has been provided
-+ before the call.) Flushing may degrade compression for some compression
-+ algorithms and so it should be used only when necessary.
-+
-+ If flush is set to Z_FULL_FLUSH, all output is flushed as with
-+ Z_SYNC_FLUSH, and the compression state is reset so that decompression can
-+ restart from this point if previous compressed data has been damaged or if
-+ random access is desired. Using Z_FULL_FLUSH too often can seriously degrade
-+ the compression.
-+
-+ If deflate returns with avail_out == 0, this function must be called again
-+ with the same value of the flush parameter and more output space (updated
-+ avail_out), until the flush is complete (deflate returns with non-zero
-+ avail_out).
-+
-+ If the parameter flush is set to Z_FINISH, pending input is processed,
-+ pending output is flushed and deflate returns with Z_STREAM_END if there
-+ was enough output space; if deflate returns with Z_OK, this function must be
-+ called again with Z_FINISH and more output space (updated avail_out) but no
-+ more input data, until it returns with Z_STREAM_END or an error. After
-+ deflate has returned Z_STREAM_END, the only possible operations on the
-+ stream are deflateReset or deflateEnd.
-+
-+ Z_FINISH can be used immediately after deflateInit if all the compression
-+ is to be done in a single step. In this case, avail_out must be at least
-+ 0.1% larger than avail_in plus 12 bytes. If deflate does not return
-+ Z_STREAM_END, then it must be called again as described above.
-+
-+ deflate() sets strm->adler to the adler32 checksum of all input read
-+ so far (that is, total_in bytes).
-+
-+ deflate() may update data_type if it can make a good guess about
-+ the input data type (Z_ASCII or Z_BINARY). In doubt, the data is considered
-+ binary. This field is only for information purposes and does not affect
-+ the compression algorithm in any manner.
-+
-+ deflate() returns Z_OK if some progress has been made (more input
-+ processed or more output produced), Z_STREAM_END if all input has been
-+ consumed and all output has been produced (only when flush is set to
-+ Z_FINISH), Z_STREAM_ERROR if the stream state was inconsistent (for example
-+ if next_in or next_out was NULL), Z_BUF_ERROR if no progress is possible
-+ (for example avail_in or avail_out was zero).
-+*/
-+
-+
-+ZEXTERN int ZEXPORT deflateEnd OF((z_streamp strm));
-+/*
-+ All dynamically allocated data structures for this stream are freed.
-+ This function discards any unprocessed input and does not flush any
-+ pending output.
-+
-+ deflateEnd returns Z_OK if success, Z_STREAM_ERROR if the
-+ stream state was inconsistent, Z_DATA_ERROR if the stream was freed
-+ prematurely (some input or output was discarded). In the error case,
-+ msg may be set but then points to a static string (which must not be
-+ deallocated).
-+*/
-+
-+
-+/*
-+ZEXTERN int ZEXPORT inflateInit OF((z_streamp strm));
-+
-+ Initializes the internal stream state for decompression. The fields
-+ next_in, avail_in, zalloc, zfree and opaque must be initialized before by
-+ the caller. If next_in is not Z_NULL and avail_in is large enough (the exact
-+ value depends on the compression method), inflateInit determines the
-+ compression method from the zlib header and allocates all data structures
-+ accordingly; otherwise the allocation will be deferred to the first call of
-+ inflate. If zalloc and zfree are set to Z_NULL, inflateInit updates them to
-+ use default allocation functions.
-+
-+ inflateInit returns Z_OK if success, Z_MEM_ERROR if there was not enough
-+ memory, Z_VERSION_ERROR if the zlib library version is incompatible with the
-+ version assumed by the caller. msg is set to null if there is no error
-+ message. inflateInit does not perform any decompression apart from reading
-+ the zlib header if present: this will be done by inflate(). (So next_in and
-+ avail_in may be modified, but next_out and avail_out are unchanged.)
-+*/
-+
-+
-+ZEXTERN int ZEXPORT inflate OF((z_streamp strm, int flush));
-+/*
-+ inflate decompresses as much data as possible, and stops when the input
-+ buffer becomes empty or the output buffer becomes full. It may some
-+ introduce some output latency (reading input without producing any output)
-+ except when forced to flush.
-+
-+ The detailed semantics are as follows. inflate performs one or both of the
-+ following actions:
-+
-+ - Decompress more input starting at next_in and update next_in and avail_in
-+ accordingly. If not all input can be processed (because there is not
-+ enough room in the output buffer), next_in is updated and processing
-+ will resume at this point for the next call of inflate().
-+
-+ - Provide more output starting at next_out and update next_out and avail_out
-+ accordingly. inflate() provides as much output as possible, until there
-+ is no more input data or no more space in the output buffer (see below
-+ about the flush parameter).
-+
-+ Before the call of inflate(), the application should ensure that at least
-+ one of the actions is possible, by providing more input and/or consuming
-+ more output, and updating the next_* and avail_* values accordingly.
-+ The application can consume the uncompressed output when it wants, for
-+ example when the output buffer is full (avail_out == 0), or after each
-+ call of inflate(). If inflate returns Z_OK and with zero avail_out, it
-+ must be called again after making room in the output buffer because there
-+ might be more output pending.
-+
-+ If the parameter flush is set to Z_SYNC_FLUSH, inflate flushes as much
-+ output as possible to the output buffer. The flushing behavior of inflate is
-+ not specified for values of the flush parameter other than Z_SYNC_FLUSH
-+ and Z_FINISH, but the current implementation actually flushes as much output
-+ as possible anyway.
-+
-+ inflate() should normally be called until it returns Z_STREAM_END or an
-+ error. However if all decompression is to be performed in a single step
-+ (a single call of inflate), the parameter flush should be set to
-+ Z_FINISH. In this case all pending input is processed and all pending
-+ output is flushed; avail_out must be large enough to hold all the
-+ uncompressed data. (The size of the uncompressed data may have been saved
-+ by the compressor for this purpose.) The next operation on this stream must
-+ be inflateEnd to deallocate the decompression state. The use of Z_FINISH
-+ is never required, but can be used to inform inflate that a faster routine
-+ may be used for the single inflate() call.
-+
-+ If a preset dictionary is needed at this point (see inflateSetDictionary
-+ below), inflate sets strm-adler to the adler32 checksum of the
-+ dictionary chosen by the compressor and returns Z_NEED_DICT; otherwise
-+ it sets strm->adler to the adler32 checksum of all output produced
-+ so far (that is, total_out bytes) and returns Z_OK, Z_STREAM_END or
-+ an error code as described below. At the end of the stream, inflate()
-+ checks that its computed adler32 checksum is equal to that saved by the
-+ compressor and returns Z_STREAM_END only if the checksum is correct.
-+
-+ inflate() returns Z_OK if some progress has been made (more input processed
-+ or more output produced), Z_STREAM_END if the end of the compressed data has
-+ been reached and all uncompressed output has been produced, Z_NEED_DICT if a
-+ preset dictionary is needed at this point, Z_DATA_ERROR if the input data was
-+ corrupted (input stream not conforming to the zlib format or incorrect
-+ adler32 checksum), Z_STREAM_ERROR if the stream structure was inconsistent
-+ (for example if next_in or next_out was NULL), Z_MEM_ERROR if there was not
-+ enough memory, Z_BUF_ERROR if no progress is possible or if there was not
-+ enough room in the output buffer when Z_FINISH is used. In the Z_DATA_ERROR
-+ case, the application may then call inflateSync to look for a good
-+ compression block.
-+*/
-+
-+
-+ZEXTERN int ZEXPORT inflateEnd OF((z_streamp strm));
-+/*
-+ All dynamically allocated data structures for this stream are freed.
-+ This function discards any unprocessed input and does not flush any
-+ pending output.
-+
-+ inflateEnd returns Z_OK if success, Z_STREAM_ERROR if the stream state
-+ was inconsistent. In the error case, msg may be set but then points to a
-+ static string (which must not be deallocated).
-+*/
-+
-+ /* Advanced functions */
-+
-+/*
-+ The following functions are needed only in some special applications.
-+*/
-+
-+/*
-+ZEXTERN int ZEXPORT deflateInit2 OF((z_streamp strm,
-+ int level,
-+ int method,
-+ int windowBits,
-+ int memLevel,
-+ int strategy));
-+
-+ This is another version of deflateInit with more compression options. The
-+ fields next_in, zalloc, zfree and opaque must be initialized before by
-+ the caller.
-+
-+ The method parameter is the compression method. It must be Z_DEFLATED in
-+ this version of the library.
-+
-+ The windowBits parameter is the base two logarithm of the window size
-+ (the size of the history buffer). It should be in the range 8..15 for this
-+ version of the library. Larger values of this parameter result in better
-+ compression at the expense of memory usage. The default value is 15 if
-+ deflateInit is used instead.
-+
-+ The memLevel parameter specifies how much memory should be allocated
-+ for the internal compression state. memLevel=1 uses minimum memory but
-+ is slow and reduces compression ratio; memLevel=9 uses maximum memory
-+ for optimal speed. The default value is 8. See zconf.h for total memory
-+ usage as a function of windowBits and memLevel.
-+
-+ The strategy parameter is used to tune the compression algorithm. Use the
-+ value Z_DEFAULT_STRATEGY for normal data, Z_FILTERED for data produced by a
-+ filter (or predictor), or Z_HUFFMAN_ONLY to force Huffman encoding only (no
-+ string match). Filtered data consists mostly of small values with a
-+ somewhat random distribution. In this case, the compression algorithm is
-+ tuned to compress them better. The effect of Z_FILTERED is to force more
-+ Huffman coding and less string matching; it is somewhat intermediate
-+ between Z_DEFAULT and Z_HUFFMAN_ONLY. The strategy parameter only affects
-+ the compression ratio but not the correctness of the compressed output even
-+ if it is not set appropriately.
-+
-+ deflateInit2 returns Z_OK if success, Z_MEM_ERROR if there was not enough
-+ memory, Z_STREAM_ERROR if a parameter is invalid (such as an invalid
-+ method). msg is set to null if there is no error message. deflateInit2 does
-+ not perform any compression: this will be done by deflate().
-+*/
-+
-+ZEXTERN int ZEXPORT deflateSetDictionary OF((z_streamp strm,
-+ const Bytef *dictionary,
-+ uInt dictLength));
-+/*
-+ Initializes the compression dictionary from the given byte sequence
-+ without producing any compressed output. This function must be called
-+ immediately after deflateInit, deflateInit2 or deflateReset, before any
-+ call of deflate. The compressor and decompressor must use exactly the same
-+ dictionary (see inflateSetDictionary).
-+
-+ The dictionary should consist of strings (byte sequences) that are likely
-+ to be encountered later in the data to be compressed, with the most commonly
-+ used strings preferably put towards the end of the dictionary. Using a
-+ dictionary is most useful when the data to be compressed is short and can be
-+ predicted with good accuracy; the data can then be compressed better than
-+ with the default empty dictionary.
-+
-+ Depending on the size of the compression data structures selected by
-+ deflateInit or deflateInit2, a part of the dictionary may in effect be
-+ discarded, for example if the dictionary is larger than the window size in
-+ deflate or deflate2. Thus the strings most likely to be useful should be
-+ put at the end of the dictionary, not at the front.
-+
-+ Upon return of this function, strm->adler is set to the Adler32 value
-+ of the dictionary; the decompressor may later use this value to determine
-+ which dictionary has been used by the compressor. (The Adler32 value
-+ applies to the whole dictionary even if only a subset of the dictionary is
-+ actually used by the compressor.)
-+
-+ deflateSetDictionary returns Z_OK if success, or Z_STREAM_ERROR if a
-+ parameter is invalid (such as NULL dictionary) or the stream state is
-+ inconsistent (for example if deflate has already been called for this stream
-+ or if the compression method is bsort). deflateSetDictionary does not
-+ perform any compression: this will be done by deflate().
-+*/
-+
-+ZEXTERN int ZEXPORT deflateCopy OF((z_streamp dest,
-+ z_streamp source));
-+/*
-+ Sets the destination stream as a complete copy of the source stream.
-+
-+ This function can be useful when several compression strategies will be
-+ tried, for example when there are several ways of pre-processing the input
-+ data with a filter. The streams that will be discarded should then be freed
-+ by calling deflateEnd. Note that deflateCopy duplicates the internal
-+ compression state which can be quite large, so this strategy is slow and
-+ can consume lots of memory.
-+
-+ deflateCopy returns Z_OK if success, Z_MEM_ERROR if there was not
-+ enough memory, Z_STREAM_ERROR if the source stream state was inconsistent
-+ (such as zalloc being NULL). msg is left unchanged in both source and
-+ destination.
-+*/
-+
-+ZEXTERN int ZEXPORT deflateReset OF((z_streamp strm));
-+/*
-+ This function is equivalent to deflateEnd followed by deflateInit,
-+ but does not free and reallocate all the internal compression state.
-+ The stream will keep the same compression level and any other attributes
-+ that may have been set by deflateInit2.
-+
-+ deflateReset returns Z_OK if success, or Z_STREAM_ERROR if the source
-+ stream state was inconsistent (such as zalloc or state being NULL).
-+*/
-+
-+ZEXTERN int ZEXPORT deflateParams OF((z_streamp strm,
-+ int level,
-+ int strategy));
-+/*
-+ Dynamically update the compression level and compression strategy. The
-+ interpretation of level and strategy is as in deflateInit2. This can be
-+ used to switch between compression and straight copy of the input data, or
-+ to switch to a different kind of input data requiring a different
-+ strategy. If the compression level is changed, the input available so far
-+ is compressed with the old level (and may be flushed); the new level will
-+ take effect only at the next call of deflate().
-+
-+ Before the call of deflateParams, the stream state must be set as for
-+ a call of deflate(), since the currently available input may have to
-+ be compressed and flushed. In particular, strm->avail_out must be non-zero.
-+
-+ deflateParams returns Z_OK if success, Z_STREAM_ERROR if the source
-+ stream state was inconsistent or if a parameter was invalid, Z_BUF_ERROR
-+ if strm->avail_out was zero.
-+*/
-+
-+/*
-+ZEXTERN int ZEXPORT inflateInit2 OF((z_streamp strm,
-+ int windowBits));
-+
-+ This is another version of inflateInit with an extra parameter. The
-+ fields next_in, avail_in, zalloc, zfree and opaque must be initialized
-+ before by the caller.
-+
-+ The windowBits parameter is the base two logarithm of the maximum window
-+ size (the size of the history buffer). It should be in the range 8..15 for
-+ this version of the library. The default value is 15 if inflateInit is used
-+ instead. If a compressed stream with a larger window size is given as
-+ input, inflate() will return with the error code Z_DATA_ERROR instead of
-+ trying to allocate a larger window.
-+
-+ inflateInit2 returns Z_OK if success, Z_MEM_ERROR if there was not enough
-+ memory, Z_STREAM_ERROR if a parameter is invalid (such as a negative
-+ memLevel). msg is set to null if there is no error message. inflateInit2
-+ does not perform any decompression apart from reading the zlib header if
-+ present: this will be done by inflate(). (So next_in and avail_in may be
-+ modified, but next_out and avail_out are unchanged.)
-+*/
-+
-+ZEXTERN int ZEXPORT inflateSetDictionary OF((z_streamp strm,
-+ const Bytef *dictionary,
-+ uInt dictLength));
-+/*
-+ Initializes the decompression dictionary from the given uncompressed byte
-+ sequence. This function must be called immediately after a call of inflate
-+ if this call returned Z_NEED_DICT. The dictionary chosen by the compressor
-+ can be determined from the Adler32 value returned by this call of
-+ inflate. The compressor and decompressor must use exactly the same
-+ dictionary (see deflateSetDictionary).
-+
-+ inflateSetDictionary returns Z_OK if success, Z_STREAM_ERROR if a
-+ parameter is invalid (such as NULL dictionary) or the stream state is
-+ inconsistent, Z_DATA_ERROR if the given dictionary doesn't match the
-+ expected one (incorrect Adler32 value). inflateSetDictionary does not
-+ perform any decompression: this will be done by subsequent calls of
-+ inflate().
-+*/
-+
-+ZEXTERN int ZEXPORT inflateSync OF((z_streamp strm));
-+/*
-+ Skips invalid compressed data until a full flush point (see above the
-+ description of deflate with Z_FULL_FLUSH) can be found, or until all
-+ available input is skipped. No output is provided.
-+
-+ inflateSync returns Z_OK if a full flush point has been found, Z_BUF_ERROR
-+ if no more input was provided, Z_DATA_ERROR if no flush point has been found,
-+ or Z_STREAM_ERROR if the stream structure was inconsistent. In the success
-+ case, the application may save the current current value of total_in which
-+ indicates where valid compressed data was found. In the error case, the
-+ application may repeatedly call inflateSync, providing more input each time,
-+ until success or end of the input data.
-+*/
-+
-+ZEXTERN int ZEXPORT inflateReset OF((z_streamp strm));
-+/*
-+ This function is equivalent to inflateEnd followed by inflateInit,
-+ but does not free and reallocate all the internal decompression state.
-+ The stream will keep attributes that may have been set by inflateInit2.
-+
-+ inflateReset returns Z_OK if success, or Z_STREAM_ERROR if the source
-+ stream state was inconsistent (such as zalloc or state being NULL).
-+*/
-+
-+
-+ /* utility functions */
-+
-+/*
-+ The following utility functions are implemented on top of the
-+ basic stream-oriented functions. To simplify the interface, some
-+ default options are assumed (compression level and memory usage,
-+ standard memory allocation functions). The source code of these
-+ utility functions can easily be modified if you need special options.
-+*/
-+
-+ZEXTERN int ZEXPORT compress OF((Bytef *dest, uLongf *destLen,
-+ const Bytef *source, uLong sourceLen));
-+/*
-+ Compresses the source buffer into the destination buffer. sourceLen is
-+ the byte length of the source buffer. Upon entry, destLen is the total
-+ size of the destination buffer, which must be at least 0.1% larger than
-+ sourceLen plus 12 bytes. Upon exit, destLen is the actual size of the
-+ compressed buffer.
-+ This function can be used to compress a whole file at once if the
-+ input file is mmap'ed.
-+ compress returns Z_OK if success, Z_MEM_ERROR if there was not
-+ enough memory, Z_BUF_ERROR if there was not enough room in the output
-+ buffer.
-+*/
-+
-+ZEXTERN int ZEXPORT compress2 OF((Bytef *dest, uLongf *destLen,
-+ const Bytef *source, uLong sourceLen,
-+ int level));
-+/*
-+ Compresses the source buffer into the destination buffer. The level
-+ parameter has the same meaning as in deflateInit. sourceLen is the byte
-+ length of the source buffer. Upon entry, destLen is the total size of the
-+ destination buffer, which must be at least 0.1% larger than sourceLen plus
-+ 12 bytes. Upon exit, destLen is the actual size of the compressed buffer.
-+
-+ compress2 returns Z_OK if success, Z_MEM_ERROR if there was not enough
-+ memory, Z_BUF_ERROR if there was not enough room in the output buffer,
-+ Z_STREAM_ERROR if the level parameter is invalid.
-+*/
-+
-+ZEXTERN int ZEXPORT uncompress OF((Bytef *dest, uLongf *destLen,
-+ const Bytef *source, uLong sourceLen));
-+/*
-+ Decompresses the source buffer into the destination buffer. sourceLen is
-+ the byte length of the source buffer. Upon entry, destLen is the total
-+ size of the destination buffer, which must be large enough to hold the
-+ entire uncompressed data. (The size of the uncompressed data must have
-+ been saved previously by the compressor and transmitted to the decompressor
-+ by some mechanism outside the scope of this compression library.)
-+ Upon exit, destLen is the actual size of the compressed buffer.
-+ This function can be used to decompress a whole file at once if the
-+ input file is mmap'ed.
-+
-+ uncompress returns Z_OK if success, Z_MEM_ERROR if there was not
-+ enough memory, Z_BUF_ERROR if there was not enough room in the output
-+ buffer, or Z_DATA_ERROR if the input data was corrupted.
-+*/
-+
-+
-+typedef voidp gzFile;
-+
-+ZEXTERN gzFile ZEXPORT gzopen OF((const char *path, const char *mode));
-+/*
-+ Opens a gzip (.gz) file for reading or writing. The mode parameter
-+ is as in fopen ("rb" or "wb") but can also include a compression level
-+ ("wb9") or a strategy: 'f' for filtered data as in "wb6f", 'h' for
-+ Huffman only compression as in "wb1h". (See the description
-+ of deflateInit2 for more information about the strategy parameter.)
-+
-+ gzopen can be used to read a file which is not in gzip format; in this
-+ case gzread will directly read from the file without decompression.
-+
-+ gzopen returns NULL if the file could not be opened or if there was
-+ insufficient memory to allocate the (de)compression state; errno
-+ can be checked to distinguish the two cases (if errno is zero, the
-+ zlib error is Z_MEM_ERROR). */
-+
-+ZEXTERN gzFile ZEXPORT gzdopen OF((int fd, const char *mode));
-+/*
-+ gzdopen() associates a gzFile with the file descriptor fd. File
-+ descriptors are obtained from calls like open, dup, creat, pipe or
-+ fileno (in the file has been previously opened with fopen).
-+ The mode parameter is as in gzopen.
-+ The next call of gzclose on the returned gzFile will also close the
-+ file descriptor fd, just like fclose(fdopen(fd), mode) closes the file
-+ descriptor fd. If you want to keep fd open, use gzdopen(dup(fd), mode).
-+ gzdopen returns NULL if there was insufficient memory to allocate
-+ the (de)compression state.
-+*/
-+
-+ZEXTERN int ZEXPORT gzsetparams OF((gzFile file, int level, int strategy));
-+/*
-+ Dynamically update the compression level or strategy. See the description
-+ of deflateInit2 for the meaning of these parameters.
-+ gzsetparams returns Z_OK if success, or Z_STREAM_ERROR if the file was not
-+ opened for writing.
-+*/
-+
-+ZEXTERN int ZEXPORT gzread OF((gzFile file, voidp buf, unsigned len));
-+/*
-+ Reads the given number of uncompressed bytes from the compressed file.
-+ If the input file was not in gzip format, gzread copies the given number
-+ of bytes into the buffer.
-+ gzread returns the number of uncompressed bytes actually read (0 for
-+ end of file, -1 for error). */
-+
-+ZEXTERN int ZEXPORT gzwrite OF((gzFile file,
-+ const voidp buf, unsigned len));
-+/*
-+ Writes the given number of uncompressed bytes into the compressed file.
-+ gzwrite returns the number of uncompressed bytes actually written
-+ (0 in case of error).
-+*/
-+
-+ZEXTERN int ZEXPORTVA gzprintf OF((gzFile file, const char *format, ...));
-+/*
-+ Converts, formats, and writes the args to the compressed file under
-+ control of the format string, as in fprintf. gzprintf returns the number of
-+ uncompressed bytes actually written (0 in case of error).
-+*/
-+
-+ZEXTERN int ZEXPORT gzputs OF((gzFile file, const char *s));
-+/*
-+ Writes the given null-terminated string to the compressed file, excluding
-+ the terminating null character.
-+ gzputs returns the number of characters written, or -1 in case of error.
-+*/
-+
-+ZEXTERN char * ZEXPORT gzgets OF((gzFile file, char *buf, int len));
-+/*
-+ Reads bytes from the compressed file until len-1 characters are read, or
-+ a newline character is read and transferred to buf, or an end-of-file
-+ condition is encountered. The string is then terminated with a null
-+ character.
-+ gzgets returns buf, or Z_NULL in case of error.
-+*/
-+
-+ZEXTERN int ZEXPORT gzputc OF((gzFile file, int c));
-+/*
-+ Writes c, converted to an unsigned char, into the compressed file.
-+ gzputc returns the value that was written, or -1 in case of error.
-+*/
-+
-+ZEXTERN int ZEXPORT gzgetc OF((gzFile file));
-+/*
-+ Reads one byte from the compressed file. gzgetc returns this byte
-+ or -1 in case of end of file or error.
-+*/
-+
-+ZEXTERN int ZEXPORT gzflush OF((gzFile file, int flush));
-+/*
-+ Flushes all pending output into the compressed file. The parameter
-+ flush is as in the deflate() function. The return value is the zlib
-+ error number (see function gzerror below). gzflush returns Z_OK if
-+ the flush parameter is Z_FINISH and all output could be flushed.
-+ gzflush should be called only when strictly necessary because it can
-+ degrade compression.
-+*/
-+
-+ZEXTERN z_off_t ZEXPORT gzseek OF((gzFile file,
-+ z_off_t offset, int whence));
-+/*
-+ Sets the starting position for the next gzread or gzwrite on the
-+ given compressed file. The offset represents a number of bytes in the
-+ uncompressed data stream. The whence parameter is defined as in lseek(2);
-+ the value SEEK_END is not supported.
-+ If the file is opened for reading, this function is emulated but can be
-+ extremely slow. If the file is opened for writing, only forward seeks are
-+ supported; gzseek then compresses a sequence of zeroes up to the new
-+ starting position.
-+
-+ gzseek returns the resulting offset location as measured in bytes from
-+ the beginning of the uncompressed stream, or -1 in case of error, in
-+ particular if the file is opened for writing and the new starting position
-+ would be before the current position.
-+*/
-+
-+ZEXTERN int ZEXPORT gzrewind OF((gzFile file));
-+/*
-+ Rewinds the given file. This function is supported only for reading.
-+
-+ gzrewind(file) is equivalent to (int)gzseek(file, 0L, SEEK_SET)
-+*/
-+
-+ZEXTERN z_off_t ZEXPORT gztell OF((gzFile file));
-+/*
-+ Returns the starting position for the next gzread or gzwrite on the
-+ given compressed file. This position represents a number of bytes in the
-+ uncompressed data stream.
-+
-+ gztell(file) is equivalent to gzseek(file, 0L, SEEK_CUR)
-+*/
-+
-+ZEXTERN int ZEXPORT gzeof OF((gzFile file));
-+/*
-+ Returns 1 when EOF has previously been detected reading the given
-+ input stream, otherwise zero.
-+*/
-+
-+ZEXTERN int ZEXPORT gzclose OF((gzFile file));
-+/*
-+ Flushes all pending output if necessary, closes the compressed file
-+ and deallocates all the (de)compression state. The return value is the zlib
-+ error number (see function gzerror below).
-+*/
-+
-+ZEXTERN const char * ZEXPORT gzerror OF((gzFile file, int *errnum));
-+/*
-+ Returns the error message for the last error which occurred on the
-+ given compressed file. errnum is set to zlib error number. If an
-+ error occurred in the file system and not in the compression library,
-+ errnum is set to Z_ERRNO and the application may consult errno
-+ to get the exact error code.
-+*/
-+
-+ /* checksum functions */
-+
-+/*
-+ These functions are not related to compression but are exported
-+ anyway because they might be useful in applications using the
-+ compression library.
-+*/
-+
-+ZEXTERN uLong ZEXPORT adler32 OF((uLong adler, const Bytef *buf, uInt len));
-+
-+/*
-+ Update a running Adler-32 checksum with the bytes buf[0..len-1] and
-+ return the updated checksum. If buf is NULL, this function returns
-+ the required initial value for the checksum.
-+ An Adler-32 checksum is almost as reliable as a CRC32 but can be computed
-+ much faster. Usage example:
-+
-+ uLong adler = adler32(0L, Z_NULL, 0);
-+
-+ while (read_buffer(buffer, length) != EOF) {
-+ adler = adler32(adler, buffer, length);
-+ }
-+ if (adler != original_adler) error();
-+*/
-+
-+ZEXTERN uLong ZEXPORT crc32 OF((uLong crc, const Bytef *buf, uInt len));
-+/*
-+ Update a running crc with the bytes buf[0..len-1] and return the updated
-+ crc. If buf is NULL, this function returns the required initial value
-+ for the crc. Pre- and post-conditioning (one's complement) is performed
-+ within this function so it shouldn't be done by the application.
-+ Usage example:
-+
-+ uLong crc = crc32(0L, Z_NULL, 0);
-+
-+ while (read_buffer(buffer, length) != EOF) {
-+ crc = crc32(crc, buffer, length);
-+ }
-+ if (crc != original_crc) error();
-+*/
-+
-+
-+ /* various hacks, don't look :) */
-+
-+/* deflateInit and inflateInit are macros to allow checking the zlib version
-+ * and the compiler's view of z_stream:
-+ */
-+ZEXTERN int ZEXPORT deflateInit_ OF((z_streamp strm, int level,
-+ const char *version, int stream_size));
-+ZEXTERN int ZEXPORT inflateInit_ OF((z_streamp strm,
-+ const char *version, int stream_size));
-+ZEXTERN int ZEXPORT deflateInit2_ OF((z_streamp strm, int level, int method,
-+ int windowBits, int memLevel,
-+ int strategy, const char *version,
-+ int stream_size));
-+ZEXTERN int ZEXPORT inflateInit2_ OF((z_streamp strm, int windowBits,
-+ const char *version, int stream_size));
-+#define deflateInit(strm, level) \
-+ deflateInit_((strm), (level), ZLIB_VERSION, sizeof(z_stream))
-+#define inflateInit(strm) \
-+ inflateInit_((strm), ZLIB_VERSION, sizeof(z_stream))
-+#define deflateInit2(strm, level, method, windowBits, memLevel, strategy) \
-+ deflateInit2_((strm),(level),(method),(windowBits),(memLevel),\
-+ (strategy), ZLIB_VERSION, sizeof(z_stream))
-+#define inflateInit2(strm, windowBits) \
-+ inflateInit2_((strm), (windowBits), ZLIB_VERSION, sizeof(z_stream))
-+
-+
-+#if !defined(_Z_UTIL_H) && !defined(NO_DUMMY_DECL)
-+ struct internal_state {int dummy;}; /* hack for buggy compilers */
-+#endif
-+
-+ZEXTERN const char * ZEXPORT zError OF((int err));
-+ZEXTERN int ZEXPORT inflateSyncPoint OF((z_streamp z));
-+ZEXTERN const uLongf * ZEXPORT get_crc_table OF((void));
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+
-+#endif /* _ZLIB_H */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/zlib/zutil.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,225 @@
-+/* zutil.h -- internal interface and configuration of the compression library
-+ * Copyright (C) 1995-2002 Jean-loup Gailly.
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+/* WARNING: this file should *not* be used by applications. It is
-+ part of the implementation of the compression library and is
-+ subject to change. Applications should only use zlib.h.
-+ */
-+
-+/* @(#) $Id: zutil.h,v 1.4 2002-04-24 07:36:48 mcr Exp $ */
-+
-+#ifndef _Z_UTIL_H
-+#define _Z_UTIL_H
-+
-+#include "zlib.h"
-+
-+#include <linux/string.h>
-+#define HAVE_MEMCPY
-+
-+#if 0 // #ifdef STDC
-+# include <stddef.h>
-+# include <string.h>
-+# include <stdlib.h>
-+#endif
-+#ifndef __KERNEL__
-+#ifdef NO_ERRNO_H
-+ extern int errno;
-+#else
-+# include <errno.h>
-+#endif
-+#endif
-+
-+#ifndef local
-+# define local static
-+#endif
-+/* compile with -Dlocal if your debugger can't find static symbols */
-+
-+typedef unsigned char uch;
-+typedef uch FAR uchf;
-+typedef unsigned short ush;
-+typedef ush FAR ushf;
-+typedef unsigned long ulg;
-+
-+extern const char *z_errmsg[10]; /* indexed by 2-zlib_error */
-+/* (size given to avoid silly warnings with Visual C++) */
-+
-+#define ERR_MSG(err) z_errmsg[Z_NEED_DICT-(err)]
-+
-+#define ERR_RETURN(strm,err) \
-+ return (strm->msg = ERR_MSG(err), (err))
-+/* To be used only when the state is known to be valid */
-+
-+ /* common constants */
-+
-+#ifndef DEF_WBITS
-+# define DEF_WBITS MAX_WBITS
-+#endif
-+/* default windowBits for decompression. MAX_WBITS is for compression only */
-+
-+#if MAX_MEM_LEVEL >= 8
-+# define DEF_MEM_LEVEL 8
-+#else
-+# define DEF_MEM_LEVEL MAX_MEM_LEVEL
-+#endif
-+/* default memLevel */
-+
-+#define STORED_BLOCK 0
-+#define STATIC_TREES 1
-+#define DYN_TREES 2
-+/* The three kinds of block type */
-+
-+#define MIN_MATCH 3
-+#define MAX_MATCH 258
-+/* The minimum and maximum match lengths */
-+
-+#define PRESET_DICT 0x20 /* preset dictionary flag in zlib header */
-+
-+ /* target dependencies */
-+
-+#ifdef MSDOS
-+# define OS_CODE 0x00
-+# if defined(__TURBOC__) || defined(__BORLANDC__)
-+# if(__STDC__ == 1) && (defined(__LARGE__) || defined(__COMPACT__))
-+ /* Allow compilation with ANSI keywords only enabled */
-+ void _Cdecl farfree( void *block );
-+ void *_Cdecl farmalloc( unsigned long nbytes );
-+# else
-+# include <alloc.h>
-+# endif
-+# else /* MSC or DJGPP */
-+# include <malloc.h>
-+# endif
-+#endif
-+
-+#ifdef OS2
-+# define OS_CODE 0x06
-+#endif
-+
-+#ifdef WIN32 /* Window 95 & Windows NT */
-+# define OS_CODE 0x0b
-+#endif
-+
-+#if defined(VAXC) || defined(VMS)
-+# define OS_CODE 0x02
-+# define F_OPEN(name, mode) \
-+ fopen((name), (mode), "mbc=60", "ctx=stm", "rfm=fix", "mrs=512")
-+#endif
-+
-+#ifdef AMIGA
-+# define OS_CODE 0x01
-+#endif
-+
-+#if defined(ATARI) || defined(atarist)
-+# define OS_CODE 0x05
-+#endif
-+
-+#if defined(MACOS) || defined(TARGET_OS_MAC)
-+# define OS_CODE 0x07
-+# if defined(__MWERKS__) && __dest_os != __be_os && __dest_os != __win32_os
-+# include <unix.h> /* for fdopen */
-+# else
-+# ifndef fdopen
-+# define fdopen(fd,mode) NULL /* No fdopen() */
-+# endif
-+# endif
-+#endif
-+
-+#ifdef __50SERIES /* Prime/PRIMOS */
-+# define OS_CODE 0x0F
-+#endif
-+
-+#ifdef TOPS20
-+# define OS_CODE 0x0a
-+#endif
-+
-+#if defined(_BEOS_) || defined(RISCOS)
-+# define fdopen(fd,mode) NULL /* No fdopen() */
-+#endif
-+
-+#if (defined(_MSC_VER) && (_MSC_VER > 600))
-+# define fdopen(fd,type) _fdopen(fd,type)
-+#endif
-+
-+
-+ /* Common defaults */
-+
-+#ifndef OS_CODE
-+# define OS_CODE 0x03 /* assume Unix */
-+#endif
-+
-+#ifndef F_OPEN
-+# define F_OPEN(name, mode) fopen((name), (mode))
-+#endif
-+
-+ /* functions */
-+
-+#ifdef HAVE_STRERROR
-+ extern char *strerror OF((int));
-+# define zstrerror(errnum) strerror(errnum)
-+#else
-+# define zstrerror(errnum) ""
-+#endif
-+
-+#if defined(pyr)
-+# define NO_MEMCPY
-+#endif
-+#if defined(SMALL_MEDIUM) && !defined(_MSC_VER) && !defined(__SC__)
-+ /* Use our own functions for small and medium model with MSC <= 5.0.
-+ * You may have to use the same strategy for Borland C (untested).
-+ * The __SC__ check is for Symantec.
-+ */
-+# define NO_MEMCPY
-+#endif
-+#if defined(STDC) && !defined(HAVE_MEMCPY) && !defined(NO_MEMCPY)
-+# define HAVE_MEMCPY
-+#endif
-+#ifdef HAVE_MEMCPY
-+# ifdef SMALL_MEDIUM /* MSDOS small or medium model */
-+# define zmemcpy _fmemcpy
-+# define zmemcmp _fmemcmp
-+# define zmemzero(dest, len) _fmemset(dest, 0, len)
-+# else
-+# define zmemcpy memcpy
-+# define zmemcmp memcmp
-+# define zmemzero(dest, len) memset(dest, 0, len)
-+# endif
-+#else
-+ extern void zmemcpy OF((Bytef* dest, const Bytef* source, uInt len));
-+ extern int zmemcmp OF((const Bytef* s1, const Bytef* s2, uInt len));
-+ extern void zmemzero OF((Bytef* dest, uInt len));
-+#endif
-+
-+/* Diagnostic functions */
-+#ifdef DEBUG
-+# include <stdio.h>
-+ extern int z_verbose;
-+ extern void z_error OF((char *m));
-+# define Assert(cond,msg) {if(!(cond)) z_error(msg);}
-+# define Trace(x) {if (z_verbose>=0) fprintf x ;}
-+# define Tracev(x) {if (z_verbose>0) fprintf x ;}
-+# define Tracevv(x) {if (z_verbose>1) fprintf x ;}
-+# define Tracec(c,x) {if (z_verbose>0 && (c)) fprintf x ;}
-+# define Tracecv(c,x) {if (z_verbose>1 && (c)) fprintf x ;}
-+#else
-+# define Assert(cond,msg)
-+# define Trace(x)
-+# define Tracev(x)
-+# define Tracevv(x)
-+# define Tracec(c,x)
-+# define Tracecv(c,x)
-+#endif
-+
-+
-+typedef uLong (ZEXPORT *check_func) OF((uLong check, const Bytef *buf,
-+ uInt len));
-+voidpf zcalloc OF((voidpf opaque, unsigned items, unsigned size));
-+void zcfree OF((voidpf opaque, voidpf ptr));
-+
-+#define ZALLOC(strm, items, size) \
-+ (*((strm)->zalloc))((strm)->opaque, (items), (size))
-+#define ZFREE(strm, addr) (*((strm)->zfree))((strm)->opaque, (voidpf)(addr))
-+#define TRY_FREE(s, p) {if (p) ZFREE(s, p);}
-+
-+#endif /* _Z_UTIL_H */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/lib/libfreeswan/Makefile.objs Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,21 @@
-+obj-y += satot.o
-+obj-y += addrtot.o
-+obj-y += ultot.o
-+obj-y += addrtypeof.o
-+obj-y += anyaddr.o
-+obj-y += initaddr.o
-+obj-y += ultoa.o
-+obj-y += addrtoa.o
-+obj-y += subnettoa.o
-+obj-y += subnetof.o
-+obj-y += goodmask.o
-+obj-y += datatot.o
-+obj-y += rangetoa.o
-+obj-y += prng.o
-+obj-y += pfkey_v2_parse.o
-+obj-y += pfkey_v2_build.o
-+obj-y += pfkey_v2_debug.o
-+obj-y += pfkey_v2_ext_bits.o
-+
-+#version.c: ${LIBFREESWANDIR}/version.in.c ${OPENSWANSRCDIR}/Makefile.ver
-+# sed '/"/s/xxx/$(IPSECVERSION)/' ${LIBFREESWANDIR}/version.in.c >$@
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/lib/zlib/Makefile Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,118 @@
-+# (kernel) Makefile for IPCOMP zlib deflate code
-+# Copyright (C) 1998, 1999, 2000, 2001 Richard Guy Briggs.
-+# Copyright (C) 2000 Svenning Soerensen
-+#
-+# This program is free software; you can redistribute it and/or modify it
-+# under the terms of the GNU General Public License as published by the
-+# Free Software Foundation; either version 2 of the License, or (at your
-+# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+#
-+# This program is distributed in the hope that it will be useful, but
-+# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+# for more details.
-+#
-+# RCSID $Id: Makefile,v 1.9 2002-04-24 07:55:32 mcr Exp $
-+#
-+
-+
-+
-+include ../Makefile.inc
-+
-+
-+
-+ifndef TOPDIR
-+TOPDIR := /usr/src/linux
-+endif
-+
-+
-+L_TARGET := zlib.a
-+
-+obj-y :=
-+
-+include Makefile.objs
-+
-+EXTRA_CFLAGS += $(KLIPSCOMPILE)
-+
-+EXTRA_CFLAGS += -Wall
-+#EXTRA_CFLAGS += -Wconversion
-+#EXTRA_CFLAGS += -Wmissing-prototypes
-+EXTRA_CFLAGS += -Wpointer-arith
-+#EXTRA_CFLAGS += -Wcast-qual
-+#EXTRA_CFLAGS += -Wmissing-declarations
-+EXTRA_CFLAGS += -Wstrict-prototypes
-+#EXTRA_CFLAGS += -pedantic
-+#EXTRA_CFLAGS += -W
-+#EXTRA_CFLAGS += -Wwrite-strings
-+EXTRA_CFLAGS += -Wbad-function-cast
-+EXTRA_CFLAGS += -DIPCOMP_PREFIX
-+
-+.S.o:
-+ $(CC) -D__ASSEMBLY__ -DNO_UNDERLINE -traditional -c $< -o $*.o
-+
-+asm-obj-$(CONFIG_M586) += match586.o
-+asm-obj-$(CONFIG_M586TSC) += match586.o
-+asm-obj-$(CONFIG_M586MMX) += match586.o
-+asm-obj-$(CONFIG_M686) += match686.o
-+asm-obj-$(CONFIG_MPENTIUMIII) += match686.o
-+asm-obj-$(CONFIG_MPENTIUM4) += match686.o
-+asm-obj-$(CONFIG_MK6) += match586.o
-+asm-obj-$(CONFIG_MK7) += match686.o
-+asm-obj-$(CONFIG_MCRUSOE) += match586.o
-+asm-obj-$(CONFIG_MWINCHIPC6) += match586.o
-+asm-obj-$(CONFIG_MWINCHIP2) += match686.o
-+asm-obj-$(CONFIG_MWINCHIP3D) += match686.o
-+
-+obj-y += $(asm-obj-y)
-+ifneq ($(strip $(asm-obj-y)),)
-+ EXTRA_CFLAGS += -DASMV
-+endif
-+
-+active-objs := $(sort $(obj-y) $(obj-m))
-+L_OBJS := $(obj-y)
-+M_OBJS := $(obj-m)
-+MIX_OBJS := $(filter $(export-objs), $(active-objs))
-+
-+include $(TOPDIR)/Rules.make
-+
-+$(obj-y) : $(TOPDIR)/include/linux/config.h $(TOPDIR)/include/linux/autoconf.h
-+
-+
-+clean:
-+ -rm -f *.o *.a
-+
-+checkprograms:
-+programs: $(L_TARGET)
-+
-+#
-+# $Log: Makefile,v $
-+# Revision 1.9 2002-04-24 07:55:32 mcr
-+# #include patches and Makefiles for post-reorg compilation.
-+#
-+# Revision 1.8 2002/04/24 07:36:44 mcr
-+# Moved from ./zlib/Makefile,v
-+#
-+# Revision 1.7 2002/03/27 23:34:35 mcr
-+# added programs: target
-+#
-+# Revision 1.6 2001/12/05 20:19:08 henry
-+# use new compile-control variable
-+#
-+# Revision 1.5 2001/11/27 16:38:08 mcr
-+# added new "checkprograms" target to deal with programs that
-+# are required for "make check", but that may not be ready to
-+# build for every user due to external dependancies.
-+#
-+# Revision 1.4 2001/10/24 14:46:24 henry
-+# Makefile.inc
-+#
-+# Revision 1.3 2001/04/21 23:05:24 rgb
-+# Update asm directives for 2.4 style makefiles.
-+#
-+# Revision 1.2 2001/01/29 22:22:00 rgb
-+# Convert to 2.4 new style with back compat.
-+#
-+# Revision 1.1.1.1 2000/09/29 18:51:33 rgb
-+# zlib_beginnings
-+#
-+#
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/lib/zlib/Makefile.objs Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,27 @@
-+obj-$(CONFIG_IPSEC_IPCOMP) += adler32.o
-+obj-$(CONFIG_IPSEC_IPCOMP) += deflate.o
-+obj-$(CONFIG_IPSEC_IPCOMP) += infblock.o
-+obj-$(CONFIG_IPSEC_IPCOMP) += infcodes.o
-+obj-$(CONFIG_IPSEC_IPCOMP) += inffast.o
-+obj-$(CONFIG_IPSEC_IPCOMP) += inflate.o
-+obj-$(CONFIG_IPSEC_IPCOMP) += inftrees.o
-+obj-$(CONFIG_IPSEC_IPCOMP) += infutil.o
-+obj-$(CONFIG_IPSEC_IPCOMP) += trees.o
-+obj-$(CONFIG_IPSEC_IPCOMP) += zutil.o
-+
-+asm-obj-$(CONFIG_M586) += ${LIBZLIBSRCDIR}/match586.o
-+asm-obj-$(CONFIG_M586TSC) += ${LIBZLIBSRCDIR}/match586.o
-+asm-obj-$(CONFIG_M586MMX) += ${LIBZLIBSRCDIR}/match586.o
-+asm-obj-$(CONFIG_M686) += ${LIBZLIBSRCDIR}/match686.o
-+asm-obj-$(CONFIG_MPENTIUMIII) += ${LIBZLIBSRCDIR}/match686.o
-+asm-obj-$(CONFIG_MPENTIUM4) += ${LIBZLIBSRCDIR}/match686.o
-+asm-obj-$(CONFIG_MK6) += ${LIBZLIBSRCDIR}/match586.o
-+asm-obj-$(CONFIG_MK7) += ${LIBZLIBSRCDIR}/match686.o
-+asm-obj-$(CONFIG_MCRUSOE) += ${LIBZLIBSRCDIR}/match586.o
-+asm-obj-$(CONFIG_MWINCHIPC6) += ${LIBZLIBSRCDIR}/match586.o
-+asm-obj-$(CONFIG_MWINCHIP2) += ${LIBZLIBSRCDIR}/match686.o
-+asm-obj-$(CONFIG_MWINCHIP3D) += ${LIBZLIBSRCDIR}/match686.o
-+
-+EXTRA_CFLAGS += -DIPCOMP_PREFIX
-+
-+
---- swan26/net/Kconfig.preipsec 2005-09-01 18:15:19.000000000 -0400
-+++ swan26/net/Kconfig 2005-09-03 16:51:17.000000000 -0400
-@@ -215,2 +215,6 @@
-
-+if INET
-+source "net/ipsec/Kconfig"
-+endif # if INET
-+
- endif # if NET
---- /distros/kernel/linux-2.6.3-rc4/net/Makefile Mon Feb 16 21:22:12 2004
-+++ ref26/net/Makefile Thu Feb 19 21:02:25 2004
-@@ -42,3 +42,6 @@
- ifeq ($(CONFIG_NET),y)
- obj-$(CONFIG_SYSCTL) += sysctl_net.o
- endif
-+
-+obj-$(CONFIG_KLIPS) += ipsec/
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/Kconfig Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,172 @@
-+#
-+# IPSEC configuration
-+# Copyright (C) 2004 Michael Richardson <mcr@freeswan.org>
-+#
-+# This program is free software; you can redistribute it and/or modify it
-+# under the terms of the GNU General Public License as published by the
-+# Free Software Foundation; either version 2 of the License, or (at your
-+# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+#
-+# This program is distributed in the hope that it will be useful, but
-+# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+# for more details.
-+#
-+# RCSID $Id: Kconfig,v 1.6.2.3 2007-12-06 15:51:01 paul Exp $
-+
-+config KLIPS
-+ tristate "Openswan IPsec (KLIPS26)"
-+ default n
-+ help
-+ KLIPS is the Openswan (www.openswan.org) Kernel Level IP Security
-+ system. It is extensively tested, and has interoperated with
-+ many other systems.
-+ It provides "ipsecX" devices on which one can do firewalling.
-+ The userland, is compatible with both KLIPS and 26sec.
-+
-+menu "KLIPS options"
-+ depends on KLIPS
-+
-+config KLIPS_ESP
-+ bool 'Encapsulating Security Payload - ESP ("VPN")'
-+ default y
-+ help
-+ This option provides support for the IPSEC Encapsulation Security
-+ Payload (IP protocol 50) which provides packet layer content
-+ hiding, and content authentication.
-+ It is recommended to enable this. RFC2406
-+
-+config KLIPS_AH
-+ bool 'Authentication Header - AH'
-+ default n
-+ help
-+ This option provides support for the IPSEC Authentication Header
-+ (IP protocol 51) which provides packet layer sender and content
-+ authentication. It does not provide for confidentiality.
-+ It is not recommended to enable this. RFC2402
-+
-+config KLIPS_AUTH_HMAC_MD5
-+ bool 'HMAC-MD5 authentication algorithm'
-+ default y
-+ help
-+ The HMAC-MD5 algorithm is used by ESP (and AH) to guarantee packet
-+ integrity. There is little reason not to include it.
-+
-+config KLIPS_AUTH_HMAC_SHA1
-+ bool 'HMAC-SHA1 authentication algorithm'
-+ default y
-+ help
-+ The HMAC-SHA1 algorithm is used by ESP (and AH) to guarantee packet
-+ integrity. SHA1 is a little slower than MD5, but is said to be
-+ a bit more secure. There is little reason not to include it.
-+
-+config KLIPS_ALG
-+ bool 'KLIPS_ALG software encryption'
-+ default y
-+ help
-+ You should only disabled this if using the external OCF patch
-+ for hardware offload.
-+
-+config KLIPS_ENC_CRYPTOAPI
-+ bool 'CryptoAPI algorithm interface'
-+ default n
-+ help
-+ Enable the algorithm interface to make all CryptoAPI 1.0 algorithms
-+ available to KLIPS.
-+
-+config KLIPS_ENC_1DES
-+ bool 'Include 1DES with CryptoAPI'
-+ default n
-+ depends on KLIPS_ENC_CRYPTOAPI
-+ help
-+ The CryptoAPI interface does not include support for every algorithm
-+ yet, and one that it doesn't support by default is the VERY WEAK
-+ 1DES. Select this if you are terminally stupid.
-+
-+config KLIPS_ENC_3DES
-+ bool '3DES encryption algorithm'
-+ default y
-+ help
-+ The 3DES algorithm is used by ESP to provide for packet privacy.
-+ 3DES is 3-repeats of the DES algorithm. 3DES is widely supported,
-+ and analyzed and is considered very secure. 1DES is not supported.
-+
-+config KLIPS_ENC_AES
-+ bool 'AES encryption algorithm'
-+ default y
-+ help
-+ The AES algorithm is used by ESP to provide for packet privacy.
-+ AES the NIST replacement for DES. AES is being widely analyzed,
-+ and is very fast.
-+
-+config KLIPS_ENC_NULL
-+ bool 'NULL NON-encryption algorithm'
-+ default n
-+ help
-+ NON encryption algo , maybe useful for ESP auth only scenarios
-+ (eg: with NAT-T), see RFC 2410.
-+
-+config KLIPS_IPCOMP
-+ bool 'IP compression'
-+ default y
-+ help
-+ The IPcomp protocol is used prior to ESP to make the packet
-+ smaller. Once encrypted, compression will fail, so any link
-+ layer efforts (e.g. PPP) will not work.
-+
-+config KLIPS_DEBUG
-+ bool 'IPsec debugging'
-+ default y
-+ help
-+ KLIPS includes a lot of debugging code. Unless there is a real
-+ tangible benefit to removing this code, it should be left in place.
-+ Debugging connections without access to kernel level debugging is
-+ essentially impossible. Leave this on.
-+
-+endmenu
-+
-+#
-+#
-+# $Log: Kconfig,v $
-+# Revision 1.6.2.3 2007-12-06 15:51:01 paul
-+# Enable KLIPS_ALG in default build, when not using Makefile.inc.
-+# Patch by Laszlo Attila Toth
-+#
-+# Revision 1.6.2.2 2006/10/11 18:14:33 paul
-+# Add JuanJo Ciarlante's ESP_NULL patches for KLIPS, but leave it disabled
-+# per default.
-+#
-+# Revision 1.6.2.1 2006/04/20 16:33:06 mcr
-+# remove all of CONFIG_KLIPS_ALG --- one can no longer build without it.
-+# Fix in-kernel module compilation. Sub-makefiles do not work.
-+#
-+# Revision 1.6 2005/05/18 20:55:27 mcr
-+# default cryptoapi to n.
-+#
-+# Revision 1.5 2005/05/11 01:23:25 mcr
-+# added 1DES option to cryptoapi.
-+#
-+# Revision 1.4 2005/04/29 05:29:54 mcr
-+# add option to include cryptoapi algorithms.
-+#
-+# Revision 1.3 2004/08/17 03:27:23 mcr
-+# klips 2.6 edits.
-+#
-+# Revision 1.2 2004/08/14 03:27:39 mcr
-+# 2.6 kernel build/configuration files.
-+#
-+# Revision 1.1 2004/08/14 02:47:55 mcr
-+# kernel build/config patches
-+#
-+# Revision 1.3 2004/02/24 17:17:04 mcr
-+# s/CONFIG_IPSEC/CONFIG_KLIPS/ as 26sec uses "CONFIG_IPSEC" to
-+# turn it on/off as well.
-+#
-+# Revision 1.2 2004/02/22 06:50:42 mcr
-+# kernel 2.6 port - merged with 2.4 code.
-+#
-+# Revision 1.1.2.1 2004/02/20 02:07:53 mcr
-+# module configuration for KLIPS 2.6
-+#
-+#
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/Makefile Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,195 @@
-+# Makefile for KLIPS kernel code as a module for 2.6 kernels
-+#
-+# Makefile for KLIPS kernel code as a module
-+# Copyright (C) 1998, 1999, 2000,2001 Richard Guy Briggs.
-+# Copyright (C) 2002-2004 Michael Richardson <mcr@freeswan.org>
-+#
-+# This program is free software; you can redistribute it and/or modify it
-+# under the terms of the GNU General Public License as published by the
-+# Free Software Foundation; either version 2 of the License, or (at your
-+# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+#
-+# This program is distributed in the hope that it will be useful, but
-+# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+# for more details.
-+#
-+# RCSID $Id: Makefile.fs2_6,v 1.8.2.2 2006-10-11 18:14:33 paul Exp $
-+#
-+# Note! Dependencies are done automagically by 'make dep', which also
-+# removes any old dependencies. DON'T put your own dependencies here
-+# unless it's something special (ie not a .c file).
-+#
-+
-+OPENSWANSRCDIR?=.
-+KLIPS_TOP?=.
-+
-+-include ${OPENSWANSRCDIR}/Makefile.ver
-+
-+base-klips-objs :=
-+
-+base-klips-objs+= ipsec_init.o ipsec_sa.o ipsec_radij.o radij.o
-+base-klips-objs+= ipsec_life.o ipsec_proc.o
-+base-klips-objs+= ipsec_tunnel.o ipsec_xmit.o ipsec_rcv.o ipsec_ipip.o
-+base-klips-objs+= ipsec_snprintf.o
-+base-klips-objs+= sysctl_net_ipsec.o
-+base-klips-objs+= pfkey_v2.o pfkey_v2_parser.o pfkey_v2_ext_process.o
-+base-klips-objs+= version.o
-+
-+base-klips-objs+= satot.o
-+base-klips-objs+= addrtot.o
-+base-klips-objs+= ultot.o
-+base-klips-objs+= addrtypeof.o
-+base-klips-objs+= anyaddr.o
-+base-klips-objs+= initaddr.o
-+base-klips-objs+= ultoa.o
-+base-klips-objs+= addrtoa.o
-+base-klips-objs+= subnettoa.o
-+base-klips-objs+= subnetof.o
-+base-klips-objs+= goodmask.o
-+base-klips-objs+= datatot.o
-+base-klips-objs+= rangetoa.o
-+base-klips-objs+= prng.o
-+base-klips-objs+= pfkey_v2_parse.o
-+base-klips-objs+= pfkey_v2_build.o
-+base-klips-objs+= pfkey_v2_debug.o
-+base-klips-objs+= pfkey_v2_ext_bits.o
-+base-klips-objs+= version.o
-+
-+obj-${CONFIG_KLIPS} += ipsec.o
-+
-+ipsec-objs += ${base-klips-objs}
-+
-+ipsec-$(CONFIG_KLIPS_ESP) += ipsec_esp.o
-+ipsec-$(CONFIG_KLIPS_IPCOMP) += ipsec_ipcomp.o
-+ipsec-$(CONFIG_KLIPS_AUTH_HMAC_MD5) += ipsec_md5c.o
-+ipsec-$(CONFIG_KLIPS_AUTH_HMAC_SHA1) += ipsec_sha1.o
-+
-+# AH, if you really think you need it.
-+ipsec-$(CONFIG_KLIPS_AH) += ipsec_ah.o
-+
-+ipsec-y += ipsec_alg.o
-+
-+# include code from DES subdir
-+crypto-$(CONFIG_KLIPS_ENC_3DES) += des/ipsec_alg_3des.o
-+crypto-$(CONFIG_KLIPS_ENC_3DES) += des/cbc_enc.o
-+crypto-$(CONFIG_KLIPS_ENC_3DES) += des/ecb_enc.o
-+crypto-$(CONFIG_KLIPS_ENC_3DES) += des/set_key.o
-+
-+ifeq ($(strip ${SUBARCH}),)
-+SUBARCH:=${ARCH}
-+endif
-+
-+# the assembly version expects frame pointers, which are
-+# optional in many kernel builds. If you want speed, you should
-+# probably use cryptoapi code instead.
-+USEASSEMBLY=${SUBARCH}${CONFIG_FRAME_POINTER}
-+ifeq (${USEASSEMBLY},i386y)
-+crypto-$(CONFIG_KLIPS_ENC_3DES) += des/dx86unix.o
-+else
-+crypto-$(CONFIG_KLIPS_ENC_3DES) += des/des_enc.o
-+endif
-+
-+# include code from AES subdir
-+crypto-$(CONFIG_KLIPS_ENC_AES) += aes/ipsec_alg_aes.o
-+crypto-$(CONFIG_KLIPS_ENC_AES) += aes/aes_xcbc_mac.o
-+crypto-$(CONFIG_KLIPS_ENC_AES) += aes/aes_cbc.o
-+
-+ifeq ($(strip ${SUBARCH}),)
-+SUBARCH:=${ARCH}
-+endif
-+
-+USEASSEMBLY=${SUBARCH}${CONFIG_FRAME_POINTER}
-+ifeq (${USEASSEMBLY},i386y)
-+crypto-$(CONFIG_KLIPS_ENC_AES) += aes/aes-i586.o
-+else
-+crypto-$(CONFIG_KLIPS_ENC_AES) += aes/aes.o
-+endif
-+
-+crypto-$(CONFIG_KLIPS_ENC_NULL) += null/ipsec_alg_null.o
-+
-+ipsec-y += ${crypto-y}
-+
-+ipsec-$(CONFIG_KLIPS_ENC_CRYPTOAPI) += ipsec_alg_cryptoapi.o
-+
-+# IPcomp stuff
-+base-ipcomp-objs := ipcomp.o
-+base-ipcomp-objs += adler32.o
-+base-ipcomp-objs += deflate.o
-+base-ipcomp-objs += infblock.o
-+base-ipcomp-objs += infcodes.o
-+base-ipcomp-objs += inffast.o
-+base-ipcomp-objs += inflate.o
-+base-ipcomp-objs += inftrees.o
-+base-ipcomp-objs += infutil.o
-+base-ipcomp-objs += trees.o
-+base-ipcomp-objs += zutil.o
-+asm-ipcomp-obj-$(CONFIG_M586) += match586.o
-+asm-ipcomp-obj-$(CONFIG_M586TSC) += match586.o
-+asm-ipcomp-obj-$(CONFIG_M586MMX) += match586.o
-+asm-ipcomp-obj-$(CONFIG_M686) += match686.o
-+asm-ipcomp-obj-$(CONFIG_MPENTIUMIII) += match686.o
-+asm-ipcomp-obj-$(CONFIG_MPENTIUM4) += match686.o
-+asm-ipcomp-obj-$(CONFIG_MK6) += match586.o
-+asm-ipcomp-obj-$(CONFIG_MK7) += match686.o
-+asm-ipcomp-obj-$(CONFIG_MCRUSOE) += match586.o
-+asm-ipcomp-obj-$(CONFIG_MWINCHIPC6) += match586.o
-+asm-ipcomp-obj-$(CONFIG_MWINCHIP2) += match686.o
-+asm-ipcomp-obj-$(CONFIG_MWINCHIP3D) += match686.o
-+base-ipcomp-objs += ${asm-ipcomp-obj-y}
-+
-+ipsec-$(CONFIG_KLIPS_IPCOMP) += ${base-ipcomp-objs}
-+
-+EXTRA_CFLAGS += -DIPCOMP_PREFIX
-+
-+#
-+# $Log: Makefile.fs2_6,v $
-+# Revision 1.8.2.2 2006-10-11 18:14:33 paul
-+# Add JuanJo Ciarlante's ESP_NULL patches for KLIPS, but leave it disabled
-+# per default.
-+#
-+# Revision 1.8.2.1 2006/04/20 16:33:06 mcr
-+# remove all of CONFIG_KLIPS_ALG --- one can no longer build without it.
-+# Fix in-kernel module compilation. Sub-makefiles do not work.
-+#
-+# Revision 1.8 2005/05/11 03:15:42 mcr
-+# adjusted makefiles to sanely build modules properly.
-+#
-+# Revision 1.7 2005/04/13 22:52:12 mcr
-+# moved KLIPS specific snprintf() wrapper to seperate file.
-+#
-+# Revision 1.6 2004/08/22 05:02:03 mcr
-+# organized symbols such that it is easier to build modules.
-+#
-+# Revision 1.5 2004/08/18 01:43:56 mcr
-+# adjusted makefile enumation so that it can be used by module
-+# wrapper.
-+#
-+# Revision 1.4 2004/08/17 03:27:23 mcr
-+# klips 2.6 edits.
-+#
-+# Revision 1.3 2004/08/04 16:50:13 mcr
-+# removed duplicate definition of dx86unix.o
-+#
-+# Revision 1.2 2004/08/03 18:21:09 mcr
-+# only set KLIPS_TOP and OPENSWANSRCDIR if not already set.
-+#
-+# Revision 1.1 2004/07/26 15:02:22 mcr
-+# makefile for KLIPS module for 2.6.
-+#
-+# Revision 1.3 2004/02/24 17:17:04 mcr
-+# s/CONFIG_IPSEC/CONFIG_KLIPS/ as 26sec uses "CONFIG_IPSEC" to
-+# turn it on/off as well.
-+#
-+# Revision 1.2 2004/02/22 06:50:42 mcr
-+# kernel 2.6 port - merged with 2.4 code.
-+#
-+# Revision 1.1.2.1 2004/02/20 02:07:53 mcr
-+# module configuration for KLIPS 2.6
-+#
-+#
-+# Local Variables:
-+# compile-command: "(cd ../../.. && source umlsetup.sh && make -C ${POOLSPACE} module/ipsec.o)"
-+# End Variables:
-+#
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/README-zlib Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,147 @@
-+zlib 1.1.4 is a general purpose data compression library. All the code
-+is thread safe. The data format used by the zlib library
-+is described by RFCs (Request for Comments) 1950 to 1952 in the files
-+http://www.ietf.org/rfc/rfc1950.txt (zlib format), rfc1951.txt (deflate
-+format) and rfc1952.txt (gzip format). These documents are also available in
-+other formats from ftp://ftp.uu.net/graphics/png/documents/zlib/zdoc-index.html
-+
-+All functions of the compression library are documented in the file zlib.h
-+(volunteer to write man pages welcome, contact jloup@gzip.org). A usage
-+example of the library is given in the file example.c which also tests that
-+the library is working correctly. Another example is given in the file
-+minigzip.c. The compression library itself is composed of all source files
-+except example.c and minigzip.c.
-+
-+To compile all files and run the test program, follow the instructions
-+given at the top of Makefile. In short "make test; make install"
-+should work for most machines. For Unix: "./configure; make test; make install"
-+For MSDOS, use one of the special makefiles such as Makefile.msc.
-+For VMS, use Make_vms.com or descrip.mms.
-+
-+Questions about zlib should be sent to <zlib@gzip.org>, or to
-+Gilles Vollant <info@winimage.com> for the Windows DLL version.
-+The zlib home page is http://www.zlib.org or http://www.gzip.org/zlib/
-+Before reporting a problem, please check this site to verify that
-+you have the latest version of zlib; otherwise get the latest version and
-+check whether the problem still exists or not.
-+
-+PLEASE read the zlib FAQ http://www.gzip.org/zlib/zlib_faq.html
-+before asking for help.
-+
-+Mark Nelson <markn@ieee.org> wrote an article about zlib for the Jan. 1997
-+issue of Dr. Dobb's Journal; a copy of the article is available in
-+http://dogma.net/markn/articles/zlibtool/zlibtool.htm
-+
-+The changes made in version 1.1.4 are documented in the file ChangeLog.
-+The only changes made since 1.1.3 are bug corrections:
-+
-+- ZFREE was repeated on same allocation on some error conditions.
-+ This creates a security problem described in
-+ http://www.zlib.org/advisory-2002-03-11.txt
-+- Returned incorrect error (Z_MEM_ERROR) on some invalid data
-+- Avoid accesses before window for invalid distances with inflate window
-+ less than 32K.
-+- force windowBits > 8 to avoid a bug in the encoder for a window size
-+ of 256 bytes. (A complete fix will be available in 1.1.5).
-+
-+The beta version 1.1.5beta includes many more changes. A new official
-+version 1.1.5 will be released as soon as extensive testing has been
-+completed on it.
-+
-+
-+Unsupported third party contributions are provided in directory "contrib".
-+
-+A Java implementation of zlib is available in the Java Development Kit
-+http://www.javasoft.com/products/JDK/1.1/docs/api/Package-java.util.zip.html
-+See the zlib home page http://www.zlib.org for details.
-+
-+A Perl interface to zlib written by Paul Marquess <pmarquess@bfsec.bt.co.uk>
-+is in the CPAN (Comprehensive Perl Archive Network) sites
-+http://www.cpan.org/modules/by-module/Compress/
-+
-+A Python interface to zlib written by A.M. Kuchling <amk@magnet.com>
-+is available in Python 1.5 and later versions, see
-+http://www.python.org/doc/lib/module-zlib.html
-+
-+A zlib binding for TCL written by Andreas Kupries <a.kupries@westend.com>
-+is availlable at http://www.westend.com/~kupries/doc/trf/man/man.html
-+
-+An experimental package to read and write files in .zip format,
-+written on top of zlib by Gilles Vollant <info@winimage.com>, is
-+available at http://www.winimage.com/zLibDll/unzip.html
-+and also in the contrib/minizip directory of zlib.
-+
-+
-+Notes for some targets:
-+
-+- To build a Windows DLL version, include in a DLL project zlib.def, zlib.rc
-+ and all .c files except example.c and minigzip.c; compile with -DZLIB_DLL
-+ The zlib DLL support was initially done by Alessandro Iacopetti and is
-+ now maintained by Gilles Vollant <info@winimage.com>. Check the zlib DLL
-+ home page at http://www.winimage.com/zLibDll
-+
-+ From Visual Basic, you can call the DLL functions which do not take
-+ a structure as argument: compress, uncompress and all gz* functions.
-+ See contrib/visual-basic.txt for more information, or get
-+ http://www.tcfb.com/dowseware/cmp-z-it.zip
-+
-+- For 64-bit Irix, deflate.c must be compiled without any optimization.
-+ With -O, one libpng test fails. The test works in 32 bit mode (with
-+ the -n32 compiler flag). The compiler bug has been reported to SGI.
-+
-+- zlib doesn't work with gcc 2.6.3 on a DEC 3000/300LX under OSF/1 2.1
-+ it works when compiled with cc.
-+
-+- on Digital Unix 4.0D (formely OSF/1) on AlphaServer, the cc option -std1
-+ is necessary to get gzprintf working correctly. This is done by configure.
-+
-+- zlib doesn't work on HP-UX 9.05 with some versions of /bin/cc. It works
-+ with other compilers. Use "make test" to check your compiler.
-+
-+- gzdopen is not supported on RISCOS, BEOS and by some Mac compilers.
-+
-+- For Turbo C the small model is supported only with reduced performance to
-+ avoid any far allocation; it was tested with -DMAX_WBITS=11 -DMAX_MEM_LEVEL=3
-+
-+- For PalmOs, see http://www.cs.uit.no/~perm/PASTA/pilot/software.html
-+ Per Harald Myrvang <perm@stud.cs.uit.no>
-+
-+
-+Acknowledgments:
-+
-+ The deflate format used by zlib was defined by Phil Katz. The deflate
-+ and zlib specifications were written by L. Peter Deutsch. Thanks to all the
-+ people who reported problems and suggested various improvements in zlib;
-+ they are too numerous to cite here.
-+
-+Copyright notice:
-+
-+ (C) 1995-2002 Jean-loup Gailly and Mark Adler
-+
-+ This software is provided 'as-is', without any express or implied
-+ warranty. In no event will the authors be held liable for any damages
-+ arising from the use of this software.
-+
-+ Permission is granted to anyone to use this software for any purpose,
-+ including commercial applications, and to alter it and redistribute it
-+ freely, subject to the following restrictions:
-+
-+ 1. The origin of this software must not be misrepresented; you must not
-+ claim that you wrote the original software. If you use this software
-+ in a product, an acknowledgment in the product documentation would be
-+ appreciated but is not required.
-+ 2. Altered source versions must be plainly marked as such, and must not be
-+ misrepresented as being the original software.
-+ 3. This notice may not be removed or altered from any source distribution.
-+
-+ Jean-loup Gailly Mark Adler
-+ jloup@gzip.org madler@alumni.caltech.edu
-+
-+If you use the zlib library in a product, we would appreciate *not*
-+receiving lengthy legal documents to sign. The sources are provided
-+for free but without warranty of any kind. The library has been
-+entirely written by Jean-loup Gailly and Mark Adler; it does not
-+include third-party code.
-+
-+If you redistribute modified sources, we would appreciate that you include
-+in the file ChangeLog history information documenting your changes.
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/README-zlib.freeswan Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,13 @@
-+The only changes made to these files for use in FreeS/WAN are:
-+
-+ - In zconf.h, macros are defined to prefix global symbols with "ipcomp_"
-+ (or "_ipcomp"), when compiled with -DIPCOMP_PREFIX.
-+ - The copyright strings are defined local (static)
-+
-+ The above changes are made to avoid name collisions with ppp_deflate
-+ and ext2compr.
-+
-+ - Files not needed for FreeS/WAN have been removed
-+
-+ See the "README" file for information about where to obtain the complete
-+ zlib package.
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/addrtoa.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,67 @@
-+/*
-+ * addresses to ASCII
-+ * Copyright (C) 1998, 1999 Henry Spencer.
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: addrtoa.c,v 1.10 2004-07-10 07:43:47 mcr Exp $
-+ */
-+#include "openswan.h"
-+
-+#define NBYTES 4 /* bytes in an address */
-+#define PERBYTE 4 /* three digits plus a dot or NUL */
-+#define BUFLEN (NBYTES*PERBYTE)
-+
-+#if BUFLEN != ADDRTOA_BUF
-+#error "ADDRTOA_BUF in openswan.h inconsistent with addrtoa() code"
-+#endif
-+
-+/*
-+ - addrtoa - convert binary address to ASCII dotted decimal
-+ */
-+size_t /* space needed for full conversion */
-+addrtoa(addr, format, dst, dstlen)
-+struct in_addr addr;
-+int format; /* character */
-+char *dst; /* need not be valid if dstlen is 0 */
-+size_t dstlen;
-+{
-+ unsigned long a = ntohl(addr.s_addr);
-+ int i;
-+ size_t n;
-+ unsigned long byte;
-+ char buf[BUFLEN];
-+ char *p;
-+
-+ switch (format) {
-+ case 0:
-+ break;
-+ default:
-+ return 0;
-+ break;
-+ }
-+
-+ p = buf;
-+ for (i = NBYTES-1; i >= 0; i--) {
-+ byte = (a >> (i*8)) & 0xff;
-+ p += ultoa(byte, 10, p, PERBYTE);
-+ if (i != 0)
-+ *(p-1) = '.';
-+ }
-+ n = p - buf;
-+
-+ if (dstlen > 0) {
-+ if (n > dstlen)
-+ buf[dstlen - 1] = '\0';
-+ strcpy(dst, buf);
-+ }
-+ return n;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/addrtot.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,431 @@
-+/*
-+ * addresses to text
-+ * Copyright (C) 2000 Henry Spencer.
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: addrtot.c,v 1.22.2.2 2007-10-30 21:32:26 paul Exp $
-+ */
-+
-+#if defined(__KERNEL__) && defined(__HAVE_ARCH_STRSTR)
-+#include <linux/string.h>
-+#endif
-+
-+#include "openswan.h"
-+
-+#define IP4BYTES 4 /* bytes in an IPv4 address */
-+#define PERBYTE 4 /* three digits plus a dot or NUL */
-+#define IP6BYTES 16 /* bytes in an IPv6 address */
-+
-+/* forwards */
-+static size_t normal4(const unsigned char *s, size_t len, char *b, char **dp);
-+static size_t normal6(const unsigned char *s, size_t len, char *b, char **dp, int squish);
-+static size_t reverse4(const unsigned char *s, size_t len, char *b, char **dp);
-+static size_t reverse6(const unsigned char *s, size_t len, char *b, char **dp);
-+
-+#if defined(__KERNEL__) && !defined(__HAVE_ARCH_STRSTR)
-+#define strstr ipsec_strstr
-+/*
-+ * Find the first occurrence of find in s.
-+ * (from NetBSD 1.6's /src/lib/libc/string/strstr.c)
-+ */
-+static char *strstr(const char *s, const char *find);
-+
-+static char *
-+strstr(s, find)
-+ const char *s, *find;
-+{
-+ char c, sc;
-+ size_t len;
-+
-+ if ((c = *find++) != 0) {
-+ len = strlen(find);
-+ do {
-+ do {
-+ if ((sc = *s++) == 0)
-+ return (NULL);
-+ } while (sc != c);
-+ } while (strncmp(s, find, len) != 0);
-+ s--;
-+ }
-+ /* LINTED interface specification */
-+ return ((char *)s);
-+}
-+#endif
-+
-+/*
-+ - addrtot - convert binary address to text (dotted decimal or IPv6 string)
-+ */
-+size_t /* space needed for full conversion */
-+addrtot(src, format, dst, dstlen)
-+const ip_address *src;
-+int format; /* character */
-+char *dst; /* need not be valid if dstlen is 0 */
-+size_t dstlen;
-+{
-+ const unsigned char *b;
-+ size_t n;
-+ char buf[1+ADDRTOT_BUF+1]; /* :address: */
-+ char *p;
-+ int t = addrtypeof(src);
-+# define TF(t, f) (((t)<<8) | (f))
-+
-+ n = addrbytesptr(src, &b);
-+ if (n == 0) {
-+ bad:
-+ dst[0]='\0';
-+ strncat(dst, "<invalid>", dstlen);
-+ return sizeof("<invalid>");
-+ }
-+
-+ switch (TF(t, format)) {
-+ case TF(AF_INET, 0):
-+ n = normal4(b, n, buf, &p);
-+ break;
-+ case TF(AF_INET6, 0):
-+ n = normal6(b, n, buf, &p, 1);
-+ break;
-+ case TF(AF_INET, 'Q'):
-+ n = normal4(b, n, buf, &p);
-+ break;
-+ case TF(AF_INET6, 'Q'):
-+ n = normal6(b, n, buf, &p, 0);
-+ break;
-+ case TF(AF_INET, 'r'):
-+ n = reverse4(b, n, buf, &p);
-+ break;
-+ case TF(AF_INET6, 'r'):
-+ n = reverse6(b, n, buf, &p);
-+ break;
-+ default: /* including (AF_INET, 'R') */
-+ goto bad;
-+ break;
-+ }
-+
-+ if (dstlen > 0) {
-+ if (dstlen < n)
-+ p[dstlen - 1] = '\0';
-+ strcpy(dst, p);
-+ }
-+ return n;
-+}
-+
-+/*
-+ - normal4 - normal IPv4 address-text conversion
-+ */
-+static size_t /* size of text, including NUL */
-+normal4(srcp, srclen, buf, dstp)
-+const unsigned char *srcp;
-+size_t srclen;
-+char *buf; /* guaranteed large enough */
-+char **dstp; /* where to put result pointer */
-+{
-+ int i;
-+ char *p;
-+
-+ if (srclen != IP4BYTES) /* "can't happen" */
-+ return 0;
-+ p = buf;
-+ for (i = 0; i < IP4BYTES; i++) {
-+ p += ultot(srcp[i], 10, p, PERBYTE);
-+ if (i != IP4BYTES - 1)
-+ *(p-1) = '.'; /* overwrites the NUL */
-+ }
-+ *dstp = buf;
-+ return p - buf;
-+}
-+
-+/*
-+ - normal6 - normal IPv6 address-text conversion
-+ */
-+static size_t /* size of text, including NUL */
-+normal6(srcp, srclen, buf, dstp, squish)
-+const unsigned char *srcp;
-+size_t srclen;
-+char *buf; /* guaranteed large enough, plus 2 */
-+char **dstp; /* where to put result pointer */
-+int squish; /* whether to squish out 0:0 */
-+{
-+ int i;
-+ unsigned long piece;
-+ char *p;
-+ char *q;
-+
-+ if (srclen != IP6BYTES) /* "can't happen" */
-+ return 0;
-+ p = buf;
-+ *p++ = ':';
-+ for (i = 0; i < IP6BYTES/2; i++) {
-+ piece = (srcp[2*i] << 8) + srcp[2*i + 1];
-+ p += ultot(piece, 16, p, 5); /* 5 = abcd + NUL */
-+ *(p-1) = ':'; /* overwrites the NUL */
-+ }
-+ *p = '\0';
-+ q = strstr(buf, ":0:0:");
-+ if (squish && q != NULL) { /* zero squishing is possible */
-+ p = q + 1;
-+ while (*p == '0' && *(p+1) == ':')
-+ p += 2;
-+ q++;
-+ *q++ = ':'; /* overwrite first 0 */
-+ while (*p != '\0')
-+ *q++ = *p++;
-+ *q = '\0';
-+ if (!(*(q-1) == ':' && *(q-2) == ':'))
-+ *--q = '\0'; /* strip final : unless :: */
-+ p = buf;
-+ if (!(*p == ':' && *(p+1) == ':'))
-+ p++; /* skip initial : unless :: */
-+ } else {
-+ q = p;
-+ *--q = '\0'; /* strip final : */
-+ p = buf + 1; /* skip initial : */
-+ }
-+ *dstp = p;
-+ return q - p + 1;
-+}
-+
-+/*
-+ - reverse4 - IPv4 reverse-lookup conversion
-+ */
-+static size_t /* size of text, including NUL */
-+reverse4(srcp, srclen, buf, dstp)
-+const unsigned char *srcp;
-+size_t srclen;
-+char *buf; /* guaranteed large enough */
-+char **dstp; /* where to put result pointer */
-+{
-+ int i;
-+ char *p;
-+
-+ if (srclen != IP4BYTES) /* "can't happen" */
-+ return 0;
-+ p = buf;
-+ for (i = IP4BYTES-1; i >= 0; i--) {
-+ p += ultot(srcp[i], 10, p, PERBYTE);
-+ *(p-1) = '.'; /* overwrites the NUL */
-+ }
-+ strcpy(p, "IN-ADDR.ARPA.");
-+ *dstp = buf;
-+ return strlen(buf) + 1;
-+}
-+
-+/*
-+ - reverse6 - IPv6 reverse-lookup conversion (RFC 1886)
-+ * A trifle inefficient, really shouldn't use ultot...
-+ */
-+static size_t /* size of text, including NUL */
-+reverse6(srcp, srclen, buf, dstp)
-+const unsigned char *srcp;
-+size_t srclen;
-+char *buf; /* guaranteed large enough */
-+char **dstp; /* where to put result pointer */
-+{
-+ int i;
-+ unsigned long piece;
-+ char *p;
-+
-+ if (srclen != IP6BYTES) /* "can't happen" */
-+ return 0;
-+ p = buf;
-+ for (i = IP6BYTES-1; i >= 0; i--) {
-+ piece = srcp[i];
-+ p += ultot(piece&0xf, 16, p, 2);
-+ *(p-1) = '.';
-+ p += ultot(piece>>4, 16, p, 2);
-+ *(p-1) = '.';
-+ }
-+ strcpy(p, "IP6.ARPA.");
-+ *dstp = buf;
-+ return strlen(buf) + 1;
-+}
-+
-+/*
-+ - reverse6 - modern IPv6 reverse-lookup conversion (RFC 2874)
-+ * this version removed as it was obsoleted in the end.
-+ */
-+
-+#ifdef ADDRTOT_MAIN
-+
-+#include <stdio.h>
-+#include <sys/socket.h>
-+#include <netinet/in.h>
-+#include <arpa/inet.h>
-+
-+void regress(void);
-+
-+int
-+main(int argc, char *argv[])
-+{
-+ if (argc < 2) {
-+ fprintf(stderr, "Usage: %s {addr|net/mask|begin...end|-r}\n",
-+ argv[0]);
-+ exit(2);
-+ }
-+
-+ if (strcmp(argv[1], "-r") == 0) {
-+ regress();
-+ fprintf(stderr, "regress() returned?!?\n");
-+ exit(1);
-+ }
-+ exit(0);
-+}
-+
-+struct rtab {
-+ char *input;
-+ char format;
-+ char *output; /* NULL means error expected */
-+} rtab[] = {
-+ {"1.2.3.0", 0, "1.2.3.0"},
-+ {"1:2::3:4", 0, "1:2::3:4"},
-+ {"1:2::3:4", 'Q', "1:2:0:0:0:0:3:4"},
-+ {"1:2:0:0:3:4:0:0", 0, "1:2::3:4:0:0"},
-+ {"1.2.3.4", 'r' , "4.3.2.1.IN-ADDR.ARPA."},
-+ /* 0 1 2 3 4 5 6 7 8 9 a b c d e f 0 1 2 3 4 5 6 7 8 9 a b c d e f */
-+ {"1:2::3:4", 'r', "4.0.0.0.3.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.0.1.0.0.0.IP6.ARPA."},
-+ {NULL, 0, NULL}
-+};
-+
-+void
-+regress()
-+{
-+ struct rtab *r;
-+ int status = 0;
-+ ip_address a;
-+ char in[100];
-+ char buf[100];
-+ const char *oops;
-+ size_t n;
-+
-+ for (r = rtab; r->input != NULL; r++) {
-+ strcpy(in, r->input);
-+
-+ /* convert it *to* internal format */
-+ oops = ttoaddr(in, strlen(in), 0, &a);
-+
-+ /* now convert it back */
-+
-+ n = addrtot(&a, r->format, buf, sizeof(buf));
-+
-+ if (n == 0 && r->output == NULL)
-+ {} /* okay, error expected */
-+
-+ else if (n == 0) {
-+ printf("`%s' atoasr failed\n", r->input);
-+ status = 1;
-+
-+ } else if (r->output == NULL) {
-+ printf("`%s' atoasr succeeded unexpectedly '%c'\n",
-+ r->input, r->format);
-+ status = 1;
-+ } else {
-+ if (strcasecmp(r->output, buf) != 0) {
-+ printf("`%s' '%c' gave `%s', expected `%s'\n",
-+ r->input, r->format, buf, r->output);
-+ status = 1;
-+ }
-+ }
-+ }
-+ exit(status);
-+}
-+
-+#endif /* ADDRTOT_MAIN */
-+
-+/*
-+ * $Log: addrtot.c,v $
-+ * Revision 1.22.2.2 2007-10-30 21:32:26 paul
-+ * Added strstr prototype [dhr]
-+ *
-+ * Revision 1.22.2.1 2005/11/17 22:30:49 paul
-+ * pull up strstr fix from head.
-+ *
-+ * Revision 1.22 2005/05/20 16:47:40 mcr
-+ * make strstr static if we need it.
-+ *
-+ * Revision 1.21 2005/03/21 00:35:12 mcr
-+ * test for strstr properly
-+ *
-+ * Revision 1.20 2004/11/09 22:52:20 mcr
-+ * until we figure out which kernels have strsep and which
-+ * do not (UML does not under certain circumstances), then
-+ * let's just provide our own.
-+ *
-+ * Revision 1.19 2004/10/08 16:30:33 mcr
-+ * pull-up of initial crypto-offload work.
-+ *
-+ * Revision 1.18 2004/09/18 19:33:08 mcr
-+ * use an appropriate kernel happy ifdef for strstr.
-+ *
-+ * Revision 1.17 2004/09/15 21:49:02 mcr
-+ * use local copy of strstr() if this is going in the kernel.
-+ * Not clear why this worked before, or why this shows up
-+ * for modules only.
-+ *
-+ * Revision 1.16 2004/07/10 07:43:47 mcr
-+ * Moved from linux/lib/libfreeswan/addrtot.c,v
-+ *
-+ * Revision 1.15 2004/04/11 17:39:25 mcr
-+ * removed internal.h requirements.
-+ *
-+ * Revision 1.14 2004/03/08 01:59:08 ken
-+ * freeswan.h -> openswan.h
-+ *
-+ * Revision 1.13 2004/01/05 23:21:05 mcr
-+ * if the address type is invalid, then return length of <invalid>
-+ * string!
-+ *
-+ * Revision 1.12 2003/12/30 06:42:48 mcr
-+ * added $Log: addrtot.c,v $
-+ * added Revision 1.22.2.2 2007-10-30 21:32:26 paul
-+ * added Added strstr prototype [dhr]
-+ * added
-+ * added Revision 1.22.2.1 2005/11/17 22:30:49 paul
-+ * added pull up strstr fix from head.
-+ * added
-+ * added Revision 1.22 2005/05/20 16:47:40 mcr
-+ * added make strstr static if we need it.
-+ * added
-+ * added Revision 1.21 2005/03/21 00:35:12 mcr
-+ * added test for strstr properly
-+ * added
-+ * added Revision 1.20 2004/11/09 22:52:20 mcr
-+ * added until we figure out which kernels have strsep and which
-+ * added do not (UML does not under certain circumstances), then
-+ * added let's just provide our own.
-+ * added
-+ * added Revision 1.19 2004/10/08 16:30:33 mcr
-+ * added pull-up of initial crypto-offload work.
-+ * added
-+ * added Revision 1.18 2004/09/18 19:33:08 mcr
-+ * added use an appropriate kernel happy ifdef for strstr.
-+ * added
-+ * added Revision 1.17 2004/09/15 21:49:02 mcr
-+ * added use local copy of strstr() if this is going in the kernel.
-+ * added Not clear why this worked before, or why this shows up
-+ * added for modules only.
-+ * added
-+ * added Revision 1.16 2004/07/10 07:43:47 mcr
-+ * added Moved from linux/lib/libfreeswan/addrtot.c,v
-+ * added
-+ * added Revision 1.15 2004/04/11 17:39:25 mcr
-+ * added removed internal.h requirements.
-+ * added
-+ * added Revision 1.14 2004/03/08 01:59:08 ken
-+ * added freeswan.h -> openswan.h
-+ * added
-+ * added Revision 1.13 2004/01/05 23:21:05 mcr
-+ * added if the address type is invalid, then return length of <invalid>
-+ * added string!
-+ * added
-+ *
-+ *
-+ */
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/addrtypeof.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,93 @@
-+/*
-+ * extract parts of an ip_address
-+ * Copyright (C) 2000 Henry Spencer.
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: addrtypeof.c,v 1.10 2004-07-10 07:43:47 mcr Exp $
-+ */
-+#include "openswan.h"
-+
-+/*
-+ - addrtypeof - get the type of an ip_address
-+ */
-+int
-+addrtypeof(src)
-+const ip_address *src;
-+{
-+ return src->u.v4.sin_family;
-+}
-+
-+/*
-+ - addrbytesptr - get pointer to the address bytes of an ip_address
-+ */
-+size_t /* 0 for error */
-+addrbytesptr(src, dstp)
-+const ip_address *src;
-+const unsigned char **dstp; /* NULL means just a size query */
-+{
-+ const unsigned char *p;
-+ size_t n;
-+
-+ switch (src->u.v4.sin_family) {
-+ case AF_INET:
-+ p = (const unsigned char *)&src->u.v4.sin_addr.s_addr;
-+ n = 4;
-+ break;
-+ case AF_INET6:
-+ p = (const unsigned char *)&src->u.v6.sin6_addr;
-+ n = 16;
-+ break;
-+ default:
-+ return 0;
-+ break;
-+ }
-+
-+ if (dstp != NULL)
-+ *dstp = p;
-+ return n;
-+}
-+
-+/*
-+ - addrlenof - get length of the address bytes of an ip_address
-+ */
-+size_t /* 0 for error */
-+addrlenof(src)
-+const ip_address *src;
-+{
-+ return addrbytesptr(src, NULL);
-+}
-+
-+/*
-+ - addrbytesof - get the address bytes of an ip_address
-+ */
-+size_t /* 0 for error */
-+addrbytesof(src, dst, dstlen)
-+const ip_address *src;
-+unsigned char *dst;
-+size_t dstlen;
-+{
-+ const unsigned char *p;
-+ size_t n;
-+ size_t ncopy;
-+
-+ n = addrbytesptr(src, &p);
-+ if (n == 0)
-+ return 0;
-+
-+ if (dstlen > 0) {
-+ ncopy = n;
-+ if (ncopy > dstlen)
-+ ncopy = dstlen;
-+ memcpy(dst, p, ncopy);
-+ }
-+ return n;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/adler32.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,49 @@
-+/* adler32.c -- compute the Adler-32 checksum of a data stream
-+ * Copyright (C) 1995-2002 Mark Adler
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+/* @(#) $Id: adler32.c,v 1.6 2004-07-10 19:11:18 mcr Exp $ */
-+
-+#include <zlib/zlib.h>
-+#include <zlib/zconf.h>
-+
-+#define BASE 65521L /* largest prime smaller than 65536 */
-+#define NMAX 5552
-+/* NMAX is the largest n such that 255n(n+1)/2 + (n+1)(BASE-1) <= 2^32-1 */
-+
-+#define DO1(buf,i) {s1 += buf[i]; s2 += s1;}
-+#define DO2(buf,i) DO1(buf,i); DO1(buf,i+1);
-+#define DO4(buf,i) DO2(buf,i); DO2(buf,i+2);
-+#define DO8(buf,i) DO4(buf,i); DO4(buf,i+4);
-+#define DO16(buf) DO8(buf,0); DO8(buf,8);
-+
-+/* ========================================================================= */
-+uLong ZEXPORT adler32(adler, buf, len)
-+ uLong adler;
-+ const Bytef *buf;
-+ uInt len;
-+{
-+ unsigned long s1 = adler & 0xffff;
-+ unsigned long s2 = (adler >> 16) & 0xffff;
-+ int k;
-+
-+ if (buf == Z_NULL) return 1L;
-+
-+ while (len > 0) {
-+ k = len < NMAX ? len : NMAX;
-+ len -= k;
-+ while (k >= 16) {
-+ DO16(buf);
-+ buf += 16;
-+ k -= 16;
-+ }
-+ if (k != 0) do {
-+ s1 += *buf++;
-+ s2 += s1;
-+ } while (--k);
-+ s1 %= BASE;
-+ s2 %= BASE;
-+ }
-+ return (s2 << 16) | s1;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/aes/Makefile Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,59 @@
-+# Makefile for KLIPS 3DES kernel code as a module for 2.6 kernels
-+#
-+# Makefile for KLIPS kernel code as a module
-+# Copyright (C) 2002-2004 Michael Richardson <mcr@xelerance.com>
-+#
-+# This program is free software; you can redistribute it and/or modify it
-+# under the terms of the GNU General Public License as published by the
-+# Free Software Foundation; either version 2 of the License, or (at your
-+# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+#
-+# This program is distributed in the hope that it will be useful, but
-+# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+# for more details.
-+#
-+# RCSID $Id: Makefile.fs2_6,v 1.1.10.1 2005-08-12 16:10:05 ken Exp $
-+#
-+# Note! Dependencies are done automagically by 'make dep', which also
-+# removes any old dependencies. DON'T put your own dependencies here
-+# unless it's something special (ie not a .c file).
-+#
-+
-+obj-$(CONFIG_KLIPS_ENC_AES) += ipsec_alg_aes.o
-+obj-$(CONFIG_KLIPS_ENC_AES) += aes_xcbc_mac.o
-+obj-$(CONFIG_KLIPS_ENC_AES) += aes_cbc.o
-+
-+ifeq ($(strip ${SUBARCH}),)
-+SUBARCH:=${ARCH}
-+endif
-+
-+# the assembly version expects frame pointers, which are
-+# optional in many kernel builds. If you want speed, you should
-+# probably use cryptoapi code instead.
-+USEASSEMBLY=${SUBARCH}${CONFIG_FRAME_POINTER}
-+ifeq (${USEASSEMBLY},i386y)
-+obj-$(CONFIG_KLIPS_ENC_AES) += aes-i586.o
-+else
-+obj-$(CONFIG_KLIPS_ENC_AES) += aes.o
-+endif
-+
-+
-+#
-+# $Log: Makefile.fs2_6,v $
-+# Revision 1.1.10.1 2005-08-12 16:10:05 ken
-+# do not use assembly code with there are no frame pointers
-+#
-+# Revision 1.2 2005/08/12 14:13:58 mcr
-+# do not use assembly code with there are no frame pointers,
-+# as it does not have the right linkages.
-+#
-+# Revision 1.1 2004/08/17 03:31:34 mcr
-+# klips 2.6 edits.
-+#
-+#
-+# Local Variables:
-+# compile-command: "(cd ../../.. && source umlsetup.sh && make -C ${POOLSPACE} module/ipsec.o)"
-+# End Variables:
-+#
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/aes/aes-i586.S Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,892 @@
-+//
-+// Copyright (c) 2001, Dr Brian Gladman <brg@gladman.uk.net>, Worcester, UK.
-+// All rights reserved.
-+//
-+// TERMS
-+//
-+// Redistribution and use in source and binary forms, with or without
-+// modification, are permitted subject to the following conditions:
-+//
-+// 1. Redistributions of source code must retain the above copyright
-+// notice, this list of conditions and the following disclaimer.
-+//
-+// 2. Redistributions in binary form must reproduce the above copyright
-+// notice, this list of conditions and the following disclaimer in the
-+// documentation and/or other materials provided with the distribution.
-+//
-+// 3. The copyright holder's name must not be used to endorse or promote
-+// any products derived from this software without his specific prior
-+// written permission.
-+//
-+// This software is provided 'as is' with no express or implied warranties
-+// of correctness or fitness for purpose.
-+
-+// Modified by Jari Ruusu, December 24 2001
-+// - Converted syntax to GNU CPP/assembler syntax
-+// - C programming interface converted back to "old" API
-+// - Minor portability cleanups and speed optimizations
-+
-+// An AES (Rijndael) implementation for the Pentium. This version only
-+// implements the standard AES block length (128 bits, 16 bytes). This code
-+// does not preserve the eax, ecx or edx registers or the artihmetic status
-+// flags. However, the ebx, esi, edi, and ebp registers are preserved across
-+// calls.
-+
-+// void aes_set_key(aes_context *cx, const unsigned char key[], const int key_len, const int f)
-+// void aes_encrypt(const aes_context *cx, const unsigned char in_blk[], unsigned char out_blk[])
-+// void aes_decrypt(const aes_context *cx, const unsigned char in_blk[], unsigned char out_blk[])
-+
-+#if defined(USE_UNDERLINE)
-+# define aes_set_key _aes_set_key
-+# define aes_encrypt _aes_encrypt
-+# define aes_decrypt _aes_decrypt
-+#endif
-+#if !defined(ALIGN32BYTES)
-+# define ALIGN32BYTES 32
-+#endif
-+
-+ .file "aes-i586.S"
-+ .globl aes_set_key
-+ .globl aes_encrypt
-+ .globl aes_decrypt
-+
-+#define tlen 1024 // length of each of 4 'xor' arrays (256 32-bit words)
-+
-+// offsets to parameters with one register pushed onto stack
-+
-+#define ctx 8 // AES context structure
-+#define in_blk 12 // input byte array address parameter
-+#define out_blk 16 // output byte array address parameter
-+
-+// offsets in context structure
-+
-+#define nkey 0 // key length, size 4
-+#define nrnd 4 // number of rounds, size 4
-+#define ekey 8 // encryption key schedule base address, size 256
-+#define dkey 264 // decryption key schedule base address, size 256
-+
-+// This macro performs a forward encryption cycle. It is entered with
-+// the first previous round column values in %eax, %ebx, %esi and %edi and
-+// exits with the final values in the same registers.
-+
-+#define fwd_rnd(p1,p2) \
-+ mov %ebx,(%esp) ;\
-+ movzbl %al,%edx ;\
-+ mov %eax,%ecx ;\
-+ mov p2(%ebp),%eax ;\
-+ mov %edi,4(%esp) ;\
-+ mov p2+12(%ebp),%edi ;\
-+ xor p1(,%edx,4),%eax ;\
-+ movzbl %ch,%edx ;\
-+ shr $16,%ecx ;\
-+ mov p2+4(%ebp),%ebx ;\
-+ xor p1+tlen(,%edx,4),%edi ;\
-+ movzbl %cl,%edx ;\
-+ movzbl %ch,%ecx ;\
-+ xor p1+3*tlen(,%ecx,4),%ebx ;\
-+ mov %esi,%ecx ;\
-+ mov p1+2*tlen(,%edx,4),%esi ;\
-+ movzbl %cl,%edx ;\
-+ xor p1(,%edx,4),%esi ;\
-+ movzbl %ch,%edx ;\
-+ shr $16,%ecx ;\
-+ xor p1+tlen(,%edx,4),%ebx ;\
-+ movzbl %cl,%edx ;\
-+ movzbl %ch,%ecx ;\
-+ xor p1+2*tlen(,%edx,4),%eax ;\
-+ mov (%esp),%edx ;\
-+ xor p1+3*tlen(,%ecx,4),%edi ;\
-+ movzbl %dl,%ecx ;\
-+ xor p2+8(%ebp),%esi ;\
-+ xor p1(,%ecx,4),%ebx ;\
-+ movzbl %dh,%ecx ;\
-+ shr $16,%edx ;\
-+ xor p1+tlen(,%ecx,4),%eax ;\
-+ movzbl %dl,%ecx ;\
-+ movzbl %dh,%edx ;\
-+ xor p1+2*tlen(,%ecx,4),%edi ;\
-+ mov 4(%esp),%ecx ;\
-+ xor p1+3*tlen(,%edx,4),%esi ;\
-+ movzbl %cl,%edx ;\
-+ xor p1(,%edx,4),%edi ;\
-+ movzbl %ch,%edx ;\
-+ shr $16,%ecx ;\
-+ xor p1+tlen(,%edx,4),%esi ;\
-+ movzbl %cl,%edx ;\
-+ movzbl %ch,%ecx ;\
-+ xor p1+2*tlen(,%edx,4),%ebx ;\
-+ xor p1+3*tlen(,%ecx,4),%eax
-+
-+// This macro performs an inverse encryption cycle. It is entered with
-+// the first previous round column values in %eax, %ebx, %esi and %edi and
-+// exits with the final values in the same registers.
-+
-+#define inv_rnd(p1,p2) \
-+ movzbl %al,%edx ;\
-+ mov %ebx,(%esp) ;\
-+ mov %eax,%ecx ;\
-+ mov p2(%ebp),%eax ;\
-+ mov %edi,4(%esp) ;\
-+ mov p2+4(%ebp),%ebx ;\
-+ xor p1(,%edx,4),%eax ;\
-+ movzbl %ch,%edx ;\
-+ shr $16,%ecx ;\
-+ mov p2+12(%ebp),%edi ;\
-+ xor p1+tlen(,%edx,4),%ebx ;\
-+ movzbl %cl,%edx ;\
-+ movzbl %ch,%ecx ;\
-+ xor p1+3*tlen(,%ecx,4),%edi ;\
-+ mov %esi,%ecx ;\
-+ mov p1+2*tlen(,%edx,4),%esi ;\
-+ movzbl %cl,%edx ;\
-+ xor p1(,%edx,4),%esi ;\
-+ movzbl %ch,%edx ;\
-+ shr $16,%ecx ;\
-+ xor p1+tlen(,%edx,4),%edi ;\
-+ movzbl %cl,%edx ;\
-+ movzbl %ch,%ecx ;\
-+ xor p1+2*tlen(,%edx,4),%eax ;\
-+ mov (%esp),%edx ;\
-+ xor p1+3*tlen(,%ecx,4),%ebx ;\
-+ movzbl %dl,%ecx ;\
-+ xor p2+8(%ebp),%esi ;\
-+ xor p1(,%ecx,4),%ebx ;\
-+ movzbl %dh,%ecx ;\
-+ shr $16,%edx ;\
-+ xor p1+tlen(,%ecx,4),%esi ;\
-+ movzbl %dl,%ecx ;\
-+ movzbl %dh,%edx ;\
-+ xor p1+2*tlen(,%ecx,4),%edi ;\
-+ mov 4(%esp),%ecx ;\
-+ xor p1+3*tlen(,%edx,4),%eax ;\
-+ movzbl %cl,%edx ;\
-+ xor p1(,%edx,4),%edi ;\
-+ movzbl %ch,%edx ;\
-+ shr $16,%ecx ;\
-+ xor p1+tlen(,%edx,4),%eax ;\
-+ movzbl %cl,%edx ;\
-+ movzbl %ch,%ecx ;\
-+ xor p1+2*tlen(,%edx,4),%ebx ;\
-+ xor p1+3*tlen(,%ecx,4),%esi
-+
-+// AES (Rijndael) Encryption Subroutine
-+
-+ .text
-+ .align ALIGN32BYTES
-+aes_encrypt:
-+ push %ebp
-+ mov ctx(%esp),%ebp // pointer to context
-+ mov in_blk(%esp),%ecx
-+ push %ebx
-+ push %esi
-+ push %edi
-+ mov nrnd(%ebp),%edx // number of rounds
-+ lea ekey+16(%ebp),%ebp // key pointer
-+
-+// input four columns and xor in first round key
-+
-+ mov (%ecx),%eax
-+ mov 4(%ecx),%ebx
-+ mov 8(%ecx),%esi
-+ mov 12(%ecx),%edi
-+ xor -16(%ebp),%eax
-+ xor -12(%ebp),%ebx
-+ xor -8(%ebp),%esi
-+ xor -4(%ebp),%edi
-+
-+ sub $8,%esp // space for register saves on stack
-+
-+ sub $10,%edx
-+ je aes_15
-+ add $32,%ebp
-+ sub $2,%edx
-+ je aes_13
-+ add $32,%ebp
-+
-+ fwd_rnd(aes_ft_tab,-64) // 14 rounds for 256-bit key
-+ fwd_rnd(aes_ft_tab,-48)
-+aes_13: fwd_rnd(aes_ft_tab,-32) // 12 rounds for 192-bit key
-+ fwd_rnd(aes_ft_tab,-16)
-+aes_15: fwd_rnd(aes_ft_tab,0) // 10 rounds for 128-bit key
-+ fwd_rnd(aes_ft_tab,16)
-+ fwd_rnd(aes_ft_tab,32)
-+ fwd_rnd(aes_ft_tab,48)
-+ fwd_rnd(aes_ft_tab,64)
-+ fwd_rnd(aes_ft_tab,80)
-+ fwd_rnd(aes_ft_tab,96)
-+ fwd_rnd(aes_ft_tab,112)
-+ fwd_rnd(aes_ft_tab,128)
-+ fwd_rnd(aes_fl_tab,144) // last round uses a different table
-+
-+// move final values to the output array.
-+
-+ mov out_blk+20(%esp),%ebp
-+ add $8,%esp
-+ mov %eax,(%ebp)
-+ mov %ebx,4(%ebp)
-+ mov %esi,8(%ebp)
-+ mov %edi,12(%ebp)
-+ pop %edi
-+ pop %esi
-+ pop %ebx
-+ pop %ebp
-+ ret
-+
-+
-+// AES (Rijndael) Decryption Subroutine
-+
-+ .align ALIGN32BYTES
-+aes_decrypt:
-+ push %ebp
-+ mov ctx(%esp),%ebp // pointer to context
-+ mov in_blk(%esp),%ecx
-+ push %ebx
-+ push %esi
-+ push %edi
-+ mov nrnd(%ebp),%edx // number of rounds
-+ lea dkey+16(%ebp),%ebp // key pointer
-+
-+// input four columns and xor in first round key
-+
-+ mov (%ecx),%eax
-+ mov 4(%ecx),%ebx
-+ mov 8(%ecx),%esi
-+ mov 12(%ecx),%edi
-+ xor -16(%ebp),%eax
-+ xor -12(%ebp),%ebx
-+ xor -8(%ebp),%esi
-+ xor -4(%ebp),%edi
-+
-+ sub $8,%esp // space for register saves on stack
-+
-+ sub $10,%edx
-+ je aes_25
-+ add $32,%ebp
-+ sub $2,%edx
-+ je aes_23
-+ add $32,%ebp
-+
-+ inv_rnd(aes_it_tab,-64) // 14 rounds for 256-bit key
-+ inv_rnd(aes_it_tab,-48)
-+aes_23: inv_rnd(aes_it_tab,-32) // 12 rounds for 192-bit key
-+ inv_rnd(aes_it_tab,-16)
-+aes_25: inv_rnd(aes_it_tab,0) // 10 rounds for 128-bit key
-+ inv_rnd(aes_it_tab,16)
-+ inv_rnd(aes_it_tab,32)
-+ inv_rnd(aes_it_tab,48)
-+ inv_rnd(aes_it_tab,64)
-+ inv_rnd(aes_it_tab,80)
-+ inv_rnd(aes_it_tab,96)
-+ inv_rnd(aes_it_tab,112)
-+ inv_rnd(aes_it_tab,128)
-+ inv_rnd(aes_il_tab,144) // last round uses a different table
-+
-+// move final values to the output array.
-+
-+ mov out_blk+20(%esp),%ebp
-+ add $8,%esp
-+ mov %eax,(%ebp)
-+ mov %ebx,4(%ebp)
-+ mov %esi,8(%ebp)
-+ mov %edi,12(%ebp)
-+ pop %edi
-+ pop %esi
-+ pop %ebx
-+ pop %ebp
-+ ret
-+
-+// AES (Rijndael) Key Schedule Subroutine
-+
-+// input/output parameters
-+
-+#define aes_cx 12 // AES context
-+#define in_key 16 // key input array address
-+#define key_ln 20 // key length, bytes (16,24,32) or bits (128,192,256)
-+#define ed_flg 24 // 0=create both encr/decr keys, 1=create encr key only
-+
-+// offsets for locals
-+
-+#define cnt -4
-+#define kpf -8
-+#define slen 8
-+
-+// This macro performs a column mixing operation on an input 32-bit
-+// word to give a 32-bit result. It uses each of the 4 bytes in the
-+// the input column to index 4 different tables of 256 32-bit words
-+// that are xored together to form the output value.
-+
-+#define mix_col(p1) \
-+ movzbl %bl,%ecx ;\
-+ mov p1(,%ecx,4),%eax ;\
-+ movzbl %bh,%ecx ;\
-+ ror $16,%ebx ;\
-+ xor p1+tlen(,%ecx,4),%eax ;\
-+ movzbl %bl,%ecx ;\
-+ xor p1+2*tlen(,%ecx,4),%eax ;\
-+ movzbl %bh,%ecx ;\
-+ xor p1+3*tlen(,%ecx,4),%eax
-+
-+// Key Schedule Macros
-+
-+#define ksc4(p1) \
-+ rol $24,%ebx ;\
-+ mix_col(aes_fl_tab) ;\
-+ ror $8,%ebx ;\
-+ xor 4*p1+aes_rcon_tab,%eax ;\
-+ xor %eax,%esi ;\
-+ xor %esi,%ebp ;\
-+ mov %esi,16*p1(%edi) ;\
-+ mov %ebp,16*p1+4(%edi) ;\
-+ xor %ebp,%edx ;\
-+ xor %edx,%ebx ;\
-+ mov %edx,16*p1+8(%edi) ;\
-+ mov %ebx,16*p1+12(%edi)
-+
-+#define ksc6(p1) \
-+ rol $24,%ebx ;\
-+ mix_col(aes_fl_tab) ;\
-+ ror $8,%ebx ;\
-+ xor 4*p1+aes_rcon_tab,%eax ;\
-+ xor 24*p1-24(%edi),%eax ;\
-+ mov %eax,24*p1(%edi) ;\
-+ xor 24*p1-20(%edi),%eax ;\
-+ mov %eax,24*p1+4(%edi) ;\
-+ xor %eax,%esi ;\
-+ xor %esi,%ebp ;\
-+ mov %esi,24*p1+8(%edi) ;\
-+ mov %ebp,24*p1+12(%edi) ;\
-+ xor %ebp,%edx ;\
-+ xor %edx,%ebx ;\
-+ mov %edx,24*p1+16(%edi) ;\
-+ mov %ebx,24*p1+20(%edi)
-+
-+#define ksc8(p1) \
-+ rol $24,%ebx ;\
-+ mix_col(aes_fl_tab) ;\
-+ ror $8,%ebx ;\
-+ xor 4*p1+aes_rcon_tab,%eax ;\
-+ xor 32*p1-32(%edi),%eax ;\
-+ mov %eax,32*p1(%edi) ;\
-+ xor 32*p1-28(%edi),%eax ;\
-+ mov %eax,32*p1+4(%edi) ;\
-+ xor 32*p1-24(%edi),%eax ;\
-+ mov %eax,32*p1+8(%edi) ;\
-+ xor 32*p1-20(%edi),%eax ;\
-+ mov %eax,32*p1+12(%edi) ;\
-+ push %ebx ;\
-+ mov %eax,%ebx ;\
-+ mix_col(aes_fl_tab) ;\
-+ pop %ebx ;\
-+ xor %eax,%esi ;\
-+ xor %esi,%ebp ;\
-+ mov %esi,32*p1+16(%edi) ;\
-+ mov %ebp,32*p1+20(%edi) ;\
-+ xor %ebp,%edx ;\
-+ xor %edx,%ebx ;\
-+ mov %edx,32*p1+24(%edi) ;\
-+ mov %ebx,32*p1+28(%edi)
-+
-+ .align ALIGN32BYTES
-+aes_set_key:
-+ pushfl
-+ push %ebp
-+ mov %esp,%ebp
-+ sub $slen,%esp
-+ push %ebx
-+ push %esi
-+ push %edi
-+
-+ mov aes_cx(%ebp),%edx // edx -> AES context
-+
-+ mov key_ln(%ebp),%ecx // key length
-+ cmpl $128,%ecx
-+ jb aes_30
-+ shr $3,%ecx
-+aes_30: cmpl $32,%ecx
-+ je aes_32
-+ cmpl $24,%ecx
-+ je aes_32
-+ mov $16,%ecx
-+aes_32: shr $2,%ecx
-+ mov %ecx,nkey(%edx)
-+
-+ lea 6(%ecx),%eax // 10/12/14 for 4/6/8 32-bit key length
-+ mov %eax,nrnd(%edx)
-+
-+ mov in_key(%ebp),%esi // key input array
-+ lea ekey(%edx),%edi // key position in AES context
-+ cld
-+ push %ebp
-+ mov %ecx,%eax // save key length in eax
-+ rep ; movsl // words in the key schedule
-+ mov -4(%esi),%ebx // put some values in registers
-+ mov -8(%esi),%edx // to allow faster code
-+ mov -12(%esi),%ebp
-+ mov -16(%esi),%esi
-+
-+ cmpl $4,%eax // jump on key size
-+ je aes_36
-+ cmpl $6,%eax
-+ je aes_35
-+
-+ ksc8(0)
-+ ksc8(1)
-+ ksc8(2)
-+ ksc8(3)
-+ ksc8(4)
-+ ksc8(5)
-+ ksc8(6)
-+ jmp aes_37
-+aes_35: ksc6(0)
-+ ksc6(1)
-+ ksc6(2)
-+ ksc6(3)
-+ ksc6(4)
-+ ksc6(5)
-+ ksc6(6)
-+ ksc6(7)
-+ jmp aes_37
-+aes_36: ksc4(0)
-+ ksc4(1)
-+ ksc4(2)
-+ ksc4(3)
-+ ksc4(4)
-+ ksc4(5)
-+ ksc4(6)
-+ ksc4(7)
-+ ksc4(8)
-+ ksc4(9)
-+aes_37: pop %ebp
-+ mov aes_cx(%ebp),%edx // edx -> AES context
-+ cmpl $0,ed_flg(%ebp)
-+ jne aes_39
-+
-+// compile decryption key schedule from encryption schedule - reverse
-+// order and do mix_column operation on round keys except first and last
-+
-+ mov nrnd(%edx),%eax // kt = cx->d_key + nc * cx->Nrnd
-+ shl $2,%eax
-+ lea dkey(%edx,%eax,4),%edi
-+ lea ekey(%edx),%esi // kf = cx->e_key
-+
-+ movsl // copy first round key (unmodified)
-+ movsl
-+ movsl
-+ movsl
-+ sub $32,%edi
-+ movl $1,cnt(%ebp)
-+aes_38: // do mix column on each column of
-+ lodsl // each round key
-+ mov %eax,%ebx
-+ mix_col(aes_im_tab)
-+ stosl
-+ lodsl
-+ mov %eax,%ebx
-+ mix_col(aes_im_tab)
-+ stosl
-+ lodsl
-+ mov %eax,%ebx
-+ mix_col(aes_im_tab)
-+ stosl
-+ lodsl
-+ mov %eax,%ebx
-+ mix_col(aes_im_tab)
-+ stosl
-+ sub $32,%edi
-+
-+ incl cnt(%ebp)
-+ mov cnt(%ebp),%eax
-+ cmp nrnd(%edx),%eax
-+ jb aes_38
-+
-+ movsl // copy last round key (unmodified)
-+ movsl
-+ movsl
-+ movsl
-+aes_39: pop %edi
-+ pop %esi
-+ pop %ebx
-+ mov %ebp,%esp
-+ pop %ebp
-+ popfl
-+ ret
-+
-+
-+// finite field multiplies by {02}, {04} and {08}
-+
-+#define f2(x) ((x<<1)^(((x>>7)&1)*0x11b))
-+#define f4(x) ((x<<2)^(((x>>6)&1)*0x11b)^(((x>>6)&2)*0x11b))
-+#define f8(x) ((x<<3)^(((x>>5)&1)*0x11b)^(((x>>5)&2)*0x11b)^(((x>>5)&4)*0x11b))
-+
-+// finite field multiplies required in table generation
-+
-+#define f3(x) (f2(x) ^ x)
-+#define f9(x) (f8(x) ^ x)
-+#define fb(x) (f8(x) ^ f2(x) ^ x)
-+#define fd(x) (f8(x) ^ f4(x) ^ x)
-+#define fe(x) (f8(x) ^ f4(x) ^ f2(x))
-+
-+// These defines generate the forward table entries
-+
-+#define u0(x) ((f3(x) << 24) | (x << 16) | (x << 8) | f2(x))
-+#define u1(x) ((x << 24) | (x << 16) | (f2(x) << 8) | f3(x))
-+#define u2(x) ((x << 24) | (f2(x) << 16) | (f3(x) << 8) | x)
-+#define u3(x) ((f2(x) << 24) | (f3(x) << 16) | (x << 8) | x)
-+
-+// These defines generate the inverse table entries
-+
-+#define v0(x) ((fb(x) << 24) | (fd(x) << 16) | (f9(x) << 8) | fe(x))
-+#define v1(x) ((fd(x) << 24) | (f9(x) << 16) | (fe(x) << 8) | fb(x))
-+#define v2(x) ((f9(x) << 24) | (fe(x) << 16) | (fb(x) << 8) | fd(x))
-+#define v3(x) ((fe(x) << 24) | (fb(x) << 16) | (fd(x) << 8) | f9(x))
-+
-+// These defines generate entries for the last round tables
-+
-+#define w0(x) (x)
-+#define w1(x) (x << 8)
-+#define w2(x) (x << 16)
-+#define w3(x) (x << 24)
-+
-+// macro to generate inverse mix column tables (needed for the key schedule)
-+
-+#define im_data0(p1) \
-+ .long p1(0x00),p1(0x01),p1(0x02),p1(0x03),p1(0x04),p1(0x05),p1(0x06),p1(0x07) ;\
-+ .long p1(0x08),p1(0x09),p1(0x0a),p1(0x0b),p1(0x0c),p1(0x0d),p1(0x0e),p1(0x0f) ;\
-+ .long p1(0x10),p1(0x11),p1(0x12),p1(0x13),p1(0x14),p1(0x15),p1(0x16),p1(0x17) ;\
-+ .long p1(0x18),p1(0x19),p1(0x1a),p1(0x1b),p1(0x1c),p1(0x1d),p1(0x1e),p1(0x1f)
-+#define im_data1(p1) \
-+ .long p1(0x20),p1(0x21),p1(0x22),p1(0x23),p1(0x24),p1(0x25),p1(0x26),p1(0x27) ;\
-+ .long p1(0x28),p1(0x29),p1(0x2a),p1(0x2b),p1(0x2c),p1(0x2d),p1(0x2e),p1(0x2f) ;\
-+ .long p1(0x30),p1(0x31),p1(0x32),p1(0x33),p1(0x34),p1(0x35),p1(0x36),p1(0x37) ;\
-+ .long p1(0x38),p1(0x39),p1(0x3a),p1(0x3b),p1(0x3c),p1(0x3d),p1(0x3e),p1(0x3f)
-+#define im_data2(p1) \
-+ .long p1(0x40),p1(0x41),p1(0x42),p1(0x43),p1(0x44),p1(0x45),p1(0x46),p1(0x47) ;\
-+ .long p1(0x48),p1(0x49),p1(0x4a),p1(0x4b),p1(0x4c),p1(0x4d),p1(0x4e),p1(0x4f) ;\
-+ .long p1(0x50),p1(0x51),p1(0x52),p1(0x53),p1(0x54),p1(0x55),p1(0x56),p1(0x57) ;\
-+ .long p1(0x58),p1(0x59),p1(0x5a),p1(0x5b),p1(0x5c),p1(0x5d),p1(0x5e),p1(0x5f)
-+#define im_data3(p1) \
-+ .long p1(0x60),p1(0x61),p1(0x62),p1(0x63),p1(0x64),p1(0x65),p1(0x66),p1(0x67) ;\
-+ .long p1(0x68),p1(0x69),p1(0x6a),p1(0x6b),p1(0x6c),p1(0x6d),p1(0x6e),p1(0x6f) ;\
-+ .long p1(0x70),p1(0x71),p1(0x72),p1(0x73),p1(0x74),p1(0x75),p1(0x76),p1(0x77) ;\
-+ .long p1(0x78),p1(0x79),p1(0x7a),p1(0x7b),p1(0x7c),p1(0x7d),p1(0x7e),p1(0x7f)
-+#define im_data4(p1) \
-+ .long p1(0x80),p1(0x81),p1(0x82),p1(0x83),p1(0x84),p1(0x85),p1(0x86),p1(0x87) ;\
-+ .long p1(0x88),p1(0x89),p1(0x8a),p1(0x8b),p1(0x8c),p1(0x8d),p1(0x8e),p1(0x8f) ;\
-+ .long p1(0x90),p1(0x91),p1(0x92),p1(0x93),p1(0x94),p1(0x95),p1(0x96),p1(0x97) ;\
-+ .long p1(0x98),p1(0x99),p1(0x9a),p1(0x9b),p1(0x9c),p1(0x9d),p1(0x9e),p1(0x9f)
-+#define im_data5(p1) \
-+ .long p1(0xa0),p1(0xa1),p1(0xa2),p1(0xa3),p1(0xa4),p1(0xa5),p1(0xa6),p1(0xa7) ;\
-+ .long p1(0xa8),p1(0xa9),p1(0xaa),p1(0xab),p1(0xac),p1(0xad),p1(0xae),p1(0xaf) ;\
-+ .long p1(0xb0),p1(0xb1),p1(0xb2),p1(0xb3),p1(0xb4),p1(0xb5),p1(0xb6),p1(0xb7) ;\
-+ .long p1(0xb8),p1(0xb9),p1(0xba),p1(0xbb),p1(0xbc),p1(0xbd),p1(0xbe),p1(0xbf)
-+#define im_data6(p1) \
-+ .long p1(0xc0),p1(0xc1),p1(0xc2),p1(0xc3),p1(0xc4),p1(0xc5),p1(0xc6),p1(0xc7) ;\
-+ .long p1(0xc8),p1(0xc9),p1(0xca),p1(0xcb),p1(0xcc),p1(0xcd),p1(0xce),p1(0xcf) ;\
-+ .long p1(0xd0),p1(0xd1),p1(0xd2),p1(0xd3),p1(0xd4),p1(0xd5),p1(0xd6),p1(0xd7) ;\
-+ .long p1(0xd8),p1(0xd9),p1(0xda),p1(0xdb),p1(0xdc),p1(0xdd),p1(0xde),p1(0xdf)
-+#define im_data7(p1) \
-+ .long p1(0xe0),p1(0xe1),p1(0xe2),p1(0xe3),p1(0xe4),p1(0xe5),p1(0xe6),p1(0xe7) ;\
-+ .long p1(0xe8),p1(0xe9),p1(0xea),p1(0xeb),p1(0xec),p1(0xed),p1(0xee),p1(0xef) ;\
-+ .long p1(0xf0),p1(0xf1),p1(0xf2),p1(0xf3),p1(0xf4),p1(0xf5),p1(0xf6),p1(0xf7) ;\
-+ .long p1(0xf8),p1(0xf9),p1(0xfa),p1(0xfb),p1(0xfc),p1(0xfd),p1(0xfe),p1(0xff)
-+
-+// S-box data - 256 entries
-+
-+#define sb_data0(p1) \
-+ .long p1(0x63),p1(0x7c),p1(0x77),p1(0x7b),p1(0xf2),p1(0x6b),p1(0x6f),p1(0xc5) ;\
-+ .long p1(0x30),p1(0x01),p1(0x67),p1(0x2b),p1(0xfe),p1(0xd7),p1(0xab),p1(0x76) ;\
-+ .long p1(0xca),p1(0x82),p1(0xc9),p1(0x7d),p1(0xfa),p1(0x59),p1(0x47),p1(0xf0) ;\
-+ .long p1(0xad),p1(0xd4),p1(0xa2),p1(0xaf),p1(0x9c),p1(0xa4),p1(0x72),p1(0xc0)
-+#define sb_data1(p1) \
-+ .long p1(0xb7),p1(0xfd),p1(0x93),p1(0x26),p1(0x36),p1(0x3f),p1(0xf7),p1(0xcc) ;\
-+ .long p1(0x34),p1(0xa5),p1(0xe5),p1(0xf1),p1(0x71),p1(0xd8),p1(0x31),p1(0x15) ;\
-+ .long p1(0x04),p1(0xc7),p1(0x23),p1(0xc3),p1(0x18),p1(0x96),p1(0x05),p1(0x9a) ;\
-+ .long p1(0x07),p1(0x12),p1(0x80),p1(0xe2),p1(0xeb),p1(0x27),p1(0xb2),p1(0x75)
-+#define sb_data2(p1) \
-+ .long p1(0x09),p1(0x83),p1(0x2c),p1(0x1a),p1(0x1b),p1(0x6e),p1(0x5a),p1(0xa0) ;\
-+ .long p1(0x52),p1(0x3b),p1(0xd6),p1(0xb3),p1(0x29),p1(0xe3),p1(0x2f),p1(0x84) ;\
-+ .long p1(0x53),p1(0xd1),p1(0x00),p1(0xed),p1(0x20),p1(0xfc),p1(0xb1),p1(0x5b) ;\
-+ .long p1(0x6a),p1(0xcb),p1(0xbe),p1(0x39),p1(0x4a),p1(0x4c),p1(0x58),p1(0xcf)
-+#define sb_data3(p1) \
-+ .long p1(0xd0),p1(0xef),p1(0xaa),p1(0xfb),p1(0x43),p1(0x4d),p1(0x33),p1(0x85) ;\
-+ .long p1(0x45),p1(0xf9),p1(0x02),p1(0x7f),p1(0x50),p1(0x3c),p1(0x9f),p1(0xa8) ;\
-+ .long p1(0x51),p1(0xa3),p1(0x40),p1(0x8f),p1(0x92),p1(0x9d),p1(0x38),p1(0xf5) ;\
-+ .long p1(0xbc),p1(0xb6),p1(0xda),p1(0x21),p1(0x10),p1(0xff),p1(0xf3),p1(0xd2)
-+#define sb_data4(p1) \
-+ .long p1(0xcd),p1(0x0c),p1(0x13),p1(0xec),p1(0x5f),p1(0x97),p1(0x44),p1(0x17) ;\
-+ .long p1(0xc4),p1(0xa7),p1(0x7e),p1(0x3d),p1(0x64),p1(0x5d),p1(0x19),p1(0x73) ;\
-+ .long p1(0x60),p1(0x81),p1(0x4f),p1(0xdc),p1(0x22),p1(0x2a),p1(0x90),p1(0x88) ;\
-+ .long p1(0x46),p1(0xee),p1(0xb8),p1(0x14),p1(0xde),p1(0x5e),p1(0x0b),p1(0xdb)
-+#define sb_data5(p1) \
-+ .long p1(0xe0),p1(0x32),p1(0x3a),p1(0x0a),p1(0x49),p1(0x06),p1(0x24),p1(0x5c) ;\
-+ .long p1(0xc2),p1(0xd3),p1(0xac),p1(0x62),p1(0x91),p1(0x95),p1(0xe4),p1(0x79) ;\
-+ .long p1(0xe7),p1(0xc8),p1(0x37),p1(0x6d),p1(0x8d),p1(0xd5),p1(0x4e),p1(0xa9) ;\
-+ .long p1(0x6c),p1(0x56),p1(0xf4),p1(0xea),p1(0x65),p1(0x7a),p1(0xae),p1(0x08)
-+#define sb_data6(p1) \
-+ .long p1(0xba),p1(0x78),p1(0x25),p1(0x2e),p1(0x1c),p1(0xa6),p1(0xb4),p1(0xc6) ;\
-+ .long p1(0xe8),p1(0xdd),p1(0x74),p1(0x1f),p1(0x4b),p1(0xbd),p1(0x8b),p1(0x8a) ;\
-+ .long p1(0x70),p1(0x3e),p1(0xb5),p1(0x66),p1(0x48),p1(0x03),p1(0xf6),p1(0x0e) ;\
-+ .long p1(0x61),p1(0x35),p1(0x57),p1(0xb9),p1(0x86),p1(0xc1),p1(0x1d),p1(0x9e)
-+#define sb_data7(p1) \
-+ .long p1(0xe1),p1(0xf8),p1(0x98),p1(0x11),p1(0x69),p1(0xd9),p1(0x8e),p1(0x94) ;\
-+ .long p1(0x9b),p1(0x1e),p1(0x87),p1(0xe9),p1(0xce),p1(0x55),p1(0x28),p1(0xdf) ;\
-+ .long p1(0x8c),p1(0xa1),p1(0x89),p1(0x0d),p1(0xbf),p1(0xe6),p1(0x42),p1(0x68) ;\
-+ .long p1(0x41),p1(0x99),p1(0x2d),p1(0x0f),p1(0xb0),p1(0x54),p1(0xbb),p1(0x16)
-+
-+// Inverse S-box data - 256 entries
-+
-+#define ib_data0(p1) \
-+ .long p1(0x52),p1(0x09),p1(0x6a),p1(0xd5),p1(0x30),p1(0x36),p1(0xa5),p1(0x38) ;\
-+ .long p1(0xbf),p1(0x40),p1(0xa3),p1(0x9e),p1(0x81),p1(0xf3),p1(0xd7),p1(0xfb) ;\
-+ .long p1(0x7c),p1(0xe3),p1(0x39),p1(0x82),p1(0x9b),p1(0x2f),p1(0xff),p1(0x87) ;\
-+ .long p1(0x34),p1(0x8e),p1(0x43),p1(0x44),p1(0xc4),p1(0xde),p1(0xe9),p1(0xcb)
-+#define ib_data1(p1) \
-+ .long p1(0x54),p1(0x7b),p1(0x94),p1(0x32),p1(0xa6),p1(0xc2),p1(0x23),p1(0x3d) ;\
-+ .long p1(0xee),p1(0x4c),p1(0x95),p1(0x0b),p1(0x42),p1(0xfa),p1(0xc3),p1(0x4e) ;\
-+ .long p1(0x08),p1(0x2e),p1(0xa1),p1(0x66),p1(0x28),p1(0xd9),p1(0x24),p1(0xb2) ;\
-+ .long p1(0x76),p1(0x5b),p1(0xa2),p1(0x49),p1(0x6d),p1(0x8b),p1(0xd1),p1(0x25)
-+#define ib_data2(p1) \
-+ .long p1(0x72),p1(0xf8),p1(0xf6),p1(0x64),p1(0x86),p1(0x68),p1(0x98),p1(0x16) ;\
-+ .long p1(0xd4),p1(0xa4),p1(0x5c),p1(0xcc),p1(0x5d),p1(0x65),p1(0xb6),p1(0x92) ;\
-+ .long p1(0x6c),p1(0x70),p1(0x48),p1(0x50),p1(0xfd),p1(0xed),p1(0xb9),p1(0xda) ;\
-+ .long p1(0x5e),p1(0x15),p1(0x46),p1(0x57),p1(0xa7),p1(0x8d),p1(0x9d),p1(0x84)
-+#define ib_data3(p1) \
-+ .long p1(0x90),p1(0xd8),p1(0xab),p1(0x00),p1(0x8c),p1(0xbc),p1(0xd3),p1(0x0a) ;\
-+ .long p1(0xf7),p1(0xe4),p1(0x58),p1(0x05),p1(0xb8),p1(0xb3),p1(0x45),p1(0x06) ;\
-+ .long p1(0xd0),p1(0x2c),p1(0x1e),p1(0x8f),p1(0xca),p1(0x3f),p1(0x0f),p1(0x02) ;\
-+ .long p1(0xc1),p1(0xaf),p1(0xbd),p1(0x03),p1(0x01),p1(0x13),p1(0x8a),p1(0x6b)
-+#define ib_data4(p1) \
-+ .long p1(0x3a),p1(0x91),p1(0x11),p1(0x41),p1(0x4f),p1(0x67),p1(0xdc),p1(0xea) ;\
-+ .long p1(0x97),p1(0xf2),p1(0xcf),p1(0xce),p1(0xf0),p1(0xb4),p1(0xe6),p1(0x73) ;\
-+ .long p1(0x96),p1(0xac),p1(0x74),p1(0x22),p1(0xe7),p1(0xad),p1(0x35),p1(0x85) ;\
-+ .long p1(0xe2),p1(0xf9),p1(0x37),p1(0xe8),p1(0x1c),p1(0x75),p1(0xdf),p1(0x6e)
-+#define ib_data5(p1) \
-+ .long p1(0x47),p1(0xf1),p1(0x1a),p1(0x71),p1(0x1d),p1(0x29),p1(0xc5),p1(0x89) ;\
-+ .long p1(0x6f),p1(0xb7),p1(0x62),p1(0x0e),p1(0xaa),p1(0x18),p1(0xbe),p1(0x1b) ;\
-+ .long p1(0xfc),p1(0x56),p1(0x3e),p1(0x4b),p1(0xc6),p1(0xd2),p1(0x79),p1(0x20) ;\
-+ .long p1(0x9a),p1(0xdb),p1(0xc0),p1(0xfe),p1(0x78),p1(0xcd),p1(0x5a),p1(0xf4)
-+#define ib_data6(p1) \
-+ .long p1(0x1f),p1(0xdd),p1(0xa8),p1(0x33),p1(0x88),p1(0x07),p1(0xc7),p1(0x31) ;\
-+ .long p1(0xb1),p1(0x12),p1(0x10),p1(0x59),p1(0x27),p1(0x80),p1(0xec),p1(0x5f) ;\
-+ .long p1(0x60),p1(0x51),p1(0x7f),p1(0xa9),p1(0x19),p1(0xb5),p1(0x4a),p1(0x0d) ;\
-+ .long p1(0x2d),p1(0xe5),p1(0x7a),p1(0x9f),p1(0x93),p1(0xc9),p1(0x9c),p1(0xef)
-+#define ib_data7(p1) \
-+ .long p1(0xa0),p1(0xe0),p1(0x3b),p1(0x4d),p1(0xae),p1(0x2a),p1(0xf5),p1(0xb0) ;\
-+ .long p1(0xc8),p1(0xeb),p1(0xbb),p1(0x3c),p1(0x83),p1(0x53),p1(0x99),p1(0x61) ;\
-+ .long p1(0x17),p1(0x2b),p1(0x04),p1(0x7e),p1(0xba),p1(0x77),p1(0xd6),p1(0x26) ;\
-+ .long p1(0xe1),p1(0x69),p1(0x14),p1(0x63),p1(0x55),p1(0x21),p1(0x0c),p1(0x7d)
-+
-+// The rcon_table (needed for the key schedule)
-+//
-+// Here is original Dr Brian Gladman's source code:
-+// _rcon_tab:
-+// %assign x 1
-+// %rep 29
-+// dd x
-+// %assign x f2(x)
-+// %endrep
-+//
-+// Here is precomputed output (it's more portable this way):
-+
-+ .align ALIGN32BYTES
-+aes_rcon_tab:
-+ .long 0x01,0x02,0x04,0x08,0x10,0x20,0x40,0x80
-+ .long 0x1b,0x36,0x6c,0xd8,0xab,0x4d,0x9a,0x2f
-+ .long 0x5e,0xbc,0x63,0xc6,0x97,0x35,0x6a,0xd4
-+ .long 0xb3,0x7d,0xfa,0xef,0xc5
-+
-+// The forward xor tables
-+
-+ .align ALIGN32BYTES
-+aes_ft_tab:
-+ sb_data0(u0)
-+ sb_data1(u0)
-+ sb_data2(u0)
-+ sb_data3(u0)
-+ sb_data4(u0)
-+ sb_data5(u0)
-+ sb_data6(u0)
-+ sb_data7(u0)
-+
-+ sb_data0(u1)
-+ sb_data1(u1)
-+ sb_data2(u1)
-+ sb_data3(u1)
-+ sb_data4(u1)
-+ sb_data5(u1)
-+ sb_data6(u1)
-+ sb_data7(u1)
-+
-+ sb_data0(u2)
-+ sb_data1(u2)
-+ sb_data2(u2)
-+ sb_data3(u2)
-+ sb_data4(u2)
-+ sb_data5(u2)
-+ sb_data6(u2)
-+ sb_data7(u2)
-+
-+ sb_data0(u3)
-+ sb_data1(u3)
-+ sb_data2(u3)
-+ sb_data3(u3)
-+ sb_data4(u3)
-+ sb_data5(u3)
-+ sb_data6(u3)
-+ sb_data7(u3)
-+
-+ .align ALIGN32BYTES
-+aes_fl_tab:
-+ sb_data0(w0)
-+ sb_data1(w0)
-+ sb_data2(w0)
-+ sb_data3(w0)
-+ sb_data4(w0)
-+ sb_data5(w0)
-+ sb_data6(w0)
-+ sb_data7(w0)
-+
-+ sb_data0(w1)
-+ sb_data1(w1)
-+ sb_data2(w1)
-+ sb_data3(w1)
-+ sb_data4(w1)
-+ sb_data5(w1)
-+ sb_data6(w1)
-+ sb_data7(w1)
-+
-+ sb_data0(w2)
-+ sb_data1(w2)
-+ sb_data2(w2)
-+ sb_data3(w2)
-+ sb_data4(w2)
-+ sb_data5(w2)
-+ sb_data6(w2)
-+ sb_data7(w2)
-+
-+ sb_data0(w3)
-+ sb_data1(w3)
-+ sb_data2(w3)
-+ sb_data3(w3)
-+ sb_data4(w3)
-+ sb_data5(w3)
-+ sb_data6(w3)
-+ sb_data7(w3)
-+
-+// The inverse xor tables
-+
-+ .align ALIGN32BYTES
-+aes_it_tab:
-+ ib_data0(v0)
-+ ib_data1(v0)
-+ ib_data2(v0)
-+ ib_data3(v0)
-+ ib_data4(v0)
-+ ib_data5(v0)
-+ ib_data6(v0)
-+ ib_data7(v0)
-+
-+ ib_data0(v1)
-+ ib_data1(v1)
-+ ib_data2(v1)
-+ ib_data3(v1)
-+ ib_data4(v1)
-+ ib_data5(v1)
-+ ib_data6(v1)
-+ ib_data7(v1)
-+
-+ ib_data0(v2)
-+ ib_data1(v2)
-+ ib_data2(v2)
-+ ib_data3(v2)
-+ ib_data4(v2)
-+ ib_data5(v2)
-+ ib_data6(v2)
-+ ib_data7(v2)
-+
-+ ib_data0(v3)
-+ ib_data1(v3)
-+ ib_data2(v3)
-+ ib_data3(v3)
-+ ib_data4(v3)
-+ ib_data5(v3)
-+ ib_data6(v3)
-+ ib_data7(v3)
-+
-+ .align ALIGN32BYTES
-+aes_il_tab:
-+ ib_data0(w0)
-+ ib_data1(w0)
-+ ib_data2(w0)
-+ ib_data3(w0)
-+ ib_data4(w0)
-+ ib_data5(w0)
-+ ib_data6(w0)
-+ ib_data7(w0)
-+
-+ ib_data0(w1)
-+ ib_data1(w1)
-+ ib_data2(w1)
-+ ib_data3(w1)
-+ ib_data4(w1)
-+ ib_data5(w1)
-+ ib_data6(w1)
-+ ib_data7(w1)
-+
-+ ib_data0(w2)
-+ ib_data1(w2)
-+ ib_data2(w2)
-+ ib_data3(w2)
-+ ib_data4(w2)
-+ ib_data5(w2)
-+ ib_data6(w2)
-+ ib_data7(w2)
-+
-+ ib_data0(w3)
-+ ib_data1(w3)
-+ ib_data2(w3)
-+ ib_data3(w3)
-+ ib_data4(w3)
-+ ib_data5(w3)
-+ ib_data6(w3)
-+ ib_data7(w3)
-+
-+// The inverse mix column tables
-+
-+ .align ALIGN32BYTES
-+aes_im_tab:
-+ im_data0(v0)
-+ im_data1(v0)
-+ im_data2(v0)
-+ im_data3(v0)
-+ im_data4(v0)
-+ im_data5(v0)
-+ im_data6(v0)
-+ im_data7(v0)
-+
-+ im_data0(v1)
-+ im_data1(v1)
-+ im_data2(v1)
-+ im_data3(v1)
-+ im_data4(v1)
-+ im_data5(v1)
-+ im_data6(v1)
-+ im_data7(v1)
-+
-+ im_data0(v2)
-+ im_data1(v2)
-+ im_data2(v2)
-+ im_data3(v2)
-+ im_data4(v2)
-+ im_data5(v2)
-+ im_data6(v2)
-+ im_data7(v2)
-+
-+ im_data0(v3)
-+ im_data1(v3)
-+ im_data2(v3)
-+ im_data3(v3)
-+ im_data4(v3)
-+ im_data5(v3)
-+ im_data6(v3)
-+ im_data7(v3)
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/aes/aes.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,1415 @@
-+// I retain copyright in this code but I encourage its free use provided
-+// that I don't carry any responsibility for the results. I am especially
-+// happy to see it used in free and open source software. If you do use
-+// it I would appreciate an acknowledgement of its origin in the code or
-+// the product that results and I would also appreciate knowing a little
-+// about the use to which it is being put. I am grateful to Frank Yellin
-+// for some ideas that are used in this implementation.
-+//
-+// Dr B. R. Gladman <brg@gladman.uk.net> 6th April 2001.
-+//
-+// This is an implementation of the AES encryption algorithm (Rijndael)
-+// designed by Joan Daemen and Vincent Rijmen. This version is designed
-+// to provide both fixed and dynamic block and key lengths and can also
-+// run with either big or little endian internal byte order (see aes.h).
-+// It inputs block and key lengths in bytes with the legal values being
-+// 16, 24 and 32.
-+
-+/*
-+ * Modified by Jari Ruusu, May 1 2001
-+ * - Fixed some compile warnings, code was ok but gcc warned anyway.
-+ * - Changed basic types: byte -> unsigned char, word -> u_int32_t
-+ * - Major name space cleanup: Names visible to outside now begin
-+ * with "aes_" or "AES_". A lot of stuff moved from aes.h to aes.c
-+ * - Removed C++ and DLL support as part of name space cleanup.
-+ * - Eliminated unnecessary recomputation of tables. (actual bug fix)
-+ * - Merged precomputed constant tables to aes.c file.
-+ * - Removed data alignment restrictions for portability reasons.
-+ * - Made block and key lengths accept bit count (128/192/256)
-+ * as well byte count (16/24/32).
-+ * - Removed all error checks. This change also eliminated the need
-+ * to preinitialize the context struct to zero.
-+ * - Removed some totally unused constants.
-+ */
-+
-+#include "crypto/aes.h"
-+
-+// CONFIGURATION OPTIONS (see also aes.h)
-+//
-+// 1. Define UNROLL for full loop unrolling in encryption and decryption.
-+// 2. Define PARTIAL_UNROLL to unroll two loops in encryption and decryption.
-+// 3. Define FIXED_TABLES for compiled rather than dynamic tables.
-+// 4. Define FF_TABLES to use tables for field multiplies and inverses.
-+// Do not enable this without understanding stack space requirements.
-+// 5. Define ARRAYS to use arrays to hold the local state block. If this
-+// is not defined, individually declared 32-bit words are used.
-+// 6. Define FAST_VARIABLE if a high speed variable block implementation
-+// is needed (essentially three separate fixed block size code sequences)
-+// 7. Define either ONE_TABLE or FOUR_TABLES for a fast table driven
-+// version using 1 table (2 kbytes of table space) or 4 tables (8
-+// kbytes of table space) for higher speed.
-+// 8. Define either ONE_LR_TABLE or FOUR_LR_TABLES for a further speed
-+// increase by using tables for the last rounds but with more table
-+// space (2 or 8 kbytes extra).
-+// 9. If neither ONE_TABLE nor FOUR_TABLES is defined, a compact but
-+// slower version is provided.
-+// 10. If fast decryption key scheduling is needed define ONE_IM_TABLE
-+// or FOUR_IM_TABLES for higher speed (2 or 8 kbytes extra).
-+
-+#define UNROLL
-+//#define PARTIAL_UNROLL
-+
-+#define FIXED_TABLES
-+//#define FF_TABLES
-+//#define ARRAYS
-+#define FAST_VARIABLE
-+
-+//#define ONE_TABLE
-+#define FOUR_TABLES
-+
-+//#define ONE_LR_TABLE
-+#define FOUR_LR_TABLES
-+
-+//#define ONE_IM_TABLE
-+#define FOUR_IM_TABLES
-+
-+#if defined(UNROLL) && defined (PARTIAL_UNROLL)
-+#error both UNROLL and PARTIAL_UNROLL are defined
-+#endif
-+
-+#if defined(ONE_TABLE) && defined (FOUR_TABLES)
-+#error both ONE_TABLE and FOUR_TABLES are defined
-+#endif
-+
-+#if defined(ONE_LR_TABLE) && defined (FOUR_LR_TABLES)
-+#error both ONE_LR_TABLE and FOUR_LR_TABLES are defined
-+#endif
-+
-+#if defined(ONE_IM_TABLE) && defined (FOUR_IM_TABLES)
-+#error both ONE_IM_TABLE and FOUR_IM_TABLES are defined
-+#endif
-+
-+#if defined(AES_BLOCK_SIZE) && AES_BLOCK_SIZE != 16 && AES_BLOCK_SIZE != 24 && AES_BLOCK_SIZE != 32
-+#error an illegal block size has been specified
-+#endif
-+
-+// upr(x,n): rotates bytes within words by n positions, moving bytes
-+// to higher index positions with wrap around into low positions
-+// ups(x,n): moves bytes by n positions to higher index positions in
-+// words but without wrap around
-+// bval(x,n): extracts a byte from a word
-+
-+#define upr(x,n) (((x) << 8 * (n)) | ((x) >> (32 - 8 * (n))))
-+#define ups(x,n) ((x) << 8 * (n))
-+#define bval(x,n) ((unsigned char)((x) >> 8 * (n)))
-+#define bytes2word(b0, b1, b2, b3) \
-+ ((u_int32_t)(b3) << 24 | (u_int32_t)(b2) << 16 | (u_int32_t)(b1) << 8 | (b0))
-+
-+
-+/* little endian processor without data alignment restrictions: AES_LE_OK */
-+/* original code: i386 */
-+#if defined(i386) || defined(_I386) || defined(__i386__) || defined(__i386)
-+#define AES_LE_OK 1
-+/* added (tested): alpha --jjo */
-+#elif defined(__alpha__)|| defined (__alpha)
-+#define AES_LE_OK 1
-+/* added (tested): ia64 --jjo */
-+#elif defined(__ia64__)|| defined (__ia64)
-+#define AES_LE_OK 1
-+#endif
-+
-+#ifdef AES_LE_OK
-+/* little endian processor without data alignment restrictions */
-+#define word_in(x) *(u_int32_t*)(x)
-+#define const_word_in(x) *(const u_int32_t*)(x)
-+#define word_out(x,v) *(u_int32_t*)(x) = (v)
-+#define const_word_out(x,v) *(const u_int32_t*)(x) = (v)
-+#else
-+/* slower but generic big endian or with data alignment restrictions */
-+/* some additional "const" touches to stop "gcc -Wcast-qual" complains --jjo */
-+#define word_in(x) ((u_int32_t)(((unsigned char *)(x))[0])|((u_int32_t)(((unsigned char *)(x))[1])<<8)|((u_int32_t)(((unsigned char *)(x))[2])<<16)|((u_int32_t)(((unsigned char *)(x))[3])<<24))
-+#define const_word_in(x) ((const u_int32_t)(((const unsigned char *)(x))[0])|((const u_int32_t)(((const unsigned char *)(x))[1])<<8)|((const u_int32_t)(((const unsigned char *)(x))[2])<<16)|((const u_int32_t)(((const unsigned char *)(x))[3])<<24))
-+#define word_out(x,v) ((unsigned char *)(x))[0]=(v),((unsigned char *)(x))[1]=((v)>>8),((unsigned char *)(x))[2]=((v)>>16),((unsigned char *)(x))[3]=((v)>>24)
-+#define const_word_out(x,v) ((const unsigned char *)(x))[0]=(v),((const unsigned char *)(x))[1]=((v)>>8),((const unsigned char *)(x))[2]=((v)>>16),((const unsigned char *)(x))[3]=((v)>>24)
-+#endif
-+
-+// Disable at least some poor combinations of options
-+
-+#if !defined(ONE_TABLE) && !defined(FOUR_TABLES)
-+#define FIXED_TABLES
-+#undef UNROLL
-+#undef ONE_LR_TABLE
-+#undef FOUR_LR_TABLES
-+#undef ONE_IM_TABLE
-+#undef FOUR_IM_TABLES
-+#elif !defined(FOUR_TABLES)
-+#ifdef FOUR_LR_TABLES
-+#undef FOUR_LR_TABLES
-+#define ONE_LR_TABLE
-+#endif
-+#ifdef FOUR_IM_TABLES
-+#undef FOUR_IM_TABLES
-+#define ONE_IM_TABLE
-+#endif
-+#elif !defined(AES_BLOCK_SIZE)
-+#if defined(UNROLL)
-+#define PARTIAL_UNROLL
-+#undef UNROLL
-+#endif
-+#endif
-+
-+// the finite field modular polynomial and elements
-+
-+#define ff_poly 0x011b
-+#define ff_hi 0x80
-+
-+// multiply four bytes in GF(2^8) by 'x' {02} in parallel
-+
-+#define m1 0x80808080
-+#define m2 0x7f7f7f7f
-+#define m3 0x0000001b
-+#define FFmulX(x) ((((x) & m2) << 1) ^ ((((x) & m1) >> 7) * m3))
-+
-+// The following defines provide alternative definitions of FFmulX that might
-+// give improved performance if a fast 32-bit multiply is not available. Note
-+// that a temporary variable u needs to be defined where FFmulX is used.
-+
-+// #define FFmulX(x) (u = (x) & m1, u |= (u >> 1), ((x) & m2) << 1) ^ ((u >> 3) | (u >> 6))
-+// #define m4 0x1b1b1b1b
-+// #define FFmulX(x) (u = (x) & m1, ((x) & m2) << 1) ^ ((u - (u >> 7)) & m4)
-+
-+// perform column mix operation on four bytes in parallel
-+
-+#define fwd_mcol(x) (f2 = FFmulX(x), f2 ^ upr(x ^ f2,3) ^ upr(x,2) ^ upr(x,1))
-+
-+#if defined(FIXED_TABLES)
-+
-+// the S-Box table
-+
-+static const unsigned char s_box[256] =
-+{
-+ 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5,
-+ 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76,
-+ 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0,
-+ 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0,
-+ 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc,
-+ 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15,
-+ 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a,
-+ 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75,
-+ 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0,
-+ 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84,
-+ 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b,
-+ 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf,
-+ 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85,
-+ 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8,
-+ 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5,
-+ 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2,
-+ 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17,
-+ 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73,
-+ 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88,
-+ 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb,
-+ 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c,
-+ 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79,
-+ 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9,
-+ 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08,
-+ 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6,
-+ 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a,
-+ 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e,
-+ 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e,
-+ 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94,
-+ 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf,
-+ 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68,
-+ 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
-+};
-+
-+// the inverse S-Box table
-+
-+static const unsigned char inv_s_box[256] =
-+{
-+ 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38,
-+ 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb,
-+ 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87,
-+ 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb,
-+ 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d,
-+ 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e,
-+ 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2,
-+ 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25,
-+ 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16,
-+ 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92,
-+ 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda,
-+ 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84,
-+ 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a,
-+ 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06,
-+ 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02,
-+ 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b,
-+ 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea,
-+ 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73,
-+ 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85,
-+ 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e,
-+ 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89,
-+ 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b,
-+ 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20,
-+ 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4,
-+ 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31,
-+ 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f,
-+ 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d,
-+ 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef,
-+ 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0,
-+ 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61,
-+ 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26,
-+ 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
-+};
-+
-+#define w0(p) 0x000000##p
-+
-+// Number of elements required in this table for different
-+// block and key lengths is:
-+//
-+// Nk = 4 6 8
-+// ----------
-+// Nb = 4 | 10 8 7
-+// 6 | 19 12 11
-+// 8 | 29 19 14
-+//
-+// this table can be a table of bytes if the key schedule
-+// code is adjusted accordingly
-+
-+static const u_int32_t rcon_tab[29] =
-+{
-+ w0(01), w0(02), w0(04), w0(08),
-+ w0(10), w0(20), w0(40), w0(80),
-+ w0(1b), w0(36), w0(6c), w0(d8),
-+ w0(ab), w0(4d), w0(9a), w0(2f),
-+ w0(5e), w0(bc), w0(63), w0(c6),
-+ w0(97), w0(35), w0(6a), w0(d4),
-+ w0(b3), w0(7d), w0(fa), w0(ef),
-+ w0(c5)
-+};
-+
-+#undef w0
-+
-+#define r0(p,q,r,s) 0x##p##q##r##s
-+#define r1(p,q,r,s) 0x##q##r##s##p
-+#define r2(p,q,r,s) 0x##r##s##p##q
-+#define r3(p,q,r,s) 0x##s##p##q##r
-+#define w0(p) 0x000000##p
-+#define w1(p) 0x0000##p##00
-+#define w2(p) 0x00##p##0000
-+#define w3(p) 0x##p##000000
-+
-+#if defined(FIXED_TABLES) && (defined(ONE_TABLE) || defined(FOUR_TABLES))
-+
-+// data for forward tables (other than last round)
-+
-+#define f_table \
-+ r(a5,63,63,c6), r(84,7c,7c,f8), r(99,77,77,ee), r(8d,7b,7b,f6),\
-+ r(0d,f2,f2,ff), r(bd,6b,6b,d6), r(b1,6f,6f,de), r(54,c5,c5,91),\
-+ r(50,30,30,60), r(03,01,01,02), r(a9,67,67,ce), r(7d,2b,2b,56),\
-+ r(19,fe,fe,e7), r(62,d7,d7,b5), r(e6,ab,ab,4d), r(9a,76,76,ec),\
-+ r(45,ca,ca,8f), r(9d,82,82,1f), r(40,c9,c9,89), r(87,7d,7d,fa),\
-+ r(15,fa,fa,ef), r(eb,59,59,b2), r(c9,47,47,8e), r(0b,f0,f0,fb),\
-+ r(ec,ad,ad,41), r(67,d4,d4,b3), r(fd,a2,a2,5f), r(ea,af,af,45),\
-+ r(bf,9c,9c,23), r(f7,a4,a4,53), r(96,72,72,e4), r(5b,c0,c0,9b),\
-+ r(c2,b7,b7,75), r(1c,fd,fd,e1), r(ae,93,93,3d), r(6a,26,26,4c),\
-+ r(5a,36,36,6c), r(41,3f,3f,7e), r(02,f7,f7,f5), r(4f,cc,cc,83),\
-+ r(5c,34,34,68), r(f4,a5,a5,51), r(34,e5,e5,d1), r(08,f1,f1,f9),\
-+ r(93,71,71,e2), r(73,d8,d8,ab), r(53,31,31,62), r(3f,15,15,2a),\
-+ r(0c,04,04,08), r(52,c7,c7,95), r(65,23,23,46), r(5e,c3,c3,9d),\
-+ r(28,18,18,30), r(a1,96,96,37), r(0f,05,05,0a), r(b5,9a,9a,2f),\
-+ r(09,07,07,0e), r(36,12,12,24), r(9b,80,80,1b), r(3d,e2,e2,df),\
-+ r(26,eb,eb,cd), r(69,27,27,4e), r(cd,b2,b2,7f), r(9f,75,75,ea),\
-+ r(1b,09,09,12), r(9e,83,83,1d), r(74,2c,2c,58), r(2e,1a,1a,34),\
-+ r(2d,1b,1b,36), r(b2,6e,6e,dc), r(ee,5a,5a,b4), r(fb,a0,a0,5b),\
-+ r(f6,52,52,a4), r(4d,3b,3b,76), r(61,d6,d6,b7), r(ce,b3,b3,7d),\
-+ r(7b,29,29,52), r(3e,e3,e3,dd), r(71,2f,2f,5e), r(97,84,84,13),\
-+ r(f5,53,53,a6), r(68,d1,d1,b9), r(00,00,00,00), r(2c,ed,ed,c1),\
-+ r(60,20,20,40), r(1f,fc,fc,e3), r(c8,b1,b1,79), r(ed,5b,5b,b6),\
-+ r(be,6a,6a,d4), r(46,cb,cb,8d), r(d9,be,be,67), r(4b,39,39,72),\
-+ r(de,4a,4a,94), r(d4,4c,4c,98), r(e8,58,58,b0), r(4a,cf,cf,85),\
-+ r(6b,d0,d0,bb), r(2a,ef,ef,c5), r(e5,aa,aa,4f), r(16,fb,fb,ed),\
-+ r(c5,43,43,86), r(d7,4d,4d,9a), r(55,33,33,66), r(94,85,85,11),\
-+ r(cf,45,45,8a), r(10,f9,f9,e9), r(06,02,02,04), r(81,7f,7f,fe),\
-+ r(f0,50,50,a0), r(44,3c,3c,78), r(ba,9f,9f,25), r(e3,a8,a8,4b),\
-+ r(f3,51,51,a2), r(fe,a3,a3,5d), r(c0,40,40,80), r(8a,8f,8f,05),\
-+ r(ad,92,92,3f), r(bc,9d,9d,21), r(48,38,38,70), r(04,f5,f5,f1),\
-+ r(df,bc,bc,63), r(c1,b6,b6,77), r(75,da,da,af), r(63,21,21,42),\
-+ r(30,10,10,20), r(1a,ff,ff,e5), r(0e,f3,f3,fd), r(6d,d2,d2,bf),\
-+ r(4c,cd,cd,81), r(14,0c,0c,18), r(35,13,13,26), r(2f,ec,ec,c3),\
-+ r(e1,5f,5f,be), r(a2,97,97,35), r(cc,44,44,88), r(39,17,17,2e),\
-+ r(57,c4,c4,93), r(f2,a7,a7,55), r(82,7e,7e,fc), r(47,3d,3d,7a),\
-+ r(ac,64,64,c8), r(e7,5d,5d,ba), r(2b,19,19,32), r(95,73,73,e6),\
-+ r(a0,60,60,c0), r(98,81,81,19), r(d1,4f,4f,9e), r(7f,dc,dc,a3),\
-+ r(66,22,22,44), r(7e,2a,2a,54), r(ab,90,90,3b), r(83,88,88,0b),\
-+ r(ca,46,46,8c), r(29,ee,ee,c7), r(d3,b8,b8,6b), r(3c,14,14,28),\
-+ r(79,de,de,a7), r(e2,5e,5e,bc), r(1d,0b,0b,16), r(76,db,db,ad),\
-+ r(3b,e0,e0,db), r(56,32,32,64), r(4e,3a,3a,74), r(1e,0a,0a,14),\
-+ r(db,49,49,92), r(0a,06,06,0c), r(6c,24,24,48), r(e4,5c,5c,b8),\
-+ r(5d,c2,c2,9f), r(6e,d3,d3,bd), r(ef,ac,ac,43), r(a6,62,62,c4),\
-+ r(a8,91,91,39), r(a4,95,95,31), r(37,e4,e4,d3), r(8b,79,79,f2),\
-+ r(32,e7,e7,d5), r(43,c8,c8,8b), r(59,37,37,6e), r(b7,6d,6d,da),\
-+ r(8c,8d,8d,01), r(64,d5,d5,b1), r(d2,4e,4e,9c), r(e0,a9,a9,49),\
-+ r(b4,6c,6c,d8), r(fa,56,56,ac), r(07,f4,f4,f3), r(25,ea,ea,cf),\
-+ r(af,65,65,ca), r(8e,7a,7a,f4), r(e9,ae,ae,47), r(18,08,08,10),\
-+ r(d5,ba,ba,6f), r(88,78,78,f0), r(6f,25,25,4a), r(72,2e,2e,5c),\
-+ r(24,1c,1c,38), r(f1,a6,a6,57), r(c7,b4,b4,73), r(51,c6,c6,97),\
-+ r(23,e8,e8,cb), r(7c,dd,dd,a1), r(9c,74,74,e8), r(21,1f,1f,3e),\
-+ r(dd,4b,4b,96), r(dc,bd,bd,61), r(86,8b,8b,0d), r(85,8a,8a,0f),\
-+ r(90,70,70,e0), r(42,3e,3e,7c), r(c4,b5,b5,71), r(aa,66,66,cc),\
-+ r(d8,48,48,90), r(05,03,03,06), r(01,f6,f6,f7), r(12,0e,0e,1c),\
-+ r(a3,61,61,c2), r(5f,35,35,6a), r(f9,57,57,ae), r(d0,b9,b9,69),\
-+ r(91,86,86,17), r(58,c1,c1,99), r(27,1d,1d,3a), r(b9,9e,9e,27),\
-+ r(38,e1,e1,d9), r(13,f8,f8,eb), r(b3,98,98,2b), r(33,11,11,22),\
-+ r(bb,69,69,d2), r(70,d9,d9,a9), r(89,8e,8e,07), r(a7,94,94,33),\
-+ r(b6,9b,9b,2d), r(22,1e,1e,3c), r(92,87,87,15), r(20,e9,e9,c9),\
-+ r(49,ce,ce,87), r(ff,55,55,aa), r(78,28,28,50), r(7a,df,df,a5),\
-+ r(8f,8c,8c,03), r(f8,a1,a1,59), r(80,89,89,09), r(17,0d,0d,1a),\
-+ r(da,bf,bf,65), r(31,e6,e6,d7), r(c6,42,42,84), r(b8,68,68,d0),\
-+ r(c3,41,41,82), r(b0,99,99,29), r(77,2d,2d,5a), r(11,0f,0f,1e),\
-+ r(cb,b0,b0,7b), r(fc,54,54,a8), r(d6,bb,bb,6d), r(3a,16,16,2c)
-+
-+// data for inverse tables (other than last round)
-+
-+#define i_table \
-+ r(50,a7,f4,51), r(53,65,41,7e), r(c3,a4,17,1a), r(96,5e,27,3a),\
-+ r(cb,6b,ab,3b), r(f1,45,9d,1f), r(ab,58,fa,ac), r(93,03,e3,4b),\
-+ r(55,fa,30,20), r(f6,6d,76,ad), r(91,76,cc,88), r(25,4c,02,f5),\
-+ r(fc,d7,e5,4f), r(d7,cb,2a,c5), r(80,44,35,26), r(8f,a3,62,b5),\
-+ r(49,5a,b1,de), r(67,1b,ba,25), r(98,0e,ea,45), r(e1,c0,fe,5d),\
-+ r(02,75,2f,c3), r(12,f0,4c,81), r(a3,97,46,8d), r(c6,f9,d3,6b),\
-+ r(e7,5f,8f,03), r(95,9c,92,15), r(eb,7a,6d,bf), r(da,59,52,95),\
-+ r(2d,83,be,d4), r(d3,21,74,58), r(29,69,e0,49), r(44,c8,c9,8e),\
-+ r(6a,89,c2,75), r(78,79,8e,f4), r(6b,3e,58,99), r(dd,71,b9,27),\
-+ r(b6,4f,e1,be), r(17,ad,88,f0), r(66,ac,20,c9), r(b4,3a,ce,7d),\
-+ r(18,4a,df,63), r(82,31,1a,e5), r(60,33,51,97), r(45,7f,53,62),\
-+ r(e0,77,64,b1), r(84,ae,6b,bb), r(1c,a0,81,fe), r(94,2b,08,f9),\
-+ r(58,68,48,70), r(19,fd,45,8f), r(87,6c,de,94), r(b7,f8,7b,52),\
-+ r(23,d3,73,ab), r(e2,02,4b,72), r(57,8f,1f,e3), r(2a,ab,55,66),\
-+ r(07,28,eb,b2), r(03,c2,b5,2f), r(9a,7b,c5,86), r(a5,08,37,d3),\
-+ r(f2,87,28,30), r(b2,a5,bf,23), r(ba,6a,03,02), r(5c,82,16,ed),\
-+ r(2b,1c,cf,8a), r(92,b4,79,a7), r(f0,f2,07,f3), r(a1,e2,69,4e),\
-+ r(cd,f4,da,65), r(d5,be,05,06), r(1f,62,34,d1), r(8a,fe,a6,c4),\
-+ r(9d,53,2e,34), r(a0,55,f3,a2), r(32,e1,8a,05), r(75,eb,f6,a4),\
-+ r(39,ec,83,0b), r(aa,ef,60,40), r(06,9f,71,5e), r(51,10,6e,bd),\
-+ r(f9,8a,21,3e), r(3d,06,dd,96), r(ae,05,3e,dd), r(46,bd,e6,4d),\
-+ r(b5,8d,54,91), r(05,5d,c4,71), r(6f,d4,06,04), r(ff,15,50,60),\
-+ r(24,fb,98,19), r(97,e9,bd,d6), r(cc,43,40,89), r(77,9e,d9,67),\
-+ r(bd,42,e8,b0), r(88,8b,89,07), r(38,5b,19,e7), r(db,ee,c8,79),\
-+ r(47,0a,7c,a1), r(e9,0f,42,7c), r(c9,1e,84,f8), r(00,00,00,00),\
-+ r(83,86,80,09), r(48,ed,2b,32), r(ac,70,11,1e), r(4e,72,5a,6c),\
-+ r(fb,ff,0e,fd), r(56,38,85,0f), r(1e,d5,ae,3d), r(27,39,2d,36),\
-+ r(64,d9,0f,0a), r(21,a6,5c,68), r(d1,54,5b,9b), r(3a,2e,36,24),\
-+ r(b1,67,0a,0c), r(0f,e7,57,93), r(d2,96,ee,b4), r(9e,91,9b,1b),\
-+ r(4f,c5,c0,80), r(a2,20,dc,61), r(69,4b,77,5a), r(16,1a,12,1c),\
-+ r(0a,ba,93,e2), r(e5,2a,a0,c0), r(43,e0,22,3c), r(1d,17,1b,12),\
-+ r(0b,0d,09,0e), r(ad,c7,8b,f2), r(b9,a8,b6,2d), r(c8,a9,1e,14),\
-+ r(85,19,f1,57), r(4c,07,75,af), r(bb,dd,99,ee), r(fd,60,7f,a3),\
-+ r(9f,26,01,f7), r(bc,f5,72,5c), r(c5,3b,66,44), r(34,7e,fb,5b),\
-+ r(76,29,43,8b), r(dc,c6,23,cb), r(68,fc,ed,b6), r(63,f1,e4,b8),\
-+ r(ca,dc,31,d7), r(10,85,63,42), r(40,22,97,13), r(20,11,c6,84),\
-+ r(7d,24,4a,85), r(f8,3d,bb,d2), r(11,32,f9,ae), r(6d,a1,29,c7),\
-+ r(4b,2f,9e,1d), r(f3,30,b2,dc), r(ec,52,86,0d), r(d0,e3,c1,77),\
-+ r(6c,16,b3,2b), r(99,b9,70,a9), r(fa,48,94,11), r(22,64,e9,47),\
-+ r(c4,8c,fc,a8), r(1a,3f,f0,a0), r(d8,2c,7d,56), r(ef,90,33,22),\
-+ r(c7,4e,49,87), r(c1,d1,38,d9), r(fe,a2,ca,8c), r(36,0b,d4,98),\
-+ r(cf,81,f5,a6), r(28,de,7a,a5), r(26,8e,b7,da), r(a4,bf,ad,3f),\
-+ r(e4,9d,3a,2c), r(0d,92,78,50), r(9b,cc,5f,6a), r(62,46,7e,54),\
-+ r(c2,13,8d,f6), r(e8,b8,d8,90), r(5e,f7,39,2e), r(f5,af,c3,82),\
-+ r(be,80,5d,9f), r(7c,93,d0,69), r(a9,2d,d5,6f), r(b3,12,25,cf),\
-+ r(3b,99,ac,c8), r(a7,7d,18,10), r(6e,63,9c,e8), r(7b,bb,3b,db),\
-+ r(09,78,26,cd), r(f4,18,59,6e), r(01,b7,9a,ec), r(a8,9a,4f,83),\
-+ r(65,6e,95,e6), r(7e,e6,ff,aa), r(08,cf,bc,21), r(e6,e8,15,ef),\
-+ r(d9,9b,e7,ba), r(ce,36,6f,4a), r(d4,09,9f,ea), r(d6,7c,b0,29),\
-+ r(af,b2,a4,31), r(31,23,3f,2a), r(30,94,a5,c6), r(c0,66,a2,35),\
-+ r(37,bc,4e,74), r(a6,ca,82,fc), r(b0,d0,90,e0), r(15,d8,a7,33),\
-+ r(4a,98,04,f1), r(f7,da,ec,41), r(0e,50,cd,7f), r(2f,f6,91,17),\
-+ r(8d,d6,4d,76), r(4d,b0,ef,43), r(54,4d,aa,cc), r(df,04,96,e4),\
-+ r(e3,b5,d1,9e), r(1b,88,6a,4c), r(b8,1f,2c,c1), r(7f,51,65,46),\
-+ r(04,ea,5e,9d), r(5d,35,8c,01), r(73,74,87,fa), r(2e,41,0b,fb),\
-+ r(5a,1d,67,b3), r(52,d2,db,92), r(33,56,10,e9), r(13,47,d6,6d),\
-+ r(8c,61,d7,9a), r(7a,0c,a1,37), r(8e,14,f8,59), r(89,3c,13,eb),\
-+ r(ee,27,a9,ce), r(35,c9,61,b7), r(ed,e5,1c,e1), r(3c,b1,47,7a),\
-+ r(59,df,d2,9c), r(3f,73,f2,55), r(79,ce,14,18), r(bf,37,c7,73),\
-+ r(ea,cd,f7,53), r(5b,aa,fd,5f), r(14,6f,3d,df), r(86,db,44,78),\
-+ r(81,f3,af,ca), r(3e,c4,68,b9), r(2c,34,24,38), r(5f,40,a3,c2),\
-+ r(72,c3,1d,16), r(0c,25,e2,bc), r(8b,49,3c,28), r(41,95,0d,ff),\
-+ r(71,01,a8,39), r(de,b3,0c,08), r(9c,e4,b4,d8), r(90,c1,56,64),\
-+ r(61,84,cb,7b), r(70,b6,32,d5), r(74,5c,6c,48), r(42,57,b8,d0)
-+
-+// generate the required tables in the desired endian format
-+
-+#undef r
-+#define r r0
-+
-+#if defined(ONE_TABLE)
-+static const u_int32_t ft_tab[256] =
-+ { f_table };
-+#elif defined(FOUR_TABLES)
-+static const u_int32_t ft_tab[4][256] =
-+{ { f_table },
-+#undef r
-+#define r r1
-+ { f_table },
-+#undef r
-+#define r r2
-+ { f_table },
-+#undef r
-+#define r r3
-+ { f_table }
-+};
-+#endif
-+
-+#undef r
-+#define r r0
-+#if defined(ONE_TABLE)
-+static const u_int32_t it_tab[256] =
-+ { i_table };
-+#elif defined(FOUR_TABLES)
-+static const u_int32_t it_tab[4][256] =
-+{ { i_table },
-+#undef r
-+#define r r1
-+ { i_table },
-+#undef r
-+#define r r2
-+ { i_table },
-+#undef r
-+#define r r3
-+ { i_table }
-+};
-+#endif
-+
-+#endif
-+
-+#if defined(FIXED_TABLES) && (defined(ONE_LR_TABLE) || defined(FOUR_LR_TABLES))
-+
-+// data for inverse tables (last round)
-+
-+#define li_table \
-+ w(52), w(09), w(6a), w(d5), w(30), w(36), w(a5), w(38),\
-+ w(bf), w(40), w(a3), w(9e), w(81), w(f3), w(d7), w(fb),\
-+ w(7c), w(e3), w(39), w(82), w(9b), w(2f), w(ff), w(87),\
-+ w(34), w(8e), w(43), w(44), w(c4), w(de), w(e9), w(cb),\
-+ w(54), w(7b), w(94), w(32), w(a6), w(c2), w(23), w(3d),\
-+ w(ee), w(4c), w(95), w(0b), w(42), w(fa), w(c3), w(4e),\
-+ w(08), w(2e), w(a1), w(66), w(28), w(d9), w(24), w(b2),\
-+ w(76), w(5b), w(a2), w(49), w(6d), w(8b), w(d1), w(25),\
-+ w(72), w(f8), w(f6), w(64), w(86), w(68), w(98), w(16),\
-+ w(d4), w(a4), w(5c), w(cc), w(5d), w(65), w(b6), w(92),\
-+ w(6c), w(70), w(48), w(50), w(fd), w(ed), w(b9), w(da),\
-+ w(5e), w(15), w(46), w(57), w(a7), w(8d), w(9d), w(84),\
-+ w(90), w(d8), w(ab), w(00), w(8c), w(bc), w(d3), w(0a),\
-+ w(f7), w(e4), w(58), w(05), w(b8), w(b3), w(45), w(06),\
-+ w(d0), w(2c), w(1e), w(8f), w(ca), w(3f), w(0f), w(02),\
-+ w(c1), w(af), w(bd), w(03), w(01), w(13), w(8a), w(6b),\
-+ w(3a), w(91), w(11), w(41), w(4f), w(67), w(dc), w(ea),\
-+ w(97), w(f2), w(cf), w(ce), w(f0), w(b4), w(e6), w(73),\
-+ w(96), w(ac), w(74), w(22), w(e7), w(ad), w(35), w(85),\
-+ w(e2), w(f9), w(37), w(e8), w(1c), w(75), w(df), w(6e),\
-+ w(47), w(f1), w(1a), w(71), w(1d), w(29), w(c5), w(89),\
-+ w(6f), w(b7), w(62), w(0e), w(aa), w(18), w(be), w(1b),\
-+ w(fc), w(56), w(3e), w(4b), w(c6), w(d2), w(79), w(20),\
-+ w(9a), w(db), w(c0), w(fe), w(78), w(cd), w(5a), w(f4),\
-+ w(1f), w(dd), w(a8), w(33), w(88), w(07), w(c7), w(31),\
-+ w(b1), w(12), w(10), w(59), w(27), w(80), w(ec), w(5f),\
-+ w(60), w(51), w(7f), w(a9), w(19), w(b5), w(4a), w(0d),\
-+ w(2d), w(e5), w(7a), w(9f), w(93), w(c9), w(9c), w(ef),\
-+ w(a0), w(e0), w(3b), w(4d), w(ae), w(2a), w(f5), w(b0),\
-+ w(c8), w(eb), w(bb), w(3c), w(83), w(53), w(99), w(61),\
-+ w(17), w(2b), w(04), w(7e), w(ba), w(77), w(d6), w(26),\
-+ w(e1), w(69), w(14), w(63), w(55), w(21), w(0c), w(7d),
-+
-+// generate the required tables in the desired endian format
-+
-+#undef r
-+#define r(p,q,r,s) w0(q)
-+#if defined(ONE_LR_TABLE)
-+static const u_int32_t fl_tab[256] =
-+ { f_table };
-+#elif defined(FOUR_LR_TABLES)
-+static const u_int32_t fl_tab[4][256] =
-+{ { f_table },
-+#undef r
-+#define r(p,q,r,s) w1(q)
-+ { f_table },
-+#undef r
-+#define r(p,q,r,s) w2(q)
-+ { f_table },
-+#undef r
-+#define r(p,q,r,s) w3(q)
-+ { f_table }
-+};
-+#endif
-+
-+#undef w
-+#define w w0
-+#if defined(ONE_LR_TABLE)
-+static const u_int32_t il_tab[256] =
-+ { li_table };
-+#elif defined(FOUR_LR_TABLES)
-+static const u_int32_t il_tab[4][256] =
-+{ { li_table },
-+#undef w
-+#define w w1
-+ { li_table },
-+#undef w
-+#define w w2
-+ { li_table },
-+#undef w
-+#define w w3
-+ { li_table }
-+};
-+#endif
-+
-+#endif
-+
-+#if defined(FIXED_TABLES) && (defined(ONE_IM_TABLE) || defined(FOUR_IM_TABLES))
-+
-+#define m_table \
-+ r(00,00,00,00), r(0b,0d,09,0e), r(16,1a,12,1c), r(1d,17,1b,12),\
-+ r(2c,34,24,38), r(27,39,2d,36), r(3a,2e,36,24), r(31,23,3f,2a),\
-+ r(58,68,48,70), r(53,65,41,7e), r(4e,72,5a,6c), r(45,7f,53,62),\
-+ r(74,5c,6c,48), r(7f,51,65,46), r(62,46,7e,54), r(69,4b,77,5a),\
-+ r(b0,d0,90,e0), r(bb,dd,99,ee), r(a6,ca,82,fc), r(ad,c7,8b,f2),\
-+ r(9c,e4,b4,d8), r(97,e9,bd,d6), r(8a,fe,a6,c4), r(81,f3,af,ca),\
-+ r(e8,b8,d8,90), r(e3,b5,d1,9e), r(fe,a2,ca,8c), r(f5,af,c3,82),\
-+ r(c4,8c,fc,a8), r(cf,81,f5,a6), r(d2,96,ee,b4), r(d9,9b,e7,ba),\
-+ r(7b,bb,3b,db), r(70,b6,32,d5), r(6d,a1,29,c7), r(66,ac,20,c9),\
-+ r(57,8f,1f,e3), r(5c,82,16,ed), r(41,95,0d,ff), r(4a,98,04,f1),\
-+ r(23,d3,73,ab), r(28,de,7a,a5), r(35,c9,61,b7), r(3e,c4,68,b9),\
-+ r(0f,e7,57,93), r(04,ea,5e,9d), r(19,fd,45,8f), r(12,f0,4c,81),\
-+ r(cb,6b,ab,3b), r(c0,66,a2,35), r(dd,71,b9,27), r(d6,7c,b0,29),\
-+ r(e7,5f,8f,03), r(ec,52,86,0d), r(f1,45,9d,1f), r(fa,48,94,11),\
-+ r(93,03,e3,4b), r(98,0e,ea,45), r(85,19,f1,57), r(8e,14,f8,59),\
-+ r(bf,37,c7,73), r(b4,3a,ce,7d), r(a9,2d,d5,6f), r(a2,20,dc,61),\
-+ r(f6,6d,76,ad), r(fd,60,7f,a3), r(e0,77,64,b1), r(eb,7a,6d,bf),\
-+ r(da,59,52,95), r(d1,54,5b,9b), r(cc,43,40,89), r(c7,4e,49,87),\
-+ r(ae,05,3e,dd), r(a5,08,37,d3), r(b8,1f,2c,c1), r(b3,12,25,cf),\
-+ r(82,31,1a,e5), r(89,3c,13,eb), r(94,2b,08,f9), r(9f,26,01,f7),\
-+ r(46,bd,e6,4d), r(4d,b0,ef,43), r(50,a7,f4,51), r(5b,aa,fd,5f),\
-+ r(6a,89,c2,75), r(61,84,cb,7b), r(7c,93,d0,69), r(77,9e,d9,67),\
-+ r(1e,d5,ae,3d), r(15,d8,a7,33), r(08,cf,bc,21), r(03,c2,b5,2f),\
-+ r(32,e1,8a,05), r(39,ec,83,0b), r(24,fb,98,19), r(2f,f6,91,17),\
-+ r(8d,d6,4d,76), r(86,db,44,78), r(9b,cc,5f,6a), r(90,c1,56,64),\
-+ r(a1,e2,69,4e), r(aa,ef,60,40), r(b7,f8,7b,52), r(bc,f5,72,5c),\
-+ r(d5,be,05,06), r(de,b3,0c,08), r(c3,a4,17,1a), r(c8,a9,1e,14),\
-+ r(f9,8a,21,3e), r(f2,87,28,30), r(ef,90,33,22), r(e4,9d,3a,2c),\
-+ r(3d,06,dd,96), r(36,0b,d4,98), r(2b,1c,cf,8a), r(20,11,c6,84),\
-+ r(11,32,f9,ae), r(1a,3f,f0,a0), r(07,28,eb,b2), r(0c,25,e2,bc),\
-+ r(65,6e,95,e6), r(6e,63,9c,e8), r(73,74,87,fa), r(78,79,8e,f4),\
-+ r(49,5a,b1,de), r(42,57,b8,d0), r(5f,40,a3,c2), r(54,4d,aa,cc),\
-+ r(f7,da,ec,41), r(fc,d7,e5,4f), r(e1,c0,fe,5d), r(ea,cd,f7,53),\
-+ r(db,ee,c8,79), r(d0,e3,c1,77), r(cd,f4,da,65), r(c6,f9,d3,6b),\
-+ r(af,b2,a4,31), r(a4,bf,ad,3f), r(b9,a8,b6,2d), r(b2,a5,bf,23),\
-+ r(83,86,80,09), r(88,8b,89,07), r(95,9c,92,15), r(9e,91,9b,1b),\
-+ r(47,0a,7c,a1), r(4c,07,75,af), r(51,10,6e,bd), r(5a,1d,67,b3),\
-+ r(6b,3e,58,99), r(60,33,51,97), r(7d,24,4a,85), r(76,29,43,8b),\
-+ r(1f,62,34,d1), r(14,6f,3d,df), r(09,78,26,cd), r(02,75,2f,c3),\
-+ r(33,56,10,e9), r(38,5b,19,e7), r(25,4c,02,f5), r(2e,41,0b,fb),\
-+ r(8c,61,d7,9a), r(87,6c,de,94), r(9a,7b,c5,86), r(91,76,cc,88),\
-+ r(a0,55,f3,a2), r(ab,58,fa,ac), r(b6,4f,e1,be), r(bd,42,e8,b0),\
-+ r(d4,09,9f,ea), r(df,04,96,e4), r(c2,13,8d,f6), r(c9,1e,84,f8),\
-+ r(f8,3d,bb,d2), r(f3,30,b2,dc), r(ee,27,a9,ce), r(e5,2a,a0,c0),\
-+ r(3c,b1,47,7a), r(37,bc,4e,74), r(2a,ab,55,66), r(21,a6,5c,68),\
-+ r(10,85,63,42), r(1b,88,6a,4c), r(06,9f,71,5e), r(0d,92,78,50),\
-+ r(64,d9,0f,0a), r(6f,d4,06,04), r(72,c3,1d,16), r(79,ce,14,18),\
-+ r(48,ed,2b,32), r(43,e0,22,3c), r(5e,f7,39,2e), r(55,fa,30,20),\
-+ r(01,b7,9a,ec), r(0a,ba,93,e2), r(17,ad,88,f0), r(1c,a0,81,fe),\
-+ r(2d,83,be,d4), r(26,8e,b7,da), r(3b,99,ac,c8), r(30,94,a5,c6),\
-+ r(59,df,d2,9c), r(52,d2,db,92), r(4f,c5,c0,80), r(44,c8,c9,8e),\
-+ r(75,eb,f6,a4), r(7e,e6,ff,aa), r(63,f1,e4,b8), r(68,fc,ed,b6),\
-+ r(b1,67,0a,0c), r(ba,6a,03,02), r(a7,7d,18,10), r(ac,70,11,1e),\
-+ r(9d,53,2e,34), r(96,5e,27,3a), r(8b,49,3c,28), r(80,44,35,26),\
-+ r(e9,0f,42,7c), r(e2,02,4b,72), r(ff,15,50,60), r(f4,18,59,6e),\
-+ r(c5,3b,66,44), r(ce,36,6f,4a), r(d3,21,74,58), r(d8,2c,7d,56),\
-+ r(7a,0c,a1,37), r(71,01,a8,39), r(6c,16,b3,2b), r(67,1b,ba,25),\
-+ r(56,38,85,0f), r(5d,35,8c,01), r(40,22,97,13), r(4b,2f,9e,1d),\
-+ r(22,64,e9,47), r(29,69,e0,49), r(34,7e,fb,5b), r(3f,73,f2,55),\
-+ r(0e,50,cd,7f), r(05,5d,c4,71), r(18,4a,df,63), r(13,47,d6,6d),\
-+ r(ca,dc,31,d7), r(c1,d1,38,d9), r(dc,c6,23,cb), r(d7,cb,2a,c5),\
-+ r(e6,e8,15,ef), r(ed,e5,1c,e1), r(f0,f2,07,f3), r(fb,ff,0e,fd),\
-+ r(92,b4,79,a7), r(99,b9,70,a9), r(84,ae,6b,bb), r(8f,a3,62,b5),\
-+ r(be,80,5d,9f), r(b5,8d,54,91), r(a8,9a,4f,83), r(a3,97,46,8d)
-+
-+#undef r
-+#define r r0
-+
-+#if defined(ONE_IM_TABLE)
-+static const u_int32_t im_tab[256] =
-+ { m_table };
-+#elif defined(FOUR_IM_TABLES)
-+static const u_int32_t im_tab[4][256] =
-+{ { m_table },
-+#undef r
-+#define r r1
-+ { m_table },
-+#undef r
-+#define r r2
-+ { m_table },
-+#undef r
-+#define r r3
-+ { m_table }
-+};
-+#endif
-+
-+#endif
-+
-+#else
-+
-+static int tab_gen = 0;
-+
-+static unsigned char s_box[256]; // the S box
-+static unsigned char inv_s_box[256]; // the inverse S box
-+static u_int32_t rcon_tab[AES_RC_LENGTH]; // table of round constants
-+
-+#if defined(ONE_TABLE)
-+static u_int32_t ft_tab[256];
-+static u_int32_t it_tab[256];
-+#elif defined(FOUR_TABLES)
-+static u_int32_t ft_tab[4][256];
-+static u_int32_t it_tab[4][256];
-+#endif
-+
-+#if defined(ONE_LR_TABLE)
-+static u_int32_t fl_tab[256];
-+static u_int32_t il_tab[256];
-+#elif defined(FOUR_LR_TABLES)
-+static u_int32_t fl_tab[4][256];
-+static u_int32_t il_tab[4][256];
-+#endif
-+
-+#if defined(ONE_IM_TABLE)
-+static u_int32_t im_tab[256];
-+#elif defined(FOUR_IM_TABLES)
-+static u_int32_t im_tab[4][256];
-+#endif
-+
-+// Generate the tables for the dynamic table option
-+
-+#if !defined(FF_TABLES)
-+
-+// It will generally be sensible to use tables to compute finite
-+// field multiplies and inverses but where memory is scarse this
-+// code might sometimes be better.
-+
-+// return 2 ^ (n - 1) where n is the bit number of the highest bit
-+// set in x with x in the range 1 < x < 0x00000200. This form is
-+// used so that locals within FFinv can be bytes rather than words
-+
-+static unsigned char hibit(const u_int32_t x)
-+{ unsigned char r = (unsigned char)((x >> 1) | (x >> 2));
-+
-+ r |= (r >> 2);
-+ r |= (r >> 4);
-+ return (r + 1) >> 1;
-+}
-+
-+// return the inverse of the finite field element x
-+
-+static unsigned char FFinv(const unsigned char x)
-+{ unsigned char p1 = x, p2 = 0x1b, n1 = hibit(x), n2 = 0x80, v1 = 1, v2 = 0;
-+
-+ if(x < 2) return x;
-+
-+ for(;;)
-+ {
-+ if(!n1) return v1;
-+
-+ while(n2 >= n1)
-+ {
-+ n2 /= n1; p2 ^= p1 * n2; v2 ^= v1 * n2; n2 = hibit(p2);
-+ }
-+
-+ if(!n2) return v2;
-+
-+ while(n1 >= n2)
-+ {
-+ n1 /= n2; p1 ^= p2 * n1; v1 ^= v2 * n1; n1 = hibit(p1);
-+ }
-+ }
-+}
-+
-+// define the finite field multiplies required for Rijndael
-+
-+#define FFmul02(x) ((((x) & 0x7f) << 1) ^ ((x) & 0x80 ? 0x1b : 0))
-+#define FFmul03(x) ((x) ^ FFmul02(x))
-+#define FFmul09(x) ((x) ^ FFmul02(FFmul02(FFmul02(x))))
-+#define FFmul0b(x) ((x) ^ FFmul02((x) ^ FFmul02(FFmul02(x))))
-+#define FFmul0d(x) ((x) ^ FFmul02(FFmul02((x) ^ FFmul02(x))))
-+#define FFmul0e(x) FFmul02((x) ^ FFmul02((x) ^ FFmul02(x)))
-+
-+#else
-+
-+#define FFinv(x) ((x) ? pow[255 - log[x]]: 0)
-+
-+#define FFmul02(x) (x ? pow[log[x] + 0x19] : 0)
-+#define FFmul03(x) (x ? pow[log[x] + 0x01] : 0)
-+#define FFmul09(x) (x ? pow[log[x] + 0xc7] : 0)
-+#define FFmul0b(x) (x ? pow[log[x] + 0x68] : 0)
-+#define FFmul0d(x) (x ? pow[log[x] + 0xee] : 0)
-+#define FFmul0e(x) (x ? pow[log[x] + 0xdf] : 0)
-+
-+#endif
-+
-+// The forward and inverse affine transformations used in the S-box
-+
-+#define fwd_affine(x) \
-+ (w = (u_int32_t)x, w ^= (w<<1)^(w<<2)^(w<<3)^(w<<4), 0x63^(unsigned char)(w^(w>>8)))
-+
-+#define inv_affine(x) \
-+ (w = (u_int32_t)x, w = (w<<1)^(w<<3)^(w<<6), 0x05^(unsigned char)(w^(w>>8)))
-+
-+static void gen_tabs(void)
-+{ u_int32_t i, w;
-+
-+#if defined(FF_TABLES)
-+
-+ unsigned char pow[512], log[256];
-+
-+ // log and power tables for GF(2^8) finite field with
-+ // 0x011b as modular polynomial - the simplest primitive
-+ // root is 0x03, used here to generate the tables
-+
-+ i = 0; w = 1;
-+ do
-+ {
-+ pow[i] = (unsigned char)w;
-+ pow[i + 255] = (unsigned char)w;
-+ log[w] = (unsigned char)i++;
-+ w ^= (w << 1) ^ (w & ff_hi ? ff_poly : 0);
-+ }
-+ while (w != 1);
-+
-+#endif
-+
-+ for(i = 0, w = 1; i < AES_RC_LENGTH; ++i)
-+ {
-+ rcon_tab[i] = bytes2word(w, 0, 0, 0);
-+ w = (w << 1) ^ (w & ff_hi ? ff_poly : 0);
-+ }
-+
-+ for(i = 0; i < 256; ++i)
-+ { unsigned char b;
-+
-+ s_box[i] = b = fwd_affine(FFinv((unsigned char)i));
-+
-+ w = bytes2word(b, 0, 0, 0);
-+#if defined(ONE_LR_TABLE)
-+ fl_tab[i] = w;
-+#elif defined(FOUR_LR_TABLES)
-+ fl_tab[0][i] = w;
-+ fl_tab[1][i] = upr(w,1);
-+ fl_tab[2][i] = upr(w,2);
-+ fl_tab[3][i] = upr(w,3);
-+#endif
-+ w = bytes2word(FFmul02(b), b, b, FFmul03(b));
-+#if defined(ONE_TABLE)
-+ ft_tab[i] = w;
-+#elif defined(FOUR_TABLES)
-+ ft_tab[0][i] = w;
-+ ft_tab[1][i] = upr(w,1);
-+ ft_tab[2][i] = upr(w,2);
-+ ft_tab[3][i] = upr(w,3);
-+#endif
-+ inv_s_box[i] = b = FFinv(inv_affine((unsigned char)i));
-+
-+ w = bytes2word(b, 0, 0, 0);
-+#if defined(ONE_LR_TABLE)
-+ il_tab[i] = w;
-+#elif defined(FOUR_LR_TABLES)
-+ il_tab[0][i] = w;
-+ il_tab[1][i] = upr(w,1);
-+ il_tab[2][i] = upr(w,2);
-+ il_tab[3][i] = upr(w,3);
-+#endif
-+ w = bytes2word(FFmul0e(b), FFmul09(b), FFmul0d(b), FFmul0b(b));
-+#if defined(ONE_TABLE)
-+ it_tab[i] = w;
-+#elif defined(FOUR_TABLES)
-+ it_tab[0][i] = w;
-+ it_tab[1][i] = upr(w,1);
-+ it_tab[2][i] = upr(w,2);
-+ it_tab[3][i] = upr(w,3);
-+#endif
-+#if defined(ONE_IM_TABLE)
-+ im_tab[b] = w;
-+#elif defined(FOUR_IM_TABLES)
-+ im_tab[0][b] = w;
-+ im_tab[1][b] = upr(w,1);
-+ im_tab[2][b] = upr(w,2);
-+ im_tab[3][b] = upr(w,3);
-+#endif
-+
-+ }
-+}
-+
-+#endif
-+
-+#define no_table(x,box,vf,rf,c) bytes2word( \
-+ box[bval(vf(x,0,c),rf(0,c))], \
-+ box[bval(vf(x,1,c),rf(1,c))], \
-+ box[bval(vf(x,2,c),rf(2,c))], \
-+ box[bval(vf(x,3,c),rf(3,c))])
-+
-+#define one_table(x,op,tab,vf,rf,c) \
-+ ( tab[bval(vf(x,0,c),rf(0,c))] \
-+ ^ op(tab[bval(vf(x,1,c),rf(1,c))],1) \
-+ ^ op(tab[bval(vf(x,2,c),rf(2,c))],2) \
-+ ^ op(tab[bval(vf(x,3,c),rf(3,c))],3))
-+
-+#define four_tables(x,tab,vf,rf,c) \
-+ ( tab[0][bval(vf(x,0,c),rf(0,c))] \
-+ ^ tab[1][bval(vf(x,1,c),rf(1,c))] \
-+ ^ tab[2][bval(vf(x,2,c),rf(2,c))] \
-+ ^ tab[3][bval(vf(x,3,c),rf(3,c))])
-+
-+#define vf1(x,r,c) (x)
-+#define rf1(r,c) (r)
-+#define rf2(r,c) ((r-c)&3)
-+
-+#if defined(FOUR_LR_TABLES)
-+#define ls_box(x,c) four_tables(x,fl_tab,vf1,rf2,c)
-+#elif defined(ONE_LR_TABLE)
-+#define ls_box(x,c) one_table(x,upr,fl_tab,vf1,rf2,c)
-+#else
-+#define ls_box(x,c) no_table(x,s_box,vf1,rf2,c)
-+#endif
-+
-+#if defined(FOUR_IM_TABLES)
-+#define inv_mcol(x) four_tables(x,im_tab,vf1,rf1,0)
-+#elif defined(ONE_IM_TABLE)
-+#define inv_mcol(x) one_table(x,upr,im_tab,vf1,rf1,0)
-+#else
-+#define inv_mcol(x) \
-+ (f9 = (x),f2 = FFmulX(f9), f4 = FFmulX(f2), f8 = FFmulX(f4), f9 ^= f8, \
-+ f2 ^= f4 ^ f8 ^ upr(f2 ^ f9,3) ^ upr(f4 ^ f9,2) ^ upr(f9,1))
-+#endif
-+
-+// Subroutine to set the block size (if variable) in bytes, legal
-+// values being 16, 24 and 32.
-+
-+#if defined(AES_BLOCK_SIZE)
-+#define nc (AES_BLOCK_SIZE / 4)
-+#else
-+#define nc (cx->aes_Ncol)
-+
-+void aes_set_blk(aes_context *cx, int n_bytes)
-+{
-+#if !defined(FIXED_TABLES)
-+ if(!tab_gen) { gen_tabs(); tab_gen = 1; }
-+#endif
-+
-+ switch(n_bytes) {
-+ case 32: /* bytes */
-+ case 256: /* bits */
-+ nc = 8;
-+ break;
-+ case 24: /* bytes */
-+ case 192: /* bits */
-+ nc = 6;
-+ break;
-+ case 16: /* bytes */
-+ case 128: /* bits */
-+ default:
-+ nc = 4;
-+ break;
-+ }
-+}
-+
-+#endif
-+
-+// Initialise the key schedule from the user supplied key. The key
-+// length is now specified in bytes - 16, 24 or 32 as appropriate.
-+// This corresponds to bit lengths of 128, 192 and 256 bits, and
-+// to Nk values of 4, 6 and 8 respectively.
-+
-+#define mx(t,f) (*t++ = inv_mcol(*f),f++)
-+#define cp(t,f) *t++ = *f++
-+
-+#if AES_BLOCK_SIZE == 16
-+#define cpy(d,s) cp(d,s); cp(d,s); cp(d,s); cp(d,s)
-+#define mix(d,s) mx(d,s); mx(d,s); mx(d,s); mx(d,s)
-+#elif AES_BLOCK_SIZE == 24
-+#define cpy(d,s) cp(d,s); cp(d,s); cp(d,s); cp(d,s); \
-+ cp(d,s); cp(d,s)
-+#define mix(d,s) mx(d,s); mx(d,s); mx(d,s); mx(d,s); \
-+ mx(d,s); mx(d,s)
-+#elif AES_BLOCK_SIZE == 32
-+#define cpy(d,s) cp(d,s); cp(d,s); cp(d,s); cp(d,s); \
-+ cp(d,s); cp(d,s); cp(d,s); cp(d,s)
-+#define mix(d,s) mx(d,s); mx(d,s); mx(d,s); mx(d,s); \
-+ mx(d,s); mx(d,s); mx(d,s); mx(d,s)
-+#else
-+
-+#define cpy(d,s) \
-+switch(nc) \
-+{ case 8: cp(d,s); cp(d,s); \
-+ case 6: cp(d,s); cp(d,s); \
-+ case 4: cp(d,s); cp(d,s); \
-+ cp(d,s); cp(d,s); \
-+}
-+
-+#define mix(d,s) \
-+switch(nc) \
-+{ case 8: mx(d,s); mx(d,s); \
-+ case 6: mx(d,s); mx(d,s); \
-+ case 4: mx(d,s); mx(d,s); \
-+ mx(d,s); mx(d,s); \
-+}
-+
-+#endif
-+
-+void aes_set_key(aes_context *cx, const unsigned char in_key[], int n_bytes, const int f)
-+{ u_int32_t *kf, *kt, rci;
-+
-+#if !defined(FIXED_TABLES)
-+ if(!tab_gen) { gen_tabs(); tab_gen = 1; }
-+#endif
-+
-+ switch(n_bytes) {
-+ case 32: /* bytes */
-+ case 256: /* bits */
-+ cx->aes_Nkey = 8;
-+ break;
-+ case 24: /* bytes */
-+ case 192: /* bits */
-+ cx->aes_Nkey = 6;
-+ break;
-+ case 16: /* bytes */
-+ case 128: /* bits */
-+ default:
-+ cx->aes_Nkey = 4;
-+ break;
-+ }
-+
-+ cx->aes_Nrnd = (cx->aes_Nkey > nc ? cx->aes_Nkey : nc) + 6;
-+
-+ cx->aes_e_key[0] = const_word_in(in_key );
-+ cx->aes_e_key[1] = const_word_in(in_key + 4);
-+ cx->aes_e_key[2] = const_word_in(in_key + 8);
-+ cx->aes_e_key[3] = const_word_in(in_key + 12);
-+
-+ kf = cx->aes_e_key;
-+ kt = kf + nc * (cx->aes_Nrnd + 1) - cx->aes_Nkey;
-+ rci = 0;
-+
-+ switch(cx->aes_Nkey)
-+ {
-+ case 4: do
-+ { kf[4] = kf[0] ^ ls_box(kf[3],3) ^ rcon_tab[rci++];
-+ kf[5] = kf[1] ^ kf[4];
-+ kf[6] = kf[2] ^ kf[5];
-+ kf[7] = kf[3] ^ kf[6];
-+ kf += 4;
-+ }
-+ while(kf < kt);
-+ break;
-+
-+ case 6: cx->aes_e_key[4] = const_word_in(in_key + 16);
-+ cx->aes_e_key[5] = const_word_in(in_key + 20);
-+ do
-+ { kf[ 6] = kf[0] ^ ls_box(kf[5],3) ^ rcon_tab[rci++];
-+ kf[ 7] = kf[1] ^ kf[ 6];
-+ kf[ 8] = kf[2] ^ kf[ 7];
-+ kf[ 9] = kf[3] ^ kf[ 8];
-+ kf[10] = kf[4] ^ kf[ 9];
-+ kf[11] = kf[5] ^ kf[10];
-+ kf += 6;
-+ }
-+ while(kf < kt);
-+ break;
-+
-+ case 8: cx->aes_e_key[4] = const_word_in(in_key + 16);
-+ cx->aes_e_key[5] = const_word_in(in_key + 20);
-+ cx->aes_e_key[6] = const_word_in(in_key + 24);
-+ cx->aes_e_key[7] = const_word_in(in_key + 28);
-+ do
-+ { kf[ 8] = kf[0] ^ ls_box(kf[7],3) ^ rcon_tab[rci++];
-+ kf[ 9] = kf[1] ^ kf[ 8];
-+ kf[10] = kf[2] ^ kf[ 9];
-+ kf[11] = kf[3] ^ kf[10];
-+ kf[12] = kf[4] ^ ls_box(kf[11],0);
-+ kf[13] = kf[5] ^ kf[12];
-+ kf[14] = kf[6] ^ kf[13];
-+ kf[15] = kf[7] ^ kf[14];
-+ kf += 8;
-+ }
-+ while (kf < kt);
-+ break;
-+ }
-+
-+ if(!f)
-+ { u_int32_t i;
-+
-+ kt = cx->aes_d_key + nc * cx->aes_Nrnd;
-+ kf = cx->aes_e_key;
-+
-+ cpy(kt, kf); kt -= 2 * nc;
-+
-+ for(i = 1; i < cx->aes_Nrnd; ++i)
-+ {
-+#if defined(ONE_TABLE) || defined(FOUR_TABLES)
-+#if !defined(ONE_IM_TABLE) && !defined(FOUR_IM_TABLES)
-+ u_int32_t f2, f4, f8, f9;
-+#endif
-+ mix(kt, kf);
-+#else
-+ cpy(kt, kf);
-+#endif
-+ kt -= 2 * nc;
-+ }
-+
-+ cpy(kt, kf);
-+ }
-+}
-+
-+// y = output word, x = input word, r = row, c = column
-+// for r = 0, 1, 2 and 3 = column accessed for row r
-+
-+#if defined(ARRAYS)
-+#define s(x,c) x[c]
-+#else
-+#define s(x,c) x##c
-+#endif
-+
-+// I am grateful to Frank Yellin for the following constructions
-+// which, given the column (c) of the output state variable that
-+// is being computed, return the input state variables which are
-+// needed for each row (r) of the state
-+
-+// For the fixed block size options, compilers reduce these two
-+// expressions to fixed variable references. For variable block
-+// size code conditional clauses will sometimes be returned
-+
-+#define unused 77 // Sunset Strip
-+
-+#define fwd_var(x,r,c) \
-+ ( r==0 ? \
-+ ( c==0 ? s(x,0) \
-+ : c==1 ? s(x,1) \
-+ : c==2 ? s(x,2) \
-+ : c==3 ? s(x,3) \
-+ : c==4 ? s(x,4) \
-+ : c==5 ? s(x,5) \
-+ : c==6 ? s(x,6) \
-+ : s(x,7)) \
-+ : r==1 ? \
-+ ( c==0 ? s(x,1) \
-+ : c==1 ? s(x,2) \
-+ : c==2 ? s(x,3) \
-+ : c==3 ? nc==4 ? s(x,0) : s(x,4) \
-+ : c==4 ? s(x,5) \
-+ : c==5 ? nc==8 ? s(x,6) : s(x,0) \
-+ : c==6 ? s(x,7) \
-+ : s(x,0)) \
-+ : r==2 ? \
-+ ( c==0 ? nc==8 ? s(x,3) : s(x,2) \
-+ : c==1 ? nc==8 ? s(x,4) : s(x,3) \
-+ : c==2 ? nc==4 ? s(x,0) : nc==8 ? s(x,5) : s(x,4) \
-+ : c==3 ? nc==4 ? s(x,1) : nc==8 ? s(x,6) : s(x,5) \
-+ : c==4 ? nc==8 ? s(x,7) : s(x,0) \
-+ : c==5 ? nc==8 ? s(x,0) : s(x,1) \
-+ : c==6 ? s(x,1) \
-+ : s(x,2)) \
-+ : \
-+ ( c==0 ? nc==8 ? s(x,4) : s(x,3) \
-+ : c==1 ? nc==4 ? s(x,0) : nc==8 ? s(x,5) : s(x,4) \
-+ : c==2 ? nc==4 ? s(x,1) : nc==8 ? s(x,6) : s(x,5) \
-+ : c==3 ? nc==4 ? s(x,2) : nc==8 ? s(x,7) : s(x,0) \
-+ : c==4 ? nc==8 ? s(x,0) : s(x,1) \
-+ : c==5 ? nc==8 ? s(x,1) : s(x,2) \
-+ : c==6 ? s(x,2) \
-+ : s(x,3)))
-+
-+#define inv_var(x,r,c) \
-+ ( r==0 ? \
-+ ( c==0 ? s(x,0) \
-+ : c==1 ? s(x,1) \
-+ : c==2 ? s(x,2) \
-+ : c==3 ? s(x,3) \
-+ : c==4 ? s(x,4) \
-+ : c==5 ? s(x,5) \
-+ : c==6 ? s(x,6) \
-+ : s(x,7)) \
-+ : r==1 ? \
-+ ( c==0 ? nc==4 ? s(x,3) : nc==8 ? s(x,7) : s(x,5) \
-+ : c==1 ? s(x,0) \
-+ : c==2 ? s(x,1) \
-+ : c==3 ? s(x,2) \
-+ : c==4 ? s(x,3) \
-+ : c==5 ? s(x,4) \
-+ : c==6 ? s(x,5) \
-+ : s(x,6)) \
-+ : r==2 ? \
-+ ( c==0 ? nc==4 ? s(x,2) : nc==8 ? s(x,5) : s(x,4) \
-+ : c==1 ? nc==4 ? s(x,3) : nc==8 ? s(x,6) : s(x,5) \
-+ : c==2 ? nc==8 ? s(x,7) : s(x,0) \
-+ : c==3 ? nc==8 ? s(x,0) : s(x,1) \
-+ : c==4 ? nc==8 ? s(x,1) : s(x,2) \
-+ : c==5 ? nc==8 ? s(x,2) : s(x,3) \
-+ : c==6 ? s(x,3) \
-+ : s(x,4)) \
-+ : \
-+ ( c==0 ? nc==4 ? s(x,1) : nc==8 ? s(x,4) : s(x,3) \
-+ : c==1 ? nc==4 ? s(x,2) : nc==8 ? s(x,5) : s(x,4) \
-+ : c==2 ? nc==4 ? s(x,3) : nc==8 ? s(x,6) : s(x,5) \
-+ : c==3 ? nc==8 ? s(x,7) : s(x,0) \
-+ : c==4 ? nc==8 ? s(x,0) : s(x,1) \
-+ : c==5 ? nc==8 ? s(x,1) : s(x,2) \
-+ : c==6 ? s(x,2) \
-+ : s(x,3)))
-+
-+#define si(y,x,k,c) s(y,c) = const_word_in(x + 4 * c) ^ k[c]
-+#define so(y,x,c) word_out(y + 4 * c, s(x,c))
-+
-+#if defined(FOUR_TABLES)
-+#define fwd_rnd(y,x,k,c) s(y,c)= (k)[c] ^ four_tables(x,ft_tab,fwd_var,rf1,c)
-+#define inv_rnd(y,x,k,c) s(y,c)= (k)[c] ^ four_tables(x,it_tab,inv_var,rf1,c)
-+#elif defined(ONE_TABLE)
-+#define fwd_rnd(y,x,k,c) s(y,c)= (k)[c] ^ one_table(x,upr,ft_tab,fwd_var,rf1,c)
-+#define inv_rnd(y,x,k,c) s(y,c)= (k)[c] ^ one_table(x,upr,it_tab,inv_var,rf1,c)
-+#else
-+#define fwd_rnd(y,x,k,c) s(y,c) = fwd_mcol(no_table(x,s_box,fwd_var,rf1,c)) ^ (k)[c]
-+#define inv_rnd(y,x,k,c) s(y,c) = inv_mcol(no_table(x,inv_s_box,inv_var,rf1,c) ^ (k)[c])
-+#endif
-+
-+#if defined(FOUR_LR_TABLES)
-+#define fwd_lrnd(y,x,k,c) s(y,c)= (k)[c] ^ four_tables(x,fl_tab,fwd_var,rf1,c)
-+#define inv_lrnd(y,x,k,c) s(y,c)= (k)[c] ^ four_tables(x,il_tab,inv_var,rf1,c)
-+#elif defined(ONE_LR_TABLE)
-+#define fwd_lrnd(y,x,k,c) s(y,c)= (k)[c] ^ one_table(x,ups,fl_tab,fwd_var,rf1,c)
-+#define inv_lrnd(y,x,k,c) s(y,c)= (k)[c] ^ one_table(x,ups,il_tab,inv_var,rf1,c)
-+#else
-+#define fwd_lrnd(y,x,k,c) s(y,c) = no_table(x,s_box,fwd_var,rf1,c) ^ (k)[c]
-+#define inv_lrnd(y,x,k,c) s(y,c) = no_table(x,inv_s_box,inv_var,rf1,c) ^ (k)[c]
-+#endif
-+
-+#if AES_BLOCK_SIZE == 16
-+
-+#if defined(ARRAYS)
-+#define locals(y,x) x[4],y[4]
-+#else
-+#define locals(y,x) x##0,x##1,x##2,x##3,y##0,y##1,y##2,y##3
-+// the following defines prevent the compiler requiring the declaration
-+// of generated but unused variables in the fwd_var and inv_var macros
-+#define b04 unused
-+#define b05 unused
-+#define b06 unused
-+#define b07 unused
-+#define b14 unused
-+#define b15 unused
-+#define b16 unused
-+#define b17 unused
-+#endif
-+#define l_copy(y, x) s(y,0) = s(x,0); s(y,1) = s(x,1); \
-+ s(y,2) = s(x,2); s(y,3) = s(x,3);
-+#define state_in(y,x,k) si(y,x,k,0); si(y,x,k,1); si(y,x,k,2); si(y,x,k,3)
-+#define state_out(y,x) so(y,x,0); so(y,x,1); so(y,x,2); so(y,x,3)
-+#define round(rm,y,x,k) rm(y,x,k,0); rm(y,x,k,1); rm(y,x,k,2); rm(y,x,k,3)
-+
-+#elif AES_BLOCK_SIZE == 24
-+
-+#if defined(ARRAYS)
-+#define locals(y,x) x[6],y[6]
-+#else
-+#define locals(y,x) x##0,x##1,x##2,x##3,x##4,x##5, \
-+ y##0,y##1,y##2,y##3,y##4,y##5
-+#define b06 unused
-+#define b07 unused
-+#define b16 unused
-+#define b17 unused
-+#endif
-+#define l_copy(y, x) s(y,0) = s(x,0); s(y,1) = s(x,1); \
-+ s(y,2) = s(x,2); s(y,3) = s(x,3); \
-+ s(y,4) = s(x,4); s(y,5) = s(x,5);
-+#define state_in(y,x,k) si(y,x,k,0); si(y,x,k,1); si(y,x,k,2); \
-+ si(y,x,k,3); si(y,x,k,4); si(y,x,k,5)
-+#define state_out(y,x) so(y,x,0); so(y,x,1); so(y,x,2); \
-+ so(y,x,3); so(y,x,4); so(y,x,5)
-+#define round(rm,y,x,k) rm(y,x,k,0); rm(y,x,k,1); rm(y,x,k,2); \
-+ rm(y,x,k,3); rm(y,x,k,4); rm(y,x,k,5)
-+#else
-+
-+#if defined(ARRAYS)
-+#define locals(y,x) x[8],y[8]
-+#else
-+#define locals(y,x) x##0,x##1,x##2,x##3,x##4,x##5,x##6,x##7, \
-+ y##0,y##1,y##2,y##3,y##4,y##5,y##6,y##7
-+#endif
-+#define l_copy(y, x) s(y,0) = s(x,0); s(y,1) = s(x,1); \
-+ s(y,2) = s(x,2); s(y,3) = s(x,3); \
-+ s(y,4) = s(x,4); s(y,5) = s(x,5); \
-+ s(y,6) = s(x,6); s(y,7) = s(x,7);
-+
-+#if AES_BLOCK_SIZE == 32
-+
-+#define state_in(y,x,k) si(y,x,k,0); si(y,x,k,1); si(y,x,k,2); si(y,x,k,3); \
-+ si(y,x,k,4); si(y,x,k,5); si(y,x,k,6); si(y,x,k,7)
-+#define state_out(y,x) so(y,x,0); so(y,x,1); so(y,x,2); so(y,x,3); \
-+ so(y,x,4); so(y,x,5); so(y,x,6); so(y,x,7)
-+#define round(rm,y,x,k) rm(y,x,k,0); rm(y,x,k,1); rm(y,x,k,2); rm(y,x,k,3); \
-+ rm(y,x,k,4); rm(y,x,k,5); rm(y,x,k,6); rm(y,x,k,7)
-+#else
-+
-+#define state_in(y,x,k) \
-+switch(nc) \
-+{ case 8: si(y,x,k,7); si(y,x,k,6); \
-+ case 6: si(y,x,k,5); si(y,x,k,4); \
-+ case 4: si(y,x,k,3); si(y,x,k,2); \
-+ si(y,x,k,1); si(y,x,k,0); \
-+}
-+
-+#define state_out(y,x) \
-+switch(nc) \
-+{ case 8: so(y,x,7); so(y,x,6); \
-+ case 6: so(y,x,5); so(y,x,4); \
-+ case 4: so(y,x,3); so(y,x,2); \
-+ so(y,x,1); so(y,x,0); \
-+}
-+
-+#if defined(FAST_VARIABLE)
-+
-+#define round(rm,y,x,k) \
-+switch(nc) \
-+{ case 8: rm(y,x,k,7); rm(y,x,k,6); \
-+ rm(y,x,k,5); rm(y,x,k,4); \
-+ rm(y,x,k,3); rm(y,x,k,2); \
-+ rm(y,x,k,1); rm(y,x,k,0); \
-+ break; \
-+ case 6: rm(y,x,k,5); rm(y,x,k,4); \
-+ rm(y,x,k,3); rm(y,x,k,2); \
-+ rm(y,x,k,1); rm(y,x,k,0); \
-+ break; \
-+ case 4: rm(y,x,k,3); rm(y,x,k,2); \
-+ rm(y,x,k,1); rm(y,x,k,0); \
-+ break; \
-+}
-+#else
-+
-+#define round(rm,y,x,k) \
-+switch(nc) \
-+{ case 8: rm(y,x,k,7); rm(y,x,k,6); \
-+ case 6: rm(y,x,k,5); rm(y,x,k,4); \
-+ case 4: rm(y,x,k,3); rm(y,x,k,2); \
-+ rm(y,x,k,1); rm(y,x,k,0); \
-+}
-+
-+#endif
-+
-+#endif
-+#endif
-+
-+void aes_encrypt(const aes_context *cx, const unsigned char in_blk[], unsigned char out_blk[])
-+{ u_int32_t locals(b0, b1);
-+ const u_int32_t *kp = cx->aes_e_key;
-+
-+#if !defined(ONE_TABLE) && !defined(FOUR_TABLES)
-+ u_int32_t f2;
-+#endif
-+
-+ state_in(b0, in_blk, kp); kp += nc;
-+
-+#if defined(UNROLL)
-+
-+ switch(cx->aes_Nrnd)
-+ {
-+ case 14: round(fwd_rnd, b1, b0, kp );
-+ round(fwd_rnd, b0, b1, kp + nc ); kp += 2 * nc;
-+ case 12: round(fwd_rnd, b1, b0, kp );
-+ round(fwd_rnd, b0, b1, kp + nc ); kp += 2 * nc;
-+ case 10: round(fwd_rnd, b1, b0, kp );
-+ round(fwd_rnd, b0, b1, kp + nc);
-+ round(fwd_rnd, b1, b0, kp + 2 * nc);
-+ round(fwd_rnd, b0, b1, kp + 3 * nc);
-+ round(fwd_rnd, b1, b0, kp + 4 * nc);
-+ round(fwd_rnd, b0, b1, kp + 5 * nc);
-+ round(fwd_rnd, b1, b0, kp + 6 * nc);
-+ round(fwd_rnd, b0, b1, kp + 7 * nc);
-+ round(fwd_rnd, b1, b0, kp + 8 * nc);
-+ round(fwd_lrnd, b0, b1, kp + 9 * nc);
-+ }
-+
-+#elif defined(PARTIAL_UNROLL)
-+ { u_int32_t rnd;
-+
-+ for(rnd = 0; rnd < (cx->aes_Nrnd >> 1) - 1; ++rnd)
-+ {
-+ round(fwd_rnd, b1, b0, kp);
-+ round(fwd_rnd, b0, b1, kp + nc); kp += 2 * nc;
-+ }
-+
-+ round(fwd_rnd, b1, b0, kp);
-+ round(fwd_lrnd, b0, b1, kp + nc);
-+ }
-+#else
-+ { u_int32_t rnd;
-+
-+ for(rnd = 0; rnd < cx->aes_Nrnd - 1; ++rnd)
-+ {
-+ round(fwd_rnd, b1, b0, kp);
-+ l_copy(b0, b1); kp += nc;
-+ }
-+
-+ round(fwd_lrnd, b0, b1, kp);
-+ }
-+#endif
-+
-+ state_out(out_blk, b0);
-+}
-+
-+void aes_decrypt(const aes_context *cx, const unsigned char in_blk[], unsigned char out_blk[])
-+{ u_int32_t locals(b0, b1);
-+ const u_int32_t *kp = cx->aes_d_key;
-+
-+#if !defined(ONE_TABLE) && !defined(FOUR_TABLES)
-+ u_int32_t f2, f4, f8, f9;
-+#endif
-+
-+ state_in(b0, in_blk, kp); kp += nc;
-+
-+#if defined(UNROLL)
-+
-+ switch(cx->aes_Nrnd)
-+ {
-+ case 14: round(inv_rnd, b1, b0, kp );
-+ round(inv_rnd, b0, b1, kp + nc ); kp += 2 * nc;
-+ case 12: round(inv_rnd, b1, b0, kp );
-+ round(inv_rnd, b0, b1, kp + nc ); kp += 2 * nc;
-+ case 10: round(inv_rnd, b1, b0, kp );
-+ round(inv_rnd, b0, b1, kp + nc);
-+ round(inv_rnd, b1, b0, kp + 2 * nc);
-+ round(inv_rnd, b0, b1, kp + 3 * nc);
-+ round(inv_rnd, b1, b0, kp + 4 * nc);
-+ round(inv_rnd, b0, b1, kp + 5 * nc);
-+ round(inv_rnd, b1, b0, kp + 6 * nc);
-+ round(inv_rnd, b0, b1, kp + 7 * nc);
-+ round(inv_rnd, b1, b0, kp + 8 * nc);
-+ round(inv_lrnd, b0, b1, kp + 9 * nc);
-+ }
-+
-+#elif defined(PARTIAL_UNROLL)
-+ { u_int32_t rnd;
-+
-+ for(rnd = 0; rnd < (cx->aes_Nrnd >> 1) - 1; ++rnd)
-+ {
-+ round(inv_rnd, b1, b0, kp);
-+ round(inv_rnd, b0, b1, kp + nc); kp += 2 * nc;
-+ }
-+
-+ round(inv_rnd, b1, b0, kp);
-+ round(inv_lrnd, b0, b1, kp + nc);
-+ }
-+#else
-+ { u_int32_t rnd;
-+
-+ for(rnd = 0; rnd < cx->aes_Nrnd - 1; ++rnd)
-+ {
-+ round(inv_rnd, b1, b0, kp);
-+ l_copy(b0, b1); kp += nc;
-+ }
-+
-+ round(inv_lrnd, b0, b1, kp);
-+ }
-+#endif
-+
-+ state_out(out_blk, b0);
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/aes/aes_cbc.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,46 @@
-+/*
-+// I retain copyright in this code but I encourage its free use provided
-+// that I don't carry any responsibility for the results. I am especially
-+// happy to see it used in free and open source software. If you do use
-+// it I would appreciate an acknowledgement of its origin in the code or
-+// the product that results and I would also appreciate knowing a little
-+// about the use to which it is being put. I am grateful to Frank Yellin
-+// for some ideas that are used in this implementation.
-+//
-+// Dr B. R. Gladman <brg@gladman.uk.net> 6th April 2001.
-+//
-+// This is an implementation of the AES encryption algorithm (Rijndael)
-+// designed by Joan Daemen and Vincent Rijmen. This version is designed
-+// to provide both fixed and dynamic block and key lengths and can also
-+// run with either big or little endian internal byte order (see aes.h).
-+// It inputs block and key lengths in bytes with the legal values being
-+// 16, 24 and 32.
-+*
-+*/
-+
-+#ifdef __KERNEL__
-+#include <linux/types.h>
-+#else
-+#include <sys/types.h>
-+#endif
-+#include "crypto/aes_cbc.h"
-+#include "crypto/cbc_generic.h"
-+
-+/* returns bool success */
-+int AES_set_key(aes_context *aes_ctx, const u_int8_t *key, int keysize) {
-+ aes_set_key(aes_ctx, key, keysize, 0);
-+ return 1;
-+}
-+CBC_IMPL_BLK16(AES_cbc_encrypt, aes_context, u_int8_t *, aes_encrypt, aes_decrypt);
-+
-+
-+/*
-+ * $Log: aes_cbc.c,v $
-+ * Revision 1.2 2004-07-10 07:48:40 mcr
-+ * Moved from linux/crypto/ciphers/aes/aes_cbc.c,v
-+ *
-+ * Revision 1.1 2004/04/06 02:48:12 mcr
-+ * pullup of AES cipher from alg-branch.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/aes/aes_xcbc_mac.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,67 @@
-+#ifdef __KERNEL__
-+#include <linux/types.h>
-+#include <linux/kernel.h>
-+#define DEBUG(x)
-+#else
-+#include <stdio.h>
-+#include <sys/types.h>
-+#define DEBUG(x) x
-+#endif
-+
-+#include "crypto/aes.h"
-+#include "crypto/aes_xcbc_mac.h"
-+
-+int AES_xcbc_mac_set_key(aes_context_mac *ctxm, const u_int8_t *key, int keylen)
-+{
-+ int ret=1;
-+ aes_block kn[3] = {
-+ { 0x01010101, 0x01010101, 0x01010101, 0x01010101 },
-+ { 0x02020202, 0x02020202, 0x02020202, 0x02020202 },
-+ { 0x03030303, 0x03030303, 0x03030303, 0x03030303 },
-+ };
-+ aes_set_key(&ctxm->ctx_k1, key, keylen, 0);
-+ aes_encrypt(&ctxm->ctx_k1, (u_int8_t *) kn[0], (u_int8_t *) kn[0]);
-+ aes_encrypt(&ctxm->ctx_k1, (u_int8_t *) kn[1], (u_int8_t *) ctxm->k2);
-+ aes_encrypt(&ctxm->ctx_k1, (u_int8_t *) kn[2], (u_int8_t *) ctxm->k3);
-+ aes_set_key(&ctxm->ctx_k1, (u_int8_t *) kn[0], 16, 0);
-+ return ret;
-+}
-+static void do_pad_xor(u_int8_t *out, const u_int8_t *in, int len) {
-+ int pos=0;
-+ for (pos=1; pos <= 16; pos++, in++, out++) {
-+ if (pos <= len)
-+ *out ^= *in;
-+ if (pos > len) {
-+ DEBUG(printf("put 0x80 at pos=%d\n", pos));
-+ *out ^= 0x80;
-+ break;
-+ }
-+ }
-+}
-+static void xor_block(aes_block res, const aes_block op) {
-+ res[0] ^= op[0];
-+ res[1] ^= op[1];
-+ res[2] ^= op[2];
-+ res[3] ^= op[3];
-+}
-+int AES_xcbc_mac_hash(const aes_context_mac *ctxm, const u_int8_t * in, int ilen, u_int8_t hash[16]) {
-+ int ret=ilen;
-+ u_int32_t out[4] = { 0, 0, 0, 0 };
-+ for (; ilen > 16 ; ilen-=16) {
-+ xor_block(out, (const u_int32_t*) &in[0]);
-+ aes_encrypt(&ctxm->ctx_k1, in, (u_int8_t *)&out[0]);
-+ in+=16;
-+ }
-+ do_pad_xor((u_int8_t *)&out, in, ilen);
-+ if (ilen==16) {
-+ DEBUG(printf("using k3\n"));
-+ xor_block(out, ctxm->k3);
-+ }
-+ else
-+ {
-+ DEBUG(printf("using k2\n"));
-+ xor_block(out, ctxm->k2);
-+ }
-+ aes_encrypt(&ctxm->ctx_k1, (u_int8_t *)out, hash);
-+ return ret;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/aes/ipsec_alg_aes.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,296 @@
-+/*
-+ * ipsec_alg AES cipher stubs
-+ *
-+ * Author: JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar>
-+ *
-+ * ipsec_alg_aes.c,v 1.1.2.1 2003/11/21 18:12:23 jjo Exp
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * Fixes by:
-+ * PK: Pawel Krawczyk <kravietz@aba.krakow.pl>
-+ * Fixes list:
-+ * PK: make XCBC comply with latest draft (keylength)
-+ *
-+ */
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+
-+/*
-+ * special case: ipsec core modular with this static algo inside:
-+ * must avoid MODULE magic for this file
-+ */
-+#if defined(CONFIG_KLIPS_MODULE) && defined(CONFIG_KLIPS_ENC_AES)
-+#undef MODULE
-+#endif
-+
-+#include <linux/module.h>
-+#include <linux/init.h>
-+
-+#include <linux/kernel.h> /* printk() */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/string.h>
-+
-+/* Check if __exit is defined, if not null it */
-+#ifndef __exit
-+#define __exit
-+#endif
-+
-+/* Low freeswan header coupling */
-+#include "openswan/ipsec_alg.h"
-+#include "crypto/aes_cbc.h"
-+
-+#define CONFIG_KLIPS_ENC_AES_MAC 1
-+
-+#define AES_CONTEXT_T aes_context
-+static int debug_aes=0;
-+static int test_aes=0;
-+static int excl_aes=0;
-+static int keyminbits=0;
-+static int keymaxbits=0;
-+#if defined(CONFIG_KLIPS_ENC_AES_MODULE)
-+MODULE_AUTHOR("JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar>");
-+#ifdef module_param
-+module_param(debug_aes,int,0600)
-+module_param(test_aes,int,0600)
-+module_param(excl_aes,int,0600)
-+module_param(keyminbits,int,0600)
-+module_param(keymaxbits,int,0600)
-+#else
-+MODULE_PARM(debug_aes, "i");
-+MODULE_PARM(test_aes, "i");
-+MODULE_PARM(excl_aes, "i");
-+MODULE_PARM(keyminbits, "i");
-+MODULE_PARM(keymaxbits, "i");
-+#endif
-+#endif
-+
-+#if CONFIG_KLIPS_ENC_AES_MAC
-+#include "crypto/aes_xcbc_mac.h"
-+
-+/*
-+ * Not IANA number yet (draft-ietf-ipsec-ciph-aes-xcbc-mac-00.txt).
-+ * We use 9 for non-modular algorithm and none for modular, thus
-+ * forcing user to specify one on module load. -kravietz
-+ */
-+#ifdef MODULE
-+static int auth_id=0;
-+#else
-+static int auth_id=9;
-+#endif
-+#ifdef module_param
-+module_param(auth_id, int, 0600);
-+#else
-+MODULE_PARM(auth_id, "i");
-+#endif
-+#endif
-+
-+#define ESP_AES 12 /* truely _constant_ :) */
-+
-+/* 128, 192 or 256 */
-+#define ESP_AES_KEY_SZ_MIN 16 /* 128 bit secret key */
-+#define ESP_AES_KEY_SZ_MAX 32 /* 256 bit secret key */
-+#define ESP_AES_CBC_BLK_LEN 16 /* AES-CBC block size */
-+
-+/* Values according to draft-ietf-ipsec-ciph-aes-xcbc-mac-02.txt
-+ * -kravietz
-+ */
-+#define ESP_AES_MAC_KEY_SZ 16 /* 128 bit MAC key */
-+#define ESP_AES_MAC_BLK_LEN 16 /* 128 bit block */
-+
-+static int _aes_set_key(struct ipsec_alg_enc *alg,
-+ __u8 * key_e, const __u8 * key,
-+ size_t keysize)
-+{
-+ int ret;
-+ AES_CONTEXT_T *ctx=(AES_CONTEXT_T*)key_e;
-+ ret=AES_set_key(ctx, key, keysize)!=0? 0: -EINVAL;
-+ if (debug_aes > 0)
-+ printk(KERN_DEBUG "klips_debug:_aes_set_key:"
-+ "ret=%d key_e=%p key=%p keysize=%ld\n",
-+ ret, key_e, key, (unsigned long int) keysize);
-+ return ret;
-+}
-+
-+static int _aes_cbc_encrypt(struct ipsec_alg_enc *alg, __u8 * key_e,
-+ __u8 * in, int ilen, const __u8 * iv,
-+ int encrypt)
-+{
-+ AES_CONTEXT_T *ctx=(AES_CONTEXT_T*)key_e;
-+ if (debug_aes > 0)
-+ printk(KERN_DEBUG "klips_debug:_aes_cbc_encrypt:"
-+ "key_e=%p in=%p ilen=%d iv=%p encrypt=%d\n",
-+ key_e, in, ilen, iv, encrypt);
-+ return AES_cbc_encrypt(ctx, in, in, ilen, iv, encrypt);
-+}
-+#if CONFIG_KLIPS_ENC_AES_MAC
-+static int _aes_mac_set_key(struct ipsec_alg_auth *alg, __u8 * key_a, const __u8 * key, int keylen) {
-+ aes_context_mac *ctxm=(aes_context_mac *)key_a;
-+ return AES_xcbc_mac_set_key(ctxm, key, keylen)? 0 : -EINVAL;
-+}
-+static int _aes_mac_hash(struct ipsec_alg_auth *alg, __u8 * key_a, const __u8 * dat, int len, __u8 * hash, int hashlen) {
-+ int ret;
-+ char hash_buf[16];
-+ aes_context_mac *ctxm=(aes_context_mac *)key_a;
-+ ret=AES_xcbc_mac_hash(ctxm, dat, len, hash_buf);
-+ memcpy(hash, hash_buf, hashlen);
-+ return ret;
-+}
-+static struct ipsec_alg_auth ipsec_alg_AES_MAC = {
-+ ixt_common: { ixt_version: IPSEC_ALG_VERSION,
-+ ixt_refcnt: ATOMIC_INIT(0),
-+ ixt_name: "aes_mac",
-+ ixt_blocksize: ESP_AES_MAC_BLK_LEN,
-+ ixt_support: {
-+ ias_exttype: IPSEC_ALG_TYPE_AUTH,
-+ ias_id: 0,
-+ ias_keyminbits: ESP_AES_MAC_KEY_SZ*8,
-+ ias_keymaxbits: ESP_AES_MAC_KEY_SZ*8,
-+ },
-+ },
-+#if defined(CONFIG_KLIPS_ENC_AES_MODULE)
-+ ixt_module: THIS_MODULE,
-+#endif
-+ ixt_a_keylen: ESP_AES_MAC_KEY_SZ,
-+ ixt_a_ctx_size: sizeof(aes_context_mac),
-+ ixt_a_hmac_set_key: _aes_mac_set_key,
-+ ixt_a_hmac_hash:_aes_mac_hash,
-+};
-+#endif /* CONFIG_KLIPS_ENC_AES_MAC */
-+static struct ipsec_alg_enc ipsec_alg_AES = {
-+ ixt_common: { ixt_version: IPSEC_ALG_VERSION,
-+ ixt_refcnt: ATOMIC_INIT(0),
-+ ixt_name: "aes",
-+ ixt_blocksize: ESP_AES_CBC_BLK_LEN,
-+ ixt_support: {
-+ ias_exttype: IPSEC_ALG_TYPE_ENCRYPT,
-+ ias_id: ESP_AES,
-+ ias_keyminbits: ESP_AES_KEY_SZ_MIN*8,
-+ ias_keymaxbits: ESP_AES_KEY_SZ_MAX*8,
-+ },
-+ },
-+#if defined(CONFIG_KLIPS_ENC_AES_MODULE)
-+ ixt_module: THIS_MODULE,
-+#endif
-+ ixt_e_keylen: ESP_AES_KEY_SZ_MAX,
-+ ixt_e_ctx_size: sizeof(AES_CONTEXT_T),
-+ ixt_e_set_key: _aes_set_key,
-+ ixt_e_cbc_encrypt:_aes_cbc_encrypt,
-+};
-+
-+#if defined(CONFIG_KLIPS_ENC_AES_MODULE)
-+IPSEC_ALG_MODULE_INIT_MOD( ipsec_aes_init )
-+#else
-+IPSEC_ALG_MODULE_INIT_STATIC( ipsec_aes_init )
-+#endif
-+{
-+ int ret, test_ret;
-+
-+ if (keyminbits)
-+ ipsec_alg_AES.ixt_common.ixt_support.ias_keyminbits=keyminbits;
-+ if (keymaxbits) {
-+ ipsec_alg_AES.ixt_common.ixt_support.ias_keymaxbits=keymaxbits;
-+ if (keymaxbits*8>ipsec_alg_AES.ixt_common.ixt_support.ias_keymaxbits)
-+ ipsec_alg_AES.ixt_e_keylen=keymaxbits*8;
-+ }
-+ if (excl_aes) ipsec_alg_AES.ixt_common.ixt_state |= IPSEC_ALG_ST_EXCL;
-+ ret=register_ipsec_alg_enc(&ipsec_alg_AES);
-+ printk("ipsec_aes_init(alg_type=%d alg_id=%d name=%s): ret=%d\n",
-+ ipsec_alg_AES.ixt_common.ixt_support.ias_exttype,
-+ ipsec_alg_AES.ixt_common.ixt_support.ias_id,
-+ ipsec_alg_AES.ixt_common.ixt_name,
-+ ret);
-+ if (ret==0 && test_aes) {
-+ test_ret=ipsec_alg_test(
-+ ipsec_alg_AES.ixt_common.ixt_support.ias_exttype ,
-+ ipsec_alg_AES.ixt_common.ixt_support.ias_id,
-+ test_aes);
-+ printk("ipsec_aes_init(alg_type=%d alg_id=%d): test_ret=%d\n",
-+ ipsec_alg_AES.ixt_common.ixt_support.ias_exttype ,
-+ ipsec_alg_AES.ixt_common.ixt_support.ias_id,
-+ test_ret);
-+ }
-+#if CONFIG_KLIPS_ENC_AES_MAC
-+ if (auth_id!=0){
-+ int ret;
-+ ipsec_alg_AES_MAC.ixt_common.ixt_support.ias_id=auth_id;
-+ ret=register_ipsec_alg_auth(&ipsec_alg_AES_MAC);
-+ printk("ipsec_aes_init(alg_type=%d alg_id=%d name=%s): ret=%d\n",
-+ ipsec_alg_AES_MAC.ixt_common.ixt_support.ias_exttype,
-+ ipsec_alg_AES_MAC.ixt_common.ixt_support.ias_id,
-+ ipsec_alg_AES_MAC.ixt_common.ixt_name,
-+ ret);
-+ if (ret==0 && test_aes) {
-+ test_ret=ipsec_alg_test(
-+ ipsec_alg_AES_MAC.ixt_common.ixt_support.ias_exttype,
-+ ipsec_alg_AES_MAC.ixt_common.ixt_support.ias_id,
-+ test_aes);
-+ printk("ipsec_aes_init(alg_type=%d alg_id=%d): test_ret=%d\n",
-+ ipsec_alg_AES_MAC.ixt_common.ixt_support.ias_exttype,
-+ ipsec_alg_AES_MAC.ixt_common.ixt_support.ias_id,
-+ test_ret);
-+ }
-+ } else {
-+ printk(KERN_DEBUG "klips_debug: experimental ipsec_alg_AES_MAC not registered [Ok] (auth_id=%d)\n", auth_id);
-+ }
-+#endif /* CONFIG_KLIPS_ENC_AES_MAC */
-+ return ret;
-+}
-+
-+#if defined(CONFIG_KLIPS_ENC_AES_MODULE)
-+IPSEC_ALG_MODULE_EXIT_MOD( ipsec_aes_fini )
-+#else
-+IPSEC_ALG_MODULE_EXIT_STATIC( ipsec_aes_fini )
-+#endif
-+{
-+#if CONFIG_KLIPS_ENC_AES_MAC
-+ if (auth_id) unregister_ipsec_alg_auth(&ipsec_alg_AES_MAC);
-+#endif /* CONFIG_KLIPS_ENC_AES_MAC */
-+ unregister_ipsec_alg_enc(&ipsec_alg_AES);
-+ return;
-+}
-+#ifdef MODULE_LICENSE
-+MODULE_LICENSE("GPL");
-+#endif
-+
-+#if 0 /* +NOT_YET */
-+#ifndef MODULE
-+/*
-+ * This is intended for static module setups, currently
-+ * doesn't work for modular ipsec.o with static algos inside
-+ */
-+static int setup_keybits(const char *str)
-+{
-+ unsigned aux;
-+ char *end;
-+
-+ aux = simple_strtoul(str,&end,0);
-+ if (aux != 128 && aux != 192 && aux != 256)
-+ return 0;
-+ keyminbits = aux;
-+
-+ if (*end == 0 || *end != ',')
-+ return 1;
-+ str=end+1;
-+ aux = simple_strtoul(str, NULL, 0);
-+ if (aux != 128 && aux != 192 && aux != 256)
-+ return 0;
-+ if (aux >= keyminbits)
-+ keymaxbits = aux;
-+ return 1;
-+}
-+__setup("ipsec_aes_keybits=", setup_keybits);
-+#endif
-+#endif
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/alg/Config.alg_aes.in Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,3 @@
-+if [ "$CONFIG_IPSEC_ALG" = "y" ]; then
-+ tristate ' AES encryption algorithm' CONFIG_IPSEC_ENC_AES
-+fi
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/alg/Config.alg_cryptoapi.in Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,6 @@
-+if [ "$CONFIG_IPSEC_ALG" = "y" ]; then
-+ dep_tristate ' CRYPTOAPI ciphers support (needs cryptoapi patch)' CONFIG_IPSEC_ALG_CRYPTOAPI $CONFIG_CRYPTO
-+ if [ "$CONFIG_IPSEC_ALG_CRYPTOAPI" != "n" ]; then
-+ bool ' CRYPTOAPI proprietary ciphers ' CONFIG_IPSEC_ALG_NON_LIBRE
-+ fi
-+fi
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/alg/Config.in Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,3 @@
-+#Placeholder
-+source net/ipsec/alg/Config.alg_aes.in
-+source net/ipsec/alg/Config.alg_cryptoapi.in
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/alg/Makefile Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,112 @@
-+# Makefile,v 1.1.2.1 2003/11/21 18:12:23 jjo Exp
-+ifeq ($(strip $(KLIPSMODULE)),)
-+FREESWANSRCDIR=.
-+else
-+FREESWANSRCDIR=../../../..
-+endif
-+ifeq ($(strip $(KLIPS_TOP)),)
-+KLIPS_TOP=../../..
-+override EXTRA_CFLAGS += -I$(KLIPS_TOP)/include
-+endif
-+
-+ifeq ($(CONFIG_IPSEC_DEBUG),y)
-+override EXTRA_CFLAGS += -g
-+endif
-+
-+# LIBCRYPTO normally comes as an argument from "parent" Makefile
-+# (this applies both to FS' "make module" and eg. Linux' "make modules"
-+# But make dep doest follow same evaluations, so we need this default:
-+LIBCRYPTO=$(TOPDIR)/lib/libcrypto
-+
-+override EXTRA_CFLAGS += -I$(LIBCRYPTO)/include
-+override EXTRA_CFLAGS += -Wall -Wpointer-arith -Wstrict-prototypes
-+
-+MOD_LIST_NAME := NET_MISC_MODULES
-+
-+#O_TARGET := static_init.o
-+
-+subdir- :=
-+subdir-n :=
-+subdir-y :=
-+subdir-m :=
-+
-+obj-y := static_init.o
-+
-+ARCH_ASM-y :=
-+ARCH_ASM-$(CONFIG_M586) := i586
-+ARCH_ASM-$(CONFIG_M586TSC) := i586
-+ARCH_ASM-$(CONFIG_M586MMX) := i586
-+ARCH_ASM-$(CONFIG_MK6) := i586
-+ARCH_ASM-$(CONFIG_M686) := i686
-+ARCH_ASM-$(CONFIG_MPENTIUMIII) := i686
-+ARCH_ASM-$(CONFIG_MPENTIUM4) := i686
-+ARCH_ASM-$(CONFIG_MK7) := i686
-+ARCH_ASM-$(CONFIG_MCRUSOE) := i586
-+ARCH_ASM-$(CONFIG_MWINCHIPC6) := i586
-+ARCH_ASM-$(CONFIG_MWINCHIP2) := i586
-+ARCH_ASM-$(CONFIG_MWINCHIP3D) := i586
-+ARCH_ASM-$(CONFIG_USERMODE) := i586
-+
-+ARCH_ASM :=$(ARCH_ASM-y)
-+ifdef NO_ASM
-+ARCH_ASM :=
-+endif
-+
-+# The algorithm makefiles may put dependences, short-circuit them
-+null:
-+
-+makefiles=$(filter-out %.preipsec, $(wildcard Makefile.alg_*))
-+ifneq ($(makefiles),)
-+#include Makefile.alg_aes
-+#include Makefile.alg_aes-opt
-+include $(makefiles)
-+endif
-+
-+# These rules translate from new to old makefile rules
-+# Translate to Rules.make lists.
-+multi-used := $(filter $(list-multi), $(obj-y) $(obj-m))
-+multi-objs := $(foreach m, $(multi-used), $($(basename $(m))-objs))
-+active-objs := $(sort $(multi-objs) $(obj-y) $(obj-m))
-+O_OBJS := $(obj-y)
-+M_OBJS := $(obj-m)
-+MIX_OBJS := $(filter $(export-objs), $(active-objs))
-+#OX_OBJS := $(export-objs)
-+SUB_DIRS := $(subdir-y)
-+ALL_SUB_DIRS := $(subdir-y) $(subdir-m)
-+MOD_SUB_DIRS := $(subdir-m)
-+
-+
-+static_init_mod.o: $(obj-y)
-+ rm -f $@
-+ $(LD) $(LD_EXTRAFLAGS) $(obj-y) -r -o $@
-+
-+perlasm: ../../../crypto/ciphers/des/asm/perlasm
-+ ln -sf $? $@
-+
-+$(obj-y) $(obj-m): $(TOPDIR)/include/linux/config.h $(TOPDIR)/include/linux/autoconf.h $(KLIPS_TOP)/include/freeswan/ipsec_alg.h
-+$(alg_obj-y) $(alg_obj-m): perlasm $(TOPDIR)/include/linux/config.h $(TOPDIR)/include/linux/autoconf.h $(KLIPS_TOP)/include/freeswan/ipsec_alg.h
-+
-+
-+all_alg_modules: perlasm $(ALG_MODULES)
-+ @echo "ALG_MODULES=$(ALG_MODULES)"
-+
-+
-+#
-+# Construct alg. init. function: call ipsec_ALGO_init() for every static algo
-+# Needed when there are static algos (with static or modular ipsec.o)
-+#
-+static_init.c: $(TOPDIR)/include/linux/autoconf.h Makefile $(makefiles) scripts/mk-static_init.c.sh
-+ @echo "Re-creating $@"
-+ $(SHELL) scripts/mk-static_init.c.sh $(static_init-func-y) > $@
-+
-+clean:
-+ @for i in $(ALG_SUBDIRS);do test -d $$i && make -C $$i clean;done;exit 0
-+ @find . -type l -exec rm -f {} \;
-+ -rm -f perlasm
-+ -rm -rf $(ALG_SUBDIRS)
-+ -rm -f *.o static_init.c
-+
-+ifdef TOPDIR
-+include $(TOPDIR)/Rules.make
-+endif
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/alg/Makefile.alg_aes Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,18 @@
-+MOD_AES := ipsec_aes.o
-+
-+ALG_MODULES += $(MOD_AES)
-+ALG_SUBDIRS += libaes
-+
-+obj-$(CONFIG_IPSEC_ALG_AES) += $(MOD_AES)
-+static_init-func-$(CONFIG_IPSEC_ALG_AES)+= ipsec_aes_init
-+alg_obj-$(CONFIG_IPSEC_ALG_AES) += ipsec_alg_aes.o
-+
-+AES_OBJS := ipsec_alg_aes.o $(LIBCRYPTO)/libaes/libaes.a
-+
-+
-+$(MOD_AES): $(AES_OBJS)
-+ $(LD) $(EXTRA_LDFLAGS) -r $(AES_OBJS) -o $@
-+
-+$(LIBCRYPTO)/libaes/libaes.a:
-+ $(MAKE) -C $(LIBCRYPTO)/libaes CC='$(CC)' 'ARCH_ASM=$(ARCH_ASM)' CFLAGS='$(CFLAGS) $(EXTRA_CFLAGS)' libaes.a
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/alg/Makefile.alg_cryptoapi Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,14 @@
-+MOD_CRYPTOAPI := ipsec_cryptoapi.o
-+
-+ifneq ($(wildcard $(TOPDIR)/include/linux/crypto.h),)
-+ALG_MODULES += $(MOD_CRYPTOAPI)
-+obj-$(CONFIG_IPSEC_ALG_CRYPTOAPI) += $(MOD_CRYPTOAPI)
-+static_init-func-$(CONFIG_IPSEC_ALG_CRYPTOAPI)+= ipsec_cryptoapi_init
-+alg_obj-$(CONFIG_IPSEC_ALG_CRYPTOAPI) += ipsec_alg_cryptoapi.o
-+else
-+$(warning "Linux CryptoAPI (2.4.22+ or 2.6.x) not found, not building ipsec_cryptoapi.o")
-+endif
-+
-+CRYPTOAPI_OBJS := ipsec_alg_cryptoapi.o
-+$(MOD_CRYPTOAPI): $(CRYPTOAPI_OBJS)
-+ $(LD) -r $(CRYPTOAPI_OBJS) -o $@
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/alg/ipsec_alg_cryptoapi.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,442 @@
-+/*
-+ * ipsec_alg to linux cryptoapi GLUE
-+ *
-+ * Authors: CODE.ar TEAM
-+ * Harpo MAxx <harpo@linuxmendoza.org.ar>
-+ * JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar>
-+ * Luciano Ruete <docemeses@softhome.net>
-+ *
-+ * ipsec_alg_cryptoapi.c,v 1.1.2.1 2003/11/21 18:12:23 jjo Exp
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * Example usage:
-+ * modinfo -p ipsec_cryptoapi (quite useful info, including supported algos)
-+ * modprobe ipsec_cryptoapi
-+ * modprobe ipsec_cryptoapi test=1
-+ * modprobe ipsec_cryptoapi excl=1 (exclusive cipher/algo)
-+ * modprobe ipsec_cryptoapi noauto=1 aes=1 twofish=1 (only these ciphers)
-+ * modprobe ipsec_cryptoapi aes=128,128 (force these keylens)
-+ * modprobe ipsec_cryptoapi des_ede3=0 (everything but 3DES)
-+ */
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+
-+/*
-+ * special case: ipsec core modular with this static algo inside:
-+ * must avoid MODULE magic for this file
-+ */
-+#if CONFIG_IPSEC_MODULE && CONFIG_IPSEC_ALG_CRYPTOAPI
-+#undef MODULE
-+#endif
-+
-+#include <linux/module.h>
-+#include <linux/init.h>
-+
-+#include <linux/kernel.h> /* printk() */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/string.h>
-+
-+/* Check if __exit is defined, if not null it */
-+#ifndef __exit
-+#define __exit
-+#endif
-+
-+/* warn the innocent */
-+#if !defined (CONFIG_CRYPTO) && !defined (CONFIG_CRYPTO_MODULE)
-+#warning "No linux CryptoAPI found, install 2.4.22+ or 2.6.x"
-+#define NO_CRYPTOAPI_SUPPORT
-+#endif
-+/* Low freeswan header coupling */
-+#include "openswan/ipsec_alg.h"
-+
-+#include <linux/crypto.h>
-+#ifdef CRYPTO_API_VERSION_CODE
-+#warning "Old CryptoAPI is not supported. Only linux-2.4.22+ or linux-2.6.x are supported"
-+#define NO_CRYPTOAPI_SUPPORT
-+#endif
-+
-+#ifdef NO_CRYPTOAPI_SUPPORT
-+#warning "Building an unusable module :P"
-+/* Catch old CryptoAPI by not allowing module to load */
-+IPSEC_ALG_MODULE_INIT( ipsec_cryptoapi_init )
-+{
-+ printk(KERN_WARNING "ipsec_cryptoapi.o was not built on stock Linux CryptoAPI (2.4.22+ or 2.6.x), not loading.\n");
-+ return -EINVAL;
-+}
-+#else
-+#include <asm/scatterlist.h>
-+#include <asm/pgtable.h>
-+#include <linux/mm.h>
-+
-+#define CIPHERNAME_AES "aes"
-+#define CIPHERNAME_3DES "des3_ede"
-+#define CIPHERNAME_BLOWFISH "blowfish"
-+#define CIPHERNAME_CAST "cast5"
-+#define CIPHERNAME_SERPENT "serpent"
-+#define CIPHERNAME_TWOFISH "twofish"
-+
-+#define ESP_3DES 3
-+#define ESP_AES 12
-+#define ESP_BLOWFISH 7 /* truely _constant_ :) */
-+#define ESP_CAST 6 /* quite constant :) */
-+#define ESP_SERPENT 252 /* from ipsec drafts */
-+#define ESP_TWOFISH 253 /* from ipsec drafts */
-+
-+#define AH_MD5 2
-+#define AH_SHA 3
-+#define DIGESTNAME_MD5 "md5"
-+#define DIGESTNAME_SHA1 "sha1"
-+
-+MODULE_AUTHOR("Juanjo Ciarlante, Harpo MAxx, Luciano Ruete");
-+static int debug=0;
-+static int test=0;
-+static int excl=0;
-+static int noauto = 0;
-+
-+static int des_ede3[] = {-1, -1};
-+static int aes[] = {-1, -1};
-+static int blowfish[] = {-1, -1};
-+static int cast[] = {-1, -1};
-+static int serpent[] = {-1, -1};
-+static int twofish[] = {-1, -1};
-+
-+#ifdef module_param
-+module_param(debug,int,0600);
-+module_param(test,int,0600);
-+module_param(ebug,int,0600);
-+
-+module_param(noauto,int,0600);
-+module_param(ebug,int,0600);
-+
-+module_param_array(des_ede3,int,NULL,0);
-+module_param(aes,int,NULL,0);
-+module_param(blowfish,int,NULL,0);
-+module_param(cast,int,NULL,0);
-+module_param(serpent,int,NULL,0);
-+module_param(twofish,int,NULL,0);
-+#else
-+MODULE_PARM(debug, "i");
-+MODULE_PARM(test, "i");
-+MODULE_PARM(excl, "i");
-+
-+MODULE_PARM(noauto,"i");
-+
-+MODULE_PARM(des_ede3,"1-2i");
-+MODULE_PARM(aes,"1-2i");
-+MODULE_PARM(blowfish,"1-2i");
-+MODULE_PARM(cast,"1-2i");
-+MODULE_PARM(serpent,"1-2i");
-+MODULE_PARM(twofish,"1-2i");
-+#endif
-+
-+MODULE_PARM_DESC(noauto, "Dont try all known algos, just setup enabled ones");
-+
-+MODULE_PARM_DESC(des_ede3, "0: disable | 1: force_enable | min,max: dontuse");
-+MODULE_PARM_DESC(aes, "0: disable | 1: force_enable | min,max: keybitlens");
-+MODULE_PARM_DESC(blowfish, "0: disable | 1: force_enable | min,max: keybitlens");
-+MODULE_PARM_DESC(cast, "0: disable | 1: force_enable | min,max: keybitlens");
-+MODULE_PARM_DESC(serpent, "0: disable | 1: force_enable | min,max: keybitlens");
-+MODULE_PARM_DESC(twofish, "0: disable | 1: force_enable | min,max: keybitlens");
-+
-+struct ipsec_alg_capi_cipher {
-+ const char *ciphername; /* cryptoapi's ciphername */
-+ unsigned blocksize;
-+ unsigned short minbits;
-+ unsigned short maxbits;
-+ int *parm; /* lkm param for this cipher */
-+ struct ipsec_alg_enc alg; /* note it's not a pointer */
-+};
-+static struct ipsec_alg_capi_cipher alg_capi_carray[] = {
-+ { CIPHERNAME_AES , 16, 128, 256, aes , { ixt_alg_id: ESP_AES, }},
-+ { CIPHERNAME_TWOFISH , 16, 128, 256, twofish, { ixt_alg_id: ESP_TWOFISH, }},
-+ { CIPHERNAME_SERPENT , 16, 128, 256, serpent, { ixt_alg_id: ESP_SERPENT, }},
-+ { CIPHERNAME_CAST , 8, 128, 128, cast , { ixt_alg_id: ESP_CAST, }},
-+ { CIPHERNAME_BLOWFISH , 8, 96, 448, blowfish,{ ixt_alg_id: ESP_BLOWFISH, }},
-+ { CIPHERNAME_3DES , 8, 192, 192, des_ede3,{ ixt_alg_id: ESP_3DES, }},
-+ { NULL, 0, 0, 0, NULL, {} }
-+};
-+#ifdef NOT_YET
-+struct ipsec_alg_capi_digest {
-+ const char *digestname; /* cryptoapi's digestname */
-+ struct digest_implementation *di;
-+ struct ipsec_alg_auth alg; /* note it's not a pointer */
-+};
-+static struct ipsec_alg_capi_cipher alg_capi_darray[] = {
-+ { DIGESTNAME_MD5, NULL, { ixt_alg_id: AH_MD5, }},
-+ { DIGESTNAME_SHA1, NULL, { ixt_alg_id: AH_SHA, }},
-+ { NULL, NULL, {} }
-+};
-+#endif
-+/*
-+ * "generic" linux cryptoapi setup_cipher() function
-+ */
-+int setup_cipher(const char *ciphername)
-+{
-+ return crypto_alg_available(ciphername, 0);
-+}
-+
-+/*
-+ * setups ipsec_alg_capi_cipher "hyper" struct components, calling
-+ * register_ipsec_alg for cointaned ipsec_alg object
-+ */
-+static void _capi_destroy_key (struct ipsec_alg_enc *alg, __u8 *key_e);
-+static __u8 * _capi_new_key (struct ipsec_alg_enc *alg, const __u8 *key, size_t keylen);
-+static int _capi_cbc_encrypt(struct ipsec_alg_enc *alg, __u8 * key_e, __u8 * in, int ilen, const __u8 * iv, int encrypt);
-+
-+static int
-+setup_ipsec_alg_capi_cipher(struct ipsec_alg_capi_cipher *cptr)
-+{
-+ int ret;
-+ cptr->alg.ixt_version = IPSEC_ALG_VERSION;
-+ cptr->alg.ixt_module = THIS_MODULE;
-+ atomic_set (& cptr->alg.ixt_refcnt, 0);
-+ strncpy (cptr->alg.ixt_name , cptr->ciphername, sizeof (cptr->alg.ixt_name));
-+
-+ cptr->alg.ixt_blocksize=cptr->blocksize;
-+ cptr->alg.ixt_keyminbits=cptr->minbits;
-+ cptr->alg.ixt_keymaxbits=cptr->maxbits;
-+ cptr->alg.ixt_state = 0;
-+ if (excl) cptr->alg.ixt_state |= IPSEC_ALG_ST_EXCL;
-+ cptr->alg.ixt_e_keylen=cptr->alg.ixt_keymaxbits/8;
-+ cptr->alg.ixt_e_ctx_size = 0;
-+ cptr->alg.ixt_alg_type = IPSEC_ALG_TYPE_ENCRYPT;
-+ cptr->alg.ixt_e_new_key = _capi_new_key;
-+ cptr->alg.ixt_e_destroy_key = _capi_destroy_key;
-+ cptr->alg.ixt_e_cbc_encrypt = _capi_cbc_encrypt;
-+ cptr->alg.ixt_data = cptr;
-+
-+ ret=register_ipsec_alg_enc(&cptr->alg);
-+ printk("setup_ipsec_alg_capi_cipher(): "
-+ "alg_type=%d alg_id=%d name=%s "
-+ "keyminbits=%d keymaxbits=%d, ret=%d\n",
-+ cptr->alg.ixt_alg_type,
-+ cptr->alg.ixt_alg_id,
-+ cptr->alg.ixt_name,
-+ cptr->alg.ixt_keyminbits,
-+ cptr->alg.ixt_keymaxbits,
-+ ret);
-+ return ret;
-+}
-+/*
-+ * called in ipsec_sa_wipe() time, will destroy key contexts
-+ * and do 1 unbind()
-+ */
-+static void
-+_capi_destroy_key (struct ipsec_alg_enc *alg, __u8 *key_e)
-+{
-+ struct crypto_tfm *tfm=(struct crypto_tfm*)key_e;
-+
-+ if (debug > 0)
-+ printk(KERN_DEBUG "klips_debug: _capi_destroy_key:"
-+ "name=%s key_e=%p \n",
-+ alg->ixt_name, key_e);
-+ if (!key_e) {
-+ printk(KERN_ERR "klips_debug: _capi_destroy_key:"
-+ "name=%s NULL key_e!\n",
-+ alg->ixt_name);
-+ return;
-+ }
-+ crypto_free_tfm(tfm);
-+}
-+
-+/*
-+ * create new key context, need alg->ixt_data to know which
-+ * (of many) cipher inside this module is the target
-+ */
-+static __u8 *
-+_capi_new_key (struct ipsec_alg_enc *alg, const __u8 *key, size_t keylen)
-+{
-+ struct ipsec_alg_capi_cipher *cptr;
-+ struct crypto_tfm *tfm=NULL;
-+
-+ cptr = alg->ixt_data;
-+ if (!cptr) {
-+ printk(KERN_ERR "_capi_new_key(): "
-+ "NULL ixt_data (?!) for \"%s\" algo\n"
-+ , alg->ixt_name);
-+ goto err;
-+ }
-+ if (debug > 0)
-+ printk(KERN_DEBUG "klips_debug:_capi_new_key:"
-+ "name=%s cptr=%p key=%p keysize=%d\n",
-+ alg->ixt_name, cptr, key, keylen);
-+
-+ /*
-+ * alloc tfm
-+ */
-+ tfm = crypto_alloc_tfm(cptr->ciphername, CRYPTO_TFM_MODE_CBC);
-+ if (!tfm) {
-+ printk(KERN_ERR "_capi_new_key(): "
-+ "NULL tfm for \"%s\" cryptoapi (\"%s\") algo\n"
-+ , alg->ixt_name, cptr->ciphername);
-+ goto err;
-+ }
-+ if (crypto_cipher_setkey(tfm, key, keylen) < 0) {
-+ printk(KERN_ERR "_capi_new_key(): "
-+ "failed new_key() for \"%s\" cryptoapi algo (keylen=%d)\n"
-+ , alg->ixt_name, keylen);
-+ crypto_free_tfm(tfm);
-+ tfm=NULL;
-+ }
-+err:
-+ if (debug > 0)
-+ printk(KERN_DEBUG "klips_debug:_capi_new_key:"
-+ "name=%s key=%p keylen=%d tfm=%p\n",
-+ alg->ixt_name, key, keylen, tfm);
-+ return (__u8 *) tfm;
-+}
-+/*
-+ * core encryption function: will use cx->ci to call actual cipher's
-+ * cbc function
-+ */
-+static int
-+_capi_cbc_encrypt(struct ipsec_alg_enc *alg, __u8 * key_e, __u8 * in, int ilen, const __u8 * iv, int encrypt) {
-+ int error =0;
-+ struct crypto_tfm *tfm=(struct crypto_tfm *)key_e;
-+ struct scatterlist sg = {
-+ .page = virt_to_page(in),
-+ .offset = (unsigned long)(in) % PAGE_SIZE,
-+ .length=ilen,
-+ };
-+ if (debug > 1)
-+ printk(KERN_DEBUG "klips_debug:_capi_cbc_encrypt:"
-+ "key_e=%p "
-+ "in=%p out=%p ilen=%d iv=%p encrypt=%d\n"
-+ , key_e
-+ , in, in, ilen, iv, encrypt);
-+ crypto_cipher_set_iv(tfm, iv, crypto_tfm_alg_ivsize(tfm));
-+ if (encrypt)
-+ error = crypto_cipher_encrypt (tfm, &sg, &sg, ilen);
-+ else
-+ error = crypto_cipher_decrypt (tfm, &sg, &sg, ilen);
-+ if (debug > 1)
-+ printk(KERN_DEBUG "klips_debug:_capi_cbc_encrypt:"
-+ "error=%d\n"
-+ , error);
-+ return (error<0)? error : ilen;
-+}
-+/*
-+ * main initialization loop: for each cipher in list, do
-+ * 1) setup cryptoapi cipher else continue
-+ * 2) register ipsec_alg object
-+ */
-+static int
-+setup_cipher_list (struct ipsec_alg_capi_cipher* clist)
-+{
-+ struct ipsec_alg_capi_cipher *cptr;
-+ /* foreach cipher in list ... */
-+ for (cptr=clist;cptr->ciphername;cptr++) {
-+ /*
-+ * see if cipher has been disabled (0) or
-+ * if noauto set and not enabled (1)
-+ */
-+ if (cptr->parm[0] == 0 || (noauto && cptr->parm[0] < 0)) {
-+ if (debug>0)
-+ printk(KERN_INFO "setup_cipher_list(): "
-+ "ciphername=%s skipped at user request: "
-+ "noauto=%d parm[0]=%d parm[1]=%d\n"
-+ , cptr->ciphername
-+ , noauto
-+ , cptr->parm[0]
-+ , cptr->parm[1]);
-+ continue;
-+ }
-+ /*
-+ * use a local ci to avoid touching cptr->ci,
-+ * if register ipsec_alg success then bind cipher
-+ */
-+ if( setup_cipher(cptr->ciphername) ) {
-+ if (debug > 0)
-+ printk(KERN_DEBUG "klips_debug:"
-+ "setup_cipher_list():"
-+ "ciphername=%s found\n"
-+ , cptr->ciphername);
-+ if (setup_ipsec_alg_capi_cipher(cptr) == 0) {
-+
-+
-+ } else {
-+ printk(KERN_ERR "klips_debug:"
-+ "setup_cipher_list():"
-+ "ciphername=%s failed ipsec_alg_register\n"
-+ , cptr->ciphername);
-+ }
-+ } else {
-+ if (debug>0)
-+ printk(KERN_INFO "setup_cipher_list(): lookup for ciphername=%s: not found \n",
-+ cptr->ciphername);
-+ }
-+ }
-+ return 0;
-+}
-+/*
-+ * deregister ipsec_alg objects and unbind ciphers
-+ */
-+static int
-+unsetup_cipher_list (struct ipsec_alg_capi_cipher* clist)
-+{
-+ struct ipsec_alg_capi_cipher *cptr;
-+ /* foreach cipher in list ... */
-+ for (cptr=clist;cptr->ciphername;cptr++) {
-+ if (cptr->alg.ixt_state & IPSEC_ALG_ST_REGISTERED) {
-+ unregister_ipsec_alg_enc(&cptr->alg);
-+ }
-+ }
-+ return 0;
-+}
-+/*
-+ * test loop for registered algos
-+ */
-+static int
-+test_cipher_list (struct ipsec_alg_capi_cipher* clist)
-+{
-+ int test_ret;
-+ struct ipsec_alg_capi_cipher *cptr;
-+ /* foreach cipher in list ... */
-+ for (cptr=clist;cptr->ciphername;cptr++) {
-+ if (cptr->alg.ixt_state & IPSEC_ALG_ST_REGISTERED) {
-+ test_ret=ipsec_alg_test(
-+ cptr->alg.ixt_alg_type,
-+ cptr->alg.ixt_alg_id,
-+ test);
-+ printk("test_cipher_list(alg_type=%d alg_id=%d): test_ret=%d\n",
-+ cptr->alg.ixt_alg_type,
-+ cptr->alg.ixt_alg_id,
-+ test_ret);
-+ }
-+ }
-+ return 0;
-+}
-+
-+IPSEC_ALG_MODULE_INIT( ipsec_cryptoapi_init )
-+{
-+ int ret, test_ret;
-+ if ((ret=setup_cipher_list(alg_capi_carray)) < 0)
-+ return -EPROTONOSUPPORT;
-+ if (ret==0 && test) {
-+ test_ret=test_cipher_list(alg_capi_carray);
-+ }
-+ return ret;
-+}
-+IPSEC_ALG_MODULE_EXIT( ipsec_cryptoapi_fini )
-+{
-+ unsetup_cipher_list(alg_capi_carray);
-+ return;
-+}
-+#ifdef MODULE_LICENSE
-+MODULE_LICENSE("GPL");
-+#endif
-+
-+EXPORT_NO_SYMBOLS;
-+#endif /* NO_CRYPTOAPI_SUPPORT */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/alg/scripts/mk-static_init.c.sh Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,18 @@
-+#!/bin/sh
-+cat << EOF
-+#include <linux/kernel.h>
-+#include <linux/list.h>
-+#include "freeswan/ipsec_alg.h"
-+$(for i in $*; do
-+ test -z "$i" && continue
-+ echo "extern int $i(void);"
-+done)
-+void ipsec_alg_static_init(void){
-+ int __attribute__ ((unused)) err=0;
-+$(for i in $*; do
-+ test -z "$i" && continue
-+ echo " if ((err=$i()) < 0)"
-+ echo " printk(KERN_WARNING \"$i() returned %d\", err);"
-+done)
-+}
-+EOF
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/anyaddr.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,148 @@
-+/*
-+ * special addresses
-+ * Copyright (C) 2000 Henry Spencer.
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: anyaddr.c,v 1.10.10.1 2006-11-24 05:55:46 paul Exp $
-+ */
-+#include "openswan.h"
-+
-+/* these are mostly fallbacks for the no-IPv6-support-in-library case */
-+#ifndef IN6ADDR_ANY_INIT
-+#define IN6ADDR_ANY_INIT {{{ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 }}}
-+#endif
-+#ifndef IN6ADDR_LOOPBACK_INIT
-+#define IN6ADDR_LOOPBACK_INIT {{{ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1 }}}
-+#endif
-+
-+static struct in6_addr v6any = IN6ADDR_ANY_INIT;
-+static struct in6_addr v6loop = IN6ADDR_LOOPBACK_INIT;
-+
-+/*
-+ - anyaddr - initialize to the any-address value
-+ */
-+err_t /* NULL for success, else string literal */
-+anyaddr(af, dst)
-+int af; /* address family */
-+ip_address *dst;
-+{
-+ uint32_t v4any = htonl(INADDR_ANY);
-+
-+ switch (af) {
-+ case AF_INET:
-+ return initaddr((unsigned char *)&v4any, sizeof(v4any), af, dst);
-+ break;
-+ case AF_INET6:
-+ return initaddr((unsigned char *)&v6any, sizeof(v6any), af, dst);
-+ break;
-+ default:
-+ return "unknown address family in anyaddr/unspecaddr";
-+ break;
-+ }
-+}
-+
-+/*
-+ - unspecaddr - initialize to the unspecified-address value
-+ */
-+err_t /* NULL for success, else string literal */
-+unspecaddr(af, dst)
-+int af; /* address family */
-+ip_address *dst;
-+{
-+ return anyaddr(af, dst);
-+}
-+
-+/*
-+ - loopbackaddr - initialize to the loopback-address value
-+ */
-+err_t /* NULL for success, else string literal */
-+loopbackaddr(af, dst)
-+int af; /* address family */
-+ip_address *dst;
-+{
-+ uint32_t v4loop = htonl(INADDR_LOOPBACK);
-+
-+ switch (af) {
-+ case AF_INET:
-+ return initaddr((unsigned char *)&v4loop, sizeof(v4loop), af, dst);
-+ break;
-+ case AF_INET6:
-+ return initaddr((unsigned char *)&v6loop, sizeof(v6loop), af, dst);
-+ break;
-+ default:
-+ return "unknown address family in loopbackaddr";
-+ break;
-+ }
-+}
-+
-+/*
-+ - isanyaddr - test for the any-address value
-+ */
-+int
-+isanyaddr(src)
-+const ip_address *src;
-+{
-+ uint32_t v4any = htonl(INADDR_ANY);
-+ int cmp;
-+
-+ switch (src->u.v4.sin_family) {
-+ case AF_INET:
-+ cmp = memcmp(&src->u.v4.sin_addr.s_addr, &v4any, sizeof(v4any));
-+ break;
-+ case AF_INET6:
-+ cmp = memcmp(&src->u.v6.sin6_addr, &v6any, sizeof(v6any));
-+ break;
-+ case 0:
-+ /* a zeroed structure is considered any address */
-+ return 1;
-+ default:
-+ return 0;
-+ break;
-+ }
-+
-+ return (cmp == 0) ? 1 : 0;
-+}
-+
-+/*
-+ - isunspecaddr - test for the unspecified-address value
-+ */
-+int
-+isunspecaddr(src)
-+const ip_address *src;
-+{
-+ return isanyaddr(src);
-+}
-+
-+/*
-+ - isloopbackaddr - test for the loopback-address value
-+ */
-+int
-+isloopbackaddr(src)
-+const ip_address *src;
-+{
-+ uint32_t v4loop = htonl(INADDR_LOOPBACK);
-+ int cmp;
-+
-+ switch (src->u.v4.sin_family) {
-+ case AF_INET:
-+ cmp = memcmp(&src->u.v4.sin_addr.s_addr, &v4loop, sizeof(v4loop));
-+ break;
-+ case AF_INET6:
-+ cmp = memcmp(&src->u.v6.sin6_addr, &v6loop, sizeof(v6loop));
-+ break;
-+ default:
-+ return 0;
-+ break;
-+ }
-+
-+ return (cmp == 0) ? 1 : 0;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/datatot.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,234 @@
-+/*
-+ * convert from binary data (e.g. key) to text form
-+ * Copyright (C) 2000 Henry Spencer.
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: datatot.c,v 1.7 2005-04-14 20:48:43 mcr Exp $
-+ */
-+#include "openswan.h"
-+
-+static void convert(const char *src, size_t nreal, int format, char *out);
-+
-+/*
-+ - datatot - convert data bytes to text
-+ */
-+size_t /* true length (with NUL) for success */
-+datatot(src, srclen, format, dst, dstlen)
-+const char *src;
-+size_t srclen;
-+int format; /* character indicating what format */
-+char *dst; /* need not be valid if dstlen is 0 */
-+size_t dstlen;
-+{
-+ size_t inblocksize; /* process this many bytes at a time */
-+ size_t outblocksize; /* producing this many */
-+ size_t breakevery; /* add a _ every this many (0 means don't) */
-+ size_t sincebreak; /* output bytes since last _ */
-+ char breakchar; /* character used to break between groups */
-+ char inblock[10]; /* enough for any format */
-+ char outblock[10]; /* enough for any format */
-+ char fake[1]; /* fake output area for dstlen == 0 */
-+ size_t needed; /* return value */
-+ char *stop; /* where the terminating NUL will go */
-+ size_t ntodo; /* remaining input */
-+ size_t nreal;
-+ char *out;
-+ char *prefix;
-+
-+ breakevery = 0;
-+ breakchar = '_';
-+
-+ switch (format) {
-+ case 0:
-+ case 'h':
-+ format = 'x';
-+ breakevery = 8;
-+ /* FALLTHROUGH */
-+ case 'x':
-+ inblocksize = 1;
-+ outblocksize = 2;
-+ prefix = "0x";
-+ break;
-+ case ':':
-+ format = 'x';
-+ breakevery = 2;
-+ breakchar = ':';
-+ /* FALLTHROUGH */
-+ case 16:
-+ inblocksize = 1;
-+ outblocksize = 2;
-+ prefix = "";
-+ format = 'x';
-+ break;
-+ case 's':
-+ inblocksize = 3;
-+ outblocksize = 4;
-+ prefix = "0s";
-+ break;
-+ case 64: /* beware, equals ' ' */
-+ inblocksize = 3;
-+ outblocksize = 4;
-+ prefix = "";
-+ format = 's';
-+ break;
-+ default:
-+ return 0;
-+ break;
-+ }
-+
-+ user_assert(inblocksize < sizeof(inblock));
-+ user_assert(outblocksize < sizeof(outblock));
-+ user_assert(breakevery % outblocksize == 0);
-+
-+ if (srclen == 0)
-+ return 0;
-+ ntodo = srclen;
-+
-+ if (dstlen == 0) { /* dispose of awkward special case */
-+ dst = fake;
-+ dstlen = 1;
-+ }
-+ stop = dst + dstlen - 1;
-+
-+ nreal = strlen(prefix);
-+ needed = nreal; /* for starters */
-+ if (dstlen <= nreal) { /* prefix won't fit */
-+ strncpy(dst, prefix, dstlen - 1);
-+ dst += dstlen - 1;
-+ } else {
-+ strcpy(dst, prefix);
-+ dst += nreal;
-+ }
-+
-+ user_assert(dst <= stop);
-+ sincebreak = 0;
-+
-+ while (ntodo > 0) {
-+ if (ntodo < inblocksize) { /* incomplete input */
-+ memset(inblock, 0, sizeof(inblock));
-+ memcpy(inblock, src, ntodo);
-+ src = inblock;
-+ nreal = ntodo;
-+ ntodo = inblocksize;
-+ } else
-+ nreal = inblocksize;
-+ out = (outblocksize > stop - dst) ? outblock : dst;
-+
-+ convert(src, nreal, format, out);
-+ needed += outblocksize;
-+ sincebreak += outblocksize;
-+ if (dst < stop) {
-+ if (out != dst) {
-+ user_assert(outblocksize > stop - dst);
-+ memcpy(dst, out, stop - dst);
-+ dst = stop;
-+ } else
-+ dst += outblocksize;
-+ }
-+
-+ src += inblocksize;
-+ ntodo -= inblocksize;
-+ if (breakevery != 0 && sincebreak >= breakevery && ntodo > 0) {
-+ if (dst < stop)
-+ *dst++ = breakchar;
-+ needed++;
-+ sincebreak = 0;
-+ }
-+ }
-+
-+ user_assert(dst <= stop);
-+ *dst++ = '\0';
-+ needed++;
-+
-+ return needed;
-+}
-+
-+/*
-+ - convert - convert one input block to one output block
-+ */
-+static void
-+convert(src, nreal, format, out)
-+const char *src;
-+size_t nreal; /* how much of the input block is real */
-+int format;
-+char *out;
-+{
-+ static char hex[] = "0123456789abcdef";
-+ static char base64[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
-+ "abcdefghijklmnopqrstuvwxyz"
-+ "0123456789+/";
-+ unsigned char c;
-+ unsigned char c1, c2, c3;
-+
-+ user_assert(nreal > 0);
-+ switch (format) {
-+ case 'x':
-+ user_assert(nreal == 1);
-+ c = (unsigned char)*src;
-+ *out++ = hex[c >> 4];
-+ *out++ = hex[c & 0xf];
-+ break;
-+ case 's':
-+ c1 = (unsigned char)*src++;
-+ c2 = (unsigned char)*src++;
-+ c3 = (unsigned char)*src++;
-+ *out++ = base64[c1 >> 2]; /* top 6 bits of c1 */
-+ c = (c1 & 0x3) << 4; /* bottom 2 of c1... */
-+ c |= c2 >> 4; /* ...top 4 of c2 */
-+ *out++ = base64[c];
-+ if (nreal == 1)
-+ *out++ = '=';
-+ else {
-+ c = (c2 & 0xf) << 2; /* bottom 4 of c2... */
-+ c |= c3 >> 6; /* ...top 2 of c3 */
-+ *out++ = base64[c];
-+ }
-+ if (nreal <= 2)
-+ *out++ = '=';
-+ else
-+ *out++ = base64[c3 & 0x3f]; /* bottom 6 of c3 */
-+ break;
-+ default:
-+ user_assert(nreal == 0); /* unknown format */
-+ break;
-+ }
-+}
-+
-+/*
-+ - datatoa - convert data to ASCII
-+ * backward-compatibility synonym for datatot
-+ */
-+size_t /* true length (with NUL) for success */
-+datatoa(src, srclen, format, dst, dstlen)
-+const char *src;
-+size_t srclen;
-+int format; /* character indicating what format */
-+char *dst; /* need not be valid if dstlen is 0 */
-+size_t dstlen;
-+{
-+ return datatot(src, srclen, format, dst, dstlen);
-+}
-+
-+/*
-+ - bytestoa - convert data bytes to ASCII
-+ * backward-compatibility synonym for datatot
-+ */
-+size_t /* true length (with NUL) for success */
-+bytestoa(src, srclen, format, dst, dstlen)
-+const char *src;
-+size_t srclen;
-+int format; /* character indicating what format */
-+char *dst; /* need not be valid if dstlen is 0 */
-+size_t dstlen;
-+{
-+ return datatot(src, srclen, format, dst, dstlen);
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/defconfig Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,148 @@
-+
-+#
-+# RCSID $Id: defconfig,v 1.28.2.1 2006-10-11 18:14:33 paul Exp $
-+#
-+
-+#
-+# FreeS/WAN IPSec implementation, KLIPS kernel config defaults
-+#
-+
-+#
-+# First, lets override stuff already set or not in the kernel config.
-+#
-+# We can't even think about leaving this off...
-+CONFIG_INET=y
-+
-+#
-+# This must be on for subnet protection.
-+CONFIG_IP_FORWARD=y
-+
-+# Shut off IPSEC masquerading if it has been enabled, since it will
-+# break the compile. IPPROTO_ESP and IPPROTO_AH were included in
-+# net/ipv4/ip_masq.c when they should have gone into include/linux/in.h.
-+CONFIG_IP_MASQUERADE_IPSEC=n
-+
-+#
-+# Next, lets set the recommended FreeS/WAN configuration.
-+#
-+
-+# To config as static (preferred), 'y'. To config as module, 'm'.
-+CONFIG_KLIPS=m
-+
-+# To do tunnel mode IPSec, this must be enabled.
-+CONFIG_KLIPS_IPIP=y
-+
-+# To enable authentication, say 'y'. (Highly recommended)
-+CONFIG_KLIPS_AH=y
-+
-+# Authentication algorithm(s):
-+CONFIG_KLIPS_AUTH_HMAC_MD5=y
-+CONFIG_KLIPS_AUTH_HMAC_SHA1=y
-+
-+# To enable encryption, say 'y'. (Highly recommended)
-+CONFIG_KLIPS_ESP=y
-+
-+# modular algo extensions (and new ALGOs)
-+CONFIG_KLIPS_ALG=y
-+
-+# Encryption algorithm(s):
-+CONFIG_KLIPS_ENC_3DES=y
-+CONFIG_KLIPS_ENC_AES=y
-+# CONFIG_KLIPS_ENC_NULL=y
-+
-+# Use CryptoAPI for ALG? - by default, no.
-+CONFIG_KLIPS_ENC_CRYPTOAPI=n
-+
-+# IP Compression: new, probably still has minor bugs.
-+CONFIG_KLIPS_IPCOMP=y
-+
-+# To enable userspace-switchable KLIPS debugging, say 'y'.
-+CONFIG_KLIPS_DEBUG=y
-+
-+# NAT Traversal
-+CONFIG_IPSEC_NAT_TRAVERSAL=y
-+
-+#
-+#
-+# $Log: defconfig,v $
-+# Revision 1.28.2.1 2006-10-11 18:14:33 paul
-+# Add JuanJo Ciarlante's ESP_NULL patches for KLIPS, but leave it disabled
-+# per default.
-+#
-+# Revision 1.28 2005/05/11 03:15:42 mcr
-+# adjusted makefiles to sanely build modules properly.
-+#
-+# Revision 1.27 2005/03/20 03:00:05 mcr
-+# default configuration should enable NAT_TRAVERSAL.
-+#
-+# Revision 1.26 2004/07/10 19:11:18 mcr
-+# CONFIG_IPSEC -> CONFIG_KLIPS.
-+#
-+# Revision 1.25 2004/07/05 01:03:53 mcr
-+# fix for adding cryptoapi code.
-+# keep it off for now, since UMLs do not have it yet.
-+#
-+# Revision 1.24 2004/04/06 02:49:25 mcr
-+# pullup of algo code from alg-branch.
-+#
-+# Revision 1.23.2.2 2004/04/05 04:30:46 mcr
-+# patches for alg-branch to compile/work with 2.x openswan
-+#
-+# Revision 1.23.2.1 2003/12/22 15:25:52 jjo
-+# . Merged algo-0.8.1-rc11-test1 into alg-branch
-+#
-+# Revision 1.23 2003/12/10 01:14:27 mcr
-+# NAT-traversal patches to KLIPS.
-+#
-+# Revision 1.22 2003/02/24 19:37:27 mcr
-+# changed default compilation mode to static.
-+#
-+# Revision 1.21 2002/04/24 07:36:27 mcr
-+# Moved from ./klips/net/ipsec/defconfig,v
-+#
-+# Revision 1.20 2002/04/02 04:07:40 mcr
-+# default build is now 'm'odule for KLIPS
-+#
-+# Revision 1.19 2002/03/08 18:57:17 rgb
-+# Added a blank line at the beginning of the file to make it easier for
-+# other projects to patch ./arch/i386/defconfig, for example
-+# LIDS+grSecurity requested by Jason Pattie.
-+#
-+# Revision 1.18 2000/11/30 17:26:56 rgb
-+# Cleaned out unused options and enabled ipcomp by default.
-+#
-+# Revision 1.17 2000/09/15 11:37:01 rgb
-+# Merge in heavily modified Svenning Soerensen's <svenning@post5.tele.dk>
-+# IPCOMP zlib deflate code.
-+#
-+# Revision 1.16 2000/09/08 19:12:55 rgb
-+# Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
-+#
-+# Revision 1.15 2000/05/24 19:37:13 rgb
-+# *** empty log message ***
-+#
-+# Revision 1.14 2000/05/11 21:14:57 henry
-+# just commenting the FOOBAR=y lines out is not enough
-+#
-+# Revision 1.13 2000/05/10 20:17:58 rgb
-+# Comment out netlink defaults, which are no longer needed.
-+#
-+# Revision 1.12 2000/05/10 19:13:38 rgb
-+# Added configure option to shut off no eroute passthrough.
-+#
-+# Revision 1.11 2000/03/16 07:09:46 rgb
-+# Hardcode PF_KEYv2 support.
-+# Disable IPSEC_ICMP by default.
-+# Remove DES config option from defaults file.
-+#
-+# Revision 1.10 2000/01/11 03:09:42 rgb
-+# Added a default of 'y' to PF_KEYv2 keying I/F.
-+#
-+# Revision 1.9 1999/05/08 21:23:12 rgb
-+# Added support for 2.2.x kernels.
-+#
-+# Revision 1.8 1999/04/06 04:54:25 rgb
-+# Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+# patch shell fixes.
-+#
-+#
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/deflate.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,1351 @@
-+/* deflate.c -- compress data using the deflation algorithm
-+ * Copyright (C) 1995-2002 Jean-loup Gailly.
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+/*
-+ * ALGORITHM
-+ *
-+ * The "deflation" process depends on being able to identify portions
-+ * of the input text which are identical to earlier input (within a
-+ * sliding window trailing behind the input currently being processed).
-+ *
-+ * The most straightforward technique turns out to be the fastest for
-+ * most input files: try all possible matches and select the longest.
-+ * The key feature of this algorithm is that insertions into the string
-+ * dictionary are very simple and thus fast, and deletions are avoided
-+ * completely. Insertions are performed at each input character, whereas
-+ * string matches are performed only when the previous match ends. So it
-+ * is preferable to spend more time in matches to allow very fast string
-+ * insertions and avoid deletions. The matching algorithm for small
-+ * strings is inspired from that of Rabin & Karp. A brute force approach
-+ * is used to find longer strings when a small match has been found.
-+ * A similar algorithm is used in comic (by Jan-Mark Wams) and freeze
-+ * (by Leonid Broukhis).
-+ * A previous version of this file used a more sophisticated algorithm
-+ * (by Fiala and Greene) which is guaranteed to run in linear amortized
-+ * time, but has a larger average cost, uses more memory and is patented.
-+ * However the F&G algorithm may be faster for some highly redundant
-+ * files if the parameter max_chain_length (described below) is too large.
-+ *
-+ * ACKNOWLEDGEMENTS
-+ *
-+ * The idea of lazy evaluation of matches is due to Jan-Mark Wams, and
-+ * I found it in 'freeze' written by Leonid Broukhis.
-+ * Thanks to many people for bug reports and testing.
-+ *
-+ * REFERENCES
-+ *
-+ * Deutsch, L.P.,"DEFLATE Compressed Data Format Specification".
-+ * Available in ftp://ds.internic.net/rfc/rfc1951.txt
-+ *
-+ * A description of the Rabin and Karp algorithm is given in the book
-+ * "Algorithms" by R. Sedgewick, Addison-Wesley, p252.
-+ *
-+ * Fiala,E.R., and Greene,D.H.
-+ * Data Compression with Finite Windows, Comm.ACM, 32,4 (1989) 490-595
-+ *
-+ */
-+
-+/* @(#) $Id: deflate.c,v 1.4 2004-07-10 07:48:37 mcr Exp $ */
-+
-+#include "deflate.h"
-+
-+local const char deflate_copyright[] =
-+ " deflate 1.1.4 Copyright 1995-2002 Jean-loup Gailly ";
-+/*
-+ If you use the zlib library in a product, an acknowledgment is welcome
-+ in the documentation of your product. If for some reason you cannot
-+ include such an acknowledgment, I would appreciate that you keep this
-+ copyright string in the executable of your product.
-+ */
-+
-+/* ===========================================================================
-+ * Function prototypes.
-+ */
-+typedef enum {
-+ need_more, /* block not completed, need more input or more output */
-+ block_done, /* block flush performed */
-+ finish_started, /* finish started, need only more output at next deflate */
-+ finish_done /* finish done, accept no more input or output */
-+} block_state;
-+
-+typedef block_state (*compress_func) OF((deflate_state *s, int flush));
-+/* Compression function. Returns the block state after the call. */
-+
-+local void fill_window OF((deflate_state *s));
-+local block_state deflate_stored OF((deflate_state *s, int flush));
-+local block_state deflate_fast OF((deflate_state *s, int flush));
-+local block_state deflate_slow OF((deflate_state *s, int flush));
-+local void lm_init OF((deflate_state *s));
-+local void putShortMSB OF((deflate_state *s, uInt b));
-+local void flush_pending OF((z_streamp strm));
-+local int read_buf OF((z_streamp strm, Bytef *buf, unsigned size));
-+#ifdef ASMV
-+ void match_init OF((void)); /* asm code initialization */
-+ uInt longest_match OF((deflate_state *s, IPos cur_match));
-+#else
-+local uInt longest_match OF((deflate_state *s, IPos cur_match));
-+#endif
-+
-+#ifdef DEBUG
-+local void check_match OF((deflate_state *s, IPos start, IPos match,
-+ int length));
-+#endif
-+
-+/* ===========================================================================
-+ * Local data
-+ */
-+
-+#define NIL 0
-+/* Tail of hash chains */
-+
-+#ifndef TOO_FAR
-+# define TOO_FAR 4096
-+#endif
-+/* Matches of length 3 are discarded if their distance exceeds TOO_FAR */
-+
-+#define MIN_LOOKAHEAD (MAX_MATCH+MIN_MATCH+1)
-+/* Minimum amount of lookahead, except at the end of the input file.
-+ * See deflate.c for comments about the MIN_MATCH+1.
-+ */
-+
-+/* Values for max_lazy_match, good_match and max_chain_length, depending on
-+ * the desired pack level (0..9). The values given below have been tuned to
-+ * exclude worst case performance for pathological files. Better values may be
-+ * found for specific files.
-+ */
-+typedef struct config_s {
-+ ush good_length; /* reduce lazy search above this match length */
-+ ush max_lazy; /* do not perform lazy search above this match length */
-+ ush nice_length; /* quit search above this match length */
-+ ush max_chain;
-+ compress_func func;
-+} config;
-+
-+local const config configuration_table[10] = {
-+/* good lazy nice chain */
-+/* 0 */ {0, 0, 0, 0, deflate_stored}, /* store only */
-+/* 1 */ {4, 4, 8, 4, deflate_fast}, /* maximum speed, no lazy matches */
-+/* 2 */ {4, 5, 16, 8, deflate_fast},
-+/* 3 */ {4, 6, 32, 32, deflate_fast},
-+
-+/* 4 */ {4, 4, 16, 16, deflate_slow}, /* lazy matches */
-+/* 5 */ {8, 16, 32, 32, deflate_slow},
-+/* 6 */ {8, 16, 128, 128, deflate_slow},
-+/* 7 */ {8, 32, 128, 256, deflate_slow},
-+/* 8 */ {32, 128, 258, 1024, deflate_slow},
-+/* 9 */ {32, 258, 258, 4096, deflate_slow}}; /* maximum compression */
-+
-+/* Note: the deflate() code requires max_lazy >= MIN_MATCH and max_chain >= 4
-+ * For deflate_fast() (levels <= 3) good is ignored and lazy has a different
-+ * meaning.
-+ */
-+
-+#define EQUAL 0
-+/* result of memcmp for equal strings */
-+
-+struct static_tree_desc_s {int dummy;}; /* for buggy compilers */
-+
-+/* ===========================================================================
-+ * Update a hash value with the given input byte
-+ * IN assertion: all calls to to UPDATE_HASH are made with consecutive
-+ * input characters, so that a running hash key can be computed from the
-+ * previous key instead of complete recalculation each time.
-+ */
-+#define UPDATE_HASH(s,h,c) (h = (((h)<<s->hash_shift) ^ (c)) & s->hash_mask)
-+
-+
-+/* ===========================================================================
-+ * Insert string str in the dictionary and set match_head to the previous head
-+ * of the hash chain (the most recent string with same hash key). Return
-+ * the previous length of the hash chain.
-+ * If this file is compiled with -DFASTEST, the compression level is forced
-+ * to 1, and no hash chains are maintained.
-+ * IN assertion: all calls to to INSERT_STRING are made with consecutive
-+ * input characters and the first MIN_MATCH bytes of str are valid
-+ * (except for the last MIN_MATCH-1 bytes of the input file).
-+ */
-+#ifdef FASTEST
-+#define INSERT_STRING(s, str, match_head) \
-+ (UPDATE_HASH(s, s->ins_h, s->window[(str) + (MIN_MATCH-1)]), \
-+ match_head = s->head[s->ins_h], \
-+ s->head[s->ins_h] = (Pos)(str))
-+#else
-+#define INSERT_STRING(s, str, match_head) \
-+ (UPDATE_HASH(s, s->ins_h, s->window[(str) + (MIN_MATCH-1)]), \
-+ s->prev[(str) & s->w_mask] = match_head = s->head[s->ins_h], \
-+ s->head[s->ins_h] = (Pos)(str))
-+#endif
-+
-+/* ===========================================================================
-+ * Initialize the hash table (avoiding 64K overflow for 16 bit systems).
-+ * prev[] will be initialized on the fly.
-+ */
-+#define CLEAR_HASH(s) \
-+ s->head[s->hash_size-1] = NIL; \
-+ zmemzero((Bytef *)s->head, (unsigned)(s->hash_size-1)*sizeof(*s->head));
-+
-+/* ========================================================================= */
-+int ZEXPORT deflateInit_(strm, level, version, stream_size)
-+ z_streamp strm;
-+ int level;
-+ const char *version;
-+ int stream_size;
-+{
-+ return deflateInit2_(strm, level, Z_DEFLATED, MAX_WBITS, DEF_MEM_LEVEL,
-+ Z_DEFAULT_STRATEGY, version, stream_size);
-+ /* To do: ignore strm->next_in if we use it as window */
-+}
-+
-+/* ========================================================================= */
-+int ZEXPORT deflateInit2_(strm, level, method, windowBits, memLevel, strategy,
-+ version, stream_size)
-+ z_streamp strm;
-+ int level;
-+ int method;
-+ int windowBits;
-+ int memLevel;
-+ int strategy;
-+ const char *version;
-+ int stream_size;
-+{
-+ deflate_state *s;
-+ int noheader = 0;
-+ static const char* my_version = ZLIB_VERSION;
-+
-+ ushf *overlay;
-+ /* We overlay pending_buf and d_buf+l_buf. This works since the average
-+ * output size for (length,distance) codes is <= 24 bits.
-+ */
-+
-+ if (version == Z_NULL || version[0] != my_version[0] ||
-+ stream_size != sizeof(z_stream)) {
-+ return Z_VERSION_ERROR;
-+ }
-+ if (strm == Z_NULL) return Z_STREAM_ERROR;
-+
-+ strm->msg = Z_NULL;
-+ if (strm->zalloc == Z_NULL) {
-+ return Z_STREAM_ERROR;
-+/* strm->zalloc = zcalloc;
-+ strm->opaque = (voidpf)0;*/
-+ }
-+ if (strm->zfree == Z_NULL) return Z_STREAM_ERROR; /* strm->zfree = zcfree; */
-+
-+ if (level == Z_DEFAULT_COMPRESSION) level = 6;
-+#ifdef FASTEST
-+ level = 1;
-+#endif
-+
-+ if (windowBits < 0) { /* undocumented feature: suppress zlib header */
-+ noheader = 1;
-+ windowBits = -windowBits;
-+ }
-+ if (memLevel < 1 || memLevel > MAX_MEM_LEVEL || method != Z_DEFLATED ||
-+ windowBits < 9 || windowBits > 15 || level < 0 || level > 9 ||
-+ strategy < 0 || strategy > Z_HUFFMAN_ONLY) {
-+ return Z_STREAM_ERROR;
-+ }
-+ s = (deflate_state *) ZALLOC(strm, 1, sizeof(deflate_state));
-+ if (s == Z_NULL) return Z_MEM_ERROR;
-+ strm->state = (struct internal_state FAR *)s;
-+ s->strm = strm;
-+
-+ s->noheader = noheader;
-+ s->w_bits = windowBits;
-+ s->w_size = 1 << s->w_bits;
-+ s->w_mask = s->w_size - 1;
-+
-+ s->hash_bits = memLevel + 7;
-+ s->hash_size = 1 << s->hash_bits;
-+ s->hash_mask = s->hash_size - 1;
-+ s->hash_shift = ((s->hash_bits+MIN_MATCH-1)/MIN_MATCH);
-+
-+ s->window = (Bytef *) ZALLOC(strm, s->w_size, 2*sizeof(Byte));
-+ s->prev = (Posf *) ZALLOC(strm, s->w_size, sizeof(Pos));
-+ s->head = (Posf *) ZALLOC(strm, s->hash_size, sizeof(Pos));
-+
-+ s->lit_bufsize = 1 << (memLevel + 6); /* 16K elements by default */
-+
-+ overlay = (ushf *) ZALLOC(strm, s->lit_bufsize, sizeof(ush)+2);
-+ s->pending_buf = (uchf *) overlay;
-+ s->pending_buf_size = (ulg)s->lit_bufsize * (sizeof(ush)+2L);
-+
-+ if (s->window == Z_NULL || s->prev == Z_NULL || s->head == Z_NULL ||
-+ s->pending_buf == Z_NULL) {
-+ strm->msg = ERR_MSG(Z_MEM_ERROR);
-+ deflateEnd (strm);
-+ return Z_MEM_ERROR;
-+ }
-+ s->d_buf = overlay + s->lit_bufsize/sizeof(ush);
-+ s->l_buf = s->pending_buf + (1+sizeof(ush))*s->lit_bufsize;
-+
-+ s->level = level;
-+ s->strategy = strategy;
-+ s->method = (Byte)method;
-+
-+ return deflateReset(strm);
-+}
-+
-+/* ========================================================================= */
-+int ZEXPORT deflateSetDictionary (strm, dictionary, dictLength)
-+ z_streamp strm;
-+ const Bytef *dictionary;
-+ uInt dictLength;
-+{
-+ deflate_state *s;
-+ uInt length = dictLength;
-+ uInt n;
-+ IPos hash_head = 0;
-+
-+ if (strm == Z_NULL || strm->state == Z_NULL || dictionary == Z_NULL ||
-+ strm->state->status != INIT_STATE) return Z_STREAM_ERROR;
-+
-+ s = strm->state;
-+ strm->adler = adler32(strm->adler, dictionary, dictLength);
-+
-+ if (length < MIN_MATCH) return Z_OK;
-+ if (length > MAX_DIST(s)) {
-+ length = MAX_DIST(s);
-+#ifndef USE_DICT_HEAD
-+ dictionary += dictLength - length; /* use the tail of the dictionary */
-+#endif
-+ }
-+ zmemcpy(s->window, dictionary, length);
-+ s->strstart = length;
-+ s->block_start = (long)length;
-+
-+ /* Insert all strings in the hash table (except for the last two bytes).
-+ * s->lookahead stays null, so s->ins_h will be recomputed at the next
-+ * call of fill_window.
-+ */
-+ s->ins_h = s->window[0];
-+ UPDATE_HASH(s, s->ins_h, s->window[1]);
-+ for (n = 0; n <= length - MIN_MATCH; n++) {
-+ INSERT_STRING(s, n, hash_head);
-+ }
-+ if (hash_head) hash_head = 0; /* to make compiler happy */
-+ return Z_OK;
-+}
-+
-+/* ========================================================================= */
-+int ZEXPORT deflateReset (strm)
-+ z_streamp strm;
-+{
-+ deflate_state *s;
-+
-+ if (strm == Z_NULL || strm->state == Z_NULL ||
-+ strm->zalloc == Z_NULL || strm->zfree == Z_NULL) return Z_STREAM_ERROR;
-+
-+ strm->total_in = strm->total_out = 0;
-+ strm->msg = Z_NULL; /* use zfree if we ever allocate msg dynamically */
-+ strm->data_type = Z_UNKNOWN;
-+
-+ s = (deflate_state *)strm->state;
-+ s->pending = 0;
-+ s->pending_out = s->pending_buf;
-+
-+ if (s->noheader < 0) {
-+ s->noheader = 0; /* was set to -1 by deflate(..., Z_FINISH); */
-+ }
-+ s->status = s->noheader ? BUSY_STATE : INIT_STATE;
-+ strm->adler = 1;
-+ s->last_flush = Z_NO_FLUSH;
-+
-+ _tr_init(s);
-+ lm_init(s);
-+
-+ return Z_OK;
-+}
-+
-+/* ========================================================================= */
-+int ZEXPORT deflateParams(strm, level, strategy)
-+ z_streamp strm;
-+ int level;
-+ int strategy;
-+{
-+ deflate_state *s;
-+ compress_func func;
-+ int err = Z_OK;
-+
-+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
-+ s = strm->state;
-+
-+ if (level == Z_DEFAULT_COMPRESSION) {
-+ level = 6;
-+ }
-+ if (level < 0 || level > 9 || strategy < 0 || strategy > Z_HUFFMAN_ONLY) {
-+ return Z_STREAM_ERROR;
-+ }
-+ func = configuration_table[s->level].func;
-+
-+ if (func != configuration_table[level].func && strm->total_in != 0) {
-+ /* Flush the last buffer: */
-+ err = deflate(strm, Z_PARTIAL_FLUSH);
-+ }
-+ if (s->level != level) {
-+ s->level = level;
-+ s->max_lazy_match = configuration_table[level].max_lazy;
-+ s->good_match = configuration_table[level].good_length;
-+ s->nice_match = configuration_table[level].nice_length;
-+ s->max_chain_length = configuration_table[level].max_chain;
-+ }
-+ s->strategy = strategy;
-+ return err;
-+}
-+
-+/* =========================================================================
-+ * Put a short in the pending buffer. The 16-bit value is put in MSB order.
-+ * IN assertion: the stream state is correct and there is enough room in
-+ * pending_buf.
-+ */
-+local void putShortMSB (s, b)
-+ deflate_state *s;
-+ uInt b;
-+{
-+ put_byte(s, (Byte)(b >> 8));
-+ put_byte(s, (Byte)(b & 0xff));
-+}
-+
-+/* =========================================================================
-+ * Flush as much pending output as possible. All deflate() output goes
-+ * through this function so some applications may wish to modify it
-+ * to avoid allocating a large strm->next_out buffer and copying into it.
-+ * (See also read_buf()).
-+ */
-+local void flush_pending(strm)
-+ z_streamp strm;
-+{
-+ unsigned len = strm->state->pending;
-+
-+ if (len > strm->avail_out) len = strm->avail_out;
-+ if (len == 0) return;
-+
-+ zmemcpy(strm->next_out, strm->state->pending_out, len);
-+ strm->next_out += len;
-+ strm->state->pending_out += len;
-+ strm->total_out += len;
-+ strm->avail_out -= len;
-+ strm->state->pending -= len;
-+ if (strm->state->pending == 0) {
-+ strm->state->pending_out = strm->state->pending_buf;
-+ }
-+}
-+
-+/* ========================================================================= */
-+int ZEXPORT deflate (strm, flush)
-+ z_streamp strm;
-+ int flush;
-+{
-+ int old_flush; /* value of flush param for previous deflate call */
-+ deflate_state *s;
-+
-+ if (strm == Z_NULL || strm->state == Z_NULL ||
-+ flush > Z_FINISH || flush < 0) {
-+ return Z_STREAM_ERROR;
-+ }
-+ s = strm->state;
-+
-+ if (strm->next_out == Z_NULL ||
-+ (strm->next_in == Z_NULL && strm->avail_in != 0) ||
-+ (s->status == FINISH_STATE && flush != Z_FINISH)) {
-+ ERR_RETURN(strm, Z_STREAM_ERROR);
-+ }
-+ if (strm->avail_out == 0) ERR_RETURN(strm, Z_BUF_ERROR);
-+
-+ s->strm = strm; /* just in case */
-+ old_flush = s->last_flush;
-+ s->last_flush = flush;
-+
-+ /* Write the zlib header */
-+ if (s->status == INIT_STATE) {
-+
-+ uInt header = (Z_DEFLATED + ((s->w_bits-8)<<4)) << 8;
-+ uInt level_flags = (s->level-1) >> 1;
-+
-+ if (level_flags > 3) level_flags = 3;
-+ header |= (level_flags << 6);
-+ if (s->strstart != 0) header |= PRESET_DICT;
-+ header += 31 - (header % 31);
-+
-+ s->status = BUSY_STATE;
-+ putShortMSB(s, header);
-+
-+ /* Save the adler32 of the preset dictionary: */
-+ if (s->strstart != 0) {
-+ putShortMSB(s, (uInt)(strm->adler >> 16));
-+ putShortMSB(s, (uInt)(strm->adler & 0xffff));
-+ }
-+ strm->adler = 1L;
-+ }
-+
-+ /* Flush as much pending output as possible */
-+ if (s->pending != 0) {
-+ flush_pending(strm);
-+ if (strm->avail_out == 0) {
-+ /* Since avail_out is 0, deflate will be called again with
-+ * more output space, but possibly with both pending and
-+ * avail_in equal to zero. There won't be anything to do,
-+ * but this is not an error situation so make sure we
-+ * return OK instead of BUF_ERROR at next call of deflate:
-+ */
-+ s->last_flush = -1;
-+ return Z_OK;
-+ }
-+
-+ /* Make sure there is something to do and avoid duplicate consecutive
-+ * flushes. For repeated and useless calls with Z_FINISH, we keep
-+ * returning Z_STREAM_END instead of Z_BUFF_ERROR.
-+ */
-+ } else if (strm->avail_in == 0 && flush <= old_flush &&
-+ flush != Z_FINISH) {
-+ ERR_RETURN(strm, Z_BUF_ERROR);
-+ }
-+
-+ /* User must not provide more input after the first FINISH: */
-+ if (s->status == FINISH_STATE && strm->avail_in != 0) {
-+ ERR_RETURN(strm, Z_BUF_ERROR);
-+ }
-+
-+ /* Start a new block or continue the current one.
-+ */
-+ if (strm->avail_in != 0 || s->lookahead != 0 ||
-+ (flush != Z_NO_FLUSH && s->status != FINISH_STATE)) {
-+ block_state bstate;
-+
-+ bstate = (*(configuration_table[s->level].func))(s, flush);
-+
-+ if (bstate == finish_started || bstate == finish_done) {
-+ s->status = FINISH_STATE;
-+ }
-+ if (bstate == need_more || bstate == finish_started) {
-+ if (strm->avail_out == 0) {
-+ s->last_flush = -1; /* avoid BUF_ERROR next call, see above */
-+ }
-+ return Z_OK;
-+ /* If flush != Z_NO_FLUSH && avail_out == 0, the next call
-+ * of deflate should use the same flush parameter to make sure
-+ * that the flush is complete. So we don't have to output an
-+ * empty block here, this will be done at next call. This also
-+ * ensures that for a very small output buffer, we emit at most
-+ * one empty block.
-+ */
-+ }
-+ if (bstate == block_done) {
-+ if (flush == Z_PARTIAL_FLUSH) {
-+ _tr_align(s);
-+ } else { /* FULL_FLUSH or SYNC_FLUSH */
-+ _tr_stored_block(s, (char*)0, 0L, 0);
-+ /* For a full flush, this empty block will be recognized
-+ * as a special marker by inflate_sync().
-+ */
-+ if (flush == Z_FULL_FLUSH) {
-+ CLEAR_HASH(s); /* forget history */
-+ }
-+ }
-+ flush_pending(strm);
-+ if (strm->avail_out == 0) {
-+ s->last_flush = -1; /* avoid BUF_ERROR at next call, see above */
-+ return Z_OK;
-+ }
-+ }
-+ }
-+ Assert(strm->avail_out > 0, "bug2");
-+
-+ if (flush != Z_FINISH) return Z_OK;
-+ if (s->noheader) return Z_STREAM_END;
-+
-+ /* Write the zlib trailer (adler32) */
-+ putShortMSB(s, (uInt)(strm->adler >> 16));
-+ putShortMSB(s, (uInt)(strm->adler & 0xffff));
-+ flush_pending(strm);
-+ /* If avail_out is zero, the application will call deflate again
-+ * to flush the rest.
-+ */
-+ s->noheader = -1; /* write the trailer only once! */
-+ return s->pending != 0 ? Z_OK : Z_STREAM_END;
-+}
-+
-+/* ========================================================================= */
-+int ZEXPORT deflateEnd (strm)
-+ z_streamp strm;
-+{
-+ int status;
-+
-+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
-+
-+ status = strm->state->status;
-+ if (status != INIT_STATE && status != BUSY_STATE &&
-+ status != FINISH_STATE) {
-+ return Z_STREAM_ERROR;
-+ }
-+
-+ /* Deallocate in reverse order of allocations: */
-+ TRY_FREE(strm, strm->state->pending_buf);
-+ TRY_FREE(strm, strm->state->head);
-+ TRY_FREE(strm, strm->state->prev);
-+ TRY_FREE(strm, strm->state->window);
-+
-+ ZFREE(strm, strm->state);
-+ strm->state = Z_NULL;
-+
-+ return status == BUSY_STATE ? Z_DATA_ERROR : Z_OK;
-+}
-+
-+/* =========================================================================
-+ * Copy the source state to the destination state.
-+ * To simplify the source, this is not supported for 16-bit MSDOS (which
-+ * doesn't have enough memory anyway to duplicate compression states).
-+ */
-+int ZEXPORT deflateCopy (dest, source)
-+ z_streamp dest;
-+ z_streamp source;
-+{
-+#ifdef MAXSEG_64K
-+ return Z_STREAM_ERROR;
-+#else
-+ deflate_state *ds;
-+ deflate_state *ss;
-+ ushf *overlay;
-+
-+
-+ if (source == Z_NULL || dest == Z_NULL || source->state == Z_NULL) {
-+ return Z_STREAM_ERROR;
-+ }
-+
-+ ss = source->state;
-+
-+ *dest = *source;
-+
-+ ds = (deflate_state *) ZALLOC(dest, 1, sizeof(deflate_state));
-+ if (ds == Z_NULL) return Z_MEM_ERROR;
-+ dest->state = (struct internal_state FAR *) ds;
-+ *ds = *ss;
-+ ds->strm = dest;
-+
-+ ds->window = (Bytef *) ZALLOC(dest, ds->w_size, 2*sizeof(Byte));
-+ ds->prev = (Posf *) ZALLOC(dest, ds->w_size, sizeof(Pos));
-+ ds->head = (Posf *) ZALLOC(dest, ds->hash_size, sizeof(Pos));
-+ overlay = (ushf *) ZALLOC(dest, ds->lit_bufsize, sizeof(ush)+2);
-+ ds->pending_buf = (uchf *) overlay;
-+
-+ if (ds->window == Z_NULL || ds->prev == Z_NULL || ds->head == Z_NULL ||
-+ ds->pending_buf == Z_NULL) {
-+ deflateEnd (dest);
-+ return Z_MEM_ERROR;
-+ }
-+ /* following zmemcpy do not work for 16-bit MSDOS */
-+ zmemcpy(ds->window, ss->window, ds->w_size * 2 * sizeof(Byte));
-+ zmemcpy(ds->prev, ss->prev, ds->w_size * sizeof(Pos));
-+ zmemcpy(ds->head, ss->head, ds->hash_size * sizeof(Pos));
-+ zmemcpy(ds->pending_buf, ss->pending_buf, (uInt)ds->pending_buf_size);
-+
-+ ds->pending_out = ds->pending_buf + (ss->pending_out - ss->pending_buf);
-+ ds->d_buf = overlay + ds->lit_bufsize/sizeof(ush);
-+ ds->l_buf = ds->pending_buf + (1+sizeof(ush))*ds->lit_bufsize;
-+
-+ ds->l_desc.dyn_tree = ds->dyn_ltree;
-+ ds->d_desc.dyn_tree = ds->dyn_dtree;
-+ ds->bl_desc.dyn_tree = ds->bl_tree;
-+
-+ return Z_OK;
-+#endif
-+}
-+
-+/* ===========================================================================
-+ * Read a new buffer from the current input stream, update the adler32
-+ * and total number of bytes read. All deflate() input goes through
-+ * this function so some applications may wish to modify it to avoid
-+ * allocating a large strm->next_in buffer and copying from it.
-+ * (See also flush_pending()).
-+ */
-+local int read_buf(strm, buf, size)
-+ z_streamp strm;
-+ Bytef *buf;
-+ unsigned size;
-+{
-+ unsigned len = strm->avail_in;
-+
-+ if (len > size) len = size;
-+ if (len == 0) return 0;
-+
-+ strm->avail_in -= len;
-+
-+ if (!strm->state->noheader) {
-+ strm->adler = adler32(strm->adler, strm->next_in, len);
-+ }
-+ zmemcpy(buf, strm->next_in, len);
-+ strm->next_in += len;
-+ strm->total_in += len;
-+
-+ return (int)len;
-+}
-+
-+/* ===========================================================================
-+ * Initialize the "longest match" routines for a new zlib stream
-+ */
-+local void lm_init (s)
-+ deflate_state *s;
-+{
-+ s->window_size = (ulg)2L*s->w_size;
-+
-+ CLEAR_HASH(s);
-+
-+ /* Set the default configuration parameters:
-+ */
-+ s->max_lazy_match = configuration_table[s->level].max_lazy;
-+ s->good_match = configuration_table[s->level].good_length;
-+ s->nice_match = configuration_table[s->level].nice_length;
-+ s->max_chain_length = configuration_table[s->level].max_chain;
-+
-+ s->strstart = 0;
-+ s->block_start = 0L;
-+ s->lookahead = 0;
-+ s->match_length = s->prev_length = MIN_MATCH-1;
-+ s->match_available = 0;
-+ s->ins_h = 0;
-+#ifdef ASMV
-+ match_init(); /* initialize the asm code */
-+#endif
-+}
-+
-+/* ===========================================================================
-+ * Set match_start to the longest match starting at the given string and
-+ * return its length. Matches shorter or equal to prev_length are discarded,
-+ * in which case the result is equal to prev_length and match_start is
-+ * garbage.
-+ * IN assertions: cur_match is the head of the hash chain for the current
-+ * string (strstart) and its distance is <= MAX_DIST, and prev_length >= 1
-+ * OUT assertion: the match length is not greater than s->lookahead.
-+ */
-+#ifndef ASMV
-+/* For 80x86 and 680x0, an optimized version will be provided in match.asm or
-+ * match.S. The code will be functionally equivalent.
-+ */
-+#ifndef FASTEST
-+local uInt longest_match(s, cur_match)
-+ deflate_state *s;
-+ IPos cur_match; /* current match */
-+{
-+ unsigned chain_length = s->max_chain_length;/* max hash chain length */
-+ register Bytef *scan = s->window + s->strstart; /* current string */
-+ register Bytef *match; /* matched string */
-+ register int len; /* length of current match */
-+ int best_len = s->prev_length; /* best match length so far */
-+ int nice_match = s->nice_match; /* stop if match long enough */
-+ IPos limit = s->strstart > (IPos)MAX_DIST(s) ?
-+ s->strstart - (IPos)MAX_DIST(s) : NIL;
-+ /* Stop when cur_match becomes <= limit. To simplify the code,
-+ * we prevent matches with the string of window index 0.
-+ */
-+ Posf *prev = s->prev;
-+ uInt wmask = s->w_mask;
-+
-+#ifdef UNALIGNED_OK
-+ /* Compare two bytes at a time. Note: this is not always beneficial.
-+ * Try with and without -DUNALIGNED_OK to check.
-+ */
-+ register Bytef *strend = s->window + s->strstart + MAX_MATCH - 1;
-+ register ush scan_start = *(ushf*)scan;
-+ register ush scan_end = *(ushf*)(scan+best_len-1);
-+#else
-+ register Bytef *strend = s->window + s->strstart + MAX_MATCH;
-+ register Byte scan_end1 = scan[best_len-1];
-+ register Byte scan_end = scan[best_len];
-+#endif
-+
-+ /* The code is optimized for HASH_BITS >= 8 and MAX_MATCH-2 multiple of 16.
-+ * It is easy to get rid of this optimization if necessary.
-+ */
-+ Assert(s->hash_bits >= 8 && MAX_MATCH == 258, "Code too clever");
-+
-+ /* Do not waste too much time if we already have a good match: */
-+ if (s->prev_length >= s->good_match) {
-+ chain_length >>= 2;
-+ }
-+ /* Do not look for matches beyond the end of the input. This is necessary
-+ * to make deflate deterministic.
-+ */
-+ if ((uInt)nice_match > s->lookahead) nice_match = s->lookahead;
-+
-+ Assert((ulg)s->strstart <= s->window_size-MIN_LOOKAHEAD, "need lookahead");
-+
-+ do {
-+ Assert(cur_match < s->strstart, "no future");
-+ match = s->window + cur_match;
-+
-+ /* Skip to next match if the match length cannot increase
-+ * or if the match length is less than 2:
-+ */
-+#if (defined(UNALIGNED_OK) && MAX_MATCH == 258)
-+ /* This code assumes sizeof(unsigned short) == 2. Do not use
-+ * UNALIGNED_OK if your compiler uses a different size.
-+ */
-+ if (*(ushf*)(match+best_len-1) != scan_end ||
-+ *(ushf*)match != scan_start) continue;
-+
-+ /* It is not necessary to compare scan[2] and match[2] since they are
-+ * always equal when the other bytes match, given that the hash keys
-+ * are equal and that HASH_BITS >= 8. Compare 2 bytes at a time at
-+ * strstart+3, +5, ... up to strstart+257. We check for insufficient
-+ * lookahead only every 4th comparison; the 128th check will be made
-+ * at strstart+257. If MAX_MATCH-2 is not a multiple of 8, it is
-+ * necessary to put more guard bytes at the end of the window, or
-+ * to check more often for insufficient lookahead.
-+ */
-+ Assert(scan[2] == match[2], "scan[2]?");
-+ scan++, match++;
-+ do {
-+ } while (*(ushf*)(scan+=2) == *(ushf*)(match+=2) &&
-+ *(ushf*)(scan+=2) == *(ushf*)(match+=2) &&
-+ *(ushf*)(scan+=2) == *(ushf*)(match+=2) &&
-+ *(ushf*)(scan+=2) == *(ushf*)(match+=2) &&
-+ scan < strend);
-+ /* The funny "do {}" generates better code on most compilers */
-+
-+ /* Here, scan <= window+strstart+257 */
-+ Assert(scan <= s->window+(unsigned)(s->window_size-1), "wild scan");
-+ if (*scan == *match) scan++;
-+
-+ len = (MAX_MATCH - 1) - (int)(strend-scan);
-+ scan = strend - (MAX_MATCH-1);
-+
-+#else /* UNALIGNED_OK */
-+
-+ if (match[best_len] != scan_end ||
-+ match[best_len-1] != scan_end1 ||
-+ *match != *scan ||
-+ *++match != scan[1]) continue;
-+
-+ /* The check at best_len-1 can be removed because it will be made
-+ * again later. (This heuristic is not always a win.)
-+ * It is not necessary to compare scan[2] and match[2] since they
-+ * are always equal when the other bytes match, given that
-+ * the hash keys are equal and that HASH_BITS >= 8.
-+ */
-+ scan += 2, match++;
-+ Assert(*scan == *match, "match[2]?");
-+
-+ /* We check for insufficient lookahead only every 8th comparison;
-+ * the 256th check will be made at strstart+258.
-+ */
-+ do {
-+ } while (*++scan == *++match && *++scan == *++match &&
-+ *++scan == *++match && *++scan == *++match &&
-+ *++scan == *++match && *++scan == *++match &&
-+ *++scan == *++match && *++scan == *++match &&
-+ scan < strend);
-+
-+ Assert(scan <= s->window+(unsigned)(s->window_size-1), "wild scan");
-+
-+ len = MAX_MATCH - (int)(strend - scan);
-+ scan = strend - MAX_MATCH;
-+
-+#endif /* UNALIGNED_OK */
-+
-+ if (len > best_len) {
-+ s->match_start = cur_match;
-+ best_len = len;
-+ if (len >= nice_match) break;
-+#ifdef UNALIGNED_OK
-+ scan_end = *(ushf*)(scan+best_len-1);
-+#else
-+ scan_end1 = scan[best_len-1];
-+ scan_end = scan[best_len];
-+#endif
-+ }
-+ } while ((cur_match = prev[cur_match & wmask]) > limit
-+ && --chain_length != 0);
-+
-+ if ((uInt)best_len <= s->lookahead) return (uInt)best_len;
-+ return s->lookahead;
-+}
-+
-+#else /* FASTEST */
-+/* ---------------------------------------------------------------------------
-+ * Optimized version for level == 1 only
-+ */
-+local uInt longest_match(s, cur_match)
-+ deflate_state *s;
-+ IPos cur_match; /* current match */
-+{
-+ register Bytef *scan = s->window + s->strstart; /* current string */
-+ register Bytef *match; /* matched string */
-+ register int len; /* length of current match */
-+ register Bytef *strend = s->window + s->strstart + MAX_MATCH;
-+
-+ /* The code is optimized for HASH_BITS >= 8 and MAX_MATCH-2 multiple of 16.
-+ * It is easy to get rid of this optimization if necessary.
-+ */
-+ Assert(s->hash_bits >= 8 && MAX_MATCH == 258, "Code too clever");
-+
-+ Assert((ulg)s->strstart <= s->window_size-MIN_LOOKAHEAD, "need lookahead");
-+
-+ Assert(cur_match < s->strstart, "no future");
-+
-+ match = s->window + cur_match;
-+
-+ /* Return failure if the match length is less than 2:
-+ */
-+ if (match[0] != scan[0] || match[1] != scan[1]) return MIN_MATCH-1;
-+
-+ /* The check at best_len-1 can be removed because it will be made
-+ * again later. (This heuristic is not always a win.)
-+ * It is not necessary to compare scan[2] and match[2] since they
-+ * are always equal when the other bytes match, given that
-+ * the hash keys are equal and that HASH_BITS >= 8.
-+ */
-+ scan += 2, match += 2;
-+ Assert(*scan == *match, "match[2]?");
-+
-+ /* We check for insufficient lookahead only every 8th comparison;
-+ * the 256th check will be made at strstart+258.
-+ */
-+ do {
-+ } while (*++scan == *++match && *++scan == *++match &&
-+ *++scan == *++match && *++scan == *++match &&
-+ *++scan == *++match && *++scan == *++match &&
-+ *++scan == *++match && *++scan == *++match &&
-+ scan < strend);
-+
-+ Assert(scan <= s->window+(unsigned)(s->window_size-1), "wild scan");
-+
-+ len = MAX_MATCH - (int)(strend - scan);
-+
-+ if (len < MIN_MATCH) return MIN_MATCH - 1;
-+
-+ s->match_start = cur_match;
-+ return len <= s->lookahead ? len : s->lookahead;
-+}
-+#endif /* FASTEST */
-+#endif /* ASMV */
-+
-+#ifdef DEBUG
-+/* ===========================================================================
-+ * Check that the match at match_start is indeed a match.
-+ */
-+local void check_match(s, start, match, length)
-+ deflate_state *s;
-+ IPos start, match;
-+ int length;
-+{
-+ /* check that the match is indeed a match */
-+ if (zmemcmp(s->window + match,
-+ s->window + start, length) != EQUAL) {
-+ fprintf(stderr, " start %u, match %u, length %d\n",
-+ start, match, length);
-+ do {
-+ fprintf(stderr, "%c%c", s->window[match++], s->window[start++]);
-+ } while (--length != 0);
-+ z_error("invalid match");
-+ }
-+ if (z_verbose > 1) {
-+ fprintf(stderr,"\\[%d,%d]", start-match, length);
-+ do { putc(s->window[start++], stderr); } while (--length != 0);
-+ }
-+}
-+#else
-+# define check_match(s, start, match, length)
-+#endif
-+
-+/* ===========================================================================
-+ * Fill the window when the lookahead becomes insufficient.
-+ * Updates strstart and lookahead.
-+ *
-+ * IN assertion: lookahead < MIN_LOOKAHEAD
-+ * OUT assertions: strstart <= window_size-MIN_LOOKAHEAD
-+ * At least one byte has been read, or avail_in == 0; reads are
-+ * performed for at least two bytes (required for the zip translate_eol
-+ * option -- not supported here).
-+ */
-+local void fill_window(s)
-+ deflate_state *s;
-+{
-+ register unsigned n, m;
-+ register Posf *p;
-+ unsigned more; /* Amount of free space at the end of the window. */
-+ uInt wsize = s->w_size;
-+
-+ do {
-+ more = (unsigned)(s->window_size -(ulg)s->lookahead -(ulg)s->strstart);
-+
-+ /* Deal with !@#$% 64K limit: */
-+ if (more == 0 && s->strstart == 0 && s->lookahead == 0) {
-+ more = wsize;
-+
-+ } else if (more == (unsigned)(-1)) {
-+ /* Very unlikely, but possible on 16 bit machine if strstart == 0
-+ * and lookahead == 1 (input done one byte at time)
-+ */
-+ more--;
-+
-+ /* If the window is almost full and there is insufficient lookahead,
-+ * move the upper half to the lower one to make room in the upper half.
-+ */
-+ } else if (s->strstart >= wsize+MAX_DIST(s)) {
-+
-+ zmemcpy(s->window, s->window+wsize, (unsigned)wsize);
-+ s->match_start -= wsize;
-+ s->strstart -= wsize; /* we now have strstart >= MAX_DIST */
-+ s->block_start -= (long) wsize;
-+
-+ /* Slide the hash table (could be avoided with 32 bit values
-+ at the expense of memory usage). We slide even when level == 0
-+ to keep the hash table consistent if we switch back to level > 0
-+ later. (Using level 0 permanently is not an optimal usage of
-+ zlib, so we don't care about this pathological case.)
-+ */
-+ n = s->hash_size;
-+ p = &s->head[n];
-+ do {
-+ m = *--p;
-+ *p = (Pos)(m >= wsize ? m-wsize : NIL);
-+ } while (--n);
-+
-+ n = wsize;
-+#ifndef FASTEST
-+ p = &s->prev[n];
-+ do {
-+ m = *--p;
-+ *p = (Pos)(m >= wsize ? m-wsize : NIL);
-+ /* If n is not on any hash chain, prev[n] is garbage but
-+ * its value will never be used.
-+ */
-+ } while (--n);
-+#endif
-+ more += wsize;
-+ }
-+ if (s->strm->avail_in == 0) return;
-+
-+ /* If there was no sliding:
-+ * strstart <= WSIZE+MAX_DIST-1 && lookahead <= MIN_LOOKAHEAD - 1 &&
-+ * more == window_size - lookahead - strstart
-+ * => more >= window_size - (MIN_LOOKAHEAD-1 + WSIZE + MAX_DIST-1)
-+ * => more >= window_size - 2*WSIZE + 2
-+ * In the BIG_MEM or MMAP case (not yet supported),
-+ * window_size == input_size + MIN_LOOKAHEAD &&
-+ * strstart + s->lookahead <= input_size => more >= MIN_LOOKAHEAD.
-+ * Otherwise, window_size == 2*WSIZE so more >= 2.
-+ * If there was sliding, more >= WSIZE. So in all cases, more >= 2.
-+ */
-+ Assert(more >= 2, "more < 2");
-+
-+ n = read_buf(s->strm, s->window + s->strstart + s->lookahead, more);
-+ s->lookahead += n;
-+
-+ /* Initialize the hash value now that we have some input: */
-+ if (s->lookahead >= MIN_MATCH) {
-+ s->ins_h = s->window[s->strstart];
-+ UPDATE_HASH(s, s->ins_h, s->window[s->strstart+1]);
-+#if MIN_MATCH != 3
-+ Call UPDATE_HASH() MIN_MATCH-3 more times
-+#endif
-+ }
-+ /* If the whole input has less than MIN_MATCH bytes, ins_h is garbage,
-+ * but this is not important since only literal bytes will be emitted.
-+ */
-+
-+ } while (s->lookahead < MIN_LOOKAHEAD && s->strm->avail_in != 0);
-+}
-+
-+/* ===========================================================================
-+ * Flush the current block, with given end-of-file flag.
-+ * IN assertion: strstart is set to the end of the current match.
-+ */
-+#define FLUSH_BLOCK_ONLY(s, eof) { \
-+ _tr_flush_block(s, (s->block_start >= 0L ? \
-+ (charf *)&s->window[(unsigned)s->block_start] : \
-+ (charf *)Z_NULL), \
-+ (ulg)((long)s->strstart - s->block_start), \
-+ (eof)); \
-+ s->block_start = s->strstart; \
-+ flush_pending(s->strm); \
-+ Tracev((stderr,"[FLUSH]")); \
-+}
-+
-+/* Same but force premature exit if necessary. */
-+#define FLUSH_BLOCK(s, eof) { \
-+ FLUSH_BLOCK_ONLY(s, eof); \
-+ if (s->strm->avail_out == 0) return (eof) ? finish_started : need_more; \
-+}
-+
-+/* ===========================================================================
-+ * Copy without compression as much as possible from the input stream, return
-+ * the current block state.
-+ * This function does not insert new strings in the dictionary since
-+ * uncompressible data is probably not useful. This function is used
-+ * only for the level=0 compression option.
-+ * NOTE: this function should be optimized to avoid extra copying from
-+ * window to pending_buf.
-+ */
-+local block_state deflate_stored(s, flush)
-+ deflate_state *s;
-+ int flush;
-+{
-+ /* Stored blocks are limited to 0xffff bytes, pending_buf is limited
-+ * to pending_buf_size, and each stored block has a 5 byte header:
-+ */
-+ ulg max_block_size = 0xffff;
-+ ulg max_start;
-+
-+ if (max_block_size > s->pending_buf_size - 5) {
-+ max_block_size = s->pending_buf_size - 5;
-+ }
-+
-+ /* Copy as much as possible from input to output: */
-+ for (;;) {
-+ /* Fill the window as much as possible: */
-+ if (s->lookahead <= 1) {
-+
-+ Assert(s->strstart < s->w_size+MAX_DIST(s) ||
-+ s->block_start >= (long)s->w_size, "slide too late");
-+
-+ fill_window(s);
-+ if (s->lookahead == 0 && flush == Z_NO_FLUSH) return need_more;
-+
-+ if (s->lookahead == 0) break; /* flush the current block */
-+ }
-+ Assert(s->block_start >= 0L, "block gone");
-+
-+ s->strstart += s->lookahead;
-+ s->lookahead = 0;
-+
-+ /* Emit a stored block if pending_buf will be full: */
-+ max_start = s->block_start + max_block_size;
-+ if (s->strstart == 0 || (ulg)s->strstart >= max_start) {
-+ /* strstart == 0 is possible when wraparound on 16-bit machine */
-+ s->lookahead = (uInt)(s->strstart - max_start);
-+ s->strstart = (uInt)max_start;
-+ FLUSH_BLOCK(s, 0);
-+ }
-+ /* Flush if we may have to slide, otherwise block_start may become
-+ * negative and the data will be gone:
-+ */
-+ if (s->strstart - (uInt)s->block_start >= MAX_DIST(s)) {
-+ FLUSH_BLOCK(s, 0);
-+ }
-+ }
-+ FLUSH_BLOCK(s, flush == Z_FINISH);
-+ return flush == Z_FINISH ? finish_done : block_done;
-+}
-+
-+/* ===========================================================================
-+ * Compress as much as possible from the input stream, return the current
-+ * block state.
-+ * This function does not perform lazy evaluation of matches and inserts
-+ * new strings in the dictionary only for unmatched strings or for short
-+ * matches. It is used only for the fast compression options.
-+ */
-+local block_state deflate_fast(s, flush)
-+ deflate_state *s;
-+ int flush;
-+{
-+ IPos hash_head = NIL; /* head of the hash chain */
-+ int bflush; /* set if current block must be flushed */
-+
-+ for (;;) {
-+ /* Make sure that we always have enough lookahead, except
-+ * at the end of the input file. We need MAX_MATCH bytes
-+ * for the next match, plus MIN_MATCH bytes to insert the
-+ * string following the next match.
-+ */
-+ if (s->lookahead < MIN_LOOKAHEAD) {
-+ fill_window(s);
-+ if (s->lookahead < MIN_LOOKAHEAD && flush == Z_NO_FLUSH) {
-+ return need_more;
-+ }
-+ if (s->lookahead == 0) break; /* flush the current block */
-+ }
-+
-+ /* Insert the string window[strstart .. strstart+2] in the
-+ * dictionary, and set hash_head to the head of the hash chain:
-+ */
-+ if (s->lookahead >= MIN_MATCH) {
-+ INSERT_STRING(s, s->strstart, hash_head);
-+ }
-+
-+ /* Find the longest match, discarding those <= prev_length.
-+ * At this point we have always match_length < MIN_MATCH
-+ */
-+ if (hash_head != NIL && s->strstart - hash_head <= MAX_DIST(s)) {
-+ /* To simplify the code, we prevent matches with the string
-+ * of window index 0 (in particular we have to avoid a match
-+ * of the string with itself at the start of the input file).
-+ */
-+ if (s->strategy != Z_HUFFMAN_ONLY) {
-+ s->match_length = longest_match (s, hash_head);
-+ }
-+ /* longest_match() sets match_start */
-+ }
-+ if (s->match_length >= MIN_MATCH) {
-+ check_match(s, s->strstart, s->match_start, s->match_length);
-+
-+ _tr_tally_dist(s, s->strstart - s->match_start,
-+ s->match_length - MIN_MATCH, bflush);
-+
-+ s->lookahead -= s->match_length;
-+
-+ /* Insert new strings in the hash table only if the match length
-+ * is not too large. This saves time but degrades compression.
-+ */
-+#ifndef FASTEST
-+ if (s->match_length <= s->max_insert_length &&
-+ s->lookahead >= MIN_MATCH) {
-+ s->match_length--; /* string at strstart already in hash table */
-+ do {
-+ s->strstart++;
-+ INSERT_STRING(s, s->strstart, hash_head);
-+ /* strstart never exceeds WSIZE-MAX_MATCH, so there are
-+ * always MIN_MATCH bytes ahead.
-+ */
-+ } while (--s->match_length != 0);
-+ s->strstart++;
-+ } else
-+#endif
-+ {
-+ s->strstart += s->match_length;
-+ s->match_length = 0;
-+ s->ins_h = s->window[s->strstart];
-+ UPDATE_HASH(s, s->ins_h, s->window[s->strstart+1]);
-+#if MIN_MATCH != 3
-+ Call UPDATE_HASH() MIN_MATCH-3 more times
-+#endif
-+ /* If lookahead < MIN_MATCH, ins_h is garbage, but it does not
-+ * matter since it will be recomputed at next deflate call.
-+ */
-+ }
-+ } else {
-+ /* No match, output a literal byte */
-+ Tracevv((stderr,"%c", s->window[s->strstart]));
-+ _tr_tally_lit (s, s->window[s->strstart], bflush);
-+ s->lookahead--;
-+ s->strstart++;
-+ }
-+ if (bflush) FLUSH_BLOCK(s, 0);
-+ }
-+ FLUSH_BLOCK(s, flush == Z_FINISH);
-+ return flush == Z_FINISH ? finish_done : block_done;
-+}
-+
-+/* ===========================================================================
-+ * Same as above, but achieves better compression. We use a lazy
-+ * evaluation for matches: a match is finally adopted only if there is
-+ * no better match at the next window position.
-+ */
-+local block_state deflate_slow(s, flush)
-+ deflate_state *s;
-+ int flush;
-+{
-+ IPos hash_head = NIL; /* head of hash chain */
-+ int bflush; /* set if current block must be flushed */
-+
-+ /* Process the input block. */
-+ for (;;) {
-+ /* Make sure that we always have enough lookahead, except
-+ * at the end of the input file. We need MAX_MATCH bytes
-+ * for the next match, plus MIN_MATCH bytes to insert the
-+ * string following the next match.
-+ */
-+ if (s->lookahead < MIN_LOOKAHEAD) {
-+ fill_window(s);
-+ if (s->lookahead < MIN_LOOKAHEAD && flush == Z_NO_FLUSH) {
-+ return need_more;
-+ }
-+ if (s->lookahead == 0) break; /* flush the current block */
-+ }
-+
-+ /* Insert the string window[strstart .. strstart+2] in the
-+ * dictionary, and set hash_head to the head of the hash chain:
-+ */
-+ if (s->lookahead >= MIN_MATCH) {
-+ INSERT_STRING(s, s->strstart, hash_head);
-+ }
-+
-+ /* Find the longest match, discarding those <= prev_length.
-+ */
-+ s->prev_length = s->match_length, s->prev_match = s->match_start;
-+ s->match_length = MIN_MATCH-1;
-+
-+ if (hash_head != NIL && s->prev_length < s->max_lazy_match &&
-+ s->strstart - hash_head <= MAX_DIST(s)) {
-+ /* To simplify the code, we prevent matches with the string
-+ * of window index 0 (in particular we have to avoid a match
-+ * of the string with itself at the start of the input file).
-+ */
-+ if (s->strategy != Z_HUFFMAN_ONLY) {
-+ s->match_length = longest_match (s, hash_head);
-+ }
-+ /* longest_match() sets match_start */
-+
-+ if (s->match_length <= 5 && (s->strategy == Z_FILTERED ||
-+ (s->match_length == MIN_MATCH &&
-+ s->strstart - s->match_start > TOO_FAR))) {
-+
-+ /* If prev_match is also MIN_MATCH, match_start is garbage
-+ * but we will ignore the current match anyway.
-+ */
-+ s->match_length = MIN_MATCH-1;
-+ }
-+ }
-+ /* If there was a match at the previous step and the current
-+ * match is not better, output the previous match:
-+ */
-+ if (s->prev_length >= MIN_MATCH && s->match_length <= s->prev_length) {
-+ uInt max_insert = s->strstart + s->lookahead - MIN_MATCH;
-+ /* Do not insert strings in hash table beyond this. */
-+
-+ check_match(s, s->strstart-1, s->prev_match, s->prev_length);
-+
-+ _tr_tally_dist(s, s->strstart -1 - s->prev_match,
-+ s->prev_length - MIN_MATCH, bflush);
-+
-+ /* Insert in hash table all strings up to the end of the match.
-+ * strstart-1 and strstart are already inserted. If there is not
-+ * enough lookahead, the last two strings are not inserted in
-+ * the hash table.
-+ */
-+ s->lookahead -= s->prev_length-1;
-+ s->prev_length -= 2;
-+ do {
-+ if (++s->strstart <= max_insert) {
-+ INSERT_STRING(s, s->strstart, hash_head);
-+ }
-+ } while (--s->prev_length != 0);
-+ s->match_available = 0;
-+ s->match_length = MIN_MATCH-1;
-+ s->strstart++;
-+
-+ if (bflush) FLUSH_BLOCK(s, 0);
-+
-+ } else if (s->match_available) {
-+ /* If there was no match at the previous position, output a
-+ * single literal. If there was a match but the current match
-+ * is longer, truncate the previous match to a single literal.
-+ */
-+ Tracevv((stderr,"%c", s->window[s->strstart-1]));
-+ _tr_tally_lit(s, s->window[s->strstart-1], bflush);
-+ if (bflush) {
-+ FLUSH_BLOCK_ONLY(s, 0);
-+ }
-+ s->strstart++;
-+ s->lookahead--;
-+ if (s->strm->avail_out == 0) return need_more;
-+ } else {
-+ /* There is no previous match to compare with, wait for
-+ * the next step to decide.
-+ */
-+ s->match_available = 1;
-+ s->strstart++;
-+ s->lookahead--;
-+ }
-+ }
-+ Assert (flush != Z_NO_FLUSH, "no flush?");
-+ if (s->match_available) {
-+ Tracevv((stderr,"%c", s->window[s->strstart-1]));
-+ _tr_tally_lit(s, s->window[s->strstart-1], bflush);
-+ s->match_available = 0;
-+ }
-+ FLUSH_BLOCK(s, flush == Z_FINISH);
-+ return flush == Z_FINISH ? finish_done : block_done;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/deflate.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,318 @@
-+/* deflate.h -- internal compression state
-+ * Copyright (C) 1995-2002 Jean-loup Gailly
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+/* WARNING: this file should *not* be used by applications. It is
-+ part of the implementation of the compression library and is
-+ subject to change. Applications should only use zlib.h.
-+ */
-+
-+/* @(#) $Id: deflate.h,v 1.5 2004-07-10 07:48:38 mcr Exp $ */
-+
-+#ifndef _DEFLATE_H
-+#define _DEFLATE_H
-+
-+#include "zlib/zutil.h"
-+
-+/* ===========================================================================
-+ * Internal compression state.
-+ */
-+
-+#define LENGTH_CODES 29
-+/* number of length codes, not counting the special END_BLOCK code */
-+
-+#define LITERALS 256
-+/* number of literal bytes 0..255 */
-+
-+#define L_CODES (LITERALS+1+LENGTH_CODES)
-+/* number of Literal or Length codes, including the END_BLOCK code */
-+
-+#define D_CODES 30
-+/* number of distance codes */
-+
-+#define BL_CODES 19
-+/* number of codes used to transfer the bit lengths */
-+
-+#define HEAP_SIZE (2*L_CODES+1)
-+/* maximum heap size */
-+
-+#define MAX_BITS 15
-+/* All codes must not exceed MAX_BITS bits */
-+
-+#define INIT_STATE 42
-+#define BUSY_STATE 113
-+#define FINISH_STATE 666
-+/* Stream status */
-+
-+
-+/* Data structure describing a single value and its code string. */
-+typedef struct ct_data_s {
-+ union {
-+ ush freq; /* frequency count */
-+ ush code; /* bit string */
-+ } fc;
-+ union {
-+ ush dad; /* father node in Huffman tree */
-+ ush len; /* length of bit string */
-+ } dl;
-+} FAR ct_data;
-+
-+#define Freq fc.freq
-+#define Code fc.code
-+#define Dad dl.dad
-+#define Len dl.len
-+
-+typedef struct static_tree_desc_s static_tree_desc;
-+
-+typedef struct tree_desc_s {
-+ ct_data *dyn_tree; /* the dynamic tree */
-+ int max_code; /* largest code with non zero frequency */
-+ static_tree_desc *stat_desc; /* the corresponding static tree */
-+} FAR tree_desc;
-+
-+typedef ush Pos;
-+typedef Pos FAR Posf;
-+typedef unsigned IPos;
-+
-+/* A Pos is an index in the character window. We use short instead of int to
-+ * save space in the various tables. IPos is used only for parameter passing.
-+ */
-+
-+typedef struct internal_state {
-+ z_streamp strm; /* pointer back to this zlib stream */
-+ int status; /* as the name implies */
-+ Bytef *pending_buf; /* output still pending */
-+ ulg pending_buf_size; /* size of pending_buf */
-+ Bytef *pending_out; /* next pending byte to output to the stream */
-+ int pending; /* nb of bytes in the pending buffer */
-+ int noheader; /* suppress zlib header and adler32 */
-+ Byte data_type; /* UNKNOWN, BINARY or ASCII */
-+ Byte method; /* STORED (for zip only) or DEFLATED */
-+ int last_flush; /* value of flush param for previous deflate call */
-+
-+ /* used by deflate.c: */
-+
-+ uInt w_size; /* LZ77 window size (32K by default) */
-+ uInt w_bits; /* log2(w_size) (8..16) */
-+ uInt w_mask; /* w_size - 1 */
-+
-+ Bytef *window;
-+ /* Sliding window. Input bytes are read into the second half of the window,
-+ * and move to the first half later to keep a dictionary of at least wSize
-+ * bytes. With this organization, matches are limited to a distance of
-+ * wSize-MAX_MATCH bytes, but this ensures that IO is always
-+ * performed with a length multiple of the block size. Also, it limits
-+ * the window size to 64K, which is quite useful on MSDOS.
-+ * To do: use the user input buffer as sliding window.
-+ */
-+
-+ ulg window_size;
-+ /* Actual size of window: 2*wSize, except when the user input buffer
-+ * is directly used as sliding window.
-+ */
-+
-+ Posf *prev;
-+ /* Link to older string with same hash index. To limit the size of this
-+ * array to 64K, this link is maintained only for the last 32K strings.
-+ * An index in this array is thus a window index modulo 32K.
-+ */
-+
-+ Posf *head; /* Heads of the hash chains or NIL. */
-+
-+ uInt ins_h; /* hash index of string to be inserted */
-+ uInt hash_size; /* number of elements in hash table */
-+ uInt hash_bits; /* log2(hash_size) */
-+ uInt hash_mask; /* hash_size-1 */
-+
-+ uInt hash_shift;
-+ /* Number of bits by which ins_h must be shifted at each input
-+ * step. It must be such that after MIN_MATCH steps, the oldest
-+ * byte no longer takes part in the hash key, that is:
-+ * hash_shift * MIN_MATCH >= hash_bits
-+ */
-+
-+ long block_start;
-+ /* Window position at the beginning of the current output block. Gets
-+ * negative when the window is moved backwards.
-+ */
-+
-+ uInt match_length; /* length of best match */
-+ IPos prev_match; /* previous match */
-+ int match_available; /* set if previous match exists */
-+ uInt strstart; /* start of string to insert */
-+ uInt match_start; /* start of matching string */
-+ uInt lookahead; /* number of valid bytes ahead in window */
-+
-+ uInt prev_length;
-+ /* Length of the best match at previous step. Matches not greater than this
-+ * are discarded. This is used in the lazy match evaluation.
-+ */
-+
-+ uInt max_chain_length;
-+ /* To speed up deflation, hash chains are never searched beyond this
-+ * length. A higher limit improves compression ratio but degrades the
-+ * speed.
-+ */
-+
-+ uInt max_lazy_match;
-+ /* Attempt to find a better match only when the current match is strictly
-+ * smaller than this value. This mechanism is used only for compression
-+ * levels >= 4.
-+ */
-+# define max_insert_length max_lazy_match
-+ /* Insert new strings in the hash table only if the match length is not
-+ * greater than this length. This saves time but degrades compression.
-+ * max_insert_length is used only for compression levels <= 3.
-+ */
-+
-+ int level; /* compression level (1..9) */
-+ int strategy; /* favor or force Huffman coding*/
-+
-+ uInt good_match;
-+ /* Use a faster search when the previous match is longer than this */
-+
-+ int nice_match; /* Stop searching when current match exceeds this */
-+
-+ /* used by trees.c: */
-+ /* Didn't use ct_data typedef below to supress compiler warning */
-+ struct ct_data_s dyn_ltree[HEAP_SIZE]; /* literal and length tree */
-+ struct ct_data_s dyn_dtree[2*D_CODES+1]; /* distance tree */
-+ struct ct_data_s bl_tree[2*BL_CODES+1]; /* Huffman tree for bit lengths */
-+
-+ struct tree_desc_s l_desc; /* desc. for literal tree */
-+ struct tree_desc_s d_desc; /* desc. for distance tree */
-+ struct tree_desc_s bl_desc; /* desc. for bit length tree */
-+
-+ ush bl_count[MAX_BITS+1];
-+ /* number of codes at each bit length for an optimal tree */
-+
-+ int heap[2*L_CODES+1]; /* heap used to build the Huffman trees */
-+ int heap_len; /* number of elements in the heap */
-+ int heap_max; /* element of largest frequency */
-+ /* The sons of heap[n] are heap[2*n] and heap[2*n+1]. heap[0] is not used.
-+ * The same heap array is used to build all trees.
-+ */
-+
-+ uch depth[2*L_CODES+1];
-+ /* Depth of each subtree used as tie breaker for trees of equal frequency
-+ */
-+
-+ uchf *l_buf; /* buffer for literals or lengths */
-+
-+ uInt lit_bufsize;
-+ /* Size of match buffer for literals/lengths. There are 4 reasons for
-+ * limiting lit_bufsize to 64K:
-+ * - frequencies can be kept in 16 bit counters
-+ * - if compression is not successful for the first block, all input
-+ * data is still in the window so we can still emit a stored block even
-+ * when input comes from standard input. (This can also be done for
-+ * all blocks if lit_bufsize is not greater than 32K.)
-+ * - if compression is not successful for a file smaller than 64K, we can
-+ * even emit a stored file instead of a stored block (saving 5 bytes).
-+ * This is applicable only for zip (not gzip or zlib).
-+ * - creating new Huffman trees less frequently may not provide fast
-+ * adaptation to changes in the input data statistics. (Take for
-+ * example a binary file with poorly compressible code followed by
-+ * a highly compressible string table.) Smaller buffer sizes give
-+ * fast adaptation but have of course the overhead of transmitting
-+ * trees more frequently.
-+ * - I can't count above 4
-+ */
-+
-+ uInt last_lit; /* running index in l_buf */
-+
-+ ushf *d_buf;
-+ /* Buffer for distances. To simplify the code, d_buf and l_buf have
-+ * the same number of elements. To use different lengths, an extra flag
-+ * array would be necessary.
-+ */
-+
-+ ulg opt_len; /* bit length of current block with optimal trees */
-+ ulg static_len; /* bit length of current block with static trees */
-+ uInt matches; /* number of string matches in current block */
-+ int last_eob_len; /* bit length of EOB code for last block */
-+
-+#ifdef DEBUG
-+ ulg compressed_len; /* total bit length of compressed file mod 2^32 */
-+ ulg bits_sent; /* bit length of compressed data sent mod 2^32 */
-+#endif
-+
-+ ush bi_buf;
-+ /* Output buffer. bits are inserted starting at the bottom (least
-+ * significant bits).
-+ */
-+ int bi_valid;
-+ /* Number of valid bits in bi_buf. All bits above the last valid bit
-+ * are always zero.
-+ */
-+
-+} FAR deflate_state;
-+
-+/* Output a byte on the stream.
-+ * IN assertion: there is enough room in pending_buf.
-+ */
-+#define put_byte(s, c) {s->pending_buf[s->pending++] = (c);}
-+
-+
-+#define MIN_LOOKAHEAD (MAX_MATCH+MIN_MATCH+1)
-+/* Minimum amount of lookahead, except at the end of the input file.
-+ * See deflate.c for comments about the MIN_MATCH+1.
-+ */
-+
-+#define MAX_DIST(s) ((s)->w_size-MIN_LOOKAHEAD)
-+/* In order to simplify the code, particularly on 16 bit machines, match
-+ * distances are limited to MAX_DIST instead of WSIZE.
-+ */
-+
-+ /* in trees.c */
-+void _tr_init OF((deflate_state *s));
-+int _tr_tally OF((deflate_state *s, unsigned dist, unsigned lc));
-+void _tr_flush_block OF((deflate_state *s, charf *buf, ulg stored_len,
-+ int eof));
-+void _tr_align OF((deflate_state *s));
-+void _tr_stored_block OF((deflate_state *s, charf *buf, ulg stored_len,
-+ int eof));
-+
-+#define d_code(dist) \
-+ ((dist) < 256 ? _dist_code[dist] : _dist_code[256+((dist)>>7)])
-+/* Mapping from a distance to a distance code. dist is the distance - 1 and
-+ * must not have side effects. _dist_code[256] and _dist_code[257] are never
-+ * used.
-+ */
-+
-+#ifndef DEBUG
-+/* Inline versions of _tr_tally for speed: */
-+
-+#if defined(GEN_TREES_H) || !defined(STDC)
-+ extern uch _length_code[];
-+ extern uch _dist_code[];
-+#else
-+ extern const uch _length_code[];
-+ extern const uch _dist_code[];
-+#endif
-+
-+# define _tr_tally_lit(s, c, flush) \
-+ { uch cc = (c); \
-+ s->d_buf[s->last_lit] = 0; \
-+ s->l_buf[s->last_lit++] = cc; \
-+ s->dyn_ltree[cc].Freq++; \
-+ flush = (s->last_lit == s->lit_bufsize-1); \
-+ }
-+# define _tr_tally_dist(s, distance, length, flush) \
-+ { uch len = (length); \
-+ ush dist = (distance); \
-+ s->d_buf[s->last_lit] = dist; \
-+ s->l_buf[s->last_lit++] = len; \
-+ dist--; \
-+ s->dyn_ltree[_length_code[len]+LITERALS+1].Freq++; \
-+ s->dyn_dtree[d_code(dist)].Freq++; \
-+ flush = (s->last_lit == s->lit_bufsize-1); \
-+ }
-+#else
-+# define _tr_tally_lit(s, c, flush) flush = _tr_tally(s, 0, c)
-+# define _tr_tally_dist(s, distance, length, flush) \
-+ flush = _tr_tally(s, distance, length)
-+#endif
-+
-+#endif /* _DEFLATE_H */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/COPYRIGHT Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,50 @@
-+Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
-+All rights reserved.
-+
-+This package is an DES implementation written by Eric Young (eay@cryptsoft.com).
-+The implementation was written so as to conform with MIT's libdes.
-+
-+This library is free for commercial and non-commercial use as long as
-+the following conditions are aheared to. The following conditions
-+apply to all code found in this distribution.
-+
-+Copyright remains Eric Young's, and as such any Copyright notices in
-+the code are not to be removed.
-+If this package is used in a product, Eric Young should be given attribution
-+as the author of that the SSL library. This can be in the form of a textual
-+message at program startup or in documentation (online or textual) provided
-+with the package.
-+
-+Redistribution and use in source and binary forms, with or without
-+modification, are permitted provided that the following conditions
-+are met:
-+1. Redistributions of source code must retain the copyright
-+ notice, this list of conditions and the following disclaimer.
-+2. Redistributions in binary form must reproduce the above copyright
-+ notice, this list of conditions and the following disclaimer in the
-+ documentation and/or other materials provided with the distribution.
-+3. All advertising materials mentioning features or use of this software
-+ must display the following acknowledgement:
-+ This product includes software developed by Eric Young (eay@cryptsoft.com)
-+
-+THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-+ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-+OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-+LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-+OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-+SUCH DAMAGE.
-+
-+The license and distribution terms for any publically available version or
-+derivative of this code cannot be changed. i.e. this code cannot simply be
-+copied and put under another distrubution license
-+[including the GNU Public License.]
-+
-+The reason behind this being stated in this direct manner is past
-+experience in code simply being copied and the attribution removed
-+from it and then being distributed as part of other packages. This
-+implementation was a non-trivial and unpaid effort.
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/INSTALL Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,69 @@
-+Check the CC and CFLAGS lines in the makefile
-+
-+If your C library does not support the times(3) function, change the
-+#define TIMES to
-+#undef TIMES in speed.c
-+If it does, check the HZ value for the times(3) function.
-+If your system does not define CLK_TCK it will be assumed to
-+be 100.0.
-+
-+If possible use gcc v 2.7.?
-+Turn on the maximum optimising (normally '-O3 -fomit-frame-pointer' for gcc)
-+In recent times, some system compilers give better performace.
-+
-+type 'make'
-+
-+run './destest' to check things are ok.
-+run './rpw' to check the tty code for reading passwords works.
-+run './speed' to see how fast those optimisations make the library run :-)
-+run './des_opts' to determin the best compile time options.
-+
-+The output from des_opts should be put in the makefile options and des_enc.c
-+should be rebuilt. For 64 bit computers, do not use the DES_PTR option.
-+For the DEC Alpha, edit des.h and change DES_LONG to 'unsigned int'
-+and then you can use the 'DES_PTR' option.
-+
-+The file options.txt has the options listed for best speed on quite a
-+few systems. Look and the options (UNROLL, PTR, RISC2 etc) and then
-+turn on the relevent option in the Makefile
-+
-+There are some special Makefile targets that make life easier.
-+make cc - standard cc build
-+make gcc - standard gcc build
-+make x86-elf - x86 assembler (elf), linux-elf.
-+make x86-out - x86 assembler (a.out), FreeBSD
-+make x86-solaris- x86 assembler
-+make x86-bsdi - x86 assembler (a.out with primative assembler).
-+
-+If at all possible use the assembler (for Windows NT/95, use
-+asm/win32.obj to link with). The x86 assembler is very very fast.
-+
-+A make install will by default install
-+libdes.a in /usr/local/lib/libdes.a
-+des in /usr/local/bin/des
-+des_crypt.man in /usr/local/man/man3/des_crypt.3
-+des.man in /usr/local/man/man1/des.1
-+des.h in /usr/include/des.h
-+
-+des(1) should be compatible with sunOS's but I have been unable to
-+test it.
-+
-+These routines should compile on MSDOS, most 32bit and 64bit version
-+of Unix (BSD and SYSV) and VMS, without modification.
-+The only problems should be #include files that are in the wrong places.
-+
-+These routines can be compiled under MSDOS.
-+I have successfully encrypted files using des(1) under MSDOS and then
-+decrypted the files on a SparcStation.
-+I have been able to compile and test the routines with
-+Microsoft C v 5.1 and Turbo C v 2.0.
-+The code in this library is in no way optimised for the 16bit
-+operation of MSDOS.
-+
-+When building for glibc, ignore all of the above and just unpack into
-+glibc-1.??/des and then gmake as per normal.
-+
-+As a final note on performace. Certain CPUs like sparcs and Alpha often give
-+a %10 speed difference depending on the link order. It is rather anoying
-+when one program reports 'x' DES encrypts a second and another reports
-+'x*0.9' the speed.
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/Makefile Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,63 @@
-+# Makefile for KLIPS kernel code as a module for 2.6 kernels
-+#
-+# Makefile for KLIPS kernel code as a module
-+# Copyright (C) 1998, 1999, 2000,2001 Richard Guy Briggs.
-+# Copyright (C) 2002-2004 Michael Richardson <mcr@freeswan.org>
-+#
-+# This program is free software; you can redistribute it and/or modify it
-+# under the terms of the GNU General Public License as published by the
-+# Free Software Foundation; either version 2 of the License, or (at your
-+# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+#
-+# This program is distributed in the hope that it will be useful, but
-+# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+# for more details.
-+#
-+# RCSID $Id: Makefile.fs2_6,v 1.2.2.1 2005-08-12 16:10:57 ken Exp $
-+#
-+# Note! Dependencies are done automagically by 'make dep', which also
-+# removes any old dependencies. DON'T put your own dependencies here
-+# unless it's something special (ie not a .c file).
-+#
-+
-+obj-$(CONFIG_KLIPS_ENC_3DES) += ipsec_alg_3des.o
-+obj-$(CONFIG_KLIPS_ENC_3DES) += cbc_enc.o
-+obj-$(CONFIG_KLIPS_ENC_3DES) += ecb_enc.o
-+obj-$(CONFIG_KLIPS_ENC_3DES) += set_key.o
-+
-+ifeq ($(strip ${SUBARCH}),)
-+SUBARCH:=${ARCH}
-+endif
-+
-+# the assembly version expects frame pointers, which are
-+# optional in many kernel builds. If you want speed, you should
-+# probably use cryptoapi code instead.
-+USEASSEMBLY=${SUBARCH}${CONFIG_FRAME_POINTER}
-+ifeq (${USEASSEMBLY},i386y)
-+obj-$(CONFIG_KLIPS_ENC_3DES) += dx86unix.o
-+else
-+obj-$(CONFIG_KLIPS_ENC_3DES) += des_enc.o
-+endif
-+
-+#
-+# $Log: Makefile.fs2_6,v $
-+# Revision 1.2.2.1 2005-08-12 16:10:57 ken
-+# do not use assembly code with there are no frame pointers
-+#
-+# Revision 1.3 2005/08/12 14:13:59 mcr
-+# do not use assembly code with there are no frame pointers,
-+# as it does not have the right linkages.
-+#
-+# Revision 1.2 2005/04/29 05:13:07 mcr
-+# 3DES algorithm code.
-+#
-+# Revision 1.1 2004/08/17 03:27:30 mcr
-+# klips 2.6 edits.
-+#
-+#
-+# Local Variables:
-+# compile-command: "(cd ../../.. && source umlsetup.sh && make -C ${POOLSPACE} module/ipsec.o)"
-+# End Variables:
-+#
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/README Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,54 @@
-+
-+ libdes, Version 4.01 10-Jan-97
-+
-+ Copyright (c) 1997, Eric Young
-+ All rights reserved.
-+
-+ This program is free software; you can redistribute it and/or modify
-+ it under the terms specified in COPYRIGHT.
-+
-+--
-+The primary ftp site for this library is
-+ftp://ftp.psy.uq.oz.au/pub/Crypto/DES/libdes-x.xx.tar.gz
-+libdes is now also shipped with SSLeay. Primary ftp site of
-+ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLeay-x.x.x.tar.gz
-+
-+The best way to build this library is to build it as part of SSLeay.
-+
-+This kit builds a DES encryption library and a DES encryption program.
-+It supports ecb, cbc, ofb, cfb, triple ecb, triple cbc, triple ofb,
-+triple cfb, desx, and MIT's pcbc encryption modes and also has a fast
-+implementation of crypt(3).
-+It contains support routines to read keys from a terminal,
-+generate a random key, generate a key from an arbitrary length string,
-+read/write encrypted data from/to a file descriptor.
-+
-+The implementation was written so as to conform with the manual entry
-+for the des_crypt(3) library routines from MIT's project Athena.
-+
-+destest should be run after compilation to test the des routines.
-+rpw should be run after compilation to test the read password routines.
-+The des program is a replacement for the sun des command. I believe it
-+conforms to the sun version.
-+
-+The Imakefile is setup for use in the kerberos distribution.
-+
-+These routines are best compiled with gcc or any other good
-+optimising compiler.
-+Just turn you optimiser up to the highest settings and run destest
-+after the build to make sure everything works.
-+
-+I believe these routines are close to the fastest and most portable DES
-+routines that use small lookup tables (4.5k) that are publicly available.
-+The fcrypt routine is faster than ufc's fcrypt (when compiling with
-+gcc2 -O2) on the sparc 2 (1410 vs 1270) but is not so good on other machines
-+(on a sun3/260 168 vs 336). It is a function of CPU on chip cache size.
-+[ 10-Jan-97 and a function of an incorrect speed testing program in
-+ ufc which gave much better test figures that reality ].
-+
-+It is worth noting that on sparc and Alpha CPUs, performance of the DES
-+library can vary by upto %10 due to the positioning of files after application
-+linkage.
-+
-+Eric Young (eay@cryptsoft.com)
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/README.freeswan Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,33 @@
-+The only changes the FreeS/WAN project has made to libdes-lite 4.04b are:
-+
-+We #ifdef-ed the declaration of DES_LONG in des.h, so it's more efficient
-+on the Alpha, instead of just noting the issue in a comment.
-+
-+We #ifdef-ed out the des_options() function in ecb_enc.c, because we don't
-+use it, and its call to sprintf() can cause subtle difficulties when KLIPS
-+is built as a module (depending on details of Linux configuration options).
-+
-+We changed some instances of CC=$(CC) in the Makefile to CC='$(CC)' to make
-+it cope better with Linux kernel Makefile stupidities, and took out an
-+explicit CC=gcc (unwise on systems with strange compilers).
-+
-+We deleted some references to <stdio.h> and <stdlib.h>, and a declaration
-+of one function found only in the full libdes (not in libdes-lite), to
-+avoid dragging in bits of stdio/stdlib unnecessarily. (Our thanks to Hans
-+Schultz for spotting this and pointing out the fixes.)
-+
-+We deleted a couple of .obj files in the asm subdirectory, which appear to
-+have been included in the original library by accident.
-+
-+We have added an include of our Makefile.inc file, to permit overriding
-+things like choice of compiler (although the libdes Makefile would
-+probably need some work to make this effective).
-+
-+
-+
-+Note that Eric Young is no longer at the email address listed in these
-+files, and is (alas) no longer working on free crypto software.
-+
-+
-+
-+This file is RCSID $Id: README.freeswan,v 1.12 2004-07-10 08:06:51 mcr Exp $
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/VERSION Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,406 @@
-+Version 4.04
-+ Fixed a few tests in destest. Also added x86 assember for
-+ des_ncbc_encrypt() which is the standard cbc mode function.
-+ This makes a very very large performace difference.
-+ Ariel Glenn ariel@columbia.edu reports that the terminal
-+ 'turn echo off' can return (errno == EINVAL) under solaris
-+ when redirection is used. So I now catch that as well as ENOTTY.
-+
-+
-+Version 4.03
-+ Left a static out of enc_write.c, which caused to buffer to be
-+ continiously malloc()ed. Does anyone use these functions? I keep
-+ on feeling like removing them since I only had these in there
-+ for a version of kerberised login. Anyway, this was pointed out
-+ by Theo de Raadt <deraadt@cvs.openbsd.org>
-+ The 'n' bit ofb code was wrong, it was not shifting the shift
-+ register. It worked correctly for n == 64. Thanks to
-+ Gigi Ankeny <Gigi.Ankeny@Eng.Sun.COM> for pointing this one out.
-+
-+Version 4.02
-+ I was doing 'if (memcmp(weak_keys[i],key,sizeof(key)) == 0)'
-+ when checking for weak keys which is wrong :-(, pointed out by
-+ Markus F.X.J. Oberhumer <markus.oberhumer@jk.uni-linz.ac.at>.
-+
-+Version 4.01
-+ Even faster inner loop in the DES assembler for x86 and a modification
-+ for IP/FP which is faster on x86. Both of these changes are
-+ from Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>. His
-+ changes make the assembler run %40 faster on a pentium. This is just
-+ a case of getting the instruction sequence 'just right'.
-+ All credit to 'Svend' :-)
-+ Quite a few special x86 'make' targets.
-+ A libdes-l (lite) distribution.
-+
-+Version 4.00
-+ After a bit of a pause, I'll up the major version number since this
-+ is mostly a performace release. I've added x86 assembler and
-+ added more options for performance. A %28 speedup for gcc
-+ on a pentium and the assembler is a %50 speedup.
-+ MIPS CPU's, sparc and Alpha are the main CPU's with speedups.
-+ Run des_opts to work out which options should be used.
-+ DES_RISC1/DES_RISC2 use alternative inner loops which use
-+ more registers but should give speedups on any CPU that does
-+ dual issue (pentium). DES_UNROLL unrolls the inner loop,
-+ which costs in code size.
-+
-+Version 3.26
-+ I've finally removed one of the shifts in D_ENCRYPT. This
-+ meant I've changed the des_SPtrans table (spr.h), the set_key()
-+ function and some things in des_enc.c. This has definitly
-+ made things faster :-). I've known about this one for some
-+ time but I've been too lazy to follow it up :-).
-+ Noticed that in the D_ENCRYPT() macro, we can just do L^=(..)^(..)^..
-+ instead of L^=((..)|(..)|(..).. This should save a register at
-+ least.
-+ Assember for x86. The file to replace is des_enc.c, which is replaced
-+ by one of the assembler files found in asm. Look at des/asm/readme
-+ for more info.
-+
-+ /* Modification to fcrypt so it can be compiled to support
-+ HPUX 10.x's long password format, define -DLONGCRYPT to use this.
-+ Thanks to Jens Kupferschmidt <bt1cu@hpboot.rz.uni-leipzig.de>. */
-+
-+ SIGWINCH case put in des_read_passwd() so the function does not
-+ 'exit' if this function is recieved.
-+
-+Version 3.25 17/07/96
-+ Modified read_pwd.c so that stdin can be read if not a tty.
-+ Thanks to Jeff Barber <jeffb@issl.atl.hp.com> for the patches.
-+ des_init_random_number_generator() shortened due to VMS linker
-+ limits.
-+ Added RSA's DESX cbc mode. It is a form of cbc encryption, with 2
-+ 8 byte quantites xored before and after encryption.
-+ des_xcbc_encryption() - the name is funny to preserve the des_
-+ prefix on all functions.
-+
-+Version 3.24 20/04/96
-+ The DES_PTR macro option checked and used by SSLeay configuration
-+
-+Version 3.23 11/04/96
-+ Added DES_LONG. If defined to 'unsigned int' on the DEC Alpha,
-+ it gives a %20 speedup :-)
-+ Fixed the problem with des.pl under perl5. The patches were
-+ sent by Ed Kubaitis (ejk@uiuc.edu).
-+ if fcrypt.c, changed values to handle illegal salt values the way
-+ normal crypt() implementations do. Some programs apparently use
-+ them :-(. The patch was sent by Bjorn Gronvall <bg@sics.se>
-+
-+Version 3.22 29/11/95
-+ Bug in des(1), an error with the uuencoding stuff when the
-+ 'data' is small, thanks to Geoff Keating <keagchon@mehta.anu.edu.au>
-+ for the patch.
-+
-+Version 3.21 22/11/95
-+ After some emailing back and forth with
-+ Colin Plumb <colin@nyx10.cs.du.edu>, I've tweaked a few things
-+ and in a future version I will probably put in some of the
-+ optimisation he suggested for use with the DES_USE_PTR option.
-+ Extra routines from Mark Murray <mark@grondar.za> for use in
-+ freeBSD. They mostly involve random number generation for use
-+ with kerberos. They involve evil machine specific system calls
-+ etc so I would normally suggest pushing this stuff into the
-+ application and/or using RAND_seed()/RAND_bytes() if you are
-+ using this DES library as part of SSLeay.
-+ Redone the read_pw() function so that it is cleaner and
-+ supports termios, thanks to Sameer Parekh <sameer@c2.org>
-+ for the initial patches for this.
-+ Renamed 3ecb_encrypt() to ecb3_encrypt(). This has been
-+ done just to make things more consistent.
-+ I have also now added triple DES versions of cfb and ofb.
-+
-+Version 3.20
-+ Damn, Damn, Damn, as pointed out by Mike_Spreitzer.PARC@xerox.com,
-+ my des_random_seed() function was only copying 4 bytes of the
-+ passed seed into the init structure. It is now fixed to copy 8.
-+ My own suggestion is to used something like MD5 :-)
-+
-+Version 3.19
-+ While looking at my code one day, I though, why do I keep on
-+ calling des_encrypt(in,out,ks,enc) when every function that
-+ calls it has in and out the same. So I dropped the 'out'
-+ parameter, people should not be using this function.
-+
-+Version 3.18 30/08/95
-+ Fixed a few bit with the distribution and the filenames.
-+ 3.17 had been munged via a move to DOS and back again.
-+ NO CODE CHANGES
-+
-+Version 3.17 14/07/95
-+ Fixed ede3 cbc which I had broken in 3.16. I have also
-+ removed some unneeded variables in 7-8 of the routines.
-+
-+Version 3.16 26/06/95
-+ Added des_encrypt2() which does not use IP/FP, used by triple
-+ des routines. Tweaked things a bit elsewhere. %13 speedup on
-+ sparc and %6 on a R4400 for ede3 cbc mode.
-+
-+Version 3.15 06/06/95
-+ Added des_ncbc_encrypt(), it is des_cbc mode except that it is
-+ 'normal' and copies the new iv value back over the top of the
-+ passed parameter.
-+ CHANGED des_ede3_cbc_encrypt() so that it too now overwrites
-+ the iv. THIS WILL BREAK EXISTING CODE, but since this function
-+ only new, I feel I can change it, not so with des_cbc_encrypt :-(.
-+ I need to update the documentation.
-+
-+Version 3.14 31/05/95
-+ New release upon the world, as part of my SSL implementation.
-+ New copyright and usage stuff. Basically free for all to use
-+ as long as you say it came from me :-)
-+
-+Version 3.13 31/05/95
-+ A fix in speed.c, if HZ is not defined, I set it to 100.0
-+ which is reasonable for most unixes except SunOS 4.x.
-+ I now have a #ifdef sun but timing for SunOS 4.x looked very
-+ good :-(. At my last job where I used SunOS 4.x, it was
-+ defined to be 60.0 (look at the old INSTALL documentation), at
-+ the last release had it changed to 100.0 since I now work with
-+ Solaris2 and SVR4 boxes.
-+ Thanks to Rory Chisholm <rchishol@math.ethz.ch> for pointing this
-+ one out.
-+
-+Version 3.12 08/05/95
-+ As pointed out by The Crypt Keeper <tck@bend.UCSD.EDU>,
-+ my D_ENCRYPT macro in crypt() had an un-necessary variable.
-+ It has been removed.
-+
-+Version 3.11 03/05/95
-+ Added des_ede3_cbc_encrypt() which is cbc mode des with 3 keys
-+ and one iv. It is a standard and I needed it for my SSL code.
-+ It makes more sense to use this for triple DES than
-+ 3cbc_encrypt(). I have also added (or should I say tested :-)
-+ cfb64_encrypt() which is cfb64 but it will encrypt a partial
-+ number of bytes - 3 bytes in 3 bytes out. Again this is for
-+ my SSL library, as a form of encryption to use with SSL
-+ telnet.
-+
-+Version 3.10 22/03/95
-+ Fixed a bug in 3cbc_encrypt() :-(. When making repeated calls
-+ to cbc3_encrypt, the 2 iv values that were being returned to
-+ be used in the next call were reversed :-(.
-+ Many thanks to Bill Wade <wade@Stoner.COM> for pointing out
-+ this error.
-+
-+Version 3.09 01/02/95
-+ Fixed des_random_key to far more random, it was rather feeble
-+ with regards to picking the initial seed. The problem was
-+ pointed out by Olaf Kirch <okir@monad.swb.de>.
-+
-+Version 3.08 14/12/94
-+ Added Makefile.PL so libdes can be built into perl5.
-+ Changed des_locl.h so RAND is always defined.
-+
-+Version 3.07 05/12/94
-+ Added GNUmake and stuff so the library can be build with
-+ glibc.
-+
-+Version 3.06 30/08/94
-+ Added rpc_enc.c which contains _des_crypt. This is for use in
-+ secure_rpc v 4.0
-+ Finally fixed the cfb_enc problems.
-+ Fixed a few parameter parsing bugs in des (-3 and -b), thanks
-+ to Rob McMillan <R.McMillan@its.gu.edu.au>
-+
-+Version 3.05 21/04/94
-+ for unsigned long l; gcc does not produce ((l>>34) == 0)
-+ This causes bugs in cfb_enc.
-+ Thanks to Hadmut Danisch <danisch@ira.uka.de>
-+
-+Version 3.04 20/04/94
-+ Added a version number to des.c and libdes.a
-+
-+Version 3.03 12/01/94
-+ Fixed a bug in non zero iv in 3cbc_enc.
-+
-+Version 3.02 29/10/93
-+ I now work in a place where there are 6+ architectures and 14+
-+ OS versions :-).
-+ Fixed TERMIO definition so the most sys V boxes will work :-)
-+
-+Release upon comp.sources.misc
-+Version 3.01 08/10/93
-+ Added des_3cbc_encrypt()
-+
-+Version 3.00 07/10/93
-+ Fixed up documentation.
-+ quad_cksum definitely compatible with MIT's now.
-+
-+Version 2.30 24/08/93
-+ Triple DES now defaults to triple cbc but can do triple ecb
-+ with the -b flag.
-+ Fixed some MSDOS uuen/uudecoding problems, thanks to
-+ Added prototypes.
-+
-+Version 2.22 29/06/93
-+ Fixed a bug in des_is_weak_key() which stopped it working :-(
-+ thanks to engineering@MorningStar.Com.
-+
-+Version 2.21 03/06/93
-+ des(1) with no arguments gives quite a bit of help.
-+ Added -c (generate ckecksum) flag to des(1).
-+ Added -3 (triple DES) flag to des(1).
-+ Added cfb and ofb routines to the library.
-+
-+Version 2.20 11/03/93
-+ Added -u (uuencode) flag to des(1).
-+ I have been playing with byte order in quad_cksum to make it
-+ compatible with MIT's version. All I can say is avid this
-+ function if possible since MIT's output is endian dependent.
-+
-+Version 2.12 14/10/92
-+ Added MSDOS specific macro in ecb_encrypt which gives a %70
-+ speed up when the code is compiled with turbo C.
-+
-+Version 2.11 12/10/92
-+ Speedup in set_key (recoding of PC-1)
-+ I now do it in 47 simple operations, down from 60.
-+ Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
-+ for motivating me to look for a faster system :-)
-+ The speedup is probably less that 1% but it is still 13
-+ instructions less :-).
-+
-+Version 2.10 06/10/92
-+ The code now works on the 64bit ETA10 and CRAY without modifications or
-+ #defines. I believe the code should work on any machine that
-+ defines long, int or short to be 8 bytes long.
-+ Thanks to Shabbir J. Safdar (shabby@mentor.cc.purdue.edu)
-+ for helping me fix the code to run on 64bit machines (he had
-+ access to an ETA10).
-+ Thanks also to John Fletcher <john_fletcher@lccmail.ocf.llnl.gov>
-+ for testing the routines on a CRAY.
-+ read_password.c has been renamed to read_passwd.c
-+ string_to_key.c has been renamed to string2key.c
-+
-+Version 2.00 14/09/92
-+ Made mods so that the library should work on 64bit CPU's.
-+ Removed all my uchar and ulong defs. To many different
-+ versions of unix define them in their header files in too many
-+ different combinations :-)
-+ IRIX - Sillicon Graphics mods (mostly in read_password.c).
-+ Thanks to Andrew Daviel (advax@erich.triumf.ca)
-+
-+Version 1.99 26/08/92
-+ Fixed a bug or 2 in enc_read.c
-+ Fixed a bug in enc_write.c
-+ Fixed a pseudo bug in fcrypt.c (very obscure).
-+
-+Version 1.98 31/07/92
-+ Support for the ETA10. This is a strange machine that defines
-+ longs and ints as 8 bytes and shorts as 4 bytes.
-+ Since I do evil things with long * that assume that they are 4
-+ bytes. Look in the Makefile for the option to compile for
-+ this machine. quad_cksum appears to have problems but I
-+ will don't have the time to fix it right now, and this is not
-+ a function that uses DES and so will not effect the main uses
-+ of the library.
-+
-+Version 1.97 20/05/92 eay
-+ Fixed the Imakefile and made some changes to des.h to fix some
-+ problems when building this package with Kerberos v 4.
-+
-+Version 1.96 18/05/92 eay
-+ Fixed a small bug in string_to_key() where problems could
-+ occur if des_check_key was set to true and the string
-+ generated a weak key.
-+
-+Patch2 posted to comp.sources.misc
-+Version 1.95 13/05/92 eay
-+ Added an alternative version of the D_ENCRYPT macro in
-+ ecb_encrypt and fcrypt. Depending on the compiler, one version or the
-+ other will be faster. This was inspired by
-+ Dana How <how@isl.stanford.edu>, and her pointers about doing the
-+ *(ulong *)((uchar *)ptr+(value&0xfc))
-+ vs
-+ ptr[value&0x3f]
-+ to stop the C compiler doing a <<2 to convert the long array index.
-+
-+Version 1.94 05/05/92 eay
-+ Fixed an incompatibility between my string_to_key and the MIT
-+ version. When the key is longer than 8 chars, I was wrapping
-+ with a different method. To use the old version, define
-+ OLD_STR_TO_KEY in the makefile. Thanks to
-+ viktor@newsu.shearson.com (Viktor Dukhovni).
-+
-+Version 1.93 28/04/92 eay
-+ Fixed the VMS mods so that echo is now turned off in
-+ read_password. Thanks again to brennan@coco.cchs.su.oz.AU.
-+ MSDOS support added. The routines can be compiled with
-+ Turbo C (v2.0) and MSC (v5.1). Make sure MSDOS is defined.
-+
-+Patch1 posted to comp.sources.misc
-+Version 1.92 13/04/92 eay
-+ Changed D_ENCRYPT so that the rotation of R occurs outside of
-+ the loop. This required rotating all the longs in sp.h (now
-+ called spr.h). Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
-+ speed.c has been changed so it will work without SIGALRM. If
-+ times(3) is not present it will try to use ftime() instead.
-+
-+Version 1.91 08/04/92 eay
-+ Added -E/-D options to des(1) so it can use string_to_key.
-+ Added SVR4 mods suggested by witr@rwwa.COM
-+ Added VMS mods suggested by brennan@coco.cchs.su.oz.AU. If
-+ anyone knows how to turn of tty echo in VMS please tell me or
-+ implement it yourself :-).
-+ Changed FILE *IN/*OUT to *DES_IN/*DES_OUT since it appears VMS
-+ does not like IN/OUT being used.
-+
-+Libdes posted to comp.sources.misc
-+Version 1.9 24/03/92 eay
-+ Now contains a fast small crypt replacement.
-+ Added des(1) command.
-+ Added des_rw_mode so people can use cbc encryption with
-+ enc_read and enc_write.
-+
-+Version 1.8 15/10/91 eay
-+ Bug in cbc_cksum.
-+ Many thanks to Keith Reynolds (keithr@sco.COM) for pointing this
-+ one out.
-+
-+Version 1.7 24/09/91 eay
-+ Fixed set_key :-)
-+ set_key is 4 times faster and takes less space.
-+ There are a few minor changes that could be made.
-+
-+Version 1.6 19/09/1991 eay
-+ Finally go IP and FP finished.
-+ Now I need to fix set_key.
-+ This version is quite a bit faster that 1.51
-+
-+Version 1.52 15/06/1991 eay
-+ 20% speedup in ecb_encrypt by changing the E bit selection
-+ to use 2 32bit words. This also required modification of the
-+ sp table. There is still a way to speedup the IP and IP-1
-+ (hints from outer@sq.com) still working on this one :-(.
-+
-+Version 1.51 07/06/1991 eay
-+ Faster des_encrypt by loop unrolling
-+ Fixed bug in quad_cksum.c (thanks to hughes@logos.ucs.indiana.edu)
-+
-+Version 1.50 28/05/1991 eay
-+ Optimised the code a bit more for the sparc. I have improved the
-+ speed of the inner des_encrypt by speeding up the initial and
-+ final permutations.
-+
-+Version 1.40 23/10/1990 eay
-+ Fixed des_random_key, it did not produce a random key :-(
-+
-+Version 1.30 2/10/1990 eay
-+ Have made des_quad_cksum the same as MIT's, the full package
-+ should be compatible with MIT's
-+ Have tested on a DECstation 3100
-+ Still need to fix des_set_key (make it faster).
-+ Does des_cbc_encrypts at 70.5k/sec on a 3100.
-+
-+Version 1.20 18/09/1990 eay
-+ Fixed byte order dependencies.
-+ Fixed (I hope) all the word alignment problems.
-+ Speedup in des_ecb_encrypt.
-+
-+Version 1.10 11/09/1990 eay
-+ Added des_enc_read and des_enc_write.
-+ Still need to fix des_quad_cksum.
-+ Still need to document des_enc_read and des_enc_write.
-+
-+Version 1.00 27/08/1990 eay
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/asm/des-586.pl Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,251 @@
-+#!/usr/local/bin/perl
-+#
-+# The inner loop instruction sequence and the IP/FP modifications are from
-+# Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>
-+#
-+
-+push(@INC,"perlasm","../../perlasm");
-+require "x86asm.pl";
-+require "cbc.pl";
-+require "desboth.pl";
-+
-+# base code is in microsft
-+# op dest, source
-+# format.
-+#
-+
-+&asm_init($ARGV[0],"des-586.pl");
-+
-+$L="edi";
-+$R="esi";
-+
-+&external_label("des_SPtrans");
-+&des_encrypt("des_encrypt",1);
-+&des_encrypt("des_encrypt2",0);
-+&des_encrypt3("des_encrypt3",1);
-+&des_encrypt3("des_decrypt3",0);
-+&cbc("des_ncbc_encrypt","des_encrypt","des_encrypt",0,4,5,3,5,-1);
-+&cbc("des_ede3_cbc_encrypt","des_encrypt3","des_decrypt3",0,6,7,3,4,5);
-+
-+&asm_finish();
-+
-+sub des_encrypt
-+ {
-+ local($name,$do_ip)=@_;
-+
-+ &function_begin_B($name,"EXTRN _des_SPtrans:DWORD");
-+
-+ &push("esi");
-+ &push("edi");
-+
-+ &comment("");
-+ &comment("Load the 2 words");
-+ $ks="ebp";
-+
-+ if ($do_ip)
-+ {
-+ &mov($R,&wparam(0));
-+ &xor( "ecx", "ecx" );
-+
-+ &push("ebx");
-+ &push("ebp");
-+
-+ &mov("eax",&DWP(0,$R,"",0));
-+ &mov("ebx",&wparam(2)); # get encrypt flag
-+ &mov($L,&DWP(4,$R,"",0));
-+ &comment("");
-+ &comment("IP");
-+ &IP_new("eax",$L,$R,3);
-+ }
-+ else
-+ {
-+ &mov("eax",&wparam(0));
-+ &xor( "ecx", "ecx" );
-+
-+ &push("ebx");
-+ &push("ebp");
-+
-+ &mov($R,&DWP(0,"eax","",0));
-+ &mov("ebx",&wparam(2)); # get encrypt flag
-+ &rotl($R,3);
-+ &mov($L,&DWP(4,"eax","",0));
-+ &rotl($L,3);
-+ }
-+
-+ &mov( $ks, &wparam(1) );
-+ &cmp("ebx","0");
-+ &je(&label("start_decrypt"));
-+
-+ for ($i=0; $i<16; $i+=2)
-+ {
-+ &comment("");
-+ &comment("Round $i");
-+ &D_ENCRYPT($i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
-+
-+ &comment("");
-+ &comment("Round ".sprintf("%d",$i+1));
-+ &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
-+ }
-+ &jmp(&label("end"));
-+
-+ &set_label("start_decrypt");
-+
-+ for ($i=15; $i>0; $i-=2)
-+ {
-+ &comment("");
-+ &comment("Round $i");
-+ &D_ENCRYPT(15-$i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
-+ &comment("");
-+ &comment("Round ".sprintf("%d",$i-1));
-+ &D_ENCRYPT(15-$i+1,$R,$L,($i-1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
-+ }
-+
-+ &set_label("end");
-+
-+ if ($do_ip)
-+ {
-+ &comment("");
-+ &comment("FP");
-+ &mov("edx",&wparam(0));
-+ &FP_new($L,$R,"eax",3);
-+
-+ &mov(&DWP(0,"edx","",0),"eax");
-+ &mov(&DWP(4,"edx","",0),$R);
-+ }
-+ else
-+ {
-+ &comment("");
-+ &comment("Fixup");
-+ &rotr($L,3); # r
-+ &mov("eax",&wparam(0));
-+ &rotr($R,3); # l
-+ &mov(&DWP(0,"eax","",0),$L);
-+ &mov(&DWP(4,"eax","",0),$R);
-+ }
-+
-+ &pop("ebp");
-+ &pop("ebx");
-+ &pop("edi");
-+ &pop("esi");
-+ &ret();
-+
-+ &function_end_B($name);
-+ }
-+
-+sub D_ENCRYPT
-+ {
-+ local($r,$L,$R,$S,$ks,$desSP,$u,$tmp1,$tmp2,$t)=@_;
-+
-+ &mov( $u, &DWP(&n2a($S*4),$ks,"",0));
-+ &xor( $tmp1, $tmp1);
-+ &mov( $t, &DWP(&n2a(($S+1)*4),$ks,"",0));
-+ &xor( $u, $R);
-+ &xor( $t, $R);
-+ &and( $u, "0xfcfcfcfc" );
-+ &and( $t, "0xcfcfcfcf" );
-+ &movb( &LB($tmp1), &LB($u) );
-+ &movb( &LB($tmp2), &HB($u) );
-+ &rotr( $t, 4 );
-+ &mov( $ks, &DWP(" $desSP",$tmp1,"",0));
-+ &movb( &LB($tmp1), &LB($t) );
-+ &xor( $L, $ks);
-+ &mov( $ks, &DWP("0x200+$desSP",$tmp2,"",0));
-+ &xor( $L, $ks); ######
-+ &movb( &LB($tmp2), &HB($t) );
-+ &shr( $u, 16);
-+ &mov( $ks, &DWP("0x100+$desSP",$tmp1,"",0));
-+ &xor( $L, $ks); ######
-+ &movb( &LB($tmp1), &HB($u) );
-+ &shr( $t, 16);
-+ &mov( $ks, &DWP("0x300+$desSP",$tmp2,"",0));
-+ &xor( $L, $ks);
-+ &mov( $ks, &wparam(1) );
-+ &movb( &LB($tmp2), &HB($t) );
-+ &and( $u, "0xff" );
-+ &and( $t, "0xff" );
-+ &mov( $tmp1, &DWP("0x600+$desSP",$tmp1,"",0));
-+ &xor( $L, $tmp1);
-+ &mov( $tmp1, &DWP("0x700+$desSP",$tmp2,"",0));
-+ &xor( $L, $tmp1);
-+ &mov( $tmp1, &DWP("0x400+$desSP",$u,"",0));
-+ &xor( $L, $tmp1);
-+ &mov( $tmp1, &DWP("0x500+$desSP",$t,"",0));
-+ &xor( $L, $tmp1);
-+ }
-+
-+sub n2a
-+ {
-+ sprintf("%d",$_[0]);
-+ }
-+
-+# now has a side affect of rotating $a by $shift
-+sub R_PERM_OP
-+ {
-+ local($a,$b,$tt,$shift,$mask,$last)=@_;
-+
-+ &rotl( $a, $shift ) if ($shift != 0);
-+ &mov( $tt, $a );
-+ &xor( $a, $b );
-+ &and( $a, $mask );
-+ if (!$last eq $b)
-+ {
-+ &xor( $b, $a );
-+ &xor( $tt, $a );
-+ }
-+ else
-+ {
-+ &xor( $tt, $a );
-+ &xor( $b, $a );
-+ }
-+ &comment("");
-+ }
-+
-+sub IP_new
-+ {
-+ local($l,$r,$tt,$lr)=@_;
-+
-+ &R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l);
-+ &R_PERM_OP($r,$tt,$l,20,"0xfff0000f",$l);
-+ &R_PERM_OP($l,$tt,$r,14,"0x33333333",$r);
-+ &R_PERM_OP($tt,$r,$l,22,"0x03fc03fc",$r);
-+ &R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r);
-+
-+ if ($lr != 3)
-+ {
-+ if (($lr-3) < 0)
-+ { &rotr($tt, 3-$lr); }
-+ else { &rotl($tt, $lr-3); }
-+ }
-+ if ($lr != 2)
-+ {
-+ if (($lr-2) < 0)
-+ { &rotr($r, 2-$lr); }
-+ else { &rotl($r, $lr-2); }
-+ }
-+ }
-+
-+sub FP_new
-+ {
-+ local($l,$r,$tt,$lr)=@_;
-+
-+ if ($lr != 2)
-+ {
-+ if (($lr-2) < 0)
-+ { &rotl($r, 2-$lr); }
-+ else { &rotr($r, $lr-2); }
-+ }
-+ if ($lr != 3)
-+ {
-+ if (($lr-3) < 0)
-+ { &rotl($l, 3-$lr); }
-+ else { &rotr($l, $lr-3); }
-+ }
-+
-+ &R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r);
-+ &R_PERM_OP($tt,$r,$l,23,"0x03fc03fc",$r);
-+ &R_PERM_OP($l,$r,$tt,10,"0x33333333",$l);
-+ &R_PERM_OP($r,$tt,$l,18,"0xfff0000f",$l);
-+ &R_PERM_OP($l,$tt,$r,12,"0xf0f0f0f0",$r);
-+ &rotr($tt , 4);
-+ }
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/asm/des686.pl Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,230 @@
-+#!/usr/local/bin/perl
-+
-+$prog="des686.pl";
-+
-+# base code is in microsft
-+# op dest, source
-+# format.
-+#
-+
-+# WILL NOT WORK ANYMORE WITH desboth.pl
-+require "desboth.pl";
-+
-+if ( ($ARGV[0] eq "elf"))
-+ { require "x86unix.pl"; }
-+elsif ( ($ARGV[0] eq "a.out"))
-+ { $aout=1; require "x86unix.pl"; }
-+elsif ( ($ARGV[0] eq "sol"))
-+ { $sol=1; require "x86unix.pl"; }
-+elsif ( ($ARGV[0] eq "cpp"))
-+ { $cpp=1; require "x86unix.pl"; }
-+elsif ( ($ARGV[0] eq "win32"))
-+ { require "x86ms.pl"; }
-+else
-+ {
-+ print STDERR <<"EOF";
-+Pick one target type from
-+ elf - linux, FreeBSD etc
-+ a.out - old linux
-+ sol - x86 solaris
-+ cpp - format so x86unix.cpp can be used
-+ win32 - Windows 95/Windows NT
-+EOF
-+ exit(1);
-+ }
-+
-+&comment("Don't even think of reading this code");
-+&comment("It was automatically generated by $prog");
-+&comment("Which is a perl program used to generate the x86 assember for");
-+&comment("any of elf, a.out, Win32, or Solaris");
-+&comment("It can be found in SSLeay 0.6.5+ or in libdes 3.26+");
-+&comment("eric <eay\@cryptsoft.com>");
-+&comment("");
-+
-+&file("dx86xxxx");
-+
-+$L="edi";
-+$R="esi";
-+
-+&des_encrypt("des_encrypt",1);
-+&des_encrypt("des_encrypt2",0);
-+
-+&des_encrypt3("des_encrypt3",1);
-+&des_encrypt3("des_decrypt3",0);
-+
-+&file_end();
-+
-+sub des_encrypt
-+ {
-+ local($name,$do_ip)=@_;
-+
-+ &function_begin($name,"EXTRN _des_SPtrans:DWORD");
-+
-+ &comment("");
-+ &comment("Load the 2 words");
-+ &mov("eax",&wparam(0));
-+ &mov($L,&DWP(0,"eax","",0));
-+ &mov($R,&DWP(4,"eax","",0));
-+
-+ $ksp=&wparam(1);
-+
-+ if ($do_ip)
-+ {
-+ &comment("");
-+ &comment("IP");
-+ &IP_new($L,$R,"eax");
-+ }
-+
-+ &comment("");
-+ &comment("fixup rotate");
-+ &rotl($R,3);
-+ &rotl($L,3);
-+ &exch($L,$R);
-+
-+ &comment("");
-+ &comment("load counter, key_schedule and enc flag");
-+ &mov("eax",&wparam(2)); # get encrypt flag
-+ &mov("ebp",&wparam(1)); # get ks
-+ &cmp("eax","0");
-+ &je(&label("start_decrypt"));
-+
-+ # encrypting part
-+
-+ for ($i=0; $i<16; $i+=2)
-+ {
-+ &comment("");
-+ &comment("Round $i");
-+ &D_ENCRYPT($L,$R,$i*2,"ebp","des_SPtrans","ecx","edx","eax","ebx");
-+
-+ &comment("");
-+ &comment("Round ".sprintf("%d",$i+1));
-+ &D_ENCRYPT($R,$L,($i+1)*2,"ebp","des_SPtrans","ecx","edx","eax","ebx");
-+ }
-+ &jmp(&label("end"));
-+
-+ &set_label("start_decrypt");
-+
-+ for ($i=15; $i>0; $i-=2)
-+ {
-+ &comment("");
-+ &comment("Round $i");
-+ &D_ENCRYPT($L,$R,$i*2,"ebp","des_SPtrans","ecx","edx","eax","ebx");
-+ &comment("");
-+ &comment("Round ".sprintf("%d",$i-1));
-+ &D_ENCRYPT($R,$L,($i-1)*2,"ebp","des_SPtrans","ecx","edx","eax","ebx");
-+ }
-+
-+ &set_label("end");
-+
-+ &comment("");
-+ &comment("Fixup");
-+ &rotr($L,3); # r
-+ &rotr($R,3); # l
-+
-+ if ($do_ip)
-+ {
-+ &comment("");
-+ &comment("FP");
-+ &FP_new($R,$L,"eax");
-+ }
-+
-+ &mov("eax",&wparam(0));
-+ &mov(&DWP(0,"eax","",0),$L);
-+ &mov(&DWP(4,"eax","",0),$R);
-+
-+ &function_end($name);
-+ }
-+
-+
-+# The logic is to load R into 2 registers and operate on both at the same time.
-+# We also load the 2 R's into 2 more registers so we can do the 'move word down a byte'
-+# while also masking the other copy and doing a lookup. We then also accumulate the
-+# L value in 2 registers then combine them at the end.
-+sub D_ENCRYPT
-+ {
-+ local($L,$R,$S,$ks,$desSP,$u,$t,$tmp1,$tmp2,$tmp3)=@_;
-+
-+ &mov( $u, &DWP(&n2a($S*4),$ks,"",0));
-+ &mov( $t, &DWP(&n2a(($S+1)*4),$ks,"",0));
-+ &xor( $u, $R );
-+ &xor( $t, $R );
-+ &rotr( $t, 4 );
-+
-+ # the numbers at the end of the line are origional instruction order
-+ &mov( $tmp2, $u ); # 1 2
-+ &mov( $tmp1, $t ); # 1 1
-+ &and( $tmp2, "0xfc" ); # 1 4
-+ &and( $tmp1, "0xfc" ); # 1 3
-+ &shr( $t, 8 ); # 1 5
-+ &xor( $L, &DWP("0x100+$desSP",$tmp1,"",0)); # 1 7
-+ &shr( $u, 8 ); # 1 6
-+ &mov( $tmp1, &DWP(" $desSP",$tmp2,"",0)); # 1 8
-+
-+ &mov( $tmp2, $u ); # 2 2
-+ &xor( $L, $tmp1 ); # 1 9
-+ &and( $tmp2, "0xfc" ); # 2 4
-+ &mov( $tmp1, $t ); # 2 1
-+ &and( $tmp1, "0xfc" ); # 2 3
-+ &shr( $t, 8 ); # 2 5
-+ &xor( $L, &DWP("0x300+$desSP",$tmp1,"",0)); # 2 7
-+ &shr( $u, 8 ); # 2 6
-+ &mov( $tmp1, &DWP("0x200+$desSP",$tmp2,"",0)); # 2 8
-+ &mov( $tmp2, $u ); # 3 2
-+
-+ &xor( $L, $tmp1 ); # 2 9
-+ &and( $tmp2, "0xfc" ); # 3 4
-+
-+ &mov( $tmp1, $t ); # 3 1
-+ &shr( $u, 8 ); # 3 6
-+ &and( $tmp1, "0xfc" ); # 3 3
-+ &shr( $t, 8 ); # 3 5
-+ &xor( $L, &DWP("0x500+$desSP",$tmp1,"",0)); # 3 7
-+ &mov( $tmp1, &DWP("0x400+$desSP",$tmp2,"",0)); # 3 8
-+
-+ &and( $t, "0xfc" ); # 4 1
-+ &xor( $L, $tmp1 ); # 3 9
-+
-+ &and( $u, "0xfc" ); # 4 2
-+ &xor( $L, &DWP("0x700+$desSP",$t,"",0)); # 4 3
-+ &xor( $L, &DWP("0x600+$desSP",$u,"",0)); # 4 4
-+ }
-+
-+sub PERM_OP
-+ {
-+ local($a,$b,$tt,$shift,$mask)=@_;
-+
-+ &mov( $tt, $a );
-+ &shr( $tt, $shift );
-+ &xor( $tt, $b );
-+ &and( $tt, $mask );
-+ &xor( $b, $tt );
-+ &shl( $tt, $shift );
-+ &xor( $a, $tt );
-+ }
-+
-+sub IP_new
-+ {
-+ local($l,$r,$tt)=@_;
-+
-+ &PERM_OP($r,$l,$tt, 4,"0x0f0f0f0f");
-+ &PERM_OP($l,$r,$tt,16,"0x0000ffff");
-+ &PERM_OP($r,$l,$tt, 2,"0x33333333");
-+ &PERM_OP($l,$r,$tt, 8,"0x00ff00ff");
-+ &PERM_OP($r,$l,$tt, 1,"0x55555555");
-+ }
-+
-+sub FP_new
-+ {
-+ local($l,$r,$tt)=@_;
-+
-+ &PERM_OP($l,$r,$tt, 1,"0x55555555");
-+ &PERM_OP($r,$l,$tt, 8,"0x00ff00ff");
-+ &PERM_OP($l,$r,$tt, 2,"0x33333333");
-+ &PERM_OP($r,$l,$tt,16,"0x0000ffff");
-+ &PERM_OP($l,$r,$tt, 4,"0x0f0f0f0f");
-+ }
-+
-+sub n2a
-+ {
-+ sprintf("%d",$_[0]);
-+ }
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/asm/desboth.pl Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,79 @@
-+#!/usr/local/bin/perl
-+
-+$L="edi";
-+$R="esi";
-+
-+sub des_encrypt3
-+ {
-+ local($name,$enc)=@_;
-+
-+ &function_begin_B($name,"");
-+ &push("ebx");
-+ &mov("ebx",&wparam(0));
-+
-+ &push("ebp");
-+ &push("esi");
-+
-+ &push("edi");
-+
-+ &comment("");
-+ &comment("Load the data words");
-+ &mov($L,&DWP(0,"ebx","",0));
-+ &mov($R,&DWP(4,"ebx","",0));
-+ &stack_push(3);
-+
-+ &comment("");
-+ &comment("IP");
-+ &IP_new($L,$R,"edx",0);
-+
-+ # put them back
-+
-+ if ($enc)
-+ {
-+ &mov(&DWP(4,"ebx","",0),$R);
-+ &mov("eax",&wparam(1));
-+ &mov(&DWP(0,"ebx","",0),"edx");
-+ &mov("edi",&wparam(2));
-+ &mov("esi",&wparam(3));
-+ }
-+ else
-+ {
-+ &mov(&DWP(4,"ebx","",0),$R);
-+ &mov("esi",&wparam(1));
-+ &mov(&DWP(0,"ebx","",0),"edx");
-+ &mov("edi",&wparam(2));
-+ &mov("eax",&wparam(3));
-+ }
-+ &mov(&swtmp(2), (($enc)?"1":"0"));
-+ &mov(&swtmp(1), "eax");
-+ &mov(&swtmp(0), "ebx");
-+ &call("des_encrypt2");
-+ &mov(&swtmp(2), (($enc)?"0":"1"));
-+ &mov(&swtmp(1), "edi");
-+ &mov(&swtmp(0), "ebx");
-+ &call("des_encrypt2");
-+ &mov(&swtmp(2), (($enc)?"1":"0"));
-+ &mov(&swtmp(1), "esi");
-+ &mov(&swtmp(0), "ebx");
-+ &call("des_encrypt2");
-+
-+ &stack_pop(3);
-+ &mov($L,&DWP(0,"ebx","",0));
-+ &mov($R,&DWP(4,"ebx","",0));
-+
-+ &comment("");
-+ &comment("FP");
-+ &FP_new($L,$R,"eax",0);
-+
-+ &mov(&DWP(0,"ebx","",0),"eax");
-+ &mov(&DWP(4,"ebx","",0),$R);
-+
-+ &pop("edi");
-+ &pop("esi");
-+ &pop("ebp");
-+ &pop("ebx");
-+ &ret();
-+ &function_end_B($name);
-+ }
-+
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/asm/readme Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,131 @@
-+First up, let me say I don't like writing in assembler. It is not portable,
-+dependant on the particular CPU architecture release and is generally a pig
-+to debug and get right. Having said that, the x86 architecture is probably
-+the most important for speed due to number of boxes and since
-+it appears to be the worst architecture to to get
-+good C compilers for. So due to this, I have lowered myself to do
-+assembler for the inner DES routines in libdes :-).
-+
-+The file to implement in assembler is des_enc.c. Replace the following
-+4 functions
-+des_encrypt(DES_LONG data[2],des_key_schedule ks, int encrypt);
-+des_encrypt2(DES_LONG data[2],des_key_schedule ks, int encrypt);
-+des_encrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3);
-+des_decrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3);
-+
-+They encrypt/decrypt the 64 bits held in 'data' using
-+the 'ks' key schedules. The only difference between the 4 functions is that
-+des_encrypt2() does not perform IP() or FP() on the data (this is an
-+optimization for when doing triple DES and des_encrypt3() and des_decrypt3()
-+perform triple des. The triple DES routines are in here because it does
-+make a big difference to have them located near the des_encrypt2 function
-+at link time..
-+
-+Now as we all know, there are lots of different operating systems running on
-+x86 boxes, and unfortunately they normally try to make sure their assembler
-+formating is not the same as the other peoples.
-+The 4 main formats I know of are
-+Microsoft Windows 95/Windows NT
-+Elf Includes Linux and FreeBSD(?).
-+a.out The older Linux.
-+Solaris Same as Elf but different comments :-(.
-+
-+Now I was not overly keen to write 4 different copies of the same code,
-+so I wrote a few perl routines to output the correct assembler, given
-+a target assembler type. This code is ugly and is just a hack.
-+The libraries are x86unix.pl and x86ms.pl.
-+des586.pl, des686.pl and des-som[23].pl are the programs to actually
-+generate the assembler.
-+
-+So to generate elf assembler
-+perl des-som3.pl elf >dx86-elf.s
-+For Windows 95/NT
-+perl des-som2.pl win32 >win32.asm
-+
-+[ update 4 Jan 1996 ]
-+I have added another way to do things.
-+perl des-som3.pl cpp >dx86-cpp.s
-+generates a file that will be included by dx86unix.cpp when it is compiled.
-+To build for elf, a.out, solaris, bsdi etc,
-+cc -E -DELF asm/dx86unix.cpp | as -o asm/dx86-elf.o
-+cc -E -DSOL asm/dx86unix.cpp | as -o asm/dx86-sol.o
-+cc -E -DOUT asm/dx86unix.cpp | as -o asm/dx86-out.o
-+cc -E -DBSDI asm/dx86unix.cpp | as -o asm/dx86bsdi.o
-+This was done to cut down the number of files in the distribution.
-+
-+Now the ugly part. I acquired my copy of Intels
-+"Optimization's For Intel's 32-Bit Processors" and found a few interesting
-+things. First, the aim of the exersize is to 'extract' one byte at a time
-+from a word and do an array lookup. This involves getting the byte from
-+the 4 locations in the word and moving it to a new word and doing the lookup.
-+The most obvious way to do this is
-+xor eax, eax # clear word
-+movb al, cl # get low byte
-+xor edi DWORD PTR 0x100+des_SP[eax] # xor in word
-+movb al, ch # get next byte
-+xor edi DWORD PTR 0x300+des_SP[eax] # xor in word
-+shr ecx 16
-+which seems ok. For the pentium, this system appears to be the best.
-+One has to do instruction interleaving to keep both functional units
-+operating, but it is basically very efficient.
-+
-+Now the crunch. When a full register is used after a partial write, eg.
-+mov al, cl
-+xor edi, DWORD PTR 0x100+des_SP[eax]
-+386 - 1 cycle stall
-+486 - 1 cycle stall
-+586 - 0 cycle stall
-+686 - at least 7 cycle stall (page 22 of the above mentioned document).
-+
-+So the technique that produces the best results on a pentium, according to
-+the documentation, will produce hideous results on a pentium pro.
-+
-+To get around this, des686.pl will generate code that is not as fast on
-+a pentium, should be very good on a pentium pro.
-+mov eax, ecx # copy word
-+shr ecx, 8 # line up next byte
-+and eax, 0fch # mask byte
-+xor edi DWORD PTR 0x100+des_SP[eax] # xor in array lookup
-+mov eax, ecx # get word
-+shr ecx 8 # line up next byte
-+and eax, 0fch # mask byte
-+xor edi DWORD PTR 0x300+des_SP[eax] # xor in array lookup
-+
-+Due to the execution units in the pentium, this actually works quite well.
-+For a pentium pro it should be very good. This is the type of output
-+Visual C++ generates.
-+
-+There is a third option. instead of using
-+mov al, ch
-+which is bad on the pentium pro, one may be able to use
-+movzx eax, ch
-+which may not incur the partial write penalty. On the pentium,
-+this instruction takes 4 cycles so is not worth using but on the
-+pentium pro it appears it may be worth while. I need access to one to
-+experiment :-).
-+
-+eric (20 Oct 1996)
-+
-+22 Nov 1996 - I have asked people to run the 2 different version on pentium
-+pros and it appears that the intel documentation is wrong. The
-+mov al,bh is still faster on a pentium pro, so just use the des586.pl
-+install des686.pl
-+
-+3 Dec 1996 - I added des_encrypt3/des_decrypt3 because I have moved these
-+functions into des_enc.c because it does make a massive performance
-+difference on some boxes to have the functions code located close to
-+the des_encrypt2() function.
-+
-+9 Jan 1997 - des-som2.pl is now the correct perl script to use for
-+pentiums. It contains an inner loop from
-+Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk> which does raw ecb DES calls at
-+273,000 per second. He had a previous version at 250,000 and the best
-+I was able to get was 203,000. The content has not changed, this is all
-+due to instruction sequencing (and actual instructions choice) which is able
-+to keep both functional units of the pentium going.
-+We may have lost the ugly register usage restrictions when x86 went 32 bit
-+but for the pentium it has been replaced by evil instruction ordering tricks.
-+
-+13 Jan 1997 - des-som3.pl, more optimizations from Svend Olaf.
-+raw DES at 281,000 per second on a pentium 100.
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/cbc_enc.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,135 @@
-+/* crypto/des/cbc_enc.c */
-+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
-+ * All rights reserved.
-+ *
-+ * This package is an SSL implementation written
-+ * by Eric Young (eay@cryptsoft.com).
-+ * The implementation was written so as to conform with Netscapes SSL.
-+ *
-+ * This library is free for commercial and non-commercial use as long as
-+ * the following conditions are aheared to. The following conditions
-+ * apply to all code found in this distribution, be it the RC4, RSA,
-+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
-+ * included with this distribution is covered by the same copyright terms
-+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
-+ *
-+ * Copyright remains Eric Young's, and as such any Copyright notices in
-+ * the code are not to be removed.
-+ * If this package is used in a product, Eric Young should be given attribution
-+ * as the author of the parts of the library used.
-+ * This can be in the form of a textual message at program startup or
-+ * in documentation (online or textual) provided with the package.
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions
-+ * are met:
-+ * 1. Redistributions of source code must retain the copyright
-+ * notice, this list of conditions and the following disclaimer.
-+ * 2. Redistributions in binary form must reproduce the above copyright
-+ * notice, this list of conditions and the following disclaimer in the
-+ * documentation and/or other materials provided with the distribution.
-+ * 3. All advertising materials mentioning features or use of this software
-+ * must display the following acknowledgement:
-+ * "This product includes cryptographic software written by
-+ * Eric Young (eay@cryptsoft.com)"
-+ * The word 'cryptographic' can be left out if the rouines from the library
-+ * being used are not cryptographic related :-).
-+ * 4. If you include any Windows specific code (or a derivative thereof) from
-+ * the apps directory (application code) you must include an acknowledgement:
-+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
-+ *
-+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-+ * SUCH DAMAGE.
-+ *
-+ * The licence and distribution terms for any publically available version or
-+ * derivative of this code cannot be changed. i.e. this code cannot simply be
-+ * copied and put under another distribution licence
-+ * [including the GNU Public Licence.]
-+ */
-+
-+#include "des/des_locl.h"
-+
-+void des_cbc_encrypt(input, output, length, schedule, ivec, enc)
-+des_cblock (*input);
-+des_cblock (*output);
-+long length;
-+des_key_schedule schedule;
-+des_cblock (*ivec);
-+int enc;
-+ {
-+ register DES_LONG tin0,tin1;
-+ register DES_LONG tout0,tout1,xor0,xor1;
-+ register unsigned char *in,*out;
-+ register long l=length;
-+ DES_LONG tin[2];
-+ unsigned char *iv;
-+
-+ in=(unsigned char *)input;
-+ out=(unsigned char *)output;
-+ iv=(unsigned char *)ivec;
-+
-+ if (enc)
-+ {
-+ c2l(iv,tout0);
-+ c2l(iv,tout1);
-+ for (l-=8; l>=0; l-=8)
-+ {
-+ c2l(in,tin0);
-+ c2l(in,tin1);
-+ tin0^=tout0; tin[0]=tin0;
-+ tin1^=tout1; tin[1]=tin1;
-+ des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
-+ tout0=tin[0]; l2c(tout0,out);
-+ tout1=tin[1]; l2c(tout1,out);
-+ }
-+ if (l != -8)
-+ {
-+ c2ln(in,tin0,tin1,l+8);
-+ tin0^=tout0; tin[0]=tin0;
-+ tin1^=tout1; tin[1]=tin1;
-+ des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
-+ tout0=tin[0]; l2c(tout0,out);
-+ tout1=tin[1]; l2c(tout1,out);
-+ }
-+ }
-+ else
-+ {
-+ c2l(iv,xor0);
-+ c2l(iv,xor1);
-+ for (l-=8; l>=0; l-=8)
-+ {
-+ c2l(in,tin0); tin[0]=tin0;
-+ c2l(in,tin1); tin[1]=tin1;
-+ des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
-+ tout0=tin[0]^xor0;
-+ tout1=tin[1]^xor1;
-+ l2c(tout0,out);
-+ l2c(tout1,out);
-+ xor0=tin0;
-+ xor1=tin1;
-+ }
-+ if (l != -8)
-+ {
-+ c2l(in,tin0); tin[0]=tin0;
-+ c2l(in,tin1); tin[1]=tin1;
-+ des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
-+ tout0=tin[0]^xor0;
-+ tout1=tin[1]^xor1;
-+ l2cn(tout0,tout1,out,l+8);
-+ /* xor0=tin0;
-+ xor1=tin1; */
-+ }
-+ }
-+ tin0=tin1=tout0=tout1=xor0=xor1=0;
-+ tin[0]=tin[1]=0;
-+ }
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/des.doc Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,505 @@
-+The DES library.
-+
-+Please note that this library was originally written to operate with
-+eBones, a version of Kerberos that had had encryption removed when it left
-+the USA and then put back in. As such there are some routines that I will
-+advise not using but they are still in the library for historical reasons.
-+For all calls that have an 'input' and 'output' variables, they can be the
-+same.
-+
-+This library requires the inclusion of 'des.h'.
-+
-+All of the encryption functions take what is called a des_key_schedule as an
-+argument. A des_key_schedule is an expanded form of the des key.
-+A des_key is 8 bytes of odd parity, the type used to hold the key is a
-+des_cblock. A des_cblock is an array of 8 bytes, often in this library
-+description I will refer to input bytes when the function specifies
-+des_cblock's as input or output, this just means that the variable should
-+be a multiple of 8 bytes.
-+
-+The define DES_ENCRYPT is passed to specify encryption, DES_DECRYPT to
-+specify decryption. The functions and global variable are as follows:
-+
-+int des_check_key;
-+ DES keys are supposed to be odd parity. If this variable is set to
-+ a non-zero value, des_set_key() will check that the key has odd
-+ parity and is not one of the known weak DES keys. By default this
-+ variable is turned off;
-+
-+void des_set_odd_parity(
-+des_cblock *key );
-+ This function takes a DES key (8 bytes) and sets the parity to odd.
-+
-+int des_is_weak_key(
-+des_cblock *key );
-+ This function returns a non-zero value if the DES key passed is a
-+ weak, DES key. If it is a weak key, don't use it, try a different
-+ one. If you are using 'random' keys, the chances of hitting a weak
-+ key are 1/2^52 so it is probably not worth checking for them.
-+
-+int des_set_key(
-+des_cblock *key,
-+des_key_schedule schedule);
-+ Des_set_key converts an 8 byte DES key into a des_key_schedule.
-+ A des_key_schedule is an expanded form of the key which is used to
-+ perform actual encryption. It can be regenerated from the DES key
-+ so it only needs to be kept when encryption or decryption is about
-+ to occur. Don't save or pass around des_key_schedule's since they
-+ are CPU architecture dependent, DES keys are not. If des_check_key
-+ is non zero, zero is returned if the key has the wrong parity or
-+ the key is a weak key, else 1 is returned.
-+
-+int des_key_sched(
-+des_cblock *key,
-+des_key_schedule schedule);
-+ An alternative name for des_set_key().
-+
-+int des_rw_mode; /* defaults to DES_PCBC_MODE */
-+ This flag holds either DES_CBC_MODE or DES_PCBC_MODE (default).
-+ This specifies the function to use in the enc_read() and enc_write()
-+ functions.
-+
-+void des_encrypt(
-+unsigned long *data,
-+des_key_schedule ks,
-+int enc);
-+ This is the DES encryption function that gets called by just about
-+ every other DES routine in the library. You should not use this
-+ function except to implement 'modes' of DES. I say this because the
-+ functions that call this routine do the conversion from 'char *' to
-+ long, and this needs to be done to make sure 'non-aligned' memory
-+ access do not occur. The characters are loaded 'little endian',
-+ have a look at my source code for more details on how I use this
-+ function.
-+ Data is a pointer to 2 unsigned long's and ks is the
-+ des_key_schedule to use. enc, is non zero specifies encryption,
-+ zero if decryption.
-+
-+void des_encrypt2(
-+unsigned long *data,
-+des_key_schedule ks,
-+int enc);
-+ This functions is the same as des_encrypt() except that the DES
-+ initial permutation (IP) and final permutation (FP) have been left
-+ out. As for des_encrypt(), you should not use this function.
-+ It is used by the routines in my library that implement triple DES.
-+ IP() des_encrypt2() des_encrypt2() des_encrypt2() FP() is the same
-+ as des_encrypt() des_encrypt() des_encrypt() except faster :-).
-+
-+void des_ecb_encrypt(
-+des_cblock *input,
-+des_cblock *output,
-+des_key_schedule ks,
-+int enc);
-+ This is the basic Electronic Code Book form of DES, the most basic
-+ form. Input is encrypted into output using the key represented by
-+ ks. If enc is non zero (DES_ENCRYPT), encryption occurs, otherwise
-+ decryption occurs. Input is 8 bytes long and output is 8 bytes.
-+ (the des_cblock structure is 8 chars).
-+
-+void des_ecb3_encrypt(
-+des_cblock *input,
-+des_cblock *output,
-+des_key_schedule ks1,
-+des_key_schedule ks2,
-+des_key_schedule ks3,
-+int enc);
-+ This is the 3 key EDE mode of ECB DES. What this means is that
-+ the 8 bytes of input is encrypted with ks1, decrypted with ks2 and
-+ then encrypted again with ks3, before being put into output;
-+ C=E(ks3,D(ks2,E(ks1,M))). There is a macro, des_ecb2_encrypt()
-+ that only takes 2 des_key_schedules that implements,
-+ C=E(ks1,D(ks2,E(ks1,M))) in that the final encrypt is done with ks1.
-+
-+void des_cbc_encrypt(
-+des_cblock *input,
-+des_cblock *output,
-+long length,
-+des_key_schedule ks,
-+des_cblock *ivec,
-+int enc);
-+ This routine implements DES in Cipher Block Chaining mode.
-+ Input, which should be a multiple of 8 bytes is encrypted
-+ (or decrypted) to output which will also be a multiple of 8 bytes.
-+ The number of bytes is in length (and from what I've said above,
-+ should be a multiple of 8). If length is not a multiple of 8, I'm
-+ not being held responsible :-). ivec is the initialisation vector.
-+ This function does not modify this variable. To correctly implement
-+ cbc mode, you need to do one of 2 things; copy the last 8 bytes of
-+ cipher text for use as the next ivec in your application,
-+ or use des_ncbc_encrypt().
-+ Only this routine has this problem with updating the ivec, all
-+ other routines that are implementing cbc mode update ivec.
-+
-+void des_ncbc_encrypt(
-+des_cblock *input,
-+des_cblock *output,
-+long length,
-+des_key_schedule sk,
-+des_cblock *ivec,
-+int enc);
-+ For historical reasons, des_cbc_encrypt() did not update the
-+ ivec with the value requires so that subsequent calls to
-+ des_cbc_encrypt() would 'chain'. This was needed so that the same
-+ 'length' values would not need to be used when decrypting.
-+ des_ncbc_encrypt() does the right thing. It is the same as
-+ des_cbc_encrypt accept that ivec is updates with the correct value
-+ to pass in subsequent calls to des_ncbc_encrypt(). I advise using
-+ des_ncbc_encrypt() instead of des_cbc_encrypt();
-+
-+void des_xcbc_encrypt(
-+des_cblock *input,
-+des_cblock *output,
-+long length,
-+des_key_schedule sk,
-+des_cblock *ivec,
-+des_cblock *inw,
-+des_cblock *outw,
-+int enc);
-+ This is RSA's DESX mode of DES. It uses inw and outw to
-+ 'whiten' the encryption. inw and outw are secret (unlike the iv)
-+ and are as such, part of the key. So the key is sort of 24 bytes.
-+ This is much better than cbc des.
-+
-+void des_3cbc_encrypt(
-+des_cblock *input,
-+des_cblock *output,
-+long length,
-+des_key_schedule sk1,
-+des_key_schedule sk2,
-+des_cblock *ivec1,
-+des_cblock *ivec2,
-+int enc);
-+ This function is flawed, do not use it. I have left it in the
-+ library because it is used in my des(1) program and will function
-+ correctly when used by des(1). If I removed the function, people
-+ could end up unable to decrypt files.
-+ This routine implements outer triple cbc encryption using 2 ks and
-+ 2 ivec's. Use des_ede2_cbc_encrypt() instead.
-+
-+void des_ede3_cbc_encrypt(
-+des_cblock *input,
-+des_cblock *output,
-+long length,
-+des_key_schedule ks1,
-+des_key_schedule ks2,
-+des_key_schedule ks3,
-+des_cblock *ivec,
-+int enc);
-+ This function implements inner triple CBC DES encryption with 3
-+ keys. What this means is that each 'DES' operation
-+ inside the cbc mode is really an C=E(ks3,D(ks2,E(ks1,M))).
-+ Again, this is cbc mode so an ivec is requires.
-+ This mode is used by SSL.
-+ There is also a des_ede2_cbc_encrypt() that only uses 2
-+ des_key_schedule's, the first being reused for the final
-+ encryption. C=E(ks1,D(ks2,E(ks1,M))). This form of triple DES
-+ is used by the RSAref library.
-+
-+void des_pcbc_encrypt(
-+des_cblock *input,
-+des_cblock *output,
-+long length,
-+des_key_schedule ks,
-+des_cblock *ivec,
-+int enc);
-+ This is Propagating Cipher Block Chaining mode of DES. It is used
-+ by Kerberos v4. It's parameters are the same as des_ncbc_encrypt().
-+
-+void des_cfb_encrypt(
-+unsigned char *in,
-+unsigned char *out,
-+int numbits,
-+long length,
-+des_key_schedule ks,
-+des_cblock *ivec,
-+int enc);
-+ Cipher Feedback Back mode of DES. This implementation 'feeds back'
-+ in numbit blocks. The input (and output) is in multiples of numbits
-+ bits. numbits should to be a multiple of 8 bits. Length is the
-+ number of bytes input. If numbits is not a multiple of 8 bits,
-+ the extra bits in the bytes will be considered padding. So if
-+ numbits is 12, for each 2 input bytes, the 4 high bits of the
-+ second byte will be ignored. So to encode 72 bits when using
-+ a numbits of 12 take 12 bytes. To encode 72 bits when using
-+ numbits of 9 will take 16 bytes. To encode 80 bits when using
-+ numbits of 16 will take 10 bytes. etc, etc. This padding will
-+ apply to both input and output.
-+
-+
-+void des_cfb64_encrypt(
-+unsigned char *in,
-+unsigned char *out,
-+long length,
-+des_key_schedule ks,
-+des_cblock *ivec,
-+int *num,
-+int enc);
-+ This is one of the more useful functions in this DES library, it
-+ implements CFB mode of DES with 64bit feedback. Why is this
-+ useful you ask? Because this routine will allow you to encrypt an
-+ arbitrary number of bytes, no 8 byte padding. Each call to this
-+ routine will encrypt the input bytes to output and then update ivec
-+ and num. num contains 'how far' we are though ivec. If this does
-+ not make much sense, read more about cfb mode of DES :-).
-+
-+void des_ede3_cfb64_encrypt(
-+unsigned char *in,
-+unsigned char *out,
-+long length,
-+des_key_schedule ks1,
-+des_key_schedule ks2,
-+des_key_schedule ks3,
-+des_cblock *ivec,
-+int *num,
-+int enc);
-+ Same as des_cfb64_encrypt() accept that the DES operation is
-+ triple DES. As usual, there is a macro for
-+ des_ede2_cfb64_encrypt() which reuses ks1.
-+
-+void des_ofb_encrypt(
-+unsigned char *in,
-+unsigned char *out,
-+int numbits,
-+long length,
-+des_key_schedule ks,
-+des_cblock *ivec);
-+ This is a implementation of Output Feed Back mode of DES. It is
-+ the same as des_cfb_encrypt() in that numbits is the size of the
-+ units dealt with during input and output (in bits).
-+
-+void des_ofb64_encrypt(
-+unsigned char *in,
-+unsigned char *out,
-+long length,
-+des_key_schedule ks,
-+des_cblock *ivec,
-+int *num);
-+ The same as des_cfb64_encrypt() except that it is Output Feed Back
-+ mode.
-+
-+void des_ede3_ofb64_encrypt(
-+unsigned char *in,
-+unsigned char *out,
-+long length,
-+des_key_schedule ks1,
-+des_key_schedule ks2,
-+des_key_schedule ks3,
-+des_cblock *ivec,
-+int *num);
-+ Same as des_ofb64_encrypt() accept that the DES operation is
-+ triple DES. As usual, there is a macro for
-+ des_ede2_ofb64_encrypt() which reuses ks1.
-+
-+int des_read_pw_string(
-+char *buf,
-+int length,
-+char *prompt,
-+int verify);
-+ This routine is used to get a password from the terminal with echo
-+ turned off. Buf is where the string will end up and length is the
-+ size of buf. Prompt is a string presented to the 'user' and if
-+ verify is set, the key is asked for twice and unless the 2 copies
-+ match, an error is returned. A return code of -1 indicates a
-+ system error, 1 failure due to use interaction, and 0 is success.
-+
-+unsigned long des_cbc_cksum(
-+des_cblock *input,
-+des_cblock *output,
-+long length,
-+des_key_schedule ks,
-+des_cblock *ivec);
-+ This function produces an 8 byte checksum from input that it puts in
-+ output and returns the last 4 bytes as a long. The checksum is
-+ generated via cbc mode of DES in which only the last 8 byes are
-+ kept. I would recommend not using this function but instead using
-+ the EVP_Digest routines, or at least using MD5 or SHA. This
-+ function is used by Kerberos v4 so that is why it stays in the
-+ library.
-+
-+char *des_fcrypt(
-+const char *buf,
-+const char *salt
-+char *ret);
-+ This is my fast version of the unix crypt(3) function. This version
-+ takes only a small amount of space relative to other fast
-+ crypt() implementations. This is different to the normal crypt
-+ in that the third parameter is the buffer that the return value
-+ is written into. It needs to be at least 14 bytes long. This
-+ function is thread safe, unlike the normal crypt.
-+
-+char *crypt(
-+const char *buf,
-+const char *salt);
-+ This function calls des_fcrypt() with a static array passed as the
-+ third parameter. This emulates the normal non-thread safe semantics
-+ of crypt(3).
-+
-+void des_string_to_key(
-+char *str,
-+des_cblock *key);
-+ This function takes str and converts it into a DES key. I would
-+ recommend using MD5 instead and use the first 8 bytes of output.
-+ When I wrote the first version of these routines back in 1990, MD5
-+ did not exist but I feel these routines are still sound. This
-+ routines is compatible with the one in MIT's libdes.
-+
-+void des_string_to_2keys(
-+char *str,
-+des_cblock *key1,
-+des_cblock *key2);
-+ This function takes str and converts it into 2 DES keys.
-+ I would recommend using MD5 and using the 16 bytes as the 2 keys.
-+ I have nothing against these 2 'string_to_key' routines, it's just
-+ that if you say that your encryption key is generated by using the
-+ 16 bytes of an MD5 hash, every-one knows how you generated your
-+ keys.
-+
-+int des_read_password(
-+des_cblock *key,
-+char *prompt,
-+int verify);
-+ This routine combines des_read_pw_string() with des_string_to_key().
-+
-+int des_read_2passwords(
-+des_cblock *key1,
-+des_cblock *key2,
-+char *prompt,
-+int verify);
-+ This routine combines des_read_pw_string() with des_string_to_2key().
-+
-+void des_random_seed(
-+des_cblock key);
-+ This routine sets a starting point for des_random_key().
-+
-+void des_random_key(
-+des_cblock ret);
-+ This function return a random key. Make sure to 'seed' the random
-+ number generator (with des_random_seed()) before using this function.
-+ I personally now use a MD5 based random number system.
-+
-+int des_enc_read(
-+int fd,
-+char *buf,
-+int len,
-+des_key_schedule ks,
-+des_cblock *iv);
-+ This function will write to a file descriptor the encrypted data
-+ from buf. This data will be preceded by a 4 byte 'byte count' and
-+ will be padded out to 8 bytes. The encryption is either CBC of
-+ PCBC depending on the value of des_rw_mode. If it is DES_PCBC_MODE,
-+ pcbc is used, if DES_CBC_MODE, cbc is used. The default is to use
-+ DES_PCBC_MODE.
-+
-+int des_enc_write(
-+int fd,
-+char *buf,
-+int len,
-+des_key_schedule ks,
-+des_cblock *iv);
-+ This routines read stuff written by des_enc_read() and decrypts it.
-+ I have used these routines quite a lot but I don't believe they are
-+ suitable for non-blocking io. If you are after a full
-+ authentication/encryption over networks, have a look at SSL instead.
-+
-+unsigned long des_quad_cksum(
-+des_cblock *input,
-+des_cblock *output,
-+long length,
-+int out_count,
-+des_cblock *seed);
-+ This is a function from Kerberos v4 that is not anything to do with
-+ DES but was needed. It is a cksum that is quicker to generate than
-+ des_cbc_cksum(); I personally would use MD5 routines now.
-+=====
-+Modes of DES
-+Quite a bit of the following information has been taken from
-+ AS 2805.5.2
-+ Australian Standard
-+ Electronic funds transfer - Requirements for interfaces,
-+ Part 5.2: Modes of operation for an n-bit block cipher algorithm
-+ Appendix A
-+
-+There are several different modes in which DES can be used, they are
-+as follows.
-+
-+Electronic Codebook Mode (ECB) (des_ecb_encrypt())
-+- 64 bits are enciphered at a time.
-+- The order of the blocks can be rearranged without detection.
-+- The same plaintext block always produces the same ciphertext block
-+ (for the same key) making it vulnerable to a 'dictionary attack'.
-+- An error will only affect one ciphertext block.
-+
-+Cipher Block Chaining Mode (CBC) (des_cbc_encrypt())
-+- a multiple of 64 bits are enciphered at a time.
-+- The CBC mode produces the same ciphertext whenever the same
-+ plaintext is encrypted using the same key and starting variable.
-+- The chaining operation makes the ciphertext blocks dependent on the
-+ current and all preceding plaintext blocks and therefore blocks can not
-+ be rearranged.
-+- The use of different starting variables prevents the same plaintext
-+ enciphering to the same ciphertext.
-+- An error will affect the current and the following ciphertext blocks.
-+
-+Cipher Feedback Mode (CFB) (des_cfb_encrypt())
-+- a number of bits (j) <= 64 are enciphered at a time.
-+- The CFB mode produces the same ciphertext whenever the same
-+ plaintext is encrypted using the same key and starting variable.
-+- The chaining operation makes the ciphertext variables dependent on the
-+ current and all preceding variables and therefore j-bit variables are
-+ chained together and can not be rearranged.
-+- The use of different starting variables prevents the same plaintext
-+ enciphering to the same ciphertext.
-+- The strength of the CFB mode depends on the size of k (maximal if
-+ j == k). In my implementation this is always the case.
-+- Selection of a small value for j will require more cycles through
-+ the encipherment algorithm per unit of plaintext and thus cause
-+ greater processing overheads.
-+- Only multiples of j bits can be enciphered.
-+- An error will affect the current and the following ciphertext variables.
-+
-+Output Feedback Mode (OFB) (des_ofb_encrypt())
-+- a number of bits (j) <= 64 are enciphered at a time.
-+- The OFB mode produces the same ciphertext whenever the same
-+ plaintext enciphered using the same key and starting variable. More
-+ over, in the OFB mode the same key stream is produced when the same
-+ key and start variable are used. Consequently, for security reasons
-+ a specific start variable should be used only once for a given key.
-+- The absence of chaining makes the OFB more vulnerable to specific attacks.
-+- The use of different start variables values prevents the same
-+ plaintext enciphering to the same ciphertext, by producing different
-+ key streams.
-+- Selection of a small value for j will require more cycles through
-+ the encipherment algorithm per unit of plaintext and thus cause
-+ greater processing overheads.
-+- Only multiples of j bits can be enciphered.
-+- OFB mode of operation does not extend ciphertext errors in the
-+ resultant plaintext output. Every bit error in the ciphertext causes
-+ only one bit to be in error in the deciphered plaintext.
-+- OFB mode is not self-synchronising. If the two operation of
-+ encipherment and decipherment get out of synchronism, the system needs
-+ to be re-initialised.
-+- Each re-initialisation should use a value of the start variable
-+ different from the start variable values used before with the same
-+ key. The reason for this is that an identical bit stream would be
-+ produced each time from the same parameters. This would be
-+ susceptible to a ' known plaintext' attack.
-+
-+Triple ECB Mode (des_ecb3_encrypt())
-+- Encrypt with key1, decrypt with key2 and encrypt with key3 again.
-+- As for ECB encryption but increases the key length to 168 bits.
-+ There are theoretic attacks that can be used that make the effective
-+ key length 112 bits, but this attack also requires 2^56 blocks of
-+ memory, not very likely, even for the NSA.
-+- If both keys are the same it is equivalent to encrypting once with
-+ just one key.
-+- If the first and last key are the same, the key length is 112 bits.
-+ There are attacks that could reduce the key space to 55 bit's but it
-+ requires 2^56 blocks of memory.
-+- If all 3 keys are the same, this is effectively the same as normal
-+ ecb mode.
-+
-+Triple CBC Mode (des_ede3_cbc_encrypt())
-+- Encrypt with key1, decrypt with key2 and then encrypt with key3.
-+- As for CBC encryption but increases the key length to 168 bits with
-+ the same restrictions as for triple ecb mode.
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/des_enc.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,502 @@
-+/* crypto/des/des_enc.c */
-+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
-+ * All rights reserved.
-+ *
-+ * This package is an SSL implementation written
-+ * by Eric Young (eay@cryptsoft.com).
-+ * The implementation was written so as to conform with Netscapes SSL.
-+ *
-+ * This library is free for commercial and non-commercial use as long as
-+ * the following conditions are aheared to. The following conditions
-+ * apply to all code found in this distribution, be it the RC4, RSA,
-+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
-+ * included with this distribution is covered by the same copyright terms
-+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
-+ *
-+ * Copyright remains Eric Young's, and as such any Copyright notices in
-+ * the code are not to be removed.
-+ * If this package is used in a product, Eric Young should be given attribution
-+ * as the author of the parts of the library used.
-+ * This can be in the form of a textual message at program startup or
-+ * in documentation (online or textual) provided with the package.
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions
-+ * are met:
-+ * 1. Redistributions of source code must retain the copyright
-+ * notice, this list of conditions and the following disclaimer.
-+ * 2. Redistributions in binary form must reproduce the above copyright
-+ * notice, this list of conditions and the following disclaimer in the
-+ * documentation and/or other materials provided with the distribution.
-+ * 3. All advertising materials mentioning features or use of this software
-+ * must display the following acknowledgement:
-+ * "This product includes cryptographic software written by
-+ * Eric Young (eay@cryptsoft.com)"
-+ * The word 'cryptographic' can be left out if the rouines from the library
-+ * being used are not cryptographic related :-).
-+ * 4. If you include any Windows specific code (or a derivative thereof) from
-+ * the apps directory (application code) you must include an acknowledgement:
-+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
-+ *
-+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-+ * SUCH DAMAGE.
-+ *
-+ * The licence and distribution terms for any publically available version or
-+ * derivative of this code cannot be changed. i.e. this code cannot simply be
-+ * copied and put under another distribution licence
-+ * [including the GNU Public Licence.]
-+ */
-+
-+#include "des/des_locl.h"
-+
-+void des_encrypt(data, ks, enc)
-+DES_LONG *data;
-+des_key_schedule ks;
-+int enc;
-+ {
-+ register DES_LONG l,r,t,u;
-+#ifdef DES_PTR
-+ register unsigned char *des_SP=(unsigned char *)des_SPtrans;
-+#endif
-+#ifndef DES_UNROLL
-+ register int i;
-+#endif
-+ register DES_LONG *s;
-+
-+ r=data[0];
-+ l=data[1];
-+
-+ IP(r,l);
-+ /* Things have been modified so that the initial rotate is
-+ * done outside the loop. This required the
-+ * des_SPtrans values in sp.h to be rotated 1 bit to the right.
-+ * One perl script later and things have a 5% speed up on a sparc2.
-+ * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
-+ * for pointing this out. */
-+ /* clear the top bits on machines with 8byte longs */
-+ /* shift left by 2 */
-+ r=ROTATE(r,29)&0xffffffffL;
-+ l=ROTATE(l,29)&0xffffffffL;
-+
-+ s=(DES_LONG *)ks;
-+ /* I don't know if it is worth the effort of loop unrolling the
-+ * inner loop */
-+ if (enc)
-+ {
-+#ifdef DES_UNROLL
-+ D_ENCRYPT(l,r, 0); /* 1 */
-+ D_ENCRYPT(r,l, 2); /* 2 */
-+ D_ENCRYPT(l,r, 4); /* 3 */
-+ D_ENCRYPT(r,l, 6); /* 4 */
-+ D_ENCRYPT(l,r, 8); /* 5 */
-+ D_ENCRYPT(r,l,10); /* 6 */
-+ D_ENCRYPT(l,r,12); /* 7 */
-+ D_ENCRYPT(r,l,14); /* 8 */
-+ D_ENCRYPT(l,r,16); /* 9 */
-+ D_ENCRYPT(r,l,18); /* 10 */
-+ D_ENCRYPT(l,r,20); /* 11 */
-+ D_ENCRYPT(r,l,22); /* 12 */
-+ D_ENCRYPT(l,r,24); /* 13 */
-+ D_ENCRYPT(r,l,26); /* 14 */
-+ D_ENCRYPT(l,r,28); /* 15 */
-+ D_ENCRYPT(r,l,30); /* 16 */
-+#else
-+ for (i=0; i<32; i+=8)
-+ {
-+ D_ENCRYPT(l,r,i+0); /* 1 */
-+ D_ENCRYPT(r,l,i+2); /* 2 */
-+ D_ENCRYPT(l,r,i+4); /* 3 */
-+ D_ENCRYPT(r,l,i+6); /* 4 */
-+ }
-+#endif
-+ }
-+ else
-+ {
-+#ifdef DES_UNROLL
-+ D_ENCRYPT(l,r,30); /* 16 */
-+ D_ENCRYPT(r,l,28); /* 15 */
-+ D_ENCRYPT(l,r,26); /* 14 */
-+ D_ENCRYPT(r,l,24); /* 13 */
-+ D_ENCRYPT(l,r,22); /* 12 */
-+ D_ENCRYPT(r,l,20); /* 11 */
-+ D_ENCRYPT(l,r,18); /* 10 */
-+ D_ENCRYPT(r,l,16); /* 9 */
-+ D_ENCRYPT(l,r,14); /* 8 */
-+ D_ENCRYPT(r,l,12); /* 7 */
-+ D_ENCRYPT(l,r,10); /* 6 */
-+ D_ENCRYPT(r,l, 8); /* 5 */
-+ D_ENCRYPT(l,r, 6); /* 4 */
-+ D_ENCRYPT(r,l, 4); /* 3 */
-+ D_ENCRYPT(l,r, 2); /* 2 */
-+ D_ENCRYPT(r,l, 0); /* 1 */
-+#else
-+ for (i=30; i>0; i-=8)
-+ {
-+ D_ENCRYPT(l,r,i-0); /* 16 */
-+ D_ENCRYPT(r,l,i-2); /* 15 */
-+ D_ENCRYPT(l,r,i-4); /* 14 */
-+ D_ENCRYPT(r,l,i-6); /* 13 */
-+ }
-+#endif
-+ }
-+
-+ /* rotate and clear the top bits on machines with 8byte longs */
-+ l=ROTATE(l,3)&0xffffffffL;
-+ r=ROTATE(r,3)&0xffffffffL;
-+
-+ FP(r,l);
-+ data[0]=l;
-+ data[1]=r;
-+ l=r=t=u=0;
-+ }
-+
-+void des_encrypt2(data, ks, enc)
-+DES_LONG *data;
-+des_key_schedule ks;
-+int enc;
-+ {
-+ register DES_LONG l,r,t,u;
-+#ifdef DES_PTR
-+ register unsigned char *des_SP=(unsigned char *)des_SPtrans;
-+#endif
-+#ifndef DES_UNROLL
-+ register int i;
-+#endif
-+ register DES_LONG *s;
-+
-+ r=data[0];
-+ l=data[1];
-+
-+ /* Things have been modified so that the initial rotate is
-+ * done outside the loop. This required the
-+ * des_SPtrans values in sp.h to be rotated 1 bit to the right.
-+ * One perl script later and things have a 5% speed up on a sparc2.
-+ * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
-+ * for pointing this out. */
-+ /* clear the top bits on machines with 8byte longs */
-+ r=ROTATE(r,29)&0xffffffffL;
-+ l=ROTATE(l,29)&0xffffffffL;
-+
-+ s=(DES_LONG *)ks;
-+ /* I don't know if it is worth the effort of loop unrolling the
-+ * inner loop */
-+ if (enc)
-+ {
-+#ifdef DES_UNROLL
-+ D_ENCRYPT(l,r, 0); /* 1 */
-+ D_ENCRYPT(r,l, 2); /* 2 */
-+ D_ENCRYPT(l,r, 4); /* 3 */
-+ D_ENCRYPT(r,l, 6); /* 4 */
-+ D_ENCRYPT(l,r, 8); /* 5 */
-+ D_ENCRYPT(r,l,10); /* 6 */
-+ D_ENCRYPT(l,r,12); /* 7 */
-+ D_ENCRYPT(r,l,14); /* 8 */
-+ D_ENCRYPT(l,r,16); /* 9 */
-+ D_ENCRYPT(r,l,18); /* 10 */
-+ D_ENCRYPT(l,r,20); /* 11 */
-+ D_ENCRYPT(r,l,22); /* 12 */
-+ D_ENCRYPT(l,r,24); /* 13 */
-+ D_ENCRYPT(r,l,26); /* 14 */
-+ D_ENCRYPT(l,r,28); /* 15 */
-+ D_ENCRYPT(r,l,30); /* 16 */
-+#else
-+ for (i=0; i<32; i+=8)
-+ {
-+ D_ENCRYPT(l,r,i+0); /* 1 */
-+ D_ENCRYPT(r,l,i+2); /* 2 */
-+ D_ENCRYPT(l,r,i+4); /* 3 */
-+ D_ENCRYPT(r,l,i+6); /* 4 */
-+ }
-+#endif
-+ }
-+ else
-+ {
-+#ifdef DES_UNROLL
-+ D_ENCRYPT(l,r,30); /* 16 */
-+ D_ENCRYPT(r,l,28); /* 15 */
-+ D_ENCRYPT(l,r,26); /* 14 */
-+ D_ENCRYPT(r,l,24); /* 13 */
-+ D_ENCRYPT(l,r,22); /* 12 */
-+ D_ENCRYPT(r,l,20); /* 11 */
-+ D_ENCRYPT(l,r,18); /* 10 */
-+ D_ENCRYPT(r,l,16); /* 9 */
-+ D_ENCRYPT(l,r,14); /* 8 */
-+ D_ENCRYPT(r,l,12); /* 7 */
-+ D_ENCRYPT(l,r,10); /* 6 */
-+ D_ENCRYPT(r,l, 8); /* 5 */
-+ D_ENCRYPT(l,r, 6); /* 4 */
-+ D_ENCRYPT(r,l, 4); /* 3 */
-+ D_ENCRYPT(l,r, 2); /* 2 */
-+ D_ENCRYPT(r,l, 0); /* 1 */
-+#else
-+ for (i=30; i>0; i-=8)
-+ {
-+ D_ENCRYPT(l,r,i-0); /* 16 */
-+ D_ENCRYPT(r,l,i-2); /* 15 */
-+ D_ENCRYPT(l,r,i-4); /* 14 */
-+ D_ENCRYPT(r,l,i-6); /* 13 */
-+ }
-+#endif
-+ }
-+ /* rotate and clear the top bits on machines with 8byte longs */
-+ data[0]=ROTATE(l,3)&0xffffffffL;
-+ data[1]=ROTATE(r,3)&0xffffffffL;
-+ l=r=t=u=0;
-+ }
-+
-+void des_encrypt3(data,ks1,ks2,ks3)
-+DES_LONG *data;
-+des_key_schedule ks1;
-+des_key_schedule ks2;
-+des_key_schedule ks3;
-+ {
-+ register DES_LONG l,r;
-+
-+ l=data[0];
-+ r=data[1];
-+ IP(l,r);
-+ data[0]=l;
-+ data[1]=r;
-+ des_encrypt2((DES_LONG *)data,ks1,DES_ENCRYPT);
-+ des_encrypt2((DES_LONG *)data,ks2,DES_DECRYPT);
-+ des_encrypt2((DES_LONG *)data,ks3,DES_ENCRYPT);
-+ l=data[0];
-+ r=data[1];
-+ FP(r,l);
-+ data[0]=l;
-+ data[1]=r;
-+ }
-+
-+void des_decrypt3(data,ks1,ks2,ks3)
-+DES_LONG *data;
-+des_key_schedule ks1;
-+des_key_schedule ks2;
-+des_key_schedule ks3;
-+ {
-+ register DES_LONG l,r;
-+
-+ l=data[0];
-+ r=data[1];
-+ IP(l,r);
-+ data[0]=l;
-+ data[1]=r;
-+ des_encrypt2((DES_LONG *)data,ks3,DES_DECRYPT);
-+ des_encrypt2((DES_LONG *)data,ks2,DES_ENCRYPT);
-+ des_encrypt2((DES_LONG *)data,ks1,DES_DECRYPT);
-+ l=data[0];
-+ r=data[1];
-+ FP(r,l);
-+ data[0]=l;
-+ data[1]=r;
-+ }
-+
-+#ifndef DES_DEFAULT_OPTIONS
-+
-+void des_ncbc_encrypt(input, output, length, schedule, ivec, enc)
-+des_cblock (*input);
-+des_cblock (*output);
-+long length;
-+des_key_schedule schedule;
-+des_cblock (*ivec);
-+int enc;
-+ {
-+ register DES_LONG tin0,tin1;
-+ register DES_LONG tout0,tout1,xor0,xor1;
-+ register unsigned char *in,*out;
-+ register long l=length;
-+ DES_LONG tin[2];
-+ unsigned char *iv;
-+
-+ in=(unsigned char *)input;
-+ out=(unsigned char *)output;
-+ iv=(unsigned char *)ivec;
-+
-+ if (enc)
-+ {
-+ c2l(iv,tout0);
-+ c2l(iv,tout1);
-+ for (l-=8; l>=0; l-=8)
-+ {
-+ c2l(in,tin0);
-+ c2l(in,tin1);
-+ tin0^=tout0; tin[0]=tin0;
-+ tin1^=tout1; tin[1]=tin1;
-+ des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
-+ tout0=tin[0]; l2c(tout0,out);
-+ tout1=tin[1]; l2c(tout1,out);
-+ }
-+ if (l != -8)
-+ {
-+ c2ln(in,tin0,tin1,l+8);
-+ tin0^=tout0; tin[0]=tin0;
-+ tin1^=tout1; tin[1]=tin1;
-+ des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
-+ tout0=tin[0]; l2c(tout0,out);
-+ tout1=tin[1]; l2c(tout1,out);
-+ }
-+ iv=(unsigned char *)ivec;
-+ l2c(tout0,iv);
-+ l2c(tout1,iv);
-+ }
-+ else
-+ {
-+ c2l(iv,xor0);
-+ c2l(iv,xor1);
-+ for (l-=8; l>=0; l-=8)
-+ {
-+ c2l(in,tin0); tin[0]=tin0;
-+ c2l(in,tin1); tin[1]=tin1;
-+ des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
-+ tout0=tin[0]^xor0;
-+ tout1=tin[1]^xor1;
-+ l2c(tout0,out);
-+ l2c(tout1,out);
-+ xor0=tin0;
-+ xor1=tin1;
-+ }
-+ if (l != -8)
-+ {
-+ c2l(in,tin0); tin[0]=tin0;
-+ c2l(in,tin1); tin[1]=tin1;
-+ des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
-+ tout0=tin[0]^xor0;
-+ tout1=tin[1]^xor1;
-+ l2cn(tout0,tout1,out,l+8);
-+ xor0=tin0;
-+ xor1=tin1;
-+ }
-+
-+ iv=(unsigned char *)ivec;
-+ l2c(xor0,iv);
-+ l2c(xor1,iv);
-+ }
-+ tin0=tin1=tout0=tout1=xor0=xor1=0;
-+ tin[0]=tin[1]=0;
-+ }
-+
-+void des_ede3_cbc_encrypt(input, output, length, ks1, ks2, ks3, ivec, enc)
-+des_cblock (*input);
-+des_cblock (*output);
-+long length;
-+des_key_schedule ks1;
-+des_key_schedule ks2;
-+des_key_schedule ks3;
-+des_cblock (*ivec);
-+int enc;
-+ {
-+ register DES_LONG tin0,tin1;
-+ register DES_LONG tout0,tout1,xor0,xor1;
-+ register unsigned char *in,*out;
-+ register long l=length;
-+ DES_LONG tin[2];
-+ unsigned char *iv;
-+
-+ in=(unsigned char *)input;
-+ out=(unsigned char *)output;
-+ iv=(unsigned char *)ivec;
-+
-+ if (enc)
-+ {
-+ c2l(iv,tout0);
-+ c2l(iv,tout1);
-+ for (l-=8; l>=0; l-=8)
-+ {
-+ c2l(in,tin0);
-+ c2l(in,tin1);
-+ tin0^=tout0;
-+ tin1^=tout1;
-+
-+ tin[0]=tin0;
-+ tin[1]=tin1;
-+ des_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
-+ tout0=tin[0];
-+ tout1=tin[1];
-+
-+ l2c(tout0,out);
-+ l2c(tout1,out);
-+ }
-+ if (l != -8)
-+ {
-+ c2ln(in,tin0,tin1,l+8);
-+ tin0^=tout0;
-+ tin1^=tout1;
-+
-+ tin[0]=tin0;
-+ tin[1]=tin1;
-+ des_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
-+ tout0=tin[0];
-+ tout1=tin[1];
-+
-+ l2c(tout0,out);
-+ l2c(tout1,out);
-+ }
-+ iv=(unsigned char *)ivec;
-+ l2c(tout0,iv);
-+ l2c(tout1,iv);
-+ }
-+ else
-+ {
-+ register DES_LONG t0,t1;
-+
-+ c2l(iv,xor0);
-+ c2l(iv,xor1);
-+ for (l-=8; l>=0; l-=8)
-+ {
-+ c2l(in,tin0);
-+ c2l(in,tin1);
-+
-+ t0=tin0;
-+ t1=tin1;
-+
-+ tin[0]=tin0;
-+ tin[1]=tin1;
-+ des_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
-+ tout0=tin[0];
-+ tout1=tin[1];
-+
-+ tout0^=xor0;
-+ tout1^=xor1;
-+ l2c(tout0,out);
-+ l2c(tout1,out);
-+ xor0=t0;
-+ xor1=t1;
-+ }
-+ if (l != -8)
-+ {
-+ c2l(in,tin0);
-+ c2l(in,tin1);
-+
-+ t0=tin0;
-+ t1=tin1;
-+
-+ tin[0]=tin0;
-+ tin[1]=tin1;
-+ des_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
-+ tout0=tin[0];
-+ tout1=tin[1];
-+
-+ tout0^=xor0;
-+ tout1^=xor1;
-+ l2cn(tout0,tout1,out,l+8);
-+ xor0=t0;
-+ xor1=t1;
-+ }
-+
-+ iv=(unsigned char *)ivec;
-+ l2c(xor0,iv);
-+ l2c(xor1,iv);
-+ }
-+ tin0=tin1=tout0=tout1=xor0=xor1=0;
-+ tin[0]=tin[1]=0;
-+ }
-+
-+#endif /* DES_DEFAULT_OPTIONS */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/des_opts.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,620 @@
-+/* crypto/des/des_opts.c */
-+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
-+ * All rights reserved.
-+ *
-+ * This package is an SSL implementation written
-+ * by Eric Young (eay@cryptsoft.com).
-+ * The implementation was written so as to conform with Netscapes SSL.
-+ *
-+ * This library is free for commercial and non-commercial use as long as
-+ * the following conditions are aheared to. The following conditions
-+ * apply to all code found in this distribution, be it the RC4, RSA,
-+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
-+ * included with this distribution is covered by the same copyright terms
-+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
-+ *
-+ * Copyright remains Eric Young's, and as such any Copyright notices in
-+ * the code are not to be removed.
-+ * If this package is used in a product, Eric Young should be given attribution
-+ * as the author of the parts of the library used.
-+ * This can be in the form of a textual message at program startup or
-+ * in documentation (online or textual) provided with the package.
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions
-+ * are met:
-+ * 1. Redistributions of source code must retain the copyright
-+ * notice, this list of conditions and the following disclaimer.
-+ * 2. Redistributions in binary form must reproduce the above copyright
-+ * notice, this list of conditions and the following disclaimer in the
-+ * documentation and/or other materials provided with the distribution.
-+ * 3. All advertising materials mentioning features or use of this software
-+ * must display the following acknowledgement:
-+ * "This product includes cryptographic software written by
-+ * Eric Young (eay@cryptsoft.com)"
-+ * The word 'cryptographic' can be left out if the rouines from the library
-+ * being used are not cryptographic related :-).
-+ * 4. If you include any Windows specific code (or a derivative thereof) from
-+ * the apps directory (application code) you must include an acknowledgement:
-+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
-+ *
-+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-+ * SUCH DAMAGE.
-+ *
-+ * The licence and distribution terms for any publically available version or
-+ * derivative of this code cannot be changed. i.e. this code cannot simply be
-+ * copied and put under another distribution licence
-+ * [including the GNU Public Licence.]
-+ */
-+
-+/* define PART1, PART2, PART3 or PART4 to build only with a few of the options.
-+ * This is for machines with 64k code segment size restrictions. */
-+
-+#ifndef MSDOS
-+#define TIMES
-+#endif
-+
-+#include <stdio.h>
-+#ifndef MSDOS
-+#include <unistd.h>
-+#else
-+#include <io.h>
-+extern void exit();
-+#endif
-+#include <signal.h>
-+#ifndef VMS
-+#ifndef _IRIX
-+#include <time.h>
-+#endif
-+#ifdef TIMES
-+#include <sys/types.h>
-+#include <sys/times.h>
-+#endif
-+#else /* VMS */
-+#include <types.h>
-+struct tms {
-+ time_t tms_utime;
-+ time_t tms_stime;
-+ time_t tms_uchild; /* I dunno... */
-+ time_t tms_uchildsys; /* so these names are a guess :-) */
-+ }
-+#endif
-+#ifndef TIMES
-+#include <sys/timeb.h>
-+#endif
-+
-+#ifdef sun
-+#include <limits.h>
-+#include <sys/param.h>
-+#endif
-+
-+#include "des/des_locl.h"
-+#include "des/spr.h"
-+
-+#define DES_DEFAULT_OPTIONS
-+
-+#if !defined(PART1) && !defined(PART2) && !defined(PART3) && !defined(PART4)
-+#define PART1
-+#define PART2
-+#define PART3
-+#define PART4
-+#endif
-+
-+#ifdef PART1
-+
-+#undef DES_UNROLL
-+#undef DES_RISC1
-+#undef DES_RISC2
-+#undef DES_PTR
-+#undef D_ENCRYPT
-+#define des_encrypt des_encrypt_u4_cisc_idx
-+#define des_encrypt2 des_encrypt2_u4_cisc_idx
-+#define des_encrypt3 des_encrypt3_u4_cisc_idx
-+#define des_decrypt3 des_decrypt3_u4_cisc_idx
-+#undef HEADER_DES_LOCL_H
-+#include "des_enc.c"
-+
-+#define DES_UNROLL
-+#undef DES_RISC1
-+#undef DES_RISC2
-+#undef DES_PTR
-+#undef D_ENCRYPT
-+#undef des_encrypt
-+#undef des_encrypt2
-+#undef des_encrypt3
-+#undef des_decrypt3
-+#define des_encrypt des_encrypt_u16_cisc_idx
-+#define des_encrypt2 des_encrypt2_u16_cisc_idx
-+#define des_encrypt3 des_encrypt3_u16_cisc_idx
-+#define des_decrypt3 des_decrypt3_u16_cisc_idx
-+#undef HEADER_DES_LOCL_H
-+#include "des_enc.c"
-+
-+#undef DES_UNROLL
-+#define DES_RISC1
-+#undef DES_RISC2
-+#undef DES_PTR
-+#undef D_ENCRYPT
-+#undef des_encrypt
-+#undef des_encrypt2
-+#undef des_encrypt3
-+#undef des_decrypt3
-+#define des_encrypt des_encrypt_u4_risc1_idx
-+#define des_encrypt2 des_encrypt2_u4_risc1_idx
-+#define des_encrypt3 des_encrypt3_u4_risc1_idx
-+#define des_decrypt3 des_decrypt3_u4_risc1_idx
-+#undef HEADER_DES_LOCL_H
-+#include "des_enc.c"
-+
-+#endif
-+
-+#ifdef PART2
-+
-+#undef DES_UNROLL
-+#undef DES_RISC1
-+#define DES_RISC2
-+#undef DES_PTR
-+#undef D_ENCRYPT
-+#undef des_encrypt
-+#undef des_encrypt2
-+#undef des_encrypt3
-+#undef des_decrypt3
-+#define des_encrypt des_encrypt_u4_risc2_idx
-+#define des_encrypt2 des_encrypt2_u4_risc2_idx
-+#define des_encrypt3 des_encrypt3_u4_risc2_idx
-+#define des_decrypt3 des_decrypt3_u4_risc2_idx
-+#undef HEADER_DES_LOCL_H
-+#include "des_enc.c"
-+
-+#define DES_UNROLL
-+#define DES_RISC1
-+#undef DES_RISC2
-+#undef DES_PTR
-+#undef D_ENCRYPT
-+#undef des_encrypt
-+#undef des_encrypt2
-+#undef des_encrypt3
-+#undef des_decrypt3
-+#define des_encrypt des_encrypt_u16_risc1_idx
-+#define des_encrypt2 des_encrypt2_u16_risc1_idx
-+#define des_encrypt3 des_encrypt3_u16_risc1_idx
-+#define des_decrypt3 des_decrypt3_u16_risc1_idx
-+#undef HEADER_DES_LOCL_H
-+#include "des_enc.c"
-+
-+#define DES_UNROLL
-+#undef DES_RISC1
-+#define DES_RISC2
-+#undef DES_PTR
-+#undef D_ENCRYPT
-+#undef des_encrypt
-+#undef des_encrypt2
-+#undef des_encrypt3
-+#undef des_decrypt3
-+#define des_encrypt des_encrypt_u16_risc2_idx
-+#define des_encrypt2 des_encrypt2_u16_risc2_idx
-+#define des_encrypt3 des_encrypt3_u16_risc2_idx
-+#define des_decrypt3 des_decrypt3_u16_risc2_idx
-+#undef HEADER_DES_LOCL_H
-+#include "des_enc.c"
-+
-+#endif
-+
-+#ifdef PART3
-+
-+#undef DES_UNROLL
-+#undef DES_RISC1
-+#undef DES_RISC2
-+#define DES_PTR
-+#undef D_ENCRYPT
-+#undef des_encrypt
-+#undef des_encrypt2
-+#undef des_encrypt3
-+#undef des_decrypt3
-+#define des_encrypt des_encrypt_u4_cisc_ptr
-+#define des_encrypt2 des_encrypt2_u4_cisc_ptr
-+#define des_encrypt3 des_encrypt3_u4_cisc_ptr
-+#define des_decrypt3 des_decrypt3_u4_cisc_ptr
-+#undef HEADER_DES_LOCL_H
-+#include "des_enc.c"
-+
-+#define DES_UNROLL
-+#undef DES_RISC1
-+#undef DES_RISC2
-+#define DES_PTR
-+#undef D_ENCRYPT
-+#undef des_encrypt
-+#undef des_encrypt2
-+#undef des_encrypt3
-+#undef des_decrypt3
-+#define des_encrypt des_encrypt_u16_cisc_ptr
-+#define des_encrypt2 des_encrypt2_u16_cisc_ptr
-+#define des_encrypt3 des_encrypt3_u16_cisc_ptr
-+#define des_decrypt3 des_decrypt3_u16_cisc_ptr
-+#undef HEADER_DES_LOCL_H
-+#include "des_enc.c"
-+
-+#undef DES_UNROLL
-+#define DES_RISC1
-+#undef DES_RISC2
-+#define DES_PTR
-+#undef D_ENCRYPT
-+#undef des_encrypt
-+#undef des_encrypt2
-+#undef des_encrypt3
-+#undef des_decrypt3
-+#define des_encrypt des_encrypt_u4_risc1_ptr
-+#define des_encrypt2 des_encrypt2_u4_risc1_ptr
-+#define des_encrypt3 des_encrypt3_u4_risc1_ptr
-+#define des_decrypt3 des_decrypt3_u4_risc1_ptr
-+#undef HEADER_DES_LOCL_H
-+#include "des_enc.c"
-+
-+#endif
-+
-+#ifdef PART4
-+
-+#undef DES_UNROLL
-+#undef DES_RISC1
-+#define DES_RISC2
-+#define DES_PTR
-+#undef D_ENCRYPT
-+#undef des_encrypt
-+#undef des_encrypt2
-+#undef des_encrypt3
-+#undef des_decrypt3
-+#define des_encrypt des_encrypt_u4_risc2_ptr
-+#define des_encrypt2 des_encrypt2_u4_risc2_ptr
-+#define des_encrypt3 des_encrypt3_u4_risc2_ptr
-+#define des_decrypt3 des_decrypt3_u4_risc2_ptr
-+#undef HEADER_DES_LOCL_H
-+#include "des_enc.c"
-+
-+#define DES_UNROLL
-+#define DES_RISC1
-+#undef DES_RISC2
-+#define DES_PTR
-+#undef D_ENCRYPT
-+#undef des_encrypt
-+#undef des_encrypt2
-+#undef des_encrypt3
-+#undef des_decrypt3
-+#define des_encrypt des_encrypt_u16_risc1_ptr
-+#define des_encrypt2 des_encrypt2_u16_risc1_ptr
-+#define des_encrypt3 des_encrypt3_u16_risc1_ptr
-+#define des_decrypt3 des_decrypt3_u16_risc1_ptr
-+#undef HEADER_DES_LOCL_H
-+#include "des_enc.c"
-+
-+#define DES_UNROLL
-+#undef DES_RISC1
-+#define DES_RISC2
-+#define DES_PTR
-+#undef D_ENCRYPT
-+#undef des_encrypt
-+#undef des_encrypt2
-+#undef des_encrypt3
-+#undef des_decrypt3
-+#define des_encrypt des_encrypt_u16_risc2_ptr
-+#define des_encrypt2 des_encrypt2_u16_risc2_ptr
-+#define des_encrypt3 des_encrypt3_u16_risc2_ptr
-+#define des_decrypt3 des_decrypt3_u16_risc2_ptr
-+#undef HEADER_DES_LOCL_H
-+#include "des_enc.c"
-+
-+#endif
-+
-+/* The following if from times(3) man page. It may need to be changed */
-+#ifndef HZ
-+# ifndef CLK_TCK
-+# ifndef _BSD_CLK_TCK_ /* FreeBSD fix */
-+# ifndef VMS
-+# define HZ 100.0
-+# else /* VMS */
-+# define HZ 100.0
-+# endif
-+# else /* _BSD_CLK_TCK_ */
-+# define HZ ((double)_BSD_CLK_TCK_)
-+# endif
-+# else /* CLK_TCK */
-+# define HZ ((double)CLK_TCK)
-+# endif
-+#endif
-+
-+#define BUFSIZE ((long)1024)
-+long run=0;
-+
-+#ifndef NOPROTO
-+double Time_F(int s);
-+#else
-+double Time_F();
-+#endif
-+
-+#ifdef SIGALRM
-+#if defined(__STDC__) || defined(sgi)
-+#define SIGRETTYPE void
-+#else
-+#define SIGRETTYPE int
-+#endif
-+
-+#ifndef NOPROTO
-+SIGRETTYPE sig_done(int sig);
-+#else
-+SIGRETTYPE sig_done();
-+#endif
-+
-+SIGRETTYPE sig_done(sig)
-+int sig;
-+ {
-+ signal(SIGALRM,sig_done);
-+ run=0;
-+#ifdef LINT
-+ sig=sig;
-+#endif
-+ }
-+#endif
-+
-+#define START 0
-+#define STOP 1
-+
-+double Time_F(s)
-+int s;
-+ {
-+ double ret;
-+#ifdef TIMES
-+ static struct tms tstart,tend;
-+
-+ if (s == START)
-+ {
-+ times(&tstart);
-+ return(0);
-+ }
-+ else
-+ {
-+ times(&tend);
-+ ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
-+ return((ret == 0.0)?1e-6:ret);
-+ }
-+#else /* !times() */
-+ static struct timeb tstart,tend;
-+ long i;
-+
-+ if (s == START)
-+ {
-+ ftime(&tstart);
-+ return(0);
-+ }
-+ else
-+ {
-+ ftime(&tend);
-+ i=(long)tend.millitm-(long)tstart.millitm;
-+ ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
-+ return((ret == 0.0)?1e-6:ret);
-+ }
-+#endif
-+ }
-+
-+#ifdef SIGALRM
-+#define print_name(name) fprintf(stderr,"Doing %s's for 10 seconds\n",name); alarm(10);
-+#else
-+#define print_name(name) fprintf(stderr,"Doing %s %ld times\n",name,cb);
-+#endif
-+
-+#define time_it(func,name,index) \
-+ print_name(name); \
-+ Time_F(START); \
-+ for (count=0,run=1; COND(cb); count++) \
-+ { \
-+ unsigned long d[2]; \
-+ func(d,&(sch[0]),DES_ENCRYPT); \
-+ } \
-+ tm[index]=Time_F(STOP); \
-+ fprintf(stderr,"%ld %s's in %.2f second\n",count,name,tm[index]); \
-+ tm[index]=((double)COUNT(cb))/tm[index];
-+
-+#define print_it(name,index) \
-+ fprintf(stderr,"%s bytes per sec = %12.2f (%5.1fuS)\n",name, \
-+ tm[index]*8,1.0e6/tm[index]);
-+
-+int main(argc,argv)
-+int argc;
-+char **argv;
-+ {
-+ long count;
-+ static unsigned char buf[BUFSIZE];
-+ static des_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
-+ static des_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
-+ static des_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
-+ des_key_schedule sch,sch2,sch3;
-+ double d,tm[16],max=0;
-+ int rank[16];
-+ char *str[16];
-+ int max_idx=0,i,num=0,j;
-+#ifndef SIGALARM
-+ long ca,cb,cc,cd,ce;
-+#endif
-+
-+ for (i=0; i<12; i++)
-+ {
-+ tm[i]=0.0;
-+ rank[i]=0;
-+ }
-+
-+#ifndef TIMES
-+ fprintf(stderr,"To get the most acurate results, try to run this\n");
-+ fprintf(stderr,"program when this computer is idle.\n");
-+#endif
-+
-+ des_set_key((C_Block *)key,sch);
-+ des_set_key((C_Block *)key2,sch2);
-+ des_set_key((C_Block *)key3,sch3);
-+
-+#ifndef SIGALRM
-+ fprintf(stderr,"First we calculate the approximate speed ...\n");
-+ des_set_key((C_Block *)key,sch);
-+ count=10;
-+ do {
-+ long i;
-+ unsigned long data[2];
-+
-+ count*=2;
-+ Time_F(START);
-+ for (i=count; i; i--)
-+ des_encrypt(data,&(sch[0]),DES_ENCRYPT);
-+ d=Time_F(STOP);
-+ } while (d < 3.0);
-+ ca=count;
-+ cb=count*3;
-+ cc=count*3*8/BUFSIZE+1;
-+ cd=count*8/BUFSIZE+1;
-+
-+ ce=count/20+1;
-+#define COND(d) (count != (d))
-+#define COUNT(d) (d)
-+#else
-+#define COND(c) (run)
-+#define COUNT(d) (count)
-+ signal(SIGALRM,sig_done);
-+ alarm(10);
-+#endif
-+
-+#ifdef PART1
-+ time_it(des_encrypt_u4_cisc_idx, "des_encrypt_u4_cisc_idx ", 0);
-+ time_it(des_encrypt_u16_cisc_idx, "des_encrypt_u16_cisc_idx ", 1);
-+ time_it(des_encrypt_u4_risc1_idx, "des_encrypt_u4_risc1_idx ", 2);
-+ num+=3;
-+#endif
-+#ifdef PART2
-+ time_it(des_encrypt_u16_risc1_idx,"des_encrypt_u16_risc1_idx", 3);
-+ time_it(des_encrypt_u4_risc2_idx, "des_encrypt_u4_risc2_idx ", 4);
-+ time_it(des_encrypt_u16_risc2_idx,"des_encrypt_u16_risc2_idx", 5);
-+ num+=3;
-+#endif
-+#ifdef PART3
-+ time_it(des_encrypt_u4_cisc_ptr, "des_encrypt_u4_cisc_ptr ", 6);
-+ time_it(des_encrypt_u16_cisc_ptr, "des_encrypt_u16_cisc_ptr ", 7);
-+ time_it(des_encrypt_u4_risc1_ptr, "des_encrypt_u4_risc1_ptr ", 8);
-+ num+=3;
-+#endif
-+#ifdef PART4
-+ time_it(des_encrypt_u16_risc1_ptr,"des_encrypt_u16_risc1_ptr", 9);
-+ time_it(des_encrypt_u4_risc2_ptr, "des_encrypt_u4_risc2_ptr ",10);
-+ time_it(des_encrypt_u16_risc2_ptr,"des_encrypt_u16_risc2_ptr",11);
-+ num+=3;
-+#endif
-+
-+#ifdef PART1
-+ str[0]=" 4 c i";
-+ print_it("des_encrypt_u4_cisc_idx ",0);
-+ max=tm[0];
-+ max_idx=0;
-+ str[1]="16 c i";
-+ print_it("des_encrypt_u16_cisc_idx ",1);
-+ if (max < tm[1]) { max=tm[1]; max_idx=1; }
-+ str[2]=" 4 r1 i";
-+ print_it("des_encrypt_u4_risc1_idx ",2);
-+ if (max < tm[2]) { max=tm[2]; max_idx=2; }
-+#endif
-+#ifdef PART2
-+ str[3]="16 r1 i";
-+ print_it("des_encrypt_u16_risc1_idx",3);
-+ if (max < tm[3]) { max=tm[3]; max_idx=3; }
-+ str[4]=" 4 r2 i";
-+ print_it("des_encrypt_u4_risc2_idx ",4);
-+ if (max < tm[4]) { max=tm[4]; max_idx=4; }
-+ str[5]="16 r2 i";
-+ print_it("des_encrypt_u16_risc2_idx",5);
-+ if (max < tm[5]) { max=tm[5]; max_idx=5; }
-+#endif
-+#ifdef PART3
-+ str[6]=" 4 c p";
-+ print_it("des_encrypt_u4_cisc_ptr ",6);
-+ if (max < tm[6]) { max=tm[6]; max_idx=6; }
-+ str[7]="16 c p";
-+ print_it("des_encrypt_u16_cisc_ptr ",7);
-+ if (max < tm[7]) { max=tm[7]; max_idx=7; }
-+ str[8]=" 4 r1 p";
-+ print_it("des_encrypt_u4_risc1_ptr ",8);
-+ if (max < tm[8]) { max=tm[8]; max_idx=8; }
-+#endif
-+#ifdef PART4
-+ str[9]="16 r1 p";
-+ print_it("des_encrypt_u16_risc1_ptr",9);
-+ if (max < tm[9]) { max=tm[9]; max_idx=9; }
-+ str[10]=" 4 r2 p";
-+ print_it("des_encrypt_u4_risc2_ptr ",10);
-+ if (max < tm[10]) { max=tm[10]; max_idx=10; }
-+ str[11]="16 r2 p";
-+ print_it("des_encrypt_u16_risc2_ptr",11);
-+ if (max < tm[11]) { max=tm[11]; max_idx=11; }
-+#endif
-+ printf("options des ecb/s\n");
-+ printf("%s %12.2f 100.0%%\n",str[max_idx],tm[max_idx]);
-+ d=tm[max_idx];
-+ tm[max_idx]= -2.0;
-+ max= -1.0;
-+ for (;;)
-+ {
-+ for (i=0; i<12; i++)
-+ {
-+ if (max < tm[i]) { max=tm[i]; j=i; }
-+ }
-+ if (max < 0.0) break;
-+ printf("%s %12.2f %4.1f%%\n",str[j],tm[j],tm[j]/d*100.0);
-+ tm[j]= -2.0;
-+ max= -1.0;
-+ }
-+
-+ switch (max_idx)
-+ {
-+ case 0:
-+ printf("-DDES_DEFAULT_OPTIONS\n");
-+ break;
-+ case 1:
-+ printf("-DDES_UNROLL\n");
-+ break;
-+ case 2:
-+ printf("-DDES_RISC1\n");
-+ break;
-+ case 3:
-+ printf("-DDES_UNROLL -DDES_RISC1\n");
-+ break;
-+ case 4:
-+ printf("-DDES_RISC2\n");
-+ break;
-+ case 5:
-+ printf("-DDES_UNROLL -DDES_RISC2\n");
-+ break;
-+ case 6:
-+ printf("-DDES_PTR\n");
-+ break;
-+ case 7:
-+ printf("-DDES_UNROLL -DDES_PTR\n");
-+ break;
-+ case 8:
-+ printf("-DDES_RISC1 -DDES_PTR\n");
-+ break;
-+ case 9:
-+ printf("-DDES_UNROLL -DDES_RISC1 -DDES_PTR\n");
-+ break;
-+ case 10:
-+ printf("-DDES_RISC2 -DDES_PTR\n");
-+ break;
-+ case 11:
-+ printf("-DDES_UNROLL -DDES_RISC2 -DDES_PTR\n");
-+ break;
-+ }
-+ exit(0);
-+#if defined(LINT) || defined(MSDOS)
-+ return(0);
-+#endif
-+ }
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/dx86unix.S Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,3160 @@
-+/*
-+ * This file was originally generated by Michael Richardson <mcr@freeswan.org>
-+ * via the perl scripts found in the ASM subdir. It remains copyright of
-+ * Eric Young, see the file COPYRIGHT.
-+ *
-+ * This was last done on October 9, 2002.
-+ *
-+ * While this file does not need to go through cpp, we pass it through
-+ * CPP by naming it dx86unix.S instead of dx86unix.s because there is
-+ * a bug in Rules.make for .s builds - specifically it references EXTRA_CFLAGS
-+ * which may contain stuff that AS doesn't understand instead of
-+ * referencing EXTRA_AFLAGS.
-+ */
-+
-+ .file "dx86unix.S"
-+ .version "01.01"
-+.text
-+ .align 16
-+.globl des_encrypt
-+ .type des_encrypt , @function
-+des_encrypt:
-+ pushl %esi
-+ pushl %edi
-+
-+
-+ movl 12(%esp), %esi
-+ xorl %ecx, %ecx
-+ pushl %ebx
-+ pushl %ebp
-+ movl (%esi), %eax
-+ movl 28(%esp), %ebx
-+ movl 4(%esi), %edi
-+
-+
-+ roll $4, %eax
-+ movl %eax, %esi
-+ xorl %edi, %eax
-+ andl $0xf0f0f0f0, %eax
-+ xorl %eax, %esi
-+ xorl %eax, %edi
-+
-+ roll $20, %edi
-+ movl %edi, %eax
-+ xorl %esi, %edi
-+ andl $0xfff0000f, %edi
-+ xorl %edi, %eax
-+ xorl %edi, %esi
-+
-+ roll $14, %eax
-+ movl %eax, %edi
-+ xorl %esi, %eax
-+ andl $0x33333333, %eax
-+ xorl %eax, %edi
-+ xorl %eax, %esi
-+
-+ roll $22, %esi
-+ movl %esi, %eax
-+ xorl %edi, %esi
-+ andl $0x03fc03fc, %esi
-+ xorl %esi, %eax
-+ xorl %esi, %edi
-+
-+ roll $9, %eax
-+ movl %eax, %esi
-+ xorl %edi, %eax
-+ andl $0xaaaaaaaa, %eax
-+ xorl %eax, %esi
-+ xorl %eax, %edi
-+
-+.byte 209
-+.byte 199
-+ movl 24(%esp), %ebp
-+ cmpl $0, %ebx
-+ je .L000start_decrypt
-+
-+
-+ movl (%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 4(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 8(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 12(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 16(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 20(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 24(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 28(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 32(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 36(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 40(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 44(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 48(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 52(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 56(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 60(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 64(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 68(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 72(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 76(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 80(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 84(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 88(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 92(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 96(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 100(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 104(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 108(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 112(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 116(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 120(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 124(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+ jmp .L001end
-+.L000start_decrypt:
-+
-+
-+ movl 120(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 124(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 112(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 116(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 104(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 108(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 96(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 100(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 88(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 92(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 80(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 84(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 72(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 76(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 64(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 68(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 56(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 60(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 48(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 52(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 40(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 44(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 32(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 36(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 24(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 28(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 16(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 20(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 8(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 12(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl (%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 4(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+.L001end:
-+
-+
-+ movl 20(%esp), %edx
-+.byte 209
-+.byte 206
-+ movl %edi, %eax
-+ xorl %esi, %edi
-+ andl $0xaaaaaaaa, %edi
-+ xorl %edi, %eax
-+ xorl %edi, %esi
-+
-+ roll $23, %eax
-+ movl %eax, %edi
-+ xorl %esi, %eax
-+ andl $0x03fc03fc, %eax
-+ xorl %eax, %edi
-+ xorl %eax, %esi
-+
-+ roll $10, %edi
-+ movl %edi, %eax
-+ xorl %esi, %edi
-+ andl $0x33333333, %edi
-+ xorl %edi, %eax
-+ xorl %edi, %esi
-+
-+ roll $18, %esi
-+ movl %esi, %edi
-+ xorl %eax, %esi
-+ andl $0xfff0000f, %esi
-+ xorl %esi, %edi
-+ xorl %esi, %eax
-+
-+ roll $12, %edi
-+ movl %edi, %esi
-+ xorl %eax, %edi
-+ andl $0xf0f0f0f0, %edi
-+ xorl %edi, %esi
-+ xorl %edi, %eax
-+
-+ rorl $4, %eax
-+ movl %eax, (%edx)
-+ movl %esi, 4(%edx)
-+ popl %ebp
-+ popl %ebx
-+ popl %edi
-+ popl %esi
-+ ret
-+.des_encrypt_end:
-+ .size des_encrypt , .des_encrypt_end-des_encrypt
-+.ident "desasm.pl"
-+.text
-+ .align 16
-+.globl des_encrypt2
-+ .type des_encrypt2 , @function
-+des_encrypt2:
-+ pushl %esi
-+ pushl %edi
-+
-+
-+ movl 12(%esp), %eax
-+ xorl %ecx, %ecx
-+ pushl %ebx
-+ pushl %ebp
-+ movl (%eax), %esi
-+ movl 28(%esp), %ebx
-+ roll $3, %esi
-+ movl 4(%eax), %edi
-+ roll $3, %edi
-+ movl 24(%esp), %ebp
-+ cmpl $0, %ebx
-+ je .L002start_decrypt
-+
-+
-+ movl (%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 4(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 8(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 12(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 16(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 20(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 24(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 28(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 32(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 36(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 40(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 44(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 48(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 52(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 56(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 60(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 64(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 68(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 72(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 76(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 80(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 84(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 88(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 92(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 96(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 100(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 104(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 108(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 112(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 116(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 120(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 124(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+ jmp .L003end
-+.L002start_decrypt:
-+
-+
-+ movl 120(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 124(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 112(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 116(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 104(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 108(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 96(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 100(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 88(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 92(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 80(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 84(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 72(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 76(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 64(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 68(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 56(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 60(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 48(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 52(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 40(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 44(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 32(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 36(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 24(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 28(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 16(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 20(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 8(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 12(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl (%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 4(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+.L003end:
-+
-+
-+ rorl $3, %edi
-+ movl 20(%esp), %eax
-+ rorl $3, %esi
-+ movl %edi, (%eax)
-+ movl %esi, 4(%eax)
-+ popl %ebp
-+ popl %ebx
-+ popl %edi
-+ popl %esi
-+ ret
-+.des_encrypt2_end:
-+ .size des_encrypt2 , .des_encrypt2_end-des_encrypt2
-+.ident "desasm.pl"
-+.text
-+ .align 16
-+.globl des_encrypt3
-+ .type des_encrypt3 , @function
-+des_encrypt3:
-+ pushl %ebx
-+ movl 8(%esp), %ebx
-+ pushl %ebp
-+ pushl %esi
-+ pushl %edi
-+
-+
-+ movl (%ebx), %edi
-+ movl 4(%ebx), %esi
-+ subl $12, %esp
-+
-+
-+ roll $4, %edi
-+ movl %edi, %edx
-+ xorl %esi, %edi
-+ andl $0xf0f0f0f0, %edi
-+ xorl %edi, %edx
-+ xorl %edi, %esi
-+
-+ roll $20, %esi
-+ movl %esi, %edi
-+ xorl %edx, %esi
-+ andl $0xfff0000f, %esi
-+ xorl %esi, %edi
-+ xorl %esi, %edx
-+
-+ roll $14, %edi
-+ movl %edi, %esi
-+ xorl %edx, %edi
-+ andl $0x33333333, %edi
-+ xorl %edi, %esi
-+ xorl %edi, %edx
-+
-+ roll $22, %edx
-+ movl %edx, %edi
-+ xorl %esi, %edx
-+ andl $0x03fc03fc, %edx
-+ xorl %edx, %edi
-+ xorl %edx, %esi
-+
-+ roll $9, %edi
-+ movl %edi, %edx
-+ xorl %esi, %edi
-+ andl $0xaaaaaaaa, %edi
-+ xorl %edi, %edx
-+ xorl %edi, %esi
-+
-+ rorl $3, %edx
-+ rorl $2, %esi
-+ movl %esi, 4(%ebx)
-+ movl 36(%esp), %eax
-+ movl %edx, (%ebx)
-+ movl 40(%esp), %edi
-+ movl 44(%esp), %esi
-+ movl $1, 8(%esp)
-+ movl %eax, 4(%esp)
-+ movl %ebx, (%esp)
-+ call des_encrypt2
-+ movl $0, 8(%esp)
-+ movl %edi, 4(%esp)
-+ movl %ebx, (%esp)
-+ call des_encrypt2
-+ movl $1, 8(%esp)
-+ movl %esi, 4(%esp)
-+ movl %ebx, (%esp)
-+ call des_encrypt2
-+ addl $12, %esp
-+ movl (%ebx), %edi
-+ movl 4(%ebx), %esi
-+
-+
-+ roll $2, %esi
-+ roll $3, %edi
-+ movl %edi, %eax
-+ xorl %esi, %edi
-+ andl $0xaaaaaaaa, %edi
-+ xorl %edi, %eax
-+ xorl %edi, %esi
-+
-+ roll $23, %eax
-+ movl %eax, %edi
-+ xorl %esi, %eax
-+ andl $0x03fc03fc, %eax
-+ xorl %eax, %edi
-+ xorl %eax, %esi
-+
-+ roll $10, %edi
-+ movl %edi, %eax
-+ xorl %esi, %edi
-+ andl $0x33333333, %edi
-+ xorl %edi, %eax
-+ xorl %edi, %esi
-+
-+ roll $18, %esi
-+ movl %esi, %edi
-+ xorl %eax, %esi
-+ andl $0xfff0000f, %esi
-+ xorl %esi, %edi
-+ xorl %esi, %eax
-+
-+ roll $12, %edi
-+ movl %edi, %esi
-+ xorl %eax, %edi
-+ andl $0xf0f0f0f0, %edi
-+ xorl %edi, %esi
-+ xorl %edi, %eax
-+
-+ rorl $4, %eax
-+ movl %eax, (%ebx)
-+ movl %esi, 4(%ebx)
-+ popl %edi
-+ popl %esi
-+ popl %ebp
-+ popl %ebx
-+ ret
-+.des_encrypt3_end:
-+ .size des_encrypt3 , .des_encrypt3_end-des_encrypt3
-+.ident "desasm.pl"
-+.text
-+ .align 16
-+.globl des_decrypt3
-+ .type des_decrypt3 , @function
-+des_decrypt3:
-+ pushl %ebx
-+ movl 8(%esp), %ebx
-+ pushl %ebp
-+ pushl %esi
-+ pushl %edi
-+
-+
-+ movl (%ebx), %edi
-+ movl 4(%ebx), %esi
-+ subl $12, %esp
-+
-+
-+ roll $4, %edi
-+ movl %edi, %edx
-+ xorl %esi, %edi
-+ andl $0xf0f0f0f0, %edi
-+ xorl %edi, %edx
-+ xorl %edi, %esi
-+
-+ roll $20, %esi
-+ movl %esi, %edi
-+ xorl %edx, %esi
-+ andl $0xfff0000f, %esi
-+ xorl %esi, %edi
-+ xorl %esi, %edx
-+
-+ roll $14, %edi
-+ movl %edi, %esi
-+ xorl %edx, %edi
-+ andl $0x33333333, %edi
-+ xorl %edi, %esi
-+ xorl %edi, %edx
-+
-+ roll $22, %edx
-+ movl %edx, %edi
-+ xorl %esi, %edx
-+ andl $0x03fc03fc, %edx
-+ xorl %edx, %edi
-+ xorl %edx, %esi
-+
-+ roll $9, %edi
-+ movl %edi, %edx
-+ xorl %esi, %edi
-+ andl $0xaaaaaaaa, %edi
-+ xorl %edi, %edx
-+ xorl %edi, %esi
-+
-+ rorl $3, %edx
-+ rorl $2, %esi
-+ movl %esi, 4(%ebx)
-+ movl 36(%esp), %esi
-+ movl %edx, (%ebx)
-+ movl 40(%esp), %edi
-+ movl 44(%esp), %eax
-+ movl $0, 8(%esp)
-+ movl %eax, 4(%esp)
-+ movl %ebx, (%esp)
-+ call des_encrypt2
-+ movl $1, 8(%esp)
-+ movl %edi, 4(%esp)
-+ movl %ebx, (%esp)
-+ call des_encrypt2
-+ movl $0, 8(%esp)
-+ movl %esi, 4(%esp)
-+ movl %ebx, (%esp)
-+ call des_encrypt2
-+ addl $12, %esp
-+ movl (%ebx), %edi
-+ movl 4(%ebx), %esi
-+
-+
-+ roll $2, %esi
-+ roll $3, %edi
-+ movl %edi, %eax
-+ xorl %esi, %edi
-+ andl $0xaaaaaaaa, %edi
-+ xorl %edi, %eax
-+ xorl %edi, %esi
-+
-+ roll $23, %eax
-+ movl %eax, %edi
-+ xorl %esi, %eax
-+ andl $0x03fc03fc, %eax
-+ xorl %eax, %edi
-+ xorl %eax, %esi
-+
-+ roll $10, %edi
-+ movl %edi, %eax
-+ xorl %esi, %edi
-+ andl $0x33333333, %edi
-+ xorl %edi, %eax
-+ xorl %edi, %esi
-+
-+ roll $18, %esi
-+ movl %esi, %edi
-+ xorl %eax, %esi
-+ andl $0xfff0000f, %esi
-+ xorl %esi, %edi
-+ xorl %esi, %eax
-+
-+ roll $12, %edi
-+ movl %edi, %esi
-+ xorl %eax, %edi
-+ andl $0xf0f0f0f0, %edi
-+ xorl %edi, %esi
-+ xorl %edi, %eax
-+
-+ rorl $4, %eax
-+ movl %eax, (%ebx)
-+ movl %esi, 4(%ebx)
-+ popl %edi
-+ popl %esi
-+ popl %ebp
-+ popl %ebx
-+ ret
-+.des_decrypt3_end:
-+ .size des_decrypt3 , .des_decrypt3_end-des_decrypt3
-+.ident "desasm.pl"
-+.text
-+ .align 16
-+.globl des_ncbc_encrypt
-+ .type des_ncbc_encrypt , @function
-+des_ncbc_encrypt:
-+
-+ pushl %ebp
-+ pushl %ebx
-+ pushl %esi
-+ pushl %edi
-+ movl 28(%esp), %ebp
-+
-+ movl 36(%esp), %ebx
-+ movl (%ebx), %esi
-+ movl 4(%ebx), %edi
-+ pushl %edi
-+ pushl %esi
-+ pushl %edi
-+ pushl %esi
-+ movl %esp, %ebx
-+ movl 36(%esp), %esi
-+ movl 40(%esp), %edi
-+
-+ movl 56(%esp), %ecx
-+
-+ pushl %ecx
-+
-+ movl 52(%esp), %eax
-+ pushl %eax
-+ pushl %ebx
-+ cmpl $0, %ecx
-+ jz .L004decrypt
-+ andl $4294967288, %ebp
-+ movl 12(%esp), %eax
-+ movl 16(%esp), %ebx
-+ jz .L005encrypt_finish
-+.L006encrypt_loop:
-+ movl (%esi), %ecx
-+ movl 4(%esi), %edx
-+ xorl %ecx, %eax
-+ xorl %edx, %ebx
-+ movl %eax, 12(%esp)
-+ movl %ebx, 16(%esp)
-+ call des_encrypt
-+ movl 12(%esp), %eax
-+ movl 16(%esp), %ebx
-+ movl %eax, (%edi)
-+ movl %ebx, 4(%edi)
-+ addl $8, %esi
-+ addl $8, %edi
-+ subl $8, %ebp
-+ jnz .L006encrypt_loop
-+.L005encrypt_finish:
-+ movl 56(%esp), %ebp
-+ andl $7, %ebp
-+ jz .L007finish
-+ xorl %ecx, %ecx
-+ xorl %edx, %edx
-+ movl .L008cbc_enc_jmp_table(,%ebp,4),%ebp
-+ jmp *%ebp
-+.L009ej7:
-+ movb 6(%esi), %dh
-+ sall $8, %edx
-+.L010ej6:
-+ movb 5(%esi), %dh
-+.L011ej5:
-+ movb 4(%esi), %dl
-+.L012ej4:
-+ movl (%esi), %ecx
-+ jmp .L013ejend
-+.L014ej3:
-+ movb 2(%esi), %ch
-+ sall $8, %ecx
-+.L015ej2:
-+ movb 1(%esi), %ch
-+.L016ej1:
-+ movb (%esi), %cl
-+.L013ejend:
-+ xorl %ecx, %eax
-+ xorl %edx, %ebx
-+ movl %eax, 12(%esp)
-+ movl %ebx, 16(%esp)
-+ call des_encrypt
-+ movl 12(%esp), %eax
-+ movl 16(%esp), %ebx
-+ movl %eax, (%edi)
-+ movl %ebx, 4(%edi)
-+ jmp .L007finish
-+.align 16
-+.L004decrypt:
-+ andl $4294967288, %ebp
-+ movl 20(%esp), %eax
-+ movl 24(%esp), %ebx
-+ jz .L017decrypt_finish
-+.L018decrypt_loop:
-+ movl (%esi), %eax
-+ movl 4(%esi), %ebx
-+ movl %eax, 12(%esp)
-+ movl %ebx, 16(%esp)
-+ call des_encrypt
-+ movl 12(%esp), %eax
-+ movl 16(%esp), %ebx
-+ movl 20(%esp), %ecx
-+ movl 24(%esp), %edx
-+ xorl %eax, %ecx
-+ xorl %ebx, %edx
-+ movl (%esi), %eax
-+ movl 4(%esi), %ebx
-+ movl %ecx, (%edi)
-+ movl %edx, 4(%edi)
-+ movl %eax, 20(%esp)
-+ movl %ebx, 24(%esp)
-+ addl $8, %esi
-+ addl $8, %edi
-+ subl $8, %ebp
-+ jnz .L018decrypt_loop
-+.L017decrypt_finish:
-+ movl 56(%esp), %ebp
-+ andl $7, %ebp
-+ jz .L007finish
-+ movl (%esi), %eax
-+ movl 4(%esi), %ebx
-+ movl %eax, 12(%esp)
-+ movl %ebx, 16(%esp)
-+ call des_encrypt
-+ movl 12(%esp), %eax
-+ movl 16(%esp), %ebx
-+ movl 20(%esp), %ecx
-+ movl 24(%esp), %edx
-+ xorl %eax, %ecx
-+ xorl %ebx, %edx
-+ movl (%esi), %eax
-+ movl 4(%esi), %ebx
-+.L019dj7:
-+ rorl $16, %edx
-+ movb %dl, 6(%edi)
-+ shrl $16, %edx
-+.L020dj6:
-+ movb %dh, 5(%edi)
-+.L021dj5:
-+ movb %dl, 4(%edi)
-+.L022dj4:
-+ movl %ecx, (%edi)
-+ jmp .L023djend
-+.L024dj3:
-+ rorl $16, %ecx
-+ movb %cl, 2(%edi)
-+ sall $16, %ecx
-+.L025dj2:
-+ movb %ch, 1(%esi)
-+.L026dj1:
-+ movb %cl, (%esi)
-+.L023djend:
-+ jmp .L007finish
-+.align 16
-+.L007finish:
-+ movl 64(%esp), %ecx
-+ addl $28, %esp
-+ movl %eax, (%ecx)
-+ movl %ebx, 4(%ecx)
-+ popl %edi
-+ popl %esi
-+ popl %ebx
-+ popl %ebp
-+ ret
-+.align 16
-+.L008cbc_enc_jmp_table:
-+ .long 0
-+ .long .L016ej1
-+ .long .L015ej2
-+ .long .L014ej3
-+ .long .L012ej4
-+ .long .L011ej5
-+ .long .L010ej6
-+ .long .L009ej7
-+.align 16
-+.L027cbc_dec_jmp_table:
-+ .long 0
-+ .long .L026dj1
-+ .long .L025dj2
-+ .long .L024dj3
-+ .long .L022dj4
-+ .long .L021dj5
-+ .long .L020dj6
-+ .long .L019dj7
-+.des_ncbc_encrypt_end:
-+ .size des_ncbc_encrypt , .des_ncbc_encrypt_end-des_ncbc_encrypt
-+.ident "desasm.pl"
-+.text
-+ .align 16
-+.globl des_ede3_cbc_encrypt
-+ .type des_ede3_cbc_encrypt , @function
-+des_ede3_cbc_encrypt:
-+
-+ pushl %ebp
-+ pushl %ebx
-+ pushl %esi
-+ pushl %edi
-+ movl 28(%esp), %ebp
-+
-+ movl 44(%esp), %ebx
-+ movl (%ebx), %esi
-+ movl 4(%ebx), %edi
-+ pushl %edi
-+ pushl %esi
-+ pushl %edi
-+ pushl %esi
-+ movl %esp, %ebx
-+ movl 36(%esp), %esi
-+ movl 40(%esp), %edi
-+
-+ movl 64(%esp), %ecx
-+
-+ movl 56(%esp), %eax
-+ pushl %eax
-+
-+ movl 56(%esp), %eax
-+ pushl %eax
-+
-+ movl 56(%esp), %eax
-+ pushl %eax
-+ pushl %ebx
-+ cmpl $0, %ecx
-+ jz .L028decrypt
-+ andl $4294967288, %ebp
-+ movl 16(%esp), %eax
-+ movl 20(%esp), %ebx
-+ jz .L029encrypt_finish
-+.L030encrypt_loop:
-+ movl (%esi), %ecx
-+ movl 4(%esi), %edx
-+ xorl %ecx, %eax
-+ xorl %edx, %ebx
-+ movl %eax, 16(%esp)
-+ movl %ebx, 20(%esp)
-+ call des_encrypt3
-+ movl 16(%esp), %eax
-+ movl 20(%esp), %ebx
-+ movl %eax, (%edi)
-+ movl %ebx, 4(%edi)
-+ addl $8, %esi
-+ addl $8, %edi
-+ subl $8, %ebp
-+ jnz .L030encrypt_loop
-+.L029encrypt_finish:
-+ movl 60(%esp), %ebp
-+ andl $7, %ebp
-+ jz .L031finish
-+ xorl %ecx, %ecx
-+ xorl %edx, %edx
-+ movl .L032cbc_enc_jmp_table(,%ebp,4),%ebp
-+ jmp *%ebp
-+.L033ej7:
-+ movb 6(%esi), %dh
-+ sall $8, %edx
-+.L034ej6:
-+ movb 5(%esi), %dh
-+.L035ej5:
-+ movb 4(%esi), %dl
-+.L036ej4:
-+ movl (%esi), %ecx
-+ jmp .L037ejend
-+.L038ej3:
-+ movb 2(%esi), %ch
-+ sall $8, %ecx
-+.L039ej2:
-+ movb 1(%esi), %ch
-+.L040ej1:
-+ movb (%esi), %cl
-+.L037ejend:
-+ xorl %ecx, %eax
-+ xorl %edx, %ebx
-+ movl %eax, 16(%esp)
-+ movl %ebx, 20(%esp)
-+ call des_encrypt3
-+ movl 16(%esp), %eax
-+ movl 20(%esp), %ebx
-+ movl %eax, (%edi)
-+ movl %ebx, 4(%edi)
-+ jmp .L031finish
-+.align 16
-+.L028decrypt:
-+ andl $4294967288, %ebp
-+ movl 24(%esp), %eax
-+ movl 28(%esp), %ebx
-+ jz .L041decrypt_finish
-+.L042decrypt_loop:
-+ movl (%esi), %eax
-+ movl 4(%esi), %ebx
-+ movl %eax, 16(%esp)
-+ movl %ebx, 20(%esp)
-+ call des_decrypt3
-+ movl 16(%esp), %eax
-+ movl 20(%esp), %ebx
-+ movl 24(%esp), %ecx
-+ movl 28(%esp), %edx
-+ xorl %eax, %ecx
-+ xorl %ebx, %edx
-+ movl (%esi), %eax
-+ movl 4(%esi), %ebx
-+ movl %ecx, (%edi)
-+ movl %edx, 4(%edi)
-+ movl %eax, 24(%esp)
-+ movl %ebx, 28(%esp)
-+ addl $8, %esi
-+ addl $8, %edi
-+ subl $8, %ebp
-+ jnz .L042decrypt_loop
-+.L041decrypt_finish:
-+ movl 60(%esp), %ebp
-+ andl $7, %ebp
-+ jz .L031finish
-+ movl (%esi), %eax
-+ movl 4(%esi), %ebx
-+ movl %eax, 16(%esp)
-+ movl %ebx, 20(%esp)
-+ call des_decrypt3
-+ movl 16(%esp), %eax
-+ movl 20(%esp), %ebx
-+ movl 24(%esp), %ecx
-+ movl 28(%esp), %edx
-+ xorl %eax, %ecx
-+ xorl %ebx, %edx
-+ movl (%esi), %eax
-+ movl 4(%esi), %ebx
-+.L043dj7:
-+ rorl $16, %edx
-+ movb %dl, 6(%edi)
-+ shrl $16, %edx
-+.L044dj6:
-+ movb %dh, 5(%edi)
-+.L045dj5:
-+ movb %dl, 4(%edi)
-+.L046dj4:
-+ movl %ecx, (%edi)
-+ jmp .L047djend
-+.L048dj3:
-+ rorl $16, %ecx
-+ movb %cl, 2(%edi)
-+ sall $16, %ecx
-+.L049dj2:
-+ movb %ch, 1(%esi)
-+.L050dj1:
-+ movb %cl, (%esi)
-+.L047djend:
-+ jmp .L031finish
-+.align 16
-+.L031finish:
-+ movl 76(%esp), %ecx
-+ addl $32, %esp
-+ movl %eax, (%ecx)
-+ movl %ebx, 4(%ecx)
-+ popl %edi
-+ popl %esi
-+ popl %ebx
-+ popl %ebp
-+ ret
-+.align 16
-+.L032cbc_enc_jmp_table:
-+ .long 0
-+ .long .L040ej1
-+ .long .L039ej2
-+ .long .L038ej3
-+ .long .L036ej4
-+ .long .L035ej5
-+ .long .L034ej6
-+ .long .L033ej7
-+.align 16
-+.L051cbc_dec_jmp_table:
-+ .long 0
-+ .long .L050dj1
-+ .long .L049dj2
-+ .long .L048dj3
-+ .long .L046dj4
-+ .long .L045dj5
-+ .long .L044dj6
-+ .long .L043dj7
-+.des_ede3_cbc_encrypt_end:
-+ .size des_ede3_cbc_encrypt , .des_ede3_cbc_encrypt_end-des_ede3_cbc_encrypt
-+.ident "desasm.pl"
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/ecb_enc.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,128 @@
-+/* crypto/des/ecb_enc.c */
-+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
-+ * All rights reserved.
-+ *
-+ * This package is an SSL implementation written
-+ * by Eric Young (eay@cryptsoft.com).
-+ * The implementation was written so as to conform with Netscapes SSL.
-+ *
-+ * This library is free for commercial and non-commercial use as long as
-+ * the following conditions are aheared to. The following conditions
-+ * apply to all code found in this distribution, be it the RC4, RSA,
-+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
-+ * included with this distribution is covered by the same copyright terms
-+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
-+ *
-+ * Copyright remains Eric Young's, and as such any Copyright notices in
-+ * the code are not to be removed.
-+ * If this package is used in a product, Eric Young should be given attribution
-+ * as the author of the parts of the library used.
-+ * This can be in the form of a textual message at program startup or
-+ * in documentation (online or textual) provided with the package.
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions
-+ * are met:
-+ * 1. Redistributions of source code must retain the copyright
-+ * notice, this list of conditions and the following disclaimer.
-+ * 2. Redistributions in binary form must reproduce the above copyright
-+ * notice, this list of conditions and the following disclaimer in the
-+ * documentation and/or other materials provided with the distribution.
-+ * 3. All advertising materials mentioning features or use of this software
-+ * must display the following acknowledgement:
-+ * "This product includes cryptographic software written by
-+ * Eric Young (eay@cryptsoft.com)"
-+ * The word 'cryptographic' can be left out if the rouines from the library
-+ * being used are not cryptographic related :-).
-+ * 4. If you include any Windows specific code (or a derivative thereof) from
-+ * the apps directory (application code) you must include an acknowledgement:
-+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
-+ *
-+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-+ * SUCH DAMAGE.
-+ *
-+ * The licence and distribution terms for any publically available version or
-+ * derivative of this code cannot be changed. i.e. this code cannot simply be
-+ * copied and put under another distribution licence
-+ * [including the GNU Public Licence.]
-+ */
-+
-+#include "des/des_locl.h"
-+#include "des/spr.h"
-+
-+char *libdes_version="libdes v 3.24 - 20-Apr-1996 - eay";
-+char *DES_version="DES part of SSLeay 0.8.2b 08-Jan-1998";
-+
-+/* RCSID $Id: ecb_enc.c,v 1.8 2004-08-04 15:57:22 mcr Exp $ */
-+/* This function ifdef'ed out for FreeS/WAN project. */
-+#ifdef notdef
-+char *des_options()
-+ {
-+ static int init=1;
-+ static char buf[32];
-+
-+ if (init)
-+ {
-+ char *ptr,*unroll,*risc,*size;
-+
-+ init=0;
-+#ifdef DES_PTR
-+ ptr="ptr";
-+#else
-+ ptr="idx";
-+#endif
-+#if defined(DES_RISC1) || defined(DES_RISC2)
-+#ifdef DES_RISC1
-+ risc="risc1";
-+#endif
-+#ifdef DES_RISC2
-+ risc="risc2";
-+#endif
-+#else
-+ risc="cisc";
-+#endif
-+#ifdef DES_UNROLL
-+ unroll="16";
-+#else
-+ unroll="4";
-+#endif
-+ if (sizeof(DES_LONG) != sizeof(long))
-+ size="int";
-+ else
-+ size="long";
-+ sprintf(buf,"des(%s,%s,%s,%s)",ptr,risc,unroll,size);
-+ }
-+ return(buf);
-+ }
-+#endif
-+
-+
-+void des_ecb_encrypt(input, output, ks, enc)
-+des_cblock (*input);
-+des_cblock (*output);
-+des_key_schedule ks;
-+int enc;
-+ {
-+ register DES_LONG l;
-+ register unsigned char *in,*out;
-+ DES_LONG ll[2];
-+
-+ in=(unsigned char *)input;
-+ out=(unsigned char *)output;
-+ c2l(in,l); ll[0]=l;
-+ c2l(in,l); ll[1]=l;
-+ des_encrypt(ll,ks,enc);
-+ l=ll[0]; l2c(l,out);
-+ l=ll[1]; l2c(l,out);
-+ l=ll[0]=ll[1]=0;
-+ }
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/ipsec_alg_3des.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,181 @@
-+/*
-+ * ipsec_alg 3DES cipher stubs
-+ *
-+ * Copyright (C) 2005 Michael Richardson <mcr@xelerance.com>
-+ *
-+ * Adapted from ipsec_alg_aes.c by JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar>
-+ *
-+ * ipsec_alg_aes.c,v 1.1.2.1 2003/11/21 18:12:23 jjo Exp
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ */
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+
-+/*
-+ * special case: ipsec core modular with this static algo inside:
-+ * must avoid MODULE magic for this file
-+ */
-+#if defined(CONFIG_KLIPS_MODULE) && defined(CONFIG_KLIPS_ENC_3DES)
-+#undef MODULE
-+#endif
-+
-+#include <linux/module.h>
-+#include <linux/init.h>
-+
-+#include <linux/kernel.h> /* printk() */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/string.h>
-+
-+/* Low freeswan header coupling */
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_alg.h"
-+#include "crypto/des.h"
-+#include "openswan/ipsec_alg_3des.h"
-+
-+#define AES_CONTEXT_T aes_context
-+static int debug_3des=0;
-+static int test_3des=0;
-+static int excl_3des=0;
-+
-+#if defined(CONFIG_KLIPS_ENC_3DES_MODULE)
-+MODULE_AUTHOR("Michael Richardson <mcr@xelerance.com>");
-+#ifdef module_param
-+module_param(debug_3des,int,0600)
-+module_param(test_des,int,0600)
-+module_param(excl_des,int,0600)
-+#else
-+MODULE_PARM(debug_3des, "i");
-+MODULE_PARM(test_des, "i");
-+MODULE_PARM(excl_des, "i");
-+#endif
-+#endif
-+
-+#define ESP_AES_MAC_KEY_SZ 16 /* 128 bit MAC key */
-+#define ESP_AES_MAC_BLK_LEN 16 /* 128 bit block */
-+
-+static int _3des_set_key(struct ipsec_alg_enc *alg,
-+ __u8 * key_e, const __u8 * key,
-+ size_t keysize)
-+{
-+ int ret = 0;
-+ TripleDES_context *ctx = (TripleDES_context*)key_e;
-+
-+ if(keysize != 192/8) {
-+ return EINVAL;
-+ }
-+
-+ des_set_key((des_cblock *)(key + DES_KEY_SZ*0), ctx->s1);
-+ des_set_key((des_cblock *)(key + DES_KEY_SZ*1), ctx->s2);
-+ des_set_key((des_cblock *)(key + DES_KEY_SZ*2), ctx->s3);
-+
-+ if (debug_3des > 0)
-+ printk(KERN_DEBUG "klips_debug:_3des_set_key:"
-+ "ret=%d key_e=%p key=%p keysize=%ld\n",
-+ ret, key_e, key, (unsigned long int) keysize);
-+ return ret;
-+}
-+
-+static int _3des_cbc_encrypt(struct ipsec_alg_enc *alg,
-+ __u8 * key_e,
-+ __u8 * in,
-+ int ilen, const __u8 * iv,
-+ int encrypt)
-+{
-+ TripleDES_context *ctx=(TripleDES_context*)key_e;
-+ des_cblock miv;
-+
-+ memcpy(&miv, iv, sizeof(miv));
-+
-+ if (debug_3des > 0)
-+ printk(KERN_DEBUG "klips_debug:_aes_cbc_encrypt:"
-+ "key_e=%p in=%p ilen=%d iv=%p encrypt=%d\n",
-+ key_e, in, ilen, iv, encrypt);
-+
-+ des_ede3_cbc_encrypt((des_cblock *)in,
-+ (des_cblock *)in,
-+ ilen,
-+ ctx->s1,
-+ ctx->s2,
-+ ctx->s3,
-+ &miv, encrypt);
-+ return 1;
-+}
-+
-+static struct ipsec_alg_enc ipsec_alg_3DES = {
-+ ixt_common: { ixt_version: IPSEC_ALG_VERSION,
-+ ixt_refcnt: ATOMIC_INIT(0),
-+ ixt_name: "3des",
-+ ixt_blocksize: ESP_3DES_CBC_BLK_LEN,
-+ ixt_support: {
-+ ias_exttype: IPSEC_ALG_TYPE_ENCRYPT,
-+ ias_id: ESP_3DES,
-+ ias_keyminbits: ESP_3DES_KEY_SZ*8,
-+ ias_keymaxbits: ESP_3DES_KEY_SZ*8,
-+ },
-+ },
-+#if defined(MODULE_KLIPS_ENC_3DES_MODULE)
-+ ixt_module: THIS_MODULE,
-+#endif
-+ ixt_e_keylen: ESP_3DES_KEY_SZ*8,
-+ ixt_e_ctx_size: sizeof(TripleDES_context),
-+ ixt_e_set_key: _3des_set_key,
-+ ixt_e_cbc_encrypt:_3des_cbc_encrypt,
-+};
-+
-+#if defined(CONFIG_KLIPS_ENC_3DES_MODULE)
-+IPSEC_ALG_MODULE_INIT_MOD( ipsec_3des_init )
-+#else
-+IPSEC_ALG_MODULE_INIT_STATIC( ipsec_3des_init )
-+#endif
-+{
-+ int ret, test_ret;
-+
-+ if (excl_3des) ipsec_alg_3DES.ixt_common.ixt_state |= IPSEC_ALG_ST_EXCL;
-+ ret=register_ipsec_alg_enc(&ipsec_alg_3DES);
-+ printk("ipsec_3des_init(alg_type=%d alg_id=%d name=%s): ret=%d\n",
-+ ipsec_alg_3DES.ixt_common.ixt_support.ias_exttype,
-+ ipsec_alg_3DES.ixt_common.ixt_support.ias_id,
-+ ipsec_alg_3DES.ixt_common.ixt_name,
-+ ret);
-+ if (ret==0 && test_3des) {
-+ test_ret=ipsec_alg_test(
-+ ipsec_alg_3DES.ixt_common.ixt_support.ias_exttype,
-+ ipsec_alg_3DES.ixt_common.ixt_support.ias_id,
-+ test_3des);
-+ printk("ipsec_aes_init(alg_type=%d alg_id=%d): test_ret=%d\n",
-+ ipsec_alg_3DES.ixt_common.ixt_support.ias_exttype,
-+ ipsec_alg_3DES.ixt_common.ixt_support.ias_id,
-+ test_ret);
-+ }
-+ return ret;
-+}
-+
-+#if defined(CONFIG_KLIPS_ENC_3DES_MODULE)
-+IPSEC_ALG_MODULE_EXIT_MOD( ipsec_3des_fini )
-+#else
-+IPSEC_ALG_MODULE_EXIT_STATIC( ipsec_3des_fini )
-+#endif
-+{
-+ unregister_ipsec_alg_enc(&ipsec_alg_3DES);
-+ return;
-+}
-+
-+/* Dual, because 3des code is 4-clause BSD licensed */
-+#ifdef MODULE_LICENSE
-+MODULE_LICENSE("Dual BSD/GPL");
-+#endif
-+
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/set_key.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,246 @@
-+/* crypto/des/set_key.c */
-+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
-+ * All rights reserved.
-+ *
-+ * This package is an SSL implementation written
-+ * by Eric Young (eay@cryptsoft.com).
-+ * The implementation was written so as to conform with Netscapes SSL.
-+ *
-+ * This library is free for commercial and non-commercial use as long as
-+ * the following conditions are aheared to. The following conditions
-+ * apply to all code found in this distribution, be it the RC4, RSA,
-+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
-+ * included with this distribution is covered by the same copyright terms
-+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
-+ *
-+ * Copyright remains Eric Young's, and as such any Copyright notices in
-+ * the code are not to be removed.
-+ * If this package is used in a product, Eric Young should be given attribution
-+ * as the author of the parts of the library used.
-+ * This can be in the form of a textual message at program startup or
-+ * in documentation (online or textual) provided with the package.
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions
-+ * are met:
-+ * 1. Redistributions of source code must retain the copyright
-+ * notice, this list of conditions and the following disclaimer.
-+ * 2. Redistributions in binary form must reproduce the above copyright
-+ * notice, this list of conditions and the following disclaimer in the
-+ * documentation and/or other materials provided with the distribution.
-+ * 3. All advertising materials mentioning features or use of this software
-+ * must display the following acknowledgement:
-+ * "This product includes cryptographic software written by
-+ * Eric Young (eay@cryptsoft.com)"
-+ * The word 'cryptographic' can be left out if the rouines from the library
-+ * being used are not cryptographic related :-).
-+ * 4. If you include any Windows specific code (or a derivative thereof) from
-+ * the apps directory (application code) you must include an acknowledgement:
-+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
-+ *
-+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-+ * SUCH DAMAGE.
-+ *
-+ * The licence and distribution terms for any publically available version or
-+ * derivative of this code cannot be changed. i.e. this code cannot simply be
-+ * copied and put under another distribution licence
-+ * [including the GNU Public Licence.]
-+ */
-+
-+/* set_key.c v 1.4 eay 24/9/91
-+ * 1.4 Speed up by 400% :-)
-+ * 1.3 added register declarations.
-+ * 1.2 unrolled make_key_sched a bit more
-+ * 1.1 added norm_expand_bits
-+ * 1.0 First working version
-+ */
-+#include "des/des_locl.h"
-+#include "des/podd.h"
-+#include "des/sk.h"
-+
-+#ifndef NOPROTO
-+static int check_parity(des_cblock (*key));
-+#else
-+static int check_parity();
-+#endif
-+
-+int des_check_key=0;
-+
-+void des_set_odd_parity(key)
-+des_cblock (*key);
-+ {
-+ int i;
-+
-+ for (i=0; i<DES_KEY_SZ; i++)
-+ (*key)[i]=odd_parity[(*key)[i]];
-+ }
-+
-+static int check_parity(key)
-+des_cblock (*key);
-+ {
-+ int i;
-+
-+ for (i=0; i<DES_KEY_SZ; i++)
-+ {
-+ if ((*key)[i] != odd_parity[(*key)[i]])
-+ return(0);
-+ }
-+ return(1);
-+ }
-+
-+/* Weak and semi week keys as take from
-+ * %A D.W. Davies
-+ * %A W.L. Price
-+ * %T Security for Computer Networks
-+ * %I John Wiley & Sons
-+ * %D 1984
-+ * Many thanks to smb@ulysses.att.com (Steven Bellovin) for the reference
-+ * (and actual cblock values).
-+ */
-+#define NUM_WEAK_KEY 16
-+static des_cblock weak_keys[NUM_WEAK_KEY]={
-+ /* weak keys */
-+ {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
-+ {0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE},
-+ {0x1F,0x1F,0x1F,0x1F,0x1F,0x1F,0x1F,0x1F},
-+ {0xE0,0xE0,0xE0,0xE0,0xE0,0xE0,0xE0,0xE0},
-+ /* semi-weak keys */
-+ {0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE},
-+ {0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01},
-+ {0x1F,0xE0,0x1F,0xE0,0x0E,0xF1,0x0E,0xF1},
-+ {0xE0,0x1F,0xE0,0x1F,0xF1,0x0E,0xF1,0x0E},
-+ {0x01,0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1},
-+ {0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1,0x01},
-+ {0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E,0xFE},
-+ {0xFE,0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E},
-+ {0x01,0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E},
-+ {0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E,0x01},
-+ {0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE},
-+ {0xFE,0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1}};
-+
-+int des_is_weak_key(key)
-+des_cblock (*key);
-+ {
-+ int i;
-+
-+ for (i=0; i<NUM_WEAK_KEY; i++)
-+ /* Added == 0 to comparision, I obviously don't run
-+ * this section very often :-(, thanks to
-+ * engineering@MorningStar.Com for the fix
-+ * eay 93/06/29
-+ * Another problem, I was comparing only the first 4
-+ * bytes, 97/03/18 */
-+ if (memcmp(weak_keys[i],key,sizeof(des_cblock)) == 0) return(1);
-+ return(0);
-+ }
-+
-+/* NOW DEFINED IN des_local.h
-+ * See ecb_encrypt.c for a pseudo description of these macros.
-+ * #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
-+ * (b)^=(t),\
-+ * (a)=((a)^((t)<<(n))))
-+ */
-+
-+#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
-+ (a)=(a)^(t)^(t>>(16-(n))))
-+
-+/* return 0 if key parity is odd (correct),
-+ * return -1 if key parity error,
-+ * return -2 if illegal weak key.
-+ */
-+int des_set_key(key, schedule)
-+des_cblock (*key);
-+des_key_schedule schedule;
-+ {
-+ static int shifts2[16]={0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0};
-+ register DES_LONG c,d,t,s,t2;
-+ register unsigned char *in;
-+ register DES_LONG *k;
-+ register int i;
-+
-+ if (des_check_key)
-+ {
-+ if (!check_parity(key))
-+ return(-1);
-+
-+ if (des_is_weak_key(key))
-+ return(-2);
-+ }
-+
-+ k=(DES_LONG *)schedule;
-+ in=(unsigned char *)key;
-+
-+ c2l(in,c);
-+ c2l(in,d);
-+
-+ /* do PC1 in 60 simple operations */
-+/* PERM_OP(d,c,t,4,0x0f0f0f0fL);
-+ HPERM_OP(c,t,-2, 0xcccc0000L);
-+ HPERM_OP(c,t,-1, 0xaaaa0000L);
-+ HPERM_OP(c,t, 8, 0x00ff0000L);
-+ HPERM_OP(c,t,-1, 0xaaaa0000L);
-+ HPERM_OP(d,t,-8, 0xff000000L);
-+ HPERM_OP(d,t, 8, 0x00ff0000L);
-+ HPERM_OP(d,t, 2, 0x33330000L);
-+ d=((d&0x00aa00aaL)<<7L)|((d&0x55005500L)>>7L)|(d&0xaa55aa55L);
-+ d=(d>>8)|((c&0xf0000000L)>>4);
-+ c&=0x0fffffffL; */
-+
-+ /* I now do it in 47 simple operations :-)
-+ * Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
-+ * for the inspiration. :-) */
-+ PERM_OP (d,c,t,4,0x0f0f0f0fL);
-+ HPERM_OP(c,t,-2,0xcccc0000L);
-+ HPERM_OP(d,t,-2,0xcccc0000L);
-+ PERM_OP (d,c,t,1,0x55555555L);
-+ PERM_OP (c,d,t,8,0x00ff00ffL);
-+ PERM_OP (d,c,t,1,0x55555555L);
-+ d= (((d&0x000000ffL)<<16L)| (d&0x0000ff00L) |
-+ ((d&0x00ff0000L)>>16L)|((c&0xf0000000L)>>4L));
-+ c&=0x0fffffffL;
-+
-+ for (i=0; i<ITERATIONS; i++)
-+ {
-+ if (shifts2[i])
-+ { c=((c>>2L)|(c<<26L)); d=((d>>2L)|(d<<26L)); }
-+ else
-+ { c=((c>>1L)|(c<<27L)); d=((d>>1L)|(d<<27L)); }
-+ c&=0x0fffffffL;
-+ d&=0x0fffffffL;
-+ /* could be a few less shifts but I am to lazy at this
-+ * point in time to investigate */
-+ s= des_skb[0][ (c )&0x3f ]|
-+ des_skb[1][((c>> 6)&0x03)|((c>> 7L)&0x3c)]|
-+ des_skb[2][((c>>13)&0x0f)|((c>>14L)&0x30)]|
-+ des_skb[3][((c>>20)&0x01)|((c>>21L)&0x06) |
-+ ((c>>22L)&0x38)];
-+ t= des_skb[4][ (d )&0x3f ]|
-+ des_skb[5][((d>> 7L)&0x03)|((d>> 8L)&0x3c)]|
-+ des_skb[6][ (d>>15L)&0x3f ]|
-+ des_skb[7][((d>>21L)&0x0f)|((d>>22L)&0x30)];
-+
-+ /* table contained 0213 4657 */
-+ t2=((t<<16L)|(s&0x0000ffffL))&0xffffffffL;
-+ *(k++)=ROTATE(t2,30)&0xffffffffL;
-+
-+ t2=((s>>16L)|(t&0xffff0000L));
-+ *(k++)=ROTATE(t2,26)&0xffffffffL;
-+ }
-+ return(0);
-+ }
-+
-+int des_key_sched(key, schedule)
-+des_cblock (*key);
-+des_key_schedule schedule;
-+ {
-+ return(des_set_key(key,schedule));
-+ }
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/goodmask.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,100 @@
-+/*
-+ * minor utilities for subnet-mask manipulation
-+ * Copyright (C) 1998, 1999 Henry Spencer.
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: goodmask.c,v 1.12 2004-07-10 07:43:47 mcr Exp $
-+ */
-+#include "openswan.h"
-+
-+#ifndef ABITS
-+#define ABITS 32 /* bits in an IPv4 address */
-+#endif
-+
-+/*
-+ - goodmask - is this a good (^1*0*$) subnet mask?
-+ * You are not expected to understand this. See Henry S. Warren Jr,
-+ * "Functions realizable with word-parallel logical and two's-complement
-+ * addition instructions", CACM 20.6 (June 1977), p.439.
-+ */
-+int /* predicate */
-+goodmask(mask)
-+struct in_addr mask;
-+{
-+ unsigned long x = ntohl(mask.s_addr);
-+ /* clear rightmost contiguous string of 1-bits */
-+# define CRCS1B(x) (((x|(x-1))+1)&x)
-+# define TOPBIT (1UL << 31)
-+
-+ /* either zero, or has one string of 1-bits which is left-justified */
-+ if (x == 0 || (CRCS1B(x) == 0 && (x&TOPBIT)))
-+ return 1;
-+ return 0;
-+}
-+
-+/*
-+ - masktobits - how many bits in this mask?
-+ * The algorithm is essentially a binary search, but highly optimized
-+ * for this particular task.
-+ */
-+int /* -1 means !goodmask() */
-+masktobits(mask)
-+struct in_addr mask;
-+{
-+ unsigned long m = ntohl(mask.s_addr);
-+ int masklen;
-+
-+ if (!goodmask(mask))
-+ return -1;
-+
-+ if (m&0x00000001UL)
-+ return 32;
-+ masklen = 0;
-+ if (m&(0x0000ffffUL<<1)) { /* <<1 for 1-origin numbering */
-+ masklen |= 0x10;
-+ m <<= 16;
-+ }
-+ if (m&(0x00ff0000UL<<1)) {
-+ masklen |= 0x08;
-+ m <<= 8;
-+ }
-+ if (m&(0x0f000000UL<<1)) {
-+ masklen |= 0x04;
-+ m <<= 4;
-+ }
-+ if (m&(0x30000000UL<<1)) {
-+ masklen |= 0x02;
-+ m <<= 2;
-+ }
-+ if (m&(0x40000000UL<<1))
-+ masklen |= 0x01;
-+
-+ return masklen;
-+}
-+
-+/*
-+ - bitstomask - return a mask with this many high bits on
-+ */
-+struct in_addr
-+bitstomask(n)
-+int n;
-+{
-+ struct in_addr result;
-+
-+ if (n > 0 && n <= ABITS)
-+ result.s_addr = htonl(~((1UL << (ABITS - n)) - 1));
-+ else if (n == 0)
-+ result.s_addr = 0;
-+ else
-+ result.s_addr = 0; /* best error report we can do */
-+ return result;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/infblock.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,403 @@
-+/* infblock.c -- interpret and process block types to last block
-+ * Copyright (C) 1995-2002 Mark Adler
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+#include <zlib/zutil.h>
-+#include "infblock.h"
-+#include "inftrees.h"
-+#include "infcodes.h"
-+#include "infutil.h"
-+
-+struct inflate_codes_state {int dummy;}; /* for buggy compilers */
-+
-+/* simplify the use of the inflate_huft type with some defines */
-+#define exop word.what.Exop
-+#define bits word.what.Bits
-+
-+/* Table for deflate from PKZIP's appnote.txt. */
-+local const uInt border[] = { /* Order of the bit length code lengths */
-+ 16, 17, 18, 0, 8, 7, 9, 6, 10, 5, 11, 4, 12, 3, 13, 2, 14, 1, 15};
-+
-+/*
-+ Notes beyond the 1.93a appnote.txt:
-+
-+ 1. Distance pointers never point before the beginning of the output
-+ stream.
-+ 2. Distance pointers can point back across blocks, up to 32k away.
-+ 3. There is an implied maximum of 7 bits for the bit length table and
-+ 15 bits for the actual data.
-+ 4. If only one code exists, then it is encoded using one bit. (Zero
-+ would be more efficient, but perhaps a little confusing.) If two
-+ codes exist, they are coded using one bit each (0 and 1).
-+ 5. There is no way of sending zero distance codes--a dummy must be
-+ sent if there are none. (History: a pre 2.0 version of PKZIP would
-+ store blocks with no distance codes, but this was discovered to be
-+ too harsh a criterion.) Valid only for 1.93a. 2.04c does allow
-+ zero distance codes, which is sent as one code of zero bits in
-+ length.
-+ 6. There are up to 286 literal/length codes. Code 256 represents the
-+ end-of-block. Note however that the static length tree defines
-+ 288 codes just to fill out the Huffman codes. Codes 286 and 287
-+ cannot be used though, since there is no length base or extra bits
-+ defined for them. Similarily, there are up to 30 distance codes.
-+ However, static trees define 32 codes (all 5 bits) to fill out the
-+ Huffman codes, but the last two had better not show up in the data.
-+ 7. Unzip can check dynamic Huffman blocks for complete code sets.
-+ The exception is that a single code would not be complete (see #4).
-+ 8. The five bits following the block type is really the number of
-+ literal codes sent minus 257.
-+ 9. Length codes 8,16,16 are interpreted as 13 length codes of 8 bits
-+ (1+6+6). Therefore, to output three times the length, you output
-+ three codes (1+1+1), whereas to output four times the same length,
-+ you only need two codes (1+3). Hmm.
-+ 10. In the tree reconstruction algorithm, Code = Code + Increment
-+ only if BitLength(i) is not zero. (Pretty obvious.)
-+ 11. Correction: 4 Bits: # of Bit Length codes - 4 (4 - 19)
-+ 12. Note: length code 284 can represent 227-258, but length code 285
-+ really is 258. The last length deserves its own, short code
-+ since it gets used a lot in very redundant files. The length
-+ 258 is special since 258 - 3 (the min match length) is 255.
-+ 13. The literal/length and distance code bit lengths are read as a
-+ single stream of lengths. It is possible (and advantageous) for
-+ a repeat code (16, 17, or 18) to go across the boundary between
-+ the two sets of lengths.
-+ */
-+
-+
-+void inflate_blocks_reset(s, z, c)
-+inflate_blocks_statef *s;
-+z_streamp z;
-+uLongf *c;
-+{
-+ if (c != Z_NULL)
-+ *c = s->check;
-+ if (s->mode == BTREE || s->mode == DTREE)
-+ ZFREE(z, s->sub.trees.blens);
-+ if (s->mode == CODES)
-+ inflate_codes_free(s->sub.decode.codes, z);
-+ s->mode = TYPE;
-+ s->bitk = 0;
-+ s->bitb = 0;
-+ s->read = s->write = s->window;
-+ if (s->checkfn != Z_NULL)
-+ z->adler = s->check = (*s->checkfn)(0L, (const Bytef *)Z_NULL, 0);
-+ Tracev((stderr, "inflate: blocks reset\n"));
-+}
-+
-+
-+inflate_blocks_statef *inflate_blocks_new(z, c, w)
-+z_streamp z;
-+check_func c;
-+uInt w;
-+{
-+ inflate_blocks_statef *s;
-+
-+ if ((s = (inflate_blocks_statef *)ZALLOC
-+ (z,1,sizeof(struct inflate_blocks_state))) == Z_NULL)
-+ return s;
-+ if ((s->hufts =
-+ (inflate_huft *)ZALLOC(z, sizeof(inflate_huft), MANY)) == Z_NULL)
-+ {
-+ ZFREE(z, s);
-+ return Z_NULL;
-+ }
-+ if ((s->window = (Bytef *)ZALLOC(z, 1, w)) == Z_NULL)
-+ {
-+ ZFREE(z, s->hufts);
-+ ZFREE(z, s);
-+ return Z_NULL;
-+ }
-+ s->end = s->window + w;
-+ s->checkfn = c;
-+ s->mode = TYPE;
-+ Tracev((stderr, "inflate: blocks allocated\n"));
-+ inflate_blocks_reset(s, z, Z_NULL);
-+ return s;
-+}
-+
-+
-+int inflate_blocks(s, z, r)
-+inflate_blocks_statef *s;
-+z_streamp z;
-+int r;
-+{
-+ uInt t; /* temporary storage */
-+ uLong b; /* bit buffer */
-+ uInt k; /* bits in bit buffer */
-+ Bytef *p; /* input data pointer */
-+ uInt n; /* bytes available there */
-+ Bytef *q; /* output window write pointer */
-+ uInt m; /* bytes to end of window or read pointer */
-+
-+ /* copy input/output information to locals (UPDATE macro restores) */
-+ LOAD
-+
-+ /* process input based on current state */
-+ while (1) switch (s->mode)
-+ {
-+ case TYPE:
-+ NEEDBITS(3)
-+ t = (uInt)b & 7;
-+ s->last = t & 1;
-+ switch (t >> 1)
-+ {
-+ case 0: /* stored */
-+ Tracev((stderr, "inflate: stored block%s\n",
-+ s->last ? " (last)" : ""));
-+ DUMPBITS(3)
-+ t = k & 7; /* go to byte boundary */
-+ DUMPBITS(t)
-+ s->mode = LENS; /* get length of stored block */
-+ break;
-+ case 1: /* fixed */
-+ Tracev((stderr, "inflate: fixed codes block%s\n",
-+ s->last ? " (last)" : ""));
-+ {
-+ uInt bl, bd;
-+ inflate_huft *tl, *td;
-+
-+ inflate_trees_fixed(&bl, &bd, &tl, &td, z);
-+ s->sub.decode.codes = inflate_codes_new(bl, bd, tl, td, z);
-+ if (s->sub.decode.codes == Z_NULL)
-+ {
-+ r = Z_MEM_ERROR;
-+ LEAVE
-+ }
-+ }
-+ DUMPBITS(3)
-+ s->mode = CODES;
-+ break;
-+ case 2: /* dynamic */
-+ Tracev((stderr, "inflate: dynamic codes block%s\n",
-+ s->last ? " (last)" : ""));
-+ DUMPBITS(3)
-+ s->mode = TABLE;
-+ break;
-+ case 3: /* illegal */
-+ DUMPBITS(3)
-+ s->mode = BAD;
-+ z->msg = (char*)"invalid block type";
-+ r = Z_DATA_ERROR;
-+ LEAVE
-+ }
-+ break;
-+ case LENS:
-+ NEEDBITS(32)
-+ if ((((~b) >> 16) & 0xffff) != (b & 0xffff))
-+ {
-+ s->mode = BAD;
-+ z->msg = (char*)"invalid stored block lengths";
-+ r = Z_DATA_ERROR;
-+ LEAVE
-+ }
-+ s->sub.left = (uInt)b & 0xffff;
-+ b = k = 0; /* dump bits */
-+ Tracev((stderr, "inflate: stored length %u\n", s->sub.left));
-+ s->mode = s->sub.left ? STORED : (s->last ? DRY : TYPE);
-+ break;
-+ case STORED:
-+ if (n == 0)
-+ LEAVE
-+ NEEDOUT
-+ t = s->sub.left;
-+ if (t > n) t = n;
-+ if (t > m) t = m;
-+ zmemcpy(q, p, t);
-+ p += t; n -= t;
-+ q += t; m -= t;
-+ if ((s->sub.left -= t) != 0)
-+ break;
-+ Tracev((stderr, "inflate: stored end, %lu total out\n",
-+ z->total_out + (q >= s->read ? q - s->read :
-+ (s->end - s->read) + (q - s->window))));
-+ s->mode = s->last ? DRY : TYPE;
-+ break;
-+ case TABLE:
-+ NEEDBITS(14)
-+ s->sub.trees.table = t = (uInt)b & 0x3fff;
-+#ifndef PKZIP_BUG_WORKAROUND
-+ if ((t & 0x1f) > 29 || ((t >> 5) & 0x1f) > 29)
-+ {
-+ s->mode = BAD;
-+ z->msg = (char*)"too many length or distance symbols";
-+ r = Z_DATA_ERROR;
-+ LEAVE
-+ }
-+#endif
-+ t = 258 + (t & 0x1f) + ((t >> 5) & 0x1f);
-+ if ((s->sub.trees.blens = (uIntf*)ZALLOC(z, t, sizeof(uInt))) == Z_NULL)
-+ {
-+ r = Z_MEM_ERROR;
-+ LEAVE
-+ }
-+ DUMPBITS(14)
-+ s->sub.trees.index = 0;
-+ Tracev((stderr, "inflate: table sizes ok\n"));
-+ s->mode = BTREE;
-+ case BTREE:
-+ while (s->sub.trees.index < 4 + (s->sub.trees.table >> 10))
-+ {
-+ NEEDBITS(3)
-+ s->sub.trees.blens[border[s->sub.trees.index++]] = (uInt)b & 7;
-+ DUMPBITS(3)
-+ }
-+ while (s->sub.trees.index < 19)
-+ s->sub.trees.blens[border[s->sub.trees.index++]] = 0;
-+ s->sub.trees.bb = 7;
-+ t = inflate_trees_bits(s->sub.trees.blens, &s->sub.trees.bb,
-+ &s->sub.trees.tb, s->hufts, z);
-+ if (t != Z_OK)
-+ {
-+ r = t;
-+ if (r == Z_DATA_ERROR)
-+ {
-+ ZFREE(z, s->sub.trees.blens);
-+ s->mode = BAD;
-+ }
-+ LEAVE
-+ }
-+ s->sub.trees.index = 0;
-+ Tracev((stderr, "inflate: bits tree ok\n"));
-+ s->mode = DTREE;
-+ case DTREE:
-+ while (t = s->sub.trees.table,
-+ s->sub.trees.index < 258 + (t & 0x1f) + ((t >> 5) & 0x1f))
-+ {
-+ inflate_huft *h;
-+ uInt i, j, c;
-+
-+ t = s->sub.trees.bb;
-+ NEEDBITS(t)
-+ h = s->sub.trees.tb + ((uInt)b & inflate_mask[t]);
-+ t = h->bits;
-+ c = h->base;
-+ if (c < 16)
-+ {
-+ DUMPBITS(t)
-+ s->sub.trees.blens[s->sub.trees.index++] = c;
-+ }
-+ else /* c == 16..18 */
-+ {
-+ i = c == 18 ? 7 : c - 14;
-+ j = c == 18 ? 11 : 3;
-+ NEEDBITS(t + i)
-+ DUMPBITS(t)
-+ j += (uInt)b & inflate_mask[i];
-+ DUMPBITS(i)
-+ i = s->sub.trees.index;
-+ t = s->sub.trees.table;
-+ if (i + j > 258 + (t & 0x1f) + ((t >> 5) & 0x1f) ||
-+ (c == 16 && i < 1))
-+ {
-+ ZFREE(z, s->sub.trees.blens);
-+ s->mode = BAD;
-+ z->msg = (char*)"invalid bit length repeat";
-+ r = Z_DATA_ERROR;
-+ LEAVE
-+ }
-+ c = c == 16 ? s->sub.trees.blens[i - 1] : 0;
-+ do {
-+ s->sub.trees.blens[i++] = c;
-+ } while (--j);
-+ s->sub.trees.index = i;
-+ }
-+ }
-+ s->sub.trees.tb = Z_NULL;
-+ {
-+ uInt bl, bd;
-+ inflate_huft *tl, *td;
-+ inflate_codes_statef *c;
-+
-+ bl = 9; /* must be <= 9 for lookahead assumptions */
-+ bd = 6; /* must be <= 9 for lookahead assumptions */
-+ t = s->sub.trees.table;
-+ t = inflate_trees_dynamic(257 + (t & 0x1f), 1 + ((t >> 5) & 0x1f),
-+ s->sub.trees.blens, &bl, &bd, &tl, &td,
-+ s->hufts, z);
-+ if (t != Z_OK)
-+ {
-+ if (t == (uInt)Z_DATA_ERROR)
-+ {
-+ ZFREE(z, s->sub.trees.blens);
-+ s->mode = BAD;
-+ }
-+ r = t;
-+ LEAVE
-+ }
-+ Tracev((stderr, "inflate: trees ok\n"));
-+ if ((c = inflate_codes_new(bl, bd, tl, td, z)) == Z_NULL)
-+ {
-+ r = Z_MEM_ERROR;
-+ LEAVE
-+ }
-+ s->sub.decode.codes = c;
-+ }
-+ ZFREE(z, s->sub.trees.blens);
-+ s->mode = CODES;
-+ case CODES:
-+ UPDATE
-+ if ((r = inflate_codes(s, z, r)) != Z_STREAM_END)
-+ return inflate_flush(s, z, r);
-+ r = Z_OK;
-+ inflate_codes_free(s->sub.decode.codes, z);
-+ LOAD
-+ Tracev((stderr, "inflate: codes end, %lu total out\n",
-+ z->total_out + (q >= s->read ? q - s->read :
-+ (s->end - s->read) + (q - s->window))));
-+ if (!s->last)
-+ {
-+ s->mode = TYPE;
-+ break;
-+ }
-+ s->mode = DRY;
-+ case DRY:
-+ FLUSH
-+ if (s->read != s->write)
-+ LEAVE
-+ s->mode = DONE;
-+ case DONE:
-+ r = Z_STREAM_END;
-+ LEAVE
-+ case BAD:
-+ r = Z_DATA_ERROR;
-+ LEAVE
-+ default:
-+ r = Z_STREAM_ERROR;
-+ LEAVE
-+ }
-+}
-+
-+
-+int inflate_blocks_free(s, z)
-+inflate_blocks_statef *s;
-+z_streamp z;
-+{
-+ inflate_blocks_reset(s, z, Z_NULL);
-+ ZFREE(z, s->window);
-+ ZFREE(z, s->hufts);
-+ ZFREE(z, s);
-+ Tracev((stderr, "inflate: blocks freed\n"));
-+ return Z_OK;
-+}
-+
-+
-+void inflate_set_dictionary(s, d, n)
-+inflate_blocks_statef *s;
-+const Bytef *d;
-+uInt n;
-+{
-+ zmemcpy(s->window, d, n);
-+ s->read = s->write = s->window + n;
-+}
-+
-+
-+/* Returns true if inflate is currently at the end of a block generated
-+ * by Z_SYNC_FLUSH or Z_FULL_FLUSH.
-+ * IN assertion: s != Z_NULL
-+ */
-+int inflate_blocks_sync_point(s)
-+inflate_blocks_statef *s;
-+{
-+ return s->mode == LENS;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/infblock.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,39 @@
-+/* infblock.h -- header to use infblock.c
-+ * Copyright (C) 1995-2002 Mark Adler
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+/* WARNING: this file should *not* be used by applications. It is
-+ part of the implementation of the compression library and is
-+ subject to change. Applications should only use zlib.h.
-+ */
-+
-+struct inflate_blocks_state;
-+typedef struct inflate_blocks_state FAR inflate_blocks_statef;
-+
-+extern inflate_blocks_statef * inflate_blocks_new OF((
-+ z_streamp z,
-+ check_func c, /* check function */
-+ uInt w)); /* window size */
-+
-+extern int inflate_blocks OF((
-+ inflate_blocks_statef *,
-+ z_streamp ,
-+ int)); /* initial return code */
-+
-+extern void inflate_blocks_reset OF((
-+ inflate_blocks_statef *,
-+ z_streamp ,
-+ uLongf *)); /* check value on output */
-+
-+extern int inflate_blocks_free OF((
-+ inflate_blocks_statef *,
-+ z_streamp));
-+
-+extern void inflate_set_dictionary OF((
-+ inflate_blocks_statef *s,
-+ const Bytef *d, /* dictionary */
-+ uInt n)); /* dictionary length */
-+
-+extern int inflate_blocks_sync_point OF((
-+ inflate_blocks_statef *s));
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/infcodes.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,251 @@
-+/* infcodes.c -- process literals and length/distance pairs
-+ * Copyright (C) 1995-2002 Mark Adler
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+#include <zlib/zutil.h>
-+#include "inftrees.h"
-+#include "infblock.h"
-+#include "infcodes.h"
-+#include "infutil.h"
-+#include "inffast.h"
-+
-+/* simplify the use of the inflate_huft type with some defines */
-+#define exop word.what.Exop
-+#define bits word.what.Bits
-+
-+typedef enum { /* waiting for "i:"=input, "o:"=output, "x:"=nothing */
-+ START, /* x: set up for LEN */
-+ LEN, /* i: get length/literal/eob next */
-+ LENEXT, /* i: getting length extra (have base) */
-+ DIST, /* i: get distance next */
-+ DISTEXT, /* i: getting distance extra */
-+ COPY, /* o: copying bytes in window, waiting for space */
-+ LIT, /* o: got literal, waiting for output space */
-+ WASH, /* o: got eob, possibly still output waiting */
-+ END, /* x: got eob and all data flushed */
-+ BADCODE} /* x: got error */
-+inflate_codes_mode;
-+
-+/* inflate codes private state */
-+struct inflate_codes_state {
-+
-+ /* mode */
-+ inflate_codes_mode mode; /* current inflate_codes mode */
-+
-+ /* mode dependent information */
-+ uInt len;
-+ union {
-+ struct {
-+ inflate_huft *tree; /* pointer into tree */
-+ uInt need; /* bits needed */
-+ } code; /* if LEN or DIST, where in tree */
-+ uInt lit; /* if LIT, literal */
-+ struct {
-+ uInt get; /* bits to get for extra */
-+ uInt dist; /* distance back to copy from */
-+ } copy; /* if EXT or COPY, where and how much */
-+ } sub; /* submode */
-+
-+ /* mode independent information */
-+ Byte lbits; /* ltree bits decoded per branch */
-+ Byte dbits; /* dtree bits decoder per branch */
-+ inflate_huft *ltree; /* literal/length/eob tree */
-+ inflate_huft *dtree; /* distance tree */
-+
-+};
-+
-+
-+inflate_codes_statef *inflate_codes_new(bl, bd, tl, td, z)
-+uInt bl, bd;
-+inflate_huft *tl;
-+inflate_huft *td; /* need separate declaration for Borland C++ */
-+z_streamp z;
-+{
-+ inflate_codes_statef *c;
-+
-+ if ((c = (inflate_codes_statef *)
-+ ZALLOC(z,1,sizeof(struct inflate_codes_state))) != Z_NULL)
-+ {
-+ c->mode = START;
-+ c->lbits = (Byte)bl;
-+ c->dbits = (Byte)bd;
-+ c->ltree = tl;
-+ c->dtree = td;
-+ Tracev((stderr, "inflate: codes new\n"));
-+ }
-+ return c;
-+}
-+
-+
-+int inflate_codes(s, z, r)
-+inflate_blocks_statef *s;
-+z_streamp z;
-+int r;
-+{
-+ uInt j; /* temporary storage */
-+ inflate_huft *t; /* temporary pointer */
-+ uInt e; /* extra bits or operation */
-+ uLong b; /* bit buffer */
-+ uInt k; /* bits in bit buffer */
-+ Bytef *p; /* input data pointer */
-+ uInt n; /* bytes available there */
-+ Bytef *q; /* output window write pointer */
-+ uInt m; /* bytes to end of window or read pointer */
-+ Bytef *f; /* pointer to copy strings from */
-+ inflate_codes_statef *c = s->sub.decode.codes; /* codes state */
-+
-+ /* copy input/output information to locals (UPDATE macro restores) */
-+ LOAD
-+
-+ /* process input and output based on current state */
-+ while (1) switch (c->mode)
-+ { /* waiting for "i:"=input, "o:"=output, "x:"=nothing */
-+ case START: /* x: set up for LEN */
-+#ifndef SLOW
-+ if (m >= 258 && n >= 10)
-+ {
-+ UPDATE
-+ r = inflate_fast(c->lbits, c->dbits, c->ltree, c->dtree, s, z);
-+ LOAD
-+ if (r != Z_OK)
-+ {
-+ c->mode = r == Z_STREAM_END ? WASH : BADCODE;
-+ break;
-+ }
-+ }
-+#endif /* !SLOW */
-+ c->sub.code.need = c->lbits;
-+ c->sub.code.tree = c->ltree;
-+ c->mode = LEN;
-+ case LEN: /* i: get length/literal/eob next */
-+ j = c->sub.code.need;
-+ NEEDBITS(j)
-+ t = c->sub.code.tree + ((uInt)b & inflate_mask[j]);
-+ DUMPBITS(t->bits)
-+ e = (uInt)(t->exop);
-+ if (e == 0) /* literal */
-+ {
-+ c->sub.lit = t->base;
-+ Tracevv((stderr, t->base >= 0x20 && t->base < 0x7f ?
-+ "inflate: literal '%c'\n" :
-+ "inflate: literal 0x%02x\n", t->base));
-+ c->mode = LIT;
-+ break;
-+ }
-+ if (e & 16) /* length */
-+ {
-+ c->sub.copy.get = e & 15;
-+ c->len = t->base;
-+ c->mode = LENEXT;
-+ break;
-+ }
-+ if ((e & 64) == 0) /* next table */
-+ {
-+ c->sub.code.need = e;
-+ c->sub.code.tree = t + t->base;
-+ break;
-+ }
-+ if (e & 32) /* end of block */
-+ {
-+ Tracevv((stderr, "inflate: end of block\n"));
-+ c->mode = WASH;
-+ break;
-+ }
-+ c->mode = BADCODE; /* invalid code */
-+ z->msg = (char*)"invalid literal/length code";
-+ r = Z_DATA_ERROR;
-+ LEAVE
-+ case LENEXT: /* i: getting length extra (have base) */
-+ j = c->sub.copy.get;
-+ NEEDBITS(j)
-+ c->len += (uInt)b & inflate_mask[j];
-+ DUMPBITS(j)
-+ c->sub.code.need = c->dbits;
-+ c->sub.code.tree = c->dtree;
-+ Tracevv((stderr, "inflate: length %u\n", c->len));
-+ c->mode = DIST;
-+ case DIST: /* i: get distance next */
-+ j = c->sub.code.need;
-+ NEEDBITS(j)
-+ t = c->sub.code.tree + ((uInt)b & inflate_mask[j]);
-+ DUMPBITS(t->bits)
-+ e = (uInt)(t->exop);
-+ if (e & 16) /* distance */
-+ {
-+ c->sub.copy.get = e & 15;
-+ c->sub.copy.dist = t->base;
-+ c->mode = DISTEXT;
-+ break;
-+ }
-+ if ((e & 64) == 0) /* next table */
-+ {
-+ c->sub.code.need = e;
-+ c->sub.code.tree = t + t->base;
-+ break;
-+ }
-+ c->mode = BADCODE; /* invalid code */
-+ z->msg = (char*)"invalid distance code";
-+ r = Z_DATA_ERROR;
-+ LEAVE
-+ case DISTEXT: /* i: getting distance extra */
-+ j = c->sub.copy.get;
-+ NEEDBITS(j)
-+ c->sub.copy.dist += (uInt)b & inflate_mask[j];
-+ DUMPBITS(j)
-+ Tracevv((stderr, "inflate: distance %u\n", c->sub.copy.dist));
-+ c->mode = COPY;
-+ case COPY: /* o: copying bytes in window, waiting for space */
-+ f = q - c->sub.copy.dist;
-+ while (f < s->window) /* modulo window size-"while" instead */
-+ f += s->end - s->window; /* of "if" handles invalid distances */
-+ while (c->len)
-+ {
-+ NEEDOUT
-+ OUTBYTE(*f++)
-+ if (f == s->end)
-+ f = s->window;
-+ c->len--;
-+ }
-+ c->mode = START;
-+ break;
-+ case LIT: /* o: got literal, waiting for output space */
-+ NEEDOUT
-+ OUTBYTE(c->sub.lit)
-+ c->mode = START;
-+ break;
-+ case WASH: /* o: got eob, possibly more output */
-+ if (k > 7) /* return unused byte, if any */
-+ {
-+ Assert(k < 16, "inflate_codes grabbed too many bytes")
-+ k -= 8;
-+ n++;
-+ p--; /* can always return one */
-+ }
-+ FLUSH
-+ if (s->read != s->write)
-+ LEAVE
-+ c->mode = END;
-+ case END:
-+ r = Z_STREAM_END;
-+ LEAVE
-+ case BADCODE: /* x: got error */
-+ r = Z_DATA_ERROR;
-+ LEAVE
-+ default:
-+ r = Z_STREAM_ERROR;
-+ LEAVE
-+ }
-+#ifdef NEED_DUMMY_RETURN
-+ return Z_STREAM_ERROR; /* Some dumb compilers complain without this */
-+#endif
-+}
-+
-+
-+void inflate_codes_free(c, z)
-+inflate_codes_statef *c;
-+z_streamp z;
-+{
-+ ZFREE(z, c);
-+ Tracev((stderr, "inflate: codes free\n"));
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/infcodes.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,31 @@
-+/* infcodes.h -- header to use infcodes.c
-+ * Copyright (C) 1995-2002 Mark Adler
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+/* WARNING: this file should *not* be used by applications. It is
-+ part of the implementation of the compression library and is
-+ subject to change. Applications should only use zlib.h.
-+ */
-+
-+#ifndef _INFCODES_H
-+#define _INFCODES_H
-+
-+struct inflate_codes_state;
-+typedef struct inflate_codes_state FAR inflate_codes_statef;
-+
-+extern inflate_codes_statef *inflate_codes_new OF((
-+ uInt, uInt,
-+ inflate_huft *, inflate_huft *,
-+ z_streamp ));
-+
-+extern int inflate_codes OF((
-+ inflate_blocks_statef *,
-+ z_streamp ,
-+ int));
-+
-+extern void inflate_codes_free OF((
-+ inflate_codes_statef *,
-+ z_streamp ));
-+
-+#endif /* _INFCODES_H */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/inffast.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,183 @@
-+/* inffast.c -- process literals and length/distance pairs fast
-+ * Copyright (C) 1995-2002 Mark Adler
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+#include <zlib/zutil.h>
-+#include "inftrees.h"
-+#include "infblock.h"
-+#include "infcodes.h"
-+#include "infutil.h"
-+#include "inffast.h"
-+
-+struct inflate_codes_state {int dummy;}; /* for buggy compilers */
-+
-+/* simplify the use of the inflate_huft type with some defines */
-+#define exop word.what.Exop
-+#define bits word.what.Bits
-+
-+/* macros for bit input with no checking and for returning unused bytes */
-+#define GRABBITS(j) {while(k<(j)){b|=((uLong)NEXTBYTE)<<k;k+=8;}}
-+#define UNGRAB {c=z->avail_in-n;c=(k>>3)<c?k>>3:c;n+=c;p-=c;k-=c<<3;}
-+
-+/* Called with number of bytes left to write in window at least 258
-+ (the maximum string length) and number of input bytes available
-+ at least ten. The ten bytes are six bytes for the longest length/
-+ distance pair plus four bytes for overloading the bit buffer. */
-+
-+int inflate_fast(bl, bd, tl, td, s, z)
-+uInt bl, bd;
-+inflate_huft *tl;
-+inflate_huft *td; /* need separate declaration for Borland C++ */
-+inflate_blocks_statef *s;
-+z_streamp z;
-+{
-+ inflate_huft *t; /* temporary pointer */
-+ uInt e; /* extra bits or operation */
-+ uLong b; /* bit buffer */
-+ uInt k; /* bits in bit buffer */
-+ Bytef *p; /* input data pointer */
-+ uInt n; /* bytes available there */
-+ Bytef *q; /* output window write pointer */
-+ uInt m; /* bytes to end of window or read pointer */
-+ uInt ml; /* mask for literal/length tree */
-+ uInt md; /* mask for distance tree */
-+ uInt c; /* bytes to copy */
-+ uInt d; /* distance back to copy from */
-+ Bytef *r; /* copy source pointer */
-+
-+ /* load input, output, bit values */
-+ LOAD
-+
-+ /* initialize masks */
-+ ml = inflate_mask[bl];
-+ md = inflate_mask[bd];
-+
-+ /* do until not enough input or output space for fast loop */
-+ do { /* assume called with m >= 258 && n >= 10 */
-+ /* get literal/length code */
-+ GRABBITS(20) /* max bits for literal/length code */
-+ if ((e = (t = tl + ((uInt)b & ml))->exop) == 0)
-+ {
-+ DUMPBITS(t->bits)
-+ Tracevv((stderr, t->base >= 0x20 && t->base < 0x7f ?
-+ "inflate: * literal '%c'\n" :
-+ "inflate: * literal 0x%02x\n", t->base));
-+ *q++ = (Byte)t->base;
-+ m--;
-+ continue;
-+ }
-+ do {
-+ DUMPBITS(t->bits)
-+ if (e & 16)
-+ {
-+ /* get extra bits for length */
-+ e &= 15;
-+ c = t->base + ((uInt)b & inflate_mask[e]);
-+ DUMPBITS(e)
-+ Tracevv((stderr, "inflate: * length %u\n", c));
-+
-+ /* decode distance base of block to copy */
-+ GRABBITS(15); /* max bits for distance code */
-+ e = (t = td + ((uInt)b & md))->exop;
-+ do {
-+ DUMPBITS(t->bits)
-+ if (e & 16)
-+ {
-+ /* get extra bits to add to distance base */
-+ e &= 15;
-+ GRABBITS(e) /* get extra bits (up to 13) */
-+ d = t->base + ((uInt)b & inflate_mask[e]);
-+ DUMPBITS(e)
-+ Tracevv((stderr, "inflate: * distance %u\n", d));
-+
-+ /* do the copy */
-+ m -= c;
-+ r = q - d;
-+ if (r < s->window) /* wrap if needed */
-+ {
-+ do {
-+ r += s->end - s->window; /* force pointer in window */
-+ } while (r < s->window); /* covers invalid distances */
-+ e = s->end - r;
-+ if (c > e)
-+ {
-+ c -= e; /* wrapped copy */
-+ do {
-+ *q++ = *r++;
-+ } while (--e);
-+ r = s->window;
-+ do {
-+ *q++ = *r++;
-+ } while (--c);
-+ }
-+ else /* normal copy */
-+ {
-+ *q++ = *r++; c--;
-+ *q++ = *r++; c--;
-+ do {
-+ *q++ = *r++;
-+ } while (--c);
-+ }
-+ }
-+ else /* normal copy */
-+ {
-+ *q++ = *r++; c--;
-+ *q++ = *r++; c--;
-+ do {
-+ *q++ = *r++;
-+ } while (--c);
-+ }
-+ break;
-+ }
-+ else if ((e & 64) == 0)
-+ {
-+ t += t->base;
-+ e = (t += ((uInt)b & inflate_mask[e]))->exop;
-+ }
-+ else
-+ {
-+ z->msg = (char*)"invalid distance code";
-+ UNGRAB
-+ UPDATE
-+ return Z_DATA_ERROR;
-+ }
-+ } while (1);
-+ break;
-+ }
-+ if ((e & 64) == 0)
-+ {
-+ t += t->base;
-+ if ((e = (t += ((uInt)b & inflate_mask[e]))->exop) == 0)
-+ {
-+ DUMPBITS(t->bits)
-+ Tracevv((stderr, t->base >= 0x20 && t->base < 0x7f ?
-+ "inflate: * literal '%c'\n" :
-+ "inflate: * literal 0x%02x\n", t->base));
-+ *q++ = (Byte)t->base;
-+ m--;
-+ break;
-+ }
-+ }
-+ else if (e & 32)
-+ {
-+ Tracevv((stderr, "inflate: * end of block\n"));
-+ UNGRAB
-+ UPDATE
-+ return Z_STREAM_END;
-+ }
-+ else
-+ {
-+ z->msg = (char*)"invalid literal/length code";
-+ UNGRAB
-+ UPDATE
-+ return Z_DATA_ERROR;
-+ }
-+ } while (1);
-+ } while (m >= 258 && n >= 10);
-+
-+ /* not enough input or output--restore pointers and return */
-+ UNGRAB
-+ UPDATE
-+ return Z_OK;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/inffast.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,22 @@
-+/* inffast.h -- header to use inffast.c
-+ * Copyright (C) 1995-2002 Mark Adler
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+/* WARNING: this file should *not* be used by applications. It is
-+ part of the implementation of the compression library and is
-+ subject to change. Applications should only use zlib.h.
-+ */
-+
-+#ifndef _INFFAST_H
-+#define _INFFAST_H
-+
-+extern int inflate_fast OF((
-+ uInt,
-+ uInt,
-+ inflate_huft *,
-+ inflate_huft *,
-+ inflate_blocks_statef *,
-+ z_streamp ));
-+
-+#endif /* _INFFAST_H */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/inffixed.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,151 @@
-+/* inffixed.h -- table for decoding fixed codes
-+ * Generated automatically by the maketree.c program
-+ */
-+
-+/* WARNING: this file should *not* be used by applications. It is
-+ part of the implementation of the compression library and is
-+ subject to change. Applications should only use zlib.h.
-+ */
-+
-+local uInt fixed_bl = 9;
-+local uInt fixed_bd = 5;
-+local inflate_huft fixed_tl[] = {
-+ {{{96,7}},256}, {{{0,8}},80}, {{{0,8}},16}, {{{84,8}},115},
-+ {{{82,7}},31}, {{{0,8}},112}, {{{0,8}},48}, {{{0,9}},192},
-+ {{{80,7}},10}, {{{0,8}},96}, {{{0,8}},32}, {{{0,9}},160},
-+ {{{0,8}},0}, {{{0,8}},128}, {{{0,8}},64}, {{{0,9}},224},
-+ {{{80,7}},6}, {{{0,8}},88}, {{{0,8}},24}, {{{0,9}},144},
-+ {{{83,7}},59}, {{{0,8}},120}, {{{0,8}},56}, {{{0,9}},208},
-+ {{{81,7}},17}, {{{0,8}},104}, {{{0,8}},40}, {{{0,9}},176},
-+ {{{0,8}},8}, {{{0,8}},136}, {{{0,8}},72}, {{{0,9}},240},
-+ {{{80,7}},4}, {{{0,8}},84}, {{{0,8}},20}, {{{85,8}},227},
-+ {{{83,7}},43}, {{{0,8}},116}, {{{0,8}},52}, {{{0,9}},200},
-+ {{{81,7}},13}, {{{0,8}},100}, {{{0,8}},36}, {{{0,9}},168},
-+ {{{0,8}},4}, {{{0,8}},132}, {{{0,8}},68}, {{{0,9}},232},
-+ {{{80,7}},8}, {{{0,8}},92}, {{{0,8}},28}, {{{0,9}},152},
-+ {{{84,7}},83}, {{{0,8}},124}, {{{0,8}},60}, {{{0,9}},216},
-+ {{{82,7}},23}, {{{0,8}},108}, {{{0,8}},44}, {{{0,9}},184},
-+ {{{0,8}},12}, {{{0,8}},140}, {{{0,8}},76}, {{{0,9}},248},
-+ {{{80,7}},3}, {{{0,8}},82}, {{{0,8}},18}, {{{85,8}},163},
-+ {{{83,7}},35}, {{{0,8}},114}, {{{0,8}},50}, {{{0,9}},196},
-+ {{{81,7}},11}, {{{0,8}},98}, {{{0,8}},34}, {{{0,9}},164},
-+ {{{0,8}},2}, {{{0,8}},130}, {{{0,8}},66}, {{{0,9}},228},
-+ {{{80,7}},7}, {{{0,8}},90}, {{{0,8}},26}, {{{0,9}},148},
-+ {{{84,7}},67}, {{{0,8}},122}, {{{0,8}},58}, {{{0,9}},212},
-+ {{{82,7}},19}, {{{0,8}},106}, {{{0,8}},42}, {{{0,9}},180},
-+ {{{0,8}},10}, {{{0,8}},138}, {{{0,8}},74}, {{{0,9}},244},
-+ {{{80,7}},5}, {{{0,8}},86}, {{{0,8}},22}, {{{192,8}},0},
-+ {{{83,7}},51}, {{{0,8}},118}, {{{0,8}},54}, {{{0,9}},204},
-+ {{{81,7}},15}, {{{0,8}},102}, {{{0,8}},38}, {{{0,9}},172},
-+ {{{0,8}},6}, {{{0,8}},134}, {{{0,8}},70}, {{{0,9}},236},
-+ {{{80,7}},9}, {{{0,8}},94}, {{{0,8}},30}, {{{0,9}},156},
-+ {{{84,7}},99}, {{{0,8}},126}, {{{0,8}},62}, {{{0,9}},220},
-+ {{{82,7}},27}, {{{0,8}},110}, {{{0,8}},46}, {{{0,9}},188},
-+ {{{0,8}},14}, {{{0,8}},142}, {{{0,8}},78}, {{{0,9}},252},
-+ {{{96,7}},256}, {{{0,8}},81}, {{{0,8}},17}, {{{85,8}},131},
-+ {{{82,7}},31}, {{{0,8}},113}, {{{0,8}},49}, {{{0,9}},194},
-+ {{{80,7}},10}, {{{0,8}},97}, {{{0,8}},33}, {{{0,9}},162},
-+ {{{0,8}},1}, {{{0,8}},129}, {{{0,8}},65}, {{{0,9}},226},
-+ {{{80,7}},6}, {{{0,8}},89}, {{{0,8}},25}, {{{0,9}},146},
-+ {{{83,7}},59}, {{{0,8}},121}, {{{0,8}},57}, {{{0,9}},210},
-+ {{{81,7}},17}, {{{0,8}},105}, {{{0,8}},41}, {{{0,9}},178},
-+ {{{0,8}},9}, {{{0,8}},137}, {{{0,8}},73}, {{{0,9}},242},
-+ {{{80,7}},4}, {{{0,8}},85}, {{{0,8}},21}, {{{80,8}},258},
-+ {{{83,7}},43}, {{{0,8}},117}, {{{0,8}},53}, {{{0,9}},202},
-+ {{{81,7}},13}, {{{0,8}},101}, {{{0,8}},37}, {{{0,9}},170},
-+ {{{0,8}},5}, {{{0,8}},133}, {{{0,8}},69}, {{{0,9}},234},
-+ {{{80,7}},8}, {{{0,8}},93}, {{{0,8}},29}, {{{0,9}},154},
-+ {{{84,7}},83}, {{{0,8}},125}, {{{0,8}},61}, {{{0,9}},218},
-+ {{{82,7}},23}, {{{0,8}},109}, {{{0,8}},45}, {{{0,9}},186},
-+ {{{0,8}},13}, {{{0,8}},141}, {{{0,8}},77}, {{{0,9}},250},
-+ {{{80,7}},3}, {{{0,8}},83}, {{{0,8}},19}, {{{85,8}},195},
-+ {{{83,7}},35}, {{{0,8}},115}, {{{0,8}},51}, {{{0,9}},198},
-+ {{{81,7}},11}, {{{0,8}},99}, {{{0,8}},35}, {{{0,9}},166},
-+ {{{0,8}},3}, {{{0,8}},131}, {{{0,8}},67}, {{{0,9}},230},
-+ {{{80,7}},7}, {{{0,8}},91}, {{{0,8}},27}, {{{0,9}},150},
-+ {{{84,7}},67}, {{{0,8}},123}, {{{0,8}},59}, {{{0,9}},214},
-+ {{{82,7}},19}, {{{0,8}},107}, {{{0,8}},43}, {{{0,9}},182},
-+ {{{0,8}},11}, {{{0,8}},139}, {{{0,8}},75}, {{{0,9}},246},
-+ {{{80,7}},5}, {{{0,8}},87}, {{{0,8}},23}, {{{192,8}},0},
-+ {{{83,7}},51}, {{{0,8}},119}, {{{0,8}},55}, {{{0,9}},206},
-+ {{{81,7}},15}, {{{0,8}},103}, {{{0,8}},39}, {{{0,9}},174},
-+ {{{0,8}},7}, {{{0,8}},135}, {{{0,8}},71}, {{{0,9}},238},
-+ {{{80,7}},9}, {{{0,8}},95}, {{{0,8}},31}, {{{0,9}},158},
-+ {{{84,7}},99}, {{{0,8}},127}, {{{0,8}},63}, {{{0,9}},222},
-+ {{{82,7}},27}, {{{0,8}},111}, {{{0,8}},47}, {{{0,9}},190},
-+ {{{0,8}},15}, {{{0,8}},143}, {{{0,8}},79}, {{{0,9}},254},
-+ {{{96,7}},256}, {{{0,8}},80}, {{{0,8}},16}, {{{84,8}},115},
-+ {{{82,7}},31}, {{{0,8}},112}, {{{0,8}},48}, {{{0,9}},193},
-+ {{{80,7}},10}, {{{0,8}},96}, {{{0,8}},32}, {{{0,9}},161},
-+ {{{0,8}},0}, {{{0,8}},128}, {{{0,8}},64}, {{{0,9}},225},
-+ {{{80,7}},6}, {{{0,8}},88}, {{{0,8}},24}, {{{0,9}},145},
-+ {{{83,7}},59}, {{{0,8}},120}, {{{0,8}},56}, {{{0,9}},209},
-+ {{{81,7}},17}, {{{0,8}},104}, {{{0,8}},40}, {{{0,9}},177},
-+ {{{0,8}},8}, {{{0,8}},136}, {{{0,8}},72}, {{{0,9}},241},
-+ {{{80,7}},4}, {{{0,8}},84}, {{{0,8}},20}, {{{85,8}},227},
-+ {{{83,7}},43}, {{{0,8}},116}, {{{0,8}},52}, {{{0,9}},201},
-+ {{{81,7}},13}, {{{0,8}},100}, {{{0,8}},36}, {{{0,9}},169},
-+ {{{0,8}},4}, {{{0,8}},132}, {{{0,8}},68}, {{{0,9}},233},
-+ {{{80,7}},8}, {{{0,8}},92}, {{{0,8}},28}, {{{0,9}},153},
-+ {{{84,7}},83}, {{{0,8}},124}, {{{0,8}},60}, {{{0,9}},217},
-+ {{{82,7}},23}, {{{0,8}},108}, {{{0,8}},44}, {{{0,9}},185},
-+ {{{0,8}},12}, {{{0,8}},140}, {{{0,8}},76}, {{{0,9}},249},
-+ {{{80,7}},3}, {{{0,8}},82}, {{{0,8}},18}, {{{85,8}},163},
-+ {{{83,7}},35}, {{{0,8}},114}, {{{0,8}},50}, {{{0,9}},197},
-+ {{{81,7}},11}, {{{0,8}},98}, {{{0,8}},34}, {{{0,9}},165},
-+ {{{0,8}},2}, {{{0,8}},130}, {{{0,8}},66}, {{{0,9}},229},
-+ {{{80,7}},7}, {{{0,8}},90}, {{{0,8}},26}, {{{0,9}},149},
-+ {{{84,7}},67}, {{{0,8}},122}, {{{0,8}},58}, {{{0,9}},213},
-+ {{{82,7}},19}, {{{0,8}},106}, {{{0,8}},42}, {{{0,9}},181},
-+ {{{0,8}},10}, {{{0,8}},138}, {{{0,8}},74}, {{{0,9}},245},
-+ {{{80,7}},5}, {{{0,8}},86}, {{{0,8}},22}, {{{192,8}},0},
-+ {{{83,7}},51}, {{{0,8}},118}, {{{0,8}},54}, {{{0,9}},205},
-+ {{{81,7}},15}, {{{0,8}},102}, {{{0,8}},38}, {{{0,9}},173},
-+ {{{0,8}},6}, {{{0,8}},134}, {{{0,8}},70}, {{{0,9}},237},
-+ {{{80,7}},9}, {{{0,8}},94}, {{{0,8}},30}, {{{0,9}},157},
-+ {{{84,7}},99}, {{{0,8}},126}, {{{0,8}},62}, {{{0,9}},221},
-+ {{{82,7}},27}, {{{0,8}},110}, {{{0,8}},46}, {{{0,9}},189},
-+ {{{0,8}},14}, {{{0,8}},142}, {{{0,8}},78}, {{{0,9}},253},
-+ {{{96,7}},256}, {{{0,8}},81}, {{{0,8}},17}, {{{85,8}},131},
-+ {{{82,7}},31}, {{{0,8}},113}, {{{0,8}},49}, {{{0,9}},195},
-+ {{{80,7}},10}, {{{0,8}},97}, {{{0,8}},33}, {{{0,9}},163},
-+ {{{0,8}},1}, {{{0,8}},129}, {{{0,8}},65}, {{{0,9}},227},
-+ {{{80,7}},6}, {{{0,8}},89}, {{{0,8}},25}, {{{0,9}},147},
-+ {{{83,7}},59}, {{{0,8}},121}, {{{0,8}},57}, {{{0,9}},211},
-+ {{{81,7}},17}, {{{0,8}},105}, {{{0,8}},41}, {{{0,9}},179},
-+ {{{0,8}},9}, {{{0,8}},137}, {{{0,8}},73}, {{{0,9}},243},
-+ {{{80,7}},4}, {{{0,8}},85}, {{{0,8}},21}, {{{80,8}},258},
-+ {{{83,7}},43}, {{{0,8}},117}, {{{0,8}},53}, {{{0,9}},203},
-+ {{{81,7}},13}, {{{0,8}},101}, {{{0,8}},37}, {{{0,9}},171},
-+ {{{0,8}},5}, {{{0,8}},133}, {{{0,8}},69}, {{{0,9}},235},
-+ {{{80,7}},8}, {{{0,8}},93}, {{{0,8}},29}, {{{0,9}},155},
-+ {{{84,7}},83}, {{{0,8}},125}, {{{0,8}},61}, {{{0,9}},219},
-+ {{{82,7}},23}, {{{0,8}},109}, {{{0,8}},45}, {{{0,9}},187},
-+ {{{0,8}},13}, {{{0,8}},141}, {{{0,8}},77}, {{{0,9}},251},
-+ {{{80,7}},3}, {{{0,8}},83}, {{{0,8}},19}, {{{85,8}},195},
-+ {{{83,7}},35}, {{{0,8}},115}, {{{0,8}},51}, {{{0,9}},199},
-+ {{{81,7}},11}, {{{0,8}},99}, {{{0,8}},35}, {{{0,9}},167},
-+ {{{0,8}},3}, {{{0,8}},131}, {{{0,8}},67}, {{{0,9}},231},
-+ {{{80,7}},7}, {{{0,8}},91}, {{{0,8}},27}, {{{0,9}},151},
-+ {{{84,7}},67}, {{{0,8}},123}, {{{0,8}},59}, {{{0,9}},215},
-+ {{{82,7}},19}, {{{0,8}},107}, {{{0,8}},43}, {{{0,9}},183},
-+ {{{0,8}},11}, {{{0,8}},139}, {{{0,8}},75}, {{{0,9}},247},
-+ {{{80,7}},5}, {{{0,8}},87}, {{{0,8}},23}, {{{192,8}},0},
-+ {{{83,7}},51}, {{{0,8}},119}, {{{0,8}},55}, {{{0,9}},207},
-+ {{{81,7}},15}, {{{0,8}},103}, {{{0,8}},39}, {{{0,9}},175},
-+ {{{0,8}},7}, {{{0,8}},135}, {{{0,8}},71}, {{{0,9}},239},
-+ {{{80,7}},9}, {{{0,8}},95}, {{{0,8}},31}, {{{0,9}},159},
-+ {{{84,7}},99}, {{{0,8}},127}, {{{0,8}},63}, {{{0,9}},223},
-+ {{{82,7}},27}, {{{0,8}},111}, {{{0,8}},47}, {{{0,9}},191},
-+ {{{0,8}},15}, {{{0,8}},143}, {{{0,8}},79}, {{{0,9}},255}
-+ };
-+local inflate_huft fixed_td[] = {
-+ {{{80,5}},1}, {{{87,5}},257}, {{{83,5}},17}, {{{91,5}},4097},
-+ {{{81,5}},5}, {{{89,5}},1025}, {{{85,5}},65}, {{{93,5}},16385},
-+ {{{80,5}},3}, {{{88,5}},513}, {{{84,5}},33}, {{{92,5}},8193},
-+ {{{82,5}},9}, {{{90,5}},2049}, {{{86,5}},129}, {{{192,5}},24577},
-+ {{{80,5}},2}, {{{87,5}},385}, {{{83,5}},25}, {{{91,5}},6145},
-+ {{{81,5}},7}, {{{89,5}},1537}, {{{85,5}},97}, {{{93,5}},24577},
-+ {{{80,5}},4}, {{{88,5}},769}, {{{84,5}},49}, {{{92,5}},12289},
-+ {{{82,5}},13}, {{{90,5}},3073}, {{{86,5}},193}, {{{192,5}},24577}
-+ };
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/inflate.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,368 @@
-+/* inflate.c -- zlib interface to inflate modules
-+ * Copyright (C) 1995-2002 Mark Adler
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+#include <zlib/zutil.h>
-+#include "infblock.h"
-+
-+struct inflate_blocks_state {int dummy;}; /* for buggy compilers */
-+
-+typedef enum {
-+ METHOD, /* waiting for method byte */
-+ FLAG, /* waiting for flag byte */
-+ DICT4, /* four dictionary check bytes to go */
-+ DICT3, /* three dictionary check bytes to go */
-+ DICT2, /* two dictionary check bytes to go */
-+ DICT1, /* one dictionary check byte to go */
-+ DICT0, /* waiting for inflateSetDictionary */
-+ BLOCKS, /* decompressing blocks */
-+ CHECK4, /* four check bytes to go */
-+ CHECK3, /* three check bytes to go */
-+ CHECK2, /* two check bytes to go */
-+ CHECK1, /* one check byte to go */
-+ DONE, /* finished check, done */
-+ BAD} /* got an error--stay here */
-+inflate_mode;
-+
-+/* inflate private state */
-+struct internal_state {
-+
-+ /* mode */
-+ inflate_mode mode; /* current inflate mode */
-+
-+ /* mode dependent information */
-+ union {
-+ uInt method; /* if FLAGS, method byte */
-+ struct {
-+ uLong was; /* computed check value */
-+ uLong need; /* stream check value */
-+ } check; /* if CHECK, check values to compare */
-+ uInt marker; /* if BAD, inflateSync's marker bytes count */
-+ } sub; /* submode */
-+
-+ /* mode independent information */
-+ int nowrap; /* flag for no wrapper */
-+ uInt wbits; /* log2(window size) (8..15, defaults to 15) */
-+ inflate_blocks_statef
-+ *blocks; /* current inflate_blocks state */
-+
-+};
-+
-+
-+int ZEXPORT inflateReset(z)
-+z_streamp z;
-+{
-+ if (z == Z_NULL || z->state == Z_NULL)
-+ return Z_STREAM_ERROR;
-+ z->total_in = z->total_out = 0;
-+ z->msg = Z_NULL;
-+ z->state->mode = z->state->nowrap ? BLOCKS : METHOD;
-+ inflate_blocks_reset(z->state->blocks, z, Z_NULL);
-+ Tracev((stderr, "inflate: reset\n"));
-+ return Z_OK;
-+}
-+
-+
-+int ZEXPORT inflateEnd(z)
-+z_streamp z;
-+{
-+ if (z == Z_NULL || z->state == Z_NULL || z->zfree == Z_NULL)
-+ return Z_STREAM_ERROR;
-+ if (z->state->blocks != Z_NULL)
-+ inflate_blocks_free(z->state->blocks, z);
-+ ZFREE(z, z->state);
-+ z->state = Z_NULL;
-+ Tracev((stderr, "inflate: end\n"));
-+ return Z_OK;
-+}
-+
-+
-+int ZEXPORT inflateInit2_(z, w, version, stream_size)
-+z_streamp z;
-+int w;
-+const char *version;
-+int stream_size;
-+{
-+ if (version == Z_NULL || version[0] != ZLIB_VERSION[0] ||
-+ stream_size != sizeof(z_stream))
-+ return Z_VERSION_ERROR;
-+
-+ /* initialize state */
-+ if (z == Z_NULL)
-+ return Z_STREAM_ERROR;
-+ z->msg = Z_NULL;
-+ if (z->zalloc == Z_NULL)
-+ {
-+ return Z_STREAM_ERROR;
-+/* z->zalloc = zcalloc;
-+ z->opaque = (voidpf)0;
-+*/
-+ }
-+ if (z->zfree == Z_NULL) return Z_STREAM_ERROR; /* z->zfree = zcfree; */
-+ if ((z->state = (struct internal_state FAR *)
-+ ZALLOC(z,1,sizeof(struct internal_state))) == Z_NULL)
-+ return Z_MEM_ERROR;
-+ z->state->blocks = Z_NULL;
-+
-+ /* handle undocumented nowrap option (no zlib header or check) */
-+ z->state->nowrap = 0;
-+ if (w < 0)
-+ {
-+ w = - w;
-+ z->state->nowrap = 1;
-+ }
-+
-+ /* set window size */
-+ if (w < 8 || w > 15)
-+ {
-+ inflateEnd(z);
-+ return Z_STREAM_ERROR;
-+ }
-+ z->state->wbits = (uInt)w;
-+
-+ /* create inflate_blocks state */
-+ if ((z->state->blocks =
-+ inflate_blocks_new(z, z->state->nowrap ? Z_NULL : adler32, (uInt)1 << w))
-+ == Z_NULL)
-+ {
-+ inflateEnd(z);
-+ return Z_MEM_ERROR;
-+ }
-+ Tracev((stderr, "inflate: allocated\n"));
-+
-+ /* reset state */
-+ inflateReset(z);
-+ return Z_OK;
-+}
-+
-+
-+int ZEXPORT inflateInit_(z, version, stream_size)
-+z_streamp z;
-+const char *version;
-+int stream_size;
-+{
-+ return inflateInit2_(z, DEF_WBITS, version, stream_size);
-+}
-+
-+
-+#define NEEDBYTE {if(z->avail_in==0)return r;r=f;}
-+#define NEXTBYTE (z->avail_in--,z->total_in++,*z->next_in++)
-+
-+int ZEXPORT inflate(z, f)
-+z_streamp z;
-+int f;
-+{
-+ int r;
-+ uInt b;
-+
-+ if (z == Z_NULL || z->state == Z_NULL || z->next_in == Z_NULL)
-+ return Z_STREAM_ERROR;
-+ f = f == Z_FINISH ? Z_BUF_ERROR : Z_OK;
-+ r = Z_BUF_ERROR;
-+ while (1) switch (z->state->mode)
-+ {
-+ case METHOD:
-+ NEEDBYTE
-+ if (((z->state->sub.method = NEXTBYTE) & 0xf) != Z_DEFLATED)
-+ {
-+ z->state->mode = BAD;
-+ z->msg = (char*)"unknown compression method";
-+ z->state->sub.marker = 5; /* can't try inflateSync */
-+ break;
-+ }
-+ if ((z->state->sub.method >> 4) + 8 > z->state->wbits)
-+ {
-+ z->state->mode = BAD;
-+ z->msg = (char*)"invalid window size";
-+ z->state->sub.marker = 5; /* can't try inflateSync */
-+ break;
-+ }
-+ z->state->mode = FLAG;
-+ case FLAG:
-+ NEEDBYTE
-+ b = NEXTBYTE;
-+ if (((z->state->sub.method << 8) + b) % 31)
-+ {
-+ z->state->mode = BAD;
-+ z->msg = (char*)"incorrect header check";
-+ z->state->sub.marker = 5; /* can't try inflateSync */
-+ break;
-+ }
-+ Tracev((stderr, "inflate: zlib header ok\n"));
-+ if (!(b & PRESET_DICT))
-+ {
-+ z->state->mode = BLOCKS;
-+ break;
-+ }
-+ z->state->mode = DICT4;
-+ case DICT4:
-+ NEEDBYTE
-+ z->state->sub.check.need = (uLong)NEXTBYTE << 24;
-+ z->state->mode = DICT3;
-+ case DICT3:
-+ NEEDBYTE
-+ z->state->sub.check.need += (uLong)NEXTBYTE << 16;
-+ z->state->mode = DICT2;
-+ case DICT2:
-+ NEEDBYTE
-+ z->state->sub.check.need += (uLong)NEXTBYTE << 8;
-+ z->state->mode = DICT1;
-+ case DICT1:
-+ NEEDBYTE
-+ z->state->sub.check.need += (uLong)NEXTBYTE;
-+ z->adler = z->state->sub.check.need;
-+ z->state->mode = DICT0;
-+ return Z_NEED_DICT;
-+ case DICT0:
-+ z->state->mode = BAD;
-+ z->msg = (char*)"need dictionary";
-+ z->state->sub.marker = 0; /* can try inflateSync */
-+ return Z_STREAM_ERROR;
-+ case BLOCKS:
-+ r = inflate_blocks(z->state->blocks, z, r);
-+ if (r == Z_DATA_ERROR)
-+ {
-+ z->state->mode = BAD;
-+ z->state->sub.marker = 0; /* can try inflateSync */
-+ break;
-+ }
-+ if (r == Z_OK)
-+ r = f;
-+ if (r != Z_STREAM_END)
-+ return r;
-+ r = f;
-+ inflate_blocks_reset(z->state->blocks, z, &z->state->sub.check.was);
-+ if (z->state->nowrap)
-+ {
-+ z->state->mode = DONE;
-+ break;
-+ }
-+ z->state->mode = CHECK4;
-+ case CHECK4:
-+ NEEDBYTE
-+ z->state->sub.check.need = (uLong)NEXTBYTE << 24;
-+ z->state->mode = CHECK3;
-+ case CHECK3:
-+ NEEDBYTE
-+ z->state->sub.check.need += (uLong)NEXTBYTE << 16;
-+ z->state->mode = CHECK2;
-+ case CHECK2:
-+ NEEDBYTE
-+ z->state->sub.check.need += (uLong)NEXTBYTE << 8;
-+ z->state->mode = CHECK1;
-+ case CHECK1:
-+ NEEDBYTE
-+ z->state->sub.check.need += (uLong)NEXTBYTE;
-+
-+ if (z->state->sub.check.was != z->state->sub.check.need)
-+ {
-+ z->state->mode = BAD;
-+ z->msg = (char*)"incorrect data check";
-+ z->state->sub.marker = 5; /* can't try inflateSync */
-+ break;
-+ }
-+ Tracev((stderr, "inflate: zlib check ok\n"));
-+ z->state->mode = DONE;
-+ case DONE:
-+ return Z_STREAM_END;
-+ case BAD:
-+ return Z_DATA_ERROR;
-+ default:
-+ return Z_STREAM_ERROR;
-+ }
-+#ifdef NEED_DUMMY_RETURN
-+ return Z_STREAM_ERROR; /* Some dumb compilers complain without this */
-+#endif
-+}
-+
-+
-+int ZEXPORT inflateSetDictionary(z, dictionary, dictLength)
-+z_streamp z;
-+const Bytef *dictionary;
-+uInt dictLength;
-+{
-+ uInt length = dictLength;
-+
-+ if (z == Z_NULL || z->state == Z_NULL || z->state->mode != DICT0)
-+ return Z_STREAM_ERROR;
-+
-+ if (adler32(1L, dictionary, dictLength) != z->adler) return Z_DATA_ERROR;
-+ z->adler = 1L;
-+
-+ if (length >= ((uInt)1<<z->state->wbits))
-+ {
-+ length = (1<<z->state->wbits)-1;
-+ dictionary += dictLength - length;
-+ }
-+ inflate_set_dictionary(z->state->blocks, dictionary, length);
-+ z->state->mode = BLOCKS;
-+ return Z_OK;
-+}
-+
-+
-+int ZEXPORT inflateSync(z)
-+z_streamp z;
-+{
-+ uInt n; /* number of bytes to look at */
-+ Bytef *p; /* pointer to bytes */
-+ uInt m; /* number of marker bytes found in a row */
-+ uLong r, w; /* temporaries to save total_in and total_out */
-+
-+ /* set up */
-+ if (z == Z_NULL || z->state == Z_NULL)
-+ return Z_STREAM_ERROR;
-+ if (z->state->mode != BAD)
-+ {
-+ z->state->mode = BAD;
-+ z->state->sub.marker = 0;
-+ }
-+ if ((n = z->avail_in) == 0)
-+ return Z_BUF_ERROR;
-+ p = z->next_in;
-+ m = z->state->sub.marker;
-+
-+ /* search */
-+ while (n && m < 4)
-+ {
-+ static const Byte mark[4] = {0, 0, 0xff, 0xff};
-+ if (*p == mark[m])
-+ m++;
-+ else if (*p)
-+ m = 0;
-+ else
-+ m = 4 - m;
-+ p++, n--;
-+ }
-+
-+ /* restore */
-+ z->total_in += p - z->next_in;
-+ z->next_in = p;
-+ z->avail_in = n;
-+ z->state->sub.marker = m;
-+
-+ /* return no joy or set up to restart on a new block */
-+ if (m != 4)
-+ return Z_DATA_ERROR;
-+ r = z->total_in; w = z->total_out;
-+ inflateReset(z);
-+ z->total_in = r; z->total_out = w;
-+ z->state->mode = BLOCKS;
-+ return Z_OK;
-+}
-+
-+
-+/* Returns true if inflate is currently at the end of a block generated
-+ * by Z_SYNC_FLUSH or Z_FULL_FLUSH. This function is used by one PPP
-+ * implementation to provide an additional safety check. PPP uses Z_SYNC_FLUSH
-+ * but removes the length bytes of the resulting empty stored block. When
-+ * decompressing, PPP checks that at the end of input packet, inflate is
-+ * waiting for these length bytes.
-+ */
-+int ZEXPORT inflateSyncPoint(z)
-+z_streamp z;
-+{
-+ if (z == Z_NULL || z->state == Z_NULL || z->state->blocks == Z_NULL)
-+ return Z_STREAM_ERROR;
-+ return inflate_blocks_sync_point(z->state->blocks);
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/inftrees.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,454 @@
-+/* inftrees.c -- generate Huffman trees for efficient decoding
-+ * Copyright (C) 1995-2002 Mark Adler
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+#include <zlib/zutil.h>
-+#include "inftrees.h"
-+
-+#if !defined(BUILDFIXED) && !defined(STDC)
-+# define BUILDFIXED /* non ANSI compilers may not accept inffixed.h */
-+#endif
-+
-+local const char inflate_copyright[] =
-+ " inflate 1.1.4 Copyright 1995-2002 Mark Adler ";
-+/*
-+ If you use the zlib library in a product, an acknowledgment is welcome
-+ in the documentation of your product. If for some reason you cannot
-+ include such an acknowledgment, I would appreciate that you keep this
-+ copyright string in the executable of your product.
-+ */
-+struct internal_state {int dummy;}; /* for buggy compilers */
-+
-+/* simplify the use of the inflate_huft type with some defines */
-+#define exop word.what.Exop
-+#define bits word.what.Bits
-+
-+
-+local int huft_build OF((
-+ uIntf *, /* code lengths in bits */
-+ uInt, /* number of codes */
-+ uInt, /* number of "simple" codes */
-+ const uIntf *, /* list of base values for non-simple codes */
-+ const uIntf *, /* list of extra bits for non-simple codes */
-+ inflate_huft * FAR*,/* result: starting table */
-+ uIntf *, /* maximum lookup bits (returns actual) */
-+ inflate_huft *, /* space for trees */
-+ uInt *, /* hufts used in space */
-+ uIntf * )); /* space for values */
-+
-+/* Tables for deflate from PKZIP's appnote.txt. */
-+local const uInt cplens[31] = { /* Copy lengths for literal codes 257..285 */
-+ 3, 4, 5, 6, 7, 8, 9, 10, 11, 13, 15, 17, 19, 23, 27, 31,
-+ 35, 43, 51, 59, 67, 83, 99, 115, 131, 163, 195, 227, 258, 0, 0};
-+ /* see note #13 above about 258 */
-+local const uInt cplext[31] = { /* Extra bits for literal codes 257..285 */
-+ 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 2, 2, 2, 2,
-+ 3, 3, 3, 3, 4, 4, 4, 4, 5, 5, 5, 5, 0, 112, 112}; /* 112==invalid */
-+local const uInt cpdist[30] = { /* Copy offsets for distance codes 0..29 */
-+ 1, 2, 3, 4, 5, 7, 9, 13, 17, 25, 33, 49, 65, 97, 129, 193,
-+ 257, 385, 513, 769, 1025, 1537, 2049, 3073, 4097, 6145,
-+ 8193, 12289, 16385, 24577};
-+local const uInt cpdext[30] = { /* Extra bits for distance codes */
-+ 0, 0, 0, 0, 1, 1, 2, 2, 3, 3, 4, 4, 5, 5, 6, 6,
-+ 7, 7, 8, 8, 9, 9, 10, 10, 11, 11,
-+ 12, 12, 13, 13};
-+
-+/*
-+ Huffman code decoding is performed using a multi-level table lookup.
-+ The fastest way to decode is to simply build a lookup table whose
-+ size is determined by the longest code. However, the time it takes
-+ to build this table can also be a factor if the data being decoded
-+ is not very long. The most common codes are necessarily the
-+ shortest codes, so those codes dominate the decoding time, and hence
-+ the speed. The idea is you can have a shorter table that decodes the
-+ shorter, more probable codes, and then point to subsidiary tables for
-+ the longer codes. The time it costs to decode the longer codes is
-+ then traded against the time it takes to make longer tables.
-+
-+ This results of this trade are in the variables lbits and dbits
-+ below. lbits is the number of bits the first level table for literal/
-+ length codes can decode in one step, and dbits is the same thing for
-+ the distance codes. Subsequent tables are also less than or equal to
-+ those sizes. These values may be adjusted either when all of the
-+ codes are shorter than that, in which case the longest code length in
-+ bits is used, or when the shortest code is *longer* than the requested
-+ table size, in which case the length of the shortest code in bits is
-+ used.
-+
-+ There are two different values for the two tables, since they code a
-+ different number of possibilities each. The literal/length table
-+ codes 286 possible values, or in a flat code, a little over eight
-+ bits. The distance table codes 30 possible values, or a little less
-+ than five bits, flat. The optimum values for speed end up being
-+ about one bit more than those, so lbits is 8+1 and dbits is 5+1.
-+ The optimum values may differ though from machine to machine, and
-+ possibly even between compilers. Your mileage may vary.
-+ */
-+
-+
-+/* If BMAX needs to be larger than 16, then h and x[] should be uLong. */
-+#define BMAX 15 /* maximum bit length of any code */
-+
-+local int huft_build(b, n, s, d, e, t, m, hp, hn, v)
-+uIntf *b; /* code lengths in bits (all assumed <= BMAX) */
-+uInt n; /* number of codes (assumed <= 288) */
-+uInt s; /* number of simple-valued codes (0..s-1) */
-+const uIntf *d; /* list of base values for non-simple codes */
-+const uIntf *e; /* list of extra bits for non-simple codes */
-+inflate_huft * FAR *t; /* result: starting table */
-+uIntf *m; /* maximum lookup bits, returns actual */
-+inflate_huft *hp; /* space for trees */
-+uInt *hn; /* hufts used in space */
-+uIntf *v; /* working area: values in order of bit length */
-+/* Given a list of code lengths and a maximum table size, make a set of
-+ tables to decode that set of codes. Return Z_OK on success, Z_BUF_ERROR
-+ if the given code set is incomplete (the tables are still built in this
-+ case), or Z_DATA_ERROR if the input is invalid. */
-+{
-+
-+ uInt a; /* counter for codes of length k */
-+ uInt c[BMAX+1]; /* bit length count table */
-+ uInt f; /* i repeats in table every f entries */
-+ int g; /* maximum code length */
-+ int h; /* table level */
-+ register uInt i; /* counter, current code */
-+ register uInt j; /* counter */
-+ register int k; /* number of bits in current code */
-+ int l; /* bits per table (returned in m) */
-+ uInt mask; /* (1 << w) - 1, to avoid cc -O bug on HP */
-+ register uIntf *p; /* pointer into c[], b[], or v[] */
-+ inflate_huft *q; /* points to current table */
-+ struct inflate_huft_s r; /* table entry for structure assignment */
-+ inflate_huft *u[BMAX]; /* table stack */
-+ register int w; /* bits before this table == (l * h) */
-+ uInt x[BMAX+1]; /* bit offsets, then code stack */
-+ uIntf *xp; /* pointer into x */
-+ int y; /* number of dummy codes added */
-+ uInt z; /* number of entries in current table */
-+
-+
-+ /* Generate counts for each bit length */
-+ p = c;
-+#define C0 *p++ = 0;
-+#define C2 C0 C0 C0 C0
-+#define C4 C2 C2 C2 C2
-+ C4 /* clear c[]--assume BMAX+1 is 16 */
-+ p = b; i = n;
-+ do {
-+ c[*p++]++; /* assume all entries <= BMAX */
-+ } while (--i);
-+ if (c[0] == n) /* null input--all zero length codes */
-+ {
-+ *t = (inflate_huft *)Z_NULL;
-+ *m = 0;
-+ return Z_OK;
-+ }
-+
-+
-+ /* Find minimum and maximum length, bound *m by those */
-+ l = *m;
-+ for (j = 1; j <= BMAX; j++)
-+ if (c[j])
-+ break;
-+ k = j; /* minimum code length */
-+ if ((uInt)l < j)
-+ l = j;
-+ for (i = BMAX; i; i--)
-+ if (c[i])
-+ break;
-+ g = i; /* maximum code length */
-+ if ((uInt)l > i)
-+ l = i;
-+ *m = l;
-+
-+
-+ /* Adjust last length count to fill out codes, if needed */
-+ for (y = 1 << j; j < i; j++, y <<= 1)
-+ if ((y -= c[j]) < 0)
-+ return Z_DATA_ERROR;
-+ if ((y -= c[i]) < 0)
-+ return Z_DATA_ERROR;
-+ c[i] += y;
-+
-+
-+ /* Generate starting offsets into the value table for each length */
-+ x[1] = j = 0;
-+ p = c + 1; xp = x + 2;
-+ while (--i) { /* note that i == g from above */
-+ *xp++ = (j += *p++);
-+ }
-+
-+
-+ /* Make a table of values in order of bit lengths */
-+ p = b; i = 0;
-+ do {
-+ if ((j = *p++) != 0)
-+ v[x[j]++] = i;
-+ } while (++i < n);
-+ n = x[g]; /* set n to length of v */
-+
-+
-+ /* Generate the Huffman codes and for each, make the table entries */
-+ x[0] = i = 0; /* first Huffman code is zero */
-+ p = v; /* grab values in bit order */
-+ h = -1; /* no tables yet--level -1 */
-+ w = -l; /* bits decoded == (l * h) */
-+ u[0] = (inflate_huft *)Z_NULL; /* just to keep compilers happy */
-+ q = (inflate_huft *)Z_NULL; /* ditto */
-+ z = 0; /* ditto */
-+
-+ /* go through the bit lengths (k already is bits in shortest code) */
-+ for (; k <= g; k++)
-+ {
-+ a = c[k];
-+ while (a--)
-+ {
-+ /* here i is the Huffman code of length k bits for value *p */
-+ /* make tables up to required level */
-+ while (k > w + l)
-+ {
-+ h++;
-+ w += l; /* previous table always l bits */
-+
-+ /* compute minimum size table less than or equal to l bits */
-+ z = g - w;
-+ z = z > (uInt)l ? l : z; /* table size upper limit */
-+ if ((f = 1 << (j = k - w)) > a + 1) /* try a k-w bit table */
-+ { /* too few codes for k-w bit table */
-+ f -= a + 1; /* deduct codes from patterns left */
-+ xp = c + k;
-+ if (j < z)
-+ while (++j < z) /* try smaller tables up to z bits */
-+ {
-+ if ((f <<= 1) <= *++xp)
-+ break; /* enough codes to use up j bits */
-+ f -= *xp; /* else deduct codes from patterns */
-+ }
-+ }
-+ z = 1 << j; /* table entries for j-bit table */
-+
-+ /* allocate new table */
-+ if (*hn + z > MANY) /* (note: doesn't matter for fixed) */
-+ return Z_DATA_ERROR; /* overflow of MANY */
-+ u[h] = q = hp + *hn;
-+ *hn += z;
-+
-+ /* connect to last table, if there is one */
-+ if (h)
-+ {
-+ x[h] = i; /* save pattern for backing up */
-+ r.bits = (Byte)l; /* bits to dump before this table */
-+ r.exop = (Byte)j; /* bits in this table */
-+ j = i >> (w - l);
-+ r.base = (uInt)(q - u[h-1] - j); /* offset to this table */
-+ u[h-1][j] = r; /* connect to last table */
-+ }
-+ else
-+ *t = q; /* first table is returned result */
-+ }
-+
-+ /* set up table entry in r */
-+ r.bits = (Byte)(k - w);
-+ if (p >= v + n)
-+ r.exop = 128 + 64; /* out of values--invalid code */
-+ else if (*p < s)
-+ {
-+ r.exop = (Byte)(*p < 256 ? 0 : 32 + 64); /* 256 is end-of-block */
-+ r.base = *p++; /* simple code is just the value */
-+ }
-+ else
-+ {
-+ r.exop = (Byte)(e[*p - s] + 16 + 64);/* non-simple--look up in lists */
-+ r.base = d[*p++ - s];
-+ }
-+
-+ /* fill code-like entries with r */
-+ f = 1 << (k - w);
-+ for (j = i >> w; j < z; j += f)
-+ q[j] = r;
-+
-+ /* backwards increment the k-bit code i */
-+ for (j = 1 << (k - 1); i & j; j >>= 1)
-+ i ^= j;
-+ i ^= j;
-+
-+ /* backup over finished tables */
-+ mask = (1 << w) - 1; /* needed on HP, cc -O bug */
-+ while ((i & mask) != x[h])
-+ {
-+ h--; /* don't need to update q */
-+ w -= l;
-+ mask = (1 << w) - 1;
-+ }
-+ }
-+ }
-+
-+
-+ /* Return Z_BUF_ERROR if we were given an incomplete table */
-+ return y != 0 && g != 1 ? Z_BUF_ERROR : Z_OK;
-+}
-+
-+
-+int inflate_trees_bits(c, bb, tb, hp, z)
-+uIntf *c; /* 19 code lengths */
-+uIntf *bb; /* bits tree desired/actual depth */
-+inflate_huft * FAR *tb; /* bits tree result */
-+inflate_huft *hp; /* space for trees */
-+z_streamp z; /* for messages */
-+{
-+ int r;
-+ uInt hn = 0; /* hufts used in space */
-+ uIntf *v; /* work area for huft_build */
-+
-+ if ((v = (uIntf*)ZALLOC(z, 19, sizeof(uInt))) == Z_NULL)
-+ return Z_MEM_ERROR;
-+ r = huft_build(c, 19, 19, (uIntf*)Z_NULL, (uIntf*)Z_NULL,
-+ tb, bb, hp, &hn, v);
-+ if (r == Z_DATA_ERROR)
-+ z->msg = (char*)"oversubscribed dynamic bit lengths tree";
-+ else if (r == Z_BUF_ERROR || *bb == 0)
-+ {
-+ z->msg = (char*)"incomplete dynamic bit lengths tree";
-+ r = Z_DATA_ERROR;
-+ }
-+ ZFREE(z, v);
-+ return r;
-+}
-+
-+
-+int inflate_trees_dynamic(nl, nd, c, bl, bd, tl, td, hp, z)
-+uInt nl; /* number of literal/length codes */
-+uInt nd; /* number of distance codes */
-+uIntf *c; /* that many (total) code lengths */
-+uIntf *bl; /* literal desired/actual bit depth */
-+uIntf *bd; /* distance desired/actual bit depth */
-+inflate_huft * FAR *tl; /* literal/length tree result */
-+inflate_huft * FAR *td; /* distance tree result */
-+inflate_huft *hp; /* space for trees */
-+z_streamp z; /* for messages */
-+{
-+ int r;
-+ uInt hn = 0; /* hufts used in space */
-+ uIntf *v; /* work area for huft_build */
-+
-+ /* allocate work area */
-+ if ((v = (uIntf*)ZALLOC(z, 288, sizeof(uInt))) == Z_NULL)
-+ return Z_MEM_ERROR;
-+
-+ /* build literal/length tree */
-+ r = huft_build(c, nl, 257, cplens, cplext, tl, bl, hp, &hn, v);
-+ if (r != Z_OK || *bl == 0)
-+ {
-+ if (r == Z_DATA_ERROR)
-+ z->msg = (char*)"oversubscribed literal/length tree";
-+ else if (r != Z_MEM_ERROR)
-+ {
-+ z->msg = (char*)"incomplete literal/length tree";
-+ r = Z_DATA_ERROR;
-+ }
-+ ZFREE(z, v);
-+ return r;
-+ }
-+
-+ /* build distance tree */
-+ r = huft_build(c + nl, nd, 0, cpdist, cpdext, td, bd, hp, &hn, v);
-+ if (r != Z_OK || (*bd == 0 && nl > 257))
-+ {
-+ if (r == Z_DATA_ERROR)
-+ z->msg = (char*)"oversubscribed distance tree";
-+ else if (r == Z_BUF_ERROR) {
-+#ifdef PKZIP_BUG_WORKAROUND
-+ r = Z_OK;
-+ }
-+#else
-+ z->msg = (char*)"incomplete distance tree";
-+ r = Z_DATA_ERROR;
-+ }
-+ else if (r != Z_MEM_ERROR)
-+ {
-+ z->msg = (char*)"empty distance tree with lengths";
-+ r = Z_DATA_ERROR;
-+ }
-+ ZFREE(z, v);
-+ return r;
-+#endif
-+ }
-+
-+ /* done */
-+ ZFREE(z, v);
-+ return Z_OK;
-+}
-+
-+
-+/* build fixed tables only once--keep them here */
-+#ifdef BUILDFIXED
-+local int fixed_built = 0;
-+#define FIXEDH 544 /* number of hufts used by fixed tables */
-+local inflate_huft fixed_mem[FIXEDH];
-+local uInt fixed_bl;
-+local uInt fixed_bd;
-+local inflate_huft *fixed_tl;
-+local inflate_huft *fixed_td;
-+#else
-+#include "inffixed.h"
-+#endif
-+
-+
-+int inflate_trees_fixed(bl, bd, tl, td, z)
-+uIntf *bl; /* literal desired/actual bit depth */
-+uIntf *bd; /* distance desired/actual bit depth */
-+inflate_huft * FAR *tl; /* literal/length tree result */
-+inflate_huft * FAR *td; /* distance tree result */
-+z_streamp z; /* for memory allocation */
-+{
-+#ifdef BUILDFIXED
-+ /* build fixed tables if not already */
-+ if (!fixed_built)
-+ {
-+ int k; /* temporary variable */
-+ uInt f = 0; /* number of hufts used in fixed_mem */
-+ uIntf *c; /* length list for huft_build */
-+ uIntf *v; /* work area for huft_build */
-+
-+ /* allocate memory */
-+ if ((c = (uIntf*)ZALLOC(z, 288, sizeof(uInt))) == Z_NULL)
-+ return Z_MEM_ERROR;
-+ if ((v = (uIntf*)ZALLOC(z, 288, sizeof(uInt))) == Z_NULL)
-+ {
-+ ZFREE(z, c);
-+ return Z_MEM_ERROR;
-+ }
-+
-+ /* literal table */
-+ for (k = 0; k < 144; k++)
-+ c[k] = 8;
-+ for (; k < 256; k++)
-+ c[k] = 9;
-+ for (; k < 280; k++)
-+ c[k] = 7;
-+ for (; k < 288; k++)
-+ c[k] = 8;
-+ fixed_bl = 9;
-+ huft_build(c, 288, 257, cplens, cplext, &fixed_tl, &fixed_bl,
-+ fixed_mem, &f, v);
-+
-+ /* distance table */
-+ for (k = 0; k < 30; k++)
-+ c[k] = 5;
-+ fixed_bd = 5;
-+ huft_build(c, 30, 0, cpdist, cpdext, &fixed_td, &fixed_bd,
-+ fixed_mem, &f, v);
-+
-+ /* done */
-+ ZFREE(z, v);
-+ ZFREE(z, c);
-+ fixed_built = 1;
-+ }
-+#endif
-+ *bl = fixed_bl;
-+ *bd = fixed_bd;
-+ *tl = fixed_tl;
-+ *td = fixed_td;
-+ return Z_OK;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/inftrees.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,63 @@
-+/* inftrees.h -- header to use inftrees.c
-+ * Copyright (C) 1995-2002 Mark Adler
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+/* WARNING: this file should *not* be used by applications. It is
-+ part of the implementation of the compression library and is
-+ subject to change. Applications should only use zlib.h.
-+ */
-+
-+/* Huffman code lookup table entry--this entry is four bytes for machines
-+ that have 16-bit pointers (e.g. PC's in the small or medium model). */
-+
-+#ifndef _INFTREES_H
-+#define _INFTREES_H
-+
-+typedef struct inflate_huft_s FAR inflate_huft;
-+
-+struct inflate_huft_s {
-+ union {
-+ struct {
-+ Byte Exop; /* number of extra bits or operation */
-+ Byte Bits; /* number of bits in this code or subcode */
-+ } what;
-+ uInt pad; /* pad structure to a power of 2 (4 bytes for */
-+ } word; /* 16-bit, 8 bytes for 32-bit int's) */
-+ uInt base; /* literal, length base, distance base,
-+ or table offset */
-+};
-+
-+/* Maximum size of dynamic tree. The maximum found in a long but non-
-+ exhaustive search was 1004 huft structures (850 for length/literals
-+ and 154 for distances, the latter actually the result of an
-+ exhaustive search). The actual maximum is not known, but the
-+ value below is more than safe. */
-+#define MANY 1440
-+
-+extern int inflate_trees_bits OF((
-+ uIntf *, /* 19 code lengths */
-+ uIntf *, /* bits tree desired/actual depth */
-+ inflate_huft * FAR *, /* bits tree result */
-+ inflate_huft *, /* space for trees */
-+ z_streamp)); /* for messages */
-+
-+extern int inflate_trees_dynamic OF((
-+ uInt, /* number of literal/length codes */
-+ uInt, /* number of distance codes */
-+ uIntf *, /* that many (total) code lengths */
-+ uIntf *, /* literal desired/actual bit depth */
-+ uIntf *, /* distance desired/actual bit depth */
-+ inflate_huft * FAR *, /* literal/length tree result */
-+ inflate_huft * FAR *, /* distance tree result */
-+ inflate_huft *, /* space for trees */
-+ z_streamp)); /* for messages */
-+
-+extern int inflate_trees_fixed OF((
-+ uIntf *, /* literal desired/actual bit depth */
-+ uIntf *, /* distance desired/actual bit depth */
-+ inflate_huft * FAR *, /* literal/length tree result */
-+ inflate_huft * FAR *, /* distance tree result */
-+ z_streamp)); /* for memory allocation */
-+
-+#endif /* _INFTREES_H */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/infutil.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,87 @@
-+/* inflate_util.c -- data and routines common to blocks and codes
-+ * Copyright (C) 1995-2002 Mark Adler
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+#include <zlib/zutil.h>
-+#include "infblock.h"
-+#include "inftrees.h"
-+#include "infcodes.h"
-+#include "infutil.h"
-+
-+struct inflate_codes_state {int dummy;}; /* for buggy compilers */
-+
-+/* And'ing with mask[n] masks the lower n bits */
-+uInt inflate_mask[17] = {
-+ 0x0000,
-+ 0x0001, 0x0003, 0x0007, 0x000f, 0x001f, 0x003f, 0x007f, 0x00ff,
-+ 0x01ff, 0x03ff, 0x07ff, 0x0fff, 0x1fff, 0x3fff, 0x7fff, 0xffff
-+};
-+
-+
-+/* copy as much as possible from the sliding window to the output area */
-+int inflate_flush(s, z, r)
-+inflate_blocks_statef *s;
-+z_streamp z;
-+int r;
-+{
-+ uInt n;
-+ Bytef *p;
-+ Bytef *q;
-+
-+ /* local copies of source and destination pointers */
-+ p = z->next_out;
-+ q = s->read;
-+
-+ /* compute number of bytes to copy as far as end of window */
-+ n = (uInt)((q <= s->write ? s->write : s->end) - q);
-+ if (n > z->avail_out) n = z->avail_out;
-+ if (n && r == Z_BUF_ERROR) r = Z_OK;
-+
-+ /* update counters */
-+ z->avail_out -= n;
-+ z->total_out += n;
-+
-+ /* update check information */
-+ if (s->checkfn != Z_NULL)
-+ z->adler = s->check = (*s->checkfn)(s->check, q, n);
-+
-+ /* copy as far as end of window */
-+ zmemcpy(p, q, n);
-+ p += n;
-+ q += n;
-+
-+ /* see if more to copy at beginning of window */
-+ if (q == s->end)
-+ {
-+ /* wrap pointers */
-+ q = s->window;
-+ if (s->write == s->end)
-+ s->write = s->window;
-+
-+ /* compute bytes to copy */
-+ n = (uInt)(s->write - q);
-+ if (n > z->avail_out) n = z->avail_out;
-+ if (n && r == Z_BUF_ERROR) r = Z_OK;
-+
-+ /* update counters */
-+ z->avail_out -= n;
-+ z->total_out += n;
-+
-+ /* update check information */
-+ if (s->checkfn != Z_NULL)
-+ z->adler = s->check = (*s->checkfn)(s->check, q, n);
-+
-+ /* copy */
-+ zmemcpy(p, q, n);
-+ p += n;
-+ q += n;
-+ }
-+
-+ /* update pointers */
-+ z->next_out = p;
-+ s->read = q;
-+
-+ /* done */
-+ return r;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/infutil.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,98 @@
-+/* infutil.h -- types and macros common to blocks and codes
-+ * Copyright (C) 1995-2002 Mark Adler
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+/* WARNING: this file should *not* be used by applications. It is
-+ part of the implementation of the compression library and is
-+ subject to change. Applications should only use zlib.h.
-+ */
-+
-+#ifndef _INFUTIL_H
-+#define _INFUTIL_H
-+
-+typedef enum {
-+ TYPE, /* get type bits (3, including end bit) */
-+ LENS, /* get lengths for stored */
-+ STORED, /* processing stored block */
-+ TABLE, /* get table lengths */
-+ BTREE, /* get bit lengths tree for a dynamic block */
-+ DTREE, /* get length, distance trees for a dynamic block */
-+ CODES, /* processing fixed or dynamic block */
-+ DRY, /* output remaining window bytes */
-+ DONE, /* finished last block, done */
-+ BAD} /* got a data error--stuck here */
-+inflate_block_mode;
-+
-+/* inflate blocks semi-private state */
-+struct inflate_blocks_state {
-+
-+ /* mode */
-+ inflate_block_mode mode; /* current inflate_block mode */
-+
-+ /* mode dependent information */
-+ union {
-+ uInt left; /* if STORED, bytes left to copy */
-+ struct {
-+ uInt table; /* table lengths (14 bits) */
-+ uInt index; /* index into blens (or border) */
-+ uIntf *blens; /* bit lengths of codes */
-+ uInt bb; /* bit length tree depth */
-+ inflate_huft *tb; /* bit length decoding tree */
-+ } trees; /* if DTREE, decoding info for trees */
-+ struct {
-+ inflate_codes_statef
-+ *codes;
-+ } decode; /* if CODES, current state */
-+ } sub; /* submode */
-+ uInt last; /* true if this block is the last block */
-+
-+ /* mode independent information */
-+ uInt bitk; /* bits in bit buffer */
-+ uLong bitb; /* bit buffer */
-+ inflate_huft *hufts; /* single malloc for tree space */
-+ Bytef *window; /* sliding window */
-+ Bytef *end; /* one byte after sliding window */
-+ Bytef *read; /* window read pointer */
-+ Bytef *write; /* window write pointer */
-+ check_func checkfn; /* check function */
-+ uLong check; /* check on output */
-+
-+};
-+
-+
-+/* defines for inflate input/output */
-+/* update pointers and return */
-+#define UPDBITS {s->bitb=b;s->bitk=k;}
-+#define UPDIN {z->avail_in=n;z->total_in+=p-z->next_in;z->next_in=p;}
-+#define UPDOUT {s->write=q;}
-+#define UPDATE {UPDBITS UPDIN UPDOUT}
-+#define LEAVE {UPDATE return inflate_flush(s,z,r);}
-+/* get bytes and bits */
-+#define LOADIN {p=z->next_in;n=z->avail_in;b=s->bitb;k=s->bitk;}
-+#define NEEDBYTE {if(n)r=Z_OK;else LEAVE}
-+#define NEXTBYTE (n--,*p++)
-+#define NEEDBITS(j) {while(k<(j)){NEEDBYTE;b|=((uLong)NEXTBYTE)<<k;k+=8;}}
-+#define DUMPBITS(j) {b>>=(j);k-=(j);}
-+/* output bytes */
-+#define WAVAIL (uInt)(q<s->read?s->read-q-1:s->end-q)
-+#define LOADOUT {q=s->write;m=(uInt)WAVAIL;}
-+#define WRAP {if(q==s->end&&s->read!=s->window){q=s->window;m=(uInt)WAVAIL;}}
-+#define FLUSH {UPDOUT r=inflate_flush(s,z,r); LOADOUT}
-+#define NEEDOUT {if(m==0){WRAP if(m==0){FLUSH WRAP if(m==0) LEAVE}}r=Z_OK;}
-+#define OUTBYTE(a) {*q++=(Byte)(a);m--;}
-+/* load local pointers */
-+#define LOAD {LOADIN LOADOUT}
-+
-+/* masks for lower bits (size given to avoid silly warnings with Visual C++) */
-+extern uInt inflate_mask[17];
-+
-+/* copy as much as possible from the sliding window to the output area */
-+extern int inflate_flush OF((
-+ inflate_blocks_statef *,
-+ z_streamp ,
-+ int));
-+
-+struct internal_state {int dummy;}; /* for buggy compilers */
-+
-+#endif /* _INFUTIL_H */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/initaddr.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,50 @@
-+/*
-+ * initialize address structure
-+ * Copyright (C) 2000 Henry Spencer.
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: initaddr.c,v 1.6 2004-07-10 07:43:47 mcr Exp $
-+ */
-+#include "openswan.h"
-+
-+/*
-+ - initaddr - initialize ip_address from bytes
-+ */
-+err_t /* NULL for success, else string literal */
-+initaddr(src, srclen, af, dst)
-+const unsigned char *src;
-+size_t srclen;
-+int af; /* address family */
-+ip_address *dst;
-+{
-+ switch (af) {
-+ case AF_INET:
-+ if (srclen != 4)
-+ return "IPv4 address must be exactly 4 bytes";
-+ dst->u.v4.sin_family = af;
-+ dst->u.v4.sin_port = 0; /* unused */
-+ memcpy((char *)&dst->u.v4.sin_addr.s_addr, src, srclen);
-+ break;
-+ case AF_INET6:
-+ if (srclen != 16)
-+ return "IPv6 address must be exactly 16 bytes";
-+ dst->u.v6.sin6_family = af;
-+ dst->u.v6.sin6_flowinfo = 0; /* unused */
-+ dst->u.v6.sin6_port = 0; /* unused */
-+ memcpy((char *)&dst->u.v6.sin6_addr, src, srclen);
-+ break;
-+ default:
-+ return "unknown address family in initaddr";
-+ break;
-+ }
-+ return NULL;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipcomp.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,697 @@
-+/*
-+ * IPCOMP zlib interface code.
-+ * Copyright (C) 2000 Svenning Soerensen <svenning@post5.tele.dk>
-+ * Copyright (C) 2000, 2001 Richard Guy Briggs <rgb@conscoop.ottawa.on.ca>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ */
-+
-+char ipcomp_c_version[] = "RCSID $Id: ipcomp.c,v 1.41.2.8 2007-10-30 21:33:40 paul Exp $";
-+
-+/* SSS */
-+
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+
-+#define __NO_VERSION__
-+#include <linux/module.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "openswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h>
-+#include <linux/netdevice.h>
-+#include <linux/ip.h>
-+#include <linux/skbuff.h>
-+
-+#include <linux/netdevice.h> /* struct device, and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+#include <linux/skbuff.h>
-+#include <asm/uaccess.h>
-+#include <asm/checksum.h>
-+
-+#include <openswan.h>
-+
-+#include <net/ip.h>
-+
-+#include "openswan/radij.h"
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_sa.h"
-+
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_tunnel.h"
-+#include "openswan/ipsec_rcv.h" /* sysctl_ipsec_inbound_policy_check */
-+#include "openswan/ipsec_proto.h"
-+#include "openswan/ipcomp.h"
-+#include "zlib/zlib.h"
-+#include "zlib/zutil.h"
-+
-+#include <pfkeyv2.h> /* SADB_X_CALG_DEFLATE */
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+int sysctl_ipsec_debug_ipcomp = 0;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+static
-+struct sk_buff *skb_copy_ipcomp(struct sk_buff *skb, int data_growth, int gfp_mask);
-+
-+static
-+voidpf my_zcalloc(voidpf opaque, uInt items, uInt size)
-+{
-+ return (voidpf) kmalloc(items*size, GFP_ATOMIC);
-+}
-+
-+static
-+void my_zfree(voidpf opaque, voidpf address)
-+{
-+ kfree(address);
-+}
-+
-+/*
-+ * We use this function because sometimes we want to pass a negative offset
-+ * into skb_put(), this does not work on 64bit platforms because long to
-+ * unsigned int casting.
-+ */
-+static inline unsigned char *
-+safe_skb_put(struct sk_buff *skb, int extend)
-+{
-+ unsigned char *ptr;
-+
-+ if (extend>0) {
-+ // increase the size of the packet
-+ ptr = skb_put(skb, extend);
-+ } else {
-+ // shrink the size of the packet
-+ ptr = skb_tail_pointer(skb);
-+ skb_trim (skb, skb->len + extend);
-+ }
-+
-+ return ptr;
-+}
-+
-+struct sk_buff *skb_compress(struct sk_buff *skb, struct ipsec_sa *ips, unsigned int *flags)
-+{
-+ struct iphdr *iph;
-+ unsigned int iphlen, pyldsz, cpyldsz;
-+ unsigned char *buffer;
-+ z_stream zs;
-+ int zresult;
-+
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_debug:skb_compress: .\n");
-+
-+ if(skb == NULL) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_debug:skb_compress: "
-+ "passed in NULL skb, returning ERROR.\n");
-+ if(flags != NULL) {
-+ *flags |= IPCOMP_PARMERROR;
-+ }
-+ return skb;
-+ }
-+
-+ if(ips == NULL) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_debug:skb_compress: "
-+ "passed in NULL ipsec_sa needed for cpi, returning ERROR.\n");
-+ if(flags) {
-+ *flags |= IPCOMP_PARMERROR;
-+ }
-+ return skb;
-+ }
-+
-+ if (flags == NULL) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_debug:skb_compress: "
-+ "passed in NULL flags, returning ERROR.\n");
-+ ipsec_kfree_skb(skb);
-+ return NULL;
-+ }
-+
-+#ifdef NET_21
-+ iph = ip_hdr(skb);
-+#else /* NET_21 */
-+ iph = skb->ip_hdr;
-+#endif /* NET_21 */
-+
-+ switch (iph->protocol) {
-+ case IPPROTO_COMP:
-+ case IPPROTO_AH:
-+ case IPPROTO_ESP:
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_debug:skb_compress: "
-+ "skipping compression of packet with ip protocol %d.\n",
-+ iph->protocol);
-+ *flags |= IPCOMP_UNCOMPRESSABLE;
-+ return skb;
-+ }
-+
-+ /* Don't compress packets already fragmented */
-+ if (iph->frag_off & __constant_htons(IP_MF | IP_OFFSET)) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_debug:skb_compress: "
-+ "skipping compression of fragmented packet.\n");
-+ *flags |= IPCOMP_UNCOMPRESSABLE;
-+ return skb;
-+ }
-+
-+ iphlen = iph->ihl << 2;
-+ pyldsz = ntohs(iph->tot_len) - iphlen;
-+
-+ /* Don't compress less than 90 bytes (rfc 2394) */
-+ if (pyldsz < 90) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_debug:skb_compress: "
-+ "skipping compression of tiny packet, len=%d.\n",
-+ pyldsz);
-+ *flags |= IPCOMP_UNCOMPRESSABLE;
-+ return skb;
-+ }
-+
-+ /* Adaptive decision */
-+ if (ips->ips_comp_adapt_skip) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_debug:skb_compress: "
-+ "skipping compression: ips_comp_adapt_skip=%d.\n",
-+ ips->ips_comp_adapt_skip);
-+ ips->ips_comp_adapt_skip--;
-+ *flags |= IPCOMP_UNCOMPRESSABLE;
-+ return skb;
-+ }
-+
-+ zs.zalloc = my_zcalloc;
-+ zs.zfree = my_zfree;
-+ zs.opaque = 0;
-+
-+ /* We want to use deflateInit2 because we don't want the adler
-+ header. */
-+ zresult = deflateInit2(&zs, Z_DEFAULT_COMPRESSION, Z_DEFLATED, -11,
-+ DEF_MEM_LEVEL, Z_DEFAULT_STRATEGY);
-+ if (zresult != Z_OK) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_error:skb_compress: "
-+ "deflateInit2() returned error %d (%s), "
-+ "skipping compression.\n",
-+ zresult,
-+ zs.msg ? zs.msg : zError(zresult));
-+ *flags |= IPCOMP_COMPRESSIONERROR;
-+ return skb;
-+ }
-+
-+
-+ /* Max output size. Result should be max this size.
-+ * Implementation specific tweak:
-+ * If it's not at least 32 bytes and 6.25% smaller than
-+ * the original packet, it's probably not worth wasting
-+ * the receiver's CPU cycles decompressing it.
-+ * Your mileage may vary.
-+ */
-+ cpyldsz = pyldsz - sizeof(struct ipcomphdr) - (pyldsz <= 512 ? 32 : pyldsz >> 4);
-+
-+ buffer = kmalloc(cpyldsz, GFP_ATOMIC);
-+ if (!buffer) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_error:skb_compress: "
-+ "unable to kmalloc(%d, GFP_ATOMIC), "
-+ "skipping compression.\n",
-+ cpyldsz);
-+ *flags |= IPCOMP_COMPRESSIONERROR;
-+ deflateEnd(&zs);
-+ return skb;
-+ }
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(sysctl_ipsec_debug_ipcomp && sysctl_ipsec_debug_verbose) {
-+ __u8 *c;
-+
-+ c = (__u8*)iph + iphlen;
-+ ipsec_dmp_block("compress before", c, pyldsz);
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ zs.next_in = (char *) iph + iphlen; /* start of payload */
-+ zs.avail_in = pyldsz;
-+ zs.next_out = buffer; /* start of compressed payload */
-+ zs.avail_out = cpyldsz;
-+
-+ /* Finish compression in one step */
-+ zresult = deflate(&zs, Z_FINISH);
-+
-+ /* Free all dynamically allocated buffers */
-+ deflateEnd(&zs);
-+ if (zresult != Z_STREAM_END) {
-+ *flags |= IPCOMP_UNCOMPRESSABLE;
-+ kfree(buffer);
-+
-+ /* Adjust adaptive counters */
-+ if (++(ips->ips_comp_adapt_tries) == IPCOMP_ADAPT_INITIAL_TRIES) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_debug:skb_compress: "
-+ "first %d packets didn't compress, "
-+ "skipping next %d\n",
-+ IPCOMP_ADAPT_INITIAL_TRIES,
-+ IPCOMP_ADAPT_INITIAL_SKIP);
-+ ips->ips_comp_adapt_skip = IPCOMP_ADAPT_INITIAL_SKIP;
-+ }
-+ else if (ips->ips_comp_adapt_tries == IPCOMP_ADAPT_INITIAL_TRIES + IPCOMP_ADAPT_SUBSEQ_TRIES) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_debug:skb_compress: "
-+ "next %d packets didn't compress, "
-+ "skipping next %d\n",
-+ IPCOMP_ADAPT_SUBSEQ_TRIES,
-+ IPCOMP_ADAPT_SUBSEQ_SKIP);
-+ ips->ips_comp_adapt_skip = IPCOMP_ADAPT_SUBSEQ_SKIP;
-+ ips->ips_comp_adapt_tries = IPCOMP_ADAPT_INITIAL_TRIES;
-+ }
-+
-+ return skb;
-+ }
-+
-+ /* resulting compressed size */
-+ cpyldsz -= zs.avail_out;
-+
-+ /* Insert IPCOMP header */
-+ ((struct ipcomphdr*) ((char*) iph + iphlen))->ipcomp_nh = iph->protocol;
-+ ((struct ipcomphdr*) ((char*) iph + iphlen))->ipcomp_flags = 0;
-+ /* use the bottom 16 bits of the spi for the cpi. The top 16 bits are
-+ for internal reference only. */
-+ ((struct ipcomphdr*) (((char*)iph) + iphlen))->ipcomp_cpi = htons((__u16)(ntohl(ips->ips_said.spi) & 0x0000ffff));
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_debug:skb_compress: "
-+ "spi=%08x, spi&0xffff=%04x, cpi=%04x, payload size: raw=%d, comp=%d.\n",
-+ ntohl(ips->ips_said.spi),
-+ ntohl(ips->ips_said.spi) & 0x0000ffff,
-+ ntohs(((struct ipcomphdr*)(((char*)iph)+iphlen))->ipcomp_cpi),
-+ pyldsz,
-+ cpyldsz);
-+
-+ /* Update IP header */
-+ iph->protocol = IPPROTO_COMP;
-+ iph->tot_len = htons(iphlen + sizeof(struct ipcomphdr) + cpyldsz);
-+#if 1 /* XXX checksum is done by ipsec_tunnel ? */
-+ iph->check = 0;
-+ iph->check = ip_fast_csum((char *) iph, iph->ihl);
-+#endif
-+
-+ /* Copy compressed payload */
-+ memcpy((char *) iph + iphlen + sizeof(struct ipcomphdr),
-+ buffer,
-+ cpyldsz);
-+ kfree(buffer);
-+
-+ /* Update skb length/tail by "unputting" the shrinkage */
-+ safe_skb_put (skb, cpyldsz + sizeof(struct ipcomphdr) - pyldsz);
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(sysctl_ipsec_debug_ipcomp && sysctl_ipsec_debug_verbose) {
-+ __u8 *c;
-+
-+ c = (__u8*)iph + iphlen + sizeof(struct ipcomphdr);
-+ ipsec_dmp_block("compress result", c, cpyldsz);
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ ips->ips_comp_adapt_skip = 0;
-+ ips->ips_comp_adapt_tries = 0;
-+
-+ return skb;
-+}
-+
-+struct sk_buff *skb_decompress(struct sk_buff *skb, struct ipsec_sa *ips, unsigned int *flags)
-+{
-+ struct sk_buff *nskb = NULL;
-+
-+ /* original ip header */
-+ struct iphdr *oiph, *iph;
-+ unsigned int iphlen, pyldsz, cpyldsz;
-+ z_stream zs;
-+ int zresult;
-+
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_debug:skb_decompress: .\n");
-+
-+ if(!skb) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_error:skb_decompress: "
-+ "passed in NULL skb, returning ERROR.\n");
-+ if (flags) *flags |= IPCOMP_PARMERROR;
-+ return skb;
-+ }
-+
-+ if(!ips && sysctl_ipsec_inbound_policy_check) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_error:skb_decompress: "
-+ "passed in NULL ipsec_sa needed for comp alg, returning ERROR.\n");
-+ if (flags) *flags |= IPCOMP_PARMERROR;
-+ return skb;
-+ }
-+
-+ if (!flags) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_error:skb_decompress: "
-+ "passed in NULL flags, returning ERROR.\n");
-+ ipsec_kfree_skb(skb);
-+ return NULL;
-+ }
-+
-+#ifdef NET_21
-+ oiph = ip_hdr(skb);
-+#else /* NET_21 */
-+ oiph = skb->ip_hdr;
-+#endif /* NET_21 */
-+
-+ iphlen = oiph->ihl << 2;
-+
-+ if (oiph->protocol != IPPROTO_COMP) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_error:skb_decompress: "
-+ "called with non-IPCOMP packet (protocol=%d),"
-+ "skipping decompression.\n",
-+ oiph->protocol);
-+ *flags |= IPCOMP_PARMERROR;
-+ return skb;
-+ }
-+
-+ if ( (((struct ipcomphdr*)((char*) oiph + iphlen))->ipcomp_flags != 0)
-+ || ((((struct ipcomphdr*) ((char*) oiph + iphlen))->ipcomp_cpi
-+ != htons(SADB_X_CALG_DEFLATE))
-+ && sysctl_ipsec_inbound_policy_check
-+ && (!ips || (ips && (ips->ips_encalg != SADB_X_CALG_DEFLATE)))) ) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_error:skb_decompress: "
-+ "called with incompatible IPCOMP packet (flags=%d, "
-+ "cpi=%d), ips-compalg=%d, skipping decompression.\n",
-+ ntohs(((struct ipcomphdr*) ((char*) oiph + iphlen))->ipcomp_flags),
-+ ntohs(((struct ipcomphdr*) ((char*) oiph + iphlen))->ipcomp_cpi),
-+ ips ? ips->ips_encalg : 0);
-+ *flags |= IPCOMP_PARMERROR;
-+
-+ return skb;
-+ }
-+
-+ if (ntohs(oiph->frag_off) & ~0x4000) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_error:skb_decompress: "
-+ "called with fragmented IPCOMP packet, "
-+ "skipping decompression.\n");
-+ *flags |= IPCOMP_PARMERROR;
-+ return skb;
-+ }
-+
-+ /* original compressed payload size */
-+ cpyldsz = ntohs(oiph->tot_len) - iphlen - sizeof(struct ipcomphdr);
-+
-+ zs.zalloc = my_zcalloc;
-+ zs.zfree = my_zfree;
-+ zs.opaque = 0;
-+
-+ zs.next_in = (char *) oiph + iphlen + sizeof(struct ipcomphdr);
-+ zs.avail_in = cpyldsz;
-+
-+ /* Maybe we should be a bit conservative about memory
-+ requirements and use inflateInit2 */
-+ /* Beware, that this might make us unable to decompress packets
-+ from other implementations - HINT: check PGPnet source code */
-+ /* We want to use inflateInit2 because we don't want the adler
-+ header. */
-+ zresult = inflateInit2(&zs, -15);
-+ if (zresult != Z_OK) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_error:skb_decompress: "
-+ "inflateInit2() returned error %d (%s), "
-+ "skipping decompression.\n",
-+ zresult,
-+ zs.msg ? zs.msg : zError(zresult));
-+ *flags |= IPCOMP_DECOMPRESSIONERROR;
-+
-+ return skb;
-+ }
-+
-+ /* We have no way of knowing the exact length of the resulting
-+ decompressed output before we have actually done the decompression.
-+ For now, we guess that the packet will not be bigger than the
-+ attached ipsec device's mtu or 16260, whichever is biggest.
-+ This may be wrong, since the sender's mtu may be bigger yet.
-+ XXX This must be dealt with later XXX
-+ */
-+
-+ /* max payload size */
-+ pyldsz = skb->dev ? (skb->dev->mtu < 16260 ? 16260 : skb->dev->mtu)
-+ : (65520 - iphlen);
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_debug:skb_decompress: "
-+ "max payload size: %d\n", pyldsz);
-+
-+ while (pyldsz > (cpyldsz + sizeof(struct ipcomphdr)) &&
-+ (nskb = skb_copy_ipcomp(skb,
-+ pyldsz - cpyldsz - sizeof(struct ipcomphdr),
-+ GFP_ATOMIC)) == NULL) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_error:skb_decompress: "
-+ "unable to skb_copy_ipcomp(skb, %d, GFP_ATOMIC), "
-+ "trying with less payload size.\n",
-+ (int)(pyldsz - cpyldsz - sizeof(struct ipcomphdr)));
-+ pyldsz >>=1;
-+ }
-+
-+ if (!nskb) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_error:skb_decompress: "
-+ "unable to allocate memory, dropping packet.\n");
-+ *flags |= IPCOMP_DECOMPRESSIONERROR;
-+ inflateEnd(&zs);
-+
-+ return skb;
-+ }
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(sysctl_ipsec_debug_ipcomp && sysctl_ipsec_debug_verbose) {
-+ __u8 *c;
-+
-+ c = (__u8*)oiph + iphlen + sizeof(struct ipcomphdr);
-+ ipsec_dmp_block("decompress before", c, cpyldsz);
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+#ifdef NET_21
-+ iph = ip_hdr(nskb);
-+#else /* NET_21 */
-+ iph = nskb->ip_hdr;
-+#endif /* NET_21 */
-+ zs.next_out = (char *)iph + iphlen;
-+ zs.avail_out = pyldsz;
-+
-+ zresult = inflate(&zs, Z_SYNC_FLUSH);
-+
-+ /* work around a bug in zlib, which sometimes wants to taste an extra
-+ * byte when being used in the (undocumented) raw deflate mode.
-+ */
-+ if (zresult == Z_OK && !zs.avail_in && zs.avail_out) {
-+ __u8 zerostuff = 0;
-+
-+ zs.next_in = &zerostuff;
-+ zs.avail_in = 1;
-+ zresult = inflate(&zs, Z_FINISH);
-+ }
-+
-+ inflateEnd(&zs);
-+ if (zresult != Z_STREAM_END) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_error:skb_decompress: "
-+ "inflate() returned error %d (%s), "
-+ "skipping decompression.\n",
-+ zresult,
-+ zs.msg ? zs.msg : zError(zresult));
-+ *flags |= IPCOMP_DECOMPRESSIONERROR;
-+ ipsec_kfree_skb(nskb);
-+
-+ return skb;
-+ }
-+
-+ /* Update IP header */
-+ /* resulting decompressed size */
-+ pyldsz -= zs.avail_out;
-+ iph->tot_len = htons(iphlen + pyldsz);
-+ iph->protocol = ((struct ipcomphdr*) ((char*) oiph + iphlen))->ipcomp_nh;
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_debug:skb_decompress: "
-+ "spi=%08x, spi&0xffff=%04x, cpi=%04x, payload size: comp=%d, raw=%d, nh=%d.\n",
-+ ips ? ntohl(ips->ips_said.spi) : 0,
-+ ips ? ntohl(ips->ips_said.spi) & 0x0000ffff : 0,
-+ ntohs(((struct ipcomphdr*)(((char*)oiph)+iphlen))->ipcomp_cpi),
-+ cpyldsz,
-+ pyldsz,
-+ iph->protocol);
-+
-+#if 1 /* XXX checksum is done by ipsec_rcv ? */
-+ iph->check = 0;
-+ iph->check = ip_fast_csum((char*) iph, iph->ihl);
-+#endif
-+
-+ /* Update skb length/tail by "unputting" the unused data area */
-+ safe_skb_put(nskb, -zs.avail_out);
-+
-+ ipsec_kfree_skb(skb);
-+
-+ if (iph->protocol == IPPROTO_COMP)
-+ {
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(sysctl_ipsec_debug_ipcomp)
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_debug:skb_decompress: "
-+ "Eh? inner packet is also compressed, dropping.\n");
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ ipsec_kfree_skb(nskb);
-+ return NULL;
-+ }
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(sysctl_ipsec_debug_ipcomp && sysctl_ipsec_debug_verbose) {
-+ __u8 *c;
-+
-+ c = (__u8*)iph + iphlen;
-+ ipsec_dmp_block("decompress result", c, pyldsz);
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ return nskb;
-+}
-+
-+
-+/* this is derived from skb_copy() in linux 2.2.14 */
-+/* May be incompatible with other kernel versions!! */
-+static
-+struct sk_buff *skb_copy_ipcomp(struct sk_buff *skb, int data_growth, int gfp_mask)
-+{
-+ struct sk_buff *n;
-+ struct iphdr *iph;
-+ unsigned long offset;
-+ unsigned int iphlen;
-+
-+ if(!skb) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_debug:skb_copy_ipcomp: "
-+ "passed in NULL skb, returning NULL.\n");
-+ return NULL;
-+ }
-+
-+ /*
-+ * Allocate the copy buffer
-+ */
-+
-+#ifdef NET_21
-+ iph = ip_hdr(skb);
-+#else /* NET_21 */
-+ iph = skb->ip_hdr;
-+#endif /* NET_21 */
-+ if (!iph) return NULL;
-+ iphlen = iph->ihl << 2;
-+
-+ n=alloc_skb(skb_end_pointer(skb) - skb->head + data_growth, gfp_mask);
-+ if(n==NULL)
-+ return NULL;
-+
-+ /*
-+ * Shift between the two data areas in bytes
-+ */
-+
-+ offset=n->head-skb->head;
-+
-+ /* Set the data pointer */
-+ skb_reserve(n,skb->data-skb->head);
-+ /* Set the tail pointer and length */
-+ safe_skb_put(n,skb->len+data_growth);
-+ /* Copy the bytes up to and including the ip header */
-+ memcpy(n->head,
-+ skb->head,
-+ ((char *)iph - (char *)skb->head) + iphlen);
-+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,14)
-+ n->list=NULL;
-+#endif
-+ n->next=NULL;
-+ n->prev=NULL;
-+ n->sk=NULL;
-+ n->dev=skb->dev;
-+ if (skb_transport_header(skb))
-+ skb_set_transport_header(n, offset);
-+ n->protocol=skb->protocol;
-+#ifdef NET_21
-+ n->csum = 0;
-+ n->priority=skb->priority;
-+ n->dst=dst_clone(skb->dst);
-+ skb_set_network_header(n, offset);
-+#ifndef NETDEV_23
-+ n->is_clone=0;
-+#endif /* NETDEV_23 */
-+ atomic_set(&n->users, 1);
-+ n->destructor = NULL;
-+#ifdef HAVE_SOCK_SECURITY
-+ n->security=skb->security;
-+#endif
-+ memcpy(n->cb, skb->cb, sizeof(skb->cb));
-+#ifdef CONFIG_IP_FIREWALL
-+ n->fwmark = skb->fwmark;
-+#endif
-+#else /* NET_21 */
-+ n->link3=NULL;
-+ n->when=skb->when;
-+ n->ip_hdr=(struct iphdr *)(((char *)skb->ip_hdr)+offset);
-+ n->saddr=skb->saddr;
-+ n->daddr=skb->daddr;
-+ n->raddr=skb->raddr;
-+ n->seq=skb->seq;
-+ n->end_seq=skb->end_seq;
-+ n->ack_seq=skb->ack_seq;
-+ n->acked=skb->acked;
-+ n->free=1;
-+ n->arp=skb->arp;
-+ n->tries=0;
-+ n->lock=0;
-+ n->users=0;
-+ memcpy(n->proto_priv, skb->proto_priv, sizeof(skb->proto_priv));
-+#endif /* NET_21 */
-+ if (skb_mac_header(skb))
-+ skb_set_mac_header(n, offset);
-+#ifndef NETDEV_23
-+ n->used=skb->used;
-+#endif /* !NETDEV_23 */
-+ n->pkt_type=skb->pkt_type;
-+#ifndef NETDEV_23
-+ n->pkt_bridged=skb->pkt_bridged;
-+#endif /* NETDEV_23 */
-+ n->ip_summed=0;
-+#ifdef HAVE_TSTAMP
-+ n->tstamp = skb->tstamp;
-+#else
-+ n->stamp=skb->stamp;
-+#endif
-+#ifndef NETDEV_23 /* this seems to have been removed in 2.4 */
-+#if defined(CONFIG_SHAPER) || defined(CONFIG_SHAPER_MODULE)
-+ n->shapelatency=skb->shapelatency; /* Latency on frame */
-+ n->shapeclock=skb->shapeclock; /* Time it should go out */
-+ n->shapelen=skb->shapelen; /* Frame length in clocks */
-+ n->shapestamp=skb->shapestamp; /* Stamp for shaper */
-+ n->shapepend=skb->shapepend; /* Pending */
-+#endif /* defined(CONFIG_SHAPER) || defined(CONFIG_SHAPER_MODULE) */
-+#endif /* NETDEV_23 */
-+
-+ return n;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_ah.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,411 @@
-+/*
-+ * processing code for AH
-+ * Copyright (C) 2003-2004 Michael Richardson <mcr@xelerance.com>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ */
-+
-+char ipsec_ah_c_version[] = "RCSID $Id: ipsec_ah.c,v 1.12.2.3 2007-09-05 02:56:09 paul Exp $";
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+
-+#define __NO_VERSION__
-+#include <linux/module.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "openswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/interrupt.h> /* mark_bh */
-+
-+#include <linux/netdevice.h> /* struct device, and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+#include <linux/skbuff.h>
-+#include <openswan.h>
-+#ifdef SPINLOCK
-+# ifdef SPINLOCK_23
-+# include <linux/spinlock.h> /* *lock* */
-+# else /* SPINLOCK_23 */
-+# include <asm/spinlock.h> /* *lock* */
-+# endif /* SPINLOCK_23 */
-+#endif /* SPINLOCK */
-+
-+#include <net/ip.h>
-+#include <net/protocol.h>
-+
-+#include "openswan/radij.h"
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_sa.h"
-+
-+#include "openswan/ipsec_radij.h"
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_tunnel.h"
-+#include "openswan/ipsec_rcv.h"
-+#include "openswan/ipsec_xmit.h"
-+
-+#include "openswan/ipsec_auth.h"
-+#include "openswan/ipsec_ah.h"
-+#include "openswan/ipsec_proto.h"
-+
-+__u32 zeroes[AH_AMAX];
-+
-+enum ipsec_rcv_value
-+ipsec_rcv_ah_checks(struct ipsec_rcv_state *irs,
-+ struct sk_buff *skb)
-+{
-+ int ahminlen;
-+
-+ ahminlen = irs->hard_header_len + sizeof(struct iphdr);
-+
-+ /* take care not to deref this pointer until we check the minlen though */
-+ irs->protostuff.ahstuff.ahp = (struct ahhdr *)skb_transport_header(skb);
-+
-+ if((skb->len < ahminlen+sizeof(struct ahhdr)) ||
-+ (skb->len < ahminlen+(irs->protostuff.ahstuff.ahp->ah_hl << 2))) {
-+ KLIPS_PRINT(debug_rcv & DB_RX_INAU,
-+ "klips_debug:ipsec_rcv: "
-+ "runt ah packet of skb->len=%d received from %s, dropped.\n",
-+ skb->len,
-+ irs->ipsaddr_txt);
-+ if(irs->stats) {
-+ irs->stats->rx_errors++;
-+ }
-+ return IPSEC_RCV_BADLEN;
-+ }
-+
-+ irs->said.spi = irs->protostuff.ahstuff.ahp->ah_spi;
-+
-+ /* XXX we only support the one 12-byte authenticator for now */
-+ if(irs->protostuff.ahstuff.ahp->ah_hl != ((AHHMAC_HASHLEN+AHHMAC_RPLLEN) >> 2)) {
-+ KLIPS_PRINT(debug_rcv & DB_RX_INAU,
-+ "klips_debug:ipsec_rcv: "
-+ "bad authenticator length %ld, expected %lu from %s.\n",
-+ (long)(irs->protostuff.ahstuff.ahp->ah_hl << 2),
-+ (unsigned long) sizeof(struct ahhdr),
-+ irs->ipsaddr_txt);
-+ if(irs->stats) {
-+ irs->stats->rx_errors++;
-+ }
-+ return IPSEC_RCV_BADLEN;
-+ }
-+
-+ return IPSEC_RCV_OK;
-+}
-+
-+
-+enum ipsec_rcv_value
-+ipsec_rcv_ah_setup_auth(struct ipsec_rcv_state *irs,
-+ struct sk_buff *skb,
-+ __u32 *replay,
-+ unsigned char **authenticator)
-+{
-+ struct ahhdr *ahp = irs->protostuff.ahstuff.ahp;
-+
-+ *replay = ntohl(ahp->ah_rpl);
-+ *authenticator = ahp->ah_data;
-+
-+ return IPSEC_RCV_OK;
-+}
-+
-+enum ipsec_rcv_value
-+ipsec_rcv_ah_authcalc(struct ipsec_rcv_state *irs,
-+ struct sk_buff *skb)
-+{
-+ struct auth_alg *aa;
-+ struct ahhdr *ahp = irs->protostuff.ahstuff.ahp;
-+ union {
-+ MD5_CTX md5;
-+ SHA1_CTX sha1;
-+ } tctx;
-+ struct iphdr ipo;
-+ int ahhlen;
-+
-+ aa = irs->authfuncs;
-+
-+ /* copy the initialized keying material */
-+ memcpy(&tctx, irs->ictx, irs->ictx_len);
-+
-+ ipo = *irs->ipp;
-+ ipo.tos = 0; /* mutable RFC 2402 3.3.3.1.1.1 */
-+ ipo.frag_off = 0;
-+ ipo.ttl = 0;
-+ ipo.check = 0;
-+
-+
-+ /* do the sanitized header */
-+ (*aa->update)((void*)&tctx, (caddr_t)&ipo, sizeof(struct iphdr));
-+
-+ /* XXX we didn't do the options here! */
-+
-+ /* now do the AH header itself */
-+ ahhlen = AH_BASIC_LEN + (ahp->ah_hl << 2);
-+ (*aa->update)((void*)&tctx, (caddr_t)ahp, ahhlen - AHHMAC_HASHLEN);
-+
-+ /* now, do some zeroes */
-+ (*aa->update)((void*)&tctx, (caddr_t)zeroes, AHHMAC_HASHLEN);
-+
-+ /* finally, do the packet contents themselves */
-+ (*aa->update)((void*)&tctx,
-+ (caddr_t)skb_transport_header(skb) + ahhlen,
-+ skb->len - ahhlen);
-+
-+ (*aa->final)(irs->hash, (void *)&tctx);
-+
-+ memcpy(&tctx, irs->octx, irs->octx_len);
-+
-+ (*aa->update)((void *)&tctx, irs->hash, aa->hashlen);
-+ (*aa->final)(irs->hash, (void *)&tctx);
-+
-+ return IPSEC_RCV_OK;
-+}
-+
-+enum ipsec_rcv_value
-+ipsec_rcv_ah_decap(struct ipsec_rcv_state *irs)
-+{
-+ struct ahhdr *ahp = irs->protostuff.ahstuff.ahp;
-+ struct sk_buff *skb;
-+ int ahhlen;
-+
-+ skb=irs->skb;
-+
-+ ahhlen = AH_BASIC_LEN + (ahp->ah_hl << 2);
-+
-+ irs->ipp->tot_len = htons(ntohs(irs->ipp->tot_len) - ahhlen);
-+ irs->next_header = ahp->ah_nh;
-+
-+ /*
-+ * move the IP header forward by the size of the AH header, which
-+ * will remove the the AH header from the packet.
-+ */
-+ memmove((void *)(skb_network_header(skb) + ahhlen),
-+ (void *)(skb_network_header(skb)), irs->iphlen);
-+
-+ ipsec_rcv_dmp("ah postmove", skb->data, skb->len);
-+
-+ /* skb_pull below, will move up by ahhlen */
-+
-+ /* XXX not clear how this can happen, as the message indicates */
-+ if(skb->len < ahhlen) {
-+ printk(KERN_WARNING
-+ "klips_error:ipsec_rcv: "
-+ "tried to skb_pull ahhlen=%d, %d available. This should never happen, please report.\n",
-+ ahhlen,
-+ (int)(skb->len));
-+ return IPSEC_RCV_DECAPFAIL;
-+ }
-+ skb_pull(skb, ahhlen);
-+
-+ skb_set_network_header(skb, ahhlen);
-+ irs->ipp = ip_hdr(skb);
-+
-+ ipsec_rcv_dmp("ah postpull", (void *)ip_hdr(skb), skb->len);
-+
-+ return IPSEC_RCV_OK;
-+}
-+
-+enum ipsec_xmit_value
-+ipsec_xmit_ah_setup(struct ipsec_xmit_state *ixs)
-+{
-+ struct iphdr ipo;
-+ struct ahhdr *ahp;
-+ __u8 hash[AH_AMAX];
-+ union {
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_MD5
-+ MD5_CTX md5;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_MD5 */
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_SHA1
-+ SHA1_CTX sha1;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_SHA1 */
-+ } tctx;
-+ unsigned char *dat = (unsigned char *)ixs->iph;
-+
-+ ahp = (struct ahhdr *)(dat + ixs->iphlen);
-+ ahp->ah_spi = ixs->ipsp->ips_said.spi;
-+ ahp->ah_rpl = htonl(++(ixs->ipsp->ips_replaywin_lastseq));
-+ ahp->ah_rv = 0;
-+ ahp->ah_nh = ixs->iph->protocol;
-+ ahp->ah_hl = (sizeof(struct ahhdr) >> 2) - sizeof(__u64)/sizeof(__u32);
-+ ixs->iph->protocol = IPPROTO_AH;
-+ ipsec_xmit_dmp("ahp", (char*)ahp, sizeof(*ahp));
-+
-+ ipo = *ixs->iph;
-+ ipo.tos = 0;
-+ ipo.frag_off = 0;
-+ ipo.ttl = 0;
-+ ipo.check = 0;
-+ ipsec_xmit_dmp("ipo", (char*)&ipo, sizeof(ipo));
-+
-+ switch(ixs->ipsp->ips_authalg) {
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_MD5
-+ case AH_MD5:
-+ tctx.md5 = ((struct md5_ctx*)(ixs->ipsp->ips_key_a))->ictx;
-+ ipsec_xmit_dmp("ictx", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Update(&tctx.md5, (unsigned char *)&ipo, sizeof (struct iphdr));
-+ ipsec_xmit_dmp("ictx+ipo", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Update(&tctx.md5, (unsigned char *)ahp,
-+ sizeof(struct ahhdr) - sizeof(ahp->ah_data));
-+ ipsec_xmit_dmp("ictx+ahp", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Update(&tctx.md5, (unsigned char *)zeroes, AHHMAC_HASHLEN);
-+ ipsec_xmit_dmp("ictx+zeroes", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Update(&tctx.md5, dat + ixs->iphlen + sizeof(struct ahhdr),
-+ ixs->skb->len - ixs->iphlen - sizeof(struct ahhdr));
-+ ipsec_xmit_dmp("ictx+dat", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Final(hash, &tctx.md5);
-+ ipsec_xmit_dmp("ictx hash", (char*)&hash, sizeof(hash));
-+ tctx.md5 = ((struct md5_ctx*)(ixs->ipsp->ips_key_a))->octx;
-+ ipsec_xmit_dmp("octx", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Update(&tctx.md5, hash, AHMD596_ALEN);
-+ ipsec_xmit_dmp("octx+hash", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Final(hash, &tctx.md5);
-+ ipsec_xmit_dmp("octx hash", (char*)&hash, sizeof(hash));
-+
-+ memcpy(ahp->ah_data, hash, AHHMAC_HASHLEN);
-+
-+ /* paranoid */
-+ memset((caddr_t)&tctx.md5, 0, sizeof(tctx.md5));
-+ memset((caddr_t)hash, 0, sizeof(*hash));
-+ break;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_MD5 */
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_SHA1
-+ case AH_SHA:
-+ tctx.sha1 = ((struct sha1_ctx*)(ixs->ipsp->ips_key_a))->ictx;
-+ SHA1Update(&tctx.sha1, (unsigned char *)&ipo, sizeof (struct iphdr));
-+ SHA1Update(&tctx.sha1, (unsigned char *)ahp, sizeof(struct ahhdr) - sizeof(ahp->ah_data));
-+ SHA1Update(&tctx.sha1, (unsigned char *)zeroes, AHHMAC_HASHLEN);
-+ SHA1Update(&tctx.sha1, dat + ixs->iphlen + sizeof(struct ahhdr),
-+ ixs->skb->len - ixs->iphlen - sizeof(struct ahhdr));
-+ SHA1Final(hash, &tctx.sha1);
-+ tctx.sha1 = ((struct sha1_ctx*)(ixs->ipsp->ips_key_a))->octx;
-+ SHA1Update(&tctx.sha1, hash, AHSHA196_ALEN);
-+ SHA1Final(hash, &tctx.sha1);
-+
-+ memcpy(ahp->ah_data, hash, AHHMAC_HASHLEN);
-+
-+ /* paranoid */
-+ memset((caddr_t)&tctx.sha1, 0, sizeof(tctx.sha1));
-+ memset((caddr_t)hash, 0, sizeof(*hash));
-+ break;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_SHA1 */
-+ default:
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_AH_BADALG;
-+ }
-+#ifdef NET_21
-+ skb_set_transport_header(ixs->skb, ipsec_skb_offset(ixs->skb, ahp));
-+#endif /* NET_21 */
-+
-+ return IPSEC_XMIT_OK;
-+}
-+
-+struct xform_functions ah_xform_funcs[]={
-+ { rcv_checks: ipsec_rcv_ah_checks,
-+ rcv_setup_auth: ipsec_rcv_ah_setup_auth,
-+ rcv_calc_auth: ipsec_rcv_ah_authcalc,
-+ rcv_decrypt: ipsec_rcv_ah_decap,
-+
-+ xmit_setup: ipsec_xmit_ah_setup,
-+ xmit_headroom: sizeof(struct ahhdr),
-+ xmit_needtailroom: 0,
-+ },
-+};
-+
-+
-+#ifdef NET_26
-+struct inet_protocol ah_protocol = {
-+ .handler = ipsec_rcv,
-+ .no_policy = 1,
-+};
-+#else
-+struct inet_protocol ah_protocol =
-+{
-+ ipsec_rcv, /* AH handler */
-+ NULL, /* TUNNEL error control */
-+#ifdef NETDEV_25
-+ 1, /* no policy */
-+#else
-+ 0, /* next */
-+ IPPROTO_AH, /* protocol ID */
-+ 0, /* copy */
-+ NULL, /* data */
-+ "AH" /* name */
-+#endif
-+};
-+#endif /* NET_26 */
-+
-+/*
-+ * $Log: ipsec_ah.c,v $
-+ * Revision 1.12.2.3 2007-09-05 02:56:09 paul
-+ * Use the new ipsec_kversion macros by David to deal with 2.6.22 kernels.
-+ * Fixes based on David McCullough patch.
-+ *
-+ * Revision 1.12.2.2 2006/10/06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.12.2.1 2006/02/15 05:35:14 paul
-+ * Patch by David McCullough <davidm@snapgear.com>
-+ * If you setup a tunnel without ESP it doesn't work. It used to work in
-+ * an older openswan version but stopped when klips was modified to deal
-+ * with the pulled IP header on the received SKB's.
-+ *
-+ * The code in ipsec_ah.c still thinks the IP header is there and runs the
-+ * hash on the incorrect data.
-+ *
-+ * Revision 1.12 2005/04/29 05:10:22 mcr
-+ * removed from extraenous includes to make unit testing easier.
-+ *
-+ * Revision 1.11 2005/04/15 19:50:55 mcr
-+ * adjustments to use proper skb fields for data.
-+ *
-+ * Revision 1.10 2004/09/14 00:22:57 mcr
-+ * adjustment of MD5* functions.
-+ *
-+ * Revision 1.9 2004/09/13 02:22:47 mcr
-+ * #define inet_protocol if necessary.
-+ *
-+ * Revision 1.8 2004/09/06 18:35:48 mcr
-+ * 2.6.8.1 gets rid of inet_protocol->net_protocol compatibility,
-+ * so adjust for that.
-+ *
-+ * Revision 1.7 2004/08/22 05:00:48 mcr
-+ * if we choose to compile the file, we want the contents,
-+ * so don't pull any punches.
-+ *
-+ * Revision 1.6 2004/08/17 03:27:23 mcr
-+ * klips 2.6 edits.
-+ *
-+ * Revision 1.5 2004/08/14 03:28:24 mcr
-+ * fixed log comment to remove warning about embedded comment.
-+ *
-+ * Revision 1.4 2004/08/04 15:57:07 mcr
-+ * moved des .h files to include/des/ *
-+ * included 2.6 protocol specific things
-+ * started at NAT-T support, but it will require a kernel patch.
-+ *
-+ * Revision 1.3 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.2 2004/04/06 02:49:25 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_alg.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,1057 @@
-+/*
-+ * Modular extensions service and registration functions
-+ *
-+ * Author: JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar>
-+ *
-+ * Version: 0.8.1
-+ *
-+ * ipsec_alg.c,v 1.1.2.1 2003/11/21 18:12:23 jjo Exp
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ */
-+#define __NO_VERSION__
-+
-+#if defined (MODULE)
-+#include <linux/module.h>
-+#endif
-+
-+#include <linux/kernel.h> /* printk() */
-+
-+#include <linux/netdevice.h> /* struct device, and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+#include <linux/skbuff.h>
-+#include <linux/socket.h>
-+#include <linux/in.h>
-+#include <linux/types.h>
-+#include <linux/string.h> /* memcmp() */
-+#include <linux/random.h> /* get_random_bytes() */
-+#include <linux/errno.h> /* error codes */
-+#ifdef SPINLOCK
-+# ifdef SPINLOCK_23
-+# include <linux/spinlock.h> /* *lock* */
-+# else /* SPINLOCK_23 */
-+# include <asm/spinlock.h> /* *lock* */
-+# endif /* SPINLOCK_23 */
-+#endif /* SPINLOCK */
-+
-+#include "openswan/ipsec_param.h"
-+#include <openswan.h>
-+#include "openswan/ipsec_sa.h"
-+#include "openswan/radij.h"
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_radij.h"
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_tunnel.h"
-+#include "openswan/ipsec_rcv.h"
-+#if defined(CONFIG_KLIPS_ESP) || defined(CONFIG_KLIPS_AH)
-+# include "openswan/ipsec_ah.h"
-+#endif /* defined(CONFIG_KLIPS_ESP) || defined(CONFIG_KLIPS_AH) */
-+#ifdef CONFIG_KLIPS_ESP
-+# include "openswan/ipsec_esp.h"
-+#endif /* !CONFIG_KLIPS_ESP */
-+#ifdef CONFIG_KLIPS_IPCOMP
-+# include "openswan/ipcomp.h"
-+#endif /* CONFIG_KLIPS_COMP */
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+#include "openswan/ipsec_alg.h"
-+#include "openswan/ipsec_proto.h"
-+
-+#if SADB_EALG_MAX < 255
-+#warning Compiling with limited ESP support ( SADB_EALG_MAX < 256 )
-+#endif
-+
-+static rwlock_t ipsec_alg_lock = RW_LOCK_UNLOCKED;
-+#define IPSEC_ALG_HASHSZ 16 /* must be power of 2, even 2^0=1 */
-+static struct list_head ipsec_alg_hash_table[IPSEC_ALG_HASHSZ];
-+
-+/* Old gcc's will fail here */
-+#define barf_out(fmt, args...) do { struct ipsec_alg *ixtc = (struct ipsec_alg *)ixt; printk(KERN_ERR "%s: (%s) " fmt, __FUNCTION__, ixtc->ixt_name , ## args) \
-+ ; goto out; } while(0)
-+
-+#ifdef NET_26
-+/*
-+ * Must be already protected by lock
-+ */
-+static void __ipsec_alg_usage_inc(struct ipsec_alg *ixt)
-+{
-+#ifdef MODULE
-+ if (ixt->ixt_module)
-+ try_module_get(ixt->ixt_module);
-+#endif
-+ atomic_inc(&ixt->ixt_refcnt);
-+}
-+static void __ipsec_alg_usage_dec(struct ipsec_alg *ixt) {
-+ atomic_dec(&ixt->ixt_refcnt);
-+#ifdef MODULE
-+ if (ixt->ixt_module)
-+ module_put(ixt->ixt_module);
-+#endif
-+}
-+
-+#else
-+
-+/*
-+ * Must be already protected by lock
-+ */
-+static void __ipsec_alg_usage_inc(struct ipsec_alg *ixt) {
-+#ifdef MODULE
-+ if (ixt->ixt_module) {
-+ __MOD_INC_USE_COUNT(ixt->ixt_module);
-+ }
-+#endif
-+ atomic_inc(&ixt->ixt_refcnt);
-+}
-+static void __ipsec_alg_usage_dec(struct ipsec_alg *ixt) {
-+ atomic_dec(&ixt->ixt_refcnt);
-+#ifdef MODULE
-+ if (ixt->ixt_module)
-+ __MOD_DEC_USE_COUNT(ixt->ixt_module);
-+#endif
-+}
-+#endif
-+
-+/*
-+ * simple hash function, optimized for 0-hash (1 list) special
-+ * case
-+ */
-+#if IPSEC_ALG_HASHSZ > 1
-+static inline unsigned ipsec_alg_hashfn(int alg_type, int alg_id) {
-+ return ((alg_type^alg_id)&(IPSEC_ALG_HASHSZ-1));
-+}
-+#else
-+#define ipsec_alg_hashfn(x,y) (0)
-+#endif
-+
-+/*****************************************************************
-+ *
-+ * INTERNAL table handling: insert, delete, find
-+ *
-+ *****************************************************************/
-+
-+/*
-+ * hash table initialization, called from ipsec_alg_init()
-+ */
-+static void ipsec_alg_hash_init(void) {
-+ struct list_head *head = ipsec_alg_hash_table;
-+ int i = IPSEC_ALG_HASHSZ;
-+ do {
-+ INIT_LIST_HEAD(head);
-+ head++;
-+ i--;
-+ } while (i);
-+}
-+/*
-+ * hash list lookup by {alg_type, alg_id} and table head,
-+ * must be already protected by lock
-+ */
-+static struct ipsec_alg *__ipsec_alg_find(unsigned alg_type, unsigned alg_id, struct list_head * head) {
-+ struct list_head *p;
-+ struct ipsec_alg *ixt=NULL;
-+ for (p=head->next; p!=head; p=p->next) {
-+ ixt = list_entry(p, struct ipsec_alg, ixt_list);
-+ if (ixt->ixt_alg_type == alg_type && ixt->ixt_alg_id==alg_id) {
-+ goto out;
-+ }
-+ }
-+ ixt=NULL;
-+out:
-+ return ixt;
-+}
-+/*
-+ * inserts (in front) a new entry in hash table,
-+ * called from ipsec_alg_register() when new algorithm is registered.
-+ */
-+static int ipsec_alg_insert(struct ipsec_alg *ixt) {
-+ int ret=-EINVAL;
-+ unsigned hashval=ipsec_alg_hashfn(ixt->ixt_alg_type, ixt->ixt_alg_id);
-+ struct list_head *head= ipsec_alg_hash_table + hashval;
-+ struct ipsec_alg *ixt_cur;
-+
-+ /* new element must be virgin ... */
-+ if (ixt->ixt_list.next != &ixt->ixt_list ||
-+ ixt->ixt_list.prev != &ixt->ixt_list) {
-+ printk(KERN_ERR "ipsec_alg_insert: ixt object \"%s\" "
-+ "list head not initialized\n",
-+ ixt->ixt_name);
-+ return ret;
-+ }
-+ write_lock_bh(&ipsec_alg_lock);
-+
-+ ixt_cur = __ipsec_alg_find(ixt->ixt_alg_type, ixt->ixt_alg_id, head);
-+
-+ /* if previous (current) ipsec_alg found check excl flag of _anyone_ */
-+ if (ixt_cur
-+ && ((ixt->ixt_state|ixt_cur->ixt_state) & IPSEC_ALG_ST_EXCL)) {
-+ barf_out("ipsec_alg for alg_type=%d, alg_id=%d already exist. "
-+ "Not loaded (ret=%d).\n",
-+ ixt->ixt_alg_type,
-+ ixt->ixt_alg_id, ret=-EEXIST);
-+ }
-+ list_add(&ixt->ixt_list, head);
-+ ixt->ixt_state |= IPSEC_ALG_ST_REGISTERED;
-+ ret=0;
-+out:
-+ write_unlock_bh(&ipsec_alg_lock);
-+ return ret;
-+}
-+
-+/*
-+ * deletes an existing entry in hash table,
-+ * called from ipsec_alg_unregister() when algorithm is unregistered.
-+ */
-+static int ipsec_alg_delete(struct ipsec_alg *ixt) {
-+ write_lock_bh(&ipsec_alg_lock);
-+ list_del(&ixt->ixt_list);
-+ write_unlock_bh(&ipsec_alg_lock);
-+ return 0;
-+}
-+
-+/*
-+ * here @user context (read-only when @kernel bh context)
-+ * -> no bh disabling
-+ *
-+ * called from ipsec_sa_init() -> ipsec_alg_sa_init()
-+ */
-+static struct ipsec_alg *ipsec_alg_get(int alg_type, int alg_id)
-+{
-+ unsigned hashval=ipsec_alg_hashfn(alg_type, alg_id);
-+ struct list_head *head= ipsec_alg_hash_table + hashval;
-+ struct ipsec_alg *ixt;
-+
-+ read_lock(&ipsec_alg_lock);
-+ ixt=__ipsec_alg_find(alg_type, alg_id, head);
-+ if (ixt) __ipsec_alg_usage_inc(ixt);
-+ read_unlock(&ipsec_alg_lock);
-+
-+ return ixt;
-+}
-+
-+static void ipsec_alg_put(struct ipsec_alg *ixt) {
-+ __ipsec_alg_usage_dec((struct ipsec_alg *)ixt);
-+}
-+
-+/*****************************************************************
-+ *
-+ * INTERFACE for ENC services: key creation, encrypt function
-+ *
-+ *****************************************************************/
-+
-+/*
-+ * main encrypt service entry point
-+ * called from ipsec_rcv() with encrypt=IPSEC_ALG_DECRYPT and
-+ * ipsec_tunnel_start_xmit with encrypt=IPSEC_ALG_ENCRYPT
-+ */
-+int ipsec_alg_esp_encrypt(struct ipsec_sa *sa_p, __u8 * idat,
-+ int ilen, const __u8 * iv, int encrypt)
-+{
-+ int ret;
-+ struct ipsec_alg_enc *ixt_e=sa_p->ips_alg_enc;
-+#ifdef CONFIG_KLIPS_DEBUG
-+ int debug_flag = (encrypt==IPSEC_ALG_ENCRYPT ?
-+ debug_tunnel : debug_rcv);
-+#endif
-+
-+ KLIPS_PRINT(debug_flag,
-+ "klips_debug:ipsec_alg_esp_encrypt: "
-+ "entering with encalg=%d, ixt_e=%p\n",
-+ sa_p->ips_encalg, ixt_e);
-+ if (ixt_e == NULL) {
-+#ifdef CONFIG_KLIPS_DEBUG
-+ KLIPS_ERROR(debug_flag,
-+ "klips_debug:ipsec_alg_esp_encrypt: "
-+ "NULL ipsec_alg_enc object\n");
-+#endif
-+ return -1;
-+ }
-+ KLIPS_PRINT(debug_flag,
-+ "klips_debug:ipsec_alg_esp_encrypt: "
-+ "calling cbc_encrypt encalg=%d "
-+ "ips_key_e=%p idat=%p ilen=%d iv=%p, encrypt=%d\n",
-+ sa_p->ips_encalg,
-+ sa_p->ips_key_e, idat, ilen, iv, encrypt);
-+ ret=ixt_e->ixt_e_cbc_encrypt(ixt_e, sa_p->ips_key_e, idat,
-+ ilen, iv, encrypt);
-+ KLIPS_PRINT(debug_flag,
-+ "klips_debug:ipsec_alg_esp_encrypt: "
-+ "returned ret=%d\n",
-+ ret);
-+ return ret;
-+}
-+
-+/*
-+ * encryption key context creation function
-+ * called from pfkey_v2_parser.c:pfkey_ips_init()
-+ */
-+int ipsec_alg_enc_key_create(struct ipsec_sa *sa_p) {
-+ int ret=-EINVAL;
-+ int keyminbits, keymaxbits;
-+ caddr_t ekp;
-+ struct ipsec_alg_enc *ixt_e=sa_p->ips_alg_enc;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:ipsec_alg_enc_key_create: "
-+ "entering with encalg=%d ixt_e=%p\n",
-+ sa_p->ips_encalg, ixt_e);
-+ if (!ixt_e) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:ipsec_alg_enc_key_create: "
-+ "NULL ipsec_alg_enc object\n");
-+ return -EPROTO;
-+ }
-+
-+ /*
-+ * grRRR... DES 7bits jurassic stuff ... f*ckk --jjo
-+ */
-+ switch(ixt_e->ixt_common.ixt_support.ias_id) {
-+ case ESP_3DES:
-+ keyminbits=keymaxbits=192;break;
-+ case ESP_DES:
-+ keyminbits=keymaxbits=64;break;
-+ default:
-+ keyminbits=ixt_e->ixt_common.ixt_support.ias_keyminbits;
-+ keymaxbits=ixt_e->ixt_common.ixt_support.ias_keymaxbits;
-+ }
-+ if(sa_p->ips_key_bits_e<keyminbits ||
-+ sa_p->ips_key_bits_e>keymaxbits) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:ipsec_alg_enc_key_create: "
-+ "incorrect encryption key size for id=%d: %d bits -- "
-+ "must be between %d,%d bits\n" /*octets (bytes)\n"*/,
-+ ixt_e->ixt_common.ixt_support.ias_id,
-+ sa_p->ips_key_bits_e, keyminbits, keymaxbits);
-+ ret=-EINVAL;
-+ goto ixt_out;
-+ }
-+ /* save encryption key pointer */
-+ ekp = sa_p->ips_key_e;
-+
-+
-+ if (ixt_e->ixt_e_new_key) {
-+ sa_p->ips_key_e = ixt_e->ixt_e_new_key(ixt_e,
-+ ekp, sa_p->ips_key_bits_e/8);
-+ ret = (sa_p->ips_key_e)? 0 : -EINVAL;
-+ } else {
-+ if((sa_p->ips_key_e = (caddr_t)
-+ kmalloc((sa_p->ips_key_e_size = ixt_e->ixt_e_ctx_size),
-+ GFP_ATOMIC)) == NULL) {
-+ ret=-ENOMEM;
-+ goto ixt_out;
-+ }
-+ /* zero-out key_e */
-+ memset(sa_p->ips_key_e, 0, sa_p->ips_key_e_size);
-+
-+ /* I cast here to allow more decoupling in alg module */
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:ipsec_alg_enc_key_create: about to call:"
-+ "set_key(key_e=%p, ekp=%p, key_size=%d)\n",
-+ (caddr_t)sa_p->ips_key_e, ekp, sa_p->ips_key_bits_e/8);
-+ ret = ixt_e->ixt_e_set_key(ixt_e, (caddr_t)sa_p->ips_key_e, ekp, sa_p->ips_key_bits_e/8);
-+ }
-+ /* paranoid */
-+ memset(ekp, 0, sa_p->ips_key_bits_e/8);
-+ kfree(ekp);
-+ixt_out:
-+ return ret;
-+}
-+
-+/***************************************************************
-+ *
-+ * INTERFACE for AUTH services: key creation, hash functions
-+ *
-+ ***************************************************************/
-+
-+/*
-+ * auth key context creation function
-+ * called from pfkey_v2_parser.c:pfkey_ips_init()
-+ */
-+int ipsec_alg_auth_key_create(struct ipsec_sa *sa_p) {
-+ int ret=-EINVAL;
-+ struct ipsec_alg_auth *ixt_a=sa_p->ips_alg_auth;
-+ int keyminbits, keymaxbits;
-+ unsigned char *akp;
-+ unsigned int aks;
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:ipsec_alg_auth_key_create: "
-+ "entering with authalg=%d ixt_a=%p\n",
-+ sa_p->ips_authalg, ixt_a);
-+ if (!ixt_a) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:ipsec_alg_auth_key_create: "
-+ "NULL ipsec_alg_auth object\n");
-+ return -EPROTO;
-+ }
-+ keyminbits=ixt_a->ixt_common.ixt_support.ias_keyminbits;
-+ keymaxbits=ixt_a->ixt_common.ixt_support.ias_keymaxbits;
-+ if(sa_p->ips_key_bits_a<keyminbits || sa_p->ips_key_bits_a>keymaxbits) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:ipsec_alg_auth_key_create: incorrect auth"
-+ "key size: %d bits -- must be between %d,%d bits\n"/*octets (bytes)\n"*/,
-+ sa_p->ips_key_bits_a, keyminbits, keymaxbits);
-+ ret=-EINVAL;
-+ goto ixt_out;
-+ }
-+ /* save auth key pointer */
-+ sa_p->ips_auth_bits = ixt_a->ixt_a_keylen * 8; /* XXX XXX */
-+ akp = sa_p->ips_key_a;
-+ aks = sa_p->ips_key_a_size;
-+
-+ /* will hold: 2 ctx and a blocksize buffer: kb */
-+ sa_p->ips_key_a_size = ixt_a->ixt_a_ctx_size;
-+ if((sa_p->ips_key_a =
-+ (caddr_t) kmalloc(sa_p->ips_key_a_size, GFP_ATOMIC)) == NULL) {
-+ ret=-ENOMEM;
-+ goto ixt_out;
-+ }
-+ ixt_a->ixt_a_hmac_set_key(ixt_a, sa_p->ips_key_a, akp, sa_p->ips_key_bits_a/8); /* XXX XXX */
-+ ret=0;
-+ memset(akp, 0, aks);
-+ kfree(akp);
-+
-+ixt_out:
-+ return ret;
-+}
-+
-+
-+int ipsec_alg_sa_esp_hash(const struct ipsec_sa *sa_p, const __u8 *espp,
-+ int len, __u8 *hash, int hashlen)
-+{
-+ struct ipsec_alg_auth *ixt_a=sa_p->ips_alg_auth;
-+ if (!ixt_a) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:ipsec_sa_esp_hash: "
-+ "NULL ipsec_alg_auth object\n");
-+ return -EPROTO;
-+ }
-+ KLIPS_PRINT(debug_tunnel|debug_rcv,
-+ "klips_debug:ipsec_sa_esp_hash: "
-+ "hashing %p (%d bytes) to %p (%d bytes)\n",
-+ espp, len,
-+ hash, hashlen);
-+ ixt_a->ixt_a_hmac_hash(ixt_a,
-+ sa_p->ips_key_a,
-+ espp, len,
-+ hash, hashlen);
-+ return 0;
-+}
-+
-+/***************************************************************
-+ *
-+ * INTERFACE for module loading,testing, and unloading
-+ *
-+ ***************************************************************/
-+
-+/* validation for registering (enc) module */
-+static int check_enc(struct ipsec_alg_enc *ixt)
-+{
-+ int ret=-EINVAL;
-+ if (ixt->ixt_common.ixt_blocksize==0) /* || ixt->ixt_common.ixt_blocksize%2) need for ESP_NULL */
-+ barf_out(KERN_ERR "invalid blocksize=%d\n", ixt->ixt_common.ixt_blocksize);
-+ if (ixt->ixt_common.ixt_support.ias_keyminbits==0
-+ && ixt->ixt_common.ixt_support.ias_keymaxbits==0
-+ && ixt->ixt_e_keylen==0)
-+ goto zero_key_ok;
-+
-+ if (ixt->ixt_common.ixt_support.ias_keyminbits==0)
-+ barf_out(KERN_ERR "invalid keyminbits=%d\n", ixt->ixt_common.ixt_support.ias_keyminbits);
-+
-+ if (ixt->ixt_common.ixt_support.ias_keymaxbits==0)
-+ barf_out(KERN_ERR "invalid keymaxbits=%d\n", ixt->ixt_common.ixt_support.ias_keymaxbits);
-+
-+ if (ixt->ixt_e_keylen==0)
-+ barf_out(KERN_ERR "invalid keysize=%d\n", ixt->ixt_e_keylen);
-+
-+zero_key_ok:
-+ if (ixt->ixt_e_ctx_size==0 && ixt->ixt_e_new_key == NULL)
-+ barf_out(KERN_ERR "invalid key_e_size=%d and ixt_e_new_key=NULL\n", ixt->ixt_e_ctx_size);
-+ if (ixt->ixt_e_cbc_encrypt==NULL)
-+ barf_out(KERN_ERR "e_cbc_encrypt() must be not NULL\n");
-+ ret=0;
-+out:
-+ return ret;
-+}
-+
-+/* validation for registering (auth) module */
-+static int check_auth(struct ipsec_alg_auth *ixt)
-+{
-+ int ret=-EINVAL;
-+ if (ixt->ixt_common.ixt_support.ias_id==0 || ixt->ixt_common.ixt_support.ias_id > SADB_AALG_MAX)
-+ barf_out("invalid alg_id=%d > %d (SADB_AALG_MAX)\n",
-+ ixt->ixt_common.ixt_support.ias_id, SADB_AALG_MAX);
-+
-+ if (ixt->ixt_common.ixt_blocksize==0
-+ || ixt->ixt_common.ixt_blocksize%2)
-+ barf_out(KERN_ERR "invalid blocksize=%d\n",
-+ ixt->ixt_common.ixt_blocksize);
-+
-+ if (ixt->ixt_common.ixt_blocksize>AH_BLKLEN_MAX)
-+ barf_out(KERN_ERR "sorry blocksize=%d > %d. "
-+ "Please increase AH_BLKLEN_MAX and recompile\n",
-+ ixt->ixt_common.ixt_blocksize,
-+ AH_BLKLEN_MAX);
-+ if (ixt->ixt_common.ixt_support.ias_keyminbits==0 && ixt->ixt_common.ixt_support.ias_keymaxbits==0 && ixt->ixt_a_keylen==0)
-+ goto zero_key_ok;
-+ if (ixt->ixt_common.ixt_support.ias_keyminbits==0)
-+ barf_out(KERN_ERR "invalid keyminbits=%d\n", ixt->ixt_common.ixt_support.ias_keyminbits);
-+ if (ixt->ixt_common.ixt_support.ias_keymaxbits==0)
-+ barf_out(KERN_ERR "invalid keymaxbits=%d\n", ixt->ixt_common.ixt_support.ias_keymaxbits);
-+ if (ixt->ixt_common.ixt_support.ias_keymaxbits!=ixt->ixt_common.ixt_support.ias_keyminbits)
-+ barf_out(KERN_ERR "keymaxbits must equal keyminbits (not sure).\n");
-+ if (ixt->ixt_a_keylen==0)
-+ barf_out(KERN_ERR "invalid keysize=%d\n", ixt->ixt_a_keylen);
-+zero_key_ok:
-+ if (ixt->ixt_a_ctx_size==0)
-+ barf_out(KERN_ERR "invalid a_ctx_size=%d\n", ixt->ixt_a_ctx_size);
-+ if (ixt->ixt_a_hmac_set_key==NULL)
-+ barf_out(KERN_ERR "a_hmac_set_key() must be not NULL\n");
-+ if (ixt->ixt_a_hmac_hash==NULL)
-+ barf_out(KERN_ERR "a_hmac_hash() must be not NULL\n");
-+ ret=0;
-+out:
-+ return ret;
-+}
-+
-+/*
-+ * Generic (enc, auth) registration entry point
-+ */
-+int register_ipsec_alg(struct ipsec_alg *ixt)
-+{
-+ int ret=-EINVAL;
-+ /* Validation */
-+ if (ixt==NULL)
-+ barf_out("NULL ipsec_alg object passed\n");
-+ if ((ixt->ixt_version&0xffffff00) != (IPSEC_ALG_VERSION&0xffffff00))
-+ barf_out("incorrect version: %d.%d.%d-%d, "
-+ "must be %d.%d.%d[-%d]\n",
-+ IPSEC_ALG_VERSION_QUAD(ixt->ixt_version),
-+ IPSEC_ALG_VERSION_QUAD(IPSEC_ALG_VERSION));
-+
-+ switch(ixt->ixt_alg_type) {
-+ case IPSEC_ALG_TYPE_AUTH:
-+ if ((ret=check_auth((struct ipsec_alg_auth *)ixt)<0))
-+ goto out;
-+ break;
-+ case IPSEC_ALG_TYPE_ENCRYPT:
-+ if ((ret=check_enc((struct ipsec_alg_enc *)ixt)<0))
-+ goto out;
-+ /*
-+ * Adapted two lines below:
-+ * ivlen == 0 is possible (NULL enc has blocksize==1)
-+ *
-+ * fixed NULL support by David De Reu <DeReu@tComLabs.com>
-+ */
-+ if (ixt->ixt_support.ias_ivlen == 0
-+ && ixt->ixt_blocksize > 1) {
-+ ixt->ixt_support.ias_ivlen = ixt->ixt_blocksize*8;
-+ }
-+ break;
-+ default:
-+ barf_out("alg_type=%d not supported\n", ixt->ixt_alg_type);
-+ }
-+ INIT_LIST_HEAD(&ixt->ixt_list);
-+ ret = ipsec_alg_insert(ixt);
-+ if (ret<0)
-+ barf_out(KERN_WARNING "ipsec_alg for alg_id=%d failed."
-+ "Not loaded (ret=%d).\n",
-+ ixt->ixt_support.ias_id, ret);
-+
-+
-+ ret = pfkey_list_insert_supported((struct ipsec_alg_supported *)&ixt->ixt_support
-+ , &(pfkey_supported_list[SADB_SATYPE_ESP]));
-+
-+ if (ret==0) {
-+ ixt->ixt_state |= IPSEC_ALG_ST_SUPP;
-+ /* send register event to userspace */
-+ pfkey_register_reply(SADB_SATYPE_ESP, NULL);
-+ } else
-+ printk(KERN_ERR "pfkey_list_insert_supported returned %d. "
-+ "Loading anyway.\n", ret);
-+ ret=0;
-+out:
-+ return ret;
-+}
-+
-+/*
-+ * unregister ipsec_alg object from own tables, if
-+ * success => calls pfkey_list_remove_supported()
-+ */
-+int unregister_ipsec_alg(struct ipsec_alg *ixt) {
-+ int ret= -EINVAL;
-+ switch(ixt->ixt_alg_type) {
-+ case IPSEC_ALG_TYPE_AUTH:
-+ case IPSEC_ALG_TYPE_ENCRYPT:
-+ break;
-+ default:
-+ /* this is not a typo :) */
-+ barf_out("frog found in list (\"%s\"): ixt_p=NULL\n",
-+ ixt->ixt_name);
-+ }
-+
-+ ret=ipsec_alg_delete(ixt);
-+ if (ixt->ixt_state&IPSEC_ALG_ST_SUPP) {
-+ ixt->ixt_state &= ~IPSEC_ALG_ST_SUPP;
-+ pfkey_list_remove_supported((struct ipsec_alg_supported *)&ixt->ixt_support
-+ , &(pfkey_supported_list[SADB_SATYPE_ESP]));
-+
-+ /* send register event to userspace */
-+ pfkey_register_reply(SADB_SATYPE_ESP, NULL);
-+ }
-+
-+out:
-+ return ret;
-+}
-+
-+/*
-+ * Must be called from user context
-+ * used at module load type for testing algo implementation
-+ */
-+static int ipsec_alg_test_encrypt(int enc_alg, int test) {
-+ int ret;
-+ caddr_t buf = NULL;
-+ int iv_size, keysize, key_e_size;
-+ struct ipsec_alg_enc *ixt_e;
-+ void *tmp_key_e = NULL;
-+ #define BUFSZ 1024
-+ #define MARGIN 0
-+ #define test_enc (buf+MARGIN)
-+ #define test_dec (test_enc+BUFSZ+MARGIN)
-+ #define test_tmp (test_dec+BUFSZ+MARGIN)
-+ #define test_key_e (test_tmp+BUFSZ+MARGIN)
-+ #define test_iv (test_key_e+key_e_size+MARGIN)
-+ #define test_key (test_iv+iv_size+MARGIN)
-+ #define test_size (BUFSZ*3+key_e_size+iv_size+keysize+MARGIN*7)
-+ ixt_e=(struct ipsec_alg_enc *)ipsec_alg_get(IPSEC_ALG_TYPE_ENCRYPT, enc_alg);
-+ if (ixt_e==NULL) {
-+ KLIPS_PRINT(1,
-+ "klips_debug: ipsec_alg_test_encrypt: "
-+ "encalg=%d object not found\n",
-+ enc_alg);
-+ ret=-EINVAL;
-+ goto out;
-+ }
-+ iv_size=ixt_e->ixt_common.ixt_support.ias_ivlen / 8;
-+ key_e_size=ixt_e->ixt_e_ctx_size;
-+ keysize=ixt_e->ixt_e_keylen;
-+ KLIPS_PRINT(1,
-+ "klips_debug: ipsec_alg_test_encrypt: "
-+ "enc_alg=%d blocksize=%d key_e_size=%d keysize=%d\n",
-+ enc_alg, iv_size, key_e_size, keysize);
-+ if ((buf=kmalloc (test_size, GFP_KERNEL)) == NULL) {
-+ ret= -ENOMEM;
-+ goto out;
-+ }
-+ get_random_bytes(test_key, keysize);
-+ get_random_bytes(test_iv, iv_size);
-+ if (ixt_e->ixt_e_new_key) {
-+ tmp_key_e = ixt_e->ixt_e_new_key(ixt_e, test_key, keysize);
-+ ret = tmp_key_e ? 0 : -EINVAL;
-+ } else {
-+ tmp_key_e = test_key_e;
-+ ret = ixt_e->ixt_e_set_key(ixt_e, test_key_e, test_key, keysize);
-+ }
-+ if (ret < 0)
-+ goto out;
-+ get_random_bytes(test_enc, BUFSZ);
-+ memcpy(test_tmp, test_enc, BUFSZ);
-+ ret=ixt_e->ixt_e_cbc_encrypt(ixt_e, tmp_key_e, test_enc, BUFSZ, test_iv, 1);
-+ printk(KERN_INFO
-+ "klips_info: ipsec_alg_test_encrypt: "
-+ "cbc_encrypt=1 ret=%d\n",
-+ ret);
-+ ret=memcmp(test_enc, test_tmp, BUFSZ);
-+ printk(KERN_INFO
-+ "klips_info: ipsec_alg_test_encrypt: "
-+ "memcmp(enc, tmp) ret=%d: %s\n", ret,
-+ ret!=0? "OK. (encr->DIFFers)" : "FAIL! (encr->SAME)" );
-+ memcpy(test_dec, test_enc, BUFSZ);
-+ ret=ixt_e->ixt_e_cbc_encrypt(ixt_e, tmp_key_e, test_dec, BUFSZ, test_iv, 0);
-+ printk(KERN_INFO
-+ "klips_info: ipsec_alg_test_encrypt: "
-+ "cbc_encrypt=0 ret=%d\n", ret);
-+ ret=memcmp(test_dec, test_tmp, BUFSZ);
-+ printk(KERN_INFO
-+ "klips_info: ipsec_alg_test_encrypt: "
-+ "memcmp(dec,tmp) ret=%d: %s\n", ret,
-+ ret==0? "OK. (encr->decr->SAME)" : "FAIL! (encr->decr->DIFFers)" );
-+ {
-+ /* Shamelessly taken from drivers/md sources O:) */
-+ unsigned long now;
-+ int i, count, max=0;
-+ int encrypt, speed;
-+ for (encrypt=0; encrypt <2;encrypt ++) {
-+ for (i = 0; i < 5; i++) {
-+ now = jiffies;
-+ count = 0;
-+ while (jiffies == now) {
-+ mb();
-+ ixt_e->ixt_e_cbc_encrypt(ixt_e,
-+ tmp_key_e, test_tmp,
-+ BUFSZ, test_iv, encrypt);
-+ mb();
-+ count++;
-+ mb();
-+ }
-+ if (count > max)
-+ max = count;
-+ }
-+ speed = max * (HZ * BUFSZ / 1024);
-+ printk(KERN_INFO
-+ "klips_info: ipsec_alg_test_encrypt: "
-+ "%s %s speed=%d KB/s\n",
-+ ixt_e->ixt_common.ixt_name,
-+ encrypt? "encrypt": "decrypt", speed);
-+ }
-+ }
-+out:
-+ if (tmp_key_e && ixt_e->ixt_e_destroy_key) ixt_e->ixt_e_destroy_key(ixt_e, tmp_key_e);
-+ if (buf) kfree(buf);
-+ if (ixt_e) ipsec_alg_put((struct ipsec_alg *)ixt_e);
-+ return ret;
-+ #undef test_enc
-+ #undef test_dec
-+ #undef test_tmp
-+ #undef test_key_e
-+ #undef test_iv
-+ #undef test_key
-+ #undef test_size
-+}
-+
-+/*
-+ * Must be called from user context
-+ * used at module load type for testing algo implementation
-+ */
-+static int ipsec_alg_test_auth(int auth_alg, int test) {
-+ int ret;
-+ caddr_t buf = NULL;
-+ int blocksize, keysize, key_a_size;
-+ struct ipsec_alg_auth *ixt_a;
-+ #define BUFSZ 1024
-+ #define MARGIN 0
-+ #define test_auth (buf+MARGIN)
-+ #define test_key_a (test_auth+BUFSZ+MARGIN)
-+ #define test_key (test_key_a+key_a_size+MARGIN)
-+ #define test_hash (test_key+keysize+MARGIN)
-+ #define test_size (BUFSZ+key_a_size+keysize+AHHMAC_HASHLEN+MARGIN*4)
-+ ixt_a=(struct ipsec_alg_auth *)ipsec_alg_get(IPSEC_ALG_TYPE_AUTH, auth_alg);
-+ if (ixt_a==NULL) {
-+ KLIPS_PRINT(1,
-+ "klips_debug: ipsec_alg_test_auth: "
-+ "encalg=%d object not found\n",
-+ auth_alg);
-+ ret=-EINVAL;
-+ goto out;
-+ }
-+ blocksize=ixt_a->ixt_common.ixt_blocksize;
-+ key_a_size=ixt_a->ixt_a_ctx_size;
-+ keysize=ixt_a->ixt_a_keylen;
-+ KLIPS_PRINT(1,
-+ "klips_debug: ipsec_alg_test_auth: "
-+ "auth_alg=%d blocksize=%d key_a_size=%d keysize=%d\n",
-+ auth_alg, blocksize, key_a_size, keysize);
-+ if ((buf=kmalloc (test_size, GFP_KERNEL)) == NULL) {
-+ ret= -ENOMEM;
-+ goto out;
-+ }
-+ get_random_bytes(test_key, keysize);
-+ ret = ixt_a->ixt_a_hmac_set_key(ixt_a, test_key_a, test_key, keysize);
-+ if (ret < 0 )
-+ goto out;
-+ get_random_bytes(test_auth, BUFSZ);
-+ ret=ixt_a->ixt_a_hmac_hash(ixt_a, test_key_a, test_auth, BUFSZ, test_hash, AHHMAC_HASHLEN);
-+ printk(KERN_INFO
-+ "klips_info: ipsec_alg_test_auth: "
-+ "ret=%d\n", ret);
-+ {
-+ /* Shamelessly taken from drivers/md sources O:) */
-+ unsigned long now;
-+ int i, count, max=0;
-+ int speed;
-+ for (i = 0; i < 5; i++) {
-+ now = jiffies;
-+ count = 0;
-+ while (jiffies == now) {
-+ mb();
-+ ixt_a->ixt_a_hmac_hash(ixt_a, test_key_a, test_auth, BUFSZ, test_hash, AHHMAC_HASHLEN);
-+ mb();
-+ count++;
-+ mb();
-+ }
-+ if (count > max)
-+ max = count;
-+ }
-+ speed = max * (HZ * BUFSZ / 1024);
-+ printk(KERN_INFO
-+ "klips_info: ipsec_alg_test_auth: "
-+ "%s hash speed=%d KB/s\n",
-+ ixt_a->ixt_common.ixt_name,
-+ speed);
-+ }
-+out:
-+ if (buf) kfree(buf);
-+ if (ixt_a) ipsec_alg_put((struct ipsec_alg *)ixt_a);
-+ return ret;
-+ #undef test_auth
-+ #undef test_key_a
-+ #undef test_key
-+ #undef test_hash
-+ #undef test_size
-+}
-+
-+int ipsec_alg_test(unsigned alg_type, unsigned alg_id, int test) {
-+ switch(alg_type) {
-+ case IPSEC_ALG_TYPE_ENCRYPT:
-+ return ipsec_alg_test_encrypt(alg_id, test);
-+ break;
-+ case IPSEC_ALG_TYPE_AUTH:
-+ return ipsec_alg_test_auth(alg_id, test);
-+ break;
-+ }
-+ printk(KERN_ERR "klips_info: ipsec_alg_test() called incorrectly: "
-+ "alg_type=%d alg_id=%d\n",
-+ alg_type, alg_id);
-+ return -EINVAL;
-+}
-+
-+int ipsec_alg_init(void) {
-+ KLIPS_PRINT(1, "klips_info:ipsec_alg_init: "
-+ "KLIPS alg v=%d.%d.%d-%d (EALG_MAX=%d, AALG_MAX=%d)\n",
-+ IPSEC_ALG_VERSION_QUAD(IPSEC_ALG_VERSION),
-+ SADB_EALG_MAX, SADB_AALG_MAX);
-+ /* Initialize tables */
-+ write_lock_bh(&ipsec_alg_lock);
-+ ipsec_alg_hash_init();
-+ write_unlock_bh(&ipsec_alg_lock);
-+
-+ /* Initialize static algos */
-+ KLIPS_PRINT(1, "klips_info:ipsec_alg_init: "
-+ "calling ipsec_alg_static_init()\n");
-+
-+ /* If we are suppose to use our AES, and don't have
-+ * CryptoAPI enabled...
-+ */
-+#if defined(CONFIG_KLIPS_ENC_AES) && CONFIG_KLIPS_ENC_AES && !defined(CONFIG_KLIPS_ENC_AES_MODULE)
-+#if defined(CONFIG_KLIPS_ENC_CRYPTOAPI) && CONFIG_KLIPS_ENC_CRYPTOAPI
-+#warning "Using built-in AES rather than CryptoAPI AES"
-+#endif
-+ {
-+ extern int ipsec_aes_init(void);
-+ ipsec_aes_init();
-+ }
-+#endif
-+
-+#if defined(CONFIG_KLIPS_ENC_3DES) && CONFIG_KLIPS_ENC_3DES && !defined(CONFIG_KLIPS_ENC_3DES_MODULE)
-+#if defined(CONFIG_KLIPS_ENC_CRYPTOAPI) && CONFIG_KLIPS_ENC_CRYPTOAPI
-+#warning "Using built-in 3des rather than CryptoAPI 3des"
-+#endif
-+ {
-+ extern int ipsec_3des_init(void);
-+ ipsec_3des_init();
-+ }
-+#endif
-+#if defined(CONFIG_KLIPS_ENC_NULL) && CONFIG_KLIPS_ENC_NULL && !defined(CONFIG_KLIPS_ENC_NULL_MODULE)
-+#if defined(CONFIG_KLIPS_ENC_CRYPTOAPI) && CONFIG_KLIPS_ENC_CRYPTOAPI
-+#warning "Using built-in null cipher rather than CryptoAPI null cipher"
-+#endif
-+#warning "Building with null cipher (ESP_NULL), blame on you :-)"
-+ {
-+ extern int ipsec_null_init(void);
-+ ipsec_null_init();
-+ }
-+#endif
-+
-+
-+ /* If we are doing CryptoAPI, then init */
-+#if defined(CONFIG_KLIPS_ENC_CRYPTOAPI) && CONFIG_KLIPS_ENC_CRYPTOAPI && !defined(CONFIG_KLIPS_ENC_CRYPTOAPI_MODULE)
-+ {
-+ extern int ipsec_cryptoapi_init(void);
-+ ipsec_cryptoapi_init();
-+ }
-+#endif
-+
-+
-+ return 0;
-+}
-+
-+/**********************************************
-+ *
-+ * INTERFACE for ipsec_sa init and wipe
-+ *
-+ **********************************************/
-+
-+/*
-+ * Called from pluto -> pfkey_v2_parser.c:pfkey_ipsec_sa_init()
-+ */
-+int ipsec_alg_sa_init(struct ipsec_sa *sa_p) {
-+ struct ipsec_alg_enc *ixt_e;
-+ struct ipsec_alg_auth *ixt_a;
-+
-+ /* Only ESP for now ... */
-+ if (sa_p->ips_said.proto != IPPROTO_ESP)
-+ return -EPROTONOSUPPORT;
-+
-+ KLIPS_PRINT(debug_pfkey, "klips_debug: ipsec_alg_sa_init() :"
-+ "entering for encalg=%d, authalg=%d\n",
-+ sa_p->ips_encalg, sa_p->ips_authalg);
-+
-+ if ((ixt_e=(struct ipsec_alg_enc *)
-+ ipsec_alg_get(IPSEC_ALG_TYPE_ENCRYPT, sa_p->ips_encalg))) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug: ipsec_alg_sa_init() :"
-+ "found ipsec_alg (ixt_e=%p) for encalg=%d\n",
-+ ixt_e, sa_p->ips_encalg);
-+ sa_p->ips_alg_enc=ixt_e;
-+ }
-+
-+ if ((ixt_a=(struct ipsec_alg_auth *)
-+ ipsec_alg_get(IPSEC_ALG_TYPE_AUTH, sa_p->ips_authalg))) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug: ipsec_alg_sa_init() :"
-+ "found ipsec_alg (ixt_a=%p) for auth=%d\n",
-+ ixt_a, sa_p->ips_authalg);
-+ sa_p->ips_alg_auth=ixt_a;
-+ }
-+ return 0;
-+}
-+
-+/*
-+ * Called from pluto -> ipsec_sa.c:ipsec_sa_delchain()
-+ */
-+int ipsec_alg_sa_wipe(struct ipsec_sa *sa_p) {
-+ struct ipsec_alg *ixt;
-+ if ((ixt=(struct ipsec_alg *)sa_p->ips_alg_enc)) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug: ipsec_alg_sa_wipe() :"
-+ "unlinking for encalg=%d\n",
-+ ixt->ixt_support.ias_id);
-+ ipsec_alg_put(ixt);
-+ }
-+ if ((ixt=(struct ipsec_alg *)sa_p->ips_alg_auth)) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug: ipsec_alg_sa_wipe() :"
-+ "unlinking for authalg=%d\n",
-+ ixt->ixt_support.ias_id);
-+ ipsec_alg_put(ixt);
-+ }
-+ return 0;
-+}
-+
-+IPSEC_PROCFS_DEBUG_NO_STATIC
-+int
-+ipsec_xform_get_info(char *buffer,
-+ char **start,
-+ off_t offset,
-+ int length IPSEC_PROC_LAST_ARG)
-+{
-+ int len = 0;
-+ off_t begin = 0;
-+ int i;
-+ struct list_head *head;
-+ struct ipsec_alg *ixt;
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_PROCFS,
-+ "klips_debug:ipsec_tncfg_get_info: "
-+ "buffer=0p%p, *start=0p%p, offset=%d, length=%d\n",
-+ buffer,
-+ *start,
-+ (int)offset,
-+ length);
-+
-+ for(i = 0, head = ipsec_alg_hash_table;
-+ i<IPSEC_ALG_HASHSZ;
-+ i++, head++)
-+ {
-+ struct list_head *p;
-+ for (p=head->next; p!=head; p=p->next)
-+ {
-+ ixt = list_entry(p, struct ipsec_alg, ixt_list);
-+ len += ipsec_snprintf(buffer+len, length-len,
-+ "VERSION=%d TYPE=%d ID=%d NAME=%s REFCNT=%d ",
-+ ixt->ixt_version, ixt->ixt_alg_type, ixt->ixt_support.ias_id,
-+ ixt->ixt_name, ixt->ixt_refcnt);
-+
-+ len += ipsec_snprintf(buffer+len, length-len,
-+ "STATE=%08x BLOCKSIZE=%d IVLEN=%d KEYMINBITS=%d KEYMAXBITS=%d ",
-+ ixt->ixt_state, ixt->ixt_blocksize,
-+ ixt->ixt_support.ias_ivlen, ixt->ixt_support.ias_keyminbits, ixt->ixt_support.ias_keymaxbits);
-+
-+ len += ipsec_snprintf(buffer+len, length-len,
-+ "IVLEN=%d KEYMINBITS=%d KEYMAXBITS=%d ",
-+ ixt->ixt_support.ias_ivlen, ixt->ixt_support.ias_keyminbits, ixt->ixt_support.ias_keymaxbits);
-+
-+ switch(ixt->ixt_alg_type)
-+ {
-+ case IPSEC_ALG_TYPE_AUTH:
-+ {
-+ struct ipsec_alg_auth *auth = (struct ipsec_alg_auth *)ixt;
-+
-+ len += ipsec_snprintf(buffer+len, length-len,
-+ "KEYLEN=%d CTXSIZE=%d AUTHLEN=%d ",
-+ auth->ixt_a_keylen, auth->ixt_a_ctx_size,
-+ auth->ixt_a_authlen);
-+ break;
-+ }
-+ case IPSEC_ALG_TYPE_ENCRYPT:
-+ {
-+ struct ipsec_alg_enc *enc = (struct ipsec_alg_enc *)ixt;
-+ len += ipsec_snprintf(buffer+len, length-len,
-+ "KEYLEN=%d CTXSIZE=%d ",
-+ enc->ixt_e_keylen, enc->ixt_e_ctx_size);
-+
-+ break;
-+ }
-+ }
-+
-+ len += ipsec_snprintf(buffer+len, length-len, "\n");
-+ }
-+ }
-+
-+ *start = buffer + (offset - begin); /* Start of wanted data */
-+ len -= (offset - begin); /* Start slop */
-+ if (len > length)
-+ len = length;
-+ return len;
-+}
-+
-+
-+/*
-+ * As the author of this module, I ONLY ALLOW using it from
-+ * GPL (or same LICENSE TERMS as kernel source) modules.
-+ *
-+ * In respect to hardware crypto engines this means:
-+ * * Closed-source device drivers ARE NOT ALLOWED to use
-+ * this interface.
-+ * * Closed-source VHDL/Verilog firmware running on
-+ * the crypto hardware device IS ALLOWED to use this interface
-+ * via a GPL (or same LICENSE TERMS as kernel source) device driver.
-+ * --Juan Jose Ciarlante 20/03/2002 (thanks RGB for the correct wording)
-+ */
-+
-+/*
-+ * These symbols can only be used from GPL modules
-+ * for now, I'm disabling this because it creates false
-+ * symbol problems for old modutils.
-+ */
-+
-+#ifdef CONFIG_MODULES
-+#ifndef NET_26
-+#if 0
-+#ifndef EXPORT_SYMBOL_GPL
-+#undef EXPORT_SYMBOL_GPL
-+#define EXPORT_SYMBOL_GPL EXPORT_SYMBOL
-+#endif
-+#endif
-+EXPORT_SYMBOL(register_ipsec_alg);
-+EXPORT_SYMBOL(unregister_ipsec_alg);
-+EXPORT_SYMBOL(ipsec_alg_test);
-+#endif
-+#endif
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_alg_cryptoapi.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,455 @@
-+/*
-+ * ipsec_alg to linux cryptoapi GLUE
-+ *
-+ * Authors: CODE.ar TEAM
-+ * Harpo MAxx <harpo@linuxmendoza.org.ar>
-+ * JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar>
-+ * Luciano Ruete <docemeses@softhome.net>
-+ *
-+ * ipsec_alg_cryptoapi.c,v 1.1.2.1 2003/11/21 18:12:23 jjo Exp
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * Example usage:
-+ * modinfo -p ipsec_cryptoapi (quite useful info, including supported algos)
-+ * modprobe ipsec_cryptoapi
-+ * modprobe ipsec_cryptoapi test=1
-+ * modprobe ipsec_cryptoapi excl=1 (exclusive cipher/algo)
-+ * modprobe ipsec_cryptoapi noauto=1 aes=1 twofish=1 (only these ciphers)
-+ * modprobe ipsec_cryptoapi aes=128,128 (force these keylens)
-+ * modprobe ipsec_cryptoapi des_ede3=0 (everything but 3DES)
-+ */
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+
-+/*
-+ * special case: ipsec core modular with this static algo inside:
-+ * must avoid MODULE magic for this file
-+ */
-+#if defined(CONFIG_KLIPS_MODULE) && defined(CONFIG_KLIPS_ENC_CRYPTOAPI)
-+#undef MODULE
-+#endif
-+
-+#include <linux/module.h>
-+#include <linux/init.h>
-+
-+#include <linux/kernel.h> /* printk() */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/string.h>
-+
-+/* Check if __exit is defined, if not null it */
-+#ifndef __exit
-+#define __exit
-+#endif
-+
-+/* warn the innocent */
-+#if !defined (CONFIG_CRYPTO) && !defined (CONFIG_CRYPTO_MODULE)
-+#warning "No linux CryptoAPI found, install 2.4.22+ or 2.6.x"
-+#define NO_CRYPTOAPI_SUPPORT
-+#endif
-+
-+#include "openswan.h"
-+#include "openswan/ipsec_alg.h"
-+#include "openswan/ipsec_policy.h"
-+
-+#include <linux/crypto.h>
-+#ifdef CRYPTO_API_VERSION_CODE
-+#warning "Old CryptoAPI is not supported. Only linux-2.4.22+ or linux-2.6.x are supported"
-+#define NO_CRYPTOAPI_SUPPORT
-+#endif
-+
-+#ifdef NO_CRYPTOAPI_SUPPORT
-+#warning "Building an unusable module :P"
-+/* Catch old CryptoAPI by not allowing module to load */
-+IPSEC_ALG_MODULE_INIT_STATIC( ipsec_cryptoapi_init )
-+{
-+ printk(KERN_WARNING "ipsec_cryptoapi.o was not built on stock Linux CryptoAPI (2.4.22+ or 2.6.x), not loading.\n");
-+ return -EINVAL;
-+}
-+#else
-+#include <asm/scatterlist.h>
-+#include <asm/pgtable.h>
-+#include <linux/mm.h>
-+
-+#define CIPHERNAME_AES "aes"
-+#define CIPHERNAME_1DES "des"
-+#define CIPHERNAME_3DES "des3_ede"
-+#define CIPHERNAME_BLOWFISH "blowfish"
-+#define CIPHERNAME_CAST "cast5"
-+#define CIPHERNAME_SERPENT "serpent"
-+#define CIPHERNAME_TWOFISH "twofish"
-+
-+#define ESP_SERPENT 252 /* from ipsec drafts */
-+#define ESP_TWOFISH 253 /* from ipsec drafts */
-+
-+#define DIGESTNAME_MD5 "md5"
-+#define DIGESTNAME_SHA1 "sha1"
-+
-+MODULE_AUTHOR("Juanjo Ciarlante, Harpo MAxx, Luciano Ruete");
-+static int debug_crypto=0;
-+static int test_crypto=0;
-+static int excl_crypto=0;
-+
-+static int noauto = 0;
-+
-+#ifdef module_param
-+module_param(debug_crypto,int,0600)
-+module_param(test_crypto,int,0600)
-+module_param(excl_crypto,int,0600)
-+
-+module_param(noauto,int,0600)
-+#else
-+MODULE_PARM(debug_crypto, "i");
-+MODULE_PARM(test_crypto, "i");
-+MODULE_PARM(excl_crypto, "i");
-+
-+MODULE_PARM(noauto,"i");
-+#endif
-+MODULE_PARM_DESC(noauto, "Dont try all known algos, just setup enabled ones");
-+
-+#ifdef CONFIG_KLIPS_ENC_1DES
-+static int des_ede1[] = {-1, -1};
-+#endif
-+static int des_ede3[] = {-1, -1};
-+static int aes[] = {-1, -1};
-+static int blowfish[] = {-1, -1};
-+static int cast[] = {-1, -1};
-+static int serpent[] = {-1, -1};
-+static int twofish[] = {-1, -1};
-+
-+#ifdef CONFIG_KLIPS_ENC_1DES
-+#ifdef module_param
-+module_param_array(des_ede1,int,NULL,0)
-+#else
-+MODULE_PARM(des_ede1,"1-2i");
-+#endif
-+#endif
-+#ifdef module_param
-+module_param_array(des_ede3,int,NULL,0)
-+module_param_array(aes,int,NULL,0)
-+module_param_array(blowfish,int,NULL,0)
-+module_param_array(cast,int,NULL,0)
-+module_param_array(serpent,int,NULL,0)
-+module_param_array(twofish,int,NULL,0)
-+#else
-+MODULE_PARM(des_ede3,"1-2i");
-+MODULE_PARM(aes,"1-2i");
-+MODULE_PARM(blowfish,"1-2i");
-+MODULE_PARM(cast,"1-2i");
-+MODULE_PARM(serpent,"1-2i");
-+MODULE_PARM(twofish,"1-2i");
-+#endif
-+MODULE_PARM_DESC(des_ede1, "0: disable | 1: force_enable | min,max: dontuse");
-+MODULE_PARM_DESC(des_ede3, "0: disable | 1: force_enable | min,max: dontuse");
-+MODULE_PARM_DESC(aes, "0: disable | 1: force_enable | min,max: keybitlens");
-+MODULE_PARM_DESC(blowfish, "0: disable | 1: force_enable | min,max: keybitlens");
-+MODULE_PARM_DESC(cast, "0: disable | 1: force_enable | min,max: keybitlens");
-+MODULE_PARM_DESC(serpent, "0: disable | 1: force_enable | min,max: keybitlens");
-+MODULE_PARM_DESC(twofish, "0: disable | 1: force_enable | min,max: keybitlens");
-+
-+struct ipsec_alg_capi_cipher {
-+ const char *ciphername; /* cryptoapi's ciphername */
-+ unsigned blocksize;
-+ unsigned short minbits;
-+ unsigned short maxbits;
-+ int *parm; /* lkm param for this cipher */
-+ struct ipsec_alg_enc alg; /* note it's not a pointer */
-+};
-+
-+static struct ipsec_alg_capi_cipher alg_capi_carray[] = {
-+ { CIPHERNAME_AES, 16, 128, 256, aes, { ixt_common:{ ixt_support:{ ias_id: ESP_AES}}}},
-+ { CIPHERNAME_TWOFISH, 16, 128, 256, twofish, { ixt_common:{ ixt_support:{ ias_id: ESP_TWOFISH,}}}},
-+ { CIPHERNAME_SERPENT, 16, 128, 256, serpent, { ixt_common:{ ixt_support:{ ias_id: ESP_SERPENT,}}}},
-+ { CIPHERNAME_CAST, 8, 128, 128, cast , { ixt_common:{ ixt_support:{ ias_id: ESP_CAST,}}}},
-+ { CIPHERNAME_BLOWFISH, 8, 96, 448, blowfish, { ixt_common:{ ixt_support:{ ias_id: ESP_BLOWFISH,}}}},
-+ { CIPHERNAME_3DES, 8, 192, 192, des_ede3, { ixt_common:{ ixt_support:{ ias_id: ESP_3DES,}}}},
-+#ifdef CONFIG_KLIPS_ENC_1DES
-+ { CIPHERNAME_1DES, 8, 64, 64, des_ede1, { ixt_common:{ ixt_support:{ ias_id: ESP_DES,}}}},
-+#endif
-+ { NULL, 0, 0, 0, NULL, {} }
-+};
-+
-+#ifdef NOT_YET
-+struct ipsec_alg_capi_digest {
-+ const char *digestname; /* cryptoapi's digestname */
-+ struct digest_implementation *di;
-+ struct ipsec_alg_auth alg; /* note it's not a pointer */
-+};
-+static struct ipsec_alg_capi_cipher alg_capi_darray[] = {
-+ { DIGESTNAME_MD5, NULL, { ixt_alg_id: AH_MD5, }},
-+ { DIGESTNAME_SHA1, NULL, { ixt_alg_id: AH_SHA, }},
-+ { NULL, NULL, {} }
-+};
-+#endif
-+/*
-+ * "generic" linux cryptoapi setup_cipher() function
-+ */
-+int setup_cipher(const char *ciphername)
-+{
-+ return crypto_alg_available(ciphername, 0);
-+}
-+
-+/*
-+ * setups ipsec_alg_capi_cipher "hyper" struct components, calling
-+ * register_ipsec_alg for cointaned ipsec_alg object
-+ */
-+static void _capi_destroy_key (struct ipsec_alg_enc *alg, __u8 *key_e);
-+static __u8 * _capi_new_key (struct ipsec_alg_enc *alg, const __u8 *key, size_t keylen);
-+static int _capi_cbc_encrypt(struct ipsec_alg_enc *alg, __u8 * key_e, __u8 * in, int ilen, const __u8 * iv, int encrypt);
-+
-+static int
-+setup_ipsec_alg_capi_cipher(struct ipsec_alg_capi_cipher *cptr)
-+{
-+ int ret;
-+ cptr->alg.ixt_common.ixt_version = IPSEC_ALG_VERSION;
-+ cptr->alg.ixt_common.ixt_module = THIS_MODULE;
-+ atomic_set (& cptr->alg.ixt_common.ixt_refcnt, 0);
-+ strncpy (cptr->alg.ixt_common.ixt_name , cptr->ciphername, sizeof (cptr->alg.ixt_common.ixt_name));
-+
-+ cptr->alg.ixt_common.ixt_blocksize=cptr->blocksize;
-+ cptr->alg.ixt_common.ixt_support.ias_keyminbits=cptr->minbits;
-+ cptr->alg.ixt_common.ixt_support.ias_keymaxbits=cptr->maxbits;
-+ cptr->alg.ixt_common.ixt_state = 0;
-+ if (excl_crypto) cptr->alg.ixt_common.ixt_state |= IPSEC_ALG_ST_EXCL;
-+ cptr->alg.ixt_e_keylen=cptr->alg.ixt_common.ixt_support.ias_keymaxbits/8;
-+ cptr->alg.ixt_e_ctx_size = 0;
-+ cptr->alg.ixt_common.ixt_support.ias_exttype = IPSEC_ALG_TYPE_ENCRYPT;
-+ cptr->alg.ixt_e_new_key = _capi_new_key;
-+ cptr->alg.ixt_e_destroy_key = _capi_destroy_key;
-+ cptr->alg.ixt_e_cbc_encrypt = _capi_cbc_encrypt;
-+ cptr->alg.ixt_common.ixt_data = cptr;
-+
-+ ret=register_ipsec_alg_enc(&cptr->alg);
-+ printk(KERN_INFO "KLIPS cryptoapi interface: "
-+ "alg_type=%d alg_id=%d name=%s "
-+ "keyminbits=%d keymaxbits=%d, %s(%d)\n",
-+ cptr->alg.ixt_common.ixt_support.ias_exttype,
-+ cptr->alg.ixt_common.ixt_support.ias_id,
-+ cptr->alg.ixt_common.ixt_name,
-+ cptr->alg.ixt_common.ixt_support.ias_keyminbits,
-+ cptr->alg.ixt_common.ixt_support.ias_keymaxbits,
-+ ret ? "not found" : "found", ret);
-+ return ret;
-+}
-+/*
-+ * called in ipsec_sa_wipe() time, will destroy key contexts
-+ * and do 1 unbind()
-+ */
-+static void
-+_capi_destroy_key (struct ipsec_alg_enc *alg, __u8 *key_e)
-+{
-+ struct crypto_tfm *tfm=(struct crypto_tfm*)key_e;
-+
-+ if (debug_crypto > 0)
-+ printk(KERN_DEBUG "klips_debug: _capi_destroy_key:"
-+ "name=%s key_e=%p \n",
-+ alg->ixt_common.ixt_name, key_e);
-+ if (!key_e) {
-+ printk(KERN_ERR "klips_debug: _capi_destroy_key:"
-+ "name=%s NULL key_e!\n",
-+ alg->ixt_common.ixt_name);
-+ return;
-+ }
-+ crypto_free_tfm(tfm);
-+}
-+
-+/*
-+ * create new key context, need alg->ixt_data to know which
-+ * (of many) cipher inside this module is the target
-+ */
-+static __u8 *
-+_capi_new_key (struct ipsec_alg_enc *alg, const __u8 *key, size_t keylen)
-+{
-+ struct ipsec_alg_capi_cipher *cptr;
-+ struct crypto_tfm *tfm=NULL;
-+
-+ cptr = alg->ixt_common.ixt_data;
-+ if (!cptr) {
-+ printk(KERN_ERR "_capi_new_key(): "
-+ "NULL ixt_data (?!) for \"%s\" algo\n"
-+ , alg->ixt_common.ixt_name);
-+ goto err;
-+ }
-+ if (debug_crypto > 0)
-+ printk(KERN_DEBUG "klips_debug:_capi_new_key:"
-+ "name=%s cptr=%p key=%p keysize=%d\n",
-+ alg->ixt_common.ixt_name, cptr, key, keylen);
-+
-+ /*
-+ * alloc tfm
-+ */
-+ tfm = crypto_alloc_tfm(cptr->ciphername, CRYPTO_TFM_MODE_CBC);
-+ if (!tfm) {
-+ printk(KERN_ERR "_capi_new_key(): "
-+ "NULL tfm for \"%s\" cryptoapi (\"%s\") algo\n"
-+ , alg->ixt_common.ixt_name, cptr->ciphername);
-+ goto err;
-+ }
-+ if (crypto_cipher_setkey(tfm, key, keylen) < 0) {
-+ printk(KERN_ERR "_capi_new_key(): "
-+ "failed new_key() for \"%s\" cryptoapi algo (keylen=%d)\n"
-+ , alg->ixt_common.ixt_name, keylen);
-+ crypto_free_tfm(tfm);
-+ tfm=NULL;
-+ }
-+err:
-+ if (debug_crypto > 0)
-+ printk(KERN_DEBUG "klips_debug:_capi_new_key:"
-+ "name=%s key=%p keylen=%d tfm=%p\n",
-+ alg->ixt_common.ixt_name, key, keylen, tfm);
-+ return (__u8 *) tfm;
-+}
-+/*
-+ * core encryption function: will use cx->ci to call actual cipher's
-+ * cbc function
-+ */
-+static int
-+_capi_cbc_encrypt(struct ipsec_alg_enc *alg, __u8 * key_e, __u8 * in, int ilen, const __u8 * iv, int encrypt) {
-+ int error =0;
-+ struct crypto_tfm *tfm=(struct crypto_tfm *)key_e;
-+ struct scatterlist sg = {
-+ .page = virt_to_page(in),
-+ .offset = (unsigned long)(in) % PAGE_SIZE,
-+ .length=ilen,
-+ };
-+ if (debug_crypto > 1)
-+ printk(KERN_DEBUG "klips_debug:_capi_cbc_encrypt:"
-+ "key_e=%p "
-+ "in=%p out=%p ilen=%d iv=%p encrypt=%d\n"
-+ , key_e
-+ , in, in, ilen, iv, encrypt);
-+ crypto_cipher_set_iv(tfm, iv, crypto_tfm_alg_ivsize(tfm));
-+ if (encrypt)
-+ error = crypto_cipher_encrypt (tfm, &sg, &sg, ilen);
-+ else
-+ error = crypto_cipher_decrypt (tfm, &sg, &sg, ilen);
-+ if (debug_crypto > 1)
-+ printk(KERN_DEBUG "klips_debug:_capi_cbc_encrypt:"
-+ "error=%d\n"
-+ , error);
-+ return (error<0)? error : ilen;
-+}
-+/*
-+ * main initialization loop: for each cipher in list, do
-+ * 1) setup cryptoapi cipher else continue
-+ * 2) register ipsec_alg object
-+ */
-+static int
-+setup_cipher_list (struct ipsec_alg_capi_cipher* clist)
-+{
-+ struct ipsec_alg_capi_cipher *cptr;
-+ /* foreach cipher in list ... */
-+ for (cptr=clist;cptr->ciphername;cptr++) {
-+ /*
-+ * see if cipher has been disabled (0) or
-+ * if noauto set and not enabled (1)
-+ */
-+ if (cptr->parm[0] == 0 || (noauto && cptr->parm[0] < 0)) {
-+ if (debug_crypto>0)
-+ printk(KERN_INFO "setup_cipher_list(): "
-+ "ciphername=%s skipped at user request: "
-+ "noauto=%d parm[0]=%d parm[1]=%d\n"
-+ , cptr->ciphername
-+ , noauto
-+ , cptr->parm[0]
-+ , cptr->parm[1]);
-+ continue;
-+ }
-+ /*
-+ * use a local ci to avoid touching cptr->ci,
-+ * if register ipsec_alg success then bind cipher
-+ */
-+ if(cptr->alg.ixt_common.ixt_support.ias_name == NULL) {
-+ cptr->alg.ixt_common.ixt_support.ias_name = cptr->ciphername;
-+ }
-+
-+ if( setup_cipher(cptr->ciphername) ) {
-+ if (debug_crypto > 0)
-+ printk(KERN_DEBUG "klips_debug:"
-+ "setup_cipher_list():"
-+ "ciphername=%s found\n"
-+ , cptr->ciphername);
-+
-+ if (setup_ipsec_alg_capi_cipher(cptr) != 0) {
-+ printk(KERN_ERR "klips_debug:"
-+ "setup_cipher_list():"
-+ "ciphername=%s failed ipsec_alg_register\n"
-+ , cptr->ciphername);
-+ }
-+ } else {
-+ printk(KERN_INFO "KLIPS: lookup for ciphername=%s: not found \n",
-+ cptr->ciphername);
-+ }
-+ }
-+ return 0;
-+}
-+/*
-+ * deregister ipsec_alg objects and unbind ciphers
-+ */
-+static int
-+unsetup_cipher_list (struct ipsec_alg_capi_cipher* clist)
-+{
-+ struct ipsec_alg_capi_cipher *cptr;
-+ /* foreach cipher in list ... */
-+ for (cptr=clist;cptr->ciphername;cptr++) {
-+ if (cptr->alg.ixt_common.ixt_state & IPSEC_ALG_ST_REGISTERED) {
-+ unregister_ipsec_alg_enc(&cptr->alg);
-+ }
-+ }
-+ return 0;
-+}
-+/*
-+ * test loop for registered algos
-+ */
-+static int
-+test_cipher_list (struct ipsec_alg_capi_cipher* clist)
-+{
-+ int test_ret;
-+ struct ipsec_alg_capi_cipher *cptr;
-+ /* foreach cipher in list ... */
-+ for (cptr=clist;cptr->ciphername;cptr++) {
-+ if (cptr->alg.ixt_common.ixt_state & IPSEC_ALG_ST_REGISTERED) {
-+ test_ret=ipsec_alg_test(
-+ cptr->alg.ixt_common.ixt_support.ias_exttype,
-+ cptr->alg.ixt_common.ixt_support.ias_id,
-+ test_crypto);
-+ printk("test_cipher_list(alg_type=%d alg_id=%d): test_ret=%d\n",
-+ cptr->alg.ixt_common.ixt_support.ias_exttype,
-+ cptr->alg.ixt_common.ixt_support.ias_id,
-+ test_ret);
-+ }
-+ }
-+ return 0;
-+}
-+
-+IPSEC_ALG_MODULE_INIT_STATIC( ipsec_cryptoapi_init )
-+{
-+ int ret, test_ret;
-+ if ((ret=setup_cipher_list(alg_capi_carray)) < 0)
-+ return -EPROTONOSUPPORT;
-+ if (ret==0 && test_crypto) {
-+ test_ret=test_cipher_list(alg_capi_carray);
-+ }
-+ return ret;
-+}
-+IPSEC_ALG_MODULE_EXIT_STATIC( ipsec_cryptoapi_fini )
-+{
-+ unsetup_cipher_list(alg_capi_carray);
-+ return;
-+}
-+#ifdef MODULE_LICENSE
-+MODULE_LICENSE("GPL");
-+#endif
-+
-+#endif /* NO_CRYPTOAPI_SUPPORT */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_esp.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,615 @@
-+/*
-+ * processing code for ESP
-+ * Copyright (C) 2003 Michael Richardson <mcr@sandelman.ottawa.on.ca>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ */
-+
-+char ipsec_esp_c_version[] = "RCSID $Id: ipsec_esp.c,v 1.13.2.7 2007-09-05 02:56:09 paul Exp $";
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+
-+#define __NO_VERSION__
-+#include <linux/module.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "openswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/interrupt.h> /* mark_bh */
-+
-+#include <linux/netdevice.h> /* struct device, and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+#include <linux/skbuff.h>
-+#include <openswan.h>
-+#ifdef SPINLOCK
-+# ifdef SPINLOCK_23
-+# include <linux/spinlock.h> /* *lock* */
-+# else /* SPINLOCK_23 */
-+# include <asm/spinlock.h> /* *lock* */
-+# endif /* SPINLOCK_23 */
-+#endif /* SPINLOCK */
-+
-+#include <net/ip.h>
-+#include <net/protocol.h>
-+
-+#include "openswan/radij.h"
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_sa.h"
-+
-+#include "openswan/ipsec_radij.h"
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_tunnel.h"
-+#include "openswan/ipsec_rcv.h"
-+#include "openswan/ipsec_xmit.h"
-+
-+#include "openswan/ipsec_auth.h"
-+
-+#ifdef CONFIG_KLIPS_ESP
-+#include "openswan/ipsec_esp.h"
-+#endif /* CONFIG_KLIPS_ESP */
-+
-+#include "openswan/ipsec_proto.h"
-+#include "openswan/ipsec_alg.h"
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+#define ESP_DMP(_x,_y,_z) if(debug_rcv && sysctl_ipsec_debug_verbose) ipsec_dmp_block(_x,_y,_z)
-+#else
-+#define ESP_DMP(_x,_y,_z)
-+#endif
-+
-+#ifdef CONFIG_KLIPS_ESP
-+enum ipsec_rcv_value
-+ipsec_rcv_esp_checks(struct ipsec_rcv_state *irs,
-+ struct sk_buff *skb)
-+{
-+ __u8 proto;
-+ int len; /* packet length */
-+
-+ len = skb->len;
-+ proto = irs->ipp->protocol;
-+
-+ /* XXX this will need to be 8 for IPv6 */
-+ if ((proto == IPPROTO_ESP) && ((len - irs->iphlen) % 4)) {
-+ printk("klips_error:ipsec_rcv: "
-+ "got packet with content length = %d from %s -- should be on 4 octet boundary, packet dropped\n",
-+ len - irs->iphlen,
-+ irs->ipsaddr_txt);
-+ if(irs->stats) {
-+ irs->stats->rx_errors++;
-+ }
-+ return IPSEC_RCV_BADLEN;
-+ }
-+
-+ if(skb->len < (irs->hard_header_len + sizeof(struct iphdr) + sizeof(struct esphdr))) {
-+ KLIPS_PRINT(debug_rcv & DB_RX_INAU,
-+ "klips_debug:ipsec_rcv: "
-+ "runt esp packet of skb->len=%d received from %s, dropped.\n",
-+ skb->len,
-+ irs->ipsaddr_txt);
-+ if(irs->stats) {
-+ irs->stats->rx_errors++;
-+ }
-+ return IPSEC_RCV_BADLEN;
-+ }
-+
-+ irs->protostuff.espstuff.espp = (struct esphdr *)skb_transport_header(skb);
-+ irs->said.spi = irs->protostuff.espstuff.espp->esp_spi;
-+
-+ return IPSEC_RCV_OK;
-+}
-+
-+enum ipsec_rcv_value
-+ipsec_rcv_esp_decrypt_setup(struct ipsec_rcv_state *irs,
-+ struct sk_buff *skb,
-+ __u32 *replay,
-+ unsigned char **authenticator)
-+{
-+ struct esphdr *espp = irs->protostuff.espstuff.espp;
-+ //unsigned char *idat = (unsigned char *)espp;
-+
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "packet from %s received with seq=%d (iv)=0x%08x%08x iplen=%d esplen=%d sa=%s\n",
-+ irs->ipsaddr_txt,
-+ (__u32)ntohl(espp->esp_rpl),
-+ (__u32)ntohl(*((__u32 *)(espp->esp_iv) )),
-+ (__u32)ntohl(*((__u32 *)(espp->esp_iv) + 1)),
-+ irs->len,
-+ irs->ilen,
-+ irs->sa_len ? irs->sa : " (error)");
-+
-+ *replay = ntohl(espp->esp_rpl);
-+ *authenticator = &(skb_transport_header(skb)[irs->ilen]);
-+
-+ return IPSEC_RCV_OK;
-+}
-+
-+enum ipsec_rcv_value
-+ipsec_rcv_esp_authcalc(struct ipsec_rcv_state *irs,
-+ struct sk_buff *skb)
-+{
-+ struct auth_alg *aa;
-+ struct esphdr *espp = irs->protostuff.espstuff.espp;
-+ union {
-+ MD5_CTX md5;
-+ SHA1_CTX sha1;
-+ } tctx;
-+
-+#ifdef CONFIG_KLIPS_ALG
-+ if (irs->ipsp->ips_alg_auth) {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "ipsec_alg hashing proto=%d... ",
-+ irs->said.proto);
-+ if(irs->said.proto == IPPROTO_ESP) {
-+ ipsec_alg_sa_esp_hash(irs->ipsp,
-+ (caddr_t)espp, irs->ilen,
-+ irs->hash, AHHMAC_HASHLEN);
-+ return IPSEC_RCV_OK;
-+ }
-+ return IPSEC_RCV_BADPROTO;
-+ }
-+#endif
-+ aa = irs->authfuncs;
-+
-+ /* copy the initialized keying material */
-+ memcpy(&tctx, irs->ictx, irs->ictx_len);
-+
-+#ifdef HASH_DEBUG
-+ ESP_DMP("ictx", irs->ictx, irs->ictx_len);
-+
-+ ESP_DMP("mac_esp", (caddr_t)espp, irs->ilen);
-+#endif
-+ (*aa->update)((void *)&tctx, (caddr_t)espp, irs->ilen);
-+
-+ (*aa->final)(irs->hash, (void *)&tctx);
-+
-+#ifdef HASH_DEBUG
-+ ESP_DMP("hash1", irs->hash, aa->hashlen);
-+#endif
-+
-+ memcpy(&tctx, irs->octx, irs->octx_len);
-+
-+#ifdef HASH_DEBUG
-+ ESP_DMP("octx", irs->octx, irs->octx_len);
-+#endif
-+
-+ (*aa->update)((void *)&tctx, irs->hash, aa->hashlen);
-+ (*aa->final)(irs->hash, (void *)&tctx);
-+
-+ return IPSEC_RCV_OK;
-+}
-+
-+
-+enum ipsec_rcv_value
-+ipsec_rcv_esp_decrypt(struct ipsec_rcv_state *irs)
-+{
-+ struct ipsec_sa *ipsp = irs->ipsp;
-+ struct esphdr *espp = irs->protostuff.espstuff.espp;
-+ int i;
-+ int pad = 0, padlen;
-+ int badpad = 0;
-+ int esphlen = 0;
-+ __u8 *idat; /* pointer to content to be decrypted/authenticated */
-+ int encaplen = 0;
-+ struct sk_buff *skb;
-+ struct ipsec_alg_enc *ixt_e=NULL;
-+
-+#ifdef CONFIG_KLIPS_ALG
-+ skb=irs->skb;
-+
-+ idat = skb_transport_header(skb);
-+
-+ /* encaplen is the distance between the end of the IP
-+ * header and the beginning of the ESP header.
-+ * on ESP headers it is zero, but on UDP-encap ESP
-+ * it includes the space for the UDP header.
-+ *
-+ * Note: UDP-encap code has already moved the
-+ * skb->data forward to accomodate this.
-+ */
-+ encaplen = skb_transport_header(skb) - (skb_network_header(skb) + irs->iphlen);
-+
-+ ixt_e=ipsp->ips_alg_enc;
-+ esphlen = ESP_HEADER_LEN + ixt_e->ixt_common.ixt_support.ias_ivlen/8;
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "encalg=%d esphlen=%d\n",
-+ ipsp->ips_encalg, esphlen);
-+
-+ idat += esphlen;
-+ irs->ilen -= esphlen;
-+
-+ if (ipsec_alg_esp_encrypt(ipsp,
-+ idat, irs->ilen, espp->esp_iv,
-+ IPSEC_ALG_DECRYPT) <= 0) {
-+#ifdef CONFIG_KLIPS_DEBUG
-+ KLIPS_ERROR(debug_rcv, "klips_error:ipsec_rcv: "
-+ "got packet with esplen = %d "
-+ "from %s -- should be on "
-+ "ENC(%d) octet boundary, "
-+ "packet dropped\n",
-+ irs->ilen,
-+ irs->ipsaddr_txt,
-+ ipsp->ips_encalg);
-+#endif
-+ if(irs->stats) {
-+ irs->stats->rx_errors++;
-+ }
-+ return IPSEC_RCV_BAD_DECRYPT;
-+#endif /* CONFIG_KLIPS_ALG */
-+ }
-+
-+ ESP_DMP("postdecrypt", idat, irs->ilen);
-+
-+ irs->next_header = idat[irs->ilen - 1];
-+ padlen = idat[irs->ilen - 2];
-+ pad = padlen + 2 + irs->authlen;
-+
-+ KLIPS_PRINT(debug_rcv & DB_RX_IPAD,
-+ "klips_debug:ipsec_rcv: "
-+ "padlen=%d, contents: 0x<offset>: 0x<value> 0x<value> ...\n",
-+ padlen);
-+
-+ for (i = 1; i <= padlen; i++) {
-+ if((i % 16) == 1) {
-+ KLIPS_PRINT(debug_rcv & DB_RX_IPAD,
-+ "klips_debug: %02x:",
-+ i - 1);
-+ }
-+ KLIPS_PRINTMORE(debug_rcv & DB_RX_IPAD,
-+ " %02x",
-+ idat[irs->ilen - 2 - padlen + i - 1]);
-+ if(i != idat[irs->ilen - 2 - padlen + i - 1]) {
-+ badpad = 1;
-+ }
-+ if((i % 16) == 0) {
-+ KLIPS_PRINTMORE(debug_rcv & DB_RX_IPAD,
-+ "\n");
-+ }
-+ }
-+ if((i % 16) != 1) {
-+ KLIPS_PRINTMORE(debug_rcv & DB_RX_IPAD,
-+ "\n");
-+ }
-+ if(badpad) {
-+ KLIPS_PRINT(debug_rcv & DB_RX_IPAD,
-+ "klips_debug:ipsec_rcv: "
-+ "warning, decrypted packet from %s has bad padding\n",
-+ irs->ipsaddr_txt);
-+ KLIPS_PRINT(debug_rcv & DB_RX_IPAD,
-+ "klips_debug:ipsec_rcv: "
-+ "...may be bad decryption -- not dropped\n");
-+ ipsp->ips_errs.ips_encpad_errs += 1;
-+ }
-+
-+ KLIPS_PRINT(debug_rcv & DB_RX_IPAD,
-+ "klips_debug:ipsec_rcv: "
-+ "packet decrypted from %s: next_header = %d, padding = %d\n",
-+ irs->ipsaddr_txt,
-+ irs->next_header,
-+ pad - 2 - irs->authlen);
-+
-+ irs->ipp->tot_len = htons(ntohs(irs->ipp->tot_len) - (esphlen + pad));
-+
-+ /*
-+ * move the IP header forward by the size of the ESP header, which
-+ * will remove the the ESP header from the packet.
-+ *
-+ * XXX this is really unnecessary, since odds we are in tunnel
-+ * mode, and we will be *removing* this IP header.
-+ *
-+ */
-+ memmove((void *)(idat - irs->iphlen),
-+ (void *)(skb_network_header(skb)), irs->iphlen);
-+
-+ ESP_DMP("esp postmove", (idat - irs->iphlen),
-+ irs->iphlen + irs->ilen);
-+
-+ /* skb_pull below, will move up by esphlen */
-+
-+ /* XXX not clear how this can happen, as the message indicates */
-+ if(skb->len < esphlen) {
-+ printk(KERN_WARNING
-+ "klips_error:ipsec_rcv: "
-+ "tried to skb_pull esphlen=%d, %d available. This should never happen, please report.\n",
-+ esphlen, (int)(skb->len));
-+ return IPSEC_RCV_ESP_DECAPFAIL;
-+ }
-+ skb_pull(skb, esphlen);
-+ skb_set_network_header(skb, ipsec_skb_offset(skb, idat - irs->iphlen));
-+ irs->ipp = ip_hdr(skb);
-+
-+ ESP_DMP("esp postpull", skb->data, skb->len);
-+
-+ /* now, trip off the padding from the end */
-+ KLIPS_PRINT(debug_rcv & DB_RX_PKTRX,
-+ "klips_debug:ipsec_rcv: "
-+ "trimming to %d.\n",
-+ irs->len - esphlen - pad);
-+ if(pad + esphlen <= irs->len) {
-+ skb_trim(skb, irs->len - esphlen - pad);
-+ } else {
-+ KLIPS_PRINT(debug_rcv & DB_RX_PKTRX,
-+ "klips_debug:ipsec_rcv: "
-+ "bogus packet, size is zero or negative, dropping.\n");
-+ return IPSEC_RCV_DECAPFAIL;
-+ }
-+
-+ return IPSEC_RCV_OK;
-+}
-+
-+/*
-+ *
-+ */
-+enum ipsec_xmit_value
-+ipsec_xmit_esp_setup(struct ipsec_xmit_state *ixs)
-+{
-+#ifdef CONFIG_KLIPS_ENC_3DES
-+ __u32 iv[2];
-+#endif
-+ struct esphdr *espp;
-+ int ilen = 0;
-+ int padlen = 0, i;
-+ unsigned char *dat;
-+ unsigned char *idat, *pad;
-+ __u8 hash[AH_AMAX];
-+ union {
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_MD5
-+ MD5_CTX md5;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_MD5 */
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_SHA1
-+ SHA1_CTX sha1;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_SHA1 */
-+ } tctx;
-+
-+ dat = (unsigned char *)ixs->iph;
-+
-+ espp = (struct esphdr *)(dat + ixs->iphlen);
-+ espp->esp_spi = ixs->ipsp->ips_said.spi;
-+ espp->esp_rpl = htonl(++(ixs->ipsp->ips_replaywin_lastseq));
-+
-+ switch(ixs->ipsp->ips_encalg) {
-+#if defined(CONFIG_KLIPS_ENC_3DES)
-+#ifdef CONFIG_KLIPS_ENC_3DES
-+ case ESP_3DES:
-+#endif /* CONFIG_KLIPS_ENC_3DES */
-+ iv[0] = *((__u32*)&(espp->esp_iv) ) =
-+ ((__u32*)(ixs->ipsp->ips_iv))[0];
-+ iv[1] = *((__u32*)&(espp->esp_iv) + 1) =
-+ ((__u32*)(ixs->ipsp->ips_iv))[1];
-+ break;
-+#endif /* defined(CONFIG_KLIPS_ENC_3DES) */
-+ default:
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_ESP_BADALG;
-+ }
-+
-+ idat = dat + ixs->iphlen + sizeof(struct esphdr);
-+ ilen = ixs->skb->len - (ixs->iphlen + sizeof(struct esphdr) + ixs->authlen);
-+
-+ /* Self-describing padding */
-+ pad = &dat[ixs->skb->len - ixs->tailroom];
-+ padlen = ixs->tailroom - 2 - ixs->authlen;
-+ for (i = 0; i < padlen; i++) {
-+ pad[i] = i + 1;
-+ }
-+ dat[ixs->skb->len - ixs->authlen - 2] = padlen;
-+
-+ dat[ixs->skb->len - ixs->authlen - 1] = ixs->iph->protocol;
-+ ixs->iph->protocol = IPPROTO_ESP;
-+
-+ switch(ixs->ipsp->ips_encalg) {
-+#ifdef CONFIG_KLIPS_ENC_3DES
-+ case ESP_3DES:
-+ des_ede3_cbc_encrypt((des_cblock *)idat,
-+ (des_cblock *)idat,
-+ ilen,
-+ ((struct des_eks *)(ixs->ipsp->ips_key_e))[0].ks,
-+ ((struct des_eks *)(ixs->ipsp->ips_key_e))[1].ks,
-+ ((struct des_eks *)(ixs->ipsp->ips_key_e))[2].ks,
-+ (des_cblock *)iv, 1);
-+ break;
-+#endif /* CONFIG_KLIPS_ENC_3DES */
-+ default:
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_ESP_BADALG;
-+ }
-+
-+ switch(ixs->ipsp->ips_encalg) {
-+#if defined(CONFIG_KLIPS_ENC_3DES)
-+#ifdef CONFIG_KLIPS_ENC_3DES
-+ case ESP_3DES:
-+#endif /* CONFIG_KLIPS_ENC_3DES */
-+ /* XXX update IV with the last 8 octets of the encryption */
-+#if KLIPS_IMPAIRMENT_ESPIV_CBC_ATTACK
-+ ((__u32*)(ixs->ipsp->ips_iv))[0] =
-+ ((__u32 *)(idat))[(ilen >> 2) - 2];
-+ ((__u32*)(ixs->ipsp->ips_iv))[1] =
-+ ((__u32 *)(idat))[(ilen >> 2) - 1];
-+#else /* KLIPS_IMPAIRMENT_ESPIV_CBC_ATTACK */
-+ prng_bytes(&ipsec_prng, (char *)ixs->ipsp->ips_iv, EMT_ESPDES_IV_SZ);
-+#endif /* KLIPS_IMPAIRMENT_ESPIV_CBC_ATTACK */
-+ break;
-+#endif /* defined(CONFIG_KLIPS_ENC_3DES) */
-+ default:
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_ESP_BADALG;
-+ }
-+
-+ switch(ixs->ipsp->ips_authalg) {
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_MD5
-+ case AH_MD5:
-+ ipsec_xmit_dmp("espp", (char*)espp, ixs->skb->len - ixs->iphlen - ixs->authlen);
-+ tctx.md5 = ((struct md5_ctx*)(ixs->ipsp->ips_key_a))->ictx;
-+ ipsec_xmit_dmp("ictx", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Update(&tctx.md5, (caddr_t)espp, ixs->skb->len - ixs->iphlen - ixs->authlen);
-+ ipsec_xmit_dmp("ictx+dat", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Final(hash, &tctx.md5);
-+ ipsec_xmit_dmp("ictx hash", (char*)&hash, sizeof(hash));
-+ tctx.md5 = ((struct md5_ctx*)(ixs->ipsp->ips_key_a))->octx;
-+ ipsec_xmit_dmp("octx", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Update(&tctx.md5, hash, AHMD596_ALEN);
-+ ipsec_xmit_dmp("octx+hash", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Final(hash, &tctx.md5);
-+ ipsec_xmit_dmp("octx hash", (char*)&hash, sizeof(hash));
-+ memcpy(&(dat[ixs->skb->len - ixs->authlen]), hash, ixs->authlen);
-+
-+ /* paranoid */
-+ memset((caddr_t)&tctx.md5, 0, sizeof(tctx.md5));
-+ memset((caddr_t)hash, 0, sizeof(*hash));
-+ break;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_MD5 */
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_SHA1
-+ case AH_SHA:
-+ tctx.sha1 = ((struct sha1_ctx*)(ixs->ipsp->ips_key_a))->ictx;
-+ SHA1Update(&tctx.sha1, (caddr_t)espp, ixs->skb->len - ixs->iphlen - ixs->authlen);
-+ SHA1Final(hash, &tctx.sha1);
-+ tctx.sha1 = ((struct sha1_ctx*)(ixs->ipsp->ips_key_a))->octx;
-+ SHA1Update(&tctx.sha1, hash, AHSHA196_ALEN);
-+ SHA1Final(hash, &tctx.sha1);
-+ memcpy(&(dat[ixs->skb->len - ixs->authlen]), hash, ixs->authlen);
-+
-+ /* paranoid */
-+ memset((caddr_t)&tctx.sha1, 0, sizeof(tctx.sha1));
-+ memset((caddr_t)hash, 0, sizeof(*hash));
-+ break;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_SHA1 */
-+ case AH_NONE:
-+ break;
-+ default:
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_AH_BADALG;
-+ }
-+
-+ skb_set_transport_header(ixs->skb, ipsec_skb_offset(ixs->skb, espp));
-+
-+ return IPSEC_XMIT_OK;
-+}
-+
-+
-+struct xform_functions esp_xform_funcs[]={
-+ { rcv_checks: ipsec_rcv_esp_checks,
-+ rcv_setup_auth: ipsec_rcv_esp_decrypt_setup,
-+ rcv_calc_auth: ipsec_rcv_esp_authcalc,
-+ rcv_decrypt: ipsec_rcv_esp_decrypt,
-+
-+ xmit_setup: ipsec_xmit_esp_setup,
-+ xmit_headroom: sizeof(struct esphdr),
-+ xmit_needtailroom: 1,
-+ },
-+};
-+
-+#ifdef NET_26
-+struct inet_protocol esp_protocol = {
-+ .handler = ipsec_rcv,
-+ .no_policy = 1,
-+};
-+#else
-+struct inet_protocol esp_protocol =
-+{
-+ ipsec_rcv, /* ESP handler */
-+ NULL, /* TUNNEL error control */
-+#ifdef NETDEV_25
-+ 1, /* no policy */
-+#else
-+ 0, /* next */
-+ IPPROTO_ESP, /* protocol ID */
-+ 0, /* copy */
-+ NULL, /* data */
-+ "ESP" /* name */
-+#endif
-+};
-+#endif /* NET_26 */
-+
-+#endif /* !CONFIG_KLIPS_ESP */
-+
-+
-+/*
-+ * $Log: ipsec_esp.c,v $
-+ * Revision 1.13.2.7 2007-09-05 02:56:09 paul
-+ * Use the new ipsec_kversion macros by David to deal with 2.6.22 kernels.
-+ * Fixes based on David McCullough patch.
-+ *
-+ * Revision 1.13.2.6 2006/10/06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.13.2.5 2006/08/24 03:02:01 paul
-+ * Compile fixes for when CONFIG_KLIPS_DEBUG is not set. (bug #642)
-+ *
-+ * Revision 1.13.2.4 2006/05/06 03:07:38 ken
-+ * Pull in proper padsize->tailroom fix from #public
-+ * Need to do correct math on padlen since padsize is not equal to tailroom
-+ *
-+ * Revision 1.13.2.3 2006/05/05 03:58:04 ken
-+ * ixs->padsize becomes ixs->tailroom
-+ *
-+ * Revision 1.13.2.2 2006/05/01 14:36:03 mcr
-+ * use KLIPS_ERROR for fatal things.
-+ *
-+ * Revision 1.13.2.1 2006/04/20 16:33:06 mcr
-+ * remove all of CONFIG_KLIPS_ALG --- one can no longer build without it.
-+ * Fix in-kernel module compilation. Sub-makefiles do not work.
-+ *
-+ * Revision 1.13 2005/05/21 03:19:57 mcr
-+ * hash ctx is not really that interesting most of the time.
-+ *
-+ * Revision 1.12 2005/05/11 01:28:49 mcr
-+ * removed "poor-man"s OOP in favour of proper C structures.
-+ *
-+ * Revision 1.11 2005/04/29 05:10:22 mcr
-+ * removed from extraenous includes to make unit testing easier.
-+ *
-+ * Revision 1.10 2005/04/17 04:36:14 mcr
-+ * code now deals with ESP and UDP-ESP code.
-+ *
-+ * Revision 1.9 2005/04/15 19:52:30 mcr
-+ * adjustments to use proper skb fields for data.
-+ *
-+ * Revision 1.8 2004/09/14 00:22:57 mcr
-+ * adjustment of MD5* functions.
-+ *
-+ * Revision 1.7 2004/09/13 02:23:01 mcr
-+ * #define inet_protocol if necessary.
-+ *
-+ * Revision 1.6 2004/09/06 18:35:49 mcr
-+ * 2.6.8.1 gets rid of inet_protocol->net_protocol compatibility,
-+ * so adjust for that.
-+ *
-+ * Revision 1.5 2004/08/17 03:27:23 mcr
-+ * klips 2.6 edits.
-+ *
-+ * Revision 1.4 2004/08/04 15:57:07 mcr
-+ * moved des .h files to include/des/ *
-+ * included 2.6 protocol specific things
-+ * started at NAT-T support, but it will require a kernel patch.
-+ *
-+ * Revision 1.3 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.2 2004/04/06 02:49:25 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_init.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,641 @@
-+/*
-+ * @(#) Initialization code.
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998 - 2002 Richard Guy Briggs <rgb@freeswan.org>
-+ * 2001 - 2004 Michael Richardson <mcr@xelerance.com>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * /proc system code was split out into ipsec_proc.c after rev. 1.70.
-+ *
-+ */
-+
-+char ipsec_init_c_version[] = "RCSID $Id: ipsec_init.c,v 1.104.2.6 2007-11-16 03:31:52 paul Exp $";
-+
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+#include <linux/module.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "openswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/interrupt.h> /* mark_bh */
-+
-+#include <linux/netdevice.h> /* struct device, and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+#include <linux/in.h> /* struct sockaddr_in */
-+#include <linux/skbuff.h>
-+#include <linux/random.h> /* get_random_bytes() */
-+#include <net/protocol.h>
-+
-+#include <openswan.h>
-+
-+#ifdef SPINLOCK
-+# ifdef SPINLOCK_23
-+# include <linux/spinlock.h> /* *lock* */
-+# else /* 23_SPINLOCK */
-+# include <asm/spinlock.h> /* *lock* */
-+# endif /* 23_SPINLOCK */
-+#endif /* SPINLOCK */
-+
-+#include <net/ip.h>
-+
-+#ifdef CONFIG_PROC_FS
-+# include <linux/proc_fs.h>
-+#endif /* CONFIG_PROC_FS */
-+
-+#ifdef NETLINK_SOCK
-+# include <linux/netlink.h>
-+#else
-+# include <net/netlink.h>
-+#endif
-+
-+#include "openswan/radij.h"
-+
-+#include "openswan/ipsec_life.h"
-+#include "openswan/ipsec_stats.h"
-+#include "openswan/ipsec_sa.h"
-+
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_radij.h"
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_tunnel.h"
-+
-+#include "openswan/ipsec_rcv.h"
-+#include "openswan/ipsec_xmit.h"
-+#include "openswan/ipsec_ah.h"
-+#include "openswan/ipsec_esp.h"
-+
-+#ifdef CONFIG_KLIPS_IPCOMP
-+# include "openswan/ipcomp.h"
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+
-+#include "openswan/ipsec_proto.h"
-+#include "openswan/ipsec_alg.h"
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+#if defined(NET_26) && defined(CONFIG_IPSEC_NAT_TRAVERSAL)
-+#include <net/xfrmudp.h>
-+#endif
-+
-+#if defined(NET_26) && defined(CONFIG_IPSEC_NAT_TRAVERSAL) && !defined(HAVE_XFRM4_UDP_REGISTER)
-+#warning "You are trying to build KLIPS2.6 with NAT-T support, but you did not"
-+#error "properly apply the NAT-T patch to your 2.6 kernel source tree."
-+#endif
-+
-+#if !defined(CONFIG_KLIPS_ESP) && !defined(CONFIG_KLIPS_AH)
-+#error "kernel configuration must include ESP or AH"
-+#endif
-+
-+/*
-+ * seems to be present in 2.4.10 (Linus), but also in some RH and other
-+ * distro kernels of a lower number.
-+ */
-+#ifdef MODULE_LICENSE
-+MODULE_LICENSE("GPL");
-+#endif
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+int debug_eroute = 0;
-+int debug_spi = 0;
-+int debug_netlink = 0;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+struct prng ipsec_prng;
-+
-+
-+#if defined(NET_26) && defined(CONFIG_IPSEC_NAT_TRAVERSAL)
-+xfrm4_rcv_encap_t klips_old_encap = NULL;
-+#endif
-+
-+extern int ipsec_device_event(struct notifier_block *dnot, unsigned long event, void *ptr);
-+/*
-+ * the following structure is required so that we receive
-+ * event notifications when network devices are enabled and
-+ * disabled (ifconfig up and down).
-+ */
-+static struct notifier_block ipsec_dev_notifier={
-+ ipsec_device_event,
-+ NULL,
-+ 0
-+};
-+
-+#ifdef CONFIG_SYSCTL
-+extern int ipsec_sysctl_register(void);
-+extern void ipsec_sysctl_unregister(void);
-+#endif
-+
-+/*
-+ * inet_*_protocol returns void on 2.4.x, int on 2.6.x
-+ * So we need our own wrapper
-+ */
-+#if defined(NET_26) || defined(IPSKB_XFRM_TUNNEL_SIZE)
-+static inline int
-+openswan_inet_add_protocol(struct inet_protocol *prot, unsigned protocol,char *protstr)
-+{
-+ int err = inet_add_protocol(prot, protocol);
-+ if (err)
-+ printk(KERN_ERR "KLIPS: can not register %s protocol - recompile with CONFIG_INET_%s disabled or as module\n", protstr,protstr);
-+ return err;
-+
-+}
-+
-+static inline int
-+openswan_inet_del_protocol(struct inet_protocol *prot, unsigned protocol)
-+{
-+ return inet_del_protocol(prot, protocol);
-+}
-+
-+#else
-+static inline int
-+openswan_inet_add_protocol(struct inet_protocol *prot, unsigned protocol, char *protstr)
-+{
-+ inet_add_protocol(prot);
-+ return 0;
-+}
-+
-+static inline int
-+openswan_inet_del_protocol(struct inet_protocol *prot, unsigned protocol)
-+{
-+ inet_del_protocol(prot);
-+ return 0;
-+}
-+
-+#endif
-+
-+/* void */
-+int
-+ipsec_klips_init(void)
-+{
-+ int error = 0;
-+ unsigned char seed[256];
-+#ifdef CONFIG_KLIPS_ENC_3DES
-+ extern int des_check_key;
-+
-+ /* turn off checking of keys */
-+ des_check_key=0;
-+#endif /* CONFIG_KLIPS_ENC_3DES */
-+
-+ KLIPS_PRINT(1, "klips_info:ipsec_init: "
-+ "KLIPS startup, Openswan KLIPS IPsec stack version: %s\n",
-+ ipsec_version_code());
-+
-+ error |= ipsec_proc_init();
-+
-+#ifdef SPINLOCK
-+ ipsec_sadb.sadb_lock = SPIN_LOCK_UNLOCKED;
-+#else /* SPINLOCK */
-+ ipsec_sadb.sadb_lock = 0;
-+#endif /* SPINLOCK */
-+
-+#ifndef SPINLOCK
-+ tdb_lock.lock = 0;
-+ eroute_lock.lock = 0;
-+#endif /* !SPINLOCK */
-+
-+ error |= ipsec_sadb_init();
-+ error |= ipsec_radijinit();
-+
-+ error |= pfkey_init();
-+
-+ error |= register_netdevice_notifier(&ipsec_dev_notifier);
-+
-+#ifdef CONFIG_KLIPS_ESP
-+ error |= openswan_inet_add_protocol(&esp_protocol, IPPROTO_ESP,"ESP");
-+#endif /* CONFIG_KLIPS_ESP */
-+
-+#ifdef CONFIG_KLIPS_AH
-+ error |= openswan_inet_add_protocol(&ah_protocol, IPPROTO_AH,"AH");
-+#endif /* CONFIG_KLIPS_AH */
-+
-+/* we never actually link IPCOMP to the stack */
-+#ifdef IPCOMP_USED_ALONE
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ error |= openswan_inet_add_protocol(&comp_protocol, IPPROTO_COMP,"IPCOMP");
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+#endif
-+
-+ error |= ipsec_tunnel_init_devices();
-+
-+#if defined(NET_26) && defined(CONFIG_IPSEC_NAT_TRAVERSAL)
-+ /* register our ESP-UDP handler */
-+ if(udp4_register_esp_rcvencap(klips26_rcv_encap
-+ , &klips_old_encap)!=0) {
-+ printk(KERN_ERR "KLIPS: can not register klips_rcv_encap function\n");
-+ }
-+#endif
-+
-+
-+#ifdef CONFIG_SYSCTL
-+ error |= ipsec_sysctl_register();
-+#endif
-+
-+#ifdef CONFIG_KLIPS_ALG
-+ ipsec_alg_init();
-+#endif
-+
-+ get_random_bytes((void *)seed, sizeof(seed));
-+ prng_init(&ipsec_prng, seed, sizeof(seed));
-+
-+ return error;
-+}
-+
-+
-+/* void */
-+int
-+ipsec_cleanup(void)
-+{
-+ int error = 0;
-+
-+#ifdef CONFIG_SYSCTL
-+ ipsec_sysctl_unregister();
-+#endif
-+#if defined(NET_26) && defined(CONFIG_IPSEC_NAT_TRAVERSAL)
-+ if(udp4_unregister_esp_rcvencap(klips_old_encap) < 0) {
-+ printk(KERN_ERR "KLIPS: can not unregister klips_rcv_encap function\n");
-+ }
-+#endif
-+
-+ KLIPS_PRINT(debug_netlink, /* debug_tunnel & DB_TN_INIT, */
-+ "klips_debug:ipsec_cleanup: "
-+ "calling ipsec_tunnel_cleanup_devices.\n");
-+ error |= ipsec_tunnel_cleanup_devices();
-+
-+ KLIPS_PRINT(debug_netlink, "called ipsec_tunnel_cleanup_devices");
-+
-+/* we never actually link IPCOMP to the stack */
-+#ifdef IPCOMP_USED_ALONE
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ if (openswan_inet_del_protocol(&comp_protocol, IPPROTO_COMP) < 0)
-+ printk(KERN_INFO "klips_debug:ipsec_cleanup: "
-+ "comp close: can't remove protocol\n");
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+#endif /* IPCOMP_USED_ALONE */
-+
-+#ifdef CONFIG_KLIPS_AH
-+ if (openswan_inet_del_protocol(&ah_protocol, IPPROTO_AH) < 0)
-+ printk(KERN_INFO "klips_debug:ipsec_cleanup: "
-+ "ah close: can't remove protocol\n");
-+#endif /* CONFIG_KLIPS_AH */
-+
-+#ifdef CONFIG_KLIPS_ESP
-+ if (openswan_inet_del_protocol(&esp_protocol, IPPROTO_ESP) < 0)
-+ printk(KERN_INFO "klips_debug:ipsec_cleanup: "
-+ "esp close: can't remove protocol\n");
-+#endif /* CONFIG_KLIPS_ESP */
-+
-+ error |= unregister_netdevice_notifier(&ipsec_dev_notifier);
-+
-+ KLIPS_PRINT(debug_netlink, /* debug_tunnel & DB_TN_INIT, */
-+ "klips_debug:ipsec_cleanup: "
-+ "calling ipsec_sadb_cleanup.\n");
-+ error |= ipsec_sadb_cleanup(0);
-+ error |= ipsec_sadb_free();
-+
-+ KLIPS_PRINT(debug_netlink, /* debug_tunnel & DB_TN_INIT, */
-+ "klips_debug:ipsec_cleanup: "
-+ "calling ipsec_radijcleanup.\n");
-+ error |= ipsec_radijcleanup();
-+
-+ KLIPS_PRINT(debug_pfkey, /* debug_tunnel & DB_TN_INIT, */
-+ "klips_debug:ipsec_cleanup: "
-+ "calling pfkey_cleanup.\n");
-+ error |= pfkey_cleanup();
-+
-+ ipsec_proc_cleanup();
-+
-+ prng_final(&ipsec_prng);
-+
-+ return error;
-+}
-+
-+#ifdef MODULE
-+int
-+init_module(void)
-+{
-+ int error = 0;
-+
-+ error |= ipsec_klips_init();
-+ /*if (error)
-+ ipsec_cleanup();
-+ */
-+ return error;
-+}
-+
-+void
-+cleanup_module(void)
-+{
-+ KLIPS_PRINT(debug_netlink, /* debug_tunnel & DB_TN_INIT, */
-+ "klips_debug:cleanup_module: "
-+ "calling ipsec_cleanup.\n");
-+
-+ ipsec_cleanup();
-+
-+ KLIPS_PRINT(1, "klips_info:cleanup_module: "
-+ "ipsec module unloaded.\n");
-+}
-+#endif /* MODULE */
-+
-+/*
-+ * $Log: ipsec_init.c,v $
-+ * Revision 1.104.2.6 2007-11-16 03:31:52 paul
-+ * Added log message to openswan_inet_add_protocol() if we fail to register
-+ * our protocol with KLIPS (eg ESP because esp4 module is already loaded).
-+ * We didnt notice this failure before. We now return a proper error, but
-+ *
-+ * TODO:
-+ *
-+ * we still need to do a beter cleanup, as we're leaving files in /proc.
-+ * (calling cleanup_module() from init_module() if we see an error caused
-+ * its own kernel oopses).
-+ *
-+ * Revision 1.104.2.5 2007/09/05 02:36:57 paul
-+ * include ipsec_init.h. Added an ifdef. Patch by David McCullough
-+ *
-+ * Revision 1.104.2.4 2006/10/06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.104.2.3 2006/07/31 15:25:20 paul
-+ * Check for NETKEY backport in Debian using IPSKB_XFRM_TUNNEL_SIZE to
-+ * determine wether inet_add_protocol needs the protocol argument.
-+ *
-+ * Revision 1.104.2.2 2006/04/20 16:33:06 mcr
-+ * remove all of CONFIG_KLIPS_ALG --- one can no longer build without it.
-+ * Fix in-kernel module compilation. Sub-makefiles do not work.
-+ *
-+ * Revision 1.104.2.1 2005/08/12 01:18:20 ken
-+ * Warn people who don't have NAT-T patch applied, but try and compile NAT-T code
-+ *
-+ * Revision 1.105 2005/08/12 00:56:33 mcr
-+ * add warning for people who didn't apply nat-t patch.
-+ *
-+ * Revision 1.104 2005/07/08 15:51:41 mcr
-+ * removed duplicate NAT-T code.
-+ * if CONFIG_IPSEC_NAT_TRAVERSAL isn't defined, then there is no issue.
-+ *
-+ * Revision 1.103 2005/07/08 03:02:05 paul
-+ * Fixed garbled define that accidentally got commited to the real tree.
-+ *
-+ * Revision 1.102 2005/07/08 02:56:37 paul
-+ * gcc4 fixes that were not commited because vault was down
-+ *
-+ * Revision 1.101 2005/04/29 05:10:22 mcr
-+ * removed from extraenous includes to make unit testing easier.
-+ *
-+ * Revision 1.100 2005/04/10 22:56:09 mcr
-+ * change to udp.c registration API.
-+ *
-+ * Revision 1.99 2005/04/08 18:26:13 mcr
-+ * register with udp.c, the klips26 encap receive function
-+ *
-+ * Revision 1.98 2004/09/13 02:23:18 mcr
-+ * #define inet_protocol if necessary.
-+ *
-+ * Revision 1.97 2004/09/06 18:35:49 mcr
-+ * 2.6.8.1 gets rid of inet_protocol->net_protocol compatibility,
-+ * so adjust for that.
-+ *
-+ * Revision 1.96 2004/08/17 03:27:23 mcr
-+ * klips 2.6 edits.
-+ *
-+ * Revision 1.95 2004/08/03 18:19:08 mcr
-+ * in 2.6, use "net_device" instead of #define device->net_device.
-+ * this probably breaks 2.0 compiles.
-+ *
-+ * Revision 1.94 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.93 2004/04/06 02:49:26 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.92 2004/03/30 15:30:39 ken
-+ * Proper Capitalization
-+ *
-+ * Revision 1.91 2004/03/22 01:51:51 ken
-+ * We are open
-+ *
-+ * Revision 1.90.4.2 2004/04/05 04:30:46 mcr
-+ * patches for alg-branch to compile/work with 2.x openswan
-+ *
-+ * Revision 1.90.4.1 2003/12/22 15:25:52 jjo
-+ * Merged algo-0.8.1-rc11-test1 into alg-branch
-+ *
-+ * Revision 1.90 2003/10/31 02:27:55 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.89.4.1 2003/10/29 01:30:41 mcr
-+ * elimited "struct sa_id".
-+ *
-+ * Revision 1.89 2003/07/31 22:47:16 mcr
-+ * preliminary (untested by FS-team) 2.5 patches.
-+ *
-+ * Revision 1.88 2003/06/22 20:05:36 mcr
-+ * clarified why IPCOMP was not being registered, and put a new
-+ * #ifdef in rather than #if 0.
-+ *
-+ * Revision 1.87 2002/09/20 15:40:51 rgb
-+ * Added a lock to the global ipsec_sadb struct for future use.
-+ * Split ipsec_sadb_cleanup from new funciton ipsec_sadb_free to avoid problem
-+ * of freeing newly created structures when clearing the reftable upon startup
-+ * to start from a known state.
-+ *
-+ * Revision 1.86 2002/08/15 18:39:15 rgb
-+ * Move ipsec_prng outside debug code.
-+ *
-+ * Revision 1.85 2002/05/14 02:35:29 rgb
-+ * Change reference to tdb to ipsa.
-+ *
-+ * Revision 1.84 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.83 2002/04/24 07:36:28 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_init.c,v
-+ *
-+ * Revision 1.82 2002/04/20 00:12:25 rgb
-+ * Added esp IV CBC attack fix, disabled.
-+ *
-+ * Revision 1.81 2002/04/09 16:13:32 mcr
-+ * switch license to straight GPL.
-+ *
-+ * Revision 1.80 2002/03/24 07:34:08 rgb
-+ * Sanity check for at least one of AH or ESP configured.
-+ *
-+ * Revision 1.79 2002/02/05 22:55:15 mcr
-+ * added MODULE_LICENSE declaration.
-+ * This macro does not appear in all kernel versions (see comment).
-+ *
-+ * Revision 1.78 2002/01/29 17:17:55 mcr
-+ * moved include of ipsec_param.h to after include of linux/kernel.h
-+ * otherwise, it seems that some option that is set in ipsec_param.h
-+ * screws up something subtle in the include path to kernel.h, and
-+ * it complains on the snprintf() prototype.
-+ *
-+ * Revision 1.77 2002/01/29 04:00:51 mcr
-+ * more excise of kversions.h header.
-+ *
-+ * Revision 1.76 2002/01/29 02:13:17 mcr
-+ * introduction of ipsec_kversion.h means that include of
-+ * ipsec_param.h must preceed any decisions about what files to
-+ * include to deal with differences in kernel source.
-+ *
-+ * Revision 1.75 2001/11/26 09:23:48 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.74 2001/11/22 05:44:11 henry
-+ * new version stuff
-+ *
-+ * Revision 1.71.2.2 2001/10/22 20:51:00 mcr
-+ * explicitely set des_check_key.
-+ *
-+ * Revision 1.71.2.1 2001/09/25 02:19:39 mcr
-+ * /proc manipulation code moved to new ipsec_proc.c
-+ *
-+ * Revision 1.73 2001/11/06 19:47:17 rgb
-+ * Changed lifetime_packets to uint32 from uint64.
-+ *
-+ * Revision 1.72 2001/10/18 04:45:19 rgb
-+ * 2.4.9 kernel deprecates linux/malloc.h in favour of linux/slab.h,
-+ * lib/freeswan.h version macros moved to lib/kversions.h.
-+ * Other compiler directive cleanups.
-+ *
-+ * Revision 1.71 2001/09/20 15:32:45 rgb
-+ * Minor pfkey lifetime fixes.
-+ *
-+ * Revision 1.70 2001/07/06 19:51:21 rgb
-+ * Added inbound policy checking code for IPIP SAs.
-+ *
-+ * Revision 1.69 2001/06/14 19:33:26 rgb
-+ * Silence startup message for console, but allow it to be logged.
-+ * Update copyright date.
-+ *
-+ * Revision 1.68 2001/05/29 05:14:36 rgb
-+ * Added PMTU to /proc/net/ipsec_tncfg output. See 'man 5 ipsec_tncfg'.
-+ *
-+ * Revision 1.67 2001/05/04 16:34:52 rgb
-+ * Rremove erroneous checking of return codes for proc_net_* in 2.4.
-+ *
-+ * Revision 1.66 2001/05/03 19:40:34 rgb
-+ * Check error return codes in startup and shutdown.
-+ *
-+ * Revision 1.65 2001/02/28 05:03:27 rgb
-+ * Clean up and rationalise startup messages.
-+ *
-+ * Revision 1.64 2001/02/27 22:24:53 rgb
-+ * Re-formatting debug output (line-splitting, joining, 1arg/line).
-+ * Check for satoa() return codes.
-+ *
-+ * Revision 1.63 2000/11/29 20:14:06 rgb
-+ * Add src= to the output of /proc/net/ipsec_spi and delete dst from IPIP.
-+ *
-+ * Revision 1.62 2000/11/06 04:31:24 rgb
-+ * Ditched spin_lock_irqsave in favour of spin_lock_bh.
-+ * Fixed longlong for pre-2.4 kernels (Svenning).
-+ * Add Svenning's adaptive content compression.
-+ * Disabled registration of ipcomp handler.
-+ *
-+ * Revision 1.61 2000/10/11 13:37:54 rgb
-+ * #ifdef out debug print that causes proc/net/ipsec_version to oops.
-+ *
-+ * Revision 1.60 2000/09/20 03:59:01 rgb
-+ * Change static info functions to DEBUG_NO_STATIC to reveal function names
-+ * in oopsen.
-+ *
-+ * Revision 1.59 2000/09/16 01:06:26 rgb
-+ * Added cast of var to silence compiler warning about long fed to int
-+ * format.
-+ *
-+ * Revision 1.58 2000/09/15 11:37:01 rgb
-+ * Merge in heavily modified Svenning Soerensen's <svenning@post5.tele.dk>
-+ * IPCOMP zlib deflate code.
-+ *
-+ * Revision 1.57 2000/09/12 03:21:50 rgb
-+ * Moved radij_c_version printing to ipsec_version_get_info().
-+ * Reformatted ipsec_version_get_info().
-+ * Added sysctl_{,un}register() calls.
-+ *
-+ * Revision 1.56 2000/09/08 19:16:50 rgb
-+ * Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
-+ * Removed all references to CONFIG_IPSEC_PFKEYv2.
-+ *
-+ * Revision 1.55 2000/08/30 05:19:03 rgb
-+ * Cleaned up no longer used spi_next, netlink register/unregister, other
-+ * minor cleanup.
-+ * Removed cruft replaced by TDB_XFORM_NAME.
-+ * Removed all the rest of the references to tdb_spi, tdb_proto, tdb_dst.
-+ * Moved debug version strings to printk when /proc/net/ipsec_version is
-+ * called.
-+ *
-+ * Revision 1.54 2000/08/20 18:31:05 rgb
-+ * Changed cosmetic alignment in spi_info.
-+ * Changed addtime and usetime to use actual value which is relative
-+ * anyways, as intended. (Momchil)
-+ *
-+ * Revision 1.53 2000/08/18 17:37:03 rgb
-+ * Added an (int) cast to shut up the compiler...
-+ *
-+ * Revision 1.52 2000/08/01 14:51:50 rgb
-+ * Removed _all_ remaining traces of DES.
-+ *
-+ * Revision 1.51 2000/07/25 20:41:22 rgb
-+ * Removed duplicate parameter in spi_getinfo.
-+ *
-+ * Revision 1.50 2000/07/17 03:21:45 rgb
-+ * Removed /proc/net/ipsec_spinew.
-+ *
-+ * Revision 1.49 2000/06/28 05:46:51 rgb
-+ * Renamed ivlen to iv_bits for consistency.
-+ * Changed output of add and use times to be relative to now.
-+ *
-+ * Revision 1.48 2000/05/11 18:26:10 rgb
-+ * Commented out calls to netlink_attach/detach to avoid activating netlink
-+ * in the kenrel config.
-+ *
-+ * Revision 1.47 2000/05/10 22:35:26 rgb
-+ * Comment out most of the startup version information.
-+ *
-+ * Revision 1.46 2000/03/22 16:15:36 rgb
-+ * Fixed renaming of dev_get (MB).
-+ *
-+ * Revision 1.45 2000/03/16 06:40:48 rgb
-+ * Hardcode PF_KEYv2 support.
-+ *
-+ * Revision 1.44 2000/01/22 23:19:20 rgb
-+ * Simplified code to use existing macro TDB_XFORM_NAME().
-+ *
-+ * Revision 1.43 2000/01/21 06:14:04 rgb
-+ * Print individual stats only if non-zero.
-+ * Removed 'bits' from each keylength for brevity.
-+ * Shortened lifetimes legend for brevity.
-+ * Changed wording from 'last_used' to the clearer 'idle'.
-+ *
-+ * Revision 1.42 1999/12/31 14:57:19 rgb
-+ * MB fix for new dummy-less proc_get_info in 2.3.35.
-+ *
-+ *
-+ * Local variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_ipcomp.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,256 @@
-+/*
-+ * processing code for IPCOMP
-+ * Copyright (C) 2003 Michael Richardson <mcr@sandelman.ottawa.on.ca>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ */
-+
-+char ipsec_ipcomp_c_version[] = "RCSID $Id: ipsec_ipcomp.c,v 1.5.2.3 2007-09-05 02:56:09 paul Exp $";
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+
-+#define __NO_VERSION__
-+#include <linux/module.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "openswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/interrupt.h> /* mark_bh */
-+
-+#include <linux/netdevice.h> /* struct device, and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+#include <linux/skbuff.h>
-+#include <openswan.h>
-+#ifdef SPINLOCK
-+# ifdef SPINLOCK_23
-+# include <linux/spinlock.h> /* *lock* */
-+# else /* SPINLOCK_23 */
-+# include <asm/spinlock.h> /* *lock* */
-+# endif /* SPINLOCK_23 */
-+#endif /* SPINLOCK */
-+
-+#include <net/ip.h>
-+
-+#include "openswan/radij.h"
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_sa.h"
-+
-+#include "openswan/ipsec_radij.h"
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_tunnel.h"
-+#include "openswan/ipsec_rcv.h"
-+#include "openswan/ipsec_xmit.h"
-+
-+#include "openswan/ipsec_auth.h"
-+
-+#ifdef CONFIG_KLIPS_IPCOMP
-+#include "openswan/ipsec_ipcomp.h"
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+
-+#include "openswan/ipsec_proto.h"
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+int debug_ipcomp = 0;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+
-+#ifdef CONFIG_KLIPS_IPCOMP
-+enum ipsec_rcv_value
-+ipsec_rcv_ipcomp_checks(struct ipsec_rcv_state *irs,
-+ struct sk_buff *skb)
-+{
-+ int ipcompminlen;
-+
-+ ipcompminlen = sizeof(struct iphdr);
-+
-+ if(skb->len < (ipcompminlen + sizeof(struct ipcomphdr))) {
-+ KLIPS_PRINT(debug_rcv & DB_RX_INAU,
-+ "klips_debug:ipsec_rcv: "
-+ "runt comp packet of skb->len=%d received from %s, dropped.\n",
-+ skb->len,
-+ irs->ipsaddr_txt);
-+ if(irs->stats) {
-+ irs->stats->rx_errors++;
-+ }
-+ return IPSEC_RCV_BADLEN;
-+ }
-+
-+ irs->protostuff.ipcompstuff.compp = (struct ipcomphdr *)skb_transport_header(skb);
-+ irs->said.spi = htonl((__u32)ntohs(irs->protostuff.ipcompstuff.compp->ipcomp_cpi));
-+ return IPSEC_RCV_OK;
-+}
-+
-+enum ipsec_rcv_value
-+ipsec_rcv_ipcomp_decomp(struct ipsec_rcv_state *irs)
-+{
-+ unsigned int flags = 0;
-+ struct ipsec_sa *ipsp = irs->ipsp;
-+ struct sk_buff *skb;
-+
-+ skb=irs->skb;
-+
-+ ipsec_xmit_dmp("ipcomp", skb_transport_header(skb), skb->len);
-+
-+ if(ipsp == NULL) {
-+ return IPSEC_RCV_SAIDNOTFOUND;
-+ }
-+
-+ if(sysctl_ipsec_inbound_policy_check &&
-+ ((((ntohl(ipsp->ips_said.spi) & 0x0000ffff) != ntohl(irs->said.spi)) &&
-+ (ipsp->ips_encalg != ntohl(irs->said.spi)) /* this is a workaround for peer non-compliance with rfc2393 */
-+ ))) {
-+ char sa2[SATOT_BUF];
-+ size_t sa_len2 = 0;
-+
-+ sa_len2 = KLIPS_SATOT(debug_rcv, &ipsp->ips_said, 0, sa2, sizeof(sa2));
-+
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "Incoming packet with SA(IPCA):%s does not match policy SA(IPCA):%s cpi=%04x cpi->spi=%08x spi=%08x, spi->cpi=%04x for SA grouping, dropped.\n",
-+ irs->sa_len ? irs->sa : " (error)",
-+ ipsp != NULL ? (sa_len2 ? sa2 : " (error)") : "NULL",
-+ ntohs(irs->protostuff.ipcompstuff.compp->ipcomp_cpi),
-+ (__u32)ntohl(irs->said.spi),
-+ ipsp != NULL ? (__u32)ntohl((ipsp->ips_said.spi)) : 0,
-+ ipsp != NULL ? (__u16)(ntohl(ipsp->ips_said.spi) & 0x0000ffff) : 0);
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ return IPSEC_RCV_SAIDNOTFOUND;
-+ }
-+
-+ ipsp->ips_comp_ratio_cbytes += ntohs(irs->ipp->tot_len);
-+ irs->next_header = irs->protostuff.ipcompstuff.compp->ipcomp_nh;
-+
-+ skb = skb_decompress(skb, ipsp, &flags);
-+ if (!skb || flags) {
-+ spin_unlock(&tdb_lock);
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "skb_decompress() returned error flags=%x, dropped.\n",
-+ flags);
-+ if (irs->stats) {
-+ if (flags)
-+ irs->stats->rx_errors++;
-+ else
-+ irs->stats->rx_dropped++;
-+ }
-+ return IPSEC_RCV_IPCOMPFAILED;
-+ }
-+
-+ /* make sure we update the pointer */
-+ irs->skb = skb;
-+
-+#ifdef NET_21
-+ irs->ipp = ip_hdr(skb);
-+#else /* NET_21 */
-+ irs->ipp = skb->ip_hdr;
-+#endif /* NET_21 */
-+
-+ ipsp->ips_comp_ratio_dbytes += ntohs(irs->ipp->tot_len);
-+
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "packet decompressed SA(IPCA):%s cpi->spi=%08x spi=%08x, spi->cpi=%04x, nh=%d.\n",
-+ irs->sa_len ? irs->sa : " (error)",
-+ (__u32)ntohl(irs->said.spi),
-+ ipsp != NULL ? (__u32)ntohl((ipsp->ips_said.spi)) : 0,
-+ ipsp != NULL ? (__u16)(ntohl(ipsp->ips_said.spi) & 0x0000ffff) : 0,
-+ irs->next_header);
-+ KLIPS_IP_PRINT(debug_rcv & DB_RX_PKTRX, irs->ipp);
-+
-+ return IPSEC_RCV_OK;
-+}
-+
-+enum ipsec_xmit_value
-+ipsec_xmit_ipcomp_setup(struct ipsec_xmit_state *ixs)
-+{
-+ unsigned int flags = 0;
-+#ifdef CONFIG_KLIPS_DEBUG
-+ unsigned int old_tot_len = ntohs(ixs->iph->tot_len);
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ ixs->ipsp->ips_comp_ratio_dbytes += ntohs(ixs->iph->tot_len);
-+
-+ ixs->skb = skb_compress(ixs->skb, ixs->ipsp, &flags);
-+
-+#ifdef NET_21
-+ ixs->iph = ip_hdr(ixs->skb);
-+#else /* NET_21 */
-+ ixs->iph = ixs->skb->ip_hdr;
-+#endif /* NET_21 */
-+
-+ ixs->ipsp->ips_comp_ratio_cbytes += ntohs(ixs->iph->tot_len);
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if (debug_tunnel & DB_TN_CROUT)
-+ {
-+ if (old_tot_len > ntohs(ixs->iph->tot_len))
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_encap_once: "
-+ "packet shrunk from %d to %d bytes after compression, cpi=%04x (should be from spi=%08x, spi&0xffff=%04x.\n",
-+ old_tot_len, ntohs(ixs->iph->tot_len),
-+ ntohs(((struct ipcomphdr*)(((char*)ixs->iph) + ((ixs->iph->ihl) << 2)))->ipcomp_cpi),
-+ ntohl(ixs->ipsp->ips_said.spi),
-+ (__u16)(ntohl(ixs->ipsp->ips_said.spi) & 0x0000ffff));
-+ else
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_encap_once: "
-+ "packet did not compress (flags = %d).\n",
-+ flags);
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ return IPSEC_XMIT_OK;
-+}
-+
-+struct xform_functions ipcomp_xform_funcs[]={
-+ {rcv_checks: ipsec_rcv_ipcomp_checks,
-+ rcv_decrypt: ipsec_rcv_ipcomp_decomp,
-+ xmit_setup: ipsec_xmit_ipcomp_setup,
-+ xmit_headroom: 0,
-+ xmit_needtailroom: 0,
-+ },
-+};
-+
-+#if 0
-+/* We probably don't want to install a pure IPCOMP protocol handler, but
-+ only want to handle IPCOMP if it is encapsulated inside an ESP payload
-+ (which is already handled) */
-+#ifdef CONFIG_KLIPS_IPCOMP
-+struct inet_protocol comp_protocol =
-+{
-+ ipsec_rcv, /* COMP handler */
-+ NULL, /* COMP error control */
-+#ifdef NETDEV_25
-+ 1, /* no policy */
-+#else
-+ 0, /* next */
-+ IPPROTO_COMP, /* protocol ID */
-+ 0, /* copy */
-+ NULL, /* data */
-+ "COMP" /* name */
-+#endif
-+};
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+#endif
-+
-+#endif /* CONFIG_KLIPS_IPCOMP */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_ipip.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,122 @@
-+/*
-+ * processing code for IPIP
-+ * Copyright (C) 2003 Michael Richardson <mcr@sandelman.ottawa.on.ca>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ */
-+
-+char ipsec_ipip_c_version[] = "RCSID $Id: ipsec_ipip.c,v 1.3.2.4 2007-09-05 02:56:09 paul Exp $";
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+
-+#define __NO_VERSION__
-+#include <linux/module.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "openswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/interrupt.h> /* mark_bh */
-+
-+#include <linux/netdevice.h> /* struct device, and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+#include <linux/skbuff.h>
-+#include <openswan.h>
-+#ifdef SPINLOCK
-+# ifdef SPINLOCK_23
-+# include <linux/spinlock.h> /* *lock* */
-+# else /* SPINLOCK_23 */
-+# include <asm/spinlock.h> /* *lock* */
-+# endif /* SPINLOCK_23 */
-+#endif /* SPINLOCK */
-+
-+#include <net/ip.h>
-+
-+#include "openswan/radij.h"
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_sa.h"
-+
-+#include "openswan/ipsec_radij.h"
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_tunnel.h"
-+#include "openswan/ipsec_rcv.h"
-+#include "openswan/ipsec_xmit.h"
-+
-+#include "openswan/ipsec_auth.h"
-+#include "openswan/ipsec_ipip.h"
-+#include "openswan/ipsec_param.h"
-+
-+#include "openswan/ipsec_proto.h"
-+
-+enum ipsec_xmit_value
-+ipsec_xmit_ipip_setup(struct ipsec_xmit_state *ixs)
-+{
-+ ixs->iph->version = 4;
-+
-+ switch(sysctl_ipsec_tos) {
-+ case 0:
-+#ifdef NET_21
-+ ixs->iph->tos = ip_hdr(ixs->skb)->tos;
-+#else /* NET_21 */
-+ ixs->iph->tos = ixs->skb->ip_hdr->tos;
-+#endif /* NET_21 */
-+ break;
-+ case 1:
-+ ixs->iph->tos = 0;
-+ break;
-+ default:
-+ break;
-+ }
-+ ixs->iph->ttl = SYSCTL_IPSEC_DEFAULT_TTL;
-+ ixs->iph->frag_off = 0;
-+ ixs->iph->saddr = ((struct sockaddr_in*)(ixs->ipsp->ips_addr_s))->sin_addr.s_addr;
-+ ixs->iph->daddr = ((struct sockaddr_in*)(ixs->ipsp->ips_addr_d))->sin_addr.s_addr;
-+ ixs->iph->protocol = IPPROTO_IPIP;
-+ ixs->iph->ihl = sizeof(struct iphdr) >> 2;
-+
-+ KLIPS_IP_SELECT_IDENT(ixs->iph, ixs->skb);
-+
-+ ixs->newdst = (__u32)ixs->iph->daddr;
-+ ixs->newsrc = (__u32)ixs->iph->saddr;
-+
-+#ifdef NET_21
-+ skb_set_transport_header(ixs->skb, ipsec_skb_offset(ixs->skb, ip_hdr(ixs->skb)));
-+#endif /* NET_21 */
-+ return IPSEC_XMIT_OK;
-+}
-+
-+struct xform_functions ipip_xform_funcs[]={
-+ { rcv_checks: NULL,
-+ rcv_setup_auth: NULL,
-+ rcv_calc_auth: NULL,
-+ rcv_decrypt: NULL,
-+
-+ xmit_setup: ipsec_xmit_ipip_setup,
-+ xmit_headroom: sizeof(struct iphdr),
-+ xmit_needtailroom: 0,
-+ },
-+};
-+
-+
-+
-+
-+
-+
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_kern24.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,74 @@
-+/*
-+ * Copyright 2005 (C) Michael Richardson <mcr@xelerance.com>
-+ *
-+ * This is a file of functions which are present in 2.6 kernels,
-+ * but are not available by default in the 2.4 series.
-+ *
-+ * As such this code is usually from the Linux kernel, and is covered by
-+ * GPL.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * $Id: ipsec_kern24.c,v 1.2 2005-05-20 03:19:18 mcr Exp $
-+ *
-+ */
-+
-+#include <linux/kernel.h>
-+#include <linux/mm.h>
-+#include <linux/spinlock.h>
-+
-+/*
-+ * printk rate limiting, lifted from the networking subsystem.
-+ *
-+ * This enforces a rate limit: not more than one kernel message
-+ * every printk_ratelimit_jiffies to make a denial-of-service
-+ * attack impossible.
-+ */
-+static spinlock_t ratelimit_lock = SPIN_LOCK_UNLOCKED;
-+
-+int __printk_ratelimit(int ratelimit_jiffies, int ratelimit_burst)
-+{
-+ static unsigned long toks = 10*5*HZ;
-+ static unsigned long last_msg;
-+ static int missed;
-+ unsigned long flags;
-+ unsigned long now = jiffies;
-+
-+ spin_lock_irqsave(&ratelimit_lock, flags);
-+ toks += now - last_msg;
-+ last_msg = now;
-+ if (toks > (ratelimit_burst * ratelimit_jiffies))
-+ toks = ratelimit_burst * ratelimit_jiffies;
-+ if (toks >= ratelimit_jiffies) {
-+ int lost = missed;
-+ missed = 0;
-+ toks -= ratelimit_jiffies;
-+ spin_unlock_irqrestore(&ratelimit_lock, flags);
-+ if (lost)
-+ printk(KERN_WARNING "printk: %d messages suppressed.\n", lost);
-+ return 1;
-+ }
-+ missed++;
-+ spin_unlock_irqrestore(&ratelimit_lock, flags);
-+ return 0;
-+}
-+
-+/* minimum time in jiffies between messages */
-+int printk_ratelimit_jiffies = 5*HZ;
-+
-+/* number of messages we send before ratelimiting */
-+int printk_ratelimit_burst = 10;
-+
-+int printk_ratelimit(void)
-+{
-+ return __printk_ratelimit(printk_ratelimit_jiffies,
-+ printk_ratelimit_burst);
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_life.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,277 @@
-+/*
-+ * @(#) lifetime structure utilities
-+ *
-+ * Copyright (C) 2001 Richard Guy Briggs <rgb@freeswan.org>
-+ * and Michael Richardson <mcr@freeswan.org>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_life.c,v 1.13.10.2 2007-09-05 02:39:38 paul Exp $
-+ *
-+ */
-+
-+/*
-+ * This provides series of utility functions for dealing with lifetime
-+ * structures.
-+ *
-+ * ipsec_check_lifetime - returns -1 hard lifetime exceeded
-+ * 0 soft lifetime exceeded
-+ * 1 everything is okay
-+ * based upon whether or not the count exceeds hard/soft
-+ *
-+ */
-+
-+#define __NO_VERSION__
-+#include <linux/module.h>
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif /* for CONFIG_IP_FORWARD */
-+#include <linux/version.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "openswan/ipsec_param.h"
-+
-+#include <linux/netdevice.h> /* struct device, struct net_device_stats and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/skbuff.h>
-+#include <linux/ip.h>
-+#include <openswan.h>
-+
-+#include "openswan/radij.h"
-+#include "openswan/ipsec_life.h"
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_eroute.h"
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_radij.h"
-+
-+#include "openswan/ipsec_sa.h"
-+#include "openswan/ipsec_tunnel.h"
-+#include "openswan/ipsec_ipe4.h"
-+#include "openswan/ipsec_ah.h"
-+#include "openswan/ipsec_esp.h"
-+
-+#ifdef CONFIG_KLIPS_IPCOMP
-+#include "openswan/ipcomp.h"
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+#include "openswan/ipsec_proto.h"
-+
-+
-+enum ipsec_life_alive
-+ipsec_lifetime_check(struct ipsec_lifetime64 *il64,
-+ const char *lifename,
-+ const char *saname,
-+ enum ipsec_life_type ilt,
-+ enum ipsec_direction idir,
-+ struct ipsec_sa *ips)
-+{
-+ __u64 count;
-+ const char *dir;
-+
-+ if(saname == NULL) {
-+ saname = "unknown-SA";
-+ }
-+
-+ if(idir == ipsec_incoming) {
-+ dir = "incoming";
-+ } else {
-+ dir = "outgoing";
-+ }
-+
-+
-+ if(ilt == ipsec_life_timebased) {
-+ count = jiffies/HZ - il64->ipl_count;
-+ } else {
-+ count = il64->ipl_count;
-+ }
-+
-+ if(il64->ipl_hard &&
-+ (count > il64->ipl_hard)) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_lifetime_check: "
-+ "hard %s lifetime of SA:<%s%s%s> %s has been reached, SA expired, "
-+ "%s packet dropped.\n",
-+ lifename,
-+ IPS_XFORM_NAME(ips),
-+ saname,
-+ dir);
-+
-+ pfkey_expire(ips, 1);
-+ return ipsec_life_harddied;
-+ }
-+
-+ if(il64->ipl_soft &&
-+ (count > il64->ipl_soft)) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_lifetime_check: "
-+ "soft %s lifetime of SA:<%s%s%s> %s has been reached, SA expiring, "
-+ "soft expire message sent up, %s packet still processed.\n",
-+ lifename,
-+ IPS_XFORM_NAME(ips),
-+ saname,
-+ dir);
-+
-+ if(ips->ips_state != SADB_SASTATE_DYING) {
-+ pfkey_expire(ips, 0);
-+ }
-+ ips->ips_state = SADB_SASTATE_DYING;
-+
-+ return ipsec_life_softdied;
-+ }
-+ return ipsec_life_okay;
-+}
-+
-+
-+/*
-+ * This function takes a buffer (with length), a lifetime name and type,
-+ * and formats a string to represent the current values of the lifetime.
-+ *
-+ * It returns the number of bytes that the format took (or would take,
-+ * if the buffer were large enough: snprintf semantics).
-+ * This is used in /proc routines and in debug output.
-+ */
-+int
-+ipsec_lifetime_format(char *buffer,
-+ int buflen,
-+ char *lifename,
-+ enum ipsec_life_type timebaselife,
-+ struct ipsec_lifetime64 *lifetime)
-+{
-+ int len = 0;
-+ __u64 count;
-+
-+ if(timebaselife == ipsec_life_timebased) {
-+ count = jiffies/HZ - lifetime->ipl_count;
-+ } else {
-+ count = lifetime->ipl_count;
-+ }
-+
-+ if(lifetime->ipl_count > 1 ||
-+ lifetime->ipl_soft ||
-+ lifetime->ipl_hard) {
-+#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,3,0))
-+ len = ipsec_snprintf(buffer, buflen,
-+ "%s(%Lu,%Lu,%Lu)",
-+ lifename,
-+ count,
-+ lifetime->ipl_soft,
-+ lifetime->ipl_hard);
-+#else /* XXX high 32 bits are not displayed */
-+ len = ipsec_snprintf(buffer, buflen,
-+ "%s(%lu,%lu,%lu)",
-+ lifename,
-+ (unsigned long)count,
-+ (unsigned long)lifetime->ipl_soft,
-+ (unsigned long)lifetime->ipl_hard);
-+#endif
-+ }
-+
-+ return len;
-+}
-+
-+void
-+ipsec_lifetime_update_hard(struct ipsec_lifetime64 *lifetime,
-+ __u64 newvalue)
-+{
-+ if(newvalue &&
-+ (!lifetime->ipl_hard ||
-+ (newvalue < lifetime->ipl_hard))) {
-+ lifetime->ipl_hard = newvalue;
-+
-+ if(!lifetime->ipl_soft &&
-+ (lifetime->ipl_hard < lifetime->ipl_soft)) {
-+ lifetime->ipl_soft = lifetime->ipl_hard;
-+ }
-+ }
-+}
-+
-+void
-+ipsec_lifetime_update_soft(struct ipsec_lifetime64 *lifetime,
-+ __u64 newvalue)
-+{
-+ if(newvalue &&
-+ (!lifetime->ipl_soft ||
-+ (newvalue < lifetime->ipl_soft))) {
-+ lifetime->ipl_soft = newvalue;
-+
-+ if(lifetime->ipl_hard &&
-+ (lifetime->ipl_hard < lifetime->ipl_soft)) {
-+ lifetime->ipl_soft = lifetime->ipl_hard;
-+ }
-+ }
-+}
-+
-+
-+/*
-+ * $Log: ipsec_life.c,v $
-+ * Revision 1.13.10.2 2007-09-05 02:39:38 paul
-+ * include ip.h to account for header file surgery in 2.6.22 [david]
-+ *
-+ * Revision 1.13.10.1 2006/10/06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.13 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.12 2004/04/23 20:44:35 ken
-+ * Update comments
-+ *
-+ * Revision 1.11 2004/04/06 02:49:26 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.10 2004/03/30 11:03:10 paul
-+ * two more occurances of snprintf, found by Sam from a users oops msg.
-+ *
-+ * Revision 1.9 2003/10/31 02:27:55 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.8.4.1 2003/10/29 01:30:41 mcr
-+ * elimited "struct sa_id".
-+ *
-+ * Revision 1.8 2003/02/06 02:00:10 rgb
-+ * Fixed incorrect debugging text label
-+ *
-+ * Revision 1.7 2002/05/23 07:16:26 rgb
-+ * Fixed absolute/relative reference to lifetime count printout.
-+ *
-+ * Revision 1.6 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.5 2002/04/24 07:36:28 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_life.c,v
-+ *
-+ * Revision 1.4 2002/01/29 17:17:55 mcr
-+ * moved include of ipsec_param.h to after include of linux/kernel.h
-+ * otherwise, it seems that some option that is set in ipsec_param.h
-+ * screws up something subtle in the include path to kernel.h, and
-+ * it complains on the snprintf() prototype.
-+ *
-+ * Revision 1.3 2002/01/29 02:13:17 mcr
-+ * introduction of ipsec_kversion.h means that include of
-+ * ipsec_param.h must preceed any decisions about what files to
-+ * include to deal with differences in kernel source.
-+ *
-+ * Revision 1.2 2001/11/26 09:16:14 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.1.2.1 2001/09/25 02:25:57 mcr
-+ * lifetime structure created and common functions created.
-+ *
-+ * Local variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_mast.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,1099 @@
-+/*
-+ * IPSEC MAST code.
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ */
-+
-+char ipsec_mast_c_version[] = "RCSID $Id: ipsec_mast.c,v 1.7.2.1 2006-10-06 21:39:26 paul Exp $";
-+
-+#define __NO_VERSION__
-+#include <linux/module.h>
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif /* for CONFIG_IP_FORWARD */
-+#include <linux/version.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "freeswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/interrupt.h> /* mark_bh */
-+
-+#include <linux/netdevice.h> /* struct device, struct net_device_stats, dev_queue_xmit() and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+#include <linux/tcp.h> /* struct tcphdr */
-+#include <linux/udp.h> /* struct udphdr */
-+#include <linux/skbuff.h>
-+#include <freeswan.h>
-+#include <linux/in6.h>
-+#include <net/dst.h>
-+#undef dev_kfree_skb
-+#define dev_kfree_skb(a,b) kfree_skb(a)
-+#define PHYSDEV_TYPE
-+#include <net/icmp.h> /* icmp_send() */
-+#include <net/ip.h>
-+#include <linux/netfilter_ipv4.h>
-+
-+#include <linux/if_arp.h>
-+
-+#include "freeswan/radij.h"
-+#include "freeswan/ipsec_life.h"
-+#include "freeswan/ipsec_xform.h"
-+#include "freeswan/ipsec_eroute.h"
-+#include "freeswan/ipsec_encap.h"
-+#include "freeswan/ipsec_radij.h"
-+#include "freeswan/ipsec_sa.h"
-+#include "freeswan/ipsec_tunnel.h"
-+#include "freeswan/ipsec_mast.h"
-+#include "freeswan/ipsec_ipe4.h"
-+#include "freeswan/ipsec_ah.h"
-+#include "freeswan/ipsec_esp.h"
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+#include "freeswan/ipsec_proto.h"
-+
-+int ipsec_maxdevice_count = -1;
-+
-+DEBUG_NO_STATIC int
-+ipsec_mast_open(struct net_device *dev)
-+{
-+ struct ipsecpriv *prv = dev->priv;
-+
-+ /*
-+ * Can't open until attached.
-+ */
-+
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_open: "
-+ "dev = %s, prv->dev = %s\n",
-+ dev->name, prv->dev?prv->dev->name:"NONE");
-+
-+ if (prv->dev == NULL)
-+ return -ENODEV;
-+
-+ KLIPS_INC_USE;
-+ return 0;
-+}
-+
-+DEBUG_NO_STATIC int
-+ipsec_mast_close(struct net_device *dev)
-+{
-+ KLIPS_DEC_USE;
-+ return 0;
-+}
-+
-+static inline int ipsec_mast_xmit2(struct sk_buff *skb)
-+{
-+ return ip_send(skb);
-+}
-+
-+enum ipsec_xmit_value
-+ipsec_mast_send(struct ipsec_xmit_state*ixs)
-+{
-+ /* new route/dst cache code from James Morris */
-+ ixs->skb->dev = ixs->physdev;
-+ /*skb_orphan(ixs->skb);*/
-+ if((ixs->error = ip_route_output(&ixs->route,
-+ ixs->skb->nh.iph->daddr,
-+ ixs->pass ? 0 : ixs->skb->nh.iph->saddr,
-+ RT_TOS(ixs->skb->nh.iph->tos),
-+ ixs->physdev->iflink /* rgb: should this be 0? */))) {
-+ ixs->stats->tx_errors++;
-+ KLIPS_PRINT(debug_mast & DB_MAST_XMIT,
-+ "klips_debug:ipsec_xmit_send: "
-+ "ip_route_output failed with error code %d, rt->u.dst.dev=%s, dropped\n",
-+ ixs->error,
-+ ixs->route->u.dst.dev->name);
-+ return IPSEC_XMIT_ROUTEERR;
-+ }
-+ if(ixs->dev == ixs->route->u.dst.dev) {
-+ ip_rt_put(ixs->route);
-+ /* This is recursion, drop it. */
-+ ixs->stats->tx_errors++;
-+ KLIPS_PRINT(debug_mast & DB_MAST_XMIT,
-+ "klips_debug:ipsec_xmit_send: "
-+ "suspect recursion, dev=rt->u.dst.dev=%s, dropped\n",
-+ ixs->dev->name);
-+ return IPSEC_XMIT_RECURSDETECT;
-+ }
-+ dst_release(ixs->skb->dst);
-+ ixs->skb->dst = &ixs->route->u.dst;
-+ ixs->stats->tx_bytes += ixs->skb->len;
-+ if(ixs->skb->len < ixs->skb->nh.raw - ixs->skb->data) {
-+ ixs->stats->tx_errors++;
-+ printk(KERN_WARNING
-+ "klips_error:ipsec_xmit_send: "
-+ "tried to __skb_pull nh-data=%ld, %d available. This should never happen, please report.\n",
-+ (unsigned long)(ixs->skb->nh.raw - ixs->skb->data),
-+ ixs->skb->len);
-+ return IPSEC_XMIT_PUSHPULLERR;
-+ }
-+ __skb_pull(ixs->skb, ixs->skb->nh.raw - ixs->skb->data);
-+#ifdef SKB_RESET_NFCT
-+ nf_conntrack_put(ixs->skb->nfct);
-+ ixs->skb->nfct = NULL;
-+#ifdef CONFIG_NETFILTER_DEBUG
-+ ixs->skb->nf_debug = 0;
-+#endif /* CONFIG_NETFILTER_DEBUG */
-+#endif /* SKB_RESET_NFCT */
-+ KLIPS_PRINT(debug_mast & DB_MAST_XMIT,
-+ "klips_debug:ipsec_xmit_send: "
-+ "...done, calling ip_send() on device:%s\n",
-+ ixs->skb->dev ? ixs->skb->dev->name : "NULL");
-+ KLIPS_IP_PRINT(debug_mast & DB_MAST_XMIT, ixs->skb->nh.iph);
-+ {
-+ int err;
-+
-+ err = NF_HOOK(PF_INET, NF_IP_LOCAL_OUT, ixs->skb, NULL, ixs->route->u.dst.dev,
-+ ipsec_mast_xmit2);
-+ if(err != NET_XMIT_SUCCESS && err != NET_XMIT_CN) {
-+ if(net_ratelimit())
-+ printk(KERN_ERR
-+ "klips_error:ipsec_xmit_send: "
-+ "ip_send() failed, err=%d\n",
-+ -err);
-+ ixs->stats->tx_errors++;
-+ ixs->stats->tx_aborted_errors++;
-+ ixs->skb = NULL;
-+ return IPSEC_XMIT_IPSENDFAILURE;
-+ }
-+ }
-+ ixs->stats->tx_packets++;
-+
-+ ixs->skb = NULL;
-+
-+ return IPSEC_XMIT_OK;
-+}
-+
-+void
-+ipsec_mast_cleanup(struct ipsec_xmit_state*ixs)
-+{
-+#if defined(HAS_NETIF_QUEUE) || defined (HAVE_NETIF_QUEUE)
-+ netif_wake_queue(ixs->dev);
-+#else /* defined(HAS_NETIF_QUEUE) || defined (HAVE_NETIF_QUEUE) */
-+ ixs->dev->tbusy = 0;
-+#endif /* defined(HAS_NETIF_QUEUE) || defined (HAVE_NETIF_QUEUE) */
-+ if(ixs->saved_header) {
-+ kfree(ixs->saved_header);
-+ }
-+ if(ixs->skb) {
-+ dev_kfree_skb(ixs->skb, FREE_WRITE);
-+ }
-+ if(ixs->oskb) {
-+ dev_kfree_skb(ixs->oskb, FREE_WRITE);
-+ }
-+ if (ixs->ips.ips_ident_s.data) {
-+ kfree(ixs->ips.ips_ident_s.data);
-+ }
-+ if (ixs->ips.ips_ident_d.data) {
-+ kfree(ixs->ips.ips_ident_d.data);
-+ }
-+}
-+
-+#if 0
-+/*
-+ * This function assumes it is being called from dev_queue_xmit()
-+ * and that skb is filled properly by that function.
-+ */
-+int
-+ipsec_mast_start_xmit(struct sk_buff *skb, struct net_device *dev, IPsecSAref_t SAref)
-+{
-+ struct ipsec_xmit_state ixs_mem;
-+ struct ipsec_xmit_state *ixs = &ixs_mem;
-+ enum ipsec_xmit_value stat = IPSEC_XMIT_OK;
-+
-+ /* dev could be a mast device, but should be optional, I think... */
-+ /* SAref is also optional, but one of the two must be present. */
-+ /* I wonder if it could accept no device or saref and guess? */
-+
-+/* ipsec_xmit_sanity_check_dev(ixs); */
-+
-+ ipsec_xmit_sanity_check_skb(ixs);
-+
-+ ipsec_xmit_adjust_hard_header(ixs);
-+
-+ stat = ipsec_xmit_encap_bundle(ixs);
-+ if(stat != IPSEC_XMIT_OK) {
-+ /* SA processing failed */
-+ }
-+
-+ ipsec_xmit_hard_header_restore();
-+}
-+#endif
-+
-+DEBUG_NO_STATIC struct net_device_stats *
-+ipsec_mast_get_stats(struct net_device *dev)
-+{
-+ return &(((struct ipsecpriv *)(dev->priv))->mystats);
-+}
-+
-+/*
-+ * Revectored calls.
-+ * For each of these calls, a field exists in our private structure.
-+ */
-+
-+DEBUG_NO_STATIC int
-+ipsec_mast_hard_header(struct sk_buff *skb, struct net_device *dev,
-+ unsigned short type, void *daddr, void *saddr, unsigned len)
-+{
-+ struct ipsecpriv *prv = dev->priv;
-+ struct net_device *tmp;
-+ int ret;
-+ struct net_device_stats *stats; /* This device's statistics */
-+
-+ if(skb == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_hard_header: "
-+ "no skb...\n");
-+ return -ENODATA;
-+ }
-+
-+ if(dev == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_hard_header: "
-+ "no device...\n");
-+ return -ENODEV;
-+ }
-+
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_hard_header: "
-+ "skb->dev=%s dev=%s.\n",
-+ skb->dev ? skb->dev->name : "NULL",
-+ dev->name);
-+
-+ if(prv == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_hard_header: "
-+ "no private space associated with dev=%s\n",
-+ dev->name ? dev->name : "NULL");
-+ return -ENODEV;
-+ }
-+
-+ stats = (struct net_device_stats *) &(prv->mystats);
-+
-+ if(prv->dev == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_hard_header: "
-+ "no physical device associated with dev=%s\n",
-+ dev->name ? dev->name : "NULL");
-+ stats->tx_dropped++;
-+ return -ENODEV;
-+ }
-+
-+ /* check if we have to send a IPv6 packet. It might be a Router
-+ Solicitation, where the building of the packet happens in
-+ reverse order:
-+ 1. ll hdr,
-+ 2. IPv6 hdr,
-+ 3. ICMPv6 hdr
-+ -> skb->nh.raw is still uninitialized when this function is
-+ called!! If this is no IPv6 packet, we can print debugging
-+ messages, otherwise we skip all debugging messages and just
-+ build the ll header */
-+ if(type != ETH_P_IPV6) {
-+ /* execute this only, if we don't have to build the
-+ header for a IPv6 packet */
-+ if(!prv->hard_header) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_hard_header: "
-+ "physical device has been detached, packet dropped 0p%p->0p%p len=%d type=%d dev=%s->NULL ",
-+ saddr,
-+ daddr,
-+ len,
-+ type,
-+ dev->name);
-+ KLIPS_PRINTMORE(debug_mast & DB_MAST_REVEC,
-+ "ip=%08x->%08x\n",
-+ (__u32)ntohl(skb->nh.iph->saddr),
-+ (__u32)ntohl(skb->nh.iph->daddr) );
-+ stats->tx_dropped++;
-+ return -ENODEV;
-+ }
-+
-+#define da ((struct net_device *)(prv->dev))->dev_addr
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_hard_header: "
-+ "Revectored 0p%p->0p%p len=%d type=%d dev=%s->%s dev_addr=%02x:%02x:%02x:%02x:%02x:%02x ",
-+ saddr,
-+ daddr,
-+ len,
-+ type,
-+ dev->name,
-+ prv->dev->name,
-+ da[0], da[1], da[2], da[3], da[4], da[5]);
-+ KLIPS_PRINTMORE(debug_mast & DB_MAST_REVEC,
-+ "ip=%08x->%08x\n",
-+ (__u32)ntohl(skb->nh.iph->saddr),
-+ (__u32)ntohl(skb->nh.iph->daddr) );
-+ } else {
-+ KLIPS_PRINT(debug_mast,
-+ "klips_debug:ipsec_mast_hard_header: "
-+ "is IPv6 packet, skip debugging messages, only revector and build linklocal header.\n");
-+ }
-+ tmp = skb->dev;
-+ skb->dev = prv->dev;
-+ ret = prv->hard_header(skb, prv->dev, type, (void *)daddr, (void *)saddr, len);
-+ skb->dev = tmp;
-+ return ret;
-+}
-+
-+DEBUG_NO_STATIC int
-+ipsec_mast_rebuild_header(struct sk_buff *skb)
-+{
-+ struct ipsecpriv *prv = skb->dev->priv;
-+ struct net_device *tmp;
-+ int ret;
-+ struct net_device_stats *stats; /* This device's statistics */
-+
-+ if(skb->dev == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_rebuild_header: "
-+ "no device...");
-+ return -ENODEV;
-+ }
-+
-+ if(prv == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_rebuild_header: "
-+ "no private space associated with dev=%s",
-+ skb->dev->name ? skb->dev->name : "NULL");
-+ return -ENODEV;
-+ }
-+
-+ stats = (struct net_device_stats *) &(prv->mystats);
-+
-+ if(prv->dev == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_rebuild_header: "
-+ "no physical device associated with dev=%s",
-+ skb->dev->name ? skb->dev->name : "NULL");
-+ stats->tx_dropped++;
-+ return -ENODEV;
-+ }
-+
-+ if(!prv->rebuild_header) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_rebuild_header: "
-+ "physical device has been detached, packet dropped skb->dev=%s->NULL ",
-+ skb->dev->name);
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "ip=%08x->%08x\n",
-+ (__u32)ntohl(skb->nh.iph->saddr),
-+ (__u32)ntohl(skb->nh.iph->daddr) );
-+ stats->tx_dropped++;
-+ return -ENODEV;
-+ }
-+
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast: "
-+ "Revectored rebuild_header dev=%s->%s ",
-+ skb->dev->name, prv->dev->name);
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "ip=%08x->%08x\n",
-+ (__u32)ntohl(skb->nh.iph->saddr),
-+ (__u32)ntohl(skb->nh.iph->daddr) );
-+ tmp = skb->dev;
-+ skb->dev = prv->dev;
-+
-+ ret = prv->rebuild_header(skb);
-+ skb->dev = tmp;
-+ return ret;
-+}
-+
-+DEBUG_NO_STATIC int
-+ipsec_mast_set_mac_address(struct net_device *dev, void *addr)
-+{
-+ struct ipsecpriv *prv = dev->priv;
-+
-+ struct net_device_stats *stats; /* This device's statistics */
-+
-+ if(dev == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_set_mac_address: "
-+ "no device...");
-+ return -ENODEV;
-+ }
-+
-+ if(prv == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_set_mac_address: "
-+ "no private space associated with dev=%s",
-+ dev->name ? dev->name : "NULL");
-+ return -ENODEV;
-+ }
-+
-+ stats = (struct net_device_stats *) &(prv->mystats);
-+
-+ if(prv->dev == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_set_mac_address: "
-+ "no physical device associated with dev=%s",
-+ dev->name ? dev->name : "NULL");
-+ stats->tx_dropped++;
-+ return -ENODEV;
-+ }
-+
-+ if(!prv->set_mac_address) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_set_mac_address: "
-+ "physical device has been detached, cannot set - skb->dev=%s->NULL\n",
-+ dev->name);
-+ return -ENODEV;
-+ }
-+
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_set_mac_address: "
-+ "Revectored dev=%s->%s addr=0p%p\n",
-+ dev->name, prv->dev->name, addr);
-+ return prv->set_mac_address(prv->dev, addr);
-+
-+}
-+
-+DEBUG_NO_STATIC void
-+ipsec_mast_cache_update(struct hh_cache *hh, struct net_device *dev, unsigned char * haddr)
-+{
-+ struct ipsecpriv *prv = dev->priv;
-+
-+ struct net_device_stats *stats; /* This device's statistics */
-+
-+ if(dev == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_cache_update: "
-+ "no device...");
-+ return;
-+ }
-+
-+ if(prv == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_cache_update: "
-+ "no private space associated with dev=%s",
-+ dev->name ? dev->name : "NULL");
-+ return;
-+ }
-+
-+ stats = (struct net_device_stats *) &(prv->mystats);
-+
-+ if(prv->dev == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_cache_update: "
-+ "no physical device associated with dev=%s",
-+ dev->name ? dev->name : "NULL");
-+ stats->tx_dropped++;
-+ return;
-+ }
-+
-+ if(!prv->header_cache_update) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_cache_update: "
-+ "physical device has been detached, cannot set - skb->dev=%s->NULL\n",
-+ dev->name);
-+ return;
-+ }
-+
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast: "
-+ "Revectored cache_update\n");
-+ prv->header_cache_update(hh, prv->dev, haddr);
-+ return;
-+}
-+
-+DEBUG_NO_STATIC int
-+ipsec_mast_neigh_setup(struct neighbour *n)
-+{
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_neigh_setup:\n");
-+
-+ if (n->nud_state == NUD_NONE) {
-+ n->ops = &arp_broken_ops;
-+ n->output = n->ops->output;
-+ }
-+ return 0;
-+}
-+
-+DEBUG_NO_STATIC int
-+ipsec_mast_neigh_setup_dev(struct net_device *dev, struct neigh_parms *p)
-+{
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_neigh_setup_dev: "
-+ "setting up %s\n",
-+ dev ? dev->name : "NULL");
-+
-+ if (p->tbl->family == AF_INET) {
-+ p->neigh_setup = ipsec_mast_neigh_setup;
-+ p->ucast_probes = 0;
-+ p->mcast_probes = 0;
-+ }
-+ return 0;
-+}
-+
-+/*
-+ * We call the attach routine to attach another device.
-+ */
-+
-+DEBUG_NO_STATIC int
-+ipsec_mast_attach(struct net_device *dev, struct net_device *physdev)
-+{
-+ int i;
-+ struct ipsecpriv *prv = dev->priv;
-+
-+ if(dev == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_attach: "
-+ "no device...");
-+ return -ENODEV;
-+ }
-+
-+ if(prv == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_attach: "
-+ "no private space associated with dev=%s",
-+ dev->name ? dev->name : "NULL");
-+ return -ENODATA;
-+ }
-+
-+ prv->dev = physdev;
-+ prv->hard_start_xmit = physdev->hard_start_xmit;
-+ prv->get_stats = physdev->get_stats;
-+
-+ if (physdev->hard_header) {
-+ prv->hard_header = physdev->hard_header;
-+ dev->hard_header = ipsec_mast_hard_header;
-+ } else
-+ dev->hard_header = NULL;
-+
-+ if (physdev->rebuild_header) {
-+ prv->rebuild_header = physdev->rebuild_header;
-+ dev->rebuild_header = ipsec_mast_rebuild_header;
-+ } else
-+ dev->rebuild_header = NULL;
-+
-+ if (physdev->set_mac_address) {
-+ prv->set_mac_address = physdev->set_mac_address;
-+ dev->set_mac_address = ipsec_mast_set_mac_address;
-+ } else
-+ dev->set_mac_address = NULL;
-+
-+ if (physdev->header_cache_update) {
-+ prv->header_cache_update = physdev->header_cache_update;
-+ dev->header_cache_update = ipsec_mast_cache_update;
-+ } else
-+ dev->header_cache_update = NULL;
-+
-+ dev->hard_header_len = physdev->hard_header_len;
-+
-+/* prv->neigh_setup = physdev->neigh_setup; */
-+ dev->neigh_setup = ipsec_mast_neigh_setup_dev;
-+ dev->mtu = 16260; /* 0xfff0; */ /* dev->mtu; */
-+ prv->mtu = physdev->mtu;
-+
-+#ifdef PHYSDEV_TYPE
-+ dev->type = physdev->type; /* ARPHRD_MAST; */
-+#endif /* PHYSDEV_TYPE */
-+
-+ dev->addr_len = physdev->addr_len;
-+ for (i=0; i<dev->addr_len; i++) {
-+ dev->dev_addr[i] = physdev->dev_addr[i];
-+ }
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(debug_mast & DB_MAST_INIT) {
-+ printk(KERN_INFO "klips_debug:ipsec_mast_attach: "
-+ "physical device %s being attached has HW address: %2x",
-+ physdev->name, physdev->dev_addr[0]);
-+ for (i=1; i < physdev->addr_len; i++) {
-+ printk(":%02x", physdev->dev_addr[i]);
-+ }
-+ printk("\n");
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ return 0;
-+}
-+
-+/*
-+ * We call the detach routine to detach the ipsec mast from another device.
-+ */
-+
-+DEBUG_NO_STATIC int
-+ipsec_mast_detach(struct net_device *dev)
-+{
-+ int i;
-+ struct ipsecpriv *prv = dev->priv;
-+
-+ if(dev == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_detach: "
-+ "no device...");
-+ return -ENODEV;
-+ }
-+
-+ if(prv == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_detach: "
-+ "no private space associated with dev=%s",
-+ dev->name ? dev->name : "NULL");
-+ return -ENODATA;
-+ }
-+
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_detach: "
-+ "physical device %s being detached from virtual device %s\n",
-+ prv->dev ? prv->dev->name : "NULL",
-+ dev->name);
-+
-+ prv->dev = NULL;
-+ prv->hard_start_xmit = NULL;
-+ prv->get_stats = NULL;
-+
-+ prv->hard_header = NULL;
-+#ifdef DETACH_AND_DOWN
-+ dev->hard_header = NULL;
-+#endif /* DETACH_AND_DOWN */
-+
-+ prv->rebuild_header = NULL;
-+#ifdef DETACH_AND_DOWN
-+ dev->rebuild_header = NULL;
-+#endif /* DETACH_AND_DOWN */
-+
-+ prv->set_mac_address = NULL;
-+#ifdef DETACH_AND_DOWN
-+ dev->set_mac_address = NULL;
-+#endif /* DETACH_AND_DOWN */
-+
-+ prv->header_cache_update = NULL;
-+#ifdef DETACH_AND_DOWN
-+ dev->header_cache_update = NULL;
-+#endif /* DETACH_AND_DOWN */
-+
-+#ifdef DETACH_AND_DOWN
-+ dev->neigh_setup = NULL;
-+#endif /* DETACH_AND_DOWN */
-+
-+ dev->hard_header_len = 0;
-+#ifdef DETACH_AND_DOWN
-+ dev->mtu = 0;
-+#endif /* DETACH_AND_DOWN */
-+ prv->mtu = 0;
-+ for (i=0; i<MAX_ADDR_LEN; i++) {
-+ dev->dev_addr[i] = 0;
-+ }
-+ dev->addr_len = 0;
-+#ifdef PHYSDEV_TYPE
-+ dev->type = ARPHRD_VOID; /* ARPHRD_MAST; */
-+#endif /* PHYSDEV_TYPE */
-+
-+ return 0;
-+}
-+
-+/*
-+ * We call the clear routine to detach all ipsec masts from other devices.
-+ */
-+DEBUG_NO_STATIC int
-+ipsec_mast_clear(void)
-+{
-+ int i;
-+ struct net_device *ipsecdev = NULL, *prvdev;
-+ struct ipsecpriv *prv;
-+ char name[9];
-+ int ret;
-+
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_clear: .\n");
-+
-+ for(i = 0; i < IPSEC_NUM_IF; i++) {
-+ sprintf(name, IPSEC_DEV_FORMAT, i);
-+ if((ipsecdev = ipsec_dev_get(name)) != NULL) {
-+ if((prv = (struct ipsecpriv *)(ipsecdev->priv))) {
-+ prvdev = (struct net_device *)(prv->dev);
-+ if(prvdev) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_clear: "
-+ "physical device for device %s is %s\n",
-+ name, prvdev->name);
-+ if((ret = ipsec_mast_detach(ipsecdev))) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_clear: "
-+ "error %d detatching device %s from device %s.\n",
-+ ret, name, prvdev->name);
-+ return ret;
-+ }
-+ }
-+ }
-+ }
-+ }
-+ return 0;
-+}
-+
-+DEBUG_NO_STATIC int
-+ipsec_mast_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
-+{
-+ struct ipsecmastconf *cf = (struct ipsecmastconf *)&ifr->ifr_data;
-+ struct ipsecpriv *prv = dev->priv;
-+ struct net_device *them; /* physical device */
-+#ifdef CONFIG_IP_ALIAS
-+ char *colon;
-+ char realphysname[IFNAMSIZ];
-+#endif /* CONFIG_IP_ALIAS */
-+
-+ if(dev == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_ioctl: "
-+ "device not supplied.\n");
-+ return -ENODEV;
-+ }
-+
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_ioctl: "
-+ "tncfg service call #%d for dev=%s\n",
-+ cmd,
-+ dev->name ? dev->name : "NULL");
-+ switch (cmd) {
-+ /* attach a virtual ipsec? device to a physical device */
-+ case IPSEC_SET_DEV:
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_ioctl: "
-+ "calling ipsec_mast_attatch...\n");
-+#ifdef CONFIG_IP_ALIAS
-+ /* If this is an IP alias interface, get its real physical name */
-+ strncpy(realphysname, cf->cf_name, IFNAMSIZ);
-+ realphysname[IFNAMSIZ-1] = 0;
-+ colon = strchr(realphysname, ':');
-+ if (colon) *colon = 0;
-+ them = ipsec_dev_get(realphysname);
-+#else /* CONFIG_IP_ALIAS */
-+ them = ipsec_dev_get(cf->cf_name);
-+#endif /* CONFIG_IP_ALIAS */
-+
-+ if (them == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_ioctl: "
-+ "physical device %s requested is null\n",
-+ cf->cf_name);
-+ return -ENXIO;
-+ }
-+
-+#if 0
-+ if (them->flags & IFF_UP) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_ioctl: "
-+ "physical device %s requested is not up.\n",
-+ cf->cf_name);
-+ return -ENXIO;
-+ }
-+#endif
-+
-+ if (prv && prv->dev) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_ioctl: "
-+ "virtual device is already connected to %s.\n",
-+ prv->dev->name ? prv->dev->name : "NULL");
-+ return -EBUSY;
-+ }
-+ return ipsec_mast_attach(dev, them);
-+
-+ case IPSEC_DEL_DEV:
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_ioctl: "
-+ "calling ipsec_mast_detatch.\n");
-+ if (! prv->dev) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_ioctl: "
-+ "physical device not connected.\n");
-+ return -ENODEV;
-+ }
-+ return ipsec_mast_detach(dev);
-+
-+ case IPSEC_CLR_DEV:
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_ioctl: "
-+ "calling ipsec_mast_clear.\n");
-+ return ipsec_mast_clear();
-+
-+ default:
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_ioctl: "
-+ "unknown command %d.\n",
-+ cmd);
-+ return -EOPNOTSUPP;
-+ }
-+}
-+
-+int
-+ipsec_mast_device_event(struct notifier_block *unused, unsigned long event, void *ptr)
-+{
-+ struct net_device *dev = ptr;
-+ struct net_device *ipsec_dev;
-+ struct ipsecpriv *priv;
-+ char name[9];
-+ int i;
-+
-+ if (dev == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_device_event: "
-+ "dev=NULL for event type %ld.\n",
-+ event);
-+ return(NOTIFY_DONE);
-+ }
-+
-+ /* check for loopback devices */
-+ if (dev && (dev->flags & IFF_LOOPBACK)) {
-+ return(NOTIFY_DONE);
-+ }
-+
-+ switch (event) {
-+ case NETDEV_DOWN:
-+ /* look very carefully at the scope of these compiler
-+ directives before changing anything... -- RGB */
-+
-+ case NETDEV_UNREGISTER:
-+ switch (event) {
-+ case NETDEV_DOWN:
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_device_event: "
-+ "NETDEV_DOWN dev=%s flags=%x\n",
-+ dev->name,
-+ dev->flags);
-+ if(strncmp(dev->name, "ipsec", strlen("ipsec")) == 0) {
-+ printk(KERN_CRIT "IPSEC EVENT: KLIPS device %s shut down.\n",
-+ dev->name);
-+ }
-+ break;
-+ case NETDEV_UNREGISTER:
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_device_event: "
-+ "NETDEV_UNREGISTER dev=%s flags=%x\n",
-+ dev->name,
-+ dev->flags);
-+ break;
-+ }
-+
-+ /* find the attached physical device and detach it. */
-+ for(i = 0; i < IPSEC_NUM_IF; i++) {
-+ sprintf(name, IPSEC_DEV_FORMAT, i);
-+ ipsec_dev = ipsec_dev_get(name);
-+ if(ipsec_dev) {
-+ priv = (struct ipsecpriv *)(ipsec_dev->priv);
-+ if(priv) {
-+ ;
-+ if(((struct net_device *)(priv->dev)) == dev) {
-+ /* dev_close(ipsec_dev); */
-+ /* return */ ipsec_mast_detach(ipsec_dev);
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_device_event: "
-+ "device '%s' has been detached.\n",
-+ ipsec_dev->name);
-+ break;
-+ }
-+ } else {
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_device_event: "
-+ "device '%s' has no private data space!\n",
-+ ipsec_dev->name);
-+ }
-+ }
-+ }
-+ break;
-+ case NETDEV_UP:
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_device_event: "
-+ "NETDEV_UP dev=%s\n",
-+ dev->name);
-+ break;
-+ case NETDEV_REBOOT:
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_device_event: "
-+ "NETDEV_REBOOT dev=%s\n",
-+ dev->name);
-+ break;
-+ case NETDEV_CHANGE:
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_device_event: "
-+ "NETDEV_CHANGE dev=%s flags=%x\n",
-+ dev->name,
-+ dev->flags);
-+ break;
-+ case NETDEV_REGISTER:
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_device_event: "
-+ "NETDEV_REGISTER dev=%s\n",
-+ dev->name);
-+ break;
-+ case NETDEV_CHANGEMTU:
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_device_event: "
-+ "NETDEV_CHANGEMTU dev=%s to mtu=%d\n",
-+ dev->name,
-+ dev->mtu);
-+ break;
-+ case NETDEV_CHANGEADDR:
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_device_event: "
-+ "NETDEV_CHANGEADDR dev=%s\n",
-+ dev->name);
-+ break;
-+ case NETDEV_GOING_DOWN:
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_device_event: "
-+ "NETDEV_GOING_DOWN dev=%s\n",
-+ dev->name);
-+ break;
-+ case NETDEV_CHANGENAME:
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_device_event: "
-+ "NETDEV_CHANGENAME dev=%s\n",
-+ dev->name);
-+ break;
-+ default:
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_device_event: "
-+ "event type %ld unrecognised for dev=%s\n",
-+ event,
-+ dev->name);
-+ break;
-+ }
-+ return NOTIFY_DONE;
-+}
-+
-+/*
-+ * Called when an ipsec mast device is initialized.
-+ * The ipsec mast device structure is passed to us.
-+ */
-+
-+int
-+ipsec_mast_init(struct net_device *dev)
-+{
-+ int i;
-+
-+ KLIPS_PRINT(debug_mast,
-+ "klips_debug:ipsec_mast_init: "
-+ "allocating %lu bytes initialising device: %s\n",
-+ (unsigned long) sizeof(struct ipsecpriv),
-+ dev->name ? dev->name : "NULL");
-+
-+ /* Add our mast functions to the device */
-+ dev->open = ipsec_mast_open;
-+ dev->stop = ipsec_mast_close;
-+ dev->hard_start_xmit = ipsec_mast_start_xmit;
-+ dev->get_stats = ipsec_mast_get_stats;
-+
-+ dev->priv = kmalloc(sizeof(struct ipsecpriv), GFP_KERNEL);
-+ if (dev->priv == NULL)
-+ return -ENOMEM;
-+ memset((caddr_t)(dev->priv), 0, sizeof(struct ipsecpriv));
-+
-+ for(i = 0; i < sizeof(zeroes); i++) {
-+ ((__u8*)(zeroes))[i] = 0;
-+ }
-+
-+ dev->set_multicast_list = NULL;
-+ dev->do_ioctl = ipsec_mast_ioctl;
-+ dev->hard_header = NULL;
-+ dev->rebuild_header = NULL;
-+ dev->set_mac_address = NULL;
-+ dev->header_cache_update= NULL;
-+ dev->neigh_setup = ipsec_mast_neigh_setup_dev;
-+ dev->hard_header_len = 0;
-+ dev->mtu = 0;
-+ dev->addr_len = 0;
-+ dev->type = ARPHRD_VOID; /* ARPHRD_MAST; */ /* ARPHRD_ETHER; */
-+ dev->tx_queue_len = 10; /* Small queue */
-+ memset((caddr_t)(dev->broadcast),0xFF, ETH_ALEN); /* what if this is not attached to ethernet? */
-+
-+ /* New-style flags. */
-+ dev->flags = IFF_NOARP /* 0 */ /* Petr Novak */;
-+ dev_init_buffers(dev);
-+
-+ /* We're done. Have I forgotten anything? */
-+ return 0;
-+}
-+
-+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
-+/* Module specific interface (but it links with the rest of IPSEC) */
-+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
-+
-+int
-+ipsec_mast_probe(struct net_device *dev)
-+{
-+ ipsec_mast_init(dev);
-+ return 0;
-+}
-+
-+int
-+ipsec_mast_init_devices(void)
-+{
-+ return 0;
-+}
-+
-+/* void */
-+int
-+ipsec_mast_cleanup_devices(void)
-+{
-+ int error = 0;
-+ int i;
-+ char name[10];
-+ struct net_device *dev_mast;
-+
-+ for(i = 0; i < ipsec_mastdevice_count; i++) {
-+ sprintf(name, MAST_DEV_FORMAT, i);
-+ if((dev_mast = ipsec_dev_get(name)) == NULL) {
-+ break;
-+ }
-+ unregister_netdev(dev_mast);
-+ kfree(dev_mast->priv);
-+ dev_mast->priv=NULL;
-+ }
-+ return error;
-+}
-+
-+/*
-+ * $Log: ipsec_mast.c,v $
-+ * Revision 1.7.2.1 2006-10-06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.7 2005/04/29 05:10:22 mcr
-+ * removed from extraenous includes to make unit testing easier.
-+ *
-+ * Revision 1.6 2004/12/03 21:25:57 mcr
-+ * compile time fixes for running on 2.6.
-+ * still experimental.
-+ *
-+ * Revision 1.5 2004/08/03 18:19:08 mcr
-+ * in 2.6, use "net_device" instead of #define device->net_device.
-+ * this probably breaks 2.0 compiles.
-+ *
-+ * Revision 1.4 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.3 2003/10/31 02:27:55 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.2.4.1 2003/10/29 01:30:41 mcr
-+ * elimited "struct sa_id".
-+ *
-+ * Revision 1.2 2003/06/22 20:06:17 mcr
-+ * refactored mast code still had lots of ipsecX junk in it.
-+ *
-+ * Revision 1.1 2003/02/12 19:31:12 rgb
-+ * Refactored from ipsec_tunnel.c
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_md5c.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,453 @@
-+/*
-+ * RCSID $Id: ipsec_md5c.c,v 1.10 2005-04-15 01:25:57 mcr Exp $
-+ */
-+
-+/*
-+ * The rest of the code is derived from MD5C.C by RSADSI. Minor cosmetic
-+ * changes to accomodate it in the kernel by ji.
-+ */
-+
-+#include <asm/byteorder.h>
-+#include <linux/string.h>
-+
-+#include "openswan/ipsec_md5h.h"
-+
-+/* MD5C.C - RSA Data Security, Inc., MD5 message-digest algorithm
-+ */
-+
-+/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
-+rights reserved.
-+
-+License to copy and use this software is granted provided that it
-+is identified as the "RSA Data Security, Inc. MD5 Message-Digest
-+Algorithm" in all material mentioning or referencing this software
-+or this function.
-+
-+License is also granted to make and use derivative works provided
-+that such works are identified as "derived from the RSA Data
-+Security, Inc. MD5 Message-Digest Algorithm" in all material
-+mentioning or referencing the derived work.
-+
-+RSA Data Security, Inc. makes no representations concerning either
-+the merchantability of this software or the suitability of this
-+software for any particular purpose. It is provided "as is"
-+without express or implied warranty of any kind.
-+
-+These notices must be retained in any copies of any part of this
-+documentation and/or software.
-+ */
-+
-+/*
-+ * Additions by JI
-+ *
-+ * HAVEMEMCOPY is defined if mem* routines are available
-+ *
-+ * HAVEHTON is defined if htons() and htonl() can be used
-+ * for big/little endian conversions
-+ *
-+ */
-+
-+#define HAVEMEMCOPY
-+#ifdef __LITTLE_ENDIAN
-+#define LITTLENDIAN
-+#endif
-+#ifdef __BIG_ENDIAN
-+#define BIGENDIAN
-+#endif
-+
-+/* Constants for MD5Transform routine.
-+ */
-+
-+#define S11 7
-+#define S12 12
-+#define S13 17
-+#define S14 22
-+#define S21 5
-+#define S22 9
-+#define S23 14
-+#define S24 20
-+#define S31 4
-+#define S32 11
-+#define S33 16
-+#define S34 23
-+#define S41 6
-+#define S42 10
-+#define S43 15
-+#define S44 21
-+
-+static void MD5Transform PROTO_LIST ((UINT4 [4], unsigned char [64]));
-+
-+#ifdef LITTLEENDIAN
-+#define Encode MD5_memcpy
-+#define Decode MD5_memcpy
-+#else
-+static void Encode PROTO_LIST
-+ ((unsigned char *, UINT4 *, unsigned int));
-+static void Decode PROTO_LIST
-+ ((UINT4 *, unsigned char *, unsigned int));
-+#endif
-+
-+#ifdef HAVEMEMCOPY
-+/* no need to include <memory.h> here; <linux/string.h> defines these */
-+#define MD5_memcpy memcpy
-+#define MD5_memset memset
-+#else
-+#ifdef HAVEBCOPY
-+#define MD5_memcpy(_a,_b,_c) bcopy((_b),(_a),(_c))
-+#define MD5_memset(_a,_b,_c) bzero((_a),(_c))
-+#else
-+static void MD5_memcpy PROTO_LIST ((POINTER, POINTER, unsigned int));
-+static void MD5_memset PROTO_LIST ((POINTER, int, unsigned int));
-+#endif
-+#endif
-+static unsigned char PADDING[64] = {
-+ 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
-+};
-+
-+/* F, G, H and I are basic MD5 functions.
-+ */
-+#define F(x, y, z) (((x) & (y)) | ((~x) & (z)))
-+#define G(x, y, z) (((x) & (z)) | ((y) & (~z)))
-+#define H(x, y, z) ((x) ^ (y) ^ (z))
-+#define I(x, y, z) ((y) ^ ((x) | (~z)))
-+
-+/* ROTATE_LEFT rotates x left n bits.
-+ */
-+#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n))))
-+
-+/* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4.
-+Rotation is separate from addition to prevent recomputation.
-+ */
-+#define FF(a, b, c, d, x, s, ac) { \
-+ (a) += F ((b), (c), (d)) + (x) + (UINT4)(ac); \
-+ (a) = ROTATE_LEFT ((a), (s)); \
-+ (a) += (b); \
-+ }
-+#define GG(a, b, c, d, x, s, ac) { \
-+ (a) += G ((b), (c), (d)) + (x) + (UINT4)(ac); \
-+ (a) = ROTATE_LEFT ((a), (s)); \
-+ (a) += (b); \
-+ }
-+#define HH(a, b, c, d, x, s, ac) { \
-+ (a) += H ((b), (c), (d)) + (x) + (UINT4)(ac); \
-+ (a) = ROTATE_LEFT ((a), (s)); \
-+ (a) += (b); \
-+ }
-+#define II(a, b, c, d, x, s, ac) { \
-+ (a) += I ((b), (c), (d)) + (x) + (UINT4)(ac); \
-+ (a) = ROTATE_LEFT ((a), (s)); \
-+ (a) += (b); \
-+ }
-+
-+/*
-+ * MD5 initialization. Begins an MD5 operation, writing a new context.
-+ */
-+void osMD5Init(void *vcontext)
-+{
-+ MD5_CTX *context = vcontext;
-+
-+ context->count[0] = context->count[1] = 0;
-+ /* Load magic initialization constants.*/
-+ context->state[0] = 0x67452301;
-+ context->state[1] = 0xefcdab89;
-+ context->state[2] = 0x98badcfe;
-+ context->state[3] = 0x10325476;
-+}
-+
-+/* MD5 block update operation. Continues an MD5 message-digest
-+ operation, processing another message block, and updating the
-+ context.
-+ */
-+void osMD5Update (vcontext, input, inputLen)
-+ void *vcontext;
-+ unsigned char *input; /* input block */
-+ __u32 inputLen; /* length of input block */
-+{
-+ MD5_CTX *context = vcontext;
-+ __u32 i;
-+ unsigned int index, partLen;
-+
-+ /* Compute number of bytes mod 64 */
-+ index = (unsigned int)((context->count[0] >> 3) & 0x3F);
-+
-+ /* Update number of bits */
-+ if ((context->count[0] += ((UINT4)inputLen << 3))
-+ < ((UINT4)inputLen << 3))
-+ context->count[1]++;
-+ context->count[1] += ((UINT4)inputLen >> 29);
-+
-+ partLen = 64 - index;
-+
-+ /* Transform as many times as possible.
-+*/
-+ if (inputLen >= partLen) {
-+ MD5_memcpy
-+ ((POINTER)&context->buffer[index], (POINTER)input, partLen);
-+ MD5Transform (context->state, context->buffer);
-+
-+ for (i = partLen; i + 63 < inputLen; i += 64)
-+ MD5Transform (context->state, &input[i]);
-+
-+ index = 0;
-+ }
-+ else
-+ i = 0;
-+
-+ /* Buffer remaining input */
-+ MD5_memcpy
-+ ((POINTER)&context->buffer[index], (POINTER)&input[i],
-+ inputLen-i);
-+}
-+
-+/* MD5 finalization. Ends an MD5 message-digest operation, writing the
-+ the message digest and zeroizing the context.
-+ */
-+void osMD5Final (digest, vcontext)
-+unsigned char digest[16]; /* message digest */
-+void *vcontext; /* context */
-+{
-+ MD5_CTX *context = vcontext;
-+ unsigned char bits[8];
-+ unsigned int index, padLen;
-+
-+ /* Save number of bits */
-+ Encode (bits, context->count, 8);
-+
-+ /* Pad out to 56 mod 64.
-+*/
-+ index = (unsigned int)((context->count[0] >> 3) & 0x3f);
-+ padLen = (index < 56) ? (56 - index) : (120 - index);
-+ osMD5Update (context, PADDING, padLen);
-+
-+ /* Append length (before padding) */
-+ osMD5Update (context, bits, 8);
-+
-+ if (digest != NULL) /* Bill Simpson's padding */
-+ {
-+ /* store state in digest */
-+ Encode (digest, context->state, 16);
-+
-+ /* Zeroize sensitive information.
-+ */
-+ MD5_memset ((POINTER)context, 0, sizeof (*context));
-+ }
-+}
-+
-+/* MD5 basic transformation. Transforms state based on block.
-+ */
-+static void MD5Transform (state, block)
-+UINT4 state[4];
-+unsigned char block[64];
-+{
-+ UINT4 a = state[0], b = state[1], c = state[2], d = state[3], x[16];
-+
-+ Decode (x, block, 64);
-+
-+ /* Round 1 */
-+ FF (a, b, c, d, x[ 0], S11, 0xd76aa478); /* 1 */
-+ FF (d, a, b, c, x[ 1], S12, 0xe8c7b756); /* 2 */
-+ FF (c, d, a, b, x[ 2], S13, 0x242070db); /* 3 */
-+ FF (b, c, d, a, x[ 3], S14, 0xc1bdceee); /* 4 */
-+ FF (a, b, c, d, x[ 4], S11, 0xf57c0faf); /* 5 */
-+ FF (d, a, b, c, x[ 5], S12, 0x4787c62a); /* 6 */
-+ FF (c, d, a, b, x[ 6], S13, 0xa8304613); /* 7 */
-+ FF (b, c, d, a, x[ 7], S14, 0xfd469501); /* 8 */
-+ FF (a, b, c, d, x[ 8], S11, 0x698098d8); /* 9 */
-+ FF (d, a, b, c, x[ 9], S12, 0x8b44f7af); /* 10 */
-+ FF (c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */
-+ FF (b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */
-+ FF (a, b, c, d, x[12], S11, 0x6b901122); /* 13 */
-+ FF (d, a, b, c, x[13], S12, 0xfd987193); /* 14 */
-+ FF (c, d, a, b, x[14], S13, 0xa679438e); /* 15 */
-+ FF (b, c, d, a, x[15], S14, 0x49b40821); /* 16 */
-+
-+ /* Round 2 */
-+ GG (a, b, c, d, x[ 1], S21, 0xf61e2562); /* 17 */
-+ GG (d, a, b, c, x[ 6], S22, 0xc040b340); /* 18 */
-+ GG (c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */
-+ GG (b, c, d, a, x[ 0], S24, 0xe9b6c7aa); /* 20 */
-+ GG (a, b, c, d, x[ 5], S21, 0xd62f105d); /* 21 */
-+ GG (d, a, b, c, x[10], S22, 0x2441453); /* 22 */
-+ GG (c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */
-+ GG (b, c, d, a, x[ 4], S24, 0xe7d3fbc8); /* 24 */
-+ GG (a, b, c, d, x[ 9], S21, 0x21e1cde6); /* 25 */
-+ GG (d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */
-+ GG (c, d, a, b, x[ 3], S23, 0xf4d50d87); /* 27 */
-+ GG (b, c, d, a, x[ 8], S24, 0x455a14ed); /* 28 */
-+ GG (a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */
-+ GG (d, a, b, c, x[ 2], S22, 0xfcefa3f8); /* 30 */
-+ GG (c, d, a, b, x[ 7], S23, 0x676f02d9); /* 31 */
-+ GG (b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */
-+
-+ /* Round 3 */
-+ HH (a, b, c, d, x[ 5], S31, 0xfffa3942); /* 33 */
-+ HH (d, a, b, c, x[ 8], S32, 0x8771f681); /* 34 */
-+ HH (c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */
-+ HH (b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */
-+ HH (a, b, c, d, x[ 1], S31, 0xa4beea44); /* 37 */
-+ HH (d, a, b, c, x[ 4], S32, 0x4bdecfa9); /* 38 */
-+ HH (c, d, a, b, x[ 7], S33, 0xf6bb4b60); /* 39 */
-+ HH (b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */
-+ HH (a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */
-+ HH (d, a, b, c, x[ 0], S32, 0xeaa127fa); /* 42 */
-+ HH (c, d, a, b, x[ 3], S33, 0xd4ef3085); /* 43 */
-+ HH (b, c, d, a, x[ 6], S34, 0x4881d05); /* 44 */
-+ HH (a, b, c, d, x[ 9], S31, 0xd9d4d039); /* 45 */
-+ HH (d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */
-+ HH (c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */
-+ HH (b, c, d, a, x[ 2], S34, 0xc4ac5665); /* 48 */
-+
-+ /* Round 4 */
-+ II (a, b, c, d, x[ 0], S41, 0xf4292244); /* 49 */
-+ II (d, a, b, c, x[ 7], S42, 0x432aff97); /* 50 */
-+ II (c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */
-+ II (b, c, d, a, x[ 5], S44, 0xfc93a039); /* 52 */
-+ II (a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */
-+ II (d, a, b, c, x[ 3], S42, 0x8f0ccc92); /* 54 */
-+ II (c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */
-+ II (b, c, d, a, x[ 1], S44, 0x85845dd1); /* 56 */
-+ II (a, b, c, d, x[ 8], S41, 0x6fa87e4f); /* 57 */
-+ II (d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */
-+ II (c, d, a, b, x[ 6], S43, 0xa3014314); /* 59 */
-+ II (b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */
-+ II (a, b, c, d, x[ 4], S41, 0xf7537e82); /* 61 */
-+ II (d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */
-+ II (c, d, a, b, x[ 2], S43, 0x2ad7d2bb); /* 63 */
-+ II (b, c, d, a, x[ 9], S44, 0xeb86d391); /* 64 */
-+
-+ state[0] += a;
-+ state[1] += b;
-+ state[2] += c;
-+ state[3] += d;
-+
-+ /* Zeroize sensitive information.
-+*/
-+ MD5_memset ((POINTER)x, 0, sizeof (x));
-+}
-+
-+#ifndef LITTLEENDIAN
-+
-+/* Encodes input (UINT4) into output (unsigned char). Assumes len is
-+ a multiple of 4.
-+ */
-+static void Encode (output, input, len)
-+unsigned char *output;
-+UINT4 *input;
-+unsigned int len;
-+{
-+ unsigned int i, j;
-+
-+ for (i = 0, j = 0; j < len; i++, j += 4) {
-+ output[j] = (unsigned char)(input[i] & 0xff);
-+ output[j+1] = (unsigned char)((input[i] >> 8) & 0xff);
-+ output[j+2] = (unsigned char)((input[i] >> 16) & 0xff);
-+ output[j+3] = (unsigned char)((input[i] >> 24) & 0xff);
-+ }
-+}
-+
-+/* Decodes input (unsigned char) into output (UINT4). Assumes len is
-+ a multiple of 4.
-+ */
-+static void Decode (output, input, len)
-+UINT4 *output;
-+unsigned char *input;
-+unsigned int len;
-+{
-+ unsigned int i, j;
-+
-+ for (i = 0, j = 0; j < len; i++, j += 4)
-+ output[i] = ((UINT4)input[j]) | (((UINT4)input[j+1]) << 8) |
-+ (((UINT4)input[j+2]) << 16) | (((UINT4)input[j+3]) << 24);
-+}
-+
-+#endif
-+
-+#ifndef HAVEMEMCOPY
-+#ifndef HAVEBCOPY
-+/* Note: Replace "for loop" with standard memcpy if possible.
-+ */
-+
-+static void MD5_memcpy (output, input, len)
-+POINTER output;
-+POINTER input;
-+unsigned int len;
-+{
-+ unsigned int i;
-+
-+ for (i = 0; i < len; i++)
-+
-+ output[i] = input[i];
-+}
-+
-+/* Note: Replace "for loop" with standard memset if possible.
-+ */
-+
-+static void MD5_memset (output, value, len)
-+POINTER output;
-+int value;
-+unsigned int len;
-+{
-+ unsigned int i;
-+
-+ for (i = 0; i < len; i++)
-+ ((char *)output)[i] = (char)value;
-+}
-+#endif
-+#endif
-+
-+/*
-+ * $Log: ipsec_md5c.c,v $
-+ * Revision 1.10 2005-04-15 01:25:57 mcr
-+ * minor fix to comments.
-+ *
-+ * Revision 1.9 2004/09/08 17:21:36 ken
-+ * Rename MD5* -> osMD5 functions to prevent clashes with other symbols exported by kernel modules (CIFS in 2.6 initiated this)
-+ *
-+ * Revision 1.8 2004/04/06 02:49:26 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.7 2002/09/10 01:45:14 mcr
-+ * changed type of MD5_CTX and SHA1_CTX to void * so that
-+ * the function prototypes would match, and could be placed
-+ * into a pointer to a function.
-+ *
-+ * Revision 1.6 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.5 2002/04/24 07:36:28 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_md5c.c,v
-+ *
-+ * Revision 1.4 1999/12/13 13:59:12 rgb
-+ * Quick fix to argument size to Update bugs.
-+ *
-+ * Revision 1.3 1999/05/21 18:09:28 henry
-+ * unnecessary <memory.h> include causes trouble in 2.2
-+ *
-+ * Revision 1.2 1999/04/06 04:54:26 rgb
-+ * Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+ * patch shell fixes.
-+ *
-+ * Revision 1.1 1998/06/18 21:27:48 henry
-+ * move sources from klips/src to klips/net/ipsec, to keep stupid
-+ * kernel-build scripts happier in the presence of symlinks
-+ *
-+ * Revision 1.2 1998/04/23 20:54:02 rgb
-+ * Fixed md5 and sha1 include file nesting issues, to be cleaned up when
-+ * verified.
-+ *
-+ * Revision 1.1 1998/04/09 03:06:08 henry
-+ * sources moved up from linux/net/ipsec
-+ *
-+ * Revision 1.1.1.1 1998/04/08 05:35:04 henry
-+ * RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
-+ *
-+ * Revision 0.3 1996/11/20 14:48:53 ji
-+ * Release update only.
-+ *
-+ * Revision 0.2 1996/11/02 00:18:33 ji
-+ * First limited release.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_proc.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,1206 @@
-+/*
-+ * @(#) /proc file system interface code.
-+ *
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998, 1999, 2000, 2001 Richard Guy Briggs <rgb@freeswan.org>
-+ * 2001 Michael Richardson <mcr@freeswan.org>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * Split out from ipsec_init.c version 1.70.
-+ */
-+
-+char ipsec_proc_c_version[] = "RCSID $Id: ipsec_proc.c,v 1.39.2.7 2007-11-06 18:24:44 paul Exp $";
-+
-+
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+#define __NO_VERSION__
-+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0)
-+#include <linux/moduleparam.h>
-+#endif
-+#include <linux/module.h>
-+#include <linux/kernel.h> /* printk() */
-+#include <linux/ip.h> /* struct iphdr */
-+
-+#include "openswan/ipsec_kversion.h"
-+#include "openswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/interrupt.h> /* mark_bh */
-+
-+#include <linux/netdevice.h> /* struct device, and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/in.h> /* struct sockaddr_in */
-+#include <linux/skbuff.h>
-+#include <asm/uaccess.h> /* copy_from_user */
-+#include <openswan.h>
-+#ifdef SPINLOCK
-+#ifdef SPINLOCK_23
-+#include <linux/spinlock.h> /* *lock* */
-+#else /* SPINLOCK_23 */
-+#include <asm/spinlock.h> /* *lock* */
-+#endif /* SPINLOCK_23 */
-+#endif /* SPINLOCK */
-+
-+#include <net/ip.h>
-+#ifdef CONFIG_PROC_FS
-+#include <linux/proc_fs.h>
-+#endif /* CONFIG_PROC_FS */
-+#ifdef NETLINK_SOCK
-+#include <linux/netlink.h>
-+#else
-+#include <net/netlink.h>
-+#endif
-+
-+#include "openswan/radij.h"
-+
-+#include "openswan/ipsec_life.h"
-+#include "openswan/ipsec_stats.h"
-+#include "openswan/ipsec_sa.h"
-+
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_radij.h"
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_tunnel.h"
-+#include "openswan/ipsec_xmit.h"
-+
-+#include "openswan/ipsec_rcv.h"
-+#include "openswan/ipsec_ah.h"
-+#include "openswan/ipsec_esp.h"
-+#include "openswan/ipsec_kern24.h"
-+
-+#ifdef CONFIG_KLIPS_IPCOMP
-+#include "openswan/ipcomp.h"
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+
-+#include "openswan/ipsec_proto.h"
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+#ifdef CONFIG_PROC_FS
-+
-+#ifdef IPSEC_PROC_SUBDIRS
-+static struct proc_dir_entry *proc_net_ipsec_dir = NULL;
-+static struct proc_dir_entry *proc_eroute_dir = NULL;
-+static struct proc_dir_entry *proc_spi_dir = NULL;
-+static struct proc_dir_entry *proc_spigrp_dir = NULL;
-+static struct proc_dir_entry *proc_birth_dir = NULL;
-+static struct proc_dir_entry *proc_stats_dir = NULL;
-+#endif
-+
-+struct ipsec_birth_reply ipsec_ipv4_birth_packet;
-+struct ipsec_birth_reply ipsec_ipv6_birth_packet;
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+int debug_esp = 0;
-+int debug_ah = 0;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+#define DECREMENT_UNSIGNED(X, amount) ((amount < (X)) ? (X)-amount : 0)
-+
-+#ifdef CONFIG_KLIPS_ALG
-+extern int ipsec_xform_get_info(char *buffer, char **start,
-+ off_t offset, int length IPSEC_PROC_LAST_ARG);
-+#endif /* CONFIG_KLIPS_ALG */
-+
-+
-+IPSEC_PROCFS_DEBUG_NO_STATIC
-+int
-+ipsec_eroute_get_info(char *buffer,
-+ char **start,
-+ off_t offset,
-+ int length IPSEC_PROC_LAST_ARG)
-+{
-+ struct wsbuf w = {buffer, length, offset, 0, 0};
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if (debug_radij & DB_RJ_DUMPTREES)
-+ rj_dumptrees(); /* XXXXXXXXX */
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_PROCFS,
-+ "klips_debug:ipsec_eroute_get_info: "
-+ "buffer=0p%p, *start=0p%p, offset=%d, length=%d\n",
-+ buffer,
-+ *start,
-+ (int)offset,
-+ length);
-+
-+ spin_lock_bh(&eroute_lock);
-+
-+ rj_walktree(rnh, ipsec_rj_walker_procprint, &w);
-+/* rj_walktree(mask_rjhead, ipsec_rj_walker_procprint, &w); */
-+
-+ spin_unlock_bh(&eroute_lock);
-+
-+ *start = buffer + (offset - w.begin); /* Start of wanted data */
-+ return w.len - (offset - w.begin);
-+}
-+
-+IPSEC_PROCFS_DEBUG_NO_STATIC
-+int
-+ipsec_spi_get_info(char *buffer,
-+ char **start,
-+ off_t offset,
-+ int length IPSEC_PROC_LAST_ARG)
-+{
-+ const int max_content = length > 0? length-1 : 0;
-+ int len = 0;
-+ off_t begin = 0;
-+ int i;
-+ struct ipsec_sa *sa_p;
-+ char sa[SATOT_BUF];
-+ char buf_s[SUBNETTOA_BUF];
-+ char buf_d[SUBNETTOA_BUF];
-+ size_t sa_len;
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_PROCFS,
-+ "klips_debug:ipsec_spi_get_info: "
-+ "buffer=0p%p, *start=0p%p, offset=%d, length=%d\n",
-+ buffer,
-+ *start,
-+ (int)offset,
-+ length);
-+
-+ spin_lock_bh(&tdb_lock);
-+
-+ for (i = 0; i < SADB_HASHMOD; i++) {
-+ for (sa_p = ipsec_sadb_hash[i];
-+ sa_p;
-+ sa_p = sa_p->ips_hnext) {
-+ atomic_inc(&sa_p->ips_refcount);
-+ sa_len = satot(&sa_p->ips_said, 'x', sa, sizeof(sa));
-+ len += ipsec_snprintf(buffer+len, length-len, "%s ",
-+ sa_len ? sa : " (error)");
-+
-+ len += ipsec_snprintf(buffer+len, length-len, "%s%s%s",
-+ IPS_XFORM_NAME(sa_p));
-+
-+ len += ipsec_snprintf(buffer+len, length-len, ": dir=%s",
-+ (sa_p->ips_flags & EMT_INBOUND) ?
-+ "in " : "out");
-+
-+ if(sa_p->ips_addr_s) {
-+ addrtoa(((struct sockaddr_in*)(sa_p->ips_addr_s))->sin_addr,
-+ 0, buf_s, sizeof(buf_s));
-+ len += ipsec_snprintf(buffer+len, length-len, " src=%s",
-+ buf_s);
-+ }
-+
-+ if((sa_p->ips_said.proto == IPPROTO_IPIP)
-+ && (sa_p->ips_flags & SADB_X_SAFLAGS_INFLOW)) {
-+ subnettoa(sa_p->ips_flow_s.u.v4.sin_addr,
-+ sa_p->ips_mask_s.u.v4.sin_addr,
-+ 0,
-+ buf_s,
-+ sizeof(buf_s));
-+
-+ subnettoa(sa_p->ips_flow_d.u.v4.sin_addr,
-+ sa_p->ips_mask_d.u.v4.sin_addr,
-+ 0,
-+ buf_d,
-+ sizeof(buf_d));
-+
-+ len += ipsec_snprintf(buffer+len, length-len, " policy=%s->%s",
-+ buf_s, buf_d);
-+ }
-+
-+ if(sa_p->ips_iv_bits) {
-+ int j;
-+ len += ipsec_snprintf(buffer+len, length-len, " iv_bits=%dbits iv=0x",
-+ sa_p->ips_iv_bits);
-+
-+ for(j = 0; j < sa_p->ips_iv_bits / 8; j++) {
-+ len += ipsec_snprintf(buffer+len, length-len, "%02x",
-+ (__u32)((__u8*)(sa_p->ips_iv))[j]);
-+ }
-+ }
-+
-+ if(sa_p->ips_encalg || sa_p->ips_authalg) {
-+ if(sa_p->ips_replaywin) {
-+ len += ipsec_snprintf(buffer+len, length-len, " ooowin=%d",
-+ sa_p->ips_replaywin);
-+ }
-+ if(sa_p->ips_errs.ips_replaywin_errs) {
-+ len += ipsec_snprintf(buffer+len, length-len, " ooo_errs=%d",
-+ sa_p->ips_errs.ips_replaywin_errs);
-+ }
-+ if(sa_p->ips_replaywin_lastseq) {
-+ len += ipsec_snprintf(buffer+len, length-len, " seq=%d",
-+ sa_p->ips_replaywin_lastseq);
-+ }
-+ if(sa_p->ips_replaywin_bitmap) {
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,3,0)
-+ len += ipsec_snprintf(buffer+len, length-len, " bit=0x%Lx",
-+ sa_p->ips_replaywin_bitmap);
-+#else
-+ len += ipsec_snprintf(buffer+len, length-len, " bit=0x%x%08x",
-+ (__u32)(sa_p->ips_replaywin_bitmap >> 32),
-+ (__u32)sa_p->ips_replaywin_bitmap);
-+#endif
-+ }
-+ if(sa_p->ips_replaywin_maxdiff) {
-+ len += ipsec_snprintf(buffer+len, length-len, " max_seq_diff=%d",
-+ sa_p->ips_replaywin_maxdiff);
-+ }
-+ }
-+ if(sa_p->ips_flags & ~EMT_INBOUND) {
-+ len += ipsec_snprintf(buffer+len, length-len, " flags=0x%x",
-+ sa_p->ips_flags & ~EMT_INBOUND);
-+ len += ipsec_snprintf(buffer+len, length-len, "<");
-+ /* flag printing goes here */
-+ len += ipsec_snprintf(buffer+len, length-len, ">");
-+ }
-+ if(sa_p->ips_auth_bits) {
-+ len += ipsec_snprintf(buffer+len, length-len, " alen=%d",
-+ sa_p->ips_auth_bits);
-+ }
-+ if(sa_p->ips_key_bits_a) {
-+ len += ipsec_snprintf(buffer+len, length-len, " aklen=%d",
-+ sa_p->ips_key_bits_a);
-+ }
-+ if(sa_p->ips_errs.ips_auth_errs) {
-+ len += ipsec_snprintf(buffer+len, length-len, " auth_errs=%d",
-+ sa_p->ips_errs.ips_auth_errs);
-+ }
-+ if(sa_p->ips_key_bits_e) {
-+ len += ipsec_snprintf(buffer+len, length-len, " eklen=%d",
-+ sa_p->ips_key_bits_e);
-+ }
-+ if(sa_p->ips_errs.ips_encsize_errs) {
-+ len += ipsec_snprintf(buffer+len, length-len, " encr_size_errs=%d",
-+ sa_p->ips_errs.ips_encsize_errs);
-+ }
-+ if(sa_p->ips_errs.ips_encpad_errs) {
-+ len += ipsec_snprintf(buffer+len, length-len, " encr_pad_errs=%d",
-+ sa_p->ips_errs.ips_encpad_errs);
-+ }
-+
-+ len += ipsec_snprintf(buffer+len, length-len, " life(c,s,h)=");
-+
-+ len += ipsec_lifetime_format(buffer + len,
-+ length - len,
-+ "alloc",
-+ ipsec_life_countbased,
-+ &sa_p->ips_life.ipl_allocations);
-+
-+ len += ipsec_lifetime_format(buffer + len,
-+ length - len,
-+ "bytes",
-+ ipsec_life_countbased,
-+ &sa_p->ips_life.ipl_bytes);
-+
-+ len += ipsec_lifetime_format(buffer + len,
-+ length - len,
-+ "addtime",
-+ ipsec_life_timebased,
-+ &sa_p->ips_life.ipl_addtime);
-+
-+ len += ipsec_lifetime_format(buffer + len,
-+ length - len,
-+ "usetime",
-+ ipsec_life_timebased,
-+ &sa_p->ips_life.ipl_usetime);
-+
-+ len += ipsec_lifetime_format(buffer + len,
-+ length - len,
-+ "packets",
-+ ipsec_life_countbased,
-+ &sa_p->ips_life.ipl_packets);
-+
-+ if(sa_p->ips_life.ipl_usetime.ipl_last) { /* XXX-MCR should be last? */
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,3,0)
-+ len += ipsec_snprintf(buffer+len, length-len, " idle=%Ld",
-+ jiffies / HZ - sa_p->ips_life.ipl_usetime.ipl_last);
-+#else
-+ len += ipsec_snprintf(buffer+len, length-len, " idle=%lu",
-+ jiffies / HZ - (unsigned long)sa_p->ips_life.ipl_usetime.ipl_last);
-+#endif
-+ }
-+
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ if(sa_p->ips_said.proto == IPPROTO_COMP &&
-+ (sa_p->ips_comp_ratio_dbytes ||
-+ sa_p->ips_comp_ratio_cbytes)) {
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,3,0)
-+ len += ipsec_snprintf(buffer+len, length-len, " ratio=%Ld:%Ld",
-+ sa_p->ips_comp_ratio_dbytes,
-+ sa_p->ips_comp_ratio_cbytes);
-+#else
-+ len += ipsec_snprintf(buffer+len, length-len, " ratio=%lu:%lu",
-+ (unsigned long)sa_p->ips_comp_ratio_dbytes,
-+ (unsigned long)sa_p->ips_comp_ratio_cbytes);
-+#endif
-+ }
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ {
-+ char *natttype_name;
-+
-+ switch(sa_p->ips_natt_type)
-+ {
-+ case 0:
-+ natttype_name="none";
-+ break;
-+ case ESPINUDP_WITH_NON_IKE:
-+ natttype_name="nonike";
-+ break;
-+ case ESPINUDP_WITH_NON_ESP:
-+ natttype_name="nonesp";
-+ break;
-+ default:
-+ natttype_name = "unknown";
-+ break;
-+ }
-+
-+ len += ipsec_snprintf(buffer + len, length-len, " natencap=%s",
-+ natttype_name);
-+
-+ len += ipsec_snprintf(buffer + len, length-len, " natsport=%d",
-+ sa_p->ips_natt_sport);
-+
-+ len += ipsec_snprintf(buffer + len,length-len, " natdport=%d",
-+ sa_p->ips_natt_dport);
-+ }
-+#else
-+ len += ipsec_snprintf(buffer + len, length-len, " natencap=na");
-+#endif /* CONFIG_IPSEC_NAT_TRAVERSAL */
-+
-+ len += ipsec_snprintf(buffer + len,length-len, " refcount=%d",
-+ atomic_read(&sa_p->ips_refcount));
-+
-+ len += ipsec_snprintf(buffer+len, length-len, " ref=%d",
-+ sa_p->ips_ref);
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(debug_xform) {
-+ len += ipsec_snprintf(buffer+len, length-len, " reftable=%lu refentry=%lu",
-+ (unsigned long)IPsecSAref2table(sa_p->ips_ref),
-+ (unsigned long)IPsecSAref2entry(sa_p->ips_ref));
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ len += ipsec_snprintf(buffer+len, length-len, "\n");
-+
-+ atomic_dec(&sa_p->ips_refcount);
-+
-+ if (len >= max_content) {
-+ /* we've done all that can fit -- stop loops */
-+ len = max_content; /* truncate crap */
-+ goto done_spi_i;
-+ } else {
-+ const off_t pos = begin + len; /* file position of end of what we've generated */
-+
-+ if (pos <= offset) {
-+ /* all is before first interesting character:
-+ * discard, but note where we are.
-+ */
-+ len = 0;
-+ begin = pos;
-+ }
-+ }
-+ }
-+ }
-+
-+done_spi_i:
-+ spin_unlock_bh(&tdb_lock);
-+
-+ *start = buffer + (offset - begin); /* Start of wanted data */
-+ return len - (offset - begin);
-+}
-+
-+IPSEC_PROCFS_DEBUG_NO_STATIC
-+int
-+ipsec_spigrp_get_info(char *buffer,
-+ char **start,
-+ off_t offset,
-+ int length IPSEC_PROC_LAST_ARG)
-+{
-+ /* Limit of useful snprintf output */
-+ const int max_content = length > 0? length-1 : 0;
-+
-+ int len = 0;
-+ off_t begin = 0;
-+ int i;
-+ struct ipsec_sa *sa_p, *sa_p2;
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_PROCFS,
-+ "klips_debug:ipsec_spigrp_get_info: "
-+ "buffer=0p%p, *start=0p%p, offset=%d, length=%d\n",
-+ buffer,
-+ *start,
-+ (int)offset,
-+ length);
-+
-+ spin_lock_bh(&tdb_lock);
-+
-+ for (i = 0; i < SADB_HASHMOD; i++) {
-+ for (sa_p = ipsec_sadb_hash[i];
-+ sa_p != NULL;
-+ sa_p = sa_p->ips_hnext)
-+ {
-+ atomic_inc(&sa_p->ips_refcount);
-+ if(sa_p->ips_inext == NULL) {
-+ sa_p2 = sa_p;
-+ while(sa_p2 != NULL) {
-+ atomic_inc(&sa_p2->ips_refcount);
-+ sa_len = satot(&sa_p2->ips_said,
-+ 'x', sa, sizeof(sa));
-+
-+ len += ipsec_snprintf(buffer+len, length-len, "%s ",
-+ sa_len ? sa : " (error)");
-+ atomic_dec(&sa_p2->ips_refcount);
-+ sa_p2 = sa_p2->ips_onext;
-+ }
-+ len += ipsec_snprintf(buffer+len, length-len, "\n");
-+ }
-+
-+ atomic_dec(&sa_p->ips_refcount);
-+
-+ if (len >= max_content) {
-+ /* we've done all that can fit -- stop loops */
-+ len = max_content; /* truncate crap */
-+ goto done_spigrp_i;
-+ } else {
-+ const off_t pos = begin + len;
-+
-+ if (pos <= offset) {
-+ /* all is before first interesting character:
-+ * discard, but note where we are.
-+ */
-+ len = 0;
-+ begin = pos;
-+ }
-+ }
-+ }
-+ }
-+
-+done_spigrp_i:
-+ spin_unlock_bh(&tdb_lock);
-+
-+ *start = buffer + (offset - begin); /* Start of wanted data */
-+ return len - (offset - begin);
-+}
-+
-+
-+IPSEC_PROCFS_DEBUG_NO_STATIC
-+int
-+ipsec_tncfg_get_info(char *buffer,
-+ char **start,
-+ off_t offset,
-+ int length IPSEC_PROC_LAST_ARG)
-+{
-+ /* limit of useful snprintf output */
-+ const int max_content = length > 0? length-1 : 0;
-+ int len = 0;
-+ off_t begin = 0;
-+ int i;
-+ char name[9];
-+ struct net_device *dev, *privdev;
-+ struct ipsecpriv *priv;
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_PROCFS,
-+ "klips_debug:ipsec_tncfg_get_info: "
-+ "buffer=0p%p, *start=0p%p, offset=%d, length=%d\n",
-+ buffer,
-+ *start,
-+ (int)offset,
-+ length);
-+
-+ for(i = 0; i < IPSEC_NUM_IF; i++) {
-+ ipsec_snprintf(name, (ssize_t) sizeof(name), IPSEC_DEV_FORMAT, i);
-+ dev = __ipsec_dev_get(name);
-+ if(dev) {
-+ priv = (struct ipsecpriv *)(dev->priv);
-+ len += ipsec_snprintf(buffer+len, length-len, "%s",
-+ dev->name);
-+ if(priv) {
-+ privdev = (struct net_device *)(priv->dev);
-+ len += ipsec_snprintf(buffer+len, length-len, " -> %s",
-+ privdev ? privdev->name : "NULL");
-+ len += ipsec_snprintf(buffer+len, length-len, " mtu=%d(%d) -> %d",
-+ dev->mtu,
-+ priv->mtu,
-+ privdev ? privdev->mtu : 0);
-+ } else {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_PROCFS,
-+ "klips_debug:ipsec_tncfg_get_info: device '%s' has no private data space!\n",
-+ dev->name);
-+ }
-+ len += ipsec_snprintf(buffer+len, length-len, "\n");
-+
-+ if (len >= max_content) {
-+ /* we've done all that can fit -- stop loop */
-+ len = max_content; /* truncate crap */
-+ break;
-+ } else {
-+ const off_t pos = begin + len;
-+ if (pos <= offset) {
-+ len = 0;
-+ begin = pos;
-+ }
-+ }
-+ }
-+ }
-+ *start = buffer + (offset - begin); /* Start of wanted data */
-+ len -= (offset - begin); /* Start slop */
-+ if (len > length)
-+ len = length;
-+ return len;
-+}
-+
-+IPSEC_PROCFS_DEBUG_NO_STATIC
-+int
-+ipsec_version_get_info(char *buffer,
-+ char **start,
-+ off_t offset,
-+ int length IPSEC_PROC_LAST_ARG)
-+{
-+ int len = 0;
-+ off_t begin = 0;
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_PROCFS,
-+ "klips_debug:ipsec_version_get_info: "
-+ "buffer=0p%p, *start=0p%p, offset=%d, length=%d\n",
-+ buffer,
-+ *start,
-+ (int)offset,
-+ length);
-+
-+ len += ipsec_snprintf(buffer + len,length-len, "Openswan version: %s\n",
-+ ipsec_version_code());
-+#if 0
-+ KLIPS_PRINT(debug_tunnel & DB_TN_PROCFS,
-+ "klips_debug:ipsec_version_get_info: "
-+ "ipsec_init version: %s\n",
-+ ipsec_init_c_version);
-+ KLIPS_PRINT(debug_tunnel & DB_TN_PROCFS,
-+ "klips_debug:ipsec_version_get_info: "
-+ "ipsec_tunnel version: %s\n",
-+ ipsec_tunnel_c_version);
-+ KLIPS_PRINT(debug_tunnel & DB_TN_PROCFS,
-+ "klips_debug:ipsec_version_get_info: "
-+ "ipsec_netlink version: %s\n",
-+ ipsec_netlink_c_version);
-+ KLIPS_PRINT(debug_tunnel & DB_TN_PROCFS,
-+ "klips_debug:ipsec_version_get_info: "
-+ "radij_c_version: %s\n",
-+ radij_c_version);
-+#endif
-+
-+
-+ *start = buffer + (offset - begin); /* Start of wanted data */
-+ len -= (offset - begin); /* Start slop */
-+ if (len > length)
-+ len = length;
-+ return len;
-+}
-+
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+unsigned int natt_available = 1;
-+#else
-+unsigned int natt_available = 0;
-+#endif
-+#ifdef module_param
-+module_param(natt_available, int, 0444);
-+#else
-+MODULE_PARM("natt_available","i");
-+#endif
-+
-+IPSEC_PROCFS_DEBUG_NO_STATIC
-+int
-+ipsec_natt_get_info(char *buffer,
-+ char **start,
-+ off_t offset,
-+ int length IPSEC_PROC_LAST_ARG)
-+{
-+ int len = 0;
-+ off_t begin = 0;
-+
-+ len += ipsec_snprintf(buffer + len,
-+ length-len, "%d\n",
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ 1
-+#else
-+ 0
-+#endif
-+ );
-+
-+ *start = buffer + (offset - begin); /* Start of wanted data */
-+ len -= (offset - begin); /* Start slop */
-+ if (len > length)
-+ len = length;
-+ return len;
-+}
-+
-+IPSEC_PROCFS_DEBUG_NO_STATIC
-+int
-+ipsec_birth_info(char *page,
-+ char **start,
-+ off_t offset,
-+ int count,
-+ int *eof,
-+ void *data)
-+{
-+ struct ipsec_birth_reply *ibr = (struct ipsec_birth_reply *)data;
-+ int len;
-+
-+ if(offset >= ibr->packet_template_len) {
-+ if(eof) {
-+ *eof=1;
-+ }
-+ return 0;
-+ }
-+
-+ len = ibr->packet_template_len;
-+ len -= offset;
-+ if (len > count)
-+ len = count;
-+
-+ memcpy(page + offset, ibr->packet_template+offset, len);
-+
-+ return len;
-+}
-+
-+IPSEC_PROCFS_DEBUG_NO_STATIC
-+int
-+ipsec_birth_set(struct file *file, const char *buffer,
-+ unsigned long count, void *data)
-+{
-+ struct ipsec_birth_reply *ibr = (struct ipsec_birth_reply *)data;
-+ int len;
-+
-+ KLIPS_INC_USE;
-+ if(count > IPSEC_BIRTH_TEMPLATE_MAXLEN) {
-+ len = IPSEC_BIRTH_TEMPLATE_MAXLEN;
-+ } else {
-+ len = count;
-+ }
-+
-+ if(copy_from_user(ibr->packet_template, buffer, len)) {
-+ KLIPS_DEC_USE;
-+ return -EFAULT;
-+ }
-+ ibr->packet_template_len = len;
-+
-+ KLIPS_DEC_USE;
-+
-+ return len;
-+}
-+
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+IPSEC_PROCFS_DEBUG_NO_STATIC
-+int
-+ipsec_klipsdebug_get_info(char *buffer,
-+ char **start,
-+ off_t offset,
-+ int length IPSEC_PROC_LAST_ARG)
-+{
-+ int len = 0;
-+ off_t begin = 0;
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_PROCFS,
-+ "klips_debug:ipsec_klipsdebug_get_info: "
-+ "buffer=0p%p, *start=0p%p, offset=%d, length=%d\n",
-+ buffer,
-+ *start,
-+ (int)offset,
-+ length);
-+
-+ len += ipsec_snprintf(buffer+len, length-len, "debug_tunnel=%08x.\n", debug_tunnel);
-+ len += ipsec_snprintf(buffer+len, length-len, "debug_xform=%08x.\n", debug_xform);
-+ len += ipsec_snprintf(buffer+len, length-len, "debug_eroute=%08x.\n", debug_eroute);
-+ len += ipsec_snprintf(buffer+len, length-len, "debug_spi=%08x.\n", debug_spi);
-+ len += ipsec_snprintf(buffer+len, length-len, "debug_radij=%08x.\n", debug_radij);
-+ len += ipsec_snprintf(buffer+len, length-len, "debug_esp=%08x.\n", debug_esp);
-+ len += ipsec_snprintf(buffer+len, length-len, "debug_ah=%08x.\n", debug_ah);
-+ len += ipsec_snprintf(buffer+len, length-len, "debug_rcv=%08x.\n", debug_rcv);
-+ len += ipsec_snprintf(buffer+len, length-len, "debug_pfkey=%08x.\n", debug_pfkey);
-+
-+ *start = buffer + (offset - begin); /* Start of wanted data */
-+ len -= (offset - begin); /* Start slop */
-+ if (len > length)
-+ len = length;
-+ return len;
-+}
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+IPSEC_PROCFS_DEBUG_NO_STATIC
-+int
-+ipsec_stats_get_int_info(char *buffer,
-+ char **start,
-+ off_t offset,
-+ int length,
-+ int *eof,
-+ void *data)
-+{
-+
-+ const int max_content = length > 0? length-1 : 0;
-+ int len = 0;
-+ int *thing;
-+
-+ thing = (int *)data;
-+
-+ len = ipsec_snprintf(buffer+len, length-len, "%08x\n", *thing);
-+
-+ if (len >= max_content)
-+ len = max_content; /* truncate crap */
-+
-+ *start = buffer + offset; /* Start of wanted data */
-+ return len > offset? len - offset : 0;
-+
-+}
-+
-+#ifndef PROC_FS_2325
-+struct proc_dir_entry ipsec_eroute =
-+{
-+ 0,
-+ 12, "ipsec_eroute",
-+ S_IFREG | S_IRUGO, 1, 0, 0, 0,
-+ &proc_net_inode_operations,
-+ ipsec_eroute_get_info,
-+ NULL, NULL, NULL, NULL, NULL
-+};
-+
-+struct proc_dir_entry ipsec_spi =
-+{
-+ 0,
-+ 9, "ipsec_spi",
-+ S_IFREG | S_IRUGO, 1, 0, 0, 0,
-+ &proc_net_inode_operations,
-+ ipsec_spi_get_info,
-+ NULL, NULL, NULL, NULL, NULL
-+};
-+
-+struct proc_dir_entry ipsec_spigrp =
-+{
-+ 0,
-+ 12, "ipsec_spigrp",
-+ S_IFREG | S_IRUGO, 1, 0, 0, 0,
-+ &proc_net_inode_operations,
-+ ipsec_spigrp_get_info,
-+ NULL, NULL, NULL, NULL, NULL
-+};
-+
-+struct proc_dir_entry ipsec_tncfg =
-+{
-+ 0,
-+ 11, "ipsec_tncfg",
-+ S_IFREG | S_IRUGO, 1, 0, 0, 0,
-+ &proc_net_inode_operations,
-+ ipsec_tncfg_get_info,
-+ NULL, NULL, NULL, NULL, NULL
-+};
-+
-+struct proc_dir_entry ipsec_version =
-+{
-+ 0,
-+ 13, "ipsec_version",
-+ S_IFREG | S_IRUGO, 1, 0, 0, 0,
-+ &proc_net_inode_operations,
-+ ipsec_version_get_info,
-+ NULL, NULL, NULL, NULL, NULL
-+};
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+struct proc_dir_entry ipsec_klipsdebug =
-+{
-+ 0,
-+ 16, "ipsec_klipsdebug",
-+ S_IFREG | S_IRUGO, 1, 0, 0, 0,
-+ &proc_net_inode_operations,
-+ ipsec_klipsdebug_get_info,
-+ NULL, NULL, NULL, NULL, NULL
-+};
-+#endif /* CONFIG_KLIPS_DEBUG */
-+#endif /* !PROC_FS_2325 */
-+#endif /* CONFIG_PROC_FS */
-+
-+#if defined(PROC_FS_2325)
-+struct ipsec_proc_list {
-+ char *name;
-+ struct proc_dir_entry **parent;
-+ struct proc_dir_entry **dir;
-+ read_proc_t *readthing;
-+ write_proc_t *writething;
-+ void *data;
-+};
-+static struct ipsec_proc_list proc_items[]={
-+#ifdef CONFIG_KLIPS_DEBUG
-+ {"klipsdebug", &proc_net_ipsec_dir, NULL, ipsec_klipsdebug_get_info, NULL, NULL},
-+#endif
-+ {"eroute", &proc_net_ipsec_dir, &proc_eroute_dir, NULL, NULL, NULL},
-+ {"all", &proc_eroute_dir, NULL, ipsec_eroute_get_info, NULL, NULL},
-+ {"spi", &proc_net_ipsec_dir, &proc_spi_dir, NULL, NULL, NULL},
-+ {"all", &proc_spi_dir, NULL, ipsec_spi_get_info, NULL, NULL},
-+ {"spigrp", &proc_net_ipsec_dir, &proc_spigrp_dir, NULL, NULL, NULL},
-+ {"all", &proc_spigrp_dir, NULL, ipsec_spigrp_get_info, NULL, NULL},
-+ {"birth", &proc_net_ipsec_dir, &proc_birth_dir, NULL, NULL, NULL},
-+ {"ipv4", &proc_birth_dir, NULL, ipsec_birth_info, ipsec_birth_set, (void *)&ipsec_ipv4_birth_packet},
-+ {"ipv6", &proc_birth_dir, NULL, ipsec_birth_info, ipsec_birth_set, (void *)&ipsec_ipv6_birth_packet},
-+ {"tncfg", &proc_net_ipsec_dir, NULL, ipsec_tncfg_get_info, NULL, NULL},
-+#ifdef CONFIG_KLIPS_ALG
-+ {"xforms", &proc_net_ipsec_dir, NULL, ipsec_xform_get_info, NULL, NULL},
-+#endif /* CONFIG_KLIPS_ALG */
-+ {"stats", &proc_net_ipsec_dir, &proc_stats_dir, NULL, NULL, NULL},
-+ {"trap_count", &proc_stats_dir, NULL, ipsec_stats_get_int_info, NULL, &ipsec_xmit_trap_count},
-+ {"trap_sendcount", &proc_stats_dir, NULL, ipsec_stats_get_int_info, NULL, &ipsec_xmit_trap_sendcount},
-+ {"version", &proc_net_ipsec_dir, NULL, ipsec_version_get_info, NULL, NULL},
-+ {NULL, NULL, NULL, NULL, NULL, NULL}
-+};
-+#endif
-+
-+int
-+ipsec_proc_init()
-+{
-+ int error = 0;
-+#ifdef IPSEC_PROC_SUBDIRS
-+ struct proc_dir_entry *item;
-+#endif
-+
-+ /*
-+ * just complain because pluto won't run without /proc!
-+ */
-+#ifndef CONFIG_PROC_FS
-+#error You must have PROC_FS built in to use KLIPS
-+#endif
-+
-+ /* for 2.0 kernels */
-+#if !defined(PROC_FS_2325) && !defined(PROC_FS_21)
-+ error |= proc_register_dynamic(&proc_net, &ipsec_eroute);
-+ error |= proc_register_dynamic(&proc_net, &ipsec_spi);
-+ error |= proc_register_dynamic(&proc_net, &ipsec_spigrp);
-+ error |= proc_register_dynamic(&proc_net, &ipsec_tncfg);
-+ error |= proc_register_dynamic(&proc_net, &ipsec_version);
-+#ifdef CONFIG_KLIPS_DEBUG
-+ error |= proc_register_dynamic(&proc_net, &ipsec_klipsdebug);
-+#endif /* CONFIG_KLIPS_DEBUG */
-+#endif
-+
-+ /* for 2.2 kernels */
-+#if !defined(PROC_FS_2325) && defined(PROC_FS_21)
-+ error |= proc_register(proc_net, &ipsec_eroute);
-+ error |= proc_register(proc_net, &ipsec_spi);
-+ error |= proc_register(proc_net, &ipsec_spigrp);
-+ error |= proc_register(proc_net, &ipsec_tncfg);
-+ error |= proc_register(proc_net, &ipsec_version);
-+#ifdef CONFIG_KLIPS_DEBUG
-+ error |= proc_register(proc_net, &ipsec_klipsdebug);
-+#endif /* CONFIG_KLIPS_DEBUG */
-+#endif
-+
-+ /* for 2.4 kernels */
-+#if defined(PROC_FS_2325)
-+ /* create /proc/net/ipsec */
-+
-+ /* zero these out before we initialize /proc/net/ipsec/birth/stuff */
-+ memset(&ipsec_ipv4_birth_packet, 0, sizeof(struct ipsec_birth_reply));
-+ memset(&ipsec_ipv6_birth_packet, 0, sizeof(struct ipsec_birth_reply));
-+
-+ proc_net_ipsec_dir = proc_mkdir("ipsec", proc_net);
-+ if(proc_net_ipsec_dir == NULL) {
-+ /* no point in continuing */
-+ return 1;
-+ }
-+
-+ {
-+ struct ipsec_proc_list *it;
-+
-+ it=proc_items;
-+ while(it->name!=NULL) {
-+ if(it->dir) {
-+ /* make a dir instead */
-+ item = proc_mkdir(it->name, *it->parent);
-+ *it->dir = item;
-+ } else {
-+ item = create_proc_entry(it->name, 0400, *it->parent);
-+ }
-+ if(item) {
-+ item->read_proc = it->readthing;
-+ item->write_proc = it->writething;
-+ item->data = it->data;
-+#ifdef MODULE
-+ item->owner = THIS_MODULE;
-+#endif
-+ } else {
-+ error |= 1;
-+ }
-+ it++;
-+ }
-+ }
-+
-+ /* now create some symlinks to provide compatibility */
-+ proc_symlink("ipsec_eroute", proc_net, "ipsec/eroute/all");
-+ proc_symlink("ipsec_spi", proc_net, "ipsec/spi/all");
-+ proc_symlink("ipsec_spigrp", proc_net, "ipsec/spigrp/all");
-+ proc_symlink("ipsec_tncfg", proc_net, "ipsec/tncfg");
-+ proc_symlink("ipsec_version",proc_net, "ipsec/version");
-+ proc_symlink("ipsec_klipsdebug",proc_net,"ipsec/klipsdebug");
-+
-+#endif /* !PROC_FS_2325 */
-+
-+ return error;
-+}
-+
-+void
-+ipsec_proc_cleanup()
-+{
-+
-+ /* for 2.0 and 2.2 kernels */
-+#if !defined(PROC_FS_2325)
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if (proc_net_unregister(ipsec_klipsdebug.low_ino) != 0)
-+ printk("klips_debug:ipsec_cleanup: "
-+ "cannot unregister /proc/net/ipsec_klipsdebug\n");
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ if (proc_net_unregister(ipsec_version.low_ino) != 0)
-+ printk("klips_debug:ipsec_cleanup: "
-+ "cannot unregister /proc/net/ipsec_version\n");
-+ if (proc_net_unregister(ipsec_eroute.low_ino) != 0)
-+ printk("klips_debug:ipsec_cleanup: "
-+ "cannot unregister /proc/net/ipsec_eroute\n");
-+ if (proc_net_unregister(ipsec_spi.low_ino) != 0)
-+ printk("klips_debug:ipsec_cleanup: "
-+ "cannot unregister /proc/net/ipsec_spi\n");
-+ if (proc_net_unregister(ipsec_spigrp.low_ino) != 0)
-+ printk("klips_debug:ipsec_cleanup: "
-+ "cannot unregister /proc/net/ipsec_spigrp\n");
-+ if (proc_net_unregister(ipsec_tncfg.low_ino) != 0)
-+ printk("klips_debug:ipsec_cleanup: "
-+ "cannot unregister /proc/net/ipsec_tncfg\n");
-+#endif
-+
-+ /* for 2.4 kernels */
-+#if defined(PROC_FS_2325)
-+ {
-+ struct ipsec_proc_list *it;
-+
-+ /* find end of list */
-+ it=proc_items;
-+ while(it->name!=NULL) {
-+ it++;
-+ }
-+ it--;
-+
-+ do {
-+ remove_proc_entry(it->name, *it->parent);
-+ it--;
-+ } while(it >= proc_items);
-+ }
-+
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ remove_proc_entry("ipsec_klipsdebug", proc_net);
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ remove_proc_entry("ipsec_eroute", proc_net);
-+ remove_proc_entry("ipsec_spi", proc_net);
-+ remove_proc_entry("ipsec_spigrp", proc_net);
-+ remove_proc_entry("ipsec_tncfg", proc_net);
-+ remove_proc_entry("ipsec_version", proc_net);
-+ remove_proc_entry("ipsec", proc_net);
-+#endif /* 2.4 kernel */
-+}
-+
-+/*
-+ * $Log: ipsec_proc.c,v $
-+ * Revision 1.39.2.7 2007-11-06 18:24:44 paul
-+ * include linux/moduleparam.h on linux 2.4.x kernels.
-+ *
-+ * Revision 1.39.2.6 2007/09/05 02:41:20 paul
-+ * Added xforms info to /proc file. Patch by David McCullough
-+ *
-+ * Revision 1.39.2.5 2007/08/09 14:37:45 paul
-+ * Patch by sergeil to compile on 2.4.35.
-+ *
-+ * Revision 1.39.2.4 2006/11/15 22:21:39 paul
-+ * backport of creating a /sys/ file to test for nat-t capability in kernel.
-+ *
-+ * Revision 1.39.2.3 2006/10/06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.39.2.2 2006/02/13 18:48:12 paul
-+ * Fix by Ankit Desai <ankit@elitecore.com> for module unloading.
-+ *
-+ * Revision 1.39.2.1 2005/09/07 00:45:59 paul
-+ * pull up of mcr's nat-t klips detection patch from head
-+ *
-+ * Revision 1.39 2005/05/20 03:19:18 mcr
-+ * modifications for use on 2.4.30 kernel, with backported
-+ * printk_ratelimit(). all warnings removed.
-+ *
-+ * Revision 1.38 2005/04/29 05:10:22 mcr
-+ * removed from extraenous includes to make unit testing easier.
-+ *
-+ * Revision 1.37 2005/04/13 22:49:49 mcr
-+ * moved KLIPS specific snprintf() wrapper to seperate file.
-+ *
-+ * Revision 1.36 2005/04/06 17:44:36 mcr
-+ * when NAT-T is compiled out, show encap as "NA"
-+ *
-+ * Revision 1.35 2005/01/26 00:50:35 mcr
-+ * adjustment of confusion of CONFIG_IPSEC_NAT vs CONFIG_KLIPS_NAT,
-+ * and make sure that NAT_TRAVERSAL is set as well to match
-+ * userspace compiles of code.
-+ *
-+ * Revision 1.34 2004/12/03 21:25:57 mcr
-+ * compile time fixes for running on 2.6.
-+ * still experimental.
-+ *
-+ * Revision 1.33 2004/08/17 03:27:23 mcr
-+ * klips 2.6 edits.
-+ *
-+ * Revision 1.32 2004/08/03 18:19:08 mcr
-+ * in 2.6, use "net_device" instead of #define device->net_device.
-+ * this probably breaks 2.0 compiles.
-+ *
-+ * Revision 1.31 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.30 2004/04/25 21:23:11 ken
-+ * Pull in dhr's changes from FreeS/WAN 2.06
-+ *
-+ * Revision 1.29 2004/04/06 02:49:26 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.28 2004/03/28 20:29:58 paul
-+ * <hugh_> ssize_t, not ssized_t
-+ *
-+ * Revision 1.27 2004/03/28 20:27:20 paul
-+ * Included tested and confirmed fixes mcr made and dhr verified for
-+ * snprint statements. Changed one other snprintf to use ipsec_snprintf
-+ * so it wouldnt break compatibility with 2.0/2.2 kernels. Verified with
-+ * dhr. (thanks dhr!)
-+ *
-+ * Revision 1.26 2004/02/09 22:07:06 mcr
-+ * added information about nat-traversal setting to spi-output.
-+ *
-+ * Revision 1.25.4.1 2004/04/05 04:30:46 mcr
-+ * patches for alg-branch to compile/work with 2.x openswan
-+ *
-+ * Revision 1.25 2003/10/31 02:27:55 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.24.4.1 2003/10/29 01:30:41 mcr
-+ * elimited "struct sa_id".
-+ *
-+ * Revision 1.24 2003/06/20 01:42:21 mcr
-+ * added counters to measure how many ACQUIREs we send to pluto,
-+ * and how many are successfully sent.
-+ *
-+ * Revision 1.23 2003/04/03 17:38:09 rgb
-+ * Centralised ipsec_kfree_skb and ipsec_dev_{get,put}.
-+ *
-+ * Revision 1.22 2002/09/20 15:40:57 rgb
-+ * Renamed saref macros for consistency and brevity.
-+ *
-+ * Revision 1.21 2002/09/20 05:01:35 rgb
-+ * Print ref and reftable, refentry seperately.
-+ *
-+ * Revision 1.20 2002/09/19 02:35:39 mcr
-+ * do not define structures needed by /proc/net/ipsec/ if we
-+ * aren't going create that directory.
-+ *
-+ * Revision 1.19 2002/09/10 01:43:25 mcr
-+ * fixed problem in /-* comment.
-+ *
-+ * Revision 1.18 2002/09/03 16:22:11 mcr
-+ * fixed initialization of birth/stuff values - some simple
-+ * screw ups in the code.
-+ * removed debugging that was left in by mistake.
-+ *
-+ * Revision 1.17 2002/09/02 17:54:53 mcr
-+ * changed how the table driven /proc entries are created so that
-+ * making subdirs is now explicit rather than implicit.
-+ *
-+ * Revision 1.16 2002/08/30 01:23:37 mcr
-+ * reorganized /proc creating code to clear up ifdefs,
-+ * make the 2.4 code table driven, and put things into
-+ * /proc/net/ipsec subdir. Symlinks are left for compatibility.
-+ *
-+ * Revision 1.15 2002/08/13 19:01:25 mcr
-+ * patches from kenb to permit compilation of FreeSWAN on ia64.
-+ * des library patched to use proper DES_LONG type for ia64.
-+ *
-+ * Revision 1.14 2002/07/26 08:48:31 rgb
-+ * Added SA ref table code.
-+ *
-+ * Revision 1.13 2002/07/24 18:44:54 rgb
-+ * Type fiddling to tame ia64 compiler.
-+ *
-+ * Revision 1.12 2002/05/27 18:56:07 rgb
-+ * Convert to dynamic ipsec device allocation.
-+ *
-+ * Revision 1.11 2002/05/23 07:14:50 rgb
-+ * Added refcount code.
-+ * Cleaned up %p variants to 0p%p for test suite cleanup.
-+ * Convert "usecount" to "refcount" to remove ambiguity.
-+ *
-+ * Revision 1.10 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.9 2002/04/24 07:36:28 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_proc.c,v
-+ *
-+ * Revision 1.8 2002/01/29 17:17:55 mcr
-+ * moved include of ipsec_param.h to after include of linux/kernel.h
-+ * otherwise, it seems that some option that is set in ipsec_param.h
-+ * screws up something subtle in the include path to kernel.h, and
-+ * it complains on the snprintf() prototype.
-+ *
-+ * Revision 1.7 2002/01/29 04:00:52 mcr
-+ * more excise of kversions.h header.
-+ *
-+ * Revision 1.6 2002/01/29 02:13:17 mcr
-+ * introduction of ipsec_kversion.h means that include of
-+ * ipsec_param.h must preceed any decisions about what files to
-+ * include to deal with differences in kernel source.
-+ *
-+ * Revision 1.5 2002/01/12 02:54:30 mcr
-+ * beginnings of /proc/net/ipsec dir.
-+ *
-+ * Revision 1.4 2001/12/11 02:21:05 rgb
-+ * Don't include module version here, fixing 2.2 compile bug.
-+ *
-+ * Revision 1.3 2001/12/05 07:19:44 rgb
-+ * Fixed extraneous #include "version.c" bug causing modular KLIPS failure.
-+ *
-+ * Revision 1.2 2001/11/26 09:16:14 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.74 2001/11/22 05:44:11 henry
-+ * new version stuff
-+ *
-+ * Revision 1.1.2.1 2001/09/25 02:19:40 mcr
-+ * /proc manipulation code moved to new ipsec_proc.c
-+ *
-+ *
-+ * Local variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_radij.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,893 @@
-+/*
-+ * Interface between the IPSEC code and the radix (radij) tree code
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998, 1999, 2000, 2001 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_radij.c,v 1.73.2.2 2007-09-05 02:56:09 paul Exp $
-+ */
-+
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "openswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/interrupt.h> /* mark_bh */
-+
-+#include <linux/netdevice.h> /* struct device, struct net_device_stats and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+#include <linux/skbuff.h>
-+#include <openswan.h>
-+#ifdef SPINLOCK
-+# ifdef SPINLOCK_23
-+# include <linux/spinlock.h> /* *lock* */
-+# else /* 23_SPINLOCK */
-+# include <asm/spinlock.h> /* *lock* */
-+# endif /* 23_SPINLOCK */
-+#endif /* SPINLOCK */
-+
-+#include <net/ip.h>
-+
-+#include "openswan/ipsec_eroute.h"
-+#include "openswan/ipsec_sa.h"
-+
-+#include "openswan/radij.h"
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/radij.h"
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_radij.h"
-+#include "openswan/ipsec_tunnel.h" /* struct ipsecpriv */
-+#include "openswan/ipsec_xform.h"
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+#include "openswan/ipsec_proto.h"
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+int debug_radij = 0;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+struct radij_node_head *rnh = NULL;
-+#ifdef SPINLOCK
-+spinlock_t eroute_lock = SPIN_LOCK_UNLOCKED;
-+#else /* SPINLOCK */
-+spinlock_t eroute_lock;
-+#endif /* SPINLOCK */
-+
-+int
-+ipsec_radijinit(void)
-+{
-+ maj_keylen = sizeof (struct sockaddr_encap);
-+
-+ rj_init();
-+
-+ if (rj_inithead((void **)&rnh, /*16*/offsetof(struct sockaddr_encap, sen_type) * sizeof(__u8)) == 0) /* 16 is bit offset of sen_type */
-+ return -1;
-+ return 0;
-+}
-+
-+int
-+ipsec_radijcleanup(void)
-+{
-+ int error;
-+
-+ spin_lock_bh(&eroute_lock);
-+
-+ error = radijcleanup();
-+
-+ spin_unlock_bh(&eroute_lock);
-+
-+ return error;
-+}
-+
-+int
-+ipsec_cleareroutes(void)
-+{
-+ int error;
-+
-+ spin_lock_bh(&eroute_lock);
-+
-+ error = radijcleartree();
-+
-+ spin_unlock_bh(&eroute_lock);
-+
-+ return error;
-+}
-+
-+int
-+ipsec_breakroute(struct sockaddr_encap *eaddr,
-+ struct sockaddr_encap *emask,
-+ struct sk_buff **first,
-+ struct sk_buff **last)
-+{
-+ struct eroute *ro;
-+ struct radij_node *rn;
-+ int error;
-+#ifdef CONFIG_KLIPS_DEBUG
-+
-+ if (debug_eroute) {
-+ char buf1[SUBNETTOA_BUF], buf2[SUBNETTOA_BUF];
-+ subnettoa(eaddr->sen_ip_src, emask->sen_ip_src, 0, buf1, sizeof(buf1));
-+ subnettoa(eaddr->sen_ip_dst, emask->sen_ip_dst, 0, buf2, sizeof(buf2));
-+ KLIPS_PRINT(debug_eroute,
-+ "klips_debug:ipsec_breakroute: "
-+ "attempting to delete eroute for %s:%d->%s:%d %d\n",
-+ buf1, ntohs(eaddr->sen_sport),
-+ buf2, ntohs(eaddr->sen_dport), eaddr->sen_proto);
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ spin_lock_bh(&eroute_lock);
-+
-+ if ((error = rj_delete(eaddr, emask, rnh, &rn)) != 0) {
-+ spin_unlock_bh(&eroute_lock);
-+ KLIPS_PRINT(debug_eroute,
-+ "klips_debug:ipsec_breakroute: "
-+ "node not found, eroute delete failed.\n");
-+ return error;
-+ }
-+
-+ spin_unlock_bh(&eroute_lock);
-+
-+ ro = (struct eroute *)rn;
-+
-+ KLIPS_PRINT(debug_eroute,
-+ "klips_debug:ipsec_breakroute: "
-+ "deleted eroute=0p%p, ident=0p%p->0p%p, first=0p%p, last=0p%p\n",
-+ ro,
-+ ro->er_ident_s.data,
-+ ro->er_ident_d.data,
-+ ro->er_first,
-+ ro->er_last);
-+
-+ if (ro->er_ident_s.data != NULL) {
-+ kfree(ro->er_ident_s.data);
-+ }
-+ if (ro->er_ident_d.data != NULL) {
-+ kfree(ro->er_ident_d.data);
-+ }
-+ if (ro->er_first != NULL) {
-+#if 0
-+ struct net_device_stats *stats = (struct net_device_stats *) &(((struct ipsecpriv *)(ro->er_first->dev->priv))->mystats);
-+ stats->tx_dropped--;
-+#endif
-+ *first = ro->er_first;
-+ }
-+ if (ro->er_last != NULL) {
-+#if 0
-+ struct net_device_stats *stats = (struct net_device_stats *) &(((struct ipsecpriv *)(ro->er_last->dev->priv))->mystats);
-+ stats->tx_dropped--;
-+#endif
-+ *last = ro->er_last;
-+ }
-+
-+ if (rn->rj_flags & (RJF_ACTIVE | RJF_ROOT))
-+ panic ("ipsec_breakroute RMT_DELEROUTE root or active node\n");
-+ memset((caddr_t)rn, 0, sizeof (struct eroute));
-+ kfree(rn);
-+
-+ return 0;
-+}
-+
-+int
-+ipsec_makeroute(struct sockaddr_encap *eaddr,
-+ struct sockaddr_encap *emask,
-+ ip_said said,
-+ uint32_t pid,
-+ struct sk_buff *skb,
-+ struct ident *ident_s,
-+ struct ident *ident_d)
-+{
-+ struct eroute *retrt;
-+ int error;
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+
-+ if (debug_eroute) {
-+
-+ {
-+ char buf1[SUBNETTOA_BUF], buf2[SUBNETTOA_BUF];
-+
-+ subnettoa(eaddr->sen_ip_src, emask->sen_ip_src, 0, buf1, sizeof(buf1));
-+ subnettoa(eaddr->sen_ip_dst, emask->sen_ip_dst, 0, buf2, sizeof(buf2));
-+ sa_len = satot(&said, 0, sa, sizeof(sa));
-+ KLIPS_PRINT(debug_eroute,
-+ "klips_debug:ipsec_makeroute: "
-+ "attempting to allocate %lu bytes to insert eroute for %s->%s, SA: %s, PID:%d, skb=0p%p, ident:%s->%s\n",
-+ (unsigned long) sizeof(struct eroute),
-+ buf1,
-+ buf2,
-+ sa_len ? sa : " (error)",
-+ pid,
-+ skb,
-+ (ident_s ? (ident_s->data ? ident_s->data : "NULL") : "NULL"),
-+ (ident_d ? (ident_d->data ? ident_d->data : "NULL") : "NULL"));
-+ }
-+ {
-+ char buf1[sizeof(struct sockaddr_encap)*2 + 1],
-+ buf2[sizeof(struct sockaddr_encap)*2 + 1];
-+ int i;
-+ unsigned char *b1 = buf1,
-+ *b2 = buf2,
-+ *ea = (unsigned char *)eaddr,
-+ *em = (unsigned char *)emask;
-+
-+
-+ for (i=0; i<sizeof(struct sockaddr_encap); i++) {
-+ sprintf(b1, "%02x", ea[i]);
-+ sprintf(b2, "%02x", em[i]);
-+ b1+=2;
-+ b2+=2;
-+ }
-+ KLIPS_PRINT(debug_eroute, "klips_debug:ipsec_makeroute: %s / %s \n", buf1, buf2);
-+ }
-+
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ retrt = (struct eroute *)kmalloc(sizeof (struct eroute), GFP_ATOMIC);
-+ if (retrt == NULL) {
-+ printk("klips_error:ipsec_makeroute: "
-+ "not able to allocate kernel memory");
-+ return -ENOMEM;
-+ }
-+ memset((caddr_t)retrt, 0, sizeof (struct eroute));
-+
-+ retrt->er_eaddr = *eaddr;
-+ retrt->er_emask = *emask;
-+ retrt->er_said = said;
-+ retrt->er_pid = pid;
-+ retrt->er_count = 0;
-+ retrt->er_lasttime = jiffies/HZ;
-+
-+ {
-+ /* this is because gcc 3. doesn't like cast's as lvalues */
-+ struct rjtentry *rje = (struct rjtentry *)&(retrt->er_rjt);
-+ caddr_t er = (caddr_t)&(retrt->er_eaddr);
-+
-+ rje->rd_nodes->rj_key= er;
-+ }
-+
-+ if (ident_s && ident_s->type != SADB_IDENTTYPE_RESERVED) {
-+ int data_len = ident_s->len * IPSEC_PFKEYv2_ALIGN - sizeof(struct sadb_ident);
-+
-+ retrt->er_ident_s.type = ident_s->type;
-+ retrt->er_ident_s.id = ident_s->id;
-+ retrt->er_ident_s.len = ident_s->len;
-+ if(data_len) {
-+ KLIPS_PRINT(debug_eroute,
-+ "klips_debug:ipsec_makeroute: "
-+ "attempting to allocate %u bytes for ident_s.\n",
-+ data_len);
-+ if(!(retrt->er_ident_s.data = kmalloc(data_len, GFP_KERNEL))) {
-+ kfree(retrt);
-+ printk("klips_error:ipsec_makeroute: not able to allocate kernel memory (%d)\n", data_len);
-+ return ENOMEM;
-+ }
-+ memcpy(retrt->er_ident_s.data, ident_s->data, data_len);
-+ } else {
-+ retrt->er_ident_s.data = NULL;
-+ }
-+ }
-+
-+ if (ident_d && ident_d->type != SADB_IDENTTYPE_RESERVED) {
-+ int data_len = ident_d->len * IPSEC_PFKEYv2_ALIGN - sizeof(struct sadb_ident);
-+
-+ retrt->er_ident_d.type = ident_d->type;
-+ retrt->er_ident_d.id = ident_d->id;
-+ retrt->er_ident_d.len = ident_d->len;
-+ if(data_len) {
-+ KLIPS_PRINT(debug_eroute,
-+ "klips_debug:ipsec_makeroute: "
-+ "attempting to allocate %u bytes for ident_d.\n",
-+ data_len);
-+ if(!(retrt->er_ident_d.data = kmalloc(data_len, GFP_KERNEL))) {
-+ if (retrt->er_ident_s.data)
-+ kfree(retrt->er_ident_s.data);
-+ kfree(retrt);
-+ printk("klips_error:ipsec_makeroute: not able to allocate kernel memory (%d)\n", data_len);
-+ return ENOMEM;
-+ }
-+ memcpy(retrt->er_ident_d.data, ident_d->data, data_len);
-+ } else {
-+ retrt->er_ident_d.data = NULL;
-+ }
-+ }
-+ retrt->er_first = skb;
-+ retrt->er_last = NULL;
-+
-+ KLIPS_PRINT(debug_eroute,
-+ "klips_debug:ipsec_makeroute: "
-+ "calling rj_addroute now\n");
-+
-+ spin_lock_bh(&eroute_lock);
-+
-+ error = rj_addroute(&(retrt->er_eaddr), &(retrt->er_emask),
-+ rnh, retrt->er_rjt.rd_nodes);
-+
-+ spin_unlock_bh(&eroute_lock);
-+
-+ if(error) {
-+ sa_len = KLIPS_SATOT(debug_eroute, &said, 0, sa, sizeof(sa));
-+ KLIPS_PRINT(debug_eroute,
-+ "klips_debug:ipsec_makeroute: "
-+ "rj_addroute not able to insert eroute for SA:%s (error:%d)\n",
-+ sa_len ? sa : " (error)", error);
-+ if (retrt->er_ident_s.data)
-+ kfree(retrt->er_ident_s.data);
-+ if (retrt->er_ident_d.data)
-+ kfree(retrt->er_ident_d.data);
-+
-+ kfree(retrt);
-+
-+ return error;
-+ }
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if (debug_eroute) {
-+ char buf1[SUBNETTOA_BUF], buf2[SUBNETTOA_BUF];
-+/*
-+ subnettoa(eaddr->sen_ip_src, emask->sen_ip_src, 0, buf1, sizeof(buf1));
-+ subnettoa(eaddr->sen_ip_dst, emask->sen_ip_dst, 0, buf2, sizeof(buf2));
-+*/
-+ subnettoa(rd_key((&(retrt->er_rjt)))->sen_ip_src, rd_mask((&(retrt->er_rjt)))->sen_ip_src, 0, buf1, sizeof(buf1));
-+ subnettoa(rd_key((&(retrt->er_rjt)))->sen_ip_dst, rd_mask((&(retrt->er_rjt)))->sen_ip_dst, 0, buf2, sizeof(buf2));
-+ sa_len = satot(&retrt->er_said, 0, sa, sizeof(sa));
-+
-+ KLIPS_PRINT(debug_eroute,
-+ "klips_debug:ipsec_makeroute: "
-+ "pid=%05d "
-+ "count=%10d "
-+ "lasttime=%6d "
-+ "%-18s -> %-18s => %s\n",
-+ retrt->er_pid,
-+ retrt->er_count,
-+ (int)(jiffies/HZ - retrt->er_lasttime),
-+ buf1,
-+ buf2,
-+ sa_len ? sa : " (error)");
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ KLIPS_PRINT(debug_eroute,
-+ "klips_debug:ipsec_makeroute: "
-+ "succeeded.\n");
-+ return 0;
-+}
-+
-+struct eroute *
-+ipsec_findroute(struct sockaddr_encap *eaddr)
-+{
-+ struct radij_node *rn;
-+#ifdef CONFIG_KLIPS_DEBUG
-+ char buf1[ADDRTOA_BUF], buf2[ADDRTOA_BUF];
-+
-+ if (debug_radij & DB_RJ_FINDROUTE) {
-+ addrtoa(eaddr->sen_ip_src, 0, buf1, sizeof(buf1));
-+ addrtoa(eaddr->sen_ip_dst, 0, buf2, sizeof(buf2));
-+ KLIPS_PRINT(debug_eroute,
-+ "klips_debug:ipsec_findroute: "
-+ "%s:%d->%s:%d %d\n",
-+ buf1, ntohs(eaddr->sen_sport),
-+ buf2, ntohs(eaddr->sen_dport),
-+ eaddr->sen_proto);
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ rn = rj_match((caddr_t)eaddr, rnh);
-+ if(rn) {
-+ KLIPS_PRINT(debug_eroute && sysctl_ipsec_debug_verbose,
-+ "klips_debug:ipsec_findroute: "
-+ "found, points to proto=%d, spi=%x, dst=%x.\n",
-+ ((struct eroute*)rn)->er_said.proto,
-+ ntohl(((struct eroute*)rn)->er_said.spi),
-+ ntohl(((struct eroute*)rn)->er_said.dst.u.v4.sin_addr.s_addr));
-+ }
-+ return (struct eroute *)rn;
-+}
-+
-+#ifdef CONFIG_PROC_FS
-+/** ipsec_rj_walker_procprint: print one line of eroute table output.
-+ *
-+ * Theoretical BUG: if w->length is less than the length
-+ * of some line we should produce, that line will never
-+ * be finished. In effect, the "file" will stop part way
-+ * through that line.
-+ */
-+int
-+ipsec_rj_walker_procprint(struct radij_node *rn, void *w0)
-+{
-+ struct eroute *ro = (struct eroute *)rn;
-+ struct rjtentry *rd = (struct rjtentry *)rn;
-+ struct wsbuf *w = (struct wsbuf *)w0;
-+ char buf1[SUBNETTOA_BUF], buf2[SUBNETTOA_BUF];
-+ char buf3[16];
-+ char sa[SATOT_BUF];
-+ size_t sa_len, buf_len;
-+ struct sockaddr_encap *key, *mask;
-+
-+ KLIPS_PRINT(debug_radij,
-+ "klips_debug:ipsec_rj_walker_procprint: "
-+ "rn=0p%p, w0=0p%p\n",
-+ rn,
-+ w0);
-+ if (rn->rj_b >= 0) {
-+ return 0;
-+ }
-+
-+ key = rd_key(rd);
-+ mask = rd_mask(rd);
-+
-+ if (key == NULL || mask == NULL) {
-+ return 0;
-+ }
-+
-+ buf_len = subnettoa(key->sen_ip_src, mask->sen_ip_src, 0, buf1, sizeof(buf1));
-+ if(key->sen_sport != 0) {
-+ sprintf(buf1+buf_len-1, ":%d", ntohs(key->sen_sport));
-+ }
-+
-+ buf_len = subnettoa(key->sen_ip_dst, mask->sen_ip_dst, 0, buf2, sizeof(buf2));
-+ if(key->sen_dport != 0) {
-+ sprintf(buf2+buf_len-1, ":%d", ntohs(key->sen_dport));
-+ }
-+
-+ buf3[0]='\0';
-+ if(key->sen_proto != 0) {
-+ sprintf(buf3, ":%d", key->sen_proto);
-+ }
-+
-+ sa_len = satot(&ro->er_said, 'x', sa, sizeof(sa));
-+ w->len += ipsec_snprintf(w->buffer + w->len,
-+ w->length - w->len,
-+ "%-10d "
-+ "%-18s -> %-18s => %s%s\n",
-+ ro->er_count,
-+ buf1,
-+ buf2,
-+ sa_len ? sa : " (error)",
-+ buf3);
-+
-+ {
-+ /* snprintf can only fill the last character with NUL
-+ * so the maximum useful character is w->length-1.
-+ * However, if w->length == 0, we cannot go back.
-+ * (w->length surely cannot be negative.)
-+ */
-+ int max_content = w->length > 0? w->length-1 : 0;
-+
-+ if (w->len >= max_content) {
-+ /* we've done all that can fit -- stop treewalking */
-+ w->len = max_content; /* truncate crap */
-+ return -ENOBUFS;
-+ } else {
-+ const off_t pos = w->begin + w->len; /* file position of end of what we've generated */
-+
-+ if (pos <= w->offset) {
-+ /* all is before first interesting character:
-+ * discard, but note where we are.
-+ */
-+ w->len = 0;
-+ w->begin = pos;
-+ }
-+ return 0;
-+ }
-+ }
-+}
-+#endif /* CONFIG_PROC_FS */
-+
-+int
-+ipsec_rj_walker_delete(struct radij_node *rn, void *w0)
-+{
-+ struct eroute *ro;
-+ struct rjtentry *rd = (struct rjtentry *)rn;
-+ struct radij_node *rn2;
-+ int error;
-+ struct sockaddr_encap *key, *mask;
-+
-+ key = rd_key(rd);
-+ mask = rd_mask(rd);
-+
-+ if(!key || !mask) {
-+ return -ENODATA;
-+ }
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(debug_radij) {
-+ char buf1[SUBNETTOA_BUF], buf2[SUBNETTOA_BUF];
-+ subnettoa(key->sen_ip_src, mask->sen_ip_src, 0, buf1, sizeof(buf1));
-+ subnettoa(key->sen_ip_dst, mask->sen_ip_dst, 0, buf2, sizeof(buf2));
-+ KLIPS_PRINT(debug_radij,
-+ "klips_debug:ipsec_rj_walker_delete: "
-+ "deleting: %s -> %s\n",
-+ buf1,
-+ buf2);
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ if((error = rj_delete(key, mask, rnh, &rn2))) {
-+ KLIPS_PRINT(debug_radij,
-+ "klips_debug:ipsec_rj_walker_delete: "
-+ "rj_delete failed with error=%d.\n", error);
-+ return error;
-+ }
-+
-+ if(rn2 != rn) {
-+ printk("klips_debug:ipsec_rj_walker_delete: "
-+ "tried to delete a different node?!? This should never happen!\n");
-+ }
-+
-+ ro = (struct eroute *)rn;
-+
-+ if (ro->er_ident_s.data)
-+ kfree(ro->er_ident_s.data);
-+ if (ro->er_ident_d.data)
-+ kfree(ro->er_ident_d.data);
-+
-+ memset((caddr_t)rn, 0, sizeof (struct eroute));
-+ kfree(rn);
-+
-+ return 0;
-+}
-+
-+/*
-+ * $Log: ipsec_radij.c,v $
-+ * Revision 1.73.2.2 2007-09-05 02:56:09 paul
-+ * Use the new ipsec_kversion macros by David to deal with 2.6.22 kernels.
-+ * Fixes based on David McCullough patch.
-+ *
-+ * Revision 1.73.2.1 2006/10/06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.73 2005/04/29 05:10:22 mcr
-+ * removed from extraenous includes to make unit testing easier.
-+ *
-+ * Revision 1.72 2004/12/03 21:25:57 mcr
-+ * compile time fixes for running on 2.6.
-+ * still experimental.
-+ *
-+ * Revision 1.71 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.70 2004/04/25 21:10:52 ken
-+ * Pull in dhr's changes from FreeS/WAN 2.06
-+ *
-+ * Revision 1.69 2004/04/06 02:49:26 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.68 2004/03/28 20:27:20 paul
-+ * Included tested and confirmed fixes mcr made and dhr verified for
-+ * snprint statements. Changed one other snprintf to use ipsec_snprintf
-+ * so it wouldnt break compatibility with 2.0/2.2 kernels. Verified with
-+ * dhr. (thanks dhr!)
-+ *
-+ * Revision 1.67.4.1 2004/04/05 04:30:46 mcr
-+ * patches for alg-branch to compile/work with 2.x openswan
-+ *
-+ * Revision 1.67 2003/10/31 02:27:55 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.66.24.2 2003/10/29 01:30:41 mcr
-+ * elimited "struct sa_id".
-+ *
-+ * Revision 1.66.24.1 2003/09/21 13:59:56 mcr
-+ * pre-liminary X.509 patch - does not yet pass tests.
-+ *
-+ * Revision 1.66 2002/10/12 23:11:53 dhr
-+ *
-+ * [KenB + DHR] more 64-bit cleanup
-+ *
-+ * Revision 1.65 2002/09/20 05:01:40 rgb
-+ * Added memory allocation debugging.
-+ *
-+ * Revision 1.64 2002/05/31 01:46:05 mcr
-+ * added && sysctl_ipsec_debug_verbose verbose to ipsec_findroute
-+ * as requested in PR#14.
-+ *
-+ * Revision 1.63 2002/05/23 07:14:11 rgb
-+ * Cleaned up %p variants to 0p%p for test suite cleanup.
-+ *
-+ * Revision 1.62 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.61 2002/04/24 07:36:29 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_radij.c,v
-+ *
-+ * Revision 1.60 2002/02/19 23:59:45 rgb
-+ * Removed redundant compiler directives.
-+ *
-+ * Revision 1.59 2002/02/06 04:13:47 mcr
-+ * missing #ifdef CONFIG_IPSEC_DEBUG.
-+ *
-+ * Revision 1.58 2002/01/29 17:17:56 mcr
-+ * moved include of ipsec_param.h to after include of linux/kernel.h
-+ * otherwise, it seems that some option that is set in ipsec_param.h
-+ * screws up something subtle in the include path to kernel.h, and
-+ * it complains on the snprintf() prototype.
-+ *
-+ * Revision 1.57 2002/01/29 04:00:52 mcr
-+ * more excise of kversions.h header.
-+ *
-+ * Revision 1.56 2002/01/29 02:13:17 mcr
-+ * introduction of ipsec_kversion.h means that include of
-+ * ipsec_param.h must preceed any decisions about what files to
-+ * include to deal with differences in kernel source.
-+ *
-+ * Revision 1.55 2001/11/26 09:23:48 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.53.2.1 2001/09/25 02:26:32 mcr
-+ * headers adjusted for new usage.
-+ *
-+ * Revision 1.54 2001/10/18 04:45:20 rgb
-+ * 2.4.9 kernel deprecates linux/malloc.h in favour of linux/slab.h,
-+ * lib/freeswan.h version macros moved to lib/kversions.h.
-+ * Other compiler directive cleanups.
-+ *
-+ * Revision 1.53 2001/09/19 17:19:40 rgb
-+ * Debug output bugfix for NetCelo's PF_KEY ident patch.
-+ *
-+ * Revision 1.52 2001/09/19 16:33:37 rgb
-+ * Temporarily disable ident fields to /proc/net/ipsec_eroute.
-+ *
-+ * Revision 1.51 2001/09/15 16:24:04 rgb
-+ * Re-inject first and last HOLD packet when an eroute REPLACE is done.
-+ *
-+ * Revision 1.50 2001/09/14 16:58:36 rgb
-+ * Added support for storing the first and last packets through a HOLD.
-+ *
-+ * Revision 1.49 2001/09/08 21:13:32 rgb
-+ * Added pfkey ident extension support for ISAKMPd. (NetCelo)
-+ *
-+ * Revision 1.48 2001/06/15 04:12:56 rgb
-+ * Fixed kernel memory allocation error return code polarity bug.
-+ *
-+ * Revision 1.47 2001/06/14 19:35:09 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.46 2001/06/08 08:47:18 rgb
-+ * Fixed for debug disabled.
-+ *
-+ * Revision 1.45 2001/05/27 06:12:11 rgb
-+ * Added structures for pid, packet count and last access time to eroute.
-+ * Added packet count to beginning of /proc/net/ipsec_eroute.
-+ *
-+ * Revision 1.44 2001/05/03 19:41:01 rgb
-+ * Initialise error return variable.
-+ * Use more appropriate return value for ipsec_rj_walker_delete().
-+ *
-+ * Revision 1.43 2001/02/27 22:24:54 rgb
-+ * Re-formatting debug output (line-splitting, joining, 1arg/line).
-+ * Check for satoa() return codes.
-+ *
-+ * Revision 1.42 2001/02/27 06:21:57 rgb
-+ * Added findroute success instrumentation.
-+ *
-+ * Revision 1.41 2000/11/06 04:32:08 rgb
-+ * Ditched spin_lock_irqsave in favour of spin_lock_bh.
-+ *
-+ * Revision 1.40 2000/09/08 19:12:56 rgb
-+ * Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
-+ *
-+ * Revision 1.39 2000/08/30 05:25:20 rgb
-+ * Correct debug text in ipsec_breakroute() from incorrect
-+ * "ipsec_callback".
-+ *
-+ * Revision 1.38 2000/07/28 14:58:31 rgb
-+ * Changed kfree_s to kfree, eliminating extra arg to fix 2.4.0-test5.
-+ *
-+ * Revision 1.37 2000/03/16 14:02:50 rgb
-+ * Fixed debug scope to enable compilation with debug off.
-+ *
-+ * Revision 1.36 2000/01/21 06:14:46 rgb
-+ * Added debugging text to ipsec_rj_walker_delete().
-+ * Set return code to negative for consistency.
-+ *
-+ * Revision 1.35 1999/11/23 23:05:24 rgb
-+ * Use provided macro ADDRTOA_BUF instead of hardcoded value.
-+ *
-+ * Revision 1.34 1999/11/18 04:13:56 rgb
-+ * Replaced all kernel version macros to shorter, readable form.
-+ * Added CONFIG_PROC_FS compiler directives in case it is shut off.
-+ *
-+ * Revision 1.33 1999/11/17 15:53:39 rgb
-+ * Changed all occurrences of #include "../../../lib/freeswan.h"
-+ * to #include <freeswan.h> which works due to -Ilibfreeswan in the
-+ * klips/net/ipsec/Makefile.
-+ *
-+ * Revision 1.32 1999/10/26 13:58:33 rgb
-+ * Put spinlock flags variable declaration outside the debug compiler
-+ * directive to enable compilation with debug shut off.
-+ *
-+ * Revision 1.31 1999/10/15 22:13:29 rgb
-+ * Clean out cruft.
-+ * Align /proc/net/ipsec_eroute output for easier readability.
-+ * Fix double linefeed in radij debug output.
-+ * Fix double locking bug that locks up 2.0.36 but not 2.0.38.
-+ *
-+ * Revision 1.30 1999/10/08 18:37:33 rgb
-+ * Fix end-of-line spacing to sate whining PHMs.
-+ *
-+ * Revision 1.29 1999/10/03 18:52:45 rgb
-+ * Spinlock support for 2.0.xx.
-+ * Dumb return code spin_unlock fix.
-+ *
-+ * Revision 1.28 1999/10/01 16:22:24 rgb
-+ * Switch from assignment init. to functional init. of spinlocks.
-+ *
-+ * Revision 1.27 1999/10/01 15:44:53 rgb
-+ * Move spinlock header include to 2.1> scope.
-+ *
-+ * Revision 1.26 1999/10/01 00:01:23 rgb
-+ * Added eroute structure locking.
-+ *
-+ * Revision 1.25 1999/06/10 16:07:30 rgb
-+ * Silence delete eroute on no debug.
-+ *
-+ * Revision 1.24 1999/05/09 03:25:36 rgb
-+ * Fix bug introduced by 2.2 quick-and-dirty patch.
-+ *
-+ * Revision 1.23 1999/05/05 22:02:31 rgb
-+ * Add a quick and dirty port to 2.2 kernels by Marc Boucher <marc@mbsi.ca>.
-+ *
-+ * Revision 1.22 1999/04/29 15:17:23 rgb
-+ * Add return values to init and cleanup functions.
-+ * Add sanity checking for null pointer arguments.
-+ *
-+ * Revision 1.21 1999/04/11 00:28:58 henry
-+ * GPL boilerplate
-+ *
-+ * Revision 1.20 1999/04/06 04:54:26 rgb
-+ * Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+ * patch shell fixes.
-+ *
-+ * Revision 1.19 1999/02/17 16:50:35 rgb
-+ * Clean out unused cruft.
-+ * Consolidate for space and speed efficiency.
-+ * Convert DEBUG_IPSEC to KLIPS_PRINT
-+ *
-+ * Revision 1.18 1999/01/22 06:22:06 rgb
-+ * Cruft clean-out.
-+ * 64-bit clean-up.
-+ *
-+ * Revision 1.17 1998/12/02 03:09:39 rgb
-+ * Clean up debug printing conditionals to compile with debugging off.
-+ *
-+ * Revision 1.16 1998/12/01 13:49:39 rgb
-+ * Wrap version info printing in debug switches.
-+ *
-+ * Revision 1.15 1998/11/30 13:22:54 rgb
-+ * Rationalised all the klips kernel file headers. They are much shorter
-+ * now and won't conflict under RH5.2.
-+ *
-+ * Revision 1.14 1998/10/31 06:48:17 rgb
-+ * Fixed up comments in #endif directives.
-+ *
-+ * Revision 1.13 1998/10/27 13:48:09 rgb
-+ * Cleaned up /proc/net/ipsec_* filesystem for easy parsing by scripts.
-+ * Fixed less(1) truncated output bug.
-+ * Code clean-up.
-+ *
-+ * Revision 1.12 1998/10/25 02:41:36 rgb
-+ * Change return type on ipsec_breakroute and ipsec_makeroute and add an
-+ * argument to be able to transmit more infomation about errors.
-+ * Fix cut-and-paste debug statement identifier.
-+ *
-+ * Revision 1.11 1998/10/22 06:45:39 rgb
-+ * Cleaned up cruft.
-+ * Convert to use satoa for printk.
-+ *
-+ * Revision 1.10 1998/10/19 14:44:28 rgb
-+ * Added inclusion of freeswan.h.
-+ * sa_id structure implemented and used: now includes protocol.
-+ *
-+ * Revision 1.9 1998/10/09 04:30:52 rgb
-+ * Added 'klips_debug' prefix to all klips printk debug statements.
-+ * Deleted old commented out cruft.
-+ *
-+ * Revision 1.8 1998/08/06 17:24:23 rgb
-+ * Fix addrtoa return code bug from stale manpage advice preventing packets
-+ * from being erouted.
-+ *
-+ * Revision 1.7 1998/08/06 07:44:59 rgb
-+ * Fixed /proc/net/ipsec_eroute subnettoa and addrtoa return value bug that
-+ * ended up in nothing being printed.
-+ *
-+ * Revision 1.6 1998/08/05 22:16:41 rgb
-+ * Cleanup to prevent cosmetic errors (ie. debug output) from being fatal.
-+ *
-+ * Revision 1.5 1998/07/29 20:38:44 rgb
-+ * Debug and fix subnettoa and addrtoa output.
-+ *
-+ * Revision 1.4 1998/07/28 00:02:39 rgb
-+ * Converting to exclusive use of addrtoa.
-+ * Fix eroute delete.
-+ *
-+ * Revision 1.3 1998/07/14 18:21:26 rgb
-+ * Add function to clear the eroute table.
-+ *
-+ * Revision 1.2 1998/06/23 02:59:14 rgb
-+ * Added debugging output to eroute add/delete routines.
-+ *
-+ * Revision 1.9 1998/06/18 21:29:06 henry
-+ * move sources from klips/src to klips/net/ipsec, to keep stupid kernel
-+ * build scripts happier in presence of symbolic links
-+ *
-+ * Revision 1.8 1998/06/05 02:32:26 rgb
-+ * Fix spi ntoh kernel debug output.
-+ *
-+ * Revision 1.7 1998/05/25 20:30:37 rgb
-+ * Remove temporary ipsec_walk, rj_deltree and rj_delnodes functions.
-+ *
-+ * Rename ipsec_rj_walker (ipsec_walk) to ipsec_rj_walker_procprint and
-+ * add ipsec_rj_walker_delete.
-+ *
-+ * Revision 1.6 1998/05/21 13:08:57 rgb
-+ * Rewrote procinfo subroutines to avoid *bad things* when more that 3k of
-+ * information is available for printout.
-+ *
-+ * Revision 1.5 1998/05/18 21:35:55 rgb
-+ * Clean up output for numerical consistency and readability. Zero freed
-+ * eroute memory.
-+ *
-+ * Revision 1.4 1998/04/21 21:28:58 rgb
-+ * Rearrange debug switches to change on the fly debug output from user
-+ * space. Only kernel changes checked in at this time. radij.c was also
-+ * changed to temporarily remove buggy debugging code in rj_delete causing
-+ * an OOPS and hence, netlink device open errors.
-+ *
-+ * Revision 1.3 1998/04/14 17:30:39 rgb
-+ * Fix up compiling errors for radij tree memory reclamation.
-+ *
-+ * Revision 1.2 1998/04/12 22:03:23 rgb
-+ * Updated ESP-3DES-HMAC-MD5-96,
-+ * ESP-DES-HMAC-MD5-96,
-+ * AH-HMAC-MD5-96,
-+ * AH-HMAC-SHA1-96 since Henry started freeswan cvs repository
-+ * from old standards (RFC182[5-9] to new (as of March 1998) drafts.
-+ *
-+ * Fixed eroute references in /proc/net/ipsec*.
-+ *
-+ * Started to patch module unloading memory leaks in ipsec_netlink and
-+ * radij tree unloading.
-+ *
-+ * Revision 1.1 1998/04/09 03:06:10 henry
-+ * sources moved up from linux/net/ipsec
-+ *
-+ * Revision 1.1.1.1 1998/04/08 05:35:03 henry
-+ * RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
-+ *
-+ * Revision 0.4 1997/01/15 01:28:15 ji
-+ * No changes.
-+ *
-+ * Revision 0.3 1996/11/20 14:39:04 ji
-+ * Minor cleanups.
-+ * Rationalized debugging code.
-+ *
-+ * Revision 0.2 1996/11/02 00:18:33 ji
-+ * First limited release.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_rcv.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,2340 @@
-+/*
-+ * receive code
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998-2003 Richard Guy Briggs.
-+ * Copyright (C) 2004 Michael Richardson <mcr@xelerance.com>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ */
-+
-+char ipsec_rcv_c_version[] = "RCSID $Id: ipsec_rcv.c,v 1.171.2.15 2007-10-30 21:37:45 paul Exp $";
-+
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+
-+#define __NO_VERSION__
-+#include <linux/module.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "openswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/interrupt.h> /* mark_bh */
-+
-+#include <linux/netdevice.h> /* struct device, and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+
-+#include <net/tcp.h>
-+#include <net/udp.h>
-+#include <linux/skbuff.h>
-+#include <openswan.h>
-+#ifdef SPINLOCK
-+# ifdef SPINLOCK_23
-+# include <linux/spinlock.h> /* *lock* */
-+# else /* SPINLOCK_23 */
-+# include <asm/spinlock.h> /* *lock* */
-+# endif /* SPINLOCK_23 */
-+#endif /* SPINLOCK */
-+
-+#include <net/ip.h>
-+
-+#include "openswan/ipsec_kern24.h"
-+#include "openswan/radij.h"
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_sa.h"
-+
-+#include "openswan/ipsec_radij.h"
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_tunnel.h"
-+#include "openswan/ipsec_rcv.h"
-+
-+#include "openswan/ipsec_auth.h"
-+
-+#include "openswan/ipsec_esp.h"
-+
-+#ifdef CONFIG_KLIPS_AH
-+#include "openswan/ipsec_ah.h"
-+#endif /* CONFIG_KLIPS_AH */
-+
-+#ifdef CONFIG_KLIPS_IPCOMP
-+#include "openswan/ipsec_ipcomp.h"
-+#endif /* CONFIG_KLIPS_COMP */
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+#include "openswan/ipsec_proto.h"
-+#include "openswan/ipsec_alg.h"
-+#include "openswan/ipsec_kern24.h"
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+int debug_rcv = 0;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+int sysctl_ipsec_inbound_policy_check = 1;
-+
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+#include <linux/udp.h>
-+#endif
-+
-+/* This is a private use protocol, and AT&T should be ashamed. They should have
-+ * used protocol # 59, which is "no next header" instead of 0xFE.
-+ */
-+#ifndef IPPROTO_ATT_HEARTBEAT
-+#define IPPROTO_ATT_HEARTBEAT 0xFE
-+#endif
-+
-+/*
-+ * Check-replay-window routine, adapted from the original
-+ * by J. Hughes, from draft-ietf-ipsec-esp-des-md5-03.txt
-+ *
-+ * This is a routine that implements a 64 packet window. This is intend-
-+ * ed on being an implementation sample.
-+ */
-+
-+DEBUG_NO_STATIC int
-+ipsec_checkreplaywindow(struct ipsec_sa*ipsp, __u32 seq)
-+{
-+ __u32 diff;
-+
-+ if (ipsp->ips_replaywin == 0) /* replay shut off */
-+ return 1;
-+ if (seq == 0)
-+ return 0; /* first == 0 or wrapped */
-+
-+ /* new larger sequence number */
-+ if (seq > ipsp->ips_replaywin_lastseq) {
-+ return 1; /* larger is good */
-+ }
-+ diff = ipsp->ips_replaywin_lastseq - seq;
-+
-+ /* too old or wrapped */ /* if wrapped, kill off SA? */
-+ if (diff >= ipsp->ips_replaywin) {
-+ return 0;
-+ }
-+ /* this packet already seen */
-+ if (ipsp->ips_replaywin_bitmap & (1 << diff))
-+ return 0;
-+ return 1; /* out of order but good */
-+}
-+
-+DEBUG_NO_STATIC int
-+ipsec_updatereplaywindow(struct ipsec_sa*ipsp, __u32 seq)
-+{
-+ __u32 diff;
-+
-+ if (ipsp->ips_replaywin == 0) /* replay shut off */
-+ return 1;
-+ if (seq == 0)
-+ return 0; /* first == 0 or wrapped */
-+
-+ /* new larger sequence number */
-+ if (seq > ipsp->ips_replaywin_lastseq) {
-+ diff = seq - ipsp->ips_replaywin_lastseq;
-+
-+ /* In win, set bit for this pkt */
-+ if (diff < ipsp->ips_replaywin)
-+ ipsp->ips_replaywin_bitmap =
-+ (ipsp->ips_replaywin_bitmap << diff) | 1;
-+ else
-+ /* This packet has way larger seq num */
-+ ipsp->ips_replaywin_bitmap = 1;
-+
-+ if(seq - ipsp->ips_replaywin_lastseq - 1 > ipsp->ips_replaywin_maxdiff) {
-+ ipsp->ips_replaywin_maxdiff = seq - ipsp->ips_replaywin_lastseq - 1;
-+ }
-+ ipsp->ips_replaywin_lastseq = seq;
-+ return 1; /* larger is good */
-+ }
-+ diff = ipsp->ips_replaywin_lastseq - seq;
-+
-+ /* too old or wrapped */ /* if wrapped, kill off SA? */
-+ if (diff >= ipsp->ips_replaywin) {
-+/*
-+ if(seq < 0.25*max && ipsp->ips_replaywin_lastseq > 0.75*max) {
-+ ipsec_sa_delchain(ipsp);
-+ }
-+*/
-+ return 0;
-+ }
-+ /* this packet already seen */
-+ if (ipsp->ips_replaywin_bitmap & (1 << diff))
-+ return 0;
-+ ipsp->ips_replaywin_bitmap |= (1 << diff); /* mark as seen */
-+ return 1; /* out of order but good */
-+}
-+
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_MD5
-+struct auth_alg ipsec_rcv_md5[]={
-+ {osMD5Init, osMD5Update, osMD5Final, AHMD596_ALEN}
-+};
-+
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_MD5 */
-+
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_SHA1
-+struct auth_alg ipsec_rcv_sha1[]={
-+ {SHA1Init, SHA1Update, SHA1Final, AHSHA196_ALEN}
-+};
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_MD5 */
-+
-+/*
-+ * decapsulate a single layer of the system
-+ *
-+ * the following things should be setup to enter this function.
-+ *
-+ * irs->stats == stats structure (or NULL)
-+ * irs->ipp = IP header.
-+ * irs->len = total length of packet
-+ * skb->nh.iph = ipp;
-+ * skb->h.raw = start of payload
-+ * irs->ipsp = NULL.
-+ * irs->iphlen = N/A = is recalculated.
-+ * irs->ilen = 0;
-+ * irs->authlen = 0;
-+ * irs->authfuncs = NULL;
-+ * irs->skb = the skb;
-+ *
-+ * proto_funcs should be from ipsec_esp.c, ipsec_ah.c or ipsec_ipcomp.c.
-+ *
-+ */
-+enum ipsec_rcv_value
-+ipsec_rcv_decap_once(struct ipsec_rcv_state *irs
-+ , struct xform_functions *proto_funcs)
-+{
-+ int iphlen;
-+ __u8 proto;
-+ struct in_addr ipsaddr;
-+ struct in_addr ipdaddr;
-+ int replay = 0; /* replay value in AH or ESP packet */
-+ struct ipsec_sa* ipsnext = NULL; /* next SA towards inside of packet */
-+ struct ipsec_sa *newipsp;
-+ struct iphdr *ipp;
-+ struct sk_buff *skb;
-+ struct ipsec_alg_auth *ixt_a=NULL;
-+
-+ skb = irs->skb;
-+ irs->len = skb->len;
-+ ipp = irs->ipp;
-+ proto = ipp->protocol;
-+ ipsaddr.s_addr = ipp->saddr;
-+ addrtoa(ipsaddr, 0, irs->ipsaddr_txt, sizeof(irs->ipsaddr_txt));
-+ ipdaddr.s_addr = ipp->daddr;
-+ addrtoa(ipdaddr, 0, irs->ipdaddr_txt, sizeof(irs->ipdaddr_txt));
-+
-+ iphlen = ipp->ihl << 2;
-+ irs->iphlen=iphlen;
-+ ipp->check = 0; /* we know the sum is good */
-+
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv_decap_once: "
-+ "decap (%d) from %s -> %s\n",
-+ proto, irs->ipsaddr_txt, irs->ipdaddr_txt);
-+
-+ /*
-+ * Find tunnel control block and (indirectly) call the
-+ * appropriate tranform routine. The resulting sk_buf
-+ * is a valid IP packet ready to go through input processing.
-+ */
-+
-+ irs->said.dst.u.v4.sin_addr.s_addr = ipp->daddr;
-+ irs->said.dst.u.v4.sin_family = AF_INET;
-+
-+ /* note: rcv_checks set up the said.spi value, if appropriate */
-+ if(proto_funcs->rcv_checks) {
-+ enum ipsec_rcv_value retval =
-+ (*proto_funcs->rcv_checks)(irs, skb);
-+
-+ if(retval < 0) {
-+ return retval;
-+ }
-+ }
-+
-+ irs->said.proto = proto;
-+ irs->sa_len = satot(&irs->said, 0, irs->sa, sizeof(irs->sa));
-+ if(irs->sa_len == 0) {
-+ strcpy(irs->sa, "(error)");
-+ }
-+
-+ newipsp = ipsec_sa_getbyid(&irs->said);
-+ if (newipsp == NULL) {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "no ipsec_sa for SA:%s: incoming packet with no SA dropped\n",
-+ irs->sa_len ? irs->sa : " (error)");
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ return IPSEC_RCV_SAIDNOTFOUND;
-+ }
-+
-+ /* MCR - XXX this is bizarre. ipsec_sa_getbyid returned it, having
-+ * incremented the refcount, why in the world would we decrement it
-+ * here? */
-+ /* ipsec_sa_put(irs->ipsp);*/ /* incomplete */
-+
-+ /* If it is in larval state, drop the packet, we cannot process yet. */
-+ if(newipsp->ips_state == SADB_SASTATE_LARVAL) {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "ipsec_sa in larval state, cannot be used yet, dropping packet.\n");
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ ipsec_sa_put(newipsp);
-+ return IPSEC_RCV_SAIDNOTLIVE;
-+ }
-+
-+ if(newipsp->ips_state == SADB_SASTATE_DEAD) {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "ipsec_sa in dead state, cannot be used any more, dropping packet.\n");
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ ipsec_sa_put(newipsp);
-+ return IPSEC_RCV_SAIDNOTLIVE;
-+ }
-+
-+ if(sysctl_ipsec_inbound_policy_check) {
-+ if(irs->ipp->saddr != ((struct sockaddr_in*)(newipsp->ips_addr_s))->sin_addr.s_addr) {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "SA:%s, src=%s of pkt does not agree with expected SA source address policy.\n",
-+ irs->sa_len ? irs->sa : " (error)",
-+ irs->ipsaddr_txt);
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ ipsec_sa_put(newipsp);
-+ return IPSEC_RCV_FAILEDINBOUND;
-+ }
-+
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "SA:%s, src=%s of pkt agrees with expected SA source address policy.\n",
-+ irs->sa_len ? irs->sa : " (error)",
-+ irs->ipsaddr_txt);
-+
-+ /*
-+ * at this point, we have looked up a new SA, and we want to make sure that if this
-+ * isn't the first SA in the list, that the previous SA actually points at this one.
-+ */
-+ if(irs->ipsp) {
-+ if(irs->ipsp->ips_inext != newipsp) {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "unexpected SA:%s: does not agree with ips->inext policy, dropped\n",
-+ irs->sa_len ? irs->sa : " (error)");
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ ipsec_sa_put(newipsp);
-+ return IPSEC_RCV_FAILEDINBOUND;
-+ }
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "SA:%s grouping from previous SA is OK.\n",
-+ irs->sa_len ? irs->sa : " (error)");
-+ } else {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "SA:%s First SA in group.\n",
-+ irs->sa_len ? irs->sa : " (error)");
-+ }
-+
-+
-+
-+
-+
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ if (proto == IPPROTO_ESP) {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "natt_type=%u tdbp->ips_natt_type=%u : %s\n",
-+ irs->natt_type, newipsp->ips_natt_type,
-+ (irs->natt_type==newipsp->ips_natt_type)?"ok":"bad");
-+ if (irs->natt_type != newipsp->ips_natt_type) {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "SA:%s does not agree with expected NAT-T policy.\n",
-+ irs->sa_len ? irs->sa : " (error)");
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ ipsec_sa_put(newipsp);
-+ return IPSEC_RCV_FAILEDINBOUND;
-+ }
-+ }
-+#endif
-+ }
-+
-+ /* okay, SA checks out, so free any previous SA, and record a new one*/
-+
-+ if(irs->ipsp) {
-+ ipsec_sa_put(irs->ipsp);
-+ }
-+ irs->ipsp=newipsp;
-+
-+ /* note that the outer code will free the irs->ipsp
-+ if there is an error */
-+
-+
-+ /* now check the lifetimes */
-+ if(ipsec_lifetime_check(&irs->ipsp->ips_life.ipl_bytes, "bytes",
-+ irs->sa, ipsec_life_countbased, ipsec_incoming,
-+ irs->ipsp) == ipsec_life_harddied ||
-+ ipsec_lifetime_check(&irs->ipsp->ips_life.ipl_addtime, "addtime",
-+ irs->sa, ipsec_life_timebased, ipsec_incoming,
-+ irs->ipsp) == ipsec_life_harddied ||
-+ ipsec_lifetime_check(&irs->ipsp->ips_life.ipl_addtime, "usetime",
-+ irs->sa, ipsec_life_timebased, ipsec_incoming,
-+ irs->ipsp) == ipsec_life_harddied ||
-+ ipsec_lifetime_check(&irs->ipsp->ips_life.ipl_packets, "packets",
-+ irs->sa, ipsec_life_countbased, ipsec_incoming,
-+ irs->ipsp) == ipsec_life_harddied) {
-+ ipsec_sa_delchain(irs->ipsp);
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv_decap_once: "
-+ "decap (%d) failed lifetime check\n",
-+ proto);
-+
-+ return IPSEC_RCV_LIFETIMEFAILED;
-+ }
-+
-+#if 0
-+ /*
-+ * This is removed for some reasons:
-+ * 1) it needs to happen *after* authentication.
-+ * 2) do we really care, if it authenticates, if it came
-+ * from the wrong location?
-+ * 3) the NAT_KA messages in IKE will also get to pluto
-+ * and it will figure out that stuff has moved.
-+ * 4) the 2.6 udp-esp encap function does not pass us
-+ * the originating port number, and I can't tell
-+ * if skb->sk is guaranteed to be valid here.
-+ * 2005-04-16: mcr@xelerance.com
-+ */
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ /*
-+ *
-+ * XXX we should ONLY update pluto if the SA passes all checks,
-+ * which we clearly do not now.
-+ */
-+ if ((irs->natt_type) &&
-+ ( (irs->ipp->saddr != (((struct sockaddr_in*)(newipsp->ips_addr_s))->sin_addr.s_addr)) ||
-+ (irs->natt_sport != newipsp->ips_natt_sport)
-+ )) {
-+ struct sockaddr sipaddr;
-+ struct sockaddr_in *psin = (struct sockaddr_in*)(newipsp->ips_addr_s);
-+
-+ /** Advertise NAT-T addr change to pluto **/
-+ sipaddr.sa_family = AF_INET;
-+ ((struct sockaddr_in*)&sipaddr)->sin_addr.s_addr = irs->ipp->saddr;
-+ ((struct sockaddr_in*)&sipaddr)->sin_port = htons(irs->natt_sport);
-+ pfkey_nat_t_new_mapping(newipsp, &sipaddr, irs->natt_sport);
-+
-+ /**
-+ * Then allow or block packet depending on
-+ * sysctl_ipsec_inbound_policy_check.
-+ *
-+ * In all cases, pluto will update SA if new mapping is
-+ * accepted.
-+ */
-+ if (sysctl_ipsec_inbound_policy_check) {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "SA:%s, src=%s:%u of pkt does not agree with expected "
-+ "SA source address [%08x:%u] (notifying pluto of change).\n",
-+ irs->sa_len ? irs->sa : " (error)",
-+ irs->ipsaddr_txt, irs->natt_sport,
-+ psin->sin_addr.s_addr,
-+ newipsp->ips_natt_sport);
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ ipsec_sa_put(newipsp);
-+ return IPSEC_RCV_FAILEDINBOUND;
-+ }
-+ }
-+#endif
-+#endif
-+
-+ irs->authfuncs=NULL;
-+
-+ /* authenticate, if required */
-+ if ((ixt_a=irs->ipsp->ips_alg_auth)) {
-+ irs->authlen = AHHMAC_HASHLEN;
-+ irs->authfuncs = NULL;
-+ irs->ictx = NULL;
-+ irs->octx = NULL;
-+ irs->ictx_len = 0;
-+ irs->octx_len = 0;
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "authalg=%d authlen=%d\n",
-+ irs->ipsp->ips_authalg,
-+ irs->authlen);
-+ } else
-+ switch(irs->ipsp->ips_authalg) {
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_MD5
-+ case AH_MD5:
-+ irs->authlen = AHHMAC_HASHLEN;
-+ irs->authfuncs = ipsec_rcv_md5;
-+ irs->ictx = (void *)&((struct md5_ctx*)(irs->ipsp->ips_key_a))->ictx;
-+ irs->octx = (void *)&((struct md5_ctx*)(irs->ipsp->ips_key_a))->octx;
-+ irs->ictx_len = sizeof(((struct md5_ctx*)(irs->ipsp->ips_key_a))->ictx);
-+ irs->octx_len = sizeof(((struct md5_ctx*)(irs->ipsp->ips_key_a))->octx);
-+ break;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_MD5 */
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_SHA1
-+ case AH_SHA:
-+ irs->authlen = AHHMAC_HASHLEN;
-+ irs->authfuncs = ipsec_rcv_sha1;
-+ irs->ictx = (void *)&((struct sha1_ctx*)(irs->ipsp->ips_key_a))->ictx;
-+ irs->octx = (void *)&((struct sha1_ctx*)(irs->ipsp->ips_key_a))->octx;
-+ irs->ictx_len = sizeof(((struct sha1_ctx*)(irs->ipsp->ips_key_a))->ictx);
-+ irs->octx_len = sizeof(((struct sha1_ctx*)(irs->ipsp->ips_key_a))->octx);
-+ break;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_SHA1 */
-+ case AH_NONE:
-+ irs->authlen = 0;
-+ irs->authfuncs = NULL;
-+ irs->ictx = NULL;
-+ irs->octx = NULL;
-+ irs->ictx_len = 0;
-+ irs->octx_len = 0;
-+ break;
-+ default:
-+ irs->ipsp->ips_errs.ips_alg_errs += 1;
-+ if(irs->stats) {
-+ irs->stats->rx_errors++;
-+ }
-+ return IPSEC_RCV_BADAUTH;
-+ }
-+
-+ /* ilen counts number of bytes in ESP portion */
-+ irs->ilen = ((irs->skb->data + irs->skb->len) - skb_transport_header(irs->skb)) - irs->authlen;
-+ if(irs->ilen <= 0) {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "runt %s packet with no data, dropping.\n",
-+ (proto == IPPROTO_ESP ? "esp" : "ah"));
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ return IPSEC_RCV_BADLEN;
-+ }
-+
-+ if(irs->authfuncs || ixt_a) {
-+ unsigned char *authenticator = NULL;
-+
-+ if(proto_funcs->rcv_setup_auth) {
-+ enum ipsec_rcv_value retval
-+ = (*proto_funcs->rcv_setup_auth)(irs, skb,
-+ &replay,
-+ &authenticator);
-+ if(retval < 0) {
-+ return retval;
-+ }
-+ }
-+
-+ if(!authenticator) {
-+ irs->ipsp->ips_errs.ips_auth_errs += 1;
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ return IPSEC_RCV_BADAUTH;
-+ }
-+
-+ if(!ipsec_checkreplaywindow(irs->ipsp, replay)) {
-+ irs->ipsp->ips_errs.ips_replaywin_errs += 1;
-+ KLIPS_PRINT(debug_rcv & DB_RX_REPLAY,
-+ "klips_debug:ipsec_rcv: "
-+ "duplicate frame from %s, packet dropped\n",
-+ irs->ipsaddr_txt);
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ return IPSEC_RCV_REPLAYFAILED;
-+ }
-+
-+ /*
-+ * verify authenticator
-+ */
-+
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "encalg = %d, authalg = %d.\n",
-+ irs->ipsp->ips_encalg,
-+ irs->ipsp->ips_authalg);
-+
-+ /* calculate authenticator */
-+ if(proto_funcs->rcv_calc_auth == NULL) {
-+ return IPSEC_RCV_BADAUTH;
-+ }
-+ (*proto_funcs->rcv_calc_auth)(irs, skb);
-+
-+ if (memcmp(irs->hash, authenticator, irs->authlen)) {
-+ irs->ipsp->ips_errs.ips_auth_errs += 1;
-+ KLIPS_PRINT(debug_rcv & DB_RX_INAU,
-+ "klips_debug:ipsec_rcv: "
-+ "auth failed on incoming packet from %s: hash=%08x%08x%08x auth=%08x%08x%08x, dropped\n",
-+ irs->ipsaddr_txt,
-+ ntohl(*(__u32*)&irs->hash[0]),
-+ ntohl(*(__u32*)&irs->hash[4]),
-+ ntohl(*(__u32*)&irs->hash[8]),
-+ ntohl(*(__u32*)authenticator),
-+ ntohl(*((__u32*)authenticator + 1)),
-+ ntohl(*((__u32*)authenticator + 2)));
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ return IPSEC_RCV_AUTHFAILED;
-+ } else {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "authentication successful.\n");
-+ }
-+
-+ /* Crypto hygiene: clear memory used to calculate autheticator.
-+ * The length varies with the algorithm.
-+ */
-+ memset(irs->hash, 0, irs->authlen);
-+
-+ /* If the sequence number == 0, expire SA, it had rolled */
-+ if(irs->ipsp->ips_replaywin && !replay /* !irs->ipsp->ips_replaywin_lastseq */) {
-+ ipsec_sa_delchain(irs->ipsp);
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "replay window counter rolled, expiring SA.\n");
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ return IPSEC_RCV_REPLAYROLLED;
-+ }
-+
-+ /* now update the replay counter */
-+ if (!ipsec_updatereplaywindow(irs->ipsp, replay)) {
-+ irs->ipsp->ips_errs.ips_replaywin_errs += 1;
-+ KLIPS_PRINT(debug_rcv & DB_RX_REPLAY,
-+ "klips_debug:ipsec_rcv: "
-+ "duplicate frame from %s, packet dropped\n",
-+ irs->ipsaddr_txt);
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ return IPSEC_RCV_REPLAYROLLED;
-+ }
-+ }
-+
-+ if(proto_funcs->rcv_decrypt) {
-+ enum ipsec_rcv_value retval =
-+ (*proto_funcs->rcv_decrypt)(irs);
-+
-+ if(retval != IPSEC_RCV_OK) {
-+ return retval;
-+ }
-+ }
-+
-+ /*
-+ * Adjust pointers
-+ */
-+ skb = irs->skb;
-+ irs->len = skb->len;
-+ ipp = irs->ipp = ip_hdr(skb);
-+ irs->iphlen = ipp->ihl<<2;
-+ skb_set_transport_header(skb, ipsec_skb_offset(skb, skb_network_header(skb) + irs->iphlen));
-+
-+ /* zero any options that there might be */
-+ memset(&(IPCB(skb)->opt), 0, sizeof(struct ip_options));
-+
-+ ipsaddr.s_addr = ipp->saddr;
-+ addrtoa(ipsaddr, 0, irs->ipsaddr_txt, sizeof(irs->ipsaddr_txt));
-+ ipdaddr.s_addr = ipp->daddr;
-+ addrtoa(ipdaddr, 0, irs->ipdaddr_txt, sizeof(irs->ipdaddr_txt));
-+
-+ /*
-+ * Discard the original ESP/AH header
-+ */
-+ ipp->protocol = irs->next_header;
-+
-+ ipp->check = 0; /* NOTE: this will be included in checksum */
-+ ipp->check = ip_fast_csum((unsigned char *)ip_hdr(skb), irs->iphlen >> 2);
-+
-+ KLIPS_PRINT(debug_rcv & DB_RX_PKTRX,
-+ "klips_debug:ipsec_rcv: "
-+ "after <%s%s%s>, SA:%s:\n",
-+ IPS_XFORM_NAME(irs->ipsp),
-+ irs->sa_len ? irs->sa : " (error)");
-+ KLIPS_IP_PRINT(debug_rcv & DB_RX_PKTRX, ipp);
-+
-+ skb->protocol = htons(ETH_P_IP);
-+ skb->ip_summed = 0;
-+
-+ ipsnext = irs->ipsp->ips_inext;
-+ if(sysctl_ipsec_inbound_policy_check) {
-+ if(ipsnext) {
-+ if(
-+ ipp->protocol != IPPROTO_AH
-+ && ipp->protocol != IPPROTO_ESP
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ && ipp->protocol != IPPROTO_COMP
-+ && (ipsnext->ips_said.proto != IPPROTO_COMP
-+ || ipsnext->ips_inext)
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+ && ipp->protocol != IPPROTO_IPIP
-+ && ipp->protocol != IPPROTO_ATT_HEARTBEAT /* heartbeats to AT&T SIG/GIG */
-+ ) {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "packet with incomplete policy dropped, last successful SA:%s.\n",
-+ irs->sa_len ? irs->sa : " (error)");
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ return IPSEC_RCV_FAILEDINBOUND;
-+ }
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "SA:%s, Another IPSEC header to process.\n",
-+ irs->sa_len ? irs->sa : " (error)");
-+ } else {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "No ips_inext from this SA:%s.\n",
-+ irs->sa_len ? irs->sa : " (error)");
-+ }
-+ }
-+
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ /* update ipcomp ratio counters, even if no ipcomp packet is present */
-+ if (ipsnext
-+ && ipsnext->ips_said.proto == IPPROTO_COMP
-+ && ipp->protocol != IPPROTO_COMP) {
-+ ipsnext->ips_comp_ratio_cbytes += ntohs(ipp->tot_len);
-+ ipsnext->ips_comp_ratio_dbytes += ntohs(ipp->tot_len);
-+ }
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+
-+ irs->ipsp->ips_life.ipl_bytes.ipl_count += irs->len;
-+ irs->ipsp->ips_life.ipl_bytes.ipl_last = irs->len;
-+
-+ if(!irs->ipsp->ips_life.ipl_usetime.ipl_count) {
-+ irs->ipsp->ips_life.ipl_usetime.ipl_count = jiffies / HZ;
-+ }
-+ irs->ipsp->ips_life.ipl_usetime.ipl_last = jiffies / HZ;
-+ irs->ipsp->ips_life.ipl_packets.ipl_count += 1;
-+
-+#ifdef CONFIG_NETFILTER
-+ if(proto == IPPROTO_ESP || proto == IPPROTO_AH) {
-+ skb->nfmark = (skb->nfmark & (~(IPsecSAref2NFmark(IPSEC_SA_REF_MASK))))
-+ | IPsecSAref2NFmark(IPsecSA2SAref(irs->ipsp));
-+ KLIPS_PRINT(debug_rcv & DB_RX_PKTRX,
-+ "klips_debug:ipsec_rcv: "
-+ "%s SA sets skb->nfmark=0x%x.\n",
-+ proto == IPPROTO_ESP ? "ESP" : "AH",
-+ (unsigned)skb->nfmark);
-+ }
-+#endif /* CONFIG_NETFILTER */
-+
-+ return IPSEC_RCV_OK;
-+}
-+
-+
-+/*
-+ * core decapsulation loop for all protocols.
-+ *
-+ * the following things should be setup to enter this function.
-+ *
-+ * irs->stats == stats structure (or NULL)
-+ * irs->ipp = IP header.
-+ * irs->ipsp = NULL.
-+ * irs->ilen = 0;
-+ * irs->authlen = 0;
-+ * irs->authfuncs = NULL;
-+ * irs->skb = skb;
-+ * skb->nh.iph = ipp;
-+ * skb->h.raw = start of payload
-+ *
-+ */
-+int ipsec_rcv_decap(struct ipsec_rcv_state *irs)
-+{
-+ struct ipsec_sa *ipsp = NULL;
-+ struct ipsec_sa* ipsnext = NULL;
-+ struct in_addr ipsaddr;
-+ struct in_addr ipdaddr;
-+ struct iphdr *ipp;
-+ struct sk_buff *skb = NULL;
-+
-+ /* begin decapsulating loop here */
-+
-+ /*
-+ The spinlock is to prevent any other process from
-+ accessing or deleting the ipsec_sa hash table or any of the
-+ ipsec_sa s while we are using and updating them.
-+
-+ This is not optimal, but was relatively straightforward
-+ at the time. A better way to do it has been planned for
-+ more than a year, to lock the hash table and put reference
-+ counts on each ipsec_sa instead. This is not likely to happen
-+ in KLIPS1 unless a volunteer contributes it, but will be
-+ designed into KLIPS2.
-+ */
-+ spin_lock(&tdb_lock);
-+
-+ do {
-+ int decap_stat;
-+ struct xform_functions *proto_funcs;
-+
-+ switch(irs->ipp->protocol) {
-+ case IPPROTO_ESP:
-+ proto_funcs = esp_xform_funcs;
-+ break;
-+
-+#ifdef CONFIG_KLIPS_AH
-+ case IPPROTO_AH:
-+ proto_funcs = ah_xform_funcs;
-+ break;
-+#endif /* !CONFIG_KLIPS_AH */
-+
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ case IPPROTO_COMP:
-+ proto_funcs = ipcomp_xform_funcs;
-+ break;
-+#endif /* !CONFIG_KLIPS_IPCOMP */
-+ default:
-+ if(irs->stats) {
-+ irs->stats->rx_errors++;
-+ }
-+ decap_stat = IPSEC_RCV_BADPROTO;
-+ goto rcvleave;
-+ }
-+
-+ decap_stat = ipsec_rcv_decap_once(irs, proto_funcs);
-+
-+ if(decap_stat != IPSEC_RCV_OK) {
-+ spin_unlock(&tdb_lock);
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: decap_once failed: %d\n",
-+ decap_stat);
-+
-+ goto rcvleave;
-+ }
-+ /* end decapsulation loop here */
-+ } while( (irs->ipp->protocol == IPPROTO_ESP )
-+ || (irs->ipp->protocol == IPPROTO_AH )
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ || (irs->ipp->protocol == IPPROTO_COMP)
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+ );
-+
-+ /* set up for decap loop */
-+ ipp =irs->ipp;
-+ ipsp =irs->ipsp;
-+ ipsnext = ipsp->ips_inext;
-+ skb = irs->skb;
-+
-+ /* if there is an IPCOMP, but we don't have an IPPROTO_COMP,
-+ * then we can just skip it
-+ */
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ if(ipsnext && ipsnext->ips_said.proto == IPPROTO_COMP) {
-+ ipsp = ipsnext;
-+ ipsnext = ipsp->ips_inext;
-+ }
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ if ((irs->natt_type) && (ipp->protocol != IPPROTO_IPIP)) {
-+ /**
-+ * NAT-Traversal and Transport Mode:
-+ * we need to correct TCP/UDP checksum
-+ *
-+ * If we've got NAT-OA, we can fix checksum without recalculation.
-+ */
-+ __u32 natt_oa = ipsp->ips_natt_oa ?
-+ ((struct sockaddr_in*)(ipsp->ips_natt_oa))->sin_addr.s_addr : 0;
-+ __u16 pkt_len = skb_tail_pointer(skb) - (unsigned char *)ipp;
-+ __u16 data_len = pkt_len - (ipp->ihl << 2);
-+
-+ switch (ipp->protocol) {
-+ case IPPROTO_TCP:
-+ if (data_len >= sizeof(struct tcphdr)) {
-+ struct tcphdr *tcp = tcp_hdr(skb);
-+ if (natt_oa) {
-+ __u32 buff[2] = { ~natt_oa, ipp->saddr };
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "NAT-T & TRANSPORT: "
-+ "fix TCP checksum using NAT-OA\n");
-+ tcp->check = csum_fold(
-+ csum_partial((unsigned char *)buff, sizeof(buff),
-+ tcp->check^0xffff));
-+ }
-+ else {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "NAT-T & TRANSPORT: recalc TCP checksum\n");
-+ if (pkt_len > (ntohs(ipp->tot_len)))
-+ data_len -= (pkt_len - ntohs(ipp->tot_len));
-+ tcp->check = 0;
-+ tcp->check = csum_tcpudp_magic(ipp->saddr, ipp->daddr,
-+ data_len, IPPROTO_TCP,
-+ csum_partial((unsigned char *)tcp, data_len, 0));
-+ }
-+ }
-+ else {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "NAT-T & TRANSPORT: can't fix TCP checksum\n");
-+ }
-+ break;
-+ case IPPROTO_UDP:
-+ if (data_len >= sizeof(struct udphdr)) {
-+ struct udphdr *udp = udp_hdr(skb);
-+ if (udp->check == 0) {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "NAT-T & TRANSPORT: UDP checksum already 0\n");
-+ }
-+ else if (natt_oa) {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "NAT-T & TRANSPORT: "
-+ "fix UDP checksum using NAT-OA\n");
-+#ifdef DISABLE_UDP_CHECKSUM
-+ udp->check=0;
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "NAT-T & TRANSPORT: "
-+ "UDP checksum using NAT-OA disabled at compile time\n");
-+#else
-+ {
-+ __u32 buff[2] = { ~natt_oa, ipp->saddr };
-+
-+ udp->check = csum_fold(
-+ csum_partial((unsigned char *)buff, sizeof(buff),
-+ udp->check^0xffff));
-+ }
-+#endif
-+ }
-+ else {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "NAT-T & TRANSPORT: zero UDP checksum\n");
-+ udp->check = 0;
-+ }
-+ }
-+ else {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "NAT-T & TRANSPORT: can't fix UDP checksum\n");
-+ }
-+ break;
-+ default:
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "NAT-T & TRANSPORT: non TCP/UDP packet -- do nothing\n");
-+ break;
-+ }
-+ }
-+#endif
-+
-+ /*
-+ * XXX this needs to be locked from when it was first looked
-+ * up in the decapsulation loop. Perhaps it is better to put
-+ * the IPIP decap inside the loop.
-+ */
-+ if(ipsnext) {
-+ ipsp = ipsnext;
-+ irs->sa_len = KLIPS_SATOT(debug_rcv, &irs->said, 0, irs->sa, sizeof(irs->sa));
-+ if((ipp->protocol != IPPROTO_IPIP) &&
-+ (ipp->protocol != IPPROTO_ATT_HEARTBEAT)) { /* AT&T heartbeats to SIG/GIG */
-+ spin_unlock(&tdb_lock);
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "SA:%s, Hey! How did this get through? Dropped.\n",
-+ irs->sa_len ? irs->sa : " (error)");
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ goto rcvleave;
-+ }
-+ if(sysctl_ipsec_inbound_policy_check) {
-+ struct sockaddr_in *psin = (struct sockaddr_in*)(ipsp->ips_addr_s);
-+ if((ipsnext = ipsp->ips_inext)) {
-+ char sa2[SATOT_BUF];
-+ size_t sa_len2;
-+ sa_len2 = KLIPS_SATOT(debug_rcv, &ipsnext->ips_said, 0, sa2, sizeof(sa2));
-+ spin_unlock(&tdb_lock);
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "unexpected SA:%s after IPIP SA:%s\n",
-+ sa_len2 ? sa2 : " (error)",
-+ irs->sa_len ? irs->sa : " (error)");
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ goto rcvleave;
-+ }
-+ if(ipp->saddr != psin->sin_addr.s_addr) {
-+ spin_unlock(&tdb_lock);
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "SA:%s, src=%s(%08x) does not match expected 0x%08x.\n",
-+ irs->sa_len ? irs->sa : " (error)",
-+ irs->ipsaddr_txt,
-+ ipp->saddr, psin->sin_addr.s_addr);
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ goto rcvleave;
-+ }
-+ }
-+
-+ if(ipp->protocol == IPPROTO_IPIP) /* added to support AT&T heartbeats to SIG/GIG */
-+ {
-+ /*
-+ * XXX this needs to be locked from when it was first looked
-+ * up in the decapsulation loop. Perhaps it is better to put
-+ * the IPIP decap inside the loop.
-+ */
-+ ipsp->ips_life.ipl_bytes.ipl_count += skb->len;
-+ ipsp->ips_life.ipl_bytes.ipl_last = skb->len;
-+
-+ if(!ipsp->ips_life.ipl_usetime.ipl_count) {
-+ ipsp->ips_life.ipl_usetime.ipl_count = jiffies / HZ;
-+ }
-+ ipsp->ips_life.ipl_usetime.ipl_last = jiffies / HZ;
-+ ipsp->ips_life.ipl_packets.ipl_count += 1;
-+
-+ if(skb->len < irs->iphlen) {
-+ spin_unlock(&tdb_lock);
-+ printk(KERN_WARNING "klips_debug:ipsec_rcv: "
-+ "tried to skb_pull iphlen=%d, %d available. This should never happen, please report.\n",
-+ irs->iphlen,
-+ (int)(skb->len));
-+
-+ goto rcvleave;
-+ }
-+
-+ /*
-+ * we need to pull up by size of IP header,
-+ * options, but also by any UDP/ESP encap there might
-+ * have been, and this deals with all cases.
-+ */
-+ skb_pull(skb, (skb_transport_header(skb) - skb_network_header(skb)));
-+
-+ /* new L3 header is where L4 payload was */
-+ skb_set_network_header(skb, ipsec_skb_offset(skb, skb_transport_header(skb)));
-+
-+ /* now setup new L4 payload location */
-+ ipp = (struct iphdr *)skb_network_header(skb);
-+ skb_set_transport_header(skb, ipsec_skb_offset(skb, skb_network_header(skb) + (ipp->ihl << 2)));
-+
-+
-+ /* remove any saved options that we might have,
-+ * since we have a new IP header.
-+ */
-+ memset(&(IPCB(skb)->opt), 0, sizeof(struct ip_options));
-+
-+#if 0
-+ KLIPS_PRINT(debug_rcv, "csum: %d\n", ip_fast_csum((u8 *)ipp, ipp->ihl));
-+#endif
-+
-+ /* re-do any strings for debugging */
-+ ipsaddr.s_addr = ipp->saddr;
-+ if (debug_rcv)
-+ addrtoa(ipsaddr, 0, irs->ipsaddr_txt, sizeof(irs->ipsaddr_txt));
-+ ipdaddr.s_addr = ipp->daddr;
-+ if (debug_rcv)
-+ addrtoa(ipdaddr, 0, irs->ipdaddr_txt, sizeof(irs->ipdaddr_txt));
-+
-+ skb->protocol = htons(ETH_P_IP);
-+ skb->ip_summed = 0;
-+ KLIPS_PRINT(debug_rcv & DB_RX_PKTRX,
-+ "klips_debug:ipsec_rcv: "
-+ "IPIP tunnel stripped.\n");
-+ KLIPS_IP_PRINT(debug_rcv & DB_RX_PKTRX, ipp);
-+ }
-+
-+ if(sysctl_ipsec_inbound_policy_check
-+ /*
-+ Note: "xor" (^) logically replaces "not equal"
-+ (!=) and "bitwise or" (|) logically replaces
-+ "boolean or" (||). This is done to speed up
-+ execution by doing only bitwise operations and
-+ no branch operations
-+ */
-+ && (((ipp->saddr & ipsp->ips_mask_s.u.v4.sin_addr.s_addr)
-+ ^ ipsp->ips_flow_s.u.v4.sin_addr.s_addr)
-+ | ((ipp->daddr & ipsp->ips_mask_d.u.v4.sin_addr.s_addr)
-+ ^ ipsp->ips_flow_d.u.v4.sin_addr.s_addr)) )
-+ {
-+ char sflow_txt[SUBNETTOA_BUF], dflow_txt[SUBNETTOA_BUF];
-+
-+ subnettoa(ipsp->ips_flow_s.u.v4.sin_addr,
-+ ipsp->ips_mask_s.u.v4.sin_addr,
-+ 0, sflow_txt, sizeof(sflow_txt));
-+ subnettoa(ipsp->ips_flow_d.u.v4.sin_addr,
-+ ipsp->ips_mask_d.u.v4.sin_addr,
-+ 0, dflow_txt, sizeof(dflow_txt));
-+ spin_unlock(&tdb_lock);
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "SA:%s, inner tunnel policy [%s -> %s] does not agree with pkt contents [%s -> %s].\n",
-+ irs->sa_len ? irs->sa : " (error)",
-+ sflow_txt,
-+ dflow_txt,
-+ irs->ipsaddr_txt,
-+ irs->ipdaddr_txt);
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ goto rcvleave;
-+ }
-+#ifdef CONFIG_NETFILTER
-+ skb->nfmark = (skb->nfmark & (~(IPsecSAref2NFmark(IPSEC_SA_REF_TABLE_MASK))))
-+ | IPsecSAref2NFmark(IPsecSA2SAref(ipsp));
-+ KLIPS_PRINT(debug_rcv & DB_RX_PKTRX,
-+ "klips_debug:ipsec_rcv: "
-+ "IPIP SA sets skb->nfmark=0x%x.\n",
-+ (unsigned)skb->nfmark);
-+#endif /* CONFIG_NETFILTER */
-+ }
-+
-+ spin_unlock(&tdb_lock);
-+
-+ if(irs->stats) {
-+ irs->stats->rx_bytes += skb->len;
-+ }
-+ if(skb->dst) {
-+ dst_release(skb->dst);
-+ skb->dst = NULL;
-+ }
-+ skb->pkt_type = PACKET_HOST;
-+ if(irs->hard_header_len &&
-+ (skb_mac_header(skb) != (skb_network_header(skb) - irs->hard_header_len)) &&
-+ (irs->hard_header_len <= skb_headroom(skb))) {
-+ /* copy back original MAC header */
-+ memmove(skb_network_header(skb) - irs->hard_header_len,
-+ skb_mac_header(skb), irs->hard_header_len);
-+ skb_set_mac_header(skb, ipsec_skb_offset(skb, skb_network_header(skb) - irs->hard_header_len));
-+ }
-+
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ if(ipp->protocol == IPPROTO_COMP) {
-+ unsigned int flags = 0;
-+
-+ if(sysctl_ipsec_inbound_policy_check) {
-+ KLIPS_PRINT(debug_rcv & DB_RX_PKTRX,
-+ "klips_debug:ipsec_rcv: "
-+ "inbound policy checking enabled, IPCOMP follows IPIP, dropped.\n");
-+ if (irs->stats) {
-+ irs->stats->rx_errors++;
-+ }
-+ goto rcvleave;
-+ }
-+ /*
-+ XXX need a ipsec_sa for updating ratio counters but it is not
-+ following policy anyways so it is not a priority
-+ */
-+ skb = skb_decompress(skb, NULL, &flags);
-+ if (!skb || flags) {
-+ KLIPS_PRINT(debug_rcv & DB_RX_PKTRX,
-+ "klips_debug:ipsec_rcv: "
-+ "skb_decompress() returned error flags: %d, dropped.\n",
-+ flags);
-+ if (irs->stats) {
-+ irs->stats->rx_errors++;
-+ }
-+ goto rcvleave;
-+ }
-+ }
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+
-+ /*
-+ * make sure that data now starts at IP header, since we are going
-+ * to pass this back to ip_input (aka netif_rx). Rules for what the
-+ * pointers wind up a different for 2.6 vs 2.4, so we just fudge it here.
-+ */
-+#ifdef NET_26
-+ irs->skb->data = skb_push(irs->skb, skb_transport_header(irs->skb) - skb_network_header(irs->skb));
-+#else
-+ irs->skb->data = skb_network_header(irs->skb);
-+ {
-+ struct iphdr *iph = ip_hdr(irs->skb);
-+ int len = ntohs(iph->tot_len);
-+ irs->skb->len = len;
-+ }
-+#endif
-+
-+#ifdef SKB_RESET_NFCT
-+ nf_conntrack_put(skb->nfct);
-+ skb->nfct = NULL;
-+#if defined(CONFIG_NETFILTER_DEBUG) && defined(HAVE_SKB_NF_DEBUG)
-+ skb->nf_debug = 0;
-+#endif /* CONFIG_NETFILTER_DEBUG */
-+#endif /* SKB_RESET_NFCT */
-+ KLIPS_PRINT(debug_rcv & DB_RX_PKTRX,
-+ "klips_debug:ipsec_rcv: "
-+ "netif_rx() called.\n");
-+ netif_rx(skb);
-+ skb=NULL;
-+
-+ rcvleave:
-+ if(skb) {
-+ ipsec_kfree_skb(skb);
-+ }
-+
-+ /* KLIPS_DEC_USE; Artifact from refactor? bug # 454 */
-+ return(0);
-+}
-+
-+struct sk_buff *ipsec_rcv_unclone(struct sk_buff *skb,
-+ struct ipsec_rcv_state *irs)
-+{
-+ /* if skb was cloned (most likely due to a packet sniffer such as
-+ tcpdump being momentarily attached to the interface), make
-+ a copy of our own to modify */
-+ if(skb_cloned(skb)) {
-+ /* include any mac header while copying.. */
-+ if(skb_headroom(skb) < irs->hard_header_len) {
-+ printk(KERN_WARNING "klips_error:ipsec_rcv: "
-+ "tried to skb_push hhlen=%d, %d available. This should never happen, please report.\n",
-+ irs->hard_header_len,
-+ skb_headroom(skb));
-+ goto rcvleave;
-+ }
-+ skb_push(skb, irs->hard_header_len);
-+ if
-+#ifdef SKB_COW_NEW
-+ (skb_cow(skb, skb_headroom(skb)) != 0)
-+#else /* SKB_COW_NEW */
-+ ((skb = skb_cow(skb, skb_headroom(skb))) == NULL)
-+#endif /* SKB_COW_NEW */
-+ {
-+ goto rcvleave;
-+ }
-+ if(skb->len < irs->hard_header_len) {
-+ printk(KERN_WARNING "klips_error:ipsec_rcv: "
-+ "tried to skb_pull hhlen=%d, %d available. This should never happen, please report.\n",
-+ irs->hard_header_len,
-+ skb->len);
-+ goto rcvleave;
-+ }
-+ skb_pull(skb, irs->hard_header_len);
-+ }
-+ return skb;
-+
-+rcvleave:
-+ ipsec_kfree_skb(skb);
-+ return NULL;
-+}
-+
-+
-+#if !defined(NET_26) && defined(CONFIG_IPSEC_NAT_TRAVERSAL)
-+/*
-+ * decapsulate a UDP encapsulated ESP packet
-+ */
-+struct sk_buff *ipsec_rcv_natt_decap(struct sk_buff *skb
-+ , struct ipsec_rcv_state *irs
-+ , int *udp_decap_ret_p)
-+{
-+ *udp_decap_ret_p = 0;
-+ if (skb->sk && skb->nh.iph && skb->nh.iph->protocol==IPPROTO_UDP) {
-+ /**
-+ * Packet comes from udp_queue_rcv_skb so it is already defrag,
-+ * checksum verified, ... (ie safe to use)
-+ *
-+ * If the packet is not for us, return -1 and udp_queue_rcv_skb
-+ * will continue to handle it (do not kfree skb !!).
-+ */
-+
-+#ifndef UDP_OPT_IN_SOCK
-+ struct udp_opt {
-+ __u32 esp_in_udp;
-+ };
-+ struct udp_opt *tp = (struct udp_opt *)&(skb->sk->tp_pinfo.af_tcp);
-+#else
-+ struct udp_opt *tp = &(skb->sk->tp_pinfo.af_udp);
-+#endif
-+
-+ struct iphdr *ip = (struct iphdr *)skb->nh.iph;
-+ struct udphdr *udp = (struct udphdr *)((__u32 *)ip+ip->ihl);
-+ __u8 *udpdata = (__u8 *)udp + sizeof(struct udphdr);
-+ __u32 *udpdata32 = (__u32 *)udpdata;
-+
-+ irs->natt_sport = ntohs(udp->source);
-+ irs->natt_dport = ntohs(udp->dest);
-+
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "suspected ESPinUDP packet (NAT-Traversal) [%d].\n",
-+ tp->esp_in_udp);
-+ KLIPS_IP_PRINT(debug_rcv, ip);
-+
-+ if (udpdata < skb->tail) {
-+ unsigned int len = skb->tail - udpdata;
-+ if ((len==1) && (udpdata[0]==0xff)) {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ /* not IPv6 compliant message */
-+ "NAT-keepalive from %d.%d.%d.%d.\n", NIPQUAD(ip->saddr));
-+ *udp_decap_ret_p = 0;
-+ return NULL;
-+ }
-+ else if ( (tp->esp_in_udp == ESPINUDP_WITH_NON_IKE) &&
-+ (len > (2*sizeof(__u32) + sizeof(struct esphdr))) &&
-+ (udpdata32[0]==0) && (udpdata32[1]==0) ) {
-+ /* ESP Packet with Non-IKE header */
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "ESPinUDP pkt with Non-IKE - spi=0x%x\n",
-+ ntohl(udpdata32[2]));
-+ irs->natt_type = ESPINUDP_WITH_NON_IKE;
-+ irs->natt_len = sizeof(struct udphdr)+(2*sizeof(__u32));
-+ }
-+ else if ( (tp->esp_in_udp == ESPINUDP_WITH_NON_ESP) &&
-+ (len > sizeof(struct esphdr)) &&
-+ (udpdata32[0]!=0) ) {
-+ /* ESP Packet without Non-ESP header */
-+ irs->natt_type = ESPINUDP_WITH_NON_ESP;
-+ irs->natt_len = sizeof(struct udphdr);
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "ESPinUDP pkt without Non-ESP - spi=0x%x\n",
-+ ntohl(udpdata32[0]));
-+ }
-+ else {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "IKE packet - not handled here\n");
-+ *udp_decap_ret_p = -1;
-+ return NULL;
-+ }
-+ }
-+ else {
-+ return NULL;
-+ }
-+ }
-+ return skb;
-+}
-+#endif
-+
-+
-+int
-+ipsec_rcv(struct sk_buff *skb
-+#ifndef PROTO_HANDLER_SINGLE_PARM
-+ unsigned short xlen
-+#endif /* PROTO_HANDLER_SINGLE_PARM */
-+ )
-+{
-+#ifdef CONFIG_KLIPS_DEBUG
-+ struct net_device *dev = skb->dev;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ unsigned char protoc;
-+ struct net_device_stats *stats = NULL; /* This device's statistics */
-+ struct net_device *ipsecdev = NULL, *prvdev;
-+ struct ipsecpriv *prv;
-+ struct ipsec_rcv_state nirs, *irs = &nirs;
-+ struct iphdr *ipp;
-+ char name[9];
-+ int i;
-+
-+ /* Don't unlink in the middle of a turnaround */
-+ KLIPS_INC_USE;
-+
-+ memset(&nirs, 0, sizeof(struct ipsec_rcv_state));
-+
-+ if (skb == NULL) {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "NULL skb passed in.\n");
-+ goto rcvleave;
-+ }
-+
-+ if (skb->data == NULL) {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "NULL skb->data passed in, packet is bogus, dropping.\n");
-+ goto rcvleave;
-+ }
-+
-+#if defined(CONFIG_IPSEC_NAT_TRAVERSAL) && !defined(NET_26)
-+ {
-+ /* NET_26 NAT-T is handled by seperate function */
-+ struct sk_buff *nskb;
-+ int udp_decap_ret = 0;
-+
-+ nskb = ipsec_rcv_natt_decap(skb, irs, &udp_decap_ret);
-+ if(nskb == NULL) {
-+ /* return with non-zero, because UDP.c code
-+ * need to send it upstream.
-+ */
-+ if(skb && udp_decap_ret == 0) {
-+ ipsec_kfree_skb(skb);
-+ }
-+ KLIPS_DEC_USE;
-+ return(udp_decap_ret);
-+ }
-+ skb = nskb;
-+ }
-+#endif /* NAT_T */
-+
-+ /* dev->hard_header_len is unreliable and should not be used */
-+ /* klips26_rcv_encap will have already set hard_header_len for us?? */
-+ if (irs->hard_header_len == 0) {
-+ irs->hard_header_len = skb_mac_header(skb) ? (skb_network_header(skb) - skb_mac_header(skb)) : 0;
-+ if((irs->hard_header_len < 0) || (irs->hard_header_len > skb_headroom(skb)))
-+ irs->hard_header_len = 0;
-+ }
-+
-+ skb = ipsec_rcv_unclone(skb, irs);
-+ if(skb == NULL) {
-+ goto rcvleave;
-+ }
-+
-+#if IP_FRAGMENT_LINEARIZE
-+ /* In Linux 2.4.4, we may have to reassemble fragments. They are
-+ not assembled automatically to save TCP from having to copy
-+ twice.
-+ */
-+ if (skb_is_nonlinear(skb)) {
-+#ifdef HAVE_NEW_SKB_LINEARIZE
-+ if (skb_linearize_cow(skb) != 0)
-+#else
-+ if (skb_linearize(skb, GFP_ATOMIC) != 0)
-+#endif
-+ {
-+ goto rcvleave;
-+ }
-+ }
-+#endif /* IP_FRAGMENT_LINEARIZE */
-+
-+#if defined(CONFIG_IPSEC_NAT_TRAVERSAL) && !defined(NET_26)
-+ if (irs->natt_len) {
-+ /**
-+ * Now, we are sure packet is ESPinUDP, and we have a private
-+ * copy that has been linearized, remove natt_len bytes
-+ * from packet and modify protocol to ESP.
-+ */
-+ if (((unsigned char *)skb->data > (unsigned char *)skb->nh.iph)
-+ && ((unsigned char *)skb->nh.iph > (unsigned char *)skb->head))
-+ {
-+ unsigned int _len = (unsigned char *)skb->data -
-+ (unsigned char *)skb->nh.iph;
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: adjusting skb: skb_push(%u)\n",
-+ _len);
-+ skb_push(skb, _len);
-+ }
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "removing %d bytes from ESPinUDP packet\n", irs->natt_len);
-+ ipp = skb->nh.iph;
-+ irs->iphlen = ipp->ihl << 2;
-+ ipp->tot_len = htons(ntohs(ipp->tot_len) - irs->natt_len);
-+ if (skb->len < irs->iphlen + irs->natt_len) {
-+ printk(KERN_WARNING
-+ "klips_error:ipsec_rcv: "
-+ "ESPinUDP packet is too small (%d < %d+%d). "
-+ "This should never happen, please report.\n",
-+ (int)(skb->len), irs->iphlen, irs->natt_len);
-+ goto rcvleave;
-+ }
-+
-+ /* advance payload pointer to point past the UDP header */
-+ skb->h.raw = skb->h.raw + irs->natt_len;
-+
-+ /* modify protocol */
-+ ipp->protocol = IPPROTO_ESP;
-+
-+ skb->sk = NULL;
-+
-+ KLIPS_IP_PRINT(debug_rcv, skb->nh.iph);
-+ }
-+#endif
-+
-+ /* ipp = skb->nh.iph; */
-+ ipp = ip_hdr(skb);
-+
-+ {
-+ struct in_addr ipsaddr;
-+ struct in_addr ipdaddr;
-+
-+ ipsaddr.s_addr = ipp->saddr;
-+ addrtoa(ipsaddr, 0, irs->ipsaddr_txt
-+ , sizeof(irs->ipsaddr_txt));
-+ ipdaddr.s_addr = ipp->daddr;
-+ addrtoa(ipdaddr, 0, irs->ipdaddr_txt
-+ , sizeof(irs->ipdaddr_txt));
-+ }
-+
-+ irs->iphlen = ipp->ihl << 2;
-+
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "<<< Info -- ");
-+ KLIPS_PRINTMORE(debug_rcv && skb->dev, "skb->dev=%s ",
-+ skb->dev->name ? skb->dev->name : "NULL");
-+ KLIPS_PRINTMORE(debug_rcv && dev, "dev=%s ",
-+ dev->name ? dev->name : "NULL");
-+ KLIPS_PRINTMORE(debug_rcv, "\n");
-+
-+ KLIPS_PRINT(debug_rcv && !(skb->dev && dev && (skb->dev == dev)),
-+ "klips_debug:ipsec_rcv: "
-+ "Informational -- **if this happens, find out why** skb->dev:%s is not equal to dev:%s\n",
-+ skb->dev ? (skb->dev->name ? skb->dev->name : "NULL") : "NULL",
-+ dev ? (dev->name ? dev->name : "NULL") : "NULL");
-+
-+ protoc = ipp->protocol;
-+#ifndef NET_21
-+ if((!protocol) || (protocol->protocol != protoc)) {
-+ KLIPS_PRINT(debug_rcv & DB_RX_IPSA,
-+ "klips_debug:ipsec_rcv: "
-+ "protocol arg is NULL or unequal to the packet contents, this is odd, using value in packet.\n");
-+ }
-+#endif /* !NET_21 */
-+
-+ if( (protoc != IPPROTO_AH) &&
-+#ifdef CONFIG_KLIPS_IPCOMP_disabled_until_we_register_IPCOMP_HANDLER
-+ (protoc != IPPROTO_COMP) &&
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+ (protoc != IPPROTO_ESP) ) {
-+ KLIPS_PRINT(debug_rcv & DB_RX_IPSA,
-+ "klips_debug:ipsec_rcv: Why the hell is someone "
-+ "passing me a non-ipsec protocol = %d packet? -- dropped.\n",
-+ protoc);
-+ goto rcvleave;
-+ }
-+
-+ if(skb->dev) {
-+ for(i = 0; i < IPSEC_NUM_IF; i++) {
-+ sprintf(name, IPSEC_DEV_FORMAT, i);
-+ if(!strcmp(name, skb->dev->name)) {
-+ prv = (struct ipsecpriv *)(skb->dev->priv);
-+ if(prv) {
-+ stats = (struct net_device_stats *) &(prv->mystats);
-+ }
-+ ipsecdev = skb->dev;
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "Info -- pkt already proc'ed a group of ipsec headers, processing next group of ipsec headers.\n");
-+ break;
-+ }
-+ if((ipsecdev = __ipsec_dev_get(name)) == NULL) {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_error:ipsec_rcv: "
-+ "device %s does not exist\n",
-+ name);
-+ }
-+ prv = ipsecdev ? (struct ipsecpriv *)(ipsecdev->priv) : NULL;
-+ prvdev = prv ? (struct net_device *)(prv->dev) : NULL;
-+
-+#if 0
-+ KLIPS_PRINT(debug_rcv && prvdev,
-+ "klips_debug:ipsec_rcv: "
-+ "physical device for device %s is %s\n",
-+ name,
-+ prvdev->name);
-+#endif
-+ if(prvdev && skb->dev &&
-+ !strcmp(prvdev->name, skb->dev->name)) {
-+ stats = prv ? ((struct net_device_stats *) &(prv->mystats)) : NULL;
-+ skb->dev = ipsecdev;
-+ KLIPS_PRINT(debug_rcv && prvdev,
-+ "klips_debug:ipsec_rcv: "
-+ "assigning packet ownership to virtual device %s from physical device %s.\n",
-+ name, prvdev->name);
-+ if(stats) {
-+ stats->rx_packets++;
-+ }
-+ break;
-+ }
-+ }
-+ } else {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "device supplied with skb is NULL\n");
-+ }
-+
-+ if(stats == NULL) {
-+ KLIPS_PRINT((debug_rcv),
-+ "klips_error:ipsec_rcv: "
-+ "packet received from physical I/F (%s) not connected to ipsec I/F. Cannot record stats. May not have SA for decoding. Is IPSEC traffic expected on this I/F? Check routing.\n",
-+ skb->dev ? (skb->dev->name ? skb->dev->name : "NULL") : "NULL");
-+ }
-+
-+ KLIPS_IP_PRINT(debug_rcv, ipp);
-+
-+ /* set up for decap loop */
-+ irs->stats= stats;
-+ irs->ipp = ipp;
-+ irs->ipsp = NULL;
-+ irs->ilen = 0;
-+ irs->authlen=0;
-+ irs->authfuncs=NULL;
-+ irs->skb = skb;
-+
-+ ipsec_rcv_decap(irs);
-+ KLIPS_DEC_USE;
-+ return(0);
-+
-+ rcvleave:
-+ if(skb) {
-+ ipsec_kfree_skb(skb);
-+ }
-+ KLIPS_DEC_USE;
-+ return(0);
-+
-+}
-+
-+#ifdef NET_26
-+/*
-+ * this entry point is not a protocol entry point, so the entry
-+ * is a bit different.
-+ *
-+ * skb->iph->tot_len has been byte-swapped, and reduced by the size of
-+ * the IP header (and options).
-+ *
-+ * skb->h.raw has been pulled up the ESP header.
-+ *
-+ * skb->iph->protocol = 50 IPPROTO_ESP;
-+ *
-+ */
-+int klips26_rcv_encap(struct sk_buff *skb, __u16 encap_type)
-+{
-+ struct ipsec_rcv_state nirs, *irs = &nirs;
-+ struct iphdr *ipp;
-+
-+ /* Don't unlink in the middle of a turnaround */
-+ KLIPS_INC_USE;
-+
-+ memset(irs, 0, sizeof(*irs));
-+
-+ /* XXX fudge it so that all nat-t stuff comes from ipsec0 */
-+ /* eventually, the SA itself will determine which device
-+ * it comes from
-+ */
-+ {
-+ skb->dev = ipsec_get_device(0);
-+ }
-+
-+ /* set up for decap loop */
-+ irs->hard_header_len = skb->dev->hard_header_len;
-+
-+ skb = ipsec_rcv_unclone(skb, irs);
-+
-+#if IP_FRAGMENT_LINEARIZE
-+ /* In Linux 2.4.4, we may have to reassemble fragments. They are
-+ not assembled automatically to save TCP from having to copy
-+ twice.
-+ */
-+ if (skb_is_nonlinear(skb)) {
-+#ifdef HAVE_NEW_SKB_LINEARIZE
-+ if (skb_linearize_cow(skb) != 0)
-+#else
-+ if (skb_linearize(skb, GFP_ATOMIC) != 0)
-+#endif
-+ {
-+ goto rcvleave;
-+ }
-+ }
-+#endif /* IP_FRAGMENT_LINEARIZE */
-+
-+ /* ipp = skb->nh.iph; */
-+ ipp =ip_hdr(skb);
-+
-+ {
-+ struct in_addr ipsaddr;
-+ struct in_addr ipdaddr;
-+
-+ ipsaddr.s_addr = ipp->saddr;
-+ addrtoa(ipsaddr, 0, irs->ipsaddr_txt
-+ , sizeof(irs->ipsaddr_txt));
-+ ipdaddr.s_addr = ipp->daddr;
-+ addrtoa(ipdaddr, 0, irs->ipdaddr_txt
-+ , sizeof(irs->ipdaddr_txt));
-+ }
-+
-+ irs->iphlen = ipp->ihl << 2;
-+
-+ KLIPS_IP_PRINT(debug_rcv, ipp);
-+
-+ irs->stats= NULL;
-+ irs->ipp = ipp;
-+ irs->ipsp = NULL;
-+ irs->ilen = 0;
-+ irs->authlen=0;
-+ irs->authfuncs=NULL;
-+ irs->skb = skb;
-+
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ switch(encap_type) {
-+ case UDP_ENCAP_ESPINUDP:
-+ irs->natt_type = ESPINUDP_WITH_NON_ESP;
-+ break;
-+
-+ case UDP_ENCAP_ESPINUDP_NON_IKE:
-+ irs->natt_type = ESPINUDP_WITH_NON_IKE;
-+ break;
-+
-+ default:
-+ if(printk_ratelimit()) {
-+ printk(KERN_INFO "KLIPS received unknown UDP-ESP encap type %u\n",
-+ encap_type);
-+ }
-+ return -1;
-+ }
-+
-+#endif
-+ ipsec_rcv_decap(irs);
-+ KLIPS_DEC_USE;
-+ return 0;
-+
-+rcvleave:
-+ if(skb) {
-+ ipsec_kfree_skb(skb);
-+ }
-+ KLIPS_DEC_USE;
-+ return 0;
-+}
-+#endif
-+
-+
-+/*
-+ * $Log: ipsec_rcv.c,v $
-+ * Revision 1.171.2.15 2007-10-30 21:37:45 paul
-+ * Use skb_tail_pointer() [dhr]
-+ *
-+ * Revision 1.171.2.14 2007-10-22 14:54:38 paul
-+ * Fix identation
-+ *
-+ * Revision 1.171.2.13 2007/10/15 22:16:34 paul
-+ * Adding missing ; in DISABLE_UDP_CHECKSUM code
-+ *
-+ * Revision 1.171.2.12 2007/09/05 02:56:09 paul
-+ * Use the new ipsec_kversion macros by David to deal with 2.6.22 kernels.
-+ * Fixes based on David McCullough patch.
-+ *
-+ * Revision 1.171.2.11 2007/04/28 20:46:40 paul
-+ * Added compile time switch for -DDISABLE_UDP_CHECKSUM that seems to be
-+ * breaking IPsec+NAT+Transport mode with NAT-OA. Enabled this per default
-+ * via Makefile.inc's USERCOMPILE flags.
-+ *
-+ * Revision 1.171.2.10 2006/10/06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.171.2.9 2006/07/30 02:09:33 paul
-+ * Author: Bart Trojanowski <bart@xelerance.com>
-+ * This fixes a NATT+ESP bug in rcv path.
-+ *
-+ * We only want to test NATT policy on the ESP packet. Doing so on the
-+ * bundled SA breaks because the next layer does not know anything about
-+ * NATT.
-+ *
-+ * Fix just puts an if(proto == IPPROTO_ESP) around the NATT policy check.
-+ *
-+ * Revision 1.171.2.8 2006/07/29 05:03:04 paul
-+ * Added check for new version of skb_linearize that only takes 1 argument,
-+ * for 2.6.18+ kernels.
-+ *
-+ * Revision 1.171.2.7 2006/04/20 16:33:07 mcr
-+ * remove all of CONFIG_KLIPS_ALG --- one can no longer build without it.
-+ * Fix in-kernel module compilation. Sub-makefiles do not work.
-+ *
-+ * Revision 1.171.2.6 2005/12/07 06:07:04 paul
-+ * comment out KLIPS_DEC_USE in ipsec_rcv_decap. Likely an artifact from
-+ * refactoring. http://bugs.xelerance.com/view.php?id=454
-+ *
-+ * Revision 1.171.2.5 2005/10/21 02:22:29 mcr
-+ * pull up of another try at 2.4.x kernel fix
-+ *
-+ * Revision 1.171.2.4 2005/10/21 01:39:56 mcr
-+ * nat-t fix is 2.4/2.6 specific
-+ *
-+ * Revision 1.178 2005/10/21 02:19:34 mcr
-+ * on 2.4 systems, we have to fix up the length as well.
-+ *
-+ * Revision 1.177 2005/10/21 00:18:31 mcr
-+ * nat-t fix is 2.4 specific.
-+ *
-+ * Revision 1.176 2005/10/20 21:06:11 mcr
-+ * possible fix for nat-t problem on 2.4 kernels.
-+ *
-+ * Revision 1.175 2005/10/13 02:49:24 mcr
-+ * tested UDP-encapsulated ESP packets that were not actually ESP,
-+ * (but IKE) were being eaten.
-+ *
-+ * Revision 1.174 2005/10/13 01:25:22 mcr
-+ * UDP-encapsulated ESP packets that were not actually ESP,
-+ * (but IKE) were being eaten.
-+ *
-+ * Revision 1.173 2005/08/31 23:26:11 mcr
-+ * fixes for 2.6.13
-+ *
-+ * Revision 1.172 2005/08/05 08:44:54 mcr
-+ * ipsec_kern24.h (compat code for 2.4) must be include
-+ * explicitely now.
-+ *
-+ * Revision 1.171 2005/07/08 23:56:06 ken
-+ * #ifdef
-+ *
-+ * Revision 1.170 2005/07/08 23:50:05 ken
-+ * Don't attempt to decapsulate if NAT-T isn't available in the code
-+ *
-+ * Revision 1.169 2005/06/06 00:27:31 mcr
-+ * fix for making tcpdump (packet capture) work correctly for
-+ * nat-t received packets.
-+ *
-+ * Revision 1.168 2005/06/04 16:06:06 mcr
-+ * better patch for nat-t rcv-device code.
-+ *
-+ * Revision 1.167 2005/06/03 17:04:46 mcr
-+ * nat-t packets are forced to arrive from ipsec0.
-+ *
-+ * Revision 1.166 2005/04/29 05:10:22 mcr
-+ * removed from extraenous includes to make unit testing easier.
-+ *
-+ * Revision 1.165 2005/04/20 17:11:32 mcr
-+ * fixed to compile on 2.4.
-+ *
-+ * Revision 1.164 2005/04/18 03:09:50 ken
-+ * Fix typo
-+ *
-+ * Revision 1.163 2005/04/17 05:32:58 mcr
-+ * remove extraneous debugging
-+ * make sure to return success from klips26_encap_rcv().
-+ *
-+ * Revision 1.162 2005/04/17 04:37:01 mcr
-+ * make sure that irs->ipp is still set.
-+ *
-+ * Revision 1.161 2005/04/17 03:51:52 mcr
-+ * removed old comment about removed code.
-+ * added translation from udp.c/2.6 to KLIPS NAT-ESP naming.
-+ * comment about check for origin address/port for incoming NAT-ESP packets.
-+ *
-+ * Revision 1.160 2005/04/15 19:55:58 mcr
-+ * adjustments to use proper skb fields for data.
-+ *
-+ * Revision 1.159 2005/04/10 22:58:20 mcr
-+ * refactoring of receive functions to make it easier to
-+ * call the ESP decap.
-+ *
-+ * Revision 1.158 2005/04/08 18:27:53 mcr
-+ * refactored ipsec_rcv() into ipsec_rcv() and ipsec_rcv_decap().
-+ *
-+ * Revision 1.157 2004/12/28 23:13:09 mcr
-+ * use consistent CONFIG_IPSEC_NAT_TRAVERSAL.
-+ *
-+ * Revision 1.156 2004/12/03 21:34:51 mcr
-+ * mistype of KLIPS_USE_COUNT -> KLIPS_INC_USE;
-+ *
-+ * Revision 1.155 2004/12/03 21:25:57 mcr
-+ * compile time fixes for running on 2.6.
-+ * still experimental.
-+ *
-+ * Revision 1.154 2004/09/08 17:21:36 ken
-+ * Rename MD5* -> osMD5 functions to prevent clashes with other symbols exported by kernel modules (CIFS in 2.6 initiated this)
-+ *
-+ * Revision 1.153 2004/08/22 20:10:00 mcr
-+ * removed check for incorrect setting of NET_26.
-+ *
-+ * Revision 1.152 2004/08/21 15:22:39 mcr
-+ * added #defines for ATT heartbeat.
-+ *
-+ * Revision 1.151 2004/08/21 02:16:32 ken
-+ * Patch from Jochen Eisinger for AT&T MTS Heartbeat packet support
-+ *
-+ * Revision 1.150 2004/08/21 00:44:48 mcr
-+ * CONFIG_KLIPS_NAT was wrong, also need to include udp.h.
-+ *
-+ * Revision 1.149 2004/08/20 21:45:45 mcr
-+ * CONFIG_KLIPS_NAT_TRAVERSAL is not used in an attempt to
-+ * be 26sec compatible. But, some defines where changed.
-+ *
-+ * Revision 1.148 2004/08/17 03:27:23 mcr
-+ * klips 2.6 edits.
-+ *
-+ * Revision 1.147 2004/08/05 23:29:27 mcr
-+ * fixed nesting of #ifdef vs {} in ipsec_rcv().
-+ *
-+ * Revision 1.146 2004/08/04 15:57:07 mcr
-+ * moved des .h files to include/des/ *
-+ * included 2.6 protocol specific things
-+ * started at NAT-T support, but it will require a kernel patch.
-+ *
-+ * Revision 1.145 2004/08/03 18:19:08 mcr
-+ * in 2.6, use "net_device" instead of #define device->net_device.
-+ * this probably breaks 2.0 compiles.
-+ *
-+ * Revision 1.144 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.143 2004/05/10 22:27:00 mcr
-+ * fix for ESP-3DES-noauth test case.
-+ *
-+ * Revision 1.142 2004/05/10 22:25:57 mcr
-+ * reformat of calls to ipsec_lifetime_check().
-+ *
-+ * Revision 1.141 2004/04/06 02:49:26 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.140 2004/02/03 03:12:53 mcr
-+ * removed erroneously, double patched code.
-+ *
-+ * Revision 1.139 2004/01/05 23:21:29 mcr
-+ * initialize sin_family in ipsec_rcv.c
-+ *
-+ * Revision 1.138 2003/12/24 19:46:52 mcr
-+ * if sock.h patch has not been applied, then define appropriate
-+ * structure so we can use it. This is serious inferior, and
-+ * depends upon the concept that the structure in question is
-+ * smaller than the other members of that union.
-+ * getting rid of differing methods is a better solution.
-+ *
-+ * Revision 1.137 2003/12/22 19:40:57 mcr
-+ * NAT-T patches 0.6c.
-+ *
-+ * Revision 1.136 2003/12/15 18:13:12 mcr
-+ * when compiling with NAT traversal, don't assume that the
-+ * kernel has been patched, unless CONFIG_IPSEC_NAT_NON_ESP
-+ * is set.
-+ *
-+ * Revision 1.135 2003/12/13 19:10:21 mcr
-+ * refactored rcv and xmit code - same as FS 2.05.
-+ *
-+ * Revision 1.134.2.1 2003/12/22 15:25:52 jjo
-+ * Merged algo-0.8.1-rc11-test1 into alg-branch
-+ *
-+ * Revision 1.134 2003/12/10 01:14:27 mcr
-+ * NAT-traversal patches to KLIPS.
-+ *
-+ * Revision 1.133 2003/10/31 02:27:55 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.132.2.1 2003/10/29 01:30:41 mcr
-+ * elimited "struct sa_id".
-+ *
-+ * Revision 1.132 2003/09/02 19:51:48 mcr
-+ * fixes for PR#252.
-+ *
-+ * Revision 1.131 2003/07/31 22:47:16 mcr
-+ * preliminary (untested by FS-team) 2.5 patches.
-+ *
-+ * Revision 1.130 2003/04/03 17:38:25 rgb
-+ * Centralised ipsec_kfree_skb and ipsec_dev_{get,put}.
-+ * Clarified logic for non-connected devices.
-+ *
-+ * Revision 1.129 2003/02/06 02:21:34 rgb
-+ *
-+ * Moved "struct auth_alg" from ipsec_rcv.c to ipsec_ah.h .
-+ * Changed "struct ah" to "struct ahhdr" and "struct esp" to "struct esphdr".
-+ * Removed "#ifdef INBOUND_POLICY_CHECK_eroute" dead code.
-+ *
-+ * Revision 1.128 2002/12/13 20:58:03 rgb
-+ * Relegated MCR's recent "_dmp" routine to debug_verbose.
-+ * Cleaned up printing of source and destination addresses in debug output.
-+ *
-+ * Revision 1.127 2002/12/04 16:00:16 rgb
-+ *
-+ * Fixed AH decapsulation pointer update bug and added some comments and
-+ * debugging.
-+ * This bug was caught by west-ah-0[12].
-+ *
-+ * Revision 1.126 2002/11/04 05:03:43 mcr
-+ * fixes for IPCOMP. There were two problems:
-+ * 1) the irs->ipp pointer was not being updated properly after
-+ * the ESP descryption. The meant nothing for IPIP, as the
-+ * later IP header overwrote the earlier one.
-+ * 2) the more serious problem was that skb_decompress will
-+ * usually allocate a new SKB, so we have to make sure that
-+ * it doesn't get lost.
-+ * #2 meant removing the skb argument from the ->decrypt routine
-+ * and moving it to the irs->skb, so it could be value/result.
-+ *
-+ * Revision 1.125 2002/11/01 01:53:35 dhr
-+ *
-+ * fix typo
-+ *
-+ * Revision 1.124 2002/10/31 22:49:01 dhr
-+ *
-+ * - eliminate unused variable "hash"
-+ * - reduce scope of variable "authenticator"
-+ * - add comment on a couple of tricky bits
-+ *
-+ * Revision 1.123 2002/10/31 22:39:56 dhr
-+ *
-+ * use correct type for result of function calls
-+ *
-+ * Revision 1.122 2002/10/31 22:36:25 dhr
-+ *
-+ * simplify complex test
-+ *
-+ * Revision 1.121 2002/10/31 22:34:04 dhr
-+ *
-+ * ipsprev is never used: ditch it
-+ *
-+ * Revision 1.120 2002/10/31 22:30:21 dhr
-+ *
-+ * eliminate redundant assignments
-+ *
-+ * Revision 1.119 2002/10/31 22:27:43 dhr
-+ *
-+ * make whitespace canonical
-+ *
-+ * Revision 1.118 2002/10/30 05:47:17 rgb
-+ * Fixed cut-and-paste error mis-identifying comp runt as ah.
-+ *
-+ * Revision 1.117 2002/10/17 16:37:45 rgb
-+ * Remove compp intermediate variable and in-line its contents
-+ * where used
-+ *
-+ * Revision 1.116 2002/10/12 23:11:53 dhr
-+ *
-+ * [KenB + DHR] more 64-bit cleanup
-+ *
-+ * Revision 1.115 2002/10/07 19:06:58 rgb
-+ * Minor fixups and activation to west-rcv-nfmark-set-01 test to check for SA reference properly set on incoming.
-+ *
-+ * Revision 1.114 2002/10/07 18:31:31 rgb
-+ * Set saref on incoming packets.
-+ *
-+ * Revision 1.113 2002/09/16 21:28:12 mcr
-+ * adjust hash length for HMAC calculation - must look at whether
-+ * it is MD5 or SHA1.
-+ *
-+ * Revision 1.112 2002/09/16 21:19:15 mcr
-+ * fixes for west-ah-icmp-01 - length of AH header must be
-+ * calculated properly, and next_header field properly copied.
-+ *
-+ * Revision 1.111 2002/09/10 02:45:56 mcr
-+ * re-factored the ipsec_rcv function into several functions,
-+ * ipsec_rcv_decap_once, and a set of functions for AH, ESP and IPCOMP.
-+ * In addition, the MD5 and SHA1 functions are replaced with pointers.
-+ *
-+ * Revision 1.110 2002/08/30 06:34:33 rgb
-+ * Fix scope of shift in AH header length check.
-+ *
-+ * Revision 1.109 2002/08/27 16:49:20 rgb
-+ * Fixed ESP short packet DOS (and AH and IPCOMP).
-+ *
-+ * Revision 1.108 2002/07/24 18:44:54 rgb
-+ * Type fiddling to tame ia64 compiler.
-+ *
-+ * Revision 1.107 2002/05/27 18:58:18 rgb
-+ * Convert to dynamic ipsec device allocation.
-+ * Remove final vistiges of tdb references via IPSEC_KLIPS1_COMPAT.
-+ *
-+ * Revision 1.106 2002/05/23 07:15:21 rgb
-+ * Pointer clean-up.
-+ * Added refcount code.
-+ *
-+ * Revision 1.105 2002/05/14 02:35:06 rgb
-+ * Change all references to tdb, TDB or Tunnel Descriptor Block to ips,
-+ * ipsec_sa or ipsec_sa.
-+ * Change references to _TDB to _IPSA.
-+ *
-+ * Revision 1.104 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.103 2002/04/24 07:36:30 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_rcv.c,v
-+ *
-+ * Revision 1.102 2002/01/29 17:17:56 mcr
-+ * moved include of ipsec_param.h to after include of linux/kernel.h
-+ * otherwise, it seems that some option that is set in ipsec_param.h
-+ * screws up something subtle in the include path to kernel.h, and
-+ * it complains on the snprintf() prototype.
-+ *
-+ * Revision 1.101 2002/01/29 04:00:52 mcr
-+ * more excise of kversions.h header.
-+ *
-+ * Revision 1.100 2002/01/29 02:13:17 mcr
-+ * introduction of ipsec_kversion.h means that include of
-+ * ipsec_param.h must preceed any decisions about what files to
-+ * include to deal with differences in kernel source.
-+ *
-+ * Revision 1.99 2002/01/28 21:40:59 mcr
-+ * should use #if to test boolean option rather than #ifdef.
-+ *
-+ * Revision 1.98 2002/01/20 20:19:36 mcr
-+ * renamed option to IP_FRAGMENT_LINEARIZE.
-+ *
-+ * Revision 1.97 2002/01/12 02:55:36 mcr
-+ * fix for post-2.4.4 to linearize skb's when ESP packet
-+ * was assembled from fragments.
-+ *
-+ * Revision 1.96 2001/11/26 09:23:49 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.93.2.2 2001/10/22 20:54:07 mcr
-+ * include des.h, removed phony prototypes and fixed calling
-+ * conventions to match real prototypes.
-+ *
-+ * Revision 1.93.2.1 2001/09/25 02:22:22 mcr
-+ * struct tdb -> struct ipsec_sa.
-+ * lifetime checks moved to ipsec_life.c
-+ * some sa(tdb) manipulation functions renamed.
-+ *
-+ * Revision 1.95 2001/11/06 19:49:07 rgb
-+ * Added variable descriptions.
-+ * Removed unauthenticated sequence==0 check to prevent DoS.
-+ *
-+ * Revision 1.94 2001/10/18 04:45:20 rgb
-+ * 2.4.9 kernel deprecates linux/malloc.h in favour of linux/slab.h,
-+ * lib/freeswan.h version macros moved to lib/kversions.h.
-+ * Other compiler directive cleanups.
-+ *
-+ * Revision 1.93 2001/09/07 22:17:24 rgb
-+ * Fix for removal of transport layer protocol handler arg in 2.4.4.
-+ * Fix to accomodate peer non-conformance to IPCOMP rfc2393.
-+ *
-+ * Revision 1.92 2001/08/27 19:44:41 rgb
-+ * Fix error in comment.
-+ *
-+ * Revision 1.91 2001/07/20 19:31:48 dhr
-+ * [DHR] fix source and destination subnets of policy in diagnostic
-+ *
-+ * Revision 1.90 2001/07/06 19:51:09 rgb
-+ * Added inbound policy checking code for IPIP SAs.
-+ * Renamed unused function argument for ease and intuitive naming.
-+ *
-+ * Revision 1.89 2001/06/22 19:35:23 rgb
-+ * Disable ipcomp processing if we are handed a ipcomp packet with no esp
-+ * or ah header.
-+ * Print protocol if we are handed a non-ipsec packet.
-+ *
-+ * Revision 1.88 2001/06/20 06:30:47 rgb
-+ * Fixed transport mode IPCOMP policy check bug.
-+ *
-+ * Revision 1.87 2001/06/13 20:58:40 rgb
-+ * Added parentheses around assignment used as truth value to silence
-+ * compiler.
-+ *
-+ * Revision 1.86 2001/06/07 22:25:23 rgb
-+ * Added a source address policy check for tunnel mode. It still does
-+ * not check client addresses and masks.
-+ * Only decapsulate IPIP if it is expected.
-+ *
-+ * Revision 1.85 2001/05/30 08:14:02 rgb
-+ * Removed vestiges of esp-null transforms.
-+ *
-+ * Revision 1.84 2001/05/27 06:12:11 rgb
-+ * Added structures for pid, packet count and last access time to eroute.
-+ * Added packet count to beginning of /proc/net/ipsec_eroute.
-+ *
-+ * Revision 1.83 2001/05/04 16:45:47 rgb
-+ * Remove unneeded code. ipp is not used after this point.
-+ *
-+ * Revision 1.82 2001/05/04 16:36:00 rgb
-+ * Fix skb_cow() call for 2.4.4. (SS)
-+ *
-+ * Revision 1.81 2001/05/02 14:46:53 rgb
-+ * Fix typo for compiler directive to pull IPH back.
-+ *
-+ * Revision 1.80 2001/04/30 19:46:34 rgb
-+ * Update for 2.4.4. We now receive the skb with skb->data pointing to
-+ * h.raw.
-+ *
-+ * Revision 1.79 2001/04/23 15:01:15 rgb
-+ * Added spin_lock() check to prevent double-locking for multiple
-+ * transforms and hence kernel lock-ups with SMP kernels.
-+ * Minor spin_unlock() adjustments to unlock before non-dependant prints
-+ * and IPSEC device stats updates.
-+ *
-+ * Revision 1.78 2001/04/21 23:04:24 rgb
-+ * Check if soft expire has already been sent before sending another to
-+ * prevent ACQUIRE flooding.
-+ *
-+ * Revision 1.77 2001/03/16 07:35:20 rgb
-+ * Ditch extra #if 1 around now permanent policy checking code.
-+ *
-+ * Revision 1.76 2001/02/27 22:24:54 rgb
-+ * Re-formatting debug output (line-splitting, joining, 1arg/line).
-+ * Check for satoa() return codes.
-+ *
-+ * Revision 1.75 2001/02/19 22:28:30 rgb
-+ * Minor change to virtual device discovery code to assert which I/F has
-+ * been found.
-+ *
-+ * Revision 1.74 2000/11/25 03:50:36 rgb
-+ * Oops fix by minor re-arrangement of code to avoid accessing a freed tdb.
-+ *
-+ * Revision 1.73 2000/11/09 20:52:15 rgb
-+ * More spinlock shuffling, locking earlier and unlocking later in rcv to
-+ * include ipcomp and prevent races, renaming some tdb variables that got
-+ * forgotten, moving some unlocks to include tdbs and adding a missing
-+ * unlock. Thanks to Svenning for some of these.
-+ *
-+ * Revision 1.72 2000/11/09 20:11:22 rgb
-+ * Minor shuffles to fix non-standard kernel config option selection.
-+ *
-+ * Revision 1.71 2000/11/06 04:36:18 rgb
-+ * Ditched spin_lock_irqsave in favour of spin_lock.
-+ * Minor initial protocol check rewrite.
-+ * Clean up debug printing.
-+ * Clean up tdb handling on ipcomp.
-+ * Fixed transport mode null pointer de-reference without ipcomp.
-+ * Add Svenning's adaptive content compression.
-+ * Disabled registration of ipcomp handler.
-+ *
-+ * Revision 1.70 2000/10/30 23:41:43 henry
-+ * Hans-Joerg Hoexer's null-pointer fix
-+ *
-+ * Revision 1.69 2000/10/10 18:54:16 rgb
-+ * Added a fix for incoming policy check with ipcomp enabled but
-+ * uncompressible.
-+ *
-+ * Revision 1.68 2000/09/22 17:53:12 rgb
-+ * Fixed ipcomp tdb pointers update for policy checking.
-+ *
-+ * Revision 1.67 2000/09/21 03:40:58 rgb
-+ * Added more debugging to try and track down the cpi outward copy problem.
-+ *
-+ * Revision 1.66 2000/09/20 04:00:10 rgb
-+ * Changed static functions to DEBUG_NO_STATIC to reveal function names for
-+ * debugging oopsen.
-+ *
-+ * Revision 1.65 2000/09/19 07:07:16 rgb
-+ * Added debugging to inbound policy check for ipcomp.
-+ * Added missing spin_unlocks (thanks Svenning!).
-+ * Fixed misplaced tdbnext pointers causing mismatched ipip policy check.
-+ * Protect ipcomp policy check following ipip decap with sysctl switch.
-+ *
-+ * Revision 1.64 2000/09/18 21:27:29 rgb
-+ * 2.0 fixes.
-+ *
-+ * Revision 1.63 2000/09/18 02:35:50 rgb
-+ * Added policy checking to ipcomp and re-enabled policy checking by
-+ * default.
-+ * Optimised satoa calls.
-+ *
-+ * Revision 1.62 2000/09/17 21:02:32 rgb
-+ * Clean up debugging, removing slow timestamp debug code.
-+ *
-+ * Revision 1.61 2000/09/16 01:07:55 rgb
-+ * Fixed erroneous ref from struct ipcomp to struct ipcomphdr.
-+ *
-+ * Revision 1.60 2000/09/15 11:37:01 rgb
-+ * Merge in heavily modified Svenning Soerensen's <svenning@post5.tele.dk>
-+ * IPCOMP zlib deflate code.
-+ *
-+ * Revision 1.59 2000/09/15 04:56:20 rgb
-+ * Remove redundant satoa() call, reformat comment.
-+ *
-+ * Revision 1.58 2000/09/13 08:00:52 rgb
-+ * Flick on inbound policy checking.
-+ *
-+ * Revision 1.57 2000/09/12 03:22:19 rgb
-+ * Converted inbound_policy_check to sysctl.
-+ * Re-enabled policy backcheck.
-+ * Moved policy checks to top and within tdb lock.
-+ *
-+ * Revision 1.56 2000/09/08 19:12:56 rgb
-+ * Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
-+ *
-+ * Revision 1.55 2000/08/28 18:15:46 rgb
-+ * Added MB's nf-debug reset patch.
-+ *
-+ * Revision 1.54 2000/08/27 01:41:26 rgb
-+ * More minor tweaks to the bad padding debug code.
-+ *
-+ * Revision 1.53 2000/08/24 16:54:16 rgb
-+ * Added KLIPS_PRINTMORE macro to continue lines without KERN_INFO level
-+ * info.
-+ * Tidied up device reporting at the start of ipsec_rcv.
-+ * Tidied up bad padding debugging and processing.
-+ *
-+ * Revision 1.52 2000/08/20 21:36:03 rgb
-+ * Activated pfkey_expire() calls.
-+ * Added a hard/soft expiry parameter to pfkey_expire().
-+ * Added sanity checking to avoid propagating zero or smaller-length skbs
-+ * from a bogus decryption.
-+ * Re-arranged the order of soft and hard expiry to conform to RFC2367.
-+ * Clean up references to CONFIG_IPSEC_PFKEYv2.
-+ *
-+ * Revision 1.51 2000/08/18 21:23:30 rgb
-+ * Improve bad padding warning so that the printk buffer doesn't get
-+ * trampled.
-+ *
-+ * Revision 1.50 2000/08/01 14:51:51 rgb
-+ * Removed _all_ remaining traces of DES.
-+ *
-+ * Revision 1.49 2000/07/28 13:50:53 rgb
-+ * Changed enet_statistics to net_device_stats and added back compatibility
-+ * for pre-2.1.19.
-+ *
-+ * Revision 1.48 2000/05/10 19:14:40 rgb
-+ * Only check usetime against soft and hard limits if the tdb has been
-+ * used.
-+ * Cast output of ntohl so that the broken prototype doesn't make our
-+ * compile noisy.
-+ *
-+ * Revision 1.47 2000/05/09 17:45:43 rgb
-+ * Fix replay bitmap corruption bug upon receipt of bogus packet
-+ * with correct SPI. This was a DoS.
-+ *
-+ * Revision 1.46 2000/03/27 02:31:58 rgb
-+ * Fixed authentication failure printout bug.
-+ *
-+ * Revision 1.45 2000/03/22 16:15:37 rgb
-+ * Fixed renaming of dev_get (MB).
-+ *
-+ * Revision 1.44 2000/03/16 08:17:24 rgb
-+ * Hardcode PF_KEYv2 support.
-+ * Fixed minor bug checking AH header length.
-+ *
-+ * Revision 1.43 2000/03/14 12:26:59 rgb
-+ * Added skb->nfct support for clearing netfilter conntrack bits (MB).
-+ *
-+ * Revision 1.42 2000/01/26 10:04:04 rgb
-+ * Fixed inbound policy checking on transport mode bug.
-+ * Fixed noisy 2.0 printk arguments.
-+ *
-+ * Revision 1.41 2000/01/24 20:58:02 rgb
-+ * Improve debugging/reporting support for (disabled) inbound
-+ * policy checking.
-+ *
-+ * Revision 1.40 2000/01/22 23:20:10 rgb
-+ * Fixed up inboud policy checking code.
-+ * Cleaned out unused crud.
-+ *
-+ * Revision 1.39 2000/01/21 06:15:29 rgb
-+ * Added sanity checks on skb_push(), skb_pull() to prevent panics.
-+ * Fixed cut-and-paste debug_tunnel to debug_rcv.
-+ * Added inbound policy checking code, disabled.
-+ * Simplified output code by updating ipp to post-IPIP decapsulation.
-+ *
-+ * elided pre-2000 comments. Use "cvs log"
-+ *
-+ *
-+ * Local Variables:
-+ * c-set-style: linux
-+ * End:
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_sa.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,1880 @@
-+/*
-+ * Common routines for IPsec SA maintenance routines.
-+ *
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_sa.c,v 1.30.2.3 2007-09-05 02:56:10 paul Exp $
-+ *
-+ * This is the file formerly known as "ipsec_xform.h"
-+ *
-+ */
-+
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "openswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/vmalloc.h> /* vmalloc() */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/interrupt.h> /* mark_bh */
-+
-+#include <linux/netdevice.h> /* struct device, and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+#include <linux/skbuff.h>
-+#include <openswan.h>
-+#ifdef SPINLOCK
-+#ifdef SPINLOCK_23
-+#include <linux/spinlock.h> /* *lock* */
-+#else /* SPINLOCK_23 */
-+#include <asm/spinlock.h> /* *lock* */
-+#endif /* SPINLOCK_23 */
-+#endif /* SPINLOCK */
-+
-+#include <net/ip.h>
-+
-+#include "openswan/radij.h"
-+
-+#include "openswan/ipsec_stats.h"
-+#include "openswan/ipsec_life.h"
-+#include "openswan/ipsec_sa.h"
-+#include "openswan/ipsec_xform.h"
-+
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_radij.h"
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_ipe4.h"
-+#include "openswan/ipsec_ah.h"
-+#include "openswan/ipsec_esp.h"
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+#include "openswan/ipsec_proto.h"
-+#include "openswan/ipsec_alg.h"
-+
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+int debug_xform = 0;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+#define SENDERR(_x) do { error = -(_x); goto errlab; } while (0)
-+
-+struct ipsec_sa *ipsec_sadb_hash[SADB_HASHMOD];
-+#ifdef SPINLOCK
-+spinlock_t tdb_lock = SPIN_LOCK_UNLOCKED;
-+#else /* SPINLOCK */
-+spinlock_t tdb_lock;
-+#endif /* SPINLOCK */
-+
-+struct ipsec_sadb ipsec_sadb;
-+
-+#if IPSEC_SA_REF_CODE
-+
-+/* the sub table must be narrower (or equal) in bits than the variable type
-+ in the main table to count the number of unused entries in it. */
-+typedef struct {
-+ int testSizeOf_refSubTable :
-+ ((sizeof(IPsecRefTableUnusedCount) * 8) < IPSEC_SA_REF_SUBTABLE_IDX_WIDTH ? -1 : 1);
-+} dummy;
-+
-+
-+/* The field where the saref will be hosted in the skb must be wide enough to
-+ accomodate the information it needs to store. */
-+typedef struct {
-+ int testSizeOf_refField :
-+ (IPSEC_SA_REF_HOST_FIELD_WIDTH < IPSEC_SA_REF_TABLE_IDX_WIDTH ? -1 : 1 );
-+} dummy2;
-+
-+
-+#define IPS_HASH(said) (((said)->spi + (said)->dst.u.v4.sin_addr.s_addr + (said)->proto) % SADB_HASHMOD)
-+
-+
-+void
-+ipsec_SAtest(void)
-+{
-+ IPsecSAref_t SAref = 258;
-+ struct ipsec_sa ips;
-+ ips.ips_ref = 772;
-+
-+ printk("klips_debug:ipsec_SAtest: "
-+ "IPSEC_SA_REF_SUBTABLE_IDX_WIDTH=%u\n"
-+ "IPSEC_SA_REF_MAINTABLE_NUM_ENTRIES=%u\n"
-+ "IPSEC_SA_REF_SUBTABLE_NUM_ENTRIES=%u\n"
-+ "IPSEC_SA_REF_HOST_FIELD_WIDTH=%lu\n"
-+ "IPSEC_SA_REF_TABLE_MASK=%x\n"
-+ "IPSEC_SA_REF_ENTRY_MASK=%x\n"
-+ "IPsecSAref2table(%d)=%u\n"
-+ "IPsecSAref2entry(%d)=%u\n"
-+ "IPsecSAref2NFmark(%d)=%u\n"
-+ "IPsecSAref2SA(%d)=%p\n"
-+ "IPsecSA2SAref(%p)=%d\n"
-+ ,
-+ IPSEC_SA_REF_SUBTABLE_IDX_WIDTH,
-+ IPSEC_SA_REF_MAINTABLE_NUM_ENTRIES,
-+ IPSEC_SA_REF_SUBTABLE_NUM_ENTRIES,
-+ (unsigned long) IPSEC_SA_REF_HOST_FIELD_WIDTH,
-+ IPSEC_SA_REF_TABLE_MASK,
-+ IPSEC_SA_REF_ENTRY_MASK,
-+ SAref, IPsecSAref2table(SAref),
-+ SAref, IPsecSAref2entry(SAref),
-+ SAref, IPsecSAref2NFmark(SAref),
-+ SAref, IPsecSAref2SA(SAref),
-+ (&ips), IPsecSA2SAref((&ips))
-+ );
-+ return;
-+}
-+
-+int
-+ipsec_SAref_recycle(void)
-+{
-+ int table;
-+ int entry;
-+ int error = 0;
-+
-+ ipsec_sadb.refFreeListHead = -1;
-+ ipsec_sadb.refFreeListTail = -1;
-+
-+ if(ipsec_sadb.refFreeListCont == IPSEC_SA_REF_MAINTABLE_NUM_ENTRIES * IPSEC_SA_REF_SUBTABLE_NUM_ENTRIES) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_SAref_recycle: "
-+ "end of table reached, continuing at start..\n");
-+ ipsec_sadb.refFreeListCont = 0;
-+ }
-+
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_SAref_recycle: "
-+ "recycling, continuing from SAref=%d (0p%p), table=%d, entry=%d.\n",
-+ ipsec_sadb.refFreeListCont,
-+ (ipsec_sadb.refTable[IPsecSAref2table(ipsec_sadb.refFreeListCont)] != NULL) ? IPsecSAref2SA(ipsec_sadb.refFreeListCont) : NULL,
-+ IPsecSAref2table(ipsec_sadb.refFreeListCont),
-+ IPsecSAref2entry(ipsec_sadb.refFreeListCont));
-+
-+ for(table = IPsecSAref2table(ipsec_sadb.refFreeListCont);
-+ table < IPSEC_SA_REF_MAINTABLE_NUM_ENTRIES;
-+ table++) {
-+ if(ipsec_sadb.refTable[table] == NULL) {
-+ error = ipsec_SArefSubTable_alloc(table);
-+ if(error) {
-+ return error;
-+ }
-+ }
-+ for(entry = IPsecSAref2entry(ipsec_sadb.refFreeListCont);
-+ entry < IPSEC_SA_REF_SUBTABLE_NUM_ENTRIES;
-+ entry++) {
-+ if(ipsec_sadb.refTable[table]->entry[entry] == NULL) {
-+ ipsec_sadb.refFreeList[++ipsec_sadb.refFreeListTail] = IPsecSArefBuild(table, entry);
-+ if(ipsec_sadb.refFreeListTail == (IPSEC_SA_REF_FREELIST_NUM_ENTRIES - 1)) {
-+ ipsec_sadb.refFreeListHead = 0;
-+ ipsec_sadb.refFreeListCont = ipsec_sadb.refFreeList[ipsec_sadb.refFreeListTail] + 1;
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_SAref_recycle: "
-+ "SArefFreeList refilled.\n");
-+ return 0;
-+ }
-+ }
-+ }
-+ }
-+
-+ if(ipsec_sadb.refFreeListTail == -1) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_SAref_recycle: "
-+ "out of room in the SArefTable.\n");
-+
-+ return(-ENOSPC);
-+ }
-+
-+ ipsec_sadb.refFreeListHead = 0;
-+ ipsec_sadb.refFreeListCont = ipsec_sadb.refFreeList[ipsec_sadb.refFreeListTail] + 1;
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_SAref_recycle: "
-+ "SArefFreeList partly refilled to %d of %d.\n",
-+ ipsec_sadb.refFreeListTail,
-+ IPSEC_SA_REF_FREELIST_NUM_ENTRIES);
-+ return 0;
-+}
-+
-+int
-+ipsec_SArefSubTable_alloc(unsigned table)
-+{
-+ unsigned entry;
-+ struct IPsecSArefSubTable* SArefsub;
-+
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_SArefSubTable_alloc: "
-+ "allocating %lu bytes for table %u of %u.\n",
-+ (unsigned long) (IPSEC_SA_REF_SUBTABLE_NUM_ENTRIES * sizeof(struct ipsec_sa *)),
-+ table,
-+ IPSEC_SA_REF_MAINTABLE_NUM_ENTRIES);
-+
-+ /* allocate another sub-table */
-+ SArefsub = vmalloc(IPSEC_SA_REF_SUBTABLE_NUM_ENTRIES * sizeof(struct ipsec_sa *));
-+ if(SArefsub == NULL) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_SArefSubTable_alloc: "
-+ "error allocating memory for table %u of %u!\n",
-+ table,
-+ IPSEC_SA_REF_MAINTABLE_NUM_ENTRIES);
-+ return -ENOMEM;
-+ }
-+
-+ /* add this sub-table to the main table */
-+ ipsec_sadb.refTable[table] = SArefsub;
-+
-+ /* initialise each element to NULL */
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_SArefSubTable_alloc: "
-+ "initialising %u elements (2 ^ %u) of table %u.\n",
-+ IPSEC_SA_REF_SUBTABLE_NUM_ENTRIES,
-+ IPSEC_SA_REF_SUBTABLE_IDX_WIDTH,
-+ table);
-+ for(entry = 0; entry < IPSEC_SA_REF_SUBTABLE_NUM_ENTRIES; entry++) {
-+ SArefsub->entry[entry] = NULL;
-+ }
-+
-+ return 0;
-+}
-+#endif /* IPSEC_SA_REF_CODE */
-+
-+int
-+ipsec_saref_freelist_init(void)
-+{
-+ int i;
-+
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_saref_freelist_init: "
-+ "initialising %u elements of FreeList.\n",
-+ IPSEC_SA_REF_FREELIST_NUM_ENTRIES);
-+
-+ for(i = 0; i < IPSEC_SA_REF_FREELIST_NUM_ENTRIES; i++) {
-+ ipsec_sadb.refFreeList[i] = IPSEC_SAREF_NULL;
-+ }
-+ ipsec_sadb.refFreeListHead = -1;
-+ ipsec_sadb.refFreeListCont = 0;
-+ ipsec_sadb.refFreeListTail = -1;
-+
-+ return 0;
-+}
-+
-+int
-+ipsec_sadb_init(void)
-+{
-+ int error = 0;
-+ unsigned i;
-+
-+ for(i = 0; i < SADB_HASHMOD; i++) {
-+ ipsec_sadb_hash[i] = NULL;
-+ }
-+ /* parts above are for the old style SADB hash table */
-+
-+
-+#if IPSEC_SA_REF_CODE
-+ /* initialise SA reference table */
-+
-+ /* initialise the main table */
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sadb_init: "
-+ "initialising main table of size %u (2 ^ %u).\n",
-+ IPSEC_SA_REF_MAINTABLE_NUM_ENTRIES,
-+ IPSEC_SA_REF_MAINTABLE_IDX_WIDTH);
-+ {
-+ unsigned table;
-+ for(table = 0; table < IPSEC_SA_REF_MAINTABLE_NUM_ENTRIES; table++) {
-+ ipsec_sadb.refTable[table] = NULL;
-+ }
-+ }
-+
-+ /* allocate the first sub-table */
-+ error = ipsec_SArefSubTable_alloc(0);
-+ if(error) {
-+ return error;
-+ }
-+
-+ error = ipsec_saref_freelist_init();
-+#endif /* IPSEC_SA_REF_CODE */
-+ return error;
-+}
-+
-+#if IPSEC_SA_REF_CODE
-+IPsecSAref_t
-+ipsec_SAref_alloc(int*error) /* pass in error var by pointer */
-+{
-+ IPsecSAref_t SAref;
-+
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_SAref_alloc: "
-+ "SAref requested... head=%d, cont=%d, tail=%d, listsize=%d.\n",
-+ ipsec_sadb.refFreeListHead,
-+ ipsec_sadb.refFreeListCont,
-+ ipsec_sadb.refFreeListTail,
-+ IPSEC_SA_REF_FREELIST_NUM_ENTRIES);
-+
-+ if(ipsec_sadb.refFreeListHead == -1) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_SAref_alloc: "
-+ "FreeList empty, recycling...\n");
-+ *error = ipsec_SAref_recycle();
-+ if(*error) {
-+ return IPSEC_SAREF_NULL;
-+ }
-+ }
-+
-+ SAref = ipsec_sadb.refFreeList[ipsec_sadb.refFreeListHead];
-+ if(SAref == IPSEC_SAREF_NULL) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_SAref_alloc: "
-+ "unexpected error, refFreeListHead = %d points to invalid entry.\n",
-+ ipsec_sadb.refFreeListHead);
-+ *error = -ESPIPE;
-+ return IPSEC_SAREF_NULL;
-+ }
-+
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_SAref_alloc: "
-+ "allocating SAref=%d, table=%u, entry=%u of %u.\n",
-+ SAref,
-+ IPsecSAref2table(SAref),
-+ IPsecSAref2entry(SAref),
-+ IPSEC_SA_REF_MAINTABLE_NUM_ENTRIES * IPSEC_SA_REF_SUBTABLE_NUM_ENTRIES);
-+
-+ ipsec_sadb.refFreeList[ipsec_sadb.refFreeListHead] = IPSEC_SAREF_NULL;
-+ ipsec_sadb.refFreeListHead++;
-+ if(ipsec_sadb.refFreeListHead > ipsec_sadb.refFreeListTail) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_SAref_alloc: "
-+ "last FreeList entry allocated, resetting list head to empty.\n");
-+ ipsec_sadb.refFreeListHead = -1;
-+ }
-+
-+ return SAref;
-+}
-+#endif /* IPSEC_SA_REF_CODE */
-+
-+int
-+ipsec_sa_print(struct ipsec_sa *ips)
-+{
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+
-+ printk(KERN_INFO "klips_debug: SA:");
-+ if(ips == NULL) {
-+ printk("NULL\n");
-+ return -ENOENT;
-+ }
-+ printk(" ref=%d", ips->ips_ref);
-+ printk(" refcount=%d", atomic_read(&ips->ips_refcount));
-+ if(ips->ips_hnext != NULL) {
-+ printk(" hnext=0p%p", ips->ips_hnext);
-+ }
-+ if(ips->ips_inext != NULL) {
-+ printk(" inext=0p%p", ips->ips_inext);
-+ }
-+ if(ips->ips_onext != NULL) {
-+ printk(" onext=0p%p", ips->ips_onext);
-+ }
-+ sa_len = satot(&ips->ips_said, 0, sa, sizeof(sa));
-+ printk(" said=%s", sa_len ? sa : " (error)");
-+ if(ips->ips_seq) {
-+ printk(" seq=%u", ips->ips_seq);
-+ }
-+ if(ips->ips_pid) {
-+ printk(" pid=%u", ips->ips_pid);
-+ }
-+ if(ips->ips_authalg) {
-+ printk(" authalg=%u", ips->ips_authalg);
-+ }
-+ if(ips->ips_encalg) {
-+ printk(" encalg=%u", ips->ips_encalg);
-+ }
-+ printk(" XFORM=%s%s%s", IPS_XFORM_NAME(ips));
-+ if(ips->ips_replaywin) {
-+ printk(" ooowin=%u", ips->ips_replaywin);
-+ }
-+ if(ips->ips_flags) {
-+ printk(" flags=%u", ips->ips_flags);
-+ }
-+ if(ips->ips_addr_s) {
-+ char buf[SUBNETTOA_BUF];
-+ addrtoa(((struct sockaddr_in*)(ips->ips_addr_s))->sin_addr,
-+ 0, buf, sizeof(buf));
-+ printk(" src=%s", buf);
-+ }
-+ if(ips->ips_addr_d) {
-+ char buf[SUBNETTOA_BUF];
-+ addrtoa(((struct sockaddr_in*)(ips->ips_addr_s))->sin_addr,
-+ 0, buf, sizeof(buf));
-+ printk(" dst=%s", buf);
-+ }
-+ if(ips->ips_addr_p) {
-+ char buf[SUBNETTOA_BUF];
-+ addrtoa(((struct sockaddr_in*)(ips->ips_addr_p))->sin_addr,
-+ 0, buf, sizeof(buf));
-+ printk(" proxy=%s", buf);
-+ }
-+ if(ips->ips_key_bits_a) {
-+ printk(" key_bits_a=%u", ips->ips_key_bits_a);
-+ }
-+ if(ips->ips_key_bits_e) {
-+ printk(" key_bits_e=%u", ips->ips_key_bits_e);
-+ }
-+
-+ printk("\n");
-+ return 0;
-+}
-+
-+struct ipsec_sa*
-+ipsec_sa_alloc(int*error) /* pass in error var by pointer */
-+{
-+ struct ipsec_sa* ips;
-+
-+ if((ips = kmalloc(sizeof(*ips), GFP_ATOMIC) ) == NULL) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_alloc: "
-+ "memory allocation error\n");
-+ *error = -ENOMEM;
-+ return NULL;
-+ }
-+ memset((caddr_t)ips, 0, sizeof(*ips));
-+#if IPSEC_SA_REF_CODE
-+ ips->ips_ref = ipsec_SAref_alloc(error); /* pass in error return by pointer */
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_alloc: "
-+ "allocated %lu bytes for ipsec_sa struct=0p%p ref=%d.\n",
-+ (unsigned long) sizeof(*ips),
-+ ips,
-+ ips->ips_ref);
-+ if(ips->ips_ref == IPSEC_SAREF_NULL) {
-+ kfree(ips);
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_alloc: "
-+ "SAref allocation error\n");
-+ return NULL;
-+ }
-+
-+ atomic_inc(&ips->ips_refcount);
-+ IPsecSAref2SA(ips->ips_ref) = ips;
-+#endif /* IPSEC_SA_REF_CODE */
-+
-+ *error = 0;
-+ return(ips);
-+}
-+
-+int
-+ipsec_sa_free(struct ipsec_sa* ips)
-+{
-+ return ipsec_sa_wipe(ips);
-+}
-+
-+struct ipsec_sa *
-+ipsec_sa_getbyid(ip_said *said)
-+{
-+ int hashval;
-+ struct ipsec_sa *ips;
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+
-+ if(said == NULL) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_error:ipsec_sa_getbyid: "
-+ "null pointer passed in!\n");
-+ return NULL;
-+ }
-+
-+ sa_len = KLIPS_SATOT(debug_xform, said, 0, sa, sizeof(sa));
-+
-+ hashval = IPS_HASH(said);
-+
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_getbyid: "
-+ "linked entry in ipsec_sa table for hash=%d of SA:%s requested.\n",
-+ hashval,
-+ sa_len ? sa : " (error)");
-+
-+ if((ips = ipsec_sadb_hash[hashval]) == NULL) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_getbyid: "
-+ "no entries in ipsec_sa table for hash=%d of SA:%s.\n",
-+ hashval,
-+ sa_len ? sa : " (error)");
-+ return NULL;
-+ }
-+
-+ for (; ips; ips = ips->ips_hnext) {
-+ if ((ips->ips_said.spi == said->spi) &&
-+ (ips->ips_said.dst.u.v4.sin_addr.s_addr == said->dst.u.v4.sin_addr.s_addr) &&
-+ (ips->ips_said.proto == said->proto)) {
-+ atomic_inc(&ips->ips_refcount);
-+ return ips;
-+ }
-+ }
-+
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_getbyid: "
-+ "no entry in linked list for hash=%d of SA:%s.\n",
-+ hashval,
-+ sa_len ? sa : " (error)");
-+ return NULL;
-+}
-+
-+int
-+ipsec_sa_put(struct ipsec_sa *ips)
-+{
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+
-+ if(ips == NULL) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_error:ipsec_sa_put: "
-+ "null pointer passed in!\n");
-+ return -1;
-+ }
-+
-+ sa_len = KLIPS_SATOT(debug_xform, &ips->ips_said, 0, sa, sizeof(sa));
-+
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_put: "
-+ "ipsec_sa SA:%s, ref:%d reference count decremented.\n",
-+ sa_len ? sa : " (error)",
-+ ips->ips_ref);
-+
-+ atomic_dec(&ips->ips_refcount);
-+
-+ return 0;
-+}
-+
-+/*
-+ The ipsec_sa table better *NOT* be locked before it is handed in, or SMP locks will happen
-+*/
-+int
-+ipsec_sa_add(struct ipsec_sa *ips)
-+{
-+ int error = 0;
-+ unsigned int hashval;
-+
-+ if(ips == NULL) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_error:ipsec_sa_add: "
-+ "null pointer passed in!\n");
-+ return -ENODATA;
-+ }
-+ hashval = IPS_HASH(&ips->ips_said);
-+
-+ atomic_inc(&ips->ips_refcount);
-+ spin_lock_bh(&tdb_lock);
-+
-+ ips->ips_hnext = ipsec_sadb_hash[hashval];
-+ ipsec_sadb_hash[hashval] = ips;
-+
-+ spin_unlock_bh(&tdb_lock);
-+
-+ return error;
-+}
-+
-+/*
-+ The ipsec_sa table better be locked before it is handed in, or races might happen
-+*/
-+int
-+ipsec_sa_del(struct ipsec_sa *ips)
-+{
-+ unsigned int hashval;
-+ struct ipsec_sa *ipstp;
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+
-+ if(ips == NULL) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_error:ipsec_sa_del: "
-+ "null pointer passed in!\n");
-+ return -ENODATA;
-+ }
-+
-+ sa_len = KLIPS_SATOT(debug_xform, &ips->ips_said, 0, sa, sizeof(sa));
-+ if(ips->ips_inext || ips->ips_onext) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_error:ipsec_sa_del: "
-+ "SA:%s still linked!\n",
-+ sa_len ? sa : " (error)");
-+ return -EMLINK;
-+ }
-+
-+ hashval = IPS_HASH(&ips->ips_said);
-+
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_del: "
-+ "deleting SA:%s, hashval=%d.\n",
-+ sa_len ? sa : " (error)",
-+ hashval);
-+ if(ipsec_sadb_hash[hashval] == NULL) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_del: "
-+ "no entries in ipsec_sa table for hash=%d of SA:%s.\n",
-+ hashval,
-+ sa_len ? sa : " (error)");
-+ return -ENOENT;
-+ }
-+
-+ if (ips == ipsec_sadb_hash[hashval]) {
-+ ipsec_sadb_hash[hashval] = ipsec_sadb_hash[hashval]->ips_hnext;
-+ ips->ips_hnext = NULL;
-+ atomic_dec(&ips->ips_refcount);
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_del: "
-+ "successfully deleted first ipsec_sa in chain.\n");
-+ return 0;
-+ } else {
-+ for (ipstp = ipsec_sadb_hash[hashval];
-+ ipstp;
-+ ipstp = ipstp->ips_hnext) {
-+ if (ipstp->ips_hnext == ips) {
-+ ipstp->ips_hnext = ips->ips_hnext;
-+ ips->ips_hnext = NULL;
-+ atomic_dec(&ips->ips_refcount);
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_del: "
-+ "successfully deleted link in ipsec_sa chain.\n");
-+ return 0;
-+ }
-+ }
-+ }
-+
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_del: "
-+ "no entries in linked list for hash=%d of SA:%s.\n",
-+ hashval,
-+ sa_len ? sa : " (error)");
-+ return -ENOENT;
-+}
-+
-+/*
-+ The ipsec_sa table better be locked before it is handed in, or races
-+ might happen
-+*/
-+int
-+ipsec_sa_delchain(struct ipsec_sa *ips)
-+{
-+ struct ipsec_sa *ipsdel;
-+ int error = 0;
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+
-+ if(ips == NULL) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_error:ipsec_sa_delchain: "
-+ "null pointer passed in!\n");
-+ return -ENODATA;
-+ }
-+
-+ sa_len = KLIPS_SATOT(debug_xform, &ips->ips_said, 0, sa, sizeof(sa));
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_delchain: "
-+ "passed SA:%s\n",
-+ sa_len ? sa : " (error)");
-+ while(ips->ips_onext != NULL) {
-+ ips = ips->ips_onext;
-+ }
-+
-+ while(ips) {
-+ /* XXX send a pfkey message up to advise of deleted ipsec_sa */
-+ sa_len = KLIPS_SATOT(debug_xform, &ips->ips_said, 0, sa, sizeof(sa));
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_delchain: "
-+ "unlinking and delting SA:%s",
-+ sa_len ? sa : " (error)");
-+ ipsdel = ips;
-+ ips = ips->ips_inext;
-+ if(ips != NULL) {
-+ sa_len = KLIPS_SATOT(debug_xform, &ips->ips_said, 0, sa, sizeof(sa));
-+ KLIPS_PRINT(debug_xform,
-+ ", inext=%s",
-+ sa_len ? sa : " (error)");
-+ atomic_dec(&ipsdel->ips_refcount);
-+ ipsdel->ips_inext = NULL;
-+ atomic_dec(&ips->ips_refcount);
-+ ips->ips_onext = NULL;
-+ }
-+ KLIPS_PRINT(debug_xform,
-+ ".\n");
-+ if((error = ipsec_sa_del(ipsdel))) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_delchain: "
-+ "ipsec_sa_del returned error %d.\n", -error);
-+ return error;
-+ }
-+ if((error = ipsec_sa_wipe(ipsdel))) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_delchain: "
-+ "ipsec_sa_wipe returned error %d.\n", -error);
-+ return error;
-+ }
-+ }
-+ return error;
-+}
-+
-+int
-+ipsec_sadb_cleanup(__u8 proto)
-+{
-+ unsigned i;
-+ int error = 0;
-+ struct ipsec_sa *ips, **ipsprev, *ipsdel;
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sadb_cleanup: "
-+ "cleaning up proto=%d.\n",
-+ proto);
-+
-+ spin_lock_bh(&tdb_lock);
-+
-+ for (i = 0; i < SADB_HASHMOD; i++) {
-+ ipsprev = &(ipsec_sadb_hash[i]);
-+ ips = ipsec_sadb_hash[i];
-+ if(ips != NULL) {
-+ atomic_inc(&ips->ips_refcount);
-+ }
-+ for(; ips != NULL;) {
-+ sa_len = KLIPS_SATOT(debug_xform, &ips->ips_said, 0, sa, sizeof(sa));
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sadb_cleanup: "
-+ "checking SA:%s, hash=%d, ref=%d",
-+ sa_len ? sa : " (error)",
-+ i,
-+ ips->ips_ref);
-+ ipsdel = ips;
-+ ips = ipsdel->ips_hnext;
-+ if(ips != NULL) {
-+ atomic_inc(&ips->ips_refcount);
-+ sa_len = KLIPS_SATOT(debug_xform, &ips->ips_said, 0, sa, sizeof(sa));
-+ KLIPS_PRINT(debug_xform,
-+ ", hnext=%s",
-+ sa_len ? sa : " (error)");
-+ }
-+ if(*ipsprev != NULL) {
-+ sa_len = KLIPS_SATOT(debug_xform, &(*ipsprev)->ips_said, 0, sa, sizeof(sa));
-+ KLIPS_PRINT(debug_xform,
-+ ", *ipsprev=%s",
-+ sa_len ? sa : " (error)");
-+ if((*ipsprev)->ips_hnext) {
-+ sa_len = KLIPS_SATOT(debug_xform, &(*ipsprev)->ips_hnext->ips_said, 0, sa, sizeof(sa));
-+ KLIPS_PRINT(debug_xform,
-+ ", *ipsprev->ips_hnext=%s",
-+ sa_len ? sa : " (error)");
-+ }
-+ }
-+ KLIPS_PRINT(debug_xform,
-+ ".\n");
-+ if(proto == 0 || (proto == ipsdel->ips_said.proto)) {
-+ sa_len = KLIPS_SATOT(debug_xform, &ipsdel->ips_said, 0, sa, sizeof(sa));
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sadb_cleanup: "
-+ "deleting SA chain:%s.\n",
-+ sa_len ? sa : " (error)");
-+ if((error = ipsec_sa_delchain(ipsdel))) {
-+ SENDERR(-error);
-+ }
-+ ipsprev = &(ipsec_sadb_hash[i]);
-+ ips = ipsec_sadb_hash[i];
-+
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sadb_cleanup: "
-+ "deleted SA chain:%s",
-+ sa_len ? sa : " (error)");
-+ if(ips != NULL) {
-+ sa_len = KLIPS_SATOT(debug_xform, &ips->ips_said, 0, sa, sizeof(sa));
-+ KLIPS_PRINT(debug_xform,
-+ ", ipsec_sadb_hash[%d]=%s",
-+ i,
-+ sa_len ? sa : " (error)");
-+ }
-+ if(*ipsprev != NULL) {
-+ sa_len = KLIPS_SATOT(debug_xform, &(*ipsprev)->ips_said, 0, sa, sizeof(sa));
-+ KLIPS_PRINT(debug_xform,
-+ ", *ipsprev=%s",
-+ sa_len ? sa : " (error)");
-+ if((*ipsprev)->ips_hnext != NULL) {
-+ sa_len = KLIPS_SATOT(debug_xform, &(*ipsprev)->ips_hnext->ips_said, 0, sa, sizeof(sa));
-+ KLIPS_PRINT(debug_xform,
-+ ", *ipsprev->ips_hnext=%s",
-+ sa_len ? sa : " (error)");
-+ }
-+ }
-+ KLIPS_PRINT(debug_xform,
-+ ".\n");
-+ } else {
-+ ipsprev = &ipsdel;
-+ }
-+ if(ipsdel != NULL) {
-+ ipsec_sa_put(ipsdel);
-+ }
-+ }
-+ }
-+ errlab:
-+
-+ spin_unlock_bh(&tdb_lock);
-+
-+
-+#if IPSEC_SA_REF_CODE
-+ /* clean up SA reference table */
-+
-+ /* go through the ref table and clean out all the SAs */
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sadb_cleanup: "
-+ "removing SAref entries and tables.");
-+ {
-+ unsigned table, entry;
-+ for(table = 0; table < IPSEC_SA_REF_MAINTABLE_NUM_ENTRIES; table++) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sadb_cleanup: "
-+ "cleaning SAref table=%u.\n",
-+ table);
-+ if(ipsec_sadb.refTable[table] == NULL) {
-+ printk("\n");
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sadb_cleanup: "
-+ "cleaned %u used refTables.\n",
-+ table);
-+ break;
-+ }
-+ for(entry = 0; entry < IPSEC_SA_REF_SUBTABLE_NUM_ENTRIES; entry++) {
-+ if(ipsec_sadb.refTable[table]->entry[entry] != NULL) {
-+ ipsec_sa_delchain(ipsec_sadb.refTable[table]->entry[entry]);
-+ ipsec_sadb.refTable[table]->entry[entry] = NULL;
-+ }
-+ }
-+ }
-+ }
-+#endif /* IPSEC_SA_REF_CODE */
-+
-+ return(error);
-+}
-+
-+int
-+ipsec_sadb_free(void)
-+{
-+ int error = 0;
-+
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sadb_free: "
-+ "freeing SArefTable memory.\n");
-+
-+ /* clean up SA reference table */
-+
-+ /* go through the ref table and clean out all the SAs if any are
-+ left and free table memory */
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sadb_free: "
-+ "removing SAref entries and tables.\n");
-+ {
-+ unsigned table, entry;
-+ for(table = 0; table < IPSEC_SA_REF_MAINTABLE_NUM_ENTRIES; table++) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sadb_free: "
-+ "removing SAref table=%u.\n",
-+ table);
-+ if(ipsec_sadb.refTable[table] == NULL) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sadb_free: "
-+ "removed %u used refTables.\n",
-+ table);
-+ break;
-+ }
-+ for(entry = 0; entry < IPSEC_SA_REF_SUBTABLE_NUM_ENTRIES; entry++) {
-+ if(ipsec_sadb.refTable[table]->entry[entry] != NULL) {
-+ ipsec_sa_delchain(ipsec_sadb.refTable[table]->entry[entry]);
-+ ipsec_sadb.refTable[table]->entry[entry] = NULL;
-+ }
-+ }
-+ vfree(ipsec_sadb.refTable[table]);
-+ ipsec_sadb.refTable[table] = NULL;
-+ }
-+ }
-+
-+ return(error);
-+}
-+
-+int
-+ipsec_sa_wipe(struct ipsec_sa *ips)
-+{
-+ if(ips == NULL) {
-+ return -ENODATA;
-+ }
-+
-+ /* if(atomic_dec_and_test(ips)) {
-+ }; */
-+
-+#if IPSEC_SA_REF_CODE
-+ /* remove me from the SArefTable */
-+ {
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+ sa_len = KLIPS_SATOT(debug_xform, &ips->ips_said, 0, sa, sizeof(sa));
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_wipe: "
-+ "removing SA=%s(0p%p), SAref=%d, table=%d(0p%p), entry=%d from the refTable.\n",
-+ sa_len ? sa : " (error)",
-+ ips,
-+ ips->ips_ref,
-+ IPsecSAref2table(IPsecSA2SAref(ips)),
-+ ipsec_sadb.refTable[IPsecSAref2table(IPsecSA2SAref(ips))],
-+ IPsecSAref2entry(IPsecSA2SAref(ips)));
-+ }
-+ if(ips->ips_ref == IPSEC_SAREF_NULL) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_wipe: "
-+ "why does this SA not have a valid SAref?.\n");
-+ }
-+ ipsec_sadb.refTable[IPsecSAref2table(IPsecSA2SAref(ips))]->entry[IPsecSAref2entry(IPsecSA2SAref(ips))] = NULL;
-+ ips->ips_ref = IPSEC_SAREF_NULL;
-+ ipsec_sa_put(ips);
-+#endif /* IPSEC_SA_REF_CODE */
-+
-+ /* paranoid clean up */
-+ if(ips->ips_addr_s != NULL) {
-+ memset((caddr_t)(ips->ips_addr_s), 0, ips->ips_addr_s_size);
-+ kfree(ips->ips_addr_s);
-+ }
-+ ips->ips_addr_s = NULL;
-+
-+ if(ips->ips_addr_d != NULL) {
-+ memset((caddr_t)(ips->ips_addr_d), 0, ips->ips_addr_d_size);
-+ kfree(ips->ips_addr_d);
-+ }
-+ ips->ips_addr_d = NULL;
-+
-+ if(ips->ips_addr_p != NULL) {
-+ memset((caddr_t)(ips->ips_addr_p), 0, ips->ips_addr_p_size);
-+ kfree(ips->ips_addr_p);
-+ }
-+ ips->ips_addr_p = NULL;
-+
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ if(ips->ips_natt_oa) {
-+ memset((caddr_t)(ips->ips_natt_oa), 0, ips->ips_natt_oa_size);
-+ kfree(ips->ips_natt_oa);
-+ }
-+ ips->ips_natt_oa = NULL;
-+#endif
-+
-+ if(ips->ips_key_a != NULL) {
-+ memset((caddr_t)(ips->ips_key_a), 0, ips->ips_key_a_size);
-+ kfree(ips->ips_key_a);
-+ }
-+ ips->ips_key_a = NULL;
-+
-+ if(ips->ips_key_e != NULL) {
-+ if (ips->ips_alg_enc &&
-+ ips->ips_alg_enc->ixt_e_destroy_key)
-+ {
-+ ips->ips_alg_enc->ixt_e_destroy_key(ips->ips_alg_enc,
-+ ips->ips_key_e);
-+ } else
-+ {
-+ memset((caddr_t)(ips->ips_key_e), 0, ips->ips_key_e_size);
-+ kfree(ips->ips_key_e);
-+ }
-+ }
-+ ips->ips_key_e = NULL;
-+
-+ if(ips->ips_iv != NULL) {
-+ memset((caddr_t)(ips->ips_iv), 0, ips->ips_iv_size);
-+ kfree(ips->ips_iv);
-+ }
-+ ips->ips_iv = NULL;
-+
-+ if(ips->ips_ident_s.data != NULL) {
-+ memset((caddr_t)(ips->ips_ident_s.data),
-+ 0,
-+ ips->ips_ident_s.len * IPSEC_PFKEYv2_ALIGN - sizeof(struct sadb_ident));
-+ kfree(ips->ips_ident_s.data);
-+ }
-+ ips->ips_ident_s.data = NULL;
-+
-+ if(ips->ips_ident_d.data != NULL) {
-+ memset((caddr_t)(ips->ips_ident_d.data),
-+ 0,
-+ ips->ips_ident_d.len * IPSEC_PFKEYv2_ALIGN - sizeof(struct sadb_ident));
-+ kfree(ips->ips_ident_d.data);
-+ }
-+ ips->ips_ident_d.data = NULL;
-+
-+#ifdef CONFIG_KLIPS_ALG
-+ if (ips->ips_alg_enc||ips->ips_alg_auth) {
-+ ipsec_alg_sa_wipe(ips);
-+ }
-+#endif /* CONFIG_KLIPS_ALG */
-+
-+ memset((caddr_t)ips, 0, sizeof(*ips));
-+ kfree(ips);
-+ ips = NULL;
-+
-+ return 0;
-+}
-+
-+extern int sysctl_ipsec_debug_verbose;
-+
-+int ipsec_sa_init(struct ipsec_sa *ipsp)
-+{
-+ int i;
-+ int error = 0;
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+ char ipaddr_txt[ADDRTOA_BUF];
-+ char ipaddr2_txt[ADDRTOA_BUF];
-+#if defined (CONFIG_KLIPS_AUTH_HMAC_MD5) || defined (CONFIG_KLIPS_AUTH_HMAC_SHA1)
-+ unsigned char kb[AHMD596_BLKLEN];
-+#endif
-+#if defined CONFIG_KLIPS_ALG
-+ struct ipsec_alg_enc *ixt_e = NULL;
-+ struct ipsec_alg_auth *ixt_a = NULL;
-+#endif /* CONFIG_KLIPS_ALG */
-+
-+ if(ipsp == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "ipsec_sa_init: "
-+ "ipsp is NULL, fatal\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ sa_len = KLIPS_SATOT(debug_pfkey, &ipsp->ips_said, 0, sa, sizeof(sa));
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "ipsec_sa_init: "
-+ "(pfkey defined) called for SA:%s\n",
-+ sa_len ? sa : " (error)");
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "ipsec_sa_init: "
-+ "calling init routine of %s%s%s\n",
-+ IPS_XFORM_NAME(ipsp));
-+
-+ switch(ipsp->ips_said.proto) {
-+
-+#ifdef CONFIG_KLIPS_IPIP
-+ case IPPROTO_IPIP: {
-+ addrtoa(((struct sockaddr_in*)(ipsp->ips_addr_s))->sin_addr,
-+ 0,
-+ ipaddr_txt, sizeof(ipaddr_txt));
-+ addrtoa(((struct sockaddr_in*)(ipsp->ips_addr_d))->sin_addr,
-+ 0,
-+ ipaddr2_txt, sizeof(ipaddr_txt));
-+ KLIPS_PRINT(debug_pfkey,
-+ "ipsec_sa_init: "
-+ "(pfkey defined) IPIP ipsec_sa set for %s->%s.\n",
-+ ipaddr_txt,
-+ ipaddr2_txt);
-+ }
-+ break;
-+#endif /* !CONFIG_KLIPS_IPIP */
-+
-+#ifdef CONFIG_KLIPS_AH
-+ case IPPROTO_AH:
-+ switch(ipsp->ips_authalg) {
-+# ifdef CONFIG_KLIPS_AUTH_HMAC_MD5
-+ case AH_MD5: {
-+ unsigned char *akp;
-+ unsigned int aks;
-+ MD5_CTX *ictx;
-+ MD5_CTX *octx;
-+
-+ if(ipsp->ips_key_bits_a != (AHMD596_KLEN * 8)) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "ipsec_sa_init: "
-+ "incorrect key size: %d bits -- must be %d bits\n"/*octets (bytes)\n"*/,
-+ ipsp->ips_key_bits_a, AHMD596_KLEN * 8);
-+ SENDERR(EINVAL);
-+ }
-+
-+# if KLIPS_DIVULGE_HMAC_KEY
-+ KLIPS_PRINT(debug_pfkey && sysctl_ipsec_debug_verbose,
-+ "ipsec_sa_init: "
-+ "hmac md5-96 key is 0x%08x %08x %08x %08x\n",
-+ ntohl(*(((__u32 *)ipsp->ips_key_a)+0)),
-+ ntohl(*(((__u32 *)ipsp->ips_key_a)+1)),
-+ ntohl(*(((__u32 *)ipsp->ips_key_a)+2)),
-+ ntohl(*(((__u32 *)ipsp->ips_key_a)+3)));
-+# endif /* KLIPS_DIVULGE_HMAC_KEY */
-+
-+ ipsp->ips_auth_bits = AHMD596_ALEN * 8;
-+
-+ /* save the pointer to the key material */
-+ akp = ipsp->ips_key_a;
-+ aks = ipsp->ips_key_a_size;
-+
-+ KLIPS_PRINT(debug_pfkey && sysctl_ipsec_debug_verbose,
-+ "ipsec_sa_init: "
-+ "allocating %lu bytes for md5_ctx.\n",
-+ (unsigned long) sizeof(struct md5_ctx));
-+ if((ipsp->ips_key_a = (caddr_t)
-+ kmalloc(sizeof(struct md5_ctx), GFP_ATOMIC)) == NULL) {
-+ ipsp->ips_key_a = akp;
-+ SENDERR(ENOMEM);
-+ }
-+ ipsp->ips_key_a_size = sizeof(struct md5_ctx);
-+
-+ for (i = 0; i < DIVUP(ipsp->ips_key_bits_a, 8); i++) {
-+ kb[i] = akp[i] ^ HMAC_IPAD;
-+ }
-+ for (; i < AHMD596_BLKLEN; i++) {
-+ kb[i] = HMAC_IPAD;
-+ }
-+
-+ ictx = &(((struct md5_ctx*)(ipsp->ips_key_a))->ictx);
-+ osMD5Init(ictx);
-+ osMD5Update(ictx, kb, AHMD596_BLKLEN);
-+
-+ for (i = 0; i < AHMD596_BLKLEN; i++) {
-+ kb[i] ^= (HMAC_IPAD ^ HMAC_OPAD);
-+ }
-+
-+ octx = &(((struct md5_ctx*)(ipsp->ips_key_a))->octx);
-+ osMD5Init(octx);
-+ osMD5Update(octx, kb, AHMD596_BLKLEN);
-+
-+# if KLIPS_DIVULGE_HMAC_KEY
-+ KLIPS_PRINT(debug_pfkey && sysctl_ipsec_debug_verbose,
-+ "ipsec_sa_init: "
-+ "MD5 ictx=0x%08x %08x %08x %08x octx=0x%08x %08x %08x %08x\n",
-+ ((__u32*)ictx)[0],
-+ ((__u32*)ictx)[1],
-+ ((__u32*)ictx)[2],
-+ ((__u32*)ictx)[3],
-+ ((__u32*)octx)[0],
-+ ((__u32*)octx)[1],
-+ ((__u32*)octx)[2],
-+ ((__u32*)octx)[3] );
-+# endif /* KLIPS_DIVULGE_HMAC_KEY */
-+
-+ /* zero key buffer -- paranoid */
-+ memset(akp, 0, aks);
-+ kfree(akp);
-+ }
-+ break;
-+# endif /* CONFIG_KLIPS_AUTH_HMAC_MD5 */
-+# ifdef CONFIG_KLIPS_AUTH_HMAC_SHA1
-+ case AH_SHA: {
-+ unsigned char *akp;
-+ unsigned int aks;
-+ SHA1_CTX *ictx;
-+ SHA1_CTX *octx;
-+
-+ if(ipsp->ips_key_bits_a != (AHSHA196_KLEN * 8)) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "ipsec_sa_init: "
-+ "incorrect key size: %d bits -- must be %d bits\n"/*octets (bytes)\n"*/,
-+ ipsp->ips_key_bits_a, AHSHA196_KLEN * 8);
-+ SENDERR(EINVAL);
-+ }
-+
-+# if KLIPS_DIVULGE_HMAC_KEY
-+ KLIPS_PRINT(debug_pfkey && sysctl_ipsec_debug_verbose,
-+ "ipsec_sa_init: "
-+ "hmac sha1-96 key is 0x%08x %08x %08x %08x\n",
-+ ntohl(*(((__u32 *)ipsp->ips_key_a)+0)),
-+ ntohl(*(((__u32 *)ipsp->ips_key_a)+1)),
-+ ntohl(*(((__u32 *)ipsp->ips_key_a)+2)),
-+ ntohl(*(((__u32 *)ipsp->ips_key_a)+3)));
-+# endif /* KLIPS_DIVULGE_HMAC_KEY */
-+
-+ ipsp->ips_auth_bits = AHSHA196_ALEN * 8;
-+
-+ /* save the pointer to the key material */
-+ akp = ipsp->ips_key_a;
-+ aks = ipsp->ips_key_a_size;
-+
-+ KLIPS_PRINT(debug_pfkey && sysctl_ipsec_debug_verbose,
-+ "ipsec_sa_init: "
-+ "allocating %lu bytes for sha1_ctx.\n",
-+ (unsigned long) sizeof(struct sha1_ctx));
-+ if((ipsp->ips_key_a = (caddr_t)
-+ kmalloc(sizeof(struct sha1_ctx), GFP_ATOMIC)) == NULL) {
-+ ipsp->ips_key_a = akp;
-+ SENDERR(ENOMEM);
-+ }
-+ ipsp->ips_key_a_size = sizeof(struct sha1_ctx);
-+
-+ for (i = 0; i < DIVUP(ipsp->ips_key_bits_a, 8); i++) {
-+ kb[i] = akp[i] ^ HMAC_IPAD;
-+ }
-+ for (; i < AHMD596_BLKLEN; i++) {
-+ kb[i] = HMAC_IPAD;
-+ }
-+
-+ ictx = &(((struct sha1_ctx*)(ipsp->ips_key_a))->ictx);
-+ SHA1Init(ictx);
-+ SHA1Update(ictx, kb, AHSHA196_BLKLEN);
-+
-+ for (i = 0; i < AHSHA196_BLKLEN; i++) {
-+ kb[i] ^= (HMAC_IPAD ^ HMAC_OPAD);
-+ }
-+
-+ octx = &(((struct sha1_ctx*)(ipsp->ips_key_a))->octx);
-+ SHA1Init(octx);
-+ SHA1Update(octx, kb, AHSHA196_BLKLEN);
-+
-+# if KLIPS_DIVULGE_HMAC_KEY
-+ KLIPS_PRINT(debug_pfkey && sysctl_ipsec_debug_verbose,
-+ "ipsec_sa_init: "
-+ "SHA1 ictx=0x%08x %08x %08x %08x octx=0x%08x %08x %08x %08x\n",
-+ ((__u32*)ictx)[0],
-+ ((__u32*)ictx)[1],
-+ ((__u32*)ictx)[2],
-+ ((__u32*)ictx)[3],
-+ ((__u32*)octx)[0],
-+ ((__u32*)octx)[1],
-+ ((__u32*)octx)[2],
-+ ((__u32*)octx)[3] );
-+# endif /* KLIPS_DIVULGE_HMAC_KEY */
-+ /* zero key buffer -- paranoid */
-+ memset(akp, 0, aks);
-+ kfree(akp);
-+ }
-+ break;
-+# endif /* CONFIG_KLIPS_AUTH_HMAC_SHA1 */
-+ default:
-+ KLIPS_PRINT(debug_pfkey,
-+ "ipsec_sa_init: "
-+ "authalg=%d support not available in the kernel",
-+ ipsp->ips_authalg);
-+ SENDERR(EINVAL);
-+ }
-+ break;
-+#endif /* CONFIG_KLIPS_AH */
-+
-+#ifdef CONFIG_KLIPS_ESP
-+ case IPPROTO_ESP:
-+ {
-+#if defined (CONFIG_KLIPS_AUTH_HMAC_MD5) || defined (CONFIG_KLIPS_AUTH_HMAC_SHA1)
-+ unsigned char *akp;
-+ unsigned int aks;
-+#endif
-+ ipsp->ips_iv_size = 0;
-+#ifdef CONFIG_KLIPS_ALG
-+ ipsec_alg_sa_init(ipsp);
-+ ixt_e=ipsp->ips_alg_enc;
-+
-+ if (ixt_e == NULL) {
-+ if(printk_ratelimit()) {
-+ printk(KERN_INFO
-+ "ipsec_sa_init: "
-+ "encalg=%d support not available in the kernel",
-+ ipsp->ips_encalg);
-+ }
-+ SENDERR(ENOENT);
-+ }
-+
-+ ipsp->ips_iv_size = ixt_e->ixt_common.ixt_support.ias_ivlen/8;
-+
-+ /* Create IV */
-+ if (ipsp->ips_iv_size) {
-+ if((ipsp->ips_iv = (caddr_t)
-+ kmalloc(ipsp->ips_iv_size, GFP_ATOMIC)) == NULL) {
-+ SENDERR(ENOMEM);
-+ }
-+ prng_bytes(&ipsec_prng,
-+ (char *)ipsp->ips_iv,
-+ ipsp->ips_iv_size);
-+ ipsp->ips_iv_bits = ipsp->ips_iv_size * 8;
-+ }
-+
-+ if ((error=ipsec_alg_enc_key_create(ipsp)) < 0)
-+ SENDERR(-error);
-+
-+ if ((ixt_a=ipsp->ips_alg_auth)) {
-+ if ((error=ipsec_alg_auth_key_create(ipsp)) < 0)
-+ SENDERR(-error);
-+ } else
-+#endif /* CONFIG_KLIPS_ALG */
-+
-+ switch(ipsp->ips_authalg) {
-+# ifdef CONFIG_KLIPS_AUTH_HMAC_MD5
-+ case AH_MD5: {
-+ MD5_CTX *ictx;
-+ MD5_CTX *octx;
-+
-+ if(ipsp->ips_key_bits_a != (AHMD596_KLEN * 8)) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "ipsec_sa_init: "
-+ "incorrect authorisation key size: %d bits -- must be %d bits\n"/*octets (bytes)\n"*/,
-+ ipsp->ips_key_bits_a,
-+ AHMD596_KLEN * 8);
-+ SENDERR(EINVAL);
-+ }
-+
-+# if KLIPS_DIVULGE_HMAC_KEY
-+ KLIPS_PRINT(debug_pfkey && sysctl_ipsec_debug_verbose,
-+ "ipsec_sa_init: "
-+ "hmac md5-96 key is 0x%08x %08x %08x %08x\n",
-+ ntohl(*(((__u32 *)(ipsp->ips_key_a))+0)),
-+ ntohl(*(((__u32 *)(ipsp->ips_key_a))+1)),
-+ ntohl(*(((__u32 *)(ipsp->ips_key_a))+2)),
-+ ntohl(*(((__u32 *)(ipsp->ips_key_a))+3)));
-+# endif /* KLIPS_DIVULGE_HMAC_KEY */
-+ ipsp->ips_auth_bits = AHMD596_ALEN * 8;
-+
-+ /* save the pointer to the key material */
-+ akp = ipsp->ips_key_a;
-+ aks = ipsp->ips_key_a_size;
-+
-+ KLIPS_PRINT(debug_pfkey && sysctl_ipsec_debug_verbose,
-+ "ipsec_sa_init: "
-+ "allocating %lu bytes for md5_ctx.\n",
-+ (unsigned long) sizeof(struct md5_ctx));
-+ if((ipsp->ips_key_a = (caddr_t)
-+ kmalloc(sizeof(struct md5_ctx), GFP_ATOMIC)) == NULL) {
-+ ipsp->ips_key_a = akp;
-+ SENDERR(ENOMEM);
-+ }
-+ ipsp->ips_key_a_size = sizeof(struct md5_ctx);
-+
-+ for (i = 0; i < DIVUP(ipsp->ips_key_bits_a, 8); i++) {
-+ kb[i] = akp[i] ^ HMAC_IPAD;
-+ }
-+ for (; i < AHMD596_BLKLEN; i++) {
-+ kb[i] = HMAC_IPAD;
-+ }
-+
-+ ictx = &(((struct md5_ctx*)(ipsp->ips_key_a))->ictx);
-+ osMD5Init(ictx);
-+ osMD5Update(ictx, kb, AHMD596_BLKLEN);
-+
-+ for (i = 0; i < AHMD596_BLKLEN; i++) {
-+ kb[i] ^= (HMAC_IPAD ^ HMAC_OPAD);
-+ }
-+
-+ octx = &(((struct md5_ctx*)(ipsp->ips_key_a))->octx);
-+ osMD5Init(octx);
-+ osMD5Update(octx, kb, AHMD596_BLKLEN);
-+
-+# if KLIPS_DIVULGE_HMAC_KEY
-+ KLIPS_PRINT(debug_pfkey && sysctl_ipsec_debug_verbose,
-+ "ipsec_sa_init: "
-+ "MD5 ictx=0x%08x %08x %08x %08x octx=0x%08x %08x %08x %08x\n",
-+ ((__u32*)ictx)[0],
-+ ((__u32*)ictx)[1],
-+ ((__u32*)ictx)[2],
-+ ((__u32*)ictx)[3],
-+ ((__u32*)octx)[0],
-+ ((__u32*)octx)[1],
-+ ((__u32*)octx)[2],
-+ ((__u32*)octx)[3] );
-+# endif /* KLIPS_DIVULGE_HMAC_KEY */
-+ /* paranoid */
-+ memset(akp, 0, aks);
-+ kfree(akp);
-+ break;
-+ }
-+# endif /* CONFIG_KLIPS_AUTH_HMAC_MD5 */
-+# ifdef CONFIG_KLIPS_AUTH_HMAC_SHA1
-+ case AH_SHA: {
-+ SHA1_CTX *ictx;
-+ SHA1_CTX *octx;
-+
-+ if(ipsp->ips_key_bits_a != (AHSHA196_KLEN * 8)) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "ipsec_sa_init: "
-+ "incorrect authorisation key size: %d bits -- must be %d bits\n"/*octets (bytes)\n"*/,
-+ ipsp->ips_key_bits_a,
-+ AHSHA196_KLEN * 8);
-+ SENDERR(EINVAL);
-+ }
-+
-+# if KLIPS_DIVULGE_HMAC_KEY
-+ KLIPS_PRINT(debug_pfkey && sysctl_ipsec_debug_verbose,
-+ "ipsec_sa_init: "
-+ "hmac sha1-96 key is 0x%08x %08x %08x %08x\n",
-+ ntohl(*(((__u32 *)ipsp->ips_key_a)+0)),
-+ ntohl(*(((__u32 *)ipsp->ips_key_a)+1)),
-+ ntohl(*(((__u32 *)ipsp->ips_key_a)+2)),
-+ ntohl(*(((__u32 *)ipsp->ips_key_a)+3)));
-+# endif /* KLIPS_DIVULGE_HMAC_KEY */
-+ ipsp->ips_auth_bits = AHSHA196_ALEN * 8;
-+
-+ /* save the pointer to the key material */
-+ akp = ipsp->ips_key_a;
-+ aks = ipsp->ips_key_a_size;
-+
-+ KLIPS_PRINT(debug_pfkey && sysctl_ipsec_debug_verbose,
-+ "ipsec_sa_init: "
-+ "allocating %lu bytes for sha1_ctx.\n",
-+ (unsigned long) sizeof(struct sha1_ctx));
-+ if((ipsp->ips_key_a = (caddr_t)
-+ kmalloc(sizeof(struct sha1_ctx), GFP_ATOMIC)) == NULL) {
-+ ipsp->ips_key_a = akp;
-+ SENDERR(ENOMEM);
-+ }
-+ ipsp->ips_key_a_size = sizeof(struct sha1_ctx);
-+
-+ for (i = 0; i < DIVUP(ipsp->ips_key_bits_a, 8); i++) {
-+ kb[i] = akp[i] ^ HMAC_IPAD;
-+ }
-+ for (; i < AHMD596_BLKLEN; i++) {
-+ kb[i] = HMAC_IPAD;
-+ }
-+
-+ ictx = &(((struct sha1_ctx*)(ipsp->ips_key_a))->ictx);
-+ SHA1Init(ictx);
-+ SHA1Update(ictx, kb, AHSHA196_BLKLEN);
-+
-+ for (i = 0; i < AHSHA196_BLKLEN; i++) {
-+ kb[i] ^= (HMAC_IPAD ^ HMAC_OPAD);
-+ }
-+
-+ octx = &((struct sha1_ctx*)(ipsp->ips_key_a))->octx;
-+ SHA1Init(octx);
-+ SHA1Update(octx, kb, AHSHA196_BLKLEN);
-+
-+# if KLIPS_DIVULGE_HMAC_KEY
-+ KLIPS_PRINT(debug_pfkey && sysctl_ipsec_debug_verbose,
-+ "ipsec_sa_init: "
-+ "SHA1 ictx=0x%08x %08x %08x %08x octx=0x%08x %08x %08x %08x\n",
-+ ((__u32*)ictx)[0],
-+ ((__u32*)ictx)[1],
-+ ((__u32*)ictx)[2],
-+ ((__u32*)ictx)[3],
-+ ((__u32*)octx)[0],
-+ ((__u32*)octx)[1],
-+ ((__u32*)octx)[2],
-+ ((__u32*)octx)[3] );
-+# endif /* KLIPS_DIVULGE_HMAC_KEY */
-+ memset(akp, 0, aks);
-+ kfree(akp);
-+ break;
-+ }
-+# endif /* CONFIG_KLIPS_AUTH_HMAC_SHA1 */
-+ case AH_NONE:
-+ break;
-+ default:
-+ KLIPS_PRINT(debug_pfkey,
-+ "ipsec_sa_init: "
-+ "authalg=%d support not available in the kernel.\n",
-+ ipsp->ips_authalg);
-+ SENDERR(EINVAL);
-+ }
-+ }
-+ break;
-+#endif /* !CONFIG_KLIPS_ESP */
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ case IPPROTO_COMP:
-+ ipsp->ips_comp_adapt_tries = 0;
-+ ipsp->ips_comp_adapt_skip = 0;
-+ ipsp->ips_comp_ratio_cbytes = 0;
-+ ipsp->ips_comp_ratio_dbytes = 0;
-+ break;
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+ default:
-+ printk(KERN_ERR "KLIPS sa initialization: "
-+ "proto=%d unknown.\n",
-+ ipsp->ips_said.proto);
-+ SENDERR(EINVAL);
-+ }
-+
-+ errlab:
-+ return(error);
-+}
-+
-+
-+
-+/*
-+ * $Log: ipsec_sa.c,v $
-+ * Revision 1.30.2.3 2007-09-05 02:56:10 paul
-+ * Use the new ipsec_kversion macros by David to deal with 2.6.22 kernels.
-+ * Fixes based on David McCullough patch.
-+ *
-+ * Revision 1.30.2.2 2006/10/06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.30.2.1 2006/04/20 16:33:07 mcr
-+ * remove all of CONFIG_KLIPS_ALG --- one can no longer build without it.
-+ * Fix in-kernel module compilation. Sub-makefiles do not work.
-+ *
-+ * Revision 1.30 2005/05/24 01:02:35 mcr
-+ * some refactoring/simplification of situation where alg
-+ * is not found.
-+ *
-+ * Revision 1.29 2005/05/18 19:13:28 mcr
-+ * rename debug messages. make sure that algo not found is not
-+ * a debug message.
-+ *
-+ * Revision 1.28 2005/05/11 01:30:20 mcr
-+ * removed "poor-man"s OOP in favour of proper C structures.
-+ *
-+ * Revision 1.27 2005/04/29 05:10:22 mcr
-+ * removed from extraenous includes to make unit testing easier.
-+ *
-+ * Revision 1.26 2005/04/14 20:56:24 mcr
-+ * moved (pfkey_)ipsec_sa_init to ipsec_sa.c.
-+ *
-+ * Revision 1.25 2004/08/22 20:12:16 mcr
-+ * one more KLIPS_NAT->IPSEC_NAT.
-+ *
-+ * Revision 1.24 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.23 2004/04/06 02:49:26 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.22.2.1 2003/12/22 15:25:52 jjo
-+ * . Merged algo-0.8.1-rc11-test1 into alg-branch
-+ *
-+ * Revision 1.22 2003/12/10 01:14:27 mcr
-+ * NAT-traversal patches to KLIPS.
-+ *
-+ * Revision 1.21 2003/10/31 02:27:55 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.20.4.1 2003/10/29 01:30:41 mcr
-+ * elimited "struct sa_id".
-+ *
-+ * Revision 1.20 2003/02/06 01:50:34 rgb
-+ * Fixed initialisation bug for first sadb hash bucket that would only manifest itself on platforms where NULL != 0.
-+ *
-+ * Revision 1.19 2003/01/30 02:32:22 rgb
-+ *
-+ * Rename SAref table macro names for clarity.
-+ * Transmit error code through to caller from callee for better diagnosis of problems.
-+ * Convert IPsecSAref_t from signed to unsigned to fix apparent SAref exhaustion bug.
-+ *
-+ * Revision 1.18 2002/10/12 23:11:53 dhr
-+ *
-+ * [KenB + DHR] more 64-bit cleanup
-+ *
-+ * Revision 1.17 2002/10/07 18:31:43 rgb
-+ * Move field width sanity checks to ipsec_sa.c
-+ *
-+ * Revision 1.16 2002/09/20 15:41:02 rgb
-+ * Re-wrote most of the SAref code to eliminate Entry pointers.
-+ * Added SAref code compiler directive switch.
-+ * Added a saref test function for testing macros.
-+ * Switch from pfkey_alloc_ipsec_sa() to ipsec_sa_alloc().
-+ * Split ipsec_sadb_cleanup from new funciton ipsec_sadb_free to avoid problem
-+ * of freeing newly created structures when clearing the reftable upon startup
-+ * to start from a known state.
-+ * Place all ipsec sadb globals into one struct.
-+ * Rework saref freelist.
-+ * Added memory allocation debugging.
-+ *
-+ * Revision 1.15 2002/09/20 05:01:44 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.14 2002/08/13 19:01:25 mcr
-+ * patches from kenb to permit compilation of FreeSWAN on ia64.
-+ * des library patched to use proper DES_LONG type for ia64.
-+ *
-+ * Revision 1.13 2002/07/29 03:06:20 mcr
-+ * get rid of variable not used warnings.
-+ *
-+ * Revision 1.12 2002/07/26 08:48:31 rgb
-+ * Added SA ref table code.
-+ *
-+ * Revision 1.11 2002/06/04 16:48:49 rgb
-+ * Tidied up pointer code for processor independance.
-+ *
-+ * Revision 1.10 2002/05/23 07:16:17 rgb
-+ * Added ipsec_sa_put() for releasing an ipsec_sa refcount.
-+ * Pointer clean-up.
-+ * Added refcount code.
-+ * Convert "usecount" to "refcount" to remove ambiguity.
-+ *
-+ * Revision 1.9 2002/05/14 02:34:49 rgb
-+ * Converted reference from ipsec_sa_put to ipsec_sa_add to avoid confusion
-+ * with "put" usage in the kernel.
-+ * Change all references to tdb, TDB or Tunnel Descriptor Block to ips,
-+ * ipsec_sa or ipsec_sa.
-+ * Added some preliminary refcount code.
-+ *
-+ * Revision 1.8 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.7 2002/04/24 07:36:30 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_sa.c,v
-+ *
-+ * Revision 1.6 2002/04/20 00:12:25 rgb
-+ * Added esp IV CBC attack fix, disabled.
-+ *
-+ * Revision 1.5 2002/01/29 17:17:56 mcr
-+ * moved include of ipsec_param.h to after include of linux/kernel.h
-+ * otherwise, it seems that some option that is set in ipsec_param.h
-+ * screws up something subtle in the include path to kernel.h, and
-+ * it complains on the snprintf() prototype.
-+ *
-+ * Revision 1.4 2002/01/29 04:00:52 mcr
-+ * more excise of kversions.h header.
-+ *
-+ * Revision 1.3 2002/01/29 02:13:18 mcr
-+ * introduction of ipsec_kversion.h means that include of
-+ * ipsec_param.h must preceed any decisions about what files to
-+ * include to deal with differences in kernel source.
-+ *
-+ * Revision 1.2 2001/11/26 09:16:15 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.1.2.2 2001/10/22 21:05:41 mcr
-+ * removed phony prototype for des_set_key.
-+ *
-+ * Revision 1.1.2.1 2001/09/25 02:24:57 mcr
-+ * struct tdb -> struct ipsec_sa.
-+ * sa(tdb) manipulation functions renamed and moved to ipsec_sa.c
-+ * ipsec_xform.c removed. header file still contains useful things.
-+ *
-+ *
-+ *
-+ * CLONED from ipsec_xform.c:
-+ * Revision 1.53 2001/09/08 21:13:34 rgb
-+ * Added pfkey ident extension support for ISAKMPd. (NetCelo)
-+ *
-+ * Revision 1.52 2001/06/14 19:35:11 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.51 2001/05/30 08:14:03 rgb
-+ * Removed vestiges of esp-null transforms.
-+ *
-+ * Revision 1.50 2001/05/03 19:43:18 rgb
-+ * Initialise error return variable.
-+ * Update SENDERR macro.
-+ * Fix sign of error return code for ipsec_tdbcleanup().
-+ * Use more appropriate return code for ipsec_tdbwipe().
-+ *
-+ * Revision 1.49 2001/04/19 18:56:17 rgb
-+ * Fixed tdb table locking comments.
-+ *
-+ * Revision 1.48 2001/02/27 22:24:55 rgb
-+ * Re-formatting debug output (line-splitting, joining, 1arg/line).
-+ * Check for satoa() return codes.
-+ *
-+ * Revision 1.47 2000/11/06 04:32:08 rgb
-+ * Ditched spin_lock_irqsave in favour of spin_lock_bh.
-+ *
-+ * Revision 1.46 2000/09/20 16:21:57 rgb
-+ * Cleaned up ident string alloc/free.
-+ *
-+ * Revision 1.45 2000/09/08 19:16:51 rgb
-+ * Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
-+ * Removed all references to CONFIG_IPSEC_PFKEYv2.
-+ *
-+ * Revision 1.44 2000/08/30 05:29:04 rgb
-+ * Compiler-define out no longer used tdb_init() in ipsec_xform.c.
-+ *
-+ * Revision 1.43 2000/08/18 21:30:41 rgb
-+ * Purged all tdb_spi, tdb_proto and tdb_dst macros. They are unclear.
-+ *
-+ * Revision 1.42 2000/08/01 14:51:51 rgb
-+ * Removed _all_ remaining traces of DES.
-+ *
-+ * Revision 1.41 2000/07/28 14:58:31 rgb
-+ * Changed kfree_s to kfree, eliminating extra arg to fix 2.4.0-test5.
-+ *
-+ * Revision 1.40 2000/06/28 05:50:11 rgb
-+ * Actually set iv_bits.
-+ *
-+ * Revision 1.39 2000/05/10 23:11:09 rgb
-+ * Added netlink debugging output.
-+ * Added a cast to quiet down the ntohl bug.
-+ *
-+ * Revision 1.38 2000/05/10 19:18:42 rgb
-+ * Cast output of ntohl so that the broken prototype doesn't make our
-+ * compile noisy.
-+ *
-+ * Revision 1.37 2000/03/16 14:04:59 rgb
-+ * Hardwired CONFIG_IPSEC_PFKEYv2 on.
-+ *
-+ * Revision 1.36 2000/01/26 10:11:28 rgb
-+ * Fixed spacing in error text causing run-in words.
-+ *
-+ * Revision 1.35 2000/01/21 06:17:16 rgb
-+ * Tidied up compiler directive indentation for readability.
-+ * Added ictx,octx vars for simplification.(kravietz)
-+ * Added macros for HMAC padding magic numbers.(kravietz)
-+ * Fixed missing key length reporting bug.
-+ * Fixed bug in tdbwipe to return immediately on NULL tdbp passed in.
-+ *
-+ * Revision 1.34 1999/12/08 00:04:19 rgb
-+ * Fixed SA direction overwriting bug for netlink users.
-+ *
-+ * Revision 1.33 1999/12/01 22:16:44 rgb
-+ * Minor formatting changes in ESP MD5 initialisation.
-+ *
-+ * Revision 1.32 1999/11/25 09:06:36 rgb
-+ * Fixed error return messages, should be returning negative numbers.
-+ * Implemented SENDERR macro for propagating error codes.
-+ * Added debug message and separate error code for algorithms not compiled
-+ * in.
-+ *
-+ * Revision 1.31 1999/11/23 23:06:26 rgb
-+ * Sort out pfkey and freeswan headers, putting them in a library path.
-+ *
-+ * Revision 1.30 1999/11/18 04:09:20 rgb
-+ * Replaced all kernel version macros to shorter, readable form.
-+ *
-+ * Revision 1.29 1999/11/17 15:53:40 rgb
-+ * Changed all occurrences of #include "../../../lib/freeswan.h"
-+ * to #include <freeswan.h> which works due to -Ilibfreeswan in the
-+ * klips/net/ipsec/Makefile.
-+ *
-+ * Revision 1.28 1999/10/18 20:04:01 rgb
-+ * Clean-out unused cruft.
-+ *
-+ * Revision 1.27 1999/10/03 19:01:03 rgb
-+ * Spinlock support for 2.3.xx and 2.0.xx kernels.
-+ *
-+ * Revision 1.26 1999/10/01 16:22:24 rgb
-+ * Switch from assignment init. to functional init. of spinlocks.
-+ *
-+ * Revision 1.25 1999/10/01 15:44:54 rgb
-+ * Move spinlock header include to 2.1> scope.
-+ *
-+ * Revision 1.24 1999/10/01 00:03:46 rgb
-+ * Added tdb structure locking.
-+ * Minor formatting changes.
-+ * Add function to initialize tdb hash table.
-+ *
-+ * Revision 1.23 1999/05/25 22:42:12 rgb
-+ * Add deltdbchain() debugging.
-+ *
-+ * Revision 1.22 1999/05/25 21:24:31 rgb
-+ * Add debugging statements to deltdbchain().
-+ *
-+ * Revision 1.21 1999/05/25 03:51:48 rgb
-+ * Refix error return code.
-+ *
-+ * Revision 1.20 1999/05/25 03:34:07 rgb
-+ * Fix error return for flush.
-+ *
-+ * Revision 1.19 1999/05/09 03:25:37 rgb
-+ * Fix bug introduced by 2.2 quick-and-dirty patch.
-+ *
-+ * Revision 1.18 1999/05/05 22:02:32 rgb
-+ * Add a quick and dirty port to 2.2 kernels by Marc Boucher <marc@mbsi.ca>.
-+ *
-+ * Revision 1.17 1999/04/29 15:20:16 rgb
-+ * Change gettdb parameter to a pointer to reduce stack loading and
-+ * facilitate parameter sanity checking.
-+ * Add sanity checking for null pointer arguments.
-+ * Add debugging instrumentation.
-+ * Add function deltdbchain() which will take care of unlinking,
-+ * zeroing and deleting a chain of tdbs.
-+ * Add a parameter to tdbcleanup to be able to delete a class of SAs.
-+ * tdbwipe now actually zeroes the tdb as well as any of its pointed
-+ * structures.
-+ *
-+ * Revision 1.16 1999/04/16 15:36:29 rgb
-+ * Fix cut-and-paste error causing a memory leak in IPIP TDB freeing.
-+ *
-+ * Revision 1.15 1999/04/11 00:29:01 henry
-+ * GPL boilerplate
-+ *
-+ * Revision 1.14 1999/04/06 04:54:28 rgb
-+ * Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+ * patch shell fixes.
-+ *
-+ * Revision 1.13 1999/02/19 18:23:01 rgb
-+ * Nix debug off compile warning.
-+ *
-+ * Revision 1.12 1999/02/17 16:52:16 rgb
-+ * Consolidate satoa()s for space and speed efficiency.
-+ * Convert DEBUG_IPSEC to KLIPS_PRINT
-+ * Clean out unused cruft.
-+ * Ditch NET_IPIP dependancy.
-+ * Loop for 3des key setting.
-+ *
-+ * Revision 1.11 1999/01/26 02:09:05 rgb
-+ * Remove ah/esp/IPIP switching on include files.
-+ * Removed CONFIG_IPSEC_ALGO_SWITCH macro.
-+ * Removed dead code.
-+ * Clean up debug code when switched off.
-+ * Remove references to INET_GET_PROTOCOL.
-+ * Added code exclusion macros to reduce code from unused algorithms.
-+ *
-+ * Revision 1.10 1999/01/22 06:28:55 rgb
-+ * Cruft clean-out.
-+ * Put random IV generation in kernel.
-+ * Added algorithm switch code.
-+ * Enhanced debugging.
-+ * 64-bit clean-up.
-+ *
-+ * Revision 1.9 1998/11/30 13:22:55 rgb
-+ * Rationalised all the klips kernel file headers. They are much shorter
-+ * now and won't conflict under RH5.2.
-+ *
-+ * Revision 1.8 1998/11/25 04:59:06 rgb
-+ * Add conditionals for no IPIP tunnel code.
-+ * Delete commented out code.
-+ *
-+ * Revision 1.7 1998/10/31 06:50:41 rgb
-+ * Convert xform ASCII names to no spaces.
-+ * Fixed up comments in #endif directives.
-+ *
-+ * Revision 1.6 1998/10/19 14:44:28 rgb
-+ * Added inclusion of freeswan.h.
-+ * sa_id structure implemented and used: now includes protocol.
-+ *
-+ * Revision 1.5 1998/10/09 04:32:19 rgb
-+ * Added 'klips_debug' prefix to all klips printk debug statements.
-+ *
-+ * Revision 1.4 1998/08/12 00:11:31 rgb
-+ * Added new xform functions to the xform table.
-+ * Fixed minor debug output spelling error.
-+ *
-+ * Revision 1.3 1998/07/09 17:45:31 rgb
-+ * Clarify algorithm not available message.
-+ *
-+ * Revision 1.2 1998/06/23 03:00:51 rgb
-+ * Check for presence of IPIP protocol if it is setup one way (we don't
-+ * know what has been set up the other way and can only assume it will be
-+ * symmetrical with the exception of keys).
-+ *
-+ * Revision 1.1 1998/06/18 21:27:51 henry
-+ * move sources from klips/src to klips/net/ipsec, to keep stupid
-+ * kernel-build scripts happier in the presence of symlinks
-+ *
-+ * Revision 1.3 1998/06/11 05:54:59 rgb
-+ * Added transform version string pointer to xformsw initialisations.
-+ *
-+ * Revision 1.2 1998/04/21 21:28:57 rgb
-+ * Rearrange debug switches to change on the fly debug output from user
-+ * space. Only kernel changes checked in at this time. radij.c was also
-+ * changed to temporarily remove buggy debugging code in rj_delete causing
-+ * an OOPS and hence, netlink device open errors.
-+ *
-+ * Revision 1.1 1998/04/09 03:06:13 henry
-+ * sources moved up from linux/net/ipsec
-+ *
-+ * Revision 1.1.1.1 1998/04/08 05:35:02 henry
-+ * RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
-+ *
-+ * Revision 0.5 1997/06/03 04:24:48 ji
-+ * Added ESP-3DES-MD5-96
-+ *
-+ * Revision 0.4 1997/01/15 01:28:15 ji
-+ * Added new transforms.
-+ *
-+ * Revision 0.3 1996/11/20 14:39:04 ji
-+ * Minor cleanups.
-+ * Rationalized debugging code.
-+ *
-+ * Revision 0.2 1996/11/02 00:18:33 ji
-+ * First limited release.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_sha1.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,219 @@
-+/*
-+ * RCSID $Id: ipsec_sha1.c,v 1.9 2004-04-06 02:49:26 mcr Exp $
-+ */
-+
-+/*
-+ * The rest of the code is derived from sha1.c by Steve Reid, which is
-+ * public domain.
-+ * Minor cosmetic changes to accomodate it in the Linux kernel by ji.
-+ */
-+
-+#include <asm/byteorder.h>
-+#include <linux/string.h>
-+
-+#include "openswan/ipsec_sha1.h"
-+
-+#if defined(rol)
-+#undef rol
-+#endif
-+
-+#define SHA1HANDSOFF
-+
-+#define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits))))
-+
-+/* blk0() and blk() perform the initial expand. */
-+/* I got the idea of expanding during the round function from SSLeay */
-+#ifdef __LITTLE_ENDIAN
-+#define blk0(i) (block->l[i] = (rol(block->l[i],24)&0xFF00FF00) \
-+ |(rol(block->l[i],8)&0x00FF00FF))
-+#else
-+#define blk0(i) block->l[i]
-+#endif
-+#define blk(i) (block->l[i&15] = rol(block->l[(i+13)&15]^block->l[(i+8)&15] \
-+ ^block->l[(i+2)&15]^block->l[i&15],1))
-+
-+/* (R0+R1), R2, R3, R4 are the different operations used in SHA1 */
-+#define R0(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk0(i)+0x5A827999+rol(v,5);w=rol(w,30);
-+#define R1(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk(i)+0x5A827999+rol(v,5);w=rol(w,30);
-+#define R2(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0x6ED9EBA1+rol(v,5);w=rol(w,30);
-+#define R3(v,w,x,y,z,i) z+=(((w|x)&y)|(w&x))+blk(i)+0x8F1BBCDC+rol(v,5);w=rol(w,30);
-+#define R4(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0xCA62C1D6+rol(v,5);w=rol(w,30);
-+
-+
-+/* Hash a single 512-bit block. This is the core of the algorithm. */
-+
-+void SHA1Transform(__u32 state[5], __u8 buffer[64])
-+{
-+__u32 a, b, c, d, e;
-+typedef union {
-+ unsigned char c[64];
-+ __u32 l[16];
-+} CHAR64LONG16;
-+CHAR64LONG16* block;
-+#ifdef SHA1HANDSOFF
-+static unsigned char workspace[64];
-+ block = (CHAR64LONG16*)workspace;
-+ memcpy(block, buffer, 64);
-+#else
-+ block = (CHAR64LONG16*)buffer;
-+#endif
-+ /* Copy context->state[] to working vars */
-+ a = state[0];
-+ b = state[1];
-+ c = state[2];
-+ d = state[3];
-+ e = state[4];
-+ /* 4 rounds of 20 operations each. Loop unrolled. */
-+ R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3);
-+ R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7);
-+ R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11);
-+ R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15);
-+ R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19);
-+ R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23);
-+ R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27);
-+ R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31);
-+ R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35);
-+ R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39);
-+ R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43);
-+ R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47);
-+ R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51);
-+ R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55);
-+ R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59);
-+ R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63);
-+ R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67);
-+ R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71);
-+ R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75);
-+ R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79);
-+ /* Add the working vars back into context.state[] */
-+ state[0] += a;
-+ state[1] += b;
-+ state[2] += c;
-+ state[3] += d;
-+ state[4] += e;
-+ /* Wipe variables */
-+ a = b = c = d = e = 0;
-+}
-+
-+
-+/* SHA1Init - Initialize new context */
-+
-+void SHA1Init(void *vcontext)
-+{
-+ SHA1_CTX* context = vcontext;
-+
-+ /* SHA1 initialization constants */
-+ context->state[0] = 0x67452301;
-+ context->state[1] = 0xEFCDAB89;
-+ context->state[2] = 0x98BADCFE;
-+ context->state[3] = 0x10325476;
-+ context->state[4] = 0xC3D2E1F0;
-+ context->count[0] = context->count[1] = 0;
-+}
-+
-+
-+/* Run your data through this. */
-+
-+void SHA1Update(void *vcontext, unsigned char* data, __u32 len)
-+{
-+ SHA1_CTX* context = vcontext;
-+ __u32 i, j;
-+
-+ j = context->count[0];
-+ if ((context->count[0] += len << 3) < j)
-+ context->count[1]++;
-+ context->count[1] += (len>>29);
-+ j = (j >> 3) & 63;
-+ if ((j + len) > 63) {
-+ memcpy(&context->buffer[j], data, (i = 64-j));
-+ SHA1Transform(context->state, context->buffer);
-+ for ( ; i + 63 < len; i += 64) {
-+ SHA1Transform(context->state, &data[i]);
-+ }
-+ j = 0;
-+ }
-+ else i = 0;
-+ memcpy(&context->buffer[j], &data[i], len - i);
-+}
-+
-+
-+/* Add padding and return the message digest. */
-+
-+void SHA1Final(unsigned char digest[20], void *vcontext)
-+{
-+ __u32 i, j;
-+ unsigned char finalcount[8];
-+ SHA1_CTX* context = vcontext;
-+
-+ for (i = 0; i < 8; i++) {
-+ finalcount[i] = (unsigned char)((context->count[(i >= 4 ? 0 : 1)]
-+ >> ((3-(i & 3)) * 8) ) & 255); /* Endian independent */
-+ }
-+ SHA1Update(context, (unsigned char *)"\200", 1);
-+ while ((context->count[0] & 504) != 448) {
-+ SHA1Update(context, (unsigned char *)"\0", 1);
-+ }
-+ SHA1Update(context, finalcount, 8); /* Should cause a SHA1Transform() */
-+ for (i = 0; i < 20; i++) {
-+ digest[i] = (unsigned char)
-+ ((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255);
-+ }
-+ /* Wipe variables */
-+ i = j = 0;
-+ memset(context->buffer, 0, 64);
-+ memset(context->state, 0, 20);
-+ memset(context->count, 0, 8);
-+ memset(&finalcount, 0, 8);
-+#ifdef SHA1HANDSOFF /* make SHA1Transform overwrite its own static vars */
-+ SHA1Transform(context->state, context->buffer);
-+#endif
-+}
-+
-+
-+/*
-+ * $Log: ipsec_sha1.c,v $
-+ * Revision 1.9 2004-04-06 02:49:26 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.8 2002/09/10 01:45:14 mcr
-+ * changed type of MD5_CTX and SHA1_CTX to void * so that
-+ * the function prototypes would match, and could be placed
-+ * into a pointer to a function.
-+ *
-+ * Revision 1.7 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.6 2002/04/24 07:36:30 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_sha1.c,v
-+ *
-+ * Revision 1.5 1999/12/13 13:59:13 rgb
-+ * Quick fix to argument size to Update bugs.
-+ *
-+ * Revision 1.4 1999/04/11 00:29:00 henry
-+ * GPL boilerplate
-+ *
-+ * Revision 1.3 1999/04/06 04:54:27 rgb
-+ * Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+ * patch shell fixes.
-+ *
-+ * Revision 1.2 1999/01/22 06:55:50 rgb
-+ * 64-bit clean-up.
-+ *
-+ * Revision 1.1 1998/06/18 21:27:50 henry
-+ * move sources from klips/src to klips/net/ipsec, to keep stupid
-+ * kernel-build scripts happier in the presence of symlinks
-+ *
-+ * Revision 1.2 1998/04/23 20:54:04 rgb
-+ * Fixed md5 and sha1 include file nesting issues, to be cleaned up when
-+ * verified.
-+ *
-+ * Revision 1.1 1998/04/09 03:06:11 henry
-+ * sources moved up from linux/net/ipsec
-+ *
-+ * Revision 1.1.1.1 1998/04/08 05:35:05 henry
-+ * RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
-+ *
-+ * Revision 0.4 1997/01/15 01:28:15 ji
-+ * New transform
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_snprintf.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,135 @@
-+/*
-+ * @(#) ipsec_snprintf() function
-+ *
-+ * Copyright (C) 1998, 1999, 2000, 2001 Richard Guy Briggs <rgb@freeswan.org>
-+ * 2001 Michael Richardson <mcr@freeswan.org>
-+ * Copyright (C) 2005 Michael Richardson <mcr@xelerance.com>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * Split out from ipsec_proc.c.
-+ */
-+
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+#define __NO_VERSION__
-+#include <linux/module.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "openswan/ipsec_kversion.h"
-+#include "openswan/ipsec_param.h"
-+
-+#include <net/ip.h>
-+
-+#include "openswan/radij.h"
-+
-+#include "openswan/ipsec_life.h"
-+#include "openswan/ipsec_stats.h"
-+#include "openswan/ipsec_sa.h"
-+
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_radij.h"
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_tunnel.h"
-+#include "openswan/ipsec_xmit.h"
-+
-+#include "openswan/ipsec_rcv.h"
-+#include "openswan/ipsec_ah.h"
-+#include "openswan/ipsec_esp.h"
-+#include "openswan/ipsec_kern24.h"
-+
-+#ifdef CONFIG_KLIPS_IPCOMP
-+#include "openswan/ipcomp.h"
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+
-+#include "openswan/ipsec_proto.h"
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+/* ipsec_snprintf: like snprintf except
-+ * - size is signed and a negative value is treated as if it were 0
-+ * - the returned result is never negative --
-+ * an error generates a "?" or null output (depending on space).
-+ * (Our callers are too lazy to check for an error return.)
-+ *
-+ * @param buf String buffer
-+ * @param size Size of the string
-+ * @param fmt printf string
-+ * @param ... Variables to be displayed in fmt
-+ * @return int Return code
-+ */
-+int ipsec_snprintf(char *buf, ssize_t size, const char *fmt, ...)
-+{
-+ va_list args;
-+ int i;
-+ size_t possize = size < 0? 0 : size;
-+ va_start(args, fmt);
-+ i = vsnprintf(buf,possize,fmt,args);
-+ va_end(args);
-+ if (i < 0) {
-+ /* create empty output in place of error */
-+ i = 0;
-+ if (size > 0) {
-+ *buf = '\0';
-+ }
-+ }
-+ return i;
-+}
-+
-+
-+void ipsec_dmp_block(char *s, caddr_t bb, int len)
-+{
-+ int i;
-+ unsigned char *b = bb;
-+
-+ printk(KERN_INFO "klips_dmp: "
-+ "at %s, len=%d:\n", s, len);
-+
-+ for(i = 0; i < len; i++ /*, c++*/) {
-+ if(!(i % 16)) {
-+ printk(KERN_INFO
-+ "klips_debug: @%03x:",
-+ i);
-+ }
-+ printk(" %02x", b[i]);
-+ if(!((i + 1) % 16)) {
-+ printk("\n");
-+ }
-+ }
-+ if(i % 16) {
-+ printk("\n");
-+ }
-+}
-+
-+/*
-+ *
-+ * $Log: ipsec_snprintf.c,v $
-+ * Revision 1.3.2.1 2006-10-06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.3 2005/04/29 05:10:22 mcr
-+ * removed from extraenous includes to make unit testing easier.
-+ *
-+ * Revision 1.2 2005/04/15 00:32:01 mcr
-+ * added ipsec_dmp_block routine.
-+ *
-+ *
-+ * Local Variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_tunnel.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,2893 @@
-+/*
-+ * IPSEC Tunneling code. Heavily based on drivers/net/new_tunnel.c
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ */
-+
-+char ipsec_tunnel_c_version[] = "RCSID $Id: ipsec_tunnel.c,v 1.232.2.7 2007-09-18 18:26:18 paul Exp $";
-+
-+#define __NO_VERSION__
-+#include <linux/module.h>
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif /* for CONFIG_IP_FORWARD */
-+#include <linux/version.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "openswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/interrupt.h> /* mark_bh */
-+
-+#include <net/tcp.h>
-+#include <net/udp.h>
-+#include <linux/skbuff.h>
-+
-+#include <linux/netdevice.h> /* struct device, struct net_device_stats, dev_queue_xmit() and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+#include <net/arp.h>
-+#include <linux/skbuff.h>
-+
-+#include <openswan.h>
-+
-+#ifdef NET_21
-+# include <linux/in6.h>
-+# define ip_chk_addr inet_addr_type
-+# define IS_MYADDR RTN_LOCAL
-+# include <net/dst.h>
-+# undef dev_kfree_skb
-+# define dev_kfree_skb(a,b) kfree_skb(a)
-+# define PHYSDEV_TYPE
-+#endif /* NET_21 */
-+
-+#include <net/icmp.h> /* icmp_send() */
-+#include <net/ip.h>
-+#ifdef NETDEV_23
-+# include <linux/netfilter_ipv4.h>
-+#endif /* NETDEV_23 */
-+
-+#include <linux/if_arp.h>
-+#include <net/arp.h>
-+
-+#include "openswan/ipsec_kversion.h"
-+#include "openswan/radij.h"
-+#include "openswan/ipsec_life.h"
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_eroute.h"
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_radij.h"
-+#include "openswan/ipsec_sa.h"
-+#include "openswan/ipsec_tunnel.h"
-+#include "openswan/ipsec_xmit.h"
-+#include "openswan/ipsec_ipe4.h"
-+#include "openswan/ipsec_ah.h"
-+#include "openswan/ipsec_esp.h"
-+#include "openswan/ipsec_kern24.h"
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+#include "openswan/ipsec_proto.h"
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+#include <linux/udp.h>
-+#endif
-+
-+static __u32 zeroes[64];
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+int debug_tunnel = 0;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+DEBUG_NO_STATIC int
-+ipsec_tunnel_open(struct net_device *dev)
-+{
-+ struct ipsecpriv *prv = dev->priv;
-+
-+ /*
-+ * Can't open until attached.
-+ */
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_open: "
-+ "dev = %s, prv->dev = %s\n",
-+ dev->name, prv->dev?prv->dev->name:"NONE");
-+
-+ if (prv->dev == NULL)
-+ return -ENODEV;
-+
-+ KLIPS_INC_USE;
-+ return 0;
-+}
-+
-+DEBUG_NO_STATIC int
-+ipsec_tunnel_close(struct net_device *dev)
-+{
-+ KLIPS_DEC_USE;
-+ return 0;
-+}
-+
-+#ifdef NETDEV_23
-+static inline int ipsec_tunnel_xmit2(struct sk_buff *skb)
-+{
-+#ifdef NETDEV_25 /* 2.6 kernels */
-+ return dst_output(skb);
-+#else
-+ return ip_send(skb);
-+#endif
-+}
-+#endif /* NETDEV_23 */
-+
-+enum ipsec_xmit_value
-+ipsec_tunnel_strip_hard_header(struct ipsec_xmit_state *ixs)
-+{
-+ /* ixs->physdev->hard_header_len is unreliable and should not be used */
-+ ixs->hard_header_len = (unsigned char *)(ixs->iph) - ixs->skb->data;
-+
-+ if(ixs->hard_header_len < 0) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_error:ipsec_xmit_strip_hard_header: "
-+ "Negative hard_header_len (%d)?!\n", ixs->hard_header_len);
-+ ixs->stats->tx_dropped++;
-+ return IPSEC_XMIT_BADHHLEN;
-+ }
-+
-+ /* while ixs->physdev->hard_header_len is unreliable and
-+ * should not be trusted, it accurate and required for ATM, GRE and
-+ * some other interfaces to work. Thanks to Willy Tarreau
-+ * <willy@w.ods.org>.
-+ */
-+ if(ixs->hard_header_len == 0) { /* no hard header present */
-+ ixs->hard_header_stripped = 1;
-+ ixs->hard_header_len = ixs->physdev->hard_header_len;
-+ }
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if (debug_tunnel & DB_TN_XMIT) {
-+ int i;
-+ char c;
-+
-+ printk(KERN_INFO "klips_debug:ipsec_xmit_strip_hard_header: "
-+ ">>> skb->len=%ld hard_header_len:%d",
-+ (unsigned long int)ixs->skb->len, ixs->hard_header_len);
-+ c = ' ';
-+ for (i=0; i < ixs->hard_header_len; i++) {
-+ printk("%c%02x", c, ixs->skb->data[i]);
-+ c = ':';
-+ }
-+ printk(" \n");
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ KLIPS_IP_PRINT(debug_tunnel & DB_TN_XMIT, ixs->iph);
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_strip_hard_header: "
-+ "Original head,tailroom: %d,%d\n",
-+ skb_headroom(ixs->skb), skb_tailroom(ixs->skb));
-+
-+ return IPSEC_XMIT_OK;
-+}
-+
-+enum ipsec_xmit_value
-+ipsec_tunnel_SAlookup(struct ipsec_xmit_state *ixs)
-+{
-+ unsigned int bypass;
-+
-+ bypass = FALSE;
-+
-+ /*
-+ * First things first -- look us up in the erouting tables.
-+ */
-+ ixs->matcher.sen_len = sizeof (struct sockaddr_encap);
-+ ixs->matcher.sen_family = AF_ENCAP;
-+ ixs->matcher.sen_type = SENT_IP4;
-+ ixs->matcher.sen_ip_src.s_addr = ixs->iph->saddr;
-+ ixs->matcher.sen_ip_dst.s_addr = ixs->iph->daddr;
-+ ixs->matcher.sen_proto = ixs->iph->protocol;
-+ ipsec_extract_ports(ixs->iph, &ixs->matcher);
-+
-+ /*
-+ * The spinlock is to prevent any other process from accessing or deleting
-+ * the eroute while we are using and updating it.
-+ */
-+ spin_lock(&eroute_lock);
-+
-+ ixs->eroute = ipsec_findroute(&ixs->matcher);
-+
-+ if(ixs->iph->protocol == IPPROTO_UDP) {
-+ struct udphdr *t = NULL;
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:udp port check: "
-+ "fragoff: %d len: %d>%ld \n",
-+ ntohs(ixs->iph->frag_off) & IP_OFFSET,
-+ (ixs->skb->len - ixs->hard_header_len),
-+ (unsigned long int) ((ixs->iph->ihl << 2) + sizeof(struct udphdr)));
-+
-+ if((ntohs(ixs->iph->frag_off) & IP_OFFSET) == 0 &&
-+ ((ixs->skb->len - ixs->hard_header_len) >=
-+ ((ixs->iph->ihl << 2) + sizeof(struct udphdr))))
-+ {
-+ t =((struct udphdr*)((caddr_t)ixs->iph+(ixs->iph->ihl<<2)));
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:udp port in packet: "
-+ "port %d -> %d\n",
-+ ntohs(t->source), ntohs(t->dest));
-+ }
-+
-+ ixs->sport=0; ixs->dport=0;
-+
-+ if(ixs->skb->sk) {
-+#ifdef NET_26
-+#ifdef HAVE_INET_SK_SPORT
-+ ixs->sport = ntohs(inet_sk(ixs->skb->sk)->sport);
-+ ixs->dport = ntohs(inet_sk(ixs->skb->sk)->dport);
-+#else
-+ struct udp_sock *us;
-+
-+ us = (struct udp_sock *)ixs->skb->sk;
-+
-+ ixs->sport = ntohs(us->inet.sport);
-+ ixs->dport = ntohs(us->inet.dport);
-+#endif
-+#else
-+ ixs->sport = ntohs(ixs->skb->sk->sport);
-+ ixs->dport = ntohs(ixs->skb->sk->dport);
-+#endif
-+
-+ }
-+
-+ if(t != NULL) {
-+ if(ixs->sport == 0) {
-+ ixs->sport = ntohs(t->source);
-+ }
-+ if(ixs->dport == 0) {
-+ ixs->dport = ntohs(t->dest);
-+ }
-+ }
-+ }
-+
-+ /*
-+ * practically identical to above, but let's be careful about
-+ * tcp vs udp headers
-+ */
-+ if(ixs->iph->protocol == IPPROTO_TCP) {
-+ struct tcphdr *t = NULL;
-+
-+ if((ntohs(ixs->iph->frag_off) & IP_OFFSET) == 0 &&
-+ ((ixs->skb->len - ixs->hard_header_len) >=
-+ ((ixs->iph->ihl << 2) + sizeof(struct tcphdr)))) {
-+ t =((struct tcphdr*)((caddr_t)ixs->iph+(ixs->iph->ihl<<2)));
-+ }
-+
-+ ixs->sport=0; ixs->dport=0;
-+
-+ if(ixs->skb->sk) {
-+#ifdef NET_26
-+#ifdef HAVE_INET_SK_SPORT
-+ ixs->sport = ntohs(inet_sk(ixs->skb->sk)->sport);
-+ ixs->dport = ntohs(inet_sk(ixs->skb->sk)->dport);
-+#else
-+ struct tcp_tw_bucket *tw;
-+
-+ tw = (struct tcp_tw_bucket *)ixs->skb->sk;
-+
-+ ixs->sport = ntohs(tw->tw_sport);
-+ ixs->dport = ntohs(tw->tw_dport);
-+#endif
-+#else
-+ ixs->sport = ntohs(ixs->skb->sk->sport);
-+ ixs->dport = ntohs(ixs->skb->sk->dport);
-+#endif
-+ }
-+
-+ if(t != NULL) {
-+ if(ixs->sport == 0) {
-+ ixs->sport = ntohs(t->source);
-+ }
-+ if(ixs->dport == 0) {
-+ ixs->dport = ntohs(t->dest);
-+ }
-+ }
-+ }
-+
-+ /* default to a %drop eroute */
-+ ixs->outgoing_said.proto = IPPROTO_INT;
-+ ixs->outgoing_said.spi = htonl(SPI_DROP);
-+ ixs->outgoing_said.dst.u.v4.sin_addr.s_addr = INADDR_ANY;
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_SAlookup: "
-+ "checking for local udp/500 IKE packet "
-+ "saddr=%x, er=0p%p, daddr=%x, er_dst=%x, proto=%d sport=%d dport=%d\n",
-+ ntohl((unsigned int)ixs->iph->saddr),
-+ ixs->eroute,
-+ ntohl((unsigned int)ixs->iph->daddr),
-+ ixs->eroute ? ntohl((unsigned int)ixs->eroute->er_said.dst.u.v4.sin_addr.s_addr) : 0,
-+ ixs->iph->protocol,
-+ ixs->sport,
-+ ixs->dport);
-+
-+ /*
-+ * cheat for now...are we udp/500? If so, let it through
-+ * without interference since it is most likely an IKE packet.
-+ */
-+
-+ if (ip_chk_addr((unsigned long)ixs->iph->saddr) == IS_MYADDR
-+ && (ixs->eroute==NULL
-+ || ixs->iph->daddr == ixs->eroute->er_said.dst.u.v4.sin_addr.s_addr
-+ || INADDR_ANY == ixs->eroute->er_said.dst.u.v4.sin_addr.s_addr)
-+ && (ixs->iph->protocol == IPPROTO_UDP &&
-+ (ixs->sport == 500 || ixs->sport == 4500))) {
-+ /* Whatever the eroute, this is an IKE message
-+ * from us (i.e. not being forwarded).
-+ * Furthermore, if there is a tunnel eroute,
-+ * the destination is the peer for this eroute.
-+ * So %pass the packet: modify the default %drop.
-+ */
-+
-+ ixs->outgoing_said.spi = htonl(SPI_PASS);
-+ if(!(ixs->skb->sk) && ((ntohs(ixs->iph->frag_off) & IP_MF) != 0)) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_SAlookup: "
-+ "local UDP/500 (probably IKE) passthrough: base fragment, rest of fragments will probably get filtered.\n");
-+ }
-+ bypass = TRUE;
-+ }
-+
-+#ifdef KLIPS_EXCEPT_DNS53
-+ /*
-+ *
-+ * if we are udp/53 or tcp/53, also let it through a %trap or %hold,
-+ * since it is DNS, but *also* follow the %trap.
-+ *
-+ * we do not do this for tunnels, only %trap's and %hold's.
-+ *
-+ */
-+
-+ if (ip_chk_addr((unsigned long)ixs->iph->saddr) == IS_MYADDR
-+ && (ixs->eroute==NULL
-+ || ixs->iph->daddr == ixs->eroute->er_said.dst.u.v4.sin_addr.s_addr
-+ || INADDR_ANY == ixs->eroute->er_said.dst.u.v4.sin_addr.s_addr)
-+ && ((ixs->iph->protocol == IPPROTO_UDP
-+ || ixs->iph->protocol == IPPROTO_TCP)
-+ && ixs->dport == 53)) {
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_SAlookup: "
-+ "possible DNS packet\n");
-+
-+ if(ixs->eroute)
-+ {
-+ if(ixs->eroute->er_said.spi == htonl(SPI_TRAP)
-+ || ixs->eroute->er_said.spi == htonl(SPI_HOLD))
-+ {
-+ ixs->outgoing_said.spi = htonl(SPI_PASSTRAP);
-+ bypass = TRUE;
-+ }
-+ }
-+ else
-+ {
-+ ixs->outgoing_said.spi = htonl(SPI_PASSTRAP);
-+ bypass = TRUE;
-+ }
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_SAlookup: "
-+ "bypass = %d\n", bypass);
-+
-+ if(bypass
-+ && !(ixs->skb->sk)
-+ && ((ntohs(ixs->iph->frag_off) & IP_MF) != 0))
-+ {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_SAlookup: "
-+ "local port 53 (probably DNS) passthrough:"
-+ "base fragment, rest of fragments will "
-+ "probably get filtered.\n");
-+ }
-+ }
-+#endif
-+
-+ if (bypass==FALSE && ixs->eroute) {
-+ ixs->eroute->er_count++;
-+ ixs->eroute->er_lasttime = jiffies/HZ;
-+ if(ixs->eroute->er_said.proto==IPPROTO_INT
-+ && ixs->eroute->er_said.spi==htonl(SPI_HOLD))
-+ {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_SAlookup: "
-+ "shunt SA of HOLD: skb stored in HOLD.\n");
-+ if(ixs->eroute->er_last != NULL) {
-+ kfree_skb(ixs->eroute->er_last);
-+ }
-+ ixs->eroute->er_last = ixs->skb;
-+ ixs->skb = NULL;
-+ ixs->stats->tx_dropped++;
-+ spin_unlock(&eroute_lock);
-+ return IPSEC_XMIT_STOLEN;
-+ }
-+ ixs->outgoing_said = ixs->eroute->er_said;
-+ ixs->eroute_pid = ixs->eroute->er_pid;
-+
-+ /* Copy of the ident for the TRAP/TRAPSUBNET eroutes */
-+ if(ixs->outgoing_said.proto==IPPROTO_INT
-+ && (ixs->outgoing_said.spi==htonl(SPI_TRAP)
-+ || (ixs->outgoing_said.spi==htonl(SPI_TRAPSUBNET)))) {
-+ int len;
-+
-+ ixs->ips.ips_ident_s.type = ixs->eroute->er_ident_s.type;
-+ ixs->ips.ips_ident_s.id = ixs->eroute->er_ident_s.id;
-+ ixs->ips.ips_ident_s.len = ixs->eroute->er_ident_s.len;
-+ if (ixs->ips.ips_ident_s.len)
-+ {
-+ len = ixs->ips.ips_ident_s.len * IPSEC_PFKEYv2_ALIGN - sizeof(struct sadb_ident);
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_SAlookup: "
-+ "allocating %d bytes for ident_s shunt SA of HOLD: skb stored in HOLD.\n",
-+ len);
-+ if ((ixs->ips.ips_ident_s.data = kmalloc(len, GFP_ATOMIC)) == NULL) {
-+ printk(KERN_WARNING "klips_debug:ipsec_xmit_SAlookup: "
-+ "Failed, tried to allocate %d bytes for source ident.\n",
-+ len);
-+ ixs->stats->tx_dropped++;
-+ spin_unlock(&eroute_lock);
-+ return IPSEC_XMIT_ERRMEMALLOC;
-+ }
-+ memcpy(ixs->ips.ips_ident_s.data, ixs->eroute->er_ident_s.data, len);
-+ }
-+ ixs->ips.ips_ident_d.type = ixs->eroute->er_ident_d.type;
-+ ixs->ips.ips_ident_d.id = ixs->eroute->er_ident_d.id;
-+ ixs->ips.ips_ident_d.len = ixs->eroute->er_ident_d.len;
-+ if (ixs->ips.ips_ident_d.len)
-+ {
-+ len = ixs->ips.ips_ident_d.len * IPSEC_PFKEYv2_ALIGN - sizeof(struct sadb_ident);
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_SAlookup: "
-+ "allocating %d bytes for ident_d shunt SA of HOLD: skb stored in HOLD.\n",
-+ len);
-+ if ((ixs->ips.ips_ident_d.data = kmalloc(len, GFP_ATOMIC)) == NULL) {
-+ printk(KERN_WARNING "klips_debug:ipsec_xmit_SAlookup: "
-+ "Failed, tried to allocate %d bytes for dest ident.\n",
-+ len);
-+ ixs->stats->tx_dropped++;
-+ spin_unlock(&eroute_lock);
-+ return IPSEC_XMIT_ERRMEMALLOC;
-+ }
-+ memcpy(ixs->ips.ips_ident_d.data, ixs->eroute->er_ident_d.data, len);
-+ }
-+ }
-+ }
-+
-+ spin_unlock(&eroute_lock);
-+ return IPSEC_XMIT_OK;
-+}
-+
-+
-+enum ipsec_xmit_value
-+ipsec_tunnel_restore_hard_header(struct ipsec_xmit_state*ixs)
-+{
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_restore_hard_header: "
-+ "After recursive xforms -- head,tailroom: %d,%d\n",
-+ skb_headroom(ixs->skb),
-+ skb_tailroom(ixs->skb));
-+
-+ if(ixs->saved_header) {
-+ if(skb_headroom(ixs->skb) < ixs->hard_header_len) {
-+ printk(KERN_WARNING
-+ "klips_error:ipsec_xmit_restore_hard_header: "
-+ "tried to skb_push hhlen=%d, %d available. This should never happen, please report.\n",
-+ ixs->hard_header_len,
-+ skb_headroom(ixs->skb));
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_PUSHPULLERR;
-+
-+ }
-+ skb_push(ixs->skb, ixs->hard_header_len);
-+ {
-+ int i;
-+ for (i = 0; i < ixs->hard_header_len; i++) {
-+ ixs->skb->data[i] = ixs->saved_header[i];
-+ }
-+ }
-+ }
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ if (ixs->natt_type && ixs->natt_head) {
-+ struct iphdr *ipp = ip_hdr(ixs->skb);
-+ struct udphdr *udp;
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_tunnel_start_xmit: "
-+ "encapsuling packet into UDP (NAT-Traversal) (%d %d)\n",
-+ ixs->natt_type, ixs->natt_head);
-+
-+ ixs->iphlen = ipp->ihl << 2;
-+ ipp->tot_len =
-+ htons(ntohs(ipp->tot_len) + ixs->natt_head);
-+ if(skb_tailroom(ixs->skb) < ixs->natt_head) {
-+ printk(KERN_WARNING "klips_error:ipsec_tunnel_start_xmit: "
-+ "tried to skb_put %d, %d available. "
-+ "This should never happen, please report.\n",
-+ ixs->natt_head,
-+ skb_tailroom(ixs->skb));
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_ESPUDP;
-+ }
-+ skb_put(ixs->skb, ixs->natt_head);
-+
-+ udp = (struct udphdr *)((char *)ipp + ixs->iphlen);
-+
-+ /* move ESP hdr after UDP hdr */
-+ memmove((void *)((char *)udp + ixs->natt_head),
-+ (void *)(udp),
-+ ntohs(ipp->tot_len) - ixs->iphlen - ixs->natt_head);
-+
-+ /* clear UDP & Non-IKE Markers (if any) */
-+ memset(udp, 0, ixs->natt_head);
-+
-+ /* fill UDP with usefull informations ;-) */
-+ udp->source = htons(ixs->natt_sport);
-+ udp->dest = htons(ixs->natt_dport);
-+ udp->len = htons(ntohs(ipp->tot_len) - ixs->iphlen);
-+
-+ /* set protocol */
-+ ipp->protocol = IPPROTO_UDP;
-+
-+ /* fix IP checksum */
-+ ipp->check = 0;
-+ ipp->check = ip_fast_csum((unsigned char *)ipp, ipp->ihl);
-+ }
-+#endif
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_restore_hard_header: "
-+ "With hard_header, final head,tailroom: %d,%d\n",
-+ skb_headroom(ixs->skb),
-+ skb_tailroom(ixs->skb));
-+
-+ return IPSEC_XMIT_OK;
-+}
-+
-+enum ipsec_xmit_value
-+ipsec_tunnel_send(struct ipsec_xmit_state*ixs)
-+{
-+#ifdef NETDEV_25
-+ struct flowi fl;
-+#endif
-+
-+#ifdef NET_21 /* 2.2 and 2.4 kernels */
-+ /* new route/dst cache code from James Morris */
-+ ixs->skb->dev = ixs->physdev;
-+#ifdef NETDEV_25
-+ memset (&fl, 0x0, sizeof (struct flowi));
-+ fl.oif = ixs->physdev->iflink;
-+ fl.nl_u.ip4_u.daddr = ip_hdr(ixs->skb)->daddr;
-+ fl.nl_u.ip4_u.saddr = ixs->pass ? 0 : ip_hdr(ixs->skb)->saddr;
-+ fl.nl_u.ip4_u.tos = RT_TOS(ip_hdr(ixs->skb)->tos);
-+ fl.proto = ip_hdr(ixs->skb)->protocol;
-+ if ((ixs->error = ip_route_output_key(&ixs->route, &fl))) {
-+#else
-+ /*skb_orphan(ixs->skb);*/
-+ if((ixs->error = ip_route_output(&ixs->route,
-+ ixs->skb->nh.iph->daddr,
-+ ixs->pass ? 0 : ip_hdr(ixs->skb)->saddr,
-+ RT_TOS(ip_hdr(ixs->skb)->tos),
-+ /* mcr->rgb: should this be 0 instead? */
-+ ixs->physdev->iflink))) {
-+#endif
-+ ixs->stats->tx_errors++;
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_send: "
-+ "ip_route_output failed with error code %d, rt->u.dst.dev=%s, dropped\n",
-+ ixs->error,
-+ ixs->route->u.dst.dev->name);
-+ return IPSEC_XMIT_ROUTEERR;
-+ }
-+ if(ixs->dev == ixs->route->u.dst.dev) {
-+ ip_rt_put(ixs->route);
-+ /* This is recursion, drop it. */
-+ ixs->stats->tx_errors++;
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_send: "
-+ "suspect recursion, dev=rt->u.dst.dev=%s, dropped\n",
-+ ixs->dev->name);
-+ return IPSEC_XMIT_RECURSDETECT;
-+ }
-+ dst_release(ixs->skb->dst);
-+ ixs->skb->dst = &ixs->route->u.dst;
-+ ixs->stats->tx_bytes += ixs->skb->len;
-+ if(ixs->skb->len < skb_network_header(ixs->skb) - ixs->skb->data) {
-+ ixs->stats->tx_errors++;
-+ printk(KERN_WARNING
-+ "klips_error:ipsec_xmit_send: "
-+ "tried to __skb_pull nh-data=%ld, %d available. This should never happen, please report.\n",
-+ (unsigned long)(skb_network_header(ixs->skb) - ixs->skb->data),
-+ ixs->skb->len);
-+ return IPSEC_XMIT_PUSHPULLERR;
-+ }
-+ __skb_pull(ixs->skb, skb_network_header(ixs->skb) - ixs->skb->data);
-+#ifdef SKB_RESET_NFCT
-+ if(!ixs->pass) {
-+ nf_conntrack_put(ixs->skb->nfct);
-+ ixs->skb->nfct = NULL;
-+ }
-+#if defined(CONFIG_NETFILTER_DEBUG) && defined(HAVE_SKB_NF_DEBUG)
-+ ixs->skb->nf_debug = 0;
-+#endif /* CONFIG_NETFILTER_DEBUG */
-+#endif /* SKB_RESET_NFCT */
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_send: "
-+ "...done, calling ip_send() on device:%s\n",
-+ ixs->skb->dev ? ixs->skb->dev->name : "NULL");
-+ KLIPS_IP_PRINT(debug_tunnel & DB_TN_XMIT, ip_hdr(ixs->skb));
-+#ifdef NETDEV_23 /* 2.4 kernels */
-+ {
-+ int err;
-+
-+ err = NF_HOOK(PF_INET, NF_IP_LOCAL_OUT, ixs->skb, NULL, ixs->route->u.dst.dev,
-+ ipsec_tunnel_xmit2);
-+ if(err != NET_XMIT_SUCCESS && err != NET_XMIT_CN) {
-+ if(net_ratelimit())
-+ printk(KERN_ERR
-+ "klips_error:ipsec_xmit_send: "
-+ "ip_send() failed, err=%d\n",
-+ -err);
-+ ixs->stats->tx_errors++;
-+ ixs->stats->tx_aborted_errors++;
-+ ixs->skb = NULL;
-+ return IPSEC_XMIT_IPSENDFAILURE;
-+ }
-+ }
-+#else /* NETDEV_23 */ /* 2.2 kernels */
-+ ip_send(ixs->skb);
-+#endif /* NETDEV_23 */
-+#else /* NET_21 */ /* 2.0 kernels */
-+ ixs->skb->arp = 1;
-+ /* ISDN/ASYNC PPP from Matjaz Godec. */
-+ /* skb->protocol = htons(ETH_P_IP); */
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_send: "
-+ "...done, calling dev_queue_xmit() or ip_fragment().\n");
-+ IP_SEND(ixs->skb, ixs->physdev);
-+#endif /* NET_21 */
-+ ixs->stats->tx_packets++;
-+
-+ ixs->skb = NULL;
-+
-+ return IPSEC_XMIT_OK;
-+}
-+
-+void
-+ipsec_tunnel_cleanup(struct ipsec_xmit_state*ixs)
-+{
-+#if defined(HAS_NETIF_QUEUE) || defined (HAVE_NETIF_QUEUE)
-+ netif_wake_queue(ixs->dev);
-+#else /* defined(HAS_NETIF_QUEUE) || defined (HAVE_NETIF_QUEUE) */
-+ ixs->dev->tbusy = 0;
-+#endif /* defined(HAS_NETIF_QUEUE) || defined (HAVE_NETIF_QUEUE) */
-+ if(ixs->saved_header) {
-+ kfree(ixs->saved_header);
-+ }
-+ if(ixs->skb) {
-+ dev_kfree_skb(ixs->skb, FREE_WRITE);
-+ }
-+ if(ixs->oskb) {
-+ dev_kfree_skb(ixs->oskb, FREE_WRITE);
-+ }
-+ if (ixs->ips.ips_ident_s.data) {
-+ kfree(ixs->ips.ips_ident_s.data);
-+ }
-+ if (ixs->ips.ips_ident_d.data) {
-+ kfree(ixs->ips.ips_ident_d.data);
-+ }
-+}
-+
-+/*
-+ * This function assumes it is being called from dev_queue_xmit()
-+ * and that skb is filled properly by that function.
-+ */
-+int
-+ipsec_tunnel_start_xmit(struct sk_buff *skb, struct net_device *dev)
-+{
-+ struct ipsec_xmit_state ixs_mem;
-+ struct ipsec_xmit_state *ixs = &ixs_mem;
-+ enum ipsec_xmit_value stat;
-+
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ ixs->natt_type = 0, ixs->natt_head = 0;
-+ ixs->natt_sport = 0, ixs->natt_dport = 0;
-+#endif
-+
-+ memset((caddr_t)ixs, 0, sizeof(*ixs));
-+ ixs->oskb = NULL;
-+ ixs->saved_header = NULL; /* saved copy of the hard header */
-+ ixs->route = NULL;
-+ memset((caddr_t)&(ixs->ips), 0, sizeof(ixs->ips));
-+ ixs->dev = dev;
-+ ixs->skb = skb;
-+
-+ stat = ipsec_xmit_sanity_check_dev(ixs);
-+ if(stat != IPSEC_XMIT_OK) {
-+ goto cleanup;
-+ }
-+
-+ stat = ipsec_xmit_sanity_check_skb(ixs);
-+ if(stat != IPSEC_XMIT_OK) {
-+ goto cleanup;
-+ }
-+
-+ stat = ipsec_tunnel_strip_hard_header(ixs);
-+ if(stat != IPSEC_XMIT_OK) {
-+ goto cleanup;
-+ }
-+
-+ stat = ipsec_tunnel_SAlookup(ixs);
-+ if(stat != IPSEC_XMIT_OK) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_tunnel_start_xmit: SAlookup failed: %d\n",
-+ stat);
-+ goto cleanup;
-+ }
-+
-+ ixs->innersrc = ixs->iph->saddr;
-+ /* start encapsulation loop here XXX */
-+ do {
-+ stat = ipsec_xmit_encap_bundle(ixs);
-+ if(stat != IPSEC_XMIT_OK) {
-+ if(stat == IPSEC_XMIT_PASS) {
-+ goto bypass;
-+ }
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_tunnel_start_xmit: encap_bundle failed: %d\n",
-+ stat);
-+ goto cleanup;
-+ }
-+
-+ ixs->matcher.sen_ip_src.s_addr = ixs->iph->saddr;
-+ ixs->matcher.sen_ip_dst.s_addr = ixs->iph->daddr;
-+ ixs->matcher.sen_proto = ixs->iph->protocol;
-+ ipsec_extract_ports(ixs->iph, &ixs->matcher);
-+
-+ spin_lock(&eroute_lock);
-+ ixs->eroute = ipsec_findroute(&ixs->matcher);
-+ if(ixs->eroute) {
-+ ixs->outgoing_said = ixs->eroute->er_said;
-+ ixs->eroute_pid = ixs->eroute->er_pid;
-+ ixs->eroute->er_count++;
-+ ixs->eroute->er_lasttime = jiffies/HZ;
-+ }
-+ spin_unlock(&eroute_lock);
-+
-+ KLIPS_PRINT((debug_tunnel & DB_TN_XMIT) &&
-+ /* ((ixs->orgdst != ixs->newdst) || (ixs->orgsrc != ixs->newsrc)) */
-+ (ixs->orgedst != ixs->outgoing_said.dst.u.v4.sin_addr.s_addr) &&
-+ ixs->outgoing_said.dst.u.v4.sin_addr.s_addr &&
-+ ixs->eroute,
-+ "klips_debug:ipsec_tunnel_start_xmit: "
-+ "We are recursing here.\n");
-+
-+ } while(/*((ixs->orgdst != ixs->newdst) || (ixs->orgsrc != ixs->newsrc))*/
-+ (ixs->orgedst != ixs->outgoing_said.dst.u.v4.sin_addr.s_addr) &&
-+ ixs->outgoing_said.dst.u.v4.sin_addr.s_addr &&
-+ ixs->eroute);
-+
-+ stat = ipsec_tunnel_restore_hard_header(ixs);
-+ if(stat != IPSEC_XMIT_OK) {
-+ goto cleanup;
-+ }
-+
-+ bypass:
-+ stat = ipsec_tunnel_send(ixs);
-+
-+ cleanup:
-+ ipsec_tunnel_cleanup(ixs);
-+
-+ return 0;
-+}
-+
-+DEBUG_NO_STATIC struct net_device_stats *
-+ipsec_tunnel_get_stats(struct net_device *dev)
-+{
-+ return &(((struct ipsecpriv *)(dev->priv))->mystats);
-+}
-+
-+/*
-+ * Revectored calls.
-+ * For each of these calls, a field exists in our private structure.
-+ */
-+
-+DEBUG_NO_STATIC int
-+ipsec_tunnel_hard_header(struct sk_buff *skb, struct net_device *dev,
-+ unsigned short type, void *daddr, void *saddr, unsigned len)
-+{
-+ struct ipsecpriv *prv = dev->priv;
-+ struct net_device *tmp;
-+ int ret;
-+ struct net_device_stats *stats; /* This device's statistics */
-+
-+ if(skb == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_hard_header: "
-+ "no skb...\n");
-+ return -ENODATA;
-+ }
-+
-+ if(dev == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_hard_header: "
-+ "no device...\n");
-+ return -ENODEV;
-+ }
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_hard_header: "
-+ "skb->dev=%s dev=%s.\n",
-+ skb->dev ? skb->dev->name : "NULL",
-+ dev->name);
-+
-+ if(prv == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_hard_header: "
-+ "no private space associated with dev=%s\n",
-+ dev->name ? dev->name : "NULL");
-+ return -ENODEV;
-+ }
-+
-+ stats = (struct net_device_stats *) &(prv->mystats);
-+
-+ if(prv->dev == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_hard_header: "
-+ "no physical device associated with dev=%s\n",
-+ dev->name ? dev->name : "NULL");
-+ stats->tx_dropped++;
-+ return -ENODEV;
-+ }
-+
-+ /* check if we have to send a IPv6 packet. It might be a Router
-+ Solicitation, where the building of the packet happens in
-+ reverse order:
-+ 1. ll hdr,
-+ 2. IPv6 hdr,
-+ 3. ICMPv6 hdr
-+ -> skb->nh.raw is still uninitialized when this function is
-+ called!! If this is no IPv6 packet, we can print debugging
-+ messages, otherwise we skip all debugging messages and just
-+ build the ll header */
-+ if(type != ETH_P_IPV6) {
-+ /* execute this only, if we don't have to build the
-+ header for a IPv6 packet */
-+ if(!prv->hard_header) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_hard_header: "
-+ "physical device has been detached, packet dropped 0p%p->0p%p len=%d type=%d dev=%s->NULL ",
-+ saddr,
-+ daddr,
-+ len,
-+ type,
-+ dev->name);
-+#ifdef NET_21
-+ KLIPS_PRINTMORE(debug_tunnel & DB_TN_REVEC,
-+ "ip=%08x->%08x\n",
-+ (__u32)ntohl(ip_hdr(skb)->saddr),
-+ (__u32)ntohl(ip_hdr(skb)->daddr) );
-+#else /* NET_21 */
-+ KLIPS_PRINTMORE(debug_tunnel & DB_TN_REVEC,
-+ "ip=%08x->%08x\n",
-+ (__u32)ntohl(skb->ip_hdr->saddr),
-+ (__u32)ntohl(skb->ip_hdr->daddr) );
-+#endif /* NET_21 */
-+ stats->tx_dropped++;
-+ return -ENODEV;
-+ }
-+
-+#define da ((struct net_device *)(prv->dev))->dev_addr
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_hard_header: "
-+ "Revectored 0p%p->0p%p len=%d type=%d dev=%s->%s dev_addr=%02x:%02x:%02x:%02x:%02x:%02x ",
-+ saddr,
-+ daddr,
-+ len,
-+ type,
-+ dev->name,
-+ prv->dev->name,
-+ da[0], da[1], da[2], da[3], da[4], da[5]);
-+#ifdef NET_21
-+ KLIPS_PRINTMORE(debug_tunnel & DB_TN_REVEC,
-+ "ip=%08x->%08x\n",
-+ (__u32)ntohl(ip_hdr(skb)->saddr),
-+ (__u32)ntohl(ip_hdr(skb)->daddr) );
-+#else /* NET_21 */
-+ KLIPS_PRINTMORE(debug_tunnel & DB_TN_REVEC,
-+ "ip=%08x->%08x\n",
-+ (__u32)ntohl(skb->ip_hdr->saddr),
-+ (__u32)ntohl(skb->ip_hdr->daddr) );
-+#endif /* NET_21 */
-+ } else {
-+ KLIPS_PRINT(debug_tunnel,
-+ "klips_debug:ipsec_tunnel_hard_header: "
-+ "is IPv6 packet, skip debugging messages, only revector and build linklocal header.\n");
-+ }
-+ tmp = skb->dev;
-+ skb->dev = prv->dev;
-+ ret = prv->hard_header(skb, prv->dev, type, (void *)daddr, (void *)saddr, len);
-+ skb->dev = tmp;
-+ return ret;
-+}
-+
-+DEBUG_NO_STATIC int
-+#ifdef NET_21
-+ipsec_tunnel_rebuild_header(struct sk_buff *skb)
-+#else /* NET_21 */
-+ipsec_tunnel_rebuild_header(void *buff, struct net_device *dev,
-+ unsigned long raddr, struct sk_buff *skb)
-+#endif /* NET_21 */
-+{
-+ struct ipsecpriv *prv = skb->dev->priv;
-+ struct net_device *tmp;
-+ int ret;
-+ struct net_device_stats *stats; /* This device's statistics */
-+
-+ if(skb->dev == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_rebuild_header: "
-+ "no device...");
-+ return -ENODEV;
-+ }
-+
-+ if(prv == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_rebuild_header: "
-+ "no private space associated with dev=%s",
-+ skb->dev->name ? skb->dev->name : "NULL");
-+ return -ENODEV;
-+ }
-+
-+ stats = (struct net_device_stats *) &(prv->mystats);
-+
-+ if(prv->dev == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_rebuild_header: "
-+ "no physical device associated with dev=%s",
-+ skb->dev->name ? skb->dev->name : "NULL");
-+ stats->tx_dropped++;
-+ return -ENODEV;
-+ }
-+
-+ if(!prv->rebuild_header) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_rebuild_header: "
-+ "physical device has been detached, packet dropped skb->dev=%s->NULL ",
-+ skb->dev->name);
-+#ifdef NET_21
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "ip=%08x->%08x\n",
-+ (__u32)ntohl(ip_hdr(skb)->saddr),
-+ (__u32)ntohl(ip_hdr(skb)->daddr) );
-+#else /* NET_21 */
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "ip=%08x->%08x\n",
-+ (__u32)ntohl(skb->ip_hdr->saddr),
-+ (__u32)ntohl(skb->ip_hdr->daddr) );
-+#endif /* NET_21 */
-+ stats->tx_dropped++;
-+ return -ENODEV;
-+ }
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel: "
-+ "Revectored rebuild_header dev=%s->%s ",
-+ skb->dev->name, prv->dev->name);
-+#ifdef NET_21
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "ip=%08x->%08x\n",
-+ (__u32)ntohl(ip_hdr(skb)->saddr),
-+ (__u32)ntohl(ip_hdr(skb)->daddr) );
-+#else /* NET_21 */
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "ip=%08x->%08x\n",
-+ (__u32)ntohl(skb->ip_hdr->saddr),
-+ (__u32)ntohl(skb->ip_hdr->daddr) );
-+#endif /* NET_21 */
-+ tmp = skb->dev;
-+ skb->dev = prv->dev;
-+
-+#ifdef NET_21
-+ ret = prv->rebuild_header(skb);
-+#else /* NET_21 */
-+ ret = prv->rebuild_header(buff, prv->dev, raddr, skb);
-+#endif /* NET_21 */
-+ skb->dev = tmp;
-+ return ret;
-+}
-+
-+DEBUG_NO_STATIC int
-+ipsec_tunnel_set_mac_address(struct net_device *dev, void *addr)
-+{
-+ struct ipsecpriv *prv = dev->priv;
-+
-+ struct net_device_stats *stats; /* This device's statistics */
-+
-+ if(dev == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_set_mac_address: "
-+ "no device...");
-+ return -ENODEV;
-+ }
-+
-+ if(prv == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_set_mac_address: "
-+ "no private space associated with dev=%s",
-+ dev->name ? dev->name : "NULL");
-+ return -ENODEV;
-+ }
-+
-+ stats = (struct net_device_stats *) &(prv->mystats);
-+
-+ if(prv->dev == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_set_mac_address: "
-+ "no physical device associated with dev=%s",
-+ dev->name ? dev->name : "NULL");
-+ stats->tx_dropped++;
-+ return -ENODEV;
-+ }
-+
-+ if(!prv->set_mac_address) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_set_mac_address: "
-+ "physical device has been detached, cannot set - skb->dev=%s->NULL\n",
-+ dev->name);
-+ return -ENODEV;
-+ }
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_set_mac_address: "
-+ "Revectored dev=%s->%s addr=0p%p\n",
-+ dev->name, prv->dev->name, addr);
-+ return prv->set_mac_address(prv->dev, addr);
-+
-+}
-+
-+#ifndef NET_21
-+DEBUG_NO_STATIC void
-+ipsec_tunnel_cache_bind(struct hh_cache **hhp, struct net_device *dev,
-+ unsigned short htype, __u32 daddr)
-+{
-+ struct ipsecpriv *prv = dev->priv;
-+
-+ struct net_device_stats *stats; /* This device's statistics */
-+
-+ if(dev == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_cache_bind: "
-+ "no device...");
-+ return;
-+ }
-+
-+ if(prv == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_cache_bind: "
-+ "no private space associated with dev=%s",
-+ dev->name ? dev->name : "NULL");
-+ return;
-+ }
-+
-+ stats = (struct net_device_stats *) &(prv->mystats);
-+
-+ if(prv->dev == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_cache_bind: "
-+ "no physical device associated with dev=%s",
-+ dev->name ? dev->name : "NULL");
-+ stats->tx_dropped++;
-+ return;
-+ }
-+
-+ if(!prv->header_cache_bind) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_cache_bind: "
-+ "physical device has been detached, cannot set - skb->dev=%s->NULL\n",
-+ dev->name);
-+ stats->tx_dropped++;
-+ return;
-+ }
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_cache_bind: "
-+ "Revectored \n");
-+ prv->header_cache_bind(hhp, prv->dev, htype, daddr);
-+ return;
-+}
-+#endif /* !NET_21 */
-+
-+
-+DEBUG_NO_STATIC void
-+ipsec_tunnel_cache_update(struct hh_cache *hh, struct net_device *dev, unsigned char * haddr)
-+{
-+ struct ipsecpriv *prv = dev->priv;
-+
-+ struct net_device_stats *stats; /* This device's statistics */
-+
-+ if(dev == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_cache_update: "
-+ "no device...");
-+ return;
-+ }
-+
-+ if(prv == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_cache_update: "
-+ "no private space associated with dev=%s",
-+ dev->name ? dev->name : "NULL");
-+ return;
-+ }
-+
-+ stats = (struct net_device_stats *) &(prv->mystats);
-+
-+ if(prv->dev == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_cache_update: "
-+ "no physical device associated with dev=%s",
-+ dev->name ? dev->name : "NULL");
-+ stats->tx_dropped++;
-+ return;
-+ }
-+
-+ if(!prv->header_cache_update) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_cache_update: "
-+ "physical device has been detached, cannot set - skb->dev=%s->NULL\n",
-+ dev->name);
-+ return;
-+ }
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel: "
-+ "Revectored cache_update\n");
-+ prv->header_cache_update(hh, prv->dev, haddr);
-+ return;
-+}
-+
-+#ifdef NET_21
-+DEBUG_NO_STATIC int
-+ipsec_tunnel_neigh_setup(struct neighbour *n)
-+{
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_neigh_setup:\n");
-+
-+ if (n->nud_state == NUD_NONE) {
-+ n->ops = &arp_broken_ops;
-+ n->output = n->ops->output;
-+ }
-+ return 0;
-+}
-+
-+DEBUG_NO_STATIC int
-+ipsec_tunnel_neigh_setup_dev(struct net_device *dev, struct neigh_parms *p)
-+{
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_neigh_setup_dev: "
-+ "setting up %s\n",
-+ dev ? dev->name : "NULL");
-+
-+ if (p->tbl->family == AF_INET) {
-+ p->neigh_setup = ipsec_tunnel_neigh_setup;
-+ p->ucast_probes = 0;
-+ p->mcast_probes = 0;
-+ }
-+ return 0;
-+}
-+#endif /* NET_21 */
-+
-+/*
-+ * We call the attach routine to attach another device.
-+ */
-+
-+DEBUG_NO_STATIC int
-+ipsec_tunnel_attach(struct net_device *dev, struct net_device *physdev)
-+{
-+ int i;
-+ struct ipsecpriv *prv = dev->priv;
-+
-+ if(dev == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_attach: "
-+ "no device...");
-+ return -ENODEV;
-+ }
-+
-+ if(prv == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_attach: "
-+ "no private space associated with dev=%s",
-+ dev->name ? dev->name : "NULL");
-+ return -ENODATA;
-+ }
-+
-+ prv->dev = physdev;
-+ prv->hard_start_xmit = physdev->hard_start_xmit;
-+ prv->get_stats = physdev->get_stats;
-+
-+ if (physdev->hard_header) {
-+ prv->hard_header = physdev->hard_header;
-+ dev->hard_header = ipsec_tunnel_hard_header;
-+ } else
-+ dev->hard_header = NULL;
-+
-+ if (physdev->rebuild_header) {
-+ prv->rebuild_header = physdev->rebuild_header;
-+ dev->rebuild_header = ipsec_tunnel_rebuild_header;
-+ } else
-+ dev->rebuild_header = NULL;
-+
-+ if (physdev->set_mac_address) {
-+ prv->set_mac_address = physdev->set_mac_address;
-+ dev->set_mac_address = ipsec_tunnel_set_mac_address;
-+ } else
-+ dev->set_mac_address = NULL;
-+
-+#ifndef NET_21
-+ if (physdev->header_cache_bind) {
-+ prv->header_cache_bind = physdev->header_cache_bind;
-+ dev->header_cache_bind = ipsec_tunnel_cache_bind;
-+ } else
-+ dev->header_cache_bind = NULL;
-+#endif /* !NET_21 */
-+
-+ if (physdev->header_cache_update) {
-+ prv->header_cache_update = physdev->header_cache_update;
-+ dev->header_cache_update = ipsec_tunnel_cache_update;
-+ } else
-+ dev->header_cache_update = NULL;
-+
-+ dev->hard_header_len = physdev->hard_header_len;
-+
-+#ifdef NET_21
-+/* prv->neigh_setup = physdev->neigh_setup; */
-+ dev->neigh_setup = ipsec_tunnel_neigh_setup_dev;
-+#endif /* NET_21 */
-+ dev->mtu = 16260; /* 0xfff0; */ /* dev->mtu; */
-+ prv->mtu = physdev->mtu;
-+
-+#ifdef PHYSDEV_TYPE
-+ dev->type = physdev->type; /* ARPHRD_TUNNEL; */
-+#endif /* PHYSDEV_TYPE */
-+
-+ dev->addr_len = physdev->addr_len;
-+ for (i=0; i<dev->addr_len; i++) {
-+ dev->dev_addr[i] = physdev->dev_addr[i];
-+ }
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(debug_tunnel & DB_TN_INIT) {
-+ printk(KERN_INFO "klips_debug:ipsec_tunnel_attach: "
-+ "physical device %s being attached has HW address: %2x",
-+ physdev->name, physdev->dev_addr[0]);
-+ for (i=1; i < physdev->addr_len; i++) {
-+ printk(":%02x", physdev->dev_addr[i]);
-+ }
-+ printk("\n");
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ return 0;
-+}
-+
-+/*
-+ * We call the detach routine to detach the ipsec tunnel from another device.
-+ */
-+
-+DEBUG_NO_STATIC int
-+ipsec_tunnel_detach(struct net_device *dev)
-+{
-+ int i;
-+ struct ipsecpriv *prv = dev->priv;
-+
-+ if(dev == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_detach: "
-+ "no device...");
-+ return -ENODEV;
-+ }
-+
-+ if(prv == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_detach: "
-+ "no private space associated with dev=%s",
-+ dev->name ? dev->name : "NULL");
-+ return -ENODATA;
-+ }
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_detach: "
-+ "physical device %s being detached from virtual device %s\n",
-+ prv->dev ? prv->dev->name : "NULL",
-+ dev->name);
-+
-+ ipsec_dev_put(prv->dev);
-+ prv->dev = NULL;
-+ prv->hard_start_xmit = NULL;
-+ prv->get_stats = NULL;
-+
-+ prv->hard_header = NULL;
-+#ifdef DETACH_AND_DOWN
-+ dev->hard_header = NULL;
-+#endif /* DETACH_AND_DOWN */
-+
-+ prv->rebuild_header = NULL;
-+#ifdef DETACH_AND_DOWN
-+ dev->rebuild_header = NULL;
-+#endif /* DETACH_AND_DOWN */
-+
-+ prv->set_mac_address = NULL;
-+#ifdef DETACH_AND_DOWN
-+ dev->set_mac_address = NULL;
-+#endif /* DETACH_AND_DOWN */
-+
-+#ifndef NET_21
-+ prv->header_cache_bind = NULL;
-+#ifdef DETACH_AND_DOWN
-+ dev->header_cache_bind = NULL;
-+#endif /* DETACH_AND_DOWN */
-+#endif /* !NET_21 */
-+
-+ prv->header_cache_update = NULL;
-+#ifdef DETACH_AND_DOWN
-+ dev->header_cache_update = NULL;
-+#endif /* DETACH_AND_DOWN */
-+
-+#ifdef NET_21
-+/* prv->neigh_setup = NULL; */
-+#ifdef DETACH_AND_DOWN
-+ dev->neigh_setup = NULL;
-+#endif /* DETACH_AND_DOWN */
-+#endif /* NET_21 */
-+ dev->hard_header_len = 0;
-+#ifdef DETACH_AND_DOWN
-+ dev->mtu = 0;
-+#endif /* DETACH_AND_DOWN */
-+ prv->mtu = 0;
-+ for (i=0; i<MAX_ADDR_LEN; i++) {
-+ dev->dev_addr[i] = 0;
-+ }
-+ dev->addr_len = 0;
-+#ifdef PHYSDEV_TYPE
-+ dev->type = ARPHRD_VOID; /* ARPHRD_TUNNEL; */
-+#endif /* PHYSDEV_TYPE */
-+
-+ return 0;
-+}
-+
-+/*
-+ * We call the clear routine to detach all ipsec tunnels from other devices.
-+ */
-+DEBUG_NO_STATIC int
-+ipsec_tunnel_clear(void)
-+{
-+ int i;
-+ struct net_device *ipsecdev = NULL, *prvdev;
-+ struct ipsecpriv *prv;
-+ int ret;
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_clear: .\n");
-+
-+ for(i = 0; i < IPSEC_NUM_IF; i++) {
-+ ipsecdev = ipsecdevices[i];
-+ if(ipsecdev != NULL) {
-+ if((prv = (struct ipsecpriv *)(ipsecdev->priv))) {
-+ prvdev = (struct net_device *)(prv->dev);
-+ if(prvdev) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_clear: "
-+ "physical device for device %s is %s\n",
-+ ipsecdev->name, prvdev->name);
-+ if((ret = ipsec_tunnel_detach(ipsecdev))) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_clear: "
-+ "error %d detatching device %s from device %s.\n",
-+ ret, ipsecdev->name, prvdev->name);
-+ return ret;
-+ }
-+ }
-+ }
-+ }
-+ }
-+ return 0;
-+}
-+
-+DEBUG_NO_STATIC int
-+ipsec_tunnel_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
-+{
-+ struct ipsectunnelconf *cf = (struct ipsectunnelconf *)&ifr->ifr_data;
-+ struct ipsecpriv *prv = dev->priv;
-+ struct net_device *them; /* physical device */
-+#ifdef CONFIG_IP_ALIAS
-+ char *colon;
-+ char realphysname[IFNAMSIZ];
-+#endif /* CONFIG_IP_ALIAS */
-+
-+ if(dev == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_ioctl: "
-+ "device not supplied.\n");
-+ return -ENODEV;
-+ }
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_ioctl: "
-+ "tncfg service call #%d for dev=%s\n",
-+ cmd,
-+ dev->name ? dev->name : "NULL");
-+ switch (cmd) {
-+ /* attach a virtual ipsec? device to a physical device */
-+ case IPSEC_SET_DEV:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_ioctl: "
-+ "calling ipsec_tunnel_attatch...\n");
-+#ifdef CONFIG_IP_ALIAS
-+ /* If this is an IP alias interface, get its real physical name */
-+ strncpy(realphysname, cf->cf_name, IFNAMSIZ);
-+ realphysname[IFNAMSIZ-1] = 0;
-+ colon = strchr(realphysname, ':');
-+ if (colon) *colon = 0;
-+ them = ipsec_dev_get(realphysname);
-+#else /* CONFIG_IP_ALIAS */
-+ them = ipsec_dev_get(cf->cf_name);
-+#endif /* CONFIG_IP_ALIAS */
-+
-+ if (them == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_ioctl: "
-+ "physical device %s requested is null\n",
-+ cf->cf_name);
-+ return -ENXIO;
-+ }
-+
-+#if 0
-+ if (them->flags & IFF_UP) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_ioctl: "
-+ "physical device %s requested is not up.\n",
-+ cf->cf_name);
-+ ipsec_dev_put(them);
-+ return -ENXIO;
-+ }
-+#endif
-+
-+ if (prv && prv->dev) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_ioctl: "
-+ "virtual device is already connected to %s.\n",
-+ prv->dev->name ? prv->dev->name : "NULL");
-+ ipsec_dev_put(them);
-+ return -EBUSY;
-+ }
-+ return ipsec_tunnel_attach(dev, them);
-+
-+ case IPSEC_DEL_DEV:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_ioctl: "
-+ "calling ipsec_tunnel_detatch.\n");
-+ if (! prv->dev) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_ioctl: "
-+ "physical device not connected.\n");
-+ return -ENODEV;
-+ }
-+ return ipsec_tunnel_detach(dev);
-+
-+ case IPSEC_CLR_DEV:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_ioctl: "
-+ "calling ipsec_tunnel_clear.\n");
-+ return ipsec_tunnel_clear();
-+
-+ default:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_ioctl: "
-+ "unknown command %d.\n",
-+ cmd);
-+ return -EOPNOTSUPP;
-+ }
-+}
-+
-+struct net_device *ipsec_get_device(int inst)
-+{
-+ struct net_device *ipsec_dev;
-+
-+ ipsec_dev = NULL;
-+
-+ if(inst < IPSEC_NUM_IF) {
-+ ipsec_dev = ipsecdevices[inst];
-+ }
-+
-+ return ipsec_dev;
-+}
-+
-+int
-+ipsec_device_event(struct notifier_block *unused, unsigned long event, void *ptr)
-+{
-+ struct net_device *dev = ptr;
-+ struct net_device *ipsec_dev;
-+ struct ipsecpriv *priv;
-+ int i;
-+
-+ if (dev == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_device_event: "
-+ "dev=NULL for event type %ld.\n",
-+ event);
-+ return(NOTIFY_DONE);
-+ }
-+
-+ /* check for loopback devices */
-+ if (dev && (dev->flags & IFF_LOOPBACK)) {
-+ return(NOTIFY_DONE);
-+ }
-+
-+ switch (event) {
-+ case NETDEV_DOWN:
-+ /* look very carefully at the scope of these compiler
-+ directives before changing anything... -- RGB */
-+#ifdef NET_21
-+ case NETDEV_UNREGISTER:
-+ switch (event) {
-+ case NETDEV_DOWN:
-+#endif /* NET_21 */
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_device_event: "
-+ "NETDEV_DOWN dev=%s flags=%x\n",
-+ dev->name,
-+ dev->flags);
-+ if(strncmp(dev->name, "ipsec", strlen("ipsec")) == 0) {
-+ printk(KERN_CRIT "IPSEC EVENT: KLIPS device %s shut down.\n",
-+ dev->name);
-+ }
-+#ifdef NET_21
-+ break;
-+ case NETDEV_UNREGISTER:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_device_event: "
-+ "NETDEV_UNREGISTER dev=%s flags=%x\n",
-+ dev->name,
-+ dev->flags);
-+ break;
-+ }
-+#endif /* NET_21 */
-+
-+ /* find the attached physical device and detach it. */
-+ for(i = 0; i < IPSEC_NUM_IF; i++) {
-+ ipsec_dev = ipsecdevices[i];
-+
-+ if(ipsec_dev) {
-+ priv = (struct ipsecpriv *)(ipsec_dev->priv);
-+ if(priv) {
-+ ;
-+ if(((struct net_device *)(priv->dev)) == dev) {
-+ /* dev_close(ipsec_dev); */
-+ /* return */ ipsec_tunnel_detach(ipsec_dev);
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_device_event: "
-+ "device '%s' has been detached.\n",
-+ ipsec_dev->name);
-+ break;
-+ }
-+ } else {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_device_event: "
-+ "device '%s' has no private data space!\n",
-+ ipsec_dev->name);
-+ }
-+ }
-+ }
-+ break;
-+ case NETDEV_UP:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_device_event: "
-+ "NETDEV_UP dev=%s\n",
-+ dev->name);
-+ break;
-+#ifdef NET_21
-+ case NETDEV_REBOOT:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_device_event: "
-+ "NETDEV_REBOOT dev=%s\n",
-+ dev->name);
-+ break;
-+ case NETDEV_CHANGE:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_device_event: "
-+ "NETDEV_CHANGE dev=%s flags=%x\n",
-+ dev->name,
-+ dev->flags);
-+ break;
-+ case NETDEV_REGISTER:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_device_event: "
-+ "NETDEV_REGISTER dev=%s\n",
-+ dev->name);
-+ break;
-+ case NETDEV_CHANGEMTU:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_device_event: "
-+ "NETDEV_CHANGEMTU dev=%s to mtu=%d\n",
-+ dev->name,
-+ dev->mtu);
-+ break;
-+ case NETDEV_CHANGEADDR:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_device_event: "
-+ "NETDEV_CHANGEADDR dev=%s\n",
-+ dev->name);
-+ break;
-+ case NETDEV_GOING_DOWN:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_device_event: "
-+ "NETDEV_GOING_DOWN dev=%s\n",
-+ dev->name);
-+ break;
-+ case NETDEV_CHANGENAME:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_device_event: "
-+ "NETDEV_CHANGENAME dev=%s\n",
-+ dev->name);
-+ break;
-+#endif /* NET_21 */
-+ default:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_device_event: "
-+ "event type %ld unrecognised for dev=%s\n",
-+ event,
-+ dev->name);
-+ break;
-+ }
-+ return NOTIFY_DONE;
-+}
-+
-+/*
-+ * Called when an ipsec tunnel device is initialized.
-+ * The ipsec tunnel device structure is passed to us.
-+ */
-+
-+int
-+ipsec_tunnel_init(struct net_device *dev)
-+{
-+ int i;
-+
-+ KLIPS_PRINT(debug_tunnel,
-+ "klips_debug:ipsec_tunnel_init: "
-+ "allocating %lu bytes initialising device: %s\n",
-+ (unsigned long) sizeof(struct ipsecpriv),
-+ dev->name ? dev->name : "NULL");
-+
-+ /* Add our tunnel functions to the device */
-+ dev->open = ipsec_tunnel_open;
-+ dev->stop = ipsec_tunnel_close;
-+ dev->hard_start_xmit = ipsec_tunnel_start_xmit;
-+ dev->get_stats = ipsec_tunnel_get_stats;
-+
-+ dev->priv = kmalloc(sizeof(struct ipsecpriv), GFP_KERNEL);
-+ if (dev->priv == NULL)
-+ return -ENOMEM;
-+ memset((caddr_t)(dev->priv), 0, sizeof(struct ipsecpriv));
-+
-+ for(i = 0; i < sizeof(zeroes); i++) {
-+ ((__u8*)(zeroes))[i] = 0;
-+ }
-+
-+#ifndef NET_21
-+ /* Initialize the tunnel device structure */
-+ for (i = 0; i < DEV_NUMBUFFS; i++)
-+ skb_queue_head_init(&dev->buffs[i]);
-+#endif /* !NET_21 */
-+
-+ dev->set_multicast_list = NULL;
-+ dev->do_ioctl = ipsec_tunnel_ioctl;
-+ dev->hard_header = NULL;
-+ dev->rebuild_header = NULL;
-+ dev->set_mac_address = NULL;
-+#ifndef NET_21
-+ dev->header_cache_bind = NULL;
-+#endif /* !NET_21 */
-+ dev->header_cache_update= NULL;
-+
-+#ifdef NET_21
-+/* prv->neigh_setup = NULL; */
-+ dev->neigh_setup = ipsec_tunnel_neigh_setup_dev;
-+#endif /* NET_21 */
-+ dev->hard_header_len = 0;
-+ dev->mtu = 0;
-+ dev->addr_len = 0;
-+ dev->type = ARPHRD_VOID; /* ARPHRD_TUNNEL; */ /* ARPHRD_ETHER; */
-+ dev->tx_queue_len = 10; /* Small queue */
-+ memset((caddr_t)(dev->broadcast),0xFF, ETH_ALEN); /* what if this is not attached to ethernet? */
-+
-+ /* New-style flags. */
-+ dev->flags = IFF_NOARP /* 0 */ /* Petr Novak */;
-+
-+#if 0
-+#ifdef NET_21
-+ dev_init_buffers(dev);
-+#else /* NET_21 */
-+ dev->family = AF_INET;
-+ dev->pa_addr = 0;
-+ dev->pa_brdaddr = 0;
-+ dev->pa_mask = 0;
-+ dev->pa_alen = 4;
-+#endif /* NET_21 */
-+#endif
-+
-+ /* We're done. Have I forgotten anything? */
-+ return 0;
-+}
-+
-+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
-+/* Module specific interface (but it links with the rest of IPSEC) */
-+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
-+
-+int
-+ipsec_tunnel_probe(struct net_device *dev)
-+{
-+ ipsec_tunnel_init(dev);
-+ return 0;
-+}
-+
-+struct net_device *ipsecdevices[IPSEC_NUM_IF];
-+
-+int
-+ipsec_tunnel_init_devices(void)
-+{
-+ int i;
-+ char name[IFNAMSIZ];
-+ struct net_device *dev_ipsec;
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_init_devices: "
-+ "creating and registering IPSEC_NUM_IF=%u devices, allocating %lu per device, IFNAMSIZ=%u.\n",
-+ IPSEC_NUM_IF,
-+ (unsigned long) (sizeof(struct net_device) + IFNAMSIZ),
-+ IFNAMSIZ);
-+
-+ for(i = 0; i < IPSEC_NUM_IF; i++) {
-+ sprintf(name, IPSEC_DEV_FORMAT, i);
-+ dev_ipsec = (struct net_device*)kmalloc(sizeof(struct net_device), GFP_KERNEL);
-+ if (dev_ipsec == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_init_devices: "
-+ "failed to allocate memory for device %s, quitting device init.\n",
-+ name);
-+ return -ENOMEM;
-+ }
-+ memset((caddr_t)dev_ipsec, 0, sizeof(struct net_device));
-+#ifdef NETDEV_23
-+ strncpy(dev_ipsec->name, name, sizeof(dev_ipsec->name));
-+#else /* NETDEV_23 */
-+ dev_ipsec->name = (char*)kmalloc(IFNAMSIZ, GFP_KERNEL);
-+ if (dev_ipsec->name == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_init_devices: "
-+ "failed to allocate memory for device %s name, quitting device init.\n",
-+ name);
-+ return -ENOMEM;
-+ }
-+ memset((caddr_t)dev_ipsec->name, 0, IFNAMSIZ);
-+ strncpy(dev_ipsec->name, name, IFNAMSIZ);
-+#endif /* NETDEV_23 */
-+#ifdef HAVE_DEV_NEXT
-+ dev_ipsec->next = NULL;
-+#endif
-+ dev_ipsec->init = &ipsec_tunnel_probe;
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_init_devices: "
-+ "registering device %s\n",
-+ dev_ipsec->name);
-+
-+ /* reference and hold the device reference */
-+ dev_hold(dev_ipsec);
-+ ipsecdevices[i]=dev_ipsec;
-+
-+ if (register_netdev(dev_ipsec) != 0) {
-+ KLIPS_PRINT(1 || debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_init_devices: "
-+ "registering device %s failed, quitting device init.\n",
-+ dev_ipsec->name);
-+ return -EIO;
-+ } else {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_init_devices: "
-+ "registering device %s succeeded, continuing...\n",
-+ dev_ipsec->name);
-+ }
-+ }
-+ return 0;
-+}
-+
-+/* void */
-+int
-+ipsec_tunnel_cleanup_devices(void)
-+{
-+ int error = 0;
-+ int i;
-+ struct net_device *dev_ipsec;
-+
-+ for(i = 0; i < IPSEC_NUM_IF; i++) {
-+ dev_ipsec = ipsecdevices[i];
-+ if(dev_ipsec == NULL) {
-+ continue;
-+ }
-+
-+ /* release reference */
-+ ipsecdevices[i]=NULL;
-+ ipsec_dev_put(dev_ipsec);
-+
-+ KLIPS_PRINT(debug_tunnel, "Unregistering %s (refcnt=%d)\n",
-+ dev_ipsec->name,
-+ atomic_read(&dev_ipsec->refcnt));
-+ unregister_netdev(dev_ipsec);
-+ KLIPS_PRINT(debug_tunnel, "Unregisted %s\n", dev_ipsec->name);
-+#ifndef NETDEV_23
-+ kfree(dev_ipsec->name);
-+ dev_ipsec->name=NULL;
-+#endif /* !NETDEV_23 */
-+ kfree(dev_ipsec->priv);
-+ dev_ipsec->priv=NULL;
-+ }
-+ return error;
-+}
-+
-+/*
-+ * $Log: ipsec_tunnel.c,v $
-+ * Revision 1.232.2.7 2007-09-18 18:26:18 paul
-+ * Fix mangled preprocessor line in HAVE_INET_SK_SPORT case.
-+ *
-+ * Revision 1.232.2.6 2007/09/05 02:56:10 paul
-+ * Use the new ipsec_kversion macros by David to deal with 2.6.22 kernels.
-+ * Fixes based on David McCullough patch.
-+ *
-+ * Revision 1.232.2.5 2006/10/06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.232.2.4 2006/03/28 20:58:19 ken
-+ * Fix for KLIPS on 2.6.16 - need to include <net/arp.h> now
-+ *
-+ * Revision 1.232.2.3 2006/02/15 05:14:12 paul
-+ * 568: uninitialized struct in ipsec_tunnel.c coud break routing under 2.6 kernels
-+ * ipsec_tunnel_send() calls the entry point function of routing subsystem
-+ * (ip_route_output_key()) using a not fully initialized struct of type
-+ * struct flowi.
-+ * This will cause a failure in routing packets through an ipsec interface
-+ * when patches for multipath routing from http://www.ssi.bg/~ja/
-+ * are applied.
-+ *
-+ * Revision 1.232.2.2 2005/11/22 04:11:52 ken
-+ * Backport fixes for 2.6.14 kernels from HEAD
-+ *
-+ * Revision 1.232.2.1 2005/09/21 22:57:43 paul
-+ * pulled up compile fix for 2.6.13
-+ *
-+ * Revision 1.232 2005/06/04 16:06:06 mcr
-+ * better patch for nat-t rcv-device code.
-+ *
-+ * Revision 1.231 2005/05/21 03:28:51 mcr
-+ * make sure that port-500 hole is used for port-4500 as well.
-+ *
-+ * Revision 1.230 2005/05/11 01:42:04 mcr
-+ * removal of debugging showed useless/wrong variables used.
-+ *
-+ * Revision 1.229 2005/04/29 05:10:22 mcr
-+ * removed from extraenous includes to make unit testing easier.
-+ *
-+ * Revision 1.228 2005/01/26 00:50:35 mcr
-+ * adjustment of confusion of CONFIG_IPSEC_NAT vs CONFIG_KLIPS_NAT,
-+ * and make sure that NAT_TRAVERSAL is set as well to match
-+ * userspace compiles of code.
-+ *
-+ * Revision 1.227 2004/12/10 21:16:08 ken
-+ * 64bit fixes from Opteron port of KLIPS 2.6
-+ *
-+ * Revision 1.226 2004/12/04 07:11:23 mcr
-+ * fix for snmp SIOCPRIVATE use of snmpd.
-+ * http://bugs.xelerance.com/view.php?id=144
-+ *
-+ * Revision 1.225 2004/12/03 21:25:57 mcr
-+ * compile time fixes for running on 2.6.
-+ * still experimental.
-+ *
-+ * Revision 1.224 2004/08/14 03:28:24 mcr
-+ * fixed log comment to remove warning about embedded comment.
-+ *
-+ * Revision 1.223 2004/08/04 15:57:07 mcr
-+ * moved des .h files to include/des/ *
-+ * included 2.6 protocol specific things
-+ * started at NAT-T support, but it will require a kernel patch.
-+ *
-+ * Revision 1.222 2004/08/03 18:19:08 mcr
-+ * in 2.6, use "net_device" instead of #define device->net_device.
-+ * this probably breaks 2.0 compiles.
-+ *
-+ * Revision 1.221 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.220 2004/04/06 02:49:26 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.219 2004/02/03 03:13:17 mcr
-+ * minor edits for readability, and error reporting.
-+ *
-+ * Revision 1.218 2004/01/27 20:29:20 mcr
-+ * fix for unregister_netdev() problem for underlying eth0.
-+ *
-+ * Revision 1.217 2003/12/10 01:14:27 mcr
-+ * NAT-traversal patches to KLIPS.
-+ *
-+ * Revision 1.216 2003/12/04 23:01:17 mcr
-+ * removed ipsec_netlink.h
-+ *
-+ * Revision 1.215 2003/12/04 16:35:16 ken
-+ * Fix for ATM devices where physdev->hard_header_len *is* correct
-+ *
-+ * Revision 1.214 2003/11/25 23:52:37 mcr
-+ * fix typo in patch - ixs-> needed.
-+ *
-+ * Revision 1.213 2003/11/24 18:25:49 mcr
-+ * patch from willy@w.ods.org to fix problems with ATM interfaces.
-+ *
-+ * Revision 1.212 2003/10/31 02:27:55 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.211.2.2 2003/10/29 01:30:41 mcr
-+ * elimited "struct sa_id".
-+ *
-+ * Revision 1.211.2.1 2003/09/21 13:59:56 mcr
-+ * pre-liminary X.509 patch - does not yet pass tests.
-+ *
-+ * Revision 1.211 2003/09/10 16:46:30 mcr
-+ * patches for 2.4 backport/2.6 existence.
-+ *
-+ * Revision 1.210 2003/07/31 22:47:16 mcr
-+ * preliminary (untested by FS-team) 2.5 patches.
-+ *
-+ * Revision 1.209 2003/06/22 21:28:43 mcr
-+ * inability to unload module was caused by calls to dev_get
-+ * (ipsec_dev_get), to gather a device from a name. There is
-+ * simply no reason to look the devices up - they should be kept
-+ * in a nice array, ready for use.
-+ *
-+ * Revision 1.208 2003/06/22 21:25:07 mcr
-+ * all staticly counted ipsecXXX device support removed.
-+ *
-+ * Revision 1.207 2003/04/02 20:15:37 mcr
-+ * fix for PR#204 - do not clear connection tracking info if we
-+ * the packet is being sent in the clear.
-+ *
-+ * Revision 1.206 2003/02/12 19:32:51 rgb
-+ * Refactored file to:
-+ * ipsec_xmit.c
-+ * ipsec_xmit.h
-+ * ipsec_mast.c
-+ *
-+ * Revision 1.205 2003/02/06 17:47:00 rgb
-+ *
-+ * Remove unused ipsec_tunnel_lock() and ipsec_tunnel_unlock() code.
-+ * Refactor ipsec_tunnel_start_xmit() further into:
-+ * ipsec_xmit_sanity_check_dev()
-+ * ipsec_xmit_sanity_check_skb()
-+ * ipsec_xmit_strip_hard_header()
-+ * ipsec_xmit_restore_hard_header()
-+ * ipsec_xmit_send()
-+ * ipsec_xmit_cleanup()
-+ * and start a skeletal ipsec_mast_start_xmit() .
-+ *
-+ * Revision 1.204 2003/02/06 06:43:46 rgb
-+ *
-+ * Refactor ipsec_tunnel_start_xmit, bringing out:
-+ * ipsec_xmit_SAlookup
-+ * ipsec_xmit_encap_once
-+ * ipsec_xmit_encap_bundle
-+ *
-+ * Revision 1.203 2003/02/06 02:21:34 rgb
-+ *
-+ * Moved "struct auth_alg" from ipsec_rcv.c to ipsec_ah.h .
-+ * Changed "struct ah" to "struct ahhdr" and "struct esp" to "struct esphdr".
-+ * Removed "#ifdef INBOUND_POLICY_CHECK_eroute" dead code.
-+ *
-+ * Revision 1.202 2003/01/03 07:38:01 rgb
-+ *
-+ * Start to refactor ipsec_tunnel_start_xmit() by putting local variables
-+ * into struct ipsec_xmit_state and renaming a few variables to give more
-+ * unique or searchable names.
-+ *
-+ * Revision 1.201 2003/01/03 00:31:28 rgb
-+ *
-+ * Clean up memset usage, including fixing 2 places where keys were not
-+ * properly wiped.
-+ *
-+ * Revision 1.200 2002/12/06 02:24:02 mcr
-+ * patches for compiling against SUSE 8.1 kernels. Requires
-+ * an additional -DSUSE_LINUX_2_4_19_IS_STUPID.
-+ *
-+ * Revision 1.199 2002/10/12 23:11:53 dhr
-+ *
-+ * [KenB + DHR] more 64-bit cleanup
-+ *
-+ * Revision 1.198 2002/10/05 05:02:58 dhr
-+ *
-+ * C labels go on statements
-+ *
-+ * Revision 1.197 2002/09/20 05:01:50 rgb
-+ * Added compiler directive to switch on IP options and fix IP options bug.
-+ * Make ip->ihl treatment consistent using shifts rather than multiplications.
-+ * Check for large enough packet before accessing udp header for IKE bypass.
-+ * Added memory allocation debugging.
-+ * Fixed potential memory allocation failure-induced oops.
-+ *
-+ * Revision 1.196 2002/07/24 18:44:54 rgb
-+ * Type fiddling to tame ia64 compiler.
-+ *
-+ * Revision 1.195 2002/07/23 03:36:07 rgb
-+ * Fixed 2.2 device initialisation hang.
-+ *
-+ * Revision 1.194 2002/05/27 21:40:34 rgb
-+ * Set unused ipsec devices to ARPHRD_VOID to avoid confusing iproute2.
-+ * Cleaned up intermediate step to dynamic device allocation.
-+ *
-+ * Revision 1.193 2002/05/27 19:31:36 rgb
-+ * Convert to dynamic ipsec device allocation.
-+ * Remove final vistiges of tdb references via IPSEC_KLIPS1_COMPAT.
-+ *
-+ * Revision 1.192 2002/05/23 07:14:28 rgb
-+ * Added refcount code.
-+ * Cleaned up %p variants to 0p%p for test suite cleanup.
-+ *
-+ * Revision 1.191 2002/05/14 02:34:37 rgb
-+ * Change all references to tdb, TDB or Tunnel Descriptor Block to ips,
-+ * ipsec_sa or ipsec_sa.
-+ *
-+ * Revision 1.190 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.189 2002/04/24 07:36:32 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_tunnel.c,v
-+ *
-+ * Revision 1.188 2002/04/20 00:12:25 rgb
-+ * Added esp IV CBC attack fix, disabled.
-+ *
-+ * Revision 1.187 2002/03/23 19:55:17 rgb
-+ * Fix for 2.2 local IKE fragmentation blackhole. Still won't work if
-+ * iptraf or another pcap app is running.
-+ *
-+ * Revision 1.186 2002/03/19 03:26:22 rgb
-+ * Applied DHR's tunnel patch to streamline IKE/specialSA processing.
-+ *
-+ * Revision 1.185 2002/02/20 04:13:05 rgb
-+ * Send back ICMP_PKT_FILTERED upon %reject.
-+ *
-+ * Revision 1.184 2002/01/29 17:17:56 mcr
-+ * moved include of ipsec_param.h to after include of linux/kernel.h
-+ * otherwise, it seems that some option that is set in ipsec_param.h
-+ * screws up something subtle in the include path to kernel.h, and
-+ * it complains on the snprintf() prototype.
-+ *
-+ * Revision 1.183 2002/01/29 04:00:53 mcr
-+ * more excise of kversions.h header.
-+ *
-+ * Revision 1.182 2002/01/29 02:13:18 mcr
-+ * introduction of ipsec_kversion.h means that include of
-+ * ipsec_param.h must preceed any decisions about what files to
-+ * include to deal with differences in kernel source.
-+ *
-+ * Revision 1.181 2002/01/07 20:00:33 rgb
-+ * Added IKE destination port debugging.
-+ *
-+ * Revision 1.180 2001/12/21 21:49:54 rgb
-+ * Fixed bug as a result of moving IKE bypass above %trap/%hold code.
-+ *
-+ * Revision 1.179 2001/12/19 21:08:14 rgb
-+ * Added transport protocol ports to ipsec_print_ip().
-+ * Update eroute info for non-SA targets.
-+ * Added obey DF code disabled.
-+ * Fixed formatting bugs in ipsec_tunnel_hard_header().
-+ *
-+ * Revision 1.178 2001/12/05 09:36:10 rgb
-+ * Moved the UDP/500 IKE check just above the %hold/%trap checks to avoid
-+ * IKE packets being stolen by the %hold (and returned to the sending KMd
-+ * in an ACQUIRE, ironically ;-).
-+ *
-+ * Revision 1.177 2001/11/26 09:23:50 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.170.2.1 2001/09/25 02:28:27 mcr
-+ * struct tdb -> struct ipsec_sa.
-+ * lifetime checks moved to common routines.
-+ * cleaned up includes.
-+ *
-+ * Revision 1.170.2.2 2001/10/22 21:08:01 mcr
-+ * include des.h, removed phony prototypes and fixed calling
-+ * conventions to match real prototypes.
-+ *
-+ * Revision 1.176 2001/11/09 18:32:31 rgb
-+ * Added Hans Schultz' fragmented UDP/500 IKE socket port selector.
-+ *
-+ * Revision 1.175 2001/11/06 20:47:00 rgb
-+ * Added Eric Espie's TRAPSUBNET fix, minus spin-lock-bh dabbling.
-+ *
-+ * Revision 1.174 2001/11/06 19:50:43 rgb
-+ * Moved IP_SEND, ICMP_SEND, DEV_QUEUE_XMIT macros to ipsec_tunnel.h for
-+ * use also by pfkey_v2_parser.c
-+ *
-+ * Revision 1.173 2001/10/29 21:53:44 henry
-+ * tone down the device-down message slightly, until we can make it smarter
-+ *
-+ * Revision 1.172 2001/10/26 04:59:37 rgb
-+ * Added a critical level syslog message if an ipsec device goes down.
-+ *
-+ * Revision 1.171 2001/10/18 04:45:21 rgb
-+ * 2.4.9 kernel deprecates linux/malloc.h in favour of linux/slab.h,
-+ * lib/freeswan.h version macros moved to lib/kversions.h.
-+ * Other compiler directive cleanups.
-+ *
-+ * Revision 1.170 2001/09/25 00:09:50 rgb
-+ * Added NetCelo's TRAPSUBNET code to convert a new type TRAPSUBNET into a
-+ * HOLD.
-+ *
-+ * Revision 1.169 2001/09/15 16:24:05 rgb
-+ * Re-inject first and last HOLD packet when an eroute REPLACE is done.
-+ *
-+ * Revision 1.168 2001/09/14 16:58:37 rgb
-+ * Added support for storing the first and last packets through a HOLD.
-+ *
-+ * Revision 1.167 2001/09/08 21:13:33 rgb
-+ * Added pfkey ident extension support for ISAKMPd. (NetCelo)
-+ *
-+ * Revision 1.166 2001/08/27 19:47:59 rgb
-+ * Clear tdb before usage.
-+ * Added comment: clear IF before calling routing?
-+ *
-+ * Revision 1.165 2001/07/03 01:23:53 rgb
-+ * Send back ICMP iff DF set, !ICMP, offset==0, sysctl_icmp, iph->tot_len >
-+ * emtu, and don't drop.
-+ *
-+ * Revision 1.164 2001/06/14 19:35:10 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.163 2001/06/06 20:28:51 rgb
-+ * Added sanity checks for NULL skbs and devices.
-+ * Added more debugging output to various functions.
-+ * Removed redundant dev->priv argument to ipsec_tunnel_{at,de}tach().
-+ * Renamed ipsec_tunnel_attach() virtual and physical device arguments.
-+ * Corrected neigh_setup() device function assignment.
-+ * Keep valid pointers to ipsec_tunnel_*() on detach.
-+ * Set dev->type to the originally-initiallised value.
-+ *
-+ * Revision 1.162 2001/06/01 07:28:04 rgb
-+ * Added sanity checks for detached devices. Don't down virtual devices
-+ * to prevent packets going out in the clear if the detached device comes
-+ * back up.
-+ *
-+ * Revision 1.161 2001/05/30 08:14:52 rgb
-+ * Removed vestiges of esp-null transforms.
-+ * NetDev Notifier instrumentation to track down disappearing devices.
-+ *
-+ * Revision 1.160 2001/05/29 05:15:12 rgb
-+ * Added SS' PMTU patch which notifies sender if packet doesn't fit
-+ * physical MTU (if it wasn't ICMP) and then drops it.
-+ *
-+ * Revision 1.159 2001/05/27 06:12:12 rgb
-+ * Added structures for pid, packet count and last access time to eroute.
-+ * Added packet count to beginning of /proc/net/ipsec_eroute.
-+ *
-+ * Revision 1.158 2001/05/24 05:39:33 rgb
-+ * Applied source zeroing to 2.2 ip_route_output() call as well to enable
-+ * PASS eroutes for opportunism.
-+ *
-+ * Revision 1.157 2001/05/23 22:35:28 rgb
-+ * 2.4 source override simplification.
-+ *
-+ * Revision 1.156 2001/05/23 21:41:31 rgb
-+ * Added error return code printing on ip_route_output().
-+ *
-+ * Revision 1.155 2001/05/23 05:09:13 rgb
-+ * Fixed incorrect ip_route_output() failure message.
-+ *
-+ * Revision 1.154 2001/05/21 14:53:31 rgb
-+ * Added debug statement for case when ip_route_output() fails, causing
-+ * packet to be dropped, but log looked ok.
-+ *
-+ * Revision 1.153 2001/05/19 02:37:54 rgb
-+ * Fixed missing comment termination.
-+ *
-+ * Revision 1.152 2001/05/19 02:35:50 rgb
-+ * Debug code optimisation for non-debug speed.
-+ * Kernel version compiler define comments.
-+ * 2.2 and 2.4 kernel ip_send device and ip debug output added.
-+ *
-+ * Revision 1.151 2001/05/18 16:17:35 rgb
-+ * Changed reference from "magic" to "shunt" SAs.
-+ *
-+ * Revision 1.150 2001/05/18 16:12:19 rgb
-+ * Changed UDP/500 bypass test from 3 nested ifs to one anded if.
-+ *
-+ * Revision 1.149 2001/05/16 04:39:33 rgb
-+ * Add default == eroute.dest to IKE bypass conditions for magic eroutes.
-+ *
-+ * Revision 1.148 2001/05/05 03:31:41 rgb
-+ * IP frag debugging updates and enhancements.
-+ *
-+ * Revision 1.147 2001/05/03 19:41:40 rgb
-+ * Added SS' skb_cow fix for 2.4.4.
-+ *
-+ * Revision 1.146 2001/04/30 19:28:16 rgb
-+ * Update for 2.4.4. ip_select_ident() now has 3 args.
-+ *
-+ * Revision 1.145 2001/04/23 14:56:10 rgb
-+ * Added spin_lock() check to prevent double-locking for multiple
-+ * transforms and hence kernel lock-ups with SMP kernels.
-+ *
-+ * Revision 1.144 2001/04/21 23:04:45 rgb
-+ * Define out skb->used for 2.4 kernels.
-+ * Check if soft expire has already been sent before sending another to
-+ * prevent ACQUIRE flooding.
-+ *
-+ * Revision 1.143 2001/03/16 07:37:21 rgb
-+ * Added comments to all #endifs.
-+ *
-+ * Revision 1.142 2001/02/28 05:03:27 rgb
-+ * Clean up and rationalise startup messages.
-+ *
-+ * Revision 1.141 2001/02/27 22:24:54 rgb
-+ * Re-formatting debug output (line-splitting, joining, 1arg/line).
-+ * Check for satoa() return codes.
-+ *
-+ * Revision 1.140 2001/02/27 06:40:12 rgb
-+ * Fixed TRAP->HOLD eroute byte order.
-+ *
-+ * Revision 1.139 2001/02/26 20:38:59 rgb
-+ * Added compiler defines for 2.4.x-specific code.
-+ *
-+ * Revision 1.138 2001/02/26 19:57:27 rgb
-+ * Implement magic SAs %drop, %reject, %trap, %hold, %pass as part
-+ * of the new SPD and to support opportunistic.
-+ * Drop sysctl_ipsec_{no_eroute_pass,opportunistic}, replaced by magic SAs.
-+ *
-+ * Revision 1.137 2001/02/19 22:29:49 rgb
-+ * Fixes for presence of active ipv6 segments which share ipsec physical
-+ * device (gg).
-+ *
-+ * Revision 1.136 2001/01/29 22:30:38 rgb
-+ * Fixed minor acquire debug printing bug.
-+ *
-+ * Revision 1.135 2001/01/29 22:19:45 rgb
-+ * Zero source address for 2.4 bypass route lookup.
-+ *
-+ * Revision 1.134 2001/01/23 20:19:49 rgb
-+ * 2.4 fix to remove removed is_clone member.
-+ *
-+ * Revision 1.133 2000/12/09 22:08:35 rgb
-+ * Fix NET_23 bug, should be NETDEV_23.
-+ *
-+ * Revision 1.132 2000/12/01 06:54:50 rgb
-+ * Fix for new 2.4 IP TTL default variable name.
-+ *
-+ * Revision 1.131 2000/11/09 20:52:15 rgb
-+ * More spinlock shuffling, locking earlier and unlocking later in rcv to
-+ * include ipcomp and prevent races, renaming some tdb variables that got
-+ * forgotten, moving some unlocks to include tdbs and adding a missing
-+ * unlock. Thanks to Svenning for some of these.
-+ *
-+ * Revision 1.130 2000/11/09 20:11:22 rgb
-+ * Minor shuffles to fix non-standard kernel config option selection.
-+ *
-+ * Revision 1.129 2000/11/06 04:32:49 rgb
-+ * Clean up debug printing.
-+ * Copy skb->protocol for all kernel versions.
-+ * Ditched spin_lock_irqsave in favour of spin_lock.
-+ * Disabled TTL decrement, done in ip_forward.
-+ * Added debug printing before pfkey_acquire().
-+ * Fixed printk-deltdbchain-spin_lock races (Svenning).
-+ * Use defaultTTL for 2.1+ kernels.
-+ * Add Svenning's adaptive content compression.
-+ * Fix up debug display arguments.
-+ *
-+ * Revision 1.128 2000/09/28 00:58:57 rgb
-+ * Moved the IKE passthrough check after the eroute lookup so we can pass
-+ * IKE through intermediate tunnels.
-+ *
-+ * Revision 1.127 2000/09/22 17:52:11 rgb
-+ * Fixed misleading ipcomp debug output.
-+ *
-+ * Revision 1.126 2000/09/22 04:22:56 rgb
-+ * Fixed dumb spi->cpi conversion error.
-+ *
-+ * Revision 1.125 2000/09/21 04:34:48 rgb
-+ * A few debug-specific things should be hidden under
-+ * CONFIG_IPSEC_DEBUG.(MB)
-+ * Improved ip_send() error handling.(MB)
-+ *
-+ * Revision 1.124 2000/09/21 03:40:58 rgb
-+ * Added more debugging to try and track down the cpi outward copy problem.
-+ *
-+ * Revision 1.123 2000/09/19 07:08:49 rgb
-+ * Added debugging to outgoing compression report.
-+ *
-+ * Revision 1.122 2000/09/18 19:21:26 henry
-+ * RGB-supplied fix for RH5.2 problem
-+ *
-+ * Revision 1.121 2000/09/17 21:05:09 rgb
-+ * Added tdb to skb_compress call to write in cpi.
-+ *
-+ * Revision 1.120 2000/09/17 16:57:16 rgb
-+ * Added Svenning's patch to remove restriction of ipcomp to innermost
-+ * transform.
-+ *
-+ * Revision 1.119 2000/09/15 11:37:01 rgb
-+ * Merge in heavily modified Svenning Soerensen's <svenning@post5.tele.dk>
-+ * IPCOMP zlib deflate code.
-+ *
-+ * Revision 1.118 2000/09/15 04:57:16 rgb
-+ * Moved debug output after sanity check.
-+ * Added tos copy sysctl.
-+ *
-+ * Revision 1.117 2000/09/12 03:22:51 rgb
-+ * Converted ipsec_icmp, no_eroute_pass, opportunistic and #if0 debugs to
-+ * sysctl.
-+ *
-+ * Revision 1.116 2000/09/08 19:18:19 rgb
-+ * Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
-+ * Added outgoing opportunistic hook, ifdef'ed out.
-+ *
-+ * Revision 1.115 2000/08/30 05:27:29 rgb
-+ * Removed all the rest of the references to tdb_spi, tdb_proto, tdb_dst.
-+ * Kill remainder of tdb_xform, tdb_xdata, xformsw.
-+ *
-+ * Revision 1.114 2000/08/28 18:15:46 rgb
-+ * Added MB's nf-debug reset patch.
-+ *
-+ * Revision 1.113 2000/08/27 02:26:40 rgb
-+ * Send all no-eroute-bypass, pluto-bypass and passthrough packets through
-+ * fragmentation machinery for 2.0, 2.2 and 2.4 kernels.
-+ *
-+ * Revision 1.112 2000/08/20 21:37:33 rgb
-+ * Activated pfkey_expire() calls.
-+ * Added a hard/soft expiry parameter to pfkey_expire(). (Momchil)
-+ * Re-arranged the order of soft and hard expiry to conform to RFC2367.
-+ * Clean up references to CONFIG_IPSEC_PFKEYv2.
-+ *
-+ * Revision 1.111 2000/08/01 14:51:51 rgb
-+ * Removed _all_ remaining traces of DES.
-+ *
-+ * Revision 1.110 2000/07/28 14:58:31 rgb
-+ * Changed kfree_s to kfree, eliminating extra arg to fix 2.4.0-test5.
-+ *
-+ * Revision 1.109 2000/07/28 13:50:54 rgb
-+ * Changed enet_statistics to net_device_stats and added back compatibility
-+ * for pre-2.1.19.
-+ *
-+ * Revision 1.108 2000/05/16 03:03:11 rgb
-+ * Updates for 2.3.99pre8 from MB.
-+ *
-+ * Revision 1.107 2000/05/10 23:08:21 rgb
-+ * Print a debug warning about bogus packets received by the outgoing
-+ * processing machinery only when klipsdebug is not set to none.
-+ * Comment out the device initialisation informational messages.
-+ *
-+ * Revision 1.106 2000/05/10 19:17:14 rgb
-+ * Define an IP_SEND macro, intending to have all packet passthroughs
-+ * use fragmentation. This didn't quite work, but is a step in the
-+ * right direction.
-+ * Added buffer allocation debugging statements.
-+ * Added configure option to shut off no eroute passthrough.
-+ * Only check usetime against soft and hard limits if the tdb has been
-+ * used.
-+ * Cast output of ntohl so that the broken prototype doesn't make our
-+ * compile noisy.
-+ *
-+ * Revision 1.105 2000/03/22 16:15:37 rgb
-+ * Fixed renaming of dev_get (MB).
-+ *
-+ * Revision 1.104 2000/03/16 14:04:15 rgb
-+ * Indented headers for readability.
-+ * Fixed debug scope to enable compilation with debug off.
-+ * Added macros for ip_chk_addr and IS_MYADDR for identifying self.
-+ *
-+ * Revision 1.103 2000/03/16 07:11:07 rgb
-+ * Hardcode PF_KEYv2 support.
-+ * Fixed bug which allowed UDP/500 packet from another machine
-+ * through in the clear.
-+ * Added disabled skb->protocol fix for ISDN/ASYNC PPP from Matjaz Godec.
-+ *
-+ * Revision 1.102 2000/03/14 12:26:59 rgb
-+ * Added skb->nfct support for clearing netfilter conntrack bits (MB).
-+ *
-+ * Revision 1.101 2000/02/14 21:05:22 rgb
-+ * Added MB's netif_queue fix for kernels 2.3.43+.
-+ *
-+ * Revision 1.100 2000/01/26 10:04:57 rgb
-+ * Fixed noisy 2.0 printk arguments.
-+ *
-+ * Revision 1.99 2000/01/21 06:16:25 rgb
-+ * Added sanity checks on skb_push(), skb_pull() to prevent panics.
-+ * Switched to AF_ENCAP macro.
-+ * Shortened debug output per packet and re-arranging debug_tunnel
-+ * bitmap flags, while retaining necessary information to avoid
-+ * trampling the kernel print ring buffer.
-+ * Reformatted recursion switch code.
-+ * Changed all references to tdb_proto to tdb_said.proto for clarity.
-+ *
-+ * Revision 1.98 2000/01/13 08:09:31 rgb
-+ * Shuffled debug_tunnel switches to focus output.
-+ * Fixed outgoing recursion bug, limiting to recursing only if the remote
-+ * SG changes and if it is valid, ie. not passthrough.
-+ * Clarified a number of debug messages.
-+ *
-+ * Revision 1.97 2000/01/10 16:37:16 rgb
-+ * MB support for new ip_select_ident() upon disappearance of
-+ * ip_id_count in 2.3.36+.
-+ *
-+ * Revision 1.96 1999/12/31 14:59:08 rgb
-+ * MB fix to use new skb_copy_expand in kernel 2.3.35.
-+ *
-+ * Revision 1.95 1999/12/29 21:15:44 rgb
-+ * Fix tncfg to aliased device bug.
-+ *
-+ * Revision 1.94 1999/12/22 04:26:06 rgb
-+ * Converted all 'static' functions to 'DEBUG_NO_STATIC' to enable
-+ * debugging by providing external labels to all functions with debugging
-+ * turned on.
-+ *
-+ * Revision 1.93 1999/12/13 13:30:14 rgb
-+ * Changed MTU reports and HW address reporting back to debug only.
-+ *
-+ * Revision 1.92 1999/12/07 18:57:56 rgb
-+ * Fix PFKEY symbol compile error (SADB_*) without pfkey enabled.
-+ *
-+ * Revision 1.91 1999/12/01 22:15:36 rgb
-+ * Add checks for LARVAL and DEAD SAs.
-+ * Change state of SA from MATURE to DYING when a soft lifetime is
-+ * reached and print debug warning.
-+ *
-+ * Revision 1.90 1999/11/23 23:04:04 rgb
-+ * Use provided macro ADDRTOA_BUF instead of hardcoded value.
-+ * Sort out pfkey and freeswan headers, putting them in a library path.
-+ *
-+ * Revision 1.89 1999/11/18 18:50:59 rgb
-+ * Changed all device registrations for static linking to
-+ * dynamic to reduce the number and size of patches.
-+ *
-+ * Revision 1.88 1999/11/18 04:09:19 rgb
-+ * Replaced all kernel version macros to shorter, readable form.
-+ *
-+ * Revision 1.87 1999/11/17 15:53:40 rgb
-+ * Changed all occurrences of #include "../../../lib/freeswan.h"
-+ * to #include <freeswan.h> which works due to -Ilibfreeswan in the
-+ * klips/net/ipsec/Makefile.
-+ *
-+ * Revision 1.86 1999/10/16 18:25:37 rgb
-+ * Moved SA lifetime expiry checks before packet processing.
-+ * Expire SA on replay counter rollover.
-+ *
-+ * Revision 1.85 1999/10/16 04:24:31 rgb
-+ * Add stats for time since last packet.
-+ *
-+ * Revision 1.84 1999/10/16 00:30:47 rgb
-+ * Added SA lifetime counting.
-+ *
-+ * Revision 1.83 1999/10/15 22:15:57 rgb
-+ * Clean out cruft.
-+ * Add debugging.
-+ *
-+ * Revision 1.82 1999/10/08 18:26:19 rgb
-+ * Fix 2.0.3x outgoing fragmented packet memory leak.
-+ *
-+ * Revision 1.81 1999/10/05 02:38:54 rgb
-+ * Lower the default mtu of virtual devices to 16260.
-+ *
-+ * Revision 1.80 1999/10/03 18:56:41 rgb
-+ * Spinlock support for 2.3.xx.
-+ * Don't forget to undo spinlocks on error!
-+ * Check for valid eroute before copying the structure.
-+ *
-+ * Revision 1.79 1999/10/01 15:44:53 rgb
-+ * Move spinlock header include to 2.1> scope.
-+ *
-+ * Revision 1.78 1999/10/01 00:02:43 rgb
-+ * Added tdb structure locking.
-+ * Added eroute structure locking.
-+ *
-+ * Revision 1.77 1999/09/30 02:52:29 rgb
-+ * Add Marc Boucher's Copy-On-Write code (same as ipsec_rcv.c).
-+ *
-+ * Revision 1.76 1999/09/25 19:31:27 rgb
-+ * Refine MSS hack to affect SYN, but not SYN+ACK packets.
-+ *
-+ * Revision 1.75 1999/09/24 22:52:38 rgb
-+ * Fix two things broken in 2.0.38 by trying to fix network notifiers.
-+ *
-+ * Revision 1.74 1999/09/24 00:30:37 rgb
-+ * Add test for changed source as well as destination to check for
-+ * recursion.
-+ *
-+ * Revision 1.73 1999/09/23 20:52:24 rgb
-+ * Add James Morris' MSS hack patch, disabled.
-+ *
-+ * Revision 1.72 1999/09/23 20:22:40 rgb
-+ * Enable, tidy and fix network notifier code.
-+ *
-+ * Revision 1.71 1999/09/23 18:09:05 rgb
-+ * Clean up 2.2.x fragmenting traces.
-+ * Disable dev->type switching, forcing ARPHRD_TUNNEL.
-+ *
-+ * Revision 1.70 1999/09/22 14:14:24 rgb
-+ * Add sanity checks for revectored calls to prevent calling a downed I/F.
-+ *
-+ * Revision 1.69 1999/09/21 15:00:57 rgb
-+ * Add Marc Boucher's packet size check.
-+ * Flesh out network device notifier code.
-+ *
-+ * Revision 1.68 1999/09/18 11:39:57 rgb
-+ * Start to add (disabled) netdevice notifier code.
-+ *
-+ * Revision 1.67 1999/09/17 23:44:40 rgb
-+ * Add a comment warning potential code hackers to stay away from mac.raw.
-+ *
-+ * Revision 1.66 1999/09/17 18:04:02 rgb
-+ * Add fix for unpredictable hard_header_len for ISDN folks (thanks MB).
-+ * Ditch TTL decrement in 2.2 (MB).
-+ *
-+ * Revision 1.65 1999/09/15 23:15:35 henry
-+ * Marc Boucher's PPP fixes
-+ *
-+ * Revision 1.64 1999/09/07 13:40:53 rgb
-+ * Ditch unreliable references to skb->mac.raw.
-+ *
-+ * Revision 1.63 1999/08/28 11:33:09 rgb
-+ * Check for null skb->mac pointer.
-+ *
-+ * Revision 1.62 1999/08/28 02:02:30 rgb
-+ * Add Marc Boucher's fix for properly dealing with skb->sk.
-+ *
-+ * Revision 1.61 1999/08/27 05:23:05 rgb
-+ * Clean up skb->data/raw/nh/h manipulation.
-+ * Add Marc Boucher's mods to aid tcpdump.
-+ * Add sanity checks to skb->raw/nh/h pointer copies in skb_copy_expand.
-+ * Re-order hard_header stripping -- might be able to remove it...
-+ *
-+ * Revision 1.60 1999/08/26 20:01:02 rgb
-+ * Tidy up compiler directives and macros.
-+ * Re-enable ICMP for tunnels where inner_dst != outer_dst.
-+ * Remove unnecessary skb->dev = physdev assignment affecting 2.2.x.
-+ *
-+ * Revision 1.59 1999/08/25 15:44:41 rgb
-+ * Clean up from 2.2.x instrumenting for compilation under 2.0.36.
-+ *
-+ * Revision 1.58 1999/08/25 15:00:54 rgb
-+ * Add dst cache code for 2.2.xx.
-+ * Add sanity check for skb packet header pointers.
-+ * Add/modify debugging instrumentation to *_start_xmit, *_hard_header and
-+ * *_rebuild_header.
-+ * Add neigh_* cache code.
-+ * Change dev->type back to ARPHRD_TUNNEL.
-+ *
-+ * Revision 1.57 1999/08/17 21:50:23 rgb
-+ * Fixed minor debug output bugs.
-+ * Regrouped error recovery exit code.
-+ * Added compiler directives to remove unwanted code and symbols.
-+ * Shut off ICMP messages: to be refined to only send ICMP to remote systems.
-+ * Add debugging code for output function addresses.
-+ * Fix minor bug in (possibly unused) header_cache_bind function.
-+ * Add device neighbour caching code.
-+ * Change dev->type from ARPHRD_TUNNEL to physdev->type.
-+ *
-+ * Revision 1.56 1999/08/03 17:22:56 rgb
-+ * Debug output clarification using KERN_* macros. Other inactive changes
-+ * added.
-+ *
-+ * Revision 1.55 1999/08/03 16:58:46 rgb
-+ * Fix skb_copy_expand size bug. Was getting incorrect size.
-+ *
-+ * Revision 1.54 1999/07/14 19:32:38 rgb
-+ * Fix oversize packet crash and ssh stalling in 2.2.x kernels.
-+ *
-+ * Revision 1.53 1999/06/10 15:44:02 rgb
-+ * Minor reformatting and clean-up.
-+ *
-+ * Revision 1.52 1999/05/09 03:25:36 rgb
-+ * Fix bug introduced by 2.2 quick-and-dirty patch.
-+ *
-+ * Revision 1.51 1999/05/08 21:24:59 rgb
-+ * Add casting to silence the 2.2.x compile.
-+ *
-+ * Revision 1.50 1999/05/05 22:02:32 rgb
-+ * Add a quick and dirty port to 2.2 kernels by Marc Boucher <marc@mbsi.ca>.
-+ *
-+ * Revision 1.49 1999/04/29 15:18:52 rgb
-+ * Change gettdb parameter to a pointer to reduce stack loading and
-+ * facilitate parameter sanity checking.
-+ * Fix undetected bug that might have tried to access a null pointer.
-+ * Eliminate unnessessary usage of tdb_xform member to further switch
-+ * away from the transform switch to the algorithm switch.
-+ * Add return values to init and cleanup functions.
-+ *
-+ * Revision 1.48 1999/04/16 15:38:00 rgb
-+ * Minor rearrangement of freeing code to avoid memory leaks with impossible or
-+ * rare situations.
-+ *
-+ * Revision 1.47 1999/04/15 15:37:25 rgb
-+ * Forward check changes from POST1_00 branch.
-+ *
-+ * Revision 1.32.2.4 1999/04/13 21:00:18 rgb
-+ * Ditch 'things I wish I had known before...'.
-+ *
-+ * Revision 1.32.2.3 1999/04/13 20:34:38 rgb
-+ * Free skb after fragmentation.
-+ * Use stats more effectively.
-+ * Add I/F to mtu notch-down reporting.
-+ *
-+ * Revision 1.32.2.2 1999/04/02 04:26:14 rgb
-+ * Backcheck from HEAD, pre1.0.
-+ *
-+ * Revision 1.46 1999/04/11 00:29:00 henry
-+ * GPL boilerplate
-+ *
-+ * Revision 1.45 1999/04/07 15:42:01 rgb
-+ * Fix mtu/ping bug AGAIN!
-+ *
-+ * Revision 1.44 1999/04/06 04:54:27 rgb
-+ * Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+ * patch shell fixes.
-+ *
-+ * Revision 1.43 1999/04/04 03:57:07 rgb
-+ * ip_fragment() doesn't free the supplied skb. Freed.
-+ *
-+ * Revision 1.42 1999/04/01 23:27:15 rgb
-+ * Preload size of virtual mtu.
-+ *
-+ * Revision 1.41 1999/04/01 09:31:23 rgb
-+ * Invert meaning of ICMP PMTUD config option and clarify.
-+ * Code clean-up.
-+ *
-+ * Revision 1.40 1999/04/01 04:37:17 rgb
-+ * SSH stalling bug fix.
-+ *
-+ * Revision 1.39 1999/03/31 23:44:28 rgb
-+ * Don't send ICMP on DF and frag_off.
-+ *
-+ * Revision 1.38 1999/03/31 15:20:10 rgb
-+ * Quiet down debugging.
-+ *
-+ * Revision 1.37 1999/03/31 08:30:31 rgb
-+ * Add switch to shut off ICMP PMTUD packets.
-+ *
-+ * Revision 1.36 1999/03/31 05:44:47 rgb
-+ * Keep PMTU reduction private.
-+ *
-+ * Revision 1.35 1999/03/27 15:13:02 rgb
-+ * PMTU/fragmentation bug fix.
-+ *
-+ * Revision 1.34 1999/03/17 21:19:26 rgb
-+ * Fix kmalloc nonatomic bug.
-+ *
-+ * Revision 1.33 1999/03/17 15:38:42 rgb
-+ * Code clean-up.
-+ * ESP_NULL IV bug fix.
-+ *
-+ * Revision 1.32 1999/03/01 20:44:25 rgb
-+ * Code clean-up.
-+ * Memory leak bug fix.
-+ *
-+ * Revision 1.31 1999/02/27 00:02:09 rgb
-+ * Tune to report the MTU reduction once, rather than after every recursion
-+ * through the encapsulating code, preventing tcp stream stalling.
-+ *
-+ * Revision 1.30 1999/02/24 20:21:01 rgb
-+ * Reformat debug printk's.
-+ * Fix recursive encapsulation, dynamic MTU bugs and add debugging code.
-+ * Clean-up.
-+ *
-+ * Revision 1.29 1999/02/22 17:08:14 rgb
-+ * Fix recursive encapsulation code.
-+ *
-+ * Revision 1.28 1999/02/19 18:27:02 rgb
-+ * Improve DF, fragmentation and PMTU behaviour and add dynamic MTU discovery.
-+ *
-+ * Revision 1.27 1999/02/17 16:51:37 rgb
-+ * Clean out unused cruft.
-+ * Temporarily tone down volume of debug output.
-+ * Temporarily shut off fragment rejection.
-+ * Disabled temporary failed recursive encapsulation loop.
-+ *
-+ * Revision 1.26 1999/02/12 21:21:26 rgb
-+ * Move KLIPS_PRINT to ipsec_netlink.h for accessibility.
-+ *
-+ * Revision 1.25 1999/02/11 19:38:27 rgb
-+ * More clean-up.
-+ * Add sanity checking for skb_copy_expand() to prevent kernel panics on
-+ * skb_put() values out of range.
-+ * Fix head/tailroom calculation causing skb_put() out-of-range values.
-+ * Fix return values to prevent 'nonatomic alloc_skb' warnings.
-+ * Allocate new skb iff needed.
-+ * Added more debug statements.
-+ * Make headroom depend on structure, not hard-coded values.
-+ *
-+ * Revision 1.24 1999/02/10 23:20:33 rgb
-+ * Shut up annoying 'statement has no effect' compiler warnings with
-+ * debugging compiled out.
-+ *
-+ * Revision 1.23 1999/02/10 22:36:30 rgb
-+ * Clean-up obsolete, unused and messy code.
-+ * Converted most IPSEC_DEBUG statements to KLIPS_PRINT macros.
-+ * Rename ipsec_tunnel_do_xmit to ipsec_tunnel_start_xmit and eliminated
-+ * original ipsec_tunnel_start_xmit.
-+ * Send all packet with different inner and outer destinations directly to
-+ * the attached physical device, rather than back through ip_forward,
-+ * preventing disappearing routes problems.
-+ * Do sanity checking before investing too much CPU in allocating new
-+ * structures.
-+ * Fail on IP header options: We cannot process them yet.
-+ * Add some helpful comments.
-+ * Use virtual device for parameters instead of physical device.
-+ *
-+ * Revision 1.22 1999/02/10 03:03:02 rgb
-+ * Duh. Fixed the TTL bug: forgot to update the checksum.
-+ *
-+ * Revision 1.21 1999/02/09 23:17:53 rgb
-+ * Add structure members to ipsec_print_ip debug function.
-+ * Temporarily fix TTL bug preventing tunnel mode from functioning.
-+ *
-+ * Revision 1.20 1999/02/09 00:14:25 rgb
-+ * Add KLIPSPRINT macro. (Not used yet, though.)
-+ * Delete old ip_tunnel code (BADCODE).
-+ * Decrement TTL in outgoing packet.
-+ * Set TTL on new IPIP_TUNNEL to default, not existing packet TTL.
-+ * Delete ethernet only feature and fix hard-coded hard_header_len.
-+ *
-+ * Revision 1.19 1999/01/29 17:56:22 rgb
-+ * 64-bit re-fix submitted by Peter Onion.
-+ *
-+ * Revision 1.18 1999/01/28 22:43:24 rgb
-+ * Fixed bug in ipsec_print_ip that caused an OOPS, found by P.Onion.
-+ *
-+ * Revision 1.17 1999/01/26 02:08:16 rgb
-+ * Removed CONFIG_IPSEC_ALGO_SWITCH macro.
-+ * Removed dead code.
-+ *
-+ * Revision 1.16 1999/01/22 06:25:26 rgb
-+ * Cruft clean-out.
-+ * Added algorithm switch code.
-+ * 64-bit clean-up.
-+ * Passthrough on IPIP protocol, spi 0x0 fix.
-+ * Enhanced debugging.
-+ *
-+ * Revision 1.15 1998/12/01 13:22:04 rgb
-+ * Added support for debug printing of version info.
-+ *
-+ * Revision 1.14 1998/11/30 13:22:55 rgb
-+ * Rationalised all the klips kernel file headers. They are much shorter
-+ * now and won't conflict under RH5.2.
-+ *
-+ * Revision 1.13 1998/11/17 21:13:52 rgb
-+ * Put IKE port bypass debug output in user-switched debug statements.
-+ *
-+ * Revision 1.12 1998/11/13 13:20:25 rgb
-+ * Fixed ntohs bug in udp/500 hole for IKE.
-+ *
-+ * Revision 1.11 1998/11/10 08:01:19 rgb
-+ * Kill tcp/500 hole, keep udp/500 hole.
-+ *
-+ * Revision 1.10 1998/11/09 21:29:26 rgb
-+ * If no eroute is found, discard packet and incr. tx_error.
-+ *
-+ * Revision 1.9 1998/10/31 06:50:00 rgb
-+ * Add tcp/udp/500 bypass.
-+ * Fixed up comments in #endif directives.
-+ *
-+ * Revision 1.8 1998/10/27 00:34:31 rgb
-+ * Reformat debug output of IP headers.
-+ * Newlines added before calls to ipsec_print_ip.
-+ *
-+ * Revision 1.7 1998/10/19 14:44:28 rgb
-+ * Added inclusion of freeswan.h.
-+ * sa_id structure implemented and used: now includes protocol.
-+ *
-+ * Revision 1.6 1998/10/09 04:31:35 rgb
-+ * Added 'klips_debug' prefix to all klips printk debug statements.
-+ *
-+ * Revision 1.5 1998/08/28 03:09:51 rgb
-+ * Prevent kernel log spam with default route through ipsec.
-+ *
-+ * Revision 1.4 1998/08/05 22:23:09 rgb
-+ * Change setdev return code to ENXIO for a non-existant physical device.
-+ *
-+ * Revision 1.3 1998/07/29 20:41:11 rgb
-+ * Add ipsec_tunnel_clear to clear all tunnel attachments.
-+ *
-+ * Revision 1.2 1998/06/25 20:00:33 rgb
-+ * Clean up #endif comments.
-+ * Rename dev_ipsec to dev_ipsec0 for consistency.
-+ * Document ipsec device fields.
-+ * Make ipsec_tunnel_probe visible from rest of kernel for static linking.
-+ * Get debugging report for *every* ipsec device initialisation.
-+ * Comment out redundant code.
-+ *
-+ * Revision 1.1 1998/06/18 21:27:50 henry
-+ * move sources from klips/src to klips/net/ipsec, to keep stupid
-+ * kernel-build scripts happier in the presence of symlinks
-+ *
-+ * Revision 1.8 1998/06/14 23:49:40 rgb
-+ * Clarify version reporting on module loading.
-+ *
-+ * Revision 1.7 1998/05/27 23:19:20 rgb
-+ * Added version reporting.
-+ *
-+ * Revision 1.6 1998/05/18 21:56:23 rgb
-+ * Clean up for numerical consistency of output and cleaning up debug code.
-+ *
-+ * Revision 1.5 1998/05/12 02:44:23 rgb
-+ * Clarifying 'no e-route to host' message.
-+ *
-+ * Revision 1.4 1998/04/30 15:34:35 rgb
-+ * Enclosed most remaining debugging statements in #ifdef's to make it quieter.
-+ *
-+ * Revision 1.3 1998/04/21 21:28:54 rgb
-+ * Rearrange debug switches to change on the fly debug output from user
-+ * space. Only kernel changes checked in at this time. radij.c was also
-+ * changed to temporarily remove buggy debugging code in rj_delete causing
-+ * an OOPS and hence, netlink device open errors.
-+ *
-+ * Revision 1.2 1998/04/12 22:03:24 rgb
-+ * Updated ESP-3DES-HMAC-MD5-96,
-+ * ESP-DES-HMAC-MD5-96,
-+ * AH-HMAC-MD5-96,
-+ * AH-HMAC-SHA1-96 since Henry started freeswan cvs repository
-+ * from old standards (RFC182[5-9] to new (as of March 1998) drafts.
-+ *
-+ * Fixed eroute references in /proc/net/ipsec*.
-+ *
-+ * Started to patch module unloading memory leaks in ipsec_netlink and
-+ * radij tree unloading.
-+ *
-+ * Revision 1.1 1998/04/09 03:06:12 henry
-+ * sources moved up from linux/net/ipsec
-+ *
-+ * Revision 1.1.1.1 1998/04/08 05:35:04 henry
-+ * RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
-+ *
-+ * Revision 0.5 1997/06/03 04:24:48 ji
-+ * Added transport mode.
-+ * Changed the way routing is done.
-+ * Lots of bug fixes.
-+ *
-+ * Revision 0.4 1997/01/15 01:28:15 ji
-+ * No changes.
-+ *
-+ * Revision 0.3 1996/11/20 14:39:04 ji
-+ * Minor cleanups.
-+ * Rationalized debugging code.
-+ *
-+ * Revision 0.2 1996/11/02 00:18:33 ji
-+ * First limited release.
-+ *
-+ * Local Variables:
-+ * c-style: linux
-+ * End:
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_xform.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,360 @@
-+/*
-+ * Common routines for IPSEC transformations.
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998, 1999, 2000, 2001 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_xform.c,v 1.65.2.1 2006-10-06 21:39:26 paul Exp $
-+ */
-+
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "freeswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/interrupt.h> /* mark_bh */
-+
-+#include <linux/netdevice.h> /* struct device, and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+#include <linux/skbuff.h>
-+#include <linux/random.h> /* get_random_bytes() */
-+#include <freeswan.h>
-+#ifdef SPINLOCK
-+# ifdef SPINLOCK_23
-+# include <linux/spinlock.h> /* *lock* */
-+# else /* SPINLOCK_23 */
-+# include <asm/spinlock.h> /* *lock* */
-+# endif /* SPINLOCK_23 */
-+#endif /* SPINLOCK */
-+
-+#include <net/ip.h>
-+
-+#include "freeswan/radij.h"
-+#include "freeswan/ipsec_encap.h"
-+#include "freeswan/ipsec_radij.h"
-+#include "freeswan/ipsec_xform.h"
-+#include "freeswan/ipsec_ipe4.h"
-+#include "freeswan/ipsec_ah.h"
-+#include "freeswan/ipsec_esp.h"
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+int debug_xform = 0;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+#ifdef SPINLOCK
-+spinlock_t tdb_lock = SPIN_LOCK_UNLOCKED;
-+#else /* SPINLOCK */
-+spinlock_t tdb_lock;
-+#endif /* SPINLOCK */
-+
-+/*
-+ * $Log: ipsec_xform.c,v $
-+ * Revision 1.65.2.1 2006-10-06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.65 2005/04/29 05:10:22 mcr
-+ * removed from extraenous includes to make unit testing easier.
-+ *
-+ * Revision 1.64 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.63 2003/10/31 02:27:55 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.62.30.1 2003/10/29 01:30:41 mcr
-+ * elimited "struct sa_id".
-+ *
-+ * Revision 1.62 2002/05/14 02:34:21 rgb
-+ * Delete stale code.
-+ *
-+ * Revision 1.61 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.60 2002/04/24 07:36:33 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_xform.c,v
-+ *
-+ * Revision 1.59 2002/03/29 15:01:36 rgb
-+ * Delete decommissioned code.
-+ *
-+ * Revision 1.58 2002/01/29 17:17:57 mcr
-+ * moved include of ipsec_param.h to after include of linux/kernel.h
-+ * otherwise, it seems that some option that is set in ipsec_param.h
-+ * screws up something subtle in the include path to kernel.h, and
-+ * it complains on the snprintf() prototype.
-+ *
-+ * Revision 1.57 2002/01/29 04:00:53 mcr
-+ * more excise of kversions.h header.
-+ *
-+ * Revision 1.56 2001/11/27 05:17:22 mcr
-+ * turn off the worst of the per-packet debugging.
-+ *
-+ * Revision 1.55 2001/11/26 09:23:50 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.54 2001/10/18 04:45:21 rgb
-+ * 2.4.9 kernel deprecates linux/malloc.h in favour of linux/slab.h,
-+ * lib/freeswan.h version macros moved to lib/kversions.h.
-+ * Other compiler directive cleanups.
-+ *
-+ * Revision 1.53 2001/09/08 21:13:34 rgb
-+ * Added pfkey ident extension support for ISAKMPd. (NetCelo)
-+ *
-+ * Revision 1.52 2001/06/14 19:35:11 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.51 2001/05/30 08:14:03 rgb
-+ * Removed vestiges of esp-null transforms.
-+ *
-+ * Revision 1.50 2001/05/03 19:43:18 rgb
-+ * Initialise error return variable.
-+ * Update SENDERR macro.
-+ * Fix sign of error return code for ipsec_tdbcleanup().
-+ * Use more appropriate return code for ipsec_tdbwipe().
-+ *
-+ * Revision 1.49 2001/04/19 18:56:17 rgb
-+ * Fixed tdb table locking comments.
-+ *
-+ * Revision 1.48 2001/02/27 22:24:55 rgb
-+ * Re-formatting debug output (line-splitting, joining, 1arg/line).
-+ * Check for satoa() return codes.
-+ *
-+ * Revision 1.47 2000/11/06 04:32:08 rgb
-+ * Ditched spin_lock_irqsave in favour of spin_lock_bh.
-+ *
-+ * Revision 1.46 2000/09/20 16:21:57 rgb
-+ * Cleaned up ident string alloc/free.
-+ *
-+ * Revision 1.45 2000/09/08 19:16:51 rgb
-+ * Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
-+ * Removed all references to CONFIG_IPSEC_PFKEYv2.
-+ *
-+ * Revision 1.44 2000/08/30 05:29:04 rgb
-+ * Compiler-define out no longer used tdb_init() in ipsec_xform.c.
-+ *
-+ * Revision 1.43 2000/08/18 21:30:41 rgb
-+ * Purged all tdb_spi, tdb_proto and tdb_dst macros. They are unclear.
-+ *
-+ * Revision 1.42 2000/08/01 14:51:51 rgb
-+ * Removed _all_ remaining traces of DES.
-+ *
-+ * Revision 1.41 2000/07/28 14:58:31 rgb
-+ * Changed kfree_s to kfree, eliminating extra arg to fix 2.4.0-test5.
-+ *
-+ * Revision 1.40 2000/06/28 05:50:11 rgb
-+ * Actually set iv_bits.
-+ *
-+ * Revision 1.39 2000/05/10 23:11:09 rgb
-+ * Added netlink debugging output.
-+ * Added a cast to quiet down the ntohl bug.
-+ *
-+ * Revision 1.38 2000/05/10 19:18:42 rgb
-+ * Cast output of ntohl so that the broken prototype doesn't make our
-+ * compile noisy.
-+ *
-+ * Revision 1.37 2000/03/16 14:04:59 rgb
-+ * Hardwired CONFIG_IPSEC_PFKEYv2 on.
-+ *
-+ * Revision 1.36 2000/01/26 10:11:28 rgb
-+ * Fixed spacing in error text causing run-in words.
-+ *
-+ * Revision 1.35 2000/01/21 06:17:16 rgb
-+ * Tidied up compiler directive indentation for readability.
-+ * Added ictx,octx vars for simplification.(kravietz)
-+ * Added macros for HMAC padding magic numbers.(kravietz)
-+ * Fixed missing key length reporting bug.
-+ * Fixed bug in tdbwipe to return immediately on NULL tdbp passed in.
-+ *
-+ * Revision 1.34 1999/12/08 00:04:19 rgb
-+ * Fixed SA direction overwriting bug for netlink users.
-+ *
-+ * Revision 1.33 1999/12/01 22:16:44 rgb
-+ * Minor formatting changes in ESP MD5 initialisation.
-+ *
-+ * Revision 1.32 1999/11/25 09:06:36 rgb
-+ * Fixed error return messages, should be returning negative numbers.
-+ * Implemented SENDERR macro for propagating error codes.
-+ * Added debug message and separate error code for algorithms not compiled
-+ * in.
-+ *
-+ * Revision 1.31 1999/11/23 23:06:26 rgb
-+ * Sort out pfkey and freeswan headers, putting them in a library path.
-+ *
-+ * Revision 1.30 1999/11/18 04:09:20 rgb
-+ * Replaced all kernel version macros to shorter, readable form.
-+ *
-+ * Revision 1.29 1999/11/17 15:53:40 rgb
-+ * Changed all occurrences of #include "../../../lib/freeswan.h"
-+ * to #include <freeswan.h> which works due to -Ilibfreeswan in the
-+ * klips/net/ipsec/Makefile.
-+ *
-+ * Revision 1.28 1999/10/18 20:04:01 rgb
-+ * Clean-out unused cruft.
-+ *
-+ * Revision 1.27 1999/10/03 19:01:03 rgb
-+ * Spinlock support for 2.3.xx and 2.0.xx kernels.
-+ *
-+ * Revision 1.26 1999/10/01 16:22:24 rgb
-+ * Switch from assignment init. to functional init. of spinlocks.
-+ *
-+ * Revision 1.25 1999/10/01 15:44:54 rgb
-+ * Move spinlock header include to 2.1> scope.
-+ *
-+ * Revision 1.24 1999/10/01 00:03:46 rgb
-+ * Added tdb structure locking.
-+ * Minor formatting changes.
-+ * Add function to initialize tdb hash table.
-+ *
-+ * Revision 1.23 1999/05/25 22:42:12 rgb
-+ * Add deltdbchain() debugging.
-+ *
-+ * Revision 1.22 1999/05/25 21:24:31 rgb
-+ * Add debugging statements to deltdbchain().
-+ *
-+ * Revision 1.21 1999/05/25 03:51:48 rgb
-+ * Refix error return code.
-+ *
-+ * Revision 1.20 1999/05/25 03:34:07 rgb
-+ * Fix error return for flush.
-+ *
-+ * Revision 1.19 1999/05/09 03:25:37 rgb
-+ * Fix bug introduced by 2.2 quick-and-dirty patch.
-+ *
-+ * Revision 1.18 1999/05/05 22:02:32 rgb
-+ * Add a quick and dirty port to 2.2 kernels by Marc Boucher <marc@mbsi.ca>.
-+ *
-+ * Revision 1.17 1999/04/29 15:20:16 rgb
-+ * Change gettdb parameter to a pointer to reduce stack loading and
-+ * facilitate parameter sanity checking.
-+ * Add sanity checking for null pointer arguments.
-+ * Add debugging instrumentation.
-+ * Add function deltdbchain() which will take care of unlinking,
-+ * zeroing and deleting a chain of tdbs.
-+ * Add a parameter to tdbcleanup to be able to delete a class of SAs.
-+ * tdbwipe now actually zeroes the tdb as well as any of its pointed
-+ * structures.
-+ *
-+ * Revision 1.16 1999/04/16 15:36:29 rgb
-+ * Fix cut-and-paste error causing a memory leak in IPIP TDB freeing.
-+ *
-+ * Revision 1.15 1999/04/11 00:29:01 henry
-+ * GPL boilerplate
-+ *
-+ * Revision 1.14 1999/04/06 04:54:28 rgb
-+ * Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+ * patch shell fixes.
-+ *
-+ * Revision 1.13 1999/02/19 18:23:01 rgb
-+ * Nix debug off compile warning.
-+ *
-+ * Revision 1.12 1999/02/17 16:52:16 rgb
-+ * Consolidate satoa()s for space and speed efficiency.
-+ * Convert DEBUG_IPSEC to KLIPS_PRINT
-+ * Clean out unused cruft.
-+ * Ditch NET_IPIP dependancy.
-+ * Loop for 3des key setting.
-+ *
-+ * Revision 1.11 1999/01/26 02:09:05 rgb
-+ * Remove ah/esp/IPIP switching on include files.
-+ * Removed CONFIG_IPSEC_ALGO_SWITCH macro.
-+ * Removed dead code.
-+ * Clean up debug code when switched off.
-+ * Remove references to INET_GET_PROTOCOL.
-+ * Added code exclusion macros to reduce code from unused algorithms.
-+ *
-+ * Revision 1.10 1999/01/22 06:28:55 rgb
-+ * Cruft clean-out.
-+ * Put random IV generation in kernel.
-+ * Added algorithm switch code.
-+ * Enhanced debugging.
-+ * 64-bit clean-up.
-+ *
-+ * Revision 1.9 1998/11/30 13:22:55 rgb
-+ * Rationalised all the klips kernel file headers. They are much shorter
-+ * now and won't conflict under RH5.2.
-+ *
-+ * Revision 1.8 1998/11/25 04:59:06 rgb
-+ * Add conditionals for no IPIP tunnel code.
-+ * Delete commented out code.
-+ *
-+ * Revision 1.7 1998/10/31 06:50:41 rgb
-+ * Convert xform ASCII names to no spaces.
-+ * Fixed up comments in #endif directives.
-+ *
-+ * Revision 1.6 1998/10/19 14:44:28 rgb
-+ * Added inclusion of freeswan.h.
-+ * sa_id structure implemented and used: now includes protocol.
-+ *
-+ * Revision 1.5 1998/10/09 04:32:19 rgb
-+ * Added 'klips_debug' prefix to all klips printk debug statements.
-+ *
-+ * Revision 1.4 1998/08/12 00:11:31 rgb
-+ * Added new xform functions to the xform table.
-+ * Fixed minor debug output spelling error.
-+ *
-+ * Revision 1.3 1998/07/09 17:45:31 rgb
-+ * Clarify algorithm not available message.
-+ *
-+ * Revision 1.2 1998/06/23 03:00:51 rgb
-+ * Check for presence of IPIP protocol if it is setup one way (we don't
-+ * know what has been set up the other way and can only assume it will be
-+ * symmetrical with the exception of keys).
-+ *
-+ * Revision 1.1 1998/06/18 21:27:51 henry
-+ * move sources from klips/src to klips/net/ipsec, to keep stupid
-+ * kernel-build scripts happier in the presence of symlinks
-+ *
-+ * Revision 1.3 1998/06/11 05:54:59 rgb
-+ * Added transform version string pointer to xformsw initialisations.
-+ *
-+ * Revision 1.2 1998/04/21 21:28:57 rgb
-+ * Rearrange debug switches to change on the fly debug output from user
-+ * space. Only kernel changes checked in at this time. radij.c was also
-+ * changed to temporarily remove buggy debugging code in rj_delete causing
-+ * an OOPS and hence, netlink device open errors.
-+ *
-+ * Revision 1.1 1998/04/09 03:06:13 henry
-+ * sources moved up from linux/net/ipsec
-+ *
-+ * Revision 1.1.1.1 1998/04/08 05:35:02 henry
-+ * RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
-+ *
-+ * Revision 0.5 1997/06/03 04:24:48 ji
-+ * Added ESP-3DES-MD5-96
-+ *
-+ * Revision 0.4 1997/01/15 01:28:15 ji
-+ * Added new transforms.
-+ *
-+ * Revision 0.3 1996/11/20 14:39:04 ji
-+ * Minor cleanups.
-+ * Rationalized debugging code.
-+ *
-+ * Revision 0.2 1996/11/02 00:18:33 ji
-+ * First limited release.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_xmit.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,1877 @@
-+/*
-+ * IPSEC Transmit code.
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998-2003 Richard Guy Briggs.
-+ * Copyright (C) 2004-2005 Michael Richardson <mcr@xelerance.com>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ */
-+
-+char ipsec_xmit_c_version[] = "RCSID $Id: ipsec_xmit.c,v 1.20.2.13 2007-10-30 21:38:56 paul Exp $";
-+
-+#define __NO_VERSION__
-+#include <linux/module.h>
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif /* for CONFIG_IP_FORWARD */
-+#include <linux/version.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "openswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/interrupt.h> /* mark_bh */
-+
-+#include <linux/netdevice.h> /* struct device, struct net_device_stats, dev_queue_xmit() and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+#include <linux/tcp.h> /* struct tcphdr */
-+#include <linux/udp.h> /* struct udphdr */
-+#include <linux/skbuff.h>
-+#include <asm/uaccess.h>
-+#include <asm/checksum.h>
-+#include <openswan.h>
-+#ifdef NET_21
-+# define MSS_HACK_ /* experimental */
-+# include <linux/in6.h>
-+# include <net/dst.h>
-+# define proto_priv cb
-+#endif /* NET_21 */
-+
-+#include <net/icmp.h> /* icmp_send() */
-+#include <net/ip.h>
-+#ifdef NETDEV_23
-+# include <linux/netfilter_ipv4.h>
-+#endif /* NETDEV_23 */
-+
-+#include <linux/if_arp.h>
-+#ifdef MSS_HACK
-+# include <net/tcp.h> /* TCP options */
-+#endif /* MSS_HACK */
-+
-+#include "openswan/radij.h"
-+#include "openswan/ipsec_life.h"
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_eroute.h"
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_radij.h"
-+#include "openswan/ipsec_xmit.h"
-+#include "openswan/ipsec_sa.h"
-+#include "openswan/ipsec_tunnel.h"
-+#include "openswan/ipsec_ipe4.h"
-+#include "openswan/ipsec_ah.h"
-+#include "openswan/ipsec_esp.h"
-+
-+#ifdef CONFIG_KLIPS_IPCOMP
-+#include "openswan/ipcomp.h"
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+#include "openswan/ipsec_proto.h"
-+#include "openswan/ipsec_alg.h"
-+
-+
-+/*
-+ * Stupid kernel API differences in APIs. Not only do some
-+ * kernels not have ip_select_ident, but some have differing APIs,
-+ * and SuSE has one with one parameter, but no way of checking to
-+ * see what is really what.
-+ */
-+
-+#ifdef SUSE_LINUX_2_4_19_IS_STUPID
-+#define KLIPS_IP_SELECT_IDENT(iph, skb) ip_select_ident(iph)
-+#else
-+
-+/* simplest case, nothing */
-+#if !defined(IP_SELECT_IDENT)
-+#define KLIPS_IP_SELECT_IDENT(iph, skb) do { iph->id = htons(ip_id_count++); } while(0)
-+#endif
-+
-+/* kernels > 2.3.37-ish */
-+#if defined(IP_SELECT_IDENT) && !defined(IP_SELECT_IDENT_NEW)
-+#define KLIPS_IP_SELECT_IDENT(iph, skb) ip_select_ident(iph, skb->dst)
-+#endif
-+
-+/* kernels > 2.4.2 */
-+#if defined(IP_SELECT_IDENT) && defined(IP_SELECT_IDENT_NEW)
-+#define KLIPS_IP_SELECT_IDENT(iph, skb) ip_select_ident(iph, skb->dst, NULL)
-+#endif
-+
-+#endif /* SUSE_LINUX_2_4_19_IS_STUPID */
-+
-+
-+
-+#if defined(CONFIG_KLIPS_AH)
-+static __u32 zeroes[64];
-+#endif
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+int sysctl_ipsec_debug_verbose = 0;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+int ipsec_xmit_trap_count = 0;
-+int ipsec_xmit_trap_sendcount = 0;
-+
-+int sysctl_ipsec_icmp = 0;
-+int sysctl_ipsec_tos = 0;
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+#define dmp(_x,_y,_z) if(debug_tunnel) ipsec_dmp_block(_x,_y,_z)
-+#else /* CONFIG_KLIPS_DEBUG */
-+#define dmp(_x, _y, _z)
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+
-+#if !defined(SKB_COPY_EXPAND) || defined(KLIPS_UNIT_TESTS)
-+/*
-+ * This is mostly skbuff.c:skb_copy().
-+ */
-+struct sk_buff *
-+skb_copy_expand(const struct sk_buff *skb, int headroom,
-+ int tailroom, int priority)
-+{
-+ struct sk_buff *n;
-+ unsigned long offset;
-+
-+ /*
-+ * Do sanity checking
-+ */
-+ if((headroom < 0) || (tailroom < 0) || ((headroom+tailroom) < 0)) {
-+ printk(KERN_WARNING
-+ "klips_error:skb_copy_expand: "
-+ "Illegal negative head,tailroom %d,%d\n",
-+ headroom,
-+ tailroom);
-+ return NULL;
-+ }
-+ /*
-+ * Allocate the copy buffer
-+ */
-+
-+#ifndef NET_21
-+ IS_SKB(skb);
-+#endif /* !NET_21 */
-+
-+
-+ n=alloc_skb(skb->end - skb->head + headroom + tailroom, priority);
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:skb_copy_expand: "
-+ "allocating %d bytes, head=0p%p data=0p%p tail=0p%p end=0p%p end-head=%d tail-data=%d\n",
-+ skb->end - skb->head + headroom + tailroom,
-+ skb->head,
-+ skb->data,
-+ skb->tail,
-+ skb->end,
-+ skb->end - skb->head,
-+ skb->tail - skb->data);
-+
-+ if(n==NULL)
-+ return NULL;
-+
-+ /*
-+ * Shift between the two data areas in bytes
-+ */
-+
-+ /* Set the data pointer */
-+ skb_reserve(n,skb->data-skb->head+headroom);
-+ /* Set the tail pointer and length */
-+ if(skb_tailroom(n) < skb->len) {
-+ printk(KERN_WARNING "klips_error:skb_copy_expand: "
-+ "tried to skb_put %ld, %d available. This should never happen, please report.\n",
-+ (unsigned long int)skb->len,
-+ skb_tailroom(n));
-+ ipsec_kfree_skb(n);
-+ return NULL;
-+ }
-+ skb_put(n,skb->len);
-+
-+ offset=n->head + headroom - skb->head;
-+
-+ /* Copy the bytes */
-+ memcpy(n->head + headroom, skb->head,skb->end-skb->head);
-+#ifdef NET_21
-+ n->csum=skb->csum;
-+ n->priority=skb->priority;
-+ n->dst=dst_clone(skb->dst);
-+ if(skb->nh.raw)
-+ n->nh.raw=skb->nh.raw+offset;
-+#ifndef NETDEV_23
-+ n->is_clone=0;
-+#endif /* NETDEV_23 */
-+ atomic_set(&n->users, 1);
-+ n->destructor = NULL;
-+#ifdef HAVE_SOCK_SECURITY
-+ n->security=skb->security;
-+#endif
-+#else /* NET_21 */
-+ n->link3=NULL;
-+ n->when=skb->when;
-+ if(skb->ip_hdr)
-+ n->ip_hdr=(struct iphdr *)(((char *)skb->ip_hdr)+offset);
-+ n->saddr=skb->saddr;
-+ n->daddr=skb->daddr;
-+ n->raddr=skb->raddr;
-+ n->seq=skb->seq;
-+ n->end_seq=skb->end_seq;
-+ n->ack_seq=skb->ack_seq;
-+ n->acked=skb->acked;
-+ n->free=1;
-+ n->arp=skb->arp;
-+ n->tries=0;
-+ n->lock=0;
-+ n->users=0;
-+#endif /* NET_21 */
-+ n->protocol=skb->protocol;
-+ n->list=NULL;
-+ n->sk=NULL;
-+ n->dev=skb->dev;
-+ if(skb->h.raw)
-+ n->h.raw=skb->h.raw+offset;
-+ if(skb->mac.raw)
-+ n->mac.raw=skb->mac.raw+offset;
-+ memcpy(n->proto_priv, skb->proto_priv, sizeof(skb->proto_priv));
-+#ifndef NETDEV_23
-+ n->used=skb->used;
-+#endif /* !NETDEV_23 */
-+ n->pkt_type=skb->pkt_type;
-+ n->stamp=skb->stamp;
-+
-+#ifndef NET_21
-+ IS_SKB(n);
-+#endif /* !NET_21 */
-+ return n;
-+}
-+#endif /* !SKB_COPY_EXPAND */
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+void
-+ipsec_print_ip(struct iphdr *ip)
-+{
-+ char buf[ADDRTOA_BUF];
-+
-+ printk(KERN_INFO "klips_debug: IP:");
-+ printk(" ihl:%d", ip->ihl << 2);
-+ printk(" ver:%d", ip->version);
-+ printk(" tos:%d", ip->tos);
-+ printk(" tlen:%d", ntohs(ip->tot_len));
-+ printk(" id:%d", ntohs(ip->id));
-+ printk(" %s%s%sfrag_off:%d",
-+ ip->frag_off & __constant_htons(IP_CE) ? "CE " : "",
-+ ip->frag_off & __constant_htons(IP_DF) ? "DF " : "",
-+ ip->frag_off & __constant_htons(IP_MF) ? "MF " : "",
-+ (ntohs(ip->frag_off) & IP_OFFSET) << 3);
-+ printk(" ttl:%d", ip->ttl);
-+ printk(" proto:%d", ip->protocol);
-+ if(ip->protocol == IPPROTO_UDP)
-+ printk(" (UDP)");
-+ if(ip->protocol == IPPROTO_TCP)
-+ printk(" (TCP)");
-+ if(ip->protocol == IPPROTO_ICMP)
-+ printk(" (ICMP)");
-+ if(ip->protocol == IPPROTO_ESP)
-+ printk(" (ESP)");
-+ if(ip->protocol == IPPROTO_AH)
-+ printk(" (AH)");
-+ if(ip->protocol == IPPROTO_COMP)
-+ printk(" (COMP)");
-+ printk(" chk:%d", ntohs(ip->check));
-+ addrtoa(*((struct in_addr*)(&ip->saddr)), 0, buf, sizeof(buf));
-+ printk(" saddr:%s", buf);
-+ if(ip->protocol == IPPROTO_UDP)
-+ printk(":%d",
-+ ntohs(((struct udphdr*)((caddr_t)ip + (ip->ihl << 2)))->source));
-+ if(ip->protocol == IPPROTO_TCP)
-+ printk(":%d",
-+ ntohs(((struct tcphdr*)((caddr_t)ip + (ip->ihl << 2)))->source));
-+ addrtoa(*((struct in_addr*)(&ip->daddr)), 0, buf, sizeof(buf));
-+ printk(" daddr:%s", buf);
-+ if(ip->protocol == IPPROTO_UDP)
-+ printk(":%d",
-+ ntohs(((struct udphdr*)((caddr_t)ip + (ip->ihl << 2)))->dest));
-+ if(ip->protocol == IPPROTO_TCP)
-+ printk(":%d",
-+ ntohs(((struct tcphdr*)((caddr_t)ip + (ip->ihl << 2)))->dest));
-+ if(ip->protocol == IPPROTO_ICMP)
-+ printk(" type:code=%d:%d",
-+ ((struct icmphdr*)((caddr_t)ip + (ip->ihl << 2)))->type,
-+ ((struct icmphdr*)((caddr_t)ip + (ip->ihl << 2)))->code);
-+ printk("\n");
-+
-+ if(sysctl_ipsec_debug_verbose) {
-+ __u8 *c;
-+ int len = ntohs(ip->tot_len) - ip->ihl*4;
-+
-+ c = ((__u8*)ip) + ip->ihl*4;
-+ ipsec_dmp_block("ip_print", c, len);
-+ }
-+}
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+#ifdef MSS_HACK
-+/*
-+ * Issues:
-+ * 1) Fragments arriving in the tunnel should probably be rejected.
-+ * 2) How does this affect syncookies, mss_cache, dst cache ?
-+ * 3) Path MTU discovery handling needs to be reviewed. For example,
-+ * if we receive an ICMP 'packet too big' message from an intermediate
-+ * router specifying it's next hop MTU, our stack may process this and
-+ * adjust the MSS without taking our AH/ESP overheads into account.
-+ */
-+
-+
-+/*
-+ * Recaclulate checksum using differences between changed datum,
-+ * borrowed from netfilter.
-+ */
-+DEBUG_NO_STATIC u_int16_t
-+ipsec_fast_csum(u_int32_t oldvalinv, u_int32_t newval, u_int16_t oldcheck)
-+{
-+ u_int32_t diffs[] = { oldvalinv, newval };
-+ return csum_fold(csum_partial((char *)diffs, sizeof(diffs),
-+ oldcheck^0xFFFF));
-+}
-+
-+/*
-+ * Determine effective MSS.
-+ *
-+ * Note that we assume that there is always an MSS option for our own
-+ * SYN segments, which is mentioned in tcp_syn_build_options(), kernel 2.2.x.
-+ * This could change, and we should probably parse TCP options instead.
-+ *
-+ */
-+DEBUG_NO_STATIC u_int8_t
-+ipsec_adjust_mss(struct sk_buff *skb, struct tcphdr *tcph, u_int16_t mtu)
-+{
-+ u_int16_t oldmss, newmss;
-+ u_int32_t *mssp;
-+ struct sock *sk = skb->sk;
-+
-+ newmss = tcp_sync_mss(sk, mtu);
-+ printk(KERN_INFO "klips: setting mss to %u\n", newmss);
-+ mssp = (u_int32_t *)tcph + sizeof(struct tcphdr) / sizeof(u_int32_t);
-+ oldmss = ntohl(*mssp) & 0x0000FFFF;
-+ *mssp = htonl((TCPOPT_MSS << 24) | (TCPOLEN_MSS << 16) | newmss);
-+ tcph->check = ipsec_fast_csum(htons(~oldmss),
-+ htons(newmss), tcph->check);
-+ return 1;
-+}
-+#endif /* MSS_HACK */
-+
-+/*
-+ * Sanity checks
-+ */
-+enum ipsec_xmit_value
-+ipsec_xmit_sanity_check_dev(struct ipsec_xmit_state *ixs)
-+{
-+
-+ if (ixs->dev == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_error:ipsec_xmit_sanity_check_dev: "
-+ "No device associated with skb!\n" );
-+ return IPSEC_XMIT_NODEV;
-+ }
-+
-+ ixs->prv = ixs->dev->priv;
-+ if (ixs->prv == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_error:ipsec_xmit_sanity_check_dev: "
-+ "Device has no private structure!\n" );
-+ return IPSEC_XMIT_NOPRIVDEV;
-+ }
-+
-+ ixs->physdev = ixs->prv->dev;
-+ if (ixs->physdev == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_error:ipsec_xmit_sanity_check_dev: "
-+ "Device is not attached to physical device!\n" );
-+ return IPSEC_XMIT_NOPHYSDEV;
-+ }
-+
-+ ixs->physmtu = ixs->physdev->mtu;
-+ ixs->cur_mtu = ixs->physdev->mtu;
-+ ixs->stats = (struct net_device_stats *) &(ixs->prv->mystats);
-+
-+ return IPSEC_XMIT_OK;
-+}
-+
-+enum ipsec_xmit_value
-+ipsec_xmit_sanity_check_skb(struct ipsec_xmit_state *ixs)
-+{
-+ /*
-+ * Return if there is nothing to do. (Does this ever happen?) XXX
-+ */
-+ if (ixs->skb == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_error:ipsec_xmit_sanity_check_skb: "
-+ "Nothing to do!\n" );
-+ return IPSEC_XMIT_NOSKB;
-+ }
-+
-+ /* if skb was cloned (most likely due to a packet sniffer such as
-+ tcpdump being momentarily attached to the interface), make
-+ a copy of our own to modify */
-+ if(skb_cloned(ixs->skb)) {
-+ if
-+#ifdef SKB_COW_NEW
-+ (skb_cow(ixs->skb, skb_headroom(ixs->skb)) != 0)
-+#else /* SKB_COW_NEW */
-+ ((ixs->skb = skb_cow(ixs->skb, skb_headroom(ixs->skb))) == NULL)
-+#endif /* SKB_COW_NEW */
-+ {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_error:ipsec_xmit_sanity_check_skb: "
-+ "skb_cow failed to allocate buffer, dropping.\n" );
-+ ixs->stats->tx_dropped++;
-+ return IPSEC_XMIT_ERRSKBALLOC;
-+ }
-+ }
-+
-+ ixs->iph = ip_hdr(ixs->skb);
-+
-+ /* sanity check for IP version as we can't handle IPv6 right now */
-+ if (ixs->iph->version != 4) {
-+ KLIPS_PRINT(debug_tunnel,
-+ "klips_debug:ipsec_xmit_sanity_check_skb: "
-+ "found IP Version %d but cannot process other IP versions than v4.\n",
-+ ixs->iph->version); /* XXX */
-+ ixs->stats->tx_dropped++;
-+ return IPSEC_XMIT_NOIPV6;
-+ }
-+
-+#if IPSEC_DISALLOW_IPOPTIONS
-+ if ((ixs->iph->ihl << 2) != sizeof (struct iphdr)) {
-+ KLIPS_PRINT(debug_tunnel,
-+ "klips_debug:ipsec_xmit_sanity_check_skb: "
-+ "cannot process IP header options yet. May be mal-formed packet.\n"); /* XXX */
-+ ixs->stats->tx_dropped++;
-+ return IPSEC_XMIT_NOIPOPTIONS;
-+ }
-+#endif /* IPSEC_DISALLOW_IPOPTIONS */
-+
-+#ifndef NET_21
-+ if (ixs->iph->ttl <= 0) {
-+ /* Tell the sender its packet died... */
-+ ICMP_SEND(ixs->skb, ICMP_TIME_EXCEEDED, ICMP_EXC_TTL, 0, ixs->physdev);
-+
-+ KLIPS_PRINT(debug_tunnel, "klips_debug:ipsec_xmit_sanity_check_skb: "
-+ "TTL=0, too many hops!\n");
-+ ixs->stats->tx_dropped++;
-+ return IPSEC_XMIT_TTLEXPIRED;
-+ }
-+#endif /* !NET_21 */
-+
-+ return IPSEC_XMIT_OK;
-+}
-+
-+enum ipsec_xmit_value
-+ipsec_xmit_encap_once(struct ipsec_xmit_state *ixs)
-+{
-+#ifdef CONFIG_KLIPS_ESP
-+ struct esphdr *espp;
-+ unsigned char *idat, *pad;
-+ int authlen = 0, padlen = 0, i;
-+#endif /* !CONFIG_KLIPS_ESP */
-+#ifdef CONFIG_KLIPS_AH
-+ struct iphdr ipo;
-+ struct ahhdr *ahp;
-+#endif /* CONFIG_KLIPS_AH */
-+#if defined(CONFIG_KLIPS_AUTH_HMAC_MD5) || defined(CONFIG_KLIPS_AUTH_HMAC_SHA1)
-+ union {
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_MD5
-+ MD5_CTX md5;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_MD5 */
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_SHA1
-+ SHA1_CTX sha1;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_SHA1 */
-+ } tctx;
-+ __u8 hash[AH_AMAX];
-+#endif /* defined(CONFIG_KLIPS_AUTH_HMAC_MD5) || defined(CONFIG_KLIPS_AUTH_HMACn_SHA1) */
-+ int headroom = 0, tailroom = 0, ilen = 0, len = 0;
-+ unsigned char *dat;
-+ int blocksize = 8; /* XXX: should be inside ixs --jjo */
-+ struct ipsec_alg_enc *ixt_e = NULL;
-+ struct ipsec_alg_auth *ixt_a = NULL;
-+
-+ ixs->iphlen = ixs->iph->ihl << 2;
-+ ixs->pyldsz = ntohs(ixs->iph->tot_len) - ixs->iphlen;
-+ ixs->sa_len = KLIPS_SATOT(debug_tunnel, &ixs->ipsp->ips_said, 0, ixs->sa_txt, SATOT_BUF);
-+ KLIPS_PRINT(debug_tunnel & DB_TN_OXFS,
-+ "klips_debug:ipsec_xmit_encap_once: "
-+ "calling output for <%s%s%s>, SA:%s\n",
-+ IPS_XFORM_NAME(ixs->ipsp),
-+ ixs->sa_len ? ixs->sa_txt : " (error)");
-+
-+ switch(ixs->ipsp->ips_said.proto) {
-+#ifdef CONFIG_KLIPS_AH
-+ case IPPROTO_AH:
-+ headroom += sizeof(struct ahhdr);
-+ break;
-+#endif /* CONFIG_KLIPS_AH */
-+
-+#ifdef CONFIG_KLIPS_ESP
-+ case IPPROTO_ESP:
-+ ixt_e=ixs->ipsp->ips_alg_enc;
-+ if (ixt_e) {
-+ blocksize = ixt_e->ixt_common.ixt_blocksize;
-+ headroom += ESP_HEADER_LEN + ixt_e->ixt_common.ixt_support.ias_ivlen/8;
-+ } else {
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_ESP_BADALG;
-+ }
-+
-+ ixt_a=ixs->ipsp->ips_alg_auth;
-+ if (ixt_a) {
-+ tailroom += AHHMAC_HASHLEN;
-+ authlen = AHHMAC_HASHLEN;
-+ } else
-+ switch(ixs->ipsp->ips_authalg) {
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_MD5
-+ case AH_MD5:
-+ authlen = AHHMAC_HASHLEN;
-+ break;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_MD5 */
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_SHA1
-+ case AH_SHA:
-+ authlen = AHHMAC_HASHLEN;
-+ break;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_SHA1 */
-+ case AH_NONE:
-+ break;
-+ default:
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_ESP_BADALG;
-+ }
-+ tailroom += blocksize != 1 ?
-+ ((blocksize - ((ixs->pyldsz + 2) % blocksize)) % blocksize) + 2 :
-+ ((4 - ((ixs->pyldsz + 2) % 4)) % 4) + 2;
-+ tailroom += authlen;
-+ break;
-+#endif /* CONFIG_KLIPS_ESP */
-+
-+#ifdef CONFIG_KLIPS_IPIP
-+ case IPPROTO_IPIP:
-+ headroom += sizeof(struct iphdr);
-+ ixs->iphlen = sizeof(struct iphdr);
-+ break;
-+#endif /* !CONFIG_KLIPS_IPIP */
-+
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ case IPPROTO_COMP:
-+ break;
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+
-+ default:
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_BADPROTO;
-+ }
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_encap_once: "
-+ "pushing %d bytes, putting %d, proto %d.\n",
-+ headroom, tailroom, ixs->ipsp->ips_said.proto);
-+ if(skb_headroom(ixs->skb) < headroom) {
-+ printk(KERN_WARNING
-+ "klips_error:ipsec_xmit_encap_once: "
-+ "tried to skb_push headroom=%d, %d available. This should never happen, please report.\n",
-+ headroom, skb_headroom(ixs->skb));
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_ESP_PUSHPULLERR;
-+ }
-+
-+ dat = skb_push(ixs->skb, headroom);
-+ ilen = ixs->skb->len - tailroom;
-+ if(skb_tailroom(ixs->skb) < tailroom) {
-+ printk(KERN_WARNING
-+ "klips_error:ipsec_xmit_encap_once: "
-+ "tried to skb_put %d, %d available. This should never happen, please report.\n",
-+ tailroom, skb_tailroom(ixs->skb));
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_ESP_PUSHPULLERR;
-+ }
-+ skb_put(ixs->skb, tailroom);
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_encap_once: "
-+ "head,tailroom: %d,%d before xform.\n",
-+ skb_headroom(ixs->skb), skb_tailroom(ixs->skb));
-+ len = ixs->skb->len;
-+ if(len > 0xfff0) {
-+ printk(KERN_WARNING "klips_error:ipsec_xmit_encap_once: "
-+ "tot_len (%d) > 65520. This should never happen, please report.\n",
-+ len);
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_BADLEN;
-+ }
-+ memmove((void *)dat, (void *)(dat + headroom), ixs->iphlen);
-+ ixs->iph = (struct iphdr *)dat;
-+ ixs->iph->tot_len = htons(ixs->skb->len);
-+
-+ switch(ixs->ipsp->ips_said.proto) {
-+#ifdef CONFIG_KLIPS_ESP
-+ case IPPROTO_ESP:
-+ espp = (struct esphdr *)(dat + ixs->iphlen);
-+ espp->esp_spi = ixs->ipsp->ips_said.spi;
-+ espp->esp_rpl = htonl(++(ixs->ipsp->ips_replaywin_lastseq));
-+
-+ if (!ixt_e) {
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_ESP_BADALG;
-+ }
-+
-+ idat = dat + ixs->iphlen + headroom;
-+ ilen = len - (ixs->iphlen + headroom + authlen);
-+
-+ /* Self-describing padding */
-+ pad = &dat[len - tailroom];
-+ padlen = tailroom - 2 - authlen;
-+ for (i = 0; i < padlen; i++) {
-+ pad[i] = i + 1;
-+ }
-+ dat[len - authlen - 2] = padlen;
-+
-+ dat[len - authlen - 1] = ixs->iph->protocol;
-+ ixs->iph->protocol = IPPROTO_ESP;
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(debug_tunnel & DB_TN_ENCAP) {
-+ dmp("pre-encrypt", dat, len);
-+ }
-+#endif
-+
-+ /*
-+ * Do all operations here:
-+ * copy IV->ESP, encrypt, update ips IV
-+ *
-+ */
-+ {
-+ int ret;
-+ memcpy(espp->esp_iv,
-+ ixs->ipsp->ips_iv,
-+ ixs->ipsp->ips_iv_size);
-+ ret=ipsec_alg_esp_encrypt(ixs->ipsp,
-+ idat, ilen, espp->esp_iv,
-+ IPSEC_ALG_ENCRYPT);
-+
-+ prng_bytes(&ipsec_prng,
-+ (char *)ixs->ipsp->ips_iv,
-+ ixs->ipsp->ips_iv_size);
-+ }
-+
-+ if (ixt_a) {
-+ ipsec_alg_sa_esp_hash(ixs->ipsp,
-+ (caddr_t)espp, len - ixs->iphlen - authlen,
-+ &(dat[len - authlen]), authlen);
-+
-+ } else
-+ switch(ixs->ipsp->ips_authalg) {
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_MD5
-+ case AH_MD5:
-+ dmp("espp", (char*)espp, len - ixs->iphlen - authlen);
-+ tctx.md5 = ((struct md5_ctx*)(ixs->ipsp->ips_key_a))->ictx;
-+ dmp("ictx", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Update(&tctx.md5, (caddr_t)espp, len - ixs->iphlen - authlen);
-+ dmp("ictx+dat", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Final(hash, &tctx.md5);
-+ dmp("ictx hash", (char*)&hash, sizeof(hash));
-+ tctx.md5 = ((struct md5_ctx*)(ixs->ipsp->ips_key_a))->octx;
-+ dmp("octx", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Update(&tctx.md5, hash, AHMD596_ALEN);
-+ dmp("octx+hash", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Final(hash, &tctx.md5);
-+ dmp("octx hash", (char*)&hash, sizeof(hash));
-+ memcpy(&(dat[len - authlen]), hash, authlen);
-+
-+ /* paranoid */
-+ memset((caddr_t)&tctx.md5, 0, sizeof(tctx.md5));
-+ memset((caddr_t)hash, 0, sizeof(*hash));
-+ break;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_MD5 */
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_SHA1
-+ case AH_SHA:
-+ tctx.sha1 = ((struct sha1_ctx*)(ixs->ipsp->ips_key_a))->ictx;
-+ SHA1Update(&tctx.sha1, (caddr_t)espp, len - ixs->iphlen - authlen);
-+ SHA1Final(hash, &tctx.sha1);
-+ tctx.sha1 = ((struct sha1_ctx*)(ixs->ipsp->ips_key_a))->octx;
-+ SHA1Update(&tctx.sha1, hash, AHSHA196_ALEN);
-+ SHA1Final(hash, &tctx.sha1);
-+ memcpy(&(dat[len - authlen]), hash, authlen);
-+
-+ /* paranoid */
-+ memset((caddr_t)&tctx.sha1, 0, sizeof(tctx.sha1));
-+ memset((caddr_t)hash, 0, sizeof(*hash));
-+ break;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_SHA1 */
-+ case AH_NONE:
-+ break;
-+ default:
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_AH_BADALG;
-+ }
-+#ifdef NET_21
-+ /*ixs->skb->h.raw = (unsigned char*)espp;*/
-+ skb_set_transport_header(ixs->skb, ipsec_skb_offset(ixs->skb, espp));
-+#endif /* NET_21 */
-+ break;
-+#endif /* !CONFIG_KLIPS_ESP */
-+#ifdef CONFIG_KLIPS_AH
-+ case IPPROTO_AH:
-+ ahp = (struct ahhdr *)(dat + ixs->iphlen);
-+ ahp->ah_spi = ixs->ipsp->ips_said.spi;
-+ ahp->ah_rpl = htonl(++(ixs->ipsp->ips_replaywin_lastseq));
-+ ahp->ah_rv = 0;
-+ ahp->ah_nh = ixs->iph->protocol;
-+ ahp->ah_hl = (headroom >> 2) - sizeof(__u64)/sizeof(__u32);
-+ ixs->iph->protocol = IPPROTO_AH;
-+ dmp("ahp", (char*)ahp, sizeof(*ahp));
-+
-+ ipo = *ixs->iph;
-+ ipo.tos = 0;
-+ ipo.frag_off = 0;
-+ ipo.ttl = 0;
-+ ipo.check = 0;
-+ dmp("ipo", (char*)&ipo, sizeof(ipo));
-+
-+ switch(ixs->ipsp->ips_authalg) {
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_MD5
-+ case AH_MD5:
-+ tctx.md5 = ((struct md5_ctx*)(ixs->ipsp->ips_key_a))->ictx;
-+ dmp("ictx", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Update(&tctx.md5, (unsigned char *)&ipo, sizeof (struct iphdr));
-+ dmp("ictx+ipo", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Update(&tctx.md5, (unsigned char *)ahp, headroom - sizeof(ahp->ah_data));
-+ dmp("ictx+ahp", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Update(&tctx.md5, (unsigned char *)zeroes, AHHMAC_HASHLEN);
-+ dmp("ictx+zeroes", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Update(&tctx.md5, dat + ixs->iphlen + headroom, len - ixs->iphlen - headroom);
-+ dmp("ictx+dat", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Final(hash, &tctx.md5);
-+ dmp("ictx hash", (char*)&hash, sizeof(hash));
-+ tctx.md5 = ((struct md5_ctx*)(ixs->ipsp->ips_key_a))->octx;
-+ dmp("octx", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Update(&tctx.md5, hash, AHMD596_ALEN);
-+ dmp("octx+hash", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Final(hash, &tctx.md5);
-+ dmp("octx hash", (char*)&hash, sizeof(hash));
-+
-+ memcpy(ahp->ah_data, hash, AHHMAC_HASHLEN);
-+
-+ /* paranoid */
-+ memset((caddr_t)&tctx.md5, 0, sizeof(tctx.md5));
-+ memset((caddr_t)hash, 0, sizeof(*hash));
-+ break;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_MD5 */
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_SHA1
-+ case AH_SHA:
-+ tctx.sha1 = ((struct sha1_ctx*)(ixs->ipsp->ips_key_a))->ictx;
-+ SHA1Update(&tctx.sha1, (unsigned char *)&ipo, sizeof (struct iphdr));
-+ SHA1Update(&tctx.sha1, (unsigned char *)ahp, headroom - sizeof(ahp->ah_data));
-+ SHA1Update(&tctx.sha1, (unsigned char *)zeroes, AHHMAC_HASHLEN);
-+ SHA1Update(&tctx.sha1, dat + ixs->iphlen + headroom, len - ixs->iphlen - headroom);
-+ SHA1Final(hash, &tctx.sha1);
-+ tctx.sha1 = ((struct sha1_ctx*)(ixs->ipsp->ips_key_a))->octx;
-+ SHA1Update(&tctx.sha1, hash, AHSHA196_ALEN);
-+ SHA1Final(hash, &tctx.sha1);
-+
-+ memcpy(ahp->ah_data, hash, AHHMAC_HASHLEN);
-+
-+ /* paranoid */
-+ memset((caddr_t)&tctx.sha1, 0, sizeof(tctx.sha1));
-+ memset((caddr_t)hash, 0, sizeof(*hash));
-+ break;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_SHA1 */
-+ default:
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_AH_BADALG;
-+ }
-+#ifdef NET_21
-+ skb_set_transport_header(ixs->skb, ipsec_skb_offset(ixs->skb, ahp));
-+#endif /* NET_21 */
-+ break;
-+#endif /* CONFIG_KLIPS_AH */
-+#ifdef CONFIG_KLIPS_IPIP
-+ case IPPROTO_IPIP:
-+ ixs->iph->version = 4;
-+ switch(sysctl_ipsec_tos) {
-+ case 0:
-+#ifdef NET_21
-+ ixs->iph->tos = ip_hdr(ixs->skb)->tos;
-+#else /* NET_21 */
-+ ixs->iph->tos = ixs->skb->ip_hdr->tos;
-+#endif /* NET_21 */
-+ break;
-+ case 1:
-+ ixs->iph->tos = 0;
-+ break;
-+ default:
-+ break;
-+ }
-+ ixs->iph->ttl = SYSCTL_IPSEC_DEFAULT_TTL;
-+ ixs->iph->frag_off = 0;
-+ ixs->iph->saddr = ((struct sockaddr_in*)(ixs->ipsp->ips_addr_s))->sin_addr.s_addr;
-+ ixs->iph->daddr = ((struct sockaddr_in*)(ixs->ipsp->ips_addr_d))->sin_addr.s_addr;
-+ ixs->iph->protocol = IPPROTO_IPIP;
-+ ixs->iph->ihl = sizeof(struct iphdr) >> 2;
-+
-+ KLIPS_IP_SELECT_IDENT(ixs->iph, ixs->skb);
-+
-+ ixs->newdst = (__u32)ixs->iph->daddr;
-+ ixs->newsrc = (__u32)ixs->iph->saddr;
-+
-+#ifdef NET_21
-+ skb_set_transport_header(ixs->skb, ipsec_skb_offset(ixs->skb, ip_hdr(ixs->skb)));
-+#endif /* NET_21 */
-+ break;
-+#endif /* !CONFIG_KLIPS_IPIP */
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ case IPPROTO_COMP:
-+ {
-+ unsigned int flags = 0;
-+#ifdef CONFIG_KLIPS_DEBUG
-+ unsigned int old_tot_len = ntohs(ixs->iph->tot_len);
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ ixs->ipsp->ips_comp_ratio_dbytes += ntohs(ixs->iph->tot_len);
-+
-+ ixs->skb = skb_compress(ixs->skb, ixs->ipsp, &flags);
-+
-+#ifdef NET_21
-+ ixs->iph = ip_hdr(ixs->skb);
-+#else /* NET_21 */
-+ ixs->iph = ixs->skb->ip_hdr;
-+#endif /* NET_21 */
-+
-+ ixs->ipsp->ips_comp_ratio_cbytes += ntohs(ixs->iph->tot_len);
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if (debug_tunnel & DB_TN_CROUT)
-+ {
-+ if (old_tot_len > ntohs(ixs->iph->tot_len))
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_encap_once: "
-+ "packet shrunk from %d to %d bytes after compression, cpi=%04x (should be from spi=%08x, spi&0xffff=%04x.\n",
-+ old_tot_len, ntohs(ixs->iph->tot_len),
-+ ntohs(((struct ipcomphdr*)(((char*)ixs->iph) + ((ixs->iph->ihl) << 2)))->ipcomp_cpi),
-+ ntohl(ixs->ipsp->ips_said.spi),
-+ (__u16)(ntohl(ixs->ipsp->ips_said.spi) & 0x0000ffff));
-+ else
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_encap_once: "
-+ "packet did not compress (flags = %d).\n",
-+ flags);
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ }
-+ break;
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+ default:
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_BADPROTO;
-+ }
-+
-+#ifdef NET_21
-+ skb_set_network_header(ixs->skb, ipsec_skb_offset(ixs->skb, ixs->skb->data));
-+
-+#else /* NET_21 */
-+ ixs->skb->ip_hdr = ixs->skb->h.iph = (struct iphdr *) ixs->skb->data;
-+#endif /* NET_21 */
-+ ixs->iph->check = 0;
-+ ixs->iph->check = ip_fast_csum((unsigned char *)ixs->iph, ixs->iph->ihl);
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_encap_once: "
-+ "after <%s%s%s>, SA:%s:\n",
-+ IPS_XFORM_NAME(ixs->ipsp),
-+ ixs->sa_len ? ixs->sa_txt : " (error)");
-+ KLIPS_IP_PRINT(debug_tunnel & DB_TN_XMIT, ixs->iph);
-+
-+ ixs->ipsp->ips_life.ipl_bytes.ipl_count += len;
-+ ixs->ipsp->ips_life.ipl_bytes.ipl_last = len;
-+
-+ if(!ixs->ipsp->ips_life.ipl_usetime.ipl_count) {
-+ ixs->ipsp->ips_life.ipl_usetime.ipl_count = jiffies / HZ;
-+ }
-+ ixs->ipsp->ips_life.ipl_usetime.ipl_last = jiffies / HZ;
-+ ixs->ipsp->ips_life.ipl_packets.ipl_count++;
-+
-+ ixs->ipsp = ixs->ipsp->ips_onext;
-+
-+ return IPSEC_XMIT_OK;
-+}
-+
-+/*
-+ * If the IP packet (iph) is a carrying TCP/UDP, then set the encaps
-+ * source and destination ports to those from the TCP/UDP header.
-+ */
-+void ipsec_extract_ports(struct iphdr * iph, struct sockaddr_encap * er)
-+{
-+ struct udphdr *udp;
-+
-+ switch (iph->protocol) {
-+ case IPPROTO_UDP:
-+ case IPPROTO_TCP:
-+ /*
-+ * The ports are at the same offsets in a TCP and UDP
-+ * header so hack it ...
-+ */
-+ udp = (struct udphdr*)(((char*)iph)+(iph->ihl<<2));
-+ er->sen_sport = udp->source;
-+ er->sen_dport = udp->dest;
-+ break;
-+ default:
-+ er->sen_sport = 0;
-+ er->sen_dport = 0;
-+ break;
-+ }
-+}
-+
-+/*
-+ * A TRAP eroute is installed and we want to replace it with a HOLD
-+ * eroute.
-+ */
-+static int create_hold_eroute(struct eroute *origtrap,
-+ struct sk_buff * skb, struct iphdr * iph,
-+ uint32_t eroute_pid)
-+{
-+ struct eroute hold_eroute;
-+ ip_said hold_said;
-+ struct sk_buff *first, *last;
-+ int error;
-+
-+ first = last = NULL;
-+ memset((caddr_t)&hold_eroute, 0, sizeof(hold_eroute));
-+ memset((caddr_t)&hold_said, 0, sizeof(hold_said));
-+
-+ hold_said.proto = IPPROTO_INT;
-+ hold_said.spi = htonl(SPI_HOLD);
-+ hold_said.dst.u.v4.sin_addr.s_addr = INADDR_ANY;
-+
-+ hold_eroute.er_eaddr.sen_len = sizeof(struct sockaddr_encap);
-+ hold_eroute.er_emask.sen_len = sizeof(struct sockaddr_encap);
-+ hold_eroute.er_eaddr.sen_family = AF_ENCAP;
-+ hold_eroute.er_emask.sen_family = AF_ENCAP;
-+ hold_eroute.er_eaddr.sen_type = SENT_IP4;
-+ hold_eroute.er_emask.sen_type = 255;
-+
-+ hold_eroute.er_eaddr.sen_ip_src.s_addr = iph->saddr;
-+ hold_eroute.er_eaddr.sen_ip_dst.s_addr = iph->daddr;
-+ hold_eroute.er_emask.sen_ip_src.s_addr = INADDR_BROADCAST;
-+ hold_eroute.er_emask.sen_ip_dst.s_addr = INADDR_BROADCAST;
-+ hold_eroute.er_emask.sen_sport = 0;
-+ hold_eroute.er_emask.sen_dport = 0;
-+ hold_eroute.er_pid = eroute_pid;
-+ hold_eroute.er_count = 0;
-+ hold_eroute.er_lasttime = jiffies/HZ;
-+
-+ /*
-+ * if it wasn't captured by a wildcard, then don't record it as
-+ * a wildcard.
-+ */
-+ if(origtrap->er_eaddr.sen_proto != 0) {
-+ hold_eroute.er_eaddr.sen_proto = iph->protocol;
-+
-+ if((iph->protocol == IPPROTO_TCP ||
-+ iph->protocol == IPPROTO_UDP) &&
-+ (origtrap->er_eaddr.sen_sport != 0 ||
-+ origtrap->er_eaddr.sen_dport != 0)) {
-+
-+ if(origtrap->er_eaddr.sen_sport != 0)
-+ hold_eroute.er_emask.sen_sport = ~0;
-+
-+ if(origtrap->er_eaddr.sen_dport != 0)
-+ hold_eroute.er_emask.sen_dport = ~0;
-+
-+ ipsec_extract_ports(iph, &hold_eroute.er_eaddr);
-+ }
-+ }
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if (debug_pfkey) {
-+ char buf1[64], buf2[64];
-+ subnettoa(hold_eroute.er_eaddr.sen_ip_src,
-+ hold_eroute.er_emask.sen_ip_src, 0, buf1, sizeof(buf1));
-+ subnettoa(hold_eroute.er_eaddr.sen_ip_dst,
-+ hold_eroute.er_emask.sen_ip_dst, 0, buf2, sizeof(buf2));
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:ipsec_tunnel_start_xmit: "
-+ "calling breakeroute and makeroute for %s:%d->%s:%d %d HOLD eroute.\n",
-+ buf1, ntohs(hold_eroute.er_eaddr.sen_sport),
-+ buf2, ntohs(hold_eroute.er_eaddr.sen_dport),
-+ hold_eroute.er_eaddr.sen_proto);
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ if (ipsec_breakroute(&(hold_eroute.er_eaddr), &(hold_eroute.er_emask),
-+ &first, &last)) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:ipsec_tunnel_start_xmit: "
-+ "HOLD breakeroute found nothing.\n");
-+ } else {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:ipsec_tunnel_start_xmit: "
-+ "HOLD breakroute deleted %u.%u.%u.%u:%u -> %u.%u.%u.%u:%u %u\n",
-+ NIPQUAD(hold_eroute.er_eaddr.sen_ip_src),
-+ ntohs(hold_eroute.er_eaddr.sen_sport),
-+ NIPQUAD(hold_eroute.er_eaddr.sen_ip_dst),
-+ ntohs(hold_eroute.er_eaddr.sen_dport),
-+ hold_eroute.er_eaddr.sen_proto);
-+ }
-+ if (first != NULL)
-+ kfree_skb(first);
-+ if (last != NULL)
-+ kfree_skb(last);
-+
-+ error = ipsec_makeroute(&(hold_eroute.er_eaddr),
-+ &(hold_eroute.er_emask),
-+ hold_said, eroute_pid, skb, NULL, NULL);
-+ if (error) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:ipsec_tunnel_start_xmit: "
-+ "HOLD makeroute returned %d, failed.\n", error);
-+ } else {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:ipsec_tunnel_start_xmit: "
-+ "HOLD makeroute call successful.\n");
-+ }
-+ return (error == 0);
-+}
-+
-+/*
-+ * upon entry to this function, ixs->skb should be setup
-+ * as follows:
-+ *
-+ * data = beginning of IP packet <- differs from ipsec_rcv().
-+ * nh.raw = beginning of IP packet.
-+ * h.raw = data after the IP packet.
-+ *
-+ */
-+enum ipsec_xmit_value
-+ipsec_xmit_encap_bundle(struct ipsec_xmit_state *ixs)
-+{
-+#ifdef CONFIG_KLIPS_ALG
-+ struct ipsec_alg_enc *ixt_e = NULL;
-+ struct ipsec_alg_auth *ixt_a = NULL;
-+ int blocksize = 8;
-+#endif
-+ enum ipsec_xmit_value bundle_stat = IPSEC_XMIT_OK;
-+
-+ ixs->newdst = ixs->orgdst = ixs->iph->daddr;
-+ ixs->newsrc = ixs->orgsrc = ixs->iph->saddr;
-+ ixs->orgedst = ixs->outgoing_said.dst.u.v4.sin_addr.s_addr;
-+ ixs->iphlen = ixs->iph->ihl << 2;
-+ ixs->pyldsz = ntohs(ixs->iph->tot_len) - ixs->iphlen;
-+ ixs->max_headroom = ixs->max_tailroom = 0;
-+
-+ if (ixs->outgoing_said.proto == IPPROTO_INT) {
-+ switch (ntohl(ixs->outgoing_said.spi)) {
-+ case SPI_DROP:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "shunt SA of DROP or no eroute: dropping.\n");
-+ ixs->stats->tx_dropped++;
-+ break;
-+
-+ case SPI_REJECT:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "shunt SA of REJECT: notifying and dropping.\n");
-+ ICMP_SEND(ixs->skb,
-+ ICMP_DEST_UNREACH,
-+ ICMP_PKT_FILTERED,
-+ 0,
-+ ixs->physdev);
-+ ixs->stats->tx_dropped++;
-+ break;
-+
-+ case SPI_PASS:
-+#ifdef NET_21
-+ ixs->pass = 1;
-+#endif /* NET_21 */
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "PASS: calling dev_queue_xmit\n");
-+ return IPSEC_XMIT_PASS;
-+ goto cleanup;
-+
-+ case SPI_HOLD:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "shunt SA of HOLD: this does not make sense here, dropping.\n");
-+ ixs->stats->tx_dropped++;
-+ break;
-+
-+ case SPI_TRAP:
-+ case SPI_TRAPSUBNET:
-+ {
-+ struct sockaddr_in src, dst;
-+#ifdef CONFIG_KLIPS_DEBUG
-+ char bufsrc[ADDRTOA_BUF], bufdst[ADDRTOA_BUF];
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ /* Signal all listening KMds with a PF_KEY ACQUIRE */
-+
-+ memset(&src, 0, sizeof(src));
-+ memset(&dst, 0, sizeof(dst));
-+ src.sin_family = AF_INET;
-+ dst.sin_family = AF_INET;
-+ src.sin_addr.s_addr = ixs->iph->saddr;
-+ dst.sin_addr.s_addr = ixs->iph->daddr;
-+
-+ ixs->ips.ips_transport_protocol = 0;
-+ src.sin_port = 0;
-+ dst.sin_port = 0;
-+
-+ if(ixs->eroute->er_eaddr.sen_proto != 0) {
-+ ixs->ips.ips_transport_protocol = ixs->iph->protocol;
-+
-+ if(ixs->eroute->er_eaddr.sen_sport != 0) {
-+ src.sin_port =
-+ (ixs->iph->protocol == IPPROTO_UDP
-+ ? ((struct udphdr*) (((caddr_t)ixs->iph) + (ixs->iph->ihl << 2)))->source
-+ : (ixs->iph->protocol == IPPROTO_TCP
-+ ? ((struct tcphdr*)((caddr_t)ixs->iph + (ixs->iph->ihl << 2)))->source
-+ : 0));
-+ }
-+ if(ixs->eroute->er_eaddr.sen_dport != 0) {
-+ dst.sin_port =
-+ (ixs->iph->protocol == IPPROTO_UDP
-+ ? ((struct udphdr*) (((caddr_t)ixs->iph) + (ixs->iph->ihl << 2)))->dest
-+ : (ixs->iph->protocol == IPPROTO_TCP
-+ ? ((struct tcphdr*)((caddr_t)ixs->iph + (ixs->iph->ihl << 2)))->dest
-+ : 0));
-+ }
-+ }
-+
-+ ixs->ips.ips_addr_s = (struct sockaddr*)(&src);
-+ ixs->ips.ips_addr_d = (struct sockaddr*)(&dst);
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "SADB_ACQUIRE sent with src=%s:%d, dst=%s:%d, proto=%d.\n",
-+ addrtoa(((struct sockaddr_in*)(ixs->ips.ips_addr_s))->sin_addr, 0, bufsrc, sizeof(bufsrc)) <= ADDRTOA_BUF ? bufsrc : "BAD_ADDR",
-+ ntohs(((struct sockaddr_in*)(ixs->ips.ips_addr_s))->sin_port),
-+ addrtoa(((struct sockaddr_in*)(ixs->ips.ips_addr_d))->sin_addr, 0, bufdst, sizeof(bufdst)) <= ADDRTOA_BUF ? bufdst : "BAD_ADDR",
-+ ntohs(((struct sockaddr_in*)(ixs->ips.ips_addr_d))->sin_port),
-+ ixs->ips.ips_said.proto);
-+
-+ /* increment count of total traps needed */
-+ ipsec_xmit_trap_count++;
-+
-+ if (pfkey_acquire(&ixs->ips) == 0) {
-+
-+ /* note that we succeeded */
-+ ipsec_xmit_trap_sendcount++;
-+
-+ if (ixs->outgoing_said.spi==htonl(SPI_TRAPSUBNET)) {
-+ /*
-+ * The spinlock is to prevent any other
-+ * process from accessing or deleting
-+ * the eroute while we are using and
-+ * updating it.
-+ */
-+ spin_lock(&eroute_lock);
-+ ixs->eroute = ipsec_findroute(&ixs->matcher);
-+ if(ixs->eroute) {
-+ ixs->eroute->er_said.spi = htonl(SPI_HOLD);
-+ ixs->eroute->er_first = ixs->skb;
-+ ixs->skb = NULL;
-+ }
-+ spin_unlock(&eroute_lock);
-+ } else if (create_hold_eroute(ixs->eroute,
-+ ixs->skb,
-+ ixs->iph,
-+ ixs->eroute_pid)) {
-+ ixs->skb = NULL;
-+ }
-+ /* whether or not the above succeeded, we continue */
-+
-+ }
-+ ixs->stats->tx_dropped++;
-+ }
-+ default:
-+ /* XXX what do we do with an unknown shunt spi? */
-+ break;
-+ } /* switch (ntohl(ixs->outgoing_said.spi)) */
-+ return IPSEC_XMIT_STOLEN;
-+ } /* if (ixs->outgoing_said.proto == IPPROTO_INT) */
-+
-+ /*
-+ The spinlock is to prevent any other process from
-+ accessing or deleting the ipsec_sa hash table or any of the
-+ ipsec_sa s while we are using and updating them.
-+
-+ This is not optimal, but was relatively straightforward
-+ at the time. A better way to do it has been planned for
-+ more than a year, to lock the hash table and put reference
-+ counts on each ipsec_sa instead. This is not likely to happen
-+ in KLIPS1 unless a volunteer contributes it, but will be
-+ designed into KLIPS2.
-+ */
-+ spin_lock(&tdb_lock);
-+
-+ ixs->ipsp = ipsec_sa_getbyid(&ixs->outgoing_said);
-+ ixs->sa_len = KLIPS_SATOT(debug_tunnel, &ixs->outgoing_said, 0, ixs->sa_txt, sizeof(ixs->sa_txt));
-+
-+ if (ixs->ipsp == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "no ipsec_sa for SA%s: outgoing packet with no SA, dropped.\n",
-+ ixs->sa_len ? ixs->sa_txt : " (error)");
-+ if(ixs->stats) {
-+ ixs->stats->tx_dropped++;
-+ }
-+ bundle_stat = IPSEC_XMIT_SAIDNOTFOUND;
-+ goto cleanup;
-+ }
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "found ipsec_sa -- SA:<%s%s%s> %s\n",
-+ IPS_XFORM_NAME(ixs->ipsp),
-+ ixs->sa_len ? ixs->sa_txt : " (error)");
-+
-+ /*
-+ * How much headroom do we need to be able to apply
-+ * all the grouped transforms?
-+ */
-+ ixs->ipsq = ixs->ipsp; /* save the head of the ipsec_sa chain */
-+ while (ixs->ipsp) {
-+ if (debug_tunnel & DB_TN_XMIT) {
-+ ixs->sa_len = KLIPS_SATOT(debug_tunnel, &ixs->ipsp->ips_said, 0, ixs->sa_txt, sizeof(ixs->sa_txt));
-+ if(ixs->sa_len == 0) {
-+ strcpy(ixs->sa_txt, "(error)");
-+ }
-+ } else {
-+ *ixs->sa_txt = 0;
-+ ixs->sa_len = 0;
-+ }
-+
-+ /* If it is in larval state, drop the packet, we cannot process yet. */
-+ if(ixs->ipsp->ips_state == SADB_SASTATE_LARVAL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "ipsec_sa in larval state for SA:<%s%s%s> %s, cannot be used yet, dropping packet.\n",
-+ IPS_XFORM_NAME(ixs->ipsp),
-+ ixs->sa_len ? ixs->sa_txt : " (error)");
-+ if(ixs->stats) {
-+ ixs->stats->tx_errors++;
-+ }
-+ bundle_stat = IPSEC_XMIT_SAIDNOTLIVE;
-+ goto cleanup;
-+ }
-+
-+ if(ixs->ipsp->ips_state == SADB_SASTATE_DEAD) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "ipsec_sa in dead state for SA:<%s%s%s> %s, can no longer be used, dropping packet.\n",
-+ IPS_XFORM_NAME(ixs->ipsp),
-+ ixs->sa_len ? ixs->sa_txt : " (error)");
-+ ixs->stats->tx_errors++;
-+ bundle_stat = IPSEC_XMIT_SAIDNOTLIVE;
-+ goto cleanup;
-+ }
-+
-+ /* If the replay window counter == -1, expire SA, it will roll */
-+ if(ixs->ipsp->ips_replaywin && ixs->ipsp->ips_replaywin_lastseq == -1) {
-+ pfkey_expire(ixs->ipsp, 1);
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "replay window counter rolled for SA:<%s%s%s> %s, packet dropped, expiring SA.\n",
-+ IPS_XFORM_NAME(ixs->ipsp),
-+ ixs->sa_len ? ixs->sa_txt : " (error)");
-+ ipsec_sa_delchain(ixs->ipsp);
-+ ixs->stats->tx_errors++;
-+ bundle_stat = IPSEC_XMIT_REPLAYROLLED;
-+ goto cleanup;
-+ }
-+
-+ /*
-+ * if this is the first time we are using this SA, mark start time,
-+ * and offset hard/soft counters by "now" for later checking.
-+ */
-+#if 0
-+ if(ixs->ipsp->ips_life.ipl_usetime.count == 0) {
-+ ixs->ipsp->ips_life.ipl_usetime.count = jiffies;
-+ ixs->ipsp->ips_life.ipl_usetime.hard += jiffies;
-+ ixs->ipsp->ips_life.ipl_usetime.soft += jiffies;
-+ }
-+#endif
-+
-+
-+ if(ipsec_lifetime_check(&ixs->ipsp->ips_life.ipl_bytes, "bytes", ixs->sa_txt,
-+ ipsec_life_countbased, ipsec_outgoing, ixs->ipsp) == ipsec_life_harddied ||
-+ ipsec_lifetime_check(&ixs->ipsp->ips_life.ipl_addtime, "addtime",ixs->sa_txt,
-+ ipsec_life_timebased, ipsec_outgoing, ixs->ipsp) == ipsec_life_harddied ||
-+ ipsec_lifetime_check(&ixs->ipsp->ips_life.ipl_usetime, "usetime",ixs->sa_txt,
-+ ipsec_life_timebased, ipsec_outgoing, ixs->ipsp) == ipsec_life_harddied ||
-+ ipsec_lifetime_check(&ixs->ipsp->ips_life.ipl_packets, "packets",ixs->sa_txt,
-+ ipsec_life_countbased, ipsec_outgoing, ixs->ipsp) == ipsec_life_harddied) {
-+
-+ ipsec_sa_delchain(ixs->ipsp);
-+ ixs->stats->tx_errors++;
-+ bundle_stat = IPSEC_XMIT_LIFETIMEFAILED;
-+ goto cleanup;
-+ }
-+
-+
-+ ixs->headroom = ixs->tailroom = 0;
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "calling room for <%s%s%s>, SA:%s\n",
-+ IPS_XFORM_NAME(ixs->ipsp),
-+ ixs->sa_len ? ixs->sa_txt : " (error)");
-+ switch(ixs->ipsp->ips_said.proto) {
-+#ifdef CONFIG_KLIPS_AH
-+ case IPPROTO_AH:
-+ ixs->headroom += sizeof(struct ahhdr);
-+ break;
-+#endif /* CONFIG_KLIPS_AH */
-+#ifdef CONFIG_KLIPS_ESP
-+ case IPPROTO_ESP:
-+ ixt_e=ixs->ipsp->ips_alg_enc;
-+ if (ixt_e) {
-+ blocksize = ixt_e->ixt_common.ixt_blocksize;
-+ ixs->headroom += ESP_HEADER_LEN + ixt_e->ixt_common.ixt_support.ias_ivlen/8;
-+ }
-+ else {
-+ ixs->stats->tx_errors++;
-+ bundle_stat = IPSEC_XMIT_ESP_BADALG;
-+ goto cleanup;
-+ }
-+
-+ if ((ixt_a=ixs->ipsp->ips_alg_auth)) {
-+ ixs->tailroom += AHHMAC_HASHLEN;
-+ } else
-+ switch(ixs->ipsp->ips_authalg) {
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_MD5
-+ case AH_MD5:
-+ ixs->tailroom += AHHMAC_HASHLEN;
-+ break;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_MD5 */
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_SHA1
-+ case AH_SHA:
-+ ixs->tailroom += AHHMAC_HASHLEN;
-+ break;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_SHA1 */
-+ case AH_NONE:
-+ break;
-+ default:
-+ ixs->stats->tx_errors++;
-+ bundle_stat = IPSEC_XMIT_AH_BADALG;
-+ goto cleanup;
-+ }
-+ ixs->tailroom += blocksize != 1 ?
-+ ((blocksize - ((ixs->pyldsz + 2) % blocksize)) % blocksize) + 2 :
-+ ((4 - ((ixs->pyldsz + 2) % 4)) % 4) + 2;
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ if ((ixs->ipsp->ips_natt_type) && (!ixs->natt_type)) {
-+ ixs->natt_type = ixs->ipsp->ips_natt_type;
-+ ixs->natt_sport = ixs->ipsp->ips_natt_sport;
-+ ixs->natt_dport = ixs->ipsp->ips_natt_dport;
-+ switch (ixs->natt_type) {
-+ case ESPINUDP_WITH_NON_IKE:
-+ ixs->natt_head = sizeof(struct udphdr)+(2*sizeof(__u32));
-+ break;
-+
-+ case ESPINUDP_WITH_NON_ESP:
-+ ixs->natt_head = sizeof(struct udphdr);
-+ break;
-+
-+ default:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT
-+ , "klips_xmit: invalid nat-t type %d"
-+ , ixs->natt_type);
-+ bundle_stat = IPSEC_XMIT_ESPUDP_BADTYPE;
-+ goto cleanup;
-+
-+ break;
-+ }
-+ ixs->tailroom += ixs->natt_head;
-+ }
-+#endif
-+ break;
-+#endif /* !CONFIG_KLIPS_ESP */
-+#ifdef CONFIG_KLIPS_IPIP
-+ case IPPROTO_IPIP:
-+ ixs->headroom += sizeof(struct iphdr);
-+ break;
-+#endif /* !CONFIG_KLIPS_IPIP */
-+ case IPPROTO_COMP:
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ /*
-+ We can't predict how much the packet will
-+ shrink without doing the actual compression.
-+ We could do it here, if we were the first
-+ encapsulation in the chain. That might save
-+ us a skb_copy_expand, since we might fit
-+ into the existing skb then. However, this
-+ would be a bit unclean (and this hack has
-+ bit us once), so we better not do it. After
-+ all, the skb_copy_expand is cheap in
-+ comparison to the actual compression.
-+ At least we know the packet will not grow.
-+ */
-+ break;
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+ default:
-+ ixs->stats->tx_errors++;
-+ bundle_stat = IPSEC_XMIT_BADPROTO;
-+ goto cleanup;
-+ }
-+ ixs->ipsp = ixs->ipsp->ips_onext;
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "Required head,tailroom: %d,%d\n",
-+ ixs->headroom, ixs->tailroom);
-+ ixs->max_headroom += ixs->headroom;
-+ ixs->max_tailroom += ixs->tailroom;
-+ ixs->pyldsz += (ixs->headroom + ixs->tailroom);
-+ }
-+ ixs->ipsp = ixs->ipsq; /* restore the head of the ipsec_sa chain */
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "existing head,tailroom: %d,%d before applying xforms with head,tailroom: %d,%d .\n",
-+ skb_headroom(ixs->skb), skb_tailroom(ixs->skb),
-+ ixs->max_headroom, ixs->max_tailroom);
-+
-+ ixs->tot_headroom += ixs->max_headroom;
-+ ixs->tot_tailroom += ixs->max_tailroom;
-+
-+ ixs->mtudiff = ixs->cur_mtu + ixs->tot_headroom + ixs->tot_tailroom - ixs->physmtu;
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "mtu:%d physmtu:%d tothr:%d tottr:%d mtudiff:%d ippkttotlen:%d\n",
-+ ixs->cur_mtu, ixs->physmtu,
-+ ixs->tot_headroom, ixs->tot_tailroom, ixs->mtudiff, ntohs(ixs->iph->tot_len));
-+ if(ixs->cur_mtu == 0 || ixs->mtudiff > 0) {
-+ int newmtu = ixs->physmtu - (ixs->tot_headroom + ((ixs->tot_tailroom + 2) & ~7) + 5);
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_info:ipsec_xmit_encap_bundle: "
-+ "dev %s mtu of %d decreased by %d to %d\n",
-+ ixs->dev ? ixs->dev->name : "ifX",
-+ ixs->cur_mtu,
-+ ixs->cur_mtu - newmtu,
-+ newmtu);
-+ ixs->cur_mtu = newmtu;
-+
-+ /* this would seem to adjust the MTU of the route as well */
-+#if 0
-+ ixs->skb->dst->pmtu = ixs->prv->mtu; /* RGB */
-+#endif /* 0 */
-+ }
-+
-+ /*
-+ If the sender is doing PMTU discovery, and the
-+ packet doesn't fit within ixs->prv->mtu, notify him
-+ (unless it was an ICMP packet, or it was not the
-+ zero-offset packet) and send it anyways.
-+
-+ Note: buggy firewall configuration may prevent the
-+ ICMP packet from getting back.
-+ */
-+ if(sysctl_ipsec_icmp
-+ && ixs->cur_mtu < ntohs(ixs->iph->tot_len)
-+ && (ixs->iph->frag_off & __constant_htons(IP_DF)) ) {
-+ int notify = ixs->iph->protocol != IPPROTO_ICMP
-+ && (ixs->iph->frag_off & __constant_htons(IP_OFFSET)) == 0;
-+
-+#ifdef IPSEC_obey_DF
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "fragmentation needed and DF set; %sdropping packet\n",
-+ notify ? "sending ICMP and " : "");
-+ if (notify)
-+ ICMP_SEND(ixs->skb,
-+ ICMP_DEST_UNREACH,
-+ ICMP_FRAG_NEEDED,
-+ ixs->cur_mtu,
-+ ixs->physdev);
-+ ixs->stats->tx_errors++;
-+ bundle_stat = IPSEC_XMIT_CANNOTFRAG;
-+ goto cleanup;
-+#else /* IPSEC_obey_DF */
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "fragmentation needed and DF set; %spassing packet\n",
-+ notify ? "sending ICMP and " : "");
-+ if (notify)
-+ ICMP_SEND(ixs->skb,
-+ ICMP_DEST_UNREACH,
-+ ICMP_FRAG_NEEDED,
-+ ixs->cur_mtu,
-+ ixs->physdev);
-+#endif /* IPSEC_obey_DF */
-+ }
-+
-+#ifdef MSS_HACK
-+ /*
-+ * If this is a transport mode TCP packet with
-+ * SYN set, determine an effective MSS based on
-+ * AH/ESP overheads determined above.
-+ */
-+ if (ixs->iph->protocol == IPPROTO_TCP
-+ && ixs->outgoing_said.proto != IPPROTO_IPIP) {
-+ struct tcphdr *tcph = ixs->skb->h.th;
-+ if (tcph->syn && !tcph->ack) {
-+ if(!ipsec_adjust_mss(ixs->skb, tcph, ixs->cur_mtu)) {
-+ printk(KERN_WARNING
-+ "klips_warning:ipsec_xmit_encap_bundle: "
-+ "ipsec_adjust_mss() failed\n");
-+ ixs->stats->tx_errors++;
-+ bundle_stat = IPSEC_XMIT_MSSERR;
-+ goto cleanup;
-+ }
-+ }
-+ }
-+#endif /* MSS_HACK */
-+
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ if ((ixs->natt_type) && (ixs->outgoing_said.proto != IPPROTO_IPIP)) {
-+ /**
-+ * NAT-Traversal and Transport Mode:
-+ * we need to correct TCP/UDP checksum
-+ *
-+ * If we've got NAT-OA, we can fix checksum without recalculation.
-+ * If we don't we can zero udp checksum.
-+ */
-+ __u32 natt_oa = ixs->ipsp->ips_natt_oa ?
-+ ((struct sockaddr_in*)(ixs->ipsp->ips_natt_oa))->sin_addr.s_addr : 0;
-+ unsigned int pkt_len = skb_tail_pointer(ixs->skb) - (unsigned char *)ixs->iph;
-+ __u16 data_len = pkt_len - (ixs->iph->ihl << 2);
-+ switch (ixs->iph->protocol) {
-+ case IPPROTO_TCP:
-+ if (data_len >= sizeof(struct tcphdr)) {
-+ struct tcphdr *tcp = (struct tcphdr *)((__u32 *)ixs->iph+ixs->iph->ihl);
-+ if (natt_oa) {
-+ __u32 buff[2] = { ~ixs->iph->daddr, natt_oa };
-+ KLIPS_PRINT(debug_tunnel,
-+ "klips_debug:ipsec_tunnel_start_xmit: "
-+ "NAT-T & TRANSPORT: "
-+ "fix TCP checksum using NAT-OA\n");
-+ tcp->check = csum_fold(
-+ csum_partial((unsigned char *)buff, sizeof(buff),
-+ tcp->check^0xffff));
-+ }
-+ else {
-+ KLIPS_PRINT(debug_tunnel,
-+ "klips_debug:ipsec_tunnel_start_xmit: "
-+ "NAT-T & TRANSPORT: do not recalc TCP checksum\n");
-+ }
-+ }
-+ else {
-+ KLIPS_PRINT(debug_tunnel,
-+ "klips_debug:ipsec_tunnel_start_xmit: "
-+ "NAT-T & TRANSPORT: can't fix TCP checksum\n");
-+ }
-+ break;
-+ case IPPROTO_UDP:
-+ if (data_len >= sizeof(struct udphdr)) {
-+ struct udphdr *udp = (struct udphdr *)((__u32 *)ixs->iph+ixs->iph->ihl);
-+ if (udp->check == 0) {
-+ KLIPS_PRINT(debug_tunnel,
-+ "klips_debug:ipsec_tunnel_start_xmit: "
-+ "NAT-T & TRANSPORT: UDP checksum already 0\n");
-+ }
-+ else if (natt_oa) {
-+ __u32 buff[2] = { ~ixs->iph->daddr, natt_oa };
-+ KLIPS_PRINT(debug_tunnel,
-+ "klips_debug:ipsec_tunnel_start_xmit: "
-+ "NAT-T & TRANSPORT: "
-+ "fix UDP checksum using NAT-OA\n");
-+ udp->check = csum_fold(
-+ csum_partial((unsigned char *)buff, sizeof(buff),
-+ udp->check^0xffff));
-+ }
-+ else {
-+ KLIPS_PRINT(debug_tunnel,
-+ "klips_debug:ipsec_tunnel_start_xmit: "
-+ "NAT-T & TRANSPORT: zero UDP checksum\n");
-+ udp->check = 0;
-+ }
-+ }
-+ else {
-+ KLIPS_PRINT(debug_tunnel,
-+ "klips_debug:ipsec_tunnel_start_xmit: "
-+ "NAT-T & TRANSPORT: can't fix UDP checksum\n");
-+ }
-+ break;
-+ default:
-+ KLIPS_PRINT(debug_tunnel,
-+ "klips_debug:ipsec_tunnel_start_xmit: "
-+ "NAT-T & TRANSPORT: non TCP/UDP packet -- do nothing\n");
-+ break;
-+ }
-+ }
-+#endif /* CONFIG_IPSEC_NAT_TRAVERSAL */
-+
-+ if(!ixs->hard_header_stripped && ixs->hard_header_len>0) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "allocating %d bytes for hardheader.\n",
-+ ixs->hard_header_len);
-+ if((ixs->saved_header = kmalloc(ixs->hard_header_len, GFP_ATOMIC)) == NULL) {
-+ printk(KERN_WARNING "klips_debug:ipsec_xmit_encap_bundle: "
-+ "Failed, tried to allocate %d bytes for temp hard_header.\n",
-+ ixs->hard_header_len);
-+ ixs->stats->tx_errors++;
-+ bundle_stat = IPSEC_XMIT_ERRMEMALLOC;
-+ goto cleanup;
-+ }
-+ {
-+ int i;
-+ for (i = 0; i < ixs->hard_header_len; i++) {
-+ ixs->saved_header[i] = ixs->skb->data[i];
-+ }
-+ }
-+ if(ixs->skb->len < ixs->hard_header_len) {
-+ printk(KERN_WARNING "klips_error:ipsec_xmit_encap_bundle: "
-+ "tried to skb_pull hhlen=%d, %d available. This should never happen, please report.\n",
-+ ixs->hard_header_len, (int)(ixs->skb->len));
-+ ixs->stats->tx_errors++;
-+ bundle_stat = IPSEC_XMIT_ESP_PUSHPULLERR;
-+ goto cleanup;
-+ }
-+ skb_pull(ixs->skb, ixs->hard_header_len);
-+ ixs->hard_header_stripped = 1;
-+
-+/* ixs->iph = (struct iphdr *) (ixs->skb->data); */
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "head,tailroom: %d,%d after hard_header stripped.\n",
-+ skb_headroom(ixs->skb), skb_tailroom(ixs->skb));
-+ KLIPS_IP_PRINT(debug_tunnel & DB_TN_CROUT, ixs->iph);
-+ } else {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "hard header already stripped.\n");
-+ }
-+
-+ ixs->ll_headroom = (ixs->hard_header_len + 15) & ~15;
-+
-+ if ((skb_headroom(ixs->skb) >= ixs->max_headroom + 2 * ixs->ll_headroom) &&
-+ (skb_tailroom(ixs->skb) >= ixs->max_tailroom)
-+#ifndef NET_21
-+ && ixs->skb->free
-+#endif /* !NET_21 */
-+ ) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "data fits in existing skb\n");
-+ } else {
-+ struct sk_buff* tskb;
-+
-+ if(!ixs->oskb) {
-+ ixs->oskb = ixs->skb;
-+ }
-+
-+ tskb = skb_copy_expand(ixs->skb,
-+ /* The need for 2 * link layer length here remains unexplained...RGB */
-+ ixs->max_headroom + 2 * ixs->ll_headroom,
-+ ixs->max_tailroom,
-+ GFP_ATOMIC);
-+
-+ if(tskb && ixs->skb->sk) {
-+ skb_set_owner_w(tskb, ixs->skb->sk);
-+ }
-+
-+ if(ixs->skb != ixs->oskb) {
-+ ipsec_kfree_skb(ixs->skb);
-+ }
-+ ixs->skb = tskb;
-+ if (!ixs->skb) {
-+ printk(KERN_WARNING
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "Failed, tried to allocate %d head and %d tailroom\n",
-+ ixs->max_headroom, ixs->max_tailroom);
-+ ixs->stats->tx_errors++;
-+ bundle_stat = IPSEC_XMIT_ERRSKBALLOC;
-+ goto cleanup;
-+ }
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "head,tailroom: %d,%d after allocation\n",
-+ skb_headroom(ixs->skb), skb_tailroom(ixs->skb));
-+ }
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(debug_tunnel & DB_TN_ENCAP) {
-+ ipsec_print_ip(ixs->iph);
-+ }
-+#endif
-+
-+ /*
-+ * Apply grouped transforms to packet
-+ */
-+ while (ixs->ipsp) {
-+ enum ipsec_xmit_value encap_stat = IPSEC_XMIT_OK;
-+
-+ encap_stat = ipsec_xmit_encap_once(ixs);
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(debug_tunnel & DB_TN_ENCAP) {
-+ ipsec_print_ip(ixs->iph);
-+ }
-+#endif
-+
-+ if(encap_stat != IPSEC_XMIT_OK) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_encap_bundle: encap_once failed: %d\n",
-+ encap_stat);
-+
-+ bundle_stat = IPSEC_XMIT_ENCAPFAIL;
-+ goto cleanup;
-+ }
-+ }
-+
-+ /* we are done with this SA */
-+ ipsec_sa_put(ixs->ipsp);
-+
-+ /* end encapsulation loop here XXX */
-+ cleanup:
-+ spin_unlock(&tdb_lock);
-+ return bundle_stat;
-+}
-+
-+/*
-+ * $Log: ipsec_xmit.c,v $
-+ * Revision 1.20.2.13 2007-10-30 21:38:56 paul
-+ * Use skb_tail_pointer [dhr]
-+ *
-+ * Revision 1.20.2.12 2007-10-28 00:26:03 paul
-+ * Start of fix for 2.6.22+ kernels and skb_tail_pointer()
-+ *
-+ * Revision 1.20.2.11 2007/10/22 15:40:45 paul
-+ * Missing #ifdef CONFIG_KLIPS_ALG [davidm]
-+ *
-+ * Revision 1.20.2.10 2007/09/05 02:56:10 paul
-+ * Use the new ipsec_kversion macros by David to deal with 2.6.22 kernels.
-+ * Fixes based on David McCullough patch.
-+ *
-+ * Revision 1.20.2.9 2007/07/06 17:18:43 paul
-+ * Fix for authentication field on sent packets has size equals to zero when
-+ * using custom auth algorithms. This is bug #811. Patch by "iamscared".
-+ *
-+ * Revision 1.20.2.8 2006/10/06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.20.2.7 2006/08/24 03:02:01 paul
-+ * Compile fixes for when CONFIG_KLIPS_DEBUG is not set. (bug #642)
-+ *
-+ * Revision 1.20.2.6 2006/07/07 22:09:49 paul
-+ * From: Bart Trojanowski <bart@xelerance.com>
-+ * Removing a left over '#else' that split another '#if/#endif' block in two.
-+ *
-+ * Revision 1.20.2.5 2006/07/07 15:43:17 paul
-+ * From: Bart Trojanowski <bart@xelerance.com>
-+ * improved protocol detection in ipsec_print_ip() -- a debug aid.
-+ *
-+ * Revision 1.20.2.4 2006/04/20 16:33:07 mcr
-+ * remove all of CONFIG_KLIPS_ALG --- one can no longer build without it.
-+ * Fix in-kernel module compilation. Sub-makefiles do not work.
-+ *
-+ * Revision 1.20.2.3 2005/11/29 21:52:57 ken
-+ * Fix for #518 MTU issues
-+ *
-+ * Revision 1.20.2.2 2005/11/27 21:41:03 paul
-+ * Pull down TTL fixes from head. this fixes "Unknown symbol sysctl_ip_default_ttl"in for klips as module.
-+ *
-+ * Revision 1.20.2.1 2005/08/27 23:40:00 paul
-+ * recommited HAVE_SOCK_SECURITY fixes for linux 2.6.13
-+ *
-+ * Revision 1.20 2005/07/12 15:39:27 paul
-+ * include asm/uaccess.h for VERIFY_WRITE
-+ *
-+ * Revision 1.19 2005/05/24 01:02:35 mcr
-+ * some refactoring/simplification of situation where alg
-+ * is not found.
-+ *
-+ * Revision 1.18 2005/05/23 23:52:33 mcr
-+ * adjust comments, add additional debugging.
-+ *
-+ * Revision 1.17 2005/05/23 22:57:23 mcr
-+ * removed explicit 3DES support.
-+ *
-+ * Revision 1.16 2005/05/21 03:29:15 mcr
-+ * fixed warning about unused zeroes if AH is off.
-+ *
-+ * Revision 1.15 2005/05/20 16:47:59 mcr
-+ * include asm/checksum.h to get ip_fast_csum macro.
-+ *
-+ * Revision 1.14 2005/05/11 01:43:03 mcr
-+ * removed "poor-man"s OOP in favour of proper C structures.
-+ *
-+ * Revision 1.13 2005/04/29 05:10:22 mcr
-+ * removed from extraenous includes to make unit testing easier.
-+ *
-+ * Revision 1.12 2005/04/15 01:28:34 mcr
-+ * use ipsec_dmp_block.
-+ *
-+ * Revision 1.11 2005/01/26 00:50:35 mcr
-+ * adjustment of confusion of CONFIG_IPSEC_NAT vs CONFIG_KLIPS_NAT,
-+ * and make sure that NAT_TRAVERSAL is set as well to match
-+ * userspace compiles of code.
-+ *
-+ * Revision 1.10 2004/09/13 17:55:21 ken
-+ * MD5* -> osMD5*
-+ *
-+ * Revision 1.9 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.8 2004/04/06 02:49:26 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.7 2004/02/03 03:13:41 mcr
-+ * mark invalid encapsulation states.
-+ *
-+ * Revision 1.6.2.1 2003/12/22 15:25:52 jjo
-+ * Merged algo-0.8.1-rc11-test1 into alg-branch
-+ *
-+ * Revision 1.6 2003/12/10 01:14:27 mcr
-+ * NAT-traversal patches to KLIPS.
-+ *
-+ * Revision 1.5 2003/10/31 02:27:55 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.4.4.2 2003/10/29 01:37:39 mcr
-+ * when creating %hold from %trap, only make the %hold as
-+ * specific as the %trap was - so if the protocol and ports
-+ * were wildcards, then the %hold will be too.
-+ *
-+ * Revision 1.4.4.1 2003/09/21 13:59:56 mcr
-+ * pre-liminary X.509 patch - does not yet pass tests.
-+ *
-+ * Revision 1.4 2003/06/20 02:28:10 mcr
-+ * misstype of variable name, not detected by module build.
-+ *
-+ * Revision 1.3 2003/06/20 01:42:21 mcr
-+ * added counters to measure how many ACQUIREs we send to pluto,
-+ * and how many are successfully sent.
-+ *
-+ * Revision 1.2 2003/04/03 17:38:35 rgb
-+ * Centralised ipsec_kfree_skb and ipsec_dev_{get,put}.
-+ * Normalised coding style.
-+ * Simplified logic and reduced duplication of code.
-+ *
-+ * Revision 1.1 2003/02/12 19:31:23 rgb
-+ * Refactored from ipsec_tunnel.c
-+ *
-+ * Local Variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/match586.S Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,357 @@
-+/* match.s -- Pentium-optimized version of longest_match()
-+ * Written for zlib 1.1.2
-+ * Copyright (C) 1998 Brian Raiter <breadbox@muppetlabs.com>
-+ *
-+ * This is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License.
-+ */
-+
-+#ifndef NO_UNDERLINE
-+#define match_init _ipcomp_match_init
-+#define longest_match _ipcomp_longest_match
-+#else
-+#define match_init ipcomp_match_init
-+#define longest_match ipcomp_longest_match
-+#endif
-+
-+#define MAX_MATCH (258)
-+#define MIN_MATCH (3)
-+#define MIN_LOOKAHEAD (MAX_MATCH + MIN_MATCH + 1)
-+#define MAX_MATCH_8 ((MAX_MATCH + 7) & ~7)
-+
-+/* stack frame offsets */
-+
-+#define wmask 0 /* local copy of s->wmask */
-+#define window 4 /* local copy of s->window */
-+#define windowbestlen 8 /* s->window + bestlen */
-+#define chainlenscanend 12 /* high word: current chain len */
-+ /* low word: last bytes sought */
-+#define scanstart 16 /* first two bytes of string */
-+#define scanalign 20 /* dword-misalignment of string */
-+#define nicematch 24 /* a good enough match size */
-+#define bestlen 28 /* size of best match so far */
-+#define scan 32 /* ptr to string wanting match */
-+
-+#define LocalVarsSize (36)
-+/* saved ebx 36 */
-+/* saved edi 40 */
-+/* saved esi 44 */
-+/* saved ebp 48 */
-+/* return address 52 */
-+#define deflatestate 56 /* the function arguments */
-+#define curmatch 60
-+
-+/* Offsets for fields in the deflate_state structure. These numbers
-+ * are calculated from the definition of deflate_state, with the
-+ * assumption that the compiler will dword-align the fields. (Thus,
-+ * changing the definition of deflate_state could easily cause this
-+ * program to crash horribly, without so much as a warning at
-+ * compile time. Sigh.)
-+ */
-+#define dsWSize 36
-+#define dsWMask 44
-+#define dsWindow 48
-+#define dsPrev 56
-+#define dsMatchLen 88
-+#define dsPrevMatch 92
-+#define dsStrStart 100
-+#define dsMatchStart 104
-+#define dsLookahead 108
-+#define dsPrevLen 112
-+#define dsMaxChainLen 116
-+#define dsGoodMatch 132
-+#define dsNiceMatch 136
-+
-+
-+.file "match.S"
-+
-+.globl match_init, longest_match
-+
-+.text
-+
-+/* uInt longest_match(deflate_state *deflatestate, IPos curmatch) */
-+
-+longest_match:
-+
-+/* Save registers that the compiler may be using, and adjust %esp to */
-+/* make room for our stack frame. */
-+
-+ pushl %ebp
-+ pushl %edi
-+ pushl %esi
-+ pushl %ebx
-+ subl $LocalVarsSize, %esp
-+
-+/* Retrieve the function arguments. %ecx will hold cur_match */
-+/* throughout the entire function. %edx will hold the pointer to the */
-+/* deflate_state structure during the function's setup (before */
-+/* entering the main loop). */
-+
-+ movl deflatestate(%esp), %edx
-+ movl curmatch(%esp), %ecx
-+
-+/* if ((uInt)nice_match > s->lookahead) nice_match = s->lookahead; */
-+
-+ movl dsNiceMatch(%edx), %eax
-+ movl dsLookahead(%edx), %ebx
-+ cmpl %eax, %ebx
-+ jl LookaheadLess
-+ movl %eax, %ebx
-+LookaheadLess: movl %ebx, nicematch(%esp)
-+
-+/* register Bytef *scan = s->window + s->strstart; */
-+
-+ movl dsWindow(%edx), %esi
-+ movl %esi, window(%esp)
-+ movl dsStrStart(%edx), %ebp
-+ lea (%esi,%ebp), %edi
-+ movl %edi, scan(%esp)
-+
-+/* Determine how many bytes the scan ptr is off from being */
-+/* dword-aligned. */
-+
-+ movl %edi, %eax
-+ negl %eax
-+ andl $3, %eax
-+ movl %eax, scanalign(%esp)
-+
-+/* IPos limit = s->strstart > (IPos)MAX_DIST(s) ? */
-+/* s->strstart - (IPos)MAX_DIST(s) : NIL; */
-+
-+ movl dsWSize(%edx), %eax
-+ subl $MIN_LOOKAHEAD, %eax
-+ subl %eax, %ebp
-+ jg LimitPositive
-+ xorl %ebp, %ebp
-+LimitPositive:
-+
-+/* unsigned chain_length = s->max_chain_length; */
-+/* if (s->prev_length >= s->good_match) { */
-+/* chain_length >>= 2; */
-+/* } */
-+
-+ movl dsPrevLen(%edx), %eax
-+ movl dsGoodMatch(%edx), %ebx
-+ cmpl %ebx, %eax
-+ movl dsMaxChainLen(%edx), %ebx
-+ jl LastMatchGood
-+ shrl $2, %ebx
-+LastMatchGood:
-+
-+/* chainlen is decremented once beforehand so that the function can */
-+/* use the sign flag instead of the zero flag for the exit test. */
-+/* It is then shifted into the high word, to make room for the scanend */
-+/* scanend value, which it will always accompany. */
-+
-+ decl %ebx
-+ shll $16, %ebx
-+
-+/* int best_len = s->prev_length; */
-+
-+ movl dsPrevLen(%edx), %eax
-+ movl %eax, bestlen(%esp)
-+
-+/* Store the sum of s->window + best_len in %esi locally, and in %esi. */
-+
-+ addl %eax, %esi
-+ movl %esi, windowbestlen(%esp)
-+
-+/* register ush scan_start = *(ushf*)scan; */
-+/* register ush scan_end = *(ushf*)(scan+best_len-1); */
-+
-+ movw (%edi), %bx
-+ movw %bx, scanstart(%esp)
-+ movw -1(%edi,%eax), %bx
-+ movl %ebx, chainlenscanend(%esp)
-+
-+/* Posf *prev = s->prev; */
-+/* uInt wmask = s->w_mask; */
-+
-+ movl dsPrev(%edx), %edi
-+ movl dsWMask(%edx), %edx
-+ mov %edx, wmask(%esp)
-+
-+/* Jump into the main loop. */
-+
-+ jmp LoopEntry
-+
-+.balign 16
-+
-+/* do {
-+ * match = s->window + cur_match;
-+ * if (*(ushf*)(match+best_len-1) != scan_end ||
-+ * *(ushf*)match != scan_start) continue;
-+ * [...]
-+ * } while ((cur_match = prev[cur_match & wmask]) > limit
-+ * && --chain_length != 0);
-+ *
-+ * Here is the inner loop of the function. The function will spend the
-+ * majority of its time in this loop, and majority of that time will
-+ * be spent in the first ten instructions.
-+ *
-+ * Within this loop:
-+ * %ebx = chainlenscanend - i.e., ((chainlen << 16) | scanend)
-+ * %ecx = curmatch
-+ * %edx = curmatch & wmask
-+ * %esi = windowbestlen - i.e., (window + bestlen)
-+ * %edi = prev
-+ * %ebp = limit
-+ *
-+ * Two optimization notes on the choice of instructions:
-+ *
-+ * The first instruction uses a 16-bit address, which costs an extra,
-+ * unpairable cycle. This is cheaper than doing a 32-bit access and
-+ * zeroing the high word, due to the 3-cycle misalignment penalty which
-+ * would occur half the time. This also turns out to be cheaper than
-+ * doing two separate 8-bit accesses, as the memory is so rarely in the
-+ * L1 cache.
-+ *
-+ * The window buffer, however, apparently spends a lot of time in the
-+ * cache, and so it is faster to retrieve the word at the end of the
-+ * match string with two 8-bit loads. The instructions that test the
-+ * word at the beginning of the match string, however, are executed
-+ * much less frequently, and there it was cheaper to use 16-bit
-+ * instructions, which avoided the necessity of saving off and
-+ * subsequently reloading one of the other registers.
-+ */
-+LookupLoop:
-+ /* 1 U & V */
-+ movw (%edi,%edx,2), %cx /* 2 U pipe */
-+ movl wmask(%esp), %edx /* 2 V pipe */
-+ cmpl %ebp, %ecx /* 3 U pipe */
-+ jbe LeaveNow /* 3 V pipe */
-+ subl $0x00010000, %ebx /* 4 U pipe */
-+ js LeaveNow /* 4 V pipe */
-+LoopEntry: movb -1(%esi,%ecx), %al /* 5 U pipe */
-+ andl %ecx, %edx /* 5 V pipe */
-+ cmpb %bl, %al /* 6 U pipe */
-+ jnz LookupLoop /* 6 V pipe */
-+ movb (%esi,%ecx), %ah
-+ cmpb %bh, %ah
-+ jnz LookupLoop
-+ movl window(%esp), %eax
-+ movw (%eax,%ecx), %ax
-+ cmpw scanstart(%esp), %ax
-+ jnz LookupLoop
-+
-+/* Store the current value of chainlen. */
-+
-+ movl %ebx, chainlenscanend(%esp)
-+
-+/* Point %edi to the string under scrutiny, and %esi to the string we */
-+/* are hoping to match it up with. In actuality, %esi and %edi are */
-+/* both pointed (MAX_MATCH_8 - scanalign) bytes ahead, and %edx is */
-+/* initialized to -(MAX_MATCH_8 - scanalign). */
-+
-+ movl window(%esp), %esi
-+ movl scan(%esp), %edi
-+ addl %ecx, %esi
-+ movl scanalign(%esp), %eax
-+ movl $(-MAX_MATCH_8), %edx
-+ lea MAX_MATCH_8(%edi,%eax), %edi
-+ lea MAX_MATCH_8(%esi,%eax), %esi
-+
-+/* Test the strings for equality, 8 bytes at a time. At the end,
-+ * adjust %edx so that it is offset to the exact byte that mismatched.
-+ *
-+ * We already know at this point that the first three bytes of the
-+ * strings match each other, and they can be safely passed over before
-+ * starting the compare loop. So what this code does is skip over 0-3
-+ * bytes, as much as necessary in order to dword-align the %edi
-+ * pointer. (%esi will still be misaligned three times out of four.)
-+ *
-+ * It should be confessed that this loop usually does not represent
-+ * much of the total running time. Replacing it with a more
-+ * straightforward "rep cmpsb" would not drastically degrade
-+ * performance.
-+ */
-+LoopCmps:
-+ movl (%esi,%edx), %eax
-+ movl (%edi,%edx), %ebx
-+ xorl %ebx, %eax
-+ jnz LeaveLoopCmps
-+ movl 4(%esi,%edx), %eax
-+ movl 4(%edi,%edx), %ebx
-+ xorl %ebx, %eax
-+ jnz LeaveLoopCmps4
-+ addl $8, %edx
-+ jnz LoopCmps
-+ jmp LenMaximum
-+LeaveLoopCmps4: addl $4, %edx
-+LeaveLoopCmps: testl $0x0000FFFF, %eax
-+ jnz LenLower
-+ addl $2, %edx
-+ shrl $16, %eax
-+LenLower: subb $1, %al
-+ adcl $0, %edx
-+
-+/* Calculate the length of the match. If it is longer than MAX_MATCH, */
-+/* then automatically accept it as the best possible match and leave. */
-+
-+ lea (%edi,%edx), %eax
-+ movl scan(%esp), %edi
-+ subl %edi, %eax
-+ cmpl $MAX_MATCH, %eax
-+ jge LenMaximum
-+
-+/* If the length of the match is not longer than the best match we */
-+/* have so far, then forget it and return to the lookup loop. */
-+
-+ movl deflatestate(%esp), %edx
-+ movl bestlen(%esp), %ebx
-+ cmpl %ebx, %eax
-+ jg LongerMatch
-+ movl chainlenscanend(%esp), %ebx
-+ movl windowbestlen(%esp), %esi
-+ movl dsPrev(%edx), %edi
-+ movl wmask(%esp), %edx
-+ andl %ecx, %edx
-+ jmp LookupLoop
-+
-+/* s->match_start = cur_match; */
-+/* best_len = len; */
-+/* if (len >= nice_match) break; */
-+/* scan_end = *(ushf*)(scan+best_len-1); */
-+
-+LongerMatch: movl nicematch(%esp), %ebx
-+ movl %eax, bestlen(%esp)
-+ movl %ecx, dsMatchStart(%edx)
-+ cmpl %ebx, %eax
-+ jge LeaveNow
-+ movl window(%esp), %esi
-+ addl %eax, %esi
-+ movl %esi, windowbestlen(%esp)
-+ movl chainlenscanend(%esp), %ebx
-+ movw -1(%edi,%eax), %bx
-+ movl dsPrev(%edx), %edi
-+ movl %ebx, chainlenscanend(%esp)
-+ movl wmask(%esp), %edx
-+ andl %ecx, %edx
-+ jmp LookupLoop
-+
-+/* Accept the current string, with the maximum possible length. */
-+
-+LenMaximum: movl deflatestate(%esp), %edx
-+ movl $MAX_MATCH, bestlen(%esp)
-+ movl %ecx, dsMatchStart(%edx)
-+
-+/* if ((uInt)best_len <= s->lookahead) return (uInt)best_len; */
-+/* return s->lookahead; */
-+
-+LeaveNow:
-+ movl deflatestate(%esp), %edx
-+ movl bestlen(%esp), %ebx
-+ movl dsLookahead(%edx), %eax
-+ cmpl %eax, %ebx
-+ jg LookaheadRet
-+ movl %ebx, %eax
-+LookaheadRet:
-+
-+/* Restore the stack and return from whence we came. */
-+
-+ addl $LocalVarsSize, %esp
-+ popl %ebx
-+ popl %esi
-+ popl %edi
-+ popl %ebp
-+match_init: ret
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/match686.S Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,330 @@
-+/* match.s -- Pentium-Pro-optimized version of longest_match()
-+ * Written for zlib 1.1.2
-+ * Copyright (C) 1998 Brian Raiter <breadbox@muppetlabs.com>
-+ *
-+ * This is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License.
-+ */
-+
-+#ifndef NO_UNDERLINE
-+#define match_init _ipcomp_match_init
-+#define longest_match _ipcomp_longest_match
-+#else
-+#define match_init ipcomp_match_init
-+#define longest_match ipcomp_longest_match
-+#endif
-+
-+#define MAX_MATCH (258)
-+#define MIN_MATCH (3)
-+#define MIN_LOOKAHEAD (MAX_MATCH + MIN_MATCH + 1)
-+#define MAX_MATCH_8 ((MAX_MATCH + 7) & ~7)
-+
-+/* stack frame offsets */
-+
-+#define chainlenwmask 0 /* high word: current chain len */
-+ /* low word: s->wmask */
-+#define window 4 /* local copy of s->window */
-+#define windowbestlen 8 /* s->window + bestlen */
-+#define scanstart 16 /* first two bytes of string */
-+#define scanend 12 /* last two bytes of string */
-+#define scanalign 20 /* dword-misalignment of string */
-+#define nicematch 24 /* a good enough match size */
-+#define bestlen 28 /* size of best match so far */
-+#define scan 32 /* ptr to string wanting match */
-+
-+#define LocalVarsSize (36)
-+/* saved ebx 36 */
-+/* saved edi 40 */
-+/* saved esi 44 */
-+/* saved ebp 48 */
-+/* return address 52 */
-+#define deflatestate 56 /* the function arguments */
-+#define curmatch 60
-+
-+/* Offsets for fields in the deflate_state structure. These numbers
-+ * are calculated from the definition of deflate_state, with the
-+ * assumption that the compiler will dword-align the fields. (Thus,
-+ * changing the definition of deflate_state could easily cause this
-+ * program to crash horribly, without so much as a warning at
-+ * compile time. Sigh.)
-+ */
-+#define dsWSize 36
-+#define dsWMask 44
-+#define dsWindow 48
-+#define dsPrev 56
-+#define dsMatchLen 88
-+#define dsPrevMatch 92
-+#define dsStrStart 100
-+#define dsMatchStart 104
-+#define dsLookahead 108
-+#define dsPrevLen 112
-+#define dsMaxChainLen 116
-+#define dsGoodMatch 132
-+#define dsNiceMatch 136
-+
-+
-+.file "match.S"
-+
-+.globl match_init, longest_match
-+
-+.text
-+
-+/* uInt longest_match(deflate_state *deflatestate, IPos curmatch) */
-+
-+longest_match:
-+
-+/* Save registers that the compiler may be using, and adjust %esp to */
-+/* make room for our stack frame. */
-+
-+ pushl %ebp
-+ pushl %edi
-+ pushl %esi
-+ pushl %ebx
-+ subl $LocalVarsSize, %esp
-+
-+/* Retrieve the function arguments. %ecx will hold cur_match */
-+/* throughout the entire function. %edx will hold the pointer to the */
-+/* deflate_state structure during the function's setup (before */
-+/* entering the main loop). */
-+
-+ movl deflatestate(%esp), %edx
-+ movl curmatch(%esp), %ecx
-+
-+/* uInt wmask = s->w_mask; */
-+/* unsigned chain_length = s->max_chain_length; */
-+/* if (s->prev_length >= s->good_match) { */
-+/* chain_length >>= 2; */
-+/* } */
-+
-+ movl dsPrevLen(%edx), %eax
-+ movl dsGoodMatch(%edx), %ebx
-+ cmpl %ebx, %eax
-+ movl dsWMask(%edx), %eax
-+ movl dsMaxChainLen(%edx), %ebx
-+ jl LastMatchGood
-+ shrl $2, %ebx
-+LastMatchGood:
-+
-+/* chainlen is decremented once beforehand so that the function can */
-+/* use the sign flag instead of the zero flag for the exit test. */
-+/* It is then shifted into the high word, to make room for the wmask */
-+/* value, which it will always accompany. */
-+
-+ decl %ebx
-+ shll $16, %ebx
-+ orl %eax, %ebx
-+ movl %ebx, chainlenwmask(%esp)
-+
-+/* if ((uInt)nice_match > s->lookahead) nice_match = s->lookahead; */
-+
-+ movl dsNiceMatch(%edx), %eax
-+ movl dsLookahead(%edx), %ebx
-+ cmpl %eax, %ebx
-+ jl LookaheadLess
-+ movl %eax, %ebx
-+LookaheadLess: movl %ebx, nicematch(%esp)
-+
-+/* register Bytef *scan = s->window + s->strstart; */
-+
-+ movl dsWindow(%edx), %esi
-+ movl %esi, window(%esp)
-+ movl dsStrStart(%edx), %ebp
-+ lea (%esi,%ebp), %edi
-+ movl %edi, scan(%esp)
-+
-+/* Determine how many bytes the scan ptr is off from being */
-+/* dword-aligned. */
-+
-+ movl %edi, %eax
-+ negl %eax
-+ andl $3, %eax
-+ movl %eax, scanalign(%esp)
-+
-+/* IPos limit = s->strstart > (IPos)MAX_DIST(s) ? */
-+/* s->strstart - (IPos)MAX_DIST(s) : NIL; */
-+
-+ movl dsWSize(%edx), %eax
-+ subl $MIN_LOOKAHEAD, %eax
-+ subl %eax, %ebp
-+ jg LimitPositive
-+ xorl %ebp, %ebp
-+LimitPositive:
-+
-+/* int best_len = s->prev_length; */
-+
-+ movl dsPrevLen(%edx), %eax
-+ movl %eax, bestlen(%esp)
-+
-+/* Store the sum of s->window + best_len in %esi locally, and in %esi. */
-+
-+ addl %eax, %esi
-+ movl %esi, windowbestlen(%esp)
-+
-+/* register ush scan_start = *(ushf*)scan; */
-+/* register ush scan_end = *(ushf*)(scan+best_len-1); */
-+/* Posf *prev = s->prev; */
-+
-+ movzwl (%edi), %ebx
-+ movl %ebx, scanstart(%esp)
-+ movzwl -1(%edi,%eax), %ebx
-+ movl %ebx, scanend(%esp)
-+ movl dsPrev(%edx), %edi
-+
-+/* Jump into the main loop. */
-+
-+ movl chainlenwmask(%esp), %edx
-+ jmp LoopEntry
-+
-+.balign 16
-+
-+/* do {
-+ * match = s->window + cur_match;
-+ * if (*(ushf*)(match+best_len-1) != scan_end ||
-+ * *(ushf*)match != scan_start) continue;
-+ * [...]
-+ * } while ((cur_match = prev[cur_match & wmask]) > limit
-+ * && --chain_length != 0);
-+ *
-+ * Here is the inner loop of the function. The function will spend the
-+ * majority of its time in this loop, and majority of that time will
-+ * be spent in the first ten instructions.
-+ *
-+ * Within this loop:
-+ * %ebx = scanend
-+ * %ecx = curmatch
-+ * %edx = chainlenwmask - i.e., ((chainlen << 16) | wmask)
-+ * %esi = windowbestlen - i.e., (window + bestlen)
-+ * %edi = prev
-+ * %ebp = limit
-+ */
-+LookupLoop:
-+ andl %edx, %ecx
-+ movzwl (%edi,%ecx,2), %ecx
-+ cmpl %ebp, %ecx
-+ jbe LeaveNow
-+ subl $0x00010000, %edx
-+ js LeaveNow
-+LoopEntry: movzwl -1(%esi,%ecx), %eax
-+ cmpl %ebx, %eax
-+ jnz LookupLoop
-+ movl window(%esp), %eax
-+ movzwl (%eax,%ecx), %eax
-+ cmpl scanstart(%esp), %eax
-+ jnz LookupLoop
-+
-+/* Store the current value of chainlen. */
-+
-+ movl %edx, chainlenwmask(%esp)
-+
-+/* Point %edi to the string under scrutiny, and %esi to the string we */
-+/* are hoping to match it up with. In actuality, %esi and %edi are */
-+/* both pointed (MAX_MATCH_8 - scanalign) bytes ahead, and %edx is */
-+/* initialized to -(MAX_MATCH_8 - scanalign). */
-+
-+ movl window(%esp), %esi
-+ movl scan(%esp), %edi
-+ addl %ecx, %esi
-+ movl scanalign(%esp), %eax
-+ movl $(-MAX_MATCH_8), %edx
-+ lea MAX_MATCH_8(%edi,%eax), %edi
-+ lea MAX_MATCH_8(%esi,%eax), %esi
-+
-+/* Test the strings for equality, 8 bytes at a time. At the end,
-+ * adjust %edx so that it is offset to the exact byte that mismatched.
-+ *
-+ * We already know at this point that the first three bytes of the
-+ * strings match each other, and they can be safely passed over before
-+ * starting the compare loop. So what this code does is skip over 0-3
-+ * bytes, as much as necessary in order to dword-align the %edi
-+ * pointer. (%esi will still be misaligned three times out of four.)
-+ *
-+ * It should be confessed that this loop usually does not represent
-+ * much of the total running time. Replacing it with a more
-+ * straightforward "rep cmpsb" would not drastically degrade
-+ * performance.
-+ */
-+LoopCmps:
-+ movl (%esi,%edx), %eax
-+ xorl (%edi,%edx), %eax
-+ jnz LeaveLoopCmps
-+ movl 4(%esi,%edx), %eax
-+ xorl 4(%edi,%edx), %eax
-+ jnz LeaveLoopCmps4
-+ addl $8, %edx
-+ jnz LoopCmps
-+ jmp LenMaximum
-+LeaveLoopCmps4: addl $4, %edx
-+LeaveLoopCmps: testl $0x0000FFFF, %eax
-+ jnz LenLower
-+ addl $2, %edx
-+ shrl $16, %eax
-+LenLower: subb $1, %al
-+ adcl $0, %edx
-+
-+/* Calculate the length of the match. If it is longer than MAX_MATCH, */
-+/* then automatically accept it as the best possible match and leave. */
-+
-+ lea (%edi,%edx), %eax
-+ movl scan(%esp), %edi
-+ subl %edi, %eax
-+ cmpl $MAX_MATCH, %eax
-+ jge LenMaximum
-+
-+/* If the length of the match is not longer than the best match we */
-+/* have so far, then forget it and return to the lookup loop. */
-+
-+ movl deflatestate(%esp), %edx
-+ movl bestlen(%esp), %ebx
-+ cmpl %ebx, %eax
-+ jg LongerMatch
-+ movl windowbestlen(%esp), %esi
-+ movl dsPrev(%edx), %edi
-+ movl scanend(%esp), %ebx
-+ movl chainlenwmask(%esp), %edx
-+ jmp LookupLoop
-+
-+/* s->match_start = cur_match; */
-+/* best_len = len; */
-+/* if (len >= nice_match) break; */
-+/* scan_end = *(ushf*)(scan+best_len-1); */
-+
-+LongerMatch: movl nicematch(%esp), %ebx
-+ movl %eax, bestlen(%esp)
-+ movl %ecx, dsMatchStart(%edx)
-+ cmpl %ebx, %eax
-+ jge LeaveNow
-+ movl window(%esp), %esi
-+ addl %eax, %esi
-+ movl %esi, windowbestlen(%esp)
-+ movzwl -1(%edi,%eax), %ebx
-+ movl dsPrev(%edx), %edi
-+ movl %ebx, scanend(%esp)
-+ movl chainlenwmask(%esp), %edx
-+ jmp LookupLoop
-+
-+/* Accept the current string, with the maximum possible length. */
-+
-+LenMaximum: movl deflatestate(%esp), %edx
-+ movl $MAX_MATCH, bestlen(%esp)
-+ movl %ecx, dsMatchStart(%edx)
-+
-+/* if ((uInt)best_len <= s->lookahead) return (uInt)best_len; */
-+/* return s->lookahead; */
-+
-+LeaveNow:
-+ movl deflatestate(%esp), %edx
-+ movl bestlen(%esp), %ebx
-+ movl dsLookahead(%edx), %eax
-+ cmpl %eax, %ebx
-+ jg LookaheadRet
-+ movl %ebx, %eax
-+LookaheadRet:
-+
-+/* Restore the stack and return from whence we came. */
-+
-+ addl $LocalVarsSize, %esp
-+ popl %ebx
-+ popl %esi
-+ popl %edi
-+ popl %ebp
-+match_init: ret
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/null/ipsec_alg_null.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,147 @@
-+/*
-+ * ipsec_alg NULL cipher stubs
-+ *
-+ * Author: JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar>
-+ *
-+ * $Id: ipsec_alg_null.c,v 1.1.2.2 2008-01-11 21:07:23 paul Exp $
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ */
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+
-+/*
-+ * special case: ipsec core modular with this static algo inside:
-+ * must avoid MODULE magic for this file
-+ */
-+#if defined(CONFIG_KLIPS_MODULE) && defined(CONFIG_KLIPS_ENC_NULL)
-+#undef MODULE
-+#endif
-+
-+#include <linux/module.h>
-+#include <linux/init.h>
-+
-+#include <linux/kernel.h> /* printk() */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/string.h>
-+
-+/* Check if __exit is defined, if not null it */
-+#ifndef __exit
-+#define __exit
-+#endif
-+
-+/* Low freeswan header coupling */
-+#include "openswan/ipsec_alg.h"
-+
-+#define ESP_NULL 11 /* from ipsec drafts */
-+#define ESP_NULL_BLK_LEN 1
-+
-+MODULE_AUTHOR("JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar>");
-+static int debug_null=0;
-+static int test_null=0;
-+#ifdef module_param
-+module_param(debug_null, int, 0600);
-+module_param(test_null, int, 0600);
-+#else
-+MODULE_PARM(debug_null, "i");
-+MODULE_PARM(test_null, "i");
-+#endif
-+
-+typedef int null_context;
-+
-+struct null_eks{
-+ null_context null_ctx;
-+};
-+static int _null_set_key(struct ipsec_alg_enc *alg,
-+ __u8 * key_e, const __u8 * key,
-+ size_t keysize) {
-+ null_context *ctx=&((struct null_eks*)key_e)->null_ctx;
-+ if (debug_null > 0)
-+ printk(KERN_DEBUG "klips_debug:_null_set_key:"
-+ "key_e=%p key=%p keysize=%d\n",
-+ key_e, key, keysize);
-+ *ctx = 1;
-+ return 0;
-+}
-+static int _null_cbc_encrypt(struct ipsec_alg_enc *alg,
-+ __u8 * key_e, __u8 * in, int ilen, const __u8 * iv,
-+ int encrypt) {
-+ null_context *ctx=&((struct null_eks*)key_e)->null_ctx;
-+ if (debug_null > 0)
-+ printk(KERN_DEBUG "klips_debug:_null_cbc_encrypt:"
-+ "key_e=%p in=%p ilen=%d iv=%p encrypt=%d\n",
-+ key_e, in, ilen, iv, encrypt);
-+ (*ctx)++;
-+ return ilen;
-+}
-+static struct ipsec_alg_enc ipsec_alg_NULL = {
-+ ixt_common: { ixt_version: IPSEC_ALG_VERSION,
-+ ixt_refcnt: ATOMIC_INIT(0),
-+ ixt_name: "null",
-+ ixt_blocksize: ESP_NULL_BLK_LEN,
-+ ixt_support: {
-+ ias_exttype: IPSEC_ALG_TYPE_ENCRYPT,
-+ ias_id: ESP_NULL,
-+ ias_ivlen: 0,
-+ ias_keyminbits: 0,
-+ ias_keymaxbits: 0,
-+ },
-+ },
-+#if defined(CONFIG_KLIPS_ENC_NULL_MODULE)
-+ ixt_module: THIS_MODULE,
-+#endif
-+ ixt_e_keylen: 0,
-+ ixt_e_ctx_size: sizeof(null_context),
-+ ixt_e_set_key: _null_set_key,
-+ ixt_e_cbc_encrypt:_null_cbc_encrypt,
-+};
-+
-+#if defined(CONFIG_KLIPS_ENC_NULL_MODULE)
-+IPSEC_ALG_MODULE_INIT_MOD( ipsec_null_init )
-+#else
-+IPSEC_ALG_MODULE_INIT_STATIC( ipsec_null_init )
-+#endif
-+{
-+ int ret, test_ret;
-+ ret=register_ipsec_alg_enc(&ipsec_alg_NULL);
-+ printk("ipsec_null_init(alg_type=%d alg_id=%d name=%s): ret=%d\n",
-+ ipsec_alg_NULL.ixt_common.ixt_support.ias_exttype,
-+ ipsec_alg_NULL.ixt_common.ixt_support.ias_id,
-+ ipsec_alg_NULL.ixt_common.ixt_name,
-+ ret);
-+ if (ret==0 && test_null) {
-+ test_ret=ipsec_alg_test(
-+ ipsec_alg_NULL.ixt_common.ixt_support.ias_exttype,
-+ ipsec_alg_NULL.ixt_common.ixt_support.ias_id,
-+ test_null);
-+ printk("ipsec_null_init(alg_type=%d alg_id=%d): test_ret=%d\n",
-+ ipsec_alg_NULL.ixt_common.ixt_support.ias_exttype,
-+ ipsec_alg_NULL.ixt_common.ixt_support.ias_id,
-+ test_ret);
-+ }
-+ return ret;
-+}
-+#if defined(CONFIG_KLIPS_ENC_NULL_MODULE)
-+IPSEC_ALG_MODULE_EXIT_MOD( ipsec_null_fini )
-+#else
-+IPSEC_ALG_MODULE_EXIT_STATIC( ipsec_null_fini )
-+#endif
-+{
-+ unregister_ipsec_alg_enc(&ipsec_alg_NULL);
-+ return;
-+}
-+#ifdef MODULE_LICENSE
-+MODULE_LICENSE("GPL");
-+#endif
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/pfkey_v2.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,2043 @@
-+/*
-+ * @(#) RFC2367 PF_KEYv2 Key management API domain socket I/F
-+ * Copyright (C) 1999, 2000, 2001 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: pfkey_v2.c,v 1.97.2.16 2007-10-31 19:57:41 paul Exp $
-+ */
-+
-+/*
-+ * Template from /usr/src/linux-2.0.36/net/unix/af_unix.c.
-+ * Hints from /usr/src/linux-2.0.36/net/ipv4/udp.c.
-+ */
-+
-+#define __NO_VERSION__
-+#include <linux/module.h>
-+#include <linux/version.h>
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/kernel.h>
-+
-+#include "openswan/ipsec_param.h"
-+
-+#include <linux/major.h>
-+#include <linux/signal.h>
-+#include <linux/sched.h>
-+#include <linux/errno.h>
-+#include <linux/string.h>
-+#include <linux/stat.h>
-+#include <linux/socket.h>
-+#include <linux/un.h>
-+#include <linux/fcntl.h>
-+#include <linux/termios.h>
-+#include <linux/socket.h>
-+#include <linux/sockios.h>
-+#include <linux/net.h> /* struct socket */
-+#include <linux/in.h>
-+#include <linux/fs.h>
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <asm/segment.h>
-+#include <linux/skbuff.h>
-+#include <linux/netdevice.h>
-+#include <net/sock.h> /* struct sock */
-+#include <net/protocol.h>
-+/* #include <net/tcp.h> */
-+#include <net/af_unix.h>
-+#ifdef CONFIG_PROC_FS
-+# include <linux/proc_fs.h>
-+#endif /* CONFIG_PROC_FS */
-+
-+#include <linux/types.h>
-+
-+#include <openswan.h>
-+
-+#include "openswan/radij.h"
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_sa.h"
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+#include "openswan/ipsec_proto.h"
-+#include "openswan/ipsec_kern24.h"
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+int debug_pfkey = 0;
-+extern int sysctl_ipsec_debug_verbose;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+#define SENDERR(_x) do { error = -(_x); goto errlab; } while (0)
-+
-+#ifndef SOCKOPS_WRAPPED
-+#define SOCKOPS_WRAPPED(name) name
-+#endif /* SOCKOPS_WRAPPED */
-+
-+#ifdef NET_26
-+static rwlock_t pfkey_sock_lock = RW_LOCK_UNLOCKED;
-+HLIST_HEAD(pfkey_sock_list);
-+static DECLARE_WAIT_QUEUE_HEAD(pfkey_sock_wait);
-+static atomic_t pfkey_sock_users = ATOMIC_INIT(0);
-+#else
-+struct sock *pfkey_sock_list = NULL;
-+#endif
-+
-+struct supported_list *pfkey_supported_list[SADB_SATYPE_MAX+1];
-+
-+struct socket_list *pfkey_open_sockets = NULL;
-+struct socket_list *pfkey_registered_sockets[SADB_SATYPE_MAX+1];
-+
-+int pfkey_msg_interp(struct sock *, struct sadb_msg *, struct sadb_msg **);
-+
-+DEBUG_NO_STATIC int pfkey_create(struct socket *sock, int protocol);
-+DEBUG_NO_STATIC int pfkey_shutdown(struct socket *sock, int mode);
-+DEBUG_NO_STATIC int pfkey_release(struct socket *sock);
-+
-+#ifdef NET_26
-+DEBUG_NO_STATIC int pfkey_sendmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t len);
-+DEBUG_NO_STATIC int pfkey_recvmsg(struct kiocb *kiocb, struct socket *sock, struct msghdr *msg
-+ , size_t size, int flags);
-+#else
-+DEBUG_NO_STATIC int pfkey_sendmsg(struct socket *sock, struct msghdr *msg, int len, struct scm_cookie *scm);
-+DEBUG_NO_STATIC int pfkey_recvmsg(struct socket *sock, struct msghdr *msg, int size, int flags, struct scm_cookie *scm);
-+#endif
-+
-+struct net_proto_family pfkey_family_ops = {
-+#ifdef NETDEV_23
-+ .family = PF_KEY,
-+ .create = pfkey_create,
-+#ifdef NET_26
-+ .owner = THIS_MODULE,
-+#endif
-+#else
-+ PF_KEY,
-+ pfkey_create
-+#endif
-+};
-+
-+struct proto_ops SOCKOPS_WRAPPED(pfkey_ops) = {
-+#ifdef NETDEV_23
-+ family: PF_KEY,
-+#ifdef NET_26
-+ owner: THIS_MODULE,
-+#endif
-+ release: pfkey_release,
-+ bind: sock_no_bind,
-+ connect: sock_no_connect,
-+ socketpair: sock_no_socketpair,
-+ accept: sock_no_accept,
-+ getname: sock_no_getname,
-+ poll: datagram_poll,
-+ ioctl: sock_no_ioctl,
-+ listen: sock_no_listen,
-+ shutdown: pfkey_shutdown,
-+ setsockopt: sock_no_setsockopt,
-+ getsockopt: sock_no_getsockopt,
-+ sendmsg: pfkey_sendmsg,
-+ recvmsg: pfkey_recvmsg,
-+ mmap: sock_no_mmap,
-+#else /* NETDEV_23 */
-+ PF_KEY,
-+ sock_no_dup,
-+ pfkey_release,
-+ sock_no_bind,
-+ sock_no_connect,
-+ sock_no_socketpair,
-+ sock_no_accept,
-+ sock_no_getname,
-+ datagram_poll,
-+ sock_no_ioctl,
-+ sock_no_listen,
-+ pfkey_shutdown,
-+ sock_no_setsockopt,
-+ sock_no_getsockopt,
-+ sock_no_fcntl,
-+ pfkey_sendmsg,
-+ pfkey_recvmsg
-+#endif /* NETDEV_23 */
-+};
-+
-+#ifdef NETDEV_23
-+#include <linux/smp_lock.h>
-+SOCKOPS_WRAP(pfkey, PF_KEY);
-+#endif /* NETDEV_23 */
-+
-+#ifdef NET_26
-+static void pfkey_sock_list_grab(void)
-+{
-+ write_lock_bh(&pfkey_sock_lock);
-+
-+ if (atomic_read(&pfkey_sock_users)) {
-+ DECLARE_WAITQUEUE(wait, current);
-+
-+ add_wait_queue_exclusive(&pfkey_sock_wait, &wait);
-+ for(;;) {
-+ set_current_state(TASK_UNINTERRUPTIBLE);
-+ if (atomic_read(&pfkey_sock_users) == 0)
-+ break;
-+ write_unlock_bh(&pfkey_sock_lock);
-+ schedule();
-+ write_lock_bh(&pfkey_sock_lock);
-+ }
-+
-+ __set_current_state(TASK_RUNNING);
-+ remove_wait_queue(&pfkey_sock_wait, &wait);
-+ }
-+}
-+
-+static __inline__ void pfkey_sock_list_ungrab(void)
-+{
-+ write_unlock_bh(&pfkey_sock_lock);
-+ wake_up(&pfkey_sock_wait);
-+}
-+
-+static __inline__ void pfkey_lock_sock_list(void)
-+{
-+ /* read_lock() synchronizes us to pfkey_table_grab */
-+
-+ read_lock(&pfkey_sock_lock);
-+ atomic_inc(&pfkey_sock_users);
-+ read_unlock(&pfkey_sock_lock);
-+}
-+
-+static __inline__ void pfkey_unlock_sock_list(void)
-+{
-+ if (atomic_dec_and_test(&pfkey_sock_users))
-+ wake_up(&pfkey_sock_wait);
-+}
-+#endif
-+
-+int
-+pfkey_list_remove_socket(struct socket *socketp, struct socket_list **sockets)
-+{
-+ struct socket_list *socket_listp,*prev;
-+
-+ if(!socketp) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_list_remove_socket: "
-+ "NULL socketp handed in, failed.\n");
-+ return -EINVAL;
-+ }
-+
-+ if(!sockets) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_list_remove_socket: "
-+ "NULL sockets list handed in, failed.\n");
-+ return -EINVAL;
-+ }
-+
-+ socket_listp = *sockets;
-+ prev = NULL;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_list_remove_socket: "
-+ "removing sock=0p%p\n",
-+ socketp);
-+
-+ while(socket_listp != NULL) {
-+ if(socket_listp->socketp == socketp) {
-+ if(prev != NULL) {
-+ prev->next = socket_listp->next;
-+ } else {
-+ *sockets = socket_listp->next;
-+ }
-+
-+ kfree((void*)socket_listp);
-+
-+ break;
-+ }
-+ prev = socket_listp;
-+ socket_listp = socket_listp->next;
-+ }
-+
-+ return 0;
-+}
-+
-+int
-+pfkey_list_insert_socket(struct socket *socketp, struct socket_list **sockets)
-+{
-+ struct socket_list *socket_listp;
-+
-+ if(!socketp) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_list_insert_socket: "
-+ "NULL socketp handed in, failed.\n");
-+ return -EINVAL;
-+ }
-+
-+ if(!sockets) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_list_insert_socket: "
-+ "NULL sockets list handed in, failed.\n");
-+ return -EINVAL;
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_list_insert_socket: "
-+ "allocating %lu bytes for socketp=0p%p\n",
-+ (unsigned long) sizeof(struct socket_list),
-+ socketp);
-+
-+ if((socket_listp = (struct socket_list *)kmalloc(sizeof(struct socket_list), GFP_KERNEL)) == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_list_insert_socket: "
-+ "memory allocation error.\n");
-+ return -ENOMEM;
-+ }
-+
-+ socket_listp->socketp = socketp;
-+ socket_listp->next = *sockets;
-+ *sockets = socket_listp;
-+
-+ return 0;
-+}
-+
-+int
-+pfkey_list_remove_supported(struct ipsec_alg_supported *supported, struct supported_list **supported_list)
-+{
-+ struct supported_list *supported_listp = *supported_list, *prev = NULL;
-+
-+ if(!supported) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_list_remove_supported: "
-+ "NULL supported handed in, failed.\n");
-+ return -EINVAL;
-+ }
-+
-+ if(!supported_list) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_list_remove_supported: "
-+ "NULL supported_list handed in, failed.\n");
-+ return -EINVAL;
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_list_remove_supported: "
-+ "removing supported=0p%p\n",
-+ supported);
-+
-+ while(supported_listp != NULL) {
-+ if(supported_listp->supportedp == supported) {
-+ if(prev != NULL) {
-+ prev->next = supported_listp->next;
-+ } else {
-+ *supported_list = supported_listp->next;
-+ }
-+
-+ kfree((void*)supported_listp);
-+
-+ break;
-+ }
-+ prev = supported_listp;
-+ supported_listp = supported_listp->next;
-+ }
-+
-+ return 0;
-+}
-+
-+int
-+pfkey_list_insert_supported(struct ipsec_alg_supported *supported
-+ , struct supported_list **supported_list)
-+{
-+ struct supported_list *supported_listp;
-+
-+ if(!supported) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_list_insert_supported: "
-+ "NULL supported handed in, failed.\n");
-+ return -EINVAL;
-+ }
-+
-+ if(!supported_list) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_list_insert_supported: "
-+ "NULL supported_list handed in, failed.\n");
-+ return -EINVAL;
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_list_insert_supported: "
-+ "allocating %lu bytes for incoming, supported=0p%p, supported_list=0p%p\n",
-+ (unsigned long) sizeof(struct supported_list),
-+ supported,
-+ supported_list);
-+
-+ supported_listp = (struct supported_list *)kmalloc(sizeof(struct supported_list), GFP_KERNEL);
-+
-+ if(supported_listp == NULL)
-+ {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_list_insert_supported: "
-+ "memory allocation error.\n");
-+ return -ENOMEM;
-+ }
-+
-+ supported_listp->supportedp = supported;
-+ supported_listp->next = *supported_list;
-+ *supported_list = supported_listp;
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_list_insert_supported: "
-+ "outgoing, supported=0p%p, supported_list=0p%p\n",
-+ supported,
-+ supported_list);
-+
-+ return 0;
-+}
-+
-+#ifdef NET_26
-+DEBUG_NO_STATIC void
-+pfkey_insert_socket(struct sock *sk)
-+{
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_insert_socket: "
-+ "sk=0p%p\n",
-+ sk);
-+ pfkey_sock_list_grab();
-+ sk_add_node(sk, &pfkey_sock_list);
-+ pfkey_sock_list_ungrab();
-+}
-+
-+DEBUG_NO_STATIC void
-+pfkey_remove_socket(struct sock *sk)
-+{
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_remove_socket: 0p%p\n", sk);
-+ pfkey_sock_list_grab();
-+ sk_del_node_init(sk);
-+ pfkey_sock_list_ungrab();
-+ return;
-+}
-+#else
-+
-+DEBUG_NO_STATIC void
-+pfkey_insert_socket(struct sock *sk)
-+{
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_insert_socket: "
-+ "sk=0p%p\n",
-+ sk);
-+ cli();
-+ sk->next=pfkey_sock_list;
-+ pfkey_sock_list=sk;
-+ sti();
-+}
-+DEBUG_NO_STATIC void
-+pfkey_remove_socket(struct sock *sk)
-+{
-+ struct sock **s;
-+
-+ s = NULL;
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_remove_socket: .\n");
-+
-+ cli();
-+ s=&pfkey_sock_list;
-+
-+ while(*s!=NULL) {
-+ if(*s==sk) {
-+ *s=sk->next;
-+ sk->next=NULL;
-+ sti();
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_remove_socket: "
-+ "succeeded.\n");
-+ return;
-+ }
-+ s=&((*s)->next);
-+ }
-+ sti();
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_remove_socket: "
-+ "not found.\n");
-+ return;
-+}
-+#endif
-+
-+DEBUG_NO_STATIC void
-+pfkey_destroy_socket(struct sock *sk)
-+{
-+ struct sk_buff *skb;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_destroy_socket: 0p%p\n",sk);
-+ pfkey_remove_socket(sk);
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_destroy_socket: "
-+ "pfkey_remove_socket called, sk=0p%p\n",sk);
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_destroy_socket: "
-+ "sk(0p%p)->(&0p%p)receive_queue.{next=0p%p,prev=0p%p}.\n",
-+ sk,
-+ &(sk->sk_receive_queue),
-+ sk->sk_receive_queue.next,
-+ sk->sk_receive_queue.prev);
-+
-+ while(sk && ((skb=skb_dequeue(&(sk->sk_receive_queue)))!=NULL)) {
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(debug_pfkey && sysctl_ipsec_debug_verbose) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_destroy_socket: "
-+ "skb=0p%p dequeued.\n", skb);
-+ printk(KERN_INFO "klips_debug:pfkey_destroy_socket: "
-+ "pfkey_skb contents:");
-+ printk(" next:0p%p", skb->next);
-+ printk(" prev:0p%p", skb->prev);
-+ printk(" sk:0p%p", skb->sk);
-+ printk(" dev:0p%p", skb->dev);
-+ if(skb->dev) {
-+ if(skb->dev->name) {
-+ printk(" dev->name:%s", skb->dev->name);
-+ } else {
-+ printk(" dev->name:NULL?");
-+ }
-+ } else {
-+ printk(" dev:NULL");
-+ }
-+ printk(" h:0p%p", skb_transport_header(skb));
-+ printk(" nh:0p%p", skb_network_header(skb));
-+ printk(" mac:0p%p", skb_mac_header(skb));
-+ printk(" dst:0p%p", skb->dst);
-+ if(sysctl_ipsec_debug_verbose) {
-+ int i;
-+
-+ printk(" cb");
-+ for(i=0; i<48; i++) {
-+ printk(":%2x", skb->cb[i]);
-+ }
-+ }
-+ printk(" len:%d", skb->len);
-+ printk(" csum:%d", skb->csum);
-+#ifndef NETDEV_23
-+ printk(" used:%d", skb->used);
-+ printk(" is_clone:%d", skb->is_clone);
-+#endif /* NETDEV_23 */
-+ printk(" cloned:%d", skb->cloned);
-+ printk(" pkt_type:%d", skb->pkt_type);
-+ printk(" ip_summed:%d", skb->ip_summed);
-+ printk(" priority:%d", skb->priority);
-+ printk(" protocol:%d", skb->protocol);
-+#ifdef HAVE_SOCK_SECURITY
-+ printk(" security:%d", skb->security);
-+#endif
-+ printk(" truesize:%d", skb->truesize);
-+ printk(" head:0p%p", skb->head);
-+ printk(" data:0p%p", skb->data);
-+ printk(" tail:0p%p", skb_tail_pointer(skb));
-+ printk(" end:0p%p", skb_end_pointer(skb));
-+ if(sysctl_ipsec_debug_verbose) {
-+ unsigned char* i;
-+ printk(" data");
-+ for(i = skb->head; i < skb_end_pointer(skb); i++) {
-+ printk(":%2x", (unsigned char)(*(i)));
-+ }
-+ }
-+ printk(" destructor:0p%p", skb->destructor);
-+ printk("\n");
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_destroy_socket: "
-+ "skb=0p%p freed.\n",
-+ skb);
-+ ipsec_kfree_skb(skb);
-+ }
-+
-+#ifdef NET_26
-+ sock_set_flag(sk, SOCK_DEAD);
-+#else
-+ sk->dead = 1;
-+#endif
-+ sk_free(sk);
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_destroy_socket: destroyed.\n");
-+}
-+
-+int
-+pfkey_upmsg(struct socket *sock, struct sadb_msg *pfkey_msg)
-+{
-+ int error = 0;
-+ struct sk_buff * skb = NULL;
-+ struct sock *sk;
-+
-+ if(sock == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_upmsg: "
-+ "NULL socket passed in.\n");
-+ return -EINVAL;
-+ }
-+
-+ if(pfkey_msg == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_upmsg: "
-+ "NULL pfkey_msg passed in.\n");
-+ return -EINVAL;
-+ }
-+
-+ sk = sock->sk;
-+
-+ if(sk == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_upmsg: "
-+ "NULL sock passed in.\n");
-+ return -EINVAL;
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_upmsg: "
-+ "allocating %d bytes...\n",
-+ (int)(pfkey_msg->sadb_msg_len * IPSEC_PFKEYv2_ALIGN));
-+ if(!(skb = alloc_skb(pfkey_msg->sadb_msg_len * IPSEC_PFKEYv2_ALIGN, GFP_ATOMIC) )) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_upmsg: "
-+ "no buffers left to send up a message.\n");
-+ return -ENOBUFS;
-+ }
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_upmsg: "
-+ "...allocated at 0p%p.\n",
-+ skb);
-+
-+ skb->dev = NULL;
-+
-+ if(skb_tailroom(skb) < pfkey_msg->sadb_msg_len * IPSEC_PFKEYv2_ALIGN) {
-+ printk(KERN_WARNING "klips_error:pfkey_upmsg: "
-+ "tried to skb_put %ld, %d available. This should never happen, please report.\n",
-+ (unsigned long int)pfkey_msg->sadb_msg_len * IPSEC_PFKEYv2_ALIGN,
-+ skb_tailroom(skb));
-+ ipsec_kfree_skb(skb);
-+ return -ENOBUFS;
-+ }
-+ skb_set_transport_header(skb, ipsec_skb_offset(skb, skb_put(skb, pfkey_msg->sadb_msg_len * IPSEC_PFKEYv2_ALIGN)));
-+ memcpy(skb_transport_header(skb), pfkey_msg, pfkey_msg->sadb_msg_len * IPSEC_PFKEYv2_ALIGN);
-+
-+ if((error = sock_queue_rcv_skb(sk, skb)) < 0) {
-+ skb->sk=NULL;
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_upmsg: "
-+ "error=%d calling sock_queue_rcv_skb with skb=0p%p.\n",
-+ error,
-+ skb);
-+ ipsec_kfree_skb(skb);
-+ return error;
-+ }
-+ return error;
-+}
-+
-+#ifdef NET_26_12_SKALLOC
-+static struct proto key_proto = {
-+ .name = "KEY",
-+ .owner = THIS_MODULE,
-+ .obj_size = sizeof(struct sock),
-+
-+};
-+#endif
-+
-+DEBUG_NO_STATIC int
-+pfkey_create(struct socket *sock, int protocol)
-+{
-+ struct sock *sk;
-+
-+ if(sock == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_create: "
-+ "socket NULL.\n");
-+ return -EINVAL;
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_create: "
-+ "sock=0p%p type:%d state:%d flags:%ld protocol:%d\n",
-+ sock,
-+ sock->type,
-+ (unsigned int)(sock->state),
-+ sock->flags, protocol);
-+
-+ if(sock->type != SOCK_RAW) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_create: "
-+ "only SOCK_RAW supported.\n");
-+ return -ESOCKTNOSUPPORT;
-+ }
-+
-+ if(protocol != PF_KEY_V2) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_create: "
-+ "protocol not PF_KEY_V2.\n");
-+ return -EPROTONOSUPPORT;
-+ }
-+
-+ if((current->uid != 0)) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_create: "
-+ "must be root to open pfkey sockets.\n");
-+ return -EACCES;
-+ }
-+
-+ sock->state = SS_UNCONNECTED;
-+
-+ KLIPS_INC_USE;
-+
-+#ifdef NET_26
-+#ifdef NET_26_12_SKALLOC
-+ sk=(struct sock *)sk_alloc(PF_KEY, GFP_KERNEL, &key_proto, 1);
-+#else
-+ sk=(struct sock *)sk_alloc(PF_KEY, GFP_KERNEL, 1, NULL);
-+#endif
-+#else
-+ /* 2.4 interface */
-+ sk=(struct sock *)sk_alloc(PF_KEY, GFP_KERNEL, 1);
-+#endif
-+
-+ if(sk == NULL)
-+ {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_create: "
-+ "Out of memory trying to allocate.\n");
-+ KLIPS_DEC_USE;
-+ return -ENOMEM;
-+ }
-+
-+ sock_init_data(sock, sk);
-+
-+ sk->sk_destruct = NULL;
-+ sk->sk_reuse = 1;
-+ sock->ops = &pfkey_ops;
-+
-+ sk->sk_family = PF_KEY;
-+/* sk->num = protocol; */
-+ sk->sk_protocol = protocol;
-+ key_pid(sk) = current->pid;
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_create: "
-+ "sock->fasync_list=0p%p sk->sleep=0p%p.\n",
-+ sock->fasync_list,
-+ sk->sk_sleep);
-+
-+ pfkey_insert_socket(sk);
-+ pfkey_list_insert_socket(sock, &pfkey_open_sockets);
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_create: "
-+ "Socket sock=0p%p sk=0p%p initialised.\n", sock, sk);
-+ return 0;
-+}
-+
-+DEBUG_NO_STATIC int
-+#ifdef NETDEV_23
-+pfkey_release(struct socket *sock)
-+#else /* NETDEV_23 */
-+pfkey_release(struct socket *sock, struct socket *peersock)
-+#endif /* NETDEV_23 */
-+{
-+ struct sock *sk;
-+ int i;
-+
-+ if(sock==NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_release: "
-+ "No socket attached.\n");
-+ return 0; /* -EINVAL; */
-+ }
-+
-+ sk=sock->sk;
-+
-+ /* May not have data attached */
-+ if(sk==NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_release: "
-+ "No sk attached to sock=0p%p.\n", sock);
-+ return 0; /* -EINVAL; */
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_release: "
-+ "sock=0p%p sk=0p%p\n", sock, sk);
-+
-+ if(sock_flag(sk, SOCK_DEAD))
-+ if(sk->sk_state_change) {
-+ sk->sk_state_change(sk);
-+ }
-+
-+ sock->sk = NULL;
-+
-+ /* Try to flush out this socket. Throw out buffers at least */
-+ pfkey_destroy_socket(sk);
-+ pfkey_list_remove_socket(sock, &pfkey_open_sockets);
-+ for(i = SADB_SATYPE_UNSPEC; i <= SADB_SATYPE_MAX; i++) {
-+ pfkey_list_remove_socket(sock, &(pfkey_registered_sockets[i]));
-+ }
-+
-+ KLIPS_DEC_USE;
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_release: "
-+ "succeeded.\n");
-+
-+ return 0;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_shutdown(struct socket *sock, int mode)
-+{
-+ struct sock *sk;
-+
-+ if(sock == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_shutdown: "
-+ "NULL socket passed in.\n");
-+ return -EINVAL;
-+ }
-+
-+ sk=sock->sk;
-+
-+ if(sk == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_shutdown: "
-+ "No sock attached to socket.\n");
-+ return -EINVAL;
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_shutdown: "
-+ "mode=%x.\n", mode);
-+ mode++;
-+
-+ if(mode&SEND_SHUTDOWN) {
-+ sk->sk_shutdown|=SEND_SHUTDOWN;
-+ sk->sk_state_change(sk);
-+ }
-+
-+ if(mode&RCV_SHUTDOWN) {
-+ sk->sk_shutdown|=RCV_SHUTDOWN;
-+ sk->sk_state_change(sk);
-+ }
-+ return 0;
-+}
-+
-+/*
-+ * Send PF_KEY data down.
-+ */
-+
-+DEBUG_NO_STATIC int
-+#ifdef NET_26
-+pfkey_sendmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t len)
-+#else
-+pfkey_sendmsg(struct socket *sock, struct msghdr *msg, int len, struct scm_cookie *scm)
-+#endif
-+{
-+ struct sock *sk;
-+ int error = 0;
-+ struct sadb_msg *pfkey_msg = NULL, *pfkey_reply = NULL;
-+
-+ if(sock == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "Null socket passed in.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ sk = sock->sk;
-+
-+ if(sk == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "Null sock passed in.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(msg == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "Null msghdr passed in.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: .\n");
-+ if(sk->sk_err) {
-+ error = sock_error(sk);
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "sk->err is non-zero, returns %d.\n",
-+ error);
-+ SENDERR(-error);
-+ }
-+
-+ if((current->uid != 0)) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "must be root to send messages to pfkey sockets.\n");
-+ SENDERR(EACCES);
-+ }
-+
-+ if(msg->msg_control)
-+ {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "can't set flags or set msg_control.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(sk->sk_shutdown & SEND_SHUTDOWN) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "shutdown.\n");
-+ send_sig(SIGPIPE, current, 0);
-+ SENDERR(EPIPE);
-+ }
-+
-+ if(len < sizeof(struct sadb_msg)) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "bogus msg len of %d, too small.\n", (int)len);
-+ SENDERR(EMSGSIZE);
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "allocating %d bytes for downward message.\n",
-+ (int)len);
-+ if((pfkey_msg = (struct sadb_msg*)kmalloc(len, GFP_KERNEL)) == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "memory allocation error.\n");
-+ SENDERR(ENOBUFS);
-+ }
-+
-+ memcpy_fromiovec((void *)pfkey_msg, msg->msg_iov, len);
-+
-+ if(pfkey_msg->sadb_msg_version != PF_KEY_V2) {
-+ KLIPS_PRINT(1 || debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "not PF_KEY_V2 msg, found %d, should be %d.\n",
-+ pfkey_msg->sadb_msg_version,
-+ PF_KEY_V2);
-+ kfree((void*)pfkey_msg);
-+ return -EINVAL;
-+ }
-+
-+ if(len != pfkey_msg->sadb_msg_len * IPSEC_PFKEYv2_ALIGN) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "bogus msg len of %d, not %d byte aligned.\n",
-+ (int)len, (int)IPSEC_PFKEYv2_ALIGN);
-+ SENDERR(EMSGSIZE);
-+ }
-+
-+#if 0
-+ /* This check is questionable, since a downward message could be
-+ the result of an ACQUIRE either from kernel (PID==0) or
-+ userspace (some other PID). */
-+ /* check PID */
-+ if(pfkey_msg->sadb_msg_pid != current->pid) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "pid (%d) does not equal sending process pid (%d).\n",
-+ pfkey_msg->sadb_msg_pid, current->pid);
-+ SENDERR(EINVAL);
-+ }
-+#endif
-+
-+ if(pfkey_msg->sadb_msg_reserved) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "reserved field must be zero, set to %d.\n",
-+ pfkey_msg->sadb_msg_reserved);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if((pfkey_msg->sadb_msg_type > SADB_MAX) || (!pfkey_msg->sadb_msg_type)){
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "msg type too large or small:%d.\n",
-+ pfkey_msg->sadb_msg_type);
-+ SENDERR(EINVAL);
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "msg sent for parsing.\n");
-+
-+ if((error = pfkey_msg_interp(sk, pfkey_msg, &pfkey_reply))) {
-+ struct socket_list *pfkey_socketsp;
-+
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_sendmsg: "
-+ "pfkey_msg_parse returns %d.\n",
-+ error);
-+
-+ if((pfkey_reply = (struct sadb_msg*)kmalloc(sizeof(struct sadb_msg), GFP_KERNEL)) == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "memory allocation error.\n");
-+ SENDERR(ENOBUFS);
-+ }
-+ memcpy((void*)pfkey_reply, (void*)pfkey_msg, sizeof(struct sadb_msg));
-+ pfkey_reply->sadb_msg_errno = -error;
-+ pfkey_reply->sadb_msg_len = sizeof(struct sadb_msg) / IPSEC_PFKEYv2_ALIGN;
-+
-+ for(pfkey_socketsp = pfkey_open_sockets;
-+ pfkey_socketsp;
-+ pfkey_socketsp = pfkey_socketsp->next) {
-+ int error_upmsg = 0;
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_sendmsg: "
-+ "sending up error=%d message=0p%p to socket=0p%p.\n",
-+ error,
-+ pfkey_reply,
-+ pfkey_socketsp->socketp);
-+ if((error_upmsg = pfkey_upmsg(pfkey_socketsp->socketp, pfkey_reply))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_sendmsg: "
-+ "sending up error message to socket=0p%p failed with error=%d.\n",
-+ pfkey_socketsp->socketp,
-+ error_upmsg);
-+ /* pfkey_msg_free(&pfkey_reply); */
-+ /* SENDERR(-error); */
-+ }
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_sendmsg: "
-+ "sending up error message to socket=0p%p succeeded.\n",
-+ pfkey_socketsp->socketp);
-+ }
-+
-+ pfkey_msg_free(&pfkey_reply);
-+
-+ SENDERR(-error);
-+ }
-+
-+ errlab:
-+ if (pfkey_msg) {
-+ kfree((void*)pfkey_msg);
-+ }
-+
-+ if(error) {
-+ return error;
-+ } else {
-+ return len;
-+ }
-+}
-+
-+/*
-+ * Receive PF_KEY data up.
-+ */
-+
-+DEBUG_NO_STATIC int
-+#ifdef NET_26
-+pfkey_recvmsg(struct kiocb *kiocb
-+ , struct socket *sock
-+ , struct msghdr *msg
-+ , size_t size
-+ , int flags)
-+#else
-+pfkey_recvmsg(struct socket *sock
-+ , struct msghdr *msg
-+ , int size, int flags
-+ , struct scm_cookie *scm)
-+#endif
-+{
-+ struct sock *sk;
-+ int noblock = flags & MSG_DONTWAIT;
-+ struct sk_buff *skb;
-+ int error;
-+
-+ if(sock == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_recvmsg: "
-+ "Null socket passed in.\n");
-+ return -EINVAL;
-+ }
-+
-+ sk = sock->sk;
-+
-+ if(sk == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_recvmsg: "
-+ "Null sock passed in for sock=0p%p.\n", sock);
-+ return -EINVAL;
-+ }
-+
-+ if(msg == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_recvmsg: "
-+ "Null msghdr passed in for sock=0p%p, sk=0p%p.\n",
-+ sock, sk);
-+ return -EINVAL;
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey && sysctl_ipsec_debug_verbose,
-+ "klips_debug:pfkey_recvmsg: sock=0p%p sk=0p%p msg=0p%p size=%d.\n",
-+ sock, sk, msg, (int)size);
-+ if(flags & ~MSG_PEEK) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "flags (%d) other than MSG_PEEK not supported.\n",
-+ flags);
-+ return -EOPNOTSUPP;
-+ }
-+
-+ msg->msg_namelen = 0; /* sizeof(*ska); */
-+
-+ if(sk->sk_err) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "sk->sk_err=%d.\n", sk->sk_err);
-+ return sock_error(sk);
-+ }
-+
-+ if((skb = skb_recv_datagram(sk, flags, noblock, &error) ) == NULL) {
-+ return error;
-+ }
-+
-+ if(size > skb->len) {
-+ size = skb->len;
-+ }
-+ else if(size <skb->len) {
-+ msg->msg_flags |= MSG_TRUNC;
-+ }
-+
-+ skb_copy_datagram_iovec(skb, 0, msg->msg_iov, size);
-+#ifdef HAVE_KERNEL_TSTAMP
-+ sk->sk_stamp = skb->tstamp;
-+#elif defined(HAVE_TSTAMP)
-+ sk->sk_stamp.tv_sec = skb->tstamp.off_sec;
-+ sk->sk_stamp.tv_usec = skb->tstamp.off_usec;
-+#else
-+ sk->sk_stamp=skb->stamp;
-+#endif
-+
-+ skb_free_datagram(sk, skb);
-+ return size;
-+}
-+
-+#ifdef CONFIG_PROC_FS
-+#ifndef PROC_FS_2325
-+DEBUG_NO_STATIC
-+#endif /* PROC_FS_2325 */
-+int
-+pfkey_get_info(char *buffer, char **start, off_t offset, int length
-+#ifndef PROC_NO_DUMMY
-+, int dummy
-+#endif /* !PROC_NO_DUMMY */
-+)
-+{
-+ const int max_content = length > 0? length-1 : 0; /* limit of useful snprintf output */
-+#ifdef NET_26
-+ struct hlist_node *node;
-+#endif
-+ off_t begin=0;
-+ int len=0;
-+ struct sock *sk;
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(!sysctl_ipsec_debug_verbose) {
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ len += ipsec_snprintf(buffer, length,
-+ " sock pid socket next prev e n p sndbf Flags Type St\n");
-+#ifdef CONFIG_KLIPS_DEBUG
-+ } else {
-+ len += ipsec_snprintf(buffer, length,
-+ " sock pid d sleep socket next prev e r z n p sndbf stamp Flags Type St\n");
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ sk_for_each(sk, node, &pfkey_sock_list) {
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(!sysctl_ipsec_debug_verbose) {
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ len += ipsec_snprintf(buffer+len, length-len,
-+ "%8p %5d %8p %d %d %5d %08lX %8X %2X\n",
-+ sk,
-+ key_pid(sk),
-+ sk->sk_socket,
-+ sk->sk_err,
-+ sk->sk_protocol,
-+ sk->sk_sndbuf,
-+ sk->sk_socket->flags,
-+ sk->sk_socket->type,
-+ sk->sk_socket->state);
-+#ifdef CONFIG_KLIPS_DEBUG
-+ } else {
-+ struct timeval t;
-+ grab_socket_timeval(t, *sk);
-+ len += ipsec_snprintf(buffer+len, length-len,
-+ "%8p %5d %d %8p %8p %d %d %d %d %5d %d.%06d %08lX %8X %2X\n",
-+ sk,
-+ key_pid(sk),
-+ sock_flag(sk, SOCK_DEAD),
-+ sk->sk_sleep,
-+ sk->sk_socket,
-+ sk->sk_err,
-+ sk->sk_reuse,
-+#ifdef HAVE_SOCK_ZAPPED
-+ sock_flag(sk, SOCK_ZAPPED),
-+#else
-+ sk->sk_zapped,
-+#endif
-+ sk->sk_protocol,
-+ sk->sk_sndbuf,
-+ (unsigned int)t.tv_sec,
-+ (unsigned int)t.tv_usec,
-+ sk->sk_socket->flags,
-+ sk->sk_socket->type,
-+ sk->sk_socket->state);
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ if (len >= max_content) {
-+ /* we've done all that can fit -- stop loop */
-+ len = max_content; /* truncate crap */
-+ break;
-+ } else {
-+ const off_t pos = begin + len; /* file position of end of what we've generated */
-+
-+ if (pos <= offset) {
-+ /* all is before first interesting character:
-+ * discard, but note where we are.
-+ */
-+ len = 0;
-+ begin = pos;
-+ }
-+ }
-+ }
-+
-+ *start = buffer + (offset - begin); /* Start of wanted data */
-+ return len - (offset - begin);
-+}
-+
-+#ifndef PROC_FS_2325
-+DEBUG_NO_STATIC
-+#endif /* PROC_FS_2325 */
-+int
-+pfkey_supported_get_info(char *buffer, char **start, off_t offset, int length
-+#ifndef PROC_NO_DUMMY
-+, int dummy
-+#endif /* !PROC_NO_DUMMY */
-+)
-+{
-+ /* limit of useful snprintf output */
-+ const int max_content = length > 0? length-1 : 0;
-+ off_t begin=0;
-+ int len=0;
-+ int satype;
-+ struct supported_list *ps;
-+
-+ len += ipsec_snprintf(buffer, length,
-+ "satype exttype alg_id ivlen minbits maxbits name\n");
-+
-+ for(satype = SADB_SATYPE_UNSPEC; satype <= SADB_SATYPE_MAX; satype++) {
-+ ps = pfkey_supported_list[satype];
-+ while(ps) {
-+ struct ipsec_alg_supported *alg = ps->supportedp;
-+ unsigned char *n = alg->ias_name;
-+ if(n == NULL) n = "unknown";
-+
-+ len += ipsec_snprintf(buffer+len, length-len,
-+ " %2d %2d %2d %3d %3d %3d %20s\n",
-+ satype,
-+ alg->ias_exttype,
-+ alg->ias_id,
-+ alg->ias_ivlen,
-+ alg->ias_keyminbits,
-+ alg->ias_keymaxbits,
-+ n);
-+
-+ if (len >= max_content) {
-+ /* we've done all that can fit -- stop loop */
-+ len = max_content; /* truncate crap */
-+ break;
-+ } else {
-+ const off_t pos = begin + len; /* file position of end of what we've generated */
-+
-+ if (pos <= offset) {
-+ /* all is before first interesting character:
-+ * discard, but note where we are.
-+ */
-+ len = 0;
-+ begin = pos;
-+ }
-+ }
-+
-+ ps = ps->next;
-+ }
-+ }
-+ *start = buffer + (offset - begin); /* Start of wanted data */
-+ return len - (offset - begin);
-+}
-+
-+#ifndef PROC_FS_2325
-+DEBUG_NO_STATIC
-+#endif /* PROC_FS_2325 */
-+int
-+pfkey_registered_get_info(char *buffer, char **start, off_t offset, int length
-+#ifndef PROC_NO_DUMMY
-+, int dummy
-+#endif /* !PROC_NO_DUMMY */
-+)
-+{
-+ const int max_content = length > 0? length-1 : 0; /* limit of useful snprintf output */
-+ off_t begin=0;
-+ int len=0;
-+ int satype;
-+ struct socket_list *pfkey_sockets;
-+
-+ len += ipsec_snprintf(buffer, length,
-+ "satype socket pid sk\n");
-+
-+ for(satype = SADB_SATYPE_UNSPEC; satype <= SADB_SATYPE_MAX; satype++) {
-+ pfkey_sockets = pfkey_registered_sockets[satype];
-+ while(pfkey_sockets) {
-+ len += ipsec_snprintf(buffer+len, length-len,
-+ " %2d %8p %5d %8p\n",
-+ satype,
-+ pfkey_sockets->socketp,
-+ key_pid(pfkey_sockets->socketp->sk),
-+ pfkey_sockets->socketp->sk);
-+
-+ if (len >= max_content) {
-+ /* we've done all that can fit -- stop loop (could stop two) */
-+ len = max_content; /* truncate crap */
-+ break;
-+ } else {
-+ const off_t pos = begin + len; /* file position of end of what we've generated */
-+
-+ if (pos <= offset) {
-+ /* all is before first interesting character:
-+ * discard, but note where we are.
-+ */
-+ len = 0;
-+ begin = pos;
-+ }
-+ }
-+
-+ pfkey_sockets = pfkey_sockets->next;
-+ }
-+ }
-+ *start = buffer + (offset - begin); /* Start of wanted data */
-+ return len - (offset - begin);
-+}
-+
-+#ifndef PROC_FS_2325
-+struct proc_dir_entry proc_net_pfkey =
-+{
-+ 0,
-+ 6, "pf_key",
-+ S_IFREG | S_IRUGO, 1, 0, 0,
-+ 0, &proc_net_inode_operations,
-+ pfkey_get_info
-+};
-+struct proc_dir_entry proc_net_pfkey_supported =
-+{
-+ 0,
-+ 16, "pf_key_supported",
-+ S_IFREG | S_IRUGO, 1, 0, 0,
-+ 0, &proc_net_inode_operations,
-+ pfkey_supported_get_info
-+};
-+struct proc_dir_entry proc_net_pfkey_registered =
-+{
-+ 0,
-+ 17, "pf_key_registered",
-+ S_IFREG | S_IRUGO, 1, 0, 0,
-+ 0, &proc_net_inode_operations,
-+ pfkey_registered_get_info
-+};
-+#endif /* !PROC_FS_2325 */
-+#endif /* CONFIG_PROC_FS */
-+
-+DEBUG_NO_STATIC int
-+supported_add_all(int satype, struct ipsec_alg_supported supported[], int size)
-+{
-+ int i;
-+ int error = 0;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:init_pfkey: "
-+ "sizeof(supported_init_<satype=%d>)[%d]/sizeof(struct ipsec_alg_supported)[%d]=%d.\n",
-+ satype,
-+ size,
-+ (int)sizeof(struct ipsec_alg_supported),
-+ (int)(size/sizeof(struct ipsec_alg_supported)));
-+
-+ for(i = 0; i < size / sizeof(struct ipsec_alg_supported); i++) {
-+
-+ unsigned char *n = supported[i].ias_name;
-+ if(n == NULL) n="unknown";
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:init_pfkey: "
-+ "i=%d inserting satype=%d exttype=%d id=%d ivlen=%d minbits=%d maxbits=%d name=%s.\n",
-+ i,
-+ satype,
-+ supported[i].ias_exttype,
-+ supported[i].ias_id,
-+ supported[i].ias_ivlen,
-+ supported[i].ias_keyminbits,
-+ supported[i].ias_keymaxbits,
-+ n);
-+
-+ error |= pfkey_list_insert_supported(&(supported[i]),
-+ &(pfkey_supported_list[satype]));
-+ }
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+supported_remove_all(int satype)
-+{
-+ int error = 0;
-+ struct ipsec_alg_supported*supportedp;
-+
-+ while(pfkey_supported_list[satype]) {
-+ unsigned char *n;
-+ supportedp = pfkey_supported_list[satype]->supportedp;
-+
-+ n = supportedp->ias_name;
-+ if(n == NULL) n="unknown";
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:init_pfkey: "
-+ "removing satype=%d exttype=%d id=%d ivlen=%d minbits=%d maxbits=%d name=%s.\n",
-+ satype,
-+ supportedp->ias_exttype,
-+ supportedp->ias_id,
-+ supportedp->ias_ivlen,
-+ supportedp->ias_keyminbits,
-+ supportedp->ias_keymaxbits, n);
-+
-+ error |= pfkey_list_remove_supported(supportedp,
-+ &(pfkey_supported_list[satype]));
-+ }
-+ return error;
-+}
-+
-+int
-+pfkey_init(void)
-+{
-+ int error = 0;
-+ int i;
-+
-+ static struct ipsec_alg_supported supported_init_ah[] = {
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_MD5
-+ {SADB_EXT_SUPPORTED_AUTH, SADB_AALG_MD5HMAC, 0, 128, 128},
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_MD5 */
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_SHA1
-+ {SADB_EXT_SUPPORTED_AUTH, SADB_AALG_SHA1HMAC, 0, 160, 160}
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_SHA1 */
-+ };
-+ static struct ipsec_alg_supported supported_init_esp[] = {
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_MD5
-+ {SADB_EXT_SUPPORTED_AUTH, SADB_AALG_MD5HMAC, 0, 128, 128},
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_MD5 */
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_SHA1
-+ {SADB_EXT_SUPPORTED_AUTH, SADB_AALG_SHA1HMAC, 0, 160, 160},
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_SHA1 */
-+#ifdef CONFIG_KLIPS_ENC_3DES
-+ {SADB_EXT_SUPPORTED_ENCRYPT, SADB_EALG_3DESCBC, 64, 168, 168},
-+#endif /* CONFIG_KLIPS_ENC_3DES */
-+ };
-+ static struct ipsec_alg_supported supported_init_ipip[] = {
-+ {SADB_EXT_SUPPORTED_ENCRYPT, SADB_X_TALG_IPv4_in_IPv4, 0, 32, 32}
-+#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
-+ , {SADB_EXT_SUPPORTED_ENCRYPT, SADB_X_TALG_IPv6_in_IPv4, 0, 128, 32}
-+ , {SADB_EXT_SUPPORTED_ENCRYPT, SADB_X_TALG_IPv4_in_IPv6, 0, 32, 128}
-+ , {SADB_EXT_SUPPORTED_ENCRYPT, SADB_X_TALG_IPv6_in_IPv6, 0, 128, 128}
-+#endif /* defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) */
-+ };
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ static struct ipsec_alg_supported supported_init_ipcomp[] = {
-+ {SADB_EXT_SUPPORTED_ENCRYPT, SADB_X_CALG_DEFLATE, 0, 1, 1}
-+ };
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+
-+#if 0
-+ printk(KERN_INFO
-+ "klips_info:pfkey_init: "
-+ "FreeS/WAN: initialising PF_KEYv2 domain sockets.\n");
-+#endif
-+
-+ for(i = SADB_SATYPE_UNSPEC; i <= SADB_SATYPE_MAX; i++) {
-+ pfkey_registered_sockets[i] = NULL;
-+ pfkey_supported_list[i] = NULL;
-+ }
-+
-+ error |= supported_add_all(SADB_SATYPE_AH, supported_init_ah, sizeof(supported_init_ah));
-+ error |= supported_add_all(SADB_SATYPE_ESP, supported_init_esp, sizeof(supported_init_esp));
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ error |= supported_add_all(SADB_X_SATYPE_COMP, supported_init_ipcomp, sizeof(supported_init_ipcomp));
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+ error |= supported_add_all(SADB_X_SATYPE_IPIP, supported_init_ipip, sizeof(supported_init_ipip));
-+
-+ error |= sock_register(&pfkey_family_ops);
-+
-+#ifdef CONFIG_PROC_FS
-+# ifndef PROC_FS_2325
-+# ifdef PROC_FS_21
-+ error |= proc_register(proc_net, &proc_net_pfkey);
-+ error |= proc_register(proc_net, &proc_net_pfkey_supported);
-+ error |= proc_register(proc_net, &proc_net_pfkey_registered);
-+# else /* PROC_FS_21 */
-+ error |= proc_register_dynamic(&proc_net, &proc_net_pfkey);
-+ error |= proc_register_dynamic(&proc_net, &proc_net_pfkey_supported);
-+ error |= proc_register_dynamic(&proc_net, &proc_net_pfkey_registered);
-+# endif /* PROC_FS_21 */
-+# else /* !PROC_FS_2325 */
-+ proc_net_create ("pf_key", 0, pfkey_get_info);
-+ proc_net_create ("pf_key_supported", 0, pfkey_supported_get_info);
-+ proc_net_create ("pf_key_registered", 0, pfkey_registered_get_info);
-+# endif /* !PROC_FS_2325 */
-+#endif /* CONFIG_PROC_FS */
-+
-+ return error;
-+}
-+
-+int
-+pfkey_cleanup(void)
-+{
-+ int error = 0;
-+
-+ printk(KERN_INFO "klips_info:pfkey_cleanup: "
-+ "shutting down PF_KEY domain sockets.\n");
-+#ifdef VOID_SOCK_UNREGISTER
-+ sock_unregister(PF_KEY);
-+#else
-+ sock_unregister(PF_KEY);
-+#endif
-+
-+ error |= supported_remove_all(SADB_SATYPE_AH);
-+ error |= supported_remove_all(SADB_SATYPE_ESP);
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ error |= supported_remove_all(SADB_X_SATYPE_COMP);
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+ error |= supported_remove_all(SADB_X_SATYPE_IPIP);
-+
-+#ifdef CONFIG_PROC_FS
-+# ifndef PROC_FS_2325
-+ if (proc_net_unregister(proc_net_pfkey.low_ino) != 0)
-+ printk("klips_debug:pfkey_cleanup: "
-+ "cannot unregister /proc/net/pf_key\n");
-+ if (proc_net_unregister(proc_net_pfkey_supported.low_ino) != 0)
-+ printk("klips_debug:pfkey_cleanup: "
-+ "cannot unregister /proc/net/pf_key_supported\n");
-+ if (proc_net_unregister(proc_net_pfkey_registered.low_ino) != 0)
-+ printk("klips_debug:pfkey_cleanup: "
-+ "cannot unregister /proc/net/pf_key_registered\n");
-+# else /* !PROC_FS_2325 */
-+ proc_net_remove ("pf_key");
-+ proc_net_remove ("pf_key_supported");
-+ proc_net_remove ("pf_key_registered");
-+# endif /* !PROC_FS_2325 */
-+#endif /* CONFIG_PROC_FS */
-+
-+ /* other module unloading cleanup happens here */
-+ return error;
-+}
-+
-+#ifdef MODULE
-+#if 0
-+int
-+init_module(void)
-+{
-+ pfkey_init();
-+ return 0;
-+}
-+
-+void
-+cleanup_module(void)
-+{
-+ pfkey_cleanup();
-+}
-+#endif /* 0 */
-+#else /* MODULE */
-+struct net_protocol;
-+void pfkey_proto_init(struct net_protocol *pro)
-+{
-+ pfkey_init();
-+}
-+#endif /* MODULE */
-+
-+/*
-+ * $Log: pfkey_v2.c,v $
-+ * Revision 1.97.2.16 2007-10-31 19:57:41 paul
-+ * type of sock.sk_stamp changed from timeval to ktime [dhr]
-+ *
-+ * Revision 1.97.2.15 2007-10-30 21:39:30 paul
-+ * Use skb_tail_pointer/skb_end_pointer [dhr]
-+ *
-+ * Revision 1.97.2.14 2007/09/05 02:56:10 paul
-+ * Use the new ipsec_kversion macros by David to deal with 2.6.22 kernels.
-+ * Fixes based on David McCullough patch.
-+ *
-+ * Revision 1.97.2.13 2007/08/10 01:40:49 paul
-+ * Fix for sock_unregister for 2.6.19 by Sergeil
-+ *
-+ * Revision 1.97.2.12 2006/11/24 05:43:29 paul
-+ * kernels after 2.6.18 do not return a code from unregister_socket()
-+ * backport from git 41e54a2684dc809d7952e816860ea646a3194a72
-+ *
-+ * Revision 1.97.2.11 2006/11/15 16:05:57 paul
-+ * fix for compiling on 2.4. kernels by Matthias Haas.
-+ *
-+ * Revision 1.97.2.10 2006/10/10 20:43:28 paul
-+ * Add family/create/owner for pfkey_family_ops. This fixes bug #671
-+ *
-+ * Revision 1.97.2.9 2006/10/06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.97.2.8 2006/07/10 15:56:11 paul
-+ * Fix for bug #642 by Bart.
-+ *
-+ * Revision 1.97.2.7 2006/04/04 11:34:19 ken
-+ * Backport SMP fixes + #ifdef cleanup from #public
-+ *
-+ * Revision 1.97.2.6 2006/02/15 05:00:20 paul
-+ * Fix for crasher on 2.6.12+ with klips (mostly seen on redhat kernels)
-+ *
-+ * Revision 1.97.2.5 2005/11/22 04:11:52 ken
-+ * Backport fixes for 2.6.14 kernels from HEAD
-+ *
-+ * Revision 1.97.2.4 2005/09/14 16:40:45 mcr
-+ * pull up of compilation on 2.4
-+ *
-+ * Revision 1.97.2.3 2005/09/06 02:10:03 mcr
-+ * pulled up possible SMP-related compilation fix
-+ *
-+ * Revision 1.97.2.2 2005/08/28 01:21:12 paul
-+ * Undid Ken's gcc4 fix in version 1.94 since it breaks linking KLIPS on
-+ * SMP kernels.
-+ *
-+ * Revision 1.97.2.1 2005/08/27 23:40:00 paul
-+ * recommited HAVE_SOCK_SECURITY fixes for linux 2.6.13
-+ *
-+ * Revision 1.102 2005/09/14 16:37:23 mcr
-+ * fix to compile on 2.4.
-+ *
-+ * Revision 1.101 2005/09/06 01:42:25 mcr
-+ * removed additional SOCKOPS_WRAPPED code
-+ *
-+ * Revision 1.100 2005/08/30 18:10:15 mcr
-+ * remove SOCKOPS_WRAPPED() code, add proper locking to the
-+ * pfkey code. (cross fingers)
-+ *
-+ * Revision 1.99 2005/08/28 01:53:37 paul
-+ * Undid Ken's gcc4 fix in version 1.94 since it breaks linking KLIPS on SMP kernels.
-+ *
-+ * Revision 1.98 2005/08/27 23:07:21 paul
-+ * Somewhere between 2.6.12 and 2.6.13rc7 the unused security memnber in sk_buff
-+ * has been removed. This patch should fix compilation for both cases.
-+ *
-+ * Revision 1.97 2005/07/20 00:33:36 mcr
-+ * fixed typo in #ifdef for SKALLOC.
-+ *
-+ * Revision 1.96 2005/07/19 20:02:15 mcr
-+ * sk_alloc() interface change.
-+ *
-+ * Revision 1.95 2005/07/09 00:40:06 ken
-+ * Fix for GCC4 - it doesn't like the potential for duplicate declaration
-+ *
-+ * Revision 1.94 2005/07/09 00:14:04 ken
-+ * Casts for 64bit cleanliness
-+ *
-+ * Revision 1.93 2005/07/08 16:20:05 mcr
-+ * fix for 2.6.12 disapperance of sk_zapped field -> sock_flags.
-+ *
-+ * Revision 1.92 2005/05/21 03:29:39 mcr
-+ * fixed missing prototype definition.
-+ *
-+ * Revision 1.91 2005/05/11 01:43:45 mcr
-+ * removed "poor-man"s OOP in favour of proper C structures.
-+ *
-+ * Revision 1.90 2005/05/02 18:42:47 mcr
-+ * fix for cut&paste error with pfkey_v2.c "supported_name"
-+ *
-+ * Revision 1.89 2005/05/01 03:12:31 mcr
-+ * print name if it is available.
-+ *
-+ * Revision 1.88 2005/04/29 05:10:22 mcr
-+ * removed from extraenous includes to make unit testing easier.
-+ *
-+ * Revision 1.87 2005/04/15 19:57:10 mcr
-+ * make sure that address has 0p so that it will
-+ * sanitized.
-+ *
-+ * Revision 1.86 2005/04/08 18:28:36 mcr
-+ * some minor #ifdef simplification in pursuit of a possible bug.
-+ *
-+ * Revision 1.85 2004/12/03 21:25:57 mcr
-+ * compile time fixes for running on 2.6.
-+ * still experimental.
-+ *
-+ * Revision 1.84 2004/08/17 03:27:23 mcr
-+ * klips 2.6 edits.
-+ *
-+ * Revision 1.83 2004/08/04 15:57:07 mcr
-+ * moved des .h files to include/des/ *
-+ * included 2.6 protocol specific things
-+ * started at NAT-T support, but it will require a kernel patch.
-+ *
-+ * Revision 1.82 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.81 2004/04/25 21:23:11 ken
-+ * Pull in dhr's changes from FreeS/WAN 2.06
-+ *
-+ * Revision 1.80 2004/04/06 02:49:26 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.79.4.1 2003/12/22 15:25:52 jjo
-+ * . Merged algo-0.8.1-rc11-test1 into alg-branch
-+ *
-+ * Revision 1.79 2003/10/31 02:27:55 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.78.4.1 2003/10/29 01:30:41 mcr
-+ * elimited "struct sa_id".
-+ *
-+ * Revision 1.78 2003/04/03 17:38:09 rgb
-+ * Centralised ipsec_kfree_skb and ipsec_dev_{get,put}.
-+ *
-+ * Revision 1.77 2002/10/17 16:49:36 mcr
-+ * sock->ops should reference the unwrapped options so that
-+ * we get hacked in locking on SMP systems.
-+ *
-+ * Revision 1.76 2002/10/12 23:11:53 dhr
-+ *
-+ * [KenB + DHR] more 64-bit cleanup
-+ *
-+ * Revision 1.75 2002/09/20 05:01:57 rgb
-+ * Added memory allocation debugging.
-+ *
-+ * Revision 1.74 2002/09/19 02:42:50 mcr
-+ * do not define the pfkey_ops function for now.
-+ *
-+ * Revision 1.73 2002/09/17 17:29:23 mcr
-+ * #if 0 out some dead code - pfkey_ops is never used as written.
-+ *
-+ * Revision 1.72 2002/07/24 18:44:54 rgb
-+ * Type fiddling to tame ia64 compiler.
-+ *
-+ * Revision 1.71 2002/05/23 07:14:11 rgb
-+ * Cleaned up %p variants to 0p%p for test suite cleanup.
-+ *
-+ * Revision 1.70 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.69 2002/04/24 07:36:33 mcr
-+ * Moved from ./klips/net/ipsec/pfkey_v2.c,v
-+ *
-+ * Revision 1.68 2002/03/08 01:15:17 mcr
-+ * put some internal structure only debug messages behind
-+ * && sysctl_ipsec_debug_verbose.
-+ *
-+ * Revision 1.67 2002/01/29 17:17:57 mcr
-+ * moved include of ipsec_param.h to after include of linux/kernel.h
-+ * otherwise, it seems that some option that is set in ipsec_param.h
-+ * screws up something subtle in the include path to kernel.h, and
-+ * it complains on the snprintf() prototype.
-+ *
-+ * Revision 1.66 2002/01/29 04:00:54 mcr
-+ * more excise of kversions.h header.
-+ *
-+ * Revision 1.65 2002/01/29 02:13:18 mcr
-+ * introduction of ipsec_kversion.h means that include of
-+ * ipsec_param.h must preceed any decisions about what files to
-+ * include to deal with differences in kernel source.
-+ *
-+ * Revision 1.64 2001/11/26 09:23:51 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.61.2.1 2001/09/25 02:28:44 mcr
-+ * cleaned up includes.
-+ *
-+ * Revision 1.63 2001/11/12 19:38:00 rgb
-+ * Continue trying other sockets even if one fails and return only original
-+ * error.
-+ *
-+ * Revision 1.62 2001/10/18 04:45:22 rgb
-+ * 2.4.9 kernel deprecates linux/malloc.h in favour of linux/slab.h,
-+ * lib/freeswan.h version macros moved to lib/kversions.h.
-+ * Other compiler directive cleanups.
-+ *
-+ * Revision 1.61 2001/09/20 15:32:59 rgb
-+ * Min/max cleanup.
-+ *
-+ * Revision 1.60 2001/06/14 19:35:12 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.59 2001/06/13 15:35:48 rgb
-+ * Fixed #endif comments.
-+ *
-+ * Revision 1.58 2001/05/04 16:37:24 rgb
-+ * Remove erroneous checking of return codes for proc_net_* in 2.4.
-+ *
-+ * Revision 1.57 2001/05/03 19:43:36 rgb
-+ * Initialise error return variable.
-+ * Check error return codes in startup and shutdown.
-+ * Standardise on SENDERR() macro.
-+ *
-+ * Revision 1.56 2001/04/21 23:05:07 rgb
-+ * Define out skb->used for 2.4 kernels.
-+ *
-+ * Revision 1.55 2001/02/28 05:03:28 rgb
-+ * Clean up and rationalise startup messages.
-+ *
-+ * Revision 1.54 2001/02/27 22:24:55 rgb
-+ * Re-formatting debug output (line-splitting, joining, 1arg/line).
-+ * Check for satoa() return codes.
-+ *
-+ * Revision 1.53 2001/02/27 06:48:18 rgb
-+ * Fixed pfkey socket unregister log message to reflect type and function.
-+ *
-+ * Revision 1.52 2001/02/26 22:34:38 rgb
-+ * Fix error return code that was getting overwritten by the error return
-+ * code of an upmsg.
-+ *
-+ * Revision 1.51 2001/01/30 23:42:47 rgb
-+ * Allow pfkey msgs from pid other than user context required for ACQUIRE
-+ * and subsequent ADD or UDATE.
-+ *
-+ * Revision 1.50 2001/01/23 20:22:59 rgb
-+ * 2.4 fix to remove removed is_clone member.
-+ *
-+ * Revision 1.49 2000/11/06 04:33:47 rgb
-+ * Changed non-exported functions to DEBUG_NO_STATIC.
-+ *
-+ * Revision 1.48 2000/09/29 19:47:41 rgb
-+ * Update copyright.
-+ *
-+ * Revision 1.47 2000/09/22 04:23:04 rgb
-+ * Added more debugging to pfkey_upmsg() call from pfkey_sendmsg() error.
-+ *
-+ * Revision 1.46 2000/09/21 04:20:44 rgb
-+ * Fixed array size off-by-one error. (Thanks Svenning!)
-+ *
-+ * Revision 1.45 2000/09/20 04:01:26 rgb
-+ * Changed static functions to DEBUG_NO_STATIC for revealing function names
-+ * in oopsen.
-+ *
-+ * Revision 1.44 2000/09/19 00:33:17 rgb
-+ * 2.0 fixes.
-+ *
-+ * Revision 1.43 2000/09/16 01:28:13 rgb
-+ * Fixed use of 0 in p format warning.
-+ *
-+ * Revision 1.42 2000/09/16 01:09:41 rgb
-+ * Fixed debug format warning for pointers that was expecting ints.
-+ *
-+ * Revision 1.41 2000/09/13 15:54:00 rgb
-+ * Rewrote pfkey_get_info(), added pfkey_{supported,registered}_get_info().
-+ * Moved supported algos add and remove to functions.
-+ *
-+ * Revision 1.40 2000/09/12 18:49:28 rgb
-+ * Added IPIP tunnel and IPCOMP register support.
-+ *
-+ * Revision 1.39 2000/09/12 03:23:49 rgb
-+ * Converted #if0 debugs to sysctl.
-+ * Removed debug_pfkey initialisations that prevented no_debug loading or
-+ * linking.
-+ *
-+ * Revision 1.38 2000/09/09 06:38:02 rgb
-+ * Return positive errno in pfkey_reply error message.
-+ *
-+ * Revision 1.37 2000/09/08 19:19:09 rgb
-+ * Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
-+ * Clean-up of long-unused crud...
-+ * Create pfkey error message on on failure.
-+ * Give pfkey_list_{insert,remove}_{socket,supported}() some error
-+ * checking.
-+ *
-+ * Revision 1.36 2000/09/01 18:49:38 rgb
-+ * Reap experimental NET_21_ bits.
-+ * Turned registered sockets list into an array of one list per satype.
-+ * Remove references to deprecated sklist_{insert,remove}_socket.
-+ * Removed leaking socket debugging code.
-+ * Removed duplicate pfkey_insert_socket in pfkey_create.
-+ * Removed all references to pfkey msg->msg_name, since it is not used for
-+ * pfkey.
-+ * Added a supported algorithms array lists, one per satype and registered
-+ * existing algorithms.
-+ * Fixed pfkey_list_{insert,remove}_{socket,support}() to allow change to
-+ * list.
-+ * Only send pfkey_expire() messages to sockets registered for that satype.
-+ *
-+ * Revision 1.35 2000/08/24 17:03:00 rgb
-+ * Corrected message size error return code for PF_KEYv2.
-+ * Removed downward error prohibition.
-+ *
-+ * Revision 1.34 2000/08/21 16:32:26 rgb
-+ * Re-formatted for cosmetic consistency and readability.
-+ *
-+ * Revision 1.33 2000/08/20 21:38:24 rgb
-+ * Added a pfkey_reply parameter to pfkey_msg_interp(). (Momchil)
-+ * Extended the upward message initiation of pfkey_sendmsg(). (Momchil)
-+ *
-+ * Revision 1.32 2000/07/28 14:58:31 rgb
-+ * Changed kfree_s to kfree, eliminating extra arg to fix 2.4.0-test5.
-+ *
-+ * Revision 1.31 2000/05/16 03:04:00 rgb
-+ * Updates for 2.3.99pre8 from MB.
-+ *
-+ * Revision 1.30 2000/05/10 19:22:21 rgb
-+ * Use sklist private functions for 2.3.xx compatibility.
-+ *
-+ * Revision 1.29 2000/03/22 16:17:03 rgb
-+ * Fixed SOCKOPS_WRAPPED macro for SMP (MB).
-+ *
-+ * Revision 1.28 2000/02/21 19:30:45 rgb
-+ * Removed references to pkt_bridged for 2.3.47 compatibility.
-+ *
-+ * Revision 1.27 2000/02/14 21:07:00 rgb
-+ * Fixed /proc/net/pf-key legend spacing.
-+ *
-+ * Revision 1.26 2000/01/22 03:46:59 rgb
-+ * Fixed pfkey error return mechanism so that we are able to free the
-+ * local copy of the pfkey_msg, plugging a memory leak and silencing
-+ * the bad object free complaints.
-+ *
-+ * Revision 1.25 2000/01/21 06:19:44 rgb
-+ * Moved pfkey_list_remove_socket() calls to before MOD_USE_DEC_COUNT.
-+ * Added debugging to pfkey_upmsg.
-+ *
-+ * Revision 1.24 2000/01/10 16:38:23 rgb
-+ * MB fixups for 2.3.x.
-+ *
-+ * Revision 1.23 1999/12/09 23:22:16 rgb
-+ * Added more instrumentation for debugging 2.0 socket
-+ * selection/reading.
-+ * Removed erroneous 2.0 wait==NULL check bug in select.
-+ *
-+ * Revision 1.22 1999/12/08 20:32:16 rgb
-+ * Tidied up 2.0.xx support, after major pfkey work, eliminating
-+ * msg->msg_name twiddling in the process, since it is not defined
-+ * for PF_KEYv2.
-+ *
-+ * Revision 1.21 1999/12/01 22:17:19 rgb
-+ * Set skb->dev to zero on new skb in case it is a reused skb.
-+ * Added check for skb_put overflow and freeing to avoid upmsg on error.
-+ * Added check for wrong pfkey version and freeing to avoid upmsg on
-+ * error.
-+ * Shut off content dumping in pfkey_destroy.
-+ * Added debugging message for size of buffer allocated for upmsg.
-+ *
-+ * Revision 1.20 1999/11/27 12:11:00 rgb
-+ * Minor clean-up, enabling quiet operation of pfkey if desired.
-+ *
-+ * Revision 1.19 1999/11/25 19:04:21 rgb
-+ * Update proc_fs code for pfkey to use dynamic registration.
-+ *
-+ * Revision 1.18 1999/11/25 09:07:17 rgb
-+ * Implemented SENDERR macro for propagating error codes.
-+ * Fixed error return code bug.
-+ *
-+ * Revision 1.17 1999/11/23 23:07:20 rgb
-+ * Change name of pfkey_msg_parser to pfkey_msg_interp since it no longer
-+ * parses. (PJO)
-+ * Sort out pfkey and freeswan headers, putting them in a library path.
-+ *
-+ * Revision 1.16 1999/11/20 22:00:22 rgb
-+ * Moved socketlist type declarations and prototypes for shared use.
-+ * Renamed reformatted and generically extended for use by other socket
-+ * lists pfkey_{del,add}_open_socket to pfkey_list_{remove,insert}_socket.
-+ *
-+ * Revision 1.15 1999/11/18 04:15:09 rgb
-+ * Make pfkey_data_ready temporarily available for 2.2.x testing.
-+ * Clean up pfkey_destroy_socket() debugging statements.
-+ * Add Peter Onion's code to send messages up to all listening sockets.
-+ * Changed all occurrences of #include "../../../lib/freeswan.h"
-+ * to #include <freeswan.h> which works due to -Ilibfreeswan in the
-+ * klips/net/ipsec/Makefile.
-+ * Replaced all kernel version macros to shorter, readable form.
-+ * Added CONFIG_PROC_FS compiler directives in case it is shut off.
-+ *
-+ * Revision 1.14 1999/11/17 16:01:00 rgb
-+ * Make pfkey_data_ready temporarily available for 2.2.x testing.
-+ * Clean up pfkey_destroy_socket() debugging statements.
-+ * Add Peter Onion's code to send messages up to all listening sockets.
-+ * Changed #include "../../../lib/freeswan.h" to #include <freeswan.h>
-+ * which works due to -Ilibfreeswan in the klips/net/ipsec/Makefile.
-+ *
-+ * Revision 1.13 1999/10/27 19:59:51 rgb
-+ * Removed af_unix comments that are no longer relevant.
-+ * Added debug prink statements.
-+ * Added to the /proc output in pfkey_get_info.
-+ * Made most functions non-static to enable oops tracing.
-+ * Re-enable skb dequeueing and freeing.
-+ * Fix skb_alloc() and skb_put() size bug in pfkey_upmsg().
-+ *
-+ * Revision 1.12 1999/10/26 17:05:42 rgb
-+ * Complete re-ordering based on proto_ops structure order.
-+ * Separated out proto_ops structures for 2.0.x and 2.2.x for clarity.
-+ * Simplification to use built-in socket ops where possible for 2.2.x.
-+ * Add shorter macros for compiler directives to visually clean-up.
-+ * Add lots of sk skb dequeueing debugging statements.
-+ * Added to the /proc output in pfkey_get_info.
-+ *
-+ * Revision 1.11 1999/09/30 02:55:10 rgb
-+ * Bogus skb detection.
-+ * Fix incorrect /proc/net/ipsec-eroute printk message.
-+ *
-+ * Revision 1.10 1999/09/21 15:22:13 rgb
-+ * Temporary fix while I figure out the right way to destroy sockets.
-+ *
-+ * Revision 1.9 1999/07/08 19:19:44 rgb
-+ * Fix pointer format warning.
-+ * Fix missing member error under 2.0.xx kernels.
-+ *
-+ * Revision 1.8 1999/06/13 07:24:04 rgb
-+ * Add more debugging.
-+ *
-+ * Revision 1.7 1999/06/10 05:24:17 rgb
-+ * Clarified compiler directives.
-+ * Renamed variables to reduce confusion.
-+ * Used sklist_*_socket() kernel functions to simplify 2.2.x socket support.
-+ * Added lots of sanity checking.
-+ *
-+ * Revision 1.6 1999/06/03 18:59:50 rgb
-+ * More updates to 2.2.x socket support. Almost works, oops at end of call.
-+ *
-+ * Revision 1.5 1999/05/25 22:44:05 rgb
-+ * Start fixing 2.2 sockets.
-+ *
-+ * Revision 1.4 1999/04/29 15:21:34 rgb
-+ * Move log to the end of the file.
-+ * Eliminate min/max redefinition in #include <net/tcp.h>.
-+ * Correct path for pfkey #includes
-+ * Standardise an error return method.
-+ * Add debugging instrumentation.
-+ * Move message type checking to pfkey_msg_parse().
-+ * Add check for errno incorrectly set.
-+ * Add check for valid PID.
-+ * Add check for reserved illegally set.
-+ * Add check for message out of bounds.
-+ *
-+ * Revision 1.3 1999/04/15 17:58:07 rgb
-+ * Add RCSID labels.
-+ *
-+ * Revision 1.2 1999/04/15 15:37:26 rgb
-+ * Forward check changes from POST1_00 branch.
-+ *
-+ * Revision 1.1.2.2 1999/04/13 20:37:12 rgb
-+ * Header Title correction.
-+ *
-+ * Revision 1.1.2.1 1999/03/26 20:58:55 rgb
-+ * Add pfkeyv2 support to KLIPS.
-+ *
-+ *
-+ * RFC 2367
-+ * PF_KEY_v2 Key Management API
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/pfkey_v2_build.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,1581 @@
-+/*
-+ * RFC2367 PF_KEYv2 Key management API message parser
-+ * Copyright (C) 1999, 2000, 2001 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: pfkey_v2_build.c,v 1.51.8.1 2006-05-01 14:36:39 mcr Exp $
-+ */
-+
-+/*
-+ * Template from klips/net/ipsec/ipsec/ipsec_parser.c.
-+ */
-+
-+char pfkey_v2_build_c_version[] = "$Id: pfkey_v2_build.c,v 1.51.8.1 2006-05-01 14:36:39 mcr Exp $";
-+
-+/*
-+ * Some ugly stuff to allow consistent debugging code for use in the
-+ * kernel and in user space
-+*/
-+
-+#ifdef __KERNEL__
-+
-+# include <linux/kernel.h> /* for printk */
-+
-+# include "openswan/ipsec_kversion.h" /* for malloc switch */
-+# ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+# else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+# endif /* MALLOC_SLAB */
-+# include <linux/errno.h> /* error codes */
-+# include <linux/types.h> /* size_t */
-+# include <linux/interrupt.h> /* mark_bh */
-+
-+# include <linux/netdevice.h> /* struct device, and other headers */
-+# include <linux/etherdevice.h> /* eth_type_trans */
-+# include <linux/ip.h> /* struct iphdr */
-+# if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
-+# include <linux/ipv6.h> /* struct ipv6hdr */
-+# endif /* if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) */
-+
-+# define MALLOC(size) kmalloc(size, GFP_ATOMIC)
-+# define FREE(obj) kfree(obj)
-+# include <openswan.h>
-+#else /* __KERNEL__ */
-+
-+# include <sys/types.h>
-+# include <linux/types.h>
-+# include <linux/errno.h>
-+# include <malloc.h>
-+# include <string.h> /* memset */
-+
-+# include <openswan.h>
-+
-+#endif /* __KERNEL__ */
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+#ifdef __KERNEL__
-+#include "openswan/radij.h" /* rd_nodes */
-+#include "openswan/ipsec_encap.h" /* sockaddr_encap */
-+#endif /* __KERNEL__ */
-+
-+
-+#include "openswan/ipsec_sa.h" /* IPSEC_SAREF_NULL, IPSEC_SA_REF_TABLE_IDX_WIDTH */
-+#include "openswan/pfkey_debug.h"
-+
-+
-+#define SENDERR(_x) do { error = -(_x); goto errlab; } while (0)
-+
-+void
-+pfkey_extensions_init(struct sadb_ext *extensions[SADB_EXT_MAX + 1])
-+{
-+ int i;
-+
-+ for (i = 0; i != SADB_EXT_MAX + 1; i++) {
-+ extensions[i] = NULL;
-+ }
-+}
-+
-+void
-+pfkey_extensions_free(struct sadb_ext *extensions[SADB_EXT_MAX + 1])
-+{
-+ int i;
-+
-+ if(!extensions) {
-+ return;
-+ }
-+
-+ if(extensions[0]) {
-+ memset(extensions[0], 0, sizeof(struct sadb_msg));
-+ FREE(extensions[0]);
-+ extensions[0] = NULL;
-+ }
-+
-+ for (i = 1; i != SADB_EXT_MAX + 1; i++) {
-+ if(extensions[i]) {
-+ memset(extensions[i], 0, extensions[i]->sadb_ext_len * IPSEC_PFKEYv2_ALIGN);
-+ FREE(extensions[i]);
-+ extensions[i] = NULL;
-+ }
-+ }
-+}
-+
-+void
-+pfkey_msg_free(struct sadb_msg **pfkey_msg)
-+{
-+ if(*pfkey_msg) {
-+ memset(*pfkey_msg, 0, (*pfkey_msg)->sadb_msg_len * IPSEC_PFKEYv2_ALIGN);
-+ FREE(*pfkey_msg);
-+ *pfkey_msg = NULL;
-+ }
-+}
-+
-+/* Default extension builders taken from the KLIPS code */
-+
-+int
-+pfkey_msg_hdr_build(struct sadb_ext** pfkey_ext,
-+ uint8_t msg_type,
-+ uint8_t satype,
-+ uint8_t msg_errno,
-+ uint32_t seq,
-+ uint32_t pid)
-+{
-+ int error = 0;
-+ struct sadb_msg *pfkey_msg = (struct sadb_msg *)*pfkey_ext;
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_msg_hdr_build:\n");
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_msg_hdr_build: "
-+ "on_entry &pfkey_ext=0p%p pfkey_ext=0p%p *pfkey_ext=0p%p.\n",
-+ &pfkey_ext,
-+ pfkey_ext,
-+ *pfkey_ext);
-+ /* sanity checks... */
-+ if(pfkey_msg) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_msg_hdr_build: "
-+ "why is pfkey_msg already pointing to something?\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(!msg_type) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_msg_hdr_build: "
-+ "msg type not set, must be non-zero..\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(msg_type > SADB_MAX) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_msg_hdr_build: "
-+ "msg type too large:%d.\n",
-+ msg_type);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(satype > SADB_SATYPE_MAX) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_msg_hdr_build: "
-+ "satype %d > max %d\n",
-+ satype, SADB_SATYPE_MAX);
-+ SENDERR(EINVAL);
-+ }
-+
-+ pfkey_msg = (struct sadb_msg*)MALLOC(sizeof(struct sadb_msg));
-+ *pfkey_ext = (struct sadb_ext*)pfkey_msg;
-+
-+ if(pfkey_msg == NULL) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_msg_hdr_build: "
-+ "memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+ memset(pfkey_msg, 0, sizeof(struct sadb_msg));
-+
-+ pfkey_msg->sadb_msg_len = sizeof(struct sadb_msg) / IPSEC_PFKEYv2_ALIGN;
-+
-+ pfkey_msg->sadb_msg_type = msg_type;
-+ pfkey_msg->sadb_msg_satype = satype;
-+
-+ pfkey_msg->sadb_msg_version = PF_KEY_V2;
-+ pfkey_msg->sadb_msg_errno = msg_errno;
-+ pfkey_msg->sadb_msg_reserved = 0;
-+ pfkey_msg->sadb_msg_seq = seq;
-+ pfkey_msg->sadb_msg_pid = pid;
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_msg_hdr_build: "
-+ "on_exit &pfkey_ext=0p%p pfkey_ext=0p%p *pfkey_ext=0p%p.\n",
-+ &pfkey_ext,
-+ pfkey_ext,
-+ *pfkey_ext);
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_sa_ref_build(struct sadb_ext ** pfkey_ext,
-+ uint16_t exttype,
-+ uint32_t spi,
-+ uint8_t replay_window,
-+ uint8_t sa_state,
-+ uint8_t auth,
-+ uint8_t encrypt,
-+ uint32_t flags,
-+ uint32_t/*IPsecSAref_t*/ ref)
-+{
-+ int error = 0;
-+ struct sadb_sa *pfkey_sa = (struct sadb_sa *)*pfkey_ext;
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_sa_build: "
-+ "spi=%08x replay=%d sa_state=%d auth=%d encrypt=%d flags=%d\n",
-+ ntohl(spi), /* in network order */
-+ replay_window,
-+ sa_state,
-+ auth,
-+ encrypt,
-+ flags);
-+ /* sanity checks... */
-+ if(pfkey_sa) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_sa_build: "
-+ "why is pfkey_sa already pointing to something?\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(exttype != SADB_EXT_SA &&
-+ exttype != SADB_X_EXT_SA2) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_sa_build: "
-+ "invalid exttype=%d.\n",
-+ exttype);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(replay_window > 64) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_sa_build: "
-+ "replay window size: %d -- must be 0 <= size <= 64\n",
-+ replay_window);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(auth > SADB_AALG_MAX) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_sa_build: "
-+ "auth=%d > SADB_AALG_MAX=%d.\n",
-+ auth,
-+ SADB_AALG_MAX);
-+ SENDERR(EINVAL);
-+ }
-+
-+#if SADB_EALG_MAX < 255
-+ if(encrypt > SADB_EALG_MAX) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_sa_build: "
-+ "encrypt=%d > SADB_EALG_MAX=%d.\n",
-+ encrypt,
-+ SADB_EALG_MAX);
-+ SENDERR(EINVAL);
-+ }
-+#endif
-+
-+ if(sa_state > SADB_SASTATE_MAX) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_sa_build: "
-+ "sa_state=%d exceeds MAX=%d.\n",
-+ sa_state,
-+ SADB_SASTATE_MAX);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(sa_state == SADB_SASTATE_DEAD) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_sa_build: "
-+ "sa_state=%d is DEAD=%d is not allowed.\n",
-+ sa_state,
-+ SADB_SASTATE_DEAD);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if((IPSEC_SAREF_NULL != ref) && (ref >= (1 << IPSEC_SA_REF_TABLE_IDX_WIDTH))) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_sa_build: "
-+ "SAref=%d must be (SAref == IPSEC_SAREF_NULL(%d) || SAref < IPSEC_SA_REF_TABLE_NUM_ENTRIES(%d)).\n",
-+ ref,
-+ IPSEC_SAREF_NULL,
-+ IPSEC_SA_REF_TABLE_NUM_ENTRIES);
-+ SENDERR(EINVAL);
-+ }
-+
-+ pfkey_sa = (struct sadb_sa*)MALLOC(sizeof(struct sadb_sa));
-+ *pfkey_ext = (struct sadb_ext*)pfkey_sa;
-+
-+ if(pfkey_sa == NULL) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_sa_build: "
-+ "memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+ memset(pfkey_sa, 0, sizeof(struct sadb_sa));
-+
-+ pfkey_sa->sadb_sa_len = sizeof(*pfkey_sa) / IPSEC_PFKEYv2_ALIGN;
-+ pfkey_sa->sadb_sa_exttype = exttype;
-+ pfkey_sa->sadb_sa_spi = spi;
-+ pfkey_sa->sadb_sa_replay = replay_window;
-+ pfkey_sa->sadb_sa_state = sa_state;
-+ pfkey_sa->sadb_sa_auth = auth;
-+ pfkey_sa->sadb_sa_encrypt = encrypt;
-+ pfkey_sa->sadb_sa_flags = flags;
-+ pfkey_sa->sadb_x_sa_ref = ref;
-+
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_sa_build(struct sadb_ext ** pfkey_ext,
-+ uint16_t exttype,
-+ uint32_t spi,
-+ uint8_t replay_window,
-+ uint8_t sa_state,
-+ uint8_t auth,
-+ uint8_t encrypt,
-+ uint32_t flags)
-+{
-+ return pfkey_sa_ref_build(pfkey_ext,
-+ exttype,
-+ spi,
-+ replay_window,
-+ sa_state,
-+ auth,
-+ encrypt,
-+ flags,
-+ IPSEC_SAREF_NULL);
-+}
-+
-+int
-+pfkey_lifetime_build(struct sadb_ext ** pfkey_ext,
-+ uint16_t exttype,
-+ uint32_t allocations,
-+ uint64_t bytes,
-+ uint64_t addtime,
-+ uint64_t usetime,
-+ uint32_t packets)
-+{
-+ int error = 0;
-+ struct sadb_lifetime *pfkey_lifetime = (struct sadb_lifetime *)*pfkey_ext;
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_lifetime_build:\n");
-+ /* sanity checks... */
-+ if(pfkey_lifetime) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_lifetime_build: "
-+ "why is pfkey_lifetime already pointing to something?\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(exttype != SADB_EXT_LIFETIME_CURRENT &&
-+ exttype != SADB_EXT_LIFETIME_HARD &&
-+ exttype != SADB_EXT_LIFETIME_SOFT) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_lifetime_build: "
-+ "invalid exttype=%d.\n",
-+ exttype);
-+ SENDERR(EINVAL);
-+ }
-+
-+ pfkey_lifetime = (struct sadb_lifetime*)MALLOC(sizeof(struct sadb_lifetime));
-+ *pfkey_ext = (struct sadb_ext*) pfkey_lifetime;
-+
-+ if(pfkey_lifetime == NULL) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_lifetime_build: "
-+ "memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+ memset(pfkey_lifetime, 0, sizeof(struct sadb_lifetime));
-+
-+ pfkey_lifetime->sadb_lifetime_len = sizeof(struct sadb_lifetime) / IPSEC_PFKEYv2_ALIGN;
-+ pfkey_lifetime->sadb_lifetime_exttype = exttype;
-+ pfkey_lifetime->sadb_lifetime_allocations = allocations;
-+ pfkey_lifetime->sadb_lifetime_bytes = bytes;
-+ pfkey_lifetime->sadb_lifetime_addtime = addtime;
-+ pfkey_lifetime->sadb_lifetime_usetime = usetime;
-+ pfkey_lifetime->sadb_x_lifetime_packets = packets;
-+
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_address_build(struct sadb_ext** pfkey_ext,
-+ uint16_t exttype,
-+ uint8_t proto,
-+ uint8_t prefixlen,
-+ struct sockaddr* address)
-+{
-+ int error = 0;
-+ int saddr_len = 0;
-+ char ipaddr_txt[ADDRTOT_BUF + 6/*extra for port number*/];
-+ struct sadb_address *pfkey_address = (struct sadb_address *)*pfkey_ext;
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_address_build: "
-+ "exttype=%d proto=%d prefixlen=%d\n",
-+ exttype,
-+ proto,
-+ prefixlen);
-+ /* sanity checks... */
-+ if(pfkey_address) {
-+ ERROR("pfkey_address_build: "
-+ "why is pfkey_address already pointing to something?\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if (!address) {
-+ ERROR("pfkey_address_build: " "address is NULL\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ switch(exttype) {
-+ case SADB_EXT_ADDRESS_SRC:
-+ case SADB_EXT_ADDRESS_DST:
-+ case SADB_EXT_ADDRESS_PROXY:
-+ case SADB_X_EXT_ADDRESS_DST2:
-+ case SADB_X_EXT_ADDRESS_SRC_FLOW:
-+ case SADB_X_EXT_ADDRESS_DST_FLOW:
-+ case SADB_X_EXT_ADDRESS_SRC_MASK:
-+ case SADB_X_EXT_ADDRESS_DST_MASK:
-+#ifdef NAT_TRAVERSAL
-+ case SADB_X_EXT_NAT_T_OA:
-+#endif
-+ break;
-+ default:
-+ ERROR("pfkey_address_build: "
-+ "unrecognised ext_type=%d.\n",
-+ exttype);
-+ SENDERR(EINVAL);
-+ }
-+
-+ switch(address->sa_family) {
-+ case AF_INET:
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_address_build: "
-+ "found address family AF_INET.\n");
-+ saddr_len = sizeof(struct sockaddr_in);
-+ sprintf(ipaddr_txt, "%d.%d.%d.%d:%d"
-+ , (((struct sockaddr_in*)address)->sin_addr.s_addr >> 0) & 0xFF
-+ , (((struct sockaddr_in*)address)->sin_addr.s_addr >> 8) & 0xFF
-+ , (((struct sockaddr_in*)address)->sin_addr.s_addr >> 16) & 0xFF
-+ , (((struct sockaddr_in*)address)->sin_addr.s_addr >> 24) & 0xFF
-+ , ntohs(((struct sockaddr_in*)address)->sin_port));
-+ break;
-+ case AF_INET6:
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_address_build: "
-+ "found address family AF_INET6.\n");
-+ saddr_len = sizeof(struct sockaddr_in6);
-+ sprintf(ipaddr_txt, "%x:%x:%x:%x:%x:%x:%x:%x-%x"
-+ , ntohs(((struct sockaddr_in6*)address)->sin6_addr.s6_addr16[0])
-+ , ntohs(((struct sockaddr_in6*)address)->sin6_addr.s6_addr16[1])
-+ , ntohs(((struct sockaddr_in6*)address)->sin6_addr.s6_addr16[2])
-+ , ntohs(((struct sockaddr_in6*)address)->sin6_addr.s6_addr16[3])
-+ , ntohs(((struct sockaddr_in6*)address)->sin6_addr.s6_addr16[4])
-+ , ntohs(((struct sockaddr_in6*)address)->sin6_addr.s6_addr16[5])
-+ , ntohs(((struct sockaddr_in6*)address)->sin6_addr.s6_addr16[6])
-+ , ntohs(((struct sockaddr_in6*)address)->sin6_addr.s6_addr16[7])
-+ , ntohs(((struct sockaddr_in6*)address)->sin6_port));
-+ break;
-+ default:
-+ ERROR("pfkey_address_build: "
-+ "address->sa_family=%d not supported.\n",
-+ address->sa_family);
-+ SENDERR(EPFNOSUPPORT);
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_address_build: "
-+ "found address=%s.\n",
-+ ipaddr_txt);
-+ if(prefixlen != 0) {
-+ ERROR("pfkey_address_build: "
-+ "address prefixes not supported yet.\n");
-+ SENDERR(EAFNOSUPPORT); /* not supported yet */
-+ }
-+
-+ /* allocate some memory for the extension */
-+ pfkey_address = (struct sadb_address*)
-+ MALLOC(ALIGN_N(sizeof(struct sadb_address) + saddr_len, IPSEC_PFKEYv2_ALIGN));
-+ *pfkey_ext = (struct sadb_ext*)pfkey_address;
-+
-+ if(pfkey_address == NULL ) {
-+ ERROR("pfkey_lifetime_build: "
-+ "memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+ memset(pfkey_address,
-+ 0,
-+ ALIGN_N(sizeof(struct sadb_address) + saddr_len,
-+ IPSEC_PFKEYv2_ALIGN));
-+
-+ pfkey_address->sadb_address_len = DIVUP(sizeof(struct sadb_address) + saddr_len,
-+ IPSEC_PFKEYv2_ALIGN);
-+
-+ pfkey_address->sadb_address_exttype = exttype;
-+ pfkey_address->sadb_address_proto = proto;
-+ pfkey_address->sadb_address_prefixlen = prefixlen;
-+ pfkey_address->sadb_address_reserved = 0;
-+
-+ memcpy((char*)pfkey_address + sizeof(struct sadb_address),
-+ address,
-+ saddr_len);
-+
-+#if 0
-+ for(i = 0; i < sizeof(struct sockaddr_in) - offsetof(struct sockaddr_in, sin_zero); i++) {
-+ pfkey_address_s_ska.sin_zero[i] = 0;
-+ }
-+#endif
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_address_build: "
-+ "successful created len: %d.\n", pfkey_address->sadb_address_len);
-+
-+ errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_key_build(struct sadb_ext** pfkey_ext,
-+ uint16_t exttype,
-+ uint16_t key_bits,
-+ char* key)
-+{
-+ int error = 0;
-+ struct sadb_key *pfkey_key = (struct sadb_key *)*pfkey_ext;
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_key_build:\n");
-+ /* sanity checks... */
-+ if(pfkey_key) {
-+ ERROR("pfkey_key_build: "
-+ "why is pfkey_key already pointing to something?\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(!key_bits) {
-+ ERROR("pfkey_key_build: "
-+ "key_bits is zero, it must be non-zero.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if( !((exttype == SADB_EXT_KEY_AUTH) || (exttype == SADB_EXT_KEY_ENCRYPT))) {
-+ ERROR("pfkey_key_build: "
-+ "unsupported extension type=%d.\n",
-+ exttype);
-+ SENDERR(EINVAL);
-+ }
-+
-+ pfkey_key = (struct sadb_key*)
-+ MALLOC(sizeof(struct sadb_key) +
-+ DIVUP(key_bits, 64) * IPSEC_PFKEYv2_ALIGN);
-+
-+ *pfkey_ext = (struct sadb_ext*)pfkey_key;
-+
-+ if(pfkey_key == NULL) {
-+ ERROR("pfkey_key_build: "
-+ "memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+ memset(pfkey_key,
-+ 0,
-+ sizeof(struct sadb_key) +
-+ DIVUP(key_bits, 64) * IPSEC_PFKEYv2_ALIGN);
-+
-+ pfkey_key->sadb_key_len = DIVUP(sizeof(struct sadb_key) * IPSEC_PFKEYv2_ALIGN + key_bits,
-+ 64);
-+ pfkey_key->sadb_key_exttype = exttype;
-+ pfkey_key->sadb_key_bits = key_bits;
-+ pfkey_key->sadb_key_reserved = 0;
-+ memcpy((char*)pfkey_key + sizeof(struct sadb_key),
-+ key,
-+ DIVUP(key_bits, 8));
-+
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_ident_build(struct sadb_ext** pfkey_ext,
-+ uint16_t exttype,
-+ uint16_t ident_type,
-+ uint64_t ident_id,
-+ uint8_t ident_len,
-+ char* ident_string)
-+{
-+ int error = 0;
-+ struct sadb_ident *pfkey_ident = (struct sadb_ident *)*pfkey_ext;
-+ int data_len = ident_len * IPSEC_PFKEYv2_ALIGN - sizeof(struct sadb_ident);
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_ident_build:\n");
-+ /* sanity checks... */
-+ if(pfkey_ident) {
-+ ERROR("pfkey_ident_build: "
-+ "why is pfkey_ident already pointing to something?\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if( ! ((exttype == SADB_EXT_IDENTITY_SRC) ||
-+ (exttype == SADB_EXT_IDENTITY_DST))) {
-+ ERROR("pfkey_ident_build: "
-+ "unsupported extension type=%d.\n",
-+ exttype);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if((ident_type == SADB_IDENTTYPE_RESERVED)) {
-+ ERROR("pfkey_ident_build: "
-+ "ident_type must be non-zero.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(ident_type > SADB_IDENTTYPE_MAX) {
-+ ERROR("pfkey_ident_build: "
-+ "identtype=%d out of range.\n",
-+ ident_type);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(((ident_type == SADB_IDENTTYPE_PREFIX) ||
-+ (ident_type == SADB_IDENTTYPE_FQDN)) &&
-+ !ident_string) {
-+ ERROR("pfkey_ident_build: "
-+ "string required to allocate size of extension.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+#if 0
-+ if((ident_type == SADB_IDENTTYPE_USERFQDN) ) {
-+ }
-+#endif
-+
-+ pfkey_ident = (struct sadb_ident*)
-+ MALLOC(ident_len * IPSEC_PFKEYv2_ALIGN);
-+
-+ *pfkey_ext = (struct sadb_ext*)pfkey_ident;
-+
-+ if(pfkey_ident == NULL) {
-+ ERROR("pfkey_ident_build: "
-+ "memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+ memset(pfkey_ident, 0, ident_len * IPSEC_PFKEYv2_ALIGN);
-+
-+ pfkey_ident->sadb_ident_len = ident_len;
-+ pfkey_ident->sadb_ident_exttype = exttype;
-+ pfkey_ident->sadb_ident_type = ident_type;
-+ pfkey_ident->sadb_ident_reserved = 0;
-+ pfkey_ident->sadb_ident_id = ident_id;
-+ memcpy((char*)pfkey_ident + sizeof(struct sadb_ident),
-+ ident_string,
-+ data_len);
-+
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_sens_build(struct sadb_ext** pfkey_ext,
-+ uint32_t dpd,
-+ uint8_t sens_level,
-+ uint8_t sens_len,
-+ uint64_t* sens_bitmap,
-+ uint8_t integ_level,
-+ uint8_t integ_len,
-+ uint64_t* integ_bitmap)
-+{
-+ int error = 0;
-+ struct sadb_sens *pfkey_sens = (struct sadb_sens *)*pfkey_ext;
-+ int i;
-+ uint64_t* bitmap;
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_sens_build:\n");
-+ /* sanity checks... */
-+ if(pfkey_sens) {
-+ ERROR("pfkey_sens_build: "
-+ "why is pfkey_sens already pointing to something?\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_sens_build: "
-+ "Sorry, I can't build exttype=%d yet.\n",
-+ (*pfkey_ext)->sadb_ext_type);
-+ SENDERR(EINVAL); /* don't process these yet */
-+
-+ pfkey_sens = (struct sadb_sens*)
-+ MALLOC(sizeof(struct sadb_sens) +
-+ (sens_len + integ_len) * sizeof(uint64_t));
-+
-+ *pfkey_ext = (struct sadb_ext*)pfkey_sens;
-+
-+ if(pfkey_sens == NULL) {
-+ ERROR("pfkey_sens_build: "
-+ "memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+ memset(pfkey_sens,
-+ 0,
-+ sizeof(struct sadb_sens) +
-+ (sens_len + integ_len) * sizeof(uint64_t));
-+
-+ pfkey_sens->sadb_sens_len = (sizeof(struct sadb_sens) +
-+ (sens_len + integ_len) * sizeof(uint64_t)) / IPSEC_PFKEYv2_ALIGN;
-+ pfkey_sens->sadb_sens_exttype = SADB_EXT_SENSITIVITY;
-+ pfkey_sens->sadb_sens_dpd = dpd;
-+ pfkey_sens->sadb_sens_sens_level = sens_level;
-+ pfkey_sens->sadb_sens_sens_len = sens_len;
-+ pfkey_sens->sadb_sens_integ_level = integ_level;
-+ pfkey_sens->sadb_sens_integ_len = integ_len;
-+ pfkey_sens->sadb_sens_reserved = 0;
-+
-+ bitmap = (uint64_t*)((char*)pfkey_ext + sizeof(struct sadb_sens));
-+ for(i = 0; i < sens_len; i++) {
-+ *bitmap = sens_bitmap[i];
-+ bitmap++;
-+ }
-+ for(i = 0; i < integ_len; i++) {
-+ *bitmap = integ_bitmap[i];
-+ bitmap++;
-+ }
-+
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_prop_build(struct sadb_ext** pfkey_ext,
-+ uint8_t replay,
-+ unsigned int comb_num,
-+ struct sadb_comb* comb)
-+{
-+ int error = 0;
-+ int i;
-+ struct sadb_prop *pfkey_prop = (struct sadb_prop *)*pfkey_ext;
-+ struct sadb_comb *combp;
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_prop_build:\n");
-+ /* sanity checks... */
-+ if(pfkey_prop) {
-+ ERROR("pfkey_prop_build: "
-+ "why is pfkey_prop already pointing to something?\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ pfkey_prop = (struct sadb_prop*)
-+ MALLOC(sizeof(struct sadb_prop) +
-+ comb_num * sizeof(struct sadb_comb));
-+
-+ *pfkey_ext = (struct sadb_ext*)pfkey_prop;
-+
-+ if(pfkey_prop == NULL) {
-+ ERROR("pfkey_prop_build: "
-+ "memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+ memset(pfkey_prop,
-+ 0,
-+ sizeof(struct sadb_prop) +
-+ comb_num * sizeof(struct sadb_comb));
-+
-+ pfkey_prop->sadb_prop_len = (sizeof(struct sadb_prop) +
-+ comb_num * sizeof(struct sadb_comb)) / IPSEC_PFKEYv2_ALIGN;
-+
-+ pfkey_prop->sadb_prop_exttype = SADB_EXT_PROPOSAL;
-+ pfkey_prop->sadb_prop_replay = replay;
-+
-+ for(i=0; i<3; i++) {
-+ pfkey_prop->sadb_prop_reserved[i] = 0;
-+ }
-+
-+ combp = (struct sadb_comb*)((char*)*pfkey_ext + sizeof(struct sadb_prop));
-+ for(i = 0; i < comb_num; i++) {
-+ memcpy (combp, &(comb[i]), sizeof(struct sadb_comb));
-+ combp++;
-+ }
-+
-+#if 0
-+ uint8_t sadb_comb_auth;
-+ uint8_t sadb_comb_encrypt;
-+ uint16_t sadb_comb_flags;
-+ uint16_t sadb_comb_auth_minbits;
-+ uint16_t sadb_comb_auth_maxbits;
-+ uint16_t sadb_comb_encrypt_minbits;
-+ uint16_t sadb_comb_encrypt_maxbits;
-+ uint32_t sadb_comb_reserved;
-+ uint32_t sadb_comb_soft_allocations;
-+ uint32_t sadb_comb_hard_allocations;
-+ uint64_t sadb_comb_soft_bytes;
-+ uint64_t sadb_comb_hard_bytes;
-+ uint64_t sadb_comb_soft_addtime;
-+ uint64_t sadb_comb_hard_addtime;
-+ uint64_t sadb_comb_soft_usetime;
-+ uint64_t sadb_comb_hard_usetime;
-+ uint32_t sadb_comb_soft_packets;
-+ uint32_t sadb_comb_hard_packets;
-+#endif
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_supported_build(struct sadb_ext** pfkey_ext,
-+ uint16_t exttype,
-+ unsigned int alg_num,
-+ struct sadb_alg* alg)
-+{
-+ int error = 0;
-+ unsigned int i;
-+ struct sadb_supported *pfkey_supported = (struct sadb_supported *)*pfkey_ext;
-+ struct sadb_alg *pfkey_alg;
-+
-+ /* sanity checks... */
-+ if(pfkey_supported) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_supported_build: "
-+ "why is pfkey_supported already pointing to something?\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if( !((exttype == SADB_EXT_SUPPORTED_AUTH) || (exttype == SADB_EXT_SUPPORTED_ENCRYPT))) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_supported_build: "
-+ "unsupported extension type=%d.\n",
-+ exttype);
-+ SENDERR(EINVAL);
-+ }
-+
-+ pfkey_supported = (struct sadb_supported*)
-+ MALLOC(sizeof(struct sadb_supported) +
-+ alg_num *
-+ sizeof(struct sadb_alg));
-+
-+ *pfkey_ext = (struct sadb_ext*)pfkey_supported;
-+
-+ if(pfkey_supported == NULL) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_supported_build: "
-+ "memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+ memset(pfkey_supported,
-+ 0,
-+ sizeof(struct sadb_supported) +
-+ alg_num *
-+ sizeof(struct sadb_alg));
-+
-+ pfkey_supported->sadb_supported_len = (sizeof(struct sadb_supported) +
-+ alg_num *
-+ sizeof(struct sadb_alg)) /
-+ IPSEC_PFKEYv2_ALIGN;
-+ pfkey_supported->sadb_supported_exttype = exttype;
-+ pfkey_supported->sadb_supported_reserved = 0;
-+
-+ pfkey_alg = (struct sadb_alg*)((char*)pfkey_supported + sizeof(struct sadb_supported));
-+ for(i = 0; i < alg_num; i++) {
-+ memcpy (pfkey_alg, &(alg[i]), sizeof(struct sadb_alg));
-+ pfkey_alg->sadb_alg_reserved = 0;
-+ pfkey_alg++;
-+ }
-+
-+#if 0
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_supported_build: "
-+ "Sorry, I can't build exttype=%d yet.\n",
-+ (*pfkey_ext)->sadb_ext_type);
-+ SENDERR(EINVAL); /* don't process these yet */
-+
-+ uint8_t sadb_alg_id;
-+ uint8_t sadb_alg_ivlen;
-+ uint16_t sadb_alg_minbits;
-+ uint16_t sadb_alg_maxbits;
-+ uint16_t sadb_alg_reserved;
-+#endif
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_spirange_build(struct sadb_ext** pfkey_ext,
-+ uint16_t exttype,
-+ uint32_t min, /* in network order */
-+ uint32_t max) /* in network order */
-+{
-+ int error = 0;
-+ struct sadb_spirange *pfkey_spirange = (struct sadb_spirange *)*pfkey_ext;
-+
-+ /* sanity checks... */
-+ if(pfkey_spirange) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_spirange_build: "
-+ "why is pfkey_spirange already pointing to something?\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(ntohl(max) < ntohl(min)) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_spirange_build: "
-+ "minspi=%08x must be < maxspi=%08x.\n",
-+ ntohl(min),
-+ ntohl(max));
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(ntohl(min) <= 255) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_spirange_build: "
-+ "minspi=%08x must be > 255.\n",
-+ ntohl(min));
-+ SENDERR(EEXIST);
-+ }
-+
-+ pfkey_spirange = (struct sadb_spirange*)
-+ MALLOC(sizeof(struct sadb_spirange));
-+
-+ *pfkey_ext = (struct sadb_ext*)pfkey_spirange;
-+
-+ if(pfkey_spirange == NULL) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_spirange_build: "
-+ "memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+ memset(pfkey_spirange,
-+ 0,
-+ sizeof(struct sadb_spirange));
-+
-+ pfkey_spirange->sadb_spirange_len = sizeof(struct sadb_spirange) / IPSEC_PFKEYv2_ALIGN;
-+
-+ pfkey_spirange->sadb_spirange_exttype = SADB_EXT_SPIRANGE;
-+ pfkey_spirange->sadb_spirange_min = min;
-+ pfkey_spirange->sadb_spirange_max = max;
-+ pfkey_spirange->sadb_spirange_reserved = 0;
-+ errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_x_kmprivate_build(struct sadb_ext** pfkey_ext)
-+{
-+ int error = 0;
-+ struct sadb_x_kmprivate *pfkey_x_kmprivate = (struct sadb_x_kmprivate *)*pfkey_ext;
-+
-+ /* sanity checks... */
-+ if(pfkey_x_kmprivate) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_x_kmprivate_build: "
-+ "why is pfkey_x_kmprivate already pointing to something?\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ pfkey_x_kmprivate->sadb_x_kmprivate_reserved = 0;
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_x_kmprivate_build: "
-+ "Sorry, I can't build exttype=%d yet.\n",
-+ (*pfkey_ext)->sadb_ext_type);
-+ SENDERR(EINVAL); /* don't process these yet */
-+
-+ pfkey_x_kmprivate = (struct sadb_x_kmprivate*)
-+ MALLOC(sizeof(struct sadb_x_kmprivate));
-+
-+ *pfkey_ext = (struct sadb_ext*)pfkey_x_kmprivate;
-+
-+ if(pfkey_x_kmprivate == NULL) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_x_kmprivate_build: "
-+ "memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+ memset(pfkey_x_kmprivate,
-+ 0,
-+ sizeof(struct sadb_x_kmprivate));
-+
-+ pfkey_x_kmprivate->sadb_x_kmprivate_len =
-+ sizeof(struct sadb_x_kmprivate) / IPSEC_PFKEYv2_ALIGN;
-+
-+ pfkey_x_kmprivate->sadb_x_kmprivate_exttype = SADB_X_EXT_KMPRIVATE;
-+ pfkey_x_kmprivate->sadb_x_kmprivate_reserved = 0;
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_x_satype_build(struct sadb_ext** pfkey_ext,
-+ uint8_t satype)
-+{
-+ int error = 0;
-+ int i;
-+ struct sadb_x_satype *pfkey_x_satype = (struct sadb_x_satype *)*pfkey_ext;
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_x_satype_build:\n");
-+ /* sanity checks... */
-+ if(pfkey_x_satype) {
-+ ERROR("pfkey_x_satype_build: "
-+ "why is pfkey_x_satype already pointing to something?\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(!satype) {
-+ ERROR("pfkey_x_satype_build: "
-+ "SA type not set, must be non-zero.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(satype > SADB_SATYPE_MAX) {
-+ ERROR("pfkey_x_satype_build: "
-+ "satype %d > max %d\n",
-+ satype, SADB_SATYPE_MAX);
-+ SENDERR(EINVAL);
-+ }
-+
-+ pfkey_x_satype = (struct sadb_x_satype*)
-+ MALLOC(sizeof(struct sadb_x_satype));
-+
-+ *pfkey_ext = (struct sadb_ext*)pfkey_x_satype;
-+ if(pfkey_x_satype == NULL) {
-+ ERROR("pfkey_x_satype_build: "
-+ "memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+ memset(pfkey_x_satype,
-+ 0,
-+ sizeof(struct sadb_x_satype));
-+
-+ pfkey_x_satype->sadb_x_satype_len = sizeof(struct sadb_x_satype) / IPSEC_PFKEYv2_ALIGN;
-+
-+ pfkey_x_satype->sadb_x_satype_exttype = SADB_X_EXT_SATYPE2;
-+ pfkey_x_satype->sadb_x_satype_satype = satype;
-+ for(i=0; i<3; i++) {
-+ pfkey_x_satype->sadb_x_satype_reserved[i] = 0;
-+ }
-+
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_x_debug_build(struct sadb_ext** pfkey_ext,
-+ uint32_t tunnel,
-+ uint32_t netlink,
-+ uint32_t xform,
-+ uint32_t eroute,
-+ uint32_t spi,
-+ uint32_t radij,
-+ uint32_t esp,
-+ uint32_t ah,
-+ uint32_t rcv,
-+ uint32_t pfkey,
-+ uint32_t ipcomp,
-+ uint32_t verbose)
-+{
-+ int error = 0;
-+ int i;
-+ struct sadb_x_debug *pfkey_x_debug = (struct sadb_x_debug *)*pfkey_ext;
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_x_debug_build:\n");
-+ /* sanity checks... */
-+ if(pfkey_x_debug) {
-+ ERROR("pfkey_x_debug_build: "
-+ "why is pfkey_x_debug already pointing to something?\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_x_debug_build: "
-+ "tunnel=%x netlink=%x xform=%x eroute=%x spi=%x radij=%x esp=%x ah=%x rcv=%x pfkey=%x ipcomp=%x verbose=%x?\n",
-+ tunnel, netlink, xform, eroute, spi, radij, esp, ah, rcv, pfkey, ipcomp, verbose);
-+
-+ pfkey_x_debug = (struct sadb_x_debug*)
-+ MALLOC(sizeof(struct sadb_x_debug));
-+
-+ *pfkey_ext = (struct sadb_ext*)pfkey_x_debug;
-+
-+ if(pfkey_x_debug == NULL) {
-+ ERROR("pfkey_x_debug_build: "
-+ "memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+#if 0
-+ memset(pfkey_x_debug,
-+ 0,
-+ sizeof(struct sadb_x_debug));
-+#endif
-+
-+ pfkey_x_debug->sadb_x_debug_len = sizeof(struct sadb_x_debug) / IPSEC_PFKEYv2_ALIGN;
-+ pfkey_x_debug->sadb_x_debug_exttype = SADB_X_EXT_DEBUG;
-+
-+ pfkey_x_debug->sadb_x_debug_tunnel = tunnel;
-+ pfkey_x_debug->sadb_x_debug_netlink = netlink;
-+ pfkey_x_debug->sadb_x_debug_xform = xform;
-+ pfkey_x_debug->sadb_x_debug_eroute = eroute;
-+ pfkey_x_debug->sadb_x_debug_spi = spi;
-+ pfkey_x_debug->sadb_x_debug_radij = radij;
-+ pfkey_x_debug->sadb_x_debug_esp = esp;
-+ pfkey_x_debug->sadb_x_debug_ah = ah;
-+ pfkey_x_debug->sadb_x_debug_rcv = rcv;
-+ pfkey_x_debug->sadb_x_debug_pfkey = pfkey;
-+ pfkey_x_debug->sadb_x_debug_ipcomp = ipcomp;
-+ pfkey_x_debug->sadb_x_debug_verbose = verbose;
-+
-+ for(i=0; i<4; i++) {
-+ pfkey_x_debug->sadb_x_debug_reserved[i] = 0;
-+ }
-+
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_x_nat_t_type_build(struct sadb_ext** pfkey_ext,
-+ uint8_t type)
-+{
-+ int error = 0;
-+ int i;
-+ struct sadb_x_nat_t_type *pfkey_x_nat_t_type = (struct sadb_x_nat_t_type *)*pfkey_ext;
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_x_nat_t_type_build:\n");
-+ /* sanity checks... */
-+ if(pfkey_x_nat_t_type) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_x_nat_t_type_build: "
-+ "why is pfkey_x_nat_t_type already pointing to something?\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_x_nat_t_type_build: "
-+ "type=%d\n", type);
-+
-+ pfkey_x_nat_t_type = (struct sadb_x_nat_t_type*)
-+ MALLOC(sizeof(struct sadb_x_nat_t_type));
-+
-+ *pfkey_ext = (struct sadb_ext*)pfkey_x_nat_t_type;
-+
-+ if(pfkey_x_nat_t_type == NULL) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_x_nat_t_type_build: "
-+ "memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+
-+ pfkey_x_nat_t_type->sadb_x_nat_t_type_len = sizeof(struct sadb_x_nat_t_type) / IPSEC_PFKEYv2_ALIGN;
-+ pfkey_x_nat_t_type->sadb_x_nat_t_type_exttype = SADB_X_EXT_NAT_T_TYPE;
-+ pfkey_x_nat_t_type->sadb_x_nat_t_type_type = type;
-+ for(i=0; i<3; i++) {
-+ pfkey_x_nat_t_type->sadb_x_nat_t_type_reserved[i] = 0;
-+ }
-+
-+errlab:
-+ return error;
-+}
-+int
-+pfkey_x_nat_t_port_build(struct sadb_ext** pfkey_ext,
-+ uint16_t exttype,
-+ uint16_t port)
-+{
-+ int error = 0;
-+ struct sadb_x_nat_t_port *pfkey_x_nat_t_port = (struct sadb_x_nat_t_port *)*pfkey_ext;
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_x_nat_t_port_build:\n");
-+ /* sanity checks... */
-+ if(pfkey_x_nat_t_port) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_x_nat_t_port_build: "
-+ "why is pfkey_x_nat_t_port already pointing to something?\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ switch(exttype) {
-+ case SADB_X_EXT_NAT_T_SPORT:
-+ case SADB_X_EXT_NAT_T_DPORT:
-+ break;
-+ default:
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_nat_t_port_build: "
-+ "unrecognised ext_type=%d.\n",
-+ exttype);
-+ SENDERR(EINVAL);
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_x_nat_t_port_build: "
-+ "ext=%d, port=%d\n", exttype, port);
-+
-+ pfkey_x_nat_t_port = (struct sadb_x_nat_t_port*)
-+ MALLOC(sizeof(struct sadb_x_nat_t_port));
-+
-+ *pfkey_ext = (struct sadb_ext*)pfkey_x_nat_t_port;
-+
-+ if(pfkey_x_nat_t_port == NULL) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_x_nat_t_port_build: "
-+ "memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+
-+ pfkey_x_nat_t_port->sadb_x_nat_t_port_len = sizeof(struct sadb_x_nat_t_port) / IPSEC_PFKEYv2_ALIGN;
-+ pfkey_x_nat_t_port->sadb_x_nat_t_port_exttype = exttype;
-+ pfkey_x_nat_t_port->sadb_x_nat_t_port_port = port;
-+ pfkey_x_nat_t_port->sadb_x_nat_t_port_reserved = 0;
-+
-+errlab:
-+ return error;
-+}
-+
-+int pfkey_x_protocol_build(struct sadb_ext **pfkey_ext,
-+ uint8_t protocol)
-+{
-+ int error = 0;
-+ struct sadb_protocol * p = (struct sadb_protocol *)*pfkey_ext;
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,"pfkey_x_protocol_build: protocol=%u\n", protocol);
-+ /* sanity checks... */
-+ if (p != 0) {
-+ ERROR("pfkey_x_protocol_build: bogus protocol pointer\n");
-+ SENDERR(EINVAL);
-+ }
-+ if ((p = (struct sadb_protocol*)MALLOC(sizeof(*p))) == 0) {
-+ ERROR("pfkey_build: memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+ *pfkey_ext = (struct sadb_ext *)p;
-+ p->sadb_protocol_len = sizeof(*p) / sizeof(uint64_t);
-+ p->sadb_protocol_exttype = SADB_X_EXT_PROTOCOL;
-+ p->sadb_protocol_proto = protocol;
-+ p->sadb_protocol_flags = 0;
-+ p->sadb_protocol_reserved2 = 0;
-+ errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_msg_build(struct sadb_msg **pfkey_msg, struct sadb_ext *extensions[], int dir)
-+{
-+ int error = 0;
-+ unsigned ext;
-+ unsigned total_size;
-+ struct sadb_ext *pfkey_ext;
-+ int extensions_seen = 0;
-+#ifndef __KERNEL__
-+ struct sadb_ext *extensions_check[SADB_EXT_MAX + 1];
-+#endif
-+
-+ if(!extensions[0]) {
-+ ERROR("pfkey_msg_build: "
-+ "extensions[0] must be specified (struct sadb_msg).\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ /* figure out the total size for all the requested extensions */
-+ total_size = IPSEC_PFKEYv2_WORDS(sizeof(struct sadb_msg));
-+ for(ext = 1; ext <= SADB_EXT_MAX; ext++) {
-+ if(extensions[ext]) {
-+ total_size += (extensions[ext])->sadb_ext_len;
-+ }
-+ }
-+
-+ /* allocate that much space */
-+ *pfkey_msg = (struct sadb_msg*)MALLOC(total_size * IPSEC_PFKEYv2_ALIGN);
-+ if(*pfkey_msg == NULL) {
-+ ERROR("pfkey_msg_build: "
-+ "memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_msg_build: "
-+ "pfkey_msg=0p%p allocated %lu bytes, &(extensions[0])=0p%p\n",
-+ *pfkey_msg,
-+ (unsigned long)(total_size * IPSEC_PFKEYv2_ALIGN),
-+ &(extensions[0]));
-+
-+ memcpy(*pfkey_msg,
-+ extensions[0],
-+ sizeof(struct sadb_msg));
-+ (*pfkey_msg)->sadb_msg_len = total_size;
-+ (*pfkey_msg)->sadb_msg_reserved = 0;
-+ extensions_seen = 1 ;
-+
-+ /*
-+ * point pfkey_ext to immediately after the space for the header,
-+ * i.e. at the first extension location.
-+ */
-+ pfkey_ext = (struct sadb_ext*)(((char*)(*pfkey_msg)) + sizeof(struct sadb_msg));
-+
-+ for(ext = 1; ext <= SADB_EXT_MAX; ext++) {
-+ /* copy from extension[ext] to buffer */
-+ if(extensions[ext]) {
-+ /* Is this type of extension permitted for this type of message? */
-+ if(!(extensions_bitmaps[dir][EXT_BITS_PERM][(*pfkey_msg)->sadb_msg_type] &
-+ 1<<ext)) {
-+ ERROR("pfkey_msg_build: "
-+ "ext type %d not permitted, exts_perm=%08x, 1<<type=%08x\n",
-+ ext,
-+ extensions_bitmaps[dir][EXT_BITS_PERM][(*pfkey_msg)->sadb_msg_type],
-+ 1<<ext);
-+ SENDERR(EINVAL);
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_msg_build: "
-+ "copying %lu bytes from extensions[%u] (type=%d)\n",
-+ (unsigned long)(extensions[ext]->sadb_ext_len * IPSEC_PFKEYv2_ALIGN),
-+ ext,
-+ extensions[ext]->sadb_ext_type);
-+
-+ memcpy(pfkey_ext,
-+ extensions[ext],
-+ (extensions[ext])->sadb_ext_len * IPSEC_PFKEYv2_ALIGN);
-+ {
-+ char *pfkey_ext_c = (char *)pfkey_ext;
-+
-+ pfkey_ext_c += (extensions[ext])->sadb_ext_len * IPSEC_PFKEYv2_ALIGN;
-+ pfkey_ext = (struct sadb_ext *)pfkey_ext_c;
-+ }
-+
-+ /* Mark that we have seen this extension and remember the header location */
-+ extensions_seen |= ( 1 << ext );
-+ }
-+ }
-+
-+ /* check required extensions */
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_msg_build: "
-+ "extensions permitted=%08x, seen=%08x, required=%08x.\n",
-+ extensions_bitmaps[dir][EXT_BITS_PERM][(*pfkey_msg)->sadb_msg_type],
-+ extensions_seen,
-+ extensions_bitmaps[dir][EXT_BITS_REQ][(*pfkey_msg)->sadb_msg_type]);
-+
-+ if((extensions_seen &
-+ extensions_bitmaps[dir][EXT_BITS_REQ][(*pfkey_msg)->sadb_msg_type]) !=
-+ extensions_bitmaps[dir][EXT_BITS_REQ][(*pfkey_msg)->sadb_msg_type]) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_msg_build: "
-+ "required extensions missing:%08x.\n",
-+ extensions_bitmaps[dir][EXT_BITS_REQ][(*pfkey_msg)->sadb_msg_type] -
-+ (extensions_seen &
-+ extensions_bitmaps[dir][EXT_BITS_REQ][(*pfkey_msg)->sadb_msg_type]) );
-+ SENDERR(EINVAL);
-+ }
-+
-+#ifndef __KERNEL__
-+/*
-+ * this is silly, there is no need to reparse the message that we just built.
-+ *
-+ */
-+ if((error = pfkey_msg_parse(*pfkey_msg, NULL, extensions_check, dir))) {
-+ ERROR(
-+ "pfkey_msg_build: "
-+ "Trouble parsing newly built pfkey message, error=%d.\n",
-+ error);
-+ SENDERR(-error);
-+ }
-+#endif
-+
-+errlab:
-+
-+ return error;
-+}
-+
-+/*
-+ * $Log: pfkey_v2_build.c,v $
-+ * Revision 1.51.8.1 2006-05-01 14:36:39 mcr
-+ * get rid of dead code.
-+ *
-+ * Revision 1.51 2004/10/03 01:26:36 mcr
-+ * fixes for gcc 3.4 compilation.
-+ *
-+ * Revision 1.50 2004/07/10 07:48:35 mcr
-+ * Moved from linux/lib/libfreeswan/pfkey_v2_build.c,v
-+ *
-+ * Revision 1.49 2004/04/12 02:59:06 mcr
-+ * erroneously moved pfkey_v2_build.c
-+ *
-+ * Revision 1.48 2004/04/09 18:00:40 mcr
-+ * Moved from linux/lib/libfreeswan/pfkey_v2_build.c,v
-+ *
-+ * Revision 1.47 2004/03/08 01:59:08 ken
-+ * freeswan.h -> openswan.h
-+ *
-+ * Revision 1.46 2003/12/10 01:20:19 mcr
-+ * NAT-traversal patches to KLIPS.
-+ *
-+ * Revision 1.45 2003/12/04 23:01:12 mcr
-+ * removed ipsec_netlink.h
-+ *
-+ * Revision 1.44 2003/10/31 02:27:12 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.43.4.2 2003/10/29 01:11:32 mcr
-+ * added debugging for pfkey library.
-+ *
-+ * Revision 1.43.4.1 2003/09/21 13:59:44 mcr
-+ * pre-liminary X.509 patch - does not yet pass tests.
-+ *
-+ * Revision 1.43 2003/05/07 17:29:17 mcr
-+ * new function pfkey_debug_func added for us in debugging from
-+ * pfkey library.
-+ *
-+ * Revision 1.42 2003/01/30 02:32:09 rgb
-+ *
-+ * Rename SAref table macro names for clarity.
-+ * Convert IPsecSAref_t from signed to unsigned to fix apparent SAref exhaustion bug.
-+ *
-+ * Revision 1.41 2002/12/13 18:16:02 mcr
-+ * restored sa_ref code
-+ *
-+ * Revision 1.40 2002/12/13 18:06:52 mcr
-+ * temporarily removed sadb_x_sa_ref reference for 2.xx
-+ *
-+ * Revision 1.39 2002/12/13 17:43:28 mcr
-+ * commented out access to sadb_x_sa_ref for 2.xx branch
-+ *
-+ * Revision 1.38 2002/10/09 03:12:05 dhr
-+ *
-+ * [kenb+dhr] 64-bit fixes
-+ *
-+ * Revision 1.37 2002/09/20 15:40:39 rgb
-+ * Added new function pfkey_sa_ref_build() to accomodate saref parameter.
-+ *
-+ * Revision 1.36 2002/09/20 05:01:22 rgb
-+ * Generalise for platform independance: fix (ia64) using unsigned for sizes.
-+ *
-+ * Revision 1.35 2002/07/24 18:44:54 rgb
-+ * Type fiddling to tame ia64 compiler.
-+ *
-+ * Revision 1.34 2002/05/23 07:14:11 rgb
-+ * Cleaned up %p variants to 0p%p for test suite cleanup.
-+ *
-+ * Revision 1.33 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.32 2002/04/24 07:36:40 mcr
-+ * Moved from ./lib/pfkey_v2_build.c,v
-+ *
-+ * Revision 1.31 2002/01/29 22:25:35 rgb
-+ * Re-add ipsec_kversion.h to keep MALLOC happy.
-+ *
-+ * Revision 1.30 2002/01/29 01:59:09 mcr
-+ * removal of kversions.h - sources that needed it now use ipsec_param.h.
-+ * updating of IPv6 structures to match latest in6.h version.
-+ * removed dead code from openswan.h that also duplicated kversions.h
-+ * code.
-+ *
-+ * Revision 1.29 2001/12/19 21:06:09 rgb
-+ * Added port numbers to pfkey_address_build() debugging.
-+ *
-+ * Revision 1.28 2001/11/06 19:47:47 rgb
-+ * Added packet parameter to lifetime and comb structures.
-+ *
-+ * Revision 1.27 2001/10/18 04:45:24 rgb
-+ * 2.4.9 kernel deprecates linux/malloc.h in favour of linux/slab.h,
-+ * lib/openswan.h version macros moved to lib/kversions.h.
-+ * Other compiler directive cleanups.
-+ *
-+ * Revision 1.26 2001/09/08 21:13:34 rgb
-+ * Added pfkey ident extension support for ISAKMPd. (NetCelo)
-+ *
-+ * Revision 1.25 2001/06/14 19:35:16 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.24 2001/03/20 03:49:45 rgb
-+ * Ditch superfluous debug_pfkey declaration.
-+ * Move misplaced openswan.h inclusion for kernel case.
-+ *
-+ * Revision 1.23 2001/03/16 07:41:50 rgb
-+ * Put openswan.h include before pluto includes.
-+ *
-+ * Revision 1.22 2001/02/27 22:24:56 rgb
-+ * Re-formatting debug output (line-splitting, joining, 1arg/line).
-+ * Check for satoa() return codes.
-+ *
-+ * Revision 1.21 2000/11/17 18:10:30 rgb
-+ * Fixed bugs mostly relating to spirange, to treat all spi variables as
-+ * network byte order since this is the way PF_KEYv2 stored spis.
-+ *
-+ * Revision 1.20 2000/10/12 00:02:39 rgb
-+ * Removed 'format, ##' nonsense from debug macros for RH7.0.
-+ *
-+ * Revision 1.19 2000/10/10 20:10:20 rgb
-+ * Added support for debug_ipcomp and debug_verbose to klipsdebug.
-+ *
-+ * Revision 1.18 2000/09/12 18:59:54 rgb
-+ * Added Gerhard's IPv6 support to pfkey parts of libopenswan.
-+ *
-+ * Revision 1.17 2000/09/12 03:27:00 rgb
-+ * Moved DEBUGGING definition to compile kernel with debug off.
-+ *
-+ * Revision 1.16 2000/09/08 19:22:12 rgb
-+ * Fixed pfkey_prop_build() parameter to be only single indirection.
-+ * Fixed struct alg copy.
-+ *
-+ * Revision 1.15 2000/08/20 21:40:01 rgb
-+ * Added an address parameter sanity check to pfkey_address_build().
-+ *
-+ * Revision 1.14 2000/08/15 17:29:23 rgb
-+ * Fixes from SZI to untested pfkey_prop_build().
-+ *
-+ * Revision 1.13 2000/06/02 22:54:14 rgb
-+ * Added Gerhard Gessler's struct sockaddr_storage mods for IPv6 support.
-+ *
-+ * Revision 1.12 2000/05/10 19:24:01 rgb
-+ * Fleshed out sensitivity, proposal and supported extensions.
-+ *
-+ * Revision 1.11 2000/03/16 14:07:23 rgb
-+ * Renamed ALIGN macro to avoid fighting with others in kernel.
-+ *
-+ * Revision 1.10 2000/01/24 21:14:35 rgb
-+ * Added disabled pluto pfkey lib debug flag.
-+ *
-+ * Revision 1.9 2000/01/21 06:27:32 rgb
-+ * Added address cases for eroute flows.
-+ * Removed unused code.
-+ * Dropped unused argument to pfkey_x_satype_build().
-+ * Indented compiler directives for readability.
-+ * Added klipsdebug switching capability.
-+ * Fixed SADB_EXT_MAX bug not permitting last extension access.
-+ *
-+ * Revision 1.8 1999/12/29 21:17:41 rgb
-+ * Changed pfkey_msg_build() I/F to include a struct sadb_msg**
-+ * parameter for cleaner manipulation of extensions[] and to guard
-+ * against potential memory leaks.
-+ * Changed the I/F to pfkey_msg_free() for the same reason.
-+ *
-+ * Revision 1.7 1999/12/09 23:12:20 rgb
-+ * Removed unused cruft.
-+ * Added argument to pfkey_sa_build() to do eroutes.
-+ * Fixed exttype check in as yet unused pfkey_lifetime_build().
-+ *
-+ * Revision 1.6 1999/12/07 19:54:29 rgb
-+ * Removed static pluto debug flag.
-+ * Added functions for pfkey message and extensions initialisation
-+ * and cleanup.
-+ *
-+ * Revision 1.5 1999/12/01 22:20:06 rgb
-+ * Changed pfkey_sa_build to accept an SPI in network byte order.
-+ * Added <string.h> to quiet userspace compiler.
-+ * Moved pfkey_lib_debug variable into the library.
-+ * Removed SATYPE check from pfkey_msg_hdr_build so FLUSH will work.
-+ * Added extension assembly debugging.
-+ * Isolated assignment with brackets to be sure of scope.
-+ *
-+ * Revision 1.4 1999/11/27 11:57:35 rgb
-+ * Added ipv6 headers.
-+ * Remove over-zealous algorithm sanity checkers from pfkey_sa_build.
-+ * Debugging error messages added.
-+ * Fixed missing auth and encrypt assignment bug.
-+ * Add argument to pfkey_msg_parse() for direction.
-+ * Move parse-after-build check inside pfkey_msg_build().
-+ * Consolidated the 4 1-d extension bitmap arrays into one 4-d array.
-+ * Add CVS log entry to bottom of file.
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/pfkey_v2_debug.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,181 @@
-+/*
-+ * @(#) pfkey version 2 debugging messages
-+ *
-+ * Copyright (C) 2001 Richard Guy Briggs <rgb@openswan.org>
-+ * and Michael Richardson <mcr@openswan.org>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: pfkey_v2_debug.c,v 1.11 2005-04-06 17:45:16 mcr Exp $
-+ *
-+ */
-+
-+#ifdef __KERNEL__
-+
-+# include <linux/kernel.h> /* for printk */
-+
-+# include "openswan/ipsec_kversion.h" /* for malloc switch */
-+# ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+# else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+# endif /* MALLOC_SLAB */
-+# include <linux/errno.h> /* error codes */
-+# include <linux/types.h> /* size_t */
-+# include <linux/interrupt.h> /* mark_bh */
-+
-+# include <linux/netdevice.h> /* struct device, and other headers */
-+# include <linux/etherdevice.h> /* eth_type_trans */
-+extern int debug_pfkey;
-+
-+#else /* __KERNEL__ */
-+
-+# include <sys/types.h>
-+# include <linux/types.h>
-+# include <linux/errno.h>
-+
-+#endif /* __KERNEL__ */
-+
-+#include "openswan.h"
-+#include "pfkeyv2.h"
-+#include "pfkey.h"
-+
-+/*
-+ * This file provides ASCII translations of PF_KEY magic numbers.
-+ *
-+ */
-+
-+static char *pfkey_sadb_ext_strings[]={
-+ "reserved", /* SADB_EXT_RESERVED 0 */
-+ "security-association", /* SADB_EXT_SA 1 */
-+ "lifetime-current", /* SADB_EXT_LIFETIME_CURRENT 2 */
-+ "lifetime-hard", /* SADB_EXT_LIFETIME_HARD 3 */
-+ "lifetime-soft", /* SADB_EXT_LIFETIME_SOFT 4 */
-+ "source-address", /* SADB_EXT_ADDRESS_SRC 5 */
-+ "destination-address", /* SADB_EXT_ADDRESS_DST 6 */
-+ "proxy-address", /* SADB_EXT_ADDRESS_PROXY 7 */
-+ "authentication-key", /* SADB_EXT_KEY_AUTH 8 */
-+ "cipher-key", /* SADB_EXT_KEY_ENCRYPT 9 */
-+ "source-identity", /* SADB_EXT_IDENTITY_SRC 10 */
-+ "destination-identity", /* SADB_EXT_IDENTITY_DST 11 */
-+ "sensitivity-label", /* SADB_EXT_SENSITIVITY 12 */
-+ "proposal", /* SADB_EXT_PROPOSAL 13 */
-+ "supported-auth", /* SADB_EXT_SUPPORTED_AUTH 14 */
-+ "supported-cipher", /* SADB_EXT_SUPPORTED_ENCRYPT 15 */
-+ "spi-range", /* SADB_EXT_SPIRANGE 16 */
-+ "X-kmpprivate", /* SADB_X_EXT_KMPRIVATE 17 */
-+ "X-satype2", /* SADB_X_EXT_SATYPE2 18 */
-+ "X-security-association", /* SADB_X_EXT_SA2 19 */
-+ "X-destination-address2", /* SADB_X_EXT_ADDRESS_DST2 20 */
-+ "X-source-flow-address", /* SADB_X_EXT_ADDRESS_SRC_FLOW 21 */
-+ "X-dest-flow-address", /* SADB_X_EXT_ADDRESS_DST_FLOW 22 */
-+ "X-source-mask", /* SADB_X_EXT_ADDRESS_SRC_MASK 23 */
-+ "X-dest-mask", /* SADB_X_EXT_ADDRESS_DST_MASK 24 */
-+ "X-set-debug", /* SADB_X_EXT_DEBUG 25 */
-+ /* NAT_TRAVERSAL */
-+ "X-NAT-T-type", /* SADB_X_EXT_NAT_T_TYPE 26 */
-+ "X-NAT-T-sport", /* SADB_X_EXT_NAT_T_SPORT 27 */
-+ "X-NAT-T-dport", /* SADB_X_EXT_NAT_T_DPORT 28 */
-+ "X-NAT-T-OA", /* SADB_X_EXT_NAT_T_OA 29 */
-+};
-+
-+const char *
-+pfkey_v2_sadb_ext_string(int ext)
-+{
-+ if(ext <= SADB_EXT_MAX) {
-+ return pfkey_sadb_ext_strings[ext];
-+ } else {
-+ return "unknown-ext";
-+ }
-+}
-+
-+
-+static char *pfkey_sadb_type_strings[]={
-+ "reserved", /* SADB_RESERVED */
-+ "getspi", /* SADB_GETSPI */
-+ "update", /* SADB_UPDATE */
-+ "add", /* SADB_ADD */
-+ "delete", /* SADB_DELETE */
-+ "get", /* SADB_GET */
-+ "acquire", /* SADB_ACQUIRE */
-+ "register", /* SADB_REGISTER */
-+ "expire", /* SADB_EXPIRE */
-+ "flush", /* SADB_FLUSH */
-+ "dump", /* SADB_DUMP */
-+ "x-promisc", /* SADB_X_PROMISC */
-+ "x-pchange", /* SADB_X_PCHANGE */
-+ "x-groupsa", /* SADB_X_GRPSA */
-+ "x-addflow(eroute)", /* SADB_X_ADDFLOW */
-+ "x-delflow(eroute)", /* SADB_X_DELFLOW */
-+ "x-debug", /* SADB_X_DEBUG */
-+};
-+
-+const char *
-+pfkey_v2_sadb_type_string(int sadb_type)
-+{
-+ if(sadb_type <= SADB_MAX) {
-+ return pfkey_sadb_type_strings[sadb_type];
-+ } else {
-+ return "unknown-sadb-type";
-+ }
-+}
-+
-+
-+
-+
-+/*
-+ * $Log: pfkey_v2_debug.c,v $
-+ * Revision 1.11 2005-04-06 17:45:16 mcr
-+ * always include NAT-T names.
-+ *
-+ * Revision 1.10 2004/07/10 07:48:35 mcr
-+ * Moved from linux/lib/libfreeswan/pfkey_v2_debug.c,v
-+ *
-+ * Revision 1.9 2004/03/08 01:59:08 ken
-+ * freeswan.h -> openswan.h
-+ *
-+ * Revision 1.8 2003/12/10 01:20:19 mcr
-+ * NAT-traversal patches to KLIPS.
-+ *
-+ * Revision 1.7 2002/09/20 05:01:26 rgb
-+ * Fixed limit inclusion error in both type and ext string conversion.
-+ *
-+ * Revision 1.6 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.5 2002/04/24 07:36:40 mcr
-+ * Moved from ./lib/pfkey_v2_debug.c,v
-+ *
-+ * Revision 1.4 2002/01/29 22:25:36 rgb
-+ * Re-add ipsec_kversion.h to keep MALLOC happy.
-+ *
-+ * Revision 1.3 2002/01/29 01:59:09 mcr
-+ * removal of kversions.h - sources that needed it now use ipsec_param.h.
-+ * updating of IPv6 structures to match latest in6.h version.
-+ * removed dead code from openswan.h that also duplicated kversions.h
-+ * code.
-+ *
-+ * Revision 1.2 2002/01/20 20:34:50 mcr
-+ * added pfkey_v2_sadb_type_string to decode sadb_type to string.
-+ *
-+ * Revision 1.1 2001/11/27 05:30:06 mcr
-+ * initial set of debug strings for pfkey debugging.
-+ * this will eventually only be included for debug builds.
-+ *
-+ * Revision 1.1 2001/09/21 04:12:03 mcr
-+ * first compilable version.
-+ *
-+ *
-+ * Local variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/pfkey_v2_ext_bits.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,814 @@
-+/*
-+ * RFC2367 PF_KEYv2 Key management API message parser
-+ * Copyright (C) 1999, 2000, 2001 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: pfkey_v2_ext_bits.c,v 1.22 2005-05-11 01:45:31 mcr Exp $
-+ */
-+
-+/*
-+ * Template from klips/net/ipsec/ipsec/ipsec_parse.c.
-+ */
-+
-+char pfkey_v2_ext_bits_c_version[] = "$Id: pfkey_v2_ext_bits.c,v 1.22 2005-05-11 01:45:31 mcr Exp $";
-+
-+/*
-+ * Some ugly stuff to allow consistent debugging code for use in the
-+ * kernel and in user space
-+*/
-+
-+#ifdef __KERNEL__
-+
-+# include <linux/kernel.h> /* for printk */
-+
-+# include "openswan/ipsec_kversion.h" /* for malloc switch */
-+# ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+# else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+# endif /* MALLOC_SLAB */
-+# include <linux/errno.h> /* error codes */
-+# include <linux/types.h> /* size_t */
-+# include <linux/interrupt.h> /* mark_bh */
-+
-+# include <linux/netdevice.h> /* struct device, and other headers */
-+# include <linux/etherdevice.h> /* eth_type_trans */
-+# include <linux/ip.h> /* struct iphdr */
-+# if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
-+# include <linux/ipv6.h>
-+# endif /* defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) */
-+
-+#else /* __KERNEL__ */
-+
-+# include <sys/types.h>
-+# include <linux/types.h>
-+# include <linux/errno.h>
-+#endif
-+
-+#include <openswan.h>
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+unsigned int extensions_bitmaps[2/*in/out*/][2/*perm/req*/][SADB_EXTENSIONS_MAX] = {
-+
-+/* INBOUND EXTENSIONS */
-+{
-+
-+/* PERMITTED IN */
-+{
-+/* SADB_RESERVED */
-+0
-+,
-+/* SADB_GETSPI */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_ADDRESS_PROXY
-+| 1<<SADB_EXT_SPIRANGE
-+,
-+/* SADB_UPDATE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_LIFETIME_CURRENT
-+| 1<<SADB_EXT_LIFETIME_HARD
-+| 1<<SADB_EXT_LIFETIME_SOFT
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_ADDRESS_PROXY
-+| 1<<SADB_EXT_KEY_AUTH
-+| 1<<SADB_EXT_KEY_ENCRYPT
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_EXT_SENSITIVITY
-+| 1<<SADB_X_EXT_NAT_T_SPORT
-+| 1<<SADB_X_EXT_NAT_T_DPORT
-+,
-+/* SADB_ADD */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_LIFETIME_HARD
-+| 1<<SADB_EXT_LIFETIME_SOFT
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_ADDRESS_PROXY
-+| 1<<SADB_EXT_KEY_AUTH
-+| 1<<SADB_EXT_KEY_ENCRYPT
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_EXT_SENSITIVITY
-+| 1<<SADB_X_EXT_NAT_T_TYPE
-+| 1<<SADB_X_EXT_NAT_T_SPORT
-+| 1<<SADB_X_EXT_NAT_T_DPORT
-+| 1<<SADB_X_EXT_NAT_T_OA
-+,
-+/* SADB_DELETE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+,
-+/* SADB_GET */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+,
-+/* SADB_ACQUIRE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_ADDRESS_PROXY
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_EXT_SENSITIVITY
-+| 1<<SADB_EXT_PROPOSAL
-+,
-+/* SADB_REGISTER */
-+1<<SADB_EXT_RESERVED
-+,
-+/* SADB_EXPIRE */
-+0
-+,
-+/* SADB_FLUSH */
-+1<<SADB_EXT_RESERVED
-+,
-+/* SADB_DUMP */
-+1<<SADB_EXT_RESERVED
-+,
-+/* SADB_X_PROMISC */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_LIFETIME_CURRENT
-+| 1<<SADB_EXT_LIFETIME_HARD
-+| 1<<SADB_EXT_LIFETIME_SOFT
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_ADDRESS_PROXY
-+| 1<<SADB_EXT_KEY_AUTH
-+| 1<<SADB_EXT_KEY_ENCRYPT
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_EXT_SENSITIVITY
-+| 1<<SADB_EXT_PROPOSAL
-+| 1<<SADB_EXT_SUPPORTED_AUTH
-+| 1<<SADB_EXT_SUPPORTED_ENCRYPT
-+| 1<<SADB_EXT_SPIRANGE
-+| 1<<SADB_X_EXT_KMPRIVATE
-+| 1<<SADB_X_EXT_SATYPE2
-+| 1<<SADB_X_EXT_SA2
-+| 1<<SADB_X_EXT_ADDRESS_DST2
-+,
-+/* SADB_X_PCHANGE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_LIFETIME_CURRENT
-+| 1<<SADB_EXT_LIFETIME_HARD
-+| 1<<SADB_EXT_LIFETIME_SOFT
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_ADDRESS_PROXY
-+| 1<<SADB_EXT_KEY_AUTH
-+| 1<<SADB_EXT_KEY_ENCRYPT
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_EXT_SENSITIVITY
-+| 1<<SADB_EXT_PROPOSAL
-+| 1<<SADB_EXT_SUPPORTED_AUTH
-+| 1<<SADB_EXT_SUPPORTED_ENCRYPT
-+| 1<<SADB_EXT_SPIRANGE
-+| 1<<SADB_X_EXT_KMPRIVATE
-+| 1<<SADB_X_EXT_SATYPE2
-+| 1<<SADB_X_EXT_SA2
-+| 1<<SADB_X_EXT_ADDRESS_DST2
-+,
-+/* SADB_X_GRPSA */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_X_EXT_SATYPE2
-+| 1<<SADB_X_EXT_SA2
-+| 1<<SADB_X_EXT_ADDRESS_DST2
-+,
-+/* SADB_X_ADDFLOW */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_X_EXT_ADDRESS_SRC_FLOW
-+| 1<<SADB_X_EXT_ADDRESS_DST_FLOW
-+| 1<<SADB_X_EXT_ADDRESS_SRC_MASK
-+| 1<<SADB_X_EXT_ADDRESS_DST_MASK
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_X_EXT_PROTOCOL
-+,
-+/* SADB_X_DELFLOW */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_X_EXT_ADDRESS_SRC_FLOW
-+| 1<<SADB_X_EXT_ADDRESS_DST_FLOW
-+| 1<<SADB_X_EXT_ADDRESS_SRC_MASK
-+| 1<<SADB_X_EXT_ADDRESS_DST_MASK
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_X_EXT_PROTOCOL
-+,
-+/* SADB_X_DEBUG */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_X_EXT_DEBUG
-+,
-+/* SADB_X_NAT_T_NEW_MAPPING */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_X_EXT_NAT_T_SPORT
-+| 1<<SADB_X_EXT_NAT_T_DPORT
-+},
-+
-+/* REQUIRED IN */
-+{
-+/* SADB_RESERVED */
-+0
-+,
-+/* SADB_GETSPI */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_SPIRANGE
-+,
-+/* SADB_UPDATE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+/*| 1<<SADB_EXT_KEY_AUTH*/
-+/*| 1<<SADB_EXT_KEY_ENCRYPT*/
-+,
-+/* SADB_ADD */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+/*| 1<<SADB_EXT_KEY_AUTH*/
-+/*| 1<<SADB_EXT_KEY_ENCRYPT*/
-+,
-+/* SADB_DELETE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+,
-+/* SADB_GET */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+,
-+/* SADB_ACQUIRE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_PROPOSAL
-+,
-+/* SADB_REGISTER */
-+1<<SADB_EXT_RESERVED
-+,
-+/* SADB_EXPIRE */
-+0
-+,
-+/* SADB_FLUSH */
-+1<<SADB_EXT_RESERVED
-+,
-+/* SADB_DUMP */
-+1<<SADB_EXT_RESERVED
-+,
-+/* SADB_X_PROMISC */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_LIFETIME_CURRENT
-+| 1<<SADB_EXT_LIFETIME_HARD
-+| 1<<SADB_EXT_LIFETIME_SOFT
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_ADDRESS_PROXY
-+| 1<<SADB_EXT_KEY_AUTH
-+| 1<<SADB_EXT_KEY_ENCRYPT
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_EXT_SENSITIVITY
-+| 1<<SADB_EXT_PROPOSAL
-+| 1<<SADB_EXT_SUPPORTED_AUTH
-+| 1<<SADB_EXT_SUPPORTED_ENCRYPT
-+| 1<<SADB_EXT_SPIRANGE
-+| 1<<SADB_X_EXT_KMPRIVATE
-+| 1<<SADB_X_EXT_SATYPE2
-+| 1<<SADB_X_EXT_SA2
-+| 1<<SADB_X_EXT_ADDRESS_DST2
-+,
-+/* SADB_X_PCHANGE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_LIFETIME_CURRENT
-+| 1<<SADB_EXT_LIFETIME_HARD
-+| 1<<SADB_EXT_LIFETIME_SOFT
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_ADDRESS_PROXY
-+| 1<<SADB_EXT_KEY_AUTH
-+| 1<<SADB_EXT_KEY_ENCRYPT
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_EXT_SENSITIVITY
-+| 1<<SADB_EXT_PROPOSAL
-+| 1<<SADB_EXT_SUPPORTED_AUTH
-+| 1<<SADB_EXT_SUPPORTED_ENCRYPT
-+| 1<<SADB_EXT_SPIRANGE
-+| 1<<SADB_X_EXT_KMPRIVATE
-+| 1<<SADB_X_EXT_SATYPE2
-+| 1<<SADB_X_EXT_SA2
-+| 1<<SADB_X_EXT_ADDRESS_DST2
-+,
-+/* SADB_X_GRPSA */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_DST
-+/*| 1<<SADB_X_EXT_SATYPE2*/
-+/*| 1<<SADB_X_EXT_SA2*/
-+/*| 1<<SADB_X_EXT_ADDRESS_DST2*/
-+,
-+/* SADB_X_ADDFLOW */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_X_EXT_ADDRESS_SRC_FLOW
-+| 1<<SADB_X_EXT_ADDRESS_DST_FLOW
-+| 1<<SADB_X_EXT_ADDRESS_SRC_MASK
-+| 1<<SADB_X_EXT_ADDRESS_DST_MASK
-+,
-+/* SADB_X_DELFLOW */
-+1<<SADB_EXT_RESERVED
-+/*| 1<<SADB_EXT_SA*/
-+#if 0 /* SADB_X_CLREROUTE doesn't need all these... */
-+| 1<<SADB_X_EXT_ADDRESS_SRC_FLOW
-+| 1<<SADB_X_EXT_ADDRESS_DST_FLOW
-+| 1<<SADB_X_EXT_ADDRESS_SRC_MASK
-+| 1<<SADB_X_EXT_ADDRESS_DST_MASK
-+#endif
-+,
-+/* SADB_X_DEBUG */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_X_EXT_DEBUG
-+,
-+/* SADB_X_NAT_T_NEW_MAPPING */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_X_EXT_NAT_T_SPORT
-+| 1<<SADB_X_EXT_NAT_T_DPORT
-+}
-+
-+},
-+
-+/* OUTBOUND EXTENSIONS */
-+{
-+
-+/* PERMITTED OUT */
-+{
-+/* SADB_RESERVED */
-+0
-+,
-+/* SADB_GETSPI */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+,
-+/* SADB_UPDATE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_LIFETIME_CURRENT
-+| 1<<SADB_EXT_LIFETIME_HARD
-+| 1<<SADB_EXT_LIFETIME_SOFT
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_ADDRESS_PROXY
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_EXT_SENSITIVITY
-+| 1<<SADB_X_EXT_NAT_T_SPORT
-+| 1<<SADB_X_EXT_NAT_T_DPORT
-+,
-+/* SADB_ADD */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_LIFETIME_HARD
-+| 1<<SADB_EXT_LIFETIME_SOFT
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_EXT_SENSITIVITY
-+| 1<<SADB_X_EXT_NAT_T_TYPE
-+| 1<<SADB_X_EXT_NAT_T_SPORT
-+| 1<<SADB_X_EXT_NAT_T_DPORT
-+| 1<<SADB_X_EXT_NAT_T_OA
-+,
-+/* SADB_DELETE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+,
-+/* SADB_GET */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_LIFETIME_CURRENT
-+| 1<<SADB_EXT_LIFETIME_HARD
-+| 1<<SADB_EXT_LIFETIME_SOFT
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_ADDRESS_PROXY
-+| 1<<SADB_EXT_KEY_AUTH
-+| 1<<SADB_EXT_KEY_ENCRYPT
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_EXT_SENSITIVITY
-+| 1<<SADB_X_EXT_NAT_T_TYPE
-+| 1<<SADB_X_EXT_NAT_T_SPORT
-+| 1<<SADB_X_EXT_NAT_T_DPORT
-+| 1<<SADB_X_EXT_NAT_T_OA
-+,
-+/* SADB_ACQUIRE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_ADDRESS_PROXY
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_EXT_SENSITIVITY
-+| 1<<SADB_EXT_PROPOSAL
-+,
-+/* SADB_REGISTER */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SUPPORTED_AUTH
-+| 1<<SADB_EXT_SUPPORTED_ENCRYPT
-+,
-+/* SADB_EXPIRE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_LIFETIME_CURRENT
-+| 1<<SADB_EXT_LIFETIME_HARD
-+| 1<<SADB_EXT_LIFETIME_SOFT
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+,
-+/* SADB_FLUSH */
-+1<<SADB_EXT_RESERVED
-+,
-+/* SADB_DUMP */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_LIFETIME_CURRENT
-+| 1<<SADB_EXT_LIFETIME_HARD
-+| 1<<SADB_EXT_LIFETIME_SOFT
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_ADDRESS_PROXY
-+| 1<<SADB_EXT_KEY_AUTH
-+| 1<<SADB_EXT_KEY_ENCRYPT
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_EXT_SENSITIVITY
-+| 1<<SADB_X_EXT_NAT_T_TYPE
-+| 1<<SADB_X_EXT_NAT_T_SPORT
-+| 1<<SADB_X_EXT_NAT_T_DPORT
-+| 1<<SADB_X_EXT_NAT_T_OA
-+,
-+/* SADB_X_PROMISC */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_LIFETIME_CURRENT
-+| 1<<SADB_EXT_LIFETIME_HARD
-+| 1<<SADB_EXT_LIFETIME_SOFT
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_ADDRESS_PROXY
-+| 1<<SADB_EXT_KEY_AUTH
-+| 1<<SADB_EXT_KEY_ENCRYPT
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_EXT_SENSITIVITY
-+| 1<<SADB_EXT_PROPOSAL
-+| 1<<SADB_EXT_SUPPORTED_AUTH
-+| 1<<SADB_EXT_SUPPORTED_ENCRYPT
-+| 1<<SADB_EXT_SPIRANGE
-+| 1<<SADB_X_EXT_KMPRIVATE
-+| 1<<SADB_X_EXT_SATYPE2
-+| 1<<SADB_X_EXT_SA2
-+| 1<<SADB_X_EXT_ADDRESS_DST2
-+,
-+/* SADB_X_PCHANGE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_LIFETIME_CURRENT
-+| 1<<SADB_EXT_LIFETIME_HARD
-+| 1<<SADB_EXT_LIFETIME_SOFT
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_ADDRESS_PROXY
-+| 1<<SADB_EXT_KEY_AUTH
-+| 1<<SADB_EXT_KEY_ENCRYPT
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_EXT_SENSITIVITY
-+| 1<<SADB_EXT_PROPOSAL
-+| 1<<SADB_EXT_SUPPORTED_AUTH
-+| 1<<SADB_EXT_SUPPORTED_ENCRYPT
-+| 1<<SADB_EXT_SPIRANGE
-+| 1<<SADB_X_EXT_KMPRIVATE
-+| 1<<SADB_X_EXT_SATYPE2
-+| 1<<SADB_X_EXT_SA2
-+| 1<<SADB_X_EXT_ADDRESS_DST2
-+,
-+/* SADB_X_GRPSA */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_X_EXT_SATYPE2
-+| 1<<SADB_X_EXT_SA2
-+| 1<<SADB_X_EXT_ADDRESS_DST2
-+,
-+/* SADB_X_ADDFLOW */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_X_EXT_ADDRESS_SRC_FLOW
-+| 1<<SADB_X_EXT_ADDRESS_DST_FLOW
-+| 1<<SADB_X_EXT_ADDRESS_SRC_MASK
-+| 1<<SADB_X_EXT_ADDRESS_DST_MASK
-+| 1<<SADB_X_EXT_PROTOCOL
-+,
-+/* SADB_X_DELFLOW */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_X_EXT_ADDRESS_SRC_FLOW
-+| 1<<SADB_X_EXT_ADDRESS_DST_FLOW
-+| 1<<SADB_X_EXT_ADDRESS_SRC_MASK
-+| 1<<SADB_X_EXT_ADDRESS_DST_MASK
-+| 1<<SADB_X_EXT_PROTOCOL
-+,
-+/* SADB_X_DEBUG */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_X_EXT_DEBUG
-+,
-+/* SADB_X_NAT_T_NEW_MAPPING */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_X_EXT_NAT_T_SPORT
-+| 1<<SADB_X_EXT_NAT_T_DPORT
-+},
-+
-+/* REQUIRED OUT */
-+{
-+/* SADB_RESERVED */
-+0
-+,
-+/* SADB_GETSPI */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+,
-+/* SADB_UPDATE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+,
-+/* SADB_ADD */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+,
-+/* SADB_DELETE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+,
-+/* SADB_GET */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+/* | 1<<SADB_EXT_KEY_AUTH */
-+/* | 1<<SADB_EXT_KEY_ENCRYPT */
-+,
-+/* SADB_ACQUIRE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_PROPOSAL
-+,
-+/* SADB_REGISTER */
-+1<<SADB_EXT_RESERVED
-+/* | 1<<SADB_EXT_SUPPORTED_AUTH
-+ | 1<<SADB_EXT_SUPPORTED_ENCRYPT */
-+,
-+/* SADB_EXPIRE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_LIFETIME_CURRENT
-+/* | 1<<SADB_EXT_LIFETIME_HARD
-+ | 1<<SADB_EXT_LIFETIME_SOFT */
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+,
-+/* SADB_FLUSH */
-+1<<SADB_EXT_RESERVED
-+,
-+/* SADB_DUMP */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_KEY_AUTH
-+| 1<<SADB_EXT_KEY_ENCRYPT
-+,
-+/* SADB_X_PROMISC */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_LIFETIME_CURRENT
-+| 1<<SADB_EXT_LIFETIME_HARD
-+| 1<<SADB_EXT_LIFETIME_SOFT
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_ADDRESS_PROXY
-+| 1<<SADB_EXT_KEY_AUTH
-+| 1<<SADB_EXT_KEY_ENCRYPT
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_EXT_SENSITIVITY
-+| 1<<SADB_EXT_PROPOSAL
-+| 1<<SADB_EXT_SUPPORTED_AUTH
-+| 1<<SADB_EXT_SUPPORTED_ENCRYPT
-+| 1<<SADB_EXT_SPIRANGE
-+| 1<<SADB_X_EXT_KMPRIVATE
-+| 1<<SADB_X_EXT_SATYPE2
-+| 1<<SADB_X_EXT_SA2
-+| 1<<SADB_X_EXT_ADDRESS_DST2
-+,
-+/* SADB_X_PCHANGE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_LIFETIME_CURRENT
-+| 1<<SADB_EXT_LIFETIME_HARD
-+| 1<<SADB_EXT_LIFETIME_SOFT
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_ADDRESS_PROXY
-+| 1<<SADB_EXT_KEY_AUTH
-+| 1<<SADB_EXT_KEY_ENCRYPT
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_EXT_SENSITIVITY
-+| 1<<SADB_EXT_PROPOSAL
-+| 1<<SADB_EXT_SUPPORTED_AUTH
-+| 1<<SADB_EXT_SUPPORTED_ENCRYPT
-+| 1<<SADB_EXT_SPIRANGE
-+| 1<<SADB_X_EXT_KMPRIVATE
-+| 1<<SADB_X_EXT_SATYPE2
-+| 1<<SADB_X_EXT_SA2
-+| 1<<SADB_X_EXT_ADDRESS_DST2
-+,
-+/* SADB_X_GRPSA */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_DST
-+,
-+/* SADB_X_ADDFLOW */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_X_EXT_ADDRESS_SRC_FLOW
-+| 1<<SADB_X_EXT_ADDRESS_DST_FLOW
-+| 1<<SADB_X_EXT_ADDRESS_SRC_MASK
-+| 1<<SADB_X_EXT_ADDRESS_DST_MASK
-+,
-+/* SADB_X_DELFLOW */
-+1<<SADB_EXT_RESERVED
-+/*| 1<<SADB_EXT_SA*/
-+| 1<<SADB_X_EXT_ADDRESS_SRC_FLOW
-+| 1<<SADB_X_EXT_ADDRESS_DST_FLOW
-+| 1<<SADB_X_EXT_ADDRESS_SRC_MASK
-+| 1<<SADB_X_EXT_ADDRESS_DST_MASK
-+,
-+/* SADB_X_DEBUG */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_X_EXT_DEBUG
-+,
-+/* SADB_X_NAT_T_NEW_MAPPING */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_X_EXT_NAT_T_SPORT
-+| 1<<SADB_X_EXT_NAT_T_DPORT
-+}
-+}
-+};
-+
-+/*
-+ * $Log: pfkey_v2_ext_bits.c,v $
-+ * Revision 1.22 2005-05-11 01:45:31 mcr
-+ * make pfkey.h standalone.
-+ *
-+ * Revision 1.21 2004/07/10 07:48:36 mcr
-+ * Moved from linux/lib/libfreeswan/pfkey_v2_ext_bits.c,v
-+ *
-+ * Revision 1.20 2004/03/08 01:59:08 ken
-+ * freeswan.h -> openswan.h
-+ *
-+ * Revision 1.19 2003/12/22 21:38:13 mcr
-+ * removed extraenous #endif.
-+ *
-+ * Revision 1.18 2003/12/22 19:34:41 mcr
-+ * added 0.6c NAT-T patch.
-+ *
-+ * Revision 1.17 2003/12/10 01:20:19 mcr
-+ * NAT-traversal patches to KLIPS.
-+ *
-+ * Revision 1.16 2003/10/31 02:27:12 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.15.30.1 2003/09/21 13:59:44 mcr
-+ * pre-liminary X.509 patch - does not yet pass tests.
-+ *
-+ * Revision 1.15 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.14 2002/04/24 07:36:40 mcr
-+ * Moved from ./lib/pfkey_v2_ext_bits.c,v
-+ *
-+ * Revision 1.13 2002/01/29 22:25:36 rgb
-+ * Re-add ipsec_kversion.h to keep MALLOC happy.
-+ *
-+ * Revision 1.12 2002/01/29 01:59:10 mcr
-+ * removal of kversions.h - sources that needed it now use ipsec_param.h.
-+ * updating of IPv6 structures to match latest in6.h version.
-+ * removed dead code from openswan.h that also duplicated kversions.h
-+ * code.
-+ *
-+ * Revision 1.11 2001/10/18 04:45:24 rgb
-+ * 2.4.9 kernel deprecates linux/malloc.h in favour of linux/slab.h,
-+ * lib/openswan.h version macros moved to lib/kversions.h.
-+ * Other compiler directive cleanups.
-+ *
-+ * Revision 1.10 2001/09/08 21:13:35 rgb
-+ * Added pfkey ident extension support for ISAKMPd. (NetCelo)
-+ *
-+ * Revision 1.9 2001/06/14 19:35:16 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.8 2001/03/26 23:07:36 rgb
-+ * Remove requirement for auth and enc key from UPDATE.
-+ *
-+ * Revision 1.7 2000/09/12 22:35:37 rgb
-+ * Restructured to remove unused extensions from CLEARFLOW messages.
-+ *
-+ * Revision 1.6 2000/09/09 06:39:01 rgb
-+ * Added comments for clarity.
-+ *
-+ * Revision 1.5 2000/06/02 22:54:14 rgb
-+ * Added Gerhard Gessler's struct sockaddr_storage mods for IPv6 support.
-+ *
-+ * Revision 1.4 2000/01/21 06:27:56 rgb
-+ * Added address cases for eroute flows.
-+ * Added comments for each message type.
-+ * Added klipsdebug switching capability.
-+ * Fixed GRPSA bitfields.
-+ *
-+ * Revision 1.3 1999/12/01 22:20:27 rgb
-+ * Remove requirement for a proxy address in an incoming getspi message.
-+ *
-+ * Revision 1.2 1999/11/27 11:57:06 rgb
-+ * Consolidated the 4 1-d extension bitmap arrays into one 4-d array.
-+ * Add CVS log entry to bottom of file.
-+ * Cleaned out unused bits.
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/pfkey_v2_ext_process.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,971 @@
-+/*
-+ * @(#) RFC2367 PF_KEYv2 Key management API message parser
-+ * Copyright (C) 1998-2003 Richard Guy Briggs.
-+ * Copyright (C) 2004 Michael Richardson <mcr@xelerance.com>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: pfkey_v2_ext_process.c,v 1.20.2.4 2007-11-16 03:42:22 paul Exp $
-+ */
-+
-+/*
-+ * Template from klips/net/ipsec/ipsec/ipsec_netlink.c.
-+ */
-+
-+char pfkey_v2_ext_process_c_version[] = "$Id: pfkey_v2_ext_process.c,v 1.20.2.4 2007-11-16 03:42:22 paul Exp $";
-+
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "openswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/interrupt.h> /* mark_bh */
-+
-+#include <linux/netdevice.h> /* struct device, and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+#include <linux/skbuff.h>
-+
-+#include <openswan.h>
-+
-+#include <crypto/des.h>
-+
-+#ifdef SPINLOCK
-+# ifdef SPINLOCK_23
-+# include <linux/spinlock.h> /* *lock* */
-+# else /* SPINLOCK_23 */
-+# include <asm/spinlock.h> /* *lock* */
-+# endif /* SPINLOCK_23 */
-+#endif /* SPINLOCK */
-+#ifdef NET_21
-+# include <linux/in6.h>
-+# define ip_chk_addr inet_addr_type
-+# define IS_MYADDR RTN_LOCAL
-+#endif
-+
-+#include <net/ip.h>
-+#ifdef NETLINK_SOCK
-+# include <linux/netlink.h>
-+#else
-+# include <net/netlink.h>
-+#endif
-+
-+#include <linux/random.h> /* get_random_bytes() */
-+
-+#include "openswan/radij.h"
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_sa.h"
-+
-+#include "openswan/ipsec_radij.h"
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_ah.h"
-+#include "openswan/ipsec_esp.h"
-+#include "openswan/ipsec_tunnel.h"
-+#include "openswan/ipsec_rcv.h"
-+#include "openswan/ipcomp.h"
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+#include "openswan/ipsec_proto.h"
-+#include "openswan/ipsec_alg.h"
-+
-+#define SENDERR(_x) do { error = -(_x); goto errlab; } while (0)
-+
-+int
-+pfkey_sa_process(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr)
-+{
-+ struct sadb_sa *pfkey_sa = (struct sadb_sa *)pfkey_ext;
-+ int error = 0;
-+ struct ipsec_sa* ipsp;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sa_process: .\n");
-+
-+ if(!extr || !extr->ips) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sa_process: "
-+ "extr or extr->ips is NULL, fatal\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ switch(pfkey_ext->sadb_ext_type) {
-+ case SADB_EXT_SA:
-+ ipsp = extr->ips;
-+ break;
-+ case SADB_X_EXT_SA2:
-+ if(extr->ips2 == NULL) {
-+ extr->ips2 = ipsec_sa_alloc(&error); /* pass error var by pointer */
-+ }
-+ if(extr->ips2 == NULL) {
-+ SENDERR(-error);
-+ }
-+ ipsp = extr->ips2;
-+ break;
-+ default:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sa_process: "
-+ "invalid exttype=%d.\n",
-+ pfkey_ext->sadb_ext_type);
-+ SENDERR(EINVAL);
-+ }
-+
-+ ipsp->ips_said.spi = pfkey_sa->sadb_sa_spi;
-+ ipsp->ips_replaywin = pfkey_sa->sadb_sa_replay;
-+ ipsp->ips_state = pfkey_sa->sadb_sa_state;
-+ ipsp->ips_flags = pfkey_sa->sadb_sa_flags;
-+ ipsp->ips_replaywin_lastseq = ipsp->ips_replaywin_bitmap = 0;
-+ ipsp->ips_ref_rel = pfkey_sa->sadb_x_sa_ref;
-+
-+ switch(ipsp->ips_said.proto) {
-+ case IPPROTO_AH:
-+ ipsp->ips_authalg = pfkey_sa->sadb_sa_auth;
-+ ipsp->ips_encalg = SADB_EALG_NONE;
-+ break;
-+ case IPPROTO_ESP:
-+ ipsp->ips_authalg = pfkey_sa->sadb_sa_auth;
-+ ipsp->ips_encalg = pfkey_sa->sadb_sa_encrypt;
-+#ifdef CONFIG_KLIPS_ALG
-+ ipsec_alg_sa_init(ipsp);
-+#endif
-+ break;
-+ case IPPROTO_IPIP:
-+ ipsp->ips_authalg = AH_NONE;
-+ ipsp->ips_encalg = ESP_NONE;
-+ break;
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ case IPPROTO_COMP:
-+ ipsp->ips_authalg = AH_NONE;
-+ ipsp->ips_encalg = pfkey_sa->sadb_sa_encrypt;
-+ break;
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+ case IPPROTO_INT:
-+ ipsp->ips_authalg = AH_NONE;
-+ ipsp->ips_encalg = ESP_NONE;
-+ break;
-+ case 0:
-+ break;
-+ default:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sa_process: "
-+ "unknown proto=%d.\n",
-+ ipsp->ips_said.proto);
-+ SENDERR(EINVAL);
-+ }
-+
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_lifetime_process(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+ struct sadb_lifetime *pfkey_lifetime = (struct sadb_lifetime *)pfkey_ext;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_lifetime_process: .\n");
-+
-+ if(!extr || !extr->ips) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_lifetime_process: "
-+ "extr or extr->ips is NULL, fatal\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ switch(pfkey_lifetime->sadb_lifetime_exttype) {
-+ case SADB_EXT_LIFETIME_CURRENT:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_lifetime_process: "
-+ "lifetime_current not supported yet.\n");
-+ SENDERR(EINVAL);
-+ break;
-+ case SADB_EXT_LIFETIME_HARD:
-+ ipsec_lifetime_update_hard(&extr->ips->ips_life.ipl_allocations,
-+ pfkey_lifetime->sadb_lifetime_allocations);
-+
-+ ipsec_lifetime_update_hard(&extr->ips->ips_life.ipl_bytes,
-+ pfkey_lifetime->sadb_lifetime_bytes);
-+
-+ ipsec_lifetime_update_hard(&extr->ips->ips_life.ipl_addtime,
-+ pfkey_lifetime->sadb_lifetime_addtime);
-+
-+ ipsec_lifetime_update_hard(&extr->ips->ips_life.ipl_usetime,
-+ pfkey_lifetime->sadb_lifetime_usetime);
-+
-+ break;
-+
-+ case SADB_EXT_LIFETIME_SOFT:
-+ ipsec_lifetime_update_soft(&extr->ips->ips_life.ipl_allocations,
-+ pfkey_lifetime->sadb_lifetime_allocations);
-+
-+ ipsec_lifetime_update_soft(&extr->ips->ips_life.ipl_bytes,
-+ pfkey_lifetime->sadb_lifetime_bytes);
-+
-+ ipsec_lifetime_update_soft(&extr->ips->ips_life.ipl_addtime,
-+ pfkey_lifetime->sadb_lifetime_addtime);
-+
-+ ipsec_lifetime_update_soft(&extr->ips->ips_life.ipl_usetime,
-+ pfkey_lifetime->sadb_lifetime_usetime);
-+
-+ break;
-+ default:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_lifetime_process: "
-+ "invalid exttype=%d.\n",
-+ pfkey_ext->sadb_ext_type);
-+ SENDERR(EINVAL);
-+ }
-+
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_address_process(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+ int saddr_len = 0;
-+ char ipaddr_txt[ADDRTOA_BUF];
-+ unsigned char **sap;
-+ unsigned short * portp = 0;
-+ struct sadb_address *pfkey_address = (struct sadb_address *)pfkey_ext;
-+ struct sockaddr* s = (struct sockaddr*)((char*)pfkey_address + sizeof(*pfkey_address));
-+ struct ipsec_sa* ipsp;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process:\n");
-+
-+ if(!extr || !extr->ips) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "extr or extr->ips is NULL, fatal\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ switch(s->sa_family) {
-+ case AF_INET:
-+ saddr_len = sizeof(struct sockaddr_in);
-+ if (debug_pfkey)
-+ addrtoa(((struct sockaddr_in*)s)->sin_addr, 0, ipaddr_txt, sizeof(ipaddr_txt));
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "found address family=%d, AF_INET, %s.\n",
-+ s->sa_family,
-+ ipaddr_txt);
-+ break;
-+#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
-+ case AF_INET6:
-+ saddr_len = sizeof(struct sockaddr_in6);
-+ break;
-+#endif /* defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) */
-+ default:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "s->sa_family=%d not supported.\n",
-+ s->sa_family);
-+ SENDERR(EPFNOSUPPORT);
-+ }
-+
-+ switch(pfkey_address->sadb_address_exttype) {
-+ case SADB_EXT_ADDRESS_SRC:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "found src address.\n");
-+ sap = (unsigned char **)&(extr->ips->ips_addr_s);
-+ extr->ips->ips_addr_s_size = saddr_len;
-+ break;
-+ case SADB_EXT_ADDRESS_DST:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "found dst address.\n");
-+ sap = (unsigned char **)&(extr->ips->ips_addr_d);
-+ extr->ips->ips_addr_d_size = saddr_len;
-+ break;
-+ case SADB_EXT_ADDRESS_PROXY:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "found proxy address.\n");
-+ sap = (unsigned char **)&(extr->ips->ips_addr_p);
-+ extr->ips->ips_addr_p_size = saddr_len;
-+ break;
-+ case SADB_X_EXT_ADDRESS_DST2:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "found 2nd dst address.\n");
-+ if(extr->ips2 == NULL) {
-+ extr->ips2 = ipsec_sa_alloc(&error); /* pass error var by pointer */
-+ }
-+ if(extr->ips2 == NULL) {
-+ SENDERR(-error);
-+ }
-+ sap = (unsigned char **)&(extr->ips2->ips_addr_d);
-+ extr->ips2->ips_addr_d_size = saddr_len;
-+ break;
-+ case SADB_X_EXT_ADDRESS_SRC_FLOW:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "found src flow address.\n");
-+ if(pfkey_alloc_eroute(&(extr->eroute)) == ENOMEM) {
-+ SENDERR(ENOMEM);
-+ }
-+ sap = (unsigned char **)&(extr->eroute->er_eaddr.sen_ip_src);
-+ portp = &(extr->eroute->er_eaddr.sen_sport);
-+ break;
-+ case SADB_X_EXT_ADDRESS_DST_FLOW:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "found dst flow address.\n");
-+ if(pfkey_alloc_eroute(&(extr->eroute)) == ENOMEM) {
-+ SENDERR(ENOMEM);
-+ }
-+ sap = (unsigned char **)&(extr->eroute->er_eaddr.sen_ip_dst);
-+ portp = &(extr->eroute->er_eaddr.sen_dport);
-+ break;
-+ case SADB_X_EXT_ADDRESS_SRC_MASK:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "found src mask address.\n");
-+ if(pfkey_alloc_eroute(&(extr->eroute)) == ENOMEM) {
-+ SENDERR(ENOMEM);
-+ }
-+ sap = (unsigned char **)&(extr->eroute->er_emask.sen_ip_src);
-+ portp = &(extr->eroute->er_emask.sen_sport);
-+ break;
-+ case SADB_X_EXT_ADDRESS_DST_MASK:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "found dst mask address.\n");
-+ if(pfkey_alloc_eroute(&(extr->eroute)) == ENOMEM) {
-+ SENDERR(ENOMEM);
-+ }
-+ sap = (unsigned char **)&(extr->eroute->er_emask.sen_ip_dst);
-+ portp = &(extr->eroute->er_emask.sen_dport);
-+ break;
-+#ifdef NAT_TRAVERSAL
-+ case SADB_X_EXT_NAT_T_OA:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "found NAT-OA address.\n");
-+ sap = (unsigned char **)&(extr->ips->ips_natt_oa);
-+ extr->ips->ips_natt_oa_size = saddr_len;
-+ break;
-+#endif
-+ default:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "unrecognised ext_type=%d.\n",
-+ pfkey_address->sadb_address_exttype);
-+ SENDERR(EINVAL);
-+ }
-+
-+ switch(pfkey_address->sadb_address_exttype) {
-+ case SADB_EXT_ADDRESS_SRC:
-+ case SADB_EXT_ADDRESS_DST:
-+ case SADB_EXT_ADDRESS_PROXY:
-+ case SADB_X_EXT_ADDRESS_DST2:
-+#ifdef NAT_TRAVERSAL
-+ case SADB_X_EXT_NAT_T_OA:
-+#endif
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "allocating %d bytes for saddr.\n",
-+ saddr_len);
-+ if(!(*sap = kmalloc(saddr_len, GFP_KERNEL))) {
-+ SENDERR(ENOMEM);
-+ }
-+ memcpy(*sap, s, saddr_len);
-+ break;
-+ default:
-+ if(s->sa_family != AF_INET) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "s->sa_family=%d not supported.\n",
-+ s->sa_family);
-+ SENDERR(EPFNOSUPPORT);
-+ }
-+ {
-+ *(struct in_addr *)sap = ((struct sockaddr_in *)s)->sin_addr;
-+ }
-+
-+ if (portp != 0)
-+ *portp = ((struct sockaddr_in*)s)->sin_port;
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(extr->eroute) {
-+ char buf1[64], buf2[64];
-+ if (debug_pfkey) {
-+ subnettoa(extr->eroute->er_eaddr.sen_ip_src,
-+ extr->eroute->er_emask.sen_ip_src, 0, buf1, sizeof(buf1));
-+ subnettoa(extr->eroute->er_eaddr.sen_ip_dst,
-+ extr->eroute->er_emask.sen_ip_dst, 0, buf2, sizeof(buf2));
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_parse: "
-+ "extr->eroute set to %s:%d->%s:%d\n",
-+ buf1,
-+ ntohs(extr->eroute->er_eaddr.sen_sport),
-+ buf2,
-+ ntohs(extr->eroute->er_eaddr.sen_dport));
-+ }
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ }
-+
-+ ipsp = extr->ips;
-+ switch(pfkey_address->sadb_address_exttype) {
-+ case SADB_X_EXT_ADDRESS_DST2:
-+ ipsp = extr->ips2;
-+ case SADB_EXT_ADDRESS_DST:
-+ if(s->sa_family == AF_INET) {
-+ ipsp->ips_said.dst.u.v4.sin_addr.s_addr = ((struct sockaddr_in*)(ipsp->ips_addr_d))->sin_addr.s_addr;
-+ ipsp->ips_said.dst.u.v4.sin_family = AF_INET;
-+ if (debug_pfkey)
-+ addrtoa(((struct sockaddr_in*)(ipsp->ips_addr_d))->sin_addr,
-+ 0,
-+ ipaddr_txt,
-+ sizeof(ipaddr_txt));
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "ips_said.dst set to %s.\n",
-+ ipaddr_txt);
-+ } else {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "uh, ips_said.dst doesn't do address family=%d yet, said will be invalid.\n",
-+ s->sa_family);
-+ }
-+ default:
-+ break;
-+ }
-+
-+ /* XXX check if port!=0 */
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: successful.\n");
-+ errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_key_process(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+ struct sadb_key *pfkey_key = (struct sadb_key *)pfkey_ext;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_key_process: .\n");
-+
-+ if(!extr || !extr->ips) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_key_process: "
-+ "extr or extr->ips is NULL, fatal\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ switch(pfkey_key->sadb_key_exttype) {
-+ case SADB_EXT_KEY_AUTH:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_key_process: "
-+ "allocating %d bytes for authkey.\n",
-+ DIVUP(pfkey_key->sadb_key_bits, 8));
-+ if(!(extr->ips->ips_key_a = kmalloc(DIVUP(pfkey_key->sadb_key_bits, 8), GFP_KERNEL))) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_key_process: "
-+ "memory allocation error.\n");
-+ SENDERR(ENOMEM);
-+ }
-+ extr->ips->ips_key_bits_a = pfkey_key->sadb_key_bits;
-+ extr->ips->ips_key_a_size = DIVUP(pfkey_key->sadb_key_bits, 8);
-+ memcpy(extr->ips->ips_key_a,
-+ (char*)pfkey_key + sizeof(struct sadb_key),
-+ extr->ips->ips_key_a_size);
-+ break;
-+ case SADB_EXT_KEY_ENCRYPT: /* Key(s) */
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_key_process: "
-+ "allocating %d bytes for enckey.\n",
-+ DIVUP(pfkey_key->sadb_key_bits, 8));
-+ if(!(extr->ips->ips_key_e = kmalloc(DIVUP(pfkey_key->sadb_key_bits, 8), GFP_KERNEL))) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_key_process: "
-+ "memory allocation error.\n");
-+ SENDERR(ENOMEM);
-+ }
-+ extr->ips->ips_key_bits_e = pfkey_key->sadb_key_bits;
-+ extr->ips->ips_key_e_size = DIVUP(pfkey_key->sadb_key_bits, 8);
-+ memcpy(extr->ips->ips_key_e,
-+ (char*)pfkey_key + sizeof(struct sadb_key),
-+ extr->ips->ips_key_e_size);
-+ break;
-+ default:
-+ SENDERR(EINVAL);
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_key_process: "
-+ "success.\n");
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_ident_process(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+ struct sadb_ident *pfkey_ident = (struct sadb_ident *)pfkey_ext;
-+ int data_len;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_ident_process: .\n");
-+
-+ if(!extr || !extr->ips) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_ident_process: "
-+ "extr or extr->ips is NULL, fatal\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ switch(pfkey_ident->sadb_ident_exttype) {
-+ case SADB_EXT_IDENTITY_SRC:
-+ data_len = pfkey_ident->sadb_ident_len * IPSEC_PFKEYv2_ALIGN - sizeof(struct sadb_ident);
-+
-+ extr->ips->ips_ident_s.type = pfkey_ident->sadb_ident_type;
-+ extr->ips->ips_ident_s.id = pfkey_ident->sadb_ident_id;
-+ extr->ips->ips_ident_s.len = pfkey_ident->sadb_ident_len;
-+ if(data_len) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_ident_process: "
-+ "allocating %d bytes for ident_s.\n",
-+ data_len);
-+ if(!(extr->ips->ips_ident_s.data
-+ = kmalloc(data_len, GFP_KERNEL))) {
-+ SENDERR(ENOMEM);
-+ }
-+ memcpy(extr->ips->ips_ident_s.data,
-+ (char*)pfkey_ident + sizeof(struct sadb_ident),
-+ data_len);
-+ } else {
-+ extr->ips->ips_ident_s.data = NULL;
-+ }
-+ break;
-+ case SADB_EXT_IDENTITY_DST: /* Identity(ies) */
-+ data_len = pfkey_ident->sadb_ident_len * IPSEC_PFKEYv2_ALIGN - sizeof(struct sadb_ident);
-+
-+ extr->ips->ips_ident_d.type = pfkey_ident->sadb_ident_type;
-+ extr->ips->ips_ident_d.id = pfkey_ident->sadb_ident_id;
-+ extr->ips->ips_ident_d.len = pfkey_ident->sadb_ident_len;
-+ if(data_len) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_ident_process: "
-+ "allocating %d bytes for ident_d.\n",
-+ data_len);
-+ if(!(extr->ips->ips_ident_d.data
-+ = kmalloc(data_len, GFP_KERNEL))) {
-+ SENDERR(ENOMEM);
-+ }
-+ memcpy(extr->ips->ips_ident_d.data,
-+ (char*)pfkey_ident + sizeof(struct sadb_ident),
-+ data_len);
-+ } else {
-+ extr->ips->ips_ident_d.data = NULL;
-+ }
-+ break;
-+ default:
-+ SENDERR(EINVAL);
-+ }
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_sens_process(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sens_process: "
-+ "Sorry, I can't process exttype=%d yet.\n",
-+ pfkey_ext->sadb_ext_type);
-+ SENDERR(EINVAL); /* don't process these yet */
-+ errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_prop_process(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_prop_process: "
-+ "Sorry, I can't process exttype=%d yet.\n",
-+ pfkey_ext->sadb_ext_type);
-+ SENDERR(EINVAL); /* don't process these yet */
-+
-+ errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_supported_process(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_supported_process: "
-+ "Sorry, I can't process exttype=%d yet.\n",
-+ pfkey_ext->sadb_ext_type);
-+ SENDERR(EINVAL); /* don't process these yet */
-+
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_spirange_process(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_spirange_process: .\n");
-+/* errlab: */
-+ return error;
-+}
-+
-+int
-+pfkey_x_kmprivate_process(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_kmprivate_process: "
-+ "Sorry, I can't process exttype=%d yet.\n",
-+ pfkey_ext->sadb_ext_type);
-+ SENDERR(EINVAL); /* don't process these yet */
-+
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_x_satype_process(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+ struct sadb_x_satype *pfkey_x_satype = (struct sadb_x_satype *)pfkey_ext;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_satype_process: .\n");
-+
-+ if(!extr || !extr->ips) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_satype_process: "
-+ "extr or extr->ips is NULL, fatal\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(extr->ips2 == NULL) {
-+ extr->ips2 = ipsec_sa_alloc(&error); /* pass error var by pointer */
-+ }
-+ if(extr->ips2 == NULL) {
-+ SENDERR(-error);
-+ }
-+ if(!(extr->ips2->ips_said.proto = satype2proto(pfkey_x_satype->sadb_x_satype_satype))) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_satype_process: "
-+ "proto lookup from satype=%d failed.\n",
-+ pfkey_x_satype->sadb_x_satype_satype);
-+ SENDERR(EINVAL);
-+ }
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_satype_process: "
-+ "protocol==%d decoded from satype==%d(%s).\n",
-+ extr->ips2->ips_said.proto,
-+ pfkey_x_satype->sadb_x_satype_satype,
-+ satype2name(pfkey_x_satype->sadb_x_satype_satype));
-+
-+errlab:
-+ return error;
-+}
-+
-+
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+int
-+pfkey_x_nat_t_type_process(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+ struct sadb_x_nat_t_type *pfkey_x_nat_t_type = (struct sadb_x_nat_t_type *)pfkey_ext;
-+
-+ if(!pfkey_x_nat_t_type) {
-+ printk("klips_debug:pfkey_x_nat_t_type_process: "
-+ "null pointer passed in\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_nat_t_type_process: %d.\n",
-+ pfkey_x_nat_t_type->sadb_x_nat_t_type_type);
-+
-+ if(!extr || !extr->ips) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_nat_t_type_process: "
-+ "extr or extr->ips is NULL, fatal\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ switch(pfkey_x_nat_t_type->sadb_x_nat_t_type_type) {
-+ case ESPINUDP_WITH_NON_IKE: /* with Non-IKE (older version) */
-+ case ESPINUDP_WITH_NON_ESP: /* with Non-ESP */
-+
-+ extr->ips->ips_natt_type = pfkey_x_nat_t_type->sadb_x_nat_t_type_type;
-+ break;
-+ default:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_nat_t_type_process: "
-+ "unknown type %d.\n",
-+ pfkey_x_nat_t_type->sadb_x_nat_t_type_type);
-+ SENDERR(EINVAL);
-+ break;
-+ }
-+
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_x_nat_t_port_process(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+ struct sadb_x_nat_t_port *pfkey_x_nat_t_port = (struct sadb_x_nat_t_port *)pfkey_ext;
-+
-+ if(!pfkey_x_nat_t_port) {
-+ printk("klips_debug:pfkey_x_nat_t_port_process: "
-+ "null pointer passed in\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_nat_t_port_process: %d/%d.\n",
-+ pfkey_x_nat_t_port->sadb_x_nat_t_port_exttype,
-+ pfkey_x_nat_t_port->sadb_x_nat_t_port_port);
-+
-+ if(!extr || !extr->ips) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_nat_t_type_process: "
-+ "extr or extr->ips is NULL, fatal\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ switch(pfkey_x_nat_t_port->sadb_x_nat_t_port_exttype) {
-+ case SADB_X_EXT_NAT_T_SPORT:
-+ extr->ips->ips_natt_sport = pfkey_x_nat_t_port->sadb_x_nat_t_port_port;
-+ break;
-+ case SADB_X_EXT_NAT_T_DPORT:
-+ extr->ips->ips_natt_dport = pfkey_x_nat_t_port->sadb_x_nat_t_port_port;
-+ break;
-+ default:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_nat_t_port_process: "
-+ "unknown exttype %d.\n",
-+ pfkey_x_nat_t_port->sadb_x_nat_t_port_exttype);
-+ SENDERR(EINVAL);
-+ break;
-+ }
-+
-+errlab:
-+ return error;
-+}
-+#endif
-+
-+int
-+pfkey_x_debug_process(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+ struct sadb_x_debug *pfkey_x_debug = (struct sadb_x_debug *)pfkey_ext;
-+
-+ if(!pfkey_x_debug) {
-+ printk("klips_debug:pfkey_x_debug_process: "
-+ "null pointer passed in\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_debug_process: .\n");
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(pfkey_x_debug->sadb_x_debug_netlink >>
-+ (sizeof(pfkey_x_debug->sadb_x_debug_netlink) * 8 - 1)) {
-+ pfkey_x_debug->sadb_x_debug_netlink &=
-+ ~(1 << (sizeof(pfkey_x_debug->sadb_x_debug_netlink) * 8 -1));
-+ debug_tunnel |= pfkey_x_debug->sadb_x_debug_tunnel;
-+ debug_netlink |= pfkey_x_debug->sadb_x_debug_netlink;
-+ debug_xform |= pfkey_x_debug->sadb_x_debug_xform;
-+ debug_eroute |= pfkey_x_debug->sadb_x_debug_eroute;
-+ debug_spi |= pfkey_x_debug->sadb_x_debug_spi;
-+ debug_radij |= pfkey_x_debug->sadb_x_debug_radij;
-+ debug_esp |= pfkey_x_debug->sadb_x_debug_esp;
-+ debug_ah |= pfkey_x_debug->sadb_x_debug_ah;
-+ debug_rcv |= pfkey_x_debug->sadb_x_debug_rcv;
-+ debug_pfkey |= pfkey_x_debug->sadb_x_debug_pfkey;
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ sysctl_ipsec_debug_ipcomp |= pfkey_x_debug->sadb_x_debug_ipcomp;
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+ sysctl_ipsec_debug_verbose |= pfkey_x_debug->sadb_x_debug_verbose;
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_debug_process: "
-+ "set\n");
-+ } else {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_debug_process: "
-+ "unset\n");
-+ debug_tunnel &= pfkey_x_debug->sadb_x_debug_tunnel;
-+ debug_netlink &= pfkey_x_debug->sadb_x_debug_netlink;
-+ debug_xform &= pfkey_x_debug->sadb_x_debug_xform;
-+ debug_eroute &= pfkey_x_debug->sadb_x_debug_eroute;
-+ debug_spi &= pfkey_x_debug->sadb_x_debug_spi;
-+ debug_radij &= pfkey_x_debug->sadb_x_debug_radij;
-+ debug_esp &= pfkey_x_debug->sadb_x_debug_esp;
-+ debug_ah &= pfkey_x_debug->sadb_x_debug_ah;
-+ debug_rcv &= pfkey_x_debug->sadb_x_debug_rcv;
-+ debug_pfkey &= pfkey_x_debug->sadb_x_debug_pfkey;
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ sysctl_ipsec_debug_ipcomp &= pfkey_x_debug->sadb_x_debug_ipcomp;
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+ sysctl_ipsec_debug_verbose &= pfkey_x_debug->sadb_x_debug_verbose;
-+ }
-+#else /* CONFIG_KLIPS_DEBUG */
-+ printk("klips_debug:pfkey_x_debug_process: "
-+ "debugging not enabled\n");
-+ SENDERR(EINVAL);
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+errlab:
-+ return error;
-+}
-+
-+/*
-+ * $Log: pfkey_v2_ext_process.c,v $
-+ * Revision 1.20.2.4 2007-11-16 03:42:22 paul
-+ * Fix for 64bit big endian machines where a cast for struct in_addr was
-+ * wrong. This resulted in KLIPS dropping all NAT-T packets with the
-+ * error:
-+ *
-+ * klips_debug:ipsec_xmit_SAlookup: checking for local udp/500 IKE packet
-+ * saddr=a010c92, er=0p0000000000000000, daddr=a010f17, er_dst=0, proto=1
-+ * sport=0 dport=0
-+ * klips_debug:ipsec_xmit_encap_bundle: shunt SA of DROP or no eroute:
-+ * dropping.
-+ *
-+ * Patch by [dhr]
-+ *
-+ * Revision 1.20.2.3 2007/09/05 02:56:10 paul
-+ * Use the new ipsec_kversion macros by David to deal with 2.6.22 kernels.
-+ * Fixes based on David McCullough patch.
-+ *
-+ * Revision 1.20.2.2 2006/10/06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.20.2.1 2006/04/20 16:33:07 mcr
-+ * remove all of CONFIG_KLIPS_ALG --- one can no longer build without it.
-+ * Fix in-kernel module compilation. Sub-makefiles do not work.
-+ *
-+ * Revision 1.20 2005/04/29 05:10:22 mcr
-+ * removed from extraenous includes to make unit testing easier.
-+ *
-+ * Revision 1.19 2004/12/04 07:14:18 mcr
-+ * resolution to gcc3-ism was wrong. fixed to assign correct
-+ * variable.
-+ *
-+ * Revision 1.18 2004/12/03 21:25:57 mcr
-+ * compile time fixes for running on 2.6.
-+ * still experimental.
-+ *
-+ * Revision 1.17 2004/08/21 00:45:04 mcr
-+ * CONFIG_KLIPS_NAT was wrong, also need to include udp.h.
-+ *
-+ * Revision 1.16 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.15 2004/04/06 02:49:26 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.14 2004/02/03 03:13:59 mcr
-+ * no longer #ifdef out NON_ESP mode. That was a mistake.
-+ *
-+ * Revision 1.13 2003/12/15 18:13:12 mcr
-+ * when compiling with NAT traversal, don't assume that the
-+ * kernel has been patched, unless CONFIG_IPSEC_NAT_NON_ESP
-+ * is set.
-+ *
-+ * Revision 1.12.2.1 2003/12/22 15:25:52 jjo
-+ * Merged algo-0.8.1-rc11-test1 into alg-branch
-+ *
-+ * Revision 1.12 2003/12/10 01:14:27 mcr
-+ * NAT-traversal patches to KLIPS.
-+ *
-+ * Revision 1.11 2003/10/31 02:27:55 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.10.4.2 2003/10/29 01:30:41 mcr
-+ * elimited "struct sa_id".
-+ *
-+ * Revision 1.10.4.1 2003/09/21 13:59:56 mcr
-+ * pre-liminary X.509 patch - does not yet pass tests.
-+ *
-+ * Revision 1.10 2003/02/06 01:51:41 rgb
-+ * Removed no longer relevant comment
-+ *
-+ * Revision 1.9 2003/01/30 02:32:44 rgb
-+ *
-+ * Transmit error code through to caller from callee for better diagnosis of problems.
-+ *
-+ * Revision 1.8 2002/12/13 22:42:22 mcr
-+ * restored sa_ref code
-+ *
-+ * Revision 1.7 2002/12/13 22:40:48 mcr
-+ * temporarily removed sadb_x_sa_ref reference for 2.xx
-+ *
-+ * Revision 1.6 2002/10/05 05:02:58 dhr
-+ *
-+ * C labels go on statements
-+ *
-+ * Revision 1.5 2002/09/20 15:41:08 rgb
-+ * Switch from pfkey_alloc_ipsec_sa() to ipsec_sa_alloc().
-+ * Added sadb_x_sa_ref to struct sadb_sa.
-+ *
-+ * Revision 1.4 2002/09/20 05:02:02 rgb
-+ * Added memory allocation debugging.
-+ *
-+ * Revision 1.3 2002/07/24 18:44:54 rgb
-+ * Type fiddling to tame ia64 compiler.
-+ *
-+ * Revision 1.2 2002/05/27 18:55:03 rgb
-+ * Remove final vistiges of tdb references via IPSEC_KLIPS1_COMPAT.
-+ *
-+ * Revision 1.1 2002/05/14 02:33:51 rgb
-+ * Moved all the extension processing functions to pfkey_v2_ext_process.c.
-+ *
-+ *
-+ * Local variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/pfkey_v2_parse.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,1846 @@
-+/*
-+ * RFC2367 PF_KEYv2 Key management API message parser
-+ * Copyright (C) 1999, 2000, 2001 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: pfkey_v2_parse.c,v 1.65 2005-04-06 17:46:05 mcr Exp $
-+ */
-+
-+/*
-+ * Template from klips/net/ipsec/ipsec/ipsec_parser.c.
-+ */
-+
-+char pfkey_v2_parse_c_version[] = "$Id: pfkey_v2_parse.c,v 1.65 2005-04-06 17:46:05 mcr Exp $";
-+
-+/*
-+ * Some ugly stuff to allow consistent debugging code for use in the
-+ * kernel and in user space
-+*/
-+
-+#ifdef __KERNEL__
-+
-+# include <linux/kernel.h> /* for printk */
-+
-+#include "openswan/ipsec_kversion.h" /* for malloc switch */
-+
-+# ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+# else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+# endif /* MALLOC_SLAB */
-+# include <linux/errno.h> /* error codes */
-+# include <linux/types.h> /* size_t */
-+# include <linux/interrupt.h> /* mark_bh */
-+
-+# include <linux/netdevice.h> /* struct device, and other headers */
-+# include <linux/etherdevice.h> /* eth_type_trans */
-+# include <linux/ip.h> /* struct iphdr */
-+# if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
-+# include <linux/ipv6.h> /* struct ipv6hdr */
-+# endif /* if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) */
-+extern int debug_pfkey;
-+
-+# include <openswan.h>
-+
-+#include "openswan/ipsec_encap.h"
-+
-+#else /* __KERNEL__ */
-+
-+# include <sys/types.h>
-+# include <linux/types.h>
-+# include <linux/errno.h>
-+
-+# include <openswan.h>
-+# include "constants.h"
-+# include "programs/pluto/defs.h" /* for PRINTF_LIKE */
-+
-+#endif /* __KERNEL__ */
-+
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+#include "openswan/ipsec_sa.h" /* IPSEC_SAREF_NULL, IPSEC_SA_REF_TABLE_IDX_WIDTH */
-+
-+/*
-+ * how to handle debugging for pfkey.
-+ */
-+#include <openswan/pfkey_debug.h>
-+
-+unsigned int pfkey_lib_debug = PF_KEY_DEBUG_PARSE_NONE;
-+void (*pfkey_debug_func)(const char *message, ...) PRINTF_LIKE(1);
-+void (*pfkey_error_func)(const char *message, ...) PRINTF_LIKE(1);
-+
-+
-+#define SENDERR(_x) do { error = -(_x); goto errlab; } while (0)
-+
-+struct satype_tbl {
-+ uint8_t proto;
-+ uint8_t satype;
-+ char* name;
-+} static satype_tbl[] = {
-+#ifdef __KERNEL__
-+ { IPPROTO_ESP, SADB_SATYPE_ESP, "ESP" },
-+ { IPPROTO_AH, SADB_SATYPE_AH, "AH" },
-+ { IPPROTO_IPIP, SADB_X_SATYPE_IPIP, "IPIP" },
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ { IPPROTO_COMP, SADB_X_SATYPE_COMP, "COMP" },
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+ { IPPROTO_INT, SADB_X_SATYPE_INT, "INT" },
-+#else /* __KERNEL__ */
-+ { SA_ESP, SADB_SATYPE_ESP, "ESP" },
-+ { SA_AH, SADB_SATYPE_AH, "AH" },
-+ { SA_IPIP, SADB_X_SATYPE_IPIP, "IPIP" },
-+ { SA_COMP, SADB_X_SATYPE_COMP, "COMP" },
-+ { SA_INT, SADB_X_SATYPE_INT, "INT" },
-+#endif /* __KERNEL__ */
-+ { 0, 0, "UNKNOWN" }
-+};
-+
-+uint8_t
-+satype2proto(uint8_t satype)
-+{
-+ int i =0;
-+
-+ while(satype_tbl[i].satype != satype && satype_tbl[i].satype != 0) {
-+ i++;
-+ }
-+ return satype_tbl[i].proto;
-+}
-+
-+uint8_t
-+proto2satype(uint8_t proto)
-+{
-+ int i = 0;
-+
-+ while(satype_tbl[i].proto != proto && satype_tbl[i].proto != 0) {
-+ i++;
-+ }
-+ return satype_tbl[i].satype;
-+}
-+
-+char*
-+satype2name(uint8_t satype)
-+{
-+ int i = 0;
-+
-+ while(satype_tbl[i].satype != satype && satype_tbl[i].satype != 0) {
-+ i++;
-+ }
-+ return satype_tbl[i].name;
-+}
-+
-+char*
-+proto2name(uint8_t proto)
-+{
-+ int i = 0;
-+
-+ while(satype_tbl[i].proto != proto && satype_tbl[i].proto != 0) {
-+ i++;
-+ }
-+ return satype_tbl[i].name;
-+}
-+
-+/* Default extension parsers taken from the KLIPS code */
-+
-+DEBUG_NO_STATIC int
-+pfkey_sa_parse(struct sadb_ext *pfkey_ext)
-+{
-+ int error = 0;
-+ struct sadb_sa *pfkey_sa = (struct sadb_sa *)pfkey_ext;
-+#if 0
-+ struct sadb_sa sav2;
-+#endif
-+
-+ /* sanity checks... */
-+ if(!pfkey_sa) {
-+ ERROR("pfkey_sa_parse: "
-+ "NULL pointer passed in.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+#if 0
-+ /* check if this structure is short, and if so, fix it up.
-+ * XXX this is NOT the way to do things.
-+ */
-+ if(pfkey_sa->sadb_sa_len == sizeof(struct sadb_sa_v1)/IPSEC_PFKEYv2_ALIGN) {
-+
-+ /* yes, so clear out a temporary structure, and copy first */
-+ memset(&sav2, 0, sizeof(sav2));
-+ memcpy(&sav2, pfkey_sa, sizeof(struct sadb_sa_v1));
-+ sav2.sadb_x_sa_ref=-1;
-+ sav2.sadb_sa_len = sizeof(struct sadb_sa) / IPSEC_PFKEYv2_ALIGN;
-+
-+ pfkey_sa = &sav2;
-+ }
-+#endif
-+
-+
-+ if(pfkey_sa->sadb_sa_len != sizeof(struct sadb_sa) / IPSEC_PFKEYv2_ALIGN) {
-+ ERROR(
-+ "pfkey_sa_parse: "
-+ "length wrong pfkey_sa->sadb_sa_len=%d sizeof(struct sadb_sa)=%d.\n",
-+ pfkey_sa->sadb_sa_len,
-+ (int)sizeof(struct sadb_sa));
-+ SENDERR(EINVAL);
-+ }
-+
-+#if SADB_EALG_MAX < 255
-+ if(pfkey_sa->sadb_sa_encrypt > SADB_EALG_MAX) {
-+ ERROR(
-+ "pfkey_sa_parse: "
-+ "pfkey_sa->sadb_sa_encrypt=%d > SADB_EALG_MAX=%d.\n",
-+ pfkey_sa->sadb_sa_encrypt,
-+ SADB_EALG_MAX);
-+ SENDERR(EINVAL);
-+ }
-+#endif
-+
-+#if SADB_AALG_MAX < 255
-+ if(pfkey_sa->sadb_sa_auth > SADB_AALG_MAX) {
-+ ERROR(
-+ "pfkey_sa_parse: "
-+ "pfkey_sa->sadb_sa_auth=%d > SADB_AALG_MAX=%d.\n",
-+ pfkey_sa->sadb_sa_auth,
-+ SADB_AALG_MAX);
-+ SENDERR(EINVAL);
-+ }
-+#endif
-+
-+#if SADB_SASTATE_MAX < 255
-+ if(pfkey_sa->sadb_sa_state > SADB_SASTATE_MAX) {
-+ ERROR(
-+ "pfkey_sa_parse: "
-+ "state=%d exceeds MAX=%d.\n",
-+ pfkey_sa->sadb_sa_state,
-+ SADB_SASTATE_MAX);
-+ SENDERR(EINVAL);
-+ }
-+#endif
-+
-+ if(pfkey_sa->sadb_sa_state == SADB_SASTATE_DEAD) {
-+ ERROR(
-+ "pfkey_sa_parse: "
-+ "state=%d is DEAD=%d.\n",
-+ pfkey_sa->sadb_sa_state,
-+ SADB_SASTATE_DEAD);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_sa->sadb_sa_replay > 64) {
-+ ERROR(
-+ "pfkey_sa_parse: "
-+ "replay window size: %d -- must be 0 <= size <= 64\n",
-+ pfkey_sa->sadb_sa_replay);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(! ((pfkey_sa->sadb_sa_exttype == SADB_EXT_SA) ||
-+ (pfkey_sa->sadb_sa_exttype == SADB_X_EXT_SA2)))
-+ {
-+ ERROR(
-+ "pfkey_sa_parse: "
-+ "unknown exttype=%d, expecting SADB_EXT_SA=%d or SADB_X_EXT_SA2=%d.\n",
-+ pfkey_sa->sadb_sa_exttype,
-+ SADB_EXT_SA,
-+ SADB_X_EXT_SA2);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if((IPSEC_SAREF_NULL != pfkey_sa->sadb_x_sa_ref) && (pfkey_sa->sadb_x_sa_ref >= (1 << IPSEC_SA_REF_TABLE_IDX_WIDTH))) {
-+ ERROR(
-+ "pfkey_sa_parse: "
-+ "SAref=%d must be (SAref == IPSEC_SAREF_NULL(%d) || SAref < IPSEC_SA_REF_TABLE_NUM_ENTRIES(%d)).\n",
-+ pfkey_sa->sadb_x_sa_ref,
-+ IPSEC_SAREF_NULL,
-+ IPSEC_SA_REF_TABLE_NUM_ENTRIES);
-+ SENDERR(EINVAL);
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_STRUCT,
-+ "pfkey_sa_parse: "
-+ "successfully found len=%d exttype=%d(%s) spi=%08lx replay=%d state=%d auth=%d encrypt=%d flags=%d ref=%d.\n",
-+ pfkey_sa->sadb_sa_len,
-+ pfkey_sa->sadb_sa_exttype,
-+ pfkey_v2_sadb_ext_string(pfkey_sa->sadb_sa_exttype),
-+ (long unsigned int)ntohl(pfkey_sa->sadb_sa_spi),
-+ pfkey_sa->sadb_sa_replay,
-+ pfkey_sa->sadb_sa_state,
-+ pfkey_sa->sadb_sa_auth,
-+ pfkey_sa->sadb_sa_encrypt,
-+ pfkey_sa->sadb_sa_flags,
-+ pfkey_sa->sadb_x_sa_ref);
-+
-+ errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_lifetime_parse(struct sadb_ext *pfkey_ext)
-+{
-+ int error = 0;
-+ struct sadb_lifetime *pfkey_lifetime = (struct sadb_lifetime *)pfkey_ext;
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_FLOW,
-+ "pfkey_lifetime_parse:enter\n");
-+ /* sanity checks... */
-+ if(!pfkey_lifetime) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_lifetime_parse: "
-+ "NULL pointer passed in.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_lifetime->sadb_lifetime_len !=
-+ sizeof(struct sadb_lifetime) / IPSEC_PFKEYv2_ALIGN) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_lifetime_parse: "
-+ "length wrong pfkey_lifetime->sadb_lifetime_len=%d sizeof(struct sadb_lifetime)=%d.\n",
-+ pfkey_lifetime->sadb_lifetime_len,
-+ (int)sizeof(struct sadb_lifetime));
-+ SENDERR(EINVAL);
-+ }
-+
-+ if((pfkey_lifetime->sadb_lifetime_exttype != SADB_EXT_LIFETIME_HARD) &&
-+ (pfkey_lifetime->sadb_lifetime_exttype != SADB_EXT_LIFETIME_SOFT) &&
-+ (pfkey_lifetime->sadb_lifetime_exttype != SADB_EXT_LIFETIME_CURRENT)) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_lifetime_parse: "
-+ "unexpected ext_type=%d.\n",
-+ pfkey_lifetime->sadb_lifetime_exttype);
-+ SENDERR(EINVAL);
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_STRUCT,
-+ "pfkey_lifetime_parse: "
-+ "life_type=%d(%s) alloc=%u bytes=%u add=%u use=%u pkts=%u.\n",
-+ pfkey_lifetime->sadb_lifetime_exttype,
-+ pfkey_v2_sadb_ext_string(pfkey_lifetime->sadb_lifetime_exttype),
-+ pfkey_lifetime->sadb_lifetime_allocations,
-+ (unsigned)pfkey_lifetime->sadb_lifetime_bytes,
-+ (unsigned)pfkey_lifetime->sadb_lifetime_addtime,
-+ (unsigned)pfkey_lifetime->sadb_lifetime_usetime,
-+ pfkey_lifetime->sadb_x_lifetime_packets);
-+errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_address_parse(struct sadb_ext *pfkey_ext)
-+{
-+ int error = 0;
-+ int saddr_len = 0;
-+ struct sadb_address *pfkey_address = (struct sadb_address *)pfkey_ext;
-+ struct sockaddr* s = (struct sockaddr*)((char*)pfkey_address + sizeof(*pfkey_address));
-+ char ipaddr_txt[ADDRTOT_BUF];
-+
-+ /* sanity checks... */
-+ if(!pfkey_address) {
-+ ERROR(
-+ "pfkey_address_parse: "
-+ "NULL pointer passed in.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_address->sadb_address_len <
-+ (sizeof(struct sadb_address) + sizeof(struct sockaddr))/
-+ IPSEC_PFKEYv2_ALIGN) {
-+ ERROR("pfkey_address_parse: "
-+ "size wrong 1 ext_len=%d, adr_ext_len=%d, saddr_len=%d.\n",
-+ pfkey_address->sadb_address_len,
-+ (int)sizeof(struct sadb_address),
-+ (int)sizeof(struct sockaddr));
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_address->sadb_address_reserved) {
-+ ERROR("pfkey_address_parse: "
-+ "res=%d, must be zero.\n",
-+ pfkey_address->sadb_address_reserved);
-+ SENDERR(EINVAL);
-+ }
-+
-+ switch(pfkey_address->sadb_address_exttype) {
-+ case SADB_EXT_ADDRESS_SRC:
-+ case SADB_EXT_ADDRESS_DST:
-+ case SADB_EXT_ADDRESS_PROXY:
-+ case SADB_X_EXT_ADDRESS_DST2:
-+ case SADB_X_EXT_ADDRESS_SRC_FLOW:
-+ case SADB_X_EXT_ADDRESS_DST_FLOW:
-+ case SADB_X_EXT_ADDRESS_SRC_MASK:
-+ case SADB_X_EXT_ADDRESS_DST_MASK:
-+#ifdef NAT_TRAVERSAL
-+ case SADB_X_EXT_NAT_T_OA:
-+#endif
-+ break;
-+ default:
-+ ERROR(
-+ "pfkey_address_parse: "
-+ "unexpected ext_type=%d.\n",
-+ pfkey_address->sadb_address_exttype);
-+ SENDERR(ENOPKG);
-+ }
-+
-+ switch(s->sa_family) {
-+ case AF_INET:
-+ saddr_len = sizeof(struct sockaddr_in);
-+ sprintf(ipaddr_txt, "%d.%d.%d.%d"
-+ , (((struct sockaddr_in*)s)->sin_addr.s_addr >> 0) & 0xFF
-+ , (((struct sockaddr_in*)s)->sin_addr.s_addr >> 8) & 0xFF
-+ , (((struct sockaddr_in*)s)->sin_addr.s_addr >> 16) & 0xFF
-+ , (((struct sockaddr_in*)s)->sin_addr.s_addr >> 24) & 0xFF);
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_STRUCT,
-+ "pfkey_address_parse: "
-+ "found exttype=%u(%s) family=%d(AF_INET) address=%s proto=%u port=%u.\n",
-+ pfkey_address->sadb_address_exttype,
-+ pfkey_v2_sadb_ext_string(pfkey_address->sadb_address_exttype),
-+ s->sa_family,
-+ ipaddr_txt,
-+ pfkey_address->sadb_address_proto,
-+ ntohs(((struct sockaddr_in*)s)->sin_port));
-+ break;
-+ case AF_INET6:
-+ saddr_len = sizeof(struct sockaddr_in6);
-+ sprintf(ipaddr_txt, "%x:%x:%x:%x:%x:%x:%x:%x"
-+ , ntohs(((struct sockaddr_in6*)s)->sin6_addr.s6_addr16[0])
-+ , ntohs(((struct sockaddr_in6*)s)->sin6_addr.s6_addr16[1])
-+ , ntohs(((struct sockaddr_in6*)s)->sin6_addr.s6_addr16[2])
-+ , ntohs(((struct sockaddr_in6*)s)->sin6_addr.s6_addr16[3])
-+ , ntohs(((struct sockaddr_in6*)s)->sin6_addr.s6_addr16[4])
-+ , ntohs(((struct sockaddr_in6*)s)->sin6_addr.s6_addr16[5])
-+ , ntohs(((struct sockaddr_in6*)s)->sin6_addr.s6_addr16[6])
-+ , ntohs(((struct sockaddr_in6*)s)->sin6_addr.s6_addr16[7]));
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_STRUCT,
-+ "pfkey_address_parse: "
-+ "found exttype=%u(%s) family=%d(AF_INET6) address=%s proto=%u port=%u.\n",
-+ pfkey_address->sadb_address_exttype,
-+ pfkey_v2_sadb_ext_string(pfkey_address->sadb_address_exttype),
-+ s->sa_family,
-+ ipaddr_txt,
-+ pfkey_address->sadb_address_proto,
-+ ((struct sockaddr_in6*)s)->sin6_port);
-+ break;
-+ default:
-+ ERROR(
-+ "pfkey_address_parse: "
-+ "s->sa_family=%d not supported.\n",
-+ s->sa_family);
-+ SENDERR(EPFNOSUPPORT);
-+ }
-+
-+ if(pfkey_address->sadb_address_len !=
-+ DIVUP(sizeof(struct sadb_address) + saddr_len, IPSEC_PFKEYv2_ALIGN)) {
-+ ERROR(
-+ "pfkey_address_parse: "
-+ "size wrong 2 ext_len=%d, adr_ext_len=%d, saddr_len=%d.\n",
-+ pfkey_address->sadb_address_len,
-+ (int)sizeof(struct sadb_address),
-+ saddr_len);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_address->sadb_address_prefixlen != 0) {
-+ ERROR(
-+ "pfkey_address_parse: "
-+ "address prefixes not supported yet.\n");
-+ SENDERR(EAFNOSUPPORT); /* not supported yet */
-+ }
-+
-+ /* XXX check if port!=0 */
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_FLOW,
-+ "pfkey_address_parse: successful.\n");
-+ errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_key_parse(struct sadb_ext *pfkey_ext)
-+{
-+ int error = 0;
-+ struct sadb_key *pfkey_key = (struct sadb_key *)pfkey_ext;
-+
-+ /* sanity checks... */
-+
-+ if(!pfkey_key) {
-+ ERROR(
-+ "pfkey_key_parse: "
-+ "NULL pointer passed in.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_key->sadb_key_len < sizeof(struct sadb_key) / IPSEC_PFKEYv2_ALIGN) {
-+ ERROR(
-+ "pfkey_key_parse: "
-+ "size wrong ext_len=%d, key_ext_len=%d.\n",
-+ pfkey_key->sadb_key_len,
-+ (int)sizeof(struct sadb_key));
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(!pfkey_key->sadb_key_bits) {
-+ ERROR(
-+ "pfkey_key_parse: "
-+ "key length set to zero, must be non-zero.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_key->sadb_key_len !=
-+ DIVUP(sizeof(struct sadb_key) * OCTETBITS + pfkey_key->sadb_key_bits,
-+ PFKEYBITS)) {
-+ ERROR(
-+ "pfkey_key_parse: "
-+ "key length=%d does not agree with extension length=%d.\n",
-+ pfkey_key->sadb_key_bits,
-+ pfkey_key->sadb_key_len);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_key->sadb_key_reserved) {
-+ ERROR(
-+ "pfkey_key_parse: "
-+ "res=%d, must be zero.\n",
-+ pfkey_key->sadb_key_reserved);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(! ( (pfkey_key->sadb_key_exttype == SADB_EXT_KEY_AUTH) ||
-+ (pfkey_key->sadb_key_exttype == SADB_EXT_KEY_ENCRYPT))) {
-+ ERROR(
-+ "pfkey_key_parse: "
-+ "expecting extension type AUTH or ENCRYPT, got %d.\n",
-+ pfkey_key->sadb_key_exttype);
-+ SENDERR(EINVAL);
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_STRUCT,
-+ "pfkey_key_parse: "
-+ "success, found len=%d exttype=%d(%s) bits=%d reserved=%d.\n",
-+ pfkey_key->sadb_key_len,
-+ pfkey_key->sadb_key_exttype,
-+ pfkey_v2_sadb_ext_string(pfkey_key->sadb_key_exttype),
-+ pfkey_key->sadb_key_bits,
-+ pfkey_key->sadb_key_reserved);
-+
-+errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_ident_parse(struct sadb_ext *pfkey_ext)
-+{
-+ int error = 0;
-+ struct sadb_ident *pfkey_ident = (struct sadb_ident *)pfkey_ext;
-+
-+ /* sanity checks... */
-+ if(pfkey_ident->sadb_ident_len < sizeof(struct sadb_ident) / IPSEC_PFKEYv2_ALIGN) {
-+ ERROR(
-+ "pfkey_ident_parse: "
-+ "size wrong ext_len=%d, key_ext_len=%d.\n",
-+ pfkey_ident->sadb_ident_len,
-+ (int)sizeof(struct sadb_ident));
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_ident->sadb_ident_type > SADB_IDENTTYPE_MAX) {
-+ ERROR(
-+ "pfkey_ident_parse: "
-+ "ident_type=%d out of range, must be less than %d.\n",
-+ pfkey_ident->sadb_ident_type,
-+ SADB_IDENTTYPE_MAX);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_ident->sadb_ident_reserved) {
-+ ERROR(
-+ "pfkey_ident_parse: "
-+ "res=%d, must be zero.\n",
-+ pfkey_ident->sadb_ident_reserved);
-+ SENDERR(EINVAL);
-+ }
-+
-+ /* string terminator/padding must be zero */
-+ if(pfkey_ident->sadb_ident_len > sizeof(struct sadb_ident) / IPSEC_PFKEYv2_ALIGN) {
-+ if(*((char*)pfkey_ident + pfkey_ident->sadb_ident_len * IPSEC_PFKEYv2_ALIGN - 1)) {
-+ ERROR(
-+ "pfkey_ident_parse: "
-+ "string padding must be zero, last is 0x%02x.\n",
-+ *((char*)pfkey_ident +
-+ pfkey_ident->sadb_ident_len * IPSEC_PFKEYv2_ALIGN - 1));
-+ SENDERR(EINVAL);
-+ }
-+ }
-+
-+ if( ! ((pfkey_ident->sadb_ident_exttype == SADB_EXT_IDENTITY_SRC) ||
-+ (pfkey_ident->sadb_ident_exttype == SADB_EXT_IDENTITY_DST))) {
-+ ERROR(
-+ "pfkey_key_parse: "
-+ "expecting extension type IDENTITY_SRC or IDENTITY_DST, got %d.\n",
-+ pfkey_ident->sadb_ident_exttype);
-+ SENDERR(EINVAL);
-+ }
-+
-+errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_sens_parse(struct sadb_ext *pfkey_ext)
-+{
-+ int error = 0;
-+ struct sadb_sens *pfkey_sens = (struct sadb_sens *)pfkey_ext;
-+
-+ /* sanity checks... */
-+ if(pfkey_sens->sadb_sens_len < sizeof(struct sadb_sens) / IPSEC_PFKEYv2_ALIGN) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_sens_parse: "
-+ "size wrong ext_len=%d, key_ext_len=%d.\n",
-+ pfkey_sens->sadb_sens_len,
-+ (int)sizeof(struct sadb_sens));
-+ SENDERR(EINVAL);
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_sens_parse: "
-+ "Sorry, I can't parse exttype=%d yet.\n",
-+ pfkey_ext->sadb_ext_type);
-+#if 0
-+ SENDERR(EINVAL); /* don't process these yet */
-+#endif
-+
-+errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_prop_parse(struct sadb_ext *pfkey_ext)
-+{
-+ int error = 0;
-+ int i, num_comb;
-+ struct sadb_prop *pfkey_prop = (struct sadb_prop *)pfkey_ext;
-+ struct sadb_comb *pfkey_comb = (struct sadb_comb *)((char*)pfkey_ext + sizeof(struct sadb_prop));
-+
-+ /* sanity checks... */
-+ if((pfkey_prop->sadb_prop_len < sizeof(struct sadb_prop) / IPSEC_PFKEYv2_ALIGN) ||
-+ (((pfkey_prop->sadb_prop_len * IPSEC_PFKEYv2_ALIGN) - sizeof(struct sadb_prop)) % sizeof(struct sadb_comb))) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "size wrong ext_len=%d, prop_ext_len=%d comb_ext_len=%d.\n",
-+ pfkey_prop->sadb_prop_len,
-+ (int)sizeof(struct sadb_prop),
-+ (int)sizeof(struct sadb_comb));
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_prop->sadb_prop_replay > 64) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "replay window size: %d -- must be 0 <= size <= 64\n",
-+ pfkey_prop->sadb_prop_replay);
-+ SENDERR(EINVAL);
-+ }
-+
-+ for(i=0; i<3; i++) {
-+ if(pfkey_prop->sadb_prop_reserved[i]) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "res[%d]=%d, must be zero.\n",
-+ i, pfkey_prop->sadb_prop_reserved[i]);
-+ SENDERR(EINVAL);
-+ }
-+ }
-+
-+ num_comb = ((pfkey_prop->sadb_prop_len * IPSEC_PFKEYv2_ALIGN) - sizeof(struct sadb_prop)) / sizeof(struct sadb_comb);
-+
-+ for(i = 0; i < num_comb; i++) {
-+ if(pfkey_comb->sadb_comb_auth > SADB_AALG_MAX) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "pfkey_comb[%d]->sadb_comb_auth=%d > SADB_AALG_MAX=%d.\n",
-+ i,
-+ pfkey_comb->sadb_comb_auth,
-+ SADB_AALG_MAX);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_comb->sadb_comb_auth) {
-+ if(!pfkey_comb->sadb_comb_auth_minbits) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "pfkey_comb[%d]->sadb_comb_auth_minbits=0, fatal.\n",
-+ i);
-+ SENDERR(EINVAL);
-+ }
-+ if(!pfkey_comb->sadb_comb_auth_maxbits) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "pfkey_comb[%d]->sadb_comb_auth_maxbits=0, fatal.\n",
-+ i);
-+ SENDERR(EINVAL);
-+ }
-+ if(pfkey_comb->sadb_comb_auth_minbits > pfkey_comb->sadb_comb_auth_maxbits) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "pfkey_comb[%d]->sadb_comb_auth_minbits=%d > maxbits=%d, fatal.\n",
-+ i,
-+ pfkey_comb->sadb_comb_auth_minbits,
-+ pfkey_comb->sadb_comb_auth_maxbits);
-+ SENDERR(EINVAL);
-+ }
-+ } else {
-+ if(pfkey_comb->sadb_comb_auth_minbits) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "pfkey_comb[%d]->sadb_comb_auth_minbits=%d != 0, fatal.\n",
-+ i,
-+ pfkey_comb->sadb_comb_auth_minbits);
-+ SENDERR(EINVAL);
-+ }
-+ if(pfkey_comb->sadb_comb_auth_maxbits) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "pfkey_comb[%d]->sadb_comb_auth_maxbits=%d != 0, fatal.\n",
-+ i,
-+ pfkey_comb->sadb_comb_auth_maxbits);
-+ SENDERR(EINVAL);
-+ }
-+ }
-+
-+#if SADB_EALG_MAX < 255
-+ if(pfkey_comb->sadb_comb_encrypt > SADB_EALG_MAX) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_comb_parse: "
-+ "pfkey_comb[%d]->sadb_comb_encrypt=%d > SADB_EALG_MAX=%d.\n",
-+ i,
-+ pfkey_comb->sadb_comb_encrypt,
-+ SADB_EALG_MAX);
-+ SENDERR(EINVAL);
-+ }
-+#endif
-+
-+ if(pfkey_comb->sadb_comb_encrypt) {
-+ if(!pfkey_comb->sadb_comb_encrypt_minbits) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "pfkey_comb[%d]->sadb_comb_encrypt_minbits=0, fatal.\n",
-+ i);
-+ SENDERR(EINVAL);
-+ }
-+ if(!pfkey_comb->sadb_comb_encrypt_maxbits) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "pfkey_comb[%d]->sadb_comb_encrypt_maxbits=0, fatal.\n",
-+ i);
-+ SENDERR(EINVAL);
-+ }
-+ if(pfkey_comb->sadb_comb_encrypt_minbits > pfkey_comb->sadb_comb_encrypt_maxbits) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "pfkey_comb[%d]->sadb_comb_encrypt_minbits=%d > maxbits=%d, fatal.\n",
-+ i,
-+ pfkey_comb->sadb_comb_encrypt_minbits,
-+ pfkey_comb->sadb_comb_encrypt_maxbits);
-+ SENDERR(EINVAL);
-+ }
-+ } else {
-+ if(pfkey_comb->sadb_comb_encrypt_minbits) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "pfkey_comb[%d]->sadb_comb_encrypt_minbits=%d != 0, fatal.\n",
-+ i,
-+ pfkey_comb->sadb_comb_encrypt_minbits);
-+ SENDERR(EINVAL);
-+ }
-+ if(pfkey_comb->sadb_comb_encrypt_maxbits) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "pfkey_comb[%d]->sadb_comb_encrypt_maxbits=%d != 0, fatal.\n",
-+ i,
-+ pfkey_comb->sadb_comb_encrypt_maxbits);
-+ SENDERR(EINVAL);
-+ }
-+ }
-+
-+ /* XXX do sanity check on flags */
-+
-+ if(pfkey_comb->sadb_comb_hard_allocations && pfkey_comb->sadb_comb_soft_allocations > pfkey_comb->sadb_comb_hard_allocations) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "pfkey_comb[%d]->sadb_comb_soft_allocations=%d > hard_allocations=%d, fatal.\n",
-+ i,
-+ pfkey_comb->sadb_comb_soft_allocations,
-+ pfkey_comb->sadb_comb_hard_allocations);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_comb->sadb_comb_hard_bytes && pfkey_comb->sadb_comb_soft_bytes > pfkey_comb->sadb_comb_hard_bytes) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "pfkey_comb[%d]->sadb_comb_soft_bytes=%Ld > hard_bytes=%Ld, fatal.\n",
-+ i,
-+ (unsigned long long int)pfkey_comb->sadb_comb_soft_bytes,
-+ (unsigned long long int)pfkey_comb->sadb_comb_hard_bytes);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_comb->sadb_comb_hard_addtime && pfkey_comb->sadb_comb_soft_addtime > pfkey_comb->sadb_comb_hard_addtime) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "pfkey_comb[%d]->sadb_comb_soft_addtime=%Ld > hard_addtime=%Ld, fatal.\n",
-+ i,
-+ (unsigned long long int)pfkey_comb->sadb_comb_soft_addtime,
-+ (unsigned long long int)pfkey_comb->sadb_comb_hard_addtime);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_comb->sadb_comb_hard_usetime && pfkey_comb->sadb_comb_soft_usetime > pfkey_comb->sadb_comb_hard_usetime) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "pfkey_comb[%d]->sadb_comb_soft_usetime=%Ld > hard_usetime=%Ld, fatal.\n",
-+ i,
-+ (unsigned long long int)pfkey_comb->sadb_comb_soft_usetime,
-+ (unsigned long long int)pfkey_comb->sadb_comb_hard_usetime);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_comb->sadb_x_comb_hard_packets && pfkey_comb->sadb_x_comb_soft_packets > pfkey_comb->sadb_x_comb_hard_packets) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "pfkey_comb[%d]->sadb_x_comb_soft_packets=%d > hard_packets=%d, fatal.\n",
-+ i,
-+ pfkey_comb->sadb_x_comb_soft_packets,
-+ pfkey_comb->sadb_x_comb_hard_packets);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_comb->sadb_comb_reserved) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "comb[%d].res=%d, must be zero.\n",
-+ i,
-+ pfkey_comb->sadb_comb_reserved);
-+ SENDERR(EINVAL);
-+ }
-+ pfkey_comb++;
-+ }
-+
-+errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_supported_parse(struct sadb_ext *pfkey_ext)
-+{
-+ int error = 0;
-+ unsigned int i, num_alg;
-+ struct sadb_supported *pfkey_supported = (struct sadb_supported *)pfkey_ext;
-+ struct sadb_alg *pfkey_alg = (struct sadb_alg*)((char*)pfkey_ext + sizeof(struct sadb_supported));
-+
-+ /* sanity checks... */
-+ if((pfkey_supported->sadb_supported_len <
-+ sizeof(struct sadb_supported) / IPSEC_PFKEYv2_ALIGN) ||
-+ (((pfkey_supported->sadb_supported_len * IPSEC_PFKEYv2_ALIGN) -
-+ sizeof(struct sadb_supported)) % sizeof(struct sadb_alg))) {
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_supported_parse: "
-+ "size wrong ext_len=%d, supported_ext_len=%d alg_ext_len=%d.\n",
-+ pfkey_supported->sadb_supported_len,
-+ (int)sizeof(struct sadb_supported),
-+ (int)sizeof(struct sadb_alg));
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_supported->sadb_supported_reserved) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_supported_parse: "
-+ "res=%d, must be zero.\n",
-+ pfkey_supported->sadb_supported_reserved);
-+ SENDERR(EINVAL);
-+ }
-+
-+ num_alg = ((pfkey_supported->sadb_supported_len * IPSEC_PFKEYv2_ALIGN) - sizeof(struct sadb_supported)) / sizeof(struct sadb_alg);
-+
-+ for(i = 0; i < num_alg; i++) {
-+ /* process algo description */
-+ if(pfkey_alg->sadb_alg_reserved) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_supported_parse: "
-+ "alg[%d], id=%d, ivlen=%d, minbits=%d, maxbits=%d, res=%d, must be zero.\n",
-+ i,
-+ pfkey_alg->sadb_alg_id,
-+ pfkey_alg->sadb_alg_ivlen,
-+ pfkey_alg->sadb_alg_minbits,
-+ pfkey_alg->sadb_alg_maxbits,
-+ pfkey_alg->sadb_alg_reserved);
-+ SENDERR(EINVAL);
-+ }
-+
-+ /* XXX can alg_id auth/enc be determined from info given?
-+ Yes, but OpenBSD's method does not iteroperate with rfc2367.
-+ rgb, 2000-04-06 */
-+
-+ switch(pfkey_supported->sadb_supported_exttype) {
-+ case SADB_EXT_SUPPORTED_AUTH:
-+ if(pfkey_alg->sadb_alg_id > SADB_AALG_MAX) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_supported_parse: "
-+ "alg[%d], alg_id=%d > SADB_AALG_MAX=%d, fatal.\n",
-+ i,
-+ pfkey_alg->sadb_alg_id,
-+ SADB_AALG_MAX);
-+ SENDERR(EINVAL);
-+ }
-+ break;
-+ case SADB_EXT_SUPPORTED_ENCRYPT:
-+#if SADB_EALG_MAX < 255
-+ if(pfkey_alg->sadb_alg_id > SADB_EALG_MAX) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_supported_parse: "
-+ "alg[%d], alg_id=%d > SADB_EALG_MAX=%d, fatal.\n",
-+ i,
-+ pfkey_alg->sadb_alg_id,
-+ SADB_EALG_MAX);
-+ SENDERR(EINVAL);
-+ }
-+#endif
-+ break;
-+ default:
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_supported_parse: "
-+ "alg[%d], alg_id=%d > SADB_EALG_MAX=%d, fatal.\n",
-+ i,
-+ pfkey_alg->sadb_alg_id,
-+ SADB_EALG_MAX);
-+ SENDERR(EINVAL);
-+ }
-+ pfkey_alg++;
-+ }
-+
-+ errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_spirange_parse(struct sadb_ext *pfkey_ext)
-+{
-+ int error = 0;
-+ struct sadb_spirange *pfkey_spirange = (struct sadb_spirange *)pfkey_ext;
-+
-+ /* sanity checks... */
-+ if(pfkey_spirange->sadb_spirange_len !=
-+ sizeof(struct sadb_spirange) / IPSEC_PFKEYv2_ALIGN) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_spirange_parse: "
-+ "size wrong ext_len=%d, key_ext_len=%d.\n",
-+ pfkey_spirange->sadb_spirange_len,
-+ (int)sizeof(struct sadb_spirange));
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_spirange->sadb_spirange_reserved) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_spirange_parse: "
-+ "reserved=%d must be set to zero.\n",
-+ pfkey_spirange->sadb_spirange_reserved);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(ntohl(pfkey_spirange->sadb_spirange_max) < ntohl(pfkey_spirange->sadb_spirange_min)) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_spirange_parse: "
-+ "minspi=%08x must be < maxspi=%08x.\n",
-+ ntohl(pfkey_spirange->sadb_spirange_min),
-+ ntohl(pfkey_spirange->sadb_spirange_max));
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(ntohl(pfkey_spirange->sadb_spirange_min) <= 255) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_spirange_parse: "
-+ "minspi=%08x must be > 255.\n",
-+ ntohl(pfkey_spirange->sadb_spirange_min));
-+ SENDERR(EEXIST);
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_STRUCT,
-+ "pfkey_spirange_parse: "
-+ "ext_len=%u ext_type=%u(%s) min=%u max=%u res=%u.\n",
-+ pfkey_spirange->sadb_spirange_len,
-+ pfkey_spirange->sadb_spirange_exttype,
-+ pfkey_v2_sadb_ext_string(pfkey_spirange->sadb_spirange_exttype),
-+ pfkey_spirange->sadb_spirange_min,
-+ pfkey_spirange->sadb_spirange_max,
-+ pfkey_spirange->sadb_spirange_reserved);
-+ errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_x_kmprivate_parse(struct sadb_ext *pfkey_ext)
-+{
-+ int error = 0;
-+ struct sadb_x_kmprivate *pfkey_x_kmprivate = (struct sadb_x_kmprivate *)pfkey_ext;
-+
-+ /* sanity checks... */
-+ if(pfkey_x_kmprivate->sadb_x_kmprivate_len <
-+ sizeof(struct sadb_x_kmprivate) / IPSEC_PFKEYv2_ALIGN) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_x_kmprivate_parse: "
-+ "size wrong ext_len=%d, key_ext_len=%d.\n",
-+ pfkey_x_kmprivate->sadb_x_kmprivate_len,
-+ (int)sizeof(struct sadb_x_kmprivate));
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_x_kmprivate->sadb_x_kmprivate_reserved) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_x_kmprivate_parse: "
-+ "reserved=%d must be set to zero.\n",
-+ pfkey_x_kmprivate->sadb_x_kmprivate_reserved);
-+ SENDERR(EINVAL);
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_x_kmprivate_parse: "
-+ "Sorry, I can't parse exttype=%d yet.\n",
-+ pfkey_ext->sadb_ext_type);
-+ SENDERR(EINVAL); /* don't process these yet */
-+
-+errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_x_satype_parse(struct sadb_ext *pfkey_ext)
-+{
-+ int error = 0;
-+ int i;
-+ struct sadb_x_satype *pfkey_x_satype = (struct sadb_x_satype *)pfkey_ext;
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_FLOW,
-+ "pfkey_x_satype_parse: enter\n");
-+ /* sanity checks... */
-+ if(pfkey_x_satype->sadb_x_satype_len !=
-+ sizeof(struct sadb_x_satype) / IPSEC_PFKEYv2_ALIGN) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_x_satype_parse: "
-+ "size wrong ext_len=%d, key_ext_len=%d.\n",
-+ pfkey_x_satype->sadb_x_satype_len,
-+ (int)sizeof(struct sadb_x_satype));
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(!pfkey_x_satype->sadb_x_satype_satype) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_x_satype_parse: "
-+ "satype is zero, must be non-zero.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_x_satype->sadb_x_satype_satype > SADB_SATYPE_MAX) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_x_satype_parse: "
-+ "satype %d > max %d, invalid.\n",
-+ pfkey_x_satype->sadb_x_satype_satype, SADB_SATYPE_MAX);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(!(satype2proto(pfkey_x_satype->sadb_x_satype_satype))) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_x_satype_parse: "
-+ "proto lookup from satype=%d failed.\n",
-+ pfkey_x_satype->sadb_x_satype_satype);
-+ SENDERR(EINVAL);
-+ }
-+
-+ for(i = 0; i < 3; i++) {
-+ if(pfkey_x_satype->sadb_x_satype_reserved[i]) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_x_satype_parse: "
-+ "reserved[%d]=%d must be set to zero.\n",
-+ i, pfkey_x_satype->sadb_x_satype_reserved[i]);
-+ SENDERR(EINVAL);
-+ }
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_STRUCT,
-+ "pfkey_x_satype_parse: "
-+ "len=%u ext=%u(%s) satype=%u(%s) res=%u,%u,%u.\n",
-+ pfkey_x_satype->sadb_x_satype_len,
-+ pfkey_x_satype->sadb_x_satype_exttype,
-+ pfkey_v2_sadb_ext_string(pfkey_x_satype->sadb_x_satype_exttype),
-+ pfkey_x_satype->sadb_x_satype_satype,
-+ satype2name(pfkey_x_satype->sadb_x_satype_satype),
-+ pfkey_x_satype->sadb_x_satype_reserved[0],
-+ pfkey_x_satype->sadb_x_satype_reserved[1],
-+ pfkey_x_satype->sadb_x_satype_reserved[2]);
-+errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_x_ext_debug_parse(struct sadb_ext *pfkey_ext)
-+{
-+ int error = 0;
-+ int i;
-+ struct sadb_x_debug *pfkey_x_debug = (struct sadb_x_debug *)pfkey_ext;
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_FLOW,
-+ "pfkey_x_debug_parse: enter\n");
-+ /* sanity checks... */
-+ if(pfkey_x_debug->sadb_x_debug_len !=
-+ sizeof(struct sadb_x_debug) / IPSEC_PFKEYv2_ALIGN) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_x_debug_parse: "
-+ "size wrong ext_len=%d, key_ext_len=%d.\n",
-+ pfkey_x_debug->sadb_x_debug_len,
-+ (int)sizeof(struct sadb_x_debug));
-+ SENDERR(EINVAL);
-+ }
-+
-+ for(i = 0; i < 4; i++) {
-+ if(pfkey_x_debug->sadb_x_debug_reserved[i]) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_x_debug_parse: "
-+ "reserved[%d]=%d must be set to zero.\n",
-+ i, pfkey_x_debug->sadb_x_debug_reserved[i]);
-+ SENDERR(EINVAL);
-+ }
-+ }
-+
-+errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_x_ext_protocol_parse(struct sadb_ext *pfkey_ext)
-+{
-+ int error = 0;
-+ struct sadb_protocol *p = (struct sadb_protocol *)pfkey_ext;
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM, "pfkey_x_protocol_parse:\n");
-+ /* sanity checks... */
-+
-+ if (p->sadb_protocol_len != sizeof(*p)/IPSEC_PFKEYv2_ALIGN) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_x_protocol_parse: size wrong ext_len=%d, key_ext_len=%d.\n",
-+ p->sadb_protocol_len, (int)sizeof(*p));
-+ SENDERR(EINVAL);
-+ }
-+
-+ if (p->sadb_protocol_reserved2 != 0) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_protocol_parse: res=%d, must be zero.\n",
-+ p->sadb_protocol_reserved2);
-+ SENDERR(EINVAL);
-+ }
-+
-+ errlab:
-+ return error;
-+}
-+
-+#ifdef NAT_TRAVERSAL
-+DEBUG_NO_STATIC int
-+pfkey_x_ext_nat_t_type_parse(struct sadb_ext *pfkey_ext)
-+{
-+ return 0;
-+}
-+DEBUG_NO_STATIC int
-+pfkey_x_ext_nat_t_port_parse(struct sadb_ext *pfkey_ext)
-+{
-+ return 0;
-+}
-+#endif
-+
-+#define DEFINEPARSER(NAME) static struct pf_key_ext_parsers_def NAME##_def={NAME, #NAME};
-+
-+DEFINEPARSER(pfkey_sa_parse);
-+DEFINEPARSER(pfkey_lifetime_parse);
-+DEFINEPARSER(pfkey_address_parse);
-+DEFINEPARSER(pfkey_key_parse);
-+DEFINEPARSER(pfkey_ident_parse);
-+DEFINEPARSER(pfkey_sens_parse);
-+DEFINEPARSER(pfkey_prop_parse);
-+DEFINEPARSER(pfkey_supported_parse);
-+DEFINEPARSER(pfkey_spirange_parse);
-+DEFINEPARSER(pfkey_x_kmprivate_parse);
-+DEFINEPARSER(pfkey_x_satype_parse);
-+DEFINEPARSER(pfkey_x_ext_debug_parse);
-+DEFINEPARSER(pfkey_x_ext_protocol_parse);
-+#ifdef NAT_TRAVERSAL
-+DEFINEPARSER(pfkey_x_ext_nat_t_type_parse);
-+DEFINEPARSER(pfkey_x_ext_nat_t_port_parse);
-+#endif
-+
-+struct pf_key_ext_parsers_def *ext_default_parsers[]=
-+{
-+ NULL, /* pfkey_msg_parse, */
-+ &pfkey_sa_parse_def,
-+ &pfkey_lifetime_parse_def,
-+ &pfkey_lifetime_parse_def,
-+ &pfkey_lifetime_parse_def,
-+ &pfkey_address_parse_def,
-+ &pfkey_address_parse_def,
-+ &pfkey_address_parse_def,
-+ &pfkey_key_parse_def,
-+ &pfkey_key_parse_def,
-+ &pfkey_ident_parse_def,
-+ &pfkey_ident_parse_def,
-+ &pfkey_sens_parse_def,
-+ &pfkey_prop_parse_def,
-+ &pfkey_supported_parse_def,
-+ &pfkey_supported_parse_def,
-+ &pfkey_spirange_parse_def,
-+ &pfkey_x_kmprivate_parse_def,
-+ &pfkey_x_satype_parse_def,
-+ &pfkey_sa_parse_def,
-+ &pfkey_address_parse_def,
-+ &pfkey_address_parse_def,
-+ &pfkey_address_parse_def,
-+ &pfkey_address_parse_def,
-+ &pfkey_address_parse_def,
-+ &pfkey_x_ext_debug_parse_def,
-+ &pfkey_x_ext_protocol_parse_def
-+#ifdef NAT_TRAVERSAL
-+ ,
-+ &pfkey_x_ext_nat_t_type_parse_def,
-+ &pfkey_x_ext_nat_t_port_parse_def,
-+ &pfkey_x_ext_nat_t_port_parse_def,
-+ &pfkey_address_parse_def
-+#endif
-+};
-+
-+int
-+pfkey_msg_parse(struct sadb_msg *pfkey_msg,
-+ struct pf_key_ext_parsers_def *ext_parsers[],
-+ struct sadb_ext *extensions[],
-+ int dir)
-+{
-+ int error = 0;
-+ int remain;
-+ struct sadb_ext *pfkey_ext;
-+ int extensions_seen = 0;
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_STRUCT,
-+ "pfkey_msg_parse: "
-+ "parsing message ver=%d, type=%d(%s), errno=%d, satype=%d(%s), len=%d, res=%d, seq=%d, pid=%d.\n",
-+ pfkey_msg->sadb_msg_version,
-+ pfkey_msg->sadb_msg_type,
-+ pfkey_v2_sadb_type_string(pfkey_msg->sadb_msg_type),
-+ pfkey_msg->sadb_msg_errno,
-+ pfkey_msg->sadb_msg_satype,
-+ satype2name(pfkey_msg->sadb_msg_satype),
-+ pfkey_msg->sadb_msg_len,
-+ pfkey_msg->sadb_msg_reserved,
-+ pfkey_msg->sadb_msg_seq,
-+ pfkey_msg->sadb_msg_pid);
-+
-+ if(ext_parsers == NULL) ext_parsers = ext_default_parsers;
-+
-+ pfkey_extensions_init(extensions);
-+
-+ remain = pfkey_msg->sadb_msg_len;
-+ remain -= sizeof(struct sadb_msg) / IPSEC_PFKEYv2_ALIGN;
-+
-+ pfkey_ext = (struct sadb_ext*)((char*)pfkey_msg +
-+ sizeof(struct sadb_msg));
-+
-+ extensions[0] = (struct sadb_ext *) pfkey_msg;
-+
-+
-+ if(pfkey_msg->sadb_msg_version != PF_KEY_V2) {
-+ ERROR("pfkey_msg_parse: "
-+ "not PF_KEY_V2 msg, found %d, should be %d.\n",
-+ pfkey_msg->sadb_msg_version,
-+ PF_KEY_V2);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(!pfkey_msg->sadb_msg_type) {
-+ ERROR("pfkey_msg_parse: "
-+ "msg type not set, must be non-zero..\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_msg->sadb_msg_type > SADB_MAX) {
-+ ERROR("pfkey_msg_parse: "
-+ "msg type=%d > max=%d.\n",
-+ pfkey_msg->sadb_msg_type,
-+ SADB_MAX);
-+ SENDERR(EINVAL);
-+ }
-+
-+ switch(pfkey_msg->sadb_msg_type) {
-+ case SADB_GETSPI:
-+ case SADB_UPDATE:
-+ case SADB_ADD:
-+ case SADB_DELETE:
-+ case SADB_GET:
-+ case SADB_X_GRPSA:
-+ case SADB_X_ADDFLOW:
-+ if(!satype2proto(pfkey_msg->sadb_msg_satype)) {
-+ ERROR("pfkey_msg_parse: "
-+ "satype %d conversion to proto failed for msg_type %d (%s).\n",
-+ pfkey_msg->sadb_msg_satype,
-+ pfkey_msg->sadb_msg_type,
-+ pfkey_v2_sadb_type_string(pfkey_msg->sadb_msg_type));
-+ SENDERR(EINVAL);
-+ } else {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "satype %d(%s) conversion to proto gives %d for msg_type %d(%s).\n",
-+ pfkey_msg->sadb_msg_satype,
-+ satype2name(pfkey_msg->sadb_msg_satype),
-+ satype2proto(pfkey_msg->sadb_msg_satype),
-+ pfkey_msg->sadb_msg_type,
-+ pfkey_v2_sadb_type_string(pfkey_msg->sadb_msg_type));
-+ }
-+ case SADB_ACQUIRE:
-+ case SADB_REGISTER:
-+ case SADB_EXPIRE:
-+ if(!pfkey_msg->sadb_msg_satype) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "satype is zero, must be non-zero for msg_type %d(%s).\n",
-+ pfkey_msg->sadb_msg_type,
-+ pfkey_v2_sadb_type_string(pfkey_msg->sadb_msg_type));
-+ SENDERR(EINVAL);
-+ }
-+ default:
-+ break;
-+ }
-+
-+ /* errno must not be set in downward messages */
-+ /* this is not entirely true... a response to an ACQUIRE could return an error */
-+ if((dir == EXT_BITS_IN) && (pfkey_msg->sadb_msg_type != SADB_ACQUIRE) && pfkey_msg->sadb_msg_errno) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "errno set to %d.\n",
-+ pfkey_msg->sadb_msg_errno);
-+ SENDERR(EINVAL);
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_FLOW,
-+ "pfkey_msg_parse: "
-+ "remain=%d\n",
-+ remain
-+ );
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_FLOW,
-+ "pfkey_msg_parse: "
-+ "extensions permitted=%08x, required=%08x.\n",
-+ extensions_bitmaps[dir][EXT_BITS_PERM][pfkey_msg->sadb_msg_type],
-+ extensions_bitmaps[dir][EXT_BITS_REQ][pfkey_msg->sadb_msg_type]);
-+
-+ extensions_seen = 1;
-+
-+ while( (remain * IPSEC_PFKEYv2_ALIGN) >= sizeof(struct sadb_ext) ) {
-+ /* Is there enough message left to support another extension header? */
-+ if(remain < pfkey_ext->sadb_ext_len) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "remain %d less than ext len %d.\n",
-+ remain, pfkey_ext->sadb_ext_len);
-+ SENDERR(EINVAL);
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_FLOW,
-+ "pfkey_msg_parse: "
-+ "parsing ext type=%d(%s) remain=%d.\n",
-+ pfkey_ext->sadb_ext_type,
-+ pfkey_v2_sadb_ext_string(pfkey_ext->sadb_ext_type),
-+ remain);
-+
-+ /* Is the extension header type valid? */
-+ if((pfkey_ext->sadb_ext_type > SADB_EXT_MAX) || (!pfkey_ext->sadb_ext_type)) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "ext type %d(%s) invalid, SADB_EXT_MAX=%d.\n",
-+ pfkey_ext->sadb_ext_type,
-+ pfkey_v2_sadb_ext_string(pfkey_ext->sadb_ext_type),
-+ SADB_EXT_MAX);
-+ SENDERR(EINVAL);
-+ }
-+
-+ /* Have we already seen this type of extension? */
-+ if((extensions_seen & ( 1 << pfkey_ext->sadb_ext_type )) != 0)
-+ {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "ext type %d(%s) already seen.\n",
-+ pfkey_ext->sadb_ext_type,
-+ pfkey_v2_sadb_ext_string(pfkey_ext->sadb_ext_type));
-+ SENDERR(EINVAL);
-+ }
-+
-+ /* Do I even know about this type of extension? */
-+ if(ext_parsers[pfkey_ext->sadb_ext_type]==NULL) {
-+ ERROR("pfkey_msg_parse: "
-+ "ext type %d(%s) unknown, ignoring.\n",
-+ pfkey_ext->sadb_ext_type,
-+ pfkey_v2_sadb_ext_string(pfkey_ext->sadb_ext_type));
-+ goto next_ext;
-+ }
-+
-+ /* Is this type of extension permitted for this type of message? */
-+ if(!(extensions_bitmaps[dir][EXT_BITS_PERM][pfkey_msg->sadb_msg_type] &
-+ 1<<pfkey_ext->sadb_ext_type)) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "ext type %d(%s) not permitted, exts_perm_in=%08x, 1<<type=%08x\n",
-+ pfkey_ext->sadb_ext_type,
-+ pfkey_v2_sadb_ext_string(pfkey_ext->sadb_ext_type),
-+ extensions_bitmaps[dir][EXT_BITS_PERM][pfkey_msg->sadb_msg_type],
-+ 1<<pfkey_ext->sadb_ext_type);
-+ SENDERR(EINVAL);
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_STRUCT,
-+ "pfkey_msg_parse: "
-+ "remain=%d ext_type=%d(%s) ext_len=%d parsing ext 0p%p with parser %s.\n",
-+ remain,
-+ pfkey_ext->sadb_ext_type,
-+ pfkey_v2_sadb_ext_string(pfkey_ext->sadb_ext_type),
-+ pfkey_ext->sadb_ext_len,
-+ pfkey_ext,
-+ ext_parsers[pfkey_ext->sadb_ext_type]->parser_name);
-+
-+ /* Parse the extension */
-+ if((error =
-+ (*ext_parsers[pfkey_ext->sadb_ext_type]->parser)(pfkey_ext))) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "extension parsing for type %d(%s) failed with error %d.\n",
-+ pfkey_ext->sadb_ext_type,
-+ pfkey_v2_sadb_ext_string(pfkey_ext->sadb_ext_type),
-+ error);
-+ SENDERR(-error);
-+ }
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_FLOW,
-+ "pfkey_msg_parse: "
-+ "Extension %d(%s) parsed.\n",
-+ pfkey_ext->sadb_ext_type,
-+ pfkey_v2_sadb_ext_string(pfkey_ext->sadb_ext_type));
-+
-+ /* Mark that we have seen this extension and remember the header location */
-+ extensions_seen |= ( 1 << pfkey_ext->sadb_ext_type );
-+ extensions[pfkey_ext->sadb_ext_type] = pfkey_ext;
-+
-+ next_ext:
-+ /* Calculate how much message remains */
-+ remain -= pfkey_ext->sadb_ext_len;
-+
-+ if(!remain) {
-+ break;
-+ }
-+ /* Find the next extension header */
-+ pfkey_ext = (struct sadb_ext*)((char*)pfkey_ext +
-+ pfkey_ext->sadb_ext_len * IPSEC_PFKEYv2_ALIGN);
-+ }
-+
-+ if(remain) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "unexpected remainder of %d.\n",
-+ remain);
-+ /* why is there still something remaining? */
-+ SENDERR(EINVAL);
-+ }
-+
-+ /* check required extensions */
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_STRUCT,
-+ "pfkey_msg_parse: "
-+ "extensions permitted=%08x, seen=%08x, required=%08x.\n",
-+ extensions_bitmaps[dir][EXT_BITS_PERM][pfkey_msg->sadb_msg_type],
-+ extensions_seen,
-+ extensions_bitmaps[dir][EXT_BITS_REQ][pfkey_msg->sadb_msg_type]);
-+
-+ /* don't check further if it is an error return message since it
-+ may not have a body */
-+ if(pfkey_msg->sadb_msg_errno) {
-+ SENDERR(-error);
-+ }
-+
-+ if((extensions_seen &
-+ extensions_bitmaps[dir][EXT_BITS_REQ][pfkey_msg->sadb_msg_type]) !=
-+ extensions_bitmaps[dir][EXT_BITS_REQ][pfkey_msg->sadb_msg_type]) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "required extensions missing:%08x.\n",
-+ extensions_bitmaps[dir][EXT_BITS_REQ][pfkey_msg->sadb_msg_type] -
-+ (extensions_seen &
-+ extensions_bitmaps[dir][EXT_BITS_REQ][pfkey_msg->sadb_msg_type]));
-+ SENDERR(EINVAL);
-+ }
-+
-+ if((dir == EXT_BITS_IN) && (pfkey_msg->sadb_msg_type == SADB_X_DELFLOW)
-+ && ((extensions_seen & SADB_X_EXT_ADDRESS_DELFLOW)
-+ != SADB_X_EXT_ADDRESS_DELFLOW)
-+ && (((extensions_seen & (1<<SADB_EXT_SA)) != (1<<SADB_EXT_SA))
-+ || ((((struct sadb_sa*)extensions[SADB_EXT_SA])->sadb_sa_flags
-+ & SADB_X_SAFLAGS_CLEARFLOW)
-+ != SADB_X_SAFLAGS_CLEARFLOW))) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "required SADB_X_DELFLOW extensions missing: either %08x must be present or %08x must be present with SADB_X_SAFLAGS_CLEARFLOW set.\n",
-+ SADB_X_EXT_ADDRESS_DELFLOW
-+ - (extensions_seen & SADB_X_EXT_ADDRESS_DELFLOW),
-+ (1<<SADB_EXT_SA) - (extensions_seen & (1<<SADB_EXT_SA)));
-+ SENDERR(EINVAL);
-+ }
-+
-+ switch(pfkey_msg->sadb_msg_type) {
-+ case SADB_ADD:
-+ case SADB_UPDATE:
-+ /* check maturity */
-+ if(((struct sadb_sa*)extensions[SADB_EXT_SA])->sadb_sa_state !=
-+ SADB_SASTATE_MATURE) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "state=%d for add or update should be MATURE=%d.\n",
-+ ((struct sadb_sa*)extensions[SADB_EXT_SA])->sadb_sa_state,
-+ SADB_SASTATE_MATURE);
-+ SENDERR(EINVAL);
-+ }
-+
-+ /* check AH and ESP */
-+ switch(((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_satype) {
-+ case SADB_SATYPE_AH:
-+ if(!(((struct sadb_sa*)extensions[SADB_EXT_SA]) &&
-+ ((struct sadb_sa*)extensions[SADB_EXT_SA])->sadb_sa_auth !=
-+ SADB_AALG_NONE)) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "auth alg is zero, must be non-zero for AH SAs.\n");
-+ SENDERR(EINVAL);
-+ }
-+ if(((struct sadb_sa*)(extensions[SADB_EXT_SA]))->sadb_sa_encrypt !=
-+ SADB_EALG_NONE) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "AH handed encalg=%d, must be zero.\n",
-+ ((struct sadb_sa*)(extensions[SADB_EXT_SA]))->sadb_sa_encrypt);
-+ SENDERR(EINVAL);
-+ }
-+ break;
-+ case SADB_SATYPE_ESP:
-+ if(!(((struct sadb_sa*)extensions[SADB_EXT_SA]) &&
-+ ((struct sadb_sa*)extensions[SADB_EXT_SA])->sadb_sa_encrypt !=
-+ SADB_EALG_NONE)) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "encrypt alg=%d is zero, must be non-zero for ESP=%d SAs.\n",
-+ ((struct sadb_sa*)extensions[SADB_EXT_SA])->sadb_sa_encrypt,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_satype);
-+ SENDERR(EINVAL);
-+ }
-+ if((((struct sadb_sa*)(extensions[SADB_EXT_SA]))->sadb_sa_encrypt ==
-+ SADB_EALG_NULL) &&
-+ (((struct sadb_sa*)(extensions[SADB_EXT_SA]))->sadb_sa_auth ==
-+ SADB_AALG_NONE) ) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "ESP handed encNULL+authNONE, illegal combination.\n");
-+ SENDERR(EINVAL);
-+ }
-+ break;
-+ case SADB_X_SATYPE_COMP:
-+ if(!(((struct sadb_sa*)extensions[SADB_EXT_SA]) &&
-+ ((struct sadb_sa*)extensions[SADB_EXT_SA])->sadb_sa_encrypt !=
-+ SADB_EALG_NONE)) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "encrypt alg=%d is zero, must be non-zero for COMP=%d SAs.\n",
-+ ((struct sadb_sa*)extensions[SADB_EXT_SA])->sadb_sa_encrypt,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_satype);
-+ SENDERR(EINVAL);
-+ }
-+ if(((struct sadb_sa*)(extensions[SADB_EXT_SA]))->sadb_sa_auth !=
-+ SADB_AALG_NONE) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "COMP handed auth=%d, must be zero.\n",
-+ ((struct sadb_sa*)(extensions[SADB_EXT_SA]))->sadb_sa_auth);
-+ SENDERR(EINVAL);
-+ }
-+ break;
-+ default:
-+ break;
-+ }
-+ if(ntohl(((struct sadb_sa*)(extensions[SADB_EXT_SA]))->sadb_sa_spi) <= 255) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "spi=%08x must be > 255.\n",
-+ ntohl(((struct sadb_sa*)(extensions[SADB_EXT_SA]))->sadb_sa_spi));
-+ SENDERR(EINVAL);
-+ }
-+ default:
-+ break;
-+ }
-+errlab:
-+
-+ return error;
-+}
-+
-+/*
-+ * $Log: pfkey_v2_parse.c,v $
-+ * Revision 1.65 2005-04-06 17:46:05 mcr
-+ * failure to recognize an extension is considered an error.
-+ * This could be a problem in the future, but we need some kind
-+ * of logging. This should be rate limited, probably.
-+ *
-+ * Revision 1.64 2005/01/26 00:50:35 mcr
-+ * adjustment of confusion of CONFIG_IPSEC_NAT vs CONFIG_KLIPS_NAT,
-+ * and make sure that NAT_TRAVERSAL is set as well to match
-+ * userspace compiles of code.
-+ *
-+ * Revision 1.63 2004/10/28 22:54:10 mcr
-+ * results from valgrind, thanks to: Harald Hoyer <harald@redhat.com>
-+ *
-+ * Revision 1.62 2004/10/03 01:26:36 mcr
-+ * fixes for gcc 3.4 compilation.
-+ *
-+ * Revision 1.61 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.59 2004/04/18 03:03:49 mcr
-+ * renamed common include files from pluto directory.
-+ *
-+ * Revision 1.58 2004/03/08 01:59:08 ken
-+ * freeswan.h -> openswan.h
-+ *
-+ * Revision 1.57 2003/12/10 01:20:19 mcr
-+ * NAT-traversal patches to KLIPS.
-+ *
-+ * Revision 1.56 2003/12/04 23:01:12 mcr
-+ * removed ipsec_netlink.h
-+ *
-+ * Revision 1.55 2003/11/07 01:30:37 ken
-+ * Cast sizeof() to int to keep things 64bit clean
-+ *
-+ * Revision 1.54 2003/10/31 02:27:12 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.53.20.2 2003/10/29 01:11:32 mcr
-+ * added debugging for pfkey library.
-+ *
-+ * Revision 1.53.20.1 2003/09/21 13:59:44 mcr
-+ * pre-liminary X.509 patch - does not yet pass tests.
-+ *
-+ * Revision 1.53 2003/01/30 02:32:09 rgb
-+ *
-+ * Rename SAref table macro names for clarity.
-+ * Convert IPsecSAref_t from signed to unsigned to fix apparent SAref exhaustion bug.
-+ *
-+ * Revision 1.52 2002/12/30 06:53:07 mcr
-+ * deal with short SA structures... #if 0 out for now. Probably
-+ * not quite the right way.
-+ *
-+ * Revision 1.51 2002/12/13 18:16:02 mcr
-+ * restored sa_ref code
-+ *
-+ * Revision 1.50 2002/12/13 18:06:52 mcr
-+ * temporarily removed sadb_x_sa_ref reference for 2.xx
-+ *
-+ * Revision 1.49 2002/10/05 05:02:58 dhr
-+ *
-+ * C labels go on statements
-+ *
-+ * Revision 1.48 2002/09/20 15:40:45 rgb
-+ * Added sadb_x_sa_ref to struct sadb_sa.
-+ *
-+ * Revision 1.47 2002/09/20 05:01:31 rgb
-+ * Fixed usage of pfkey_lib_debug.
-+ * Format for function declaration style consistency.
-+ * Added text labels to elucidate numeric values presented.
-+ * Re-organised debug output to reduce noise in output.
-+ *
-+ * Revision 1.46 2002/07/24 18:44:54 rgb
-+ * Type fiddling to tame ia64 compiler.
-+ *
-+ * Revision 1.45 2002/05/23 07:14:11 rgb
-+ * Cleaned up %p variants to 0p%p for test suite cleanup.
-+ *
-+ * Revision 1.44 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.43 2002/04/24 07:36:40 mcr
-+ * Moved from ./lib/pfkey_v2_parse.c,v
-+ *
-+ * Revision 1.42 2002/01/29 22:25:36 rgb
-+ * Re-add ipsec_kversion.h to keep MALLOC happy.
-+ *
-+ * Revision 1.41 2002/01/29 01:59:10 mcr
-+ * removal of kversions.h - sources that needed it now use ipsec_param.h.
-+ * updating of IPv6 structures to match latest in6.h version.
-+ * removed dead code from openswan.h that also duplicated kversions.h
-+ * code.
-+ *
-+ * Revision 1.40 2002/01/20 20:34:50 mcr
-+ * added pfkey_v2_sadb_type_string to decode sadb_type to string.
-+ *
-+ * Revision 1.39 2001/11/27 05:29:22 mcr
-+ * pfkey parses are now maintained by a structure
-+ * that includes their name for debug purposes.
-+ * DEBUGGING() macro changed so that it takes a debug
-+ * level so that pf_key() can use this to decode the
-+ * structures without innundanting humans.
-+ * Also uses pfkey_v2_sadb_ext_string() in messages.
-+ *
-+ * Revision 1.38 2001/11/06 19:47:47 rgb
-+ * Added packet parameter to lifetime and comb structures.
-+ *
-+ * Revision 1.37 2001/10/18 04:45:24 rgb
-+ * 2.4.9 kernel deprecates linux/malloc.h in favour of linux/slab.h,
-+ * lib/openswan.h version macros moved to lib/kversions.h.
-+ * Other compiler directive cleanups.
-+ *
-+ * Revision 1.36 2001/06/14 19:35:16 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.35 2001/05/03 19:44:51 rgb
-+ * Standardise on SENDERR() macro.
-+ *
-+ * Revision 1.34 2001/03/16 07:41:51 rgb
-+ * Put openswan.h include before pluto includes.
-+ *
-+ * Revision 1.33 2001/02/27 07:13:51 rgb
-+ * Added satype2name() function.
-+ * Added text to default satype_tbl entry.
-+ * Added satype2name() conversions for most satype debug output.
-+ *
-+ * Revision 1.32 2001/02/26 20:01:09 rgb
-+ * Added internal IP protocol 61 for magic SAs.
-+ * Ditch unused sadb_satype2proto[], replaced by satype2proto().
-+ * Re-formatted debug output (split lines, consistent spacing).
-+ * Removed acquire, register and expire requirements for a known satype.
-+ * Changed message type checking to a switch structure.
-+ * Verify expected NULL auth for IPCOMP.
-+ * Enforced spi > 0x100 requirement, now that pass uses a magic SA for
-+ * appropriate message types.
-+ *
-+ * Revision 1.31 2000/12/01 07:09:00 rgb
-+ * Added ipcomp sanity check to require encalgo is set.
-+ *
-+ * Revision 1.30 2000/11/17 18:10:30 rgb
-+ * Fixed bugs mostly relating to spirange, to treat all spi variables as
-+ * network byte order since this is the way PF_KEYv2 stored spis.
-+ *
-+ * Revision 1.29 2000/10/12 00:02:39 rgb
-+ * Removed 'format, ##' nonsense from debug macros for RH7.0.
-+ *
-+ * Revision 1.28 2000/09/20 16:23:04 rgb
-+ * Remove over-paranoid extension check in the presence of sadb_msg_errno.
-+ *
-+ * Revision 1.27 2000/09/20 04:04:21 rgb
-+ * Changed static functions to DEBUG_NO_STATIC to reveal function names in
-+ * oopsen.
-+ *
-+ * Revision 1.26 2000/09/15 11:37:02 rgb
-+ * Merge in heavily modified Svenning Soerensen's <svenning@post5.tele.dk>
-+ * IPCOMP zlib deflate code.
-+ *
-+ * Revision 1.25 2000/09/12 22:35:37 rgb
-+ * Restructured to remove unused extensions from CLEARFLOW messages.
-+ *
-+ * Revision 1.24 2000/09/12 18:59:54 rgb
-+ * Added Gerhard's IPv6 support to pfkey parts of libopenswan.
-+ *
-+ * Revision 1.23 2000/09/12 03:27:00 rgb
-+ * Moved DEBUGGING definition to compile kernel with debug off.
-+ *
-+ * Revision 1.22 2000/09/09 06:39:27 rgb
-+ * Restrict pfkey errno check to downward messages only.
-+ *
-+ * Revision 1.21 2000/09/08 19:22:34 rgb
-+ * Enabled pfkey_sens_parse().
-+ * Added check for errno on downward acquire messages only.
-+ *
-+ * Revision 1.20 2000/09/01 18:48:23 rgb
-+ * Fixed reserved check bug and added debug output in
-+ * pfkey_supported_parse().
-+ * Fixed debug output label bug in pfkey_ident_parse().
-+ *
-+ * Revision 1.19 2000/08/27 01:55:26 rgb
-+ * Define OCTETBITS and PFKEYBITS to avoid using 'magic' numbers in code.
-+ *
-+ * Revision 1.18 2000/08/24 17:00:36 rgb
-+ * Ignore unknown extensions instead of failing.
-+ *
-+ * Revision 1.17 2000/06/02 22:54:14 rgb
-+ * Added Gerhard Gessler's struct sockaddr_storage mods for IPv6 support.
-+ *
-+ * Revision 1.16 2000/05/10 19:25:11 rgb
-+ * Fleshed out proposal and supported extensions.
-+ *
-+ * Revision 1.15 2000/01/24 21:15:31 rgb
-+ * Added disabled pluto pfkey lib debug flag.
-+ * Added algo debugging reporting.
-+ *
-+ * Revision 1.14 2000/01/22 23:24:29 rgb
-+ * Added new functions proto2satype() and satype2proto() and lookup
-+ * table satype_tbl. Also added proto2name() since it was easy.
-+ *
-+ * Revision 1.13 2000/01/21 09:43:59 rgb
-+ * Cast ntohl(spi) as (unsigned long int) to shut up compiler.
-+ *
-+ * Revision 1.12 2000/01/21 06:28:19 rgb
-+ * Added address cases for eroute flows.
-+ * Indented compiler directives for readability.
-+ * Added klipsdebug switching capability.
-+ *
-+ * Revision 1.11 1999/12/29 21:14:59 rgb
-+ * Fixed debug text cut and paste typo.
-+ *
-+ * Revision 1.10 1999/12/10 17:45:24 rgb
-+ * Added address debugging.
-+ *
-+ * Revision 1.9 1999/12/09 23:11:42 rgb
-+ * Ditched <string.h> include since we no longer use memset().
-+ * Use new pfkey_extensions_init() instead of memset().
-+ * Added check for SATYPE in pfkey_msg_build().
-+ * Tidy up comments and debugging comments.
-+ *
-+ * Revision 1.8 1999/12/07 19:55:26 rgb
-+ * Removed unused first argument from extension parsers.
-+ * Removed static pluto debug flag.
-+ * Moved message type and state checking to pfkey_msg_parse().
-+ * Changed print[fk] type from lx to x to quiet compiler.
-+ * Removed redundant remain check.
-+ * Changed __u* types to uint* to avoid use of asm/types.h and
-+ * sys/types.h in userspace code.
-+ *
-+ * Revision 1.7 1999/12/01 22:20:51 rgb
-+ * Moved pfkey_lib_debug variable into the library.
-+ * Added pfkey version check into header parsing.
-+ * Added check for SATYPE only for those extensions that require a
-+ * non-zero value.
-+ *
-+ * Revision 1.6 1999/11/27 11:58:05 rgb
-+ * Added ipv6 headers.
-+ * Moved sadb_satype2proto protocol lookup table from
-+ * klips/net/ipsec/pfkey_v2_parser.c.
-+ * Enable lifetime_current checking.
-+ * Debugging error messages added.
-+ * Add argument to pfkey_msg_parse() for direction.
-+ * Consolidated the 4 1-d extension bitmap arrays into one 4-d array.
-+ * Add CVS log entry to bottom of file.
-+ * Moved auth and enc alg check to pfkey_msg_parse().
-+ * Enable accidentally disabled spirange parsing.
-+ * Moved protocol/algorithm checks from klips/net/ipsec/pfkey_v2_parser.c
-+ *
-+ * Local variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/pfkey_v2_parser.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,3529 @@
-+/*
-+ * @(#) RFC2367 PF_KEYv2 Key management API message parser
-+ * Copyright (C) 1999, 2000, 2001 Richard Guy Briggs <rgb@freeswan.org>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: pfkey_v2_parser.c,v 1.134.2.4 2007-10-30 21:40:36 paul Exp $
-+ */
-+
-+/*
-+ * Template from klips/net/ipsec/ipsec/ipsec_netlink.c.
-+ */
-+
-+char pfkey_v2_parser_c_version[] = "$Id: pfkey_v2_parser.c,v 1.134.2.4 2007-10-30 21:40:36 paul Exp $";
-+
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "openswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/interrupt.h> /* mark_bh */
-+
-+#include <linux/netdevice.h> /* struct device, and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+#include <linux/skbuff.h>
-+
-+#include <openswan.h>
-+
-+#include <crypto/des.h>
-+
-+#ifdef SPINLOCK
-+# ifdef SPINLOCK_23
-+# include <linux/spinlock.h> /* *lock* */
-+# else /* SPINLOCK_23 */
-+# include <asm/spinlock.h> /* *lock* */
-+# endif /* SPINLOCK_23 */
-+#endif /* SPINLOCK */
-+
-+#include <linux/in6.h>
-+#include <net/route.h>
-+
-+#include <net/ip.h>
-+#ifdef NETLINK_SOCK
-+# include <linux/netlink.h>
-+#else
-+# include <net/netlink.h>
-+#endif
-+
-+#include <linux/random.h> /* get_random_bytes() */
-+
-+#include "openswan/radij.h"
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_sa.h"
-+
-+#include "openswan/ipsec_radij.h"
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_ah.h"
-+#include "openswan/ipsec_esp.h"
-+#include "openswan/ipsec_tunnel.h"
-+#include "openswan/ipsec_rcv.h"
-+#include "openswan/ipcomp.h"
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+#include "openswan/ipsec_proto.h"
-+#include "openswan/ipsec_alg.h"
-+
-+#include "openswan/ipsec_kern24.h"
-+
-+#define SENDERR(_x) do { error = -(_x); goto errlab; } while (0)
-+
-+struct sklist_t {
-+ struct socket *sk;
-+ struct sklist_t* next;
-+} pfkey_sklist_head, *pfkey_sklist, *pfkey_sklist_prev;
-+
-+__u32 pfkey_msg_seq = 0;
-+
-+
-+#if 0
-+#define DUMP_SAID dump_said(&extr->ips->ips_said, __LINE__)
-+#define DUMP_SAID2 dump_said(&extr.ips->ips_said, __LINE__)
-+static void dump_said(ip_said *s, int line)
-+{
-+ char msa[SATOT_BUF];
-+ size_t msa_len;
-+
-+ msa_len = satot(s, 0, msa, sizeof(msa));
-+
-+ printk("line: %d msa: %s\n", line, msa);
-+}
-+#endif
-+
-+
-+int
-+pfkey_alloc_eroute(struct eroute** eroute)
-+{
-+ int error = 0;
-+ if(*eroute) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_alloc_eroute: "
-+ "eroute struct already allocated\n");
-+ SENDERR(EEXIST);
-+ }
-+
-+ if((*eroute = kmalloc(sizeof(**eroute), GFP_ATOMIC) ) == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_alloc_eroute: "
-+ "memory allocation error\n");
-+ SENDERR(ENOMEM);
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_alloc_eroute: "
-+ "allocating %lu bytes for an eroute at 0p%p\n",
-+ (unsigned long) sizeof(**eroute), *eroute);
-+
-+ memset((caddr_t)*eroute, 0, sizeof(**eroute));
-+ (*eroute)->er_eaddr.sen_len =
-+ (*eroute)->er_emask.sen_len = sizeof(struct sockaddr_encap);
-+ (*eroute)->er_eaddr.sen_family =
-+ (*eroute)->er_emask.sen_family = AF_ENCAP;
-+ (*eroute)->er_eaddr.sen_type = SENT_IP4;
-+ (*eroute)->er_emask.sen_type = 255;
-+ (*eroute)->er_pid = 0;
-+ (*eroute)->er_count = 0;
-+ (*eroute)->er_lasttime = jiffies/HZ;
-+
-+ errlab:
-+ return(error);
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_x_protocol_process(struct sadb_ext *pfkey_ext,
-+ struct pfkey_extracted_data *extr)
-+{
-+ int error = 0;
-+ struct sadb_protocol * p = (struct sadb_protocol *)pfkey_ext;
-+
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_x_protocol_process: %p\n", extr);
-+
-+ if (extr == 0) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_protocol_process:"
-+ "extr is NULL, fatal\n");
-+ SENDERR(EINVAL);
-+ }
-+ if (extr->eroute == 0) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_protocol_process:"
-+ "extr->eroute is NULL, fatal\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ extr->eroute->er_eaddr.sen_proto = p->sadb_protocol_proto;
-+ extr->eroute->er_emask.sen_proto = p->sadb_protocol_proto ? ~0:0;
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_protocol_process: protocol = %d.\n",
-+ p->sadb_protocol_proto);
-+ errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_ipsec_sa_init(struct ipsec_sa *ipsp)
-+{
-+
-+ return ipsec_sa_init(ipsp);
-+}
-+
-+int
-+pfkey_safe_build(int error, struct sadb_ext *extensions[SADB_MAX+1])
-+{
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_safe_build: "
-+ "error=%d\n",
-+ error);
-+ if (!error) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_safe_build:"
-+ "success.\n");
-+ return 1;
-+ } else {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_safe_build:"
-+ "caught error %d\n",
-+ error);
-+ pfkey_extensions_free(extensions);
-+ return 0;
-+ }
-+}
-+
-+
-+DEBUG_NO_STATIC int
-+pfkey_getspi_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+ ipsec_spi_t minspi = htonl(256), maxspi = htonl(-1L);
-+ int found_avail = 0;
-+ struct ipsec_sa *ipsq;
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+ struct sadb_ext *extensions_reply[SADB_EXT_MAX+1];
-+ struct sadb_msg *pfkey_reply = NULL;
-+ struct socket_list *pfkey_socketsp;
-+ uint8_t satype = ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_satype;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_getspi_parse: .\n");
-+
-+ pfkey_extensions_init(extensions_reply);
-+
-+ if(extr == NULL || extr->ips == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_getspi_parse: "
-+ "error, extr or extr->ipsec_sa pointer NULL\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(extensions[SADB_EXT_SPIRANGE]) {
-+ minspi = ((struct sadb_spirange *)extensions[SADB_EXT_SPIRANGE])->sadb_spirange_min;
-+ maxspi = ((struct sadb_spirange *)extensions[SADB_EXT_SPIRANGE])->sadb_spirange_max;
-+ }
-+
-+ if(maxspi == minspi) {
-+ extr->ips->ips_said.spi = maxspi;
-+ ipsq = ipsec_sa_getbyid(&(extr->ips->ips_said));
-+ if(ipsq != NULL) {
-+ sa_len = KLIPS_SATOT(debug_pfkey, &extr->ips->ips_said, 0, sa, sizeof(sa));
-+ ipsec_sa_put(ipsq);
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_getspi_parse: "
-+ "EMT_GETSPI found an old ipsec_sa for SA: %s, delete it first.\n",
-+ sa_len ? sa : " (error)");
-+ SENDERR(EEXIST);
-+ } else {
-+ found_avail = 1;
-+ }
-+ } else {
-+ int i = 0;
-+ __u32 rand_val;
-+ __u32 spi_diff;
-+ while( ( i < (spi_diff = (ntohl(maxspi) - ntohl(minspi)))) && !found_avail ) {
-+ prng_bytes(&ipsec_prng, (char *) &(rand_val),
-+ ( (spi_diff < (2^8)) ? 1 :
-+ ( (spi_diff < (2^16)) ? 2 :
-+ ( (spi_diff < (2^24)) ? 3 :
-+ 4 ) ) ) );
-+ extr->ips->ips_said.spi = htonl(ntohl(minspi) +
-+ (rand_val %
-+ (spi_diff + 1)));
-+ i++;
-+ ipsq = ipsec_sa_getbyid(&(extr->ips->ips_said));
-+ if(ipsq == NULL) {
-+ found_avail = 1;
-+ } else {
-+ ipsec_sa_put(ipsq);
-+ }
-+ }
-+ }
-+
-+ sa_len = KLIPS_SATOT(debug_pfkey, &extr->ips->ips_said, 0, sa, sizeof(sa));
-+
-+ if (!found_avail) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_getspi_parse: "
-+ "found an old ipsec_sa for SA: %s, delete it first.\n",
-+ sa_len ? sa : " (error)");
-+ SENDERR(EEXIST);
-+ }
-+
-+ if(inet_addr_type((unsigned long)extr->ips->ips_said.dst.u.v4.sin_addr.s_addr) == RTN_LOCAL) {
-+ extr->ips->ips_flags |= EMT_INBOUND;
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_getspi_parse: "
-+ "existing ipsec_sa not found (this is good) for SA: %s, %s-bound, allocating.\n",
-+ sa_len ? sa : " (error)",
-+ extr->ips->ips_flags & EMT_INBOUND ? "in" : "out");
-+
-+ /* XXX extr->ips->ips_rcvif = &(enc_softc[em->em_if].enc_if);*/
-+ extr->ips->ips_rcvif = NULL;
-+ extr->ips->ips_life.ipl_addtime.ipl_count = jiffies/HZ;
-+
-+ extr->ips->ips_state = SADB_SASTATE_LARVAL;
-+
-+ if(!extr->ips->ips_life.ipl_allocations.ipl_count) {
-+ extr->ips->ips_life.ipl_allocations.ipl_count += 1;
-+ }
-+
-+ if(!(pfkey_safe_build(error = pfkey_msg_hdr_build(&extensions_reply[0],
-+ SADB_GETSPI,
-+ satype,
-+ 0,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_seq,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_pid),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_sa_ref_build(&extensions_reply[SADB_EXT_SA],
-+ SADB_EXT_SA,
-+ extr->ips->ips_said.spi,
-+ 0,
-+ SADB_SASTATE_LARVAL,
-+ 0,
-+ 0,
-+ 0,
-+ extr->ips->ips_ref),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_EXT_ADDRESS_SRC],
-+ SADB_EXT_ADDRESS_SRC,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ extr->ips->ips_addr_s),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_EXT_ADDRESS_DST],
-+ SADB_EXT_ADDRESS_DST,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ extr->ips->ips_addr_d),
-+ extensions_reply) )) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_getspi_parse: "
-+ "failed to build the getspi reply message extensions\n");
-+ goto errlab;
-+ }
-+
-+ if((error = pfkey_msg_build(&pfkey_reply, extensions_reply, EXT_BITS_OUT))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_getspi_parse: "
-+ "failed to build the getspi reply message\n");
-+ SENDERR(-error);
-+ }
-+ for(pfkey_socketsp = pfkey_open_sockets;
-+ pfkey_socketsp;
-+ pfkey_socketsp = pfkey_socketsp->next) {
-+ if((error = pfkey_upmsg(pfkey_socketsp->socketp, pfkey_reply))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_getspi_parse: "
-+ "sending up getspi reply message for satype=%d(%s) to socket=0p%p failed with error=%d.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp,
-+ error);
-+ SENDERR(-error);
-+ }
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_getspi_parse: "
-+ "sending up getspi reply message for satype=%d(%s) to socket=0p%p succeeded.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp);
-+ }
-+
-+ if((error = ipsec_sa_add(extr->ips))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_getspi_parse: "
-+ "failed to add the larval SA=%s with error=%d.\n",
-+ sa_len ? sa : " (error)",
-+ error);
-+ SENDERR(-error);
-+ }
-+ extr->ips = NULL;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_getspi_parse: "
-+ "successful for SA: %s\n",
-+ sa_len ? sa : " (error)");
-+
-+ errlab:
-+ if (pfkey_reply) {
-+ pfkey_msg_free(&pfkey_reply);
-+ }
-+ pfkey_extensions_free(extensions_reply);
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_update_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+ struct ipsec_sa* ipsq;
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+ struct sadb_ext *extensions_reply[SADB_EXT_MAX+1];
-+ struct sadb_msg *pfkey_reply = NULL;
-+ struct socket_list *pfkey_socketsp;
-+ uint8_t satype = ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_satype;
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ struct ipsec_sa *nat_t_ips_saved = NULL;
-+#endif
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_update_parse: .\n");
-+
-+ pfkey_extensions_init(extensions_reply);
-+
-+ if(((struct sadb_sa*)extensions[SADB_EXT_SA])->sadb_sa_state != SADB_SASTATE_MATURE) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_update_parse: "
-+ "error, sa_state=%d must be MATURE=%d\n",
-+ ((struct sadb_sa*)extensions[SADB_EXT_SA])->sadb_sa_state,
-+ SADB_SASTATE_MATURE);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(extr == NULL || extr->ips == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_update_parse: "
-+ "error, extr or extr->ips pointer NULL\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ sa_len = KLIPS_SATOT(debug_pfkey, &extr->ips->ips_said, 0, sa, sizeof(sa));
-+
-+ spin_lock_bh(&tdb_lock);
-+
-+ ipsq = ipsec_sa_getbyid(&(extr->ips->ips_said));
-+ if (ipsq == NULL) {
-+ spin_unlock_bh(&tdb_lock);
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_update_parse: "
-+ "reserved ipsec_sa for SA: %s not found. Call SADB_GETSPI first or call SADB_ADD instead.\n",
-+ sa_len ? sa : " (error)");
-+ SENDERR(ENOENT);
-+ }
-+
-+ if(inet_addr_type((unsigned long)extr->ips->ips_said.dst.u.v4.sin_addr.s_addr) == RTN_LOCAL) {
-+ extr->ips->ips_flags |= EMT_INBOUND;
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_update_parse: "
-+ "existing ipsec_sa found (this is good) for SA: %s, %s-bound, updating.\n",
-+ sa_len ? sa : " (error)",
-+ extr->ips->ips_flags & EMT_INBOUND ? "in" : "out");
-+
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ if (extr->ips->ips_natt_sport || extr->ips->ips_natt_dport) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_update_parse: only updating NAT-T ports "
-+ "(%u:%u -> %u:%u)\n",
-+ ipsq->ips_natt_sport, ipsq->ips_natt_dport,
-+ extr->ips->ips_natt_sport, extr->ips->ips_natt_dport);
-+
-+ if (extr->ips->ips_natt_sport) {
-+ ipsq->ips_natt_sport = extr->ips->ips_natt_sport;
-+ if (ipsq->ips_addr_s->sa_family == AF_INET) {
-+ ((struct sockaddr_in *)(ipsq->ips_addr_s))->sin_port = htons(extr->ips->ips_natt_sport);
-+ }
-+ }
-+
-+ if (extr->ips->ips_natt_dport) {
-+ ipsq->ips_natt_dport = extr->ips->ips_natt_dport;
-+ if (ipsq->ips_addr_d->sa_family == AF_INET) {
-+ ((struct sockaddr_in *)(ipsq->ips_addr_d))->sin_port = htons(extr->ips->ips_natt_dport);
-+ }
-+ }
-+
-+ nat_t_ips_saved = extr->ips;
-+ extr->ips = ipsq;
-+ }
-+ else {
-+#endif
-+
-+ /* XXX extr->ips->ips_rcvif = &(enc_softc[em->em_if].enc_if);*/
-+ extr->ips->ips_rcvif = NULL;
-+ if ((error = pfkey_ipsec_sa_init(extr->ips))) {
-+ ipsec_sa_put(ipsq);
-+ spin_unlock_bh(&tdb_lock);
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_update_parse: "
-+ "not successful for SA: %s, deleting.\n",
-+ sa_len ? sa : " (error)");
-+ SENDERR(-error);
-+ }
-+
-+ extr->ips->ips_life.ipl_addtime.ipl_count = ipsq->ips_life.ipl_addtime.ipl_count;
-+ ipsec_sa_put(ipsq);
-+ if((error = ipsec_sa_delchain(ipsq))) {
-+ spin_unlock_bh(&tdb_lock);
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_update_parse: "
-+ "error=%d, trouble deleting intermediate ipsec_sa for SA=%s.\n",
-+ error,
-+ sa_len ? sa : " (error)");
-+ SENDERR(-error);
-+ }
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ }
-+#endif
-+
-+ spin_unlock_bh(&tdb_lock);
-+
-+ if(!(pfkey_safe_build(error = pfkey_msg_hdr_build(&extensions_reply[0],
-+ SADB_UPDATE,
-+ satype,
-+ 0,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_seq,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_pid),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_sa_ref_build(&extensions_reply[SADB_EXT_SA],
-+ SADB_EXT_SA,
-+ extr->ips->ips_said.spi,
-+ extr->ips->ips_replaywin,
-+ extr->ips->ips_state,
-+ extr->ips->ips_authalg,
-+ extr->ips->ips_encalg,
-+ extr->ips->ips_flags,
-+ extr->ips->ips_ref),
-+ extensions_reply)
-+ /* The 3 lifetime extentions should only be sent if non-zero. */
-+ && (extensions[SADB_EXT_LIFETIME_HARD]
-+ ? pfkey_safe_build(error = pfkey_lifetime_build(&extensions_reply[SADB_EXT_LIFETIME_HARD],
-+ SADB_EXT_LIFETIME_HARD,
-+ extr->ips->ips_life.ipl_allocations.ipl_hard,
-+ extr->ips->ips_life.ipl_bytes.ipl_hard,
-+ extr->ips->ips_life.ipl_addtime.ipl_hard,
-+ extr->ips->ips_life.ipl_usetime.ipl_hard,
-+ extr->ips->ips_life.ipl_packets.ipl_hard),
-+ extensions_reply) : 1)
-+ && (extensions[SADB_EXT_LIFETIME_SOFT]
-+ ? pfkey_safe_build(error = pfkey_lifetime_build(&extensions_reply[SADB_EXT_LIFETIME_SOFT],
-+ SADB_EXT_LIFETIME_SOFT,
-+ extr->ips->ips_life.ipl_allocations.ipl_count,
-+ extr->ips->ips_life.ipl_bytes.ipl_count,
-+ extr->ips->ips_life.ipl_addtime.ipl_count,
-+ extr->ips->ips_life.ipl_usetime.ipl_count,
-+ extr->ips->ips_life.ipl_packets.ipl_count),
-+ extensions_reply) : 1)
-+ && (extr->ips->ips_life.ipl_allocations.ipl_count
-+ || extr->ips->ips_life.ipl_bytes.ipl_count
-+ || extr->ips->ips_life.ipl_addtime.ipl_count
-+ || extr->ips->ips_life.ipl_usetime.ipl_count
-+ || extr->ips->ips_life.ipl_packets.ipl_count
-+
-+ ? pfkey_safe_build(error = pfkey_lifetime_build(&extensions_reply[SADB_EXT_LIFETIME_CURRENT],
-+ SADB_EXT_LIFETIME_CURRENT,
-+ extr->ips->ips_life.ipl_allocations.ipl_count,
-+ extr->ips->ips_life.ipl_bytes.ipl_count,
-+ extr->ips->ips_life.ipl_addtime.ipl_count,
-+ extr->ips->ips_life.ipl_usetime.ipl_count,
-+ extr->ips->ips_life.ipl_packets.ipl_count),
-+ extensions_reply) : 1)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_EXT_ADDRESS_SRC],
-+ SADB_EXT_ADDRESS_SRC,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ extr->ips->ips_addr_s),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_EXT_ADDRESS_DST],
-+ SADB_EXT_ADDRESS_DST,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ extr->ips->ips_addr_d),
-+ extensions_reply)
-+ && (extr->ips->ips_ident_s.data
-+ ? pfkey_safe_build(error = pfkey_ident_build(&extensions_reply[SADB_EXT_IDENTITY_SRC],
-+ SADB_EXT_IDENTITY_SRC,
-+ extr->ips->ips_ident_s.type,
-+ extr->ips->ips_ident_s.id,
-+ extr->ips->ips_ident_s.len,
-+ extr->ips->ips_ident_s.data),
-+ extensions_reply) : 1)
-+ && (extr->ips->ips_ident_d.data
-+ ? pfkey_safe_build(error = pfkey_ident_build(&extensions_reply[SADB_EXT_IDENTITY_DST],
-+ SADB_EXT_IDENTITY_DST,
-+ extr->ips->ips_ident_d.type,
-+ extr->ips->ips_ident_d.id,
-+ extr->ips->ips_ident_d.len,
-+ extr->ips->ips_ident_d.data),
-+ extensions_reply) : 1)
-+#if 0
-+ /* FIXME: This won't work yet because I have not finished
-+ it. */
-+ && (extr->ips->ips_sens_
-+ ? pfkey_safe_build(error = pfkey_sens_build(&extensions_reply[SADB_EXT_SENSITIVITY],
-+ extr->ips->ips_sens_dpd,
-+ extr->ips->ips_sens_sens_level,
-+ extr->ips->ips_sens_sens_len,
-+ extr->ips->ips_sens_sens_bitmap,
-+ extr->ips->ips_sens_integ_level,
-+ extr->ips->ips_sens_integ_len,
-+ extr->ips->ips_sens_integ_bitmap),
-+ extensions_reply) : 1)
-+#endif
-+ )) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_update_parse: "
-+ "failed to build the update reply message extensions\n");
-+ SENDERR(-error);
-+ }
-+
-+ if((error = pfkey_msg_build(&pfkey_reply, extensions_reply, EXT_BITS_OUT))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_update_parse: "
-+ "failed to build the update reply message\n");
-+ SENDERR(-error);
-+ }
-+ for(pfkey_socketsp = pfkey_open_sockets;
-+ pfkey_socketsp;
-+ pfkey_socketsp = pfkey_socketsp->next) {
-+ if((error = pfkey_upmsg(pfkey_socketsp->socketp, pfkey_reply))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_update_parse: "
-+ "sending up update reply message for satype=%d(%s) to socket=0p%p failed with error=%d.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp,
-+ error);
-+ SENDERR(-error);
-+ }
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_update_parse: "
-+ "sending up update reply message for satype=%d(%s) to socket=0p%p succeeded.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp);
-+ }
-+
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ if (nat_t_ips_saved) {
-+ /**
-+ * As we _really_ update existing SA, we keep tdbq and need to delete
-+ * parsed ips (nat_t_ips_saved, was extr->ips).
-+ *
-+ * goto errlab with extr->ips = nat_t_ips_saved will free it.
-+ */
-+
-+ extr->ips = nat_t_ips_saved;
-+
-+ error = 0;
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_update_parse (NAT-T ports): "
-+ "successful for SA: %s\n",
-+ sa_len ? sa : " (error)");
-+
-+ goto errlab;
-+ }
-+#endif
-+
-+ if((error = ipsec_sa_add(extr->ips))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_update_parse: "
-+ "failed to update the mature SA=%s with error=%d.\n",
-+ sa_len ? sa : " (error)",
-+ error);
-+ SENDERR(-error);
-+ }
-+ extr->ips = NULL;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_update_parse: "
-+ "successful for SA: %s\n",
-+ sa_len ? sa : " (error)");
-+
-+ errlab:
-+ if (pfkey_reply) {
-+ pfkey_msg_free(&pfkey_reply);
-+ }
-+ pfkey_extensions_free(extensions_reply);
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_add_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+ struct ipsec_sa* ipsq;
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+ struct sadb_ext *extensions_reply[SADB_EXT_MAX+1];
-+ struct sadb_msg *pfkey_reply = NULL;
-+ struct socket_list *pfkey_socketsp;
-+ uint8_t satype = ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_satype;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_add_parse: .\n");
-+
-+ pfkey_extensions_init(extensions_reply);
-+
-+ if(((struct sadb_sa*)extensions[SADB_EXT_SA])->sadb_sa_state != SADB_SASTATE_MATURE) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_add_parse: "
-+ "error, sa_state=%d must be MATURE=%d\n",
-+ ((struct sadb_sa*)extensions[SADB_EXT_SA])->sadb_sa_state,
-+ SADB_SASTATE_MATURE);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(!extr || !extr->ips) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_add_parse: "
-+ "extr or extr->ips pointer NULL\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ sa_len = KLIPS_SATOT(debug_pfkey, &extr->ips->ips_said, 0, sa, sizeof(sa));
-+
-+ ipsq = ipsec_sa_getbyid(&(extr->ips->ips_said));
-+ if(ipsq != NULL) {
-+ ipsec_sa_put(ipsq);
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_add_parse: "
-+ "found an old ipsec_sa for SA%s, delete it first.\n",
-+ sa_len ? sa : " (error)");
-+ SENDERR(EEXIST);
-+ }
-+
-+ if(inet_addr_type((unsigned long)extr->ips->ips_said.dst.u.v4.sin_addr.s_addr) == RTN_LOCAL) {
-+ extr->ips->ips_flags |= EMT_INBOUND;
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_add_parse: "
-+ "existing ipsec_sa not found (this is good) for SA%s, %s-bound, allocating.\n",
-+ sa_len ? sa : " (error)",
-+ extr->ips->ips_flags & EMT_INBOUND ? "in" : "out");
-+
-+ /* XXX extr->ips->ips_rcvif = &(enc_softc[em->em_if].enc_if);*/
-+ extr->ips->ips_rcvif = NULL;
-+
-+ if ((error = pfkey_ipsec_sa_init(extr->ips))) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_add_parse: "
-+ "not successful for SA: %s, deleting.\n",
-+ sa_len ? sa : " (error)");
-+ SENDERR(-error);
-+ }
-+
-+ extr->ips->ips_life.ipl_addtime.ipl_count = jiffies / HZ;
-+ if(!extr->ips->ips_life.ipl_allocations.ipl_count) {
-+ extr->ips->ips_life.ipl_allocations.ipl_count += 1;
-+ }
-+
-+ if(!(pfkey_safe_build(error = pfkey_msg_hdr_build(&extensions_reply[0],
-+ SADB_ADD,
-+ satype,
-+ 0,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_seq,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_pid),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_sa_ref_build(&extensions_reply[SADB_EXT_SA],
-+ SADB_EXT_SA,
-+ extr->ips->ips_said.spi,
-+ extr->ips->ips_replaywin,
-+ extr->ips->ips_state,
-+ extr->ips->ips_authalg,
-+ extr->ips->ips_encalg,
-+ extr->ips->ips_flags,
-+ extr->ips->ips_ref),
-+ extensions_reply)
-+ /* The 3 lifetime extentions should only be sent if non-zero. */
-+ && (extensions[SADB_EXT_LIFETIME_HARD]
-+ ? pfkey_safe_build(error = pfkey_lifetime_build(&extensions_reply[SADB_EXT_LIFETIME_HARD],
-+ SADB_EXT_LIFETIME_HARD,
-+ extr->ips->ips_life.ipl_allocations.ipl_hard,
-+ extr->ips->ips_life.ipl_bytes.ipl_hard,
-+ extr->ips->ips_life.ipl_addtime.ipl_hard,
-+ extr->ips->ips_life.ipl_usetime.ipl_hard,
-+ extr->ips->ips_life.ipl_packets.ipl_hard),
-+ extensions_reply) : 1)
-+ && (extensions[SADB_EXT_LIFETIME_SOFT]
-+ ? pfkey_safe_build(error = pfkey_lifetime_build(&extensions_reply[SADB_EXT_LIFETIME_SOFT],
-+ SADB_EXT_LIFETIME_SOFT,
-+ extr->ips->ips_life.ipl_allocations.ipl_soft,
-+ extr->ips->ips_life.ipl_bytes.ipl_soft,
-+ extr->ips->ips_life.ipl_addtime.ipl_soft,
-+ extr->ips->ips_life.ipl_usetime.ipl_soft,
-+ extr->ips->ips_life.ipl_packets.ipl_soft),
-+ extensions_reply) : 1)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_EXT_ADDRESS_SRC],
-+ SADB_EXT_ADDRESS_SRC,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ extr->ips->ips_addr_s),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_EXT_ADDRESS_DST],
-+ SADB_EXT_ADDRESS_DST,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ extr->ips->ips_addr_d),
-+ extensions_reply)
-+ && (extr->ips->ips_ident_s.data
-+ ? pfkey_safe_build(error = pfkey_ident_build(&extensions_reply[SADB_EXT_IDENTITY_SRC],
-+ SADB_EXT_IDENTITY_SRC,
-+ extr->ips->ips_ident_s.type,
-+ extr->ips->ips_ident_s.id,
-+ extr->ips->ips_ident_s.len,
-+ extr->ips->ips_ident_s.data),
-+ extensions_reply) : 1)
-+ && (extr->ips->ips_ident_d.data
-+ ? pfkey_safe_build(error = pfkey_ident_build(&extensions_reply[SADB_EXT_IDENTITY_DST],
-+ SADB_EXT_IDENTITY_DST,
-+ extr->ips->ips_ident_d.type,
-+ extr->ips->ips_ident_d.id,
-+ extr->ips->ips_ident_d.len,
-+ extr->ips->ips_ident_d.data),
-+ extensions_reply) : 1)
-+#if 0
-+ /* FIXME: This won't work yet because I have not finished
-+ it. */
-+ && (extr->ips->ips_sens_
-+ ? pfkey_safe_build(error = pfkey_sens_build(&extensions_reply[SADB_EXT_SENSITIVITY],
-+ extr->ips->ips_sens_dpd,
-+ extr->ips->ips_sens_sens_level,
-+ extr->ips->ips_sens_sens_len,
-+ extr->ips->ips_sens_sens_bitmap,
-+ extr->ips->ips_sens_integ_level,
-+ extr->ips->ips_sens_integ_len,
-+ extr->ips->ips_sens_integ_bitmap),
-+ extensions_reply) : 1)
-+#endif
-+ )) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_add_parse: "
-+ "failed to build the add reply message extensions\n");
-+ SENDERR(-error);
-+ }
-+
-+ if((error = pfkey_msg_build(&pfkey_reply, extensions_reply, EXT_BITS_OUT))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_add_parse: "
-+ "failed to build the add reply message\n");
-+ SENDERR(-error);
-+ }
-+ for(pfkey_socketsp = pfkey_open_sockets;
-+ pfkey_socketsp;
-+ pfkey_socketsp = pfkey_socketsp->next) {
-+ if((error = pfkey_upmsg(pfkey_socketsp->socketp, pfkey_reply))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_add_parse: "
-+ "sending up add reply message for satype=%d(%s) to socket=0p%p failed with error=%d.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp,
-+ error);
-+ SENDERR(-error);
-+ }
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_add_parse: "
-+ "sending up add reply message for satype=%d(%s) to socket=0p%p succeeded.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp);
-+ }
-+
-+ if((error = ipsec_sa_add(extr->ips))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_add_parse: "
-+ "failed to add the mature SA=%s with error=%d.\n",
-+ sa_len ? sa : " (error)",
-+ error);
-+ SENDERR(-error);
-+ }
-+ extr->ips = NULL;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_add_parse: "
-+ "successful for SA: %s\n",
-+ sa_len ? sa : " (error)");
-+
-+ errlab:
-+ if (pfkey_reply) {
-+ pfkey_msg_free(&pfkey_reply);
-+ }
-+ pfkey_extensions_free(extensions_reply);
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_delete_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ struct ipsec_sa *ipsp;
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+ int error = 0;
-+ struct sadb_ext *extensions_reply[SADB_EXT_MAX+1];
-+ struct sadb_msg *pfkey_reply = NULL;
-+ struct socket_list *pfkey_socketsp;
-+ uint8_t satype = ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_satype;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_delete_parse: .\n");
-+
-+ pfkey_extensions_init(extensions_reply);
-+
-+ if(!extr || !extr->ips) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_delete_parse: "
-+ "extr or extr->ips pointer NULL, fatal\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ sa_len = KLIPS_SATOT(debug_pfkey, &extr->ips->ips_said, 0, sa, sizeof(sa));
-+
-+ spin_lock_bh(&tdb_lock);
-+
-+ ipsp = ipsec_sa_getbyid(&(extr->ips->ips_said));
-+ if (ipsp == NULL) {
-+ spin_unlock_bh(&tdb_lock);
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_delete_parse: "
-+ "ipsec_sa not found for SA:%s, could not delete.\n",
-+ sa_len ? sa : " (error)");
-+ SENDERR(ESRCH);
-+ }
-+
-+ ipsec_sa_put(ipsp);
-+ if((error = ipsec_sa_delchain(ipsp))) {
-+ spin_unlock_bh(&tdb_lock);
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_delete_parse: "
-+ "error=%d returned trying to delete ipsec_sa for SA:%s.\n",
-+ error,
-+ sa_len ? sa : " (error)");
-+ SENDERR(-error);
-+ }
-+ spin_unlock_bh(&tdb_lock);
-+
-+ if(!(pfkey_safe_build(error = pfkey_msg_hdr_build(&extensions_reply[0],
-+ SADB_DELETE,
-+ satype,
-+ 0,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_seq,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_pid),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_sa_ref_build(&extensions_reply[SADB_EXT_SA],
-+ SADB_EXT_SA,
-+ extr->ips->ips_said.spi,
-+ 0,
-+ 0,
-+ 0,
-+ 0,
-+ 0,
-+ extr->ips->ips_ref),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_EXT_ADDRESS_SRC],
-+ SADB_EXT_ADDRESS_SRC,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ extr->ips->ips_addr_s),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_EXT_ADDRESS_DST],
-+ SADB_EXT_ADDRESS_DST,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ extr->ips->ips_addr_d),
-+ extensions_reply)
-+ )) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_delete_parse: "
-+ "failed to build the delete reply message extensions\n");
-+ SENDERR(-error);
-+ }
-+
-+ if((error = pfkey_msg_build(&pfkey_reply, extensions_reply, EXT_BITS_OUT))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_delete_parse: "
-+ "failed to build the delete reply message\n");
-+ SENDERR(-error);
-+ }
-+ for(pfkey_socketsp = pfkey_open_sockets;
-+ pfkey_socketsp;
-+ pfkey_socketsp = pfkey_socketsp->next) {
-+ if((error = pfkey_upmsg(pfkey_socketsp->socketp, pfkey_reply))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_delete_parse: "
-+ "sending up delete reply message for satype=%d(%s) to socket=0p%p failed with error=%d.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp,
-+ error);
-+ SENDERR(-error);
-+ }
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_delete_parse: "
-+ "sending up delete reply message for satype=%d(%s) to socket=0p%p succeeded.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp);
-+ }
-+
-+ errlab:
-+ if (pfkey_reply) {
-+ pfkey_msg_free(&pfkey_reply);
-+ }
-+ pfkey_extensions_free(extensions_reply);
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_get_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+ struct ipsec_sa *ipsp;
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+ struct sadb_ext *extensions_reply[SADB_EXT_MAX+1];
-+ struct sadb_msg *pfkey_reply = NULL;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_get_parse: .\n");
-+
-+ pfkey_extensions_init(extensions_reply);
-+
-+ if(!extr || !extr->ips) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_get_parse: "
-+ "extr or extr->ips pointer NULL, fatal\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ sa_len = KLIPS_SATOT(debug_pfkey, &extr->ips->ips_said, 0, sa, sizeof(sa));
-+
-+ spin_lock_bh(&tdb_lock);
-+
-+ ipsp = ipsec_sa_getbyid(&(extr->ips->ips_said));
-+ if (ipsp == NULL) {
-+ spin_unlock_bh(&tdb_lock);
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_get_parse: "
-+ "ipsec_sa not found for SA=%s, could not get.\n",
-+ sa_len ? sa : " (error)");
-+ SENDERR(ESRCH);
-+ }
-+
-+ if(!(pfkey_safe_build(error = pfkey_msg_hdr_build(&extensions_reply[0],
-+ SADB_GET,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_satype,
-+ 0,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_seq,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_pid),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_sa_ref_build(&extensions_reply[SADB_EXT_SA],
-+ SADB_EXT_SA,
-+ extr->ips->ips_said.spi,
-+ extr->ips->ips_replaywin,
-+ extr->ips->ips_state,
-+ extr->ips->ips_authalg,
-+ extr->ips->ips_encalg,
-+ extr->ips->ips_flags,
-+ extr->ips->ips_ref),
-+ extensions_reply)
-+ /* The 3 lifetime extentions should only be sent if non-zero. */
-+ && (ipsp->ips_life.ipl_allocations.ipl_count
-+ || ipsp->ips_life.ipl_bytes.ipl_count
-+ || ipsp->ips_life.ipl_addtime.ipl_count
-+ || ipsp->ips_life.ipl_usetime.ipl_count
-+ || ipsp->ips_life.ipl_packets.ipl_count
-+ ? pfkey_safe_build(error = pfkey_lifetime_build(&extensions_reply[SADB_EXT_LIFETIME_CURRENT],
-+ SADB_EXT_LIFETIME_CURRENT,
-+ ipsp->ips_life.ipl_allocations.ipl_count,
-+ ipsp->ips_life.ipl_bytes.ipl_count,
-+ ipsp->ips_life.ipl_addtime.ipl_count,
-+ ipsp->ips_life.ipl_usetime.ipl_count,
-+ ipsp->ips_life.ipl_packets.ipl_count),
-+ extensions_reply) : 1)
-+ && (ipsp->ips_life.ipl_allocations.ipl_hard
-+ || ipsp->ips_life.ipl_bytes.ipl_hard
-+ || ipsp->ips_life.ipl_addtime.ipl_hard
-+ || ipsp->ips_life.ipl_usetime.ipl_hard
-+ || ipsp->ips_life.ipl_packets.ipl_hard
-+ ? pfkey_safe_build(error = pfkey_lifetime_build(&extensions_reply[SADB_EXT_LIFETIME_HARD],
-+ SADB_EXT_LIFETIME_HARD,
-+ ipsp->ips_life.ipl_allocations.ipl_hard,
-+ ipsp->ips_life.ipl_bytes.ipl_hard,
-+ ipsp->ips_life.ipl_addtime.ipl_hard,
-+ ipsp->ips_life.ipl_usetime.ipl_hard,
-+ ipsp->ips_life.ipl_packets.ipl_hard),
-+ extensions_reply) : 1)
-+ && (ipsp->ips_life.ipl_allocations.ipl_soft
-+ || ipsp->ips_life.ipl_bytes.ipl_soft
-+ || ipsp->ips_life.ipl_addtime.ipl_soft
-+ || ipsp->ips_life.ipl_usetime.ipl_soft
-+ || ipsp->ips_life.ipl_packets.ipl_soft
-+ ? pfkey_safe_build(error = pfkey_lifetime_build(&extensions_reply[SADB_EXT_LIFETIME_SOFT],
-+ SADB_EXT_LIFETIME_SOFT,
-+ ipsp->ips_life.ipl_allocations.ipl_soft,
-+ ipsp->ips_life.ipl_bytes.ipl_soft,
-+ ipsp->ips_life.ipl_addtime.ipl_soft,
-+ ipsp->ips_life.ipl_usetime.ipl_soft,
-+ ipsp->ips_life.ipl_packets.ipl_soft),
-+ extensions_reply) : 1)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_EXT_ADDRESS_SRC],
-+ SADB_EXT_ADDRESS_SRC,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ extr->ips->ips_addr_s),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_EXT_ADDRESS_DST],
-+ SADB_EXT_ADDRESS_DST,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ extr->ips->ips_addr_d),
-+ extensions_reply)
-+ && (extr->ips->ips_addr_p
-+ ? pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_EXT_ADDRESS_PROXY],
-+ SADB_EXT_ADDRESS_PROXY,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ extr->ips->ips_addr_p),
-+ extensions_reply) : 1)
-+#if 0
-+ /* FIXME: This won't work yet because the keys are not
-+ stored directly in the ipsec_sa. They are stored as
-+ contexts. */
-+ && (extr->ips->ips_key_a_size
-+ ? pfkey_safe_build(error = pfkey_key_build(&extensions_reply[SADB_EXT_KEY_AUTH],
-+ SADB_EXT_KEY_AUTH,
-+ extr->ips->ips_key_a_size * 8,
-+ extr->ips->ips_key_a),
-+ extensions_reply) : 1)
-+ /* FIXME: This won't work yet because the keys are not
-+ stored directly in the ipsec_sa. They are stored as
-+ key schedules. */
-+ && (extr->ips->ips_key_e_size
-+ ? pfkey_safe_build(error = pfkey_key_build(&extensions_reply[SADB_EXT_KEY_ENCRYPT],
-+ SADB_EXT_KEY_ENCRYPT,
-+ extr->ips->ips_key_e_size * 8,
-+ extr->ips->ips_key_e),
-+ extensions_reply) : 1)
-+#endif
-+ && (extr->ips->ips_ident_s.data
-+ ? pfkey_safe_build(error = pfkey_ident_build(&extensions_reply[SADB_EXT_IDENTITY_SRC],
-+ SADB_EXT_IDENTITY_SRC,
-+ extr->ips->ips_ident_s.type,
-+ extr->ips->ips_ident_s.id,
-+ extr->ips->ips_ident_s.len,
-+ extr->ips->ips_ident_s.data),
-+ extensions_reply) : 1)
-+ && (extr->ips->ips_ident_d.data
-+ ? pfkey_safe_build(error = pfkey_ident_build(&extensions_reply[SADB_EXT_IDENTITY_DST],
-+ SADB_EXT_IDENTITY_DST,
-+ extr->ips->ips_ident_d.type,
-+ extr->ips->ips_ident_d.id,
-+ extr->ips->ips_ident_d.len,
-+ extr->ips->ips_ident_d.data),
-+ extensions_reply) : 1)
-+#if 0
-+ /* FIXME: This won't work yet because I have not finished
-+ it. */
-+ && (extr->ips->ips_sens_
-+ ? pfkey_safe_build(error = pfkey_sens_build(&extensions_reply[SADB_EXT_SENSITIVITY],
-+ extr->ips->ips_sens_dpd,
-+ extr->ips->ips_sens_sens_level,
-+ extr->ips->ips_sens_sens_len,
-+ extr->ips->ips_sens_sens_bitmap,
-+ extr->ips->ips_sens_integ_level,
-+ extr->ips->ips_sens_integ_len,
-+ extr->ips->ips_sens_integ_bitmap),
-+ extensions_reply) : 1)
-+#endif
-+ )) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_get_parse: "
-+ "failed to build the get reply message extensions\n");
-+ ipsec_sa_put(ipsp);
-+ spin_unlock_bh(&tdb_lock);
-+ SENDERR(-error);
-+ }
-+
-+ ipsec_sa_put(ipsp);
-+ spin_unlock_bh(&tdb_lock);
-+
-+ if((error = pfkey_msg_build(&pfkey_reply, extensions_reply, EXT_BITS_OUT))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_get_parse: "
-+ "failed to build the get reply message\n");
-+ SENDERR(-error);
-+ }
-+
-+ if((error = pfkey_upmsg(sk->sk_socket, pfkey_reply))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_get_parse: "
-+ "failed to send the get reply message\n");
-+ SENDERR(-error);
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_get_parse: "
-+ "succeeded in sending get reply message.\n");
-+
-+ errlab:
-+ if (pfkey_reply) {
-+ pfkey_msg_free(&pfkey_reply);
-+ }
-+ pfkey_extensions_free(extensions_reply);
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_acquire_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+ struct socket_list *pfkey_socketsp;
-+ uint8_t satype = ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_satype;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_acquire_parse: .\n");
-+
-+ /* XXX I don't know if we want an upper bound, since userspace may
-+ want to register itself for an satype > SADB_SATYPE_MAX. */
-+ if((satype == 0) || (satype > SADB_SATYPE_MAX)) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_acquire_parse: "
-+ "SATYPE=%d invalid.\n",
-+ satype);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(!(pfkey_registered_sockets[satype])) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_acquire_parse: "
-+ "no sockets registered for SAtype=%d(%s).\n",
-+ satype,
-+ satype2name(satype));
-+ SENDERR(EPROTONOSUPPORT);
-+ }
-+
-+ for(pfkey_socketsp = pfkey_registered_sockets[satype];
-+ pfkey_socketsp;
-+ pfkey_socketsp = pfkey_socketsp->next) {
-+ if((error = pfkey_upmsg(pfkey_socketsp->socketp,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_acquire_parse: "
-+ "sending up acquire reply message for satype=%d(%s) to socket=0p%p failed with error=%d.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp,
-+ error);
-+ SENDERR(-error);
-+ }
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_acquire_parse: "
-+ "sending up acquire reply message for satype=%d(%s) to socket=0p%p succeeded.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp);
-+ }
-+
-+ errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_register_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+ uint8_t satype = ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_satype;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_register_parse: .\n");
-+
-+ /* XXX I don't know if we want an upper bound, since userspace may
-+ want to register itself for an satype > SADB_SATYPE_MAX. */
-+ if((satype == 0) || (satype > SADB_SATYPE_MAX)) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_register_parse: "
-+ "SATYPE=%d invalid.\n",
-+ satype);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(!pfkey_list_insert_socket(sk->sk_socket,
-+ &(pfkey_registered_sockets[satype]))) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_register_parse: "
-+ "SATYPE=%02d(%s) successfully registered by KMd (pid=%d).\n",
-+ satype,
-+ satype2name(satype),
-+ key_pid(sk));
-+ };
-+
-+ /* send up register msg with supported SATYPE algos */
-+
-+ error=pfkey_register_reply(satype, (struct sadb_msg*)extensions[SADB_EXT_RESERVED]);
-+ errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_register_reply(int satype, struct sadb_msg *sadb_msg)
-+{
-+ struct sadb_ext *extensions_reply[SADB_EXT_MAX+1];
-+ struct sadb_msg *pfkey_reply = NULL;
-+ struct socket_list *pfkey_socketsp;
-+ struct supported_list *pfkey_supported_listp;
-+ unsigned int alg_num_a = 0, alg_num_e = 0;
-+ struct sadb_alg *alg_a = NULL, *alg_e = NULL, *alg_ap = NULL, *alg_ep = NULL;
-+ int error = 0;
-+
-+ pfkey_extensions_init(extensions_reply);
-+
-+ if((satype == 0) || (satype > SADB_SATYPE_MAX)) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_register_reply: "
-+ "SAtype=%d unspecified or unknown.\n",
-+ satype);
-+ SENDERR(EINVAL);
-+ }
-+ if(!(pfkey_registered_sockets[satype])) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_register_reply: "
-+ "no sockets registered for SAtype=%d(%s).\n",
-+ satype,
-+ satype2name(satype));
-+ SENDERR(EPROTONOSUPPORT);
-+ }
-+ /* send up register msg with supported SATYPE algos */
-+ pfkey_supported_listp = pfkey_supported_list[satype];
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_register_reply: "
-+ "pfkey_supported_list[%d]=0p%p\n",
-+ satype,
-+ pfkey_supported_list[satype]);
-+ while(pfkey_supported_listp) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_register_reply: "
-+ "checking supported=0p%p\n",
-+ pfkey_supported_listp);
-+ if(pfkey_supported_listp->supportedp->ias_exttype == SADB_EXT_SUPPORTED_AUTH) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_register_reply: "
-+ "adding auth alg.\n");
-+ alg_num_a++;
-+ }
-+ if(pfkey_supported_listp->supportedp->ias_exttype == SADB_EXT_SUPPORTED_ENCRYPT) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_register_reply: "
-+ "adding encrypt alg.\n");
-+ alg_num_e++;
-+ }
-+ pfkey_supported_listp = pfkey_supported_listp->next;
-+ }
-+
-+ if(alg_num_a) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_register_reply: "
-+ "allocating %lu bytes for auth algs.\n",
-+ (unsigned long) (alg_num_a * sizeof(struct sadb_alg)));
-+ if((alg_a = kmalloc(alg_num_a * sizeof(struct sadb_alg), GFP_ATOMIC) ) == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_register_reply: "
-+ "auth alg memory allocation error\n");
-+ SENDERR(ENOMEM);
-+ }
-+ alg_ap = alg_a;
-+ }
-+
-+ if(alg_num_e) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_register_reply: "
-+ "allocating %lu bytes for enc algs.\n",
-+ (unsigned long) (alg_num_e * sizeof(struct sadb_alg)));
-+ if((alg_e = kmalloc(alg_num_e * sizeof(struct sadb_alg), GFP_ATOMIC) ) == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_register_reply: "
-+ "enc alg memory allocation error\n");
-+ SENDERR(ENOMEM);
-+ }
-+ alg_ep = alg_e;
-+ }
-+
-+ pfkey_supported_listp = pfkey_supported_list[satype];
-+ while(pfkey_supported_listp) {
-+ if(alg_num_a) {
-+ if(pfkey_supported_listp->supportedp->ias_exttype == SADB_EXT_SUPPORTED_AUTH) {
-+ alg_ap->sadb_alg_id = pfkey_supported_listp->supportedp->ias_id;
-+ alg_ap->sadb_alg_ivlen = pfkey_supported_listp->supportedp->ias_ivlen;
-+ alg_ap->sadb_alg_minbits = pfkey_supported_listp->supportedp->ias_keyminbits;
-+ alg_ap->sadb_alg_maxbits = pfkey_supported_listp->supportedp->ias_keymaxbits;
-+ alg_ap->sadb_alg_reserved = 0;
-+ KLIPS_PRINT(debug_pfkey && sysctl_ipsec_debug_verbose,
-+ "klips_debug:pfkey_register_reply: "
-+ "adding auth=0p%p\n",
-+ alg_ap);
-+ alg_ap++;
-+ }
-+ }
-+ if(alg_num_e) {
-+ if(pfkey_supported_listp->supportedp->ias_exttype == SADB_EXT_SUPPORTED_ENCRYPT) {
-+ alg_ep->sadb_alg_id = pfkey_supported_listp->supportedp->ias_id;
-+ alg_ep->sadb_alg_ivlen = pfkey_supported_listp->supportedp->ias_ivlen;
-+ alg_ep->sadb_alg_minbits = pfkey_supported_listp->supportedp->ias_keyminbits;
-+ alg_ep->sadb_alg_maxbits = pfkey_supported_listp->supportedp->ias_keymaxbits;
-+ alg_ep->sadb_alg_reserved = 0;
-+ KLIPS_PRINT(debug_pfkey && sysctl_ipsec_debug_verbose,
-+ "klips_debug:pfkey_register_reply: "
-+ "adding encrypt=0p%p\n",
-+ alg_ep);
-+ alg_ep++;
-+ }
-+ }
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_register_reply: "
-+ "found satype=%d(%s) exttype=%d id=%d ivlen=%d minbits=%d maxbits=%d.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_supported_listp->supportedp->ias_exttype,
-+ pfkey_supported_listp->supportedp->ias_id,
-+ pfkey_supported_listp->supportedp->ias_ivlen,
-+ pfkey_supported_listp->supportedp->ias_keyminbits,
-+ pfkey_supported_listp->supportedp->ias_keymaxbits);
-+ pfkey_supported_listp = pfkey_supported_listp->next;
-+ }
-+
-+ if(!(pfkey_safe_build(error = pfkey_msg_hdr_build(&extensions_reply[0],
-+ SADB_REGISTER,
-+ satype,
-+ 0,
-+ sadb_msg? sadb_msg->sadb_msg_seq : ++pfkey_msg_seq,
-+ sadb_msg? sadb_msg->sadb_msg_pid: current->pid),
-+ extensions_reply) &&
-+ (alg_num_a ? pfkey_safe_build(error = pfkey_supported_build(&extensions_reply[SADB_EXT_SUPPORTED_AUTH],
-+ SADB_EXT_SUPPORTED_AUTH,
-+ alg_num_a,
-+ alg_a),
-+ extensions_reply) : 1) &&
-+ (alg_num_e ? pfkey_safe_build(error = pfkey_supported_build(&extensions_reply[SADB_EXT_SUPPORTED_ENCRYPT],
-+ SADB_EXT_SUPPORTED_ENCRYPT,
-+ alg_num_e,
-+ alg_e),
-+ extensions_reply) : 1))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_register_reply: "
-+ "failed to build the register message extensions_reply\n");
-+ SENDERR(-error);
-+ }
-+
-+ if((error = pfkey_msg_build(&pfkey_reply, extensions_reply, EXT_BITS_OUT))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_register_reply: "
-+ "failed to build the register message\n");
-+ SENDERR(-error);
-+ }
-+ /* this should go to all registered sockets for that satype only */
-+ for(pfkey_socketsp = pfkey_registered_sockets[satype];
-+ pfkey_socketsp;
-+ pfkey_socketsp = pfkey_socketsp->next) {
-+ if((error = pfkey_upmsg(pfkey_socketsp->socketp, pfkey_reply))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_register_reply: "
-+ "sending up acquire message for satype=%d(%s) to socket=0p%p failed with error=%d.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp,
-+ error);
-+ SENDERR(-error);
-+ }
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_register_reply: "
-+ "sending up register message for satype=%d(%s) to socket=0p%p succeeded.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp);
-+ }
-+
-+ errlab:
-+ if(alg_a) {
-+ kfree(alg_a);
-+ }
-+ if(alg_e) {
-+ kfree(alg_e);
-+ }
-+
-+ if (pfkey_reply) {
-+ pfkey_msg_free(&pfkey_reply);
-+ }
-+ pfkey_extensions_free(extensions_reply);
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_expire_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+ struct socket_list *pfkey_socketsp;
-+#ifdef CONFIG_KLIPS_DEBUG
-+ uint8_t satype = ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_satype;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_expire_parse: .\n");
-+
-+ if(pfkey_open_sockets) {
-+ for(pfkey_socketsp = pfkey_open_sockets;
-+ pfkey_socketsp;
-+ pfkey_socketsp = pfkey_socketsp->next) {
-+ if((error = pfkey_upmsg(pfkey_socketsp->socketp,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_expire_parse: "
-+ "sending up expire reply message for satype=%d(%s) to socket=0p%p failed with error=%d.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp,
-+ error);
-+ SENDERR(-error);
-+ }
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_expire_parse: "
-+ "sending up expire reply message for satype=%d(%s) to socket=0p%p succeeded.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp);
-+ }
-+ }
-+
-+ errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_flush_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+ struct socket_list *pfkey_socketsp;
-+ uint8_t satype = ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_satype;
-+ uint8_t proto = 0;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_flush_parse: "
-+ "flushing type %d SAs\n",
-+ satype);
-+
-+ if(satype && !(proto = satype2proto(satype))) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_flush_parse: "
-+ "satype %d lookup failed.\n",
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_satype);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if ((error = ipsec_sadb_cleanup(proto))) {
-+ SENDERR(-error);
-+ }
-+
-+ if(pfkey_open_sockets) {
-+ for(pfkey_socketsp = pfkey_open_sockets;
-+ pfkey_socketsp;
-+ pfkey_socketsp = pfkey_socketsp->next) {
-+ if((error = pfkey_upmsg(pfkey_socketsp->socketp,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_flush_parse: "
-+ "sending up flush reply message for satype=%d(%s) (proto=%d) to socket=0p%p failed with error=%d.\n",
-+ satype,
-+ satype2name(satype),
-+ proto,
-+ pfkey_socketsp->socketp,
-+ error);
-+ SENDERR(-error);
-+ }
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_flush_parse: "
-+ "sending up flush reply message for satype=%d(%s) to socket=0p%p succeeded.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp);
-+ }
-+ }
-+
-+ errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_dump_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_dump_parse: .\n");
-+
-+ SENDERR(ENOSYS);
-+ errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_x_promisc_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_promisc_parse: .\n");
-+
-+ SENDERR(ENOSYS);
-+ errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_x_pchange_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_pchange_parse: .\n");
-+
-+ SENDERR(ENOSYS);
-+ errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_x_grpsa_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ struct ipsec_sa *ips1p, *ips2p, *ipsp;
-+ struct sadb_ext *extensions_reply[SADB_EXT_MAX+1];
-+ struct sadb_msg *pfkey_reply = NULL;
-+ struct socket_list *pfkey_socketsp;
-+ uint8_t satype = ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_satype;
-+ char sa1[SATOT_BUF], sa2[SATOT_BUF];
-+ size_t sa_len1, sa_len2 = 0;
-+ int error = 0;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_grpsa_parse: .\n");
-+
-+ pfkey_extensions_init(extensions_reply);
-+
-+ if(extr == NULL || extr->ips == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_grpsa_parse: "
-+ "extr or extr->ips is NULL, fatal.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ sa_len1 = KLIPS_SATOT(debug_pfkey, &extr->ips->ips_said, 0, sa1, sizeof(sa1));
-+ if(extr->ips2 != NULL) {
-+ sa_len2 = KLIPS_SATOT(debug_pfkey, &extr->ips2->ips_said, 0, sa2, sizeof(sa2));
-+ }
-+
-+ spin_lock_bh(&tdb_lock);
-+
-+ ips1p = ipsec_sa_getbyid(&(extr->ips->ips_said));
-+ if(ips1p == NULL) {
-+ spin_unlock_bh(&tdb_lock);
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_grpsa_parse: "
-+ "reserved ipsec_sa for SA1: %s not found. Call SADB_ADD/UPDATE first.\n",
-+ sa_len1 ? sa1 : " (error)");
-+ SENDERR(ENOENT);
-+ }
-+ if(extr->ips2) { /* GRPSA */
-+ ips2p = ipsec_sa_getbyid(&(extr->ips2->ips_said));
-+ if(ips2p == NULL) {
-+ ipsec_sa_put(ips1p);
-+ spin_unlock_bh(&tdb_lock);
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_grpsa_parse: "
-+ "reserved ipsec_sa for SA2: %s not found. Call SADB_ADD/UPDATE first.\n",
-+ sa_len2 ? sa2 : " (error)");
-+ SENDERR(ENOENT);
-+ }
-+
-+ /* Is either one already linked? */
-+ if(ips1p->ips_onext) {
-+ ipsec_sa_put(ips1p);
-+ ipsec_sa_put(ips2p);
-+ spin_unlock_bh(&tdb_lock);
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_grpsa_parse: "
-+ "ipsec_sa for SA: %s is already linked.\n",
-+ sa_len1 ? sa1 : " (error)");
-+ SENDERR(EEXIST);
-+ }
-+ if(ips2p->ips_inext) {
-+ ipsec_sa_put(ips1p);
-+ ipsec_sa_put(ips2p);
-+ spin_unlock_bh(&tdb_lock);
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_grpsa_parse: "
-+ "ipsec_sa for SA: %s is already linked.\n",
-+ sa_len2 ? sa2 : " (error)");
-+ SENDERR(EEXIST);
-+ }
-+
-+ /* Is extr->ips already linked to extr->ips2? */
-+ ipsp = ips2p;
-+ while(ipsp) {
-+ if(ipsp == ips1p) {
-+ ipsec_sa_put(ips1p);
-+ ipsec_sa_put(ips2p);
-+ spin_unlock_bh(&tdb_lock);
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_grpsa_parse: "
-+ "ipsec_sa for SA: %s is already linked to %s.\n",
-+ sa_len1 ? sa1 : " (error)",
-+ sa_len2 ? sa2 : " (error)");
-+ SENDERR(EEXIST);
-+ }
-+ ipsp = ipsp->ips_onext;
-+ }
-+
-+ /* link 'em */
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_grpsa_parse: "
-+ "linking ipsec_sa SA: %s with %s.\n",
-+ sa_len1 ? sa1 : " (error)",
-+ sa_len2 ? sa2 : " (error)");
-+ ips1p->ips_onext = ips2p;
-+ ips2p->ips_inext = ips1p;
-+ } else { /* UNGRPSA */
-+ ipsec_sa_put(ips1p);
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_grpsa_parse: "
-+ "unlinking ipsec_sa SA: %s.\n",
-+ sa_len1 ? sa1 : " (error)");
-+ while(ips1p->ips_onext) {
-+ ips1p = ips1p->ips_onext;
-+ }
-+ while(ips1p->ips_inext) {
-+ ipsp = ips1p;
-+ ips1p = ips1p->ips_inext;
-+ ipsec_sa_put(ips1p);
-+ ipsp->ips_inext = NULL;
-+ ipsec_sa_put(ipsp);
-+ ips1p->ips_onext = NULL;
-+ }
-+ }
-+
-+ spin_unlock_bh(&tdb_lock);
-+
-+ if(!(pfkey_safe_build(error = pfkey_msg_hdr_build(&extensions_reply[0],
-+ SADB_X_GRPSA,
-+ satype,
-+ 0,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_seq,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_pid),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_sa_ref_build(&extensions_reply[SADB_EXT_SA],
-+ SADB_EXT_SA,
-+ extr->ips->ips_said.spi,
-+ extr->ips->ips_replaywin,
-+ extr->ips->ips_state,
-+ extr->ips->ips_authalg,
-+ extr->ips->ips_encalg,
-+ extr->ips->ips_flags,
-+ extr->ips->ips_ref),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_EXT_ADDRESS_DST],
-+ SADB_EXT_ADDRESS_DST,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ extr->ips->ips_addr_d),
-+ extensions_reply)
-+ && (extr->ips2
-+ ? (pfkey_safe_build(error = pfkey_x_satype_build(&extensions_reply[SADB_X_EXT_SATYPE2],
-+ ((struct sadb_x_satype*)extensions[SADB_X_EXT_SATYPE2])->sadb_x_satype_satype
-+ /* proto2satype(extr->ips2->ips_said.proto) */),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_sa_ref_build(&extensions_reply[SADB_X_EXT_SA2],
-+ SADB_X_EXT_SA2,
-+ extr->ips2->ips_said.spi,
-+ extr->ips2->ips_replaywin,
-+ extr->ips2->ips_state,
-+ extr->ips2->ips_authalg,
-+ extr->ips2->ips_encalg,
-+ extr->ips2->ips_flags,
-+ extr->ips2->ips_ref),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_X_EXT_ADDRESS_DST2],
-+ SADB_X_EXT_ADDRESS_DST2,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ extr->ips2->ips_addr_d),
-+ extensions_reply) ) : 1 )
-+ )) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_x_grpsa_parse: "
-+ "failed to build the x_grpsa reply message extensions\n");
-+ SENDERR(-error);
-+ }
-+
-+ if((error = pfkey_msg_build(&pfkey_reply, extensions_reply, EXT_BITS_OUT))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_x_grpsa_parse: "
-+ "failed to build the x_grpsa reply message\n");
-+ SENDERR(-error);
-+ }
-+
-+ for(pfkey_socketsp = pfkey_open_sockets;
-+ pfkey_socketsp;
-+ pfkey_socketsp = pfkey_socketsp->next) {
-+ if((error = pfkey_upmsg(pfkey_socketsp->socketp, pfkey_reply))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_x_grpsa_parse: "
-+ "sending up x_grpsa reply message for satype=%d(%s) to socket=0p%p failed with error=%d.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp,
-+ error);
-+ SENDERR(-error);
-+ }
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_x_grpsa_parse: "
-+ "sending up x_grpsa reply message for satype=%d(%s) to socket=0p%p succeeded.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp);
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_x_grpsa_parse: "
-+ "succeeded in sending x_grpsa reply message.\n");
-+
-+ errlab:
-+ if (pfkey_reply) {
-+ pfkey_msg_free(&pfkey_reply);
-+ }
-+ pfkey_extensions_free(extensions_reply);
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_x_addflow_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+#ifdef CONFIG_KLIPS_DEBUG
-+ char buf1[64], buf2[64];
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ struct sadb_ext *extensions_reply[SADB_EXT_MAX+1];
-+ struct sadb_msg *pfkey_reply = NULL;
-+ struct socket_list *pfkey_socketsp;
-+ uint8_t satype = ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_satype;
-+ ip_address srcflow, dstflow, srcmask, dstmask;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_addflow_parse: .\n");
-+
-+ pfkey_extensions_init(extensions_reply);
-+
-+ memset((caddr_t)&srcflow, 0, sizeof(srcflow));
-+ memset((caddr_t)&dstflow, 0, sizeof(dstflow));
-+ memset((caddr_t)&srcmask, 0, sizeof(srcmask));
-+ memset((caddr_t)&dstmask, 0, sizeof(dstmask));
-+
-+ if(!extr || !(extr->ips) || !(extr->eroute)) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_addflow_parse: "
-+ "missing extr, ipsec_sa or eroute data.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ srcflow.u.v4.sin_family = AF_INET;
-+ dstflow.u.v4.sin_family = AF_INET;
-+ srcmask.u.v4.sin_family = AF_INET;
-+ dstmask.u.v4.sin_family = AF_INET;
-+ srcflow.u.v4.sin_addr = extr->eroute->er_eaddr.sen_ip_src;
-+ dstflow.u.v4.sin_addr = extr->eroute->er_eaddr.sen_ip_dst;
-+ srcmask.u.v4.sin_addr = extr->eroute->er_emask.sen_ip_src;
-+ dstmask.u.v4.sin_addr = extr->eroute->er_emask.sen_ip_dst;
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if (debug_pfkey) {
-+ subnettoa(extr->eroute->er_eaddr.sen_ip_src,
-+ extr->eroute->er_emask.sen_ip_src, 0, buf1, sizeof(buf1));
-+ subnettoa(extr->eroute->er_eaddr.sen_ip_dst,
-+ extr->eroute->er_emask.sen_ip_dst, 0, buf2, sizeof(buf2));
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_addflow_parse: "
-+ "calling breakeroute and/or makeroute for %s->%s\n",
-+ buf1, buf2);
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ if(extr->ips->ips_flags & SADB_X_SAFLAGS_INFLOW) {
-+ struct ipsec_sa *ipsp, *ipsq;
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+
-+ ipsq = ipsec_sa_getbyid(&(extr->ips->ips_said));
-+ if(ipsq == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_addflow_parse: "
-+ "ipsec_sa not found, cannot set incoming policy.\n");
-+ SENDERR(ENOENT);
-+ }
-+
-+ ipsp = ipsq;
-+ while(ipsp && ipsp->ips_said.proto != IPPROTO_IPIP) {
-+ ipsp = ipsp->ips_inext;
-+ }
-+
-+ if(ipsp == NULL) {
-+ ipsec_sa_put(ipsq);
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_addflow_parse: "
-+ "SA chain does not have an IPIP SA, cannot set incoming policy.\n");
-+ SENDERR(ENOENT);
-+ }
-+
-+ sa_len = KLIPS_SATOT(debug_pfkey, &extr->ips->ips_said, 0, sa, sizeof(sa));
-+
-+ ipsp->ips_flags |= SADB_X_SAFLAGS_INFLOW;
-+ ipsp->ips_flow_s = srcflow;
-+ ipsp->ips_flow_d = dstflow;
-+ ipsp->ips_mask_s = srcmask;
-+ ipsp->ips_mask_d = dstmask;
-+
-+ ipsec_sa_put(ipsq);
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_addflow_parse: "
-+ "inbound eroute, setting incoming policy information in IPIP ipsec_sa for SA: %s.\n",
-+ sa_len ? sa : " (error)");
-+ } else {
-+ struct sk_buff *first = NULL, *last = NULL;
-+
-+ if(extr->ips->ips_flags & SADB_X_SAFLAGS_REPLACEFLOW) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_addflow_parse: "
-+ "REPLACEFLOW flag set, calling breakeroute.\n");
-+ if ((error = ipsec_breakroute(&(extr->eroute->er_eaddr),
-+ &(extr->eroute->er_emask),
-+ &first, &last))) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_addflow_parse: "
-+ "breakeroute returned %d. first=0p%p, last=0p%p\n",
-+ error,
-+ first,
-+ last);
-+ if(first != NULL) {
-+ ipsec_kfree_skb(first);
-+ }
-+ if(last != NULL) {
-+ ipsec_kfree_skb(last);
-+ }
-+ SENDERR(-error);
-+ }
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_addflow_parse: "
-+ "calling makeroute.\n");
-+
-+ if ((error = ipsec_makeroute(&(extr->eroute->er_eaddr),
-+ &(extr->eroute->er_emask),
-+ extr->ips->ips_said,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_pid,
-+ NULL,
-+ &(extr->ips->ips_ident_s),
-+ &(extr->ips->ips_ident_d)))) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_addflow_parse: "
-+ "makeroute returned %d.\n", error);
-+ SENDERR(-error);
-+ }
-+ if(first != NULL) {
-+ KLIPS_PRINT(debug_eroute,
-+ "klips_debug:pfkey_x_addflow_parse: "
-+ "first=0p%p HOLD packet re-injected.\n",
-+ first);
-+ DEV_QUEUE_XMIT(first, first->dev, SOPRI_NORMAL);
-+ }
-+ if(last != NULL) {
-+ KLIPS_PRINT(debug_eroute,
-+ "klips_debug:pfkey_x_addflow_parse: "
-+ "last=0p%p HOLD packet re-injected.\n",
-+ last);
-+ DEV_QUEUE_XMIT(last, last->dev, SOPRI_NORMAL);
-+ }
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_addflow_parse: "
-+ "makeroute call successful.\n");
-+
-+ if(!(pfkey_safe_build(error = pfkey_msg_hdr_build(&extensions_reply[0],
-+ SADB_X_ADDFLOW,
-+ satype,
-+ 0,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_seq,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_pid),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_sa_ref_build(&extensions_reply[SADB_EXT_SA],
-+ SADB_EXT_SA,
-+ extr->ips->ips_said.spi,
-+ extr->ips->ips_replaywin,
-+ extr->ips->ips_state,
-+ extr->ips->ips_authalg,
-+ extr->ips->ips_encalg,
-+ extr->ips->ips_flags,
-+ extr->ips->ips_ref),
-+ extensions_reply)
-+ && (extensions[SADB_EXT_ADDRESS_SRC]
-+ ? pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_EXT_ADDRESS_SRC],
-+ SADB_EXT_ADDRESS_SRC,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ extr->ips->ips_addr_s),
-+ extensions_reply) : 1)
-+ && (extensions[SADB_EXT_ADDRESS_DST]
-+ ? pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_EXT_ADDRESS_DST],
-+ SADB_EXT_ADDRESS_DST,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ extr->ips->ips_addr_d),
-+ extensions_reply) : 1)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_X_EXT_ADDRESS_SRC_FLOW],
-+ SADB_X_EXT_ADDRESS_SRC_FLOW,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ (struct sockaddr*)&srcflow),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_X_EXT_ADDRESS_DST_FLOW],
-+ SADB_X_EXT_ADDRESS_DST_FLOW,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ (struct sockaddr*)&dstflow),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_X_EXT_ADDRESS_SRC_MASK],
-+ SADB_X_EXT_ADDRESS_SRC_MASK,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ (struct sockaddr*)&srcmask),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_X_EXT_ADDRESS_DST_MASK],
-+ SADB_X_EXT_ADDRESS_DST_MASK,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ (struct sockaddr*)&dstmask),
-+ extensions_reply)
-+ )) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_x_addflow_parse: "
-+ "failed to build the x_addflow reply message extensions\n");
-+ SENDERR(-error);
-+ }
-+
-+ if((error = pfkey_msg_build(&pfkey_reply, extensions_reply, EXT_BITS_OUT))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_x_addflow_parse: "
-+ "failed to build the x_addflow reply message\n");
-+ SENDERR(-error);
-+ }
-+
-+ for(pfkey_socketsp = pfkey_open_sockets;
-+ pfkey_socketsp;
-+ pfkey_socketsp = pfkey_socketsp->next) {
-+ if((error = pfkey_upmsg(pfkey_socketsp->socketp, pfkey_reply))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_x_addflow_parse: "
-+ "sending up x_addflow reply message for satype=%d(%s) to socket=0p%p failed with error=%d.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp,
-+ error);
-+ SENDERR(-error);
-+ }
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_x_addflow_parse: "
-+ "sending up x_addflow reply message for satype=%d(%s) (proto=%d) to socket=0p%p succeeded.\n",
-+ satype,
-+ satype2name(satype),
-+ extr->ips->ips_said.proto,
-+ pfkey_socketsp->socketp);
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_addflow_parse: "
-+ "extr->ips cleaned up and freed.\n");
-+
-+ errlab:
-+ if (pfkey_reply) {
-+ pfkey_msg_free(&pfkey_reply);
-+ }
-+ pfkey_extensions_free(extensions_reply);
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_x_delflow_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+#ifdef CONFIG_KLIPS_DEBUG
-+ char buf1[64], buf2[64];
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ struct sadb_ext *extensions_reply[SADB_EXT_MAX+1];
-+ struct sadb_msg *pfkey_reply = NULL;
-+ struct socket_list *pfkey_socketsp;
-+ uint8_t satype = ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_satype;
-+ ip_address srcflow, dstflow, srcmask, dstmask;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_delflow_parse: .\n");
-+
-+ pfkey_extensions_init(extensions_reply);
-+
-+ memset((caddr_t)&srcflow, 0, sizeof(srcflow));
-+ memset((caddr_t)&dstflow, 0, sizeof(dstflow));
-+ memset((caddr_t)&srcmask, 0, sizeof(srcmask));
-+ memset((caddr_t)&dstmask, 0, sizeof(dstmask));
-+
-+ if(!extr || !(extr->ips)) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_delflow_parse: "
-+ "extr, or extr->ips is NULL, fatal\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(extr->ips->ips_flags & SADB_X_SAFLAGS_CLEARFLOW) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_delflow_parse: "
-+ "CLEARFLOW flag set, calling cleareroutes.\n");
-+ if ((error = ipsec_cleareroutes()))
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_delflow_parse: "
-+ "cleareroutes returned %d.\n", error);
-+ SENDERR(-error);
-+ } else {
-+ struct sk_buff *first = NULL, *last = NULL;
-+
-+ if(!(extr->eroute)) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_delflow_parse: "
-+ "extr->eroute is NULL, fatal.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ srcflow.u.v4.sin_family = AF_INET;
-+ dstflow.u.v4.sin_family = AF_INET;
-+ srcmask.u.v4.sin_family = AF_INET;
-+ dstmask.u.v4.sin_family = AF_INET;
-+ srcflow.u.v4.sin_addr = extr->eroute->er_eaddr.sen_ip_src;
-+ dstflow.u.v4.sin_addr = extr->eroute->er_eaddr.sen_ip_dst;
-+ srcmask.u.v4.sin_addr = extr->eroute->er_emask.sen_ip_src;
-+ dstmask.u.v4.sin_addr = extr->eroute->er_emask.sen_ip_dst;
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if (debug_pfkey) {
-+ subnettoa(extr->eroute->er_eaddr.sen_ip_src,
-+ extr->eroute->er_emask.sen_ip_src, 0, buf1, sizeof(buf1));
-+ subnettoa(extr->eroute->er_eaddr.sen_ip_dst,
-+ extr->eroute->er_emask.sen_ip_dst, 0, buf2, sizeof(buf2));
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_delflow_parse: "
-+ "calling breakeroute for %s->%s\n",
-+ buf1, buf2);
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ error = ipsec_breakroute(&(extr->eroute->er_eaddr),
-+ &(extr->eroute->er_emask),
-+ &first, &last);
-+ if(error) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_delflow_parse: "
-+ "breakeroute returned %d. first=0p%p, last=0p%p\n",
-+ error,
-+ first,
-+ last);
-+ }
-+ if(first != NULL) {
-+ ipsec_kfree_skb(first);
-+ }
-+ if(last != NULL) {
-+ ipsec_kfree_skb(last);
-+ }
-+ if(error) {
-+ SENDERR(-error);
-+ }
-+ }
-+
-+ if(!(pfkey_safe_build(error = pfkey_msg_hdr_build(&extensions_reply[0],
-+ SADB_X_DELFLOW,
-+ satype,
-+ 0,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_seq,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_pid),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_sa_ref_build(&extensions_reply[SADB_EXT_SA],
-+ SADB_EXT_SA,
-+ extr->ips->ips_said.spi,
-+ extr->ips->ips_replaywin,
-+ extr->ips->ips_state,
-+ extr->ips->ips_authalg,
-+ extr->ips->ips_encalg,
-+ extr->ips->ips_flags,
-+ extr->ips->ips_ref),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_X_EXT_ADDRESS_SRC_FLOW],
-+ SADB_X_EXT_ADDRESS_SRC_FLOW,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ (struct sockaddr*)&srcflow),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_X_EXT_ADDRESS_DST_FLOW],
-+ SADB_X_EXT_ADDRESS_DST_FLOW,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ (struct sockaddr*)&dstflow),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_X_EXT_ADDRESS_SRC_MASK],
-+ SADB_X_EXT_ADDRESS_SRC_MASK,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ (struct sockaddr*)&srcmask),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_X_EXT_ADDRESS_DST_MASK],
-+ SADB_X_EXT_ADDRESS_DST_MASK,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ (struct sockaddr*)&dstmask),
-+ extensions_reply)
-+ )) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_x_delflow_parse: "
-+ "failed to build the x_delflow reply message extensions\n");
-+ SENDERR(-error);
-+ }
-+
-+ if((error = pfkey_msg_build(&pfkey_reply, extensions_reply, EXT_BITS_OUT))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_x_delflow_parse: "
-+ "failed to build the x_delflow reply message\n");
-+ SENDERR(-error);
-+ }
-+
-+ for(pfkey_socketsp = pfkey_open_sockets;
-+ pfkey_socketsp;
-+ pfkey_socketsp = pfkey_socketsp->next) {
-+ if((error = pfkey_upmsg(pfkey_socketsp->socketp, pfkey_reply))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_x_delflow_parse: "
-+ "sending up x_delflow reply message for satype=%d(%s) to socket=0p%p failed with error=%d.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp,
-+ error);
-+ SENDERR(-error);
-+ }
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_x_delflow_parse: "
-+ "sending up x_delflow reply message for satype=%d(%s) to socket=0p%p succeeded.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp);
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_delflow_parse: "
-+ "extr->ips cleaned up and freed.\n");
-+
-+ errlab:
-+ if (pfkey_reply) {
-+ pfkey_msg_free(&pfkey_reply);
-+ }
-+ pfkey_extensions_free(extensions_reply);
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_x_msg_debug_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_msg_debug_parse: .\n");
-+
-+/* errlab:*/
-+ return error;
-+}
-+
-+/* pfkey_expire expects the ipsec_sa table to be locked before being called. */
-+int
-+pfkey_expire(struct ipsec_sa *ipsp, int hard)
-+{
-+ struct sadb_ext *extensions[SADB_EXT_MAX+1];
-+ struct sadb_msg *pfkey_msg = NULL;
-+ struct socket_list *pfkey_socketsp;
-+ int error = 0;
-+ uint8_t satype;
-+
-+ pfkey_extensions_init(extensions);
-+
-+ if(!(satype = proto2satype(ipsp->ips_said.proto))) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_expire: "
-+ "satype lookup for protocol %d lookup failed.\n",
-+ ipsp->ips_said.proto);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(!pfkey_open_sockets) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_expire: "
-+ "no sockets listening.\n");
-+ SENDERR(EPROTONOSUPPORT);
-+ }
-+
-+ if (!(pfkey_safe_build(error = pfkey_msg_hdr_build(&extensions[0],
-+ SADB_EXPIRE,
-+ satype,
-+ 0,
-+ ++pfkey_msg_seq,
-+ 0),
-+ extensions)
-+ && pfkey_safe_build(error = pfkey_sa_ref_build(&extensions[SADB_EXT_SA],
-+ SADB_EXT_SA,
-+ ipsp->ips_said.spi,
-+ ipsp->ips_replaywin,
-+ ipsp->ips_state,
-+ ipsp->ips_authalg,
-+ ipsp->ips_encalg,
-+ ipsp->ips_flags,
-+ ipsp->ips_ref),
-+ extensions)
-+ && pfkey_safe_build(error = pfkey_lifetime_build(&extensions[SADB_EXT_LIFETIME_CURRENT],
-+ SADB_EXT_LIFETIME_CURRENT,
-+ ipsp->ips_life.ipl_allocations.ipl_count,
-+ ipsp->ips_life.ipl_bytes.ipl_count,
-+ ipsp->ips_life.ipl_addtime.ipl_count,
-+ ipsp->ips_life.ipl_usetime.ipl_count,
-+ ipsp->ips_life.ipl_packets.ipl_count),
-+ extensions)
-+ && (hard ?
-+ pfkey_safe_build(error = pfkey_lifetime_build(&extensions[SADB_EXT_LIFETIME_HARD],
-+ SADB_EXT_LIFETIME_HARD,
-+ ipsp->ips_life.ipl_allocations.ipl_hard,
-+ ipsp->ips_life.ipl_bytes.ipl_hard,
-+ ipsp->ips_life.ipl_addtime.ipl_hard,
-+ ipsp->ips_life.ipl_usetime.ipl_hard,
-+ ipsp->ips_life.ipl_packets.ipl_hard),
-+ extensions)
-+ : pfkey_safe_build(error = pfkey_lifetime_build(&extensions[SADB_EXT_LIFETIME_SOFT],
-+ SADB_EXT_LIFETIME_SOFT,
-+ ipsp->ips_life.ipl_allocations.ipl_soft,
-+ ipsp->ips_life.ipl_bytes.ipl_soft,
-+ ipsp->ips_life.ipl_addtime.ipl_soft,
-+ ipsp->ips_life.ipl_usetime.ipl_soft,
-+ ipsp->ips_life.ipl_packets.ipl_soft),
-+ extensions))
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions[SADB_EXT_ADDRESS_SRC],
-+ SADB_EXT_ADDRESS_SRC,
-+ 0, /* ipsp->ips_said.proto, */
-+ 0,
-+ ipsp->ips_addr_s),
-+ extensions)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions[SADB_EXT_ADDRESS_DST],
-+ SADB_EXT_ADDRESS_DST,
-+ 0, /* ipsp->ips_said.proto, */
-+ 0,
-+ ipsp->ips_addr_d),
-+ extensions))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_expire: "
-+ "failed to build the expire message extensions\n");
-+ spin_unlock(&tdb_lock);
-+ goto errlab;
-+ }
-+
-+ if ((error = pfkey_msg_build(&pfkey_msg, extensions, EXT_BITS_OUT))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_expire: "
-+ "failed to build the expire message\n");
-+ SENDERR(-error);
-+ }
-+
-+ for(pfkey_socketsp = pfkey_open_sockets;
-+ pfkey_socketsp;
-+ pfkey_socketsp = pfkey_socketsp->next) {
-+ if((error = pfkey_upmsg(pfkey_socketsp->socketp, pfkey_msg))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_expire: "
-+ "sending up expire message for satype=%d(%s) to socket=0p%p failed with error=%d.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp,
-+ error);
-+ SENDERR(-error);
-+ }
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_expire: "
-+ "sending up expire message for satype=%d(%s) (proto=%d) to socket=0p%p succeeded.\n",
-+ satype,
-+ satype2name(satype),
-+ ipsp->ips_said.proto,
-+ pfkey_socketsp->socketp);
-+ }
-+
-+ errlab:
-+ if (pfkey_msg) {
-+ pfkey_msg_free(&pfkey_msg);
-+ }
-+ pfkey_extensions_free(extensions);
-+ return error;
-+}
-+
-+int
-+pfkey_acquire(struct ipsec_sa *ipsp)
-+{
-+ struct sadb_ext *extensions[SADB_EXT_MAX+1];
-+ struct sadb_msg *pfkey_msg = NULL;
-+ struct socket_list *pfkey_socketsp;
-+ int error = 0;
-+ struct sadb_comb comb[] = {
-+ /* auth; encrypt; flags; */
-+ /* auth_minbits; auth_maxbits; encrypt_minbits; encrypt_maxbits; */
-+ /* reserved; soft_allocations; hard_allocations; soft_bytes; hard_bytes; */
-+ /* soft_addtime; hard_addtime; soft_usetime; hard_usetime; */
-+ /* soft_packets; hard_packets; */
-+ { SADB_AALG_MD5HMAC, SADB_EALG_3DESCBC, SADB_SAFLAGS_PFS,
-+ 128, 128, 168, 168,
-+ 0, 0, 0, 0, 0,
-+ 57600, 86400, 57600, 86400,
-+ 0, 0 },
-+ { SADB_AALG_SHA1HMAC, SADB_EALG_3DESCBC, SADB_SAFLAGS_PFS,
-+ 160, 160, 168, 168,
-+ 0, 0, 0, 0, 0,
-+ 57600, 86400, 57600, 86400,
-+ 0, 0 }
-+ };
-+
-+ /* XXX This should not be hard-coded. It should be taken from the spdb */
-+ uint8_t satype = SADB_SATYPE_ESP;
-+
-+ pfkey_extensions_init(extensions);
-+
-+ if((satype == 0) || (satype > SADB_SATYPE_MAX)) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_acquire: "
-+ "SAtype=%d unspecified or unknown.\n",
-+ satype);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(!(pfkey_registered_sockets[satype])) {
-+ KLIPS_PRINT(1|debug_pfkey, "klips_debug:pfkey_acquire: "
-+ "no sockets registered for SAtype=%d(%s).\n",
-+ satype,
-+ satype2name(satype));
-+ SENDERR(EPROTONOSUPPORT);
-+ }
-+
-+ if (!(pfkey_safe_build(error = pfkey_msg_hdr_build(&extensions[0],
-+ SADB_ACQUIRE,
-+ satype,
-+ 0,
-+ ++pfkey_msg_seq,
-+ 0),
-+ extensions)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions[SADB_EXT_ADDRESS_SRC],
-+ SADB_EXT_ADDRESS_SRC,
-+ ipsp->ips_transport_protocol,
-+ 0,
-+ ipsp->ips_addr_s),
-+ extensions)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions[SADB_EXT_ADDRESS_DST],
-+ SADB_EXT_ADDRESS_DST,
-+ ipsp->ips_transport_protocol,
-+ 0,
-+ ipsp->ips_addr_d),
-+ extensions)
-+#if 0
-+ && (ipsp->ips_addr_p
-+ ? pfkey_safe_build(error = pfkey_address_build(&extensions[SADB_EXT_ADDRESS_PROXY],
-+ SADB_EXT_ADDRESS_PROXY,
-+ ipsp->ips_transport_protocol,
-+ 0,
-+ ipsp->ips_addr_p),
-+ extensions) : 1)
-+#endif
-+ && (ipsp->ips_ident_s.type != SADB_IDENTTYPE_RESERVED
-+ ? pfkey_safe_build(error = pfkey_ident_build(&extensions[SADB_EXT_IDENTITY_SRC],
-+ SADB_EXT_IDENTITY_SRC,
-+ ipsp->ips_ident_s.type,
-+ ipsp->ips_ident_s.id,
-+ ipsp->ips_ident_s.len,
-+ ipsp->ips_ident_s.data),
-+ extensions) : 1)
-+
-+ && (ipsp->ips_ident_d.type != SADB_IDENTTYPE_RESERVED
-+ ? pfkey_safe_build(error = pfkey_ident_build(&extensions[SADB_EXT_IDENTITY_DST],
-+ SADB_EXT_IDENTITY_DST,
-+ ipsp->ips_ident_d.type,
-+ ipsp->ips_ident_d.id,
-+ ipsp->ips_ident_d.len,
-+ ipsp->ips_ident_d.data),
-+ extensions) : 1)
-+#if 0
-+ /* FIXME: This won't work yet because I have not finished
-+ it. */
-+ && (ipsp->ips_sens_
-+ ? pfkey_safe_build(error = pfkey_sens_build(&extensions[SADB_EXT_SENSITIVITY],
-+ ipsp->ips_sens_dpd,
-+ ipsp->ips_sens_sens_level,
-+ ipsp->ips_sens_sens_len,
-+ ipsp->ips_sens_sens_bitmap,
-+ ipsp->ips_sens_integ_level,
-+ ipsp->ips_sens_integ_len,
-+ ipsp->ips_sens_integ_bitmap),
-+ extensions) : 1)
-+#endif
-+ && pfkey_safe_build(error = pfkey_prop_build(&extensions[SADB_EXT_PROPOSAL],
-+ 64, /* replay */
-+ sizeof(comb)/sizeof(struct sadb_comb),
-+ &(comb[0])),
-+ extensions)
-+ )) {
-+ KLIPS_PRINT(1|debug_pfkey, "klips_debug:pfkey_acquire: "
-+ "failed to build the acquire message extensions\n");
-+ SENDERR(-error);
-+ }
-+
-+ if ((error = pfkey_msg_build(&pfkey_msg, extensions, EXT_BITS_OUT))) {
-+ KLIPS_PRINT(1|debug_pfkey, "klips_debug:pfkey_acquire: "
-+ "failed to build the acquire message\n");
-+ SENDERR(-error);
-+ }
-+
-+#ifdef KLIPS_PFKEY_ACQUIRE_LOSSAGE
-+# if KLIPS_PFKEY_ACQUIRE_LOSSAGE > 0
-+ if(sysctl_ipsec_regress_pfkey_lossage) {
-+ return(0);
-+ }
-+# endif
-+#endif
-+
-+ /* this should go to all registered sockets for that satype only */
-+ for(pfkey_socketsp = pfkey_registered_sockets[satype];
-+ pfkey_socketsp;
-+ pfkey_socketsp = pfkey_socketsp->next) {
-+ if((error = pfkey_upmsg(pfkey_socketsp->socketp, pfkey_msg))) {
-+ KLIPS_PRINT(1|debug_pfkey, "klips_debug:pfkey_acquire: "
-+ "sending up acquire message for satype=%d(%s) to socket=0p%p failed with error=%d.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp,
-+ error);
-+ SENDERR(-error);
-+ }
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_acquire: "
-+ "sending up acquire message for satype=%d(%s) to socket=0p%p succeeded.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp);
-+ }
-+
-+ errlab:
-+ if (pfkey_msg) {
-+ pfkey_msg_free(&pfkey_msg);
-+ }
-+ pfkey_extensions_free(extensions);
-+ return error;
-+}
-+
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+int
-+pfkey_nat_t_new_mapping(struct ipsec_sa *ipsp, struct sockaddr *ipaddr,
-+ __u16 sport)
-+{
-+ struct sadb_ext *extensions[SADB_EXT_MAX+1];
-+ struct sadb_msg *pfkey_msg = NULL;
-+ struct socket_list *pfkey_socketsp;
-+ int error = 0;
-+ uint8_t satype = (ipsp->ips_said.proto==IPPROTO_ESP) ? SADB_SATYPE_ESP : 0;
-+
-+ /* Construct SADB_X_NAT_T_NEW_MAPPING message */
-+
-+ pfkey_extensions_init(extensions);
-+
-+ if((satype == 0) || (satype > SADB_SATYPE_MAX)) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_nat_t_new_mapping: "
-+ "SAtype=%d unspecified or unknown.\n",
-+ satype);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(!(pfkey_registered_sockets[satype])) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_nat_t_new_mapping: "
-+ "no sockets registered for SAtype=%d(%s).\n",
-+ satype,
-+ satype2name(satype));
-+ SENDERR(EPROTONOSUPPORT);
-+ }
-+
-+ if (!(pfkey_safe_build
-+ (error = pfkey_msg_hdr_build(&extensions[0], SADB_X_NAT_T_NEW_MAPPING,
-+ satype, 0, ++pfkey_msg_seq, 0), extensions)
-+ /* SA */
-+ && pfkey_safe_build
-+ (error = pfkey_sa_build(&extensions[SADB_EXT_SA],
-+ SADB_EXT_SA, ipsp->ips_said.spi, 0, 0, 0, 0, 0), extensions)
-+ /* ADDRESS_SRC = old addr */
-+ && pfkey_safe_build
-+ (error = pfkey_address_build(&extensions[SADB_EXT_ADDRESS_SRC],
-+ SADB_EXT_ADDRESS_SRC, ipsp->ips_said.proto, 0, ipsp->ips_addr_s),
-+ extensions)
-+ /* NAT_T_SPORT = old port */
-+ && pfkey_safe_build
-+ (error = pfkey_x_nat_t_port_build(&extensions[SADB_X_EXT_NAT_T_SPORT],
-+ SADB_X_EXT_NAT_T_SPORT, ipsp->ips_natt_sport), extensions)
-+ /* ADDRESS_DST = new addr */
-+ && pfkey_safe_build
-+ (error = pfkey_address_build(&extensions[SADB_EXT_ADDRESS_DST],
-+ SADB_EXT_ADDRESS_DST, ipsp->ips_said.proto, 0, ipaddr), extensions)
-+ /* NAT_T_DPORT = new port */
-+ && pfkey_safe_build
-+ (error = pfkey_x_nat_t_port_build(&extensions[SADB_X_EXT_NAT_T_DPORT],
-+ SADB_X_EXT_NAT_T_DPORT, sport), extensions)
-+ )) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_nat_t_new_mapping: "
-+ "failed to build the nat_t_new_mapping message extensions\n");
-+ SENDERR(-error);
-+ }
-+
-+ if ((error = pfkey_msg_build(&pfkey_msg, extensions, EXT_BITS_OUT))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_nat_t_new_mapping: "
-+ "failed to build the nat_t_new_mapping message\n");
-+ SENDERR(-error);
-+ }
-+
-+ /* this should go to all registered sockets for that satype only */
-+ for(pfkey_socketsp = pfkey_registered_sockets[satype];
-+ pfkey_socketsp;
-+ pfkey_socketsp = pfkey_socketsp->next) {
-+ if((error = pfkey_upmsg(pfkey_socketsp->socketp, pfkey_msg))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_nat_t_new_mapping: "
-+ "sending up nat_t_new_mapping message for satype=%d(%s) to socket=%p failed with error=%d.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp,
-+ error);
-+ SENDERR(-error);
-+ }
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_nat_t_new_mapping: "
-+ "sending up nat_t_new_mapping message for satype=%d(%s) to socket=%p succeeded.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp);
-+ }
-+
-+ errlab:
-+ if (pfkey_msg) {
-+ pfkey_msg_free(&pfkey_msg);
-+ }
-+ pfkey_extensions_free(extensions);
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_x_nat_t_new_mapping_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ /* SADB_X_NAT_T_NEW_MAPPING not used in kernel */
-+ return -EINVAL;
-+}
-+#endif
-+
-+DEBUG_NO_STATIC int (*ext_processors[SADB_EXT_MAX+1])(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr) =
-+{
-+ NULL, /* pfkey_msg_process, */
-+ pfkey_sa_process,
-+ pfkey_lifetime_process,
-+ pfkey_lifetime_process,
-+ pfkey_lifetime_process,
-+ pfkey_address_process,
-+ pfkey_address_process,
-+ pfkey_address_process,
-+ pfkey_key_process,
-+ pfkey_key_process,
-+ pfkey_ident_process,
-+ pfkey_ident_process,
-+ pfkey_sens_process,
-+ pfkey_prop_process,
-+ pfkey_supported_process,
-+ pfkey_supported_process,
-+ pfkey_spirange_process,
-+ pfkey_x_kmprivate_process,
-+ pfkey_x_satype_process,
-+ pfkey_sa_process,
-+ pfkey_address_process,
-+ pfkey_address_process,
-+ pfkey_address_process,
-+ pfkey_address_process,
-+ pfkey_address_process,
-+ pfkey_x_debug_process,
-+ pfkey_x_protocol_process
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ ,
-+ pfkey_x_nat_t_type_process,
-+ pfkey_x_nat_t_port_process,
-+ pfkey_x_nat_t_port_process,
-+ pfkey_address_process
-+#endif
-+};
-+
-+
-+DEBUG_NO_STATIC int (*msg_parsers[SADB_MAX +1])(struct sock *sk, struct sadb_ext *extensions[], struct pfkey_extracted_data* extr)
-+ =
-+{
-+ NULL, /* RESERVED */
-+ pfkey_getspi_parse,
-+ pfkey_update_parse,
-+ pfkey_add_parse,
-+ pfkey_delete_parse,
-+ pfkey_get_parse,
-+ pfkey_acquire_parse,
-+ pfkey_register_parse,
-+ pfkey_expire_parse,
-+ pfkey_flush_parse,
-+ pfkey_dump_parse,
-+ pfkey_x_promisc_parse,
-+ pfkey_x_pchange_parse,
-+ pfkey_x_grpsa_parse,
-+ pfkey_x_addflow_parse,
-+ pfkey_x_delflow_parse,
-+ pfkey_x_msg_debug_parse
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ , pfkey_x_nat_t_new_mapping_parse
-+#endif
-+};
-+
-+int
-+pfkey_build_reply(struct sadb_msg *pfkey_msg,
-+ struct pfkey_extracted_data *extr,
-+ struct sadb_msg **pfkey_reply)
-+{
-+ struct sadb_ext *extensions[SADB_EXT_MAX+1];
-+ int error = 0;
-+ int msg_type = pfkey_msg->sadb_msg_type;
-+ int seq = pfkey_msg->sadb_msg_seq;
-+
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_build_reply: "
-+ "building reply with type: %d\n",
-+ msg_type);
-+ pfkey_extensions_init(extensions);
-+ if (!extr || !extr->ips) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_build_reply: "
-+ "bad ipsec_sa passed\n");
-+ return EINVAL;
-+ }
-+ error = pfkey_safe_build(pfkey_msg_hdr_build(&extensions[0],
-+ msg_type,
-+ proto2satype(extr->ips->ips_said.proto),
-+ 0,
-+ seq,
-+ pfkey_msg->sadb_msg_pid),
-+ extensions) &&
-+ (!(extensions_bitmaps[EXT_BITS_OUT][EXT_BITS_REQ][msg_type] &
-+ 1 << SADB_EXT_SA)
-+ || pfkey_safe_build(pfkey_sa_ref_build(&extensions[SADB_EXT_SA],
-+ SADB_EXT_SA,
-+ extr->ips->ips_said.spi,
-+ extr->ips->ips_replaywin,
-+ extr->ips->ips_state,
-+ extr->ips->ips_authalg,
-+ extr->ips->ips_encalg,
-+ extr->ips->ips_flags,
-+ extr->ips->ips_ref),
-+ extensions)) &&
-+ (!(extensions_bitmaps[EXT_BITS_OUT][EXT_BITS_REQ][msg_type] &
-+ 1 << SADB_EXT_LIFETIME_CURRENT)
-+ || pfkey_safe_build(pfkey_lifetime_build(&extensions
-+ [SADB_EXT_LIFETIME_CURRENT],
-+ SADB_EXT_LIFETIME_CURRENT,
-+ extr->ips->ips_life.ipl_allocations.ipl_count,
-+ extr->ips->ips_life.ipl_bytes.ipl_count,
-+ extr->ips->ips_life.ipl_addtime.ipl_count,
-+ extr->ips->ips_life.ipl_usetime.ipl_count,
-+ extr->ips->ips_life.ipl_packets.ipl_count),
-+ extensions)) &&
-+ (!(extensions_bitmaps[EXT_BITS_OUT][EXT_BITS_REQ][msg_type] &
-+ 1 << SADB_EXT_ADDRESS_SRC)
-+ || pfkey_safe_build(pfkey_address_build(&extensions[SADB_EXT_ADDRESS_SRC],
-+ SADB_EXT_ADDRESS_SRC,
-+ extr->ips->ips_said.proto,
-+ 0,
-+ extr->ips->ips_addr_s),
-+ extensions)) &&
-+ (!(extensions_bitmaps[EXT_BITS_OUT][EXT_BITS_REQ][msg_type] &
-+ 1 << SADB_EXT_ADDRESS_DST)
-+ || pfkey_safe_build(pfkey_address_build(&extensions[SADB_EXT_ADDRESS_DST],
-+ SADB_EXT_ADDRESS_DST,
-+ extr->ips->ips_said.proto,
-+ 0,
-+ extr->ips->ips_addr_d),
-+ extensions));
-+
-+ if (error == 0) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_build_reply: "
-+ "building extensions failed\n");
-+ return EINVAL;
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_build_reply: "
-+ "built extensions, proceed to build the message\n");
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_build_reply: "
-+ "extensions[1]=0p%p\n",
-+ extensions[1]);
-+ error = pfkey_msg_build(pfkey_reply, extensions, EXT_BITS_OUT);
-+ pfkey_extensions_free(extensions);
-+
-+ return error;
-+}
-+
-+int
-+pfkey_msg_interp(struct sock *sk, struct sadb_msg *pfkey_msg,
-+ struct sadb_msg **pfkey_reply)
-+{
-+ int error = 0;
-+ int i;
-+ struct sadb_ext *extensions[SADB_EXT_MAX+1];
-+ struct pfkey_extracted_data extr = {NULL, NULL, NULL};
-+
-+ pfkey_extensions_init(extensions);
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_msg_interp: "
-+ "parsing message ver=%d, type=%d, errno=%d, satype=%d(%s), len=%d, res=%d, seq=%d, pid=%d.\n",
-+ pfkey_msg->sadb_msg_version,
-+ pfkey_msg->sadb_msg_type,
-+ pfkey_msg->sadb_msg_errno,
-+ pfkey_msg->sadb_msg_satype,
-+ satype2name(pfkey_msg->sadb_msg_satype),
-+ pfkey_msg->sadb_msg_len,
-+ pfkey_msg->sadb_msg_reserved,
-+ pfkey_msg->sadb_msg_seq,
-+ pfkey_msg->sadb_msg_pid);
-+
-+ extr.ips = ipsec_sa_alloc(&error); /* pass in error var by pointer */
-+ if(extr.ips == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_msg_interp: "
-+ "memory allocation error.\n");
-+ SENDERR(-error);
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_msg_interp: "
-+ "allocated extr->ips=0p%p.\n",
-+ extr.ips);
-+
-+ if(pfkey_msg->sadb_msg_satype > SADB_SATYPE_MAX) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_msg_interp: "
-+ "satype %d > max %d\n",
-+ pfkey_msg->sadb_msg_satype,
-+ SADB_SATYPE_MAX);
-+ SENDERR(EINVAL);
-+ }
-+
-+ switch(pfkey_msg->sadb_msg_type) {
-+ case SADB_GETSPI:
-+ case SADB_UPDATE:
-+ case SADB_ADD:
-+ case SADB_DELETE:
-+ case SADB_X_GRPSA:
-+ case SADB_X_ADDFLOW:
-+ if(!(extr.ips->ips_said.proto = satype2proto(pfkey_msg->sadb_msg_satype))) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_msg_interp: "
-+ "satype %d lookup failed.\n",
-+ pfkey_msg->sadb_msg_satype);
-+ SENDERR(EINVAL);
-+ } else {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_msg_interp: "
-+ "satype %d lookups to proto=%d.\n",
-+ pfkey_msg->sadb_msg_satype,
-+ extr.ips->ips_said.proto);
-+ }
-+ break;
-+ default:
-+ break;
-+ }
-+
-+ /* The NULL below causes the default extension parsers to be used */
-+ /* Parse the extensions */
-+ if((error = pfkey_msg_parse(pfkey_msg, NULL, extensions, EXT_BITS_IN)))
-+ {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_msg_interp: "
-+ "message parsing failed with error %d.\n",
-+ error);
-+ SENDERR(-error);
-+ }
-+
-+ /* Process the extensions */
-+ for(i=1; i <= SADB_EXT_MAX;i++) {
-+ if(extensions[i] != NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_msg_interp: "
-+ "processing ext %d 0p%p with processor 0p%p.\n",
-+ i, extensions[i], ext_processors[i]);
-+ if((error = ext_processors[i](extensions[i], &extr))) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_msg_interp: "
-+ "extension processing for type %d failed with error %d.\n",
-+ i,
-+ error);
-+ SENDERR(-error);
-+ }
-+
-+ }
-+
-+ }
-+
-+ /* Parse the message types */
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_msg_interp: "
-+ "parsing message type %d(%s) with msg_parser 0p%p.\n",
-+ pfkey_msg->sadb_msg_type,
-+ pfkey_v2_sadb_type_string(pfkey_msg->sadb_msg_type),
-+ msg_parsers[pfkey_msg->sadb_msg_type]);
-+ if((error = msg_parsers[pfkey_msg->sadb_msg_type](sk, extensions, &extr))) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_msg_interp: "
-+ "message parsing failed with error %d.\n",
-+ error);
-+ SENDERR(-error);
-+ }
-+
-+#if 0
-+ error = pfkey_build_reply(pfkey_msg, &extr, pfkey_reply);
-+ if (error) {
-+ *pfkey_reply = NULL;
-+ }
-+#endif
-+ errlab:
-+ if(extr.ips != NULL) {
-+ ipsec_sa_wipe(extr.ips);
-+ }
-+ if(extr.ips2 != NULL) {
-+ ipsec_sa_wipe(extr.ips2);
-+ }
-+ if (extr.eroute != NULL) {
-+ kfree(extr.eroute);
-+ }
-+ return(error);
-+}
-+
-+/*
-+ * $Log: pfkey_v2_parser.c,v $
-+ * Revision 1.134.2.4 2007-10-30 21:40:36 paul
-+ * Fix for KLIPS_PFKEY_ACQUIRE_LOSSAGE [dhr]
-+ *
-+ * Revision 1.134.2.3 2007/09/05 02:56:10 paul
-+ * Use the new ipsec_kversion macros by David to deal with 2.6.22 kernels.
-+ * Fixes based on David McCullough patch.
-+ *
-+ * Revision 1.134.2.2 2006/10/06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.134.2.1 2006/05/01 14:37:25 mcr
-+ * ip_chk_addr -> inet_addr_type for more direct 2.4/2.6 support.
-+ *
-+ * Revision 1.134 2005/05/11 01:48:20 mcr
-+ * removed "poor-man"s OOP in favour of proper C structures.
-+ *
-+ * Revision 1.133 2005/04/29 05:10:22 mcr
-+ * removed from extraenous includes to make unit testing easier.
-+ *
-+ * Revision 1.132 2005/04/14 20:56:24 mcr
-+ * moved (pfkey_)ipsec_sa_init to ipsec_sa.c.
-+ *
-+ * Revision 1.131 2005/01/26 00:50:35 mcr
-+ * adjustment of confusion of CONFIG_IPSEC_NAT vs CONFIG_KLIPS_NAT,
-+ * and make sure that NAT_TRAVERSAL is set as well to match
-+ * userspace compiles of code.
-+ *
-+ * Revision 1.130 2004/09/08 17:21:36 ken
-+ * Rename MD5* -> osMD5 functions to prevent clashes with other symbols exported by kernel modules (CIFS in 2.6 initiated this)
-+ *
-+ * Revision 1.129 2004/09/06 18:36:30 mcr
-+ * if a protocol can not be found, then log it. This is not
-+ * debugging.
-+ *
-+ * Revision 1.128 2004/08/21 00:45:19 mcr
-+ * CONFIG_KLIPS_NAT was wrong, also need to include udp.h.
-+ *
-+ * Revision 1.127 2004/08/20 21:45:45 mcr
-+ * CONFIG_KLIPS_NAT_TRAVERSAL is not used in an attempt to
-+ * be 26sec compatible. But, some defines where changed.
-+ *
-+ * Revision 1.126 2004/08/17 03:27:23 mcr
-+ * klips 2.6 edits.
-+ *
-+ * Revision 1.125 2004/08/04 15:57:07 mcr
-+ * moved des .h files to include/des/ *
-+ * included 2.6 protocol specific things
-+ * started at NAT-T support, but it will require a kernel patch.
-+ *
-+ * Revision 1.124 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.123 2004/04/06 02:49:26 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.122.2.2 2004/04/05 04:30:46 mcr
-+ * patches for alg-branch to compile/work with 2.x openswan
-+ *
-+ * Revision 1.122.2.1 2003/12/22 15:25:52 jjo
-+ * . Merged algo-0.8.1-rc11-test1 into alg-branch
-+ *
-+ * Revision 1.122 2003/12/10 01:14:27 mcr
-+ * NAT-traversal patches to KLIPS.
-+ *
-+ * Revision 1.121 2003/10/31 02:27:55 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.120.4.2 2003/10/29 01:30:41 mcr
-+ * elimited "struct sa_id".
-+ *
-+ * Revision 1.120.4.1 2003/09/21 13:59:56 mcr
-+ * pre-liminary X.509 patch - does not yet pass tests.
-+ *
-+ * Revision 1.120 2003/04/03 17:38:09 rgb
-+ * Centralised ipsec_kfree_skb and ipsec_dev_{get,put}.
-+ *
-+ * Revision 1.119 2003/02/06 01:52:37 rgb
-+ * Removed no longer relevant comment
-+ *
-+ * Revision 1.118 2003/01/30 02:32:44 rgb
-+ *
-+ * Transmit error code through to caller from callee for better diagnosis of problems.
-+ *
-+ * Revision 1.117 2003/01/16 18:48:13 rgb
-+ *
-+ * Fixed sign bug in error return from an sa allocation call in
-+ * pfkey_msg_interp.
-+ *
-+ * Revision 1.116 2002/10/17 16:38:01 rgb
-+ * Change pfkey_alloc_eroute() to never static since its consumers
-+ * have been moved outside the file.
-+ *
-+ * Revision 1.115 2002/10/12 23:11:53 dhr
-+ *
-+ * [KenB + DHR] more 64-bit cleanup
-+ *
-+ * Revision 1.114 2002/10/05 05:02:58 dhr
-+ *
-+ * C labels go on statements
-+ *
-+ * Revision 1.113 2002/09/30 19:11:22 rgb
-+ * Turn on debugging for upgoing acquire messages to test for reliability.
-+ *
-+ * Revision 1.112 2002/09/20 15:41:16 rgb
-+ * Switch from pfkey_alloc_ipsec_sa() to ipsec_sa_alloc().
-+ * Added sadb_x_sa_ref to struct sadb_sa.
-+ * Added ref parameter to pfkey_sa_build().
-+ *
-+ * Revision 1.111 2002/09/20 05:02:08 rgb
-+ * Added memory allocation debugging.
-+ * Convert to switch to divulge hmac keys for debugging.
-+ * Added text labels to elucidate numeric values presented.
-+ *
-+ * Revision 1.110 2002/08/03 18:03:05 mcr
-+ * loop that checks for SPI's to have been already linked
-+ * fails to actually step to next pointer, but continuously
-+ * resets to head of list. Wrong pointer used.
-+ * test east-icmp-02 revealed this.
-+ *
-+ * Revision 1.109 2002/07/26 08:48:31 rgb
-+ * Added SA ref table code.
-+ *
-+ * Revision 1.108 2002/05/27 18:55:03 rgb
-+ * Remove final vistiges of tdb references via IPSEC_KLIPS1_COMPAT.
-+ *
-+ * Revision 1.107 2002/05/23 07:16:08 rgb
-+ * Added ipsec_sa_put() for releasing an ipsec_sa refcount.
-+ * Pointer clean-up.
-+ * Added refcount code.
-+ *
-+ * Revision 1.106 2002/05/14 02:34:13 rgb
-+ * Converted reference from ipsec_sa_put to ipsec_sa_add to avoid confusion
-+ * with "put" usage in the kernel.
-+ * Change all references to tdb, TDB or Tunnel Descriptor Block to ips,
-+ * ipsec_sa or ipsec_sa.
-+ * Moved all the extension parsing functions to pfkey_v2_ext_process.c.
-+ *
-+ * Revision 1.105 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.104 2002/04/24 07:36:34 mcr
-+ * Moved from ./klips/net/ipsec/pfkey_v2_parser.c,v
-+ *
-+ * Revision 1.103 2002/04/20 00:12:25 rgb
-+ * Added esp IV CBC attack fix, disabled.
-+ *
-+ * Revision 1.102 2002/03/08 01:15:17 mcr
-+ * put some internal structure only debug messages behind
-+ * && sysctl_ipsec_debug_verbose.
-+ *
-+ * Revision 1.101 2002/01/29 17:17:57 mcr
-+ * moved include of ipsec_param.h to after include of linux/kernel.h
-+ * otherwise, it seems that some option that is set in ipsec_param.h
-+ * screws up something subtle in the include path to kernel.h, and
-+ * it complains on the snprintf() prototype.
-+ *
-+ * Revision 1.100 2002/01/29 04:00:54 mcr
-+ * more excise of kversions.h header.
-+ *
-+ * Revision 1.99 2002/01/29 02:13:19 mcr
-+ * introduction of ipsec_kversion.h means that include of
-+ * ipsec_param.h must preceed any decisions about what files to
-+ * include to deal with differences in kernel source.
-+ *
-+ * Revision 1.98 2002/01/12 02:57:57 mcr
-+ * first regression test causes acquire messages to be lost
-+ * 100% of the time. This is to help testing of pluto.
-+ *
-+ * Revision 1.97 2001/11/26 09:23:52 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.93.2.4 2001/10/23 04:20:27 mcr
-+ * parity was forced on wrong structure! prototypes help here.
-+ *
-+ * Revision 1.93.2.3 2001/10/22 21:14:59 mcr
-+ * include des.h, removed phony prototypes and fixed calling
-+ * conventions to match real prototypes.
-+ *
-+ * Revision 1.93.2.2 2001/10/15 05:39:03 mcr
-+ * %08lx is not the right format for u32. Use %08x. 64-bit safe? ha.
-+ *
-+ * Revision 1.93.2.1 2001/09/25 02:30:14 mcr
-+ * struct tdb -> struct ipsec_sa.
-+ * use new lifetime structure. common format routines for debug.
-+ *
-+ * Revision 1.96 2001/11/06 20:47:54 rgb
-+ * Fixed user context call to ipsec_dev_start_xmit() bug. Call
-+ * dev_queue_xmit() instead.
-+ *
-+ * Revision 1.95 2001/11/06 19:47:46 rgb
-+ * Added packet parameter to lifetime and comb structures.
-+ *
-+ * Revision 1.94 2001/10/18 04:45:23 rgb
-+ * 2.4.9 kernel deprecates linux/malloc.h in favour of linux/slab.h,
-+ * lib/freeswan.h version macros moved to lib/kversions.h.
-+ * Other compiler directive cleanups.
-+ *
-+ * Revision 1.93 2001/09/20 15:32:59 rgb
-+ * Min/max cleanup.
-+ *
-+ * Revision 1.92 2001/09/19 16:35:48 rgb
-+ * PF_KEY ident fix for getspi from NetCelo (puttdb duplication).
-+ *
-+ * Revision 1.91 2001/09/15 16:24:06 rgb
-+ * Re-inject first and last HOLD packet when an eroute REPLACE is done.
-+ *
-+ * Revision 1.90 2001/09/14 16:58:38 rgb
-+ * Added support for storing the first and last packets through a HOLD.
-+ *
-+ * Revision 1.89 2001/09/08 21:14:07 rgb
-+ * Added pfkey ident extension support for ISAKMPd. (NetCelo)
-+ * Better state coherency (error management) between pf_key and IKE daemon.
-+ * (NetCelo)
-+ *
-+ * Revision 1.88 2001/08/27 19:42:44 rgb
-+ * Fix memory leak of encrypt and auth structs in pfkey register.
-+ *
-+ * Revision 1.87 2001/07/06 19:50:46 rgb
-+ * Removed unused debugging code.
-+ * Added inbound policy checking code for IPIP SAs.
-+ *
-+ * Revision 1.86 2001/06/20 06:26:04 rgb
-+ * Changed missing SA errors from EEXIST to ENOENT and added debug output
-+ * for already linked SAs.
-+ *
-+ * Revision 1.85 2001/06/15 04:57:02 rgb
-+ * Remove single error return condition check and check for all errors in
-+ * the case of a replace eroute delete operation. This means that
-+ * applications must expect to be deleting something before replacing it
-+ * and if nothing is found, complain.
-+ *
-+ * Revision 1.84 2001/06/14 19:35:12 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.83 2001/06/12 00:03:19 rgb
-+ * Silence debug set/unset under normal conditions.
-+ *
-+ * Revision 1.82 2001/05/30 08:14:04 rgb
-+ * Removed vestiges of esp-null transforms.
-+ *
-+ * Revision 1.81 2001/05/27 06:12:12 rgb
-+ * Added structures for pid, packet count and last access time to eroute.
-+ * Added packet count to beginning of /proc/net/ipsec_eroute.
-+ *
-+ * Revision 1.80 2001/05/03 19:43:59 rgb
-+ * Check error return codes for all build function calls.
-+ * Standardise on SENDERR() macro.
-+ *
-+ * Revision 1.79 2001/04/20 21:09:16 rgb
-+ * Cleaned up fixed tdbwipes.
-+ * Free pfkey_reply and clean up extensions_reply for grpsa, addflow and
-+ * delflow (Per Cederqvist) plugging memleaks.
-+ *
-+ * Revision 1.78 2001/04/19 19:02:39 rgb
-+ * Fixed extr.tdb freeing, stealing it for getspi, update and add.
-+ * Refined a couple of spinlocks, fixed the one in update.
-+ *
-+ * Revision 1.77 2001/04/18 20:26:16 rgb
-+ * Wipe/free eroute and both tdbs from extr at end of pfkey_msg_interp()
-+ * instead of inside each message type parser. This fixes two memleaks.
-+ *
-+ * Revision 1.76 2001/04/17 23:51:18 rgb
-+ * Quiet down pfkey_x_debug_process().
-+ *
-+ * Revision 1.75 2001/03/29 01:55:05 rgb
-+ * Fixed pfkey key init memleak.
-+ * Fixed pfkey encryption key debug output.
-+ *
-+ * Revision 1.74 2001/03/27 05:29:14 rgb
-+ * Debug output cleanup/silencing.
-+ *
-+ * Revision 1.73 2001/02/28 05:03:28 rgb
-+ * Clean up and rationalise startup messages.
-+ *
-+ * Revision 1.72 2001/02/27 22:24:56 rgb
-+ * Re-formatting debug output (line-splitting, joining, 1arg/line).
-+ * Check for satoa() return codes.
-+ *
-+ * Revision 1.71 2001/02/27 06:59:30 rgb
-+ * Added satype2name() conversions most places satype is debug printed.
-+ *
-+ * Revision 1.70 2001/02/26 22:37:08 rgb
-+ * Fixed 'unknown proto' INT bug in new code.
-+ * Added satype to protocol debugging instrumentation.
-+ *
-+ * Revision 1.69 2001/02/26 19:57:51 rgb
-+ * Re-formatted debug output (split lines, consistent spacing).
-+ * Fixed as yet undetected FLUSH bug which called ipsec_tdbcleanup()
-+ * with an satype instead of proto.
-+ * Checked for satype consistency and fixed minor bugs.
-+ * Fixed undetected ungrpspi bug that tried to upmsg a second tdb.
-+ * Check for satype sanity in pfkey_expire().
-+ * Added satype sanity check to addflow.
-+ *
-+ * Revision 1.68 2001/02/12 23:14:40 rgb
-+ * Remove double spin lock in pfkey_expire().
-+ *
-+ * Revision 1.67 2001/01/31 19:23:40 rgb
-+ * Fixed double-unlock bug introduced by grpsa upmsg (found by Lars Heete).
-+ *
-+ * Revision 1.66 2001/01/29 22:20:04 rgb
-+ * Fix minor add upmsg lifetime bug.
-+ *
-+ * Revision 1.65 2001/01/24 06:12:33 rgb
-+ * Fixed address extension compile bugs just introduced.
-+ *
-+ * Revision 1.64 2001/01/24 00:31:15 rgb
-+ * Added upmsg for addflow/delflow.
-+ *
-+ * Revision 1.63 2001/01/23 22:02:55 rgb
-+ * Added upmsg to x_grpsa.
-+ * Fixed lifetimes extentions to add/update/get upmsg.
-+ *
-+ * Revision 1.62 2000/11/30 21:47:51 rgb
-+ * Fix error return bug after returning from pfkey_tdb_init().
-+ *
-+ * Revision 1.61 2000/11/17 18:10:29 rgb
-+ * Fixed bugs mostly relating to spirange, to treat all spi variables as
-+ * network byte order since this is the way PF_KEYv2 stored spis.
-+ *
-+ * Revision 1.60 2000/11/06 04:34:53 rgb
-+ * Changed non-exported functions to DEBUG_NO_STATIC.
-+ * Add Svenning's adaptive content compression.
-+ * Ditched spin_lock_irqsave in favour of spin_lock/_bh.
-+ * Fixed double unlock bug (Svenning).
-+ * Fixed pfkey_msg uninitialized bug in pfkey_{expire,acquire}().
-+ * Fixed incorrect extension type (prop) in pfkey)acquire().
-+ *
-+ * Revision 1.59 2000/10/11 15:25:12 rgb
-+ * Fixed IPCOMP disabled compile bug.
-+ *
-+ * Revision 1.58 2000/10/11 14:54:03 rgb
-+ * Fixed pfkey_acquire() satype to SADB_SATYPE_ESP and removed pfkey
-+ * protocol violations of setting pfkey_address_build() protocol parameter
-+ * to non-zero except in the case of pfkey_acquire().
-+ *
-+ * Revision 1.57 2000/10/10 20:10:18 rgb
-+ * Added support for debug_ipcomp and debug_verbose to klipsdebug.
-+ *
-+ * Revision 1.56 2000/10/06 20:24:36 rgb
-+ * Fixes to pfkey_acquire to initialize extensions[] and use correct
-+ * ipproto.
-+ *
-+ * Revision 1.55 2000/10/03 03:20:57 rgb
-+ * Added brackets to get a?b:c scope right for pfkey_register reply.
-+ *
-+ * Revision 1.54 2000/09/29 19:49:30 rgb
-+ * As-yet-unused-bits cleanup.
-+ *
-+ * Revision 1.53 2000/09/28 00:35:45 rgb
-+ * Padded SATYPE printout in pfkey_register for vertical alignment.
-+ *
-+ * Revision 1.52 2000/09/20 16:21:58 rgb
-+ * Cleaned up ident string alloc/free.
-+ *
-+ * Revision 1.51 2000/09/20 04:04:20 rgb
-+ * Changed static functions to DEBUG_NO_STATIC to reveal function names in
-+ * oopsen.
-+ *
-+ * Revision 1.50 2000/09/16 01:10:53 rgb
-+ * Fixed unused var warning with debug off.
-+ *
-+ * Revision 1.49 2000/09/15 11:37:02 rgb
-+ * Merge in heavily modified Svenning Soerensen's <svenning@post5.tele.dk>
-+ * IPCOMP zlib deflate code.
-+ *
-+ * Revision 1.48 2000/09/15 04:57:57 rgb
-+ * Cleaned up existing IPCOMP code before svenning addition.
-+ * Initialize pfkey_reply and extensions_reply in case of early error in
-+ * message parsing functions (thanks Kai!).
-+ *
-+ * Revision 1.47 2000/09/13 08:02:56 rgb
-+ * Added KMd registration notification.
-+ *
-+ * Revision 1.46 2000/09/12 22:35:36 rgb
-+ * Restructured to remove unused extensions from CLEARFLOW messages.
-+ *
-+ * Revision 1.45 2000/09/12 03:24:23 rgb
-+ * Converted #if0 debugs to sysctl.
-+ *
-+ * Revision 1.44 2000/09/09 06:38:39 rgb
-+ * Correct SADB message type for update, add and delete.
-+ *
-+ * Revision 1.43 2000/09/08 19:19:56 rgb
-+ * Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
-+ * Removed all references to CONFIG_IPSEC_PFKEYv2.
-+ * Put in sanity checks in most msg type parsers to catch invalid satypes
-+ * and empty socket lists.
-+ * Moved spin-locks in pfkey_get_parse() to simplify.
-+ * Added pfkey_acquire().
-+ * Added upwards messages to update, add, delete, acquire_parse,
-+ * expire_parse and flush.
-+ * Fix pfkey_prop_build() parameter to be only single indirection.
-+ * Changed all replies to use pfkey_reply.
-+ * Check return code on puttdb() and deltdbchain() in getspi, update,
-+ * add, delete.
-+ * Fixed up all pfkey replies to open and registered sockets.
-+ *
-+ * Revision 1.42 2000/09/01 18:50:26 rgb
-+ * Added a supported algorithms array lists, one per satype and registered
-+ * existing algorithms.
-+ * Fixed pfkey_list_{insert,remove}_{socket,support}() to allow change to
-+ * list.
-+ * Only send pfkey_expire() messages to sockets registered for that satype.
-+ * Added reply to pfkey_getspi_parse().
-+ * Added reply to pfkey_get_parse().
-+ * Fixed debug output label bug in pfkey_lifetime_process().
-+ * Cleaned up pfkey_sa_process a little.
-+ * Moved pfkey_safe_build() above message type parsers to make it available
-+ * for creating replies.
-+ * Added comments for future work in pfkey_acquire_parse().
-+ * Fleshed out guts of pfkey_register_parse().
-+ *
-+ * Revision 1.41 2000/08/24 16:58:11 rgb
-+ * Fixed key debugging variables.
-+ * Fixed error return code for a failed search.
-+ * Changed order of pfkey_get operations.
-+ *
-+ * Revision 1.40 2000/08/21 16:32:27 rgb
-+ * Re-formatted for cosmetic consistency and readability.
-+ *
-+ * Revision 1.39 2000/08/20 21:38:57 rgb
-+ * Bugfixes to as-yet-unused pfkey_update_parse() and
-+ * pfkey_register_parse(). (Momchil)
-+ * Added functions pfkey_safe_build(), pfkey_expire() and
-+ * pfkey_build_reply(). (Momchil)
-+ * Added a pfkey_reply parameter to pfkey_msg_interp(). (Momchil)
-+ *
-+ * Revision 1.38 2000/08/18 21:30:41 rgb
-+ * Purged all tdb_spi, tdb_proto and tdb_dst macros. They are unclear.
-+ *
-+ * Revision 1.37 2000/08/18 18:18:02 rgb
-+ * Cosmetic and descriptive changes made to debug test.
-+ * getspi and update fixes from Momchil.
-+ *
-+ * Revision 1.36 2000/08/15 15:41:55 rgb
-+ * Fixed the (as yet unused and untested) pfkey_getspi() routine.
-+ *
-+ * Revision 1.35 2000/08/01 14:51:52 rgb
-+ * Removed _all_ remaining traces of DES.
-+ *
-+ * Revision 1.34 2000/07/28 14:58:32 rgb
-+ * Changed kfree_s to kfree, eliminating extra arg to fix 2.4.0-test5.
-+ *
-+ * Revision 1.33 2000/06/28 05:50:11 rgb
-+ * Actually set iv_bits.
-+ *
-+ * Revision 1.32 2000/05/30 18:36:56 rgb
-+ * Fix AH auth hash setup bug. This breaks interop with previous PF_KEY
-+ * FreeS/WAN, but fixes interop with other implementations.
-+ *
-+ * Revision 1.31 2000/03/16 14:05:48 rgb
-+ * Fixed brace scope preventing non-debug compile.
-+ * Added null parameter check for pfkey_x_debug().
-+ *
-+ * Revision 1.30 2000/01/22 23:21:13 rgb
-+ * Use new function satype2proto().
-+ *
-+ * Revision 1.29 2000/01/22 08:40:21 rgb
-+ * Invert condition to known value to avoid AF_INET6 in 2.0.36.
-+ *
-+ * Revision 1.28 2000/01/22 07:58:57 rgb
-+ * Fixed REPLACEFLOW bug, missing braces around KLIPS_PRINT *and* SENDERR.
-+ *
-+ * Revision 1.27 2000/01/22 03:48:01 rgb
-+ * Added extr pointer component debugging.
-+ *
-+ * Revision 1.26 2000/01/21 09:41:25 rgb
-+ * Changed a (void*) to (char*) cast to do proper pointer math.
-+ * Don't call tdbwipe if tdb2 is NULL.
-+ *
-+ * Revision 1.25 2000/01/21 06:21:01 rgb
-+ * Added address cases for eroute flows.
-+ * Tidied up compiler directive indentation for readability.
-+ * Added ictx,octx vars for simplification.
-+ * Added macros for HMAC padding magic numbers.
-+ * Converted from double tdb arguments to one structure (extr)
-+ * containing pointers to all temporary information structures
-+ * and checking for valid arguments to all ext processors and
-+ * msg type parsers.
-+ * Added spiungrp'ing.
-+ * Added klipsdebug switching capability.
-+ * Removed sa_process() check for zero protocol.
-+ * Added address case for DST2 for grouping.
-+ * Added/changed minor debugging instrumentation.
-+ * Fixed spigrp for single said, ungrouping case.
-+ * Added code to parse addflow and delflow messages.
-+ * Removed redundant statements duplicating tdbwipe() functionality
-+ * and causing double kfrees.
-+ * Permit addflow to have a protocol of 0.
-+ *
-+ * Revision 1.24 1999/12/09 23:23:00 rgb
-+ * Added check to pfkey_sa_process() to do eroutes.
-+ * Converted to DIVUP() macro.
-+ * Converted if() to switch() in pfkey_register_parse().
-+ * Use new pfkey_extensions_init() instead of memset().
-+ *
-+ * Revision 1.23 1999/12/01 22:18:13 rgb
-+ * Preset minspi and maxspi values in case and spirange extension is not
-+ * included and check for the presence of an spirange extension before
-+ * using it. Initialise tdb_sastate to LARVAL.
-+ * Fixed debugging output typo.
-+ * Fixed authentication context initialisation bugs (4 places).
-+ *
-+ * Revision 1.22 1999/11/27 11:53:08 rgb
-+ * Moved pfkey_msg_parse prototype to pfkey.h
-+ * Moved exts_permitted/required prototype to pfkey.h.
-+ * Moved sadb_satype2proto protocol lookup table to lib/pfkey_v2_parse.c.
-+ * Deleted SADB_X_EXT_SA2 code from pfkey_sa_process() since it will never
-+ * be called.
-+ * Moved protocol/algorithm checks to lib/pfkey_v2_parse.c
-+ * Debugging error messages added.
-+ * Enable lifetime_current checking.
-+ * Remove illegal requirement for SA extension to be present in an
-+ * originating GETSPI call.
-+ * Re-instate requirement for UPDATE or ADD message to be MATURE.
-+ * Add argument to pfkey_msg_parse() for direction.
-+ * Fixed IPIP dst address bug and purged redundant, leaky code.
-+ *
-+ * Revision 1.21 1999/11/24 05:24:20 rgb
-+ * hanged 'void*extensions' to 'struct sadb_ext*extensions'.
-+ * Fixed indention.
-+ * Ditched redundant replay check.
-+ * Fixed debug message text from 'parse' to 'process'.
-+ * Added more debug output.
-+ * Forgot to zero extensions array causing bug, fixed.
-+ *
-+ * Revision 1.20 1999/11/23 23:08:13 rgb
-+ * Move all common parsing code to lib/pfkey_v2_parse.c and rename
-+ * remaining bits to *_process. (PJO)
-+ * Add macros for dealing with alignment and rounding up more opaquely.
-+ * Use provided macro ADDRTOA_BUF instead of hardcoded value.
-+ * Sort out pfkey and freeswan headers, putting them in a library path.
-+ * Corrected a couple of bugs in as-yet-inactive code.
-+ *
-+ * Revision 1.19 1999/11/20 22:01:10 rgb
-+ * Add more descriptive error messages for non-zero reserved fields.
-+ * Add more descriptive error message for spirange parsing.
-+ * Start on supported extension parsing.
-+ * Start on register and get message parsing.
-+ *
-+ * Revision 1.18 1999/11/18 04:09:20 rgb
-+ * Replaced all kernel version macros to shorter, readable form.
-+ *
-+ * Revision 1.17 1999/11/17 15:53:41 rgb
-+ * Changed all occurrences of #include "../../../lib/freeswan.h"
-+ * to #include <freeswan.h> which works due to -Ilibfreeswan in the
-+ * klips/net/ipsec/Makefile.
-+ *
-+ * Revision 1.16 1999/10/26 16:57:43 rgb
-+ * Add shorter macros for compiler directives to visually clean-up.
-+ * Give ipv6 code meaningful compiler directive.
-+ * Add comments to other #if 0 debug code.
-+ * Remove unused *_bh_atomic() calls.
-+ * Fix mis-placed spinlock.
-+ *
-+ * Revision 1.15 1999/10/16 18:27:10 rgb
-+ * Clean-up unused cruft.
-+ * Fix-up lifetime_allocations_c and lifetime_addtime_c initialisations.
-+ *
-+ * Revision 1.14 1999/10/08 18:37:34 rgb
-+ * Fix end-of-line spacing to sate whining PHMs.
-+ *
-+ * Revision 1.13 1999/10/03 18:49:12 rgb
-+ * Spinlock fixes for 2.0.xx and 2.3.xx.
-+ *
-+ * Revision 1.12 1999/10/01 15:44:54 rgb
-+ * Move spinlock header include to 2.1> scope.
-+ *
-+ * Revision 1.11 1999/10/01 00:05:45 rgb
-+ * Added tdb structure locking.
-+ * Use 'jiffies' instead of do_get_timeofday().
-+ * Fix lifetime assignments.
-+ *
-+ * Revision 1.10 1999/09/21 15:24:45 rgb
-+ * Rework spirange code to save entropy and prevent endless loops.
-+ *
-+ * Revision 1.9 1999/09/16 12:10:21 rgb
-+ * Minor fixes to random spi selection for correctness and entropy conservation.
-+ *
-+ * Revision 1.8 1999/05/25 22:54:46 rgb
-+ * Fix comparison that should be an assignment in an if.
-+ *
-+ * Revision 1.7 1999/05/09 03:25:37 rgb
-+ * Fix bug introduced by 2.2 quick-and-dirty patch.
-+ *
-+ * Revision 1.6 1999/05/08 21:32:30 rgb
-+ * Fix error return reporting.
-+ *
-+ * Revision 1.5 1999/05/05 22:02:33 rgb
-+ * Add a quick and dirty port to 2.2 kernels by Marc Boucher <marc@mbsi.ca>.
-+ *
-+ * Revision 1.4 1999/04/29 15:22:40 rgb
-+ * Standardise an error return method.
-+ * Add debugging instrumentation.
-+ * Add check for existence of macros min/max.
-+ * Add extensions permitted/required in/out filters.
-+ * Add satype-to-protocol table.
-+ * Add a second tdb pointer to each parser to accomodate GRPSA.
-+ * Move AH & no_algo_set to GETSPI, UPDATE and ADD.
-+ * Add OOO window check.
-+ * Add support for IPPROTO_IPIP and hooks for IPPROTO_COMP.
-+ * Add timestamp to lifetime parse.
-+ * Fix address structure length checking bug.
-+ * Fix address structure allocation bug (forgot to kmalloc!).
-+ * Add checks for extension lengths.
-+ * Add checks for extension reserved illegal values.
-+ * Add check for spirange legal values.
-+ * Add an extension type for parsing a second satype, SA and
-+ * DST_ADDRESS.
-+ * Make changes to tdb_init() template to get pfkey_tdb_init(),
-+ * eliminating any mention of xformsw.
-+ * Implement getspi, update and grpsa (not tested).
-+ * Add stubs for as yet unimplemented message types.
-+ * Add table of message parsers to substitute for msg_parse switch.
-+ *
-+ * Revision 1.3 1999/04/15 17:58:07 rgb
-+ * Add RCSID labels.
-+ *
-+ * Revision 1.2 1999/04/15 15:37:26 rgb
-+ * Forward check changes from POST1_00 branch.
-+ *
-+ * Revision 1.1.2.1 1999/03/26 20:58:56 rgb
-+ * Add pfkeyv2 support to KLIPS.
-+ *
-+ * Local variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/prng.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,201 @@
-+/*
-+ * crypto-class pseudorandom number generator
-+ * currently uses same algorithm as RC4(TM), from Schneier 2nd ed p397
-+ * Copyright (C) 2002 Henry Spencer.
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: prng.c,v 1.7 2004-07-10 07:48:36 mcr Exp $
-+ */
-+#include "openswan.h"
-+
-+/*
-+ - prng_init - initialize PRNG from a key
-+ */
-+void
-+prng_init(prng, key, keylen)
-+struct prng *prng;
-+const unsigned char *key;
-+size_t keylen;
-+{
-+ unsigned char k[256];
-+ int i, j;
-+ unsigned const char *p;
-+ unsigned const char *keyend = key + keylen;
-+ unsigned char t;
-+
-+ for (i = 0; i <= 255; i++)
-+ prng->sbox[i] = i;
-+ p = key;
-+ for (i = 0; i <= 255; i++) {
-+ k[i] = *p++;
-+ if (p >= keyend)
-+ p = key;
-+ }
-+ j = 0;
-+ for (i = 0; i <= 255; i++) {
-+ j = (j + prng->sbox[i] + k[i]) & 0xff;
-+ t = prng->sbox[i];
-+ prng->sbox[i] = prng->sbox[j];
-+ prng->sbox[j] = t;
-+ k[i] = 0; /* clear out key memory */
-+ }
-+ prng->i = 0;
-+ prng->j = 0;
-+ prng->count = 0;
-+}
-+
-+/*
-+ - prng_bytes - get some pseudorandom bytes from PRNG
-+ */
-+void
-+prng_bytes(prng, dst, dstlen)
-+struct prng *prng;
-+unsigned char *dst;
-+size_t dstlen;
-+{
-+ int i, j, t;
-+ unsigned char *p = dst;
-+ size_t remain = dstlen;
-+# define MAX 4000000000ul
-+
-+ while (remain > 0) {
-+ i = (prng->i + 1) & 0xff;
-+ prng->i = i;
-+ j = (prng->j + prng->sbox[i]) & 0xff;
-+ prng->j = j;
-+ t = prng->sbox[i];
-+ prng->sbox[i] = prng->sbox[j];
-+ prng->sbox[j] = t;
-+ t = (t + prng->sbox[i]) & 0xff;
-+ *p++ = prng->sbox[t];
-+ remain--;
-+ }
-+ if (prng->count < MAX - dstlen)
-+ prng->count += dstlen;
-+ else
-+ prng->count = MAX;
-+}
-+
-+/*
-+ - prnt_count - how many bytes have been extracted from PRNG so far?
-+ */
-+unsigned long
-+prng_count(prng)
-+struct prng *prng;
-+{
-+ return prng->count;
-+}
-+
-+/*
-+ - prng_final - clear out PRNG to ensure nothing left in memory
-+ */
-+void
-+prng_final(prng)
-+struct prng *prng;
-+{
-+ int i;
-+
-+ for (i = 0; i <= 255; i++)
-+ prng->sbox[i] = 0;
-+ prng->i = 0;
-+ prng->j = 0;
-+ prng->count = 0; /* just for good measure */
-+}
-+
-+
-+
-+#ifdef PRNG_MAIN
-+
-+#include <stdio.h>
-+
-+void regress();
-+
-+int
-+main(argc, argv)
-+int argc;
-+char *argv[];
-+{
-+ struct prng pr;
-+ unsigned char buf[100];
-+ unsigned char *p;
-+ size_t n;
-+
-+ if (argc < 2) {
-+ fprintf(stderr, "Usage: %s {key|-r}\n", argv[0]);
-+ exit(2);
-+ }
-+
-+ if (strcmp(argv[1], "-r") == 0) {
-+ regress();
-+ fprintf(stderr, "regress() returned?!?\n");
-+ exit(1);
-+ }
-+
-+ prng_init(&pr, argv[1], strlen(argv[1]));
-+ prng_bytes(&pr, buf, 32);
-+ printf("0x");
-+ for (p = buf, n = 32; n > 0; p++, n--)
-+ printf("%02x", *p);
-+ printf("\n%lu bytes\n", prng_count(&pr));
-+ prng_final(&pr);
-+ exit(0);
-+}
-+
-+void
-+regress()
-+{
-+ struct prng pr;
-+ unsigned char buf[100];
-+ unsigned char *p;
-+ size_t n;
-+ /* somewhat non-random sample key */
-+ unsigned char key[] = "here we go gathering nuts in May";
-+ /* first thirty bytes of output from that key */
-+ unsigned char good[] = "\x3f\x02\x8e\x4a\x2a\xea\x23\x18\x92\x7c"
-+ "\x09\x52\x83\x61\xaa\x26\xce\xbb\x9d\x71"
-+ "\x71\xe5\x10\x22\xaf\x60\x54\x8d\x5b\x28";
-+ int nzero, none;
-+ int show = 0;
-+
-+ prng_init(&pr, key, strlen(key));
-+ prng_bytes(&pr, buf, sizeof(buf));
-+ for (p = buf, n = sizeof(buf); n > 0; p++, n--) {
-+ if (*p == 0)
-+ nzero++;
-+ if (*p == 255)
-+ none++;
-+ }
-+ if (nzero > 3 || none > 3) {
-+ fprintf(stderr, "suspiciously non-random output!\n");
-+ show = 1;
-+ }
-+ if (memcmp(buf, good, strlen(good)) != 0) {
-+ fprintf(stderr, "incorrect output!\n");
-+ show = 1;
-+ }
-+ if (show) {
-+ fprintf(stderr, "0x");
-+ for (p = buf, n = sizeof(buf); n > 0; p++, n--)
-+ fprintf(stderr, "%02x", *p);
-+ fprintf(stderr, "\n");
-+ exit(1);
-+ }
-+ if (prng_count(&pr) != sizeof(buf)) {
-+ fprintf(stderr, "got %u bytes, but count is %lu\n",
-+ sizeof(buf), prng_count(&pr));
-+ exit(1);
-+ }
-+ prng_final(&pr);
-+ exit(0);
-+}
-+
-+#endif /* PRNG_MAIN */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/radij.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,1237 @@
-+char radij_c_version[] = "RCSID $Id: radij.c,v 1.48.2.1 2006-10-06 21:39:27 paul Exp $";
-+
-+/*
-+ * This file is defived from ${SRC}/sys/net/radix.c of BSD 4.4lite
-+ *
-+ * Variable and procedure names have been modified so that they don't
-+ * conflict with the original BSD code, as a small number of modifications
-+ * have been introduced and we may want to reuse this code in BSD.
-+ *
-+ * The `j' in `radij' is pronounced as a voiceless guttural (like a Greek
-+ * chi or a German ch sound (as `doch', not as in `milch'), or even a
-+ * spanish j as in Juan. It is not as far back in the throat like
-+ * the corresponding Hebrew sound, nor is it a soft breath like the English h.
-+ * It has nothing to do with the Dutch ij sound.
-+ *
-+ * Here is the appropriate copyright notice:
-+ */
-+
-+/*
-+ * Copyright (c) 1988, 1989, 1993
-+ * The Regents of the University of California. All rights reserved.
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions
-+ * are met:
-+ * 1. Redistributions of source code must retain the above copyright
-+ * notice, this list of conditions and the following disclaimer.
-+ * 2. Redistributions in binary form must reproduce the above copyright
-+ * notice, this list of conditions and the following disclaimer in the
-+ * documentation and/or other materials provided with the distribution.
-+ * 3. All advertising materials mentioning features or use of this software
-+ * must display the following acknowledgement:
-+ * This product includes software developed by the University of
-+ * California, Berkeley and its contributors.
-+ * 4. Neither the name of the University nor the names of its contributors
-+ * may be used to endorse or promote products derived from this software
-+ * without specific prior written permission.
-+ *
-+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
-+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
-+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-+ * SUCH DAMAGE.
-+ *
-+ * @(#)radix.c 8.2 (Berkeley) 1/4/94
-+ */
-+
-+/*
-+ * Routines to build and maintain radix trees for routing lookups.
-+ */
-+
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "openswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/interrupt.h> /* mark_bh */
-+
-+#include <linux/netdevice.h> /* struct device, and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+#include <linux/skbuff.h>
-+#ifdef NET_21
-+# include <linux/in6.h>
-+#endif /* NET_21 */
-+
-+#include <net/ip.h>
-+
-+#include <openswan.h>
-+
-+#include "openswan/radij.h"
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_radij.h"
-+
-+int maj_keylen;
-+struct radij_mask *rj_mkfreelist;
-+struct radij_node_head *mask_rjhead;
-+static int gotOddMasks;
-+static char *maskedKey;
-+static char *rj_zeroes, *rj_ones;
-+
-+#define rj_masktop (mask_rjhead->rnh_treetop)
-+#ifdef Bcmp
-+# undef Bcmp
-+#endif /* Bcmp */
-+#define Bcmp(a, b, l) (l == 0 ? 0 : memcmp((caddr_t)(b), (caddr_t)(a), (size_t)l))
-+/*
-+ * The data structure for the keys is a radix tree with one way
-+ * branching removed. The index rj_b at an internal node n represents a bit
-+ * position to be tested. The tree is arranged so that all descendants
-+ * of a node n have keys whose bits all agree up to position rj_b - 1.
-+ * (We say the index of n is rj_b.)
-+ *
-+ * There is at least one descendant which has a one bit at position rj_b,
-+ * and at least one with a zero there.
-+ *
-+ * A route is determined by a pair of key and mask. We require that the
-+ * bit-wise logical and of the key and mask to be the key.
-+ * We define the index of a route to associated with the mask to be
-+ * the first bit number in the mask where 0 occurs (with bit number 0
-+ * representing the highest order bit).
-+ *
-+ * We say a mask is normal if every bit is 0, past the index of the mask.
-+ * If a node n has a descendant (k, m) with index(m) == index(n) == rj_b,
-+ * and m is a normal mask, then the route applies to every descendant of n.
-+ * If the index(m) < rj_b, this implies the trailing last few bits of k
-+ * before bit b are all 0, (and hence consequently true of every descendant
-+ * of n), so the route applies to all descendants of the node as well.
-+ *
-+ * The present version of the code makes no use of normal routes,
-+ * but similar logic shows that a non-normal mask m such that
-+ * index(m) <= index(n) could potentially apply to many children of n.
-+ * Thus, for each non-host route, we attach its mask to a list at an internal
-+ * node as high in the tree as we can go.
-+ */
-+
-+struct radij_node *
-+rj_search(v_arg, head)
-+ void *v_arg;
-+ struct radij_node *head;
-+{
-+ register struct radij_node *x;
-+ register caddr_t v;
-+
-+ for (x = head, v = v_arg; x->rj_b >= 0;) {
-+ if (x->rj_bmask & v[x->rj_off])
-+ x = x->rj_r;
-+ else
-+ x = x->rj_l;
-+ }
-+ return (x);
-+};
-+
-+struct radij_node *
-+rj_search_m(v_arg, head, m_arg)
-+ struct radij_node *head;
-+ void *v_arg, *m_arg;
-+{
-+ register struct radij_node *x;
-+ register caddr_t v = v_arg, m = m_arg;
-+
-+ for (x = head; x->rj_b >= 0;) {
-+ if ((x->rj_bmask & m[x->rj_off]) &&
-+ (x->rj_bmask & v[x->rj_off]))
-+ x = x->rj_r;
-+ else
-+ x = x->rj_l;
-+ }
-+ return x;
-+};
-+
-+int
-+rj_refines(m_arg, n_arg)
-+ void *m_arg, *n_arg;
-+{
-+ register caddr_t m = m_arg, n = n_arg;
-+ register caddr_t lim, lim2 = lim = n + *(u_char *)n;
-+ int longer = (*(u_char *)n++) - (int)(*(u_char *)m++);
-+ int masks_are_equal = 1;
-+
-+ if (longer > 0)
-+ lim -= longer;
-+ while (n < lim) {
-+ if (*n & ~(*m))
-+ return 0;
-+ if (*n++ != *m++)
-+ masks_are_equal = 0;
-+
-+ }
-+ while (n < lim2)
-+ if (*n++)
-+ return 0;
-+ if (masks_are_equal && (longer < 0))
-+ for (lim2 = m - longer; m < lim2; )
-+ if (*m++)
-+ return 1;
-+ return (!masks_are_equal);
-+}
-+
-+
-+struct radij_node *
-+rj_match(v_arg, head)
-+ void *v_arg;
-+ struct radij_node_head *head;
-+{
-+ caddr_t v = v_arg;
-+ register struct radij_node *t = head->rnh_treetop, *x;
-+ register caddr_t cp = v, cp2, cp3;
-+ caddr_t cplim, mstart;
-+ struct radij_node *saved_t, *top = t;
-+ int off = t->rj_off, vlen = *(u_char *)cp, matched_off;
-+
-+ /*
-+ * Open code rj_search(v, top) to avoid overhead of extra
-+ * subroutine call.
-+ */
-+ for (; t->rj_b >= 0; ) {
-+ if (t->rj_bmask & cp[t->rj_off])
-+ t = t->rj_r;
-+ else
-+ t = t->rj_l;
-+ }
-+ /*
-+ * See if we match exactly as a host destination
-+ */
-+ KLIPS_PRINT(debug_radij,
-+ "klips_debug:rj_match: "
-+ "* See if we match exactly as a host destination\n");
-+
-+ cp += off; cp2 = t->rj_key + off; cplim = v + vlen;
-+ for (; cp < cplim; cp++, cp2++)
-+ if (*cp != *cp2)
-+ goto on1;
-+ /*
-+ * This extra grot is in case we are explicitly asked
-+ * to look up the default. Ugh!
-+ */
-+ if ((t->rj_flags & RJF_ROOT) && t->rj_dupedkey)
-+ t = t->rj_dupedkey;
-+ return t;
-+on1:
-+ matched_off = cp - v;
-+ saved_t = t;
-+ KLIPS_PRINT(debug_radij,
-+ "klips_debug:rj_match: "
-+ "** try to match a leaf, t=0p%p\n", t);
-+ do {
-+ if (t->rj_mask) {
-+ /*
-+ * Even if we don't match exactly as a hosts;
-+ * we may match if the leaf we wound up at is
-+ * a route to a net.
-+ */
-+ cp3 = matched_off + t->rj_mask;
-+ cp2 = matched_off + t->rj_key;
-+ for (; cp < cplim; cp++)
-+ if ((*cp2++ ^ *cp) & *cp3++)
-+ break;
-+ if (cp == cplim)
-+ return t;
-+ cp = matched_off + v;
-+ }
-+ } while ((t = t->rj_dupedkey));
-+ t = saved_t;
-+ /* start searching up the tree */
-+ KLIPS_PRINT(debug_radij,
-+ "klips_debug:rj_match: "
-+ "*** start searching up the tree, t=0p%p\n",
-+ t);
-+ do {
-+ register struct radij_mask *m;
-+
-+ t = t->rj_p;
-+ KLIPS_PRINT(debug_radij,
-+ "klips_debug:rj_match: "
-+ "**** t=0p%p\n",
-+ t);
-+ if ((m = t->rj_mklist)) {
-+ /*
-+ * After doing measurements here, it may
-+ * turn out to be faster to open code
-+ * rj_search_m here instead of always
-+ * copying and masking.
-+ */
-+ /* off = min(t->rj_off, matched_off); */
-+ off = t->rj_off;
-+ if (matched_off < off)
-+ off = matched_off;
-+ mstart = maskedKey + off;
-+ do {
-+ cp2 = mstart;
-+ cp3 = m->rm_mask + off;
-+ KLIPS_PRINT(debug_radij,
-+ "klips_debug:rj_match: "
-+ "***** cp2=0p%p cp3=0p%p\n",
-+ cp2, cp3);
-+ for (cp = v + off; cp < cplim;)
-+ *cp2++ = *cp++ & *cp3++;
-+ x = rj_search(maskedKey, t);
-+ while (x && x->rj_mask != m->rm_mask)
-+ x = x->rj_dupedkey;
-+ if (x &&
-+ (Bcmp(mstart, x->rj_key + off,
-+ vlen - off) == 0))
-+ return x;
-+ } while ((m = m->rm_mklist));
-+ }
-+ } while (t != top);
-+ KLIPS_PRINT(debug_radij,
-+ "klips_debug:rj_match: "
-+ "***** not found.\n");
-+ return 0;
-+};
-+
-+#ifdef RJ_DEBUG
-+int rj_nodenum;
-+struct radij_node *rj_clist;
-+int rj_saveinfo;
-+DEBUG_NO_STATIC void traverse(struct radij_node *);
-+#ifdef RJ_DEBUG2
-+int rj_debug = 1;
-+#else
-+int rj_debug = 0;
-+#endif /* RJ_DEBUG2 */
-+#endif /* RJ_DEBUG */
-+
-+struct radij_node *
-+rj_newpair(v, b, nodes)
-+ void *v;
-+ int b;
-+ struct radij_node nodes[2];
-+{
-+ register struct radij_node *tt = nodes, *t = tt + 1;
-+ t->rj_b = b; t->rj_bmask = 0x80 >> (b & 7);
-+ t->rj_l = tt; t->rj_off = b >> 3;
-+ tt->rj_b = -1; tt->rj_key = (caddr_t)v; tt->rj_p = t;
-+ tt->rj_flags = t->rj_flags = RJF_ACTIVE;
-+#ifdef RJ_DEBUG
-+ tt->rj_info = rj_nodenum++; t->rj_info = rj_nodenum++;
-+ tt->rj_twin = t; tt->rj_ybro = rj_clist; rj_clist = tt;
-+#endif /* RJ_DEBUG */
-+ return t;
-+}
-+
-+struct radij_node *
-+rj_insert(v_arg, head, dupentry, nodes)
-+ void *v_arg;
-+ struct radij_node_head *head;
-+ int *dupentry;
-+ struct radij_node nodes[2];
-+{
-+ caddr_t v = v_arg;
-+ struct radij_node *top = head->rnh_treetop;
-+ int head_off = top->rj_off, vlen = (int)*((u_char *)v);
-+ register struct radij_node *t = rj_search(v_arg, top);
-+ register caddr_t cp = v + head_off;
-+ register int b;
-+ struct radij_node *tt;
-+ /*
-+ *find first bit at which v and t->rj_key differ
-+ */
-+ {
-+ register caddr_t cp2 = t->rj_key + head_off;
-+ register int cmp_res;
-+ caddr_t cplim = v + vlen;
-+
-+ while (cp < cplim)
-+ if (*cp2++ != *cp++)
-+ goto on1;
-+ *dupentry = 1;
-+ return t;
-+on1:
-+ *dupentry = 0;
-+ cmp_res = (cp[-1] ^ cp2[-1]) & 0xff;
-+ for (b = (cp - v) << 3; cmp_res; b--)
-+ cmp_res >>= 1;
-+ }
-+ {
-+ register struct radij_node *p, *x = top;
-+ cp = v;
-+ do {
-+ p = x;
-+ if (cp[x->rj_off] & x->rj_bmask)
-+ x = x->rj_r;
-+ else x = x->rj_l;
-+ } while (b > (unsigned) x->rj_b); /* x->rj_b < b && x->rj_b >= 0 */
-+#ifdef RJ_DEBUG
-+ if (rj_debug)
-+ printk("klips_debug:rj_insert: Going In:\n"), traverse(p);
-+#endif /* RJ_DEBUG */
-+ t = rj_newpair(v_arg, b, nodes); tt = t->rj_l;
-+ if ((cp[p->rj_off] & p->rj_bmask) == 0)
-+ p->rj_l = t;
-+ else
-+ p->rj_r = t;
-+ x->rj_p = t; t->rj_p = p; /* frees x, p as temp vars below */
-+ if ((cp[t->rj_off] & t->rj_bmask) == 0) {
-+ t->rj_r = x;
-+ } else {
-+ t->rj_r = tt; t->rj_l = x;
-+ }
-+#ifdef RJ_DEBUG
-+ if (rj_debug)
-+ printk("klips_debug:rj_insert: Coming out:\n"), traverse(p);
-+#endif /* RJ_DEBUG */
-+ }
-+ return (tt);
-+}
-+
-+struct radij_node *
-+rj_addmask(n_arg, search, skip)
-+ int search, skip;
-+ void *n_arg;
-+{
-+ caddr_t netmask = (caddr_t)n_arg;
-+ register struct radij_node *x;
-+ register caddr_t cp, cplim;
-+ register int b, mlen, j;
-+ int maskduplicated;
-+
-+ mlen = *(u_char *)netmask;
-+ if (search) {
-+ x = rj_search(netmask, rj_masktop);
-+ mlen = *(u_char *)netmask;
-+ if (Bcmp(netmask, x->rj_key, mlen) == 0)
-+ return (x);
-+ }
-+ R_Malloc(x, struct radij_node *, maj_keylen + 2 * sizeof (*x));
-+ if (x == 0)
-+ return (0);
-+ Bzero(x, maj_keylen + 2 * sizeof (*x));
-+ cp = (caddr_t)(x + 2);
-+ Bcopy(netmask, cp, mlen);
-+ netmask = cp;
-+ x = rj_insert(netmask, mask_rjhead, &maskduplicated, x);
-+ /*
-+ * Calculate index of mask.
-+ */
-+ cplim = netmask + mlen;
-+ for (cp = netmask + skip; cp < cplim; cp++)
-+ if (*(u_char *)cp != 0xff)
-+ break;
-+ b = (cp - netmask) << 3;
-+ if (cp != cplim) {
-+ if (*cp != 0) {
-+ gotOddMasks = 1;
-+ for (j = 0x80; j; b++, j >>= 1)
-+ if ((j & *cp) == 0)
-+ break;
-+ }
-+ }
-+ x->rj_b = -1 - b;
-+ return (x);
-+}
-+
-+#if 0
-+struct radij_node *
-+#endif
-+int
-+rj_addroute(v_arg, n_arg, head, treenodes)
-+ void *v_arg, *n_arg;
-+ struct radij_node_head *head;
-+ struct radij_node treenodes[2];
-+{
-+ caddr_t v = (caddr_t)v_arg, netmask = (caddr_t)n_arg;
-+ register struct radij_node *t, *x=NULL, *tt;
-+ struct radij_node *saved_tt, *top = head->rnh_treetop;
-+ short b = 0, b_leaf;
-+ int mlen, keyduplicated;
-+ caddr_t cplim;
-+ struct radij_mask *m, **mp;
-+
-+ /*
-+ * In dealing with non-contiguous masks, there may be
-+ * many different routes which have the same mask.
-+ * We will find it useful to have a unique pointer to
-+ * the mask to speed avoiding duplicate references at
-+ * nodes and possibly save time in calculating indices.
-+ */
-+ if (netmask) {
-+ x = rj_search(netmask, rj_masktop);
-+ mlen = *(u_char *)netmask;
-+ if (Bcmp(netmask, x->rj_key, mlen) != 0) {
-+ x = rj_addmask(netmask, 0, top->rj_off);
-+ if (x == 0)
-+ return -ENOMEM; /* (0) rgb */
-+ }
-+ netmask = x->rj_key;
-+ b = -1 - x->rj_b;
-+ }
-+ /*
-+ * Deal with duplicated keys: attach node to previous instance
-+ */
-+ saved_tt = tt = rj_insert(v, head, &keyduplicated, treenodes);
-+#ifdef RJ_DEBUG
-+ printk("addkey: duplicated: %d\n", keyduplicated);
-+#endif
-+ if (keyduplicated) {
-+ do {
-+ if (tt->rj_mask == netmask)
-+ return -EEXIST; /* -ENXIO; (0) rgb */
-+ t = tt;
-+ if (netmask == 0 ||
-+ (tt->rj_mask && rj_refines(netmask, tt->rj_mask)))
-+ break;
-+ } while ((tt = tt->rj_dupedkey));
-+ /*
-+ * If the mask is not duplicated, we wouldn't
-+ * find it among possible duplicate key entries
-+ * anyway, so the above test doesn't hurt.
-+ *
-+ * We sort the masks for a duplicated key the same way as
-+ * in a masklist -- most specific to least specific.
-+ * This may require the unfortunate nuisance of relocating
-+ * the head of the list.
-+ */
-+ if (tt && t == saved_tt) {
-+ struct radij_node *xx = x;
-+ /* link in at head of list */
-+ (tt = treenodes)->rj_dupedkey = t;
-+ tt->rj_flags = t->rj_flags;
-+ tt->rj_p = x = t->rj_p;
-+ if (x->rj_l == t) x->rj_l = tt; else x->rj_r = tt;
-+ saved_tt = tt; x = xx;
-+ } else {
-+ (tt = treenodes)->rj_dupedkey = t->rj_dupedkey;
-+ t->rj_dupedkey = tt;
-+ }
-+#ifdef RJ_DEBUG
-+ t=tt+1; tt->rj_info = rj_nodenum++; t->rj_info = rj_nodenum++;
-+ tt->rj_twin = t; tt->rj_ybro = rj_clist; rj_clist = tt;
-+#endif /* RJ_DEBUG */
-+ t = saved_tt;
-+ tt->rj_key = (caddr_t) v;
-+ tt->rj_b = -1;
-+ tt->rj_flags = t->rj_flags & ~RJF_ROOT;
-+ }
-+ /*
-+ * Put mask in tree.
-+ */
-+ if (netmask) {
-+ tt->rj_mask = netmask;
-+ tt->rj_b = x->rj_b;
-+ }
-+ t = saved_tt->rj_p;
-+ b_leaf = -1 - t->rj_b;
-+ if (t->rj_r == saved_tt) x = t->rj_l; else x = t->rj_r;
-+ /* Promote general routes from below */
-+ if (x->rj_b < 0) {
-+ if (x->rj_mask && (x->rj_b >= b_leaf) && x->rj_mklist == 0) {
-+ MKGet(m);
-+ if (m) {
-+ Bzero(m, sizeof *m);
-+ m->rm_b = x->rj_b;
-+ m->rm_mask = x->rj_mask;
-+ x->rj_mklist = t->rj_mklist = m;
-+ }
-+ }
-+ } else if (x->rj_mklist) {
-+ /*
-+ * Skip over masks whose index is > that of new node
-+ */
-+ for (mp = &x->rj_mklist; (m = *mp); mp = &m->rm_mklist)
-+ if (m->rm_b >= b_leaf)
-+ break;
-+ t->rj_mklist = m; *mp = 0;
-+ }
-+ /* Add new route to highest possible ancestor's list */
-+ if ((netmask == 0) || (b > t->rj_b )) {
-+#ifdef RJ_DEBUG
-+ printk("klips:radij.c: netmask = %p or b(%d)>t->rjb(%d)\n", netmask, b, t->rj_b);
-+#endif
-+ return 0; /* tt rgb */ /* can't lift at all */
-+ }
-+ b_leaf = tt->rj_b;
-+ do {
-+ x = t;
-+ t = t->rj_p;
-+ } while (b <= t->rj_b && x != top);
-+ /*
-+ * Search through routes associated with node to
-+ * insert new route according to index.
-+ * For nodes of equal index, place more specific
-+ * masks first.
-+ */
-+ cplim = netmask + mlen;
-+ for (mp = &x->rj_mklist; (m = *mp); mp = &m->rm_mklist) {
-+ if (m->rm_b < b_leaf)
-+ continue;
-+ if (m->rm_b > b_leaf)
-+ break;
-+ if (m->rm_mask == netmask) {
-+ m->rm_refs++;
-+ tt->rj_mklist = m;
-+#ifdef RJ_DEBUG
-+ printk("klips:radij.c: m->rm_mask %p == netmask\n", netmask);
-+#endif
-+ return 0; /* tt rgb */
-+ }
-+ if (rj_refines(netmask, m->rm_mask))
-+ break;
-+ }
-+ MKGet(m);
-+ if (m == 0) {
-+ printk("klips_debug:rj_addroute: "
-+ "Mask for route not entered\n");
-+ return 0; /* (tt) rgb */
-+ }
-+ Bzero(m, sizeof *m);
-+ m->rm_b = b_leaf;
-+ m->rm_mask = netmask;
-+ m->rm_mklist = *mp;
-+ *mp = m;
-+ tt->rj_mklist = m;
-+#ifdef RJ_DEBUG
-+ printk("klips:radij.c: addroute done\n");
-+#endif
-+ return 0; /* tt rgb */
-+}
-+
-+int
-+rj_delete(v_arg, netmask_arg, head, node)
-+ void *v_arg, *netmask_arg;
-+ struct radij_node_head *head;
-+ struct radij_node **node;
-+{
-+ register struct radij_node *t, *p, *x, *tt;
-+ struct radij_mask *m, *saved_m, **mp;
-+ struct radij_node *dupedkey, *saved_tt, *top;
-+ caddr_t v, netmask;
-+ int b, head_off, vlen;
-+
-+ v = v_arg;
-+ netmask = netmask_arg;
-+ x = head->rnh_treetop;
-+ tt = rj_search(v, x);
-+ head_off = x->rj_off;
-+ vlen = *(u_char *)v;
-+ saved_tt = tt;
-+ top = x;
-+ if (tt == 0 ||
-+ Bcmp(v + head_off, tt->rj_key + head_off, vlen - head_off))
-+ return -EFAULT; /* (0) rgb */
-+ /*
-+ * Delete our route from mask lists.
-+ */
-+ if ((dupedkey = tt->rj_dupedkey)) {
-+ if (netmask)
-+ netmask = rj_search(netmask, rj_masktop)->rj_key;
-+ while (tt->rj_mask != netmask)
-+ if ((tt = tt->rj_dupedkey) == 0)
-+ return -ENOENT; /* -ENXIO; (0) rgb */
-+ }
-+ if (tt->rj_mask == 0 || (saved_m = m = tt->rj_mklist) == 0)
-+ goto on1;
-+ if (m->rm_mask != tt->rj_mask) {
-+ printk("klips_debug:rj_delete: "
-+ "inconsistent annotation\n");
-+ goto on1;
-+ }
-+ if (--m->rm_refs >= 0)
-+ goto on1;
-+ b = -1 - tt->rj_b;
-+ t = saved_tt->rj_p;
-+ if (b > t->rj_b)
-+ goto on1; /* Wasn't lifted at all */
-+ do {
-+ x = t;
-+ t = t->rj_p;
-+ } while (b <= t->rj_b && x != top);
-+ for (mp = &x->rj_mklist; (m = *mp); mp = &m->rm_mklist)
-+ if (m == saved_m) {
-+ *mp = m->rm_mklist;
-+ MKFree(m);
-+ break;
-+ }
-+ if (m == 0)
-+ printk("klips_debug:rj_delete: "
-+ "couldn't find our annotation\n");
-+on1:
-+ /*
-+ * Eliminate us from tree
-+ */
-+ if (tt->rj_flags & RJF_ROOT)
-+ return -EFAULT; /* (0) rgb */
-+#ifdef RJ_DEBUG
-+ /* Get us out of the creation list */
-+ for (t = rj_clist; t && t->rj_ybro != tt; t = t->rj_ybro) {}
-+ if (t) t->rj_ybro = tt->rj_ybro;
-+#endif /* RJ_DEBUG */
-+ t = tt->rj_p;
-+ if (dupedkey) {
-+ if (tt == saved_tt) {
-+ x = dupedkey; x->rj_p = t;
-+ if (t->rj_l == tt) t->rj_l = x; else t->rj_r = x;
-+ } else {
-+ for (x = p = saved_tt; p && p->rj_dupedkey != tt;)
-+ p = p->rj_dupedkey;
-+ if (p) p->rj_dupedkey = tt->rj_dupedkey;
-+ else printk("klips_debug:rj_delete: "
-+ "couldn't find node that we started with\n");
-+ }
-+ t = tt + 1;
-+ if (t->rj_flags & RJF_ACTIVE) {
-+#ifndef RJ_DEBUG
-+ *++x = *t; p = t->rj_p;
-+#else
-+ b = t->rj_info; *++x = *t; t->rj_info = b; p = t->rj_p;
-+#endif /* RJ_DEBUG */
-+ if (p->rj_l == t) p->rj_l = x; else p->rj_r = x;
-+ x->rj_l->rj_p = x; x->rj_r->rj_p = x;
-+ }
-+ goto out;
-+ }
-+ if (t->rj_l == tt) x = t->rj_r; else x = t->rj_l;
-+ p = t->rj_p;
-+ if (p->rj_r == t) p->rj_r = x; else p->rj_l = x;
-+ x->rj_p = p;
-+ /*
-+ * Demote routes attached to us.
-+ */
-+ if (t->rj_mklist) {
-+ if (x->rj_b >= 0) {
-+ for (mp = &x->rj_mklist; (m = *mp);)
-+ mp = &m->rm_mklist;
-+ *mp = t->rj_mklist;
-+ } else {
-+ for (m = t->rj_mklist; m;) {
-+ struct radij_mask *mm = m->rm_mklist;
-+ if (m == x->rj_mklist && (--(m->rm_refs) < 0)) {
-+ x->rj_mklist = 0;
-+ MKFree(m);
-+ } else
-+ printk("klips_debug:rj_delete: "
-+ "Orphaned Mask 0p%p at 0p%p\n", m, x);
-+ m = mm;
-+ }
-+ }
-+ }
-+ /*
-+ * We may be holding an active internal node in the tree.
-+ */
-+ x = tt + 1;
-+ if (t != x) {
-+#ifndef RJ_DEBUG
-+ *t = *x;
-+#else
-+ b = t->rj_info; *t = *x; t->rj_info = b;
-+#endif /* RJ_DEBUG */
-+ t->rj_l->rj_p = t; t->rj_r->rj_p = t;
-+ p = x->rj_p;
-+ if (p->rj_l == x) p->rj_l = t; else p->rj_r = t;
-+ }
-+out:
-+ tt->rj_flags &= ~RJF_ACTIVE;
-+ tt[1].rj_flags &= ~RJF_ACTIVE;
-+ *node = tt;
-+ return 0; /* (tt) rgb */
-+}
-+
-+int
-+rj_walktree(h, f, w)
-+ struct radij_node_head *h;
-+ register int (*f)(struct radij_node *,void *);
-+ void *w;
-+{
-+ int error;
-+ struct radij_node *base, *next;
-+ register struct radij_node *rn;
-+
-+ if(!h || !f /* || !w */) {
-+ return -ENODATA;
-+ }
-+
-+ rn = h->rnh_treetop;
-+ /*
-+ * This gets complicated because we may delete the node
-+ * while applying the function f to it, so we need to calculate
-+ * the successor node in advance.
-+ */
-+ /* First time through node, go left */
-+ while (rn->rj_b >= 0)
-+ rn = rn->rj_l;
-+ for (;;) {
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(debug_radij) {
-+ printk("klips_debug:rj_walktree: "
-+ "for: rn=0p%p rj_b=%d rj_flags=%x",
-+ rn,
-+ rn->rj_b,
-+ rn->rj_flags);
-+ rn->rj_b >= 0 ?
-+ printk(" node off=%x\n",
-+ rn->rj_off) :
-+ printk(" leaf key = %08x->%08x\n",
-+ (u_int)ntohl(((struct sockaddr_encap *)rn->rj_key)->sen_ip_src.s_addr),
-+ (u_int)ntohl(((struct sockaddr_encap *)rn->rj_key)->sen_ip_dst.s_addr))
-+ ;
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ base = rn;
-+ /* If at right child go back up, otherwise, go right */
-+ while (rn->rj_p->rj_r == rn && (rn->rj_flags & RJF_ROOT) == 0)
-+ rn = rn->rj_p;
-+ /* Find the next *leaf* since next node might vanish, too */
-+ for (rn = rn->rj_p->rj_r; rn->rj_b >= 0;)
-+ rn = rn->rj_l;
-+ next = rn;
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(debug_radij) {
-+ printk("klips_debug:rj_walktree: "
-+ "processing leaves, rn=0p%p rj_b=%d rj_flags=%x",
-+ rn,
-+ rn->rj_b,
-+ rn->rj_flags);
-+ rn->rj_b >= 0 ?
-+ printk(" node off=%x\n",
-+ rn->rj_off) :
-+ printk(" leaf key = %08x->%08x\n",
-+ (u_int)ntohl(((struct sockaddr_encap *)rn->rj_key)->sen_ip_src.s_addr),
-+ (u_int)ntohl(((struct sockaddr_encap *)rn->rj_key)->sen_ip_dst.s_addr))
-+ ;
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ /* Process leaves */
-+ while ((rn = base)) {
-+ base = rn->rj_dupedkey;
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(debug_radij) {
-+ printk("klips_debug:rj_walktree: "
-+ "while: base=0p%p rn=0p%p rj_b=%d rj_flags=%x",
-+ base,
-+ rn,
-+ rn->rj_b,
-+ rn->rj_flags);
-+ rn->rj_b >= 0 ?
-+ printk(" node off=%x\n",
-+ rn->rj_off) :
-+ printk(" leaf key = %08x->%08x\n",
-+ (u_int)ntohl(((struct sockaddr_encap *)rn->rj_key)->sen_ip_src.s_addr),
-+ (u_int)ntohl(((struct sockaddr_encap *)rn->rj_key)->sen_ip_dst.s_addr))
-+ ;
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ if (!(rn->rj_flags & RJF_ROOT) && (error = (*f)(rn, w)))
-+ return (-error);
-+ }
-+ rn = next;
-+ if (rn->rj_flags & RJF_ROOT)
-+ return (0);
-+ }
-+ /* NOTREACHED */
-+}
-+
-+int
-+rj_inithead(head, off)
-+ void **head;
-+ int off;
-+{
-+ register struct radij_node_head *rnh;
-+ register struct radij_node *t, *tt, *ttt;
-+ if (*head)
-+ return (1);
-+ R_Malloc(rnh, struct radij_node_head *, sizeof (*rnh));
-+ if (rnh == NULL)
-+ return (0);
-+ Bzero(rnh, sizeof (*rnh));
-+ *head = rnh;
-+ t = rj_newpair(rj_zeroes, off, rnh->rnh_nodes);
-+ ttt = rnh->rnh_nodes + 2;
-+ t->rj_r = ttt;
-+ t->rj_p = t;
-+ tt = t->rj_l;
-+ tt->rj_flags = t->rj_flags = RJF_ROOT | RJF_ACTIVE;
-+ tt->rj_b = -1 - off;
-+ *ttt = *tt;
-+ ttt->rj_key = rj_ones;
-+ rnh->rnh_addaddr = rj_addroute;
-+ rnh->rnh_deladdr = rj_delete;
-+ rnh->rnh_matchaddr = rj_match;
-+ rnh->rnh_walktree = rj_walktree;
-+ rnh->rnh_treetop = t;
-+ return (1);
-+}
-+
-+void
-+rj_init()
-+{
-+ char *cp, *cplim;
-+
-+ if (maj_keylen == 0) {
-+ printk("klips_debug:rj_init: "
-+ "radij functions require maj_keylen be set\n");
-+ return;
-+ }
-+ R_Malloc(rj_zeroes, char *, 3 * maj_keylen);
-+ if (rj_zeroes == NULL)
-+ panic("rj_init");
-+ Bzero(rj_zeroes, 3 * maj_keylen);
-+ rj_ones = cp = rj_zeroes + maj_keylen;
-+ maskedKey = cplim = rj_ones + maj_keylen;
-+ while (cp < cplim)
-+ *cp++ = -1;
-+ if (rj_inithead((void **)&mask_rjhead, 0) == 0)
-+ panic("rj_init 2");
-+}
-+
-+void
-+rj_preorder(struct radij_node *rn, int l)
-+{
-+ int i;
-+
-+ if (rn == NULL){
-+ printk("klips_debug:rj_preorder: "
-+ "NULL pointer\n");
-+ return;
-+ }
-+
-+ if (rn->rj_b >= 0){
-+ rj_preorder(rn->rj_l, l+1);
-+ rj_preorder(rn->rj_r, l+1);
-+ printk("klips_debug:");
-+ for (i=0; i<l; i++)
-+ printk("*");
-+ printk(" off = %d\n",
-+ rn->rj_off);
-+ } else {
-+ printk("klips_debug:");
-+ for (i=0; i<l; i++)
-+ printk("@");
-+ printk(" flags = %x",
-+ (u_int)rn->rj_flags);
-+ if (rn->rj_flags & RJF_ACTIVE) {
-+ printk(" @key=0p%p",
-+ rn->rj_key);
-+ printk(" key = %08x->%08x",
-+ (u_int)ntohl(((struct sockaddr_encap *)rn->rj_key)->sen_ip_src.s_addr),
-+ (u_int)ntohl(((struct sockaddr_encap *)rn->rj_key)->sen_ip_dst.s_addr));
-+ printk(" @mask=0p%p",
-+ rn->rj_mask);
-+ if (rn->rj_mask)
-+ printk(" mask = %08x->%08x",
-+ (u_int)ntohl(((struct sockaddr_encap *)rn->rj_mask)->sen_ip_src.s_addr),
-+ (u_int)ntohl(((struct sockaddr_encap *)rn->rj_mask)->sen_ip_dst.s_addr));
-+ if (rn->rj_dupedkey)
-+ printk(" dupedkey = 0p%p",
-+ rn->rj_dupedkey);
-+ }
-+ printk("\n");
-+ }
-+}
-+
-+#ifdef RJ_DEBUG
-+DEBUG_NO_STATIC void traverse(struct radij_node *p)
-+{
-+ rj_preorder(p, 0);
-+}
-+#endif /* RJ_DEBUG */
-+
-+void
-+rj_dumptrees(void)
-+{
-+ rj_preorder(rnh->rnh_treetop, 0);
-+}
-+
-+void
-+rj_free_mkfreelist(void)
-+{
-+ struct radij_mask *mknp, *mknp2;
-+
-+ mknp = rj_mkfreelist;
-+ while(mknp)
-+ {
-+ mknp2 = mknp;
-+ mknp = mknp->rm_mklist;
-+ kfree(mknp2);
-+ }
-+}
-+
-+int
-+radijcleartree(void)
-+{
-+ return rj_walktree(rnh, ipsec_rj_walker_delete, NULL);
-+}
-+
-+int
-+radijcleanup(void)
-+{
-+ int error = 0;
-+
-+ error = radijcleartree();
-+
-+ rj_free_mkfreelist();
-+
-+/* rj_walktree(mask_rjhead, ipsec_rj_walker_delete, NULL); */
-+ if(mask_rjhead) {
-+ kfree(mask_rjhead);
-+ }
-+
-+ if(rj_zeroes) {
-+ kfree(rj_zeroes);
-+ }
-+
-+ if(rnh) {
-+ kfree(rnh);
-+ }
-+
-+ return error;
-+}
-+
-+/*
-+ * $Log: radij.c,v $
-+ * Revision 1.48.2.1 2006-10-06 21:39:27 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.48 2005/04/29 05:10:22 mcr
-+ * removed from extraenous includes to make unit testing easier.
-+ *
-+ * Revision 1.47 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.46 2004/04/06 02:49:26 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.45 2003/10/31 02:27:55 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.44.30.1 2003/10/29 01:30:41 mcr
-+ * elimited "struct sa_id".
-+ *
-+ * Revision 1.44 2002/07/24 18:44:54 rgb
-+ * Type fiddling to tame ia64 compiler.
-+ *
-+ * Revision 1.43 2002/05/23 07:14:11 rgb
-+ * Cleaned up %p variants to 0p%p for test suite cleanup.
-+ *
-+ * Revision 1.42 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.41 2002/04/24 07:36:35 mcr
-+ * Moved from ./klips/net/ipsec/radij.c,v
-+ *
-+ * Revision 1.40 2002/01/29 17:17:58 mcr
-+ * moved include of ipsec_param.h to after include of linux/kernel.h
-+ * otherwise, it seems that some option that is set in ipsec_param.h
-+ * screws up something subtle in the include path to kernel.h, and
-+ * it complains on the snprintf() prototype.
-+ *
-+ * Revision 1.39 2002/01/29 04:00:55 mcr
-+ * more excise of kversions.h header.
-+ *
-+ * Revision 1.38 2002/01/29 02:13:19 mcr
-+ * introduction of ipsec_kversion.h means that include of
-+ * ipsec_param.h must preceed any decisions about what files to
-+ * include to deal with differences in kernel source.
-+ *
-+ * Revision 1.37 2001/10/18 04:45:23 rgb
-+ * 2.4.9 kernel deprecates linux/malloc.h in favour of linux/slab.h,
-+ * lib/freeswan.h version macros moved to lib/kversions.h.
-+ * Other compiler directive cleanups.
-+ *
-+ * Revision 1.36 2001/08/22 13:43:51 henry
-+ * eliminate the single use of min() to avoid problems with Linus changing it
-+ *
-+ * Revision 1.35 2001/06/15 04:57:29 rgb
-+ * Clarified error return codes.
-+ * Changed mask add already exists to EEXIST.
-+ * Changed mask delete did not exist to ENOENT.
-+ *
-+ * Revision 1.34 2001/05/03 19:44:26 rgb
-+ * Fix sign of error return codes for rj_addroute().
-+ *
-+ * Revision 1.33 2001/02/27 22:24:56 rgb
-+ * Re-formatting debug output (line-splitting, joining, 1arg/line).
-+ * Check for satoa() return codes.
-+ *
-+ * Revision 1.32 2001/02/27 06:23:15 rgb
-+ * Debug line splitting.
-+ *
-+ * Revision 1.31 2000/11/06 04:35:21 rgb
-+ * Clear table *before* releasing other items in radijcleanup.
-+ *
-+ * Revision 1.30 2000/09/20 04:07:40 rgb
-+ * Changed static functions to DEBUG_NO_STATIC to reveal function names in
-+ * oopsen.
-+ *
-+ * Revision 1.29 2000/09/12 03:25:02 rgb
-+ * Moved radij_c_version printing to ipsec_version_get_info().
-+ *
-+ * Revision 1.28 2000/09/08 19:12:56 rgb
-+ * Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
-+ *
-+ * Revision 1.27 2000/07/28 14:58:32 rgb
-+ * Changed kfree_s to kfree, eliminating extra arg to fix 2.4.0-test5.
-+ *
-+ * Revision 1.26 2000/05/10 23:11:37 rgb
-+ * Comment out most of the startup version information.
-+ *
-+ * Revision 1.25 2000/01/21 06:21:47 rgb
-+ * Change return codes to negative on error.
-+ *
-+ * Revision 1.24 1999/11/18 04:09:20 rgb
-+ * Replaced all kernel version macros to shorter, readable form.
-+ *
-+ * Revision 1.23 1999/11/17 15:53:41 rgb
-+ * Changed all occurrences of #include "../../../lib/freeswan.h"
-+ * to #include <freeswan.h> which works due to -Ilibfreeswan in the
-+ * klips/net/ipsec/Makefile.
-+ *
-+ * Revision 1.22 1999/10/15 22:17:28 rgb
-+ * Modify radijcleanup() to call radijcleartree().
-+ *
-+ * Revision 1.21 1999/10/08 18:37:34 rgb
-+ * Fix end-of-line spacing to sate whining PHMs.
-+ *
-+ * Revision 1.20 1999/10/01 15:44:54 rgb
-+ * Move spinlock header include to 2.1> scope.
-+ *
-+ * Revision 1.19 1999/10/01 08:35:52 rgb
-+ * Add spinlock include to shut up compiler for 2.0.38.
-+ *
-+ * Revision 1.18 1999/09/23 18:02:52 rgb
-+ * De-alarm the search failure message so it doesn't sound so grave.
-+ *
-+ * Revision 1.17 1999/05/25 21:26:01 rgb
-+ * Fix rj_walktree() sanity checking bug.
-+ *
-+ * Revision 1.16 1999/05/09 03:25:38 rgb
-+ * Fix bug introduced by 2.2 quick-and-dirty patch.
-+ *
-+ * Revision 1.15 1999/05/05 22:02:33 rgb
-+ * Add a quick and dirty port to 2.2 kernels by Marc Boucher <marc@mbsi.ca>.
-+ *
-+ * Revision 1.14 1999/04/29 15:24:15 rgb
-+ * Add sanity checking for null pointer arguments.
-+ * Standardise an error return method.
-+ *
-+ * Revision 1.13 1999/04/11 00:29:02 henry
-+ * GPL boilerplate
-+ *
-+ * Revision 1.12 1999/04/06 04:54:28 rgb
-+ * Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+ * patch shell fixes.
-+ *
-+ * Revision 1.11 1999/02/17 16:52:53 rgb
-+ * Convert DEBUG_IPSEC to KLIPS_PRINT
-+ * Clean out unused cruft.
-+ *
-+ * Revision 1.10 1999/01/22 06:30:05 rgb
-+ * Cruft clean-out.
-+ * 64-bit clean-up.
-+ *
-+ * Revision 1.9 1998/12/01 13:22:04 rgb
-+ * Added support for debug printing of version info.
-+ *
-+ * Revision 1.8 1998/11/30 13:22:55 rgb
-+ * Rationalised all the klips kernel file headers. They are much shorter
-+ * now and won't conflict under RH5.2.
-+ *
-+ * Revision 1.7 1998/10/25 02:43:26 rgb
-+ * Change return type on rj_addroute and rj_delete and add and argument
-+ * to the latter to be able to transmit more infomation about errors.
-+ *
-+ * Revision 1.6 1998/10/19 14:30:06 rgb
-+ * Added inclusion of freeswan.h.
-+ *
-+ * Revision 1.5 1998/10/09 04:33:27 rgb
-+ * Added 'klips_debug' prefix to all klips printk debug statements.
-+ * Fixed output formatting slightly.
-+ *
-+ * Revision 1.4 1998/07/28 00:06:59 rgb
-+ * Add debug detail to tree traversing.
-+ *
-+ * Revision 1.3 1998/07/14 18:07:58 rgb
-+ * Add a routine to clear the eroute tree.
-+ *
-+ * Revision 1.2 1998/06/25 20:03:22 rgb
-+ * Cleanup #endif comments. Debug output for rj_init.
-+ *
-+ * Revision 1.1 1998/06/18 21:30:22 henry
-+ * move sources from klips/src to klips/net/ipsec to keep stupid kernel
-+ * build scripts happier about symlinks
-+ *
-+ * Revision 1.8 1998/05/25 20:34:15 rgb
-+ * Remove temporary ipsec_walk, rj_deltree and rj_delnodes functions.
-+ *
-+ * Rename ipsec_rj_walker (ipsec_walk) to ipsec_rj_walker_procprint and
-+ * add ipsec_rj_walker_delete.
-+ *
-+ * Recover memory for eroute table on unload of module.
-+ *
-+ * Revision 1.7 1998/05/21 12:58:58 rgb
-+ * Moved 'extern' definitions to ipsec_radij.h to support /proc 3k limit fix.
-+ *
-+ * Revision 1.6 1998/04/23 20:57:29 rgb
-+ * Cleaned up compiler warnings for unused debugging functions.
-+ *
-+ * Revision 1.5 1998/04/22 16:51:38 rgb
-+ * Tidy up radij debug code from recent rash of modifications to debug code.
-+ *
-+ * Revision 1.4 1998/04/21 21:28:56 rgb
-+ * Rearrange debug switches to change on the fly debug output from user
-+ * space. Only kernel changes checked in at this time. radij.c was also
-+ * changed to temporarily remove buggy debugging code in rj_delete causing
-+ * an OOPS and hence, netlink device open errors.
-+ *
-+ * Revision 1.3 1998/04/14 17:30:37 rgb
-+ * Fix up compiling errors for radij tree memory reclamation.
-+ *
-+ * Revision 1.2 1998/04/12 22:03:25 rgb
-+ * Updated ESP-3DES-HMAC-MD5-96,
-+ * ESP-DES-HMAC-MD5-96,
-+ * AH-HMAC-MD5-96,
-+ * AH-HMAC-SHA1-96 since Henry started freeswan cvs repository
-+ * from old standards (RFC182[5-9] to new (as of March 1998) drafts.
-+ *
-+ * Fixed eroute references in /proc/net/ipsec*.
-+ *
-+ * Started to patch module unloading memory leaks in ipsec_netlink and
-+ * radij tree unloading.
-+ *
-+ * Revision 1.1 1998/04/09 03:06:15 henry
-+ * sources moved up from linux/net/ipsec
-+ *
-+ * Revision 1.1.1.1 1998/04/08 05:35:03 henry
-+ * RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
-+ *
-+ * Revision 0.4 1997/01/15 01:28:15 ji
-+ * No changes.
-+ *
-+ * Revision 0.3 1996/11/20 14:39:04 ji
-+ * Minor cleanups.
-+ * Rationalized debugging code.
-+ *
-+ * Revision 0.2 1996/11/02 00:18:33 ji
-+ * First limited release.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/rangetoa.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,60 @@
-+/*
-+ * convert binary form of address range to ASCII
-+ * Copyright (C) 1998, 1999 Henry Spencer.
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: rangetoa.c,v 1.9 2004-07-10 07:48:37 mcr Exp $
-+ */
-+#include "openswan.h"
-+
-+/*
-+ - rangetoa - convert address range to ASCII
-+ */
-+size_t /* space needed for full conversion */
-+rangetoa(addrs, format, dst, dstlen)
-+struct in_addr addrs[2];
-+int format; /* character */
-+char *dst; /* need not be valid if dstlen is 0 */
-+size_t dstlen;
-+{
-+ size_t len;
-+ size_t rest;
-+ int n;
-+ char *p;
-+
-+ switch (format) {
-+ case 0:
-+ break;
-+ default:
-+ return 0;
-+ break;
-+ }
-+
-+ len = addrtoa(addrs[0], 0, dst, dstlen);
-+ if (len < dstlen)
-+ for (p = dst + len - 1, n = 3; len < dstlen && n > 0;
-+ p++, len++, n--)
-+ *p = '.';
-+ else
-+ p = NULL;
-+ if (len < dstlen)
-+ rest = dstlen - len;
-+ else {
-+ if (dstlen > 0)
-+ *(dst + dstlen - 1) = '\0';
-+ rest = 0;
-+ }
-+
-+ len += addrtoa(addrs[1], 0, p, rest);
-+
-+ return len;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/satot.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,133 @@
-+/*
-+ * convert from binary form of SA ID to text
-+ * Copyright (C) 2000, 2001 Henry Spencer.
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: satot.c,v 1.13 2004-07-10 07:48:37 mcr Exp $
-+ */
-+#include "openswan.h"
-+
-+static struct typename {
-+ char type;
-+ char *name;
-+} typenames[] = {
-+ { SA_AH, "ah" },
-+ { SA_ESP, "esp" },
-+ { SA_IPIP, "tun" },
-+ { SA_COMP, "comp" },
-+ { SA_INT, "int" },
-+ { 0, NULL }
-+};
-+
-+/*
-+ - satot - convert SA to text "ah507@1.2.3.4"
-+ */
-+size_t /* space needed for full conversion */
-+satot(sa, format, dst, dstlen)
-+const ip_said *sa;
-+int format; /* character */
-+char *dst; /* need not be valid if dstlen is 0 */
-+size_t dstlen;
-+{
-+ size_t len = 0; /* 0 means "not recognized yet" */
-+ int base;
-+ int showversion; /* use delimiter to show IP version? */
-+ struct typename *tn;
-+ char *p;
-+ char *pre;
-+ char buf[10+1+ULTOT_BUF+ADDRTOT_BUF];
-+ char unk[10];
-+
-+ switch (format) {
-+ case 0:
-+ base = 16;
-+ showversion = 1;
-+ break;
-+ case 'f':
-+ base = 17;
-+ showversion = 1;
-+ break;
-+ case 'x':
-+ base = 'x';
-+ showversion = 0;
-+ break;
-+ case 'd':
-+ base = 10;
-+ showversion = 0;
-+ break;
-+ default:
-+ return 0;
-+ break;
-+ }
-+
-+ memset(buf, 0, sizeof(buf));
-+
-+ pre = NULL;
-+ for (tn = typenames; tn->name != NULL; tn++)
-+ if (sa->proto == tn->type) {
-+ pre = tn->name;
-+ break; /* NOTE BREAK OUT */
-+ }
-+ if (pre == NULL) { /* unknown protocol */
-+ strcpy(unk, "unk");
-+ (void) ultot((unsigned char)sa->proto, 10, unk+strlen(unk),
-+ sizeof(unk)-strlen(unk));
-+ pre = unk;
-+ }
-+
-+ if (strcmp(pre, PASSTHROUGHTYPE) == 0 &&
-+ sa->spi == PASSTHROUGHSPI &&
-+ isunspecaddr(&sa->dst)) {
-+ strcpy(buf, (addrtypeof(&sa->dst) == AF_INET) ?
-+ PASSTHROUGH4NAME :
-+ PASSTHROUGH6NAME);
-+ len = strlen(buf);
-+ }
-+
-+ if (sa->proto == SA_INT) {
-+ switch (ntohl(sa->spi)) {
-+ case SPI_PASS: p = "%pass"; break;
-+ case SPI_DROP: p = "%drop"; break;
-+ case SPI_REJECT: p = "%reject"; break;
-+ case SPI_HOLD: p = "%hold"; break;
-+ case SPI_TRAP: p = "%trap"; break;
-+ case SPI_TRAPSUBNET: p = "%trapsubnet"; break;
-+ default: p = NULL; break;
-+ }
-+ if (p != NULL) {
-+ strcpy(buf, p);
-+ len = strlen(buf);
-+ }
-+ }
-+
-+ if (len == 0) { /* general case needed */
-+ strcpy(buf, pre);
-+ len = strlen(buf);
-+ if (showversion) {
-+ *(buf+len) = (addrtypeof(&sa->dst) == AF_INET) ? '.' :
-+ ':';
-+ len++;
-+ *(buf+len) = '\0';
-+ }
-+ len += ultot(ntohl(sa->spi), base, buf+len, sizeof(buf)-len);
-+ *(buf+len-1) = '@';
-+ len += addrtot(&sa->dst, 0, buf+len, sizeof(buf)-len);
-+ *(buf+len) = '\0';
-+ }
-+
-+ if (dst != NULL) {
-+ if (len > dstlen)
-+ *(buf+dstlen-1) = '\0';
-+ strcpy(dst, buf);
-+ }
-+ return len;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/subnetof.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,59 @@
-+/*
-+ * minor network-address manipulation utilities
-+ * Copyright (C) 1998, 1999 Henry Spencer.
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: subnetof.c,v 1.8 2004-07-10 07:48:37 mcr Exp $
-+ */
-+#include "openswan.h"
-+
-+/*
-+ - subnetof - given address and mask, return subnet part
-+ */
-+struct in_addr
-+subnetof(addr, mask)
-+struct in_addr addr;
-+struct in_addr mask;
-+{
-+ struct in_addr result;
-+
-+ result.s_addr = addr.s_addr & mask.s_addr;
-+ return result;
-+}
-+
-+/*
-+ - hostof - given address and mask, return host part
-+ */
-+struct in_addr
-+hostof(addr, mask)
-+struct in_addr addr;
-+struct in_addr mask;
-+{
-+ struct in_addr result;
-+
-+ result.s_addr = addr.s_addr & ~mask.s_addr;
-+ return result;
-+}
-+
-+/*
-+ - broadcastof - given (network) address and mask, return broadcast address
-+ */
-+struct in_addr
-+broadcastof(addr, mask)
-+struct in_addr addr;
-+struct in_addr mask;
-+{
-+ struct in_addr result;
-+
-+ result.s_addr = addr.s_addr | ~mask.s_addr;
-+ return result;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/subnettoa.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,61 @@
-+/*
-+ * convert binary form of subnet description to ASCII
-+ * Copyright (C) 1998, 1999 Henry Spencer.
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: subnettoa.c,v 1.11 2004-07-10 07:48:37 mcr Exp $
-+ */
-+#include "openswan.h"
-+
-+/*
-+ - subnettoa - convert address and mask to ASCII "addr/mask"
-+ * Output expresses the mask as a bit count if possible, else dotted decimal.
-+ */
-+size_t /* space needed for full conversion */
-+subnettoa(addr, mask, format, dst, dstlen)
-+struct in_addr addr;
-+struct in_addr mask;
-+int format; /* character */
-+char *dst; /* need not be valid if dstlen is 0 */
-+size_t dstlen;
-+{
-+ size_t len;
-+ size_t rest;
-+ int n;
-+ char *p;
-+
-+ switch (format) {
-+ case 0:
-+ break;
-+ default:
-+ return 0;
-+ break;
-+ }
-+
-+ len = addrtoa(addr, 0, dst, dstlen);
-+ if (len < dstlen) {
-+ dst[len - 1] = '/';
-+ p = dst + len;
-+ rest = dstlen - len;
-+ } else {
-+ p = NULL;
-+ rest = 0;
-+ }
-+
-+ n = masktobits(mask);
-+ if (n >= 0)
-+ len += ultoa((unsigned long)n, 10, p, rest);
-+ else
-+ len += addrtoa(mask, 0, p, rest);
-+
-+ return len;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/sysctl_net_ipsec.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,217 @@
-+/*
-+ * sysctl interface to net IPSEC subsystem.
-+ * Copyright (C) 1998, 1999, 2000, 2001 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: sysctl_net_ipsec.c,v 1.17.10.2 2007-10-30 21:42:25 paul Exp $
-+ */
-+
-+/* -*- linux-c -*-
-+ *
-+ * Initiated April 3, 1998, Richard Guy Briggs <rgb@conscoop.ottawa.on.ca>
-+ */
-+
-+#include <linux/version.h>
-+#include <linux/mm.h>
-+#include <linux/sysctl.h>
-+
-+#include "openswan/ipsec_param.h"
-+
-+#ifdef CONFIG_SYSCTL
-+
-+#define NET_IPSEC 2112 /* Random number */
-+#ifdef CONFIG_KLIPS_DEBUG
-+extern int debug_ah;
-+extern int debug_esp;
-+extern int debug_tunnel;
-+extern int debug_eroute;
-+extern int debug_spi;
-+extern int debug_radij;
-+extern int debug_netlink;
-+extern int debug_xform;
-+extern int debug_rcv;
-+extern int debug_pfkey;
-+extern int sysctl_ipsec_debug_verbose;
-+#ifdef CONFIG_KLIPS_IPCOMP
-+extern int sysctl_ipsec_debug_ipcomp;
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+extern int sysctl_ipsec_icmp;
-+extern int sysctl_ipsec_inbound_policy_check;
-+extern int sysctl_ipsec_tos;
-+int sysctl_ipsec_regress_pfkey_lossage;
-+
-+enum {
-+#ifdef CONFIG_KLIPS_DEBUG
-+ NET_IPSEC_DEBUG_AH=1,
-+ NET_IPSEC_DEBUG_ESP=2,
-+ NET_IPSEC_DEBUG_TUNNEL=3,
-+ NET_IPSEC_DEBUG_EROUTE=4,
-+ NET_IPSEC_DEBUG_SPI=5,
-+ NET_IPSEC_DEBUG_RADIJ=6,
-+ NET_IPSEC_DEBUG_NETLINK=7,
-+ NET_IPSEC_DEBUG_XFORM=8,
-+ NET_IPSEC_DEBUG_RCV=9,
-+ NET_IPSEC_DEBUG_PFKEY=10,
-+ NET_IPSEC_DEBUG_VERBOSE=11,
-+ NET_IPSEC_DEBUG_IPCOMP=12,
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ NET_IPSEC_ICMP=13,
-+ NET_IPSEC_INBOUND_POLICY_CHECK=14,
-+ NET_IPSEC_TOS=15,
-+ NET_IPSEC_REGRESS_PFKEY_LOSSAGE=16,
-+};
-+
-+static ctl_table ipsec_table[] = {
-+#ifdef CONFIG_KLIPS_DEBUG
-+ { NET_IPSEC_DEBUG_AH, "debug_ah", &debug_ah,
-+ sizeof(int), 0644, NULL, .proc_handler = &proc_dointvec},
-+ { NET_IPSEC_DEBUG_ESP, "debug_esp", &debug_esp,
-+ sizeof(int), 0644, NULL, .proc_handler = &proc_dointvec},
-+ { NET_IPSEC_DEBUG_TUNNEL, "debug_tunnel", &debug_tunnel,
-+ sizeof(int), 0644, NULL, .proc_handler = &proc_dointvec},
-+ { NET_IPSEC_DEBUG_EROUTE, "debug_eroute", &debug_eroute,
-+ sizeof(int), 0644, NULL, .proc_handler = &proc_dointvec},
-+ { NET_IPSEC_DEBUG_SPI, "debug_spi", &debug_spi,
-+ sizeof(int), 0644, NULL, .proc_handler = &proc_dointvec},
-+ { NET_IPSEC_DEBUG_RADIJ, "debug_radij", &debug_radij,
-+ sizeof(int), 0644, NULL, .proc_handler = &proc_dointvec},
-+ { NET_IPSEC_DEBUG_NETLINK, "debug_netlink", &debug_netlink,
-+ sizeof(int), 0644, NULL, .proc_handler = &proc_dointvec},
-+ { NET_IPSEC_DEBUG_XFORM, "debug_xform", &debug_xform,
-+ sizeof(int), 0644, NULL, .proc_handler = &proc_dointvec},
-+ { NET_IPSEC_DEBUG_RCV, "debug_rcv", &debug_rcv,
-+ sizeof(int), 0644, NULL, .proc_handler = &proc_dointvec},
-+ { NET_IPSEC_DEBUG_PFKEY, "debug_pfkey", &debug_pfkey,
-+ sizeof(int), 0644, NULL, .proc_handler = &proc_dointvec},
-+ { NET_IPSEC_DEBUG_VERBOSE, "debug_verbose",&sysctl_ipsec_debug_verbose,
-+ sizeof(int), 0644, NULL, .proc_handler = &proc_dointvec},
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ { NET_IPSEC_DEBUG_IPCOMP, "debug_ipcomp", &sysctl_ipsec_debug_ipcomp,
-+ sizeof(int), 0644, NULL, .proc_handler = &proc_dointvec},
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+
-+#ifdef CONFIG_KLIPS_REGRESS
-+ { NET_IPSEC_REGRESS_PFKEY_LOSSAGE, "pfkey_lossage",
-+ &sysctl_ipsec_regress_pfkey_lossage,
-+ sizeof(int), 0644, NULL, .proc_handler = &proc_dointvec},
-+#endif /* CONFIG_KLIPS_REGRESS */
-+
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ { NET_IPSEC_ICMP, "icmp", &sysctl_ipsec_icmp,
-+ sizeof(int), 0644, NULL, .proc_handler = &proc_dointvec},
-+ { NET_IPSEC_INBOUND_POLICY_CHECK, "inbound_policy_check", &sysctl_ipsec_inbound_policy_check,
-+ sizeof(int), 0644, NULL, .proc_handler = &proc_dointvec},
-+ { NET_IPSEC_TOS, "tos", &sysctl_ipsec_tos,
-+ sizeof(int), 0644, NULL, .proc_handler = &proc_dointvec},
-+ {0}
-+};
-+
-+static ctl_table ipsec_net_table[] = {
-+ { NET_IPSEC, "ipsec", NULL, 0, 0555, ipsec_table },
-+ { 0 }
-+};
-+
-+static ctl_table ipsec_root_table[] = {
-+ { CTL_NET, "net", NULL, 0, 0555, ipsec_net_table },
-+ { 0 }
-+};
-+
-+static struct ctl_table_header *ipsec_table_header;
-+
-+int ipsec_sysctl_register(void)
-+{
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,21)
-+ ipsec_table_header = register_sysctl_table(ipsec_root_table);
-+#else
-+ ipsec_table_header = register_sysctl_table(ipsec_root_table, 0);
-+#endif
-+ if (!ipsec_table_header) {
-+ return -ENOMEM;
-+ }
-+ return 0;
-+}
-+
-+void ipsec_sysctl_unregister(void)
-+{
-+ unregister_sysctl_table(ipsec_table_header);
-+}
-+
-+#endif /* CONFIG_SYSCTL */
-+
-+/*
-+ * $Log: sysctl_net_ipsec.c,v $
-+ * Revision 1.17.10.2 2007-10-30 21:42:25 paul
-+ * The kernel has changed the layout of ctl_table (defined in
-+ * linux/sysctl.h). Unfortunately, a new field has been inserted before
-+ * the last one we wish to initialize in ipsec_table.
-+ *
-+ * The easiest fix that works with old and new kernels is to use an
-+ * initializer that explicitly says which field is being initialized.
-+ *
-+ * Patch by dhr
-+ *
-+ * Revision 1.17.10.1 2007/09/05 02:54:13 paul
-+ * register_sysctl_table() takes one argument for 2.6.21+ [david]
-+ *
-+ * Revision 1.17 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.16 2004/04/06 02:49:26 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.15 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.14 2002/04/24 07:36:35 mcr
-+ * Moved from ./klips/net/ipsec/sysctl_net_ipsec.c,v
-+ *
-+ * Revision 1.13 2002/01/12 02:58:32 mcr
-+ * first regression test causes acquire messages to be lost
-+ * 100% of the time. This is to help testing of pluto.
-+ *
-+ * Revision 1.12 2001/06/14 19:35:13 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.11 2001/02/26 19:58:13 rgb
-+ * Drop sysctl_ipsec_{no_eroute_pass,opportunistic}, replaced by magic SAs.
-+ *
-+ * Revision 1.10 2000/09/16 01:50:15 rgb
-+ * Protect sysctl_ipsec_debug_ipcomp with compiler defines too so that the
-+ * linker won't blame rj_delete() for missing symbols. ;-> Damn statics...
-+ *
-+ * Revision 1.9 2000/09/15 23:17:51 rgb
-+ * Moved stuff around to compile with debug off.
-+ *
-+ * Revision 1.8 2000/09/15 11:37:02 rgb
-+ * Merge in heavily modified Svenning Soerensen's <svenning@post5.tele.dk>
-+ * IPCOMP zlib deflate code.
-+ *
-+ * Revision 1.7 2000/09/15 07:37:15 rgb
-+ * Munged silly log comment that was causing a warning.
-+ *
-+ * Revision 1.6 2000/09/15 04:58:23 rgb
-+ * Added tos runtime switch.
-+ * Removed 'sysctl_ipsec_' prefix from /proc/sys/net/ipsec/ filenames.
-+ *
-+ * Revision 1.5 2000/09/12 03:25:28 rgb
-+ * Filled in and implemented sysctl.
-+ *
-+ * Revision 1.4 1999/04/11 00:29:03 henry
-+ * GPL boilerplate
-+ *
-+ * Revision 1.3 1999/04/06 04:54:29 rgb
-+ * Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+ * patch shell fixes.
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/trees.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,1214 @@
-+/* trees.c -- output deflated data using Huffman coding
-+ * Copyright (C) 1995-2002 Jean-loup Gailly
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+/*
-+ * ALGORITHM
-+ *
-+ * The "deflation" process uses several Huffman trees. The more
-+ * common source values are represented by shorter bit sequences.
-+ *
-+ * Each code tree is stored in a compressed form which is itself
-+ * a Huffman encoding of the lengths of all the code strings (in
-+ * ascending order by source values). The actual code strings are
-+ * reconstructed from the lengths in the inflate process, as described
-+ * in the deflate specification.
-+ *
-+ * REFERENCES
-+ *
-+ * Deutsch, L.P.,"'Deflate' Compressed Data Format Specification".
-+ * Available in ftp.uu.net:/pub/archiving/zip/doc/deflate-1.1.doc
-+ *
-+ * Storer, James A.
-+ * Data Compression: Methods and Theory, pp. 49-50.
-+ * Computer Science Press, 1988. ISBN 0-7167-8156-5.
-+ *
-+ * Sedgewick, R.
-+ * Algorithms, p290.
-+ * Addison-Wesley, 1983. ISBN 0-201-06672-6.
-+ */
-+
-+/* @(#) $Id: trees.c,v 1.4 2004-07-10 07:48:39 mcr Exp $ */
-+
-+/* #define GEN_TREES_H */
-+
-+#include "deflate.h"
-+
-+#ifdef DEBUG
-+# include <ctype.h>
-+#endif
-+
-+/* ===========================================================================
-+ * Constants
-+ */
-+
-+#define MAX_BL_BITS 7
-+/* Bit length codes must not exceed MAX_BL_BITS bits */
-+
-+#define END_BLOCK 256
-+/* end of block literal code */
-+
-+#define REP_3_6 16
-+/* repeat previous bit length 3-6 times (2 bits of repeat count) */
-+
-+#define REPZ_3_10 17
-+/* repeat a zero length 3-10 times (3 bits of repeat count) */
-+
-+#define REPZ_11_138 18
-+/* repeat a zero length 11-138 times (7 bits of repeat count) */
-+
-+local const int extra_lbits[LENGTH_CODES] /* extra bits for each length code */
-+ = {0,0,0,0,0,0,0,0,1,1,1,1,2,2,2,2,3,3,3,3,4,4,4,4,5,5,5,5,0};
-+
-+local const int extra_dbits[D_CODES] /* extra bits for each distance code */
-+ = {0,0,0,0,1,1,2,2,3,3,4,4,5,5,6,6,7,7,8,8,9,9,10,10,11,11,12,12,13,13};
-+
-+local const int extra_blbits[BL_CODES]/* extra bits for each bit length code */
-+ = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,3,7};
-+
-+local const uch bl_order[BL_CODES]
-+ = {16,17,18,0,8,7,9,6,10,5,11,4,12,3,13,2,14,1,15};
-+/* The lengths of the bit length codes are sent in order of decreasing
-+ * probability, to avoid transmitting the lengths for unused bit length codes.
-+ */
-+
-+#define Buf_size (8 * 2*sizeof(char))
-+/* Number of bits used within bi_buf. (bi_buf might be implemented on
-+ * more than 16 bits on some systems.)
-+ */
-+
-+/* ===========================================================================
-+ * Local data. These are initialized only once.
-+ */
-+
-+#define DIST_CODE_LEN 512 /* see definition of array dist_code below */
-+
-+#if defined(GEN_TREES_H) || !defined(STDC)
-+/* non ANSI compilers may not accept trees.h */
-+
-+local ct_data static_ltree[L_CODES+2];
-+/* The static literal tree. Since the bit lengths are imposed, there is no
-+ * need for the L_CODES extra codes used during heap construction. However
-+ * The codes 286 and 287 are needed to build a canonical tree (see _tr_init
-+ * below).
-+ */
-+
-+local ct_data static_dtree[D_CODES];
-+/* The static distance tree. (Actually a trivial tree since all codes use
-+ * 5 bits.)
-+ */
-+
-+uch _dist_code[DIST_CODE_LEN];
-+/* Distance codes. The first 256 values correspond to the distances
-+ * 3 .. 258, the last 256 values correspond to the top 8 bits of
-+ * the 15 bit distances.
-+ */
-+
-+uch _length_code[MAX_MATCH-MIN_MATCH+1];
-+/* length code for each normalized match length (0 == MIN_MATCH) */
-+
-+local int base_length[LENGTH_CODES];
-+/* First normalized length for each code (0 = MIN_MATCH) */
-+
-+local int base_dist[D_CODES];
-+/* First normalized distance for each code (0 = distance of 1) */
-+
-+#else
-+# include "trees.h"
-+#endif /* GEN_TREES_H */
-+
-+struct static_tree_desc_s {
-+ const ct_data *static_tree; /* static tree or NULL */
-+ const intf *extra_bits; /* extra bits for each code or NULL */
-+ int extra_base; /* base index for extra_bits */
-+ int elems; /* max number of elements in the tree */
-+ int max_length; /* max bit length for the codes */
-+};
-+
-+local static_tree_desc static_l_desc =
-+{static_ltree, extra_lbits, LITERALS+1, L_CODES, MAX_BITS};
-+
-+local static_tree_desc static_d_desc =
-+{static_dtree, extra_dbits, 0, D_CODES, MAX_BITS};
-+
-+local static_tree_desc static_bl_desc =
-+{(const ct_data *)0, extra_blbits, 0, BL_CODES, MAX_BL_BITS};
-+
-+/* ===========================================================================
-+ * Local (static) routines in this file.
-+ */
-+
-+local void tr_static_init OF((void));
-+local void init_block OF((deflate_state *s));
-+local void pqdownheap OF((deflate_state *s, ct_data *tree, int k));
-+local void gen_bitlen OF((deflate_state *s, tree_desc *desc));
-+local void gen_codes OF((ct_data *tree, int max_code, ushf *bl_count));
-+local void build_tree OF((deflate_state *s, tree_desc *desc));
-+local void scan_tree OF((deflate_state *s, ct_data *tree, int max_code));
-+local void send_tree OF((deflate_state *s, ct_data *tree, int max_code));
-+local int build_bl_tree OF((deflate_state *s));
-+local void send_all_trees OF((deflate_state *s, int lcodes, int dcodes,
-+ int blcodes));
-+local void compress_block OF((deflate_state *s, const ct_data *ltree,
-+ const ct_data *dtree));
-+local void set_data_type OF((deflate_state *s));
-+local unsigned bi_reverse OF((unsigned value, int length));
-+local void bi_windup OF((deflate_state *s));
-+local void bi_flush OF((deflate_state *s));
-+local void copy_block OF((deflate_state *s, charf *buf, unsigned len,
-+ int header));
-+
-+#ifdef GEN_TREES_H
-+local void gen_trees_header OF((void));
-+#endif
-+
-+#ifndef DEBUG
-+# define send_code(s, c, tree) send_bits(s, tree[c].Code, tree[c].Len)
-+ /* Send a code of the given tree. c and tree must not have side effects */
-+
-+#else /* DEBUG */
-+# define send_code(s, c, tree) \
-+ { if (z_verbose>2) fprintf(stderr,"\ncd %3d ",(c)); \
-+ send_bits(s, tree[c].Code, tree[c].Len); }
-+#endif
-+
-+/* ===========================================================================
-+ * Output a short LSB first on the stream.
-+ * IN assertion: there is enough room in pendingBuf.
-+ */
-+#define put_short(s, w) { \
-+ put_byte(s, (uch)((w) & 0xff)); \
-+ put_byte(s, (uch)((ush)(w) >> 8)); \
-+}
-+
-+/* ===========================================================================
-+ * Send a value on a given number of bits.
-+ * IN assertion: length <= 16 and value fits in length bits.
-+ */
-+#ifdef DEBUG
-+local void send_bits OF((deflate_state *s, int value, int length));
-+
-+local void send_bits(s, value, length)
-+ deflate_state *s;
-+ int value; /* value to send */
-+ int length; /* number of bits */
-+{
-+ Tracevv((stderr," l %2d v %4x ", length, value));
-+ Assert(length > 0 && length <= 15, "invalid length");
-+ s->bits_sent += (ulg)length;
-+
-+ /* If not enough room in bi_buf, use (valid) bits from bi_buf and
-+ * (16 - bi_valid) bits from value, leaving (width - (16-bi_valid))
-+ * unused bits in value.
-+ */
-+ if (s->bi_valid > (int)Buf_size - length) {
-+ s->bi_buf |= (value << s->bi_valid);
-+ put_short(s, s->bi_buf);
-+ s->bi_buf = (ush)value >> (Buf_size - s->bi_valid);
-+ s->bi_valid += length - Buf_size;
-+ } else {
-+ s->bi_buf |= value << s->bi_valid;
-+ s->bi_valid += length;
-+ }
-+}
-+#else /* !DEBUG */
-+
-+#define send_bits(s, value, length) \
-+{ int len = length;\
-+ if (s->bi_valid > (int)Buf_size - len) {\
-+ int val = value;\
-+ s->bi_buf |= (val << s->bi_valid);\
-+ put_short(s, s->bi_buf);\
-+ s->bi_buf = (ush)val >> (Buf_size - s->bi_valid);\
-+ s->bi_valid += len - Buf_size;\
-+ } else {\
-+ s->bi_buf |= (value) << s->bi_valid;\
-+ s->bi_valid += len;\
-+ }\
-+}
-+#endif /* DEBUG */
-+
-+
-+#define MAX(a,b) (a >= b ? a : b)
-+/* the arguments must not have side effects */
-+
-+/* ===========================================================================
-+ * Initialize the various 'constant' tables.
-+ */
-+local void tr_static_init()
-+{
-+#if defined(GEN_TREES_H) || !defined(STDC)
-+ static int static_init_done = 0;
-+ int n; /* iterates over tree elements */
-+ int bits; /* bit counter */
-+ int length; /* length value */
-+ int code; /* code value */
-+ int dist; /* distance index */
-+ ush bl_count[MAX_BITS+1];
-+ /* number of codes at each bit length for an optimal tree */
-+
-+ if (static_init_done) return;
-+
-+ /* For some embedded targets, global variables are not initialized: */
-+ static_l_desc.static_tree = static_ltree;
-+ static_l_desc.extra_bits = extra_lbits;
-+ static_d_desc.static_tree = static_dtree;
-+ static_d_desc.extra_bits = extra_dbits;
-+ static_bl_desc.extra_bits = extra_blbits;
-+
-+ /* Initialize the mapping length (0..255) -> length code (0..28) */
-+ length = 0;
-+ for (code = 0; code < LENGTH_CODES-1; code++) {
-+ base_length[code] = length;
-+ for (n = 0; n < (1<<extra_lbits[code]); n++) {
-+ _length_code[length++] = (uch)code;
-+ }
-+ }
-+ Assert (length == 256, "tr_static_init: length != 256");
-+ /* Note that the length 255 (match length 258) can be represented
-+ * in two different ways: code 284 + 5 bits or code 285, so we
-+ * overwrite length_code[255] to use the best encoding:
-+ */
-+ _length_code[length-1] = (uch)code;
-+
-+ /* Initialize the mapping dist (0..32K) -> dist code (0..29) */
-+ dist = 0;
-+ for (code = 0 ; code < 16; code++) {
-+ base_dist[code] = dist;
-+ for (n = 0; n < (1<<extra_dbits[code]); n++) {
-+ _dist_code[dist++] = (uch)code;
-+ }
-+ }
-+ Assert (dist == 256, "tr_static_init: dist != 256");
-+ dist >>= 7; /* from now on, all distances are divided by 128 */
-+ for ( ; code < D_CODES; code++) {
-+ base_dist[code] = dist << 7;
-+ for (n = 0; n < (1<<(extra_dbits[code]-7)); n++) {
-+ _dist_code[256 + dist++] = (uch)code;
-+ }
-+ }
-+ Assert (dist == 256, "tr_static_init: 256+dist != 512");
-+
-+ /* Construct the codes of the static literal tree */
-+ for (bits = 0; bits <= MAX_BITS; bits++) bl_count[bits] = 0;
-+ n = 0;
-+ while (n <= 143) static_ltree[n++].Len = 8, bl_count[8]++;
-+ while (n <= 255) static_ltree[n++].Len = 9, bl_count[9]++;
-+ while (n <= 279) static_ltree[n++].Len = 7, bl_count[7]++;
-+ while (n <= 287) static_ltree[n++].Len = 8, bl_count[8]++;
-+ /* Codes 286 and 287 do not exist, but we must include them in the
-+ * tree construction to get a canonical Huffman tree (longest code
-+ * all ones)
-+ */
-+ gen_codes((ct_data *)static_ltree, L_CODES+1, bl_count);
-+
-+ /* The static distance tree is trivial: */
-+ for (n = 0; n < D_CODES; n++) {
-+ static_dtree[n].Len = 5;
-+ static_dtree[n].Code = bi_reverse((unsigned)n, 5);
-+ }
-+ static_init_done = 1;
-+
-+# ifdef GEN_TREES_H
-+ gen_trees_header();
-+# endif
-+#endif /* defined(GEN_TREES_H) || !defined(STDC) */
-+}
-+
-+/* ===========================================================================
-+ * Genererate the file trees.h describing the static trees.
-+ */
-+#ifdef GEN_TREES_H
-+# ifndef DEBUG
-+# include <stdio.h>
-+# endif
-+
-+# define SEPARATOR(i, last, width) \
-+ ((i) == (last)? "\n};\n\n" : \
-+ ((i) % (width) == (width)-1 ? ",\n" : ", "))
-+
-+void gen_trees_header()
-+{
-+ FILE *header = fopen("trees.h", "w");
-+ int i;
-+
-+ Assert (header != NULL, "Can't open trees.h");
-+ fprintf(header,
-+ "/* header created automatically with -DGEN_TREES_H */\n\n");
-+
-+ fprintf(header, "local const ct_data static_ltree[L_CODES+2] = {\n");
-+ for (i = 0; i < L_CODES+2; i++) {
-+ fprintf(header, "{{%3u},{%3u}}%s", static_ltree[i].Code,
-+ static_ltree[i].Len, SEPARATOR(i, L_CODES+1, 5));
-+ }
-+
-+ fprintf(header, "local const ct_data static_dtree[D_CODES] = {\n");
-+ for (i = 0; i < D_CODES; i++) {
-+ fprintf(header, "{{%2u},{%2u}}%s", static_dtree[i].Code,
-+ static_dtree[i].Len, SEPARATOR(i, D_CODES-1, 5));
-+ }
-+
-+ fprintf(header, "const uch _dist_code[DIST_CODE_LEN] = {\n");
-+ for (i = 0; i < DIST_CODE_LEN; i++) {
-+ fprintf(header, "%2u%s", _dist_code[i],
-+ SEPARATOR(i, DIST_CODE_LEN-1, 20));
-+ }
-+
-+ fprintf(header, "const uch _length_code[MAX_MATCH-MIN_MATCH+1]= {\n");
-+ for (i = 0; i < MAX_MATCH-MIN_MATCH+1; i++) {
-+ fprintf(header, "%2u%s", _length_code[i],
-+ SEPARATOR(i, MAX_MATCH-MIN_MATCH, 20));
-+ }
-+
-+ fprintf(header, "local const int base_length[LENGTH_CODES] = {\n");
-+ for (i = 0; i < LENGTH_CODES; i++) {
-+ fprintf(header, "%1u%s", base_length[i],
-+ SEPARATOR(i, LENGTH_CODES-1, 20));
-+ }
-+
-+ fprintf(header, "local const int base_dist[D_CODES] = {\n");
-+ for (i = 0; i < D_CODES; i++) {
-+ fprintf(header, "%5u%s", base_dist[i],
-+ SEPARATOR(i, D_CODES-1, 10));
-+ }
-+
-+ fclose(header);
-+}
-+#endif /* GEN_TREES_H */
-+
-+/* ===========================================================================
-+ * Initialize the tree data structures for a new zlib stream.
-+ */
-+void _tr_init(s)
-+ deflate_state *s;
-+{
-+ tr_static_init();
-+
-+ s->l_desc.dyn_tree = s->dyn_ltree;
-+ s->l_desc.stat_desc = &static_l_desc;
-+
-+ s->d_desc.dyn_tree = s->dyn_dtree;
-+ s->d_desc.stat_desc = &static_d_desc;
-+
-+ s->bl_desc.dyn_tree = s->bl_tree;
-+ s->bl_desc.stat_desc = &static_bl_desc;
-+
-+ s->bi_buf = 0;
-+ s->bi_valid = 0;
-+ s->last_eob_len = 8; /* enough lookahead for inflate */
-+#ifdef DEBUG
-+ s->compressed_len = 0L;
-+ s->bits_sent = 0L;
-+#endif
-+
-+ /* Initialize the first block of the first file: */
-+ init_block(s);
-+}
-+
-+/* ===========================================================================
-+ * Initialize a new block.
-+ */
-+local void init_block(s)
-+ deflate_state *s;
-+{
-+ int n; /* iterates over tree elements */
-+
-+ /* Initialize the trees. */
-+ for (n = 0; n < L_CODES; n++) s->dyn_ltree[n].Freq = 0;
-+ for (n = 0; n < D_CODES; n++) s->dyn_dtree[n].Freq = 0;
-+ for (n = 0; n < BL_CODES; n++) s->bl_tree[n].Freq = 0;
-+
-+ s->dyn_ltree[END_BLOCK].Freq = 1;
-+ s->opt_len = s->static_len = 0L;
-+ s->last_lit = s->matches = 0;
-+}
-+
-+#define SMALLEST 1
-+/* Index within the heap array of least frequent node in the Huffman tree */
-+
-+
-+/* ===========================================================================
-+ * Remove the smallest element from the heap and recreate the heap with
-+ * one less element. Updates heap and heap_len.
-+ */
-+#define pqremove(s, tree, top) \
-+{\
-+ top = s->heap[SMALLEST]; \
-+ s->heap[SMALLEST] = s->heap[s->heap_len--]; \
-+ pqdownheap(s, tree, SMALLEST); \
-+}
-+
-+/* ===========================================================================
-+ * Compares to subtrees, using the tree depth as tie breaker when
-+ * the subtrees have equal frequency. This minimizes the worst case length.
-+ */
-+#define smaller(tree, n, m, depth) \
-+ (tree[n].Freq < tree[m].Freq || \
-+ (tree[n].Freq == tree[m].Freq && depth[n] <= depth[m]))
-+
-+/* ===========================================================================
-+ * Restore the heap property by moving down the tree starting at node k,
-+ * exchanging a node with the smallest of its two sons if necessary, stopping
-+ * when the heap property is re-established (each father smaller than its
-+ * two sons).
-+ */
-+local void pqdownheap(s, tree, k)
-+ deflate_state *s;
-+ ct_data *tree; /* the tree to restore */
-+ int k; /* node to move down */
-+{
-+ int v = s->heap[k];
-+ int j = k << 1; /* left son of k */
-+ while (j <= s->heap_len) {
-+ /* Set j to the smallest of the two sons: */
-+ if (j < s->heap_len &&
-+ smaller(tree, s->heap[j+1], s->heap[j], s->depth)) {
-+ j++;
-+ }
-+ /* Exit if v is smaller than both sons */
-+ if (smaller(tree, v, s->heap[j], s->depth)) break;
-+
-+ /* Exchange v with the smallest son */
-+ s->heap[k] = s->heap[j]; k = j;
-+
-+ /* And continue down the tree, setting j to the left son of k */
-+ j <<= 1;
-+ }
-+ s->heap[k] = v;
-+}
-+
-+/* ===========================================================================
-+ * Compute the optimal bit lengths for a tree and update the total bit length
-+ * for the current block.
-+ * IN assertion: the fields freq and dad are set, heap[heap_max] and
-+ * above are the tree nodes sorted by increasing frequency.
-+ * OUT assertions: the field len is set to the optimal bit length, the
-+ * array bl_count contains the frequencies for each bit length.
-+ * The length opt_len is updated; static_len is also updated if stree is
-+ * not null.
-+ */
-+local void gen_bitlen(s, desc)
-+ deflate_state *s;
-+ tree_desc *desc; /* the tree descriptor */
-+{
-+ ct_data *tree = desc->dyn_tree;
-+ int max_code = desc->max_code;
-+ const ct_data *stree = desc->stat_desc->static_tree;
-+ const intf *extra = desc->stat_desc->extra_bits;
-+ int base = desc->stat_desc->extra_base;
-+ int max_length = desc->stat_desc->max_length;
-+ int h; /* heap index */
-+ int n, m; /* iterate over the tree elements */
-+ int bits; /* bit length */
-+ int xbits; /* extra bits */
-+ ush f; /* frequency */
-+ int overflow = 0; /* number of elements with bit length too large */
-+
-+ for (bits = 0; bits <= MAX_BITS; bits++) s->bl_count[bits] = 0;
-+
-+ /* In a first pass, compute the optimal bit lengths (which may
-+ * overflow in the case of the bit length tree).
-+ */
-+ tree[s->heap[s->heap_max]].Len = 0; /* root of the heap */
-+
-+ for (h = s->heap_max+1; h < HEAP_SIZE; h++) {
-+ n = s->heap[h];
-+ bits = tree[tree[n].Dad].Len + 1;
-+ if (bits > max_length) bits = max_length, overflow++;
-+ tree[n].Len = (ush)bits;
-+ /* We overwrite tree[n].Dad which is no longer needed */
-+
-+ if (n > max_code) continue; /* not a leaf node */
-+
-+ s->bl_count[bits]++;
-+ xbits = 0;
-+ if (n >= base) xbits = extra[n-base];
-+ f = tree[n].Freq;
-+ s->opt_len += (ulg)f * (bits + xbits);
-+ if (stree) s->static_len += (ulg)f * (stree[n].Len + xbits);
-+ }
-+ if (overflow == 0) return;
-+
-+ Trace((stderr,"\nbit length overflow\n"));
-+ /* This happens for example on obj2 and pic of the Calgary corpus */
-+
-+ /* Find the first bit length which could increase: */
-+ do {
-+ bits = max_length-1;
-+ while (s->bl_count[bits] == 0) bits--;
-+ s->bl_count[bits]--; /* move one leaf down the tree */
-+ s->bl_count[bits+1] += 2; /* move one overflow item as its brother */
-+ s->bl_count[max_length]--;
-+ /* The brother of the overflow item also moves one step up,
-+ * but this does not affect bl_count[max_length]
-+ */
-+ overflow -= 2;
-+ } while (overflow > 0);
-+
-+ /* Now recompute all bit lengths, scanning in increasing frequency.
-+ * h is still equal to HEAP_SIZE. (It is simpler to reconstruct all
-+ * lengths instead of fixing only the wrong ones. This idea is taken
-+ * from 'ar' written by Haruhiko Okumura.)
-+ */
-+ for (bits = max_length; bits != 0; bits--) {
-+ n = s->bl_count[bits];
-+ while (n != 0) {
-+ m = s->heap[--h];
-+ if (m > max_code) continue;
-+ if (tree[m].Len != (unsigned) bits) {
-+ Trace((stderr,"code %d bits %d->%d\n", m, tree[m].Len, bits));
-+ s->opt_len += ((long)bits - (long)tree[m].Len)
-+ *(long)tree[m].Freq;
-+ tree[m].Len = (ush)bits;
-+ }
-+ n--;
-+ }
-+ }
-+}
-+
-+/* ===========================================================================
-+ * Generate the codes for a given tree and bit counts (which need not be
-+ * optimal).
-+ * IN assertion: the array bl_count contains the bit length statistics for
-+ * the given tree and the field len is set for all tree elements.
-+ * OUT assertion: the field code is set for all tree elements of non
-+ * zero code length.
-+ */
-+local void gen_codes (tree, max_code, bl_count)
-+ ct_data *tree; /* the tree to decorate */
-+ int max_code; /* largest code with non zero frequency */
-+ ushf *bl_count; /* number of codes at each bit length */
-+{
-+ ush next_code[MAX_BITS+1]; /* next code value for each bit length */
-+ ush code = 0; /* running code value */
-+ int bits; /* bit index */
-+ int n; /* code index */
-+
-+ /* The distribution counts are first used to generate the code values
-+ * without bit reversal.
-+ */
-+ for (bits = 1; bits <= MAX_BITS; bits++) {
-+ next_code[bits] = code = (code + bl_count[bits-1]) << 1;
-+ }
-+ /* Check that the bit counts in bl_count are consistent. The last code
-+ * must be all ones.
-+ */
-+ Assert (code + bl_count[MAX_BITS]-1 == (1<<MAX_BITS)-1,
-+ "inconsistent bit counts");
-+ Tracev((stderr,"\ngen_codes: max_code %d ", max_code));
-+
-+ for (n = 0; n <= max_code; n++) {
-+ int len = tree[n].Len;
-+ if (len == 0) continue;
-+ /* Now reverse the bits */
-+ tree[n].Code = bi_reverse(next_code[len]++, len);
-+
-+ Tracecv(tree != static_ltree, (stderr,"\nn %3d %c l %2d c %4x (%x) ",
-+ n, (isgraph(n) ? n : ' '), len, tree[n].Code, next_code[len]-1));
-+ }
-+}
-+
-+/* ===========================================================================
-+ * Construct one Huffman tree and assigns the code bit strings and lengths.
-+ * Update the total bit length for the current block.
-+ * IN assertion: the field freq is set for all tree elements.
-+ * OUT assertions: the fields len and code are set to the optimal bit length
-+ * and corresponding code. The length opt_len is updated; static_len is
-+ * also updated if stree is not null. The field max_code is set.
-+ */
-+local void build_tree(s, desc)
-+ deflate_state *s;
-+ tree_desc *desc; /* the tree descriptor */
-+{
-+ ct_data *tree = desc->dyn_tree;
-+ const ct_data *stree = desc->stat_desc->static_tree;
-+ int elems = desc->stat_desc->elems;
-+ int n, m; /* iterate over heap elements */
-+ int max_code = -1; /* largest code with non zero frequency */
-+ int node; /* new node being created */
-+
-+ /* Construct the initial heap, with least frequent element in
-+ * heap[SMALLEST]. The sons of heap[n] are heap[2*n] and heap[2*n+1].
-+ * heap[0] is not used.
-+ */
-+ s->heap_len = 0, s->heap_max = HEAP_SIZE;
-+
-+ for (n = 0; n < elems; n++) {
-+ if (tree[n].Freq != 0) {
-+ s->heap[++(s->heap_len)] = max_code = n;
-+ s->depth[n] = 0;
-+ } else {
-+ tree[n].Len = 0;
-+ }
-+ }
-+
-+ /* The pkzip format requires that at least one distance code exists,
-+ * and that at least one bit should be sent even if there is only one
-+ * possible code. So to avoid special checks later on we force at least
-+ * two codes of non zero frequency.
-+ */
-+ while (s->heap_len < 2) {
-+ node = s->heap[++(s->heap_len)] = (max_code < 2 ? ++max_code : 0);
-+ tree[node].Freq = 1;
-+ s->depth[node] = 0;
-+ s->opt_len--; if (stree) s->static_len -= stree[node].Len;
-+ /* node is 0 or 1 so it does not have extra bits */
-+ }
-+ desc->max_code = max_code;
-+
-+ /* The elements heap[heap_len/2+1 .. heap_len] are leaves of the tree,
-+ * establish sub-heaps of increasing lengths:
-+ */
-+ for (n = s->heap_len/2; n >= 1; n--) pqdownheap(s, tree, n);
-+
-+ /* Construct the Huffman tree by repeatedly combining the least two
-+ * frequent nodes.
-+ */
-+ node = elems; /* next internal node of the tree */
-+ do {
-+ pqremove(s, tree, n); /* n = node of least frequency */
-+ m = s->heap[SMALLEST]; /* m = node of next least frequency */
-+
-+ s->heap[--(s->heap_max)] = n; /* keep the nodes sorted by frequency */
-+ s->heap[--(s->heap_max)] = m;
-+
-+ /* Create a new node father of n and m */
-+ tree[node].Freq = tree[n].Freq + tree[m].Freq;
-+ s->depth[node] = (uch) (MAX(s->depth[n], s->depth[m]) + 1);
-+ tree[n].Dad = tree[m].Dad = (ush)node;
-+#ifdef DUMP_BL_TREE
-+ if (tree == s->bl_tree) {
-+ fprintf(stderr,"\nnode %d(%d), sons %d(%d) %d(%d)",
-+ node, tree[node].Freq, n, tree[n].Freq, m, tree[m].Freq);
-+ }
-+#endif
-+ /* and insert the new node in the heap */
-+ s->heap[SMALLEST] = node++;
-+ pqdownheap(s, tree, SMALLEST);
-+
-+ } while (s->heap_len >= 2);
-+
-+ s->heap[--(s->heap_max)] = s->heap[SMALLEST];
-+
-+ /* At this point, the fields freq and dad are set. We can now
-+ * generate the bit lengths.
-+ */
-+ gen_bitlen(s, (tree_desc *)desc);
-+
-+ /* The field len is now set, we can generate the bit codes */
-+ gen_codes ((ct_data *)tree, max_code, s->bl_count);
-+}
-+
-+/* ===========================================================================
-+ * Scan a literal or distance tree to determine the frequencies of the codes
-+ * in the bit length tree.
-+ */
-+local void scan_tree (s, tree, max_code)
-+ deflate_state *s;
-+ ct_data *tree; /* the tree to be scanned */
-+ int max_code; /* and its largest code of non zero frequency */
-+{
-+ int n; /* iterates over all tree elements */
-+ int prevlen = -1; /* last emitted length */
-+ int curlen; /* length of current code */
-+ int nextlen = tree[0].Len; /* length of next code */
-+ int count = 0; /* repeat count of the current code */
-+ int max_count = 7; /* max repeat count */
-+ int min_count = 4; /* min repeat count */
-+
-+ if (nextlen == 0) max_count = 138, min_count = 3;
-+ tree[max_code+1].Len = (ush)0xffff; /* guard */
-+
-+ for (n = 0; n <= max_code; n++) {
-+ curlen = nextlen; nextlen = tree[n+1].Len;
-+ if (++count < max_count && curlen == nextlen) {
-+ continue;
-+ } else if (count < min_count) {
-+ s->bl_tree[curlen].Freq += count;
-+ } else if (curlen != 0) {
-+ if (curlen != prevlen) s->bl_tree[curlen].Freq++;
-+ s->bl_tree[REP_3_6].Freq++;
-+ } else if (count <= 10) {
-+ s->bl_tree[REPZ_3_10].Freq++;
-+ } else {
-+ s->bl_tree[REPZ_11_138].Freq++;
-+ }
-+ count = 0; prevlen = curlen;
-+ if (nextlen == 0) {
-+ max_count = 138, min_count = 3;
-+ } else if (curlen == nextlen) {
-+ max_count = 6, min_count = 3;
-+ } else {
-+ max_count = 7, min_count = 4;
-+ }
-+ }
-+}
-+
-+/* ===========================================================================
-+ * Send a literal or distance tree in compressed form, using the codes in
-+ * bl_tree.
-+ */
-+local void send_tree (s, tree, max_code)
-+ deflate_state *s;
-+ ct_data *tree; /* the tree to be scanned */
-+ int max_code; /* and its largest code of non zero frequency */
-+{
-+ int n; /* iterates over all tree elements */
-+ int prevlen = -1; /* last emitted length */
-+ int curlen; /* length of current code */
-+ int nextlen = tree[0].Len; /* length of next code */
-+ int count = 0; /* repeat count of the current code */
-+ int max_count = 7; /* max repeat count */
-+ int min_count = 4; /* min repeat count */
-+
-+ /* tree[max_code+1].Len = -1; */ /* guard already set */
-+ if (nextlen == 0) max_count = 138, min_count = 3;
-+
-+ for (n = 0; n <= max_code; n++) {
-+ curlen = nextlen; nextlen = tree[n+1].Len;
-+ if (++count < max_count && curlen == nextlen) {
-+ continue;
-+ } else if (count < min_count) {
-+ do { send_code(s, curlen, s->bl_tree); } while (--count != 0);
-+
-+ } else if (curlen != 0) {
-+ if (curlen != prevlen) {
-+ send_code(s, curlen, s->bl_tree); count--;
-+ }
-+ Assert(count >= 3 && count <= 6, " 3_6?");
-+ send_code(s, REP_3_6, s->bl_tree); send_bits(s, count-3, 2);
-+
-+ } else if (count <= 10) {
-+ send_code(s, REPZ_3_10, s->bl_tree); send_bits(s, count-3, 3);
-+
-+ } else {
-+ send_code(s, REPZ_11_138, s->bl_tree); send_bits(s, count-11, 7);
-+ }
-+ count = 0; prevlen = curlen;
-+ if (nextlen == 0) {
-+ max_count = 138, min_count = 3;
-+ } else if (curlen == nextlen) {
-+ max_count = 6, min_count = 3;
-+ } else {
-+ max_count = 7, min_count = 4;
-+ }
-+ }
-+}
-+
-+/* ===========================================================================
-+ * Construct the Huffman tree for the bit lengths and return the index in
-+ * bl_order of the last bit length code to send.
-+ */
-+local int build_bl_tree(s)
-+ deflate_state *s;
-+{
-+ int max_blindex; /* index of last bit length code of non zero freq */
-+
-+ /* Determine the bit length frequencies for literal and distance trees */
-+ scan_tree(s, (ct_data *)s->dyn_ltree, s->l_desc.max_code);
-+ scan_tree(s, (ct_data *)s->dyn_dtree, s->d_desc.max_code);
-+
-+ /* Build the bit length tree: */
-+ build_tree(s, (tree_desc *)(&(s->bl_desc)));
-+ /* opt_len now includes the length of the tree representations, except
-+ * the lengths of the bit lengths codes and the 5+5+4 bits for the counts.
-+ */
-+
-+ /* Determine the number of bit length codes to send. The pkzip format
-+ * requires that at least 4 bit length codes be sent. (appnote.txt says
-+ * 3 but the actual value used is 4.)
-+ */
-+ for (max_blindex = BL_CODES-1; max_blindex >= 3; max_blindex--) {
-+ if (s->bl_tree[bl_order[max_blindex]].Len != 0) break;
-+ }
-+ /* Update opt_len to include the bit length tree and counts */
-+ s->opt_len += 3*(max_blindex+1) + 5+5+4;
-+ Tracev((stderr, "\ndyn trees: dyn %ld, stat %ld",
-+ s->opt_len, s->static_len));
-+
-+ return max_blindex;
-+}
-+
-+/* ===========================================================================
-+ * Send the header for a block using dynamic Huffman trees: the counts, the
-+ * lengths of the bit length codes, the literal tree and the distance tree.
-+ * IN assertion: lcodes >= 257, dcodes >= 1, blcodes >= 4.
-+ */
-+local void send_all_trees(s, lcodes, dcodes, blcodes)
-+ deflate_state *s;
-+ int lcodes, dcodes, blcodes; /* number of codes for each tree */
-+{
-+ int rank; /* index in bl_order */
-+
-+ Assert (lcodes >= 257 && dcodes >= 1 && blcodes >= 4, "not enough codes");
-+ Assert (lcodes <= L_CODES && dcodes <= D_CODES && blcodes <= BL_CODES,
-+ "too many codes");
-+ Tracev((stderr, "\nbl counts: "));
-+ send_bits(s, lcodes-257, 5); /* not +255 as stated in appnote.txt */
-+ send_bits(s, dcodes-1, 5);
-+ send_bits(s, blcodes-4, 4); /* not -3 as stated in appnote.txt */
-+ for (rank = 0; rank < blcodes; rank++) {
-+ Tracev((stderr, "\nbl code %2d ", bl_order[rank]));
-+ send_bits(s, s->bl_tree[bl_order[rank]].Len, 3);
-+ }
-+ Tracev((stderr, "\nbl tree: sent %ld", s->bits_sent));
-+
-+ send_tree(s, (ct_data *)s->dyn_ltree, lcodes-1); /* literal tree */
-+ Tracev((stderr, "\nlit tree: sent %ld", s->bits_sent));
-+
-+ send_tree(s, (ct_data *)s->dyn_dtree, dcodes-1); /* distance tree */
-+ Tracev((stderr, "\ndist tree: sent %ld", s->bits_sent));
-+}
-+
-+/* ===========================================================================
-+ * Send a stored block
-+ */
-+void _tr_stored_block(s, buf, stored_len, eof)
-+ deflate_state *s;
-+ charf *buf; /* input block */
-+ ulg stored_len; /* length of input block */
-+ int eof; /* true if this is the last block for a file */
-+{
-+ send_bits(s, (STORED_BLOCK<<1)+eof, 3); /* send block type */
-+#ifdef DEBUG
-+ s->compressed_len = (s->compressed_len + 3 + 7) & (ulg)~7L;
-+ s->compressed_len += (stored_len + 4) << 3;
-+#endif
-+ copy_block(s, buf, (unsigned)stored_len, 1); /* with header */
-+}
-+
-+/* ===========================================================================
-+ * Send one empty static block to give enough lookahead for inflate.
-+ * This takes 10 bits, of which 7 may remain in the bit buffer.
-+ * The current inflate code requires 9 bits of lookahead. If the
-+ * last two codes for the previous block (real code plus EOB) were coded
-+ * on 5 bits or less, inflate may have only 5+3 bits of lookahead to decode
-+ * the last real code. In this case we send two empty static blocks instead
-+ * of one. (There are no problems if the previous block is stored or fixed.)
-+ * To simplify the code, we assume the worst case of last real code encoded
-+ * on one bit only.
-+ */
-+void _tr_align(s)
-+ deflate_state *s;
-+{
-+ send_bits(s, STATIC_TREES<<1, 3);
-+ send_code(s, END_BLOCK, static_ltree);
-+#ifdef DEBUG
-+ s->compressed_len += 10L; /* 3 for block type, 7 for EOB */
-+#endif
-+ bi_flush(s);
-+ /* Of the 10 bits for the empty block, we have already sent
-+ * (10 - bi_valid) bits. The lookahead for the last real code (before
-+ * the EOB of the previous block) was thus at least one plus the length
-+ * of the EOB plus what we have just sent of the empty static block.
-+ */
-+ if (1 + s->last_eob_len + 10 - s->bi_valid < 9) {
-+ send_bits(s, STATIC_TREES<<1, 3);
-+ send_code(s, END_BLOCK, static_ltree);
-+#ifdef DEBUG
-+ s->compressed_len += 10L;
-+#endif
-+ bi_flush(s);
-+ }
-+ s->last_eob_len = 7;
-+}
-+
-+/* ===========================================================================
-+ * Determine the best encoding for the current block: dynamic trees, static
-+ * trees or store, and output the encoded block to the zip file.
-+ */
-+void _tr_flush_block(s, buf, stored_len, eof)
-+ deflate_state *s;
-+ charf *buf; /* input block, or NULL if too old */
-+ ulg stored_len; /* length of input block */
-+ int eof; /* true if this is the last block for a file */
-+{
-+ ulg opt_lenb, static_lenb; /* opt_len and static_len in bytes */
-+ int max_blindex = 0; /* index of last bit length code of non zero freq */
-+
-+ /* Build the Huffman trees unless a stored block is forced */
-+ if (s->level > 0) {
-+
-+ /* Check if the file is ascii or binary */
-+ if (s->data_type == Z_UNKNOWN) set_data_type(s);
-+
-+ /* Construct the literal and distance trees */
-+ build_tree(s, (tree_desc *)(&(s->l_desc)));
-+ Tracev((stderr, "\nlit data: dyn %ld, stat %ld", s->opt_len,
-+ s->static_len));
-+
-+ build_tree(s, (tree_desc *)(&(s->d_desc)));
-+ Tracev((stderr, "\ndist data: dyn %ld, stat %ld", s->opt_len,
-+ s->static_len));
-+ /* At this point, opt_len and static_len are the total bit lengths of
-+ * the compressed block data, excluding the tree representations.
-+ */
-+
-+ /* Build the bit length tree for the above two trees, and get the index
-+ * in bl_order of the last bit length code to send.
-+ */
-+ max_blindex = build_bl_tree(s);
-+
-+ /* Determine the best encoding. Compute first the block length in bytes*/
-+ opt_lenb = (s->opt_len+3+7)>>3;
-+ static_lenb = (s->static_len+3+7)>>3;
-+
-+ Tracev((stderr, "\nopt %lu(%lu) stat %lu(%lu) stored %lu lit %u ",
-+ opt_lenb, s->opt_len, static_lenb, s->static_len, stored_len,
-+ s->last_lit));
-+
-+ if (static_lenb <= opt_lenb) opt_lenb = static_lenb;
-+
-+ } else {
-+ Assert(buf != (char*)0, "lost buf");
-+ opt_lenb = static_lenb = stored_len + 5; /* force a stored block */
-+ }
-+
-+#ifdef FORCE_STORED
-+ if (buf != (char*)0) { /* force stored block */
-+#else
-+ if (stored_len+4 <= opt_lenb && buf != (char*)0) {
-+ /* 4: two words for the lengths */
-+#endif
-+ /* The test buf != NULL is only necessary if LIT_BUFSIZE > WSIZE.
-+ * Otherwise we can't have processed more than WSIZE input bytes since
-+ * the last block flush, because compression would have been
-+ * successful. If LIT_BUFSIZE <= WSIZE, it is never too late to
-+ * transform a block into a stored block.
-+ */
-+ _tr_stored_block(s, buf, stored_len, eof);
-+
-+#ifdef FORCE_STATIC
-+ } else if (static_lenb >= 0) { /* force static trees */
-+#else
-+ } else if (static_lenb == opt_lenb) {
-+#endif
-+ send_bits(s, (STATIC_TREES<<1)+eof, 3);
-+ compress_block(s, static_ltree, static_dtree);
-+#ifdef DEBUG
-+ s->compressed_len += 3 + s->static_len;
-+#endif
-+ } else {
-+ send_bits(s, (DYN_TREES<<1)+eof, 3);
-+ send_all_trees(s, s->l_desc.max_code+1, s->d_desc.max_code+1,
-+ max_blindex+1);
-+ compress_block(s, s->dyn_ltree, s->dyn_dtree);
-+#ifdef DEBUG
-+ s->compressed_len += 3 + s->opt_len;
-+#endif
-+ }
-+ Assert (s->compressed_len == s->bits_sent, "bad compressed size");
-+ /* The above check is made mod 2^32, for files larger than 512 MB
-+ * and uLong implemented on 32 bits.
-+ */
-+ init_block(s);
-+
-+ if (eof) {
-+ bi_windup(s);
-+#ifdef DEBUG
-+ s->compressed_len += 7; /* align on byte boundary */
-+#endif
-+ }
-+ Tracev((stderr,"\ncomprlen %lu(%lu) ", s->compressed_len>>3,
-+ s->compressed_len-7*eof));
-+}
-+
-+/* ===========================================================================
-+ * Save the match info and tally the frequency counts. Return true if
-+ * the current block must be flushed.
-+ */
-+int _tr_tally (s, dist, lc)
-+ deflate_state *s;
-+ unsigned dist; /* distance of matched string */
-+ unsigned lc; /* match length-MIN_MATCH or unmatched char (if dist==0) */
-+{
-+ s->d_buf[s->last_lit] = (ush)dist;
-+ s->l_buf[s->last_lit++] = (uch)lc;
-+ if (dist == 0) {
-+ /* lc is the unmatched char */
-+ s->dyn_ltree[lc].Freq++;
-+ } else {
-+ s->matches++;
-+ /* Here, lc is the match length - MIN_MATCH */
-+ dist--; /* dist = match distance - 1 */
-+ Assert((ush)dist < (ush)MAX_DIST(s) &&
-+ (ush)lc <= (ush)(MAX_MATCH-MIN_MATCH) &&
-+ (ush)d_code(dist) < (ush)D_CODES, "_tr_tally: bad match");
-+
-+ s->dyn_ltree[_length_code[lc]+LITERALS+1].Freq++;
-+ s->dyn_dtree[d_code(dist)].Freq++;
-+ }
-+
-+#ifdef TRUNCATE_BLOCK
-+ /* Try to guess if it is profitable to stop the current block here */
-+ if ((s->last_lit & 0x1fff) == 0 && s->level > 2) {
-+ /* Compute an upper bound for the compressed length */
-+ ulg out_length = (ulg)s->last_lit*8L;
-+ ulg in_length = (ulg)((long)s->strstart - s->block_start);
-+ int dcode;
-+ for (dcode = 0; dcode < D_CODES; dcode++) {
-+ out_length += (ulg)s->dyn_dtree[dcode].Freq *
-+ (5L+extra_dbits[dcode]);
-+ }
-+ out_length >>= 3;
-+ Tracev((stderr,"\nlast_lit %u, in %ld, out ~%ld(%ld%%) ",
-+ s->last_lit, in_length, out_length,
-+ 100L - out_length*100L/in_length));
-+ if (s->matches < s->last_lit/2 && out_length < in_length/2) return 1;
-+ }
-+#endif
-+ return (s->last_lit == s->lit_bufsize-1);
-+ /* We avoid equality with lit_bufsize because of wraparound at 64K
-+ * on 16 bit machines and because stored blocks are restricted to
-+ * 64K-1 bytes.
-+ */
-+}
-+
-+/* ===========================================================================
-+ * Send the block data compressed using the given Huffman trees
-+ */
-+local void compress_block(s, ltree, dtree)
-+ deflate_state *s;
-+ const ct_data *ltree; /* literal tree */
-+ const ct_data *dtree; /* distance tree */
-+{
-+ unsigned dist; /* distance of matched string */
-+ int lc; /* match length or unmatched char (if dist == 0) */
-+ unsigned lx = 0; /* running index in l_buf */
-+ unsigned code; /* the code to send */
-+ int extra; /* number of extra bits to send */
-+
-+ if (s->last_lit != 0) do {
-+ dist = s->d_buf[lx];
-+ lc = s->l_buf[lx++];
-+ if (dist == 0) {
-+ send_code(s, lc, ltree); /* send a literal byte */
-+ Tracecv(isgraph(lc), (stderr," '%c' ", lc));
-+ } else {
-+ /* Here, lc is the match length - MIN_MATCH */
-+ code = _length_code[lc];
-+ send_code(s, code+LITERALS+1, ltree); /* send the length code */
-+ extra = extra_lbits[code];
-+ if (extra != 0) {
-+ lc -= base_length[code];
-+ send_bits(s, lc, extra); /* send the extra length bits */
-+ }
-+ dist--; /* dist is now the match distance - 1 */
-+ code = d_code(dist);
-+ Assert (code < D_CODES, "bad d_code");
-+
-+ send_code(s, code, dtree); /* send the distance code */
-+ extra = extra_dbits[code];
-+ if (extra != 0) {
-+ dist -= base_dist[code];
-+ send_bits(s, dist, extra); /* send the extra distance bits */
-+ }
-+ } /* literal or match pair ? */
-+
-+ /* Check that the overlay between pending_buf and d_buf+l_buf is ok: */
-+ Assert(s->pending < s->lit_bufsize + 2*lx, "pendingBuf overflow");
-+
-+ } while (lx < s->last_lit);
-+
-+ send_code(s, END_BLOCK, ltree);
-+ s->last_eob_len = ltree[END_BLOCK].Len;
-+}
-+
-+/* ===========================================================================
-+ * Set the data type to ASCII or BINARY, using a crude approximation:
-+ * binary if more than 20% of the bytes are <= 6 or >= 128, ascii otherwise.
-+ * IN assertion: the fields freq of dyn_ltree are set and the total of all
-+ * frequencies does not exceed 64K (to fit in an int on 16 bit machines).
-+ */
-+local void set_data_type(s)
-+ deflate_state *s;
-+{
-+ int n = 0;
-+ unsigned ascii_freq = 0;
-+ unsigned bin_freq = 0;
-+ while (n < 7) bin_freq += s->dyn_ltree[n++].Freq;
-+ while (n < 128) ascii_freq += s->dyn_ltree[n++].Freq;
-+ while (n < LITERALS) bin_freq += s->dyn_ltree[n++].Freq;
-+ s->data_type = (Byte)(bin_freq > (ascii_freq >> 2) ? Z_BINARY : Z_ASCII);
-+}
-+
-+/* ===========================================================================
-+ * Reverse the first len bits of a code, using straightforward code (a faster
-+ * method would use a table)
-+ * IN assertion: 1 <= len <= 15
-+ */
-+local unsigned bi_reverse(code, len)
-+ unsigned code; /* the value to invert */
-+ int len; /* its bit length */
-+{
-+ register unsigned res = 0;
-+ do {
-+ res |= code & 1;
-+ code >>= 1, res <<= 1;
-+ } while (--len > 0);
-+ return res >> 1;
-+}
-+
-+/* ===========================================================================
-+ * Flush the bit buffer, keeping at most 7 bits in it.
-+ */
-+local void bi_flush(s)
-+ deflate_state *s;
-+{
-+ if (s->bi_valid == 16) {
-+ put_short(s, s->bi_buf);
-+ s->bi_buf = 0;
-+ s->bi_valid = 0;
-+ } else if (s->bi_valid >= 8) {
-+ put_byte(s, (Byte)s->bi_buf);
-+ s->bi_buf >>= 8;
-+ s->bi_valid -= 8;
-+ }
-+}
-+
-+/* ===========================================================================
-+ * Flush the bit buffer and align the output on a byte boundary
-+ */
-+local void bi_windup(s)
-+ deflate_state *s;
-+{
-+ if (s->bi_valid > 8) {
-+ put_short(s, s->bi_buf);
-+ } else if (s->bi_valid > 0) {
-+ put_byte(s, (Byte)s->bi_buf);
-+ }
-+ s->bi_buf = 0;
-+ s->bi_valid = 0;
-+#ifdef DEBUG
-+ s->bits_sent = (s->bits_sent+7) & ~7;
-+#endif
-+}
-+
-+/* ===========================================================================
-+ * Copy a stored block, storing first the length and its
-+ * one's complement if requested.
-+ */
-+local void copy_block(s, buf, len, header)
-+ deflate_state *s;
-+ charf *buf; /* the input data */
-+ unsigned len; /* its length */
-+ int header; /* true if block header must be written */
-+{
-+ bi_windup(s); /* align on byte boundary */
-+ s->last_eob_len = 8; /* enough lookahead for inflate */
-+
-+ if (header) {
-+ put_short(s, (ush)len);
-+ put_short(s, (ush)~len);
-+#ifdef DEBUG
-+ s->bits_sent += 2*16;
-+#endif
-+ }
-+#ifdef DEBUG
-+ s->bits_sent += (ulg)len<<3;
-+#endif
-+ while (len--) {
-+ put_byte(s, *buf++);
-+ }
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/trees.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,128 @@
-+/* header created automatically with -DGEN_TREES_H */
-+
-+local const ct_data static_ltree[L_CODES+2] = {
-+{{ 12},{ 8}}, {{140},{ 8}}, {{ 76},{ 8}}, {{204},{ 8}}, {{ 44},{ 8}},
-+{{172},{ 8}}, {{108},{ 8}}, {{236},{ 8}}, {{ 28},{ 8}}, {{156},{ 8}},
-+{{ 92},{ 8}}, {{220},{ 8}}, {{ 60},{ 8}}, {{188},{ 8}}, {{124},{ 8}},
-+{{252},{ 8}}, {{ 2},{ 8}}, {{130},{ 8}}, {{ 66},{ 8}}, {{194},{ 8}},
-+{{ 34},{ 8}}, {{162},{ 8}}, {{ 98},{ 8}}, {{226},{ 8}}, {{ 18},{ 8}},
-+{{146},{ 8}}, {{ 82},{ 8}}, {{210},{ 8}}, {{ 50},{ 8}}, {{178},{ 8}},
-+{{114},{ 8}}, {{242},{ 8}}, {{ 10},{ 8}}, {{138},{ 8}}, {{ 74},{ 8}},
-+{{202},{ 8}}, {{ 42},{ 8}}, {{170},{ 8}}, {{106},{ 8}}, {{234},{ 8}},
-+{{ 26},{ 8}}, {{154},{ 8}}, {{ 90},{ 8}}, {{218},{ 8}}, {{ 58},{ 8}},
-+{{186},{ 8}}, {{122},{ 8}}, {{250},{ 8}}, {{ 6},{ 8}}, {{134},{ 8}},
-+{{ 70},{ 8}}, {{198},{ 8}}, {{ 38},{ 8}}, {{166},{ 8}}, {{102},{ 8}},
-+{{230},{ 8}}, {{ 22},{ 8}}, {{150},{ 8}}, {{ 86},{ 8}}, {{214},{ 8}},
-+{{ 54},{ 8}}, {{182},{ 8}}, {{118},{ 8}}, {{246},{ 8}}, {{ 14},{ 8}},
-+{{142},{ 8}}, {{ 78},{ 8}}, {{206},{ 8}}, {{ 46},{ 8}}, {{174},{ 8}},
-+{{110},{ 8}}, {{238},{ 8}}, {{ 30},{ 8}}, {{158},{ 8}}, {{ 94},{ 8}},
-+{{222},{ 8}}, {{ 62},{ 8}}, {{190},{ 8}}, {{126},{ 8}}, {{254},{ 8}},
-+{{ 1},{ 8}}, {{129},{ 8}}, {{ 65},{ 8}}, {{193},{ 8}}, {{ 33},{ 8}},
-+{{161},{ 8}}, {{ 97},{ 8}}, {{225},{ 8}}, {{ 17},{ 8}}, {{145},{ 8}},
-+{{ 81},{ 8}}, {{209},{ 8}}, {{ 49},{ 8}}, {{177},{ 8}}, {{113},{ 8}},
-+{{241},{ 8}}, {{ 9},{ 8}}, {{137},{ 8}}, {{ 73},{ 8}}, {{201},{ 8}},
-+{{ 41},{ 8}}, {{169},{ 8}}, {{105},{ 8}}, {{233},{ 8}}, {{ 25},{ 8}},
-+{{153},{ 8}}, {{ 89},{ 8}}, {{217},{ 8}}, {{ 57},{ 8}}, {{185},{ 8}},
-+{{121},{ 8}}, {{249},{ 8}}, {{ 5},{ 8}}, {{133},{ 8}}, {{ 69},{ 8}},
-+{{197},{ 8}}, {{ 37},{ 8}}, {{165},{ 8}}, {{101},{ 8}}, {{229},{ 8}},
-+{{ 21},{ 8}}, {{149},{ 8}}, {{ 85},{ 8}}, {{213},{ 8}}, {{ 53},{ 8}},
-+{{181},{ 8}}, {{117},{ 8}}, {{245},{ 8}}, {{ 13},{ 8}}, {{141},{ 8}},
-+{{ 77},{ 8}}, {{205},{ 8}}, {{ 45},{ 8}}, {{173},{ 8}}, {{109},{ 8}},
-+{{237},{ 8}}, {{ 29},{ 8}}, {{157},{ 8}}, {{ 93},{ 8}}, {{221},{ 8}},
-+{{ 61},{ 8}}, {{189},{ 8}}, {{125},{ 8}}, {{253},{ 8}}, {{ 19},{ 9}},
-+{{275},{ 9}}, {{147},{ 9}}, {{403},{ 9}}, {{ 83},{ 9}}, {{339},{ 9}},
-+{{211},{ 9}}, {{467},{ 9}}, {{ 51},{ 9}}, {{307},{ 9}}, {{179},{ 9}},
-+{{435},{ 9}}, {{115},{ 9}}, {{371},{ 9}}, {{243},{ 9}}, {{499},{ 9}},
-+{{ 11},{ 9}}, {{267},{ 9}}, {{139},{ 9}}, {{395},{ 9}}, {{ 75},{ 9}},
-+{{331},{ 9}}, {{203},{ 9}}, {{459},{ 9}}, {{ 43},{ 9}}, {{299},{ 9}},
-+{{171},{ 9}}, {{427},{ 9}}, {{107},{ 9}}, {{363},{ 9}}, {{235},{ 9}},
-+{{491},{ 9}}, {{ 27},{ 9}}, {{283},{ 9}}, {{155},{ 9}}, {{411},{ 9}},
-+{{ 91},{ 9}}, {{347},{ 9}}, {{219},{ 9}}, {{475},{ 9}}, {{ 59},{ 9}},
-+{{315},{ 9}}, {{187},{ 9}}, {{443},{ 9}}, {{123},{ 9}}, {{379},{ 9}},
-+{{251},{ 9}}, {{507},{ 9}}, {{ 7},{ 9}}, {{263},{ 9}}, {{135},{ 9}},
-+{{391},{ 9}}, {{ 71},{ 9}}, {{327},{ 9}}, {{199},{ 9}}, {{455},{ 9}},
-+{{ 39},{ 9}}, {{295},{ 9}}, {{167},{ 9}}, {{423},{ 9}}, {{103},{ 9}},
-+{{359},{ 9}}, {{231},{ 9}}, {{487},{ 9}}, {{ 23},{ 9}}, {{279},{ 9}},
-+{{151},{ 9}}, {{407},{ 9}}, {{ 87},{ 9}}, {{343},{ 9}}, {{215},{ 9}},
-+{{471},{ 9}}, {{ 55},{ 9}}, {{311},{ 9}}, {{183},{ 9}}, {{439},{ 9}},
-+{{119},{ 9}}, {{375},{ 9}}, {{247},{ 9}}, {{503},{ 9}}, {{ 15},{ 9}},
-+{{271},{ 9}}, {{143},{ 9}}, {{399},{ 9}}, {{ 79},{ 9}}, {{335},{ 9}},
-+{{207},{ 9}}, {{463},{ 9}}, {{ 47},{ 9}}, {{303},{ 9}}, {{175},{ 9}},
-+{{431},{ 9}}, {{111},{ 9}}, {{367},{ 9}}, {{239},{ 9}}, {{495},{ 9}},
-+{{ 31},{ 9}}, {{287},{ 9}}, {{159},{ 9}}, {{415},{ 9}}, {{ 95},{ 9}},
-+{{351},{ 9}}, {{223},{ 9}}, {{479},{ 9}}, {{ 63},{ 9}}, {{319},{ 9}},
-+{{191},{ 9}}, {{447},{ 9}}, {{127},{ 9}}, {{383},{ 9}}, {{255},{ 9}},
-+{{511},{ 9}}, {{ 0},{ 7}}, {{ 64},{ 7}}, {{ 32},{ 7}}, {{ 96},{ 7}},
-+{{ 16},{ 7}}, {{ 80},{ 7}}, {{ 48},{ 7}}, {{112},{ 7}}, {{ 8},{ 7}},
-+{{ 72},{ 7}}, {{ 40},{ 7}}, {{104},{ 7}}, {{ 24},{ 7}}, {{ 88},{ 7}},
-+{{ 56},{ 7}}, {{120},{ 7}}, {{ 4},{ 7}}, {{ 68},{ 7}}, {{ 36},{ 7}},
-+{{100},{ 7}}, {{ 20},{ 7}}, {{ 84},{ 7}}, {{ 52},{ 7}}, {{116},{ 7}},
-+{{ 3},{ 8}}, {{131},{ 8}}, {{ 67},{ 8}}, {{195},{ 8}}, {{ 35},{ 8}},
-+{{163},{ 8}}, {{ 99},{ 8}}, {{227},{ 8}}
-+};
-+
-+local const ct_data static_dtree[D_CODES] = {
-+{{ 0},{ 5}}, {{16},{ 5}}, {{ 8},{ 5}}, {{24},{ 5}}, {{ 4},{ 5}},
-+{{20},{ 5}}, {{12},{ 5}}, {{28},{ 5}}, {{ 2},{ 5}}, {{18},{ 5}},
-+{{10},{ 5}}, {{26},{ 5}}, {{ 6},{ 5}}, {{22},{ 5}}, {{14},{ 5}},
-+{{30},{ 5}}, {{ 1},{ 5}}, {{17},{ 5}}, {{ 9},{ 5}}, {{25},{ 5}},
-+{{ 5},{ 5}}, {{21},{ 5}}, {{13},{ 5}}, {{29},{ 5}}, {{ 3},{ 5}},
-+{{19},{ 5}}, {{11},{ 5}}, {{27},{ 5}}, {{ 7},{ 5}}, {{23},{ 5}}
-+};
-+
-+const uch _dist_code[DIST_CODE_LEN] = {
-+ 0, 1, 2, 3, 4, 4, 5, 5, 6, 6, 6, 6, 7, 7, 7, 7, 8, 8, 8, 8,
-+ 8, 8, 8, 8, 9, 9, 9, 9, 9, 9, 9, 9, 10, 10, 10, 10, 10, 10, 10, 10,
-+10, 10, 10, 10, 10, 10, 10, 10, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-+11, 11, 11, 11, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-+12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 13, 13, 13, 13,
-+13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-+13, 13, 13, 13, 13, 13, 13, 13, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-+14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-+14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-+14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 15, 15, 15, 15, 15, 15, 15, 15,
-+15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-+15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-+15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 0, 0, 16, 17,
-+18, 18, 19, 19, 20, 20, 20, 20, 21, 21, 21, 21, 22, 22, 22, 22, 22, 22, 22, 22,
-+23, 23, 23, 23, 23, 23, 23, 23, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
-+24, 24, 24, 24, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25,
-+26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26,
-+26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 27, 27, 27, 27, 27, 27, 27, 27,
-+27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27,
-+27, 27, 27, 27, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28,
-+28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28,
-+28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28,
-+28, 28, 28, 28, 28, 28, 28, 28, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29,
-+29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29,
-+29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29,
-+29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29
-+};
-+
-+const uch _length_code[MAX_MATCH-MIN_MATCH+1]= {
-+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 8, 9, 9, 10, 10, 11, 11, 12, 12, 12, 12,
-+13, 13, 13, 13, 14, 14, 14, 14, 15, 15, 15, 15, 16, 16, 16, 16, 16, 16, 16, 16,
-+17, 17, 17, 17, 17, 17, 17, 17, 18, 18, 18, 18, 18, 18, 18, 18, 19, 19, 19, 19,
-+19, 19, 19, 19, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20,
-+21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 22, 22, 22, 22,
-+22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 23, 23, 23, 23, 23, 23, 23, 23,
-+23, 23, 23, 23, 23, 23, 23, 23, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
-+24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
-+25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25,
-+25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 26, 26, 26, 26, 26, 26, 26, 26,
-+26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26,
-+26, 26, 26, 26, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27,
-+27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 28
-+};
-+
-+local const int base_length[LENGTH_CODES] = {
-+0, 1, 2, 3, 4, 5, 6, 7, 8, 10, 12, 14, 16, 20, 24, 28, 32, 40, 48, 56,
-+64, 80, 96, 112, 128, 160, 192, 224, 0
-+};
-+
-+local const int base_dist[D_CODES] = {
-+ 0, 1, 2, 3, 4, 6, 8, 12, 16, 24,
-+ 32, 48, 64, 96, 128, 192, 256, 384, 512, 768,
-+ 1024, 1536, 2048, 3072, 4096, 6144, 8192, 12288, 16384, 24576
-+};
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ultoa.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,66 @@
-+/*
-+ * convert unsigned long to ASCII
-+ * Copyright (C) 1998, 1999 Henry Spencer.
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: ultoa.c,v 1.10 2004-07-10 07:48:37 mcr Exp $
-+ */
-+#include "openswan.h"
-+
-+/*
-+ - ultoa - convert unsigned long to decimal ASCII
-+ */
-+size_t /* length required for full conversion */
-+ultoa(n, base, dst, dstlen)
-+unsigned long n;
-+int base;
-+char *dst; /* need not be valid if dstlen is 0 */
-+size_t dstlen;
-+{
-+ char buf[3*sizeof(unsigned long) + 1];
-+ char *bufend = buf + sizeof(buf);
-+ size_t len;
-+ char *p;
-+ static char hex[] = "0123456789abcdef";
-+
-+ p = bufend;
-+ *--p = '\0';
-+ if (base == 10) {
-+ do {
-+ *--p = n%10 + '0';
-+ n /= 10;
-+ } while (n != 0);
-+ } else if (base == 16) {
-+ do {
-+ *--p = hex[n&0xf];
-+ n >>= 4;
-+ } while (n != 0);
-+ *--p = 'x';
-+ *--p = '0';
-+ } else if (base == 8) {
-+ do {
-+ *--p = (n&07) + '0';
-+ n >>= 3;
-+ } while (n != 0);
-+ *--p = '0';
-+ } else
-+ *--p = '?';
-+
-+ len = bufend - p;
-+
-+ if (dstlen > 0) {
-+ if (len > dstlen)
-+ *(p + dstlen - 1) = '\0';
-+ strcpy(dst, p);
-+ }
-+ return len;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ultot.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,82 @@
-+/*
-+ * convert unsigned long to text
-+ * Copyright (C) 2000 Henry Spencer.
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: ultot.c,v 1.5 2004-07-10 07:48:37 mcr Exp $
-+ */
-+#include "openswan.h"
-+
-+/*
-+ - ultot - convert unsigned long to text
-+ */
-+size_t /* length required for full conversion */
-+ultot(n, base, dst, dstlen)
-+unsigned long n;
-+int base;
-+char *dst; /* need not be valid if dstlen is 0 */
-+size_t dstlen;
-+{
-+ char buf[3*sizeof(unsigned long) + 1];
-+ char *bufend = buf + sizeof(buf);
-+ size_t len;
-+ char *p;
-+ static char hex[] = "0123456789abcdef";
-+# define HEX32 (32/4)
-+
-+ p = bufend;
-+ *--p = '\0';
-+ switch (base) {
-+ case 10:
-+ case 'd':
-+ do {
-+ *--p = n%10 + '0';
-+ n /= 10;
-+ } while (n != 0);
-+ break;
-+ case 16:
-+ case 17:
-+ case 'x':
-+ do {
-+ *--p = hex[n&0xf];
-+ n >>= 4;
-+ } while (n != 0);
-+ if (base == 17)
-+ while (bufend - p < HEX32 + 1)
-+ *--p = '0';
-+ if (base == 'x') {
-+ *--p = 'x';
-+ *--p = '0';
-+ }
-+ break;
-+ case 8:
-+ case 'o':
-+ do {
-+ *--p = (n&07) + '0';
-+ n >>= 3;
-+ } while (n != 0);
-+ if (base == 'o')
-+ *--p = '0';
-+ break;
-+ default:
-+ return 0;
-+ break;
-+ }
-+
-+ len = bufend - p;
-+ if (dstlen > 0) {
-+ if (len > dstlen)
-+ *(p + dstlen - 1) = '\0';
-+ strcpy(dst, p);
-+ }
-+ return len;
-+}
---- /dev/null Fri May 10 13:59:54 2002
-+++ linux/net/ipsec/Makefile.ver Sun Jul 28 22:10:40 2002
-@@ -0,0 +1 @@
-+IPSECVERSION=2.4.12
+++ /dev/null
---- linux-2.6.20.oorig/net/ipsec/ipsec_alg_cryptoapi.c 2007-02-15 12:30:41.000000000 +0100
-+++ linux-2.6.20/net/ipsec/ipsec_alg_cryptoapi.c 2007-02-15 13:47:07.000000000 +0100
-@@ -197,7 +197,7 @@ static struct ipsec_alg_capi_cipher alg_
- */
- int setup_cipher(const char *ciphername)
- {
-- return crypto_alg_available(ciphername, 0);
-+ return crypto_has_alg(ciphername, 0, CRYPTO_ALG_ASYNC);
- }
-
- /*
+++ /dev/null
---- _realsetup
-+++ _realsetup
-@@ -193,8 +193,8 @@
-
- # preliminaries
- perform rm -f $lock
-- mkdir -p rundir > /dev/null 2>/dev/null
-- mkdir -p subsysdir > /dev/null 2>/dev/null
-+ mkdir -p $rundir > /dev/null 2>/dev/null
-+ mkdir -p $subsysdir > /dev/null 2>/dev/null
+++ /dev/null
---- _startklips_old 2007-08-13 22:45:45.000000000 +0200
-+++ _startklips 2007-08-13 21:27:00.000000000 +0200
-@@ -104,23 +104,35 @@
-
- # figure out ifconfig for interface
- addr=
-- eval `ifconfig $phys |
-- awk '$1 == "inet" && $2 ~ /^addr:/ && $NF ~ /^Mask:/ {
-- gsub(/:/, " ", $0)
-- print "addr=" $3
-- other = $5
-- if ($4 == "Bcast")
-- print "type=broadcast"
-- else if ($4 == "P-t-P")
-- print "type=pointopoint"
-- else if (NF == 5) {
-- print "type="
-- other = ""
-- } else
-- print "type=unknown"
-- print "otheraddr=" other
-- print "mask=" $NF
-- }'`
-+ eval `ip addr show $phys | awk '$3 ~ /BROADCAST|POINTOPOINT/ {
-+ if ($3 ~ /BROADCAST/)
-+ print "type=broadcast";
-+ else if ($3 ~ /POINTOPOINT/)
-+ print "type=pointopoint";
-+ else {
-+ print "type=";
-+ }
-+ }'`
-+
-+ if [ "$type" == "broadcast" ]; then
-+ eval `ip addr show $phys | awk '$1 == "inet" { gsub(/\//, " ");
-+ print "addr=" $2;
-+ print "mask=" $3;
-+ print "otheraddr=" $5;
-+ }'`
-+ elif [ "$type" == "pointopoint" ]; then
-+ eval `ip addr show $phys | awk '$1 == "inet" { gsub(/\//, " ");
-+ print "addr=" $2;
-+ print "mask=" $5;
-+ print "otheraddr=" $4;
-+ }'`
-+ else
-+ type="unknown"
-+ otheraddr=
-+ fi
-+
-+ eval `whatmask /$mask | awk -F': ' '$1 ~ /^Netmask =/ { print "mask=" $2 }'`
-+
- if test " $addr" = " "
- then
- echo "unable to determine address of \`$phys'"
-@@ -129,7 +141,7 @@
- if test " $type" = " unknown"
- then
- echo "\`$phys' is of an unknown type"
-- exit 1
-+ exit 1
- fi
- if test " $omtu" != " "
- then
-@@ -223,10 +235,10 @@
- fi
- next=`netstat -nr |
- awk '$1 == "0.0.0.0" && $3 == "0.0.0.0" { print $2 }'`
-- if [ "$next" = "0.0.0.0" ] ; then
-- next=`ip addr list $phys | grep -E '^ +inet6*.*scope global $phys' |
-- awk '{ print $2}' | awk -F / '{ print $1 }'`
-- fi
-+ #if [ "$next" = "0.0.0.0" ] ; then
-+ # next=`ip addr list $phys | grep -E '^ +inet6*.*scope global $phys' |
-+ # awk '{ print $4 }' | awk -F / '{ print $1 }'`
-+ #fi
- klipsinterface "ipsec0=$phys" $next
- }
-
+++ /dev/null
-packaging/utils/kernelpatch 2.6
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/README.openswan-2 Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,112 @@
-+*
-+* RCSID $Id: README.openswan-2,v 1.1 2003/12/10 01:07:49 mcr Exp $
-+*
-+
-+ ****************************************
-+ * IPSEC for Linux, Release 2.xx series *
-+ ****************************************
-+
-+
-+
-+1. Files
-+
-+The contents of linux/net/ipsec/ (see below) join the linux kernel source tree.
-+as provided for higher up.
-+
-+The programs/ directory contains the user-level utilities which you need
-+to run IPSEC. See the top-level top/INSTALL to compile and install them.
-+
-+The testing/ directory contains test scripts.
-+
-+The doc/ directory contains -- what else -- documentation.
-+
-+1.1. Kernel files
-+
-+The following are found in net/ipsec/:
-+
-+Makefile The Makefile
-+Config.in The configuration script for make menuconfig
-+defconfig Configuration defaults for first time.
-+
-+radij.c General-purpose radix-tree operations
-+
-+ipsec_ipcomp.c IPCOMP encapsulate/decapsulate code.
-+ipsec_ah.c Authentication Header (AH) encapsulate/decapsulate code.
-+ipsec_esp.c Encapsulated Security Payload (ESP) encap/decap code.
-+
-+pfkey_v2.c PF_KEYv2 socket interface code.
-+pfkey_v2_parser.c PF_KEYv2 message parsing and processing code.
-+
-+ipsec_init.c Initialization code, /proc interface.
-+ipsec_radij.c Interface with the radix tree code.
-+ipsec_netlink.c Interface with the netlink code.
-+ipsec_xform.c Routines and structures common to transforms.
-+ipsec_tunnel.c The outgoing packet processing code.
-+ipsec_rcv.c The incoming packet processing code.
-+ipsec_md5c.c Somewhat modified RSADSI MD5 C code.
-+ipsec_sha1.c Somewhat modified Steve Reid SHA-1 C code.
-+
-+sysctl_net_ipsec.c /proc/sys/net/ipsec/* variable definitions.
-+
-+version.c symbolic link to project version.
-+
-+radij.h Headers for radij.c
-+
-+ipcomp.h Headers used by IPCOMP code.
-+
-+ipsec_radij.h Interface with the radix tree code.
-+ipsec_netlink.h Headers used by the netlink interface.
-+ipsec_encap.h Headers defining encapsulation structures.
-+ipsec_xform.h Transform headers.
-+ipsec_tunnel.h Headers used by tunneling code.
-+ipsec_ipe4.h Headers for the IP-in-IP code.
-+ipsec_ah.h Headers common to AH transforms.
-+ipsec_md5h.h RSADSI MD5 headers.
-+ipsec_sha1.h SHA-1 headers.
-+ipsec_esp.h Headers common to ESP transfroms.
-+ipsec_rcv.h Headers for incoming packet processing code.
-+
-+1.2. User-level files.
-+
-+The following are found in utils/:
-+
-+eroute.c Create an "extended route" source code
-+spi.c Set up Security Associations source code
-+spigrp.c Link SPIs together source code.
-+tncfg.c Configure the tunneling features of the virtual interface
-+ source code
-+klipsdebug.c Set/reset klips debugging features source code.
-+version.c symbolic link to project version.
-+
-+eroute.8 Create an "extended route" manual page
-+spi.8 Set up Security Associations manual page
-+spigrp.8 Link SPIs together manual page
-+tncfg.8 Configure the tunneling features of the virtual interface
-+ manual page
-+klipsdebug.8 Set/reset klips debugging features manual page
-+
-+eroute.5 /proc/net/ipsec_eroute format manual page
-+spi.5 /proc/net/ipsec_spi format manual page
-+spigrp.5 /proc/net/ipsec_spigrp format manual page
-+tncfg.5 /proc/net/ipsec_tncfg format manual page
-+klipsdebug.5 /proc/net/ipsec_klipsdebug format manual page
-+version.5 /proc/net/ipsec_version format manual page
-+pf_key.5 /proc/net/pf_key format manual page
-+
-+Makefile Utilities makefile.
-+
-+*.8 Manpages for the respective utils.
-+
-+
-+1.3. Test files
-+
-+The test scripts are locate in testing/ and and documentation is found
-+at doc/src/umltesting.html. Automated testing via "make check" is available
-+provided that the User-Mode-Linux patches are available.
-+
-+*
-+* $Log: README.openswan-2,v $
-+* Revision 1.1 2003/12/10 01:07:49 mcr
-+* documentation for additions.
-+*
-+*
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/crypto/ciphers/aes/test_main.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,41 @@
-+#include <stdio.h>
-+#include <string.h>
-+#include <sys/types.h>
-+#include "aes_cbc.h"
-+#define AES_BLOCK_SIZE 16
-+#define KEY_SIZE 128 /* bits */
-+#define KEY "1234567890123456"
-+#define STR "hola guaso como estaisss ... 012"
-+#define STRSZ (sizeof(STR)-1)
-+
-+#define EMT_AESCBC_BLKLEN AES_BLOCK_SIZE
-+#define AES_CONTEXT_T aes_context
-+#define EMT_ESPAES_KEY_SZ 16
-+int pretty_print(const unsigned char *buf, int count) {
-+ int i=0;
-+ for (;i<count;i++) {
-+ if (i%8==0) putchar(' ');
-+ if (i%16==0) putchar('\n');
-+ printf ("%02hhx ", buf[i]);
-+ }
-+ putchar('\n');
-+ return i;
-+}
-+//#define SIZE STRSZ/2
-+#define SIZE STRSZ
-+int main() {
-+ int ret;
-+ char buf0[SIZE+1], buf1[SIZE+1];
-+ char IV[AES_BLOCK_SIZE]="\0\0\0\0\0\0\0\0" "\0\0\0\0\0\0\0\0";
-+ aes_context ac;
-+ AES_set_key(&ac, KEY, KEY_SIZE);
-+ //pretty_print((char *)&ac.aes_e_key, sizeof(ac.aes_e_key));
-+ memset(buf0, 0, sizeof (buf0));
-+ memset(buf1, 0, sizeof (buf1));
-+ ret=AES_cbc_encrypt(&ac, STR, buf0, SIZE, IV, 1);
-+ pretty_print(buf0, SIZE);
-+ printf("size=%d ret=%d\n%s\n", SIZE, ret, buf0);
-+ ret=AES_cbc_encrypt(&ac, buf0, buf1, SIZE, IV, 0);
-+ printf("size=%d ret=%d\n%s\n", SIZE, ret, buf1);
-+ return 0;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/crypto/ciphers/aes/test_main_mac.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,30 @@
-+#include <stdio.h>
-+#include <sys/types.h>
-+#include <string.h>
-+#include "aes.h"
-+#include "aes_xcbc_mac.h"
-+#define STR "Hola guasssso c|mo estais ...012"
-+void print_hash(const __u8 *hash) {
-+ printf("%08x %08x %08x %08x\n",
-+ *(__u32*)(&hash[0]),
-+ *(__u32*)(&hash[4]),
-+ *(__u32*)(&hash[8]),
-+ *(__u32*)(&hash[12]));
-+}
-+int main(int argc, char *argv[]) {
-+ aes_block key= { 0xdeadbeef, 0xceedcaca, 0xcafebabe, 0xff010204 };
-+ __u8 hash[16];
-+ char *str = argv[1];
-+ aes_context_mac ctx;
-+ if (str==NULL) {
-+ fprintf(stderr, "pasame el str\n");
-+ return 255;
-+ }
-+ AES_xcbc_mac_set_key(&ctx, (__u8 *)&key, sizeof(key));
-+ AES_xcbc_mac_hash(&ctx, str, strlen(str), hash);
-+ print_hash(hash);
-+ str[2]='x';
-+ AES_xcbc_mac_hash(&ctx, str, strlen(str), hash);
-+ print_hash(hash);
-+ return 0;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/crypto/aes.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,97 @@
-+// I retain copyright in this code but I encourage its free use provided
-+// that I don't carry any responsibility for the results. I am especially
-+// happy to see it used in free and open source software. If you do use
-+// it I would appreciate an acknowledgement of its origin in the code or
-+// the product that results and I would also appreciate knowing a little
-+// about the use to which it is being put. I am grateful to Frank Yellin
-+// for some ideas that are used in this implementation.
-+//
-+// Dr B. R. Gladman <brg@gladman.uk.net> 6th April 2001.
-+//
-+// This is an implementation of the AES encryption algorithm (Rijndael)
-+// designed by Joan Daemen and Vincent Rijmen. This version is designed
-+// to provide both fixed and dynamic block and key lengths and can also
-+// run with either big or little endian internal byte order (see aes.h).
-+// It inputs block and key lengths in bytes with the legal values being
-+// 16, 24 and 32.
-+
-+/*
-+ * Modified by Jari Ruusu, May 1 2001
-+ * - Fixed some compile warnings, code was ok but gcc warned anyway.
-+ * - Changed basic types: byte -> unsigned char, word -> u_int32_t
-+ * - Major name space cleanup: Names visible to outside now begin
-+ * with "aes_" or "AES_". A lot of stuff moved from aes.h to aes.c
-+ * - Removed C++ and DLL support as part of name space cleanup.
-+ * - Eliminated unnecessary recomputation of tables. (actual bug fix)
-+ * - Merged precomputed constant tables to aes.c file.
-+ * - Removed data alignment restrictions for portability reasons.
-+ * - Made block and key lengths accept bit count (128/192/256)
-+ * as well byte count (16/24/32).
-+ * - Removed all error checks. This change also eliminated the need
-+ * to preinitialize the context struct to zero.
-+ * - Removed some totally unused constants.
-+ */
-+
-+#ifndef _AES_H
-+#define _AES_H
-+
-+#if defined(__linux__) && defined(__KERNEL__)
-+# include <linux/types.h>
-+#else
-+# include <sys/types.h>
-+#endif
-+
-+// CONFIGURATION OPTIONS (see also aes.c)
-+//
-+// Define AES_BLOCK_SIZE to set the cipher block size (16, 24 or 32) or
-+// leave this undefined for dynamically variable block size (this will
-+// result in much slower code).
-+// IMPORTANT NOTE: AES_BLOCK_SIZE is in BYTES (16, 24, 32 or undefined). If
-+// left undefined a slower version providing variable block length is compiled
-+
-+#define AES_BLOCK_SIZE 16
-+
-+// The number of key schedule words for different block and key lengths
-+// allowing for method of computation which requires the length to be a
-+// multiple of the key length
-+//
-+// Nk = 4 6 8
-+// -------------
-+// Nb = 4 | 60 60 64
-+// 6 | 96 90 96
-+// 8 | 120 120 120
-+
-+#if !defined(AES_BLOCK_SIZE) || (AES_BLOCK_SIZE == 32)
-+#define AES_KS_LENGTH 120
-+#define AES_RC_LENGTH 29
-+#else
-+#define AES_KS_LENGTH 4 * AES_BLOCK_SIZE
-+#define AES_RC_LENGTH (9 * AES_BLOCK_SIZE) / 8 - 8
-+#endif
-+
-+typedef struct
-+{
-+ u_int32_t aes_Nkey; // the number of words in the key input block
-+ u_int32_t aes_Nrnd; // the number of cipher rounds
-+ u_int32_t aes_e_key[AES_KS_LENGTH]; // the encryption key schedule
-+ u_int32_t aes_d_key[AES_KS_LENGTH]; // the decryption key schedule
-+#if !defined(AES_BLOCK_SIZE)
-+ u_int32_t aes_Ncol; // the number of columns in the cipher state
-+#endif
-+} aes_context;
-+
-+// THE CIPHER INTERFACE
-+
-+#if !defined(AES_BLOCK_SIZE)
-+extern void aes_set_blk(aes_context *, const int);
-+#endif
-+extern void aes_set_key(aes_context *, const unsigned char [], const int, const int);
-+extern void aes_encrypt(const aes_context *, const unsigned char [], unsigned char []);
-+extern void aes_decrypt(const aes_context *, const unsigned char [], unsigned char []);
-+
-+// The block length inputs to aes_set_block and aes_set_key are in numbers
-+// of bytes or bits. The calls to subroutines must be made in the above
-+// order but multiple calls can be made without repeating earlier calls
-+// if their parameters have not changed.
-+
-+#endif // _AES_H
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/crypto/aes_cbc.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,4 @@
-+/* Glue header */
-+#include "aes.h"
-+int AES_set_key(aes_context *aes_ctx, const u_int8_t * key, int keysize);
-+int AES_cbc_encrypt(aes_context *ctx, const u_int8_t * in, u_int8_t * out, int ilen, const u_int8_t * iv, int encrypt);
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/crypto/aes_xcbc_mac.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,12 @@
-+#ifndef _AES_XCBC_MAC_H
-+#define _AES_XCBC_MAC_H
-+
-+typedef u_int32_t aes_block[4];
-+typedef struct {
-+ aes_context ctx_k1;
-+ aes_block k2;
-+ aes_block k3;
-+} aes_context_mac;
-+int AES_xcbc_mac_set_key(aes_context_mac *ctxm, const u_int8_t *key, int keylen);
-+int AES_xcbc_mac_hash(const aes_context_mac *ctxm, const u_int8_t * in, int ilen, u_int8_t hash[16]);
-+#endif /* _AES_XCBC_MAC_H */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/crypto/cbc_generic.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,110 @@
-+#ifndef _CBC_GENERIC_H
-+#define _CBC_GENERIC_H
-+/*
-+ * CBC macro helpers
-+ *
-+ * Author: JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ */
-+
-+/*
-+ * Heavily inspired in loop_AES
-+ */
-+#define CBC_IMPL_BLK16(name, ctx_type, addr_type, enc_func, dec_func) \
-+int name(ctx_type *ctx, const u_int8_t * in, u_int8_t * out, int ilen, const u_int8_t * iv, int encrypt) { \
-+ int ret=ilen, pos; \
-+ const u_int32_t *iv_i; \
-+ if ((ilen) % 16) return 0; \
-+ if (encrypt) { \
-+ pos=0; \
-+ while(pos<ilen) { \
-+ if (pos==0) \
-+ iv_i=(const u_int32_t*) iv; \
-+ else \
-+ iv_i=(const u_int32_t*) (out-16); \
-+ *((u_int32_t *)(&out[ 0])) = iv_i[0]^*((const u_int32_t *)(&in[ 0])); \
-+ *((u_int32_t *)(&out[ 4])) = iv_i[1]^*((const u_int32_t *)(&in[ 4])); \
-+ *((u_int32_t *)(&out[ 8])) = iv_i[2]^*((const u_int32_t *)(&in[ 8])); \
-+ *((u_int32_t *)(&out[12])) = iv_i[3]^*((const u_int32_t *)(&in[12])); \
-+ enc_func(ctx, (addr_type) out, (addr_type) out); \
-+ in+=16; \
-+ out+=16; \
-+ pos+=16; \
-+ } \
-+ } else { \
-+ pos=ilen-16; \
-+ in+=pos; \
-+ out+=pos; \
-+ while(pos>=0) { \
-+ dec_func(ctx, (const addr_type) in, (addr_type) out); \
-+ if (pos==0) \
-+ iv_i=(const u_int32_t*) (iv); \
-+ else \
-+ iv_i=(const u_int32_t*) (in-16); \
-+ *((u_int32_t *)(&out[ 0])) ^= iv_i[0]; \
-+ *((u_int32_t *)(&out[ 4])) ^= iv_i[1]; \
-+ *((u_int32_t *)(&out[ 8])) ^= iv_i[2]; \
-+ *((u_int32_t *)(&out[12])) ^= iv_i[3]; \
-+ in-=16; \
-+ out-=16; \
-+ pos-=16; \
-+ } \
-+ } \
-+ return ret; \
-+}
-+#define CBC_IMPL_BLK8(name, ctx_type, addr_type, enc_func, dec_func) \
-+int name(ctx_type *ctx, u_int8_t * in, u_int8_t * out, int ilen, const u_int8_t * iv, int encrypt) { \
-+ int ret=ilen, pos; \
-+ const u_int32_t *iv_i; \
-+ if ((ilen) % 8) return 0; \
-+ if (encrypt) { \
-+ pos=0; \
-+ while(pos<ilen) { \
-+ if (pos==0) \
-+ iv_i=(const u_int32_t*) iv; \
-+ else \
-+ iv_i=(const u_int32_t*) (out-8); \
-+ *((u_int32_t *)(&out[ 0])) = iv_i[0]^*((const u_int32_t *)(&in[ 0])); \
-+ *((u_int32_t *)(&out[ 4])) = iv_i[1]^*((const u_int32_t *)(&in[ 4])); \
-+ enc_func(ctx, (addr_type)out, (addr_type)out); \
-+ in+=8; \
-+ out+=8; \
-+ pos+=8; \
-+ } \
-+ } else { \
-+ pos=ilen-8; \
-+ in+=pos; \
-+ out+=pos; \
-+ while(pos>=0) { \
-+ dec_func(ctx, (const addr_type)in, (addr_type)out); \
-+ if (pos==0) \
-+ iv_i=(const u_int32_t*) (iv); \
-+ else \
-+ iv_i=(const u_int32_t*) (in-8); \
-+ *((u_int32_t *)(&out[ 0])) ^= iv_i[0]; \
-+ *((u_int32_t *)(&out[ 4])) ^= iv_i[1]; \
-+ in-=8; \
-+ out-=8; \
-+ pos-=8; \
-+ } \
-+ } \
-+ return ret; \
-+}
-+#define CBC_DECL(name, ctx_type) \
-+int name(ctx_type *ctx, u_int8_t * in, u_int8_t * out, int ilen, const u_int8_t * iv, int encrypt)
-+/*
-+Eg.:
-+CBC_IMPL_BLK16(AES_cbc_encrypt, aes_context, u_int8_t *, aes_encrypt, aes_decrypt);
-+CBC_DECL(AES_cbc_encrypt, aes_context);
-+*/
-+#endif /* _CBC_GENERIC_H */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/crypto/des.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,298 @@
-+/* crypto/des/des.org */
-+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
-+ * All rights reserved.
-+ *
-+ * This package is an SSL implementation written
-+ * by Eric Young (eay@cryptsoft.com).
-+ * The implementation was written so as to conform with Netscapes SSL.
-+ *
-+ * This library is free for commercial and non-commercial use as long as
-+ * the following conditions are aheared to. The following conditions
-+ * apply to all code found in this distribution, be it the RC4, RSA,
-+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
-+ * included with this distribution is covered by the same copyright terms
-+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
-+ *
-+ * Copyright remains Eric Young's, and as such any Copyright notices in
-+ * the code are not to be removed.
-+ * If this package is used in a product, Eric Young should be given attribution
-+ * as the author of the parts of the library used.
-+ * This can be in the form of a textual message at program startup or
-+ * in documentation (online or textual) provided with the package.
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions
-+ * are met:
-+ * 1. Redistributions of source code must retain the copyright
-+ * notice, this list of conditions and the following disclaimer.
-+ * 2. Redistributions in binary form must reproduce the above copyright
-+ * notice, this list of conditions and the following disclaimer in the
-+ * documentation and/or other materials provided with the distribution.
-+ * 3. All advertising materials mentioning features or use of this software
-+ * must display the following acknowledgement:
-+ * "This product includes cryptographic software written by
-+ * Eric Young (eay@cryptsoft.com)"
-+ * The word 'cryptographic' can be left out if the rouines from the library
-+ * being used are not cryptographic related :-).
-+ * 4. If you include any Windows specific code (or a derivative thereof) from
-+ * the apps directory (application code) you must include an acknowledgement:
-+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
-+ *
-+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-+ * SUCH DAMAGE.
-+ *
-+ * The licence and distribution terms for any publically available version or
-+ * derivative of this code cannot be changed. i.e. this code cannot simply be
-+ * copied and put under another distribution licence
-+ * [including the GNU Public Licence.]
-+ */
-+
-+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
-+ *
-+ * Always modify des.org since des.h is automatically generated from
-+ * it during SSLeay configuration.
-+ *
-+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
-+ */
-+
-+#ifndef HEADER_DES_H
-+#define HEADER_DES_H
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+
-+/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
-+ * %20 speed up (longs are 8 bytes, int's are 4). */
-+/* Must be unsigned int on ia64/Itanium or DES breaks badly */
-+
-+#ifdef __KERNEL__
-+#include <linux/types.h>
-+#else
-+#include <sys/types.h>
-+#endif
-+
-+#ifndef DES_LONG
-+#define DES_LONG u_int32_t
-+#endif
-+
-+typedef unsigned char des_cblock[8];
-+typedef struct { des_cblock ks; } des_key_schedule[16];
-+
-+#define DES_KEY_SZ (sizeof(des_cblock))
-+#define DES_SCHEDULE_SZ (sizeof(des_key_schedule))
-+
-+#define DES_ENCRYPT 1
-+#define DES_DECRYPT 0
-+
-+#define DES_CBC_MODE 0
-+#define DES_PCBC_MODE 1
-+
-+#define des_ecb2_encrypt(i,o,k1,k2,e) \
-+ des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
-+
-+#define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
-+ des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
-+
-+#define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
-+ des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
-+
-+#define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
-+ des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
-+
-+#define C_Block des_cblock
-+#define Key_schedule des_key_schedule
-+#ifdef KERBEROS
-+#define ENCRYPT DES_ENCRYPT
-+#define DECRYPT DES_DECRYPT
-+#endif
-+#define KEY_SZ DES_KEY_SZ
-+#define string_to_key des_string_to_key
-+#define read_pw_string des_read_pw_string
-+#define random_key des_random_key
-+#define pcbc_encrypt des_pcbc_encrypt
-+#define set_key des_set_key
-+#define key_sched des_key_sched
-+#define ecb_encrypt des_ecb_encrypt
-+#define cbc_encrypt des_cbc_encrypt
-+#define ncbc_encrypt des_ncbc_encrypt
-+#define xcbc_encrypt des_xcbc_encrypt
-+#define cbc_cksum des_cbc_cksum
-+#define quad_cksum des_quad_cksum
-+
-+/* For compatibility with the MIT lib - eay 20/05/92 */
-+typedef des_key_schedule bit_64;
-+#define des_fixup_key_parity des_set_odd_parity
-+#define des_check_key_parity check_parity
-+
-+extern int des_check_key; /* defaults to false */
-+extern int des_rw_mode; /* defaults to DES_PCBC_MODE */
-+
-+/* The next line is used to disable full ANSI prototypes, if your
-+ * compiler has problems with the prototypes, make sure this line always
-+ * evaluates to true :-) */
-+#if defined(MSDOS) || defined(__STDC__)
-+#undef NOPROTO
-+#endif
-+#ifndef NOPROTO
-+char *des_options(void);
-+void des_ecb3_encrypt(des_cblock *input,des_cblock *output,
-+ des_key_schedule ks1,des_key_schedule ks2,
-+ des_key_schedule ks3, int enc);
-+DES_LONG des_cbc_cksum(des_cblock *input,des_cblock *output,
-+ long length,des_key_schedule schedule,des_cblock *ivec);
-+void des_cbc_encrypt(des_cblock *input,des_cblock *output,long length,
-+ des_key_schedule schedule,des_cblock *ivec,int enc);
-+void des_ncbc_encrypt(des_cblock *input,des_cblock *output,long length,
-+ des_key_schedule schedule,des_cblock *ivec,int enc);
-+void des_xcbc_encrypt(des_cblock *input,des_cblock *output,long length,
-+ des_key_schedule schedule,des_cblock *ivec,
-+ des_cblock *inw,des_cblock *outw,int enc);
-+void des_cfb_encrypt(unsigned char *in,unsigned char *out,int numbits,
-+ long length,des_key_schedule schedule,des_cblock *ivec,int enc);
-+void des_ecb_encrypt(des_cblock *input,des_cblock *output,
-+ des_key_schedule ks,int enc);
-+void des_encrypt(DES_LONG *data,des_key_schedule ks, int enc);
-+void des_encrypt2(DES_LONG *data,des_key_schedule ks, int enc);
-+void des_encrypt3(DES_LONG *data, des_key_schedule ks1,
-+ des_key_schedule ks2, des_key_schedule ks3);
-+void des_decrypt3(DES_LONG *data, des_key_schedule ks1,
-+ des_key_schedule ks2, des_key_schedule ks3);
-+void des_ede3_cbc_encrypt(des_cblock *input, des_cblock *output,
-+ long length, des_key_schedule ks1, des_key_schedule ks2,
-+ des_key_schedule ks3, des_cblock *ivec, int enc);
-+void des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
-+ long length, des_key_schedule ks1, des_key_schedule ks2,
-+ des_key_schedule ks3, des_cblock *ivec, int *num, int enc);
-+void des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
-+ long length, des_key_schedule ks1, des_key_schedule ks2,
-+ des_key_schedule ks3, des_cblock *ivec, int *num);
-+
-+void des_xwhite_in2out(des_cblock (*des_key), des_cblock (*in_white),
-+ des_cblock (*out_white));
-+
-+int des_enc_read(int fd,char *buf,int len,des_key_schedule sched,
-+ des_cblock *iv);
-+int des_enc_write(int fd,char *buf,int len,des_key_schedule sched,
-+ des_cblock *iv);
-+char *des_fcrypt(const char *buf,const char *salt, char *ret);
-+#ifdef PERL5
-+char *des_crypt(const char *buf,const char *salt);
-+#else
-+/* some stupid compilers complain because I have declared char instead
-+ * of const char */
-+#ifndef __KERNEL__
-+#ifdef HEADER_DES_LOCL_H
-+char *crypt(const char *buf,const char *salt);
-+#else /* HEADER_DES_LOCL_H */
-+char *crypt(void);
-+#endif /* HEADER_DES_LOCL_H */
-+#endif /* __KERNEL__ */
-+#endif /* PERL5 */
-+void des_ofb_encrypt(unsigned char *in,unsigned char *out,
-+ int numbits,long length,des_key_schedule schedule,des_cblock *ivec);
-+void des_pcbc_encrypt(des_cblock *input,des_cblock *output,long length,
-+ des_key_schedule schedule,des_cblock *ivec,int enc);
-+DES_LONG des_quad_cksum(des_cblock *input,des_cblock *output,
-+ long length,int out_count,des_cblock *seed);
-+void des_random_seed(des_cblock key);
-+void des_random_key(des_cblock ret);
-+int des_read_password(des_cblock *key,char *prompt,int verify);
-+int des_read_2passwords(des_cblock *key1,des_cblock *key2,
-+ char *prompt,int verify);
-+int des_read_pw_string(char *buf,int length,char *prompt,int verify);
-+void des_set_odd_parity(des_cblock *key);
-+int des_is_weak_key(des_cblock *key);
-+int des_set_key(des_cblock *key,des_key_schedule schedule);
-+int des_key_sched(des_cblock *key,des_key_schedule schedule);
-+void des_string_to_key(char *str,des_cblock *key);
-+void des_string_to_2keys(char *str,des_cblock *key1,des_cblock *key2);
-+void des_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
-+ des_key_schedule schedule, des_cblock *ivec, int *num, int enc);
-+void des_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
-+ des_key_schedule schedule, des_cblock *ivec, int *num);
-+int des_read_pw(char *buf, char *buff, int size, char *prompt, int verify);
-+
-+/* Extra functions from Mark Murray <mark@grondar.za> */
-+/* The following functions are not in the normal unix build or the
-+ * SSLeay build. When using the SSLeay build, use RAND_seed()
-+ * and RAND_bytes() instead. */
-+int des_new_random_key(des_cblock *key);
-+void des_init_random_number_generator(des_cblock *key);
-+void des_set_random_generator_seed(des_cblock *key);
-+void des_set_sequence_number(des_cblock new_sequence_number);
-+void des_generate_random_block(des_cblock *block);
-+
-+#else
-+
-+char *des_options();
-+void des_ecb3_encrypt();
-+DES_LONG des_cbc_cksum();
-+void des_cbc_encrypt();
-+void des_ncbc_encrypt();
-+void des_xcbc_encrypt();
-+void des_cfb_encrypt();
-+void des_ede3_cfb64_encrypt();
-+void des_ede3_ofb64_encrypt();
-+void des_ecb_encrypt();
-+void des_encrypt();
-+void des_encrypt2();
-+void des_encrypt3();
-+void des_decrypt3();
-+void des_ede3_cbc_encrypt();
-+int des_enc_read();
-+int des_enc_write();
-+char *des_fcrypt();
-+#ifdef PERL5
-+char *des_crypt();
-+#else
-+char *crypt();
-+#endif
-+void des_ofb_encrypt();
-+void des_pcbc_encrypt();
-+DES_LONG des_quad_cksum();
-+void des_random_seed();
-+void des_random_key();
-+int des_read_password();
-+int des_read_2passwords();
-+int des_read_pw_string();
-+void des_set_odd_parity();
-+int des_is_weak_key();
-+int des_set_key();
-+int des_key_sched();
-+void des_string_to_key();
-+void des_string_to_2keys();
-+void des_cfb64_encrypt();
-+void des_ofb64_encrypt();
-+int des_read_pw();
-+void des_xwhite_in2out();
-+
-+/* Extra functions from Mark Murray <mark@grondar.za> */
-+/* The following functions are not in the normal unix build or the
-+ * SSLeay build. When using the SSLeay build, use RAND_seed()
-+ * and RAND_bytes() instead. */
-+#ifdef FreeBSD
-+int des_new_random_key();
-+void des_init_random_number_generator();
-+void des_set_random_generator_seed();
-+void des_set_sequence_number();
-+void des_generate_random_block();
-+#endif
-+
-+#endif
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+
-+#endif
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/des/des_locl.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,515 @@
-+/* crypto/des/des_locl.org */
-+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
-+ * All rights reserved.
-+ *
-+ * This package is an SSL implementation written
-+ * by Eric Young (eay@cryptsoft.com).
-+ * The implementation was written so as to conform with Netscapes SSL.
-+ *
-+ * This library is free for commercial and non-commercial use as long as
-+ * the following conditions are aheared to. The following conditions
-+ * apply to all code found in this distribution, be it the RC4, RSA,
-+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
-+ * included with this distribution is covered by the same copyright terms
-+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
-+ *
-+ * Copyright remains Eric Young's, and as such any Copyright notices in
-+ * the code are not to be removed.
-+ * If this package is used in a product, Eric Young should be given attribution
-+ * as the author of the parts of the library used.
-+ * This can be in the form of a textual message at program startup or
-+ * in documentation (online or textual) provided with the package.
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions
-+ * are met:
-+ * 1. Redistributions of source code must retain the copyright
-+ * notice, this list of conditions and the following disclaimer.
-+ * 2. Redistributions in binary form must reproduce the above copyright
-+ * notice, this list of conditions and the following disclaimer in the
-+ * documentation and/or other materials provided with the distribution.
-+ * 3. All advertising materials mentioning features or use of this software
-+ * must display the following acknowledgement:
-+ * "This product includes cryptographic software written by
-+ * Eric Young (eay@cryptsoft.com)"
-+ * The word 'cryptographic' can be left out if the rouines from the library
-+ * being used are not cryptographic related :-).
-+ * 4. If you include any Windows specific code (or a derivative thereof) from
-+ * the apps directory (application code) you must include an acknowledgement:
-+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
-+ *
-+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-+ * SUCH DAMAGE.
-+ *
-+ * The licence and distribution terms for any publically available version or
-+ * derivative of this code cannot be changed. i.e. this code cannot simply be
-+ * copied and put under another distribution licence
-+ * [including the GNU Public Licence.]
-+ */
-+
-+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
-+ *
-+ * Always modify des_locl.org since des_locl.h is automatically generated from
-+ * it during SSLeay configuration.
-+ *
-+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
-+ */
-+
-+#ifndef HEADER_DES_LOCL_H
-+#define HEADER_DES_LOCL_H
-+
-+#if defined(WIN32) || defined(WIN16)
-+#ifndef MSDOS
-+#define MSDOS
-+#endif
-+#endif
-+
-+#include "crypto/des.h"
-+
-+#ifndef DES_DEFAULT_OPTIONS
-+/* the following is tweaked from a config script, that is why it is a
-+ * protected undef/define */
-+#ifndef DES_PTR
-+#define DES_PTR
-+#endif
-+
-+/* This helps C compiler generate the correct code for multiple functional
-+ * units. It reduces register dependancies at the expense of 2 more
-+ * registers */
-+#ifndef DES_RISC1
-+#define DES_RISC1
-+#endif
-+
-+#ifndef DES_RISC2
-+#undef DES_RISC2
-+#endif
-+
-+#if defined(DES_RISC1) && defined(DES_RISC2)
-+YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
-+#endif
-+
-+/* Unroll the inner loop, this sometimes helps, sometimes hinders.
-+ * Very mucy CPU dependant */
-+#ifndef DES_UNROLL
-+#define DES_UNROLL
-+#endif
-+
-+/* These default values were supplied by
-+ * Peter Gutman <pgut001@cs.auckland.ac.nz>
-+ * They are only used if nothing else has been defined */
-+#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
-+/* Special defines which change the way the code is built depending on the
-+ CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
-+ even newer MIPS CPU's, but at the moment one size fits all for
-+ optimization options. Older Sparc's work better with only UNROLL, but
-+ there's no way to tell at compile time what it is you're running on */
-+
-+#if defined( sun ) /* Newer Sparc's */
-+ #define DES_PTR
-+ #define DES_RISC1
-+ #define DES_UNROLL
-+#elif defined( __ultrix ) /* Older MIPS */
-+ #define DES_PTR
-+ #define DES_RISC2
-+ #define DES_UNROLL
-+#elif defined( __osf1__ ) /* Alpha */
-+ #define DES_PTR
-+ #define DES_RISC2
-+#elif defined ( _AIX ) /* RS6000 */
-+ /* Unknown */
-+#elif defined( __hpux ) /* HP-PA */
-+ /* Unknown */
-+#elif defined( __aux ) /* 68K */
-+ /* Unknown */
-+#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */
-+ #define DES_UNROLL
-+#elif defined( __sgi ) /* Newer MIPS */
-+ #define DES_PTR
-+ #define DES_RISC2
-+ #define DES_UNROLL
-+#elif defined( i386 ) /* x86 boxes, should be gcc */
-+ #define DES_PTR
-+ #define DES_RISC1
-+ #define DES_UNROLL
-+#endif /* Systems-specific speed defines */
-+#endif
-+
-+#endif /* DES_DEFAULT_OPTIONS */
-+
-+#ifdef MSDOS /* Visual C++ 2.1 (Windows NT/95) */
-+#include <stdlib.h>
-+#include <errno.h>
-+#include <time.h>
-+#include <io.h>
-+#ifndef RAND
-+#define RAND
-+#endif
-+#undef NOPROTO
-+#endif
-+
-+#if defined(__STDC__) || defined(VMS) || defined(M_XENIX) || defined(MSDOS)
-+#ifndef __KERNEL__
-+#include <string.h>
-+#else
-+#include <linux/string.h>
-+#endif
-+#endif
-+
-+#ifndef RAND
-+#define RAND
-+#endif
-+
-+#ifdef linux
-+#undef RAND
-+#endif
-+
-+#ifdef MSDOS
-+#define getpid() 2
-+#define RAND
-+#undef NOPROTO
-+#endif
-+
-+#if defined(NOCONST)
-+#define const
-+#endif
-+
-+#ifdef __STDC__
-+#undef NOPROTO
-+#endif
-+
-+#ifdef RAND
-+#define srandom(s) srand(s)
-+#define random rand
-+#endif
-+
-+#define ITERATIONS 16
-+#define HALF_ITERATIONS 8
-+
-+/* used in des_read and des_write */
-+#define MAXWRITE (1024*16)
-+#define BSIZE (MAXWRITE+4)
-+
-+#define c2l(c,l) (l =((DES_LONG)(*((c)++))) , \
-+ l|=((DES_LONG)(*((c)++)))<< 8L, \
-+ l|=((DES_LONG)(*((c)++)))<<16L, \
-+ l|=((DES_LONG)(*((c)++)))<<24L)
-+
-+/* NOTE - c is not incremented as per c2l */
-+#define c2ln(c,l1,l2,n) { \
-+ c+=n; \
-+ l1=l2=0; \
-+ switch (n) { \
-+ case 8: l2 =((DES_LONG)(*(--(c))))<<24L; \
-+ case 7: l2|=((DES_LONG)(*(--(c))))<<16L; \
-+ case 6: l2|=((DES_LONG)(*(--(c))))<< 8L; \
-+ case 5: l2|=((DES_LONG)(*(--(c)))); \
-+ case 4: l1 =((DES_LONG)(*(--(c))))<<24L; \
-+ case 3: l1|=((DES_LONG)(*(--(c))))<<16L; \
-+ case 2: l1|=((DES_LONG)(*(--(c))))<< 8L; \
-+ case 1: l1|=((DES_LONG)(*(--(c)))); \
-+ } \
-+ }
-+
-+#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
-+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-+ *((c)++)=(unsigned char)(((l)>>24L)&0xff))
-+
-+/* replacements for htonl and ntohl since I have no idea what to do
-+ * when faced with machines with 8 byte longs. */
-+#define HDRSIZE 4
-+
-+#define n2l(c,l) (l =((DES_LONG)(*((c)++)))<<24L, \
-+ l|=((DES_LONG)(*((c)++)))<<16L, \
-+ l|=((DES_LONG)(*((c)++)))<< 8L, \
-+ l|=((DES_LONG)(*((c)++))))
-+
-+#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
-+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-+ *((c)++)=(unsigned char)(((l) )&0xff))
-+
-+/* NOTE - c is not incremented as per l2c */
-+#define l2cn(l1,l2,c,n) { \
-+ c+=n; \
-+ switch (n) { \
-+ case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
-+ case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
-+ case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
-+ case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
-+ case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
-+ case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
-+ case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
-+ case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
-+ } \
-+ }
-+
-+#if defined(WIN32)
-+#define ROTATE(a,n) (_lrotr(a,n))
-+#else
-+#define ROTATE(a,n) (((a)>>(n))+((a)<<(32-(n))))
-+#endif
-+
-+/* Don't worry about the LOAD_DATA() stuff, that is used by
-+ * fcrypt() to add it's little bit to the front */
-+
-+#ifdef DES_FCRYPT
-+
-+#define LOAD_DATA_tmp(R,S,u,t,E0,E1) \
-+ { DES_LONG tmp; LOAD_DATA(R,S,u,t,E0,E1,tmp); }
-+
-+#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
-+ t=R^(R>>16L); \
-+ u=t&E0; t&=E1; \
-+ tmp=(u<<16); u^=R^s[S ]; u^=tmp; \
-+ tmp=(t<<16); t^=R^s[S+1]; t^=tmp
-+#else
-+#define LOAD_DATA_tmp(a,b,c,d,e,f) LOAD_DATA(a,b,c,d,e,f,g)
-+#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
-+ u=R^s[S ]; \
-+ t=R^s[S+1]
-+#endif
-+
-+/* The changes to this macro may help or hinder, depending on the
-+ * compiler and the achitecture. gcc2 always seems to do well :-).
-+ * Inspired by Dana How <how@isl.stanford.edu>
-+ * DO NOT use the alternative version on machines with 8 byte longs.
-+ * It does not seem to work on the Alpha, even when DES_LONG is 4
-+ * bytes, probably an issue of accessing non-word aligned objects :-( */
-+#ifdef DES_PTR
-+
-+/* It recently occured to me that 0^0^0^0^0^0^0 == 0, so there
-+ * is no reason to not xor all the sub items together. This potentially
-+ * saves a register since things can be xored directly into L */
-+
-+#if defined(DES_RISC1) || defined(DES_RISC2)
-+#ifdef DES_RISC1
-+#define D_ENCRYPT(LL,R,S) { \
-+ unsigned int u1,u2,u3; \
-+ LOAD_DATA(R,S,u,t,E0,E1,u1); \
-+ u2=(int)u>>8L; \
-+ u1=(int)u&0xfc; \
-+ u2&=0xfc; \
-+ t=ROTATE(t,4); \
-+ u>>=16L; \
-+ LL^= *(DES_LONG *)((unsigned char *)des_SP +u1); \
-+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x200+u2); \
-+ u3=(int)(u>>8L); \
-+ u1=(int)u&0xfc; \
-+ u3&=0xfc; \
-+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x400+u1); \
-+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x600+u3); \
-+ u2=(int)t>>8L; \
-+ u1=(int)t&0xfc; \
-+ u2&=0xfc; \
-+ t>>=16L; \
-+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x100+u1); \
-+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x300+u2); \
-+ u3=(int)t>>8L; \
-+ u1=(int)t&0xfc; \
-+ u3&=0xfc; \
-+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x500+u1); \
-+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x700+u3); }
-+#endif
-+#ifdef DES_RISC2
-+#define D_ENCRYPT(LL,R,S) { \
-+ unsigned int u1,u2,s1,s2; \
-+ LOAD_DATA(R,S,u,t,E0,E1,u1); \
-+ u2=(int)u>>8L; \
-+ u1=(int)u&0xfc; \
-+ u2&=0xfc; \
-+ t=ROTATE(t,4); \
-+ LL^= *(DES_LONG *)((unsigned char *)des_SP +u1); \
-+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x200+u2); \
-+ s1=(int)(u>>16L); \
-+ s2=(int)(u>>24L); \
-+ s1&=0xfc; \
-+ s2&=0xfc; \
-+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x400+s1); \
-+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x600+s2); \
-+ u2=(int)t>>8L; \
-+ u1=(int)t&0xfc; \
-+ u2&=0xfc; \
-+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x100+u1); \
-+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x300+u2); \
-+ s1=(int)(t>>16L); \
-+ s2=(int)(t>>24L); \
-+ s1&=0xfc; \
-+ s2&=0xfc; \
-+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x500+s1); \
-+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x700+s2); }
-+#endif
-+#else
-+#define D_ENCRYPT(LL,R,S) { \
-+ LOAD_DATA_tmp(R,S,u,t,E0,E1); \
-+ t=ROTATE(t,4); \
-+ LL^= \
-+ *(DES_LONG *)((unsigned char *)des_SP +((u )&0xfc))^ \
-+ *(DES_LONG *)((unsigned char *)des_SP+0x200+((u>> 8L)&0xfc))^ \
-+ *(DES_LONG *)((unsigned char *)des_SP+0x400+((u>>16L)&0xfc))^ \
-+ *(DES_LONG *)((unsigned char *)des_SP+0x600+((u>>24L)&0xfc))^ \
-+ *(DES_LONG *)((unsigned char *)des_SP+0x100+((t )&0xfc))^ \
-+ *(DES_LONG *)((unsigned char *)des_SP+0x300+((t>> 8L)&0xfc))^ \
-+ *(DES_LONG *)((unsigned char *)des_SP+0x500+((t>>16L)&0xfc))^ \
-+ *(DES_LONG *)((unsigned char *)des_SP+0x700+((t>>24L)&0xfc)); }
-+#endif
-+
-+#else /* original version */
-+
-+#if defined(DES_RISC1) || defined(DES_RISC2)
-+#ifdef DES_RISC1
-+#define D_ENCRYPT(LL,R,S) {\
-+ unsigned int u1,u2,u3; \
-+ LOAD_DATA(R,S,u,t,E0,E1,u1); \
-+ u>>=2L; \
-+ t=ROTATE(t,6); \
-+ u2=(int)u>>8L; \
-+ u1=(int)u&0x3f; \
-+ u2&=0x3f; \
-+ u>>=16L; \
-+ LL^=des_SPtrans[0][u1]; \
-+ LL^=des_SPtrans[2][u2]; \
-+ u3=(int)u>>8L; \
-+ u1=(int)u&0x3f; \
-+ u3&=0x3f; \
-+ LL^=des_SPtrans[4][u1]; \
-+ LL^=des_SPtrans[6][u3]; \
-+ u2=(int)t>>8L; \
-+ u1=(int)t&0x3f; \
-+ u2&=0x3f; \
-+ t>>=16L; \
-+ LL^=des_SPtrans[1][u1]; \
-+ LL^=des_SPtrans[3][u2]; \
-+ u3=(int)t>>8L; \
-+ u1=(int)t&0x3f; \
-+ u3&=0x3f; \
-+ LL^=des_SPtrans[5][u1]; \
-+ LL^=des_SPtrans[7][u3]; }
-+#endif
-+#ifdef DES_RISC2
-+#define D_ENCRYPT(LL,R,S) {\
-+ unsigned int u1,u2,s1,s2; \
-+ LOAD_DATA(R,S,u,t,E0,E1,u1); \
-+ u>>=2L; \
-+ t=ROTATE(t,6); \
-+ u2=(int)u>>8L; \
-+ u1=(int)u&0x3f; \
-+ u2&=0x3f; \
-+ LL^=des_SPtrans[0][u1]; \
-+ LL^=des_SPtrans[2][u2]; \
-+ s1=(int)u>>16L; \
-+ s2=(int)u>>24L; \
-+ s1&=0x3f; \
-+ s2&=0x3f; \
-+ LL^=des_SPtrans[4][s1]; \
-+ LL^=des_SPtrans[6][s2]; \
-+ u2=(int)t>>8L; \
-+ u1=(int)t&0x3f; \
-+ u2&=0x3f; \
-+ LL^=des_SPtrans[1][u1]; \
-+ LL^=des_SPtrans[3][u2]; \
-+ s1=(int)t>>16; \
-+ s2=(int)t>>24L; \
-+ s1&=0x3f; \
-+ s2&=0x3f; \
-+ LL^=des_SPtrans[5][s1]; \
-+ LL^=des_SPtrans[7][s2]; }
-+#endif
-+
-+#else
-+
-+#define D_ENCRYPT(LL,R,S) {\
-+ LOAD_DATA_tmp(R,S,u,t,E0,E1); \
-+ t=ROTATE(t,4); \
-+ LL^=\
-+ des_SPtrans[0][(u>> 2L)&0x3f]^ \
-+ des_SPtrans[2][(u>>10L)&0x3f]^ \
-+ des_SPtrans[4][(u>>18L)&0x3f]^ \
-+ des_SPtrans[6][(u>>26L)&0x3f]^ \
-+ des_SPtrans[1][(t>> 2L)&0x3f]^ \
-+ des_SPtrans[3][(t>>10L)&0x3f]^ \
-+ des_SPtrans[5][(t>>18L)&0x3f]^ \
-+ des_SPtrans[7][(t>>26L)&0x3f]; }
-+#endif
-+#endif
-+
-+ /* IP and FP
-+ * The problem is more of a geometric problem that random bit fiddling.
-+ 0 1 2 3 4 5 6 7 62 54 46 38 30 22 14 6
-+ 8 9 10 11 12 13 14 15 60 52 44 36 28 20 12 4
-+ 16 17 18 19 20 21 22 23 58 50 42 34 26 18 10 2
-+ 24 25 26 27 28 29 30 31 to 56 48 40 32 24 16 8 0
-+
-+ 32 33 34 35 36 37 38 39 63 55 47 39 31 23 15 7
-+ 40 41 42 43 44 45 46 47 61 53 45 37 29 21 13 5
-+ 48 49 50 51 52 53 54 55 59 51 43 35 27 19 11 3
-+ 56 57 58 59 60 61 62 63 57 49 41 33 25 17 9 1
-+
-+ The output has been subject to swaps of the form
-+ 0 1 -> 3 1 but the odd and even bits have been put into
-+ 2 3 2 0
-+ different words. The main trick is to remember that
-+ t=((l>>size)^r)&(mask);
-+ r^=t;
-+ l^=(t<<size);
-+ can be used to swap and move bits between words.
-+
-+ So l = 0 1 2 3 r = 16 17 18 19
-+ 4 5 6 7 20 21 22 23
-+ 8 9 10 11 24 25 26 27
-+ 12 13 14 15 28 29 30 31
-+ becomes (for size == 2 and mask == 0x3333)
-+ t = 2^16 3^17 -- -- l = 0 1 16 17 r = 2 3 18 19
-+ 6^20 7^21 -- -- 4 5 20 21 6 7 22 23
-+ 10^24 11^25 -- -- 8 9 24 25 10 11 24 25
-+ 14^28 15^29 -- -- 12 13 28 29 14 15 28 29
-+
-+ Thanks for hints from Richard Outerbridge - he told me IP&FP
-+ could be done in 15 xor, 10 shifts and 5 ands.
-+ When I finally started to think of the problem in 2D
-+ I first got ~42 operations without xors. When I remembered
-+ how to use xors :-) I got it to its final state.
-+ */
-+#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
-+ (b)^=(t),\
-+ (a)^=((t)<<(n)))
-+
-+#define IP(l,r) \
-+ { \
-+ register DES_LONG tt; \
-+ PERM_OP(r,l,tt, 4,0x0f0f0f0fL); \
-+ PERM_OP(l,r,tt,16,0x0000ffffL); \
-+ PERM_OP(r,l,tt, 2,0x33333333L); \
-+ PERM_OP(l,r,tt, 8,0x00ff00ffL); \
-+ PERM_OP(r,l,tt, 1,0x55555555L); \
-+ }
-+
-+#define FP(l,r) \
-+ { \
-+ register DES_LONG tt; \
-+ PERM_OP(l,r,tt, 1,0x55555555L); \
-+ PERM_OP(r,l,tt, 8,0x00ff00ffL); \
-+ PERM_OP(l,r,tt, 2,0x33333333L); \
-+ PERM_OP(r,l,tt,16,0x0000ffffL); \
-+ PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \
-+ }
-+
-+extern const DES_LONG des_SPtrans[8][64];
-+
-+#ifndef NOPROTO
-+void fcrypt_body(DES_LONG *out,des_key_schedule ks,
-+ DES_LONG Eswap0, DES_LONG Eswap1);
-+#else
-+void fcrypt_body();
-+#endif
-+
-+#endif
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/des/des_ver.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,60 @@
-+/* crypto/des/des_ver.h */
-+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
-+ * All rights reserved.
-+ *
-+ * This package is an SSL implementation written
-+ * by Eric Young (eay@cryptsoft.com).
-+ * The implementation was written so as to conform with Netscapes SSL.
-+ *
-+ * This library is free for commercial and non-commercial use as long as
-+ * the following conditions are aheared to. The following conditions
-+ * apply to all code found in this distribution, be it the RC4, RSA,
-+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
-+ * included with this distribution is covered by the same copyright terms
-+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
-+ *
-+ * Copyright remains Eric Young's, and as such any Copyright notices in
-+ * the code are not to be removed.
-+ * If this package is used in a product, Eric Young should be given attribution
-+ * as the author of the parts of the library used.
-+ * This can be in the form of a textual message at program startup or
-+ * in documentation (online or textual) provided with the package.
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions
-+ * are met:
-+ * 1. Redistributions of source code must retain the copyright
-+ * notice, this list of conditions and the following disclaimer.
-+ * 2. Redistributions in binary form must reproduce the above copyright
-+ * notice, this list of conditions and the following disclaimer in the
-+ * documentation and/or other materials provided with the distribution.
-+ * 3. All advertising materials mentioning features or use of this software
-+ * must display the following acknowledgement:
-+ * "This product includes cryptographic software written by
-+ * Eric Young (eay@cryptsoft.com)"
-+ * The word 'cryptographic' can be left out if the rouines from the library
-+ * being used are not cryptographic related :-).
-+ * 4. If you include any Windows specific code (or a derivative thereof) from
-+ * the apps directory (application code) you must include an acknowledgement:
-+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
-+ *
-+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-+ * SUCH DAMAGE.
-+ *
-+ * The licence and distribution terms for any publically available version or
-+ * derivative of this code cannot be changed. i.e. this code cannot simply be
-+ * copied and put under another distribution licence
-+ * [including the GNU Public Licence.]
-+ */
-+
-+extern char *DES_version; /* SSLeay version string */
-+extern char *libdes_version; /* old libdes version string */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/des/podd.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,75 @@
-+/* crypto/des/podd.h */
-+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
-+ * All rights reserved.
-+ *
-+ * This package is an SSL implementation written
-+ * by Eric Young (eay@cryptsoft.com).
-+ * The implementation was written so as to conform with Netscapes SSL.
-+ *
-+ * This library is free for commercial and non-commercial use as long as
-+ * the following conditions are aheared to. The following conditions
-+ * apply to all code found in this distribution, be it the RC4, RSA,
-+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
-+ * included with this distribution is covered by the same copyright terms
-+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
-+ *
-+ * Copyright remains Eric Young's, and as such any Copyright notices in
-+ * the code are not to be removed.
-+ * If this package is used in a product, Eric Young should be given attribution
-+ * as the author of the parts of the library used.
-+ * This can be in the form of a textual message at program startup or
-+ * in documentation (online or textual) provided with the package.
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions
-+ * are met:
-+ * 1. Redistributions of source code must retain the copyright
-+ * notice, this list of conditions and the following disclaimer.
-+ * 2. Redistributions in binary form must reproduce the above copyright
-+ * notice, this list of conditions and the following disclaimer in the
-+ * documentation and/or other materials provided with the distribution.
-+ * 3. All advertising materials mentioning features or use of this software
-+ * must display the following acknowledgement:
-+ * "This product includes cryptographic software written by
-+ * Eric Young (eay@cryptsoft.com)"
-+ * The word 'cryptographic' can be left out if the rouines from the library
-+ * being used are not cryptographic related :-).
-+ * 4. If you include any Windows specific code (or a derivative thereof) from
-+ * the apps directory (application code) you must include an acknowledgement:
-+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
-+ *
-+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-+ * SUCH DAMAGE.
-+ *
-+ * The licence and distribution terms for any publically available version or
-+ * derivative of this code cannot be changed. i.e. this code cannot simply be
-+ * copied and put under another distribution licence
-+ * [including the GNU Public Licence.]
-+ */
-+
-+static const unsigned char odd_parity[256]={
-+ 1, 1, 2, 2, 4, 4, 7, 7, 8, 8, 11, 11, 13, 13, 14, 14,
-+ 16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
-+ 32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47,
-+ 49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62,
-+ 64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79,
-+ 81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94,
-+ 97, 97, 98, 98,100,100,103,103,104,104,107,107,109,109,110,110,
-+112,112,115,115,117,117,118,118,121,121,122,122,124,124,127,127,
-+128,128,131,131,133,133,134,134,137,137,138,138,140,140,143,143,
-+145,145,146,146,148,148,151,151,152,152,155,155,157,157,158,158,
-+161,161,162,162,164,164,167,167,168,168,171,171,173,173,174,174,
-+176,176,179,179,181,181,182,182,185,185,186,186,188,188,191,191,
-+193,193,194,194,196,196,199,199,200,200,203,203,205,205,206,206,
-+208,208,211,211,213,213,214,214,217,217,218,218,220,220,223,223,
-+224,224,227,227,229,229,230,230,233,233,234,234,236,236,239,239,
-+241,241,242,242,244,244,247,247,248,248,251,251,253,253,254,254};
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/des/sk.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,204 @@
-+/* crypto/des/sk.h */
-+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
-+ * All rights reserved.
-+ *
-+ * This package is an SSL implementation written
-+ * by Eric Young (eay@cryptsoft.com).
-+ * The implementation was written so as to conform with Netscapes SSL.
-+ *
-+ * This library is free for commercial and non-commercial use as long as
-+ * the following conditions are aheared to. The following conditions
-+ * apply to all code found in this distribution, be it the RC4, RSA,
-+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
-+ * included with this distribution is covered by the same copyright terms
-+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
-+ *
-+ * Copyright remains Eric Young's, and as such any Copyright notices in
-+ * the code are not to be removed.
-+ * If this package is used in a product, Eric Young should be given attribution
-+ * as the author of the parts of the library used.
-+ * This can be in the form of a textual message at program startup or
-+ * in documentation (online or textual) provided with the package.
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions
-+ * are met:
-+ * 1. Redistributions of source code must retain the copyright
-+ * notice, this list of conditions and the following disclaimer.
-+ * 2. Redistributions in binary form must reproduce the above copyright
-+ * notice, this list of conditions and the following disclaimer in the
-+ * documentation and/or other materials provided with the distribution.
-+ * 3. All advertising materials mentioning features or use of this software
-+ * must display the following acknowledgement:
-+ * "This product includes cryptographic software written by
-+ * Eric Young (eay@cryptsoft.com)"
-+ * The word 'cryptographic' can be left out if the rouines from the library
-+ * being used are not cryptographic related :-).
-+ * 4. If you include any Windows specific code (or a derivative thereof) from
-+ * the apps directory (application code) you must include an acknowledgement:
-+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
-+ *
-+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-+ * SUCH DAMAGE.
-+ *
-+ * The licence and distribution terms for any publically available version or
-+ * derivative of this code cannot be changed. i.e. this code cannot simply be
-+ * copied and put under another distribution licence
-+ * [including the GNU Public Licence.]
-+ */
-+
-+static const DES_LONG des_skb[8][64]={
-+{
-+/* for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
-+0x00000000L,0x00000010L,0x20000000L,0x20000010L,
-+0x00010000L,0x00010010L,0x20010000L,0x20010010L,
-+0x00000800L,0x00000810L,0x20000800L,0x20000810L,
-+0x00010800L,0x00010810L,0x20010800L,0x20010810L,
-+0x00000020L,0x00000030L,0x20000020L,0x20000030L,
-+0x00010020L,0x00010030L,0x20010020L,0x20010030L,
-+0x00000820L,0x00000830L,0x20000820L,0x20000830L,
-+0x00010820L,0x00010830L,0x20010820L,0x20010830L,
-+0x00080000L,0x00080010L,0x20080000L,0x20080010L,
-+0x00090000L,0x00090010L,0x20090000L,0x20090010L,
-+0x00080800L,0x00080810L,0x20080800L,0x20080810L,
-+0x00090800L,0x00090810L,0x20090800L,0x20090810L,
-+0x00080020L,0x00080030L,0x20080020L,0x20080030L,
-+0x00090020L,0x00090030L,0x20090020L,0x20090030L,
-+0x00080820L,0x00080830L,0x20080820L,0x20080830L,
-+0x00090820L,0x00090830L,0x20090820L,0x20090830L,
-+},{
-+/* for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 */
-+0x00000000L,0x02000000L,0x00002000L,0x02002000L,
-+0x00200000L,0x02200000L,0x00202000L,0x02202000L,
-+0x00000004L,0x02000004L,0x00002004L,0x02002004L,
-+0x00200004L,0x02200004L,0x00202004L,0x02202004L,
-+0x00000400L,0x02000400L,0x00002400L,0x02002400L,
-+0x00200400L,0x02200400L,0x00202400L,0x02202400L,
-+0x00000404L,0x02000404L,0x00002404L,0x02002404L,
-+0x00200404L,0x02200404L,0x00202404L,0x02202404L,
-+0x10000000L,0x12000000L,0x10002000L,0x12002000L,
-+0x10200000L,0x12200000L,0x10202000L,0x12202000L,
-+0x10000004L,0x12000004L,0x10002004L,0x12002004L,
-+0x10200004L,0x12200004L,0x10202004L,0x12202004L,
-+0x10000400L,0x12000400L,0x10002400L,0x12002400L,
-+0x10200400L,0x12200400L,0x10202400L,0x12202400L,
-+0x10000404L,0x12000404L,0x10002404L,0x12002404L,
-+0x10200404L,0x12200404L,0x10202404L,0x12202404L,
-+},{
-+/* for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 */
-+0x00000000L,0x00000001L,0x00040000L,0x00040001L,
-+0x01000000L,0x01000001L,0x01040000L,0x01040001L,
-+0x00000002L,0x00000003L,0x00040002L,0x00040003L,
-+0x01000002L,0x01000003L,0x01040002L,0x01040003L,
-+0x00000200L,0x00000201L,0x00040200L,0x00040201L,
-+0x01000200L,0x01000201L,0x01040200L,0x01040201L,
-+0x00000202L,0x00000203L,0x00040202L,0x00040203L,
-+0x01000202L,0x01000203L,0x01040202L,0x01040203L,
-+0x08000000L,0x08000001L,0x08040000L,0x08040001L,
-+0x09000000L,0x09000001L,0x09040000L,0x09040001L,
-+0x08000002L,0x08000003L,0x08040002L,0x08040003L,
-+0x09000002L,0x09000003L,0x09040002L,0x09040003L,
-+0x08000200L,0x08000201L,0x08040200L,0x08040201L,
-+0x09000200L,0x09000201L,0x09040200L,0x09040201L,
-+0x08000202L,0x08000203L,0x08040202L,0x08040203L,
-+0x09000202L,0x09000203L,0x09040202L,0x09040203L,
-+},{
-+/* for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 */
-+0x00000000L,0x00100000L,0x00000100L,0x00100100L,
-+0x00000008L,0x00100008L,0x00000108L,0x00100108L,
-+0x00001000L,0x00101000L,0x00001100L,0x00101100L,
-+0x00001008L,0x00101008L,0x00001108L,0x00101108L,
-+0x04000000L,0x04100000L,0x04000100L,0x04100100L,
-+0x04000008L,0x04100008L,0x04000108L,0x04100108L,
-+0x04001000L,0x04101000L,0x04001100L,0x04101100L,
-+0x04001008L,0x04101008L,0x04001108L,0x04101108L,
-+0x00020000L,0x00120000L,0x00020100L,0x00120100L,
-+0x00020008L,0x00120008L,0x00020108L,0x00120108L,
-+0x00021000L,0x00121000L,0x00021100L,0x00121100L,
-+0x00021008L,0x00121008L,0x00021108L,0x00121108L,
-+0x04020000L,0x04120000L,0x04020100L,0x04120100L,
-+0x04020008L,0x04120008L,0x04020108L,0x04120108L,
-+0x04021000L,0x04121000L,0x04021100L,0x04121100L,
-+0x04021008L,0x04121008L,0x04021108L,0x04121108L,
-+},{
-+/* for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
-+0x00000000L,0x10000000L,0x00010000L,0x10010000L,
-+0x00000004L,0x10000004L,0x00010004L,0x10010004L,
-+0x20000000L,0x30000000L,0x20010000L,0x30010000L,
-+0x20000004L,0x30000004L,0x20010004L,0x30010004L,
-+0x00100000L,0x10100000L,0x00110000L,0x10110000L,
-+0x00100004L,0x10100004L,0x00110004L,0x10110004L,
-+0x20100000L,0x30100000L,0x20110000L,0x30110000L,
-+0x20100004L,0x30100004L,0x20110004L,0x30110004L,
-+0x00001000L,0x10001000L,0x00011000L,0x10011000L,
-+0x00001004L,0x10001004L,0x00011004L,0x10011004L,
-+0x20001000L,0x30001000L,0x20011000L,0x30011000L,
-+0x20001004L,0x30001004L,0x20011004L,0x30011004L,
-+0x00101000L,0x10101000L,0x00111000L,0x10111000L,
-+0x00101004L,0x10101004L,0x00111004L,0x10111004L,
-+0x20101000L,0x30101000L,0x20111000L,0x30111000L,
-+0x20101004L,0x30101004L,0x20111004L,0x30111004L,
-+},{
-+/* for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 */
-+0x00000000L,0x08000000L,0x00000008L,0x08000008L,
-+0x00000400L,0x08000400L,0x00000408L,0x08000408L,
-+0x00020000L,0x08020000L,0x00020008L,0x08020008L,
-+0x00020400L,0x08020400L,0x00020408L,0x08020408L,
-+0x00000001L,0x08000001L,0x00000009L,0x08000009L,
-+0x00000401L,0x08000401L,0x00000409L,0x08000409L,
-+0x00020001L,0x08020001L,0x00020009L,0x08020009L,
-+0x00020401L,0x08020401L,0x00020409L,0x08020409L,
-+0x02000000L,0x0A000000L,0x02000008L,0x0A000008L,
-+0x02000400L,0x0A000400L,0x02000408L,0x0A000408L,
-+0x02020000L,0x0A020000L,0x02020008L,0x0A020008L,
-+0x02020400L,0x0A020400L,0x02020408L,0x0A020408L,
-+0x02000001L,0x0A000001L,0x02000009L,0x0A000009L,
-+0x02000401L,0x0A000401L,0x02000409L,0x0A000409L,
-+0x02020001L,0x0A020001L,0x02020009L,0x0A020009L,
-+0x02020401L,0x0A020401L,0x02020409L,0x0A020409L,
-+},{
-+/* for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 */
-+0x00000000L,0x00000100L,0x00080000L,0x00080100L,
-+0x01000000L,0x01000100L,0x01080000L,0x01080100L,
-+0x00000010L,0x00000110L,0x00080010L,0x00080110L,
-+0x01000010L,0x01000110L,0x01080010L,0x01080110L,
-+0x00200000L,0x00200100L,0x00280000L,0x00280100L,
-+0x01200000L,0x01200100L,0x01280000L,0x01280100L,
-+0x00200010L,0x00200110L,0x00280010L,0x00280110L,
-+0x01200010L,0x01200110L,0x01280010L,0x01280110L,
-+0x00000200L,0x00000300L,0x00080200L,0x00080300L,
-+0x01000200L,0x01000300L,0x01080200L,0x01080300L,
-+0x00000210L,0x00000310L,0x00080210L,0x00080310L,
-+0x01000210L,0x01000310L,0x01080210L,0x01080310L,
-+0x00200200L,0x00200300L,0x00280200L,0x00280300L,
-+0x01200200L,0x01200300L,0x01280200L,0x01280300L,
-+0x00200210L,0x00200310L,0x00280210L,0x00280310L,
-+0x01200210L,0x01200310L,0x01280210L,0x01280310L,
-+},{
-+/* for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 */
-+0x00000000L,0x04000000L,0x00040000L,0x04040000L,
-+0x00000002L,0x04000002L,0x00040002L,0x04040002L,
-+0x00002000L,0x04002000L,0x00042000L,0x04042000L,
-+0x00002002L,0x04002002L,0x00042002L,0x04042002L,
-+0x00000020L,0x04000020L,0x00040020L,0x04040020L,
-+0x00000022L,0x04000022L,0x00040022L,0x04040022L,
-+0x00002020L,0x04002020L,0x00042020L,0x04042020L,
-+0x00002022L,0x04002022L,0x00042022L,0x04042022L,
-+0x00000800L,0x04000800L,0x00040800L,0x04040800L,
-+0x00000802L,0x04000802L,0x00040802L,0x04040802L,
-+0x00002800L,0x04002800L,0x00042800L,0x04042800L,
-+0x00002802L,0x04002802L,0x00042802L,0x04042802L,
-+0x00000820L,0x04000820L,0x00040820L,0x04040820L,
-+0x00000822L,0x04000822L,0x00040822L,0x04040822L,
-+0x00002820L,0x04002820L,0x00042820L,0x04042820L,
-+0x00002822L,0x04002822L,0x00042822L,0x04042822L,
-+}};
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/des/spr.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,204 @@
-+/* crypto/des/spr.h */
-+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
-+ * All rights reserved.
-+ *
-+ * This package is an SSL implementation written
-+ * by Eric Young (eay@cryptsoft.com).
-+ * The implementation was written so as to conform with Netscapes SSL.
-+ *
-+ * This library is free for commercial and non-commercial use as long as
-+ * the following conditions are aheared to. The following conditions
-+ * apply to all code found in this distribution, be it the RC4, RSA,
-+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
-+ * included with this distribution is covered by the same copyright terms
-+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
-+ *
-+ * Copyright remains Eric Young's, and as such any Copyright notices in
-+ * the code are not to be removed.
-+ * If this package is used in a product, Eric Young should be given attribution
-+ * as the author of the parts of the library used.
-+ * This can be in the form of a textual message at program startup or
-+ * in documentation (online or textual) provided with the package.
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions
-+ * are met:
-+ * 1. Redistributions of source code must retain the copyright
-+ * notice, this list of conditions and the following disclaimer.
-+ * 2. Redistributions in binary form must reproduce the above copyright
-+ * notice, this list of conditions and the following disclaimer in the
-+ * documentation and/or other materials provided with the distribution.
-+ * 3. All advertising materials mentioning features or use of this software
-+ * must display the following acknowledgement:
-+ * "This product includes cryptographic software written by
-+ * Eric Young (eay@cryptsoft.com)"
-+ * The word 'cryptographic' can be left out if the rouines from the library
-+ * being used are not cryptographic related :-).
-+ * 4. If you include any Windows specific code (or a derivative thereof) from
-+ * the apps directory (application code) you must include an acknowledgement:
-+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
-+ *
-+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-+ * SUCH DAMAGE.
-+ *
-+ * The licence and distribution terms for any publically available version or
-+ * derivative of this code cannot be changed. i.e. this code cannot simply be
-+ * copied and put under another distribution licence
-+ * [including the GNU Public Licence.]
-+ */
-+
-+const DES_LONG des_SPtrans[8][64]={
-+{
-+/* nibble 0 */
-+0x02080800L, 0x00080000L, 0x02000002L, 0x02080802L,
-+0x02000000L, 0x00080802L, 0x00080002L, 0x02000002L,
-+0x00080802L, 0x02080800L, 0x02080000L, 0x00000802L,
-+0x02000802L, 0x02000000L, 0x00000000L, 0x00080002L,
-+0x00080000L, 0x00000002L, 0x02000800L, 0x00080800L,
-+0x02080802L, 0x02080000L, 0x00000802L, 0x02000800L,
-+0x00000002L, 0x00000800L, 0x00080800L, 0x02080002L,
-+0x00000800L, 0x02000802L, 0x02080002L, 0x00000000L,
-+0x00000000L, 0x02080802L, 0x02000800L, 0x00080002L,
-+0x02080800L, 0x00080000L, 0x00000802L, 0x02000800L,
-+0x02080002L, 0x00000800L, 0x00080800L, 0x02000002L,
-+0x00080802L, 0x00000002L, 0x02000002L, 0x02080000L,
-+0x02080802L, 0x00080800L, 0x02080000L, 0x02000802L,
-+0x02000000L, 0x00000802L, 0x00080002L, 0x00000000L,
-+0x00080000L, 0x02000000L, 0x02000802L, 0x02080800L,
-+0x00000002L, 0x02080002L, 0x00000800L, 0x00080802L,
-+},{
-+/* nibble 1 */
-+0x40108010L, 0x00000000L, 0x00108000L, 0x40100000L,
-+0x40000010L, 0x00008010L, 0x40008000L, 0x00108000L,
-+0x00008000L, 0x40100010L, 0x00000010L, 0x40008000L,
-+0x00100010L, 0x40108000L, 0x40100000L, 0x00000010L,
-+0x00100000L, 0x40008010L, 0x40100010L, 0x00008000L,
-+0x00108010L, 0x40000000L, 0x00000000L, 0x00100010L,
-+0x40008010L, 0x00108010L, 0x40108000L, 0x40000010L,
-+0x40000000L, 0x00100000L, 0x00008010L, 0x40108010L,
-+0x00100010L, 0x40108000L, 0x40008000L, 0x00108010L,
-+0x40108010L, 0x00100010L, 0x40000010L, 0x00000000L,
-+0x40000000L, 0x00008010L, 0x00100000L, 0x40100010L,
-+0x00008000L, 0x40000000L, 0x00108010L, 0x40008010L,
-+0x40108000L, 0x00008000L, 0x00000000L, 0x40000010L,
-+0x00000010L, 0x40108010L, 0x00108000L, 0x40100000L,
-+0x40100010L, 0x00100000L, 0x00008010L, 0x40008000L,
-+0x40008010L, 0x00000010L, 0x40100000L, 0x00108000L,
-+},{
-+/* nibble 2 */
-+0x04000001L, 0x04040100L, 0x00000100L, 0x04000101L,
-+0x00040001L, 0x04000000L, 0x04000101L, 0x00040100L,
-+0x04000100L, 0x00040000L, 0x04040000L, 0x00000001L,
-+0x04040101L, 0x00000101L, 0x00000001L, 0x04040001L,
-+0x00000000L, 0x00040001L, 0x04040100L, 0x00000100L,
-+0x00000101L, 0x04040101L, 0x00040000L, 0x04000001L,
-+0x04040001L, 0x04000100L, 0x00040101L, 0x04040000L,
-+0x00040100L, 0x00000000L, 0x04000000L, 0x00040101L,
-+0x04040100L, 0x00000100L, 0x00000001L, 0x00040000L,
-+0x00000101L, 0x00040001L, 0x04040000L, 0x04000101L,
-+0x00000000L, 0x04040100L, 0x00040100L, 0x04040001L,
-+0x00040001L, 0x04000000L, 0x04040101L, 0x00000001L,
-+0x00040101L, 0x04000001L, 0x04000000L, 0x04040101L,
-+0x00040000L, 0x04000100L, 0x04000101L, 0x00040100L,
-+0x04000100L, 0x00000000L, 0x04040001L, 0x00000101L,
-+0x04000001L, 0x00040101L, 0x00000100L, 0x04040000L,
-+},{
-+/* nibble 3 */
-+0x00401008L, 0x10001000L, 0x00000008L, 0x10401008L,
-+0x00000000L, 0x10400000L, 0x10001008L, 0x00400008L,
-+0x10401000L, 0x10000008L, 0x10000000L, 0x00001008L,
-+0x10000008L, 0x00401008L, 0x00400000L, 0x10000000L,
-+0x10400008L, 0x00401000L, 0x00001000L, 0x00000008L,
-+0x00401000L, 0x10001008L, 0x10400000L, 0x00001000L,
-+0x00001008L, 0x00000000L, 0x00400008L, 0x10401000L,
-+0x10001000L, 0x10400008L, 0x10401008L, 0x00400000L,
-+0x10400008L, 0x00001008L, 0x00400000L, 0x10000008L,
-+0x00401000L, 0x10001000L, 0x00000008L, 0x10400000L,
-+0x10001008L, 0x00000000L, 0x00001000L, 0x00400008L,
-+0x00000000L, 0x10400008L, 0x10401000L, 0x00001000L,
-+0x10000000L, 0x10401008L, 0x00401008L, 0x00400000L,
-+0x10401008L, 0x00000008L, 0x10001000L, 0x00401008L,
-+0x00400008L, 0x00401000L, 0x10400000L, 0x10001008L,
-+0x00001008L, 0x10000000L, 0x10000008L, 0x10401000L,
-+},{
-+/* nibble 4 */
-+0x08000000L, 0x00010000L, 0x00000400L, 0x08010420L,
-+0x08010020L, 0x08000400L, 0x00010420L, 0x08010000L,
-+0x00010000L, 0x00000020L, 0x08000020L, 0x00010400L,
-+0x08000420L, 0x08010020L, 0x08010400L, 0x00000000L,
-+0x00010400L, 0x08000000L, 0x00010020L, 0x00000420L,
-+0x08000400L, 0x00010420L, 0x00000000L, 0x08000020L,
-+0x00000020L, 0x08000420L, 0x08010420L, 0x00010020L,
-+0x08010000L, 0x00000400L, 0x00000420L, 0x08010400L,
-+0x08010400L, 0x08000420L, 0x00010020L, 0x08010000L,
-+0x00010000L, 0x00000020L, 0x08000020L, 0x08000400L,
-+0x08000000L, 0x00010400L, 0x08010420L, 0x00000000L,
-+0x00010420L, 0x08000000L, 0x00000400L, 0x00010020L,
-+0x08000420L, 0x00000400L, 0x00000000L, 0x08010420L,
-+0x08010020L, 0x08010400L, 0x00000420L, 0x00010000L,
-+0x00010400L, 0x08010020L, 0x08000400L, 0x00000420L,
-+0x00000020L, 0x00010420L, 0x08010000L, 0x08000020L,
-+},{
-+/* nibble 5 */
-+0x80000040L, 0x00200040L, 0x00000000L, 0x80202000L,
-+0x00200040L, 0x00002000L, 0x80002040L, 0x00200000L,
-+0x00002040L, 0x80202040L, 0x00202000L, 0x80000000L,
-+0x80002000L, 0x80000040L, 0x80200000L, 0x00202040L,
-+0x00200000L, 0x80002040L, 0x80200040L, 0x00000000L,
-+0x00002000L, 0x00000040L, 0x80202000L, 0x80200040L,
-+0x80202040L, 0x80200000L, 0x80000000L, 0x00002040L,
-+0x00000040L, 0x00202000L, 0x00202040L, 0x80002000L,
-+0x00002040L, 0x80000000L, 0x80002000L, 0x00202040L,
-+0x80202000L, 0x00200040L, 0x00000000L, 0x80002000L,
-+0x80000000L, 0x00002000L, 0x80200040L, 0x00200000L,
-+0x00200040L, 0x80202040L, 0x00202000L, 0x00000040L,
-+0x80202040L, 0x00202000L, 0x00200000L, 0x80002040L,
-+0x80000040L, 0x80200000L, 0x00202040L, 0x00000000L,
-+0x00002000L, 0x80000040L, 0x80002040L, 0x80202000L,
-+0x80200000L, 0x00002040L, 0x00000040L, 0x80200040L,
-+},{
-+/* nibble 6 */
-+0x00004000L, 0x00000200L, 0x01000200L, 0x01000004L,
-+0x01004204L, 0x00004004L, 0x00004200L, 0x00000000L,
-+0x01000000L, 0x01000204L, 0x00000204L, 0x01004000L,
-+0x00000004L, 0x01004200L, 0x01004000L, 0x00000204L,
-+0x01000204L, 0x00004000L, 0x00004004L, 0x01004204L,
-+0x00000000L, 0x01000200L, 0x01000004L, 0x00004200L,
-+0x01004004L, 0x00004204L, 0x01004200L, 0x00000004L,
-+0x00004204L, 0x01004004L, 0x00000200L, 0x01000000L,
-+0x00004204L, 0x01004000L, 0x01004004L, 0x00000204L,
-+0x00004000L, 0x00000200L, 0x01000000L, 0x01004004L,
-+0x01000204L, 0x00004204L, 0x00004200L, 0x00000000L,
-+0x00000200L, 0x01000004L, 0x00000004L, 0x01000200L,
-+0x00000000L, 0x01000204L, 0x01000200L, 0x00004200L,
-+0x00000204L, 0x00004000L, 0x01004204L, 0x01000000L,
-+0x01004200L, 0x00000004L, 0x00004004L, 0x01004204L,
-+0x01000004L, 0x01004200L, 0x01004000L, 0x00004004L,
-+},{
-+/* nibble 7 */
-+0x20800080L, 0x20820000L, 0x00020080L, 0x00000000L,
-+0x20020000L, 0x00800080L, 0x20800000L, 0x20820080L,
-+0x00000080L, 0x20000000L, 0x00820000L, 0x00020080L,
-+0x00820080L, 0x20020080L, 0x20000080L, 0x20800000L,
-+0x00020000L, 0x00820080L, 0x00800080L, 0x20020000L,
-+0x20820080L, 0x20000080L, 0x00000000L, 0x00820000L,
-+0x20000000L, 0x00800000L, 0x20020080L, 0x20800080L,
-+0x00800000L, 0x00020000L, 0x20820000L, 0x00000080L,
-+0x00800000L, 0x00020000L, 0x20000080L, 0x20820080L,
-+0x00020080L, 0x20000000L, 0x00000000L, 0x00820000L,
-+0x20800080L, 0x20020080L, 0x20020000L, 0x00800080L,
-+0x20820000L, 0x00000080L, 0x00800080L, 0x20020000L,
-+0x20820080L, 0x00800000L, 0x20800000L, 0x20000080L,
-+0x00820000L, 0x00020080L, 0x20020080L, 0x20800000L,
-+0x00000080L, 0x20820000L, 0x00820080L, 0x00000000L,
-+0x20000000L, 0x20800080L, 0x00020000L, 0x00820080L,
-+}};
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/mast.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,33 @@
-+struct mast_callbacks {
-+ int (*packet_encap)(struct device *mast, void *context,
-+ struct sk_buff *skb, int flowref);
-+ int (*link_inquire)(struct device *mast, void *context);
-+};
-+
-+
-+struct device *mast_init (int family,
-+ struct mast_callbacks *callbacks,
-+ unsigned int flags,
-+ unsigned int desired_unit,
-+ unsigned int max_flowref,
-+ void *context);
-+
-+int mast_destroy(struct device *mast);
-+
-+int mast_recv(struct device *mast, struct sk_buff *skb, int flowref);
-+
-+/* free this skb as being useless, increment failure count. */
-+int mast_toast(struct device *mast, struct sk_buff *skb, int flowref);
-+
-+int mast_linkstat (struct device *mast, int flowref,
-+ int status);
-+
-+int mast_setreference (struct device *mast,
-+ int defaultSA);
-+
-+int mast_setneighbor (struct device *mast,
-+ struct sockaddr *source,
-+ struct sockaddr *destination,
-+ int flowref);
-+
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,518 @@
-+#ifndef _OPENSWAN_H
-+/*
-+ * header file for FreeS/WAN library functions
-+ * Copyright (C) 1998, 1999, 2000 Henry Spencer.
-+ * Copyright (C) 1999, 2000, 2001 Richard Guy Briggs
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: openswan.h,v 1.93 2005/04/14 20:21:51 mcr Exp $
-+ */
-+#define _OPENSWAN_H /* seen it, no need to see it again */
-+
-+/* you'd think this should be builtin to compiler... */
-+#ifndef TRUE
-+#define TRUE 1
-+#endif
-+
-+#ifndef FALSE
-+#define FALSE 0
-+#endif
-+
-+
-+
-+/*
-+ * We've just got to have some datatypes defined... And annoyingly, just
-+ * where we get them depends on whether we're in userland or not.
-+ */
-+/* things that need to come from one place or the other, depending */
-+#ifdef __KERNEL__
-+#include <linux/types.h>
-+#include <linux/socket.h>
-+#include <linux/in.h>
-+#include <linux/string.h>
-+#include <linux/ctype.h>
-+#define user_assert(foo) /*nothing*/
-+#else
-+#include <sys/types.h>
-+#include <netinet/in.h>
-+#include <string.h>
-+#include <ctype.h>
-+#include <assert.h>
-+#define user_assert(foo) assert(foo)
-+#include <stdio.h>
-+
-+# define uint8_t u_int8_t
-+# define uint16_t u_int16_t
-+# define uint32_t u_int32_t
-+# define uint64_t u_int64_t
-+
-+
-+# define DEBUG_NO_STATIC static
-+
-+#endif
-+
-+#include <openswan/ipsec_param.h>
-+
-+
-+/*
-+ * Grab the kernel version to see if we have NET_21, and therefore
-+ * IPv6. Some of this is repeated from ipsec_kversions.h. Of course,
-+ * we aren't really testing if the kernel has IPv6, but rather if the
-+ * the include files do.
-+ */
-+#include <linux/version.h>
-+#ifndef KERNEL_VERSION
-+#define KERNEL_VERSION(x,y,z) (((x)<<16)+((y)<<8)+(z))
-+#endif
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,1,0)
-+#define NET_21
-+#endif
-+
-+#ifndef IPPROTO_COMP
-+# define IPPROTO_COMP 108
-+#endif /* !IPPROTO_COMP */
-+
-+#ifndef IPPROTO_INT
-+# define IPPROTO_INT 61
-+#endif /* !IPPROTO_INT */
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+#ifndef DEBUG_NO_STATIC
-+# define DEBUG_NO_STATIC
-+#endif
-+#else /* CONFIG_KLIPS_DEBUG */
-+#ifndef DEBUG_NO_STATIC
-+# define DEBUG_NO_STATIC static
-+#endif
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+#if !defined(ESPINUDP_WITH_NON_IKE)
-+#define ESPINUDP_WITH_NON_IKE 1 /* draft-ietf-ipsec-nat-t-ike-00/01 */
-+#define ESPINUDP_WITH_NON_ESP 2 /* draft-ietf-ipsec-nat-t-ike-02 */
-+#endif
-+
-+/*
-+ * Basic data types for the address-handling functions.
-+ * ip_address and ip_subnet are supposed to be opaque types; do not
-+ * use their definitions directly, they are subject to change!
-+ */
-+
-+/* first, some quick fakes in case we're on an old system with no IPv6 */
-+#ifndef s6_addr16
-+struct in6_addr {
-+ union
-+ {
-+ __u8 u6_addr8[16];
-+ __u16 u6_addr16[8];
-+ __u32 u6_addr32[4];
-+ } in6_u;
-+#define s6_addr in6_u.u6_addr8
-+#define s6_addr16 in6_u.u6_addr16
-+#define s6_addr32 in6_u.u6_addr32
-+};
-+struct sockaddr_in6 {
-+ unsigned short int sin6_family; /* AF_INET6 */
-+ __u16 sin6_port; /* Transport layer port # */
-+ __u32 sin6_flowinfo; /* IPv6 flow information */
-+ struct in6_addr sin6_addr; /* IPv6 address */
-+ __u32 sin6_scope_id; /* scope id (new in RFC2553) */
-+};
-+#endif /* !s6_addr16 */
-+
-+/* then the main types */
-+typedef struct {
-+ union {
-+ struct sockaddr_in v4;
-+ struct sockaddr_in6 v6;
-+ } u;
-+} ip_address;
-+typedef struct {
-+ ip_address addr;
-+ int maskbits;
-+} ip_subnet;
-+
-+/* and the SA ID stuff */
-+#ifdef __KERNEL__
-+typedef __u32 ipsec_spi_t;
-+#else
-+typedef u_int32_t ipsec_spi_t;
-+#endif
-+typedef struct { /* to identify an SA, we need: */
-+ ip_address dst; /* A. destination host */
-+ ipsec_spi_t spi; /* B. 32-bit SPI, assigned by dest. host */
-+# define SPI_PASS 256 /* magic values... */
-+# define SPI_DROP 257 /* ...for use... */
-+# define SPI_REJECT 258 /* ...with SA_INT */
-+# define SPI_HOLD 259
-+# define SPI_TRAP 260
-+# define SPI_TRAPSUBNET 261
-+ int proto; /* C. protocol */
-+# define SA_ESP 50 /* IPPROTO_ESP */
-+# define SA_AH 51 /* IPPROTO_AH */
-+# define SA_IPIP 4 /* IPPROTO_IPIP */
-+# define SA_COMP 108 /* IPPROTO_COMP */
-+# define SA_INT 61 /* IANA reserved for internal use */
-+} ip_said;
-+
-+/* misc */
-+typedef const char *err_t; /* error message, or NULL for success */
-+struct prng { /* pseudo-random-number-generator guts */
-+ unsigned char sbox[256];
-+ int i, j;
-+ unsigned long count;
-+};
-+
-+
-+/*
-+ * definitions for user space, taken from freeswan/ipsec_sa.h
-+ */
-+typedef uint32_t IPsecSAref_t;
-+
-+#define IPSEC_SA_REF_FIELD_WIDTH (8 * sizeof(IPsecSAref_t))
-+
-+#define IPsecSAref2NFmark(x) ((x) << (IPSEC_SA_REF_FIELD_WIDTH - IPSEC_SA_REF_TABLE_IDX_WIDTH))
-+#define NFmark2IPsecSAref(x) ((x) >> (IPSEC_SA_REF_FIELD_WIDTH - IPSEC_SA_REF_TABLE_IDX_WIDTH))
-+
-+#define IPSEC_SAREF_NULL (~((IPsecSAref_t)0))
-+
-+/* GCC magic for use in function definitions! */
-+#ifdef GCC_LINT
-+# define PRINTF_LIKE(n) __attribute__ ((format(printf, n, n+1)))
-+# define NEVER_RETURNS __attribute__ ((noreturn))
-+# define UNUSED __attribute__ ((unused))
-+# define BLANK_FORMAT " " /* GCC_LINT whines about empty formats */
-+#else
-+# define PRINTF_LIKE(n) /* ignore */
-+# define NEVER_RETURNS /* ignore */
-+# define UNUSED /* ignore */
-+# define BLANK_FORMAT ""
-+#endif
-+
-+
-+
-+
-+
-+/*
-+ * new IPv6-compatible functions
-+ */
-+
-+/* text conversions */
-+err_t ttoul(const char *src, size_t srclen, int format, unsigned long *dst);
-+size_t ultot(unsigned long src, int format, char *buf, size_t buflen);
-+#define ULTOT_BUF (22+1) /* holds 64 bits in octal */
-+err_t ttoaddr(const char *src, size_t srclen, int af, ip_address *dst);
-+err_t tnatoaddr(const char *src, size_t srclen, int af, ip_address *dst);
-+size_t addrtot(const ip_address *src, int format, char *buf, size_t buflen);
-+/* RFC 1886 old IPv6 reverse-lookup format is the bulkiest */
-+#define ADDRTOT_BUF (32*2 + 3 + 1 + 3 + 1 + 1)
-+err_t ttosubnet(const char *src, size_t srclen, int af, ip_subnet *dst);
-+size_t subnettot(const ip_subnet *src, int format, char *buf, size_t buflen);
-+#define SUBNETTOT_BUF (ADDRTOT_BUF + 1 + 3)
-+size_t subnetporttot(const ip_subnet *src, int format, char *buf, size_t buflen);
-+#define SUBNETPROTOTOT_BUF (SUBNETTOTO_BUF + ULTOT_BUF)
-+err_t ttosa(const char *src, size_t srclen, ip_said *dst);
-+size_t satot(const ip_said *src, int format, char *bufptr, size_t buflen);
-+#define SATOT_BUF (5 + ULTOA_BUF + 1 + ADDRTOT_BUF)
-+err_t ttodata(const char *src, size_t srclen, int base, char *buf,
-+ size_t buflen, size_t *needed);
-+err_t ttodatav(const char *src, size_t srclen, int base,
-+ char *buf, size_t buflen, size_t *needed,
-+ char *errp, size_t errlen, unsigned int flags);
-+#define TTODATAV_BUF 40 /* ttodatav's largest non-literal message */
-+#define TTODATAV_IGNORESPACE (1<<1) /* ignore spaces in base64 encodings*/
-+#define TTODATAV_SPACECOUNTS 0 /* do not ignore spaces in base64 */
-+
-+size_t datatot(const char *src, size_t srclen, int format, char *buf,
-+ size_t buflen);
-+size_t keyblobtoid(const unsigned char *src, size_t srclen, char *dst,
-+ size_t dstlen);
-+size_t splitkeytoid(const unsigned char *e, size_t elen, const unsigned char *m,
-+ size_t mlen, char *dst, size_t dstlen);
-+#define KEYID_BUF 10 /* up to 9 text digits plus NUL */
-+err_t ttoprotoport(char *src, size_t src_len, u_int8_t *proto, u_int16_t *port,
-+ int *has_port_wildcard);
-+
-+/* initializations */
-+void initsaid(const ip_address *addr, ipsec_spi_t spi, int proto, ip_said *dst);
-+err_t loopbackaddr(int af, ip_address *dst);
-+err_t unspecaddr(int af, ip_address *dst);
-+err_t anyaddr(int af, ip_address *dst);
-+err_t initaddr(const unsigned char *src, size_t srclen, int af, ip_address *dst);
-+err_t initsubnet(const ip_address *addr, int maskbits, int clash, ip_subnet *dst);
-+err_t addrtosubnet(const ip_address *addr, ip_subnet *dst);
-+
-+/* misc. conversions and related */
-+err_t rangetosubnet(const ip_address *from, const ip_address *to, ip_subnet *dst);
-+int addrtypeof(const ip_address *src);
-+int subnettypeof(const ip_subnet *src);
-+size_t addrlenof(const ip_address *src);
-+size_t addrbytesptr(const ip_address *src, const unsigned char **dst);
-+size_t addrbytesof(const ip_address *src, unsigned char *dst, size_t dstlen);
-+int masktocount(const ip_address *src);
-+void networkof(const ip_subnet *src, ip_address *dst);
-+void maskof(const ip_subnet *src, ip_address *dst);
-+
-+/* tests */
-+int sameaddr(const ip_address *a, const ip_address *b);
-+int addrcmp(const ip_address *a, const ip_address *b);
-+int samesubnet(const ip_subnet *a, const ip_subnet *b);
-+int addrinsubnet(const ip_address *a, const ip_subnet *s);
-+int subnetinsubnet(const ip_subnet *a, const ip_subnet *b);
-+int subnetishost(const ip_subnet *s);
-+int samesaid(const ip_said *a, const ip_said *b);
-+int sameaddrtype(const ip_address *a, const ip_address *b);
-+int samesubnettype(const ip_subnet *a, const ip_subnet *b);
-+int isanyaddr(const ip_address *src);
-+int isunspecaddr(const ip_address *src);
-+int isloopbackaddr(const ip_address *src);
-+
-+/* low-level grot */
-+int portof(const ip_address *src);
-+void setportof(int port, ip_address *dst);
-+struct sockaddr *sockaddrof(ip_address *src);
-+size_t sockaddrlenof(const ip_address *src);
-+
-+/* PRNG */
-+void prng_init(struct prng *prng, const unsigned char *key, size_t keylen);
-+void prng_bytes(struct prng *prng, unsigned char *dst, size_t dstlen);
-+unsigned long prng_count(struct prng *prng);
-+void prng_final(struct prng *prng);
-+
-+/* odds and ends */
-+const char *ipsec_version_code(void);
-+const char *ipsec_version_string(void);
-+const char **ipsec_copyright_notice(void);
-+
-+const char *dns_string_rr(int rr, char *buf, int bufsize);
-+const char *dns_string_datetime(time_t seconds,
-+ char *buf,
-+ int bufsize);
-+
-+
-+/*
-+ * old functions, to be deleted eventually
-+ */
-+
-+/* unsigned long */
-+const char * /* NULL for success, else string literal */
-+atoul(
-+ const char *src,
-+ size_t srclen, /* 0 means strlen(src) */
-+ int base, /* 0 means figure it out */
-+ unsigned long *resultp
-+);
-+size_t /* space needed for full conversion */
-+ultoa(
-+ unsigned long n,
-+ int base,
-+ char *dst,
-+ size_t dstlen
-+);
-+#define ULTOA_BUF 21 /* just large enough for largest result, */
-+ /* assuming 64-bit unsigned long! */
-+
-+/* Internet addresses */
-+const char * /* NULL for success, else string literal */
-+atoaddr(
-+ const char *src,
-+ size_t srclen, /* 0 means strlen(src) */
-+ struct in_addr *addr
-+);
-+size_t /* space needed for full conversion */
-+addrtoa(
-+ struct in_addr addr,
-+ int format, /* character; 0 means default */
-+ char *dst,
-+ size_t dstlen
-+);
-+#define ADDRTOA_BUF 16 /* just large enough for largest result */
-+
-+/* subnets */
-+const char * /* NULL for success, else string literal */
-+atosubnet(
-+ const char *src,
-+ size_t srclen, /* 0 means strlen(src) */
-+ struct in_addr *addr,
-+ struct in_addr *mask
-+);
-+size_t /* space needed for full conversion */
-+subnettoa(
-+ struct in_addr addr,
-+ struct in_addr mask,
-+ int format, /* character; 0 means default */
-+ char *dst,
-+ size_t dstlen
-+);
-+#define SUBNETTOA_BUF 32 /* large enough for worst case result */
-+
-+/* ranges */
-+const char * /* NULL for success, else string literal */
-+atoasr(
-+ const char *src,
-+ size_t srclen, /* 0 means strlen(src) */
-+ char *type, /* 'a', 's', 'r' */
-+ struct in_addr *addrs /* two-element array */
-+);
-+size_t /* space needed for full conversion */
-+rangetoa(
-+ struct in_addr *addrs, /* two-element array */
-+ int format, /* character; 0 means default */
-+ char *dst,
-+ size_t dstlen
-+);
-+#define RANGETOA_BUF 34 /* large enough for worst case result */
-+
-+/* data types for SA conversion functions */
-+
-+/* generic data, e.g. keys */
-+const char * /* NULL for success, else string literal */
-+atobytes(
-+ const char *src,
-+ size_t srclen, /* 0 means strlen(src) */
-+ char *dst,
-+ size_t dstlen,
-+ size_t *lenp /* NULL means don't bother telling me */
-+);
-+size_t /* 0 failure, else true size */
-+bytestoa(
-+ const char *src,
-+ size_t srclen,
-+ int format, /* character; 0 means default */
-+ char *dst,
-+ size_t dstlen
-+);
-+
-+/* old versions of generic-data functions; deprecated */
-+size_t /* 0 failure, else true size */
-+atodata(
-+ const char *src,
-+ size_t srclen, /* 0 means strlen(src) */
-+ char *dst,
-+ size_t dstlen
-+);
-+size_t /* 0 failure, else true size */
-+datatoa(
-+ const char *src,
-+ size_t srclen,
-+ int format, /* character; 0 means default */
-+ char *dst,
-+ size_t dstlen
-+);
-+
-+/* part extraction and special addresses */
-+struct in_addr
-+subnetof(
-+ struct in_addr addr,
-+ struct in_addr mask
-+);
-+struct in_addr
-+hostof(
-+ struct in_addr addr,
-+ struct in_addr mask
-+);
-+struct in_addr
-+broadcastof(
-+ struct in_addr addr,
-+ struct in_addr mask
-+);
-+
-+/* mask handling */
-+int
-+goodmask(
-+ struct in_addr mask
-+);
-+int
-+masktobits(
-+ struct in_addr mask
-+);
-+struct in_addr
-+bitstomask(
-+ int n
-+);
-+
-+
-+
-+/*
-+ * general utilities
-+ */
-+
-+#ifndef __KERNEL__
-+/* option pickup from files (userland only because of use of FILE) */
-+const char *optionsfrom(const char *filename, int *argcp, char ***argvp,
-+ int optind, FILE *errorreport);
-+
-+/* sanitize a string */
-+extern size_t sanitize_string(char *buf, size_t size);
-+
-+#endif
-+
-+
-+/*
-+ * ENUM of klips debugging values. Not currently used in klips.
-+ * debug flag is actually 32 -bits, but only one bit is ever used,
-+ * so we can actually pack it all into a single 32-bit word.
-+ */
-+enum klips_debug_flags {
-+ KDF_VERBOSE = 0,
-+ KDF_XMIT = 1,
-+ KDF_NETLINK = 2, /* obsolete */
-+ KDF_XFORM = 3,
-+ KDF_EROUTE = 4,
-+ KDF_SPI = 5,
-+ KDF_RADIJ = 6,
-+ KDF_ESP = 7,
-+ KDF_AH = 8, /* obsolete */
-+ KDF_RCV = 9,
-+ KDF_TUNNEL = 10,
-+ KDF_PFKEY = 11,
-+ KDF_COMP = 12
-+};
-+
-+
-+/*
-+ * Debugging levels for pfkey_lib_debug
-+ */
-+#define PF_KEY_DEBUG_PARSE_NONE 0
-+#define PF_KEY_DEBUG_PARSE_PROBLEM 1
-+#define PF_KEY_DEBUG_PARSE_STRUCT 2
-+#define PF_KEY_DEBUG_PARSE_FLOW 4
-+#define PF_KEY_DEBUG_BUILD 8
-+#define PF_KEY_DEBUG_PARSE_MAX 15
-+
-+extern unsigned int pfkey_lib_debug; /* bits selecting what to report */
-+
-+/*
-+ * pluto and lwdnsq need to know the maximum size of the commands to,
-+ * and replies from lwdnsq.
-+ */
-+
-+#define LWDNSQ_CMDBUF_LEN 1024
-+#define LWDNSQ_RESULT_LEN_MAX 4096
-+
-+
-+/* syntax for passthrough SA */
-+#ifndef PASSTHROUGHNAME
-+#define PASSTHROUGHNAME "%passthrough"
-+#define PASSTHROUGH4NAME "%passthrough4"
-+#define PASSTHROUGH6NAME "%passthrough6"
-+#define PASSTHROUGHIS "tun0@0.0.0.0"
-+#define PASSTHROUGH4IS "tun0@0.0.0.0"
-+#define PASSTHROUGH6IS "tun0@::"
-+#define PASSTHROUGHTYPE "tun"
-+#define PASSTHROUGHSPI 0
-+#define PASSTHROUGHDST 0
-+#endif
-+
-+
-+
-+#endif /* _OPENSWAN_H */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipcomp.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,61 @@
-+/*
-+ * IPCOMP zlib interface code.
-+ * Copyright (C) 2000 Svenning Soerensen <svenning@post5.tele.dk>
-+ * Copyright (C) 2000, 2001 Richard Guy Briggs <rgb@conscoop.ottawa.on.ca>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+
-+ RCSID $Id: ipcomp.h,v 1.14 2004/07/10 19:08:41 mcr Exp $
-+
-+ */
-+
-+/* SSS */
-+
-+#ifndef _IPCOMP_H
-+#define _IPCOMP_H
-+
-+/* Prefix all global deflate symbols with "ipcomp_" to avoid collisions with ppp_deflate & ext2comp */
-+#ifndef IPCOMP_PREFIX
-+#define IPCOMP_PREFIX
-+#endif /* IPCOMP_PREFIX */
-+
-+#ifndef IPPROTO_COMP
-+#define IPPROTO_COMP 108
-+#endif /* IPPROTO_COMP */
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+extern int sysctl_ipsec_debug_ipcomp;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+struct ipcomphdr { /* IPCOMP header */
-+ __u8 ipcomp_nh; /* Next header (protocol) */
-+ __u8 ipcomp_flags; /* Reserved, must be 0 */
-+ __u16 ipcomp_cpi; /* Compression Parameter Index */
-+};
-+
-+extern struct inet_protocol comp_protocol;
-+extern int sysctl_ipsec_debug_ipcomp;
-+
-+#define IPCOMP_UNCOMPRESSABLE 0x000000001
-+#define IPCOMP_COMPRESSIONERROR 0x000000002
-+#define IPCOMP_PARMERROR 0x000000004
-+#define IPCOMP_DECOMPRESSIONERROR 0x000000008
-+
-+#define IPCOMP_ADAPT_INITIAL_TRIES 8
-+#define IPCOMP_ADAPT_INITIAL_SKIP 4
-+#define IPCOMP_ADAPT_SUBSEQ_TRIES 2
-+#define IPCOMP_ADAPT_SUBSEQ_SKIP 8
-+
-+/* Function prototypes */
-+struct sk_buff *skb_compress(struct sk_buff *skb, struct ipsec_sa *ips, unsigned int *flags);
-+struct sk_buff *skb_decompress(struct sk_buff *skb, struct ipsec_sa *ips, unsigned int *flags);
-+
-+#endif /* _IPCOMP_H */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_ah.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,200 @@
-+/*
-+ * Authentication Header declarations
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998, 1999, 2000, 2001 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_ah.h,v 1.26 2004/09/13 02:22:10 mcr Exp $
-+ */
-+
-+#include "ipsec_md5h.h"
-+#include "ipsec_sha1.h"
-+
-+#ifndef IPPROTO_AH
-+#define IPPROTO_AH 51
-+#endif /* IPPROTO_AH */
-+
-+#include "ipsec_auth.h"
-+
-+#ifdef __KERNEL__
-+
-+extern struct inet_protocol ah_protocol;
-+
-+struct options;
-+
-+struct ahhdr /* Generic AH header */
-+{
-+ __u8 ah_nh; /* Next header (protocol) */
-+ __u8 ah_hl; /* AH length, in 32-bit words */
-+ __u16 ah_rv; /* reserved, must be 0 */
-+ __u32 ah_spi; /* Security Parameters Index */
-+ __u32 ah_rpl; /* Replay prevention */
-+ __u8 ah_data[AHHMAC_HASHLEN];/* Authentication hash */
-+};
-+#define AH_BASIC_LEN 8 /* basic AH header is 8 bytes, nh,hl,rv,spi
-+ * and the ah_hl, says how many bytes after that
-+ * to cover. */
-+
-+extern struct xform_functions ah_xform_funcs[];
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+extern int debug_ah;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+#endif /* __KERNEL__ */
-+
-+/*
-+ * $Log: ipsec_ah.h,v $
-+ * Revision 1.26 2004/09/13 02:22:10 mcr
-+ * #define inet_protocol if necessary.
-+ *
-+ * Revision 1.25 2004/09/06 18:35:41 mcr
-+ * 2.6.8.1 gets rid of inet_protocol->net_protocol compatibility,
-+ * so adjust for that.
-+ *
-+ * Revision 1.24 2004/07/10 19:08:41 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.23 2004/04/05 19:55:04 mcr
-+ * Moved from linux/include/freeswan/ipsec_ah.h,v
-+ *
-+ * Revision 1.22 2004/04/05 19:41:05 mcr
-+ * merged alg-branch code.
-+ *
-+ * Revision 1.21 2003/12/13 19:10:16 mcr
-+ * refactored rcv and xmit code - same as FS 2.05.
-+ *
-+ * Revision 1.22 2003/12/11 20:14:58 mcr
-+ * refactored the xmit code, to move all encapsulation
-+ * code into protocol functions. Note that all functions
-+ * are essentially done by a single function, which is probably
-+ * wrong.
-+ * the rcv_functions structures are renamed xform_functions.
-+ *
-+ * Revision 1.21 2003/12/06 21:21:19 mcr
-+ * split up receive path into per-transform files, for
-+ * easier later removal.
-+ *
-+ * Revision 1.20.8.1 2003/12/22 15:25:52 jjo
-+ * Merged algo-0.8.1-rc11-test1 into alg-branch
-+ *
-+ * Revision 1.20 2003/02/06 02:21:34 rgb
-+ *
-+ * Moved "struct auth_alg" from ipsec_rcv.c to ipsec_ah.h .
-+ * Changed "struct ah" to "struct ahhdr" and "struct esp" to "struct esphdr".
-+ * Removed "#ifdef INBOUND_POLICY_CHECK_eroute" dead code.
-+ *
-+ * Revision 1.19 2002/09/16 21:19:13 mcr
-+ * fixes for west-ah-icmp-01 - length of AH header must be
-+ * calculated properly, and next_header field properly copied.
-+ *
-+ * Revision 1.18 2002/05/14 02:37:02 rgb
-+ * Change reference from _TDB to _IPSA.
-+ *
-+ * Revision 1.17 2002/04/24 07:36:46 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_ah.h,v
-+ *
-+ * Revision 1.16 2002/02/20 01:27:06 rgb
-+ * Ditched a pile of structs only used by the old Netlink interface.
-+ *
-+ * Revision 1.15 2001/12/11 02:35:57 rgb
-+ * Change "struct net_device" to "struct device" for 2.2 compatibility.
-+ *
-+ * Revision 1.14 2001/11/26 09:23:47 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.13.2.1 2001/09/25 02:18:24 mcr
-+ * replace "struct device" with "struct netdevice"
-+ *
-+ * Revision 1.13 2001/06/14 19:35:08 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.12 2000/09/12 03:21:20 rgb
-+ * Cleared out unused htonq.
-+ *
-+ * Revision 1.11 2000/09/08 19:12:55 rgb
-+ * Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
-+ *
-+ * Revision 1.10 2000/01/21 06:13:10 rgb
-+ * Tidied up spacing.
-+ * Added macros for HMAC padding magic numbers.(kravietz)
-+ *
-+ * Revision 1.9 1999/12/07 18:16:23 rgb
-+ * Fixed comments at end of #endif lines.
-+ *
-+ * Revision 1.8 1999/04/11 00:28:56 henry
-+ * GPL boilerplate
-+ *
-+ * Revision 1.7 1999/04/06 04:54:25 rgb
-+ * Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+ * patch shell fixes.
-+ *
-+ * Revision 1.6 1999/01/26 02:06:01 rgb
-+ * Removed CONFIG_IPSEC_ALGO_SWITCH macro.
-+ *
-+ * Revision 1.5 1999/01/22 06:17:49 rgb
-+ * Updated macro comments.
-+ * Added context types to support algorithm switch code.
-+ * 64-bit clean-up -- converting 'u long long' to __u64.
-+ *
-+ * Revision 1.4 1998/07/14 15:54:56 rgb
-+ * Add #ifdef __KERNEL__ to protect kernel-only structures.
-+ *
-+ * Revision 1.3 1998/06/30 18:05:16 rgb
-+ * Comment out references to htonq.
-+ *
-+ * Revision 1.2 1998/06/25 19:33:46 rgb
-+ * Add prototype for protocol receive function.
-+ * Rearrange for more logical layout.
-+ *
-+ * Revision 1.1 1998/06/18 21:27:43 henry
-+ * move sources from klips/src to klips/net/ipsec, to keep stupid
-+ * kernel-build scripts happier in the presence of symlinks
-+ *
-+ * Revision 1.4 1998/05/18 22:28:43 rgb
-+ * Disable key printing facilities from /proc/net/ipsec_*.
-+ *
-+ * Revision 1.3 1998/04/21 21:29:07 rgb
-+ * Rearrange debug switches to change on the fly debug output from user
-+ * space. Only kernel changes checked in at this time. radij.c was also
-+ * changed to temporarily remove buggy debugging code in rj_delete causing
-+ * an OOPS and hence, netlink device open errors.
-+ *
-+ * Revision 1.2 1998/04/12 22:03:17 rgb
-+ * Updated ESP-3DES-HMAC-MD5-96,
-+ * ESP-DES-HMAC-MD5-96,
-+ * AH-HMAC-MD5-96,
-+ * AH-HMAC-SHA1-96 since Henry started freeswan cvs repository
-+ * from old standards (RFC182[5-9] to new (as of March 1998) drafts.
-+ *
-+ * Fixed eroute references in /proc/net/ipsec*.
-+ *
-+ * Started to patch module unloading memory leaks in ipsec_netlink and
-+ * radij tree unloading.
-+ *
-+ * Revision 1.1 1998/04/09 03:05:55 henry
-+ * sources moved up from linux/net/ipsec
-+ *
-+ * Revision 1.1.1.1 1998/04/08 05:35:02 henry
-+ * RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
-+ *
-+ * Revision 0.4 1997/01/15 01:28:15 ji
-+ * Added definitions for new AH transforms.
-+ *
-+ * Revision 0.3 1996/11/20 14:35:48 ji
-+ * Minor Cleanup.
-+ * Rationalized debugging code.
-+ *
-+ * Revision 0.2 1996/11/02 00:18:33 ji
-+ * First limited release.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_alg.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,248 @@
-+/*
-+ * Modular extensions service and registration functions interface
-+ *
-+ * Author: JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar>
-+ *
-+ * ipsec_alg.h,v 1.1.2.1 2003/11/21 18:12:23 jjo Exp
-+ *
-+ */
-+/*
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ */
-+#ifndef IPSEC_ALG_H
-+#define IPSEC_ALG_H
-+
-+/*
-+ * gcc >= 3.2 has removed __FUNCTION__, replaced by C99 __func__
-+ * *BUT* its a compiler variable.
-+ */
-+#if (__GNUC__ >= 3)
-+#ifndef __FUNCTION__
-+#define __FUNCTION__ __func__
-+#endif
-+#endif
-+
-+/* Version 0.8.1-0 */
-+#define IPSEC_ALG_VERSION 0x00080100
-+
-+#include <linux/types.h>
-+#include <linux/list.h>
-+#include <asm/atomic.h>
-+#include <pfkey.h>
-+
-+/*
-+ * The following structs are used via pointers in ipsec_alg object to
-+ * avoid ipsec_alg.h coupling with freeswan headers, thus simplifying
-+ * module development
-+ */
-+struct ipsec_sa;
-+struct esp;
-+
-+/**************************************
-+ *
-+ * Main registration object
-+ *
-+ *************************************/
-+#define IPSEC_ALG_VERSION_QUAD(v) \
-+ (v>>24),((v>>16)&0xff),((v>>8)&0xff),(v&0xff)
-+/*
-+ * Main ipsec_alg objects: "OOPrograming wannabe"
-+ * Hierachy (carefully handled with _minimal_ cast'ing):
-+ *
-+ * ipsec_alg+
-+ * +->ipsec_alg_enc (ixt_alg_type=SADB_EXT_SUPPORTED_ENCRYPT)
-+ * +->ipsec_alg_auth (ixt_alg_type=SADB_EXT_SUPPORTED_AUTH)
-+ */
-+
-+/***************************************************************
-+ *
-+ * INTERFACE object: struct ipsec_alg
-+ *
-+ ***************************************************************/
-+
-+#define ixt_alg_type ixt_support.ias_exttype
-+#define ixt_alg_id ixt_support.ias_id
-+
-+#define IPSEC_ALG_ST_SUPP 0x01
-+#define IPSEC_ALG_ST_REGISTERED 0x02
-+#define IPSEC_ALG_ST_EXCL 0x04
-+struct ipsec_alg {
-+ unsigned ixt_version; /* only allow this version (or 'near')*/ \
-+ struct list_head ixt_list; /* dlinked list */ \
-+ struct module *ixt_module; /* THIS_MODULE */ \
-+ unsigned ixt_state; /* state flags */ \
-+ atomic_t ixt_refcnt; /* ref. count when pointed from ipsec_sa */ \
-+ char ixt_name[16]; /* descriptive short name, eg. "3des" */ \
-+ void *ixt_data; /* private for algo implementation */ \
-+ uint8_t ixt_blocksize; /* blocksize in bytes */ \
-+
-+ struct ipsec_alg_supported ixt_support;
-+};
-+/*
-+ * Note the const in cbc_encrypt IV arg:
-+ * some ciphers like to toast passed IV (eg. 3DES): make a local IV copy
-+ */
-+struct ipsec_alg_enc {
-+ struct ipsec_alg ixt_common;
-+ unsigned ixt_e_keylen; /* raw key length in bytes */
-+ unsigned ixt_e_ctx_size; /* sa_p->key_e_size */
-+ int (*ixt_e_set_key)(struct ipsec_alg_enc *alg, __u8 *key_e, const __u8 *key, size_t keysize);
-+ __u8 *(*ixt_e_new_key)(struct ipsec_alg_enc *alg, const __u8 *key, size_t keysize);
-+ void (*ixt_e_destroy_key)(struct ipsec_alg_enc *alg, __u8 *key_e);
-+ int (*ixt_e_cbc_encrypt)(struct ipsec_alg_enc *alg, __u8 *key_e, __u8 *in, int ilen, const __u8 *iv, int encrypt);
-+};
-+struct ipsec_alg_auth {
-+ struct ipsec_alg ixt_common;
-+ unsigned ixt_a_keylen; /* raw key length in bytes */
-+ unsigned ixt_a_ctx_size; /* sa_p->key_a_size */
-+ unsigned ixt_a_authlen; /* 'natural' auth. hash len (bytes) */
-+ int (*ixt_a_hmac_set_key)(struct ipsec_alg_auth *alg, __u8 *key_a, const __u8 *key, int keylen);
-+ int (*ixt_a_hmac_hash)(struct ipsec_alg_auth *alg, __u8 *key_a, const __u8 *dat, int len, __u8 *hash, int hashlen);
-+};
-+/*
-+ * These are _copies_ of SADB_EXT_SUPPORTED_{AUTH,ENCRYPT},
-+ * to avoid header coupling for true constants
-+ * about headers ... "cp is your friend" --Linus
-+ */
-+#define IPSEC_ALG_TYPE_AUTH 14
-+#define IPSEC_ALG_TYPE_ENCRYPT 15
-+
-+/***************************************************************
-+ *
-+ * INTERFACE for module loading,testing, and unloading
-+ *
-+ ***************************************************************/
-+/* - registration calls */
-+int register_ipsec_alg(struct ipsec_alg *);
-+int unregister_ipsec_alg(struct ipsec_alg *);
-+/* - optional (simple test) for algos */
-+int ipsec_alg_test(unsigned alg_type, unsigned alg_id, int testparm);
-+/* inline wrappers (usefull for type validation */
-+static inline int register_ipsec_alg_enc(struct ipsec_alg_enc *ixt) {
-+ return register_ipsec_alg((struct ipsec_alg*)ixt);
-+}
-+static inline int unregister_ipsec_alg_enc(struct ipsec_alg_enc *ixt) {
-+ return unregister_ipsec_alg((struct ipsec_alg*)ixt);
-+}
-+static inline int register_ipsec_alg_auth(struct ipsec_alg_auth *ixt) {
-+ return register_ipsec_alg((struct ipsec_alg*)ixt);
-+}
-+static inline int unregister_ipsec_alg_auth(struct ipsec_alg_auth *ixt) {
-+ return unregister_ipsec_alg((struct ipsec_alg*)ixt);
-+}
-+
-+/*****************************************************************
-+ *
-+ * INTERFACE for ENC services: key creation, encrypt function
-+ *
-+ *****************************************************************/
-+
-+#define IPSEC_ALG_ENCRYPT 1
-+#define IPSEC_ALG_DECRYPT 0
-+
-+/* encryption key context creation function */
-+int ipsec_alg_enc_key_create(struct ipsec_sa *sa_p);
-+/*
-+ * ipsec_alg_esp_encrypt(): encrypt ilen bytes in idat returns
-+ * 0 or ERR<0
-+ */
-+int ipsec_alg_esp_encrypt(struct ipsec_sa *sa_p, __u8 *idat, int ilen, const __u8 *iv, int action);
-+
-+/***************************************************************
-+ *
-+ * INTERFACE for AUTH services: key creation, hash functions
-+ *
-+ ***************************************************************/
-+int ipsec_alg_auth_key_create(struct ipsec_sa *sa_p);
-+int ipsec_alg_sa_esp_hash(const struct ipsec_sa *sa_p, const __u8 *espp, int len, __u8 *hash, int hashlen) ;
-+#define ipsec_alg_sa_esp_update(c,k,l) ipsec_alg_sa_esp_hash(c,k,l,NULL,0)
-+
-+/* only called from ipsec_init.c */
-+int ipsec_alg_init(void);
-+
-+/* algo module glue for static algos */
-+void ipsec_alg_static_init(void);
-+typedef int (*ipsec_alg_init_func_t) (void);
-+
-+/**********************************************
-+ *
-+ * INTERFACE for ipsec_sa init and wipe
-+ *
-+ **********************************************/
-+
-+/* returns true if ipsec_sa has ipsec_alg obj attached */
-+/*
-+ * Initializes ipsec_sa's ipsec_alg object, using already loaded
-+ * proto, authalg, encalg.; links ipsec_alg objects (enc, auth)
-+ */
-+int ipsec_alg_sa_init(struct ipsec_sa *sa_p);
-+/*
-+ * Destroys ipsec_sa's ipsec_alg object
-+ * unlinking ipsec_alg objects
-+ */
-+int ipsec_alg_sa_wipe(struct ipsec_sa *sa_p);
-+
-+#define IPSEC_ALG_MODULE_INIT_MOD( func_name ) \
-+ static int func_name(void); \
-+ module_init(func_name); \
-+ static int __init func_name(void)
-+#define IPSEC_ALG_MODULE_EXIT_MOD( func_name ) \
-+ static void func_name(void); \
-+ module_exit(func_name); \
-+ static void __exit func_name(void)
-+
-+#define IPSEC_ALG_MODULE_INIT_STATIC( func_name ) \
-+ extern int func_name(void); \
-+ int func_name(void)
-+#define IPSEC_ALG_MODULE_EXIT_STATIC( func_name ) \
-+ extern void func_name(void); \
-+ void func_name(void)
-+
-+/**********************************************
-+ *
-+ * 2.2 backport for some 2.4 useful module stuff
-+ *
-+ **********************************************/
-+#ifdef MODULE
-+#ifndef THIS_MODULE
-+#define THIS_MODULE (&__this_module)
-+#endif
-+#ifndef module_init
-+typedef int (*__init_module_func_t)(void);
-+typedef void (*__cleanup_module_func_t)(void);
-+
-+#define module_init(x) \
-+ int init_module(void) __attribute__((alias(#x))); \
-+ static inline __init_module_func_t __init_module_inline(void) \
-+ { return x; }
-+#define module_exit(x) \
-+ void cleanup_module(void) __attribute__((alias(#x))); \
-+ static inline __cleanup_module_func_t __cleanup_module_inline(void) \
-+ { return x; }
-+#endif
-+#define IPSEC_ALG_MODULE_INIT( func_name ) IPSEC_ALG_MODULE_INIT_MOD( func_name )
-+#define IPSEC_ALG_MODULE_EXIT( func_name ) IPSEC_ALG_MODULE_EXIT_MOD( func_name )
-+
-+#else /* not MODULE */
-+#ifndef THIS_MODULE
-+#define THIS_MODULE NULL
-+#endif
-+/*
-+ * I only want module_init() magic
-+ * when algo.c file *is THE MODULE*, in all other
-+ * cases, initialization is called explicitely from ipsec_alg_init()
-+ */
-+#define IPSEC_ALG_MODULE_INIT( func_name ) IPSEC_ALG_MODULE_INIT_STATIC(func_name)
-+#define IPSEC_ALG_MODULE_EXIT( func_name ) IPSEC_ALG_MODULE_EXIT_STATIC(func_name)
-+#endif
-+
-+#endif /* IPSEC_ALG_H */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_alg_3des.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,12 @@
-+struct TripleDES_context {
-+ des_key_schedule s1;
-+ des_key_schedule s2;
-+ des_key_schedule s3;
-+};
-+typedef struct TripleDES_context TripleDES_context;
-+
-+#define ESP_3DES_KEY_SZ 3*(sizeof(des_cblock))
-+#define ESP_3DES_CBC_BLK_LEN 8
-+
-+
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_auth.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,100 @@
-+/*
-+ * Authentication Header declarations
-+ * Copyright (C) 2003 Michael Richardson <mcr@sandelman.ottawa.on.ca>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_auth.h,v 1.3 2004/04/06 02:49:08 mcr Exp $
-+ */
-+
-+#include "ipsec_md5h.h"
-+#include "ipsec_sha1.h"
-+
-+#ifndef IPSEC_AUTH_H
-+#define IPSEC_AUTH_H
-+
-+#define AH_FLENGTH 12 /* size of fixed part */
-+#define AHMD5_KMAX 64 /* MD5 max 512 bits key */
-+#define AHMD5_AMAX 12 /* MD5 96 bits of authenticator */
-+
-+#define AHMD596_KLEN 16 /* MD5 128 bits key */
-+#define AHSHA196_KLEN 20 /* SHA1 160 bits key */
-+
-+#define AHMD596_ALEN 16 /* MD5 128 bits authentication length */
-+#define AHSHA196_ALEN 20 /* SHA1 160 bits authentication length */
-+
-+#define AHMD596_BLKLEN 64 /* MD5 block length */
-+#define AHSHA196_BLKLEN 64 /* SHA1 block length */
-+#define AHSHA2_256_BLKLEN 64 /* SHA2-256 block length */
-+#define AHSHA2_384_BLKLEN 128 /* SHA2-384 block length (?) */
-+#define AHSHA2_512_BLKLEN 128 /* SHA2-512 block length */
-+
-+#define AH_BLKLEN_MAX 128 /* keep up to date! */
-+
-+
-+#define AH_AMAX AHSHA196_ALEN /* keep up to date! */
-+#define AHHMAC_HASHLEN 12 /* authenticator length of 96bits */
-+#define AHHMAC_RPLLEN 4 /* 32 bit replay counter */
-+
-+#define DB_AH_PKTRX 0x0001
-+#define DB_AH_PKTRX2 0x0002
-+#define DB_AH_DMP 0x0004
-+#define DB_AH_IPSA 0x0010
-+#define DB_AH_XF 0x0020
-+#define DB_AH_INAU 0x0040
-+#define DB_AH_REPLAY 0x0100
-+
-+#ifdef __KERNEL__
-+
-+/* General HMAC algorithm is described in RFC 2104 */
-+
-+#define HMAC_IPAD 0x36
-+#define HMAC_OPAD 0x5C
-+
-+struct md5_ctx {
-+ MD5_CTX ictx; /* context after H(K XOR ipad) */
-+ MD5_CTX octx; /* context after H(K XOR opad) */
-+};
-+
-+struct sha1_ctx {
-+ SHA1_CTX ictx; /* context after H(K XOR ipad) */
-+ SHA1_CTX octx; /* context after H(K XOR opad) */
-+};
-+
-+struct auth_alg {
-+ void (*init)(void *ctx);
-+ void (*update)(void *ctx, unsigned char *bytes, __u32 len);
-+ void (*final)(unsigned char *hash, void *ctx);
-+ int hashlen;
-+};
-+
-+struct options;
-+
-+#endif /* __KERNEL__ */
-+#endif /* IPSEC_AUTH_H */
-+
-+/*
-+ * $Log: ipsec_auth.h,v $
-+ * Revision 1.3 2004/04/06 02:49:08 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.2 2004/04/05 19:55:04 mcr
-+ * Moved from linux/include/freeswan/ipsec_auth.h,v
-+ *
-+ * Revision 1.1 2003/12/13 19:10:16 mcr
-+ * refactored rcv and xmit code - same as FS 2.05.
-+ *
-+ * Revision 1.1 2003/12/06 21:21:19 mcr
-+ * split up receive path into per-transform files, for
-+ * easier later removal.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_encap.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,149 @@
-+/*
-+ * declarations relevant to encapsulation-like operations
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998, 1999, 2000, 2001 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_encap.h,v 1.19 2004/04/05 19:55:04 mcr Exp $
-+ */
-+
-+#ifndef _IPSEC_ENCAP_H_
-+
-+#define SENT_IP4 16 /* data is two struct in_addr + proto + ports*/
-+ /* (2 * sizeof(struct in_addr)) */
-+ /* sizeof(struct sockaddr_encap)
-+ - offsetof(struct sockaddr_encap, Sen.Sip4.Src) */
-+
-+struct sockaddr_encap
-+{
-+ __u8 sen_len; /* length */
-+ __u8 sen_family; /* AF_ENCAP */
-+ __u16 sen_type; /* see SENT_* */
-+ union
-+ {
-+ struct /* SENT_IP4 */
-+ {
-+ struct in_addr Src;
-+ struct in_addr Dst;
-+ __u8 Proto;
-+ __u16 Sport;
-+ __u16 Dport;
-+ } Sip4;
-+ } Sen;
-+};
-+
-+#define sen_ip_src Sen.Sip4.Src
-+#define sen_ip_dst Sen.Sip4.Dst
-+#define sen_proto Sen.Sip4.Proto
-+#define sen_sport Sen.Sip4.Sport
-+#define sen_dport Sen.Sip4.Dport
-+
-+#ifndef AF_ENCAP
-+#define AF_ENCAP 26
-+#endif /* AF_ENCAP */
-+
-+#define _IPSEC_ENCAP_H_
-+#endif /* _IPSEC_ENCAP_H_ */
-+
-+/*
-+ * $Log: ipsec_encap.h,v $
-+ * Revision 1.19 2004/04/05 19:55:04 mcr
-+ * Moved from linux/include/freeswan/ipsec_encap.h,v
-+ *
-+ * Revision 1.18 2003/10/31 02:27:05 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.17.30.1 2003/09/21 13:59:38 mcr
-+ * pre-liminary X.509 patch - does not yet pass tests.
-+ *
-+ * Revision 1.17 2002/04/24 07:36:46 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_encap.h,v
-+ *
-+ * Revision 1.16 2001/11/26 09:23:47 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.15.2.1 2001/09/25 02:18:54 mcr
-+ * struct eroute moved to ipsec_eroute.h
-+ *
-+ * Revision 1.15 2001/09/14 16:58:36 rgb
-+ * Added support for storing the first and last packets through a HOLD.
-+ *
-+ * Revision 1.14 2001/09/08 21:13:31 rgb
-+ * Added pfkey ident extension support for ISAKMPd. (NetCelo)
-+ *
-+ * Revision 1.13 2001/06/14 19:35:08 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.12 2001/05/27 06:12:10 rgb
-+ * Added structures for pid, packet count and last access time to eroute.
-+ * Added packet count to beginning of /proc/net/ipsec_eroute.
-+ *
-+ * Revision 1.11 2000/09/08 19:12:56 rgb
-+ * Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
-+ *
-+ * Revision 1.10 2000/03/22 16:15:36 rgb
-+ * Fixed renaming of dev_get (MB).
-+ *
-+ * Revision 1.9 2000/01/21 06:13:26 rgb
-+ * Added a macro for AF_ENCAP
-+ *
-+ * Revision 1.8 1999/12/31 14:56:55 rgb
-+ * MB fix for 2.3 dev-use-count.
-+ *
-+ * Revision 1.7 1999/11/18 04:09:18 rgb
-+ * Replaced all kernel version macros to shorter, readable form.
-+ *
-+ * Revision 1.6 1999/09/24 00:34:13 rgb
-+ * Add Marc Boucher's support for 2.3.xx+.
-+ *
-+ * Revision 1.5 1999/04/11 00:28:57 henry
-+ * GPL boilerplate
-+ *
-+ * Revision 1.4 1999/04/06 04:54:25 rgb
-+ * Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+ * patch shell fixes.
-+ *
-+ * Revision 1.3 1998/10/19 14:44:28 rgb
-+ * Added inclusion of freeswan.h.
-+ * sa_id structure implemented and used: now includes protocol.
-+ *
-+ * Revision 1.2 1998/07/14 18:19:33 rgb
-+ * Added #ifdef __KERNEL__ directives to restrict scope of header.
-+ *
-+ * Revision 1.1 1998/06/18 21:27:44 henry
-+ * move sources from klips/src to klips/net/ipsec, to keep stupid
-+ * kernel-build scripts happier in the presence of symlinks
-+ *
-+ * Revision 1.2 1998/04/21 21:29:10 rgb
-+ * Rearrange debug switches to change on the fly debug output from user
-+ * space. Only kernel changes checked in at this time. radij.c was also
-+ * changed to temporarily remove buggy debugging code in rj_delete causing
-+ * an OOPS and hence, netlink device open errors.
-+ *
-+ * Revision 1.1 1998/04/09 03:05:58 henry
-+ * sources moved up from linux/net/ipsec
-+ *
-+ * Revision 1.1.1.1 1998/04/08 05:35:02 henry
-+ * RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
-+ *
-+ * Revision 0.4 1997/01/15 01:28:15 ji
-+ * Minor cosmetic changes.
-+ *
-+ * Revision 0.3 1996/11/20 14:35:48 ji
-+ * Minor Cleanup.
-+ * Rationalized debugging code.
-+ *
-+ * Revision 0.2 1996/11/02 00:18:33 ji
-+ * First limited release.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_eroute.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,112 @@
-+/*
-+ * @(#) declarations of eroute structures
-+ *
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998, 1999, 2000, 2001 Richard Guy Briggs <rgb@freeswan.org>
-+ * Copyright (C) 2001 Michael Richardson <mcr@freeswan.org>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_eroute.h,v 1.5 2004/04/05 19:55:05 mcr Exp $
-+ *
-+ * derived from ipsec_encap.h 1.15 on 2001/9/18 by mcr.
-+ *
-+ */
-+
-+#ifndef _IPSEC_EROUTE_H_
-+
-+#include "radij.h"
-+#include "ipsec_encap.h"
-+#include "ipsec_radij.h"
-+
-+/*
-+ * The "type" is really part of the address as far as the routing
-+ * system is concerned. By using only one bit in the type field
-+ * for each type, we sort-of make sure that different types of
-+ * encapsulation addresses won't be matched against the wrong type.
-+ */
-+
-+/*
-+ * An entry in the radix tree
-+ */
-+
-+struct rjtentry
-+{
-+ struct radij_node rd_nodes[2]; /* tree glue, and other values */
-+#define rd_key(r) ((struct sockaddr_encap *)((r)->rd_nodes->rj_key))
-+#define rd_mask(r) ((struct sockaddr_encap *)((r)->rd_nodes->rj_mask))
-+ short rd_flags;
-+ short rd_count;
-+};
-+
-+struct ident
-+{
-+ __u16 type; /* identity type */
-+ __u64 id; /* identity id */
-+ __u8 len; /* identity len */
-+ caddr_t data; /* identity data */
-+};
-+
-+/*
-+ * An encapsulation route consists of a pointer to a
-+ * radix tree entry and a SAID (a destination_address/SPI/protocol triple).
-+ */
-+
-+struct eroute
-+{
-+ struct rjtentry er_rjt;
-+ ip_said er_said;
-+ uint32_t er_pid;
-+ uint32_t er_count;
-+ uint64_t er_lasttime;
-+ struct sockaddr_encap er_eaddr; /* MCR get rid of _encap, it is silly*/
-+ struct sockaddr_encap er_emask;
-+ struct ident er_ident_s;
-+ struct ident er_ident_d;
-+ struct sk_buff* er_first;
-+ struct sk_buff* er_last;
-+};
-+
-+#define er_dst er_said.dst
-+#define er_spi er_said.spi
-+
-+#define _IPSEC_EROUTE_H_
-+#endif /* _IPSEC_EROUTE_H_ */
-+
-+/*
-+ * $Log: ipsec_eroute.h,v $
-+ * Revision 1.5 2004/04/05 19:55:05 mcr
-+ * Moved from linux/include/freeswan/ipsec_eroute.h,v
-+ *
-+ * Revision 1.4 2003/10/31 02:27:05 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.3.30.2 2003/10/29 01:10:19 mcr
-+ * elimited "struct sa_id"
-+ *
-+ * Revision 1.3.30.1 2003/09/21 13:59:38 mcr
-+ * pre-liminary X.509 patch - does not yet pass tests.
-+ *
-+ * Revision 1.3 2002/04/24 07:36:46 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_eroute.h,v
-+ *
-+ * Revision 1.2 2001/11/26 09:16:13 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.1.2.1 2001/09/25 02:18:54 mcr
-+ * struct eroute moved to ipsec_eroute.h
-+ *
-+ *
-+ * Local variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_errs.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,53 @@
-+/*
-+ * @(#) definition of ipsec_errs structure
-+ *
-+ * Copyright (C) 2001 Richard Guy Briggs <rgb@freeswan.org>
-+ * and Michael Richardson <mcr@freeswan.org>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_errs.h,v 1.4 2004/04/05 19:55:05 mcr Exp $
-+ *
-+ */
-+
-+/*
-+ * This file describes the errors/statistics that FreeSWAN collects.
-+ *
-+ */
-+
-+struct ipsec_errs {
-+ __u32 ips_alg_errs; /* number of algorithm errors */
-+ __u32 ips_auth_errs; /* # of authentication errors */
-+ __u32 ips_encsize_errs; /* # of encryption size errors*/
-+ __u32 ips_encpad_errs; /* # of encryption pad errors*/
-+ __u32 ips_replaywin_errs; /* # of pkt sequence errors */
-+};
-+
-+/*
-+ * $Log: ipsec_errs.h,v $
-+ * Revision 1.4 2004/04/05 19:55:05 mcr
-+ * Moved from linux/include/freeswan/ipsec_errs.h,v
-+ *
-+ * Revision 1.3 2002/04/24 07:36:46 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_errs.h,v
-+ *
-+ * Revision 1.2 2001/11/26 09:16:13 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.1.2.1 2001/09/25 02:25:57 mcr
-+ * lifetime structure created and common functions created.
-+ *
-+ *
-+ * Local variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_esp.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,157 @@
-+/*
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998, 1999, 2000, 2001 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_esp.h,v 1.28 2004/09/13 02:22:10 mcr Exp $
-+ */
-+
-+#include "openswan/ipsec_md5h.h"
-+#include "openswan/ipsec_sha1.h"
-+
-+#include "crypto/des.h"
-+
-+#ifndef IPPROTO_ESP
-+#define IPPROTO_ESP 50
-+#endif /* IPPROTO_ESP */
-+
-+#define ESP_HEADER_LEN 8 /* 64 bits header (spi+rpl)*/
-+
-+#define EMT_ESPDESCBC_ULEN 20 /* coming from user mode */
-+#define EMT_ESPDES_KMAX 64 /* 512 bit secret key enough? */
-+#define EMT_ESPDES_KEY_SZ 8 /* 56 bit secret key with parity = 64 bits */
-+#define EMT_ESP3DES_KEY_SZ 24 /* 168 bit secret key with parity = 192 bits */
-+#define EMT_ESPDES_IV_SZ 8 /* IV size */
-+#define ESP_DESCBC_BLKLEN 8 /* DES-CBC block size */
-+
-+#define ESP_IV_MAXSZ 16 /* This is _critical_ */
-+#define ESP_IV_MAXSZ_INT (ESP_IV_MAXSZ/sizeof(int))
-+
-+#define DB_ES_PKTRX 0x0001
-+#define DB_ES_PKTRX2 0x0002
-+#define DB_ES_IPSA 0x0010
-+#define DB_ES_XF 0x0020
-+#define DB_ES_IPAD 0x0040
-+#define DB_ES_INAU 0x0080
-+#define DB_ES_OINFO 0x0100
-+#define DB_ES_OINFO2 0x0200
-+#define DB_ES_OH 0x0400
-+#define DB_ES_REPLAY 0x0800
-+
-+#ifdef __KERNEL__
-+struct des_eks {
-+ des_key_schedule ks;
-+};
-+
-+extern struct inet_protocol esp_protocol;
-+
-+struct options;
-+
-+struct esphdr
-+{
-+ __u32 esp_spi; /* Security Parameters Index */
-+ __u32 esp_rpl; /* Replay counter */
-+ __u8 esp_iv[8]; /* iv */
-+};
-+
-+extern struct xform_functions esp_xform_funcs[];
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+extern int debug_esp;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+#endif /* __KERNEL__ */
-+
-+/*
-+ * $Log: ipsec_esp.h,v $
-+ * Revision 1.28 2004/09/13 02:22:10 mcr
-+ * #define inet_protocol if necessary.
-+ *
-+ * Revision 1.27 2004/09/06 18:35:41 mcr
-+ * 2.6.8.1 gets rid of inet_protocol->net_protocol compatibility,
-+ * so adjust for that.
-+ *
-+ * Revision 1.26 2004/07/10 19:08:41 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.25 2004/04/06 02:49:08 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.24 2004/04/05 19:55:05 mcr
-+ * Moved from linux/include/freeswan/ipsec_esp.h,v
-+ *
-+ * Revision 1.23 2004/04/05 19:41:05 mcr
-+ * merged alg-branch code.
-+ *
-+ * Revision 1.22 2003/12/13 19:10:16 mcr
-+ * refactored rcv and xmit code - same as FS 2.05.
-+ *
-+ * Revision 1.23 2003/12/11 20:14:58 mcr
-+ * refactored the xmit code, to move all encapsulation
-+ * code into protocol functions. Note that all functions
-+ * are essentially done by a single function, which is probably
-+ * wrong.
-+ * the rcv_functions structures are renamed xform_functions.
-+ *
-+ * Revision 1.22 2003/12/06 21:21:19 mcr
-+ * split up receive path into per-transform files, for
-+ * easier later removal.
-+ *
-+ * Revision 1.21.8.1 2003/12/22 15:25:52 jjo
-+ * Merged algo-0.8.1-rc11-test1 into alg-branch
-+ *
-+ * Revision 1.21 2003/02/06 02:21:34 rgb
-+ *
-+ * Moved "struct auth_alg" from ipsec_rcv.c to ipsec_ah.h .
-+ * Changed "struct ah" to "struct ahhdr" and "struct esp" to "struct esphdr".
-+ * Removed "#ifdef INBOUND_POLICY_CHECK_eroute" dead code.
-+ *
-+ * Revision 1.20 2002/05/14 02:37:02 rgb
-+ * Change reference from _TDB to _IPSA.
-+ *
-+ * Revision 1.19 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.18 2002/04/24 07:36:46 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_esp.h,v
-+ *
-+ * Revision 1.17 2002/02/20 01:27:07 rgb
-+ * Ditched a pile of structs only used by the old Netlink interface.
-+ *
-+ * Revision 1.16 2001/12/11 02:35:57 rgb
-+ * Change "struct net_device" to "struct device" for 2.2 compatibility.
-+ *
-+ * Revision 1.15 2001/11/26 09:23:48 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.14.2.3 2001/10/23 04:16:42 mcr
-+ * get definition of des_key_schedule from des.h
-+ *
-+ * Revision 1.14.2.2 2001/10/22 20:33:13 mcr
-+ * use "des_key_schedule" structure instead of cooking our own.
-+ *
-+ * Revision 1.14.2.1 2001/09/25 02:18:25 mcr
-+ * replace "struct device" with "struct netdevice"
-+ *
-+ * Revision 1.14 2001/06/14 19:35:08 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.13 2000/09/08 19:12:56 rgb
-+ * Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
-+ *
-+ * Revision 1.12 2000/08/01 14:51:50 rgb
-+ * Removed _all_ remaining traces of DES.
-+ *
-+ * Revision 1.11 2000/01/10 16:36:20 rgb
-+ * Ditch last of EME option flags, including initiator.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_ipcomp.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,94 @@
-+/*
-+ * IP compression header declations
-+ *
-+ * Copyright (C) 2003 Michael Richardson <mcr@sandelman.ottawa.on.ca>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_ipcomp.h,v 1.4 2004/07/10 19:08:41 mcr Exp $
-+ */
-+
-+#ifndef IPSEC_IPCOMP_H
-+#define IPSEC_IPCOMP_H
-+
-+#include "openswan/ipsec_auth.h"
-+
-+/* Prefix all global deflate symbols with "ipcomp_" to avoid collisions with ppp_deflate & ext2comp */
-+#ifndef IPCOMP_PREFIX
-+#define IPCOMP_PREFIX
-+#endif /* IPCOMP_PREFIX */
-+
-+#ifndef IPPROTO_COMP
-+#define IPPROTO_COMP 108
-+#endif /* IPPROTO_COMP */
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+extern int sysctl_ipsec_debug_ipcomp;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+struct ipcomphdr { /* IPCOMP header */
-+ __u8 ipcomp_nh; /* Next header (protocol) */
-+ __u8 ipcomp_flags; /* Reserved, must be 0 */
-+ __u16 ipcomp_cpi; /* Compression Parameter Index */
-+};
-+
-+extern struct inet_protocol comp_protocol;
-+extern int sysctl_ipsec_debug_ipcomp;
-+
-+#define IPCOMP_UNCOMPRESSABLE 0x000000001
-+#define IPCOMP_COMPRESSIONERROR 0x000000002
-+#define IPCOMP_PARMERROR 0x000000004
-+#define IPCOMP_DECOMPRESSIONERROR 0x000000008
-+
-+#define IPCOMP_ADAPT_INITIAL_TRIES 8
-+#define IPCOMP_ADAPT_INITIAL_SKIP 4
-+#define IPCOMP_ADAPT_SUBSEQ_TRIES 2
-+#define IPCOMP_ADAPT_SUBSEQ_SKIP 8
-+
-+/* Function prototypes */
-+struct sk_buff *skb_compress(struct sk_buff *skb, struct ipsec_sa *ips, unsigned int *flags);
-+struct sk_buff *skb_decompress(struct sk_buff *skb, struct ipsec_sa *ips, unsigned int *flags);
-+
-+extern struct xform_functions ipcomp_xform_funcs[];
-+
-+#endif /* IPSEC_IPCOMP_H */
-+
-+/*
-+ * $Log: ipsec_ipcomp.h,v $
-+ * Revision 1.4 2004/07/10 19:08:41 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.3 2004/04/06 02:49:08 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.2 2004/04/05 19:55:05 mcr
-+ * Moved from linux/include/freeswan/ipsec_ipcomp.h,v
-+ *
-+ * Revision 1.1 2003/12/13 19:10:16 mcr
-+ * refactored rcv and xmit code - same as FS 2.05.
-+ *
-+ * Revision 1.2 2003/12/11 20:14:58 mcr
-+ * refactored the xmit code, to move all encapsulation
-+ * code into protocol functions. Note that all functions
-+ * are essentially done by a single function, which is probably
-+ * wrong.
-+ * the rcv_functions structures are renamed xform_functions.
-+ *
-+ * Revision 1.1 2003/12/06 21:21:19 mcr
-+ * split up receive path into per-transform files, for
-+ * easier later removal.
-+ *
-+ *
-+ *
-+ */
-+
-+
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_ipe4.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,68 @@
-+/*
-+ * IP-in-IP Header declarations
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998, 1999, 2000, 2001 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_ipe4.h,v 1.6 2004/04/05 19:55:05 mcr Exp $
-+ */
-+
-+/* The packet header is an IP header! */
-+
-+struct ipe4_xdata /* transform table data */
-+{
-+ struct in_addr i4_src;
-+ struct in_addr i4_dst;
-+};
-+
-+#define EMT_IPE4_ULEN 8 /* coming from user mode */
-+
-+
-+/*
-+ * $Log: ipsec_ipe4.h,v $
-+ * Revision 1.6 2004/04/05 19:55:05 mcr
-+ * Moved from linux/include/freeswan/ipsec_ipe4.h,v
-+ *
-+ * Revision 1.5 2002/04/24 07:36:46 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_ipe4.h,v
-+ *
-+ * Revision 1.4 2001/06/14 19:35:08 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.3 1999/04/11 00:28:57 henry
-+ * GPL boilerplate
-+ *
-+ * Revision 1.2 1999/04/06 04:54:25 rgb
-+ * Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+ * patch shell fixes.
-+ *
-+ * Revision 1.1 1998/06/18 21:27:47 henry
-+ * move sources from klips/src to klips/net/ipsec, to keep stupid
-+ * kernel-build scripts happier in the presence of symlinks
-+ *
-+ * Revision 1.1 1998/04/09 03:06:07 henry
-+ * sources moved up from linux/net/ipsec
-+ *
-+ * Revision 1.1.1.1 1998/04/08 05:35:03 henry
-+ * RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
-+ *
-+ * Revision 0.4 1997/01/15 01:28:15 ji
-+ * No changes.
-+ *
-+ * Revision 0.3 1996/11/20 14:48:53 ji
-+ * Release update only.
-+ *
-+ * Revision 0.2 1996/11/02 00:18:33 ji
-+ * First limited release.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_ipip.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,45 @@
-+/*
-+ * Copyright (C) 2003 Michael Richardson <mcr@sandelman.ottawa.on.ca>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_ipip.h,v 1.2 2004/04/05 19:55:05 mcr Exp $
-+ */
-+
-+#ifndef _IPSEC_IPIP_H_
-+
-+#ifndef IPPROTO_IPIP
-+#define IPPROTO_IPIP 4
-+#endif /* IPPROTO_ESP */
-+
-+extern struct xform_functions ipip_xform_funcs[];
-+
-+#define _IPSEC_IPIP_H_
-+
-+#endif /* _IPSEC_IPIP_H_ */
-+
-+/*
-+ * $Log: ipsec_ipip.h,v $
-+ * Revision 1.2 2004/04/05 19:55:05 mcr
-+ * Moved from linux/include/freeswan/ipsec_ipip.h,v
-+ *
-+ * Revision 1.1 2003/12/13 19:10:16 mcr
-+ * refactored rcv and xmit code - same as FS 2.05.
-+ *
-+ * Revision 1.1 2003/12/11 20:14:58 mcr
-+ * refactored the xmit code, to move all encapsulation
-+ * code into protocol functions. Note that all functions
-+ * are essentially done by a single function, which is probably
-+ * wrong.
-+ * the rcv_functions structures are renamed xform_functions.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_kern24.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,61 @@
-+/*
-+ * @(#) routines to makes kernel 2.4 compatible with 2.6 usage.
-+ *
-+ * Copyright (C) 2004 Michael Richardson <mcr@sandelman.ottawa.on.ca>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_kern24.h,v 1.4 2005/05/20 03:19:18 mcr Exp $
-+ */
-+
-+#ifndef _IPSEC_KERN24_H
-+
-+#ifndef NET_26
-+#define sk_receive_queue receive_queue
-+#define sk_destruct destruct
-+#define sk_reuse reuse
-+#define sk_zapped zapped
-+#define sk_family family
-+#define sk_protocol protocol
-+#define sk_protinfo protinfo
-+#define sk_sleep sleep
-+#define sk_state_change state_change
-+#define sk_shutdown shutdown
-+#define sk_err err
-+#define sk_stamp stamp
-+#define sk_socket socket
-+#define sk_sndbuf sndbuf
-+#define sock_flag(sk, flag) sk->dead
-+#define sk_for_each(sk, node, plist) for(sk=*plist; sk!=NULL; sk = sk->next)
-+#endif
-+
-+/* deal with 2.4 vs 2.6 issues with module counts */
-+
-+/* in 2.6, all refcounts are maintained *outside* of the
-+ * module to deal with race conditions.
-+ */
-+
-+#ifdef NET_26
-+#define KLIPS_INC_USE /* nothing */
-+#define KLIPS_DEC_USE /* nothing */
-+
-+#else
-+#define KLIPS_INC_USE MOD_INC_USE_COUNT
-+#define KLIPS_DEC_USE MOD_DEC_USE_COUNT
-+#endif
-+
-+extern int printk_ratelimit(void);
-+
-+
-+#define _IPSEC_KERN24_H 1
-+
-+#endif /* _IPSEC_KERN24_H */
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_kversion.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,352 @@
-+#ifndef _OPENSWAN_KVERSIONS_H
-+/*
-+ * header file for FreeS/WAN library functions
-+ * Copyright (C) 1998, 1999, 2000 Henry Spencer.
-+ * Copyright (C) 1999, 2000, 2001 Richard Guy Briggs
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: ipsec_kversion.h,v 1.15.2.11 2007/02/20 03:53:16 paul Exp $
-+ */
-+#define _OPENSWAN_KVERSIONS_H /* seen it, no need to see it again */
-+
-+/*
-+ * this file contains a series of atomic defines that depend upon
-+ * kernel version numbers. The kernel versions are arranged
-+ * in version-order number (which is often not chronological)
-+ * and each clause enables or disables a feature.
-+ */
-+
-+/*
-+ * First, assorted kernel-version-dependent trickery.
-+ */
-+#include <linux/version.h>
-+#ifndef KERNEL_VERSION
-+#define KERNEL_VERSION(x,y,z) (((x)<<16)+((y)<<8)+(z))
-+#endif
-+
-+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,1,0)
-+#define HEADER_CACHE_BIND_21
-+#error "KLIPS is no longer supported on Linux 2.0. Sorry"
-+#endif
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,1,0)
-+#define SPINLOCK
-+#define PROC_FS_21
-+#define NETLINK_SOCK
-+#define NET_21
-+#endif
-+
-+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,1,19)
-+#define net_device_stats enet_statistics
-+#endif
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,3,0)
-+#define SPINLOCK_23
-+#define NETDEV_23
-+# ifndef CONFIG_IP_ALIAS
-+# define CONFIG_IP_ALIAS
-+# endif
-+#include <linux/socket.h>
-+#include <linux/skbuff.h>
-+#include <linux/netlink.h>
-+# ifdef NETLINK_XFRM
-+# define NETDEV_25
-+# endif
-+#endif
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,3,25)
-+#define PROC_FS_2325
-+#undef PROC_FS_21
-+#endif
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,3,30)
-+#define PROC_NO_DUMMY
-+#endif
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,3,35)
-+#define SKB_COPY_EXPAND
-+#endif
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,3,37)
-+#define IP_SELECT_IDENT
-+#endif
-+
-+#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,3,50)) && defined(CONFIG_NETFILTER)
-+#define SKB_RESET_NFCT
-+#endif
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,4,2)
-+#define IP_SELECT_IDENT_NEW
-+#endif
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,4,4)
-+#define IPH_is_SKB_PULLED
-+#define SKB_COW_NEW
-+#define PROTO_HANDLER_SINGLE_PARM
-+#define IP_FRAGMENT_LINEARIZE 1
-+#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,4,4) */
-+# ifdef REDHAT_BOGOSITY
-+# define IP_SELECT_IDENT_NEW
-+# define IPH_is_SKB_PULLED
-+# define SKB_COW_NEW
-+# define PROTO_HANDLER_SINGLE_PARM
-+# endif /* REDHAT_BOGOSITY */
-+#endif /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,4,4) */
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,4,9)
-+#define MALLOC_SLAB
-+#define LINUX_KERNEL_HAS_SNPRINTF
-+#endif
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
-+#define HAVE_NETDEV_PRINTK 1
-+#define NET_26
-+#endif
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,8)
-+#define NEED_INET_PROTOCOL
-+#endif
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,12)
-+#define HAVE_SOCK_ZAPPED
-+#define NET_26_12_SKALLOC
-+#endif
-+
-+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,13)
-+#define HAVE_SOCK_SECURITY
-+/* skb->nf_debug disappared completely in 2.6.13 */
-+#define HAVE_SKB_NF_DEBUG
-+#endif
-+
-+#define SYSCTL_IPSEC_DEFAULT_TTL sysctl_ip_default_ttl
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,14)
-+/* skb->stamp changed to skb->tstamp in 2.6.14 */
-+#define HAVE_TSTAMP
-+#define HAVE_INET_SK_SPORT
-+#undef SYSCTL_IPSEC_DEFAULT_TTL
-+#define SYSCTL_IPSEC_DEFAULT_TTL IPSEC_DEFAULT_TTL
-+#else
-+#define HAVE_SKB_LIST
-+#endif
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,18)
-+#define HAVE_NEW_SKB_LINEARIZE
-+#endif
-+
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,20)
-+/* skb->nfmark changed to skb->mark in 2.6.20 */
-+#define nfmark mark
-+#endif
-+
-+#ifdef NET_21
-+# include <linux/in6.h>
-+#else
-+ /* old kernel in.h has some IPv6 stuff, but not quite enough */
-+# define s6_addr16 s6_addr
-+# define AF_INET6 10
-+# define uint8_t __u8
-+# define uint16_t __u16
-+# define uint32_t __u32
-+# define uint64_t __u64
-+#endif
-+
-+#ifdef NET_21
-+# define ipsec_kfree_skb(a) kfree_skb(a)
-+#else /* NET_21 */
-+# define ipsec_kfree_skb(a) kfree_skb(a, FREE_WRITE)
-+#endif /* NET_21 */
-+
-+#ifdef NETDEV_23
-+#if 0
-+#ifndef NETDEV_25
-+#define device net_device
-+#endif
-+#endif
-+# define ipsec_dev_get dev_get_by_name
-+# define __ipsec_dev_get __dev_get_by_name
-+# define ipsec_dev_put(x) dev_put(x)
-+# define __ipsec_dev_put(x) __dev_put(x)
-+# define ipsec_dev_hold(x) dev_hold(x)
-+#else /* NETDEV_23 */
-+# define ipsec_dev_get dev_get
-+# define __ipsec_dev_put(x)
-+# define ipsec_dev_put(x)
-+# define ipsec_dev_hold(x)
-+#endif /* NETDEV_23 */
-+
-+#ifndef SPINLOCK
-+# include <linux/bios32.h>
-+ /* simulate spin locks and read/write locks */
-+ typedef struct {
-+ volatile char lock;
-+ } spinlock_t;
-+
-+ typedef struct {
-+ volatile unsigned int lock;
-+ } rwlock_t;
-+
-+# define spin_lock_init(x) { (x)->lock = 0;}
-+# define rw_lock_init(x) { (x)->lock = 0; }
-+
-+# define spin_lock(x) { while ((x)->lock) barrier(); (x)->lock=1;}
-+# define spin_lock_irq(x) { cli(); spin_lock(x);}
-+# define spin_lock_irqsave(x,flags) { save_flags(flags); spin_lock_irq(x);}
-+
-+# define spin_unlock(x) { (x)->lock=0;}
-+# define spin_unlock_irq(x) { spin_unlock(x); sti();}
-+# define spin_unlock_irqrestore(x,flags) { spin_unlock(x); restore_flags(flags);}
-+
-+# define read_lock(x) spin_lock(x)
-+# define read_lock_irq(x) spin_lock_irq(x)
-+# define read_lock_irqsave(x,flags) spin_lock_irqsave(x,flags)
-+
-+# define read_unlock(x) spin_unlock(x)
-+# define read_unlock_irq(x) spin_unlock_irq(x)
-+# define read_unlock_irqrestore(x,flags) spin_unlock_irqrestore(x,flags)
-+
-+# define write_lock(x) spin_lock(x)
-+# define write_lock_irq(x) spin_lock_irq(x)
-+# define write_lock_irqsave(x,flags) spin_lock_irqsave(x,flags)
-+
-+# define write_unlock(x) spin_unlock(x)
-+# define write_unlock_irq(x) spin_unlock_irq(x)
-+# define write_unlock_irqrestore(x,flags) spin_unlock_irqrestore(x,flags)
-+#endif /* !SPINLOCK */
-+
-+#ifndef SPINLOCK_23
-+# define spin_lock_bh(x) spin_lock_irq(x)
-+# define spin_unlock_bh(x) spin_unlock_irq(x)
-+
-+# define read_lock_bh(x) read_lock_irq(x)
-+# define read_unlock_bh(x) read_unlock_irq(x)
-+
-+# define write_lock_bh(x) write_lock_irq(x)
-+# define write_unlock_bh(x) write_unlock_irq(x)
-+#endif /* !SPINLOCK_23 */
-+
-+#ifndef HAVE_NETDEV_PRINTK
-+#define netdev_printk(sevlevel, netdev, msglevel, format, arg...) \
-+ printk(sevlevel "%s: " format , netdev->name , ## arg)
-+#endif
-+
-+#if LINUX_VERSION_CODE <= KERNEL_VERSION(2,6,0)
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,4,0)
-+#include "openswan/ipsec_kern24.h"
-+#else
-+#error "kernels before 2.4 are not supported at this time"
-+#endif
-+#endif
-+
-+
-+#endif /* _OPENSWAN_KVERSIONS_H */
-+
-+/*
-+ * $Log: ipsec_kversion.h,v $
-+ * Revision 1.15.2.11 2007/02/20 03:53:16 paul
-+ * Added comment, made layout consistent with other checks.
-+ *
-+ * Revision 1.15.2.10 2007/02/16 19:08:12 paul
-+ * Fix for compiling on 2.6.20 (nfmark is now called mark in sk_buff)
-+ *
-+ * Revision 1.15.2.9 2006/07/29 05:00:40 paul
-+ * Added HAVE_NEW_SKB_LINEARIZE for 2.6.18+ kernels where skb_linearize
-+ * only takes 1 argument.
-+ *
-+ * Revision 1.15.2.8 2006/05/01 14:31:52 mcr
-+ * FREESWAN->OPENSWAN in #ifdef.
-+ *
-+ * Revision 1.15.2.7 2006/01/11 02:02:59 mcr
-+ * updated patches and DEFAULT_TTL code to work
-+ *
-+ * Revision 1.15.2.6 2006/01/03 19:25:02 ken
-+ * Remove duplicated #ifdef for TTL fix - bad patch
-+ *
-+ * Revision 1.15.2.5 2006/01/03 18:06:33 ken
-+ * Fix for missing sysctl default ttl
-+ *
-+ * Revision 1.15.2.4 2005/11/27 21:40:14 paul
-+ * Pull down TTL fixes from head. this fixes "Unknown symbol sysctl_ip_default_ttl"
-+ * in for klips as module.
-+ *
-+ * Revision 1.15.2.3 2005/11/22 04:11:52 ken
-+ * Backport fixes for 2.6.14 kernels from HEAD
-+ *
-+ * Revision 1.15.2.2 2005/09/01 01:57:19 paul
-+ * michael's fixes for 2.6.13 from head
-+ *
-+ * Revision 1.15.2.1 2005/08/27 23:13:48 paul
-+ * Fix for:
-+ * 7 weeks ago: [NET]: Remove unused security member in sk_buff
-+ * changeset 4280: 328ea53f5fee
-+ * parent 4279: beb0afb0e3f8
-+ * author: Thomas Graf <tgraf@suug.ch>
-+ * date: Tue Jul 5 21:12:44 2005
-+ * files: include/linux/skbuff.h include/linux/tc_ematch/tc_em_meta.h net/core/skbuff.c net/ipv4/ip_output.c net/ipv6/ip6_output.c net/sched/em_meta.c
-+ *
-+ * This should fix compilation on 2.6.13(rc) kernels
-+ *
-+ * Revision 1.15 2005/07/19 20:02:15 mcr
-+ * sk_alloc() interface change.
-+ *
-+ * Revision 1.14 2005/07/08 16:20:05 mcr
-+ * fix for 2.6.12 disapperance of sk_zapped field -> sock_flags.
-+ *
-+ * Revision 1.13 2005/05/20 03:19:18 mcr
-+ * modifications for use on 2.4.30 kernel, with backported
-+ * printk_ratelimit(). all warnings removed.
-+ *
-+ * Revision 1.12 2005/04/13 22:46:21 mcr
-+ * note that KLIPS does not work on Linux 2.0.
-+ *
-+ * Revision 1.11 2004/09/13 02:22:26 mcr
-+ * #define inet_protocol if necessary.
-+ *
-+ * Revision 1.10 2004/08/03 18:17:15 mcr
-+ * in 2.6, use "net_device" instead of #define device->net_device.
-+ * this probably breaks 2.0 compiles.
-+ *
-+ * Revision 1.9 2004/04/05 19:55:05 mcr
-+ * Moved from linux/include/freeswan/ipsec_kversion.h,v
-+ *
-+ * Revision 1.8 2003/12/13 19:10:16 mcr
-+ * refactored rcv and xmit code - same as FS 2.05.
-+ *
-+ * Revision 1.7 2003/07/31 22:48:08 mcr
-+ * derive NET25-ness from presence of NETLINK_XFRM macro.
-+ *
-+ * Revision 1.6 2003/06/24 20:22:32 mcr
-+ * added new global: ipsecdevices[] so that we can keep track of
-+ * the ipsecX devices. They will be referenced with dev_hold(),
-+ * so 2.2 may need this as well.
-+ *
-+ * Revision 1.5 2003/04/03 17:38:09 rgb
-+ * Centralised ipsec_kfree_skb and ipsec_dev_{get,put}.
-+ *
-+ * Revision 1.4 2002/04/24 07:36:46 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_kversion.h,v
-+ *
-+ * Revision 1.3 2002/04/12 03:21:17 mcr
-+ * three parameter version of ip_select_ident appears first
-+ * in 2.4.2 (RH7.1) not 2.4.4.
-+ *
-+ * Revision 1.2 2002/03/08 21:35:22 rgb
-+ * Defined LINUX_KERNEL_HAS_SNPRINTF to shut up compiler warnings after
-+ * 2.4.9. (Andreas Piesk).
-+ *
-+ * Revision 1.1 2002/01/29 02:11:42 mcr
-+ * removal of kversions.h - sources that needed it now use ipsec_param.h.
-+ * updating of IPv6 structures to match latest in6.h version.
-+ * removed dead code from freeswan.h that also duplicated kversions.h
-+ * code.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_life.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,112 @@
-+/*
-+ * Definitions relevant to IPSEC lifetimes
-+ * Copyright (C) 2001 Richard Guy Briggs <rgb@freeswan.org>
-+ * and Michael Richardson <mcr@freeswan.org>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_life.h,v 1.4 2004/04/05 19:55:05 mcr Exp $
-+ *
-+ * This file derived from ipsec_xform.h on 2001/9/18 by mcr.
-+ *
-+ */
-+
-+/*
-+ * This file describes the book keeping fields for the
-+ * IPsec Security Association Structure. ("ipsec_sa")
-+ *
-+ * This structure is never allocated directly by kernel code,
-+ * (it is always a static/auto or is part of a structure)
-+ * so it does not have a reference count.
-+ *
-+ */
-+
-+#ifndef _IPSEC_LIFE_H_
-+
-+/*
-+ * _count is total count.
-+ * _hard is hard limit (kill SA after this number)
-+ * _soft is soft limit (try to renew SA after this number)
-+ * _last is used in some special cases.
-+ *
-+ */
-+
-+struct ipsec_lifetime64
-+{
-+ __u64 ipl_count;
-+ __u64 ipl_soft;
-+ __u64 ipl_hard;
-+ __u64 ipl_last;
-+};
-+
-+struct ipsec_lifetimes
-+{
-+ /* number of bytes processed */
-+ struct ipsec_lifetime64 ipl_bytes;
-+
-+ /* number of packets processed */
-+ struct ipsec_lifetime64 ipl_packets;
-+
-+ /* time since SA was added */
-+ struct ipsec_lifetime64 ipl_addtime;
-+
-+ /* time since SA was first used */
-+ struct ipsec_lifetime64 ipl_usetime;
-+
-+ /* from rfc2367:
-+ * For CURRENT, the number of different connections,
-+ * endpoints, or flows that the association has been
-+ * allocated towards. For HARD and SOFT, the number of
-+ * these the association may be allocated towards
-+ * before it expires. The concept of a connection,
-+ * flow, or endpoint is system specific.
-+ *
-+ * mcr(2001-9-18) it is unclear what purpose these serve for FreeSWAN.
-+ * They are maintained for PF_KEY compatibility.
-+ */
-+ struct ipsec_lifetime64 ipl_allocations;
-+};
-+
-+enum ipsec_life_alive {
-+ ipsec_life_harddied = -1,
-+ ipsec_life_softdied = 0,
-+ ipsec_life_okay = 1
-+};
-+
-+enum ipsec_life_type {
-+ ipsec_life_timebased = 1,
-+ ipsec_life_countbased= 0
-+};
-+
-+#define _IPSEC_LIFE_H_
-+#endif /* _IPSEC_LIFE_H_ */
-+
-+
-+/*
-+ * $Log: ipsec_life.h,v $
-+ * Revision 1.4 2004/04/05 19:55:05 mcr
-+ * Moved from linux/include/freeswan/ipsec_life.h,v
-+ *
-+ * Revision 1.3 2002/04/24 07:36:46 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_life.h,v
-+ *
-+ * Revision 1.2 2001/11/26 09:16:14 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.1.2.1 2001/09/25 02:25:58 mcr
-+ * lifetime structure created and common functions created.
-+ *
-+ *
-+ * Local variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_md5h.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,143 @@
-+/*
-+ * RCSID $Id: ipsec_md5h.h,v 1.10 2004/09/08 17:21:35 ken Exp $
-+ */
-+
-+/*
-+ * The rest of this file is Copyright RSA DSI. See the following comments
-+ * for the full Copyright notice.
-+ */
-+
-+#ifndef _IPSEC_MD5H_H_
-+#define _IPSEC_MD5H_H_
-+
-+/* GLOBAL.H - RSAREF types and constants
-+ */
-+
-+/* PROTOTYPES should be set to one if and only if the compiler supports
-+ function argument prototyping.
-+ The following makes PROTOTYPES default to 0 if it has not already
-+ been defined with C compiler flags.
-+ */
-+#ifndef PROTOTYPES
-+#define PROTOTYPES 1
-+#endif /* !PROTOTYPES */
-+
-+/* POINTER defines a generic pointer type */
-+typedef __u8 *POINTER;
-+
-+/* UINT2 defines a two byte word */
-+typedef __u16 UINT2;
-+
-+/* UINT4 defines a four byte word */
-+typedef __u32 UINT4;
-+
-+/* PROTO_LIST is defined depending on how PROTOTYPES is defined above.
-+ If using PROTOTYPES, then PROTO_LIST returns the list, otherwise it
-+ returns an empty list.
-+ */
-+
-+#if PROTOTYPES
-+#define PROTO_LIST(list) list
-+#else /* PROTOTYPES */
-+#define PROTO_LIST(list) ()
-+#endif /* PROTOTYPES */
-+
-+
-+/* MD5.H - header file for MD5C.C
-+ */
-+
-+/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
-+rights reserved.
-+
-+License to copy and use this software is granted provided that it
-+is identified as the "RSA Data Security, Inc. MD5 Message-Digest
-+Algorithm" in all material mentioning or referencing this software
-+or this function.
-+
-+License is also granted to make and use derivative works provided
-+that such works are identified as "derived from the RSA Data
-+Security, Inc. MD5 Message-Digest Algorithm" in all material
-+mentioning or referencing the derived work.
-+
-+RSA Data Security, Inc. makes no representations concerning either
-+the merchantability of this software or the suitability of this
-+software for any particular purpose. It is provided "as is"
-+without express or implied warranty of any kind.
-+
-+These notices must be retained in any copies of any part of this
-+documentation and/or software.
-+ */
-+
-+/* MD5 context. */
-+typedef struct {
-+ UINT4 state[4]; /* state (ABCD) */
-+ UINT4 count[2]; /* number of bits, modulo 2^64 (lsb first) */
-+ unsigned char buffer[64]; /* input buffer */
-+} MD5_CTX;
-+
-+void osMD5Init PROTO_LIST ((void *));
-+void osMD5Update PROTO_LIST
-+ ((void *, unsigned char *, __u32));
-+void osMD5Final PROTO_LIST ((unsigned char [16], void *));
-+
-+#endif /* _IPSEC_MD5H_H_ */
-+
-+/*
-+ * $Log: ipsec_md5h.h,v $
-+ * Revision 1.10 2004/09/08 17:21:35 ken
-+ * Rename MD5* -> osMD5 functions to prevent clashes with other symbols exported by kernel modules (CIFS in 2.6 initiated this)
-+ *
-+ * Revision 1.9 2004/04/05 19:55:05 mcr
-+ * Moved from linux/include/freeswan/ipsec_md5h.h,v
-+ *
-+ * Revision 1.8 2002/09/10 01:45:09 mcr
-+ * changed type of MD5_CTX and SHA1_CTX to void * so that
-+ * the function prototypes would match, and could be placed
-+ * into a pointer to a function.
-+ *
-+ * Revision 1.7 2002/04/24 07:36:46 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_md5h.h,v
-+ *
-+ * Revision 1.6 1999/12/13 13:59:13 rgb
-+ * Quick fix to argument size to Update bugs.
-+ *
-+ * Revision 1.5 1999/12/07 18:16:23 rgb
-+ * Fixed comments at end of #endif lines.
-+ *
-+ * Revision 1.4 1999/04/06 04:54:26 rgb
-+ * Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+ * patch shell fixes.
-+ *
-+ * Revision 1.3 1999/01/22 06:19:58 rgb
-+ * 64-bit clean-up.
-+ *
-+ * Revision 1.2 1998/11/30 13:22:54 rgb
-+ * Rationalised all the klips kernel file headers. They are much shorter
-+ * now and won't conflict under RH5.2.
-+ *
-+ * Revision 1.1 1998/06/18 21:27:48 henry
-+ * move sources from klips/src to klips/net/ipsec, to keep stupid
-+ * kernel-build scripts happier in the presence of symlinks
-+ *
-+ * Revision 1.2 1998/04/23 20:54:03 rgb
-+ * Fixed md5 and sha1 include file nesting issues, to be cleaned up when
-+ * verified.
-+ *
-+ * Revision 1.1 1998/04/09 03:04:21 henry
-+ * sources moved up from linux/net/ipsec
-+ * these two include files modified not to include others except in kernel
-+ *
-+ * Revision 1.1.1.1 1998/04/08 05:35:03 henry
-+ * RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
-+ *
-+ * Revision 0.4 1997/01/15 01:28:15 ji
-+ * No changes.
-+ *
-+ * Revision 0.3 1996/11/20 14:48:53 ji
-+ * Release update only.
-+ *
-+ * Revision 0.2 1996/11/02 00:18:33 ji
-+ * First limited release.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_param.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,387 @@
-+/*
-+ * @(#) Openswan tunable paramaters
-+ *
-+ * Copyright (C) 2001 Richard Guy Briggs <rgb@freeswan.org>
-+ * and Michael Richardson <mcr@freeswan.org>
-+ * Copyright (C) 2004 Michael Richardson <mcr@xelerance.com>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_param.h,v 1.29.6.3 2006/05/01 14:32:31 mcr Exp $
-+ *
-+ */
-+
-+/*
-+ * This file provides a set of #define's which may be tuned by various
-+ * people/configurations. It keeps all compile-time tunables in one place.
-+ *
-+ * This file should be included before all other IPsec kernel-only files.
-+ *
-+ */
-+
-+#ifndef _IPSEC_PARAM_H_
-+
-+#ifdef __KERNEL__
-+#include "ipsec_kversion.h"
-+
-+/* Set number of ipsecX virtual devices here. */
-+/* This must be < exp(field width of IPSEC_DEV_FORMAT) */
-+/* It must also be reasonable so as not to overload the memory and CPU */
-+/* constraints of the host. */
-+#define IPSEC_NUM_IF 4
-+/* The field width must be < IF_NAM_SIZ - strlen("ipsec") - 1. */
-+/* With "ipsec" being 5 characters, that means 10 is the max field width */
-+/* but machine memory and CPU constraints are not likely to tollerate */
-+/* more than 3 digits. The default is one digit. */
-+/* Update: userland scripts get upset if they can't find "ipsec0", so */
-+/* for now, no "0"-padding should be used (which would have been helpful */
-+/* to make text-searches work */
-+#define IPSEC_DEV_FORMAT "ipsec%d"
-+/* For, say, 500 virtual ipsec devices, I would recommend: */
-+/* #define IPSEC_NUM_IF 500 */
-+/* #define IPSEC_DEV_FORMAT "ipsec%03d" */
-+/* Note that the "interfaces=" line in /etc/ipsec.conf would be, um, challenging. */
-+
-+/* use dynamic ipsecX device allocation */
-+#ifndef CONFIG_KLIPS_DYNDEV
-+#define CONFIG_KLIPS_DYNDEV 1
-+#endif /* CONFIG_KLIPS_DYNDEV */
-+
-+
-+#ifdef CONFIG_KLIPS_BIGGATE
-+# define SADB_HASHMOD 8069
-+#else /* CONFIG_KLIPS_BIGGATE */
-+# define SADB_HASHMOD 257
-+#endif /* CONFIG_KLIPS_BIGGATE */
-+#endif /* __KERNEL__ */
-+
-+/*
-+ * This is for the SA reference table. This number is related to the
-+ * maximum number of SAs that KLIPS can concurrently deal with, plus enough
-+ * space for keeping expired SAs around.
-+ *
-+ * TABLE_MAX_WIDTH is the number of bits that we will use.
-+ * MAIN_TABLE_WIDTH is the number of bits used for the primary index table.
-+ *
-+ */
-+#ifndef IPSEC_SA_REF_TABLE_IDX_WIDTH
-+# define IPSEC_SA_REF_TABLE_IDX_WIDTH 16
-+#endif
-+
-+#ifndef IPSEC_SA_REF_MAINTABLE_IDX_WIDTH
-+# define IPSEC_SA_REF_MAINTABLE_IDX_WIDTH 4
-+#endif
-+
-+#ifndef IPSEC_SA_REF_FREELIST_NUM_ENTRIES
-+# define IPSEC_SA_REF_FREELIST_NUM_ENTRIES 256
-+#endif
-+
-+#ifndef IPSEC_SA_REF_CODE
-+# define IPSEC_SA_REF_CODE 1
-+#endif
-+
-+#ifdef __KERNEL__
-+/* This is defined for 2.4, but not 2.2.... */
-+#ifndef ARPHRD_VOID
-+# define ARPHRD_VOID 0xFFFF
-+#endif
-+
-+/* always turn on IPIP mode */
-+#ifndef CONFIG_KLIPS_IPIP
-+#define CONFIG_KLIPS_IPIP 1
-+#endif
-+
-+/*
-+ * Worry about PROC_FS stuff
-+ */
-+#if defined(PROC_FS_2325)
-+/* kernel 2.4 */
-+# define IPSEC_PROC_LAST_ARG ,int *eof,void *data
-+# define IPSEC_PROCFS_DEBUG_NO_STATIC
-+# define IPSEC_PROC_SUBDIRS
-+#else
-+/* kernel <2.4 */
-+# define IPSEC_PROCFS_DEBUG_NO_STATIC DEBUG_NO_STATIC
-+
-+# ifndef PROC_NO_DUMMY
-+# define IPSEC_PROC_LAST_ARG , int dummy
-+# else
-+# define IPSEC_PROC_LAST_ARG
-+# endif /* !PROC_NO_DUMMY */
-+#endif /* PROC_FS_2325 */
-+
-+#if !defined(LINUX_KERNEL_HAS_SNPRINTF)
-+/* GNU CPP specific! */
-+# define snprintf(buf, len, fmt...) sprintf(buf, ##fmt)
-+#endif /* !LINUX_KERNEL_HAS_SNPRINTF */
-+
-+#ifdef SPINLOCK
-+# ifdef SPINLOCK_23
-+# include <linux/spinlock.h> /* *lock* */
-+# else /* SPINLOCK_23 */
-+# include <asm/spinlock.h> /* *lock* */
-+# endif /* SPINLOCK_23 */
-+#endif /* SPINLOCK */
-+
-+#ifndef KLIPS_FIXES_DES_PARITY
-+# define KLIPS_FIXES_DES_PARITY 1
-+#endif /* !KLIPS_FIXES_DES_PARITY */
-+
-+/* we don't really want to print these unless there are really big problems */
-+#ifndef KLIPS_DIVULGE_CYPHER_KEY
-+# define KLIPS_DIVULGE_CYPHER_KEY 0
-+#endif /* !KLIPS_DIVULGE_CYPHER_KEY */
-+
-+#ifndef KLIPS_DIVULGE_HMAC_KEY
-+# define KLIPS_DIVULGE_HMAC_KEY 0
-+#endif /* !KLIPS_DIVULGE_HMAC_KEY */
-+
-+#ifndef IPSEC_DISALLOW_IPOPTIONS
-+# define IPSEC_DISALLOW_IPOPTIONS 1
-+#endif /* !KLIPS_DIVULGE_HMAC_KEY */
-+
-+/* extra toggles for regression testing */
-+#ifdef CONFIG_KLIPS_REGRESS
-+
-+/*
-+ * should pfkey_acquire() become 100% lossy?
-+ *
-+ */
-+extern int sysctl_ipsec_regress_pfkey_lossage;
-+#ifndef KLIPS_PFKEY_ACQUIRE_LOSSAGE
-+# ifdef CONFIG_KLIPS_PFKEY_ACQUIRE_LOSSAGE
-+# define KLIPS_PFKEY_ACQUIRE_LOSSAGE 100
-+# endif /* CONFIG_KLIPS_PFKEY_ACQUIRE_LOSSAGE */
-+#else
-+#define KLIPS_PFKEY_ACQUIRE_LOSSAGE 0
-+#endif /* KLIPS_PFKEY_ACQUIRE_LOSSAGE */
-+
-+#else /* CONFIG_KLIPS_REGRESS */
-+#define KLIPS_PFKEY_ACQUIRE_LOSSAGE 0
-+
-+#endif /* CONFIG_KLIPS_REGRESS */
-+
-+
-+/*
-+ * debugging routines.
-+ */
-+#define KLIPS_ERROR(flag, format, args...) if(printk_ratelimit() || flag) printk(KERN_ERR "KLIPS " format, ## args)
-+#ifdef CONFIG_KLIPS_DEBUG
-+extern void ipsec_print_ip(struct iphdr *ip);
-+
-+ #define KLIPS_PRINT(flag, format, args...) \
-+ ((flag) ? printk(KERN_INFO format , ## args) : 0)
-+ #define KLIPS_PRINTMORE(flag, format, args...) \
-+ ((flag) ? printk(format , ## args) : 0)
-+ #define KLIPS_IP_PRINT(flag, ip) \
-+ ((flag) ? ipsec_print_ip(ip) : 0)
-+#else /* CONFIG_KLIPS_DEBUG */
-+ #define KLIPS_PRINT(flag, format, args...) do ; while(0)
-+ #define KLIPS_PRINTMORE(flag, format, args...) do ; while(0)
-+ #define KLIPS_IP_PRINT(flag, ip) do ; while(0)
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+
-+/*
-+ * Stupid kernel API differences in APIs. Not only do some
-+ * kernels not have ip_select_ident, but some have differing APIs,
-+ * and SuSE has one with one parameter, but no way of checking to
-+ * see what is really what.
-+ */
-+
-+#ifdef SUSE_LINUX_2_4_19_IS_STUPID
-+#define KLIPS_IP_SELECT_IDENT(iph, skb) ip_select_ident(iph)
-+#else
-+
-+/* simplest case, nothing */
-+#if !defined(IP_SELECT_IDENT)
-+#define KLIPS_IP_SELECT_IDENT(iph, skb) do { iph->id = htons(ip_id_count++); } while(0)
-+#endif
-+
-+/* kernels > 2.3.37-ish */
-+#if defined(IP_SELECT_IDENT) && !defined(IP_SELECT_IDENT_NEW)
-+#define KLIPS_IP_SELECT_IDENT(iph, skb) ip_select_ident(iph, skb->dst)
-+#endif
-+
-+/* kernels > 2.4.2 */
-+#if defined(IP_SELECT_IDENT) && defined(IP_SELECT_IDENT_NEW)
-+#define KLIPS_IP_SELECT_IDENT(iph, skb) ip_select_ident(iph, skb->dst, NULL)
-+#endif
-+
-+#endif /* SUSE_LINUX_2_4_19_IS_STUPID */
-+
-+/*
-+ * make klips fail test:east-espiv-01.
-+ * exploit is at testing/attacks/espiv
-+ *
-+ */
-+#define KLIPS_IMPAIRMENT_ESPIV_CBC_ATTACK 0
-+
-+
-+/* IP_FRAGMENT_LINEARIZE is set in freeswan.h if Kernel > 2.4.4 */
-+#ifndef IP_FRAGMENT_LINEARIZE
-+# define IP_FRAGMENT_LINEARIZE 0
-+#endif /* IP_FRAGMENT_LINEARIZE */
-+#endif /* __KERNEL__ */
-+
-+#ifdef NEED_INET_PROTOCOL
-+#define inet_protocol net_protocol
-+#endif
-+
-+#if defined(CONFIG_IPSEC_NAT_TRAVERSAL) && CONFIG_IPSEC_NAT_TRAVERSAL
-+#define NAT_TRAVERSAL 1
-+#else
-+/* let people either #undef, or #define = 0 it */
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+#undef CONFIG_IPSEC_NAT_TRAVERSAL
-+#endif
-+#endif
-+
-+#ifndef IPSEC_DEFAULT_TTL
-+#define IPSEC_DEFAULT_TTL 64
-+#endif
-+
-+#define _IPSEC_PARAM_H_
-+#endif /* _IPSEC_PARAM_H_ */
-+
-+/*
-+ * $Log: ipsec_param.h,v $
-+ * Revision 1.29.6.3 2006/05/01 14:32:31 mcr
-+ * added KLIPS_ERROR and make sure that things work without CONFIG_KLIPS_REGRESS.
-+ *
-+ * Revision 1.29.6.2 2005/11/27 21:40:14 paul
-+ * Pull down TTL fixes from head. this fixes "Unknown symbol sysctl_ip_default_ttl"
-+ * in for klips as module.
-+ *
-+ * Revision 1.29.6.1 2005/08/12 16:24:18 ken
-+ * Pull in NAT-T compile logic from HEAD
-+ *
-+ * Revision 1.29 2005/01/26 00:50:35 mcr
-+ * adjustment of confusion of CONFIG_IPSEC_NAT vs CONFIG_KLIPS_NAT,
-+ * and make sure that NAT_TRAVERSAL is set as well to match
-+ * userspace compiles of code.
-+ *
-+ * Revision 1.28 2004/09/13 15:50:15 mcr
-+ * spell NEED_INET properly, not NET_INET.
-+ *
-+ * Revision 1.27 2004/09/13 02:21:45 mcr
-+ * always turn on IPIP mode.
-+ * #define inet_protocol if necessary.
-+ *
-+ * Revision 1.26 2004/08/17 03:25:43 mcr
-+ * freeswan->openswan.
-+ *
-+ * Revision 1.25 2004/07/10 19:08:41 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.24 2004/04/05 19:55:06 mcr
-+ * Moved from linux/include/freeswan/ipsec_param.h,v
-+ *
-+ * Revision 1.23 2003/12/13 19:10:16 mcr
-+ * refactored rcv and xmit code - same as FS 2.05.
-+ *
-+ * Revision 1.22 2003/10/31 02:27:05 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.21.4.1 2003/10/29 01:10:19 mcr
-+ * elimited "struct sa_id"
-+ *
-+ * Revision 1.21 2003/04/03 17:38:18 rgb
-+ * Centralised ipsec_kfree_skb and ipsec_dev_{get,put}.
-+ * Change indentation for readability.
-+ *
-+ * Revision 1.20 2003/03/14 08:09:26 rgb
-+ * Fixed up CONFIG_IPSEC_DYNDEV definitions.
-+ *
-+ * Revision 1.19 2003/01/30 02:31:43 rgb
-+ *
-+ * Rename SAref table macro names for clarity.
-+ *
-+ * Revision 1.18 2002/09/30 19:06:26 rgb
-+ * Reduce default table to 16 bits width.
-+ *
-+ * Revision 1.17 2002/09/20 15:40:29 rgb
-+ * Define switch to activate new SAref code.
-+ * Prefix macros with "IPSEC_".
-+ * Rework saref freelist.
-+ * Restrict some bits to kernel context for use to klips utils.
-+ *
-+ * Revision 1.16 2002/09/20 05:00:31 rgb
-+ * Define switch to divulge hmac keys for debugging.
-+ * Added IPOPTIONS switch.
-+ *
-+ * Revision 1.15 2002/09/19 02:34:24 mcr
-+ * define IPSEC_PROC_SUBDIRS if we are 2.4, and use that in ipsec_proc.c
-+ * to decide if we are to create /proc/net/ipsec/.
-+ *
-+ * Revision 1.14 2002/08/30 01:20:54 mcr
-+ * reorganized 2.0/2.2/2.4 procfs support macro so match
-+ * 2.4 values/typedefs.
-+ *
-+ * Revision 1.13 2002/07/28 22:03:28 mcr
-+ * added some documentation to SA_REF_*
-+ * turned on fix for ESPIV attack, now that we have the attack code.
-+ *
-+ * Revision 1.12 2002/07/26 08:48:31 rgb
-+ * Added SA ref table code.
-+ *
-+ * Revision 1.11 2002/07/23 02:57:45 rgb
-+ * Define ARPHRD_VOID for < 2.4 kernels.
-+ *
-+ * Revision 1.10 2002/05/27 21:37:28 rgb
-+ * Set the defaults sanely for those adventurous enough to try more than 1
-+ * digit of ipsec devices.
-+ *
-+ * Revision 1.9 2002/05/27 18:56:07 rgb
-+ * Convert to dynamic ipsec device allocation.
-+ *
-+ * Revision 1.8 2002/04/24 07:36:47 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_param.h,v
-+ *
-+ * Revision 1.7 2002/04/20 00:12:25 rgb
-+ * Added esp IV CBC attack fix, disabled.
-+ *
-+ * Revision 1.6 2002/01/29 02:11:42 mcr
-+ * removal of kversions.h - sources that needed it now use ipsec_param.h.
-+ * updating of IPv6 structures to match latest in6.h version.
-+ * removed dead code from freeswan.h that also duplicated kversions.h
-+ * code.
-+ *
-+ * Revision 1.5 2002/01/28 19:22:01 mcr
-+ * by default, turn off LINEARIZE option
-+ * (let kversions.h turn it on)
-+ *
-+ * Revision 1.4 2002/01/20 20:19:36 mcr
-+ * renamed option to IP_FRAGMENT_LINEARIZE.
-+ *
-+ * Revision 1.3 2002/01/12 02:57:25 mcr
-+ * first regression test causes acquire messages to be lost
-+ * 100% of the time. This is to help testing of pluto.
-+ *
-+ * Revision 1.2 2001/11/26 09:16:14 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.1.2.3 2001/10/23 04:40:16 mcr
-+ * added #define for DIVULGING session keys in debug output.
-+ *
-+ * Revision 1.1.2.2 2001/10/22 20:53:25 mcr
-+ * added a define to control forcing of DES parity.
-+ *
-+ * Revision 1.1.2.1 2001/09/25 02:20:19 mcr
-+ * many common kernel configuration questions centralized.
-+ * more things remain that should be moved from freeswan.h.
-+ *
-+ *
-+ * Local variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_policy.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,217 @@
-+#ifndef _IPSEC_POLICY_H
-+/*
-+ * policy interface file between pluto and applications
-+ * Copyright (C) 2003 Michael Richardson <mcr@freeswan.org>
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: ipsec_policy.h,v 1.7.6.1 2005/07/26 01:53:07 ken Exp $
-+ */
-+#define _IPSEC_POLICY_H /* seen it, no need to see it again */
-+
-+
-+/*
-+ * this file defines an interface between an application (or rather an
-+ * application library) and a key/policy daemon. It provides for inquiries
-+ * as to the current state of a connected socket, as well as for general
-+ * questions.
-+ *
-+ * In general, the interface is defined as a series of functional interfaces,
-+ * and the policy messages should be internal. However, because this is in
-+ * fact an ABI between pieces of the system that may get compiled and revised
-+ * seperately, this ABI must be public and revision controlled.
-+ *
-+ * It is expected that the daemon will always support previous versions.
-+ */
-+
-+#define IPSEC_POLICY_MSG_REVISION (unsigned)200305061
-+
-+enum ipsec_policy_command {
-+ IPSEC_CMD_QUERY_FD = 1,
-+ IPSEC_CMD_QUERY_HOSTPAIR = 2,
-+ IPSEC_CMD_QUERY_DSTONLY = 3,
-+};
-+
-+struct ipsec_policy_msg_head {
-+ u_int32_t ipm_version;
-+ u_int32_t ipm_msg_len;
-+ u_int32_t ipm_msg_type;
-+ u_int32_t ipm_msg_seq;
-+};
-+
-+enum ipsec_privacy_quality {
-+ IPSEC_PRIVACY_NONE = 0,
-+ IPSEC_PRIVACY_INTEGRAL = 4, /* not private at all. AH-like */
-+ IPSEC_PRIVACY_UNKNOWN = 8, /* something is claimed, but details unavail */
-+ IPSEC_PRIVACY_ROT13 = 12, /* trivially breakable, i.e. 1DES */
-+ IPSEC_PRIVACY_GAK = 16, /* known eavesdroppers */
-+ IPSEC_PRIVACY_PRIVATE = 32, /* secure for at least a decade */
-+ IPSEC_PRIVACY_STRONG = 64, /* ridiculously secure */
-+ IPSEC_PRIVACY_TORTOISE = 192, /* even stronger, but very slow */
-+ IPSEC_PRIVACY_OTP = 224, /* some kind of *true* one time pad */
-+};
-+
-+enum ipsec_bandwidth_quality {
-+ IPSEC_QOS_UNKNOWN = 0, /* unknown bandwidth */
-+ IPSEC_QOS_INTERACTIVE = 16, /* reasonably moderate jitter, moderate fast.
-+ Good enough for telnet/ssh. */
-+ IPSEC_QOS_VOIP = 32, /* faster crypto, predicable jitter */
-+ IPSEC_QOS_FTP = 64, /* higher throughput crypto, perhaps hardware
-+ offloaded, but latency/jitter may be bad */
-+ IPSEC_QOS_WIRESPEED = 128, /* expect to be able to fill your pipe */
-+};
-+
-+/* moved from programs/pluto/constants.h */
-+/* IPsec AH transform values
-+ * RFC2407 The Internet IP security Domain of Interpretation for ISAKMP 4.4.3
-+ * and in http://www.iana.org/assignments/isakmp-registry
-+ */
-+enum ipsec_authentication_algo {
-+ AH_MD5=2,
-+ AH_SHA=3,
-+ AH_DES=4,
-+ AH_SHA2_256=5,
-+ AH_SHA2_384=6,
-+ AH_SHA2_512=7
-+};
-+
-+/* IPsec ESP transform values
-+ * RFC2407 The Internet IP security Domain of Interpretation for ISAKMP 4.4.4
-+ * and from http://www.iana.org/assignments/isakmp-registry
-+ */
-+
-+enum ipsec_cipher_algo {
-+ ESP_reserved=0,
-+ ESP_DES_IV64=1,
-+ ESP_DES=2,
-+ ESP_3DES=3,
-+ ESP_RC5=4,
-+ ESP_IDEA=5,
-+ ESP_CAST=6,
-+ ESP_BLOWFISH=7,
-+ ESP_3IDEA=8,
-+ ESP_DES_IV32=9,
-+ ESP_RC4=10,
-+ ESP_NULL=11,
-+ ESP_AES=12, /* 128 bit AES */
-+};
-+
-+/* IPCOMP transform values
-+ * RFC2407 The Internet IP security Domain of Interpretation for ISAKMP 4.4.5
-+ */
-+
-+enum ipsec_comp_algo {
-+ IPCOMP_OUI= 1,
-+ IPCOMP_DEFLATE= 2,
-+ IPCOMP_LZS= 3,
-+ IPCOMP_V42BIS= 4
-+};
-+
-+/* Identification type values
-+ * RFC 2407 The Internet IP security Domain of Interpretation for ISAKMP 4.6.2.1
-+ */
-+
-+enum ipsec_id_type {
-+ ID_IMPOSSIBLE= (-2), /* private to Pluto */
-+ ID_MYID= (-1), /* private to Pluto */
-+ ID_NONE= 0, /* private to Pluto */
-+ ID_IPV4_ADDR= 1,
-+ ID_FQDN= 2,
-+ ID_USER_FQDN= 3,
-+ ID_IPV4_ADDR_SUBNET= 4,
-+ ID_IPV6_ADDR= 5,
-+ ID_IPV6_ADDR_SUBNET= 6,
-+ ID_IPV4_ADDR_RANGE= 7,
-+ ID_IPV6_ADDR_RANGE= 8,
-+ ID_DER_ASN1_DN= 9,
-+ ID_DER_ASN1_GN= 10,
-+ ID_KEY_ID= 11
-+};
-+
-+/* Certificate type values
-+ * RFC 2408 ISAKMP, chapter 3.9
-+ */
-+enum ipsec_cert_type {
-+ CERT_NONE= 0, /* none, or guess from file contents */
-+ CERT_PKCS7_WRAPPED_X509= 1, /* self-signed certificate from disk */
-+ CERT_PGP= 2,
-+ CERT_DNS_SIGNED_KEY= 3, /* KEY RR from DNS */
-+ CERT_X509_SIGNATURE= 4,
-+ CERT_X509_KEY_EXCHANGE= 5,
-+ CERT_KERBEROS_TOKENS= 6,
-+ CERT_CRL= 7,
-+ CERT_ARL= 8,
-+ CERT_SPKI= 9,
-+ CERT_X509_ATTRIBUTE= 10,
-+ CERT_RAW_RSA= 11, /* raw RSA from config file */
-+};
-+
-+/* a SIG record in ASCII */
-+struct ipsec_dns_sig {
-+ char fqdn[256];
-+ char dns_sig[768]; /* empty string if not signed */
-+};
-+
-+struct ipsec_raw_key {
-+ char id_name[256];
-+ char fs_keyid[8];
-+};
-+
-+struct ipsec_identity {
-+ enum ipsec_id_type ii_type;
-+ enum ipsec_cert_type ii_format;
-+ union {
-+ struct ipsec_dns_sig ipsec_dns_signed;
-+ /* some thing for PGP */
-+ /* some thing for PKIX */
-+ struct ipsec_raw_key ipsec_raw_key;
-+ } ii_credential;
-+};
-+
-+#define IPSEC_MAX_CREDENTIALS 32
-+
-+struct ipsec_policy_cmd_query {
-+ struct ipsec_policy_msg_head head;
-+
-+ /* Query section */
-+ ip_address query_local; /* us */
-+ ip_address query_remote; /* them */
-+ u_int8_t proto; /* TCP, ICMP, etc. */
-+ u_short src_port, dst_port;
-+
-+ /* Answer section */
-+ enum ipsec_privacy_quality strength;
-+ enum ipsec_bandwidth_quality bandwidth;
-+ enum ipsec_authentication_algo auth_detail;
-+ enum ipsec_cipher_algo esp_detail;
-+ enum ipsec_comp_algo comp_detail;
-+
-+ int credential_count;
-+
-+ struct ipsec_identity credentials[IPSEC_MAX_CREDENTIALS];
-+};
-+
-+#define IPSEC_POLICY_SOCKET "/var/run/pluto/pluto.info"
-+
-+/* prototypes */
-+extern err_t ipsec_policy_lookup(int fd, struct ipsec_policy_cmd_query *result);
-+extern err_t ipsec_policy_init(void);
-+extern err_t ipsec_policy_final(void);
-+extern err_t ipsec_policy_readmsg(int policysock,
-+ unsigned char *buf, size_t buflen);
-+extern err_t ipsec_policy_sendrecv(unsigned char *buf, size_t buflen);
-+extern err_t ipsec_policy_cgilookup(struct ipsec_policy_cmd_query *result);
-+
-+
-+extern const char *ipsec_policy_version_code(void);
-+extern const char *ipsec_policy_version_string(void);
-+
-+#endif /* _IPSEC_POLICY_H */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_proto.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,199 @@
-+/*
-+ * @(#) prototypes for FreeSWAN functions
-+ *
-+ * Copyright (C) 2001 Richard Guy Briggs <rgb@freeswan.org>
-+ * and Michael Richardson <mcr@freeswan.org>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_proto.h,v 1.14 2005/04/29 04:50:03 mcr Exp $
-+ *
-+ */
-+
-+#ifndef _IPSEC_PROTO_H_
-+
-+#include "ipsec_param.h"
-+
-+/*
-+ * This file is a kernel only file that declares prototypes for
-+ * all intra-module function calls and global data structures.
-+ *
-+ * Include this file last.
-+ *
-+ */
-+
-+/* forward references */
-+enum ipsec_direction;
-+enum ipsec_life_type;
-+struct ipsec_lifetime64;
-+struct ident;
-+struct sockaddr_encap;
-+struct ipsec_sa;
-+
-+/* ipsec_init.c */
-+extern struct prng ipsec_prng;
-+
-+/* ipsec_sa.c */
-+extern struct ipsec_sa *ipsec_sadb_hash[SADB_HASHMOD];
-+extern spinlock_t tdb_lock;
-+extern int ipsec_sadb_init(void);
-+extern int ipsec_sadb_cleanup(__u8);
-+
-+extern struct ipsec_sa *ipsec_sa_alloc(int*error);
-+
-+
-+extern struct ipsec_sa *ipsec_sa_getbyid(ip_said *);
-+extern int ipsec_sa_put(struct ipsec_sa *);
-+extern /* void */ int ipsec_sa_del(struct ipsec_sa *);
-+extern /* void */ int ipsec_sa_delchain(struct ipsec_sa *);
-+extern /* void */ int ipsec_sa_add(struct ipsec_sa *);
-+
-+extern int ipsec_sa_init(struct ipsec_sa *ipsp);
-+extern int ipsec_sa_wipe(struct ipsec_sa *ipsp);
-+
-+/* debug declarations */
-+
-+/* ipsec_proc.c */
-+extern int ipsec_proc_init(void);
-+extern void ipsec_proc_cleanup(void);
-+
-+/* ipsec_rcv.c */
-+extern int ipsec_rcv(struct sk_buff *skb);
-+extern int klips26_rcv_encap(struct sk_buff *skb, __u16 encap_type);
-+
-+/* ipsec_xmit.c */
-+struct ipsec_xmit_state;
-+extern enum ipsec_xmit_value ipsec_xmit_sanity_check_dev(struct ipsec_xmit_state *ixs);
-+extern enum ipsec_xmit_value ipsec_xmit_sanity_check_skb(struct ipsec_xmit_state *ixs);
-+extern void ipsec_print_ip(struct iphdr *ip);
-+
-+
-+
-+/* ipsec_radij.c */
-+extern int ipsec_makeroute(struct sockaddr_encap *ea,
-+ struct sockaddr_encap *em,
-+ ip_said said,
-+ uint32_t pid,
-+ struct sk_buff *skb,
-+ struct ident *ident_s,
-+ struct ident *ident_d);
-+
-+extern int ipsec_breakroute(struct sockaddr_encap *ea,
-+ struct sockaddr_encap *em,
-+ struct sk_buff **first,
-+ struct sk_buff **last);
-+
-+int ipsec_radijinit(void);
-+int ipsec_cleareroutes(void);
-+int ipsec_radijcleanup(void);
-+
-+/* ipsec_life.c */
-+extern enum ipsec_life_alive ipsec_lifetime_check(struct ipsec_lifetime64 *il64,
-+ const char *lifename,
-+ const char *saname,
-+ enum ipsec_life_type ilt,
-+ enum ipsec_direction idir,
-+ struct ipsec_sa *ips);
-+
-+
-+extern int ipsec_lifetime_format(char *buffer,
-+ int buflen,
-+ char *lifename,
-+ enum ipsec_life_type timebaselife,
-+ struct ipsec_lifetime64 *lifetime);
-+
-+extern void ipsec_lifetime_update_hard(struct ipsec_lifetime64 *lifetime,
-+ __u64 newvalue);
-+
-+extern void ipsec_lifetime_update_soft(struct ipsec_lifetime64 *lifetime,
-+ __u64 newvalue);
-+
-+/* ipsec_snprintf.c */
-+extern int ipsec_snprintf(char * buf, ssize_t size, const char *fmt, ...);
-+extern void ipsec_dmp_block(char *s, caddr_t bb, int len);
-+
-+
-+/* ipsec_alg.c */
-+extern int ipsec_alg_init(void);
-+
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+
-+extern int debug_xform;
-+extern int debug_eroute;
-+extern int debug_spi;
-+extern int debug_netlink;
-+
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+
-+
-+
-+#define _IPSEC_PROTO_H
-+#endif /* _IPSEC_PROTO_H_ */
-+
-+/*
-+ * $Log: ipsec_proto.h,v $
-+ * Revision 1.14 2005/04/29 04:50:03 mcr
-+ * prototypes for xmit and alg code.
-+ *
-+ * Revision 1.13 2005/04/17 03:46:07 mcr
-+ * added prototypes for ipsec_rcv() routines.
-+ *
-+ * Revision 1.12 2005/04/14 20:28:37 mcr
-+ * added additional prototypes.
-+ *
-+ * Revision 1.11 2005/04/14 01:16:28 mcr
-+ * add prototypes for snprintf.
-+ *
-+ * Revision 1.10 2005/04/13 22:47:28 mcr
-+ * make sure that forward references are available.
-+ *
-+ * Revision 1.9 2004/07/10 19:08:41 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.8 2004/04/05 19:55:06 mcr
-+ * Moved from linux/include/freeswan/ipsec_proto.h,v
-+ *
-+ * Revision 1.7 2003/10/31 02:27:05 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.6.30.1 2003/10/29 01:10:19 mcr
-+ * elimited "struct sa_id"
-+ *
-+ * Revision 1.6 2002/05/23 07:13:48 rgb
-+ * Added ipsec_sa_put() for releasing an ipsec_sa refcount.
-+ *
-+ * Revision 1.5 2002/05/14 02:36:40 rgb
-+ * Converted reference from ipsec_sa_put to ipsec_sa_add to avoid confusion
-+ * with "put" usage in the kernel.
-+ *
-+ * Revision 1.4 2002/04/24 07:36:47 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_proto.h,v
-+ *
-+ * Revision 1.3 2002/04/20 00:12:25 rgb
-+ * Added esp IV CBC attack fix, disabled.
-+ *
-+ * Revision 1.2 2001/11/26 09:16:15 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.1.2.1 2001/09/25 02:21:01 mcr
-+ * ipsec_proto.h created to keep prototypes rather than deal with
-+ * cyclic dependancies of structures and prototypes in .h files.
-+ *
-+ *
-+ *
-+ * Local variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_radij.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,179 @@
-+/*
-+ * @(#) Definitions relevant to the IPSEC <> radij tree interfacing
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998, 1999, 2000, 2001 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_radij.h,v 1.22 2004/07/10 19:08:41 mcr Exp $
-+ */
-+
-+#ifndef _IPSEC_RADIJ_H
-+
-+#include <openswan.h>
-+
-+int ipsec_walk(char *);
-+
-+int ipsec_rj_walker_procprint(struct radij_node *, void *);
-+int ipsec_rj_walker_delete(struct radij_node *, void *);
-+
-+/* This structure is used to pass information between
-+ * ipsec_eroute_get_info and ipsec_rj_walker_procprint
-+ * (through rj_walktree) and between calls of ipsec_rj_walker_procprint.
-+ */
-+struct wsbuf
-+{
-+ /* from caller of ipsec_eroute_get_info: */
-+ char *const buffer; /* start of buffer provided */
-+ const int length; /* length of buffer provided */
-+ const off_t offset; /* file position of first character of interest */
-+ /* accumulated by ipsec_rj_walker_procprint: */
-+ int len; /* number of character filled into buffer */
-+ off_t begin; /* file position contained in buffer[0] (<=offset) */
-+};
-+
-+extern struct radij_node_head *rnh;
-+extern spinlock_t eroute_lock;
-+
-+struct eroute * ipsec_findroute(struct sockaddr_encap *);
-+
-+#define O1(x) (int)(((x)>>24)&0xff)
-+#define O2(x) (int)(((x)>>16)&0xff)
-+#define O3(x) (int)(((x)>>8)&0xff)
-+#define O4(x) (int)(((x))&0xff)
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+extern int debug_radij;
-+void rj_dumptrees(void);
-+
-+#define DB_RJ_DUMPTREES 0x0001
-+#define DB_RJ_FINDROUTE 0x0002
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+#define _IPSEC_RADIJ_H
-+#endif
-+
-+/*
-+ * $Log: ipsec_radij.h,v $
-+ * Revision 1.22 2004/07/10 19:08:41 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.21 2004/04/29 11:06:42 ken
-+ * Last bits from 2.06 procfs updates
-+ *
-+ * Revision 1.20 2004/04/06 02:49:08 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.19 2004/04/05 19:55:06 mcr
-+ * Moved from linux/include/freeswan/ipsec_radij.h,v
-+ *
-+ * Revision 1.18 2002/04/24 07:36:47 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_radij.h,v
-+ *
-+ * Revision 1.17 2001/11/26 09:23:49 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.16.2.1 2001/09/25 02:21:17 mcr
-+ * ipsec_proto.h created to keep prototypes rather than deal with
-+ * cyclic dependancies of structures and prototypes in .h files.
-+ *
-+ * Revision 1.16 2001/09/15 16:24:04 rgb
-+ * Re-inject first and last HOLD packet when an eroute REPLACE is done.
-+ *
-+ * Revision 1.15 2001/09/14 16:58:37 rgb
-+ * Added support for storing the first and last packets through a HOLD.
-+ *
-+ * Revision 1.14 2001/09/08 21:13:32 rgb
-+ * Added pfkey ident extension support for ISAKMPd. (NetCelo)
-+ *
-+ * Revision 1.13 2001/06/14 19:35:09 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.12 2001/05/27 06:12:11 rgb
-+ * Added structures for pid, packet count and last access time to eroute.
-+ * Added packet count to beginning of /proc/net/ipsec_eroute.
-+ *
-+ * Revision 1.11 2000/09/08 19:12:56 rgb
-+ * Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
-+ *
-+ * Revision 1.10 1999/11/17 15:53:39 rgb
-+ * Changed all occurrences of #include "../../../lib/freeswan.h"
-+ * to #include <freeswan.h> which works due to -Ilibfreeswan in the
-+ * klips/net/ipsec/Makefile.
-+ *
-+ * Revision 1.9 1999/10/01 00:01:23 rgb
-+ * Added eroute structure locking.
-+ *
-+ * Revision 1.8 1999/04/11 00:28:59 henry
-+ * GPL boilerplate
-+ *
-+ * Revision 1.7 1999/04/06 04:54:26 rgb
-+ * Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+ * patch shell fixes.
-+ *
-+ * Revision 1.6 1999/01/22 06:23:26 rgb
-+ * Cruft clean-out.
-+ *
-+ * Revision 1.5 1998/10/25 02:42:08 rgb
-+ * Change return type on ipsec_breakroute and ipsec_makeroute and add an
-+ * argument to be able to transmit more infomation about errors.
-+ *
-+ * Revision 1.4 1998/10/19 14:44:29 rgb
-+ * Added inclusion of freeswan.h.
-+ * sa_id structure implemented and used: now includes protocol.
-+ *
-+ * Revision 1.3 1998/07/28 00:03:31 rgb
-+ * Comment out temporary inet_nto4u() kluge.
-+ *
-+ * Revision 1.2 1998/07/14 18:22:00 rgb
-+ * Add function to clear the eroute table.
-+ *
-+ * Revision 1.1 1998/06/18 21:27:49 henry
-+ * move sources from klips/src to klips/net/ipsec, to keep stupid
-+ * kernel-build scripts happier in the presence of symlinks
-+ *
-+ * Revision 1.5 1998/05/25 20:30:38 rgb
-+ * Remove temporary ipsec_walk, rj_deltree and rj_delnodes functions.
-+ *
-+ * Rename ipsec_rj_walker (ipsec_walk) to ipsec_rj_walker_procprint and
-+ * add ipsec_rj_walker_delete.
-+ *
-+ * Revision 1.4 1998/05/21 13:02:56 rgb
-+ * Imported definitions from ipsec_radij.c and radij.c to support /proc 3k
-+ * limit fix.
-+ *
-+ * Revision 1.3 1998/04/21 21:29:09 rgb
-+ * Rearrange debug switches to change on the fly debug output from user
-+ * space. Only kernel changes checked in at this time. radij.c was also
-+ * changed to temporarily remove buggy debugging code in rj_delete causing
-+ * an OOPS and hence, netlink device open errors.
-+ *
-+ * Revision 1.2 1998/04/14 17:30:39 rgb
-+ * Fix up compiling errors for radij tree memory reclamation.
-+ *
-+ * Revision 1.1 1998/04/09 03:06:10 henry
-+ * sources moved up from linux/net/ipsec
-+ *
-+ * Revision 1.1.1.1 1998/04/08 05:35:04 henry
-+ * RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
-+ *
-+ * Revision 0.4 1997/01/15 01:28:15 ji
-+ * No changes.
-+ *
-+ * Revision 0.3 1996/11/20 14:39:04 ji
-+ * Minor cleanups.
-+ * Rationalized debugging code.
-+ *
-+ * Revision 0.2 1996/11/02 00:18:33 ji
-+ * First limited release.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_rcv.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,199 @@
-+/*
-+ *
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998, 1999, 2000, 2001 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_rcv.h,v 1.28.2.2 2006/10/06 21:39:26 paul Exp $
-+ */
-+
-+#ifndef IPSEC_RCV_H
-+#define IPSEC_RCV_H
-+
-+#include "openswan/ipsec_auth.h"
-+
-+#define DB_RX_PKTRX 0x0001
-+#define DB_RX_PKTRX2 0x0002
-+#define DB_RX_DMP 0x0004
-+#define DB_RX_IPSA 0x0010
-+#define DB_RX_XF 0x0020
-+#define DB_RX_IPAD 0x0040
-+#define DB_RX_INAU 0x0080
-+#define DB_RX_OINFO 0x0100
-+#define DB_RX_OINFO2 0x0200
-+#define DB_RX_OH 0x0400
-+#define DB_RX_REPLAY 0x0800
-+
-+#ifdef __KERNEL__
-+/* struct options; */
-+
-+#define __NO_VERSION__
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h> /* for CONFIG_IP_FORWARD */
-+#endif
-+#ifdef CONFIG_MODULES
-+#include <linux/module.h>
-+#endif
-+#include <linux/version.h>
-+#include <openswan.h>
-+
-+#define IPSEC_BIRTH_TEMPLATE_MAXLEN 256
-+
-+struct ipsec_birth_reply {
-+ int packet_template_len;
-+ unsigned char packet_template[IPSEC_BIRTH_TEMPLATE_MAXLEN];
-+};
-+
-+extern struct ipsec_birth_reply ipsec_ipv4_birth_packet;
-+extern struct ipsec_birth_reply ipsec_ipv6_birth_packet;
-+
-+enum ipsec_rcv_value {
-+ IPSEC_RCV_LASTPROTO=1,
-+ IPSEC_RCV_OK=0,
-+ IPSEC_RCV_BADPROTO=-1,
-+ IPSEC_RCV_BADLEN=-2,
-+ IPSEC_RCV_ESP_BADALG=-3,
-+ IPSEC_RCV_3DES_BADBLOCKING=-4,
-+ IPSEC_RCV_ESP_DECAPFAIL=-5,
-+ IPSEC_RCV_DECAPFAIL=-6,
-+ IPSEC_RCV_SAIDNOTFOUND=-7,
-+ IPSEC_RCV_IPCOMPALONE=-8,
-+ IPSEC_RCV_IPCOMPFAILED=-10,
-+ IPSEC_RCV_SAIDNOTLIVE=-11,
-+ IPSEC_RCV_FAILEDINBOUND=-12,
-+ IPSEC_RCV_LIFETIMEFAILED=-13,
-+ IPSEC_RCV_BADAUTH=-14,
-+ IPSEC_RCV_REPLAYFAILED=-15,
-+ IPSEC_RCV_AUTHFAILED=-16,
-+ IPSEC_RCV_REPLAYROLLED=-17,
-+ IPSEC_RCV_BAD_DECRYPT=-18
-+};
-+
-+struct ipsec_rcv_state {
-+ struct sk_buff *skb;
-+ struct net_device_stats *stats;
-+ struct iphdr *ipp; /* the IP header */
-+ struct ipsec_sa *ipsp; /* current SA being processed */
-+ int len; /* length of packet */
-+ int ilen; /* length of inner payload (-authlen) */
-+ int authlen; /* how big is the auth data at end */
-+ int hard_header_len; /* layer 2 size */
-+ int iphlen; /* how big is IP header */
-+ struct auth_alg *authfuncs;
-+ ip_said said;
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+ __u8 next_header;
-+ __u8 hash[AH_AMAX];
-+ char ipsaddr_txt[ADDRTOA_BUF];
-+ char ipdaddr_txt[ADDRTOA_BUF];
-+ __u8 *octx;
-+ __u8 *ictx;
-+ int ictx_len;
-+ int octx_len;
-+ union {
-+ struct {
-+ struct esphdr *espp;
-+ } espstuff;
-+ struct {
-+ struct ahhdr *ahp;
-+ } ahstuff;
-+ struct {
-+ struct ipcomphdr *compp;
-+ } ipcompstuff;
-+ } protostuff;
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ __u8 natt_type;
-+ __u16 natt_sport;
-+ __u16 natt_dport;
-+ int natt_len;
-+#endif
-+};
-+
-+extern int
-+#ifdef PROTO_HANDLER_SINGLE_PARM
-+ipsec_rcv(struct sk_buff *skb);
-+#else /* PROTO_HANDLER_SINGLE_PARM */
-+ipsec_rcv(struct sk_buff *skb,
-+ unsigned short xlen);
-+#endif /* PROTO_HANDLER_SINGLE_PARM */
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+extern int debug_rcv;
-+#define ipsec_rcv_dmp(_x,_y, _z) if (debug_rcv && sysctl_ipsec_debug_verbose) ipsec_dmp_block(_x,_y,_z)
-+#else
-+#define ipsec_rcv_dmp(_x,_y, _z) do {} while(0)
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+extern int sysctl_ipsec_inbound_policy_check;
-+#endif /* __KERNEL__ */
-+
-+extern int klips26_rcv_encap(struct sk_buff *skb, __u16 encap_type);
-+
-+
-+#endif /* IPSEC_RCV_H */
-+
-+/*
-+ * $Log: ipsec_rcv.h,v $
-+ * Revision 1.28.2.2 2006/10/06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.28.2.1 2006/07/10 15:52:20 paul
-+ * Fix for bug #642 by Bart Trojanowski
-+ *
-+ * Revision 1.28 2005/05/11 00:59:45 mcr
-+ * do not call debug routines if !defined KLIPS_DEBUG.
-+ *
-+ * Revision 1.27 2005/04/29 04:59:46 mcr
-+ * use ipsec_dmp_block.
-+ *
-+ * Revision 1.26 2005/04/13 22:48:35 mcr
-+ * added comments, and removed some log.
-+ * removed Linux 2.0 support.
-+ *
-+ * Revision 1.25 2005/04/08 18:25:37 mcr
-+ * prototype klips26 encap receive function
-+ *
-+ * Revision 1.24 2004/08/20 21:45:37 mcr
-+ * CONFIG_KLIPS_NAT_TRAVERSAL is not used in an attempt to
-+ * be 26sec compatible. But, some defines where changed.
-+ *
-+ * Revision 1.23 2004/08/03 18:17:40 mcr
-+ * in 2.6, use "net_device" instead of #define device->net_device.
-+ * this probably breaks 2.0 compiles.
-+ *
-+ * Revision 1.22 2004/07/10 19:08:41 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.21 2004/04/06 02:49:08 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.20 2004/04/05 19:55:06 mcr
-+ * Moved from linux/include/freeswan/ipsec_rcv.h,v
-+ *
-+ * Revision 1.19 2003/12/15 18:13:09 mcr
-+ * when compiling with NAT traversal, don't assume that the
-+ * kernel has been patched, unless CONFIG_IPSEC_NAT_NON_ESP
-+ * is set.
-+ *
-+ * history elided 2005-04-12.
-+ *
-+ * Local Variables:
-+ * c-basic-offset:8
-+ * c-style:linux
-+ * End:
-+ *
-+ */
-+
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_sa.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,355 @@
-+/*
-+ * @(#) Definitions of IPsec Security Association (ipsec_sa)
-+ *
-+ * Copyright (C) 2001, 2002, 2003
-+ * Richard Guy Briggs <rgb@freeswan.org>
-+ * and Michael Richardson <mcr@freeswan.org>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_sa.h,v 1.23 2005/05/11 01:18:59 mcr Exp $
-+ *
-+ * This file derived from ipsec_xform.h on 2001/9/18 by mcr.
-+ *
-+ */
-+
-+/*
-+ * This file describes the IPsec Security Association Structure.
-+ *
-+ * This structure keeps track of a single transform that may be done
-+ * to a set of packets. It can describe applying the transform or
-+ * apply the reverse. (e.g. compression vs expansion). However, it
-+ * only describes one at a time. To describe both, two structures would
-+ * be used, but since the sides of the transform are performed
-+ * on different machines typically it is usual to have only one side
-+ * of each association.
-+ *
-+ */
-+
-+#ifndef _IPSEC_SA_H_
-+
-+#ifdef __KERNEL__
-+#include "openswan/ipsec_stats.h"
-+#include "openswan/ipsec_life.h"
-+#include "openswan/ipsec_eroute.h"
-+#endif /* __KERNEL__ */
-+#include "openswan/ipsec_param.h"
-+
-+#include "pfkeyv2.h"
-+
-+
-+/* SAs are held in a table.
-+ * Entries in this table are referenced by IPsecSAref_t values.
-+ * IPsecSAref_t values are conceptually subscripts. Because
-+ * we want to allocate the table piece-meal, the subscripting
-+ * is implemented with two levels, a bit like paged virtual memory.
-+ * This representation mechanism is known as an Iliffe Vector.
-+ *
-+ * The Main table (AKA the refTable) consists of 2^IPSEC_SA_REF_MAINTABLE_IDX_WIDTH
-+ * pointers to subtables.
-+ * Each subtable has 2^IPSEC_SA_REF_SUBTABLE_IDX_WIDTH entries, each of which
-+ * is a pointer to an SA.
-+ *
-+ * An IPsecSAref_t contains either an exceptional value (signified by the
-+ * high-order bit being on) or a reference to a table entry. A table entry
-+ * reference has the subtable subscript in the low-order
-+ * IPSEC_SA_REF_SUBTABLE_IDX_WIDTH bits and the Main table subscript
-+ * in the next lowest IPSEC_SA_REF_MAINTABLE_IDX_WIDTH bits.
-+ *
-+ * The Maintable entry for an IPsecSAref_t x, a pointer to its subtable, is
-+ * IPsecSAref2table(x). It is of type struct IPsecSArefSubTable *.
-+ *
-+ * The pointer to the SA for x is IPsecSAref2SA(x). It is of type
-+ * struct ipsec_sa*. The macro definition clearly shows the two-level
-+ * access needed to find the SA pointer.
-+ *
-+ * The Maintable is allocated when IPsec is initialized.
-+ * Each subtable is allocated when needed, but the first is allocated
-+ * when IPsec is initialized.
-+ *
-+ * IPsecSAref_t is designed to be smaller than an NFmark so that
-+ * they can be stored in NFmarks and still leave a few bits for other
-+ * purposes. The spare bits are in the low order of the NFmark
-+ * but in the high order of the IPsecSAref_t, so conversion is required.
-+ * We pick the upper bits of NFmark on the theory that they are less likely to
-+ * interfere with more pedestrian uses of nfmark.
-+ */
-+
-+
-+typedef unsigned short int IPsecRefTableUnusedCount;
-+
-+#define IPSEC_SA_REF_TABLE_NUM_ENTRIES (1 << IPSEC_SA_REF_TABLE_IDX_WIDTH)
-+
-+#ifdef __KERNEL__
-+#if ((IPSEC_SA_REF_TABLE_IDX_WIDTH - (1 + IPSEC_SA_REF_MAINTABLE_IDX_WIDTH)) < 0)
-+#error "IPSEC_SA_REF_TABLE_IDX_WIDTH("IPSEC_SA_REF_TABLE_IDX_WIDTH") MUST be < 1 + IPSEC_SA_REF_MAINTABLE_IDX_WIDTH("IPSEC_SA_REF_MAINTABLE_IDX_WIDTH")"
-+#endif
-+
-+#define IPSEC_SA_REF_SUBTABLE_IDX_WIDTH (IPSEC_SA_REF_TABLE_IDX_WIDTH - IPSEC_SA_REF_MAINTABLE_IDX_WIDTH)
-+
-+#define IPSEC_SA_REF_MAINTABLE_NUM_ENTRIES (1 << IPSEC_SA_REF_MAINTABLE_IDX_WIDTH)
-+#define IPSEC_SA_REF_SUBTABLE_NUM_ENTRIES (1 << IPSEC_SA_REF_SUBTABLE_IDX_WIDTH)
-+
-+#ifdef CONFIG_NETFILTER
-+#define IPSEC_SA_REF_HOST_FIELD(x) ((struct sk_buff*)(x))->nfmark
-+#define IPSEC_SA_REF_HOST_FIELD_TYPE typeof(IPSEC_SA_REF_HOST_FIELD(NULL))
-+#else /* CONFIG_NETFILTER */
-+/* just make it work for now, it doesn't matter, since there is no nfmark */
-+#define IPSEC_SA_REF_HOST_FIELD_TYPE unsigned long
-+#endif /* CONFIG_NETFILTER */
-+#define IPSEC_SA_REF_HOST_FIELD_WIDTH (8 * sizeof(IPSEC_SA_REF_HOST_FIELD_TYPE))
-+#define IPSEC_SA_REF_FIELD_WIDTH (8 * sizeof(IPsecSAref_t))
-+
-+#define IPSEC_SA_REF_MASK (IPSEC_SAREF_NULL >> (IPSEC_SA_REF_FIELD_WIDTH - IPSEC_SA_REF_TABLE_IDX_WIDTH))
-+#define IPSEC_SA_REF_TABLE_MASK ((IPSEC_SAREF_NULL >> (IPSEC_SA_REF_FIELD_WIDTH - IPSEC_SA_REF_MAINTABLE_IDX_WIDTH)) << IPSEC_SA_REF_SUBTABLE_IDX_WIDTH)
-+#define IPSEC_SA_REF_ENTRY_MASK (IPSEC_SAREF_NULL >> (IPSEC_SA_REF_FIELD_WIDTH - IPSEC_SA_REF_SUBTABLE_IDX_WIDTH))
-+
-+#define IPsecSAref2table(x) (((x) & IPSEC_SA_REF_TABLE_MASK) >> IPSEC_SA_REF_SUBTABLE_IDX_WIDTH)
-+#define IPsecSAref2entry(x) ((x) & IPSEC_SA_REF_ENTRY_MASK)
-+#define IPsecSArefBuild(x,y) (((x) << IPSEC_SA_REF_SUBTABLE_IDX_WIDTH) + (y))
-+
-+#define IPsecSAref2SA(x) (ipsec_sadb.refTable[IPsecSAref2table(x)]->entry[IPsecSAref2entry(x)])
-+#define IPsecSA2SAref(x) ((x)->ips_ref)
-+
-+#define EMT_INBOUND 0x01 /* SA direction, 1=inbound */
-+
-+/* 'struct ipsec_sa' should be 64bit aligned when allocated. */
-+struct ipsec_sa
-+{
-+ IPsecSAref_t ips_ref; /* reference table entry number */
-+ atomic_t ips_refcount; /* reference count for this struct */
-+ struct ipsec_sa *ips_hnext; /* next in hash chain */
-+ struct ipsec_sa *ips_inext; /* pointer to next xform */
-+ struct ipsec_sa *ips_onext; /* pointer to prev xform */
-+
-+ struct ifnet *ips_rcvif; /* related rcv encap interface */
-+
-+ ip_said ips_said; /* SA ID */
-+
-+ __u32 ips_seq; /* seq num of msg that initiated this SA */
-+ __u32 ips_pid; /* PID of process that initiated this SA */
-+ __u8 ips_authalg; /* auth algorithm for this SA */
-+ __u8 ips_encalg; /* enc algorithm for this SA */
-+
-+ struct ipsec_stats ips_errs;
-+
-+ __u8 ips_replaywin; /* replay window size */
-+ enum sadb_sastate ips_state; /* state of SA */
-+ __u32 ips_replaywin_lastseq; /* last pkt sequence num */
-+ __u64 ips_replaywin_bitmap; /* bitmap of received pkts */
-+ __u32 ips_replaywin_maxdiff; /* max pkt sequence difference */
-+
-+ __u32 ips_flags; /* generic xform flags */
-+
-+
-+ struct ipsec_lifetimes ips_life; /* lifetime records */
-+
-+ /* selector information */
-+ __u8 ips_transport_protocol; /* protocol for this SA, if ports are involved */
-+ struct sockaddr*ips_addr_s; /* src sockaddr */
-+ struct sockaddr*ips_addr_d; /* dst sockaddr */
-+ struct sockaddr*ips_addr_p; /* proxy sockaddr */
-+ __u16 ips_addr_s_size;
-+ __u16 ips_addr_d_size;
-+ __u16 ips_addr_p_size;
-+ ip_address ips_flow_s;
-+ ip_address ips_flow_d;
-+ ip_address ips_mask_s;
-+ ip_address ips_mask_d;
-+
-+ __u16 ips_key_bits_a; /* size of authkey in bits */
-+ __u16 ips_auth_bits; /* size of authenticator in bits */
-+ __u16 ips_key_bits_e; /* size of enckey in bits */
-+ __u16 ips_iv_bits; /* size of IV in bits */
-+ __u8 ips_iv_size;
-+ __u16 ips_key_a_size;
-+ __u16 ips_key_e_size;
-+
-+ caddr_t ips_key_a; /* authentication key */
-+ caddr_t ips_key_e; /* encryption key */
-+ caddr_t ips_iv; /* Initialisation Vector */
-+
-+ struct ident ips_ident_s; /* identity src */
-+ struct ident ips_ident_d; /* identity dst */
-+
-+ /* these are included even if CONFIG_KLIPS_IPCOMP is off */
-+ __u16 ips_comp_adapt_tries; /* ipcomp self-adaption tries */
-+ __u16 ips_comp_adapt_skip; /* ipcomp self-adaption to-skip */
-+ __u64 ips_comp_ratio_cbytes; /* compressed bytes */
-+ __u64 ips_comp_ratio_dbytes; /* decompressed (or uncompressed) bytes */
-+
-+ /* these are included even if CONFIG_IPSEC_NAT_TRAVERSAL is off */
-+ __u8 ips_natt_type;
-+ __u8 ips_natt_reserved[3];
-+ __u16 ips_natt_sport;
-+ __u16 ips_natt_dport;
-+
-+ struct sockaddr *ips_natt_oa;
-+ __u16 ips_natt_oa_size;
-+ __u16 ips_natt_reserved2;
-+
-+#if 0
-+ __u32 ips_sens_dpd;
-+ __u8 ips_sens_sens_level;
-+ __u8 ips_sens_sens_len;
-+ __u64* ips_sens_sens_bitmap;
-+ __u8 ips_sens_integ_level;
-+ __u8 ips_sens_integ_len;
-+ __u64* ips_sens_integ_bitmap;
-+#endif
-+ struct ipsec_alg_enc *ips_alg_enc;
-+ struct ipsec_alg_auth *ips_alg_auth;
-+ IPsecSAref_t ips_ref_rel;
-+};
-+
-+struct IPsecSArefSubTable
-+{
-+ struct ipsec_sa* entry[IPSEC_SA_REF_SUBTABLE_NUM_ENTRIES];
-+};
-+
-+struct ipsec_sadb {
-+ struct IPsecSArefSubTable* refTable[IPSEC_SA_REF_MAINTABLE_NUM_ENTRIES];
-+ IPsecSAref_t refFreeList[IPSEC_SA_REF_FREELIST_NUM_ENTRIES];
-+ int refFreeListHead;
-+ int refFreeListTail;
-+ IPsecSAref_t refFreeListCont;
-+ IPsecSAref_t said_hash[SADB_HASHMOD];
-+ spinlock_t sadb_lock;
-+};
-+
-+extern struct ipsec_sadb ipsec_sadb;
-+
-+extern int ipsec_SAref_recycle(void);
-+extern int ipsec_SArefSubTable_alloc(unsigned table);
-+extern int ipsec_saref_freelist_init(void);
-+extern int ipsec_sadb_init(void);
-+extern struct ipsec_sa *ipsec_sa_alloc(int*error); /* pass in error var by pointer */
-+extern IPsecSAref_t ipsec_SAref_alloc(int*erorr); /* pass in error var by pointer */
-+extern int ipsec_sa_free(struct ipsec_sa* ips);
-+extern int ipsec_sa_put(struct ipsec_sa *ips);
-+extern int ipsec_sa_add(struct ipsec_sa *ips);
-+extern int ipsec_sa_del(struct ipsec_sa *ips);
-+extern int ipsec_sa_delchain(struct ipsec_sa *ips);
-+extern int ipsec_sadb_cleanup(__u8 proto);
-+extern int ipsec_sadb_free(void);
-+extern int ipsec_sa_wipe(struct ipsec_sa *ips);
-+#endif /* __KERNEL__ */
-+
-+enum ipsec_direction {
-+ ipsec_incoming = 1,
-+ ipsec_outgoing = 2
-+};
-+
-+#define _IPSEC_SA_H_
-+#endif /* _IPSEC_SA_H_ */
-+
-+/*
-+ * $Log: ipsec_sa.h,v $
-+ * Revision 1.23 2005/05/11 01:18:59 mcr
-+ * do not change structure based upon options, to avoid
-+ * too many #ifdef.
-+ *
-+ * Revision 1.22 2005/04/14 01:17:09 mcr
-+ * change sadb_state to an enum.
-+ *
-+ * Revision 1.21 2004/08/20 21:45:37 mcr
-+ * CONFIG_KLIPS_NAT_TRAVERSAL is not used in an attempt to
-+ * be 26sec compatible. But, some defines where changed.
-+ *
-+ * Revision 1.20 2004/07/10 19:08:41 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.19 2004/04/05 19:55:06 mcr
-+ * Moved from linux/include/freeswan/ipsec_sa.h,v
-+ *
-+ * Revision 1.18 2004/04/05 19:41:05 mcr
-+ * merged alg-branch code.
-+ *
-+ * Revision 1.17.2.1 2003/12/22 15:25:52 jjo
-+ * . Merged algo-0.8.1-rc11-test1 into alg-branch
-+ *
-+ * Revision 1.17 2003/12/10 01:20:06 mcr
-+ * NAT-traversal patches to KLIPS.
-+ *
-+ * Revision 1.16 2003/10/31 02:27:05 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.15.4.1 2003/10/29 01:10:19 mcr
-+ * elimited "struct sa_id"
-+ *
-+ * Revision 1.15 2003/05/11 00:53:09 mcr
-+ * IPsecSAref_t and macros were moved to freeswan.h.
-+ *
-+ * Revision 1.14 2003/02/12 19:31:55 rgb
-+ * Fixed bug in "file seen" machinery.
-+ * Updated copyright year.
-+ *
-+ * Revision 1.13 2003/01/30 02:31:52 rgb
-+ *
-+ * Re-wrote comments describing SAref system for accuracy.
-+ * Rename SAref table macro names for clarity.
-+ * Convert IPsecSAref_t from signed to unsigned to fix apparent SAref exhaustion bug.
-+ * Transmit error code through to caller from callee for better diagnosis of problems.
-+ * Enclose all macro arguments in parens to avoid any possible obscrure bugs.
-+ *
-+ * Revision 1.12 2002/10/07 18:31:19 rgb
-+ * Change comment to reflect the flexible nature of the main and sub-table widths.
-+ * Added a counter for the number of unused entries in each subtable.
-+ * Further break up host field type macro to host field.
-+ * Move field width sanity checks to ipsec_sa.c
-+ * Define a mask for an entire saref.
-+ *
-+ * Revision 1.11 2002/09/20 15:40:33 rgb
-+ * Re-write most of the SAref macros and types to eliminate any pointer references to Entrys.
-+ * Fixed SAref/nfmark macros.
-+ * Rework saref freeslist.
-+ * Place all ipsec sadb globals into one struct.
-+ * Restrict some bits to kernel context for use to klips utils.
-+ *
-+ * Revision 1.10 2002/09/20 05:00:34 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.9 2002/09/17 17:19:29 mcr
-+ * make it compile even if there is no netfilter - we lost
-+ * functionality, but it works, especially on 2.2.
-+ *
-+ * Revision 1.8 2002/07/28 22:59:53 mcr
-+ * clarified/expanded one comment.
-+ *
-+ * Revision 1.7 2002/07/26 08:48:31 rgb
-+ * Added SA ref table code.
-+ *
-+ * Revision 1.6 2002/05/31 17:27:48 rgb
-+ * Comment fix.
-+ *
-+ * Revision 1.5 2002/05/27 18:55:03 rgb
-+ * Remove final vistiges of tdb references via IPSEC_KLIPS1_COMPAT.
-+ *
-+ * Revision 1.4 2002/05/23 07:13:36 rgb
-+ * Convert "usecount" to "refcount" to remove ambiguity.
-+ *
-+ * Revision 1.3 2002/04/24 07:36:47 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_sa.h,v
-+ *
-+ * Revision 1.2 2001/11/26 09:16:15 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.1.2.1 2001/09/25 02:24:58 mcr
-+ * struct tdb -> struct ipsec_sa.
-+ * sa(tdb) manipulation functions renamed and moved to ipsec_sa.c
-+ * ipsec_xform.c removed. header file still contains useful things.
-+ *
-+ *
-+ * Local variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_sha1.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,79 @@
-+/*
-+ * RCSID $Id: ipsec_sha1.h,v 1.8 2004/04/05 19:55:07 mcr Exp $
-+ */
-+
-+/*
-+ * Here is the original comment from the distribution:
-+
-+SHA-1 in C
-+By Steve Reid <steve@edmweb.com>
-+100% Public Domain
-+
-+ * Adapted for use by the IPSEC code by John Ioannidis
-+ */
-+
-+
-+#ifndef _IPSEC_SHA1_H_
-+#define _IPSEC_SHA1_H_
-+
-+typedef struct
-+{
-+ __u32 state[5];
-+ __u32 count[2];
-+ __u8 buffer[64];
-+} SHA1_CTX;
-+
-+void SHA1Transform(__u32 state[5], __u8 buffer[64]);
-+void SHA1Init(void *context);
-+void SHA1Update(void *context, unsigned char *data, __u32 len);
-+void SHA1Final(unsigned char digest[20], void *context);
-+
-+
-+#endif /* _IPSEC_SHA1_H_ */
-+
-+/*
-+ * $Log: ipsec_sha1.h,v $
-+ * Revision 1.8 2004/04/05 19:55:07 mcr
-+ * Moved from linux/include/freeswan/ipsec_sha1.h,v
-+ *
-+ * Revision 1.7 2002/09/10 01:45:09 mcr
-+ * changed type of MD5_CTX and SHA1_CTX to void * so that
-+ * the function prototypes would match, and could be placed
-+ * into a pointer to a function.
-+ *
-+ * Revision 1.6 2002/04/24 07:36:47 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_sha1.h,v
-+ *
-+ * Revision 1.5 1999/12/13 13:59:13 rgb
-+ * Quick fix to argument size to Update bugs.
-+ *
-+ * Revision 1.4 1999/12/07 18:16:23 rgb
-+ * Fixed comments at end of #endif lines.
-+ *
-+ * Revision 1.3 1999/04/06 04:54:27 rgb
-+ * Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+ * patch shell fixes.
-+ *
-+ * Revision 1.2 1998/11/30 13:22:54 rgb
-+ * Rationalised all the klips kernel file headers. They are much shorter
-+ * now and won't conflict under RH5.2.
-+ *
-+ * Revision 1.1 1998/06/18 21:27:50 henry
-+ * move sources from klips/src to klips/net/ipsec, to keep stupid
-+ * kernel-build scripts happier in the presence of symlinks
-+ *
-+ * Revision 1.2 1998/04/23 20:54:05 rgb
-+ * Fixed md5 and sha1 include file nesting issues, to be cleaned up when
-+ * verified.
-+ *
-+ * Revision 1.1 1998/04/09 03:04:21 henry
-+ * sources moved up from linux/net/ipsec
-+ * these two include files modified not to include others except in kernel
-+ *
-+ * Revision 1.1.1.1 1998/04/08 05:35:04 henry
-+ * RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
-+ *
-+ * Revision 0.4 1997/01/15 01:28:15 ji
-+ * New transform
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_stats.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,76 @@
-+/*
-+ * @(#) definition of ipsec_stats structure
-+ *
-+ * Copyright (C) 2001 Richard Guy Briggs <rgb@freeswan.org>
-+ * and Michael Richardson <mcr@freeswan.org>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_stats.h,v 1.7 2005/04/14 01:17:45 mcr Exp $
-+ *
-+ */
-+
-+/*
-+ * This file describes the errors/statistics that FreeSWAN collects.
-+ */
-+
-+#ifndef _IPSEC_STATS_H_
-+
-+struct ipsec_stats {
-+ __u32 ips_alg_errs; /* number of algorithm errors */
-+ __u32 ips_auth_errs; /* # of authentication errors */
-+ __u32 ips_encsize_errs; /* # of encryption size errors*/
-+ __u32 ips_encpad_errs; /* # of encryption pad errors*/
-+ __u32 ips_replaywin_errs; /* # of pkt sequence errors */
-+};
-+
-+#define _IPSEC_STATS_H_
-+#endif /* _IPSEC_STATS_H_ */
-+
-+/*
-+ * $Log: ipsec_stats.h,v $
-+ * Revision 1.7 2005/04/14 01:17:45 mcr
-+ * add prototypes for snprintf.
-+ *
-+ * Revision 1.6 2004/04/05 19:55:07 mcr
-+ * Moved from linux/include/freeswan/ipsec_stats.h,v
-+ *
-+ * Revision 1.5 2004/04/05 19:41:05 mcr
-+ * merged alg-branch code.
-+ *
-+ * Revision 1.4 2004/03/28 20:27:19 paul
-+ * Included tested and confirmed fixes mcr made and dhr verified for
-+ * snprint statements. Changed one other snprintf to use ipsec_snprintf
-+ * so it wouldnt break compatibility with 2.0/2.2 kernels. Verified with
-+ * dhr. (thanks dhr!)
-+ *
-+ * Revision 1.4 2004/03/24 01:58:31 mcr
-+ * sprintf->snprintf for formatting into proc buffer.
-+ *
-+ * Revision 1.3.34.1 2004/04/05 04:30:46 mcr
-+ * patches for alg-branch to compile/work with 2.x openswan
-+ *
-+ * Revision 1.3 2002/04/24 07:36:47 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_stats.h,v
-+ *
-+ * Revision 1.2 2001/11/26 09:16:16 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.1.2.1 2001/09/25 02:27:00 mcr
-+ * statistics moved to seperate structure.
-+ *
-+ *
-+ *
-+ * Local variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_tunnel.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,280 @@
-+/*
-+ * IPSEC tunneling code
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_tunnel.h,v 1.33 2005/06/04 16:06:05 mcr Exp $
-+ */
-+
-+
-+#ifdef NET_21
-+# define DEV_QUEUE_XMIT(skb, device, pri) {\
-+ skb->dev = device; \
-+ neigh_compat_output(skb); \
-+ /* skb->dst->output(skb); */ \
-+ }
-+# define ICMP_SEND(skb_in, type, code, info, dev) \
-+ icmp_send(skb_in, type, code, htonl(info))
-+# define IP_SEND(skb, dev) \
-+ ip_send(skb);
-+#else /* NET_21 */
-+# define DEV_QUEUE_XMIT(skb, device, pri) {\
-+ dev_queue_xmit(skb, device, pri); \
-+ }
-+# define ICMP_SEND(skb_in, type, code, info, dev) \
-+ icmp_send(skb_in, type, code, info, dev)
-+# define IP_SEND(skb, dev) \
-+ if(ntohs(iph->tot_len) > physmtu) { \
-+ ip_fragment(NULL, skb, dev, 0); \
-+ ipsec_kfree_skb(skb); \
-+ } else { \
-+ dev_queue_xmit(skb, dev, SOPRI_NORMAL); \
-+ }
-+#endif /* NET_21 */
-+
-+
-+/*
-+ * Heavily based on drivers/net/new_tunnel.c. Lots
-+ * of ideas also taken from the 2.1.x version of drivers/net/shaper.c
-+ */
-+
-+struct ipsectunnelconf
-+{
-+ __u32 cf_cmd;
-+ union
-+ {
-+ char cfu_name[12];
-+ } cf_u;
-+#define cf_name cf_u.cfu_name
-+};
-+
-+#define IPSEC_SET_DEV (SIOCDEVPRIVATE)
-+#define IPSEC_DEL_DEV (SIOCDEVPRIVATE + 1)
-+#define IPSEC_CLR_DEV (SIOCDEVPRIVATE + 2)
-+
-+#ifdef __KERNEL__
-+#include <linux/version.h>
-+#ifndef KERNEL_VERSION
-+# define KERNEL_VERSION(x,y,z) (((x)<<16)+((y)<<8)+(z))
-+#endif
-+struct ipsecpriv
-+{
-+ struct sk_buff_head sendq;
-+ struct net_device *dev;
-+ struct wait_queue *wait_queue;
-+ char locked;
-+ int (*hard_start_xmit) (struct sk_buff *skb,
-+ struct net_device *dev);
-+ int (*hard_header) (struct sk_buff *skb,
-+ struct net_device *dev,
-+ unsigned short type,
-+ void *daddr,
-+ void *saddr,
-+ unsigned len);
-+#ifdef NET_21
-+ int (*rebuild_header)(struct sk_buff *skb);
-+#else /* NET_21 */
-+ int (*rebuild_header)(void *buff, struct net_device *dev,
-+ unsigned long raddr, struct sk_buff *skb);
-+#endif /* NET_21 */
-+ int (*set_mac_address)(struct net_device *dev, void *addr);
-+#ifndef NET_21
-+ void (*header_cache_bind)(struct hh_cache **hhp, struct net_device *dev,
-+ unsigned short htype, __u32 daddr);
-+#endif /* !NET_21 */
-+ void (*header_cache_update)(struct hh_cache *hh, struct net_device *dev, unsigned char * haddr);
-+ struct net_device_stats *(*get_stats)(struct net_device *dev);
-+ struct net_device_stats mystats;
-+ int mtu; /* What is the desired MTU? */
-+};
-+
-+extern char ipsec_tunnel_c_version[];
-+
-+extern struct net_device *ipsecdevices[IPSEC_NUM_IF];
-+
-+int ipsec_tunnel_init_devices(void);
-+
-+/* void */ int ipsec_tunnel_cleanup_devices(void);
-+
-+extern /* void */ int ipsec_init(void);
-+
-+extern int ipsec_tunnel_start_xmit(struct sk_buff *skb, struct net_device *dev);
-+extern struct net_device *ipsec_get_device(int inst);
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+extern int debug_tunnel;
-+extern int sysctl_ipsec_debug_verbose;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+#endif /* __KERNEL__ */
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+#define DB_TN_INIT 0x0001
-+#define DB_TN_PROCFS 0x0002
-+#define DB_TN_XMIT 0x0010
-+#define DB_TN_OHDR 0x0020
-+#define DB_TN_CROUT 0x0040
-+#define DB_TN_OXFS 0x0080
-+#define DB_TN_REVEC 0x0100
-+#define DB_TN_ENCAP 0x0200
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+/*
-+ * $Log: ipsec_tunnel.h,v $
-+ * Revision 1.33 2005/06/04 16:06:05 mcr
-+ * better patch for nat-t rcv-device code.
-+ *
-+ * Revision 1.32 2005/05/21 03:18:35 mcr
-+ * added additional debug flag tunnelling.
-+ *
-+ * Revision 1.31 2004/08/03 18:18:02 mcr
-+ * in 2.6, use "net_device" instead of #define device->net_device.
-+ * this probably breaks 2.0 compiles.
-+ *
-+ * Revision 1.30 2004/07/10 19:08:41 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.29 2004/04/05 19:55:07 mcr
-+ * Moved from linux/include/freeswan/ipsec_tunnel.h,v
-+ *
-+ * Revision 1.28 2003/06/24 20:22:32 mcr
-+ * added new global: ipsecdevices[] so that we can keep track of
-+ * the ipsecX devices. They will be referenced with dev_hold(),
-+ * so 2.2 may need this as well.
-+ *
-+ * Revision 1.27 2003/04/03 17:38:09 rgb
-+ * Centralised ipsec_kfree_skb and ipsec_dev_{get,put}.
-+ *
-+ * Revision 1.26 2003/02/12 19:32:20 rgb
-+ * Updated copyright year.
-+ *
-+ * Revision 1.25 2002/05/27 18:56:07 rgb
-+ * Convert to dynamic ipsec device allocation.
-+ *
-+ * Revision 1.24 2002/04/24 07:36:48 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_tunnel.h,v
-+ *
-+ * Revision 1.23 2001/11/06 19:50:44 rgb
-+ * Moved IP_SEND, ICMP_SEND, DEV_QUEUE_XMIT macros to ipsec_tunnel.h for
-+ * use also by pfkey_v2_parser.c
-+ *
-+ * Revision 1.22 2001/09/15 16:24:05 rgb
-+ * Re-inject first and last HOLD packet when an eroute REPLACE is done.
-+ *
-+ * Revision 1.21 2001/06/14 19:35:10 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.20 2000/09/15 11:37:02 rgb
-+ * Merge in heavily modified Svenning Soerensen's <svenning@post5.tele.dk>
-+ * IPCOMP zlib deflate code.
-+ *
-+ * Revision 1.19 2000/09/08 19:12:56 rgb
-+ * Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
-+ *
-+ * Revision 1.18 2000/07/28 13:50:54 rgb
-+ * Changed enet_statistics to net_device_stats and added back compatibility
-+ * for pre-2.1.19.
-+ *
-+ * Revision 1.17 1999/11/19 01:12:15 rgb
-+ * Purge unneeded proc_info prototypes, now that static linking uses
-+ * dynamic proc_info registration.
-+ *
-+ * Revision 1.16 1999/11/18 18:51:00 rgb
-+ * Changed all device registrations for static linking to
-+ * dynamic to reduce the number and size of patches.
-+ *
-+ * Revision 1.15 1999/11/18 04:14:21 rgb
-+ * Replaced all kernel version macros to shorter, readable form.
-+ * Added CONFIG_PROC_FS compiler directives in case it is shut off.
-+ * Added Marc Boucher's 2.3.25 proc patches.
-+ *
-+ * Revision 1.14 1999/05/25 02:50:10 rgb
-+ * Fix kernel version macros for 2.0.x static linking.
-+ *
-+ * Revision 1.13 1999/05/25 02:41:06 rgb
-+ * Add ipsec_klipsdebug support for static linking.
-+ *
-+ * Revision 1.12 1999/05/05 22:02:32 rgb
-+ * Add a quick and dirty port to 2.2 kernels by Marc Boucher <marc@mbsi.ca>.
-+ *
-+ * Revision 1.11 1999/04/29 15:19:50 rgb
-+ * Add return values to init and cleanup functions.
-+ *
-+ * Revision 1.10 1999/04/16 16:02:39 rgb
-+ * Bump up macro to 4 ipsec I/Fs.
-+ *
-+ * Revision 1.9 1999/04/15 15:37:25 rgb
-+ * Forward check changes from POST1_00 branch.
-+ *
-+ * Revision 1.5.2.1 1999/04/02 04:26:14 rgb
-+ * Backcheck from HEAD, pre1.0.
-+ *
-+ * Revision 1.8 1999/04/11 00:29:01 henry
-+ * GPL boilerplate
-+ *
-+ * Revision 1.7 1999/04/06 04:54:28 rgb
-+ * Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+ * patch shell fixes.
-+ *
-+ * Revision 1.6 1999/03/31 05:44:48 rgb
-+ * Keep PMTU reduction private.
-+ *
-+ * Revision 1.5 1999/02/10 22:31:20 rgb
-+ * Change rebuild_header member to reflect generality of link layer.
-+ *
-+ * Revision 1.4 1998/12/01 13:22:04 rgb
-+ * Added support for debug printing of version info.
-+ *
-+ * Revision 1.3 1998/07/29 20:42:46 rgb
-+ * Add a macro for clearing all tunnel devices.
-+ * Rearrange structures and declarations for sharing with userspace.
-+ *
-+ * Revision 1.2 1998/06/25 20:01:45 rgb
-+ * Make prototypes available for ipsec_init and ipsec proc_dir_entries
-+ * for static linking.
-+ *
-+ * Revision 1.1 1998/06/18 21:27:50 henry
-+ * move sources from klips/src to klips/net/ipsec, to keep stupid
-+ * kernel-build scripts happier in the presence of symlinks
-+ *
-+ * Revision 1.3 1998/05/18 21:51:50 rgb
-+ * Added macros for num of I/F's and a procfs debug switch.
-+ *
-+ * Revision 1.2 1998/04/21 21:29:09 rgb
-+ * Rearrange debug switches to change on the fly debug output from user
-+ * space. Only kernel changes checked in at this time. radij.c was also
-+ * changed to temporarily remove buggy debugging code in rj_delete causing
-+ * an OOPS and hence, netlink device open errors.
-+ *
-+ * Revision 1.1 1998/04/09 03:06:13 henry
-+ * sources moved up from linux/net/ipsec
-+ *
-+ * Revision 1.1.1.1 1998/04/08 05:35:05 henry
-+ * RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
-+ *
-+ * Revision 0.5 1997/06/03 04:24:48 ji
-+ * Added transport mode.
-+ * Changed the way routing is done.
-+ * Lots of bug fixes.
-+ *
-+ * Revision 0.4 1997/01/15 01:28:15 ji
-+ * No changes.
-+ *
-+ * Revision 0.3 1996/11/20 14:39:04 ji
-+ * Minor cleanups.
-+ * Rationalized debugging code.
-+ *
-+ * Revision 0.2 1996/11/02 00:18:33 ji
-+ * First limited release.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_xform.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,257 @@
-+/*
-+ * Definitions relevant to IPSEC transformations
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998, 1999, 2000, 2001 Richard Guy Briggs.
-+ * COpyright (C) 2003 Michael Richardson <mcr@sandelman.ottawa.on.ca>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_xform.h,v 1.41 2004/07/10 19:08:41 mcr Exp $
-+ */
-+
-+#ifndef _IPSEC_XFORM_H_
-+
-+#include <openswan.h>
-+
-+#define XF_NONE 0 /* No transform set */
-+#define XF_IP4 1 /* IPv4 inside IPv4 */
-+#define XF_AHMD5 2 /* AH MD5 */
-+#define XF_AHSHA 3 /* AH SHA */
-+#define XF_ESP3DES 5 /* ESP DES3-CBC */
-+#define XF_AHHMACMD5 6 /* AH-HMAC-MD5 with opt replay prot */
-+#define XF_AHHMACSHA1 7 /* AH-HMAC-SHA1 with opt replay prot */
-+#define XF_ESP3DESMD5 9 /* triple DES, HMAC-MD-5, 128-bits of authentication */
-+#define XF_ESP3DESMD596 10 /* triple DES, HMAC-MD-5, 96-bits of authentication */
-+#define XF_ESPNULLMD596 12 /* NULL, HMAC-MD-5 with 96-bits of authentication */
-+#define XF_ESPNULLSHA196 13 /* NULL, HMAC-SHA-1 with 96-bits of authentication */
-+#define XF_ESP3DESSHA196 14 /* triple DES, HMAC-SHA-1, 96-bits of authentication */
-+#define XF_IP6 15 /* IPv6 inside IPv6 */
-+#define XF_COMPDEFLATE 16 /* IPCOMP deflate */
-+
-+#define XF_CLR 126 /* Clear SA table */
-+#define XF_DEL 127 /* Delete SA */
-+
-+/* IPsec AH transform values
-+ * RFC 2407
-+ * draft-ietf-ipsec-doi-tc-mib-02.txt
-+ */
-+
-+#define AH_NONE 0
-+#define AH_MD5 2
-+#define AH_SHA 3
-+/* draft-ietf-ipsec-ciph-aes-cbc-03.txt */
-+#define AH_SHA2_256 5
-+#define AH_SHA2_384 6
-+#define AH_SHA2_512 7
-+#define AH_RIPEMD 8
-+#define AH_MAX 15
-+
-+/* IPsec ESP transform values */
-+
-+#define ESP_NONE 0
-+#define ESP_DES 2
-+#define ESP_3DES 3
-+#define ESP_RC5 4
-+#define ESP_IDEA 5
-+#define ESP_CAST 6
-+#define ESP_BLOWFISH 7
-+#define ESP_3IDEA 8
-+#define ESP_RC4 10
-+#define ESP_NULL 11
-+#define ESP_AES 12
-+
-+/* as draft-ietf-ipsec-ciph-aes-cbc-02.txt */
-+#define ESP_MARS 249
-+#define ESP_RC6 250
-+#define ESP_SERPENT 252
-+#define ESP_TWOFISH 253
-+
-+/* IPCOMP transform values */
-+
-+#define IPCOMP_NONE 0
-+#define IPCOMP_OUI 1
-+#define IPCOMP_DEFLAT 2
-+#define IPCOMP_LZS 3
-+#define IPCOMP_V42BIS 4
-+
-+#define XFT_AUTH 0x0001
-+#define XFT_CONF 0x0100
-+
-+/* available if CONFIG_KLIPS_DEBUG is defined */
-+#define DB_XF_INIT 0x0001
-+
-+#define PROTO2TXT(x) \
-+ (x) == IPPROTO_AH ? "AH" : \
-+ (x) == IPPROTO_ESP ? "ESP" : \
-+ (x) == IPPROTO_IPIP ? "IPIP" : \
-+ (x) == IPPROTO_COMP ? "COMP" : \
-+ "UNKNOWN_proto"
-+static inline const char *enc_name_id (unsigned id) {
-+ static char buf[16];
-+ snprintf(buf, sizeof(buf), "_ID%d", id);
-+ return buf;
-+}
-+static inline const char *auth_name_id (unsigned id) {
-+ static char buf[16];
-+ snprintf(buf, sizeof(buf), "_ID%d", id);
-+ return buf;
-+}
-+#define IPS_XFORM_NAME(x) \
-+ PROTO2TXT((x)->ips_said.proto), \
-+ (x)->ips_said.proto == IPPROTO_COMP ? \
-+ ((x)->ips_encalg == SADB_X_CALG_DEFLATE ? \
-+ "_DEFLATE" : "_UNKNOWN_comp") : \
-+ (x)->ips_encalg == ESP_NONE ? "" : \
-+ (x)->ips_encalg == ESP_3DES ? "_3DES" : \
-+ (x)->ips_encalg == ESP_AES ? "_AES" : \
-+ (x)->ips_encalg == ESP_SERPENT ? "_SERPENT" : \
-+ (x)->ips_encalg == ESP_TWOFISH ? "_TWOFISH" : \
-+ enc_name_id(x->ips_encalg)/* "_UNKNOWN_encr" */, \
-+ (x)->ips_authalg == AH_NONE ? "" : \
-+ (x)->ips_authalg == AH_MD5 ? "_HMAC_MD5" : \
-+ (x)->ips_authalg == AH_SHA ? "_HMAC_SHA1" : \
-+ (x)->ips_authalg == AH_SHA2_256 ? "_HMAC_SHA2_256" : \
-+ (x)->ips_authalg == AH_SHA2_384 ? "_HMAC_SHA2_384" : \
-+ (x)->ips_authalg == AH_SHA2_512 ? "_HMAC_SHA2_512" : \
-+ auth_name_id(x->ips_authalg) /* "_UNKNOWN_auth" */ \
-+
-+#ifdef __KERNEL__
-+struct ipsec_rcv_state;
-+struct ipsec_xmit_state;
-+
-+struct xform_functions {
-+ enum ipsec_rcv_value (*rcv_checks)(struct ipsec_rcv_state *irs,
-+ struct sk_buff *skb);
-+ enum ipsec_rcv_value (*rcv_decrypt)(struct ipsec_rcv_state *irs);
-+
-+ enum ipsec_rcv_value (*rcv_setup_auth)(struct ipsec_rcv_state *irs,
-+ struct sk_buff *skb,
-+ __u32 *replay,
-+ unsigned char **authenticator);
-+ enum ipsec_rcv_value (*rcv_calc_auth)(struct ipsec_rcv_state *irs,
-+ struct sk_buff *skb);
-+
-+ enum ipsec_xmit_value (*xmit_setup)(struct ipsec_xmit_state *ixs);
-+ enum ipsec_xmit_value (*xmit_encrypt)(struct ipsec_xmit_state *ixs);
-+
-+ enum ipsec_xmit_value (*xmit_setup_auth)(struct ipsec_xmit_state *ixs,
-+ struct sk_buff *skb,
-+ __u32 *replay,
-+ unsigned char **authenticator);
-+ enum ipsec_xmit_value (*xmit_calc_auth)(struct ipsec_xmit_state *ixs,
-+ struct sk_buff *skb);
-+ int xmit_headroom;
-+ int xmit_needtailroom;
-+};
-+
-+#endif /* __KERNEL__ */
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+extern void ipsec_dmp(char *s, caddr_t bb, int len);
-+#else /* CONFIG_KLIPS_DEBUG */
-+#define ipsec_dmp(_x, _y, _z)
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+
-+#define _IPSEC_XFORM_H_
-+#endif /* _IPSEC_XFORM_H_ */
-+
-+/*
-+ * $Log: ipsec_xform.h,v $
-+ * Revision 1.41 2004/07/10 19:08:41 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.40 2004/04/06 02:49:08 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.39 2004/04/05 19:55:07 mcr
-+ * Moved from linux/include/freeswan/ipsec_xform.h,v
-+ *
-+ * Revision 1.38 2004/04/05 19:41:05 mcr
-+ * merged alg-branch code.
-+ *
-+ * Revision 1.37 2003/12/13 19:10:16 mcr
-+ * refactored rcv and xmit code - same as FS 2.05.
-+ *
-+ * Revision 1.36.34.1 2003/12/22 15:25:52 jjo
-+ * Merged algo-0.8.1-rc11-test1 into alg-branch
-+ *
-+ * Revision 1.36 2002/04/24 07:36:48 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_xform.h,v
-+ *
-+ * Revision 1.35 2001/11/26 09:23:51 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.33.2.1 2001/09/25 02:24:58 mcr
-+ * struct tdb -> struct ipsec_sa.
-+ * sa(tdb) manipulation functions renamed and moved to ipsec_sa.c
-+ * ipsec_xform.c removed. header file still contains useful things.
-+ *
-+ * Revision 1.34 2001/11/06 19:47:17 rgb
-+ * Changed lifetime_packets to uint32 from uint64.
-+ *
-+ * Revision 1.33 2001/09/08 21:13:34 rgb
-+ * Added pfkey ident extension support for ISAKMPd. (NetCelo)
-+ *
-+ * Revision 1.32 2001/07/06 07:40:01 rgb
-+ * Reformatted for readability.
-+ * Added inbound policy checking fields for use with IPIP SAs.
-+ *
-+ * Revision 1.31 2001/06/14 19:35:11 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.30 2001/05/30 08:14:03 rgb
-+ * Removed vestiges of esp-null transforms.
-+ *
-+ * Revision 1.29 2001/01/30 23:42:47 rgb
-+ * Allow pfkey msgs from pid other than user context required for ACQUIRE
-+ * and subsequent ADD or UDATE.
-+ *
-+ * Revision 1.28 2000/11/06 04:30:40 rgb
-+ * Add Svenning's adaptive content compression.
-+ *
-+ * Revision 1.27 2000/09/19 00:38:25 rgb
-+ * Fixed algorithm name bugs introduced for ipcomp.
-+ *
-+ * Revision 1.26 2000/09/17 21:36:48 rgb
-+ * Added proto2txt macro.
-+ *
-+ * Revision 1.25 2000/09/17 18:56:47 rgb
-+ * Added IPCOMP support.
-+ *
-+ * Revision 1.24 2000/09/12 19:34:12 rgb
-+ * Defined XF_IP6 from Gerhard for ipv6 tunnel support.
-+ *
-+ * Revision 1.23 2000/09/12 03:23:14 rgb
-+ * Cleaned out now unused tdb_xform and tdb_xdata members of struct tdb.
-+ *
-+ * Revision 1.22 2000/09/08 19:12:56 rgb
-+ * Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
-+ *
-+ * Revision 1.21 2000/09/01 18:32:43 rgb
-+ * Added (disabled) sensitivity members to tdb struct.
-+ *
-+ * Revision 1.20 2000/08/30 05:31:01 rgb
-+ * Removed all the rest of the references to tdb_spi, tdb_proto, tdb_dst.
-+ * Kill remainder of tdb_xform, tdb_xdata, xformsw.
-+ *
-+ * Revision 1.19 2000/08/01 14:51:52 rgb
-+ * Removed _all_ remaining traces of DES.
-+ *
-+ * Revision 1.18 2000/01/21 06:17:45 rgb
-+ * Tidied up spacing.
-+ *
-+ *
-+ * Local variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/ipsec_xmit.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,198 @@
-+/*
-+ * IPSEC tunneling code
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_xmit.h,v 1.14 2005/05/11 01:00:26 mcr Exp $
-+ */
-+
-+#include "openswan/ipsec_sa.h"
-+
-+enum ipsec_xmit_value
-+{
-+ IPSEC_XMIT_STOLEN=2,
-+ IPSEC_XMIT_PASS=1,
-+ IPSEC_XMIT_OK=0,
-+ IPSEC_XMIT_ERRMEMALLOC=-1,
-+ IPSEC_XMIT_ESP_BADALG=-2,
-+ IPSEC_XMIT_BADPROTO=-3,
-+ IPSEC_XMIT_ESP_PUSHPULLERR=-4,
-+ IPSEC_XMIT_BADLEN=-5,
-+ IPSEC_XMIT_AH_BADALG=-6,
-+ IPSEC_XMIT_SAIDNOTFOUND=-7,
-+ IPSEC_XMIT_SAIDNOTLIVE=-8,
-+ IPSEC_XMIT_REPLAYROLLED=-9,
-+ IPSEC_XMIT_LIFETIMEFAILED=-10,
-+ IPSEC_XMIT_CANNOTFRAG=-11,
-+ IPSEC_XMIT_MSSERR=-12,
-+ IPSEC_XMIT_ERRSKBALLOC=-13,
-+ IPSEC_XMIT_ENCAPFAIL=-14,
-+ IPSEC_XMIT_NODEV=-15,
-+ IPSEC_XMIT_NOPRIVDEV=-16,
-+ IPSEC_XMIT_NOPHYSDEV=-17,
-+ IPSEC_XMIT_NOSKB=-18,
-+ IPSEC_XMIT_NOIPV6=-19,
-+ IPSEC_XMIT_NOIPOPTIONS=-20,
-+ IPSEC_XMIT_TTLEXPIRED=-21,
-+ IPSEC_XMIT_BADHHLEN=-22,
-+ IPSEC_XMIT_PUSHPULLERR=-23,
-+ IPSEC_XMIT_ROUTEERR=-24,
-+ IPSEC_XMIT_RECURSDETECT=-25,
-+ IPSEC_XMIT_IPSENDFAILURE=-26,
-+ IPSEC_XMIT_ESPUDP=-27,
-+ IPSEC_XMIT_ESPUDP_BADTYPE=-28,
-+};
-+
-+struct ipsec_xmit_state
-+{
-+ struct sk_buff *skb; /* working skb pointer */
-+ struct net_device *dev; /* working dev pointer */
-+ struct ipsecpriv *prv; /* Our device' private space */
-+ struct sk_buff *oskb; /* Original skb pointer */
-+ struct net_device_stats *stats; /* This device's statistics */
-+ struct iphdr *iph; /* Our new IP header */
-+ __u32 newdst; /* The other SG's IP address */
-+ __u32 orgdst; /* Original IP destination address */
-+ __u32 orgedst; /* 1st SG's IP address */
-+ __u32 newsrc; /* The new source SG's IP address */
-+ __u32 orgsrc; /* Original IP source address */
-+ __u32 innersrc; /* Innermost IP source address */
-+ int iphlen; /* IP header length */
-+ int pyldsz; /* upper protocol payload size */
-+ int headroom;
-+ int tailroom;
-+ int authlen;
-+ int max_headroom; /* The extra header space needed */
-+ int max_tailroom; /* The extra stuffing needed */
-+ int ll_headroom; /* The extra link layer hard_header space needed */
-+ int tot_headroom; /* The total header space needed */
-+ int tot_tailroom; /* The totalstuffing needed */
-+ __u8 *saved_header; /* saved copy of the hard header */
-+ unsigned short sport, dport;
-+
-+ struct sockaddr_encap matcher; /* eroute search key */
-+ struct eroute *eroute;
-+ struct ipsec_sa *ipsp, *ipsq; /* ipsec_sa pointers */
-+ char sa_txt[SATOT_BUF];
-+ size_t sa_len;
-+ int hard_header_stripped; /* has the hard header been removed yet? */
-+ int hard_header_len;
-+ struct net_device *physdev;
-+/* struct device *virtdev; */
-+ short physmtu;
-+ short cur_mtu; /* copy of prv->mtu, cause prv may == NULL */
-+ short mtudiff;
-+#ifdef NET_21
-+ struct rtable *route;
-+#endif /* NET_21 */
-+ ip_said outgoing_said;
-+#ifdef NET_21
-+ int pass;
-+#endif /* NET_21 */
-+ int error;
-+ uint32_t eroute_pid;
-+ struct ipsec_sa ips;
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ uint8_t natt_type;
-+ uint8_t natt_head;
-+ uint16_t natt_sport;
-+ uint16_t natt_dport;
-+#endif
-+};
-+
-+enum ipsec_xmit_value
-+ipsec_xmit_sanity_check_dev(struct ipsec_xmit_state *ixs);
-+
-+enum ipsec_xmit_value
-+ipsec_xmit_sanity_check_skb(struct ipsec_xmit_state *ixs);
-+
-+enum ipsec_xmit_value
-+ipsec_xmit_encap_bundle(struct ipsec_xmit_state *ixs);
-+
-+extern void ipsec_extract_ports(struct iphdr * iph, struct sockaddr_encap * er);
-+
-+
-+extern int ipsec_xmit_trap_count;
-+extern int ipsec_xmit_trap_sendcount;
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+extern int debug_tunnel;
-+
-+#define debug_xmit debug_tunnel
-+
-+#define ipsec_xmit_dmp(_x,_y, _z) if (debug_xmit && sysctl_ipsec_debug_verbose) ipsec_dmp_block(_x,_y,_z)
-+#else
-+#define ipsec_xmit_dmp(_x,_y, _z) do {} while(0)
-+
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+extern int sysctl_ipsec_debug_verbose;
-+extern int sysctl_ipsec_icmp;
-+extern int sysctl_ipsec_tos;
-+
-+
-+/*
-+ * $Log: ipsec_xmit.h,v $
-+ * Revision 1.14 2005/05/11 01:00:26 mcr
-+ * do not call debug routines if !defined KLIPS_DEBUG.
-+ *
-+ * Revision 1.13 2005/04/29 05:01:38 mcr
-+ * use ipsec_dmp_block.
-+ * added cur_mtu to ixs instead of using ixs->dev.
-+ *
-+ * Revision 1.12 2004/08/20 21:45:37 mcr
-+ * CONFIG_KLIPS_NAT_TRAVERSAL is not used in an attempt to
-+ * be 26sec compatible. But, some defines where changed.
-+ *
-+ * Revision 1.11 2004/08/03 18:18:21 mcr
-+ * in 2.6, use "net_device" instead of #define device->net_device.
-+ * this probably breaks 2.0 compiles.
-+ *
-+ * Revision 1.10 2004/07/10 19:08:41 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.9 2004/04/06 02:49:08 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.8 2004/04/05 19:55:07 mcr
-+ * Moved from linux/include/freeswan/ipsec_xmit.h,v
-+ *
-+ * Revision 1.7 2004/02/03 03:11:40 mcr
-+ * new xmit type if the UDP encapsulation is wrong.
-+ *
-+ * Revision 1.6 2003/12/13 19:10:16 mcr
-+ * refactored rcv and xmit code - same as FS 2.05.
-+ *
-+ * Revision 1.5 2003/12/10 01:20:06 mcr
-+ * NAT-traversal patches to KLIPS.
-+ *
-+ * Revision 1.4 2003/12/06 16:37:04 mcr
-+ * 1.4.7a X.509 patch applied.
-+ *
-+ * Revision 1.3 2003/10/31 02:27:05 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.2.4.2 2003/10/29 01:10:19 mcr
-+ * elimited "struct sa_id"
-+ *
-+ * Revision 1.2.4.1 2003/09/21 13:59:38 mcr
-+ * pre-liminary X.509 patch - does not yet pass tests.
-+ *
-+ * Revision 1.2 2003/06/20 01:42:13 mcr
-+ * added counters to measure how many ACQUIREs we send to pluto,
-+ * and how many are successfully sent.
-+ *
-+ * Revision 1.1 2003/02/12 19:31:03 rgb
-+ * Refactored from ipsec_tunnel.c
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/passert.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,75 @@
-+/*
-+ * sanitize a string into a printable format.
-+ *
-+ * Copyright (C) 1998-2002 D. Hugh Redelmeier.
-+ * Copyright (C) 2003 Michael Richardson <mcr@freeswan.org>
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: passert.h,v 1.7 2004/10/21 18:44:42 mcr Exp $
-+ */
-+
-+#include "openswan.h"
-+
-+#ifndef _OPENSWAN_PASSERT_H
-+#define _OPENSWAN_PASSERT_H
-+/* our versions of assert: log result */
-+
-+#ifdef DEBUG
-+
-+typedef void (*openswan_passert_fail_t)(const char *pred_str,
-+ const char *file_str,
-+ unsigned long line_no) NEVER_RETURNS;
-+
-+openswan_passert_fail_t openswan_passert_fail;
-+
-+extern void pexpect_log(const char *pred_str
-+ , const char *file_str, unsigned long line_no);
-+
-+# define impossible() do { \
-+ if(openswan_passert_fail) { \
-+ (*openswan_passert_fail)("impossible", __FILE__, __LINE__); \
-+ }} while(0)
-+
-+extern void switch_fail(int n
-+ , const char *file_str, unsigned long line_no) NEVER_RETURNS;
-+
-+# define bad_case(n) switch_fail((int) n, __FILE__, __LINE__)
-+
-+# define passert(pred) do { \
-+ if (!(pred)) \
-+ if(openswan_passert_fail) { \
-+ (*openswan_passert_fail)(#pred, __FILE__, __LINE__); \
-+ } \
-+ } while(0)
-+
-+# define pexpect(pred) do { \
-+ if (!(pred)) \
-+ pexpect_log(#pred, __FILE__, __LINE__); \
-+ } while(0)
-+
-+/* assert that an err_t is NULL; evaluate exactly once */
-+# define happy(x) { \
-+ err_t ugh = x; \
-+ if (ugh != NULL) \
-+ if(openswan_passert_fail) { (*openswan_passert_fail)(ugh, __FILE__, __LINE__); } \
-+ }
-+
-+#else /*!DEBUG*/
-+
-+# define impossible() abort()
-+# define bad_case(n) abort()
-+# define passert(pred) { } /* do nothing */
-+# define happy(x) { (void) x; } /* evaluate non-judgementally */
-+
-+#endif /*!DEBUG*/
-+
-+#endif /* _OPENSWAN_PASSERT_H */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/pfkey_debug.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,54 @@
-+/*
-+ * sanitize a string into a printable format.
-+ *
-+ * Copyright (C) 1998-2002 D. Hugh Redelmeier.
-+ * Copyright (C) 2003 Michael Richardson <mcr@freeswan.org>
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: pfkey_debug.h,v 1.3 2004/04/05 19:55:07 mcr Exp $
-+ */
-+
-+#ifndef _FREESWAN_PFKEY_DEBUG_H
-+#define _FREESWAN_PFKEY_DEBUG_H
-+
-+#ifdef __KERNEL__
-+
-+/* note, kernel version ignores pfkey levels */
-+# define DEBUGGING(level,args...) \
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:" args)
-+
-+# define ERROR(args...) printk(KERN_ERR "klips:" args)
-+
-+#else
-+
-+extern unsigned int pfkey_lib_debug;
-+
-+extern void (*pfkey_debug_func)(const char *message, ...) PRINTF_LIKE(1);
-+extern void (*pfkey_error_func)(const char *message, ...) PRINTF_LIKE(1);
-+
-+#define DEBUGGING(level,args...) if(pfkey_lib_debug & level) { \
-+ if(pfkey_debug_func != NULL) { \
-+ (*pfkey_debug_func)("pfkey_lib_debug:" args); \
-+ } else { \
-+ printf("pfkey_lib_debug:" args); \
-+ } }
-+
-+#define ERROR(args...) if(pfkey_error_func != NULL) { \
-+ (*pfkey_error_func)("pfkey_lib_debug:" args); \
-+ }
-+
-+# define MALLOC(size) malloc(size)
-+# define FREE(obj) free(obj)
-+
-+#endif
-+
-+#endif
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/openswan/radij.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,280 @@
-+/*
-+ * RCSID $Id: radij.h,v 1.13 2004/04/05 19:55:08 mcr Exp $
-+ */
-+
-+/*
-+ * This file is defived from ${SRC}/sys/net/radix.h of BSD 4.4lite
-+ *
-+ * Variable and procedure names have been modified so that they don't
-+ * conflict with the original BSD code, as a small number of modifications
-+ * have been introduced and we may want to reuse this code in BSD.
-+ *
-+ * The `j' in `radij' is pronounced as a voiceless guttural (like a Greek
-+ * chi or a German ch sound (as `doch', not as in `milch'), or even a
-+ * spanish j as in Juan. It is not as far back in the throat like
-+ * the corresponding Hebrew sound, nor is it a soft breath like the English h.
-+ * It has nothing to do with the Dutch ij sound.
-+ *
-+ * Here is the appropriate copyright notice:
-+ */
-+
-+/*
-+ * Copyright (c) 1988, 1989, 1993
-+ * The Regents of the University of California. All rights reserved.
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions
-+ * are met:
-+ * 1. Redistributions of source code must retain the above copyright
-+ * notice, this list of conditions and the following disclaimer.
-+ * 2. Redistributions in binary form must reproduce the above copyright
-+ * notice, this list of conditions and the following disclaimer in the
-+ * documentation and/or other materials provided with the distribution.
-+ * 3. All advertising materials mentioning features or use of this software
-+ * must display the following acknowledgement:
-+ * This product includes software developed by the University of
-+ * California, Berkeley and its contributors.
-+ * 4. Neither the name of the University nor the names of its contributors
-+ * may be used to endorse or promote products derived from this software
-+ * without specific prior written permission.
-+ *
-+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
-+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
-+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-+ * SUCH DAMAGE.
-+ *
-+ * @(#)radix.h 8.1 (Berkeley) 6/10/93
-+ */
-+
-+#ifndef _RADIJ_H_
-+#define _RADIJ_H_
-+
-+/*
-+#define RJ_DEBUG
-+*/
-+
-+#ifdef __KERNEL__
-+
-+#ifndef __P
-+#ifdef __STDC__
-+#define __P(x) x
-+#else
-+#define __P(x) ()
-+#endif
-+#endif
-+
-+/*
-+ * Radix search tree node layout.
-+ */
-+
-+struct radij_node
-+{
-+ struct radij_mask *rj_mklist; /* list of masks contained in subtree */
-+ struct radij_node *rj_p; /* parent */
-+ short rj_b; /* bit offset; -1-index(netmask) */
-+ char rj_bmask; /* node: mask for bit test*/
-+ u_char rj_flags; /* enumerated next */
-+#define RJF_NORMAL 1 /* leaf contains normal route */
-+#define RJF_ROOT 2 /* leaf is root leaf for tree */
-+#define RJF_ACTIVE 4 /* This node is alive (for rtfree) */
-+ union {
-+ struct { /* leaf only data: */
-+ caddr_t rj_Key; /* object of search */
-+ caddr_t rj_Mask; /* netmask, if present */
-+ struct radij_node *rj_Dupedkey;
-+ } rj_leaf;
-+ struct { /* node only data: */
-+ int rj_Off; /* where to start compare */
-+ struct radij_node *rj_L;/* progeny */
-+ struct radij_node *rj_R;/* progeny */
-+ }rj_node;
-+ } rj_u;
-+#ifdef RJ_DEBUG
-+ int rj_info;
-+ struct radij_node *rj_twin;
-+ struct radij_node *rj_ybro;
-+#endif
-+};
-+
-+#define rj_dupedkey rj_u.rj_leaf.rj_Dupedkey
-+#define rj_key rj_u.rj_leaf.rj_Key
-+#define rj_mask rj_u.rj_leaf.rj_Mask
-+#define rj_off rj_u.rj_node.rj_Off
-+#define rj_l rj_u.rj_node.rj_L
-+#define rj_r rj_u.rj_node.rj_R
-+
-+/*
-+ * Annotations to tree concerning potential routes applying to subtrees.
-+ */
-+
-+extern struct radij_mask {
-+ short rm_b; /* bit offset; -1-index(netmask) */
-+ char rm_unused; /* cf. rj_bmask */
-+ u_char rm_flags; /* cf. rj_flags */
-+ struct radij_mask *rm_mklist; /* more masks to try */
-+ caddr_t rm_mask; /* the mask */
-+ int rm_refs; /* # of references to this struct */
-+} *rj_mkfreelist;
-+
-+#define MKGet(m) {\
-+ if (rj_mkfreelist) {\
-+ m = rj_mkfreelist; \
-+ rj_mkfreelist = (m)->rm_mklist; \
-+ } else \
-+ R_Malloc(m, struct radij_mask *, sizeof (*(m))); }\
-+
-+#define MKFree(m) { (m)->rm_mklist = rj_mkfreelist; rj_mkfreelist = (m);}
-+
-+struct radij_node_head {
-+ struct radij_node *rnh_treetop;
-+ int rnh_addrsize; /* permit, but not require fixed keys */
-+ int rnh_pktsize; /* permit, but not require fixed keys */
-+#if 0
-+ struct radij_node *(*rnh_addaddr) /* add based on sockaddr */
-+ __P((void *v, void *mask,
-+ struct radij_node_head *head, struct radij_node nodes[]));
-+#endif
-+ int (*rnh_addaddr) /* add based on sockaddr */
-+ __P((void *v, void *mask,
-+ struct radij_node_head *head, struct radij_node nodes[]));
-+ struct radij_node *(*rnh_addpkt) /* add based on packet hdr */
-+ __P((void *v, void *mask,
-+ struct radij_node_head *head, struct radij_node nodes[]));
-+#if 0
-+ struct radij_node *(*rnh_deladdr) /* remove based on sockaddr */
-+ __P((void *v, void *mask, struct radij_node_head *head));
-+#endif
-+ int (*rnh_deladdr) /* remove based on sockaddr */
-+ __P((void *v, void *mask, struct radij_node_head *head, struct radij_node **node));
-+ struct radij_node *(*rnh_delpkt) /* remove based on packet hdr */
-+ __P((void *v, void *mask, struct radij_node_head *head));
-+ struct radij_node *(*rnh_matchaddr) /* locate based on sockaddr */
-+ __P((void *v, struct radij_node_head *head));
-+ struct radij_node *(*rnh_matchpkt) /* locate based on packet hdr */
-+ __P((void *v, struct radij_node_head *head));
-+ int (*rnh_walktree) /* traverse tree */
-+ __P((struct radij_node_head *head, int (*f)(struct radij_node *rn, void *w), void *w));
-+ struct radij_node rnh_nodes[3]; /* empty tree for common case */
-+};
-+
-+
-+#define Bcmp(a, b, n) memcmp(((caddr_t)(b)), ((caddr_t)(a)), (unsigned)(n))
-+#define Bcopy(a, b, n) memmove(((caddr_t)(b)), ((caddr_t)(a)), (unsigned)(n))
-+#define Bzero(p, n) memset((caddr_t)(p), 0, (unsigned)(n))
-+#define R_Malloc(p, t, n) ((p = (t) kmalloc((size_t)(n), GFP_ATOMIC)), Bzero((p),(n)))
-+#define Free(p) kfree((caddr_t)p);
-+
-+void rj_init __P((void));
-+int rj_inithead __P((void **, int));
-+int rj_refines __P((void *, void *));
-+int rj_walktree __P((struct radij_node_head *head, int (*f)(struct radij_node *rn, void *w), void *w));
-+struct radij_node
-+ *rj_addmask __P((void *, int, int)) /* , rgb */ ;
-+int /* * */ rj_addroute __P((void *, void *, struct radij_node_head *,
-+ struct radij_node [2])) /* , rgb */ ;
-+int /* * */ rj_delete __P((void *, void *, struct radij_node_head *, struct radij_node **)) /* , rgb */ ;
-+struct radij_node /* rgb */
-+ *rj_insert __P((void *, struct radij_node_head *, int *,
-+ struct radij_node [2])),
-+ *rj_match __P((void *, struct radij_node_head *)),
-+ *rj_newpair __P((void *, int, struct radij_node[2])),
-+ *rj_search __P((void *, struct radij_node *)),
-+ *rj_search_m __P((void *, struct radij_node *, void *));
-+
-+void rj_deltree(struct radij_node_head *);
-+void rj_delnodes(struct radij_node *);
-+void rj_free_mkfreelist(void);
-+int radijcleartree(void);
-+int radijcleanup(void);
-+
-+extern struct radij_node_head *mask_rjhead;
-+extern int maj_keylen;
-+#endif /* __KERNEL__ */
-+
-+#endif /* _RADIJ_H_ */
-+
-+
-+/*
-+ * $Log: radij.h,v $
-+ * Revision 1.13 2004/04/05 19:55:08 mcr
-+ * Moved from linux/include/freeswan/radij.h,v
-+ *
-+ * Revision 1.12 2002/04/24 07:36:48 mcr
-+ * Moved from ./klips/net/ipsec/radij.h,v
-+ *
-+ * Revision 1.11 2001/09/20 15:33:00 rgb
-+ * Min/max cleanup.
-+ *
-+ * Revision 1.10 1999/11/18 04:09:20 rgb
-+ * Replaced all kernel version macros to shorter, readable form.
-+ *
-+ * Revision 1.9 1999/05/05 22:02:33 rgb
-+ * Add a quick and dirty port to 2.2 kernels by Marc Boucher <marc@mbsi.ca>.
-+ *
-+ * Revision 1.8 1999/04/29 15:24:58 rgb
-+ * Add check for existence of macros min/max.
-+ *
-+ * Revision 1.7 1999/04/11 00:29:02 henry
-+ * GPL boilerplate
-+ *
-+ * Revision 1.6 1999/04/06 04:54:29 rgb
-+ * Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+ * patch shell fixes.
-+ *
-+ * Revision 1.5 1999/01/22 06:30:32 rgb
-+ * 64-bit clean-up.
-+ *
-+ * Revision 1.4 1998/11/30 13:22:55 rgb
-+ * Rationalised all the klips kernel file headers. They are much shorter
-+ * now and won't conflict under RH5.2.
-+ *
-+ * Revision 1.3 1998/10/25 02:43:27 rgb
-+ * Change return type on rj_addroute and rj_delete and add and argument
-+ * to the latter to be able to transmit more infomation about errors.
-+ *
-+ * Revision 1.2 1998/07/14 18:09:51 rgb
-+ * Add a routine to clear eroute table.
-+ * Added #ifdef __KERNEL__ directives to restrict scope of header.
-+ *
-+ * Revision 1.1 1998/06/18 21:30:22 henry
-+ * move sources from klips/src to klips/net/ipsec to keep stupid kernel
-+ * build scripts happier about symlinks
-+ *
-+ * Revision 1.4 1998/05/25 20:34:16 rgb
-+ * Remove temporary ipsec_walk, rj_deltree and rj_delnodes functions.
-+ *
-+ * Rename ipsec_rj_walker (ipsec_walk) to ipsec_rj_walker_procprint and
-+ * add ipsec_rj_walker_delete.
-+ *
-+ * Recover memory for eroute table on unload of module.
-+ *
-+ * Revision 1.3 1998/04/22 16:51:37 rgb
-+ * Tidy up radij debug code from recent rash of modifications to debug code.
-+ *
-+ * Revision 1.2 1998/04/14 17:30:38 rgb
-+ * Fix up compiling errors for radij tree memory reclamation.
-+ *
-+ * Revision 1.1 1998/04/09 03:06:16 henry
-+ * sources moved up from linux/net/ipsec
-+ *
-+ * Revision 1.1.1.1 1998/04/08 05:35:04 henry
-+ * RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
-+ *
-+ * Revision 0.4 1997/01/15 01:28:15 ji
-+ * No changes.
-+ *
-+ * Revision 0.3 1996/11/20 14:44:45 ji
-+ * Release update only.
-+ *
-+ * Revision 0.2 1996/11/02 00:18:33 ji
-+ * First limited release.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/pfkey.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,529 @@
-+/*
-+ * FreeS/WAN specific PF_KEY headers
-+ * Copyright (C) 1999, 2000, 2001 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: pfkey.h,v 1.49 2005/05/11 00:57:29 mcr Exp $
-+ */
-+
-+#ifndef __NET_IPSEC_PF_KEY_H
-+#define __NET_IPSEC_PF_KEY_H
-+#ifdef __KERNEL__
-+extern struct proto_ops pfkey_proto_ops;
-+typedef struct sock pfkey_sock;
-+extern int debug_pfkey;
-+
-+extern /* void */ int pfkey_init(void);
-+extern /* void */ int pfkey_cleanup(void);
-+
-+struct socket_list
-+{
-+ struct socket *socketp;
-+ struct socket_list *next;
-+};
-+extern int pfkey_list_insert_socket(struct socket*, struct socket_list**);
-+extern int pfkey_list_remove_socket(struct socket*, struct socket_list**);
-+extern struct socket_list *pfkey_open_sockets;
-+extern struct socket_list *pfkey_registered_sockets[];
-+
-+struct ipsec_alg_supported
-+{
-+ uint16_t ias_exttype;
-+ uint8_t ias_id;
-+ uint8_t ias_ivlen;
-+ uint16_t ias_keyminbits;
-+ uint16_t ias_keymaxbits;
-+ char *ias_name;
-+};
-+
-+extern struct supported_list *pfkey_supported_list[];
-+struct supported_list
-+{
-+ struct ipsec_alg_supported *supportedp;
-+ struct supported_list *next;
-+};
-+extern int pfkey_list_insert_supported(struct ipsec_alg_supported*, struct supported_list**);
-+extern int pfkey_list_remove_supported(struct ipsec_alg_supported*, struct supported_list**);
-+
-+struct sockaddr_key
-+{
-+ uint16_t key_family; /* PF_KEY */
-+ uint16_t key_pad; /* not used */
-+ uint32_t key_pid; /* process ID */
-+};
-+
-+struct pfkey_extracted_data
-+{
-+ struct ipsec_sa* ips;
-+ struct ipsec_sa* ips2;
-+ struct eroute *eroute;
-+};
-+
-+/* forward reference */
-+struct sadb_ext;
-+struct sadb_msg;
-+struct sockaddr;
-+struct sadb_comb;
-+struct sadb_sadb;
-+struct sadb_alg;
-+
-+extern int
-+pfkey_alloc_eroute(struct eroute** eroute);
-+
-+extern int
-+pfkey_sa_process(struct sadb_ext *pfkey_ext,
-+ struct pfkey_extracted_data* extr);
-+
-+extern int
-+pfkey_lifetime_process(struct sadb_ext *pfkey_ext,
-+ struct pfkey_extracted_data* extr);
-+
-+extern int
-+pfkey_address_process(struct sadb_ext *pfkey_ext,
-+ struct pfkey_extracted_data* extr);
-+
-+extern int
-+pfkey_key_process(struct sadb_ext *pfkey_ext,
-+ struct pfkey_extracted_data* extr);
-+
-+extern int
-+pfkey_ident_process(struct sadb_ext *pfkey_ext,
-+ struct pfkey_extracted_data* extr);
-+
-+extern int
-+pfkey_sens_process(struct sadb_ext *pfkey_ext,
-+ struct pfkey_extracted_data* extr);
-+
-+extern int
-+pfkey_prop_process(struct sadb_ext *pfkey_ext,
-+ struct pfkey_extracted_data* extr);
-+
-+extern int
-+pfkey_supported_process(struct sadb_ext *pfkey_ext,
-+ struct pfkey_extracted_data* extr);
-+
-+extern int
-+pfkey_spirange_process(struct sadb_ext *pfkey_ext,
-+ struct pfkey_extracted_data* extr);
-+
-+extern int
-+pfkey_x_kmprivate_process(struct sadb_ext *pfkey_ext,
-+ struct pfkey_extracted_data* extr);
-+
-+extern int
-+pfkey_x_satype_process(struct sadb_ext *pfkey_ext,
-+ struct pfkey_extracted_data* extr);
-+
-+extern int
-+pfkey_x_debug_process(struct sadb_ext *pfkey_ext,
-+ struct pfkey_extracted_data* extr);
-+
-+extern int pfkey_upmsg(struct socket *, struct sadb_msg *);
-+extern int pfkey_expire(struct ipsec_sa *, int);
-+extern int pfkey_acquire(struct ipsec_sa *);
-+#else /* ! __KERNEL__ */
-+
-+extern void (*pfkey_debug_func)(const char *message, ...);
-+extern void (*pfkey_error_func)(const char *message, ...);
-+extern void pfkey_print(struct sadb_msg *msg, FILE *out);
-+
-+
-+#endif /* __KERNEL__ */
-+
-+extern uint8_t satype2proto(uint8_t satype);
-+extern uint8_t proto2satype(uint8_t proto);
-+extern char* satype2name(uint8_t satype);
-+extern char* proto2name(uint8_t proto);
-+
-+struct key_opt
-+{
-+ uint32_t key_pid; /* process ID */
-+ struct sock *sk;
-+};
-+
-+#define key_pid(sk) ((struct key_opt*)&((sk)->sk_protinfo))->key_pid
-+
-+/* XXX-mcr this is not an alignment, this is because the count is in 64-bit
-+ * words.
-+ */
-+#define IPSEC_PFKEYv2_ALIGN (sizeof(uint64_t)/sizeof(uint8_t))
-+#define BITS_PER_OCTET 8
-+#define OCTETBITS 8
-+#define PFKEYBITS 64
-+#define DIVUP(x,y) ((x + y -1) / y) /* divide, rounding upwards */
-+#define ALIGN_N(x,y) (DIVUP(x,y) * y) /* align on y boundary */
-+
-+#define IPSEC_PFKEYv2_LEN(x) ((x) * IPSEC_PFKEYv2_ALIGN)
-+#define IPSEC_PFKEYv2_WORDS(x) ((x) / IPSEC_PFKEYv2_ALIGN)
-+
-+
-+#define PFKEYv2_MAX_MSGSIZE 4096
-+
-+/*
-+ * PF_KEYv2 permitted and required extensions in and out bitmaps
-+ */
-+struct pf_key_ext_parsers_def {
-+ int (*parser)(struct sadb_ext*);
-+ char *parser_name;
-+};
-+
-+
-+#define SADB_EXTENSIONS_MAX 31
-+extern unsigned int extensions_bitmaps[2/*in/out*/][2/*perm/req*/][SADB_EXTENSIONS_MAX];
-+#define EXT_BITS_IN 0
-+#define EXT_BITS_OUT 1
-+#define EXT_BITS_PERM 0
-+#define EXT_BITS_REQ 1
-+
-+extern void pfkey_extensions_init(struct sadb_ext *extensions[]);
-+extern void pfkey_extensions_free(struct sadb_ext *extensions[]);
-+extern void pfkey_msg_free(struct sadb_msg **pfkey_msg);
-+
-+extern int pfkey_msg_parse(struct sadb_msg *pfkey_msg,
-+ struct pf_key_ext_parsers_def *ext_parsers[],
-+ struct sadb_ext **extensions,
-+ int dir);
-+
-+extern int pfkey_register_reply(int satype, struct sadb_msg *sadb_msg);
-+
-+/*
-+ * PF_KEYv2 build function prototypes
-+ */
-+
-+int
-+pfkey_msg_hdr_build(struct sadb_ext** pfkey_ext,
-+ uint8_t msg_type,
-+ uint8_t satype,
-+ uint8_t msg_errno,
-+ uint32_t seq,
-+ uint32_t pid);
-+
-+int
-+pfkey_sa_ref_build(struct sadb_ext ** pfkey_ext,
-+ uint16_t exttype,
-+ uint32_t spi, /* in network order */
-+ uint8_t replay_window,
-+ uint8_t sa_state,
-+ uint8_t auth,
-+ uint8_t encrypt,
-+ uint32_t flags,
-+ uint32_t/*IPsecSAref_t*/ ref);
-+
-+int
-+pfkey_sa_build(struct sadb_ext ** pfkey_ext,
-+ uint16_t exttype,
-+ uint32_t spi, /* in network order */
-+ uint8_t replay_window,
-+ uint8_t sa_state,
-+ uint8_t auth,
-+ uint8_t encrypt,
-+ uint32_t flags);
-+
-+int
-+pfkey_lifetime_build(struct sadb_ext ** pfkey_ext,
-+ uint16_t exttype,
-+ uint32_t allocations,
-+ uint64_t bytes,
-+ uint64_t addtime,
-+ uint64_t usetime,
-+ uint32_t packets);
-+
-+int
-+pfkey_address_build(struct sadb_ext** pfkey_ext,
-+ uint16_t exttype,
-+ uint8_t proto,
-+ uint8_t prefixlen,
-+ struct sockaddr* address);
-+
-+int
-+pfkey_key_build(struct sadb_ext** pfkey_ext,
-+ uint16_t exttype,
-+ uint16_t key_bits,
-+ char* key);
-+
-+int
-+pfkey_ident_build(struct sadb_ext** pfkey_ext,
-+ uint16_t exttype,
-+ uint16_t ident_type,
-+ uint64_t ident_id,
-+ uint8_t ident_len,
-+ char* ident_string);
-+
-+#ifdef __KERNEL__
-+extern int pfkey_nat_t_new_mapping(struct ipsec_sa *, struct sockaddr *, __u16);
-+extern int pfkey_x_nat_t_type_process(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr);
-+extern int pfkey_x_nat_t_port_process(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr);
-+#endif /* __KERNEL__ */
-+int
-+pfkey_x_nat_t_type_build(struct sadb_ext** pfkey_ext,
-+ uint8_t type);
-+int
-+pfkey_x_nat_t_port_build(struct sadb_ext** pfkey_ext,
-+ uint16_t exttype,
-+ uint16_t port);
-+
-+int
-+pfkey_sens_build(struct sadb_ext** pfkey_ext,
-+ uint32_t dpd,
-+ uint8_t sens_level,
-+ uint8_t sens_len,
-+ uint64_t* sens_bitmap,
-+ uint8_t integ_level,
-+ uint8_t integ_len,
-+ uint64_t* integ_bitmap);
-+
-+int pfkey_x_protocol_build(struct sadb_ext **, uint8_t);
-+
-+
-+int
-+pfkey_prop_build(struct sadb_ext** pfkey_ext,
-+ uint8_t replay,
-+ unsigned int comb_num,
-+ struct sadb_comb* comb);
-+
-+int
-+pfkey_supported_build(struct sadb_ext** pfkey_ext,
-+ uint16_t exttype,
-+ unsigned int alg_num,
-+ struct sadb_alg* alg);
-+
-+int
-+pfkey_spirange_build(struct sadb_ext** pfkey_ext,
-+ uint16_t exttype,
-+ uint32_t min,
-+ uint32_t max);
-+
-+int
-+pfkey_x_kmprivate_build(struct sadb_ext** pfkey_ext);
-+
-+int
-+pfkey_x_satype_build(struct sadb_ext** pfkey_ext,
-+ uint8_t satype);
-+
-+int
-+pfkey_x_debug_build(struct sadb_ext** pfkey_ext,
-+ uint32_t tunnel,
-+ uint32_t netlink,
-+ uint32_t xform,
-+ uint32_t eroute,
-+ uint32_t spi,
-+ uint32_t radij,
-+ uint32_t esp,
-+ uint32_t ah,
-+ uint32_t rcv,
-+ uint32_t pfkey,
-+ uint32_t ipcomp,
-+ uint32_t verbose);
-+
-+int
-+pfkey_msg_build(struct sadb_msg** pfkey_msg,
-+ struct sadb_ext* extensions[],
-+ int dir);
-+
-+/* in pfkey_v2_debug.c - routines to decode numbers -> strings */
-+const char *
-+pfkey_v2_sadb_ext_string(int extnum);
-+
-+const char *
-+pfkey_v2_sadb_type_string(int sadb_type);
-+
-+
-+#endif /* __NET_IPSEC_PF_KEY_H */
-+
-+/*
-+ * $Log: pfkey.h,v $
-+ * Revision 1.49 2005/05/11 00:57:29 mcr
-+ * rename struct supported -> struct ipsec_alg_supported.
-+ * make pfkey.h more standalone.
-+ *
-+ * Revision 1.48 2005/05/01 03:12:50 mcr
-+ * include name of algorithm in datastructure.
-+ *
-+ * Revision 1.47 2004/08/21 00:44:14 mcr
-+ * simplify definition of nat_t related prototypes.
-+ *
-+ * Revision 1.46 2004/08/04 16:27:22 mcr
-+ * 2.6 sk_ options.
-+ *
-+ * Revision 1.45 2004/04/06 02:49:00 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.44 2003/12/10 01:20:01 mcr
-+ * NAT-traversal patches to KLIPS.
-+ *
-+ * Revision 1.43 2003/10/31 02:26:44 mcr
-+ * pulled up port-selector patches.
-+ *
-+ * Revision 1.42.2.2 2003/10/29 01:09:32 mcr
-+ * added debugging for pfkey library.
-+ *
-+ * Revision 1.42.2.1 2003/09/21 13:59:34 mcr
-+ * pre-liminary X.509 patch - does not yet pass tests.
-+ *
-+ * Revision 1.42 2003/08/25 22:08:19 mcr
-+ * removed pfkey_proto_init() from pfkey.h for 2.6 support.
-+ *
-+ * Revision 1.41 2003/05/07 17:28:57 mcr
-+ * new function pfkey_debug_func added for us in debugging from
-+
-+ * pfkey library.
-+ *
-+ * Revision 1.40 2003/01/30 02:31:34 rgb
-+ *
-+ * Convert IPsecSAref_t from signed to unsigned to fix apparent SAref exhaustion bug.
-+ *
-+ * Revision 1.39 2002/09/20 15:40:21 rgb
-+ * Switch from pfkey_alloc_ipsec_sa() to ipsec_sa_alloc().
-+ * Added ref parameter to pfkey_sa_build().
-+ * Cleaned out unused cruft.
-+ *
-+ * Revision 1.38 2002/05/14 02:37:24 rgb
-+ * Change all references to tdb, TDB or Tunnel Descriptor Block to ips,
-+ * ipsec_sa or ipsec_sa.
-+ * Added function prototypes for the functions moved to
-+ * pfkey_v2_ext_process.c.
-+ *
-+ * Revision 1.37 2002/04/24 07:36:49 mcr
-+ * Moved from ./lib/pfkey.h,v
-+ *
-+ * Revision 1.36 2002/01/20 20:34:49 mcr
-+ * added pfkey_v2_sadb_type_string to decode sadb_type to string.
-+ *
-+ * Revision 1.35 2001/11/27 05:27:47 mcr
-+ * pfkey parses are now maintained by a structure
-+ * that includes their name for debug purposes.
-+ *
-+ * Revision 1.34 2001/11/26 09:23:53 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.33 2001/11/06 19:47:47 rgb
-+ * Added packet parameter to lifetime and comb structures.
-+ *
-+ * Revision 1.32 2001/09/08 21:13:34 rgb
-+ * Added pfkey ident extension support for ISAKMPd. (NetCelo)
-+ *
-+ * Revision 1.31 2001/06/14 19:35:16 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.30 2001/02/27 07:04:52 rgb
-+ * Added satype2name prototype.
-+ *
-+ * Revision 1.29 2001/02/26 19:59:33 rgb
-+ * Ditch unused sadb_satype2proto[], replaced by satype2proto().
-+ *
-+ * Revision 1.28 2000/10/10 20:10:19 rgb
-+ * Added support for debug_ipcomp and debug_verbose to klipsdebug.
-+ *
-+ * Revision 1.27 2000/09/21 04:20:45 rgb
-+ * Fixed array size off-by-one error. (Thanks Svenning!)
-+ *
-+ * Revision 1.26 2000/09/12 03:26:05 rgb
-+ * Added pfkey_acquire prototype.
-+ *
-+ * Revision 1.25 2000/09/08 19:21:28 rgb
-+ * Fix pfkey_prop_build() parameter to be only single indirection.
-+ *
-+ * Revision 1.24 2000/09/01 18:46:42 rgb
-+ * Added a supported algorithms array lists, one per satype and registered
-+ * existing algorithms.
-+ * Fixed pfkey_list_{insert,remove}_{socket,support}() to allow change to
-+ * list.
-+ *
-+ * Revision 1.23 2000/08/27 01:55:26 rgb
-+ * Define OCTETBITS and PFKEYBITS to avoid using 'magic' numbers in code.
-+ *
-+ * Revision 1.22 2000/08/20 21:39:23 rgb
-+ * Added kernel prototypes for kernel funcitions pfkey_upmsg() and
-+ * pfkey_expire().
-+ *
-+ * Revision 1.21 2000/08/15 17:29:23 rgb
-+ * Fixes from SZI to untested pfkey_prop_build().
-+ *
-+ * Revision 1.20 2000/05/10 20:14:19 rgb
-+ * Fleshed out sensitivity, proposal and supported extensions.
-+ *
-+ * Revision 1.19 2000/03/16 14:07:23 rgb
-+ * Renamed ALIGN macro to avoid fighting with others in kernel.
-+ *
-+ * Revision 1.18 2000/01/22 23:24:06 rgb
-+ * Added prototypes for proto2satype(), satype2proto() and proto2name().
-+ *
-+ * Revision 1.17 2000/01/21 06:26:59 rgb
-+ * Converted from double tdb arguments to one structure (extr)
-+ * containing pointers to all temporary information structures.
-+ * Added klipsdebug switching capability.
-+ * Dropped unused argument to pfkey_x_satype_build().
-+ *
-+ * Revision 1.16 1999/12/29 21:17:41 rgb
-+ * Changed pfkey_msg_build() I/F to include a struct sadb_msg**
-+ * parameter for cleaner manipulation of extensions[] and to guard
-+ * against potential memory leaks.
-+ * Changed the I/F to pfkey_msg_free() for the same reason.
-+ *
-+ * Revision 1.15 1999/12/09 23:12:54 rgb
-+ * Added macro for BITS_PER_OCTET.
-+ * Added argument to pfkey_sa_build() to do eroutes.
-+ *
-+ * Revision 1.14 1999/12/08 20:33:25 rgb
-+ * Changed sa_family_t to uint16_t for 2.0.xx compatibility.
-+ *
-+ * Revision 1.13 1999/12/07 19:53:40 rgb
-+ * Removed unused first argument from extension parsers.
-+ * Changed __u* types to uint* to avoid use of asm/types.h and
-+ * sys/types.h in userspace code.
-+ * Added function prototypes for pfkey message and extensions
-+ * initialisation and cleanup.
-+ *
-+ * Revision 1.12 1999/12/01 22:19:38 rgb
-+ * Change pfkey_sa_build to accept an SPI in network byte order.
-+ *
-+ * Revision 1.11 1999/11/27 11:55:26 rgb
-+ * Added extern sadb_satype2proto to enable moving protocol lookup table
-+ * to lib/pfkey_v2_parse.c.
-+ * Delete unused, moved typedefs.
-+ * Add argument to pfkey_msg_parse() for direction.
-+ * Consolidated the 4 1-d extension bitmap arrays into one 4-d array.
-+ *
-+ * Revision 1.10 1999/11/23 22:29:21 rgb
-+ * This file has been moved in the distribution from klips/net/ipsec to
-+ * lib.
-+ * Add macros for dealing with alignment and rounding up more opaquely.
-+ * The uint<n>_t type defines have been moved to freeswan.h to avoid
-+ * chicken-and-egg problems.
-+ * Add macros for dealing with alignment and rounding up more opaque.
-+ * Added prototypes for using extention header bitmaps.
-+ * Added prototypes of all the build functions.
-+ *
-+ * Revision 1.9 1999/11/20 21:59:48 rgb
-+ * Moved socketlist type declarations and prototypes for shared use.
-+ * Slightly modified scope of sockaddr_key declaration.
-+ *
-+ * Revision 1.8 1999/11/17 14:34:25 rgb
-+ * Protect sa_family_t from being used in userspace with GLIBC<2.
-+ *
-+ * Revision 1.7 1999/10/27 19:40:35 rgb
-+ * Add a maximum PFKEY packet size macro.
-+ *
-+ * Revision 1.6 1999/10/26 16:58:58 rgb
-+ * Created a sockaddr_key and key_opt socket extension structures.
-+ *
-+ * Revision 1.5 1999/06/10 05:24:41 rgb
-+ * Renamed variables to reduce confusion.
-+ *
-+ * Revision 1.4 1999/04/29 15:21:11 rgb
-+ * Add pfkey support to debugging.
-+ * Add return values to init and cleanup functions.
-+ *
-+ * Revision 1.3 1999/04/15 17:58:07 rgb
-+ * Add RCSID labels.
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/pfkeyv2.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,472 @@
-+/*
-+ * RCSID $Id: pfkeyv2.h,v 1.31 2005/04/14 01:14:54 mcr Exp $
-+ */
-+
-+/*
-+RFC 2367 PF_KEY Key Management API July 1998
-+
-+
-+Appendix D: Sample Header File
-+
-+This file defines structures and symbols for the PF_KEY Version 2
-+key management interface. It was written at the U.S. Naval Research
-+Laboratory. This file is in the public domain. The authors ask that
-+you leave this credit intact on any copies of this file.
-+*/
-+#ifndef __PFKEY_V2_H
-+#define __PFKEY_V2_H 1
-+
-+#define PF_KEY_V2 2
-+#define PFKEYV2_REVISION 199806L
-+
-+#define SADB_RESERVED 0
-+#define SADB_GETSPI 1
-+#define SADB_UPDATE 2
-+#define SADB_ADD 3
-+#define SADB_DELETE 4
-+#define SADB_GET 5
-+#define SADB_ACQUIRE 6
-+#define SADB_REGISTER 7
-+#define SADB_EXPIRE 8
-+#define SADB_FLUSH 9
-+#define SADB_DUMP 10
-+#define SADB_X_PROMISC 11
-+#define SADB_X_PCHANGE 12
-+#define SADB_X_GRPSA 13
-+#define SADB_X_ADDFLOW 14
-+#define SADB_X_DELFLOW 15
-+#define SADB_X_DEBUG 16
-+#define SADB_X_NAT_T_NEW_MAPPING 17
-+#define SADB_MAX 17
-+
-+struct sadb_msg {
-+ uint8_t sadb_msg_version;
-+ uint8_t sadb_msg_type;
-+ uint8_t sadb_msg_errno;
-+ uint8_t sadb_msg_satype;
-+ uint16_t sadb_msg_len;
-+ uint16_t sadb_msg_reserved;
-+ uint32_t sadb_msg_seq;
-+ uint32_t sadb_msg_pid;
-+};
-+
-+struct sadb_ext {
-+ uint16_t sadb_ext_len;
-+ uint16_t sadb_ext_type;
-+};
-+
-+struct sadb_sa {
-+ uint16_t sadb_sa_len;
-+ uint16_t sadb_sa_exttype;
-+ uint32_t sadb_sa_spi;
-+ uint8_t sadb_sa_replay;
-+ uint8_t sadb_sa_state;
-+ uint8_t sadb_sa_auth;
-+ uint8_t sadb_sa_encrypt;
-+ uint32_t sadb_sa_flags;
-+ uint32_t /*IPsecSAref_t*/ sadb_x_sa_ref; /* 32 bits */
-+ uint8_t sadb_x_reserved[4];
-+};
-+
-+struct sadb_sa_v1 {
-+ uint16_t sadb_sa_len;
-+ uint16_t sadb_sa_exttype;
-+ uint32_t sadb_sa_spi;
-+ uint8_t sadb_sa_replay;
-+ uint8_t sadb_sa_state;
-+ uint8_t sadb_sa_auth;
-+ uint8_t sadb_sa_encrypt;
-+ uint32_t sadb_sa_flags;
-+};
-+
-+struct sadb_lifetime {
-+ uint16_t sadb_lifetime_len;
-+ uint16_t sadb_lifetime_exttype;
-+ uint32_t sadb_lifetime_allocations;
-+ uint64_t sadb_lifetime_bytes;
-+ uint64_t sadb_lifetime_addtime;
-+ uint64_t sadb_lifetime_usetime;
-+ uint32_t sadb_x_lifetime_packets;
-+ uint32_t sadb_x_lifetime_reserved;
-+};
-+
-+struct sadb_address {
-+ uint16_t sadb_address_len;
-+ uint16_t sadb_address_exttype;
-+ uint8_t sadb_address_proto;
-+ uint8_t sadb_address_prefixlen;
-+ uint16_t sadb_address_reserved;
-+};
-+
-+struct sadb_key {
-+ uint16_t sadb_key_len;
-+ uint16_t sadb_key_exttype;
-+ uint16_t sadb_key_bits;
-+ uint16_t sadb_key_reserved;
-+};
-+
-+struct sadb_ident {
-+ uint16_t sadb_ident_len;
-+ uint16_t sadb_ident_exttype;
-+ uint16_t sadb_ident_type;
-+ uint16_t sadb_ident_reserved;
-+ uint64_t sadb_ident_id;
-+};
-+
-+struct sadb_sens {
-+ uint16_t sadb_sens_len;
-+ uint16_t sadb_sens_exttype;
-+ uint32_t sadb_sens_dpd;
-+ uint8_t sadb_sens_sens_level;
-+ uint8_t sadb_sens_sens_len;
-+ uint8_t sadb_sens_integ_level;
-+ uint8_t sadb_sens_integ_len;
-+ uint32_t sadb_sens_reserved;
-+};
-+
-+struct sadb_prop {
-+ uint16_t sadb_prop_len;
-+ uint16_t sadb_prop_exttype;
-+ uint8_t sadb_prop_replay;
-+ uint8_t sadb_prop_reserved[3];
-+};
-+
-+struct sadb_comb {
-+ uint8_t sadb_comb_auth;
-+ uint8_t sadb_comb_encrypt;
-+ uint16_t sadb_comb_flags;
-+ uint16_t sadb_comb_auth_minbits;
-+ uint16_t sadb_comb_auth_maxbits;
-+ uint16_t sadb_comb_encrypt_minbits;
-+ uint16_t sadb_comb_encrypt_maxbits;
-+ uint32_t sadb_comb_reserved;
-+ uint32_t sadb_comb_soft_allocations;
-+ uint32_t sadb_comb_hard_allocations;
-+ uint64_t sadb_comb_soft_bytes;
-+ uint64_t sadb_comb_hard_bytes;
-+ uint64_t sadb_comb_soft_addtime;
-+ uint64_t sadb_comb_hard_addtime;
-+ uint64_t sadb_comb_soft_usetime;
-+ uint64_t sadb_comb_hard_usetime;
-+ uint32_t sadb_x_comb_soft_packets;
-+ uint32_t sadb_x_comb_hard_packets;
-+};
-+
-+struct sadb_supported {
-+ uint16_t sadb_supported_len;
-+ uint16_t sadb_supported_exttype;
-+ uint32_t sadb_supported_reserved;
-+};
-+
-+struct sadb_alg {
-+ uint8_t sadb_alg_id;
-+ uint8_t sadb_alg_ivlen;
-+ uint16_t sadb_alg_minbits;
-+ uint16_t sadb_alg_maxbits;
-+ uint16_t sadb_alg_reserved;
-+};
-+
-+struct sadb_spirange {
-+ uint16_t sadb_spirange_len;
-+ uint16_t sadb_spirange_exttype;
-+ uint32_t sadb_spirange_min;
-+ uint32_t sadb_spirange_max;
-+ uint32_t sadb_spirange_reserved;
-+};
-+
-+struct sadb_x_kmprivate {
-+ uint16_t sadb_x_kmprivate_len;
-+ uint16_t sadb_x_kmprivate_exttype;
-+ uint32_t sadb_x_kmprivate_reserved;
-+};
-+
-+struct sadb_x_satype {
-+ uint16_t sadb_x_satype_len;
-+ uint16_t sadb_x_satype_exttype;
-+ uint8_t sadb_x_satype_satype;
-+ uint8_t sadb_x_satype_reserved[3];
-+};
-+
-+struct sadb_x_policy {
-+ uint16_t sadb_x_policy_len;
-+ uint16_t sadb_x_policy_exttype;
-+ uint16_t sadb_x_policy_type;
-+ uint8_t sadb_x_policy_dir;
-+ uint8_t sadb_x_policy_reserved;
-+ uint32_t sadb_x_policy_id;
-+ uint32_t sadb_x_policy_reserved2;
-+};
-+
-+struct sadb_x_debug {
-+ uint16_t sadb_x_debug_len;
-+ uint16_t sadb_x_debug_exttype;
-+ uint32_t sadb_x_debug_tunnel;
-+ uint32_t sadb_x_debug_netlink;
-+ uint32_t sadb_x_debug_xform;
-+ uint32_t sadb_x_debug_eroute;
-+ uint32_t sadb_x_debug_spi;
-+ uint32_t sadb_x_debug_radij;
-+ uint32_t sadb_x_debug_esp;
-+ uint32_t sadb_x_debug_ah;
-+ uint32_t sadb_x_debug_rcv;
-+ uint32_t sadb_x_debug_pfkey;
-+ uint32_t sadb_x_debug_ipcomp;
-+ uint32_t sadb_x_debug_verbose;
-+ uint8_t sadb_x_debug_reserved[4];
-+};
-+
-+struct sadb_x_nat_t_type {
-+ uint16_t sadb_x_nat_t_type_len;
-+ uint16_t sadb_x_nat_t_type_exttype;
-+ uint8_t sadb_x_nat_t_type_type;
-+ uint8_t sadb_x_nat_t_type_reserved[3];
-+};
-+struct sadb_x_nat_t_port {
-+ uint16_t sadb_x_nat_t_port_len;
-+ uint16_t sadb_x_nat_t_port_exttype;
-+ uint16_t sadb_x_nat_t_port_port;
-+ uint16_t sadb_x_nat_t_port_reserved;
-+};
-+
-+/*
-+ * A protocol structure for passing through the transport level
-+ * protocol. It contains more fields than are actually used/needed
-+ * but it is this way to be compatible with the structure used in
-+ * OpenBSD (http://www.openbsd.org/cgi-bin/cvsweb/src/sys/net/pfkeyv2.h)
-+ */
-+struct sadb_protocol {
-+ uint16_t sadb_protocol_len;
-+ uint16_t sadb_protocol_exttype;
-+ uint8_t sadb_protocol_proto;
-+ uint8_t sadb_protocol_direction;
-+ uint8_t sadb_protocol_flags;
-+ uint8_t sadb_protocol_reserved2;
-+};
-+
-+#define SADB_EXT_RESERVED 0
-+#define SADB_EXT_SA 1
-+#define SADB_EXT_LIFETIME_CURRENT 2
-+#define SADB_EXT_LIFETIME_HARD 3
-+#define SADB_EXT_LIFETIME_SOFT 4
-+#define SADB_EXT_ADDRESS_SRC 5
-+#define SADB_EXT_ADDRESS_DST 6
-+#define SADB_EXT_ADDRESS_PROXY 7
-+#define SADB_EXT_KEY_AUTH 8
-+#define SADB_EXT_KEY_ENCRYPT 9
-+#define SADB_EXT_IDENTITY_SRC 10
-+#define SADB_EXT_IDENTITY_DST 11
-+#define SADB_EXT_SENSITIVITY 12
-+#define SADB_EXT_PROPOSAL 13
-+#define SADB_EXT_SUPPORTED_AUTH 14
-+#define SADB_EXT_SUPPORTED_ENCRYPT 15
-+#define SADB_EXT_SPIRANGE 16
-+#define SADB_X_EXT_KMPRIVATE 17
-+#define SADB_X_EXT_SATYPE2 18
-+#ifdef KERNEL26_HAS_KAME_DUPLICATES
-+#define SADB_X_EXT_POLICY 18
-+#endif
-+#define SADB_X_EXT_SA2 19
-+#define SADB_X_EXT_ADDRESS_DST2 20
-+#define SADB_X_EXT_ADDRESS_SRC_FLOW 21
-+#define SADB_X_EXT_ADDRESS_DST_FLOW 22
-+#define SADB_X_EXT_ADDRESS_SRC_MASK 23
-+#define SADB_X_EXT_ADDRESS_DST_MASK 24
-+#define SADB_X_EXT_DEBUG 25
-+#define SADB_X_EXT_PROTOCOL 26
-+#define SADB_X_EXT_NAT_T_TYPE 27
-+#define SADB_X_EXT_NAT_T_SPORT 28
-+#define SADB_X_EXT_NAT_T_DPORT 29
-+#define SADB_X_EXT_NAT_T_OA 30
-+#define SADB_EXT_MAX 30
-+
-+/* SADB_X_DELFLOW required over and above SADB_X_SAFLAGS_CLEARFLOW */
-+#define SADB_X_EXT_ADDRESS_DELFLOW \
-+ ( (1<<SADB_X_EXT_ADDRESS_SRC_FLOW) \
-+ | (1<<SADB_X_EXT_ADDRESS_DST_FLOW) \
-+ | (1<<SADB_X_EXT_ADDRESS_SRC_MASK) \
-+ | (1<<SADB_X_EXT_ADDRESS_DST_MASK))
-+
-+#define SADB_SATYPE_UNSPEC 0
-+#define SADB_SATYPE_AH 2
-+#define SADB_SATYPE_ESP 3
-+#define SADB_SATYPE_RSVP 5
-+#define SADB_SATYPE_OSPFV2 6
-+#define SADB_SATYPE_RIPV2 7
-+#define SADB_SATYPE_MIP 8
-+#define SADB_X_SATYPE_IPIP 9
-+#ifdef KERNEL26_HAS_KAME_DUPLICATES
-+#define SADB_X_SATYPE_IPCOMP 9 /* ICK! */
-+#endif
-+#define SADB_X_SATYPE_COMP 10
-+#define SADB_X_SATYPE_INT 11
-+#define SADB_SATYPE_MAX 11
-+
-+enum sadb_sastate {
-+ SADB_SASTATE_LARVAL=0,
-+ SADB_SASTATE_MATURE=1,
-+ SADB_SASTATE_DYING=2,
-+ SADB_SASTATE_DEAD=3
-+};
-+#define SADB_SASTATE_MAX 3
-+
-+#define SADB_SAFLAGS_PFS 1
-+#define SADB_X_SAFLAGS_REPLACEFLOW 2
-+#define SADB_X_SAFLAGS_CLEARFLOW 4
-+#define SADB_X_SAFLAGS_INFLOW 8
-+
-+/* not obvious, but these are the same values as used in isakmp,
-+ * and in freeswan/ipsec_policy.h. If you need to add any, they
-+ * should be added as according to
-+ * http://www.iana.org/assignments/isakmp-registry
-+ *
-+ * and if not, then please try to use a private-use value, and
-+ * consider asking IANA to assign a value.
-+ */
-+#define SADB_AALG_NONE 0
-+#define SADB_AALG_MD5HMAC 2
-+#define SADB_AALG_SHA1HMAC 3
-+#define SADB_X_AALG_SHA2_256HMAC 5
-+#define SADB_X_AALG_SHA2_384HMAC 6
-+#define SADB_X_AALG_SHA2_512HMAC 7
-+#define SADB_X_AALG_RIPEMD160HMAC 8
-+#define SADB_X_AALG_NULL 251 /* kame */
-+#define SADB_AALG_MAX 251
-+
-+#define SADB_EALG_NONE 0
-+#define SADB_EALG_DESCBC 2
-+#define SADB_EALG_3DESCBC 3
-+#define SADB_X_EALG_CASTCBC 6
-+#define SADB_X_EALG_BLOWFISHCBC 7
-+#define SADB_EALG_NULL 11
-+#define SADB_X_EALG_AESCBC 12
-+#define SADB_EALG_MAX 255
-+
-+#define SADB_X_CALG_NONE 0
-+#define SADB_X_CALG_OUI 1
-+#define SADB_X_CALG_DEFLATE 2
-+#define SADB_X_CALG_LZS 3
-+#define SADB_X_CALG_V42BIS 4
-+#ifdef KERNEL26_HAS_KAME_DUPLICATES
-+#define SADB_X_CALG_LZJH 4
-+#endif
-+#define SADB_X_CALG_MAX 4
-+
-+#define SADB_X_TALG_NONE 0
-+#define SADB_X_TALG_IPv4_in_IPv4 1
-+#define SADB_X_TALG_IPv6_in_IPv4 2
-+#define SADB_X_TALG_IPv4_in_IPv6 3
-+#define SADB_X_TALG_IPv6_in_IPv6 4
-+#define SADB_X_TALG_MAX 4
-+
-+
-+#define SADB_IDENTTYPE_RESERVED 0
-+#define SADB_IDENTTYPE_PREFIX 1
-+#define SADB_IDENTTYPE_FQDN 2
-+#define SADB_IDENTTYPE_USERFQDN 3
-+#define SADB_X_IDENTTYPE_CONNECTION 4
-+#define SADB_IDENTTYPE_MAX 4
-+
-+#define SADB_KEY_FLAGS_MAX 0
-+#endif /* __PFKEY_V2_H */
-+
-+/*
-+ * $Log: pfkeyv2.h,v $
-+ * Revision 1.31 2005/04/14 01:14:54 mcr
-+ * change sadb_state to an enum.
-+ *
-+ * Revision 1.30 2004/04/06 02:49:00 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.29 2003/12/22 21:35:58 mcr
-+ * new patches from Dr{Who}.
-+ *
-+ * Revision 1.28 2003/12/22 19:33:15 mcr
-+ * added 0.6c NAT-T patch.
-+ *
-+ * Revision 1.27 2003/12/10 01:20:01 mcr
-+ * NAT-traversal patches to KLIPS.
-+ *
-+ * Revision 1.26 2003/10/31 02:26:44 mcr
-+ * pulled up port-selector patches.
-+ *
-+ * Revision 1.25.4.1 2003/09/21 13:59:34 mcr
-+ * pre-liminary X.509 patch - does not yet pass tests.
-+ *
-+ * Revision 1.25 2003/07/31 23:59:17 mcr
-+ * re-introduce kernel 2.6 duplicate values for now.
-+ * hope to get them changed!
-+ *
-+ * Revision 1.24 2003/07/31 22:55:27 mcr
-+ * added some definitions to keep pfkeyv2.h files in sync.
-+ *
-+ * Revision 1.23 2003/05/11 00:43:48 mcr
-+ * added comment about origin of values used
-+ *
-+ * Revision 1.22 2003/01/30 02:31:34 rgb
-+ *
-+ * Convert IPsecSAref_t from signed to unsigned to fix apparent SAref exhaustion bug.
-+ *
-+ * Revision 1.21 2002/12/16 19:26:49 mcr
-+ * added definition of FS 1.xx sadb structure
-+ *
-+ * Revision 1.20 2002/09/20 15:40:25 rgb
-+ * Added sadb_x_sa_ref to struct sadb_sa.
-+ *
-+ * Revision 1.19 2002/04/24 07:36:49 mcr
-+ * Moved from ./lib/pfkeyv2.h,v
-+ *
-+ * Revision 1.18 2001/11/06 19:47:47 rgb
-+ * Added packet parameter to lifetime and comb structures.
-+ *
-+ * Revision 1.17 2001/09/08 21:13:35 rgb
-+ * Added pfkey ident extension support for ISAKMPd. (NetCelo)
-+ *
-+ * Revision 1.16 2001/07/06 19:49:46 rgb
-+ * Added SADB_X_SAFLAGS_INFLOW for supporting incoming policy checks.
-+ *
-+ * Revision 1.15 2001/02/26 20:00:43 rgb
-+ * Added internal IP protocol 61 for magic SAs.
-+ *
-+ * Revision 1.14 2001/02/08 18:51:05 rgb
-+ * Include RFC document title and appendix subsection title.
-+ *
-+ * Revision 1.13 2000/10/10 20:10:20 rgb
-+ * Added support for debug_ipcomp and debug_verbose to klipsdebug.
-+ *
-+ * Revision 1.12 2000/09/15 06:41:50 rgb
-+ * Added V42BIS constant.
-+ *
-+ * Revision 1.11 2000/09/12 22:35:37 rgb
-+ * Restructured to remove unused extensions from CLEARFLOW messages.
-+ *
-+ * Revision 1.10 2000/09/12 18:50:09 rgb
-+ * Added IPIP tunnel types as algo support.
-+ *
-+ * Revision 1.9 2000/08/21 16:47:19 rgb
-+ * Added SADB_X_CALG_* macros for IPCOMP.
-+ *
-+ * Revision 1.8 2000/08/09 20:43:34 rgb
-+ * Fixed bitmask value for SADB_X_SAFLAGS_CLEAREROUTE.
-+ *
-+ * Revision 1.7 2000/01/21 06:28:37 rgb
-+ * Added flow add/delete message type macros.
-+ * Added flow address extension type macros.
-+ * Tidied up spacing.
-+ * Added klipsdebug switching capability.
-+ *
-+ * Revision 1.6 1999/11/27 11:56:08 rgb
-+ * Add SADB_X_SATYPE_COMP for compression, eventually.
-+ *
-+ * Revision 1.5 1999/11/23 22:23:16 rgb
-+ * This file has been moved in the distribution from klips/net/ipsec to
-+ * lib.
-+ *
-+ * Revision 1.4 1999/04/29 15:23:29 rgb
-+ * Add GRPSA support.
-+ * Add support for a second SATYPE, SA and DST_ADDRESS.
-+ * Add IPPROTO_IPIP support.
-+ *
-+ * Revision 1.3 1999/04/15 17:58:08 rgb
-+ * Add RCSID labels.
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/zlib/zconf.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,309 @@
-+/* zconf.h -- configuration of the zlib compression library
-+ * Copyright (C) 1995-2002 Jean-loup Gailly.
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+/* @(#) $Id: zconf.h,v 1.4 2004/07/10 07:48:40 mcr Exp $ */
-+
-+#ifndef _ZCONF_H
-+#define _ZCONF_H
-+
-+/*
-+ * If you *really* need a unique prefix for all types and library functions,
-+ * compile with -DZ_PREFIX. The "standard" zlib should be compiled without it.
-+ */
-+#ifdef IPCOMP_PREFIX
-+# define deflateInit_ ipcomp_deflateInit_
-+# define deflate ipcomp_deflate
-+# define deflateEnd ipcomp_deflateEnd
-+# define inflateInit_ ipcomp_inflateInit_
-+# define inflate ipcomp_inflate
-+# define inflateEnd ipcomp_inflateEnd
-+# define deflateInit2_ ipcomp_deflateInit2_
-+# define deflateSetDictionary ipcomp_deflateSetDictionary
-+# define deflateCopy ipcomp_deflateCopy
-+# define deflateReset ipcomp_deflateReset
-+# define deflateParams ipcomp_deflateParams
-+# define inflateInit2_ ipcomp_inflateInit2_
-+# define inflateSetDictionary ipcomp_inflateSetDictionary
-+# define inflateSync ipcomp_inflateSync
-+# define inflateSyncPoint ipcomp_inflateSyncPoint
-+# define inflateReset ipcomp_inflateReset
-+# define compress ipcomp_compress
-+# define compress2 ipcomp_compress2
-+# define uncompress ipcomp_uncompress
-+# define adler32 ipcomp_adler32
-+# define crc32 ipcomp_crc32
-+# define get_crc_table ipcomp_get_crc_table
-+/* SSS: these also need to be prefixed to avoid clash with ppp_deflate and ext2compression */
-+# define inflate_blocks ipcomp_deflate_blocks
-+# define inflate_blocks_free ipcomp_deflate_blocks_free
-+# define inflate_blocks_new ipcomp_inflate_blocks_new
-+# define inflate_blocks_reset ipcomp_inflate_blocks_reset
-+# define inflate_blocks_sync_point ipcomp_inflate_blocks_sync_point
-+# define inflate_set_dictionary ipcomp_inflate_set_dictionary
-+# define inflate_codes ipcomp_inflate_codes
-+# define inflate_codes_free ipcomp_inflate_codes_free
-+# define inflate_codes_new ipcomp_inflate_codes_new
-+# define inflate_fast ipcomp_inflate_fast
-+# define inflate_trees_bits ipcomp_inflate_trees_bits
-+# define inflate_trees_dynamic ipcomp_inflate_trees_dynamic
-+# define inflate_trees_fixed ipcomp_inflate_trees_fixed
-+# define inflate_flush ipcomp_inflate_flush
-+# define inflate_mask ipcomp_inflate_mask
-+# define _dist_code _ipcomp_dist_code
-+# define _length_code _ipcomp_length_code
-+# define _tr_align _ipcomp_tr_align
-+# define _tr_flush_block _ipcomp_tr_flush_block
-+# define _tr_init _ipcomp_tr_init
-+# define _tr_stored_block _ipcomp_tr_stored_block
-+# define _tr_tally _ipcomp_tr_tally
-+# define zError ipcomp_zError
-+# define z_errmsg ipcomp_z_errmsg
-+# define zlibVersion ipcomp_zlibVersion
-+# define match_init ipcomp_match_init
-+# define longest_match ipcomp_longest_match
-+#endif
-+
-+#ifdef Z_PREFIX
-+# define Byte z_Byte
-+# define uInt z_uInt
-+# define uLong z_uLong
-+# define Bytef z_Bytef
-+# define charf z_charf
-+# define intf z_intf
-+# define uIntf z_uIntf
-+# define uLongf z_uLongf
-+# define voidpf z_voidpf
-+# define voidp z_voidp
-+#endif
-+
-+#if (defined(_WIN32) || defined(__WIN32__)) && !defined(WIN32)
-+# define WIN32
-+#endif
-+#if defined(__GNUC__) || defined(WIN32) || defined(__386__) || defined(i386)
-+# ifndef __32BIT__
-+# define __32BIT__
-+# endif
-+#endif
-+#if defined(__MSDOS__) && !defined(MSDOS)
-+# define MSDOS
-+#endif
-+
-+/*
-+ * Compile with -DMAXSEG_64K if the alloc function cannot allocate more
-+ * than 64k bytes at a time (needed on systems with 16-bit int).
-+ */
-+#if defined(MSDOS) && !defined(__32BIT__)
-+# define MAXSEG_64K
-+#endif
-+#ifdef MSDOS
-+# define UNALIGNED_OK
-+#endif
-+
-+#if (defined(MSDOS) || defined(_WINDOWS) || defined(WIN32)) && !defined(STDC)
-+# define STDC
-+#endif
-+#if defined(__STDC__) || defined(__cplusplus) || defined(__OS2__)
-+# ifndef STDC
-+# define STDC
-+# endif
-+#endif
-+
-+#ifndef STDC
-+# ifndef const /* cannot use !defined(STDC) && !defined(const) on Mac */
-+# define const
-+# endif
-+#endif
-+
-+/* Some Mac compilers merge all .h files incorrectly: */
-+#if defined(__MWERKS__) || defined(applec) ||defined(THINK_C) ||defined(__SC__)
-+# define NO_DUMMY_DECL
-+#endif
-+
-+/* Old Borland C incorrectly complains about missing returns: */
-+#if defined(__BORLANDC__) && (__BORLANDC__ < 0x500)
-+# define NEED_DUMMY_RETURN
-+#endif
-+
-+
-+/* Maximum value for memLevel in deflateInit2 */
-+#ifndef MAX_MEM_LEVEL
-+# ifdef MAXSEG_64K
-+# define MAX_MEM_LEVEL 8
-+# else
-+# define MAX_MEM_LEVEL 9
-+# endif
-+#endif
-+
-+/* Maximum value for windowBits in deflateInit2 and inflateInit2.
-+ * WARNING: reducing MAX_WBITS makes minigzip unable to extract .gz files
-+ * created by gzip. (Files created by minigzip can still be extracted by
-+ * gzip.)
-+ */
-+#ifndef MAX_WBITS
-+# define MAX_WBITS 15 /* 32K LZ77 window */
-+#endif
-+
-+/* The memory requirements for deflate are (in bytes):
-+ (1 << (windowBits+2)) + (1 << (memLevel+9))
-+ that is: 128K for windowBits=15 + 128K for memLevel = 8 (default values)
-+ plus a few kilobytes for small objects. For example, if you want to reduce
-+ the default memory requirements from 256K to 128K, compile with
-+ make CFLAGS="-O -DMAX_WBITS=14 -DMAX_MEM_LEVEL=7"
-+ Of course this will generally degrade compression (there's no free lunch).
-+
-+ The memory requirements for inflate are (in bytes) 1 << windowBits
-+ that is, 32K for windowBits=15 (default value) plus a few kilobytes
-+ for small objects.
-+*/
-+
-+ /* Type declarations */
-+
-+#ifndef OF /* function prototypes */
-+# ifdef STDC
-+# define OF(args) args
-+# else
-+# define OF(args) ()
-+# endif
-+#endif
-+
-+/* The following definitions for FAR are needed only for MSDOS mixed
-+ * model programming (small or medium model with some far allocations).
-+ * This was tested only with MSC; for other MSDOS compilers you may have
-+ * to define NO_MEMCPY in zutil.h. If you don't need the mixed model,
-+ * just define FAR to be empty.
-+ */
-+#if (defined(M_I86SM) || defined(M_I86MM)) && !defined(__32BIT__)
-+ /* MSC small or medium model */
-+# define SMALL_MEDIUM
-+# ifdef _MSC_VER
-+# define FAR _far
-+# else
-+# define FAR far
-+# endif
-+#endif
-+#if defined(__BORLANDC__) && (defined(__SMALL__) || defined(__MEDIUM__))
-+# ifndef __32BIT__
-+# define SMALL_MEDIUM
-+# define FAR _far
-+# endif
-+#endif
-+
-+/* Compile with -DZLIB_DLL for Windows DLL support */
-+#if defined(ZLIB_DLL)
-+# if defined(_WINDOWS) || defined(WINDOWS)
-+# ifdef FAR
-+# undef FAR
-+# endif
-+# include <windows.h>
-+# define ZEXPORT WINAPI
-+# ifdef WIN32
-+# define ZEXPORTVA WINAPIV
-+# else
-+# define ZEXPORTVA FAR _cdecl _export
-+# endif
-+# endif
-+# if defined (__BORLANDC__)
-+# if (__BORLANDC__ >= 0x0500) && defined (WIN32)
-+# include <windows.h>
-+# define ZEXPORT __declspec(dllexport) WINAPI
-+# define ZEXPORTRVA __declspec(dllexport) WINAPIV
-+# else
-+# if defined (_Windows) && defined (__DLL__)
-+# define ZEXPORT _export
-+# define ZEXPORTVA _export
-+# endif
-+# endif
-+# endif
-+#endif
-+
-+#if defined (__BEOS__)
-+# if defined (ZLIB_DLL)
-+# define ZEXTERN extern __declspec(dllexport)
-+# else
-+# define ZEXTERN extern __declspec(dllimport)
-+# endif
-+#endif
-+
-+#ifndef ZEXPORT
-+# define ZEXPORT
-+#endif
-+#ifndef ZEXPORTVA
-+# define ZEXPORTVA
-+#endif
-+#ifndef ZEXTERN
-+# define ZEXTERN extern
-+#endif
-+
-+#ifndef FAR
-+# define FAR
-+#endif
-+
-+#if !defined(MACOS) && !defined(TARGET_OS_MAC)
-+typedef unsigned char Byte; /* 8 bits */
-+#endif
-+typedef unsigned int uInt; /* 16 bits or more */
-+typedef unsigned long uLong; /* 32 bits or more */
-+
-+#ifdef SMALL_MEDIUM
-+ /* Borland C/C++ and some old MSC versions ignore FAR inside typedef */
-+# define Bytef Byte FAR
-+#else
-+ typedef Byte FAR Bytef;
-+#endif
-+typedef char FAR charf;
-+typedef int FAR intf;
-+typedef uInt FAR uIntf;
-+typedef uLong FAR uLongf;
-+
-+#ifdef STDC
-+ typedef void FAR *voidpf;
-+ typedef void *voidp;
-+#else
-+ typedef Byte FAR *voidpf;
-+ typedef Byte *voidp;
-+#endif
-+
-+#ifdef HAVE_UNISTD_H
-+# include <sys/types.h> /* for off_t */
-+# include <unistd.h> /* for SEEK_* and off_t */
-+# define z_off_t off_t
-+#endif
-+#ifndef SEEK_SET
-+# define SEEK_SET 0 /* Seek from beginning of file. */
-+# define SEEK_CUR 1 /* Seek from current position. */
-+# define SEEK_END 2 /* Set file pointer to EOF plus "offset" */
-+#endif
-+#ifndef z_off_t
-+# define z_off_t long
-+#endif
-+
-+/* MVS linker does not support external names larger than 8 bytes */
-+#if defined(__MVS__)
-+# pragma map(deflateInit_,"DEIN")
-+# pragma map(deflateInit2_,"DEIN2")
-+# pragma map(deflateEnd,"DEEND")
-+# pragma map(inflateInit_,"ININ")
-+# pragma map(inflateInit2_,"ININ2")
-+# pragma map(inflateEnd,"INEND")
-+# pragma map(inflateSync,"INSY")
-+# pragma map(inflateSetDictionary,"INSEDI")
-+# pragma map(inflate_blocks,"INBL")
-+# pragma map(inflate_blocks_new,"INBLNE")
-+# pragma map(inflate_blocks_free,"INBLFR")
-+# pragma map(inflate_blocks_reset,"INBLRE")
-+# pragma map(inflate_codes_free,"INCOFR")
-+# pragma map(inflate_codes,"INCO")
-+# pragma map(inflate_fast,"INFA")
-+# pragma map(inflate_flush,"INFLU")
-+# pragma map(inflate_mask,"INMA")
-+# pragma map(inflate_set_dictionary,"INSEDI2")
-+# pragma map(ipcomp_inflate_copyright,"INCOPY")
-+# pragma map(inflate_trees_bits,"INTRBI")
-+# pragma map(inflate_trees_dynamic,"INTRDY")
-+# pragma map(inflate_trees_fixed,"INTRFI")
-+# pragma map(inflate_trees_free,"INTRFR")
-+#endif
-+
-+#endif /* _ZCONF_H */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/zlib/zlib.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,893 @@
-+/* zlib.h -- interface of the 'zlib' general purpose compression library
-+ version 1.1.4, March 11th, 2002
-+
-+ Copyright (C) 1995-2002 Jean-loup Gailly and Mark Adler
-+
-+ This software is provided 'as-is', without any express or implied
-+ warranty. In no event will the authors be held liable for any damages
-+ arising from the use of this software.
-+
-+ Permission is granted to anyone to use this software for any purpose,
-+ including commercial applications, and to alter it and redistribute it
-+ freely, subject to the following restrictions:
-+
-+ 1. The origin of this software must not be misrepresented; you must not
-+ claim that you wrote the original software. If you use this software
-+ in a product, an acknowledgment in the product documentation would be
-+ appreciated but is not required.
-+ 2. Altered source versions must be plainly marked as such, and must not be
-+ misrepresented as being the original software.
-+ 3. This notice may not be removed or altered from any source distribution.
-+
-+ Jean-loup Gailly Mark Adler
-+ jloup@gzip.org madler@alumni.caltech.edu
-+
-+
-+ The data format used by the zlib library is described by RFCs (Request for
-+ Comments) 1950 to 1952 in the files ftp://ds.internic.net/rfc/rfc1950.txt
-+ (zlib format), rfc1951.txt (deflate format) and rfc1952.txt (gzip format).
-+*/
-+
-+#ifndef _ZLIB_H
-+#define _ZLIB_H
-+
-+#include "zconf.h"
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+#define ZLIB_VERSION "1.1.4"
-+
-+/*
-+ The 'zlib' compression library provides in-memory compression and
-+ decompression functions, including integrity checks of the uncompressed
-+ data. This version of the library supports only one compression method
-+ (deflation) but other algorithms will be added later and will have the same
-+ stream interface.
-+
-+ Compression can be done in a single step if the buffers are large
-+ enough (for example if an input file is mmap'ed), or can be done by
-+ repeated calls of the compression function. In the latter case, the
-+ application must provide more input and/or consume the output
-+ (providing more output space) before each call.
-+
-+ The library also supports reading and writing files in gzip (.gz) format
-+ with an interface similar to that of stdio.
-+
-+ The library does not install any signal handler. The decoder checks
-+ the consistency of the compressed data, so the library should never
-+ crash even in case of corrupted input.
-+*/
-+
-+typedef voidpf (*alloc_func) OF((voidpf opaque, uInt items, uInt size));
-+typedef void (*free_func) OF((voidpf opaque, voidpf address));
-+
-+struct internal_state;
-+
-+typedef struct z_stream_s {
-+ Bytef *next_in; /* next input byte */
-+ uInt avail_in; /* number of bytes available at next_in */
-+ uLong total_in; /* total nb of input bytes read so far */
-+
-+ Bytef *next_out; /* next output byte should be put there */
-+ uInt avail_out; /* remaining free space at next_out */
-+ uLong total_out; /* total nb of bytes output so far */
-+
-+ const char *msg; /* last error message, NULL if no error */
-+ struct internal_state FAR *state; /* not visible by applications */
-+
-+ alloc_func zalloc; /* used to allocate the internal state */
-+ free_func zfree; /* used to free the internal state */
-+ voidpf opaque; /* private data object passed to zalloc and zfree */
-+
-+ int data_type; /* best guess about the data type: ascii or binary */
-+ uLong adler; /* adler32 value of the uncompressed data */
-+ uLong reserved; /* reserved for future use */
-+} z_stream;
-+
-+typedef z_stream FAR *z_streamp;
-+
-+/*
-+ The application must update next_in and avail_in when avail_in has
-+ dropped to zero. It must update next_out and avail_out when avail_out
-+ has dropped to zero. The application must initialize zalloc, zfree and
-+ opaque before calling the init function. All other fields are set by the
-+ compression library and must not be updated by the application.
-+
-+ The opaque value provided by the application will be passed as the first
-+ parameter for calls of zalloc and zfree. This can be useful for custom
-+ memory management. The compression library attaches no meaning to the
-+ opaque value.
-+
-+ zalloc must return Z_NULL if there is not enough memory for the object.
-+ If zlib is used in a multi-threaded application, zalloc and zfree must be
-+ thread safe.
-+
-+ On 16-bit systems, the functions zalloc and zfree must be able to allocate
-+ exactly 65536 bytes, but will not be required to allocate more than this
-+ if the symbol MAXSEG_64K is defined (see zconf.h). WARNING: On MSDOS,
-+ pointers returned by zalloc for objects of exactly 65536 bytes *must*
-+ have their offset normalized to zero. The default allocation function
-+ provided by this library ensures this (see zutil.c). To reduce memory
-+ requirements and avoid any allocation of 64K objects, at the expense of
-+ compression ratio, compile the library with -DMAX_WBITS=14 (see zconf.h).
-+
-+ The fields total_in and total_out can be used for statistics or
-+ progress reports. After compression, total_in holds the total size of
-+ the uncompressed data and may be saved for use in the decompressor
-+ (particularly if the decompressor wants to decompress everything in
-+ a single step).
-+*/
-+
-+ /* constants */
-+
-+#define Z_NO_FLUSH 0
-+#define Z_PARTIAL_FLUSH 1 /* will be removed, use Z_SYNC_FLUSH instead */
-+#define Z_SYNC_FLUSH 2
-+#define Z_FULL_FLUSH 3
-+#define Z_FINISH 4
-+/* Allowed flush values; see deflate() below for details */
-+
-+#define Z_OK 0
-+#define Z_STREAM_END 1
-+#define Z_NEED_DICT 2
-+#define Z_ERRNO (-1)
-+#define Z_STREAM_ERROR (-2)
-+#define Z_DATA_ERROR (-3)
-+#define Z_MEM_ERROR (-4)
-+#define Z_BUF_ERROR (-5)
-+#define Z_VERSION_ERROR (-6)
-+/* Return codes for the compression/decompression functions. Negative
-+ * values are errors, positive values are used for special but normal events.
-+ */
-+
-+#define Z_NO_COMPRESSION 0
-+#define Z_BEST_SPEED 1
-+#define Z_BEST_COMPRESSION 9
-+#define Z_DEFAULT_COMPRESSION (-1)
-+/* compression levels */
-+
-+#define Z_FILTERED 1
-+#define Z_HUFFMAN_ONLY 2
-+#define Z_DEFAULT_STRATEGY 0
-+/* compression strategy; see deflateInit2() below for details */
-+
-+#define Z_BINARY 0
-+#define Z_ASCII 1
-+#define Z_UNKNOWN 2
-+/* Possible values of the data_type field */
-+
-+#define Z_DEFLATED 8
-+/* The deflate compression method (the only one supported in this version) */
-+
-+#define Z_NULL 0 /* for initializing zalloc, zfree, opaque */
-+
-+#define zlib_version zlibVersion()
-+/* for compatibility with versions < 1.0.2 */
-+
-+ /* basic functions */
-+
-+ZEXTERN const char * ZEXPORT zlibVersion OF((void));
-+/* The application can compare zlibVersion and ZLIB_VERSION for consistency.
-+ If the first character differs, the library code actually used is
-+ not compatible with the zlib.h header file used by the application.
-+ This check is automatically made by deflateInit and inflateInit.
-+ */
-+
-+/*
-+ZEXTERN int ZEXPORT deflateInit OF((z_streamp strm, int level));
-+
-+ Initializes the internal stream state for compression. The fields
-+ zalloc, zfree and opaque must be initialized before by the caller.
-+ If zalloc and zfree are set to Z_NULL, deflateInit updates them to
-+ use default allocation functions.
-+
-+ The compression level must be Z_DEFAULT_COMPRESSION, or between 0 and 9:
-+ 1 gives best speed, 9 gives best compression, 0 gives no compression at
-+ all (the input data is simply copied a block at a time).
-+ Z_DEFAULT_COMPRESSION requests a default compromise between speed and
-+ compression (currently equivalent to level 6).
-+
-+ deflateInit returns Z_OK if success, Z_MEM_ERROR if there was not
-+ enough memory, Z_STREAM_ERROR if level is not a valid compression level,
-+ Z_VERSION_ERROR if the zlib library version (zlib_version) is incompatible
-+ with the version assumed by the caller (ZLIB_VERSION).
-+ msg is set to null if there is no error message. deflateInit does not
-+ perform any compression: this will be done by deflate().
-+*/
-+
-+
-+ZEXTERN int ZEXPORT deflate OF((z_streamp strm, int flush));
-+/*
-+ deflate compresses as much data as possible, and stops when the input
-+ buffer becomes empty or the output buffer becomes full. It may introduce some
-+ output latency (reading input without producing any output) except when
-+ forced to flush.
-+
-+ The detailed semantics are as follows. deflate performs one or both of the
-+ following actions:
-+
-+ - Compress more input starting at next_in and update next_in and avail_in
-+ accordingly. If not all input can be processed (because there is not
-+ enough room in the output buffer), next_in and avail_in are updated and
-+ processing will resume at this point for the next call of deflate().
-+
-+ - Provide more output starting at next_out and update next_out and avail_out
-+ accordingly. This action is forced if the parameter flush is non zero.
-+ Forcing flush frequently degrades the compression ratio, so this parameter
-+ should be set only when necessary (in interactive applications).
-+ Some output may be provided even if flush is not set.
-+
-+ Before the call of deflate(), the application should ensure that at least
-+ one of the actions is possible, by providing more input and/or consuming
-+ more output, and updating avail_in or avail_out accordingly; avail_out
-+ should never be zero before the call. The application can consume the
-+ compressed output when it wants, for example when the output buffer is full
-+ (avail_out == 0), or after each call of deflate(). If deflate returns Z_OK
-+ and with zero avail_out, it must be called again after making room in the
-+ output buffer because there might be more output pending.
-+
-+ If the parameter flush is set to Z_SYNC_FLUSH, all pending output is
-+ flushed to the output buffer and the output is aligned on a byte boundary, so
-+ that the decompressor can get all input data available so far. (In particular
-+ avail_in is zero after the call if enough output space has been provided
-+ before the call.) Flushing may degrade compression for some compression
-+ algorithms and so it should be used only when necessary.
-+
-+ If flush is set to Z_FULL_FLUSH, all output is flushed as with
-+ Z_SYNC_FLUSH, and the compression state is reset so that decompression can
-+ restart from this point if previous compressed data has been damaged or if
-+ random access is desired. Using Z_FULL_FLUSH too often can seriously degrade
-+ the compression.
-+
-+ If deflate returns with avail_out == 0, this function must be called again
-+ with the same value of the flush parameter and more output space (updated
-+ avail_out), until the flush is complete (deflate returns with non-zero
-+ avail_out).
-+
-+ If the parameter flush is set to Z_FINISH, pending input is processed,
-+ pending output is flushed and deflate returns with Z_STREAM_END if there
-+ was enough output space; if deflate returns with Z_OK, this function must be
-+ called again with Z_FINISH and more output space (updated avail_out) but no
-+ more input data, until it returns with Z_STREAM_END or an error. After
-+ deflate has returned Z_STREAM_END, the only possible operations on the
-+ stream are deflateReset or deflateEnd.
-+
-+ Z_FINISH can be used immediately after deflateInit if all the compression
-+ is to be done in a single step. In this case, avail_out must be at least
-+ 0.1% larger than avail_in plus 12 bytes. If deflate does not return
-+ Z_STREAM_END, then it must be called again as described above.
-+
-+ deflate() sets strm->adler to the adler32 checksum of all input read
-+ so far (that is, total_in bytes).
-+
-+ deflate() may update data_type if it can make a good guess about
-+ the input data type (Z_ASCII or Z_BINARY). In doubt, the data is considered
-+ binary. This field is only for information purposes and does not affect
-+ the compression algorithm in any manner.
-+
-+ deflate() returns Z_OK if some progress has been made (more input
-+ processed or more output produced), Z_STREAM_END if all input has been
-+ consumed and all output has been produced (only when flush is set to
-+ Z_FINISH), Z_STREAM_ERROR if the stream state was inconsistent (for example
-+ if next_in or next_out was NULL), Z_BUF_ERROR if no progress is possible
-+ (for example avail_in or avail_out was zero).
-+*/
-+
-+
-+ZEXTERN int ZEXPORT deflateEnd OF((z_streamp strm));
-+/*
-+ All dynamically allocated data structures for this stream are freed.
-+ This function discards any unprocessed input and does not flush any
-+ pending output.
-+
-+ deflateEnd returns Z_OK if success, Z_STREAM_ERROR if the
-+ stream state was inconsistent, Z_DATA_ERROR if the stream was freed
-+ prematurely (some input or output was discarded). In the error case,
-+ msg may be set but then points to a static string (which must not be
-+ deallocated).
-+*/
-+
-+
-+/*
-+ZEXTERN int ZEXPORT inflateInit OF((z_streamp strm));
-+
-+ Initializes the internal stream state for decompression. The fields
-+ next_in, avail_in, zalloc, zfree and opaque must be initialized before by
-+ the caller. If next_in is not Z_NULL and avail_in is large enough (the exact
-+ value depends on the compression method), inflateInit determines the
-+ compression method from the zlib header and allocates all data structures
-+ accordingly; otherwise the allocation will be deferred to the first call of
-+ inflate. If zalloc and zfree are set to Z_NULL, inflateInit updates them to
-+ use default allocation functions.
-+
-+ inflateInit returns Z_OK if success, Z_MEM_ERROR if there was not enough
-+ memory, Z_VERSION_ERROR if the zlib library version is incompatible with the
-+ version assumed by the caller. msg is set to null if there is no error
-+ message. inflateInit does not perform any decompression apart from reading
-+ the zlib header if present: this will be done by inflate(). (So next_in and
-+ avail_in may be modified, but next_out and avail_out are unchanged.)
-+*/
-+
-+
-+ZEXTERN int ZEXPORT inflate OF((z_streamp strm, int flush));
-+/*
-+ inflate decompresses as much data as possible, and stops when the input
-+ buffer becomes empty or the output buffer becomes full. It may some
-+ introduce some output latency (reading input without producing any output)
-+ except when forced to flush.
-+
-+ The detailed semantics are as follows. inflate performs one or both of the
-+ following actions:
-+
-+ - Decompress more input starting at next_in and update next_in and avail_in
-+ accordingly. If not all input can be processed (because there is not
-+ enough room in the output buffer), next_in is updated and processing
-+ will resume at this point for the next call of inflate().
-+
-+ - Provide more output starting at next_out and update next_out and avail_out
-+ accordingly. inflate() provides as much output as possible, until there
-+ is no more input data or no more space in the output buffer (see below
-+ about the flush parameter).
-+
-+ Before the call of inflate(), the application should ensure that at least
-+ one of the actions is possible, by providing more input and/or consuming
-+ more output, and updating the next_* and avail_* values accordingly.
-+ The application can consume the uncompressed output when it wants, for
-+ example when the output buffer is full (avail_out == 0), or after each
-+ call of inflate(). If inflate returns Z_OK and with zero avail_out, it
-+ must be called again after making room in the output buffer because there
-+ might be more output pending.
-+
-+ If the parameter flush is set to Z_SYNC_FLUSH, inflate flushes as much
-+ output as possible to the output buffer. The flushing behavior of inflate is
-+ not specified for values of the flush parameter other than Z_SYNC_FLUSH
-+ and Z_FINISH, but the current implementation actually flushes as much output
-+ as possible anyway.
-+
-+ inflate() should normally be called until it returns Z_STREAM_END or an
-+ error. However if all decompression is to be performed in a single step
-+ (a single call of inflate), the parameter flush should be set to
-+ Z_FINISH. In this case all pending input is processed and all pending
-+ output is flushed; avail_out must be large enough to hold all the
-+ uncompressed data. (The size of the uncompressed data may have been saved
-+ by the compressor for this purpose.) The next operation on this stream must
-+ be inflateEnd to deallocate the decompression state. The use of Z_FINISH
-+ is never required, but can be used to inform inflate that a faster routine
-+ may be used for the single inflate() call.
-+
-+ If a preset dictionary is needed at this point (see inflateSetDictionary
-+ below), inflate sets strm-adler to the adler32 checksum of the
-+ dictionary chosen by the compressor and returns Z_NEED_DICT; otherwise
-+ it sets strm->adler to the adler32 checksum of all output produced
-+ so far (that is, total_out bytes) and returns Z_OK, Z_STREAM_END or
-+ an error code as described below. At the end of the stream, inflate()
-+ checks that its computed adler32 checksum is equal to that saved by the
-+ compressor and returns Z_STREAM_END only if the checksum is correct.
-+
-+ inflate() returns Z_OK if some progress has been made (more input processed
-+ or more output produced), Z_STREAM_END if the end of the compressed data has
-+ been reached and all uncompressed output has been produced, Z_NEED_DICT if a
-+ preset dictionary is needed at this point, Z_DATA_ERROR if the input data was
-+ corrupted (input stream not conforming to the zlib format or incorrect
-+ adler32 checksum), Z_STREAM_ERROR if the stream structure was inconsistent
-+ (for example if next_in or next_out was NULL), Z_MEM_ERROR if there was not
-+ enough memory, Z_BUF_ERROR if no progress is possible or if there was not
-+ enough room in the output buffer when Z_FINISH is used. In the Z_DATA_ERROR
-+ case, the application may then call inflateSync to look for a good
-+ compression block.
-+*/
-+
-+
-+ZEXTERN int ZEXPORT inflateEnd OF((z_streamp strm));
-+/*
-+ All dynamically allocated data structures for this stream are freed.
-+ This function discards any unprocessed input and does not flush any
-+ pending output.
-+
-+ inflateEnd returns Z_OK if success, Z_STREAM_ERROR if the stream state
-+ was inconsistent. In the error case, msg may be set but then points to a
-+ static string (which must not be deallocated).
-+*/
-+
-+ /* Advanced functions */
-+
-+/*
-+ The following functions are needed only in some special applications.
-+*/
-+
-+/*
-+ZEXTERN int ZEXPORT deflateInit2 OF((z_streamp strm,
-+ int level,
-+ int method,
-+ int windowBits,
-+ int memLevel,
-+ int strategy));
-+
-+ This is another version of deflateInit with more compression options. The
-+ fields next_in, zalloc, zfree and opaque must be initialized before by
-+ the caller.
-+
-+ The method parameter is the compression method. It must be Z_DEFLATED in
-+ this version of the library.
-+
-+ The windowBits parameter is the base two logarithm of the window size
-+ (the size of the history buffer). It should be in the range 8..15 for this
-+ version of the library. Larger values of this parameter result in better
-+ compression at the expense of memory usage. The default value is 15 if
-+ deflateInit is used instead.
-+
-+ The memLevel parameter specifies how much memory should be allocated
-+ for the internal compression state. memLevel=1 uses minimum memory but
-+ is slow and reduces compression ratio; memLevel=9 uses maximum memory
-+ for optimal speed. The default value is 8. See zconf.h for total memory
-+ usage as a function of windowBits and memLevel.
-+
-+ The strategy parameter is used to tune the compression algorithm. Use the
-+ value Z_DEFAULT_STRATEGY for normal data, Z_FILTERED for data produced by a
-+ filter (or predictor), or Z_HUFFMAN_ONLY to force Huffman encoding only (no
-+ string match). Filtered data consists mostly of small values with a
-+ somewhat random distribution. In this case, the compression algorithm is
-+ tuned to compress them better. The effect of Z_FILTERED is to force more
-+ Huffman coding and less string matching; it is somewhat intermediate
-+ between Z_DEFAULT and Z_HUFFMAN_ONLY. The strategy parameter only affects
-+ the compression ratio but not the correctness of the compressed output even
-+ if it is not set appropriately.
-+
-+ deflateInit2 returns Z_OK if success, Z_MEM_ERROR if there was not enough
-+ memory, Z_STREAM_ERROR if a parameter is invalid (such as an invalid
-+ method). msg is set to null if there is no error message. deflateInit2 does
-+ not perform any compression: this will be done by deflate().
-+*/
-+
-+ZEXTERN int ZEXPORT deflateSetDictionary OF((z_streamp strm,
-+ const Bytef *dictionary,
-+ uInt dictLength));
-+/*
-+ Initializes the compression dictionary from the given byte sequence
-+ without producing any compressed output. This function must be called
-+ immediately after deflateInit, deflateInit2 or deflateReset, before any
-+ call of deflate. The compressor and decompressor must use exactly the same
-+ dictionary (see inflateSetDictionary).
-+
-+ The dictionary should consist of strings (byte sequences) that are likely
-+ to be encountered later in the data to be compressed, with the most commonly
-+ used strings preferably put towards the end of the dictionary. Using a
-+ dictionary is most useful when the data to be compressed is short and can be
-+ predicted with good accuracy; the data can then be compressed better than
-+ with the default empty dictionary.
-+
-+ Depending on the size of the compression data structures selected by
-+ deflateInit or deflateInit2, a part of the dictionary may in effect be
-+ discarded, for example if the dictionary is larger than the window size in
-+ deflate or deflate2. Thus the strings most likely to be useful should be
-+ put at the end of the dictionary, not at the front.
-+
-+ Upon return of this function, strm->adler is set to the Adler32 value
-+ of the dictionary; the decompressor may later use this value to determine
-+ which dictionary has been used by the compressor. (The Adler32 value
-+ applies to the whole dictionary even if only a subset of the dictionary is
-+ actually used by the compressor.)
-+
-+ deflateSetDictionary returns Z_OK if success, or Z_STREAM_ERROR if a
-+ parameter is invalid (such as NULL dictionary) or the stream state is
-+ inconsistent (for example if deflate has already been called for this stream
-+ or if the compression method is bsort). deflateSetDictionary does not
-+ perform any compression: this will be done by deflate().
-+*/
-+
-+ZEXTERN int ZEXPORT deflateCopy OF((z_streamp dest,
-+ z_streamp source));
-+/*
-+ Sets the destination stream as a complete copy of the source stream.
-+
-+ This function can be useful when several compression strategies will be
-+ tried, for example when there are several ways of pre-processing the input
-+ data with a filter. The streams that will be discarded should then be freed
-+ by calling deflateEnd. Note that deflateCopy duplicates the internal
-+ compression state which can be quite large, so this strategy is slow and
-+ can consume lots of memory.
-+
-+ deflateCopy returns Z_OK if success, Z_MEM_ERROR if there was not
-+ enough memory, Z_STREAM_ERROR if the source stream state was inconsistent
-+ (such as zalloc being NULL). msg is left unchanged in both source and
-+ destination.
-+*/
-+
-+ZEXTERN int ZEXPORT deflateReset OF((z_streamp strm));
-+/*
-+ This function is equivalent to deflateEnd followed by deflateInit,
-+ but does not free and reallocate all the internal compression state.
-+ The stream will keep the same compression level and any other attributes
-+ that may have been set by deflateInit2.
-+
-+ deflateReset returns Z_OK if success, or Z_STREAM_ERROR if the source
-+ stream state was inconsistent (such as zalloc or state being NULL).
-+*/
-+
-+ZEXTERN int ZEXPORT deflateParams OF((z_streamp strm,
-+ int level,
-+ int strategy));
-+/*
-+ Dynamically update the compression level and compression strategy. The
-+ interpretation of level and strategy is as in deflateInit2. This can be
-+ used to switch between compression and straight copy of the input data, or
-+ to switch to a different kind of input data requiring a different
-+ strategy. If the compression level is changed, the input available so far
-+ is compressed with the old level (and may be flushed); the new level will
-+ take effect only at the next call of deflate().
-+
-+ Before the call of deflateParams, the stream state must be set as for
-+ a call of deflate(), since the currently available input may have to
-+ be compressed and flushed. In particular, strm->avail_out must be non-zero.
-+
-+ deflateParams returns Z_OK if success, Z_STREAM_ERROR if the source
-+ stream state was inconsistent or if a parameter was invalid, Z_BUF_ERROR
-+ if strm->avail_out was zero.
-+*/
-+
-+/*
-+ZEXTERN int ZEXPORT inflateInit2 OF((z_streamp strm,
-+ int windowBits));
-+
-+ This is another version of inflateInit with an extra parameter. The
-+ fields next_in, avail_in, zalloc, zfree and opaque must be initialized
-+ before by the caller.
-+
-+ The windowBits parameter is the base two logarithm of the maximum window
-+ size (the size of the history buffer). It should be in the range 8..15 for
-+ this version of the library. The default value is 15 if inflateInit is used
-+ instead. If a compressed stream with a larger window size is given as
-+ input, inflate() will return with the error code Z_DATA_ERROR instead of
-+ trying to allocate a larger window.
-+
-+ inflateInit2 returns Z_OK if success, Z_MEM_ERROR if there was not enough
-+ memory, Z_STREAM_ERROR if a parameter is invalid (such as a negative
-+ memLevel). msg is set to null if there is no error message. inflateInit2
-+ does not perform any decompression apart from reading the zlib header if
-+ present: this will be done by inflate(). (So next_in and avail_in may be
-+ modified, but next_out and avail_out are unchanged.)
-+*/
-+
-+ZEXTERN int ZEXPORT inflateSetDictionary OF((z_streamp strm,
-+ const Bytef *dictionary,
-+ uInt dictLength));
-+/*
-+ Initializes the decompression dictionary from the given uncompressed byte
-+ sequence. This function must be called immediately after a call of inflate
-+ if this call returned Z_NEED_DICT. The dictionary chosen by the compressor
-+ can be determined from the Adler32 value returned by this call of
-+ inflate. The compressor and decompressor must use exactly the same
-+ dictionary (see deflateSetDictionary).
-+
-+ inflateSetDictionary returns Z_OK if success, Z_STREAM_ERROR if a
-+ parameter is invalid (such as NULL dictionary) or the stream state is
-+ inconsistent, Z_DATA_ERROR if the given dictionary doesn't match the
-+ expected one (incorrect Adler32 value). inflateSetDictionary does not
-+ perform any decompression: this will be done by subsequent calls of
-+ inflate().
-+*/
-+
-+ZEXTERN int ZEXPORT inflateSync OF((z_streamp strm));
-+/*
-+ Skips invalid compressed data until a full flush point (see above the
-+ description of deflate with Z_FULL_FLUSH) can be found, or until all
-+ available input is skipped. No output is provided.
-+
-+ inflateSync returns Z_OK if a full flush point has been found, Z_BUF_ERROR
-+ if no more input was provided, Z_DATA_ERROR if no flush point has been found,
-+ or Z_STREAM_ERROR if the stream structure was inconsistent. In the success
-+ case, the application may save the current current value of total_in which
-+ indicates where valid compressed data was found. In the error case, the
-+ application may repeatedly call inflateSync, providing more input each time,
-+ until success or end of the input data.
-+*/
-+
-+ZEXTERN int ZEXPORT inflateReset OF((z_streamp strm));
-+/*
-+ This function is equivalent to inflateEnd followed by inflateInit,
-+ but does not free and reallocate all the internal decompression state.
-+ The stream will keep attributes that may have been set by inflateInit2.
-+
-+ inflateReset returns Z_OK if success, or Z_STREAM_ERROR if the source
-+ stream state was inconsistent (such as zalloc or state being NULL).
-+*/
-+
-+
-+ /* utility functions */
-+
-+/*
-+ The following utility functions are implemented on top of the
-+ basic stream-oriented functions. To simplify the interface, some
-+ default options are assumed (compression level and memory usage,
-+ standard memory allocation functions). The source code of these
-+ utility functions can easily be modified if you need special options.
-+*/
-+
-+ZEXTERN int ZEXPORT compress OF((Bytef *dest, uLongf *destLen,
-+ const Bytef *source, uLong sourceLen));
-+/*
-+ Compresses the source buffer into the destination buffer. sourceLen is
-+ the byte length of the source buffer. Upon entry, destLen is the total
-+ size of the destination buffer, which must be at least 0.1% larger than
-+ sourceLen plus 12 bytes. Upon exit, destLen is the actual size of the
-+ compressed buffer.
-+ This function can be used to compress a whole file at once if the
-+ input file is mmap'ed.
-+ compress returns Z_OK if success, Z_MEM_ERROR if there was not
-+ enough memory, Z_BUF_ERROR if there was not enough room in the output
-+ buffer.
-+*/
-+
-+ZEXTERN int ZEXPORT compress2 OF((Bytef *dest, uLongf *destLen,
-+ const Bytef *source, uLong sourceLen,
-+ int level));
-+/*
-+ Compresses the source buffer into the destination buffer. The level
-+ parameter has the same meaning as in deflateInit. sourceLen is the byte
-+ length of the source buffer. Upon entry, destLen is the total size of the
-+ destination buffer, which must be at least 0.1% larger than sourceLen plus
-+ 12 bytes. Upon exit, destLen is the actual size of the compressed buffer.
-+
-+ compress2 returns Z_OK if success, Z_MEM_ERROR if there was not enough
-+ memory, Z_BUF_ERROR if there was not enough room in the output buffer,
-+ Z_STREAM_ERROR if the level parameter is invalid.
-+*/
-+
-+ZEXTERN int ZEXPORT uncompress OF((Bytef *dest, uLongf *destLen,
-+ const Bytef *source, uLong sourceLen));
-+/*
-+ Decompresses the source buffer into the destination buffer. sourceLen is
-+ the byte length of the source buffer. Upon entry, destLen is the total
-+ size of the destination buffer, which must be large enough to hold the
-+ entire uncompressed data. (The size of the uncompressed data must have
-+ been saved previously by the compressor and transmitted to the decompressor
-+ by some mechanism outside the scope of this compression library.)
-+ Upon exit, destLen is the actual size of the compressed buffer.
-+ This function can be used to decompress a whole file at once if the
-+ input file is mmap'ed.
-+
-+ uncompress returns Z_OK if success, Z_MEM_ERROR if there was not
-+ enough memory, Z_BUF_ERROR if there was not enough room in the output
-+ buffer, or Z_DATA_ERROR if the input data was corrupted.
-+*/
-+
-+
-+typedef voidp gzFile;
-+
-+ZEXTERN gzFile ZEXPORT gzopen OF((const char *path, const char *mode));
-+/*
-+ Opens a gzip (.gz) file for reading or writing. The mode parameter
-+ is as in fopen ("rb" or "wb") but can also include a compression level
-+ ("wb9") or a strategy: 'f' for filtered data as in "wb6f", 'h' for
-+ Huffman only compression as in "wb1h". (See the description
-+ of deflateInit2 for more information about the strategy parameter.)
-+
-+ gzopen can be used to read a file which is not in gzip format; in this
-+ case gzread will directly read from the file without decompression.
-+
-+ gzopen returns NULL if the file could not be opened or if there was
-+ insufficient memory to allocate the (de)compression state; errno
-+ can be checked to distinguish the two cases (if errno is zero, the
-+ zlib error is Z_MEM_ERROR). */
-+
-+ZEXTERN gzFile ZEXPORT gzdopen OF((int fd, const char *mode));
-+/*
-+ gzdopen() associates a gzFile with the file descriptor fd. File
-+ descriptors are obtained from calls like open, dup, creat, pipe or
-+ fileno (in the file has been previously opened with fopen).
-+ The mode parameter is as in gzopen.
-+ The next call of gzclose on the returned gzFile will also close the
-+ file descriptor fd, just like fclose(fdopen(fd), mode) closes the file
-+ descriptor fd. If you want to keep fd open, use gzdopen(dup(fd), mode).
-+ gzdopen returns NULL if there was insufficient memory to allocate
-+ the (de)compression state.
-+*/
-+
-+ZEXTERN int ZEXPORT gzsetparams OF((gzFile file, int level, int strategy));
-+/*
-+ Dynamically update the compression level or strategy. See the description
-+ of deflateInit2 for the meaning of these parameters.
-+ gzsetparams returns Z_OK if success, or Z_STREAM_ERROR if the file was not
-+ opened for writing.
-+*/
-+
-+ZEXTERN int ZEXPORT gzread OF((gzFile file, voidp buf, unsigned len));
-+/*
-+ Reads the given number of uncompressed bytes from the compressed file.
-+ If the input file was not in gzip format, gzread copies the given number
-+ of bytes into the buffer.
-+ gzread returns the number of uncompressed bytes actually read (0 for
-+ end of file, -1 for error). */
-+
-+ZEXTERN int ZEXPORT gzwrite OF((gzFile file,
-+ const voidp buf, unsigned len));
-+/*
-+ Writes the given number of uncompressed bytes into the compressed file.
-+ gzwrite returns the number of uncompressed bytes actually written
-+ (0 in case of error).
-+*/
-+
-+ZEXTERN int ZEXPORTVA gzprintf OF((gzFile file, const char *format, ...));
-+/*
-+ Converts, formats, and writes the args to the compressed file under
-+ control of the format string, as in fprintf. gzprintf returns the number of
-+ uncompressed bytes actually written (0 in case of error).
-+*/
-+
-+ZEXTERN int ZEXPORT gzputs OF((gzFile file, const char *s));
-+/*
-+ Writes the given null-terminated string to the compressed file, excluding
-+ the terminating null character.
-+ gzputs returns the number of characters written, or -1 in case of error.
-+*/
-+
-+ZEXTERN char * ZEXPORT gzgets OF((gzFile file, char *buf, int len));
-+/*
-+ Reads bytes from the compressed file until len-1 characters are read, or
-+ a newline character is read and transferred to buf, or an end-of-file
-+ condition is encountered. The string is then terminated with a null
-+ character.
-+ gzgets returns buf, or Z_NULL in case of error.
-+*/
-+
-+ZEXTERN int ZEXPORT gzputc OF((gzFile file, int c));
-+/*
-+ Writes c, converted to an unsigned char, into the compressed file.
-+ gzputc returns the value that was written, or -1 in case of error.
-+*/
-+
-+ZEXTERN int ZEXPORT gzgetc OF((gzFile file));
-+/*
-+ Reads one byte from the compressed file. gzgetc returns this byte
-+ or -1 in case of end of file or error.
-+*/
-+
-+ZEXTERN int ZEXPORT gzflush OF((gzFile file, int flush));
-+/*
-+ Flushes all pending output into the compressed file. The parameter
-+ flush is as in the deflate() function. The return value is the zlib
-+ error number (see function gzerror below). gzflush returns Z_OK if
-+ the flush parameter is Z_FINISH and all output could be flushed.
-+ gzflush should be called only when strictly necessary because it can
-+ degrade compression.
-+*/
-+
-+ZEXTERN z_off_t ZEXPORT gzseek OF((gzFile file,
-+ z_off_t offset, int whence));
-+/*
-+ Sets the starting position for the next gzread or gzwrite on the
-+ given compressed file. The offset represents a number of bytes in the
-+ uncompressed data stream. The whence parameter is defined as in lseek(2);
-+ the value SEEK_END is not supported.
-+ If the file is opened for reading, this function is emulated but can be
-+ extremely slow. If the file is opened for writing, only forward seeks are
-+ supported; gzseek then compresses a sequence of zeroes up to the new
-+ starting position.
-+
-+ gzseek returns the resulting offset location as measured in bytes from
-+ the beginning of the uncompressed stream, or -1 in case of error, in
-+ particular if the file is opened for writing and the new starting position
-+ would be before the current position.
-+*/
-+
-+ZEXTERN int ZEXPORT gzrewind OF((gzFile file));
-+/*
-+ Rewinds the given file. This function is supported only for reading.
-+
-+ gzrewind(file) is equivalent to (int)gzseek(file, 0L, SEEK_SET)
-+*/
-+
-+ZEXTERN z_off_t ZEXPORT gztell OF((gzFile file));
-+/*
-+ Returns the starting position for the next gzread or gzwrite on the
-+ given compressed file. This position represents a number of bytes in the
-+ uncompressed data stream.
-+
-+ gztell(file) is equivalent to gzseek(file, 0L, SEEK_CUR)
-+*/
-+
-+ZEXTERN int ZEXPORT gzeof OF((gzFile file));
-+/*
-+ Returns 1 when EOF has previously been detected reading the given
-+ input stream, otherwise zero.
-+*/
-+
-+ZEXTERN int ZEXPORT gzclose OF((gzFile file));
-+/*
-+ Flushes all pending output if necessary, closes the compressed file
-+ and deallocates all the (de)compression state. The return value is the zlib
-+ error number (see function gzerror below).
-+*/
-+
-+ZEXTERN const char * ZEXPORT gzerror OF((gzFile file, int *errnum));
-+/*
-+ Returns the error message for the last error which occurred on the
-+ given compressed file. errnum is set to zlib error number. If an
-+ error occurred in the file system and not in the compression library,
-+ errnum is set to Z_ERRNO and the application may consult errno
-+ to get the exact error code.
-+*/
-+
-+ /* checksum functions */
-+
-+/*
-+ These functions are not related to compression but are exported
-+ anyway because they might be useful in applications using the
-+ compression library.
-+*/
-+
-+ZEXTERN uLong ZEXPORT adler32 OF((uLong adler, const Bytef *buf, uInt len));
-+
-+/*
-+ Update a running Adler-32 checksum with the bytes buf[0..len-1] and
-+ return the updated checksum. If buf is NULL, this function returns
-+ the required initial value for the checksum.
-+ An Adler-32 checksum is almost as reliable as a CRC32 but can be computed
-+ much faster. Usage example:
-+
-+ uLong adler = adler32(0L, Z_NULL, 0);
-+
-+ while (read_buffer(buffer, length) != EOF) {
-+ adler = adler32(adler, buffer, length);
-+ }
-+ if (adler != original_adler) error();
-+*/
-+
-+ZEXTERN uLong ZEXPORT crc32 OF((uLong crc, const Bytef *buf, uInt len));
-+/*
-+ Update a running crc with the bytes buf[0..len-1] and return the updated
-+ crc. If buf is NULL, this function returns the required initial value
-+ for the crc. Pre- and post-conditioning (one's complement) is performed
-+ within this function so it shouldn't be done by the application.
-+ Usage example:
-+
-+ uLong crc = crc32(0L, Z_NULL, 0);
-+
-+ while (read_buffer(buffer, length) != EOF) {
-+ crc = crc32(crc, buffer, length);
-+ }
-+ if (crc != original_crc) error();
-+*/
-+
-+
-+ /* various hacks, don't look :) */
-+
-+/* deflateInit and inflateInit are macros to allow checking the zlib version
-+ * and the compiler's view of z_stream:
-+ */
-+ZEXTERN int ZEXPORT deflateInit_ OF((z_streamp strm, int level,
-+ const char *version, int stream_size));
-+ZEXTERN int ZEXPORT inflateInit_ OF((z_streamp strm,
-+ const char *version, int stream_size));
-+ZEXTERN int ZEXPORT deflateInit2_ OF((z_streamp strm, int level, int method,
-+ int windowBits, int memLevel,
-+ int strategy, const char *version,
-+ int stream_size));
-+ZEXTERN int ZEXPORT inflateInit2_ OF((z_streamp strm, int windowBits,
-+ const char *version, int stream_size));
-+#define deflateInit(strm, level) \
-+ deflateInit_((strm), (level), ZLIB_VERSION, sizeof(z_stream))
-+#define inflateInit(strm) \
-+ inflateInit_((strm), ZLIB_VERSION, sizeof(z_stream))
-+#define deflateInit2(strm, level, method, windowBits, memLevel, strategy) \
-+ deflateInit2_((strm),(level),(method),(windowBits),(memLevel),\
-+ (strategy), ZLIB_VERSION, sizeof(z_stream))
-+#define inflateInit2(strm, windowBits) \
-+ inflateInit2_((strm), (windowBits), ZLIB_VERSION, sizeof(z_stream))
-+
-+
-+#if !defined(_Z_UTIL_H) && !defined(NO_DUMMY_DECL)
-+ struct internal_state {int dummy;}; /* hack for buggy compilers */
-+#endif
-+
-+ZEXTERN const char * ZEXPORT zError OF((int err));
-+ZEXTERN int ZEXPORT inflateSyncPoint OF((z_streamp z));
-+ZEXTERN const uLongf * ZEXPORT get_crc_table OF((void));
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+
-+#endif /* _ZLIB_H */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/include/zlib/zutil.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,225 @@
-+/* zutil.h -- internal interface and configuration of the compression library
-+ * Copyright (C) 1995-2002 Jean-loup Gailly.
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+/* WARNING: this file should *not* be used by applications. It is
-+ part of the implementation of the compression library and is
-+ subject to change. Applications should only use zlib.h.
-+ */
-+
-+/* @(#) $Id: zutil.h,v 1.4 2002/04/24 07:36:48 mcr Exp $ */
-+
-+#ifndef _Z_UTIL_H
-+#define _Z_UTIL_H
-+
-+#include "zlib.h"
-+
-+#include <linux/string.h>
-+#define HAVE_MEMCPY
-+
-+#if 0 // #ifdef STDC
-+# include <stddef.h>
-+# include <string.h>
-+# include <stdlib.h>
-+#endif
-+#ifndef __KERNEL__
-+#ifdef NO_ERRNO_H
-+ extern int errno;
-+#else
-+# include <errno.h>
-+#endif
-+#endif
-+
-+#ifndef local
-+# define local static
-+#endif
-+/* compile with -Dlocal if your debugger can't find static symbols */
-+
-+typedef unsigned char uch;
-+typedef uch FAR uchf;
-+typedef unsigned short ush;
-+typedef ush FAR ushf;
-+typedef unsigned long ulg;
-+
-+extern const char *z_errmsg[10]; /* indexed by 2-zlib_error */
-+/* (size given to avoid silly warnings with Visual C++) */
-+
-+#define ERR_MSG(err) z_errmsg[Z_NEED_DICT-(err)]
-+
-+#define ERR_RETURN(strm,err) \
-+ return (strm->msg = ERR_MSG(err), (err))
-+/* To be used only when the state is known to be valid */
-+
-+ /* common constants */
-+
-+#ifndef DEF_WBITS
-+# define DEF_WBITS MAX_WBITS
-+#endif
-+/* default windowBits for decompression. MAX_WBITS is for compression only */
-+
-+#if MAX_MEM_LEVEL >= 8
-+# define DEF_MEM_LEVEL 8
-+#else
-+# define DEF_MEM_LEVEL MAX_MEM_LEVEL
-+#endif
-+/* default memLevel */
-+
-+#define STORED_BLOCK 0
-+#define STATIC_TREES 1
-+#define DYN_TREES 2
-+/* The three kinds of block type */
-+
-+#define MIN_MATCH 3
-+#define MAX_MATCH 258
-+/* The minimum and maximum match lengths */
-+
-+#define PRESET_DICT 0x20 /* preset dictionary flag in zlib header */
-+
-+ /* target dependencies */
-+
-+#ifdef MSDOS
-+# define OS_CODE 0x00
-+# if defined(__TURBOC__) || defined(__BORLANDC__)
-+# if(__STDC__ == 1) && (defined(__LARGE__) || defined(__COMPACT__))
-+ /* Allow compilation with ANSI keywords only enabled */
-+ void _Cdecl farfree( void *block );
-+ void *_Cdecl farmalloc( unsigned long nbytes );
-+# else
-+# include <alloc.h>
-+# endif
-+# else /* MSC or DJGPP */
-+# include <malloc.h>
-+# endif
-+#endif
-+
-+#ifdef OS2
-+# define OS_CODE 0x06
-+#endif
-+
-+#ifdef WIN32 /* Window 95 & Windows NT */
-+# define OS_CODE 0x0b
-+#endif
-+
-+#if defined(VAXC) || defined(VMS)
-+# define OS_CODE 0x02
-+# define F_OPEN(name, mode) \
-+ fopen((name), (mode), "mbc=60", "ctx=stm", "rfm=fix", "mrs=512")
-+#endif
-+
-+#ifdef AMIGA
-+# define OS_CODE 0x01
-+#endif
-+
-+#if defined(ATARI) || defined(atarist)
-+# define OS_CODE 0x05
-+#endif
-+
-+#if defined(MACOS) || defined(TARGET_OS_MAC)
-+# define OS_CODE 0x07
-+# if defined(__MWERKS__) && __dest_os != __be_os && __dest_os != __win32_os
-+# include <unix.h> /* for fdopen */
-+# else
-+# ifndef fdopen
-+# define fdopen(fd,mode) NULL /* No fdopen() */
-+# endif
-+# endif
-+#endif
-+
-+#ifdef __50SERIES /* Prime/PRIMOS */
-+# define OS_CODE 0x0F
-+#endif
-+
-+#ifdef TOPS20
-+# define OS_CODE 0x0a
-+#endif
-+
-+#if defined(_BEOS_) || defined(RISCOS)
-+# define fdopen(fd,mode) NULL /* No fdopen() */
-+#endif
-+
-+#if (defined(_MSC_VER) && (_MSC_VER > 600))
-+# define fdopen(fd,type) _fdopen(fd,type)
-+#endif
-+
-+
-+ /* Common defaults */
-+
-+#ifndef OS_CODE
-+# define OS_CODE 0x03 /* assume Unix */
-+#endif
-+
-+#ifndef F_OPEN
-+# define F_OPEN(name, mode) fopen((name), (mode))
-+#endif
-+
-+ /* functions */
-+
-+#ifdef HAVE_STRERROR
-+ extern char *strerror OF((int));
-+# define zstrerror(errnum) strerror(errnum)
-+#else
-+# define zstrerror(errnum) ""
-+#endif
-+
-+#if defined(pyr)
-+# define NO_MEMCPY
-+#endif
-+#if defined(SMALL_MEDIUM) && !defined(_MSC_VER) && !defined(__SC__)
-+ /* Use our own functions for small and medium model with MSC <= 5.0.
-+ * You may have to use the same strategy for Borland C (untested).
-+ * The __SC__ check is for Symantec.
-+ */
-+# define NO_MEMCPY
-+#endif
-+#if defined(STDC) && !defined(HAVE_MEMCPY) && !defined(NO_MEMCPY)
-+# define HAVE_MEMCPY
-+#endif
-+#ifdef HAVE_MEMCPY
-+# ifdef SMALL_MEDIUM /* MSDOS small or medium model */
-+# define zmemcpy _fmemcpy
-+# define zmemcmp _fmemcmp
-+# define zmemzero(dest, len) _fmemset(dest, 0, len)
-+# else
-+# define zmemcpy memcpy
-+# define zmemcmp memcmp
-+# define zmemzero(dest, len) memset(dest, 0, len)
-+# endif
-+#else
-+ extern void zmemcpy OF((Bytef* dest, const Bytef* source, uInt len));
-+ extern int zmemcmp OF((const Bytef* s1, const Bytef* s2, uInt len));
-+ extern void zmemzero OF((Bytef* dest, uInt len));
-+#endif
-+
-+/* Diagnostic functions */
-+#ifdef DEBUG
-+# include <stdio.h>
-+ extern int z_verbose;
-+ extern void z_error OF((char *m));
-+# define Assert(cond,msg) {if(!(cond)) z_error(msg);}
-+# define Trace(x) {if (z_verbose>=0) fprintf x ;}
-+# define Tracev(x) {if (z_verbose>0) fprintf x ;}
-+# define Tracevv(x) {if (z_verbose>1) fprintf x ;}
-+# define Tracec(c,x) {if (z_verbose>0 && (c)) fprintf x ;}
-+# define Tracecv(c,x) {if (z_verbose>1 && (c)) fprintf x ;}
-+#else
-+# define Assert(cond,msg)
-+# define Trace(x)
-+# define Tracev(x)
-+# define Tracevv(x)
-+# define Tracec(c,x)
-+# define Tracecv(c,x)
-+#endif
-+
-+
-+typedef uLong (ZEXPORT *check_func) OF((uLong check, const Bytef *buf,
-+ uInt len));
-+voidpf zcalloc OF((voidpf opaque, unsigned items, unsigned size));
-+void zcfree OF((voidpf opaque, voidpf ptr));
-+
-+#define ZALLOC(strm, items, size) \
-+ (*((strm)->zalloc))((strm)->opaque, (items), (size))
-+#define ZFREE(strm, addr) (*((strm)->zfree))((strm)->opaque, (voidpf)(addr))
-+#define TRY_FREE(s, p) {if (p) ZFREE(s, p);}
-+
-+#endif /* _Z_UTIL_H */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/lib/libfreeswan/Makefile.objs Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,21 @@
-+obj-y += satot.o
-+obj-y += addrtot.o
-+obj-y += ultot.o
-+obj-y += addrtypeof.o
-+obj-y += anyaddr.o
-+obj-y += initaddr.o
-+obj-y += ultoa.o
-+obj-y += addrtoa.o
-+obj-y += subnettoa.o
-+obj-y += subnetof.o
-+obj-y += goodmask.o
-+obj-y += datatot.o
-+obj-y += rangetoa.o
-+obj-y += prng.o
-+obj-y += pfkey_v2_parse.o
-+obj-y += pfkey_v2_build.o
-+obj-y += pfkey_v2_debug.o
-+obj-y += pfkey_v2_ext_bits.o
-+
-+#version.c: ${LIBFREESWANDIR}/version.in.c ${OPENSWANSRCDIR}/Makefile.ver
-+# sed '/"/s/xxx/$(IPSECVERSION)/' ${LIBFREESWANDIR}/version.in.c >$@
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/lib/zlib/Makefile Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,118 @@
-+# (kernel) Makefile for IPCOMP zlib deflate code
-+# Copyright (C) 1998, 1999, 2000, 2001 Richard Guy Briggs.
-+# Copyright (C) 2000 Svenning Soerensen
-+#
-+# This program is free software; you can redistribute it and/or modify it
-+# under the terms of the GNU General Public License as published by the
-+# Free Software Foundation; either version 2 of the License, or (at your
-+# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+#
-+# This program is distributed in the hope that it will be useful, but
-+# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+# for more details.
-+#
-+# RCSID $Id: Makefile,v 1.9 2002/04/24 07:55:32 mcr Exp $
-+#
-+
-+
-+
-+include ../Makefile.inc
-+
-+
-+
-+ifndef TOPDIR
-+TOPDIR := /usr/src/linux
-+endif
-+
-+
-+L_TARGET := zlib.a
-+
-+obj-y :=
-+
-+include Makefile.objs
-+
-+EXTRA_CFLAGS += $(KLIPSCOMPILE)
-+
-+EXTRA_CFLAGS += -Wall
-+#EXTRA_CFLAGS += -Wconversion
-+#EXTRA_CFLAGS += -Wmissing-prototypes
-+EXTRA_CFLAGS += -Wpointer-arith
-+#EXTRA_CFLAGS += -Wcast-qual
-+#EXTRA_CFLAGS += -Wmissing-declarations
-+EXTRA_CFLAGS += -Wstrict-prototypes
-+#EXTRA_CFLAGS += -pedantic
-+#EXTRA_CFLAGS += -W
-+#EXTRA_CFLAGS += -Wwrite-strings
-+EXTRA_CFLAGS += -Wbad-function-cast
-+EXTRA_CFLAGS += -DIPCOMP_PREFIX
-+
-+.S.o:
-+ $(CC) -D__ASSEMBLY__ -DNO_UNDERLINE -traditional -c $< -o $*.o
-+
-+asm-obj-$(CONFIG_M586) += match586.o
-+asm-obj-$(CONFIG_M586TSC) += match586.o
-+asm-obj-$(CONFIG_M586MMX) += match586.o
-+asm-obj-$(CONFIG_M686) += match686.o
-+asm-obj-$(CONFIG_MPENTIUMIII) += match686.o
-+asm-obj-$(CONFIG_MPENTIUM4) += match686.o
-+asm-obj-$(CONFIG_MK6) += match586.o
-+asm-obj-$(CONFIG_MK7) += match686.o
-+asm-obj-$(CONFIG_MCRUSOE) += match586.o
-+asm-obj-$(CONFIG_MWINCHIPC6) += match586.o
-+asm-obj-$(CONFIG_MWINCHIP2) += match686.o
-+asm-obj-$(CONFIG_MWINCHIP3D) += match686.o
-+
-+obj-y += $(asm-obj-y)
-+ifneq ($(strip $(asm-obj-y)),)
-+ EXTRA_CFLAGS += -DASMV
-+endif
-+
-+active-objs := $(sort $(obj-y) $(obj-m))
-+L_OBJS := $(obj-y)
-+M_OBJS := $(obj-m)
-+MIX_OBJS := $(filter $(export-objs), $(active-objs))
-+
-+include $(TOPDIR)/Rules.make
-+
-+$(obj-y) : $(TOPDIR)/include/linux/config.h $(TOPDIR)/include/linux/autoconf.h
-+
-+
-+clean:
-+ -rm -f *.o *.a
-+
-+checkprograms:
-+programs: $(L_TARGET)
-+
-+#
-+# $Log: Makefile,v $
-+# Revision 1.9 2002/04/24 07:55:32 mcr
-+# #include patches and Makefiles for post-reorg compilation.
-+#
-+# Revision 1.8 2002/04/24 07:36:44 mcr
-+# Moved from ./zlib/Makefile,v
-+#
-+# Revision 1.7 2002/03/27 23:34:35 mcr
-+# added programs: target
-+#
-+# Revision 1.6 2001/12/05 20:19:08 henry
-+# use new compile-control variable
-+#
-+# Revision 1.5 2001/11/27 16:38:08 mcr
-+# added new "checkprograms" target to deal with programs that
-+# are required for "make check", but that may not be ready to
-+# build for every user due to external dependancies.
-+#
-+# Revision 1.4 2001/10/24 14:46:24 henry
-+# Makefile.inc
-+#
-+# Revision 1.3 2001/04/21 23:05:24 rgb
-+# Update asm directives for 2.4 style makefiles.
-+#
-+# Revision 1.2 2001/01/29 22:22:00 rgb
-+# Convert to 2.4 new style with back compat.
-+#
-+# Revision 1.1.1.1 2000/09/29 18:51:33 rgb
-+# zlib_beginnings
-+#
-+#
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/lib/zlib/Makefile.objs Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,27 @@
-+obj-$(CONFIG_IPSEC_IPCOMP) += adler32.o
-+obj-$(CONFIG_IPSEC_IPCOMP) += deflate.o
-+obj-$(CONFIG_IPSEC_IPCOMP) += infblock.o
-+obj-$(CONFIG_IPSEC_IPCOMP) += infcodes.o
-+obj-$(CONFIG_IPSEC_IPCOMP) += inffast.o
-+obj-$(CONFIG_IPSEC_IPCOMP) += inflate.o
-+obj-$(CONFIG_IPSEC_IPCOMP) += inftrees.o
-+obj-$(CONFIG_IPSEC_IPCOMP) += infutil.o
-+obj-$(CONFIG_IPSEC_IPCOMP) += trees.o
-+obj-$(CONFIG_IPSEC_IPCOMP) += zutil.o
-+
-+asm-obj-$(CONFIG_M586) += ${LIBZLIBSRCDIR}/match586.o
-+asm-obj-$(CONFIG_M586TSC) += ${LIBZLIBSRCDIR}/match586.o
-+asm-obj-$(CONFIG_M586MMX) += ${LIBZLIBSRCDIR}/match586.o
-+asm-obj-$(CONFIG_M686) += ${LIBZLIBSRCDIR}/match686.o
-+asm-obj-$(CONFIG_MPENTIUMIII) += ${LIBZLIBSRCDIR}/match686.o
-+asm-obj-$(CONFIG_MPENTIUM4) += ${LIBZLIBSRCDIR}/match686.o
-+asm-obj-$(CONFIG_MK6) += ${LIBZLIBSRCDIR}/match586.o
-+asm-obj-$(CONFIG_MK7) += ${LIBZLIBSRCDIR}/match686.o
-+asm-obj-$(CONFIG_MCRUSOE) += ${LIBZLIBSRCDIR}/match586.o
-+asm-obj-$(CONFIG_MWINCHIPC6) += ${LIBZLIBSRCDIR}/match586.o
-+asm-obj-$(CONFIG_MWINCHIP2) += ${LIBZLIBSRCDIR}/match686.o
-+asm-obj-$(CONFIG_MWINCHIP3D) += ${LIBZLIBSRCDIR}/match686.o
-+
-+EXTRA_CFLAGS += -DIPCOMP_PREFIX
-+
-+
---- swan26/net/Kconfig.preipsec 2005-09-01 18:15:19.000000000 -0400
-+++ swan26/net/Kconfig 2005-09-03 16:51:17.000000000 -0400
-@@ -215,2 +215,6 @@
-
-+if INET
-+source "net/ipsec/Kconfig"
-+endif # if INET
-+
- endif # if NET
---- /distros/kernel/linux-2.6.3-rc4/net/Makefile Mon Feb 16 21:22:12 2004
-+++ ref26/net/Makefile Thu Feb 19 21:02:25 2004
-@@ -42,3 +42,6 @@
- ifeq ($(CONFIG_NET),y)
- obj-$(CONFIG_SYSCTL) += sysctl_net.o
- endif
-+
-+obj-$(CONFIG_KLIPS) += ipsec/
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/Kconfig Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,161 @@
-+#
-+# IPSEC configuration
-+# Copyright (C) 2004 Michael Richardson <mcr@freeswan.org>
-+#
-+# This program is free software; you can redistribute it and/or modify it
-+# under the terms of the GNU General Public License as published by the
-+# Free Software Foundation; either version 2 of the License, or (at your
-+# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+#
-+# This program is distributed in the hope that it will be useful, but
-+# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+# for more details.
-+#
-+# RCSID $Id: Kconfig,v 1.6.2.2 2006/10/11 18:14:33 paul Exp $
-+
-+config KLIPS
-+ tristate "Openswan IPsec (KLIPS26)"
-+ default n
-+ help
-+ KLIPS is the Openswan (www.openswan.org) Kernel Level IP Security
-+ system. It is extensively tested, and has interoperated with
-+ many other systems.
-+ It provides "ipsecX" devices on which one can do firewalling.
-+ The userland, is compatible with both KLIPS and 26sec.
-+
-+menu "KLIPS options"
-+ depends on KLIPS
-+
-+config KLIPS_ESP
-+ bool 'Encapsulating Security Payload - ESP ("VPN")'
-+ default y
-+ help
-+ This option provides support for the IPSEC Encapsulation Security
-+ Payload (IP protocol 50) which provides packet layer content
-+ hiding, and content authentication.
-+ It is recommended to enable this. RFC2406
-+
-+config KLIPS_AH
-+ bool 'Authentication Header - AH'
-+ default n
-+ help
-+ This option provides support for the IPSEC Authentication Header
-+ (IP protocol 51) which provides packet layer sender and content
-+ authentication. It does not provide for confidentiality.
-+ It is not recommended to enable this. RFC2402
-+
-+config KLIPS_AUTH_HMAC_MD5
-+ bool 'HMAC-MD5 authentication algorithm'
-+ default y
-+ help
-+ The HMAC-MD5 algorithm is used by ESP (and AH) to guarantee packet
-+ integrity. There is little reason not to include it.
-+
-+config KLIPS_AUTH_HMAC_SHA1
-+ bool 'HMAC-SHA1 authentication algorithm'
-+ default y
-+ help
-+ The HMAC-SHA1 algorithm is used by ESP (and AH) to guarantee packet
-+ integrity. SHA1 is a little slower than MD5, but is said to be
-+ a bit more secure. There is little reason not to include it.
-+
-+config KLIPS_ENC_CRYPTOAPI
-+ bool 'CryptoAPI algorithm interface'
-+ default n
-+ help
-+ Enable the algorithm interface to make all CryptoAPI 1.0 algorithms
-+ available to KLIPS.
-+
-+config KLIPS_ENC_1DES
-+ bool 'Include 1DES with CryptoAPI'
-+ default n
-+ depends on KLIPS_ENC_CRYPTOAPI
-+ help
-+ The CryptoAPI interface does not include support for every algorithm
-+ yet, and one that it doesn't support by default is the VERY WEAK
-+ 1DES. Select this if you are terminally stupid.
-+
-+config KLIPS_ENC_3DES
-+ bool '3DES encryption algorithm'
-+ default y
-+ help
-+ The 3DES algorithm is used by ESP to provide for packet privacy.
-+ 3DES is 3-repeats of the DES algorithm. 3DES is widely supported,
-+ and analyzed and is considered very secure. 1DES is not supported.
-+
-+config KLIPS_ENC_AES
-+ bool 'AES encryption algorithm'
-+ default y
-+ help
-+ The AES algorithm is used by ESP to provide for packet privacy.
-+ AES the NIST replacement for DES. AES is being widely analyzed,
-+ and is very fast.
-+
-+config KLIPS_ENC_NULL
-+ bool 'NULL NON-encryption algorithm'
-+ default n
-+ help
-+ NON encryption algo , maybe useful for ESP auth only scenarios
-+ (eg: with NAT-T), see RFC 2410.
-+
-+config KLIPS_IPCOMP
-+ bool 'IP compression'
-+ default y
-+ help
-+ The IPcomp protocol is used prior to ESP to make the packet
-+ smaller. Once encrypted, compression will fail, so any link
-+ layer efforts (e.g. PPP) will not work.
-+
-+config KLIPS_DEBUG
-+ bool 'IPsec debugging'
-+ default y
-+ help
-+ KLIPS includes a lot of debugging code. Unless there is a real
-+ tangible benefit to removing this code, it should be left in place.
-+ Debugging connections without access to kernel level debugging is
-+ essentially impossible. Leave this on.
-+
-+endmenu
-+
-+#
-+#
-+# $Log: Kconfig,v $
-+# Revision 1.6.2.2 2006/10/11 18:14:33 paul
-+# Add JuanJo Ciarlante's ESP_NULL patches for KLIPS, but leave it disabled
-+# per default.
-+#
-+# Revision 1.6.2.1 2006/04/20 16:33:06 mcr
-+# remove all of CONFIG_KLIPS_ALG --- one can no longer build without it.
-+# Fix in-kernel module compilation. Sub-makefiles do not work.
-+#
-+# Revision 1.6 2005/05/18 20:55:27 mcr
-+# default cryptoapi to n.
-+#
-+# Revision 1.5 2005/05/11 01:23:25 mcr
-+# added 1DES option to cryptoapi.
-+#
-+# Revision 1.4 2005/04/29 05:29:54 mcr
-+# add option to include cryptoapi algorithms.
-+#
-+# Revision 1.3 2004/08/17 03:27:23 mcr
-+# klips 2.6 edits.
-+#
-+# Revision 1.2 2004/08/14 03:27:39 mcr
-+# 2.6 kernel build/configuration files.
-+#
-+# Revision 1.1 2004/08/14 02:47:55 mcr
-+# kernel build/config patches
-+#
-+# Revision 1.3 2004/02/24 17:17:04 mcr
-+# s/CONFIG_IPSEC/CONFIG_KLIPS/ as 26sec uses "CONFIG_IPSEC" to
-+# turn it on/off as well.
-+#
-+# Revision 1.2 2004/02/22 06:50:42 mcr
-+# kernel 2.6 port - merged with 2.4 code.
-+#
-+# Revision 1.1.2.1 2004/02/20 02:07:53 mcr
-+# module configuration for KLIPS 2.6
-+#
-+#
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/Makefile Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,195 @@
-+# Makefile for KLIPS kernel code as a module for 2.6 kernels
-+#
-+# Makefile for KLIPS kernel code as a module
-+# Copyright (C) 1998, 1999, 2000,2001 Richard Guy Briggs.
-+# Copyright (C) 2002-2004 Michael Richardson <mcr@freeswan.org>
-+#
-+# This program is free software; you can redistribute it and/or modify it
-+# under the terms of the GNU General Public License as published by the
-+# Free Software Foundation; either version 2 of the License, or (at your
-+# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+#
-+# This program is distributed in the hope that it will be useful, but
-+# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+# for more details.
-+#
-+# RCSID $Id: Makefile.fs2_6,v 1.8.2.2 2006/10/11 18:14:33 paul Exp $
-+#
-+# Note! Dependencies are done automagically by 'make dep', which also
-+# removes any old dependencies. DON'T put your own dependencies here
-+# unless it's something special (ie not a .c file).
-+#
-+
-+OPENSWANSRCDIR?=.
-+KLIPS_TOP?=.
-+
-+-include ${OPENSWANSRCDIR}/Makefile.ver
-+
-+base-klips-objs :=
-+
-+base-klips-objs+= ipsec_init.o ipsec_sa.o ipsec_radij.o radij.o
-+base-klips-objs+= ipsec_life.o ipsec_proc.o
-+base-klips-objs+= ipsec_tunnel.o ipsec_xmit.o ipsec_rcv.o ipsec_ipip.o
-+base-klips-objs+= ipsec_snprintf.o
-+base-klips-objs+= sysctl_net_ipsec.o
-+base-klips-objs+= pfkey_v2.o pfkey_v2_parser.o pfkey_v2_ext_process.o
-+base-klips-objs+= version.o
-+
-+base-klips-objs+= satot.o
-+base-klips-objs+= addrtot.o
-+base-klips-objs+= ultot.o
-+base-klips-objs+= addrtypeof.o
-+base-klips-objs+= anyaddr.o
-+base-klips-objs+= initaddr.o
-+base-klips-objs+= ultoa.o
-+base-klips-objs+= addrtoa.o
-+base-klips-objs+= subnettoa.o
-+base-klips-objs+= subnetof.o
-+base-klips-objs+= goodmask.o
-+base-klips-objs+= datatot.o
-+base-klips-objs+= rangetoa.o
-+base-klips-objs+= prng.o
-+base-klips-objs+= pfkey_v2_parse.o
-+base-klips-objs+= pfkey_v2_build.o
-+base-klips-objs+= pfkey_v2_debug.o
-+base-klips-objs+= pfkey_v2_ext_bits.o
-+base-klips-objs+= version.o
-+
-+obj-${CONFIG_KLIPS} += ipsec.o
-+
-+ipsec-objs += ${base-klips-objs}
-+
-+ipsec-$(CONFIG_KLIPS_ESP) += ipsec_esp.o
-+ipsec-$(CONFIG_KLIPS_IPCOMP) += ipsec_ipcomp.o
-+ipsec-$(CONFIG_KLIPS_AUTH_HMAC_MD5) += ipsec_md5c.o
-+ipsec-$(CONFIG_KLIPS_AUTH_HMAC_SHA1) += ipsec_sha1.o
-+
-+# AH, if you really think you need it.
-+ipsec-$(CONFIG_KLIPS_AH) += ipsec_ah.o
-+
-+ipsec-y += ipsec_alg.o
-+
-+# include code from DES subdir
-+crypto-$(CONFIG_KLIPS_ENC_3DES) += des/ipsec_alg_3des.o
-+crypto-$(CONFIG_KLIPS_ENC_3DES) += des/cbc_enc.o
-+crypto-$(CONFIG_KLIPS_ENC_3DES) += des/ecb_enc.o
-+crypto-$(CONFIG_KLIPS_ENC_3DES) += des/set_key.o
-+
-+ifeq ($(strip ${SUBARCH}),)
-+SUBARCH:=${ARCH}
-+endif
-+
-+# the assembly version expects frame pointers, which are
-+# optional in many kernel builds. If you want speed, you should
-+# probably use cryptoapi code instead.
-+USEASSEMBLY=${SUBARCH}${CONFIG_FRAME_POINTER}
-+ifeq (${USEASSEMBLY},i386y)
-+crypto-$(CONFIG_KLIPS_ENC_3DES) += des/dx86unix.o
-+else
-+crypto-$(CONFIG_KLIPS_ENC_3DES) += des/des_enc.o
-+endif
-+
-+# include code from AES subdir
-+crypto-$(CONFIG_KLIPS_ENC_AES) += aes/ipsec_alg_aes.o
-+crypto-$(CONFIG_KLIPS_ENC_AES) += aes/aes_xcbc_mac.o
-+crypto-$(CONFIG_KLIPS_ENC_AES) += aes/aes_cbc.o
-+
-+ifeq ($(strip ${SUBARCH}),)
-+SUBARCH:=${ARCH}
-+endif
-+
-+USEASSEMBLY=${SUBARCH}${CONFIG_FRAME_POINTER}
-+ifeq (${USEASSEMBLY},i386y)
-+crypto-$(CONFIG_KLIPS_ENC_AES) += aes/aes-i586.o
-+else
-+crypto-$(CONFIG_KLIPS_ENC_AES) += aes/aes.o
-+endif
-+
-+crypto-$(CONFIG_KLIPS_ENC_NULL) += null/ipsec_alg_null.o
-+
-+ipsec-y += ${crypto-y}
-+
-+ipsec-$(CONFIG_KLIPS_ENC_CRYPTOAPI) += ipsec_alg_cryptoapi.o
-+
-+# IPcomp stuff
-+base-ipcomp-objs := ipcomp.o
-+base-ipcomp-objs += adler32.o
-+base-ipcomp-objs += deflate.o
-+base-ipcomp-objs += infblock.o
-+base-ipcomp-objs += infcodes.o
-+base-ipcomp-objs += inffast.o
-+base-ipcomp-objs += inflate.o
-+base-ipcomp-objs += inftrees.o
-+base-ipcomp-objs += infutil.o
-+base-ipcomp-objs += trees.o
-+base-ipcomp-objs += zutil.o
-+asm-ipcomp-obj-$(CONFIG_M586) += match586.o
-+asm-ipcomp-obj-$(CONFIG_M586TSC) += match586.o
-+asm-ipcomp-obj-$(CONFIG_M586MMX) += match586.o
-+asm-ipcomp-obj-$(CONFIG_M686) += match686.o
-+asm-ipcomp-obj-$(CONFIG_MPENTIUMIII) += match686.o
-+asm-ipcomp-obj-$(CONFIG_MPENTIUM4) += match686.o
-+asm-ipcomp-obj-$(CONFIG_MK6) += match586.o
-+asm-ipcomp-obj-$(CONFIG_MK7) += match686.o
-+asm-ipcomp-obj-$(CONFIG_MCRUSOE) += match586.o
-+asm-ipcomp-obj-$(CONFIG_MWINCHIPC6) += match586.o
-+asm-ipcomp-obj-$(CONFIG_MWINCHIP2) += match686.o
-+asm-ipcomp-obj-$(CONFIG_MWINCHIP3D) += match686.o
-+base-ipcomp-objs += ${asm-ipcomp-obj-y}
-+
-+ipsec-$(CONFIG_KLIPS_IPCOMP) += ${base-ipcomp-objs}
-+
-+EXTRA_CFLAGS += -DIPCOMP_PREFIX
-+
-+#
-+# $Log: Makefile.fs2_6,v $
-+# Revision 1.8.2.2 2006/10/11 18:14:33 paul
-+# Add JuanJo Ciarlante's ESP_NULL patches for KLIPS, but leave it disabled
-+# per default.
-+#
-+# Revision 1.8.2.1 2006/04/20 16:33:06 mcr
-+# remove all of CONFIG_KLIPS_ALG --- one can no longer build without it.
-+# Fix in-kernel module compilation. Sub-makefiles do not work.
-+#
-+# Revision 1.8 2005/05/11 03:15:42 mcr
-+# adjusted makefiles to sanely build modules properly.
-+#
-+# Revision 1.7 2005/04/13 22:52:12 mcr
-+# moved KLIPS specific snprintf() wrapper to seperate file.
-+#
-+# Revision 1.6 2004/08/22 05:02:03 mcr
-+# organized symbols such that it is easier to build modules.
-+#
-+# Revision 1.5 2004/08/18 01:43:56 mcr
-+# adjusted makefile enumation so that it can be used by module
-+# wrapper.
-+#
-+# Revision 1.4 2004/08/17 03:27:23 mcr
-+# klips 2.6 edits.
-+#
-+# Revision 1.3 2004/08/04 16:50:13 mcr
-+# removed duplicate definition of dx86unix.o
-+#
-+# Revision 1.2 2004/08/03 18:21:09 mcr
-+# only set KLIPS_TOP and OPENSWANSRCDIR if not already set.
-+#
-+# Revision 1.1 2004/07/26 15:02:22 mcr
-+# makefile for KLIPS module for 2.6.
-+#
-+# Revision 1.3 2004/02/24 17:17:04 mcr
-+# s/CONFIG_IPSEC/CONFIG_KLIPS/ as 26sec uses "CONFIG_IPSEC" to
-+# turn it on/off as well.
-+#
-+# Revision 1.2 2004/02/22 06:50:42 mcr
-+# kernel 2.6 port - merged with 2.4 code.
-+#
-+# Revision 1.1.2.1 2004/02/20 02:07:53 mcr
-+# module configuration for KLIPS 2.6
-+#
-+#
-+# Local Variables:
-+# compile-command: "(cd ../../.. && source umlsetup.sh && make -C ${POOLSPACE} module/ipsec.o)"
-+# End Variables:
-+#
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/README-zlib Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,147 @@
-+zlib 1.1.4 is a general purpose data compression library. All the code
-+is thread safe. The data format used by the zlib library
-+is described by RFCs (Request for Comments) 1950 to 1952 in the files
-+http://www.ietf.org/rfc/rfc1950.txt (zlib format), rfc1951.txt (deflate
-+format) and rfc1952.txt (gzip format). These documents are also available in
-+other formats from ftp://ftp.uu.net/graphics/png/documents/zlib/zdoc-index.html
-+
-+All functions of the compression library are documented in the file zlib.h
-+(volunteer to write man pages welcome, contact jloup@gzip.org). A usage
-+example of the library is given in the file example.c which also tests that
-+the library is working correctly. Another example is given in the file
-+minigzip.c. The compression library itself is composed of all source files
-+except example.c and minigzip.c.
-+
-+To compile all files and run the test program, follow the instructions
-+given at the top of Makefile. In short "make test; make install"
-+should work for most machines. For Unix: "./configure; make test; make install"
-+For MSDOS, use one of the special makefiles such as Makefile.msc.
-+For VMS, use Make_vms.com or descrip.mms.
-+
-+Questions about zlib should be sent to <zlib@gzip.org>, or to
-+Gilles Vollant <info@winimage.com> for the Windows DLL version.
-+The zlib home page is http://www.zlib.org or http://www.gzip.org/zlib/
-+Before reporting a problem, please check this site to verify that
-+you have the latest version of zlib; otherwise get the latest version and
-+check whether the problem still exists or not.
-+
-+PLEASE read the zlib FAQ http://www.gzip.org/zlib/zlib_faq.html
-+before asking for help.
-+
-+Mark Nelson <markn@ieee.org> wrote an article about zlib for the Jan. 1997
-+issue of Dr. Dobb's Journal; a copy of the article is available in
-+http://dogma.net/markn/articles/zlibtool/zlibtool.htm
-+
-+The changes made in version 1.1.4 are documented in the file ChangeLog.
-+The only changes made since 1.1.3 are bug corrections:
-+
-+- ZFREE was repeated on same allocation on some error conditions.
-+ This creates a security problem described in
-+ http://www.zlib.org/advisory-2002-03-11.txt
-+- Returned incorrect error (Z_MEM_ERROR) on some invalid data
-+- Avoid accesses before window for invalid distances with inflate window
-+ less than 32K.
-+- force windowBits > 8 to avoid a bug in the encoder for a window size
-+ of 256 bytes. (A complete fix will be available in 1.1.5).
-+
-+The beta version 1.1.5beta includes many more changes. A new official
-+version 1.1.5 will be released as soon as extensive testing has been
-+completed on it.
-+
-+
-+Unsupported third party contributions are provided in directory "contrib".
-+
-+A Java implementation of zlib is available in the Java Development Kit
-+http://www.javasoft.com/products/JDK/1.1/docs/api/Package-java.util.zip.html
-+See the zlib home page http://www.zlib.org for details.
-+
-+A Perl interface to zlib written by Paul Marquess <pmarquess@bfsec.bt.co.uk>
-+is in the CPAN (Comprehensive Perl Archive Network) sites
-+http://www.cpan.org/modules/by-module/Compress/
-+
-+A Python interface to zlib written by A.M. Kuchling <amk@magnet.com>
-+is available in Python 1.5 and later versions, see
-+http://www.python.org/doc/lib/module-zlib.html
-+
-+A zlib binding for TCL written by Andreas Kupries <a.kupries@westend.com>
-+is availlable at http://www.westend.com/~kupries/doc/trf/man/man.html
-+
-+An experimental package to read and write files in .zip format,
-+written on top of zlib by Gilles Vollant <info@winimage.com>, is
-+available at http://www.winimage.com/zLibDll/unzip.html
-+and also in the contrib/minizip directory of zlib.
-+
-+
-+Notes for some targets:
-+
-+- To build a Windows DLL version, include in a DLL project zlib.def, zlib.rc
-+ and all .c files except example.c and minigzip.c; compile with -DZLIB_DLL
-+ The zlib DLL support was initially done by Alessandro Iacopetti and is
-+ now maintained by Gilles Vollant <info@winimage.com>. Check the zlib DLL
-+ home page at http://www.winimage.com/zLibDll
-+
-+ From Visual Basic, you can call the DLL functions which do not take
-+ a structure as argument: compress, uncompress and all gz* functions.
-+ See contrib/visual-basic.txt for more information, or get
-+ http://www.tcfb.com/dowseware/cmp-z-it.zip
-+
-+- For 64-bit Irix, deflate.c must be compiled without any optimization.
-+ With -O, one libpng test fails. The test works in 32 bit mode (with
-+ the -n32 compiler flag). The compiler bug has been reported to SGI.
-+
-+- zlib doesn't work with gcc 2.6.3 on a DEC 3000/300LX under OSF/1 2.1
-+ it works when compiled with cc.
-+
-+- on Digital Unix 4.0D (formely OSF/1) on AlphaServer, the cc option -std1
-+ is necessary to get gzprintf working correctly. This is done by configure.
-+
-+- zlib doesn't work on HP-UX 9.05 with some versions of /bin/cc. It works
-+ with other compilers. Use "make test" to check your compiler.
-+
-+- gzdopen is not supported on RISCOS, BEOS and by some Mac compilers.
-+
-+- For Turbo C the small model is supported only with reduced performance to
-+ avoid any far allocation; it was tested with -DMAX_WBITS=11 -DMAX_MEM_LEVEL=3
-+
-+- For PalmOs, see http://www.cs.uit.no/~perm/PASTA/pilot/software.html
-+ Per Harald Myrvang <perm@stud.cs.uit.no>
-+
-+
-+Acknowledgments:
-+
-+ The deflate format used by zlib was defined by Phil Katz. The deflate
-+ and zlib specifications were written by L. Peter Deutsch. Thanks to all the
-+ people who reported problems and suggested various improvements in zlib;
-+ they are too numerous to cite here.
-+
-+Copyright notice:
-+
-+ (C) 1995-2002 Jean-loup Gailly and Mark Adler
-+
-+ This software is provided 'as-is', without any express or implied
-+ warranty. In no event will the authors be held liable for any damages
-+ arising from the use of this software.
-+
-+ Permission is granted to anyone to use this software for any purpose,
-+ including commercial applications, and to alter it and redistribute it
-+ freely, subject to the following restrictions:
-+
-+ 1. The origin of this software must not be misrepresented; you must not
-+ claim that you wrote the original software. If you use this software
-+ in a product, an acknowledgment in the product documentation would be
-+ appreciated but is not required.
-+ 2. Altered source versions must be plainly marked as such, and must not be
-+ misrepresented as being the original software.
-+ 3. This notice may not be removed or altered from any source distribution.
-+
-+ Jean-loup Gailly Mark Adler
-+ jloup@gzip.org madler@alumni.caltech.edu
-+
-+If you use the zlib library in a product, we would appreciate *not*
-+receiving lengthy legal documents to sign. The sources are provided
-+for free but without warranty of any kind. The library has been
-+entirely written by Jean-loup Gailly and Mark Adler; it does not
-+include third-party code.
-+
-+If you redistribute modified sources, we would appreciate that you include
-+in the file ChangeLog history information documenting your changes.
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/README-zlib.freeswan Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,13 @@
-+The only changes made to these files for use in FreeS/WAN are:
-+
-+ - In zconf.h, macros are defined to prefix global symbols with "ipcomp_"
-+ (or "_ipcomp"), when compiled with -DIPCOMP_PREFIX.
-+ - The copyright strings are defined local (static)
-+
-+ The above changes are made to avoid name collisions with ppp_deflate
-+ and ext2compr.
-+
-+ - Files not needed for FreeS/WAN have been removed
-+
-+ See the "README" file for information about where to obtain the complete
-+ zlib package.
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/addrtoa.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,67 @@
-+/*
-+ * addresses to ASCII
-+ * Copyright (C) 1998, 1999 Henry Spencer.
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: addrtoa.c,v 1.10 2004/07/10 07:43:47 mcr Exp $
-+ */
-+#include "openswan.h"
-+
-+#define NBYTES 4 /* bytes in an address */
-+#define PERBYTE 4 /* three digits plus a dot or NUL */
-+#define BUFLEN (NBYTES*PERBYTE)
-+
-+#if BUFLEN != ADDRTOA_BUF
-+#error "ADDRTOA_BUF in openswan.h inconsistent with addrtoa() code"
-+#endif
-+
-+/*
-+ - addrtoa - convert binary address to ASCII dotted decimal
-+ */
-+size_t /* space needed for full conversion */
-+addrtoa(addr, format, dst, dstlen)
-+struct in_addr addr;
-+int format; /* character */
-+char *dst; /* need not be valid if dstlen is 0 */
-+size_t dstlen;
-+{
-+ unsigned long a = ntohl(addr.s_addr);
-+ int i;
-+ size_t n;
-+ unsigned long byte;
-+ char buf[BUFLEN];
-+ char *p;
-+
-+ switch (format) {
-+ case 0:
-+ break;
-+ default:
-+ return 0;
-+ break;
-+ }
-+
-+ p = buf;
-+ for (i = NBYTES-1; i >= 0; i--) {
-+ byte = (a >> (i*8)) & 0xff;
-+ p += ultoa(byte, 10, p, PERBYTE);
-+ if (i != 0)
-+ *(p-1) = '.';
-+ }
-+ n = p - buf;
-+
-+ if (dstlen > 0) {
-+ if (n > dstlen)
-+ buf[dstlen - 1] = '\0';
-+ strcpy(dst, buf);
-+ }
-+ return n;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/addrtot.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,423 @@
-+/*
-+ * addresses to text
-+ * Copyright (C) 2000 Henry Spencer.
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: addrtot.c,v 1.22.2.1 2005/11/17 22:30:49 paul Exp $
-+ */
-+
-+#if defined(__KERNEL__) && defined(__HAVE_ARCH_STRSTR)
-+#include <linux/string.h>
-+#endif
-+
-+#include "openswan.h"
-+
-+#define IP4BYTES 4 /* bytes in an IPv4 address */
-+#define PERBYTE 4 /* three digits plus a dot or NUL */
-+#define IP6BYTES 16 /* bytes in an IPv6 address */
-+
-+/* forwards */
-+static size_t normal4(const unsigned char *s, size_t len, char *b, char **dp);
-+static size_t normal6(const unsigned char *s, size_t len, char *b, char **dp, int squish);
-+static size_t reverse4(const unsigned char *s, size_t len, char *b, char **dp);
-+static size_t reverse6(const unsigned char *s, size_t len, char *b, char **dp);
-+
-+#if defined(__KERNEL__) && !defined(__HAVE_ARCH_STRSTR)
-+#define strstr ipsec_strstr
-+/*
-+ * Find the first occurrence of find in s.
-+ * (from NetBSD 1.6's /src/lib/libc/string/strstr.c)
-+ */
-+static char *
-+strstr(s, find)
-+ const char *s, *find;
-+{
-+ char c, sc;
-+ size_t len;
-+
-+ if ((c = *find++) != 0) {
-+ len = strlen(find);
-+ do {
-+ do {
-+ if ((sc = *s++) == 0)
-+ return (NULL);
-+ } while (sc != c);
-+ } while (strncmp(s, find, len) != 0);
-+ s--;
-+ }
-+ /* LINTED interface specification */
-+ return ((char *)s);
-+}
-+#endif
-+
-+/*
-+ - addrtot - convert binary address to text (dotted decimal or IPv6 string)
-+ */
-+size_t /* space needed for full conversion */
-+addrtot(src, format, dst, dstlen)
-+const ip_address *src;
-+int format; /* character */
-+char *dst; /* need not be valid if dstlen is 0 */
-+size_t dstlen;
-+{
-+ const unsigned char *b;
-+ size_t n;
-+ char buf[1+ADDRTOT_BUF+1]; /* :address: */
-+ char *p;
-+ int t = addrtypeof(src);
-+# define TF(t, f) (((t)<<8) | (f))
-+
-+ n = addrbytesptr(src, &b);
-+ if (n == 0) {
-+ bad:
-+ dst[0]='\0';
-+ strncat(dst, "<invalid>", dstlen);
-+ return sizeof("<invalid>");
-+ }
-+
-+ switch (TF(t, format)) {
-+ case TF(AF_INET, 0):
-+ n = normal4(b, n, buf, &p);
-+ break;
-+ case TF(AF_INET6, 0):
-+ n = normal6(b, n, buf, &p, 1);
-+ break;
-+ case TF(AF_INET, 'Q'):
-+ n = normal4(b, n, buf, &p);
-+ break;
-+ case TF(AF_INET6, 'Q'):
-+ n = normal6(b, n, buf, &p, 0);
-+ break;
-+ case TF(AF_INET, 'r'):
-+ n = reverse4(b, n, buf, &p);
-+ break;
-+ case TF(AF_INET6, 'r'):
-+ n = reverse6(b, n, buf, &p);
-+ break;
-+ default: /* including (AF_INET, 'R') */
-+ goto bad;
-+ break;
-+ }
-+
-+ if (dstlen > 0) {
-+ if (dstlen < n)
-+ p[dstlen - 1] = '\0';
-+ strcpy(dst, p);
-+ }
-+ return n;
-+}
-+
-+/*
-+ - normal4 - normal IPv4 address-text conversion
-+ */
-+static size_t /* size of text, including NUL */
-+normal4(srcp, srclen, buf, dstp)
-+const unsigned char *srcp;
-+size_t srclen;
-+char *buf; /* guaranteed large enough */
-+char **dstp; /* where to put result pointer */
-+{
-+ int i;
-+ char *p;
-+
-+ if (srclen != IP4BYTES) /* "can't happen" */
-+ return 0;
-+ p = buf;
-+ for (i = 0; i < IP4BYTES; i++) {
-+ p += ultot(srcp[i], 10, p, PERBYTE);
-+ if (i != IP4BYTES - 1)
-+ *(p-1) = '.'; /* overwrites the NUL */
-+ }
-+ *dstp = buf;
-+ return p - buf;
-+}
-+
-+/*
-+ - normal6 - normal IPv6 address-text conversion
-+ */
-+static size_t /* size of text, including NUL */
-+normal6(srcp, srclen, buf, dstp, squish)
-+const unsigned char *srcp;
-+size_t srclen;
-+char *buf; /* guaranteed large enough, plus 2 */
-+char **dstp; /* where to put result pointer */
-+int squish; /* whether to squish out 0:0 */
-+{
-+ int i;
-+ unsigned long piece;
-+ char *p;
-+ char *q;
-+
-+ if (srclen != IP6BYTES) /* "can't happen" */
-+ return 0;
-+ p = buf;
-+ *p++ = ':';
-+ for (i = 0; i < IP6BYTES/2; i++) {
-+ piece = (srcp[2*i] << 8) + srcp[2*i + 1];
-+ p += ultot(piece, 16, p, 5); /* 5 = abcd + NUL */
-+ *(p-1) = ':'; /* overwrites the NUL */
-+ }
-+ *p = '\0';
-+ q = strstr(buf, ":0:0:");
-+ if (squish && q != NULL) { /* zero squishing is possible */
-+ p = q + 1;
-+ while (*p == '0' && *(p+1) == ':')
-+ p += 2;
-+ q++;
-+ *q++ = ':'; /* overwrite first 0 */
-+ while (*p != '\0')
-+ *q++ = *p++;
-+ *q = '\0';
-+ if (!(*(q-1) == ':' && *(q-2) == ':'))
-+ *--q = '\0'; /* strip final : unless :: */
-+ p = buf;
-+ if (!(*p == ':' && *(p+1) == ':'))
-+ p++; /* skip initial : unless :: */
-+ } else {
-+ q = p;
-+ *--q = '\0'; /* strip final : */
-+ p = buf + 1; /* skip initial : */
-+ }
-+ *dstp = p;
-+ return q - p + 1;
-+}
-+
-+/*
-+ - reverse4 - IPv4 reverse-lookup conversion
-+ */
-+static size_t /* size of text, including NUL */
-+reverse4(srcp, srclen, buf, dstp)
-+const unsigned char *srcp;
-+size_t srclen;
-+char *buf; /* guaranteed large enough */
-+char **dstp; /* where to put result pointer */
-+{
-+ int i;
-+ char *p;
-+
-+ if (srclen != IP4BYTES) /* "can't happen" */
-+ return 0;
-+ p = buf;
-+ for (i = IP4BYTES-1; i >= 0; i--) {
-+ p += ultot(srcp[i], 10, p, PERBYTE);
-+ *(p-1) = '.'; /* overwrites the NUL */
-+ }
-+ strcpy(p, "IN-ADDR.ARPA.");
-+ *dstp = buf;
-+ return strlen(buf) + 1;
-+}
-+
-+/*
-+ - reverse6 - IPv6 reverse-lookup conversion (RFC 1886)
-+ * A trifle inefficient, really shouldn't use ultot...
-+ */
-+static size_t /* size of text, including NUL */
-+reverse6(srcp, srclen, buf, dstp)
-+const unsigned char *srcp;
-+size_t srclen;
-+char *buf; /* guaranteed large enough */
-+char **dstp; /* where to put result pointer */
-+{
-+ int i;
-+ unsigned long piece;
-+ char *p;
-+
-+ if (srclen != IP6BYTES) /* "can't happen" */
-+ return 0;
-+ p = buf;
-+ for (i = IP6BYTES-1; i >= 0; i--) {
-+ piece = srcp[i];
-+ p += ultot(piece&0xf, 16, p, 2);
-+ *(p-1) = '.';
-+ p += ultot(piece>>4, 16, p, 2);
-+ *(p-1) = '.';
-+ }
-+ strcpy(p, "IP6.ARPA.");
-+ *dstp = buf;
-+ return strlen(buf) + 1;
-+}
-+
-+/*
-+ - reverse6 - modern IPv6 reverse-lookup conversion (RFC 2874)
-+ * this version removed as it was obsoleted in the end.
-+ */
-+
-+#ifdef ADDRTOT_MAIN
-+
-+#include <stdio.h>
-+#include <sys/socket.h>
-+#include <netinet/in.h>
-+#include <arpa/inet.h>
-+
-+void regress(void);
-+
-+int
-+main(int argc, char *argv[])
-+{
-+ if (argc < 2) {
-+ fprintf(stderr, "Usage: %s {addr|net/mask|begin...end|-r}\n",
-+ argv[0]);
-+ exit(2);
-+ }
-+
-+ if (strcmp(argv[1], "-r") == 0) {
-+ regress();
-+ fprintf(stderr, "regress() returned?!?\n");
-+ exit(1);
-+ }
-+ exit(0);
-+}
-+
-+struct rtab {
-+ char *input;
-+ char format;
-+ char *output; /* NULL means error expected */
-+} rtab[] = {
-+ {"1.2.3.0", 0, "1.2.3.0"},
-+ {"1:2::3:4", 0, "1:2::3:4"},
-+ {"1:2::3:4", 'Q', "1:2:0:0:0:0:3:4"},
-+ {"1:2:0:0:3:4:0:0", 0, "1:2::3:4:0:0"},
-+ {"1.2.3.4", 'r' , "4.3.2.1.IN-ADDR.ARPA."},
-+ /* 0 1 2 3 4 5 6 7 8 9 a b c d e f 0 1 2 3 4 5 6 7 8 9 a b c d e f */
-+ {"1:2::3:4", 'r', "4.0.0.0.3.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.0.1.0.0.0.IP6.ARPA."},
-+ {NULL, 0, NULL}
-+};
-+
-+void
-+regress()
-+{
-+ struct rtab *r;
-+ int status = 0;
-+ ip_address a;
-+ char in[100];
-+ char buf[100];
-+ const char *oops;
-+ size_t n;
-+
-+ for (r = rtab; r->input != NULL; r++) {
-+ strcpy(in, r->input);
-+
-+ /* convert it *to* internal format */
-+ oops = ttoaddr(in, strlen(in), 0, &a);
-+
-+ /* now convert it back */
-+
-+ n = addrtot(&a, r->format, buf, sizeof(buf));
-+
-+ if (n == 0 && r->output == NULL)
-+ {} /* okay, error expected */
-+
-+ else if (n == 0) {
-+ printf("`%s' atoasr failed\n", r->input);
-+ status = 1;
-+
-+ } else if (r->output == NULL) {
-+ printf("`%s' atoasr succeeded unexpectedly '%c'\n",
-+ r->input, r->format);
-+ status = 1;
-+ } else {
-+ if (strcasecmp(r->output, buf) != 0) {
-+ printf("`%s' '%c' gave `%s', expected `%s'\n",
-+ r->input, r->format, buf, r->output);
-+ status = 1;
-+ }
-+ }
-+ }
-+ exit(status);
-+}
-+
-+#endif /* ADDRTOT_MAIN */
-+
-+/*
-+ * $Log: addrtot.c,v $
-+ * Revision 1.22.2.1 2005/11/17 22:30:49 paul
-+ * pull up strstr fix from head.
-+ *
-+ * Revision 1.22 2005/05/20 16:47:40 mcr
-+ * make strstr static if we need it.
-+ *
-+ * Revision 1.21 2005/03/21 00:35:12 mcr
-+ * test for strstr properly
-+ *
-+ * Revision 1.20 2004/11/09 22:52:20 mcr
-+ * until we figure out which kernels have strsep and which
-+ * do not (UML does not under certain circumstances), then
-+ * let's just provide our own.
-+ *
-+ * Revision 1.19 2004/10/08 16:30:33 mcr
-+ * pull-up of initial crypto-offload work.
-+ *
-+ * Revision 1.18 2004/09/18 19:33:08 mcr
-+ * use an appropriate kernel happy ifdef for strstr.
-+ *
-+ * Revision 1.17 2004/09/15 21:49:02 mcr
-+ * use local copy of strstr() if this is going in the kernel.
-+ * Not clear why this worked before, or why this shows up
-+ * for modules only.
-+ *
-+ * Revision 1.16 2004/07/10 07:43:47 mcr
-+ * Moved from linux/lib/libfreeswan/addrtot.c,v
-+ *
-+ * Revision 1.15 2004/04/11 17:39:25 mcr
-+ * removed internal.h requirements.
-+ *
-+ * Revision 1.14 2004/03/08 01:59:08 ken
-+ * freeswan.h -> openswan.h
-+ *
-+ * Revision 1.13 2004/01/05 23:21:05 mcr
-+ * if the address type is invalid, then return length of <invalid>
-+ * string!
-+ *
-+ * Revision 1.12 2003/12/30 06:42:48 mcr
-+ * added $Log: addrtot.c,v $
-+ * added Revision 1.22.2.1 2005/11/17 22:30:49 paul
-+ * added pull up strstr fix from head.
-+ * added
-+ * added Revision 1.22 2005/05/20 16:47:40 mcr
-+ * added make strstr static if we need it.
-+ * added
-+ * added Revision 1.21 2005/03/21 00:35:12 mcr
-+ * added test for strstr properly
-+ * added
-+ * added Revision 1.20 2004/11/09 22:52:20 mcr
-+ * added until we figure out which kernels have strsep and which
-+ * added do not (UML does not under certain circumstances), then
-+ * added let's just provide our own.
-+ * added
-+ * added Revision 1.19 2004/10/08 16:30:33 mcr
-+ * added pull-up of initial crypto-offload work.
-+ * added
-+ * added Revision 1.18 2004/09/18 19:33:08 mcr
-+ * added use an appropriate kernel happy ifdef for strstr.
-+ * added
-+ * added Revision 1.17 2004/09/15 21:49:02 mcr
-+ * added use local copy of strstr() if this is going in the kernel.
-+ * added Not clear why this worked before, or why this shows up
-+ * added for modules only.
-+ * added
-+ * added Revision 1.16 2004/07/10 07:43:47 mcr
-+ * added Moved from linux/lib/libfreeswan/addrtot.c,v
-+ * added
-+ * added Revision 1.15 2004/04/11 17:39:25 mcr
-+ * added removed internal.h requirements.
-+ * added
-+ * added Revision 1.14 2004/03/08 01:59:08 ken
-+ * added freeswan.h -> openswan.h
-+ * added
-+ * added Revision 1.13 2004/01/05 23:21:05 mcr
-+ * added if the address type is invalid, then return length of <invalid>
-+ * added string!
-+ * added
-+ *
-+ *
-+ */
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/addrtypeof.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,93 @@
-+/*
-+ * extract parts of an ip_address
-+ * Copyright (C) 2000 Henry Spencer.
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: addrtypeof.c,v 1.10 2004/07/10 07:43:47 mcr Exp $
-+ */
-+#include "openswan.h"
-+
-+/*
-+ - addrtypeof - get the type of an ip_address
-+ */
-+int
-+addrtypeof(src)
-+const ip_address *src;
-+{
-+ return src->u.v4.sin_family;
-+}
-+
-+/*
-+ - addrbytesptr - get pointer to the address bytes of an ip_address
-+ */
-+size_t /* 0 for error */
-+addrbytesptr(src, dstp)
-+const ip_address *src;
-+const unsigned char **dstp; /* NULL means just a size query */
-+{
-+ const unsigned char *p;
-+ size_t n;
-+
-+ switch (src->u.v4.sin_family) {
-+ case AF_INET:
-+ p = (const unsigned char *)&src->u.v4.sin_addr.s_addr;
-+ n = 4;
-+ break;
-+ case AF_INET6:
-+ p = (const unsigned char *)&src->u.v6.sin6_addr;
-+ n = 16;
-+ break;
-+ default:
-+ return 0;
-+ break;
-+ }
-+
-+ if (dstp != NULL)
-+ *dstp = p;
-+ return n;
-+}
-+
-+/*
-+ - addrlenof - get length of the address bytes of an ip_address
-+ */
-+size_t /* 0 for error */
-+addrlenof(src)
-+const ip_address *src;
-+{
-+ return addrbytesptr(src, NULL);
-+}
-+
-+/*
-+ - addrbytesof - get the address bytes of an ip_address
-+ */
-+size_t /* 0 for error */
-+addrbytesof(src, dst, dstlen)
-+const ip_address *src;
-+unsigned char *dst;
-+size_t dstlen;
-+{
-+ const unsigned char *p;
-+ size_t n;
-+ size_t ncopy;
-+
-+ n = addrbytesptr(src, &p);
-+ if (n == 0)
-+ return 0;
-+
-+ if (dstlen > 0) {
-+ ncopy = n;
-+ if (ncopy > dstlen)
-+ ncopy = dstlen;
-+ memcpy(dst, p, ncopy);
-+ }
-+ return n;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/adler32.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,49 @@
-+/* adler32.c -- compute the Adler-32 checksum of a data stream
-+ * Copyright (C) 1995-2002 Mark Adler
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+/* @(#) $Id: adler32.c,v 1.6 2004/07/10 19:11:18 mcr Exp $ */
-+
-+#include <zlib/zlib.h>
-+#include <zlib/zconf.h>
-+
-+#define BASE 65521L /* largest prime smaller than 65536 */
-+#define NMAX 5552
-+/* NMAX is the largest n such that 255n(n+1)/2 + (n+1)(BASE-1) <= 2^32-1 */
-+
-+#define DO1(buf,i) {s1 += buf[i]; s2 += s1;}
-+#define DO2(buf,i) DO1(buf,i); DO1(buf,i+1);
-+#define DO4(buf,i) DO2(buf,i); DO2(buf,i+2);
-+#define DO8(buf,i) DO4(buf,i); DO4(buf,i+4);
-+#define DO16(buf) DO8(buf,0); DO8(buf,8);
-+
-+/* ========================================================================= */
-+uLong ZEXPORT adler32(adler, buf, len)
-+ uLong adler;
-+ const Bytef *buf;
-+ uInt len;
-+{
-+ unsigned long s1 = adler & 0xffff;
-+ unsigned long s2 = (adler >> 16) & 0xffff;
-+ int k;
-+
-+ if (buf == Z_NULL) return 1L;
-+
-+ while (len > 0) {
-+ k = len < NMAX ? len : NMAX;
-+ len -= k;
-+ while (k >= 16) {
-+ DO16(buf);
-+ buf += 16;
-+ k -= 16;
-+ }
-+ if (k != 0) do {
-+ s1 += *buf++;
-+ s2 += s1;
-+ } while (--k);
-+ s1 %= BASE;
-+ s2 %= BASE;
-+ }
-+ return (s2 << 16) | s1;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/aes/Makefile Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,59 @@
-+# Makefile for KLIPS 3DES kernel code as a module for 2.6 kernels
-+#
-+# Makefile for KLIPS kernel code as a module
-+# Copyright (C) 2002-2004 Michael Richardson <mcr@xelerance.com>
-+#
-+# This program is free software; you can redistribute it and/or modify it
-+# under the terms of the GNU General Public License as published by the
-+# Free Software Foundation; either version 2 of the License, or (at your
-+# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+#
-+# This program is distributed in the hope that it will be useful, but
-+# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+# for more details.
-+#
-+# RCSID $Id: Makefile.fs2_6,v 1.1.10.1 2005/08/12 16:10:05 ken Exp $
-+#
-+# Note! Dependencies are done automagically by 'make dep', which also
-+# removes any old dependencies. DON'T put your own dependencies here
-+# unless it's something special (ie not a .c file).
-+#
-+
-+obj-$(CONFIG_KLIPS_ENC_AES) += ipsec_alg_aes.o
-+obj-$(CONFIG_KLIPS_ENC_AES) += aes_xcbc_mac.o
-+obj-$(CONFIG_KLIPS_ENC_AES) += aes_cbc.o
-+
-+ifeq ($(strip ${SUBARCH}),)
-+SUBARCH:=${ARCH}
-+endif
-+
-+# the assembly version expects frame pointers, which are
-+# optional in many kernel builds. If you want speed, you should
-+# probably use cryptoapi code instead.
-+USEASSEMBLY=${SUBARCH}${CONFIG_FRAME_POINTER}
-+ifeq (${USEASSEMBLY},i386y)
-+obj-$(CONFIG_KLIPS_ENC_AES) += aes-i586.o
-+else
-+obj-$(CONFIG_KLIPS_ENC_AES) += aes.o
-+endif
-+
-+
-+#
-+# $Log: Makefile.fs2_6,v $
-+# Revision 1.1.10.1 2005/08/12 16:10:05 ken
-+# do not use assembly code with there are no frame pointers
-+#
-+# Revision 1.2 2005/08/12 14:13:58 mcr
-+# do not use assembly code with there are no frame pointers,
-+# as it does not have the right linkages.
-+#
-+# Revision 1.1 2004/08/17 03:31:34 mcr
-+# klips 2.6 edits.
-+#
-+#
-+# Local Variables:
-+# compile-command: "(cd ../../.. && source umlsetup.sh && make -C ${POOLSPACE} module/ipsec.o)"
-+# End Variables:
-+#
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/aes/aes-i586.S Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,892 @@
-+//
-+// Copyright (c) 2001, Dr Brian Gladman <brg@gladman.uk.net>, Worcester, UK.
-+// All rights reserved.
-+//
-+// TERMS
-+//
-+// Redistribution and use in source and binary forms, with or without
-+// modification, are permitted subject to the following conditions:
-+//
-+// 1. Redistributions of source code must retain the above copyright
-+// notice, this list of conditions and the following disclaimer.
-+//
-+// 2. Redistributions in binary form must reproduce the above copyright
-+// notice, this list of conditions and the following disclaimer in the
-+// documentation and/or other materials provided with the distribution.
-+//
-+// 3. The copyright holder's name must not be used to endorse or promote
-+// any products derived from this software without his specific prior
-+// written permission.
-+//
-+// This software is provided 'as is' with no express or implied warranties
-+// of correctness or fitness for purpose.
-+
-+// Modified by Jari Ruusu, December 24 2001
-+// - Converted syntax to GNU CPP/assembler syntax
-+// - C programming interface converted back to "old" API
-+// - Minor portability cleanups and speed optimizations
-+
-+// An AES (Rijndael) implementation for the Pentium. This version only
-+// implements the standard AES block length (128 bits, 16 bytes). This code
-+// does not preserve the eax, ecx or edx registers or the artihmetic status
-+// flags. However, the ebx, esi, edi, and ebp registers are preserved across
-+// calls.
-+
-+// void aes_set_key(aes_context *cx, const unsigned char key[], const int key_len, const int f)
-+// void aes_encrypt(const aes_context *cx, const unsigned char in_blk[], unsigned char out_blk[])
-+// void aes_decrypt(const aes_context *cx, const unsigned char in_blk[], unsigned char out_blk[])
-+
-+#if defined(USE_UNDERLINE)
-+# define aes_set_key _aes_set_key
-+# define aes_encrypt _aes_encrypt
-+# define aes_decrypt _aes_decrypt
-+#endif
-+#if !defined(ALIGN32BYTES)
-+# define ALIGN32BYTES 32
-+#endif
-+
-+ .file "aes-i586.S"
-+ .globl aes_set_key
-+ .globl aes_encrypt
-+ .globl aes_decrypt
-+
-+#define tlen 1024 // length of each of 4 'xor' arrays (256 32-bit words)
-+
-+// offsets to parameters with one register pushed onto stack
-+
-+#define ctx 8 // AES context structure
-+#define in_blk 12 // input byte array address parameter
-+#define out_blk 16 // output byte array address parameter
-+
-+// offsets in context structure
-+
-+#define nkey 0 // key length, size 4
-+#define nrnd 4 // number of rounds, size 4
-+#define ekey 8 // encryption key schedule base address, size 256
-+#define dkey 264 // decryption key schedule base address, size 256
-+
-+// This macro performs a forward encryption cycle. It is entered with
-+// the first previous round column values in %eax, %ebx, %esi and %edi and
-+// exits with the final values in the same registers.
-+
-+#define fwd_rnd(p1,p2) \
-+ mov %ebx,(%esp) ;\
-+ movzbl %al,%edx ;\
-+ mov %eax,%ecx ;\
-+ mov p2(%ebp),%eax ;\
-+ mov %edi,4(%esp) ;\
-+ mov p2+12(%ebp),%edi ;\
-+ xor p1(,%edx,4),%eax ;\
-+ movzbl %ch,%edx ;\
-+ shr $16,%ecx ;\
-+ mov p2+4(%ebp),%ebx ;\
-+ xor p1+tlen(,%edx,4),%edi ;\
-+ movzbl %cl,%edx ;\
-+ movzbl %ch,%ecx ;\
-+ xor p1+3*tlen(,%ecx,4),%ebx ;\
-+ mov %esi,%ecx ;\
-+ mov p1+2*tlen(,%edx,4),%esi ;\
-+ movzbl %cl,%edx ;\
-+ xor p1(,%edx,4),%esi ;\
-+ movzbl %ch,%edx ;\
-+ shr $16,%ecx ;\
-+ xor p1+tlen(,%edx,4),%ebx ;\
-+ movzbl %cl,%edx ;\
-+ movzbl %ch,%ecx ;\
-+ xor p1+2*tlen(,%edx,4),%eax ;\
-+ mov (%esp),%edx ;\
-+ xor p1+3*tlen(,%ecx,4),%edi ;\
-+ movzbl %dl,%ecx ;\
-+ xor p2+8(%ebp),%esi ;\
-+ xor p1(,%ecx,4),%ebx ;\
-+ movzbl %dh,%ecx ;\
-+ shr $16,%edx ;\
-+ xor p1+tlen(,%ecx,4),%eax ;\
-+ movzbl %dl,%ecx ;\
-+ movzbl %dh,%edx ;\
-+ xor p1+2*tlen(,%ecx,4),%edi ;\
-+ mov 4(%esp),%ecx ;\
-+ xor p1+3*tlen(,%edx,4),%esi ;\
-+ movzbl %cl,%edx ;\
-+ xor p1(,%edx,4),%edi ;\
-+ movzbl %ch,%edx ;\
-+ shr $16,%ecx ;\
-+ xor p1+tlen(,%edx,4),%esi ;\
-+ movzbl %cl,%edx ;\
-+ movzbl %ch,%ecx ;\
-+ xor p1+2*tlen(,%edx,4),%ebx ;\
-+ xor p1+3*tlen(,%ecx,4),%eax
-+
-+// This macro performs an inverse encryption cycle. It is entered with
-+// the first previous round column values in %eax, %ebx, %esi and %edi and
-+// exits with the final values in the same registers.
-+
-+#define inv_rnd(p1,p2) \
-+ movzbl %al,%edx ;\
-+ mov %ebx,(%esp) ;\
-+ mov %eax,%ecx ;\
-+ mov p2(%ebp),%eax ;\
-+ mov %edi,4(%esp) ;\
-+ mov p2+4(%ebp),%ebx ;\
-+ xor p1(,%edx,4),%eax ;\
-+ movzbl %ch,%edx ;\
-+ shr $16,%ecx ;\
-+ mov p2+12(%ebp),%edi ;\
-+ xor p1+tlen(,%edx,4),%ebx ;\
-+ movzbl %cl,%edx ;\
-+ movzbl %ch,%ecx ;\
-+ xor p1+3*tlen(,%ecx,4),%edi ;\
-+ mov %esi,%ecx ;\
-+ mov p1+2*tlen(,%edx,4),%esi ;\
-+ movzbl %cl,%edx ;\
-+ xor p1(,%edx,4),%esi ;\
-+ movzbl %ch,%edx ;\
-+ shr $16,%ecx ;\
-+ xor p1+tlen(,%edx,4),%edi ;\
-+ movzbl %cl,%edx ;\
-+ movzbl %ch,%ecx ;\
-+ xor p1+2*tlen(,%edx,4),%eax ;\
-+ mov (%esp),%edx ;\
-+ xor p1+3*tlen(,%ecx,4),%ebx ;\
-+ movzbl %dl,%ecx ;\
-+ xor p2+8(%ebp),%esi ;\
-+ xor p1(,%ecx,4),%ebx ;\
-+ movzbl %dh,%ecx ;\
-+ shr $16,%edx ;\
-+ xor p1+tlen(,%ecx,4),%esi ;\
-+ movzbl %dl,%ecx ;\
-+ movzbl %dh,%edx ;\
-+ xor p1+2*tlen(,%ecx,4),%edi ;\
-+ mov 4(%esp),%ecx ;\
-+ xor p1+3*tlen(,%edx,4),%eax ;\
-+ movzbl %cl,%edx ;\
-+ xor p1(,%edx,4),%edi ;\
-+ movzbl %ch,%edx ;\
-+ shr $16,%ecx ;\
-+ xor p1+tlen(,%edx,4),%eax ;\
-+ movzbl %cl,%edx ;\
-+ movzbl %ch,%ecx ;\
-+ xor p1+2*tlen(,%edx,4),%ebx ;\
-+ xor p1+3*tlen(,%ecx,4),%esi
-+
-+// AES (Rijndael) Encryption Subroutine
-+
-+ .text
-+ .align ALIGN32BYTES
-+aes_encrypt:
-+ push %ebp
-+ mov ctx(%esp),%ebp // pointer to context
-+ mov in_blk(%esp),%ecx
-+ push %ebx
-+ push %esi
-+ push %edi
-+ mov nrnd(%ebp),%edx // number of rounds
-+ lea ekey+16(%ebp),%ebp // key pointer
-+
-+// input four columns and xor in first round key
-+
-+ mov (%ecx),%eax
-+ mov 4(%ecx),%ebx
-+ mov 8(%ecx),%esi
-+ mov 12(%ecx),%edi
-+ xor -16(%ebp),%eax
-+ xor -12(%ebp),%ebx
-+ xor -8(%ebp),%esi
-+ xor -4(%ebp),%edi
-+
-+ sub $8,%esp // space for register saves on stack
-+
-+ sub $10,%edx
-+ je aes_15
-+ add $32,%ebp
-+ sub $2,%edx
-+ je aes_13
-+ add $32,%ebp
-+
-+ fwd_rnd(aes_ft_tab,-64) // 14 rounds for 256-bit key
-+ fwd_rnd(aes_ft_tab,-48)
-+aes_13: fwd_rnd(aes_ft_tab,-32) // 12 rounds for 192-bit key
-+ fwd_rnd(aes_ft_tab,-16)
-+aes_15: fwd_rnd(aes_ft_tab,0) // 10 rounds for 128-bit key
-+ fwd_rnd(aes_ft_tab,16)
-+ fwd_rnd(aes_ft_tab,32)
-+ fwd_rnd(aes_ft_tab,48)
-+ fwd_rnd(aes_ft_tab,64)
-+ fwd_rnd(aes_ft_tab,80)
-+ fwd_rnd(aes_ft_tab,96)
-+ fwd_rnd(aes_ft_tab,112)
-+ fwd_rnd(aes_ft_tab,128)
-+ fwd_rnd(aes_fl_tab,144) // last round uses a different table
-+
-+// move final values to the output array.
-+
-+ mov out_blk+20(%esp),%ebp
-+ add $8,%esp
-+ mov %eax,(%ebp)
-+ mov %ebx,4(%ebp)
-+ mov %esi,8(%ebp)
-+ mov %edi,12(%ebp)
-+ pop %edi
-+ pop %esi
-+ pop %ebx
-+ pop %ebp
-+ ret
-+
-+
-+// AES (Rijndael) Decryption Subroutine
-+
-+ .align ALIGN32BYTES
-+aes_decrypt:
-+ push %ebp
-+ mov ctx(%esp),%ebp // pointer to context
-+ mov in_blk(%esp),%ecx
-+ push %ebx
-+ push %esi
-+ push %edi
-+ mov nrnd(%ebp),%edx // number of rounds
-+ lea dkey+16(%ebp),%ebp // key pointer
-+
-+// input four columns and xor in first round key
-+
-+ mov (%ecx),%eax
-+ mov 4(%ecx),%ebx
-+ mov 8(%ecx),%esi
-+ mov 12(%ecx),%edi
-+ xor -16(%ebp),%eax
-+ xor -12(%ebp),%ebx
-+ xor -8(%ebp),%esi
-+ xor -4(%ebp),%edi
-+
-+ sub $8,%esp // space for register saves on stack
-+
-+ sub $10,%edx
-+ je aes_25
-+ add $32,%ebp
-+ sub $2,%edx
-+ je aes_23
-+ add $32,%ebp
-+
-+ inv_rnd(aes_it_tab,-64) // 14 rounds for 256-bit key
-+ inv_rnd(aes_it_tab,-48)
-+aes_23: inv_rnd(aes_it_tab,-32) // 12 rounds for 192-bit key
-+ inv_rnd(aes_it_tab,-16)
-+aes_25: inv_rnd(aes_it_tab,0) // 10 rounds for 128-bit key
-+ inv_rnd(aes_it_tab,16)
-+ inv_rnd(aes_it_tab,32)
-+ inv_rnd(aes_it_tab,48)
-+ inv_rnd(aes_it_tab,64)
-+ inv_rnd(aes_it_tab,80)
-+ inv_rnd(aes_it_tab,96)
-+ inv_rnd(aes_it_tab,112)
-+ inv_rnd(aes_it_tab,128)
-+ inv_rnd(aes_il_tab,144) // last round uses a different table
-+
-+// move final values to the output array.
-+
-+ mov out_blk+20(%esp),%ebp
-+ add $8,%esp
-+ mov %eax,(%ebp)
-+ mov %ebx,4(%ebp)
-+ mov %esi,8(%ebp)
-+ mov %edi,12(%ebp)
-+ pop %edi
-+ pop %esi
-+ pop %ebx
-+ pop %ebp
-+ ret
-+
-+// AES (Rijndael) Key Schedule Subroutine
-+
-+// input/output parameters
-+
-+#define aes_cx 12 // AES context
-+#define in_key 16 // key input array address
-+#define key_ln 20 // key length, bytes (16,24,32) or bits (128,192,256)
-+#define ed_flg 24 // 0=create both encr/decr keys, 1=create encr key only
-+
-+// offsets for locals
-+
-+#define cnt -4
-+#define kpf -8
-+#define slen 8
-+
-+// This macro performs a column mixing operation on an input 32-bit
-+// word to give a 32-bit result. It uses each of the 4 bytes in the
-+// the input column to index 4 different tables of 256 32-bit words
-+// that are xored together to form the output value.
-+
-+#define mix_col(p1) \
-+ movzbl %bl,%ecx ;\
-+ mov p1(,%ecx,4),%eax ;\
-+ movzbl %bh,%ecx ;\
-+ ror $16,%ebx ;\
-+ xor p1+tlen(,%ecx,4),%eax ;\
-+ movzbl %bl,%ecx ;\
-+ xor p1+2*tlen(,%ecx,4),%eax ;\
-+ movzbl %bh,%ecx ;\
-+ xor p1+3*tlen(,%ecx,4),%eax
-+
-+// Key Schedule Macros
-+
-+#define ksc4(p1) \
-+ rol $24,%ebx ;\
-+ mix_col(aes_fl_tab) ;\
-+ ror $8,%ebx ;\
-+ xor 4*p1+aes_rcon_tab,%eax ;\
-+ xor %eax,%esi ;\
-+ xor %esi,%ebp ;\
-+ mov %esi,16*p1(%edi) ;\
-+ mov %ebp,16*p1+4(%edi) ;\
-+ xor %ebp,%edx ;\
-+ xor %edx,%ebx ;\
-+ mov %edx,16*p1+8(%edi) ;\
-+ mov %ebx,16*p1+12(%edi)
-+
-+#define ksc6(p1) \
-+ rol $24,%ebx ;\
-+ mix_col(aes_fl_tab) ;\
-+ ror $8,%ebx ;\
-+ xor 4*p1+aes_rcon_tab,%eax ;\
-+ xor 24*p1-24(%edi),%eax ;\
-+ mov %eax,24*p1(%edi) ;\
-+ xor 24*p1-20(%edi),%eax ;\
-+ mov %eax,24*p1+4(%edi) ;\
-+ xor %eax,%esi ;\
-+ xor %esi,%ebp ;\
-+ mov %esi,24*p1+8(%edi) ;\
-+ mov %ebp,24*p1+12(%edi) ;\
-+ xor %ebp,%edx ;\
-+ xor %edx,%ebx ;\
-+ mov %edx,24*p1+16(%edi) ;\
-+ mov %ebx,24*p1+20(%edi)
-+
-+#define ksc8(p1) \
-+ rol $24,%ebx ;\
-+ mix_col(aes_fl_tab) ;\
-+ ror $8,%ebx ;\
-+ xor 4*p1+aes_rcon_tab,%eax ;\
-+ xor 32*p1-32(%edi),%eax ;\
-+ mov %eax,32*p1(%edi) ;\
-+ xor 32*p1-28(%edi),%eax ;\
-+ mov %eax,32*p1+4(%edi) ;\
-+ xor 32*p1-24(%edi),%eax ;\
-+ mov %eax,32*p1+8(%edi) ;\
-+ xor 32*p1-20(%edi),%eax ;\
-+ mov %eax,32*p1+12(%edi) ;\
-+ push %ebx ;\
-+ mov %eax,%ebx ;\
-+ mix_col(aes_fl_tab) ;\
-+ pop %ebx ;\
-+ xor %eax,%esi ;\
-+ xor %esi,%ebp ;\
-+ mov %esi,32*p1+16(%edi) ;\
-+ mov %ebp,32*p1+20(%edi) ;\
-+ xor %ebp,%edx ;\
-+ xor %edx,%ebx ;\
-+ mov %edx,32*p1+24(%edi) ;\
-+ mov %ebx,32*p1+28(%edi)
-+
-+ .align ALIGN32BYTES
-+aes_set_key:
-+ pushfl
-+ push %ebp
-+ mov %esp,%ebp
-+ sub $slen,%esp
-+ push %ebx
-+ push %esi
-+ push %edi
-+
-+ mov aes_cx(%ebp),%edx // edx -> AES context
-+
-+ mov key_ln(%ebp),%ecx // key length
-+ cmpl $128,%ecx
-+ jb aes_30
-+ shr $3,%ecx
-+aes_30: cmpl $32,%ecx
-+ je aes_32
-+ cmpl $24,%ecx
-+ je aes_32
-+ mov $16,%ecx
-+aes_32: shr $2,%ecx
-+ mov %ecx,nkey(%edx)
-+
-+ lea 6(%ecx),%eax // 10/12/14 for 4/6/8 32-bit key length
-+ mov %eax,nrnd(%edx)
-+
-+ mov in_key(%ebp),%esi // key input array
-+ lea ekey(%edx),%edi // key position in AES context
-+ cld
-+ push %ebp
-+ mov %ecx,%eax // save key length in eax
-+ rep ; movsl // words in the key schedule
-+ mov -4(%esi),%ebx // put some values in registers
-+ mov -8(%esi),%edx // to allow faster code
-+ mov -12(%esi),%ebp
-+ mov -16(%esi),%esi
-+
-+ cmpl $4,%eax // jump on key size
-+ je aes_36
-+ cmpl $6,%eax
-+ je aes_35
-+
-+ ksc8(0)
-+ ksc8(1)
-+ ksc8(2)
-+ ksc8(3)
-+ ksc8(4)
-+ ksc8(5)
-+ ksc8(6)
-+ jmp aes_37
-+aes_35: ksc6(0)
-+ ksc6(1)
-+ ksc6(2)
-+ ksc6(3)
-+ ksc6(4)
-+ ksc6(5)
-+ ksc6(6)
-+ ksc6(7)
-+ jmp aes_37
-+aes_36: ksc4(0)
-+ ksc4(1)
-+ ksc4(2)
-+ ksc4(3)
-+ ksc4(4)
-+ ksc4(5)
-+ ksc4(6)
-+ ksc4(7)
-+ ksc4(8)
-+ ksc4(9)
-+aes_37: pop %ebp
-+ mov aes_cx(%ebp),%edx // edx -> AES context
-+ cmpl $0,ed_flg(%ebp)
-+ jne aes_39
-+
-+// compile decryption key schedule from encryption schedule - reverse
-+// order and do mix_column operation on round keys except first and last
-+
-+ mov nrnd(%edx),%eax // kt = cx->d_key + nc * cx->Nrnd
-+ shl $2,%eax
-+ lea dkey(%edx,%eax,4),%edi
-+ lea ekey(%edx),%esi // kf = cx->e_key
-+
-+ movsl // copy first round key (unmodified)
-+ movsl
-+ movsl
-+ movsl
-+ sub $32,%edi
-+ movl $1,cnt(%ebp)
-+aes_38: // do mix column on each column of
-+ lodsl // each round key
-+ mov %eax,%ebx
-+ mix_col(aes_im_tab)
-+ stosl
-+ lodsl
-+ mov %eax,%ebx
-+ mix_col(aes_im_tab)
-+ stosl
-+ lodsl
-+ mov %eax,%ebx
-+ mix_col(aes_im_tab)
-+ stosl
-+ lodsl
-+ mov %eax,%ebx
-+ mix_col(aes_im_tab)
-+ stosl
-+ sub $32,%edi
-+
-+ incl cnt(%ebp)
-+ mov cnt(%ebp),%eax
-+ cmp nrnd(%edx),%eax
-+ jb aes_38
-+
-+ movsl // copy last round key (unmodified)
-+ movsl
-+ movsl
-+ movsl
-+aes_39: pop %edi
-+ pop %esi
-+ pop %ebx
-+ mov %ebp,%esp
-+ pop %ebp
-+ popfl
-+ ret
-+
-+
-+// finite field multiplies by {02}, {04} and {08}
-+
-+#define f2(x) ((x<<1)^(((x>>7)&1)*0x11b))
-+#define f4(x) ((x<<2)^(((x>>6)&1)*0x11b)^(((x>>6)&2)*0x11b))
-+#define f8(x) ((x<<3)^(((x>>5)&1)*0x11b)^(((x>>5)&2)*0x11b)^(((x>>5)&4)*0x11b))
-+
-+// finite field multiplies required in table generation
-+
-+#define f3(x) (f2(x) ^ x)
-+#define f9(x) (f8(x) ^ x)
-+#define fb(x) (f8(x) ^ f2(x) ^ x)
-+#define fd(x) (f8(x) ^ f4(x) ^ x)
-+#define fe(x) (f8(x) ^ f4(x) ^ f2(x))
-+
-+// These defines generate the forward table entries
-+
-+#define u0(x) ((f3(x) << 24) | (x << 16) | (x << 8) | f2(x))
-+#define u1(x) ((x << 24) | (x << 16) | (f2(x) << 8) | f3(x))
-+#define u2(x) ((x << 24) | (f2(x) << 16) | (f3(x) << 8) | x)
-+#define u3(x) ((f2(x) << 24) | (f3(x) << 16) | (x << 8) | x)
-+
-+// These defines generate the inverse table entries
-+
-+#define v0(x) ((fb(x) << 24) | (fd(x) << 16) | (f9(x) << 8) | fe(x))
-+#define v1(x) ((fd(x) << 24) | (f9(x) << 16) | (fe(x) << 8) | fb(x))
-+#define v2(x) ((f9(x) << 24) | (fe(x) << 16) | (fb(x) << 8) | fd(x))
-+#define v3(x) ((fe(x) << 24) | (fb(x) << 16) | (fd(x) << 8) | f9(x))
-+
-+// These defines generate entries for the last round tables
-+
-+#define w0(x) (x)
-+#define w1(x) (x << 8)
-+#define w2(x) (x << 16)
-+#define w3(x) (x << 24)
-+
-+// macro to generate inverse mix column tables (needed for the key schedule)
-+
-+#define im_data0(p1) \
-+ .long p1(0x00),p1(0x01),p1(0x02),p1(0x03),p1(0x04),p1(0x05),p1(0x06),p1(0x07) ;\
-+ .long p1(0x08),p1(0x09),p1(0x0a),p1(0x0b),p1(0x0c),p1(0x0d),p1(0x0e),p1(0x0f) ;\
-+ .long p1(0x10),p1(0x11),p1(0x12),p1(0x13),p1(0x14),p1(0x15),p1(0x16),p1(0x17) ;\
-+ .long p1(0x18),p1(0x19),p1(0x1a),p1(0x1b),p1(0x1c),p1(0x1d),p1(0x1e),p1(0x1f)
-+#define im_data1(p1) \
-+ .long p1(0x20),p1(0x21),p1(0x22),p1(0x23),p1(0x24),p1(0x25),p1(0x26),p1(0x27) ;\
-+ .long p1(0x28),p1(0x29),p1(0x2a),p1(0x2b),p1(0x2c),p1(0x2d),p1(0x2e),p1(0x2f) ;\
-+ .long p1(0x30),p1(0x31),p1(0x32),p1(0x33),p1(0x34),p1(0x35),p1(0x36),p1(0x37) ;\
-+ .long p1(0x38),p1(0x39),p1(0x3a),p1(0x3b),p1(0x3c),p1(0x3d),p1(0x3e),p1(0x3f)
-+#define im_data2(p1) \
-+ .long p1(0x40),p1(0x41),p1(0x42),p1(0x43),p1(0x44),p1(0x45),p1(0x46),p1(0x47) ;\
-+ .long p1(0x48),p1(0x49),p1(0x4a),p1(0x4b),p1(0x4c),p1(0x4d),p1(0x4e),p1(0x4f) ;\
-+ .long p1(0x50),p1(0x51),p1(0x52),p1(0x53),p1(0x54),p1(0x55),p1(0x56),p1(0x57) ;\
-+ .long p1(0x58),p1(0x59),p1(0x5a),p1(0x5b),p1(0x5c),p1(0x5d),p1(0x5e),p1(0x5f)
-+#define im_data3(p1) \
-+ .long p1(0x60),p1(0x61),p1(0x62),p1(0x63),p1(0x64),p1(0x65),p1(0x66),p1(0x67) ;\
-+ .long p1(0x68),p1(0x69),p1(0x6a),p1(0x6b),p1(0x6c),p1(0x6d),p1(0x6e),p1(0x6f) ;\
-+ .long p1(0x70),p1(0x71),p1(0x72),p1(0x73),p1(0x74),p1(0x75),p1(0x76),p1(0x77) ;\
-+ .long p1(0x78),p1(0x79),p1(0x7a),p1(0x7b),p1(0x7c),p1(0x7d),p1(0x7e),p1(0x7f)
-+#define im_data4(p1) \
-+ .long p1(0x80),p1(0x81),p1(0x82),p1(0x83),p1(0x84),p1(0x85),p1(0x86),p1(0x87) ;\
-+ .long p1(0x88),p1(0x89),p1(0x8a),p1(0x8b),p1(0x8c),p1(0x8d),p1(0x8e),p1(0x8f) ;\
-+ .long p1(0x90),p1(0x91),p1(0x92),p1(0x93),p1(0x94),p1(0x95),p1(0x96),p1(0x97) ;\
-+ .long p1(0x98),p1(0x99),p1(0x9a),p1(0x9b),p1(0x9c),p1(0x9d),p1(0x9e),p1(0x9f)
-+#define im_data5(p1) \
-+ .long p1(0xa0),p1(0xa1),p1(0xa2),p1(0xa3),p1(0xa4),p1(0xa5),p1(0xa6),p1(0xa7) ;\
-+ .long p1(0xa8),p1(0xa9),p1(0xaa),p1(0xab),p1(0xac),p1(0xad),p1(0xae),p1(0xaf) ;\
-+ .long p1(0xb0),p1(0xb1),p1(0xb2),p1(0xb3),p1(0xb4),p1(0xb5),p1(0xb6),p1(0xb7) ;\
-+ .long p1(0xb8),p1(0xb9),p1(0xba),p1(0xbb),p1(0xbc),p1(0xbd),p1(0xbe),p1(0xbf)
-+#define im_data6(p1) \
-+ .long p1(0xc0),p1(0xc1),p1(0xc2),p1(0xc3),p1(0xc4),p1(0xc5),p1(0xc6),p1(0xc7) ;\
-+ .long p1(0xc8),p1(0xc9),p1(0xca),p1(0xcb),p1(0xcc),p1(0xcd),p1(0xce),p1(0xcf) ;\
-+ .long p1(0xd0),p1(0xd1),p1(0xd2),p1(0xd3),p1(0xd4),p1(0xd5),p1(0xd6),p1(0xd7) ;\
-+ .long p1(0xd8),p1(0xd9),p1(0xda),p1(0xdb),p1(0xdc),p1(0xdd),p1(0xde),p1(0xdf)
-+#define im_data7(p1) \
-+ .long p1(0xe0),p1(0xe1),p1(0xe2),p1(0xe3),p1(0xe4),p1(0xe5),p1(0xe6),p1(0xe7) ;\
-+ .long p1(0xe8),p1(0xe9),p1(0xea),p1(0xeb),p1(0xec),p1(0xed),p1(0xee),p1(0xef) ;\
-+ .long p1(0xf0),p1(0xf1),p1(0xf2),p1(0xf3),p1(0xf4),p1(0xf5),p1(0xf6),p1(0xf7) ;\
-+ .long p1(0xf8),p1(0xf9),p1(0xfa),p1(0xfb),p1(0xfc),p1(0xfd),p1(0xfe),p1(0xff)
-+
-+// S-box data - 256 entries
-+
-+#define sb_data0(p1) \
-+ .long p1(0x63),p1(0x7c),p1(0x77),p1(0x7b),p1(0xf2),p1(0x6b),p1(0x6f),p1(0xc5) ;\
-+ .long p1(0x30),p1(0x01),p1(0x67),p1(0x2b),p1(0xfe),p1(0xd7),p1(0xab),p1(0x76) ;\
-+ .long p1(0xca),p1(0x82),p1(0xc9),p1(0x7d),p1(0xfa),p1(0x59),p1(0x47),p1(0xf0) ;\
-+ .long p1(0xad),p1(0xd4),p1(0xa2),p1(0xaf),p1(0x9c),p1(0xa4),p1(0x72),p1(0xc0)
-+#define sb_data1(p1) \
-+ .long p1(0xb7),p1(0xfd),p1(0x93),p1(0x26),p1(0x36),p1(0x3f),p1(0xf7),p1(0xcc) ;\
-+ .long p1(0x34),p1(0xa5),p1(0xe5),p1(0xf1),p1(0x71),p1(0xd8),p1(0x31),p1(0x15) ;\
-+ .long p1(0x04),p1(0xc7),p1(0x23),p1(0xc3),p1(0x18),p1(0x96),p1(0x05),p1(0x9a) ;\
-+ .long p1(0x07),p1(0x12),p1(0x80),p1(0xe2),p1(0xeb),p1(0x27),p1(0xb2),p1(0x75)
-+#define sb_data2(p1) \
-+ .long p1(0x09),p1(0x83),p1(0x2c),p1(0x1a),p1(0x1b),p1(0x6e),p1(0x5a),p1(0xa0) ;\
-+ .long p1(0x52),p1(0x3b),p1(0xd6),p1(0xb3),p1(0x29),p1(0xe3),p1(0x2f),p1(0x84) ;\
-+ .long p1(0x53),p1(0xd1),p1(0x00),p1(0xed),p1(0x20),p1(0xfc),p1(0xb1),p1(0x5b) ;\
-+ .long p1(0x6a),p1(0xcb),p1(0xbe),p1(0x39),p1(0x4a),p1(0x4c),p1(0x58),p1(0xcf)
-+#define sb_data3(p1) \
-+ .long p1(0xd0),p1(0xef),p1(0xaa),p1(0xfb),p1(0x43),p1(0x4d),p1(0x33),p1(0x85) ;\
-+ .long p1(0x45),p1(0xf9),p1(0x02),p1(0x7f),p1(0x50),p1(0x3c),p1(0x9f),p1(0xa8) ;\
-+ .long p1(0x51),p1(0xa3),p1(0x40),p1(0x8f),p1(0x92),p1(0x9d),p1(0x38),p1(0xf5) ;\
-+ .long p1(0xbc),p1(0xb6),p1(0xda),p1(0x21),p1(0x10),p1(0xff),p1(0xf3),p1(0xd2)
-+#define sb_data4(p1) \
-+ .long p1(0xcd),p1(0x0c),p1(0x13),p1(0xec),p1(0x5f),p1(0x97),p1(0x44),p1(0x17) ;\
-+ .long p1(0xc4),p1(0xa7),p1(0x7e),p1(0x3d),p1(0x64),p1(0x5d),p1(0x19),p1(0x73) ;\
-+ .long p1(0x60),p1(0x81),p1(0x4f),p1(0xdc),p1(0x22),p1(0x2a),p1(0x90),p1(0x88) ;\
-+ .long p1(0x46),p1(0xee),p1(0xb8),p1(0x14),p1(0xde),p1(0x5e),p1(0x0b),p1(0xdb)
-+#define sb_data5(p1) \
-+ .long p1(0xe0),p1(0x32),p1(0x3a),p1(0x0a),p1(0x49),p1(0x06),p1(0x24),p1(0x5c) ;\
-+ .long p1(0xc2),p1(0xd3),p1(0xac),p1(0x62),p1(0x91),p1(0x95),p1(0xe4),p1(0x79) ;\
-+ .long p1(0xe7),p1(0xc8),p1(0x37),p1(0x6d),p1(0x8d),p1(0xd5),p1(0x4e),p1(0xa9) ;\
-+ .long p1(0x6c),p1(0x56),p1(0xf4),p1(0xea),p1(0x65),p1(0x7a),p1(0xae),p1(0x08)
-+#define sb_data6(p1) \
-+ .long p1(0xba),p1(0x78),p1(0x25),p1(0x2e),p1(0x1c),p1(0xa6),p1(0xb4),p1(0xc6) ;\
-+ .long p1(0xe8),p1(0xdd),p1(0x74),p1(0x1f),p1(0x4b),p1(0xbd),p1(0x8b),p1(0x8a) ;\
-+ .long p1(0x70),p1(0x3e),p1(0xb5),p1(0x66),p1(0x48),p1(0x03),p1(0xf6),p1(0x0e) ;\
-+ .long p1(0x61),p1(0x35),p1(0x57),p1(0xb9),p1(0x86),p1(0xc1),p1(0x1d),p1(0x9e)
-+#define sb_data7(p1) \
-+ .long p1(0xe1),p1(0xf8),p1(0x98),p1(0x11),p1(0x69),p1(0xd9),p1(0x8e),p1(0x94) ;\
-+ .long p1(0x9b),p1(0x1e),p1(0x87),p1(0xe9),p1(0xce),p1(0x55),p1(0x28),p1(0xdf) ;\
-+ .long p1(0x8c),p1(0xa1),p1(0x89),p1(0x0d),p1(0xbf),p1(0xe6),p1(0x42),p1(0x68) ;\
-+ .long p1(0x41),p1(0x99),p1(0x2d),p1(0x0f),p1(0xb0),p1(0x54),p1(0xbb),p1(0x16)
-+
-+// Inverse S-box data - 256 entries
-+
-+#define ib_data0(p1) \
-+ .long p1(0x52),p1(0x09),p1(0x6a),p1(0xd5),p1(0x30),p1(0x36),p1(0xa5),p1(0x38) ;\
-+ .long p1(0xbf),p1(0x40),p1(0xa3),p1(0x9e),p1(0x81),p1(0xf3),p1(0xd7),p1(0xfb) ;\
-+ .long p1(0x7c),p1(0xe3),p1(0x39),p1(0x82),p1(0x9b),p1(0x2f),p1(0xff),p1(0x87) ;\
-+ .long p1(0x34),p1(0x8e),p1(0x43),p1(0x44),p1(0xc4),p1(0xde),p1(0xe9),p1(0xcb)
-+#define ib_data1(p1) \
-+ .long p1(0x54),p1(0x7b),p1(0x94),p1(0x32),p1(0xa6),p1(0xc2),p1(0x23),p1(0x3d) ;\
-+ .long p1(0xee),p1(0x4c),p1(0x95),p1(0x0b),p1(0x42),p1(0xfa),p1(0xc3),p1(0x4e) ;\
-+ .long p1(0x08),p1(0x2e),p1(0xa1),p1(0x66),p1(0x28),p1(0xd9),p1(0x24),p1(0xb2) ;\
-+ .long p1(0x76),p1(0x5b),p1(0xa2),p1(0x49),p1(0x6d),p1(0x8b),p1(0xd1),p1(0x25)
-+#define ib_data2(p1) \
-+ .long p1(0x72),p1(0xf8),p1(0xf6),p1(0x64),p1(0x86),p1(0x68),p1(0x98),p1(0x16) ;\
-+ .long p1(0xd4),p1(0xa4),p1(0x5c),p1(0xcc),p1(0x5d),p1(0x65),p1(0xb6),p1(0x92) ;\
-+ .long p1(0x6c),p1(0x70),p1(0x48),p1(0x50),p1(0xfd),p1(0xed),p1(0xb9),p1(0xda) ;\
-+ .long p1(0x5e),p1(0x15),p1(0x46),p1(0x57),p1(0xa7),p1(0x8d),p1(0x9d),p1(0x84)
-+#define ib_data3(p1) \
-+ .long p1(0x90),p1(0xd8),p1(0xab),p1(0x00),p1(0x8c),p1(0xbc),p1(0xd3),p1(0x0a) ;\
-+ .long p1(0xf7),p1(0xe4),p1(0x58),p1(0x05),p1(0xb8),p1(0xb3),p1(0x45),p1(0x06) ;\
-+ .long p1(0xd0),p1(0x2c),p1(0x1e),p1(0x8f),p1(0xca),p1(0x3f),p1(0x0f),p1(0x02) ;\
-+ .long p1(0xc1),p1(0xaf),p1(0xbd),p1(0x03),p1(0x01),p1(0x13),p1(0x8a),p1(0x6b)
-+#define ib_data4(p1) \
-+ .long p1(0x3a),p1(0x91),p1(0x11),p1(0x41),p1(0x4f),p1(0x67),p1(0xdc),p1(0xea) ;\
-+ .long p1(0x97),p1(0xf2),p1(0xcf),p1(0xce),p1(0xf0),p1(0xb4),p1(0xe6),p1(0x73) ;\
-+ .long p1(0x96),p1(0xac),p1(0x74),p1(0x22),p1(0xe7),p1(0xad),p1(0x35),p1(0x85) ;\
-+ .long p1(0xe2),p1(0xf9),p1(0x37),p1(0xe8),p1(0x1c),p1(0x75),p1(0xdf),p1(0x6e)
-+#define ib_data5(p1) \
-+ .long p1(0x47),p1(0xf1),p1(0x1a),p1(0x71),p1(0x1d),p1(0x29),p1(0xc5),p1(0x89) ;\
-+ .long p1(0x6f),p1(0xb7),p1(0x62),p1(0x0e),p1(0xaa),p1(0x18),p1(0xbe),p1(0x1b) ;\
-+ .long p1(0xfc),p1(0x56),p1(0x3e),p1(0x4b),p1(0xc6),p1(0xd2),p1(0x79),p1(0x20) ;\
-+ .long p1(0x9a),p1(0xdb),p1(0xc0),p1(0xfe),p1(0x78),p1(0xcd),p1(0x5a),p1(0xf4)
-+#define ib_data6(p1) \
-+ .long p1(0x1f),p1(0xdd),p1(0xa8),p1(0x33),p1(0x88),p1(0x07),p1(0xc7),p1(0x31) ;\
-+ .long p1(0xb1),p1(0x12),p1(0x10),p1(0x59),p1(0x27),p1(0x80),p1(0xec),p1(0x5f) ;\
-+ .long p1(0x60),p1(0x51),p1(0x7f),p1(0xa9),p1(0x19),p1(0xb5),p1(0x4a),p1(0x0d) ;\
-+ .long p1(0x2d),p1(0xe5),p1(0x7a),p1(0x9f),p1(0x93),p1(0xc9),p1(0x9c),p1(0xef)
-+#define ib_data7(p1) \
-+ .long p1(0xa0),p1(0xe0),p1(0x3b),p1(0x4d),p1(0xae),p1(0x2a),p1(0xf5),p1(0xb0) ;\
-+ .long p1(0xc8),p1(0xeb),p1(0xbb),p1(0x3c),p1(0x83),p1(0x53),p1(0x99),p1(0x61) ;\
-+ .long p1(0x17),p1(0x2b),p1(0x04),p1(0x7e),p1(0xba),p1(0x77),p1(0xd6),p1(0x26) ;\
-+ .long p1(0xe1),p1(0x69),p1(0x14),p1(0x63),p1(0x55),p1(0x21),p1(0x0c),p1(0x7d)
-+
-+// The rcon_table (needed for the key schedule)
-+//
-+// Here is original Dr Brian Gladman's source code:
-+// _rcon_tab:
-+// %assign x 1
-+// %rep 29
-+// dd x
-+// %assign x f2(x)
-+// %endrep
-+//
-+// Here is precomputed output (it's more portable this way):
-+
-+ .align ALIGN32BYTES
-+aes_rcon_tab:
-+ .long 0x01,0x02,0x04,0x08,0x10,0x20,0x40,0x80
-+ .long 0x1b,0x36,0x6c,0xd8,0xab,0x4d,0x9a,0x2f
-+ .long 0x5e,0xbc,0x63,0xc6,0x97,0x35,0x6a,0xd4
-+ .long 0xb3,0x7d,0xfa,0xef,0xc5
-+
-+// The forward xor tables
-+
-+ .align ALIGN32BYTES
-+aes_ft_tab:
-+ sb_data0(u0)
-+ sb_data1(u0)
-+ sb_data2(u0)
-+ sb_data3(u0)
-+ sb_data4(u0)
-+ sb_data5(u0)
-+ sb_data6(u0)
-+ sb_data7(u0)
-+
-+ sb_data0(u1)
-+ sb_data1(u1)
-+ sb_data2(u1)
-+ sb_data3(u1)
-+ sb_data4(u1)
-+ sb_data5(u1)
-+ sb_data6(u1)
-+ sb_data7(u1)
-+
-+ sb_data0(u2)
-+ sb_data1(u2)
-+ sb_data2(u2)
-+ sb_data3(u2)
-+ sb_data4(u2)
-+ sb_data5(u2)
-+ sb_data6(u2)
-+ sb_data7(u2)
-+
-+ sb_data0(u3)
-+ sb_data1(u3)
-+ sb_data2(u3)
-+ sb_data3(u3)
-+ sb_data4(u3)
-+ sb_data5(u3)
-+ sb_data6(u3)
-+ sb_data7(u3)
-+
-+ .align ALIGN32BYTES
-+aes_fl_tab:
-+ sb_data0(w0)
-+ sb_data1(w0)
-+ sb_data2(w0)
-+ sb_data3(w0)
-+ sb_data4(w0)
-+ sb_data5(w0)
-+ sb_data6(w0)
-+ sb_data7(w0)
-+
-+ sb_data0(w1)
-+ sb_data1(w1)
-+ sb_data2(w1)
-+ sb_data3(w1)
-+ sb_data4(w1)
-+ sb_data5(w1)
-+ sb_data6(w1)
-+ sb_data7(w1)
-+
-+ sb_data0(w2)
-+ sb_data1(w2)
-+ sb_data2(w2)
-+ sb_data3(w2)
-+ sb_data4(w2)
-+ sb_data5(w2)
-+ sb_data6(w2)
-+ sb_data7(w2)
-+
-+ sb_data0(w3)
-+ sb_data1(w3)
-+ sb_data2(w3)
-+ sb_data3(w3)
-+ sb_data4(w3)
-+ sb_data5(w3)
-+ sb_data6(w3)
-+ sb_data7(w3)
-+
-+// The inverse xor tables
-+
-+ .align ALIGN32BYTES
-+aes_it_tab:
-+ ib_data0(v0)
-+ ib_data1(v0)
-+ ib_data2(v0)
-+ ib_data3(v0)
-+ ib_data4(v0)
-+ ib_data5(v0)
-+ ib_data6(v0)
-+ ib_data7(v0)
-+
-+ ib_data0(v1)
-+ ib_data1(v1)
-+ ib_data2(v1)
-+ ib_data3(v1)
-+ ib_data4(v1)
-+ ib_data5(v1)
-+ ib_data6(v1)
-+ ib_data7(v1)
-+
-+ ib_data0(v2)
-+ ib_data1(v2)
-+ ib_data2(v2)
-+ ib_data3(v2)
-+ ib_data4(v2)
-+ ib_data5(v2)
-+ ib_data6(v2)
-+ ib_data7(v2)
-+
-+ ib_data0(v3)
-+ ib_data1(v3)
-+ ib_data2(v3)
-+ ib_data3(v3)
-+ ib_data4(v3)
-+ ib_data5(v3)
-+ ib_data6(v3)
-+ ib_data7(v3)
-+
-+ .align ALIGN32BYTES
-+aes_il_tab:
-+ ib_data0(w0)
-+ ib_data1(w0)
-+ ib_data2(w0)
-+ ib_data3(w0)
-+ ib_data4(w0)
-+ ib_data5(w0)
-+ ib_data6(w0)
-+ ib_data7(w0)
-+
-+ ib_data0(w1)
-+ ib_data1(w1)
-+ ib_data2(w1)
-+ ib_data3(w1)
-+ ib_data4(w1)
-+ ib_data5(w1)
-+ ib_data6(w1)
-+ ib_data7(w1)
-+
-+ ib_data0(w2)
-+ ib_data1(w2)
-+ ib_data2(w2)
-+ ib_data3(w2)
-+ ib_data4(w2)
-+ ib_data5(w2)
-+ ib_data6(w2)
-+ ib_data7(w2)
-+
-+ ib_data0(w3)
-+ ib_data1(w3)
-+ ib_data2(w3)
-+ ib_data3(w3)
-+ ib_data4(w3)
-+ ib_data5(w3)
-+ ib_data6(w3)
-+ ib_data7(w3)
-+
-+// The inverse mix column tables
-+
-+ .align ALIGN32BYTES
-+aes_im_tab:
-+ im_data0(v0)
-+ im_data1(v0)
-+ im_data2(v0)
-+ im_data3(v0)
-+ im_data4(v0)
-+ im_data5(v0)
-+ im_data6(v0)
-+ im_data7(v0)
-+
-+ im_data0(v1)
-+ im_data1(v1)
-+ im_data2(v1)
-+ im_data3(v1)
-+ im_data4(v1)
-+ im_data5(v1)
-+ im_data6(v1)
-+ im_data7(v1)
-+
-+ im_data0(v2)
-+ im_data1(v2)
-+ im_data2(v2)
-+ im_data3(v2)
-+ im_data4(v2)
-+ im_data5(v2)
-+ im_data6(v2)
-+ im_data7(v2)
-+
-+ im_data0(v3)
-+ im_data1(v3)
-+ im_data2(v3)
-+ im_data3(v3)
-+ im_data4(v3)
-+ im_data5(v3)
-+ im_data6(v3)
-+ im_data7(v3)
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/aes/aes.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,1415 @@
-+// I retain copyright in this code but I encourage its free use provided
-+// that I don't carry any responsibility for the results. I am especially
-+// happy to see it used in free and open source software. If you do use
-+// it I would appreciate an acknowledgement of its origin in the code or
-+// the product that results and I would also appreciate knowing a little
-+// about the use to which it is being put. I am grateful to Frank Yellin
-+// for some ideas that are used in this implementation.
-+//
-+// Dr B. R. Gladman <brg@gladman.uk.net> 6th April 2001.
-+//
-+// This is an implementation of the AES encryption algorithm (Rijndael)
-+// designed by Joan Daemen and Vincent Rijmen. This version is designed
-+// to provide both fixed and dynamic block and key lengths and can also
-+// run with either big or little endian internal byte order (see aes.h).
-+// It inputs block and key lengths in bytes with the legal values being
-+// 16, 24 and 32.
-+
-+/*
-+ * Modified by Jari Ruusu, May 1 2001
-+ * - Fixed some compile warnings, code was ok but gcc warned anyway.
-+ * - Changed basic types: byte -> unsigned char, word -> u_int32_t
-+ * - Major name space cleanup: Names visible to outside now begin
-+ * with "aes_" or "AES_". A lot of stuff moved from aes.h to aes.c
-+ * - Removed C++ and DLL support as part of name space cleanup.
-+ * - Eliminated unnecessary recomputation of tables. (actual bug fix)
-+ * - Merged precomputed constant tables to aes.c file.
-+ * - Removed data alignment restrictions for portability reasons.
-+ * - Made block and key lengths accept bit count (128/192/256)
-+ * as well byte count (16/24/32).
-+ * - Removed all error checks. This change also eliminated the need
-+ * to preinitialize the context struct to zero.
-+ * - Removed some totally unused constants.
-+ */
-+
-+#include "crypto/aes.h"
-+
-+// CONFIGURATION OPTIONS (see also aes.h)
-+//
-+// 1. Define UNROLL for full loop unrolling in encryption and decryption.
-+// 2. Define PARTIAL_UNROLL to unroll two loops in encryption and decryption.
-+// 3. Define FIXED_TABLES for compiled rather than dynamic tables.
-+// 4. Define FF_TABLES to use tables for field multiplies and inverses.
-+// Do not enable this without understanding stack space requirements.
-+// 5. Define ARRAYS to use arrays to hold the local state block. If this
-+// is not defined, individually declared 32-bit words are used.
-+// 6. Define FAST_VARIABLE if a high speed variable block implementation
-+// is needed (essentially three separate fixed block size code sequences)
-+// 7. Define either ONE_TABLE or FOUR_TABLES for a fast table driven
-+// version using 1 table (2 kbytes of table space) or 4 tables (8
-+// kbytes of table space) for higher speed.
-+// 8. Define either ONE_LR_TABLE or FOUR_LR_TABLES for a further speed
-+// increase by using tables for the last rounds but with more table
-+// space (2 or 8 kbytes extra).
-+// 9. If neither ONE_TABLE nor FOUR_TABLES is defined, a compact but
-+// slower version is provided.
-+// 10. If fast decryption key scheduling is needed define ONE_IM_TABLE
-+// or FOUR_IM_TABLES for higher speed (2 or 8 kbytes extra).
-+
-+#define UNROLL
-+//#define PARTIAL_UNROLL
-+
-+#define FIXED_TABLES
-+//#define FF_TABLES
-+//#define ARRAYS
-+#define FAST_VARIABLE
-+
-+//#define ONE_TABLE
-+#define FOUR_TABLES
-+
-+//#define ONE_LR_TABLE
-+#define FOUR_LR_TABLES
-+
-+//#define ONE_IM_TABLE
-+#define FOUR_IM_TABLES
-+
-+#if defined(UNROLL) && defined (PARTIAL_UNROLL)
-+#error both UNROLL and PARTIAL_UNROLL are defined
-+#endif
-+
-+#if defined(ONE_TABLE) && defined (FOUR_TABLES)
-+#error both ONE_TABLE and FOUR_TABLES are defined
-+#endif
-+
-+#if defined(ONE_LR_TABLE) && defined (FOUR_LR_TABLES)
-+#error both ONE_LR_TABLE and FOUR_LR_TABLES are defined
-+#endif
-+
-+#if defined(ONE_IM_TABLE) && defined (FOUR_IM_TABLES)
-+#error both ONE_IM_TABLE and FOUR_IM_TABLES are defined
-+#endif
-+
-+#if defined(AES_BLOCK_SIZE) && AES_BLOCK_SIZE != 16 && AES_BLOCK_SIZE != 24 && AES_BLOCK_SIZE != 32
-+#error an illegal block size has been specified
-+#endif
-+
-+// upr(x,n): rotates bytes within words by n positions, moving bytes
-+// to higher index positions with wrap around into low positions
-+// ups(x,n): moves bytes by n positions to higher index positions in
-+// words but without wrap around
-+// bval(x,n): extracts a byte from a word
-+
-+#define upr(x,n) (((x) << 8 * (n)) | ((x) >> (32 - 8 * (n))))
-+#define ups(x,n) ((x) << 8 * (n))
-+#define bval(x,n) ((unsigned char)((x) >> 8 * (n)))
-+#define bytes2word(b0, b1, b2, b3) \
-+ ((u_int32_t)(b3) << 24 | (u_int32_t)(b2) << 16 | (u_int32_t)(b1) << 8 | (b0))
-+
-+
-+/* little endian processor without data alignment restrictions: AES_LE_OK */
-+/* original code: i386 */
-+#if defined(i386) || defined(_I386) || defined(__i386__) || defined(__i386)
-+#define AES_LE_OK 1
-+/* added (tested): alpha --jjo */
-+#elif defined(__alpha__)|| defined (__alpha)
-+#define AES_LE_OK 1
-+/* added (tested): ia64 --jjo */
-+#elif defined(__ia64__)|| defined (__ia64)
-+#define AES_LE_OK 1
-+#endif
-+
-+#ifdef AES_LE_OK
-+/* little endian processor without data alignment restrictions */
-+#define word_in(x) *(u_int32_t*)(x)
-+#define const_word_in(x) *(const u_int32_t*)(x)
-+#define word_out(x,v) *(u_int32_t*)(x) = (v)
-+#define const_word_out(x,v) *(const u_int32_t*)(x) = (v)
-+#else
-+/* slower but generic big endian or with data alignment restrictions */
-+/* some additional "const" touches to stop "gcc -Wcast-qual" complains --jjo */
-+#define word_in(x) ((u_int32_t)(((unsigned char *)(x))[0])|((u_int32_t)(((unsigned char *)(x))[1])<<8)|((u_int32_t)(((unsigned char *)(x))[2])<<16)|((u_int32_t)(((unsigned char *)(x))[3])<<24))
-+#define const_word_in(x) ((const u_int32_t)(((const unsigned char *)(x))[0])|((const u_int32_t)(((const unsigned char *)(x))[1])<<8)|((const u_int32_t)(((const unsigned char *)(x))[2])<<16)|((const u_int32_t)(((const unsigned char *)(x))[3])<<24))
-+#define word_out(x,v) ((unsigned char *)(x))[0]=(v),((unsigned char *)(x))[1]=((v)>>8),((unsigned char *)(x))[2]=((v)>>16),((unsigned char *)(x))[3]=((v)>>24)
-+#define const_word_out(x,v) ((const unsigned char *)(x))[0]=(v),((const unsigned char *)(x))[1]=((v)>>8),((const unsigned char *)(x))[2]=((v)>>16),((const unsigned char *)(x))[3]=((v)>>24)
-+#endif
-+
-+// Disable at least some poor combinations of options
-+
-+#if !defined(ONE_TABLE) && !defined(FOUR_TABLES)
-+#define FIXED_TABLES
-+#undef UNROLL
-+#undef ONE_LR_TABLE
-+#undef FOUR_LR_TABLES
-+#undef ONE_IM_TABLE
-+#undef FOUR_IM_TABLES
-+#elif !defined(FOUR_TABLES)
-+#ifdef FOUR_LR_TABLES
-+#undef FOUR_LR_TABLES
-+#define ONE_LR_TABLE
-+#endif
-+#ifdef FOUR_IM_TABLES
-+#undef FOUR_IM_TABLES
-+#define ONE_IM_TABLE
-+#endif
-+#elif !defined(AES_BLOCK_SIZE)
-+#if defined(UNROLL)
-+#define PARTIAL_UNROLL
-+#undef UNROLL
-+#endif
-+#endif
-+
-+// the finite field modular polynomial and elements
-+
-+#define ff_poly 0x011b
-+#define ff_hi 0x80
-+
-+// multiply four bytes in GF(2^8) by 'x' {02} in parallel
-+
-+#define m1 0x80808080
-+#define m2 0x7f7f7f7f
-+#define m3 0x0000001b
-+#define FFmulX(x) ((((x) & m2) << 1) ^ ((((x) & m1) >> 7) * m3))
-+
-+// The following defines provide alternative definitions of FFmulX that might
-+// give improved performance if a fast 32-bit multiply is not available. Note
-+// that a temporary variable u needs to be defined where FFmulX is used.
-+
-+// #define FFmulX(x) (u = (x) & m1, u |= (u >> 1), ((x) & m2) << 1) ^ ((u >> 3) | (u >> 6))
-+// #define m4 0x1b1b1b1b
-+// #define FFmulX(x) (u = (x) & m1, ((x) & m2) << 1) ^ ((u - (u >> 7)) & m4)
-+
-+// perform column mix operation on four bytes in parallel
-+
-+#define fwd_mcol(x) (f2 = FFmulX(x), f2 ^ upr(x ^ f2,3) ^ upr(x,2) ^ upr(x,1))
-+
-+#if defined(FIXED_TABLES)
-+
-+// the S-Box table
-+
-+static const unsigned char s_box[256] =
-+{
-+ 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5,
-+ 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76,
-+ 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0,
-+ 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0,
-+ 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc,
-+ 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15,
-+ 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a,
-+ 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75,
-+ 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0,
-+ 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84,
-+ 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b,
-+ 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf,
-+ 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85,
-+ 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8,
-+ 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5,
-+ 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2,
-+ 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17,
-+ 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73,
-+ 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88,
-+ 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb,
-+ 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c,
-+ 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79,
-+ 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9,
-+ 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08,
-+ 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6,
-+ 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a,
-+ 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e,
-+ 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e,
-+ 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94,
-+ 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf,
-+ 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68,
-+ 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
-+};
-+
-+// the inverse S-Box table
-+
-+static const unsigned char inv_s_box[256] =
-+{
-+ 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38,
-+ 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb,
-+ 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87,
-+ 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb,
-+ 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d,
-+ 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e,
-+ 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2,
-+ 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25,
-+ 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16,
-+ 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92,
-+ 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda,
-+ 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84,
-+ 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a,
-+ 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06,
-+ 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02,
-+ 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b,
-+ 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea,
-+ 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73,
-+ 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85,
-+ 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e,
-+ 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89,
-+ 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b,
-+ 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20,
-+ 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4,
-+ 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31,
-+ 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f,
-+ 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d,
-+ 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef,
-+ 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0,
-+ 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61,
-+ 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26,
-+ 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
-+};
-+
-+#define w0(p) 0x000000##p
-+
-+// Number of elements required in this table for different
-+// block and key lengths is:
-+//
-+// Nk = 4 6 8
-+// ----------
-+// Nb = 4 | 10 8 7
-+// 6 | 19 12 11
-+// 8 | 29 19 14
-+//
-+// this table can be a table of bytes if the key schedule
-+// code is adjusted accordingly
-+
-+static const u_int32_t rcon_tab[29] =
-+{
-+ w0(01), w0(02), w0(04), w0(08),
-+ w0(10), w0(20), w0(40), w0(80),
-+ w0(1b), w0(36), w0(6c), w0(d8),
-+ w0(ab), w0(4d), w0(9a), w0(2f),
-+ w0(5e), w0(bc), w0(63), w0(c6),
-+ w0(97), w0(35), w0(6a), w0(d4),
-+ w0(b3), w0(7d), w0(fa), w0(ef),
-+ w0(c5)
-+};
-+
-+#undef w0
-+
-+#define r0(p,q,r,s) 0x##p##q##r##s
-+#define r1(p,q,r,s) 0x##q##r##s##p
-+#define r2(p,q,r,s) 0x##r##s##p##q
-+#define r3(p,q,r,s) 0x##s##p##q##r
-+#define w0(p) 0x000000##p
-+#define w1(p) 0x0000##p##00
-+#define w2(p) 0x00##p##0000
-+#define w3(p) 0x##p##000000
-+
-+#if defined(FIXED_TABLES) && (defined(ONE_TABLE) || defined(FOUR_TABLES))
-+
-+// data for forward tables (other than last round)
-+
-+#define f_table \
-+ r(a5,63,63,c6), r(84,7c,7c,f8), r(99,77,77,ee), r(8d,7b,7b,f6),\
-+ r(0d,f2,f2,ff), r(bd,6b,6b,d6), r(b1,6f,6f,de), r(54,c5,c5,91),\
-+ r(50,30,30,60), r(03,01,01,02), r(a9,67,67,ce), r(7d,2b,2b,56),\
-+ r(19,fe,fe,e7), r(62,d7,d7,b5), r(e6,ab,ab,4d), r(9a,76,76,ec),\
-+ r(45,ca,ca,8f), r(9d,82,82,1f), r(40,c9,c9,89), r(87,7d,7d,fa),\
-+ r(15,fa,fa,ef), r(eb,59,59,b2), r(c9,47,47,8e), r(0b,f0,f0,fb),\
-+ r(ec,ad,ad,41), r(67,d4,d4,b3), r(fd,a2,a2,5f), r(ea,af,af,45),\
-+ r(bf,9c,9c,23), r(f7,a4,a4,53), r(96,72,72,e4), r(5b,c0,c0,9b),\
-+ r(c2,b7,b7,75), r(1c,fd,fd,e1), r(ae,93,93,3d), r(6a,26,26,4c),\
-+ r(5a,36,36,6c), r(41,3f,3f,7e), r(02,f7,f7,f5), r(4f,cc,cc,83),\
-+ r(5c,34,34,68), r(f4,a5,a5,51), r(34,e5,e5,d1), r(08,f1,f1,f9),\
-+ r(93,71,71,e2), r(73,d8,d8,ab), r(53,31,31,62), r(3f,15,15,2a),\
-+ r(0c,04,04,08), r(52,c7,c7,95), r(65,23,23,46), r(5e,c3,c3,9d),\
-+ r(28,18,18,30), r(a1,96,96,37), r(0f,05,05,0a), r(b5,9a,9a,2f),\
-+ r(09,07,07,0e), r(36,12,12,24), r(9b,80,80,1b), r(3d,e2,e2,df),\
-+ r(26,eb,eb,cd), r(69,27,27,4e), r(cd,b2,b2,7f), r(9f,75,75,ea),\
-+ r(1b,09,09,12), r(9e,83,83,1d), r(74,2c,2c,58), r(2e,1a,1a,34),\
-+ r(2d,1b,1b,36), r(b2,6e,6e,dc), r(ee,5a,5a,b4), r(fb,a0,a0,5b),\
-+ r(f6,52,52,a4), r(4d,3b,3b,76), r(61,d6,d6,b7), r(ce,b3,b3,7d),\
-+ r(7b,29,29,52), r(3e,e3,e3,dd), r(71,2f,2f,5e), r(97,84,84,13),\
-+ r(f5,53,53,a6), r(68,d1,d1,b9), r(00,00,00,00), r(2c,ed,ed,c1),\
-+ r(60,20,20,40), r(1f,fc,fc,e3), r(c8,b1,b1,79), r(ed,5b,5b,b6),\
-+ r(be,6a,6a,d4), r(46,cb,cb,8d), r(d9,be,be,67), r(4b,39,39,72),\
-+ r(de,4a,4a,94), r(d4,4c,4c,98), r(e8,58,58,b0), r(4a,cf,cf,85),\
-+ r(6b,d0,d0,bb), r(2a,ef,ef,c5), r(e5,aa,aa,4f), r(16,fb,fb,ed),\
-+ r(c5,43,43,86), r(d7,4d,4d,9a), r(55,33,33,66), r(94,85,85,11),\
-+ r(cf,45,45,8a), r(10,f9,f9,e9), r(06,02,02,04), r(81,7f,7f,fe),\
-+ r(f0,50,50,a0), r(44,3c,3c,78), r(ba,9f,9f,25), r(e3,a8,a8,4b),\
-+ r(f3,51,51,a2), r(fe,a3,a3,5d), r(c0,40,40,80), r(8a,8f,8f,05),\
-+ r(ad,92,92,3f), r(bc,9d,9d,21), r(48,38,38,70), r(04,f5,f5,f1),\
-+ r(df,bc,bc,63), r(c1,b6,b6,77), r(75,da,da,af), r(63,21,21,42),\
-+ r(30,10,10,20), r(1a,ff,ff,e5), r(0e,f3,f3,fd), r(6d,d2,d2,bf),\
-+ r(4c,cd,cd,81), r(14,0c,0c,18), r(35,13,13,26), r(2f,ec,ec,c3),\
-+ r(e1,5f,5f,be), r(a2,97,97,35), r(cc,44,44,88), r(39,17,17,2e),\
-+ r(57,c4,c4,93), r(f2,a7,a7,55), r(82,7e,7e,fc), r(47,3d,3d,7a),\
-+ r(ac,64,64,c8), r(e7,5d,5d,ba), r(2b,19,19,32), r(95,73,73,e6),\
-+ r(a0,60,60,c0), r(98,81,81,19), r(d1,4f,4f,9e), r(7f,dc,dc,a3),\
-+ r(66,22,22,44), r(7e,2a,2a,54), r(ab,90,90,3b), r(83,88,88,0b),\
-+ r(ca,46,46,8c), r(29,ee,ee,c7), r(d3,b8,b8,6b), r(3c,14,14,28),\
-+ r(79,de,de,a7), r(e2,5e,5e,bc), r(1d,0b,0b,16), r(76,db,db,ad),\
-+ r(3b,e0,e0,db), r(56,32,32,64), r(4e,3a,3a,74), r(1e,0a,0a,14),\
-+ r(db,49,49,92), r(0a,06,06,0c), r(6c,24,24,48), r(e4,5c,5c,b8),\
-+ r(5d,c2,c2,9f), r(6e,d3,d3,bd), r(ef,ac,ac,43), r(a6,62,62,c4),\
-+ r(a8,91,91,39), r(a4,95,95,31), r(37,e4,e4,d3), r(8b,79,79,f2),\
-+ r(32,e7,e7,d5), r(43,c8,c8,8b), r(59,37,37,6e), r(b7,6d,6d,da),\
-+ r(8c,8d,8d,01), r(64,d5,d5,b1), r(d2,4e,4e,9c), r(e0,a9,a9,49),\
-+ r(b4,6c,6c,d8), r(fa,56,56,ac), r(07,f4,f4,f3), r(25,ea,ea,cf),\
-+ r(af,65,65,ca), r(8e,7a,7a,f4), r(e9,ae,ae,47), r(18,08,08,10),\
-+ r(d5,ba,ba,6f), r(88,78,78,f0), r(6f,25,25,4a), r(72,2e,2e,5c),\
-+ r(24,1c,1c,38), r(f1,a6,a6,57), r(c7,b4,b4,73), r(51,c6,c6,97),\
-+ r(23,e8,e8,cb), r(7c,dd,dd,a1), r(9c,74,74,e8), r(21,1f,1f,3e),\
-+ r(dd,4b,4b,96), r(dc,bd,bd,61), r(86,8b,8b,0d), r(85,8a,8a,0f),\
-+ r(90,70,70,e0), r(42,3e,3e,7c), r(c4,b5,b5,71), r(aa,66,66,cc),\
-+ r(d8,48,48,90), r(05,03,03,06), r(01,f6,f6,f7), r(12,0e,0e,1c),\
-+ r(a3,61,61,c2), r(5f,35,35,6a), r(f9,57,57,ae), r(d0,b9,b9,69),\
-+ r(91,86,86,17), r(58,c1,c1,99), r(27,1d,1d,3a), r(b9,9e,9e,27),\
-+ r(38,e1,e1,d9), r(13,f8,f8,eb), r(b3,98,98,2b), r(33,11,11,22),\
-+ r(bb,69,69,d2), r(70,d9,d9,a9), r(89,8e,8e,07), r(a7,94,94,33),\
-+ r(b6,9b,9b,2d), r(22,1e,1e,3c), r(92,87,87,15), r(20,e9,e9,c9),\
-+ r(49,ce,ce,87), r(ff,55,55,aa), r(78,28,28,50), r(7a,df,df,a5),\
-+ r(8f,8c,8c,03), r(f8,a1,a1,59), r(80,89,89,09), r(17,0d,0d,1a),\
-+ r(da,bf,bf,65), r(31,e6,e6,d7), r(c6,42,42,84), r(b8,68,68,d0),\
-+ r(c3,41,41,82), r(b0,99,99,29), r(77,2d,2d,5a), r(11,0f,0f,1e),\
-+ r(cb,b0,b0,7b), r(fc,54,54,a8), r(d6,bb,bb,6d), r(3a,16,16,2c)
-+
-+// data for inverse tables (other than last round)
-+
-+#define i_table \
-+ r(50,a7,f4,51), r(53,65,41,7e), r(c3,a4,17,1a), r(96,5e,27,3a),\
-+ r(cb,6b,ab,3b), r(f1,45,9d,1f), r(ab,58,fa,ac), r(93,03,e3,4b),\
-+ r(55,fa,30,20), r(f6,6d,76,ad), r(91,76,cc,88), r(25,4c,02,f5),\
-+ r(fc,d7,e5,4f), r(d7,cb,2a,c5), r(80,44,35,26), r(8f,a3,62,b5),\
-+ r(49,5a,b1,de), r(67,1b,ba,25), r(98,0e,ea,45), r(e1,c0,fe,5d),\
-+ r(02,75,2f,c3), r(12,f0,4c,81), r(a3,97,46,8d), r(c6,f9,d3,6b),\
-+ r(e7,5f,8f,03), r(95,9c,92,15), r(eb,7a,6d,bf), r(da,59,52,95),\
-+ r(2d,83,be,d4), r(d3,21,74,58), r(29,69,e0,49), r(44,c8,c9,8e),\
-+ r(6a,89,c2,75), r(78,79,8e,f4), r(6b,3e,58,99), r(dd,71,b9,27),\
-+ r(b6,4f,e1,be), r(17,ad,88,f0), r(66,ac,20,c9), r(b4,3a,ce,7d),\
-+ r(18,4a,df,63), r(82,31,1a,e5), r(60,33,51,97), r(45,7f,53,62),\
-+ r(e0,77,64,b1), r(84,ae,6b,bb), r(1c,a0,81,fe), r(94,2b,08,f9),\
-+ r(58,68,48,70), r(19,fd,45,8f), r(87,6c,de,94), r(b7,f8,7b,52),\
-+ r(23,d3,73,ab), r(e2,02,4b,72), r(57,8f,1f,e3), r(2a,ab,55,66),\
-+ r(07,28,eb,b2), r(03,c2,b5,2f), r(9a,7b,c5,86), r(a5,08,37,d3),\
-+ r(f2,87,28,30), r(b2,a5,bf,23), r(ba,6a,03,02), r(5c,82,16,ed),\
-+ r(2b,1c,cf,8a), r(92,b4,79,a7), r(f0,f2,07,f3), r(a1,e2,69,4e),\
-+ r(cd,f4,da,65), r(d5,be,05,06), r(1f,62,34,d1), r(8a,fe,a6,c4),\
-+ r(9d,53,2e,34), r(a0,55,f3,a2), r(32,e1,8a,05), r(75,eb,f6,a4),\
-+ r(39,ec,83,0b), r(aa,ef,60,40), r(06,9f,71,5e), r(51,10,6e,bd),\
-+ r(f9,8a,21,3e), r(3d,06,dd,96), r(ae,05,3e,dd), r(46,bd,e6,4d),\
-+ r(b5,8d,54,91), r(05,5d,c4,71), r(6f,d4,06,04), r(ff,15,50,60),\
-+ r(24,fb,98,19), r(97,e9,bd,d6), r(cc,43,40,89), r(77,9e,d9,67),\
-+ r(bd,42,e8,b0), r(88,8b,89,07), r(38,5b,19,e7), r(db,ee,c8,79),\
-+ r(47,0a,7c,a1), r(e9,0f,42,7c), r(c9,1e,84,f8), r(00,00,00,00),\
-+ r(83,86,80,09), r(48,ed,2b,32), r(ac,70,11,1e), r(4e,72,5a,6c),\
-+ r(fb,ff,0e,fd), r(56,38,85,0f), r(1e,d5,ae,3d), r(27,39,2d,36),\
-+ r(64,d9,0f,0a), r(21,a6,5c,68), r(d1,54,5b,9b), r(3a,2e,36,24),\
-+ r(b1,67,0a,0c), r(0f,e7,57,93), r(d2,96,ee,b4), r(9e,91,9b,1b),\
-+ r(4f,c5,c0,80), r(a2,20,dc,61), r(69,4b,77,5a), r(16,1a,12,1c),\
-+ r(0a,ba,93,e2), r(e5,2a,a0,c0), r(43,e0,22,3c), r(1d,17,1b,12),\
-+ r(0b,0d,09,0e), r(ad,c7,8b,f2), r(b9,a8,b6,2d), r(c8,a9,1e,14),\
-+ r(85,19,f1,57), r(4c,07,75,af), r(bb,dd,99,ee), r(fd,60,7f,a3),\
-+ r(9f,26,01,f7), r(bc,f5,72,5c), r(c5,3b,66,44), r(34,7e,fb,5b),\
-+ r(76,29,43,8b), r(dc,c6,23,cb), r(68,fc,ed,b6), r(63,f1,e4,b8),\
-+ r(ca,dc,31,d7), r(10,85,63,42), r(40,22,97,13), r(20,11,c6,84),\
-+ r(7d,24,4a,85), r(f8,3d,bb,d2), r(11,32,f9,ae), r(6d,a1,29,c7),\
-+ r(4b,2f,9e,1d), r(f3,30,b2,dc), r(ec,52,86,0d), r(d0,e3,c1,77),\
-+ r(6c,16,b3,2b), r(99,b9,70,a9), r(fa,48,94,11), r(22,64,e9,47),\
-+ r(c4,8c,fc,a8), r(1a,3f,f0,a0), r(d8,2c,7d,56), r(ef,90,33,22),\
-+ r(c7,4e,49,87), r(c1,d1,38,d9), r(fe,a2,ca,8c), r(36,0b,d4,98),\
-+ r(cf,81,f5,a6), r(28,de,7a,a5), r(26,8e,b7,da), r(a4,bf,ad,3f),\
-+ r(e4,9d,3a,2c), r(0d,92,78,50), r(9b,cc,5f,6a), r(62,46,7e,54),\
-+ r(c2,13,8d,f6), r(e8,b8,d8,90), r(5e,f7,39,2e), r(f5,af,c3,82),\
-+ r(be,80,5d,9f), r(7c,93,d0,69), r(a9,2d,d5,6f), r(b3,12,25,cf),\
-+ r(3b,99,ac,c8), r(a7,7d,18,10), r(6e,63,9c,e8), r(7b,bb,3b,db),\
-+ r(09,78,26,cd), r(f4,18,59,6e), r(01,b7,9a,ec), r(a8,9a,4f,83),\
-+ r(65,6e,95,e6), r(7e,e6,ff,aa), r(08,cf,bc,21), r(e6,e8,15,ef),\
-+ r(d9,9b,e7,ba), r(ce,36,6f,4a), r(d4,09,9f,ea), r(d6,7c,b0,29),\
-+ r(af,b2,a4,31), r(31,23,3f,2a), r(30,94,a5,c6), r(c0,66,a2,35),\
-+ r(37,bc,4e,74), r(a6,ca,82,fc), r(b0,d0,90,e0), r(15,d8,a7,33),\
-+ r(4a,98,04,f1), r(f7,da,ec,41), r(0e,50,cd,7f), r(2f,f6,91,17),\
-+ r(8d,d6,4d,76), r(4d,b0,ef,43), r(54,4d,aa,cc), r(df,04,96,e4),\
-+ r(e3,b5,d1,9e), r(1b,88,6a,4c), r(b8,1f,2c,c1), r(7f,51,65,46),\
-+ r(04,ea,5e,9d), r(5d,35,8c,01), r(73,74,87,fa), r(2e,41,0b,fb),\
-+ r(5a,1d,67,b3), r(52,d2,db,92), r(33,56,10,e9), r(13,47,d6,6d),\
-+ r(8c,61,d7,9a), r(7a,0c,a1,37), r(8e,14,f8,59), r(89,3c,13,eb),\
-+ r(ee,27,a9,ce), r(35,c9,61,b7), r(ed,e5,1c,e1), r(3c,b1,47,7a),\
-+ r(59,df,d2,9c), r(3f,73,f2,55), r(79,ce,14,18), r(bf,37,c7,73),\
-+ r(ea,cd,f7,53), r(5b,aa,fd,5f), r(14,6f,3d,df), r(86,db,44,78),\
-+ r(81,f3,af,ca), r(3e,c4,68,b9), r(2c,34,24,38), r(5f,40,a3,c2),\
-+ r(72,c3,1d,16), r(0c,25,e2,bc), r(8b,49,3c,28), r(41,95,0d,ff),\
-+ r(71,01,a8,39), r(de,b3,0c,08), r(9c,e4,b4,d8), r(90,c1,56,64),\
-+ r(61,84,cb,7b), r(70,b6,32,d5), r(74,5c,6c,48), r(42,57,b8,d0)
-+
-+// generate the required tables in the desired endian format
-+
-+#undef r
-+#define r r0
-+
-+#if defined(ONE_TABLE)
-+static const u_int32_t ft_tab[256] =
-+ { f_table };
-+#elif defined(FOUR_TABLES)
-+static const u_int32_t ft_tab[4][256] =
-+{ { f_table },
-+#undef r
-+#define r r1
-+ { f_table },
-+#undef r
-+#define r r2
-+ { f_table },
-+#undef r
-+#define r r3
-+ { f_table }
-+};
-+#endif
-+
-+#undef r
-+#define r r0
-+#if defined(ONE_TABLE)
-+static const u_int32_t it_tab[256] =
-+ { i_table };
-+#elif defined(FOUR_TABLES)
-+static const u_int32_t it_tab[4][256] =
-+{ { i_table },
-+#undef r
-+#define r r1
-+ { i_table },
-+#undef r
-+#define r r2
-+ { i_table },
-+#undef r
-+#define r r3
-+ { i_table }
-+};
-+#endif
-+
-+#endif
-+
-+#if defined(FIXED_TABLES) && (defined(ONE_LR_TABLE) || defined(FOUR_LR_TABLES))
-+
-+// data for inverse tables (last round)
-+
-+#define li_table \
-+ w(52), w(09), w(6a), w(d5), w(30), w(36), w(a5), w(38),\
-+ w(bf), w(40), w(a3), w(9e), w(81), w(f3), w(d7), w(fb),\
-+ w(7c), w(e3), w(39), w(82), w(9b), w(2f), w(ff), w(87),\
-+ w(34), w(8e), w(43), w(44), w(c4), w(de), w(e9), w(cb),\
-+ w(54), w(7b), w(94), w(32), w(a6), w(c2), w(23), w(3d),\
-+ w(ee), w(4c), w(95), w(0b), w(42), w(fa), w(c3), w(4e),\
-+ w(08), w(2e), w(a1), w(66), w(28), w(d9), w(24), w(b2),\
-+ w(76), w(5b), w(a2), w(49), w(6d), w(8b), w(d1), w(25),\
-+ w(72), w(f8), w(f6), w(64), w(86), w(68), w(98), w(16),\
-+ w(d4), w(a4), w(5c), w(cc), w(5d), w(65), w(b6), w(92),\
-+ w(6c), w(70), w(48), w(50), w(fd), w(ed), w(b9), w(da),\
-+ w(5e), w(15), w(46), w(57), w(a7), w(8d), w(9d), w(84),\
-+ w(90), w(d8), w(ab), w(00), w(8c), w(bc), w(d3), w(0a),\
-+ w(f7), w(e4), w(58), w(05), w(b8), w(b3), w(45), w(06),\
-+ w(d0), w(2c), w(1e), w(8f), w(ca), w(3f), w(0f), w(02),\
-+ w(c1), w(af), w(bd), w(03), w(01), w(13), w(8a), w(6b),\
-+ w(3a), w(91), w(11), w(41), w(4f), w(67), w(dc), w(ea),\
-+ w(97), w(f2), w(cf), w(ce), w(f0), w(b4), w(e6), w(73),\
-+ w(96), w(ac), w(74), w(22), w(e7), w(ad), w(35), w(85),\
-+ w(e2), w(f9), w(37), w(e8), w(1c), w(75), w(df), w(6e),\
-+ w(47), w(f1), w(1a), w(71), w(1d), w(29), w(c5), w(89),\
-+ w(6f), w(b7), w(62), w(0e), w(aa), w(18), w(be), w(1b),\
-+ w(fc), w(56), w(3e), w(4b), w(c6), w(d2), w(79), w(20),\
-+ w(9a), w(db), w(c0), w(fe), w(78), w(cd), w(5a), w(f4),\
-+ w(1f), w(dd), w(a8), w(33), w(88), w(07), w(c7), w(31),\
-+ w(b1), w(12), w(10), w(59), w(27), w(80), w(ec), w(5f),\
-+ w(60), w(51), w(7f), w(a9), w(19), w(b5), w(4a), w(0d),\
-+ w(2d), w(e5), w(7a), w(9f), w(93), w(c9), w(9c), w(ef),\
-+ w(a0), w(e0), w(3b), w(4d), w(ae), w(2a), w(f5), w(b0),\
-+ w(c8), w(eb), w(bb), w(3c), w(83), w(53), w(99), w(61),\
-+ w(17), w(2b), w(04), w(7e), w(ba), w(77), w(d6), w(26),\
-+ w(e1), w(69), w(14), w(63), w(55), w(21), w(0c), w(7d),
-+
-+// generate the required tables in the desired endian format
-+
-+#undef r
-+#define r(p,q,r,s) w0(q)
-+#if defined(ONE_LR_TABLE)
-+static const u_int32_t fl_tab[256] =
-+ { f_table };
-+#elif defined(FOUR_LR_TABLES)
-+static const u_int32_t fl_tab[4][256] =
-+{ { f_table },
-+#undef r
-+#define r(p,q,r,s) w1(q)
-+ { f_table },
-+#undef r
-+#define r(p,q,r,s) w2(q)
-+ { f_table },
-+#undef r
-+#define r(p,q,r,s) w3(q)
-+ { f_table }
-+};
-+#endif
-+
-+#undef w
-+#define w w0
-+#if defined(ONE_LR_TABLE)
-+static const u_int32_t il_tab[256] =
-+ { li_table };
-+#elif defined(FOUR_LR_TABLES)
-+static const u_int32_t il_tab[4][256] =
-+{ { li_table },
-+#undef w
-+#define w w1
-+ { li_table },
-+#undef w
-+#define w w2
-+ { li_table },
-+#undef w
-+#define w w3
-+ { li_table }
-+};
-+#endif
-+
-+#endif
-+
-+#if defined(FIXED_TABLES) && (defined(ONE_IM_TABLE) || defined(FOUR_IM_TABLES))
-+
-+#define m_table \
-+ r(00,00,00,00), r(0b,0d,09,0e), r(16,1a,12,1c), r(1d,17,1b,12),\
-+ r(2c,34,24,38), r(27,39,2d,36), r(3a,2e,36,24), r(31,23,3f,2a),\
-+ r(58,68,48,70), r(53,65,41,7e), r(4e,72,5a,6c), r(45,7f,53,62),\
-+ r(74,5c,6c,48), r(7f,51,65,46), r(62,46,7e,54), r(69,4b,77,5a),\
-+ r(b0,d0,90,e0), r(bb,dd,99,ee), r(a6,ca,82,fc), r(ad,c7,8b,f2),\
-+ r(9c,e4,b4,d8), r(97,e9,bd,d6), r(8a,fe,a6,c4), r(81,f3,af,ca),\
-+ r(e8,b8,d8,90), r(e3,b5,d1,9e), r(fe,a2,ca,8c), r(f5,af,c3,82),\
-+ r(c4,8c,fc,a8), r(cf,81,f5,a6), r(d2,96,ee,b4), r(d9,9b,e7,ba),\
-+ r(7b,bb,3b,db), r(70,b6,32,d5), r(6d,a1,29,c7), r(66,ac,20,c9),\
-+ r(57,8f,1f,e3), r(5c,82,16,ed), r(41,95,0d,ff), r(4a,98,04,f1),\
-+ r(23,d3,73,ab), r(28,de,7a,a5), r(35,c9,61,b7), r(3e,c4,68,b9),\
-+ r(0f,e7,57,93), r(04,ea,5e,9d), r(19,fd,45,8f), r(12,f0,4c,81),\
-+ r(cb,6b,ab,3b), r(c0,66,a2,35), r(dd,71,b9,27), r(d6,7c,b0,29),\
-+ r(e7,5f,8f,03), r(ec,52,86,0d), r(f1,45,9d,1f), r(fa,48,94,11),\
-+ r(93,03,e3,4b), r(98,0e,ea,45), r(85,19,f1,57), r(8e,14,f8,59),\
-+ r(bf,37,c7,73), r(b4,3a,ce,7d), r(a9,2d,d5,6f), r(a2,20,dc,61),\
-+ r(f6,6d,76,ad), r(fd,60,7f,a3), r(e0,77,64,b1), r(eb,7a,6d,bf),\
-+ r(da,59,52,95), r(d1,54,5b,9b), r(cc,43,40,89), r(c7,4e,49,87),\
-+ r(ae,05,3e,dd), r(a5,08,37,d3), r(b8,1f,2c,c1), r(b3,12,25,cf),\
-+ r(82,31,1a,e5), r(89,3c,13,eb), r(94,2b,08,f9), r(9f,26,01,f7),\
-+ r(46,bd,e6,4d), r(4d,b0,ef,43), r(50,a7,f4,51), r(5b,aa,fd,5f),\
-+ r(6a,89,c2,75), r(61,84,cb,7b), r(7c,93,d0,69), r(77,9e,d9,67),\
-+ r(1e,d5,ae,3d), r(15,d8,a7,33), r(08,cf,bc,21), r(03,c2,b5,2f),\
-+ r(32,e1,8a,05), r(39,ec,83,0b), r(24,fb,98,19), r(2f,f6,91,17),\
-+ r(8d,d6,4d,76), r(86,db,44,78), r(9b,cc,5f,6a), r(90,c1,56,64),\
-+ r(a1,e2,69,4e), r(aa,ef,60,40), r(b7,f8,7b,52), r(bc,f5,72,5c),\
-+ r(d5,be,05,06), r(de,b3,0c,08), r(c3,a4,17,1a), r(c8,a9,1e,14),\
-+ r(f9,8a,21,3e), r(f2,87,28,30), r(ef,90,33,22), r(e4,9d,3a,2c),\
-+ r(3d,06,dd,96), r(36,0b,d4,98), r(2b,1c,cf,8a), r(20,11,c6,84),\
-+ r(11,32,f9,ae), r(1a,3f,f0,a0), r(07,28,eb,b2), r(0c,25,e2,bc),\
-+ r(65,6e,95,e6), r(6e,63,9c,e8), r(73,74,87,fa), r(78,79,8e,f4),\
-+ r(49,5a,b1,de), r(42,57,b8,d0), r(5f,40,a3,c2), r(54,4d,aa,cc),\
-+ r(f7,da,ec,41), r(fc,d7,e5,4f), r(e1,c0,fe,5d), r(ea,cd,f7,53),\
-+ r(db,ee,c8,79), r(d0,e3,c1,77), r(cd,f4,da,65), r(c6,f9,d3,6b),\
-+ r(af,b2,a4,31), r(a4,bf,ad,3f), r(b9,a8,b6,2d), r(b2,a5,bf,23),\
-+ r(83,86,80,09), r(88,8b,89,07), r(95,9c,92,15), r(9e,91,9b,1b),\
-+ r(47,0a,7c,a1), r(4c,07,75,af), r(51,10,6e,bd), r(5a,1d,67,b3),\
-+ r(6b,3e,58,99), r(60,33,51,97), r(7d,24,4a,85), r(76,29,43,8b),\
-+ r(1f,62,34,d1), r(14,6f,3d,df), r(09,78,26,cd), r(02,75,2f,c3),\
-+ r(33,56,10,e9), r(38,5b,19,e7), r(25,4c,02,f5), r(2e,41,0b,fb),\
-+ r(8c,61,d7,9a), r(87,6c,de,94), r(9a,7b,c5,86), r(91,76,cc,88),\
-+ r(a0,55,f3,a2), r(ab,58,fa,ac), r(b6,4f,e1,be), r(bd,42,e8,b0),\
-+ r(d4,09,9f,ea), r(df,04,96,e4), r(c2,13,8d,f6), r(c9,1e,84,f8),\
-+ r(f8,3d,bb,d2), r(f3,30,b2,dc), r(ee,27,a9,ce), r(e5,2a,a0,c0),\
-+ r(3c,b1,47,7a), r(37,bc,4e,74), r(2a,ab,55,66), r(21,a6,5c,68),\
-+ r(10,85,63,42), r(1b,88,6a,4c), r(06,9f,71,5e), r(0d,92,78,50),\
-+ r(64,d9,0f,0a), r(6f,d4,06,04), r(72,c3,1d,16), r(79,ce,14,18),\
-+ r(48,ed,2b,32), r(43,e0,22,3c), r(5e,f7,39,2e), r(55,fa,30,20),\
-+ r(01,b7,9a,ec), r(0a,ba,93,e2), r(17,ad,88,f0), r(1c,a0,81,fe),\
-+ r(2d,83,be,d4), r(26,8e,b7,da), r(3b,99,ac,c8), r(30,94,a5,c6),\
-+ r(59,df,d2,9c), r(52,d2,db,92), r(4f,c5,c0,80), r(44,c8,c9,8e),\
-+ r(75,eb,f6,a4), r(7e,e6,ff,aa), r(63,f1,e4,b8), r(68,fc,ed,b6),\
-+ r(b1,67,0a,0c), r(ba,6a,03,02), r(a7,7d,18,10), r(ac,70,11,1e),\
-+ r(9d,53,2e,34), r(96,5e,27,3a), r(8b,49,3c,28), r(80,44,35,26),\
-+ r(e9,0f,42,7c), r(e2,02,4b,72), r(ff,15,50,60), r(f4,18,59,6e),\
-+ r(c5,3b,66,44), r(ce,36,6f,4a), r(d3,21,74,58), r(d8,2c,7d,56),\
-+ r(7a,0c,a1,37), r(71,01,a8,39), r(6c,16,b3,2b), r(67,1b,ba,25),\
-+ r(56,38,85,0f), r(5d,35,8c,01), r(40,22,97,13), r(4b,2f,9e,1d),\
-+ r(22,64,e9,47), r(29,69,e0,49), r(34,7e,fb,5b), r(3f,73,f2,55),\
-+ r(0e,50,cd,7f), r(05,5d,c4,71), r(18,4a,df,63), r(13,47,d6,6d),\
-+ r(ca,dc,31,d7), r(c1,d1,38,d9), r(dc,c6,23,cb), r(d7,cb,2a,c5),\
-+ r(e6,e8,15,ef), r(ed,e5,1c,e1), r(f0,f2,07,f3), r(fb,ff,0e,fd),\
-+ r(92,b4,79,a7), r(99,b9,70,a9), r(84,ae,6b,bb), r(8f,a3,62,b5),\
-+ r(be,80,5d,9f), r(b5,8d,54,91), r(a8,9a,4f,83), r(a3,97,46,8d)
-+
-+#undef r
-+#define r r0
-+
-+#if defined(ONE_IM_TABLE)
-+static const u_int32_t im_tab[256] =
-+ { m_table };
-+#elif defined(FOUR_IM_TABLES)
-+static const u_int32_t im_tab[4][256] =
-+{ { m_table },
-+#undef r
-+#define r r1
-+ { m_table },
-+#undef r
-+#define r r2
-+ { m_table },
-+#undef r
-+#define r r3
-+ { m_table }
-+};
-+#endif
-+
-+#endif
-+
-+#else
-+
-+static int tab_gen = 0;
-+
-+static unsigned char s_box[256]; // the S box
-+static unsigned char inv_s_box[256]; // the inverse S box
-+static u_int32_t rcon_tab[AES_RC_LENGTH]; // table of round constants
-+
-+#if defined(ONE_TABLE)
-+static u_int32_t ft_tab[256];
-+static u_int32_t it_tab[256];
-+#elif defined(FOUR_TABLES)
-+static u_int32_t ft_tab[4][256];
-+static u_int32_t it_tab[4][256];
-+#endif
-+
-+#if defined(ONE_LR_TABLE)
-+static u_int32_t fl_tab[256];
-+static u_int32_t il_tab[256];
-+#elif defined(FOUR_LR_TABLES)
-+static u_int32_t fl_tab[4][256];
-+static u_int32_t il_tab[4][256];
-+#endif
-+
-+#if defined(ONE_IM_TABLE)
-+static u_int32_t im_tab[256];
-+#elif defined(FOUR_IM_TABLES)
-+static u_int32_t im_tab[4][256];
-+#endif
-+
-+// Generate the tables for the dynamic table option
-+
-+#if !defined(FF_TABLES)
-+
-+// It will generally be sensible to use tables to compute finite
-+// field multiplies and inverses but where memory is scarse this
-+// code might sometimes be better.
-+
-+// return 2 ^ (n - 1) where n is the bit number of the highest bit
-+// set in x with x in the range 1 < x < 0x00000200. This form is
-+// used so that locals within FFinv can be bytes rather than words
-+
-+static unsigned char hibit(const u_int32_t x)
-+{ unsigned char r = (unsigned char)((x >> 1) | (x >> 2));
-+
-+ r |= (r >> 2);
-+ r |= (r >> 4);
-+ return (r + 1) >> 1;
-+}
-+
-+// return the inverse of the finite field element x
-+
-+static unsigned char FFinv(const unsigned char x)
-+{ unsigned char p1 = x, p2 = 0x1b, n1 = hibit(x), n2 = 0x80, v1 = 1, v2 = 0;
-+
-+ if(x < 2) return x;
-+
-+ for(;;)
-+ {
-+ if(!n1) return v1;
-+
-+ while(n2 >= n1)
-+ {
-+ n2 /= n1; p2 ^= p1 * n2; v2 ^= v1 * n2; n2 = hibit(p2);
-+ }
-+
-+ if(!n2) return v2;
-+
-+ while(n1 >= n2)
-+ {
-+ n1 /= n2; p1 ^= p2 * n1; v1 ^= v2 * n1; n1 = hibit(p1);
-+ }
-+ }
-+}
-+
-+// define the finite field multiplies required for Rijndael
-+
-+#define FFmul02(x) ((((x) & 0x7f) << 1) ^ ((x) & 0x80 ? 0x1b : 0))
-+#define FFmul03(x) ((x) ^ FFmul02(x))
-+#define FFmul09(x) ((x) ^ FFmul02(FFmul02(FFmul02(x))))
-+#define FFmul0b(x) ((x) ^ FFmul02((x) ^ FFmul02(FFmul02(x))))
-+#define FFmul0d(x) ((x) ^ FFmul02(FFmul02((x) ^ FFmul02(x))))
-+#define FFmul0e(x) FFmul02((x) ^ FFmul02((x) ^ FFmul02(x)))
-+
-+#else
-+
-+#define FFinv(x) ((x) ? pow[255 - log[x]]: 0)
-+
-+#define FFmul02(x) (x ? pow[log[x] + 0x19] : 0)
-+#define FFmul03(x) (x ? pow[log[x] + 0x01] : 0)
-+#define FFmul09(x) (x ? pow[log[x] + 0xc7] : 0)
-+#define FFmul0b(x) (x ? pow[log[x] + 0x68] : 0)
-+#define FFmul0d(x) (x ? pow[log[x] + 0xee] : 0)
-+#define FFmul0e(x) (x ? pow[log[x] + 0xdf] : 0)
-+
-+#endif
-+
-+// The forward and inverse affine transformations used in the S-box
-+
-+#define fwd_affine(x) \
-+ (w = (u_int32_t)x, w ^= (w<<1)^(w<<2)^(w<<3)^(w<<4), 0x63^(unsigned char)(w^(w>>8)))
-+
-+#define inv_affine(x) \
-+ (w = (u_int32_t)x, w = (w<<1)^(w<<3)^(w<<6), 0x05^(unsigned char)(w^(w>>8)))
-+
-+static void gen_tabs(void)
-+{ u_int32_t i, w;
-+
-+#if defined(FF_TABLES)
-+
-+ unsigned char pow[512], log[256];
-+
-+ // log and power tables for GF(2^8) finite field with
-+ // 0x011b as modular polynomial - the simplest primitive
-+ // root is 0x03, used here to generate the tables
-+
-+ i = 0; w = 1;
-+ do
-+ {
-+ pow[i] = (unsigned char)w;
-+ pow[i + 255] = (unsigned char)w;
-+ log[w] = (unsigned char)i++;
-+ w ^= (w << 1) ^ (w & ff_hi ? ff_poly : 0);
-+ }
-+ while (w != 1);
-+
-+#endif
-+
-+ for(i = 0, w = 1; i < AES_RC_LENGTH; ++i)
-+ {
-+ rcon_tab[i] = bytes2word(w, 0, 0, 0);
-+ w = (w << 1) ^ (w & ff_hi ? ff_poly : 0);
-+ }
-+
-+ for(i = 0; i < 256; ++i)
-+ { unsigned char b;
-+
-+ s_box[i] = b = fwd_affine(FFinv((unsigned char)i));
-+
-+ w = bytes2word(b, 0, 0, 0);
-+#if defined(ONE_LR_TABLE)
-+ fl_tab[i] = w;
-+#elif defined(FOUR_LR_TABLES)
-+ fl_tab[0][i] = w;
-+ fl_tab[1][i] = upr(w,1);
-+ fl_tab[2][i] = upr(w,2);
-+ fl_tab[3][i] = upr(w,3);
-+#endif
-+ w = bytes2word(FFmul02(b), b, b, FFmul03(b));
-+#if defined(ONE_TABLE)
-+ ft_tab[i] = w;
-+#elif defined(FOUR_TABLES)
-+ ft_tab[0][i] = w;
-+ ft_tab[1][i] = upr(w,1);
-+ ft_tab[2][i] = upr(w,2);
-+ ft_tab[3][i] = upr(w,3);
-+#endif
-+ inv_s_box[i] = b = FFinv(inv_affine((unsigned char)i));
-+
-+ w = bytes2word(b, 0, 0, 0);
-+#if defined(ONE_LR_TABLE)
-+ il_tab[i] = w;
-+#elif defined(FOUR_LR_TABLES)
-+ il_tab[0][i] = w;
-+ il_tab[1][i] = upr(w,1);
-+ il_tab[2][i] = upr(w,2);
-+ il_tab[3][i] = upr(w,3);
-+#endif
-+ w = bytes2word(FFmul0e(b), FFmul09(b), FFmul0d(b), FFmul0b(b));
-+#if defined(ONE_TABLE)
-+ it_tab[i] = w;
-+#elif defined(FOUR_TABLES)
-+ it_tab[0][i] = w;
-+ it_tab[1][i] = upr(w,1);
-+ it_tab[2][i] = upr(w,2);
-+ it_tab[3][i] = upr(w,3);
-+#endif
-+#if defined(ONE_IM_TABLE)
-+ im_tab[b] = w;
-+#elif defined(FOUR_IM_TABLES)
-+ im_tab[0][b] = w;
-+ im_tab[1][b] = upr(w,1);
-+ im_tab[2][b] = upr(w,2);
-+ im_tab[3][b] = upr(w,3);
-+#endif
-+
-+ }
-+}
-+
-+#endif
-+
-+#define no_table(x,box,vf,rf,c) bytes2word( \
-+ box[bval(vf(x,0,c),rf(0,c))], \
-+ box[bval(vf(x,1,c),rf(1,c))], \
-+ box[bval(vf(x,2,c),rf(2,c))], \
-+ box[bval(vf(x,3,c),rf(3,c))])
-+
-+#define one_table(x,op,tab,vf,rf,c) \
-+ ( tab[bval(vf(x,0,c),rf(0,c))] \
-+ ^ op(tab[bval(vf(x,1,c),rf(1,c))],1) \
-+ ^ op(tab[bval(vf(x,2,c),rf(2,c))],2) \
-+ ^ op(tab[bval(vf(x,3,c),rf(3,c))],3))
-+
-+#define four_tables(x,tab,vf,rf,c) \
-+ ( tab[0][bval(vf(x,0,c),rf(0,c))] \
-+ ^ tab[1][bval(vf(x,1,c),rf(1,c))] \
-+ ^ tab[2][bval(vf(x,2,c),rf(2,c))] \
-+ ^ tab[3][bval(vf(x,3,c),rf(3,c))])
-+
-+#define vf1(x,r,c) (x)
-+#define rf1(r,c) (r)
-+#define rf2(r,c) ((r-c)&3)
-+
-+#if defined(FOUR_LR_TABLES)
-+#define ls_box(x,c) four_tables(x,fl_tab,vf1,rf2,c)
-+#elif defined(ONE_LR_TABLE)
-+#define ls_box(x,c) one_table(x,upr,fl_tab,vf1,rf2,c)
-+#else
-+#define ls_box(x,c) no_table(x,s_box,vf1,rf2,c)
-+#endif
-+
-+#if defined(FOUR_IM_TABLES)
-+#define inv_mcol(x) four_tables(x,im_tab,vf1,rf1,0)
-+#elif defined(ONE_IM_TABLE)
-+#define inv_mcol(x) one_table(x,upr,im_tab,vf1,rf1,0)
-+#else
-+#define inv_mcol(x) \
-+ (f9 = (x),f2 = FFmulX(f9), f4 = FFmulX(f2), f8 = FFmulX(f4), f9 ^= f8, \
-+ f2 ^= f4 ^ f8 ^ upr(f2 ^ f9,3) ^ upr(f4 ^ f9,2) ^ upr(f9,1))
-+#endif
-+
-+// Subroutine to set the block size (if variable) in bytes, legal
-+// values being 16, 24 and 32.
-+
-+#if defined(AES_BLOCK_SIZE)
-+#define nc (AES_BLOCK_SIZE / 4)
-+#else
-+#define nc (cx->aes_Ncol)
-+
-+void aes_set_blk(aes_context *cx, int n_bytes)
-+{
-+#if !defined(FIXED_TABLES)
-+ if(!tab_gen) { gen_tabs(); tab_gen = 1; }
-+#endif
-+
-+ switch(n_bytes) {
-+ case 32: /* bytes */
-+ case 256: /* bits */
-+ nc = 8;
-+ break;
-+ case 24: /* bytes */
-+ case 192: /* bits */
-+ nc = 6;
-+ break;
-+ case 16: /* bytes */
-+ case 128: /* bits */
-+ default:
-+ nc = 4;
-+ break;
-+ }
-+}
-+
-+#endif
-+
-+// Initialise the key schedule from the user supplied key. The key
-+// length is now specified in bytes - 16, 24 or 32 as appropriate.
-+// This corresponds to bit lengths of 128, 192 and 256 bits, and
-+// to Nk values of 4, 6 and 8 respectively.
-+
-+#define mx(t,f) (*t++ = inv_mcol(*f),f++)
-+#define cp(t,f) *t++ = *f++
-+
-+#if AES_BLOCK_SIZE == 16
-+#define cpy(d,s) cp(d,s); cp(d,s); cp(d,s); cp(d,s)
-+#define mix(d,s) mx(d,s); mx(d,s); mx(d,s); mx(d,s)
-+#elif AES_BLOCK_SIZE == 24
-+#define cpy(d,s) cp(d,s); cp(d,s); cp(d,s); cp(d,s); \
-+ cp(d,s); cp(d,s)
-+#define mix(d,s) mx(d,s); mx(d,s); mx(d,s); mx(d,s); \
-+ mx(d,s); mx(d,s)
-+#elif AES_BLOCK_SIZE == 32
-+#define cpy(d,s) cp(d,s); cp(d,s); cp(d,s); cp(d,s); \
-+ cp(d,s); cp(d,s); cp(d,s); cp(d,s)
-+#define mix(d,s) mx(d,s); mx(d,s); mx(d,s); mx(d,s); \
-+ mx(d,s); mx(d,s); mx(d,s); mx(d,s)
-+#else
-+
-+#define cpy(d,s) \
-+switch(nc) \
-+{ case 8: cp(d,s); cp(d,s); \
-+ case 6: cp(d,s); cp(d,s); \
-+ case 4: cp(d,s); cp(d,s); \
-+ cp(d,s); cp(d,s); \
-+}
-+
-+#define mix(d,s) \
-+switch(nc) \
-+{ case 8: mx(d,s); mx(d,s); \
-+ case 6: mx(d,s); mx(d,s); \
-+ case 4: mx(d,s); mx(d,s); \
-+ mx(d,s); mx(d,s); \
-+}
-+
-+#endif
-+
-+void aes_set_key(aes_context *cx, const unsigned char in_key[], int n_bytes, const int f)
-+{ u_int32_t *kf, *kt, rci;
-+
-+#if !defined(FIXED_TABLES)
-+ if(!tab_gen) { gen_tabs(); tab_gen = 1; }
-+#endif
-+
-+ switch(n_bytes) {
-+ case 32: /* bytes */
-+ case 256: /* bits */
-+ cx->aes_Nkey = 8;
-+ break;
-+ case 24: /* bytes */
-+ case 192: /* bits */
-+ cx->aes_Nkey = 6;
-+ break;
-+ case 16: /* bytes */
-+ case 128: /* bits */
-+ default:
-+ cx->aes_Nkey = 4;
-+ break;
-+ }
-+
-+ cx->aes_Nrnd = (cx->aes_Nkey > nc ? cx->aes_Nkey : nc) + 6;
-+
-+ cx->aes_e_key[0] = const_word_in(in_key );
-+ cx->aes_e_key[1] = const_word_in(in_key + 4);
-+ cx->aes_e_key[2] = const_word_in(in_key + 8);
-+ cx->aes_e_key[3] = const_word_in(in_key + 12);
-+
-+ kf = cx->aes_e_key;
-+ kt = kf + nc * (cx->aes_Nrnd + 1) - cx->aes_Nkey;
-+ rci = 0;
-+
-+ switch(cx->aes_Nkey)
-+ {
-+ case 4: do
-+ { kf[4] = kf[0] ^ ls_box(kf[3],3) ^ rcon_tab[rci++];
-+ kf[5] = kf[1] ^ kf[4];
-+ kf[6] = kf[2] ^ kf[5];
-+ kf[7] = kf[3] ^ kf[6];
-+ kf += 4;
-+ }
-+ while(kf < kt);
-+ break;
-+
-+ case 6: cx->aes_e_key[4] = const_word_in(in_key + 16);
-+ cx->aes_e_key[5] = const_word_in(in_key + 20);
-+ do
-+ { kf[ 6] = kf[0] ^ ls_box(kf[5],3) ^ rcon_tab[rci++];
-+ kf[ 7] = kf[1] ^ kf[ 6];
-+ kf[ 8] = kf[2] ^ kf[ 7];
-+ kf[ 9] = kf[3] ^ kf[ 8];
-+ kf[10] = kf[4] ^ kf[ 9];
-+ kf[11] = kf[5] ^ kf[10];
-+ kf += 6;
-+ }
-+ while(kf < kt);
-+ break;
-+
-+ case 8: cx->aes_e_key[4] = const_word_in(in_key + 16);
-+ cx->aes_e_key[5] = const_word_in(in_key + 20);
-+ cx->aes_e_key[6] = const_word_in(in_key + 24);
-+ cx->aes_e_key[7] = const_word_in(in_key + 28);
-+ do
-+ { kf[ 8] = kf[0] ^ ls_box(kf[7],3) ^ rcon_tab[rci++];
-+ kf[ 9] = kf[1] ^ kf[ 8];
-+ kf[10] = kf[2] ^ kf[ 9];
-+ kf[11] = kf[3] ^ kf[10];
-+ kf[12] = kf[4] ^ ls_box(kf[11],0);
-+ kf[13] = kf[5] ^ kf[12];
-+ kf[14] = kf[6] ^ kf[13];
-+ kf[15] = kf[7] ^ kf[14];
-+ kf += 8;
-+ }
-+ while (kf < kt);
-+ break;
-+ }
-+
-+ if(!f)
-+ { u_int32_t i;
-+
-+ kt = cx->aes_d_key + nc * cx->aes_Nrnd;
-+ kf = cx->aes_e_key;
-+
-+ cpy(kt, kf); kt -= 2 * nc;
-+
-+ for(i = 1; i < cx->aes_Nrnd; ++i)
-+ {
-+#if defined(ONE_TABLE) || defined(FOUR_TABLES)
-+#if !defined(ONE_IM_TABLE) && !defined(FOUR_IM_TABLES)
-+ u_int32_t f2, f4, f8, f9;
-+#endif
-+ mix(kt, kf);
-+#else
-+ cpy(kt, kf);
-+#endif
-+ kt -= 2 * nc;
-+ }
-+
-+ cpy(kt, kf);
-+ }
-+}
-+
-+// y = output word, x = input word, r = row, c = column
-+// for r = 0, 1, 2 and 3 = column accessed for row r
-+
-+#if defined(ARRAYS)
-+#define s(x,c) x[c]
-+#else
-+#define s(x,c) x##c
-+#endif
-+
-+// I am grateful to Frank Yellin for the following constructions
-+// which, given the column (c) of the output state variable that
-+// is being computed, return the input state variables which are
-+// needed for each row (r) of the state
-+
-+// For the fixed block size options, compilers reduce these two
-+// expressions to fixed variable references. For variable block
-+// size code conditional clauses will sometimes be returned
-+
-+#define unused 77 // Sunset Strip
-+
-+#define fwd_var(x,r,c) \
-+ ( r==0 ? \
-+ ( c==0 ? s(x,0) \
-+ : c==1 ? s(x,1) \
-+ : c==2 ? s(x,2) \
-+ : c==3 ? s(x,3) \
-+ : c==4 ? s(x,4) \
-+ : c==5 ? s(x,5) \
-+ : c==6 ? s(x,6) \
-+ : s(x,7)) \
-+ : r==1 ? \
-+ ( c==0 ? s(x,1) \
-+ : c==1 ? s(x,2) \
-+ : c==2 ? s(x,3) \
-+ : c==3 ? nc==4 ? s(x,0) : s(x,4) \
-+ : c==4 ? s(x,5) \
-+ : c==5 ? nc==8 ? s(x,6) : s(x,0) \
-+ : c==6 ? s(x,7) \
-+ : s(x,0)) \
-+ : r==2 ? \
-+ ( c==0 ? nc==8 ? s(x,3) : s(x,2) \
-+ : c==1 ? nc==8 ? s(x,4) : s(x,3) \
-+ : c==2 ? nc==4 ? s(x,0) : nc==8 ? s(x,5) : s(x,4) \
-+ : c==3 ? nc==4 ? s(x,1) : nc==8 ? s(x,6) : s(x,5) \
-+ : c==4 ? nc==8 ? s(x,7) : s(x,0) \
-+ : c==5 ? nc==8 ? s(x,0) : s(x,1) \
-+ : c==6 ? s(x,1) \
-+ : s(x,2)) \
-+ : \
-+ ( c==0 ? nc==8 ? s(x,4) : s(x,3) \
-+ : c==1 ? nc==4 ? s(x,0) : nc==8 ? s(x,5) : s(x,4) \
-+ : c==2 ? nc==4 ? s(x,1) : nc==8 ? s(x,6) : s(x,5) \
-+ : c==3 ? nc==4 ? s(x,2) : nc==8 ? s(x,7) : s(x,0) \
-+ : c==4 ? nc==8 ? s(x,0) : s(x,1) \
-+ : c==5 ? nc==8 ? s(x,1) : s(x,2) \
-+ : c==6 ? s(x,2) \
-+ : s(x,3)))
-+
-+#define inv_var(x,r,c) \
-+ ( r==0 ? \
-+ ( c==0 ? s(x,0) \
-+ : c==1 ? s(x,1) \
-+ : c==2 ? s(x,2) \
-+ : c==3 ? s(x,3) \
-+ : c==4 ? s(x,4) \
-+ : c==5 ? s(x,5) \
-+ : c==6 ? s(x,6) \
-+ : s(x,7)) \
-+ : r==1 ? \
-+ ( c==0 ? nc==4 ? s(x,3) : nc==8 ? s(x,7) : s(x,5) \
-+ : c==1 ? s(x,0) \
-+ : c==2 ? s(x,1) \
-+ : c==3 ? s(x,2) \
-+ : c==4 ? s(x,3) \
-+ : c==5 ? s(x,4) \
-+ : c==6 ? s(x,5) \
-+ : s(x,6)) \
-+ : r==2 ? \
-+ ( c==0 ? nc==4 ? s(x,2) : nc==8 ? s(x,5) : s(x,4) \
-+ : c==1 ? nc==4 ? s(x,3) : nc==8 ? s(x,6) : s(x,5) \
-+ : c==2 ? nc==8 ? s(x,7) : s(x,0) \
-+ : c==3 ? nc==8 ? s(x,0) : s(x,1) \
-+ : c==4 ? nc==8 ? s(x,1) : s(x,2) \
-+ : c==5 ? nc==8 ? s(x,2) : s(x,3) \
-+ : c==6 ? s(x,3) \
-+ : s(x,4)) \
-+ : \
-+ ( c==0 ? nc==4 ? s(x,1) : nc==8 ? s(x,4) : s(x,3) \
-+ : c==1 ? nc==4 ? s(x,2) : nc==8 ? s(x,5) : s(x,4) \
-+ : c==2 ? nc==4 ? s(x,3) : nc==8 ? s(x,6) : s(x,5) \
-+ : c==3 ? nc==8 ? s(x,7) : s(x,0) \
-+ : c==4 ? nc==8 ? s(x,0) : s(x,1) \
-+ : c==5 ? nc==8 ? s(x,1) : s(x,2) \
-+ : c==6 ? s(x,2) \
-+ : s(x,3)))
-+
-+#define si(y,x,k,c) s(y,c) = const_word_in(x + 4 * c) ^ k[c]
-+#define so(y,x,c) word_out(y + 4 * c, s(x,c))
-+
-+#if defined(FOUR_TABLES)
-+#define fwd_rnd(y,x,k,c) s(y,c)= (k)[c] ^ four_tables(x,ft_tab,fwd_var,rf1,c)
-+#define inv_rnd(y,x,k,c) s(y,c)= (k)[c] ^ four_tables(x,it_tab,inv_var,rf1,c)
-+#elif defined(ONE_TABLE)
-+#define fwd_rnd(y,x,k,c) s(y,c)= (k)[c] ^ one_table(x,upr,ft_tab,fwd_var,rf1,c)
-+#define inv_rnd(y,x,k,c) s(y,c)= (k)[c] ^ one_table(x,upr,it_tab,inv_var,rf1,c)
-+#else
-+#define fwd_rnd(y,x,k,c) s(y,c) = fwd_mcol(no_table(x,s_box,fwd_var,rf1,c)) ^ (k)[c]
-+#define inv_rnd(y,x,k,c) s(y,c) = inv_mcol(no_table(x,inv_s_box,inv_var,rf1,c) ^ (k)[c])
-+#endif
-+
-+#if defined(FOUR_LR_TABLES)
-+#define fwd_lrnd(y,x,k,c) s(y,c)= (k)[c] ^ four_tables(x,fl_tab,fwd_var,rf1,c)
-+#define inv_lrnd(y,x,k,c) s(y,c)= (k)[c] ^ four_tables(x,il_tab,inv_var,rf1,c)
-+#elif defined(ONE_LR_TABLE)
-+#define fwd_lrnd(y,x,k,c) s(y,c)= (k)[c] ^ one_table(x,ups,fl_tab,fwd_var,rf1,c)
-+#define inv_lrnd(y,x,k,c) s(y,c)= (k)[c] ^ one_table(x,ups,il_tab,inv_var,rf1,c)
-+#else
-+#define fwd_lrnd(y,x,k,c) s(y,c) = no_table(x,s_box,fwd_var,rf1,c) ^ (k)[c]
-+#define inv_lrnd(y,x,k,c) s(y,c) = no_table(x,inv_s_box,inv_var,rf1,c) ^ (k)[c]
-+#endif
-+
-+#if AES_BLOCK_SIZE == 16
-+
-+#if defined(ARRAYS)
-+#define locals(y,x) x[4],y[4]
-+#else
-+#define locals(y,x) x##0,x##1,x##2,x##3,y##0,y##1,y##2,y##3
-+// the following defines prevent the compiler requiring the declaration
-+// of generated but unused variables in the fwd_var and inv_var macros
-+#define b04 unused
-+#define b05 unused
-+#define b06 unused
-+#define b07 unused
-+#define b14 unused
-+#define b15 unused
-+#define b16 unused
-+#define b17 unused
-+#endif
-+#define l_copy(y, x) s(y,0) = s(x,0); s(y,1) = s(x,1); \
-+ s(y,2) = s(x,2); s(y,3) = s(x,3);
-+#define state_in(y,x,k) si(y,x,k,0); si(y,x,k,1); si(y,x,k,2); si(y,x,k,3)
-+#define state_out(y,x) so(y,x,0); so(y,x,1); so(y,x,2); so(y,x,3)
-+#define round(rm,y,x,k) rm(y,x,k,0); rm(y,x,k,1); rm(y,x,k,2); rm(y,x,k,3)
-+
-+#elif AES_BLOCK_SIZE == 24
-+
-+#if defined(ARRAYS)
-+#define locals(y,x) x[6],y[6]
-+#else
-+#define locals(y,x) x##0,x##1,x##2,x##3,x##4,x##5, \
-+ y##0,y##1,y##2,y##3,y##4,y##5
-+#define b06 unused
-+#define b07 unused
-+#define b16 unused
-+#define b17 unused
-+#endif
-+#define l_copy(y, x) s(y,0) = s(x,0); s(y,1) = s(x,1); \
-+ s(y,2) = s(x,2); s(y,3) = s(x,3); \
-+ s(y,4) = s(x,4); s(y,5) = s(x,5);
-+#define state_in(y,x,k) si(y,x,k,0); si(y,x,k,1); si(y,x,k,2); \
-+ si(y,x,k,3); si(y,x,k,4); si(y,x,k,5)
-+#define state_out(y,x) so(y,x,0); so(y,x,1); so(y,x,2); \
-+ so(y,x,3); so(y,x,4); so(y,x,5)
-+#define round(rm,y,x,k) rm(y,x,k,0); rm(y,x,k,1); rm(y,x,k,2); \
-+ rm(y,x,k,3); rm(y,x,k,4); rm(y,x,k,5)
-+#else
-+
-+#if defined(ARRAYS)
-+#define locals(y,x) x[8],y[8]
-+#else
-+#define locals(y,x) x##0,x##1,x##2,x##3,x##4,x##5,x##6,x##7, \
-+ y##0,y##1,y##2,y##3,y##4,y##5,y##6,y##7
-+#endif
-+#define l_copy(y, x) s(y,0) = s(x,0); s(y,1) = s(x,1); \
-+ s(y,2) = s(x,2); s(y,3) = s(x,3); \
-+ s(y,4) = s(x,4); s(y,5) = s(x,5); \
-+ s(y,6) = s(x,6); s(y,7) = s(x,7);
-+
-+#if AES_BLOCK_SIZE == 32
-+
-+#define state_in(y,x,k) si(y,x,k,0); si(y,x,k,1); si(y,x,k,2); si(y,x,k,3); \
-+ si(y,x,k,4); si(y,x,k,5); si(y,x,k,6); si(y,x,k,7)
-+#define state_out(y,x) so(y,x,0); so(y,x,1); so(y,x,2); so(y,x,3); \
-+ so(y,x,4); so(y,x,5); so(y,x,6); so(y,x,7)
-+#define round(rm,y,x,k) rm(y,x,k,0); rm(y,x,k,1); rm(y,x,k,2); rm(y,x,k,3); \
-+ rm(y,x,k,4); rm(y,x,k,5); rm(y,x,k,6); rm(y,x,k,7)
-+#else
-+
-+#define state_in(y,x,k) \
-+switch(nc) \
-+{ case 8: si(y,x,k,7); si(y,x,k,6); \
-+ case 6: si(y,x,k,5); si(y,x,k,4); \
-+ case 4: si(y,x,k,3); si(y,x,k,2); \
-+ si(y,x,k,1); si(y,x,k,0); \
-+}
-+
-+#define state_out(y,x) \
-+switch(nc) \
-+{ case 8: so(y,x,7); so(y,x,6); \
-+ case 6: so(y,x,5); so(y,x,4); \
-+ case 4: so(y,x,3); so(y,x,2); \
-+ so(y,x,1); so(y,x,0); \
-+}
-+
-+#if defined(FAST_VARIABLE)
-+
-+#define round(rm,y,x,k) \
-+switch(nc) \
-+{ case 8: rm(y,x,k,7); rm(y,x,k,6); \
-+ rm(y,x,k,5); rm(y,x,k,4); \
-+ rm(y,x,k,3); rm(y,x,k,2); \
-+ rm(y,x,k,1); rm(y,x,k,0); \
-+ break; \
-+ case 6: rm(y,x,k,5); rm(y,x,k,4); \
-+ rm(y,x,k,3); rm(y,x,k,2); \
-+ rm(y,x,k,1); rm(y,x,k,0); \
-+ break; \
-+ case 4: rm(y,x,k,3); rm(y,x,k,2); \
-+ rm(y,x,k,1); rm(y,x,k,0); \
-+ break; \
-+}
-+#else
-+
-+#define round(rm,y,x,k) \
-+switch(nc) \
-+{ case 8: rm(y,x,k,7); rm(y,x,k,6); \
-+ case 6: rm(y,x,k,5); rm(y,x,k,4); \
-+ case 4: rm(y,x,k,3); rm(y,x,k,2); \
-+ rm(y,x,k,1); rm(y,x,k,0); \
-+}
-+
-+#endif
-+
-+#endif
-+#endif
-+
-+void aes_encrypt(const aes_context *cx, const unsigned char in_blk[], unsigned char out_blk[])
-+{ u_int32_t locals(b0, b1);
-+ const u_int32_t *kp = cx->aes_e_key;
-+
-+#if !defined(ONE_TABLE) && !defined(FOUR_TABLES)
-+ u_int32_t f2;
-+#endif
-+
-+ state_in(b0, in_blk, kp); kp += nc;
-+
-+#if defined(UNROLL)
-+
-+ switch(cx->aes_Nrnd)
-+ {
-+ case 14: round(fwd_rnd, b1, b0, kp );
-+ round(fwd_rnd, b0, b1, kp + nc ); kp += 2 * nc;
-+ case 12: round(fwd_rnd, b1, b0, kp );
-+ round(fwd_rnd, b0, b1, kp + nc ); kp += 2 * nc;
-+ case 10: round(fwd_rnd, b1, b0, kp );
-+ round(fwd_rnd, b0, b1, kp + nc);
-+ round(fwd_rnd, b1, b0, kp + 2 * nc);
-+ round(fwd_rnd, b0, b1, kp + 3 * nc);
-+ round(fwd_rnd, b1, b0, kp + 4 * nc);
-+ round(fwd_rnd, b0, b1, kp + 5 * nc);
-+ round(fwd_rnd, b1, b0, kp + 6 * nc);
-+ round(fwd_rnd, b0, b1, kp + 7 * nc);
-+ round(fwd_rnd, b1, b0, kp + 8 * nc);
-+ round(fwd_lrnd, b0, b1, kp + 9 * nc);
-+ }
-+
-+#elif defined(PARTIAL_UNROLL)
-+ { u_int32_t rnd;
-+
-+ for(rnd = 0; rnd < (cx->aes_Nrnd >> 1) - 1; ++rnd)
-+ {
-+ round(fwd_rnd, b1, b0, kp);
-+ round(fwd_rnd, b0, b1, kp + nc); kp += 2 * nc;
-+ }
-+
-+ round(fwd_rnd, b1, b0, kp);
-+ round(fwd_lrnd, b0, b1, kp + nc);
-+ }
-+#else
-+ { u_int32_t rnd;
-+
-+ for(rnd = 0; rnd < cx->aes_Nrnd - 1; ++rnd)
-+ {
-+ round(fwd_rnd, b1, b0, kp);
-+ l_copy(b0, b1); kp += nc;
-+ }
-+
-+ round(fwd_lrnd, b0, b1, kp);
-+ }
-+#endif
-+
-+ state_out(out_blk, b0);
-+}
-+
-+void aes_decrypt(const aes_context *cx, const unsigned char in_blk[], unsigned char out_blk[])
-+{ u_int32_t locals(b0, b1);
-+ const u_int32_t *kp = cx->aes_d_key;
-+
-+#if !defined(ONE_TABLE) && !defined(FOUR_TABLES)
-+ u_int32_t f2, f4, f8, f9;
-+#endif
-+
-+ state_in(b0, in_blk, kp); kp += nc;
-+
-+#if defined(UNROLL)
-+
-+ switch(cx->aes_Nrnd)
-+ {
-+ case 14: round(inv_rnd, b1, b0, kp );
-+ round(inv_rnd, b0, b1, kp + nc ); kp += 2 * nc;
-+ case 12: round(inv_rnd, b1, b0, kp );
-+ round(inv_rnd, b0, b1, kp + nc ); kp += 2 * nc;
-+ case 10: round(inv_rnd, b1, b0, kp );
-+ round(inv_rnd, b0, b1, kp + nc);
-+ round(inv_rnd, b1, b0, kp + 2 * nc);
-+ round(inv_rnd, b0, b1, kp + 3 * nc);
-+ round(inv_rnd, b1, b0, kp + 4 * nc);
-+ round(inv_rnd, b0, b1, kp + 5 * nc);
-+ round(inv_rnd, b1, b0, kp + 6 * nc);
-+ round(inv_rnd, b0, b1, kp + 7 * nc);
-+ round(inv_rnd, b1, b0, kp + 8 * nc);
-+ round(inv_lrnd, b0, b1, kp + 9 * nc);
-+ }
-+
-+#elif defined(PARTIAL_UNROLL)
-+ { u_int32_t rnd;
-+
-+ for(rnd = 0; rnd < (cx->aes_Nrnd >> 1) - 1; ++rnd)
-+ {
-+ round(inv_rnd, b1, b0, kp);
-+ round(inv_rnd, b0, b1, kp + nc); kp += 2 * nc;
-+ }
-+
-+ round(inv_rnd, b1, b0, kp);
-+ round(inv_lrnd, b0, b1, kp + nc);
-+ }
-+#else
-+ { u_int32_t rnd;
-+
-+ for(rnd = 0; rnd < cx->aes_Nrnd - 1; ++rnd)
-+ {
-+ round(inv_rnd, b1, b0, kp);
-+ l_copy(b0, b1); kp += nc;
-+ }
-+
-+ round(inv_lrnd, b0, b1, kp);
-+ }
-+#endif
-+
-+ state_out(out_blk, b0);
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/aes/aes_cbc.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,46 @@
-+/*
-+// I retain copyright in this code but I encourage its free use provided
-+// that I don't carry any responsibility for the results. I am especially
-+// happy to see it used in free and open source software. If you do use
-+// it I would appreciate an acknowledgement of its origin in the code or
-+// the product that results and I would also appreciate knowing a little
-+// about the use to which it is being put. I am grateful to Frank Yellin
-+// for some ideas that are used in this implementation.
-+//
-+// Dr B. R. Gladman <brg@gladman.uk.net> 6th April 2001.
-+//
-+// This is an implementation of the AES encryption algorithm (Rijndael)
-+// designed by Joan Daemen and Vincent Rijmen. This version is designed
-+// to provide both fixed and dynamic block and key lengths and can also
-+// run with either big or little endian internal byte order (see aes.h).
-+// It inputs block and key lengths in bytes with the legal values being
-+// 16, 24 and 32.
-+*
-+*/
-+
-+#ifdef __KERNEL__
-+#include <linux/types.h>
-+#else
-+#include <sys/types.h>
-+#endif
-+#include "crypto/aes_cbc.h"
-+#include "crypto/cbc_generic.h"
-+
-+/* returns bool success */
-+int AES_set_key(aes_context *aes_ctx, const u_int8_t *key, int keysize) {
-+ aes_set_key(aes_ctx, key, keysize, 0);
-+ return 1;
-+}
-+CBC_IMPL_BLK16(AES_cbc_encrypt, aes_context, u_int8_t *, aes_encrypt, aes_decrypt);
-+
-+
-+/*
-+ * $Log: aes_cbc.c,v $
-+ * Revision 1.2 2004/07/10 07:48:40 mcr
-+ * Moved from linux/crypto/ciphers/aes/aes_cbc.c,v
-+ *
-+ * Revision 1.1 2004/04/06 02:48:12 mcr
-+ * pullup of AES cipher from alg-branch.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/aes/aes_xcbc_mac.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,67 @@
-+#ifdef __KERNEL__
-+#include <linux/types.h>
-+#include <linux/kernel.h>
-+#define DEBUG(x)
-+#else
-+#include <stdio.h>
-+#include <sys/types.h>
-+#define DEBUG(x) x
-+#endif
-+
-+#include "crypto/aes.h"
-+#include "crypto/aes_xcbc_mac.h"
-+
-+int AES_xcbc_mac_set_key(aes_context_mac *ctxm, const u_int8_t *key, int keylen)
-+{
-+ int ret=1;
-+ aes_block kn[3] = {
-+ { 0x01010101, 0x01010101, 0x01010101, 0x01010101 },
-+ { 0x02020202, 0x02020202, 0x02020202, 0x02020202 },
-+ { 0x03030303, 0x03030303, 0x03030303, 0x03030303 },
-+ };
-+ aes_set_key(&ctxm->ctx_k1, key, keylen, 0);
-+ aes_encrypt(&ctxm->ctx_k1, (u_int8_t *) kn[0], (u_int8_t *) kn[0]);
-+ aes_encrypt(&ctxm->ctx_k1, (u_int8_t *) kn[1], (u_int8_t *) ctxm->k2);
-+ aes_encrypt(&ctxm->ctx_k1, (u_int8_t *) kn[2], (u_int8_t *) ctxm->k3);
-+ aes_set_key(&ctxm->ctx_k1, (u_int8_t *) kn[0], 16, 0);
-+ return ret;
-+}
-+static void do_pad_xor(u_int8_t *out, const u_int8_t *in, int len) {
-+ int pos=0;
-+ for (pos=1; pos <= 16; pos++, in++, out++) {
-+ if (pos <= len)
-+ *out ^= *in;
-+ if (pos > len) {
-+ DEBUG(printf("put 0x80 at pos=%d\n", pos));
-+ *out ^= 0x80;
-+ break;
-+ }
-+ }
-+}
-+static void xor_block(aes_block res, const aes_block op) {
-+ res[0] ^= op[0];
-+ res[1] ^= op[1];
-+ res[2] ^= op[2];
-+ res[3] ^= op[3];
-+}
-+int AES_xcbc_mac_hash(const aes_context_mac *ctxm, const u_int8_t * in, int ilen, u_int8_t hash[16]) {
-+ int ret=ilen;
-+ u_int32_t out[4] = { 0, 0, 0, 0 };
-+ for (; ilen > 16 ; ilen-=16) {
-+ xor_block(out, (const u_int32_t*) &in[0]);
-+ aes_encrypt(&ctxm->ctx_k1, in, (u_int8_t *)&out[0]);
-+ in+=16;
-+ }
-+ do_pad_xor((u_int8_t *)&out, in, ilen);
-+ if (ilen==16) {
-+ DEBUG(printf("using k3\n"));
-+ xor_block(out, ctxm->k3);
-+ }
-+ else
-+ {
-+ DEBUG(printf("using k2\n"));
-+ xor_block(out, ctxm->k2);
-+ }
-+ aes_encrypt(&ctxm->ctx_k1, (u_int8_t *)out, hash);
-+ return ret;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/aes/ipsec_alg_aes.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,296 @@
-+/*
-+ * ipsec_alg AES cipher stubs
-+ *
-+ * Author: JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar>
-+ *
-+ * ipsec_alg_aes.c,v 1.1.2.1 2003/11/21 18:12:23 jjo Exp
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * Fixes by:
-+ * PK: Pawel Krawczyk <kravietz@aba.krakow.pl>
-+ * Fixes list:
-+ * PK: make XCBC comply with latest draft (keylength)
-+ *
-+ */
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+
-+/*
-+ * special case: ipsec core modular with this static algo inside:
-+ * must avoid MODULE magic for this file
-+ */
-+#if defined(CONFIG_KLIPS_MODULE) && defined(CONFIG_KLIPS_ENC_AES)
-+#undef MODULE
-+#endif
-+
-+#include <linux/module.h>
-+#include <linux/init.h>
-+
-+#include <linux/kernel.h> /* printk() */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/string.h>
-+
-+/* Check if __exit is defined, if not null it */
-+#ifndef __exit
-+#define __exit
-+#endif
-+
-+/* Low freeswan header coupling */
-+#include "openswan/ipsec_alg.h"
-+#include "crypto/aes_cbc.h"
-+
-+#define CONFIG_KLIPS_ENC_AES_MAC 1
-+
-+#define AES_CONTEXT_T aes_context
-+static int debug_aes=0;
-+static int test_aes=0;
-+static int excl_aes=0;
-+static int keyminbits=0;
-+static int keymaxbits=0;
-+#if defined(CONFIG_KLIPS_ENC_AES_MODULE)
-+MODULE_AUTHOR("JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar>");
-+#ifdef module_param
-+module_param(debug_aes,int,0600)
-+module_param(test_aes,int,0600)
-+module_param(excl_aes,int,0600)
-+module_param(keyminbits,int,0600)
-+module_param(keymaxbits,int,0600)
-+#else
-+MODULE_PARM(debug_aes, "i");
-+MODULE_PARM(test_aes, "i");
-+MODULE_PARM(excl_aes, "i");
-+MODULE_PARM(keyminbits, "i");
-+MODULE_PARM(keymaxbits, "i");
-+#endif
-+#endif
-+
-+#if CONFIG_KLIPS_ENC_AES_MAC
-+#include "crypto/aes_xcbc_mac.h"
-+
-+/*
-+ * Not IANA number yet (draft-ietf-ipsec-ciph-aes-xcbc-mac-00.txt).
-+ * We use 9 for non-modular algorithm and none for modular, thus
-+ * forcing user to specify one on module load. -kravietz
-+ */
-+#ifdef MODULE
-+static int auth_id=0;
-+#else
-+static int auth_id=9;
-+#endif
-+#ifdef module_param
-+module_param(auth_id, int, 0600);
-+#else
-+MODULE_PARM(auth_id, "i");
-+#endif
-+#endif
-+
-+#define ESP_AES 12 /* truely _constant_ :) */
-+
-+/* 128, 192 or 256 */
-+#define ESP_AES_KEY_SZ_MIN 16 /* 128 bit secret key */
-+#define ESP_AES_KEY_SZ_MAX 32 /* 256 bit secret key */
-+#define ESP_AES_CBC_BLK_LEN 16 /* AES-CBC block size */
-+
-+/* Values according to draft-ietf-ipsec-ciph-aes-xcbc-mac-02.txt
-+ * -kravietz
-+ */
-+#define ESP_AES_MAC_KEY_SZ 16 /* 128 bit MAC key */
-+#define ESP_AES_MAC_BLK_LEN 16 /* 128 bit block */
-+
-+static int _aes_set_key(struct ipsec_alg_enc *alg,
-+ __u8 * key_e, const __u8 * key,
-+ size_t keysize)
-+{
-+ int ret;
-+ AES_CONTEXT_T *ctx=(AES_CONTEXT_T*)key_e;
-+ ret=AES_set_key(ctx, key, keysize)!=0? 0: -EINVAL;
-+ if (debug_aes > 0)
-+ printk(KERN_DEBUG "klips_debug:_aes_set_key:"
-+ "ret=%d key_e=%p key=%p keysize=%ld\n",
-+ ret, key_e, key, (unsigned long int) keysize);
-+ return ret;
-+}
-+
-+static int _aes_cbc_encrypt(struct ipsec_alg_enc *alg, __u8 * key_e,
-+ __u8 * in, int ilen, const __u8 * iv,
-+ int encrypt)
-+{
-+ AES_CONTEXT_T *ctx=(AES_CONTEXT_T*)key_e;
-+ if (debug_aes > 0)
-+ printk(KERN_DEBUG "klips_debug:_aes_cbc_encrypt:"
-+ "key_e=%p in=%p ilen=%d iv=%p encrypt=%d\n",
-+ key_e, in, ilen, iv, encrypt);
-+ return AES_cbc_encrypt(ctx, in, in, ilen, iv, encrypt);
-+}
-+#if CONFIG_KLIPS_ENC_AES_MAC
-+static int _aes_mac_set_key(struct ipsec_alg_auth *alg, __u8 * key_a, const __u8 * key, int keylen) {
-+ aes_context_mac *ctxm=(aes_context_mac *)key_a;
-+ return AES_xcbc_mac_set_key(ctxm, key, keylen)? 0 : -EINVAL;
-+}
-+static int _aes_mac_hash(struct ipsec_alg_auth *alg, __u8 * key_a, const __u8 * dat, int len, __u8 * hash, int hashlen) {
-+ int ret;
-+ char hash_buf[16];
-+ aes_context_mac *ctxm=(aes_context_mac *)key_a;
-+ ret=AES_xcbc_mac_hash(ctxm, dat, len, hash_buf);
-+ memcpy(hash, hash_buf, hashlen);
-+ return ret;
-+}
-+static struct ipsec_alg_auth ipsec_alg_AES_MAC = {
-+ ixt_common: { ixt_version: IPSEC_ALG_VERSION,
-+ ixt_refcnt: ATOMIC_INIT(0),
-+ ixt_name: "aes_mac",
-+ ixt_blocksize: ESP_AES_MAC_BLK_LEN,
-+ ixt_support: {
-+ ias_exttype: IPSEC_ALG_TYPE_AUTH,
-+ ias_id: 0,
-+ ias_keyminbits: ESP_AES_MAC_KEY_SZ*8,
-+ ias_keymaxbits: ESP_AES_MAC_KEY_SZ*8,
-+ },
-+ },
-+#if defined(CONFIG_KLIPS_ENC_AES_MODULE)
-+ ixt_module: THIS_MODULE,
-+#endif
-+ ixt_a_keylen: ESP_AES_MAC_KEY_SZ,
-+ ixt_a_ctx_size: sizeof(aes_context_mac),
-+ ixt_a_hmac_set_key: _aes_mac_set_key,
-+ ixt_a_hmac_hash:_aes_mac_hash,
-+};
-+#endif /* CONFIG_KLIPS_ENC_AES_MAC */
-+static struct ipsec_alg_enc ipsec_alg_AES = {
-+ ixt_common: { ixt_version: IPSEC_ALG_VERSION,
-+ ixt_refcnt: ATOMIC_INIT(0),
-+ ixt_name: "aes",
-+ ixt_blocksize: ESP_AES_CBC_BLK_LEN,
-+ ixt_support: {
-+ ias_exttype: IPSEC_ALG_TYPE_ENCRYPT,
-+ ias_id: ESP_AES,
-+ ias_keyminbits: ESP_AES_KEY_SZ_MIN*8,
-+ ias_keymaxbits: ESP_AES_KEY_SZ_MAX*8,
-+ },
-+ },
-+#if defined(CONFIG_KLIPS_ENC_AES_MODULE)
-+ ixt_module: THIS_MODULE,
-+#endif
-+ ixt_e_keylen: ESP_AES_KEY_SZ_MAX,
-+ ixt_e_ctx_size: sizeof(AES_CONTEXT_T),
-+ ixt_e_set_key: _aes_set_key,
-+ ixt_e_cbc_encrypt:_aes_cbc_encrypt,
-+};
-+
-+#if defined(CONFIG_KLIPS_ENC_AES_MODULE)
-+IPSEC_ALG_MODULE_INIT_MOD( ipsec_aes_init )
-+#else
-+IPSEC_ALG_MODULE_INIT_STATIC( ipsec_aes_init )
-+#endif
-+{
-+ int ret, test_ret;
-+
-+ if (keyminbits)
-+ ipsec_alg_AES.ixt_common.ixt_support.ias_keyminbits=keyminbits;
-+ if (keymaxbits) {
-+ ipsec_alg_AES.ixt_common.ixt_support.ias_keymaxbits=keymaxbits;
-+ if (keymaxbits*8>ipsec_alg_AES.ixt_common.ixt_support.ias_keymaxbits)
-+ ipsec_alg_AES.ixt_e_keylen=keymaxbits*8;
-+ }
-+ if (excl_aes) ipsec_alg_AES.ixt_common.ixt_state |= IPSEC_ALG_ST_EXCL;
-+ ret=register_ipsec_alg_enc(&ipsec_alg_AES);
-+ printk("ipsec_aes_init(alg_type=%d alg_id=%d name=%s): ret=%d\n",
-+ ipsec_alg_AES.ixt_common.ixt_support.ias_exttype,
-+ ipsec_alg_AES.ixt_common.ixt_support.ias_id,
-+ ipsec_alg_AES.ixt_common.ixt_name,
-+ ret);
-+ if (ret==0 && test_aes) {
-+ test_ret=ipsec_alg_test(
-+ ipsec_alg_AES.ixt_common.ixt_support.ias_exttype ,
-+ ipsec_alg_AES.ixt_common.ixt_support.ias_id,
-+ test_aes);
-+ printk("ipsec_aes_init(alg_type=%d alg_id=%d): test_ret=%d\n",
-+ ipsec_alg_AES.ixt_common.ixt_support.ias_exttype ,
-+ ipsec_alg_AES.ixt_common.ixt_support.ias_id,
-+ test_ret);
-+ }
-+#if CONFIG_KLIPS_ENC_AES_MAC
-+ if (auth_id!=0){
-+ int ret;
-+ ipsec_alg_AES_MAC.ixt_common.ixt_support.ias_id=auth_id;
-+ ret=register_ipsec_alg_auth(&ipsec_alg_AES_MAC);
-+ printk("ipsec_aes_init(alg_type=%d alg_id=%d name=%s): ret=%d\n",
-+ ipsec_alg_AES_MAC.ixt_common.ixt_support.ias_exttype,
-+ ipsec_alg_AES_MAC.ixt_common.ixt_support.ias_id,
-+ ipsec_alg_AES_MAC.ixt_common.ixt_name,
-+ ret);
-+ if (ret==0 && test_aes) {
-+ test_ret=ipsec_alg_test(
-+ ipsec_alg_AES_MAC.ixt_common.ixt_support.ias_exttype,
-+ ipsec_alg_AES_MAC.ixt_common.ixt_support.ias_id,
-+ test_aes);
-+ printk("ipsec_aes_init(alg_type=%d alg_id=%d): test_ret=%d\n",
-+ ipsec_alg_AES_MAC.ixt_common.ixt_support.ias_exttype,
-+ ipsec_alg_AES_MAC.ixt_common.ixt_support.ias_id,
-+ test_ret);
-+ }
-+ } else {
-+ printk(KERN_DEBUG "klips_debug: experimental ipsec_alg_AES_MAC not registered [Ok] (auth_id=%d)\n", auth_id);
-+ }
-+#endif /* CONFIG_KLIPS_ENC_AES_MAC */
-+ return ret;
-+}
-+
-+#if defined(CONFIG_KLIPS_ENC_AES_MODULE)
-+IPSEC_ALG_MODULE_EXIT_MOD( ipsec_aes_fini )
-+#else
-+IPSEC_ALG_MODULE_EXIT_STATIC( ipsec_aes_fini )
-+#endif
-+{
-+#if CONFIG_KLIPS_ENC_AES_MAC
-+ if (auth_id) unregister_ipsec_alg_auth(&ipsec_alg_AES_MAC);
-+#endif /* CONFIG_KLIPS_ENC_AES_MAC */
-+ unregister_ipsec_alg_enc(&ipsec_alg_AES);
-+ return;
-+}
-+#ifdef MODULE_LICENSE
-+MODULE_LICENSE("GPL");
-+#endif
-+
-+#if 0 /* +NOT_YET */
-+#ifndef MODULE
-+/*
-+ * This is intended for static module setups, currently
-+ * doesn't work for modular ipsec.o with static algos inside
-+ */
-+static int setup_keybits(const char *str)
-+{
-+ unsigned aux;
-+ char *end;
-+
-+ aux = simple_strtoul(str,&end,0);
-+ if (aux != 128 && aux != 192 && aux != 256)
-+ return 0;
-+ keyminbits = aux;
-+
-+ if (*end == 0 || *end != ',')
-+ return 1;
-+ str=end+1;
-+ aux = simple_strtoul(str, NULL, 0);
-+ if (aux != 128 && aux != 192 && aux != 256)
-+ return 0;
-+ if (aux >= keyminbits)
-+ keymaxbits = aux;
-+ return 1;
-+}
-+__setup("ipsec_aes_keybits=", setup_keybits);
-+#endif
-+#endif
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/alg/Config.alg_aes.in Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,3 @@
-+if [ "$CONFIG_IPSEC_ALG" = "y" ]; then
-+ tristate ' AES encryption algorithm' CONFIG_IPSEC_ENC_AES
-+fi
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/alg/Config.alg_cryptoapi.in Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,6 @@
-+if [ "$CONFIG_IPSEC_ALG" = "y" ]; then
-+ dep_tristate ' CRYPTOAPI ciphers support (needs cryptoapi patch)' CONFIG_IPSEC_ALG_CRYPTOAPI $CONFIG_CRYPTO
-+ if [ "$CONFIG_IPSEC_ALG_CRYPTOAPI" != "n" ]; then
-+ bool ' CRYPTOAPI proprietary ciphers ' CONFIG_IPSEC_ALG_NON_LIBRE
-+ fi
-+fi
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/alg/Config.in Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,3 @@
-+#Placeholder
-+source net/ipsec/alg/Config.alg_aes.in
-+source net/ipsec/alg/Config.alg_cryptoapi.in
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/alg/Makefile Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,112 @@
-+# Makefile,v 1.1.2.1 2003/11/21 18:12:23 jjo Exp
-+ifeq ($(strip $(KLIPSMODULE)),)
-+FREESWANSRCDIR=.
-+else
-+FREESWANSRCDIR=../../../..
-+endif
-+ifeq ($(strip $(KLIPS_TOP)),)
-+KLIPS_TOP=../../..
-+override EXTRA_CFLAGS += -I$(KLIPS_TOP)/include
-+endif
-+
-+ifeq ($(CONFIG_IPSEC_DEBUG),y)
-+override EXTRA_CFLAGS += -g
-+endif
-+
-+# LIBCRYPTO normally comes as an argument from "parent" Makefile
-+# (this applies both to FS' "make module" and eg. Linux' "make modules"
-+# But make dep doest follow same evaluations, so we need this default:
-+LIBCRYPTO=$(TOPDIR)/lib/libcrypto
-+
-+override EXTRA_CFLAGS += -I$(LIBCRYPTO)/include
-+override EXTRA_CFLAGS += -Wall -Wpointer-arith -Wstrict-prototypes
-+
-+MOD_LIST_NAME := NET_MISC_MODULES
-+
-+#O_TARGET := static_init.o
-+
-+subdir- :=
-+subdir-n :=
-+subdir-y :=
-+subdir-m :=
-+
-+obj-y := static_init.o
-+
-+ARCH_ASM-y :=
-+ARCH_ASM-$(CONFIG_M586) := i586
-+ARCH_ASM-$(CONFIG_M586TSC) := i586
-+ARCH_ASM-$(CONFIG_M586MMX) := i586
-+ARCH_ASM-$(CONFIG_MK6) := i586
-+ARCH_ASM-$(CONFIG_M686) := i686
-+ARCH_ASM-$(CONFIG_MPENTIUMIII) := i686
-+ARCH_ASM-$(CONFIG_MPENTIUM4) := i686
-+ARCH_ASM-$(CONFIG_MK7) := i686
-+ARCH_ASM-$(CONFIG_MCRUSOE) := i586
-+ARCH_ASM-$(CONFIG_MWINCHIPC6) := i586
-+ARCH_ASM-$(CONFIG_MWINCHIP2) := i586
-+ARCH_ASM-$(CONFIG_MWINCHIP3D) := i586
-+ARCH_ASM-$(CONFIG_USERMODE) := i586
-+
-+ARCH_ASM :=$(ARCH_ASM-y)
-+ifdef NO_ASM
-+ARCH_ASM :=
-+endif
-+
-+# The algorithm makefiles may put dependences, short-circuit them
-+null:
-+
-+makefiles=$(filter-out %.preipsec, $(wildcard Makefile.alg_*))
-+ifneq ($(makefiles),)
-+#include Makefile.alg_aes
-+#include Makefile.alg_aes-opt
-+include $(makefiles)
-+endif
-+
-+# These rules translate from new to old makefile rules
-+# Translate to Rules.make lists.
-+multi-used := $(filter $(list-multi), $(obj-y) $(obj-m))
-+multi-objs := $(foreach m, $(multi-used), $($(basename $(m))-objs))
-+active-objs := $(sort $(multi-objs) $(obj-y) $(obj-m))
-+O_OBJS := $(obj-y)
-+M_OBJS := $(obj-m)
-+MIX_OBJS := $(filter $(export-objs), $(active-objs))
-+#OX_OBJS := $(export-objs)
-+SUB_DIRS := $(subdir-y)
-+ALL_SUB_DIRS := $(subdir-y) $(subdir-m)
-+MOD_SUB_DIRS := $(subdir-m)
-+
-+
-+static_init_mod.o: $(obj-y)
-+ rm -f $@
-+ $(LD) $(LD_EXTRAFLAGS) $(obj-y) -r -o $@
-+
-+perlasm: ../../../crypto/ciphers/des/asm/perlasm
-+ ln -sf $? $@
-+
-+$(obj-y) $(obj-m): $(TOPDIR)/include/linux/config.h $(TOPDIR)/include/linux/autoconf.h $(KLIPS_TOP)/include/freeswan/ipsec_alg.h
-+$(alg_obj-y) $(alg_obj-m): perlasm $(TOPDIR)/include/linux/config.h $(TOPDIR)/include/linux/autoconf.h $(KLIPS_TOP)/include/freeswan/ipsec_alg.h
-+
-+
-+all_alg_modules: perlasm $(ALG_MODULES)
-+ @echo "ALG_MODULES=$(ALG_MODULES)"
-+
-+
-+#
-+# Construct alg. init. function: call ipsec_ALGO_init() for every static algo
-+# Needed when there are static algos (with static or modular ipsec.o)
-+#
-+static_init.c: $(TOPDIR)/include/linux/autoconf.h Makefile $(makefiles) scripts/mk-static_init.c.sh
-+ @echo "Re-creating $@"
-+ $(SHELL) scripts/mk-static_init.c.sh $(static_init-func-y) > $@
-+
-+clean:
-+ @for i in $(ALG_SUBDIRS);do test -d $$i && make -C $$i clean;done;exit 0
-+ @find . -type l -exec rm -f {} \;
-+ -rm -f perlasm
-+ -rm -rf $(ALG_SUBDIRS)
-+ -rm -f *.o static_init.c
-+
-+ifdef TOPDIR
-+include $(TOPDIR)/Rules.make
-+endif
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/alg/Makefile.alg_aes Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,18 @@
-+MOD_AES := ipsec_aes.o
-+
-+ALG_MODULES += $(MOD_AES)
-+ALG_SUBDIRS += libaes
-+
-+obj-$(CONFIG_IPSEC_ALG_AES) += $(MOD_AES)
-+static_init-func-$(CONFIG_IPSEC_ALG_AES)+= ipsec_aes_init
-+alg_obj-$(CONFIG_IPSEC_ALG_AES) += ipsec_alg_aes.o
-+
-+AES_OBJS := ipsec_alg_aes.o $(LIBCRYPTO)/libaes/libaes.a
-+
-+
-+$(MOD_AES): $(AES_OBJS)
-+ $(LD) $(EXTRA_LDFLAGS) -r $(AES_OBJS) -o $@
-+
-+$(LIBCRYPTO)/libaes/libaes.a:
-+ $(MAKE) -C $(LIBCRYPTO)/libaes CC='$(CC)' 'ARCH_ASM=$(ARCH_ASM)' CFLAGS='$(CFLAGS) $(EXTRA_CFLAGS)' libaes.a
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/alg/Makefile.alg_cryptoapi Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,14 @@
-+MOD_CRYPTOAPI := ipsec_cryptoapi.o
-+
-+ifneq ($(wildcard $(TOPDIR)/include/linux/crypto.h),)
-+ALG_MODULES += $(MOD_CRYPTOAPI)
-+obj-$(CONFIG_IPSEC_ALG_CRYPTOAPI) += $(MOD_CRYPTOAPI)
-+static_init-func-$(CONFIG_IPSEC_ALG_CRYPTOAPI)+= ipsec_cryptoapi_init
-+alg_obj-$(CONFIG_IPSEC_ALG_CRYPTOAPI) += ipsec_alg_cryptoapi.o
-+else
-+$(warning "Linux CryptoAPI (2.4.22+ or 2.6.x) not found, not building ipsec_cryptoapi.o")
-+endif
-+
-+CRYPTOAPI_OBJS := ipsec_alg_cryptoapi.o
-+$(MOD_CRYPTOAPI): $(CRYPTOAPI_OBJS)
-+ $(LD) -r $(CRYPTOAPI_OBJS) -o $@
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/alg/ipsec_alg_cryptoapi.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,442 @@
-+/*
-+ * ipsec_alg to linux cryptoapi GLUE
-+ *
-+ * Authors: CODE.ar TEAM
-+ * Harpo MAxx <harpo@linuxmendoza.org.ar>
-+ * JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar>
-+ * Luciano Ruete <docemeses@softhome.net>
-+ *
-+ * ipsec_alg_cryptoapi.c,v 1.1.2.1 2003/11/21 18:12:23 jjo Exp
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * Example usage:
-+ * modinfo -p ipsec_cryptoapi (quite useful info, including supported algos)
-+ * modprobe ipsec_cryptoapi
-+ * modprobe ipsec_cryptoapi test=1
-+ * modprobe ipsec_cryptoapi excl=1 (exclusive cipher/algo)
-+ * modprobe ipsec_cryptoapi noauto=1 aes=1 twofish=1 (only these ciphers)
-+ * modprobe ipsec_cryptoapi aes=128,128 (force these keylens)
-+ * modprobe ipsec_cryptoapi des_ede3=0 (everything but 3DES)
-+ */
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+
-+/*
-+ * special case: ipsec core modular with this static algo inside:
-+ * must avoid MODULE magic for this file
-+ */
-+#if CONFIG_IPSEC_MODULE && CONFIG_IPSEC_ALG_CRYPTOAPI
-+#undef MODULE
-+#endif
-+
-+#include <linux/module.h>
-+#include <linux/init.h>
-+
-+#include <linux/kernel.h> /* printk() */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/string.h>
-+
-+/* Check if __exit is defined, if not null it */
-+#ifndef __exit
-+#define __exit
-+#endif
-+
-+/* warn the innocent */
-+#if !defined (CONFIG_CRYPTO) && !defined (CONFIG_CRYPTO_MODULE)
-+#warning "No linux CryptoAPI found, install 2.4.22+ or 2.6.x"
-+#define NO_CRYPTOAPI_SUPPORT
-+#endif
-+/* Low freeswan header coupling */
-+#include "openswan/ipsec_alg.h"
-+
-+#include <linux/crypto.h>
-+#ifdef CRYPTO_API_VERSION_CODE
-+#warning "Old CryptoAPI is not supported. Only linux-2.4.22+ or linux-2.6.x are supported"
-+#define NO_CRYPTOAPI_SUPPORT
-+#endif
-+
-+#ifdef NO_CRYPTOAPI_SUPPORT
-+#warning "Building an unusable module :P"
-+/* Catch old CryptoAPI by not allowing module to load */
-+IPSEC_ALG_MODULE_INIT( ipsec_cryptoapi_init )
-+{
-+ printk(KERN_WARNING "ipsec_cryptoapi.o was not built on stock Linux CryptoAPI (2.4.22+ or 2.6.x), not loading.\n");
-+ return -EINVAL;
-+}
-+#else
-+#include <asm/scatterlist.h>
-+#include <asm/pgtable.h>
-+#include <linux/mm.h>
-+
-+#define CIPHERNAME_AES "aes"
-+#define CIPHERNAME_3DES "des3_ede"
-+#define CIPHERNAME_BLOWFISH "blowfish"
-+#define CIPHERNAME_CAST "cast5"
-+#define CIPHERNAME_SERPENT "serpent"
-+#define CIPHERNAME_TWOFISH "twofish"
-+
-+#define ESP_3DES 3
-+#define ESP_AES 12
-+#define ESP_BLOWFISH 7 /* truely _constant_ :) */
-+#define ESP_CAST 6 /* quite constant :) */
-+#define ESP_SERPENT 252 /* from ipsec drafts */
-+#define ESP_TWOFISH 253 /* from ipsec drafts */
-+
-+#define AH_MD5 2
-+#define AH_SHA 3
-+#define DIGESTNAME_MD5 "md5"
-+#define DIGESTNAME_SHA1 "sha1"
-+
-+MODULE_AUTHOR("Juanjo Ciarlante, Harpo MAxx, Luciano Ruete");
-+static int debug=0;
-+static int test=0;
-+static int excl=0;
-+static int noauto = 0;
-+
-+static int des_ede3[] = {-1, -1};
-+static int aes[] = {-1, -1};
-+static int blowfish[] = {-1, -1};
-+static int cast[] = {-1, -1};
-+static int serpent[] = {-1, -1};
-+static int twofish[] = {-1, -1};
-+
-+#ifdef module_param
-+module_param(debug,int,0600);
-+module_param(test,int,0600);
-+module_param(ebug,int,0600);
-+
-+module_param(noauto,int,0600);
-+module_param(ebug,int,0600);
-+
-+module_param_array(des_ede3,int,NULL,0);
-+module_param(aes,int,NULL,0);
-+module_param(blowfish,int,NULL,0);
-+module_param(cast,int,NULL,0);
-+module_param(serpent,int,NULL,0);
-+module_param(twofish,int,NULL,0);
-+#else
-+MODULE_PARM(debug, "i");
-+MODULE_PARM(test, "i");
-+MODULE_PARM(excl, "i");
-+
-+MODULE_PARM(noauto,"i");
-+
-+MODULE_PARM(des_ede3,"1-2i");
-+MODULE_PARM(aes,"1-2i");
-+MODULE_PARM(blowfish,"1-2i");
-+MODULE_PARM(cast,"1-2i");
-+MODULE_PARM(serpent,"1-2i");
-+MODULE_PARM(twofish,"1-2i");
-+#endif
-+
-+MODULE_PARM_DESC(noauto, "Dont try all known algos, just setup enabled ones");
-+
-+MODULE_PARM_DESC(des_ede3, "0: disable | 1: force_enable | min,max: dontuse");
-+MODULE_PARM_DESC(aes, "0: disable | 1: force_enable | min,max: keybitlens");
-+MODULE_PARM_DESC(blowfish, "0: disable | 1: force_enable | min,max: keybitlens");
-+MODULE_PARM_DESC(cast, "0: disable | 1: force_enable | min,max: keybitlens");
-+MODULE_PARM_DESC(serpent, "0: disable | 1: force_enable | min,max: keybitlens");
-+MODULE_PARM_DESC(twofish, "0: disable | 1: force_enable | min,max: keybitlens");
-+
-+struct ipsec_alg_capi_cipher {
-+ const char *ciphername; /* cryptoapi's ciphername */
-+ unsigned blocksize;
-+ unsigned short minbits;
-+ unsigned short maxbits;
-+ int *parm; /* lkm param for this cipher */
-+ struct ipsec_alg_enc alg; /* note it's not a pointer */
-+};
-+static struct ipsec_alg_capi_cipher alg_capi_carray[] = {
-+ { CIPHERNAME_AES , 16, 128, 256, aes , { ixt_alg_id: ESP_AES, }},
-+ { CIPHERNAME_TWOFISH , 16, 128, 256, twofish, { ixt_alg_id: ESP_TWOFISH, }},
-+ { CIPHERNAME_SERPENT , 16, 128, 256, serpent, { ixt_alg_id: ESP_SERPENT, }},
-+ { CIPHERNAME_CAST , 8, 128, 128, cast , { ixt_alg_id: ESP_CAST, }},
-+ { CIPHERNAME_BLOWFISH , 8, 96, 448, blowfish,{ ixt_alg_id: ESP_BLOWFISH, }},
-+ { CIPHERNAME_3DES , 8, 192, 192, des_ede3,{ ixt_alg_id: ESP_3DES, }},
-+ { NULL, 0, 0, 0, NULL, {} }
-+};
-+#ifdef NOT_YET
-+struct ipsec_alg_capi_digest {
-+ const char *digestname; /* cryptoapi's digestname */
-+ struct digest_implementation *di;
-+ struct ipsec_alg_auth alg; /* note it's not a pointer */
-+};
-+static struct ipsec_alg_capi_cipher alg_capi_darray[] = {
-+ { DIGESTNAME_MD5, NULL, { ixt_alg_id: AH_MD5, }},
-+ { DIGESTNAME_SHA1, NULL, { ixt_alg_id: AH_SHA, }},
-+ { NULL, NULL, {} }
-+};
-+#endif
-+/*
-+ * "generic" linux cryptoapi setup_cipher() function
-+ */
-+int setup_cipher(const char *ciphername)
-+{
-+ return crypto_alg_available(ciphername, 0);
-+}
-+
-+/*
-+ * setups ipsec_alg_capi_cipher "hyper" struct components, calling
-+ * register_ipsec_alg for cointaned ipsec_alg object
-+ */
-+static void _capi_destroy_key (struct ipsec_alg_enc *alg, __u8 *key_e);
-+static __u8 * _capi_new_key (struct ipsec_alg_enc *alg, const __u8 *key, size_t keylen);
-+static int _capi_cbc_encrypt(struct ipsec_alg_enc *alg, __u8 * key_e, __u8 * in, int ilen, const __u8 * iv, int encrypt);
-+
-+static int
-+setup_ipsec_alg_capi_cipher(struct ipsec_alg_capi_cipher *cptr)
-+{
-+ int ret;
-+ cptr->alg.ixt_version = IPSEC_ALG_VERSION;
-+ cptr->alg.ixt_module = THIS_MODULE;
-+ atomic_set (& cptr->alg.ixt_refcnt, 0);
-+ strncpy (cptr->alg.ixt_name , cptr->ciphername, sizeof (cptr->alg.ixt_name));
-+
-+ cptr->alg.ixt_blocksize=cptr->blocksize;
-+ cptr->alg.ixt_keyminbits=cptr->minbits;
-+ cptr->alg.ixt_keymaxbits=cptr->maxbits;
-+ cptr->alg.ixt_state = 0;
-+ if (excl) cptr->alg.ixt_state |= IPSEC_ALG_ST_EXCL;
-+ cptr->alg.ixt_e_keylen=cptr->alg.ixt_keymaxbits/8;
-+ cptr->alg.ixt_e_ctx_size = 0;
-+ cptr->alg.ixt_alg_type = IPSEC_ALG_TYPE_ENCRYPT;
-+ cptr->alg.ixt_e_new_key = _capi_new_key;
-+ cptr->alg.ixt_e_destroy_key = _capi_destroy_key;
-+ cptr->alg.ixt_e_cbc_encrypt = _capi_cbc_encrypt;
-+ cptr->alg.ixt_data = cptr;
-+
-+ ret=register_ipsec_alg_enc(&cptr->alg);
-+ printk("setup_ipsec_alg_capi_cipher(): "
-+ "alg_type=%d alg_id=%d name=%s "
-+ "keyminbits=%d keymaxbits=%d, ret=%d\n",
-+ cptr->alg.ixt_alg_type,
-+ cptr->alg.ixt_alg_id,
-+ cptr->alg.ixt_name,
-+ cptr->alg.ixt_keyminbits,
-+ cptr->alg.ixt_keymaxbits,
-+ ret);
-+ return ret;
-+}
-+/*
-+ * called in ipsec_sa_wipe() time, will destroy key contexts
-+ * and do 1 unbind()
-+ */
-+static void
-+_capi_destroy_key (struct ipsec_alg_enc *alg, __u8 *key_e)
-+{
-+ struct crypto_tfm *tfm=(struct crypto_tfm*)key_e;
-+
-+ if (debug > 0)
-+ printk(KERN_DEBUG "klips_debug: _capi_destroy_key:"
-+ "name=%s key_e=%p \n",
-+ alg->ixt_name, key_e);
-+ if (!key_e) {
-+ printk(KERN_ERR "klips_debug: _capi_destroy_key:"
-+ "name=%s NULL key_e!\n",
-+ alg->ixt_name);
-+ return;
-+ }
-+ crypto_free_tfm(tfm);
-+}
-+
-+/*
-+ * create new key context, need alg->ixt_data to know which
-+ * (of many) cipher inside this module is the target
-+ */
-+static __u8 *
-+_capi_new_key (struct ipsec_alg_enc *alg, const __u8 *key, size_t keylen)
-+{
-+ struct ipsec_alg_capi_cipher *cptr;
-+ struct crypto_tfm *tfm=NULL;
-+
-+ cptr = alg->ixt_data;
-+ if (!cptr) {
-+ printk(KERN_ERR "_capi_new_key(): "
-+ "NULL ixt_data (?!) for \"%s\" algo\n"
-+ , alg->ixt_name);
-+ goto err;
-+ }
-+ if (debug > 0)
-+ printk(KERN_DEBUG "klips_debug:_capi_new_key:"
-+ "name=%s cptr=%p key=%p keysize=%d\n",
-+ alg->ixt_name, cptr, key, keylen);
-+
-+ /*
-+ * alloc tfm
-+ */
-+ tfm = crypto_alloc_tfm(cptr->ciphername, CRYPTO_TFM_MODE_CBC);
-+ if (!tfm) {
-+ printk(KERN_ERR "_capi_new_key(): "
-+ "NULL tfm for \"%s\" cryptoapi (\"%s\") algo\n"
-+ , alg->ixt_name, cptr->ciphername);
-+ goto err;
-+ }
-+ if (crypto_cipher_setkey(tfm, key, keylen) < 0) {
-+ printk(KERN_ERR "_capi_new_key(): "
-+ "failed new_key() for \"%s\" cryptoapi algo (keylen=%d)\n"
-+ , alg->ixt_name, keylen);
-+ crypto_free_tfm(tfm);
-+ tfm=NULL;
-+ }
-+err:
-+ if (debug > 0)
-+ printk(KERN_DEBUG "klips_debug:_capi_new_key:"
-+ "name=%s key=%p keylen=%d tfm=%p\n",
-+ alg->ixt_name, key, keylen, tfm);
-+ return (__u8 *) tfm;
-+}
-+/*
-+ * core encryption function: will use cx->ci to call actual cipher's
-+ * cbc function
-+ */
-+static int
-+_capi_cbc_encrypt(struct ipsec_alg_enc *alg, __u8 * key_e, __u8 * in, int ilen, const __u8 * iv, int encrypt) {
-+ int error =0;
-+ struct crypto_tfm *tfm=(struct crypto_tfm *)key_e;
-+ struct scatterlist sg = {
-+ .page = virt_to_page(in),
-+ .offset = (unsigned long)(in) % PAGE_SIZE,
-+ .length=ilen,
-+ };
-+ if (debug > 1)
-+ printk(KERN_DEBUG "klips_debug:_capi_cbc_encrypt:"
-+ "key_e=%p "
-+ "in=%p out=%p ilen=%d iv=%p encrypt=%d\n"
-+ , key_e
-+ , in, in, ilen, iv, encrypt);
-+ crypto_cipher_set_iv(tfm, iv, crypto_tfm_alg_ivsize(tfm));
-+ if (encrypt)
-+ error = crypto_cipher_encrypt (tfm, &sg, &sg, ilen);
-+ else
-+ error = crypto_cipher_decrypt (tfm, &sg, &sg, ilen);
-+ if (debug > 1)
-+ printk(KERN_DEBUG "klips_debug:_capi_cbc_encrypt:"
-+ "error=%d\n"
-+ , error);
-+ return (error<0)? error : ilen;
-+}
-+/*
-+ * main initialization loop: for each cipher in list, do
-+ * 1) setup cryptoapi cipher else continue
-+ * 2) register ipsec_alg object
-+ */
-+static int
-+setup_cipher_list (struct ipsec_alg_capi_cipher* clist)
-+{
-+ struct ipsec_alg_capi_cipher *cptr;
-+ /* foreach cipher in list ... */
-+ for (cptr=clist;cptr->ciphername;cptr++) {
-+ /*
-+ * see if cipher has been disabled (0) or
-+ * if noauto set and not enabled (1)
-+ */
-+ if (cptr->parm[0] == 0 || (noauto && cptr->parm[0] < 0)) {
-+ if (debug>0)
-+ printk(KERN_INFO "setup_cipher_list(): "
-+ "ciphername=%s skipped at user request: "
-+ "noauto=%d parm[0]=%d parm[1]=%d\n"
-+ , cptr->ciphername
-+ , noauto
-+ , cptr->parm[0]
-+ , cptr->parm[1]);
-+ continue;
-+ }
-+ /*
-+ * use a local ci to avoid touching cptr->ci,
-+ * if register ipsec_alg success then bind cipher
-+ */
-+ if( setup_cipher(cptr->ciphername) ) {
-+ if (debug > 0)
-+ printk(KERN_DEBUG "klips_debug:"
-+ "setup_cipher_list():"
-+ "ciphername=%s found\n"
-+ , cptr->ciphername);
-+ if (setup_ipsec_alg_capi_cipher(cptr) == 0) {
-+
-+
-+ } else {
-+ printk(KERN_ERR "klips_debug:"
-+ "setup_cipher_list():"
-+ "ciphername=%s failed ipsec_alg_register\n"
-+ , cptr->ciphername);
-+ }
-+ } else {
-+ if (debug>0)
-+ printk(KERN_INFO "setup_cipher_list(): lookup for ciphername=%s: not found \n",
-+ cptr->ciphername);
-+ }
-+ }
-+ return 0;
-+}
-+/*
-+ * deregister ipsec_alg objects and unbind ciphers
-+ */
-+static int
-+unsetup_cipher_list (struct ipsec_alg_capi_cipher* clist)
-+{
-+ struct ipsec_alg_capi_cipher *cptr;
-+ /* foreach cipher in list ... */
-+ for (cptr=clist;cptr->ciphername;cptr++) {
-+ if (cptr->alg.ixt_state & IPSEC_ALG_ST_REGISTERED) {
-+ unregister_ipsec_alg_enc(&cptr->alg);
-+ }
-+ }
-+ return 0;
-+}
-+/*
-+ * test loop for registered algos
-+ */
-+static int
-+test_cipher_list (struct ipsec_alg_capi_cipher* clist)
-+{
-+ int test_ret;
-+ struct ipsec_alg_capi_cipher *cptr;
-+ /* foreach cipher in list ... */
-+ for (cptr=clist;cptr->ciphername;cptr++) {
-+ if (cptr->alg.ixt_state & IPSEC_ALG_ST_REGISTERED) {
-+ test_ret=ipsec_alg_test(
-+ cptr->alg.ixt_alg_type,
-+ cptr->alg.ixt_alg_id,
-+ test);
-+ printk("test_cipher_list(alg_type=%d alg_id=%d): test_ret=%d\n",
-+ cptr->alg.ixt_alg_type,
-+ cptr->alg.ixt_alg_id,
-+ test_ret);
-+ }
-+ }
-+ return 0;
-+}
-+
-+IPSEC_ALG_MODULE_INIT( ipsec_cryptoapi_init )
-+{
-+ int ret, test_ret;
-+ if ((ret=setup_cipher_list(alg_capi_carray)) < 0)
-+ return -EPROTONOSUPPORT;
-+ if (ret==0 && test) {
-+ test_ret=test_cipher_list(alg_capi_carray);
-+ }
-+ return ret;
-+}
-+IPSEC_ALG_MODULE_EXIT( ipsec_cryptoapi_fini )
-+{
-+ unsetup_cipher_list(alg_capi_carray);
-+ return;
-+}
-+#ifdef MODULE_LICENSE
-+MODULE_LICENSE("GPL");
-+#endif
-+
-+EXPORT_NO_SYMBOLS;
-+#endif /* NO_CRYPTOAPI_SUPPORT */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/alg/scripts/mk-static_init.c.sh Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,18 @@
-+#!/bin/sh
-+cat << EOF
-+#include <linux/kernel.h>
-+#include <linux/list.h>
-+#include "freeswan/ipsec_alg.h"
-+$(for i in $*; do
-+ test -z "$i" && continue
-+ echo "extern int $i(void);"
-+done)
-+void ipsec_alg_static_init(void){
-+ int __attribute__ ((unused)) err=0;
-+$(for i in $*; do
-+ test -z "$i" && continue
-+ echo " if ((err=$i()) < 0)"
-+ echo " printk(KERN_WARNING \"$i() returned %d\", err);"
-+done)
-+}
-+EOF
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/anyaddr.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,148 @@
-+/*
-+ * special addresses
-+ * Copyright (C) 2000 Henry Spencer.
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: anyaddr.c,v 1.10.10.1 2006/11/24 05:55:46 paul Exp $
-+ */
-+#include "openswan.h"
-+
-+/* these are mostly fallbacks for the no-IPv6-support-in-library case */
-+#ifndef IN6ADDR_ANY_INIT
-+#define IN6ADDR_ANY_INIT {{{ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 }}}
-+#endif
-+#ifndef IN6ADDR_LOOPBACK_INIT
-+#define IN6ADDR_LOOPBACK_INIT {{{ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1 }}}
-+#endif
-+
-+static struct in6_addr v6any = IN6ADDR_ANY_INIT;
-+static struct in6_addr v6loop = IN6ADDR_LOOPBACK_INIT;
-+
-+/*
-+ - anyaddr - initialize to the any-address value
-+ */
-+err_t /* NULL for success, else string literal */
-+anyaddr(af, dst)
-+int af; /* address family */
-+ip_address *dst;
-+{
-+ uint32_t v4any = htonl(INADDR_ANY);
-+
-+ switch (af) {
-+ case AF_INET:
-+ return initaddr((unsigned char *)&v4any, sizeof(v4any), af, dst);
-+ break;
-+ case AF_INET6:
-+ return initaddr((unsigned char *)&v6any, sizeof(v6any), af, dst);
-+ break;
-+ default:
-+ return "unknown address family in anyaddr/unspecaddr";
-+ break;
-+ }
-+}
-+
-+/*
-+ - unspecaddr - initialize to the unspecified-address value
-+ */
-+err_t /* NULL for success, else string literal */
-+unspecaddr(af, dst)
-+int af; /* address family */
-+ip_address *dst;
-+{
-+ return anyaddr(af, dst);
-+}
-+
-+/*
-+ - loopbackaddr - initialize to the loopback-address value
-+ */
-+err_t /* NULL for success, else string literal */
-+loopbackaddr(af, dst)
-+int af; /* address family */
-+ip_address *dst;
-+{
-+ uint32_t v4loop = htonl(INADDR_LOOPBACK);
-+
-+ switch (af) {
-+ case AF_INET:
-+ return initaddr((unsigned char *)&v4loop, sizeof(v4loop), af, dst);
-+ break;
-+ case AF_INET6:
-+ return initaddr((unsigned char *)&v6loop, sizeof(v6loop), af, dst);
-+ break;
-+ default:
-+ return "unknown address family in loopbackaddr";
-+ break;
-+ }
-+}
-+
-+/*
-+ - isanyaddr - test for the any-address value
-+ */
-+int
-+isanyaddr(src)
-+const ip_address *src;
-+{
-+ uint32_t v4any = htonl(INADDR_ANY);
-+ int cmp;
-+
-+ switch (src->u.v4.sin_family) {
-+ case AF_INET:
-+ cmp = memcmp(&src->u.v4.sin_addr.s_addr, &v4any, sizeof(v4any));
-+ break;
-+ case AF_INET6:
-+ cmp = memcmp(&src->u.v6.sin6_addr, &v6any, sizeof(v6any));
-+ break;
-+ case 0:
-+ /* a zeroed structure is considered any address */
-+ return 1;
-+ default:
-+ return 0;
-+ break;
-+ }
-+
-+ return (cmp == 0) ? 1 : 0;
-+}
-+
-+/*
-+ - isunspecaddr - test for the unspecified-address value
-+ */
-+int
-+isunspecaddr(src)
-+const ip_address *src;
-+{
-+ return isanyaddr(src);
-+}
-+
-+/*
-+ - isloopbackaddr - test for the loopback-address value
-+ */
-+int
-+isloopbackaddr(src)
-+const ip_address *src;
-+{
-+ uint32_t v4loop = htonl(INADDR_LOOPBACK);
-+ int cmp;
-+
-+ switch (src->u.v4.sin_family) {
-+ case AF_INET:
-+ cmp = memcmp(&src->u.v4.sin_addr.s_addr, &v4loop, sizeof(v4loop));
-+ break;
-+ case AF_INET6:
-+ cmp = memcmp(&src->u.v6.sin6_addr, &v6loop, sizeof(v6loop));
-+ break;
-+ default:
-+ return 0;
-+ break;
-+ }
-+
-+ return (cmp == 0) ? 1 : 0;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/datatot.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,234 @@
-+/*
-+ * convert from binary data (e.g. key) to text form
-+ * Copyright (C) 2000 Henry Spencer.
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: datatot.c,v 1.7 2005/04/14 20:48:43 mcr Exp $
-+ */
-+#include "openswan.h"
-+
-+static void convert(const char *src, size_t nreal, int format, char *out);
-+
-+/*
-+ - datatot - convert data bytes to text
-+ */
-+size_t /* true length (with NUL) for success */
-+datatot(src, srclen, format, dst, dstlen)
-+const char *src;
-+size_t srclen;
-+int format; /* character indicating what format */
-+char *dst; /* need not be valid if dstlen is 0 */
-+size_t dstlen;
-+{
-+ size_t inblocksize; /* process this many bytes at a time */
-+ size_t outblocksize; /* producing this many */
-+ size_t breakevery; /* add a _ every this many (0 means don't) */
-+ size_t sincebreak; /* output bytes since last _ */
-+ char breakchar; /* character used to break between groups */
-+ char inblock[10]; /* enough for any format */
-+ char outblock[10]; /* enough for any format */
-+ char fake[1]; /* fake output area for dstlen == 0 */
-+ size_t needed; /* return value */
-+ char *stop; /* where the terminating NUL will go */
-+ size_t ntodo; /* remaining input */
-+ size_t nreal;
-+ char *out;
-+ char *prefix;
-+
-+ breakevery = 0;
-+ breakchar = '_';
-+
-+ switch (format) {
-+ case 0:
-+ case 'h':
-+ format = 'x';
-+ breakevery = 8;
-+ /* FALLTHROUGH */
-+ case 'x':
-+ inblocksize = 1;
-+ outblocksize = 2;
-+ prefix = "0x";
-+ break;
-+ case ':':
-+ format = 'x';
-+ breakevery = 2;
-+ breakchar = ':';
-+ /* FALLTHROUGH */
-+ case 16:
-+ inblocksize = 1;
-+ outblocksize = 2;
-+ prefix = "";
-+ format = 'x';
-+ break;
-+ case 's':
-+ inblocksize = 3;
-+ outblocksize = 4;
-+ prefix = "0s";
-+ break;
-+ case 64: /* beware, equals ' ' */
-+ inblocksize = 3;
-+ outblocksize = 4;
-+ prefix = "";
-+ format = 's';
-+ break;
-+ default:
-+ return 0;
-+ break;
-+ }
-+
-+ user_assert(inblocksize < sizeof(inblock));
-+ user_assert(outblocksize < sizeof(outblock));
-+ user_assert(breakevery % outblocksize == 0);
-+
-+ if (srclen == 0)
-+ return 0;
-+ ntodo = srclen;
-+
-+ if (dstlen == 0) { /* dispose of awkward special case */
-+ dst = fake;
-+ dstlen = 1;
-+ }
-+ stop = dst + dstlen - 1;
-+
-+ nreal = strlen(prefix);
-+ needed = nreal; /* for starters */
-+ if (dstlen <= nreal) { /* prefix won't fit */
-+ strncpy(dst, prefix, dstlen - 1);
-+ dst += dstlen - 1;
-+ } else {
-+ strcpy(dst, prefix);
-+ dst += nreal;
-+ }
-+
-+ user_assert(dst <= stop);
-+ sincebreak = 0;
-+
-+ while (ntodo > 0) {
-+ if (ntodo < inblocksize) { /* incomplete input */
-+ memset(inblock, 0, sizeof(inblock));
-+ memcpy(inblock, src, ntodo);
-+ src = inblock;
-+ nreal = ntodo;
-+ ntodo = inblocksize;
-+ } else
-+ nreal = inblocksize;
-+ out = (outblocksize > stop - dst) ? outblock : dst;
-+
-+ convert(src, nreal, format, out);
-+ needed += outblocksize;
-+ sincebreak += outblocksize;
-+ if (dst < stop) {
-+ if (out != dst) {
-+ user_assert(outblocksize > stop - dst);
-+ memcpy(dst, out, stop - dst);
-+ dst = stop;
-+ } else
-+ dst += outblocksize;
-+ }
-+
-+ src += inblocksize;
-+ ntodo -= inblocksize;
-+ if (breakevery != 0 && sincebreak >= breakevery && ntodo > 0) {
-+ if (dst < stop)
-+ *dst++ = breakchar;
-+ needed++;
-+ sincebreak = 0;
-+ }
-+ }
-+
-+ user_assert(dst <= stop);
-+ *dst++ = '\0';
-+ needed++;
-+
-+ return needed;
-+}
-+
-+/*
-+ - convert - convert one input block to one output block
-+ */
-+static void
-+convert(src, nreal, format, out)
-+const char *src;
-+size_t nreal; /* how much of the input block is real */
-+int format;
-+char *out;
-+{
-+ static char hex[] = "0123456789abcdef";
-+ static char base64[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
-+ "abcdefghijklmnopqrstuvwxyz"
-+ "0123456789+/";
-+ unsigned char c;
-+ unsigned char c1, c2, c3;
-+
-+ user_assert(nreal > 0);
-+ switch (format) {
-+ case 'x':
-+ user_assert(nreal == 1);
-+ c = (unsigned char)*src;
-+ *out++ = hex[c >> 4];
-+ *out++ = hex[c & 0xf];
-+ break;
-+ case 's':
-+ c1 = (unsigned char)*src++;
-+ c2 = (unsigned char)*src++;
-+ c3 = (unsigned char)*src++;
-+ *out++ = base64[c1 >> 2]; /* top 6 bits of c1 */
-+ c = (c1 & 0x3) << 4; /* bottom 2 of c1... */
-+ c |= c2 >> 4; /* ...top 4 of c2 */
-+ *out++ = base64[c];
-+ if (nreal == 1)
-+ *out++ = '=';
-+ else {
-+ c = (c2 & 0xf) << 2; /* bottom 4 of c2... */
-+ c |= c3 >> 6; /* ...top 2 of c3 */
-+ *out++ = base64[c];
-+ }
-+ if (nreal <= 2)
-+ *out++ = '=';
-+ else
-+ *out++ = base64[c3 & 0x3f]; /* bottom 6 of c3 */
-+ break;
-+ default:
-+ user_assert(nreal == 0); /* unknown format */
-+ break;
-+ }
-+}
-+
-+/*
-+ - datatoa - convert data to ASCII
-+ * backward-compatibility synonym for datatot
-+ */
-+size_t /* true length (with NUL) for success */
-+datatoa(src, srclen, format, dst, dstlen)
-+const char *src;
-+size_t srclen;
-+int format; /* character indicating what format */
-+char *dst; /* need not be valid if dstlen is 0 */
-+size_t dstlen;
-+{
-+ return datatot(src, srclen, format, dst, dstlen);
-+}
-+
-+/*
-+ - bytestoa - convert data bytes to ASCII
-+ * backward-compatibility synonym for datatot
-+ */
-+size_t /* true length (with NUL) for success */
-+bytestoa(src, srclen, format, dst, dstlen)
-+const char *src;
-+size_t srclen;
-+int format; /* character indicating what format */
-+char *dst; /* need not be valid if dstlen is 0 */
-+size_t dstlen;
-+{
-+ return datatot(src, srclen, format, dst, dstlen);
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/defconfig Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,148 @@
-+
-+#
-+# RCSID $Id: defconfig,v 1.28.2.1 2006/10/11 18:14:33 paul Exp $
-+#
-+
-+#
-+# FreeS/WAN IPSec implementation, KLIPS kernel config defaults
-+#
-+
-+#
-+# First, lets override stuff already set or not in the kernel config.
-+#
-+# We can't even think about leaving this off...
-+CONFIG_INET=y
-+
-+#
-+# This must be on for subnet protection.
-+CONFIG_IP_FORWARD=y
-+
-+# Shut off IPSEC masquerading if it has been enabled, since it will
-+# break the compile. IPPROTO_ESP and IPPROTO_AH were included in
-+# net/ipv4/ip_masq.c when they should have gone into include/linux/in.h.
-+CONFIG_IP_MASQUERADE_IPSEC=n
-+
-+#
-+# Next, lets set the recommended FreeS/WAN configuration.
-+#
-+
-+# To config as static (preferred), 'y'. To config as module, 'm'.
-+CONFIG_KLIPS=m
-+
-+# To do tunnel mode IPSec, this must be enabled.
-+CONFIG_KLIPS_IPIP=y
-+
-+# To enable authentication, say 'y'. (Highly recommended)
-+CONFIG_KLIPS_AH=y
-+
-+# Authentication algorithm(s):
-+CONFIG_KLIPS_AUTH_HMAC_MD5=y
-+CONFIG_KLIPS_AUTH_HMAC_SHA1=y
-+
-+# To enable encryption, say 'y'. (Highly recommended)
-+CONFIG_KLIPS_ESP=y
-+
-+# modular algo extensions (and new ALGOs)
-+CONFIG_KLIPS_ALG=y
-+
-+# Encryption algorithm(s):
-+CONFIG_KLIPS_ENC_3DES=y
-+CONFIG_KLIPS_ENC_AES=y
-+# CONFIG_KLIPS_ENC_NULL=y
-+
-+# Use CryptoAPI for ALG? - by default, no.
-+CONFIG_KLIPS_ENC_CRYPTOAPI=n
-+
-+# IP Compression: new, probably still has minor bugs.
-+CONFIG_KLIPS_IPCOMP=y
-+
-+# To enable userspace-switchable KLIPS debugging, say 'y'.
-+CONFIG_KLIPS_DEBUG=y
-+
-+# NAT Traversal
-+CONFIG_IPSEC_NAT_TRAVERSAL=y
-+
-+#
-+#
-+# $Log: defconfig,v $
-+# Revision 1.28.2.1 2006/10/11 18:14:33 paul
-+# Add JuanJo Ciarlante's ESP_NULL patches for KLIPS, but leave it disabled
-+# per default.
-+#
-+# Revision 1.28 2005/05/11 03:15:42 mcr
-+# adjusted makefiles to sanely build modules properly.
-+#
-+# Revision 1.27 2005/03/20 03:00:05 mcr
-+# default configuration should enable NAT_TRAVERSAL.
-+#
-+# Revision 1.26 2004/07/10 19:11:18 mcr
-+# CONFIG_IPSEC -> CONFIG_KLIPS.
-+#
-+# Revision 1.25 2004/07/05 01:03:53 mcr
-+# fix for adding cryptoapi code.
-+# keep it off for now, since UMLs do not have it yet.
-+#
-+# Revision 1.24 2004/04/06 02:49:25 mcr
-+# pullup of algo code from alg-branch.
-+#
-+# Revision 1.23.2.2 2004/04/05 04:30:46 mcr
-+# patches for alg-branch to compile/work with 2.x openswan
-+#
-+# Revision 1.23.2.1 2003/12/22 15:25:52 jjo
-+# . Merged algo-0.8.1-rc11-test1 into alg-branch
-+#
-+# Revision 1.23 2003/12/10 01:14:27 mcr
-+# NAT-traversal patches to KLIPS.
-+#
-+# Revision 1.22 2003/02/24 19:37:27 mcr
-+# changed default compilation mode to static.
-+#
-+# Revision 1.21 2002/04/24 07:36:27 mcr
-+# Moved from ./klips/net/ipsec/defconfig,v
-+#
-+# Revision 1.20 2002/04/02 04:07:40 mcr
-+# default build is now 'm'odule for KLIPS
-+#
-+# Revision 1.19 2002/03/08 18:57:17 rgb
-+# Added a blank line at the beginning of the file to make it easier for
-+# other projects to patch ./arch/i386/defconfig, for example
-+# LIDS+grSecurity requested by Jason Pattie.
-+#
-+# Revision 1.18 2000/11/30 17:26:56 rgb
-+# Cleaned out unused options and enabled ipcomp by default.
-+#
-+# Revision 1.17 2000/09/15 11:37:01 rgb
-+# Merge in heavily modified Svenning Soerensen's <svenning@post5.tele.dk>
-+# IPCOMP zlib deflate code.
-+#
-+# Revision 1.16 2000/09/08 19:12:55 rgb
-+# Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
-+#
-+# Revision 1.15 2000/05/24 19:37:13 rgb
-+# *** empty log message ***
-+#
-+# Revision 1.14 2000/05/11 21:14:57 henry
-+# just commenting the FOOBAR=y lines out is not enough
-+#
-+# Revision 1.13 2000/05/10 20:17:58 rgb
-+# Comment out netlink defaults, which are no longer needed.
-+#
-+# Revision 1.12 2000/05/10 19:13:38 rgb
-+# Added configure option to shut off no eroute passthrough.
-+#
-+# Revision 1.11 2000/03/16 07:09:46 rgb
-+# Hardcode PF_KEYv2 support.
-+# Disable IPSEC_ICMP by default.
-+# Remove DES config option from defaults file.
-+#
-+# Revision 1.10 2000/01/11 03:09:42 rgb
-+# Added a default of 'y' to PF_KEYv2 keying I/F.
-+#
-+# Revision 1.9 1999/05/08 21:23:12 rgb
-+# Added support for 2.2.x kernels.
-+#
-+# Revision 1.8 1999/04/06 04:54:25 rgb
-+# Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+# patch shell fixes.
-+#
-+#
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/deflate.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,1351 @@
-+/* deflate.c -- compress data using the deflation algorithm
-+ * Copyright (C) 1995-2002 Jean-loup Gailly.
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+/*
-+ * ALGORITHM
-+ *
-+ * The "deflation" process depends on being able to identify portions
-+ * of the input text which are identical to earlier input (within a
-+ * sliding window trailing behind the input currently being processed).
-+ *
-+ * The most straightforward technique turns out to be the fastest for
-+ * most input files: try all possible matches and select the longest.
-+ * The key feature of this algorithm is that insertions into the string
-+ * dictionary are very simple and thus fast, and deletions are avoided
-+ * completely. Insertions are performed at each input character, whereas
-+ * string matches are performed only when the previous match ends. So it
-+ * is preferable to spend more time in matches to allow very fast string
-+ * insertions and avoid deletions. The matching algorithm for small
-+ * strings is inspired from that of Rabin & Karp. A brute force approach
-+ * is used to find longer strings when a small match has been found.
-+ * A similar algorithm is used in comic (by Jan-Mark Wams) and freeze
-+ * (by Leonid Broukhis).
-+ * A previous version of this file used a more sophisticated algorithm
-+ * (by Fiala and Greene) which is guaranteed to run in linear amortized
-+ * time, but has a larger average cost, uses more memory and is patented.
-+ * However the F&G algorithm may be faster for some highly redundant
-+ * files if the parameter max_chain_length (described below) is too large.
-+ *
-+ * ACKNOWLEDGEMENTS
-+ *
-+ * The idea of lazy evaluation of matches is due to Jan-Mark Wams, and
-+ * I found it in 'freeze' written by Leonid Broukhis.
-+ * Thanks to many people for bug reports and testing.
-+ *
-+ * REFERENCES
-+ *
-+ * Deutsch, L.P.,"DEFLATE Compressed Data Format Specification".
-+ * Available in ftp://ds.internic.net/rfc/rfc1951.txt
-+ *
-+ * A description of the Rabin and Karp algorithm is given in the book
-+ * "Algorithms" by R. Sedgewick, Addison-Wesley, p252.
-+ *
-+ * Fiala,E.R., and Greene,D.H.
-+ * Data Compression with Finite Windows, Comm.ACM, 32,4 (1989) 490-595
-+ *
-+ */
-+
-+/* @(#) $Id: deflate.c,v 1.4 2004/07/10 07:48:37 mcr Exp $ */
-+
-+#include "deflate.h"
-+
-+local const char deflate_copyright[] =
-+ " deflate 1.1.4 Copyright 1995-2002 Jean-loup Gailly ";
-+/*
-+ If you use the zlib library in a product, an acknowledgment is welcome
-+ in the documentation of your product. If for some reason you cannot
-+ include such an acknowledgment, I would appreciate that you keep this
-+ copyright string in the executable of your product.
-+ */
-+
-+/* ===========================================================================
-+ * Function prototypes.
-+ */
-+typedef enum {
-+ need_more, /* block not completed, need more input or more output */
-+ block_done, /* block flush performed */
-+ finish_started, /* finish started, need only more output at next deflate */
-+ finish_done /* finish done, accept no more input or output */
-+} block_state;
-+
-+typedef block_state (*compress_func) OF((deflate_state *s, int flush));
-+/* Compression function. Returns the block state after the call. */
-+
-+local void fill_window OF((deflate_state *s));
-+local block_state deflate_stored OF((deflate_state *s, int flush));
-+local block_state deflate_fast OF((deflate_state *s, int flush));
-+local block_state deflate_slow OF((deflate_state *s, int flush));
-+local void lm_init OF((deflate_state *s));
-+local void putShortMSB OF((deflate_state *s, uInt b));
-+local void flush_pending OF((z_streamp strm));
-+local int read_buf OF((z_streamp strm, Bytef *buf, unsigned size));
-+#ifdef ASMV
-+ void match_init OF((void)); /* asm code initialization */
-+ uInt longest_match OF((deflate_state *s, IPos cur_match));
-+#else
-+local uInt longest_match OF((deflate_state *s, IPos cur_match));
-+#endif
-+
-+#ifdef DEBUG
-+local void check_match OF((deflate_state *s, IPos start, IPos match,
-+ int length));
-+#endif
-+
-+/* ===========================================================================
-+ * Local data
-+ */
-+
-+#define NIL 0
-+/* Tail of hash chains */
-+
-+#ifndef TOO_FAR
-+# define TOO_FAR 4096
-+#endif
-+/* Matches of length 3 are discarded if their distance exceeds TOO_FAR */
-+
-+#define MIN_LOOKAHEAD (MAX_MATCH+MIN_MATCH+1)
-+/* Minimum amount of lookahead, except at the end of the input file.
-+ * See deflate.c for comments about the MIN_MATCH+1.
-+ */
-+
-+/* Values for max_lazy_match, good_match and max_chain_length, depending on
-+ * the desired pack level (0..9). The values given below have been tuned to
-+ * exclude worst case performance for pathological files. Better values may be
-+ * found for specific files.
-+ */
-+typedef struct config_s {
-+ ush good_length; /* reduce lazy search above this match length */
-+ ush max_lazy; /* do not perform lazy search above this match length */
-+ ush nice_length; /* quit search above this match length */
-+ ush max_chain;
-+ compress_func func;
-+} config;
-+
-+local const config configuration_table[10] = {
-+/* good lazy nice chain */
-+/* 0 */ {0, 0, 0, 0, deflate_stored}, /* store only */
-+/* 1 */ {4, 4, 8, 4, deflate_fast}, /* maximum speed, no lazy matches */
-+/* 2 */ {4, 5, 16, 8, deflate_fast},
-+/* 3 */ {4, 6, 32, 32, deflate_fast},
-+
-+/* 4 */ {4, 4, 16, 16, deflate_slow}, /* lazy matches */
-+/* 5 */ {8, 16, 32, 32, deflate_slow},
-+/* 6 */ {8, 16, 128, 128, deflate_slow},
-+/* 7 */ {8, 32, 128, 256, deflate_slow},
-+/* 8 */ {32, 128, 258, 1024, deflate_slow},
-+/* 9 */ {32, 258, 258, 4096, deflate_slow}}; /* maximum compression */
-+
-+/* Note: the deflate() code requires max_lazy >= MIN_MATCH and max_chain >= 4
-+ * For deflate_fast() (levels <= 3) good is ignored and lazy has a different
-+ * meaning.
-+ */
-+
-+#define EQUAL 0
-+/* result of memcmp for equal strings */
-+
-+struct static_tree_desc_s {int dummy;}; /* for buggy compilers */
-+
-+/* ===========================================================================
-+ * Update a hash value with the given input byte
-+ * IN assertion: all calls to to UPDATE_HASH are made with consecutive
-+ * input characters, so that a running hash key can be computed from the
-+ * previous key instead of complete recalculation each time.
-+ */
-+#define UPDATE_HASH(s,h,c) (h = (((h)<<s->hash_shift) ^ (c)) & s->hash_mask)
-+
-+
-+/* ===========================================================================
-+ * Insert string str in the dictionary and set match_head to the previous head
-+ * of the hash chain (the most recent string with same hash key). Return
-+ * the previous length of the hash chain.
-+ * If this file is compiled with -DFASTEST, the compression level is forced
-+ * to 1, and no hash chains are maintained.
-+ * IN assertion: all calls to to INSERT_STRING are made with consecutive
-+ * input characters and the first MIN_MATCH bytes of str are valid
-+ * (except for the last MIN_MATCH-1 bytes of the input file).
-+ */
-+#ifdef FASTEST
-+#define INSERT_STRING(s, str, match_head) \
-+ (UPDATE_HASH(s, s->ins_h, s->window[(str) + (MIN_MATCH-1)]), \
-+ match_head = s->head[s->ins_h], \
-+ s->head[s->ins_h] = (Pos)(str))
-+#else
-+#define INSERT_STRING(s, str, match_head) \
-+ (UPDATE_HASH(s, s->ins_h, s->window[(str) + (MIN_MATCH-1)]), \
-+ s->prev[(str) & s->w_mask] = match_head = s->head[s->ins_h], \
-+ s->head[s->ins_h] = (Pos)(str))
-+#endif
-+
-+/* ===========================================================================
-+ * Initialize the hash table (avoiding 64K overflow for 16 bit systems).
-+ * prev[] will be initialized on the fly.
-+ */
-+#define CLEAR_HASH(s) \
-+ s->head[s->hash_size-1] = NIL; \
-+ zmemzero((Bytef *)s->head, (unsigned)(s->hash_size-1)*sizeof(*s->head));
-+
-+/* ========================================================================= */
-+int ZEXPORT deflateInit_(strm, level, version, stream_size)
-+ z_streamp strm;
-+ int level;
-+ const char *version;
-+ int stream_size;
-+{
-+ return deflateInit2_(strm, level, Z_DEFLATED, MAX_WBITS, DEF_MEM_LEVEL,
-+ Z_DEFAULT_STRATEGY, version, stream_size);
-+ /* To do: ignore strm->next_in if we use it as window */
-+}
-+
-+/* ========================================================================= */
-+int ZEXPORT deflateInit2_(strm, level, method, windowBits, memLevel, strategy,
-+ version, stream_size)
-+ z_streamp strm;
-+ int level;
-+ int method;
-+ int windowBits;
-+ int memLevel;
-+ int strategy;
-+ const char *version;
-+ int stream_size;
-+{
-+ deflate_state *s;
-+ int noheader = 0;
-+ static const char* my_version = ZLIB_VERSION;
-+
-+ ushf *overlay;
-+ /* We overlay pending_buf and d_buf+l_buf. This works since the average
-+ * output size for (length,distance) codes is <= 24 bits.
-+ */
-+
-+ if (version == Z_NULL || version[0] != my_version[0] ||
-+ stream_size != sizeof(z_stream)) {
-+ return Z_VERSION_ERROR;
-+ }
-+ if (strm == Z_NULL) return Z_STREAM_ERROR;
-+
-+ strm->msg = Z_NULL;
-+ if (strm->zalloc == Z_NULL) {
-+ return Z_STREAM_ERROR;
-+/* strm->zalloc = zcalloc;
-+ strm->opaque = (voidpf)0;*/
-+ }
-+ if (strm->zfree == Z_NULL) return Z_STREAM_ERROR; /* strm->zfree = zcfree; */
-+
-+ if (level == Z_DEFAULT_COMPRESSION) level = 6;
-+#ifdef FASTEST
-+ level = 1;
-+#endif
-+
-+ if (windowBits < 0) { /* undocumented feature: suppress zlib header */
-+ noheader = 1;
-+ windowBits = -windowBits;
-+ }
-+ if (memLevel < 1 || memLevel > MAX_MEM_LEVEL || method != Z_DEFLATED ||
-+ windowBits < 9 || windowBits > 15 || level < 0 || level > 9 ||
-+ strategy < 0 || strategy > Z_HUFFMAN_ONLY) {
-+ return Z_STREAM_ERROR;
-+ }
-+ s = (deflate_state *) ZALLOC(strm, 1, sizeof(deflate_state));
-+ if (s == Z_NULL) return Z_MEM_ERROR;
-+ strm->state = (struct internal_state FAR *)s;
-+ s->strm = strm;
-+
-+ s->noheader = noheader;
-+ s->w_bits = windowBits;
-+ s->w_size = 1 << s->w_bits;
-+ s->w_mask = s->w_size - 1;
-+
-+ s->hash_bits = memLevel + 7;
-+ s->hash_size = 1 << s->hash_bits;
-+ s->hash_mask = s->hash_size - 1;
-+ s->hash_shift = ((s->hash_bits+MIN_MATCH-1)/MIN_MATCH);
-+
-+ s->window = (Bytef *) ZALLOC(strm, s->w_size, 2*sizeof(Byte));
-+ s->prev = (Posf *) ZALLOC(strm, s->w_size, sizeof(Pos));
-+ s->head = (Posf *) ZALLOC(strm, s->hash_size, sizeof(Pos));
-+
-+ s->lit_bufsize = 1 << (memLevel + 6); /* 16K elements by default */
-+
-+ overlay = (ushf *) ZALLOC(strm, s->lit_bufsize, sizeof(ush)+2);
-+ s->pending_buf = (uchf *) overlay;
-+ s->pending_buf_size = (ulg)s->lit_bufsize * (sizeof(ush)+2L);
-+
-+ if (s->window == Z_NULL || s->prev == Z_NULL || s->head == Z_NULL ||
-+ s->pending_buf == Z_NULL) {
-+ strm->msg = ERR_MSG(Z_MEM_ERROR);
-+ deflateEnd (strm);
-+ return Z_MEM_ERROR;
-+ }
-+ s->d_buf = overlay + s->lit_bufsize/sizeof(ush);
-+ s->l_buf = s->pending_buf + (1+sizeof(ush))*s->lit_bufsize;
-+
-+ s->level = level;
-+ s->strategy = strategy;
-+ s->method = (Byte)method;
-+
-+ return deflateReset(strm);
-+}
-+
-+/* ========================================================================= */
-+int ZEXPORT deflateSetDictionary (strm, dictionary, dictLength)
-+ z_streamp strm;
-+ const Bytef *dictionary;
-+ uInt dictLength;
-+{
-+ deflate_state *s;
-+ uInt length = dictLength;
-+ uInt n;
-+ IPos hash_head = 0;
-+
-+ if (strm == Z_NULL || strm->state == Z_NULL || dictionary == Z_NULL ||
-+ strm->state->status != INIT_STATE) return Z_STREAM_ERROR;
-+
-+ s = strm->state;
-+ strm->adler = adler32(strm->adler, dictionary, dictLength);
-+
-+ if (length < MIN_MATCH) return Z_OK;
-+ if (length > MAX_DIST(s)) {
-+ length = MAX_DIST(s);
-+#ifndef USE_DICT_HEAD
-+ dictionary += dictLength - length; /* use the tail of the dictionary */
-+#endif
-+ }
-+ zmemcpy(s->window, dictionary, length);
-+ s->strstart = length;
-+ s->block_start = (long)length;
-+
-+ /* Insert all strings in the hash table (except for the last two bytes).
-+ * s->lookahead stays null, so s->ins_h will be recomputed at the next
-+ * call of fill_window.
-+ */
-+ s->ins_h = s->window[0];
-+ UPDATE_HASH(s, s->ins_h, s->window[1]);
-+ for (n = 0; n <= length - MIN_MATCH; n++) {
-+ INSERT_STRING(s, n, hash_head);
-+ }
-+ if (hash_head) hash_head = 0; /* to make compiler happy */
-+ return Z_OK;
-+}
-+
-+/* ========================================================================= */
-+int ZEXPORT deflateReset (strm)
-+ z_streamp strm;
-+{
-+ deflate_state *s;
-+
-+ if (strm == Z_NULL || strm->state == Z_NULL ||
-+ strm->zalloc == Z_NULL || strm->zfree == Z_NULL) return Z_STREAM_ERROR;
-+
-+ strm->total_in = strm->total_out = 0;
-+ strm->msg = Z_NULL; /* use zfree if we ever allocate msg dynamically */
-+ strm->data_type = Z_UNKNOWN;
-+
-+ s = (deflate_state *)strm->state;
-+ s->pending = 0;
-+ s->pending_out = s->pending_buf;
-+
-+ if (s->noheader < 0) {
-+ s->noheader = 0; /* was set to -1 by deflate(..., Z_FINISH); */
-+ }
-+ s->status = s->noheader ? BUSY_STATE : INIT_STATE;
-+ strm->adler = 1;
-+ s->last_flush = Z_NO_FLUSH;
-+
-+ _tr_init(s);
-+ lm_init(s);
-+
-+ return Z_OK;
-+}
-+
-+/* ========================================================================= */
-+int ZEXPORT deflateParams(strm, level, strategy)
-+ z_streamp strm;
-+ int level;
-+ int strategy;
-+{
-+ deflate_state *s;
-+ compress_func func;
-+ int err = Z_OK;
-+
-+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
-+ s = strm->state;
-+
-+ if (level == Z_DEFAULT_COMPRESSION) {
-+ level = 6;
-+ }
-+ if (level < 0 || level > 9 || strategy < 0 || strategy > Z_HUFFMAN_ONLY) {
-+ return Z_STREAM_ERROR;
-+ }
-+ func = configuration_table[s->level].func;
-+
-+ if (func != configuration_table[level].func && strm->total_in != 0) {
-+ /* Flush the last buffer: */
-+ err = deflate(strm, Z_PARTIAL_FLUSH);
-+ }
-+ if (s->level != level) {
-+ s->level = level;
-+ s->max_lazy_match = configuration_table[level].max_lazy;
-+ s->good_match = configuration_table[level].good_length;
-+ s->nice_match = configuration_table[level].nice_length;
-+ s->max_chain_length = configuration_table[level].max_chain;
-+ }
-+ s->strategy = strategy;
-+ return err;
-+}
-+
-+/* =========================================================================
-+ * Put a short in the pending buffer. The 16-bit value is put in MSB order.
-+ * IN assertion: the stream state is correct and there is enough room in
-+ * pending_buf.
-+ */
-+local void putShortMSB (s, b)
-+ deflate_state *s;
-+ uInt b;
-+{
-+ put_byte(s, (Byte)(b >> 8));
-+ put_byte(s, (Byte)(b & 0xff));
-+}
-+
-+/* =========================================================================
-+ * Flush as much pending output as possible. All deflate() output goes
-+ * through this function so some applications may wish to modify it
-+ * to avoid allocating a large strm->next_out buffer and copying into it.
-+ * (See also read_buf()).
-+ */
-+local void flush_pending(strm)
-+ z_streamp strm;
-+{
-+ unsigned len = strm->state->pending;
-+
-+ if (len > strm->avail_out) len = strm->avail_out;
-+ if (len == 0) return;
-+
-+ zmemcpy(strm->next_out, strm->state->pending_out, len);
-+ strm->next_out += len;
-+ strm->state->pending_out += len;
-+ strm->total_out += len;
-+ strm->avail_out -= len;
-+ strm->state->pending -= len;
-+ if (strm->state->pending == 0) {
-+ strm->state->pending_out = strm->state->pending_buf;
-+ }
-+}
-+
-+/* ========================================================================= */
-+int ZEXPORT deflate (strm, flush)
-+ z_streamp strm;
-+ int flush;
-+{
-+ int old_flush; /* value of flush param for previous deflate call */
-+ deflate_state *s;
-+
-+ if (strm == Z_NULL || strm->state == Z_NULL ||
-+ flush > Z_FINISH || flush < 0) {
-+ return Z_STREAM_ERROR;
-+ }
-+ s = strm->state;
-+
-+ if (strm->next_out == Z_NULL ||
-+ (strm->next_in == Z_NULL && strm->avail_in != 0) ||
-+ (s->status == FINISH_STATE && flush != Z_FINISH)) {
-+ ERR_RETURN(strm, Z_STREAM_ERROR);
-+ }
-+ if (strm->avail_out == 0) ERR_RETURN(strm, Z_BUF_ERROR);
-+
-+ s->strm = strm; /* just in case */
-+ old_flush = s->last_flush;
-+ s->last_flush = flush;
-+
-+ /* Write the zlib header */
-+ if (s->status == INIT_STATE) {
-+
-+ uInt header = (Z_DEFLATED + ((s->w_bits-8)<<4)) << 8;
-+ uInt level_flags = (s->level-1) >> 1;
-+
-+ if (level_flags > 3) level_flags = 3;
-+ header |= (level_flags << 6);
-+ if (s->strstart != 0) header |= PRESET_DICT;
-+ header += 31 - (header % 31);
-+
-+ s->status = BUSY_STATE;
-+ putShortMSB(s, header);
-+
-+ /* Save the adler32 of the preset dictionary: */
-+ if (s->strstart != 0) {
-+ putShortMSB(s, (uInt)(strm->adler >> 16));
-+ putShortMSB(s, (uInt)(strm->adler & 0xffff));
-+ }
-+ strm->adler = 1L;
-+ }
-+
-+ /* Flush as much pending output as possible */
-+ if (s->pending != 0) {
-+ flush_pending(strm);
-+ if (strm->avail_out == 0) {
-+ /* Since avail_out is 0, deflate will be called again with
-+ * more output space, but possibly with both pending and
-+ * avail_in equal to zero. There won't be anything to do,
-+ * but this is not an error situation so make sure we
-+ * return OK instead of BUF_ERROR at next call of deflate:
-+ */
-+ s->last_flush = -1;
-+ return Z_OK;
-+ }
-+
-+ /* Make sure there is something to do and avoid duplicate consecutive
-+ * flushes. For repeated and useless calls with Z_FINISH, we keep
-+ * returning Z_STREAM_END instead of Z_BUFF_ERROR.
-+ */
-+ } else if (strm->avail_in == 0 && flush <= old_flush &&
-+ flush != Z_FINISH) {
-+ ERR_RETURN(strm, Z_BUF_ERROR);
-+ }
-+
-+ /* User must not provide more input after the first FINISH: */
-+ if (s->status == FINISH_STATE && strm->avail_in != 0) {
-+ ERR_RETURN(strm, Z_BUF_ERROR);
-+ }
-+
-+ /* Start a new block or continue the current one.
-+ */
-+ if (strm->avail_in != 0 || s->lookahead != 0 ||
-+ (flush != Z_NO_FLUSH && s->status != FINISH_STATE)) {
-+ block_state bstate;
-+
-+ bstate = (*(configuration_table[s->level].func))(s, flush);
-+
-+ if (bstate == finish_started || bstate == finish_done) {
-+ s->status = FINISH_STATE;
-+ }
-+ if (bstate == need_more || bstate == finish_started) {
-+ if (strm->avail_out == 0) {
-+ s->last_flush = -1; /* avoid BUF_ERROR next call, see above */
-+ }
-+ return Z_OK;
-+ /* If flush != Z_NO_FLUSH && avail_out == 0, the next call
-+ * of deflate should use the same flush parameter to make sure
-+ * that the flush is complete. So we don't have to output an
-+ * empty block here, this will be done at next call. This also
-+ * ensures that for a very small output buffer, we emit at most
-+ * one empty block.
-+ */
-+ }
-+ if (bstate == block_done) {
-+ if (flush == Z_PARTIAL_FLUSH) {
-+ _tr_align(s);
-+ } else { /* FULL_FLUSH or SYNC_FLUSH */
-+ _tr_stored_block(s, (char*)0, 0L, 0);
-+ /* For a full flush, this empty block will be recognized
-+ * as a special marker by inflate_sync().
-+ */
-+ if (flush == Z_FULL_FLUSH) {
-+ CLEAR_HASH(s); /* forget history */
-+ }
-+ }
-+ flush_pending(strm);
-+ if (strm->avail_out == 0) {
-+ s->last_flush = -1; /* avoid BUF_ERROR at next call, see above */
-+ return Z_OK;
-+ }
-+ }
-+ }
-+ Assert(strm->avail_out > 0, "bug2");
-+
-+ if (flush != Z_FINISH) return Z_OK;
-+ if (s->noheader) return Z_STREAM_END;
-+
-+ /* Write the zlib trailer (adler32) */
-+ putShortMSB(s, (uInt)(strm->adler >> 16));
-+ putShortMSB(s, (uInt)(strm->adler & 0xffff));
-+ flush_pending(strm);
-+ /* If avail_out is zero, the application will call deflate again
-+ * to flush the rest.
-+ */
-+ s->noheader = -1; /* write the trailer only once! */
-+ return s->pending != 0 ? Z_OK : Z_STREAM_END;
-+}
-+
-+/* ========================================================================= */
-+int ZEXPORT deflateEnd (strm)
-+ z_streamp strm;
-+{
-+ int status;
-+
-+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
-+
-+ status = strm->state->status;
-+ if (status != INIT_STATE && status != BUSY_STATE &&
-+ status != FINISH_STATE) {
-+ return Z_STREAM_ERROR;
-+ }
-+
-+ /* Deallocate in reverse order of allocations: */
-+ TRY_FREE(strm, strm->state->pending_buf);
-+ TRY_FREE(strm, strm->state->head);
-+ TRY_FREE(strm, strm->state->prev);
-+ TRY_FREE(strm, strm->state->window);
-+
-+ ZFREE(strm, strm->state);
-+ strm->state = Z_NULL;
-+
-+ return status == BUSY_STATE ? Z_DATA_ERROR : Z_OK;
-+}
-+
-+/* =========================================================================
-+ * Copy the source state to the destination state.
-+ * To simplify the source, this is not supported for 16-bit MSDOS (which
-+ * doesn't have enough memory anyway to duplicate compression states).
-+ */
-+int ZEXPORT deflateCopy (dest, source)
-+ z_streamp dest;
-+ z_streamp source;
-+{
-+#ifdef MAXSEG_64K
-+ return Z_STREAM_ERROR;
-+#else
-+ deflate_state *ds;
-+ deflate_state *ss;
-+ ushf *overlay;
-+
-+
-+ if (source == Z_NULL || dest == Z_NULL || source->state == Z_NULL) {
-+ return Z_STREAM_ERROR;
-+ }
-+
-+ ss = source->state;
-+
-+ *dest = *source;
-+
-+ ds = (deflate_state *) ZALLOC(dest, 1, sizeof(deflate_state));
-+ if (ds == Z_NULL) return Z_MEM_ERROR;
-+ dest->state = (struct internal_state FAR *) ds;
-+ *ds = *ss;
-+ ds->strm = dest;
-+
-+ ds->window = (Bytef *) ZALLOC(dest, ds->w_size, 2*sizeof(Byte));
-+ ds->prev = (Posf *) ZALLOC(dest, ds->w_size, sizeof(Pos));
-+ ds->head = (Posf *) ZALLOC(dest, ds->hash_size, sizeof(Pos));
-+ overlay = (ushf *) ZALLOC(dest, ds->lit_bufsize, sizeof(ush)+2);
-+ ds->pending_buf = (uchf *) overlay;
-+
-+ if (ds->window == Z_NULL || ds->prev == Z_NULL || ds->head == Z_NULL ||
-+ ds->pending_buf == Z_NULL) {
-+ deflateEnd (dest);
-+ return Z_MEM_ERROR;
-+ }
-+ /* following zmemcpy do not work for 16-bit MSDOS */
-+ zmemcpy(ds->window, ss->window, ds->w_size * 2 * sizeof(Byte));
-+ zmemcpy(ds->prev, ss->prev, ds->w_size * sizeof(Pos));
-+ zmemcpy(ds->head, ss->head, ds->hash_size * sizeof(Pos));
-+ zmemcpy(ds->pending_buf, ss->pending_buf, (uInt)ds->pending_buf_size);
-+
-+ ds->pending_out = ds->pending_buf + (ss->pending_out - ss->pending_buf);
-+ ds->d_buf = overlay + ds->lit_bufsize/sizeof(ush);
-+ ds->l_buf = ds->pending_buf + (1+sizeof(ush))*ds->lit_bufsize;
-+
-+ ds->l_desc.dyn_tree = ds->dyn_ltree;
-+ ds->d_desc.dyn_tree = ds->dyn_dtree;
-+ ds->bl_desc.dyn_tree = ds->bl_tree;
-+
-+ return Z_OK;
-+#endif
-+}
-+
-+/* ===========================================================================
-+ * Read a new buffer from the current input stream, update the adler32
-+ * and total number of bytes read. All deflate() input goes through
-+ * this function so some applications may wish to modify it to avoid
-+ * allocating a large strm->next_in buffer and copying from it.
-+ * (See also flush_pending()).
-+ */
-+local int read_buf(strm, buf, size)
-+ z_streamp strm;
-+ Bytef *buf;
-+ unsigned size;
-+{
-+ unsigned len = strm->avail_in;
-+
-+ if (len > size) len = size;
-+ if (len == 0) return 0;
-+
-+ strm->avail_in -= len;
-+
-+ if (!strm->state->noheader) {
-+ strm->adler = adler32(strm->adler, strm->next_in, len);
-+ }
-+ zmemcpy(buf, strm->next_in, len);
-+ strm->next_in += len;
-+ strm->total_in += len;
-+
-+ return (int)len;
-+}
-+
-+/* ===========================================================================
-+ * Initialize the "longest match" routines for a new zlib stream
-+ */
-+local void lm_init (s)
-+ deflate_state *s;
-+{
-+ s->window_size = (ulg)2L*s->w_size;
-+
-+ CLEAR_HASH(s);
-+
-+ /* Set the default configuration parameters:
-+ */
-+ s->max_lazy_match = configuration_table[s->level].max_lazy;
-+ s->good_match = configuration_table[s->level].good_length;
-+ s->nice_match = configuration_table[s->level].nice_length;
-+ s->max_chain_length = configuration_table[s->level].max_chain;
-+
-+ s->strstart = 0;
-+ s->block_start = 0L;
-+ s->lookahead = 0;
-+ s->match_length = s->prev_length = MIN_MATCH-1;
-+ s->match_available = 0;
-+ s->ins_h = 0;
-+#ifdef ASMV
-+ match_init(); /* initialize the asm code */
-+#endif
-+}
-+
-+/* ===========================================================================
-+ * Set match_start to the longest match starting at the given string and
-+ * return its length. Matches shorter or equal to prev_length are discarded,
-+ * in which case the result is equal to prev_length and match_start is
-+ * garbage.
-+ * IN assertions: cur_match is the head of the hash chain for the current
-+ * string (strstart) and its distance is <= MAX_DIST, and prev_length >= 1
-+ * OUT assertion: the match length is not greater than s->lookahead.
-+ */
-+#ifndef ASMV
-+/* For 80x86 and 680x0, an optimized version will be provided in match.asm or
-+ * match.S. The code will be functionally equivalent.
-+ */
-+#ifndef FASTEST
-+local uInt longest_match(s, cur_match)
-+ deflate_state *s;
-+ IPos cur_match; /* current match */
-+{
-+ unsigned chain_length = s->max_chain_length;/* max hash chain length */
-+ register Bytef *scan = s->window + s->strstart; /* current string */
-+ register Bytef *match; /* matched string */
-+ register int len; /* length of current match */
-+ int best_len = s->prev_length; /* best match length so far */
-+ int nice_match = s->nice_match; /* stop if match long enough */
-+ IPos limit = s->strstart > (IPos)MAX_DIST(s) ?
-+ s->strstart - (IPos)MAX_DIST(s) : NIL;
-+ /* Stop when cur_match becomes <= limit. To simplify the code,
-+ * we prevent matches with the string of window index 0.
-+ */
-+ Posf *prev = s->prev;
-+ uInt wmask = s->w_mask;
-+
-+#ifdef UNALIGNED_OK
-+ /* Compare two bytes at a time. Note: this is not always beneficial.
-+ * Try with and without -DUNALIGNED_OK to check.
-+ */
-+ register Bytef *strend = s->window + s->strstart + MAX_MATCH - 1;
-+ register ush scan_start = *(ushf*)scan;
-+ register ush scan_end = *(ushf*)(scan+best_len-1);
-+#else
-+ register Bytef *strend = s->window + s->strstart + MAX_MATCH;
-+ register Byte scan_end1 = scan[best_len-1];
-+ register Byte scan_end = scan[best_len];
-+#endif
-+
-+ /* The code is optimized for HASH_BITS >= 8 and MAX_MATCH-2 multiple of 16.
-+ * It is easy to get rid of this optimization if necessary.
-+ */
-+ Assert(s->hash_bits >= 8 && MAX_MATCH == 258, "Code too clever");
-+
-+ /* Do not waste too much time if we already have a good match: */
-+ if (s->prev_length >= s->good_match) {
-+ chain_length >>= 2;
-+ }
-+ /* Do not look for matches beyond the end of the input. This is necessary
-+ * to make deflate deterministic.
-+ */
-+ if ((uInt)nice_match > s->lookahead) nice_match = s->lookahead;
-+
-+ Assert((ulg)s->strstart <= s->window_size-MIN_LOOKAHEAD, "need lookahead");
-+
-+ do {
-+ Assert(cur_match < s->strstart, "no future");
-+ match = s->window + cur_match;
-+
-+ /* Skip to next match if the match length cannot increase
-+ * or if the match length is less than 2:
-+ */
-+#if (defined(UNALIGNED_OK) && MAX_MATCH == 258)
-+ /* This code assumes sizeof(unsigned short) == 2. Do not use
-+ * UNALIGNED_OK if your compiler uses a different size.
-+ */
-+ if (*(ushf*)(match+best_len-1) != scan_end ||
-+ *(ushf*)match != scan_start) continue;
-+
-+ /* It is not necessary to compare scan[2] and match[2] since they are
-+ * always equal when the other bytes match, given that the hash keys
-+ * are equal and that HASH_BITS >= 8. Compare 2 bytes at a time at
-+ * strstart+3, +5, ... up to strstart+257. We check for insufficient
-+ * lookahead only every 4th comparison; the 128th check will be made
-+ * at strstart+257. If MAX_MATCH-2 is not a multiple of 8, it is
-+ * necessary to put more guard bytes at the end of the window, or
-+ * to check more often for insufficient lookahead.
-+ */
-+ Assert(scan[2] == match[2], "scan[2]?");
-+ scan++, match++;
-+ do {
-+ } while (*(ushf*)(scan+=2) == *(ushf*)(match+=2) &&
-+ *(ushf*)(scan+=2) == *(ushf*)(match+=2) &&
-+ *(ushf*)(scan+=2) == *(ushf*)(match+=2) &&
-+ *(ushf*)(scan+=2) == *(ushf*)(match+=2) &&
-+ scan < strend);
-+ /* The funny "do {}" generates better code on most compilers */
-+
-+ /* Here, scan <= window+strstart+257 */
-+ Assert(scan <= s->window+(unsigned)(s->window_size-1), "wild scan");
-+ if (*scan == *match) scan++;
-+
-+ len = (MAX_MATCH - 1) - (int)(strend-scan);
-+ scan = strend - (MAX_MATCH-1);
-+
-+#else /* UNALIGNED_OK */
-+
-+ if (match[best_len] != scan_end ||
-+ match[best_len-1] != scan_end1 ||
-+ *match != *scan ||
-+ *++match != scan[1]) continue;
-+
-+ /* The check at best_len-1 can be removed because it will be made
-+ * again later. (This heuristic is not always a win.)
-+ * It is not necessary to compare scan[2] and match[2] since they
-+ * are always equal when the other bytes match, given that
-+ * the hash keys are equal and that HASH_BITS >= 8.
-+ */
-+ scan += 2, match++;
-+ Assert(*scan == *match, "match[2]?");
-+
-+ /* We check for insufficient lookahead only every 8th comparison;
-+ * the 256th check will be made at strstart+258.
-+ */
-+ do {
-+ } while (*++scan == *++match && *++scan == *++match &&
-+ *++scan == *++match && *++scan == *++match &&
-+ *++scan == *++match && *++scan == *++match &&
-+ *++scan == *++match && *++scan == *++match &&
-+ scan < strend);
-+
-+ Assert(scan <= s->window+(unsigned)(s->window_size-1), "wild scan");
-+
-+ len = MAX_MATCH - (int)(strend - scan);
-+ scan = strend - MAX_MATCH;
-+
-+#endif /* UNALIGNED_OK */
-+
-+ if (len > best_len) {
-+ s->match_start = cur_match;
-+ best_len = len;
-+ if (len >= nice_match) break;
-+#ifdef UNALIGNED_OK
-+ scan_end = *(ushf*)(scan+best_len-1);
-+#else
-+ scan_end1 = scan[best_len-1];
-+ scan_end = scan[best_len];
-+#endif
-+ }
-+ } while ((cur_match = prev[cur_match & wmask]) > limit
-+ && --chain_length != 0);
-+
-+ if ((uInt)best_len <= s->lookahead) return (uInt)best_len;
-+ return s->lookahead;
-+}
-+
-+#else /* FASTEST */
-+/* ---------------------------------------------------------------------------
-+ * Optimized version for level == 1 only
-+ */
-+local uInt longest_match(s, cur_match)
-+ deflate_state *s;
-+ IPos cur_match; /* current match */
-+{
-+ register Bytef *scan = s->window + s->strstart; /* current string */
-+ register Bytef *match; /* matched string */
-+ register int len; /* length of current match */
-+ register Bytef *strend = s->window + s->strstart + MAX_MATCH;
-+
-+ /* The code is optimized for HASH_BITS >= 8 and MAX_MATCH-2 multiple of 16.
-+ * It is easy to get rid of this optimization if necessary.
-+ */
-+ Assert(s->hash_bits >= 8 && MAX_MATCH == 258, "Code too clever");
-+
-+ Assert((ulg)s->strstart <= s->window_size-MIN_LOOKAHEAD, "need lookahead");
-+
-+ Assert(cur_match < s->strstart, "no future");
-+
-+ match = s->window + cur_match;
-+
-+ /* Return failure if the match length is less than 2:
-+ */
-+ if (match[0] != scan[0] || match[1] != scan[1]) return MIN_MATCH-1;
-+
-+ /* The check at best_len-1 can be removed because it will be made
-+ * again later. (This heuristic is not always a win.)
-+ * It is not necessary to compare scan[2] and match[2] since they
-+ * are always equal when the other bytes match, given that
-+ * the hash keys are equal and that HASH_BITS >= 8.
-+ */
-+ scan += 2, match += 2;
-+ Assert(*scan == *match, "match[2]?");
-+
-+ /* We check for insufficient lookahead only every 8th comparison;
-+ * the 256th check will be made at strstart+258.
-+ */
-+ do {
-+ } while (*++scan == *++match && *++scan == *++match &&
-+ *++scan == *++match && *++scan == *++match &&
-+ *++scan == *++match && *++scan == *++match &&
-+ *++scan == *++match && *++scan == *++match &&
-+ scan < strend);
-+
-+ Assert(scan <= s->window+(unsigned)(s->window_size-1), "wild scan");
-+
-+ len = MAX_MATCH - (int)(strend - scan);
-+
-+ if (len < MIN_MATCH) return MIN_MATCH - 1;
-+
-+ s->match_start = cur_match;
-+ return len <= s->lookahead ? len : s->lookahead;
-+}
-+#endif /* FASTEST */
-+#endif /* ASMV */
-+
-+#ifdef DEBUG
-+/* ===========================================================================
-+ * Check that the match at match_start is indeed a match.
-+ */
-+local void check_match(s, start, match, length)
-+ deflate_state *s;
-+ IPos start, match;
-+ int length;
-+{
-+ /* check that the match is indeed a match */
-+ if (zmemcmp(s->window + match,
-+ s->window + start, length) != EQUAL) {
-+ fprintf(stderr, " start %u, match %u, length %d\n",
-+ start, match, length);
-+ do {
-+ fprintf(stderr, "%c%c", s->window[match++], s->window[start++]);
-+ } while (--length != 0);
-+ z_error("invalid match");
-+ }
-+ if (z_verbose > 1) {
-+ fprintf(stderr,"\\[%d,%d]", start-match, length);
-+ do { putc(s->window[start++], stderr); } while (--length != 0);
-+ }
-+}
-+#else
-+# define check_match(s, start, match, length)
-+#endif
-+
-+/* ===========================================================================
-+ * Fill the window when the lookahead becomes insufficient.
-+ * Updates strstart and lookahead.
-+ *
-+ * IN assertion: lookahead < MIN_LOOKAHEAD
-+ * OUT assertions: strstart <= window_size-MIN_LOOKAHEAD
-+ * At least one byte has been read, or avail_in == 0; reads are
-+ * performed for at least two bytes (required for the zip translate_eol
-+ * option -- not supported here).
-+ */
-+local void fill_window(s)
-+ deflate_state *s;
-+{
-+ register unsigned n, m;
-+ register Posf *p;
-+ unsigned more; /* Amount of free space at the end of the window. */
-+ uInt wsize = s->w_size;
-+
-+ do {
-+ more = (unsigned)(s->window_size -(ulg)s->lookahead -(ulg)s->strstart);
-+
-+ /* Deal with !@#$% 64K limit: */
-+ if (more == 0 && s->strstart == 0 && s->lookahead == 0) {
-+ more = wsize;
-+
-+ } else if (more == (unsigned)(-1)) {
-+ /* Very unlikely, but possible on 16 bit machine if strstart == 0
-+ * and lookahead == 1 (input done one byte at time)
-+ */
-+ more--;
-+
-+ /* If the window is almost full and there is insufficient lookahead,
-+ * move the upper half to the lower one to make room in the upper half.
-+ */
-+ } else if (s->strstart >= wsize+MAX_DIST(s)) {
-+
-+ zmemcpy(s->window, s->window+wsize, (unsigned)wsize);
-+ s->match_start -= wsize;
-+ s->strstart -= wsize; /* we now have strstart >= MAX_DIST */
-+ s->block_start -= (long) wsize;
-+
-+ /* Slide the hash table (could be avoided with 32 bit values
-+ at the expense of memory usage). We slide even when level == 0
-+ to keep the hash table consistent if we switch back to level > 0
-+ later. (Using level 0 permanently is not an optimal usage of
-+ zlib, so we don't care about this pathological case.)
-+ */
-+ n = s->hash_size;
-+ p = &s->head[n];
-+ do {
-+ m = *--p;
-+ *p = (Pos)(m >= wsize ? m-wsize : NIL);
-+ } while (--n);
-+
-+ n = wsize;
-+#ifndef FASTEST
-+ p = &s->prev[n];
-+ do {
-+ m = *--p;
-+ *p = (Pos)(m >= wsize ? m-wsize : NIL);
-+ /* If n is not on any hash chain, prev[n] is garbage but
-+ * its value will never be used.
-+ */
-+ } while (--n);
-+#endif
-+ more += wsize;
-+ }
-+ if (s->strm->avail_in == 0) return;
-+
-+ /* If there was no sliding:
-+ * strstart <= WSIZE+MAX_DIST-1 && lookahead <= MIN_LOOKAHEAD - 1 &&
-+ * more == window_size - lookahead - strstart
-+ * => more >= window_size - (MIN_LOOKAHEAD-1 + WSIZE + MAX_DIST-1)
-+ * => more >= window_size - 2*WSIZE + 2
-+ * In the BIG_MEM or MMAP case (not yet supported),
-+ * window_size == input_size + MIN_LOOKAHEAD &&
-+ * strstart + s->lookahead <= input_size => more >= MIN_LOOKAHEAD.
-+ * Otherwise, window_size == 2*WSIZE so more >= 2.
-+ * If there was sliding, more >= WSIZE. So in all cases, more >= 2.
-+ */
-+ Assert(more >= 2, "more < 2");
-+
-+ n = read_buf(s->strm, s->window + s->strstart + s->lookahead, more);
-+ s->lookahead += n;
-+
-+ /* Initialize the hash value now that we have some input: */
-+ if (s->lookahead >= MIN_MATCH) {
-+ s->ins_h = s->window[s->strstart];
-+ UPDATE_HASH(s, s->ins_h, s->window[s->strstart+1]);
-+#if MIN_MATCH != 3
-+ Call UPDATE_HASH() MIN_MATCH-3 more times
-+#endif
-+ }
-+ /* If the whole input has less than MIN_MATCH bytes, ins_h is garbage,
-+ * but this is not important since only literal bytes will be emitted.
-+ */
-+
-+ } while (s->lookahead < MIN_LOOKAHEAD && s->strm->avail_in != 0);
-+}
-+
-+/* ===========================================================================
-+ * Flush the current block, with given end-of-file flag.
-+ * IN assertion: strstart is set to the end of the current match.
-+ */
-+#define FLUSH_BLOCK_ONLY(s, eof) { \
-+ _tr_flush_block(s, (s->block_start >= 0L ? \
-+ (charf *)&s->window[(unsigned)s->block_start] : \
-+ (charf *)Z_NULL), \
-+ (ulg)((long)s->strstart - s->block_start), \
-+ (eof)); \
-+ s->block_start = s->strstart; \
-+ flush_pending(s->strm); \
-+ Tracev((stderr,"[FLUSH]")); \
-+}
-+
-+/* Same but force premature exit if necessary. */
-+#define FLUSH_BLOCK(s, eof) { \
-+ FLUSH_BLOCK_ONLY(s, eof); \
-+ if (s->strm->avail_out == 0) return (eof) ? finish_started : need_more; \
-+}
-+
-+/* ===========================================================================
-+ * Copy without compression as much as possible from the input stream, return
-+ * the current block state.
-+ * This function does not insert new strings in the dictionary since
-+ * uncompressible data is probably not useful. This function is used
-+ * only for the level=0 compression option.
-+ * NOTE: this function should be optimized to avoid extra copying from
-+ * window to pending_buf.
-+ */
-+local block_state deflate_stored(s, flush)
-+ deflate_state *s;
-+ int flush;
-+{
-+ /* Stored blocks are limited to 0xffff bytes, pending_buf is limited
-+ * to pending_buf_size, and each stored block has a 5 byte header:
-+ */
-+ ulg max_block_size = 0xffff;
-+ ulg max_start;
-+
-+ if (max_block_size > s->pending_buf_size - 5) {
-+ max_block_size = s->pending_buf_size - 5;
-+ }
-+
-+ /* Copy as much as possible from input to output: */
-+ for (;;) {
-+ /* Fill the window as much as possible: */
-+ if (s->lookahead <= 1) {
-+
-+ Assert(s->strstart < s->w_size+MAX_DIST(s) ||
-+ s->block_start >= (long)s->w_size, "slide too late");
-+
-+ fill_window(s);
-+ if (s->lookahead == 0 && flush == Z_NO_FLUSH) return need_more;
-+
-+ if (s->lookahead == 0) break; /* flush the current block */
-+ }
-+ Assert(s->block_start >= 0L, "block gone");
-+
-+ s->strstart += s->lookahead;
-+ s->lookahead = 0;
-+
-+ /* Emit a stored block if pending_buf will be full: */
-+ max_start = s->block_start + max_block_size;
-+ if (s->strstart == 0 || (ulg)s->strstart >= max_start) {
-+ /* strstart == 0 is possible when wraparound on 16-bit machine */
-+ s->lookahead = (uInt)(s->strstart - max_start);
-+ s->strstart = (uInt)max_start;
-+ FLUSH_BLOCK(s, 0);
-+ }
-+ /* Flush if we may have to slide, otherwise block_start may become
-+ * negative and the data will be gone:
-+ */
-+ if (s->strstart - (uInt)s->block_start >= MAX_DIST(s)) {
-+ FLUSH_BLOCK(s, 0);
-+ }
-+ }
-+ FLUSH_BLOCK(s, flush == Z_FINISH);
-+ return flush == Z_FINISH ? finish_done : block_done;
-+}
-+
-+/* ===========================================================================
-+ * Compress as much as possible from the input stream, return the current
-+ * block state.
-+ * This function does not perform lazy evaluation of matches and inserts
-+ * new strings in the dictionary only for unmatched strings or for short
-+ * matches. It is used only for the fast compression options.
-+ */
-+local block_state deflate_fast(s, flush)
-+ deflate_state *s;
-+ int flush;
-+{
-+ IPos hash_head = NIL; /* head of the hash chain */
-+ int bflush; /* set if current block must be flushed */
-+
-+ for (;;) {
-+ /* Make sure that we always have enough lookahead, except
-+ * at the end of the input file. We need MAX_MATCH bytes
-+ * for the next match, plus MIN_MATCH bytes to insert the
-+ * string following the next match.
-+ */
-+ if (s->lookahead < MIN_LOOKAHEAD) {
-+ fill_window(s);
-+ if (s->lookahead < MIN_LOOKAHEAD && flush == Z_NO_FLUSH) {
-+ return need_more;
-+ }
-+ if (s->lookahead == 0) break; /* flush the current block */
-+ }
-+
-+ /* Insert the string window[strstart .. strstart+2] in the
-+ * dictionary, and set hash_head to the head of the hash chain:
-+ */
-+ if (s->lookahead >= MIN_MATCH) {
-+ INSERT_STRING(s, s->strstart, hash_head);
-+ }
-+
-+ /* Find the longest match, discarding those <= prev_length.
-+ * At this point we have always match_length < MIN_MATCH
-+ */
-+ if (hash_head != NIL && s->strstart - hash_head <= MAX_DIST(s)) {
-+ /* To simplify the code, we prevent matches with the string
-+ * of window index 0 (in particular we have to avoid a match
-+ * of the string with itself at the start of the input file).
-+ */
-+ if (s->strategy != Z_HUFFMAN_ONLY) {
-+ s->match_length = longest_match (s, hash_head);
-+ }
-+ /* longest_match() sets match_start */
-+ }
-+ if (s->match_length >= MIN_MATCH) {
-+ check_match(s, s->strstart, s->match_start, s->match_length);
-+
-+ _tr_tally_dist(s, s->strstart - s->match_start,
-+ s->match_length - MIN_MATCH, bflush);
-+
-+ s->lookahead -= s->match_length;
-+
-+ /* Insert new strings in the hash table only if the match length
-+ * is not too large. This saves time but degrades compression.
-+ */
-+#ifndef FASTEST
-+ if (s->match_length <= s->max_insert_length &&
-+ s->lookahead >= MIN_MATCH) {
-+ s->match_length--; /* string at strstart already in hash table */
-+ do {
-+ s->strstart++;
-+ INSERT_STRING(s, s->strstart, hash_head);
-+ /* strstart never exceeds WSIZE-MAX_MATCH, so there are
-+ * always MIN_MATCH bytes ahead.
-+ */
-+ } while (--s->match_length != 0);
-+ s->strstart++;
-+ } else
-+#endif
-+ {
-+ s->strstart += s->match_length;
-+ s->match_length = 0;
-+ s->ins_h = s->window[s->strstart];
-+ UPDATE_HASH(s, s->ins_h, s->window[s->strstart+1]);
-+#if MIN_MATCH != 3
-+ Call UPDATE_HASH() MIN_MATCH-3 more times
-+#endif
-+ /* If lookahead < MIN_MATCH, ins_h is garbage, but it does not
-+ * matter since it will be recomputed at next deflate call.
-+ */
-+ }
-+ } else {
-+ /* No match, output a literal byte */
-+ Tracevv((stderr,"%c", s->window[s->strstart]));
-+ _tr_tally_lit (s, s->window[s->strstart], bflush);
-+ s->lookahead--;
-+ s->strstart++;
-+ }
-+ if (bflush) FLUSH_BLOCK(s, 0);
-+ }
-+ FLUSH_BLOCK(s, flush == Z_FINISH);
-+ return flush == Z_FINISH ? finish_done : block_done;
-+}
-+
-+/* ===========================================================================
-+ * Same as above, but achieves better compression. We use a lazy
-+ * evaluation for matches: a match is finally adopted only if there is
-+ * no better match at the next window position.
-+ */
-+local block_state deflate_slow(s, flush)
-+ deflate_state *s;
-+ int flush;
-+{
-+ IPos hash_head = NIL; /* head of hash chain */
-+ int bflush; /* set if current block must be flushed */
-+
-+ /* Process the input block. */
-+ for (;;) {
-+ /* Make sure that we always have enough lookahead, except
-+ * at the end of the input file. We need MAX_MATCH bytes
-+ * for the next match, plus MIN_MATCH bytes to insert the
-+ * string following the next match.
-+ */
-+ if (s->lookahead < MIN_LOOKAHEAD) {
-+ fill_window(s);
-+ if (s->lookahead < MIN_LOOKAHEAD && flush == Z_NO_FLUSH) {
-+ return need_more;
-+ }
-+ if (s->lookahead == 0) break; /* flush the current block */
-+ }
-+
-+ /* Insert the string window[strstart .. strstart+2] in the
-+ * dictionary, and set hash_head to the head of the hash chain:
-+ */
-+ if (s->lookahead >= MIN_MATCH) {
-+ INSERT_STRING(s, s->strstart, hash_head);
-+ }
-+
-+ /* Find the longest match, discarding those <= prev_length.
-+ */
-+ s->prev_length = s->match_length, s->prev_match = s->match_start;
-+ s->match_length = MIN_MATCH-1;
-+
-+ if (hash_head != NIL && s->prev_length < s->max_lazy_match &&
-+ s->strstart - hash_head <= MAX_DIST(s)) {
-+ /* To simplify the code, we prevent matches with the string
-+ * of window index 0 (in particular we have to avoid a match
-+ * of the string with itself at the start of the input file).
-+ */
-+ if (s->strategy != Z_HUFFMAN_ONLY) {
-+ s->match_length = longest_match (s, hash_head);
-+ }
-+ /* longest_match() sets match_start */
-+
-+ if (s->match_length <= 5 && (s->strategy == Z_FILTERED ||
-+ (s->match_length == MIN_MATCH &&
-+ s->strstart - s->match_start > TOO_FAR))) {
-+
-+ /* If prev_match is also MIN_MATCH, match_start is garbage
-+ * but we will ignore the current match anyway.
-+ */
-+ s->match_length = MIN_MATCH-1;
-+ }
-+ }
-+ /* If there was a match at the previous step and the current
-+ * match is not better, output the previous match:
-+ */
-+ if (s->prev_length >= MIN_MATCH && s->match_length <= s->prev_length) {
-+ uInt max_insert = s->strstart + s->lookahead - MIN_MATCH;
-+ /* Do not insert strings in hash table beyond this. */
-+
-+ check_match(s, s->strstart-1, s->prev_match, s->prev_length);
-+
-+ _tr_tally_dist(s, s->strstart -1 - s->prev_match,
-+ s->prev_length - MIN_MATCH, bflush);
-+
-+ /* Insert in hash table all strings up to the end of the match.
-+ * strstart-1 and strstart are already inserted. If there is not
-+ * enough lookahead, the last two strings are not inserted in
-+ * the hash table.
-+ */
-+ s->lookahead -= s->prev_length-1;
-+ s->prev_length -= 2;
-+ do {
-+ if (++s->strstart <= max_insert) {
-+ INSERT_STRING(s, s->strstart, hash_head);
-+ }
-+ } while (--s->prev_length != 0);
-+ s->match_available = 0;
-+ s->match_length = MIN_MATCH-1;
-+ s->strstart++;
-+
-+ if (bflush) FLUSH_BLOCK(s, 0);
-+
-+ } else if (s->match_available) {
-+ /* If there was no match at the previous position, output a
-+ * single literal. If there was a match but the current match
-+ * is longer, truncate the previous match to a single literal.
-+ */
-+ Tracevv((stderr,"%c", s->window[s->strstart-1]));
-+ _tr_tally_lit(s, s->window[s->strstart-1], bflush);
-+ if (bflush) {
-+ FLUSH_BLOCK_ONLY(s, 0);
-+ }
-+ s->strstart++;
-+ s->lookahead--;
-+ if (s->strm->avail_out == 0) return need_more;
-+ } else {
-+ /* There is no previous match to compare with, wait for
-+ * the next step to decide.
-+ */
-+ s->match_available = 1;
-+ s->strstart++;
-+ s->lookahead--;
-+ }
-+ }
-+ Assert (flush != Z_NO_FLUSH, "no flush?");
-+ if (s->match_available) {
-+ Tracevv((stderr,"%c", s->window[s->strstart-1]));
-+ _tr_tally_lit(s, s->window[s->strstart-1], bflush);
-+ s->match_available = 0;
-+ }
-+ FLUSH_BLOCK(s, flush == Z_FINISH);
-+ return flush == Z_FINISH ? finish_done : block_done;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/deflate.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,318 @@
-+/* deflate.h -- internal compression state
-+ * Copyright (C) 1995-2002 Jean-loup Gailly
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+/* WARNING: this file should *not* be used by applications. It is
-+ part of the implementation of the compression library and is
-+ subject to change. Applications should only use zlib.h.
-+ */
-+
-+/* @(#) $Id: deflate.h,v 1.5 2004/07/10 07:48:38 mcr Exp $ */
-+
-+#ifndef _DEFLATE_H
-+#define _DEFLATE_H
-+
-+#include "zlib/zutil.h"
-+
-+/* ===========================================================================
-+ * Internal compression state.
-+ */
-+
-+#define LENGTH_CODES 29
-+/* number of length codes, not counting the special END_BLOCK code */
-+
-+#define LITERALS 256
-+/* number of literal bytes 0..255 */
-+
-+#define L_CODES (LITERALS+1+LENGTH_CODES)
-+/* number of Literal or Length codes, including the END_BLOCK code */
-+
-+#define D_CODES 30
-+/* number of distance codes */
-+
-+#define BL_CODES 19
-+/* number of codes used to transfer the bit lengths */
-+
-+#define HEAP_SIZE (2*L_CODES+1)
-+/* maximum heap size */
-+
-+#define MAX_BITS 15
-+/* All codes must not exceed MAX_BITS bits */
-+
-+#define INIT_STATE 42
-+#define BUSY_STATE 113
-+#define FINISH_STATE 666
-+/* Stream status */
-+
-+
-+/* Data structure describing a single value and its code string. */
-+typedef struct ct_data_s {
-+ union {
-+ ush freq; /* frequency count */
-+ ush code; /* bit string */
-+ } fc;
-+ union {
-+ ush dad; /* father node in Huffman tree */
-+ ush len; /* length of bit string */
-+ } dl;
-+} FAR ct_data;
-+
-+#define Freq fc.freq
-+#define Code fc.code
-+#define Dad dl.dad
-+#define Len dl.len
-+
-+typedef struct static_tree_desc_s static_tree_desc;
-+
-+typedef struct tree_desc_s {
-+ ct_data *dyn_tree; /* the dynamic tree */
-+ int max_code; /* largest code with non zero frequency */
-+ static_tree_desc *stat_desc; /* the corresponding static tree */
-+} FAR tree_desc;
-+
-+typedef ush Pos;
-+typedef Pos FAR Posf;
-+typedef unsigned IPos;
-+
-+/* A Pos is an index in the character window. We use short instead of int to
-+ * save space in the various tables. IPos is used only for parameter passing.
-+ */
-+
-+typedef struct internal_state {
-+ z_streamp strm; /* pointer back to this zlib stream */
-+ int status; /* as the name implies */
-+ Bytef *pending_buf; /* output still pending */
-+ ulg pending_buf_size; /* size of pending_buf */
-+ Bytef *pending_out; /* next pending byte to output to the stream */
-+ int pending; /* nb of bytes in the pending buffer */
-+ int noheader; /* suppress zlib header and adler32 */
-+ Byte data_type; /* UNKNOWN, BINARY or ASCII */
-+ Byte method; /* STORED (for zip only) or DEFLATED */
-+ int last_flush; /* value of flush param for previous deflate call */
-+
-+ /* used by deflate.c: */
-+
-+ uInt w_size; /* LZ77 window size (32K by default) */
-+ uInt w_bits; /* log2(w_size) (8..16) */
-+ uInt w_mask; /* w_size - 1 */
-+
-+ Bytef *window;
-+ /* Sliding window. Input bytes are read into the second half of the window,
-+ * and move to the first half later to keep a dictionary of at least wSize
-+ * bytes. With this organization, matches are limited to a distance of
-+ * wSize-MAX_MATCH bytes, but this ensures that IO is always
-+ * performed with a length multiple of the block size. Also, it limits
-+ * the window size to 64K, which is quite useful on MSDOS.
-+ * To do: use the user input buffer as sliding window.
-+ */
-+
-+ ulg window_size;
-+ /* Actual size of window: 2*wSize, except when the user input buffer
-+ * is directly used as sliding window.
-+ */
-+
-+ Posf *prev;
-+ /* Link to older string with same hash index. To limit the size of this
-+ * array to 64K, this link is maintained only for the last 32K strings.
-+ * An index in this array is thus a window index modulo 32K.
-+ */
-+
-+ Posf *head; /* Heads of the hash chains or NIL. */
-+
-+ uInt ins_h; /* hash index of string to be inserted */
-+ uInt hash_size; /* number of elements in hash table */
-+ uInt hash_bits; /* log2(hash_size) */
-+ uInt hash_mask; /* hash_size-1 */
-+
-+ uInt hash_shift;
-+ /* Number of bits by which ins_h must be shifted at each input
-+ * step. It must be such that after MIN_MATCH steps, the oldest
-+ * byte no longer takes part in the hash key, that is:
-+ * hash_shift * MIN_MATCH >= hash_bits
-+ */
-+
-+ long block_start;
-+ /* Window position at the beginning of the current output block. Gets
-+ * negative when the window is moved backwards.
-+ */
-+
-+ uInt match_length; /* length of best match */
-+ IPos prev_match; /* previous match */
-+ int match_available; /* set if previous match exists */
-+ uInt strstart; /* start of string to insert */
-+ uInt match_start; /* start of matching string */
-+ uInt lookahead; /* number of valid bytes ahead in window */
-+
-+ uInt prev_length;
-+ /* Length of the best match at previous step. Matches not greater than this
-+ * are discarded. This is used in the lazy match evaluation.
-+ */
-+
-+ uInt max_chain_length;
-+ /* To speed up deflation, hash chains are never searched beyond this
-+ * length. A higher limit improves compression ratio but degrades the
-+ * speed.
-+ */
-+
-+ uInt max_lazy_match;
-+ /* Attempt to find a better match only when the current match is strictly
-+ * smaller than this value. This mechanism is used only for compression
-+ * levels >= 4.
-+ */
-+# define max_insert_length max_lazy_match
-+ /* Insert new strings in the hash table only if the match length is not
-+ * greater than this length. This saves time but degrades compression.
-+ * max_insert_length is used only for compression levels <= 3.
-+ */
-+
-+ int level; /* compression level (1..9) */
-+ int strategy; /* favor or force Huffman coding*/
-+
-+ uInt good_match;
-+ /* Use a faster search when the previous match is longer than this */
-+
-+ int nice_match; /* Stop searching when current match exceeds this */
-+
-+ /* used by trees.c: */
-+ /* Didn't use ct_data typedef below to supress compiler warning */
-+ struct ct_data_s dyn_ltree[HEAP_SIZE]; /* literal and length tree */
-+ struct ct_data_s dyn_dtree[2*D_CODES+1]; /* distance tree */
-+ struct ct_data_s bl_tree[2*BL_CODES+1]; /* Huffman tree for bit lengths */
-+
-+ struct tree_desc_s l_desc; /* desc. for literal tree */
-+ struct tree_desc_s d_desc; /* desc. for distance tree */
-+ struct tree_desc_s bl_desc; /* desc. for bit length tree */
-+
-+ ush bl_count[MAX_BITS+1];
-+ /* number of codes at each bit length for an optimal tree */
-+
-+ int heap[2*L_CODES+1]; /* heap used to build the Huffman trees */
-+ int heap_len; /* number of elements in the heap */
-+ int heap_max; /* element of largest frequency */
-+ /* The sons of heap[n] are heap[2*n] and heap[2*n+1]. heap[0] is not used.
-+ * The same heap array is used to build all trees.
-+ */
-+
-+ uch depth[2*L_CODES+1];
-+ /* Depth of each subtree used as tie breaker for trees of equal frequency
-+ */
-+
-+ uchf *l_buf; /* buffer for literals or lengths */
-+
-+ uInt lit_bufsize;
-+ /* Size of match buffer for literals/lengths. There are 4 reasons for
-+ * limiting lit_bufsize to 64K:
-+ * - frequencies can be kept in 16 bit counters
-+ * - if compression is not successful for the first block, all input
-+ * data is still in the window so we can still emit a stored block even
-+ * when input comes from standard input. (This can also be done for
-+ * all blocks if lit_bufsize is not greater than 32K.)
-+ * - if compression is not successful for a file smaller than 64K, we can
-+ * even emit a stored file instead of a stored block (saving 5 bytes).
-+ * This is applicable only for zip (not gzip or zlib).
-+ * - creating new Huffman trees less frequently may not provide fast
-+ * adaptation to changes in the input data statistics. (Take for
-+ * example a binary file with poorly compressible code followed by
-+ * a highly compressible string table.) Smaller buffer sizes give
-+ * fast adaptation but have of course the overhead of transmitting
-+ * trees more frequently.
-+ * - I can't count above 4
-+ */
-+
-+ uInt last_lit; /* running index in l_buf */
-+
-+ ushf *d_buf;
-+ /* Buffer for distances. To simplify the code, d_buf and l_buf have
-+ * the same number of elements. To use different lengths, an extra flag
-+ * array would be necessary.
-+ */
-+
-+ ulg opt_len; /* bit length of current block with optimal trees */
-+ ulg static_len; /* bit length of current block with static trees */
-+ uInt matches; /* number of string matches in current block */
-+ int last_eob_len; /* bit length of EOB code for last block */
-+
-+#ifdef DEBUG
-+ ulg compressed_len; /* total bit length of compressed file mod 2^32 */
-+ ulg bits_sent; /* bit length of compressed data sent mod 2^32 */
-+#endif
-+
-+ ush bi_buf;
-+ /* Output buffer. bits are inserted starting at the bottom (least
-+ * significant bits).
-+ */
-+ int bi_valid;
-+ /* Number of valid bits in bi_buf. All bits above the last valid bit
-+ * are always zero.
-+ */
-+
-+} FAR deflate_state;
-+
-+/* Output a byte on the stream.
-+ * IN assertion: there is enough room in pending_buf.
-+ */
-+#define put_byte(s, c) {s->pending_buf[s->pending++] = (c);}
-+
-+
-+#define MIN_LOOKAHEAD (MAX_MATCH+MIN_MATCH+1)
-+/* Minimum amount of lookahead, except at the end of the input file.
-+ * See deflate.c for comments about the MIN_MATCH+1.
-+ */
-+
-+#define MAX_DIST(s) ((s)->w_size-MIN_LOOKAHEAD)
-+/* In order to simplify the code, particularly on 16 bit machines, match
-+ * distances are limited to MAX_DIST instead of WSIZE.
-+ */
-+
-+ /* in trees.c */
-+void _tr_init OF((deflate_state *s));
-+int _tr_tally OF((deflate_state *s, unsigned dist, unsigned lc));
-+void _tr_flush_block OF((deflate_state *s, charf *buf, ulg stored_len,
-+ int eof));
-+void _tr_align OF((deflate_state *s));
-+void _tr_stored_block OF((deflate_state *s, charf *buf, ulg stored_len,
-+ int eof));
-+
-+#define d_code(dist) \
-+ ((dist) < 256 ? _dist_code[dist] : _dist_code[256+((dist)>>7)])
-+/* Mapping from a distance to a distance code. dist is the distance - 1 and
-+ * must not have side effects. _dist_code[256] and _dist_code[257] are never
-+ * used.
-+ */
-+
-+#ifndef DEBUG
-+/* Inline versions of _tr_tally for speed: */
-+
-+#if defined(GEN_TREES_H) || !defined(STDC)
-+ extern uch _length_code[];
-+ extern uch _dist_code[];
-+#else
-+ extern const uch _length_code[];
-+ extern const uch _dist_code[];
-+#endif
-+
-+# define _tr_tally_lit(s, c, flush) \
-+ { uch cc = (c); \
-+ s->d_buf[s->last_lit] = 0; \
-+ s->l_buf[s->last_lit++] = cc; \
-+ s->dyn_ltree[cc].Freq++; \
-+ flush = (s->last_lit == s->lit_bufsize-1); \
-+ }
-+# define _tr_tally_dist(s, distance, length, flush) \
-+ { uch len = (length); \
-+ ush dist = (distance); \
-+ s->d_buf[s->last_lit] = dist; \
-+ s->l_buf[s->last_lit++] = len; \
-+ dist--; \
-+ s->dyn_ltree[_length_code[len]+LITERALS+1].Freq++; \
-+ s->dyn_dtree[d_code(dist)].Freq++; \
-+ flush = (s->last_lit == s->lit_bufsize-1); \
-+ }
-+#else
-+# define _tr_tally_lit(s, c, flush) flush = _tr_tally(s, 0, c)
-+# define _tr_tally_dist(s, distance, length, flush) \
-+ flush = _tr_tally(s, distance, length)
-+#endif
-+
-+#endif /* _DEFLATE_H */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/COPYRIGHT Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,50 @@
-+Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
-+All rights reserved.
-+
-+This package is an DES implementation written by Eric Young (eay@cryptsoft.com).
-+The implementation was written so as to conform with MIT's libdes.
-+
-+This library is free for commercial and non-commercial use as long as
-+the following conditions are aheared to. The following conditions
-+apply to all code found in this distribution.
-+
-+Copyright remains Eric Young's, and as such any Copyright notices in
-+the code are not to be removed.
-+If this package is used in a product, Eric Young should be given attribution
-+as the author of that the SSL library. This can be in the form of a textual
-+message at program startup or in documentation (online or textual) provided
-+with the package.
-+
-+Redistribution and use in source and binary forms, with or without
-+modification, are permitted provided that the following conditions
-+are met:
-+1. Redistributions of source code must retain the copyright
-+ notice, this list of conditions and the following disclaimer.
-+2. Redistributions in binary form must reproduce the above copyright
-+ notice, this list of conditions and the following disclaimer in the
-+ documentation and/or other materials provided with the distribution.
-+3. All advertising materials mentioning features or use of this software
-+ must display the following acknowledgement:
-+ This product includes software developed by Eric Young (eay@cryptsoft.com)
-+
-+THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-+ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-+OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-+LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-+OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-+SUCH DAMAGE.
-+
-+The license and distribution terms for any publically available version or
-+derivative of this code cannot be changed. i.e. this code cannot simply be
-+copied and put under another distrubution license
-+[including the GNU Public License.]
-+
-+The reason behind this being stated in this direct manner is past
-+experience in code simply being copied and the attribution removed
-+from it and then being distributed as part of other packages. This
-+implementation was a non-trivial and unpaid effort.
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/INSTALL Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,69 @@
-+Check the CC and CFLAGS lines in the makefile
-+
-+If your C library does not support the times(3) function, change the
-+#define TIMES to
-+#undef TIMES in speed.c
-+If it does, check the HZ value for the times(3) function.
-+If your system does not define CLK_TCK it will be assumed to
-+be 100.0.
-+
-+If possible use gcc v 2.7.?
-+Turn on the maximum optimising (normally '-O3 -fomit-frame-pointer' for gcc)
-+In recent times, some system compilers give better performace.
-+
-+type 'make'
-+
-+run './destest' to check things are ok.
-+run './rpw' to check the tty code for reading passwords works.
-+run './speed' to see how fast those optimisations make the library run :-)
-+run './des_opts' to determin the best compile time options.
-+
-+The output from des_opts should be put in the makefile options and des_enc.c
-+should be rebuilt. For 64 bit computers, do not use the DES_PTR option.
-+For the DEC Alpha, edit des.h and change DES_LONG to 'unsigned int'
-+and then you can use the 'DES_PTR' option.
-+
-+The file options.txt has the options listed for best speed on quite a
-+few systems. Look and the options (UNROLL, PTR, RISC2 etc) and then
-+turn on the relevent option in the Makefile
-+
-+There are some special Makefile targets that make life easier.
-+make cc - standard cc build
-+make gcc - standard gcc build
-+make x86-elf - x86 assembler (elf), linux-elf.
-+make x86-out - x86 assembler (a.out), FreeBSD
-+make x86-solaris- x86 assembler
-+make x86-bsdi - x86 assembler (a.out with primative assembler).
-+
-+If at all possible use the assembler (for Windows NT/95, use
-+asm/win32.obj to link with). The x86 assembler is very very fast.
-+
-+A make install will by default install
-+libdes.a in /usr/local/lib/libdes.a
-+des in /usr/local/bin/des
-+des_crypt.man in /usr/local/man/man3/des_crypt.3
-+des.man in /usr/local/man/man1/des.1
-+des.h in /usr/include/des.h
-+
-+des(1) should be compatible with sunOS's but I have been unable to
-+test it.
-+
-+These routines should compile on MSDOS, most 32bit and 64bit version
-+of Unix (BSD and SYSV) and VMS, without modification.
-+The only problems should be #include files that are in the wrong places.
-+
-+These routines can be compiled under MSDOS.
-+I have successfully encrypted files using des(1) under MSDOS and then
-+decrypted the files on a SparcStation.
-+I have been able to compile and test the routines with
-+Microsoft C v 5.1 and Turbo C v 2.0.
-+The code in this library is in no way optimised for the 16bit
-+operation of MSDOS.
-+
-+When building for glibc, ignore all of the above and just unpack into
-+glibc-1.??/des and then gmake as per normal.
-+
-+As a final note on performace. Certain CPUs like sparcs and Alpha often give
-+a %10 speed difference depending on the link order. It is rather anoying
-+when one program reports 'x' DES encrypts a second and another reports
-+'x*0.9' the speed.
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/Makefile Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,63 @@
-+# Makefile for KLIPS kernel code as a module for 2.6 kernels
-+#
-+# Makefile for KLIPS kernel code as a module
-+# Copyright (C) 1998, 1999, 2000,2001 Richard Guy Briggs.
-+# Copyright (C) 2002-2004 Michael Richardson <mcr@freeswan.org>
-+#
-+# This program is free software; you can redistribute it and/or modify it
-+# under the terms of the GNU General Public License as published by the
-+# Free Software Foundation; either version 2 of the License, or (at your
-+# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+#
-+# This program is distributed in the hope that it will be useful, but
-+# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+# for more details.
-+#
-+# RCSID $Id: Makefile.fs2_6,v 1.2.2.1 2005/08/12 16:10:57 ken Exp $
-+#
-+# Note! Dependencies are done automagically by 'make dep', which also
-+# removes any old dependencies. DON'T put your own dependencies here
-+# unless it's something special (ie not a .c file).
-+#
-+
-+obj-$(CONFIG_KLIPS_ENC_3DES) += ipsec_alg_3des.o
-+obj-$(CONFIG_KLIPS_ENC_3DES) += cbc_enc.o
-+obj-$(CONFIG_KLIPS_ENC_3DES) += ecb_enc.o
-+obj-$(CONFIG_KLIPS_ENC_3DES) += set_key.o
-+
-+ifeq ($(strip ${SUBARCH}),)
-+SUBARCH:=${ARCH}
-+endif
-+
-+# the assembly version expects frame pointers, which are
-+# optional in many kernel builds. If you want speed, you should
-+# probably use cryptoapi code instead.
-+USEASSEMBLY=${SUBARCH}${CONFIG_FRAME_POINTER}
-+ifeq (${USEASSEMBLY},i386y)
-+obj-$(CONFIG_KLIPS_ENC_3DES) += dx86unix.o
-+else
-+obj-$(CONFIG_KLIPS_ENC_3DES) += des_enc.o
-+endif
-+
-+#
-+# $Log: Makefile.fs2_6,v $
-+# Revision 1.2.2.1 2005/08/12 16:10:57 ken
-+# do not use assembly code with there are no frame pointers
-+#
-+# Revision 1.3 2005/08/12 14:13:59 mcr
-+# do not use assembly code with there are no frame pointers,
-+# as it does not have the right linkages.
-+#
-+# Revision 1.2 2005/04/29 05:13:07 mcr
-+# 3DES algorithm code.
-+#
-+# Revision 1.1 2004/08/17 03:27:30 mcr
-+# klips 2.6 edits.
-+#
-+#
-+# Local Variables:
-+# compile-command: "(cd ../../.. && source umlsetup.sh && make -C ${POOLSPACE} module/ipsec.o)"
-+# End Variables:
-+#
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/README Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,54 @@
-+
-+ libdes, Version 4.01 10-Jan-97
-+
-+ Copyright (c) 1997, Eric Young
-+ All rights reserved.
-+
-+ This program is free software; you can redistribute it and/or modify
-+ it under the terms specified in COPYRIGHT.
-+
-+--
-+The primary ftp site for this library is
-+ftp://ftp.psy.uq.oz.au/pub/Crypto/DES/libdes-x.xx.tar.gz
-+libdes is now also shipped with SSLeay. Primary ftp site of
-+ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLeay-x.x.x.tar.gz
-+
-+The best way to build this library is to build it as part of SSLeay.
-+
-+This kit builds a DES encryption library and a DES encryption program.
-+It supports ecb, cbc, ofb, cfb, triple ecb, triple cbc, triple ofb,
-+triple cfb, desx, and MIT's pcbc encryption modes and also has a fast
-+implementation of crypt(3).
-+It contains support routines to read keys from a terminal,
-+generate a random key, generate a key from an arbitrary length string,
-+read/write encrypted data from/to a file descriptor.
-+
-+The implementation was written so as to conform with the manual entry
-+for the des_crypt(3) library routines from MIT's project Athena.
-+
-+destest should be run after compilation to test the des routines.
-+rpw should be run after compilation to test the read password routines.
-+The des program is a replacement for the sun des command. I believe it
-+conforms to the sun version.
-+
-+The Imakefile is setup for use in the kerberos distribution.
-+
-+These routines are best compiled with gcc or any other good
-+optimising compiler.
-+Just turn you optimiser up to the highest settings and run destest
-+after the build to make sure everything works.
-+
-+I believe these routines are close to the fastest and most portable DES
-+routines that use small lookup tables (4.5k) that are publicly available.
-+The fcrypt routine is faster than ufc's fcrypt (when compiling with
-+gcc2 -O2) on the sparc 2 (1410 vs 1270) but is not so good on other machines
-+(on a sun3/260 168 vs 336). It is a function of CPU on chip cache size.
-+[ 10-Jan-97 and a function of an incorrect speed testing program in
-+ ufc which gave much better test figures that reality ].
-+
-+It is worth noting that on sparc and Alpha CPUs, performance of the DES
-+library can vary by upto %10 due to the positioning of files after application
-+linkage.
-+
-+Eric Young (eay@cryptsoft.com)
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/README.freeswan Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,33 @@
-+The only changes the FreeS/WAN project has made to libdes-lite 4.04b are:
-+
-+We #ifdef-ed the declaration of DES_LONG in des.h, so it's more efficient
-+on the Alpha, instead of just noting the issue in a comment.
-+
-+We #ifdef-ed out the des_options() function in ecb_enc.c, because we don't
-+use it, and its call to sprintf() can cause subtle difficulties when KLIPS
-+is built as a module (depending on details of Linux configuration options).
-+
-+We changed some instances of CC=$(CC) in the Makefile to CC='$(CC)' to make
-+it cope better with Linux kernel Makefile stupidities, and took out an
-+explicit CC=gcc (unwise on systems with strange compilers).
-+
-+We deleted some references to <stdio.h> and <stdlib.h>, and a declaration
-+of one function found only in the full libdes (not in libdes-lite), to
-+avoid dragging in bits of stdio/stdlib unnecessarily. (Our thanks to Hans
-+Schultz for spotting this and pointing out the fixes.)
-+
-+We deleted a couple of .obj files in the asm subdirectory, which appear to
-+have been included in the original library by accident.
-+
-+We have added an include of our Makefile.inc file, to permit overriding
-+things like choice of compiler (although the libdes Makefile would
-+probably need some work to make this effective).
-+
-+
-+
-+Note that Eric Young is no longer at the email address listed in these
-+files, and is (alas) no longer working on free crypto software.
-+
-+
-+
-+This file is RCSID $Id: README.freeswan,v 1.12 2004/07/10 08:06:51 mcr Exp $
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/VERSION Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,406 @@
-+Version 4.04
-+ Fixed a few tests in destest. Also added x86 assember for
-+ des_ncbc_encrypt() which is the standard cbc mode function.
-+ This makes a very very large performace difference.
-+ Ariel Glenn ariel@columbia.edu reports that the terminal
-+ 'turn echo off' can return (errno == EINVAL) under solaris
-+ when redirection is used. So I now catch that as well as ENOTTY.
-+
-+
-+Version 4.03
-+ Left a static out of enc_write.c, which caused to buffer to be
-+ continiously malloc()ed. Does anyone use these functions? I keep
-+ on feeling like removing them since I only had these in there
-+ for a version of kerberised login. Anyway, this was pointed out
-+ by Theo de Raadt <deraadt@cvs.openbsd.org>
-+ The 'n' bit ofb code was wrong, it was not shifting the shift
-+ register. It worked correctly for n == 64. Thanks to
-+ Gigi Ankeny <Gigi.Ankeny@Eng.Sun.COM> for pointing this one out.
-+
-+Version 4.02
-+ I was doing 'if (memcmp(weak_keys[i],key,sizeof(key)) == 0)'
-+ when checking for weak keys which is wrong :-(, pointed out by
-+ Markus F.X.J. Oberhumer <markus.oberhumer@jk.uni-linz.ac.at>.
-+
-+Version 4.01
-+ Even faster inner loop in the DES assembler for x86 and a modification
-+ for IP/FP which is faster on x86. Both of these changes are
-+ from Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>. His
-+ changes make the assembler run %40 faster on a pentium. This is just
-+ a case of getting the instruction sequence 'just right'.
-+ All credit to 'Svend' :-)
-+ Quite a few special x86 'make' targets.
-+ A libdes-l (lite) distribution.
-+
-+Version 4.00
-+ After a bit of a pause, I'll up the major version number since this
-+ is mostly a performace release. I've added x86 assembler and
-+ added more options for performance. A %28 speedup for gcc
-+ on a pentium and the assembler is a %50 speedup.
-+ MIPS CPU's, sparc and Alpha are the main CPU's with speedups.
-+ Run des_opts to work out which options should be used.
-+ DES_RISC1/DES_RISC2 use alternative inner loops which use
-+ more registers but should give speedups on any CPU that does
-+ dual issue (pentium). DES_UNROLL unrolls the inner loop,
-+ which costs in code size.
-+
-+Version 3.26
-+ I've finally removed one of the shifts in D_ENCRYPT. This
-+ meant I've changed the des_SPtrans table (spr.h), the set_key()
-+ function and some things in des_enc.c. This has definitly
-+ made things faster :-). I've known about this one for some
-+ time but I've been too lazy to follow it up :-).
-+ Noticed that in the D_ENCRYPT() macro, we can just do L^=(..)^(..)^..
-+ instead of L^=((..)|(..)|(..).. This should save a register at
-+ least.
-+ Assember for x86. The file to replace is des_enc.c, which is replaced
-+ by one of the assembler files found in asm. Look at des/asm/readme
-+ for more info.
-+
-+ /* Modification to fcrypt so it can be compiled to support
-+ HPUX 10.x's long password format, define -DLONGCRYPT to use this.
-+ Thanks to Jens Kupferschmidt <bt1cu@hpboot.rz.uni-leipzig.de>. */
-+
-+ SIGWINCH case put in des_read_passwd() so the function does not
-+ 'exit' if this function is recieved.
-+
-+Version 3.25 17/07/96
-+ Modified read_pwd.c so that stdin can be read if not a tty.
-+ Thanks to Jeff Barber <jeffb@issl.atl.hp.com> for the patches.
-+ des_init_random_number_generator() shortened due to VMS linker
-+ limits.
-+ Added RSA's DESX cbc mode. It is a form of cbc encryption, with 2
-+ 8 byte quantites xored before and after encryption.
-+ des_xcbc_encryption() - the name is funny to preserve the des_
-+ prefix on all functions.
-+
-+Version 3.24 20/04/96
-+ The DES_PTR macro option checked and used by SSLeay configuration
-+
-+Version 3.23 11/04/96
-+ Added DES_LONG. If defined to 'unsigned int' on the DEC Alpha,
-+ it gives a %20 speedup :-)
-+ Fixed the problem with des.pl under perl5. The patches were
-+ sent by Ed Kubaitis (ejk@uiuc.edu).
-+ if fcrypt.c, changed values to handle illegal salt values the way
-+ normal crypt() implementations do. Some programs apparently use
-+ them :-(. The patch was sent by Bjorn Gronvall <bg@sics.se>
-+
-+Version 3.22 29/11/95
-+ Bug in des(1), an error with the uuencoding stuff when the
-+ 'data' is small, thanks to Geoff Keating <keagchon@mehta.anu.edu.au>
-+ for the patch.
-+
-+Version 3.21 22/11/95
-+ After some emailing back and forth with
-+ Colin Plumb <colin@nyx10.cs.du.edu>, I've tweaked a few things
-+ and in a future version I will probably put in some of the
-+ optimisation he suggested for use with the DES_USE_PTR option.
-+ Extra routines from Mark Murray <mark@grondar.za> for use in
-+ freeBSD. They mostly involve random number generation for use
-+ with kerberos. They involve evil machine specific system calls
-+ etc so I would normally suggest pushing this stuff into the
-+ application and/or using RAND_seed()/RAND_bytes() if you are
-+ using this DES library as part of SSLeay.
-+ Redone the read_pw() function so that it is cleaner and
-+ supports termios, thanks to Sameer Parekh <sameer@c2.org>
-+ for the initial patches for this.
-+ Renamed 3ecb_encrypt() to ecb3_encrypt(). This has been
-+ done just to make things more consistent.
-+ I have also now added triple DES versions of cfb and ofb.
-+
-+Version 3.20
-+ Damn, Damn, Damn, as pointed out by Mike_Spreitzer.PARC@xerox.com,
-+ my des_random_seed() function was only copying 4 bytes of the
-+ passed seed into the init structure. It is now fixed to copy 8.
-+ My own suggestion is to used something like MD5 :-)
-+
-+Version 3.19
-+ While looking at my code one day, I though, why do I keep on
-+ calling des_encrypt(in,out,ks,enc) when every function that
-+ calls it has in and out the same. So I dropped the 'out'
-+ parameter, people should not be using this function.
-+
-+Version 3.18 30/08/95
-+ Fixed a few bit with the distribution and the filenames.
-+ 3.17 had been munged via a move to DOS and back again.
-+ NO CODE CHANGES
-+
-+Version 3.17 14/07/95
-+ Fixed ede3 cbc which I had broken in 3.16. I have also
-+ removed some unneeded variables in 7-8 of the routines.
-+
-+Version 3.16 26/06/95
-+ Added des_encrypt2() which does not use IP/FP, used by triple
-+ des routines. Tweaked things a bit elsewhere. %13 speedup on
-+ sparc and %6 on a R4400 for ede3 cbc mode.
-+
-+Version 3.15 06/06/95
-+ Added des_ncbc_encrypt(), it is des_cbc mode except that it is
-+ 'normal' and copies the new iv value back over the top of the
-+ passed parameter.
-+ CHANGED des_ede3_cbc_encrypt() so that it too now overwrites
-+ the iv. THIS WILL BREAK EXISTING CODE, but since this function
-+ only new, I feel I can change it, not so with des_cbc_encrypt :-(.
-+ I need to update the documentation.
-+
-+Version 3.14 31/05/95
-+ New release upon the world, as part of my SSL implementation.
-+ New copyright and usage stuff. Basically free for all to use
-+ as long as you say it came from me :-)
-+
-+Version 3.13 31/05/95
-+ A fix in speed.c, if HZ is not defined, I set it to 100.0
-+ which is reasonable for most unixes except SunOS 4.x.
-+ I now have a #ifdef sun but timing for SunOS 4.x looked very
-+ good :-(. At my last job where I used SunOS 4.x, it was
-+ defined to be 60.0 (look at the old INSTALL documentation), at
-+ the last release had it changed to 100.0 since I now work with
-+ Solaris2 and SVR4 boxes.
-+ Thanks to Rory Chisholm <rchishol@math.ethz.ch> for pointing this
-+ one out.
-+
-+Version 3.12 08/05/95
-+ As pointed out by The Crypt Keeper <tck@bend.UCSD.EDU>,
-+ my D_ENCRYPT macro in crypt() had an un-necessary variable.
-+ It has been removed.
-+
-+Version 3.11 03/05/95
-+ Added des_ede3_cbc_encrypt() which is cbc mode des with 3 keys
-+ and one iv. It is a standard and I needed it for my SSL code.
-+ It makes more sense to use this for triple DES than
-+ 3cbc_encrypt(). I have also added (or should I say tested :-)
-+ cfb64_encrypt() which is cfb64 but it will encrypt a partial
-+ number of bytes - 3 bytes in 3 bytes out. Again this is for
-+ my SSL library, as a form of encryption to use with SSL
-+ telnet.
-+
-+Version 3.10 22/03/95
-+ Fixed a bug in 3cbc_encrypt() :-(. When making repeated calls
-+ to cbc3_encrypt, the 2 iv values that were being returned to
-+ be used in the next call were reversed :-(.
-+ Many thanks to Bill Wade <wade@Stoner.COM> for pointing out
-+ this error.
-+
-+Version 3.09 01/02/95
-+ Fixed des_random_key to far more random, it was rather feeble
-+ with regards to picking the initial seed. The problem was
-+ pointed out by Olaf Kirch <okir@monad.swb.de>.
-+
-+Version 3.08 14/12/94
-+ Added Makefile.PL so libdes can be built into perl5.
-+ Changed des_locl.h so RAND is always defined.
-+
-+Version 3.07 05/12/94
-+ Added GNUmake and stuff so the library can be build with
-+ glibc.
-+
-+Version 3.06 30/08/94
-+ Added rpc_enc.c which contains _des_crypt. This is for use in
-+ secure_rpc v 4.0
-+ Finally fixed the cfb_enc problems.
-+ Fixed a few parameter parsing bugs in des (-3 and -b), thanks
-+ to Rob McMillan <R.McMillan@its.gu.edu.au>
-+
-+Version 3.05 21/04/94
-+ for unsigned long l; gcc does not produce ((l>>34) == 0)
-+ This causes bugs in cfb_enc.
-+ Thanks to Hadmut Danisch <danisch@ira.uka.de>
-+
-+Version 3.04 20/04/94
-+ Added a version number to des.c and libdes.a
-+
-+Version 3.03 12/01/94
-+ Fixed a bug in non zero iv in 3cbc_enc.
-+
-+Version 3.02 29/10/93
-+ I now work in a place where there are 6+ architectures and 14+
-+ OS versions :-).
-+ Fixed TERMIO definition so the most sys V boxes will work :-)
-+
-+Release upon comp.sources.misc
-+Version 3.01 08/10/93
-+ Added des_3cbc_encrypt()
-+
-+Version 3.00 07/10/93
-+ Fixed up documentation.
-+ quad_cksum definitely compatible with MIT's now.
-+
-+Version 2.30 24/08/93
-+ Triple DES now defaults to triple cbc but can do triple ecb
-+ with the -b flag.
-+ Fixed some MSDOS uuen/uudecoding problems, thanks to
-+ Added prototypes.
-+
-+Version 2.22 29/06/93
-+ Fixed a bug in des_is_weak_key() which stopped it working :-(
-+ thanks to engineering@MorningStar.Com.
-+
-+Version 2.21 03/06/93
-+ des(1) with no arguments gives quite a bit of help.
-+ Added -c (generate ckecksum) flag to des(1).
-+ Added -3 (triple DES) flag to des(1).
-+ Added cfb and ofb routines to the library.
-+
-+Version 2.20 11/03/93
-+ Added -u (uuencode) flag to des(1).
-+ I have been playing with byte order in quad_cksum to make it
-+ compatible with MIT's version. All I can say is avid this
-+ function if possible since MIT's output is endian dependent.
-+
-+Version 2.12 14/10/92
-+ Added MSDOS specific macro in ecb_encrypt which gives a %70
-+ speed up when the code is compiled with turbo C.
-+
-+Version 2.11 12/10/92
-+ Speedup in set_key (recoding of PC-1)
-+ I now do it in 47 simple operations, down from 60.
-+ Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
-+ for motivating me to look for a faster system :-)
-+ The speedup is probably less that 1% but it is still 13
-+ instructions less :-).
-+
-+Version 2.10 06/10/92
-+ The code now works on the 64bit ETA10 and CRAY without modifications or
-+ #defines. I believe the code should work on any machine that
-+ defines long, int or short to be 8 bytes long.
-+ Thanks to Shabbir J. Safdar (shabby@mentor.cc.purdue.edu)
-+ for helping me fix the code to run on 64bit machines (he had
-+ access to an ETA10).
-+ Thanks also to John Fletcher <john_fletcher@lccmail.ocf.llnl.gov>
-+ for testing the routines on a CRAY.
-+ read_password.c has been renamed to read_passwd.c
-+ string_to_key.c has been renamed to string2key.c
-+
-+Version 2.00 14/09/92
-+ Made mods so that the library should work on 64bit CPU's.
-+ Removed all my uchar and ulong defs. To many different
-+ versions of unix define them in their header files in too many
-+ different combinations :-)
-+ IRIX - Sillicon Graphics mods (mostly in read_password.c).
-+ Thanks to Andrew Daviel (advax@erich.triumf.ca)
-+
-+Version 1.99 26/08/92
-+ Fixed a bug or 2 in enc_read.c
-+ Fixed a bug in enc_write.c
-+ Fixed a pseudo bug in fcrypt.c (very obscure).
-+
-+Version 1.98 31/07/92
-+ Support for the ETA10. This is a strange machine that defines
-+ longs and ints as 8 bytes and shorts as 4 bytes.
-+ Since I do evil things with long * that assume that they are 4
-+ bytes. Look in the Makefile for the option to compile for
-+ this machine. quad_cksum appears to have problems but I
-+ will don't have the time to fix it right now, and this is not
-+ a function that uses DES and so will not effect the main uses
-+ of the library.
-+
-+Version 1.97 20/05/92 eay
-+ Fixed the Imakefile and made some changes to des.h to fix some
-+ problems when building this package with Kerberos v 4.
-+
-+Version 1.96 18/05/92 eay
-+ Fixed a small bug in string_to_key() where problems could
-+ occur if des_check_key was set to true and the string
-+ generated a weak key.
-+
-+Patch2 posted to comp.sources.misc
-+Version 1.95 13/05/92 eay
-+ Added an alternative version of the D_ENCRYPT macro in
-+ ecb_encrypt and fcrypt. Depending on the compiler, one version or the
-+ other will be faster. This was inspired by
-+ Dana How <how@isl.stanford.edu>, and her pointers about doing the
-+ *(ulong *)((uchar *)ptr+(value&0xfc))
-+ vs
-+ ptr[value&0x3f]
-+ to stop the C compiler doing a <<2 to convert the long array index.
-+
-+Version 1.94 05/05/92 eay
-+ Fixed an incompatibility between my string_to_key and the MIT
-+ version. When the key is longer than 8 chars, I was wrapping
-+ with a different method. To use the old version, define
-+ OLD_STR_TO_KEY in the makefile. Thanks to
-+ viktor@newsu.shearson.com (Viktor Dukhovni).
-+
-+Version 1.93 28/04/92 eay
-+ Fixed the VMS mods so that echo is now turned off in
-+ read_password. Thanks again to brennan@coco.cchs.su.oz.AU.
-+ MSDOS support added. The routines can be compiled with
-+ Turbo C (v2.0) and MSC (v5.1). Make sure MSDOS is defined.
-+
-+Patch1 posted to comp.sources.misc
-+Version 1.92 13/04/92 eay
-+ Changed D_ENCRYPT so that the rotation of R occurs outside of
-+ the loop. This required rotating all the longs in sp.h (now
-+ called spr.h). Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
-+ speed.c has been changed so it will work without SIGALRM. If
-+ times(3) is not present it will try to use ftime() instead.
-+
-+Version 1.91 08/04/92 eay
-+ Added -E/-D options to des(1) so it can use string_to_key.
-+ Added SVR4 mods suggested by witr@rwwa.COM
-+ Added VMS mods suggested by brennan@coco.cchs.su.oz.AU. If
-+ anyone knows how to turn of tty echo in VMS please tell me or
-+ implement it yourself :-).
-+ Changed FILE *IN/*OUT to *DES_IN/*DES_OUT since it appears VMS
-+ does not like IN/OUT being used.
-+
-+Libdes posted to comp.sources.misc
-+Version 1.9 24/03/92 eay
-+ Now contains a fast small crypt replacement.
-+ Added des(1) command.
-+ Added des_rw_mode so people can use cbc encryption with
-+ enc_read and enc_write.
-+
-+Version 1.8 15/10/91 eay
-+ Bug in cbc_cksum.
-+ Many thanks to Keith Reynolds (keithr@sco.COM) for pointing this
-+ one out.
-+
-+Version 1.7 24/09/91 eay
-+ Fixed set_key :-)
-+ set_key is 4 times faster and takes less space.
-+ There are a few minor changes that could be made.
-+
-+Version 1.6 19/09/1991 eay
-+ Finally go IP and FP finished.
-+ Now I need to fix set_key.
-+ This version is quite a bit faster that 1.51
-+
-+Version 1.52 15/06/1991 eay
-+ 20% speedup in ecb_encrypt by changing the E bit selection
-+ to use 2 32bit words. This also required modification of the
-+ sp table. There is still a way to speedup the IP and IP-1
-+ (hints from outer@sq.com) still working on this one :-(.
-+
-+Version 1.51 07/06/1991 eay
-+ Faster des_encrypt by loop unrolling
-+ Fixed bug in quad_cksum.c (thanks to hughes@logos.ucs.indiana.edu)
-+
-+Version 1.50 28/05/1991 eay
-+ Optimised the code a bit more for the sparc. I have improved the
-+ speed of the inner des_encrypt by speeding up the initial and
-+ final permutations.
-+
-+Version 1.40 23/10/1990 eay
-+ Fixed des_random_key, it did not produce a random key :-(
-+
-+Version 1.30 2/10/1990 eay
-+ Have made des_quad_cksum the same as MIT's, the full package
-+ should be compatible with MIT's
-+ Have tested on a DECstation 3100
-+ Still need to fix des_set_key (make it faster).
-+ Does des_cbc_encrypts at 70.5k/sec on a 3100.
-+
-+Version 1.20 18/09/1990 eay
-+ Fixed byte order dependencies.
-+ Fixed (I hope) all the word alignment problems.
-+ Speedup in des_ecb_encrypt.
-+
-+Version 1.10 11/09/1990 eay
-+ Added des_enc_read and des_enc_write.
-+ Still need to fix des_quad_cksum.
-+ Still need to document des_enc_read and des_enc_write.
-+
-+Version 1.00 27/08/1990 eay
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/asm/des-586.pl Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,251 @@
-+#!/usr/local/bin/perl
-+#
-+# The inner loop instruction sequence and the IP/FP modifications are from
-+# Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>
-+#
-+
-+push(@INC,"perlasm","../../perlasm");
-+require "x86asm.pl";
-+require "cbc.pl";
-+require "desboth.pl";
-+
-+# base code is in microsft
-+# op dest, source
-+# format.
-+#
-+
-+&asm_init($ARGV[0],"des-586.pl");
-+
-+$L="edi";
-+$R="esi";
-+
-+&external_label("des_SPtrans");
-+&des_encrypt("des_encrypt",1);
-+&des_encrypt("des_encrypt2",0);
-+&des_encrypt3("des_encrypt3",1);
-+&des_encrypt3("des_decrypt3",0);
-+&cbc("des_ncbc_encrypt","des_encrypt","des_encrypt",0,4,5,3,5,-1);
-+&cbc("des_ede3_cbc_encrypt","des_encrypt3","des_decrypt3",0,6,7,3,4,5);
-+
-+&asm_finish();
-+
-+sub des_encrypt
-+ {
-+ local($name,$do_ip)=@_;
-+
-+ &function_begin_B($name,"EXTRN _des_SPtrans:DWORD");
-+
-+ &push("esi");
-+ &push("edi");
-+
-+ &comment("");
-+ &comment("Load the 2 words");
-+ $ks="ebp";
-+
-+ if ($do_ip)
-+ {
-+ &mov($R,&wparam(0));
-+ &xor( "ecx", "ecx" );
-+
-+ &push("ebx");
-+ &push("ebp");
-+
-+ &mov("eax",&DWP(0,$R,"",0));
-+ &mov("ebx",&wparam(2)); # get encrypt flag
-+ &mov($L,&DWP(4,$R,"",0));
-+ &comment("");
-+ &comment("IP");
-+ &IP_new("eax",$L,$R,3);
-+ }
-+ else
-+ {
-+ &mov("eax",&wparam(0));
-+ &xor( "ecx", "ecx" );
-+
-+ &push("ebx");
-+ &push("ebp");
-+
-+ &mov($R,&DWP(0,"eax","",0));
-+ &mov("ebx",&wparam(2)); # get encrypt flag
-+ &rotl($R,3);
-+ &mov($L,&DWP(4,"eax","",0));
-+ &rotl($L,3);
-+ }
-+
-+ &mov( $ks, &wparam(1) );
-+ &cmp("ebx","0");
-+ &je(&label("start_decrypt"));
-+
-+ for ($i=0; $i<16; $i+=2)
-+ {
-+ &comment("");
-+ &comment("Round $i");
-+ &D_ENCRYPT($i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
-+
-+ &comment("");
-+ &comment("Round ".sprintf("%d",$i+1));
-+ &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
-+ }
-+ &jmp(&label("end"));
-+
-+ &set_label("start_decrypt");
-+
-+ for ($i=15; $i>0; $i-=2)
-+ {
-+ &comment("");
-+ &comment("Round $i");
-+ &D_ENCRYPT(15-$i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
-+ &comment("");
-+ &comment("Round ".sprintf("%d",$i-1));
-+ &D_ENCRYPT(15-$i+1,$R,$L,($i-1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
-+ }
-+
-+ &set_label("end");
-+
-+ if ($do_ip)
-+ {
-+ &comment("");
-+ &comment("FP");
-+ &mov("edx",&wparam(0));
-+ &FP_new($L,$R,"eax",3);
-+
-+ &mov(&DWP(0,"edx","",0),"eax");
-+ &mov(&DWP(4,"edx","",0),$R);
-+ }
-+ else
-+ {
-+ &comment("");
-+ &comment("Fixup");
-+ &rotr($L,3); # r
-+ &mov("eax",&wparam(0));
-+ &rotr($R,3); # l
-+ &mov(&DWP(0,"eax","",0),$L);
-+ &mov(&DWP(4,"eax","",0),$R);
-+ }
-+
-+ &pop("ebp");
-+ &pop("ebx");
-+ &pop("edi");
-+ &pop("esi");
-+ &ret();
-+
-+ &function_end_B($name);
-+ }
-+
-+sub D_ENCRYPT
-+ {
-+ local($r,$L,$R,$S,$ks,$desSP,$u,$tmp1,$tmp2,$t)=@_;
-+
-+ &mov( $u, &DWP(&n2a($S*4),$ks,"",0));
-+ &xor( $tmp1, $tmp1);
-+ &mov( $t, &DWP(&n2a(($S+1)*4),$ks,"",0));
-+ &xor( $u, $R);
-+ &xor( $t, $R);
-+ &and( $u, "0xfcfcfcfc" );
-+ &and( $t, "0xcfcfcfcf" );
-+ &movb( &LB($tmp1), &LB($u) );
-+ &movb( &LB($tmp2), &HB($u) );
-+ &rotr( $t, 4 );
-+ &mov( $ks, &DWP(" $desSP",$tmp1,"",0));
-+ &movb( &LB($tmp1), &LB($t) );
-+ &xor( $L, $ks);
-+ &mov( $ks, &DWP("0x200+$desSP",$tmp2,"",0));
-+ &xor( $L, $ks); ######
-+ &movb( &LB($tmp2), &HB($t) );
-+ &shr( $u, 16);
-+ &mov( $ks, &DWP("0x100+$desSP",$tmp1,"",0));
-+ &xor( $L, $ks); ######
-+ &movb( &LB($tmp1), &HB($u) );
-+ &shr( $t, 16);
-+ &mov( $ks, &DWP("0x300+$desSP",$tmp2,"",0));
-+ &xor( $L, $ks);
-+ &mov( $ks, &wparam(1) );
-+ &movb( &LB($tmp2), &HB($t) );
-+ &and( $u, "0xff" );
-+ &and( $t, "0xff" );
-+ &mov( $tmp1, &DWP("0x600+$desSP",$tmp1,"",0));
-+ &xor( $L, $tmp1);
-+ &mov( $tmp1, &DWP("0x700+$desSP",$tmp2,"",0));
-+ &xor( $L, $tmp1);
-+ &mov( $tmp1, &DWP("0x400+$desSP",$u,"",0));
-+ &xor( $L, $tmp1);
-+ &mov( $tmp1, &DWP("0x500+$desSP",$t,"",0));
-+ &xor( $L, $tmp1);
-+ }
-+
-+sub n2a
-+ {
-+ sprintf("%d",$_[0]);
-+ }
-+
-+# now has a side affect of rotating $a by $shift
-+sub R_PERM_OP
-+ {
-+ local($a,$b,$tt,$shift,$mask,$last)=@_;
-+
-+ &rotl( $a, $shift ) if ($shift != 0);
-+ &mov( $tt, $a );
-+ &xor( $a, $b );
-+ &and( $a, $mask );
-+ if (!$last eq $b)
-+ {
-+ &xor( $b, $a );
-+ &xor( $tt, $a );
-+ }
-+ else
-+ {
-+ &xor( $tt, $a );
-+ &xor( $b, $a );
-+ }
-+ &comment("");
-+ }
-+
-+sub IP_new
-+ {
-+ local($l,$r,$tt,$lr)=@_;
-+
-+ &R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l);
-+ &R_PERM_OP($r,$tt,$l,20,"0xfff0000f",$l);
-+ &R_PERM_OP($l,$tt,$r,14,"0x33333333",$r);
-+ &R_PERM_OP($tt,$r,$l,22,"0x03fc03fc",$r);
-+ &R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r);
-+
-+ if ($lr != 3)
-+ {
-+ if (($lr-3) < 0)
-+ { &rotr($tt, 3-$lr); }
-+ else { &rotl($tt, $lr-3); }
-+ }
-+ if ($lr != 2)
-+ {
-+ if (($lr-2) < 0)
-+ { &rotr($r, 2-$lr); }
-+ else { &rotl($r, $lr-2); }
-+ }
-+ }
-+
-+sub FP_new
-+ {
-+ local($l,$r,$tt,$lr)=@_;
-+
-+ if ($lr != 2)
-+ {
-+ if (($lr-2) < 0)
-+ { &rotl($r, 2-$lr); }
-+ else { &rotr($r, $lr-2); }
-+ }
-+ if ($lr != 3)
-+ {
-+ if (($lr-3) < 0)
-+ { &rotl($l, 3-$lr); }
-+ else { &rotr($l, $lr-3); }
-+ }
-+
-+ &R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r);
-+ &R_PERM_OP($tt,$r,$l,23,"0x03fc03fc",$r);
-+ &R_PERM_OP($l,$r,$tt,10,"0x33333333",$l);
-+ &R_PERM_OP($r,$tt,$l,18,"0xfff0000f",$l);
-+ &R_PERM_OP($l,$tt,$r,12,"0xf0f0f0f0",$r);
-+ &rotr($tt , 4);
-+ }
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/asm/des686.pl Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,230 @@
-+#!/usr/local/bin/perl
-+
-+$prog="des686.pl";
-+
-+# base code is in microsft
-+# op dest, source
-+# format.
-+#
-+
-+# WILL NOT WORK ANYMORE WITH desboth.pl
-+require "desboth.pl";
-+
-+if ( ($ARGV[0] eq "elf"))
-+ { require "x86unix.pl"; }
-+elsif ( ($ARGV[0] eq "a.out"))
-+ { $aout=1; require "x86unix.pl"; }
-+elsif ( ($ARGV[0] eq "sol"))
-+ { $sol=1; require "x86unix.pl"; }
-+elsif ( ($ARGV[0] eq "cpp"))
-+ { $cpp=1; require "x86unix.pl"; }
-+elsif ( ($ARGV[0] eq "win32"))
-+ { require "x86ms.pl"; }
-+else
-+ {
-+ print STDERR <<"EOF";
-+Pick one target type from
-+ elf - linux, FreeBSD etc
-+ a.out - old linux
-+ sol - x86 solaris
-+ cpp - format so x86unix.cpp can be used
-+ win32 - Windows 95/Windows NT
-+EOF
-+ exit(1);
-+ }
-+
-+&comment("Don't even think of reading this code");
-+&comment("It was automatically generated by $prog");
-+&comment("Which is a perl program used to generate the x86 assember for");
-+&comment("any of elf, a.out, Win32, or Solaris");
-+&comment("It can be found in SSLeay 0.6.5+ or in libdes 3.26+");
-+&comment("eric <eay\@cryptsoft.com>");
-+&comment("");
-+
-+&file("dx86xxxx");
-+
-+$L="edi";
-+$R="esi";
-+
-+&des_encrypt("des_encrypt",1);
-+&des_encrypt("des_encrypt2",0);
-+
-+&des_encrypt3("des_encrypt3",1);
-+&des_encrypt3("des_decrypt3",0);
-+
-+&file_end();
-+
-+sub des_encrypt
-+ {
-+ local($name,$do_ip)=@_;
-+
-+ &function_begin($name,"EXTRN _des_SPtrans:DWORD");
-+
-+ &comment("");
-+ &comment("Load the 2 words");
-+ &mov("eax",&wparam(0));
-+ &mov($L,&DWP(0,"eax","",0));
-+ &mov($R,&DWP(4,"eax","",0));
-+
-+ $ksp=&wparam(1);
-+
-+ if ($do_ip)
-+ {
-+ &comment("");
-+ &comment("IP");
-+ &IP_new($L,$R,"eax");
-+ }
-+
-+ &comment("");
-+ &comment("fixup rotate");
-+ &rotl($R,3);
-+ &rotl($L,3);
-+ &exch($L,$R);
-+
-+ &comment("");
-+ &comment("load counter, key_schedule and enc flag");
-+ &mov("eax",&wparam(2)); # get encrypt flag
-+ &mov("ebp",&wparam(1)); # get ks
-+ &cmp("eax","0");
-+ &je(&label("start_decrypt"));
-+
-+ # encrypting part
-+
-+ for ($i=0; $i<16; $i+=2)
-+ {
-+ &comment("");
-+ &comment("Round $i");
-+ &D_ENCRYPT($L,$R,$i*2,"ebp","des_SPtrans","ecx","edx","eax","ebx");
-+
-+ &comment("");
-+ &comment("Round ".sprintf("%d",$i+1));
-+ &D_ENCRYPT($R,$L,($i+1)*2,"ebp","des_SPtrans","ecx","edx","eax","ebx");
-+ }
-+ &jmp(&label("end"));
-+
-+ &set_label("start_decrypt");
-+
-+ for ($i=15; $i>0; $i-=2)
-+ {
-+ &comment("");
-+ &comment("Round $i");
-+ &D_ENCRYPT($L,$R,$i*2,"ebp","des_SPtrans","ecx","edx","eax","ebx");
-+ &comment("");
-+ &comment("Round ".sprintf("%d",$i-1));
-+ &D_ENCRYPT($R,$L,($i-1)*2,"ebp","des_SPtrans","ecx","edx","eax","ebx");
-+ }
-+
-+ &set_label("end");
-+
-+ &comment("");
-+ &comment("Fixup");
-+ &rotr($L,3); # r
-+ &rotr($R,3); # l
-+
-+ if ($do_ip)
-+ {
-+ &comment("");
-+ &comment("FP");
-+ &FP_new($R,$L,"eax");
-+ }
-+
-+ &mov("eax",&wparam(0));
-+ &mov(&DWP(0,"eax","",0),$L);
-+ &mov(&DWP(4,"eax","",0),$R);
-+
-+ &function_end($name);
-+ }
-+
-+
-+# The logic is to load R into 2 registers and operate on both at the same time.
-+# We also load the 2 R's into 2 more registers so we can do the 'move word down a byte'
-+# while also masking the other copy and doing a lookup. We then also accumulate the
-+# L value in 2 registers then combine them at the end.
-+sub D_ENCRYPT
-+ {
-+ local($L,$R,$S,$ks,$desSP,$u,$t,$tmp1,$tmp2,$tmp3)=@_;
-+
-+ &mov( $u, &DWP(&n2a($S*4),$ks,"",0));
-+ &mov( $t, &DWP(&n2a(($S+1)*4),$ks,"",0));
-+ &xor( $u, $R );
-+ &xor( $t, $R );
-+ &rotr( $t, 4 );
-+
-+ # the numbers at the end of the line are origional instruction order
-+ &mov( $tmp2, $u ); # 1 2
-+ &mov( $tmp1, $t ); # 1 1
-+ &and( $tmp2, "0xfc" ); # 1 4
-+ &and( $tmp1, "0xfc" ); # 1 3
-+ &shr( $t, 8 ); # 1 5
-+ &xor( $L, &DWP("0x100+$desSP",$tmp1,"",0)); # 1 7
-+ &shr( $u, 8 ); # 1 6
-+ &mov( $tmp1, &DWP(" $desSP",$tmp2,"",0)); # 1 8
-+
-+ &mov( $tmp2, $u ); # 2 2
-+ &xor( $L, $tmp1 ); # 1 9
-+ &and( $tmp2, "0xfc" ); # 2 4
-+ &mov( $tmp1, $t ); # 2 1
-+ &and( $tmp1, "0xfc" ); # 2 3
-+ &shr( $t, 8 ); # 2 5
-+ &xor( $L, &DWP("0x300+$desSP",$tmp1,"",0)); # 2 7
-+ &shr( $u, 8 ); # 2 6
-+ &mov( $tmp1, &DWP("0x200+$desSP",$tmp2,"",0)); # 2 8
-+ &mov( $tmp2, $u ); # 3 2
-+
-+ &xor( $L, $tmp1 ); # 2 9
-+ &and( $tmp2, "0xfc" ); # 3 4
-+
-+ &mov( $tmp1, $t ); # 3 1
-+ &shr( $u, 8 ); # 3 6
-+ &and( $tmp1, "0xfc" ); # 3 3
-+ &shr( $t, 8 ); # 3 5
-+ &xor( $L, &DWP("0x500+$desSP",$tmp1,"",0)); # 3 7
-+ &mov( $tmp1, &DWP("0x400+$desSP",$tmp2,"",0)); # 3 8
-+
-+ &and( $t, "0xfc" ); # 4 1
-+ &xor( $L, $tmp1 ); # 3 9
-+
-+ &and( $u, "0xfc" ); # 4 2
-+ &xor( $L, &DWP("0x700+$desSP",$t,"",0)); # 4 3
-+ &xor( $L, &DWP("0x600+$desSP",$u,"",0)); # 4 4
-+ }
-+
-+sub PERM_OP
-+ {
-+ local($a,$b,$tt,$shift,$mask)=@_;
-+
-+ &mov( $tt, $a );
-+ &shr( $tt, $shift );
-+ &xor( $tt, $b );
-+ &and( $tt, $mask );
-+ &xor( $b, $tt );
-+ &shl( $tt, $shift );
-+ &xor( $a, $tt );
-+ }
-+
-+sub IP_new
-+ {
-+ local($l,$r,$tt)=@_;
-+
-+ &PERM_OP($r,$l,$tt, 4,"0x0f0f0f0f");
-+ &PERM_OP($l,$r,$tt,16,"0x0000ffff");
-+ &PERM_OP($r,$l,$tt, 2,"0x33333333");
-+ &PERM_OP($l,$r,$tt, 8,"0x00ff00ff");
-+ &PERM_OP($r,$l,$tt, 1,"0x55555555");
-+ }
-+
-+sub FP_new
-+ {
-+ local($l,$r,$tt)=@_;
-+
-+ &PERM_OP($l,$r,$tt, 1,"0x55555555");
-+ &PERM_OP($r,$l,$tt, 8,"0x00ff00ff");
-+ &PERM_OP($l,$r,$tt, 2,"0x33333333");
-+ &PERM_OP($r,$l,$tt,16,"0x0000ffff");
-+ &PERM_OP($l,$r,$tt, 4,"0x0f0f0f0f");
-+ }
-+
-+sub n2a
-+ {
-+ sprintf("%d",$_[0]);
-+ }
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/asm/desboth.pl Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,79 @@
-+#!/usr/local/bin/perl
-+
-+$L="edi";
-+$R="esi";
-+
-+sub des_encrypt3
-+ {
-+ local($name,$enc)=@_;
-+
-+ &function_begin_B($name,"");
-+ &push("ebx");
-+ &mov("ebx",&wparam(0));
-+
-+ &push("ebp");
-+ &push("esi");
-+
-+ &push("edi");
-+
-+ &comment("");
-+ &comment("Load the data words");
-+ &mov($L,&DWP(0,"ebx","",0));
-+ &mov($R,&DWP(4,"ebx","",0));
-+ &stack_push(3);
-+
-+ &comment("");
-+ &comment("IP");
-+ &IP_new($L,$R,"edx",0);
-+
-+ # put them back
-+
-+ if ($enc)
-+ {
-+ &mov(&DWP(4,"ebx","",0),$R);
-+ &mov("eax",&wparam(1));
-+ &mov(&DWP(0,"ebx","",0),"edx");
-+ &mov("edi",&wparam(2));
-+ &mov("esi",&wparam(3));
-+ }
-+ else
-+ {
-+ &mov(&DWP(4,"ebx","",0),$R);
-+ &mov("esi",&wparam(1));
-+ &mov(&DWP(0,"ebx","",0),"edx");
-+ &mov("edi",&wparam(2));
-+ &mov("eax",&wparam(3));
-+ }
-+ &mov(&swtmp(2), (($enc)?"1":"0"));
-+ &mov(&swtmp(1), "eax");
-+ &mov(&swtmp(0), "ebx");
-+ &call("des_encrypt2");
-+ &mov(&swtmp(2), (($enc)?"0":"1"));
-+ &mov(&swtmp(1), "edi");
-+ &mov(&swtmp(0), "ebx");
-+ &call("des_encrypt2");
-+ &mov(&swtmp(2), (($enc)?"1":"0"));
-+ &mov(&swtmp(1), "esi");
-+ &mov(&swtmp(0), "ebx");
-+ &call("des_encrypt2");
-+
-+ &stack_pop(3);
-+ &mov($L,&DWP(0,"ebx","",0));
-+ &mov($R,&DWP(4,"ebx","",0));
-+
-+ &comment("");
-+ &comment("FP");
-+ &FP_new($L,$R,"eax",0);
-+
-+ &mov(&DWP(0,"ebx","",0),"eax");
-+ &mov(&DWP(4,"ebx","",0),$R);
-+
-+ &pop("edi");
-+ &pop("esi");
-+ &pop("ebp");
-+ &pop("ebx");
-+ &ret();
-+ &function_end_B($name);
-+ }
-+
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/asm/readme Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,131 @@
-+First up, let me say I don't like writing in assembler. It is not portable,
-+dependant on the particular CPU architecture release and is generally a pig
-+to debug and get right. Having said that, the x86 architecture is probably
-+the most important for speed due to number of boxes and since
-+it appears to be the worst architecture to to get
-+good C compilers for. So due to this, I have lowered myself to do
-+assembler for the inner DES routines in libdes :-).
-+
-+The file to implement in assembler is des_enc.c. Replace the following
-+4 functions
-+des_encrypt(DES_LONG data[2],des_key_schedule ks, int encrypt);
-+des_encrypt2(DES_LONG data[2],des_key_schedule ks, int encrypt);
-+des_encrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3);
-+des_decrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3);
-+
-+They encrypt/decrypt the 64 bits held in 'data' using
-+the 'ks' key schedules. The only difference between the 4 functions is that
-+des_encrypt2() does not perform IP() or FP() on the data (this is an
-+optimization for when doing triple DES and des_encrypt3() and des_decrypt3()
-+perform triple des. The triple DES routines are in here because it does
-+make a big difference to have them located near the des_encrypt2 function
-+at link time..
-+
-+Now as we all know, there are lots of different operating systems running on
-+x86 boxes, and unfortunately they normally try to make sure their assembler
-+formating is not the same as the other peoples.
-+The 4 main formats I know of are
-+Microsoft Windows 95/Windows NT
-+Elf Includes Linux and FreeBSD(?).
-+a.out The older Linux.
-+Solaris Same as Elf but different comments :-(.
-+
-+Now I was not overly keen to write 4 different copies of the same code,
-+so I wrote a few perl routines to output the correct assembler, given
-+a target assembler type. This code is ugly and is just a hack.
-+The libraries are x86unix.pl and x86ms.pl.
-+des586.pl, des686.pl and des-som[23].pl are the programs to actually
-+generate the assembler.
-+
-+So to generate elf assembler
-+perl des-som3.pl elf >dx86-elf.s
-+For Windows 95/NT
-+perl des-som2.pl win32 >win32.asm
-+
-+[ update 4 Jan 1996 ]
-+I have added another way to do things.
-+perl des-som3.pl cpp >dx86-cpp.s
-+generates a file that will be included by dx86unix.cpp when it is compiled.
-+To build for elf, a.out, solaris, bsdi etc,
-+cc -E -DELF asm/dx86unix.cpp | as -o asm/dx86-elf.o
-+cc -E -DSOL asm/dx86unix.cpp | as -o asm/dx86-sol.o
-+cc -E -DOUT asm/dx86unix.cpp | as -o asm/dx86-out.o
-+cc -E -DBSDI asm/dx86unix.cpp | as -o asm/dx86bsdi.o
-+This was done to cut down the number of files in the distribution.
-+
-+Now the ugly part. I acquired my copy of Intels
-+"Optimization's For Intel's 32-Bit Processors" and found a few interesting
-+things. First, the aim of the exersize is to 'extract' one byte at a time
-+from a word and do an array lookup. This involves getting the byte from
-+the 4 locations in the word and moving it to a new word and doing the lookup.
-+The most obvious way to do this is
-+xor eax, eax # clear word
-+movb al, cl # get low byte
-+xor edi DWORD PTR 0x100+des_SP[eax] # xor in word
-+movb al, ch # get next byte
-+xor edi DWORD PTR 0x300+des_SP[eax] # xor in word
-+shr ecx 16
-+which seems ok. For the pentium, this system appears to be the best.
-+One has to do instruction interleaving to keep both functional units
-+operating, but it is basically very efficient.
-+
-+Now the crunch. When a full register is used after a partial write, eg.
-+mov al, cl
-+xor edi, DWORD PTR 0x100+des_SP[eax]
-+386 - 1 cycle stall
-+486 - 1 cycle stall
-+586 - 0 cycle stall
-+686 - at least 7 cycle stall (page 22 of the above mentioned document).
-+
-+So the technique that produces the best results on a pentium, according to
-+the documentation, will produce hideous results on a pentium pro.
-+
-+To get around this, des686.pl will generate code that is not as fast on
-+a pentium, should be very good on a pentium pro.
-+mov eax, ecx # copy word
-+shr ecx, 8 # line up next byte
-+and eax, 0fch # mask byte
-+xor edi DWORD PTR 0x100+des_SP[eax] # xor in array lookup
-+mov eax, ecx # get word
-+shr ecx 8 # line up next byte
-+and eax, 0fch # mask byte
-+xor edi DWORD PTR 0x300+des_SP[eax] # xor in array lookup
-+
-+Due to the execution units in the pentium, this actually works quite well.
-+For a pentium pro it should be very good. This is the type of output
-+Visual C++ generates.
-+
-+There is a third option. instead of using
-+mov al, ch
-+which is bad on the pentium pro, one may be able to use
-+movzx eax, ch
-+which may not incur the partial write penalty. On the pentium,
-+this instruction takes 4 cycles so is not worth using but on the
-+pentium pro it appears it may be worth while. I need access to one to
-+experiment :-).
-+
-+eric (20 Oct 1996)
-+
-+22 Nov 1996 - I have asked people to run the 2 different version on pentium
-+pros and it appears that the intel documentation is wrong. The
-+mov al,bh is still faster on a pentium pro, so just use the des586.pl
-+install des686.pl
-+
-+3 Dec 1996 - I added des_encrypt3/des_decrypt3 because I have moved these
-+functions into des_enc.c because it does make a massive performance
-+difference on some boxes to have the functions code located close to
-+the des_encrypt2() function.
-+
-+9 Jan 1997 - des-som2.pl is now the correct perl script to use for
-+pentiums. It contains an inner loop from
-+Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk> which does raw ecb DES calls at
-+273,000 per second. He had a previous version at 250,000 and the best
-+I was able to get was 203,000. The content has not changed, this is all
-+due to instruction sequencing (and actual instructions choice) which is able
-+to keep both functional units of the pentium going.
-+We may have lost the ugly register usage restrictions when x86 went 32 bit
-+but for the pentium it has been replaced by evil instruction ordering tricks.
-+
-+13 Jan 1997 - des-som3.pl, more optimizations from Svend Olaf.
-+raw DES at 281,000 per second on a pentium 100.
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/cbc_enc.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,135 @@
-+/* crypto/des/cbc_enc.c */
-+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
-+ * All rights reserved.
-+ *
-+ * This package is an SSL implementation written
-+ * by Eric Young (eay@cryptsoft.com).
-+ * The implementation was written so as to conform with Netscapes SSL.
-+ *
-+ * This library is free for commercial and non-commercial use as long as
-+ * the following conditions are aheared to. The following conditions
-+ * apply to all code found in this distribution, be it the RC4, RSA,
-+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
-+ * included with this distribution is covered by the same copyright terms
-+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
-+ *
-+ * Copyright remains Eric Young's, and as such any Copyright notices in
-+ * the code are not to be removed.
-+ * If this package is used in a product, Eric Young should be given attribution
-+ * as the author of the parts of the library used.
-+ * This can be in the form of a textual message at program startup or
-+ * in documentation (online or textual) provided with the package.
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions
-+ * are met:
-+ * 1. Redistributions of source code must retain the copyright
-+ * notice, this list of conditions and the following disclaimer.
-+ * 2. Redistributions in binary form must reproduce the above copyright
-+ * notice, this list of conditions and the following disclaimer in the
-+ * documentation and/or other materials provided with the distribution.
-+ * 3. All advertising materials mentioning features or use of this software
-+ * must display the following acknowledgement:
-+ * "This product includes cryptographic software written by
-+ * Eric Young (eay@cryptsoft.com)"
-+ * The word 'cryptographic' can be left out if the rouines from the library
-+ * being used are not cryptographic related :-).
-+ * 4. If you include any Windows specific code (or a derivative thereof) from
-+ * the apps directory (application code) you must include an acknowledgement:
-+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
-+ *
-+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-+ * SUCH DAMAGE.
-+ *
-+ * The licence and distribution terms for any publically available version or
-+ * derivative of this code cannot be changed. i.e. this code cannot simply be
-+ * copied and put under another distribution licence
-+ * [including the GNU Public Licence.]
-+ */
-+
-+#include "des/des_locl.h"
-+
-+void des_cbc_encrypt(input, output, length, schedule, ivec, enc)
-+des_cblock (*input);
-+des_cblock (*output);
-+long length;
-+des_key_schedule schedule;
-+des_cblock (*ivec);
-+int enc;
-+ {
-+ register DES_LONG tin0,tin1;
-+ register DES_LONG tout0,tout1,xor0,xor1;
-+ register unsigned char *in,*out;
-+ register long l=length;
-+ DES_LONG tin[2];
-+ unsigned char *iv;
-+
-+ in=(unsigned char *)input;
-+ out=(unsigned char *)output;
-+ iv=(unsigned char *)ivec;
-+
-+ if (enc)
-+ {
-+ c2l(iv,tout0);
-+ c2l(iv,tout1);
-+ for (l-=8; l>=0; l-=8)
-+ {
-+ c2l(in,tin0);
-+ c2l(in,tin1);
-+ tin0^=tout0; tin[0]=tin0;
-+ tin1^=tout1; tin[1]=tin1;
-+ des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
-+ tout0=tin[0]; l2c(tout0,out);
-+ tout1=tin[1]; l2c(tout1,out);
-+ }
-+ if (l != -8)
-+ {
-+ c2ln(in,tin0,tin1,l+8);
-+ tin0^=tout0; tin[0]=tin0;
-+ tin1^=tout1; tin[1]=tin1;
-+ des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
-+ tout0=tin[0]; l2c(tout0,out);
-+ tout1=tin[1]; l2c(tout1,out);
-+ }
-+ }
-+ else
-+ {
-+ c2l(iv,xor0);
-+ c2l(iv,xor1);
-+ for (l-=8; l>=0; l-=8)
-+ {
-+ c2l(in,tin0); tin[0]=tin0;
-+ c2l(in,tin1); tin[1]=tin1;
-+ des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
-+ tout0=tin[0]^xor0;
-+ tout1=tin[1]^xor1;
-+ l2c(tout0,out);
-+ l2c(tout1,out);
-+ xor0=tin0;
-+ xor1=tin1;
-+ }
-+ if (l != -8)
-+ {
-+ c2l(in,tin0); tin[0]=tin0;
-+ c2l(in,tin1); tin[1]=tin1;
-+ des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
-+ tout0=tin[0]^xor0;
-+ tout1=tin[1]^xor1;
-+ l2cn(tout0,tout1,out,l+8);
-+ /* xor0=tin0;
-+ xor1=tin1; */
-+ }
-+ }
-+ tin0=tin1=tout0=tout1=xor0=xor1=0;
-+ tin[0]=tin[1]=0;
-+ }
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/des.doc Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,505 @@
-+The DES library.
-+
-+Please note that this library was originally written to operate with
-+eBones, a version of Kerberos that had had encryption removed when it left
-+the USA and then put back in. As such there are some routines that I will
-+advise not using but they are still in the library for historical reasons.
-+For all calls that have an 'input' and 'output' variables, they can be the
-+same.
-+
-+This library requires the inclusion of 'des.h'.
-+
-+All of the encryption functions take what is called a des_key_schedule as an
-+argument. A des_key_schedule is an expanded form of the des key.
-+A des_key is 8 bytes of odd parity, the type used to hold the key is a
-+des_cblock. A des_cblock is an array of 8 bytes, often in this library
-+description I will refer to input bytes when the function specifies
-+des_cblock's as input or output, this just means that the variable should
-+be a multiple of 8 bytes.
-+
-+The define DES_ENCRYPT is passed to specify encryption, DES_DECRYPT to
-+specify decryption. The functions and global variable are as follows:
-+
-+int des_check_key;
-+ DES keys are supposed to be odd parity. If this variable is set to
-+ a non-zero value, des_set_key() will check that the key has odd
-+ parity and is not one of the known weak DES keys. By default this
-+ variable is turned off;
-+
-+void des_set_odd_parity(
-+des_cblock *key );
-+ This function takes a DES key (8 bytes) and sets the parity to odd.
-+
-+int des_is_weak_key(
-+des_cblock *key );
-+ This function returns a non-zero value if the DES key passed is a
-+ weak, DES key. If it is a weak key, don't use it, try a different
-+ one. If you are using 'random' keys, the chances of hitting a weak
-+ key are 1/2^52 so it is probably not worth checking for them.
-+
-+int des_set_key(
-+des_cblock *key,
-+des_key_schedule schedule);
-+ Des_set_key converts an 8 byte DES key into a des_key_schedule.
-+ A des_key_schedule is an expanded form of the key which is used to
-+ perform actual encryption. It can be regenerated from the DES key
-+ so it only needs to be kept when encryption or decryption is about
-+ to occur. Don't save or pass around des_key_schedule's since they
-+ are CPU architecture dependent, DES keys are not. If des_check_key
-+ is non zero, zero is returned if the key has the wrong parity or
-+ the key is a weak key, else 1 is returned.
-+
-+int des_key_sched(
-+des_cblock *key,
-+des_key_schedule schedule);
-+ An alternative name for des_set_key().
-+
-+int des_rw_mode; /* defaults to DES_PCBC_MODE */
-+ This flag holds either DES_CBC_MODE or DES_PCBC_MODE (default).
-+ This specifies the function to use in the enc_read() and enc_write()
-+ functions.
-+
-+void des_encrypt(
-+unsigned long *data,
-+des_key_schedule ks,
-+int enc);
-+ This is the DES encryption function that gets called by just about
-+ every other DES routine in the library. You should not use this
-+ function except to implement 'modes' of DES. I say this because the
-+ functions that call this routine do the conversion from 'char *' to
-+ long, and this needs to be done to make sure 'non-aligned' memory
-+ access do not occur. The characters are loaded 'little endian',
-+ have a look at my source code for more details on how I use this
-+ function.
-+ Data is a pointer to 2 unsigned long's and ks is the
-+ des_key_schedule to use. enc, is non zero specifies encryption,
-+ zero if decryption.
-+
-+void des_encrypt2(
-+unsigned long *data,
-+des_key_schedule ks,
-+int enc);
-+ This functions is the same as des_encrypt() except that the DES
-+ initial permutation (IP) and final permutation (FP) have been left
-+ out. As for des_encrypt(), you should not use this function.
-+ It is used by the routines in my library that implement triple DES.
-+ IP() des_encrypt2() des_encrypt2() des_encrypt2() FP() is the same
-+ as des_encrypt() des_encrypt() des_encrypt() except faster :-).
-+
-+void des_ecb_encrypt(
-+des_cblock *input,
-+des_cblock *output,
-+des_key_schedule ks,
-+int enc);
-+ This is the basic Electronic Code Book form of DES, the most basic
-+ form. Input is encrypted into output using the key represented by
-+ ks. If enc is non zero (DES_ENCRYPT), encryption occurs, otherwise
-+ decryption occurs. Input is 8 bytes long and output is 8 bytes.
-+ (the des_cblock structure is 8 chars).
-+
-+void des_ecb3_encrypt(
-+des_cblock *input,
-+des_cblock *output,
-+des_key_schedule ks1,
-+des_key_schedule ks2,
-+des_key_schedule ks3,
-+int enc);
-+ This is the 3 key EDE mode of ECB DES. What this means is that
-+ the 8 bytes of input is encrypted with ks1, decrypted with ks2 and
-+ then encrypted again with ks3, before being put into output;
-+ C=E(ks3,D(ks2,E(ks1,M))). There is a macro, des_ecb2_encrypt()
-+ that only takes 2 des_key_schedules that implements,
-+ C=E(ks1,D(ks2,E(ks1,M))) in that the final encrypt is done with ks1.
-+
-+void des_cbc_encrypt(
-+des_cblock *input,
-+des_cblock *output,
-+long length,
-+des_key_schedule ks,
-+des_cblock *ivec,
-+int enc);
-+ This routine implements DES in Cipher Block Chaining mode.
-+ Input, which should be a multiple of 8 bytes is encrypted
-+ (or decrypted) to output which will also be a multiple of 8 bytes.
-+ The number of bytes is in length (and from what I've said above,
-+ should be a multiple of 8). If length is not a multiple of 8, I'm
-+ not being held responsible :-). ivec is the initialisation vector.
-+ This function does not modify this variable. To correctly implement
-+ cbc mode, you need to do one of 2 things; copy the last 8 bytes of
-+ cipher text for use as the next ivec in your application,
-+ or use des_ncbc_encrypt().
-+ Only this routine has this problem with updating the ivec, all
-+ other routines that are implementing cbc mode update ivec.
-+
-+void des_ncbc_encrypt(
-+des_cblock *input,
-+des_cblock *output,
-+long length,
-+des_key_schedule sk,
-+des_cblock *ivec,
-+int enc);
-+ For historical reasons, des_cbc_encrypt() did not update the
-+ ivec with the value requires so that subsequent calls to
-+ des_cbc_encrypt() would 'chain'. This was needed so that the same
-+ 'length' values would not need to be used when decrypting.
-+ des_ncbc_encrypt() does the right thing. It is the same as
-+ des_cbc_encrypt accept that ivec is updates with the correct value
-+ to pass in subsequent calls to des_ncbc_encrypt(). I advise using
-+ des_ncbc_encrypt() instead of des_cbc_encrypt();
-+
-+void des_xcbc_encrypt(
-+des_cblock *input,
-+des_cblock *output,
-+long length,
-+des_key_schedule sk,
-+des_cblock *ivec,
-+des_cblock *inw,
-+des_cblock *outw,
-+int enc);
-+ This is RSA's DESX mode of DES. It uses inw and outw to
-+ 'whiten' the encryption. inw and outw are secret (unlike the iv)
-+ and are as such, part of the key. So the key is sort of 24 bytes.
-+ This is much better than cbc des.
-+
-+void des_3cbc_encrypt(
-+des_cblock *input,
-+des_cblock *output,
-+long length,
-+des_key_schedule sk1,
-+des_key_schedule sk2,
-+des_cblock *ivec1,
-+des_cblock *ivec2,
-+int enc);
-+ This function is flawed, do not use it. I have left it in the
-+ library because it is used in my des(1) program and will function
-+ correctly when used by des(1). If I removed the function, people
-+ could end up unable to decrypt files.
-+ This routine implements outer triple cbc encryption using 2 ks and
-+ 2 ivec's. Use des_ede2_cbc_encrypt() instead.
-+
-+void des_ede3_cbc_encrypt(
-+des_cblock *input,
-+des_cblock *output,
-+long length,
-+des_key_schedule ks1,
-+des_key_schedule ks2,
-+des_key_schedule ks3,
-+des_cblock *ivec,
-+int enc);
-+ This function implements inner triple CBC DES encryption with 3
-+ keys. What this means is that each 'DES' operation
-+ inside the cbc mode is really an C=E(ks3,D(ks2,E(ks1,M))).
-+ Again, this is cbc mode so an ivec is requires.
-+ This mode is used by SSL.
-+ There is also a des_ede2_cbc_encrypt() that only uses 2
-+ des_key_schedule's, the first being reused for the final
-+ encryption. C=E(ks1,D(ks2,E(ks1,M))). This form of triple DES
-+ is used by the RSAref library.
-+
-+void des_pcbc_encrypt(
-+des_cblock *input,
-+des_cblock *output,
-+long length,
-+des_key_schedule ks,
-+des_cblock *ivec,
-+int enc);
-+ This is Propagating Cipher Block Chaining mode of DES. It is used
-+ by Kerberos v4. It's parameters are the same as des_ncbc_encrypt().
-+
-+void des_cfb_encrypt(
-+unsigned char *in,
-+unsigned char *out,
-+int numbits,
-+long length,
-+des_key_schedule ks,
-+des_cblock *ivec,
-+int enc);
-+ Cipher Feedback Back mode of DES. This implementation 'feeds back'
-+ in numbit blocks. The input (and output) is in multiples of numbits
-+ bits. numbits should to be a multiple of 8 bits. Length is the
-+ number of bytes input. If numbits is not a multiple of 8 bits,
-+ the extra bits in the bytes will be considered padding. So if
-+ numbits is 12, for each 2 input bytes, the 4 high bits of the
-+ second byte will be ignored. So to encode 72 bits when using
-+ a numbits of 12 take 12 bytes. To encode 72 bits when using
-+ numbits of 9 will take 16 bytes. To encode 80 bits when using
-+ numbits of 16 will take 10 bytes. etc, etc. This padding will
-+ apply to both input and output.
-+
-+
-+void des_cfb64_encrypt(
-+unsigned char *in,
-+unsigned char *out,
-+long length,
-+des_key_schedule ks,
-+des_cblock *ivec,
-+int *num,
-+int enc);
-+ This is one of the more useful functions in this DES library, it
-+ implements CFB mode of DES with 64bit feedback. Why is this
-+ useful you ask? Because this routine will allow you to encrypt an
-+ arbitrary number of bytes, no 8 byte padding. Each call to this
-+ routine will encrypt the input bytes to output and then update ivec
-+ and num. num contains 'how far' we are though ivec. If this does
-+ not make much sense, read more about cfb mode of DES :-).
-+
-+void des_ede3_cfb64_encrypt(
-+unsigned char *in,
-+unsigned char *out,
-+long length,
-+des_key_schedule ks1,
-+des_key_schedule ks2,
-+des_key_schedule ks3,
-+des_cblock *ivec,
-+int *num,
-+int enc);
-+ Same as des_cfb64_encrypt() accept that the DES operation is
-+ triple DES. As usual, there is a macro for
-+ des_ede2_cfb64_encrypt() which reuses ks1.
-+
-+void des_ofb_encrypt(
-+unsigned char *in,
-+unsigned char *out,
-+int numbits,
-+long length,
-+des_key_schedule ks,
-+des_cblock *ivec);
-+ This is a implementation of Output Feed Back mode of DES. It is
-+ the same as des_cfb_encrypt() in that numbits is the size of the
-+ units dealt with during input and output (in bits).
-+
-+void des_ofb64_encrypt(
-+unsigned char *in,
-+unsigned char *out,
-+long length,
-+des_key_schedule ks,
-+des_cblock *ivec,
-+int *num);
-+ The same as des_cfb64_encrypt() except that it is Output Feed Back
-+ mode.
-+
-+void des_ede3_ofb64_encrypt(
-+unsigned char *in,
-+unsigned char *out,
-+long length,
-+des_key_schedule ks1,
-+des_key_schedule ks2,
-+des_key_schedule ks3,
-+des_cblock *ivec,
-+int *num);
-+ Same as des_ofb64_encrypt() accept that the DES operation is
-+ triple DES. As usual, there is a macro for
-+ des_ede2_ofb64_encrypt() which reuses ks1.
-+
-+int des_read_pw_string(
-+char *buf,
-+int length,
-+char *prompt,
-+int verify);
-+ This routine is used to get a password from the terminal with echo
-+ turned off. Buf is where the string will end up and length is the
-+ size of buf. Prompt is a string presented to the 'user' and if
-+ verify is set, the key is asked for twice and unless the 2 copies
-+ match, an error is returned. A return code of -1 indicates a
-+ system error, 1 failure due to use interaction, and 0 is success.
-+
-+unsigned long des_cbc_cksum(
-+des_cblock *input,
-+des_cblock *output,
-+long length,
-+des_key_schedule ks,
-+des_cblock *ivec);
-+ This function produces an 8 byte checksum from input that it puts in
-+ output and returns the last 4 bytes as a long. The checksum is
-+ generated via cbc mode of DES in which only the last 8 byes are
-+ kept. I would recommend not using this function but instead using
-+ the EVP_Digest routines, or at least using MD5 or SHA. This
-+ function is used by Kerberos v4 so that is why it stays in the
-+ library.
-+
-+char *des_fcrypt(
-+const char *buf,
-+const char *salt
-+char *ret);
-+ This is my fast version of the unix crypt(3) function. This version
-+ takes only a small amount of space relative to other fast
-+ crypt() implementations. This is different to the normal crypt
-+ in that the third parameter is the buffer that the return value
-+ is written into. It needs to be at least 14 bytes long. This
-+ function is thread safe, unlike the normal crypt.
-+
-+char *crypt(
-+const char *buf,
-+const char *salt);
-+ This function calls des_fcrypt() with a static array passed as the
-+ third parameter. This emulates the normal non-thread safe semantics
-+ of crypt(3).
-+
-+void des_string_to_key(
-+char *str,
-+des_cblock *key);
-+ This function takes str and converts it into a DES key. I would
-+ recommend using MD5 instead and use the first 8 bytes of output.
-+ When I wrote the first version of these routines back in 1990, MD5
-+ did not exist but I feel these routines are still sound. This
-+ routines is compatible with the one in MIT's libdes.
-+
-+void des_string_to_2keys(
-+char *str,
-+des_cblock *key1,
-+des_cblock *key2);
-+ This function takes str and converts it into 2 DES keys.
-+ I would recommend using MD5 and using the 16 bytes as the 2 keys.
-+ I have nothing against these 2 'string_to_key' routines, it's just
-+ that if you say that your encryption key is generated by using the
-+ 16 bytes of an MD5 hash, every-one knows how you generated your
-+ keys.
-+
-+int des_read_password(
-+des_cblock *key,
-+char *prompt,
-+int verify);
-+ This routine combines des_read_pw_string() with des_string_to_key().
-+
-+int des_read_2passwords(
-+des_cblock *key1,
-+des_cblock *key2,
-+char *prompt,
-+int verify);
-+ This routine combines des_read_pw_string() with des_string_to_2key().
-+
-+void des_random_seed(
-+des_cblock key);
-+ This routine sets a starting point for des_random_key().
-+
-+void des_random_key(
-+des_cblock ret);
-+ This function return a random key. Make sure to 'seed' the random
-+ number generator (with des_random_seed()) before using this function.
-+ I personally now use a MD5 based random number system.
-+
-+int des_enc_read(
-+int fd,
-+char *buf,
-+int len,
-+des_key_schedule ks,
-+des_cblock *iv);
-+ This function will write to a file descriptor the encrypted data
-+ from buf. This data will be preceded by a 4 byte 'byte count' and
-+ will be padded out to 8 bytes. The encryption is either CBC of
-+ PCBC depending on the value of des_rw_mode. If it is DES_PCBC_MODE,
-+ pcbc is used, if DES_CBC_MODE, cbc is used. The default is to use
-+ DES_PCBC_MODE.
-+
-+int des_enc_write(
-+int fd,
-+char *buf,
-+int len,
-+des_key_schedule ks,
-+des_cblock *iv);
-+ This routines read stuff written by des_enc_read() and decrypts it.
-+ I have used these routines quite a lot but I don't believe they are
-+ suitable for non-blocking io. If you are after a full
-+ authentication/encryption over networks, have a look at SSL instead.
-+
-+unsigned long des_quad_cksum(
-+des_cblock *input,
-+des_cblock *output,
-+long length,
-+int out_count,
-+des_cblock *seed);
-+ This is a function from Kerberos v4 that is not anything to do with
-+ DES but was needed. It is a cksum that is quicker to generate than
-+ des_cbc_cksum(); I personally would use MD5 routines now.
-+=====
-+Modes of DES
-+Quite a bit of the following information has been taken from
-+ AS 2805.5.2
-+ Australian Standard
-+ Electronic funds transfer - Requirements for interfaces,
-+ Part 5.2: Modes of operation for an n-bit block cipher algorithm
-+ Appendix A
-+
-+There are several different modes in which DES can be used, they are
-+as follows.
-+
-+Electronic Codebook Mode (ECB) (des_ecb_encrypt())
-+- 64 bits are enciphered at a time.
-+- The order of the blocks can be rearranged without detection.
-+- The same plaintext block always produces the same ciphertext block
-+ (for the same key) making it vulnerable to a 'dictionary attack'.
-+- An error will only affect one ciphertext block.
-+
-+Cipher Block Chaining Mode (CBC) (des_cbc_encrypt())
-+- a multiple of 64 bits are enciphered at a time.
-+- The CBC mode produces the same ciphertext whenever the same
-+ plaintext is encrypted using the same key and starting variable.
-+- The chaining operation makes the ciphertext blocks dependent on the
-+ current and all preceding plaintext blocks and therefore blocks can not
-+ be rearranged.
-+- The use of different starting variables prevents the same plaintext
-+ enciphering to the same ciphertext.
-+- An error will affect the current and the following ciphertext blocks.
-+
-+Cipher Feedback Mode (CFB) (des_cfb_encrypt())
-+- a number of bits (j) <= 64 are enciphered at a time.
-+- The CFB mode produces the same ciphertext whenever the same
-+ plaintext is encrypted using the same key and starting variable.
-+- The chaining operation makes the ciphertext variables dependent on the
-+ current and all preceding variables and therefore j-bit variables are
-+ chained together and can not be rearranged.
-+- The use of different starting variables prevents the same plaintext
-+ enciphering to the same ciphertext.
-+- The strength of the CFB mode depends on the size of k (maximal if
-+ j == k). In my implementation this is always the case.
-+- Selection of a small value for j will require more cycles through
-+ the encipherment algorithm per unit of plaintext and thus cause
-+ greater processing overheads.
-+- Only multiples of j bits can be enciphered.
-+- An error will affect the current and the following ciphertext variables.
-+
-+Output Feedback Mode (OFB) (des_ofb_encrypt())
-+- a number of bits (j) <= 64 are enciphered at a time.
-+- The OFB mode produces the same ciphertext whenever the same
-+ plaintext enciphered using the same key and starting variable. More
-+ over, in the OFB mode the same key stream is produced when the same
-+ key and start variable are used. Consequently, for security reasons
-+ a specific start variable should be used only once for a given key.
-+- The absence of chaining makes the OFB more vulnerable to specific attacks.
-+- The use of different start variables values prevents the same
-+ plaintext enciphering to the same ciphertext, by producing different
-+ key streams.
-+- Selection of a small value for j will require more cycles through
-+ the encipherment algorithm per unit of plaintext and thus cause
-+ greater processing overheads.
-+- Only multiples of j bits can be enciphered.
-+- OFB mode of operation does not extend ciphertext errors in the
-+ resultant plaintext output. Every bit error in the ciphertext causes
-+ only one bit to be in error in the deciphered plaintext.
-+- OFB mode is not self-synchronising. If the two operation of
-+ encipherment and decipherment get out of synchronism, the system needs
-+ to be re-initialised.
-+- Each re-initialisation should use a value of the start variable
-+ different from the start variable values used before with the same
-+ key. The reason for this is that an identical bit stream would be
-+ produced each time from the same parameters. This would be
-+ susceptible to a ' known plaintext' attack.
-+
-+Triple ECB Mode (des_ecb3_encrypt())
-+- Encrypt with key1, decrypt with key2 and encrypt with key3 again.
-+- As for ECB encryption but increases the key length to 168 bits.
-+ There are theoretic attacks that can be used that make the effective
-+ key length 112 bits, but this attack also requires 2^56 blocks of
-+ memory, not very likely, even for the NSA.
-+- If both keys are the same it is equivalent to encrypting once with
-+ just one key.
-+- If the first and last key are the same, the key length is 112 bits.
-+ There are attacks that could reduce the key space to 55 bit's but it
-+ requires 2^56 blocks of memory.
-+- If all 3 keys are the same, this is effectively the same as normal
-+ ecb mode.
-+
-+Triple CBC Mode (des_ede3_cbc_encrypt())
-+- Encrypt with key1, decrypt with key2 and then encrypt with key3.
-+- As for CBC encryption but increases the key length to 168 bits with
-+ the same restrictions as for triple ecb mode.
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/des_enc.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,502 @@
-+/* crypto/des/des_enc.c */
-+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
-+ * All rights reserved.
-+ *
-+ * This package is an SSL implementation written
-+ * by Eric Young (eay@cryptsoft.com).
-+ * The implementation was written so as to conform with Netscapes SSL.
-+ *
-+ * This library is free for commercial and non-commercial use as long as
-+ * the following conditions are aheared to. The following conditions
-+ * apply to all code found in this distribution, be it the RC4, RSA,
-+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
-+ * included with this distribution is covered by the same copyright terms
-+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
-+ *
-+ * Copyright remains Eric Young's, and as such any Copyright notices in
-+ * the code are not to be removed.
-+ * If this package is used in a product, Eric Young should be given attribution
-+ * as the author of the parts of the library used.
-+ * This can be in the form of a textual message at program startup or
-+ * in documentation (online or textual) provided with the package.
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions
-+ * are met:
-+ * 1. Redistributions of source code must retain the copyright
-+ * notice, this list of conditions and the following disclaimer.
-+ * 2. Redistributions in binary form must reproduce the above copyright
-+ * notice, this list of conditions and the following disclaimer in the
-+ * documentation and/or other materials provided with the distribution.
-+ * 3. All advertising materials mentioning features or use of this software
-+ * must display the following acknowledgement:
-+ * "This product includes cryptographic software written by
-+ * Eric Young (eay@cryptsoft.com)"
-+ * The word 'cryptographic' can be left out if the rouines from the library
-+ * being used are not cryptographic related :-).
-+ * 4. If you include any Windows specific code (or a derivative thereof) from
-+ * the apps directory (application code) you must include an acknowledgement:
-+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
-+ *
-+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-+ * SUCH DAMAGE.
-+ *
-+ * The licence and distribution terms for any publically available version or
-+ * derivative of this code cannot be changed. i.e. this code cannot simply be
-+ * copied and put under another distribution licence
-+ * [including the GNU Public Licence.]
-+ */
-+
-+#include "des/des_locl.h"
-+
-+void des_encrypt(data, ks, enc)
-+DES_LONG *data;
-+des_key_schedule ks;
-+int enc;
-+ {
-+ register DES_LONG l,r,t,u;
-+#ifdef DES_PTR
-+ register unsigned char *des_SP=(unsigned char *)des_SPtrans;
-+#endif
-+#ifndef DES_UNROLL
-+ register int i;
-+#endif
-+ register DES_LONG *s;
-+
-+ r=data[0];
-+ l=data[1];
-+
-+ IP(r,l);
-+ /* Things have been modified so that the initial rotate is
-+ * done outside the loop. This required the
-+ * des_SPtrans values in sp.h to be rotated 1 bit to the right.
-+ * One perl script later and things have a 5% speed up on a sparc2.
-+ * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
-+ * for pointing this out. */
-+ /* clear the top bits on machines with 8byte longs */
-+ /* shift left by 2 */
-+ r=ROTATE(r,29)&0xffffffffL;
-+ l=ROTATE(l,29)&0xffffffffL;
-+
-+ s=(DES_LONG *)ks;
-+ /* I don't know if it is worth the effort of loop unrolling the
-+ * inner loop */
-+ if (enc)
-+ {
-+#ifdef DES_UNROLL
-+ D_ENCRYPT(l,r, 0); /* 1 */
-+ D_ENCRYPT(r,l, 2); /* 2 */
-+ D_ENCRYPT(l,r, 4); /* 3 */
-+ D_ENCRYPT(r,l, 6); /* 4 */
-+ D_ENCRYPT(l,r, 8); /* 5 */
-+ D_ENCRYPT(r,l,10); /* 6 */
-+ D_ENCRYPT(l,r,12); /* 7 */
-+ D_ENCRYPT(r,l,14); /* 8 */
-+ D_ENCRYPT(l,r,16); /* 9 */
-+ D_ENCRYPT(r,l,18); /* 10 */
-+ D_ENCRYPT(l,r,20); /* 11 */
-+ D_ENCRYPT(r,l,22); /* 12 */
-+ D_ENCRYPT(l,r,24); /* 13 */
-+ D_ENCRYPT(r,l,26); /* 14 */
-+ D_ENCRYPT(l,r,28); /* 15 */
-+ D_ENCRYPT(r,l,30); /* 16 */
-+#else
-+ for (i=0; i<32; i+=8)
-+ {
-+ D_ENCRYPT(l,r,i+0); /* 1 */
-+ D_ENCRYPT(r,l,i+2); /* 2 */
-+ D_ENCRYPT(l,r,i+4); /* 3 */
-+ D_ENCRYPT(r,l,i+6); /* 4 */
-+ }
-+#endif
-+ }
-+ else
-+ {
-+#ifdef DES_UNROLL
-+ D_ENCRYPT(l,r,30); /* 16 */
-+ D_ENCRYPT(r,l,28); /* 15 */
-+ D_ENCRYPT(l,r,26); /* 14 */
-+ D_ENCRYPT(r,l,24); /* 13 */
-+ D_ENCRYPT(l,r,22); /* 12 */
-+ D_ENCRYPT(r,l,20); /* 11 */
-+ D_ENCRYPT(l,r,18); /* 10 */
-+ D_ENCRYPT(r,l,16); /* 9 */
-+ D_ENCRYPT(l,r,14); /* 8 */
-+ D_ENCRYPT(r,l,12); /* 7 */
-+ D_ENCRYPT(l,r,10); /* 6 */
-+ D_ENCRYPT(r,l, 8); /* 5 */
-+ D_ENCRYPT(l,r, 6); /* 4 */
-+ D_ENCRYPT(r,l, 4); /* 3 */
-+ D_ENCRYPT(l,r, 2); /* 2 */
-+ D_ENCRYPT(r,l, 0); /* 1 */
-+#else
-+ for (i=30; i>0; i-=8)
-+ {
-+ D_ENCRYPT(l,r,i-0); /* 16 */
-+ D_ENCRYPT(r,l,i-2); /* 15 */
-+ D_ENCRYPT(l,r,i-4); /* 14 */
-+ D_ENCRYPT(r,l,i-6); /* 13 */
-+ }
-+#endif
-+ }
-+
-+ /* rotate and clear the top bits on machines with 8byte longs */
-+ l=ROTATE(l,3)&0xffffffffL;
-+ r=ROTATE(r,3)&0xffffffffL;
-+
-+ FP(r,l);
-+ data[0]=l;
-+ data[1]=r;
-+ l=r=t=u=0;
-+ }
-+
-+void des_encrypt2(data, ks, enc)
-+DES_LONG *data;
-+des_key_schedule ks;
-+int enc;
-+ {
-+ register DES_LONG l,r,t,u;
-+#ifdef DES_PTR
-+ register unsigned char *des_SP=(unsigned char *)des_SPtrans;
-+#endif
-+#ifndef DES_UNROLL
-+ register int i;
-+#endif
-+ register DES_LONG *s;
-+
-+ r=data[0];
-+ l=data[1];
-+
-+ /* Things have been modified so that the initial rotate is
-+ * done outside the loop. This required the
-+ * des_SPtrans values in sp.h to be rotated 1 bit to the right.
-+ * One perl script later and things have a 5% speed up on a sparc2.
-+ * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
-+ * for pointing this out. */
-+ /* clear the top bits on machines with 8byte longs */
-+ r=ROTATE(r,29)&0xffffffffL;
-+ l=ROTATE(l,29)&0xffffffffL;
-+
-+ s=(DES_LONG *)ks;
-+ /* I don't know if it is worth the effort of loop unrolling the
-+ * inner loop */
-+ if (enc)
-+ {
-+#ifdef DES_UNROLL
-+ D_ENCRYPT(l,r, 0); /* 1 */
-+ D_ENCRYPT(r,l, 2); /* 2 */
-+ D_ENCRYPT(l,r, 4); /* 3 */
-+ D_ENCRYPT(r,l, 6); /* 4 */
-+ D_ENCRYPT(l,r, 8); /* 5 */
-+ D_ENCRYPT(r,l,10); /* 6 */
-+ D_ENCRYPT(l,r,12); /* 7 */
-+ D_ENCRYPT(r,l,14); /* 8 */
-+ D_ENCRYPT(l,r,16); /* 9 */
-+ D_ENCRYPT(r,l,18); /* 10 */
-+ D_ENCRYPT(l,r,20); /* 11 */
-+ D_ENCRYPT(r,l,22); /* 12 */
-+ D_ENCRYPT(l,r,24); /* 13 */
-+ D_ENCRYPT(r,l,26); /* 14 */
-+ D_ENCRYPT(l,r,28); /* 15 */
-+ D_ENCRYPT(r,l,30); /* 16 */
-+#else
-+ for (i=0; i<32; i+=8)
-+ {
-+ D_ENCRYPT(l,r,i+0); /* 1 */
-+ D_ENCRYPT(r,l,i+2); /* 2 */
-+ D_ENCRYPT(l,r,i+4); /* 3 */
-+ D_ENCRYPT(r,l,i+6); /* 4 */
-+ }
-+#endif
-+ }
-+ else
-+ {
-+#ifdef DES_UNROLL
-+ D_ENCRYPT(l,r,30); /* 16 */
-+ D_ENCRYPT(r,l,28); /* 15 */
-+ D_ENCRYPT(l,r,26); /* 14 */
-+ D_ENCRYPT(r,l,24); /* 13 */
-+ D_ENCRYPT(l,r,22); /* 12 */
-+ D_ENCRYPT(r,l,20); /* 11 */
-+ D_ENCRYPT(l,r,18); /* 10 */
-+ D_ENCRYPT(r,l,16); /* 9 */
-+ D_ENCRYPT(l,r,14); /* 8 */
-+ D_ENCRYPT(r,l,12); /* 7 */
-+ D_ENCRYPT(l,r,10); /* 6 */
-+ D_ENCRYPT(r,l, 8); /* 5 */
-+ D_ENCRYPT(l,r, 6); /* 4 */
-+ D_ENCRYPT(r,l, 4); /* 3 */
-+ D_ENCRYPT(l,r, 2); /* 2 */
-+ D_ENCRYPT(r,l, 0); /* 1 */
-+#else
-+ for (i=30; i>0; i-=8)
-+ {
-+ D_ENCRYPT(l,r,i-0); /* 16 */
-+ D_ENCRYPT(r,l,i-2); /* 15 */
-+ D_ENCRYPT(l,r,i-4); /* 14 */
-+ D_ENCRYPT(r,l,i-6); /* 13 */
-+ }
-+#endif
-+ }
-+ /* rotate and clear the top bits on machines with 8byte longs */
-+ data[0]=ROTATE(l,3)&0xffffffffL;
-+ data[1]=ROTATE(r,3)&0xffffffffL;
-+ l=r=t=u=0;
-+ }
-+
-+void des_encrypt3(data,ks1,ks2,ks3)
-+DES_LONG *data;
-+des_key_schedule ks1;
-+des_key_schedule ks2;
-+des_key_schedule ks3;
-+ {
-+ register DES_LONG l,r;
-+
-+ l=data[0];
-+ r=data[1];
-+ IP(l,r);
-+ data[0]=l;
-+ data[1]=r;
-+ des_encrypt2((DES_LONG *)data,ks1,DES_ENCRYPT);
-+ des_encrypt2((DES_LONG *)data,ks2,DES_DECRYPT);
-+ des_encrypt2((DES_LONG *)data,ks3,DES_ENCRYPT);
-+ l=data[0];
-+ r=data[1];
-+ FP(r,l);
-+ data[0]=l;
-+ data[1]=r;
-+ }
-+
-+void des_decrypt3(data,ks1,ks2,ks3)
-+DES_LONG *data;
-+des_key_schedule ks1;
-+des_key_schedule ks2;
-+des_key_schedule ks3;
-+ {
-+ register DES_LONG l,r;
-+
-+ l=data[0];
-+ r=data[1];
-+ IP(l,r);
-+ data[0]=l;
-+ data[1]=r;
-+ des_encrypt2((DES_LONG *)data,ks3,DES_DECRYPT);
-+ des_encrypt2((DES_LONG *)data,ks2,DES_ENCRYPT);
-+ des_encrypt2((DES_LONG *)data,ks1,DES_DECRYPT);
-+ l=data[0];
-+ r=data[1];
-+ FP(r,l);
-+ data[0]=l;
-+ data[1]=r;
-+ }
-+
-+#ifndef DES_DEFAULT_OPTIONS
-+
-+void des_ncbc_encrypt(input, output, length, schedule, ivec, enc)
-+des_cblock (*input);
-+des_cblock (*output);
-+long length;
-+des_key_schedule schedule;
-+des_cblock (*ivec);
-+int enc;
-+ {
-+ register DES_LONG tin0,tin1;
-+ register DES_LONG tout0,tout1,xor0,xor1;
-+ register unsigned char *in,*out;
-+ register long l=length;
-+ DES_LONG tin[2];
-+ unsigned char *iv;
-+
-+ in=(unsigned char *)input;
-+ out=(unsigned char *)output;
-+ iv=(unsigned char *)ivec;
-+
-+ if (enc)
-+ {
-+ c2l(iv,tout0);
-+ c2l(iv,tout1);
-+ for (l-=8; l>=0; l-=8)
-+ {
-+ c2l(in,tin0);
-+ c2l(in,tin1);
-+ tin0^=tout0; tin[0]=tin0;
-+ tin1^=tout1; tin[1]=tin1;
-+ des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
-+ tout0=tin[0]; l2c(tout0,out);
-+ tout1=tin[1]; l2c(tout1,out);
-+ }
-+ if (l != -8)
-+ {
-+ c2ln(in,tin0,tin1,l+8);
-+ tin0^=tout0; tin[0]=tin0;
-+ tin1^=tout1; tin[1]=tin1;
-+ des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
-+ tout0=tin[0]; l2c(tout0,out);
-+ tout1=tin[1]; l2c(tout1,out);
-+ }
-+ iv=(unsigned char *)ivec;
-+ l2c(tout0,iv);
-+ l2c(tout1,iv);
-+ }
-+ else
-+ {
-+ c2l(iv,xor0);
-+ c2l(iv,xor1);
-+ for (l-=8; l>=0; l-=8)
-+ {
-+ c2l(in,tin0); tin[0]=tin0;
-+ c2l(in,tin1); tin[1]=tin1;
-+ des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
-+ tout0=tin[0]^xor0;
-+ tout1=tin[1]^xor1;
-+ l2c(tout0,out);
-+ l2c(tout1,out);
-+ xor0=tin0;
-+ xor1=tin1;
-+ }
-+ if (l != -8)
-+ {
-+ c2l(in,tin0); tin[0]=tin0;
-+ c2l(in,tin1); tin[1]=tin1;
-+ des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
-+ tout0=tin[0]^xor0;
-+ tout1=tin[1]^xor1;
-+ l2cn(tout0,tout1,out,l+8);
-+ xor0=tin0;
-+ xor1=tin1;
-+ }
-+
-+ iv=(unsigned char *)ivec;
-+ l2c(xor0,iv);
-+ l2c(xor1,iv);
-+ }
-+ tin0=tin1=tout0=tout1=xor0=xor1=0;
-+ tin[0]=tin[1]=0;
-+ }
-+
-+void des_ede3_cbc_encrypt(input, output, length, ks1, ks2, ks3, ivec, enc)
-+des_cblock (*input);
-+des_cblock (*output);
-+long length;
-+des_key_schedule ks1;
-+des_key_schedule ks2;
-+des_key_schedule ks3;
-+des_cblock (*ivec);
-+int enc;
-+ {
-+ register DES_LONG tin0,tin1;
-+ register DES_LONG tout0,tout1,xor0,xor1;
-+ register unsigned char *in,*out;
-+ register long l=length;
-+ DES_LONG tin[2];
-+ unsigned char *iv;
-+
-+ in=(unsigned char *)input;
-+ out=(unsigned char *)output;
-+ iv=(unsigned char *)ivec;
-+
-+ if (enc)
-+ {
-+ c2l(iv,tout0);
-+ c2l(iv,tout1);
-+ for (l-=8; l>=0; l-=8)
-+ {
-+ c2l(in,tin0);
-+ c2l(in,tin1);
-+ tin0^=tout0;
-+ tin1^=tout1;
-+
-+ tin[0]=tin0;
-+ tin[1]=tin1;
-+ des_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
-+ tout0=tin[0];
-+ tout1=tin[1];
-+
-+ l2c(tout0,out);
-+ l2c(tout1,out);
-+ }
-+ if (l != -8)
-+ {
-+ c2ln(in,tin0,tin1,l+8);
-+ tin0^=tout0;
-+ tin1^=tout1;
-+
-+ tin[0]=tin0;
-+ tin[1]=tin1;
-+ des_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
-+ tout0=tin[0];
-+ tout1=tin[1];
-+
-+ l2c(tout0,out);
-+ l2c(tout1,out);
-+ }
-+ iv=(unsigned char *)ivec;
-+ l2c(tout0,iv);
-+ l2c(tout1,iv);
-+ }
-+ else
-+ {
-+ register DES_LONG t0,t1;
-+
-+ c2l(iv,xor0);
-+ c2l(iv,xor1);
-+ for (l-=8; l>=0; l-=8)
-+ {
-+ c2l(in,tin0);
-+ c2l(in,tin1);
-+
-+ t0=tin0;
-+ t1=tin1;
-+
-+ tin[0]=tin0;
-+ tin[1]=tin1;
-+ des_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
-+ tout0=tin[0];
-+ tout1=tin[1];
-+
-+ tout0^=xor0;
-+ tout1^=xor1;
-+ l2c(tout0,out);
-+ l2c(tout1,out);
-+ xor0=t0;
-+ xor1=t1;
-+ }
-+ if (l != -8)
-+ {
-+ c2l(in,tin0);
-+ c2l(in,tin1);
-+
-+ t0=tin0;
-+ t1=tin1;
-+
-+ tin[0]=tin0;
-+ tin[1]=tin1;
-+ des_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
-+ tout0=tin[0];
-+ tout1=tin[1];
-+
-+ tout0^=xor0;
-+ tout1^=xor1;
-+ l2cn(tout0,tout1,out,l+8);
-+ xor0=t0;
-+ xor1=t1;
-+ }
-+
-+ iv=(unsigned char *)ivec;
-+ l2c(xor0,iv);
-+ l2c(xor1,iv);
-+ }
-+ tin0=tin1=tout0=tout1=xor0=xor1=0;
-+ tin[0]=tin[1]=0;
-+ }
-+
-+#endif /* DES_DEFAULT_OPTIONS */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/des_opts.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,620 @@
-+/* crypto/des/des_opts.c */
-+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
-+ * All rights reserved.
-+ *
-+ * This package is an SSL implementation written
-+ * by Eric Young (eay@cryptsoft.com).
-+ * The implementation was written so as to conform with Netscapes SSL.
-+ *
-+ * This library is free for commercial and non-commercial use as long as
-+ * the following conditions are aheared to. The following conditions
-+ * apply to all code found in this distribution, be it the RC4, RSA,
-+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
-+ * included with this distribution is covered by the same copyright terms
-+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
-+ *
-+ * Copyright remains Eric Young's, and as such any Copyright notices in
-+ * the code are not to be removed.
-+ * If this package is used in a product, Eric Young should be given attribution
-+ * as the author of the parts of the library used.
-+ * This can be in the form of a textual message at program startup or
-+ * in documentation (online or textual) provided with the package.
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions
-+ * are met:
-+ * 1. Redistributions of source code must retain the copyright
-+ * notice, this list of conditions and the following disclaimer.
-+ * 2. Redistributions in binary form must reproduce the above copyright
-+ * notice, this list of conditions and the following disclaimer in the
-+ * documentation and/or other materials provided with the distribution.
-+ * 3. All advertising materials mentioning features or use of this software
-+ * must display the following acknowledgement:
-+ * "This product includes cryptographic software written by
-+ * Eric Young (eay@cryptsoft.com)"
-+ * The word 'cryptographic' can be left out if the rouines from the library
-+ * being used are not cryptographic related :-).
-+ * 4. If you include any Windows specific code (or a derivative thereof) from
-+ * the apps directory (application code) you must include an acknowledgement:
-+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
-+ *
-+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-+ * SUCH DAMAGE.
-+ *
-+ * The licence and distribution terms for any publically available version or
-+ * derivative of this code cannot be changed. i.e. this code cannot simply be
-+ * copied and put under another distribution licence
-+ * [including the GNU Public Licence.]
-+ */
-+
-+/* define PART1, PART2, PART3 or PART4 to build only with a few of the options.
-+ * This is for machines with 64k code segment size restrictions. */
-+
-+#ifndef MSDOS
-+#define TIMES
-+#endif
-+
-+#include <stdio.h>
-+#ifndef MSDOS
-+#include <unistd.h>
-+#else
-+#include <io.h>
-+extern void exit();
-+#endif
-+#include <signal.h>
-+#ifndef VMS
-+#ifndef _IRIX
-+#include <time.h>
-+#endif
-+#ifdef TIMES
-+#include <sys/types.h>
-+#include <sys/times.h>
-+#endif
-+#else /* VMS */
-+#include <types.h>
-+struct tms {
-+ time_t tms_utime;
-+ time_t tms_stime;
-+ time_t tms_uchild; /* I dunno... */
-+ time_t tms_uchildsys; /* so these names are a guess :-) */
-+ }
-+#endif
-+#ifndef TIMES
-+#include <sys/timeb.h>
-+#endif
-+
-+#ifdef sun
-+#include <limits.h>
-+#include <sys/param.h>
-+#endif
-+
-+#include "des/des_locl.h"
-+#include "des/spr.h"
-+
-+#define DES_DEFAULT_OPTIONS
-+
-+#if !defined(PART1) && !defined(PART2) && !defined(PART3) && !defined(PART4)
-+#define PART1
-+#define PART2
-+#define PART3
-+#define PART4
-+#endif
-+
-+#ifdef PART1
-+
-+#undef DES_UNROLL
-+#undef DES_RISC1
-+#undef DES_RISC2
-+#undef DES_PTR
-+#undef D_ENCRYPT
-+#define des_encrypt des_encrypt_u4_cisc_idx
-+#define des_encrypt2 des_encrypt2_u4_cisc_idx
-+#define des_encrypt3 des_encrypt3_u4_cisc_idx
-+#define des_decrypt3 des_decrypt3_u4_cisc_idx
-+#undef HEADER_DES_LOCL_H
-+#include "des_enc.c"
-+
-+#define DES_UNROLL
-+#undef DES_RISC1
-+#undef DES_RISC2
-+#undef DES_PTR
-+#undef D_ENCRYPT
-+#undef des_encrypt
-+#undef des_encrypt2
-+#undef des_encrypt3
-+#undef des_decrypt3
-+#define des_encrypt des_encrypt_u16_cisc_idx
-+#define des_encrypt2 des_encrypt2_u16_cisc_idx
-+#define des_encrypt3 des_encrypt3_u16_cisc_idx
-+#define des_decrypt3 des_decrypt3_u16_cisc_idx
-+#undef HEADER_DES_LOCL_H
-+#include "des_enc.c"
-+
-+#undef DES_UNROLL
-+#define DES_RISC1
-+#undef DES_RISC2
-+#undef DES_PTR
-+#undef D_ENCRYPT
-+#undef des_encrypt
-+#undef des_encrypt2
-+#undef des_encrypt3
-+#undef des_decrypt3
-+#define des_encrypt des_encrypt_u4_risc1_idx
-+#define des_encrypt2 des_encrypt2_u4_risc1_idx
-+#define des_encrypt3 des_encrypt3_u4_risc1_idx
-+#define des_decrypt3 des_decrypt3_u4_risc1_idx
-+#undef HEADER_DES_LOCL_H
-+#include "des_enc.c"
-+
-+#endif
-+
-+#ifdef PART2
-+
-+#undef DES_UNROLL
-+#undef DES_RISC1
-+#define DES_RISC2
-+#undef DES_PTR
-+#undef D_ENCRYPT
-+#undef des_encrypt
-+#undef des_encrypt2
-+#undef des_encrypt3
-+#undef des_decrypt3
-+#define des_encrypt des_encrypt_u4_risc2_idx
-+#define des_encrypt2 des_encrypt2_u4_risc2_idx
-+#define des_encrypt3 des_encrypt3_u4_risc2_idx
-+#define des_decrypt3 des_decrypt3_u4_risc2_idx
-+#undef HEADER_DES_LOCL_H
-+#include "des_enc.c"
-+
-+#define DES_UNROLL
-+#define DES_RISC1
-+#undef DES_RISC2
-+#undef DES_PTR
-+#undef D_ENCRYPT
-+#undef des_encrypt
-+#undef des_encrypt2
-+#undef des_encrypt3
-+#undef des_decrypt3
-+#define des_encrypt des_encrypt_u16_risc1_idx
-+#define des_encrypt2 des_encrypt2_u16_risc1_idx
-+#define des_encrypt3 des_encrypt3_u16_risc1_idx
-+#define des_decrypt3 des_decrypt3_u16_risc1_idx
-+#undef HEADER_DES_LOCL_H
-+#include "des_enc.c"
-+
-+#define DES_UNROLL
-+#undef DES_RISC1
-+#define DES_RISC2
-+#undef DES_PTR
-+#undef D_ENCRYPT
-+#undef des_encrypt
-+#undef des_encrypt2
-+#undef des_encrypt3
-+#undef des_decrypt3
-+#define des_encrypt des_encrypt_u16_risc2_idx
-+#define des_encrypt2 des_encrypt2_u16_risc2_idx
-+#define des_encrypt3 des_encrypt3_u16_risc2_idx
-+#define des_decrypt3 des_decrypt3_u16_risc2_idx
-+#undef HEADER_DES_LOCL_H
-+#include "des_enc.c"
-+
-+#endif
-+
-+#ifdef PART3
-+
-+#undef DES_UNROLL
-+#undef DES_RISC1
-+#undef DES_RISC2
-+#define DES_PTR
-+#undef D_ENCRYPT
-+#undef des_encrypt
-+#undef des_encrypt2
-+#undef des_encrypt3
-+#undef des_decrypt3
-+#define des_encrypt des_encrypt_u4_cisc_ptr
-+#define des_encrypt2 des_encrypt2_u4_cisc_ptr
-+#define des_encrypt3 des_encrypt3_u4_cisc_ptr
-+#define des_decrypt3 des_decrypt3_u4_cisc_ptr
-+#undef HEADER_DES_LOCL_H
-+#include "des_enc.c"
-+
-+#define DES_UNROLL
-+#undef DES_RISC1
-+#undef DES_RISC2
-+#define DES_PTR
-+#undef D_ENCRYPT
-+#undef des_encrypt
-+#undef des_encrypt2
-+#undef des_encrypt3
-+#undef des_decrypt3
-+#define des_encrypt des_encrypt_u16_cisc_ptr
-+#define des_encrypt2 des_encrypt2_u16_cisc_ptr
-+#define des_encrypt3 des_encrypt3_u16_cisc_ptr
-+#define des_decrypt3 des_decrypt3_u16_cisc_ptr
-+#undef HEADER_DES_LOCL_H
-+#include "des_enc.c"
-+
-+#undef DES_UNROLL
-+#define DES_RISC1
-+#undef DES_RISC2
-+#define DES_PTR
-+#undef D_ENCRYPT
-+#undef des_encrypt
-+#undef des_encrypt2
-+#undef des_encrypt3
-+#undef des_decrypt3
-+#define des_encrypt des_encrypt_u4_risc1_ptr
-+#define des_encrypt2 des_encrypt2_u4_risc1_ptr
-+#define des_encrypt3 des_encrypt3_u4_risc1_ptr
-+#define des_decrypt3 des_decrypt3_u4_risc1_ptr
-+#undef HEADER_DES_LOCL_H
-+#include "des_enc.c"
-+
-+#endif
-+
-+#ifdef PART4
-+
-+#undef DES_UNROLL
-+#undef DES_RISC1
-+#define DES_RISC2
-+#define DES_PTR
-+#undef D_ENCRYPT
-+#undef des_encrypt
-+#undef des_encrypt2
-+#undef des_encrypt3
-+#undef des_decrypt3
-+#define des_encrypt des_encrypt_u4_risc2_ptr
-+#define des_encrypt2 des_encrypt2_u4_risc2_ptr
-+#define des_encrypt3 des_encrypt3_u4_risc2_ptr
-+#define des_decrypt3 des_decrypt3_u4_risc2_ptr
-+#undef HEADER_DES_LOCL_H
-+#include "des_enc.c"
-+
-+#define DES_UNROLL
-+#define DES_RISC1
-+#undef DES_RISC2
-+#define DES_PTR
-+#undef D_ENCRYPT
-+#undef des_encrypt
-+#undef des_encrypt2
-+#undef des_encrypt3
-+#undef des_decrypt3
-+#define des_encrypt des_encrypt_u16_risc1_ptr
-+#define des_encrypt2 des_encrypt2_u16_risc1_ptr
-+#define des_encrypt3 des_encrypt3_u16_risc1_ptr
-+#define des_decrypt3 des_decrypt3_u16_risc1_ptr
-+#undef HEADER_DES_LOCL_H
-+#include "des_enc.c"
-+
-+#define DES_UNROLL
-+#undef DES_RISC1
-+#define DES_RISC2
-+#define DES_PTR
-+#undef D_ENCRYPT
-+#undef des_encrypt
-+#undef des_encrypt2
-+#undef des_encrypt3
-+#undef des_decrypt3
-+#define des_encrypt des_encrypt_u16_risc2_ptr
-+#define des_encrypt2 des_encrypt2_u16_risc2_ptr
-+#define des_encrypt3 des_encrypt3_u16_risc2_ptr
-+#define des_decrypt3 des_decrypt3_u16_risc2_ptr
-+#undef HEADER_DES_LOCL_H
-+#include "des_enc.c"
-+
-+#endif
-+
-+/* The following if from times(3) man page. It may need to be changed */
-+#ifndef HZ
-+# ifndef CLK_TCK
-+# ifndef _BSD_CLK_TCK_ /* FreeBSD fix */
-+# ifndef VMS
-+# define HZ 100.0
-+# else /* VMS */
-+# define HZ 100.0
-+# endif
-+# else /* _BSD_CLK_TCK_ */
-+# define HZ ((double)_BSD_CLK_TCK_)
-+# endif
-+# else /* CLK_TCK */
-+# define HZ ((double)CLK_TCK)
-+# endif
-+#endif
-+
-+#define BUFSIZE ((long)1024)
-+long run=0;
-+
-+#ifndef NOPROTO
-+double Time_F(int s);
-+#else
-+double Time_F();
-+#endif
-+
-+#ifdef SIGALRM
-+#if defined(__STDC__) || defined(sgi)
-+#define SIGRETTYPE void
-+#else
-+#define SIGRETTYPE int
-+#endif
-+
-+#ifndef NOPROTO
-+SIGRETTYPE sig_done(int sig);
-+#else
-+SIGRETTYPE sig_done();
-+#endif
-+
-+SIGRETTYPE sig_done(sig)
-+int sig;
-+ {
-+ signal(SIGALRM,sig_done);
-+ run=0;
-+#ifdef LINT
-+ sig=sig;
-+#endif
-+ }
-+#endif
-+
-+#define START 0
-+#define STOP 1
-+
-+double Time_F(s)
-+int s;
-+ {
-+ double ret;
-+#ifdef TIMES
-+ static struct tms tstart,tend;
-+
-+ if (s == START)
-+ {
-+ times(&tstart);
-+ return(0);
-+ }
-+ else
-+ {
-+ times(&tend);
-+ ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
-+ return((ret == 0.0)?1e-6:ret);
-+ }
-+#else /* !times() */
-+ static struct timeb tstart,tend;
-+ long i;
-+
-+ if (s == START)
-+ {
-+ ftime(&tstart);
-+ return(0);
-+ }
-+ else
-+ {
-+ ftime(&tend);
-+ i=(long)tend.millitm-(long)tstart.millitm;
-+ ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
-+ return((ret == 0.0)?1e-6:ret);
-+ }
-+#endif
-+ }
-+
-+#ifdef SIGALRM
-+#define print_name(name) fprintf(stderr,"Doing %s's for 10 seconds\n",name); alarm(10);
-+#else
-+#define print_name(name) fprintf(stderr,"Doing %s %ld times\n",name,cb);
-+#endif
-+
-+#define time_it(func,name,index) \
-+ print_name(name); \
-+ Time_F(START); \
-+ for (count=0,run=1; COND(cb); count++) \
-+ { \
-+ unsigned long d[2]; \
-+ func(d,&(sch[0]),DES_ENCRYPT); \
-+ } \
-+ tm[index]=Time_F(STOP); \
-+ fprintf(stderr,"%ld %s's in %.2f second\n",count,name,tm[index]); \
-+ tm[index]=((double)COUNT(cb))/tm[index];
-+
-+#define print_it(name,index) \
-+ fprintf(stderr,"%s bytes per sec = %12.2f (%5.1fuS)\n",name, \
-+ tm[index]*8,1.0e6/tm[index]);
-+
-+int main(argc,argv)
-+int argc;
-+char **argv;
-+ {
-+ long count;
-+ static unsigned char buf[BUFSIZE];
-+ static des_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
-+ static des_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
-+ static des_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
-+ des_key_schedule sch,sch2,sch3;
-+ double d,tm[16],max=0;
-+ int rank[16];
-+ char *str[16];
-+ int max_idx=0,i,num=0,j;
-+#ifndef SIGALARM
-+ long ca,cb,cc,cd,ce;
-+#endif
-+
-+ for (i=0; i<12; i++)
-+ {
-+ tm[i]=0.0;
-+ rank[i]=0;
-+ }
-+
-+#ifndef TIMES
-+ fprintf(stderr,"To get the most acurate results, try to run this\n");
-+ fprintf(stderr,"program when this computer is idle.\n");
-+#endif
-+
-+ des_set_key((C_Block *)key,sch);
-+ des_set_key((C_Block *)key2,sch2);
-+ des_set_key((C_Block *)key3,sch3);
-+
-+#ifndef SIGALRM
-+ fprintf(stderr,"First we calculate the approximate speed ...\n");
-+ des_set_key((C_Block *)key,sch);
-+ count=10;
-+ do {
-+ long i;
-+ unsigned long data[2];
-+
-+ count*=2;
-+ Time_F(START);
-+ for (i=count; i; i--)
-+ des_encrypt(data,&(sch[0]),DES_ENCRYPT);
-+ d=Time_F(STOP);
-+ } while (d < 3.0);
-+ ca=count;
-+ cb=count*3;
-+ cc=count*3*8/BUFSIZE+1;
-+ cd=count*8/BUFSIZE+1;
-+
-+ ce=count/20+1;
-+#define COND(d) (count != (d))
-+#define COUNT(d) (d)
-+#else
-+#define COND(c) (run)
-+#define COUNT(d) (count)
-+ signal(SIGALRM,sig_done);
-+ alarm(10);
-+#endif
-+
-+#ifdef PART1
-+ time_it(des_encrypt_u4_cisc_idx, "des_encrypt_u4_cisc_idx ", 0);
-+ time_it(des_encrypt_u16_cisc_idx, "des_encrypt_u16_cisc_idx ", 1);
-+ time_it(des_encrypt_u4_risc1_idx, "des_encrypt_u4_risc1_idx ", 2);
-+ num+=3;
-+#endif
-+#ifdef PART2
-+ time_it(des_encrypt_u16_risc1_idx,"des_encrypt_u16_risc1_idx", 3);
-+ time_it(des_encrypt_u4_risc2_idx, "des_encrypt_u4_risc2_idx ", 4);
-+ time_it(des_encrypt_u16_risc2_idx,"des_encrypt_u16_risc2_idx", 5);
-+ num+=3;
-+#endif
-+#ifdef PART3
-+ time_it(des_encrypt_u4_cisc_ptr, "des_encrypt_u4_cisc_ptr ", 6);
-+ time_it(des_encrypt_u16_cisc_ptr, "des_encrypt_u16_cisc_ptr ", 7);
-+ time_it(des_encrypt_u4_risc1_ptr, "des_encrypt_u4_risc1_ptr ", 8);
-+ num+=3;
-+#endif
-+#ifdef PART4
-+ time_it(des_encrypt_u16_risc1_ptr,"des_encrypt_u16_risc1_ptr", 9);
-+ time_it(des_encrypt_u4_risc2_ptr, "des_encrypt_u4_risc2_ptr ",10);
-+ time_it(des_encrypt_u16_risc2_ptr,"des_encrypt_u16_risc2_ptr",11);
-+ num+=3;
-+#endif
-+
-+#ifdef PART1
-+ str[0]=" 4 c i";
-+ print_it("des_encrypt_u4_cisc_idx ",0);
-+ max=tm[0];
-+ max_idx=0;
-+ str[1]="16 c i";
-+ print_it("des_encrypt_u16_cisc_idx ",1);
-+ if (max < tm[1]) { max=tm[1]; max_idx=1; }
-+ str[2]=" 4 r1 i";
-+ print_it("des_encrypt_u4_risc1_idx ",2);
-+ if (max < tm[2]) { max=tm[2]; max_idx=2; }
-+#endif
-+#ifdef PART2
-+ str[3]="16 r1 i";
-+ print_it("des_encrypt_u16_risc1_idx",3);
-+ if (max < tm[3]) { max=tm[3]; max_idx=3; }
-+ str[4]=" 4 r2 i";
-+ print_it("des_encrypt_u4_risc2_idx ",4);
-+ if (max < tm[4]) { max=tm[4]; max_idx=4; }
-+ str[5]="16 r2 i";
-+ print_it("des_encrypt_u16_risc2_idx",5);
-+ if (max < tm[5]) { max=tm[5]; max_idx=5; }
-+#endif
-+#ifdef PART3
-+ str[6]=" 4 c p";
-+ print_it("des_encrypt_u4_cisc_ptr ",6);
-+ if (max < tm[6]) { max=tm[6]; max_idx=6; }
-+ str[7]="16 c p";
-+ print_it("des_encrypt_u16_cisc_ptr ",7);
-+ if (max < tm[7]) { max=tm[7]; max_idx=7; }
-+ str[8]=" 4 r1 p";
-+ print_it("des_encrypt_u4_risc1_ptr ",8);
-+ if (max < tm[8]) { max=tm[8]; max_idx=8; }
-+#endif
-+#ifdef PART4
-+ str[9]="16 r1 p";
-+ print_it("des_encrypt_u16_risc1_ptr",9);
-+ if (max < tm[9]) { max=tm[9]; max_idx=9; }
-+ str[10]=" 4 r2 p";
-+ print_it("des_encrypt_u4_risc2_ptr ",10);
-+ if (max < tm[10]) { max=tm[10]; max_idx=10; }
-+ str[11]="16 r2 p";
-+ print_it("des_encrypt_u16_risc2_ptr",11);
-+ if (max < tm[11]) { max=tm[11]; max_idx=11; }
-+#endif
-+ printf("options des ecb/s\n");
-+ printf("%s %12.2f 100.0%%\n",str[max_idx],tm[max_idx]);
-+ d=tm[max_idx];
-+ tm[max_idx]= -2.0;
-+ max= -1.0;
-+ for (;;)
-+ {
-+ for (i=0; i<12; i++)
-+ {
-+ if (max < tm[i]) { max=tm[i]; j=i; }
-+ }
-+ if (max < 0.0) break;
-+ printf("%s %12.2f %4.1f%%\n",str[j],tm[j],tm[j]/d*100.0);
-+ tm[j]= -2.0;
-+ max= -1.0;
-+ }
-+
-+ switch (max_idx)
-+ {
-+ case 0:
-+ printf("-DDES_DEFAULT_OPTIONS\n");
-+ break;
-+ case 1:
-+ printf("-DDES_UNROLL\n");
-+ break;
-+ case 2:
-+ printf("-DDES_RISC1\n");
-+ break;
-+ case 3:
-+ printf("-DDES_UNROLL -DDES_RISC1\n");
-+ break;
-+ case 4:
-+ printf("-DDES_RISC2\n");
-+ break;
-+ case 5:
-+ printf("-DDES_UNROLL -DDES_RISC2\n");
-+ break;
-+ case 6:
-+ printf("-DDES_PTR\n");
-+ break;
-+ case 7:
-+ printf("-DDES_UNROLL -DDES_PTR\n");
-+ break;
-+ case 8:
-+ printf("-DDES_RISC1 -DDES_PTR\n");
-+ break;
-+ case 9:
-+ printf("-DDES_UNROLL -DDES_RISC1 -DDES_PTR\n");
-+ break;
-+ case 10:
-+ printf("-DDES_RISC2 -DDES_PTR\n");
-+ break;
-+ case 11:
-+ printf("-DDES_UNROLL -DDES_RISC2 -DDES_PTR\n");
-+ break;
-+ }
-+ exit(0);
-+#if defined(LINT) || defined(MSDOS)
-+ return(0);
-+#endif
-+ }
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/dx86unix.S Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,3160 @@
-+/*
-+ * This file was originally generated by Michael Richardson <mcr@freeswan.org>
-+ * via the perl scripts found in the ASM subdir. It remains copyright of
-+ * Eric Young, see the file COPYRIGHT.
-+ *
-+ * This was last done on October 9, 2002.
-+ *
-+ * While this file does not need to go through cpp, we pass it through
-+ * CPP by naming it dx86unix.S instead of dx86unix.s because there is
-+ * a bug in Rules.make for .s builds - specifically it references EXTRA_CFLAGS
-+ * which may contain stuff that AS doesn't understand instead of
-+ * referencing EXTRA_AFLAGS.
-+ */
-+
-+ .file "dx86unix.S"
-+ .version "01.01"
-+.text
-+ .align 16
-+.globl des_encrypt
-+ .type des_encrypt , @function
-+des_encrypt:
-+ pushl %esi
-+ pushl %edi
-+
-+
-+ movl 12(%esp), %esi
-+ xorl %ecx, %ecx
-+ pushl %ebx
-+ pushl %ebp
-+ movl (%esi), %eax
-+ movl 28(%esp), %ebx
-+ movl 4(%esi), %edi
-+
-+
-+ roll $4, %eax
-+ movl %eax, %esi
-+ xorl %edi, %eax
-+ andl $0xf0f0f0f0, %eax
-+ xorl %eax, %esi
-+ xorl %eax, %edi
-+
-+ roll $20, %edi
-+ movl %edi, %eax
-+ xorl %esi, %edi
-+ andl $0xfff0000f, %edi
-+ xorl %edi, %eax
-+ xorl %edi, %esi
-+
-+ roll $14, %eax
-+ movl %eax, %edi
-+ xorl %esi, %eax
-+ andl $0x33333333, %eax
-+ xorl %eax, %edi
-+ xorl %eax, %esi
-+
-+ roll $22, %esi
-+ movl %esi, %eax
-+ xorl %edi, %esi
-+ andl $0x03fc03fc, %esi
-+ xorl %esi, %eax
-+ xorl %esi, %edi
-+
-+ roll $9, %eax
-+ movl %eax, %esi
-+ xorl %edi, %eax
-+ andl $0xaaaaaaaa, %eax
-+ xorl %eax, %esi
-+ xorl %eax, %edi
-+
-+.byte 209
-+.byte 199
-+ movl 24(%esp), %ebp
-+ cmpl $0, %ebx
-+ je .L000start_decrypt
-+
-+
-+ movl (%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 4(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 8(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 12(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 16(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 20(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 24(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 28(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 32(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 36(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 40(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 44(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 48(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 52(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 56(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 60(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 64(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 68(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 72(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 76(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 80(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 84(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 88(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 92(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 96(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 100(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 104(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 108(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 112(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 116(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 120(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 124(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+ jmp .L001end
-+.L000start_decrypt:
-+
-+
-+ movl 120(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 124(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 112(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 116(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 104(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 108(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 96(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 100(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 88(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 92(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 80(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 84(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 72(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 76(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 64(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 68(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 56(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 60(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 48(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 52(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 40(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 44(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 32(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 36(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 24(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 28(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 16(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 20(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 8(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 12(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl (%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 4(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+.L001end:
-+
-+
-+ movl 20(%esp), %edx
-+.byte 209
-+.byte 206
-+ movl %edi, %eax
-+ xorl %esi, %edi
-+ andl $0xaaaaaaaa, %edi
-+ xorl %edi, %eax
-+ xorl %edi, %esi
-+
-+ roll $23, %eax
-+ movl %eax, %edi
-+ xorl %esi, %eax
-+ andl $0x03fc03fc, %eax
-+ xorl %eax, %edi
-+ xorl %eax, %esi
-+
-+ roll $10, %edi
-+ movl %edi, %eax
-+ xorl %esi, %edi
-+ andl $0x33333333, %edi
-+ xorl %edi, %eax
-+ xorl %edi, %esi
-+
-+ roll $18, %esi
-+ movl %esi, %edi
-+ xorl %eax, %esi
-+ andl $0xfff0000f, %esi
-+ xorl %esi, %edi
-+ xorl %esi, %eax
-+
-+ roll $12, %edi
-+ movl %edi, %esi
-+ xorl %eax, %edi
-+ andl $0xf0f0f0f0, %edi
-+ xorl %edi, %esi
-+ xorl %edi, %eax
-+
-+ rorl $4, %eax
-+ movl %eax, (%edx)
-+ movl %esi, 4(%edx)
-+ popl %ebp
-+ popl %ebx
-+ popl %edi
-+ popl %esi
-+ ret
-+.des_encrypt_end:
-+ .size des_encrypt , .des_encrypt_end-des_encrypt
-+.ident "desasm.pl"
-+.text
-+ .align 16
-+.globl des_encrypt2
-+ .type des_encrypt2 , @function
-+des_encrypt2:
-+ pushl %esi
-+ pushl %edi
-+
-+
-+ movl 12(%esp), %eax
-+ xorl %ecx, %ecx
-+ pushl %ebx
-+ pushl %ebp
-+ movl (%eax), %esi
-+ movl 28(%esp), %ebx
-+ roll $3, %esi
-+ movl 4(%eax), %edi
-+ roll $3, %edi
-+ movl 24(%esp), %ebp
-+ cmpl $0, %ebx
-+ je .L002start_decrypt
-+
-+
-+ movl (%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 4(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 8(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 12(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 16(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 20(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 24(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 28(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 32(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 36(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 40(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 44(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 48(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 52(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 56(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 60(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 64(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 68(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 72(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 76(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 80(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 84(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 88(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 92(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 96(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 100(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 104(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 108(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 112(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 116(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 120(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 124(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+ jmp .L003end
-+.L002start_decrypt:
-+
-+
-+ movl 120(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 124(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 112(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 116(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 104(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 108(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 96(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 100(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 88(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 92(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 80(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 84(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 72(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 76(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 64(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 68(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 56(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 60(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 48(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 52(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 40(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 44(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 32(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 36(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 24(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 28(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl 16(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 20(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+
-+
-+ movl 8(%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 12(%ebp), %edx
-+ xorl %esi, %eax
-+ xorl %esi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %edi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %edi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %edi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %edi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %edi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %edi
-+
-+
-+ movl (%ebp), %eax
-+ xorl %ebx, %ebx
-+ movl 4(%ebp), %edx
-+ xorl %edi, %eax
-+ xorl %edi, %edx
-+ andl $0xfcfcfcfc, %eax
-+ andl $0xcfcfcfcf, %edx
-+ movb %al, %bl
-+ movb %ah, %cl
-+ rorl $4, %edx
-+ movl des_SPtrans(%ebx),%ebp
-+ movb %dl, %bl
-+ xorl %ebp, %esi
-+ movl 0x200+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movb %dh, %cl
-+ shrl $16, %eax
-+ movl 0x100+des_SPtrans(%ebx),%ebp
-+ xorl %ebp, %esi
-+ movb %ah, %bl
-+ shrl $16, %edx
-+ movl 0x300+des_SPtrans(%ecx),%ebp
-+ xorl %ebp, %esi
-+ movl 24(%esp), %ebp
-+ movb %dh, %cl
-+ andl $0xff, %eax
-+ andl $0xff, %edx
-+ movl 0x600+des_SPtrans(%ebx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x700+des_SPtrans(%ecx),%ebx
-+ xorl %ebx, %esi
-+ movl 0x400+des_SPtrans(%eax),%ebx
-+ xorl %ebx, %esi
-+ movl 0x500+des_SPtrans(%edx),%ebx
-+ xorl %ebx, %esi
-+.L003end:
-+
-+
-+ rorl $3, %edi
-+ movl 20(%esp), %eax
-+ rorl $3, %esi
-+ movl %edi, (%eax)
-+ movl %esi, 4(%eax)
-+ popl %ebp
-+ popl %ebx
-+ popl %edi
-+ popl %esi
-+ ret
-+.des_encrypt2_end:
-+ .size des_encrypt2 , .des_encrypt2_end-des_encrypt2
-+.ident "desasm.pl"
-+.text
-+ .align 16
-+.globl des_encrypt3
-+ .type des_encrypt3 , @function
-+des_encrypt3:
-+ pushl %ebx
-+ movl 8(%esp), %ebx
-+ pushl %ebp
-+ pushl %esi
-+ pushl %edi
-+
-+
-+ movl (%ebx), %edi
-+ movl 4(%ebx), %esi
-+ subl $12, %esp
-+
-+
-+ roll $4, %edi
-+ movl %edi, %edx
-+ xorl %esi, %edi
-+ andl $0xf0f0f0f0, %edi
-+ xorl %edi, %edx
-+ xorl %edi, %esi
-+
-+ roll $20, %esi
-+ movl %esi, %edi
-+ xorl %edx, %esi
-+ andl $0xfff0000f, %esi
-+ xorl %esi, %edi
-+ xorl %esi, %edx
-+
-+ roll $14, %edi
-+ movl %edi, %esi
-+ xorl %edx, %edi
-+ andl $0x33333333, %edi
-+ xorl %edi, %esi
-+ xorl %edi, %edx
-+
-+ roll $22, %edx
-+ movl %edx, %edi
-+ xorl %esi, %edx
-+ andl $0x03fc03fc, %edx
-+ xorl %edx, %edi
-+ xorl %edx, %esi
-+
-+ roll $9, %edi
-+ movl %edi, %edx
-+ xorl %esi, %edi
-+ andl $0xaaaaaaaa, %edi
-+ xorl %edi, %edx
-+ xorl %edi, %esi
-+
-+ rorl $3, %edx
-+ rorl $2, %esi
-+ movl %esi, 4(%ebx)
-+ movl 36(%esp), %eax
-+ movl %edx, (%ebx)
-+ movl 40(%esp), %edi
-+ movl 44(%esp), %esi
-+ movl $1, 8(%esp)
-+ movl %eax, 4(%esp)
-+ movl %ebx, (%esp)
-+ call des_encrypt2
-+ movl $0, 8(%esp)
-+ movl %edi, 4(%esp)
-+ movl %ebx, (%esp)
-+ call des_encrypt2
-+ movl $1, 8(%esp)
-+ movl %esi, 4(%esp)
-+ movl %ebx, (%esp)
-+ call des_encrypt2
-+ addl $12, %esp
-+ movl (%ebx), %edi
-+ movl 4(%ebx), %esi
-+
-+
-+ roll $2, %esi
-+ roll $3, %edi
-+ movl %edi, %eax
-+ xorl %esi, %edi
-+ andl $0xaaaaaaaa, %edi
-+ xorl %edi, %eax
-+ xorl %edi, %esi
-+
-+ roll $23, %eax
-+ movl %eax, %edi
-+ xorl %esi, %eax
-+ andl $0x03fc03fc, %eax
-+ xorl %eax, %edi
-+ xorl %eax, %esi
-+
-+ roll $10, %edi
-+ movl %edi, %eax
-+ xorl %esi, %edi
-+ andl $0x33333333, %edi
-+ xorl %edi, %eax
-+ xorl %edi, %esi
-+
-+ roll $18, %esi
-+ movl %esi, %edi
-+ xorl %eax, %esi
-+ andl $0xfff0000f, %esi
-+ xorl %esi, %edi
-+ xorl %esi, %eax
-+
-+ roll $12, %edi
-+ movl %edi, %esi
-+ xorl %eax, %edi
-+ andl $0xf0f0f0f0, %edi
-+ xorl %edi, %esi
-+ xorl %edi, %eax
-+
-+ rorl $4, %eax
-+ movl %eax, (%ebx)
-+ movl %esi, 4(%ebx)
-+ popl %edi
-+ popl %esi
-+ popl %ebp
-+ popl %ebx
-+ ret
-+.des_encrypt3_end:
-+ .size des_encrypt3 , .des_encrypt3_end-des_encrypt3
-+.ident "desasm.pl"
-+.text
-+ .align 16
-+.globl des_decrypt3
-+ .type des_decrypt3 , @function
-+des_decrypt3:
-+ pushl %ebx
-+ movl 8(%esp), %ebx
-+ pushl %ebp
-+ pushl %esi
-+ pushl %edi
-+
-+
-+ movl (%ebx), %edi
-+ movl 4(%ebx), %esi
-+ subl $12, %esp
-+
-+
-+ roll $4, %edi
-+ movl %edi, %edx
-+ xorl %esi, %edi
-+ andl $0xf0f0f0f0, %edi
-+ xorl %edi, %edx
-+ xorl %edi, %esi
-+
-+ roll $20, %esi
-+ movl %esi, %edi
-+ xorl %edx, %esi
-+ andl $0xfff0000f, %esi
-+ xorl %esi, %edi
-+ xorl %esi, %edx
-+
-+ roll $14, %edi
-+ movl %edi, %esi
-+ xorl %edx, %edi
-+ andl $0x33333333, %edi
-+ xorl %edi, %esi
-+ xorl %edi, %edx
-+
-+ roll $22, %edx
-+ movl %edx, %edi
-+ xorl %esi, %edx
-+ andl $0x03fc03fc, %edx
-+ xorl %edx, %edi
-+ xorl %edx, %esi
-+
-+ roll $9, %edi
-+ movl %edi, %edx
-+ xorl %esi, %edi
-+ andl $0xaaaaaaaa, %edi
-+ xorl %edi, %edx
-+ xorl %edi, %esi
-+
-+ rorl $3, %edx
-+ rorl $2, %esi
-+ movl %esi, 4(%ebx)
-+ movl 36(%esp), %esi
-+ movl %edx, (%ebx)
-+ movl 40(%esp), %edi
-+ movl 44(%esp), %eax
-+ movl $0, 8(%esp)
-+ movl %eax, 4(%esp)
-+ movl %ebx, (%esp)
-+ call des_encrypt2
-+ movl $1, 8(%esp)
-+ movl %edi, 4(%esp)
-+ movl %ebx, (%esp)
-+ call des_encrypt2
-+ movl $0, 8(%esp)
-+ movl %esi, 4(%esp)
-+ movl %ebx, (%esp)
-+ call des_encrypt2
-+ addl $12, %esp
-+ movl (%ebx), %edi
-+ movl 4(%ebx), %esi
-+
-+
-+ roll $2, %esi
-+ roll $3, %edi
-+ movl %edi, %eax
-+ xorl %esi, %edi
-+ andl $0xaaaaaaaa, %edi
-+ xorl %edi, %eax
-+ xorl %edi, %esi
-+
-+ roll $23, %eax
-+ movl %eax, %edi
-+ xorl %esi, %eax
-+ andl $0x03fc03fc, %eax
-+ xorl %eax, %edi
-+ xorl %eax, %esi
-+
-+ roll $10, %edi
-+ movl %edi, %eax
-+ xorl %esi, %edi
-+ andl $0x33333333, %edi
-+ xorl %edi, %eax
-+ xorl %edi, %esi
-+
-+ roll $18, %esi
-+ movl %esi, %edi
-+ xorl %eax, %esi
-+ andl $0xfff0000f, %esi
-+ xorl %esi, %edi
-+ xorl %esi, %eax
-+
-+ roll $12, %edi
-+ movl %edi, %esi
-+ xorl %eax, %edi
-+ andl $0xf0f0f0f0, %edi
-+ xorl %edi, %esi
-+ xorl %edi, %eax
-+
-+ rorl $4, %eax
-+ movl %eax, (%ebx)
-+ movl %esi, 4(%ebx)
-+ popl %edi
-+ popl %esi
-+ popl %ebp
-+ popl %ebx
-+ ret
-+.des_decrypt3_end:
-+ .size des_decrypt3 , .des_decrypt3_end-des_decrypt3
-+.ident "desasm.pl"
-+.text
-+ .align 16
-+.globl des_ncbc_encrypt
-+ .type des_ncbc_encrypt , @function
-+des_ncbc_encrypt:
-+
-+ pushl %ebp
-+ pushl %ebx
-+ pushl %esi
-+ pushl %edi
-+ movl 28(%esp), %ebp
-+
-+ movl 36(%esp), %ebx
-+ movl (%ebx), %esi
-+ movl 4(%ebx), %edi
-+ pushl %edi
-+ pushl %esi
-+ pushl %edi
-+ pushl %esi
-+ movl %esp, %ebx
-+ movl 36(%esp), %esi
-+ movl 40(%esp), %edi
-+
-+ movl 56(%esp), %ecx
-+
-+ pushl %ecx
-+
-+ movl 52(%esp), %eax
-+ pushl %eax
-+ pushl %ebx
-+ cmpl $0, %ecx
-+ jz .L004decrypt
-+ andl $4294967288, %ebp
-+ movl 12(%esp), %eax
-+ movl 16(%esp), %ebx
-+ jz .L005encrypt_finish
-+.L006encrypt_loop:
-+ movl (%esi), %ecx
-+ movl 4(%esi), %edx
-+ xorl %ecx, %eax
-+ xorl %edx, %ebx
-+ movl %eax, 12(%esp)
-+ movl %ebx, 16(%esp)
-+ call des_encrypt
-+ movl 12(%esp), %eax
-+ movl 16(%esp), %ebx
-+ movl %eax, (%edi)
-+ movl %ebx, 4(%edi)
-+ addl $8, %esi
-+ addl $8, %edi
-+ subl $8, %ebp
-+ jnz .L006encrypt_loop
-+.L005encrypt_finish:
-+ movl 56(%esp), %ebp
-+ andl $7, %ebp
-+ jz .L007finish
-+ xorl %ecx, %ecx
-+ xorl %edx, %edx
-+ movl .L008cbc_enc_jmp_table(,%ebp,4),%ebp
-+ jmp *%ebp
-+.L009ej7:
-+ movb 6(%esi), %dh
-+ sall $8, %edx
-+.L010ej6:
-+ movb 5(%esi), %dh
-+.L011ej5:
-+ movb 4(%esi), %dl
-+.L012ej4:
-+ movl (%esi), %ecx
-+ jmp .L013ejend
-+.L014ej3:
-+ movb 2(%esi), %ch
-+ sall $8, %ecx
-+.L015ej2:
-+ movb 1(%esi), %ch
-+.L016ej1:
-+ movb (%esi), %cl
-+.L013ejend:
-+ xorl %ecx, %eax
-+ xorl %edx, %ebx
-+ movl %eax, 12(%esp)
-+ movl %ebx, 16(%esp)
-+ call des_encrypt
-+ movl 12(%esp), %eax
-+ movl 16(%esp), %ebx
-+ movl %eax, (%edi)
-+ movl %ebx, 4(%edi)
-+ jmp .L007finish
-+.align 16
-+.L004decrypt:
-+ andl $4294967288, %ebp
-+ movl 20(%esp), %eax
-+ movl 24(%esp), %ebx
-+ jz .L017decrypt_finish
-+.L018decrypt_loop:
-+ movl (%esi), %eax
-+ movl 4(%esi), %ebx
-+ movl %eax, 12(%esp)
-+ movl %ebx, 16(%esp)
-+ call des_encrypt
-+ movl 12(%esp), %eax
-+ movl 16(%esp), %ebx
-+ movl 20(%esp), %ecx
-+ movl 24(%esp), %edx
-+ xorl %eax, %ecx
-+ xorl %ebx, %edx
-+ movl (%esi), %eax
-+ movl 4(%esi), %ebx
-+ movl %ecx, (%edi)
-+ movl %edx, 4(%edi)
-+ movl %eax, 20(%esp)
-+ movl %ebx, 24(%esp)
-+ addl $8, %esi
-+ addl $8, %edi
-+ subl $8, %ebp
-+ jnz .L018decrypt_loop
-+.L017decrypt_finish:
-+ movl 56(%esp), %ebp
-+ andl $7, %ebp
-+ jz .L007finish
-+ movl (%esi), %eax
-+ movl 4(%esi), %ebx
-+ movl %eax, 12(%esp)
-+ movl %ebx, 16(%esp)
-+ call des_encrypt
-+ movl 12(%esp), %eax
-+ movl 16(%esp), %ebx
-+ movl 20(%esp), %ecx
-+ movl 24(%esp), %edx
-+ xorl %eax, %ecx
-+ xorl %ebx, %edx
-+ movl (%esi), %eax
-+ movl 4(%esi), %ebx
-+.L019dj7:
-+ rorl $16, %edx
-+ movb %dl, 6(%edi)
-+ shrl $16, %edx
-+.L020dj6:
-+ movb %dh, 5(%edi)
-+.L021dj5:
-+ movb %dl, 4(%edi)
-+.L022dj4:
-+ movl %ecx, (%edi)
-+ jmp .L023djend
-+.L024dj3:
-+ rorl $16, %ecx
-+ movb %cl, 2(%edi)
-+ sall $16, %ecx
-+.L025dj2:
-+ movb %ch, 1(%esi)
-+.L026dj1:
-+ movb %cl, (%esi)
-+.L023djend:
-+ jmp .L007finish
-+.align 16
-+.L007finish:
-+ movl 64(%esp), %ecx
-+ addl $28, %esp
-+ movl %eax, (%ecx)
-+ movl %ebx, 4(%ecx)
-+ popl %edi
-+ popl %esi
-+ popl %ebx
-+ popl %ebp
-+ ret
-+.align 16
-+.L008cbc_enc_jmp_table:
-+ .long 0
-+ .long .L016ej1
-+ .long .L015ej2
-+ .long .L014ej3
-+ .long .L012ej4
-+ .long .L011ej5
-+ .long .L010ej6
-+ .long .L009ej7
-+.align 16
-+.L027cbc_dec_jmp_table:
-+ .long 0
-+ .long .L026dj1
-+ .long .L025dj2
-+ .long .L024dj3
-+ .long .L022dj4
-+ .long .L021dj5
-+ .long .L020dj6
-+ .long .L019dj7
-+.des_ncbc_encrypt_end:
-+ .size des_ncbc_encrypt , .des_ncbc_encrypt_end-des_ncbc_encrypt
-+.ident "desasm.pl"
-+.text
-+ .align 16
-+.globl des_ede3_cbc_encrypt
-+ .type des_ede3_cbc_encrypt , @function
-+des_ede3_cbc_encrypt:
-+
-+ pushl %ebp
-+ pushl %ebx
-+ pushl %esi
-+ pushl %edi
-+ movl 28(%esp), %ebp
-+
-+ movl 44(%esp), %ebx
-+ movl (%ebx), %esi
-+ movl 4(%ebx), %edi
-+ pushl %edi
-+ pushl %esi
-+ pushl %edi
-+ pushl %esi
-+ movl %esp, %ebx
-+ movl 36(%esp), %esi
-+ movl 40(%esp), %edi
-+
-+ movl 64(%esp), %ecx
-+
-+ movl 56(%esp), %eax
-+ pushl %eax
-+
-+ movl 56(%esp), %eax
-+ pushl %eax
-+
-+ movl 56(%esp), %eax
-+ pushl %eax
-+ pushl %ebx
-+ cmpl $0, %ecx
-+ jz .L028decrypt
-+ andl $4294967288, %ebp
-+ movl 16(%esp), %eax
-+ movl 20(%esp), %ebx
-+ jz .L029encrypt_finish
-+.L030encrypt_loop:
-+ movl (%esi), %ecx
-+ movl 4(%esi), %edx
-+ xorl %ecx, %eax
-+ xorl %edx, %ebx
-+ movl %eax, 16(%esp)
-+ movl %ebx, 20(%esp)
-+ call des_encrypt3
-+ movl 16(%esp), %eax
-+ movl 20(%esp), %ebx
-+ movl %eax, (%edi)
-+ movl %ebx, 4(%edi)
-+ addl $8, %esi
-+ addl $8, %edi
-+ subl $8, %ebp
-+ jnz .L030encrypt_loop
-+.L029encrypt_finish:
-+ movl 60(%esp), %ebp
-+ andl $7, %ebp
-+ jz .L031finish
-+ xorl %ecx, %ecx
-+ xorl %edx, %edx
-+ movl .L032cbc_enc_jmp_table(,%ebp,4),%ebp
-+ jmp *%ebp
-+.L033ej7:
-+ movb 6(%esi), %dh
-+ sall $8, %edx
-+.L034ej6:
-+ movb 5(%esi), %dh
-+.L035ej5:
-+ movb 4(%esi), %dl
-+.L036ej4:
-+ movl (%esi), %ecx
-+ jmp .L037ejend
-+.L038ej3:
-+ movb 2(%esi), %ch
-+ sall $8, %ecx
-+.L039ej2:
-+ movb 1(%esi), %ch
-+.L040ej1:
-+ movb (%esi), %cl
-+.L037ejend:
-+ xorl %ecx, %eax
-+ xorl %edx, %ebx
-+ movl %eax, 16(%esp)
-+ movl %ebx, 20(%esp)
-+ call des_encrypt3
-+ movl 16(%esp), %eax
-+ movl 20(%esp), %ebx
-+ movl %eax, (%edi)
-+ movl %ebx, 4(%edi)
-+ jmp .L031finish
-+.align 16
-+.L028decrypt:
-+ andl $4294967288, %ebp
-+ movl 24(%esp), %eax
-+ movl 28(%esp), %ebx
-+ jz .L041decrypt_finish
-+.L042decrypt_loop:
-+ movl (%esi), %eax
-+ movl 4(%esi), %ebx
-+ movl %eax, 16(%esp)
-+ movl %ebx, 20(%esp)
-+ call des_decrypt3
-+ movl 16(%esp), %eax
-+ movl 20(%esp), %ebx
-+ movl 24(%esp), %ecx
-+ movl 28(%esp), %edx
-+ xorl %eax, %ecx
-+ xorl %ebx, %edx
-+ movl (%esi), %eax
-+ movl 4(%esi), %ebx
-+ movl %ecx, (%edi)
-+ movl %edx, 4(%edi)
-+ movl %eax, 24(%esp)
-+ movl %ebx, 28(%esp)
-+ addl $8, %esi
-+ addl $8, %edi
-+ subl $8, %ebp
-+ jnz .L042decrypt_loop
-+.L041decrypt_finish:
-+ movl 60(%esp), %ebp
-+ andl $7, %ebp
-+ jz .L031finish
-+ movl (%esi), %eax
-+ movl 4(%esi), %ebx
-+ movl %eax, 16(%esp)
-+ movl %ebx, 20(%esp)
-+ call des_decrypt3
-+ movl 16(%esp), %eax
-+ movl 20(%esp), %ebx
-+ movl 24(%esp), %ecx
-+ movl 28(%esp), %edx
-+ xorl %eax, %ecx
-+ xorl %ebx, %edx
-+ movl (%esi), %eax
-+ movl 4(%esi), %ebx
-+.L043dj7:
-+ rorl $16, %edx
-+ movb %dl, 6(%edi)
-+ shrl $16, %edx
-+.L044dj6:
-+ movb %dh, 5(%edi)
-+.L045dj5:
-+ movb %dl, 4(%edi)
-+.L046dj4:
-+ movl %ecx, (%edi)
-+ jmp .L047djend
-+.L048dj3:
-+ rorl $16, %ecx
-+ movb %cl, 2(%edi)
-+ sall $16, %ecx
-+.L049dj2:
-+ movb %ch, 1(%esi)
-+.L050dj1:
-+ movb %cl, (%esi)
-+.L047djend:
-+ jmp .L031finish
-+.align 16
-+.L031finish:
-+ movl 76(%esp), %ecx
-+ addl $32, %esp
-+ movl %eax, (%ecx)
-+ movl %ebx, 4(%ecx)
-+ popl %edi
-+ popl %esi
-+ popl %ebx
-+ popl %ebp
-+ ret
-+.align 16
-+.L032cbc_enc_jmp_table:
-+ .long 0
-+ .long .L040ej1
-+ .long .L039ej2
-+ .long .L038ej3
-+ .long .L036ej4
-+ .long .L035ej5
-+ .long .L034ej6
-+ .long .L033ej7
-+.align 16
-+.L051cbc_dec_jmp_table:
-+ .long 0
-+ .long .L050dj1
-+ .long .L049dj2
-+ .long .L048dj3
-+ .long .L046dj4
-+ .long .L045dj5
-+ .long .L044dj6
-+ .long .L043dj7
-+.des_ede3_cbc_encrypt_end:
-+ .size des_ede3_cbc_encrypt , .des_ede3_cbc_encrypt_end-des_ede3_cbc_encrypt
-+.ident "desasm.pl"
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/ecb_enc.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,128 @@
-+/* crypto/des/ecb_enc.c */
-+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
-+ * All rights reserved.
-+ *
-+ * This package is an SSL implementation written
-+ * by Eric Young (eay@cryptsoft.com).
-+ * The implementation was written so as to conform with Netscapes SSL.
-+ *
-+ * This library is free for commercial and non-commercial use as long as
-+ * the following conditions are aheared to. The following conditions
-+ * apply to all code found in this distribution, be it the RC4, RSA,
-+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
-+ * included with this distribution is covered by the same copyright terms
-+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
-+ *
-+ * Copyright remains Eric Young's, and as such any Copyright notices in
-+ * the code are not to be removed.
-+ * If this package is used in a product, Eric Young should be given attribution
-+ * as the author of the parts of the library used.
-+ * This can be in the form of a textual message at program startup or
-+ * in documentation (online or textual) provided with the package.
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions
-+ * are met:
-+ * 1. Redistributions of source code must retain the copyright
-+ * notice, this list of conditions and the following disclaimer.
-+ * 2. Redistributions in binary form must reproduce the above copyright
-+ * notice, this list of conditions and the following disclaimer in the
-+ * documentation and/or other materials provided with the distribution.
-+ * 3. All advertising materials mentioning features or use of this software
-+ * must display the following acknowledgement:
-+ * "This product includes cryptographic software written by
-+ * Eric Young (eay@cryptsoft.com)"
-+ * The word 'cryptographic' can be left out if the rouines from the library
-+ * being used are not cryptographic related :-).
-+ * 4. If you include any Windows specific code (or a derivative thereof) from
-+ * the apps directory (application code) you must include an acknowledgement:
-+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
-+ *
-+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-+ * SUCH DAMAGE.
-+ *
-+ * The licence and distribution terms for any publically available version or
-+ * derivative of this code cannot be changed. i.e. this code cannot simply be
-+ * copied and put under another distribution licence
-+ * [including the GNU Public Licence.]
-+ */
-+
-+#include "des/des_locl.h"
-+#include "des/spr.h"
-+
-+char *libdes_version="libdes v 3.24 - 20-Apr-1996 - eay";
-+char *DES_version="DES part of SSLeay 0.8.2b 08-Jan-1998";
-+
-+/* RCSID $Id: ecb_enc.c,v 1.8 2004/08/04 15:57:22 mcr Exp $ */
-+/* This function ifdef'ed out for FreeS/WAN project. */
-+#ifdef notdef
-+char *des_options()
-+ {
-+ static int init=1;
-+ static char buf[32];
-+
-+ if (init)
-+ {
-+ char *ptr,*unroll,*risc,*size;
-+
-+ init=0;
-+#ifdef DES_PTR
-+ ptr="ptr";
-+#else
-+ ptr="idx";
-+#endif
-+#if defined(DES_RISC1) || defined(DES_RISC2)
-+#ifdef DES_RISC1
-+ risc="risc1";
-+#endif
-+#ifdef DES_RISC2
-+ risc="risc2";
-+#endif
-+#else
-+ risc="cisc";
-+#endif
-+#ifdef DES_UNROLL
-+ unroll="16";
-+#else
-+ unroll="4";
-+#endif
-+ if (sizeof(DES_LONG) != sizeof(long))
-+ size="int";
-+ else
-+ size="long";
-+ sprintf(buf,"des(%s,%s,%s,%s)",ptr,risc,unroll,size);
-+ }
-+ return(buf);
-+ }
-+#endif
-+
-+
-+void des_ecb_encrypt(input, output, ks, enc)
-+des_cblock (*input);
-+des_cblock (*output);
-+des_key_schedule ks;
-+int enc;
-+ {
-+ register DES_LONG l;
-+ register unsigned char *in,*out;
-+ DES_LONG ll[2];
-+
-+ in=(unsigned char *)input;
-+ out=(unsigned char *)output;
-+ c2l(in,l); ll[0]=l;
-+ c2l(in,l); ll[1]=l;
-+ des_encrypt(ll,ks,enc);
-+ l=ll[0]; l2c(l,out);
-+ l=ll[1]; l2c(l,out);
-+ l=ll[0]=ll[1]=0;
-+ }
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/ipsec_alg_3des.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,181 @@
-+/*
-+ * ipsec_alg 3DES cipher stubs
-+ *
-+ * Copyright (C) 2005 Michael Richardson <mcr@xelerance.com>
-+ *
-+ * Adapted from ipsec_alg_aes.c by JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar>
-+ *
-+ * ipsec_alg_aes.c,v 1.1.2.1 2003/11/21 18:12:23 jjo Exp
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ */
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+
-+/*
-+ * special case: ipsec core modular with this static algo inside:
-+ * must avoid MODULE magic for this file
-+ */
-+#if defined(CONFIG_KLIPS_MODULE) && defined(CONFIG_KLIPS_ENC_3DES)
-+#undef MODULE
-+#endif
-+
-+#include <linux/module.h>
-+#include <linux/init.h>
-+
-+#include <linux/kernel.h> /* printk() */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/string.h>
-+
-+/* Low freeswan header coupling */
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_alg.h"
-+#include "crypto/des.h"
-+#include "openswan/ipsec_alg_3des.h"
-+
-+#define AES_CONTEXT_T aes_context
-+static int debug_3des=0;
-+static int test_3des=0;
-+static int excl_3des=0;
-+
-+#if defined(CONFIG_KLIPS_ENC_3DES_MODULE)
-+MODULE_AUTHOR("Michael Richardson <mcr@xelerance.com>");
-+#ifdef module_param
-+module_param(debug_3des,int,0600)
-+module_param(test_des,int,0600)
-+module_param(excl_des,int,0600)
-+#else
-+MODULE_PARM(debug_3des, "i");
-+MODULE_PARM(test_des, "i");
-+MODULE_PARM(excl_des, "i");
-+#endif
-+#endif
-+
-+#define ESP_AES_MAC_KEY_SZ 16 /* 128 bit MAC key */
-+#define ESP_AES_MAC_BLK_LEN 16 /* 128 bit block */
-+
-+static int _3des_set_key(struct ipsec_alg_enc *alg,
-+ __u8 * key_e, const __u8 * key,
-+ size_t keysize)
-+{
-+ int ret = 0;
-+ TripleDES_context *ctx = (TripleDES_context*)key_e;
-+
-+ if(keysize != 192/8) {
-+ return EINVAL;
-+ }
-+
-+ des_set_key((des_cblock *)(key + DES_KEY_SZ*0), ctx->s1);
-+ des_set_key((des_cblock *)(key + DES_KEY_SZ*1), ctx->s2);
-+ des_set_key((des_cblock *)(key + DES_KEY_SZ*2), ctx->s3);
-+
-+ if (debug_3des > 0)
-+ printk(KERN_DEBUG "klips_debug:_3des_set_key:"
-+ "ret=%d key_e=%p key=%p keysize=%ld\n",
-+ ret, key_e, key, (unsigned long int) keysize);
-+ return ret;
-+}
-+
-+static int _3des_cbc_encrypt(struct ipsec_alg_enc *alg,
-+ __u8 * key_e,
-+ __u8 * in,
-+ int ilen, const __u8 * iv,
-+ int encrypt)
-+{
-+ TripleDES_context *ctx=(TripleDES_context*)key_e;
-+ des_cblock miv;
-+
-+ memcpy(&miv, iv, sizeof(miv));
-+
-+ if (debug_3des > 0)
-+ printk(KERN_DEBUG "klips_debug:_aes_cbc_encrypt:"
-+ "key_e=%p in=%p ilen=%d iv=%p encrypt=%d\n",
-+ key_e, in, ilen, iv, encrypt);
-+
-+ des_ede3_cbc_encrypt((des_cblock *)in,
-+ (des_cblock *)in,
-+ ilen,
-+ ctx->s1,
-+ ctx->s2,
-+ ctx->s3,
-+ &miv, encrypt);
-+ return 1;
-+}
-+
-+static struct ipsec_alg_enc ipsec_alg_3DES = {
-+ ixt_common: { ixt_version: IPSEC_ALG_VERSION,
-+ ixt_refcnt: ATOMIC_INIT(0),
-+ ixt_name: "3des",
-+ ixt_blocksize: ESP_3DES_CBC_BLK_LEN,
-+ ixt_support: {
-+ ias_exttype: IPSEC_ALG_TYPE_ENCRYPT,
-+ ias_id: ESP_3DES,
-+ ias_keyminbits: ESP_3DES_KEY_SZ*8,
-+ ias_keymaxbits: ESP_3DES_KEY_SZ*8,
-+ },
-+ },
-+#if defined(MODULE_KLIPS_ENC_3DES_MODULE)
-+ ixt_module: THIS_MODULE,
-+#endif
-+ ixt_e_keylen: ESP_3DES_KEY_SZ*8,
-+ ixt_e_ctx_size: sizeof(TripleDES_context),
-+ ixt_e_set_key: _3des_set_key,
-+ ixt_e_cbc_encrypt:_3des_cbc_encrypt,
-+};
-+
-+#if defined(CONFIG_KLIPS_ENC_3DES_MODULE)
-+IPSEC_ALG_MODULE_INIT_MOD( ipsec_3des_init )
-+#else
-+IPSEC_ALG_MODULE_INIT_STATIC( ipsec_3des_init )
-+#endif
-+{
-+ int ret, test_ret;
-+
-+ if (excl_3des) ipsec_alg_3DES.ixt_common.ixt_state |= IPSEC_ALG_ST_EXCL;
-+ ret=register_ipsec_alg_enc(&ipsec_alg_3DES);
-+ printk("ipsec_3des_init(alg_type=%d alg_id=%d name=%s): ret=%d\n",
-+ ipsec_alg_3DES.ixt_common.ixt_support.ias_exttype,
-+ ipsec_alg_3DES.ixt_common.ixt_support.ias_id,
-+ ipsec_alg_3DES.ixt_common.ixt_name,
-+ ret);
-+ if (ret==0 && test_3des) {
-+ test_ret=ipsec_alg_test(
-+ ipsec_alg_3DES.ixt_common.ixt_support.ias_exttype,
-+ ipsec_alg_3DES.ixt_common.ixt_support.ias_id,
-+ test_3des);
-+ printk("ipsec_aes_init(alg_type=%d alg_id=%d): test_ret=%d\n",
-+ ipsec_alg_3DES.ixt_common.ixt_support.ias_exttype,
-+ ipsec_alg_3DES.ixt_common.ixt_support.ias_id,
-+ test_ret);
-+ }
-+ return ret;
-+}
-+
-+#if defined(CONFIG_KLIPS_ENC_3DES_MODULE)
-+IPSEC_ALG_MODULE_EXIT_MOD( ipsec_3des_fini )
-+#else
-+IPSEC_ALG_MODULE_EXIT_STATIC( ipsec_3des_fini )
-+#endif
-+{
-+ unregister_ipsec_alg_enc(&ipsec_alg_3DES);
-+ return;
-+}
-+
-+/* Dual, because 3des code is 4-clause BSD licensed */
-+#ifdef MODULE_LICENSE
-+MODULE_LICENSE("Dual BSD/GPL");
-+#endif
-+
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/des/set_key.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,246 @@
-+/* crypto/des/set_key.c */
-+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
-+ * All rights reserved.
-+ *
-+ * This package is an SSL implementation written
-+ * by Eric Young (eay@cryptsoft.com).
-+ * The implementation was written so as to conform with Netscapes SSL.
-+ *
-+ * This library is free for commercial and non-commercial use as long as
-+ * the following conditions are aheared to. The following conditions
-+ * apply to all code found in this distribution, be it the RC4, RSA,
-+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
-+ * included with this distribution is covered by the same copyright terms
-+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
-+ *
-+ * Copyright remains Eric Young's, and as such any Copyright notices in
-+ * the code are not to be removed.
-+ * If this package is used in a product, Eric Young should be given attribution
-+ * as the author of the parts of the library used.
-+ * This can be in the form of a textual message at program startup or
-+ * in documentation (online or textual) provided with the package.
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions
-+ * are met:
-+ * 1. Redistributions of source code must retain the copyright
-+ * notice, this list of conditions and the following disclaimer.
-+ * 2. Redistributions in binary form must reproduce the above copyright
-+ * notice, this list of conditions and the following disclaimer in the
-+ * documentation and/or other materials provided with the distribution.
-+ * 3. All advertising materials mentioning features or use of this software
-+ * must display the following acknowledgement:
-+ * "This product includes cryptographic software written by
-+ * Eric Young (eay@cryptsoft.com)"
-+ * The word 'cryptographic' can be left out if the rouines from the library
-+ * being used are not cryptographic related :-).
-+ * 4. If you include any Windows specific code (or a derivative thereof) from
-+ * the apps directory (application code) you must include an acknowledgement:
-+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
-+ *
-+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-+ * SUCH DAMAGE.
-+ *
-+ * The licence and distribution terms for any publically available version or
-+ * derivative of this code cannot be changed. i.e. this code cannot simply be
-+ * copied and put under another distribution licence
-+ * [including the GNU Public Licence.]
-+ */
-+
-+/* set_key.c v 1.4 eay 24/9/91
-+ * 1.4 Speed up by 400% :-)
-+ * 1.3 added register declarations.
-+ * 1.2 unrolled make_key_sched a bit more
-+ * 1.1 added norm_expand_bits
-+ * 1.0 First working version
-+ */
-+#include "des/des_locl.h"
-+#include "des/podd.h"
-+#include "des/sk.h"
-+
-+#ifndef NOPROTO
-+static int check_parity(des_cblock (*key));
-+#else
-+static int check_parity();
-+#endif
-+
-+int des_check_key=0;
-+
-+void des_set_odd_parity(key)
-+des_cblock (*key);
-+ {
-+ int i;
-+
-+ for (i=0; i<DES_KEY_SZ; i++)
-+ (*key)[i]=odd_parity[(*key)[i]];
-+ }
-+
-+static int check_parity(key)
-+des_cblock (*key);
-+ {
-+ int i;
-+
-+ for (i=0; i<DES_KEY_SZ; i++)
-+ {
-+ if ((*key)[i] != odd_parity[(*key)[i]])
-+ return(0);
-+ }
-+ return(1);
-+ }
-+
-+/* Weak and semi week keys as take from
-+ * %A D.W. Davies
-+ * %A W.L. Price
-+ * %T Security for Computer Networks
-+ * %I John Wiley & Sons
-+ * %D 1984
-+ * Many thanks to smb@ulysses.att.com (Steven Bellovin) for the reference
-+ * (and actual cblock values).
-+ */
-+#define NUM_WEAK_KEY 16
-+static des_cblock weak_keys[NUM_WEAK_KEY]={
-+ /* weak keys */
-+ {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
-+ {0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE},
-+ {0x1F,0x1F,0x1F,0x1F,0x1F,0x1F,0x1F,0x1F},
-+ {0xE0,0xE0,0xE0,0xE0,0xE0,0xE0,0xE0,0xE0},
-+ /* semi-weak keys */
-+ {0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE},
-+ {0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01},
-+ {0x1F,0xE0,0x1F,0xE0,0x0E,0xF1,0x0E,0xF1},
-+ {0xE0,0x1F,0xE0,0x1F,0xF1,0x0E,0xF1,0x0E},
-+ {0x01,0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1},
-+ {0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1,0x01},
-+ {0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E,0xFE},
-+ {0xFE,0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E},
-+ {0x01,0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E},
-+ {0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E,0x01},
-+ {0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE},
-+ {0xFE,0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1}};
-+
-+int des_is_weak_key(key)
-+des_cblock (*key);
-+ {
-+ int i;
-+
-+ for (i=0; i<NUM_WEAK_KEY; i++)
-+ /* Added == 0 to comparision, I obviously don't run
-+ * this section very often :-(, thanks to
-+ * engineering@MorningStar.Com for the fix
-+ * eay 93/06/29
-+ * Another problem, I was comparing only the first 4
-+ * bytes, 97/03/18 */
-+ if (memcmp(weak_keys[i],key,sizeof(des_cblock)) == 0) return(1);
-+ return(0);
-+ }
-+
-+/* NOW DEFINED IN des_local.h
-+ * See ecb_encrypt.c for a pseudo description of these macros.
-+ * #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
-+ * (b)^=(t),\
-+ * (a)=((a)^((t)<<(n))))
-+ */
-+
-+#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
-+ (a)=(a)^(t)^(t>>(16-(n))))
-+
-+/* return 0 if key parity is odd (correct),
-+ * return -1 if key parity error,
-+ * return -2 if illegal weak key.
-+ */
-+int des_set_key(key, schedule)
-+des_cblock (*key);
-+des_key_schedule schedule;
-+ {
-+ static int shifts2[16]={0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0};
-+ register DES_LONG c,d,t,s,t2;
-+ register unsigned char *in;
-+ register DES_LONG *k;
-+ register int i;
-+
-+ if (des_check_key)
-+ {
-+ if (!check_parity(key))
-+ return(-1);
-+
-+ if (des_is_weak_key(key))
-+ return(-2);
-+ }
-+
-+ k=(DES_LONG *)schedule;
-+ in=(unsigned char *)key;
-+
-+ c2l(in,c);
-+ c2l(in,d);
-+
-+ /* do PC1 in 60 simple operations */
-+/* PERM_OP(d,c,t,4,0x0f0f0f0fL);
-+ HPERM_OP(c,t,-2, 0xcccc0000L);
-+ HPERM_OP(c,t,-1, 0xaaaa0000L);
-+ HPERM_OP(c,t, 8, 0x00ff0000L);
-+ HPERM_OP(c,t,-1, 0xaaaa0000L);
-+ HPERM_OP(d,t,-8, 0xff000000L);
-+ HPERM_OP(d,t, 8, 0x00ff0000L);
-+ HPERM_OP(d,t, 2, 0x33330000L);
-+ d=((d&0x00aa00aaL)<<7L)|((d&0x55005500L)>>7L)|(d&0xaa55aa55L);
-+ d=(d>>8)|((c&0xf0000000L)>>4);
-+ c&=0x0fffffffL; */
-+
-+ /* I now do it in 47 simple operations :-)
-+ * Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
-+ * for the inspiration. :-) */
-+ PERM_OP (d,c,t,4,0x0f0f0f0fL);
-+ HPERM_OP(c,t,-2,0xcccc0000L);
-+ HPERM_OP(d,t,-2,0xcccc0000L);
-+ PERM_OP (d,c,t,1,0x55555555L);
-+ PERM_OP (c,d,t,8,0x00ff00ffL);
-+ PERM_OP (d,c,t,1,0x55555555L);
-+ d= (((d&0x000000ffL)<<16L)| (d&0x0000ff00L) |
-+ ((d&0x00ff0000L)>>16L)|((c&0xf0000000L)>>4L));
-+ c&=0x0fffffffL;
-+
-+ for (i=0; i<ITERATIONS; i++)
-+ {
-+ if (shifts2[i])
-+ { c=((c>>2L)|(c<<26L)); d=((d>>2L)|(d<<26L)); }
-+ else
-+ { c=((c>>1L)|(c<<27L)); d=((d>>1L)|(d<<27L)); }
-+ c&=0x0fffffffL;
-+ d&=0x0fffffffL;
-+ /* could be a few less shifts but I am to lazy at this
-+ * point in time to investigate */
-+ s= des_skb[0][ (c )&0x3f ]|
-+ des_skb[1][((c>> 6)&0x03)|((c>> 7L)&0x3c)]|
-+ des_skb[2][((c>>13)&0x0f)|((c>>14L)&0x30)]|
-+ des_skb[3][((c>>20)&0x01)|((c>>21L)&0x06) |
-+ ((c>>22L)&0x38)];
-+ t= des_skb[4][ (d )&0x3f ]|
-+ des_skb[5][((d>> 7L)&0x03)|((d>> 8L)&0x3c)]|
-+ des_skb[6][ (d>>15L)&0x3f ]|
-+ des_skb[7][((d>>21L)&0x0f)|((d>>22L)&0x30)];
-+
-+ /* table contained 0213 4657 */
-+ t2=((t<<16L)|(s&0x0000ffffL))&0xffffffffL;
-+ *(k++)=ROTATE(t2,30)&0xffffffffL;
-+
-+ t2=((s>>16L)|(t&0xffff0000L));
-+ *(k++)=ROTATE(t2,26)&0xffffffffL;
-+ }
-+ return(0);
-+ }
-+
-+int des_key_sched(key, schedule)
-+des_cblock (*key);
-+des_key_schedule schedule;
-+ {
-+ return(des_set_key(key,schedule));
-+ }
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/goodmask.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,100 @@
-+/*
-+ * minor utilities for subnet-mask manipulation
-+ * Copyright (C) 1998, 1999 Henry Spencer.
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: goodmask.c,v 1.12 2004/07/10 07:43:47 mcr Exp $
-+ */
-+#include "openswan.h"
-+
-+#ifndef ABITS
-+#define ABITS 32 /* bits in an IPv4 address */
-+#endif
-+
-+/*
-+ - goodmask - is this a good (^1*0*$) subnet mask?
-+ * You are not expected to understand this. See Henry S. Warren Jr,
-+ * "Functions realizable with word-parallel logical and two's-complement
-+ * addition instructions", CACM 20.6 (June 1977), p.439.
-+ */
-+int /* predicate */
-+goodmask(mask)
-+struct in_addr mask;
-+{
-+ unsigned long x = ntohl(mask.s_addr);
-+ /* clear rightmost contiguous string of 1-bits */
-+# define CRCS1B(x) (((x|(x-1))+1)&x)
-+# define TOPBIT (1UL << 31)
-+
-+ /* either zero, or has one string of 1-bits which is left-justified */
-+ if (x == 0 || (CRCS1B(x) == 0 && (x&TOPBIT)))
-+ return 1;
-+ return 0;
-+}
-+
-+/*
-+ - masktobits - how many bits in this mask?
-+ * The algorithm is essentially a binary search, but highly optimized
-+ * for this particular task.
-+ */
-+int /* -1 means !goodmask() */
-+masktobits(mask)
-+struct in_addr mask;
-+{
-+ unsigned long m = ntohl(mask.s_addr);
-+ int masklen;
-+
-+ if (!goodmask(mask))
-+ return -1;
-+
-+ if (m&0x00000001UL)
-+ return 32;
-+ masklen = 0;
-+ if (m&(0x0000ffffUL<<1)) { /* <<1 for 1-origin numbering */
-+ masklen |= 0x10;
-+ m <<= 16;
-+ }
-+ if (m&(0x00ff0000UL<<1)) {
-+ masklen |= 0x08;
-+ m <<= 8;
-+ }
-+ if (m&(0x0f000000UL<<1)) {
-+ masklen |= 0x04;
-+ m <<= 4;
-+ }
-+ if (m&(0x30000000UL<<1)) {
-+ masklen |= 0x02;
-+ m <<= 2;
-+ }
-+ if (m&(0x40000000UL<<1))
-+ masklen |= 0x01;
-+
-+ return masklen;
-+}
-+
-+/*
-+ - bitstomask - return a mask with this many high bits on
-+ */
-+struct in_addr
-+bitstomask(n)
-+int n;
-+{
-+ struct in_addr result;
-+
-+ if (n > 0 && n <= ABITS)
-+ result.s_addr = htonl(~((1UL << (ABITS - n)) - 1));
-+ else if (n == 0)
-+ result.s_addr = 0;
-+ else
-+ result.s_addr = 0; /* best error report we can do */
-+ return result;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/infblock.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,403 @@
-+/* infblock.c -- interpret and process block types to last block
-+ * Copyright (C) 1995-2002 Mark Adler
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+#include <zlib/zutil.h>
-+#include "infblock.h"
-+#include "inftrees.h"
-+#include "infcodes.h"
-+#include "infutil.h"
-+
-+struct inflate_codes_state {int dummy;}; /* for buggy compilers */
-+
-+/* simplify the use of the inflate_huft type with some defines */
-+#define exop word.what.Exop
-+#define bits word.what.Bits
-+
-+/* Table for deflate from PKZIP's appnote.txt. */
-+local const uInt border[] = { /* Order of the bit length code lengths */
-+ 16, 17, 18, 0, 8, 7, 9, 6, 10, 5, 11, 4, 12, 3, 13, 2, 14, 1, 15};
-+
-+/*
-+ Notes beyond the 1.93a appnote.txt:
-+
-+ 1. Distance pointers never point before the beginning of the output
-+ stream.
-+ 2. Distance pointers can point back across blocks, up to 32k away.
-+ 3. There is an implied maximum of 7 bits for the bit length table and
-+ 15 bits for the actual data.
-+ 4. If only one code exists, then it is encoded using one bit. (Zero
-+ would be more efficient, but perhaps a little confusing.) If two
-+ codes exist, they are coded using one bit each (0 and 1).
-+ 5. There is no way of sending zero distance codes--a dummy must be
-+ sent if there are none. (History: a pre 2.0 version of PKZIP would
-+ store blocks with no distance codes, but this was discovered to be
-+ too harsh a criterion.) Valid only for 1.93a. 2.04c does allow
-+ zero distance codes, which is sent as one code of zero bits in
-+ length.
-+ 6. There are up to 286 literal/length codes. Code 256 represents the
-+ end-of-block. Note however that the static length tree defines
-+ 288 codes just to fill out the Huffman codes. Codes 286 and 287
-+ cannot be used though, since there is no length base or extra bits
-+ defined for them. Similarily, there are up to 30 distance codes.
-+ However, static trees define 32 codes (all 5 bits) to fill out the
-+ Huffman codes, but the last two had better not show up in the data.
-+ 7. Unzip can check dynamic Huffman blocks for complete code sets.
-+ The exception is that a single code would not be complete (see #4).
-+ 8. The five bits following the block type is really the number of
-+ literal codes sent minus 257.
-+ 9. Length codes 8,16,16 are interpreted as 13 length codes of 8 bits
-+ (1+6+6). Therefore, to output three times the length, you output
-+ three codes (1+1+1), whereas to output four times the same length,
-+ you only need two codes (1+3). Hmm.
-+ 10. In the tree reconstruction algorithm, Code = Code + Increment
-+ only if BitLength(i) is not zero. (Pretty obvious.)
-+ 11. Correction: 4 Bits: # of Bit Length codes - 4 (4 - 19)
-+ 12. Note: length code 284 can represent 227-258, but length code 285
-+ really is 258. The last length deserves its own, short code
-+ since it gets used a lot in very redundant files. The length
-+ 258 is special since 258 - 3 (the min match length) is 255.
-+ 13. The literal/length and distance code bit lengths are read as a
-+ single stream of lengths. It is possible (and advantageous) for
-+ a repeat code (16, 17, or 18) to go across the boundary between
-+ the two sets of lengths.
-+ */
-+
-+
-+void inflate_blocks_reset(s, z, c)
-+inflate_blocks_statef *s;
-+z_streamp z;
-+uLongf *c;
-+{
-+ if (c != Z_NULL)
-+ *c = s->check;
-+ if (s->mode == BTREE || s->mode == DTREE)
-+ ZFREE(z, s->sub.trees.blens);
-+ if (s->mode == CODES)
-+ inflate_codes_free(s->sub.decode.codes, z);
-+ s->mode = TYPE;
-+ s->bitk = 0;
-+ s->bitb = 0;
-+ s->read = s->write = s->window;
-+ if (s->checkfn != Z_NULL)
-+ z->adler = s->check = (*s->checkfn)(0L, (const Bytef *)Z_NULL, 0);
-+ Tracev((stderr, "inflate: blocks reset\n"));
-+}
-+
-+
-+inflate_blocks_statef *inflate_blocks_new(z, c, w)
-+z_streamp z;
-+check_func c;
-+uInt w;
-+{
-+ inflate_blocks_statef *s;
-+
-+ if ((s = (inflate_blocks_statef *)ZALLOC
-+ (z,1,sizeof(struct inflate_blocks_state))) == Z_NULL)
-+ return s;
-+ if ((s->hufts =
-+ (inflate_huft *)ZALLOC(z, sizeof(inflate_huft), MANY)) == Z_NULL)
-+ {
-+ ZFREE(z, s);
-+ return Z_NULL;
-+ }
-+ if ((s->window = (Bytef *)ZALLOC(z, 1, w)) == Z_NULL)
-+ {
-+ ZFREE(z, s->hufts);
-+ ZFREE(z, s);
-+ return Z_NULL;
-+ }
-+ s->end = s->window + w;
-+ s->checkfn = c;
-+ s->mode = TYPE;
-+ Tracev((stderr, "inflate: blocks allocated\n"));
-+ inflate_blocks_reset(s, z, Z_NULL);
-+ return s;
-+}
-+
-+
-+int inflate_blocks(s, z, r)
-+inflate_blocks_statef *s;
-+z_streamp z;
-+int r;
-+{
-+ uInt t; /* temporary storage */
-+ uLong b; /* bit buffer */
-+ uInt k; /* bits in bit buffer */
-+ Bytef *p; /* input data pointer */
-+ uInt n; /* bytes available there */
-+ Bytef *q; /* output window write pointer */
-+ uInt m; /* bytes to end of window or read pointer */
-+
-+ /* copy input/output information to locals (UPDATE macro restores) */
-+ LOAD
-+
-+ /* process input based on current state */
-+ while (1) switch (s->mode)
-+ {
-+ case TYPE:
-+ NEEDBITS(3)
-+ t = (uInt)b & 7;
-+ s->last = t & 1;
-+ switch (t >> 1)
-+ {
-+ case 0: /* stored */
-+ Tracev((stderr, "inflate: stored block%s\n",
-+ s->last ? " (last)" : ""));
-+ DUMPBITS(3)
-+ t = k & 7; /* go to byte boundary */
-+ DUMPBITS(t)
-+ s->mode = LENS; /* get length of stored block */
-+ break;
-+ case 1: /* fixed */
-+ Tracev((stderr, "inflate: fixed codes block%s\n",
-+ s->last ? " (last)" : ""));
-+ {
-+ uInt bl, bd;
-+ inflate_huft *tl, *td;
-+
-+ inflate_trees_fixed(&bl, &bd, &tl, &td, z);
-+ s->sub.decode.codes = inflate_codes_new(bl, bd, tl, td, z);
-+ if (s->sub.decode.codes == Z_NULL)
-+ {
-+ r = Z_MEM_ERROR;
-+ LEAVE
-+ }
-+ }
-+ DUMPBITS(3)
-+ s->mode = CODES;
-+ break;
-+ case 2: /* dynamic */
-+ Tracev((stderr, "inflate: dynamic codes block%s\n",
-+ s->last ? " (last)" : ""));
-+ DUMPBITS(3)
-+ s->mode = TABLE;
-+ break;
-+ case 3: /* illegal */
-+ DUMPBITS(3)
-+ s->mode = BAD;
-+ z->msg = (char*)"invalid block type";
-+ r = Z_DATA_ERROR;
-+ LEAVE
-+ }
-+ break;
-+ case LENS:
-+ NEEDBITS(32)
-+ if ((((~b) >> 16) & 0xffff) != (b & 0xffff))
-+ {
-+ s->mode = BAD;
-+ z->msg = (char*)"invalid stored block lengths";
-+ r = Z_DATA_ERROR;
-+ LEAVE
-+ }
-+ s->sub.left = (uInt)b & 0xffff;
-+ b = k = 0; /* dump bits */
-+ Tracev((stderr, "inflate: stored length %u\n", s->sub.left));
-+ s->mode = s->sub.left ? STORED : (s->last ? DRY : TYPE);
-+ break;
-+ case STORED:
-+ if (n == 0)
-+ LEAVE
-+ NEEDOUT
-+ t = s->sub.left;
-+ if (t > n) t = n;
-+ if (t > m) t = m;
-+ zmemcpy(q, p, t);
-+ p += t; n -= t;
-+ q += t; m -= t;
-+ if ((s->sub.left -= t) != 0)
-+ break;
-+ Tracev((stderr, "inflate: stored end, %lu total out\n",
-+ z->total_out + (q >= s->read ? q - s->read :
-+ (s->end - s->read) + (q - s->window))));
-+ s->mode = s->last ? DRY : TYPE;
-+ break;
-+ case TABLE:
-+ NEEDBITS(14)
-+ s->sub.trees.table = t = (uInt)b & 0x3fff;
-+#ifndef PKZIP_BUG_WORKAROUND
-+ if ((t & 0x1f) > 29 || ((t >> 5) & 0x1f) > 29)
-+ {
-+ s->mode = BAD;
-+ z->msg = (char*)"too many length or distance symbols";
-+ r = Z_DATA_ERROR;
-+ LEAVE
-+ }
-+#endif
-+ t = 258 + (t & 0x1f) + ((t >> 5) & 0x1f);
-+ if ((s->sub.trees.blens = (uIntf*)ZALLOC(z, t, sizeof(uInt))) == Z_NULL)
-+ {
-+ r = Z_MEM_ERROR;
-+ LEAVE
-+ }
-+ DUMPBITS(14)
-+ s->sub.trees.index = 0;
-+ Tracev((stderr, "inflate: table sizes ok\n"));
-+ s->mode = BTREE;
-+ case BTREE:
-+ while (s->sub.trees.index < 4 + (s->sub.trees.table >> 10))
-+ {
-+ NEEDBITS(3)
-+ s->sub.trees.blens[border[s->sub.trees.index++]] = (uInt)b & 7;
-+ DUMPBITS(3)
-+ }
-+ while (s->sub.trees.index < 19)
-+ s->sub.trees.blens[border[s->sub.trees.index++]] = 0;
-+ s->sub.trees.bb = 7;
-+ t = inflate_trees_bits(s->sub.trees.blens, &s->sub.trees.bb,
-+ &s->sub.trees.tb, s->hufts, z);
-+ if (t != Z_OK)
-+ {
-+ r = t;
-+ if (r == Z_DATA_ERROR)
-+ {
-+ ZFREE(z, s->sub.trees.blens);
-+ s->mode = BAD;
-+ }
-+ LEAVE
-+ }
-+ s->sub.trees.index = 0;
-+ Tracev((stderr, "inflate: bits tree ok\n"));
-+ s->mode = DTREE;
-+ case DTREE:
-+ while (t = s->sub.trees.table,
-+ s->sub.trees.index < 258 + (t & 0x1f) + ((t >> 5) & 0x1f))
-+ {
-+ inflate_huft *h;
-+ uInt i, j, c;
-+
-+ t = s->sub.trees.bb;
-+ NEEDBITS(t)
-+ h = s->sub.trees.tb + ((uInt)b & inflate_mask[t]);
-+ t = h->bits;
-+ c = h->base;
-+ if (c < 16)
-+ {
-+ DUMPBITS(t)
-+ s->sub.trees.blens[s->sub.trees.index++] = c;
-+ }
-+ else /* c == 16..18 */
-+ {
-+ i = c == 18 ? 7 : c - 14;
-+ j = c == 18 ? 11 : 3;
-+ NEEDBITS(t + i)
-+ DUMPBITS(t)
-+ j += (uInt)b & inflate_mask[i];
-+ DUMPBITS(i)
-+ i = s->sub.trees.index;
-+ t = s->sub.trees.table;
-+ if (i + j > 258 + (t & 0x1f) + ((t >> 5) & 0x1f) ||
-+ (c == 16 && i < 1))
-+ {
-+ ZFREE(z, s->sub.trees.blens);
-+ s->mode = BAD;
-+ z->msg = (char*)"invalid bit length repeat";
-+ r = Z_DATA_ERROR;
-+ LEAVE
-+ }
-+ c = c == 16 ? s->sub.trees.blens[i - 1] : 0;
-+ do {
-+ s->sub.trees.blens[i++] = c;
-+ } while (--j);
-+ s->sub.trees.index = i;
-+ }
-+ }
-+ s->sub.trees.tb = Z_NULL;
-+ {
-+ uInt bl, bd;
-+ inflate_huft *tl, *td;
-+ inflate_codes_statef *c;
-+
-+ bl = 9; /* must be <= 9 for lookahead assumptions */
-+ bd = 6; /* must be <= 9 for lookahead assumptions */
-+ t = s->sub.trees.table;
-+ t = inflate_trees_dynamic(257 + (t & 0x1f), 1 + ((t >> 5) & 0x1f),
-+ s->sub.trees.blens, &bl, &bd, &tl, &td,
-+ s->hufts, z);
-+ if (t != Z_OK)
-+ {
-+ if (t == (uInt)Z_DATA_ERROR)
-+ {
-+ ZFREE(z, s->sub.trees.blens);
-+ s->mode = BAD;
-+ }
-+ r = t;
-+ LEAVE
-+ }
-+ Tracev((stderr, "inflate: trees ok\n"));
-+ if ((c = inflate_codes_new(bl, bd, tl, td, z)) == Z_NULL)
-+ {
-+ r = Z_MEM_ERROR;
-+ LEAVE
-+ }
-+ s->sub.decode.codes = c;
-+ }
-+ ZFREE(z, s->sub.trees.blens);
-+ s->mode = CODES;
-+ case CODES:
-+ UPDATE
-+ if ((r = inflate_codes(s, z, r)) != Z_STREAM_END)
-+ return inflate_flush(s, z, r);
-+ r = Z_OK;
-+ inflate_codes_free(s->sub.decode.codes, z);
-+ LOAD
-+ Tracev((stderr, "inflate: codes end, %lu total out\n",
-+ z->total_out + (q >= s->read ? q - s->read :
-+ (s->end - s->read) + (q - s->window))));
-+ if (!s->last)
-+ {
-+ s->mode = TYPE;
-+ break;
-+ }
-+ s->mode = DRY;
-+ case DRY:
-+ FLUSH
-+ if (s->read != s->write)
-+ LEAVE
-+ s->mode = DONE;
-+ case DONE:
-+ r = Z_STREAM_END;
-+ LEAVE
-+ case BAD:
-+ r = Z_DATA_ERROR;
-+ LEAVE
-+ default:
-+ r = Z_STREAM_ERROR;
-+ LEAVE
-+ }
-+}
-+
-+
-+int inflate_blocks_free(s, z)
-+inflate_blocks_statef *s;
-+z_streamp z;
-+{
-+ inflate_blocks_reset(s, z, Z_NULL);
-+ ZFREE(z, s->window);
-+ ZFREE(z, s->hufts);
-+ ZFREE(z, s);
-+ Tracev((stderr, "inflate: blocks freed\n"));
-+ return Z_OK;
-+}
-+
-+
-+void inflate_set_dictionary(s, d, n)
-+inflate_blocks_statef *s;
-+const Bytef *d;
-+uInt n;
-+{
-+ zmemcpy(s->window, d, n);
-+ s->read = s->write = s->window + n;
-+}
-+
-+
-+/* Returns true if inflate is currently at the end of a block generated
-+ * by Z_SYNC_FLUSH or Z_FULL_FLUSH.
-+ * IN assertion: s != Z_NULL
-+ */
-+int inflate_blocks_sync_point(s)
-+inflate_blocks_statef *s;
-+{
-+ return s->mode == LENS;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/infblock.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,39 @@
-+/* infblock.h -- header to use infblock.c
-+ * Copyright (C) 1995-2002 Mark Adler
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+/* WARNING: this file should *not* be used by applications. It is
-+ part of the implementation of the compression library and is
-+ subject to change. Applications should only use zlib.h.
-+ */
-+
-+struct inflate_blocks_state;
-+typedef struct inflate_blocks_state FAR inflate_blocks_statef;
-+
-+extern inflate_blocks_statef * inflate_blocks_new OF((
-+ z_streamp z,
-+ check_func c, /* check function */
-+ uInt w)); /* window size */
-+
-+extern int inflate_blocks OF((
-+ inflate_blocks_statef *,
-+ z_streamp ,
-+ int)); /* initial return code */
-+
-+extern void inflate_blocks_reset OF((
-+ inflate_blocks_statef *,
-+ z_streamp ,
-+ uLongf *)); /* check value on output */
-+
-+extern int inflate_blocks_free OF((
-+ inflate_blocks_statef *,
-+ z_streamp));
-+
-+extern void inflate_set_dictionary OF((
-+ inflate_blocks_statef *s,
-+ const Bytef *d, /* dictionary */
-+ uInt n)); /* dictionary length */
-+
-+extern int inflate_blocks_sync_point OF((
-+ inflate_blocks_statef *s));
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/infcodes.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,251 @@
-+/* infcodes.c -- process literals and length/distance pairs
-+ * Copyright (C) 1995-2002 Mark Adler
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+#include <zlib/zutil.h>
-+#include "inftrees.h"
-+#include "infblock.h"
-+#include "infcodes.h"
-+#include "infutil.h"
-+#include "inffast.h"
-+
-+/* simplify the use of the inflate_huft type with some defines */
-+#define exop word.what.Exop
-+#define bits word.what.Bits
-+
-+typedef enum { /* waiting for "i:"=input, "o:"=output, "x:"=nothing */
-+ START, /* x: set up for LEN */
-+ LEN, /* i: get length/literal/eob next */
-+ LENEXT, /* i: getting length extra (have base) */
-+ DIST, /* i: get distance next */
-+ DISTEXT, /* i: getting distance extra */
-+ COPY, /* o: copying bytes in window, waiting for space */
-+ LIT, /* o: got literal, waiting for output space */
-+ WASH, /* o: got eob, possibly still output waiting */
-+ END, /* x: got eob and all data flushed */
-+ BADCODE} /* x: got error */
-+inflate_codes_mode;
-+
-+/* inflate codes private state */
-+struct inflate_codes_state {
-+
-+ /* mode */
-+ inflate_codes_mode mode; /* current inflate_codes mode */
-+
-+ /* mode dependent information */
-+ uInt len;
-+ union {
-+ struct {
-+ inflate_huft *tree; /* pointer into tree */
-+ uInt need; /* bits needed */
-+ } code; /* if LEN or DIST, where in tree */
-+ uInt lit; /* if LIT, literal */
-+ struct {
-+ uInt get; /* bits to get for extra */
-+ uInt dist; /* distance back to copy from */
-+ } copy; /* if EXT or COPY, where and how much */
-+ } sub; /* submode */
-+
-+ /* mode independent information */
-+ Byte lbits; /* ltree bits decoded per branch */
-+ Byte dbits; /* dtree bits decoder per branch */
-+ inflate_huft *ltree; /* literal/length/eob tree */
-+ inflate_huft *dtree; /* distance tree */
-+
-+};
-+
-+
-+inflate_codes_statef *inflate_codes_new(bl, bd, tl, td, z)
-+uInt bl, bd;
-+inflate_huft *tl;
-+inflate_huft *td; /* need separate declaration for Borland C++ */
-+z_streamp z;
-+{
-+ inflate_codes_statef *c;
-+
-+ if ((c = (inflate_codes_statef *)
-+ ZALLOC(z,1,sizeof(struct inflate_codes_state))) != Z_NULL)
-+ {
-+ c->mode = START;
-+ c->lbits = (Byte)bl;
-+ c->dbits = (Byte)bd;
-+ c->ltree = tl;
-+ c->dtree = td;
-+ Tracev((stderr, "inflate: codes new\n"));
-+ }
-+ return c;
-+}
-+
-+
-+int inflate_codes(s, z, r)
-+inflate_blocks_statef *s;
-+z_streamp z;
-+int r;
-+{
-+ uInt j; /* temporary storage */
-+ inflate_huft *t; /* temporary pointer */
-+ uInt e; /* extra bits or operation */
-+ uLong b; /* bit buffer */
-+ uInt k; /* bits in bit buffer */
-+ Bytef *p; /* input data pointer */
-+ uInt n; /* bytes available there */
-+ Bytef *q; /* output window write pointer */
-+ uInt m; /* bytes to end of window or read pointer */
-+ Bytef *f; /* pointer to copy strings from */
-+ inflate_codes_statef *c = s->sub.decode.codes; /* codes state */
-+
-+ /* copy input/output information to locals (UPDATE macro restores) */
-+ LOAD
-+
-+ /* process input and output based on current state */
-+ while (1) switch (c->mode)
-+ { /* waiting for "i:"=input, "o:"=output, "x:"=nothing */
-+ case START: /* x: set up for LEN */
-+#ifndef SLOW
-+ if (m >= 258 && n >= 10)
-+ {
-+ UPDATE
-+ r = inflate_fast(c->lbits, c->dbits, c->ltree, c->dtree, s, z);
-+ LOAD
-+ if (r != Z_OK)
-+ {
-+ c->mode = r == Z_STREAM_END ? WASH : BADCODE;
-+ break;
-+ }
-+ }
-+#endif /* !SLOW */
-+ c->sub.code.need = c->lbits;
-+ c->sub.code.tree = c->ltree;
-+ c->mode = LEN;
-+ case LEN: /* i: get length/literal/eob next */
-+ j = c->sub.code.need;
-+ NEEDBITS(j)
-+ t = c->sub.code.tree + ((uInt)b & inflate_mask[j]);
-+ DUMPBITS(t->bits)
-+ e = (uInt)(t->exop);
-+ if (e == 0) /* literal */
-+ {
-+ c->sub.lit = t->base;
-+ Tracevv((stderr, t->base >= 0x20 && t->base < 0x7f ?
-+ "inflate: literal '%c'\n" :
-+ "inflate: literal 0x%02x\n", t->base));
-+ c->mode = LIT;
-+ break;
-+ }
-+ if (e & 16) /* length */
-+ {
-+ c->sub.copy.get = e & 15;
-+ c->len = t->base;
-+ c->mode = LENEXT;
-+ break;
-+ }
-+ if ((e & 64) == 0) /* next table */
-+ {
-+ c->sub.code.need = e;
-+ c->sub.code.tree = t + t->base;
-+ break;
-+ }
-+ if (e & 32) /* end of block */
-+ {
-+ Tracevv((stderr, "inflate: end of block\n"));
-+ c->mode = WASH;
-+ break;
-+ }
-+ c->mode = BADCODE; /* invalid code */
-+ z->msg = (char*)"invalid literal/length code";
-+ r = Z_DATA_ERROR;
-+ LEAVE
-+ case LENEXT: /* i: getting length extra (have base) */
-+ j = c->sub.copy.get;
-+ NEEDBITS(j)
-+ c->len += (uInt)b & inflate_mask[j];
-+ DUMPBITS(j)
-+ c->sub.code.need = c->dbits;
-+ c->sub.code.tree = c->dtree;
-+ Tracevv((stderr, "inflate: length %u\n", c->len));
-+ c->mode = DIST;
-+ case DIST: /* i: get distance next */
-+ j = c->sub.code.need;
-+ NEEDBITS(j)
-+ t = c->sub.code.tree + ((uInt)b & inflate_mask[j]);
-+ DUMPBITS(t->bits)
-+ e = (uInt)(t->exop);
-+ if (e & 16) /* distance */
-+ {
-+ c->sub.copy.get = e & 15;
-+ c->sub.copy.dist = t->base;
-+ c->mode = DISTEXT;
-+ break;
-+ }
-+ if ((e & 64) == 0) /* next table */
-+ {
-+ c->sub.code.need = e;
-+ c->sub.code.tree = t + t->base;
-+ break;
-+ }
-+ c->mode = BADCODE; /* invalid code */
-+ z->msg = (char*)"invalid distance code";
-+ r = Z_DATA_ERROR;
-+ LEAVE
-+ case DISTEXT: /* i: getting distance extra */
-+ j = c->sub.copy.get;
-+ NEEDBITS(j)
-+ c->sub.copy.dist += (uInt)b & inflate_mask[j];
-+ DUMPBITS(j)
-+ Tracevv((stderr, "inflate: distance %u\n", c->sub.copy.dist));
-+ c->mode = COPY;
-+ case COPY: /* o: copying bytes in window, waiting for space */
-+ f = q - c->sub.copy.dist;
-+ while (f < s->window) /* modulo window size-"while" instead */
-+ f += s->end - s->window; /* of "if" handles invalid distances */
-+ while (c->len)
-+ {
-+ NEEDOUT
-+ OUTBYTE(*f++)
-+ if (f == s->end)
-+ f = s->window;
-+ c->len--;
-+ }
-+ c->mode = START;
-+ break;
-+ case LIT: /* o: got literal, waiting for output space */
-+ NEEDOUT
-+ OUTBYTE(c->sub.lit)
-+ c->mode = START;
-+ break;
-+ case WASH: /* o: got eob, possibly more output */
-+ if (k > 7) /* return unused byte, if any */
-+ {
-+ Assert(k < 16, "inflate_codes grabbed too many bytes")
-+ k -= 8;
-+ n++;
-+ p--; /* can always return one */
-+ }
-+ FLUSH
-+ if (s->read != s->write)
-+ LEAVE
-+ c->mode = END;
-+ case END:
-+ r = Z_STREAM_END;
-+ LEAVE
-+ case BADCODE: /* x: got error */
-+ r = Z_DATA_ERROR;
-+ LEAVE
-+ default:
-+ r = Z_STREAM_ERROR;
-+ LEAVE
-+ }
-+#ifdef NEED_DUMMY_RETURN
-+ return Z_STREAM_ERROR; /* Some dumb compilers complain without this */
-+#endif
-+}
-+
-+
-+void inflate_codes_free(c, z)
-+inflate_codes_statef *c;
-+z_streamp z;
-+{
-+ ZFREE(z, c);
-+ Tracev((stderr, "inflate: codes free\n"));
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/infcodes.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,31 @@
-+/* infcodes.h -- header to use infcodes.c
-+ * Copyright (C) 1995-2002 Mark Adler
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+/* WARNING: this file should *not* be used by applications. It is
-+ part of the implementation of the compression library and is
-+ subject to change. Applications should only use zlib.h.
-+ */
-+
-+#ifndef _INFCODES_H
-+#define _INFCODES_H
-+
-+struct inflate_codes_state;
-+typedef struct inflate_codes_state FAR inflate_codes_statef;
-+
-+extern inflate_codes_statef *inflate_codes_new OF((
-+ uInt, uInt,
-+ inflate_huft *, inflate_huft *,
-+ z_streamp ));
-+
-+extern int inflate_codes OF((
-+ inflate_blocks_statef *,
-+ z_streamp ,
-+ int));
-+
-+extern void inflate_codes_free OF((
-+ inflate_codes_statef *,
-+ z_streamp ));
-+
-+#endif /* _INFCODES_H */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/inffast.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,183 @@
-+/* inffast.c -- process literals and length/distance pairs fast
-+ * Copyright (C) 1995-2002 Mark Adler
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+#include <zlib/zutil.h>
-+#include "inftrees.h"
-+#include "infblock.h"
-+#include "infcodes.h"
-+#include "infutil.h"
-+#include "inffast.h"
-+
-+struct inflate_codes_state {int dummy;}; /* for buggy compilers */
-+
-+/* simplify the use of the inflate_huft type with some defines */
-+#define exop word.what.Exop
-+#define bits word.what.Bits
-+
-+/* macros for bit input with no checking and for returning unused bytes */
-+#define GRABBITS(j) {while(k<(j)){b|=((uLong)NEXTBYTE)<<k;k+=8;}}
-+#define UNGRAB {c=z->avail_in-n;c=(k>>3)<c?k>>3:c;n+=c;p-=c;k-=c<<3;}
-+
-+/* Called with number of bytes left to write in window at least 258
-+ (the maximum string length) and number of input bytes available
-+ at least ten. The ten bytes are six bytes for the longest length/
-+ distance pair plus four bytes for overloading the bit buffer. */
-+
-+int inflate_fast(bl, bd, tl, td, s, z)
-+uInt bl, bd;
-+inflate_huft *tl;
-+inflate_huft *td; /* need separate declaration for Borland C++ */
-+inflate_blocks_statef *s;
-+z_streamp z;
-+{
-+ inflate_huft *t; /* temporary pointer */
-+ uInt e; /* extra bits or operation */
-+ uLong b; /* bit buffer */
-+ uInt k; /* bits in bit buffer */
-+ Bytef *p; /* input data pointer */
-+ uInt n; /* bytes available there */
-+ Bytef *q; /* output window write pointer */
-+ uInt m; /* bytes to end of window or read pointer */
-+ uInt ml; /* mask for literal/length tree */
-+ uInt md; /* mask for distance tree */
-+ uInt c; /* bytes to copy */
-+ uInt d; /* distance back to copy from */
-+ Bytef *r; /* copy source pointer */
-+
-+ /* load input, output, bit values */
-+ LOAD
-+
-+ /* initialize masks */
-+ ml = inflate_mask[bl];
-+ md = inflate_mask[bd];
-+
-+ /* do until not enough input or output space for fast loop */
-+ do { /* assume called with m >= 258 && n >= 10 */
-+ /* get literal/length code */
-+ GRABBITS(20) /* max bits for literal/length code */
-+ if ((e = (t = tl + ((uInt)b & ml))->exop) == 0)
-+ {
-+ DUMPBITS(t->bits)
-+ Tracevv((stderr, t->base >= 0x20 && t->base < 0x7f ?
-+ "inflate: * literal '%c'\n" :
-+ "inflate: * literal 0x%02x\n", t->base));
-+ *q++ = (Byte)t->base;
-+ m--;
-+ continue;
-+ }
-+ do {
-+ DUMPBITS(t->bits)
-+ if (e & 16)
-+ {
-+ /* get extra bits for length */
-+ e &= 15;
-+ c = t->base + ((uInt)b & inflate_mask[e]);
-+ DUMPBITS(e)
-+ Tracevv((stderr, "inflate: * length %u\n", c));
-+
-+ /* decode distance base of block to copy */
-+ GRABBITS(15); /* max bits for distance code */
-+ e = (t = td + ((uInt)b & md))->exop;
-+ do {
-+ DUMPBITS(t->bits)
-+ if (e & 16)
-+ {
-+ /* get extra bits to add to distance base */
-+ e &= 15;
-+ GRABBITS(e) /* get extra bits (up to 13) */
-+ d = t->base + ((uInt)b & inflate_mask[e]);
-+ DUMPBITS(e)
-+ Tracevv((stderr, "inflate: * distance %u\n", d));
-+
-+ /* do the copy */
-+ m -= c;
-+ r = q - d;
-+ if (r < s->window) /* wrap if needed */
-+ {
-+ do {
-+ r += s->end - s->window; /* force pointer in window */
-+ } while (r < s->window); /* covers invalid distances */
-+ e = s->end - r;
-+ if (c > e)
-+ {
-+ c -= e; /* wrapped copy */
-+ do {
-+ *q++ = *r++;
-+ } while (--e);
-+ r = s->window;
-+ do {
-+ *q++ = *r++;
-+ } while (--c);
-+ }
-+ else /* normal copy */
-+ {
-+ *q++ = *r++; c--;
-+ *q++ = *r++; c--;
-+ do {
-+ *q++ = *r++;
-+ } while (--c);
-+ }
-+ }
-+ else /* normal copy */
-+ {
-+ *q++ = *r++; c--;
-+ *q++ = *r++; c--;
-+ do {
-+ *q++ = *r++;
-+ } while (--c);
-+ }
-+ break;
-+ }
-+ else if ((e & 64) == 0)
-+ {
-+ t += t->base;
-+ e = (t += ((uInt)b & inflate_mask[e]))->exop;
-+ }
-+ else
-+ {
-+ z->msg = (char*)"invalid distance code";
-+ UNGRAB
-+ UPDATE
-+ return Z_DATA_ERROR;
-+ }
-+ } while (1);
-+ break;
-+ }
-+ if ((e & 64) == 0)
-+ {
-+ t += t->base;
-+ if ((e = (t += ((uInt)b & inflate_mask[e]))->exop) == 0)
-+ {
-+ DUMPBITS(t->bits)
-+ Tracevv((stderr, t->base >= 0x20 && t->base < 0x7f ?
-+ "inflate: * literal '%c'\n" :
-+ "inflate: * literal 0x%02x\n", t->base));
-+ *q++ = (Byte)t->base;
-+ m--;
-+ break;
-+ }
-+ }
-+ else if (e & 32)
-+ {
-+ Tracevv((stderr, "inflate: * end of block\n"));
-+ UNGRAB
-+ UPDATE
-+ return Z_STREAM_END;
-+ }
-+ else
-+ {
-+ z->msg = (char*)"invalid literal/length code";
-+ UNGRAB
-+ UPDATE
-+ return Z_DATA_ERROR;
-+ }
-+ } while (1);
-+ } while (m >= 258 && n >= 10);
-+
-+ /* not enough input or output--restore pointers and return */
-+ UNGRAB
-+ UPDATE
-+ return Z_OK;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/inffast.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,22 @@
-+/* inffast.h -- header to use inffast.c
-+ * Copyright (C) 1995-2002 Mark Adler
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+/* WARNING: this file should *not* be used by applications. It is
-+ part of the implementation of the compression library and is
-+ subject to change. Applications should only use zlib.h.
-+ */
-+
-+#ifndef _INFFAST_H
-+#define _INFFAST_H
-+
-+extern int inflate_fast OF((
-+ uInt,
-+ uInt,
-+ inflate_huft *,
-+ inflate_huft *,
-+ inflate_blocks_statef *,
-+ z_streamp ));
-+
-+#endif /* _INFFAST_H */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/inffixed.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,151 @@
-+/* inffixed.h -- table for decoding fixed codes
-+ * Generated automatically by the maketree.c program
-+ */
-+
-+/* WARNING: this file should *not* be used by applications. It is
-+ part of the implementation of the compression library and is
-+ subject to change. Applications should only use zlib.h.
-+ */
-+
-+local uInt fixed_bl = 9;
-+local uInt fixed_bd = 5;
-+local inflate_huft fixed_tl[] = {
-+ {{{96,7}},256}, {{{0,8}},80}, {{{0,8}},16}, {{{84,8}},115},
-+ {{{82,7}},31}, {{{0,8}},112}, {{{0,8}},48}, {{{0,9}},192},
-+ {{{80,7}},10}, {{{0,8}},96}, {{{0,8}},32}, {{{0,9}},160},
-+ {{{0,8}},0}, {{{0,8}},128}, {{{0,8}},64}, {{{0,9}},224},
-+ {{{80,7}},6}, {{{0,8}},88}, {{{0,8}},24}, {{{0,9}},144},
-+ {{{83,7}},59}, {{{0,8}},120}, {{{0,8}},56}, {{{0,9}},208},
-+ {{{81,7}},17}, {{{0,8}},104}, {{{0,8}},40}, {{{0,9}},176},
-+ {{{0,8}},8}, {{{0,8}},136}, {{{0,8}},72}, {{{0,9}},240},
-+ {{{80,7}},4}, {{{0,8}},84}, {{{0,8}},20}, {{{85,8}},227},
-+ {{{83,7}},43}, {{{0,8}},116}, {{{0,8}},52}, {{{0,9}},200},
-+ {{{81,7}},13}, {{{0,8}},100}, {{{0,8}},36}, {{{0,9}},168},
-+ {{{0,8}},4}, {{{0,8}},132}, {{{0,8}},68}, {{{0,9}},232},
-+ {{{80,7}},8}, {{{0,8}},92}, {{{0,8}},28}, {{{0,9}},152},
-+ {{{84,7}},83}, {{{0,8}},124}, {{{0,8}},60}, {{{0,9}},216},
-+ {{{82,7}},23}, {{{0,8}},108}, {{{0,8}},44}, {{{0,9}},184},
-+ {{{0,8}},12}, {{{0,8}},140}, {{{0,8}},76}, {{{0,9}},248},
-+ {{{80,7}},3}, {{{0,8}},82}, {{{0,8}},18}, {{{85,8}},163},
-+ {{{83,7}},35}, {{{0,8}},114}, {{{0,8}},50}, {{{0,9}},196},
-+ {{{81,7}},11}, {{{0,8}},98}, {{{0,8}},34}, {{{0,9}},164},
-+ {{{0,8}},2}, {{{0,8}},130}, {{{0,8}},66}, {{{0,9}},228},
-+ {{{80,7}},7}, {{{0,8}},90}, {{{0,8}},26}, {{{0,9}},148},
-+ {{{84,7}},67}, {{{0,8}},122}, {{{0,8}},58}, {{{0,9}},212},
-+ {{{82,7}},19}, {{{0,8}},106}, {{{0,8}},42}, {{{0,9}},180},
-+ {{{0,8}},10}, {{{0,8}},138}, {{{0,8}},74}, {{{0,9}},244},
-+ {{{80,7}},5}, {{{0,8}},86}, {{{0,8}},22}, {{{192,8}},0},
-+ {{{83,7}},51}, {{{0,8}},118}, {{{0,8}},54}, {{{0,9}},204},
-+ {{{81,7}},15}, {{{0,8}},102}, {{{0,8}},38}, {{{0,9}},172},
-+ {{{0,8}},6}, {{{0,8}},134}, {{{0,8}},70}, {{{0,9}},236},
-+ {{{80,7}},9}, {{{0,8}},94}, {{{0,8}},30}, {{{0,9}},156},
-+ {{{84,7}},99}, {{{0,8}},126}, {{{0,8}},62}, {{{0,9}},220},
-+ {{{82,7}},27}, {{{0,8}},110}, {{{0,8}},46}, {{{0,9}},188},
-+ {{{0,8}},14}, {{{0,8}},142}, {{{0,8}},78}, {{{0,9}},252},
-+ {{{96,7}},256}, {{{0,8}},81}, {{{0,8}},17}, {{{85,8}},131},
-+ {{{82,7}},31}, {{{0,8}},113}, {{{0,8}},49}, {{{0,9}},194},
-+ {{{80,7}},10}, {{{0,8}},97}, {{{0,8}},33}, {{{0,9}},162},
-+ {{{0,8}},1}, {{{0,8}},129}, {{{0,8}},65}, {{{0,9}},226},
-+ {{{80,7}},6}, {{{0,8}},89}, {{{0,8}},25}, {{{0,9}},146},
-+ {{{83,7}},59}, {{{0,8}},121}, {{{0,8}},57}, {{{0,9}},210},
-+ {{{81,7}},17}, {{{0,8}},105}, {{{0,8}},41}, {{{0,9}},178},
-+ {{{0,8}},9}, {{{0,8}},137}, {{{0,8}},73}, {{{0,9}},242},
-+ {{{80,7}},4}, {{{0,8}},85}, {{{0,8}},21}, {{{80,8}},258},
-+ {{{83,7}},43}, {{{0,8}},117}, {{{0,8}},53}, {{{0,9}},202},
-+ {{{81,7}},13}, {{{0,8}},101}, {{{0,8}},37}, {{{0,9}},170},
-+ {{{0,8}},5}, {{{0,8}},133}, {{{0,8}},69}, {{{0,9}},234},
-+ {{{80,7}},8}, {{{0,8}},93}, {{{0,8}},29}, {{{0,9}},154},
-+ {{{84,7}},83}, {{{0,8}},125}, {{{0,8}},61}, {{{0,9}},218},
-+ {{{82,7}},23}, {{{0,8}},109}, {{{0,8}},45}, {{{0,9}},186},
-+ {{{0,8}},13}, {{{0,8}},141}, {{{0,8}},77}, {{{0,9}},250},
-+ {{{80,7}},3}, {{{0,8}},83}, {{{0,8}},19}, {{{85,8}},195},
-+ {{{83,7}},35}, {{{0,8}},115}, {{{0,8}},51}, {{{0,9}},198},
-+ {{{81,7}},11}, {{{0,8}},99}, {{{0,8}},35}, {{{0,9}},166},
-+ {{{0,8}},3}, {{{0,8}},131}, {{{0,8}},67}, {{{0,9}},230},
-+ {{{80,7}},7}, {{{0,8}},91}, {{{0,8}},27}, {{{0,9}},150},
-+ {{{84,7}},67}, {{{0,8}},123}, {{{0,8}},59}, {{{0,9}},214},
-+ {{{82,7}},19}, {{{0,8}},107}, {{{0,8}},43}, {{{0,9}},182},
-+ {{{0,8}},11}, {{{0,8}},139}, {{{0,8}},75}, {{{0,9}},246},
-+ {{{80,7}},5}, {{{0,8}},87}, {{{0,8}},23}, {{{192,8}},0},
-+ {{{83,7}},51}, {{{0,8}},119}, {{{0,8}},55}, {{{0,9}},206},
-+ {{{81,7}},15}, {{{0,8}},103}, {{{0,8}},39}, {{{0,9}},174},
-+ {{{0,8}},7}, {{{0,8}},135}, {{{0,8}},71}, {{{0,9}},238},
-+ {{{80,7}},9}, {{{0,8}},95}, {{{0,8}},31}, {{{0,9}},158},
-+ {{{84,7}},99}, {{{0,8}},127}, {{{0,8}},63}, {{{0,9}},222},
-+ {{{82,7}},27}, {{{0,8}},111}, {{{0,8}},47}, {{{0,9}},190},
-+ {{{0,8}},15}, {{{0,8}},143}, {{{0,8}},79}, {{{0,9}},254},
-+ {{{96,7}},256}, {{{0,8}},80}, {{{0,8}},16}, {{{84,8}},115},
-+ {{{82,7}},31}, {{{0,8}},112}, {{{0,8}},48}, {{{0,9}},193},
-+ {{{80,7}},10}, {{{0,8}},96}, {{{0,8}},32}, {{{0,9}},161},
-+ {{{0,8}},0}, {{{0,8}},128}, {{{0,8}},64}, {{{0,9}},225},
-+ {{{80,7}},6}, {{{0,8}},88}, {{{0,8}},24}, {{{0,9}},145},
-+ {{{83,7}},59}, {{{0,8}},120}, {{{0,8}},56}, {{{0,9}},209},
-+ {{{81,7}},17}, {{{0,8}},104}, {{{0,8}},40}, {{{0,9}},177},
-+ {{{0,8}},8}, {{{0,8}},136}, {{{0,8}},72}, {{{0,9}},241},
-+ {{{80,7}},4}, {{{0,8}},84}, {{{0,8}},20}, {{{85,8}},227},
-+ {{{83,7}},43}, {{{0,8}},116}, {{{0,8}},52}, {{{0,9}},201},
-+ {{{81,7}},13}, {{{0,8}},100}, {{{0,8}},36}, {{{0,9}},169},
-+ {{{0,8}},4}, {{{0,8}},132}, {{{0,8}},68}, {{{0,9}},233},
-+ {{{80,7}},8}, {{{0,8}},92}, {{{0,8}},28}, {{{0,9}},153},
-+ {{{84,7}},83}, {{{0,8}},124}, {{{0,8}},60}, {{{0,9}},217},
-+ {{{82,7}},23}, {{{0,8}},108}, {{{0,8}},44}, {{{0,9}},185},
-+ {{{0,8}},12}, {{{0,8}},140}, {{{0,8}},76}, {{{0,9}},249},
-+ {{{80,7}},3}, {{{0,8}},82}, {{{0,8}},18}, {{{85,8}},163},
-+ {{{83,7}},35}, {{{0,8}},114}, {{{0,8}},50}, {{{0,9}},197},
-+ {{{81,7}},11}, {{{0,8}},98}, {{{0,8}},34}, {{{0,9}},165},
-+ {{{0,8}},2}, {{{0,8}},130}, {{{0,8}},66}, {{{0,9}},229},
-+ {{{80,7}},7}, {{{0,8}},90}, {{{0,8}},26}, {{{0,9}},149},
-+ {{{84,7}},67}, {{{0,8}},122}, {{{0,8}},58}, {{{0,9}},213},
-+ {{{82,7}},19}, {{{0,8}},106}, {{{0,8}},42}, {{{0,9}},181},
-+ {{{0,8}},10}, {{{0,8}},138}, {{{0,8}},74}, {{{0,9}},245},
-+ {{{80,7}},5}, {{{0,8}},86}, {{{0,8}},22}, {{{192,8}},0},
-+ {{{83,7}},51}, {{{0,8}},118}, {{{0,8}},54}, {{{0,9}},205},
-+ {{{81,7}},15}, {{{0,8}},102}, {{{0,8}},38}, {{{0,9}},173},
-+ {{{0,8}},6}, {{{0,8}},134}, {{{0,8}},70}, {{{0,9}},237},
-+ {{{80,7}},9}, {{{0,8}},94}, {{{0,8}},30}, {{{0,9}},157},
-+ {{{84,7}},99}, {{{0,8}},126}, {{{0,8}},62}, {{{0,9}},221},
-+ {{{82,7}},27}, {{{0,8}},110}, {{{0,8}},46}, {{{0,9}},189},
-+ {{{0,8}},14}, {{{0,8}},142}, {{{0,8}},78}, {{{0,9}},253},
-+ {{{96,7}},256}, {{{0,8}},81}, {{{0,8}},17}, {{{85,8}},131},
-+ {{{82,7}},31}, {{{0,8}},113}, {{{0,8}},49}, {{{0,9}},195},
-+ {{{80,7}},10}, {{{0,8}},97}, {{{0,8}},33}, {{{0,9}},163},
-+ {{{0,8}},1}, {{{0,8}},129}, {{{0,8}},65}, {{{0,9}},227},
-+ {{{80,7}},6}, {{{0,8}},89}, {{{0,8}},25}, {{{0,9}},147},
-+ {{{83,7}},59}, {{{0,8}},121}, {{{0,8}},57}, {{{0,9}},211},
-+ {{{81,7}},17}, {{{0,8}},105}, {{{0,8}},41}, {{{0,9}},179},
-+ {{{0,8}},9}, {{{0,8}},137}, {{{0,8}},73}, {{{0,9}},243},
-+ {{{80,7}},4}, {{{0,8}},85}, {{{0,8}},21}, {{{80,8}},258},
-+ {{{83,7}},43}, {{{0,8}},117}, {{{0,8}},53}, {{{0,9}},203},
-+ {{{81,7}},13}, {{{0,8}},101}, {{{0,8}},37}, {{{0,9}},171},
-+ {{{0,8}},5}, {{{0,8}},133}, {{{0,8}},69}, {{{0,9}},235},
-+ {{{80,7}},8}, {{{0,8}},93}, {{{0,8}},29}, {{{0,9}},155},
-+ {{{84,7}},83}, {{{0,8}},125}, {{{0,8}},61}, {{{0,9}},219},
-+ {{{82,7}},23}, {{{0,8}},109}, {{{0,8}},45}, {{{0,9}},187},
-+ {{{0,8}},13}, {{{0,8}},141}, {{{0,8}},77}, {{{0,9}},251},
-+ {{{80,7}},3}, {{{0,8}},83}, {{{0,8}},19}, {{{85,8}},195},
-+ {{{83,7}},35}, {{{0,8}},115}, {{{0,8}},51}, {{{0,9}},199},
-+ {{{81,7}},11}, {{{0,8}},99}, {{{0,8}},35}, {{{0,9}},167},
-+ {{{0,8}},3}, {{{0,8}},131}, {{{0,8}},67}, {{{0,9}},231},
-+ {{{80,7}},7}, {{{0,8}},91}, {{{0,8}},27}, {{{0,9}},151},
-+ {{{84,7}},67}, {{{0,8}},123}, {{{0,8}},59}, {{{0,9}},215},
-+ {{{82,7}},19}, {{{0,8}},107}, {{{0,8}},43}, {{{0,9}},183},
-+ {{{0,8}},11}, {{{0,8}},139}, {{{0,8}},75}, {{{0,9}},247},
-+ {{{80,7}},5}, {{{0,8}},87}, {{{0,8}},23}, {{{192,8}},0},
-+ {{{83,7}},51}, {{{0,8}},119}, {{{0,8}},55}, {{{0,9}},207},
-+ {{{81,7}},15}, {{{0,8}},103}, {{{0,8}},39}, {{{0,9}},175},
-+ {{{0,8}},7}, {{{0,8}},135}, {{{0,8}},71}, {{{0,9}},239},
-+ {{{80,7}},9}, {{{0,8}},95}, {{{0,8}},31}, {{{0,9}},159},
-+ {{{84,7}},99}, {{{0,8}},127}, {{{0,8}},63}, {{{0,9}},223},
-+ {{{82,7}},27}, {{{0,8}},111}, {{{0,8}},47}, {{{0,9}},191},
-+ {{{0,8}},15}, {{{0,8}},143}, {{{0,8}},79}, {{{0,9}},255}
-+ };
-+local inflate_huft fixed_td[] = {
-+ {{{80,5}},1}, {{{87,5}},257}, {{{83,5}},17}, {{{91,5}},4097},
-+ {{{81,5}},5}, {{{89,5}},1025}, {{{85,5}},65}, {{{93,5}},16385},
-+ {{{80,5}},3}, {{{88,5}},513}, {{{84,5}},33}, {{{92,5}},8193},
-+ {{{82,5}},9}, {{{90,5}},2049}, {{{86,5}},129}, {{{192,5}},24577},
-+ {{{80,5}},2}, {{{87,5}},385}, {{{83,5}},25}, {{{91,5}},6145},
-+ {{{81,5}},7}, {{{89,5}},1537}, {{{85,5}},97}, {{{93,5}},24577},
-+ {{{80,5}},4}, {{{88,5}},769}, {{{84,5}},49}, {{{92,5}},12289},
-+ {{{82,5}},13}, {{{90,5}},3073}, {{{86,5}},193}, {{{192,5}},24577}
-+ };
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/inflate.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,368 @@
-+/* inflate.c -- zlib interface to inflate modules
-+ * Copyright (C) 1995-2002 Mark Adler
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+#include <zlib/zutil.h>
-+#include "infblock.h"
-+
-+struct inflate_blocks_state {int dummy;}; /* for buggy compilers */
-+
-+typedef enum {
-+ METHOD, /* waiting for method byte */
-+ FLAG, /* waiting for flag byte */
-+ DICT4, /* four dictionary check bytes to go */
-+ DICT3, /* three dictionary check bytes to go */
-+ DICT2, /* two dictionary check bytes to go */
-+ DICT1, /* one dictionary check byte to go */
-+ DICT0, /* waiting for inflateSetDictionary */
-+ BLOCKS, /* decompressing blocks */
-+ CHECK4, /* four check bytes to go */
-+ CHECK3, /* three check bytes to go */
-+ CHECK2, /* two check bytes to go */
-+ CHECK1, /* one check byte to go */
-+ DONE, /* finished check, done */
-+ BAD} /* got an error--stay here */
-+inflate_mode;
-+
-+/* inflate private state */
-+struct internal_state {
-+
-+ /* mode */
-+ inflate_mode mode; /* current inflate mode */
-+
-+ /* mode dependent information */
-+ union {
-+ uInt method; /* if FLAGS, method byte */
-+ struct {
-+ uLong was; /* computed check value */
-+ uLong need; /* stream check value */
-+ } check; /* if CHECK, check values to compare */
-+ uInt marker; /* if BAD, inflateSync's marker bytes count */
-+ } sub; /* submode */
-+
-+ /* mode independent information */
-+ int nowrap; /* flag for no wrapper */
-+ uInt wbits; /* log2(window size) (8..15, defaults to 15) */
-+ inflate_blocks_statef
-+ *blocks; /* current inflate_blocks state */
-+
-+};
-+
-+
-+int ZEXPORT inflateReset(z)
-+z_streamp z;
-+{
-+ if (z == Z_NULL || z->state == Z_NULL)
-+ return Z_STREAM_ERROR;
-+ z->total_in = z->total_out = 0;
-+ z->msg = Z_NULL;
-+ z->state->mode = z->state->nowrap ? BLOCKS : METHOD;
-+ inflate_blocks_reset(z->state->blocks, z, Z_NULL);
-+ Tracev((stderr, "inflate: reset\n"));
-+ return Z_OK;
-+}
-+
-+
-+int ZEXPORT inflateEnd(z)
-+z_streamp z;
-+{
-+ if (z == Z_NULL || z->state == Z_NULL || z->zfree == Z_NULL)
-+ return Z_STREAM_ERROR;
-+ if (z->state->blocks != Z_NULL)
-+ inflate_blocks_free(z->state->blocks, z);
-+ ZFREE(z, z->state);
-+ z->state = Z_NULL;
-+ Tracev((stderr, "inflate: end\n"));
-+ return Z_OK;
-+}
-+
-+
-+int ZEXPORT inflateInit2_(z, w, version, stream_size)
-+z_streamp z;
-+int w;
-+const char *version;
-+int stream_size;
-+{
-+ if (version == Z_NULL || version[0] != ZLIB_VERSION[0] ||
-+ stream_size != sizeof(z_stream))
-+ return Z_VERSION_ERROR;
-+
-+ /* initialize state */
-+ if (z == Z_NULL)
-+ return Z_STREAM_ERROR;
-+ z->msg = Z_NULL;
-+ if (z->zalloc == Z_NULL)
-+ {
-+ return Z_STREAM_ERROR;
-+/* z->zalloc = zcalloc;
-+ z->opaque = (voidpf)0;
-+*/
-+ }
-+ if (z->zfree == Z_NULL) return Z_STREAM_ERROR; /* z->zfree = zcfree; */
-+ if ((z->state = (struct internal_state FAR *)
-+ ZALLOC(z,1,sizeof(struct internal_state))) == Z_NULL)
-+ return Z_MEM_ERROR;
-+ z->state->blocks = Z_NULL;
-+
-+ /* handle undocumented nowrap option (no zlib header or check) */
-+ z->state->nowrap = 0;
-+ if (w < 0)
-+ {
-+ w = - w;
-+ z->state->nowrap = 1;
-+ }
-+
-+ /* set window size */
-+ if (w < 8 || w > 15)
-+ {
-+ inflateEnd(z);
-+ return Z_STREAM_ERROR;
-+ }
-+ z->state->wbits = (uInt)w;
-+
-+ /* create inflate_blocks state */
-+ if ((z->state->blocks =
-+ inflate_blocks_new(z, z->state->nowrap ? Z_NULL : adler32, (uInt)1 << w))
-+ == Z_NULL)
-+ {
-+ inflateEnd(z);
-+ return Z_MEM_ERROR;
-+ }
-+ Tracev((stderr, "inflate: allocated\n"));
-+
-+ /* reset state */
-+ inflateReset(z);
-+ return Z_OK;
-+}
-+
-+
-+int ZEXPORT inflateInit_(z, version, stream_size)
-+z_streamp z;
-+const char *version;
-+int stream_size;
-+{
-+ return inflateInit2_(z, DEF_WBITS, version, stream_size);
-+}
-+
-+
-+#define NEEDBYTE {if(z->avail_in==0)return r;r=f;}
-+#define NEXTBYTE (z->avail_in--,z->total_in++,*z->next_in++)
-+
-+int ZEXPORT inflate(z, f)
-+z_streamp z;
-+int f;
-+{
-+ int r;
-+ uInt b;
-+
-+ if (z == Z_NULL || z->state == Z_NULL || z->next_in == Z_NULL)
-+ return Z_STREAM_ERROR;
-+ f = f == Z_FINISH ? Z_BUF_ERROR : Z_OK;
-+ r = Z_BUF_ERROR;
-+ while (1) switch (z->state->mode)
-+ {
-+ case METHOD:
-+ NEEDBYTE
-+ if (((z->state->sub.method = NEXTBYTE) & 0xf) != Z_DEFLATED)
-+ {
-+ z->state->mode = BAD;
-+ z->msg = (char*)"unknown compression method";
-+ z->state->sub.marker = 5; /* can't try inflateSync */
-+ break;
-+ }
-+ if ((z->state->sub.method >> 4) + 8 > z->state->wbits)
-+ {
-+ z->state->mode = BAD;
-+ z->msg = (char*)"invalid window size";
-+ z->state->sub.marker = 5; /* can't try inflateSync */
-+ break;
-+ }
-+ z->state->mode = FLAG;
-+ case FLAG:
-+ NEEDBYTE
-+ b = NEXTBYTE;
-+ if (((z->state->sub.method << 8) + b) % 31)
-+ {
-+ z->state->mode = BAD;
-+ z->msg = (char*)"incorrect header check";
-+ z->state->sub.marker = 5; /* can't try inflateSync */
-+ break;
-+ }
-+ Tracev((stderr, "inflate: zlib header ok\n"));
-+ if (!(b & PRESET_DICT))
-+ {
-+ z->state->mode = BLOCKS;
-+ break;
-+ }
-+ z->state->mode = DICT4;
-+ case DICT4:
-+ NEEDBYTE
-+ z->state->sub.check.need = (uLong)NEXTBYTE << 24;
-+ z->state->mode = DICT3;
-+ case DICT3:
-+ NEEDBYTE
-+ z->state->sub.check.need += (uLong)NEXTBYTE << 16;
-+ z->state->mode = DICT2;
-+ case DICT2:
-+ NEEDBYTE
-+ z->state->sub.check.need += (uLong)NEXTBYTE << 8;
-+ z->state->mode = DICT1;
-+ case DICT1:
-+ NEEDBYTE
-+ z->state->sub.check.need += (uLong)NEXTBYTE;
-+ z->adler = z->state->sub.check.need;
-+ z->state->mode = DICT0;
-+ return Z_NEED_DICT;
-+ case DICT0:
-+ z->state->mode = BAD;
-+ z->msg = (char*)"need dictionary";
-+ z->state->sub.marker = 0; /* can try inflateSync */
-+ return Z_STREAM_ERROR;
-+ case BLOCKS:
-+ r = inflate_blocks(z->state->blocks, z, r);
-+ if (r == Z_DATA_ERROR)
-+ {
-+ z->state->mode = BAD;
-+ z->state->sub.marker = 0; /* can try inflateSync */
-+ break;
-+ }
-+ if (r == Z_OK)
-+ r = f;
-+ if (r != Z_STREAM_END)
-+ return r;
-+ r = f;
-+ inflate_blocks_reset(z->state->blocks, z, &z->state->sub.check.was);
-+ if (z->state->nowrap)
-+ {
-+ z->state->mode = DONE;
-+ break;
-+ }
-+ z->state->mode = CHECK4;
-+ case CHECK4:
-+ NEEDBYTE
-+ z->state->sub.check.need = (uLong)NEXTBYTE << 24;
-+ z->state->mode = CHECK3;
-+ case CHECK3:
-+ NEEDBYTE
-+ z->state->sub.check.need += (uLong)NEXTBYTE << 16;
-+ z->state->mode = CHECK2;
-+ case CHECK2:
-+ NEEDBYTE
-+ z->state->sub.check.need += (uLong)NEXTBYTE << 8;
-+ z->state->mode = CHECK1;
-+ case CHECK1:
-+ NEEDBYTE
-+ z->state->sub.check.need += (uLong)NEXTBYTE;
-+
-+ if (z->state->sub.check.was != z->state->sub.check.need)
-+ {
-+ z->state->mode = BAD;
-+ z->msg = (char*)"incorrect data check";
-+ z->state->sub.marker = 5; /* can't try inflateSync */
-+ break;
-+ }
-+ Tracev((stderr, "inflate: zlib check ok\n"));
-+ z->state->mode = DONE;
-+ case DONE:
-+ return Z_STREAM_END;
-+ case BAD:
-+ return Z_DATA_ERROR;
-+ default:
-+ return Z_STREAM_ERROR;
-+ }
-+#ifdef NEED_DUMMY_RETURN
-+ return Z_STREAM_ERROR; /* Some dumb compilers complain without this */
-+#endif
-+}
-+
-+
-+int ZEXPORT inflateSetDictionary(z, dictionary, dictLength)
-+z_streamp z;
-+const Bytef *dictionary;
-+uInt dictLength;
-+{
-+ uInt length = dictLength;
-+
-+ if (z == Z_NULL || z->state == Z_NULL || z->state->mode != DICT0)
-+ return Z_STREAM_ERROR;
-+
-+ if (adler32(1L, dictionary, dictLength) != z->adler) return Z_DATA_ERROR;
-+ z->adler = 1L;
-+
-+ if (length >= ((uInt)1<<z->state->wbits))
-+ {
-+ length = (1<<z->state->wbits)-1;
-+ dictionary += dictLength - length;
-+ }
-+ inflate_set_dictionary(z->state->blocks, dictionary, length);
-+ z->state->mode = BLOCKS;
-+ return Z_OK;
-+}
-+
-+
-+int ZEXPORT inflateSync(z)
-+z_streamp z;
-+{
-+ uInt n; /* number of bytes to look at */
-+ Bytef *p; /* pointer to bytes */
-+ uInt m; /* number of marker bytes found in a row */
-+ uLong r, w; /* temporaries to save total_in and total_out */
-+
-+ /* set up */
-+ if (z == Z_NULL || z->state == Z_NULL)
-+ return Z_STREAM_ERROR;
-+ if (z->state->mode != BAD)
-+ {
-+ z->state->mode = BAD;
-+ z->state->sub.marker = 0;
-+ }
-+ if ((n = z->avail_in) == 0)
-+ return Z_BUF_ERROR;
-+ p = z->next_in;
-+ m = z->state->sub.marker;
-+
-+ /* search */
-+ while (n && m < 4)
-+ {
-+ static const Byte mark[4] = {0, 0, 0xff, 0xff};
-+ if (*p == mark[m])
-+ m++;
-+ else if (*p)
-+ m = 0;
-+ else
-+ m = 4 - m;
-+ p++, n--;
-+ }
-+
-+ /* restore */
-+ z->total_in += p - z->next_in;
-+ z->next_in = p;
-+ z->avail_in = n;
-+ z->state->sub.marker = m;
-+
-+ /* return no joy or set up to restart on a new block */
-+ if (m != 4)
-+ return Z_DATA_ERROR;
-+ r = z->total_in; w = z->total_out;
-+ inflateReset(z);
-+ z->total_in = r; z->total_out = w;
-+ z->state->mode = BLOCKS;
-+ return Z_OK;
-+}
-+
-+
-+/* Returns true if inflate is currently at the end of a block generated
-+ * by Z_SYNC_FLUSH or Z_FULL_FLUSH. This function is used by one PPP
-+ * implementation to provide an additional safety check. PPP uses Z_SYNC_FLUSH
-+ * but removes the length bytes of the resulting empty stored block. When
-+ * decompressing, PPP checks that at the end of input packet, inflate is
-+ * waiting for these length bytes.
-+ */
-+int ZEXPORT inflateSyncPoint(z)
-+z_streamp z;
-+{
-+ if (z == Z_NULL || z->state == Z_NULL || z->state->blocks == Z_NULL)
-+ return Z_STREAM_ERROR;
-+ return inflate_blocks_sync_point(z->state->blocks);
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/inftrees.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,454 @@
-+/* inftrees.c -- generate Huffman trees for efficient decoding
-+ * Copyright (C) 1995-2002 Mark Adler
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+#include <zlib/zutil.h>
-+#include "inftrees.h"
-+
-+#if !defined(BUILDFIXED) && !defined(STDC)
-+# define BUILDFIXED /* non ANSI compilers may not accept inffixed.h */
-+#endif
-+
-+local const char inflate_copyright[] =
-+ " inflate 1.1.4 Copyright 1995-2002 Mark Adler ";
-+/*
-+ If you use the zlib library in a product, an acknowledgment is welcome
-+ in the documentation of your product. If for some reason you cannot
-+ include such an acknowledgment, I would appreciate that you keep this
-+ copyright string in the executable of your product.
-+ */
-+struct internal_state {int dummy;}; /* for buggy compilers */
-+
-+/* simplify the use of the inflate_huft type with some defines */
-+#define exop word.what.Exop
-+#define bits word.what.Bits
-+
-+
-+local int huft_build OF((
-+ uIntf *, /* code lengths in bits */
-+ uInt, /* number of codes */
-+ uInt, /* number of "simple" codes */
-+ const uIntf *, /* list of base values for non-simple codes */
-+ const uIntf *, /* list of extra bits for non-simple codes */
-+ inflate_huft * FAR*,/* result: starting table */
-+ uIntf *, /* maximum lookup bits (returns actual) */
-+ inflate_huft *, /* space for trees */
-+ uInt *, /* hufts used in space */
-+ uIntf * )); /* space for values */
-+
-+/* Tables for deflate from PKZIP's appnote.txt. */
-+local const uInt cplens[31] = { /* Copy lengths for literal codes 257..285 */
-+ 3, 4, 5, 6, 7, 8, 9, 10, 11, 13, 15, 17, 19, 23, 27, 31,
-+ 35, 43, 51, 59, 67, 83, 99, 115, 131, 163, 195, 227, 258, 0, 0};
-+ /* see note #13 above about 258 */
-+local const uInt cplext[31] = { /* Extra bits for literal codes 257..285 */
-+ 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 2, 2, 2, 2,
-+ 3, 3, 3, 3, 4, 4, 4, 4, 5, 5, 5, 5, 0, 112, 112}; /* 112==invalid */
-+local const uInt cpdist[30] = { /* Copy offsets for distance codes 0..29 */
-+ 1, 2, 3, 4, 5, 7, 9, 13, 17, 25, 33, 49, 65, 97, 129, 193,
-+ 257, 385, 513, 769, 1025, 1537, 2049, 3073, 4097, 6145,
-+ 8193, 12289, 16385, 24577};
-+local const uInt cpdext[30] = { /* Extra bits for distance codes */
-+ 0, 0, 0, 0, 1, 1, 2, 2, 3, 3, 4, 4, 5, 5, 6, 6,
-+ 7, 7, 8, 8, 9, 9, 10, 10, 11, 11,
-+ 12, 12, 13, 13};
-+
-+/*
-+ Huffman code decoding is performed using a multi-level table lookup.
-+ The fastest way to decode is to simply build a lookup table whose
-+ size is determined by the longest code. However, the time it takes
-+ to build this table can also be a factor if the data being decoded
-+ is not very long. The most common codes are necessarily the
-+ shortest codes, so those codes dominate the decoding time, and hence
-+ the speed. The idea is you can have a shorter table that decodes the
-+ shorter, more probable codes, and then point to subsidiary tables for
-+ the longer codes. The time it costs to decode the longer codes is
-+ then traded against the time it takes to make longer tables.
-+
-+ This results of this trade are in the variables lbits and dbits
-+ below. lbits is the number of bits the first level table for literal/
-+ length codes can decode in one step, and dbits is the same thing for
-+ the distance codes. Subsequent tables are also less than or equal to
-+ those sizes. These values may be adjusted either when all of the
-+ codes are shorter than that, in which case the longest code length in
-+ bits is used, or when the shortest code is *longer* than the requested
-+ table size, in which case the length of the shortest code in bits is
-+ used.
-+
-+ There are two different values for the two tables, since they code a
-+ different number of possibilities each. The literal/length table
-+ codes 286 possible values, or in a flat code, a little over eight
-+ bits. The distance table codes 30 possible values, or a little less
-+ than five bits, flat. The optimum values for speed end up being
-+ about one bit more than those, so lbits is 8+1 and dbits is 5+1.
-+ The optimum values may differ though from machine to machine, and
-+ possibly even between compilers. Your mileage may vary.
-+ */
-+
-+
-+/* If BMAX needs to be larger than 16, then h and x[] should be uLong. */
-+#define BMAX 15 /* maximum bit length of any code */
-+
-+local int huft_build(b, n, s, d, e, t, m, hp, hn, v)
-+uIntf *b; /* code lengths in bits (all assumed <= BMAX) */
-+uInt n; /* number of codes (assumed <= 288) */
-+uInt s; /* number of simple-valued codes (0..s-1) */
-+const uIntf *d; /* list of base values for non-simple codes */
-+const uIntf *e; /* list of extra bits for non-simple codes */
-+inflate_huft * FAR *t; /* result: starting table */
-+uIntf *m; /* maximum lookup bits, returns actual */
-+inflate_huft *hp; /* space for trees */
-+uInt *hn; /* hufts used in space */
-+uIntf *v; /* working area: values in order of bit length */
-+/* Given a list of code lengths and a maximum table size, make a set of
-+ tables to decode that set of codes. Return Z_OK on success, Z_BUF_ERROR
-+ if the given code set is incomplete (the tables are still built in this
-+ case), or Z_DATA_ERROR if the input is invalid. */
-+{
-+
-+ uInt a; /* counter for codes of length k */
-+ uInt c[BMAX+1]; /* bit length count table */
-+ uInt f; /* i repeats in table every f entries */
-+ int g; /* maximum code length */
-+ int h; /* table level */
-+ register uInt i; /* counter, current code */
-+ register uInt j; /* counter */
-+ register int k; /* number of bits in current code */
-+ int l; /* bits per table (returned in m) */
-+ uInt mask; /* (1 << w) - 1, to avoid cc -O bug on HP */
-+ register uIntf *p; /* pointer into c[], b[], or v[] */
-+ inflate_huft *q; /* points to current table */
-+ struct inflate_huft_s r; /* table entry for structure assignment */
-+ inflate_huft *u[BMAX]; /* table stack */
-+ register int w; /* bits before this table == (l * h) */
-+ uInt x[BMAX+1]; /* bit offsets, then code stack */
-+ uIntf *xp; /* pointer into x */
-+ int y; /* number of dummy codes added */
-+ uInt z; /* number of entries in current table */
-+
-+
-+ /* Generate counts for each bit length */
-+ p = c;
-+#define C0 *p++ = 0;
-+#define C2 C0 C0 C0 C0
-+#define C4 C2 C2 C2 C2
-+ C4 /* clear c[]--assume BMAX+1 is 16 */
-+ p = b; i = n;
-+ do {
-+ c[*p++]++; /* assume all entries <= BMAX */
-+ } while (--i);
-+ if (c[0] == n) /* null input--all zero length codes */
-+ {
-+ *t = (inflate_huft *)Z_NULL;
-+ *m = 0;
-+ return Z_OK;
-+ }
-+
-+
-+ /* Find minimum and maximum length, bound *m by those */
-+ l = *m;
-+ for (j = 1; j <= BMAX; j++)
-+ if (c[j])
-+ break;
-+ k = j; /* minimum code length */
-+ if ((uInt)l < j)
-+ l = j;
-+ for (i = BMAX; i; i--)
-+ if (c[i])
-+ break;
-+ g = i; /* maximum code length */
-+ if ((uInt)l > i)
-+ l = i;
-+ *m = l;
-+
-+
-+ /* Adjust last length count to fill out codes, if needed */
-+ for (y = 1 << j; j < i; j++, y <<= 1)
-+ if ((y -= c[j]) < 0)
-+ return Z_DATA_ERROR;
-+ if ((y -= c[i]) < 0)
-+ return Z_DATA_ERROR;
-+ c[i] += y;
-+
-+
-+ /* Generate starting offsets into the value table for each length */
-+ x[1] = j = 0;
-+ p = c + 1; xp = x + 2;
-+ while (--i) { /* note that i == g from above */
-+ *xp++ = (j += *p++);
-+ }
-+
-+
-+ /* Make a table of values in order of bit lengths */
-+ p = b; i = 0;
-+ do {
-+ if ((j = *p++) != 0)
-+ v[x[j]++] = i;
-+ } while (++i < n);
-+ n = x[g]; /* set n to length of v */
-+
-+
-+ /* Generate the Huffman codes and for each, make the table entries */
-+ x[0] = i = 0; /* first Huffman code is zero */
-+ p = v; /* grab values in bit order */
-+ h = -1; /* no tables yet--level -1 */
-+ w = -l; /* bits decoded == (l * h) */
-+ u[0] = (inflate_huft *)Z_NULL; /* just to keep compilers happy */
-+ q = (inflate_huft *)Z_NULL; /* ditto */
-+ z = 0; /* ditto */
-+
-+ /* go through the bit lengths (k already is bits in shortest code) */
-+ for (; k <= g; k++)
-+ {
-+ a = c[k];
-+ while (a--)
-+ {
-+ /* here i is the Huffman code of length k bits for value *p */
-+ /* make tables up to required level */
-+ while (k > w + l)
-+ {
-+ h++;
-+ w += l; /* previous table always l bits */
-+
-+ /* compute minimum size table less than or equal to l bits */
-+ z = g - w;
-+ z = z > (uInt)l ? l : z; /* table size upper limit */
-+ if ((f = 1 << (j = k - w)) > a + 1) /* try a k-w bit table */
-+ { /* too few codes for k-w bit table */
-+ f -= a + 1; /* deduct codes from patterns left */
-+ xp = c + k;
-+ if (j < z)
-+ while (++j < z) /* try smaller tables up to z bits */
-+ {
-+ if ((f <<= 1) <= *++xp)
-+ break; /* enough codes to use up j bits */
-+ f -= *xp; /* else deduct codes from patterns */
-+ }
-+ }
-+ z = 1 << j; /* table entries for j-bit table */
-+
-+ /* allocate new table */
-+ if (*hn + z > MANY) /* (note: doesn't matter for fixed) */
-+ return Z_DATA_ERROR; /* overflow of MANY */
-+ u[h] = q = hp + *hn;
-+ *hn += z;
-+
-+ /* connect to last table, if there is one */
-+ if (h)
-+ {
-+ x[h] = i; /* save pattern for backing up */
-+ r.bits = (Byte)l; /* bits to dump before this table */
-+ r.exop = (Byte)j; /* bits in this table */
-+ j = i >> (w - l);
-+ r.base = (uInt)(q - u[h-1] - j); /* offset to this table */
-+ u[h-1][j] = r; /* connect to last table */
-+ }
-+ else
-+ *t = q; /* first table is returned result */
-+ }
-+
-+ /* set up table entry in r */
-+ r.bits = (Byte)(k - w);
-+ if (p >= v + n)
-+ r.exop = 128 + 64; /* out of values--invalid code */
-+ else if (*p < s)
-+ {
-+ r.exop = (Byte)(*p < 256 ? 0 : 32 + 64); /* 256 is end-of-block */
-+ r.base = *p++; /* simple code is just the value */
-+ }
-+ else
-+ {
-+ r.exop = (Byte)(e[*p - s] + 16 + 64);/* non-simple--look up in lists */
-+ r.base = d[*p++ - s];
-+ }
-+
-+ /* fill code-like entries with r */
-+ f = 1 << (k - w);
-+ for (j = i >> w; j < z; j += f)
-+ q[j] = r;
-+
-+ /* backwards increment the k-bit code i */
-+ for (j = 1 << (k - 1); i & j; j >>= 1)
-+ i ^= j;
-+ i ^= j;
-+
-+ /* backup over finished tables */
-+ mask = (1 << w) - 1; /* needed on HP, cc -O bug */
-+ while ((i & mask) != x[h])
-+ {
-+ h--; /* don't need to update q */
-+ w -= l;
-+ mask = (1 << w) - 1;
-+ }
-+ }
-+ }
-+
-+
-+ /* Return Z_BUF_ERROR if we were given an incomplete table */
-+ return y != 0 && g != 1 ? Z_BUF_ERROR : Z_OK;
-+}
-+
-+
-+int inflate_trees_bits(c, bb, tb, hp, z)
-+uIntf *c; /* 19 code lengths */
-+uIntf *bb; /* bits tree desired/actual depth */
-+inflate_huft * FAR *tb; /* bits tree result */
-+inflate_huft *hp; /* space for trees */
-+z_streamp z; /* for messages */
-+{
-+ int r;
-+ uInt hn = 0; /* hufts used in space */
-+ uIntf *v; /* work area for huft_build */
-+
-+ if ((v = (uIntf*)ZALLOC(z, 19, sizeof(uInt))) == Z_NULL)
-+ return Z_MEM_ERROR;
-+ r = huft_build(c, 19, 19, (uIntf*)Z_NULL, (uIntf*)Z_NULL,
-+ tb, bb, hp, &hn, v);
-+ if (r == Z_DATA_ERROR)
-+ z->msg = (char*)"oversubscribed dynamic bit lengths tree";
-+ else if (r == Z_BUF_ERROR || *bb == 0)
-+ {
-+ z->msg = (char*)"incomplete dynamic bit lengths tree";
-+ r = Z_DATA_ERROR;
-+ }
-+ ZFREE(z, v);
-+ return r;
-+}
-+
-+
-+int inflate_trees_dynamic(nl, nd, c, bl, bd, tl, td, hp, z)
-+uInt nl; /* number of literal/length codes */
-+uInt nd; /* number of distance codes */
-+uIntf *c; /* that many (total) code lengths */
-+uIntf *bl; /* literal desired/actual bit depth */
-+uIntf *bd; /* distance desired/actual bit depth */
-+inflate_huft * FAR *tl; /* literal/length tree result */
-+inflate_huft * FAR *td; /* distance tree result */
-+inflate_huft *hp; /* space for trees */
-+z_streamp z; /* for messages */
-+{
-+ int r;
-+ uInt hn = 0; /* hufts used in space */
-+ uIntf *v; /* work area for huft_build */
-+
-+ /* allocate work area */
-+ if ((v = (uIntf*)ZALLOC(z, 288, sizeof(uInt))) == Z_NULL)
-+ return Z_MEM_ERROR;
-+
-+ /* build literal/length tree */
-+ r = huft_build(c, nl, 257, cplens, cplext, tl, bl, hp, &hn, v);
-+ if (r != Z_OK || *bl == 0)
-+ {
-+ if (r == Z_DATA_ERROR)
-+ z->msg = (char*)"oversubscribed literal/length tree";
-+ else if (r != Z_MEM_ERROR)
-+ {
-+ z->msg = (char*)"incomplete literal/length tree";
-+ r = Z_DATA_ERROR;
-+ }
-+ ZFREE(z, v);
-+ return r;
-+ }
-+
-+ /* build distance tree */
-+ r = huft_build(c + nl, nd, 0, cpdist, cpdext, td, bd, hp, &hn, v);
-+ if (r != Z_OK || (*bd == 0 && nl > 257))
-+ {
-+ if (r == Z_DATA_ERROR)
-+ z->msg = (char*)"oversubscribed distance tree";
-+ else if (r == Z_BUF_ERROR) {
-+#ifdef PKZIP_BUG_WORKAROUND
-+ r = Z_OK;
-+ }
-+#else
-+ z->msg = (char*)"incomplete distance tree";
-+ r = Z_DATA_ERROR;
-+ }
-+ else if (r != Z_MEM_ERROR)
-+ {
-+ z->msg = (char*)"empty distance tree with lengths";
-+ r = Z_DATA_ERROR;
-+ }
-+ ZFREE(z, v);
-+ return r;
-+#endif
-+ }
-+
-+ /* done */
-+ ZFREE(z, v);
-+ return Z_OK;
-+}
-+
-+
-+/* build fixed tables only once--keep them here */
-+#ifdef BUILDFIXED
-+local int fixed_built = 0;
-+#define FIXEDH 544 /* number of hufts used by fixed tables */
-+local inflate_huft fixed_mem[FIXEDH];
-+local uInt fixed_bl;
-+local uInt fixed_bd;
-+local inflate_huft *fixed_tl;
-+local inflate_huft *fixed_td;
-+#else
-+#include "inffixed.h"
-+#endif
-+
-+
-+int inflate_trees_fixed(bl, bd, tl, td, z)
-+uIntf *bl; /* literal desired/actual bit depth */
-+uIntf *bd; /* distance desired/actual bit depth */
-+inflate_huft * FAR *tl; /* literal/length tree result */
-+inflate_huft * FAR *td; /* distance tree result */
-+z_streamp z; /* for memory allocation */
-+{
-+#ifdef BUILDFIXED
-+ /* build fixed tables if not already */
-+ if (!fixed_built)
-+ {
-+ int k; /* temporary variable */
-+ uInt f = 0; /* number of hufts used in fixed_mem */
-+ uIntf *c; /* length list for huft_build */
-+ uIntf *v; /* work area for huft_build */
-+
-+ /* allocate memory */
-+ if ((c = (uIntf*)ZALLOC(z, 288, sizeof(uInt))) == Z_NULL)
-+ return Z_MEM_ERROR;
-+ if ((v = (uIntf*)ZALLOC(z, 288, sizeof(uInt))) == Z_NULL)
-+ {
-+ ZFREE(z, c);
-+ return Z_MEM_ERROR;
-+ }
-+
-+ /* literal table */
-+ for (k = 0; k < 144; k++)
-+ c[k] = 8;
-+ for (; k < 256; k++)
-+ c[k] = 9;
-+ for (; k < 280; k++)
-+ c[k] = 7;
-+ for (; k < 288; k++)
-+ c[k] = 8;
-+ fixed_bl = 9;
-+ huft_build(c, 288, 257, cplens, cplext, &fixed_tl, &fixed_bl,
-+ fixed_mem, &f, v);
-+
-+ /* distance table */
-+ for (k = 0; k < 30; k++)
-+ c[k] = 5;
-+ fixed_bd = 5;
-+ huft_build(c, 30, 0, cpdist, cpdext, &fixed_td, &fixed_bd,
-+ fixed_mem, &f, v);
-+
-+ /* done */
-+ ZFREE(z, v);
-+ ZFREE(z, c);
-+ fixed_built = 1;
-+ }
-+#endif
-+ *bl = fixed_bl;
-+ *bd = fixed_bd;
-+ *tl = fixed_tl;
-+ *td = fixed_td;
-+ return Z_OK;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/inftrees.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,63 @@
-+/* inftrees.h -- header to use inftrees.c
-+ * Copyright (C) 1995-2002 Mark Adler
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+/* WARNING: this file should *not* be used by applications. It is
-+ part of the implementation of the compression library and is
-+ subject to change. Applications should only use zlib.h.
-+ */
-+
-+/* Huffman code lookup table entry--this entry is four bytes for machines
-+ that have 16-bit pointers (e.g. PC's in the small or medium model). */
-+
-+#ifndef _INFTREES_H
-+#define _INFTREES_H
-+
-+typedef struct inflate_huft_s FAR inflate_huft;
-+
-+struct inflate_huft_s {
-+ union {
-+ struct {
-+ Byte Exop; /* number of extra bits or operation */
-+ Byte Bits; /* number of bits in this code or subcode */
-+ } what;
-+ uInt pad; /* pad structure to a power of 2 (4 bytes for */
-+ } word; /* 16-bit, 8 bytes for 32-bit int's) */
-+ uInt base; /* literal, length base, distance base,
-+ or table offset */
-+};
-+
-+/* Maximum size of dynamic tree. The maximum found in a long but non-
-+ exhaustive search was 1004 huft structures (850 for length/literals
-+ and 154 for distances, the latter actually the result of an
-+ exhaustive search). The actual maximum is not known, but the
-+ value below is more than safe. */
-+#define MANY 1440
-+
-+extern int inflate_trees_bits OF((
-+ uIntf *, /* 19 code lengths */
-+ uIntf *, /* bits tree desired/actual depth */
-+ inflate_huft * FAR *, /* bits tree result */
-+ inflate_huft *, /* space for trees */
-+ z_streamp)); /* for messages */
-+
-+extern int inflate_trees_dynamic OF((
-+ uInt, /* number of literal/length codes */
-+ uInt, /* number of distance codes */
-+ uIntf *, /* that many (total) code lengths */
-+ uIntf *, /* literal desired/actual bit depth */
-+ uIntf *, /* distance desired/actual bit depth */
-+ inflate_huft * FAR *, /* literal/length tree result */
-+ inflate_huft * FAR *, /* distance tree result */
-+ inflate_huft *, /* space for trees */
-+ z_streamp)); /* for messages */
-+
-+extern int inflate_trees_fixed OF((
-+ uIntf *, /* literal desired/actual bit depth */
-+ uIntf *, /* distance desired/actual bit depth */
-+ inflate_huft * FAR *, /* literal/length tree result */
-+ inflate_huft * FAR *, /* distance tree result */
-+ z_streamp)); /* for memory allocation */
-+
-+#endif /* _INFTREES_H */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/infutil.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,87 @@
-+/* inflate_util.c -- data and routines common to blocks and codes
-+ * Copyright (C) 1995-2002 Mark Adler
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+#include <zlib/zutil.h>
-+#include "infblock.h"
-+#include "inftrees.h"
-+#include "infcodes.h"
-+#include "infutil.h"
-+
-+struct inflate_codes_state {int dummy;}; /* for buggy compilers */
-+
-+/* And'ing with mask[n] masks the lower n bits */
-+uInt inflate_mask[17] = {
-+ 0x0000,
-+ 0x0001, 0x0003, 0x0007, 0x000f, 0x001f, 0x003f, 0x007f, 0x00ff,
-+ 0x01ff, 0x03ff, 0x07ff, 0x0fff, 0x1fff, 0x3fff, 0x7fff, 0xffff
-+};
-+
-+
-+/* copy as much as possible from the sliding window to the output area */
-+int inflate_flush(s, z, r)
-+inflate_blocks_statef *s;
-+z_streamp z;
-+int r;
-+{
-+ uInt n;
-+ Bytef *p;
-+ Bytef *q;
-+
-+ /* local copies of source and destination pointers */
-+ p = z->next_out;
-+ q = s->read;
-+
-+ /* compute number of bytes to copy as far as end of window */
-+ n = (uInt)((q <= s->write ? s->write : s->end) - q);
-+ if (n > z->avail_out) n = z->avail_out;
-+ if (n && r == Z_BUF_ERROR) r = Z_OK;
-+
-+ /* update counters */
-+ z->avail_out -= n;
-+ z->total_out += n;
-+
-+ /* update check information */
-+ if (s->checkfn != Z_NULL)
-+ z->adler = s->check = (*s->checkfn)(s->check, q, n);
-+
-+ /* copy as far as end of window */
-+ zmemcpy(p, q, n);
-+ p += n;
-+ q += n;
-+
-+ /* see if more to copy at beginning of window */
-+ if (q == s->end)
-+ {
-+ /* wrap pointers */
-+ q = s->window;
-+ if (s->write == s->end)
-+ s->write = s->window;
-+
-+ /* compute bytes to copy */
-+ n = (uInt)(s->write - q);
-+ if (n > z->avail_out) n = z->avail_out;
-+ if (n && r == Z_BUF_ERROR) r = Z_OK;
-+
-+ /* update counters */
-+ z->avail_out -= n;
-+ z->total_out += n;
-+
-+ /* update check information */
-+ if (s->checkfn != Z_NULL)
-+ z->adler = s->check = (*s->checkfn)(s->check, q, n);
-+
-+ /* copy */
-+ zmemcpy(p, q, n);
-+ p += n;
-+ q += n;
-+ }
-+
-+ /* update pointers */
-+ z->next_out = p;
-+ s->read = q;
-+
-+ /* done */
-+ return r;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/infutil.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,98 @@
-+/* infutil.h -- types and macros common to blocks and codes
-+ * Copyright (C) 1995-2002 Mark Adler
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+/* WARNING: this file should *not* be used by applications. It is
-+ part of the implementation of the compression library and is
-+ subject to change. Applications should only use zlib.h.
-+ */
-+
-+#ifndef _INFUTIL_H
-+#define _INFUTIL_H
-+
-+typedef enum {
-+ TYPE, /* get type bits (3, including end bit) */
-+ LENS, /* get lengths for stored */
-+ STORED, /* processing stored block */
-+ TABLE, /* get table lengths */
-+ BTREE, /* get bit lengths tree for a dynamic block */
-+ DTREE, /* get length, distance trees for a dynamic block */
-+ CODES, /* processing fixed or dynamic block */
-+ DRY, /* output remaining window bytes */
-+ DONE, /* finished last block, done */
-+ BAD} /* got a data error--stuck here */
-+inflate_block_mode;
-+
-+/* inflate blocks semi-private state */
-+struct inflate_blocks_state {
-+
-+ /* mode */
-+ inflate_block_mode mode; /* current inflate_block mode */
-+
-+ /* mode dependent information */
-+ union {
-+ uInt left; /* if STORED, bytes left to copy */
-+ struct {
-+ uInt table; /* table lengths (14 bits) */
-+ uInt index; /* index into blens (or border) */
-+ uIntf *blens; /* bit lengths of codes */
-+ uInt bb; /* bit length tree depth */
-+ inflate_huft *tb; /* bit length decoding tree */
-+ } trees; /* if DTREE, decoding info for trees */
-+ struct {
-+ inflate_codes_statef
-+ *codes;
-+ } decode; /* if CODES, current state */
-+ } sub; /* submode */
-+ uInt last; /* true if this block is the last block */
-+
-+ /* mode independent information */
-+ uInt bitk; /* bits in bit buffer */
-+ uLong bitb; /* bit buffer */
-+ inflate_huft *hufts; /* single malloc for tree space */
-+ Bytef *window; /* sliding window */
-+ Bytef *end; /* one byte after sliding window */
-+ Bytef *read; /* window read pointer */
-+ Bytef *write; /* window write pointer */
-+ check_func checkfn; /* check function */
-+ uLong check; /* check on output */
-+
-+};
-+
-+
-+/* defines for inflate input/output */
-+/* update pointers and return */
-+#define UPDBITS {s->bitb=b;s->bitk=k;}
-+#define UPDIN {z->avail_in=n;z->total_in+=p-z->next_in;z->next_in=p;}
-+#define UPDOUT {s->write=q;}
-+#define UPDATE {UPDBITS UPDIN UPDOUT}
-+#define LEAVE {UPDATE return inflate_flush(s,z,r);}
-+/* get bytes and bits */
-+#define LOADIN {p=z->next_in;n=z->avail_in;b=s->bitb;k=s->bitk;}
-+#define NEEDBYTE {if(n)r=Z_OK;else LEAVE}
-+#define NEXTBYTE (n--,*p++)
-+#define NEEDBITS(j) {while(k<(j)){NEEDBYTE;b|=((uLong)NEXTBYTE)<<k;k+=8;}}
-+#define DUMPBITS(j) {b>>=(j);k-=(j);}
-+/* output bytes */
-+#define WAVAIL (uInt)(q<s->read?s->read-q-1:s->end-q)
-+#define LOADOUT {q=s->write;m=(uInt)WAVAIL;}
-+#define WRAP {if(q==s->end&&s->read!=s->window){q=s->window;m=(uInt)WAVAIL;}}
-+#define FLUSH {UPDOUT r=inflate_flush(s,z,r); LOADOUT}
-+#define NEEDOUT {if(m==0){WRAP if(m==0){FLUSH WRAP if(m==0) LEAVE}}r=Z_OK;}
-+#define OUTBYTE(a) {*q++=(Byte)(a);m--;}
-+/* load local pointers */
-+#define LOAD {LOADIN LOADOUT}
-+
-+/* masks for lower bits (size given to avoid silly warnings with Visual C++) */
-+extern uInt inflate_mask[17];
-+
-+/* copy as much as possible from the sliding window to the output area */
-+extern int inflate_flush OF((
-+ inflate_blocks_statef *,
-+ z_streamp ,
-+ int));
-+
-+struct internal_state {int dummy;}; /* for buggy compilers */
-+
-+#endif /* _INFUTIL_H */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/initaddr.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,50 @@
-+/*
-+ * initialize address structure
-+ * Copyright (C) 2000 Henry Spencer.
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: initaddr.c,v 1.6 2004/07/10 07:43:47 mcr Exp $
-+ */
-+#include "openswan.h"
-+
-+/*
-+ - initaddr - initialize ip_address from bytes
-+ */
-+err_t /* NULL for success, else string literal */
-+initaddr(src, srclen, af, dst)
-+const unsigned char *src;
-+size_t srclen;
-+int af; /* address family */
-+ip_address *dst;
-+{
-+ switch (af) {
-+ case AF_INET:
-+ if (srclen != 4)
-+ return "IPv4 address must be exactly 4 bytes";
-+ dst->u.v4.sin_family = af;
-+ dst->u.v4.sin_port = 0; /* unused */
-+ memcpy((char *)&dst->u.v4.sin_addr.s_addr, src, srclen);
-+ break;
-+ case AF_INET6:
-+ if (srclen != 16)
-+ return "IPv6 address must be exactly 16 bytes";
-+ dst->u.v6.sin6_family = af;
-+ dst->u.v6.sin6_flowinfo = 0; /* unused */
-+ dst->u.v6.sin6_port = 0; /* unused */
-+ memcpy((char *)&dst->u.v6.sin6_addr, src, srclen);
-+ break;
-+ default:
-+ return "unknown address family in initaddr";
-+ break;
-+ }
-+ return NULL;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipcomp.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,701 @@
-+/*
-+ * IPCOMP zlib interface code.
-+ * Copyright (C) 2000 Svenning Soerensen <svenning@post5.tele.dk>
-+ * Copyright (C) 2000, 2001 Richard Guy Briggs <rgb@conscoop.ottawa.on.ca>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ */
-+
-+char ipcomp_c_version[] = "RCSID $Id: ipcomp.c,v 1.41.2.5 2006/10/06 21:39:26 paul Exp $";
-+
-+/* SSS */
-+
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+
-+#define __NO_VERSION__
-+#include <linux/module.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "openswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h>
-+#include <linux/netdevice.h>
-+#include <linux/ip.h>
-+#include <linux/skbuff.h>
-+
-+#include <linux/netdevice.h> /* struct device, and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+#include <linux/skbuff.h>
-+#include <asm/uaccess.h>
-+#include <asm/checksum.h>
-+
-+#include <openswan.h>
-+
-+#include <net/ip.h>
-+
-+#include "openswan/radij.h"
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_sa.h"
-+
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_tunnel.h"
-+#include "openswan/ipsec_rcv.h" /* sysctl_ipsec_inbound_policy_check */
-+#include "openswan/ipsec_proto.h"
-+#include "openswan/ipcomp.h"
-+#include "zlib/zlib.h"
-+#include "zlib/zutil.h"
-+
-+#include <pfkeyv2.h> /* SADB_X_CALG_DEFLATE */
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+int sysctl_ipsec_debug_ipcomp = 0;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+static
-+struct sk_buff *skb_copy_ipcomp(struct sk_buff *skb, int data_growth, int gfp_mask);
-+
-+static
-+voidpf my_zcalloc(voidpf opaque, uInt items, uInt size)
-+{
-+ return (voidpf) kmalloc(items*size, GFP_ATOMIC);
-+}
-+
-+static
-+void my_zfree(voidpf opaque, voidpf address)
-+{
-+ kfree(address);
-+}
-+
-+/*
-+ * We use this function because sometimes we want to pass a negative offset
-+ * into skb_put(), this does not work on 64bit platforms because long to
-+ * unsigned int casting.
-+ */
-+static inline unsigned char *
-+safe_skb_put(struct sk_buff *skb, int extend)
-+{
-+ unsigned char *ptr;
-+
-+ if (extend>0) {
-+ // increase the size of the packet
-+ ptr = skb_put(skb, extend);
-+ } else {
-+ // shrink the size of the packet
-+ ptr = skb->tail;
-+ skb_trim (skb, skb->len + extend);
-+ }
-+
-+ return ptr;
-+}
-+
-+struct sk_buff *skb_compress(struct sk_buff *skb, struct ipsec_sa *ips, unsigned int *flags)
-+{
-+ struct iphdr *iph;
-+ unsigned int iphlen, pyldsz, cpyldsz;
-+ unsigned char *buffer;
-+ z_stream zs;
-+ int zresult;
-+
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_debug:skb_compress: .\n");
-+
-+ if(skb == NULL) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_debug:skb_compress: "
-+ "passed in NULL skb, returning ERROR.\n");
-+ if(flags != NULL) {
-+ *flags |= IPCOMP_PARMERROR;
-+ }
-+ return skb;
-+ }
-+
-+ if(ips == NULL) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_debug:skb_compress: "
-+ "passed in NULL ipsec_sa needed for cpi, returning ERROR.\n");
-+ if(flags) {
-+ *flags |= IPCOMP_PARMERROR;
-+ }
-+ return skb;
-+ }
-+
-+ if (flags == NULL) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_debug:skb_compress: "
-+ "passed in NULL flags, returning ERROR.\n");
-+ ipsec_kfree_skb(skb);
-+ return NULL;
-+ }
-+
-+#ifdef NET_21
-+ iph = skb->nh.iph;
-+#else /* NET_21 */
-+ iph = skb->ip_hdr;
-+#endif /* NET_21 */
-+
-+ switch (iph->protocol) {
-+ case IPPROTO_COMP:
-+ case IPPROTO_AH:
-+ case IPPROTO_ESP:
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_debug:skb_compress: "
-+ "skipping compression of packet with ip protocol %d.\n",
-+ iph->protocol);
-+ *flags |= IPCOMP_UNCOMPRESSABLE;
-+ return skb;
-+ }
-+
-+ /* Don't compress packets already fragmented */
-+ if (iph->frag_off & __constant_htons(IP_MF | IP_OFFSET)) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_debug:skb_compress: "
-+ "skipping compression of fragmented packet.\n");
-+ *flags |= IPCOMP_UNCOMPRESSABLE;
-+ return skb;
-+ }
-+
-+ iphlen = iph->ihl << 2;
-+ pyldsz = ntohs(iph->tot_len) - iphlen;
-+
-+ /* Don't compress less than 90 bytes (rfc 2394) */
-+ if (pyldsz < 90) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_debug:skb_compress: "
-+ "skipping compression of tiny packet, len=%d.\n",
-+ pyldsz);
-+ *flags |= IPCOMP_UNCOMPRESSABLE;
-+ return skb;
-+ }
-+
-+ /* Adaptive decision */
-+ if (ips->ips_comp_adapt_skip) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_debug:skb_compress: "
-+ "skipping compression: ips_comp_adapt_skip=%d.\n",
-+ ips->ips_comp_adapt_skip);
-+ ips->ips_comp_adapt_skip--;
-+ *flags |= IPCOMP_UNCOMPRESSABLE;
-+ return skb;
-+ }
-+
-+ zs.zalloc = my_zcalloc;
-+ zs.zfree = my_zfree;
-+ zs.opaque = 0;
-+
-+ /* We want to use deflateInit2 because we don't want the adler
-+ header. */
-+ zresult = deflateInit2(&zs, Z_DEFAULT_COMPRESSION, Z_DEFLATED, -11,
-+ DEF_MEM_LEVEL, Z_DEFAULT_STRATEGY);
-+ if (zresult != Z_OK) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_error:skb_compress: "
-+ "deflateInit2() returned error %d (%s), "
-+ "skipping compression.\n",
-+ zresult,
-+ zs.msg ? zs.msg : zError(zresult));
-+ *flags |= IPCOMP_COMPRESSIONERROR;
-+ return skb;
-+ }
-+
-+
-+ /* Max output size. Result should be max this size.
-+ * Implementation specific tweak:
-+ * If it's not at least 32 bytes and 6.25% smaller than
-+ * the original packet, it's probably not worth wasting
-+ * the receiver's CPU cycles decompressing it.
-+ * Your mileage may vary.
-+ */
-+ cpyldsz = pyldsz - sizeof(struct ipcomphdr) - (pyldsz <= 512 ? 32 : pyldsz >> 4);
-+
-+ buffer = kmalloc(cpyldsz, GFP_ATOMIC);
-+ if (!buffer) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_error:skb_compress: "
-+ "unable to kmalloc(%d, GFP_ATOMIC), "
-+ "skipping compression.\n",
-+ cpyldsz);
-+ *flags |= IPCOMP_COMPRESSIONERROR;
-+ deflateEnd(&zs);
-+ return skb;
-+ }
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(sysctl_ipsec_debug_ipcomp && sysctl_ipsec_debug_verbose) {
-+ __u8 *c;
-+
-+ c = (__u8*)iph + iphlen;
-+ ipsec_dmp_block("compress before", c, pyldsz);
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ zs.next_in = (char *) iph + iphlen; /* start of payload */
-+ zs.avail_in = pyldsz;
-+ zs.next_out = buffer; /* start of compressed payload */
-+ zs.avail_out = cpyldsz;
-+
-+ /* Finish compression in one step */
-+ zresult = deflate(&zs, Z_FINISH);
-+
-+ /* Free all dynamically allocated buffers */
-+ deflateEnd(&zs);
-+ if (zresult != Z_STREAM_END) {
-+ *flags |= IPCOMP_UNCOMPRESSABLE;
-+ kfree(buffer);
-+
-+ /* Adjust adaptive counters */
-+ if (++(ips->ips_comp_adapt_tries) == IPCOMP_ADAPT_INITIAL_TRIES) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_debug:skb_compress: "
-+ "first %d packets didn't compress, "
-+ "skipping next %d\n",
-+ IPCOMP_ADAPT_INITIAL_TRIES,
-+ IPCOMP_ADAPT_INITIAL_SKIP);
-+ ips->ips_comp_adapt_skip = IPCOMP_ADAPT_INITIAL_SKIP;
-+ }
-+ else if (ips->ips_comp_adapt_tries == IPCOMP_ADAPT_INITIAL_TRIES + IPCOMP_ADAPT_SUBSEQ_TRIES) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_debug:skb_compress: "
-+ "next %d packets didn't compress, "
-+ "skipping next %d\n",
-+ IPCOMP_ADAPT_SUBSEQ_TRIES,
-+ IPCOMP_ADAPT_SUBSEQ_SKIP);
-+ ips->ips_comp_adapt_skip = IPCOMP_ADAPT_SUBSEQ_SKIP;
-+ ips->ips_comp_adapt_tries = IPCOMP_ADAPT_INITIAL_TRIES;
-+ }
-+
-+ return skb;
-+ }
-+
-+ /* resulting compressed size */
-+ cpyldsz -= zs.avail_out;
-+
-+ /* Insert IPCOMP header */
-+ ((struct ipcomphdr*) ((char*) iph + iphlen))->ipcomp_nh = iph->protocol;
-+ ((struct ipcomphdr*) ((char*) iph + iphlen))->ipcomp_flags = 0;
-+ /* use the bottom 16 bits of the spi for the cpi. The top 16 bits are
-+ for internal reference only. */
-+ ((struct ipcomphdr*) (((char*)iph) + iphlen))->ipcomp_cpi = htons((__u16)(ntohl(ips->ips_said.spi) & 0x0000ffff));
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_debug:skb_compress: "
-+ "spi=%08x, spi&0xffff=%04x, cpi=%04x, payload size: raw=%d, comp=%d.\n",
-+ ntohl(ips->ips_said.spi),
-+ ntohl(ips->ips_said.spi) & 0x0000ffff,
-+ ntohs(((struct ipcomphdr*)(((char*)iph)+iphlen))->ipcomp_cpi),
-+ pyldsz,
-+ cpyldsz);
-+
-+ /* Update IP header */
-+ iph->protocol = IPPROTO_COMP;
-+ iph->tot_len = htons(iphlen + sizeof(struct ipcomphdr) + cpyldsz);
-+#if 1 /* XXX checksum is done by ipsec_tunnel ? */
-+ iph->check = 0;
-+ iph->check = ip_fast_csum((char *) iph, iph->ihl);
-+#endif
-+
-+ /* Copy compressed payload */
-+ memcpy((char *) iph + iphlen + sizeof(struct ipcomphdr),
-+ buffer,
-+ cpyldsz);
-+ kfree(buffer);
-+
-+ /* Update skb length/tail by "unputting" the shrinkage */
-+ safe_skb_put (skb, cpyldsz + sizeof(struct ipcomphdr) - pyldsz);
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(sysctl_ipsec_debug_ipcomp && sysctl_ipsec_debug_verbose) {
-+ __u8 *c;
-+
-+ c = (__u8*)iph + iphlen + sizeof(struct ipcomphdr);
-+ ipsec_dmp_block("compress result", c, cpyldsz);
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ ips->ips_comp_adapt_skip = 0;
-+ ips->ips_comp_adapt_tries = 0;
-+
-+ return skb;
-+}
-+
-+struct sk_buff *skb_decompress(struct sk_buff *skb, struct ipsec_sa *ips, unsigned int *flags)
-+{
-+ struct sk_buff *nskb = NULL;
-+
-+ /* original ip header */
-+ struct iphdr *oiph, *iph;
-+ unsigned int iphlen, pyldsz, cpyldsz;
-+ z_stream zs;
-+ int zresult;
-+
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_debug:skb_decompress: .\n");
-+
-+ if(!skb) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_error:skb_decompress: "
-+ "passed in NULL skb, returning ERROR.\n");
-+ if (flags) *flags |= IPCOMP_PARMERROR;
-+ return skb;
-+ }
-+
-+ if(!ips && sysctl_ipsec_inbound_policy_check) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_error:skb_decompress: "
-+ "passed in NULL ipsec_sa needed for comp alg, returning ERROR.\n");
-+ if (flags) *flags |= IPCOMP_PARMERROR;
-+ return skb;
-+ }
-+
-+ if (!flags) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_error:skb_decompress: "
-+ "passed in NULL flags, returning ERROR.\n");
-+ ipsec_kfree_skb(skb);
-+ return NULL;
-+ }
-+
-+#ifdef NET_21
-+ oiph = skb->nh.iph;
-+#else /* NET_21 */
-+ oiph = skb->ip_hdr;
-+#endif /* NET_21 */
-+
-+ iphlen = oiph->ihl << 2;
-+
-+ if (oiph->protocol != IPPROTO_COMP) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_error:skb_decompress: "
-+ "called with non-IPCOMP packet (protocol=%d),"
-+ "skipping decompression.\n",
-+ oiph->protocol);
-+ *flags |= IPCOMP_PARMERROR;
-+ return skb;
-+ }
-+
-+ if ( (((struct ipcomphdr*)((char*) oiph + iphlen))->ipcomp_flags != 0)
-+ || ((((struct ipcomphdr*) ((char*) oiph + iphlen))->ipcomp_cpi
-+ != htons(SADB_X_CALG_DEFLATE))
-+ && sysctl_ipsec_inbound_policy_check
-+ && (!ips || (ips && (ips->ips_encalg != SADB_X_CALG_DEFLATE)))) ) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_error:skb_decompress: "
-+ "called with incompatible IPCOMP packet (flags=%d, "
-+ "cpi=%d), ips-compalg=%d, skipping decompression.\n",
-+ ntohs(((struct ipcomphdr*) ((char*) oiph + iphlen))->ipcomp_flags),
-+ ntohs(((struct ipcomphdr*) ((char*) oiph + iphlen))->ipcomp_cpi),
-+ ips ? ips->ips_encalg : 0);
-+ *flags |= IPCOMP_PARMERROR;
-+
-+ return skb;
-+ }
-+
-+ if (ntohs(oiph->frag_off) & ~0x4000) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_error:skb_decompress: "
-+ "called with fragmented IPCOMP packet, "
-+ "skipping decompression.\n");
-+ *flags |= IPCOMP_PARMERROR;
-+ return skb;
-+ }
-+
-+ /* original compressed payload size */
-+ cpyldsz = ntohs(oiph->tot_len) - iphlen - sizeof(struct ipcomphdr);
-+
-+ zs.zalloc = my_zcalloc;
-+ zs.zfree = my_zfree;
-+ zs.opaque = 0;
-+
-+ zs.next_in = (char *) oiph + iphlen + sizeof(struct ipcomphdr);
-+ zs.avail_in = cpyldsz;
-+
-+ /* Maybe we should be a bit conservative about memory
-+ requirements and use inflateInit2 */
-+ /* Beware, that this might make us unable to decompress packets
-+ from other implementations - HINT: check PGPnet source code */
-+ /* We want to use inflateInit2 because we don't want the adler
-+ header. */
-+ zresult = inflateInit2(&zs, -15);
-+ if (zresult != Z_OK) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_error:skb_decompress: "
-+ "inflateInit2() returned error %d (%s), "
-+ "skipping decompression.\n",
-+ zresult,
-+ zs.msg ? zs.msg : zError(zresult));
-+ *flags |= IPCOMP_DECOMPRESSIONERROR;
-+
-+ return skb;
-+ }
-+
-+ /* We have no way of knowing the exact length of the resulting
-+ decompressed output before we have actually done the decompression.
-+ For now, we guess that the packet will not be bigger than the
-+ attached ipsec device's mtu or 16260, whichever is biggest.
-+ This may be wrong, since the sender's mtu may be bigger yet.
-+ XXX This must be dealt with later XXX
-+ */
-+
-+ /* max payload size */
-+ pyldsz = skb->dev ? (skb->dev->mtu < 16260 ? 16260 : skb->dev->mtu)
-+ : (65520 - iphlen);
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_debug:skb_decompress: "
-+ "max payload size: %d\n", pyldsz);
-+
-+ while (pyldsz > (cpyldsz + sizeof(struct ipcomphdr)) &&
-+ (nskb = skb_copy_ipcomp(skb,
-+ pyldsz - cpyldsz - sizeof(struct ipcomphdr),
-+ GFP_ATOMIC)) == NULL) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_error:skb_decompress: "
-+ "unable to skb_copy_ipcomp(skb, %d, GFP_ATOMIC), "
-+ "trying with less payload size.\n",
-+ (int)(pyldsz - cpyldsz - sizeof(struct ipcomphdr)));
-+ pyldsz >>=1;
-+ }
-+
-+ if (!nskb) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_error:skb_decompress: "
-+ "unable to allocate memory, dropping packet.\n");
-+ *flags |= IPCOMP_DECOMPRESSIONERROR;
-+ inflateEnd(&zs);
-+
-+ return skb;
-+ }
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(sysctl_ipsec_debug_ipcomp && sysctl_ipsec_debug_verbose) {
-+ __u8 *c;
-+
-+ c = (__u8*)oiph + iphlen + sizeof(struct ipcomphdr);
-+ ipsec_dmp_block("decompress before", c, cpyldsz);
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+#ifdef NET_21
-+ iph = nskb->nh.iph;
-+#else /* NET_21 */
-+ iph = nskb->ip_hdr;
-+#endif /* NET_21 */
-+ zs.next_out = (char *)iph + iphlen;
-+ zs.avail_out = pyldsz;
-+
-+ zresult = inflate(&zs, Z_SYNC_FLUSH);
-+
-+ /* work around a bug in zlib, which sometimes wants to taste an extra
-+ * byte when being used in the (undocumented) raw deflate mode.
-+ */
-+ if (zresult == Z_OK && !zs.avail_in && zs.avail_out) {
-+ __u8 zerostuff = 0;
-+
-+ zs.next_in = &zerostuff;
-+ zs.avail_in = 1;
-+ zresult = inflate(&zs, Z_FINISH);
-+ }
-+
-+ inflateEnd(&zs);
-+ if (zresult != Z_STREAM_END) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_error:skb_decompress: "
-+ "inflate() returned error %d (%s), "
-+ "skipping decompression.\n",
-+ zresult,
-+ zs.msg ? zs.msg : zError(zresult));
-+ *flags |= IPCOMP_DECOMPRESSIONERROR;
-+ ipsec_kfree_skb(nskb);
-+
-+ return skb;
-+ }
-+
-+ /* Update IP header */
-+ /* resulting decompressed size */
-+ pyldsz -= zs.avail_out;
-+ iph->tot_len = htons(iphlen + pyldsz);
-+ iph->protocol = ((struct ipcomphdr*) ((char*) oiph + iphlen))->ipcomp_nh;
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_debug:skb_decompress: "
-+ "spi=%08x, spi&0xffff=%04x, cpi=%04x, payload size: comp=%d, raw=%d, nh=%d.\n",
-+ ips ? ntohl(ips->ips_said.spi) : 0,
-+ ips ? ntohl(ips->ips_said.spi) & 0x0000ffff : 0,
-+ ntohs(((struct ipcomphdr*)(((char*)oiph)+iphlen))->ipcomp_cpi),
-+ cpyldsz,
-+ pyldsz,
-+ iph->protocol);
-+
-+#if 1 /* XXX checksum is done by ipsec_rcv ? */
-+ iph->check = 0;
-+ iph->check = ip_fast_csum((char*) iph, iph->ihl);
-+#endif
-+
-+ /* Update skb length/tail by "unputting" the unused data area */
-+ safe_skb_put(nskb, -zs.avail_out);
-+
-+ ipsec_kfree_skb(skb);
-+
-+ if (iph->protocol == IPPROTO_COMP)
-+ {
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(sysctl_ipsec_debug_ipcomp)
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_debug:skb_decompress: "
-+ "Eh? inner packet is also compressed, dropping.\n");
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ ipsec_kfree_skb(nskb);
-+ return NULL;
-+ }
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(sysctl_ipsec_debug_ipcomp && sysctl_ipsec_debug_verbose) {
-+ __u8 *c;
-+
-+ c = (__u8*)iph + iphlen;
-+ ipsec_dmp_block("decompress result", c, pyldsz);
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ return nskb;
-+}
-+
-+
-+/* this is derived from skb_copy() in linux 2.2.14 */
-+/* May be incompatible with other kernel versions!! */
-+static
-+struct sk_buff *skb_copy_ipcomp(struct sk_buff *skb, int data_growth, int gfp_mask)
-+{
-+ struct sk_buff *n;
-+ struct iphdr *iph;
-+ unsigned long offset;
-+ unsigned int iphlen;
-+
-+ if(!skb) {
-+ KLIPS_PRINT(sysctl_ipsec_debug_ipcomp,
-+ "klips_debug:skb_copy_ipcomp: "
-+ "passed in NULL skb, returning NULL.\n");
-+ return NULL;
-+ }
-+
-+ /*
-+ * Allocate the copy buffer
-+ */
-+
-+#ifdef NET_21
-+ iph = skb->nh.iph;
-+#else /* NET_21 */
-+ iph = skb->ip_hdr;
-+#endif /* NET_21 */
-+ if (!iph) return NULL;
-+ iphlen = iph->ihl << 2;
-+
-+ n=alloc_skb(skb->end - skb->head + data_growth, gfp_mask);
-+ if(n==NULL)
-+ return NULL;
-+
-+ /*
-+ * Shift between the two data areas in bytes
-+ */
-+
-+ offset=n->head-skb->head;
-+
-+ /* Set the data pointer */
-+ skb_reserve(n,skb->data-skb->head);
-+ /* Set the tail pointer and length */
-+ safe_skb_put(n,skb->len+data_growth);
-+ /* Copy the bytes up to and including the ip header */
-+ memcpy(n->head,
-+ skb->head,
-+ ((char *)iph - (char *)skb->head) + iphlen);
-+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,14)
-+ n->list=NULL;
-+#endif
-+ n->next=NULL;
-+ n->prev=NULL;
-+ n->sk=NULL;
-+ n->dev=skb->dev;
-+ if (skb->h.raw)
-+ n->h.raw=skb->h.raw+offset;
-+ else
-+ n->h.raw=NULL;
-+ n->protocol=skb->protocol;
-+#ifdef NET_21
-+ n->csum = 0;
-+ n->priority=skb->priority;
-+ n->dst=dst_clone(skb->dst);
-+ n->nh.raw=skb->nh.raw+offset;
-+#ifndef NETDEV_23
-+ n->is_clone=0;
-+#endif /* NETDEV_23 */
-+ atomic_set(&n->users, 1);
-+ n->destructor = NULL;
-+#ifdef HAVE_SOCK_SECURITY
-+ n->security=skb->security;
-+#endif
-+ memcpy(n->cb, skb->cb, sizeof(skb->cb));
-+#ifdef CONFIG_IP_FIREWALL
-+ n->fwmark = skb->fwmark;
-+#endif
-+#else /* NET_21 */
-+ n->link3=NULL;
-+ n->when=skb->when;
-+ n->ip_hdr=(struct iphdr *)(((char *)skb->ip_hdr)+offset);
-+ n->saddr=skb->saddr;
-+ n->daddr=skb->daddr;
-+ n->raddr=skb->raddr;
-+ n->seq=skb->seq;
-+ n->end_seq=skb->end_seq;
-+ n->ack_seq=skb->ack_seq;
-+ n->acked=skb->acked;
-+ n->free=1;
-+ n->arp=skb->arp;
-+ n->tries=0;
-+ n->lock=0;
-+ n->users=0;
-+ memcpy(n->proto_priv, skb->proto_priv, sizeof(skb->proto_priv));
-+#endif /* NET_21 */
-+ if (skb->mac.raw)
-+ n->mac.raw=skb->mac.raw+offset;
-+ else
-+ n->mac.raw=NULL;
-+#ifndef NETDEV_23
-+ n->used=skb->used;
-+#endif /* !NETDEV_23 */
-+ n->pkt_type=skb->pkt_type;
-+#ifndef NETDEV_23
-+ n->pkt_bridged=skb->pkt_bridged;
-+#endif /* NETDEV_23 */
-+ n->ip_summed=0;
-+#ifdef HAVE_TSTAMP
-+ n->tstamp = skb->tstamp;
-+#else
-+ n->stamp=skb->stamp;
-+#endif
-+#ifndef NETDEV_23 /* this seems to have been removed in 2.4 */
-+#if defined(CONFIG_SHAPER) || defined(CONFIG_SHAPER_MODULE)
-+ n->shapelatency=skb->shapelatency; /* Latency on frame */
-+ n->shapeclock=skb->shapeclock; /* Time it should go out */
-+ n->shapelen=skb->shapelen; /* Frame length in clocks */
-+ n->shapestamp=skb->shapestamp; /* Stamp for shaper */
-+ n->shapepend=skb->shapepend; /* Pending */
-+#endif /* defined(CONFIG_SHAPER) || defined(CONFIG_SHAPER_MODULE) */
-+#endif /* NETDEV_23 */
-+
-+ return n;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_ah.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,407 @@
-+/*
-+ * processing code for AH
-+ * Copyright (C) 2003-2004 Michael Richardson <mcr@xelerance.com>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ */
-+
-+char ipsec_ah_c_version[] = "RCSID $Id: ipsec_ah.c,v 1.12.2.2 2006/10/06 21:39:26 paul Exp $";
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+
-+#define __NO_VERSION__
-+#include <linux/module.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "openswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/interrupt.h> /* mark_bh */
-+
-+#include <linux/netdevice.h> /* struct device, and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+#include <linux/skbuff.h>
-+#include <openswan.h>
-+#ifdef SPINLOCK
-+# ifdef SPINLOCK_23
-+# include <linux/spinlock.h> /* *lock* */
-+# else /* SPINLOCK_23 */
-+# include <asm/spinlock.h> /* *lock* */
-+# endif /* SPINLOCK_23 */
-+#endif /* SPINLOCK */
-+
-+#include <net/ip.h>
-+#include <net/protocol.h>
-+
-+#include "openswan/radij.h"
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_sa.h"
-+
-+#include "openswan/ipsec_radij.h"
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_tunnel.h"
-+#include "openswan/ipsec_rcv.h"
-+#include "openswan/ipsec_xmit.h"
-+
-+#include "openswan/ipsec_auth.h"
-+#include "openswan/ipsec_ah.h"
-+#include "openswan/ipsec_proto.h"
-+
-+__u32 zeroes[AH_AMAX];
-+
-+enum ipsec_rcv_value
-+ipsec_rcv_ah_checks(struct ipsec_rcv_state *irs,
-+ struct sk_buff *skb)
-+{
-+ int ahminlen;
-+
-+ ahminlen = irs->hard_header_len + sizeof(struct iphdr);
-+
-+ /* take care not to deref this pointer until we check the minlen though */
-+ irs->protostuff.ahstuff.ahp = (struct ahhdr *)skb->h.raw;
-+
-+ if((skb->len < ahminlen+sizeof(struct ahhdr)) ||
-+ (skb->len < ahminlen+(irs->protostuff.ahstuff.ahp->ah_hl << 2))) {
-+ KLIPS_PRINT(debug_rcv & DB_RX_INAU,
-+ "klips_debug:ipsec_rcv: "
-+ "runt ah packet of skb->len=%d received from %s, dropped.\n",
-+ skb->len,
-+ irs->ipsaddr_txt);
-+ if(irs->stats) {
-+ irs->stats->rx_errors++;
-+ }
-+ return IPSEC_RCV_BADLEN;
-+ }
-+
-+ irs->said.spi = irs->protostuff.ahstuff.ahp->ah_spi;
-+
-+ /* XXX we only support the one 12-byte authenticator for now */
-+ if(irs->protostuff.ahstuff.ahp->ah_hl != ((AHHMAC_HASHLEN+AHHMAC_RPLLEN) >> 2)) {
-+ KLIPS_PRINT(debug_rcv & DB_RX_INAU,
-+ "klips_debug:ipsec_rcv: "
-+ "bad authenticator length %ld, expected %lu from %s.\n",
-+ (long)(irs->protostuff.ahstuff.ahp->ah_hl << 2),
-+ (unsigned long) sizeof(struct ahhdr),
-+ irs->ipsaddr_txt);
-+ if(irs->stats) {
-+ irs->stats->rx_errors++;
-+ }
-+ return IPSEC_RCV_BADLEN;
-+ }
-+
-+ return IPSEC_RCV_OK;
-+}
-+
-+
-+enum ipsec_rcv_value
-+ipsec_rcv_ah_setup_auth(struct ipsec_rcv_state *irs,
-+ struct sk_buff *skb,
-+ __u32 *replay,
-+ unsigned char **authenticator)
-+{
-+ struct ahhdr *ahp = irs->protostuff.ahstuff.ahp;
-+
-+ *replay = ntohl(ahp->ah_rpl);
-+ *authenticator = ahp->ah_data;
-+
-+ return IPSEC_RCV_OK;
-+}
-+
-+enum ipsec_rcv_value
-+ipsec_rcv_ah_authcalc(struct ipsec_rcv_state *irs,
-+ struct sk_buff *skb)
-+{
-+ struct auth_alg *aa;
-+ struct ahhdr *ahp = irs->protostuff.ahstuff.ahp;
-+ union {
-+ MD5_CTX md5;
-+ SHA1_CTX sha1;
-+ } tctx;
-+ struct iphdr ipo;
-+ int ahhlen;
-+
-+ aa = irs->authfuncs;
-+
-+ /* copy the initialized keying material */
-+ memcpy(&tctx, irs->ictx, irs->ictx_len);
-+
-+ ipo = *irs->ipp;
-+ ipo.tos = 0; /* mutable RFC 2402 3.3.3.1.1.1 */
-+ ipo.frag_off = 0;
-+ ipo.ttl = 0;
-+ ipo.check = 0;
-+
-+
-+ /* do the sanitized header */
-+ (*aa->update)((void*)&tctx, (caddr_t)&ipo, sizeof(struct iphdr));
-+
-+ /* XXX we didn't do the options here! */
-+
-+ /* now do the AH header itself */
-+ ahhlen = AH_BASIC_LEN + (ahp->ah_hl << 2);
-+ (*aa->update)((void*)&tctx, (caddr_t)ahp, ahhlen - AHHMAC_HASHLEN);
-+
-+ /* now, do some zeroes */
-+ (*aa->update)((void*)&tctx, (caddr_t)zeroes, AHHMAC_HASHLEN);
-+
-+ /* finally, do the packet contents themselves */
-+ (*aa->update)((void*)&tctx,
-+ (caddr_t)skb->h.raw + ahhlen,
-+ skb->len - ahhlen);
-+
-+ (*aa->final)(irs->hash, (void *)&tctx);
-+
-+ memcpy(&tctx, irs->octx, irs->octx_len);
-+
-+ (*aa->update)((void *)&tctx, irs->hash, aa->hashlen);
-+ (*aa->final)(irs->hash, (void *)&tctx);
-+
-+ return IPSEC_RCV_OK;
-+}
-+
-+enum ipsec_rcv_value
-+ipsec_rcv_ah_decap(struct ipsec_rcv_state *irs)
-+{
-+ struct ahhdr *ahp = irs->protostuff.ahstuff.ahp;
-+ struct sk_buff *skb;
-+ int ahhlen;
-+
-+ skb=irs->skb;
-+
-+ ahhlen = AH_BASIC_LEN + (ahp->ah_hl << 2);
-+
-+ irs->ipp->tot_len = htons(ntohs(irs->ipp->tot_len) - ahhlen);
-+ irs->next_header = ahp->ah_nh;
-+
-+ /*
-+ * move the IP header forward by the size of the AH header, which
-+ * will remove the the AH header from the packet.
-+ */
-+ memmove((void *)(skb->nh.raw + ahhlen),
-+ (void *)(skb->nh.raw), irs->iphlen);
-+
-+ ipsec_rcv_dmp("ah postmove", skb->data, skb->len);
-+
-+ /* skb_pull below, will move up by ahhlen */
-+
-+ /* XXX not clear how this can happen, as the message indicates */
-+ if(skb->len < ahhlen) {
-+ printk(KERN_WARNING
-+ "klips_error:ipsec_rcv: "
-+ "tried to skb_pull ahhlen=%d, %d available. This should never happen, please report.\n",
-+ ahhlen,
-+ (int)(skb->len));
-+ return IPSEC_RCV_DECAPFAIL;
-+ }
-+ skb_pull(skb, ahhlen);
-+
-+ skb->nh.raw = skb->nh.raw + ahhlen;
-+ irs->ipp = skb->nh.iph;
-+
-+ ipsec_rcv_dmp("ah postpull", (void *)skb->nh.iph, skb->len);
-+
-+ return IPSEC_RCV_OK;
-+}
-+
-+enum ipsec_xmit_value
-+ipsec_xmit_ah_setup(struct ipsec_xmit_state *ixs)
-+{
-+ struct iphdr ipo;
-+ struct ahhdr *ahp;
-+ __u8 hash[AH_AMAX];
-+ union {
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_MD5
-+ MD5_CTX md5;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_MD5 */
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_SHA1
-+ SHA1_CTX sha1;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_SHA1 */
-+ } tctx;
-+ unsigned char *dat = (unsigned char *)ixs->iph;
-+
-+ ahp = (struct ahhdr *)(dat + ixs->iphlen);
-+ ahp->ah_spi = ixs->ipsp->ips_said.spi;
-+ ahp->ah_rpl = htonl(++(ixs->ipsp->ips_replaywin_lastseq));
-+ ahp->ah_rv = 0;
-+ ahp->ah_nh = ixs->iph->protocol;
-+ ahp->ah_hl = (sizeof(struct ahhdr) >> 2) - sizeof(__u64)/sizeof(__u32);
-+ ixs->iph->protocol = IPPROTO_AH;
-+ ipsec_xmit_dmp("ahp", (char*)ahp, sizeof(*ahp));
-+
-+ ipo = *ixs->iph;
-+ ipo.tos = 0;
-+ ipo.frag_off = 0;
-+ ipo.ttl = 0;
-+ ipo.check = 0;
-+ ipsec_xmit_dmp("ipo", (char*)&ipo, sizeof(ipo));
-+
-+ switch(ixs->ipsp->ips_authalg) {
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_MD5
-+ case AH_MD5:
-+ tctx.md5 = ((struct md5_ctx*)(ixs->ipsp->ips_key_a))->ictx;
-+ ipsec_xmit_dmp("ictx", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Update(&tctx.md5, (unsigned char *)&ipo, sizeof (struct iphdr));
-+ ipsec_xmit_dmp("ictx+ipo", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Update(&tctx.md5, (unsigned char *)ahp,
-+ sizeof(struct ahhdr) - sizeof(ahp->ah_data));
-+ ipsec_xmit_dmp("ictx+ahp", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Update(&tctx.md5, (unsigned char *)zeroes, AHHMAC_HASHLEN);
-+ ipsec_xmit_dmp("ictx+zeroes", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Update(&tctx.md5, dat + ixs->iphlen + sizeof(struct ahhdr),
-+ ixs->skb->len - ixs->iphlen - sizeof(struct ahhdr));
-+ ipsec_xmit_dmp("ictx+dat", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Final(hash, &tctx.md5);
-+ ipsec_xmit_dmp("ictx hash", (char*)&hash, sizeof(hash));
-+ tctx.md5 = ((struct md5_ctx*)(ixs->ipsp->ips_key_a))->octx;
-+ ipsec_xmit_dmp("octx", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Update(&tctx.md5, hash, AHMD596_ALEN);
-+ ipsec_xmit_dmp("octx+hash", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Final(hash, &tctx.md5);
-+ ipsec_xmit_dmp("octx hash", (char*)&hash, sizeof(hash));
-+
-+ memcpy(ahp->ah_data, hash, AHHMAC_HASHLEN);
-+
-+ /* paranoid */
-+ memset((caddr_t)&tctx.md5, 0, sizeof(tctx.md5));
-+ memset((caddr_t)hash, 0, sizeof(*hash));
-+ break;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_MD5 */
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_SHA1
-+ case AH_SHA:
-+ tctx.sha1 = ((struct sha1_ctx*)(ixs->ipsp->ips_key_a))->ictx;
-+ SHA1Update(&tctx.sha1, (unsigned char *)&ipo, sizeof (struct iphdr));
-+ SHA1Update(&tctx.sha1, (unsigned char *)ahp, sizeof(struct ahhdr) - sizeof(ahp->ah_data));
-+ SHA1Update(&tctx.sha1, (unsigned char *)zeroes, AHHMAC_HASHLEN);
-+ SHA1Update(&tctx.sha1, dat + ixs->iphlen + sizeof(struct ahhdr),
-+ ixs->skb->len - ixs->iphlen - sizeof(struct ahhdr));
-+ SHA1Final(hash, &tctx.sha1);
-+ tctx.sha1 = ((struct sha1_ctx*)(ixs->ipsp->ips_key_a))->octx;
-+ SHA1Update(&tctx.sha1, hash, AHSHA196_ALEN);
-+ SHA1Final(hash, &tctx.sha1);
-+
-+ memcpy(ahp->ah_data, hash, AHHMAC_HASHLEN);
-+
-+ /* paranoid */
-+ memset((caddr_t)&tctx.sha1, 0, sizeof(tctx.sha1));
-+ memset((caddr_t)hash, 0, sizeof(*hash));
-+ break;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_SHA1 */
-+ default:
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_AH_BADALG;
-+ }
-+#ifdef NET_21
-+ ixs->skb->h.raw = (unsigned char*)ahp;
-+#endif /* NET_21 */
-+
-+ return IPSEC_XMIT_OK;
-+}
-+
-+struct xform_functions ah_xform_funcs[]={
-+ { rcv_checks: ipsec_rcv_ah_checks,
-+ rcv_setup_auth: ipsec_rcv_ah_setup_auth,
-+ rcv_calc_auth: ipsec_rcv_ah_authcalc,
-+ rcv_decrypt: ipsec_rcv_ah_decap,
-+
-+ xmit_setup: ipsec_xmit_ah_setup,
-+ xmit_headroom: sizeof(struct ahhdr),
-+ xmit_needtailroom: 0,
-+ },
-+};
-+
-+
-+#ifdef NET_26
-+struct inet_protocol ah_protocol = {
-+ .handler = ipsec_rcv,
-+ .no_policy = 1,
-+};
-+#else
-+struct inet_protocol ah_protocol =
-+{
-+ ipsec_rcv, /* AH handler */
-+ NULL, /* TUNNEL error control */
-+#ifdef NETDEV_25
-+ 1, /* no policy */
-+#else
-+ 0, /* next */
-+ IPPROTO_AH, /* protocol ID */
-+ 0, /* copy */
-+ NULL, /* data */
-+ "AH" /* name */
-+#endif
-+};
-+#endif /* NET_26 */
-+
-+/*
-+ * $Log: ipsec_ah.c,v $
-+ * Revision 1.12.2.2 2006/10/06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.12.2.1 2006/02/15 05:35:14 paul
-+ * Patch by David McCullough <davidm@snapgear.com>
-+ * If you setup a tunnel without ESP it doesn't work. It used to work in
-+ * an older openswan version but stopped when klips was modified to deal
-+ * with the pulled IP header on the received SKB's.
-+ *
-+ * The code in ipsec_ah.c still thinks the IP header is there and runs the
-+ * hash on the incorrect data.
-+ *
-+ * Revision 1.12 2005/04/29 05:10:22 mcr
-+ * removed from extraenous includes to make unit testing easier.
-+ *
-+ * Revision 1.11 2005/04/15 19:50:55 mcr
-+ * adjustments to use proper skb fields for data.
-+ *
-+ * Revision 1.10 2004/09/14 00:22:57 mcr
-+ * adjustment of MD5* functions.
-+ *
-+ * Revision 1.9 2004/09/13 02:22:47 mcr
-+ * #define inet_protocol if necessary.
-+ *
-+ * Revision 1.8 2004/09/06 18:35:48 mcr
-+ * 2.6.8.1 gets rid of inet_protocol->net_protocol compatibility,
-+ * so adjust for that.
-+ *
-+ * Revision 1.7 2004/08/22 05:00:48 mcr
-+ * if we choose to compile the file, we want the contents,
-+ * so don't pull any punches.
-+ *
-+ * Revision 1.6 2004/08/17 03:27:23 mcr
-+ * klips 2.6 edits.
-+ *
-+ * Revision 1.5 2004/08/14 03:28:24 mcr
-+ * fixed log comment to remove warning about embedded comment.
-+ *
-+ * Revision 1.4 2004/08/04 15:57:07 mcr
-+ * moved des .h files to include/des/ *
-+ * included 2.6 protocol specific things
-+ * started at NAT-T support, but it will require a kernel patch.
-+ *
-+ * Revision 1.3 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.2 2004/04/06 02:49:25 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_alg.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,1057 @@
-+/*
-+ * Modular extensions service and registration functions
-+ *
-+ * Author: JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar>
-+ *
-+ * Version: 0.8.1
-+ *
-+ * ipsec_alg.c,v 1.1.2.1 2003/11/21 18:12:23 jjo Exp
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ */
-+#define __NO_VERSION__
-+
-+#if defined (MODULE)
-+#include <linux/module.h>
-+#endif
-+
-+#include <linux/kernel.h> /* printk() */
-+
-+#include <linux/netdevice.h> /* struct device, and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+#include <linux/skbuff.h>
-+#include <linux/socket.h>
-+#include <linux/in.h>
-+#include <linux/types.h>
-+#include <linux/string.h> /* memcmp() */
-+#include <linux/random.h> /* get_random_bytes() */
-+#include <linux/errno.h> /* error codes */
-+#ifdef SPINLOCK
-+# ifdef SPINLOCK_23
-+# include <linux/spinlock.h> /* *lock* */
-+# else /* SPINLOCK_23 */
-+# include <asm/spinlock.h> /* *lock* */
-+# endif /* SPINLOCK_23 */
-+#endif /* SPINLOCK */
-+
-+#include "openswan/ipsec_param.h"
-+#include <openswan.h>
-+#include "openswan/ipsec_sa.h"
-+#include "openswan/radij.h"
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_radij.h"
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_tunnel.h"
-+#include "openswan/ipsec_rcv.h"
-+#if defined(CONFIG_KLIPS_ESP) || defined(CONFIG_KLIPS_AH)
-+# include "openswan/ipsec_ah.h"
-+#endif /* defined(CONFIG_KLIPS_ESP) || defined(CONFIG_KLIPS_AH) */
-+#ifdef CONFIG_KLIPS_ESP
-+# include "openswan/ipsec_esp.h"
-+#endif /* !CONFIG_KLIPS_ESP */
-+#ifdef CONFIG_KLIPS_IPCOMP
-+# include "openswan/ipcomp.h"
-+#endif /* CONFIG_KLIPS_COMP */
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+#include "openswan/ipsec_alg.h"
-+#include "openswan/ipsec_proto.h"
-+
-+#if SADB_EALG_MAX < 255
-+#warning Compiling with limited ESP support ( SADB_EALG_MAX < 256 )
-+#endif
-+
-+static rwlock_t ipsec_alg_lock = RW_LOCK_UNLOCKED;
-+#define IPSEC_ALG_HASHSZ 16 /* must be power of 2, even 2^0=1 */
-+static struct list_head ipsec_alg_hash_table[IPSEC_ALG_HASHSZ];
-+
-+/* Old gcc's will fail here */
-+#define barf_out(fmt, args...) do { struct ipsec_alg *ixtc = (struct ipsec_alg *)ixt; printk(KERN_ERR "%s: (%s) " fmt, __FUNCTION__, ixtc->ixt_name , ## args) \
-+ ; goto out; } while(0)
-+
-+#ifdef NET_26
-+/*
-+ * Must be already protected by lock
-+ */
-+static void __ipsec_alg_usage_inc(struct ipsec_alg *ixt)
-+{
-+#ifdef MODULE
-+ if (ixt->ixt_module)
-+ try_module_get(ixt->ixt_module);
-+#endif
-+ atomic_inc(&ixt->ixt_refcnt);
-+}
-+static void __ipsec_alg_usage_dec(struct ipsec_alg *ixt) {
-+ atomic_dec(&ixt->ixt_refcnt);
-+#ifdef MODULE
-+ if (ixt->ixt_module)
-+ module_put(ixt->ixt_module);
-+#endif
-+}
-+
-+#else
-+
-+/*
-+ * Must be already protected by lock
-+ */
-+static void __ipsec_alg_usage_inc(struct ipsec_alg *ixt) {
-+#ifdef MODULE
-+ if (ixt->ixt_module) {
-+ __MOD_INC_USE_COUNT(ixt->ixt_module);
-+ }
-+#endif
-+ atomic_inc(&ixt->ixt_refcnt);
-+}
-+static void __ipsec_alg_usage_dec(struct ipsec_alg *ixt) {
-+ atomic_dec(&ixt->ixt_refcnt);
-+#ifdef MODULE
-+ if (ixt->ixt_module)
-+ __MOD_DEC_USE_COUNT(ixt->ixt_module);
-+#endif
-+}
-+#endif
-+
-+/*
-+ * simple hash function, optimized for 0-hash (1 list) special
-+ * case
-+ */
-+#if IPSEC_ALG_HASHSZ > 1
-+static inline unsigned ipsec_alg_hashfn(int alg_type, int alg_id) {
-+ return ((alg_type^alg_id)&(IPSEC_ALG_HASHSZ-1));
-+}
-+#else
-+#define ipsec_alg_hashfn(x,y) (0)
-+#endif
-+
-+/*****************************************************************
-+ *
-+ * INTERNAL table handling: insert, delete, find
-+ *
-+ *****************************************************************/
-+
-+/*
-+ * hash table initialization, called from ipsec_alg_init()
-+ */
-+static void ipsec_alg_hash_init(void) {
-+ struct list_head *head = ipsec_alg_hash_table;
-+ int i = IPSEC_ALG_HASHSZ;
-+ do {
-+ INIT_LIST_HEAD(head);
-+ head++;
-+ i--;
-+ } while (i);
-+}
-+/*
-+ * hash list lookup by {alg_type, alg_id} and table head,
-+ * must be already protected by lock
-+ */
-+static struct ipsec_alg *__ipsec_alg_find(unsigned alg_type, unsigned alg_id, struct list_head * head) {
-+ struct list_head *p;
-+ struct ipsec_alg *ixt=NULL;
-+ for (p=head->next; p!=head; p=p->next) {
-+ ixt = list_entry(p, struct ipsec_alg, ixt_list);
-+ if (ixt->ixt_alg_type == alg_type && ixt->ixt_alg_id==alg_id) {
-+ goto out;
-+ }
-+ }
-+ ixt=NULL;
-+out:
-+ return ixt;
-+}
-+/*
-+ * inserts (in front) a new entry in hash table,
-+ * called from ipsec_alg_register() when new algorithm is registered.
-+ */
-+static int ipsec_alg_insert(struct ipsec_alg *ixt) {
-+ int ret=-EINVAL;
-+ unsigned hashval=ipsec_alg_hashfn(ixt->ixt_alg_type, ixt->ixt_alg_id);
-+ struct list_head *head= ipsec_alg_hash_table + hashval;
-+ struct ipsec_alg *ixt_cur;
-+
-+ /* new element must be virgin ... */
-+ if (ixt->ixt_list.next != &ixt->ixt_list ||
-+ ixt->ixt_list.prev != &ixt->ixt_list) {
-+ printk(KERN_ERR "ipsec_alg_insert: ixt object \"%s\" "
-+ "list head not initialized\n",
-+ ixt->ixt_name);
-+ return ret;
-+ }
-+ write_lock_bh(&ipsec_alg_lock);
-+
-+ ixt_cur = __ipsec_alg_find(ixt->ixt_alg_type, ixt->ixt_alg_id, head);
-+
-+ /* if previous (current) ipsec_alg found check excl flag of _anyone_ */
-+ if (ixt_cur
-+ && ((ixt->ixt_state|ixt_cur->ixt_state) & IPSEC_ALG_ST_EXCL)) {
-+ barf_out("ipsec_alg for alg_type=%d, alg_id=%d already exist. "
-+ "Not loaded (ret=%d).\n",
-+ ixt->ixt_alg_type,
-+ ixt->ixt_alg_id, ret=-EEXIST);
-+ }
-+ list_add(&ixt->ixt_list, head);
-+ ixt->ixt_state |= IPSEC_ALG_ST_REGISTERED;
-+ ret=0;
-+out:
-+ write_unlock_bh(&ipsec_alg_lock);
-+ return ret;
-+}
-+
-+/*
-+ * deletes an existing entry in hash table,
-+ * called from ipsec_alg_unregister() when algorithm is unregistered.
-+ */
-+static int ipsec_alg_delete(struct ipsec_alg *ixt) {
-+ write_lock_bh(&ipsec_alg_lock);
-+ list_del(&ixt->ixt_list);
-+ write_unlock_bh(&ipsec_alg_lock);
-+ return 0;
-+}
-+
-+/*
-+ * here @user context (read-only when @kernel bh context)
-+ * -> no bh disabling
-+ *
-+ * called from ipsec_sa_init() -> ipsec_alg_sa_init()
-+ */
-+static struct ipsec_alg *ipsec_alg_get(int alg_type, int alg_id)
-+{
-+ unsigned hashval=ipsec_alg_hashfn(alg_type, alg_id);
-+ struct list_head *head= ipsec_alg_hash_table + hashval;
-+ struct ipsec_alg *ixt;
-+
-+ read_lock(&ipsec_alg_lock);
-+ ixt=__ipsec_alg_find(alg_type, alg_id, head);
-+ if (ixt) __ipsec_alg_usage_inc(ixt);
-+ read_unlock(&ipsec_alg_lock);
-+
-+ return ixt;
-+}
-+
-+static void ipsec_alg_put(struct ipsec_alg *ixt) {
-+ __ipsec_alg_usage_dec((struct ipsec_alg *)ixt);
-+}
-+
-+/*****************************************************************
-+ *
-+ * INTERFACE for ENC services: key creation, encrypt function
-+ *
-+ *****************************************************************/
-+
-+/*
-+ * main encrypt service entry point
-+ * called from ipsec_rcv() with encrypt=IPSEC_ALG_DECRYPT and
-+ * ipsec_tunnel_start_xmit with encrypt=IPSEC_ALG_ENCRYPT
-+ */
-+int ipsec_alg_esp_encrypt(struct ipsec_sa *sa_p, __u8 * idat,
-+ int ilen, const __u8 * iv, int encrypt)
-+{
-+ int ret;
-+ struct ipsec_alg_enc *ixt_e=sa_p->ips_alg_enc;
-+#ifdef CONFIG_KLIPS_DEBUG
-+ int debug_flag = (encrypt==IPSEC_ALG_ENCRYPT ?
-+ debug_tunnel : debug_rcv);
-+#endif
-+
-+ KLIPS_PRINT(debug_flag,
-+ "klips_debug:ipsec_alg_esp_encrypt: "
-+ "entering with encalg=%d, ixt_e=%p\n",
-+ sa_p->ips_encalg, ixt_e);
-+ if (ixt_e == NULL) {
-+#ifdef CONFIG_KLIPS_DEBUG
-+ KLIPS_ERROR(debug_flag,
-+ "klips_debug:ipsec_alg_esp_encrypt: "
-+ "NULL ipsec_alg_enc object\n");
-+#endif
-+ return -1;
-+ }
-+ KLIPS_PRINT(debug_flag,
-+ "klips_debug:ipsec_alg_esp_encrypt: "
-+ "calling cbc_encrypt encalg=%d "
-+ "ips_key_e=%p idat=%p ilen=%d iv=%p, encrypt=%d\n",
-+ sa_p->ips_encalg,
-+ sa_p->ips_key_e, idat, ilen, iv, encrypt);
-+ ret=ixt_e->ixt_e_cbc_encrypt(ixt_e, sa_p->ips_key_e, idat,
-+ ilen, iv, encrypt);
-+ KLIPS_PRINT(debug_flag,
-+ "klips_debug:ipsec_alg_esp_encrypt: "
-+ "returned ret=%d\n",
-+ ret);
-+ return ret;
-+}
-+
-+/*
-+ * encryption key context creation function
-+ * called from pfkey_v2_parser.c:pfkey_ips_init()
-+ */
-+int ipsec_alg_enc_key_create(struct ipsec_sa *sa_p) {
-+ int ret=-EINVAL;
-+ int keyminbits, keymaxbits;
-+ caddr_t ekp;
-+ struct ipsec_alg_enc *ixt_e=sa_p->ips_alg_enc;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:ipsec_alg_enc_key_create: "
-+ "entering with encalg=%d ixt_e=%p\n",
-+ sa_p->ips_encalg, ixt_e);
-+ if (!ixt_e) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:ipsec_alg_enc_key_create: "
-+ "NULL ipsec_alg_enc object\n");
-+ return -EPROTO;
-+ }
-+
-+ /*
-+ * grRRR... DES 7bits jurassic stuff ... f*ckk --jjo
-+ */
-+ switch(ixt_e->ixt_common.ixt_support.ias_id) {
-+ case ESP_3DES:
-+ keyminbits=keymaxbits=192;break;
-+ case ESP_DES:
-+ keyminbits=keymaxbits=64;break;
-+ default:
-+ keyminbits=ixt_e->ixt_common.ixt_support.ias_keyminbits;
-+ keymaxbits=ixt_e->ixt_common.ixt_support.ias_keymaxbits;
-+ }
-+ if(sa_p->ips_key_bits_e<keyminbits ||
-+ sa_p->ips_key_bits_e>keymaxbits) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:ipsec_alg_enc_key_create: "
-+ "incorrect encryption key size for id=%d: %d bits -- "
-+ "must be between %d,%d bits\n" /*octets (bytes)\n"*/,
-+ ixt_e->ixt_common.ixt_support.ias_id,
-+ sa_p->ips_key_bits_e, keyminbits, keymaxbits);
-+ ret=-EINVAL;
-+ goto ixt_out;
-+ }
-+ /* save encryption key pointer */
-+ ekp = sa_p->ips_key_e;
-+
-+
-+ if (ixt_e->ixt_e_new_key) {
-+ sa_p->ips_key_e = ixt_e->ixt_e_new_key(ixt_e,
-+ ekp, sa_p->ips_key_bits_e/8);
-+ ret = (sa_p->ips_key_e)? 0 : -EINVAL;
-+ } else {
-+ if((sa_p->ips_key_e = (caddr_t)
-+ kmalloc((sa_p->ips_key_e_size = ixt_e->ixt_e_ctx_size),
-+ GFP_ATOMIC)) == NULL) {
-+ ret=-ENOMEM;
-+ goto ixt_out;
-+ }
-+ /* zero-out key_e */
-+ memset(sa_p->ips_key_e, 0, sa_p->ips_key_e_size);
-+
-+ /* I cast here to allow more decoupling in alg module */
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:ipsec_alg_enc_key_create: about to call:"
-+ "set_key(key_e=%p, ekp=%p, key_size=%d)\n",
-+ (caddr_t)sa_p->ips_key_e, ekp, sa_p->ips_key_bits_e/8);
-+ ret = ixt_e->ixt_e_set_key(ixt_e, (caddr_t)sa_p->ips_key_e, ekp, sa_p->ips_key_bits_e/8);
-+ }
-+ /* paranoid */
-+ memset(ekp, 0, sa_p->ips_key_bits_e/8);
-+ kfree(ekp);
-+ixt_out:
-+ return ret;
-+}
-+
-+/***************************************************************
-+ *
-+ * INTERFACE for AUTH services: key creation, hash functions
-+ *
-+ ***************************************************************/
-+
-+/*
-+ * auth key context creation function
-+ * called from pfkey_v2_parser.c:pfkey_ips_init()
-+ */
-+int ipsec_alg_auth_key_create(struct ipsec_sa *sa_p) {
-+ int ret=-EINVAL;
-+ struct ipsec_alg_auth *ixt_a=sa_p->ips_alg_auth;
-+ int keyminbits, keymaxbits;
-+ unsigned char *akp;
-+ unsigned int aks;
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:ipsec_alg_auth_key_create: "
-+ "entering with authalg=%d ixt_a=%p\n",
-+ sa_p->ips_authalg, ixt_a);
-+ if (!ixt_a) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:ipsec_alg_auth_key_create: "
-+ "NULL ipsec_alg_auth object\n");
-+ return -EPROTO;
-+ }
-+ keyminbits=ixt_a->ixt_common.ixt_support.ias_keyminbits;
-+ keymaxbits=ixt_a->ixt_common.ixt_support.ias_keymaxbits;
-+ if(sa_p->ips_key_bits_a<keyminbits || sa_p->ips_key_bits_a>keymaxbits) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:ipsec_alg_auth_key_create: incorrect auth"
-+ "key size: %d bits -- must be between %d,%d bits\n"/*octets (bytes)\n"*/,
-+ sa_p->ips_key_bits_a, keyminbits, keymaxbits);
-+ ret=-EINVAL;
-+ goto ixt_out;
-+ }
-+ /* save auth key pointer */
-+ sa_p->ips_auth_bits = ixt_a->ixt_a_keylen * 8; /* XXX XXX */
-+ akp = sa_p->ips_key_a;
-+ aks = sa_p->ips_key_a_size;
-+
-+ /* will hold: 2 ctx and a blocksize buffer: kb */
-+ sa_p->ips_key_a_size = ixt_a->ixt_a_ctx_size;
-+ if((sa_p->ips_key_a =
-+ (caddr_t) kmalloc(sa_p->ips_key_a_size, GFP_ATOMIC)) == NULL) {
-+ ret=-ENOMEM;
-+ goto ixt_out;
-+ }
-+ ixt_a->ixt_a_hmac_set_key(ixt_a, sa_p->ips_key_a, akp, sa_p->ips_key_bits_a/8); /* XXX XXX */
-+ ret=0;
-+ memset(akp, 0, aks);
-+ kfree(akp);
-+
-+ixt_out:
-+ return ret;
-+}
-+
-+
-+int ipsec_alg_sa_esp_hash(const struct ipsec_sa *sa_p, const __u8 *espp,
-+ int len, __u8 *hash, int hashlen)
-+{
-+ struct ipsec_alg_auth *ixt_a=sa_p->ips_alg_auth;
-+ if (!ixt_a) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:ipsec_sa_esp_hash: "
-+ "NULL ipsec_alg_auth object\n");
-+ return -EPROTO;
-+ }
-+ KLIPS_PRINT(debug_tunnel|debug_rcv,
-+ "klips_debug:ipsec_sa_esp_hash: "
-+ "hashing %p (%d bytes) to %p (%d bytes)\n",
-+ espp, len,
-+ hash, hashlen);
-+ ixt_a->ixt_a_hmac_hash(ixt_a,
-+ sa_p->ips_key_a,
-+ espp, len,
-+ hash, hashlen);
-+ return 0;
-+}
-+
-+/***************************************************************
-+ *
-+ * INTERFACE for module loading,testing, and unloading
-+ *
-+ ***************************************************************/
-+
-+/* validation for registering (enc) module */
-+static int check_enc(struct ipsec_alg_enc *ixt)
-+{
-+ int ret=-EINVAL;
-+ if (ixt->ixt_common.ixt_blocksize==0) /* || ixt->ixt_common.ixt_blocksize%2) need for ESP_NULL */
-+ barf_out(KERN_ERR "invalid blocksize=%d\n", ixt->ixt_common.ixt_blocksize);
-+ if (ixt->ixt_common.ixt_support.ias_keyminbits==0
-+ && ixt->ixt_common.ixt_support.ias_keymaxbits==0
-+ && ixt->ixt_e_keylen==0)
-+ goto zero_key_ok;
-+
-+ if (ixt->ixt_common.ixt_support.ias_keyminbits==0)
-+ barf_out(KERN_ERR "invalid keyminbits=%d\n", ixt->ixt_common.ixt_support.ias_keyminbits);
-+
-+ if (ixt->ixt_common.ixt_support.ias_keymaxbits==0)
-+ barf_out(KERN_ERR "invalid keymaxbits=%d\n", ixt->ixt_common.ixt_support.ias_keymaxbits);
-+
-+ if (ixt->ixt_e_keylen==0)
-+ barf_out(KERN_ERR "invalid keysize=%d\n", ixt->ixt_e_keylen);
-+
-+zero_key_ok:
-+ if (ixt->ixt_e_ctx_size==0 && ixt->ixt_e_new_key == NULL)
-+ barf_out(KERN_ERR "invalid key_e_size=%d and ixt_e_new_key=NULL\n", ixt->ixt_e_ctx_size);
-+ if (ixt->ixt_e_cbc_encrypt==NULL)
-+ barf_out(KERN_ERR "e_cbc_encrypt() must be not NULL\n");
-+ ret=0;
-+out:
-+ return ret;
-+}
-+
-+/* validation for registering (auth) module */
-+static int check_auth(struct ipsec_alg_auth *ixt)
-+{
-+ int ret=-EINVAL;
-+ if (ixt->ixt_common.ixt_support.ias_id==0 || ixt->ixt_common.ixt_support.ias_id > SADB_AALG_MAX)
-+ barf_out("invalid alg_id=%d > %d (SADB_AALG_MAX)\n",
-+ ixt->ixt_common.ixt_support.ias_id, SADB_AALG_MAX);
-+
-+ if (ixt->ixt_common.ixt_blocksize==0
-+ || ixt->ixt_common.ixt_blocksize%2)
-+ barf_out(KERN_ERR "invalid blocksize=%d\n",
-+ ixt->ixt_common.ixt_blocksize);
-+
-+ if (ixt->ixt_common.ixt_blocksize>AH_BLKLEN_MAX)
-+ barf_out(KERN_ERR "sorry blocksize=%d > %d. "
-+ "Please increase AH_BLKLEN_MAX and recompile\n",
-+ ixt->ixt_common.ixt_blocksize,
-+ AH_BLKLEN_MAX);
-+ if (ixt->ixt_common.ixt_support.ias_keyminbits==0 && ixt->ixt_common.ixt_support.ias_keymaxbits==0 && ixt->ixt_a_keylen==0)
-+ goto zero_key_ok;
-+ if (ixt->ixt_common.ixt_support.ias_keyminbits==0)
-+ barf_out(KERN_ERR "invalid keyminbits=%d\n", ixt->ixt_common.ixt_support.ias_keyminbits);
-+ if (ixt->ixt_common.ixt_support.ias_keymaxbits==0)
-+ barf_out(KERN_ERR "invalid keymaxbits=%d\n", ixt->ixt_common.ixt_support.ias_keymaxbits);
-+ if (ixt->ixt_common.ixt_support.ias_keymaxbits!=ixt->ixt_common.ixt_support.ias_keyminbits)
-+ barf_out(KERN_ERR "keymaxbits must equal keyminbits (not sure).\n");
-+ if (ixt->ixt_a_keylen==0)
-+ barf_out(KERN_ERR "invalid keysize=%d\n", ixt->ixt_a_keylen);
-+zero_key_ok:
-+ if (ixt->ixt_a_ctx_size==0)
-+ barf_out(KERN_ERR "invalid a_ctx_size=%d\n", ixt->ixt_a_ctx_size);
-+ if (ixt->ixt_a_hmac_set_key==NULL)
-+ barf_out(KERN_ERR "a_hmac_set_key() must be not NULL\n");
-+ if (ixt->ixt_a_hmac_hash==NULL)
-+ barf_out(KERN_ERR "a_hmac_hash() must be not NULL\n");
-+ ret=0;
-+out:
-+ return ret;
-+}
-+
-+/*
-+ * Generic (enc, auth) registration entry point
-+ */
-+int register_ipsec_alg(struct ipsec_alg *ixt)
-+{
-+ int ret=-EINVAL;
-+ /* Validation */
-+ if (ixt==NULL)
-+ barf_out("NULL ipsec_alg object passed\n");
-+ if ((ixt->ixt_version&0xffffff00) != (IPSEC_ALG_VERSION&0xffffff00))
-+ barf_out("incorrect version: %d.%d.%d-%d, "
-+ "must be %d.%d.%d[-%d]\n",
-+ IPSEC_ALG_VERSION_QUAD(ixt->ixt_version),
-+ IPSEC_ALG_VERSION_QUAD(IPSEC_ALG_VERSION));
-+
-+ switch(ixt->ixt_alg_type) {
-+ case IPSEC_ALG_TYPE_AUTH:
-+ if ((ret=check_auth((struct ipsec_alg_auth *)ixt)<0))
-+ goto out;
-+ break;
-+ case IPSEC_ALG_TYPE_ENCRYPT:
-+ if ((ret=check_enc((struct ipsec_alg_enc *)ixt)<0))
-+ goto out;
-+ /*
-+ * Adapted two lines below:
-+ * ivlen == 0 is possible (NULL enc has blocksize==1)
-+ *
-+ * fixed NULL support by David De Reu <DeReu@tComLabs.com>
-+ */
-+ if (ixt->ixt_support.ias_ivlen == 0
-+ && ixt->ixt_blocksize > 1) {
-+ ixt->ixt_support.ias_ivlen = ixt->ixt_blocksize*8;
-+ }
-+ break;
-+ default:
-+ barf_out("alg_type=%d not supported\n", ixt->ixt_alg_type);
-+ }
-+ INIT_LIST_HEAD(&ixt->ixt_list);
-+ ret = ipsec_alg_insert(ixt);
-+ if (ret<0)
-+ barf_out(KERN_WARNING "ipsec_alg for alg_id=%d failed."
-+ "Not loaded (ret=%d).\n",
-+ ixt->ixt_support.ias_id, ret);
-+
-+
-+ ret = pfkey_list_insert_supported((struct ipsec_alg_supported *)&ixt->ixt_support
-+ , &(pfkey_supported_list[SADB_SATYPE_ESP]));
-+
-+ if (ret==0) {
-+ ixt->ixt_state |= IPSEC_ALG_ST_SUPP;
-+ /* send register event to userspace */
-+ pfkey_register_reply(SADB_SATYPE_ESP, NULL);
-+ } else
-+ printk(KERN_ERR "pfkey_list_insert_supported returned %d. "
-+ "Loading anyway.\n", ret);
-+ ret=0;
-+out:
-+ return ret;
-+}
-+
-+/*
-+ * unregister ipsec_alg object from own tables, if
-+ * success => calls pfkey_list_remove_supported()
-+ */
-+int unregister_ipsec_alg(struct ipsec_alg *ixt) {
-+ int ret= -EINVAL;
-+ switch(ixt->ixt_alg_type) {
-+ case IPSEC_ALG_TYPE_AUTH:
-+ case IPSEC_ALG_TYPE_ENCRYPT:
-+ break;
-+ default:
-+ /* this is not a typo :) */
-+ barf_out("frog found in list (\"%s\"): ixt_p=NULL\n",
-+ ixt->ixt_name);
-+ }
-+
-+ ret=ipsec_alg_delete(ixt);
-+ if (ixt->ixt_state&IPSEC_ALG_ST_SUPP) {
-+ ixt->ixt_state &= ~IPSEC_ALG_ST_SUPP;
-+ pfkey_list_remove_supported((struct ipsec_alg_supported *)&ixt->ixt_support
-+ , &(pfkey_supported_list[SADB_SATYPE_ESP]));
-+
-+ /* send register event to userspace */
-+ pfkey_register_reply(SADB_SATYPE_ESP, NULL);
-+ }
-+
-+out:
-+ return ret;
-+}
-+
-+/*
-+ * Must be called from user context
-+ * used at module load type for testing algo implementation
-+ */
-+static int ipsec_alg_test_encrypt(int enc_alg, int test) {
-+ int ret;
-+ caddr_t buf = NULL;
-+ int iv_size, keysize, key_e_size;
-+ struct ipsec_alg_enc *ixt_e;
-+ void *tmp_key_e = NULL;
-+ #define BUFSZ 1024
-+ #define MARGIN 0
-+ #define test_enc (buf+MARGIN)
-+ #define test_dec (test_enc+BUFSZ+MARGIN)
-+ #define test_tmp (test_dec+BUFSZ+MARGIN)
-+ #define test_key_e (test_tmp+BUFSZ+MARGIN)
-+ #define test_iv (test_key_e+key_e_size+MARGIN)
-+ #define test_key (test_iv+iv_size+MARGIN)
-+ #define test_size (BUFSZ*3+key_e_size+iv_size+keysize+MARGIN*7)
-+ ixt_e=(struct ipsec_alg_enc *)ipsec_alg_get(IPSEC_ALG_TYPE_ENCRYPT, enc_alg);
-+ if (ixt_e==NULL) {
-+ KLIPS_PRINT(1,
-+ "klips_debug: ipsec_alg_test_encrypt: "
-+ "encalg=%d object not found\n",
-+ enc_alg);
-+ ret=-EINVAL;
-+ goto out;
-+ }
-+ iv_size=ixt_e->ixt_common.ixt_support.ias_ivlen / 8;
-+ key_e_size=ixt_e->ixt_e_ctx_size;
-+ keysize=ixt_e->ixt_e_keylen;
-+ KLIPS_PRINT(1,
-+ "klips_debug: ipsec_alg_test_encrypt: "
-+ "enc_alg=%d blocksize=%d key_e_size=%d keysize=%d\n",
-+ enc_alg, iv_size, key_e_size, keysize);
-+ if ((buf=kmalloc (test_size, GFP_KERNEL)) == NULL) {
-+ ret= -ENOMEM;
-+ goto out;
-+ }
-+ get_random_bytes(test_key, keysize);
-+ get_random_bytes(test_iv, iv_size);
-+ if (ixt_e->ixt_e_new_key) {
-+ tmp_key_e = ixt_e->ixt_e_new_key(ixt_e, test_key, keysize);
-+ ret = tmp_key_e ? 0 : -EINVAL;
-+ } else {
-+ tmp_key_e = test_key_e;
-+ ret = ixt_e->ixt_e_set_key(ixt_e, test_key_e, test_key, keysize);
-+ }
-+ if (ret < 0)
-+ goto out;
-+ get_random_bytes(test_enc, BUFSZ);
-+ memcpy(test_tmp, test_enc, BUFSZ);
-+ ret=ixt_e->ixt_e_cbc_encrypt(ixt_e, tmp_key_e, test_enc, BUFSZ, test_iv, 1);
-+ printk(KERN_INFO
-+ "klips_info: ipsec_alg_test_encrypt: "
-+ "cbc_encrypt=1 ret=%d\n",
-+ ret);
-+ ret=memcmp(test_enc, test_tmp, BUFSZ);
-+ printk(KERN_INFO
-+ "klips_info: ipsec_alg_test_encrypt: "
-+ "memcmp(enc, tmp) ret=%d: %s\n", ret,
-+ ret!=0? "OK. (encr->DIFFers)" : "FAIL! (encr->SAME)" );
-+ memcpy(test_dec, test_enc, BUFSZ);
-+ ret=ixt_e->ixt_e_cbc_encrypt(ixt_e, tmp_key_e, test_dec, BUFSZ, test_iv, 0);
-+ printk(KERN_INFO
-+ "klips_info: ipsec_alg_test_encrypt: "
-+ "cbc_encrypt=0 ret=%d\n", ret);
-+ ret=memcmp(test_dec, test_tmp, BUFSZ);
-+ printk(KERN_INFO
-+ "klips_info: ipsec_alg_test_encrypt: "
-+ "memcmp(dec,tmp) ret=%d: %s\n", ret,
-+ ret==0? "OK. (encr->decr->SAME)" : "FAIL! (encr->decr->DIFFers)" );
-+ {
-+ /* Shamelessly taken from drivers/md sources O:) */
-+ unsigned long now;
-+ int i, count, max=0;
-+ int encrypt, speed;
-+ for (encrypt=0; encrypt <2;encrypt ++) {
-+ for (i = 0; i < 5; i++) {
-+ now = jiffies;
-+ count = 0;
-+ while (jiffies == now) {
-+ mb();
-+ ixt_e->ixt_e_cbc_encrypt(ixt_e,
-+ tmp_key_e, test_tmp,
-+ BUFSZ, test_iv, encrypt);
-+ mb();
-+ count++;
-+ mb();
-+ }
-+ if (count > max)
-+ max = count;
-+ }
-+ speed = max * (HZ * BUFSZ / 1024);
-+ printk(KERN_INFO
-+ "klips_info: ipsec_alg_test_encrypt: "
-+ "%s %s speed=%d KB/s\n",
-+ ixt_e->ixt_common.ixt_name,
-+ encrypt? "encrypt": "decrypt", speed);
-+ }
-+ }
-+out:
-+ if (tmp_key_e && ixt_e->ixt_e_destroy_key) ixt_e->ixt_e_destroy_key(ixt_e, tmp_key_e);
-+ if (buf) kfree(buf);
-+ if (ixt_e) ipsec_alg_put((struct ipsec_alg *)ixt_e);
-+ return ret;
-+ #undef test_enc
-+ #undef test_dec
-+ #undef test_tmp
-+ #undef test_key_e
-+ #undef test_iv
-+ #undef test_key
-+ #undef test_size
-+}
-+
-+/*
-+ * Must be called from user context
-+ * used at module load type for testing algo implementation
-+ */
-+static int ipsec_alg_test_auth(int auth_alg, int test) {
-+ int ret;
-+ caddr_t buf = NULL;
-+ int blocksize, keysize, key_a_size;
-+ struct ipsec_alg_auth *ixt_a;
-+ #define BUFSZ 1024
-+ #define MARGIN 0
-+ #define test_auth (buf+MARGIN)
-+ #define test_key_a (test_auth+BUFSZ+MARGIN)
-+ #define test_key (test_key_a+key_a_size+MARGIN)
-+ #define test_hash (test_key+keysize+MARGIN)
-+ #define test_size (BUFSZ+key_a_size+keysize+AHHMAC_HASHLEN+MARGIN*4)
-+ ixt_a=(struct ipsec_alg_auth *)ipsec_alg_get(IPSEC_ALG_TYPE_AUTH, auth_alg);
-+ if (ixt_a==NULL) {
-+ KLIPS_PRINT(1,
-+ "klips_debug: ipsec_alg_test_auth: "
-+ "encalg=%d object not found\n",
-+ auth_alg);
-+ ret=-EINVAL;
-+ goto out;
-+ }
-+ blocksize=ixt_a->ixt_common.ixt_blocksize;
-+ key_a_size=ixt_a->ixt_a_ctx_size;
-+ keysize=ixt_a->ixt_a_keylen;
-+ KLIPS_PRINT(1,
-+ "klips_debug: ipsec_alg_test_auth: "
-+ "auth_alg=%d blocksize=%d key_a_size=%d keysize=%d\n",
-+ auth_alg, blocksize, key_a_size, keysize);
-+ if ((buf=kmalloc (test_size, GFP_KERNEL)) == NULL) {
-+ ret= -ENOMEM;
-+ goto out;
-+ }
-+ get_random_bytes(test_key, keysize);
-+ ret = ixt_a->ixt_a_hmac_set_key(ixt_a, test_key_a, test_key, keysize);
-+ if (ret < 0 )
-+ goto out;
-+ get_random_bytes(test_auth, BUFSZ);
-+ ret=ixt_a->ixt_a_hmac_hash(ixt_a, test_key_a, test_auth, BUFSZ, test_hash, AHHMAC_HASHLEN);
-+ printk(KERN_INFO
-+ "klips_info: ipsec_alg_test_auth: "
-+ "ret=%d\n", ret);
-+ {
-+ /* Shamelessly taken from drivers/md sources O:) */
-+ unsigned long now;
-+ int i, count, max=0;
-+ int speed;
-+ for (i = 0; i < 5; i++) {
-+ now = jiffies;
-+ count = 0;
-+ while (jiffies == now) {
-+ mb();
-+ ixt_a->ixt_a_hmac_hash(ixt_a, test_key_a, test_auth, BUFSZ, test_hash, AHHMAC_HASHLEN);
-+ mb();
-+ count++;
-+ mb();
-+ }
-+ if (count > max)
-+ max = count;
-+ }
-+ speed = max * (HZ * BUFSZ / 1024);
-+ printk(KERN_INFO
-+ "klips_info: ipsec_alg_test_auth: "
-+ "%s hash speed=%d KB/s\n",
-+ ixt_a->ixt_common.ixt_name,
-+ speed);
-+ }
-+out:
-+ if (buf) kfree(buf);
-+ if (ixt_a) ipsec_alg_put((struct ipsec_alg *)ixt_a);
-+ return ret;
-+ #undef test_auth
-+ #undef test_key_a
-+ #undef test_key
-+ #undef test_hash
-+ #undef test_size
-+}
-+
-+int ipsec_alg_test(unsigned alg_type, unsigned alg_id, int test) {
-+ switch(alg_type) {
-+ case IPSEC_ALG_TYPE_ENCRYPT:
-+ return ipsec_alg_test_encrypt(alg_id, test);
-+ break;
-+ case IPSEC_ALG_TYPE_AUTH:
-+ return ipsec_alg_test_auth(alg_id, test);
-+ break;
-+ }
-+ printk(KERN_ERR "klips_info: ipsec_alg_test() called incorrectly: "
-+ "alg_type=%d alg_id=%d\n",
-+ alg_type, alg_id);
-+ return -EINVAL;
-+}
-+
-+int ipsec_alg_init(void) {
-+ KLIPS_PRINT(1, "klips_info:ipsec_alg_init: "
-+ "KLIPS alg v=%d.%d.%d-%d (EALG_MAX=%d, AALG_MAX=%d)\n",
-+ IPSEC_ALG_VERSION_QUAD(IPSEC_ALG_VERSION),
-+ SADB_EALG_MAX, SADB_AALG_MAX);
-+ /* Initialize tables */
-+ write_lock_bh(&ipsec_alg_lock);
-+ ipsec_alg_hash_init();
-+ write_unlock_bh(&ipsec_alg_lock);
-+
-+ /* Initialize static algos */
-+ KLIPS_PRINT(1, "klips_info:ipsec_alg_init: "
-+ "calling ipsec_alg_static_init()\n");
-+
-+ /* If we are suppose to use our AES, and don't have
-+ * CryptoAPI enabled...
-+ */
-+#if defined(CONFIG_KLIPS_ENC_AES) && CONFIG_KLIPS_ENC_AES && !defined(CONFIG_KLIPS_ENC_AES_MODULE)
-+#if defined(CONFIG_KLIPS_ENC_CRYPTOAPI) && CONFIG_KLIPS_ENC_CRYPTOAPI
-+#warning "Using built-in AES rather than CryptoAPI AES"
-+#endif
-+ {
-+ extern int ipsec_aes_init(void);
-+ ipsec_aes_init();
-+ }
-+#endif
-+
-+#if defined(CONFIG_KLIPS_ENC_3DES) && CONFIG_KLIPS_ENC_3DES && !defined(CONFIG_KLIPS_ENC_3DES_MODULE)
-+#if defined(CONFIG_KLIPS_ENC_CRYPTOAPI) && CONFIG_KLIPS_ENC_CRYPTOAPI
-+#warning "Using built-in 3des rather than CryptoAPI 3des"
-+#endif
-+ {
-+ extern int ipsec_3des_init(void);
-+ ipsec_3des_init();
-+ }
-+#endif
-+#if defined(CONFIG_KLIPS_ENC_NULL) && CONFIG_KLIPS_ENC_NULL && !defined(CONFIG_KLIPS_ENC_NULL_MODULE)
-+#if defined(CONFIG_KLIPS_ENC_CRYPTOAPI) && CONFIG_KLIPS_ENC_CRYPTOAPI
-+#warning "Using built-in null cipher rather than CryptoAPI null cipher"
-+#endif
-+#warning "Building with null cipher (ESP_NULL), blame on you :-)"
-+ {
-+ extern int ipsec_null_init(void);
-+ ipsec_null_init();
-+ }
-+#endif
-+
-+
-+ /* If we are doing CryptoAPI, then init */
-+#if defined(CONFIG_KLIPS_ENC_CRYPTOAPI) && CONFIG_KLIPS_ENC_CRYPTOAPI && !defined(CONFIG_KLIPS_ENC_CRYPTOAPI_MODULE)
-+ {
-+ extern int ipsec_cryptoapi_init(void);
-+ ipsec_cryptoapi_init();
-+ }
-+#endif
-+
-+
-+ return 0;
-+}
-+
-+/**********************************************
-+ *
-+ * INTERFACE for ipsec_sa init and wipe
-+ *
-+ **********************************************/
-+
-+/*
-+ * Called from pluto -> pfkey_v2_parser.c:pfkey_ipsec_sa_init()
-+ */
-+int ipsec_alg_sa_init(struct ipsec_sa *sa_p) {
-+ struct ipsec_alg_enc *ixt_e;
-+ struct ipsec_alg_auth *ixt_a;
-+
-+ /* Only ESP for now ... */
-+ if (sa_p->ips_said.proto != IPPROTO_ESP)
-+ return -EPROTONOSUPPORT;
-+
-+ KLIPS_PRINT(debug_pfkey, "klips_debug: ipsec_alg_sa_init() :"
-+ "entering for encalg=%d, authalg=%d\n",
-+ sa_p->ips_encalg, sa_p->ips_authalg);
-+
-+ if ((ixt_e=(struct ipsec_alg_enc *)
-+ ipsec_alg_get(IPSEC_ALG_TYPE_ENCRYPT, sa_p->ips_encalg))) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug: ipsec_alg_sa_init() :"
-+ "found ipsec_alg (ixt_e=%p) for encalg=%d\n",
-+ ixt_e, sa_p->ips_encalg);
-+ sa_p->ips_alg_enc=ixt_e;
-+ }
-+
-+ if ((ixt_a=(struct ipsec_alg_auth *)
-+ ipsec_alg_get(IPSEC_ALG_TYPE_AUTH, sa_p->ips_authalg))) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug: ipsec_alg_sa_init() :"
-+ "found ipsec_alg (ixt_a=%p) for auth=%d\n",
-+ ixt_a, sa_p->ips_authalg);
-+ sa_p->ips_alg_auth=ixt_a;
-+ }
-+ return 0;
-+}
-+
-+/*
-+ * Called from pluto -> ipsec_sa.c:ipsec_sa_delchain()
-+ */
-+int ipsec_alg_sa_wipe(struct ipsec_sa *sa_p) {
-+ struct ipsec_alg *ixt;
-+ if ((ixt=(struct ipsec_alg *)sa_p->ips_alg_enc)) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug: ipsec_alg_sa_wipe() :"
-+ "unlinking for encalg=%d\n",
-+ ixt->ixt_support.ias_id);
-+ ipsec_alg_put(ixt);
-+ }
-+ if ((ixt=(struct ipsec_alg *)sa_p->ips_alg_auth)) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug: ipsec_alg_sa_wipe() :"
-+ "unlinking for authalg=%d\n",
-+ ixt->ixt_support.ias_id);
-+ ipsec_alg_put(ixt);
-+ }
-+ return 0;
-+}
-+
-+IPSEC_PROCFS_DEBUG_NO_STATIC
-+int
-+ipsec_xform_get_info(char *buffer,
-+ char **start,
-+ off_t offset,
-+ int length IPSEC_PROC_LAST_ARG)
-+{
-+ int len = 0;
-+ off_t begin = 0;
-+ int i;
-+ struct list_head *head;
-+ struct ipsec_alg *ixt;
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_PROCFS,
-+ "klips_debug:ipsec_tncfg_get_info: "
-+ "buffer=0p%p, *start=0p%p, offset=%d, length=%d\n",
-+ buffer,
-+ *start,
-+ (int)offset,
-+ length);
-+
-+ for(i = 0, head = ipsec_alg_hash_table;
-+ i<IPSEC_ALG_HASHSZ;
-+ i++, head++)
-+ {
-+ struct list_head *p;
-+ for (p=head->next; p!=head; p=p->next)
-+ {
-+ ixt = list_entry(p, struct ipsec_alg, ixt_list);
-+ len += ipsec_snprintf(buffer+len, length-len,
-+ "VERSION=%d TYPE=%d ID=%d NAME=%s REFCNT=%d ",
-+ ixt->ixt_version, ixt->ixt_alg_type, ixt->ixt_support.ias_id,
-+ ixt->ixt_name, ixt->ixt_refcnt);
-+
-+ len += ipsec_snprintf(buffer+len, length-len,
-+ "STATE=%08x BLOCKSIZE=%d IVLEN=%d KEYMINBITS=%d KEYMAXBITS=%d ",
-+ ixt->ixt_state, ixt->ixt_blocksize,
-+ ixt->ixt_support.ias_ivlen, ixt->ixt_support.ias_keyminbits, ixt->ixt_support.ias_keymaxbits);
-+
-+ len += ipsec_snprintf(buffer+len, length-len,
-+ "IVLEN=%d KEYMINBITS=%d KEYMAXBITS=%d ",
-+ ixt->ixt_support.ias_ivlen, ixt->ixt_support.ias_keyminbits, ixt->ixt_support.ias_keymaxbits);
-+
-+ switch(ixt->ixt_alg_type)
-+ {
-+ case IPSEC_ALG_TYPE_AUTH:
-+ {
-+ struct ipsec_alg_auth *auth = (struct ipsec_alg_auth *)ixt;
-+
-+ len += ipsec_snprintf(buffer+len, length-len,
-+ "KEYLEN=%d CTXSIZE=%d AUTHLEN=%d ",
-+ auth->ixt_a_keylen, auth->ixt_a_ctx_size,
-+ auth->ixt_a_authlen);
-+ break;
-+ }
-+ case IPSEC_ALG_TYPE_ENCRYPT:
-+ {
-+ struct ipsec_alg_enc *enc = (struct ipsec_alg_enc *)ixt;
-+ len += ipsec_snprintf(buffer+len, length-len,
-+ "KEYLEN=%d CTXSIZE=%d ",
-+ enc->ixt_e_keylen, enc->ixt_e_ctx_size);
-+
-+ break;
-+ }
-+ }
-+
-+ len += ipsec_snprintf(buffer+len, length-len, "\n");
-+ }
-+ }
-+
-+ *start = buffer + (offset - begin); /* Start of wanted data */
-+ len -= (offset - begin); /* Start slop */
-+ if (len > length)
-+ len = length;
-+ return len;
-+}
-+
-+
-+/*
-+ * As the author of this module, I ONLY ALLOW using it from
-+ * GPL (or same LICENSE TERMS as kernel source) modules.
-+ *
-+ * In respect to hardware crypto engines this means:
-+ * * Closed-source device drivers ARE NOT ALLOWED to use
-+ * this interface.
-+ * * Closed-source VHDL/Verilog firmware running on
-+ * the crypto hardware device IS ALLOWED to use this interface
-+ * via a GPL (or same LICENSE TERMS as kernel source) device driver.
-+ * --Juan Jose Ciarlante 20/03/2002 (thanks RGB for the correct wording)
-+ */
-+
-+/*
-+ * These symbols can only be used from GPL modules
-+ * for now, I'm disabling this because it creates false
-+ * symbol problems for old modutils.
-+ */
-+
-+#ifdef CONFIG_MODULES
-+#ifndef NET_26
-+#if 0
-+#ifndef EXPORT_SYMBOL_GPL
-+#undef EXPORT_SYMBOL_GPL
-+#define EXPORT_SYMBOL_GPL EXPORT_SYMBOL
-+#endif
-+#endif
-+EXPORT_SYMBOL(register_ipsec_alg);
-+EXPORT_SYMBOL(unregister_ipsec_alg);
-+EXPORT_SYMBOL(ipsec_alg_test);
-+#endif
-+#endif
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_alg_cryptoapi.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,455 @@
-+/*
-+ * ipsec_alg to linux cryptoapi GLUE
-+ *
-+ * Authors: CODE.ar TEAM
-+ * Harpo MAxx <harpo@linuxmendoza.org.ar>
-+ * JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar>
-+ * Luciano Ruete <docemeses@softhome.net>
-+ *
-+ * ipsec_alg_cryptoapi.c,v 1.1.2.1 2003/11/21 18:12:23 jjo Exp
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * Example usage:
-+ * modinfo -p ipsec_cryptoapi (quite useful info, including supported algos)
-+ * modprobe ipsec_cryptoapi
-+ * modprobe ipsec_cryptoapi test=1
-+ * modprobe ipsec_cryptoapi excl=1 (exclusive cipher/algo)
-+ * modprobe ipsec_cryptoapi noauto=1 aes=1 twofish=1 (only these ciphers)
-+ * modprobe ipsec_cryptoapi aes=128,128 (force these keylens)
-+ * modprobe ipsec_cryptoapi des_ede3=0 (everything but 3DES)
-+ */
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+
-+/*
-+ * special case: ipsec core modular with this static algo inside:
-+ * must avoid MODULE magic for this file
-+ */
-+#if defined(CONFIG_KLIPS_MODULE) && defined(CONFIG_KLIPS_ENC_CRYPTOAPI)
-+#undef MODULE
-+#endif
-+
-+#include <linux/module.h>
-+#include <linux/init.h>
-+
-+#include <linux/kernel.h> /* printk() */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/string.h>
-+
-+/* Check if __exit is defined, if not null it */
-+#ifndef __exit
-+#define __exit
-+#endif
-+
-+/* warn the innocent */
-+#if !defined (CONFIG_CRYPTO) && !defined (CONFIG_CRYPTO_MODULE)
-+#warning "No linux CryptoAPI found, install 2.4.22+ or 2.6.x"
-+#define NO_CRYPTOAPI_SUPPORT
-+#endif
-+
-+#include "openswan.h"
-+#include "openswan/ipsec_alg.h"
-+#include "openswan/ipsec_policy.h"
-+
-+#include <linux/crypto.h>
-+#ifdef CRYPTO_API_VERSION_CODE
-+#warning "Old CryptoAPI is not supported. Only linux-2.4.22+ or linux-2.6.x are supported"
-+#define NO_CRYPTOAPI_SUPPORT
-+#endif
-+
-+#ifdef NO_CRYPTOAPI_SUPPORT
-+#warning "Building an unusable module :P"
-+/* Catch old CryptoAPI by not allowing module to load */
-+IPSEC_ALG_MODULE_INIT_STATIC( ipsec_cryptoapi_init )
-+{
-+ printk(KERN_WARNING "ipsec_cryptoapi.o was not built on stock Linux CryptoAPI (2.4.22+ or 2.6.x), not loading.\n");
-+ return -EINVAL;
-+}
-+#else
-+#include <asm/scatterlist.h>
-+#include <asm/pgtable.h>
-+#include <linux/mm.h>
-+
-+#define CIPHERNAME_AES "aes"
-+#define CIPHERNAME_1DES "des"
-+#define CIPHERNAME_3DES "des3_ede"
-+#define CIPHERNAME_BLOWFISH "blowfish"
-+#define CIPHERNAME_CAST "cast5"
-+#define CIPHERNAME_SERPENT "serpent"
-+#define CIPHERNAME_TWOFISH "twofish"
-+
-+#define ESP_SERPENT 252 /* from ipsec drafts */
-+#define ESP_TWOFISH 253 /* from ipsec drafts */
-+
-+#define DIGESTNAME_MD5 "md5"
-+#define DIGESTNAME_SHA1 "sha1"
-+
-+MODULE_AUTHOR("Juanjo Ciarlante, Harpo MAxx, Luciano Ruete");
-+static int debug_crypto=0;
-+static int test_crypto=0;
-+static int excl_crypto=0;
-+
-+static int noauto = 0;
-+
-+#ifdef module_param
-+module_param(debug_crypto,int,0600)
-+module_param(test_crypto,int,0600)
-+module_param(excl_crypto,int,0600)
-+
-+module_param(noauto,int,0600)
-+#else
-+MODULE_PARM(debug_crypto, "i");
-+MODULE_PARM(test_crypto, "i");
-+MODULE_PARM(excl_crypto, "i");
-+
-+MODULE_PARM(noauto,"i");
-+#endif
-+MODULE_PARM_DESC(noauto, "Dont try all known algos, just setup enabled ones");
-+
-+#ifdef CONFIG_KLIPS_ENC_1DES
-+static int des_ede1[] = {-1, -1};
-+#endif
-+static int des_ede3[] = {-1, -1};
-+static int aes[] = {-1, -1};
-+static int blowfish[] = {-1, -1};
-+static int cast[] = {-1, -1};
-+static int serpent[] = {-1, -1};
-+static int twofish[] = {-1, -1};
-+
-+#ifdef CONFIG_KLIPS_ENC_1DES
-+#ifdef module_param
-+module_param_array(des_ede1,int,NULL,0)
-+#else
-+MODULE_PARM(des_ede1,"1-2i");
-+#endif
-+#endif
-+#ifdef module_param
-+module_param_array(des_ede3,int,NULL,0)
-+module_param_array(aes,int,NULL,0)
-+module_param_array(blowfish,int,NULL,0)
-+module_param_array(cast,int,NULL,0)
-+module_param_array(serpent,int,NULL,0)
-+module_param_array(twofish,int,NULL,0)
-+#else
-+MODULE_PARM(des_ede3,"1-2i");
-+MODULE_PARM(aes,"1-2i");
-+MODULE_PARM(blowfish,"1-2i");
-+MODULE_PARM(cast,"1-2i");
-+MODULE_PARM(serpent,"1-2i");
-+MODULE_PARM(twofish,"1-2i");
-+#endif
-+MODULE_PARM_DESC(des_ede1, "0: disable | 1: force_enable | min,max: dontuse");
-+MODULE_PARM_DESC(des_ede3, "0: disable | 1: force_enable | min,max: dontuse");
-+MODULE_PARM_DESC(aes, "0: disable | 1: force_enable | min,max: keybitlens");
-+MODULE_PARM_DESC(blowfish, "0: disable | 1: force_enable | min,max: keybitlens");
-+MODULE_PARM_DESC(cast, "0: disable | 1: force_enable | min,max: keybitlens");
-+MODULE_PARM_DESC(serpent, "0: disable | 1: force_enable | min,max: keybitlens");
-+MODULE_PARM_DESC(twofish, "0: disable | 1: force_enable | min,max: keybitlens");
-+
-+struct ipsec_alg_capi_cipher {
-+ const char *ciphername; /* cryptoapi's ciphername */
-+ unsigned blocksize;
-+ unsigned short minbits;
-+ unsigned short maxbits;
-+ int *parm; /* lkm param for this cipher */
-+ struct ipsec_alg_enc alg; /* note it's not a pointer */
-+};
-+
-+static struct ipsec_alg_capi_cipher alg_capi_carray[] = {
-+ { CIPHERNAME_AES, 16, 128, 256, aes, { ixt_common:{ ixt_support:{ ias_id: ESP_AES}}}},
-+ { CIPHERNAME_TWOFISH, 16, 128, 256, twofish, { ixt_common:{ ixt_support:{ ias_id: ESP_TWOFISH,}}}},
-+ { CIPHERNAME_SERPENT, 16, 128, 256, serpent, { ixt_common:{ ixt_support:{ ias_id: ESP_SERPENT,}}}},
-+ { CIPHERNAME_CAST, 8, 128, 128, cast , { ixt_common:{ ixt_support:{ ias_id: ESP_CAST,}}}},
-+ { CIPHERNAME_BLOWFISH, 8, 96, 448, blowfish, { ixt_common:{ ixt_support:{ ias_id: ESP_BLOWFISH,}}}},
-+ { CIPHERNAME_3DES, 8, 192, 192, des_ede3, { ixt_common:{ ixt_support:{ ias_id: ESP_3DES,}}}},
-+#ifdef CONFIG_KLIPS_ENC_1DES
-+ { CIPHERNAME_1DES, 8, 64, 64, des_ede1, { ixt_common:{ ixt_support:{ ias_id: ESP_DES,}}}},
-+#endif
-+ { NULL, 0, 0, 0, NULL, {} }
-+};
-+
-+#ifdef NOT_YET
-+struct ipsec_alg_capi_digest {
-+ const char *digestname; /* cryptoapi's digestname */
-+ struct digest_implementation *di;
-+ struct ipsec_alg_auth alg; /* note it's not a pointer */
-+};
-+static struct ipsec_alg_capi_cipher alg_capi_darray[] = {
-+ { DIGESTNAME_MD5, NULL, { ixt_alg_id: AH_MD5, }},
-+ { DIGESTNAME_SHA1, NULL, { ixt_alg_id: AH_SHA, }},
-+ { NULL, NULL, {} }
-+};
-+#endif
-+/*
-+ * "generic" linux cryptoapi setup_cipher() function
-+ */
-+int setup_cipher(const char *ciphername)
-+{
-+ return crypto_alg_available(ciphername, 0);
-+}
-+
-+/*
-+ * setups ipsec_alg_capi_cipher "hyper" struct components, calling
-+ * register_ipsec_alg for cointaned ipsec_alg object
-+ */
-+static void _capi_destroy_key (struct ipsec_alg_enc *alg, __u8 *key_e);
-+static __u8 * _capi_new_key (struct ipsec_alg_enc *alg, const __u8 *key, size_t keylen);
-+static int _capi_cbc_encrypt(struct ipsec_alg_enc *alg, __u8 * key_e, __u8 * in, int ilen, const __u8 * iv, int encrypt);
-+
-+static int
-+setup_ipsec_alg_capi_cipher(struct ipsec_alg_capi_cipher *cptr)
-+{
-+ int ret;
-+ cptr->alg.ixt_common.ixt_version = IPSEC_ALG_VERSION;
-+ cptr->alg.ixt_common.ixt_module = THIS_MODULE;
-+ atomic_set (& cptr->alg.ixt_common.ixt_refcnt, 0);
-+ strncpy (cptr->alg.ixt_common.ixt_name , cptr->ciphername, sizeof (cptr->alg.ixt_common.ixt_name));
-+
-+ cptr->alg.ixt_common.ixt_blocksize=cptr->blocksize;
-+ cptr->alg.ixt_common.ixt_support.ias_keyminbits=cptr->minbits;
-+ cptr->alg.ixt_common.ixt_support.ias_keymaxbits=cptr->maxbits;
-+ cptr->alg.ixt_common.ixt_state = 0;
-+ if (excl_crypto) cptr->alg.ixt_common.ixt_state |= IPSEC_ALG_ST_EXCL;
-+ cptr->alg.ixt_e_keylen=cptr->alg.ixt_common.ixt_support.ias_keymaxbits/8;
-+ cptr->alg.ixt_e_ctx_size = 0;
-+ cptr->alg.ixt_common.ixt_support.ias_exttype = IPSEC_ALG_TYPE_ENCRYPT;
-+ cptr->alg.ixt_e_new_key = _capi_new_key;
-+ cptr->alg.ixt_e_destroy_key = _capi_destroy_key;
-+ cptr->alg.ixt_e_cbc_encrypt = _capi_cbc_encrypt;
-+ cptr->alg.ixt_common.ixt_data = cptr;
-+
-+ ret=register_ipsec_alg_enc(&cptr->alg);
-+ printk(KERN_INFO "KLIPS cryptoapi interface: "
-+ "alg_type=%d alg_id=%d name=%s "
-+ "keyminbits=%d keymaxbits=%d, %s(%d)\n",
-+ cptr->alg.ixt_common.ixt_support.ias_exttype,
-+ cptr->alg.ixt_common.ixt_support.ias_id,
-+ cptr->alg.ixt_common.ixt_name,
-+ cptr->alg.ixt_common.ixt_support.ias_keyminbits,
-+ cptr->alg.ixt_common.ixt_support.ias_keymaxbits,
-+ ret ? "not found" : "found", ret);
-+ return ret;
-+}
-+/*
-+ * called in ipsec_sa_wipe() time, will destroy key contexts
-+ * and do 1 unbind()
-+ */
-+static void
-+_capi_destroy_key (struct ipsec_alg_enc *alg, __u8 *key_e)
-+{
-+ struct crypto_tfm *tfm=(struct crypto_tfm*)key_e;
-+
-+ if (debug_crypto > 0)
-+ printk(KERN_DEBUG "klips_debug: _capi_destroy_key:"
-+ "name=%s key_e=%p \n",
-+ alg->ixt_common.ixt_name, key_e);
-+ if (!key_e) {
-+ printk(KERN_ERR "klips_debug: _capi_destroy_key:"
-+ "name=%s NULL key_e!\n",
-+ alg->ixt_common.ixt_name);
-+ return;
-+ }
-+ crypto_free_tfm(tfm);
-+}
-+
-+/*
-+ * create new key context, need alg->ixt_data to know which
-+ * (of many) cipher inside this module is the target
-+ */
-+static __u8 *
-+_capi_new_key (struct ipsec_alg_enc *alg, const __u8 *key, size_t keylen)
-+{
-+ struct ipsec_alg_capi_cipher *cptr;
-+ struct crypto_tfm *tfm=NULL;
-+
-+ cptr = alg->ixt_common.ixt_data;
-+ if (!cptr) {
-+ printk(KERN_ERR "_capi_new_key(): "
-+ "NULL ixt_data (?!) for \"%s\" algo\n"
-+ , alg->ixt_common.ixt_name);
-+ goto err;
-+ }
-+ if (debug_crypto > 0)
-+ printk(KERN_DEBUG "klips_debug:_capi_new_key:"
-+ "name=%s cptr=%p key=%p keysize=%d\n",
-+ alg->ixt_common.ixt_name, cptr, key, keylen);
-+
-+ /*
-+ * alloc tfm
-+ */
-+ tfm = crypto_alloc_tfm(cptr->ciphername, CRYPTO_TFM_MODE_CBC);
-+ if (!tfm) {
-+ printk(KERN_ERR "_capi_new_key(): "
-+ "NULL tfm for \"%s\" cryptoapi (\"%s\") algo\n"
-+ , alg->ixt_common.ixt_name, cptr->ciphername);
-+ goto err;
-+ }
-+ if (crypto_cipher_setkey(tfm, key, keylen) < 0) {
-+ printk(KERN_ERR "_capi_new_key(): "
-+ "failed new_key() for \"%s\" cryptoapi algo (keylen=%d)\n"
-+ , alg->ixt_common.ixt_name, keylen);
-+ crypto_free_tfm(tfm);
-+ tfm=NULL;
-+ }
-+err:
-+ if (debug_crypto > 0)
-+ printk(KERN_DEBUG "klips_debug:_capi_new_key:"
-+ "name=%s key=%p keylen=%d tfm=%p\n",
-+ alg->ixt_common.ixt_name, key, keylen, tfm);
-+ return (__u8 *) tfm;
-+}
-+/*
-+ * core encryption function: will use cx->ci to call actual cipher's
-+ * cbc function
-+ */
-+static int
-+_capi_cbc_encrypt(struct ipsec_alg_enc *alg, __u8 * key_e, __u8 * in, int ilen, const __u8 * iv, int encrypt) {
-+ int error =0;
-+ struct crypto_tfm *tfm=(struct crypto_tfm *)key_e;
-+ struct scatterlist sg = {
-+ .page = virt_to_page(in),
-+ .offset = (unsigned long)(in) % PAGE_SIZE,
-+ .length=ilen,
-+ };
-+ if (debug_crypto > 1)
-+ printk(KERN_DEBUG "klips_debug:_capi_cbc_encrypt:"
-+ "key_e=%p "
-+ "in=%p out=%p ilen=%d iv=%p encrypt=%d\n"
-+ , key_e
-+ , in, in, ilen, iv, encrypt);
-+ crypto_cipher_set_iv(tfm, iv, crypto_tfm_alg_ivsize(tfm));
-+ if (encrypt)
-+ error = crypto_cipher_encrypt (tfm, &sg, &sg, ilen);
-+ else
-+ error = crypto_cipher_decrypt (tfm, &sg, &sg, ilen);
-+ if (debug_crypto > 1)
-+ printk(KERN_DEBUG "klips_debug:_capi_cbc_encrypt:"
-+ "error=%d\n"
-+ , error);
-+ return (error<0)? error : ilen;
-+}
-+/*
-+ * main initialization loop: for each cipher in list, do
-+ * 1) setup cryptoapi cipher else continue
-+ * 2) register ipsec_alg object
-+ */
-+static int
-+setup_cipher_list (struct ipsec_alg_capi_cipher* clist)
-+{
-+ struct ipsec_alg_capi_cipher *cptr;
-+ /* foreach cipher in list ... */
-+ for (cptr=clist;cptr->ciphername;cptr++) {
-+ /*
-+ * see if cipher has been disabled (0) or
-+ * if noauto set and not enabled (1)
-+ */
-+ if (cptr->parm[0] == 0 || (noauto && cptr->parm[0] < 0)) {
-+ if (debug_crypto>0)
-+ printk(KERN_INFO "setup_cipher_list(): "
-+ "ciphername=%s skipped at user request: "
-+ "noauto=%d parm[0]=%d parm[1]=%d\n"
-+ , cptr->ciphername
-+ , noauto
-+ , cptr->parm[0]
-+ , cptr->parm[1]);
-+ continue;
-+ }
-+ /*
-+ * use a local ci to avoid touching cptr->ci,
-+ * if register ipsec_alg success then bind cipher
-+ */
-+ if(cptr->alg.ixt_common.ixt_support.ias_name == NULL) {
-+ cptr->alg.ixt_common.ixt_support.ias_name = cptr->ciphername;
-+ }
-+
-+ if( setup_cipher(cptr->ciphername) ) {
-+ if (debug_crypto > 0)
-+ printk(KERN_DEBUG "klips_debug:"
-+ "setup_cipher_list():"
-+ "ciphername=%s found\n"
-+ , cptr->ciphername);
-+
-+ if (setup_ipsec_alg_capi_cipher(cptr) != 0) {
-+ printk(KERN_ERR "klips_debug:"
-+ "setup_cipher_list():"
-+ "ciphername=%s failed ipsec_alg_register\n"
-+ , cptr->ciphername);
-+ }
-+ } else {
-+ printk(KERN_INFO "KLIPS: lookup for ciphername=%s: not found \n",
-+ cptr->ciphername);
-+ }
-+ }
-+ return 0;
-+}
-+/*
-+ * deregister ipsec_alg objects and unbind ciphers
-+ */
-+static int
-+unsetup_cipher_list (struct ipsec_alg_capi_cipher* clist)
-+{
-+ struct ipsec_alg_capi_cipher *cptr;
-+ /* foreach cipher in list ... */
-+ for (cptr=clist;cptr->ciphername;cptr++) {
-+ if (cptr->alg.ixt_common.ixt_state & IPSEC_ALG_ST_REGISTERED) {
-+ unregister_ipsec_alg_enc(&cptr->alg);
-+ }
-+ }
-+ return 0;
-+}
-+/*
-+ * test loop for registered algos
-+ */
-+static int
-+test_cipher_list (struct ipsec_alg_capi_cipher* clist)
-+{
-+ int test_ret;
-+ struct ipsec_alg_capi_cipher *cptr;
-+ /* foreach cipher in list ... */
-+ for (cptr=clist;cptr->ciphername;cptr++) {
-+ if (cptr->alg.ixt_common.ixt_state & IPSEC_ALG_ST_REGISTERED) {
-+ test_ret=ipsec_alg_test(
-+ cptr->alg.ixt_common.ixt_support.ias_exttype,
-+ cptr->alg.ixt_common.ixt_support.ias_id,
-+ test_crypto);
-+ printk("test_cipher_list(alg_type=%d alg_id=%d): test_ret=%d\n",
-+ cptr->alg.ixt_common.ixt_support.ias_exttype,
-+ cptr->alg.ixt_common.ixt_support.ias_id,
-+ test_ret);
-+ }
-+ }
-+ return 0;
-+}
-+
-+IPSEC_ALG_MODULE_INIT_STATIC( ipsec_cryptoapi_init )
-+{
-+ int ret, test_ret;
-+ if ((ret=setup_cipher_list(alg_capi_carray)) < 0)
-+ return -EPROTONOSUPPORT;
-+ if (ret==0 && test_crypto) {
-+ test_ret=test_cipher_list(alg_capi_carray);
-+ }
-+ return ret;
-+}
-+IPSEC_ALG_MODULE_EXIT_STATIC( ipsec_cryptoapi_fini )
-+{
-+ unsetup_cipher_list(alg_capi_carray);
-+ return;
-+}
-+#ifdef MODULE_LICENSE
-+MODULE_LICENSE("GPL");
-+#endif
-+
-+#endif /* NO_CRYPTOAPI_SUPPORT */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_esp.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,607 @@
-+/*
-+ * processing code for ESP
-+ * Copyright (C) 2003 Michael Richardson <mcr@sandelman.ottawa.on.ca>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ */
-+
-+char ipsec_esp_c_version[] = "RCSID $Id: ipsec_esp.c,v 1.13.2.6 2006/10/06 21:39:26 paul Exp $";
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+
-+#define __NO_VERSION__
-+#include <linux/module.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "openswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/interrupt.h> /* mark_bh */
-+
-+#include <linux/netdevice.h> /* struct device, and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+#include <linux/skbuff.h>
-+#include <openswan.h>
-+#ifdef SPINLOCK
-+# ifdef SPINLOCK_23
-+# include <linux/spinlock.h> /* *lock* */
-+# else /* SPINLOCK_23 */
-+# include <asm/spinlock.h> /* *lock* */
-+# endif /* SPINLOCK_23 */
-+#endif /* SPINLOCK */
-+
-+#include <net/ip.h>
-+#include <net/protocol.h>
-+
-+#include "openswan/radij.h"
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_sa.h"
-+
-+#include "openswan/ipsec_radij.h"
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_tunnel.h"
-+#include "openswan/ipsec_rcv.h"
-+#include "openswan/ipsec_xmit.h"
-+
-+#include "openswan/ipsec_auth.h"
-+
-+#ifdef CONFIG_KLIPS_ESP
-+#include "openswan/ipsec_esp.h"
-+#endif /* CONFIG_KLIPS_ESP */
-+
-+#include "openswan/ipsec_proto.h"
-+#include "openswan/ipsec_alg.h"
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+#define ESP_DMP(_x,_y,_z) if(debug_rcv && sysctl_ipsec_debug_verbose) ipsec_dmp_block(_x,_y,_z)
-+#else
-+#define ESP_DMP(_x,_y,_z)
-+#endif
-+
-+#ifdef CONFIG_KLIPS_ESP
-+enum ipsec_rcv_value
-+ipsec_rcv_esp_checks(struct ipsec_rcv_state *irs,
-+ struct sk_buff *skb)
-+{
-+ __u8 proto;
-+ int len; /* packet length */
-+
-+ len = skb->len;
-+ proto = irs->ipp->protocol;
-+
-+ /* XXX this will need to be 8 for IPv6 */
-+ if ((proto == IPPROTO_ESP) && ((len - irs->iphlen) % 4)) {
-+ printk("klips_error:ipsec_rcv: "
-+ "got packet with content length = %d from %s -- should be on 4 octet boundary, packet dropped\n",
-+ len - irs->iphlen,
-+ irs->ipsaddr_txt);
-+ if(irs->stats) {
-+ irs->stats->rx_errors++;
-+ }
-+ return IPSEC_RCV_BADLEN;
-+ }
-+
-+ if(skb->len < (irs->hard_header_len + sizeof(struct iphdr) + sizeof(struct esphdr))) {
-+ KLIPS_PRINT(debug_rcv & DB_RX_INAU,
-+ "klips_debug:ipsec_rcv: "
-+ "runt esp packet of skb->len=%d received from %s, dropped.\n",
-+ skb->len,
-+ irs->ipsaddr_txt);
-+ if(irs->stats) {
-+ irs->stats->rx_errors++;
-+ }
-+ return IPSEC_RCV_BADLEN;
-+ }
-+
-+ irs->protostuff.espstuff.espp = (struct esphdr *)skb->h.raw;
-+ irs->said.spi = irs->protostuff.espstuff.espp->esp_spi;
-+
-+ return IPSEC_RCV_OK;
-+}
-+
-+enum ipsec_rcv_value
-+ipsec_rcv_esp_decrypt_setup(struct ipsec_rcv_state *irs,
-+ struct sk_buff *skb,
-+ __u32 *replay,
-+ unsigned char **authenticator)
-+{
-+ struct esphdr *espp = irs->protostuff.espstuff.espp;
-+ //unsigned char *idat = (unsigned char *)espp;
-+
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "packet from %s received with seq=%d (iv)=0x%08x%08x iplen=%d esplen=%d sa=%s\n",
-+ irs->ipsaddr_txt,
-+ (__u32)ntohl(espp->esp_rpl),
-+ (__u32)ntohl(*((__u32 *)(espp->esp_iv) )),
-+ (__u32)ntohl(*((__u32 *)(espp->esp_iv) + 1)),
-+ irs->len,
-+ irs->ilen,
-+ irs->sa_len ? irs->sa : " (error)");
-+
-+ *replay = ntohl(espp->esp_rpl);
-+ *authenticator = &(skb->h.raw[irs->ilen]);
-+
-+ return IPSEC_RCV_OK;
-+}
-+
-+enum ipsec_rcv_value
-+ipsec_rcv_esp_authcalc(struct ipsec_rcv_state *irs,
-+ struct sk_buff *skb)
-+{
-+ struct auth_alg *aa;
-+ struct esphdr *espp = irs->protostuff.espstuff.espp;
-+ union {
-+ MD5_CTX md5;
-+ SHA1_CTX sha1;
-+ } tctx;
-+
-+ if (irs->ipsp->ips_alg_auth) {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "ipsec_alg hashing proto=%d... ",
-+ irs->said.proto);
-+ if(irs->said.proto == IPPROTO_ESP) {
-+ ipsec_alg_sa_esp_hash(irs->ipsp,
-+ (caddr_t)espp, irs->ilen,
-+ irs->hash, AHHMAC_HASHLEN);
-+ return IPSEC_RCV_OK;
-+ }
-+ return IPSEC_RCV_BADPROTO;
-+ }
-+ aa = irs->authfuncs;
-+
-+ /* copy the initialized keying material */
-+ memcpy(&tctx, irs->ictx, irs->ictx_len);
-+
-+#ifdef HASH_DEBUG
-+ ESP_DMP("ictx", irs->ictx, irs->ictx_len);
-+
-+ ESP_DMP("mac_esp", (caddr_t)espp, irs->ilen);
-+#endif
-+ (*aa->update)((void *)&tctx, (caddr_t)espp, irs->ilen);
-+
-+ (*aa->final)(irs->hash, (void *)&tctx);
-+
-+#ifdef HASH_DEBUG
-+ ESP_DMP("hash1", irs->hash, aa->hashlen);
-+#endif
-+
-+ memcpy(&tctx, irs->octx, irs->octx_len);
-+
-+#ifdef HASH_DEBUG
-+ ESP_DMP("octx", irs->octx, irs->octx_len);
-+#endif
-+
-+ (*aa->update)((void *)&tctx, irs->hash, aa->hashlen);
-+ (*aa->final)(irs->hash, (void *)&tctx);
-+
-+ return IPSEC_RCV_OK;
-+}
-+
-+
-+enum ipsec_rcv_value
-+ipsec_rcv_esp_decrypt(struct ipsec_rcv_state *irs)
-+{
-+ struct ipsec_sa *ipsp = irs->ipsp;
-+ struct esphdr *espp = irs->protostuff.espstuff.espp;
-+ int i;
-+ int pad = 0, padlen;
-+ int badpad = 0;
-+ int esphlen = 0;
-+ __u8 *idat; /* pointer to content to be decrypted/authenticated */
-+ int encaplen = 0;
-+ struct sk_buff *skb;
-+ struct ipsec_alg_enc *ixt_e=NULL;
-+
-+ skb=irs->skb;
-+
-+ idat = skb->h.raw;
-+
-+ /* encaplen is the distance between the end of the IP
-+ * header and the beginning of the ESP header.
-+ * on ESP headers it is zero, but on UDP-encap ESP
-+ * it includes the space for the UDP header.
-+ *
-+ * Note: UDP-encap code has already moved the
-+ * skb->data forward to accomodate this.
-+ */
-+ encaplen = idat - (skb->nh.raw + irs->iphlen);
-+
-+ ixt_e=ipsp->ips_alg_enc;
-+ esphlen = ESP_HEADER_LEN + ixt_e->ixt_common.ixt_support.ias_ivlen/8;
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "encalg=%d esphlen=%d\n",
-+ ipsp->ips_encalg, esphlen);
-+
-+ idat += esphlen;
-+ irs->ilen -= esphlen;
-+
-+ if (ipsec_alg_esp_encrypt(ipsp,
-+ idat, irs->ilen, espp->esp_iv,
-+ IPSEC_ALG_DECRYPT) <= 0) {
-+#ifdef CONFIG_KLIPS_DEBUG
-+ KLIPS_ERROR(debug_rcv, "klips_error:ipsec_rcv: "
-+ "got packet with esplen = %d "
-+ "from %s -- should be on "
-+ "ENC(%d) octet boundary, "
-+ "packet dropped\n",
-+ irs->ilen,
-+ irs->ipsaddr_txt,
-+ ipsp->ips_encalg);
-+#endif
-+ if(irs->stats) {
-+ irs->stats->rx_errors++;
-+ }
-+ return IPSEC_RCV_BAD_DECRYPT;
-+ }
-+
-+ ESP_DMP("postdecrypt", idat, irs->ilen);
-+
-+ irs->next_header = idat[irs->ilen - 1];
-+ padlen = idat[irs->ilen - 2];
-+ pad = padlen + 2 + irs->authlen;
-+
-+ KLIPS_PRINT(debug_rcv & DB_RX_IPAD,
-+ "klips_debug:ipsec_rcv: "
-+ "padlen=%d, contents: 0x<offset>: 0x<value> 0x<value> ...\n",
-+ padlen);
-+
-+ for (i = 1; i <= padlen; i++) {
-+ if((i % 16) == 1) {
-+ KLIPS_PRINT(debug_rcv & DB_RX_IPAD,
-+ "klips_debug: %02x:",
-+ i - 1);
-+ }
-+ KLIPS_PRINTMORE(debug_rcv & DB_RX_IPAD,
-+ " %02x",
-+ idat[irs->ilen - 2 - padlen + i - 1]);
-+ if(i != idat[irs->ilen - 2 - padlen + i - 1]) {
-+ badpad = 1;
-+ }
-+ if((i % 16) == 0) {
-+ KLIPS_PRINTMORE(debug_rcv & DB_RX_IPAD,
-+ "\n");
-+ }
-+ }
-+ if((i % 16) != 1) {
-+ KLIPS_PRINTMORE(debug_rcv & DB_RX_IPAD,
-+ "\n");
-+ }
-+ if(badpad) {
-+ KLIPS_PRINT(debug_rcv & DB_RX_IPAD,
-+ "klips_debug:ipsec_rcv: "
-+ "warning, decrypted packet from %s has bad padding\n",
-+ irs->ipsaddr_txt);
-+ KLIPS_PRINT(debug_rcv & DB_RX_IPAD,
-+ "klips_debug:ipsec_rcv: "
-+ "...may be bad decryption -- not dropped\n");
-+ ipsp->ips_errs.ips_encpad_errs += 1;
-+ }
-+
-+ KLIPS_PRINT(debug_rcv & DB_RX_IPAD,
-+ "klips_debug:ipsec_rcv: "
-+ "packet decrypted from %s: next_header = %d, padding = %d\n",
-+ irs->ipsaddr_txt,
-+ irs->next_header,
-+ pad - 2 - irs->authlen);
-+
-+ irs->ipp->tot_len = htons(ntohs(irs->ipp->tot_len) - (esphlen + pad));
-+
-+ /*
-+ * move the IP header forward by the size of the ESP header, which
-+ * will remove the the ESP header from the packet.
-+ *
-+ * XXX this is really unnecessary, since odds we are in tunnel
-+ * mode, and we will be *removing* this IP header.
-+ *
-+ */
-+ memmove((void *)(idat - irs->iphlen),
-+ (void *)(skb->nh.raw), irs->iphlen);
-+
-+ ESP_DMP("esp postmove", (idat - irs->iphlen),
-+ irs->iphlen + irs->ilen);
-+
-+ /* skb_pull below, will move up by esphlen */
-+
-+ /* XXX not clear how this can happen, as the message indicates */
-+ if(skb->len < esphlen) {
-+ printk(KERN_WARNING
-+ "klips_error:ipsec_rcv: "
-+ "tried to skb_pull esphlen=%d, %d available. This should never happen, please report.\n",
-+ esphlen, (int)(skb->len));
-+ return IPSEC_RCV_ESP_DECAPFAIL;
-+ }
-+ skb_pull(skb, esphlen);
-+ skb->nh.raw = idat - irs->iphlen;
-+ irs->ipp = skb->nh.iph;
-+
-+ ESP_DMP("esp postpull", skb->data, skb->len);
-+
-+ /* now, trip off the padding from the end */
-+ KLIPS_PRINT(debug_rcv & DB_RX_PKTRX,
-+ "klips_debug:ipsec_rcv: "
-+ "trimming to %d.\n",
-+ irs->len - esphlen - pad);
-+ if(pad + esphlen <= irs->len) {
-+ skb_trim(skb, irs->len - esphlen - pad);
-+ } else {
-+ KLIPS_PRINT(debug_rcv & DB_RX_PKTRX,
-+ "klips_debug:ipsec_rcv: "
-+ "bogus packet, size is zero or negative, dropping.\n");
-+ return IPSEC_RCV_DECAPFAIL;
-+ }
-+
-+ return IPSEC_RCV_OK;
-+}
-+
-+/*
-+ *
-+ */
-+enum ipsec_xmit_value
-+ipsec_xmit_esp_setup(struct ipsec_xmit_state *ixs)
-+{
-+#ifdef CONFIG_KLIPS_ENC_3DES
-+ __u32 iv[2];
-+#endif
-+ struct esphdr *espp;
-+ int ilen = 0;
-+ int padlen = 0, i;
-+ unsigned char *dat;
-+ unsigned char *idat, *pad;
-+ __u8 hash[AH_AMAX];
-+ union {
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_MD5
-+ MD5_CTX md5;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_MD5 */
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_SHA1
-+ SHA1_CTX sha1;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_SHA1 */
-+ } tctx;
-+
-+ dat = (unsigned char *)ixs->iph;
-+
-+ espp = (struct esphdr *)(dat + ixs->iphlen);
-+ espp->esp_spi = ixs->ipsp->ips_said.spi;
-+ espp->esp_rpl = htonl(++(ixs->ipsp->ips_replaywin_lastseq));
-+
-+ switch(ixs->ipsp->ips_encalg) {
-+#if defined(CONFIG_KLIPS_ENC_3DES)
-+#ifdef CONFIG_KLIPS_ENC_3DES
-+ case ESP_3DES:
-+#endif /* CONFIG_KLIPS_ENC_3DES */
-+ iv[0] = *((__u32*)&(espp->esp_iv) ) =
-+ ((__u32*)(ixs->ipsp->ips_iv))[0];
-+ iv[1] = *((__u32*)&(espp->esp_iv) + 1) =
-+ ((__u32*)(ixs->ipsp->ips_iv))[1];
-+ break;
-+#endif /* defined(CONFIG_KLIPS_ENC_3DES) */
-+ default:
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_ESP_BADALG;
-+ }
-+
-+ idat = dat + ixs->iphlen + sizeof(struct esphdr);
-+ ilen = ixs->skb->len - (ixs->iphlen + sizeof(struct esphdr) + ixs->authlen);
-+
-+ /* Self-describing padding */
-+ pad = &dat[ixs->skb->len - ixs->tailroom];
-+ padlen = ixs->tailroom - 2 - ixs->authlen;
-+ for (i = 0; i < padlen; i++) {
-+ pad[i] = i + 1;
-+ }
-+ dat[ixs->skb->len - ixs->authlen - 2] = padlen;
-+
-+ dat[ixs->skb->len - ixs->authlen - 1] = ixs->iph->protocol;
-+ ixs->iph->protocol = IPPROTO_ESP;
-+
-+ switch(ixs->ipsp->ips_encalg) {
-+#ifdef CONFIG_KLIPS_ENC_3DES
-+ case ESP_3DES:
-+ des_ede3_cbc_encrypt((des_cblock *)idat,
-+ (des_cblock *)idat,
-+ ilen,
-+ ((struct des_eks *)(ixs->ipsp->ips_key_e))[0].ks,
-+ ((struct des_eks *)(ixs->ipsp->ips_key_e))[1].ks,
-+ ((struct des_eks *)(ixs->ipsp->ips_key_e))[2].ks,
-+ (des_cblock *)iv, 1);
-+ break;
-+#endif /* CONFIG_KLIPS_ENC_3DES */
-+ default:
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_ESP_BADALG;
-+ }
-+
-+ switch(ixs->ipsp->ips_encalg) {
-+#if defined(CONFIG_KLIPS_ENC_3DES)
-+#ifdef CONFIG_KLIPS_ENC_3DES
-+ case ESP_3DES:
-+#endif /* CONFIG_KLIPS_ENC_3DES */
-+ /* XXX update IV with the last 8 octets of the encryption */
-+#if KLIPS_IMPAIRMENT_ESPIV_CBC_ATTACK
-+ ((__u32*)(ixs->ipsp->ips_iv))[0] =
-+ ((__u32 *)(idat))[(ilen >> 2) - 2];
-+ ((__u32*)(ixs->ipsp->ips_iv))[1] =
-+ ((__u32 *)(idat))[(ilen >> 2) - 1];
-+#else /* KLIPS_IMPAIRMENT_ESPIV_CBC_ATTACK */
-+ prng_bytes(&ipsec_prng, (char *)ixs->ipsp->ips_iv, EMT_ESPDES_IV_SZ);
-+#endif /* KLIPS_IMPAIRMENT_ESPIV_CBC_ATTACK */
-+ break;
-+#endif /* defined(CONFIG_KLIPS_ENC_3DES) */
-+ default:
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_ESP_BADALG;
-+ }
-+
-+ switch(ixs->ipsp->ips_authalg) {
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_MD5
-+ case AH_MD5:
-+ ipsec_xmit_dmp("espp", (char*)espp, ixs->skb->len - ixs->iphlen - ixs->authlen);
-+ tctx.md5 = ((struct md5_ctx*)(ixs->ipsp->ips_key_a))->ictx;
-+ ipsec_xmit_dmp("ictx", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Update(&tctx.md5, (caddr_t)espp, ixs->skb->len - ixs->iphlen - ixs->authlen);
-+ ipsec_xmit_dmp("ictx+dat", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Final(hash, &tctx.md5);
-+ ipsec_xmit_dmp("ictx hash", (char*)&hash, sizeof(hash));
-+ tctx.md5 = ((struct md5_ctx*)(ixs->ipsp->ips_key_a))->octx;
-+ ipsec_xmit_dmp("octx", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Update(&tctx.md5, hash, AHMD596_ALEN);
-+ ipsec_xmit_dmp("octx+hash", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Final(hash, &tctx.md5);
-+ ipsec_xmit_dmp("octx hash", (char*)&hash, sizeof(hash));
-+ memcpy(&(dat[ixs->skb->len - ixs->authlen]), hash, ixs->authlen);
-+
-+ /* paranoid */
-+ memset((caddr_t)&tctx.md5, 0, sizeof(tctx.md5));
-+ memset((caddr_t)hash, 0, sizeof(*hash));
-+ break;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_MD5 */
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_SHA1
-+ case AH_SHA:
-+ tctx.sha1 = ((struct sha1_ctx*)(ixs->ipsp->ips_key_a))->ictx;
-+ SHA1Update(&tctx.sha1, (caddr_t)espp, ixs->skb->len - ixs->iphlen - ixs->authlen);
-+ SHA1Final(hash, &tctx.sha1);
-+ tctx.sha1 = ((struct sha1_ctx*)(ixs->ipsp->ips_key_a))->octx;
-+ SHA1Update(&tctx.sha1, hash, AHSHA196_ALEN);
-+ SHA1Final(hash, &tctx.sha1);
-+ memcpy(&(dat[ixs->skb->len - ixs->authlen]), hash, ixs->authlen);
-+
-+ /* paranoid */
-+ memset((caddr_t)&tctx.sha1, 0, sizeof(tctx.sha1));
-+ memset((caddr_t)hash, 0, sizeof(*hash));
-+ break;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_SHA1 */
-+ case AH_NONE:
-+ break;
-+ default:
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_AH_BADALG;
-+ }
-+
-+ ixs->skb->h.raw = (unsigned char*)espp;
-+
-+ return IPSEC_XMIT_OK;
-+}
-+
-+
-+struct xform_functions esp_xform_funcs[]={
-+ { rcv_checks: ipsec_rcv_esp_checks,
-+ rcv_setup_auth: ipsec_rcv_esp_decrypt_setup,
-+ rcv_calc_auth: ipsec_rcv_esp_authcalc,
-+ rcv_decrypt: ipsec_rcv_esp_decrypt,
-+
-+ xmit_setup: ipsec_xmit_esp_setup,
-+ xmit_headroom: sizeof(struct esphdr),
-+ xmit_needtailroom: 1,
-+ },
-+};
-+
-+#ifdef NET_26
-+struct inet_protocol esp_protocol = {
-+ .handler = ipsec_rcv,
-+ .no_policy = 1,
-+};
-+#else
-+struct inet_protocol esp_protocol =
-+{
-+ ipsec_rcv, /* ESP handler */
-+ NULL, /* TUNNEL error control */
-+#ifdef NETDEV_25
-+ 1, /* no policy */
-+#else
-+ 0, /* next */
-+ IPPROTO_ESP, /* protocol ID */
-+ 0, /* copy */
-+ NULL, /* data */
-+ "ESP" /* name */
-+#endif
-+};
-+#endif /* NET_26 */
-+
-+#endif /* !CONFIG_KLIPS_ESP */
-+
-+
-+/*
-+ * $Log: ipsec_esp.c,v $
-+ * Revision 1.13.2.6 2006/10/06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.13.2.5 2006/08/24 03:02:01 paul
-+ * Compile fixes for when CONFIG_KLIPS_DEBUG is not set. (bug #642)
-+ *
-+ * Revision 1.13.2.4 2006/05/06 03:07:38 ken
-+ * Pull in proper padsize->tailroom fix from #public
-+ * Need to do correct math on padlen since padsize is not equal to tailroom
-+ *
-+ * Revision 1.13.2.3 2006/05/05 03:58:04 ken
-+ * ixs->padsize becomes ixs->tailroom
-+ *
-+ * Revision 1.13.2.2 2006/05/01 14:36:03 mcr
-+ * use KLIPS_ERROR for fatal things.
-+ *
-+ * Revision 1.13.2.1 2006/04/20 16:33:06 mcr
-+ * remove all of CONFIG_KLIPS_ALG --- one can no longer build without it.
-+ * Fix in-kernel module compilation. Sub-makefiles do not work.
-+ *
-+ * Revision 1.13 2005/05/21 03:19:57 mcr
-+ * hash ctx is not really that interesting most of the time.
-+ *
-+ * Revision 1.12 2005/05/11 01:28:49 mcr
-+ * removed "poor-man"s OOP in favour of proper C structures.
-+ *
-+ * Revision 1.11 2005/04/29 05:10:22 mcr
-+ * removed from extraenous includes to make unit testing easier.
-+ *
-+ * Revision 1.10 2005/04/17 04:36:14 mcr
-+ * code now deals with ESP and UDP-ESP code.
-+ *
-+ * Revision 1.9 2005/04/15 19:52:30 mcr
-+ * adjustments to use proper skb fields for data.
-+ *
-+ * Revision 1.8 2004/09/14 00:22:57 mcr
-+ * adjustment of MD5* functions.
-+ *
-+ * Revision 1.7 2004/09/13 02:23:01 mcr
-+ * #define inet_protocol if necessary.
-+ *
-+ * Revision 1.6 2004/09/06 18:35:49 mcr
-+ * 2.6.8.1 gets rid of inet_protocol->net_protocol compatibility,
-+ * so adjust for that.
-+ *
-+ * Revision 1.5 2004/08/17 03:27:23 mcr
-+ * klips 2.6 edits.
-+ *
-+ * Revision 1.4 2004/08/04 15:57:07 mcr
-+ * moved des .h files to include/des/ *
-+ * included 2.6 protocol specific things
-+ * started at NAT-T support, but it will require a kernel patch.
-+ *
-+ * Revision 1.3 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.2 2004/04/06 02:49:25 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_init.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,614 @@
-+/*
-+ * @(#) Initialization code.
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998 - 2002 Richard Guy Briggs <rgb@freeswan.org>
-+ * 2001 - 2004 Michael Richardson <mcr@xelerance.com>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * /proc system code was split out into ipsec_proc.c after rev. 1.70.
-+ *
-+ */
-+
-+char ipsec_init_c_version[] = "RCSID $Id: ipsec_init.c,v 1.104.2.4 2006/10/06 21:39:26 paul Exp $";
-+
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+#include <linux/module.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "openswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/interrupt.h> /* mark_bh */
-+
-+#include <linux/netdevice.h> /* struct device, and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+#include <linux/in.h> /* struct sockaddr_in */
-+#include <linux/skbuff.h>
-+#include <linux/random.h> /* get_random_bytes() */
-+#include <net/protocol.h>
-+
-+#include <openswan.h>
-+
-+#ifdef SPINLOCK
-+# ifdef SPINLOCK_23
-+# include <linux/spinlock.h> /* *lock* */
-+# else /* 23_SPINLOCK */
-+# include <asm/spinlock.h> /* *lock* */
-+# endif /* 23_SPINLOCK */
-+#endif /* SPINLOCK */
-+
-+#include <net/ip.h>
-+
-+#ifdef CONFIG_PROC_FS
-+# include <linux/proc_fs.h>
-+#endif /* CONFIG_PROC_FS */
-+
-+#ifdef NETLINK_SOCK
-+# include <linux/netlink.h>
-+#else
-+# include <net/netlink.h>
-+#endif
-+
-+#include "openswan/radij.h"
-+
-+#include "openswan/ipsec_life.h"
-+#include "openswan/ipsec_stats.h"
-+#include "openswan/ipsec_sa.h"
-+
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_radij.h"
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_tunnel.h"
-+
-+#include "openswan/ipsec_rcv.h"
-+#include "openswan/ipsec_ah.h"
-+#include "openswan/ipsec_esp.h"
-+
-+#ifdef CONFIG_KLIPS_IPCOMP
-+# include "openswan/ipcomp.h"
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+
-+#include "openswan/ipsec_proto.h"
-+#include "openswan/ipsec_alg.h"
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+#if defined(NET_26) && defined(CONFIG_IPSEC_NAT_TRAVERSAL)
-+#include <net/xfrmudp.h>
-+#endif
-+
-+#if defined(NET_26) && defined(CONFIG_IPSEC_NAT_TRAVERSAL) && !defined(HAVE_XFRM4_UDP_REGISTER)
-+#warning "You are trying to build KLIPS2.6 with NAT-T support, but you did not"
-+#error "properly apply the NAT-T patch to your 2.6 kernel source tree."
-+#endif
-+
-+#if !defined(CONFIG_KLIPS_ESP) && !defined(CONFIG_KLIPS_AH)
-+#error "kernel configuration must include ESP or AH"
-+#endif
-+
-+/*
-+ * seems to be present in 2.4.10 (Linus), but also in some RH and other
-+ * distro kernels of a lower number.
-+ */
-+#ifdef MODULE_LICENSE
-+MODULE_LICENSE("GPL");
-+#endif
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+int debug_eroute = 0;
-+int debug_spi = 0;
-+int debug_netlink = 0;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+struct prng ipsec_prng;
-+
-+
-+#if defined(NET_26) && defined(CONFIG_IPSEC_NAT_TRAVERSAL)
-+xfrm4_rcv_encap_t klips_old_encap = NULL;
-+#endif
-+
-+extern int ipsec_device_event(struct notifier_block *dnot, unsigned long event, void *ptr);
-+/*
-+ * the following structure is required so that we receive
-+ * event notifications when network devices are enabled and
-+ * disabled (ifconfig up and down).
-+ */
-+static struct notifier_block ipsec_dev_notifier={
-+ ipsec_device_event,
-+ NULL,
-+ 0
-+};
-+
-+#ifdef CONFIG_SYSCTL
-+extern int ipsec_sysctl_register(void);
-+extern void ipsec_sysctl_unregister(void);
-+#endif
-+
-+#if defined(NET_26) || defined(IPSKB_XFRM_TUNNEL_SIZE)
-+static inline int
-+openswan_inet_add_protocol(struct inet_protocol *prot, unsigned protocol)
-+{
-+ return inet_add_protocol(prot, protocol);
-+}
-+
-+static inline int
-+openswan_inet_del_protocol(struct inet_protocol *prot, unsigned protocol)
-+{
-+ return inet_del_protocol(prot, protocol);
-+}
-+
-+#else
-+static inline int
-+openswan_inet_add_protocol(struct inet_protocol *prot, unsigned protocol)
-+{
-+ inet_add_protocol(prot);
-+ return 0;
-+}
-+
-+static inline int
-+openswan_inet_del_protocol(struct inet_protocol *prot, unsigned protocol)
-+{
-+ inet_del_protocol(prot);
-+ return 0;
-+}
-+
-+#endif
-+
-+/* void */
-+int
-+ipsec_klips_init(void)
-+{
-+ int error = 0;
-+ unsigned char seed[256];
-+#ifdef CONFIG_KLIPS_ENC_3DES
-+ extern int des_check_key;
-+
-+ /* turn off checking of keys */
-+ des_check_key=0;
-+#endif /* CONFIG_KLIPS_ENC_3DES */
-+
-+ KLIPS_PRINT(1, "klips_info:ipsec_init: "
-+ "KLIPS startup, Openswan KLIPS IPsec stack version: %s\n",
-+ ipsec_version_code());
-+
-+ error |= ipsec_proc_init();
-+
-+#ifdef SPINLOCK
-+ ipsec_sadb.sadb_lock = SPIN_LOCK_UNLOCKED;
-+#else /* SPINLOCK */
-+ ipsec_sadb.sadb_lock = 0;
-+#endif /* SPINLOCK */
-+
-+#ifndef SPINLOCK
-+ tdb_lock.lock = 0;
-+ eroute_lock.lock = 0;
-+#endif /* !SPINLOCK */
-+
-+ error |= ipsec_sadb_init();
-+ error |= ipsec_radijinit();
-+
-+ error |= pfkey_init();
-+
-+ error |= register_netdevice_notifier(&ipsec_dev_notifier);
-+
-+#ifdef CONFIG_KLIPS_ESP
-+ openswan_inet_add_protocol(&esp_protocol, IPPROTO_ESP);
-+#endif /* CONFIG_KLIPS_ESP */
-+
-+#ifdef CONFIG_KLIPS_AH
-+ openswan_inet_add_protocol(&ah_protocol, IPPROTO_AH);
-+#endif /* CONFIG_KLIPS_AH */
-+
-+/* we never actually link IPCOMP to the stack */
-+#ifdef IPCOMP_USED_ALONE
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ openswan_inet_add_protocol(&comp_protocol, IPPROTO_COMP);
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+#endif
-+
-+ error |= ipsec_tunnel_init_devices();
-+
-+#if defined(NET_26) && defined(CONFIG_IPSEC_NAT_TRAVERSAL)
-+ /* register our ESP-UDP handler */
-+ if(udp4_register_esp_rcvencap(klips26_rcv_encap
-+ , &klips_old_encap)!=0) {
-+ printk(KERN_ERR "KLIPS: can not register klips_rcv_encap function\n");
-+ }
-+#endif
-+
-+
-+#ifdef CONFIG_SYSCTL
-+ error |= ipsec_sysctl_register();
-+#endif
-+
-+ ipsec_alg_init();
-+
-+ get_random_bytes((void *)seed, sizeof(seed));
-+ prng_init(&ipsec_prng, seed, sizeof(seed));
-+
-+ return error;
-+}
-+
-+
-+/* void */
-+int
-+ipsec_cleanup(void)
-+{
-+ int error = 0;
-+
-+#ifdef CONFIG_SYSCTL
-+ ipsec_sysctl_unregister();
-+#endif
-+#if defined(NET_26) && defined(CONFIG_IPSEC_NAT_TRAVERSAL)
-+ if(udp4_unregister_esp_rcvencap(klips_old_encap) < 0) {
-+ printk(KERN_ERR "KLIPS: can not unregister klips_rcv_encap function\n");
-+ }
-+#endif
-+
-+ KLIPS_PRINT(debug_netlink, /* debug_tunnel & DB_TN_INIT, */
-+ "klips_debug:ipsec_cleanup: "
-+ "calling ipsec_tunnel_cleanup_devices.\n");
-+ error |= ipsec_tunnel_cleanup_devices();
-+
-+ KLIPS_PRINT(debug_netlink, "called ipsec_tunnel_cleanup_devices");
-+
-+/* we never actually link IPCOMP to the stack */
-+#ifdef IPCOMP_USED_ALONE
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ if (openswan_inet_del_protocol(&comp_protocol, IPPROTO_COMP) < 0)
-+ printk(KERN_INFO "klips_debug:ipsec_cleanup: "
-+ "comp close: can't remove protocol\n");
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+#endif /* IPCOMP_USED_ALONE */
-+
-+#ifdef CONFIG_KLIPS_AH
-+ if (openswan_inet_del_protocol(&ah_protocol, IPPROTO_AH) < 0)
-+ printk(KERN_INFO "klips_debug:ipsec_cleanup: "
-+ "ah close: can't remove protocol\n");
-+#endif /* CONFIG_KLIPS_AH */
-+
-+#ifdef CONFIG_KLIPS_ESP
-+ if (openswan_inet_del_protocol(&esp_protocol, IPPROTO_ESP) < 0)
-+ printk(KERN_INFO "klips_debug:ipsec_cleanup: "
-+ "esp close: can't remove protocol\n");
-+#endif /* CONFIG_KLIPS_ESP */
-+
-+ error |= unregister_netdevice_notifier(&ipsec_dev_notifier);
-+
-+ KLIPS_PRINT(debug_netlink, /* debug_tunnel & DB_TN_INIT, */
-+ "klips_debug:ipsec_cleanup: "
-+ "calling ipsec_sadb_cleanup.\n");
-+ error |= ipsec_sadb_cleanup(0);
-+ error |= ipsec_sadb_free();
-+
-+ KLIPS_PRINT(debug_netlink, /* debug_tunnel & DB_TN_INIT, */
-+ "klips_debug:ipsec_cleanup: "
-+ "calling ipsec_radijcleanup.\n");
-+ error |= ipsec_radijcleanup();
-+
-+ KLIPS_PRINT(debug_pfkey, /* debug_tunnel & DB_TN_INIT, */
-+ "klips_debug:ipsec_cleanup: "
-+ "calling pfkey_cleanup.\n");
-+ error |= pfkey_cleanup();
-+
-+ ipsec_proc_cleanup();
-+
-+ prng_final(&ipsec_prng);
-+
-+ return error;
-+}
-+
-+#ifdef MODULE
-+int
-+init_module(void)
-+{
-+ int error = 0;
-+
-+ error |= ipsec_klips_init();
-+
-+ return error;
-+}
-+
-+void
-+cleanup_module(void)
-+{
-+ KLIPS_PRINT(debug_netlink, /* debug_tunnel & DB_TN_INIT, */
-+ "klips_debug:cleanup_module: "
-+ "calling ipsec_cleanup.\n");
-+
-+ ipsec_cleanup();
-+
-+ KLIPS_PRINT(1, "klips_info:cleanup_module: "
-+ "ipsec module unloaded.\n");
-+}
-+#endif /* MODULE */
-+
-+/*
-+ * $Log: ipsec_init.c,v $
-+ * Revision 1.104.2.4 2006/10/06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.104.2.3 2006/07/31 15:25:20 paul
-+ * Check for NETKEY backport in Debian using IPSKB_XFRM_TUNNEL_SIZE to
-+ * determine wether inet_add_protocol needs the protocol argument.
-+ *
-+ * Revision 1.104.2.2 2006/04/20 16:33:06 mcr
-+ * remove all of CONFIG_KLIPS_ALG --- one can no longer build without it.
-+ * Fix in-kernel module compilation. Sub-makefiles do not work.
-+ *
-+ * Revision 1.104.2.1 2005/08/12 01:18:20 ken
-+ * Warn people who don't have NAT-T patch applied, but try and compile NAT-T code
-+ *
-+ * Revision 1.105 2005/08/12 00:56:33 mcr
-+ * add warning for people who didn't apply nat-t patch.
-+ *
-+ * Revision 1.104 2005/07/08 15:51:41 mcr
-+ * removed duplicate NAT-T code.
-+ * if CONFIG_IPSEC_NAT_TRAVERSAL isn't defined, then there is no issue.
-+ *
-+ * Revision 1.103 2005/07/08 03:02:05 paul
-+ * Fixed garbled define that accidentally got commited to the real tree.
-+ *
-+ * Revision 1.102 2005/07/08 02:56:37 paul
-+ * gcc4 fixes that were not commited because vault was down
-+ *
-+ * Revision 1.101 2005/04/29 05:10:22 mcr
-+ * removed from extraenous includes to make unit testing easier.
-+ *
-+ * Revision 1.100 2005/04/10 22:56:09 mcr
-+ * change to udp.c registration API.
-+ *
-+ * Revision 1.99 2005/04/08 18:26:13 mcr
-+ * register with udp.c, the klips26 encap receive function
-+ *
-+ * Revision 1.98 2004/09/13 02:23:18 mcr
-+ * #define inet_protocol if necessary.
-+ *
-+ * Revision 1.97 2004/09/06 18:35:49 mcr
-+ * 2.6.8.1 gets rid of inet_protocol->net_protocol compatibility,
-+ * so adjust for that.
-+ *
-+ * Revision 1.96 2004/08/17 03:27:23 mcr
-+ * klips 2.6 edits.
-+ *
-+ * Revision 1.95 2004/08/03 18:19:08 mcr
-+ * in 2.6, use "net_device" instead of #define device->net_device.
-+ * this probably breaks 2.0 compiles.
-+ *
-+ * Revision 1.94 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.93 2004/04/06 02:49:26 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.92 2004/03/30 15:30:39 ken
-+ * Proper Capitalization
-+ *
-+ * Revision 1.91 2004/03/22 01:51:51 ken
-+ * We are open
-+ *
-+ * Revision 1.90.4.2 2004/04/05 04:30:46 mcr
-+ * patches for alg-branch to compile/work with 2.x openswan
-+ *
-+ * Revision 1.90.4.1 2003/12/22 15:25:52 jjo
-+ * Merged algo-0.8.1-rc11-test1 into alg-branch
-+ *
-+ * Revision 1.90 2003/10/31 02:27:55 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.89.4.1 2003/10/29 01:30:41 mcr
-+ * elimited "struct sa_id".
-+ *
-+ * Revision 1.89 2003/07/31 22:47:16 mcr
-+ * preliminary (untested by FS-team) 2.5 patches.
-+ *
-+ * Revision 1.88 2003/06/22 20:05:36 mcr
-+ * clarified why IPCOMP was not being registered, and put a new
-+ * #ifdef in rather than #if 0.
-+ *
-+ * Revision 1.87 2002/09/20 15:40:51 rgb
-+ * Added a lock to the global ipsec_sadb struct for future use.
-+ * Split ipsec_sadb_cleanup from new funciton ipsec_sadb_free to avoid problem
-+ * of freeing newly created structures when clearing the reftable upon startup
-+ * to start from a known state.
-+ *
-+ * Revision 1.86 2002/08/15 18:39:15 rgb
-+ * Move ipsec_prng outside debug code.
-+ *
-+ * Revision 1.85 2002/05/14 02:35:29 rgb
-+ * Change reference to tdb to ipsa.
-+ *
-+ * Revision 1.84 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.83 2002/04/24 07:36:28 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_init.c,v
-+ *
-+ * Revision 1.82 2002/04/20 00:12:25 rgb
-+ * Added esp IV CBC attack fix, disabled.
-+ *
-+ * Revision 1.81 2002/04/09 16:13:32 mcr
-+ * switch license to straight GPL.
-+ *
-+ * Revision 1.80 2002/03/24 07:34:08 rgb
-+ * Sanity check for at least one of AH or ESP configured.
-+ *
-+ * Revision 1.79 2002/02/05 22:55:15 mcr
-+ * added MODULE_LICENSE declaration.
-+ * This macro does not appear in all kernel versions (see comment).
-+ *
-+ * Revision 1.78 2002/01/29 17:17:55 mcr
-+ * moved include of ipsec_param.h to after include of linux/kernel.h
-+ * otherwise, it seems that some option that is set in ipsec_param.h
-+ * screws up something subtle in the include path to kernel.h, and
-+ * it complains on the snprintf() prototype.
-+ *
-+ * Revision 1.77 2002/01/29 04:00:51 mcr
-+ * more excise of kversions.h header.
-+ *
-+ * Revision 1.76 2002/01/29 02:13:17 mcr
-+ * introduction of ipsec_kversion.h means that include of
-+ * ipsec_param.h must preceed any decisions about what files to
-+ * include to deal with differences in kernel source.
-+ *
-+ * Revision 1.75 2001/11/26 09:23:48 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.74 2001/11/22 05:44:11 henry
-+ * new version stuff
-+ *
-+ * Revision 1.71.2.2 2001/10/22 20:51:00 mcr
-+ * explicitely set des_check_key.
-+ *
-+ * Revision 1.71.2.1 2001/09/25 02:19:39 mcr
-+ * /proc manipulation code moved to new ipsec_proc.c
-+ *
-+ * Revision 1.73 2001/11/06 19:47:17 rgb
-+ * Changed lifetime_packets to uint32 from uint64.
-+ *
-+ * Revision 1.72 2001/10/18 04:45:19 rgb
-+ * 2.4.9 kernel deprecates linux/malloc.h in favour of linux/slab.h,
-+ * lib/freeswan.h version macros moved to lib/kversions.h.
-+ * Other compiler directive cleanups.
-+ *
-+ * Revision 1.71 2001/09/20 15:32:45 rgb
-+ * Minor pfkey lifetime fixes.
-+ *
-+ * Revision 1.70 2001/07/06 19:51:21 rgb
-+ * Added inbound policy checking code for IPIP SAs.
-+ *
-+ * Revision 1.69 2001/06/14 19:33:26 rgb
-+ * Silence startup message for console, but allow it to be logged.
-+ * Update copyright date.
-+ *
-+ * Revision 1.68 2001/05/29 05:14:36 rgb
-+ * Added PMTU to /proc/net/ipsec_tncfg output. See 'man 5 ipsec_tncfg'.
-+ *
-+ * Revision 1.67 2001/05/04 16:34:52 rgb
-+ * Rremove erroneous checking of return codes for proc_net_* in 2.4.
-+ *
-+ * Revision 1.66 2001/05/03 19:40:34 rgb
-+ * Check error return codes in startup and shutdown.
-+ *
-+ * Revision 1.65 2001/02/28 05:03:27 rgb
-+ * Clean up and rationalise startup messages.
-+ *
-+ * Revision 1.64 2001/02/27 22:24:53 rgb
-+ * Re-formatting debug output (line-splitting, joining, 1arg/line).
-+ * Check for satoa() return codes.
-+ *
-+ * Revision 1.63 2000/11/29 20:14:06 rgb
-+ * Add src= to the output of /proc/net/ipsec_spi and delete dst from IPIP.
-+ *
-+ * Revision 1.62 2000/11/06 04:31:24 rgb
-+ * Ditched spin_lock_irqsave in favour of spin_lock_bh.
-+ * Fixed longlong for pre-2.4 kernels (Svenning).
-+ * Add Svenning's adaptive content compression.
-+ * Disabled registration of ipcomp handler.
-+ *
-+ * Revision 1.61 2000/10/11 13:37:54 rgb
-+ * #ifdef out debug print that causes proc/net/ipsec_version to oops.
-+ *
-+ * Revision 1.60 2000/09/20 03:59:01 rgb
-+ * Change static info functions to DEBUG_NO_STATIC to reveal function names
-+ * in oopsen.
-+ *
-+ * Revision 1.59 2000/09/16 01:06:26 rgb
-+ * Added cast of var to silence compiler warning about long fed to int
-+ * format.
-+ *
-+ * Revision 1.58 2000/09/15 11:37:01 rgb
-+ * Merge in heavily modified Svenning Soerensen's <svenning@post5.tele.dk>
-+ * IPCOMP zlib deflate code.
-+ *
-+ * Revision 1.57 2000/09/12 03:21:50 rgb
-+ * Moved radij_c_version printing to ipsec_version_get_info().
-+ * Reformatted ipsec_version_get_info().
-+ * Added sysctl_{,un}register() calls.
-+ *
-+ * Revision 1.56 2000/09/08 19:16:50 rgb
-+ * Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
-+ * Removed all references to CONFIG_IPSEC_PFKEYv2.
-+ *
-+ * Revision 1.55 2000/08/30 05:19:03 rgb
-+ * Cleaned up no longer used spi_next, netlink register/unregister, other
-+ * minor cleanup.
-+ * Removed cruft replaced by TDB_XFORM_NAME.
-+ * Removed all the rest of the references to tdb_spi, tdb_proto, tdb_dst.
-+ * Moved debug version strings to printk when /proc/net/ipsec_version is
-+ * called.
-+ *
-+ * Revision 1.54 2000/08/20 18:31:05 rgb
-+ * Changed cosmetic alignment in spi_info.
-+ * Changed addtime and usetime to use actual value which is relative
-+ * anyways, as intended. (Momchil)
-+ *
-+ * Revision 1.53 2000/08/18 17:37:03 rgb
-+ * Added an (int) cast to shut up the compiler...
-+ *
-+ * Revision 1.52 2000/08/01 14:51:50 rgb
-+ * Removed _all_ remaining traces of DES.
-+ *
-+ * Revision 1.51 2000/07/25 20:41:22 rgb
-+ * Removed duplicate parameter in spi_getinfo.
-+ *
-+ * Revision 1.50 2000/07/17 03:21:45 rgb
-+ * Removed /proc/net/ipsec_spinew.
-+ *
-+ * Revision 1.49 2000/06/28 05:46:51 rgb
-+ * Renamed ivlen to iv_bits for consistency.
-+ * Changed output of add and use times to be relative to now.
-+ *
-+ * Revision 1.48 2000/05/11 18:26:10 rgb
-+ * Commented out calls to netlink_attach/detach to avoid activating netlink
-+ * in the kenrel config.
-+ *
-+ * Revision 1.47 2000/05/10 22:35:26 rgb
-+ * Comment out most of the startup version information.
-+ *
-+ * Revision 1.46 2000/03/22 16:15:36 rgb
-+ * Fixed renaming of dev_get (MB).
-+ *
-+ * Revision 1.45 2000/03/16 06:40:48 rgb
-+ * Hardcode PF_KEYv2 support.
-+ *
-+ * Revision 1.44 2000/01/22 23:19:20 rgb
-+ * Simplified code to use existing macro TDB_XFORM_NAME().
-+ *
-+ * Revision 1.43 2000/01/21 06:14:04 rgb
-+ * Print individual stats only if non-zero.
-+ * Removed 'bits' from each keylength for brevity.
-+ * Shortened lifetimes legend for brevity.
-+ * Changed wording from 'last_used' to the clearer 'idle'.
-+ *
-+ * Revision 1.42 1999/12/31 14:57:19 rgb
-+ * MB fix for new dummy-less proc_get_info in 2.3.35.
-+ *
-+ *
-+ * Local variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_ipcomp.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,256 @@
-+/*
-+ * processing code for IPCOMP
-+ * Copyright (C) 2003 Michael Richardson <mcr@sandelman.ottawa.on.ca>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ */
-+
-+char ipsec_ipcomp_c_version[] = "RCSID $Id: ipsec_ipcomp.c,v 1.5.2.2 2006/10/06 21:39:26 paul Exp $";
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+
-+#define __NO_VERSION__
-+#include <linux/module.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "openswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/interrupt.h> /* mark_bh */
-+
-+#include <linux/netdevice.h> /* struct device, and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+#include <linux/skbuff.h>
-+#include <openswan.h>
-+#ifdef SPINLOCK
-+# ifdef SPINLOCK_23
-+# include <linux/spinlock.h> /* *lock* */
-+# else /* SPINLOCK_23 */
-+# include <asm/spinlock.h> /* *lock* */
-+# endif /* SPINLOCK_23 */
-+#endif /* SPINLOCK */
-+
-+#include <net/ip.h>
-+
-+#include "openswan/radij.h"
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_sa.h"
-+
-+#include "openswan/ipsec_radij.h"
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_tunnel.h"
-+#include "openswan/ipsec_rcv.h"
-+#include "openswan/ipsec_xmit.h"
-+
-+#include "openswan/ipsec_auth.h"
-+
-+#ifdef CONFIG_KLIPS_IPCOMP
-+#include "openswan/ipsec_ipcomp.h"
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+
-+#include "openswan/ipsec_proto.h"
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+int debug_ipcomp = 0;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+
-+#ifdef CONFIG_KLIPS_IPCOMP
-+enum ipsec_rcv_value
-+ipsec_rcv_ipcomp_checks(struct ipsec_rcv_state *irs,
-+ struct sk_buff *skb)
-+{
-+ int ipcompminlen;
-+
-+ ipcompminlen = sizeof(struct iphdr);
-+
-+ if(skb->len < (ipcompminlen + sizeof(struct ipcomphdr))) {
-+ KLIPS_PRINT(debug_rcv & DB_RX_INAU,
-+ "klips_debug:ipsec_rcv: "
-+ "runt comp packet of skb->len=%d received from %s, dropped.\n",
-+ skb->len,
-+ irs->ipsaddr_txt);
-+ if(irs->stats) {
-+ irs->stats->rx_errors++;
-+ }
-+ return IPSEC_RCV_BADLEN;
-+ }
-+
-+ irs->protostuff.ipcompstuff.compp = (struct ipcomphdr *)skb->h.raw;
-+ irs->said.spi = htonl((__u32)ntohs(irs->protostuff.ipcompstuff.compp->ipcomp_cpi));
-+ return IPSEC_RCV_OK;
-+}
-+
-+enum ipsec_rcv_value
-+ipsec_rcv_ipcomp_decomp(struct ipsec_rcv_state *irs)
-+{
-+ unsigned int flags = 0;
-+ struct ipsec_sa *ipsp = irs->ipsp;
-+ struct sk_buff *skb;
-+
-+ skb=irs->skb;
-+
-+ ipsec_xmit_dmp("ipcomp", skb->h.raw, skb->len);
-+
-+ if(ipsp == NULL) {
-+ return IPSEC_RCV_SAIDNOTFOUND;
-+ }
-+
-+ if(sysctl_ipsec_inbound_policy_check &&
-+ ((((ntohl(ipsp->ips_said.spi) & 0x0000ffff) != ntohl(irs->said.spi)) &&
-+ (ipsp->ips_encalg != ntohl(irs->said.spi)) /* this is a workaround for peer non-compliance with rfc2393 */
-+ ))) {
-+ char sa2[SATOT_BUF];
-+ size_t sa_len2 = 0;
-+
-+ sa_len2 = satot(&ipsp->ips_said, 0, sa2, sizeof(sa2));
-+
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "Incoming packet with SA(IPCA):%s does not match policy SA(IPCA):%s cpi=%04x cpi->spi=%08x spi=%08x, spi->cpi=%04x for SA grouping, dropped.\n",
-+ irs->sa_len ? irs->sa : " (error)",
-+ ipsp != NULL ? (sa_len2 ? sa2 : " (error)") : "NULL",
-+ ntohs(irs->protostuff.ipcompstuff.compp->ipcomp_cpi),
-+ (__u32)ntohl(irs->said.spi),
-+ ipsp != NULL ? (__u32)ntohl((ipsp->ips_said.spi)) : 0,
-+ ipsp != NULL ? (__u16)(ntohl(ipsp->ips_said.spi) & 0x0000ffff) : 0);
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ return IPSEC_RCV_SAIDNOTFOUND;
-+ }
-+
-+ ipsp->ips_comp_ratio_cbytes += ntohs(irs->ipp->tot_len);
-+ irs->next_header = irs->protostuff.ipcompstuff.compp->ipcomp_nh;
-+
-+ skb = skb_decompress(skb, ipsp, &flags);
-+ if (!skb || flags) {
-+ spin_unlock(&tdb_lock);
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "skb_decompress() returned error flags=%x, dropped.\n",
-+ flags);
-+ if (irs->stats) {
-+ if (flags)
-+ irs->stats->rx_errors++;
-+ else
-+ irs->stats->rx_dropped++;
-+ }
-+ return IPSEC_RCV_IPCOMPFAILED;
-+ }
-+
-+ /* make sure we update the pointer */
-+ irs->skb = skb;
-+
-+#ifdef NET_21
-+ irs->ipp = skb->nh.iph;
-+#else /* NET_21 */
-+ irs->ipp = skb->ip_hdr;
-+#endif /* NET_21 */
-+
-+ ipsp->ips_comp_ratio_dbytes += ntohs(irs->ipp->tot_len);
-+
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "packet decompressed SA(IPCA):%s cpi->spi=%08x spi=%08x, spi->cpi=%04x, nh=%d.\n",
-+ irs->sa_len ? irs->sa : " (error)",
-+ (__u32)ntohl(irs->said.spi),
-+ ipsp != NULL ? (__u32)ntohl((ipsp->ips_said.spi)) : 0,
-+ ipsp != NULL ? (__u16)(ntohl(ipsp->ips_said.spi) & 0x0000ffff) : 0,
-+ irs->next_header);
-+ KLIPS_IP_PRINT(debug_rcv & DB_RX_PKTRX, irs->ipp);
-+
-+ return IPSEC_RCV_OK;
-+}
-+
-+enum ipsec_xmit_value
-+ipsec_xmit_ipcomp_setup(struct ipsec_xmit_state *ixs)
-+{
-+ unsigned int flags = 0;
-+#ifdef CONFIG_KLIPS_DEBUG
-+ unsigned int old_tot_len = ntohs(ixs->iph->tot_len);
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ ixs->ipsp->ips_comp_ratio_dbytes += ntohs(ixs->iph->tot_len);
-+
-+ ixs->skb = skb_compress(ixs->skb, ixs->ipsp, &flags);
-+
-+#ifdef NET_21
-+ ixs->iph = ixs->skb->nh.iph;
-+#else /* NET_21 */
-+ ixs->iph = ixs->skb->ip_hdr;
-+#endif /* NET_21 */
-+
-+ ixs->ipsp->ips_comp_ratio_cbytes += ntohs(ixs->iph->tot_len);
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if (debug_tunnel & DB_TN_CROUT)
-+ {
-+ if (old_tot_len > ntohs(ixs->iph->tot_len))
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_encap_once: "
-+ "packet shrunk from %d to %d bytes after compression, cpi=%04x (should be from spi=%08x, spi&0xffff=%04x.\n",
-+ old_tot_len, ntohs(ixs->iph->tot_len),
-+ ntohs(((struct ipcomphdr*)(((char*)ixs->iph) + ((ixs->iph->ihl) << 2)))->ipcomp_cpi),
-+ ntohl(ixs->ipsp->ips_said.spi),
-+ (__u16)(ntohl(ixs->ipsp->ips_said.spi) & 0x0000ffff));
-+ else
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_encap_once: "
-+ "packet did not compress (flags = %d).\n",
-+ flags);
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ return IPSEC_XMIT_OK;
-+}
-+
-+struct xform_functions ipcomp_xform_funcs[]={
-+ {rcv_checks: ipsec_rcv_ipcomp_checks,
-+ rcv_decrypt: ipsec_rcv_ipcomp_decomp,
-+ xmit_setup: ipsec_xmit_ipcomp_setup,
-+ xmit_headroom: 0,
-+ xmit_needtailroom: 0,
-+ },
-+};
-+
-+#if 0
-+/* We probably don't want to install a pure IPCOMP protocol handler, but
-+ only want to handle IPCOMP if it is encapsulated inside an ESP payload
-+ (which is already handled) */
-+#ifdef CONFIG_KLIPS_IPCOMP
-+struct inet_protocol comp_protocol =
-+{
-+ ipsec_rcv, /* COMP handler */
-+ NULL, /* COMP error control */
-+#ifdef NETDEV_25
-+ 1, /* no policy */
-+#else
-+ 0, /* next */
-+ IPPROTO_COMP, /* protocol ID */
-+ 0, /* copy */
-+ NULL, /* data */
-+ "COMP" /* name */
-+#endif
-+};
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+#endif
-+
-+#endif /* CONFIG_KLIPS_IPCOMP */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_ipip.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,122 @@
-+/*
-+ * processing code for IPIP
-+ * Copyright (C) 2003 Michael Richardson <mcr@sandelman.ottawa.on.ca>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ */
-+
-+char ipsec_ipip_c_version[] = "RCSID $Id: ipsec_ipip.c,v 1.3.2.3 2006/10/06 21:39:26 paul Exp $";
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+
-+#define __NO_VERSION__
-+#include <linux/module.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "openswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/interrupt.h> /* mark_bh */
-+
-+#include <linux/netdevice.h> /* struct device, and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+#include <linux/skbuff.h>
-+#include <openswan.h>
-+#ifdef SPINLOCK
-+# ifdef SPINLOCK_23
-+# include <linux/spinlock.h> /* *lock* */
-+# else /* SPINLOCK_23 */
-+# include <asm/spinlock.h> /* *lock* */
-+# endif /* SPINLOCK_23 */
-+#endif /* SPINLOCK */
-+
-+#include <net/ip.h>
-+
-+#include "openswan/radij.h"
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_sa.h"
-+
-+#include "openswan/ipsec_radij.h"
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_tunnel.h"
-+#include "openswan/ipsec_rcv.h"
-+#include "openswan/ipsec_xmit.h"
-+
-+#include "openswan/ipsec_auth.h"
-+#include "openswan/ipsec_ipip.h"
-+#include "openswan/ipsec_param.h"
-+
-+#include "openswan/ipsec_proto.h"
-+
-+enum ipsec_xmit_value
-+ipsec_xmit_ipip_setup(struct ipsec_xmit_state *ixs)
-+{
-+ ixs->iph->version = 4;
-+
-+ switch(sysctl_ipsec_tos) {
-+ case 0:
-+#ifdef NET_21
-+ ixs->iph->tos = ixs->skb->nh.iph->tos;
-+#else /* NET_21 */
-+ ixs->iph->tos = ixs->skb->ip_hdr->tos;
-+#endif /* NET_21 */
-+ break;
-+ case 1:
-+ ixs->iph->tos = 0;
-+ break;
-+ default:
-+ break;
-+ }
-+ ixs->iph->ttl = SYSCTL_IPSEC_DEFAULT_TTL;
-+ ixs->iph->frag_off = 0;
-+ ixs->iph->saddr = ((struct sockaddr_in*)(ixs->ipsp->ips_addr_s))->sin_addr.s_addr;
-+ ixs->iph->daddr = ((struct sockaddr_in*)(ixs->ipsp->ips_addr_d))->sin_addr.s_addr;
-+ ixs->iph->protocol = IPPROTO_IPIP;
-+ ixs->iph->ihl = sizeof(struct iphdr) >> 2;
-+
-+ KLIPS_IP_SELECT_IDENT(ixs->iph, ixs->skb);
-+
-+ ixs->newdst = (__u32)ixs->iph->daddr;
-+ ixs->newsrc = (__u32)ixs->iph->saddr;
-+
-+#ifdef NET_21
-+ ixs->skb->h.ipiph = ixs->skb->nh.iph;
-+#endif /* NET_21 */
-+ return IPSEC_XMIT_OK;
-+}
-+
-+struct xform_functions ipip_xform_funcs[]={
-+ { rcv_checks: NULL,
-+ rcv_setup_auth: NULL,
-+ rcv_calc_auth: NULL,
-+ rcv_decrypt: NULL,
-+
-+ xmit_setup: ipsec_xmit_ipip_setup,
-+ xmit_headroom: sizeof(struct iphdr),
-+ xmit_needtailroom: 0,
-+ },
-+};
-+
-+
-+
-+
-+
-+
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_kern24.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,74 @@
-+/*
-+ * Copyright 2005 (C) Michael Richardson <mcr@xelerance.com>
-+ *
-+ * This is a file of functions which are present in 2.6 kernels,
-+ * but are not available by default in the 2.4 series.
-+ *
-+ * As such this code is usually from the Linux kernel, and is covered by
-+ * GPL.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * $Id: ipsec_kern24.c,v 1.2 2005/05/20 03:19:18 mcr Exp $
-+ *
-+ */
-+
-+#include <linux/kernel.h>
-+#include <linux/mm.h>
-+#include <linux/spinlock.h>
-+
-+/*
-+ * printk rate limiting, lifted from the networking subsystem.
-+ *
-+ * This enforces a rate limit: not more than one kernel message
-+ * every printk_ratelimit_jiffies to make a denial-of-service
-+ * attack impossible.
-+ */
-+static spinlock_t ratelimit_lock = SPIN_LOCK_UNLOCKED;
-+
-+int __printk_ratelimit(int ratelimit_jiffies, int ratelimit_burst)
-+{
-+ static unsigned long toks = 10*5*HZ;
-+ static unsigned long last_msg;
-+ static int missed;
-+ unsigned long flags;
-+ unsigned long now = jiffies;
-+
-+ spin_lock_irqsave(&ratelimit_lock, flags);
-+ toks += now - last_msg;
-+ last_msg = now;
-+ if (toks > (ratelimit_burst * ratelimit_jiffies))
-+ toks = ratelimit_burst * ratelimit_jiffies;
-+ if (toks >= ratelimit_jiffies) {
-+ int lost = missed;
-+ missed = 0;
-+ toks -= ratelimit_jiffies;
-+ spin_unlock_irqrestore(&ratelimit_lock, flags);
-+ if (lost)
-+ printk(KERN_WARNING "printk: %d messages suppressed.\n", lost);
-+ return 1;
-+ }
-+ missed++;
-+ spin_unlock_irqrestore(&ratelimit_lock, flags);
-+ return 0;
-+}
-+
-+/* minimum time in jiffies between messages */
-+int printk_ratelimit_jiffies = 5*HZ;
-+
-+/* number of messages we send before ratelimiting */
-+int printk_ratelimit_burst = 10;
-+
-+int printk_ratelimit(void)
-+{
-+ return __printk_ratelimit(printk_ratelimit_jiffies,
-+ printk_ratelimit_burst);
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_life.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,273 @@
-+/*
-+ * @(#) lifetime structure utilities
-+ *
-+ * Copyright (C) 2001 Richard Guy Briggs <rgb@freeswan.org>
-+ * and Michael Richardson <mcr@freeswan.org>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_life.c,v 1.13.10.1 2006/10/06 21:39:26 paul Exp $
-+ *
-+ */
-+
-+/*
-+ * This provides series of utility functions for dealing with lifetime
-+ * structures.
-+ *
-+ * ipsec_check_lifetime - returns -1 hard lifetime exceeded
-+ * 0 soft lifetime exceeded
-+ * 1 everything is okay
-+ * based upon whether or not the count exceeds hard/soft
-+ *
-+ */
-+
-+#define __NO_VERSION__
-+#include <linux/module.h>
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif /* for CONFIG_IP_FORWARD */
-+#include <linux/version.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "openswan/ipsec_param.h"
-+
-+#include <linux/netdevice.h> /* struct device, struct net_device_stats and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/skbuff.h>
-+#include <openswan.h>
-+
-+#include "openswan/radij.h"
-+#include "openswan/ipsec_life.h"
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_eroute.h"
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_radij.h"
-+
-+#include "openswan/ipsec_sa.h"
-+#include "openswan/ipsec_tunnel.h"
-+#include "openswan/ipsec_ipe4.h"
-+#include "openswan/ipsec_ah.h"
-+#include "openswan/ipsec_esp.h"
-+
-+#ifdef CONFIG_KLIPS_IPCOMP
-+#include "openswan/ipcomp.h"
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+#include "openswan/ipsec_proto.h"
-+
-+
-+enum ipsec_life_alive
-+ipsec_lifetime_check(struct ipsec_lifetime64 *il64,
-+ const char *lifename,
-+ const char *saname,
-+ enum ipsec_life_type ilt,
-+ enum ipsec_direction idir,
-+ struct ipsec_sa *ips)
-+{
-+ __u64 count;
-+ const char *dir;
-+
-+ if(saname == NULL) {
-+ saname = "unknown-SA";
-+ }
-+
-+ if(idir == ipsec_incoming) {
-+ dir = "incoming";
-+ } else {
-+ dir = "outgoing";
-+ }
-+
-+
-+ if(ilt == ipsec_life_timebased) {
-+ count = jiffies/HZ - il64->ipl_count;
-+ } else {
-+ count = il64->ipl_count;
-+ }
-+
-+ if(il64->ipl_hard &&
-+ (count > il64->ipl_hard)) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_lifetime_check: "
-+ "hard %s lifetime of SA:<%s%s%s> %s has been reached, SA expired, "
-+ "%s packet dropped.\n",
-+ lifename,
-+ IPS_XFORM_NAME(ips),
-+ saname,
-+ dir);
-+
-+ pfkey_expire(ips, 1);
-+ return ipsec_life_harddied;
-+ }
-+
-+ if(il64->ipl_soft &&
-+ (count > il64->ipl_soft)) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_lifetime_check: "
-+ "soft %s lifetime of SA:<%s%s%s> %s has been reached, SA expiring, "
-+ "soft expire message sent up, %s packet still processed.\n",
-+ lifename,
-+ IPS_XFORM_NAME(ips),
-+ saname,
-+ dir);
-+
-+ if(ips->ips_state != SADB_SASTATE_DYING) {
-+ pfkey_expire(ips, 0);
-+ }
-+ ips->ips_state = SADB_SASTATE_DYING;
-+
-+ return ipsec_life_softdied;
-+ }
-+ return ipsec_life_okay;
-+}
-+
-+
-+/*
-+ * This function takes a buffer (with length), a lifetime name and type,
-+ * and formats a string to represent the current values of the lifetime.
-+ *
-+ * It returns the number of bytes that the format took (or would take,
-+ * if the buffer were large enough: snprintf semantics).
-+ * This is used in /proc routines and in debug output.
-+ */
-+int
-+ipsec_lifetime_format(char *buffer,
-+ int buflen,
-+ char *lifename,
-+ enum ipsec_life_type timebaselife,
-+ struct ipsec_lifetime64 *lifetime)
-+{
-+ int len = 0;
-+ __u64 count;
-+
-+ if(timebaselife == ipsec_life_timebased) {
-+ count = jiffies/HZ - lifetime->ipl_count;
-+ } else {
-+ count = lifetime->ipl_count;
-+ }
-+
-+ if(lifetime->ipl_count > 1 ||
-+ lifetime->ipl_soft ||
-+ lifetime->ipl_hard) {
-+#if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,3,0))
-+ len = ipsec_snprintf(buffer, buflen,
-+ "%s(%Lu,%Lu,%Lu)",
-+ lifename,
-+ count,
-+ lifetime->ipl_soft,
-+ lifetime->ipl_hard);
-+#else /* XXX high 32 bits are not displayed */
-+ len = ipsec_snprintf(buffer, buflen,
-+ "%s(%lu,%lu,%lu)",
-+ lifename,
-+ (unsigned long)count,
-+ (unsigned long)lifetime->ipl_soft,
-+ (unsigned long)lifetime->ipl_hard);
-+#endif
-+ }
-+
-+ return len;
-+}
-+
-+void
-+ipsec_lifetime_update_hard(struct ipsec_lifetime64 *lifetime,
-+ __u64 newvalue)
-+{
-+ if(newvalue &&
-+ (!lifetime->ipl_hard ||
-+ (newvalue < lifetime->ipl_hard))) {
-+ lifetime->ipl_hard = newvalue;
-+
-+ if(!lifetime->ipl_soft &&
-+ (lifetime->ipl_hard < lifetime->ipl_soft)) {
-+ lifetime->ipl_soft = lifetime->ipl_hard;
-+ }
-+ }
-+}
-+
-+void
-+ipsec_lifetime_update_soft(struct ipsec_lifetime64 *lifetime,
-+ __u64 newvalue)
-+{
-+ if(newvalue &&
-+ (!lifetime->ipl_soft ||
-+ (newvalue < lifetime->ipl_soft))) {
-+ lifetime->ipl_soft = newvalue;
-+
-+ if(lifetime->ipl_hard &&
-+ (lifetime->ipl_hard < lifetime->ipl_soft)) {
-+ lifetime->ipl_soft = lifetime->ipl_hard;
-+ }
-+ }
-+}
-+
-+
-+/*
-+ * $Log: ipsec_life.c,v $
-+ * Revision 1.13.10.1 2006/10/06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.13 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.12 2004/04/23 20:44:35 ken
-+ * Update comments
-+ *
-+ * Revision 1.11 2004/04/06 02:49:26 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.10 2004/03/30 11:03:10 paul
-+ * two more occurances of snprintf, found by Sam from a users oops msg.
-+ *
-+ * Revision 1.9 2003/10/31 02:27:55 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.8.4.1 2003/10/29 01:30:41 mcr
-+ * elimited "struct sa_id".
-+ *
-+ * Revision 1.8 2003/02/06 02:00:10 rgb
-+ * Fixed incorrect debugging text label
-+ *
-+ * Revision 1.7 2002/05/23 07:16:26 rgb
-+ * Fixed absolute/relative reference to lifetime count printout.
-+ *
-+ * Revision 1.6 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.5 2002/04/24 07:36:28 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_life.c,v
-+ *
-+ * Revision 1.4 2002/01/29 17:17:55 mcr
-+ * moved include of ipsec_param.h to after include of linux/kernel.h
-+ * otherwise, it seems that some option that is set in ipsec_param.h
-+ * screws up something subtle in the include path to kernel.h, and
-+ * it complains on the snprintf() prototype.
-+ *
-+ * Revision 1.3 2002/01/29 02:13:17 mcr
-+ * introduction of ipsec_kversion.h means that include of
-+ * ipsec_param.h must preceed any decisions about what files to
-+ * include to deal with differences in kernel source.
-+ *
-+ * Revision 1.2 2001/11/26 09:16:14 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.1.2.1 2001/09/25 02:25:57 mcr
-+ * lifetime structure created and common functions created.
-+ *
-+ * Local variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_mast.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,1099 @@
-+/*
-+ * IPSEC MAST code.
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ */
-+
-+char ipsec_mast_c_version[] = "RCSID $Id: ipsec_mast.c,v 1.7.2.1 2006/10/06 21:39:26 paul Exp $";
-+
-+#define __NO_VERSION__
-+#include <linux/module.h>
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif /* for CONFIG_IP_FORWARD */
-+#include <linux/version.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "freeswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/interrupt.h> /* mark_bh */
-+
-+#include <linux/netdevice.h> /* struct device, struct net_device_stats, dev_queue_xmit() and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+#include <linux/tcp.h> /* struct tcphdr */
-+#include <linux/udp.h> /* struct udphdr */
-+#include <linux/skbuff.h>
-+#include <freeswan.h>
-+#include <linux/in6.h>
-+#include <net/dst.h>
-+#undef dev_kfree_skb
-+#define dev_kfree_skb(a,b) kfree_skb(a)
-+#define PHYSDEV_TYPE
-+#include <net/icmp.h> /* icmp_send() */
-+#include <net/ip.h>
-+#include <linux/netfilter_ipv4.h>
-+
-+#include <linux/if_arp.h>
-+
-+#include "freeswan/radij.h"
-+#include "freeswan/ipsec_life.h"
-+#include "freeswan/ipsec_xform.h"
-+#include "freeswan/ipsec_eroute.h"
-+#include "freeswan/ipsec_encap.h"
-+#include "freeswan/ipsec_radij.h"
-+#include "freeswan/ipsec_sa.h"
-+#include "freeswan/ipsec_tunnel.h"
-+#include "freeswan/ipsec_mast.h"
-+#include "freeswan/ipsec_ipe4.h"
-+#include "freeswan/ipsec_ah.h"
-+#include "freeswan/ipsec_esp.h"
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+#include "freeswan/ipsec_proto.h"
-+
-+int ipsec_maxdevice_count = -1;
-+
-+DEBUG_NO_STATIC int
-+ipsec_mast_open(struct net_device *dev)
-+{
-+ struct ipsecpriv *prv = dev->priv;
-+
-+ /*
-+ * Can't open until attached.
-+ */
-+
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_open: "
-+ "dev = %s, prv->dev = %s\n",
-+ dev->name, prv->dev?prv->dev->name:"NONE");
-+
-+ if (prv->dev == NULL)
-+ return -ENODEV;
-+
-+ KLIPS_INC_USE;
-+ return 0;
-+}
-+
-+DEBUG_NO_STATIC int
-+ipsec_mast_close(struct net_device *dev)
-+{
-+ KLIPS_DEC_USE;
-+ return 0;
-+}
-+
-+static inline int ipsec_mast_xmit2(struct sk_buff *skb)
-+{
-+ return ip_send(skb);
-+}
-+
-+enum ipsec_xmit_value
-+ipsec_mast_send(struct ipsec_xmit_state*ixs)
-+{
-+ /* new route/dst cache code from James Morris */
-+ ixs->skb->dev = ixs->physdev;
-+ /*skb_orphan(ixs->skb);*/
-+ if((ixs->error = ip_route_output(&ixs->route,
-+ ixs->skb->nh.iph->daddr,
-+ ixs->pass ? 0 : ixs->skb->nh.iph->saddr,
-+ RT_TOS(ixs->skb->nh.iph->tos),
-+ ixs->physdev->iflink /* rgb: should this be 0? */))) {
-+ ixs->stats->tx_errors++;
-+ KLIPS_PRINT(debug_mast & DB_MAST_XMIT,
-+ "klips_debug:ipsec_xmit_send: "
-+ "ip_route_output failed with error code %d, rt->u.dst.dev=%s, dropped\n",
-+ ixs->error,
-+ ixs->route->u.dst.dev->name);
-+ return IPSEC_XMIT_ROUTEERR;
-+ }
-+ if(ixs->dev == ixs->route->u.dst.dev) {
-+ ip_rt_put(ixs->route);
-+ /* This is recursion, drop it. */
-+ ixs->stats->tx_errors++;
-+ KLIPS_PRINT(debug_mast & DB_MAST_XMIT,
-+ "klips_debug:ipsec_xmit_send: "
-+ "suspect recursion, dev=rt->u.dst.dev=%s, dropped\n",
-+ ixs->dev->name);
-+ return IPSEC_XMIT_RECURSDETECT;
-+ }
-+ dst_release(ixs->skb->dst);
-+ ixs->skb->dst = &ixs->route->u.dst;
-+ ixs->stats->tx_bytes += ixs->skb->len;
-+ if(ixs->skb->len < ixs->skb->nh.raw - ixs->skb->data) {
-+ ixs->stats->tx_errors++;
-+ printk(KERN_WARNING
-+ "klips_error:ipsec_xmit_send: "
-+ "tried to __skb_pull nh-data=%ld, %d available. This should never happen, please report.\n",
-+ (unsigned long)(ixs->skb->nh.raw - ixs->skb->data),
-+ ixs->skb->len);
-+ return IPSEC_XMIT_PUSHPULLERR;
-+ }
-+ __skb_pull(ixs->skb, ixs->skb->nh.raw - ixs->skb->data);
-+#ifdef SKB_RESET_NFCT
-+ nf_conntrack_put(ixs->skb->nfct);
-+ ixs->skb->nfct = NULL;
-+#ifdef CONFIG_NETFILTER_DEBUG
-+ ixs->skb->nf_debug = 0;
-+#endif /* CONFIG_NETFILTER_DEBUG */
-+#endif /* SKB_RESET_NFCT */
-+ KLIPS_PRINT(debug_mast & DB_MAST_XMIT,
-+ "klips_debug:ipsec_xmit_send: "
-+ "...done, calling ip_send() on device:%s\n",
-+ ixs->skb->dev ? ixs->skb->dev->name : "NULL");
-+ KLIPS_IP_PRINT(debug_mast & DB_MAST_XMIT, ixs->skb->nh.iph);
-+ {
-+ int err;
-+
-+ err = NF_HOOK(PF_INET, NF_IP_LOCAL_OUT, ixs->skb, NULL, ixs->route->u.dst.dev,
-+ ipsec_mast_xmit2);
-+ if(err != NET_XMIT_SUCCESS && err != NET_XMIT_CN) {
-+ if(net_ratelimit())
-+ printk(KERN_ERR
-+ "klips_error:ipsec_xmit_send: "
-+ "ip_send() failed, err=%d\n",
-+ -err);
-+ ixs->stats->tx_errors++;
-+ ixs->stats->tx_aborted_errors++;
-+ ixs->skb = NULL;
-+ return IPSEC_XMIT_IPSENDFAILURE;
-+ }
-+ }
-+ ixs->stats->tx_packets++;
-+
-+ ixs->skb = NULL;
-+
-+ return IPSEC_XMIT_OK;
-+}
-+
-+void
-+ipsec_mast_cleanup(struct ipsec_xmit_state*ixs)
-+{
-+#if defined(HAS_NETIF_QUEUE) || defined (HAVE_NETIF_QUEUE)
-+ netif_wake_queue(ixs->dev);
-+#else /* defined(HAS_NETIF_QUEUE) || defined (HAVE_NETIF_QUEUE) */
-+ ixs->dev->tbusy = 0;
-+#endif /* defined(HAS_NETIF_QUEUE) || defined (HAVE_NETIF_QUEUE) */
-+ if(ixs->saved_header) {
-+ kfree(ixs->saved_header);
-+ }
-+ if(ixs->skb) {
-+ dev_kfree_skb(ixs->skb, FREE_WRITE);
-+ }
-+ if(ixs->oskb) {
-+ dev_kfree_skb(ixs->oskb, FREE_WRITE);
-+ }
-+ if (ixs->ips.ips_ident_s.data) {
-+ kfree(ixs->ips.ips_ident_s.data);
-+ }
-+ if (ixs->ips.ips_ident_d.data) {
-+ kfree(ixs->ips.ips_ident_d.data);
-+ }
-+}
-+
-+#if 0
-+/*
-+ * This function assumes it is being called from dev_queue_xmit()
-+ * and that skb is filled properly by that function.
-+ */
-+int
-+ipsec_mast_start_xmit(struct sk_buff *skb, struct net_device *dev, IPsecSAref_t SAref)
-+{
-+ struct ipsec_xmit_state ixs_mem;
-+ struct ipsec_xmit_state *ixs = &ixs_mem;
-+ enum ipsec_xmit_value stat = IPSEC_XMIT_OK;
-+
-+ /* dev could be a mast device, but should be optional, I think... */
-+ /* SAref is also optional, but one of the two must be present. */
-+ /* I wonder if it could accept no device or saref and guess? */
-+
-+/* ipsec_xmit_sanity_check_dev(ixs); */
-+
-+ ipsec_xmit_sanity_check_skb(ixs);
-+
-+ ipsec_xmit_adjust_hard_header(ixs);
-+
-+ stat = ipsec_xmit_encap_bundle(ixs);
-+ if(stat != IPSEC_XMIT_OK) {
-+ /* SA processing failed */
-+ }
-+
-+ ipsec_xmit_hard_header_restore();
-+}
-+#endif
-+
-+DEBUG_NO_STATIC struct net_device_stats *
-+ipsec_mast_get_stats(struct net_device *dev)
-+{
-+ return &(((struct ipsecpriv *)(dev->priv))->mystats);
-+}
-+
-+/*
-+ * Revectored calls.
-+ * For each of these calls, a field exists in our private structure.
-+ */
-+
-+DEBUG_NO_STATIC int
-+ipsec_mast_hard_header(struct sk_buff *skb, struct net_device *dev,
-+ unsigned short type, void *daddr, void *saddr, unsigned len)
-+{
-+ struct ipsecpriv *prv = dev->priv;
-+ struct net_device *tmp;
-+ int ret;
-+ struct net_device_stats *stats; /* This device's statistics */
-+
-+ if(skb == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_hard_header: "
-+ "no skb...\n");
-+ return -ENODATA;
-+ }
-+
-+ if(dev == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_hard_header: "
-+ "no device...\n");
-+ return -ENODEV;
-+ }
-+
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_hard_header: "
-+ "skb->dev=%s dev=%s.\n",
-+ skb->dev ? skb->dev->name : "NULL",
-+ dev->name);
-+
-+ if(prv == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_hard_header: "
-+ "no private space associated with dev=%s\n",
-+ dev->name ? dev->name : "NULL");
-+ return -ENODEV;
-+ }
-+
-+ stats = (struct net_device_stats *) &(prv->mystats);
-+
-+ if(prv->dev == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_hard_header: "
-+ "no physical device associated with dev=%s\n",
-+ dev->name ? dev->name : "NULL");
-+ stats->tx_dropped++;
-+ return -ENODEV;
-+ }
-+
-+ /* check if we have to send a IPv6 packet. It might be a Router
-+ Solicitation, where the building of the packet happens in
-+ reverse order:
-+ 1. ll hdr,
-+ 2. IPv6 hdr,
-+ 3. ICMPv6 hdr
-+ -> skb->nh.raw is still uninitialized when this function is
-+ called!! If this is no IPv6 packet, we can print debugging
-+ messages, otherwise we skip all debugging messages and just
-+ build the ll header */
-+ if(type != ETH_P_IPV6) {
-+ /* execute this only, if we don't have to build the
-+ header for a IPv6 packet */
-+ if(!prv->hard_header) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_hard_header: "
-+ "physical device has been detached, packet dropped 0p%p->0p%p len=%d type=%d dev=%s->NULL ",
-+ saddr,
-+ daddr,
-+ len,
-+ type,
-+ dev->name);
-+ KLIPS_PRINTMORE(debug_mast & DB_MAST_REVEC,
-+ "ip=%08x->%08x\n",
-+ (__u32)ntohl(skb->nh.iph->saddr),
-+ (__u32)ntohl(skb->nh.iph->daddr) );
-+ stats->tx_dropped++;
-+ return -ENODEV;
-+ }
-+
-+#define da ((struct net_device *)(prv->dev))->dev_addr
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_hard_header: "
-+ "Revectored 0p%p->0p%p len=%d type=%d dev=%s->%s dev_addr=%02x:%02x:%02x:%02x:%02x:%02x ",
-+ saddr,
-+ daddr,
-+ len,
-+ type,
-+ dev->name,
-+ prv->dev->name,
-+ da[0], da[1], da[2], da[3], da[4], da[5]);
-+ KLIPS_PRINTMORE(debug_mast & DB_MAST_REVEC,
-+ "ip=%08x->%08x\n",
-+ (__u32)ntohl(skb->nh.iph->saddr),
-+ (__u32)ntohl(skb->nh.iph->daddr) );
-+ } else {
-+ KLIPS_PRINT(debug_mast,
-+ "klips_debug:ipsec_mast_hard_header: "
-+ "is IPv6 packet, skip debugging messages, only revector and build linklocal header.\n");
-+ }
-+ tmp = skb->dev;
-+ skb->dev = prv->dev;
-+ ret = prv->hard_header(skb, prv->dev, type, (void *)daddr, (void *)saddr, len);
-+ skb->dev = tmp;
-+ return ret;
-+}
-+
-+DEBUG_NO_STATIC int
-+ipsec_mast_rebuild_header(struct sk_buff *skb)
-+{
-+ struct ipsecpriv *prv = skb->dev->priv;
-+ struct net_device *tmp;
-+ int ret;
-+ struct net_device_stats *stats; /* This device's statistics */
-+
-+ if(skb->dev == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_rebuild_header: "
-+ "no device...");
-+ return -ENODEV;
-+ }
-+
-+ if(prv == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_rebuild_header: "
-+ "no private space associated with dev=%s",
-+ skb->dev->name ? skb->dev->name : "NULL");
-+ return -ENODEV;
-+ }
-+
-+ stats = (struct net_device_stats *) &(prv->mystats);
-+
-+ if(prv->dev == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_rebuild_header: "
-+ "no physical device associated with dev=%s",
-+ skb->dev->name ? skb->dev->name : "NULL");
-+ stats->tx_dropped++;
-+ return -ENODEV;
-+ }
-+
-+ if(!prv->rebuild_header) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_rebuild_header: "
-+ "physical device has been detached, packet dropped skb->dev=%s->NULL ",
-+ skb->dev->name);
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "ip=%08x->%08x\n",
-+ (__u32)ntohl(skb->nh.iph->saddr),
-+ (__u32)ntohl(skb->nh.iph->daddr) );
-+ stats->tx_dropped++;
-+ return -ENODEV;
-+ }
-+
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast: "
-+ "Revectored rebuild_header dev=%s->%s ",
-+ skb->dev->name, prv->dev->name);
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "ip=%08x->%08x\n",
-+ (__u32)ntohl(skb->nh.iph->saddr),
-+ (__u32)ntohl(skb->nh.iph->daddr) );
-+ tmp = skb->dev;
-+ skb->dev = prv->dev;
-+
-+ ret = prv->rebuild_header(skb);
-+ skb->dev = tmp;
-+ return ret;
-+}
-+
-+DEBUG_NO_STATIC int
-+ipsec_mast_set_mac_address(struct net_device *dev, void *addr)
-+{
-+ struct ipsecpriv *prv = dev->priv;
-+
-+ struct net_device_stats *stats; /* This device's statistics */
-+
-+ if(dev == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_set_mac_address: "
-+ "no device...");
-+ return -ENODEV;
-+ }
-+
-+ if(prv == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_set_mac_address: "
-+ "no private space associated with dev=%s",
-+ dev->name ? dev->name : "NULL");
-+ return -ENODEV;
-+ }
-+
-+ stats = (struct net_device_stats *) &(prv->mystats);
-+
-+ if(prv->dev == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_set_mac_address: "
-+ "no physical device associated with dev=%s",
-+ dev->name ? dev->name : "NULL");
-+ stats->tx_dropped++;
-+ return -ENODEV;
-+ }
-+
-+ if(!prv->set_mac_address) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_set_mac_address: "
-+ "physical device has been detached, cannot set - skb->dev=%s->NULL\n",
-+ dev->name);
-+ return -ENODEV;
-+ }
-+
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_set_mac_address: "
-+ "Revectored dev=%s->%s addr=0p%p\n",
-+ dev->name, prv->dev->name, addr);
-+ return prv->set_mac_address(prv->dev, addr);
-+
-+}
-+
-+DEBUG_NO_STATIC void
-+ipsec_mast_cache_update(struct hh_cache *hh, struct net_device *dev, unsigned char * haddr)
-+{
-+ struct ipsecpriv *prv = dev->priv;
-+
-+ struct net_device_stats *stats; /* This device's statistics */
-+
-+ if(dev == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_cache_update: "
-+ "no device...");
-+ return;
-+ }
-+
-+ if(prv == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_cache_update: "
-+ "no private space associated with dev=%s",
-+ dev->name ? dev->name : "NULL");
-+ return;
-+ }
-+
-+ stats = (struct net_device_stats *) &(prv->mystats);
-+
-+ if(prv->dev == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_cache_update: "
-+ "no physical device associated with dev=%s",
-+ dev->name ? dev->name : "NULL");
-+ stats->tx_dropped++;
-+ return;
-+ }
-+
-+ if(!prv->header_cache_update) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_cache_update: "
-+ "physical device has been detached, cannot set - skb->dev=%s->NULL\n",
-+ dev->name);
-+ return;
-+ }
-+
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast: "
-+ "Revectored cache_update\n");
-+ prv->header_cache_update(hh, prv->dev, haddr);
-+ return;
-+}
-+
-+DEBUG_NO_STATIC int
-+ipsec_mast_neigh_setup(struct neighbour *n)
-+{
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_neigh_setup:\n");
-+
-+ if (n->nud_state == NUD_NONE) {
-+ n->ops = &arp_broken_ops;
-+ n->output = n->ops->output;
-+ }
-+ return 0;
-+}
-+
-+DEBUG_NO_STATIC int
-+ipsec_mast_neigh_setup_dev(struct net_device *dev, struct neigh_parms *p)
-+{
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_neigh_setup_dev: "
-+ "setting up %s\n",
-+ dev ? dev->name : "NULL");
-+
-+ if (p->tbl->family == AF_INET) {
-+ p->neigh_setup = ipsec_mast_neigh_setup;
-+ p->ucast_probes = 0;
-+ p->mcast_probes = 0;
-+ }
-+ return 0;
-+}
-+
-+/*
-+ * We call the attach routine to attach another device.
-+ */
-+
-+DEBUG_NO_STATIC int
-+ipsec_mast_attach(struct net_device *dev, struct net_device *physdev)
-+{
-+ int i;
-+ struct ipsecpriv *prv = dev->priv;
-+
-+ if(dev == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_attach: "
-+ "no device...");
-+ return -ENODEV;
-+ }
-+
-+ if(prv == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_attach: "
-+ "no private space associated with dev=%s",
-+ dev->name ? dev->name : "NULL");
-+ return -ENODATA;
-+ }
-+
-+ prv->dev = physdev;
-+ prv->hard_start_xmit = physdev->hard_start_xmit;
-+ prv->get_stats = physdev->get_stats;
-+
-+ if (physdev->hard_header) {
-+ prv->hard_header = physdev->hard_header;
-+ dev->hard_header = ipsec_mast_hard_header;
-+ } else
-+ dev->hard_header = NULL;
-+
-+ if (physdev->rebuild_header) {
-+ prv->rebuild_header = physdev->rebuild_header;
-+ dev->rebuild_header = ipsec_mast_rebuild_header;
-+ } else
-+ dev->rebuild_header = NULL;
-+
-+ if (physdev->set_mac_address) {
-+ prv->set_mac_address = physdev->set_mac_address;
-+ dev->set_mac_address = ipsec_mast_set_mac_address;
-+ } else
-+ dev->set_mac_address = NULL;
-+
-+ if (physdev->header_cache_update) {
-+ prv->header_cache_update = physdev->header_cache_update;
-+ dev->header_cache_update = ipsec_mast_cache_update;
-+ } else
-+ dev->header_cache_update = NULL;
-+
-+ dev->hard_header_len = physdev->hard_header_len;
-+
-+/* prv->neigh_setup = physdev->neigh_setup; */
-+ dev->neigh_setup = ipsec_mast_neigh_setup_dev;
-+ dev->mtu = 16260; /* 0xfff0; */ /* dev->mtu; */
-+ prv->mtu = physdev->mtu;
-+
-+#ifdef PHYSDEV_TYPE
-+ dev->type = physdev->type; /* ARPHRD_MAST; */
-+#endif /* PHYSDEV_TYPE */
-+
-+ dev->addr_len = physdev->addr_len;
-+ for (i=0; i<dev->addr_len; i++) {
-+ dev->dev_addr[i] = physdev->dev_addr[i];
-+ }
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(debug_mast & DB_MAST_INIT) {
-+ printk(KERN_INFO "klips_debug:ipsec_mast_attach: "
-+ "physical device %s being attached has HW address: %2x",
-+ physdev->name, physdev->dev_addr[0]);
-+ for (i=1; i < physdev->addr_len; i++) {
-+ printk(":%02x", physdev->dev_addr[i]);
-+ }
-+ printk("\n");
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ return 0;
-+}
-+
-+/*
-+ * We call the detach routine to detach the ipsec mast from another device.
-+ */
-+
-+DEBUG_NO_STATIC int
-+ipsec_mast_detach(struct net_device *dev)
-+{
-+ int i;
-+ struct ipsecpriv *prv = dev->priv;
-+
-+ if(dev == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_detach: "
-+ "no device...");
-+ return -ENODEV;
-+ }
-+
-+ if(prv == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_REVEC,
-+ "klips_debug:ipsec_mast_detach: "
-+ "no private space associated with dev=%s",
-+ dev->name ? dev->name : "NULL");
-+ return -ENODATA;
-+ }
-+
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_detach: "
-+ "physical device %s being detached from virtual device %s\n",
-+ prv->dev ? prv->dev->name : "NULL",
-+ dev->name);
-+
-+ prv->dev = NULL;
-+ prv->hard_start_xmit = NULL;
-+ prv->get_stats = NULL;
-+
-+ prv->hard_header = NULL;
-+#ifdef DETACH_AND_DOWN
-+ dev->hard_header = NULL;
-+#endif /* DETACH_AND_DOWN */
-+
-+ prv->rebuild_header = NULL;
-+#ifdef DETACH_AND_DOWN
-+ dev->rebuild_header = NULL;
-+#endif /* DETACH_AND_DOWN */
-+
-+ prv->set_mac_address = NULL;
-+#ifdef DETACH_AND_DOWN
-+ dev->set_mac_address = NULL;
-+#endif /* DETACH_AND_DOWN */
-+
-+ prv->header_cache_update = NULL;
-+#ifdef DETACH_AND_DOWN
-+ dev->header_cache_update = NULL;
-+#endif /* DETACH_AND_DOWN */
-+
-+#ifdef DETACH_AND_DOWN
-+ dev->neigh_setup = NULL;
-+#endif /* DETACH_AND_DOWN */
-+
-+ dev->hard_header_len = 0;
-+#ifdef DETACH_AND_DOWN
-+ dev->mtu = 0;
-+#endif /* DETACH_AND_DOWN */
-+ prv->mtu = 0;
-+ for (i=0; i<MAX_ADDR_LEN; i++) {
-+ dev->dev_addr[i] = 0;
-+ }
-+ dev->addr_len = 0;
-+#ifdef PHYSDEV_TYPE
-+ dev->type = ARPHRD_VOID; /* ARPHRD_MAST; */
-+#endif /* PHYSDEV_TYPE */
-+
-+ return 0;
-+}
-+
-+/*
-+ * We call the clear routine to detach all ipsec masts from other devices.
-+ */
-+DEBUG_NO_STATIC int
-+ipsec_mast_clear(void)
-+{
-+ int i;
-+ struct net_device *ipsecdev = NULL, *prvdev;
-+ struct ipsecpriv *prv;
-+ char name[9];
-+ int ret;
-+
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_clear: .\n");
-+
-+ for(i = 0; i < IPSEC_NUM_IF; i++) {
-+ sprintf(name, IPSEC_DEV_FORMAT, i);
-+ if((ipsecdev = ipsec_dev_get(name)) != NULL) {
-+ if((prv = (struct ipsecpriv *)(ipsecdev->priv))) {
-+ prvdev = (struct net_device *)(prv->dev);
-+ if(prvdev) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_clear: "
-+ "physical device for device %s is %s\n",
-+ name, prvdev->name);
-+ if((ret = ipsec_mast_detach(ipsecdev))) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_clear: "
-+ "error %d detatching device %s from device %s.\n",
-+ ret, name, prvdev->name);
-+ return ret;
-+ }
-+ }
-+ }
-+ }
-+ }
-+ return 0;
-+}
-+
-+DEBUG_NO_STATIC int
-+ipsec_mast_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
-+{
-+ struct ipsecmastconf *cf = (struct ipsecmastconf *)&ifr->ifr_data;
-+ struct ipsecpriv *prv = dev->priv;
-+ struct net_device *them; /* physical device */
-+#ifdef CONFIG_IP_ALIAS
-+ char *colon;
-+ char realphysname[IFNAMSIZ];
-+#endif /* CONFIG_IP_ALIAS */
-+
-+ if(dev == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_ioctl: "
-+ "device not supplied.\n");
-+ return -ENODEV;
-+ }
-+
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_ioctl: "
-+ "tncfg service call #%d for dev=%s\n",
-+ cmd,
-+ dev->name ? dev->name : "NULL");
-+ switch (cmd) {
-+ /* attach a virtual ipsec? device to a physical device */
-+ case IPSEC_SET_DEV:
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_ioctl: "
-+ "calling ipsec_mast_attatch...\n");
-+#ifdef CONFIG_IP_ALIAS
-+ /* If this is an IP alias interface, get its real physical name */
-+ strncpy(realphysname, cf->cf_name, IFNAMSIZ);
-+ realphysname[IFNAMSIZ-1] = 0;
-+ colon = strchr(realphysname, ':');
-+ if (colon) *colon = 0;
-+ them = ipsec_dev_get(realphysname);
-+#else /* CONFIG_IP_ALIAS */
-+ them = ipsec_dev_get(cf->cf_name);
-+#endif /* CONFIG_IP_ALIAS */
-+
-+ if (them == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_ioctl: "
-+ "physical device %s requested is null\n",
-+ cf->cf_name);
-+ return -ENXIO;
-+ }
-+
-+#if 0
-+ if (them->flags & IFF_UP) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_ioctl: "
-+ "physical device %s requested is not up.\n",
-+ cf->cf_name);
-+ return -ENXIO;
-+ }
-+#endif
-+
-+ if (prv && prv->dev) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_ioctl: "
-+ "virtual device is already connected to %s.\n",
-+ prv->dev->name ? prv->dev->name : "NULL");
-+ return -EBUSY;
-+ }
-+ return ipsec_mast_attach(dev, them);
-+
-+ case IPSEC_DEL_DEV:
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_ioctl: "
-+ "calling ipsec_mast_detatch.\n");
-+ if (! prv->dev) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_ioctl: "
-+ "physical device not connected.\n");
-+ return -ENODEV;
-+ }
-+ return ipsec_mast_detach(dev);
-+
-+ case IPSEC_CLR_DEV:
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_ioctl: "
-+ "calling ipsec_mast_clear.\n");
-+ return ipsec_mast_clear();
-+
-+ default:
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_ioctl: "
-+ "unknown command %d.\n",
-+ cmd);
-+ return -EOPNOTSUPP;
-+ }
-+}
-+
-+int
-+ipsec_mast_device_event(struct notifier_block *unused, unsigned long event, void *ptr)
-+{
-+ struct net_device *dev = ptr;
-+ struct net_device *ipsec_dev;
-+ struct ipsecpriv *priv;
-+ char name[9];
-+ int i;
-+
-+ if (dev == NULL) {
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_device_event: "
-+ "dev=NULL for event type %ld.\n",
-+ event);
-+ return(NOTIFY_DONE);
-+ }
-+
-+ /* check for loopback devices */
-+ if (dev && (dev->flags & IFF_LOOPBACK)) {
-+ return(NOTIFY_DONE);
-+ }
-+
-+ switch (event) {
-+ case NETDEV_DOWN:
-+ /* look very carefully at the scope of these compiler
-+ directives before changing anything... -- RGB */
-+
-+ case NETDEV_UNREGISTER:
-+ switch (event) {
-+ case NETDEV_DOWN:
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_device_event: "
-+ "NETDEV_DOWN dev=%s flags=%x\n",
-+ dev->name,
-+ dev->flags);
-+ if(strncmp(dev->name, "ipsec", strlen("ipsec")) == 0) {
-+ printk(KERN_CRIT "IPSEC EVENT: KLIPS device %s shut down.\n",
-+ dev->name);
-+ }
-+ break;
-+ case NETDEV_UNREGISTER:
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_device_event: "
-+ "NETDEV_UNREGISTER dev=%s flags=%x\n",
-+ dev->name,
-+ dev->flags);
-+ break;
-+ }
-+
-+ /* find the attached physical device and detach it. */
-+ for(i = 0; i < IPSEC_NUM_IF; i++) {
-+ sprintf(name, IPSEC_DEV_FORMAT, i);
-+ ipsec_dev = ipsec_dev_get(name);
-+ if(ipsec_dev) {
-+ priv = (struct ipsecpriv *)(ipsec_dev->priv);
-+ if(priv) {
-+ ;
-+ if(((struct net_device *)(priv->dev)) == dev) {
-+ /* dev_close(ipsec_dev); */
-+ /* return */ ipsec_mast_detach(ipsec_dev);
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_device_event: "
-+ "device '%s' has been detached.\n",
-+ ipsec_dev->name);
-+ break;
-+ }
-+ } else {
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_device_event: "
-+ "device '%s' has no private data space!\n",
-+ ipsec_dev->name);
-+ }
-+ }
-+ }
-+ break;
-+ case NETDEV_UP:
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_device_event: "
-+ "NETDEV_UP dev=%s\n",
-+ dev->name);
-+ break;
-+ case NETDEV_REBOOT:
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_device_event: "
-+ "NETDEV_REBOOT dev=%s\n",
-+ dev->name);
-+ break;
-+ case NETDEV_CHANGE:
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_device_event: "
-+ "NETDEV_CHANGE dev=%s flags=%x\n",
-+ dev->name,
-+ dev->flags);
-+ break;
-+ case NETDEV_REGISTER:
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_device_event: "
-+ "NETDEV_REGISTER dev=%s\n",
-+ dev->name);
-+ break;
-+ case NETDEV_CHANGEMTU:
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_device_event: "
-+ "NETDEV_CHANGEMTU dev=%s to mtu=%d\n",
-+ dev->name,
-+ dev->mtu);
-+ break;
-+ case NETDEV_CHANGEADDR:
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_device_event: "
-+ "NETDEV_CHANGEADDR dev=%s\n",
-+ dev->name);
-+ break;
-+ case NETDEV_GOING_DOWN:
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_device_event: "
-+ "NETDEV_GOING_DOWN dev=%s\n",
-+ dev->name);
-+ break;
-+ case NETDEV_CHANGENAME:
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_device_event: "
-+ "NETDEV_CHANGENAME dev=%s\n",
-+ dev->name);
-+ break;
-+ default:
-+ KLIPS_PRINT(debug_mast & DB_MAST_INIT,
-+ "klips_debug:ipsec_mast_device_event: "
-+ "event type %ld unrecognised for dev=%s\n",
-+ event,
-+ dev->name);
-+ break;
-+ }
-+ return NOTIFY_DONE;
-+}
-+
-+/*
-+ * Called when an ipsec mast device is initialized.
-+ * The ipsec mast device structure is passed to us.
-+ */
-+
-+int
-+ipsec_mast_init(struct net_device *dev)
-+{
-+ int i;
-+
-+ KLIPS_PRINT(debug_mast,
-+ "klips_debug:ipsec_mast_init: "
-+ "allocating %lu bytes initialising device: %s\n",
-+ (unsigned long) sizeof(struct ipsecpriv),
-+ dev->name ? dev->name : "NULL");
-+
-+ /* Add our mast functions to the device */
-+ dev->open = ipsec_mast_open;
-+ dev->stop = ipsec_mast_close;
-+ dev->hard_start_xmit = ipsec_mast_start_xmit;
-+ dev->get_stats = ipsec_mast_get_stats;
-+
-+ dev->priv = kmalloc(sizeof(struct ipsecpriv), GFP_KERNEL);
-+ if (dev->priv == NULL)
-+ return -ENOMEM;
-+ memset((caddr_t)(dev->priv), 0, sizeof(struct ipsecpriv));
-+
-+ for(i = 0; i < sizeof(zeroes); i++) {
-+ ((__u8*)(zeroes))[i] = 0;
-+ }
-+
-+ dev->set_multicast_list = NULL;
-+ dev->do_ioctl = ipsec_mast_ioctl;
-+ dev->hard_header = NULL;
-+ dev->rebuild_header = NULL;
-+ dev->set_mac_address = NULL;
-+ dev->header_cache_update= NULL;
-+ dev->neigh_setup = ipsec_mast_neigh_setup_dev;
-+ dev->hard_header_len = 0;
-+ dev->mtu = 0;
-+ dev->addr_len = 0;
-+ dev->type = ARPHRD_VOID; /* ARPHRD_MAST; */ /* ARPHRD_ETHER; */
-+ dev->tx_queue_len = 10; /* Small queue */
-+ memset((caddr_t)(dev->broadcast),0xFF, ETH_ALEN); /* what if this is not attached to ethernet? */
-+
-+ /* New-style flags. */
-+ dev->flags = IFF_NOARP /* 0 */ /* Petr Novak */;
-+ dev_init_buffers(dev);
-+
-+ /* We're done. Have I forgotten anything? */
-+ return 0;
-+}
-+
-+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
-+/* Module specific interface (but it links with the rest of IPSEC) */
-+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
-+
-+int
-+ipsec_mast_probe(struct net_device *dev)
-+{
-+ ipsec_mast_init(dev);
-+ return 0;
-+}
-+
-+int
-+ipsec_mast_init_devices(void)
-+{
-+ return 0;
-+}
-+
-+/* void */
-+int
-+ipsec_mast_cleanup_devices(void)
-+{
-+ int error = 0;
-+ int i;
-+ char name[10];
-+ struct net_device *dev_mast;
-+
-+ for(i = 0; i < ipsec_mastdevice_count; i++) {
-+ sprintf(name, MAST_DEV_FORMAT, i);
-+ if((dev_mast = ipsec_dev_get(name)) == NULL) {
-+ break;
-+ }
-+ unregister_netdev(dev_mast);
-+ kfree(dev_mast->priv);
-+ dev_mast->priv=NULL;
-+ }
-+ return error;
-+}
-+
-+/*
-+ * $Log: ipsec_mast.c,v $
-+ * Revision 1.7.2.1 2006/10/06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.7 2005/04/29 05:10:22 mcr
-+ * removed from extraenous includes to make unit testing easier.
-+ *
-+ * Revision 1.6 2004/12/03 21:25:57 mcr
-+ * compile time fixes for running on 2.6.
-+ * still experimental.
-+ *
-+ * Revision 1.5 2004/08/03 18:19:08 mcr
-+ * in 2.6, use "net_device" instead of #define device->net_device.
-+ * this probably breaks 2.0 compiles.
-+ *
-+ * Revision 1.4 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.3 2003/10/31 02:27:55 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.2.4.1 2003/10/29 01:30:41 mcr
-+ * elimited "struct sa_id".
-+ *
-+ * Revision 1.2 2003/06/22 20:06:17 mcr
-+ * refactored mast code still had lots of ipsecX junk in it.
-+ *
-+ * Revision 1.1 2003/02/12 19:31:12 rgb
-+ * Refactored from ipsec_tunnel.c
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_md5c.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,453 @@
-+/*
-+ * RCSID $Id: ipsec_md5c.c,v 1.10 2005/04/15 01:25:57 mcr Exp $
-+ */
-+
-+/*
-+ * The rest of the code is derived from MD5C.C by RSADSI. Minor cosmetic
-+ * changes to accomodate it in the kernel by ji.
-+ */
-+
-+#include <asm/byteorder.h>
-+#include <linux/string.h>
-+
-+#include "openswan/ipsec_md5h.h"
-+
-+/* MD5C.C - RSA Data Security, Inc., MD5 message-digest algorithm
-+ */
-+
-+/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
-+rights reserved.
-+
-+License to copy and use this software is granted provided that it
-+is identified as the "RSA Data Security, Inc. MD5 Message-Digest
-+Algorithm" in all material mentioning or referencing this software
-+or this function.
-+
-+License is also granted to make and use derivative works provided
-+that such works are identified as "derived from the RSA Data
-+Security, Inc. MD5 Message-Digest Algorithm" in all material
-+mentioning or referencing the derived work.
-+
-+RSA Data Security, Inc. makes no representations concerning either
-+the merchantability of this software or the suitability of this
-+software for any particular purpose. It is provided "as is"
-+without express or implied warranty of any kind.
-+
-+These notices must be retained in any copies of any part of this
-+documentation and/or software.
-+ */
-+
-+/*
-+ * Additions by JI
-+ *
-+ * HAVEMEMCOPY is defined if mem* routines are available
-+ *
-+ * HAVEHTON is defined if htons() and htonl() can be used
-+ * for big/little endian conversions
-+ *
-+ */
-+
-+#define HAVEMEMCOPY
-+#ifdef __LITTLE_ENDIAN
-+#define LITTLENDIAN
-+#endif
-+#ifdef __BIG_ENDIAN
-+#define BIGENDIAN
-+#endif
-+
-+/* Constants for MD5Transform routine.
-+ */
-+
-+#define S11 7
-+#define S12 12
-+#define S13 17
-+#define S14 22
-+#define S21 5
-+#define S22 9
-+#define S23 14
-+#define S24 20
-+#define S31 4
-+#define S32 11
-+#define S33 16
-+#define S34 23
-+#define S41 6
-+#define S42 10
-+#define S43 15
-+#define S44 21
-+
-+static void MD5Transform PROTO_LIST ((UINT4 [4], unsigned char [64]));
-+
-+#ifdef LITTLEENDIAN
-+#define Encode MD5_memcpy
-+#define Decode MD5_memcpy
-+#else
-+static void Encode PROTO_LIST
-+ ((unsigned char *, UINT4 *, unsigned int));
-+static void Decode PROTO_LIST
-+ ((UINT4 *, unsigned char *, unsigned int));
-+#endif
-+
-+#ifdef HAVEMEMCOPY
-+/* no need to include <memory.h> here; <linux/string.h> defines these */
-+#define MD5_memcpy memcpy
-+#define MD5_memset memset
-+#else
-+#ifdef HAVEBCOPY
-+#define MD5_memcpy(_a,_b,_c) bcopy((_b),(_a),(_c))
-+#define MD5_memset(_a,_b,_c) bzero((_a),(_c))
-+#else
-+static void MD5_memcpy PROTO_LIST ((POINTER, POINTER, unsigned int));
-+static void MD5_memset PROTO_LIST ((POINTER, int, unsigned int));
-+#endif
-+#endif
-+static unsigned char PADDING[64] = {
-+ 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
-+};
-+
-+/* F, G, H and I are basic MD5 functions.
-+ */
-+#define F(x, y, z) (((x) & (y)) | ((~x) & (z)))
-+#define G(x, y, z) (((x) & (z)) | ((y) & (~z)))
-+#define H(x, y, z) ((x) ^ (y) ^ (z))
-+#define I(x, y, z) ((y) ^ ((x) | (~z)))
-+
-+/* ROTATE_LEFT rotates x left n bits.
-+ */
-+#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n))))
-+
-+/* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4.
-+Rotation is separate from addition to prevent recomputation.
-+ */
-+#define FF(a, b, c, d, x, s, ac) { \
-+ (a) += F ((b), (c), (d)) + (x) + (UINT4)(ac); \
-+ (a) = ROTATE_LEFT ((a), (s)); \
-+ (a) += (b); \
-+ }
-+#define GG(a, b, c, d, x, s, ac) { \
-+ (a) += G ((b), (c), (d)) + (x) + (UINT4)(ac); \
-+ (a) = ROTATE_LEFT ((a), (s)); \
-+ (a) += (b); \
-+ }
-+#define HH(a, b, c, d, x, s, ac) { \
-+ (a) += H ((b), (c), (d)) + (x) + (UINT4)(ac); \
-+ (a) = ROTATE_LEFT ((a), (s)); \
-+ (a) += (b); \
-+ }
-+#define II(a, b, c, d, x, s, ac) { \
-+ (a) += I ((b), (c), (d)) + (x) + (UINT4)(ac); \
-+ (a) = ROTATE_LEFT ((a), (s)); \
-+ (a) += (b); \
-+ }
-+
-+/*
-+ * MD5 initialization. Begins an MD5 operation, writing a new context.
-+ */
-+void osMD5Init(void *vcontext)
-+{
-+ MD5_CTX *context = vcontext;
-+
-+ context->count[0] = context->count[1] = 0;
-+ /* Load magic initialization constants.*/
-+ context->state[0] = 0x67452301;
-+ context->state[1] = 0xefcdab89;
-+ context->state[2] = 0x98badcfe;
-+ context->state[3] = 0x10325476;
-+}
-+
-+/* MD5 block update operation. Continues an MD5 message-digest
-+ operation, processing another message block, and updating the
-+ context.
-+ */
-+void osMD5Update (vcontext, input, inputLen)
-+ void *vcontext;
-+ unsigned char *input; /* input block */
-+ __u32 inputLen; /* length of input block */
-+{
-+ MD5_CTX *context = vcontext;
-+ __u32 i;
-+ unsigned int index, partLen;
-+
-+ /* Compute number of bytes mod 64 */
-+ index = (unsigned int)((context->count[0] >> 3) & 0x3F);
-+
-+ /* Update number of bits */
-+ if ((context->count[0] += ((UINT4)inputLen << 3))
-+ < ((UINT4)inputLen << 3))
-+ context->count[1]++;
-+ context->count[1] += ((UINT4)inputLen >> 29);
-+
-+ partLen = 64 - index;
-+
-+ /* Transform as many times as possible.
-+*/
-+ if (inputLen >= partLen) {
-+ MD5_memcpy
-+ ((POINTER)&context->buffer[index], (POINTER)input, partLen);
-+ MD5Transform (context->state, context->buffer);
-+
-+ for (i = partLen; i + 63 < inputLen; i += 64)
-+ MD5Transform (context->state, &input[i]);
-+
-+ index = 0;
-+ }
-+ else
-+ i = 0;
-+
-+ /* Buffer remaining input */
-+ MD5_memcpy
-+ ((POINTER)&context->buffer[index], (POINTER)&input[i],
-+ inputLen-i);
-+}
-+
-+/* MD5 finalization. Ends an MD5 message-digest operation, writing the
-+ the message digest and zeroizing the context.
-+ */
-+void osMD5Final (digest, vcontext)
-+unsigned char digest[16]; /* message digest */
-+void *vcontext; /* context */
-+{
-+ MD5_CTX *context = vcontext;
-+ unsigned char bits[8];
-+ unsigned int index, padLen;
-+
-+ /* Save number of bits */
-+ Encode (bits, context->count, 8);
-+
-+ /* Pad out to 56 mod 64.
-+*/
-+ index = (unsigned int)((context->count[0] >> 3) & 0x3f);
-+ padLen = (index < 56) ? (56 - index) : (120 - index);
-+ osMD5Update (context, PADDING, padLen);
-+
-+ /* Append length (before padding) */
-+ osMD5Update (context, bits, 8);
-+
-+ if (digest != NULL) /* Bill Simpson's padding */
-+ {
-+ /* store state in digest */
-+ Encode (digest, context->state, 16);
-+
-+ /* Zeroize sensitive information.
-+ */
-+ MD5_memset ((POINTER)context, 0, sizeof (*context));
-+ }
-+}
-+
-+/* MD5 basic transformation. Transforms state based on block.
-+ */
-+static void MD5Transform (state, block)
-+UINT4 state[4];
-+unsigned char block[64];
-+{
-+ UINT4 a = state[0], b = state[1], c = state[2], d = state[3], x[16];
-+
-+ Decode (x, block, 64);
-+
-+ /* Round 1 */
-+ FF (a, b, c, d, x[ 0], S11, 0xd76aa478); /* 1 */
-+ FF (d, a, b, c, x[ 1], S12, 0xe8c7b756); /* 2 */
-+ FF (c, d, a, b, x[ 2], S13, 0x242070db); /* 3 */
-+ FF (b, c, d, a, x[ 3], S14, 0xc1bdceee); /* 4 */
-+ FF (a, b, c, d, x[ 4], S11, 0xf57c0faf); /* 5 */
-+ FF (d, a, b, c, x[ 5], S12, 0x4787c62a); /* 6 */
-+ FF (c, d, a, b, x[ 6], S13, 0xa8304613); /* 7 */
-+ FF (b, c, d, a, x[ 7], S14, 0xfd469501); /* 8 */
-+ FF (a, b, c, d, x[ 8], S11, 0x698098d8); /* 9 */
-+ FF (d, a, b, c, x[ 9], S12, 0x8b44f7af); /* 10 */
-+ FF (c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */
-+ FF (b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */
-+ FF (a, b, c, d, x[12], S11, 0x6b901122); /* 13 */
-+ FF (d, a, b, c, x[13], S12, 0xfd987193); /* 14 */
-+ FF (c, d, a, b, x[14], S13, 0xa679438e); /* 15 */
-+ FF (b, c, d, a, x[15], S14, 0x49b40821); /* 16 */
-+
-+ /* Round 2 */
-+ GG (a, b, c, d, x[ 1], S21, 0xf61e2562); /* 17 */
-+ GG (d, a, b, c, x[ 6], S22, 0xc040b340); /* 18 */
-+ GG (c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */
-+ GG (b, c, d, a, x[ 0], S24, 0xe9b6c7aa); /* 20 */
-+ GG (a, b, c, d, x[ 5], S21, 0xd62f105d); /* 21 */
-+ GG (d, a, b, c, x[10], S22, 0x2441453); /* 22 */
-+ GG (c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */
-+ GG (b, c, d, a, x[ 4], S24, 0xe7d3fbc8); /* 24 */
-+ GG (a, b, c, d, x[ 9], S21, 0x21e1cde6); /* 25 */
-+ GG (d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */
-+ GG (c, d, a, b, x[ 3], S23, 0xf4d50d87); /* 27 */
-+ GG (b, c, d, a, x[ 8], S24, 0x455a14ed); /* 28 */
-+ GG (a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */
-+ GG (d, a, b, c, x[ 2], S22, 0xfcefa3f8); /* 30 */
-+ GG (c, d, a, b, x[ 7], S23, 0x676f02d9); /* 31 */
-+ GG (b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */
-+
-+ /* Round 3 */
-+ HH (a, b, c, d, x[ 5], S31, 0xfffa3942); /* 33 */
-+ HH (d, a, b, c, x[ 8], S32, 0x8771f681); /* 34 */
-+ HH (c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */
-+ HH (b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */
-+ HH (a, b, c, d, x[ 1], S31, 0xa4beea44); /* 37 */
-+ HH (d, a, b, c, x[ 4], S32, 0x4bdecfa9); /* 38 */
-+ HH (c, d, a, b, x[ 7], S33, 0xf6bb4b60); /* 39 */
-+ HH (b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */
-+ HH (a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */
-+ HH (d, a, b, c, x[ 0], S32, 0xeaa127fa); /* 42 */
-+ HH (c, d, a, b, x[ 3], S33, 0xd4ef3085); /* 43 */
-+ HH (b, c, d, a, x[ 6], S34, 0x4881d05); /* 44 */
-+ HH (a, b, c, d, x[ 9], S31, 0xd9d4d039); /* 45 */
-+ HH (d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */
-+ HH (c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */
-+ HH (b, c, d, a, x[ 2], S34, 0xc4ac5665); /* 48 */
-+
-+ /* Round 4 */
-+ II (a, b, c, d, x[ 0], S41, 0xf4292244); /* 49 */
-+ II (d, a, b, c, x[ 7], S42, 0x432aff97); /* 50 */
-+ II (c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */
-+ II (b, c, d, a, x[ 5], S44, 0xfc93a039); /* 52 */
-+ II (a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */
-+ II (d, a, b, c, x[ 3], S42, 0x8f0ccc92); /* 54 */
-+ II (c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */
-+ II (b, c, d, a, x[ 1], S44, 0x85845dd1); /* 56 */
-+ II (a, b, c, d, x[ 8], S41, 0x6fa87e4f); /* 57 */
-+ II (d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */
-+ II (c, d, a, b, x[ 6], S43, 0xa3014314); /* 59 */
-+ II (b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */
-+ II (a, b, c, d, x[ 4], S41, 0xf7537e82); /* 61 */
-+ II (d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */
-+ II (c, d, a, b, x[ 2], S43, 0x2ad7d2bb); /* 63 */
-+ II (b, c, d, a, x[ 9], S44, 0xeb86d391); /* 64 */
-+
-+ state[0] += a;
-+ state[1] += b;
-+ state[2] += c;
-+ state[3] += d;
-+
-+ /* Zeroize sensitive information.
-+*/
-+ MD5_memset ((POINTER)x, 0, sizeof (x));
-+}
-+
-+#ifndef LITTLEENDIAN
-+
-+/* Encodes input (UINT4) into output (unsigned char). Assumes len is
-+ a multiple of 4.
-+ */
-+static void Encode (output, input, len)
-+unsigned char *output;
-+UINT4 *input;
-+unsigned int len;
-+{
-+ unsigned int i, j;
-+
-+ for (i = 0, j = 0; j < len; i++, j += 4) {
-+ output[j] = (unsigned char)(input[i] & 0xff);
-+ output[j+1] = (unsigned char)((input[i] >> 8) & 0xff);
-+ output[j+2] = (unsigned char)((input[i] >> 16) & 0xff);
-+ output[j+3] = (unsigned char)((input[i] >> 24) & 0xff);
-+ }
-+}
-+
-+/* Decodes input (unsigned char) into output (UINT4). Assumes len is
-+ a multiple of 4.
-+ */
-+static void Decode (output, input, len)
-+UINT4 *output;
-+unsigned char *input;
-+unsigned int len;
-+{
-+ unsigned int i, j;
-+
-+ for (i = 0, j = 0; j < len; i++, j += 4)
-+ output[i] = ((UINT4)input[j]) | (((UINT4)input[j+1]) << 8) |
-+ (((UINT4)input[j+2]) << 16) | (((UINT4)input[j+3]) << 24);
-+}
-+
-+#endif
-+
-+#ifndef HAVEMEMCOPY
-+#ifndef HAVEBCOPY
-+/* Note: Replace "for loop" with standard memcpy if possible.
-+ */
-+
-+static void MD5_memcpy (output, input, len)
-+POINTER output;
-+POINTER input;
-+unsigned int len;
-+{
-+ unsigned int i;
-+
-+ for (i = 0; i < len; i++)
-+
-+ output[i] = input[i];
-+}
-+
-+/* Note: Replace "for loop" with standard memset if possible.
-+ */
-+
-+static void MD5_memset (output, value, len)
-+POINTER output;
-+int value;
-+unsigned int len;
-+{
-+ unsigned int i;
-+
-+ for (i = 0; i < len; i++)
-+ ((char *)output)[i] = (char)value;
-+}
-+#endif
-+#endif
-+
-+/*
-+ * $Log: ipsec_md5c.c,v $
-+ * Revision 1.10 2005/04/15 01:25:57 mcr
-+ * minor fix to comments.
-+ *
-+ * Revision 1.9 2004/09/08 17:21:36 ken
-+ * Rename MD5* -> osMD5 functions to prevent clashes with other symbols exported by kernel modules (CIFS in 2.6 initiated this)
-+ *
-+ * Revision 1.8 2004/04/06 02:49:26 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.7 2002/09/10 01:45:14 mcr
-+ * changed type of MD5_CTX and SHA1_CTX to void * so that
-+ * the function prototypes would match, and could be placed
-+ * into a pointer to a function.
-+ *
-+ * Revision 1.6 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.5 2002/04/24 07:36:28 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_md5c.c,v
-+ *
-+ * Revision 1.4 1999/12/13 13:59:12 rgb
-+ * Quick fix to argument size to Update bugs.
-+ *
-+ * Revision 1.3 1999/05/21 18:09:28 henry
-+ * unnecessary <memory.h> include causes trouble in 2.2
-+ *
-+ * Revision 1.2 1999/04/06 04:54:26 rgb
-+ * Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+ * patch shell fixes.
-+ *
-+ * Revision 1.1 1998/06/18 21:27:48 henry
-+ * move sources from klips/src to klips/net/ipsec, to keep stupid
-+ * kernel-build scripts happier in the presence of symlinks
-+ *
-+ * Revision 1.2 1998/04/23 20:54:02 rgb
-+ * Fixed md5 and sha1 include file nesting issues, to be cleaned up when
-+ * verified.
-+ *
-+ * Revision 1.1 1998/04/09 03:06:08 henry
-+ * sources moved up from linux/net/ipsec
-+ *
-+ * Revision 1.1.1.1 1998/04/08 05:35:04 henry
-+ * RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
-+ *
-+ * Revision 0.3 1996/11/20 14:48:53 ji
-+ * Release update only.
-+ *
-+ * Revision 0.2 1996/11/02 00:18:33 ji
-+ * First limited release.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_proc.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,1186 @@
-+/*
-+ * @(#) /proc file system interface code.
-+ *
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998, 1999, 2000, 2001 Richard Guy Briggs <rgb@freeswan.org>
-+ * 2001 Michael Richardson <mcr@freeswan.org>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * Split out from ipsec_init.c version 1.70.
-+ */
-+
-+char ipsec_proc_c_version[] = "RCSID $Id: ipsec_proc.c,v 1.39.2.4 2006/11/15 22:21:39 paul Exp $";
-+
-+
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+#define __NO_VERSION__
-+#include <linux/module.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "openswan/ipsec_kversion.h"
-+#include "openswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/interrupt.h> /* mark_bh */
-+
-+#include <linux/netdevice.h> /* struct device, and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+#include <linux/in.h> /* struct sockaddr_in */
-+#include <linux/skbuff.h>
-+#include <asm/uaccess.h> /* copy_from_user */
-+#include <openswan.h>
-+#ifdef SPINLOCK
-+#ifdef SPINLOCK_23
-+#include <linux/spinlock.h> /* *lock* */
-+#else /* SPINLOCK_23 */
-+#include <asm/spinlock.h> /* *lock* */
-+#endif /* SPINLOCK_23 */
-+#endif /* SPINLOCK */
-+
-+#include <net/ip.h>
-+#ifdef CONFIG_PROC_FS
-+#include <linux/proc_fs.h>
-+#endif /* CONFIG_PROC_FS */
-+#ifdef NETLINK_SOCK
-+#include <linux/netlink.h>
-+#else
-+#include <net/netlink.h>
-+#endif
-+
-+#include "openswan/radij.h"
-+
-+#include "openswan/ipsec_life.h"
-+#include "openswan/ipsec_stats.h"
-+#include "openswan/ipsec_sa.h"
-+
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_radij.h"
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_tunnel.h"
-+#include "openswan/ipsec_xmit.h"
-+
-+#include "openswan/ipsec_rcv.h"
-+#include "openswan/ipsec_ah.h"
-+#include "openswan/ipsec_esp.h"
-+#include "openswan/ipsec_kern24.h"
-+
-+#ifdef CONFIG_KLIPS_IPCOMP
-+#include "openswan/ipcomp.h"
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+
-+#include "openswan/ipsec_proto.h"
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+#ifdef CONFIG_PROC_FS
-+
-+#ifdef IPSEC_PROC_SUBDIRS
-+static struct proc_dir_entry *proc_net_ipsec_dir = NULL;
-+static struct proc_dir_entry *proc_eroute_dir = NULL;
-+static struct proc_dir_entry *proc_spi_dir = NULL;
-+static struct proc_dir_entry *proc_spigrp_dir = NULL;
-+static struct proc_dir_entry *proc_birth_dir = NULL;
-+static struct proc_dir_entry *proc_stats_dir = NULL;
-+#endif
-+
-+struct ipsec_birth_reply ipsec_ipv4_birth_packet;
-+struct ipsec_birth_reply ipsec_ipv6_birth_packet;
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+int debug_esp = 0;
-+int debug_ah = 0;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+#define DECREMENT_UNSIGNED(X, amount) ((amount < (X)) ? (X)-amount : 0)
-+
-+extern int ipsec_xform_get_info(char *buffer, char **start,
-+ off_t offset, int length IPSEC_PROC_LAST_ARG);
-+
-+
-+IPSEC_PROCFS_DEBUG_NO_STATIC
-+int
-+ipsec_eroute_get_info(char *buffer,
-+ char **start,
-+ off_t offset,
-+ int length IPSEC_PROC_LAST_ARG)
-+{
-+ struct wsbuf w = {buffer, length, offset, 0, 0};
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if (debug_radij & DB_RJ_DUMPTREES)
-+ rj_dumptrees(); /* XXXXXXXXX */
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_PROCFS,
-+ "klips_debug:ipsec_eroute_get_info: "
-+ "buffer=0p%p, *start=0p%p, offset=%d, length=%d\n",
-+ buffer,
-+ *start,
-+ (int)offset,
-+ length);
-+
-+ spin_lock_bh(&eroute_lock);
-+
-+ rj_walktree(rnh, ipsec_rj_walker_procprint, &w);
-+/* rj_walktree(mask_rjhead, ipsec_rj_walker_procprint, &w); */
-+
-+ spin_unlock_bh(&eroute_lock);
-+
-+ *start = buffer + (offset - w.begin); /* Start of wanted data */
-+ return w.len - (offset - w.begin);
-+}
-+
-+IPSEC_PROCFS_DEBUG_NO_STATIC
-+int
-+ipsec_spi_get_info(char *buffer,
-+ char **start,
-+ off_t offset,
-+ int length IPSEC_PROC_LAST_ARG)
-+{
-+ const int max_content = length > 0? length-1 : 0;
-+ int len = 0;
-+ off_t begin = 0;
-+ int i;
-+ struct ipsec_sa *sa_p;
-+ char sa[SATOT_BUF];
-+ char buf_s[SUBNETTOA_BUF];
-+ char buf_d[SUBNETTOA_BUF];
-+ size_t sa_len;
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_PROCFS,
-+ "klips_debug:ipsec_spi_get_info: "
-+ "buffer=0p%p, *start=0p%p, offset=%d, length=%d\n",
-+ buffer,
-+ *start,
-+ (int)offset,
-+ length);
-+
-+ spin_lock_bh(&tdb_lock);
-+
-+ for (i = 0; i < SADB_HASHMOD; i++) {
-+ for (sa_p = ipsec_sadb_hash[i];
-+ sa_p;
-+ sa_p = sa_p->ips_hnext) {
-+ atomic_inc(&sa_p->ips_refcount);
-+ sa_len = satot(&sa_p->ips_said, 'x', sa, sizeof(sa));
-+ len += ipsec_snprintf(buffer+len, length-len, "%s ",
-+ sa_len ? sa : " (error)");
-+
-+ len += ipsec_snprintf(buffer+len, length-len, "%s%s%s",
-+ IPS_XFORM_NAME(sa_p));
-+
-+ len += ipsec_snprintf(buffer+len, length-len, ": dir=%s",
-+ (sa_p->ips_flags & EMT_INBOUND) ?
-+ "in " : "out");
-+
-+ if(sa_p->ips_addr_s) {
-+ addrtoa(((struct sockaddr_in*)(sa_p->ips_addr_s))->sin_addr,
-+ 0, buf_s, sizeof(buf_s));
-+ len += ipsec_snprintf(buffer+len, length-len, " src=%s",
-+ buf_s);
-+ }
-+
-+ if((sa_p->ips_said.proto == IPPROTO_IPIP)
-+ && (sa_p->ips_flags & SADB_X_SAFLAGS_INFLOW)) {
-+ subnettoa(sa_p->ips_flow_s.u.v4.sin_addr,
-+ sa_p->ips_mask_s.u.v4.sin_addr,
-+ 0,
-+ buf_s,
-+ sizeof(buf_s));
-+
-+ subnettoa(sa_p->ips_flow_d.u.v4.sin_addr,
-+ sa_p->ips_mask_d.u.v4.sin_addr,
-+ 0,
-+ buf_d,
-+ sizeof(buf_d));
-+
-+ len += ipsec_snprintf(buffer+len, length-len, " policy=%s->%s",
-+ buf_s, buf_d);
-+ }
-+
-+ if(sa_p->ips_iv_bits) {
-+ int j;
-+ len += ipsec_snprintf(buffer+len, length-len, " iv_bits=%dbits iv=0x",
-+ sa_p->ips_iv_bits);
-+
-+ for(j = 0; j < sa_p->ips_iv_bits / 8; j++) {
-+ len += ipsec_snprintf(buffer+len, length-len, "%02x",
-+ (__u32)((__u8*)(sa_p->ips_iv))[j]);
-+ }
-+ }
-+
-+ if(sa_p->ips_encalg || sa_p->ips_authalg) {
-+ if(sa_p->ips_replaywin) {
-+ len += ipsec_snprintf(buffer+len, length-len, " ooowin=%d",
-+ sa_p->ips_replaywin);
-+ }
-+ if(sa_p->ips_errs.ips_replaywin_errs) {
-+ len += ipsec_snprintf(buffer+len, length-len, " ooo_errs=%d",
-+ sa_p->ips_errs.ips_replaywin_errs);
-+ }
-+ if(sa_p->ips_replaywin_lastseq) {
-+ len += ipsec_snprintf(buffer+len, length-len, " seq=%d",
-+ sa_p->ips_replaywin_lastseq);
-+ }
-+ if(sa_p->ips_replaywin_bitmap) {
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,3,0)
-+ len += ipsec_snprintf(buffer+len, length-len, " bit=0x%Lx",
-+ sa_p->ips_replaywin_bitmap);
-+#else
-+ len += ipsec_snprintf(buffer+len, length-len, " bit=0x%x%08x",
-+ (__u32)(sa_p->ips_replaywin_bitmap >> 32),
-+ (__u32)sa_p->ips_replaywin_bitmap);
-+#endif
-+ }
-+ if(sa_p->ips_replaywin_maxdiff) {
-+ len += ipsec_snprintf(buffer+len, length-len, " max_seq_diff=%d",
-+ sa_p->ips_replaywin_maxdiff);
-+ }
-+ }
-+ if(sa_p->ips_flags & ~EMT_INBOUND) {
-+ len += ipsec_snprintf(buffer+len, length-len, " flags=0x%x",
-+ sa_p->ips_flags & ~EMT_INBOUND);
-+ len += ipsec_snprintf(buffer+len, length-len, "<");
-+ /* flag printing goes here */
-+ len += ipsec_snprintf(buffer+len, length-len, ">");
-+ }
-+ if(sa_p->ips_auth_bits) {
-+ len += ipsec_snprintf(buffer+len, length-len, " alen=%d",
-+ sa_p->ips_auth_bits);
-+ }
-+ if(sa_p->ips_key_bits_a) {
-+ len += ipsec_snprintf(buffer+len, length-len, " aklen=%d",
-+ sa_p->ips_key_bits_a);
-+ }
-+ if(sa_p->ips_errs.ips_auth_errs) {
-+ len += ipsec_snprintf(buffer+len, length-len, " auth_errs=%d",
-+ sa_p->ips_errs.ips_auth_errs);
-+ }
-+ if(sa_p->ips_key_bits_e) {
-+ len += ipsec_snprintf(buffer+len, length-len, " eklen=%d",
-+ sa_p->ips_key_bits_e);
-+ }
-+ if(sa_p->ips_errs.ips_encsize_errs) {
-+ len += ipsec_snprintf(buffer+len, length-len, " encr_size_errs=%d",
-+ sa_p->ips_errs.ips_encsize_errs);
-+ }
-+ if(sa_p->ips_errs.ips_encpad_errs) {
-+ len += ipsec_snprintf(buffer+len, length-len, " encr_pad_errs=%d",
-+ sa_p->ips_errs.ips_encpad_errs);
-+ }
-+
-+ len += ipsec_snprintf(buffer+len, length-len, " life(c,s,h)=");
-+
-+ len += ipsec_lifetime_format(buffer + len,
-+ length - len,
-+ "alloc",
-+ ipsec_life_countbased,
-+ &sa_p->ips_life.ipl_allocations);
-+
-+ len += ipsec_lifetime_format(buffer + len,
-+ length - len,
-+ "bytes",
-+ ipsec_life_countbased,
-+ &sa_p->ips_life.ipl_bytes);
-+
-+ len += ipsec_lifetime_format(buffer + len,
-+ length - len,
-+ "addtime",
-+ ipsec_life_timebased,
-+ &sa_p->ips_life.ipl_addtime);
-+
-+ len += ipsec_lifetime_format(buffer + len,
-+ length - len,
-+ "usetime",
-+ ipsec_life_timebased,
-+ &sa_p->ips_life.ipl_usetime);
-+
-+ len += ipsec_lifetime_format(buffer + len,
-+ length - len,
-+ "packets",
-+ ipsec_life_countbased,
-+ &sa_p->ips_life.ipl_packets);
-+
-+ if(sa_p->ips_life.ipl_usetime.ipl_last) { /* XXX-MCR should be last? */
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,3,0)
-+ len += ipsec_snprintf(buffer+len, length-len, " idle=%Ld",
-+ jiffies / HZ - sa_p->ips_life.ipl_usetime.ipl_last);
-+#else
-+ len += ipsec_snprintf(buffer+len, length-len, " idle=%lu",
-+ jiffies / HZ - (unsigned long)sa_p->ips_life.ipl_usetime.ipl_last);
-+#endif
-+ }
-+
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ if(sa_p->ips_said.proto == IPPROTO_COMP &&
-+ (sa_p->ips_comp_ratio_dbytes ||
-+ sa_p->ips_comp_ratio_cbytes)) {
-+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,3,0)
-+ len += ipsec_snprintf(buffer+len, length-len, " ratio=%Ld:%Ld",
-+ sa_p->ips_comp_ratio_dbytes,
-+ sa_p->ips_comp_ratio_cbytes);
-+#else
-+ len += ipsec_snprintf(buffer+len, length-len, " ratio=%lu:%lu",
-+ (unsigned long)sa_p->ips_comp_ratio_dbytes,
-+ (unsigned long)sa_p->ips_comp_ratio_cbytes);
-+#endif
-+ }
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ {
-+ char *natttype_name;
-+
-+ switch(sa_p->ips_natt_type)
-+ {
-+ case 0:
-+ natttype_name="none";
-+ break;
-+ case ESPINUDP_WITH_NON_IKE:
-+ natttype_name="nonike";
-+ break;
-+ case ESPINUDP_WITH_NON_ESP:
-+ natttype_name="nonesp";
-+ break;
-+ default:
-+ natttype_name = "unknown";
-+ break;
-+ }
-+
-+ len += ipsec_snprintf(buffer + len, length-len, " natencap=%s",
-+ natttype_name);
-+
-+ len += ipsec_snprintf(buffer + len, length-len, " natsport=%d",
-+ sa_p->ips_natt_sport);
-+
-+ len += ipsec_snprintf(buffer + len,length-len, " natdport=%d",
-+ sa_p->ips_natt_dport);
-+ }
-+#else
-+ len += ipsec_snprintf(buffer + len, length-len, " natencap=na");
-+#endif /* CONFIG_IPSEC_NAT_TRAVERSAL */
-+
-+ len += ipsec_snprintf(buffer + len,length-len, " refcount=%d",
-+ atomic_read(&sa_p->ips_refcount));
-+
-+ len += ipsec_snprintf(buffer+len, length-len, " ref=%d",
-+ sa_p->ips_ref);
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(debug_xform) {
-+ len += ipsec_snprintf(buffer+len, length-len, " reftable=%lu refentry=%lu",
-+ (unsigned long)IPsecSAref2table(sa_p->ips_ref),
-+ (unsigned long)IPsecSAref2entry(sa_p->ips_ref));
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ len += ipsec_snprintf(buffer+len, length-len, "\n");
-+
-+ atomic_dec(&sa_p->ips_refcount);
-+
-+ if (len >= max_content) {
-+ /* we've done all that can fit -- stop loops */
-+ len = max_content; /* truncate crap */
-+ goto done_spi_i;
-+ } else {
-+ const off_t pos = begin + len; /* file position of end of what we've generated */
-+
-+ if (pos <= offset) {
-+ /* all is before first interesting character:
-+ * discard, but note where we are.
-+ */
-+ len = 0;
-+ begin = pos;
-+ }
-+ }
-+ }
-+ }
-+
-+done_spi_i:
-+ spin_unlock_bh(&tdb_lock);
-+
-+ *start = buffer + (offset - begin); /* Start of wanted data */
-+ return len - (offset - begin);
-+}
-+
-+IPSEC_PROCFS_DEBUG_NO_STATIC
-+int
-+ipsec_spigrp_get_info(char *buffer,
-+ char **start,
-+ off_t offset,
-+ int length IPSEC_PROC_LAST_ARG)
-+{
-+ /* Limit of useful snprintf output */
-+ const int max_content = length > 0? length-1 : 0;
-+
-+ int len = 0;
-+ off_t begin = 0;
-+ int i;
-+ struct ipsec_sa *sa_p, *sa_p2;
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_PROCFS,
-+ "klips_debug:ipsec_spigrp_get_info: "
-+ "buffer=0p%p, *start=0p%p, offset=%d, length=%d\n",
-+ buffer,
-+ *start,
-+ (int)offset,
-+ length);
-+
-+ spin_lock_bh(&tdb_lock);
-+
-+ for (i = 0; i < SADB_HASHMOD; i++) {
-+ for (sa_p = ipsec_sadb_hash[i];
-+ sa_p != NULL;
-+ sa_p = sa_p->ips_hnext)
-+ {
-+ atomic_inc(&sa_p->ips_refcount);
-+ if(sa_p->ips_inext == NULL) {
-+ sa_p2 = sa_p;
-+ while(sa_p2 != NULL) {
-+ atomic_inc(&sa_p2->ips_refcount);
-+ sa_len = satot(&sa_p2->ips_said,
-+ 'x', sa, sizeof(sa));
-+
-+ len += ipsec_snprintf(buffer+len, length-len, "%s ",
-+ sa_len ? sa : " (error)");
-+ atomic_dec(&sa_p2->ips_refcount);
-+ sa_p2 = sa_p2->ips_onext;
-+ }
-+ len += ipsec_snprintf(buffer+len, length-len, "\n");
-+ }
-+
-+ atomic_dec(&sa_p->ips_refcount);
-+
-+ if (len >= max_content) {
-+ /* we've done all that can fit -- stop loops */
-+ len = max_content; /* truncate crap */
-+ goto done_spigrp_i;
-+ } else {
-+ const off_t pos = begin + len;
-+
-+ if (pos <= offset) {
-+ /* all is before first interesting character:
-+ * discard, but note where we are.
-+ */
-+ len = 0;
-+ begin = pos;
-+ }
-+ }
-+ }
-+ }
-+
-+done_spigrp_i:
-+ spin_unlock_bh(&tdb_lock);
-+
-+ *start = buffer + (offset - begin); /* Start of wanted data */
-+ return len - (offset - begin);
-+}
-+
-+
-+IPSEC_PROCFS_DEBUG_NO_STATIC
-+int
-+ipsec_tncfg_get_info(char *buffer,
-+ char **start,
-+ off_t offset,
-+ int length IPSEC_PROC_LAST_ARG)
-+{
-+ /* limit of useful snprintf output */
-+ const int max_content = length > 0? length-1 : 0;
-+ int len = 0;
-+ off_t begin = 0;
-+ int i;
-+ char name[9];
-+ struct net_device *dev, *privdev;
-+ struct ipsecpriv *priv;
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_PROCFS,
-+ "klips_debug:ipsec_tncfg_get_info: "
-+ "buffer=0p%p, *start=0p%p, offset=%d, length=%d\n",
-+ buffer,
-+ *start,
-+ (int)offset,
-+ length);
-+
-+ for(i = 0; i < IPSEC_NUM_IF; i++) {
-+ ipsec_snprintf(name, (ssize_t) sizeof(name), IPSEC_DEV_FORMAT, i);
-+ dev = __ipsec_dev_get(name);
-+ if(dev) {
-+ priv = (struct ipsecpriv *)(dev->priv);
-+ len += ipsec_snprintf(buffer+len, length-len, "%s",
-+ dev->name);
-+ if(priv) {
-+ privdev = (struct net_device *)(priv->dev);
-+ len += ipsec_snprintf(buffer+len, length-len, " -> %s",
-+ privdev ? privdev->name : "NULL");
-+ len += ipsec_snprintf(buffer+len, length-len, " mtu=%d(%d) -> %d",
-+ dev->mtu,
-+ priv->mtu,
-+ privdev ? privdev->mtu : 0);
-+ } else {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_PROCFS,
-+ "klips_debug:ipsec_tncfg_get_info: device '%s' has no private data space!\n",
-+ dev->name);
-+ }
-+ len += ipsec_snprintf(buffer+len, length-len, "\n");
-+
-+ if (len >= max_content) {
-+ /* we've done all that can fit -- stop loop */
-+ len = max_content; /* truncate crap */
-+ break;
-+ } else {
-+ const off_t pos = begin + len;
-+ if (pos <= offset) {
-+ len = 0;
-+ begin = pos;
-+ }
-+ }
-+ }
-+ }
-+ *start = buffer + (offset - begin); /* Start of wanted data */
-+ len -= (offset - begin); /* Start slop */
-+ if (len > length)
-+ len = length;
-+ return len;
-+}
-+
-+IPSEC_PROCFS_DEBUG_NO_STATIC
-+int
-+ipsec_version_get_info(char *buffer,
-+ char **start,
-+ off_t offset,
-+ int length IPSEC_PROC_LAST_ARG)
-+{
-+ int len = 0;
-+ off_t begin = 0;
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_PROCFS,
-+ "klips_debug:ipsec_version_get_info: "
-+ "buffer=0p%p, *start=0p%p, offset=%d, length=%d\n",
-+ buffer,
-+ *start,
-+ (int)offset,
-+ length);
-+
-+ len += ipsec_snprintf(buffer + len,length-len, "Openswan version: %s\n",
-+ ipsec_version_code());
-+#if 0
-+ KLIPS_PRINT(debug_tunnel & DB_TN_PROCFS,
-+ "klips_debug:ipsec_version_get_info: "
-+ "ipsec_init version: %s\n",
-+ ipsec_init_c_version);
-+ KLIPS_PRINT(debug_tunnel & DB_TN_PROCFS,
-+ "klips_debug:ipsec_version_get_info: "
-+ "ipsec_tunnel version: %s\n",
-+ ipsec_tunnel_c_version);
-+ KLIPS_PRINT(debug_tunnel & DB_TN_PROCFS,
-+ "klips_debug:ipsec_version_get_info: "
-+ "ipsec_netlink version: %s\n",
-+ ipsec_netlink_c_version);
-+ KLIPS_PRINT(debug_tunnel & DB_TN_PROCFS,
-+ "klips_debug:ipsec_version_get_info: "
-+ "radij_c_version: %s\n",
-+ radij_c_version);
-+#endif
-+
-+
-+ *start = buffer + (offset - begin); /* Start of wanted data */
-+ len -= (offset - begin); /* Start slop */
-+ if (len > length)
-+ len = length;
-+ return len;
-+}
-+
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+unsigned int natt_available = 1;
-+#else
-+unsigned int natt_available = 0;
-+#endif
-+module_param(natt_available, int, 0444);
-+
-+IPSEC_PROCFS_DEBUG_NO_STATIC
-+int
-+ipsec_natt_get_info(char *buffer,
-+ char **start,
-+ off_t offset,
-+ int length IPSEC_PROC_LAST_ARG)
-+{
-+ int len = 0;
-+ off_t begin = 0;
-+
-+ len += ipsec_snprintf(buffer + len,
-+ length-len, "%d\n",
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ 1
-+#else
-+ 0
-+#endif
-+ );
-+
-+ *start = buffer + (offset - begin); /* Start of wanted data */
-+ len -= (offset - begin); /* Start slop */
-+ if (len > length)
-+ len = length;
-+ return len;
-+}
-+
-+IPSEC_PROCFS_DEBUG_NO_STATIC
-+int
-+ipsec_birth_info(char *page,
-+ char **start,
-+ off_t offset,
-+ int count,
-+ int *eof,
-+ void *data)
-+{
-+ struct ipsec_birth_reply *ibr = (struct ipsec_birth_reply *)data;
-+ int len;
-+
-+ if(offset >= ibr->packet_template_len) {
-+ if(eof) {
-+ *eof=1;
-+ }
-+ return 0;
-+ }
-+
-+ len = ibr->packet_template_len;
-+ len -= offset;
-+ if (len > count)
-+ len = count;
-+
-+ memcpy(page + offset, ibr->packet_template+offset, len);
-+
-+ return len;
-+}
-+
-+IPSEC_PROCFS_DEBUG_NO_STATIC
-+int
-+ipsec_birth_set(struct file *file, const char *buffer,
-+ unsigned long count, void *data)
-+{
-+ struct ipsec_birth_reply *ibr = (struct ipsec_birth_reply *)data;
-+ int len;
-+
-+ KLIPS_INC_USE;
-+ if(count > IPSEC_BIRTH_TEMPLATE_MAXLEN) {
-+ len = IPSEC_BIRTH_TEMPLATE_MAXLEN;
-+ } else {
-+ len = count;
-+ }
-+
-+ if(copy_from_user(ibr->packet_template, buffer, len)) {
-+ KLIPS_DEC_USE;
-+ return -EFAULT;
-+ }
-+ ibr->packet_template_len = len;
-+
-+ KLIPS_DEC_USE;
-+
-+ return len;
-+}
-+
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+IPSEC_PROCFS_DEBUG_NO_STATIC
-+int
-+ipsec_klipsdebug_get_info(char *buffer,
-+ char **start,
-+ off_t offset,
-+ int length IPSEC_PROC_LAST_ARG)
-+{
-+ int len = 0;
-+ off_t begin = 0;
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_PROCFS,
-+ "klips_debug:ipsec_klipsdebug_get_info: "
-+ "buffer=0p%p, *start=0p%p, offset=%d, length=%d\n",
-+ buffer,
-+ *start,
-+ (int)offset,
-+ length);
-+
-+ len += ipsec_snprintf(buffer+len, length-len, "debug_tunnel=%08x.\n", debug_tunnel);
-+ len += ipsec_snprintf(buffer+len, length-len, "debug_xform=%08x.\n", debug_xform);
-+ len += ipsec_snprintf(buffer+len, length-len, "debug_eroute=%08x.\n", debug_eroute);
-+ len += ipsec_snprintf(buffer+len, length-len, "debug_spi=%08x.\n", debug_spi);
-+ len += ipsec_snprintf(buffer+len, length-len, "debug_radij=%08x.\n", debug_radij);
-+ len += ipsec_snprintf(buffer+len, length-len, "debug_esp=%08x.\n", debug_esp);
-+ len += ipsec_snprintf(buffer+len, length-len, "debug_ah=%08x.\n", debug_ah);
-+ len += ipsec_snprintf(buffer+len, length-len, "debug_rcv=%08x.\n", debug_rcv);
-+ len += ipsec_snprintf(buffer+len, length-len, "debug_pfkey=%08x.\n", debug_pfkey);
-+
-+ *start = buffer + (offset - begin); /* Start of wanted data */
-+ len -= (offset - begin); /* Start slop */
-+ if (len > length)
-+ len = length;
-+ return len;
-+}
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+IPSEC_PROCFS_DEBUG_NO_STATIC
-+int
-+ipsec_stats_get_int_info(char *buffer,
-+ char **start,
-+ off_t offset,
-+ int length,
-+ int *eof,
-+ void *data)
-+{
-+
-+ const int max_content = length > 0? length-1 : 0;
-+ int len = 0;
-+ int *thing;
-+
-+ thing = (int *)data;
-+
-+ len = ipsec_snprintf(buffer+len, length-len, "%08x\n", *thing);
-+
-+ if (len >= max_content)
-+ len = max_content; /* truncate crap */
-+
-+ *start = buffer + offset; /* Start of wanted data */
-+ return len > offset? len - offset : 0;
-+
-+}
-+
-+#ifndef PROC_FS_2325
-+struct proc_dir_entry ipsec_eroute =
-+{
-+ 0,
-+ 12, "ipsec_eroute",
-+ S_IFREG | S_IRUGO, 1, 0, 0, 0,
-+ &proc_net_inode_operations,
-+ ipsec_eroute_get_info,
-+ NULL, NULL, NULL, NULL, NULL
-+};
-+
-+struct proc_dir_entry ipsec_spi =
-+{
-+ 0,
-+ 9, "ipsec_spi",
-+ S_IFREG | S_IRUGO, 1, 0, 0, 0,
-+ &proc_net_inode_operations,
-+ ipsec_spi_get_info,
-+ NULL, NULL, NULL, NULL, NULL
-+};
-+
-+struct proc_dir_entry ipsec_spigrp =
-+{
-+ 0,
-+ 12, "ipsec_spigrp",
-+ S_IFREG | S_IRUGO, 1, 0, 0, 0,
-+ &proc_net_inode_operations,
-+ ipsec_spigrp_get_info,
-+ NULL, NULL, NULL, NULL, NULL
-+};
-+
-+struct proc_dir_entry ipsec_tncfg =
-+{
-+ 0,
-+ 11, "ipsec_tncfg",
-+ S_IFREG | S_IRUGO, 1, 0, 0, 0,
-+ &proc_net_inode_operations,
-+ ipsec_tncfg_get_info,
-+ NULL, NULL, NULL, NULL, NULL
-+};
-+
-+struct proc_dir_entry ipsec_version =
-+{
-+ 0,
-+ 13, "ipsec_version",
-+ S_IFREG | S_IRUGO, 1, 0, 0, 0,
-+ &proc_net_inode_operations,
-+ ipsec_version_get_info,
-+ NULL, NULL, NULL, NULL, NULL
-+};
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+struct proc_dir_entry ipsec_klipsdebug =
-+{
-+ 0,
-+ 16, "ipsec_klipsdebug",
-+ S_IFREG | S_IRUGO, 1, 0, 0, 0,
-+ &proc_net_inode_operations,
-+ ipsec_klipsdebug_get_info,
-+ NULL, NULL, NULL, NULL, NULL
-+};
-+#endif /* CONFIG_KLIPS_DEBUG */
-+#endif /* !PROC_FS_2325 */
-+#endif /* CONFIG_PROC_FS */
-+
-+#if defined(PROC_FS_2325)
-+struct ipsec_proc_list {
-+ char *name;
-+ struct proc_dir_entry **parent;
-+ struct proc_dir_entry **dir;
-+ read_proc_t *readthing;
-+ write_proc_t *writething;
-+ void *data;
-+};
-+static struct ipsec_proc_list proc_items[]={
-+#ifdef CONFIG_KLIPS_DEBUG
-+ {"klipsdebug", &proc_net_ipsec_dir, NULL, ipsec_klipsdebug_get_info, NULL, NULL},
-+#endif
-+ {"eroute", &proc_net_ipsec_dir, &proc_eroute_dir, NULL, NULL, NULL},
-+ {"all", &proc_eroute_dir, NULL, ipsec_eroute_get_info, NULL, NULL},
-+ {"spi", &proc_net_ipsec_dir, &proc_spi_dir, NULL, NULL, NULL},
-+ {"all", &proc_spi_dir, NULL, ipsec_spi_get_info, NULL, NULL},
-+ {"spigrp", &proc_net_ipsec_dir, &proc_spigrp_dir, NULL, NULL, NULL},
-+ {"all", &proc_spigrp_dir, NULL, ipsec_spigrp_get_info, NULL, NULL},
-+ {"birth", &proc_net_ipsec_dir, &proc_birth_dir, NULL, NULL, NULL},
-+ {"ipv4", &proc_birth_dir, NULL, ipsec_birth_info, ipsec_birth_set, (void *)&ipsec_ipv4_birth_packet},
-+ {"ipv6", &proc_birth_dir, NULL, ipsec_birth_info, ipsec_birth_set, (void *)&ipsec_ipv6_birth_packet},
-+ {"tncfg", &proc_net_ipsec_dir, NULL, ipsec_tncfg_get_info, NULL, NULL},
-+ {"xforms", &proc_net_ipsec_dir, NULL, ipsec_xform_get_info, NULL, NULL},
-+ {"stats", &proc_net_ipsec_dir, &proc_stats_dir, NULL, NULL, NULL},
-+ {"trap_count", &proc_stats_dir, NULL, ipsec_stats_get_int_info, NULL, &ipsec_xmit_trap_count},
-+ {"trap_sendcount", &proc_stats_dir, NULL, ipsec_stats_get_int_info, NULL, &ipsec_xmit_trap_sendcount},
-+ {"version", &proc_net_ipsec_dir, NULL, ipsec_version_get_info, NULL, NULL},
-+ {NULL, NULL, NULL, NULL, NULL, NULL}
-+};
-+#endif
-+
-+int
-+ipsec_proc_init()
-+{
-+ int error = 0;
-+#ifdef IPSEC_PROC_SUBDIRS
-+ struct proc_dir_entry *item;
-+#endif
-+
-+ /*
-+ * just complain because pluto won't run without /proc!
-+ */
-+#ifndef CONFIG_PROC_FS
-+#error You must have PROC_FS built in to use KLIPS
-+#endif
-+
-+ /* for 2.0 kernels */
-+#if !defined(PROC_FS_2325) && !defined(PROC_FS_21)
-+ error |= proc_register_dynamic(&proc_net, &ipsec_eroute);
-+ error |= proc_register_dynamic(&proc_net, &ipsec_spi);
-+ error |= proc_register_dynamic(&proc_net, &ipsec_spigrp);
-+ error |= proc_register_dynamic(&proc_net, &ipsec_tncfg);
-+ error |= proc_register_dynamic(&proc_net, &ipsec_version);
-+#ifdef CONFIG_KLIPS_DEBUG
-+ error |= proc_register_dynamic(&proc_net, &ipsec_klipsdebug);
-+#endif /* CONFIG_KLIPS_DEBUG */
-+#endif
-+
-+ /* for 2.2 kernels */
-+#if !defined(PROC_FS_2325) && defined(PROC_FS_21)
-+ error |= proc_register(proc_net, &ipsec_eroute);
-+ error |= proc_register(proc_net, &ipsec_spi);
-+ error |= proc_register(proc_net, &ipsec_spigrp);
-+ error |= proc_register(proc_net, &ipsec_tncfg);
-+ error |= proc_register(proc_net, &ipsec_version);
-+#ifdef CONFIG_KLIPS_DEBUG
-+ error |= proc_register(proc_net, &ipsec_klipsdebug);
-+#endif /* CONFIG_KLIPS_DEBUG */
-+#endif
-+
-+ /* for 2.4 kernels */
-+#if defined(PROC_FS_2325)
-+ /* create /proc/net/ipsec */
-+
-+ /* zero these out before we initialize /proc/net/ipsec/birth/stuff */
-+ memset(&ipsec_ipv4_birth_packet, 0, sizeof(struct ipsec_birth_reply));
-+ memset(&ipsec_ipv6_birth_packet, 0, sizeof(struct ipsec_birth_reply));
-+
-+ proc_net_ipsec_dir = proc_mkdir("ipsec", proc_net);
-+ if(proc_net_ipsec_dir == NULL) {
-+ /* no point in continuing */
-+ return 1;
-+ }
-+
-+ {
-+ struct ipsec_proc_list *it;
-+
-+ it=proc_items;
-+ while(it->name!=NULL) {
-+ if(it->dir) {
-+ /* make a dir instead */
-+ item = proc_mkdir(it->name, *it->parent);
-+ *it->dir = item;
-+ } else {
-+ item = create_proc_entry(it->name, 0400, *it->parent);
-+ }
-+ if(item) {
-+ item->read_proc = it->readthing;
-+ item->write_proc = it->writething;
-+ item->data = it->data;
-+#ifdef MODULE
-+ item->owner = THIS_MODULE;
-+#endif
-+ } else {
-+ error |= 1;
-+ }
-+ it++;
-+ }
-+ }
-+
-+ /* now create some symlinks to provide compatibility */
-+ proc_symlink("ipsec_eroute", proc_net, "ipsec/eroute/all");
-+ proc_symlink("ipsec_spi", proc_net, "ipsec/spi/all");
-+ proc_symlink("ipsec_spigrp", proc_net, "ipsec/spigrp/all");
-+ proc_symlink("ipsec_tncfg", proc_net, "ipsec/tncfg");
-+ proc_symlink("ipsec_version",proc_net, "ipsec/version");
-+ proc_symlink("ipsec_klipsdebug",proc_net,"ipsec/klipsdebug");
-+
-+#endif /* !PROC_FS_2325 */
-+
-+ return error;
-+}
-+
-+void
-+ipsec_proc_cleanup()
-+{
-+
-+ /* for 2.0 and 2.2 kernels */
-+#if !defined(PROC_FS_2325)
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if (proc_net_unregister(ipsec_klipsdebug.low_ino) != 0)
-+ printk("klips_debug:ipsec_cleanup: "
-+ "cannot unregister /proc/net/ipsec_klipsdebug\n");
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ if (proc_net_unregister(ipsec_version.low_ino) != 0)
-+ printk("klips_debug:ipsec_cleanup: "
-+ "cannot unregister /proc/net/ipsec_version\n");
-+ if (proc_net_unregister(ipsec_eroute.low_ino) != 0)
-+ printk("klips_debug:ipsec_cleanup: "
-+ "cannot unregister /proc/net/ipsec_eroute\n");
-+ if (proc_net_unregister(ipsec_spi.low_ino) != 0)
-+ printk("klips_debug:ipsec_cleanup: "
-+ "cannot unregister /proc/net/ipsec_spi\n");
-+ if (proc_net_unregister(ipsec_spigrp.low_ino) != 0)
-+ printk("klips_debug:ipsec_cleanup: "
-+ "cannot unregister /proc/net/ipsec_spigrp\n");
-+ if (proc_net_unregister(ipsec_tncfg.low_ino) != 0)
-+ printk("klips_debug:ipsec_cleanup: "
-+ "cannot unregister /proc/net/ipsec_tncfg\n");
-+#endif
-+
-+ /* for 2.4 kernels */
-+#if defined(PROC_FS_2325)
-+ {
-+ struct ipsec_proc_list *it;
-+
-+ /* find end of list */
-+ it=proc_items;
-+ while(it->name!=NULL) {
-+ it++;
-+ }
-+ it--;
-+
-+ do {
-+ remove_proc_entry(it->name, *it->parent);
-+ it--;
-+ } while(it >= proc_items);
-+ }
-+
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ remove_proc_entry("ipsec_klipsdebug", proc_net);
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ remove_proc_entry("ipsec_eroute", proc_net);
-+ remove_proc_entry("ipsec_spi", proc_net);
-+ remove_proc_entry("ipsec_spigrp", proc_net);
-+ remove_proc_entry("ipsec_tncfg", proc_net);
-+ remove_proc_entry("ipsec_version", proc_net);
-+ remove_proc_entry("ipsec", proc_net);
-+#endif /* 2.4 kernel */
-+}
-+
-+/*
-+ * $Log: ipsec_proc.c,v $
-+ * Revision 1.39.2.4 2006/11/15 22:21:39 paul
-+ * backport of creating a /sys/ file to test for nat-t capability in kernel.
-+ *
-+ * Revision 1.39.2.3 2006/10/06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.39.2.2 2006/02/13 18:48:12 paul
-+ * Fix by Ankit Desai <ankit@elitecore.com> for module unloading.
-+ *
-+ * Revision 1.39.2.1 2005/09/07 00:45:59 paul
-+ * pull up of mcr's nat-t klips detection patch from head
-+ *
-+ * Revision 1.39 2005/05/20 03:19:18 mcr
-+ * modifications for use on 2.4.30 kernel, with backported
-+ * printk_ratelimit(). all warnings removed.
-+ *
-+ * Revision 1.38 2005/04/29 05:10:22 mcr
-+ * removed from extraenous includes to make unit testing easier.
-+ *
-+ * Revision 1.37 2005/04/13 22:49:49 mcr
-+ * moved KLIPS specific snprintf() wrapper to seperate file.
-+ *
-+ * Revision 1.36 2005/04/06 17:44:36 mcr
-+ * when NAT-T is compiled out, show encap as "NA"
-+ *
-+ * Revision 1.35 2005/01/26 00:50:35 mcr
-+ * adjustment of confusion of CONFIG_IPSEC_NAT vs CONFIG_KLIPS_NAT,
-+ * and make sure that NAT_TRAVERSAL is set as well to match
-+ * userspace compiles of code.
-+ *
-+ * Revision 1.34 2004/12/03 21:25:57 mcr
-+ * compile time fixes for running on 2.6.
-+ * still experimental.
-+ *
-+ * Revision 1.33 2004/08/17 03:27:23 mcr
-+ * klips 2.6 edits.
-+ *
-+ * Revision 1.32 2004/08/03 18:19:08 mcr
-+ * in 2.6, use "net_device" instead of #define device->net_device.
-+ * this probably breaks 2.0 compiles.
-+ *
-+ * Revision 1.31 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.30 2004/04/25 21:23:11 ken
-+ * Pull in dhr's changes from FreeS/WAN 2.06
-+ *
-+ * Revision 1.29 2004/04/06 02:49:26 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.28 2004/03/28 20:29:58 paul
-+ * <hugh_> ssize_t, not ssized_t
-+ *
-+ * Revision 1.27 2004/03/28 20:27:20 paul
-+ * Included tested and confirmed fixes mcr made and dhr verified for
-+ * snprint statements. Changed one other snprintf to use ipsec_snprintf
-+ * so it wouldnt break compatibility with 2.0/2.2 kernels. Verified with
-+ * dhr. (thanks dhr!)
-+ *
-+ * Revision 1.26 2004/02/09 22:07:06 mcr
-+ * added information about nat-traversal setting to spi-output.
-+ *
-+ * Revision 1.25.4.1 2004/04/05 04:30:46 mcr
-+ * patches for alg-branch to compile/work with 2.x openswan
-+ *
-+ * Revision 1.25 2003/10/31 02:27:55 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.24.4.1 2003/10/29 01:30:41 mcr
-+ * elimited "struct sa_id".
-+ *
-+ * Revision 1.24 2003/06/20 01:42:21 mcr
-+ * added counters to measure how many ACQUIREs we send to pluto,
-+ * and how many are successfully sent.
-+ *
-+ * Revision 1.23 2003/04/03 17:38:09 rgb
-+ * Centralised ipsec_kfree_skb and ipsec_dev_{get,put}.
-+ *
-+ * Revision 1.22 2002/09/20 15:40:57 rgb
-+ * Renamed saref macros for consistency and brevity.
-+ *
-+ * Revision 1.21 2002/09/20 05:01:35 rgb
-+ * Print ref and reftable, refentry seperately.
-+ *
-+ * Revision 1.20 2002/09/19 02:35:39 mcr
-+ * do not define structures needed by /proc/net/ipsec/ if we
-+ * aren't going create that directory.
-+ *
-+ * Revision 1.19 2002/09/10 01:43:25 mcr
-+ * fixed problem in /-* comment.
-+ *
-+ * Revision 1.18 2002/09/03 16:22:11 mcr
-+ * fixed initialization of birth/stuff values - some simple
-+ * screw ups in the code.
-+ * removed debugging that was left in by mistake.
-+ *
-+ * Revision 1.17 2002/09/02 17:54:53 mcr
-+ * changed how the table driven /proc entries are created so that
-+ * making subdirs is now explicit rather than implicit.
-+ *
-+ * Revision 1.16 2002/08/30 01:23:37 mcr
-+ * reorganized /proc creating code to clear up ifdefs,
-+ * make the 2.4 code table driven, and put things into
-+ * /proc/net/ipsec subdir. Symlinks are left for compatibility.
-+ *
-+ * Revision 1.15 2002/08/13 19:01:25 mcr
-+ * patches from kenb to permit compilation of FreeSWAN on ia64.
-+ * des library patched to use proper DES_LONG type for ia64.
-+ *
-+ * Revision 1.14 2002/07/26 08:48:31 rgb
-+ * Added SA ref table code.
-+ *
-+ * Revision 1.13 2002/07/24 18:44:54 rgb
-+ * Type fiddling to tame ia64 compiler.
-+ *
-+ * Revision 1.12 2002/05/27 18:56:07 rgb
-+ * Convert to dynamic ipsec device allocation.
-+ *
-+ * Revision 1.11 2002/05/23 07:14:50 rgb
-+ * Added refcount code.
-+ * Cleaned up %p variants to 0p%p for test suite cleanup.
-+ * Convert "usecount" to "refcount" to remove ambiguity.
-+ *
-+ * Revision 1.10 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.9 2002/04/24 07:36:28 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_proc.c,v
-+ *
-+ * Revision 1.8 2002/01/29 17:17:55 mcr
-+ * moved include of ipsec_param.h to after include of linux/kernel.h
-+ * otherwise, it seems that some option that is set in ipsec_param.h
-+ * screws up something subtle in the include path to kernel.h, and
-+ * it complains on the snprintf() prototype.
-+ *
-+ * Revision 1.7 2002/01/29 04:00:52 mcr
-+ * more excise of kversions.h header.
-+ *
-+ * Revision 1.6 2002/01/29 02:13:17 mcr
-+ * introduction of ipsec_kversion.h means that include of
-+ * ipsec_param.h must preceed any decisions about what files to
-+ * include to deal with differences in kernel source.
-+ *
-+ * Revision 1.5 2002/01/12 02:54:30 mcr
-+ * beginnings of /proc/net/ipsec dir.
-+ *
-+ * Revision 1.4 2001/12/11 02:21:05 rgb
-+ * Don't include module version here, fixing 2.2 compile bug.
-+ *
-+ * Revision 1.3 2001/12/05 07:19:44 rgb
-+ * Fixed extraneous #include "version.c" bug causing modular KLIPS failure.
-+ *
-+ * Revision 1.2 2001/11/26 09:16:14 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.74 2001/11/22 05:44:11 henry
-+ * new version stuff
-+ *
-+ * Revision 1.1.2.1 2001/09/25 02:19:40 mcr
-+ * /proc manipulation code moved to new ipsec_proc.c
-+ *
-+ *
-+ * Local variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_radij.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,889 @@
-+/*
-+ * Interface between the IPSEC code and the radix (radij) tree code
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998, 1999, 2000, 2001 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_radij.c,v 1.73.2.1 2006/10/06 21:39:26 paul Exp $
-+ */
-+
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "openswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/interrupt.h> /* mark_bh */
-+
-+#include <linux/netdevice.h> /* struct device, struct net_device_stats and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+#include <linux/skbuff.h>
-+#include <openswan.h>
-+#ifdef SPINLOCK
-+# ifdef SPINLOCK_23
-+# include <linux/spinlock.h> /* *lock* */
-+# else /* 23_SPINLOCK */
-+# include <asm/spinlock.h> /* *lock* */
-+# endif /* 23_SPINLOCK */
-+#endif /* SPINLOCK */
-+
-+#include <net/ip.h>
-+
-+#include "openswan/ipsec_eroute.h"
-+#include "openswan/ipsec_sa.h"
-+
-+#include "openswan/radij.h"
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/radij.h"
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_radij.h"
-+#include "openswan/ipsec_tunnel.h" /* struct ipsecpriv */
-+#include "openswan/ipsec_xform.h"
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+#include "openswan/ipsec_proto.h"
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+int debug_radij = 0;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+struct radij_node_head *rnh = NULL;
-+#ifdef SPINLOCK
-+spinlock_t eroute_lock = SPIN_LOCK_UNLOCKED;
-+#else /* SPINLOCK */
-+spinlock_t eroute_lock;
-+#endif /* SPINLOCK */
-+
-+int
-+ipsec_radijinit(void)
-+{
-+ maj_keylen = sizeof (struct sockaddr_encap);
-+
-+ rj_init();
-+
-+ if (rj_inithead((void **)&rnh, /*16*/offsetof(struct sockaddr_encap, sen_type) * sizeof(__u8)) == 0) /* 16 is bit offset of sen_type */
-+ return -1;
-+ return 0;
-+}
-+
-+int
-+ipsec_radijcleanup(void)
-+{
-+ int error;
-+
-+ spin_lock_bh(&eroute_lock);
-+
-+ error = radijcleanup();
-+
-+ spin_unlock_bh(&eroute_lock);
-+
-+ return error;
-+}
-+
-+int
-+ipsec_cleareroutes(void)
-+{
-+ int error;
-+
-+ spin_lock_bh(&eroute_lock);
-+
-+ error = radijcleartree();
-+
-+ spin_unlock_bh(&eroute_lock);
-+
-+ return error;
-+}
-+
-+int
-+ipsec_breakroute(struct sockaddr_encap *eaddr,
-+ struct sockaddr_encap *emask,
-+ struct sk_buff **first,
-+ struct sk_buff **last)
-+{
-+ struct eroute *ro;
-+ struct radij_node *rn;
-+ int error;
-+#ifdef CONFIG_KLIPS_DEBUG
-+
-+ if (debug_eroute) {
-+ char buf1[SUBNETTOA_BUF], buf2[SUBNETTOA_BUF];
-+ subnettoa(eaddr->sen_ip_src, emask->sen_ip_src, 0, buf1, sizeof(buf1));
-+ subnettoa(eaddr->sen_ip_dst, emask->sen_ip_dst, 0, buf2, sizeof(buf2));
-+ KLIPS_PRINT(debug_eroute,
-+ "klips_debug:ipsec_breakroute: "
-+ "attempting to delete eroute for %s:%d->%s:%d %d\n",
-+ buf1, ntohs(eaddr->sen_sport),
-+ buf2, ntohs(eaddr->sen_dport), eaddr->sen_proto);
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ spin_lock_bh(&eroute_lock);
-+
-+ if ((error = rj_delete(eaddr, emask, rnh, &rn)) != 0) {
-+ spin_unlock_bh(&eroute_lock);
-+ KLIPS_PRINT(debug_eroute,
-+ "klips_debug:ipsec_breakroute: "
-+ "node not found, eroute delete failed.\n");
-+ return error;
-+ }
-+
-+ spin_unlock_bh(&eroute_lock);
-+
-+ ro = (struct eroute *)rn;
-+
-+ KLIPS_PRINT(debug_eroute,
-+ "klips_debug:ipsec_breakroute: "
-+ "deleted eroute=0p%p, ident=0p%p->0p%p, first=0p%p, last=0p%p\n",
-+ ro,
-+ ro->er_ident_s.data,
-+ ro->er_ident_d.data,
-+ ro->er_first,
-+ ro->er_last);
-+
-+ if (ro->er_ident_s.data != NULL) {
-+ kfree(ro->er_ident_s.data);
-+ }
-+ if (ro->er_ident_d.data != NULL) {
-+ kfree(ro->er_ident_d.data);
-+ }
-+ if (ro->er_first != NULL) {
-+#if 0
-+ struct net_device_stats *stats = (struct net_device_stats *) &(((struct ipsecpriv *)(ro->er_first->dev->priv))->mystats);
-+ stats->tx_dropped--;
-+#endif
-+ *first = ro->er_first;
-+ }
-+ if (ro->er_last != NULL) {
-+#if 0
-+ struct net_device_stats *stats = (struct net_device_stats *) &(((struct ipsecpriv *)(ro->er_last->dev->priv))->mystats);
-+ stats->tx_dropped--;
-+#endif
-+ *last = ro->er_last;
-+ }
-+
-+ if (rn->rj_flags & (RJF_ACTIVE | RJF_ROOT))
-+ panic ("ipsec_breakroute RMT_DELEROUTE root or active node\n");
-+ memset((caddr_t)rn, 0, sizeof (struct eroute));
-+ kfree(rn);
-+
-+ return 0;
-+}
-+
-+int
-+ipsec_makeroute(struct sockaddr_encap *eaddr,
-+ struct sockaddr_encap *emask,
-+ ip_said said,
-+ uint32_t pid,
-+ struct sk_buff *skb,
-+ struct ident *ident_s,
-+ struct ident *ident_d)
-+{
-+ struct eroute *retrt;
-+ int error;
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+
-+ if (debug_eroute) {
-+
-+ {
-+ char buf1[SUBNETTOA_BUF], buf2[SUBNETTOA_BUF];
-+
-+ subnettoa(eaddr->sen_ip_src, emask->sen_ip_src, 0, buf1, sizeof(buf1));
-+ subnettoa(eaddr->sen_ip_dst, emask->sen_ip_dst, 0, buf2, sizeof(buf2));
-+ sa_len = satot(&said, 0, sa, sizeof(sa));
-+ KLIPS_PRINT(debug_eroute,
-+ "klips_debug:ipsec_makeroute: "
-+ "attempting to allocate %lu bytes to insert eroute for %s->%s, SA: %s, PID:%d, skb=0p%p, ident:%s->%s\n",
-+ (unsigned long) sizeof(struct eroute),
-+ buf1,
-+ buf2,
-+ sa_len ? sa : " (error)",
-+ pid,
-+ skb,
-+ (ident_s ? (ident_s->data ? ident_s->data : "NULL") : "NULL"),
-+ (ident_d ? (ident_d->data ? ident_d->data : "NULL") : "NULL"));
-+ }
-+ {
-+ char buf1[sizeof(struct sockaddr_encap)*2 + 1],
-+ buf2[sizeof(struct sockaddr_encap)*2 + 1];
-+ int i;
-+ unsigned char *b1 = buf1,
-+ *b2 = buf2,
-+ *ea = (unsigned char *)eaddr,
-+ *em = (unsigned char *)emask;
-+
-+
-+ for (i=0; i<sizeof(struct sockaddr_encap); i++) {
-+ sprintf(b1, "%02x", ea[i]);
-+ sprintf(b2, "%02x", em[i]);
-+ b1+=2;
-+ b2+=2;
-+ }
-+ KLIPS_PRINT(debug_eroute, "klips_debug:ipsec_makeroute: %s / %s \n", buf1, buf2);
-+ }
-+
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ retrt = (struct eroute *)kmalloc(sizeof (struct eroute), GFP_ATOMIC);
-+ if (retrt == NULL) {
-+ printk("klips_error:ipsec_makeroute: "
-+ "not able to allocate kernel memory");
-+ return -ENOMEM;
-+ }
-+ memset((caddr_t)retrt, 0, sizeof (struct eroute));
-+
-+ retrt->er_eaddr = *eaddr;
-+ retrt->er_emask = *emask;
-+ retrt->er_said = said;
-+ retrt->er_pid = pid;
-+ retrt->er_count = 0;
-+ retrt->er_lasttime = jiffies/HZ;
-+
-+ {
-+ /* this is because gcc 3. doesn't like cast's as lvalues */
-+ struct rjtentry *rje = (struct rjtentry *)&(retrt->er_rjt);
-+ caddr_t er = (caddr_t)&(retrt->er_eaddr);
-+
-+ rje->rd_nodes->rj_key= er;
-+ }
-+
-+ if (ident_s && ident_s->type != SADB_IDENTTYPE_RESERVED) {
-+ int data_len = ident_s->len * IPSEC_PFKEYv2_ALIGN - sizeof(struct sadb_ident);
-+
-+ retrt->er_ident_s.type = ident_s->type;
-+ retrt->er_ident_s.id = ident_s->id;
-+ retrt->er_ident_s.len = ident_s->len;
-+ if(data_len) {
-+ KLIPS_PRINT(debug_eroute,
-+ "klips_debug:ipsec_makeroute: "
-+ "attempting to allocate %u bytes for ident_s.\n",
-+ data_len);
-+ if(!(retrt->er_ident_s.data = kmalloc(data_len, GFP_KERNEL))) {
-+ kfree(retrt);
-+ printk("klips_error:ipsec_makeroute: not able to allocate kernel memory (%d)\n", data_len);
-+ return ENOMEM;
-+ }
-+ memcpy(retrt->er_ident_s.data, ident_s->data, data_len);
-+ } else {
-+ retrt->er_ident_s.data = NULL;
-+ }
-+ }
-+
-+ if (ident_d && ident_d->type != SADB_IDENTTYPE_RESERVED) {
-+ int data_len = ident_d->len * IPSEC_PFKEYv2_ALIGN - sizeof(struct sadb_ident);
-+
-+ retrt->er_ident_d.type = ident_d->type;
-+ retrt->er_ident_d.id = ident_d->id;
-+ retrt->er_ident_d.len = ident_d->len;
-+ if(data_len) {
-+ KLIPS_PRINT(debug_eroute,
-+ "klips_debug:ipsec_makeroute: "
-+ "attempting to allocate %u bytes for ident_d.\n",
-+ data_len);
-+ if(!(retrt->er_ident_d.data = kmalloc(data_len, GFP_KERNEL))) {
-+ if (retrt->er_ident_s.data)
-+ kfree(retrt->er_ident_s.data);
-+ kfree(retrt);
-+ printk("klips_error:ipsec_makeroute: not able to allocate kernel memory (%d)\n", data_len);
-+ return ENOMEM;
-+ }
-+ memcpy(retrt->er_ident_d.data, ident_d->data, data_len);
-+ } else {
-+ retrt->er_ident_d.data = NULL;
-+ }
-+ }
-+ retrt->er_first = skb;
-+ retrt->er_last = NULL;
-+
-+ KLIPS_PRINT(debug_eroute,
-+ "klips_debug:ipsec_makeroute: "
-+ "calling rj_addroute now\n");
-+
-+ spin_lock_bh(&eroute_lock);
-+
-+ error = rj_addroute(&(retrt->er_eaddr), &(retrt->er_emask),
-+ rnh, retrt->er_rjt.rd_nodes);
-+
-+ spin_unlock_bh(&eroute_lock);
-+
-+ if(error) {
-+ sa_len = satot(&said, 0, sa, sizeof(sa));
-+ KLIPS_PRINT(debug_eroute,
-+ "klips_debug:ipsec_makeroute: "
-+ "rj_addroute not able to insert eroute for SA:%s (error:%d)\n",
-+ sa_len ? sa : " (error)", error);
-+ if (retrt->er_ident_s.data)
-+ kfree(retrt->er_ident_s.data);
-+ if (retrt->er_ident_d.data)
-+ kfree(retrt->er_ident_d.data);
-+
-+ kfree(retrt);
-+
-+ return error;
-+ }
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if (debug_eroute) {
-+ char buf1[SUBNETTOA_BUF], buf2[SUBNETTOA_BUF];
-+/*
-+ subnettoa(eaddr->sen_ip_src, emask->sen_ip_src, 0, buf1, sizeof(buf1));
-+ subnettoa(eaddr->sen_ip_dst, emask->sen_ip_dst, 0, buf2, sizeof(buf2));
-+*/
-+ subnettoa(rd_key((&(retrt->er_rjt)))->sen_ip_src, rd_mask((&(retrt->er_rjt)))->sen_ip_src, 0, buf1, sizeof(buf1));
-+ subnettoa(rd_key((&(retrt->er_rjt)))->sen_ip_dst, rd_mask((&(retrt->er_rjt)))->sen_ip_dst, 0, buf2, sizeof(buf2));
-+ sa_len = satot(&retrt->er_said, 0, sa, sizeof(sa));
-+
-+ KLIPS_PRINT(debug_eroute,
-+ "klips_debug:ipsec_makeroute: "
-+ "pid=%05d "
-+ "count=%10d "
-+ "lasttime=%6d "
-+ "%-18s -> %-18s => %s\n",
-+ retrt->er_pid,
-+ retrt->er_count,
-+ (int)(jiffies/HZ - retrt->er_lasttime),
-+ buf1,
-+ buf2,
-+ sa_len ? sa : " (error)");
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ KLIPS_PRINT(debug_eroute,
-+ "klips_debug:ipsec_makeroute: "
-+ "succeeded.\n");
-+ return 0;
-+}
-+
-+struct eroute *
-+ipsec_findroute(struct sockaddr_encap *eaddr)
-+{
-+ struct radij_node *rn;
-+#ifdef CONFIG_KLIPS_DEBUG
-+ char buf1[ADDRTOA_BUF], buf2[ADDRTOA_BUF];
-+
-+ if (debug_radij & DB_RJ_FINDROUTE) {
-+ addrtoa(eaddr->sen_ip_src, 0, buf1, sizeof(buf1));
-+ addrtoa(eaddr->sen_ip_dst, 0, buf2, sizeof(buf2));
-+ KLIPS_PRINT(debug_eroute,
-+ "klips_debug:ipsec_findroute: "
-+ "%s:%d->%s:%d %d\n",
-+ buf1, ntohs(eaddr->sen_sport),
-+ buf2, ntohs(eaddr->sen_dport),
-+ eaddr->sen_proto);
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ rn = rj_match((caddr_t)eaddr, rnh);
-+ if(rn) {
-+ KLIPS_PRINT(debug_eroute && sysctl_ipsec_debug_verbose,
-+ "klips_debug:ipsec_findroute: "
-+ "found, points to proto=%d, spi=%x, dst=%x.\n",
-+ ((struct eroute*)rn)->er_said.proto,
-+ ntohl(((struct eroute*)rn)->er_said.spi),
-+ ntohl(((struct eroute*)rn)->er_said.dst.u.v4.sin_addr.s_addr));
-+ }
-+ return (struct eroute *)rn;
-+}
-+
-+#ifdef CONFIG_PROC_FS
-+/** ipsec_rj_walker_procprint: print one line of eroute table output.
-+ *
-+ * Theoretical BUG: if w->length is less than the length
-+ * of some line we should produce, that line will never
-+ * be finished. In effect, the "file" will stop part way
-+ * through that line.
-+ */
-+int
-+ipsec_rj_walker_procprint(struct radij_node *rn, void *w0)
-+{
-+ struct eroute *ro = (struct eroute *)rn;
-+ struct rjtentry *rd = (struct rjtentry *)rn;
-+ struct wsbuf *w = (struct wsbuf *)w0;
-+ char buf1[SUBNETTOA_BUF], buf2[SUBNETTOA_BUF];
-+ char buf3[16];
-+ char sa[SATOT_BUF];
-+ size_t sa_len, buf_len;
-+ struct sockaddr_encap *key, *mask;
-+
-+ KLIPS_PRINT(debug_radij,
-+ "klips_debug:ipsec_rj_walker_procprint: "
-+ "rn=0p%p, w0=0p%p\n",
-+ rn,
-+ w0);
-+ if (rn->rj_b >= 0) {
-+ return 0;
-+ }
-+
-+ key = rd_key(rd);
-+ mask = rd_mask(rd);
-+
-+ if (key == NULL || mask == NULL) {
-+ return 0;
-+ }
-+
-+ buf_len = subnettoa(key->sen_ip_src, mask->sen_ip_src, 0, buf1, sizeof(buf1));
-+ if(key->sen_sport != 0) {
-+ sprintf(buf1+buf_len-1, ":%d", ntohs(key->sen_sport));
-+ }
-+
-+ buf_len = subnettoa(key->sen_ip_dst, mask->sen_ip_dst, 0, buf2, sizeof(buf2));
-+ if(key->sen_dport != 0) {
-+ sprintf(buf2+buf_len-1, ":%d", ntohs(key->sen_dport));
-+ }
-+
-+ buf3[0]='\0';
-+ if(key->sen_proto != 0) {
-+ sprintf(buf3, ":%d", key->sen_proto);
-+ }
-+
-+ sa_len = satot(&ro->er_said, 'x', sa, sizeof(sa));
-+ w->len += ipsec_snprintf(w->buffer + w->len,
-+ w->length - w->len,
-+ "%-10d "
-+ "%-18s -> %-18s => %s%s\n",
-+ ro->er_count,
-+ buf1,
-+ buf2,
-+ sa_len ? sa : " (error)",
-+ buf3);
-+
-+ {
-+ /* snprintf can only fill the last character with NUL
-+ * so the maximum useful character is w->length-1.
-+ * However, if w->length == 0, we cannot go back.
-+ * (w->length surely cannot be negative.)
-+ */
-+ int max_content = w->length > 0? w->length-1 : 0;
-+
-+ if (w->len >= max_content) {
-+ /* we've done all that can fit -- stop treewalking */
-+ w->len = max_content; /* truncate crap */
-+ return -ENOBUFS;
-+ } else {
-+ const off_t pos = w->begin + w->len; /* file position of end of what we've generated */
-+
-+ if (pos <= w->offset) {
-+ /* all is before first interesting character:
-+ * discard, but note where we are.
-+ */
-+ w->len = 0;
-+ w->begin = pos;
-+ }
-+ return 0;
-+ }
-+ }
-+}
-+#endif /* CONFIG_PROC_FS */
-+
-+int
-+ipsec_rj_walker_delete(struct radij_node *rn, void *w0)
-+{
-+ struct eroute *ro;
-+ struct rjtentry *rd = (struct rjtentry *)rn;
-+ struct radij_node *rn2;
-+ int error;
-+ struct sockaddr_encap *key, *mask;
-+
-+ key = rd_key(rd);
-+ mask = rd_mask(rd);
-+
-+ if(!key || !mask) {
-+ return -ENODATA;
-+ }
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(debug_radij) {
-+ char buf1[SUBNETTOA_BUF], buf2[SUBNETTOA_BUF];
-+ subnettoa(key->sen_ip_src, mask->sen_ip_src, 0, buf1, sizeof(buf1));
-+ subnettoa(key->sen_ip_dst, mask->sen_ip_dst, 0, buf2, sizeof(buf2));
-+ KLIPS_PRINT(debug_radij,
-+ "klips_debug:ipsec_rj_walker_delete: "
-+ "deleting: %s -> %s\n",
-+ buf1,
-+ buf2);
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ if((error = rj_delete(key, mask, rnh, &rn2))) {
-+ KLIPS_PRINT(debug_radij,
-+ "klips_debug:ipsec_rj_walker_delete: "
-+ "rj_delete failed with error=%d.\n", error);
-+ return error;
-+ }
-+
-+ if(rn2 != rn) {
-+ printk("klips_debug:ipsec_rj_walker_delete: "
-+ "tried to delete a different node?!? This should never happen!\n");
-+ }
-+
-+ ro = (struct eroute *)rn;
-+
-+ if (ro->er_ident_s.data)
-+ kfree(ro->er_ident_s.data);
-+ if (ro->er_ident_d.data)
-+ kfree(ro->er_ident_d.data);
-+
-+ memset((caddr_t)rn, 0, sizeof (struct eroute));
-+ kfree(rn);
-+
-+ return 0;
-+}
-+
-+/*
-+ * $Log: ipsec_radij.c,v $
-+ * Revision 1.73.2.1 2006/10/06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.73 2005/04/29 05:10:22 mcr
-+ * removed from extraenous includes to make unit testing easier.
-+ *
-+ * Revision 1.72 2004/12/03 21:25:57 mcr
-+ * compile time fixes for running on 2.6.
-+ * still experimental.
-+ *
-+ * Revision 1.71 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.70 2004/04/25 21:10:52 ken
-+ * Pull in dhr's changes from FreeS/WAN 2.06
-+ *
-+ * Revision 1.69 2004/04/06 02:49:26 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.68 2004/03/28 20:27:20 paul
-+ * Included tested and confirmed fixes mcr made and dhr verified for
-+ * snprint statements. Changed one other snprintf to use ipsec_snprintf
-+ * so it wouldnt break compatibility with 2.0/2.2 kernels. Verified with
-+ * dhr. (thanks dhr!)
-+ *
-+ * Revision 1.67.4.1 2004/04/05 04:30:46 mcr
-+ * patches for alg-branch to compile/work with 2.x openswan
-+ *
-+ * Revision 1.67 2003/10/31 02:27:55 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.66.24.2 2003/10/29 01:30:41 mcr
-+ * elimited "struct sa_id".
-+ *
-+ * Revision 1.66.24.1 2003/09/21 13:59:56 mcr
-+ * pre-liminary X.509 patch - does not yet pass tests.
-+ *
-+ * Revision 1.66 2002/10/12 23:11:53 dhr
-+ *
-+ * [KenB + DHR] more 64-bit cleanup
-+ *
-+ * Revision 1.65 2002/09/20 05:01:40 rgb
-+ * Added memory allocation debugging.
-+ *
-+ * Revision 1.64 2002/05/31 01:46:05 mcr
-+ * added && sysctl_ipsec_debug_verbose verbose to ipsec_findroute
-+ * as requested in PR#14.
-+ *
-+ * Revision 1.63 2002/05/23 07:14:11 rgb
-+ * Cleaned up %p variants to 0p%p for test suite cleanup.
-+ *
-+ * Revision 1.62 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.61 2002/04/24 07:36:29 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_radij.c,v
-+ *
-+ * Revision 1.60 2002/02/19 23:59:45 rgb
-+ * Removed redundant compiler directives.
-+ *
-+ * Revision 1.59 2002/02/06 04:13:47 mcr
-+ * missing #ifdef CONFIG_IPSEC_DEBUG.
-+ *
-+ * Revision 1.58 2002/01/29 17:17:56 mcr
-+ * moved include of ipsec_param.h to after include of linux/kernel.h
-+ * otherwise, it seems that some option that is set in ipsec_param.h
-+ * screws up something subtle in the include path to kernel.h, and
-+ * it complains on the snprintf() prototype.
-+ *
-+ * Revision 1.57 2002/01/29 04:00:52 mcr
-+ * more excise of kversions.h header.
-+ *
-+ * Revision 1.56 2002/01/29 02:13:17 mcr
-+ * introduction of ipsec_kversion.h means that include of
-+ * ipsec_param.h must preceed any decisions about what files to
-+ * include to deal with differences in kernel source.
-+ *
-+ * Revision 1.55 2001/11/26 09:23:48 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.53.2.1 2001/09/25 02:26:32 mcr
-+ * headers adjusted for new usage.
-+ *
-+ * Revision 1.54 2001/10/18 04:45:20 rgb
-+ * 2.4.9 kernel deprecates linux/malloc.h in favour of linux/slab.h,
-+ * lib/freeswan.h version macros moved to lib/kversions.h.
-+ * Other compiler directive cleanups.
-+ *
-+ * Revision 1.53 2001/09/19 17:19:40 rgb
-+ * Debug output bugfix for NetCelo's PF_KEY ident patch.
-+ *
-+ * Revision 1.52 2001/09/19 16:33:37 rgb
-+ * Temporarily disable ident fields to /proc/net/ipsec_eroute.
-+ *
-+ * Revision 1.51 2001/09/15 16:24:04 rgb
-+ * Re-inject first and last HOLD packet when an eroute REPLACE is done.
-+ *
-+ * Revision 1.50 2001/09/14 16:58:36 rgb
-+ * Added support for storing the first and last packets through a HOLD.
-+ *
-+ * Revision 1.49 2001/09/08 21:13:32 rgb
-+ * Added pfkey ident extension support for ISAKMPd. (NetCelo)
-+ *
-+ * Revision 1.48 2001/06/15 04:12:56 rgb
-+ * Fixed kernel memory allocation error return code polarity bug.
-+ *
-+ * Revision 1.47 2001/06/14 19:35:09 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.46 2001/06/08 08:47:18 rgb
-+ * Fixed for debug disabled.
-+ *
-+ * Revision 1.45 2001/05/27 06:12:11 rgb
-+ * Added structures for pid, packet count and last access time to eroute.
-+ * Added packet count to beginning of /proc/net/ipsec_eroute.
-+ *
-+ * Revision 1.44 2001/05/03 19:41:01 rgb
-+ * Initialise error return variable.
-+ * Use more appropriate return value for ipsec_rj_walker_delete().
-+ *
-+ * Revision 1.43 2001/02/27 22:24:54 rgb
-+ * Re-formatting debug output (line-splitting, joining, 1arg/line).
-+ * Check for satoa() return codes.
-+ *
-+ * Revision 1.42 2001/02/27 06:21:57 rgb
-+ * Added findroute success instrumentation.
-+ *
-+ * Revision 1.41 2000/11/06 04:32:08 rgb
-+ * Ditched spin_lock_irqsave in favour of spin_lock_bh.
-+ *
-+ * Revision 1.40 2000/09/08 19:12:56 rgb
-+ * Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
-+ *
-+ * Revision 1.39 2000/08/30 05:25:20 rgb
-+ * Correct debug text in ipsec_breakroute() from incorrect
-+ * "ipsec_callback".
-+ *
-+ * Revision 1.38 2000/07/28 14:58:31 rgb
-+ * Changed kfree_s to kfree, eliminating extra arg to fix 2.4.0-test5.
-+ *
-+ * Revision 1.37 2000/03/16 14:02:50 rgb
-+ * Fixed debug scope to enable compilation with debug off.
-+ *
-+ * Revision 1.36 2000/01/21 06:14:46 rgb
-+ * Added debugging text to ipsec_rj_walker_delete().
-+ * Set return code to negative for consistency.
-+ *
-+ * Revision 1.35 1999/11/23 23:05:24 rgb
-+ * Use provided macro ADDRTOA_BUF instead of hardcoded value.
-+ *
-+ * Revision 1.34 1999/11/18 04:13:56 rgb
-+ * Replaced all kernel version macros to shorter, readable form.
-+ * Added CONFIG_PROC_FS compiler directives in case it is shut off.
-+ *
-+ * Revision 1.33 1999/11/17 15:53:39 rgb
-+ * Changed all occurrences of #include "../../../lib/freeswan.h"
-+ * to #include <freeswan.h> which works due to -Ilibfreeswan in the
-+ * klips/net/ipsec/Makefile.
-+ *
-+ * Revision 1.32 1999/10/26 13:58:33 rgb
-+ * Put spinlock flags variable declaration outside the debug compiler
-+ * directive to enable compilation with debug shut off.
-+ *
-+ * Revision 1.31 1999/10/15 22:13:29 rgb
-+ * Clean out cruft.
-+ * Align /proc/net/ipsec_eroute output for easier readability.
-+ * Fix double linefeed in radij debug output.
-+ * Fix double locking bug that locks up 2.0.36 but not 2.0.38.
-+ *
-+ * Revision 1.30 1999/10/08 18:37:33 rgb
-+ * Fix end-of-line spacing to sate whining PHMs.
-+ *
-+ * Revision 1.29 1999/10/03 18:52:45 rgb
-+ * Spinlock support for 2.0.xx.
-+ * Dumb return code spin_unlock fix.
-+ *
-+ * Revision 1.28 1999/10/01 16:22:24 rgb
-+ * Switch from assignment init. to functional init. of spinlocks.
-+ *
-+ * Revision 1.27 1999/10/01 15:44:53 rgb
-+ * Move spinlock header include to 2.1> scope.
-+ *
-+ * Revision 1.26 1999/10/01 00:01:23 rgb
-+ * Added eroute structure locking.
-+ *
-+ * Revision 1.25 1999/06/10 16:07:30 rgb
-+ * Silence delete eroute on no debug.
-+ *
-+ * Revision 1.24 1999/05/09 03:25:36 rgb
-+ * Fix bug introduced by 2.2 quick-and-dirty patch.
-+ *
-+ * Revision 1.23 1999/05/05 22:02:31 rgb
-+ * Add a quick and dirty port to 2.2 kernels by Marc Boucher <marc@mbsi.ca>.
-+ *
-+ * Revision 1.22 1999/04/29 15:17:23 rgb
-+ * Add return values to init and cleanup functions.
-+ * Add sanity checking for null pointer arguments.
-+ *
-+ * Revision 1.21 1999/04/11 00:28:58 henry
-+ * GPL boilerplate
-+ *
-+ * Revision 1.20 1999/04/06 04:54:26 rgb
-+ * Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+ * patch shell fixes.
-+ *
-+ * Revision 1.19 1999/02/17 16:50:35 rgb
-+ * Clean out unused cruft.
-+ * Consolidate for space and speed efficiency.
-+ * Convert DEBUG_IPSEC to KLIPS_PRINT
-+ *
-+ * Revision 1.18 1999/01/22 06:22:06 rgb
-+ * Cruft clean-out.
-+ * 64-bit clean-up.
-+ *
-+ * Revision 1.17 1998/12/02 03:09:39 rgb
-+ * Clean up debug printing conditionals to compile with debugging off.
-+ *
-+ * Revision 1.16 1998/12/01 13:49:39 rgb
-+ * Wrap version info printing in debug switches.
-+ *
-+ * Revision 1.15 1998/11/30 13:22:54 rgb
-+ * Rationalised all the klips kernel file headers. They are much shorter
-+ * now and won't conflict under RH5.2.
-+ *
-+ * Revision 1.14 1998/10/31 06:48:17 rgb
-+ * Fixed up comments in #endif directives.
-+ *
-+ * Revision 1.13 1998/10/27 13:48:09 rgb
-+ * Cleaned up /proc/net/ipsec_* filesystem for easy parsing by scripts.
-+ * Fixed less(1) truncated output bug.
-+ * Code clean-up.
-+ *
-+ * Revision 1.12 1998/10/25 02:41:36 rgb
-+ * Change return type on ipsec_breakroute and ipsec_makeroute and add an
-+ * argument to be able to transmit more infomation about errors.
-+ * Fix cut-and-paste debug statement identifier.
-+ *
-+ * Revision 1.11 1998/10/22 06:45:39 rgb
-+ * Cleaned up cruft.
-+ * Convert to use satoa for printk.
-+ *
-+ * Revision 1.10 1998/10/19 14:44:28 rgb
-+ * Added inclusion of freeswan.h.
-+ * sa_id structure implemented and used: now includes protocol.
-+ *
-+ * Revision 1.9 1998/10/09 04:30:52 rgb
-+ * Added 'klips_debug' prefix to all klips printk debug statements.
-+ * Deleted old commented out cruft.
-+ *
-+ * Revision 1.8 1998/08/06 17:24:23 rgb
-+ * Fix addrtoa return code bug from stale manpage advice preventing packets
-+ * from being erouted.
-+ *
-+ * Revision 1.7 1998/08/06 07:44:59 rgb
-+ * Fixed /proc/net/ipsec_eroute subnettoa and addrtoa return value bug that
-+ * ended up in nothing being printed.
-+ *
-+ * Revision 1.6 1998/08/05 22:16:41 rgb
-+ * Cleanup to prevent cosmetic errors (ie. debug output) from being fatal.
-+ *
-+ * Revision 1.5 1998/07/29 20:38:44 rgb
-+ * Debug and fix subnettoa and addrtoa output.
-+ *
-+ * Revision 1.4 1998/07/28 00:02:39 rgb
-+ * Converting to exclusive use of addrtoa.
-+ * Fix eroute delete.
-+ *
-+ * Revision 1.3 1998/07/14 18:21:26 rgb
-+ * Add function to clear the eroute table.
-+ *
-+ * Revision 1.2 1998/06/23 02:59:14 rgb
-+ * Added debugging output to eroute add/delete routines.
-+ *
-+ * Revision 1.9 1998/06/18 21:29:06 henry
-+ * move sources from klips/src to klips/net/ipsec, to keep stupid kernel
-+ * build scripts happier in presence of symbolic links
-+ *
-+ * Revision 1.8 1998/06/05 02:32:26 rgb
-+ * Fix spi ntoh kernel debug output.
-+ *
-+ * Revision 1.7 1998/05/25 20:30:37 rgb
-+ * Remove temporary ipsec_walk, rj_deltree and rj_delnodes functions.
-+ *
-+ * Rename ipsec_rj_walker (ipsec_walk) to ipsec_rj_walker_procprint and
-+ * add ipsec_rj_walker_delete.
-+ *
-+ * Revision 1.6 1998/05/21 13:08:57 rgb
-+ * Rewrote procinfo subroutines to avoid *bad things* when more that 3k of
-+ * information is available for printout.
-+ *
-+ * Revision 1.5 1998/05/18 21:35:55 rgb
-+ * Clean up output for numerical consistency and readability. Zero freed
-+ * eroute memory.
-+ *
-+ * Revision 1.4 1998/04/21 21:28:58 rgb
-+ * Rearrange debug switches to change on the fly debug output from user
-+ * space. Only kernel changes checked in at this time. radij.c was also
-+ * changed to temporarily remove buggy debugging code in rj_delete causing
-+ * an OOPS and hence, netlink device open errors.
-+ *
-+ * Revision 1.3 1998/04/14 17:30:39 rgb
-+ * Fix up compiling errors for radij tree memory reclamation.
-+ *
-+ * Revision 1.2 1998/04/12 22:03:23 rgb
-+ * Updated ESP-3DES-HMAC-MD5-96,
-+ * ESP-DES-HMAC-MD5-96,
-+ * AH-HMAC-MD5-96,
-+ * AH-HMAC-SHA1-96 since Henry started freeswan cvs repository
-+ * from old standards (RFC182[5-9] to new (as of March 1998) drafts.
-+ *
-+ * Fixed eroute references in /proc/net/ipsec*.
-+ *
-+ * Started to patch module unloading memory leaks in ipsec_netlink and
-+ * radij tree unloading.
-+ *
-+ * Revision 1.1 1998/04/09 03:06:10 henry
-+ * sources moved up from linux/net/ipsec
-+ *
-+ * Revision 1.1.1.1 1998/04/08 05:35:03 henry
-+ * RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
-+ *
-+ * Revision 0.4 1997/01/15 01:28:15 ji
-+ * No changes.
-+ *
-+ * Revision 0.3 1996/11/20 14:39:04 ji
-+ * Minor cleanups.
-+ * Rationalized debugging code.
-+ *
-+ * Revision 0.2 1996/11/02 00:18:33 ji
-+ * First limited release.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_rcv.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,2317 @@
-+/*
-+ * receive code
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998-2003 Richard Guy Briggs.
-+ * Copyright (C) 2004 Michael Richardson <mcr@xelerance.com>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ */
-+
-+char ipsec_rcv_c_version[] = "RCSID $Id: ipsec_rcv.c,v 1.171.2.11 2007/04/28 20:46:40 paul Exp $";
-+
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+
-+#define __NO_VERSION__
-+#include <linux/module.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "openswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/interrupt.h> /* mark_bh */
-+
-+#include <linux/netdevice.h> /* struct device, and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+
-+#include <net/tcp.h>
-+#include <net/udp.h>
-+#include <linux/skbuff.h>
-+#include <openswan.h>
-+#ifdef SPINLOCK
-+# ifdef SPINLOCK_23
-+# include <linux/spinlock.h> /* *lock* */
-+# else /* SPINLOCK_23 */
-+# include <asm/spinlock.h> /* *lock* */
-+# endif /* SPINLOCK_23 */
-+#endif /* SPINLOCK */
-+
-+#include <net/ip.h>
-+
-+#include "openswan/ipsec_kern24.h"
-+#include "openswan/radij.h"
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_sa.h"
-+
-+#include "openswan/ipsec_radij.h"
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_tunnel.h"
-+#include "openswan/ipsec_rcv.h"
-+
-+#include "openswan/ipsec_auth.h"
-+
-+#include "openswan/ipsec_esp.h"
-+
-+#ifdef CONFIG_KLIPS_AH
-+#include "openswan/ipsec_ah.h"
-+#endif /* CONFIG_KLIPS_AH */
-+
-+#ifdef CONFIG_KLIPS_IPCOMP
-+#include "openswan/ipsec_ipcomp.h"
-+#endif /* CONFIG_KLIPS_COMP */
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+#include "openswan/ipsec_proto.h"
-+#include "openswan/ipsec_alg.h"
-+#include "openswan/ipsec_kern24.h"
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+int debug_rcv = 0;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+int sysctl_ipsec_inbound_policy_check = 1;
-+
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+#include <linux/udp.h>
-+#endif
-+
-+/* This is a private use protocol, and AT&T should be ashamed. They should have
-+ * used protocol # 59, which is "no next header" instead of 0xFE.
-+ */
-+#ifndef IPPROTO_ATT_HEARTBEAT
-+#define IPPROTO_ATT_HEARTBEAT 0xFE
-+#endif
-+
-+/*
-+ * Check-replay-window routine, adapted from the original
-+ * by J. Hughes, from draft-ietf-ipsec-esp-des-md5-03.txt
-+ *
-+ * This is a routine that implements a 64 packet window. This is intend-
-+ * ed on being an implementation sample.
-+ */
-+
-+DEBUG_NO_STATIC int
-+ipsec_checkreplaywindow(struct ipsec_sa*ipsp, __u32 seq)
-+{
-+ __u32 diff;
-+
-+ if (ipsp->ips_replaywin == 0) /* replay shut off */
-+ return 1;
-+ if (seq == 0)
-+ return 0; /* first == 0 or wrapped */
-+
-+ /* new larger sequence number */
-+ if (seq > ipsp->ips_replaywin_lastseq) {
-+ return 1; /* larger is good */
-+ }
-+ diff = ipsp->ips_replaywin_lastseq - seq;
-+
-+ /* too old or wrapped */ /* if wrapped, kill off SA? */
-+ if (diff >= ipsp->ips_replaywin) {
-+ return 0;
-+ }
-+ /* this packet already seen */
-+ if (ipsp->ips_replaywin_bitmap & (1 << diff))
-+ return 0;
-+ return 1; /* out of order but good */
-+}
-+
-+DEBUG_NO_STATIC int
-+ipsec_updatereplaywindow(struct ipsec_sa*ipsp, __u32 seq)
-+{
-+ __u32 diff;
-+
-+ if (ipsp->ips_replaywin == 0) /* replay shut off */
-+ return 1;
-+ if (seq == 0)
-+ return 0; /* first == 0 or wrapped */
-+
-+ /* new larger sequence number */
-+ if (seq > ipsp->ips_replaywin_lastseq) {
-+ diff = seq - ipsp->ips_replaywin_lastseq;
-+
-+ /* In win, set bit for this pkt */
-+ if (diff < ipsp->ips_replaywin)
-+ ipsp->ips_replaywin_bitmap =
-+ (ipsp->ips_replaywin_bitmap << diff) | 1;
-+ else
-+ /* This packet has way larger seq num */
-+ ipsp->ips_replaywin_bitmap = 1;
-+
-+ if(seq - ipsp->ips_replaywin_lastseq - 1 > ipsp->ips_replaywin_maxdiff) {
-+ ipsp->ips_replaywin_maxdiff = seq - ipsp->ips_replaywin_lastseq - 1;
-+ }
-+ ipsp->ips_replaywin_lastseq = seq;
-+ return 1; /* larger is good */
-+ }
-+ diff = ipsp->ips_replaywin_lastseq - seq;
-+
-+ /* too old or wrapped */ /* if wrapped, kill off SA? */
-+ if (diff >= ipsp->ips_replaywin) {
-+/*
-+ if(seq < 0.25*max && ipsp->ips_replaywin_lastseq > 0.75*max) {
-+ ipsec_sa_delchain(ipsp);
-+ }
-+*/
-+ return 0;
-+ }
-+ /* this packet already seen */
-+ if (ipsp->ips_replaywin_bitmap & (1 << diff))
-+ return 0;
-+ ipsp->ips_replaywin_bitmap |= (1 << diff); /* mark as seen */
-+ return 1; /* out of order but good */
-+}
-+
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_MD5
-+struct auth_alg ipsec_rcv_md5[]={
-+ {osMD5Init, osMD5Update, osMD5Final, AHMD596_ALEN}
-+};
-+
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_MD5 */
-+
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_SHA1
-+struct auth_alg ipsec_rcv_sha1[]={
-+ {SHA1Init, SHA1Update, SHA1Final, AHSHA196_ALEN}
-+};
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_MD5 */
-+
-+/*
-+ * decapsulate a single layer of the system
-+ *
-+ * the following things should be setup to enter this function.
-+ *
-+ * irs->stats == stats structure (or NULL)
-+ * irs->ipp = IP header.
-+ * irs->len = total length of packet
-+ * skb->nh.iph = ipp;
-+ * skb->h.raw = start of payload
-+ * irs->ipsp = NULL.
-+ * irs->iphlen = N/A = is recalculated.
-+ * irs->ilen = 0;
-+ * irs->authlen = 0;
-+ * irs->authfuncs = NULL;
-+ * irs->skb = the skb;
-+ *
-+ * proto_funcs should be from ipsec_esp.c, ipsec_ah.c or ipsec_ipcomp.c.
-+ *
-+ */
-+enum ipsec_rcv_value
-+ipsec_rcv_decap_once(struct ipsec_rcv_state *irs
-+ , struct xform_functions *proto_funcs)
-+{
-+ int iphlen;
-+ __u8 proto;
-+ struct in_addr ipsaddr;
-+ struct in_addr ipdaddr;
-+ int replay = 0; /* replay value in AH or ESP packet */
-+ struct ipsec_sa* ipsnext = NULL; /* next SA towards inside of packet */
-+ struct ipsec_sa *newipsp;
-+ struct iphdr *ipp;
-+ struct sk_buff *skb;
-+ struct ipsec_alg_auth *ixt_a=NULL;
-+
-+ skb = irs->skb;
-+ irs->len = skb->len;
-+ ipp = irs->ipp;
-+ proto = ipp->protocol;
-+ ipsaddr.s_addr = ipp->saddr;
-+ addrtoa(ipsaddr, 0, irs->ipsaddr_txt, sizeof(irs->ipsaddr_txt));
-+ ipdaddr.s_addr = ipp->daddr;
-+ addrtoa(ipdaddr, 0, irs->ipdaddr_txt, sizeof(irs->ipdaddr_txt));
-+
-+ iphlen = ipp->ihl << 2;
-+ irs->iphlen=iphlen;
-+ ipp->check = 0; /* we know the sum is good */
-+
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv_decap_once: "
-+ "decap (%d) from %s -> %s\n",
-+ proto, irs->ipsaddr_txt, irs->ipdaddr_txt);
-+
-+ /*
-+ * Find tunnel control block and (indirectly) call the
-+ * appropriate tranform routine. The resulting sk_buf
-+ * is a valid IP packet ready to go through input processing.
-+ */
-+
-+ irs->said.dst.u.v4.sin_addr.s_addr = ipp->daddr;
-+ irs->said.dst.u.v4.sin_family = AF_INET;
-+
-+ /* note: rcv_checks set up the said.spi value, if appropriate */
-+ if(proto_funcs->rcv_checks) {
-+ enum ipsec_rcv_value retval =
-+ (*proto_funcs->rcv_checks)(irs, skb);
-+
-+ if(retval < 0) {
-+ return retval;
-+ }
-+ }
-+
-+ irs->said.proto = proto;
-+ irs->sa_len = satot(&irs->said, 0, irs->sa, sizeof(irs->sa));
-+ if(irs->sa_len == 0) {
-+ strcpy(irs->sa, "(error)");
-+ }
-+
-+ newipsp = ipsec_sa_getbyid(&irs->said);
-+ if (newipsp == NULL) {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "no ipsec_sa for SA:%s: incoming packet with no SA dropped\n",
-+ irs->sa_len ? irs->sa : " (error)");
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ return IPSEC_RCV_SAIDNOTFOUND;
-+ }
-+
-+ /* MCR - XXX this is bizarre. ipsec_sa_getbyid returned it, having
-+ * incremented the refcount, why in the world would we decrement it
-+ * here? */
-+ /* ipsec_sa_put(irs->ipsp);*/ /* incomplete */
-+
-+ /* If it is in larval state, drop the packet, we cannot process yet. */
-+ if(newipsp->ips_state == SADB_SASTATE_LARVAL) {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "ipsec_sa in larval state, cannot be used yet, dropping packet.\n");
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ ipsec_sa_put(newipsp);
-+ return IPSEC_RCV_SAIDNOTLIVE;
-+ }
-+
-+ if(newipsp->ips_state == SADB_SASTATE_DEAD) {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "ipsec_sa in dead state, cannot be used any more, dropping packet.\n");
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ ipsec_sa_put(newipsp);
-+ return IPSEC_RCV_SAIDNOTLIVE;
-+ }
-+
-+ if(sysctl_ipsec_inbound_policy_check) {
-+ if(irs->ipp->saddr != ((struct sockaddr_in*)(newipsp->ips_addr_s))->sin_addr.s_addr) {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "SA:%s, src=%s of pkt does not agree with expected SA source address policy.\n",
-+ irs->sa_len ? irs->sa : " (error)",
-+ irs->ipsaddr_txt);
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ ipsec_sa_put(newipsp);
-+ return IPSEC_RCV_FAILEDINBOUND;
-+ }
-+
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "SA:%s, src=%s of pkt agrees with expected SA source address policy.\n",
-+ irs->sa_len ? irs->sa : " (error)",
-+ irs->ipsaddr_txt);
-+
-+ /*
-+ * at this point, we have looked up a new SA, and we want to make sure that if this
-+ * isn't the first SA in the list, that the previous SA actually points at this one.
-+ */
-+ if(irs->ipsp) {
-+ if(irs->ipsp->ips_inext != newipsp) {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "unexpected SA:%s: does not agree with ips->inext policy, dropped\n",
-+ irs->sa_len ? irs->sa : " (error)");
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ ipsec_sa_put(newipsp);
-+ return IPSEC_RCV_FAILEDINBOUND;
-+ }
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "SA:%s grouping from previous SA is OK.\n",
-+ irs->sa_len ? irs->sa : " (error)");
-+ } else {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "SA:%s First SA in group.\n",
-+ irs->sa_len ? irs->sa : " (error)");
-+ }
-+
-+
-+
-+
-+
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ if (proto == IPPROTO_ESP) {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "natt_type=%u tdbp->ips_natt_type=%u : %s\n",
-+ irs->natt_type, newipsp->ips_natt_type,
-+ (irs->natt_type==newipsp->ips_natt_type)?"ok":"bad");
-+ if (irs->natt_type != newipsp->ips_natt_type) {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "SA:%s does not agree with expected NAT-T policy.\n",
-+ irs->sa_len ? irs->sa : " (error)");
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ ipsec_sa_put(newipsp);
-+ return IPSEC_RCV_FAILEDINBOUND;
-+ }
-+ }
-+#endif
-+ }
-+
-+ /* okay, SA checks out, so free any previous SA, and record a new one*/
-+
-+ if(irs->ipsp) {
-+ ipsec_sa_put(irs->ipsp);
-+ }
-+ irs->ipsp=newipsp;
-+
-+ /* note that the outer code will free the irs->ipsp
-+ if there is an error */
-+
-+
-+ /* now check the lifetimes */
-+ if(ipsec_lifetime_check(&irs->ipsp->ips_life.ipl_bytes, "bytes",
-+ irs->sa, ipsec_life_countbased, ipsec_incoming,
-+ irs->ipsp) == ipsec_life_harddied ||
-+ ipsec_lifetime_check(&irs->ipsp->ips_life.ipl_addtime, "addtime",
-+ irs->sa, ipsec_life_timebased, ipsec_incoming,
-+ irs->ipsp) == ipsec_life_harddied ||
-+ ipsec_lifetime_check(&irs->ipsp->ips_life.ipl_addtime, "usetime",
-+ irs->sa, ipsec_life_timebased, ipsec_incoming,
-+ irs->ipsp) == ipsec_life_harddied ||
-+ ipsec_lifetime_check(&irs->ipsp->ips_life.ipl_packets, "packets",
-+ irs->sa, ipsec_life_countbased, ipsec_incoming,
-+ irs->ipsp) == ipsec_life_harddied) {
-+ ipsec_sa_delchain(irs->ipsp);
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv_decap_once: "
-+ "decap (%d) failed lifetime check\n",
-+ proto);
-+
-+ return IPSEC_RCV_LIFETIMEFAILED;
-+ }
-+
-+#if 0
-+ /*
-+ * This is removed for some reasons:
-+ * 1) it needs to happen *after* authentication.
-+ * 2) do we really care, if it authenticates, if it came
-+ * from the wrong location?
-+ * 3) the NAT_KA messages in IKE will also get to pluto
-+ * and it will figure out that stuff has moved.
-+ * 4) the 2.6 udp-esp encap function does not pass us
-+ * the originating port number, and I can't tell
-+ * if skb->sk is guaranteed to be valid here.
-+ * 2005-04-16: mcr@xelerance.com
-+ */
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ /*
-+ *
-+ * XXX we should ONLY update pluto if the SA passes all checks,
-+ * which we clearly do not now.
-+ */
-+ if ((irs->natt_type) &&
-+ ( (irs->ipp->saddr != (((struct sockaddr_in*)(newipsp->ips_addr_s))->sin_addr.s_addr)) ||
-+ (irs->natt_sport != newipsp->ips_natt_sport)
-+ )) {
-+ struct sockaddr sipaddr;
-+ struct sockaddr_in *psin = (struct sockaddr_in*)(newipsp->ips_addr_s);
-+
-+ /** Advertise NAT-T addr change to pluto **/
-+ sipaddr.sa_family = AF_INET;
-+ ((struct sockaddr_in*)&sipaddr)->sin_addr.s_addr = irs->ipp->saddr;
-+ ((struct sockaddr_in*)&sipaddr)->sin_port = htons(irs->natt_sport);
-+ pfkey_nat_t_new_mapping(newipsp, &sipaddr, irs->natt_sport);
-+
-+ /**
-+ * Then allow or block packet depending on
-+ * sysctl_ipsec_inbound_policy_check.
-+ *
-+ * In all cases, pluto will update SA if new mapping is
-+ * accepted.
-+ */
-+ if (sysctl_ipsec_inbound_policy_check) {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "SA:%s, src=%s:%u of pkt does not agree with expected "
-+ "SA source address [%08x:%u] (notifying pluto of change).\n",
-+ irs->sa_len ? irs->sa : " (error)",
-+ irs->ipsaddr_txt, irs->natt_sport,
-+ psin->sin_addr.s_addr,
-+ newipsp->ips_natt_sport);
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ ipsec_sa_put(newipsp);
-+ return IPSEC_RCV_FAILEDINBOUND;
-+ }
-+ }
-+#endif
-+#endif
-+
-+ irs->authfuncs=NULL;
-+
-+ /* authenticate, if required */
-+ if ((ixt_a=irs->ipsp->ips_alg_auth)) {
-+ irs->authlen = AHHMAC_HASHLEN;
-+ irs->authfuncs = NULL;
-+ irs->ictx = NULL;
-+ irs->octx = NULL;
-+ irs->ictx_len = 0;
-+ irs->octx_len = 0;
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "authalg=%d authlen=%d\n",
-+ irs->ipsp->ips_authalg,
-+ irs->authlen);
-+ } else
-+ switch(irs->ipsp->ips_authalg) {
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_MD5
-+ case AH_MD5:
-+ irs->authlen = AHHMAC_HASHLEN;
-+ irs->authfuncs = ipsec_rcv_md5;
-+ irs->ictx = (void *)&((struct md5_ctx*)(irs->ipsp->ips_key_a))->ictx;
-+ irs->octx = (void *)&((struct md5_ctx*)(irs->ipsp->ips_key_a))->octx;
-+ irs->ictx_len = sizeof(((struct md5_ctx*)(irs->ipsp->ips_key_a))->ictx);
-+ irs->octx_len = sizeof(((struct md5_ctx*)(irs->ipsp->ips_key_a))->octx);
-+ break;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_MD5 */
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_SHA1
-+ case AH_SHA:
-+ irs->authlen = AHHMAC_HASHLEN;
-+ irs->authfuncs = ipsec_rcv_sha1;
-+ irs->ictx = (void *)&((struct sha1_ctx*)(irs->ipsp->ips_key_a))->ictx;
-+ irs->octx = (void *)&((struct sha1_ctx*)(irs->ipsp->ips_key_a))->octx;
-+ irs->ictx_len = sizeof(((struct sha1_ctx*)(irs->ipsp->ips_key_a))->ictx);
-+ irs->octx_len = sizeof(((struct sha1_ctx*)(irs->ipsp->ips_key_a))->octx);
-+ break;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_SHA1 */
-+ case AH_NONE:
-+ irs->authlen = 0;
-+ irs->authfuncs = NULL;
-+ irs->ictx = NULL;
-+ irs->octx = NULL;
-+ irs->ictx_len = 0;
-+ irs->octx_len = 0;
-+ break;
-+ default:
-+ irs->ipsp->ips_errs.ips_alg_errs += 1;
-+ if(irs->stats) {
-+ irs->stats->rx_errors++;
-+ }
-+ return IPSEC_RCV_BADAUTH;
-+ }
-+
-+ /* ilen counts number of bytes in ESP portion */
-+ irs->ilen = ((skb->data + skb->len) - skb->h.raw) - irs->authlen;
-+ if(irs->ilen <= 0) {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "runt %s packet with no data, dropping.\n",
-+ (proto == IPPROTO_ESP ? "esp" : "ah"));
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ return IPSEC_RCV_BADLEN;
-+ }
-+
-+ if(irs->authfuncs || ixt_a) {
-+ unsigned char *authenticator = NULL;
-+
-+ if(proto_funcs->rcv_setup_auth) {
-+ enum ipsec_rcv_value retval
-+ = (*proto_funcs->rcv_setup_auth)(irs, skb,
-+ &replay,
-+ &authenticator);
-+ if(retval < 0) {
-+ return retval;
-+ }
-+ }
-+
-+ if(!authenticator) {
-+ irs->ipsp->ips_errs.ips_auth_errs += 1;
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ return IPSEC_RCV_BADAUTH;
-+ }
-+
-+ if(!ipsec_checkreplaywindow(irs->ipsp, replay)) {
-+ irs->ipsp->ips_errs.ips_replaywin_errs += 1;
-+ KLIPS_PRINT(debug_rcv & DB_RX_REPLAY,
-+ "klips_debug:ipsec_rcv: "
-+ "duplicate frame from %s, packet dropped\n",
-+ irs->ipsaddr_txt);
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ return IPSEC_RCV_REPLAYFAILED;
-+ }
-+
-+ /*
-+ * verify authenticator
-+ */
-+
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "encalg = %d, authalg = %d.\n",
-+ irs->ipsp->ips_encalg,
-+ irs->ipsp->ips_authalg);
-+
-+ /* calculate authenticator */
-+ if(proto_funcs->rcv_calc_auth == NULL) {
-+ return IPSEC_RCV_BADAUTH;
-+ }
-+ (*proto_funcs->rcv_calc_auth)(irs, skb);
-+
-+ if (memcmp(irs->hash, authenticator, irs->authlen)) {
-+ irs->ipsp->ips_errs.ips_auth_errs += 1;
-+ KLIPS_PRINT(debug_rcv & DB_RX_INAU,
-+ "klips_debug:ipsec_rcv: "
-+ "auth failed on incoming packet from %s: hash=%08x%08x%08x auth=%08x%08x%08x, dropped\n",
-+ irs->ipsaddr_txt,
-+ ntohl(*(__u32*)&irs->hash[0]),
-+ ntohl(*(__u32*)&irs->hash[4]),
-+ ntohl(*(__u32*)&irs->hash[8]),
-+ ntohl(*(__u32*)authenticator),
-+ ntohl(*((__u32*)authenticator + 1)),
-+ ntohl(*((__u32*)authenticator + 2)));
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ return IPSEC_RCV_AUTHFAILED;
-+ } else {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "authentication successful.\n");
-+ }
-+
-+ /* Crypto hygiene: clear memory used to calculate autheticator.
-+ * The length varies with the algorithm.
-+ */
-+ memset(irs->hash, 0, irs->authlen);
-+
-+ /* If the sequence number == 0, expire SA, it had rolled */
-+ if(irs->ipsp->ips_replaywin && !replay /* !irs->ipsp->ips_replaywin_lastseq */) {
-+ ipsec_sa_delchain(irs->ipsp);
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "replay window counter rolled, expiring SA.\n");
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ return IPSEC_RCV_REPLAYROLLED;
-+ }
-+
-+ /* now update the replay counter */
-+ if (!ipsec_updatereplaywindow(irs->ipsp, replay)) {
-+ irs->ipsp->ips_errs.ips_replaywin_errs += 1;
-+ KLIPS_PRINT(debug_rcv & DB_RX_REPLAY,
-+ "klips_debug:ipsec_rcv: "
-+ "duplicate frame from %s, packet dropped\n",
-+ irs->ipsaddr_txt);
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ return IPSEC_RCV_REPLAYROLLED;
-+ }
-+ }
-+
-+ if(proto_funcs->rcv_decrypt) {
-+ enum ipsec_rcv_value retval =
-+ (*proto_funcs->rcv_decrypt)(irs);
-+
-+ if(retval != IPSEC_RCV_OK) {
-+ return retval;
-+ }
-+ }
-+
-+ /*
-+ * Adjust pointers
-+ */
-+ skb = irs->skb;
-+ irs->len = skb->len;
-+ ipp = irs->ipp = skb->nh.iph;
-+ iphlen = ipp->ihl<<2;
-+ skb->h.raw = skb->nh.raw + iphlen;
-+
-+ /* zero any options that there might be */
-+ memset(&(IPCB(skb)->opt), 0, sizeof(struct ip_options));
-+
-+ ipsaddr.s_addr = ipp->saddr;
-+ addrtoa(ipsaddr, 0, irs->ipsaddr_txt, sizeof(irs->ipsaddr_txt));
-+ ipdaddr.s_addr = ipp->daddr;
-+ addrtoa(ipdaddr, 0, irs->ipdaddr_txt, sizeof(irs->ipdaddr_txt));
-+
-+ /*
-+ * Discard the original ESP/AH header
-+ */
-+ ipp->protocol = irs->next_header;
-+
-+ ipp->check = 0; /* NOTE: this will be included in checksum */
-+ ipp->check = ip_fast_csum((unsigned char *)skb->nh.iph, iphlen >> 2);
-+
-+ KLIPS_PRINT(debug_rcv & DB_RX_PKTRX,
-+ "klips_debug:ipsec_rcv: "
-+ "after <%s%s%s>, SA:%s:\n",
-+ IPS_XFORM_NAME(irs->ipsp),
-+ irs->sa_len ? irs->sa : " (error)");
-+ KLIPS_IP_PRINT(debug_rcv & DB_RX_PKTRX, ipp);
-+
-+ skb->protocol = htons(ETH_P_IP);
-+ skb->ip_summed = 0;
-+
-+ ipsnext = irs->ipsp->ips_inext;
-+ if(sysctl_ipsec_inbound_policy_check) {
-+ if(ipsnext) {
-+ if(
-+ ipp->protocol != IPPROTO_AH
-+ && ipp->protocol != IPPROTO_ESP
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ && ipp->protocol != IPPROTO_COMP
-+ && (ipsnext->ips_said.proto != IPPROTO_COMP
-+ || ipsnext->ips_inext)
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+ && ipp->protocol != IPPROTO_IPIP
-+ && ipp->protocol != IPPROTO_ATT_HEARTBEAT /* heartbeats to AT&T SIG/GIG */
-+ ) {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "packet with incomplete policy dropped, last successful SA:%s.\n",
-+ irs->sa_len ? irs->sa : " (error)");
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ return IPSEC_RCV_FAILEDINBOUND;
-+ }
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "SA:%s, Another IPSEC header to process.\n",
-+ irs->sa_len ? irs->sa : " (error)");
-+ } else {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "No ips_inext from this SA:%s.\n",
-+ irs->sa_len ? irs->sa : " (error)");
-+ }
-+ }
-+
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ /* update ipcomp ratio counters, even if no ipcomp packet is present */
-+ if (ipsnext
-+ && ipsnext->ips_said.proto == IPPROTO_COMP
-+ && ipp->protocol != IPPROTO_COMP) {
-+ ipsnext->ips_comp_ratio_cbytes += ntohs(ipp->tot_len);
-+ ipsnext->ips_comp_ratio_dbytes += ntohs(ipp->tot_len);
-+ }
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+
-+ irs->ipsp->ips_life.ipl_bytes.ipl_count += irs->len;
-+ irs->ipsp->ips_life.ipl_bytes.ipl_last = irs->len;
-+
-+ if(!irs->ipsp->ips_life.ipl_usetime.ipl_count) {
-+ irs->ipsp->ips_life.ipl_usetime.ipl_count = jiffies / HZ;
-+ }
-+ irs->ipsp->ips_life.ipl_usetime.ipl_last = jiffies / HZ;
-+ irs->ipsp->ips_life.ipl_packets.ipl_count += 1;
-+
-+#ifdef CONFIG_NETFILTER
-+ if(proto == IPPROTO_ESP || proto == IPPROTO_AH) {
-+ skb->nfmark = (skb->nfmark & (~(IPsecSAref2NFmark(IPSEC_SA_REF_MASK))))
-+ | IPsecSAref2NFmark(IPsecSA2SAref(irs->ipsp));
-+ KLIPS_PRINT(debug_rcv & DB_RX_PKTRX,
-+ "klips_debug:ipsec_rcv: "
-+ "%s SA sets skb->nfmark=0x%x.\n",
-+ proto == IPPROTO_ESP ? "ESP" : "AH",
-+ (unsigned)skb->nfmark);
-+ }
-+#endif /* CONFIG_NETFILTER */
-+
-+ return IPSEC_RCV_OK;
-+}
-+
-+
-+/*
-+ * core decapsulation loop for all protocols.
-+ *
-+ * the following things should be setup to enter this function.
-+ *
-+ * irs->stats == stats structure (or NULL)
-+ * irs->ipp = IP header.
-+ * irs->ipsp = NULL.
-+ * irs->ilen = 0;
-+ * irs->authlen = 0;
-+ * irs->authfuncs = NULL;
-+ * irs->skb = skb;
-+ * skb->nh.iph = ipp;
-+ * skb->h.raw = start of payload
-+ *
-+ */
-+int ipsec_rcv_decap(struct ipsec_rcv_state *irs)
-+{
-+ struct ipsec_sa *ipsp = NULL;
-+ struct ipsec_sa* ipsnext = NULL;
-+ struct in_addr ipsaddr;
-+ struct in_addr ipdaddr;
-+ struct iphdr *ipp;
-+ struct sk_buff *skb = NULL;
-+
-+ /* begin decapsulating loop here */
-+
-+ /*
-+ The spinlock is to prevent any other process from
-+ accessing or deleting the ipsec_sa hash table or any of the
-+ ipsec_sa s while we are using and updating them.
-+
-+ This is not optimal, but was relatively straightforward
-+ at the time. A better way to do it has been planned for
-+ more than a year, to lock the hash table and put reference
-+ counts on each ipsec_sa instead. This is not likely to happen
-+ in KLIPS1 unless a volunteer contributes it, but will be
-+ designed into KLIPS2.
-+ */
-+ spin_lock(&tdb_lock);
-+
-+ do {
-+ int decap_stat;
-+ struct xform_functions *proto_funcs;
-+
-+ switch(irs->ipp->protocol) {
-+ case IPPROTO_ESP:
-+ proto_funcs = esp_xform_funcs;
-+ break;
-+
-+#ifdef CONFIG_KLIPS_AH
-+ case IPPROTO_AH:
-+ proto_funcs = ah_xform_funcs;
-+ break;
-+#endif /* !CONFIG_KLIPS_AH */
-+
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ case IPPROTO_COMP:
-+ proto_funcs = ipcomp_xform_funcs;
-+ break;
-+#endif /* !CONFIG_KLIPS_IPCOMP */
-+ default:
-+ if(irs->stats) {
-+ irs->stats->rx_errors++;
-+ }
-+ decap_stat = IPSEC_RCV_BADPROTO;
-+ goto rcvleave;
-+ }
-+
-+ decap_stat = ipsec_rcv_decap_once(irs, proto_funcs);
-+
-+ if(decap_stat != IPSEC_RCV_OK) {
-+ spin_unlock(&tdb_lock);
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: decap_once failed: %d\n",
-+ decap_stat);
-+
-+ goto rcvleave;
-+ }
-+ /* end decapsulation loop here */
-+ } while( (irs->ipp->protocol == IPPROTO_ESP )
-+ || (irs->ipp->protocol == IPPROTO_AH )
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ || (irs->ipp->protocol == IPPROTO_COMP)
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+ );
-+
-+ /* set up for decap loop */
-+ ipp =irs->ipp;
-+ ipsp =irs->ipsp;
-+ ipsnext = ipsp->ips_inext;
-+ skb = irs->skb;
-+
-+ /* if there is an IPCOMP, but we don't have an IPPROTO_COMP,
-+ * then we can just skip it
-+ */
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ if(ipsnext && ipsnext->ips_said.proto == IPPROTO_COMP) {
-+ ipsp = ipsnext;
-+ ipsnext = ipsp->ips_inext;
-+ }
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ if ((irs->natt_type) && (ipp->protocol != IPPROTO_IPIP)) {
-+ /**
-+ * NAT-Traversal and Transport Mode:
-+ * we need to correct TCP/UDP checksum
-+ *
-+ * If we've got NAT-OA, we can fix checksum without recalculation.
-+ */
-+ __u32 natt_oa = ipsp->ips_natt_oa ?
-+ ((struct sockaddr_in*)(ipsp->ips_natt_oa))->sin_addr.s_addr : 0;
-+ __u16 pkt_len = skb->tail - (unsigned char *)ipp;
-+ __u16 data_len = pkt_len - (ipp->ihl << 2);
-+
-+ switch (ipp->protocol) {
-+ case IPPROTO_TCP:
-+ if (data_len >= sizeof(struct tcphdr)) {
-+ struct tcphdr *tcp = skb->h.th;
-+ if (natt_oa) {
-+ __u32 buff[2] = { ~natt_oa, ipp->saddr };
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "NAT-T & TRANSPORT: "
-+ "fix TCP checksum using NAT-OA\n");
-+ tcp->check = csum_fold(
-+ csum_partial((unsigned char *)buff, sizeof(buff),
-+ tcp->check^0xffff));
-+ }
-+ else {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "NAT-T & TRANSPORT: recalc TCP checksum\n");
-+ if (pkt_len > (ntohs(ipp->tot_len)))
-+ data_len -= (pkt_len - ntohs(ipp->tot_len));
-+ tcp->check = 0;
-+ tcp->check = csum_tcpudp_magic(ipp->saddr, ipp->daddr,
-+ data_len, IPPROTO_TCP,
-+ csum_partial((unsigned char *)tcp, data_len, 0));
-+ }
-+ }
-+ else {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "NAT-T & TRANSPORT: can't fix TCP checksum\n");
-+ }
-+ break;
-+ case IPPROTO_UDP:
-+ if (data_len >= sizeof(struct udphdr)) {
-+ struct udphdr *udp = skb->h.uh;
-+ if (udp->check == 0) {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "NAT-T & TRANSPORT: UDP checksum already 0\n");
-+ }
-+ else if (natt_oa) {
-+ __u32 buff[2] = { ~natt_oa, ipp->saddr };
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "NAT-T & TRANSPORT: "
-+ "fix UDP checksum using NAT-OA\n");
-+#ifdef DISABLE_UDP_CHECKSUM
-+ udp->check=0
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "NAT-T & TRANSPORT: "
-+ "UDP checksum using NAT-OA disabled at compile time\n");
-+#else
-+ udp->check = csum_fold(
-+ csum_partial((unsigned char *)buff, sizeof(buff),
-+ udp->check^0xffff));
-+#endif
-+ }
-+ else {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "NAT-T & TRANSPORT: zero UDP checksum\n");
-+ udp->check = 0;
-+ }
-+ }
-+ else {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "NAT-T & TRANSPORT: can't fix UDP checksum\n");
-+ }
-+ break;
-+ default:
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "NAT-T & TRANSPORT: non TCP/UDP packet -- do nothing\n");
-+ break;
-+ }
-+ }
-+#endif
-+
-+ /*
-+ * XXX this needs to be locked from when it was first looked
-+ * up in the decapsulation loop. Perhaps it is better to put
-+ * the IPIP decap inside the loop.
-+ */
-+ if(ipsnext) {
-+ ipsp = ipsnext;
-+ irs->sa_len = satot(&irs->said, 0, irs->sa, sizeof(irs->sa));
-+ if((ipp->protocol != IPPROTO_IPIP) &&
-+ (ipp->protocol != IPPROTO_ATT_HEARTBEAT)) { /* AT&T heartbeats to SIG/GIG */
-+ spin_unlock(&tdb_lock);
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "SA:%s, Hey! How did this get through? Dropped.\n",
-+ irs->sa_len ? irs->sa : " (error)");
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ goto rcvleave;
-+ }
-+ if(sysctl_ipsec_inbound_policy_check) {
-+ struct sockaddr_in *psin = (struct sockaddr_in*)(ipsp->ips_addr_s);
-+ if((ipsnext = ipsp->ips_inext)) {
-+ char sa2[SATOT_BUF];
-+ size_t sa_len2;
-+ sa_len2 = satot(&ipsnext->ips_said, 0, sa2, sizeof(sa2));
-+ spin_unlock(&tdb_lock);
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "unexpected SA:%s after IPIP SA:%s\n",
-+ sa_len2 ? sa2 : " (error)",
-+ irs->sa_len ? irs->sa : " (error)");
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ goto rcvleave;
-+ }
-+ if(ipp->saddr != psin->sin_addr.s_addr) {
-+ spin_unlock(&tdb_lock);
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "SA:%s, src=%s(%08x) does match expected 0x%08x.\n",
-+ irs->sa_len ? irs->sa : " (error)",
-+ irs->ipsaddr_txt,
-+ ipp->saddr, psin->sin_addr.s_addr);
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ goto rcvleave;
-+ }
-+ }
-+
-+ if(ipp->protocol == IPPROTO_IPIP) /* added to support AT&T heartbeats to SIG/GIG */
-+ {
-+ /*
-+ * XXX this needs to be locked from when it was first looked
-+ * up in the decapsulation loop. Perhaps it is better to put
-+ * the IPIP decap inside the loop.
-+ */
-+ ipsp->ips_life.ipl_bytes.ipl_count += skb->len;
-+ ipsp->ips_life.ipl_bytes.ipl_last = skb->len;
-+
-+ if(!ipsp->ips_life.ipl_usetime.ipl_count) {
-+ ipsp->ips_life.ipl_usetime.ipl_count = jiffies / HZ;
-+ }
-+ ipsp->ips_life.ipl_usetime.ipl_last = jiffies / HZ;
-+ ipsp->ips_life.ipl_packets.ipl_count += 1;
-+
-+ if(skb->len < irs->iphlen) {
-+ spin_unlock(&tdb_lock);
-+ printk(KERN_WARNING "klips_debug:ipsec_rcv: "
-+ "tried to skb_pull iphlen=%d, %d available. This should never happen, please report.\n",
-+ irs->iphlen,
-+ (int)(skb->len));
-+
-+ goto rcvleave;
-+ }
-+
-+ /*
-+ * we need to pull up by size of IP header,
-+ * options, but also by any UDP/ESP encap there might
-+ * have been, and this deals with all cases.
-+ */
-+ skb_pull(skb, (skb->h.raw - skb->nh.raw));
-+
-+ /* new L3 header is where L4 payload was */
-+ skb->nh.raw = skb->h.raw;
-+
-+ /* now setup new L4 payload location */
-+ ipp = (struct iphdr *)skb->nh.raw;
-+ skb->h.raw = skb->nh.raw + (ipp->ihl << 2);
-+
-+
-+ /* remove any saved options that we might have,
-+ * since we have a new IP header.
-+ */
-+ memset(&(IPCB(skb)->opt), 0, sizeof(struct ip_options));
-+
-+#if 0
-+ KLIPS_PRINT(debug_rcv, "csum: %d\n", ip_fast_csum((u8 *)ipp, ipp->ihl));
-+#endif
-+
-+ /* re-do any strings for debugging */
-+ ipsaddr.s_addr = ipp->saddr;
-+ addrtoa(ipsaddr, 0, irs->ipsaddr_txt, sizeof(irs->ipsaddr_txt));
-+ ipdaddr.s_addr = ipp->daddr;
-+ addrtoa(ipdaddr, 0, irs->ipdaddr_txt, sizeof(irs->ipdaddr_txt));
-+
-+ skb->protocol = htons(ETH_P_IP);
-+ skb->ip_summed = 0;
-+ KLIPS_PRINT(debug_rcv & DB_RX_PKTRX,
-+ "klips_debug:ipsec_rcv: "
-+ "IPIP tunnel stripped.\n");
-+ KLIPS_IP_PRINT(debug_rcv & DB_RX_PKTRX, ipp);
-+ }
-+
-+ if(sysctl_ipsec_inbound_policy_check
-+ /*
-+ Note: "xor" (^) logically replaces "not equal"
-+ (!=) and "bitwise or" (|) logically replaces
-+ "boolean or" (||). This is done to speed up
-+ execution by doing only bitwise operations and
-+ no branch operations
-+ */
-+ && (((ipp->saddr & ipsp->ips_mask_s.u.v4.sin_addr.s_addr)
-+ ^ ipsp->ips_flow_s.u.v4.sin_addr.s_addr)
-+ | ((ipp->daddr & ipsp->ips_mask_d.u.v4.sin_addr.s_addr)
-+ ^ ipsp->ips_flow_d.u.v4.sin_addr.s_addr)) )
-+ {
-+ char sflow_txt[SUBNETTOA_BUF], dflow_txt[SUBNETTOA_BUF];
-+
-+ subnettoa(ipsp->ips_flow_s.u.v4.sin_addr,
-+ ipsp->ips_mask_s.u.v4.sin_addr,
-+ 0, sflow_txt, sizeof(sflow_txt));
-+ subnettoa(ipsp->ips_flow_d.u.v4.sin_addr,
-+ ipsp->ips_mask_d.u.v4.sin_addr,
-+ 0, dflow_txt, sizeof(dflow_txt));
-+ spin_unlock(&tdb_lock);
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "SA:%s, inner tunnel policy [%s -> %s] does not agree with pkt contents [%s -> %s].\n",
-+ irs->sa_len ? irs->sa : " (error)",
-+ sflow_txt,
-+ dflow_txt,
-+ irs->ipsaddr_txt,
-+ irs->ipdaddr_txt);
-+ if(irs->stats) {
-+ irs->stats->rx_dropped++;
-+ }
-+ goto rcvleave;
-+ }
-+#ifdef CONFIG_NETFILTER
-+ skb->nfmark = (skb->nfmark & (~(IPsecSAref2NFmark(IPSEC_SA_REF_TABLE_MASK))))
-+ | IPsecSAref2NFmark(IPsecSA2SAref(ipsp));
-+ KLIPS_PRINT(debug_rcv & DB_RX_PKTRX,
-+ "klips_debug:ipsec_rcv: "
-+ "IPIP SA sets skb->nfmark=0x%x.\n",
-+ (unsigned)skb->nfmark);
-+#endif /* CONFIG_NETFILTER */
-+ }
-+
-+ spin_unlock(&tdb_lock);
-+
-+ if(irs->stats) {
-+ irs->stats->rx_bytes += skb->len;
-+ }
-+ if(skb->dst) {
-+ dst_release(skb->dst);
-+ skb->dst = NULL;
-+ }
-+ skb->pkt_type = PACKET_HOST;
-+ if(irs->hard_header_len &&
-+ (skb->mac.raw != (skb->nh.raw - irs->hard_header_len)) &&
-+ (irs->hard_header_len <= skb_headroom(skb))) {
-+ /* copy back original MAC header */
-+ memmove(skb->nh.raw - irs->hard_header_len,
-+ skb->mac.raw, irs->hard_header_len);
-+ skb->mac.raw = skb->nh.raw - irs->hard_header_len;
-+ }
-+
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ if(ipp->protocol == IPPROTO_COMP) {
-+ unsigned int flags = 0;
-+
-+ if(sysctl_ipsec_inbound_policy_check) {
-+ KLIPS_PRINT(debug_rcv & DB_RX_PKTRX,
-+ "klips_debug:ipsec_rcv: "
-+ "inbound policy checking enabled, IPCOMP follows IPIP, dropped.\n");
-+ if (irs->stats) {
-+ irs->stats->rx_errors++;
-+ }
-+ goto rcvleave;
-+ }
-+ /*
-+ XXX need a ipsec_sa for updating ratio counters but it is not
-+ following policy anyways so it is not a priority
-+ */
-+ skb = skb_decompress(skb, NULL, &flags);
-+ if (!skb || flags) {
-+ KLIPS_PRINT(debug_rcv & DB_RX_PKTRX,
-+ "klips_debug:ipsec_rcv: "
-+ "skb_decompress() returned error flags: %d, dropped.\n",
-+ flags);
-+ if (irs->stats) {
-+ irs->stats->rx_errors++;
-+ }
-+ goto rcvleave;
-+ }
-+ }
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+
-+ /*
-+ * make sure that data now starts at IP header, since we are going
-+ * to pass this back to ip_input (aka netif_rx). Rules for what the
-+ * pointers wind up a different for 2.6 vs 2.4, so we just fudge it here.
-+ */
-+#ifdef NET_26
-+ skb->data = skb_push(skb, skb->h.raw - skb->nh.raw);
-+#else
-+ skb->data = skb->nh.raw;
-+ {
-+ struct iphdr *iph = skb->nh.iph;
-+ int len = ntohs(iph->tot_len);
-+ skb->len = len;
-+ }
-+#endif
-+
-+#ifdef SKB_RESET_NFCT
-+ nf_conntrack_put(skb->nfct);
-+ skb->nfct = NULL;
-+#if defined(CONFIG_NETFILTER_DEBUG) && defined(HAVE_SKB_NF_DEBUG)
-+ skb->nf_debug = 0;
-+#endif /* CONFIG_NETFILTER_DEBUG */
-+#endif /* SKB_RESET_NFCT */
-+ KLIPS_PRINT(debug_rcv & DB_RX_PKTRX,
-+ "klips_debug:ipsec_rcv: "
-+ "netif_rx() called.\n");
-+ netif_rx(skb);
-+ skb=NULL;
-+
-+ rcvleave:
-+ if(skb) {
-+ ipsec_kfree_skb(skb);
-+ }
-+
-+ /* KLIPS_DEC_USE; Artifact from refactor? bug # 454 */
-+ return(0);
-+}
-+
-+struct sk_buff *ipsec_rcv_unclone(struct sk_buff *skb,
-+ struct ipsec_rcv_state *irs)
-+{
-+ /* if skb was cloned (most likely due to a packet sniffer such as
-+ tcpdump being momentarily attached to the interface), make
-+ a copy of our own to modify */
-+ if(skb_cloned(skb)) {
-+ /* include any mac header while copying.. */
-+ if(skb_headroom(skb) < irs->hard_header_len) {
-+ printk(KERN_WARNING "klips_error:ipsec_rcv: "
-+ "tried to skb_push hhlen=%d, %d available. This should never happen, please report.\n",
-+ irs->hard_header_len,
-+ skb_headroom(skb));
-+ goto rcvleave;
-+ }
-+ skb_push(skb, irs->hard_header_len);
-+ if
-+#ifdef SKB_COW_NEW
-+ (skb_cow(skb, skb_headroom(skb)) != 0)
-+#else /* SKB_COW_NEW */
-+ ((skb = skb_cow(skb, skb_headroom(skb))) == NULL)
-+#endif /* SKB_COW_NEW */
-+ {
-+ goto rcvleave;
-+ }
-+ if(skb->len < irs->hard_header_len) {
-+ printk(KERN_WARNING "klips_error:ipsec_rcv: "
-+ "tried to skb_pull hhlen=%d, %d available. This should never happen, please report.\n",
-+ irs->hard_header_len,
-+ skb->len);
-+ goto rcvleave;
-+ }
-+ skb_pull(skb, irs->hard_header_len);
-+ }
-+ return skb;
-+
-+rcvleave:
-+ ipsec_kfree_skb(skb);
-+ return NULL;
-+}
-+
-+
-+#if !defined(NET_26) && defined(CONFIG_IPSEC_NAT_TRAVERSAL)
-+/*
-+ * decapsulate a UDP encapsulated ESP packet
-+ */
-+struct sk_buff *ipsec_rcv_natt_decap(struct sk_buff *skb
-+ , struct ipsec_rcv_state *irs
-+ , int *udp_decap_ret_p)
-+{
-+ *udp_decap_ret_p = 0;
-+ if (skb->sk && skb->nh.iph && skb->nh.iph->protocol==IPPROTO_UDP) {
-+ /**
-+ * Packet comes from udp_queue_rcv_skb so it is already defrag,
-+ * checksum verified, ... (ie safe to use)
-+ *
-+ * If the packet is not for us, return -1 and udp_queue_rcv_skb
-+ * will continue to handle it (do not kfree skb !!).
-+ */
-+
-+#ifndef UDP_OPT_IN_SOCK
-+ struct udp_opt {
-+ __u32 esp_in_udp;
-+ };
-+ struct udp_opt *tp = (struct udp_opt *)&(skb->sk->tp_pinfo.af_tcp);
-+#else
-+ struct udp_opt *tp = &(skb->sk->tp_pinfo.af_udp);
-+#endif
-+
-+ struct iphdr *ip = (struct iphdr *)skb->nh.iph;
-+ struct udphdr *udp = (struct udphdr *)((__u32 *)ip+ip->ihl);
-+ __u8 *udpdata = (__u8 *)udp + sizeof(struct udphdr);
-+ __u32 *udpdata32 = (__u32 *)udpdata;
-+
-+ irs->natt_sport = ntohs(udp->source);
-+ irs->natt_dport = ntohs(udp->dest);
-+
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "suspected ESPinUDP packet (NAT-Traversal) [%d].\n",
-+ tp->esp_in_udp);
-+ KLIPS_IP_PRINT(debug_rcv, ip);
-+
-+ if (udpdata < skb->tail) {
-+ unsigned int len = skb->tail - udpdata;
-+ if ((len==1) && (udpdata[0]==0xff)) {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ /* not IPv6 compliant message */
-+ "NAT-keepalive from %d.%d.%d.%d.\n", NIPQUAD(ip->saddr));
-+ *udp_decap_ret_p = 0;
-+ return NULL;
-+ }
-+ else if ( (tp->esp_in_udp == ESPINUDP_WITH_NON_IKE) &&
-+ (len > (2*sizeof(__u32) + sizeof(struct esphdr))) &&
-+ (udpdata32[0]==0) && (udpdata32[1]==0) ) {
-+ /* ESP Packet with Non-IKE header */
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "ESPinUDP pkt with Non-IKE - spi=0x%x\n",
-+ ntohl(udpdata32[2]));
-+ irs->natt_type = ESPINUDP_WITH_NON_IKE;
-+ irs->natt_len = sizeof(struct udphdr)+(2*sizeof(__u32));
-+ }
-+ else if ( (tp->esp_in_udp == ESPINUDP_WITH_NON_ESP) &&
-+ (len > sizeof(struct esphdr)) &&
-+ (udpdata32[0]!=0) ) {
-+ /* ESP Packet without Non-ESP header */
-+ irs->natt_type = ESPINUDP_WITH_NON_ESP;
-+ irs->natt_len = sizeof(struct udphdr);
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "ESPinUDP pkt without Non-ESP - spi=0x%x\n",
-+ ntohl(udpdata32[0]));
-+ }
-+ else {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "IKE packet - not handled here\n");
-+ *udp_decap_ret_p = -1;
-+ return NULL;
-+ }
-+ }
-+ else {
-+ return NULL;
-+ }
-+ }
-+ return skb;
-+}
-+#endif
-+
-+
-+int
-+ipsec_rcv(struct sk_buff *skb
-+#ifndef PROTO_HANDLER_SINGLE_PARM
-+ unsigned short xlen
-+#endif /* PROTO_HANDLER_SINGLE_PARM */
-+ )
-+{
-+#ifdef CONFIG_KLIPS_DEBUG
-+ struct net_device *dev = skb->dev;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ unsigned char protoc;
-+ struct net_device_stats *stats = NULL; /* This device's statistics */
-+ struct net_device *ipsecdev = NULL, *prvdev;
-+ struct ipsecpriv *prv;
-+ struct ipsec_rcv_state nirs, *irs = &nirs;
-+ struct iphdr *ipp;
-+ char name[9];
-+ int i;
-+
-+ /* Don't unlink in the middle of a turnaround */
-+ KLIPS_INC_USE;
-+
-+ memset(&nirs, 0, sizeof(struct ipsec_rcv_state));
-+
-+ if (skb == NULL) {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "NULL skb passed in.\n");
-+ goto rcvleave;
-+ }
-+
-+ if (skb->data == NULL) {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "NULL skb->data passed in, packet is bogus, dropping.\n");
-+ goto rcvleave;
-+ }
-+
-+#if defined(CONFIG_IPSEC_NAT_TRAVERSAL) && !defined(NET_26)
-+ {
-+ /* NET_26 NAT-T is handled by seperate function */
-+ struct sk_buff *nskb;
-+ int udp_decap_ret = 0;
-+
-+ nskb = ipsec_rcv_natt_decap(skb, irs, &udp_decap_ret);
-+ if(nskb == NULL) {
-+ /* return with non-zero, because UDP.c code
-+ * need to send it upstream.
-+ */
-+ if(skb && udp_decap_ret == 0) {
-+ ipsec_kfree_skb(skb);
-+ }
-+ KLIPS_DEC_USE;
-+ return(udp_decap_ret);
-+ }
-+ skb = nskb;
-+ }
-+#endif /* NAT_T */
-+
-+ /* dev->hard_header_len is unreliable and should not be used */
-+ irs->hard_header_len = skb->mac.raw ? (skb->nh.raw - skb->mac.raw) : 0;
-+ if((irs->hard_header_len < 0) || (irs->hard_header_len > skb_headroom(skb)))
-+ irs->hard_header_len = 0;
-+
-+ skb = ipsec_rcv_unclone(skb, irs);
-+ if(skb == NULL) {
-+ goto rcvleave;
-+ }
-+
-+#if IP_FRAGMENT_LINEARIZE
-+ /* In Linux 2.4.4, we may have to reassemble fragments. They are
-+ not assembled automatically to save TCP from having to copy
-+ twice.
-+ */
-+ if (skb_is_nonlinear(skb)) {
-+#ifdef HAVE_NEW_SKB_LINEARIZE
-+ if (skb_linearize_cow(skb) != 0)
-+#else
-+ if (skb_linearize(skb, GFP_ATOMIC) != 0)
-+#endif
-+ {
-+ goto rcvleave;
-+ }
-+ }
-+#endif /* IP_FRAGMENT_LINEARIZE */
-+
-+#if defined(CONFIG_IPSEC_NAT_TRAVERSAL) && !defined(NET_26)
-+ if (irs->natt_len) {
-+ /**
-+ * Now, we are sure packet is ESPinUDP, and we have a private
-+ * copy that has been linearized, remove natt_len bytes
-+ * from packet and modify protocol to ESP.
-+ */
-+ if (((unsigned char *)skb->data > (unsigned char *)skb->nh.iph)
-+ && ((unsigned char *)skb->nh.iph > (unsigned char *)skb->head))
-+ {
-+ unsigned int _len = (unsigned char *)skb->data -
-+ (unsigned char *)skb->nh.iph;
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: adjusting skb: skb_push(%u)\n",
-+ _len);
-+ skb_push(skb, _len);
-+ }
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "removing %d bytes from ESPinUDP packet\n", irs->natt_len);
-+ ipp = skb->nh.iph;
-+ irs->iphlen = ipp->ihl << 2;
-+ ipp->tot_len = htons(ntohs(ipp->tot_len) - irs->natt_len);
-+ if (skb->len < irs->iphlen + irs->natt_len) {
-+ printk(KERN_WARNING
-+ "klips_error:ipsec_rcv: "
-+ "ESPinUDP packet is too small (%d < %d+%d). "
-+ "This should never happen, please report.\n",
-+ (int)(skb->len), irs->iphlen, irs->natt_len);
-+ goto rcvleave;
-+ }
-+
-+ /* advance payload pointer to point past the UDP header */
-+ skb->h.raw = skb->h.raw + irs->natt_len;
-+
-+ /* modify protocol */
-+ ipp->protocol = IPPROTO_ESP;
-+
-+ skb->sk = NULL;
-+
-+ KLIPS_IP_PRINT(debug_rcv, skb->nh.iph);
-+ }
-+#endif
-+
-+ ipp = skb->nh.iph;
-+
-+ {
-+ struct in_addr ipsaddr;
-+ struct in_addr ipdaddr;
-+
-+ ipsaddr.s_addr = ipp->saddr;
-+ addrtoa(ipsaddr, 0, irs->ipsaddr_txt
-+ , sizeof(irs->ipsaddr_txt));
-+ ipdaddr.s_addr = ipp->daddr;
-+ addrtoa(ipdaddr, 0, irs->ipdaddr_txt
-+ , sizeof(irs->ipdaddr_txt));
-+ }
-+
-+ irs->iphlen = ipp->ihl << 2;
-+
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "<<< Info -- ");
-+ KLIPS_PRINTMORE(debug_rcv && skb->dev, "skb->dev=%s ",
-+ skb->dev->name ? skb->dev->name : "NULL");
-+ KLIPS_PRINTMORE(debug_rcv && dev, "dev=%s ",
-+ dev->name ? dev->name : "NULL");
-+ KLIPS_PRINTMORE(debug_rcv, "\n");
-+
-+ KLIPS_PRINT(debug_rcv && !(skb->dev && dev && (skb->dev == dev)),
-+ "klips_debug:ipsec_rcv: "
-+ "Informational -- **if this happens, find out why** skb->dev:%s is not equal to dev:%s\n",
-+ skb->dev ? (skb->dev->name ? skb->dev->name : "NULL") : "NULL",
-+ dev ? (dev->name ? dev->name : "NULL") : "NULL");
-+
-+ protoc = ipp->protocol;
-+#ifndef NET_21
-+ if((!protocol) || (protocol->protocol != protoc)) {
-+ KLIPS_PRINT(debug_rcv & DB_RX_IPSA,
-+ "klips_debug:ipsec_rcv: "
-+ "protocol arg is NULL or unequal to the packet contents, this is odd, using value in packet.\n");
-+ }
-+#endif /* !NET_21 */
-+
-+ if( (protoc != IPPROTO_AH) &&
-+#ifdef CONFIG_KLIPS_IPCOMP_disabled_until_we_register_IPCOMP_HANDLER
-+ (protoc != IPPROTO_COMP) &&
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+ (protoc != IPPROTO_ESP) ) {
-+ KLIPS_PRINT(debug_rcv & DB_RX_IPSA,
-+ "klips_debug:ipsec_rcv: Why the hell is someone "
-+ "passing me a non-ipsec protocol = %d packet? -- dropped.\n",
-+ protoc);
-+ goto rcvleave;
-+ }
-+
-+ if(skb->dev) {
-+ for(i = 0; i < IPSEC_NUM_IF; i++) {
-+ sprintf(name, IPSEC_DEV_FORMAT, i);
-+ if(!strcmp(name, skb->dev->name)) {
-+ prv = (struct ipsecpriv *)(skb->dev->priv);
-+ if(prv) {
-+ stats = (struct net_device_stats *) &(prv->mystats);
-+ }
-+ ipsecdev = skb->dev;
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "Info -- pkt already proc'ed a group of ipsec headers, processing next group of ipsec headers.\n");
-+ break;
-+ }
-+ if((ipsecdev = __ipsec_dev_get(name)) == NULL) {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_error:ipsec_rcv: "
-+ "device %s does not exist\n",
-+ name);
-+ }
-+ prv = ipsecdev ? (struct ipsecpriv *)(ipsecdev->priv) : NULL;
-+ prvdev = prv ? (struct net_device *)(prv->dev) : NULL;
-+
-+#if 0
-+ KLIPS_PRINT(debug_rcv && prvdev,
-+ "klips_debug:ipsec_rcv: "
-+ "physical device for device %s is %s\n",
-+ name,
-+ prvdev->name);
-+#endif
-+ if(prvdev && skb->dev &&
-+ !strcmp(prvdev->name, skb->dev->name)) {
-+ stats = prv ? ((struct net_device_stats *) &(prv->mystats)) : NULL;
-+ skb->dev = ipsecdev;
-+ KLIPS_PRINT(debug_rcv && prvdev,
-+ "klips_debug:ipsec_rcv: "
-+ "assigning packet ownership to virtual device %s from physical device %s.\n",
-+ name, prvdev->name);
-+ if(stats) {
-+ stats->rx_packets++;
-+ }
-+ break;
-+ }
-+ }
-+ } else {
-+ KLIPS_PRINT(debug_rcv,
-+ "klips_debug:ipsec_rcv: "
-+ "device supplied with skb is NULL\n");
-+ }
-+
-+ if(stats == NULL) {
-+ KLIPS_PRINT((debug_rcv),
-+ "klips_error:ipsec_rcv: "
-+ "packet received from physical I/F (%s) not connected to ipsec I/F. Cannot record stats. May not have SA for decoding. Is IPSEC traffic expected on this I/F? Check routing.\n",
-+ skb->dev ? (skb->dev->name ? skb->dev->name : "NULL") : "NULL");
-+ }
-+
-+ KLIPS_IP_PRINT(debug_rcv, ipp);
-+
-+ /* set up for decap loop */
-+ irs->stats= stats;
-+ irs->ipp = ipp;
-+ irs->ipsp = NULL;
-+ irs->ilen = 0;
-+ irs->authlen=0;
-+ irs->authfuncs=NULL;
-+ irs->skb = skb;
-+
-+ ipsec_rcv_decap(irs);
-+ KLIPS_DEC_USE;
-+ return(0);
-+
-+ rcvleave:
-+ if(skb) {
-+ ipsec_kfree_skb(skb);
-+ }
-+ KLIPS_DEC_USE;
-+ return(0);
-+
-+}
-+
-+#ifdef NET_26
-+/*
-+ * this entry point is not a protocol entry point, so the entry
-+ * is a bit different.
-+ *
-+ * skb->iph->tot_len has been byte-swapped, and reduced by the size of
-+ * the IP header (and options).
-+ *
-+ * skb->h.raw has been pulled up the ESP header.
-+ *
-+ * skb->iph->protocol = 50 IPPROTO_ESP;
-+ *
-+ */
-+int klips26_rcv_encap(struct sk_buff *skb, __u16 encap_type)
-+{
-+ struct ipsec_rcv_state nirs, *irs = &nirs;
-+ struct iphdr *ipp;
-+
-+ /* Don't unlink in the middle of a turnaround */
-+ KLIPS_INC_USE;
-+
-+ memset(irs, 0, sizeof(*irs));
-+
-+ /* XXX fudge it so that all nat-t stuff comes from ipsec0 */
-+ /* eventually, the SA itself will determine which device
-+ * it comes from
-+ */
-+ {
-+ skb->dev = ipsec_get_device(0);
-+ }
-+
-+ /* set up for decap loop */
-+ irs->hard_header_len = skb->dev->hard_header_len;
-+
-+ skb = ipsec_rcv_unclone(skb, irs);
-+
-+#if IP_FRAGMENT_LINEARIZE
-+ /* In Linux 2.4.4, we may have to reassemble fragments. They are
-+ not assembled automatically to save TCP from having to copy
-+ twice.
-+ */
-+ if (skb_is_nonlinear(skb)) {
-+#ifdef HAVE_NEW_SKB_LINEARIZE
-+ if (skb_linearize_cow(skb) != 0)
-+#else
-+ if (skb_linearize(skb, GFP_ATOMIC) != 0)
-+#endif
-+ {
-+ goto rcvleave;
-+ }
-+ }
-+#endif /* IP_FRAGMENT_LINEARIZE */
-+
-+ ipp = skb->nh.iph;
-+
-+ {
-+ struct in_addr ipsaddr;
-+ struct in_addr ipdaddr;
-+
-+ ipsaddr.s_addr = ipp->saddr;
-+ addrtoa(ipsaddr, 0, irs->ipsaddr_txt
-+ , sizeof(irs->ipsaddr_txt));
-+ ipdaddr.s_addr = ipp->daddr;
-+ addrtoa(ipdaddr, 0, irs->ipdaddr_txt
-+ , sizeof(irs->ipdaddr_txt));
-+ }
-+
-+ irs->iphlen = ipp->ihl << 2;
-+
-+ KLIPS_IP_PRINT(debug_rcv, ipp);
-+
-+ irs->stats= NULL;
-+ irs->ipp = ipp;
-+ irs->ipsp = NULL;
-+ irs->ilen = 0;
-+ irs->authlen=0;
-+ irs->authfuncs=NULL;
-+ irs->skb = skb;
-+
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ switch(encap_type) {
-+ case UDP_ENCAP_ESPINUDP:
-+ irs->natt_type = ESPINUDP_WITH_NON_ESP;
-+ break;
-+
-+ case UDP_ENCAP_ESPINUDP_NON_IKE:
-+ irs->natt_type = ESPINUDP_WITH_NON_IKE;
-+ break;
-+
-+ default:
-+ if(printk_ratelimit()) {
-+ printk(KERN_INFO "KLIPS received unknown UDP-ESP encap type %u\n",
-+ encap_type);
-+ }
-+ return -1;
-+ }
-+
-+#endif
-+ ipsec_rcv_decap(irs);
-+ KLIPS_DEC_USE;
-+ return 0;
-+
-+rcvleave:
-+ if(skb) {
-+ ipsec_kfree_skb(skb);
-+ }
-+ KLIPS_DEC_USE;
-+ return 0;
-+}
-+#endif
-+
-+
-+/*
-+ * $Log: ipsec_rcv.c,v $
-+ * Revision 1.171.2.11 2007/04/28 20:46:40 paul
-+ * Added compile time switch for -DDISABLE_UDP_CHECKSUM that seems to be
-+ * breaking IPsec+NAT+Transport mode with NAT-OA. Enabled this per default
-+ * via Makefile.inc's USERCOMPILE flags.
-+ *
-+ * Revision 1.171.2.10 2006/10/06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.171.2.9 2006/07/30 02:09:33 paul
-+ * Author: Bart Trojanowski <bart@xelerance.com>
-+ * This fixes a NATT+ESP bug in rcv path.
-+ *
-+ * We only want to test NATT policy on the ESP packet. Doing so on the
-+ * bundled SA breaks because the next layer does not know anything about
-+ * NATT.
-+ *
-+ * Fix just puts an if(proto == IPPROTO_ESP) around the NATT policy check.
-+ *
-+ * Revision 1.171.2.8 2006/07/29 05:03:04 paul
-+ * Added check for new version of skb_linearize that only takes 1 argument,
-+ * for 2.6.18+ kernels.
-+ *
-+ * Revision 1.171.2.7 2006/04/20 16:33:07 mcr
-+ * remove all of CONFIG_KLIPS_ALG --- one can no longer build without it.
-+ * Fix in-kernel module compilation. Sub-makefiles do not work.
-+ *
-+ * Revision 1.171.2.6 2005/12/07 06:07:04 paul
-+ * comment out KLIPS_DEC_USE in ipsec_rcv_decap. Likely an artifact from
-+ * refactoring. http://bugs.xelerance.com/view.php?id=454
-+ *
-+ * Revision 1.171.2.5 2005/10/21 02:22:29 mcr
-+ * pull up of another try at 2.4.x kernel fix
-+ *
-+ * Revision 1.171.2.4 2005/10/21 01:39:56 mcr
-+ * nat-t fix is 2.4/2.6 specific
-+ *
-+ * Revision 1.178 2005/10/21 02:19:34 mcr
-+ * on 2.4 systems, we have to fix up the length as well.
-+ *
-+ * Revision 1.177 2005/10/21 00:18:31 mcr
-+ * nat-t fix is 2.4 specific.
-+ *
-+ * Revision 1.176 2005/10/20 21:06:11 mcr
-+ * possible fix for nat-t problem on 2.4 kernels.
-+ *
-+ * Revision 1.175 2005/10/13 02:49:24 mcr
-+ * tested UDP-encapsulated ESP packets that were not actually ESP,
-+ * (but IKE) were being eaten.
-+ *
-+ * Revision 1.174 2005/10/13 01:25:22 mcr
-+ * UDP-encapsulated ESP packets that were not actually ESP,
-+ * (but IKE) were being eaten.
-+ *
-+ * Revision 1.173 2005/08/31 23:26:11 mcr
-+ * fixes for 2.6.13
-+ *
-+ * Revision 1.172 2005/08/05 08:44:54 mcr
-+ * ipsec_kern24.h (compat code for 2.4) must be include
-+ * explicitely now.
-+ *
-+ * Revision 1.171 2005/07/08 23:56:06 ken
-+ * #ifdef
-+ *
-+ * Revision 1.170 2005/07/08 23:50:05 ken
-+ * Don't attempt to decapsulate if NAT-T isn't available in the code
-+ *
-+ * Revision 1.169 2005/06/06 00:27:31 mcr
-+ * fix for making tcpdump (packet capture) work correctly for
-+ * nat-t received packets.
-+ *
-+ * Revision 1.168 2005/06/04 16:06:06 mcr
-+ * better patch for nat-t rcv-device code.
-+ *
-+ * Revision 1.167 2005/06/03 17:04:46 mcr
-+ * nat-t packets are forced to arrive from ipsec0.
-+ *
-+ * Revision 1.166 2005/04/29 05:10:22 mcr
-+ * removed from extraenous includes to make unit testing easier.
-+ *
-+ * Revision 1.165 2005/04/20 17:11:32 mcr
-+ * fixed to compile on 2.4.
-+ *
-+ * Revision 1.164 2005/04/18 03:09:50 ken
-+ * Fix typo
-+ *
-+ * Revision 1.163 2005/04/17 05:32:58 mcr
-+ * remove extraneous debugging
-+ * make sure to return success from klips26_encap_rcv().
-+ *
-+ * Revision 1.162 2005/04/17 04:37:01 mcr
-+ * make sure that irs->ipp is still set.
-+ *
-+ * Revision 1.161 2005/04/17 03:51:52 mcr
-+ * removed old comment about removed code.
-+ * added translation from udp.c/2.6 to KLIPS NAT-ESP naming.
-+ * comment about check for origin address/port for incoming NAT-ESP packets.
-+ *
-+ * Revision 1.160 2005/04/15 19:55:58 mcr
-+ * adjustments to use proper skb fields for data.
-+ *
-+ * Revision 1.159 2005/04/10 22:58:20 mcr
-+ * refactoring of receive functions to make it easier to
-+ * call the ESP decap.
-+ *
-+ * Revision 1.158 2005/04/08 18:27:53 mcr
-+ * refactored ipsec_rcv() into ipsec_rcv() and ipsec_rcv_decap().
-+ *
-+ * Revision 1.157 2004/12/28 23:13:09 mcr
-+ * use consistent CONFIG_IPSEC_NAT_TRAVERSAL.
-+ *
-+ * Revision 1.156 2004/12/03 21:34:51 mcr
-+ * mistype of KLIPS_USE_COUNT -> KLIPS_INC_USE;
-+ *
-+ * Revision 1.155 2004/12/03 21:25:57 mcr
-+ * compile time fixes for running on 2.6.
-+ * still experimental.
-+ *
-+ * Revision 1.154 2004/09/08 17:21:36 ken
-+ * Rename MD5* -> osMD5 functions to prevent clashes with other symbols exported by kernel modules (CIFS in 2.6 initiated this)
-+ *
-+ * Revision 1.153 2004/08/22 20:10:00 mcr
-+ * removed check for incorrect setting of NET_26.
-+ *
-+ * Revision 1.152 2004/08/21 15:22:39 mcr
-+ * added #defines for ATT heartbeat.
-+ *
-+ * Revision 1.151 2004/08/21 02:16:32 ken
-+ * Patch from Jochen Eisinger for AT&T MTS Heartbeat packet support
-+ *
-+ * Revision 1.150 2004/08/21 00:44:48 mcr
-+ * CONFIG_KLIPS_NAT was wrong, also need to include udp.h.
-+ *
-+ * Revision 1.149 2004/08/20 21:45:45 mcr
-+ * CONFIG_KLIPS_NAT_TRAVERSAL is not used in an attempt to
-+ * be 26sec compatible. But, some defines where changed.
-+ *
-+ * Revision 1.148 2004/08/17 03:27:23 mcr
-+ * klips 2.6 edits.
-+ *
-+ * Revision 1.147 2004/08/05 23:29:27 mcr
-+ * fixed nesting of #ifdef vs {} in ipsec_rcv().
-+ *
-+ * Revision 1.146 2004/08/04 15:57:07 mcr
-+ * moved des .h files to include/des/ *
-+ * included 2.6 protocol specific things
-+ * started at NAT-T support, but it will require a kernel patch.
-+ *
-+ * Revision 1.145 2004/08/03 18:19:08 mcr
-+ * in 2.6, use "net_device" instead of #define device->net_device.
-+ * this probably breaks 2.0 compiles.
-+ *
-+ * Revision 1.144 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.143 2004/05/10 22:27:00 mcr
-+ * fix for ESP-3DES-noauth test case.
-+ *
-+ * Revision 1.142 2004/05/10 22:25:57 mcr
-+ * reformat of calls to ipsec_lifetime_check().
-+ *
-+ * Revision 1.141 2004/04/06 02:49:26 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.140 2004/02/03 03:12:53 mcr
-+ * removed erroneously, double patched code.
-+ *
-+ * Revision 1.139 2004/01/05 23:21:29 mcr
-+ * initialize sin_family in ipsec_rcv.c
-+ *
-+ * Revision 1.138 2003/12/24 19:46:52 mcr
-+ * if sock.h patch has not been applied, then define appropriate
-+ * structure so we can use it. This is serious inferior, and
-+ * depends upon the concept that the structure in question is
-+ * smaller than the other members of that union.
-+ * getting rid of differing methods is a better solution.
-+ *
-+ * Revision 1.137 2003/12/22 19:40:57 mcr
-+ * NAT-T patches 0.6c.
-+ *
-+ * Revision 1.136 2003/12/15 18:13:12 mcr
-+ * when compiling with NAT traversal, don't assume that the
-+ * kernel has been patched, unless CONFIG_IPSEC_NAT_NON_ESP
-+ * is set.
-+ *
-+ * Revision 1.135 2003/12/13 19:10:21 mcr
-+ * refactored rcv and xmit code - same as FS 2.05.
-+ *
-+ * Revision 1.134.2.1 2003/12/22 15:25:52 jjo
-+ * Merged algo-0.8.1-rc11-test1 into alg-branch
-+ *
-+ * Revision 1.134 2003/12/10 01:14:27 mcr
-+ * NAT-traversal patches to KLIPS.
-+ *
-+ * Revision 1.133 2003/10/31 02:27:55 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.132.2.1 2003/10/29 01:30:41 mcr
-+ * elimited "struct sa_id".
-+ *
-+ * Revision 1.132 2003/09/02 19:51:48 mcr
-+ * fixes for PR#252.
-+ *
-+ * Revision 1.131 2003/07/31 22:47:16 mcr
-+ * preliminary (untested by FS-team) 2.5 patches.
-+ *
-+ * Revision 1.130 2003/04/03 17:38:25 rgb
-+ * Centralised ipsec_kfree_skb and ipsec_dev_{get,put}.
-+ * Clarified logic for non-connected devices.
-+ *
-+ * Revision 1.129 2003/02/06 02:21:34 rgb
-+ *
-+ * Moved "struct auth_alg" from ipsec_rcv.c to ipsec_ah.h .
-+ * Changed "struct ah" to "struct ahhdr" and "struct esp" to "struct esphdr".
-+ * Removed "#ifdef INBOUND_POLICY_CHECK_eroute" dead code.
-+ *
-+ * Revision 1.128 2002/12/13 20:58:03 rgb
-+ * Relegated MCR's recent "_dmp" routine to debug_verbose.
-+ * Cleaned up printing of source and destination addresses in debug output.
-+ *
-+ * Revision 1.127 2002/12/04 16:00:16 rgb
-+ *
-+ * Fixed AH decapsulation pointer update bug and added some comments and
-+ * debugging.
-+ * This bug was caught by west-ah-0[12].
-+ *
-+ * Revision 1.126 2002/11/04 05:03:43 mcr
-+ * fixes for IPCOMP. There were two problems:
-+ * 1) the irs->ipp pointer was not being updated properly after
-+ * the ESP descryption. The meant nothing for IPIP, as the
-+ * later IP header overwrote the earlier one.
-+ * 2) the more serious problem was that skb_decompress will
-+ * usually allocate a new SKB, so we have to make sure that
-+ * it doesn't get lost.
-+ * #2 meant removing the skb argument from the ->decrypt routine
-+ * and moving it to the irs->skb, so it could be value/result.
-+ *
-+ * Revision 1.125 2002/11/01 01:53:35 dhr
-+ *
-+ * fix typo
-+ *
-+ * Revision 1.124 2002/10/31 22:49:01 dhr
-+ *
-+ * - eliminate unused variable "hash"
-+ * - reduce scope of variable "authenticator"
-+ * - add comment on a couple of tricky bits
-+ *
-+ * Revision 1.123 2002/10/31 22:39:56 dhr
-+ *
-+ * use correct type for result of function calls
-+ *
-+ * Revision 1.122 2002/10/31 22:36:25 dhr
-+ *
-+ * simplify complex test
-+ *
-+ * Revision 1.121 2002/10/31 22:34:04 dhr
-+ *
-+ * ipsprev is never used: ditch it
-+ *
-+ * Revision 1.120 2002/10/31 22:30:21 dhr
-+ *
-+ * eliminate redundant assignments
-+ *
-+ * Revision 1.119 2002/10/31 22:27:43 dhr
-+ *
-+ * make whitespace canonical
-+ *
-+ * Revision 1.118 2002/10/30 05:47:17 rgb
-+ * Fixed cut-and-paste error mis-identifying comp runt as ah.
-+ *
-+ * Revision 1.117 2002/10/17 16:37:45 rgb
-+ * Remove compp intermediate variable and in-line its contents
-+ * where used
-+ *
-+ * Revision 1.116 2002/10/12 23:11:53 dhr
-+ *
-+ * [KenB + DHR] more 64-bit cleanup
-+ *
-+ * Revision 1.115 2002/10/07 19:06:58 rgb
-+ * Minor fixups and activation to west-rcv-nfmark-set-01 test to check for SA reference properly set on incoming.
-+ *
-+ * Revision 1.114 2002/10/07 18:31:31 rgb
-+ * Set saref on incoming packets.
-+ *
-+ * Revision 1.113 2002/09/16 21:28:12 mcr
-+ * adjust hash length for HMAC calculation - must look at whether
-+ * it is MD5 or SHA1.
-+ *
-+ * Revision 1.112 2002/09/16 21:19:15 mcr
-+ * fixes for west-ah-icmp-01 - length of AH header must be
-+ * calculated properly, and next_header field properly copied.
-+ *
-+ * Revision 1.111 2002/09/10 02:45:56 mcr
-+ * re-factored the ipsec_rcv function into several functions,
-+ * ipsec_rcv_decap_once, and a set of functions for AH, ESP and IPCOMP.
-+ * In addition, the MD5 and SHA1 functions are replaced with pointers.
-+ *
-+ * Revision 1.110 2002/08/30 06:34:33 rgb
-+ * Fix scope of shift in AH header length check.
-+ *
-+ * Revision 1.109 2002/08/27 16:49:20 rgb
-+ * Fixed ESP short packet DOS (and AH and IPCOMP).
-+ *
-+ * Revision 1.108 2002/07/24 18:44:54 rgb
-+ * Type fiddling to tame ia64 compiler.
-+ *
-+ * Revision 1.107 2002/05/27 18:58:18 rgb
-+ * Convert to dynamic ipsec device allocation.
-+ * Remove final vistiges of tdb references via IPSEC_KLIPS1_COMPAT.
-+ *
-+ * Revision 1.106 2002/05/23 07:15:21 rgb
-+ * Pointer clean-up.
-+ * Added refcount code.
-+ *
-+ * Revision 1.105 2002/05/14 02:35:06 rgb
-+ * Change all references to tdb, TDB or Tunnel Descriptor Block to ips,
-+ * ipsec_sa or ipsec_sa.
-+ * Change references to _TDB to _IPSA.
-+ *
-+ * Revision 1.104 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.103 2002/04/24 07:36:30 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_rcv.c,v
-+ *
-+ * Revision 1.102 2002/01/29 17:17:56 mcr
-+ * moved include of ipsec_param.h to after include of linux/kernel.h
-+ * otherwise, it seems that some option that is set in ipsec_param.h
-+ * screws up something subtle in the include path to kernel.h, and
-+ * it complains on the snprintf() prototype.
-+ *
-+ * Revision 1.101 2002/01/29 04:00:52 mcr
-+ * more excise of kversions.h header.
-+ *
-+ * Revision 1.100 2002/01/29 02:13:17 mcr
-+ * introduction of ipsec_kversion.h means that include of
-+ * ipsec_param.h must preceed any decisions about what files to
-+ * include to deal with differences in kernel source.
-+ *
-+ * Revision 1.99 2002/01/28 21:40:59 mcr
-+ * should use #if to test boolean option rather than #ifdef.
-+ *
-+ * Revision 1.98 2002/01/20 20:19:36 mcr
-+ * renamed option to IP_FRAGMENT_LINEARIZE.
-+ *
-+ * Revision 1.97 2002/01/12 02:55:36 mcr
-+ * fix for post-2.4.4 to linearize skb's when ESP packet
-+ * was assembled from fragments.
-+ *
-+ * Revision 1.96 2001/11/26 09:23:49 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.93.2.2 2001/10/22 20:54:07 mcr
-+ * include des.h, removed phony prototypes and fixed calling
-+ * conventions to match real prototypes.
-+ *
-+ * Revision 1.93.2.1 2001/09/25 02:22:22 mcr
-+ * struct tdb -> struct ipsec_sa.
-+ * lifetime checks moved to ipsec_life.c
-+ * some sa(tdb) manipulation functions renamed.
-+ *
-+ * Revision 1.95 2001/11/06 19:49:07 rgb
-+ * Added variable descriptions.
-+ * Removed unauthenticated sequence==0 check to prevent DoS.
-+ *
-+ * Revision 1.94 2001/10/18 04:45:20 rgb
-+ * 2.4.9 kernel deprecates linux/malloc.h in favour of linux/slab.h,
-+ * lib/freeswan.h version macros moved to lib/kversions.h.
-+ * Other compiler directive cleanups.
-+ *
-+ * Revision 1.93 2001/09/07 22:17:24 rgb
-+ * Fix for removal of transport layer protocol handler arg in 2.4.4.
-+ * Fix to accomodate peer non-conformance to IPCOMP rfc2393.
-+ *
-+ * Revision 1.92 2001/08/27 19:44:41 rgb
-+ * Fix error in comment.
-+ *
-+ * Revision 1.91 2001/07/20 19:31:48 dhr
-+ * [DHR] fix source and destination subnets of policy in diagnostic
-+ *
-+ * Revision 1.90 2001/07/06 19:51:09 rgb
-+ * Added inbound policy checking code for IPIP SAs.
-+ * Renamed unused function argument for ease and intuitive naming.
-+ *
-+ * Revision 1.89 2001/06/22 19:35:23 rgb
-+ * Disable ipcomp processing if we are handed a ipcomp packet with no esp
-+ * or ah header.
-+ * Print protocol if we are handed a non-ipsec packet.
-+ *
-+ * Revision 1.88 2001/06/20 06:30:47 rgb
-+ * Fixed transport mode IPCOMP policy check bug.
-+ *
-+ * Revision 1.87 2001/06/13 20:58:40 rgb
-+ * Added parentheses around assignment used as truth value to silence
-+ * compiler.
-+ *
-+ * Revision 1.86 2001/06/07 22:25:23 rgb
-+ * Added a source address policy check for tunnel mode. It still does
-+ * not check client addresses and masks.
-+ * Only decapsulate IPIP if it is expected.
-+ *
-+ * Revision 1.85 2001/05/30 08:14:02 rgb
-+ * Removed vestiges of esp-null transforms.
-+ *
-+ * Revision 1.84 2001/05/27 06:12:11 rgb
-+ * Added structures for pid, packet count and last access time to eroute.
-+ * Added packet count to beginning of /proc/net/ipsec_eroute.
-+ *
-+ * Revision 1.83 2001/05/04 16:45:47 rgb
-+ * Remove unneeded code. ipp is not used after this point.
-+ *
-+ * Revision 1.82 2001/05/04 16:36:00 rgb
-+ * Fix skb_cow() call for 2.4.4. (SS)
-+ *
-+ * Revision 1.81 2001/05/02 14:46:53 rgb
-+ * Fix typo for compiler directive to pull IPH back.
-+ *
-+ * Revision 1.80 2001/04/30 19:46:34 rgb
-+ * Update for 2.4.4. We now receive the skb with skb->data pointing to
-+ * h.raw.
-+ *
-+ * Revision 1.79 2001/04/23 15:01:15 rgb
-+ * Added spin_lock() check to prevent double-locking for multiple
-+ * transforms and hence kernel lock-ups with SMP kernels.
-+ * Minor spin_unlock() adjustments to unlock before non-dependant prints
-+ * and IPSEC device stats updates.
-+ *
-+ * Revision 1.78 2001/04/21 23:04:24 rgb
-+ * Check if soft expire has already been sent before sending another to
-+ * prevent ACQUIRE flooding.
-+ *
-+ * Revision 1.77 2001/03/16 07:35:20 rgb
-+ * Ditch extra #if 1 around now permanent policy checking code.
-+ *
-+ * Revision 1.76 2001/02/27 22:24:54 rgb
-+ * Re-formatting debug output (line-splitting, joining, 1arg/line).
-+ * Check for satoa() return codes.
-+ *
-+ * Revision 1.75 2001/02/19 22:28:30 rgb
-+ * Minor change to virtual device discovery code to assert which I/F has
-+ * been found.
-+ *
-+ * Revision 1.74 2000/11/25 03:50:36 rgb
-+ * Oops fix by minor re-arrangement of code to avoid accessing a freed tdb.
-+ *
-+ * Revision 1.73 2000/11/09 20:52:15 rgb
-+ * More spinlock shuffling, locking earlier and unlocking later in rcv to
-+ * include ipcomp and prevent races, renaming some tdb variables that got
-+ * forgotten, moving some unlocks to include tdbs and adding a missing
-+ * unlock. Thanks to Svenning for some of these.
-+ *
-+ * Revision 1.72 2000/11/09 20:11:22 rgb
-+ * Minor shuffles to fix non-standard kernel config option selection.
-+ *
-+ * Revision 1.71 2000/11/06 04:36:18 rgb
-+ * Ditched spin_lock_irqsave in favour of spin_lock.
-+ * Minor initial protocol check rewrite.
-+ * Clean up debug printing.
-+ * Clean up tdb handling on ipcomp.
-+ * Fixed transport mode null pointer de-reference without ipcomp.
-+ * Add Svenning's adaptive content compression.
-+ * Disabled registration of ipcomp handler.
-+ *
-+ * Revision 1.70 2000/10/30 23:41:43 henry
-+ * Hans-Joerg Hoexer's null-pointer fix
-+ *
-+ * Revision 1.69 2000/10/10 18:54:16 rgb
-+ * Added a fix for incoming policy check with ipcomp enabled but
-+ * uncompressible.
-+ *
-+ * Revision 1.68 2000/09/22 17:53:12 rgb
-+ * Fixed ipcomp tdb pointers update for policy checking.
-+ *
-+ * Revision 1.67 2000/09/21 03:40:58 rgb
-+ * Added more debugging to try and track down the cpi outward copy problem.
-+ *
-+ * Revision 1.66 2000/09/20 04:00:10 rgb
-+ * Changed static functions to DEBUG_NO_STATIC to reveal function names for
-+ * debugging oopsen.
-+ *
-+ * Revision 1.65 2000/09/19 07:07:16 rgb
-+ * Added debugging to inbound policy check for ipcomp.
-+ * Added missing spin_unlocks (thanks Svenning!).
-+ * Fixed misplaced tdbnext pointers causing mismatched ipip policy check.
-+ * Protect ipcomp policy check following ipip decap with sysctl switch.
-+ *
-+ * Revision 1.64 2000/09/18 21:27:29 rgb
-+ * 2.0 fixes.
-+ *
-+ * Revision 1.63 2000/09/18 02:35:50 rgb
-+ * Added policy checking to ipcomp and re-enabled policy checking by
-+ * default.
-+ * Optimised satoa calls.
-+ *
-+ * Revision 1.62 2000/09/17 21:02:32 rgb
-+ * Clean up debugging, removing slow timestamp debug code.
-+ *
-+ * Revision 1.61 2000/09/16 01:07:55 rgb
-+ * Fixed erroneous ref from struct ipcomp to struct ipcomphdr.
-+ *
-+ * Revision 1.60 2000/09/15 11:37:01 rgb
-+ * Merge in heavily modified Svenning Soerensen's <svenning@post5.tele.dk>
-+ * IPCOMP zlib deflate code.
-+ *
-+ * Revision 1.59 2000/09/15 04:56:20 rgb
-+ * Remove redundant satoa() call, reformat comment.
-+ *
-+ * Revision 1.58 2000/09/13 08:00:52 rgb
-+ * Flick on inbound policy checking.
-+ *
-+ * Revision 1.57 2000/09/12 03:22:19 rgb
-+ * Converted inbound_policy_check to sysctl.
-+ * Re-enabled policy backcheck.
-+ * Moved policy checks to top and within tdb lock.
-+ *
-+ * Revision 1.56 2000/09/08 19:12:56 rgb
-+ * Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
-+ *
-+ * Revision 1.55 2000/08/28 18:15:46 rgb
-+ * Added MB's nf-debug reset patch.
-+ *
-+ * Revision 1.54 2000/08/27 01:41:26 rgb
-+ * More minor tweaks to the bad padding debug code.
-+ *
-+ * Revision 1.53 2000/08/24 16:54:16 rgb
-+ * Added KLIPS_PRINTMORE macro to continue lines without KERN_INFO level
-+ * info.
-+ * Tidied up device reporting at the start of ipsec_rcv.
-+ * Tidied up bad padding debugging and processing.
-+ *
-+ * Revision 1.52 2000/08/20 21:36:03 rgb
-+ * Activated pfkey_expire() calls.
-+ * Added a hard/soft expiry parameter to pfkey_expire().
-+ * Added sanity checking to avoid propagating zero or smaller-length skbs
-+ * from a bogus decryption.
-+ * Re-arranged the order of soft and hard expiry to conform to RFC2367.
-+ * Clean up references to CONFIG_IPSEC_PFKEYv2.
-+ *
-+ * Revision 1.51 2000/08/18 21:23:30 rgb
-+ * Improve bad padding warning so that the printk buffer doesn't get
-+ * trampled.
-+ *
-+ * Revision 1.50 2000/08/01 14:51:51 rgb
-+ * Removed _all_ remaining traces of DES.
-+ *
-+ * Revision 1.49 2000/07/28 13:50:53 rgb
-+ * Changed enet_statistics to net_device_stats and added back compatibility
-+ * for pre-2.1.19.
-+ *
-+ * Revision 1.48 2000/05/10 19:14:40 rgb
-+ * Only check usetime against soft and hard limits if the tdb has been
-+ * used.
-+ * Cast output of ntohl so that the broken prototype doesn't make our
-+ * compile noisy.
-+ *
-+ * Revision 1.47 2000/05/09 17:45:43 rgb
-+ * Fix replay bitmap corruption bug upon receipt of bogus packet
-+ * with correct SPI. This was a DoS.
-+ *
-+ * Revision 1.46 2000/03/27 02:31:58 rgb
-+ * Fixed authentication failure printout bug.
-+ *
-+ * Revision 1.45 2000/03/22 16:15:37 rgb
-+ * Fixed renaming of dev_get (MB).
-+ *
-+ * Revision 1.44 2000/03/16 08:17:24 rgb
-+ * Hardcode PF_KEYv2 support.
-+ * Fixed minor bug checking AH header length.
-+ *
-+ * Revision 1.43 2000/03/14 12:26:59 rgb
-+ * Added skb->nfct support for clearing netfilter conntrack bits (MB).
-+ *
-+ * Revision 1.42 2000/01/26 10:04:04 rgb
-+ * Fixed inbound policy checking on transport mode bug.
-+ * Fixed noisy 2.0 printk arguments.
-+ *
-+ * Revision 1.41 2000/01/24 20:58:02 rgb
-+ * Improve debugging/reporting support for (disabled) inbound
-+ * policy checking.
-+ *
-+ * Revision 1.40 2000/01/22 23:20:10 rgb
-+ * Fixed up inboud policy checking code.
-+ * Cleaned out unused crud.
-+ *
-+ * Revision 1.39 2000/01/21 06:15:29 rgb
-+ * Added sanity checks on skb_push(), skb_pull() to prevent panics.
-+ * Fixed cut-and-paste debug_tunnel to debug_rcv.
-+ * Added inbound policy checking code, disabled.
-+ * Simplified output code by updating ipp to post-IPIP decapsulation.
-+ *
-+ * elided pre-2000 comments. Use "cvs log"
-+ *
-+ *
-+ * Local Variables:
-+ * c-set-style: linux
-+ * End:
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_sa.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,1870 @@
-+/*
-+ * Common routines for IPsec SA maintenance routines.
-+ *
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998, 1999, 2000, 2001, 2002 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_sa.c,v 1.30.2.2 2006/10/06 21:39:26 paul Exp $
-+ *
-+ * This is the file formerly known as "ipsec_xform.h"
-+ *
-+ */
-+
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "openswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/vmalloc.h> /* vmalloc() */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/interrupt.h> /* mark_bh */
-+
-+#include <linux/netdevice.h> /* struct device, and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+#include <linux/skbuff.h>
-+#include <openswan.h>
-+#ifdef SPINLOCK
-+#ifdef SPINLOCK_23
-+#include <linux/spinlock.h> /* *lock* */
-+#else /* SPINLOCK_23 */
-+#include <asm/spinlock.h> /* *lock* */
-+#endif /* SPINLOCK_23 */
-+#endif /* SPINLOCK */
-+
-+#include <net/ip.h>
-+
-+#include "openswan/radij.h"
-+
-+#include "openswan/ipsec_stats.h"
-+#include "openswan/ipsec_life.h"
-+#include "openswan/ipsec_sa.h"
-+#include "openswan/ipsec_xform.h"
-+
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_radij.h"
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_ipe4.h"
-+#include "openswan/ipsec_ah.h"
-+#include "openswan/ipsec_esp.h"
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+#include "openswan/ipsec_proto.h"
-+#include "openswan/ipsec_alg.h"
-+
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+int debug_xform = 0;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+#define SENDERR(_x) do { error = -(_x); goto errlab; } while (0)
-+
-+struct ipsec_sa *ipsec_sadb_hash[SADB_HASHMOD];
-+#ifdef SPINLOCK
-+spinlock_t tdb_lock = SPIN_LOCK_UNLOCKED;
-+#else /* SPINLOCK */
-+spinlock_t tdb_lock;
-+#endif /* SPINLOCK */
-+
-+struct ipsec_sadb ipsec_sadb;
-+
-+#if IPSEC_SA_REF_CODE
-+
-+/* the sub table must be narrower (or equal) in bits than the variable type
-+ in the main table to count the number of unused entries in it. */
-+typedef struct {
-+ int testSizeOf_refSubTable :
-+ ((sizeof(IPsecRefTableUnusedCount) * 8) < IPSEC_SA_REF_SUBTABLE_IDX_WIDTH ? -1 : 1);
-+} dummy;
-+
-+
-+/* The field where the saref will be hosted in the skb must be wide enough to
-+ accomodate the information it needs to store. */
-+typedef struct {
-+ int testSizeOf_refField :
-+ (IPSEC_SA_REF_HOST_FIELD_WIDTH < IPSEC_SA_REF_TABLE_IDX_WIDTH ? -1 : 1 );
-+} dummy2;
-+
-+
-+#define IPS_HASH(said) (((said)->spi + (said)->dst.u.v4.sin_addr.s_addr + (said)->proto) % SADB_HASHMOD)
-+
-+
-+void
-+ipsec_SAtest(void)
-+{
-+ IPsecSAref_t SAref = 258;
-+ struct ipsec_sa ips;
-+ ips.ips_ref = 772;
-+
-+ printk("klips_debug:ipsec_SAtest: "
-+ "IPSEC_SA_REF_SUBTABLE_IDX_WIDTH=%u\n"
-+ "IPSEC_SA_REF_MAINTABLE_NUM_ENTRIES=%u\n"
-+ "IPSEC_SA_REF_SUBTABLE_NUM_ENTRIES=%u\n"
-+ "IPSEC_SA_REF_HOST_FIELD_WIDTH=%lu\n"
-+ "IPSEC_SA_REF_TABLE_MASK=%x\n"
-+ "IPSEC_SA_REF_ENTRY_MASK=%x\n"
-+ "IPsecSAref2table(%d)=%u\n"
-+ "IPsecSAref2entry(%d)=%u\n"
-+ "IPsecSAref2NFmark(%d)=%u\n"
-+ "IPsecSAref2SA(%d)=%p\n"
-+ "IPsecSA2SAref(%p)=%d\n"
-+ ,
-+ IPSEC_SA_REF_SUBTABLE_IDX_WIDTH,
-+ IPSEC_SA_REF_MAINTABLE_NUM_ENTRIES,
-+ IPSEC_SA_REF_SUBTABLE_NUM_ENTRIES,
-+ (unsigned long) IPSEC_SA_REF_HOST_FIELD_WIDTH,
-+ IPSEC_SA_REF_TABLE_MASK,
-+ IPSEC_SA_REF_ENTRY_MASK,
-+ SAref, IPsecSAref2table(SAref),
-+ SAref, IPsecSAref2entry(SAref),
-+ SAref, IPsecSAref2NFmark(SAref),
-+ SAref, IPsecSAref2SA(SAref),
-+ (&ips), IPsecSA2SAref((&ips))
-+ );
-+ return;
-+}
-+
-+int
-+ipsec_SAref_recycle(void)
-+{
-+ int table;
-+ int entry;
-+ int error = 0;
-+
-+ ipsec_sadb.refFreeListHead = -1;
-+ ipsec_sadb.refFreeListTail = -1;
-+
-+ if(ipsec_sadb.refFreeListCont == IPSEC_SA_REF_MAINTABLE_NUM_ENTRIES * IPSEC_SA_REF_SUBTABLE_NUM_ENTRIES) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_SAref_recycle: "
-+ "end of table reached, continuing at start..\n");
-+ ipsec_sadb.refFreeListCont = 0;
-+ }
-+
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_SAref_recycle: "
-+ "recycling, continuing from SAref=%d (0p%p), table=%d, entry=%d.\n",
-+ ipsec_sadb.refFreeListCont,
-+ (ipsec_sadb.refTable[IPsecSAref2table(ipsec_sadb.refFreeListCont)] != NULL) ? IPsecSAref2SA(ipsec_sadb.refFreeListCont) : NULL,
-+ IPsecSAref2table(ipsec_sadb.refFreeListCont),
-+ IPsecSAref2entry(ipsec_sadb.refFreeListCont));
-+
-+ for(table = IPsecSAref2table(ipsec_sadb.refFreeListCont);
-+ table < IPSEC_SA_REF_MAINTABLE_NUM_ENTRIES;
-+ table++) {
-+ if(ipsec_sadb.refTable[table] == NULL) {
-+ error = ipsec_SArefSubTable_alloc(table);
-+ if(error) {
-+ return error;
-+ }
-+ }
-+ for(entry = IPsecSAref2entry(ipsec_sadb.refFreeListCont);
-+ entry < IPSEC_SA_REF_SUBTABLE_NUM_ENTRIES;
-+ entry++) {
-+ if(ipsec_sadb.refTable[table]->entry[entry] == NULL) {
-+ ipsec_sadb.refFreeList[++ipsec_sadb.refFreeListTail] = IPsecSArefBuild(table, entry);
-+ if(ipsec_sadb.refFreeListTail == (IPSEC_SA_REF_FREELIST_NUM_ENTRIES - 1)) {
-+ ipsec_sadb.refFreeListHead = 0;
-+ ipsec_sadb.refFreeListCont = ipsec_sadb.refFreeList[ipsec_sadb.refFreeListTail] + 1;
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_SAref_recycle: "
-+ "SArefFreeList refilled.\n");
-+ return 0;
-+ }
-+ }
-+ }
-+ }
-+
-+ if(ipsec_sadb.refFreeListTail == -1) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_SAref_recycle: "
-+ "out of room in the SArefTable.\n");
-+
-+ return(-ENOSPC);
-+ }
-+
-+ ipsec_sadb.refFreeListHead = 0;
-+ ipsec_sadb.refFreeListCont = ipsec_sadb.refFreeList[ipsec_sadb.refFreeListTail] + 1;
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_SAref_recycle: "
-+ "SArefFreeList partly refilled to %d of %d.\n",
-+ ipsec_sadb.refFreeListTail,
-+ IPSEC_SA_REF_FREELIST_NUM_ENTRIES);
-+ return 0;
-+}
-+
-+int
-+ipsec_SArefSubTable_alloc(unsigned table)
-+{
-+ unsigned entry;
-+ struct IPsecSArefSubTable* SArefsub;
-+
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_SArefSubTable_alloc: "
-+ "allocating %lu bytes for table %u of %u.\n",
-+ (unsigned long) (IPSEC_SA_REF_SUBTABLE_NUM_ENTRIES * sizeof(struct ipsec_sa *)),
-+ table,
-+ IPSEC_SA_REF_MAINTABLE_NUM_ENTRIES);
-+
-+ /* allocate another sub-table */
-+ SArefsub = vmalloc(IPSEC_SA_REF_SUBTABLE_NUM_ENTRIES * sizeof(struct ipsec_sa *));
-+ if(SArefsub == NULL) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_SArefSubTable_alloc: "
-+ "error allocating memory for table %u of %u!\n",
-+ table,
-+ IPSEC_SA_REF_MAINTABLE_NUM_ENTRIES);
-+ return -ENOMEM;
-+ }
-+
-+ /* add this sub-table to the main table */
-+ ipsec_sadb.refTable[table] = SArefsub;
-+
-+ /* initialise each element to NULL */
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_SArefSubTable_alloc: "
-+ "initialising %u elements (2 ^ %u) of table %u.\n",
-+ IPSEC_SA_REF_SUBTABLE_NUM_ENTRIES,
-+ IPSEC_SA_REF_SUBTABLE_IDX_WIDTH,
-+ table);
-+ for(entry = 0; entry < IPSEC_SA_REF_SUBTABLE_NUM_ENTRIES; entry++) {
-+ SArefsub->entry[entry] = NULL;
-+ }
-+
-+ return 0;
-+}
-+#endif /* IPSEC_SA_REF_CODE */
-+
-+int
-+ipsec_saref_freelist_init(void)
-+{
-+ int i;
-+
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_saref_freelist_init: "
-+ "initialising %u elements of FreeList.\n",
-+ IPSEC_SA_REF_FREELIST_NUM_ENTRIES);
-+
-+ for(i = 0; i < IPSEC_SA_REF_FREELIST_NUM_ENTRIES; i++) {
-+ ipsec_sadb.refFreeList[i] = IPSEC_SAREF_NULL;
-+ }
-+ ipsec_sadb.refFreeListHead = -1;
-+ ipsec_sadb.refFreeListCont = 0;
-+ ipsec_sadb.refFreeListTail = -1;
-+
-+ return 0;
-+}
-+
-+int
-+ipsec_sadb_init(void)
-+{
-+ int error = 0;
-+ unsigned i;
-+
-+ for(i = 0; i < SADB_HASHMOD; i++) {
-+ ipsec_sadb_hash[i] = NULL;
-+ }
-+ /* parts above are for the old style SADB hash table */
-+
-+
-+#if IPSEC_SA_REF_CODE
-+ /* initialise SA reference table */
-+
-+ /* initialise the main table */
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sadb_init: "
-+ "initialising main table of size %u (2 ^ %u).\n",
-+ IPSEC_SA_REF_MAINTABLE_NUM_ENTRIES,
-+ IPSEC_SA_REF_MAINTABLE_IDX_WIDTH);
-+ {
-+ unsigned table;
-+ for(table = 0; table < IPSEC_SA_REF_MAINTABLE_NUM_ENTRIES; table++) {
-+ ipsec_sadb.refTable[table] = NULL;
-+ }
-+ }
-+
-+ /* allocate the first sub-table */
-+ error = ipsec_SArefSubTable_alloc(0);
-+ if(error) {
-+ return error;
-+ }
-+
-+ error = ipsec_saref_freelist_init();
-+#endif /* IPSEC_SA_REF_CODE */
-+ return error;
-+}
-+
-+#if IPSEC_SA_REF_CODE
-+IPsecSAref_t
-+ipsec_SAref_alloc(int*error) /* pass in error var by pointer */
-+{
-+ IPsecSAref_t SAref;
-+
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_SAref_alloc: "
-+ "SAref requested... head=%d, cont=%d, tail=%d, listsize=%d.\n",
-+ ipsec_sadb.refFreeListHead,
-+ ipsec_sadb.refFreeListCont,
-+ ipsec_sadb.refFreeListTail,
-+ IPSEC_SA_REF_FREELIST_NUM_ENTRIES);
-+
-+ if(ipsec_sadb.refFreeListHead == -1) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_SAref_alloc: "
-+ "FreeList empty, recycling...\n");
-+ *error = ipsec_SAref_recycle();
-+ if(*error) {
-+ return IPSEC_SAREF_NULL;
-+ }
-+ }
-+
-+ SAref = ipsec_sadb.refFreeList[ipsec_sadb.refFreeListHead];
-+ if(SAref == IPSEC_SAREF_NULL) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_SAref_alloc: "
-+ "unexpected error, refFreeListHead = %d points to invalid entry.\n",
-+ ipsec_sadb.refFreeListHead);
-+ *error = -ESPIPE;
-+ return IPSEC_SAREF_NULL;
-+ }
-+
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_SAref_alloc: "
-+ "allocating SAref=%d, table=%u, entry=%u of %u.\n",
-+ SAref,
-+ IPsecSAref2table(SAref),
-+ IPsecSAref2entry(SAref),
-+ IPSEC_SA_REF_MAINTABLE_NUM_ENTRIES * IPSEC_SA_REF_SUBTABLE_NUM_ENTRIES);
-+
-+ ipsec_sadb.refFreeList[ipsec_sadb.refFreeListHead] = IPSEC_SAREF_NULL;
-+ ipsec_sadb.refFreeListHead++;
-+ if(ipsec_sadb.refFreeListHead > ipsec_sadb.refFreeListTail) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_SAref_alloc: "
-+ "last FreeList entry allocated, resetting list head to empty.\n");
-+ ipsec_sadb.refFreeListHead = -1;
-+ }
-+
-+ return SAref;
-+}
-+#endif /* IPSEC_SA_REF_CODE */
-+
-+int
-+ipsec_sa_print(struct ipsec_sa *ips)
-+{
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+
-+ printk(KERN_INFO "klips_debug: SA:");
-+ if(ips == NULL) {
-+ printk("NULL\n");
-+ return -ENOENT;
-+ }
-+ printk(" ref=%d", ips->ips_ref);
-+ printk(" refcount=%d", atomic_read(&ips->ips_refcount));
-+ if(ips->ips_hnext != NULL) {
-+ printk(" hnext=0p%p", ips->ips_hnext);
-+ }
-+ if(ips->ips_inext != NULL) {
-+ printk(" inext=0p%p", ips->ips_inext);
-+ }
-+ if(ips->ips_onext != NULL) {
-+ printk(" onext=0p%p", ips->ips_onext);
-+ }
-+ sa_len = satot(&ips->ips_said, 0, sa, sizeof(sa));
-+ printk(" said=%s", sa_len ? sa : " (error)");
-+ if(ips->ips_seq) {
-+ printk(" seq=%u", ips->ips_seq);
-+ }
-+ if(ips->ips_pid) {
-+ printk(" pid=%u", ips->ips_pid);
-+ }
-+ if(ips->ips_authalg) {
-+ printk(" authalg=%u", ips->ips_authalg);
-+ }
-+ if(ips->ips_encalg) {
-+ printk(" encalg=%u", ips->ips_encalg);
-+ }
-+ printk(" XFORM=%s%s%s", IPS_XFORM_NAME(ips));
-+ if(ips->ips_replaywin) {
-+ printk(" ooowin=%u", ips->ips_replaywin);
-+ }
-+ if(ips->ips_flags) {
-+ printk(" flags=%u", ips->ips_flags);
-+ }
-+ if(ips->ips_addr_s) {
-+ char buf[SUBNETTOA_BUF];
-+ addrtoa(((struct sockaddr_in*)(ips->ips_addr_s))->sin_addr,
-+ 0, buf, sizeof(buf));
-+ printk(" src=%s", buf);
-+ }
-+ if(ips->ips_addr_d) {
-+ char buf[SUBNETTOA_BUF];
-+ addrtoa(((struct sockaddr_in*)(ips->ips_addr_s))->sin_addr,
-+ 0, buf, sizeof(buf));
-+ printk(" dst=%s", buf);
-+ }
-+ if(ips->ips_addr_p) {
-+ char buf[SUBNETTOA_BUF];
-+ addrtoa(((struct sockaddr_in*)(ips->ips_addr_p))->sin_addr,
-+ 0, buf, sizeof(buf));
-+ printk(" proxy=%s", buf);
-+ }
-+ if(ips->ips_key_bits_a) {
-+ printk(" key_bits_a=%u", ips->ips_key_bits_a);
-+ }
-+ if(ips->ips_key_bits_e) {
-+ printk(" key_bits_e=%u", ips->ips_key_bits_e);
-+ }
-+
-+ printk("\n");
-+ return 0;
-+}
-+
-+struct ipsec_sa*
-+ipsec_sa_alloc(int*error) /* pass in error var by pointer */
-+{
-+ struct ipsec_sa* ips;
-+
-+ if((ips = kmalloc(sizeof(*ips), GFP_ATOMIC) ) == NULL) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_alloc: "
-+ "memory allocation error\n");
-+ *error = -ENOMEM;
-+ return NULL;
-+ }
-+ memset((caddr_t)ips, 0, sizeof(*ips));
-+#if IPSEC_SA_REF_CODE
-+ ips->ips_ref = ipsec_SAref_alloc(error); /* pass in error return by pointer */
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_alloc: "
-+ "allocated %lu bytes for ipsec_sa struct=0p%p ref=%d.\n",
-+ (unsigned long) sizeof(*ips),
-+ ips,
-+ ips->ips_ref);
-+ if(ips->ips_ref == IPSEC_SAREF_NULL) {
-+ kfree(ips);
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_alloc: "
-+ "SAref allocation error\n");
-+ return NULL;
-+ }
-+
-+ atomic_inc(&ips->ips_refcount);
-+ IPsecSAref2SA(ips->ips_ref) = ips;
-+#endif /* IPSEC_SA_REF_CODE */
-+
-+ *error = 0;
-+ return(ips);
-+}
-+
-+int
-+ipsec_sa_free(struct ipsec_sa* ips)
-+{
-+ return ipsec_sa_wipe(ips);
-+}
-+
-+struct ipsec_sa *
-+ipsec_sa_getbyid(ip_said *said)
-+{
-+ int hashval;
-+ struct ipsec_sa *ips;
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+
-+ if(said == NULL) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_error:ipsec_sa_getbyid: "
-+ "null pointer passed in!\n");
-+ return NULL;
-+ }
-+
-+ sa_len = satot(said, 0, sa, sizeof(sa));
-+
-+ hashval = IPS_HASH(said);
-+
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_getbyid: "
-+ "linked entry in ipsec_sa table for hash=%d of SA:%s requested.\n",
-+ hashval,
-+ sa_len ? sa : " (error)");
-+
-+ if((ips = ipsec_sadb_hash[hashval]) == NULL) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_getbyid: "
-+ "no entries in ipsec_sa table for hash=%d of SA:%s.\n",
-+ hashval,
-+ sa_len ? sa : " (error)");
-+ return NULL;
-+ }
-+
-+ for (; ips; ips = ips->ips_hnext) {
-+ if ((ips->ips_said.spi == said->spi) &&
-+ (ips->ips_said.dst.u.v4.sin_addr.s_addr == said->dst.u.v4.sin_addr.s_addr) &&
-+ (ips->ips_said.proto == said->proto)) {
-+ atomic_inc(&ips->ips_refcount);
-+ return ips;
-+ }
-+ }
-+
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_getbyid: "
-+ "no entry in linked list for hash=%d of SA:%s.\n",
-+ hashval,
-+ sa_len ? sa : " (error)");
-+ return NULL;
-+}
-+
-+int
-+ipsec_sa_put(struct ipsec_sa *ips)
-+{
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+
-+ if(ips == NULL) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_error:ipsec_sa_put: "
-+ "null pointer passed in!\n");
-+ return -1;
-+ }
-+
-+ sa_len = satot(&ips->ips_said, 0, sa, sizeof(sa));
-+
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_put: "
-+ "ipsec_sa SA:%s, ref:%d reference count decremented.\n",
-+ sa_len ? sa : " (error)",
-+ ips->ips_ref);
-+
-+ atomic_dec(&ips->ips_refcount);
-+
-+ return 0;
-+}
-+
-+/*
-+ The ipsec_sa table better *NOT* be locked before it is handed in, or SMP locks will happen
-+*/
-+int
-+ipsec_sa_add(struct ipsec_sa *ips)
-+{
-+ int error = 0;
-+ unsigned int hashval;
-+
-+ if(ips == NULL) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_error:ipsec_sa_add: "
-+ "null pointer passed in!\n");
-+ return -ENODATA;
-+ }
-+ hashval = IPS_HASH(&ips->ips_said);
-+
-+ atomic_inc(&ips->ips_refcount);
-+ spin_lock_bh(&tdb_lock);
-+
-+ ips->ips_hnext = ipsec_sadb_hash[hashval];
-+ ipsec_sadb_hash[hashval] = ips;
-+
-+ spin_unlock_bh(&tdb_lock);
-+
-+ return error;
-+}
-+
-+/*
-+ The ipsec_sa table better be locked before it is handed in, or races might happen
-+*/
-+int
-+ipsec_sa_del(struct ipsec_sa *ips)
-+{
-+ unsigned int hashval;
-+ struct ipsec_sa *ipstp;
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+
-+ if(ips == NULL) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_error:ipsec_sa_del: "
-+ "null pointer passed in!\n");
-+ return -ENODATA;
-+ }
-+
-+ sa_len = satot(&ips->ips_said, 0, sa, sizeof(sa));
-+ if(ips->ips_inext || ips->ips_onext) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_error:ipsec_sa_del: "
-+ "SA:%s still linked!\n",
-+ sa_len ? sa : " (error)");
-+ return -EMLINK;
-+ }
-+
-+ hashval = IPS_HASH(&ips->ips_said);
-+
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_del: "
-+ "deleting SA:%s, hashval=%d.\n",
-+ sa_len ? sa : " (error)",
-+ hashval);
-+ if(ipsec_sadb_hash[hashval] == NULL) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_del: "
-+ "no entries in ipsec_sa table for hash=%d of SA:%s.\n",
-+ hashval,
-+ sa_len ? sa : " (error)");
-+ return -ENOENT;
-+ }
-+
-+ if (ips == ipsec_sadb_hash[hashval]) {
-+ ipsec_sadb_hash[hashval] = ipsec_sadb_hash[hashval]->ips_hnext;
-+ ips->ips_hnext = NULL;
-+ atomic_dec(&ips->ips_refcount);
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_del: "
-+ "successfully deleted first ipsec_sa in chain.\n");
-+ return 0;
-+ } else {
-+ for (ipstp = ipsec_sadb_hash[hashval];
-+ ipstp;
-+ ipstp = ipstp->ips_hnext) {
-+ if (ipstp->ips_hnext == ips) {
-+ ipstp->ips_hnext = ips->ips_hnext;
-+ ips->ips_hnext = NULL;
-+ atomic_dec(&ips->ips_refcount);
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_del: "
-+ "successfully deleted link in ipsec_sa chain.\n");
-+ return 0;
-+ }
-+ }
-+ }
-+
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_del: "
-+ "no entries in linked list for hash=%d of SA:%s.\n",
-+ hashval,
-+ sa_len ? sa : " (error)");
-+ return -ENOENT;
-+}
-+
-+/*
-+ The ipsec_sa table better be locked before it is handed in, or races
-+ might happen
-+*/
-+int
-+ipsec_sa_delchain(struct ipsec_sa *ips)
-+{
-+ struct ipsec_sa *ipsdel;
-+ int error = 0;
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+
-+ if(ips == NULL) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_error:ipsec_sa_delchain: "
-+ "null pointer passed in!\n");
-+ return -ENODATA;
-+ }
-+
-+ sa_len = satot(&ips->ips_said, 0, sa, sizeof(sa));
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_delchain: "
-+ "passed SA:%s\n",
-+ sa_len ? sa : " (error)");
-+ while(ips->ips_onext != NULL) {
-+ ips = ips->ips_onext;
-+ }
-+
-+ while(ips) {
-+ /* XXX send a pfkey message up to advise of deleted ipsec_sa */
-+ sa_len = satot(&ips->ips_said, 0, sa, sizeof(sa));
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_delchain: "
-+ "unlinking and delting SA:%s",
-+ sa_len ? sa : " (error)");
-+ ipsdel = ips;
-+ ips = ips->ips_inext;
-+ if(ips != NULL) {
-+ sa_len = satot(&ips->ips_said, 0, sa, sizeof(sa));
-+ KLIPS_PRINT(debug_xform,
-+ ", inext=%s",
-+ sa_len ? sa : " (error)");
-+ atomic_dec(&ipsdel->ips_refcount);
-+ ipsdel->ips_inext = NULL;
-+ atomic_dec(&ips->ips_refcount);
-+ ips->ips_onext = NULL;
-+ }
-+ KLIPS_PRINT(debug_xform,
-+ ".\n");
-+ if((error = ipsec_sa_del(ipsdel))) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_delchain: "
-+ "ipsec_sa_del returned error %d.\n", -error);
-+ return error;
-+ }
-+ if((error = ipsec_sa_wipe(ipsdel))) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_delchain: "
-+ "ipsec_sa_wipe returned error %d.\n", -error);
-+ return error;
-+ }
-+ }
-+ return error;
-+}
-+
-+int
-+ipsec_sadb_cleanup(__u8 proto)
-+{
-+ unsigned i;
-+ int error = 0;
-+ struct ipsec_sa *ips, **ipsprev, *ipsdel;
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sadb_cleanup: "
-+ "cleaning up proto=%d.\n",
-+ proto);
-+
-+ spin_lock_bh(&tdb_lock);
-+
-+ for (i = 0; i < SADB_HASHMOD; i++) {
-+ ipsprev = &(ipsec_sadb_hash[i]);
-+ ips = ipsec_sadb_hash[i];
-+ if(ips != NULL) {
-+ atomic_inc(&ips->ips_refcount);
-+ }
-+ for(; ips != NULL;) {
-+ sa_len = satot(&ips->ips_said, 0, sa, sizeof(sa));
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sadb_cleanup: "
-+ "checking SA:%s, hash=%d, ref=%d",
-+ sa_len ? sa : " (error)",
-+ i,
-+ ips->ips_ref);
-+ ipsdel = ips;
-+ ips = ipsdel->ips_hnext;
-+ if(ips != NULL) {
-+ atomic_inc(&ips->ips_refcount);
-+ sa_len = satot(&ips->ips_said, 0, sa, sizeof(sa));
-+ KLIPS_PRINT(debug_xform,
-+ ", hnext=%s",
-+ sa_len ? sa : " (error)");
-+ }
-+ if(*ipsprev != NULL) {
-+ sa_len = satot(&(*ipsprev)->ips_said, 0, sa, sizeof(sa));
-+ KLIPS_PRINT(debug_xform,
-+ ", *ipsprev=%s",
-+ sa_len ? sa : " (error)");
-+ if((*ipsprev)->ips_hnext) {
-+ sa_len = satot(&(*ipsprev)->ips_hnext->ips_said, 0, sa, sizeof(sa));
-+ KLIPS_PRINT(debug_xform,
-+ ", *ipsprev->ips_hnext=%s",
-+ sa_len ? sa : " (error)");
-+ }
-+ }
-+ KLIPS_PRINT(debug_xform,
-+ ".\n");
-+ if(proto == 0 || (proto == ipsdel->ips_said.proto)) {
-+ sa_len = satot(&ipsdel->ips_said, 0, sa, sizeof(sa));
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sadb_cleanup: "
-+ "deleting SA chain:%s.\n",
-+ sa_len ? sa : " (error)");
-+ if((error = ipsec_sa_delchain(ipsdel))) {
-+ SENDERR(-error);
-+ }
-+ ipsprev = &(ipsec_sadb_hash[i]);
-+ ips = ipsec_sadb_hash[i];
-+
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sadb_cleanup: "
-+ "deleted SA chain:%s",
-+ sa_len ? sa : " (error)");
-+ if(ips != NULL) {
-+ sa_len = satot(&ips->ips_said, 0, sa, sizeof(sa));
-+ KLIPS_PRINT(debug_xform,
-+ ", ipsec_sadb_hash[%d]=%s",
-+ i,
-+ sa_len ? sa : " (error)");
-+ }
-+ if(*ipsprev != NULL) {
-+ sa_len = satot(&(*ipsprev)->ips_said, 0, sa, sizeof(sa));
-+ KLIPS_PRINT(debug_xform,
-+ ", *ipsprev=%s",
-+ sa_len ? sa : " (error)");
-+ if((*ipsprev)->ips_hnext != NULL) {
-+ sa_len = satot(&(*ipsprev)->ips_hnext->ips_said, 0, sa, sizeof(sa));
-+ KLIPS_PRINT(debug_xform,
-+ ", *ipsprev->ips_hnext=%s",
-+ sa_len ? sa : " (error)");
-+ }
-+ }
-+ KLIPS_PRINT(debug_xform,
-+ ".\n");
-+ } else {
-+ ipsprev = &ipsdel;
-+ }
-+ if(ipsdel != NULL) {
-+ ipsec_sa_put(ipsdel);
-+ }
-+ }
-+ }
-+ errlab:
-+
-+ spin_unlock_bh(&tdb_lock);
-+
-+
-+#if IPSEC_SA_REF_CODE
-+ /* clean up SA reference table */
-+
-+ /* go through the ref table and clean out all the SAs */
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sadb_cleanup: "
-+ "removing SAref entries and tables.");
-+ {
-+ unsigned table, entry;
-+ for(table = 0; table < IPSEC_SA_REF_MAINTABLE_NUM_ENTRIES; table++) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sadb_cleanup: "
-+ "cleaning SAref table=%u.\n",
-+ table);
-+ if(ipsec_sadb.refTable[table] == NULL) {
-+ printk("\n");
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sadb_cleanup: "
-+ "cleaned %u used refTables.\n",
-+ table);
-+ break;
-+ }
-+ for(entry = 0; entry < IPSEC_SA_REF_SUBTABLE_NUM_ENTRIES; entry++) {
-+ if(ipsec_sadb.refTable[table]->entry[entry] != NULL) {
-+ ipsec_sa_delchain(ipsec_sadb.refTable[table]->entry[entry]);
-+ ipsec_sadb.refTable[table]->entry[entry] = NULL;
-+ }
-+ }
-+ }
-+ }
-+#endif /* IPSEC_SA_REF_CODE */
-+
-+ return(error);
-+}
-+
-+int
-+ipsec_sadb_free(void)
-+{
-+ int error = 0;
-+
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sadb_free: "
-+ "freeing SArefTable memory.\n");
-+
-+ /* clean up SA reference table */
-+
-+ /* go through the ref table and clean out all the SAs if any are
-+ left and free table memory */
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sadb_free: "
-+ "removing SAref entries and tables.\n");
-+ {
-+ unsigned table, entry;
-+ for(table = 0; table < IPSEC_SA_REF_MAINTABLE_NUM_ENTRIES; table++) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sadb_free: "
-+ "removing SAref table=%u.\n",
-+ table);
-+ if(ipsec_sadb.refTable[table] == NULL) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sadb_free: "
-+ "removed %u used refTables.\n",
-+ table);
-+ break;
-+ }
-+ for(entry = 0; entry < IPSEC_SA_REF_SUBTABLE_NUM_ENTRIES; entry++) {
-+ if(ipsec_sadb.refTable[table]->entry[entry] != NULL) {
-+ ipsec_sa_delchain(ipsec_sadb.refTable[table]->entry[entry]);
-+ ipsec_sadb.refTable[table]->entry[entry] = NULL;
-+ }
-+ }
-+ vfree(ipsec_sadb.refTable[table]);
-+ ipsec_sadb.refTable[table] = NULL;
-+ }
-+ }
-+
-+ return(error);
-+}
-+
-+int
-+ipsec_sa_wipe(struct ipsec_sa *ips)
-+{
-+ if(ips == NULL) {
-+ return -ENODATA;
-+ }
-+
-+ /* if(atomic_dec_and_test(ips)) {
-+ }; */
-+
-+#if IPSEC_SA_REF_CODE
-+ /* remove me from the SArefTable */
-+ {
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+ sa_len = satot(&ips->ips_said, 0, sa, sizeof(sa));
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_wipe: "
-+ "removing SA=%s(0p%p), SAref=%d, table=%d(0p%p), entry=%d from the refTable.\n",
-+ sa_len ? sa : " (error)",
-+ ips,
-+ ips->ips_ref,
-+ IPsecSAref2table(IPsecSA2SAref(ips)),
-+ ipsec_sadb.refTable[IPsecSAref2table(IPsecSA2SAref(ips))],
-+ IPsecSAref2entry(IPsecSA2SAref(ips)));
-+ }
-+ if(ips->ips_ref == IPSEC_SAREF_NULL) {
-+ KLIPS_PRINT(debug_xform,
-+ "klips_debug:ipsec_sa_wipe: "
-+ "why does this SA not have a valid SAref?.\n");
-+ }
-+ ipsec_sadb.refTable[IPsecSAref2table(IPsecSA2SAref(ips))]->entry[IPsecSAref2entry(IPsecSA2SAref(ips))] = NULL;
-+ ips->ips_ref = IPSEC_SAREF_NULL;
-+ ipsec_sa_put(ips);
-+#endif /* IPSEC_SA_REF_CODE */
-+
-+ /* paranoid clean up */
-+ if(ips->ips_addr_s != NULL) {
-+ memset((caddr_t)(ips->ips_addr_s), 0, ips->ips_addr_s_size);
-+ kfree(ips->ips_addr_s);
-+ }
-+ ips->ips_addr_s = NULL;
-+
-+ if(ips->ips_addr_d != NULL) {
-+ memset((caddr_t)(ips->ips_addr_d), 0, ips->ips_addr_d_size);
-+ kfree(ips->ips_addr_d);
-+ }
-+ ips->ips_addr_d = NULL;
-+
-+ if(ips->ips_addr_p != NULL) {
-+ memset((caddr_t)(ips->ips_addr_p), 0, ips->ips_addr_p_size);
-+ kfree(ips->ips_addr_p);
-+ }
-+ ips->ips_addr_p = NULL;
-+
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ if(ips->ips_natt_oa) {
-+ memset((caddr_t)(ips->ips_natt_oa), 0, ips->ips_natt_oa_size);
-+ kfree(ips->ips_natt_oa);
-+ }
-+ ips->ips_natt_oa = NULL;
-+#endif
-+
-+ if(ips->ips_key_a != NULL) {
-+ memset((caddr_t)(ips->ips_key_a), 0, ips->ips_key_a_size);
-+ kfree(ips->ips_key_a);
-+ }
-+ ips->ips_key_a = NULL;
-+
-+ if(ips->ips_key_e != NULL) {
-+ if (ips->ips_alg_enc &&
-+ ips->ips_alg_enc->ixt_e_destroy_key)
-+ {
-+ ips->ips_alg_enc->ixt_e_destroy_key(ips->ips_alg_enc,
-+ ips->ips_key_e);
-+ } else
-+ {
-+ memset((caddr_t)(ips->ips_key_e), 0, ips->ips_key_e_size);
-+ kfree(ips->ips_key_e);
-+ }
-+ }
-+ ips->ips_key_e = NULL;
-+
-+ if(ips->ips_iv != NULL) {
-+ memset((caddr_t)(ips->ips_iv), 0, ips->ips_iv_size);
-+ kfree(ips->ips_iv);
-+ }
-+ ips->ips_iv = NULL;
-+
-+ if(ips->ips_ident_s.data != NULL) {
-+ memset((caddr_t)(ips->ips_ident_s.data),
-+ 0,
-+ ips->ips_ident_s.len * IPSEC_PFKEYv2_ALIGN - sizeof(struct sadb_ident));
-+ kfree(ips->ips_ident_s.data);
-+ }
-+ ips->ips_ident_s.data = NULL;
-+
-+ if(ips->ips_ident_d.data != NULL) {
-+ memset((caddr_t)(ips->ips_ident_d.data),
-+ 0,
-+ ips->ips_ident_d.len * IPSEC_PFKEYv2_ALIGN - sizeof(struct sadb_ident));
-+ kfree(ips->ips_ident_d.data);
-+ }
-+ ips->ips_ident_d.data = NULL;
-+
-+ if (ips->ips_alg_enc||ips->ips_alg_auth) {
-+ ipsec_alg_sa_wipe(ips);
-+ }
-+
-+ memset((caddr_t)ips, 0, sizeof(*ips));
-+ kfree(ips);
-+ ips = NULL;
-+
-+ return 0;
-+}
-+
-+extern int sysctl_ipsec_debug_verbose;
-+
-+int ipsec_sa_init(struct ipsec_sa *ipsp)
-+{
-+ int i;
-+ int error = 0;
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+ char ipaddr_txt[ADDRTOA_BUF];
-+ char ipaddr2_txt[ADDRTOA_BUF];
-+#if defined (CONFIG_KLIPS_AUTH_HMAC_MD5) || defined (CONFIG_KLIPS_AUTH_HMAC_SHA1)
-+ unsigned char kb[AHMD596_BLKLEN];
-+#endif
-+ struct ipsec_alg_enc *ixt_e = NULL;
-+ struct ipsec_alg_auth *ixt_a = NULL;
-+
-+ if(ipsp == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "ipsec_sa_init: "
-+ "ipsp is NULL, fatal\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ sa_len = satot(&ipsp->ips_said, 0, sa, sizeof(sa));
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "ipsec_sa_init: "
-+ "(pfkey defined) called for SA:%s\n",
-+ sa_len ? sa : " (error)");
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "ipsec_sa_init: "
-+ "calling init routine of %s%s%s\n",
-+ IPS_XFORM_NAME(ipsp));
-+
-+ switch(ipsp->ips_said.proto) {
-+
-+#ifdef CONFIG_KLIPS_IPIP
-+ case IPPROTO_IPIP: {
-+ addrtoa(((struct sockaddr_in*)(ipsp->ips_addr_s))->sin_addr,
-+ 0,
-+ ipaddr_txt, sizeof(ipaddr_txt));
-+ addrtoa(((struct sockaddr_in*)(ipsp->ips_addr_d))->sin_addr,
-+ 0,
-+ ipaddr2_txt, sizeof(ipaddr_txt));
-+ KLIPS_PRINT(debug_pfkey,
-+ "ipsec_sa_init: "
-+ "(pfkey defined) IPIP ipsec_sa set for %s->%s.\n",
-+ ipaddr_txt,
-+ ipaddr2_txt);
-+ }
-+ break;
-+#endif /* !CONFIG_KLIPS_IPIP */
-+
-+#ifdef CONFIG_KLIPS_AH
-+ case IPPROTO_AH:
-+ switch(ipsp->ips_authalg) {
-+# ifdef CONFIG_KLIPS_AUTH_HMAC_MD5
-+ case AH_MD5: {
-+ unsigned char *akp;
-+ unsigned int aks;
-+ MD5_CTX *ictx;
-+ MD5_CTX *octx;
-+
-+ if(ipsp->ips_key_bits_a != (AHMD596_KLEN * 8)) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "ipsec_sa_init: "
-+ "incorrect key size: %d bits -- must be %d bits\n"/*octets (bytes)\n"*/,
-+ ipsp->ips_key_bits_a, AHMD596_KLEN * 8);
-+ SENDERR(EINVAL);
-+ }
-+
-+# if KLIPS_DIVULGE_HMAC_KEY
-+ KLIPS_PRINT(debug_pfkey && sysctl_ipsec_debug_verbose,
-+ "ipsec_sa_init: "
-+ "hmac md5-96 key is 0x%08x %08x %08x %08x\n",
-+ ntohl(*(((__u32 *)ipsp->ips_key_a)+0)),
-+ ntohl(*(((__u32 *)ipsp->ips_key_a)+1)),
-+ ntohl(*(((__u32 *)ipsp->ips_key_a)+2)),
-+ ntohl(*(((__u32 *)ipsp->ips_key_a)+3)));
-+# endif /* KLIPS_DIVULGE_HMAC_KEY */
-+
-+ ipsp->ips_auth_bits = AHMD596_ALEN * 8;
-+
-+ /* save the pointer to the key material */
-+ akp = ipsp->ips_key_a;
-+ aks = ipsp->ips_key_a_size;
-+
-+ KLIPS_PRINT(debug_pfkey && sysctl_ipsec_debug_verbose,
-+ "ipsec_sa_init: "
-+ "allocating %lu bytes for md5_ctx.\n",
-+ (unsigned long) sizeof(struct md5_ctx));
-+ if((ipsp->ips_key_a = (caddr_t)
-+ kmalloc(sizeof(struct md5_ctx), GFP_ATOMIC)) == NULL) {
-+ ipsp->ips_key_a = akp;
-+ SENDERR(ENOMEM);
-+ }
-+ ipsp->ips_key_a_size = sizeof(struct md5_ctx);
-+
-+ for (i = 0; i < DIVUP(ipsp->ips_key_bits_a, 8); i++) {
-+ kb[i] = akp[i] ^ HMAC_IPAD;
-+ }
-+ for (; i < AHMD596_BLKLEN; i++) {
-+ kb[i] = HMAC_IPAD;
-+ }
-+
-+ ictx = &(((struct md5_ctx*)(ipsp->ips_key_a))->ictx);
-+ osMD5Init(ictx);
-+ osMD5Update(ictx, kb, AHMD596_BLKLEN);
-+
-+ for (i = 0; i < AHMD596_BLKLEN; i++) {
-+ kb[i] ^= (HMAC_IPAD ^ HMAC_OPAD);
-+ }
-+
-+ octx = &(((struct md5_ctx*)(ipsp->ips_key_a))->octx);
-+ osMD5Init(octx);
-+ osMD5Update(octx, kb, AHMD596_BLKLEN);
-+
-+# if KLIPS_DIVULGE_HMAC_KEY
-+ KLIPS_PRINT(debug_pfkey && sysctl_ipsec_debug_verbose,
-+ "ipsec_sa_init: "
-+ "MD5 ictx=0x%08x %08x %08x %08x octx=0x%08x %08x %08x %08x\n",
-+ ((__u32*)ictx)[0],
-+ ((__u32*)ictx)[1],
-+ ((__u32*)ictx)[2],
-+ ((__u32*)ictx)[3],
-+ ((__u32*)octx)[0],
-+ ((__u32*)octx)[1],
-+ ((__u32*)octx)[2],
-+ ((__u32*)octx)[3] );
-+# endif /* KLIPS_DIVULGE_HMAC_KEY */
-+
-+ /* zero key buffer -- paranoid */
-+ memset(akp, 0, aks);
-+ kfree(akp);
-+ }
-+ break;
-+# endif /* CONFIG_KLIPS_AUTH_HMAC_MD5 */
-+# ifdef CONFIG_KLIPS_AUTH_HMAC_SHA1
-+ case AH_SHA: {
-+ unsigned char *akp;
-+ unsigned int aks;
-+ SHA1_CTX *ictx;
-+ SHA1_CTX *octx;
-+
-+ if(ipsp->ips_key_bits_a != (AHSHA196_KLEN * 8)) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "ipsec_sa_init: "
-+ "incorrect key size: %d bits -- must be %d bits\n"/*octets (bytes)\n"*/,
-+ ipsp->ips_key_bits_a, AHSHA196_KLEN * 8);
-+ SENDERR(EINVAL);
-+ }
-+
-+# if KLIPS_DIVULGE_HMAC_KEY
-+ KLIPS_PRINT(debug_pfkey && sysctl_ipsec_debug_verbose,
-+ "ipsec_sa_init: "
-+ "hmac sha1-96 key is 0x%08x %08x %08x %08x\n",
-+ ntohl(*(((__u32 *)ipsp->ips_key_a)+0)),
-+ ntohl(*(((__u32 *)ipsp->ips_key_a)+1)),
-+ ntohl(*(((__u32 *)ipsp->ips_key_a)+2)),
-+ ntohl(*(((__u32 *)ipsp->ips_key_a)+3)));
-+# endif /* KLIPS_DIVULGE_HMAC_KEY */
-+
-+ ipsp->ips_auth_bits = AHSHA196_ALEN * 8;
-+
-+ /* save the pointer to the key material */
-+ akp = ipsp->ips_key_a;
-+ aks = ipsp->ips_key_a_size;
-+
-+ KLIPS_PRINT(debug_pfkey && sysctl_ipsec_debug_verbose,
-+ "ipsec_sa_init: "
-+ "allocating %lu bytes for sha1_ctx.\n",
-+ (unsigned long) sizeof(struct sha1_ctx));
-+ if((ipsp->ips_key_a = (caddr_t)
-+ kmalloc(sizeof(struct sha1_ctx), GFP_ATOMIC)) == NULL) {
-+ ipsp->ips_key_a = akp;
-+ SENDERR(ENOMEM);
-+ }
-+ ipsp->ips_key_a_size = sizeof(struct sha1_ctx);
-+
-+ for (i = 0; i < DIVUP(ipsp->ips_key_bits_a, 8); i++) {
-+ kb[i] = akp[i] ^ HMAC_IPAD;
-+ }
-+ for (; i < AHMD596_BLKLEN; i++) {
-+ kb[i] = HMAC_IPAD;
-+ }
-+
-+ ictx = &(((struct sha1_ctx*)(ipsp->ips_key_a))->ictx);
-+ SHA1Init(ictx);
-+ SHA1Update(ictx, kb, AHSHA196_BLKLEN);
-+
-+ for (i = 0; i < AHSHA196_BLKLEN; i++) {
-+ kb[i] ^= (HMAC_IPAD ^ HMAC_OPAD);
-+ }
-+
-+ octx = &(((struct sha1_ctx*)(ipsp->ips_key_a))->octx);
-+ SHA1Init(octx);
-+ SHA1Update(octx, kb, AHSHA196_BLKLEN);
-+
-+# if KLIPS_DIVULGE_HMAC_KEY
-+ KLIPS_PRINT(debug_pfkey && sysctl_ipsec_debug_verbose,
-+ "ipsec_sa_init: "
-+ "SHA1 ictx=0x%08x %08x %08x %08x octx=0x%08x %08x %08x %08x\n",
-+ ((__u32*)ictx)[0],
-+ ((__u32*)ictx)[1],
-+ ((__u32*)ictx)[2],
-+ ((__u32*)ictx)[3],
-+ ((__u32*)octx)[0],
-+ ((__u32*)octx)[1],
-+ ((__u32*)octx)[2],
-+ ((__u32*)octx)[3] );
-+# endif /* KLIPS_DIVULGE_HMAC_KEY */
-+ /* zero key buffer -- paranoid */
-+ memset(akp, 0, aks);
-+ kfree(akp);
-+ }
-+ break;
-+# endif /* CONFIG_KLIPS_AUTH_HMAC_SHA1 */
-+ default:
-+ KLIPS_PRINT(debug_pfkey,
-+ "ipsec_sa_init: "
-+ "authalg=%d support not available in the kernel",
-+ ipsp->ips_authalg);
-+ SENDERR(EINVAL);
-+ }
-+ break;
-+#endif /* CONFIG_KLIPS_AH */
-+
-+#ifdef CONFIG_KLIPS_ESP
-+ case IPPROTO_ESP:
-+ {
-+#if defined (CONFIG_KLIPS_AUTH_HMAC_MD5) || defined (CONFIG_KLIPS_AUTH_HMAC_SHA1)
-+ unsigned char *akp;
-+ unsigned int aks;
-+#endif
-+
-+ ipsec_alg_sa_init(ipsp);
-+ ixt_e=ipsp->ips_alg_enc;
-+
-+ if (ixt_e == NULL) {
-+ if(printk_ratelimit()) {
-+ printk(KERN_INFO
-+ "ipsec_sa_init: "
-+ "encalg=%d support not available in the kernel",
-+ ipsp->ips_encalg);
-+ }
-+ SENDERR(ENOENT);
-+ }
-+
-+ ipsp->ips_iv_size = ixt_e->ixt_common.ixt_support.ias_ivlen/8;
-+
-+ /* Create IV */
-+ if (ipsp->ips_iv_size) {
-+ if((ipsp->ips_iv = (caddr_t)
-+ kmalloc(ipsp->ips_iv_size, GFP_ATOMIC)) == NULL) {
-+ SENDERR(ENOMEM);
-+ }
-+ prng_bytes(&ipsec_prng,
-+ (char *)ipsp->ips_iv,
-+ ipsp->ips_iv_size);
-+ ipsp->ips_iv_bits = ipsp->ips_iv_size * 8;
-+ }
-+
-+ if ((error=ipsec_alg_enc_key_create(ipsp)) < 0)
-+ SENDERR(-error);
-+
-+ if ((ixt_a=ipsp->ips_alg_auth)) {
-+ if ((error=ipsec_alg_auth_key_create(ipsp)) < 0)
-+ SENDERR(-error);
-+ } else
-+
-+ switch(ipsp->ips_authalg) {
-+# ifdef CONFIG_KLIPS_AUTH_HMAC_MD5
-+ case AH_MD5: {
-+ MD5_CTX *ictx;
-+ MD5_CTX *octx;
-+
-+ if(ipsp->ips_key_bits_a != (AHMD596_KLEN * 8)) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "ipsec_sa_init: "
-+ "incorrect authorisation key size: %d bits -- must be %d bits\n"/*octets (bytes)\n"*/,
-+ ipsp->ips_key_bits_a,
-+ AHMD596_KLEN * 8);
-+ SENDERR(EINVAL);
-+ }
-+
-+# if KLIPS_DIVULGE_HMAC_KEY
-+ KLIPS_PRINT(debug_pfkey && sysctl_ipsec_debug_verbose,
-+ "ipsec_sa_init: "
-+ "hmac md5-96 key is 0x%08x %08x %08x %08x\n",
-+ ntohl(*(((__u32 *)(ipsp->ips_key_a))+0)),
-+ ntohl(*(((__u32 *)(ipsp->ips_key_a))+1)),
-+ ntohl(*(((__u32 *)(ipsp->ips_key_a))+2)),
-+ ntohl(*(((__u32 *)(ipsp->ips_key_a))+3)));
-+# endif /* KLIPS_DIVULGE_HMAC_KEY */
-+ ipsp->ips_auth_bits = AHMD596_ALEN * 8;
-+
-+ /* save the pointer to the key material */
-+ akp = ipsp->ips_key_a;
-+ aks = ipsp->ips_key_a_size;
-+
-+ KLIPS_PRINT(debug_pfkey && sysctl_ipsec_debug_verbose,
-+ "ipsec_sa_init: "
-+ "allocating %lu bytes for md5_ctx.\n",
-+ (unsigned long) sizeof(struct md5_ctx));
-+ if((ipsp->ips_key_a = (caddr_t)
-+ kmalloc(sizeof(struct md5_ctx), GFP_ATOMIC)) == NULL) {
-+ ipsp->ips_key_a = akp;
-+ SENDERR(ENOMEM);
-+ }
-+ ipsp->ips_key_a_size = sizeof(struct md5_ctx);
-+
-+ for (i = 0; i < DIVUP(ipsp->ips_key_bits_a, 8); i++) {
-+ kb[i] = akp[i] ^ HMAC_IPAD;
-+ }
-+ for (; i < AHMD596_BLKLEN; i++) {
-+ kb[i] = HMAC_IPAD;
-+ }
-+
-+ ictx = &(((struct md5_ctx*)(ipsp->ips_key_a))->ictx);
-+ osMD5Init(ictx);
-+ osMD5Update(ictx, kb, AHMD596_BLKLEN);
-+
-+ for (i = 0; i < AHMD596_BLKLEN; i++) {
-+ kb[i] ^= (HMAC_IPAD ^ HMAC_OPAD);
-+ }
-+
-+ octx = &(((struct md5_ctx*)(ipsp->ips_key_a))->octx);
-+ osMD5Init(octx);
-+ osMD5Update(octx, kb, AHMD596_BLKLEN);
-+
-+# if KLIPS_DIVULGE_HMAC_KEY
-+ KLIPS_PRINT(debug_pfkey && sysctl_ipsec_debug_verbose,
-+ "ipsec_sa_init: "
-+ "MD5 ictx=0x%08x %08x %08x %08x octx=0x%08x %08x %08x %08x\n",
-+ ((__u32*)ictx)[0],
-+ ((__u32*)ictx)[1],
-+ ((__u32*)ictx)[2],
-+ ((__u32*)ictx)[3],
-+ ((__u32*)octx)[0],
-+ ((__u32*)octx)[1],
-+ ((__u32*)octx)[2],
-+ ((__u32*)octx)[3] );
-+# endif /* KLIPS_DIVULGE_HMAC_KEY */
-+ /* paranoid */
-+ memset(akp, 0, aks);
-+ kfree(akp);
-+ break;
-+ }
-+# endif /* CONFIG_KLIPS_AUTH_HMAC_MD5 */
-+# ifdef CONFIG_KLIPS_AUTH_HMAC_SHA1
-+ case AH_SHA: {
-+ SHA1_CTX *ictx;
-+ SHA1_CTX *octx;
-+
-+ if(ipsp->ips_key_bits_a != (AHSHA196_KLEN * 8)) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "ipsec_sa_init: "
-+ "incorrect authorisation key size: %d bits -- must be %d bits\n"/*octets (bytes)\n"*/,
-+ ipsp->ips_key_bits_a,
-+ AHSHA196_KLEN * 8);
-+ SENDERR(EINVAL);
-+ }
-+
-+# if KLIPS_DIVULGE_HMAC_KEY
-+ KLIPS_PRINT(debug_pfkey && sysctl_ipsec_debug_verbose,
-+ "ipsec_sa_init: "
-+ "hmac sha1-96 key is 0x%08x %08x %08x %08x\n",
-+ ntohl(*(((__u32 *)ipsp->ips_key_a)+0)),
-+ ntohl(*(((__u32 *)ipsp->ips_key_a)+1)),
-+ ntohl(*(((__u32 *)ipsp->ips_key_a)+2)),
-+ ntohl(*(((__u32 *)ipsp->ips_key_a)+3)));
-+# endif /* KLIPS_DIVULGE_HMAC_KEY */
-+ ipsp->ips_auth_bits = AHSHA196_ALEN * 8;
-+
-+ /* save the pointer to the key material */
-+ akp = ipsp->ips_key_a;
-+ aks = ipsp->ips_key_a_size;
-+
-+ KLIPS_PRINT(debug_pfkey && sysctl_ipsec_debug_verbose,
-+ "ipsec_sa_init: "
-+ "allocating %lu bytes for sha1_ctx.\n",
-+ (unsigned long) sizeof(struct sha1_ctx));
-+ if((ipsp->ips_key_a = (caddr_t)
-+ kmalloc(sizeof(struct sha1_ctx), GFP_ATOMIC)) == NULL) {
-+ ipsp->ips_key_a = akp;
-+ SENDERR(ENOMEM);
-+ }
-+ ipsp->ips_key_a_size = sizeof(struct sha1_ctx);
-+
-+ for (i = 0; i < DIVUP(ipsp->ips_key_bits_a, 8); i++) {
-+ kb[i] = akp[i] ^ HMAC_IPAD;
-+ }
-+ for (; i < AHMD596_BLKLEN; i++) {
-+ kb[i] = HMAC_IPAD;
-+ }
-+
-+ ictx = &(((struct sha1_ctx*)(ipsp->ips_key_a))->ictx);
-+ SHA1Init(ictx);
-+ SHA1Update(ictx, kb, AHSHA196_BLKLEN);
-+
-+ for (i = 0; i < AHSHA196_BLKLEN; i++) {
-+ kb[i] ^= (HMAC_IPAD ^ HMAC_OPAD);
-+ }
-+
-+ octx = &((struct sha1_ctx*)(ipsp->ips_key_a))->octx;
-+ SHA1Init(octx);
-+ SHA1Update(octx, kb, AHSHA196_BLKLEN);
-+
-+# if KLIPS_DIVULGE_HMAC_KEY
-+ KLIPS_PRINT(debug_pfkey && sysctl_ipsec_debug_verbose,
-+ "ipsec_sa_init: "
-+ "SHA1 ictx=0x%08x %08x %08x %08x octx=0x%08x %08x %08x %08x\n",
-+ ((__u32*)ictx)[0],
-+ ((__u32*)ictx)[1],
-+ ((__u32*)ictx)[2],
-+ ((__u32*)ictx)[3],
-+ ((__u32*)octx)[0],
-+ ((__u32*)octx)[1],
-+ ((__u32*)octx)[2],
-+ ((__u32*)octx)[3] );
-+# endif /* KLIPS_DIVULGE_HMAC_KEY */
-+ memset(akp, 0, aks);
-+ kfree(akp);
-+ break;
-+ }
-+# endif /* CONFIG_KLIPS_AUTH_HMAC_SHA1 */
-+ case AH_NONE:
-+ break;
-+ default:
-+ KLIPS_PRINT(debug_pfkey,
-+ "ipsec_sa_init: "
-+ "authalg=%d support not available in the kernel.\n",
-+ ipsp->ips_authalg);
-+ SENDERR(EINVAL);
-+ }
-+ }
-+ break;
-+#endif /* !CONFIG_KLIPS_ESP */
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ case IPPROTO_COMP:
-+ ipsp->ips_comp_adapt_tries = 0;
-+ ipsp->ips_comp_adapt_skip = 0;
-+ ipsp->ips_comp_ratio_cbytes = 0;
-+ ipsp->ips_comp_ratio_dbytes = 0;
-+ break;
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+ default:
-+ printk(KERN_ERR "KLIPS sa initialization: "
-+ "proto=%d unknown.\n",
-+ ipsp->ips_said.proto);
-+ SENDERR(EINVAL);
-+ }
-+
-+ errlab:
-+ return(error);
-+}
-+
-+
-+
-+/*
-+ * $Log: ipsec_sa.c,v $
-+ * Revision 1.30.2.2 2006/10/06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.30.2.1 2006/04/20 16:33:07 mcr
-+ * remove all of CONFIG_KLIPS_ALG --- one can no longer build without it.
-+ * Fix in-kernel module compilation. Sub-makefiles do not work.
-+ *
-+ * Revision 1.30 2005/05/24 01:02:35 mcr
-+ * some refactoring/simplification of situation where alg
-+ * is not found.
-+ *
-+ * Revision 1.29 2005/05/18 19:13:28 mcr
-+ * rename debug messages. make sure that algo not found is not
-+ * a debug message.
-+ *
-+ * Revision 1.28 2005/05/11 01:30:20 mcr
-+ * removed "poor-man"s OOP in favour of proper C structures.
-+ *
-+ * Revision 1.27 2005/04/29 05:10:22 mcr
-+ * removed from extraenous includes to make unit testing easier.
-+ *
-+ * Revision 1.26 2005/04/14 20:56:24 mcr
-+ * moved (pfkey_)ipsec_sa_init to ipsec_sa.c.
-+ *
-+ * Revision 1.25 2004/08/22 20:12:16 mcr
-+ * one more KLIPS_NAT->IPSEC_NAT.
-+ *
-+ * Revision 1.24 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.23 2004/04/06 02:49:26 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.22.2.1 2003/12/22 15:25:52 jjo
-+ * . Merged algo-0.8.1-rc11-test1 into alg-branch
-+ *
-+ * Revision 1.22 2003/12/10 01:14:27 mcr
-+ * NAT-traversal patches to KLIPS.
-+ *
-+ * Revision 1.21 2003/10/31 02:27:55 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.20.4.1 2003/10/29 01:30:41 mcr
-+ * elimited "struct sa_id".
-+ *
-+ * Revision 1.20 2003/02/06 01:50:34 rgb
-+ * Fixed initialisation bug for first sadb hash bucket that would only manifest itself on platforms where NULL != 0.
-+ *
-+ * Revision 1.19 2003/01/30 02:32:22 rgb
-+ *
-+ * Rename SAref table macro names for clarity.
-+ * Transmit error code through to caller from callee for better diagnosis of problems.
-+ * Convert IPsecSAref_t from signed to unsigned to fix apparent SAref exhaustion bug.
-+ *
-+ * Revision 1.18 2002/10/12 23:11:53 dhr
-+ *
-+ * [KenB + DHR] more 64-bit cleanup
-+ *
-+ * Revision 1.17 2002/10/07 18:31:43 rgb
-+ * Move field width sanity checks to ipsec_sa.c
-+ *
-+ * Revision 1.16 2002/09/20 15:41:02 rgb
-+ * Re-wrote most of the SAref code to eliminate Entry pointers.
-+ * Added SAref code compiler directive switch.
-+ * Added a saref test function for testing macros.
-+ * Switch from pfkey_alloc_ipsec_sa() to ipsec_sa_alloc().
-+ * Split ipsec_sadb_cleanup from new funciton ipsec_sadb_free to avoid problem
-+ * of freeing newly created structures when clearing the reftable upon startup
-+ * to start from a known state.
-+ * Place all ipsec sadb globals into one struct.
-+ * Rework saref freelist.
-+ * Added memory allocation debugging.
-+ *
-+ * Revision 1.15 2002/09/20 05:01:44 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.14 2002/08/13 19:01:25 mcr
-+ * patches from kenb to permit compilation of FreeSWAN on ia64.
-+ * des library patched to use proper DES_LONG type for ia64.
-+ *
-+ * Revision 1.13 2002/07/29 03:06:20 mcr
-+ * get rid of variable not used warnings.
-+ *
-+ * Revision 1.12 2002/07/26 08:48:31 rgb
-+ * Added SA ref table code.
-+ *
-+ * Revision 1.11 2002/06/04 16:48:49 rgb
-+ * Tidied up pointer code for processor independance.
-+ *
-+ * Revision 1.10 2002/05/23 07:16:17 rgb
-+ * Added ipsec_sa_put() for releasing an ipsec_sa refcount.
-+ * Pointer clean-up.
-+ * Added refcount code.
-+ * Convert "usecount" to "refcount" to remove ambiguity.
-+ *
-+ * Revision 1.9 2002/05/14 02:34:49 rgb
-+ * Converted reference from ipsec_sa_put to ipsec_sa_add to avoid confusion
-+ * with "put" usage in the kernel.
-+ * Change all references to tdb, TDB or Tunnel Descriptor Block to ips,
-+ * ipsec_sa or ipsec_sa.
-+ * Added some preliminary refcount code.
-+ *
-+ * Revision 1.8 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.7 2002/04/24 07:36:30 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_sa.c,v
-+ *
-+ * Revision 1.6 2002/04/20 00:12:25 rgb
-+ * Added esp IV CBC attack fix, disabled.
-+ *
-+ * Revision 1.5 2002/01/29 17:17:56 mcr
-+ * moved include of ipsec_param.h to after include of linux/kernel.h
-+ * otherwise, it seems that some option that is set in ipsec_param.h
-+ * screws up something subtle in the include path to kernel.h, and
-+ * it complains on the snprintf() prototype.
-+ *
-+ * Revision 1.4 2002/01/29 04:00:52 mcr
-+ * more excise of kversions.h header.
-+ *
-+ * Revision 1.3 2002/01/29 02:13:18 mcr
-+ * introduction of ipsec_kversion.h means that include of
-+ * ipsec_param.h must preceed any decisions about what files to
-+ * include to deal with differences in kernel source.
-+ *
-+ * Revision 1.2 2001/11/26 09:16:15 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.1.2.2 2001/10/22 21:05:41 mcr
-+ * removed phony prototype for des_set_key.
-+ *
-+ * Revision 1.1.2.1 2001/09/25 02:24:57 mcr
-+ * struct tdb -> struct ipsec_sa.
-+ * sa(tdb) manipulation functions renamed and moved to ipsec_sa.c
-+ * ipsec_xform.c removed. header file still contains useful things.
-+ *
-+ *
-+ *
-+ * CLONED from ipsec_xform.c:
-+ * Revision 1.53 2001/09/08 21:13:34 rgb
-+ * Added pfkey ident extension support for ISAKMPd. (NetCelo)
-+ *
-+ * Revision 1.52 2001/06/14 19:35:11 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.51 2001/05/30 08:14:03 rgb
-+ * Removed vestiges of esp-null transforms.
-+ *
-+ * Revision 1.50 2001/05/03 19:43:18 rgb
-+ * Initialise error return variable.
-+ * Update SENDERR macro.
-+ * Fix sign of error return code for ipsec_tdbcleanup().
-+ * Use more appropriate return code for ipsec_tdbwipe().
-+ *
-+ * Revision 1.49 2001/04/19 18:56:17 rgb
-+ * Fixed tdb table locking comments.
-+ *
-+ * Revision 1.48 2001/02/27 22:24:55 rgb
-+ * Re-formatting debug output (line-splitting, joining, 1arg/line).
-+ * Check for satoa() return codes.
-+ *
-+ * Revision 1.47 2000/11/06 04:32:08 rgb
-+ * Ditched spin_lock_irqsave in favour of spin_lock_bh.
-+ *
-+ * Revision 1.46 2000/09/20 16:21:57 rgb
-+ * Cleaned up ident string alloc/free.
-+ *
-+ * Revision 1.45 2000/09/08 19:16:51 rgb
-+ * Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
-+ * Removed all references to CONFIG_IPSEC_PFKEYv2.
-+ *
-+ * Revision 1.44 2000/08/30 05:29:04 rgb
-+ * Compiler-define out no longer used tdb_init() in ipsec_xform.c.
-+ *
-+ * Revision 1.43 2000/08/18 21:30:41 rgb
-+ * Purged all tdb_spi, tdb_proto and tdb_dst macros. They are unclear.
-+ *
-+ * Revision 1.42 2000/08/01 14:51:51 rgb
-+ * Removed _all_ remaining traces of DES.
-+ *
-+ * Revision 1.41 2000/07/28 14:58:31 rgb
-+ * Changed kfree_s to kfree, eliminating extra arg to fix 2.4.0-test5.
-+ *
-+ * Revision 1.40 2000/06/28 05:50:11 rgb
-+ * Actually set iv_bits.
-+ *
-+ * Revision 1.39 2000/05/10 23:11:09 rgb
-+ * Added netlink debugging output.
-+ * Added a cast to quiet down the ntohl bug.
-+ *
-+ * Revision 1.38 2000/05/10 19:18:42 rgb
-+ * Cast output of ntohl so that the broken prototype doesn't make our
-+ * compile noisy.
-+ *
-+ * Revision 1.37 2000/03/16 14:04:59 rgb
-+ * Hardwired CONFIG_IPSEC_PFKEYv2 on.
-+ *
-+ * Revision 1.36 2000/01/26 10:11:28 rgb
-+ * Fixed spacing in error text causing run-in words.
-+ *
-+ * Revision 1.35 2000/01/21 06:17:16 rgb
-+ * Tidied up compiler directive indentation for readability.
-+ * Added ictx,octx vars for simplification.(kravietz)
-+ * Added macros for HMAC padding magic numbers.(kravietz)
-+ * Fixed missing key length reporting bug.
-+ * Fixed bug in tdbwipe to return immediately on NULL tdbp passed in.
-+ *
-+ * Revision 1.34 1999/12/08 00:04:19 rgb
-+ * Fixed SA direction overwriting bug for netlink users.
-+ *
-+ * Revision 1.33 1999/12/01 22:16:44 rgb
-+ * Minor formatting changes in ESP MD5 initialisation.
-+ *
-+ * Revision 1.32 1999/11/25 09:06:36 rgb
-+ * Fixed error return messages, should be returning negative numbers.
-+ * Implemented SENDERR macro for propagating error codes.
-+ * Added debug message and separate error code for algorithms not compiled
-+ * in.
-+ *
-+ * Revision 1.31 1999/11/23 23:06:26 rgb
-+ * Sort out pfkey and freeswan headers, putting them in a library path.
-+ *
-+ * Revision 1.30 1999/11/18 04:09:20 rgb
-+ * Replaced all kernel version macros to shorter, readable form.
-+ *
-+ * Revision 1.29 1999/11/17 15:53:40 rgb
-+ * Changed all occurrences of #include "../../../lib/freeswan.h"
-+ * to #include <freeswan.h> which works due to -Ilibfreeswan in the
-+ * klips/net/ipsec/Makefile.
-+ *
-+ * Revision 1.28 1999/10/18 20:04:01 rgb
-+ * Clean-out unused cruft.
-+ *
-+ * Revision 1.27 1999/10/03 19:01:03 rgb
-+ * Spinlock support for 2.3.xx and 2.0.xx kernels.
-+ *
-+ * Revision 1.26 1999/10/01 16:22:24 rgb
-+ * Switch from assignment init. to functional init. of spinlocks.
-+ *
-+ * Revision 1.25 1999/10/01 15:44:54 rgb
-+ * Move spinlock header include to 2.1> scope.
-+ *
-+ * Revision 1.24 1999/10/01 00:03:46 rgb
-+ * Added tdb structure locking.
-+ * Minor formatting changes.
-+ * Add function to initialize tdb hash table.
-+ *
-+ * Revision 1.23 1999/05/25 22:42:12 rgb
-+ * Add deltdbchain() debugging.
-+ *
-+ * Revision 1.22 1999/05/25 21:24:31 rgb
-+ * Add debugging statements to deltdbchain().
-+ *
-+ * Revision 1.21 1999/05/25 03:51:48 rgb
-+ * Refix error return code.
-+ *
-+ * Revision 1.20 1999/05/25 03:34:07 rgb
-+ * Fix error return for flush.
-+ *
-+ * Revision 1.19 1999/05/09 03:25:37 rgb
-+ * Fix bug introduced by 2.2 quick-and-dirty patch.
-+ *
-+ * Revision 1.18 1999/05/05 22:02:32 rgb
-+ * Add a quick and dirty port to 2.2 kernels by Marc Boucher <marc@mbsi.ca>.
-+ *
-+ * Revision 1.17 1999/04/29 15:20:16 rgb
-+ * Change gettdb parameter to a pointer to reduce stack loading and
-+ * facilitate parameter sanity checking.
-+ * Add sanity checking for null pointer arguments.
-+ * Add debugging instrumentation.
-+ * Add function deltdbchain() which will take care of unlinking,
-+ * zeroing and deleting a chain of tdbs.
-+ * Add a parameter to tdbcleanup to be able to delete a class of SAs.
-+ * tdbwipe now actually zeroes the tdb as well as any of its pointed
-+ * structures.
-+ *
-+ * Revision 1.16 1999/04/16 15:36:29 rgb
-+ * Fix cut-and-paste error causing a memory leak in IPIP TDB freeing.
-+ *
-+ * Revision 1.15 1999/04/11 00:29:01 henry
-+ * GPL boilerplate
-+ *
-+ * Revision 1.14 1999/04/06 04:54:28 rgb
-+ * Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+ * patch shell fixes.
-+ *
-+ * Revision 1.13 1999/02/19 18:23:01 rgb
-+ * Nix debug off compile warning.
-+ *
-+ * Revision 1.12 1999/02/17 16:52:16 rgb
-+ * Consolidate satoa()s for space and speed efficiency.
-+ * Convert DEBUG_IPSEC to KLIPS_PRINT
-+ * Clean out unused cruft.
-+ * Ditch NET_IPIP dependancy.
-+ * Loop for 3des key setting.
-+ *
-+ * Revision 1.11 1999/01/26 02:09:05 rgb
-+ * Remove ah/esp/IPIP switching on include files.
-+ * Removed CONFIG_IPSEC_ALGO_SWITCH macro.
-+ * Removed dead code.
-+ * Clean up debug code when switched off.
-+ * Remove references to INET_GET_PROTOCOL.
-+ * Added code exclusion macros to reduce code from unused algorithms.
-+ *
-+ * Revision 1.10 1999/01/22 06:28:55 rgb
-+ * Cruft clean-out.
-+ * Put random IV generation in kernel.
-+ * Added algorithm switch code.
-+ * Enhanced debugging.
-+ * 64-bit clean-up.
-+ *
-+ * Revision 1.9 1998/11/30 13:22:55 rgb
-+ * Rationalised all the klips kernel file headers. They are much shorter
-+ * now and won't conflict under RH5.2.
-+ *
-+ * Revision 1.8 1998/11/25 04:59:06 rgb
-+ * Add conditionals for no IPIP tunnel code.
-+ * Delete commented out code.
-+ *
-+ * Revision 1.7 1998/10/31 06:50:41 rgb
-+ * Convert xform ASCII names to no spaces.
-+ * Fixed up comments in #endif directives.
-+ *
-+ * Revision 1.6 1998/10/19 14:44:28 rgb
-+ * Added inclusion of freeswan.h.
-+ * sa_id structure implemented and used: now includes protocol.
-+ *
-+ * Revision 1.5 1998/10/09 04:32:19 rgb
-+ * Added 'klips_debug' prefix to all klips printk debug statements.
-+ *
-+ * Revision 1.4 1998/08/12 00:11:31 rgb
-+ * Added new xform functions to the xform table.
-+ * Fixed minor debug output spelling error.
-+ *
-+ * Revision 1.3 1998/07/09 17:45:31 rgb
-+ * Clarify algorithm not available message.
-+ *
-+ * Revision 1.2 1998/06/23 03:00:51 rgb
-+ * Check for presence of IPIP protocol if it is setup one way (we don't
-+ * know what has been set up the other way and can only assume it will be
-+ * symmetrical with the exception of keys).
-+ *
-+ * Revision 1.1 1998/06/18 21:27:51 henry
-+ * move sources from klips/src to klips/net/ipsec, to keep stupid
-+ * kernel-build scripts happier in the presence of symlinks
-+ *
-+ * Revision 1.3 1998/06/11 05:54:59 rgb
-+ * Added transform version string pointer to xformsw initialisations.
-+ *
-+ * Revision 1.2 1998/04/21 21:28:57 rgb
-+ * Rearrange debug switches to change on the fly debug output from user
-+ * space. Only kernel changes checked in at this time. radij.c was also
-+ * changed to temporarily remove buggy debugging code in rj_delete causing
-+ * an OOPS and hence, netlink device open errors.
-+ *
-+ * Revision 1.1 1998/04/09 03:06:13 henry
-+ * sources moved up from linux/net/ipsec
-+ *
-+ * Revision 1.1.1.1 1998/04/08 05:35:02 henry
-+ * RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
-+ *
-+ * Revision 0.5 1997/06/03 04:24:48 ji
-+ * Added ESP-3DES-MD5-96
-+ *
-+ * Revision 0.4 1997/01/15 01:28:15 ji
-+ * Added new transforms.
-+ *
-+ * Revision 0.3 1996/11/20 14:39:04 ji
-+ * Minor cleanups.
-+ * Rationalized debugging code.
-+ *
-+ * Revision 0.2 1996/11/02 00:18:33 ji
-+ * First limited release.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_sha1.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,219 @@
-+/*
-+ * RCSID $Id: ipsec_sha1.c,v 1.9 2004/04/06 02:49:26 mcr Exp $
-+ */
-+
-+/*
-+ * The rest of the code is derived from sha1.c by Steve Reid, which is
-+ * public domain.
-+ * Minor cosmetic changes to accomodate it in the Linux kernel by ji.
-+ */
-+
-+#include <asm/byteorder.h>
-+#include <linux/string.h>
-+
-+#include "openswan/ipsec_sha1.h"
-+
-+#if defined(rol)
-+#undef rol
-+#endif
-+
-+#define SHA1HANDSOFF
-+
-+#define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits))))
-+
-+/* blk0() and blk() perform the initial expand. */
-+/* I got the idea of expanding during the round function from SSLeay */
-+#ifdef __LITTLE_ENDIAN
-+#define blk0(i) (block->l[i] = (rol(block->l[i],24)&0xFF00FF00) \
-+ |(rol(block->l[i],8)&0x00FF00FF))
-+#else
-+#define blk0(i) block->l[i]
-+#endif
-+#define blk(i) (block->l[i&15] = rol(block->l[(i+13)&15]^block->l[(i+8)&15] \
-+ ^block->l[(i+2)&15]^block->l[i&15],1))
-+
-+/* (R0+R1), R2, R3, R4 are the different operations used in SHA1 */
-+#define R0(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk0(i)+0x5A827999+rol(v,5);w=rol(w,30);
-+#define R1(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk(i)+0x5A827999+rol(v,5);w=rol(w,30);
-+#define R2(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0x6ED9EBA1+rol(v,5);w=rol(w,30);
-+#define R3(v,w,x,y,z,i) z+=(((w|x)&y)|(w&x))+blk(i)+0x8F1BBCDC+rol(v,5);w=rol(w,30);
-+#define R4(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0xCA62C1D6+rol(v,5);w=rol(w,30);
-+
-+
-+/* Hash a single 512-bit block. This is the core of the algorithm. */
-+
-+void SHA1Transform(__u32 state[5], __u8 buffer[64])
-+{
-+__u32 a, b, c, d, e;
-+typedef union {
-+ unsigned char c[64];
-+ __u32 l[16];
-+} CHAR64LONG16;
-+CHAR64LONG16* block;
-+#ifdef SHA1HANDSOFF
-+static unsigned char workspace[64];
-+ block = (CHAR64LONG16*)workspace;
-+ memcpy(block, buffer, 64);
-+#else
-+ block = (CHAR64LONG16*)buffer;
-+#endif
-+ /* Copy context->state[] to working vars */
-+ a = state[0];
-+ b = state[1];
-+ c = state[2];
-+ d = state[3];
-+ e = state[4];
-+ /* 4 rounds of 20 operations each. Loop unrolled. */
-+ R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3);
-+ R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7);
-+ R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11);
-+ R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15);
-+ R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19);
-+ R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23);
-+ R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27);
-+ R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31);
-+ R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35);
-+ R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39);
-+ R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43);
-+ R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47);
-+ R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51);
-+ R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55);
-+ R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59);
-+ R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63);
-+ R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67);
-+ R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71);
-+ R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75);
-+ R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79);
-+ /* Add the working vars back into context.state[] */
-+ state[0] += a;
-+ state[1] += b;
-+ state[2] += c;
-+ state[3] += d;
-+ state[4] += e;
-+ /* Wipe variables */
-+ a = b = c = d = e = 0;
-+}
-+
-+
-+/* SHA1Init - Initialize new context */
-+
-+void SHA1Init(void *vcontext)
-+{
-+ SHA1_CTX* context = vcontext;
-+
-+ /* SHA1 initialization constants */
-+ context->state[0] = 0x67452301;
-+ context->state[1] = 0xEFCDAB89;
-+ context->state[2] = 0x98BADCFE;
-+ context->state[3] = 0x10325476;
-+ context->state[4] = 0xC3D2E1F0;
-+ context->count[0] = context->count[1] = 0;
-+}
-+
-+
-+/* Run your data through this. */
-+
-+void SHA1Update(void *vcontext, unsigned char* data, __u32 len)
-+{
-+ SHA1_CTX* context = vcontext;
-+ __u32 i, j;
-+
-+ j = context->count[0];
-+ if ((context->count[0] += len << 3) < j)
-+ context->count[1]++;
-+ context->count[1] += (len>>29);
-+ j = (j >> 3) & 63;
-+ if ((j + len) > 63) {
-+ memcpy(&context->buffer[j], data, (i = 64-j));
-+ SHA1Transform(context->state, context->buffer);
-+ for ( ; i + 63 < len; i += 64) {
-+ SHA1Transform(context->state, &data[i]);
-+ }
-+ j = 0;
-+ }
-+ else i = 0;
-+ memcpy(&context->buffer[j], &data[i], len - i);
-+}
-+
-+
-+/* Add padding and return the message digest. */
-+
-+void SHA1Final(unsigned char digest[20], void *vcontext)
-+{
-+ __u32 i, j;
-+ unsigned char finalcount[8];
-+ SHA1_CTX* context = vcontext;
-+
-+ for (i = 0; i < 8; i++) {
-+ finalcount[i] = (unsigned char)((context->count[(i >= 4 ? 0 : 1)]
-+ >> ((3-(i & 3)) * 8) ) & 255); /* Endian independent */
-+ }
-+ SHA1Update(context, (unsigned char *)"\200", 1);
-+ while ((context->count[0] & 504) != 448) {
-+ SHA1Update(context, (unsigned char *)"\0", 1);
-+ }
-+ SHA1Update(context, finalcount, 8); /* Should cause a SHA1Transform() */
-+ for (i = 0; i < 20; i++) {
-+ digest[i] = (unsigned char)
-+ ((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255);
-+ }
-+ /* Wipe variables */
-+ i = j = 0;
-+ memset(context->buffer, 0, 64);
-+ memset(context->state, 0, 20);
-+ memset(context->count, 0, 8);
-+ memset(&finalcount, 0, 8);
-+#ifdef SHA1HANDSOFF /* make SHA1Transform overwrite its own static vars */
-+ SHA1Transform(context->state, context->buffer);
-+#endif
-+}
-+
-+
-+/*
-+ * $Log: ipsec_sha1.c,v $
-+ * Revision 1.9 2004/04/06 02:49:26 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.8 2002/09/10 01:45:14 mcr
-+ * changed type of MD5_CTX and SHA1_CTX to void * so that
-+ * the function prototypes would match, and could be placed
-+ * into a pointer to a function.
-+ *
-+ * Revision 1.7 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.6 2002/04/24 07:36:30 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_sha1.c,v
-+ *
-+ * Revision 1.5 1999/12/13 13:59:13 rgb
-+ * Quick fix to argument size to Update bugs.
-+ *
-+ * Revision 1.4 1999/04/11 00:29:00 henry
-+ * GPL boilerplate
-+ *
-+ * Revision 1.3 1999/04/06 04:54:27 rgb
-+ * Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+ * patch shell fixes.
-+ *
-+ * Revision 1.2 1999/01/22 06:55:50 rgb
-+ * 64-bit clean-up.
-+ *
-+ * Revision 1.1 1998/06/18 21:27:50 henry
-+ * move sources from klips/src to klips/net/ipsec, to keep stupid
-+ * kernel-build scripts happier in the presence of symlinks
-+ *
-+ * Revision 1.2 1998/04/23 20:54:04 rgb
-+ * Fixed md5 and sha1 include file nesting issues, to be cleaned up when
-+ * verified.
-+ *
-+ * Revision 1.1 1998/04/09 03:06:11 henry
-+ * sources moved up from linux/net/ipsec
-+ *
-+ * Revision 1.1.1.1 1998/04/08 05:35:05 henry
-+ * RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
-+ *
-+ * Revision 0.4 1997/01/15 01:28:15 ji
-+ * New transform
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_snprintf.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,135 @@
-+/*
-+ * @(#) ipsec_snprintf() function
-+ *
-+ * Copyright (C) 1998, 1999, 2000, 2001 Richard Guy Briggs <rgb@freeswan.org>
-+ * 2001 Michael Richardson <mcr@freeswan.org>
-+ * Copyright (C) 2005 Michael Richardson <mcr@xelerance.com>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * Split out from ipsec_proc.c.
-+ */
-+
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+#define __NO_VERSION__
-+#include <linux/module.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "openswan/ipsec_kversion.h"
-+#include "openswan/ipsec_param.h"
-+
-+#include <net/ip.h>
-+
-+#include "openswan/radij.h"
-+
-+#include "openswan/ipsec_life.h"
-+#include "openswan/ipsec_stats.h"
-+#include "openswan/ipsec_sa.h"
-+
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_radij.h"
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_tunnel.h"
-+#include "openswan/ipsec_xmit.h"
-+
-+#include "openswan/ipsec_rcv.h"
-+#include "openswan/ipsec_ah.h"
-+#include "openswan/ipsec_esp.h"
-+#include "openswan/ipsec_kern24.h"
-+
-+#ifdef CONFIG_KLIPS_IPCOMP
-+#include "openswan/ipcomp.h"
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+
-+#include "openswan/ipsec_proto.h"
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+/* ipsec_snprintf: like snprintf except
-+ * - size is signed and a negative value is treated as if it were 0
-+ * - the returned result is never negative --
-+ * an error generates a "?" or null output (depending on space).
-+ * (Our callers are too lazy to check for an error return.)
-+ *
-+ * @param buf String buffer
-+ * @param size Size of the string
-+ * @param fmt printf string
-+ * @param ... Variables to be displayed in fmt
-+ * @return int Return code
-+ */
-+int ipsec_snprintf(char *buf, ssize_t size, const char *fmt, ...)
-+{
-+ va_list args;
-+ int i;
-+ size_t possize = size < 0? 0 : size;
-+ va_start(args, fmt);
-+ i = vsnprintf(buf,possize,fmt,args);
-+ va_end(args);
-+ if (i < 0) {
-+ /* create empty output in place of error */
-+ i = 0;
-+ if (size > 0) {
-+ *buf = '\0';
-+ }
-+ }
-+ return i;
-+}
-+
-+
-+void ipsec_dmp_block(char *s, caddr_t bb, int len)
-+{
-+ int i;
-+ unsigned char *b = bb;
-+
-+ printk(KERN_INFO "klips_dmp: "
-+ "at %s, len=%d:\n", s, len);
-+
-+ for(i = 0; i < len; i++ /*, c++*/) {
-+ if(!(i % 16)) {
-+ printk(KERN_INFO
-+ "klips_debug: @%03x:",
-+ i);
-+ }
-+ printk(" %02x", b[i]);
-+ if(!((i + 1) % 16)) {
-+ printk("\n");
-+ }
-+ }
-+ if(i % 16) {
-+ printk("\n");
-+ }
-+}
-+
-+/*
-+ *
-+ * $Log: ipsec_snprintf.c,v $
-+ * Revision 1.3.2.1 2006/10/06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.3 2005/04/29 05:10:22 mcr
-+ * removed from extraenous includes to make unit testing easier.
-+ *
-+ * Revision 1.2 2005/04/15 00:32:01 mcr
-+ * added ipsec_dmp_block routine.
-+ *
-+ *
-+ * Local Variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_tunnel.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,2878 @@
-+/*
-+ * IPSEC Tunneling code. Heavily based on drivers/net/new_tunnel.c
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ */
-+
-+char ipsec_tunnel_c_version[] = "RCSID $Id: ipsec_tunnel.c,v 1.232.2.5 2006/10/06 21:39:26 paul Exp $";
-+
-+#define __NO_VERSION__
-+#include <linux/module.h>
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif /* for CONFIG_IP_FORWARD */
-+#include <linux/version.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "openswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/interrupt.h> /* mark_bh */
-+
-+#include <net/tcp.h>
-+#include <net/udp.h>
-+#include <linux/skbuff.h>
-+
-+#include <linux/netdevice.h> /* struct device, struct net_device_stats, dev_queue_xmit() and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+#include <linux/skbuff.h>
-+
-+#include <openswan.h>
-+
-+#ifdef NET_21
-+# include <linux/in6.h>
-+# define ip_chk_addr inet_addr_type
-+# define IS_MYADDR RTN_LOCAL
-+# include <net/dst.h>
-+# undef dev_kfree_skb
-+# define dev_kfree_skb(a,b) kfree_skb(a)
-+# define PHYSDEV_TYPE
-+#endif /* NET_21 */
-+
-+#include <net/icmp.h> /* icmp_send() */
-+#include <net/ip.h>
-+#ifdef NETDEV_23
-+# include <linux/netfilter_ipv4.h>
-+#endif /* NETDEV_23 */
-+
-+#include <linux/if_arp.h>
-+#include <net/arp.h>
-+
-+#include "openswan/ipsec_kversion.h"
-+#include "openswan/radij.h"
-+#include "openswan/ipsec_life.h"
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_eroute.h"
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_radij.h"
-+#include "openswan/ipsec_sa.h"
-+#include "openswan/ipsec_tunnel.h"
-+#include "openswan/ipsec_xmit.h"
-+#include "openswan/ipsec_ipe4.h"
-+#include "openswan/ipsec_ah.h"
-+#include "openswan/ipsec_esp.h"
-+#include "openswan/ipsec_kern24.h"
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+#include "openswan/ipsec_proto.h"
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+#include <linux/udp.h>
-+#endif
-+
-+static __u32 zeroes[64];
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+int debug_tunnel = 0;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+DEBUG_NO_STATIC int
-+ipsec_tunnel_open(struct net_device *dev)
-+{
-+ struct ipsecpriv *prv = dev->priv;
-+
-+ /*
-+ * Can't open until attached.
-+ */
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_open: "
-+ "dev = %s, prv->dev = %s\n",
-+ dev->name, prv->dev?prv->dev->name:"NONE");
-+
-+ if (prv->dev == NULL)
-+ return -ENODEV;
-+
-+ KLIPS_INC_USE;
-+ return 0;
-+}
-+
-+DEBUG_NO_STATIC int
-+ipsec_tunnel_close(struct net_device *dev)
-+{
-+ KLIPS_DEC_USE;
-+ return 0;
-+}
-+
-+#ifdef NETDEV_23
-+static inline int ipsec_tunnel_xmit2(struct sk_buff *skb)
-+{
-+#ifdef NETDEV_25 /* 2.6 kernels */
-+ return dst_output(skb);
-+#else
-+ return ip_send(skb);
-+#endif
-+}
-+#endif /* NETDEV_23 */
-+
-+enum ipsec_xmit_value
-+ipsec_tunnel_strip_hard_header(struct ipsec_xmit_state *ixs)
-+{
-+ /* ixs->physdev->hard_header_len is unreliable and should not be used */
-+ ixs->hard_header_len = (unsigned char *)(ixs->iph) - ixs->skb->data;
-+
-+ if(ixs->hard_header_len < 0) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_error:ipsec_xmit_strip_hard_header: "
-+ "Negative hard_header_len (%d)?!\n", ixs->hard_header_len);
-+ ixs->stats->tx_dropped++;
-+ return IPSEC_XMIT_BADHHLEN;
-+ }
-+
-+ /* while ixs->physdev->hard_header_len is unreliable and
-+ * should not be trusted, it accurate and required for ATM, GRE and
-+ * some other interfaces to work. Thanks to Willy Tarreau
-+ * <willy@w.ods.org>.
-+ */
-+ if(ixs->hard_header_len == 0) { /* no hard header present */
-+ ixs->hard_header_stripped = 1;
-+ ixs->hard_header_len = ixs->physdev->hard_header_len;
-+ }
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if (debug_tunnel & DB_TN_XMIT) {
-+ int i;
-+ char c;
-+
-+ printk(KERN_INFO "klips_debug:ipsec_xmit_strip_hard_header: "
-+ ">>> skb->len=%ld hard_header_len:%d",
-+ (unsigned long int)ixs->skb->len, ixs->hard_header_len);
-+ c = ' ';
-+ for (i=0; i < ixs->hard_header_len; i++) {
-+ printk("%c%02x", c, ixs->skb->data[i]);
-+ c = ':';
-+ }
-+ printk(" \n");
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ KLIPS_IP_PRINT(debug_tunnel & DB_TN_XMIT, ixs->iph);
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_strip_hard_header: "
-+ "Original head,tailroom: %d,%d\n",
-+ skb_headroom(ixs->skb), skb_tailroom(ixs->skb));
-+
-+ return IPSEC_XMIT_OK;
-+}
-+
-+enum ipsec_xmit_value
-+ipsec_tunnel_SAlookup(struct ipsec_xmit_state *ixs)
-+{
-+ unsigned int bypass;
-+
-+ bypass = FALSE;
-+
-+ /*
-+ * First things first -- look us up in the erouting tables.
-+ */
-+ ixs->matcher.sen_len = sizeof (struct sockaddr_encap);
-+ ixs->matcher.sen_family = AF_ENCAP;
-+ ixs->matcher.sen_type = SENT_IP4;
-+ ixs->matcher.sen_ip_src.s_addr = ixs->iph->saddr;
-+ ixs->matcher.sen_ip_dst.s_addr = ixs->iph->daddr;
-+ ixs->matcher.sen_proto = ixs->iph->protocol;
-+ ipsec_extract_ports(ixs->iph, &ixs->matcher);
-+
-+ /*
-+ * The spinlock is to prevent any other process from accessing or deleting
-+ * the eroute while we are using and updating it.
-+ */
-+ spin_lock(&eroute_lock);
-+
-+ ixs->eroute = ipsec_findroute(&ixs->matcher);
-+
-+ if(ixs->iph->protocol == IPPROTO_UDP) {
-+ struct udphdr *t = NULL;
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:udp port check: "
-+ "fragoff: %d len: %d>%ld \n",
-+ ntohs(ixs->iph->frag_off) & IP_OFFSET,
-+ (ixs->skb->len - ixs->hard_header_len),
-+ (unsigned long int) ((ixs->iph->ihl << 2) + sizeof(struct udphdr)));
-+
-+ if((ntohs(ixs->iph->frag_off) & IP_OFFSET) == 0 &&
-+ ((ixs->skb->len - ixs->hard_header_len) >=
-+ ((ixs->iph->ihl << 2) + sizeof(struct udphdr))))
-+ {
-+ t =((struct udphdr*)((caddr_t)ixs->iph+(ixs->iph->ihl<<2)));
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:udp port in packet: "
-+ "port %d -> %d\n",
-+ ntohs(t->source), ntohs(t->dest));
-+ }
-+
-+ ixs->sport=0; ixs->dport=0;
-+
-+ if(ixs->skb->sk) {
-+#ifdef NET_26
-+ struct udp_sock *us;
-+
-+ us = (struct udp_sock *)ixs->skb->sk;
-+
-+ ixs->sport = ntohs(us->inet.sport);
-+ ixs->dport = ntohs(us->inet.dport);
-+#else
-+ ixs->sport = ntohs(ixs->skb->sk->sport);
-+ ixs->dport = ntohs(ixs->skb->sk->dport);
-+#endif
-+
-+ }
-+
-+ if(t != NULL) {
-+ if(ixs->sport == 0) {
-+ ixs->sport = ntohs(t->source);
-+ }
-+ if(ixs->dport == 0) {
-+ ixs->dport = ntohs(t->dest);
-+ }
-+ }
-+ }
-+
-+ /*
-+ * practically identical to above, but let's be careful about
-+ * tcp vs udp headers
-+ */
-+ if(ixs->iph->protocol == IPPROTO_TCP) {
-+ struct tcphdr *t = NULL;
-+
-+ if((ntohs(ixs->iph->frag_off) & IP_OFFSET) == 0 &&
-+ ((ixs->skb->len - ixs->hard_header_len) >=
-+ ((ixs->iph->ihl << 2) + sizeof(struct tcphdr)))) {
-+ t =((struct tcphdr*)((caddr_t)ixs->iph+(ixs->iph->ihl<<2)));
-+ }
-+
-+ ixs->sport=0; ixs->dport=0;
-+
-+ if(ixs->skb->sk) {
-+#ifdef NET_26
-+#ifdef HAVE_INET_SK_SPORT
-+ ixs->sport = ntohs(inet_sk(ixs->skb->sk)->sport);
-+ ixs->dport = ntohs(inet_sk(ixs->skb->sk)->dport);
-+#else
-+ struct tcp_tw_bucket *tw;
-+
-+ tw = (struct tcp_tw_bucket *)ixs->skb->sk;
-+
-+ ixs->sport = ntohs(tw->tw_sport);
-+ ixs->dport = ntohs(tw->tw_dport);
-+#endif
-+#else
-+ ixs->sport = ntohs(ixs->skb->sk->sport);
-+ ixs->dport = ntohs(ixs->skb->sk->dport);
-+#endif
-+ }
-+
-+ if(t != NULL) {
-+ if(ixs->sport == 0) {
-+ ixs->sport = ntohs(t->source);
-+ }
-+ if(ixs->dport == 0) {
-+ ixs->dport = ntohs(t->dest);
-+ }
-+ }
-+ }
-+
-+ /* default to a %drop eroute */
-+ ixs->outgoing_said.proto = IPPROTO_INT;
-+ ixs->outgoing_said.spi = htonl(SPI_DROP);
-+ ixs->outgoing_said.dst.u.v4.sin_addr.s_addr = INADDR_ANY;
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_SAlookup: "
-+ "checking for local udp/500 IKE packet "
-+ "saddr=%x, er=0p%p, daddr=%x, er_dst=%x, proto=%d sport=%d dport=%d\n",
-+ ntohl((unsigned int)ixs->iph->saddr),
-+ ixs->eroute,
-+ ntohl((unsigned int)ixs->iph->daddr),
-+ ixs->eroute ? ntohl((unsigned int)ixs->eroute->er_said.dst.u.v4.sin_addr.s_addr) : 0,
-+ ixs->iph->protocol,
-+ ixs->sport,
-+ ixs->dport);
-+
-+ /*
-+ * cheat for now...are we udp/500? If so, let it through
-+ * without interference since it is most likely an IKE packet.
-+ */
-+
-+ if (ip_chk_addr((unsigned long)ixs->iph->saddr) == IS_MYADDR
-+ && (ixs->eroute==NULL
-+ || ixs->iph->daddr == ixs->eroute->er_said.dst.u.v4.sin_addr.s_addr
-+ || INADDR_ANY == ixs->eroute->er_said.dst.u.v4.sin_addr.s_addr)
-+ && (ixs->iph->protocol == IPPROTO_UDP &&
-+ (ixs->sport == 500 || ixs->sport == 4500))) {
-+ /* Whatever the eroute, this is an IKE message
-+ * from us (i.e. not being forwarded).
-+ * Furthermore, if there is a tunnel eroute,
-+ * the destination is the peer for this eroute.
-+ * So %pass the packet: modify the default %drop.
-+ */
-+
-+ ixs->outgoing_said.spi = htonl(SPI_PASS);
-+ if(!(ixs->skb->sk) && ((ntohs(ixs->iph->frag_off) & IP_MF) != 0)) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_SAlookup: "
-+ "local UDP/500 (probably IKE) passthrough: base fragment, rest of fragments will probably get filtered.\n");
-+ }
-+ bypass = TRUE;
-+ }
-+
-+#ifdef KLIPS_EXCEPT_DNS53
-+ /*
-+ *
-+ * if we are udp/53 or tcp/53, also let it through a %trap or %hold,
-+ * since it is DNS, but *also* follow the %trap.
-+ *
-+ * we do not do this for tunnels, only %trap's and %hold's.
-+ *
-+ */
-+
-+ if (ip_chk_addr((unsigned long)ixs->iph->saddr) == IS_MYADDR
-+ && (ixs->eroute==NULL
-+ || ixs->iph->daddr == ixs->eroute->er_said.dst.u.v4.sin_addr.s_addr
-+ || INADDR_ANY == ixs->eroute->er_said.dst.u.v4.sin_addr.s_addr)
-+ && ((ixs->iph->protocol == IPPROTO_UDP
-+ || ixs->iph->protocol == IPPROTO_TCP)
-+ && ixs->dport == 53)) {
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_SAlookup: "
-+ "possible DNS packet\n");
-+
-+ if(ixs->eroute)
-+ {
-+ if(ixs->eroute->er_said.spi == htonl(SPI_TRAP)
-+ || ixs->eroute->er_said.spi == htonl(SPI_HOLD))
-+ {
-+ ixs->outgoing_said.spi = htonl(SPI_PASSTRAP);
-+ bypass = TRUE;
-+ }
-+ }
-+ else
-+ {
-+ ixs->outgoing_said.spi = htonl(SPI_PASSTRAP);
-+ bypass = TRUE;
-+ }
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_SAlookup: "
-+ "bypass = %d\n", bypass);
-+
-+ if(bypass
-+ && !(ixs->skb->sk)
-+ && ((ntohs(ixs->iph->frag_off) & IP_MF) != 0))
-+ {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_SAlookup: "
-+ "local port 53 (probably DNS) passthrough:"
-+ "base fragment, rest of fragments will "
-+ "probably get filtered.\n");
-+ }
-+ }
-+#endif
-+
-+ if (bypass==FALSE && ixs->eroute) {
-+ ixs->eroute->er_count++;
-+ ixs->eroute->er_lasttime = jiffies/HZ;
-+ if(ixs->eroute->er_said.proto==IPPROTO_INT
-+ && ixs->eroute->er_said.spi==htonl(SPI_HOLD))
-+ {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_SAlookup: "
-+ "shunt SA of HOLD: skb stored in HOLD.\n");
-+ if(ixs->eroute->er_last != NULL) {
-+ kfree_skb(ixs->eroute->er_last);
-+ }
-+ ixs->eroute->er_last = ixs->skb;
-+ ixs->skb = NULL;
-+ ixs->stats->tx_dropped++;
-+ spin_unlock(&eroute_lock);
-+ return IPSEC_XMIT_STOLEN;
-+ }
-+ ixs->outgoing_said = ixs->eroute->er_said;
-+ ixs->eroute_pid = ixs->eroute->er_pid;
-+
-+ /* Copy of the ident for the TRAP/TRAPSUBNET eroutes */
-+ if(ixs->outgoing_said.proto==IPPROTO_INT
-+ && (ixs->outgoing_said.spi==htonl(SPI_TRAP)
-+ || (ixs->outgoing_said.spi==htonl(SPI_TRAPSUBNET)))) {
-+ int len;
-+
-+ ixs->ips.ips_ident_s.type = ixs->eroute->er_ident_s.type;
-+ ixs->ips.ips_ident_s.id = ixs->eroute->er_ident_s.id;
-+ ixs->ips.ips_ident_s.len = ixs->eroute->er_ident_s.len;
-+ if (ixs->ips.ips_ident_s.len)
-+ {
-+ len = ixs->ips.ips_ident_s.len * IPSEC_PFKEYv2_ALIGN - sizeof(struct sadb_ident);
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_SAlookup: "
-+ "allocating %d bytes for ident_s shunt SA of HOLD: skb stored in HOLD.\n",
-+ len);
-+ if ((ixs->ips.ips_ident_s.data = kmalloc(len, GFP_ATOMIC)) == NULL) {
-+ printk(KERN_WARNING "klips_debug:ipsec_xmit_SAlookup: "
-+ "Failed, tried to allocate %d bytes for source ident.\n",
-+ len);
-+ ixs->stats->tx_dropped++;
-+ spin_unlock(&eroute_lock);
-+ return IPSEC_XMIT_ERRMEMALLOC;
-+ }
-+ memcpy(ixs->ips.ips_ident_s.data, ixs->eroute->er_ident_s.data, len);
-+ }
-+ ixs->ips.ips_ident_d.type = ixs->eroute->er_ident_d.type;
-+ ixs->ips.ips_ident_d.id = ixs->eroute->er_ident_d.id;
-+ ixs->ips.ips_ident_d.len = ixs->eroute->er_ident_d.len;
-+ if (ixs->ips.ips_ident_d.len)
-+ {
-+ len = ixs->ips.ips_ident_d.len * IPSEC_PFKEYv2_ALIGN - sizeof(struct sadb_ident);
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_SAlookup: "
-+ "allocating %d bytes for ident_d shunt SA of HOLD: skb stored in HOLD.\n",
-+ len);
-+ if ((ixs->ips.ips_ident_d.data = kmalloc(len, GFP_ATOMIC)) == NULL) {
-+ printk(KERN_WARNING "klips_debug:ipsec_xmit_SAlookup: "
-+ "Failed, tried to allocate %d bytes for dest ident.\n",
-+ len);
-+ ixs->stats->tx_dropped++;
-+ spin_unlock(&eroute_lock);
-+ return IPSEC_XMIT_ERRMEMALLOC;
-+ }
-+ memcpy(ixs->ips.ips_ident_d.data, ixs->eroute->er_ident_d.data, len);
-+ }
-+ }
-+ }
-+
-+ spin_unlock(&eroute_lock);
-+ return IPSEC_XMIT_OK;
-+}
-+
-+
-+enum ipsec_xmit_value
-+ipsec_tunnel_restore_hard_header(struct ipsec_xmit_state*ixs)
-+{
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_restore_hard_header: "
-+ "After recursive xforms -- head,tailroom: %d,%d\n",
-+ skb_headroom(ixs->skb),
-+ skb_tailroom(ixs->skb));
-+
-+ if(ixs->saved_header) {
-+ if(skb_headroom(ixs->skb) < ixs->hard_header_len) {
-+ printk(KERN_WARNING
-+ "klips_error:ipsec_xmit_restore_hard_header: "
-+ "tried to skb_push hhlen=%d, %d available. This should never happen, please report.\n",
-+ ixs->hard_header_len,
-+ skb_headroom(ixs->skb));
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_PUSHPULLERR;
-+
-+ }
-+ skb_push(ixs->skb, ixs->hard_header_len);
-+ {
-+ int i;
-+ for (i = 0; i < ixs->hard_header_len; i++) {
-+ ixs->skb->data[i] = ixs->saved_header[i];
-+ }
-+ }
-+ }
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ if (ixs->natt_type && ixs->natt_head) {
-+ struct iphdr *ipp = ixs->skb->nh.iph;
-+ struct udphdr *udp;
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_tunnel_start_xmit: "
-+ "encapsuling packet into UDP (NAT-Traversal) (%d %d)\n",
-+ ixs->natt_type, ixs->natt_head);
-+
-+ ixs->iphlen = ipp->ihl << 2;
-+ ipp->tot_len =
-+ htons(ntohs(ipp->tot_len) + ixs->natt_head);
-+ if(skb_tailroom(ixs->skb) < ixs->natt_head) {
-+ printk(KERN_WARNING "klips_error:ipsec_tunnel_start_xmit: "
-+ "tried to skb_put %d, %d available. "
-+ "This should never happen, please report.\n",
-+ ixs->natt_head,
-+ skb_tailroom(ixs->skb));
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_ESPUDP;
-+ }
-+ skb_put(ixs->skb, ixs->natt_head);
-+
-+ udp = (struct udphdr *)((char *)ipp + ixs->iphlen);
-+
-+ /* move ESP hdr after UDP hdr */
-+ memmove((void *)((char *)udp + ixs->natt_head),
-+ (void *)(udp),
-+ ntohs(ipp->tot_len) - ixs->iphlen - ixs->natt_head);
-+
-+ /* clear UDP & Non-IKE Markers (if any) */
-+ memset(udp, 0, ixs->natt_head);
-+
-+ /* fill UDP with usefull informations ;-) */
-+ udp->source = htons(ixs->natt_sport);
-+ udp->dest = htons(ixs->natt_dport);
-+ udp->len = htons(ntohs(ipp->tot_len) - ixs->iphlen);
-+
-+ /* set protocol */
-+ ipp->protocol = IPPROTO_UDP;
-+
-+ /* fix IP checksum */
-+ ipp->check = 0;
-+ ipp->check = ip_fast_csum((unsigned char *)ipp, ipp->ihl);
-+ }
-+#endif
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_restore_hard_header: "
-+ "With hard_header, final head,tailroom: %d,%d\n",
-+ skb_headroom(ixs->skb),
-+ skb_tailroom(ixs->skb));
-+
-+ return IPSEC_XMIT_OK;
-+}
-+
-+enum ipsec_xmit_value
-+ipsec_tunnel_send(struct ipsec_xmit_state*ixs)
-+{
-+#ifdef NETDEV_25
-+ struct flowi fl;
-+#endif
-+
-+#ifdef NET_21 /* 2.2 and 2.4 kernels */
-+ /* new route/dst cache code from James Morris */
-+ ixs->skb->dev = ixs->physdev;
-+#ifdef NETDEV_25
-+ memset (&fl, 0x0, sizeof (struct flowi));
-+ fl.oif = ixs->physdev->iflink;
-+ fl.nl_u.ip4_u.daddr = ixs->skb->nh.iph->daddr;
-+ fl.nl_u.ip4_u.saddr = ixs->pass ? 0 : ixs->skb->nh.iph->saddr;
-+ fl.nl_u.ip4_u.tos = RT_TOS(ixs->skb->nh.iph->tos);
-+ fl.proto = ixs->skb->nh.iph->protocol;
-+ if ((ixs->error = ip_route_output_key(&ixs->route, &fl))) {
-+#else
-+ /*skb_orphan(ixs->skb);*/
-+ if((ixs->error = ip_route_output(&ixs->route,
-+ ixs->skb->nh.iph->daddr,
-+ ixs->pass ? 0 : ixs->skb->nh.iph->saddr,
-+ RT_TOS(ixs->skb->nh.iph->tos),
-+ /* mcr->rgb: should this be 0 instead? */
-+ ixs->physdev->iflink))) {
-+#endif
-+ ixs->stats->tx_errors++;
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_send: "
-+ "ip_route_output failed with error code %d, rt->u.dst.dev=%s, dropped\n",
-+ ixs->error,
-+ ixs->route->u.dst.dev->name);
-+ return IPSEC_XMIT_ROUTEERR;
-+ }
-+ if(ixs->dev == ixs->route->u.dst.dev) {
-+ ip_rt_put(ixs->route);
-+ /* This is recursion, drop it. */
-+ ixs->stats->tx_errors++;
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_send: "
-+ "suspect recursion, dev=rt->u.dst.dev=%s, dropped\n",
-+ ixs->dev->name);
-+ return IPSEC_XMIT_RECURSDETECT;
-+ }
-+ dst_release(ixs->skb->dst);
-+ ixs->skb->dst = &ixs->route->u.dst;
-+ ixs->stats->tx_bytes += ixs->skb->len;
-+ if(ixs->skb->len < ixs->skb->nh.raw - ixs->skb->data) {
-+ ixs->stats->tx_errors++;
-+ printk(KERN_WARNING
-+ "klips_error:ipsec_xmit_send: "
-+ "tried to __skb_pull nh-data=%ld, %d available. This should never happen, please report.\n",
-+ (unsigned long)(ixs->skb->nh.raw - ixs->skb->data),
-+ ixs->skb->len);
-+ return IPSEC_XMIT_PUSHPULLERR;
-+ }
-+ __skb_pull(ixs->skb, ixs->skb->nh.raw - ixs->skb->data);
-+#ifdef SKB_RESET_NFCT
-+ if(!ixs->pass) {
-+ nf_conntrack_put(ixs->skb->nfct);
-+ ixs->skb->nfct = NULL;
-+ }
-+#if defined(CONFIG_NETFILTER_DEBUG) && defined(HAVE_SKB_NF_DEBUG)
-+ ixs->skb->nf_debug = 0;
-+#endif /* CONFIG_NETFILTER_DEBUG */
-+#endif /* SKB_RESET_NFCT */
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_send: "
-+ "...done, calling ip_send() on device:%s\n",
-+ ixs->skb->dev ? ixs->skb->dev->name : "NULL");
-+ KLIPS_IP_PRINT(debug_tunnel & DB_TN_XMIT, ixs->skb->nh.iph);
-+#ifdef NETDEV_23 /* 2.4 kernels */
-+ {
-+ int err;
-+
-+ err = NF_HOOK(PF_INET, NF_IP_LOCAL_OUT, ixs->skb, NULL, ixs->route->u.dst.dev,
-+ ipsec_tunnel_xmit2);
-+ if(err != NET_XMIT_SUCCESS && err != NET_XMIT_CN) {
-+ if(net_ratelimit())
-+ printk(KERN_ERR
-+ "klips_error:ipsec_xmit_send: "
-+ "ip_send() failed, err=%d\n",
-+ -err);
-+ ixs->stats->tx_errors++;
-+ ixs->stats->tx_aborted_errors++;
-+ ixs->skb = NULL;
-+ return IPSEC_XMIT_IPSENDFAILURE;
-+ }
-+ }
-+#else /* NETDEV_23 */ /* 2.2 kernels */
-+ ip_send(ixs->skb);
-+#endif /* NETDEV_23 */
-+#else /* NET_21 */ /* 2.0 kernels */
-+ ixs->skb->arp = 1;
-+ /* ISDN/ASYNC PPP from Matjaz Godec. */
-+ /* skb->protocol = htons(ETH_P_IP); */
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_send: "
-+ "...done, calling dev_queue_xmit() or ip_fragment().\n");
-+ IP_SEND(ixs->skb, ixs->physdev);
-+#endif /* NET_21 */
-+ ixs->stats->tx_packets++;
-+
-+ ixs->skb = NULL;
-+
-+ return IPSEC_XMIT_OK;
-+}
-+
-+void
-+ipsec_tunnel_cleanup(struct ipsec_xmit_state*ixs)
-+{
-+#if defined(HAS_NETIF_QUEUE) || defined (HAVE_NETIF_QUEUE)
-+ netif_wake_queue(ixs->dev);
-+#else /* defined(HAS_NETIF_QUEUE) || defined (HAVE_NETIF_QUEUE) */
-+ ixs->dev->tbusy = 0;
-+#endif /* defined(HAS_NETIF_QUEUE) || defined (HAVE_NETIF_QUEUE) */
-+ if(ixs->saved_header) {
-+ kfree(ixs->saved_header);
-+ }
-+ if(ixs->skb) {
-+ dev_kfree_skb(ixs->skb, FREE_WRITE);
-+ }
-+ if(ixs->oskb) {
-+ dev_kfree_skb(ixs->oskb, FREE_WRITE);
-+ }
-+ if (ixs->ips.ips_ident_s.data) {
-+ kfree(ixs->ips.ips_ident_s.data);
-+ }
-+ if (ixs->ips.ips_ident_d.data) {
-+ kfree(ixs->ips.ips_ident_d.data);
-+ }
-+}
-+
-+/*
-+ * This function assumes it is being called from dev_queue_xmit()
-+ * and that skb is filled properly by that function.
-+ */
-+int
-+ipsec_tunnel_start_xmit(struct sk_buff *skb, struct net_device *dev)
-+{
-+ struct ipsec_xmit_state ixs_mem;
-+ struct ipsec_xmit_state *ixs = &ixs_mem;
-+ enum ipsec_xmit_value stat;
-+
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ ixs->natt_type = 0, ixs->natt_head = 0;
-+ ixs->natt_sport = 0, ixs->natt_dport = 0;
-+#endif
-+
-+ memset((caddr_t)ixs, 0, sizeof(*ixs));
-+ ixs->oskb = NULL;
-+ ixs->saved_header = NULL; /* saved copy of the hard header */
-+ ixs->route = NULL;
-+ memset((caddr_t)&(ixs->ips), 0, sizeof(ixs->ips));
-+ ixs->dev = dev;
-+ ixs->skb = skb;
-+
-+ stat = ipsec_xmit_sanity_check_dev(ixs);
-+ if(stat != IPSEC_XMIT_OK) {
-+ goto cleanup;
-+ }
-+
-+ stat = ipsec_xmit_sanity_check_skb(ixs);
-+ if(stat != IPSEC_XMIT_OK) {
-+ goto cleanup;
-+ }
-+
-+ stat = ipsec_tunnel_strip_hard_header(ixs);
-+ if(stat != IPSEC_XMIT_OK) {
-+ goto cleanup;
-+ }
-+
-+ stat = ipsec_tunnel_SAlookup(ixs);
-+ if(stat != IPSEC_XMIT_OK) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_tunnel_start_xmit: SAlookup failed: %d\n",
-+ stat);
-+ goto cleanup;
-+ }
-+
-+ ixs->innersrc = ixs->iph->saddr;
-+ /* start encapsulation loop here XXX */
-+ do {
-+ stat = ipsec_xmit_encap_bundle(ixs);
-+ if(stat != IPSEC_XMIT_OK) {
-+ if(stat == IPSEC_XMIT_PASS) {
-+ goto bypass;
-+ }
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_tunnel_start_xmit: encap_bundle failed: %d\n",
-+ stat);
-+ goto cleanup;
-+ }
-+
-+ ixs->matcher.sen_ip_src.s_addr = ixs->iph->saddr;
-+ ixs->matcher.sen_ip_dst.s_addr = ixs->iph->daddr;
-+ ixs->matcher.sen_proto = ixs->iph->protocol;
-+ ipsec_extract_ports(ixs->iph, &ixs->matcher);
-+
-+ spin_lock(&eroute_lock);
-+ ixs->eroute = ipsec_findroute(&ixs->matcher);
-+ if(ixs->eroute) {
-+ ixs->outgoing_said = ixs->eroute->er_said;
-+ ixs->eroute_pid = ixs->eroute->er_pid;
-+ ixs->eroute->er_count++;
-+ ixs->eroute->er_lasttime = jiffies/HZ;
-+ }
-+ spin_unlock(&eroute_lock);
-+
-+ KLIPS_PRINT((debug_tunnel & DB_TN_XMIT) &&
-+ /* ((ixs->orgdst != ixs->newdst) || (ixs->orgsrc != ixs->newsrc)) */
-+ (ixs->orgedst != ixs->outgoing_said.dst.u.v4.sin_addr.s_addr) &&
-+ ixs->outgoing_said.dst.u.v4.sin_addr.s_addr &&
-+ ixs->eroute,
-+ "klips_debug:ipsec_tunnel_start_xmit: "
-+ "We are recursing here.\n");
-+
-+ } while(/*((ixs->orgdst != ixs->newdst) || (ixs->orgsrc != ixs->newsrc))*/
-+ (ixs->orgedst != ixs->outgoing_said.dst.u.v4.sin_addr.s_addr) &&
-+ ixs->outgoing_said.dst.u.v4.sin_addr.s_addr &&
-+ ixs->eroute);
-+
-+ stat = ipsec_tunnel_restore_hard_header(ixs);
-+ if(stat != IPSEC_XMIT_OK) {
-+ goto cleanup;
-+ }
-+
-+ bypass:
-+ stat = ipsec_tunnel_send(ixs);
-+
-+ cleanup:
-+ ipsec_tunnel_cleanup(ixs);
-+
-+ return 0;
-+}
-+
-+DEBUG_NO_STATIC struct net_device_stats *
-+ipsec_tunnel_get_stats(struct net_device *dev)
-+{
-+ return &(((struct ipsecpriv *)(dev->priv))->mystats);
-+}
-+
-+/*
-+ * Revectored calls.
-+ * For each of these calls, a field exists in our private structure.
-+ */
-+
-+DEBUG_NO_STATIC int
-+ipsec_tunnel_hard_header(struct sk_buff *skb, struct net_device *dev,
-+ unsigned short type, void *daddr, void *saddr, unsigned len)
-+{
-+ struct ipsecpriv *prv = dev->priv;
-+ struct net_device *tmp;
-+ int ret;
-+ struct net_device_stats *stats; /* This device's statistics */
-+
-+ if(skb == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_hard_header: "
-+ "no skb...\n");
-+ return -ENODATA;
-+ }
-+
-+ if(dev == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_hard_header: "
-+ "no device...\n");
-+ return -ENODEV;
-+ }
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_hard_header: "
-+ "skb->dev=%s dev=%s.\n",
-+ skb->dev ? skb->dev->name : "NULL",
-+ dev->name);
-+
-+ if(prv == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_hard_header: "
-+ "no private space associated with dev=%s\n",
-+ dev->name ? dev->name : "NULL");
-+ return -ENODEV;
-+ }
-+
-+ stats = (struct net_device_stats *) &(prv->mystats);
-+
-+ if(prv->dev == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_hard_header: "
-+ "no physical device associated with dev=%s\n",
-+ dev->name ? dev->name : "NULL");
-+ stats->tx_dropped++;
-+ return -ENODEV;
-+ }
-+
-+ /* check if we have to send a IPv6 packet. It might be a Router
-+ Solicitation, where the building of the packet happens in
-+ reverse order:
-+ 1. ll hdr,
-+ 2. IPv6 hdr,
-+ 3. ICMPv6 hdr
-+ -> skb->nh.raw is still uninitialized when this function is
-+ called!! If this is no IPv6 packet, we can print debugging
-+ messages, otherwise we skip all debugging messages and just
-+ build the ll header */
-+ if(type != ETH_P_IPV6) {
-+ /* execute this only, if we don't have to build the
-+ header for a IPv6 packet */
-+ if(!prv->hard_header) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_hard_header: "
-+ "physical device has been detached, packet dropped 0p%p->0p%p len=%d type=%d dev=%s->NULL ",
-+ saddr,
-+ daddr,
-+ len,
-+ type,
-+ dev->name);
-+#ifdef NET_21
-+ KLIPS_PRINTMORE(debug_tunnel & DB_TN_REVEC,
-+ "ip=%08x->%08x\n",
-+ (__u32)ntohl(skb->nh.iph->saddr),
-+ (__u32)ntohl(skb->nh.iph->daddr) );
-+#else /* NET_21 */
-+ KLIPS_PRINTMORE(debug_tunnel & DB_TN_REVEC,
-+ "ip=%08x->%08x\n",
-+ (__u32)ntohl(skb->ip_hdr->saddr),
-+ (__u32)ntohl(skb->ip_hdr->daddr) );
-+#endif /* NET_21 */
-+ stats->tx_dropped++;
-+ return -ENODEV;
-+ }
-+
-+#define da ((struct net_device *)(prv->dev))->dev_addr
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_hard_header: "
-+ "Revectored 0p%p->0p%p len=%d type=%d dev=%s->%s dev_addr=%02x:%02x:%02x:%02x:%02x:%02x ",
-+ saddr,
-+ daddr,
-+ len,
-+ type,
-+ dev->name,
-+ prv->dev->name,
-+ da[0], da[1], da[2], da[3], da[4], da[5]);
-+#ifdef NET_21
-+ KLIPS_PRINTMORE(debug_tunnel & DB_TN_REVEC,
-+ "ip=%08x->%08x\n",
-+ (__u32)ntohl(skb->nh.iph->saddr),
-+ (__u32)ntohl(skb->nh.iph->daddr) );
-+#else /* NET_21 */
-+ KLIPS_PRINTMORE(debug_tunnel & DB_TN_REVEC,
-+ "ip=%08x->%08x\n",
-+ (__u32)ntohl(skb->ip_hdr->saddr),
-+ (__u32)ntohl(skb->ip_hdr->daddr) );
-+#endif /* NET_21 */
-+ } else {
-+ KLIPS_PRINT(debug_tunnel,
-+ "klips_debug:ipsec_tunnel_hard_header: "
-+ "is IPv6 packet, skip debugging messages, only revector and build linklocal header.\n");
-+ }
-+ tmp = skb->dev;
-+ skb->dev = prv->dev;
-+ ret = prv->hard_header(skb, prv->dev, type, (void *)daddr, (void *)saddr, len);
-+ skb->dev = tmp;
-+ return ret;
-+}
-+
-+DEBUG_NO_STATIC int
-+#ifdef NET_21
-+ipsec_tunnel_rebuild_header(struct sk_buff *skb)
-+#else /* NET_21 */
-+ipsec_tunnel_rebuild_header(void *buff, struct net_device *dev,
-+ unsigned long raddr, struct sk_buff *skb)
-+#endif /* NET_21 */
-+{
-+ struct ipsecpriv *prv = skb->dev->priv;
-+ struct net_device *tmp;
-+ int ret;
-+ struct net_device_stats *stats; /* This device's statistics */
-+
-+ if(skb->dev == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_rebuild_header: "
-+ "no device...");
-+ return -ENODEV;
-+ }
-+
-+ if(prv == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_rebuild_header: "
-+ "no private space associated with dev=%s",
-+ skb->dev->name ? skb->dev->name : "NULL");
-+ return -ENODEV;
-+ }
-+
-+ stats = (struct net_device_stats *) &(prv->mystats);
-+
-+ if(prv->dev == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_rebuild_header: "
-+ "no physical device associated with dev=%s",
-+ skb->dev->name ? skb->dev->name : "NULL");
-+ stats->tx_dropped++;
-+ return -ENODEV;
-+ }
-+
-+ if(!prv->rebuild_header) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_rebuild_header: "
-+ "physical device has been detached, packet dropped skb->dev=%s->NULL ",
-+ skb->dev->name);
-+#ifdef NET_21
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "ip=%08x->%08x\n",
-+ (__u32)ntohl(skb->nh.iph->saddr),
-+ (__u32)ntohl(skb->nh.iph->daddr) );
-+#else /* NET_21 */
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "ip=%08x->%08x\n",
-+ (__u32)ntohl(skb->ip_hdr->saddr),
-+ (__u32)ntohl(skb->ip_hdr->daddr) );
-+#endif /* NET_21 */
-+ stats->tx_dropped++;
-+ return -ENODEV;
-+ }
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel: "
-+ "Revectored rebuild_header dev=%s->%s ",
-+ skb->dev->name, prv->dev->name);
-+#ifdef NET_21
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "ip=%08x->%08x\n",
-+ (__u32)ntohl(skb->nh.iph->saddr),
-+ (__u32)ntohl(skb->nh.iph->daddr) );
-+#else /* NET_21 */
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "ip=%08x->%08x\n",
-+ (__u32)ntohl(skb->ip_hdr->saddr),
-+ (__u32)ntohl(skb->ip_hdr->daddr) );
-+#endif /* NET_21 */
-+ tmp = skb->dev;
-+ skb->dev = prv->dev;
-+
-+#ifdef NET_21
-+ ret = prv->rebuild_header(skb);
-+#else /* NET_21 */
-+ ret = prv->rebuild_header(buff, prv->dev, raddr, skb);
-+#endif /* NET_21 */
-+ skb->dev = tmp;
-+ return ret;
-+}
-+
-+DEBUG_NO_STATIC int
-+ipsec_tunnel_set_mac_address(struct net_device *dev, void *addr)
-+{
-+ struct ipsecpriv *prv = dev->priv;
-+
-+ struct net_device_stats *stats; /* This device's statistics */
-+
-+ if(dev == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_set_mac_address: "
-+ "no device...");
-+ return -ENODEV;
-+ }
-+
-+ if(prv == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_set_mac_address: "
-+ "no private space associated with dev=%s",
-+ dev->name ? dev->name : "NULL");
-+ return -ENODEV;
-+ }
-+
-+ stats = (struct net_device_stats *) &(prv->mystats);
-+
-+ if(prv->dev == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_set_mac_address: "
-+ "no physical device associated with dev=%s",
-+ dev->name ? dev->name : "NULL");
-+ stats->tx_dropped++;
-+ return -ENODEV;
-+ }
-+
-+ if(!prv->set_mac_address) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_set_mac_address: "
-+ "physical device has been detached, cannot set - skb->dev=%s->NULL\n",
-+ dev->name);
-+ return -ENODEV;
-+ }
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_set_mac_address: "
-+ "Revectored dev=%s->%s addr=0p%p\n",
-+ dev->name, prv->dev->name, addr);
-+ return prv->set_mac_address(prv->dev, addr);
-+
-+}
-+
-+#ifndef NET_21
-+DEBUG_NO_STATIC void
-+ipsec_tunnel_cache_bind(struct hh_cache **hhp, struct net_device *dev,
-+ unsigned short htype, __u32 daddr)
-+{
-+ struct ipsecpriv *prv = dev->priv;
-+
-+ struct net_device_stats *stats; /* This device's statistics */
-+
-+ if(dev == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_cache_bind: "
-+ "no device...");
-+ return;
-+ }
-+
-+ if(prv == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_cache_bind: "
-+ "no private space associated with dev=%s",
-+ dev->name ? dev->name : "NULL");
-+ return;
-+ }
-+
-+ stats = (struct net_device_stats *) &(prv->mystats);
-+
-+ if(prv->dev == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_cache_bind: "
-+ "no physical device associated with dev=%s",
-+ dev->name ? dev->name : "NULL");
-+ stats->tx_dropped++;
-+ return;
-+ }
-+
-+ if(!prv->header_cache_bind) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_cache_bind: "
-+ "physical device has been detached, cannot set - skb->dev=%s->NULL\n",
-+ dev->name);
-+ stats->tx_dropped++;
-+ return;
-+ }
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_cache_bind: "
-+ "Revectored \n");
-+ prv->header_cache_bind(hhp, prv->dev, htype, daddr);
-+ return;
-+}
-+#endif /* !NET_21 */
-+
-+
-+DEBUG_NO_STATIC void
-+ipsec_tunnel_cache_update(struct hh_cache *hh, struct net_device *dev, unsigned char * haddr)
-+{
-+ struct ipsecpriv *prv = dev->priv;
-+
-+ struct net_device_stats *stats; /* This device's statistics */
-+
-+ if(dev == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_cache_update: "
-+ "no device...");
-+ return;
-+ }
-+
-+ if(prv == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_cache_update: "
-+ "no private space associated with dev=%s",
-+ dev->name ? dev->name : "NULL");
-+ return;
-+ }
-+
-+ stats = (struct net_device_stats *) &(prv->mystats);
-+
-+ if(prv->dev == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_cache_update: "
-+ "no physical device associated with dev=%s",
-+ dev->name ? dev->name : "NULL");
-+ stats->tx_dropped++;
-+ return;
-+ }
-+
-+ if(!prv->header_cache_update) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_cache_update: "
-+ "physical device has been detached, cannot set - skb->dev=%s->NULL\n",
-+ dev->name);
-+ return;
-+ }
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel: "
-+ "Revectored cache_update\n");
-+ prv->header_cache_update(hh, prv->dev, haddr);
-+ return;
-+}
-+
-+#ifdef NET_21
-+DEBUG_NO_STATIC int
-+ipsec_tunnel_neigh_setup(struct neighbour *n)
-+{
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_neigh_setup:\n");
-+
-+ if (n->nud_state == NUD_NONE) {
-+ n->ops = &arp_broken_ops;
-+ n->output = n->ops->output;
-+ }
-+ return 0;
-+}
-+
-+DEBUG_NO_STATIC int
-+ipsec_tunnel_neigh_setup_dev(struct net_device *dev, struct neigh_parms *p)
-+{
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_neigh_setup_dev: "
-+ "setting up %s\n",
-+ dev ? dev->name : "NULL");
-+
-+ if (p->tbl->family == AF_INET) {
-+ p->neigh_setup = ipsec_tunnel_neigh_setup;
-+ p->ucast_probes = 0;
-+ p->mcast_probes = 0;
-+ }
-+ return 0;
-+}
-+#endif /* NET_21 */
-+
-+/*
-+ * We call the attach routine to attach another device.
-+ */
-+
-+DEBUG_NO_STATIC int
-+ipsec_tunnel_attach(struct net_device *dev, struct net_device *physdev)
-+{
-+ int i;
-+ struct ipsecpriv *prv = dev->priv;
-+
-+ if(dev == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_attach: "
-+ "no device...");
-+ return -ENODEV;
-+ }
-+
-+ if(prv == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_attach: "
-+ "no private space associated with dev=%s",
-+ dev->name ? dev->name : "NULL");
-+ return -ENODATA;
-+ }
-+
-+ prv->dev = physdev;
-+ prv->hard_start_xmit = physdev->hard_start_xmit;
-+ prv->get_stats = physdev->get_stats;
-+
-+ if (physdev->hard_header) {
-+ prv->hard_header = physdev->hard_header;
-+ dev->hard_header = ipsec_tunnel_hard_header;
-+ } else
-+ dev->hard_header = NULL;
-+
-+ if (physdev->rebuild_header) {
-+ prv->rebuild_header = physdev->rebuild_header;
-+ dev->rebuild_header = ipsec_tunnel_rebuild_header;
-+ } else
-+ dev->rebuild_header = NULL;
-+
-+ if (physdev->set_mac_address) {
-+ prv->set_mac_address = physdev->set_mac_address;
-+ dev->set_mac_address = ipsec_tunnel_set_mac_address;
-+ } else
-+ dev->set_mac_address = NULL;
-+
-+#ifndef NET_21
-+ if (physdev->header_cache_bind) {
-+ prv->header_cache_bind = physdev->header_cache_bind;
-+ dev->header_cache_bind = ipsec_tunnel_cache_bind;
-+ } else
-+ dev->header_cache_bind = NULL;
-+#endif /* !NET_21 */
-+
-+ if (physdev->header_cache_update) {
-+ prv->header_cache_update = physdev->header_cache_update;
-+ dev->header_cache_update = ipsec_tunnel_cache_update;
-+ } else
-+ dev->header_cache_update = NULL;
-+
-+ dev->hard_header_len = physdev->hard_header_len;
-+
-+#ifdef NET_21
-+/* prv->neigh_setup = physdev->neigh_setup; */
-+ dev->neigh_setup = ipsec_tunnel_neigh_setup_dev;
-+#endif /* NET_21 */
-+ dev->mtu = 16260; /* 0xfff0; */ /* dev->mtu; */
-+ prv->mtu = physdev->mtu;
-+
-+#ifdef PHYSDEV_TYPE
-+ dev->type = physdev->type; /* ARPHRD_TUNNEL; */
-+#endif /* PHYSDEV_TYPE */
-+
-+ dev->addr_len = physdev->addr_len;
-+ for (i=0; i<dev->addr_len; i++) {
-+ dev->dev_addr[i] = physdev->dev_addr[i];
-+ }
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(debug_tunnel & DB_TN_INIT) {
-+ printk(KERN_INFO "klips_debug:ipsec_tunnel_attach: "
-+ "physical device %s being attached has HW address: %2x",
-+ physdev->name, physdev->dev_addr[0]);
-+ for (i=1; i < physdev->addr_len; i++) {
-+ printk(":%02x", physdev->dev_addr[i]);
-+ }
-+ printk("\n");
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ return 0;
-+}
-+
-+/*
-+ * We call the detach routine to detach the ipsec tunnel from another device.
-+ */
-+
-+DEBUG_NO_STATIC int
-+ipsec_tunnel_detach(struct net_device *dev)
-+{
-+ int i;
-+ struct ipsecpriv *prv = dev->priv;
-+
-+ if(dev == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_detach: "
-+ "no device...");
-+ return -ENODEV;
-+ }
-+
-+ if(prv == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_REVEC,
-+ "klips_debug:ipsec_tunnel_detach: "
-+ "no private space associated with dev=%s",
-+ dev->name ? dev->name : "NULL");
-+ return -ENODATA;
-+ }
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_detach: "
-+ "physical device %s being detached from virtual device %s\n",
-+ prv->dev ? prv->dev->name : "NULL",
-+ dev->name);
-+
-+ ipsec_dev_put(prv->dev);
-+ prv->dev = NULL;
-+ prv->hard_start_xmit = NULL;
-+ prv->get_stats = NULL;
-+
-+ prv->hard_header = NULL;
-+#ifdef DETACH_AND_DOWN
-+ dev->hard_header = NULL;
-+#endif /* DETACH_AND_DOWN */
-+
-+ prv->rebuild_header = NULL;
-+#ifdef DETACH_AND_DOWN
-+ dev->rebuild_header = NULL;
-+#endif /* DETACH_AND_DOWN */
-+
-+ prv->set_mac_address = NULL;
-+#ifdef DETACH_AND_DOWN
-+ dev->set_mac_address = NULL;
-+#endif /* DETACH_AND_DOWN */
-+
-+#ifndef NET_21
-+ prv->header_cache_bind = NULL;
-+#ifdef DETACH_AND_DOWN
-+ dev->header_cache_bind = NULL;
-+#endif /* DETACH_AND_DOWN */
-+#endif /* !NET_21 */
-+
-+ prv->header_cache_update = NULL;
-+#ifdef DETACH_AND_DOWN
-+ dev->header_cache_update = NULL;
-+#endif /* DETACH_AND_DOWN */
-+
-+#ifdef NET_21
-+/* prv->neigh_setup = NULL; */
-+#ifdef DETACH_AND_DOWN
-+ dev->neigh_setup = NULL;
-+#endif /* DETACH_AND_DOWN */
-+#endif /* NET_21 */
-+ dev->hard_header_len = 0;
-+#ifdef DETACH_AND_DOWN
-+ dev->mtu = 0;
-+#endif /* DETACH_AND_DOWN */
-+ prv->mtu = 0;
-+ for (i=0; i<MAX_ADDR_LEN; i++) {
-+ dev->dev_addr[i] = 0;
-+ }
-+ dev->addr_len = 0;
-+#ifdef PHYSDEV_TYPE
-+ dev->type = ARPHRD_VOID; /* ARPHRD_TUNNEL; */
-+#endif /* PHYSDEV_TYPE */
-+
-+ return 0;
-+}
-+
-+/*
-+ * We call the clear routine to detach all ipsec tunnels from other devices.
-+ */
-+DEBUG_NO_STATIC int
-+ipsec_tunnel_clear(void)
-+{
-+ int i;
-+ struct net_device *ipsecdev = NULL, *prvdev;
-+ struct ipsecpriv *prv;
-+ int ret;
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_clear: .\n");
-+
-+ for(i = 0; i < IPSEC_NUM_IF; i++) {
-+ ipsecdev = ipsecdevices[i];
-+ if(ipsecdev != NULL) {
-+ if((prv = (struct ipsecpriv *)(ipsecdev->priv))) {
-+ prvdev = (struct net_device *)(prv->dev);
-+ if(prvdev) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_clear: "
-+ "physical device for device %s is %s\n",
-+ ipsecdev->name, prvdev->name);
-+ if((ret = ipsec_tunnel_detach(ipsecdev))) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_clear: "
-+ "error %d detatching device %s from device %s.\n",
-+ ret, ipsecdev->name, prvdev->name);
-+ return ret;
-+ }
-+ }
-+ }
-+ }
-+ }
-+ return 0;
-+}
-+
-+DEBUG_NO_STATIC int
-+ipsec_tunnel_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
-+{
-+ struct ipsectunnelconf *cf = (struct ipsectunnelconf *)&ifr->ifr_data;
-+ struct ipsecpriv *prv = dev->priv;
-+ struct net_device *them; /* physical device */
-+#ifdef CONFIG_IP_ALIAS
-+ char *colon;
-+ char realphysname[IFNAMSIZ];
-+#endif /* CONFIG_IP_ALIAS */
-+
-+ if(dev == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_ioctl: "
-+ "device not supplied.\n");
-+ return -ENODEV;
-+ }
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_ioctl: "
-+ "tncfg service call #%d for dev=%s\n",
-+ cmd,
-+ dev->name ? dev->name : "NULL");
-+ switch (cmd) {
-+ /* attach a virtual ipsec? device to a physical device */
-+ case IPSEC_SET_DEV:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_ioctl: "
-+ "calling ipsec_tunnel_attatch...\n");
-+#ifdef CONFIG_IP_ALIAS
-+ /* If this is an IP alias interface, get its real physical name */
-+ strncpy(realphysname, cf->cf_name, IFNAMSIZ);
-+ realphysname[IFNAMSIZ-1] = 0;
-+ colon = strchr(realphysname, ':');
-+ if (colon) *colon = 0;
-+ them = ipsec_dev_get(realphysname);
-+#else /* CONFIG_IP_ALIAS */
-+ them = ipsec_dev_get(cf->cf_name);
-+#endif /* CONFIG_IP_ALIAS */
-+
-+ if (them == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_ioctl: "
-+ "physical device %s requested is null\n",
-+ cf->cf_name);
-+ return -ENXIO;
-+ }
-+
-+#if 0
-+ if (them->flags & IFF_UP) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_ioctl: "
-+ "physical device %s requested is not up.\n",
-+ cf->cf_name);
-+ ipsec_dev_put(them);
-+ return -ENXIO;
-+ }
-+#endif
-+
-+ if (prv && prv->dev) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_ioctl: "
-+ "virtual device is already connected to %s.\n",
-+ prv->dev->name ? prv->dev->name : "NULL");
-+ ipsec_dev_put(them);
-+ return -EBUSY;
-+ }
-+ return ipsec_tunnel_attach(dev, them);
-+
-+ case IPSEC_DEL_DEV:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_ioctl: "
-+ "calling ipsec_tunnel_detatch.\n");
-+ if (! prv->dev) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_ioctl: "
-+ "physical device not connected.\n");
-+ return -ENODEV;
-+ }
-+ return ipsec_tunnel_detach(dev);
-+
-+ case IPSEC_CLR_DEV:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_ioctl: "
-+ "calling ipsec_tunnel_clear.\n");
-+ return ipsec_tunnel_clear();
-+
-+ default:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_ioctl: "
-+ "unknown command %d.\n",
-+ cmd);
-+ return -EOPNOTSUPP;
-+ }
-+}
-+
-+struct net_device *ipsec_get_device(int inst)
-+{
-+ struct net_device *ipsec_dev;
-+
-+ ipsec_dev = NULL;
-+
-+ if(inst < IPSEC_NUM_IF) {
-+ ipsec_dev = ipsecdevices[inst];
-+ }
-+
-+ return ipsec_dev;
-+}
-+
-+int
-+ipsec_device_event(struct notifier_block *unused, unsigned long event, void *ptr)
-+{
-+ struct net_device *dev = ptr;
-+ struct net_device *ipsec_dev;
-+ struct ipsecpriv *priv;
-+ int i;
-+
-+ if (dev == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_device_event: "
-+ "dev=NULL for event type %ld.\n",
-+ event);
-+ return(NOTIFY_DONE);
-+ }
-+
-+ /* check for loopback devices */
-+ if (dev && (dev->flags & IFF_LOOPBACK)) {
-+ return(NOTIFY_DONE);
-+ }
-+
-+ switch (event) {
-+ case NETDEV_DOWN:
-+ /* look very carefully at the scope of these compiler
-+ directives before changing anything... -- RGB */
-+#ifdef NET_21
-+ case NETDEV_UNREGISTER:
-+ switch (event) {
-+ case NETDEV_DOWN:
-+#endif /* NET_21 */
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_device_event: "
-+ "NETDEV_DOWN dev=%s flags=%x\n",
-+ dev->name,
-+ dev->flags);
-+ if(strncmp(dev->name, "ipsec", strlen("ipsec")) == 0) {
-+ printk(KERN_CRIT "IPSEC EVENT: KLIPS device %s shut down.\n",
-+ dev->name);
-+ }
-+#ifdef NET_21
-+ break;
-+ case NETDEV_UNREGISTER:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_device_event: "
-+ "NETDEV_UNREGISTER dev=%s flags=%x\n",
-+ dev->name,
-+ dev->flags);
-+ break;
-+ }
-+#endif /* NET_21 */
-+
-+ /* find the attached physical device and detach it. */
-+ for(i = 0; i < IPSEC_NUM_IF; i++) {
-+ ipsec_dev = ipsecdevices[i];
-+
-+ if(ipsec_dev) {
-+ priv = (struct ipsecpriv *)(ipsec_dev->priv);
-+ if(priv) {
-+ ;
-+ if(((struct net_device *)(priv->dev)) == dev) {
-+ /* dev_close(ipsec_dev); */
-+ /* return */ ipsec_tunnel_detach(ipsec_dev);
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_device_event: "
-+ "device '%s' has been detached.\n",
-+ ipsec_dev->name);
-+ break;
-+ }
-+ } else {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_device_event: "
-+ "device '%s' has no private data space!\n",
-+ ipsec_dev->name);
-+ }
-+ }
-+ }
-+ break;
-+ case NETDEV_UP:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_device_event: "
-+ "NETDEV_UP dev=%s\n",
-+ dev->name);
-+ break;
-+#ifdef NET_21
-+ case NETDEV_REBOOT:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_device_event: "
-+ "NETDEV_REBOOT dev=%s\n",
-+ dev->name);
-+ break;
-+ case NETDEV_CHANGE:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_device_event: "
-+ "NETDEV_CHANGE dev=%s flags=%x\n",
-+ dev->name,
-+ dev->flags);
-+ break;
-+ case NETDEV_REGISTER:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_device_event: "
-+ "NETDEV_REGISTER dev=%s\n",
-+ dev->name);
-+ break;
-+ case NETDEV_CHANGEMTU:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_device_event: "
-+ "NETDEV_CHANGEMTU dev=%s to mtu=%d\n",
-+ dev->name,
-+ dev->mtu);
-+ break;
-+ case NETDEV_CHANGEADDR:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_device_event: "
-+ "NETDEV_CHANGEADDR dev=%s\n",
-+ dev->name);
-+ break;
-+ case NETDEV_GOING_DOWN:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_device_event: "
-+ "NETDEV_GOING_DOWN dev=%s\n",
-+ dev->name);
-+ break;
-+ case NETDEV_CHANGENAME:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_device_event: "
-+ "NETDEV_CHANGENAME dev=%s\n",
-+ dev->name);
-+ break;
-+#endif /* NET_21 */
-+ default:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_device_event: "
-+ "event type %ld unrecognised for dev=%s\n",
-+ event,
-+ dev->name);
-+ break;
-+ }
-+ return NOTIFY_DONE;
-+}
-+
-+/*
-+ * Called when an ipsec tunnel device is initialized.
-+ * The ipsec tunnel device structure is passed to us.
-+ */
-+
-+int
-+ipsec_tunnel_init(struct net_device *dev)
-+{
-+ int i;
-+
-+ KLIPS_PRINT(debug_tunnel,
-+ "klips_debug:ipsec_tunnel_init: "
-+ "allocating %lu bytes initialising device: %s\n",
-+ (unsigned long) sizeof(struct ipsecpriv),
-+ dev->name ? dev->name : "NULL");
-+
-+ /* Add our tunnel functions to the device */
-+ dev->open = ipsec_tunnel_open;
-+ dev->stop = ipsec_tunnel_close;
-+ dev->hard_start_xmit = ipsec_tunnel_start_xmit;
-+ dev->get_stats = ipsec_tunnel_get_stats;
-+
-+ dev->priv = kmalloc(sizeof(struct ipsecpriv), GFP_KERNEL);
-+ if (dev->priv == NULL)
-+ return -ENOMEM;
-+ memset((caddr_t)(dev->priv), 0, sizeof(struct ipsecpriv));
-+
-+ for(i = 0; i < sizeof(zeroes); i++) {
-+ ((__u8*)(zeroes))[i] = 0;
-+ }
-+
-+#ifndef NET_21
-+ /* Initialize the tunnel device structure */
-+ for (i = 0; i < DEV_NUMBUFFS; i++)
-+ skb_queue_head_init(&dev->buffs[i]);
-+#endif /* !NET_21 */
-+
-+ dev->set_multicast_list = NULL;
-+ dev->do_ioctl = ipsec_tunnel_ioctl;
-+ dev->hard_header = NULL;
-+ dev->rebuild_header = NULL;
-+ dev->set_mac_address = NULL;
-+#ifndef NET_21
-+ dev->header_cache_bind = NULL;
-+#endif /* !NET_21 */
-+ dev->header_cache_update= NULL;
-+
-+#ifdef NET_21
-+/* prv->neigh_setup = NULL; */
-+ dev->neigh_setup = ipsec_tunnel_neigh_setup_dev;
-+#endif /* NET_21 */
-+ dev->hard_header_len = 0;
-+ dev->mtu = 0;
-+ dev->addr_len = 0;
-+ dev->type = ARPHRD_VOID; /* ARPHRD_TUNNEL; */ /* ARPHRD_ETHER; */
-+ dev->tx_queue_len = 10; /* Small queue */
-+ memset((caddr_t)(dev->broadcast),0xFF, ETH_ALEN); /* what if this is not attached to ethernet? */
-+
-+ /* New-style flags. */
-+ dev->flags = IFF_NOARP /* 0 */ /* Petr Novak */;
-+
-+#if 0
-+#ifdef NET_21
-+ dev_init_buffers(dev);
-+#else /* NET_21 */
-+ dev->family = AF_INET;
-+ dev->pa_addr = 0;
-+ dev->pa_brdaddr = 0;
-+ dev->pa_mask = 0;
-+ dev->pa_alen = 4;
-+#endif /* NET_21 */
-+#endif
-+
-+ /* We're done. Have I forgotten anything? */
-+ return 0;
-+}
-+
-+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
-+/* Module specific interface (but it links with the rest of IPSEC) */
-+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
-+
-+int
-+ipsec_tunnel_probe(struct net_device *dev)
-+{
-+ ipsec_tunnel_init(dev);
-+ return 0;
-+}
-+
-+struct net_device *ipsecdevices[IPSEC_NUM_IF];
-+
-+int
-+ipsec_tunnel_init_devices(void)
-+{
-+ int i;
-+ char name[IFNAMSIZ];
-+ struct net_device *dev_ipsec;
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_init_devices: "
-+ "creating and registering IPSEC_NUM_IF=%u devices, allocating %lu per device, IFNAMSIZ=%u.\n",
-+ IPSEC_NUM_IF,
-+ (unsigned long) (sizeof(struct net_device) + IFNAMSIZ),
-+ IFNAMSIZ);
-+
-+ for(i = 0; i < IPSEC_NUM_IF; i++) {
-+ sprintf(name, IPSEC_DEV_FORMAT, i);
-+ dev_ipsec = (struct net_device*)kmalloc(sizeof(struct net_device), GFP_KERNEL);
-+ if (dev_ipsec == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_init_devices: "
-+ "failed to allocate memory for device %s, quitting device init.\n",
-+ name);
-+ return -ENOMEM;
-+ }
-+ memset((caddr_t)dev_ipsec, 0, sizeof(struct net_device));
-+#ifdef NETDEV_23
-+ strncpy(dev_ipsec->name, name, sizeof(dev_ipsec->name));
-+#else /* NETDEV_23 */
-+ dev_ipsec->name = (char*)kmalloc(IFNAMSIZ, GFP_KERNEL);
-+ if (dev_ipsec->name == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_init_devices: "
-+ "failed to allocate memory for device %s name, quitting device init.\n",
-+ name);
-+ return -ENOMEM;
-+ }
-+ memset((caddr_t)dev_ipsec->name, 0, IFNAMSIZ);
-+ strncpy(dev_ipsec->name, name, IFNAMSIZ);
-+#endif /* NETDEV_23 */
-+ dev_ipsec->next = NULL;
-+ dev_ipsec->init = &ipsec_tunnel_probe;
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_init_devices: "
-+ "registering device %s\n",
-+ dev_ipsec->name);
-+
-+ /* reference and hold the device reference */
-+ dev_hold(dev_ipsec);
-+ ipsecdevices[i]=dev_ipsec;
-+
-+ if (register_netdev(dev_ipsec) != 0) {
-+ KLIPS_PRINT(1 || debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_init_devices: "
-+ "registering device %s failed, quitting device init.\n",
-+ dev_ipsec->name);
-+ return -EIO;
-+ } else {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_INIT,
-+ "klips_debug:ipsec_tunnel_init_devices: "
-+ "registering device %s succeeded, continuing...\n",
-+ dev_ipsec->name);
-+ }
-+ }
-+ return 0;
-+}
-+
-+/* void */
-+int
-+ipsec_tunnel_cleanup_devices(void)
-+{
-+ int error = 0;
-+ int i;
-+ struct net_device *dev_ipsec;
-+
-+ for(i = 0; i < IPSEC_NUM_IF; i++) {
-+ dev_ipsec = ipsecdevices[i];
-+ if(dev_ipsec == NULL) {
-+ continue;
-+ }
-+
-+ /* release reference */
-+ ipsecdevices[i]=NULL;
-+ ipsec_dev_put(dev_ipsec);
-+
-+ KLIPS_PRINT(debug_tunnel, "Unregistering %s (refcnt=%d)\n",
-+ dev_ipsec->name,
-+ atomic_read(&dev_ipsec->refcnt));
-+ unregister_netdev(dev_ipsec);
-+ KLIPS_PRINT(debug_tunnel, "Unregisted %s\n", dev_ipsec->name);
-+#ifndef NETDEV_23
-+ kfree(dev_ipsec->name);
-+ dev_ipsec->name=NULL;
-+#endif /* !NETDEV_23 */
-+ kfree(dev_ipsec->priv);
-+ dev_ipsec->priv=NULL;
-+ }
-+ return error;
-+}
-+
-+/*
-+ * $Log: ipsec_tunnel.c,v $
-+ * Revision 1.232.2.5 2006/10/06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.232.2.4 2006/03/28 20:58:19 ken
-+ * Fix for KLIPS on 2.6.16 - need to include <net/arp.h> now
-+ *
-+ * Revision 1.232.2.3 2006/02/15 05:14:12 paul
-+ * 568: uninitialized struct in ipsec_tunnel.c coud break routing under 2.6 kernels
-+ * ipsec_tunnel_send() calls the entry point function of routing subsystem
-+ * (ip_route_output_key()) using a not fully initialized struct of type
-+ * struct flowi.
-+ * This will cause a failure in routing packets through an ipsec interface
-+ * when patches for multipath routing from http://www.ssi.bg/~ja/
-+ * are applied.
-+ *
-+ * Revision 1.232.2.2 2005/11/22 04:11:52 ken
-+ * Backport fixes for 2.6.14 kernels from HEAD
-+ *
-+ * Revision 1.232.2.1 2005/09/21 22:57:43 paul
-+ * pulled up compile fix for 2.6.13
-+ *
-+ * Revision 1.232 2005/06/04 16:06:06 mcr
-+ * better patch for nat-t rcv-device code.
-+ *
-+ * Revision 1.231 2005/05/21 03:28:51 mcr
-+ * make sure that port-500 hole is used for port-4500 as well.
-+ *
-+ * Revision 1.230 2005/05/11 01:42:04 mcr
-+ * removal of debugging showed useless/wrong variables used.
-+ *
-+ * Revision 1.229 2005/04/29 05:10:22 mcr
-+ * removed from extraenous includes to make unit testing easier.
-+ *
-+ * Revision 1.228 2005/01/26 00:50:35 mcr
-+ * adjustment of confusion of CONFIG_IPSEC_NAT vs CONFIG_KLIPS_NAT,
-+ * and make sure that NAT_TRAVERSAL is set as well to match
-+ * userspace compiles of code.
-+ *
-+ * Revision 1.227 2004/12/10 21:16:08 ken
-+ * 64bit fixes from Opteron port of KLIPS 2.6
-+ *
-+ * Revision 1.226 2004/12/04 07:11:23 mcr
-+ * fix for snmp SIOCPRIVATE use of snmpd.
-+ * http://bugs.xelerance.com/view.php?id=144
-+ *
-+ * Revision 1.225 2004/12/03 21:25:57 mcr
-+ * compile time fixes for running on 2.6.
-+ * still experimental.
-+ *
-+ * Revision 1.224 2004/08/14 03:28:24 mcr
-+ * fixed log comment to remove warning about embedded comment.
-+ *
-+ * Revision 1.223 2004/08/04 15:57:07 mcr
-+ * moved des .h files to include/des/ *
-+ * included 2.6 protocol specific things
-+ * started at NAT-T support, but it will require a kernel patch.
-+ *
-+ * Revision 1.222 2004/08/03 18:19:08 mcr
-+ * in 2.6, use "net_device" instead of #define device->net_device.
-+ * this probably breaks 2.0 compiles.
-+ *
-+ * Revision 1.221 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.220 2004/04/06 02:49:26 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.219 2004/02/03 03:13:17 mcr
-+ * minor edits for readability, and error reporting.
-+ *
-+ * Revision 1.218 2004/01/27 20:29:20 mcr
-+ * fix for unregister_netdev() problem for underlying eth0.
-+ *
-+ * Revision 1.217 2003/12/10 01:14:27 mcr
-+ * NAT-traversal patches to KLIPS.
-+ *
-+ * Revision 1.216 2003/12/04 23:01:17 mcr
-+ * removed ipsec_netlink.h
-+ *
-+ * Revision 1.215 2003/12/04 16:35:16 ken
-+ * Fix for ATM devices where physdev->hard_header_len *is* correct
-+ *
-+ * Revision 1.214 2003/11/25 23:52:37 mcr
-+ * fix typo in patch - ixs-> needed.
-+ *
-+ * Revision 1.213 2003/11/24 18:25:49 mcr
-+ * patch from willy@w.ods.org to fix problems with ATM interfaces.
-+ *
-+ * Revision 1.212 2003/10/31 02:27:55 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.211.2.2 2003/10/29 01:30:41 mcr
-+ * elimited "struct sa_id".
-+ *
-+ * Revision 1.211.2.1 2003/09/21 13:59:56 mcr
-+ * pre-liminary X.509 patch - does not yet pass tests.
-+ *
-+ * Revision 1.211 2003/09/10 16:46:30 mcr
-+ * patches for 2.4 backport/2.6 existence.
-+ *
-+ * Revision 1.210 2003/07/31 22:47:16 mcr
-+ * preliminary (untested by FS-team) 2.5 patches.
-+ *
-+ * Revision 1.209 2003/06/22 21:28:43 mcr
-+ * inability to unload module was caused by calls to dev_get
-+ * (ipsec_dev_get), to gather a device from a name. There is
-+ * simply no reason to look the devices up - they should be kept
-+ * in a nice array, ready for use.
-+ *
-+ * Revision 1.208 2003/06/22 21:25:07 mcr
-+ * all staticly counted ipsecXXX device support removed.
-+ *
-+ * Revision 1.207 2003/04/02 20:15:37 mcr
-+ * fix for PR#204 - do not clear connection tracking info if we
-+ * the packet is being sent in the clear.
-+ *
-+ * Revision 1.206 2003/02/12 19:32:51 rgb
-+ * Refactored file to:
-+ * ipsec_xmit.c
-+ * ipsec_xmit.h
-+ * ipsec_mast.c
-+ *
-+ * Revision 1.205 2003/02/06 17:47:00 rgb
-+ *
-+ * Remove unused ipsec_tunnel_lock() and ipsec_tunnel_unlock() code.
-+ * Refactor ipsec_tunnel_start_xmit() further into:
-+ * ipsec_xmit_sanity_check_dev()
-+ * ipsec_xmit_sanity_check_skb()
-+ * ipsec_xmit_strip_hard_header()
-+ * ipsec_xmit_restore_hard_header()
-+ * ipsec_xmit_send()
-+ * ipsec_xmit_cleanup()
-+ * and start a skeletal ipsec_mast_start_xmit() .
-+ *
-+ * Revision 1.204 2003/02/06 06:43:46 rgb
-+ *
-+ * Refactor ipsec_tunnel_start_xmit, bringing out:
-+ * ipsec_xmit_SAlookup
-+ * ipsec_xmit_encap_once
-+ * ipsec_xmit_encap_bundle
-+ *
-+ * Revision 1.203 2003/02/06 02:21:34 rgb
-+ *
-+ * Moved "struct auth_alg" from ipsec_rcv.c to ipsec_ah.h .
-+ * Changed "struct ah" to "struct ahhdr" and "struct esp" to "struct esphdr".
-+ * Removed "#ifdef INBOUND_POLICY_CHECK_eroute" dead code.
-+ *
-+ * Revision 1.202 2003/01/03 07:38:01 rgb
-+ *
-+ * Start to refactor ipsec_tunnel_start_xmit() by putting local variables
-+ * into struct ipsec_xmit_state and renaming a few variables to give more
-+ * unique or searchable names.
-+ *
-+ * Revision 1.201 2003/01/03 00:31:28 rgb
-+ *
-+ * Clean up memset usage, including fixing 2 places where keys were not
-+ * properly wiped.
-+ *
-+ * Revision 1.200 2002/12/06 02:24:02 mcr
-+ * patches for compiling against SUSE 8.1 kernels. Requires
-+ * an additional -DSUSE_LINUX_2_4_19_IS_STUPID.
-+ *
-+ * Revision 1.199 2002/10/12 23:11:53 dhr
-+ *
-+ * [KenB + DHR] more 64-bit cleanup
-+ *
-+ * Revision 1.198 2002/10/05 05:02:58 dhr
-+ *
-+ * C labels go on statements
-+ *
-+ * Revision 1.197 2002/09/20 05:01:50 rgb
-+ * Added compiler directive to switch on IP options and fix IP options bug.
-+ * Make ip->ihl treatment consistent using shifts rather than multiplications.
-+ * Check for large enough packet before accessing udp header for IKE bypass.
-+ * Added memory allocation debugging.
-+ * Fixed potential memory allocation failure-induced oops.
-+ *
-+ * Revision 1.196 2002/07/24 18:44:54 rgb
-+ * Type fiddling to tame ia64 compiler.
-+ *
-+ * Revision 1.195 2002/07/23 03:36:07 rgb
-+ * Fixed 2.2 device initialisation hang.
-+ *
-+ * Revision 1.194 2002/05/27 21:40:34 rgb
-+ * Set unused ipsec devices to ARPHRD_VOID to avoid confusing iproute2.
-+ * Cleaned up intermediate step to dynamic device allocation.
-+ *
-+ * Revision 1.193 2002/05/27 19:31:36 rgb
-+ * Convert to dynamic ipsec device allocation.
-+ * Remove final vistiges of tdb references via IPSEC_KLIPS1_COMPAT.
-+ *
-+ * Revision 1.192 2002/05/23 07:14:28 rgb
-+ * Added refcount code.
-+ * Cleaned up %p variants to 0p%p for test suite cleanup.
-+ *
-+ * Revision 1.191 2002/05/14 02:34:37 rgb
-+ * Change all references to tdb, TDB or Tunnel Descriptor Block to ips,
-+ * ipsec_sa or ipsec_sa.
-+ *
-+ * Revision 1.190 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.189 2002/04/24 07:36:32 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_tunnel.c,v
-+ *
-+ * Revision 1.188 2002/04/20 00:12:25 rgb
-+ * Added esp IV CBC attack fix, disabled.
-+ *
-+ * Revision 1.187 2002/03/23 19:55:17 rgb
-+ * Fix for 2.2 local IKE fragmentation blackhole. Still won't work if
-+ * iptraf or another pcap app is running.
-+ *
-+ * Revision 1.186 2002/03/19 03:26:22 rgb
-+ * Applied DHR's tunnel patch to streamline IKE/specialSA processing.
-+ *
-+ * Revision 1.185 2002/02/20 04:13:05 rgb
-+ * Send back ICMP_PKT_FILTERED upon %reject.
-+ *
-+ * Revision 1.184 2002/01/29 17:17:56 mcr
-+ * moved include of ipsec_param.h to after include of linux/kernel.h
-+ * otherwise, it seems that some option that is set in ipsec_param.h
-+ * screws up something subtle in the include path to kernel.h, and
-+ * it complains on the snprintf() prototype.
-+ *
-+ * Revision 1.183 2002/01/29 04:00:53 mcr
-+ * more excise of kversions.h header.
-+ *
-+ * Revision 1.182 2002/01/29 02:13:18 mcr
-+ * introduction of ipsec_kversion.h means that include of
-+ * ipsec_param.h must preceed any decisions about what files to
-+ * include to deal with differences in kernel source.
-+ *
-+ * Revision 1.181 2002/01/07 20:00:33 rgb
-+ * Added IKE destination port debugging.
-+ *
-+ * Revision 1.180 2001/12/21 21:49:54 rgb
-+ * Fixed bug as a result of moving IKE bypass above %trap/%hold code.
-+ *
-+ * Revision 1.179 2001/12/19 21:08:14 rgb
-+ * Added transport protocol ports to ipsec_print_ip().
-+ * Update eroute info for non-SA targets.
-+ * Added obey DF code disabled.
-+ * Fixed formatting bugs in ipsec_tunnel_hard_header().
-+ *
-+ * Revision 1.178 2001/12/05 09:36:10 rgb
-+ * Moved the UDP/500 IKE check just above the %hold/%trap checks to avoid
-+ * IKE packets being stolen by the %hold (and returned to the sending KMd
-+ * in an ACQUIRE, ironically ;-).
-+ *
-+ * Revision 1.177 2001/11/26 09:23:50 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.170.2.1 2001/09/25 02:28:27 mcr
-+ * struct tdb -> struct ipsec_sa.
-+ * lifetime checks moved to common routines.
-+ * cleaned up includes.
-+ *
-+ * Revision 1.170.2.2 2001/10/22 21:08:01 mcr
-+ * include des.h, removed phony prototypes and fixed calling
-+ * conventions to match real prototypes.
-+ *
-+ * Revision 1.176 2001/11/09 18:32:31 rgb
-+ * Added Hans Schultz' fragmented UDP/500 IKE socket port selector.
-+ *
-+ * Revision 1.175 2001/11/06 20:47:00 rgb
-+ * Added Eric Espie's TRAPSUBNET fix, minus spin-lock-bh dabbling.
-+ *
-+ * Revision 1.174 2001/11/06 19:50:43 rgb
-+ * Moved IP_SEND, ICMP_SEND, DEV_QUEUE_XMIT macros to ipsec_tunnel.h for
-+ * use also by pfkey_v2_parser.c
-+ *
-+ * Revision 1.173 2001/10/29 21:53:44 henry
-+ * tone down the device-down message slightly, until we can make it smarter
-+ *
-+ * Revision 1.172 2001/10/26 04:59:37 rgb
-+ * Added a critical level syslog message if an ipsec device goes down.
-+ *
-+ * Revision 1.171 2001/10/18 04:45:21 rgb
-+ * 2.4.9 kernel deprecates linux/malloc.h in favour of linux/slab.h,
-+ * lib/freeswan.h version macros moved to lib/kversions.h.
-+ * Other compiler directive cleanups.
-+ *
-+ * Revision 1.170 2001/09/25 00:09:50 rgb
-+ * Added NetCelo's TRAPSUBNET code to convert a new type TRAPSUBNET into a
-+ * HOLD.
-+ *
-+ * Revision 1.169 2001/09/15 16:24:05 rgb
-+ * Re-inject first and last HOLD packet when an eroute REPLACE is done.
-+ *
-+ * Revision 1.168 2001/09/14 16:58:37 rgb
-+ * Added support for storing the first and last packets through a HOLD.
-+ *
-+ * Revision 1.167 2001/09/08 21:13:33 rgb
-+ * Added pfkey ident extension support for ISAKMPd. (NetCelo)
-+ *
-+ * Revision 1.166 2001/08/27 19:47:59 rgb
-+ * Clear tdb before usage.
-+ * Added comment: clear IF before calling routing?
-+ *
-+ * Revision 1.165 2001/07/03 01:23:53 rgb
-+ * Send back ICMP iff DF set, !ICMP, offset==0, sysctl_icmp, iph->tot_len >
-+ * emtu, and don't drop.
-+ *
-+ * Revision 1.164 2001/06/14 19:35:10 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.163 2001/06/06 20:28:51 rgb
-+ * Added sanity checks for NULL skbs and devices.
-+ * Added more debugging output to various functions.
-+ * Removed redundant dev->priv argument to ipsec_tunnel_{at,de}tach().
-+ * Renamed ipsec_tunnel_attach() virtual and physical device arguments.
-+ * Corrected neigh_setup() device function assignment.
-+ * Keep valid pointers to ipsec_tunnel_*() on detach.
-+ * Set dev->type to the originally-initiallised value.
-+ *
-+ * Revision 1.162 2001/06/01 07:28:04 rgb
-+ * Added sanity checks for detached devices. Don't down virtual devices
-+ * to prevent packets going out in the clear if the detached device comes
-+ * back up.
-+ *
-+ * Revision 1.161 2001/05/30 08:14:52 rgb
-+ * Removed vestiges of esp-null transforms.
-+ * NetDev Notifier instrumentation to track down disappearing devices.
-+ *
-+ * Revision 1.160 2001/05/29 05:15:12 rgb
-+ * Added SS' PMTU patch which notifies sender if packet doesn't fit
-+ * physical MTU (if it wasn't ICMP) and then drops it.
-+ *
-+ * Revision 1.159 2001/05/27 06:12:12 rgb
-+ * Added structures for pid, packet count and last access time to eroute.
-+ * Added packet count to beginning of /proc/net/ipsec_eroute.
-+ *
-+ * Revision 1.158 2001/05/24 05:39:33 rgb
-+ * Applied source zeroing to 2.2 ip_route_output() call as well to enable
-+ * PASS eroutes for opportunism.
-+ *
-+ * Revision 1.157 2001/05/23 22:35:28 rgb
-+ * 2.4 source override simplification.
-+ *
-+ * Revision 1.156 2001/05/23 21:41:31 rgb
-+ * Added error return code printing on ip_route_output().
-+ *
-+ * Revision 1.155 2001/05/23 05:09:13 rgb
-+ * Fixed incorrect ip_route_output() failure message.
-+ *
-+ * Revision 1.154 2001/05/21 14:53:31 rgb
-+ * Added debug statement for case when ip_route_output() fails, causing
-+ * packet to be dropped, but log looked ok.
-+ *
-+ * Revision 1.153 2001/05/19 02:37:54 rgb
-+ * Fixed missing comment termination.
-+ *
-+ * Revision 1.152 2001/05/19 02:35:50 rgb
-+ * Debug code optimisation for non-debug speed.
-+ * Kernel version compiler define comments.
-+ * 2.2 and 2.4 kernel ip_send device and ip debug output added.
-+ *
-+ * Revision 1.151 2001/05/18 16:17:35 rgb
-+ * Changed reference from "magic" to "shunt" SAs.
-+ *
-+ * Revision 1.150 2001/05/18 16:12:19 rgb
-+ * Changed UDP/500 bypass test from 3 nested ifs to one anded if.
-+ *
-+ * Revision 1.149 2001/05/16 04:39:33 rgb
-+ * Add default == eroute.dest to IKE bypass conditions for magic eroutes.
-+ *
-+ * Revision 1.148 2001/05/05 03:31:41 rgb
-+ * IP frag debugging updates and enhancements.
-+ *
-+ * Revision 1.147 2001/05/03 19:41:40 rgb
-+ * Added SS' skb_cow fix for 2.4.4.
-+ *
-+ * Revision 1.146 2001/04/30 19:28:16 rgb
-+ * Update for 2.4.4. ip_select_ident() now has 3 args.
-+ *
-+ * Revision 1.145 2001/04/23 14:56:10 rgb
-+ * Added spin_lock() check to prevent double-locking for multiple
-+ * transforms and hence kernel lock-ups with SMP kernels.
-+ *
-+ * Revision 1.144 2001/04/21 23:04:45 rgb
-+ * Define out skb->used for 2.4 kernels.
-+ * Check if soft expire has already been sent before sending another to
-+ * prevent ACQUIRE flooding.
-+ *
-+ * Revision 1.143 2001/03/16 07:37:21 rgb
-+ * Added comments to all #endifs.
-+ *
-+ * Revision 1.142 2001/02/28 05:03:27 rgb
-+ * Clean up and rationalise startup messages.
-+ *
-+ * Revision 1.141 2001/02/27 22:24:54 rgb
-+ * Re-formatting debug output (line-splitting, joining, 1arg/line).
-+ * Check for satoa() return codes.
-+ *
-+ * Revision 1.140 2001/02/27 06:40:12 rgb
-+ * Fixed TRAP->HOLD eroute byte order.
-+ *
-+ * Revision 1.139 2001/02/26 20:38:59 rgb
-+ * Added compiler defines for 2.4.x-specific code.
-+ *
-+ * Revision 1.138 2001/02/26 19:57:27 rgb
-+ * Implement magic SAs %drop, %reject, %trap, %hold, %pass as part
-+ * of the new SPD and to support opportunistic.
-+ * Drop sysctl_ipsec_{no_eroute_pass,opportunistic}, replaced by magic SAs.
-+ *
-+ * Revision 1.137 2001/02/19 22:29:49 rgb
-+ * Fixes for presence of active ipv6 segments which share ipsec physical
-+ * device (gg).
-+ *
-+ * Revision 1.136 2001/01/29 22:30:38 rgb
-+ * Fixed minor acquire debug printing bug.
-+ *
-+ * Revision 1.135 2001/01/29 22:19:45 rgb
-+ * Zero source address for 2.4 bypass route lookup.
-+ *
-+ * Revision 1.134 2001/01/23 20:19:49 rgb
-+ * 2.4 fix to remove removed is_clone member.
-+ *
-+ * Revision 1.133 2000/12/09 22:08:35 rgb
-+ * Fix NET_23 bug, should be NETDEV_23.
-+ *
-+ * Revision 1.132 2000/12/01 06:54:50 rgb
-+ * Fix for new 2.4 IP TTL default variable name.
-+ *
-+ * Revision 1.131 2000/11/09 20:52:15 rgb
-+ * More spinlock shuffling, locking earlier and unlocking later in rcv to
-+ * include ipcomp and prevent races, renaming some tdb variables that got
-+ * forgotten, moving some unlocks to include tdbs and adding a missing
-+ * unlock. Thanks to Svenning for some of these.
-+ *
-+ * Revision 1.130 2000/11/09 20:11:22 rgb
-+ * Minor shuffles to fix non-standard kernel config option selection.
-+ *
-+ * Revision 1.129 2000/11/06 04:32:49 rgb
-+ * Clean up debug printing.
-+ * Copy skb->protocol for all kernel versions.
-+ * Ditched spin_lock_irqsave in favour of spin_lock.
-+ * Disabled TTL decrement, done in ip_forward.
-+ * Added debug printing before pfkey_acquire().
-+ * Fixed printk-deltdbchain-spin_lock races (Svenning).
-+ * Use defaultTTL for 2.1+ kernels.
-+ * Add Svenning's adaptive content compression.
-+ * Fix up debug display arguments.
-+ *
-+ * Revision 1.128 2000/09/28 00:58:57 rgb
-+ * Moved the IKE passthrough check after the eroute lookup so we can pass
-+ * IKE through intermediate tunnels.
-+ *
-+ * Revision 1.127 2000/09/22 17:52:11 rgb
-+ * Fixed misleading ipcomp debug output.
-+ *
-+ * Revision 1.126 2000/09/22 04:22:56 rgb
-+ * Fixed dumb spi->cpi conversion error.
-+ *
-+ * Revision 1.125 2000/09/21 04:34:48 rgb
-+ * A few debug-specific things should be hidden under
-+ * CONFIG_IPSEC_DEBUG.(MB)
-+ * Improved ip_send() error handling.(MB)
-+ *
-+ * Revision 1.124 2000/09/21 03:40:58 rgb
-+ * Added more debugging to try and track down the cpi outward copy problem.
-+ *
-+ * Revision 1.123 2000/09/19 07:08:49 rgb
-+ * Added debugging to outgoing compression report.
-+ *
-+ * Revision 1.122 2000/09/18 19:21:26 henry
-+ * RGB-supplied fix for RH5.2 problem
-+ *
-+ * Revision 1.121 2000/09/17 21:05:09 rgb
-+ * Added tdb to skb_compress call to write in cpi.
-+ *
-+ * Revision 1.120 2000/09/17 16:57:16 rgb
-+ * Added Svenning's patch to remove restriction of ipcomp to innermost
-+ * transform.
-+ *
-+ * Revision 1.119 2000/09/15 11:37:01 rgb
-+ * Merge in heavily modified Svenning Soerensen's <svenning@post5.tele.dk>
-+ * IPCOMP zlib deflate code.
-+ *
-+ * Revision 1.118 2000/09/15 04:57:16 rgb
-+ * Moved debug output after sanity check.
-+ * Added tos copy sysctl.
-+ *
-+ * Revision 1.117 2000/09/12 03:22:51 rgb
-+ * Converted ipsec_icmp, no_eroute_pass, opportunistic and #if0 debugs to
-+ * sysctl.
-+ *
-+ * Revision 1.116 2000/09/08 19:18:19 rgb
-+ * Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
-+ * Added outgoing opportunistic hook, ifdef'ed out.
-+ *
-+ * Revision 1.115 2000/08/30 05:27:29 rgb
-+ * Removed all the rest of the references to tdb_spi, tdb_proto, tdb_dst.
-+ * Kill remainder of tdb_xform, tdb_xdata, xformsw.
-+ *
-+ * Revision 1.114 2000/08/28 18:15:46 rgb
-+ * Added MB's nf-debug reset patch.
-+ *
-+ * Revision 1.113 2000/08/27 02:26:40 rgb
-+ * Send all no-eroute-bypass, pluto-bypass and passthrough packets through
-+ * fragmentation machinery for 2.0, 2.2 and 2.4 kernels.
-+ *
-+ * Revision 1.112 2000/08/20 21:37:33 rgb
-+ * Activated pfkey_expire() calls.
-+ * Added a hard/soft expiry parameter to pfkey_expire(). (Momchil)
-+ * Re-arranged the order of soft and hard expiry to conform to RFC2367.
-+ * Clean up references to CONFIG_IPSEC_PFKEYv2.
-+ *
-+ * Revision 1.111 2000/08/01 14:51:51 rgb
-+ * Removed _all_ remaining traces of DES.
-+ *
-+ * Revision 1.110 2000/07/28 14:58:31 rgb
-+ * Changed kfree_s to kfree, eliminating extra arg to fix 2.4.0-test5.
-+ *
-+ * Revision 1.109 2000/07/28 13:50:54 rgb
-+ * Changed enet_statistics to net_device_stats and added back compatibility
-+ * for pre-2.1.19.
-+ *
-+ * Revision 1.108 2000/05/16 03:03:11 rgb
-+ * Updates for 2.3.99pre8 from MB.
-+ *
-+ * Revision 1.107 2000/05/10 23:08:21 rgb
-+ * Print a debug warning about bogus packets received by the outgoing
-+ * processing machinery only when klipsdebug is not set to none.
-+ * Comment out the device initialisation informational messages.
-+ *
-+ * Revision 1.106 2000/05/10 19:17:14 rgb
-+ * Define an IP_SEND macro, intending to have all packet passthroughs
-+ * use fragmentation. This didn't quite work, but is a step in the
-+ * right direction.
-+ * Added buffer allocation debugging statements.
-+ * Added configure option to shut off no eroute passthrough.
-+ * Only check usetime against soft and hard limits if the tdb has been
-+ * used.
-+ * Cast output of ntohl so that the broken prototype doesn't make our
-+ * compile noisy.
-+ *
-+ * Revision 1.105 2000/03/22 16:15:37 rgb
-+ * Fixed renaming of dev_get (MB).
-+ *
-+ * Revision 1.104 2000/03/16 14:04:15 rgb
-+ * Indented headers for readability.
-+ * Fixed debug scope to enable compilation with debug off.
-+ * Added macros for ip_chk_addr and IS_MYADDR for identifying self.
-+ *
-+ * Revision 1.103 2000/03/16 07:11:07 rgb
-+ * Hardcode PF_KEYv2 support.
-+ * Fixed bug which allowed UDP/500 packet from another machine
-+ * through in the clear.
-+ * Added disabled skb->protocol fix for ISDN/ASYNC PPP from Matjaz Godec.
-+ *
-+ * Revision 1.102 2000/03/14 12:26:59 rgb
-+ * Added skb->nfct support for clearing netfilter conntrack bits (MB).
-+ *
-+ * Revision 1.101 2000/02/14 21:05:22 rgb
-+ * Added MB's netif_queue fix for kernels 2.3.43+.
-+ *
-+ * Revision 1.100 2000/01/26 10:04:57 rgb
-+ * Fixed noisy 2.0 printk arguments.
-+ *
-+ * Revision 1.99 2000/01/21 06:16:25 rgb
-+ * Added sanity checks on skb_push(), skb_pull() to prevent panics.
-+ * Switched to AF_ENCAP macro.
-+ * Shortened debug output per packet and re-arranging debug_tunnel
-+ * bitmap flags, while retaining necessary information to avoid
-+ * trampling the kernel print ring buffer.
-+ * Reformatted recursion switch code.
-+ * Changed all references to tdb_proto to tdb_said.proto for clarity.
-+ *
-+ * Revision 1.98 2000/01/13 08:09:31 rgb
-+ * Shuffled debug_tunnel switches to focus output.
-+ * Fixed outgoing recursion bug, limiting to recursing only if the remote
-+ * SG changes and if it is valid, ie. not passthrough.
-+ * Clarified a number of debug messages.
-+ *
-+ * Revision 1.97 2000/01/10 16:37:16 rgb
-+ * MB support for new ip_select_ident() upon disappearance of
-+ * ip_id_count in 2.3.36+.
-+ *
-+ * Revision 1.96 1999/12/31 14:59:08 rgb
-+ * MB fix to use new skb_copy_expand in kernel 2.3.35.
-+ *
-+ * Revision 1.95 1999/12/29 21:15:44 rgb
-+ * Fix tncfg to aliased device bug.
-+ *
-+ * Revision 1.94 1999/12/22 04:26:06 rgb
-+ * Converted all 'static' functions to 'DEBUG_NO_STATIC' to enable
-+ * debugging by providing external labels to all functions with debugging
-+ * turned on.
-+ *
-+ * Revision 1.93 1999/12/13 13:30:14 rgb
-+ * Changed MTU reports and HW address reporting back to debug only.
-+ *
-+ * Revision 1.92 1999/12/07 18:57:56 rgb
-+ * Fix PFKEY symbol compile error (SADB_*) without pfkey enabled.
-+ *
-+ * Revision 1.91 1999/12/01 22:15:36 rgb
-+ * Add checks for LARVAL and DEAD SAs.
-+ * Change state of SA from MATURE to DYING when a soft lifetime is
-+ * reached and print debug warning.
-+ *
-+ * Revision 1.90 1999/11/23 23:04:04 rgb
-+ * Use provided macro ADDRTOA_BUF instead of hardcoded value.
-+ * Sort out pfkey and freeswan headers, putting them in a library path.
-+ *
-+ * Revision 1.89 1999/11/18 18:50:59 rgb
-+ * Changed all device registrations for static linking to
-+ * dynamic to reduce the number and size of patches.
-+ *
-+ * Revision 1.88 1999/11/18 04:09:19 rgb
-+ * Replaced all kernel version macros to shorter, readable form.
-+ *
-+ * Revision 1.87 1999/11/17 15:53:40 rgb
-+ * Changed all occurrences of #include "../../../lib/freeswan.h"
-+ * to #include <freeswan.h> which works due to -Ilibfreeswan in the
-+ * klips/net/ipsec/Makefile.
-+ *
-+ * Revision 1.86 1999/10/16 18:25:37 rgb
-+ * Moved SA lifetime expiry checks before packet processing.
-+ * Expire SA on replay counter rollover.
-+ *
-+ * Revision 1.85 1999/10/16 04:24:31 rgb
-+ * Add stats for time since last packet.
-+ *
-+ * Revision 1.84 1999/10/16 00:30:47 rgb
-+ * Added SA lifetime counting.
-+ *
-+ * Revision 1.83 1999/10/15 22:15:57 rgb
-+ * Clean out cruft.
-+ * Add debugging.
-+ *
-+ * Revision 1.82 1999/10/08 18:26:19 rgb
-+ * Fix 2.0.3x outgoing fragmented packet memory leak.
-+ *
-+ * Revision 1.81 1999/10/05 02:38:54 rgb
-+ * Lower the default mtu of virtual devices to 16260.
-+ *
-+ * Revision 1.80 1999/10/03 18:56:41 rgb
-+ * Spinlock support for 2.3.xx.
-+ * Don't forget to undo spinlocks on error!
-+ * Check for valid eroute before copying the structure.
-+ *
-+ * Revision 1.79 1999/10/01 15:44:53 rgb
-+ * Move spinlock header include to 2.1> scope.
-+ *
-+ * Revision 1.78 1999/10/01 00:02:43 rgb
-+ * Added tdb structure locking.
-+ * Added eroute structure locking.
-+ *
-+ * Revision 1.77 1999/09/30 02:52:29 rgb
-+ * Add Marc Boucher's Copy-On-Write code (same as ipsec_rcv.c).
-+ *
-+ * Revision 1.76 1999/09/25 19:31:27 rgb
-+ * Refine MSS hack to affect SYN, but not SYN+ACK packets.
-+ *
-+ * Revision 1.75 1999/09/24 22:52:38 rgb
-+ * Fix two things broken in 2.0.38 by trying to fix network notifiers.
-+ *
-+ * Revision 1.74 1999/09/24 00:30:37 rgb
-+ * Add test for changed source as well as destination to check for
-+ * recursion.
-+ *
-+ * Revision 1.73 1999/09/23 20:52:24 rgb
-+ * Add James Morris' MSS hack patch, disabled.
-+ *
-+ * Revision 1.72 1999/09/23 20:22:40 rgb
-+ * Enable, tidy and fix network notifier code.
-+ *
-+ * Revision 1.71 1999/09/23 18:09:05 rgb
-+ * Clean up 2.2.x fragmenting traces.
-+ * Disable dev->type switching, forcing ARPHRD_TUNNEL.
-+ *
-+ * Revision 1.70 1999/09/22 14:14:24 rgb
-+ * Add sanity checks for revectored calls to prevent calling a downed I/F.
-+ *
-+ * Revision 1.69 1999/09/21 15:00:57 rgb
-+ * Add Marc Boucher's packet size check.
-+ * Flesh out network device notifier code.
-+ *
-+ * Revision 1.68 1999/09/18 11:39:57 rgb
-+ * Start to add (disabled) netdevice notifier code.
-+ *
-+ * Revision 1.67 1999/09/17 23:44:40 rgb
-+ * Add a comment warning potential code hackers to stay away from mac.raw.
-+ *
-+ * Revision 1.66 1999/09/17 18:04:02 rgb
-+ * Add fix for unpredictable hard_header_len for ISDN folks (thanks MB).
-+ * Ditch TTL decrement in 2.2 (MB).
-+ *
-+ * Revision 1.65 1999/09/15 23:15:35 henry
-+ * Marc Boucher's PPP fixes
-+ *
-+ * Revision 1.64 1999/09/07 13:40:53 rgb
-+ * Ditch unreliable references to skb->mac.raw.
-+ *
-+ * Revision 1.63 1999/08/28 11:33:09 rgb
-+ * Check for null skb->mac pointer.
-+ *
-+ * Revision 1.62 1999/08/28 02:02:30 rgb
-+ * Add Marc Boucher's fix for properly dealing with skb->sk.
-+ *
-+ * Revision 1.61 1999/08/27 05:23:05 rgb
-+ * Clean up skb->data/raw/nh/h manipulation.
-+ * Add Marc Boucher's mods to aid tcpdump.
-+ * Add sanity checks to skb->raw/nh/h pointer copies in skb_copy_expand.
-+ * Re-order hard_header stripping -- might be able to remove it...
-+ *
-+ * Revision 1.60 1999/08/26 20:01:02 rgb
-+ * Tidy up compiler directives and macros.
-+ * Re-enable ICMP for tunnels where inner_dst != outer_dst.
-+ * Remove unnecessary skb->dev = physdev assignment affecting 2.2.x.
-+ *
-+ * Revision 1.59 1999/08/25 15:44:41 rgb
-+ * Clean up from 2.2.x instrumenting for compilation under 2.0.36.
-+ *
-+ * Revision 1.58 1999/08/25 15:00:54 rgb
-+ * Add dst cache code for 2.2.xx.
-+ * Add sanity check for skb packet header pointers.
-+ * Add/modify debugging instrumentation to *_start_xmit, *_hard_header and
-+ * *_rebuild_header.
-+ * Add neigh_* cache code.
-+ * Change dev->type back to ARPHRD_TUNNEL.
-+ *
-+ * Revision 1.57 1999/08/17 21:50:23 rgb
-+ * Fixed minor debug output bugs.
-+ * Regrouped error recovery exit code.
-+ * Added compiler directives to remove unwanted code and symbols.
-+ * Shut off ICMP messages: to be refined to only send ICMP to remote systems.
-+ * Add debugging code for output function addresses.
-+ * Fix minor bug in (possibly unused) header_cache_bind function.
-+ * Add device neighbour caching code.
-+ * Change dev->type from ARPHRD_TUNNEL to physdev->type.
-+ *
-+ * Revision 1.56 1999/08/03 17:22:56 rgb
-+ * Debug output clarification using KERN_* macros. Other inactive changes
-+ * added.
-+ *
-+ * Revision 1.55 1999/08/03 16:58:46 rgb
-+ * Fix skb_copy_expand size bug. Was getting incorrect size.
-+ *
-+ * Revision 1.54 1999/07/14 19:32:38 rgb
-+ * Fix oversize packet crash and ssh stalling in 2.2.x kernels.
-+ *
-+ * Revision 1.53 1999/06/10 15:44:02 rgb
-+ * Minor reformatting and clean-up.
-+ *
-+ * Revision 1.52 1999/05/09 03:25:36 rgb
-+ * Fix bug introduced by 2.2 quick-and-dirty patch.
-+ *
-+ * Revision 1.51 1999/05/08 21:24:59 rgb
-+ * Add casting to silence the 2.2.x compile.
-+ *
-+ * Revision 1.50 1999/05/05 22:02:32 rgb
-+ * Add a quick and dirty port to 2.2 kernels by Marc Boucher <marc@mbsi.ca>.
-+ *
-+ * Revision 1.49 1999/04/29 15:18:52 rgb
-+ * Change gettdb parameter to a pointer to reduce stack loading and
-+ * facilitate parameter sanity checking.
-+ * Fix undetected bug that might have tried to access a null pointer.
-+ * Eliminate unnessessary usage of tdb_xform member to further switch
-+ * away from the transform switch to the algorithm switch.
-+ * Add return values to init and cleanup functions.
-+ *
-+ * Revision 1.48 1999/04/16 15:38:00 rgb
-+ * Minor rearrangement of freeing code to avoid memory leaks with impossible or
-+ * rare situations.
-+ *
-+ * Revision 1.47 1999/04/15 15:37:25 rgb
-+ * Forward check changes from POST1_00 branch.
-+ *
-+ * Revision 1.32.2.4 1999/04/13 21:00:18 rgb
-+ * Ditch 'things I wish I had known before...'.
-+ *
-+ * Revision 1.32.2.3 1999/04/13 20:34:38 rgb
-+ * Free skb after fragmentation.
-+ * Use stats more effectively.
-+ * Add I/F to mtu notch-down reporting.
-+ *
-+ * Revision 1.32.2.2 1999/04/02 04:26:14 rgb
-+ * Backcheck from HEAD, pre1.0.
-+ *
-+ * Revision 1.46 1999/04/11 00:29:00 henry
-+ * GPL boilerplate
-+ *
-+ * Revision 1.45 1999/04/07 15:42:01 rgb
-+ * Fix mtu/ping bug AGAIN!
-+ *
-+ * Revision 1.44 1999/04/06 04:54:27 rgb
-+ * Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+ * patch shell fixes.
-+ *
-+ * Revision 1.43 1999/04/04 03:57:07 rgb
-+ * ip_fragment() doesn't free the supplied skb. Freed.
-+ *
-+ * Revision 1.42 1999/04/01 23:27:15 rgb
-+ * Preload size of virtual mtu.
-+ *
-+ * Revision 1.41 1999/04/01 09:31:23 rgb
-+ * Invert meaning of ICMP PMTUD config option and clarify.
-+ * Code clean-up.
-+ *
-+ * Revision 1.40 1999/04/01 04:37:17 rgb
-+ * SSH stalling bug fix.
-+ *
-+ * Revision 1.39 1999/03/31 23:44:28 rgb
-+ * Don't send ICMP on DF and frag_off.
-+ *
-+ * Revision 1.38 1999/03/31 15:20:10 rgb
-+ * Quiet down debugging.
-+ *
-+ * Revision 1.37 1999/03/31 08:30:31 rgb
-+ * Add switch to shut off ICMP PMTUD packets.
-+ *
-+ * Revision 1.36 1999/03/31 05:44:47 rgb
-+ * Keep PMTU reduction private.
-+ *
-+ * Revision 1.35 1999/03/27 15:13:02 rgb
-+ * PMTU/fragmentation bug fix.
-+ *
-+ * Revision 1.34 1999/03/17 21:19:26 rgb
-+ * Fix kmalloc nonatomic bug.
-+ *
-+ * Revision 1.33 1999/03/17 15:38:42 rgb
-+ * Code clean-up.
-+ * ESP_NULL IV bug fix.
-+ *
-+ * Revision 1.32 1999/03/01 20:44:25 rgb
-+ * Code clean-up.
-+ * Memory leak bug fix.
-+ *
-+ * Revision 1.31 1999/02/27 00:02:09 rgb
-+ * Tune to report the MTU reduction once, rather than after every recursion
-+ * through the encapsulating code, preventing tcp stream stalling.
-+ *
-+ * Revision 1.30 1999/02/24 20:21:01 rgb
-+ * Reformat debug printk's.
-+ * Fix recursive encapsulation, dynamic MTU bugs and add debugging code.
-+ * Clean-up.
-+ *
-+ * Revision 1.29 1999/02/22 17:08:14 rgb
-+ * Fix recursive encapsulation code.
-+ *
-+ * Revision 1.28 1999/02/19 18:27:02 rgb
-+ * Improve DF, fragmentation and PMTU behaviour and add dynamic MTU discovery.
-+ *
-+ * Revision 1.27 1999/02/17 16:51:37 rgb
-+ * Clean out unused cruft.
-+ * Temporarily tone down volume of debug output.
-+ * Temporarily shut off fragment rejection.
-+ * Disabled temporary failed recursive encapsulation loop.
-+ *
-+ * Revision 1.26 1999/02/12 21:21:26 rgb
-+ * Move KLIPS_PRINT to ipsec_netlink.h for accessibility.
-+ *
-+ * Revision 1.25 1999/02/11 19:38:27 rgb
-+ * More clean-up.
-+ * Add sanity checking for skb_copy_expand() to prevent kernel panics on
-+ * skb_put() values out of range.
-+ * Fix head/tailroom calculation causing skb_put() out-of-range values.
-+ * Fix return values to prevent 'nonatomic alloc_skb' warnings.
-+ * Allocate new skb iff needed.
-+ * Added more debug statements.
-+ * Make headroom depend on structure, not hard-coded values.
-+ *
-+ * Revision 1.24 1999/02/10 23:20:33 rgb
-+ * Shut up annoying 'statement has no effect' compiler warnings with
-+ * debugging compiled out.
-+ *
-+ * Revision 1.23 1999/02/10 22:36:30 rgb
-+ * Clean-up obsolete, unused and messy code.
-+ * Converted most IPSEC_DEBUG statements to KLIPS_PRINT macros.
-+ * Rename ipsec_tunnel_do_xmit to ipsec_tunnel_start_xmit and eliminated
-+ * original ipsec_tunnel_start_xmit.
-+ * Send all packet with different inner and outer destinations directly to
-+ * the attached physical device, rather than back through ip_forward,
-+ * preventing disappearing routes problems.
-+ * Do sanity checking before investing too much CPU in allocating new
-+ * structures.
-+ * Fail on IP header options: We cannot process them yet.
-+ * Add some helpful comments.
-+ * Use virtual device for parameters instead of physical device.
-+ *
-+ * Revision 1.22 1999/02/10 03:03:02 rgb
-+ * Duh. Fixed the TTL bug: forgot to update the checksum.
-+ *
-+ * Revision 1.21 1999/02/09 23:17:53 rgb
-+ * Add structure members to ipsec_print_ip debug function.
-+ * Temporarily fix TTL bug preventing tunnel mode from functioning.
-+ *
-+ * Revision 1.20 1999/02/09 00:14:25 rgb
-+ * Add KLIPSPRINT macro. (Not used yet, though.)
-+ * Delete old ip_tunnel code (BADCODE).
-+ * Decrement TTL in outgoing packet.
-+ * Set TTL on new IPIP_TUNNEL to default, not existing packet TTL.
-+ * Delete ethernet only feature and fix hard-coded hard_header_len.
-+ *
-+ * Revision 1.19 1999/01/29 17:56:22 rgb
-+ * 64-bit re-fix submitted by Peter Onion.
-+ *
-+ * Revision 1.18 1999/01/28 22:43:24 rgb
-+ * Fixed bug in ipsec_print_ip that caused an OOPS, found by P.Onion.
-+ *
-+ * Revision 1.17 1999/01/26 02:08:16 rgb
-+ * Removed CONFIG_IPSEC_ALGO_SWITCH macro.
-+ * Removed dead code.
-+ *
-+ * Revision 1.16 1999/01/22 06:25:26 rgb
-+ * Cruft clean-out.
-+ * Added algorithm switch code.
-+ * 64-bit clean-up.
-+ * Passthrough on IPIP protocol, spi 0x0 fix.
-+ * Enhanced debugging.
-+ *
-+ * Revision 1.15 1998/12/01 13:22:04 rgb
-+ * Added support for debug printing of version info.
-+ *
-+ * Revision 1.14 1998/11/30 13:22:55 rgb
-+ * Rationalised all the klips kernel file headers. They are much shorter
-+ * now and won't conflict under RH5.2.
-+ *
-+ * Revision 1.13 1998/11/17 21:13:52 rgb
-+ * Put IKE port bypass debug output in user-switched debug statements.
-+ *
-+ * Revision 1.12 1998/11/13 13:20:25 rgb
-+ * Fixed ntohs bug in udp/500 hole for IKE.
-+ *
-+ * Revision 1.11 1998/11/10 08:01:19 rgb
-+ * Kill tcp/500 hole, keep udp/500 hole.
-+ *
-+ * Revision 1.10 1998/11/09 21:29:26 rgb
-+ * If no eroute is found, discard packet and incr. tx_error.
-+ *
-+ * Revision 1.9 1998/10/31 06:50:00 rgb
-+ * Add tcp/udp/500 bypass.
-+ * Fixed up comments in #endif directives.
-+ *
-+ * Revision 1.8 1998/10/27 00:34:31 rgb
-+ * Reformat debug output of IP headers.
-+ * Newlines added before calls to ipsec_print_ip.
-+ *
-+ * Revision 1.7 1998/10/19 14:44:28 rgb
-+ * Added inclusion of freeswan.h.
-+ * sa_id structure implemented and used: now includes protocol.
-+ *
-+ * Revision 1.6 1998/10/09 04:31:35 rgb
-+ * Added 'klips_debug' prefix to all klips printk debug statements.
-+ *
-+ * Revision 1.5 1998/08/28 03:09:51 rgb
-+ * Prevent kernel log spam with default route through ipsec.
-+ *
-+ * Revision 1.4 1998/08/05 22:23:09 rgb
-+ * Change setdev return code to ENXIO for a non-existant physical device.
-+ *
-+ * Revision 1.3 1998/07/29 20:41:11 rgb
-+ * Add ipsec_tunnel_clear to clear all tunnel attachments.
-+ *
-+ * Revision 1.2 1998/06/25 20:00:33 rgb
-+ * Clean up #endif comments.
-+ * Rename dev_ipsec to dev_ipsec0 for consistency.
-+ * Document ipsec device fields.
-+ * Make ipsec_tunnel_probe visible from rest of kernel for static linking.
-+ * Get debugging report for *every* ipsec device initialisation.
-+ * Comment out redundant code.
-+ *
-+ * Revision 1.1 1998/06/18 21:27:50 henry
-+ * move sources from klips/src to klips/net/ipsec, to keep stupid
-+ * kernel-build scripts happier in the presence of symlinks
-+ *
-+ * Revision 1.8 1998/06/14 23:49:40 rgb
-+ * Clarify version reporting on module loading.
-+ *
-+ * Revision 1.7 1998/05/27 23:19:20 rgb
-+ * Added version reporting.
-+ *
-+ * Revision 1.6 1998/05/18 21:56:23 rgb
-+ * Clean up for numerical consistency of output and cleaning up debug code.
-+ *
-+ * Revision 1.5 1998/05/12 02:44:23 rgb
-+ * Clarifying 'no e-route to host' message.
-+ *
-+ * Revision 1.4 1998/04/30 15:34:35 rgb
-+ * Enclosed most remaining debugging statements in #ifdef's to make it quieter.
-+ *
-+ * Revision 1.3 1998/04/21 21:28:54 rgb
-+ * Rearrange debug switches to change on the fly debug output from user
-+ * space. Only kernel changes checked in at this time. radij.c was also
-+ * changed to temporarily remove buggy debugging code in rj_delete causing
-+ * an OOPS and hence, netlink device open errors.
-+ *
-+ * Revision 1.2 1998/04/12 22:03:24 rgb
-+ * Updated ESP-3DES-HMAC-MD5-96,
-+ * ESP-DES-HMAC-MD5-96,
-+ * AH-HMAC-MD5-96,
-+ * AH-HMAC-SHA1-96 since Henry started freeswan cvs repository
-+ * from old standards (RFC182[5-9] to new (as of March 1998) drafts.
-+ *
-+ * Fixed eroute references in /proc/net/ipsec*.
-+ *
-+ * Started to patch module unloading memory leaks in ipsec_netlink and
-+ * radij tree unloading.
-+ *
-+ * Revision 1.1 1998/04/09 03:06:12 henry
-+ * sources moved up from linux/net/ipsec
-+ *
-+ * Revision 1.1.1.1 1998/04/08 05:35:04 henry
-+ * RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
-+ *
-+ * Revision 0.5 1997/06/03 04:24:48 ji
-+ * Added transport mode.
-+ * Changed the way routing is done.
-+ * Lots of bug fixes.
-+ *
-+ * Revision 0.4 1997/01/15 01:28:15 ji
-+ * No changes.
-+ *
-+ * Revision 0.3 1996/11/20 14:39:04 ji
-+ * Minor cleanups.
-+ * Rationalized debugging code.
-+ *
-+ * Revision 0.2 1996/11/02 00:18:33 ji
-+ * First limited release.
-+ *
-+ * Local Variables:
-+ * c-style: linux
-+ * End:
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_xform.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,360 @@
-+/*
-+ * Common routines for IPSEC transformations.
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998, 1999, 2000, 2001 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: ipsec_xform.c,v 1.65.2.1 2006/10/06 21:39:26 paul Exp $
-+ */
-+
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "freeswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/interrupt.h> /* mark_bh */
-+
-+#include <linux/netdevice.h> /* struct device, and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+#include <linux/skbuff.h>
-+#include <linux/random.h> /* get_random_bytes() */
-+#include <freeswan.h>
-+#ifdef SPINLOCK
-+# ifdef SPINLOCK_23
-+# include <linux/spinlock.h> /* *lock* */
-+# else /* SPINLOCK_23 */
-+# include <asm/spinlock.h> /* *lock* */
-+# endif /* SPINLOCK_23 */
-+#endif /* SPINLOCK */
-+
-+#include <net/ip.h>
-+
-+#include "freeswan/radij.h"
-+#include "freeswan/ipsec_encap.h"
-+#include "freeswan/ipsec_radij.h"
-+#include "freeswan/ipsec_xform.h"
-+#include "freeswan/ipsec_ipe4.h"
-+#include "freeswan/ipsec_ah.h"
-+#include "freeswan/ipsec_esp.h"
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+int debug_xform = 0;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+#ifdef SPINLOCK
-+spinlock_t tdb_lock = SPIN_LOCK_UNLOCKED;
-+#else /* SPINLOCK */
-+spinlock_t tdb_lock;
-+#endif /* SPINLOCK */
-+
-+/*
-+ * $Log: ipsec_xform.c,v $
-+ * Revision 1.65.2.1 2006/10/06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.65 2005/04/29 05:10:22 mcr
-+ * removed from extraenous includes to make unit testing easier.
-+ *
-+ * Revision 1.64 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.63 2003/10/31 02:27:55 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.62.30.1 2003/10/29 01:30:41 mcr
-+ * elimited "struct sa_id".
-+ *
-+ * Revision 1.62 2002/05/14 02:34:21 rgb
-+ * Delete stale code.
-+ *
-+ * Revision 1.61 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.60 2002/04/24 07:36:33 mcr
-+ * Moved from ./klips/net/ipsec/ipsec_xform.c,v
-+ *
-+ * Revision 1.59 2002/03/29 15:01:36 rgb
-+ * Delete decommissioned code.
-+ *
-+ * Revision 1.58 2002/01/29 17:17:57 mcr
-+ * moved include of ipsec_param.h to after include of linux/kernel.h
-+ * otherwise, it seems that some option that is set in ipsec_param.h
-+ * screws up something subtle in the include path to kernel.h, and
-+ * it complains on the snprintf() prototype.
-+ *
-+ * Revision 1.57 2002/01/29 04:00:53 mcr
-+ * more excise of kversions.h header.
-+ *
-+ * Revision 1.56 2001/11/27 05:17:22 mcr
-+ * turn off the worst of the per-packet debugging.
-+ *
-+ * Revision 1.55 2001/11/26 09:23:50 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.54 2001/10/18 04:45:21 rgb
-+ * 2.4.9 kernel deprecates linux/malloc.h in favour of linux/slab.h,
-+ * lib/freeswan.h version macros moved to lib/kversions.h.
-+ * Other compiler directive cleanups.
-+ *
-+ * Revision 1.53 2001/09/08 21:13:34 rgb
-+ * Added pfkey ident extension support for ISAKMPd. (NetCelo)
-+ *
-+ * Revision 1.52 2001/06/14 19:35:11 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.51 2001/05/30 08:14:03 rgb
-+ * Removed vestiges of esp-null transforms.
-+ *
-+ * Revision 1.50 2001/05/03 19:43:18 rgb
-+ * Initialise error return variable.
-+ * Update SENDERR macro.
-+ * Fix sign of error return code for ipsec_tdbcleanup().
-+ * Use more appropriate return code for ipsec_tdbwipe().
-+ *
-+ * Revision 1.49 2001/04/19 18:56:17 rgb
-+ * Fixed tdb table locking comments.
-+ *
-+ * Revision 1.48 2001/02/27 22:24:55 rgb
-+ * Re-formatting debug output (line-splitting, joining, 1arg/line).
-+ * Check for satoa() return codes.
-+ *
-+ * Revision 1.47 2000/11/06 04:32:08 rgb
-+ * Ditched spin_lock_irqsave in favour of spin_lock_bh.
-+ *
-+ * Revision 1.46 2000/09/20 16:21:57 rgb
-+ * Cleaned up ident string alloc/free.
-+ *
-+ * Revision 1.45 2000/09/08 19:16:51 rgb
-+ * Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
-+ * Removed all references to CONFIG_IPSEC_PFKEYv2.
-+ *
-+ * Revision 1.44 2000/08/30 05:29:04 rgb
-+ * Compiler-define out no longer used tdb_init() in ipsec_xform.c.
-+ *
-+ * Revision 1.43 2000/08/18 21:30:41 rgb
-+ * Purged all tdb_spi, tdb_proto and tdb_dst macros. They are unclear.
-+ *
-+ * Revision 1.42 2000/08/01 14:51:51 rgb
-+ * Removed _all_ remaining traces of DES.
-+ *
-+ * Revision 1.41 2000/07/28 14:58:31 rgb
-+ * Changed kfree_s to kfree, eliminating extra arg to fix 2.4.0-test5.
-+ *
-+ * Revision 1.40 2000/06/28 05:50:11 rgb
-+ * Actually set iv_bits.
-+ *
-+ * Revision 1.39 2000/05/10 23:11:09 rgb
-+ * Added netlink debugging output.
-+ * Added a cast to quiet down the ntohl bug.
-+ *
-+ * Revision 1.38 2000/05/10 19:18:42 rgb
-+ * Cast output of ntohl so that the broken prototype doesn't make our
-+ * compile noisy.
-+ *
-+ * Revision 1.37 2000/03/16 14:04:59 rgb
-+ * Hardwired CONFIG_IPSEC_PFKEYv2 on.
-+ *
-+ * Revision 1.36 2000/01/26 10:11:28 rgb
-+ * Fixed spacing in error text causing run-in words.
-+ *
-+ * Revision 1.35 2000/01/21 06:17:16 rgb
-+ * Tidied up compiler directive indentation for readability.
-+ * Added ictx,octx vars for simplification.(kravietz)
-+ * Added macros for HMAC padding magic numbers.(kravietz)
-+ * Fixed missing key length reporting bug.
-+ * Fixed bug in tdbwipe to return immediately on NULL tdbp passed in.
-+ *
-+ * Revision 1.34 1999/12/08 00:04:19 rgb
-+ * Fixed SA direction overwriting bug for netlink users.
-+ *
-+ * Revision 1.33 1999/12/01 22:16:44 rgb
-+ * Minor formatting changes in ESP MD5 initialisation.
-+ *
-+ * Revision 1.32 1999/11/25 09:06:36 rgb
-+ * Fixed error return messages, should be returning negative numbers.
-+ * Implemented SENDERR macro for propagating error codes.
-+ * Added debug message and separate error code for algorithms not compiled
-+ * in.
-+ *
-+ * Revision 1.31 1999/11/23 23:06:26 rgb
-+ * Sort out pfkey and freeswan headers, putting them in a library path.
-+ *
-+ * Revision 1.30 1999/11/18 04:09:20 rgb
-+ * Replaced all kernel version macros to shorter, readable form.
-+ *
-+ * Revision 1.29 1999/11/17 15:53:40 rgb
-+ * Changed all occurrences of #include "../../../lib/freeswan.h"
-+ * to #include <freeswan.h> which works due to -Ilibfreeswan in the
-+ * klips/net/ipsec/Makefile.
-+ *
-+ * Revision 1.28 1999/10/18 20:04:01 rgb
-+ * Clean-out unused cruft.
-+ *
-+ * Revision 1.27 1999/10/03 19:01:03 rgb
-+ * Spinlock support for 2.3.xx and 2.0.xx kernels.
-+ *
-+ * Revision 1.26 1999/10/01 16:22:24 rgb
-+ * Switch from assignment init. to functional init. of spinlocks.
-+ *
-+ * Revision 1.25 1999/10/01 15:44:54 rgb
-+ * Move spinlock header include to 2.1> scope.
-+ *
-+ * Revision 1.24 1999/10/01 00:03:46 rgb
-+ * Added tdb structure locking.
-+ * Minor formatting changes.
-+ * Add function to initialize tdb hash table.
-+ *
-+ * Revision 1.23 1999/05/25 22:42:12 rgb
-+ * Add deltdbchain() debugging.
-+ *
-+ * Revision 1.22 1999/05/25 21:24:31 rgb
-+ * Add debugging statements to deltdbchain().
-+ *
-+ * Revision 1.21 1999/05/25 03:51:48 rgb
-+ * Refix error return code.
-+ *
-+ * Revision 1.20 1999/05/25 03:34:07 rgb
-+ * Fix error return for flush.
-+ *
-+ * Revision 1.19 1999/05/09 03:25:37 rgb
-+ * Fix bug introduced by 2.2 quick-and-dirty patch.
-+ *
-+ * Revision 1.18 1999/05/05 22:02:32 rgb
-+ * Add a quick and dirty port to 2.2 kernels by Marc Boucher <marc@mbsi.ca>.
-+ *
-+ * Revision 1.17 1999/04/29 15:20:16 rgb
-+ * Change gettdb parameter to a pointer to reduce stack loading and
-+ * facilitate parameter sanity checking.
-+ * Add sanity checking for null pointer arguments.
-+ * Add debugging instrumentation.
-+ * Add function deltdbchain() which will take care of unlinking,
-+ * zeroing and deleting a chain of tdbs.
-+ * Add a parameter to tdbcleanup to be able to delete a class of SAs.
-+ * tdbwipe now actually zeroes the tdb as well as any of its pointed
-+ * structures.
-+ *
-+ * Revision 1.16 1999/04/16 15:36:29 rgb
-+ * Fix cut-and-paste error causing a memory leak in IPIP TDB freeing.
-+ *
-+ * Revision 1.15 1999/04/11 00:29:01 henry
-+ * GPL boilerplate
-+ *
-+ * Revision 1.14 1999/04/06 04:54:28 rgb
-+ * Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+ * patch shell fixes.
-+ *
-+ * Revision 1.13 1999/02/19 18:23:01 rgb
-+ * Nix debug off compile warning.
-+ *
-+ * Revision 1.12 1999/02/17 16:52:16 rgb
-+ * Consolidate satoa()s for space and speed efficiency.
-+ * Convert DEBUG_IPSEC to KLIPS_PRINT
-+ * Clean out unused cruft.
-+ * Ditch NET_IPIP dependancy.
-+ * Loop for 3des key setting.
-+ *
-+ * Revision 1.11 1999/01/26 02:09:05 rgb
-+ * Remove ah/esp/IPIP switching on include files.
-+ * Removed CONFIG_IPSEC_ALGO_SWITCH macro.
-+ * Removed dead code.
-+ * Clean up debug code when switched off.
-+ * Remove references to INET_GET_PROTOCOL.
-+ * Added code exclusion macros to reduce code from unused algorithms.
-+ *
-+ * Revision 1.10 1999/01/22 06:28:55 rgb
-+ * Cruft clean-out.
-+ * Put random IV generation in kernel.
-+ * Added algorithm switch code.
-+ * Enhanced debugging.
-+ * 64-bit clean-up.
-+ *
-+ * Revision 1.9 1998/11/30 13:22:55 rgb
-+ * Rationalised all the klips kernel file headers. They are much shorter
-+ * now and won't conflict under RH5.2.
-+ *
-+ * Revision 1.8 1998/11/25 04:59:06 rgb
-+ * Add conditionals for no IPIP tunnel code.
-+ * Delete commented out code.
-+ *
-+ * Revision 1.7 1998/10/31 06:50:41 rgb
-+ * Convert xform ASCII names to no spaces.
-+ * Fixed up comments in #endif directives.
-+ *
-+ * Revision 1.6 1998/10/19 14:44:28 rgb
-+ * Added inclusion of freeswan.h.
-+ * sa_id structure implemented and used: now includes protocol.
-+ *
-+ * Revision 1.5 1998/10/09 04:32:19 rgb
-+ * Added 'klips_debug' prefix to all klips printk debug statements.
-+ *
-+ * Revision 1.4 1998/08/12 00:11:31 rgb
-+ * Added new xform functions to the xform table.
-+ * Fixed minor debug output spelling error.
-+ *
-+ * Revision 1.3 1998/07/09 17:45:31 rgb
-+ * Clarify algorithm not available message.
-+ *
-+ * Revision 1.2 1998/06/23 03:00:51 rgb
-+ * Check for presence of IPIP protocol if it is setup one way (we don't
-+ * know what has been set up the other way and can only assume it will be
-+ * symmetrical with the exception of keys).
-+ *
-+ * Revision 1.1 1998/06/18 21:27:51 henry
-+ * move sources from klips/src to klips/net/ipsec, to keep stupid
-+ * kernel-build scripts happier in the presence of symlinks
-+ *
-+ * Revision 1.3 1998/06/11 05:54:59 rgb
-+ * Added transform version string pointer to xformsw initialisations.
-+ *
-+ * Revision 1.2 1998/04/21 21:28:57 rgb
-+ * Rearrange debug switches to change on the fly debug output from user
-+ * space. Only kernel changes checked in at this time. radij.c was also
-+ * changed to temporarily remove buggy debugging code in rj_delete causing
-+ * an OOPS and hence, netlink device open errors.
-+ *
-+ * Revision 1.1 1998/04/09 03:06:13 henry
-+ * sources moved up from linux/net/ipsec
-+ *
-+ * Revision 1.1.1.1 1998/04/08 05:35:02 henry
-+ * RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
-+ *
-+ * Revision 0.5 1997/06/03 04:24:48 ji
-+ * Added ESP-3DES-MD5-96
-+ *
-+ * Revision 0.4 1997/01/15 01:28:15 ji
-+ * Added new transforms.
-+ *
-+ * Revision 0.3 1996/11/20 14:39:04 ji
-+ * Minor cleanups.
-+ * Rationalized debugging code.
-+ *
-+ * Revision 0.2 1996/11/02 00:18:33 ji
-+ * First limited release.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ipsec_xmit.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,1855 @@
-+/*
-+ * IPSEC Transmit code.
-+ * Copyright (C) 1996, 1997 John Ioannidis.
-+ * Copyright (C) 1998-2003 Richard Guy Briggs.
-+ * Copyright (C) 2004-2005 Michael Richardson <mcr@xelerance.com>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ */
-+
-+char ipsec_xmit_c_version[] = "RCSID $Id: ipsec_xmit.c,v 1.20.2.9 2007/07/06 17:18:43 paul Exp $";
-+
-+#define __NO_VERSION__
-+#include <linux/module.h>
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif /* for CONFIG_IP_FORWARD */
-+#include <linux/version.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "openswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/interrupt.h> /* mark_bh */
-+
-+#include <linux/netdevice.h> /* struct device, struct net_device_stats, dev_queue_xmit() and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+#include <linux/tcp.h> /* struct tcphdr */
-+#include <linux/udp.h> /* struct udphdr */
-+#include <linux/skbuff.h>
-+#include <asm/uaccess.h>
-+#include <asm/checksum.h>
-+#include <openswan.h>
-+#ifdef NET_21
-+# define MSS_HACK_ /* experimental */
-+# include <linux/in6.h>
-+# include <net/dst.h>
-+# define proto_priv cb
-+#endif /* NET_21 */
-+
-+#include <net/icmp.h> /* icmp_send() */
-+#include <net/ip.h>
-+#ifdef NETDEV_23
-+# include <linux/netfilter_ipv4.h>
-+#endif /* NETDEV_23 */
-+
-+#include <linux/if_arp.h>
-+#ifdef MSS_HACK
-+# include <net/tcp.h> /* TCP options */
-+#endif /* MSS_HACK */
-+
-+#include "openswan/radij.h"
-+#include "openswan/ipsec_life.h"
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_eroute.h"
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_radij.h"
-+#include "openswan/ipsec_xmit.h"
-+#include "openswan/ipsec_sa.h"
-+#include "openswan/ipsec_tunnel.h"
-+#include "openswan/ipsec_ipe4.h"
-+#include "openswan/ipsec_ah.h"
-+#include "openswan/ipsec_esp.h"
-+
-+#ifdef CONFIG_KLIPS_IPCOMP
-+#include "openswan/ipcomp.h"
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+#include "openswan/ipsec_proto.h"
-+#include "openswan/ipsec_alg.h"
-+
-+
-+/*
-+ * Stupid kernel API differences in APIs. Not only do some
-+ * kernels not have ip_select_ident, but some have differing APIs,
-+ * and SuSE has one with one parameter, but no way of checking to
-+ * see what is really what.
-+ */
-+
-+#ifdef SUSE_LINUX_2_4_19_IS_STUPID
-+#define KLIPS_IP_SELECT_IDENT(iph, skb) ip_select_ident(iph)
-+#else
-+
-+/* simplest case, nothing */
-+#if !defined(IP_SELECT_IDENT)
-+#define KLIPS_IP_SELECT_IDENT(iph, skb) do { iph->id = htons(ip_id_count++); } while(0)
-+#endif
-+
-+/* kernels > 2.3.37-ish */
-+#if defined(IP_SELECT_IDENT) && !defined(IP_SELECT_IDENT_NEW)
-+#define KLIPS_IP_SELECT_IDENT(iph, skb) ip_select_ident(iph, skb->dst)
-+#endif
-+
-+/* kernels > 2.4.2 */
-+#if defined(IP_SELECT_IDENT) && defined(IP_SELECT_IDENT_NEW)
-+#define KLIPS_IP_SELECT_IDENT(iph, skb) ip_select_ident(iph, skb->dst, NULL)
-+#endif
-+
-+#endif /* SUSE_LINUX_2_4_19_IS_STUPID */
-+
-+
-+
-+#if defined(CONFIG_KLIPS_AH)
-+static __u32 zeroes[64];
-+#endif
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+int sysctl_ipsec_debug_verbose = 0;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+int ipsec_xmit_trap_count = 0;
-+int ipsec_xmit_trap_sendcount = 0;
-+
-+int sysctl_ipsec_icmp = 0;
-+int sysctl_ipsec_tos = 0;
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+#define dmp(_x,_y,_z) if(debug_tunnel) ipsec_dmp_block(_x,_y,_z)
-+#else /* CONFIG_KLIPS_DEBUG */
-+#define dmp(_x, _y, _z)
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+
-+#if !defined(SKB_COPY_EXPAND) || defined(KLIPS_UNIT_TESTS)
-+/*
-+ * This is mostly skbuff.c:skb_copy().
-+ */
-+struct sk_buff *
-+skb_copy_expand(const struct sk_buff *skb, int headroom,
-+ int tailroom, int priority)
-+{
-+ struct sk_buff *n;
-+ unsigned long offset;
-+
-+ /*
-+ * Do sanity checking
-+ */
-+ if((headroom < 0) || (tailroom < 0) || ((headroom+tailroom) < 0)) {
-+ printk(KERN_WARNING
-+ "klips_error:skb_copy_expand: "
-+ "Illegal negative head,tailroom %d,%d\n",
-+ headroom,
-+ tailroom);
-+ return NULL;
-+ }
-+ /*
-+ * Allocate the copy buffer
-+ */
-+
-+#ifndef NET_21
-+ IS_SKB(skb);
-+#endif /* !NET_21 */
-+
-+
-+ n=alloc_skb(skb->end - skb->head + headroom + tailroom, priority);
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:skb_copy_expand: "
-+ "allocating %d bytes, head=0p%p data=0p%p tail=0p%p end=0p%p end-head=%d tail-data=%d\n",
-+ skb->end - skb->head + headroom + tailroom,
-+ skb->head,
-+ skb->data,
-+ skb->tail,
-+ skb->end,
-+ skb->end - skb->head,
-+ skb->tail - skb->data);
-+
-+ if(n==NULL)
-+ return NULL;
-+
-+ /*
-+ * Shift between the two data areas in bytes
-+ */
-+
-+ /* Set the data pointer */
-+ skb_reserve(n,skb->data-skb->head+headroom);
-+ /* Set the tail pointer and length */
-+ if(skb_tailroom(n) < skb->len) {
-+ printk(KERN_WARNING "klips_error:skb_copy_expand: "
-+ "tried to skb_put %ld, %d available. This should never happen, please report.\n",
-+ (unsigned long int)skb->len,
-+ skb_tailroom(n));
-+ ipsec_kfree_skb(n);
-+ return NULL;
-+ }
-+ skb_put(n,skb->len);
-+
-+ offset=n->head + headroom - skb->head;
-+
-+ /* Copy the bytes */
-+ memcpy(n->head + headroom, skb->head,skb->end-skb->head);
-+#ifdef NET_21
-+ n->csum=skb->csum;
-+ n->priority=skb->priority;
-+ n->dst=dst_clone(skb->dst);
-+ if(skb->nh.raw)
-+ n->nh.raw=skb->nh.raw+offset;
-+#ifndef NETDEV_23
-+ n->is_clone=0;
-+#endif /* NETDEV_23 */
-+ atomic_set(&n->users, 1);
-+ n->destructor = NULL;
-+#ifdef HAVE_SOCK_SECURITY
-+ n->security=skb->security;
-+#endif
-+#else /* NET_21 */
-+ n->link3=NULL;
-+ n->when=skb->when;
-+ if(skb->ip_hdr)
-+ n->ip_hdr=(struct iphdr *)(((char *)skb->ip_hdr)+offset);
-+ n->saddr=skb->saddr;
-+ n->daddr=skb->daddr;
-+ n->raddr=skb->raddr;
-+ n->seq=skb->seq;
-+ n->end_seq=skb->end_seq;
-+ n->ack_seq=skb->ack_seq;
-+ n->acked=skb->acked;
-+ n->free=1;
-+ n->arp=skb->arp;
-+ n->tries=0;
-+ n->lock=0;
-+ n->users=0;
-+#endif /* NET_21 */
-+ n->protocol=skb->protocol;
-+ n->list=NULL;
-+ n->sk=NULL;
-+ n->dev=skb->dev;
-+ if(skb->h.raw)
-+ n->h.raw=skb->h.raw+offset;
-+ if(skb->mac.raw)
-+ n->mac.raw=skb->mac.raw+offset;
-+ memcpy(n->proto_priv, skb->proto_priv, sizeof(skb->proto_priv));
-+#ifndef NETDEV_23
-+ n->used=skb->used;
-+#endif /* !NETDEV_23 */
-+ n->pkt_type=skb->pkt_type;
-+ n->stamp=skb->stamp;
-+
-+#ifndef NET_21
-+ IS_SKB(n);
-+#endif /* !NET_21 */
-+ return n;
-+}
-+#endif /* !SKB_COPY_EXPAND */
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+void
-+ipsec_print_ip(struct iphdr *ip)
-+{
-+ char buf[ADDRTOA_BUF];
-+
-+ printk(KERN_INFO "klips_debug: IP:");
-+ printk(" ihl:%d", ip->ihl << 2);
-+ printk(" ver:%d", ip->version);
-+ printk(" tos:%d", ip->tos);
-+ printk(" tlen:%d", ntohs(ip->tot_len));
-+ printk(" id:%d", ntohs(ip->id));
-+ printk(" %s%s%sfrag_off:%d",
-+ ip->frag_off & __constant_htons(IP_CE) ? "CE " : "",
-+ ip->frag_off & __constant_htons(IP_DF) ? "DF " : "",
-+ ip->frag_off & __constant_htons(IP_MF) ? "MF " : "",
-+ (ntohs(ip->frag_off) & IP_OFFSET) << 3);
-+ printk(" ttl:%d", ip->ttl);
-+ printk(" proto:%d", ip->protocol);
-+ if(ip->protocol == IPPROTO_UDP)
-+ printk(" (UDP)");
-+ if(ip->protocol == IPPROTO_TCP)
-+ printk(" (TCP)");
-+ if(ip->protocol == IPPROTO_ICMP)
-+ printk(" (ICMP)");
-+ if(ip->protocol == IPPROTO_ESP)
-+ printk(" (ESP)");
-+ if(ip->protocol == IPPROTO_AH)
-+ printk(" (AH)");
-+ if(ip->protocol == IPPROTO_COMP)
-+ printk(" (COMP)");
-+ printk(" chk:%d", ntohs(ip->check));
-+ addrtoa(*((struct in_addr*)(&ip->saddr)), 0, buf, sizeof(buf));
-+ printk(" saddr:%s", buf);
-+ if(ip->protocol == IPPROTO_UDP)
-+ printk(":%d",
-+ ntohs(((struct udphdr*)((caddr_t)ip + (ip->ihl << 2)))->source));
-+ if(ip->protocol == IPPROTO_TCP)
-+ printk(":%d",
-+ ntohs(((struct tcphdr*)((caddr_t)ip + (ip->ihl << 2)))->source));
-+ addrtoa(*((struct in_addr*)(&ip->daddr)), 0, buf, sizeof(buf));
-+ printk(" daddr:%s", buf);
-+ if(ip->protocol == IPPROTO_UDP)
-+ printk(":%d",
-+ ntohs(((struct udphdr*)((caddr_t)ip + (ip->ihl << 2)))->dest));
-+ if(ip->protocol == IPPROTO_TCP)
-+ printk(":%d",
-+ ntohs(((struct tcphdr*)((caddr_t)ip + (ip->ihl << 2)))->dest));
-+ if(ip->protocol == IPPROTO_ICMP)
-+ printk(" type:code=%d:%d",
-+ ((struct icmphdr*)((caddr_t)ip + (ip->ihl << 2)))->type,
-+ ((struct icmphdr*)((caddr_t)ip + (ip->ihl << 2)))->code);
-+ printk("\n");
-+
-+ if(sysctl_ipsec_debug_verbose) {
-+ __u8 *c;
-+ int len = ntohs(ip->tot_len) - ip->ihl*4;
-+
-+ c = ((__u8*)ip) + ip->ihl*4;
-+ ipsec_dmp_block("ip_print", c, len);
-+ }
-+}
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+#ifdef MSS_HACK
-+/*
-+ * Issues:
-+ * 1) Fragments arriving in the tunnel should probably be rejected.
-+ * 2) How does this affect syncookies, mss_cache, dst cache ?
-+ * 3) Path MTU discovery handling needs to be reviewed. For example,
-+ * if we receive an ICMP 'packet too big' message from an intermediate
-+ * router specifying it's next hop MTU, our stack may process this and
-+ * adjust the MSS without taking our AH/ESP overheads into account.
-+ */
-+
-+
-+/*
-+ * Recaclulate checksum using differences between changed datum,
-+ * borrowed from netfilter.
-+ */
-+DEBUG_NO_STATIC u_int16_t
-+ipsec_fast_csum(u_int32_t oldvalinv, u_int32_t newval, u_int16_t oldcheck)
-+{
-+ u_int32_t diffs[] = { oldvalinv, newval };
-+ return csum_fold(csum_partial((char *)diffs, sizeof(diffs),
-+ oldcheck^0xFFFF));
-+}
-+
-+/*
-+ * Determine effective MSS.
-+ *
-+ * Note that we assume that there is always an MSS option for our own
-+ * SYN segments, which is mentioned in tcp_syn_build_options(), kernel 2.2.x.
-+ * This could change, and we should probably parse TCP options instead.
-+ *
-+ */
-+DEBUG_NO_STATIC u_int8_t
-+ipsec_adjust_mss(struct sk_buff *skb, struct tcphdr *tcph, u_int16_t mtu)
-+{
-+ u_int16_t oldmss, newmss;
-+ u_int32_t *mssp;
-+ struct sock *sk = skb->sk;
-+
-+ newmss = tcp_sync_mss(sk, mtu);
-+ printk(KERN_INFO "klips: setting mss to %u\n", newmss);
-+ mssp = (u_int32_t *)tcph + sizeof(struct tcphdr) / sizeof(u_int32_t);
-+ oldmss = ntohl(*mssp) & 0x0000FFFF;
-+ *mssp = htonl((TCPOPT_MSS << 24) | (TCPOLEN_MSS << 16) | newmss);
-+ tcph->check = ipsec_fast_csum(htons(~oldmss),
-+ htons(newmss), tcph->check);
-+ return 1;
-+}
-+#endif /* MSS_HACK */
-+
-+/*
-+ * Sanity checks
-+ */
-+enum ipsec_xmit_value
-+ipsec_xmit_sanity_check_dev(struct ipsec_xmit_state *ixs)
-+{
-+
-+ if (ixs->dev == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_error:ipsec_xmit_sanity_check_dev: "
-+ "No device associated with skb!\n" );
-+ return IPSEC_XMIT_NODEV;
-+ }
-+
-+ ixs->prv = ixs->dev->priv;
-+ if (ixs->prv == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_error:ipsec_xmit_sanity_check_dev: "
-+ "Device has no private structure!\n" );
-+ return IPSEC_XMIT_NOPRIVDEV;
-+ }
-+
-+ ixs->physdev = ixs->prv->dev;
-+ if (ixs->physdev == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_error:ipsec_xmit_sanity_check_dev: "
-+ "Device is not attached to physical device!\n" );
-+ return IPSEC_XMIT_NOPHYSDEV;
-+ }
-+
-+ ixs->physmtu = ixs->physdev->mtu;
-+ ixs->cur_mtu = ixs->physdev->mtu;
-+ ixs->stats = (struct net_device_stats *) &(ixs->prv->mystats);
-+
-+ return IPSEC_XMIT_OK;
-+}
-+
-+enum ipsec_xmit_value
-+ipsec_xmit_sanity_check_skb(struct ipsec_xmit_state *ixs)
-+{
-+ /*
-+ * Return if there is nothing to do. (Does this ever happen?) XXX
-+ */
-+ if (ixs->skb == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_error:ipsec_xmit_sanity_check_skb: "
-+ "Nothing to do!\n" );
-+ return IPSEC_XMIT_NOSKB;
-+ }
-+
-+ /* if skb was cloned (most likely due to a packet sniffer such as
-+ tcpdump being momentarily attached to the interface), make
-+ a copy of our own to modify */
-+ if(skb_cloned(ixs->skb)) {
-+ if
-+#ifdef SKB_COW_NEW
-+ (skb_cow(ixs->skb, skb_headroom(ixs->skb)) != 0)
-+#else /* SKB_COW_NEW */
-+ ((ixs->skb = skb_cow(ixs->skb, skb_headroom(ixs->skb))) == NULL)
-+#endif /* SKB_COW_NEW */
-+ {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_error:ipsec_xmit_sanity_check_skb: "
-+ "skb_cow failed to allocate buffer, dropping.\n" );
-+ ixs->stats->tx_dropped++;
-+ return IPSEC_XMIT_ERRSKBALLOC;
-+ }
-+ }
-+
-+ ixs->iph = ixs->skb->nh.iph;
-+
-+ /* sanity check for IP version as we can't handle IPv6 right now */
-+ if (ixs->iph->version != 4) {
-+ KLIPS_PRINT(debug_tunnel,
-+ "klips_debug:ipsec_xmit_sanity_check_skb: "
-+ "found IP Version %d but cannot process other IP versions than v4.\n",
-+ ixs->iph->version); /* XXX */
-+ ixs->stats->tx_dropped++;
-+ return IPSEC_XMIT_NOIPV6;
-+ }
-+
-+#if IPSEC_DISALLOW_IPOPTIONS
-+ if ((ixs->iph->ihl << 2) != sizeof (struct iphdr)) {
-+ KLIPS_PRINT(debug_tunnel,
-+ "klips_debug:ipsec_xmit_sanity_check_skb: "
-+ "cannot process IP header options yet. May be mal-formed packet.\n"); /* XXX */
-+ ixs->stats->tx_dropped++;
-+ return IPSEC_XMIT_NOIPOPTIONS;
-+ }
-+#endif /* IPSEC_DISALLOW_IPOPTIONS */
-+
-+#ifndef NET_21
-+ if (ixs->iph->ttl <= 0) {
-+ /* Tell the sender its packet died... */
-+ ICMP_SEND(ixs->skb, ICMP_TIME_EXCEEDED, ICMP_EXC_TTL, 0, ixs->physdev);
-+
-+ KLIPS_PRINT(debug_tunnel, "klips_debug:ipsec_xmit_sanity_check_skb: "
-+ "TTL=0, too many hops!\n");
-+ ixs->stats->tx_dropped++;
-+ return IPSEC_XMIT_TTLEXPIRED;
-+ }
-+#endif /* !NET_21 */
-+
-+ return IPSEC_XMIT_OK;
-+}
-+
-+enum ipsec_xmit_value
-+ipsec_xmit_encap_once(struct ipsec_xmit_state *ixs)
-+{
-+#ifdef CONFIG_KLIPS_ESP
-+ struct esphdr *espp;
-+ unsigned char *idat, *pad;
-+ int authlen = 0, padlen = 0, i;
-+#endif /* !CONFIG_KLIPS_ESP */
-+#ifdef CONFIG_KLIPS_AH
-+ struct iphdr ipo;
-+ struct ahhdr *ahp;
-+#endif /* CONFIG_KLIPS_AH */
-+#if defined(CONFIG_KLIPS_AUTH_HMAC_MD5) || defined(CONFIG_KLIPS_AUTH_HMAC_SHA1)
-+ union {
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_MD5
-+ MD5_CTX md5;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_MD5 */
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_SHA1
-+ SHA1_CTX sha1;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_SHA1 */
-+ } tctx;
-+ __u8 hash[AH_AMAX];
-+#endif /* defined(CONFIG_KLIPS_AUTH_HMAC_MD5) || defined(CONFIG_KLIPS_AUTH_HMACn_SHA1) */
-+ int headroom = 0, tailroom = 0, ilen = 0, len = 0;
-+ unsigned char *dat;
-+ int blocksize = 8; /* XXX: should be inside ixs --jjo */
-+ struct ipsec_alg_enc *ixt_e = NULL;
-+ struct ipsec_alg_auth *ixt_a = NULL;
-+
-+ ixs->iphlen = ixs->iph->ihl << 2;
-+ ixs->pyldsz = ntohs(ixs->iph->tot_len) - ixs->iphlen;
-+ ixs->sa_len = satot(&ixs->ipsp->ips_said, 0, ixs->sa_txt, SATOT_BUF);
-+ KLIPS_PRINT(debug_tunnel & DB_TN_OXFS,
-+ "klips_debug:ipsec_xmit_encap_once: "
-+ "calling output for <%s%s%s>, SA:%s\n",
-+ IPS_XFORM_NAME(ixs->ipsp),
-+ ixs->sa_len ? ixs->sa_txt : " (error)");
-+
-+ switch(ixs->ipsp->ips_said.proto) {
-+#ifdef CONFIG_KLIPS_AH
-+ case IPPROTO_AH:
-+ headroom += sizeof(struct ahhdr);
-+ break;
-+#endif /* CONFIG_KLIPS_AH */
-+
-+#ifdef CONFIG_KLIPS_ESP
-+ case IPPROTO_ESP:
-+ ixt_e=ixs->ipsp->ips_alg_enc;
-+ if (ixt_e) {
-+ blocksize = ixt_e->ixt_common.ixt_blocksize;
-+ headroom += ESP_HEADER_LEN + ixt_e->ixt_common.ixt_support.ias_ivlen/8;
-+ } else {
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_ESP_BADALG;
-+ }
-+
-+ ixt_a=ixs->ipsp->ips_alg_auth;
-+ if (ixt_a) {
-+ tailroom += AHHMAC_HASHLEN;
-+ authlen = AHHMAC_HASHLEN;
-+ } else
-+ switch(ixs->ipsp->ips_authalg) {
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_MD5
-+ case AH_MD5:
-+ authlen = AHHMAC_HASHLEN;
-+ break;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_MD5 */
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_SHA1
-+ case AH_SHA:
-+ authlen = AHHMAC_HASHLEN;
-+ break;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_SHA1 */
-+ case AH_NONE:
-+ break;
-+ default:
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_ESP_BADALG;
-+ }
-+ tailroom += blocksize != 1 ?
-+ ((blocksize - ((ixs->pyldsz + 2) % blocksize)) % blocksize) + 2 :
-+ ((4 - ((ixs->pyldsz + 2) % 4)) % 4) + 2;
-+ tailroom += authlen;
-+ break;
-+#endif /* CONFIG_KLIPS_ESP */
-+
-+#ifdef CONFIG_KLIPS_IPIP
-+ case IPPROTO_IPIP:
-+ headroom += sizeof(struct iphdr);
-+ ixs->iphlen = sizeof(struct iphdr);
-+ break;
-+#endif /* !CONFIG_KLIPS_IPIP */
-+
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ case IPPROTO_COMP:
-+ break;
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+
-+ default:
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_BADPROTO;
-+ }
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_encap_once: "
-+ "pushing %d bytes, putting %d, proto %d.\n",
-+ headroom, tailroom, ixs->ipsp->ips_said.proto);
-+ if(skb_headroom(ixs->skb) < headroom) {
-+ printk(KERN_WARNING
-+ "klips_error:ipsec_xmit_encap_once: "
-+ "tried to skb_push headroom=%d, %d available. This should never happen, please report.\n",
-+ headroom, skb_headroom(ixs->skb));
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_ESP_PUSHPULLERR;
-+ }
-+
-+ dat = skb_push(ixs->skb, headroom);
-+ ilen = ixs->skb->len - tailroom;
-+ if(skb_tailroom(ixs->skb) < tailroom) {
-+ printk(KERN_WARNING
-+ "klips_error:ipsec_xmit_encap_once: "
-+ "tried to skb_put %d, %d available. This should never happen, please report.\n",
-+ tailroom, skb_tailroom(ixs->skb));
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_ESP_PUSHPULLERR;
-+ }
-+ skb_put(ixs->skb, tailroom);
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_encap_once: "
-+ "head,tailroom: %d,%d before xform.\n",
-+ skb_headroom(ixs->skb), skb_tailroom(ixs->skb));
-+ len = ixs->skb->len;
-+ if(len > 0xfff0) {
-+ printk(KERN_WARNING "klips_error:ipsec_xmit_encap_once: "
-+ "tot_len (%d) > 65520. This should never happen, please report.\n",
-+ len);
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_BADLEN;
-+ }
-+ memmove((void *)dat, (void *)(dat + headroom), ixs->iphlen);
-+ ixs->iph = (struct iphdr *)dat;
-+ ixs->iph->tot_len = htons(ixs->skb->len);
-+
-+ switch(ixs->ipsp->ips_said.proto) {
-+#ifdef CONFIG_KLIPS_ESP
-+ case IPPROTO_ESP:
-+ espp = (struct esphdr *)(dat + ixs->iphlen);
-+ espp->esp_spi = ixs->ipsp->ips_said.spi;
-+ espp->esp_rpl = htonl(++(ixs->ipsp->ips_replaywin_lastseq));
-+
-+ if (!ixt_e) {
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_ESP_BADALG;
-+ }
-+
-+ idat = dat + ixs->iphlen + headroom;
-+ ilen = len - (ixs->iphlen + headroom + authlen);
-+
-+ /* Self-describing padding */
-+ pad = &dat[len - tailroom];
-+ padlen = tailroom - 2 - authlen;
-+ for (i = 0; i < padlen; i++) {
-+ pad[i] = i + 1;
-+ }
-+ dat[len - authlen - 2] = padlen;
-+
-+ dat[len - authlen - 1] = ixs->iph->protocol;
-+ ixs->iph->protocol = IPPROTO_ESP;
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(debug_tunnel & DB_TN_ENCAP) {
-+ dmp("pre-encrypt", dat, len);
-+ }
-+#endif
-+
-+ /*
-+ * Do all operations here:
-+ * copy IV->ESP, encrypt, update ips IV
-+ *
-+ */
-+ {
-+ int ret;
-+ memcpy(espp->esp_iv,
-+ ixs->ipsp->ips_iv,
-+ ixs->ipsp->ips_iv_size);
-+ ret=ipsec_alg_esp_encrypt(ixs->ipsp,
-+ idat, ilen, espp->esp_iv,
-+ IPSEC_ALG_ENCRYPT);
-+
-+ prng_bytes(&ipsec_prng,
-+ (char *)ixs->ipsp->ips_iv,
-+ ixs->ipsp->ips_iv_size);
-+ }
-+
-+ if (ixt_a) {
-+ ipsec_alg_sa_esp_hash(ixs->ipsp,
-+ (caddr_t)espp, len - ixs->iphlen - authlen,
-+ &(dat[len - authlen]), authlen);
-+
-+ } else
-+ switch(ixs->ipsp->ips_authalg) {
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_MD5
-+ case AH_MD5:
-+ dmp("espp", (char*)espp, len - ixs->iphlen - authlen);
-+ tctx.md5 = ((struct md5_ctx*)(ixs->ipsp->ips_key_a))->ictx;
-+ dmp("ictx", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Update(&tctx.md5, (caddr_t)espp, len - ixs->iphlen - authlen);
-+ dmp("ictx+dat", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Final(hash, &tctx.md5);
-+ dmp("ictx hash", (char*)&hash, sizeof(hash));
-+ tctx.md5 = ((struct md5_ctx*)(ixs->ipsp->ips_key_a))->octx;
-+ dmp("octx", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Update(&tctx.md5, hash, AHMD596_ALEN);
-+ dmp("octx+hash", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Final(hash, &tctx.md5);
-+ dmp("octx hash", (char*)&hash, sizeof(hash));
-+ memcpy(&(dat[len - authlen]), hash, authlen);
-+
-+ /* paranoid */
-+ memset((caddr_t)&tctx.md5, 0, sizeof(tctx.md5));
-+ memset((caddr_t)hash, 0, sizeof(*hash));
-+ break;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_MD5 */
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_SHA1
-+ case AH_SHA:
-+ tctx.sha1 = ((struct sha1_ctx*)(ixs->ipsp->ips_key_a))->ictx;
-+ SHA1Update(&tctx.sha1, (caddr_t)espp, len - ixs->iphlen - authlen);
-+ SHA1Final(hash, &tctx.sha1);
-+ tctx.sha1 = ((struct sha1_ctx*)(ixs->ipsp->ips_key_a))->octx;
-+ SHA1Update(&tctx.sha1, hash, AHSHA196_ALEN);
-+ SHA1Final(hash, &tctx.sha1);
-+ memcpy(&(dat[len - authlen]), hash, authlen);
-+
-+ /* paranoid */
-+ memset((caddr_t)&tctx.sha1, 0, sizeof(tctx.sha1));
-+ memset((caddr_t)hash, 0, sizeof(*hash));
-+ break;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_SHA1 */
-+ case AH_NONE:
-+ break;
-+ default:
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_AH_BADALG;
-+ }
-+#ifdef NET_21
-+ ixs->skb->h.raw = (unsigned char*)espp;
-+#endif /* NET_21 */
-+ break;
-+#endif /* !CONFIG_KLIPS_ESP */
-+#ifdef CONFIG_KLIPS_AH
-+ case IPPROTO_AH:
-+ ahp = (struct ahhdr *)(dat + ixs->iphlen);
-+ ahp->ah_spi = ixs->ipsp->ips_said.spi;
-+ ahp->ah_rpl = htonl(++(ixs->ipsp->ips_replaywin_lastseq));
-+ ahp->ah_rv = 0;
-+ ahp->ah_nh = ixs->iph->protocol;
-+ ahp->ah_hl = (headroom >> 2) - sizeof(__u64)/sizeof(__u32);
-+ ixs->iph->protocol = IPPROTO_AH;
-+ dmp("ahp", (char*)ahp, sizeof(*ahp));
-+
-+ ipo = *ixs->iph;
-+ ipo.tos = 0;
-+ ipo.frag_off = 0;
-+ ipo.ttl = 0;
-+ ipo.check = 0;
-+ dmp("ipo", (char*)&ipo, sizeof(ipo));
-+
-+ switch(ixs->ipsp->ips_authalg) {
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_MD5
-+ case AH_MD5:
-+ tctx.md5 = ((struct md5_ctx*)(ixs->ipsp->ips_key_a))->ictx;
-+ dmp("ictx", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Update(&tctx.md5, (unsigned char *)&ipo, sizeof (struct iphdr));
-+ dmp("ictx+ipo", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Update(&tctx.md5, (unsigned char *)ahp, headroom - sizeof(ahp->ah_data));
-+ dmp("ictx+ahp", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Update(&tctx.md5, (unsigned char *)zeroes, AHHMAC_HASHLEN);
-+ dmp("ictx+zeroes", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Update(&tctx.md5, dat + ixs->iphlen + headroom, len - ixs->iphlen - headroom);
-+ dmp("ictx+dat", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Final(hash, &tctx.md5);
-+ dmp("ictx hash", (char*)&hash, sizeof(hash));
-+ tctx.md5 = ((struct md5_ctx*)(ixs->ipsp->ips_key_a))->octx;
-+ dmp("octx", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Update(&tctx.md5, hash, AHMD596_ALEN);
-+ dmp("octx+hash", (char*)&tctx.md5, sizeof(tctx.md5));
-+ osMD5Final(hash, &tctx.md5);
-+ dmp("octx hash", (char*)&hash, sizeof(hash));
-+
-+ memcpy(ahp->ah_data, hash, AHHMAC_HASHLEN);
-+
-+ /* paranoid */
-+ memset((caddr_t)&tctx.md5, 0, sizeof(tctx.md5));
-+ memset((caddr_t)hash, 0, sizeof(*hash));
-+ break;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_MD5 */
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_SHA1
-+ case AH_SHA:
-+ tctx.sha1 = ((struct sha1_ctx*)(ixs->ipsp->ips_key_a))->ictx;
-+ SHA1Update(&tctx.sha1, (unsigned char *)&ipo, sizeof (struct iphdr));
-+ SHA1Update(&tctx.sha1, (unsigned char *)ahp, headroom - sizeof(ahp->ah_data));
-+ SHA1Update(&tctx.sha1, (unsigned char *)zeroes, AHHMAC_HASHLEN);
-+ SHA1Update(&tctx.sha1, dat + ixs->iphlen + headroom, len - ixs->iphlen - headroom);
-+ SHA1Final(hash, &tctx.sha1);
-+ tctx.sha1 = ((struct sha1_ctx*)(ixs->ipsp->ips_key_a))->octx;
-+ SHA1Update(&tctx.sha1, hash, AHSHA196_ALEN);
-+ SHA1Final(hash, &tctx.sha1);
-+
-+ memcpy(ahp->ah_data, hash, AHHMAC_HASHLEN);
-+
-+ /* paranoid */
-+ memset((caddr_t)&tctx.sha1, 0, sizeof(tctx.sha1));
-+ memset((caddr_t)hash, 0, sizeof(*hash));
-+ break;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_SHA1 */
-+ default:
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_AH_BADALG;
-+ }
-+#ifdef NET_21
-+ ixs->skb->h.raw = (unsigned char*)ahp;
-+#endif /* NET_21 */
-+ break;
-+#endif /* CONFIG_KLIPS_AH */
-+#ifdef CONFIG_KLIPS_IPIP
-+ case IPPROTO_IPIP:
-+ ixs->iph->version = 4;
-+ switch(sysctl_ipsec_tos) {
-+ case 0:
-+#ifdef NET_21
-+ ixs->iph->tos = ixs->skb->nh.iph->tos;
-+#else /* NET_21 */
-+ ixs->iph->tos = ixs->skb->ip_hdr->tos;
-+#endif /* NET_21 */
-+ break;
-+ case 1:
-+ ixs->iph->tos = 0;
-+ break;
-+ default:
-+ break;
-+ }
-+ ixs->iph->ttl = SYSCTL_IPSEC_DEFAULT_TTL;
-+ ixs->iph->frag_off = 0;
-+ ixs->iph->saddr = ((struct sockaddr_in*)(ixs->ipsp->ips_addr_s))->sin_addr.s_addr;
-+ ixs->iph->daddr = ((struct sockaddr_in*)(ixs->ipsp->ips_addr_d))->sin_addr.s_addr;
-+ ixs->iph->protocol = IPPROTO_IPIP;
-+ ixs->iph->ihl = sizeof(struct iphdr) >> 2;
-+
-+ KLIPS_IP_SELECT_IDENT(ixs->iph, ixs->skb);
-+
-+ ixs->newdst = (__u32)ixs->iph->daddr;
-+ ixs->newsrc = (__u32)ixs->iph->saddr;
-+
-+#ifdef NET_21
-+ ixs->skb->h.ipiph = ixs->skb->nh.iph;
-+#endif /* NET_21 */
-+ break;
-+#endif /* !CONFIG_KLIPS_IPIP */
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ case IPPROTO_COMP:
-+ {
-+ unsigned int flags = 0;
-+#ifdef CONFIG_KLIPS_DEBUG
-+ unsigned int old_tot_len = ntohs(ixs->iph->tot_len);
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ ixs->ipsp->ips_comp_ratio_dbytes += ntohs(ixs->iph->tot_len);
-+
-+ ixs->skb = skb_compress(ixs->skb, ixs->ipsp, &flags);
-+
-+#ifdef NET_21
-+ ixs->iph = ixs->skb->nh.iph;
-+#else /* NET_21 */
-+ ixs->iph = ixs->skb->ip_hdr;
-+#endif /* NET_21 */
-+
-+ ixs->ipsp->ips_comp_ratio_cbytes += ntohs(ixs->iph->tot_len);
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if (debug_tunnel & DB_TN_CROUT)
-+ {
-+ if (old_tot_len > ntohs(ixs->iph->tot_len))
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_encap_once: "
-+ "packet shrunk from %d to %d bytes after compression, cpi=%04x (should be from spi=%08x, spi&0xffff=%04x.\n",
-+ old_tot_len, ntohs(ixs->iph->tot_len),
-+ ntohs(((struct ipcomphdr*)(((char*)ixs->iph) + ((ixs->iph->ihl) << 2)))->ipcomp_cpi),
-+ ntohl(ixs->ipsp->ips_said.spi),
-+ (__u16)(ntohl(ixs->ipsp->ips_said.spi) & 0x0000ffff));
-+ else
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_encap_once: "
-+ "packet did not compress (flags = %d).\n",
-+ flags);
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ }
-+ break;
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+ default:
-+ ixs->stats->tx_errors++;
-+ return IPSEC_XMIT_BADPROTO;
-+ }
-+
-+#ifdef NET_21
-+ ixs->skb->nh.raw = ixs->skb->data;
-+#else /* NET_21 */
-+ ixs->skb->ip_hdr = ixs->skb->h.iph = (struct iphdr *) ixs->skb->data;
-+#endif /* NET_21 */
-+ ixs->iph->check = 0;
-+ ixs->iph->check = ip_fast_csum((unsigned char *)ixs->iph, ixs->iph->ihl);
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_encap_once: "
-+ "after <%s%s%s>, SA:%s:\n",
-+ IPS_XFORM_NAME(ixs->ipsp),
-+ ixs->sa_len ? ixs->sa_txt : " (error)");
-+ KLIPS_IP_PRINT(debug_tunnel & DB_TN_XMIT, ixs->iph);
-+
-+ ixs->ipsp->ips_life.ipl_bytes.ipl_count += len;
-+ ixs->ipsp->ips_life.ipl_bytes.ipl_last = len;
-+
-+ if(!ixs->ipsp->ips_life.ipl_usetime.ipl_count) {
-+ ixs->ipsp->ips_life.ipl_usetime.ipl_count = jiffies / HZ;
-+ }
-+ ixs->ipsp->ips_life.ipl_usetime.ipl_last = jiffies / HZ;
-+ ixs->ipsp->ips_life.ipl_packets.ipl_count++;
-+
-+ ixs->ipsp = ixs->ipsp->ips_onext;
-+
-+ return IPSEC_XMIT_OK;
-+}
-+
-+/*
-+ * If the IP packet (iph) is a carrying TCP/UDP, then set the encaps
-+ * source and destination ports to those from the TCP/UDP header.
-+ */
-+void ipsec_extract_ports(struct iphdr * iph, struct sockaddr_encap * er)
-+{
-+ struct udphdr *udp;
-+
-+ switch (iph->protocol) {
-+ case IPPROTO_UDP:
-+ case IPPROTO_TCP:
-+ /*
-+ * The ports are at the same offsets in a TCP and UDP
-+ * header so hack it ...
-+ */
-+ udp = (struct udphdr*)(((char*)iph)+(iph->ihl<<2));
-+ er->sen_sport = udp->source;
-+ er->sen_dport = udp->dest;
-+ break;
-+ default:
-+ er->sen_sport = 0;
-+ er->sen_dport = 0;
-+ break;
-+ }
-+}
-+
-+/*
-+ * A TRAP eroute is installed and we want to replace it with a HOLD
-+ * eroute.
-+ */
-+static int create_hold_eroute(struct eroute *origtrap,
-+ struct sk_buff * skb, struct iphdr * iph,
-+ uint32_t eroute_pid)
-+{
-+ struct eroute hold_eroute;
-+ ip_said hold_said;
-+ struct sk_buff *first, *last;
-+ int error;
-+
-+ first = last = NULL;
-+ memset((caddr_t)&hold_eroute, 0, sizeof(hold_eroute));
-+ memset((caddr_t)&hold_said, 0, sizeof(hold_said));
-+
-+ hold_said.proto = IPPROTO_INT;
-+ hold_said.spi = htonl(SPI_HOLD);
-+ hold_said.dst.u.v4.sin_addr.s_addr = INADDR_ANY;
-+
-+ hold_eroute.er_eaddr.sen_len = sizeof(struct sockaddr_encap);
-+ hold_eroute.er_emask.sen_len = sizeof(struct sockaddr_encap);
-+ hold_eroute.er_eaddr.sen_family = AF_ENCAP;
-+ hold_eroute.er_emask.sen_family = AF_ENCAP;
-+ hold_eroute.er_eaddr.sen_type = SENT_IP4;
-+ hold_eroute.er_emask.sen_type = 255;
-+
-+ hold_eroute.er_eaddr.sen_ip_src.s_addr = iph->saddr;
-+ hold_eroute.er_eaddr.sen_ip_dst.s_addr = iph->daddr;
-+ hold_eroute.er_emask.sen_ip_src.s_addr = INADDR_BROADCAST;
-+ hold_eroute.er_emask.sen_ip_dst.s_addr = INADDR_BROADCAST;
-+ hold_eroute.er_emask.sen_sport = 0;
-+ hold_eroute.er_emask.sen_dport = 0;
-+ hold_eroute.er_pid = eroute_pid;
-+ hold_eroute.er_count = 0;
-+ hold_eroute.er_lasttime = jiffies/HZ;
-+
-+ /*
-+ * if it wasn't captured by a wildcard, then don't record it as
-+ * a wildcard.
-+ */
-+ if(origtrap->er_eaddr.sen_proto != 0) {
-+ hold_eroute.er_eaddr.sen_proto = iph->protocol;
-+
-+ if((iph->protocol == IPPROTO_TCP ||
-+ iph->protocol == IPPROTO_UDP) &&
-+ (origtrap->er_eaddr.sen_sport != 0 ||
-+ origtrap->er_eaddr.sen_dport != 0)) {
-+
-+ if(origtrap->er_eaddr.sen_sport != 0)
-+ hold_eroute.er_emask.sen_sport = ~0;
-+
-+ if(origtrap->er_eaddr.sen_dport != 0)
-+ hold_eroute.er_emask.sen_dport = ~0;
-+
-+ ipsec_extract_ports(iph, &hold_eroute.er_eaddr);
-+ }
-+ }
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if (debug_pfkey) {
-+ char buf1[64], buf2[64];
-+ subnettoa(hold_eroute.er_eaddr.sen_ip_src,
-+ hold_eroute.er_emask.sen_ip_src, 0, buf1, sizeof(buf1));
-+ subnettoa(hold_eroute.er_eaddr.sen_ip_dst,
-+ hold_eroute.er_emask.sen_ip_dst, 0, buf2, sizeof(buf2));
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:ipsec_tunnel_start_xmit: "
-+ "calling breakeroute and makeroute for %s:%d->%s:%d %d HOLD eroute.\n",
-+ buf1, ntohs(hold_eroute.er_eaddr.sen_sport),
-+ buf2, ntohs(hold_eroute.er_eaddr.sen_dport),
-+ hold_eroute.er_eaddr.sen_proto);
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ if (ipsec_breakroute(&(hold_eroute.er_eaddr), &(hold_eroute.er_emask),
-+ &first, &last)) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:ipsec_tunnel_start_xmit: "
-+ "HOLD breakeroute found nothing.\n");
-+ } else {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:ipsec_tunnel_start_xmit: "
-+ "HOLD breakroute deleted %u.%u.%u.%u:%u -> %u.%u.%u.%u:%u %u\n",
-+ NIPQUAD(hold_eroute.er_eaddr.sen_ip_src),
-+ ntohs(hold_eroute.er_eaddr.sen_sport),
-+ NIPQUAD(hold_eroute.er_eaddr.sen_ip_dst),
-+ ntohs(hold_eroute.er_eaddr.sen_dport),
-+ hold_eroute.er_eaddr.sen_proto);
-+ }
-+ if (first != NULL)
-+ kfree_skb(first);
-+ if (last != NULL)
-+ kfree_skb(last);
-+
-+ error = ipsec_makeroute(&(hold_eroute.er_eaddr),
-+ &(hold_eroute.er_emask),
-+ hold_said, eroute_pid, skb, NULL, NULL);
-+ if (error) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:ipsec_tunnel_start_xmit: "
-+ "HOLD makeroute returned %d, failed.\n", error);
-+ } else {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:ipsec_tunnel_start_xmit: "
-+ "HOLD makeroute call successful.\n");
-+ }
-+ return (error == 0);
-+}
-+
-+/*
-+ * upon entry to this function, ixs->skb should be setup
-+ * as follows:
-+ *
-+ * data = beginning of IP packet <- differs from ipsec_rcv().
-+ * nh.raw = beginning of IP packet.
-+ * h.raw = data after the IP packet.
-+ *
-+ */
-+enum ipsec_xmit_value
-+ipsec_xmit_encap_bundle(struct ipsec_xmit_state *ixs)
-+{
-+ struct ipsec_alg_enc *ixt_e = NULL;
-+ struct ipsec_alg_auth *ixt_a = NULL;
-+ int blocksize = 8;
-+ enum ipsec_xmit_value bundle_stat = IPSEC_XMIT_OK;
-+
-+ ixs->newdst = ixs->orgdst = ixs->iph->daddr;
-+ ixs->newsrc = ixs->orgsrc = ixs->iph->saddr;
-+ ixs->orgedst = ixs->outgoing_said.dst.u.v4.sin_addr.s_addr;
-+ ixs->iphlen = ixs->iph->ihl << 2;
-+ ixs->pyldsz = ntohs(ixs->iph->tot_len) - ixs->iphlen;
-+ ixs->max_headroom = ixs->max_tailroom = 0;
-+
-+ if (ixs->outgoing_said.proto == IPPROTO_INT) {
-+ switch (ntohl(ixs->outgoing_said.spi)) {
-+ case SPI_DROP:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "shunt SA of DROP or no eroute: dropping.\n");
-+ ixs->stats->tx_dropped++;
-+ break;
-+
-+ case SPI_REJECT:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "shunt SA of REJECT: notifying and dropping.\n");
-+ ICMP_SEND(ixs->skb,
-+ ICMP_DEST_UNREACH,
-+ ICMP_PKT_FILTERED,
-+ 0,
-+ ixs->physdev);
-+ ixs->stats->tx_dropped++;
-+ break;
-+
-+ case SPI_PASS:
-+#ifdef NET_21
-+ ixs->pass = 1;
-+#endif /* NET_21 */
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "PASS: calling dev_queue_xmit\n");
-+ return IPSEC_XMIT_PASS;
-+ goto cleanup;
-+
-+ case SPI_HOLD:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "shunt SA of HOLD: this does not make sense here, dropping.\n");
-+ ixs->stats->tx_dropped++;
-+ break;
-+
-+ case SPI_TRAP:
-+ case SPI_TRAPSUBNET:
-+ {
-+ struct sockaddr_in src, dst;
-+#ifdef CONFIG_KLIPS_DEBUG
-+ char bufsrc[ADDRTOA_BUF], bufdst[ADDRTOA_BUF];
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ /* Signal all listening KMds with a PF_KEY ACQUIRE */
-+
-+ memset(&src, 0, sizeof(src));
-+ memset(&dst, 0, sizeof(dst));
-+ src.sin_family = AF_INET;
-+ dst.sin_family = AF_INET;
-+ src.sin_addr.s_addr = ixs->iph->saddr;
-+ dst.sin_addr.s_addr = ixs->iph->daddr;
-+
-+ ixs->ips.ips_transport_protocol = 0;
-+ src.sin_port = 0;
-+ dst.sin_port = 0;
-+
-+ if(ixs->eroute->er_eaddr.sen_proto != 0) {
-+ ixs->ips.ips_transport_protocol = ixs->iph->protocol;
-+
-+ if(ixs->eroute->er_eaddr.sen_sport != 0) {
-+ src.sin_port =
-+ (ixs->iph->protocol == IPPROTO_UDP
-+ ? ((struct udphdr*) (((caddr_t)ixs->iph) + (ixs->iph->ihl << 2)))->source
-+ : (ixs->iph->protocol == IPPROTO_TCP
-+ ? ((struct tcphdr*)((caddr_t)ixs->iph + (ixs->iph->ihl << 2)))->source
-+ : 0));
-+ }
-+ if(ixs->eroute->er_eaddr.sen_dport != 0) {
-+ dst.sin_port =
-+ (ixs->iph->protocol == IPPROTO_UDP
-+ ? ((struct udphdr*) (((caddr_t)ixs->iph) + (ixs->iph->ihl << 2)))->dest
-+ : (ixs->iph->protocol == IPPROTO_TCP
-+ ? ((struct tcphdr*)((caddr_t)ixs->iph + (ixs->iph->ihl << 2)))->dest
-+ : 0));
-+ }
-+ }
-+
-+ ixs->ips.ips_addr_s = (struct sockaddr*)(&src);
-+ ixs->ips.ips_addr_d = (struct sockaddr*)(&dst);
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "SADB_ACQUIRE sent with src=%s:%d, dst=%s:%d, proto=%d.\n",
-+ addrtoa(((struct sockaddr_in*)(ixs->ips.ips_addr_s))->sin_addr, 0, bufsrc, sizeof(bufsrc)) <= ADDRTOA_BUF ? bufsrc : "BAD_ADDR",
-+ ntohs(((struct sockaddr_in*)(ixs->ips.ips_addr_s))->sin_port),
-+ addrtoa(((struct sockaddr_in*)(ixs->ips.ips_addr_d))->sin_addr, 0, bufdst, sizeof(bufdst)) <= ADDRTOA_BUF ? bufdst : "BAD_ADDR",
-+ ntohs(((struct sockaddr_in*)(ixs->ips.ips_addr_d))->sin_port),
-+ ixs->ips.ips_said.proto);
-+
-+ /* increment count of total traps needed */
-+ ipsec_xmit_trap_count++;
-+
-+ if (pfkey_acquire(&ixs->ips) == 0) {
-+
-+ /* note that we succeeded */
-+ ipsec_xmit_trap_sendcount++;
-+
-+ if (ixs->outgoing_said.spi==htonl(SPI_TRAPSUBNET)) {
-+ /*
-+ * The spinlock is to prevent any other
-+ * process from accessing or deleting
-+ * the eroute while we are using and
-+ * updating it.
-+ */
-+ spin_lock(&eroute_lock);
-+ ixs->eroute = ipsec_findroute(&ixs->matcher);
-+ if(ixs->eroute) {
-+ ixs->eroute->er_said.spi = htonl(SPI_HOLD);
-+ ixs->eroute->er_first = ixs->skb;
-+ ixs->skb = NULL;
-+ }
-+ spin_unlock(&eroute_lock);
-+ } else if (create_hold_eroute(ixs->eroute,
-+ ixs->skb,
-+ ixs->iph,
-+ ixs->eroute_pid)) {
-+ ixs->skb = NULL;
-+ }
-+ /* whether or not the above succeeded, we continue */
-+
-+ }
-+ ixs->stats->tx_dropped++;
-+ }
-+ default:
-+ /* XXX what do we do with an unknown shunt spi? */
-+ break;
-+ } /* switch (ntohl(ixs->outgoing_said.spi)) */
-+ return IPSEC_XMIT_STOLEN;
-+ } /* if (ixs->outgoing_said.proto == IPPROTO_INT) */
-+
-+ /*
-+ The spinlock is to prevent any other process from
-+ accessing or deleting the ipsec_sa hash table or any of the
-+ ipsec_sa s while we are using and updating them.
-+
-+ This is not optimal, but was relatively straightforward
-+ at the time. A better way to do it has been planned for
-+ more than a year, to lock the hash table and put reference
-+ counts on each ipsec_sa instead. This is not likely to happen
-+ in KLIPS1 unless a volunteer contributes it, but will be
-+ designed into KLIPS2.
-+ */
-+ spin_lock(&tdb_lock);
-+
-+ ixs->ipsp = ipsec_sa_getbyid(&ixs->outgoing_said);
-+ ixs->sa_len = satot(&ixs->outgoing_said, 0, ixs->sa_txt, sizeof(ixs->sa_txt));
-+
-+ if (ixs->ipsp == NULL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "no ipsec_sa for SA%s: outgoing packet with no SA, dropped.\n",
-+ ixs->sa_len ? ixs->sa_txt : " (error)");
-+ if(ixs->stats) {
-+ ixs->stats->tx_dropped++;
-+ }
-+ bundle_stat = IPSEC_XMIT_SAIDNOTFOUND;
-+ goto cleanup;
-+ }
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "found ipsec_sa -- SA:<%s%s%s> %s\n",
-+ IPS_XFORM_NAME(ixs->ipsp),
-+ ixs->sa_len ? ixs->sa_txt : " (error)");
-+
-+ /*
-+ * How much headroom do we need to be able to apply
-+ * all the grouped transforms?
-+ */
-+ ixs->ipsq = ixs->ipsp; /* save the head of the ipsec_sa chain */
-+ while (ixs->ipsp) {
-+ ixs->sa_len = satot(&ixs->ipsp->ips_said, 0, ixs->sa_txt, sizeof(ixs->sa_txt));
-+ if(ixs->sa_len == 0) {
-+ strcpy(ixs->sa_txt, "(error)");
-+ }
-+
-+ /* If it is in larval state, drop the packet, we cannot process yet. */
-+ if(ixs->ipsp->ips_state == SADB_SASTATE_LARVAL) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "ipsec_sa in larval state for SA:<%s%s%s> %s, cannot be used yet, dropping packet.\n",
-+ IPS_XFORM_NAME(ixs->ipsp),
-+ ixs->sa_len ? ixs->sa_txt : " (error)");
-+ if(ixs->stats) {
-+ ixs->stats->tx_errors++;
-+ }
-+ bundle_stat = IPSEC_XMIT_SAIDNOTLIVE;
-+ goto cleanup;
-+ }
-+
-+ if(ixs->ipsp->ips_state == SADB_SASTATE_DEAD) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "ipsec_sa in dead state for SA:<%s%s%s> %s, can no longer be used, dropping packet.\n",
-+ IPS_XFORM_NAME(ixs->ipsp),
-+ ixs->sa_len ? ixs->sa_txt : " (error)");
-+ ixs->stats->tx_errors++;
-+ bundle_stat = IPSEC_XMIT_SAIDNOTLIVE;
-+ goto cleanup;
-+ }
-+
-+ /* If the replay window counter == -1, expire SA, it will roll */
-+ if(ixs->ipsp->ips_replaywin && ixs->ipsp->ips_replaywin_lastseq == -1) {
-+ pfkey_expire(ixs->ipsp, 1);
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "replay window counter rolled for SA:<%s%s%s> %s, packet dropped, expiring SA.\n",
-+ IPS_XFORM_NAME(ixs->ipsp),
-+ ixs->sa_len ? ixs->sa_txt : " (error)");
-+ ipsec_sa_delchain(ixs->ipsp);
-+ ixs->stats->tx_errors++;
-+ bundle_stat = IPSEC_XMIT_REPLAYROLLED;
-+ goto cleanup;
-+ }
-+
-+ /*
-+ * if this is the first time we are using this SA, mark start time,
-+ * and offset hard/soft counters by "now" for later checking.
-+ */
-+#if 0
-+ if(ixs->ipsp->ips_life.ipl_usetime.count == 0) {
-+ ixs->ipsp->ips_life.ipl_usetime.count = jiffies;
-+ ixs->ipsp->ips_life.ipl_usetime.hard += jiffies;
-+ ixs->ipsp->ips_life.ipl_usetime.soft += jiffies;
-+ }
-+#endif
-+
-+
-+ if(ipsec_lifetime_check(&ixs->ipsp->ips_life.ipl_bytes, "bytes", ixs->sa_txt,
-+ ipsec_life_countbased, ipsec_outgoing, ixs->ipsp) == ipsec_life_harddied ||
-+ ipsec_lifetime_check(&ixs->ipsp->ips_life.ipl_addtime, "addtime",ixs->sa_txt,
-+ ipsec_life_timebased, ipsec_outgoing, ixs->ipsp) == ipsec_life_harddied ||
-+ ipsec_lifetime_check(&ixs->ipsp->ips_life.ipl_usetime, "usetime",ixs->sa_txt,
-+ ipsec_life_timebased, ipsec_outgoing, ixs->ipsp) == ipsec_life_harddied ||
-+ ipsec_lifetime_check(&ixs->ipsp->ips_life.ipl_packets, "packets",ixs->sa_txt,
-+ ipsec_life_countbased, ipsec_outgoing, ixs->ipsp) == ipsec_life_harddied) {
-+
-+ ipsec_sa_delchain(ixs->ipsp);
-+ ixs->stats->tx_errors++;
-+ bundle_stat = IPSEC_XMIT_LIFETIMEFAILED;
-+ goto cleanup;
-+ }
-+
-+
-+ ixs->headroom = ixs->tailroom = 0;
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "calling room for <%s%s%s>, SA:%s\n",
-+ IPS_XFORM_NAME(ixs->ipsp),
-+ ixs->sa_len ? ixs->sa_txt : " (error)");
-+ switch(ixs->ipsp->ips_said.proto) {
-+#ifdef CONFIG_KLIPS_AH
-+ case IPPROTO_AH:
-+ ixs->headroom += sizeof(struct ahhdr);
-+ break;
-+#endif /* CONFIG_KLIPS_AH */
-+#ifdef CONFIG_KLIPS_ESP
-+ case IPPROTO_ESP:
-+ ixt_e=ixs->ipsp->ips_alg_enc;
-+ if (ixt_e) {
-+ blocksize = ixt_e->ixt_common.ixt_blocksize;
-+ ixs->headroom += ESP_HEADER_LEN + ixt_e->ixt_common.ixt_support.ias_ivlen/8;
-+ }
-+ else {
-+ ixs->stats->tx_errors++;
-+ bundle_stat = IPSEC_XMIT_ESP_BADALG;
-+ goto cleanup;
-+ }
-+
-+ if ((ixt_a=ixs->ipsp->ips_alg_auth)) {
-+ ixs->tailroom += AHHMAC_HASHLEN;
-+ } else
-+ switch(ixs->ipsp->ips_authalg) {
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_MD5
-+ case AH_MD5:
-+ ixs->tailroom += AHHMAC_HASHLEN;
-+ break;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_MD5 */
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_SHA1
-+ case AH_SHA:
-+ ixs->tailroom += AHHMAC_HASHLEN;
-+ break;
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_SHA1 */
-+ case AH_NONE:
-+ break;
-+ default:
-+ ixs->stats->tx_errors++;
-+ bundle_stat = IPSEC_XMIT_AH_BADALG;
-+ goto cleanup;
-+ }
-+ ixs->tailroom += blocksize != 1 ?
-+ ((blocksize - ((ixs->pyldsz + 2) % blocksize)) % blocksize) + 2 :
-+ ((4 - ((ixs->pyldsz + 2) % 4)) % 4) + 2;
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ if ((ixs->ipsp->ips_natt_type) && (!ixs->natt_type)) {
-+ ixs->natt_type = ixs->ipsp->ips_natt_type;
-+ ixs->natt_sport = ixs->ipsp->ips_natt_sport;
-+ ixs->natt_dport = ixs->ipsp->ips_natt_dport;
-+ switch (ixs->natt_type) {
-+ case ESPINUDP_WITH_NON_IKE:
-+ ixs->natt_head = sizeof(struct udphdr)+(2*sizeof(__u32));
-+ break;
-+
-+ case ESPINUDP_WITH_NON_ESP:
-+ ixs->natt_head = sizeof(struct udphdr);
-+ break;
-+
-+ default:
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT
-+ , "klips_xmit: invalid nat-t type %d"
-+ , ixs->natt_type);
-+ bundle_stat = IPSEC_XMIT_ESPUDP_BADTYPE;
-+ goto cleanup;
-+
-+ break;
-+ }
-+ ixs->tailroom += ixs->natt_head;
-+ }
-+#endif
-+ break;
-+#endif /* !CONFIG_KLIPS_ESP */
-+#ifdef CONFIG_KLIPS_IPIP
-+ case IPPROTO_IPIP:
-+ ixs->headroom += sizeof(struct iphdr);
-+ break;
-+#endif /* !CONFIG_KLIPS_IPIP */
-+ case IPPROTO_COMP:
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ /*
-+ We can't predict how much the packet will
-+ shrink without doing the actual compression.
-+ We could do it here, if we were the first
-+ encapsulation in the chain. That might save
-+ us a skb_copy_expand, since we might fit
-+ into the existing skb then. However, this
-+ would be a bit unclean (and this hack has
-+ bit us once), so we better not do it. After
-+ all, the skb_copy_expand is cheap in
-+ comparison to the actual compression.
-+ At least we know the packet will not grow.
-+ */
-+ break;
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+ default:
-+ ixs->stats->tx_errors++;
-+ bundle_stat = IPSEC_XMIT_BADPROTO;
-+ goto cleanup;
-+ }
-+ ixs->ipsp = ixs->ipsp->ips_onext;
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "Required head,tailroom: %d,%d\n",
-+ ixs->headroom, ixs->tailroom);
-+ ixs->max_headroom += ixs->headroom;
-+ ixs->max_tailroom += ixs->tailroom;
-+ ixs->pyldsz += (ixs->headroom + ixs->tailroom);
-+ }
-+ ixs->ipsp = ixs->ipsq; /* restore the head of the ipsec_sa chain */
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "existing head,tailroom: %d,%d before applying xforms with head,tailroom: %d,%d .\n",
-+ skb_headroom(ixs->skb), skb_tailroom(ixs->skb),
-+ ixs->max_headroom, ixs->max_tailroom);
-+
-+ ixs->tot_headroom += ixs->max_headroom;
-+ ixs->tot_tailroom += ixs->max_tailroom;
-+
-+ ixs->mtudiff = ixs->cur_mtu + ixs->tot_headroom + ixs->tot_tailroom - ixs->physmtu;
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "mtu:%d physmtu:%d tothr:%d tottr:%d mtudiff:%d ippkttotlen:%d\n",
-+ ixs->cur_mtu, ixs->physmtu,
-+ ixs->tot_headroom, ixs->tot_tailroom, ixs->mtudiff, ntohs(ixs->iph->tot_len));
-+ if(ixs->mtudiff > 0) {
-+ int newmtu = ixs->physmtu - (ixs->tot_headroom + ((ixs->tot_tailroom + 2) & ~7) + 5);
-+
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_info:ipsec_xmit_encap_bundle: "
-+ "dev %s mtu of %d decreased by %d to %d\n",
-+ ixs->dev ? ixs->dev->name : "ifX",
-+ ixs->cur_mtu,
-+ ixs->cur_mtu - newmtu,
-+ newmtu);
-+ ixs->cur_mtu = newmtu;
-+
-+ /* this would seem to adjust the MTU of the route as well */
-+#if 0
-+ ixs->skb->dst->pmtu = ixs->prv->mtu; /* RGB */
-+#endif /* 0 */
-+ }
-+
-+ /*
-+ If the sender is doing PMTU discovery, and the
-+ packet doesn't fit within ixs->prv->mtu, notify him
-+ (unless it was an ICMP packet, or it was not the
-+ zero-offset packet) and send it anyways.
-+
-+ Note: buggy firewall configuration may prevent the
-+ ICMP packet from getting back.
-+ */
-+ if(sysctl_ipsec_icmp
-+ && ixs->cur_mtu < ntohs(ixs->iph->tot_len)
-+ && (ixs->iph->frag_off & __constant_htons(IP_DF)) ) {
-+ int notify = ixs->iph->protocol != IPPROTO_ICMP
-+ && (ixs->iph->frag_off & __constant_htons(IP_OFFSET)) == 0;
-+
-+#ifdef IPSEC_obey_DF
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "fragmentation needed and DF set; %sdropping packet\n",
-+ notify ? "sending ICMP and " : "");
-+ if (notify)
-+ ICMP_SEND(ixs->skb,
-+ ICMP_DEST_UNREACH,
-+ ICMP_FRAG_NEEDED,
-+ ixs->cur_mtu,
-+ ixs->physdev);
-+ ixs->stats->tx_errors++;
-+ bundle_stat = IPSEC_XMIT_CANNOTFRAG;
-+ goto cleanup;
-+#else /* IPSEC_obey_DF */
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "fragmentation needed and DF set; %spassing packet\n",
-+ notify ? "sending ICMP and " : "");
-+ if (notify)
-+ ICMP_SEND(ixs->skb,
-+ ICMP_DEST_UNREACH,
-+ ICMP_FRAG_NEEDED,
-+ ixs->cur_mtu,
-+ ixs->physdev);
-+#endif /* IPSEC_obey_DF */
-+ }
-+
-+#ifdef MSS_HACK
-+ /*
-+ * If this is a transport mode TCP packet with
-+ * SYN set, determine an effective MSS based on
-+ * AH/ESP overheads determined above.
-+ */
-+ if (ixs->iph->protocol == IPPROTO_TCP
-+ && ixs->outgoing_said.proto != IPPROTO_IPIP) {
-+ struct tcphdr *tcph = ixs->skb->h.th;
-+ if (tcph->syn && !tcph->ack) {
-+ if(!ipsec_adjust_mss(ixs->skb, tcph, ixs->cur_mtu)) {
-+ printk(KERN_WARNING
-+ "klips_warning:ipsec_xmit_encap_bundle: "
-+ "ipsec_adjust_mss() failed\n");
-+ ixs->stats->tx_errors++;
-+ bundle_stat = IPSEC_XMIT_MSSERR;
-+ goto cleanup;
-+ }
-+ }
-+ }
-+#endif /* MSS_HACK */
-+
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ if ((ixs->natt_type) && (ixs->outgoing_said.proto != IPPROTO_IPIP)) {
-+ /**
-+ * NAT-Traversal and Transport Mode:
-+ * we need to correct TCP/UDP checksum
-+ *
-+ * If we've got NAT-OA, we can fix checksum without recalculation.
-+ * If we don't we can zero udp checksum.
-+ */
-+ __u32 natt_oa = ixs->ipsp->ips_natt_oa ?
-+ ((struct sockaddr_in*)(ixs->ipsp->ips_natt_oa))->sin_addr.s_addr : 0;
-+ __u16 pkt_len = ixs->skb->tail - (unsigned char *)ixs->iph;
-+ __u16 data_len = pkt_len - (ixs->iph->ihl << 2);
-+ switch (ixs->iph->protocol) {
-+ case IPPROTO_TCP:
-+ if (data_len >= sizeof(struct tcphdr)) {
-+ struct tcphdr *tcp = (struct tcphdr *)((__u32 *)ixs->iph+ixs->iph->ihl);
-+ if (natt_oa) {
-+ __u32 buff[2] = { ~ixs->iph->daddr, natt_oa };
-+ KLIPS_PRINT(debug_tunnel,
-+ "klips_debug:ipsec_tunnel_start_xmit: "
-+ "NAT-T & TRANSPORT: "
-+ "fix TCP checksum using NAT-OA\n");
-+ tcp->check = csum_fold(
-+ csum_partial((unsigned char *)buff, sizeof(buff),
-+ tcp->check^0xffff));
-+ }
-+ else {
-+ KLIPS_PRINT(debug_tunnel,
-+ "klips_debug:ipsec_tunnel_start_xmit: "
-+ "NAT-T & TRANSPORT: do not recalc TCP checksum\n");
-+ }
-+ }
-+ else {
-+ KLIPS_PRINT(debug_tunnel,
-+ "klips_debug:ipsec_tunnel_start_xmit: "
-+ "NAT-T & TRANSPORT: can't fix TCP checksum\n");
-+ }
-+ break;
-+ case IPPROTO_UDP:
-+ if (data_len >= sizeof(struct udphdr)) {
-+ struct udphdr *udp = (struct udphdr *)((__u32 *)ixs->iph+ixs->iph->ihl);
-+ if (udp->check == 0) {
-+ KLIPS_PRINT(debug_tunnel,
-+ "klips_debug:ipsec_tunnel_start_xmit: "
-+ "NAT-T & TRANSPORT: UDP checksum already 0\n");
-+ }
-+ else if (natt_oa) {
-+ __u32 buff[2] = { ~ixs->iph->daddr, natt_oa };
-+ KLIPS_PRINT(debug_tunnel,
-+ "klips_debug:ipsec_tunnel_start_xmit: "
-+ "NAT-T & TRANSPORT: "
-+ "fix UDP checksum using NAT-OA\n");
-+ udp->check = csum_fold(
-+ csum_partial((unsigned char *)buff, sizeof(buff),
-+ udp->check^0xffff));
-+ }
-+ else {
-+ KLIPS_PRINT(debug_tunnel,
-+ "klips_debug:ipsec_tunnel_start_xmit: "
-+ "NAT-T & TRANSPORT: zero UDP checksum\n");
-+ udp->check = 0;
-+ }
-+ }
-+ else {
-+ KLIPS_PRINT(debug_tunnel,
-+ "klips_debug:ipsec_tunnel_start_xmit: "
-+ "NAT-T & TRANSPORT: can't fix UDP checksum\n");
-+ }
-+ break;
-+ default:
-+ KLIPS_PRINT(debug_tunnel,
-+ "klips_debug:ipsec_tunnel_start_xmit: "
-+ "NAT-T & TRANSPORT: non TCP/UDP packet -- do nothing\n");
-+ break;
-+ }
-+ }
-+#endif /* CONFIG_IPSEC_NAT_TRAVERSAL */
-+
-+ if(!ixs->hard_header_stripped && ixs->hard_header_len>0) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "allocating %d bytes for hardheader.\n",
-+ ixs->hard_header_len);
-+ if((ixs->saved_header = kmalloc(ixs->hard_header_len, GFP_ATOMIC)) == NULL) {
-+ printk(KERN_WARNING "klips_debug:ipsec_xmit_encap_bundle: "
-+ "Failed, tried to allocate %d bytes for temp hard_header.\n",
-+ ixs->hard_header_len);
-+ ixs->stats->tx_errors++;
-+ bundle_stat = IPSEC_XMIT_ERRMEMALLOC;
-+ goto cleanup;
-+ }
-+ {
-+ int i;
-+ for (i = 0; i < ixs->hard_header_len; i++) {
-+ ixs->saved_header[i] = ixs->skb->data[i];
-+ }
-+ }
-+ if(ixs->skb->len < ixs->hard_header_len) {
-+ printk(KERN_WARNING "klips_error:ipsec_xmit_encap_bundle: "
-+ "tried to skb_pull hhlen=%d, %d available. This should never happen, please report.\n",
-+ ixs->hard_header_len, (int)(ixs->skb->len));
-+ ixs->stats->tx_errors++;
-+ bundle_stat = IPSEC_XMIT_ESP_PUSHPULLERR;
-+ goto cleanup;
-+ }
-+ skb_pull(ixs->skb, ixs->hard_header_len);
-+ ixs->hard_header_stripped = 1;
-+
-+/* ixs->iph = (struct iphdr *) (ixs->skb->data); */
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "head,tailroom: %d,%d after hard_header stripped.\n",
-+ skb_headroom(ixs->skb), skb_tailroom(ixs->skb));
-+ KLIPS_IP_PRINT(debug_tunnel & DB_TN_CROUT, ixs->iph);
-+ } else {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "hard header already stripped.\n");
-+ }
-+
-+ ixs->ll_headroom = (ixs->hard_header_len + 15) & ~15;
-+
-+ if ((skb_headroom(ixs->skb) >= ixs->max_headroom + 2 * ixs->ll_headroom) &&
-+ (skb_tailroom(ixs->skb) >= ixs->max_tailroom)
-+#ifndef NET_21
-+ && ixs->skb->free
-+#endif /* !NET_21 */
-+ ) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "data fits in existing skb\n");
-+ } else {
-+ struct sk_buff* tskb;
-+
-+ if(!ixs->oskb) {
-+ ixs->oskb = ixs->skb;
-+ }
-+
-+ tskb = skb_copy_expand(ixs->skb,
-+ /* The need for 2 * link layer length here remains unexplained...RGB */
-+ ixs->max_headroom + 2 * ixs->ll_headroom,
-+ ixs->max_tailroom,
-+ GFP_ATOMIC);
-+
-+ if(tskb && ixs->skb->sk) {
-+ skb_set_owner_w(tskb, ixs->skb->sk);
-+ }
-+
-+ if(ixs->skb != ixs->oskb) {
-+ ipsec_kfree_skb(ixs->skb);
-+ }
-+ ixs->skb = tskb;
-+ if (!ixs->skb) {
-+ printk(KERN_WARNING
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "Failed, tried to allocate %d head and %d tailroom\n",
-+ ixs->max_headroom, ixs->max_tailroom);
-+ ixs->stats->tx_errors++;
-+ bundle_stat = IPSEC_XMIT_ERRSKBALLOC;
-+ goto cleanup;
-+ }
-+ KLIPS_PRINT(debug_tunnel & DB_TN_CROUT,
-+ "klips_debug:ipsec_xmit_encap_bundle: "
-+ "head,tailroom: %d,%d after allocation\n",
-+ skb_headroom(ixs->skb), skb_tailroom(ixs->skb));
-+ }
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(debug_tunnel & DB_TN_ENCAP) {
-+ ipsec_print_ip(ixs->iph);
-+ }
-+#endif
-+
-+ /*
-+ * Apply grouped transforms to packet
-+ */
-+ while (ixs->ipsp) {
-+ enum ipsec_xmit_value encap_stat = IPSEC_XMIT_OK;
-+
-+ encap_stat = ipsec_xmit_encap_once(ixs);
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(debug_tunnel & DB_TN_ENCAP) {
-+ ipsec_print_ip(ixs->iph);
-+ }
-+#endif
-+
-+ if(encap_stat != IPSEC_XMIT_OK) {
-+ KLIPS_PRINT(debug_tunnel & DB_TN_XMIT,
-+ "klips_debug:ipsec_xmit_encap_bundle: encap_once failed: %d\n",
-+ encap_stat);
-+
-+ bundle_stat = IPSEC_XMIT_ENCAPFAIL;
-+ goto cleanup;
-+ }
-+ }
-+
-+ /* we are done with this SA */
-+ ipsec_sa_put(ixs->ipsp);
-+
-+ /* end encapsulation loop here XXX */
-+ cleanup:
-+ spin_unlock(&tdb_lock);
-+ return bundle_stat;
-+}
-+
-+/*
-+ * $Log: ipsec_xmit.c,v $
-+ * Revision 1.20.2.9 2007/07/06 17:18:43 paul
-+ * Fix for authentication field on sent packets has size equals to zero when
-+ * using custom auth algorithms. This is bug #811. Patch by "iamscared".
-+ *
-+ * Revision 1.20.2.8 2006/10/06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.20.2.7 2006/08/24 03:02:01 paul
-+ * Compile fixes for when CONFIG_KLIPS_DEBUG is not set. (bug #642)
-+ *
-+ * Revision 1.20.2.6 2006/07/07 22:09:49 paul
-+ * From: Bart Trojanowski <bart@xelerance.com>
-+ * Removing a left over '#else' that split another '#if/#endif' block in two.
-+ *
-+ * Revision 1.20.2.5 2006/07/07 15:43:17 paul
-+ * From: Bart Trojanowski <bart@xelerance.com>
-+ * improved protocol detection in ipsec_print_ip() -- a debug aid.
-+ *
-+ * Revision 1.20.2.4 2006/04/20 16:33:07 mcr
-+ * remove all of CONFIG_KLIPS_ALG --- one can no longer build without it.
-+ * Fix in-kernel module compilation. Sub-makefiles do not work.
-+ *
-+ * Revision 1.20.2.3 2005/11/29 21:52:57 ken
-+ * Fix for #518 MTU issues
-+ *
-+ * Revision 1.20.2.2 2005/11/27 21:41:03 paul
-+ * Pull down TTL fixes from head. this fixes "Unknown symbol sysctl_ip_default_ttl"in for klips as module.
-+ *
-+ * Revision 1.20.2.1 2005/08/27 23:40:00 paul
-+ * recommited HAVE_SOCK_SECURITY fixes for linux 2.6.13
-+ *
-+ * Revision 1.20 2005/07/12 15:39:27 paul
-+ * include asm/uaccess.h for VERIFY_WRITE
-+ *
-+ * Revision 1.19 2005/05/24 01:02:35 mcr
-+ * some refactoring/simplification of situation where alg
-+ * is not found.
-+ *
-+ * Revision 1.18 2005/05/23 23:52:33 mcr
-+ * adjust comments, add additional debugging.
-+ *
-+ * Revision 1.17 2005/05/23 22:57:23 mcr
-+ * removed explicit 3DES support.
-+ *
-+ * Revision 1.16 2005/05/21 03:29:15 mcr
-+ * fixed warning about unused zeroes if AH is off.
-+ *
-+ * Revision 1.15 2005/05/20 16:47:59 mcr
-+ * include asm/checksum.h to get ip_fast_csum macro.
-+ *
-+ * Revision 1.14 2005/05/11 01:43:03 mcr
-+ * removed "poor-man"s OOP in favour of proper C structures.
-+ *
-+ * Revision 1.13 2005/04/29 05:10:22 mcr
-+ * removed from extraenous includes to make unit testing easier.
-+ *
-+ * Revision 1.12 2005/04/15 01:28:34 mcr
-+ * use ipsec_dmp_block.
-+ *
-+ * Revision 1.11 2005/01/26 00:50:35 mcr
-+ * adjustment of confusion of CONFIG_IPSEC_NAT vs CONFIG_KLIPS_NAT,
-+ * and make sure that NAT_TRAVERSAL is set as well to match
-+ * userspace compiles of code.
-+ *
-+ * Revision 1.10 2004/09/13 17:55:21 ken
-+ * MD5* -> osMD5*
-+ *
-+ * Revision 1.9 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.8 2004/04/06 02:49:26 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.7 2004/02/03 03:13:41 mcr
-+ * mark invalid encapsulation states.
-+ *
-+ * Revision 1.6.2.1 2003/12/22 15:25:52 jjo
-+ * Merged algo-0.8.1-rc11-test1 into alg-branch
-+ *
-+ * Revision 1.6 2003/12/10 01:14:27 mcr
-+ * NAT-traversal patches to KLIPS.
-+ *
-+ * Revision 1.5 2003/10/31 02:27:55 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.4.4.2 2003/10/29 01:37:39 mcr
-+ * when creating %hold from %trap, only make the %hold as
-+ * specific as the %trap was - so if the protocol and ports
-+ * were wildcards, then the %hold will be too.
-+ *
-+ * Revision 1.4.4.1 2003/09/21 13:59:56 mcr
-+ * pre-liminary X.509 patch - does not yet pass tests.
-+ *
-+ * Revision 1.4 2003/06/20 02:28:10 mcr
-+ * misstype of variable name, not detected by module build.
-+ *
-+ * Revision 1.3 2003/06/20 01:42:21 mcr
-+ * added counters to measure how many ACQUIREs we send to pluto,
-+ * and how many are successfully sent.
-+ *
-+ * Revision 1.2 2003/04/03 17:38:35 rgb
-+ * Centralised ipsec_kfree_skb and ipsec_dev_{get,put}.
-+ * Normalised coding style.
-+ * Simplified logic and reduced duplication of code.
-+ *
-+ * Revision 1.1 2003/02/12 19:31:23 rgb
-+ * Refactored from ipsec_tunnel.c
-+ *
-+ * Local Variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/match586.S Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,357 @@
-+/* match.s -- Pentium-optimized version of longest_match()
-+ * Written for zlib 1.1.2
-+ * Copyright (C) 1998 Brian Raiter <breadbox@muppetlabs.com>
-+ *
-+ * This is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License.
-+ */
-+
-+#ifndef NO_UNDERLINE
-+#define match_init _ipcomp_match_init
-+#define longest_match _ipcomp_longest_match
-+#else
-+#define match_init ipcomp_match_init
-+#define longest_match ipcomp_longest_match
-+#endif
-+
-+#define MAX_MATCH (258)
-+#define MIN_MATCH (3)
-+#define MIN_LOOKAHEAD (MAX_MATCH + MIN_MATCH + 1)
-+#define MAX_MATCH_8 ((MAX_MATCH + 7) & ~7)
-+
-+/* stack frame offsets */
-+
-+#define wmask 0 /* local copy of s->wmask */
-+#define window 4 /* local copy of s->window */
-+#define windowbestlen 8 /* s->window + bestlen */
-+#define chainlenscanend 12 /* high word: current chain len */
-+ /* low word: last bytes sought */
-+#define scanstart 16 /* first two bytes of string */
-+#define scanalign 20 /* dword-misalignment of string */
-+#define nicematch 24 /* a good enough match size */
-+#define bestlen 28 /* size of best match so far */
-+#define scan 32 /* ptr to string wanting match */
-+
-+#define LocalVarsSize (36)
-+/* saved ebx 36 */
-+/* saved edi 40 */
-+/* saved esi 44 */
-+/* saved ebp 48 */
-+/* return address 52 */
-+#define deflatestate 56 /* the function arguments */
-+#define curmatch 60
-+
-+/* Offsets for fields in the deflate_state structure. These numbers
-+ * are calculated from the definition of deflate_state, with the
-+ * assumption that the compiler will dword-align the fields. (Thus,
-+ * changing the definition of deflate_state could easily cause this
-+ * program to crash horribly, without so much as a warning at
-+ * compile time. Sigh.)
-+ */
-+#define dsWSize 36
-+#define dsWMask 44
-+#define dsWindow 48
-+#define dsPrev 56
-+#define dsMatchLen 88
-+#define dsPrevMatch 92
-+#define dsStrStart 100
-+#define dsMatchStart 104
-+#define dsLookahead 108
-+#define dsPrevLen 112
-+#define dsMaxChainLen 116
-+#define dsGoodMatch 132
-+#define dsNiceMatch 136
-+
-+
-+.file "match.S"
-+
-+.globl match_init, longest_match
-+
-+.text
-+
-+/* uInt longest_match(deflate_state *deflatestate, IPos curmatch) */
-+
-+longest_match:
-+
-+/* Save registers that the compiler may be using, and adjust %esp to */
-+/* make room for our stack frame. */
-+
-+ pushl %ebp
-+ pushl %edi
-+ pushl %esi
-+ pushl %ebx
-+ subl $LocalVarsSize, %esp
-+
-+/* Retrieve the function arguments. %ecx will hold cur_match */
-+/* throughout the entire function. %edx will hold the pointer to the */
-+/* deflate_state structure during the function's setup (before */
-+/* entering the main loop). */
-+
-+ movl deflatestate(%esp), %edx
-+ movl curmatch(%esp), %ecx
-+
-+/* if ((uInt)nice_match > s->lookahead) nice_match = s->lookahead; */
-+
-+ movl dsNiceMatch(%edx), %eax
-+ movl dsLookahead(%edx), %ebx
-+ cmpl %eax, %ebx
-+ jl LookaheadLess
-+ movl %eax, %ebx
-+LookaheadLess: movl %ebx, nicematch(%esp)
-+
-+/* register Bytef *scan = s->window + s->strstart; */
-+
-+ movl dsWindow(%edx), %esi
-+ movl %esi, window(%esp)
-+ movl dsStrStart(%edx), %ebp
-+ lea (%esi,%ebp), %edi
-+ movl %edi, scan(%esp)
-+
-+/* Determine how many bytes the scan ptr is off from being */
-+/* dword-aligned. */
-+
-+ movl %edi, %eax
-+ negl %eax
-+ andl $3, %eax
-+ movl %eax, scanalign(%esp)
-+
-+/* IPos limit = s->strstart > (IPos)MAX_DIST(s) ? */
-+/* s->strstart - (IPos)MAX_DIST(s) : NIL; */
-+
-+ movl dsWSize(%edx), %eax
-+ subl $MIN_LOOKAHEAD, %eax
-+ subl %eax, %ebp
-+ jg LimitPositive
-+ xorl %ebp, %ebp
-+LimitPositive:
-+
-+/* unsigned chain_length = s->max_chain_length; */
-+/* if (s->prev_length >= s->good_match) { */
-+/* chain_length >>= 2; */
-+/* } */
-+
-+ movl dsPrevLen(%edx), %eax
-+ movl dsGoodMatch(%edx), %ebx
-+ cmpl %ebx, %eax
-+ movl dsMaxChainLen(%edx), %ebx
-+ jl LastMatchGood
-+ shrl $2, %ebx
-+LastMatchGood:
-+
-+/* chainlen is decremented once beforehand so that the function can */
-+/* use the sign flag instead of the zero flag for the exit test. */
-+/* It is then shifted into the high word, to make room for the scanend */
-+/* scanend value, which it will always accompany. */
-+
-+ decl %ebx
-+ shll $16, %ebx
-+
-+/* int best_len = s->prev_length; */
-+
-+ movl dsPrevLen(%edx), %eax
-+ movl %eax, bestlen(%esp)
-+
-+/* Store the sum of s->window + best_len in %esi locally, and in %esi. */
-+
-+ addl %eax, %esi
-+ movl %esi, windowbestlen(%esp)
-+
-+/* register ush scan_start = *(ushf*)scan; */
-+/* register ush scan_end = *(ushf*)(scan+best_len-1); */
-+
-+ movw (%edi), %bx
-+ movw %bx, scanstart(%esp)
-+ movw -1(%edi,%eax), %bx
-+ movl %ebx, chainlenscanend(%esp)
-+
-+/* Posf *prev = s->prev; */
-+/* uInt wmask = s->w_mask; */
-+
-+ movl dsPrev(%edx), %edi
-+ movl dsWMask(%edx), %edx
-+ mov %edx, wmask(%esp)
-+
-+/* Jump into the main loop. */
-+
-+ jmp LoopEntry
-+
-+.balign 16
-+
-+/* do {
-+ * match = s->window + cur_match;
-+ * if (*(ushf*)(match+best_len-1) != scan_end ||
-+ * *(ushf*)match != scan_start) continue;
-+ * [...]
-+ * } while ((cur_match = prev[cur_match & wmask]) > limit
-+ * && --chain_length != 0);
-+ *
-+ * Here is the inner loop of the function. The function will spend the
-+ * majority of its time in this loop, and majority of that time will
-+ * be spent in the first ten instructions.
-+ *
-+ * Within this loop:
-+ * %ebx = chainlenscanend - i.e., ((chainlen << 16) | scanend)
-+ * %ecx = curmatch
-+ * %edx = curmatch & wmask
-+ * %esi = windowbestlen - i.e., (window + bestlen)
-+ * %edi = prev
-+ * %ebp = limit
-+ *
-+ * Two optimization notes on the choice of instructions:
-+ *
-+ * The first instruction uses a 16-bit address, which costs an extra,
-+ * unpairable cycle. This is cheaper than doing a 32-bit access and
-+ * zeroing the high word, due to the 3-cycle misalignment penalty which
-+ * would occur half the time. This also turns out to be cheaper than
-+ * doing two separate 8-bit accesses, as the memory is so rarely in the
-+ * L1 cache.
-+ *
-+ * The window buffer, however, apparently spends a lot of time in the
-+ * cache, and so it is faster to retrieve the word at the end of the
-+ * match string with two 8-bit loads. The instructions that test the
-+ * word at the beginning of the match string, however, are executed
-+ * much less frequently, and there it was cheaper to use 16-bit
-+ * instructions, which avoided the necessity of saving off and
-+ * subsequently reloading one of the other registers.
-+ */
-+LookupLoop:
-+ /* 1 U & V */
-+ movw (%edi,%edx,2), %cx /* 2 U pipe */
-+ movl wmask(%esp), %edx /* 2 V pipe */
-+ cmpl %ebp, %ecx /* 3 U pipe */
-+ jbe LeaveNow /* 3 V pipe */
-+ subl $0x00010000, %ebx /* 4 U pipe */
-+ js LeaveNow /* 4 V pipe */
-+LoopEntry: movb -1(%esi,%ecx), %al /* 5 U pipe */
-+ andl %ecx, %edx /* 5 V pipe */
-+ cmpb %bl, %al /* 6 U pipe */
-+ jnz LookupLoop /* 6 V pipe */
-+ movb (%esi,%ecx), %ah
-+ cmpb %bh, %ah
-+ jnz LookupLoop
-+ movl window(%esp), %eax
-+ movw (%eax,%ecx), %ax
-+ cmpw scanstart(%esp), %ax
-+ jnz LookupLoop
-+
-+/* Store the current value of chainlen. */
-+
-+ movl %ebx, chainlenscanend(%esp)
-+
-+/* Point %edi to the string under scrutiny, and %esi to the string we */
-+/* are hoping to match it up with. In actuality, %esi and %edi are */
-+/* both pointed (MAX_MATCH_8 - scanalign) bytes ahead, and %edx is */
-+/* initialized to -(MAX_MATCH_8 - scanalign). */
-+
-+ movl window(%esp), %esi
-+ movl scan(%esp), %edi
-+ addl %ecx, %esi
-+ movl scanalign(%esp), %eax
-+ movl $(-MAX_MATCH_8), %edx
-+ lea MAX_MATCH_8(%edi,%eax), %edi
-+ lea MAX_MATCH_8(%esi,%eax), %esi
-+
-+/* Test the strings for equality, 8 bytes at a time. At the end,
-+ * adjust %edx so that it is offset to the exact byte that mismatched.
-+ *
-+ * We already know at this point that the first three bytes of the
-+ * strings match each other, and they can be safely passed over before
-+ * starting the compare loop. So what this code does is skip over 0-3
-+ * bytes, as much as necessary in order to dword-align the %edi
-+ * pointer. (%esi will still be misaligned three times out of four.)
-+ *
-+ * It should be confessed that this loop usually does not represent
-+ * much of the total running time. Replacing it with a more
-+ * straightforward "rep cmpsb" would not drastically degrade
-+ * performance.
-+ */
-+LoopCmps:
-+ movl (%esi,%edx), %eax
-+ movl (%edi,%edx), %ebx
-+ xorl %ebx, %eax
-+ jnz LeaveLoopCmps
-+ movl 4(%esi,%edx), %eax
-+ movl 4(%edi,%edx), %ebx
-+ xorl %ebx, %eax
-+ jnz LeaveLoopCmps4
-+ addl $8, %edx
-+ jnz LoopCmps
-+ jmp LenMaximum
-+LeaveLoopCmps4: addl $4, %edx
-+LeaveLoopCmps: testl $0x0000FFFF, %eax
-+ jnz LenLower
-+ addl $2, %edx
-+ shrl $16, %eax
-+LenLower: subb $1, %al
-+ adcl $0, %edx
-+
-+/* Calculate the length of the match. If it is longer than MAX_MATCH, */
-+/* then automatically accept it as the best possible match and leave. */
-+
-+ lea (%edi,%edx), %eax
-+ movl scan(%esp), %edi
-+ subl %edi, %eax
-+ cmpl $MAX_MATCH, %eax
-+ jge LenMaximum
-+
-+/* If the length of the match is not longer than the best match we */
-+/* have so far, then forget it and return to the lookup loop. */
-+
-+ movl deflatestate(%esp), %edx
-+ movl bestlen(%esp), %ebx
-+ cmpl %ebx, %eax
-+ jg LongerMatch
-+ movl chainlenscanend(%esp), %ebx
-+ movl windowbestlen(%esp), %esi
-+ movl dsPrev(%edx), %edi
-+ movl wmask(%esp), %edx
-+ andl %ecx, %edx
-+ jmp LookupLoop
-+
-+/* s->match_start = cur_match; */
-+/* best_len = len; */
-+/* if (len >= nice_match) break; */
-+/* scan_end = *(ushf*)(scan+best_len-1); */
-+
-+LongerMatch: movl nicematch(%esp), %ebx
-+ movl %eax, bestlen(%esp)
-+ movl %ecx, dsMatchStart(%edx)
-+ cmpl %ebx, %eax
-+ jge LeaveNow
-+ movl window(%esp), %esi
-+ addl %eax, %esi
-+ movl %esi, windowbestlen(%esp)
-+ movl chainlenscanend(%esp), %ebx
-+ movw -1(%edi,%eax), %bx
-+ movl dsPrev(%edx), %edi
-+ movl %ebx, chainlenscanend(%esp)
-+ movl wmask(%esp), %edx
-+ andl %ecx, %edx
-+ jmp LookupLoop
-+
-+/* Accept the current string, with the maximum possible length. */
-+
-+LenMaximum: movl deflatestate(%esp), %edx
-+ movl $MAX_MATCH, bestlen(%esp)
-+ movl %ecx, dsMatchStart(%edx)
-+
-+/* if ((uInt)best_len <= s->lookahead) return (uInt)best_len; */
-+/* return s->lookahead; */
-+
-+LeaveNow:
-+ movl deflatestate(%esp), %edx
-+ movl bestlen(%esp), %ebx
-+ movl dsLookahead(%edx), %eax
-+ cmpl %eax, %ebx
-+ jg LookaheadRet
-+ movl %ebx, %eax
-+LookaheadRet:
-+
-+/* Restore the stack and return from whence we came. */
-+
-+ addl $LocalVarsSize, %esp
-+ popl %ebx
-+ popl %esi
-+ popl %edi
-+ popl %ebp
-+match_init: ret
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/match686.S Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,330 @@
-+/* match.s -- Pentium-Pro-optimized version of longest_match()
-+ * Written for zlib 1.1.2
-+ * Copyright (C) 1998 Brian Raiter <breadbox@muppetlabs.com>
-+ *
-+ * This is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License.
-+ */
-+
-+#ifndef NO_UNDERLINE
-+#define match_init _ipcomp_match_init
-+#define longest_match _ipcomp_longest_match
-+#else
-+#define match_init ipcomp_match_init
-+#define longest_match ipcomp_longest_match
-+#endif
-+
-+#define MAX_MATCH (258)
-+#define MIN_MATCH (3)
-+#define MIN_LOOKAHEAD (MAX_MATCH + MIN_MATCH + 1)
-+#define MAX_MATCH_8 ((MAX_MATCH + 7) & ~7)
-+
-+/* stack frame offsets */
-+
-+#define chainlenwmask 0 /* high word: current chain len */
-+ /* low word: s->wmask */
-+#define window 4 /* local copy of s->window */
-+#define windowbestlen 8 /* s->window + bestlen */
-+#define scanstart 16 /* first two bytes of string */
-+#define scanend 12 /* last two bytes of string */
-+#define scanalign 20 /* dword-misalignment of string */
-+#define nicematch 24 /* a good enough match size */
-+#define bestlen 28 /* size of best match so far */
-+#define scan 32 /* ptr to string wanting match */
-+
-+#define LocalVarsSize (36)
-+/* saved ebx 36 */
-+/* saved edi 40 */
-+/* saved esi 44 */
-+/* saved ebp 48 */
-+/* return address 52 */
-+#define deflatestate 56 /* the function arguments */
-+#define curmatch 60
-+
-+/* Offsets for fields in the deflate_state structure. These numbers
-+ * are calculated from the definition of deflate_state, with the
-+ * assumption that the compiler will dword-align the fields. (Thus,
-+ * changing the definition of deflate_state could easily cause this
-+ * program to crash horribly, without so much as a warning at
-+ * compile time. Sigh.)
-+ */
-+#define dsWSize 36
-+#define dsWMask 44
-+#define dsWindow 48
-+#define dsPrev 56
-+#define dsMatchLen 88
-+#define dsPrevMatch 92
-+#define dsStrStart 100
-+#define dsMatchStart 104
-+#define dsLookahead 108
-+#define dsPrevLen 112
-+#define dsMaxChainLen 116
-+#define dsGoodMatch 132
-+#define dsNiceMatch 136
-+
-+
-+.file "match.S"
-+
-+.globl match_init, longest_match
-+
-+.text
-+
-+/* uInt longest_match(deflate_state *deflatestate, IPos curmatch) */
-+
-+longest_match:
-+
-+/* Save registers that the compiler may be using, and adjust %esp to */
-+/* make room for our stack frame. */
-+
-+ pushl %ebp
-+ pushl %edi
-+ pushl %esi
-+ pushl %ebx
-+ subl $LocalVarsSize, %esp
-+
-+/* Retrieve the function arguments. %ecx will hold cur_match */
-+/* throughout the entire function. %edx will hold the pointer to the */
-+/* deflate_state structure during the function's setup (before */
-+/* entering the main loop). */
-+
-+ movl deflatestate(%esp), %edx
-+ movl curmatch(%esp), %ecx
-+
-+/* uInt wmask = s->w_mask; */
-+/* unsigned chain_length = s->max_chain_length; */
-+/* if (s->prev_length >= s->good_match) { */
-+/* chain_length >>= 2; */
-+/* } */
-+
-+ movl dsPrevLen(%edx), %eax
-+ movl dsGoodMatch(%edx), %ebx
-+ cmpl %ebx, %eax
-+ movl dsWMask(%edx), %eax
-+ movl dsMaxChainLen(%edx), %ebx
-+ jl LastMatchGood
-+ shrl $2, %ebx
-+LastMatchGood:
-+
-+/* chainlen is decremented once beforehand so that the function can */
-+/* use the sign flag instead of the zero flag for the exit test. */
-+/* It is then shifted into the high word, to make room for the wmask */
-+/* value, which it will always accompany. */
-+
-+ decl %ebx
-+ shll $16, %ebx
-+ orl %eax, %ebx
-+ movl %ebx, chainlenwmask(%esp)
-+
-+/* if ((uInt)nice_match > s->lookahead) nice_match = s->lookahead; */
-+
-+ movl dsNiceMatch(%edx), %eax
-+ movl dsLookahead(%edx), %ebx
-+ cmpl %eax, %ebx
-+ jl LookaheadLess
-+ movl %eax, %ebx
-+LookaheadLess: movl %ebx, nicematch(%esp)
-+
-+/* register Bytef *scan = s->window + s->strstart; */
-+
-+ movl dsWindow(%edx), %esi
-+ movl %esi, window(%esp)
-+ movl dsStrStart(%edx), %ebp
-+ lea (%esi,%ebp), %edi
-+ movl %edi, scan(%esp)
-+
-+/* Determine how many bytes the scan ptr is off from being */
-+/* dword-aligned. */
-+
-+ movl %edi, %eax
-+ negl %eax
-+ andl $3, %eax
-+ movl %eax, scanalign(%esp)
-+
-+/* IPos limit = s->strstart > (IPos)MAX_DIST(s) ? */
-+/* s->strstart - (IPos)MAX_DIST(s) : NIL; */
-+
-+ movl dsWSize(%edx), %eax
-+ subl $MIN_LOOKAHEAD, %eax
-+ subl %eax, %ebp
-+ jg LimitPositive
-+ xorl %ebp, %ebp
-+LimitPositive:
-+
-+/* int best_len = s->prev_length; */
-+
-+ movl dsPrevLen(%edx), %eax
-+ movl %eax, bestlen(%esp)
-+
-+/* Store the sum of s->window + best_len in %esi locally, and in %esi. */
-+
-+ addl %eax, %esi
-+ movl %esi, windowbestlen(%esp)
-+
-+/* register ush scan_start = *(ushf*)scan; */
-+/* register ush scan_end = *(ushf*)(scan+best_len-1); */
-+/* Posf *prev = s->prev; */
-+
-+ movzwl (%edi), %ebx
-+ movl %ebx, scanstart(%esp)
-+ movzwl -1(%edi,%eax), %ebx
-+ movl %ebx, scanend(%esp)
-+ movl dsPrev(%edx), %edi
-+
-+/* Jump into the main loop. */
-+
-+ movl chainlenwmask(%esp), %edx
-+ jmp LoopEntry
-+
-+.balign 16
-+
-+/* do {
-+ * match = s->window + cur_match;
-+ * if (*(ushf*)(match+best_len-1) != scan_end ||
-+ * *(ushf*)match != scan_start) continue;
-+ * [...]
-+ * } while ((cur_match = prev[cur_match & wmask]) > limit
-+ * && --chain_length != 0);
-+ *
-+ * Here is the inner loop of the function. The function will spend the
-+ * majority of its time in this loop, and majority of that time will
-+ * be spent in the first ten instructions.
-+ *
-+ * Within this loop:
-+ * %ebx = scanend
-+ * %ecx = curmatch
-+ * %edx = chainlenwmask - i.e., ((chainlen << 16) | wmask)
-+ * %esi = windowbestlen - i.e., (window + bestlen)
-+ * %edi = prev
-+ * %ebp = limit
-+ */
-+LookupLoop:
-+ andl %edx, %ecx
-+ movzwl (%edi,%ecx,2), %ecx
-+ cmpl %ebp, %ecx
-+ jbe LeaveNow
-+ subl $0x00010000, %edx
-+ js LeaveNow
-+LoopEntry: movzwl -1(%esi,%ecx), %eax
-+ cmpl %ebx, %eax
-+ jnz LookupLoop
-+ movl window(%esp), %eax
-+ movzwl (%eax,%ecx), %eax
-+ cmpl scanstart(%esp), %eax
-+ jnz LookupLoop
-+
-+/* Store the current value of chainlen. */
-+
-+ movl %edx, chainlenwmask(%esp)
-+
-+/* Point %edi to the string under scrutiny, and %esi to the string we */
-+/* are hoping to match it up with. In actuality, %esi and %edi are */
-+/* both pointed (MAX_MATCH_8 - scanalign) bytes ahead, and %edx is */
-+/* initialized to -(MAX_MATCH_8 - scanalign). */
-+
-+ movl window(%esp), %esi
-+ movl scan(%esp), %edi
-+ addl %ecx, %esi
-+ movl scanalign(%esp), %eax
-+ movl $(-MAX_MATCH_8), %edx
-+ lea MAX_MATCH_8(%edi,%eax), %edi
-+ lea MAX_MATCH_8(%esi,%eax), %esi
-+
-+/* Test the strings for equality, 8 bytes at a time. At the end,
-+ * adjust %edx so that it is offset to the exact byte that mismatched.
-+ *
-+ * We already know at this point that the first three bytes of the
-+ * strings match each other, and they can be safely passed over before
-+ * starting the compare loop. So what this code does is skip over 0-3
-+ * bytes, as much as necessary in order to dword-align the %edi
-+ * pointer. (%esi will still be misaligned three times out of four.)
-+ *
-+ * It should be confessed that this loop usually does not represent
-+ * much of the total running time. Replacing it with a more
-+ * straightforward "rep cmpsb" would not drastically degrade
-+ * performance.
-+ */
-+LoopCmps:
-+ movl (%esi,%edx), %eax
-+ xorl (%edi,%edx), %eax
-+ jnz LeaveLoopCmps
-+ movl 4(%esi,%edx), %eax
-+ xorl 4(%edi,%edx), %eax
-+ jnz LeaveLoopCmps4
-+ addl $8, %edx
-+ jnz LoopCmps
-+ jmp LenMaximum
-+LeaveLoopCmps4: addl $4, %edx
-+LeaveLoopCmps: testl $0x0000FFFF, %eax
-+ jnz LenLower
-+ addl $2, %edx
-+ shrl $16, %eax
-+LenLower: subb $1, %al
-+ adcl $0, %edx
-+
-+/* Calculate the length of the match. If it is longer than MAX_MATCH, */
-+/* then automatically accept it as the best possible match and leave. */
-+
-+ lea (%edi,%edx), %eax
-+ movl scan(%esp), %edi
-+ subl %edi, %eax
-+ cmpl $MAX_MATCH, %eax
-+ jge LenMaximum
-+
-+/* If the length of the match is not longer than the best match we */
-+/* have so far, then forget it and return to the lookup loop. */
-+
-+ movl deflatestate(%esp), %edx
-+ movl bestlen(%esp), %ebx
-+ cmpl %ebx, %eax
-+ jg LongerMatch
-+ movl windowbestlen(%esp), %esi
-+ movl dsPrev(%edx), %edi
-+ movl scanend(%esp), %ebx
-+ movl chainlenwmask(%esp), %edx
-+ jmp LookupLoop
-+
-+/* s->match_start = cur_match; */
-+/* best_len = len; */
-+/* if (len >= nice_match) break; */
-+/* scan_end = *(ushf*)(scan+best_len-1); */
-+
-+LongerMatch: movl nicematch(%esp), %ebx
-+ movl %eax, bestlen(%esp)
-+ movl %ecx, dsMatchStart(%edx)
-+ cmpl %ebx, %eax
-+ jge LeaveNow
-+ movl window(%esp), %esi
-+ addl %eax, %esi
-+ movl %esi, windowbestlen(%esp)
-+ movzwl -1(%edi,%eax), %ebx
-+ movl dsPrev(%edx), %edi
-+ movl %ebx, scanend(%esp)
-+ movl chainlenwmask(%esp), %edx
-+ jmp LookupLoop
-+
-+/* Accept the current string, with the maximum possible length. */
-+
-+LenMaximum: movl deflatestate(%esp), %edx
-+ movl $MAX_MATCH, bestlen(%esp)
-+ movl %ecx, dsMatchStart(%edx)
-+
-+/* if ((uInt)best_len <= s->lookahead) return (uInt)best_len; */
-+/* return s->lookahead; */
-+
-+LeaveNow:
-+ movl deflatestate(%esp), %edx
-+ movl bestlen(%esp), %ebx
-+ movl dsLookahead(%edx), %eax
-+ cmpl %eax, %ebx
-+ jg LookaheadRet
-+ movl %ebx, %eax
-+LookaheadRet:
-+
-+/* Restore the stack and return from whence we came. */
-+
-+ addl $LocalVarsSize, %esp
-+ popl %ebx
-+ popl %esi
-+ popl %edi
-+ popl %ebp
-+match_init: ret
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/null/ipsec_alg_null.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,145 @@
-+/*
-+ * ipsec_alg NULL cipher stubs
-+ *
-+ * Author: JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar>
-+ *
-+ * $Id: ipsec_alg_null.c,v 1.1.2.1 2006/10/11 18:14:33 paul Exp $
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ */
-+#include <linux/config.h>
-+#include <linux/version.h>
-+
-+/*
-+ * special case: ipsec core modular with this static algo inside:
-+ * must avoid MODULE magic for this file
-+ */
-+#if defined(CONFIG_KLIPS_MODULE) && defined(CONFIG_KLIPS_ENC_NULL)
-+#undef MODULE
-+#endif
-+
-+#include <linux/module.h>
-+#include <linux/init.h>
-+
-+#include <linux/kernel.h> /* printk() */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/string.h>
-+
-+/* Check if __exit is defined, if not null it */
-+#ifndef __exit
-+#define __exit
-+#endif
-+
-+/* Low freeswan header coupling */
-+#include "openswan/ipsec_alg.h"
-+
-+#define ESP_NULL 11 /* from ipsec drafts */
-+#define ESP_NULL_BLK_LEN 1
-+
-+MODULE_AUTHOR("JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar>");
-+static int debug_null=0;
-+static int test_null=0;
-+#ifdef module_param
-+module_param(debug_null, int, 0600);
-+module_param(test_null, int, 0600);
-+#else
-+MODULE_PARM(debug_null, "i");
-+MODULE_PARM(test_null, "i");
-+#endif
-+
-+typedef int null_context;
-+
-+struct null_eks{
-+ null_context null_ctx;
-+};
-+static int _null_set_key(struct ipsec_alg_enc *alg,
-+ __u8 * key_e, const __u8 * key,
-+ size_t keysize) {
-+ null_context *ctx=&((struct null_eks*)key_e)->null_ctx;
-+ if (debug_null > 0)
-+ printk(KERN_DEBUG "klips_debug:_null_set_key:"
-+ "key_e=%p key=%p keysize=%d\n",
-+ key_e, key, keysize);
-+ *ctx = 1;
-+ return 0;
-+}
-+static int _null_cbc_encrypt(struct ipsec_alg_enc *alg,
-+ __u8 * key_e, __u8 * in, int ilen, const __u8 * iv,
-+ int encrypt) {
-+ null_context *ctx=&((struct null_eks*)key_e)->null_ctx;
-+ if (debug_null > 0)
-+ printk(KERN_DEBUG "klips_debug:_null_cbc_encrypt:"
-+ "key_e=%p in=%p ilen=%d iv=%p encrypt=%d\n",
-+ key_e, in, ilen, iv, encrypt);
-+ (*ctx)++;
-+ return ilen;
-+}
-+static struct ipsec_alg_enc ipsec_alg_NULL = {
-+ ixt_common: { ixt_version: IPSEC_ALG_VERSION,
-+ ixt_refcnt: ATOMIC_INIT(0),
-+ ixt_name: "null",
-+ ixt_blocksize: ESP_NULL_BLK_LEN,
-+ ixt_support: {
-+ ias_exttype: IPSEC_ALG_TYPE_ENCRYPT,
-+ ias_id: ESP_NULL,
-+ ias_ivlen: 0,
-+ ias_keyminbits: 0,
-+ ias_keymaxbits: 0,
-+ },
-+ },
-+#if defined(CONFIG_KLIPS_ENC_NULL_MODULE)
-+ ixt_module: THIS_MODULE,
-+#endif
-+ ixt_e_keylen: 0,
-+ ixt_e_ctx_size: sizeof(null_context),
-+ ixt_e_set_key: _null_set_key,
-+ ixt_e_cbc_encrypt:_null_cbc_encrypt,
-+};
-+
-+#if defined(CONFIG_KLIPS_ENC_NULL_MODULE)
-+IPSEC_ALG_MODULE_INIT_MOD( ipsec_null_init )
-+#else
-+IPSEC_ALG_MODULE_INIT_STATIC( ipsec_null_init )
-+#endif
-+{
-+ int ret, test_ret;
-+ ret=register_ipsec_alg_enc(&ipsec_alg_NULL);
-+ printk("ipsec_null_init(alg_type=%d alg_id=%d name=%s): ret=%d\n",
-+ ipsec_alg_NULL.ixt_common.ixt_support.ias_exttype,
-+ ipsec_alg_NULL.ixt_common.ixt_support.ias_id,
-+ ipsec_alg_NULL.ixt_common.ixt_name,
-+ ret);
-+ if (ret==0 && test_null) {
-+ test_ret=ipsec_alg_test(
-+ ipsec_alg_NULL.ixt_common.ixt_support.ias_exttype,
-+ ipsec_alg_NULL.ixt_common.ixt_support.ias_id,
-+ test_null);
-+ printk("ipsec_null_init(alg_type=%d alg_id=%d): test_ret=%d\n",
-+ ipsec_alg_NULL.ixt_common.ixt_support.ias_exttype,
-+ ipsec_alg_NULL.ixt_common.ixt_support.ias_id,
-+ test_ret);
-+ }
-+ return ret;
-+}
-+#if defined(CONFIG_KLIPS_ENC_NULL_MODULE)
-+IPSEC_ALG_MODULE_EXIT_MOD( ipsec_null_fini )
-+#else
-+IPSEC_ALG_MODULE_EXIT_STATIC( ipsec_null_fini )
-+#endif
-+{
-+ unregister_ipsec_alg_enc(&ipsec_alg_NULL);
-+ return;
-+}
-+#ifdef MODULE_LICENSE
-+MODULE_LICENSE("GPL");
-+#endif
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/pfkey_v2.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,2022 @@
-+/*
-+ * @(#) RFC2367 PF_KEYv2 Key management API domain socket I/F
-+ * Copyright (C) 1999, 2000, 2001 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: pfkey_v2.c,v 1.97.2.12 2006/11/24 05:43:29 paul Exp $
-+ */
-+
-+/*
-+ * Template from /usr/src/linux-2.0.36/net/unix/af_unix.c.
-+ * Hints from /usr/src/linux-2.0.36/net/ipv4/udp.c.
-+ */
-+
-+#define __NO_VERSION__
-+#include <linux/module.h>
-+#include <linux/version.h>
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/kernel.h>
-+
-+#include "openswan/ipsec_param.h"
-+
-+#include <linux/major.h>
-+#include <linux/signal.h>
-+#include <linux/sched.h>
-+#include <linux/errno.h>
-+#include <linux/string.h>
-+#include <linux/stat.h>
-+#include <linux/socket.h>
-+#include <linux/un.h>
-+#include <linux/fcntl.h>
-+#include <linux/termios.h>
-+#include <linux/socket.h>
-+#include <linux/sockios.h>
-+#include <linux/net.h> /* struct socket */
-+#include <linux/in.h>
-+#include <linux/fs.h>
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <asm/segment.h>
-+#include <linux/skbuff.h>
-+#include <linux/netdevice.h>
-+#include <net/sock.h> /* struct sock */
-+#include <net/protocol.h>
-+/* #include <net/tcp.h> */
-+#include <net/af_unix.h>
-+#ifdef CONFIG_PROC_FS
-+# include <linux/proc_fs.h>
-+#endif /* CONFIG_PROC_FS */
-+
-+#include <linux/types.h>
-+
-+#include <openswan.h>
-+
-+#include "openswan/radij.h"
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_sa.h"
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+#include "openswan/ipsec_proto.h"
-+#include "openswan/ipsec_kern24.h"
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+int debug_pfkey = 0;
-+extern int sysctl_ipsec_debug_verbose;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+#define SENDERR(_x) do { error = -(_x); goto errlab; } while (0)
-+
-+#ifndef SOCKOPS_WRAPPED
-+#define SOCKOPS_WRAPPED(name) name
-+#endif /* SOCKOPS_WRAPPED */
-+
-+#ifdef NET_26
-+static rwlock_t pfkey_sock_lock = RW_LOCK_UNLOCKED;
-+HLIST_HEAD(pfkey_sock_list);
-+static DECLARE_WAIT_QUEUE_HEAD(pfkey_sock_wait);
-+static atomic_t pfkey_sock_users = ATOMIC_INIT(0);
-+#else
-+struct sock *pfkey_sock_list = NULL;
-+#endif
-+
-+struct supported_list *pfkey_supported_list[SADB_SATYPE_MAX+1];
-+
-+struct socket_list *pfkey_open_sockets = NULL;
-+struct socket_list *pfkey_registered_sockets[SADB_SATYPE_MAX+1];
-+
-+int pfkey_msg_interp(struct sock *, struct sadb_msg *, struct sadb_msg **);
-+
-+DEBUG_NO_STATIC int pfkey_create(struct socket *sock, int protocol);
-+DEBUG_NO_STATIC int pfkey_shutdown(struct socket *sock, int mode);
-+DEBUG_NO_STATIC int pfkey_release(struct socket *sock);
-+
-+#ifdef NET_26
-+DEBUG_NO_STATIC int pfkey_sendmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t len);
-+DEBUG_NO_STATIC int pfkey_recvmsg(struct kiocb *kiocb, struct socket *sock, struct msghdr *msg
-+ , size_t size, int flags);
-+#else
-+DEBUG_NO_STATIC int pfkey_sendmsg(struct socket *sock, struct msghdr *msg, int len, struct scm_cookie *scm);
-+DEBUG_NO_STATIC int pfkey_recvmsg(struct socket *sock, struct msghdr *msg, int size, int flags, struct scm_cookie *scm);
-+#endif
-+
-+struct net_proto_family pfkey_family_ops = {
-+#ifdef NETDEV_23
-+ .family = PF_KEY,
-+ .create = pfkey_create,
-+#ifdef NET_26
-+ .owner = THIS_MODULE,
-+#endif
-+#else
-+ PF_KEY,
-+ pfkey_create
-+#endif
-+};
-+
-+struct proto_ops SOCKOPS_WRAPPED(pfkey_ops) = {
-+#ifdef NETDEV_23
-+ family: PF_KEY,
-+#ifdef NET_26
-+ owner: THIS_MODULE,
-+#endif
-+ release: pfkey_release,
-+ bind: sock_no_bind,
-+ connect: sock_no_connect,
-+ socketpair: sock_no_socketpair,
-+ accept: sock_no_accept,
-+ getname: sock_no_getname,
-+ poll: datagram_poll,
-+ ioctl: sock_no_ioctl,
-+ listen: sock_no_listen,
-+ shutdown: pfkey_shutdown,
-+ setsockopt: sock_no_setsockopt,
-+ getsockopt: sock_no_getsockopt,
-+ sendmsg: pfkey_sendmsg,
-+ recvmsg: pfkey_recvmsg,
-+ mmap: sock_no_mmap,
-+#else /* NETDEV_23 */
-+ PF_KEY,
-+ sock_no_dup,
-+ pfkey_release,
-+ sock_no_bind,
-+ sock_no_connect,
-+ sock_no_socketpair,
-+ sock_no_accept,
-+ sock_no_getname,
-+ datagram_poll,
-+ sock_no_ioctl,
-+ sock_no_listen,
-+ pfkey_shutdown,
-+ sock_no_setsockopt,
-+ sock_no_getsockopt,
-+ sock_no_fcntl,
-+ pfkey_sendmsg,
-+ pfkey_recvmsg
-+#endif /* NETDEV_23 */
-+};
-+
-+#ifdef NETDEV_23
-+#include <linux/smp_lock.h>
-+SOCKOPS_WRAP(pfkey, PF_KEY);
-+#endif /* NETDEV_23 */
-+
-+#ifdef NET_26
-+static void pfkey_sock_list_grab(void)
-+{
-+ write_lock_bh(&pfkey_sock_lock);
-+
-+ if (atomic_read(&pfkey_sock_users)) {
-+ DECLARE_WAITQUEUE(wait, current);
-+
-+ add_wait_queue_exclusive(&pfkey_sock_wait, &wait);
-+ for(;;) {
-+ set_current_state(TASK_UNINTERRUPTIBLE);
-+ if (atomic_read(&pfkey_sock_users) == 0)
-+ break;
-+ write_unlock_bh(&pfkey_sock_lock);
-+ schedule();
-+ write_lock_bh(&pfkey_sock_lock);
-+ }
-+
-+ __set_current_state(TASK_RUNNING);
-+ remove_wait_queue(&pfkey_sock_wait, &wait);
-+ }
-+}
-+
-+static __inline__ void pfkey_sock_list_ungrab(void)
-+{
-+ write_unlock_bh(&pfkey_sock_lock);
-+ wake_up(&pfkey_sock_wait);
-+}
-+
-+static __inline__ void pfkey_lock_sock_list(void)
-+{
-+ /* read_lock() synchronizes us to pfkey_table_grab */
-+
-+ read_lock(&pfkey_sock_lock);
-+ atomic_inc(&pfkey_sock_users);
-+ read_unlock(&pfkey_sock_lock);
-+}
-+
-+static __inline__ void pfkey_unlock_sock_list(void)
-+{
-+ if (atomic_dec_and_test(&pfkey_sock_users))
-+ wake_up(&pfkey_sock_wait);
-+}
-+#endif
-+
-+int
-+pfkey_list_remove_socket(struct socket *socketp, struct socket_list **sockets)
-+{
-+ struct socket_list *socket_listp,*prev;
-+
-+ if(!socketp) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_list_remove_socket: "
-+ "NULL socketp handed in, failed.\n");
-+ return -EINVAL;
-+ }
-+
-+ if(!sockets) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_list_remove_socket: "
-+ "NULL sockets list handed in, failed.\n");
-+ return -EINVAL;
-+ }
-+
-+ socket_listp = *sockets;
-+ prev = NULL;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_list_remove_socket: "
-+ "removing sock=0p%p\n",
-+ socketp);
-+
-+ while(socket_listp != NULL) {
-+ if(socket_listp->socketp == socketp) {
-+ if(prev != NULL) {
-+ prev->next = socket_listp->next;
-+ } else {
-+ *sockets = socket_listp->next;
-+ }
-+
-+ kfree((void*)socket_listp);
-+
-+ break;
-+ }
-+ prev = socket_listp;
-+ socket_listp = socket_listp->next;
-+ }
-+
-+ return 0;
-+}
-+
-+int
-+pfkey_list_insert_socket(struct socket *socketp, struct socket_list **sockets)
-+{
-+ struct socket_list *socket_listp;
-+
-+ if(!socketp) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_list_insert_socket: "
-+ "NULL socketp handed in, failed.\n");
-+ return -EINVAL;
-+ }
-+
-+ if(!sockets) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_list_insert_socket: "
-+ "NULL sockets list handed in, failed.\n");
-+ return -EINVAL;
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_list_insert_socket: "
-+ "allocating %lu bytes for socketp=0p%p\n",
-+ (unsigned long) sizeof(struct socket_list),
-+ socketp);
-+
-+ if((socket_listp = (struct socket_list *)kmalloc(sizeof(struct socket_list), GFP_KERNEL)) == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_list_insert_socket: "
-+ "memory allocation error.\n");
-+ return -ENOMEM;
-+ }
-+
-+ socket_listp->socketp = socketp;
-+ socket_listp->next = *sockets;
-+ *sockets = socket_listp;
-+
-+ return 0;
-+}
-+
-+int
-+pfkey_list_remove_supported(struct ipsec_alg_supported *supported, struct supported_list **supported_list)
-+{
-+ struct supported_list *supported_listp = *supported_list, *prev = NULL;
-+
-+ if(!supported) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_list_remove_supported: "
-+ "NULL supported handed in, failed.\n");
-+ return -EINVAL;
-+ }
-+
-+ if(!supported_list) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_list_remove_supported: "
-+ "NULL supported_list handed in, failed.\n");
-+ return -EINVAL;
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_list_remove_supported: "
-+ "removing supported=0p%p\n",
-+ supported);
-+
-+ while(supported_listp != NULL) {
-+ if(supported_listp->supportedp == supported) {
-+ if(prev != NULL) {
-+ prev->next = supported_listp->next;
-+ } else {
-+ *supported_list = supported_listp->next;
-+ }
-+
-+ kfree((void*)supported_listp);
-+
-+ break;
-+ }
-+ prev = supported_listp;
-+ supported_listp = supported_listp->next;
-+ }
-+
-+ return 0;
-+}
-+
-+int
-+pfkey_list_insert_supported(struct ipsec_alg_supported *supported
-+ , struct supported_list **supported_list)
-+{
-+ struct supported_list *supported_listp;
-+
-+ if(!supported) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_list_insert_supported: "
-+ "NULL supported handed in, failed.\n");
-+ return -EINVAL;
-+ }
-+
-+ if(!supported_list) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_list_insert_supported: "
-+ "NULL supported_list handed in, failed.\n");
-+ return -EINVAL;
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_list_insert_supported: "
-+ "allocating %lu bytes for incoming, supported=0p%p, supported_list=0p%p\n",
-+ (unsigned long) sizeof(struct supported_list),
-+ supported,
-+ supported_list);
-+
-+ supported_listp = (struct supported_list *)kmalloc(sizeof(struct supported_list), GFP_KERNEL);
-+
-+ if(supported_listp == NULL)
-+ {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_list_insert_supported: "
-+ "memory allocation error.\n");
-+ return -ENOMEM;
-+ }
-+
-+ supported_listp->supportedp = supported;
-+ supported_listp->next = *supported_list;
-+ *supported_list = supported_listp;
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_list_insert_supported: "
-+ "outgoing, supported=0p%p, supported_list=0p%p\n",
-+ supported,
-+ supported_list);
-+
-+ return 0;
-+}
-+
-+#ifdef NET_26
-+DEBUG_NO_STATIC void
-+pfkey_insert_socket(struct sock *sk)
-+{
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_insert_socket: "
-+ "sk=0p%p\n",
-+ sk);
-+ pfkey_sock_list_grab();
-+ sk_add_node(sk, &pfkey_sock_list);
-+ pfkey_sock_list_ungrab();
-+}
-+
-+DEBUG_NO_STATIC void
-+pfkey_remove_socket(struct sock *sk)
-+{
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_remove_socket: 0p%p\n", sk);
-+ pfkey_sock_list_grab();
-+ sk_del_node_init(sk);
-+ pfkey_sock_list_ungrab();
-+ return;
-+}
-+#else
-+
-+DEBUG_NO_STATIC void
-+pfkey_insert_socket(struct sock *sk)
-+{
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_insert_socket: "
-+ "sk=0p%p\n",
-+ sk);
-+ cli();
-+ sk->next=pfkey_sock_list;
-+ pfkey_sock_list=sk;
-+ sti();
-+}
-+DEBUG_NO_STATIC void
-+pfkey_remove_socket(struct sock *sk)
-+{
-+ struct sock **s;
-+
-+ s = NULL;
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_remove_socket: .\n");
-+
-+ cli();
-+ s=&pfkey_sock_list;
-+
-+ while(*s!=NULL) {
-+ if(*s==sk) {
-+ *s=sk->next;
-+ sk->next=NULL;
-+ sti();
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_remove_socket: "
-+ "succeeded.\n");
-+ return;
-+ }
-+ s=&((*s)->next);
-+ }
-+ sti();
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_remove_socket: "
-+ "not found.\n");
-+ return;
-+}
-+#endif
-+
-+DEBUG_NO_STATIC void
-+pfkey_destroy_socket(struct sock *sk)
-+{
-+ struct sk_buff *skb;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_destroy_socket: 0p%p\n",sk);
-+ pfkey_remove_socket(sk);
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_destroy_socket: "
-+ "pfkey_remove_socket called, sk=0p%p\n",sk);
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_destroy_socket: "
-+ "sk(0p%p)->(&0p%p)receive_queue.{next=0p%p,prev=0p%p}.\n",
-+ sk,
-+ &(sk->sk_receive_queue),
-+ sk->sk_receive_queue.next,
-+ sk->sk_receive_queue.prev);
-+
-+ while(sk && ((skb=skb_dequeue(&(sk->sk_receive_queue)))!=NULL)) {
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(debug_pfkey && sysctl_ipsec_debug_verbose) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_destroy_socket: "
-+ "skb=0p%p dequeued.\n", skb);
-+ printk(KERN_INFO "klips_debug:pfkey_destroy_socket: "
-+ "pfkey_skb contents:");
-+ printk(" next:0p%p", skb->next);
-+ printk(" prev:0p%p", skb->prev);
-+ printk(" sk:0p%p", skb->sk);
-+ printk(" dev:0p%p", skb->dev);
-+ if(skb->dev) {
-+ if(skb->dev->name) {
-+ printk(" dev->name:%s", skb->dev->name);
-+ } else {
-+ printk(" dev->name:NULL?");
-+ }
-+ } else {
-+ printk(" dev:NULL");
-+ }
-+ printk(" h:0p%p", skb->h.raw);
-+ printk(" nh:0p%p", skb->nh.raw);
-+ printk(" mac:0p%p", skb->mac.raw);
-+ printk(" dst:0p%p", skb->dst);
-+ if(sysctl_ipsec_debug_verbose) {
-+ int i;
-+
-+ printk(" cb");
-+ for(i=0; i<48; i++) {
-+ printk(":%2x", skb->cb[i]);
-+ }
-+ }
-+ printk(" len:%d", skb->len);
-+ printk(" csum:%d", skb->csum);
-+#ifndef NETDEV_23
-+ printk(" used:%d", skb->used);
-+ printk(" is_clone:%d", skb->is_clone);
-+#endif /* NETDEV_23 */
-+ printk(" cloned:%d", skb->cloned);
-+ printk(" pkt_type:%d", skb->pkt_type);
-+ printk(" ip_summed:%d", skb->ip_summed);
-+ printk(" priority:%d", skb->priority);
-+ printk(" protocol:%d", skb->protocol);
-+#ifdef HAVE_SOCK_SECURITY
-+ printk(" security:%d", skb->security);
-+#endif
-+ printk(" truesize:%d", skb->truesize);
-+ printk(" head:0p%p", skb->head);
-+ printk(" data:0p%p", skb->data);
-+ printk(" tail:0p%p", skb->tail);
-+ printk(" end:0p%p", skb->end);
-+ if(sysctl_ipsec_debug_verbose) {
-+ unsigned char* i;
-+ printk(" data");
-+ for(i = skb->head; i < skb->end; i++) {
-+ printk(":%2x", (unsigned char)(*(i)));
-+ }
-+ }
-+ printk(" destructor:0p%p", skb->destructor);
-+ printk("\n");
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_destroy_socket: "
-+ "skb=0p%p freed.\n",
-+ skb);
-+ ipsec_kfree_skb(skb);
-+ }
-+
-+#ifdef NET_26
-+ sock_set_flag(sk, SOCK_DEAD);
-+#else
-+ sk->dead = 1;
-+#endif
-+ sk_free(sk);
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_destroy_socket: destroyed.\n");
-+}
-+
-+int
-+pfkey_upmsg(struct socket *sock, struct sadb_msg *pfkey_msg)
-+{
-+ int error = 0;
-+ struct sk_buff * skb = NULL;
-+ struct sock *sk;
-+
-+ if(sock == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_upmsg: "
-+ "NULL socket passed in.\n");
-+ return -EINVAL;
-+ }
-+
-+ if(pfkey_msg == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_upmsg: "
-+ "NULL pfkey_msg passed in.\n");
-+ return -EINVAL;
-+ }
-+
-+ sk = sock->sk;
-+
-+ if(sk == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_upmsg: "
-+ "NULL sock passed in.\n");
-+ return -EINVAL;
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_upmsg: "
-+ "allocating %d bytes...\n",
-+ (int)(pfkey_msg->sadb_msg_len * IPSEC_PFKEYv2_ALIGN));
-+ if(!(skb = alloc_skb(pfkey_msg->sadb_msg_len * IPSEC_PFKEYv2_ALIGN, GFP_ATOMIC) )) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_upmsg: "
-+ "no buffers left to send up a message.\n");
-+ return -ENOBUFS;
-+ }
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_upmsg: "
-+ "...allocated at 0p%p.\n",
-+ skb);
-+
-+ skb->dev = NULL;
-+
-+ if(skb_tailroom(skb) < pfkey_msg->sadb_msg_len * IPSEC_PFKEYv2_ALIGN) {
-+ printk(KERN_WARNING "klips_error:pfkey_upmsg: "
-+ "tried to skb_put %ld, %d available. This should never happen, please report.\n",
-+ (unsigned long int)pfkey_msg->sadb_msg_len * IPSEC_PFKEYv2_ALIGN,
-+ skb_tailroom(skb));
-+ ipsec_kfree_skb(skb);
-+ return -ENOBUFS;
-+ }
-+ skb->h.raw = skb_put(skb, pfkey_msg->sadb_msg_len * IPSEC_PFKEYv2_ALIGN);
-+ memcpy(skb->h.raw, pfkey_msg, pfkey_msg->sadb_msg_len * IPSEC_PFKEYv2_ALIGN);
-+
-+ if((error = sock_queue_rcv_skb(sk, skb)) < 0) {
-+ skb->sk=NULL;
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_upmsg: "
-+ "error=%d calling sock_queue_rcv_skb with skb=0p%p.\n",
-+ error,
-+ skb);
-+ ipsec_kfree_skb(skb);
-+ return error;
-+ }
-+ return error;
-+}
-+
-+#ifdef NET_26_12_SKALLOC
-+static struct proto key_proto = {
-+ .name = "KEY",
-+ .owner = THIS_MODULE,
-+ .obj_size = sizeof(struct sock),
-+
-+};
-+#endif
-+
-+DEBUG_NO_STATIC int
-+pfkey_create(struct socket *sock, int protocol)
-+{
-+ struct sock *sk;
-+
-+ if(sock == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_create: "
-+ "socket NULL.\n");
-+ return -EINVAL;
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_create: "
-+ "sock=0p%p type:%d state:%d flags:%ld protocol:%d\n",
-+ sock,
-+ sock->type,
-+ (unsigned int)(sock->state),
-+ sock->flags, protocol);
-+
-+ if(sock->type != SOCK_RAW) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_create: "
-+ "only SOCK_RAW supported.\n");
-+ return -ESOCKTNOSUPPORT;
-+ }
-+
-+ if(protocol != PF_KEY_V2) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_create: "
-+ "protocol not PF_KEY_V2.\n");
-+ return -EPROTONOSUPPORT;
-+ }
-+
-+ if((current->uid != 0)) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_create: "
-+ "must be root to open pfkey sockets.\n");
-+ return -EACCES;
-+ }
-+
-+ sock->state = SS_UNCONNECTED;
-+
-+ KLIPS_INC_USE;
-+
-+#ifdef NET_26
-+#ifdef NET_26_12_SKALLOC
-+ sk=(struct sock *)sk_alloc(PF_KEY, GFP_KERNEL, &key_proto, 1);
-+#else
-+ sk=(struct sock *)sk_alloc(PF_KEY, GFP_KERNEL, 1, NULL);
-+#endif
-+#else
-+ /* 2.4 interface */
-+ sk=(struct sock *)sk_alloc(PF_KEY, GFP_KERNEL, 1);
-+#endif
-+
-+ if(sk == NULL)
-+ {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_create: "
-+ "Out of memory trying to allocate.\n");
-+ KLIPS_DEC_USE;
-+ return -ENOMEM;
-+ }
-+
-+ sock_init_data(sock, sk);
-+
-+ sk->sk_destruct = NULL;
-+ sk->sk_reuse = 1;
-+ sock->ops = &pfkey_ops;
-+
-+ sk->sk_family = PF_KEY;
-+/* sk->num = protocol; */
-+ sk->sk_protocol = protocol;
-+ key_pid(sk) = current->pid;
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_create: "
-+ "sock->fasync_list=0p%p sk->sleep=0p%p.\n",
-+ sock->fasync_list,
-+ sk->sk_sleep);
-+
-+ pfkey_insert_socket(sk);
-+ pfkey_list_insert_socket(sock, &pfkey_open_sockets);
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_create: "
-+ "Socket sock=0p%p sk=0p%p initialised.\n", sock, sk);
-+ return 0;
-+}
-+
-+DEBUG_NO_STATIC int
-+#ifdef NETDEV_23
-+pfkey_release(struct socket *sock)
-+#else /* NETDEV_23 */
-+pfkey_release(struct socket *sock, struct socket *peersock)
-+#endif /* NETDEV_23 */
-+{
-+ struct sock *sk;
-+ int i;
-+
-+ if(sock==NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_release: "
-+ "No socket attached.\n");
-+ return 0; /* -EINVAL; */
-+ }
-+
-+ sk=sock->sk;
-+
-+ /* May not have data attached */
-+ if(sk==NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_release: "
-+ "No sk attached to sock=0p%p.\n", sock);
-+ return 0; /* -EINVAL; */
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_release: "
-+ "sock=0p%p sk=0p%p\n", sock, sk);
-+
-+ if(sock_flag(sk, SOCK_DEAD))
-+ if(sk->sk_state_change) {
-+ sk->sk_state_change(sk);
-+ }
-+
-+ sock->sk = NULL;
-+
-+ /* Try to flush out this socket. Throw out buffers at least */
-+ pfkey_destroy_socket(sk);
-+ pfkey_list_remove_socket(sock, &pfkey_open_sockets);
-+ for(i = SADB_SATYPE_UNSPEC; i <= SADB_SATYPE_MAX; i++) {
-+ pfkey_list_remove_socket(sock, &(pfkey_registered_sockets[i]));
-+ }
-+
-+ KLIPS_DEC_USE;
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_release: "
-+ "succeeded.\n");
-+
-+ return 0;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_shutdown(struct socket *sock, int mode)
-+{
-+ struct sock *sk;
-+
-+ if(sock == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_shutdown: "
-+ "NULL socket passed in.\n");
-+ return -EINVAL;
-+ }
-+
-+ sk=sock->sk;
-+
-+ if(sk == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_shutdown: "
-+ "No sock attached to socket.\n");
-+ return -EINVAL;
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_shutdown: "
-+ "mode=%x.\n", mode);
-+ mode++;
-+
-+ if(mode&SEND_SHUTDOWN) {
-+ sk->sk_shutdown|=SEND_SHUTDOWN;
-+ sk->sk_state_change(sk);
-+ }
-+
-+ if(mode&RCV_SHUTDOWN) {
-+ sk->sk_shutdown|=RCV_SHUTDOWN;
-+ sk->sk_state_change(sk);
-+ }
-+ return 0;
-+}
-+
-+/*
-+ * Send PF_KEY data down.
-+ */
-+
-+DEBUG_NO_STATIC int
-+#ifdef NET_26
-+pfkey_sendmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, size_t len)
-+#else
-+pfkey_sendmsg(struct socket *sock, struct msghdr *msg, int len, struct scm_cookie *scm)
-+#endif
-+{
-+ struct sock *sk;
-+ int error = 0;
-+ struct sadb_msg *pfkey_msg = NULL, *pfkey_reply = NULL;
-+
-+ if(sock == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "Null socket passed in.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ sk = sock->sk;
-+
-+ if(sk == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "Null sock passed in.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(msg == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "Null msghdr passed in.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: .\n");
-+ if(sk->sk_err) {
-+ error = sock_error(sk);
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "sk->err is non-zero, returns %d.\n",
-+ error);
-+ SENDERR(-error);
-+ }
-+
-+ if((current->uid != 0)) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "must be root to send messages to pfkey sockets.\n");
-+ SENDERR(EACCES);
-+ }
-+
-+ if(msg->msg_control)
-+ {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "can't set flags or set msg_control.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(sk->sk_shutdown & SEND_SHUTDOWN) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "shutdown.\n");
-+ send_sig(SIGPIPE, current, 0);
-+ SENDERR(EPIPE);
-+ }
-+
-+ if(len < sizeof(struct sadb_msg)) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "bogus msg len of %d, too small.\n", (int)len);
-+ SENDERR(EMSGSIZE);
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "allocating %d bytes for downward message.\n",
-+ (int)len);
-+ if((pfkey_msg = (struct sadb_msg*)kmalloc(len, GFP_KERNEL)) == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "memory allocation error.\n");
-+ SENDERR(ENOBUFS);
-+ }
-+
-+ memcpy_fromiovec((void *)pfkey_msg, msg->msg_iov, len);
-+
-+ if(pfkey_msg->sadb_msg_version != PF_KEY_V2) {
-+ KLIPS_PRINT(1 || debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "not PF_KEY_V2 msg, found %d, should be %d.\n",
-+ pfkey_msg->sadb_msg_version,
-+ PF_KEY_V2);
-+ kfree((void*)pfkey_msg);
-+ return -EINVAL;
-+ }
-+
-+ if(len != pfkey_msg->sadb_msg_len * IPSEC_PFKEYv2_ALIGN) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "bogus msg len of %d, not %d byte aligned.\n",
-+ (int)len, (int)IPSEC_PFKEYv2_ALIGN);
-+ SENDERR(EMSGSIZE);
-+ }
-+
-+#if 0
-+ /* This check is questionable, since a downward message could be
-+ the result of an ACQUIRE either from kernel (PID==0) or
-+ userspace (some other PID). */
-+ /* check PID */
-+ if(pfkey_msg->sadb_msg_pid != current->pid) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "pid (%d) does not equal sending process pid (%d).\n",
-+ pfkey_msg->sadb_msg_pid, current->pid);
-+ SENDERR(EINVAL);
-+ }
-+#endif
-+
-+ if(pfkey_msg->sadb_msg_reserved) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "reserved field must be zero, set to %d.\n",
-+ pfkey_msg->sadb_msg_reserved);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if((pfkey_msg->sadb_msg_type > SADB_MAX) || (!pfkey_msg->sadb_msg_type)){
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "msg type too large or small:%d.\n",
-+ pfkey_msg->sadb_msg_type);
-+ SENDERR(EINVAL);
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "msg sent for parsing.\n");
-+
-+ if((error = pfkey_msg_interp(sk, pfkey_msg, &pfkey_reply))) {
-+ struct socket_list *pfkey_socketsp;
-+
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_sendmsg: "
-+ "pfkey_msg_parse returns %d.\n",
-+ error);
-+
-+ if((pfkey_reply = (struct sadb_msg*)kmalloc(sizeof(struct sadb_msg), GFP_KERNEL)) == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "memory allocation error.\n");
-+ SENDERR(ENOBUFS);
-+ }
-+ memcpy((void*)pfkey_reply, (void*)pfkey_msg, sizeof(struct sadb_msg));
-+ pfkey_reply->sadb_msg_errno = -error;
-+ pfkey_reply->sadb_msg_len = sizeof(struct sadb_msg) / IPSEC_PFKEYv2_ALIGN;
-+
-+ for(pfkey_socketsp = pfkey_open_sockets;
-+ pfkey_socketsp;
-+ pfkey_socketsp = pfkey_socketsp->next) {
-+ int error_upmsg = 0;
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_sendmsg: "
-+ "sending up error=%d message=0p%p to socket=0p%p.\n",
-+ error,
-+ pfkey_reply,
-+ pfkey_socketsp->socketp);
-+ if((error_upmsg = pfkey_upmsg(pfkey_socketsp->socketp, pfkey_reply))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_sendmsg: "
-+ "sending up error message to socket=0p%p failed with error=%d.\n",
-+ pfkey_socketsp->socketp,
-+ error_upmsg);
-+ /* pfkey_msg_free(&pfkey_reply); */
-+ /* SENDERR(-error); */
-+ }
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_sendmsg: "
-+ "sending up error message to socket=0p%p succeeded.\n",
-+ pfkey_socketsp->socketp);
-+ }
-+
-+ pfkey_msg_free(&pfkey_reply);
-+
-+ SENDERR(-error);
-+ }
-+
-+ errlab:
-+ if (pfkey_msg) {
-+ kfree((void*)pfkey_msg);
-+ }
-+
-+ if(error) {
-+ return error;
-+ } else {
-+ return len;
-+ }
-+}
-+
-+/*
-+ * Receive PF_KEY data up.
-+ */
-+
-+DEBUG_NO_STATIC int
-+#ifdef NET_26
-+pfkey_recvmsg(struct kiocb *kiocb
-+ , struct socket *sock
-+ , struct msghdr *msg
-+ , size_t size
-+ , int flags)
-+#else
-+pfkey_recvmsg(struct socket *sock
-+ , struct msghdr *msg
-+ , int size, int flags
-+ , struct scm_cookie *scm)
-+#endif
-+{
-+ struct sock *sk;
-+ int noblock = flags & MSG_DONTWAIT;
-+ struct sk_buff *skb;
-+ int error;
-+
-+ if(sock == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_recvmsg: "
-+ "Null socket passed in.\n");
-+ return -EINVAL;
-+ }
-+
-+ sk = sock->sk;
-+
-+ if(sk == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_recvmsg: "
-+ "Null sock passed in for sock=0p%p.\n", sock);
-+ return -EINVAL;
-+ }
-+
-+ if(msg == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_recvmsg: "
-+ "Null msghdr passed in for sock=0p%p, sk=0p%p.\n",
-+ sock, sk);
-+ return -EINVAL;
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey && sysctl_ipsec_debug_verbose,
-+ "klips_debug:pfkey_recvmsg: sock=0p%p sk=0p%p msg=0p%p size=%d.\n",
-+ sock, sk, msg, (int)size);
-+ if(flags & ~MSG_PEEK) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "flags (%d) other than MSG_PEEK not supported.\n",
-+ flags);
-+ return -EOPNOTSUPP;
-+ }
-+
-+ msg->msg_namelen = 0; /* sizeof(*ska); */
-+
-+ if(sk->sk_err) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sendmsg: "
-+ "sk->sk_err=%d.\n", sk->sk_err);
-+ return sock_error(sk);
-+ }
-+
-+ if((skb = skb_recv_datagram(sk, flags, noblock, &error) ) == NULL) {
-+ return error;
-+ }
-+
-+ if(size > skb->len) {
-+ size = skb->len;
-+ }
-+ else if(size <skb->len) {
-+ msg->msg_flags |= MSG_TRUNC;
-+ }
-+
-+ skb_copy_datagram_iovec(skb, 0, msg->msg_iov, size);
-+#ifdef HAVE_TSTAMP
-+ sk->sk_stamp.tv_sec = skb->tstamp.off_sec;
-+ sk->sk_stamp.tv_usec = skb->tstamp.off_usec;
-+#else
-+ sk->sk_stamp=skb->stamp;
-+#endif
-+
-+ skb_free_datagram(sk, skb);
-+ return size;
-+}
-+
-+#ifdef CONFIG_PROC_FS
-+#ifndef PROC_FS_2325
-+DEBUG_NO_STATIC
-+#endif /* PROC_FS_2325 */
-+int
-+pfkey_get_info(char *buffer, char **start, off_t offset, int length
-+#ifndef PROC_NO_DUMMY
-+, int dummy
-+#endif /* !PROC_NO_DUMMY */
-+)
-+{
-+ const int max_content = length > 0? length-1 : 0; /* limit of useful snprintf output */
-+#ifdef NET_26
-+ struct hlist_node *node;
-+#endif
-+ off_t begin=0;
-+ int len=0;
-+ struct sock *sk;
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(!sysctl_ipsec_debug_verbose) {
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ len += ipsec_snprintf(buffer, length,
-+ " sock pid socket next prev e n p sndbf Flags Type St\n");
-+#ifdef CONFIG_KLIPS_DEBUG
-+ } else {
-+ len += ipsec_snprintf(buffer, length,
-+ " sock pid d sleep socket next prev e r z n p sndbf stamp Flags Type St\n");
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ sk_for_each(sk, node, &pfkey_sock_list) {
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(!sysctl_ipsec_debug_verbose) {
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ len += ipsec_snprintf(buffer+len, length-len,
-+ "%8p %5d %8p %d %d %5d %08lX %8X %2X\n",
-+ sk,
-+ key_pid(sk),
-+ sk->sk_socket,
-+ sk->sk_err,
-+ sk->sk_protocol,
-+ sk->sk_sndbuf,
-+ sk->sk_socket->flags,
-+ sk->sk_socket->type,
-+ sk->sk_socket->state);
-+#ifdef CONFIG_KLIPS_DEBUG
-+ } else {
-+ len += ipsec_snprintf(buffer+len, length-len,
-+ "%8p %5d %d %8p %8p %d %d %d %d %5d %d.%06d %08lX %8X %2X\n",
-+ sk,
-+ key_pid(sk),
-+ sock_flag(sk, SOCK_DEAD),
-+ sk->sk_sleep,
-+ sk->sk_socket,
-+ sk->sk_err,
-+ sk->sk_reuse,
-+#ifdef HAVE_SOCK_ZAPPED
-+ sock_flag(sk, SOCK_ZAPPED),
-+#else
-+ sk->sk_zapped,
-+#endif
-+ sk->sk_protocol,
-+ sk->sk_sndbuf,
-+ (unsigned int)sk->sk_stamp.tv_sec,
-+ (unsigned int)sk->sk_stamp.tv_usec,
-+ sk->sk_socket->flags,
-+ sk->sk_socket->type,
-+ sk->sk_socket->state);
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ if (len >= max_content) {
-+ /* we've done all that can fit -- stop loop */
-+ len = max_content; /* truncate crap */
-+ break;
-+ } else {
-+ const off_t pos = begin + len; /* file position of end of what we've generated */
-+
-+ if (pos <= offset) {
-+ /* all is before first interesting character:
-+ * discard, but note where we are.
-+ */
-+ len = 0;
-+ begin = pos;
-+ }
-+ }
-+ }
-+
-+ *start = buffer + (offset - begin); /* Start of wanted data */
-+ return len - (offset - begin);
-+}
-+
-+#ifndef PROC_FS_2325
-+DEBUG_NO_STATIC
-+#endif /* PROC_FS_2325 */
-+int
-+pfkey_supported_get_info(char *buffer, char **start, off_t offset, int length
-+#ifndef PROC_NO_DUMMY
-+, int dummy
-+#endif /* !PROC_NO_DUMMY */
-+)
-+{
-+ /* limit of useful snprintf output */
-+ const int max_content = length > 0? length-1 : 0;
-+ off_t begin=0;
-+ int len=0;
-+ int satype;
-+ struct supported_list *ps;
-+
-+ len += ipsec_snprintf(buffer, length,
-+ "satype exttype alg_id ivlen minbits maxbits name\n");
-+
-+ for(satype = SADB_SATYPE_UNSPEC; satype <= SADB_SATYPE_MAX; satype++) {
-+ ps = pfkey_supported_list[satype];
-+ while(ps) {
-+ struct ipsec_alg_supported *alg = ps->supportedp;
-+ unsigned char *n = alg->ias_name;
-+ if(n == NULL) n = "unknown";
-+
-+ len += ipsec_snprintf(buffer+len, length-len,
-+ " %2d %2d %2d %3d %3d %3d %20s\n",
-+ satype,
-+ alg->ias_exttype,
-+ alg->ias_id,
-+ alg->ias_ivlen,
-+ alg->ias_keyminbits,
-+ alg->ias_keymaxbits,
-+ n);
-+
-+ if (len >= max_content) {
-+ /* we've done all that can fit -- stop loop */
-+ len = max_content; /* truncate crap */
-+ break;
-+ } else {
-+ const off_t pos = begin + len; /* file position of end of what we've generated */
-+
-+ if (pos <= offset) {
-+ /* all is before first interesting character:
-+ * discard, but note where we are.
-+ */
-+ len = 0;
-+ begin = pos;
-+ }
-+ }
-+
-+ ps = ps->next;
-+ }
-+ }
-+ *start = buffer + (offset - begin); /* Start of wanted data */
-+ return len - (offset - begin);
-+}
-+
-+#ifndef PROC_FS_2325
-+DEBUG_NO_STATIC
-+#endif /* PROC_FS_2325 */
-+int
-+pfkey_registered_get_info(char *buffer, char **start, off_t offset, int length
-+#ifndef PROC_NO_DUMMY
-+, int dummy
-+#endif /* !PROC_NO_DUMMY */
-+)
-+{
-+ const int max_content = length > 0? length-1 : 0; /* limit of useful snprintf output */
-+ off_t begin=0;
-+ int len=0;
-+ int satype;
-+ struct socket_list *pfkey_sockets;
-+
-+ len += ipsec_snprintf(buffer, length,
-+ "satype socket pid sk\n");
-+
-+ for(satype = SADB_SATYPE_UNSPEC; satype <= SADB_SATYPE_MAX; satype++) {
-+ pfkey_sockets = pfkey_registered_sockets[satype];
-+ while(pfkey_sockets) {
-+ len += ipsec_snprintf(buffer+len, length-len,
-+ " %2d %8p %5d %8p\n",
-+ satype,
-+ pfkey_sockets->socketp,
-+ key_pid(pfkey_sockets->socketp->sk),
-+ pfkey_sockets->socketp->sk);
-+
-+ if (len >= max_content) {
-+ /* we've done all that can fit -- stop loop (could stop two) */
-+ len = max_content; /* truncate crap */
-+ break;
-+ } else {
-+ const off_t pos = begin + len; /* file position of end of what we've generated */
-+
-+ if (pos <= offset) {
-+ /* all is before first interesting character:
-+ * discard, but note where we are.
-+ */
-+ len = 0;
-+ begin = pos;
-+ }
-+ }
-+
-+ pfkey_sockets = pfkey_sockets->next;
-+ }
-+ }
-+ *start = buffer + (offset - begin); /* Start of wanted data */
-+ return len - (offset - begin);
-+}
-+
-+#ifndef PROC_FS_2325
-+struct proc_dir_entry proc_net_pfkey =
-+{
-+ 0,
-+ 6, "pf_key",
-+ S_IFREG | S_IRUGO, 1, 0, 0,
-+ 0, &proc_net_inode_operations,
-+ pfkey_get_info
-+};
-+struct proc_dir_entry proc_net_pfkey_supported =
-+{
-+ 0,
-+ 16, "pf_key_supported",
-+ S_IFREG | S_IRUGO, 1, 0, 0,
-+ 0, &proc_net_inode_operations,
-+ pfkey_supported_get_info
-+};
-+struct proc_dir_entry proc_net_pfkey_registered =
-+{
-+ 0,
-+ 17, "pf_key_registered",
-+ S_IFREG | S_IRUGO, 1, 0, 0,
-+ 0, &proc_net_inode_operations,
-+ pfkey_registered_get_info
-+};
-+#endif /* !PROC_FS_2325 */
-+#endif /* CONFIG_PROC_FS */
-+
-+DEBUG_NO_STATIC int
-+supported_add_all(int satype, struct ipsec_alg_supported supported[], int size)
-+{
-+ int i;
-+ int error = 0;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:init_pfkey: "
-+ "sizeof(supported_init_<satype=%d>)[%d]/sizeof(struct ipsec_alg_supported)[%d]=%d.\n",
-+ satype,
-+ size,
-+ (int)sizeof(struct ipsec_alg_supported),
-+ (int)(size/sizeof(struct ipsec_alg_supported)));
-+
-+ for(i = 0; i < size / sizeof(struct ipsec_alg_supported); i++) {
-+
-+ unsigned char *n = supported[i].ias_name;
-+ if(n == NULL) n="unknown";
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:init_pfkey: "
-+ "i=%d inserting satype=%d exttype=%d id=%d ivlen=%d minbits=%d maxbits=%d name=%s.\n",
-+ i,
-+ satype,
-+ supported[i].ias_exttype,
-+ supported[i].ias_id,
-+ supported[i].ias_ivlen,
-+ supported[i].ias_keyminbits,
-+ supported[i].ias_keymaxbits,
-+ n);
-+
-+ error |= pfkey_list_insert_supported(&(supported[i]),
-+ &(pfkey_supported_list[satype]));
-+ }
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+supported_remove_all(int satype)
-+{
-+ int error = 0;
-+ struct ipsec_alg_supported*supportedp;
-+
-+ while(pfkey_supported_list[satype]) {
-+ unsigned char *n;
-+ supportedp = pfkey_supported_list[satype]->supportedp;
-+
-+ n = supportedp->ias_name;
-+ if(n == NULL) n="unknown";
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:init_pfkey: "
-+ "removing satype=%d exttype=%d id=%d ivlen=%d minbits=%d maxbits=%d name=%s.\n",
-+ satype,
-+ supportedp->ias_exttype,
-+ supportedp->ias_id,
-+ supportedp->ias_ivlen,
-+ supportedp->ias_keyminbits,
-+ supportedp->ias_keymaxbits, n);
-+
-+ error |= pfkey_list_remove_supported(supportedp,
-+ &(pfkey_supported_list[satype]));
-+ }
-+ return error;
-+}
-+
-+int
-+pfkey_init(void)
-+{
-+ int error = 0;
-+ int i;
-+
-+ static struct ipsec_alg_supported supported_init_ah[] = {
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_MD5
-+ {SADB_EXT_SUPPORTED_AUTH, SADB_AALG_MD5HMAC, 0, 128, 128},
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_MD5 */
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_SHA1
-+ {SADB_EXT_SUPPORTED_AUTH, SADB_AALG_SHA1HMAC, 0, 160, 160}
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_SHA1 */
-+ };
-+ static struct ipsec_alg_supported supported_init_esp[] = {
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_MD5
-+ {SADB_EXT_SUPPORTED_AUTH, SADB_AALG_MD5HMAC, 0, 128, 128},
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_MD5 */
-+#ifdef CONFIG_KLIPS_AUTH_HMAC_SHA1
-+ {SADB_EXT_SUPPORTED_AUTH, SADB_AALG_SHA1HMAC, 0, 160, 160},
-+#endif /* CONFIG_KLIPS_AUTH_HMAC_SHA1 */
-+#ifdef CONFIG_KLIPS_ENC_3DES
-+ {SADB_EXT_SUPPORTED_ENCRYPT, SADB_EALG_3DESCBC, 64, 168, 168},
-+#endif /* CONFIG_KLIPS_ENC_3DES */
-+ };
-+ static struct ipsec_alg_supported supported_init_ipip[] = {
-+ {SADB_EXT_SUPPORTED_ENCRYPT, SADB_X_TALG_IPv4_in_IPv4, 0, 32, 32}
-+#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
-+ , {SADB_EXT_SUPPORTED_ENCRYPT, SADB_X_TALG_IPv6_in_IPv4, 0, 128, 32}
-+ , {SADB_EXT_SUPPORTED_ENCRYPT, SADB_X_TALG_IPv4_in_IPv6, 0, 32, 128}
-+ , {SADB_EXT_SUPPORTED_ENCRYPT, SADB_X_TALG_IPv6_in_IPv6, 0, 128, 128}
-+#endif /* defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) */
-+ };
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ static struct ipsec_alg_supported supported_init_ipcomp[] = {
-+ {SADB_EXT_SUPPORTED_ENCRYPT, SADB_X_CALG_DEFLATE, 0, 1, 1}
-+ };
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+
-+#if 0
-+ printk(KERN_INFO
-+ "klips_info:pfkey_init: "
-+ "FreeS/WAN: initialising PF_KEYv2 domain sockets.\n");
-+#endif
-+
-+ for(i = SADB_SATYPE_UNSPEC; i <= SADB_SATYPE_MAX; i++) {
-+ pfkey_registered_sockets[i] = NULL;
-+ pfkey_supported_list[i] = NULL;
-+ }
-+
-+ error |= supported_add_all(SADB_SATYPE_AH, supported_init_ah, sizeof(supported_init_ah));
-+ error |= supported_add_all(SADB_SATYPE_ESP, supported_init_esp, sizeof(supported_init_esp));
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ error |= supported_add_all(SADB_X_SATYPE_COMP, supported_init_ipcomp, sizeof(supported_init_ipcomp));
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+ error |= supported_add_all(SADB_X_SATYPE_IPIP, supported_init_ipip, sizeof(supported_init_ipip));
-+
-+ error |= sock_register(&pfkey_family_ops);
-+
-+#ifdef CONFIG_PROC_FS
-+# ifndef PROC_FS_2325
-+# ifdef PROC_FS_21
-+ error |= proc_register(proc_net, &proc_net_pfkey);
-+ error |= proc_register(proc_net, &proc_net_pfkey_supported);
-+ error |= proc_register(proc_net, &proc_net_pfkey_registered);
-+# else /* PROC_FS_21 */
-+ error |= proc_register_dynamic(&proc_net, &proc_net_pfkey);
-+ error |= proc_register_dynamic(&proc_net, &proc_net_pfkey_supported);
-+ error |= proc_register_dynamic(&proc_net, &proc_net_pfkey_registered);
-+# endif /* PROC_FS_21 */
-+# else /* !PROC_FS_2325 */
-+ proc_net_create ("pf_key", 0, pfkey_get_info);
-+ proc_net_create ("pf_key_supported", 0, pfkey_supported_get_info);
-+ proc_net_create ("pf_key_registered", 0, pfkey_registered_get_info);
-+# endif /* !PROC_FS_2325 */
-+#endif /* CONFIG_PROC_FS */
-+
-+ return error;
-+}
-+
-+int
-+pfkey_cleanup(void)
-+{
-+ int error = 0;
-+
-+ printk(KERN_INFO "klips_info:pfkey_cleanup: "
-+ "shutting down PF_KEY domain sockets.\n");
-+ sock_unregister(PF_KEY);
-+
-+ error |= supported_remove_all(SADB_SATYPE_AH);
-+ error |= supported_remove_all(SADB_SATYPE_ESP);
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ error |= supported_remove_all(SADB_X_SATYPE_COMP);
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+ error |= supported_remove_all(SADB_X_SATYPE_IPIP);
-+
-+#ifdef CONFIG_PROC_FS
-+# ifndef PROC_FS_2325
-+ if (proc_net_unregister(proc_net_pfkey.low_ino) != 0)
-+ printk("klips_debug:pfkey_cleanup: "
-+ "cannot unregister /proc/net/pf_key\n");
-+ if (proc_net_unregister(proc_net_pfkey_supported.low_ino) != 0)
-+ printk("klips_debug:pfkey_cleanup: "
-+ "cannot unregister /proc/net/pf_key_supported\n");
-+ if (proc_net_unregister(proc_net_pfkey_registered.low_ino) != 0)
-+ printk("klips_debug:pfkey_cleanup: "
-+ "cannot unregister /proc/net/pf_key_registered\n");
-+# else /* !PROC_FS_2325 */
-+ proc_net_remove ("pf_key");
-+ proc_net_remove ("pf_key_supported");
-+ proc_net_remove ("pf_key_registered");
-+# endif /* !PROC_FS_2325 */
-+#endif /* CONFIG_PROC_FS */
-+
-+ /* other module unloading cleanup happens here */
-+ return error;
-+}
-+
-+#ifdef MODULE
-+#if 0
-+int
-+init_module(void)
-+{
-+ pfkey_init();
-+ return 0;
-+}
-+
-+void
-+cleanup_module(void)
-+{
-+ pfkey_cleanup();
-+}
-+#endif /* 0 */
-+#else /* MODULE */
-+struct net_protocol;
-+void pfkey_proto_init(struct net_protocol *pro)
-+{
-+ pfkey_init();
-+}
-+#endif /* MODULE */
-+
-+/*
-+ * $Log: pfkey_v2.c,v $
-+ * Revision 1.97.2.12 2006/11/24 05:43:29 paul
-+ * kernels after 2.6.18 do not return a code from unregister_socket()
-+ * backport from git 41e54a2684dc809d7952e816860ea646a3194a72
-+ *
-+ * Revision 1.97.2.11 2006/11/15 16:05:57 paul
-+ * fix for compiling on 2.4. kernels by Matthias Haas.
-+ *
-+ * Revision 1.97.2.10 2006/10/10 20:43:28 paul
-+ * Add family/create/owner for pfkey_family_ops. This fixes bug #671
-+ *
-+ * Revision 1.97.2.9 2006/10/06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.97.2.8 2006/07/10 15:56:11 paul
-+ * Fix for bug #642 by Bart.
-+ *
-+ * Revision 1.97.2.7 2006/04/04 11:34:19 ken
-+ * Backport SMP fixes + #ifdef cleanup from #public
-+ *
-+ * Revision 1.97.2.6 2006/02/15 05:00:20 paul
-+ * Fix for crasher on 2.6.12+ with klips (mostly seen on redhat kernels)
-+ *
-+ * Revision 1.97.2.5 2005/11/22 04:11:52 ken
-+ * Backport fixes for 2.6.14 kernels from HEAD
-+ *
-+ * Revision 1.97.2.4 2005/09/14 16:40:45 mcr
-+ * pull up of compilation on 2.4
-+ *
-+ * Revision 1.97.2.3 2005/09/06 02:10:03 mcr
-+ * pulled up possible SMP-related compilation fix
-+ *
-+ * Revision 1.97.2.2 2005/08/28 01:21:12 paul
-+ * Undid Ken's gcc4 fix in version 1.94 since it breaks linking KLIPS on
-+ * SMP kernels.
-+ *
-+ * Revision 1.97.2.1 2005/08/27 23:40:00 paul
-+ * recommited HAVE_SOCK_SECURITY fixes for linux 2.6.13
-+ *
-+ * Revision 1.102 2005/09/14 16:37:23 mcr
-+ * fix to compile on 2.4.
-+ *
-+ * Revision 1.101 2005/09/06 01:42:25 mcr
-+ * removed additional SOCKOPS_WRAPPED code
-+ *
-+ * Revision 1.100 2005/08/30 18:10:15 mcr
-+ * remove SOCKOPS_WRAPPED() code, add proper locking to the
-+ * pfkey code. (cross fingers)
-+ *
-+ * Revision 1.99 2005/08/28 01:53:37 paul
-+ * Undid Ken's gcc4 fix in version 1.94 since it breaks linking KLIPS on SMP kernels.
-+ *
-+ * Revision 1.98 2005/08/27 23:07:21 paul
-+ * Somewhere between 2.6.12 and 2.6.13rc7 the unused security memnber in sk_buff
-+ * has been removed. This patch should fix compilation for both cases.
-+ *
-+ * Revision 1.97 2005/07/20 00:33:36 mcr
-+ * fixed typo in #ifdef for SKALLOC.
-+ *
-+ * Revision 1.96 2005/07/19 20:02:15 mcr
-+ * sk_alloc() interface change.
-+ *
-+ * Revision 1.95 2005/07/09 00:40:06 ken
-+ * Fix for GCC4 - it doesn't like the potential for duplicate declaration
-+ *
-+ * Revision 1.94 2005/07/09 00:14:04 ken
-+ * Casts for 64bit cleanliness
-+ *
-+ * Revision 1.93 2005/07/08 16:20:05 mcr
-+ * fix for 2.6.12 disapperance of sk_zapped field -> sock_flags.
-+ *
-+ * Revision 1.92 2005/05/21 03:29:39 mcr
-+ * fixed missing prototype definition.
-+ *
-+ * Revision 1.91 2005/05/11 01:43:45 mcr
-+ * removed "poor-man"s OOP in favour of proper C structures.
-+ *
-+ * Revision 1.90 2005/05/02 18:42:47 mcr
-+ * fix for cut&paste error with pfkey_v2.c "supported_name"
-+ *
-+ * Revision 1.89 2005/05/01 03:12:31 mcr
-+ * print name if it is available.
-+ *
-+ * Revision 1.88 2005/04/29 05:10:22 mcr
-+ * removed from extraenous includes to make unit testing easier.
-+ *
-+ * Revision 1.87 2005/04/15 19:57:10 mcr
-+ * make sure that address has 0p so that it will
-+ * sanitized.
-+ *
-+ * Revision 1.86 2005/04/08 18:28:36 mcr
-+ * some minor #ifdef simplification in pursuit of a possible bug.
-+ *
-+ * Revision 1.85 2004/12/03 21:25:57 mcr
-+ * compile time fixes for running on 2.6.
-+ * still experimental.
-+ *
-+ * Revision 1.84 2004/08/17 03:27:23 mcr
-+ * klips 2.6 edits.
-+ *
-+ * Revision 1.83 2004/08/04 15:57:07 mcr
-+ * moved des .h files to include/des/ *
-+ * included 2.6 protocol specific things
-+ * started at NAT-T support, but it will require a kernel patch.
-+ *
-+ * Revision 1.82 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.81 2004/04/25 21:23:11 ken
-+ * Pull in dhr's changes from FreeS/WAN 2.06
-+ *
-+ * Revision 1.80 2004/04/06 02:49:26 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.79.4.1 2003/12/22 15:25:52 jjo
-+ * . Merged algo-0.8.1-rc11-test1 into alg-branch
-+ *
-+ * Revision 1.79 2003/10/31 02:27:55 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.78.4.1 2003/10/29 01:30:41 mcr
-+ * elimited "struct sa_id".
-+ *
-+ * Revision 1.78 2003/04/03 17:38:09 rgb
-+ * Centralised ipsec_kfree_skb and ipsec_dev_{get,put}.
-+ *
-+ * Revision 1.77 2002/10/17 16:49:36 mcr
-+ * sock->ops should reference the unwrapped options so that
-+ * we get hacked in locking on SMP systems.
-+ *
-+ * Revision 1.76 2002/10/12 23:11:53 dhr
-+ *
-+ * [KenB + DHR] more 64-bit cleanup
-+ *
-+ * Revision 1.75 2002/09/20 05:01:57 rgb
-+ * Added memory allocation debugging.
-+ *
-+ * Revision 1.74 2002/09/19 02:42:50 mcr
-+ * do not define the pfkey_ops function for now.
-+ *
-+ * Revision 1.73 2002/09/17 17:29:23 mcr
-+ * #if 0 out some dead code - pfkey_ops is never used as written.
-+ *
-+ * Revision 1.72 2002/07/24 18:44:54 rgb
-+ * Type fiddling to tame ia64 compiler.
-+ *
-+ * Revision 1.71 2002/05/23 07:14:11 rgb
-+ * Cleaned up %p variants to 0p%p for test suite cleanup.
-+ *
-+ * Revision 1.70 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.69 2002/04/24 07:36:33 mcr
-+ * Moved from ./klips/net/ipsec/pfkey_v2.c,v
-+ *
-+ * Revision 1.68 2002/03/08 01:15:17 mcr
-+ * put some internal structure only debug messages behind
-+ * && sysctl_ipsec_debug_verbose.
-+ *
-+ * Revision 1.67 2002/01/29 17:17:57 mcr
-+ * moved include of ipsec_param.h to after include of linux/kernel.h
-+ * otherwise, it seems that some option that is set in ipsec_param.h
-+ * screws up something subtle in the include path to kernel.h, and
-+ * it complains on the snprintf() prototype.
-+ *
-+ * Revision 1.66 2002/01/29 04:00:54 mcr
-+ * more excise of kversions.h header.
-+ *
-+ * Revision 1.65 2002/01/29 02:13:18 mcr
-+ * introduction of ipsec_kversion.h means that include of
-+ * ipsec_param.h must preceed any decisions about what files to
-+ * include to deal with differences in kernel source.
-+ *
-+ * Revision 1.64 2001/11/26 09:23:51 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.61.2.1 2001/09/25 02:28:44 mcr
-+ * cleaned up includes.
-+ *
-+ * Revision 1.63 2001/11/12 19:38:00 rgb
-+ * Continue trying other sockets even if one fails and return only original
-+ * error.
-+ *
-+ * Revision 1.62 2001/10/18 04:45:22 rgb
-+ * 2.4.9 kernel deprecates linux/malloc.h in favour of linux/slab.h,
-+ * lib/freeswan.h version macros moved to lib/kversions.h.
-+ * Other compiler directive cleanups.
-+ *
-+ * Revision 1.61 2001/09/20 15:32:59 rgb
-+ * Min/max cleanup.
-+ *
-+ * Revision 1.60 2001/06/14 19:35:12 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.59 2001/06/13 15:35:48 rgb
-+ * Fixed #endif comments.
-+ *
-+ * Revision 1.58 2001/05/04 16:37:24 rgb
-+ * Remove erroneous checking of return codes for proc_net_* in 2.4.
-+ *
-+ * Revision 1.57 2001/05/03 19:43:36 rgb
-+ * Initialise error return variable.
-+ * Check error return codes in startup and shutdown.
-+ * Standardise on SENDERR() macro.
-+ *
-+ * Revision 1.56 2001/04/21 23:05:07 rgb
-+ * Define out skb->used for 2.4 kernels.
-+ *
-+ * Revision 1.55 2001/02/28 05:03:28 rgb
-+ * Clean up and rationalise startup messages.
-+ *
-+ * Revision 1.54 2001/02/27 22:24:55 rgb
-+ * Re-formatting debug output (line-splitting, joining, 1arg/line).
-+ * Check for satoa() return codes.
-+ *
-+ * Revision 1.53 2001/02/27 06:48:18 rgb
-+ * Fixed pfkey socket unregister log message to reflect type and function.
-+ *
-+ * Revision 1.52 2001/02/26 22:34:38 rgb
-+ * Fix error return code that was getting overwritten by the error return
-+ * code of an upmsg.
-+ *
-+ * Revision 1.51 2001/01/30 23:42:47 rgb
-+ * Allow pfkey msgs from pid other than user context required for ACQUIRE
-+ * and subsequent ADD or UDATE.
-+ *
-+ * Revision 1.50 2001/01/23 20:22:59 rgb
-+ * 2.4 fix to remove removed is_clone member.
-+ *
-+ * Revision 1.49 2000/11/06 04:33:47 rgb
-+ * Changed non-exported functions to DEBUG_NO_STATIC.
-+ *
-+ * Revision 1.48 2000/09/29 19:47:41 rgb
-+ * Update copyright.
-+ *
-+ * Revision 1.47 2000/09/22 04:23:04 rgb
-+ * Added more debugging to pfkey_upmsg() call from pfkey_sendmsg() error.
-+ *
-+ * Revision 1.46 2000/09/21 04:20:44 rgb
-+ * Fixed array size off-by-one error. (Thanks Svenning!)
-+ *
-+ * Revision 1.45 2000/09/20 04:01:26 rgb
-+ * Changed static functions to DEBUG_NO_STATIC for revealing function names
-+ * in oopsen.
-+ *
-+ * Revision 1.44 2000/09/19 00:33:17 rgb
-+ * 2.0 fixes.
-+ *
-+ * Revision 1.43 2000/09/16 01:28:13 rgb
-+ * Fixed use of 0 in p format warning.
-+ *
-+ * Revision 1.42 2000/09/16 01:09:41 rgb
-+ * Fixed debug format warning for pointers that was expecting ints.
-+ *
-+ * Revision 1.41 2000/09/13 15:54:00 rgb
-+ * Rewrote pfkey_get_info(), added pfkey_{supported,registered}_get_info().
-+ * Moved supported algos add and remove to functions.
-+ *
-+ * Revision 1.40 2000/09/12 18:49:28 rgb
-+ * Added IPIP tunnel and IPCOMP register support.
-+ *
-+ * Revision 1.39 2000/09/12 03:23:49 rgb
-+ * Converted #if0 debugs to sysctl.
-+ * Removed debug_pfkey initialisations that prevented no_debug loading or
-+ * linking.
-+ *
-+ * Revision 1.38 2000/09/09 06:38:02 rgb
-+ * Return positive errno in pfkey_reply error message.
-+ *
-+ * Revision 1.37 2000/09/08 19:19:09 rgb
-+ * Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
-+ * Clean-up of long-unused crud...
-+ * Create pfkey error message on on failure.
-+ * Give pfkey_list_{insert,remove}_{socket,supported}() some error
-+ * checking.
-+ *
-+ * Revision 1.36 2000/09/01 18:49:38 rgb
-+ * Reap experimental NET_21_ bits.
-+ * Turned registered sockets list into an array of one list per satype.
-+ * Remove references to deprecated sklist_{insert,remove}_socket.
-+ * Removed leaking socket debugging code.
-+ * Removed duplicate pfkey_insert_socket in pfkey_create.
-+ * Removed all references to pfkey msg->msg_name, since it is not used for
-+ * pfkey.
-+ * Added a supported algorithms array lists, one per satype and registered
-+ * existing algorithms.
-+ * Fixed pfkey_list_{insert,remove}_{socket,support}() to allow change to
-+ * list.
-+ * Only send pfkey_expire() messages to sockets registered for that satype.
-+ *
-+ * Revision 1.35 2000/08/24 17:03:00 rgb
-+ * Corrected message size error return code for PF_KEYv2.
-+ * Removed downward error prohibition.
-+ *
-+ * Revision 1.34 2000/08/21 16:32:26 rgb
-+ * Re-formatted for cosmetic consistency and readability.
-+ *
-+ * Revision 1.33 2000/08/20 21:38:24 rgb
-+ * Added a pfkey_reply parameter to pfkey_msg_interp(). (Momchil)
-+ * Extended the upward message initiation of pfkey_sendmsg(). (Momchil)
-+ *
-+ * Revision 1.32 2000/07/28 14:58:31 rgb
-+ * Changed kfree_s to kfree, eliminating extra arg to fix 2.4.0-test5.
-+ *
-+ * Revision 1.31 2000/05/16 03:04:00 rgb
-+ * Updates for 2.3.99pre8 from MB.
-+ *
-+ * Revision 1.30 2000/05/10 19:22:21 rgb
-+ * Use sklist private functions for 2.3.xx compatibility.
-+ *
-+ * Revision 1.29 2000/03/22 16:17:03 rgb
-+ * Fixed SOCKOPS_WRAPPED macro for SMP (MB).
-+ *
-+ * Revision 1.28 2000/02/21 19:30:45 rgb
-+ * Removed references to pkt_bridged for 2.3.47 compatibility.
-+ *
-+ * Revision 1.27 2000/02/14 21:07:00 rgb
-+ * Fixed /proc/net/pf-key legend spacing.
-+ *
-+ * Revision 1.26 2000/01/22 03:46:59 rgb
-+ * Fixed pfkey error return mechanism so that we are able to free the
-+ * local copy of the pfkey_msg, plugging a memory leak and silencing
-+ * the bad object free complaints.
-+ *
-+ * Revision 1.25 2000/01/21 06:19:44 rgb
-+ * Moved pfkey_list_remove_socket() calls to before MOD_USE_DEC_COUNT.
-+ * Added debugging to pfkey_upmsg.
-+ *
-+ * Revision 1.24 2000/01/10 16:38:23 rgb
-+ * MB fixups for 2.3.x.
-+ *
-+ * Revision 1.23 1999/12/09 23:22:16 rgb
-+ * Added more instrumentation for debugging 2.0 socket
-+ * selection/reading.
-+ * Removed erroneous 2.0 wait==NULL check bug in select.
-+ *
-+ * Revision 1.22 1999/12/08 20:32:16 rgb
-+ * Tidied up 2.0.xx support, after major pfkey work, eliminating
-+ * msg->msg_name twiddling in the process, since it is not defined
-+ * for PF_KEYv2.
-+ *
-+ * Revision 1.21 1999/12/01 22:17:19 rgb
-+ * Set skb->dev to zero on new skb in case it is a reused skb.
-+ * Added check for skb_put overflow and freeing to avoid upmsg on error.
-+ * Added check for wrong pfkey version and freeing to avoid upmsg on
-+ * error.
-+ * Shut off content dumping in pfkey_destroy.
-+ * Added debugging message for size of buffer allocated for upmsg.
-+ *
-+ * Revision 1.20 1999/11/27 12:11:00 rgb
-+ * Minor clean-up, enabling quiet operation of pfkey if desired.
-+ *
-+ * Revision 1.19 1999/11/25 19:04:21 rgb
-+ * Update proc_fs code for pfkey to use dynamic registration.
-+ *
-+ * Revision 1.18 1999/11/25 09:07:17 rgb
-+ * Implemented SENDERR macro for propagating error codes.
-+ * Fixed error return code bug.
-+ *
-+ * Revision 1.17 1999/11/23 23:07:20 rgb
-+ * Change name of pfkey_msg_parser to pfkey_msg_interp since it no longer
-+ * parses. (PJO)
-+ * Sort out pfkey and freeswan headers, putting them in a library path.
-+ *
-+ * Revision 1.16 1999/11/20 22:00:22 rgb
-+ * Moved socketlist type declarations and prototypes for shared use.
-+ * Renamed reformatted and generically extended for use by other socket
-+ * lists pfkey_{del,add}_open_socket to pfkey_list_{remove,insert}_socket.
-+ *
-+ * Revision 1.15 1999/11/18 04:15:09 rgb
-+ * Make pfkey_data_ready temporarily available for 2.2.x testing.
-+ * Clean up pfkey_destroy_socket() debugging statements.
-+ * Add Peter Onion's code to send messages up to all listening sockets.
-+ * Changed all occurrences of #include "../../../lib/freeswan.h"
-+ * to #include <freeswan.h> which works due to -Ilibfreeswan in the
-+ * klips/net/ipsec/Makefile.
-+ * Replaced all kernel version macros to shorter, readable form.
-+ * Added CONFIG_PROC_FS compiler directives in case it is shut off.
-+ *
-+ * Revision 1.14 1999/11/17 16:01:00 rgb
-+ * Make pfkey_data_ready temporarily available for 2.2.x testing.
-+ * Clean up pfkey_destroy_socket() debugging statements.
-+ * Add Peter Onion's code to send messages up to all listening sockets.
-+ * Changed #include "../../../lib/freeswan.h" to #include <freeswan.h>
-+ * which works due to -Ilibfreeswan in the klips/net/ipsec/Makefile.
-+ *
-+ * Revision 1.13 1999/10/27 19:59:51 rgb
-+ * Removed af_unix comments that are no longer relevant.
-+ * Added debug prink statements.
-+ * Added to the /proc output in pfkey_get_info.
-+ * Made most functions non-static to enable oops tracing.
-+ * Re-enable skb dequeueing and freeing.
-+ * Fix skb_alloc() and skb_put() size bug in pfkey_upmsg().
-+ *
-+ * Revision 1.12 1999/10/26 17:05:42 rgb
-+ * Complete re-ordering based on proto_ops structure order.
-+ * Separated out proto_ops structures for 2.0.x and 2.2.x for clarity.
-+ * Simplification to use built-in socket ops where possible for 2.2.x.
-+ * Add shorter macros for compiler directives to visually clean-up.
-+ * Add lots of sk skb dequeueing debugging statements.
-+ * Added to the /proc output in pfkey_get_info.
-+ *
-+ * Revision 1.11 1999/09/30 02:55:10 rgb
-+ * Bogus skb detection.
-+ * Fix incorrect /proc/net/ipsec-eroute printk message.
-+ *
-+ * Revision 1.10 1999/09/21 15:22:13 rgb
-+ * Temporary fix while I figure out the right way to destroy sockets.
-+ *
-+ * Revision 1.9 1999/07/08 19:19:44 rgb
-+ * Fix pointer format warning.
-+ * Fix missing member error under 2.0.xx kernels.
-+ *
-+ * Revision 1.8 1999/06/13 07:24:04 rgb
-+ * Add more debugging.
-+ *
-+ * Revision 1.7 1999/06/10 05:24:17 rgb
-+ * Clarified compiler directives.
-+ * Renamed variables to reduce confusion.
-+ * Used sklist_*_socket() kernel functions to simplify 2.2.x socket support.
-+ * Added lots of sanity checking.
-+ *
-+ * Revision 1.6 1999/06/03 18:59:50 rgb
-+ * More updates to 2.2.x socket support. Almost works, oops at end of call.
-+ *
-+ * Revision 1.5 1999/05/25 22:44:05 rgb
-+ * Start fixing 2.2 sockets.
-+ *
-+ * Revision 1.4 1999/04/29 15:21:34 rgb
-+ * Move log to the end of the file.
-+ * Eliminate min/max redefinition in #include <net/tcp.h>.
-+ * Correct path for pfkey #includes
-+ * Standardise an error return method.
-+ * Add debugging instrumentation.
-+ * Move message type checking to pfkey_msg_parse().
-+ * Add check for errno incorrectly set.
-+ * Add check for valid PID.
-+ * Add check for reserved illegally set.
-+ * Add check for message out of bounds.
-+ *
-+ * Revision 1.3 1999/04/15 17:58:07 rgb
-+ * Add RCSID labels.
-+ *
-+ * Revision 1.2 1999/04/15 15:37:26 rgb
-+ * Forward check changes from POST1_00 branch.
-+ *
-+ * Revision 1.1.2.2 1999/04/13 20:37:12 rgb
-+ * Header Title correction.
-+ *
-+ * Revision 1.1.2.1 1999/03/26 20:58:55 rgb
-+ * Add pfkeyv2 support to KLIPS.
-+ *
-+ *
-+ * RFC 2367
-+ * PF_KEY_v2 Key Management API
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/pfkey_v2_build.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,1581 @@
-+/*
-+ * RFC2367 PF_KEYv2 Key management API message parser
-+ * Copyright (C) 1999, 2000, 2001 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: pfkey_v2_build.c,v 1.51.8.1 2006/05/01 14:36:39 mcr Exp $
-+ */
-+
-+/*
-+ * Template from klips/net/ipsec/ipsec/ipsec_parser.c.
-+ */
-+
-+char pfkey_v2_build_c_version[] = "$Id: pfkey_v2_build.c,v 1.51.8.1 2006/05/01 14:36:39 mcr Exp $";
-+
-+/*
-+ * Some ugly stuff to allow consistent debugging code for use in the
-+ * kernel and in user space
-+*/
-+
-+#ifdef __KERNEL__
-+
-+# include <linux/kernel.h> /* for printk */
-+
-+# include "openswan/ipsec_kversion.h" /* for malloc switch */
-+# ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+# else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+# endif /* MALLOC_SLAB */
-+# include <linux/errno.h> /* error codes */
-+# include <linux/types.h> /* size_t */
-+# include <linux/interrupt.h> /* mark_bh */
-+
-+# include <linux/netdevice.h> /* struct device, and other headers */
-+# include <linux/etherdevice.h> /* eth_type_trans */
-+# include <linux/ip.h> /* struct iphdr */
-+# if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
-+# include <linux/ipv6.h> /* struct ipv6hdr */
-+# endif /* if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) */
-+
-+# define MALLOC(size) kmalloc(size, GFP_ATOMIC)
-+# define FREE(obj) kfree(obj)
-+# include <openswan.h>
-+#else /* __KERNEL__ */
-+
-+# include <sys/types.h>
-+# include <linux/types.h>
-+# include <linux/errno.h>
-+# include <malloc.h>
-+# include <string.h> /* memset */
-+
-+# include <openswan.h>
-+
-+#endif /* __KERNEL__ */
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+#ifdef __KERNEL__
-+#include "openswan/radij.h" /* rd_nodes */
-+#include "openswan/ipsec_encap.h" /* sockaddr_encap */
-+#endif /* __KERNEL__ */
-+
-+
-+#include "openswan/ipsec_sa.h" /* IPSEC_SAREF_NULL, IPSEC_SA_REF_TABLE_IDX_WIDTH */
-+#include "openswan/pfkey_debug.h"
-+
-+
-+#define SENDERR(_x) do { error = -(_x); goto errlab; } while (0)
-+
-+void
-+pfkey_extensions_init(struct sadb_ext *extensions[SADB_EXT_MAX + 1])
-+{
-+ int i;
-+
-+ for (i = 0; i != SADB_EXT_MAX + 1; i++) {
-+ extensions[i] = NULL;
-+ }
-+}
-+
-+void
-+pfkey_extensions_free(struct sadb_ext *extensions[SADB_EXT_MAX + 1])
-+{
-+ int i;
-+
-+ if(!extensions) {
-+ return;
-+ }
-+
-+ if(extensions[0]) {
-+ memset(extensions[0], 0, sizeof(struct sadb_msg));
-+ FREE(extensions[0]);
-+ extensions[0] = NULL;
-+ }
-+
-+ for (i = 1; i != SADB_EXT_MAX + 1; i++) {
-+ if(extensions[i]) {
-+ memset(extensions[i], 0, extensions[i]->sadb_ext_len * IPSEC_PFKEYv2_ALIGN);
-+ FREE(extensions[i]);
-+ extensions[i] = NULL;
-+ }
-+ }
-+}
-+
-+void
-+pfkey_msg_free(struct sadb_msg **pfkey_msg)
-+{
-+ if(*pfkey_msg) {
-+ memset(*pfkey_msg, 0, (*pfkey_msg)->sadb_msg_len * IPSEC_PFKEYv2_ALIGN);
-+ FREE(*pfkey_msg);
-+ *pfkey_msg = NULL;
-+ }
-+}
-+
-+/* Default extension builders taken from the KLIPS code */
-+
-+int
-+pfkey_msg_hdr_build(struct sadb_ext** pfkey_ext,
-+ uint8_t msg_type,
-+ uint8_t satype,
-+ uint8_t msg_errno,
-+ uint32_t seq,
-+ uint32_t pid)
-+{
-+ int error = 0;
-+ struct sadb_msg *pfkey_msg = (struct sadb_msg *)*pfkey_ext;
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_msg_hdr_build:\n");
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_msg_hdr_build: "
-+ "on_entry &pfkey_ext=0p%p pfkey_ext=0p%p *pfkey_ext=0p%p.\n",
-+ &pfkey_ext,
-+ pfkey_ext,
-+ *pfkey_ext);
-+ /* sanity checks... */
-+ if(pfkey_msg) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_msg_hdr_build: "
-+ "why is pfkey_msg already pointing to something?\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(!msg_type) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_msg_hdr_build: "
-+ "msg type not set, must be non-zero..\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(msg_type > SADB_MAX) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_msg_hdr_build: "
-+ "msg type too large:%d.\n",
-+ msg_type);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(satype > SADB_SATYPE_MAX) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_msg_hdr_build: "
-+ "satype %d > max %d\n",
-+ satype, SADB_SATYPE_MAX);
-+ SENDERR(EINVAL);
-+ }
-+
-+ pfkey_msg = (struct sadb_msg*)MALLOC(sizeof(struct sadb_msg));
-+ *pfkey_ext = (struct sadb_ext*)pfkey_msg;
-+
-+ if(pfkey_msg == NULL) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_msg_hdr_build: "
-+ "memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+ memset(pfkey_msg, 0, sizeof(struct sadb_msg));
-+
-+ pfkey_msg->sadb_msg_len = sizeof(struct sadb_msg) / IPSEC_PFKEYv2_ALIGN;
-+
-+ pfkey_msg->sadb_msg_type = msg_type;
-+ pfkey_msg->sadb_msg_satype = satype;
-+
-+ pfkey_msg->sadb_msg_version = PF_KEY_V2;
-+ pfkey_msg->sadb_msg_errno = msg_errno;
-+ pfkey_msg->sadb_msg_reserved = 0;
-+ pfkey_msg->sadb_msg_seq = seq;
-+ pfkey_msg->sadb_msg_pid = pid;
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_msg_hdr_build: "
-+ "on_exit &pfkey_ext=0p%p pfkey_ext=0p%p *pfkey_ext=0p%p.\n",
-+ &pfkey_ext,
-+ pfkey_ext,
-+ *pfkey_ext);
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_sa_ref_build(struct sadb_ext ** pfkey_ext,
-+ uint16_t exttype,
-+ uint32_t spi,
-+ uint8_t replay_window,
-+ uint8_t sa_state,
-+ uint8_t auth,
-+ uint8_t encrypt,
-+ uint32_t flags,
-+ uint32_t/*IPsecSAref_t*/ ref)
-+{
-+ int error = 0;
-+ struct sadb_sa *pfkey_sa = (struct sadb_sa *)*pfkey_ext;
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_sa_build: "
-+ "spi=%08x replay=%d sa_state=%d auth=%d encrypt=%d flags=%d\n",
-+ ntohl(spi), /* in network order */
-+ replay_window,
-+ sa_state,
-+ auth,
-+ encrypt,
-+ flags);
-+ /* sanity checks... */
-+ if(pfkey_sa) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_sa_build: "
-+ "why is pfkey_sa already pointing to something?\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(exttype != SADB_EXT_SA &&
-+ exttype != SADB_X_EXT_SA2) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_sa_build: "
-+ "invalid exttype=%d.\n",
-+ exttype);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(replay_window > 64) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_sa_build: "
-+ "replay window size: %d -- must be 0 <= size <= 64\n",
-+ replay_window);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(auth > SADB_AALG_MAX) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_sa_build: "
-+ "auth=%d > SADB_AALG_MAX=%d.\n",
-+ auth,
-+ SADB_AALG_MAX);
-+ SENDERR(EINVAL);
-+ }
-+
-+#if SADB_EALG_MAX < 255
-+ if(encrypt > SADB_EALG_MAX) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_sa_build: "
-+ "encrypt=%d > SADB_EALG_MAX=%d.\n",
-+ encrypt,
-+ SADB_EALG_MAX);
-+ SENDERR(EINVAL);
-+ }
-+#endif
-+
-+ if(sa_state > SADB_SASTATE_MAX) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_sa_build: "
-+ "sa_state=%d exceeds MAX=%d.\n",
-+ sa_state,
-+ SADB_SASTATE_MAX);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(sa_state == SADB_SASTATE_DEAD) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_sa_build: "
-+ "sa_state=%d is DEAD=%d is not allowed.\n",
-+ sa_state,
-+ SADB_SASTATE_DEAD);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if((IPSEC_SAREF_NULL != ref) && (ref >= (1 << IPSEC_SA_REF_TABLE_IDX_WIDTH))) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_sa_build: "
-+ "SAref=%d must be (SAref == IPSEC_SAREF_NULL(%d) || SAref < IPSEC_SA_REF_TABLE_NUM_ENTRIES(%d)).\n",
-+ ref,
-+ IPSEC_SAREF_NULL,
-+ IPSEC_SA_REF_TABLE_NUM_ENTRIES);
-+ SENDERR(EINVAL);
-+ }
-+
-+ pfkey_sa = (struct sadb_sa*)MALLOC(sizeof(struct sadb_sa));
-+ *pfkey_ext = (struct sadb_ext*)pfkey_sa;
-+
-+ if(pfkey_sa == NULL) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_sa_build: "
-+ "memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+ memset(pfkey_sa, 0, sizeof(struct sadb_sa));
-+
-+ pfkey_sa->sadb_sa_len = sizeof(*pfkey_sa) / IPSEC_PFKEYv2_ALIGN;
-+ pfkey_sa->sadb_sa_exttype = exttype;
-+ pfkey_sa->sadb_sa_spi = spi;
-+ pfkey_sa->sadb_sa_replay = replay_window;
-+ pfkey_sa->sadb_sa_state = sa_state;
-+ pfkey_sa->sadb_sa_auth = auth;
-+ pfkey_sa->sadb_sa_encrypt = encrypt;
-+ pfkey_sa->sadb_sa_flags = flags;
-+ pfkey_sa->sadb_x_sa_ref = ref;
-+
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_sa_build(struct sadb_ext ** pfkey_ext,
-+ uint16_t exttype,
-+ uint32_t spi,
-+ uint8_t replay_window,
-+ uint8_t sa_state,
-+ uint8_t auth,
-+ uint8_t encrypt,
-+ uint32_t flags)
-+{
-+ return pfkey_sa_ref_build(pfkey_ext,
-+ exttype,
-+ spi,
-+ replay_window,
-+ sa_state,
-+ auth,
-+ encrypt,
-+ flags,
-+ IPSEC_SAREF_NULL);
-+}
-+
-+int
-+pfkey_lifetime_build(struct sadb_ext ** pfkey_ext,
-+ uint16_t exttype,
-+ uint32_t allocations,
-+ uint64_t bytes,
-+ uint64_t addtime,
-+ uint64_t usetime,
-+ uint32_t packets)
-+{
-+ int error = 0;
-+ struct sadb_lifetime *pfkey_lifetime = (struct sadb_lifetime *)*pfkey_ext;
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_lifetime_build:\n");
-+ /* sanity checks... */
-+ if(pfkey_lifetime) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_lifetime_build: "
-+ "why is pfkey_lifetime already pointing to something?\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(exttype != SADB_EXT_LIFETIME_CURRENT &&
-+ exttype != SADB_EXT_LIFETIME_HARD &&
-+ exttype != SADB_EXT_LIFETIME_SOFT) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_lifetime_build: "
-+ "invalid exttype=%d.\n",
-+ exttype);
-+ SENDERR(EINVAL);
-+ }
-+
-+ pfkey_lifetime = (struct sadb_lifetime*)MALLOC(sizeof(struct sadb_lifetime));
-+ *pfkey_ext = (struct sadb_ext*) pfkey_lifetime;
-+
-+ if(pfkey_lifetime == NULL) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_lifetime_build: "
-+ "memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+ memset(pfkey_lifetime, 0, sizeof(struct sadb_lifetime));
-+
-+ pfkey_lifetime->sadb_lifetime_len = sizeof(struct sadb_lifetime) / IPSEC_PFKEYv2_ALIGN;
-+ pfkey_lifetime->sadb_lifetime_exttype = exttype;
-+ pfkey_lifetime->sadb_lifetime_allocations = allocations;
-+ pfkey_lifetime->sadb_lifetime_bytes = bytes;
-+ pfkey_lifetime->sadb_lifetime_addtime = addtime;
-+ pfkey_lifetime->sadb_lifetime_usetime = usetime;
-+ pfkey_lifetime->sadb_x_lifetime_packets = packets;
-+
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_address_build(struct sadb_ext** pfkey_ext,
-+ uint16_t exttype,
-+ uint8_t proto,
-+ uint8_t prefixlen,
-+ struct sockaddr* address)
-+{
-+ int error = 0;
-+ int saddr_len = 0;
-+ char ipaddr_txt[ADDRTOT_BUF + 6/*extra for port number*/];
-+ struct sadb_address *pfkey_address = (struct sadb_address *)*pfkey_ext;
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_address_build: "
-+ "exttype=%d proto=%d prefixlen=%d\n",
-+ exttype,
-+ proto,
-+ prefixlen);
-+ /* sanity checks... */
-+ if(pfkey_address) {
-+ ERROR("pfkey_address_build: "
-+ "why is pfkey_address already pointing to something?\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if (!address) {
-+ ERROR("pfkey_address_build: " "address is NULL\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ switch(exttype) {
-+ case SADB_EXT_ADDRESS_SRC:
-+ case SADB_EXT_ADDRESS_DST:
-+ case SADB_EXT_ADDRESS_PROXY:
-+ case SADB_X_EXT_ADDRESS_DST2:
-+ case SADB_X_EXT_ADDRESS_SRC_FLOW:
-+ case SADB_X_EXT_ADDRESS_DST_FLOW:
-+ case SADB_X_EXT_ADDRESS_SRC_MASK:
-+ case SADB_X_EXT_ADDRESS_DST_MASK:
-+#ifdef NAT_TRAVERSAL
-+ case SADB_X_EXT_NAT_T_OA:
-+#endif
-+ break;
-+ default:
-+ ERROR("pfkey_address_build: "
-+ "unrecognised ext_type=%d.\n",
-+ exttype);
-+ SENDERR(EINVAL);
-+ }
-+
-+ switch(address->sa_family) {
-+ case AF_INET:
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_address_build: "
-+ "found address family AF_INET.\n");
-+ saddr_len = sizeof(struct sockaddr_in);
-+ sprintf(ipaddr_txt, "%d.%d.%d.%d:%d"
-+ , (((struct sockaddr_in*)address)->sin_addr.s_addr >> 0) & 0xFF
-+ , (((struct sockaddr_in*)address)->sin_addr.s_addr >> 8) & 0xFF
-+ , (((struct sockaddr_in*)address)->sin_addr.s_addr >> 16) & 0xFF
-+ , (((struct sockaddr_in*)address)->sin_addr.s_addr >> 24) & 0xFF
-+ , ntohs(((struct sockaddr_in*)address)->sin_port));
-+ break;
-+ case AF_INET6:
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_address_build: "
-+ "found address family AF_INET6.\n");
-+ saddr_len = sizeof(struct sockaddr_in6);
-+ sprintf(ipaddr_txt, "%x:%x:%x:%x:%x:%x:%x:%x-%x"
-+ , ntohs(((struct sockaddr_in6*)address)->sin6_addr.s6_addr16[0])
-+ , ntohs(((struct sockaddr_in6*)address)->sin6_addr.s6_addr16[1])
-+ , ntohs(((struct sockaddr_in6*)address)->sin6_addr.s6_addr16[2])
-+ , ntohs(((struct sockaddr_in6*)address)->sin6_addr.s6_addr16[3])
-+ , ntohs(((struct sockaddr_in6*)address)->sin6_addr.s6_addr16[4])
-+ , ntohs(((struct sockaddr_in6*)address)->sin6_addr.s6_addr16[5])
-+ , ntohs(((struct sockaddr_in6*)address)->sin6_addr.s6_addr16[6])
-+ , ntohs(((struct sockaddr_in6*)address)->sin6_addr.s6_addr16[7])
-+ , ntohs(((struct sockaddr_in6*)address)->sin6_port));
-+ break;
-+ default:
-+ ERROR("pfkey_address_build: "
-+ "address->sa_family=%d not supported.\n",
-+ address->sa_family);
-+ SENDERR(EPFNOSUPPORT);
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_address_build: "
-+ "found address=%s.\n",
-+ ipaddr_txt);
-+ if(prefixlen != 0) {
-+ ERROR("pfkey_address_build: "
-+ "address prefixes not supported yet.\n");
-+ SENDERR(EAFNOSUPPORT); /* not supported yet */
-+ }
-+
-+ /* allocate some memory for the extension */
-+ pfkey_address = (struct sadb_address*)
-+ MALLOC(ALIGN_N(sizeof(struct sadb_address) + saddr_len, IPSEC_PFKEYv2_ALIGN));
-+ *pfkey_ext = (struct sadb_ext*)pfkey_address;
-+
-+ if(pfkey_address == NULL ) {
-+ ERROR("pfkey_lifetime_build: "
-+ "memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+ memset(pfkey_address,
-+ 0,
-+ ALIGN_N(sizeof(struct sadb_address) + saddr_len,
-+ IPSEC_PFKEYv2_ALIGN));
-+
-+ pfkey_address->sadb_address_len = DIVUP(sizeof(struct sadb_address) + saddr_len,
-+ IPSEC_PFKEYv2_ALIGN);
-+
-+ pfkey_address->sadb_address_exttype = exttype;
-+ pfkey_address->sadb_address_proto = proto;
-+ pfkey_address->sadb_address_prefixlen = prefixlen;
-+ pfkey_address->sadb_address_reserved = 0;
-+
-+ memcpy((char*)pfkey_address + sizeof(struct sadb_address),
-+ address,
-+ saddr_len);
-+
-+#if 0
-+ for(i = 0; i < sizeof(struct sockaddr_in) - offsetof(struct sockaddr_in, sin_zero); i++) {
-+ pfkey_address_s_ska.sin_zero[i] = 0;
-+ }
-+#endif
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_address_build: "
-+ "successful created len: %d.\n", pfkey_address->sadb_address_len);
-+
-+ errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_key_build(struct sadb_ext** pfkey_ext,
-+ uint16_t exttype,
-+ uint16_t key_bits,
-+ char* key)
-+{
-+ int error = 0;
-+ struct sadb_key *pfkey_key = (struct sadb_key *)*pfkey_ext;
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_key_build:\n");
-+ /* sanity checks... */
-+ if(pfkey_key) {
-+ ERROR("pfkey_key_build: "
-+ "why is pfkey_key already pointing to something?\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(!key_bits) {
-+ ERROR("pfkey_key_build: "
-+ "key_bits is zero, it must be non-zero.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if( !((exttype == SADB_EXT_KEY_AUTH) || (exttype == SADB_EXT_KEY_ENCRYPT))) {
-+ ERROR("pfkey_key_build: "
-+ "unsupported extension type=%d.\n",
-+ exttype);
-+ SENDERR(EINVAL);
-+ }
-+
-+ pfkey_key = (struct sadb_key*)
-+ MALLOC(sizeof(struct sadb_key) +
-+ DIVUP(key_bits, 64) * IPSEC_PFKEYv2_ALIGN);
-+
-+ *pfkey_ext = (struct sadb_ext*)pfkey_key;
-+
-+ if(pfkey_key == NULL) {
-+ ERROR("pfkey_key_build: "
-+ "memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+ memset(pfkey_key,
-+ 0,
-+ sizeof(struct sadb_key) +
-+ DIVUP(key_bits, 64) * IPSEC_PFKEYv2_ALIGN);
-+
-+ pfkey_key->sadb_key_len = DIVUP(sizeof(struct sadb_key) * IPSEC_PFKEYv2_ALIGN + key_bits,
-+ 64);
-+ pfkey_key->sadb_key_exttype = exttype;
-+ pfkey_key->sadb_key_bits = key_bits;
-+ pfkey_key->sadb_key_reserved = 0;
-+ memcpy((char*)pfkey_key + sizeof(struct sadb_key),
-+ key,
-+ DIVUP(key_bits, 8));
-+
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_ident_build(struct sadb_ext** pfkey_ext,
-+ uint16_t exttype,
-+ uint16_t ident_type,
-+ uint64_t ident_id,
-+ uint8_t ident_len,
-+ char* ident_string)
-+{
-+ int error = 0;
-+ struct sadb_ident *pfkey_ident = (struct sadb_ident *)*pfkey_ext;
-+ int data_len = ident_len * IPSEC_PFKEYv2_ALIGN - sizeof(struct sadb_ident);
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_ident_build:\n");
-+ /* sanity checks... */
-+ if(pfkey_ident) {
-+ ERROR("pfkey_ident_build: "
-+ "why is pfkey_ident already pointing to something?\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if( ! ((exttype == SADB_EXT_IDENTITY_SRC) ||
-+ (exttype == SADB_EXT_IDENTITY_DST))) {
-+ ERROR("pfkey_ident_build: "
-+ "unsupported extension type=%d.\n",
-+ exttype);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if((ident_type == SADB_IDENTTYPE_RESERVED)) {
-+ ERROR("pfkey_ident_build: "
-+ "ident_type must be non-zero.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(ident_type > SADB_IDENTTYPE_MAX) {
-+ ERROR("pfkey_ident_build: "
-+ "identtype=%d out of range.\n",
-+ ident_type);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(((ident_type == SADB_IDENTTYPE_PREFIX) ||
-+ (ident_type == SADB_IDENTTYPE_FQDN)) &&
-+ !ident_string) {
-+ ERROR("pfkey_ident_build: "
-+ "string required to allocate size of extension.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+#if 0
-+ if((ident_type == SADB_IDENTTYPE_USERFQDN) ) {
-+ }
-+#endif
-+
-+ pfkey_ident = (struct sadb_ident*)
-+ MALLOC(ident_len * IPSEC_PFKEYv2_ALIGN);
-+
-+ *pfkey_ext = (struct sadb_ext*)pfkey_ident;
-+
-+ if(pfkey_ident == NULL) {
-+ ERROR("pfkey_ident_build: "
-+ "memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+ memset(pfkey_ident, 0, ident_len * IPSEC_PFKEYv2_ALIGN);
-+
-+ pfkey_ident->sadb_ident_len = ident_len;
-+ pfkey_ident->sadb_ident_exttype = exttype;
-+ pfkey_ident->sadb_ident_type = ident_type;
-+ pfkey_ident->sadb_ident_reserved = 0;
-+ pfkey_ident->sadb_ident_id = ident_id;
-+ memcpy((char*)pfkey_ident + sizeof(struct sadb_ident),
-+ ident_string,
-+ data_len);
-+
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_sens_build(struct sadb_ext** pfkey_ext,
-+ uint32_t dpd,
-+ uint8_t sens_level,
-+ uint8_t sens_len,
-+ uint64_t* sens_bitmap,
-+ uint8_t integ_level,
-+ uint8_t integ_len,
-+ uint64_t* integ_bitmap)
-+{
-+ int error = 0;
-+ struct sadb_sens *pfkey_sens = (struct sadb_sens *)*pfkey_ext;
-+ int i;
-+ uint64_t* bitmap;
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_sens_build:\n");
-+ /* sanity checks... */
-+ if(pfkey_sens) {
-+ ERROR("pfkey_sens_build: "
-+ "why is pfkey_sens already pointing to something?\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_sens_build: "
-+ "Sorry, I can't build exttype=%d yet.\n",
-+ (*pfkey_ext)->sadb_ext_type);
-+ SENDERR(EINVAL); /* don't process these yet */
-+
-+ pfkey_sens = (struct sadb_sens*)
-+ MALLOC(sizeof(struct sadb_sens) +
-+ (sens_len + integ_len) * sizeof(uint64_t));
-+
-+ *pfkey_ext = (struct sadb_ext*)pfkey_sens;
-+
-+ if(pfkey_sens == NULL) {
-+ ERROR("pfkey_sens_build: "
-+ "memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+ memset(pfkey_sens,
-+ 0,
-+ sizeof(struct sadb_sens) +
-+ (sens_len + integ_len) * sizeof(uint64_t));
-+
-+ pfkey_sens->sadb_sens_len = (sizeof(struct sadb_sens) +
-+ (sens_len + integ_len) * sizeof(uint64_t)) / IPSEC_PFKEYv2_ALIGN;
-+ pfkey_sens->sadb_sens_exttype = SADB_EXT_SENSITIVITY;
-+ pfkey_sens->sadb_sens_dpd = dpd;
-+ pfkey_sens->sadb_sens_sens_level = sens_level;
-+ pfkey_sens->sadb_sens_sens_len = sens_len;
-+ pfkey_sens->sadb_sens_integ_level = integ_level;
-+ pfkey_sens->sadb_sens_integ_len = integ_len;
-+ pfkey_sens->sadb_sens_reserved = 0;
-+
-+ bitmap = (uint64_t*)((char*)pfkey_ext + sizeof(struct sadb_sens));
-+ for(i = 0; i < sens_len; i++) {
-+ *bitmap = sens_bitmap[i];
-+ bitmap++;
-+ }
-+ for(i = 0; i < integ_len; i++) {
-+ *bitmap = integ_bitmap[i];
-+ bitmap++;
-+ }
-+
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_prop_build(struct sadb_ext** pfkey_ext,
-+ uint8_t replay,
-+ unsigned int comb_num,
-+ struct sadb_comb* comb)
-+{
-+ int error = 0;
-+ int i;
-+ struct sadb_prop *pfkey_prop = (struct sadb_prop *)*pfkey_ext;
-+ struct sadb_comb *combp;
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_prop_build:\n");
-+ /* sanity checks... */
-+ if(pfkey_prop) {
-+ ERROR("pfkey_prop_build: "
-+ "why is pfkey_prop already pointing to something?\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ pfkey_prop = (struct sadb_prop*)
-+ MALLOC(sizeof(struct sadb_prop) +
-+ comb_num * sizeof(struct sadb_comb));
-+
-+ *pfkey_ext = (struct sadb_ext*)pfkey_prop;
-+
-+ if(pfkey_prop == NULL) {
-+ ERROR("pfkey_prop_build: "
-+ "memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+ memset(pfkey_prop,
-+ 0,
-+ sizeof(struct sadb_prop) +
-+ comb_num * sizeof(struct sadb_comb));
-+
-+ pfkey_prop->sadb_prop_len = (sizeof(struct sadb_prop) +
-+ comb_num * sizeof(struct sadb_comb)) / IPSEC_PFKEYv2_ALIGN;
-+
-+ pfkey_prop->sadb_prop_exttype = SADB_EXT_PROPOSAL;
-+ pfkey_prop->sadb_prop_replay = replay;
-+
-+ for(i=0; i<3; i++) {
-+ pfkey_prop->sadb_prop_reserved[i] = 0;
-+ }
-+
-+ combp = (struct sadb_comb*)((char*)*pfkey_ext + sizeof(struct sadb_prop));
-+ for(i = 0; i < comb_num; i++) {
-+ memcpy (combp, &(comb[i]), sizeof(struct sadb_comb));
-+ combp++;
-+ }
-+
-+#if 0
-+ uint8_t sadb_comb_auth;
-+ uint8_t sadb_comb_encrypt;
-+ uint16_t sadb_comb_flags;
-+ uint16_t sadb_comb_auth_minbits;
-+ uint16_t sadb_comb_auth_maxbits;
-+ uint16_t sadb_comb_encrypt_minbits;
-+ uint16_t sadb_comb_encrypt_maxbits;
-+ uint32_t sadb_comb_reserved;
-+ uint32_t sadb_comb_soft_allocations;
-+ uint32_t sadb_comb_hard_allocations;
-+ uint64_t sadb_comb_soft_bytes;
-+ uint64_t sadb_comb_hard_bytes;
-+ uint64_t sadb_comb_soft_addtime;
-+ uint64_t sadb_comb_hard_addtime;
-+ uint64_t sadb_comb_soft_usetime;
-+ uint64_t sadb_comb_hard_usetime;
-+ uint32_t sadb_comb_soft_packets;
-+ uint32_t sadb_comb_hard_packets;
-+#endif
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_supported_build(struct sadb_ext** pfkey_ext,
-+ uint16_t exttype,
-+ unsigned int alg_num,
-+ struct sadb_alg* alg)
-+{
-+ int error = 0;
-+ unsigned int i;
-+ struct sadb_supported *pfkey_supported = (struct sadb_supported *)*pfkey_ext;
-+ struct sadb_alg *pfkey_alg;
-+
-+ /* sanity checks... */
-+ if(pfkey_supported) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_supported_build: "
-+ "why is pfkey_supported already pointing to something?\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if( !((exttype == SADB_EXT_SUPPORTED_AUTH) || (exttype == SADB_EXT_SUPPORTED_ENCRYPT))) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_supported_build: "
-+ "unsupported extension type=%d.\n",
-+ exttype);
-+ SENDERR(EINVAL);
-+ }
-+
-+ pfkey_supported = (struct sadb_supported*)
-+ MALLOC(sizeof(struct sadb_supported) +
-+ alg_num *
-+ sizeof(struct sadb_alg));
-+
-+ *pfkey_ext = (struct sadb_ext*)pfkey_supported;
-+
-+ if(pfkey_supported == NULL) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_supported_build: "
-+ "memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+ memset(pfkey_supported,
-+ 0,
-+ sizeof(struct sadb_supported) +
-+ alg_num *
-+ sizeof(struct sadb_alg));
-+
-+ pfkey_supported->sadb_supported_len = (sizeof(struct sadb_supported) +
-+ alg_num *
-+ sizeof(struct sadb_alg)) /
-+ IPSEC_PFKEYv2_ALIGN;
-+ pfkey_supported->sadb_supported_exttype = exttype;
-+ pfkey_supported->sadb_supported_reserved = 0;
-+
-+ pfkey_alg = (struct sadb_alg*)((char*)pfkey_supported + sizeof(struct sadb_supported));
-+ for(i = 0; i < alg_num; i++) {
-+ memcpy (pfkey_alg, &(alg[i]), sizeof(struct sadb_alg));
-+ pfkey_alg->sadb_alg_reserved = 0;
-+ pfkey_alg++;
-+ }
-+
-+#if 0
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_supported_build: "
-+ "Sorry, I can't build exttype=%d yet.\n",
-+ (*pfkey_ext)->sadb_ext_type);
-+ SENDERR(EINVAL); /* don't process these yet */
-+
-+ uint8_t sadb_alg_id;
-+ uint8_t sadb_alg_ivlen;
-+ uint16_t sadb_alg_minbits;
-+ uint16_t sadb_alg_maxbits;
-+ uint16_t sadb_alg_reserved;
-+#endif
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_spirange_build(struct sadb_ext** pfkey_ext,
-+ uint16_t exttype,
-+ uint32_t min, /* in network order */
-+ uint32_t max) /* in network order */
-+{
-+ int error = 0;
-+ struct sadb_spirange *pfkey_spirange = (struct sadb_spirange *)*pfkey_ext;
-+
-+ /* sanity checks... */
-+ if(pfkey_spirange) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_spirange_build: "
-+ "why is pfkey_spirange already pointing to something?\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(ntohl(max) < ntohl(min)) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_spirange_build: "
-+ "minspi=%08x must be < maxspi=%08x.\n",
-+ ntohl(min),
-+ ntohl(max));
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(ntohl(min) <= 255) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_spirange_build: "
-+ "minspi=%08x must be > 255.\n",
-+ ntohl(min));
-+ SENDERR(EEXIST);
-+ }
-+
-+ pfkey_spirange = (struct sadb_spirange*)
-+ MALLOC(sizeof(struct sadb_spirange));
-+
-+ *pfkey_ext = (struct sadb_ext*)pfkey_spirange;
-+
-+ if(pfkey_spirange == NULL) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_spirange_build: "
-+ "memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+ memset(pfkey_spirange,
-+ 0,
-+ sizeof(struct sadb_spirange));
-+
-+ pfkey_spirange->sadb_spirange_len = sizeof(struct sadb_spirange) / IPSEC_PFKEYv2_ALIGN;
-+
-+ pfkey_spirange->sadb_spirange_exttype = SADB_EXT_SPIRANGE;
-+ pfkey_spirange->sadb_spirange_min = min;
-+ pfkey_spirange->sadb_spirange_max = max;
-+ pfkey_spirange->sadb_spirange_reserved = 0;
-+ errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_x_kmprivate_build(struct sadb_ext** pfkey_ext)
-+{
-+ int error = 0;
-+ struct sadb_x_kmprivate *pfkey_x_kmprivate = (struct sadb_x_kmprivate *)*pfkey_ext;
-+
-+ /* sanity checks... */
-+ if(pfkey_x_kmprivate) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_x_kmprivate_build: "
-+ "why is pfkey_x_kmprivate already pointing to something?\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ pfkey_x_kmprivate->sadb_x_kmprivate_reserved = 0;
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_x_kmprivate_build: "
-+ "Sorry, I can't build exttype=%d yet.\n",
-+ (*pfkey_ext)->sadb_ext_type);
-+ SENDERR(EINVAL); /* don't process these yet */
-+
-+ pfkey_x_kmprivate = (struct sadb_x_kmprivate*)
-+ MALLOC(sizeof(struct sadb_x_kmprivate));
-+
-+ *pfkey_ext = (struct sadb_ext*)pfkey_x_kmprivate;
-+
-+ if(pfkey_x_kmprivate == NULL) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_x_kmprivate_build: "
-+ "memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+ memset(pfkey_x_kmprivate,
-+ 0,
-+ sizeof(struct sadb_x_kmprivate));
-+
-+ pfkey_x_kmprivate->sadb_x_kmprivate_len =
-+ sizeof(struct sadb_x_kmprivate) / IPSEC_PFKEYv2_ALIGN;
-+
-+ pfkey_x_kmprivate->sadb_x_kmprivate_exttype = SADB_X_EXT_KMPRIVATE;
-+ pfkey_x_kmprivate->sadb_x_kmprivate_reserved = 0;
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_x_satype_build(struct sadb_ext** pfkey_ext,
-+ uint8_t satype)
-+{
-+ int error = 0;
-+ int i;
-+ struct sadb_x_satype *pfkey_x_satype = (struct sadb_x_satype *)*pfkey_ext;
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_x_satype_build:\n");
-+ /* sanity checks... */
-+ if(pfkey_x_satype) {
-+ ERROR("pfkey_x_satype_build: "
-+ "why is pfkey_x_satype already pointing to something?\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(!satype) {
-+ ERROR("pfkey_x_satype_build: "
-+ "SA type not set, must be non-zero.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(satype > SADB_SATYPE_MAX) {
-+ ERROR("pfkey_x_satype_build: "
-+ "satype %d > max %d\n",
-+ satype, SADB_SATYPE_MAX);
-+ SENDERR(EINVAL);
-+ }
-+
-+ pfkey_x_satype = (struct sadb_x_satype*)
-+ MALLOC(sizeof(struct sadb_x_satype));
-+
-+ *pfkey_ext = (struct sadb_ext*)pfkey_x_satype;
-+ if(pfkey_x_satype == NULL) {
-+ ERROR("pfkey_x_satype_build: "
-+ "memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+ memset(pfkey_x_satype,
-+ 0,
-+ sizeof(struct sadb_x_satype));
-+
-+ pfkey_x_satype->sadb_x_satype_len = sizeof(struct sadb_x_satype) / IPSEC_PFKEYv2_ALIGN;
-+
-+ pfkey_x_satype->sadb_x_satype_exttype = SADB_X_EXT_SATYPE2;
-+ pfkey_x_satype->sadb_x_satype_satype = satype;
-+ for(i=0; i<3; i++) {
-+ pfkey_x_satype->sadb_x_satype_reserved[i] = 0;
-+ }
-+
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_x_debug_build(struct sadb_ext** pfkey_ext,
-+ uint32_t tunnel,
-+ uint32_t netlink,
-+ uint32_t xform,
-+ uint32_t eroute,
-+ uint32_t spi,
-+ uint32_t radij,
-+ uint32_t esp,
-+ uint32_t ah,
-+ uint32_t rcv,
-+ uint32_t pfkey,
-+ uint32_t ipcomp,
-+ uint32_t verbose)
-+{
-+ int error = 0;
-+ int i;
-+ struct sadb_x_debug *pfkey_x_debug = (struct sadb_x_debug *)*pfkey_ext;
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_x_debug_build:\n");
-+ /* sanity checks... */
-+ if(pfkey_x_debug) {
-+ ERROR("pfkey_x_debug_build: "
-+ "why is pfkey_x_debug already pointing to something?\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_x_debug_build: "
-+ "tunnel=%x netlink=%x xform=%x eroute=%x spi=%x radij=%x esp=%x ah=%x rcv=%x pfkey=%x ipcomp=%x verbose=%x?\n",
-+ tunnel, netlink, xform, eroute, spi, radij, esp, ah, rcv, pfkey, ipcomp, verbose);
-+
-+ pfkey_x_debug = (struct sadb_x_debug*)
-+ MALLOC(sizeof(struct sadb_x_debug));
-+
-+ *pfkey_ext = (struct sadb_ext*)pfkey_x_debug;
-+
-+ if(pfkey_x_debug == NULL) {
-+ ERROR("pfkey_x_debug_build: "
-+ "memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+#if 0
-+ memset(pfkey_x_debug,
-+ 0,
-+ sizeof(struct sadb_x_debug));
-+#endif
-+
-+ pfkey_x_debug->sadb_x_debug_len = sizeof(struct sadb_x_debug) / IPSEC_PFKEYv2_ALIGN;
-+ pfkey_x_debug->sadb_x_debug_exttype = SADB_X_EXT_DEBUG;
-+
-+ pfkey_x_debug->sadb_x_debug_tunnel = tunnel;
-+ pfkey_x_debug->sadb_x_debug_netlink = netlink;
-+ pfkey_x_debug->sadb_x_debug_xform = xform;
-+ pfkey_x_debug->sadb_x_debug_eroute = eroute;
-+ pfkey_x_debug->sadb_x_debug_spi = spi;
-+ pfkey_x_debug->sadb_x_debug_radij = radij;
-+ pfkey_x_debug->sadb_x_debug_esp = esp;
-+ pfkey_x_debug->sadb_x_debug_ah = ah;
-+ pfkey_x_debug->sadb_x_debug_rcv = rcv;
-+ pfkey_x_debug->sadb_x_debug_pfkey = pfkey;
-+ pfkey_x_debug->sadb_x_debug_ipcomp = ipcomp;
-+ pfkey_x_debug->sadb_x_debug_verbose = verbose;
-+
-+ for(i=0; i<4; i++) {
-+ pfkey_x_debug->sadb_x_debug_reserved[i] = 0;
-+ }
-+
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_x_nat_t_type_build(struct sadb_ext** pfkey_ext,
-+ uint8_t type)
-+{
-+ int error = 0;
-+ int i;
-+ struct sadb_x_nat_t_type *pfkey_x_nat_t_type = (struct sadb_x_nat_t_type *)*pfkey_ext;
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_x_nat_t_type_build:\n");
-+ /* sanity checks... */
-+ if(pfkey_x_nat_t_type) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_x_nat_t_type_build: "
-+ "why is pfkey_x_nat_t_type already pointing to something?\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_x_nat_t_type_build: "
-+ "type=%d\n", type);
-+
-+ pfkey_x_nat_t_type = (struct sadb_x_nat_t_type*)
-+ MALLOC(sizeof(struct sadb_x_nat_t_type));
-+
-+ *pfkey_ext = (struct sadb_ext*)pfkey_x_nat_t_type;
-+
-+ if(pfkey_x_nat_t_type == NULL) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_x_nat_t_type_build: "
-+ "memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+
-+ pfkey_x_nat_t_type->sadb_x_nat_t_type_len = sizeof(struct sadb_x_nat_t_type) / IPSEC_PFKEYv2_ALIGN;
-+ pfkey_x_nat_t_type->sadb_x_nat_t_type_exttype = SADB_X_EXT_NAT_T_TYPE;
-+ pfkey_x_nat_t_type->sadb_x_nat_t_type_type = type;
-+ for(i=0; i<3; i++) {
-+ pfkey_x_nat_t_type->sadb_x_nat_t_type_reserved[i] = 0;
-+ }
-+
-+errlab:
-+ return error;
-+}
-+int
-+pfkey_x_nat_t_port_build(struct sadb_ext** pfkey_ext,
-+ uint16_t exttype,
-+ uint16_t port)
-+{
-+ int error = 0;
-+ struct sadb_x_nat_t_port *pfkey_x_nat_t_port = (struct sadb_x_nat_t_port *)*pfkey_ext;
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_x_nat_t_port_build:\n");
-+ /* sanity checks... */
-+ if(pfkey_x_nat_t_port) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_x_nat_t_port_build: "
-+ "why is pfkey_x_nat_t_port already pointing to something?\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ switch(exttype) {
-+ case SADB_X_EXT_NAT_T_SPORT:
-+ case SADB_X_EXT_NAT_T_DPORT:
-+ break;
-+ default:
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_nat_t_port_build: "
-+ "unrecognised ext_type=%d.\n",
-+ exttype);
-+ SENDERR(EINVAL);
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_x_nat_t_port_build: "
-+ "ext=%d, port=%d\n", exttype, port);
-+
-+ pfkey_x_nat_t_port = (struct sadb_x_nat_t_port*)
-+ MALLOC(sizeof(struct sadb_x_nat_t_port));
-+
-+ *pfkey_ext = (struct sadb_ext*)pfkey_x_nat_t_port;
-+
-+ if(pfkey_x_nat_t_port == NULL) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_x_nat_t_port_build: "
-+ "memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+
-+ pfkey_x_nat_t_port->sadb_x_nat_t_port_len = sizeof(struct sadb_x_nat_t_port) / IPSEC_PFKEYv2_ALIGN;
-+ pfkey_x_nat_t_port->sadb_x_nat_t_port_exttype = exttype;
-+ pfkey_x_nat_t_port->sadb_x_nat_t_port_port = port;
-+ pfkey_x_nat_t_port->sadb_x_nat_t_port_reserved = 0;
-+
-+errlab:
-+ return error;
-+}
-+
-+int pfkey_x_protocol_build(struct sadb_ext **pfkey_ext,
-+ uint8_t protocol)
-+{
-+ int error = 0;
-+ struct sadb_protocol * p = (struct sadb_protocol *)*pfkey_ext;
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,"pfkey_x_protocol_build: protocol=%u\n", protocol);
-+ /* sanity checks... */
-+ if (p != 0) {
-+ ERROR("pfkey_x_protocol_build: bogus protocol pointer\n");
-+ SENDERR(EINVAL);
-+ }
-+ if ((p = (struct sadb_protocol*)MALLOC(sizeof(*p))) == 0) {
-+ ERROR("pfkey_build: memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+ *pfkey_ext = (struct sadb_ext *)p;
-+ p->sadb_protocol_len = sizeof(*p) / sizeof(uint64_t);
-+ p->sadb_protocol_exttype = SADB_X_EXT_PROTOCOL;
-+ p->sadb_protocol_proto = protocol;
-+ p->sadb_protocol_flags = 0;
-+ p->sadb_protocol_reserved2 = 0;
-+ errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_msg_build(struct sadb_msg **pfkey_msg, struct sadb_ext *extensions[], int dir)
-+{
-+ int error = 0;
-+ unsigned ext;
-+ unsigned total_size;
-+ struct sadb_ext *pfkey_ext;
-+ int extensions_seen = 0;
-+#ifndef __KERNEL__
-+ struct sadb_ext *extensions_check[SADB_EXT_MAX + 1];
-+#endif
-+
-+ if(!extensions[0]) {
-+ ERROR("pfkey_msg_build: "
-+ "extensions[0] must be specified (struct sadb_msg).\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ /* figure out the total size for all the requested extensions */
-+ total_size = IPSEC_PFKEYv2_WORDS(sizeof(struct sadb_msg));
-+ for(ext = 1; ext <= SADB_EXT_MAX; ext++) {
-+ if(extensions[ext]) {
-+ total_size += (extensions[ext])->sadb_ext_len;
-+ }
-+ }
-+
-+ /* allocate that much space */
-+ *pfkey_msg = (struct sadb_msg*)MALLOC(total_size * IPSEC_PFKEYv2_ALIGN);
-+ if(*pfkey_msg == NULL) {
-+ ERROR("pfkey_msg_build: "
-+ "memory allocation failed\n");
-+ SENDERR(ENOMEM);
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_msg_build: "
-+ "pfkey_msg=0p%p allocated %lu bytes, &(extensions[0])=0p%p\n",
-+ *pfkey_msg,
-+ (unsigned long)(total_size * IPSEC_PFKEYv2_ALIGN),
-+ &(extensions[0]));
-+
-+ memcpy(*pfkey_msg,
-+ extensions[0],
-+ sizeof(struct sadb_msg));
-+ (*pfkey_msg)->sadb_msg_len = total_size;
-+ (*pfkey_msg)->sadb_msg_reserved = 0;
-+ extensions_seen = 1 ;
-+
-+ /*
-+ * point pfkey_ext to immediately after the space for the header,
-+ * i.e. at the first extension location.
-+ */
-+ pfkey_ext = (struct sadb_ext*)(((char*)(*pfkey_msg)) + sizeof(struct sadb_msg));
-+
-+ for(ext = 1; ext <= SADB_EXT_MAX; ext++) {
-+ /* copy from extension[ext] to buffer */
-+ if(extensions[ext]) {
-+ /* Is this type of extension permitted for this type of message? */
-+ if(!(extensions_bitmaps[dir][EXT_BITS_PERM][(*pfkey_msg)->sadb_msg_type] &
-+ 1<<ext)) {
-+ ERROR("pfkey_msg_build: "
-+ "ext type %d not permitted, exts_perm=%08x, 1<<type=%08x\n",
-+ ext,
-+ extensions_bitmaps[dir][EXT_BITS_PERM][(*pfkey_msg)->sadb_msg_type],
-+ 1<<ext);
-+ SENDERR(EINVAL);
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_msg_build: "
-+ "copying %lu bytes from extensions[%u] (type=%d)\n",
-+ (unsigned long)(extensions[ext]->sadb_ext_len * IPSEC_PFKEYv2_ALIGN),
-+ ext,
-+ extensions[ext]->sadb_ext_type);
-+
-+ memcpy(pfkey_ext,
-+ extensions[ext],
-+ (extensions[ext])->sadb_ext_len * IPSEC_PFKEYv2_ALIGN);
-+ {
-+ char *pfkey_ext_c = (char *)pfkey_ext;
-+
-+ pfkey_ext_c += (extensions[ext])->sadb_ext_len * IPSEC_PFKEYv2_ALIGN;
-+ pfkey_ext = (struct sadb_ext *)pfkey_ext_c;
-+ }
-+
-+ /* Mark that we have seen this extension and remember the header location */
-+ extensions_seen |= ( 1 << ext );
-+ }
-+ }
-+
-+ /* check required extensions */
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_msg_build: "
-+ "extensions permitted=%08x, seen=%08x, required=%08x.\n",
-+ extensions_bitmaps[dir][EXT_BITS_PERM][(*pfkey_msg)->sadb_msg_type],
-+ extensions_seen,
-+ extensions_bitmaps[dir][EXT_BITS_REQ][(*pfkey_msg)->sadb_msg_type]);
-+
-+ if((extensions_seen &
-+ extensions_bitmaps[dir][EXT_BITS_REQ][(*pfkey_msg)->sadb_msg_type]) !=
-+ extensions_bitmaps[dir][EXT_BITS_REQ][(*pfkey_msg)->sadb_msg_type]) {
-+ DEBUGGING(PF_KEY_DEBUG_BUILD,
-+ "pfkey_msg_build: "
-+ "required extensions missing:%08x.\n",
-+ extensions_bitmaps[dir][EXT_BITS_REQ][(*pfkey_msg)->sadb_msg_type] -
-+ (extensions_seen &
-+ extensions_bitmaps[dir][EXT_BITS_REQ][(*pfkey_msg)->sadb_msg_type]) );
-+ SENDERR(EINVAL);
-+ }
-+
-+#ifndef __KERNEL__
-+/*
-+ * this is silly, there is no need to reparse the message that we just built.
-+ *
-+ */
-+ if((error = pfkey_msg_parse(*pfkey_msg, NULL, extensions_check, dir))) {
-+ ERROR(
-+ "pfkey_msg_build: "
-+ "Trouble parsing newly built pfkey message, error=%d.\n",
-+ error);
-+ SENDERR(-error);
-+ }
-+#endif
-+
-+errlab:
-+
-+ return error;
-+}
-+
-+/*
-+ * $Log: pfkey_v2_build.c,v $
-+ * Revision 1.51.8.1 2006/05/01 14:36:39 mcr
-+ * get rid of dead code.
-+ *
-+ * Revision 1.51 2004/10/03 01:26:36 mcr
-+ * fixes for gcc 3.4 compilation.
-+ *
-+ * Revision 1.50 2004/07/10 07:48:35 mcr
-+ * Moved from linux/lib/libfreeswan/pfkey_v2_build.c,v
-+ *
-+ * Revision 1.49 2004/04/12 02:59:06 mcr
-+ * erroneously moved pfkey_v2_build.c
-+ *
-+ * Revision 1.48 2004/04/09 18:00:40 mcr
-+ * Moved from linux/lib/libfreeswan/pfkey_v2_build.c,v
-+ *
-+ * Revision 1.47 2004/03/08 01:59:08 ken
-+ * freeswan.h -> openswan.h
-+ *
-+ * Revision 1.46 2003/12/10 01:20:19 mcr
-+ * NAT-traversal patches to KLIPS.
-+ *
-+ * Revision 1.45 2003/12/04 23:01:12 mcr
-+ * removed ipsec_netlink.h
-+ *
-+ * Revision 1.44 2003/10/31 02:27:12 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.43.4.2 2003/10/29 01:11:32 mcr
-+ * added debugging for pfkey library.
-+ *
-+ * Revision 1.43.4.1 2003/09/21 13:59:44 mcr
-+ * pre-liminary X.509 patch - does not yet pass tests.
-+ *
-+ * Revision 1.43 2003/05/07 17:29:17 mcr
-+ * new function pfkey_debug_func added for us in debugging from
-+ * pfkey library.
-+ *
-+ * Revision 1.42 2003/01/30 02:32:09 rgb
-+ *
-+ * Rename SAref table macro names for clarity.
-+ * Convert IPsecSAref_t from signed to unsigned to fix apparent SAref exhaustion bug.
-+ *
-+ * Revision 1.41 2002/12/13 18:16:02 mcr
-+ * restored sa_ref code
-+ *
-+ * Revision 1.40 2002/12/13 18:06:52 mcr
-+ * temporarily removed sadb_x_sa_ref reference for 2.xx
-+ *
-+ * Revision 1.39 2002/12/13 17:43:28 mcr
-+ * commented out access to sadb_x_sa_ref for 2.xx branch
-+ *
-+ * Revision 1.38 2002/10/09 03:12:05 dhr
-+ *
-+ * [kenb+dhr] 64-bit fixes
-+ *
-+ * Revision 1.37 2002/09/20 15:40:39 rgb
-+ * Added new function pfkey_sa_ref_build() to accomodate saref parameter.
-+ *
-+ * Revision 1.36 2002/09/20 05:01:22 rgb
-+ * Generalise for platform independance: fix (ia64) using unsigned for sizes.
-+ *
-+ * Revision 1.35 2002/07/24 18:44:54 rgb
-+ * Type fiddling to tame ia64 compiler.
-+ *
-+ * Revision 1.34 2002/05/23 07:14:11 rgb
-+ * Cleaned up %p variants to 0p%p for test suite cleanup.
-+ *
-+ * Revision 1.33 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.32 2002/04/24 07:36:40 mcr
-+ * Moved from ./lib/pfkey_v2_build.c,v
-+ *
-+ * Revision 1.31 2002/01/29 22:25:35 rgb
-+ * Re-add ipsec_kversion.h to keep MALLOC happy.
-+ *
-+ * Revision 1.30 2002/01/29 01:59:09 mcr
-+ * removal of kversions.h - sources that needed it now use ipsec_param.h.
-+ * updating of IPv6 structures to match latest in6.h version.
-+ * removed dead code from openswan.h that also duplicated kversions.h
-+ * code.
-+ *
-+ * Revision 1.29 2001/12/19 21:06:09 rgb
-+ * Added port numbers to pfkey_address_build() debugging.
-+ *
-+ * Revision 1.28 2001/11/06 19:47:47 rgb
-+ * Added packet parameter to lifetime and comb structures.
-+ *
-+ * Revision 1.27 2001/10/18 04:45:24 rgb
-+ * 2.4.9 kernel deprecates linux/malloc.h in favour of linux/slab.h,
-+ * lib/openswan.h version macros moved to lib/kversions.h.
-+ * Other compiler directive cleanups.
-+ *
-+ * Revision 1.26 2001/09/08 21:13:34 rgb
-+ * Added pfkey ident extension support for ISAKMPd. (NetCelo)
-+ *
-+ * Revision 1.25 2001/06/14 19:35:16 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.24 2001/03/20 03:49:45 rgb
-+ * Ditch superfluous debug_pfkey declaration.
-+ * Move misplaced openswan.h inclusion for kernel case.
-+ *
-+ * Revision 1.23 2001/03/16 07:41:50 rgb
-+ * Put openswan.h include before pluto includes.
-+ *
-+ * Revision 1.22 2001/02/27 22:24:56 rgb
-+ * Re-formatting debug output (line-splitting, joining, 1arg/line).
-+ * Check for satoa() return codes.
-+ *
-+ * Revision 1.21 2000/11/17 18:10:30 rgb
-+ * Fixed bugs mostly relating to spirange, to treat all spi variables as
-+ * network byte order since this is the way PF_KEYv2 stored spis.
-+ *
-+ * Revision 1.20 2000/10/12 00:02:39 rgb
-+ * Removed 'format, ##' nonsense from debug macros for RH7.0.
-+ *
-+ * Revision 1.19 2000/10/10 20:10:20 rgb
-+ * Added support for debug_ipcomp and debug_verbose to klipsdebug.
-+ *
-+ * Revision 1.18 2000/09/12 18:59:54 rgb
-+ * Added Gerhard's IPv6 support to pfkey parts of libopenswan.
-+ *
-+ * Revision 1.17 2000/09/12 03:27:00 rgb
-+ * Moved DEBUGGING definition to compile kernel with debug off.
-+ *
-+ * Revision 1.16 2000/09/08 19:22:12 rgb
-+ * Fixed pfkey_prop_build() parameter to be only single indirection.
-+ * Fixed struct alg copy.
-+ *
-+ * Revision 1.15 2000/08/20 21:40:01 rgb
-+ * Added an address parameter sanity check to pfkey_address_build().
-+ *
-+ * Revision 1.14 2000/08/15 17:29:23 rgb
-+ * Fixes from SZI to untested pfkey_prop_build().
-+ *
-+ * Revision 1.13 2000/06/02 22:54:14 rgb
-+ * Added Gerhard Gessler's struct sockaddr_storage mods for IPv6 support.
-+ *
-+ * Revision 1.12 2000/05/10 19:24:01 rgb
-+ * Fleshed out sensitivity, proposal and supported extensions.
-+ *
-+ * Revision 1.11 2000/03/16 14:07:23 rgb
-+ * Renamed ALIGN macro to avoid fighting with others in kernel.
-+ *
-+ * Revision 1.10 2000/01/24 21:14:35 rgb
-+ * Added disabled pluto pfkey lib debug flag.
-+ *
-+ * Revision 1.9 2000/01/21 06:27:32 rgb
-+ * Added address cases for eroute flows.
-+ * Removed unused code.
-+ * Dropped unused argument to pfkey_x_satype_build().
-+ * Indented compiler directives for readability.
-+ * Added klipsdebug switching capability.
-+ * Fixed SADB_EXT_MAX bug not permitting last extension access.
-+ *
-+ * Revision 1.8 1999/12/29 21:17:41 rgb
-+ * Changed pfkey_msg_build() I/F to include a struct sadb_msg**
-+ * parameter for cleaner manipulation of extensions[] and to guard
-+ * against potential memory leaks.
-+ * Changed the I/F to pfkey_msg_free() for the same reason.
-+ *
-+ * Revision 1.7 1999/12/09 23:12:20 rgb
-+ * Removed unused cruft.
-+ * Added argument to pfkey_sa_build() to do eroutes.
-+ * Fixed exttype check in as yet unused pfkey_lifetime_build().
-+ *
-+ * Revision 1.6 1999/12/07 19:54:29 rgb
-+ * Removed static pluto debug flag.
-+ * Added functions for pfkey message and extensions initialisation
-+ * and cleanup.
-+ *
-+ * Revision 1.5 1999/12/01 22:20:06 rgb
-+ * Changed pfkey_sa_build to accept an SPI in network byte order.
-+ * Added <string.h> to quiet userspace compiler.
-+ * Moved pfkey_lib_debug variable into the library.
-+ * Removed SATYPE check from pfkey_msg_hdr_build so FLUSH will work.
-+ * Added extension assembly debugging.
-+ * Isolated assignment with brackets to be sure of scope.
-+ *
-+ * Revision 1.4 1999/11/27 11:57:35 rgb
-+ * Added ipv6 headers.
-+ * Remove over-zealous algorithm sanity checkers from pfkey_sa_build.
-+ * Debugging error messages added.
-+ * Fixed missing auth and encrypt assignment bug.
-+ * Add argument to pfkey_msg_parse() for direction.
-+ * Move parse-after-build check inside pfkey_msg_build().
-+ * Consolidated the 4 1-d extension bitmap arrays into one 4-d array.
-+ * Add CVS log entry to bottom of file.
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/pfkey_v2_debug.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,181 @@
-+/*
-+ * @(#) pfkey version 2 debugging messages
-+ *
-+ * Copyright (C) 2001 Richard Guy Briggs <rgb@openswan.org>
-+ * and Michael Richardson <mcr@openswan.org>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: pfkey_v2_debug.c,v 1.11 2005/04/06 17:45:16 mcr Exp $
-+ *
-+ */
-+
-+#ifdef __KERNEL__
-+
-+# include <linux/kernel.h> /* for printk */
-+
-+# include "openswan/ipsec_kversion.h" /* for malloc switch */
-+# ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+# else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+# endif /* MALLOC_SLAB */
-+# include <linux/errno.h> /* error codes */
-+# include <linux/types.h> /* size_t */
-+# include <linux/interrupt.h> /* mark_bh */
-+
-+# include <linux/netdevice.h> /* struct device, and other headers */
-+# include <linux/etherdevice.h> /* eth_type_trans */
-+extern int debug_pfkey;
-+
-+#else /* __KERNEL__ */
-+
-+# include <sys/types.h>
-+# include <linux/types.h>
-+# include <linux/errno.h>
-+
-+#endif /* __KERNEL__ */
-+
-+#include "openswan.h"
-+#include "pfkeyv2.h"
-+#include "pfkey.h"
-+
-+/*
-+ * This file provides ASCII translations of PF_KEY magic numbers.
-+ *
-+ */
-+
-+static char *pfkey_sadb_ext_strings[]={
-+ "reserved", /* SADB_EXT_RESERVED 0 */
-+ "security-association", /* SADB_EXT_SA 1 */
-+ "lifetime-current", /* SADB_EXT_LIFETIME_CURRENT 2 */
-+ "lifetime-hard", /* SADB_EXT_LIFETIME_HARD 3 */
-+ "lifetime-soft", /* SADB_EXT_LIFETIME_SOFT 4 */
-+ "source-address", /* SADB_EXT_ADDRESS_SRC 5 */
-+ "destination-address", /* SADB_EXT_ADDRESS_DST 6 */
-+ "proxy-address", /* SADB_EXT_ADDRESS_PROXY 7 */
-+ "authentication-key", /* SADB_EXT_KEY_AUTH 8 */
-+ "cipher-key", /* SADB_EXT_KEY_ENCRYPT 9 */
-+ "source-identity", /* SADB_EXT_IDENTITY_SRC 10 */
-+ "destination-identity", /* SADB_EXT_IDENTITY_DST 11 */
-+ "sensitivity-label", /* SADB_EXT_SENSITIVITY 12 */
-+ "proposal", /* SADB_EXT_PROPOSAL 13 */
-+ "supported-auth", /* SADB_EXT_SUPPORTED_AUTH 14 */
-+ "supported-cipher", /* SADB_EXT_SUPPORTED_ENCRYPT 15 */
-+ "spi-range", /* SADB_EXT_SPIRANGE 16 */
-+ "X-kmpprivate", /* SADB_X_EXT_KMPRIVATE 17 */
-+ "X-satype2", /* SADB_X_EXT_SATYPE2 18 */
-+ "X-security-association", /* SADB_X_EXT_SA2 19 */
-+ "X-destination-address2", /* SADB_X_EXT_ADDRESS_DST2 20 */
-+ "X-source-flow-address", /* SADB_X_EXT_ADDRESS_SRC_FLOW 21 */
-+ "X-dest-flow-address", /* SADB_X_EXT_ADDRESS_DST_FLOW 22 */
-+ "X-source-mask", /* SADB_X_EXT_ADDRESS_SRC_MASK 23 */
-+ "X-dest-mask", /* SADB_X_EXT_ADDRESS_DST_MASK 24 */
-+ "X-set-debug", /* SADB_X_EXT_DEBUG 25 */
-+ /* NAT_TRAVERSAL */
-+ "X-NAT-T-type", /* SADB_X_EXT_NAT_T_TYPE 26 */
-+ "X-NAT-T-sport", /* SADB_X_EXT_NAT_T_SPORT 27 */
-+ "X-NAT-T-dport", /* SADB_X_EXT_NAT_T_DPORT 28 */
-+ "X-NAT-T-OA", /* SADB_X_EXT_NAT_T_OA 29 */
-+};
-+
-+const char *
-+pfkey_v2_sadb_ext_string(int ext)
-+{
-+ if(ext <= SADB_EXT_MAX) {
-+ return pfkey_sadb_ext_strings[ext];
-+ } else {
-+ return "unknown-ext";
-+ }
-+}
-+
-+
-+static char *pfkey_sadb_type_strings[]={
-+ "reserved", /* SADB_RESERVED */
-+ "getspi", /* SADB_GETSPI */
-+ "update", /* SADB_UPDATE */
-+ "add", /* SADB_ADD */
-+ "delete", /* SADB_DELETE */
-+ "get", /* SADB_GET */
-+ "acquire", /* SADB_ACQUIRE */
-+ "register", /* SADB_REGISTER */
-+ "expire", /* SADB_EXPIRE */
-+ "flush", /* SADB_FLUSH */
-+ "dump", /* SADB_DUMP */
-+ "x-promisc", /* SADB_X_PROMISC */
-+ "x-pchange", /* SADB_X_PCHANGE */
-+ "x-groupsa", /* SADB_X_GRPSA */
-+ "x-addflow(eroute)", /* SADB_X_ADDFLOW */
-+ "x-delflow(eroute)", /* SADB_X_DELFLOW */
-+ "x-debug", /* SADB_X_DEBUG */
-+};
-+
-+const char *
-+pfkey_v2_sadb_type_string(int sadb_type)
-+{
-+ if(sadb_type <= SADB_MAX) {
-+ return pfkey_sadb_type_strings[sadb_type];
-+ } else {
-+ return "unknown-sadb-type";
-+ }
-+}
-+
-+
-+
-+
-+/*
-+ * $Log: pfkey_v2_debug.c,v $
-+ * Revision 1.11 2005/04/06 17:45:16 mcr
-+ * always include NAT-T names.
-+ *
-+ * Revision 1.10 2004/07/10 07:48:35 mcr
-+ * Moved from linux/lib/libfreeswan/pfkey_v2_debug.c,v
-+ *
-+ * Revision 1.9 2004/03/08 01:59:08 ken
-+ * freeswan.h -> openswan.h
-+ *
-+ * Revision 1.8 2003/12/10 01:20:19 mcr
-+ * NAT-traversal patches to KLIPS.
-+ *
-+ * Revision 1.7 2002/09/20 05:01:26 rgb
-+ * Fixed limit inclusion error in both type and ext string conversion.
-+ *
-+ * Revision 1.6 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.5 2002/04/24 07:36:40 mcr
-+ * Moved from ./lib/pfkey_v2_debug.c,v
-+ *
-+ * Revision 1.4 2002/01/29 22:25:36 rgb
-+ * Re-add ipsec_kversion.h to keep MALLOC happy.
-+ *
-+ * Revision 1.3 2002/01/29 01:59:09 mcr
-+ * removal of kversions.h - sources that needed it now use ipsec_param.h.
-+ * updating of IPv6 structures to match latest in6.h version.
-+ * removed dead code from openswan.h that also duplicated kversions.h
-+ * code.
-+ *
-+ * Revision 1.2 2002/01/20 20:34:50 mcr
-+ * added pfkey_v2_sadb_type_string to decode sadb_type to string.
-+ *
-+ * Revision 1.1 2001/11/27 05:30:06 mcr
-+ * initial set of debug strings for pfkey debugging.
-+ * this will eventually only be included for debug builds.
-+ *
-+ * Revision 1.1 2001/09/21 04:12:03 mcr
-+ * first compilable version.
-+ *
-+ *
-+ * Local variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/pfkey_v2_ext_bits.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,814 @@
-+/*
-+ * RFC2367 PF_KEYv2 Key management API message parser
-+ * Copyright (C) 1999, 2000, 2001 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: pfkey_v2_ext_bits.c,v 1.22 2005/05/11 01:45:31 mcr Exp $
-+ */
-+
-+/*
-+ * Template from klips/net/ipsec/ipsec/ipsec_parse.c.
-+ */
-+
-+char pfkey_v2_ext_bits_c_version[] = "$Id: pfkey_v2_ext_bits.c,v 1.22 2005/05/11 01:45:31 mcr Exp $";
-+
-+/*
-+ * Some ugly stuff to allow consistent debugging code for use in the
-+ * kernel and in user space
-+*/
-+
-+#ifdef __KERNEL__
-+
-+# include <linux/kernel.h> /* for printk */
-+
-+# include "openswan/ipsec_kversion.h" /* for malloc switch */
-+# ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+# else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+# endif /* MALLOC_SLAB */
-+# include <linux/errno.h> /* error codes */
-+# include <linux/types.h> /* size_t */
-+# include <linux/interrupt.h> /* mark_bh */
-+
-+# include <linux/netdevice.h> /* struct device, and other headers */
-+# include <linux/etherdevice.h> /* eth_type_trans */
-+# include <linux/ip.h> /* struct iphdr */
-+# if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
-+# include <linux/ipv6.h>
-+# endif /* defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) */
-+
-+#else /* __KERNEL__ */
-+
-+# include <sys/types.h>
-+# include <linux/types.h>
-+# include <linux/errno.h>
-+#endif
-+
-+#include <openswan.h>
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+unsigned int extensions_bitmaps[2/*in/out*/][2/*perm/req*/][SADB_EXTENSIONS_MAX] = {
-+
-+/* INBOUND EXTENSIONS */
-+{
-+
-+/* PERMITTED IN */
-+{
-+/* SADB_RESERVED */
-+0
-+,
-+/* SADB_GETSPI */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_ADDRESS_PROXY
-+| 1<<SADB_EXT_SPIRANGE
-+,
-+/* SADB_UPDATE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_LIFETIME_CURRENT
-+| 1<<SADB_EXT_LIFETIME_HARD
-+| 1<<SADB_EXT_LIFETIME_SOFT
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_ADDRESS_PROXY
-+| 1<<SADB_EXT_KEY_AUTH
-+| 1<<SADB_EXT_KEY_ENCRYPT
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_EXT_SENSITIVITY
-+| 1<<SADB_X_EXT_NAT_T_SPORT
-+| 1<<SADB_X_EXT_NAT_T_DPORT
-+,
-+/* SADB_ADD */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_LIFETIME_HARD
-+| 1<<SADB_EXT_LIFETIME_SOFT
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_ADDRESS_PROXY
-+| 1<<SADB_EXT_KEY_AUTH
-+| 1<<SADB_EXT_KEY_ENCRYPT
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_EXT_SENSITIVITY
-+| 1<<SADB_X_EXT_NAT_T_TYPE
-+| 1<<SADB_X_EXT_NAT_T_SPORT
-+| 1<<SADB_X_EXT_NAT_T_DPORT
-+| 1<<SADB_X_EXT_NAT_T_OA
-+,
-+/* SADB_DELETE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+,
-+/* SADB_GET */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+,
-+/* SADB_ACQUIRE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_ADDRESS_PROXY
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_EXT_SENSITIVITY
-+| 1<<SADB_EXT_PROPOSAL
-+,
-+/* SADB_REGISTER */
-+1<<SADB_EXT_RESERVED
-+,
-+/* SADB_EXPIRE */
-+0
-+,
-+/* SADB_FLUSH */
-+1<<SADB_EXT_RESERVED
-+,
-+/* SADB_DUMP */
-+1<<SADB_EXT_RESERVED
-+,
-+/* SADB_X_PROMISC */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_LIFETIME_CURRENT
-+| 1<<SADB_EXT_LIFETIME_HARD
-+| 1<<SADB_EXT_LIFETIME_SOFT
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_ADDRESS_PROXY
-+| 1<<SADB_EXT_KEY_AUTH
-+| 1<<SADB_EXT_KEY_ENCRYPT
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_EXT_SENSITIVITY
-+| 1<<SADB_EXT_PROPOSAL
-+| 1<<SADB_EXT_SUPPORTED_AUTH
-+| 1<<SADB_EXT_SUPPORTED_ENCRYPT
-+| 1<<SADB_EXT_SPIRANGE
-+| 1<<SADB_X_EXT_KMPRIVATE
-+| 1<<SADB_X_EXT_SATYPE2
-+| 1<<SADB_X_EXT_SA2
-+| 1<<SADB_X_EXT_ADDRESS_DST2
-+,
-+/* SADB_X_PCHANGE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_LIFETIME_CURRENT
-+| 1<<SADB_EXT_LIFETIME_HARD
-+| 1<<SADB_EXT_LIFETIME_SOFT
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_ADDRESS_PROXY
-+| 1<<SADB_EXT_KEY_AUTH
-+| 1<<SADB_EXT_KEY_ENCRYPT
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_EXT_SENSITIVITY
-+| 1<<SADB_EXT_PROPOSAL
-+| 1<<SADB_EXT_SUPPORTED_AUTH
-+| 1<<SADB_EXT_SUPPORTED_ENCRYPT
-+| 1<<SADB_EXT_SPIRANGE
-+| 1<<SADB_X_EXT_KMPRIVATE
-+| 1<<SADB_X_EXT_SATYPE2
-+| 1<<SADB_X_EXT_SA2
-+| 1<<SADB_X_EXT_ADDRESS_DST2
-+,
-+/* SADB_X_GRPSA */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_X_EXT_SATYPE2
-+| 1<<SADB_X_EXT_SA2
-+| 1<<SADB_X_EXT_ADDRESS_DST2
-+,
-+/* SADB_X_ADDFLOW */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_X_EXT_ADDRESS_SRC_FLOW
-+| 1<<SADB_X_EXT_ADDRESS_DST_FLOW
-+| 1<<SADB_X_EXT_ADDRESS_SRC_MASK
-+| 1<<SADB_X_EXT_ADDRESS_DST_MASK
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_X_EXT_PROTOCOL
-+,
-+/* SADB_X_DELFLOW */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_X_EXT_ADDRESS_SRC_FLOW
-+| 1<<SADB_X_EXT_ADDRESS_DST_FLOW
-+| 1<<SADB_X_EXT_ADDRESS_SRC_MASK
-+| 1<<SADB_X_EXT_ADDRESS_DST_MASK
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_X_EXT_PROTOCOL
-+,
-+/* SADB_X_DEBUG */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_X_EXT_DEBUG
-+,
-+/* SADB_X_NAT_T_NEW_MAPPING */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_X_EXT_NAT_T_SPORT
-+| 1<<SADB_X_EXT_NAT_T_DPORT
-+},
-+
-+/* REQUIRED IN */
-+{
-+/* SADB_RESERVED */
-+0
-+,
-+/* SADB_GETSPI */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_SPIRANGE
-+,
-+/* SADB_UPDATE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+/*| 1<<SADB_EXT_KEY_AUTH*/
-+/*| 1<<SADB_EXT_KEY_ENCRYPT*/
-+,
-+/* SADB_ADD */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+/*| 1<<SADB_EXT_KEY_AUTH*/
-+/*| 1<<SADB_EXT_KEY_ENCRYPT*/
-+,
-+/* SADB_DELETE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+,
-+/* SADB_GET */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+,
-+/* SADB_ACQUIRE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_PROPOSAL
-+,
-+/* SADB_REGISTER */
-+1<<SADB_EXT_RESERVED
-+,
-+/* SADB_EXPIRE */
-+0
-+,
-+/* SADB_FLUSH */
-+1<<SADB_EXT_RESERVED
-+,
-+/* SADB_DUMP */
-+1<<SADB_EXT_RESERVED
-+,
-+/* SADB_X_PROMISC */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_LIFETIME_CURRENT
-+| 1<<SADB_EXT_LIFETIME_HARD
-+| 1<<SADB_EXT_LIFETIME_SOFT
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_ADDRESS_PROXY
-+| 1<<SADB_EXT_KEY_AUTH
-+| 1<<SADB_EXT_KEY_ENCRYPT
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_EXT_SENSITIVITY
-+| 1<<SADB_EXT_PROPOSAL
-+| 1<<SADB_EXT_SUPPORTED_AUTH
-+| 1<<SADB_EXT_SUPPORTED_ENCRYPT
-+| 1<<SADB_EXT_SPIRANGE
-+| 1<<SADB_X_EXT_KMPRIVATE
-+| 1<<SADB_X_EXT_SATYPE2
-+| 1<<SADB_X_EXT_SA2
-+| 1<<SADB_X_EXT_ADDRESS_DST2
-+,
-+/* SADB_X_PCHANGE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_LIFETIME_CURRENT
-+| 1<<SADB_EXT_LIFETIME_HARD
-+| 1<<SADB_EXT_LIFETIME_SOFT
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_ADDRESS_PROXY
-+| 1<<SADB_EXT_KEY_AUTH
-+| 1<<SADB_EXT_KEY_ENCRYPT
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_EXT_SENSITIVITY
-+| 1<<SADB_EXT_PROPOSAL
-+| 1<<SADB_EXT_SUPPORTED_AUTH
-+| 1<<SADB_EXT_SUPPORTED_ENCRYPT
-+| 1<<SADB_EXT_SPIRANGE
-+| 1<<SADB_X_EXT_KMPRIVATE
-+| 1<<SADB_X_EXT_SATYPE2
-+| 1<<SADB_X_EXT_SA2
-+| 1<<SADB_X_EXT_ADDRESS_DST2
-+,
-+/* SADB_X_GRPSA */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_DST
-+/*| 1<<SADB_X_EXT_SATYPE2*/
-+/*| 1<<SADB_X_EXT_SA2*/
-+/*| 1<<SADB_X_EXT_ADDRESS_DST2*/
-+,
-+/* SADB_X_ADDFLOW */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_X_EXT_ADDRESS_SRC_FLOW
-+| 1<<SADB_X_EXT_ADDRESS_DST_FLOW
-+| 1<<SADB_X_EXT_ADDRESS_SRC_MASK
-+| 1<<SADB_X_EXT_ADDRESS_DST_MASK
-+,
-+/* SADB_X_DELFLOW */
-+1<<SADB_EXT_RESERVED
-+/*| 1<<SADB_EXT_SA*/
-+#if 0 /* SADB_X_CLREROUTE doesn't need all these... */
-+| 1<<SADB_X_EXT_ADDRESS_SRC_FLOW
-+| 1<<SADB_X_EXT_ADDRESS_DST_FLOW
-+| 1<<SADB_X_EXT_ADDRESS_SRC_MASK
-+| 1<<SADB_X_EXT_ADDRESS_DST_MASK
-+#endif
-+,
-+/* SADB_X_DEBUG */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_X_EXT_DEBUG
-+,
-+/* SADB_X_NAT_T_NEW_MAPPING */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_X_EXT_NAT_T_SPORT
-+| 1<<SADB_X_EXT_NAT_T_DPORT
-+}
-+
-+},
-+
-+/* OUTBOUND EXTENSIONS */
-+{
-+
-+/* PERMITTED OUT */
-+{
-+/* SADB_RESERVED */
-+0
-+,
-+/* SADB_GETSPI */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+,
-+/* SADB_UPDATE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_LIFETIME_CURRENT
-+| 1<<SADB_EXT_LIFETIME_HARD
-+| 1<<SADB_EXT_LIFETIME_SOFT
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_ADDRESS_PROXY
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_EXT_SENSITIVITY
-+| 1<<SADB_X_EXT_NAT_T_SPORT
-+| 1<<SADB_X_EXT_NAT_T_DPORT
-+,
-+/* SADB_ADD */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_LIFETIME_HARD
-+| 1<<SADB_EXT_LIFETIME_SOFT
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_EXT_SENSITIVITY
-+| 1<<SADB_X_EXT_NAT_T_TYPE
-+| 1<<SADB_X_EXT_NAT_T_SPORT
-+| 1<<SADB_X_EXT_NAT_T_DPORT
-+| 1<<SADB_X_EXT_NAT_T_OA
-+,
-+/* SADB_DELETE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+,
-+/* SADB_GET */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_LIFETIME_CURRENT
-+| 1<<SADB_EXT_LIFETIME_HARD
-+| 1<<SADB_EXT_LIFETIME_SOFT
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_ADDRESS_PROXY
-+| 1<<SADB_EXT_KEY_AUTH
-+| 1<<SADB_EXT_KEY_ENCRYPT
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_EXT_SENSITIVITY
-+| 1<<SADB_X_EXT_NAT_T_TYPE
-+| 1<<SADB_X_EXT_NAT_T_SPORT
-+| 1<<SADB_X_EXT_NAT_T_DPORT
-+| 1<<SADB_X_EXT_NAT_T_OA
-+,
-+/* SADB_ACQUIRE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_ADDRESS_PROXY
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_EXT_SENSITIVITY
-+| 1<<SADB_EXT_PROPOSAL
-+,
-+/* SADB_REGISTER */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SUPPORTED_AUTH
-+| 1<<SADB_EXT_SUPPORTED_ENCRYPT
-+,
-+/* SADB_EXPIRE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_LIFETIME_CURRENT
-+| 1<<SADB_EXT_LIFETIME_HARD
-+| 1<<SADB_EXT_LIFETIME_SOFT
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+,
-+/* SADB_FLUSH */
-+1<<SADB_EXT_RESERVED
-+,
-+/* SADB_DUMP */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_LIFETIME_CURRENT
-+| 1<<SADB_EXT_LIFETIME_HARD
-+| 1<<SADB_EXT_LIFETIME_SOFT
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_ADDRESS_PROXY
-+| 1<<SADB_EXT_KEY_AUTH
-+| 1<<SADB_EXT_KEY_ENCRYPT
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_EXT_SENSITIVITY
-+| 1<<SADB_X_EXT_NAT_T_TYPE
-+| 1<<SADB_X_EXT_NAT_T_SPORT
-+| 1<<SADB_X_EXT_NAT_T_DPORT
-+| 1<<SADB_X_EXT_NAT_T_OA
-+,
-+/* SADB_X_PROMISC */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_LIFETIME_CURRENT
-+| 1<<SADB_EXT_LIFETIME_HARD
-+| 1<<SADB_EXT_LIFETIME_SOFT
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_ADDRESS_PROXY
-+| 1<<SADB_EXT_KEY_AUTH
-+| 1<<SADB_EXT_KEY_ENCRYPT
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_EXT_SENSITIVITY
-+| 1<<SADB_EXT_PROPOSAL
-+| 1<<SADB_EXT_SUPPORTED_AUTH
-+| 1<<SADB_EXT_SUPPORTED_ENCRYPT
-+| 1<<SADB_EXT_SPIRANGE
-+| 1<<SADB_X_EXT_KMPRIVATE
-+| 1<<SADB_X_EXT_SATYPE2
-+| 1<<SADB_X_EXT_SA2
-+| 1<<SADB_X_EXT_ADDRESS_DST2
-+,
-+/* SADB_X_PCHANGE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_LIFETIME_CURRENT
-+| 1<<SADB_EXT_LIFETIME_HARD
-+| 1<<SADB_EXT_LIFETIME_SOFT
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_ADDRESS_PROXY
-+| 1<<SADB_EXT_KEY_AUTH
-+| 1<<SADB_EXT_KEY_ENCRYPT
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_EXT_SENSITIVITY
-+| 1<<SADB_EXT_PROPOSAL
-+| 1<<SADB_EXT_SUPPORTED_AUTH
-+| 1<<SADB_EXT_SUPPORTED_ENCRYPT
-+| 1<<SADB_EXT_SPIRANGE
-+| 1<<SADB_X_EXT_KMPRIVATE
-+| 1<<SADB_X_EXT_SATYPE2
-+| 1<<SADB_X_EXT_SA2
-+| 1<<SADB_X_EXT_ADDRESS_DST2
-+,
-+/* SADB_X_GRPSA */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_X_EXT_SATYPE2
-+| 1<<SADB_X_EXT_SA2
-+| 1<<SADB_X_EXT_ADDRESS_DST2
-+,
-+/* SADB_X_ADDFLOW */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_X_EXT_ADDRESS_SRC_FLOW
-+| 1<<SADB_X_EXT_ADDRESS_DST_FLOW
-+| 1<<SADB_X_EXT_ADDRESS_SRC_MASK
-+| 1<<SADB_X_EXT_ADDRESS_DST_MASK
-+| 1<<SADB_X_EXT_PROTOCOL
-+,
-+/* SADB_X_DELFLOW */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_X_EXT_ADDRESS_SRC_FLOW
-+| 1<<SADB_X_EXT_ADDRESS_DST_FLOW
-+| 1<<SADB_X_EXT_ADDRESS_SRC_MASK
-+| 1<<SADB_X_EXT_ADDRESS_DST_MASK
-+| 1<<SADB_X_EXT_PROTOCOL
-+,
-+/* SADB_X_DEBUG */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_X_EXT_DEBUG
-+,
-+/* SADB_X_NAT_T_NEW_MAPPING */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_X_EXT_NAT_T_SPORT
-+| 1<<SADB_X_EXT_NAT_T_DPORT
-+},
-+
-+/* REQUIRED OUT */
-+{
-+/* SADB_RESERVED */
-+0
-+,
-+/* SADB_GETSPI */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+,
-+/* SADB_UPDATE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+,
-+/* SADB_ADD */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+,
-+/* SADB_DELETE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+,
-+/* SADB_GET */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+/* | 1<<SADB_EXT_KEY_AUTH */
-+/* | 1<<SADB_EXT_KEY_ENCRYPT */
-+,
-+/* SADB_ACQUIRE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_PROPOSAL
-+,
-+/* SADB_REGISTER */
-+1<<SADB_EXT_RESERVED
-+/* | 1<<SADB_EXT_SUPPORTED_AUTH
-+ | 1<<SADB_EXT_SUPPORTED_ENCRYPT */
-+,
-+/* SADB_EXPIRE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_LIFETIME_CURRENT
-+/* | 1<<SADB_EXT_LIFETIME_HARD
-+ | 1<<SADB_EXT_LIFETIME_SOFT */
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+,
-+/* SADB_FLUSH */
-+1<<SADB_EXT_RESERVED
-+,
-+/* SADB_DUMP */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_KEY_AUTH
-+| 1<<SADB_EXT_KEY_ENCRYPT
-+,
-+/* SADB_X_PROMISC */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_LIFETIME_CURRENT
-+| 1<<SADB_EXT_LIFETIME_HARD
-+| 1<<SADB_EXT_LIFETIME_SOFT
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_ADDRESS_PROXY
-+| 1<<SADB_EXT_KEY_AUTH
-+| 1<<SADB_EXT_KEY_ENCRYPT
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_EXT_SENSITIVITY
-+| 1<<SADB_EXT_PROPOSAL
-+| 1<<SADB_EXT_SUPPORTED_AUTH
-+| 1<<SADB_EXT_SUPPORTED_ENCRYPT
-+| 1<<SADB_EXT_SPIRANGE
-+| 1<<SADB_X_EXT_KMPRIVATE
-+| 1<<SADB_X_EXT_SATYPE2
-+| 1<<SADB_X_EXT_SA2
-+| 1<<SADB_X_EXT_ADDRESS_DST2
-+,
-+/* SADB_X_PCHANGE */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_LIFETIME_CURRENT
-+| 1<<SADB_EXT_LIFETIME_HARD
-+| 1<<SADB_EXT_LIFETIME_SOFT
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_EXT_ADDRESS_PROXY
-+| 1<<SADB_EXT_KEY_AUTH
-+| 1<<SADB_EXT_KEY_ENCRYPT
-+| 1<<SADB_EXT_IDENTITY_SRC
-+| 1<<SADB_EXT_IDENTITY_DST
-+| 1<<SADB_EXT_SENSITIVITY
-+| 1<<SADB_EXT_PROPOSAL
-+| 1<<SADB_EXT_SUPPORTED_AUTH
-+| 1<<SADB_EXT_SUPPORTED_ENCRYPT
-+| 1<<SADB_EXT_SPIRANGE
-+| 1<<SADB_X_EXT_KMPRIVATE
-+| 1<<SADB_X_EXT_SATYPE2
-+| 1<<SADB_X_EXT_SA2
-+| 1<<SADB_X_EXT_ADDRESS_DST2
-+,
-+/* SADB_X_GRPSA */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_DST
-+,
-+/* SADB_X_ADDFLOW */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_X_EXT_ADDRESS_SRC_FLOW
-+| 1<<SADB_X_EXT_ADDRESS_DST_FLOW
-+| 1<<SADB_X_EXT_ADDRESS_SRC_MASK
-+| 1<<SADB_X_EXT_ADDRESS_DST_MASK
-+,
-+/* SADB_X_DELFLOW */
-+1<<SADB_EXT_RESERVED
-+/*| 1<<SADB_EXT_SA*/
-+| 1<<SADB_X_EXT_ADDRESS_SRC_FLOW
-+| 1<<SADB_X_EXT_ADDRESS_DST_FLOW
-+| 1<<SADB_X_EXT_ADDRESS_SRC_MASK
-+| 1<<SADB_X_EXT_ADDRESS_DST_MASK
-+,
-+/* SADB_X_DEBUG */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_X_EXT_DEBUG
-+,
-+/* SADB_X_NAT_T_NEW_MAPPING */
-+1<<SADB_EXT_RESERVED
-+| 1<<SADB_EXT_SA
-+| 1<<SADB_EXT_ADDRESS_SRC
-+| 1<<SADB_EXT_ADDRESS_DST
-+| 1<<SADB_X_EXT_NAT_T_SPORT
-+| 1<<SADB_X_EXT_NAT_T_DPORT
-+}
-+}
-+};
-+
-+/*
-+ * $Log: pfkey_v2_ext_bits.c,v $
-+ * Revision 1.22 2005/05/11 01:45:31 mcr
-+ * make pfkey.h standalone.
-+ *
-+ * Revision 1.21 2004/07/10 07:48:36 mcr
-+ * Moved from linux/lib/libfreeswan/pfkey_v2_ext_bits.c,v
-+ *
-+ * Revision 1.20 2004/03/08 01:59:08 ken
-+ * freeswan.h -> openswan.h
-+ *
-+ * Revision 1.19 2003/12/22 21:38:13 mcr
-+ * removed extraenous #endif.
-+ *
-+ * Revision 1.18 2003/12/22 19:34:41 mcr
-+ * added 0.6c NAT-T patch.
-+ *
-+ * Revision 1.17 2003/12/10 01:20:19 mcr
-+ * NAT-traversal patches to KLIPS.
-+ *
-+ * Revision 1.16 2003/10/31 02:27:12 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.15.30.1 2003/09/21 13:59:44 mcr
-+ * pre-liminary X.509 patch - does not yet pass tests.
-+ *
-+ * Revision 1.15 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.14 2002/04/24 07:36:40 mcr
-+ * Moved from ./lib/pfkey_v2_ext_bits.c,v
-+ *
-+ * Revision 1.13 2002/01/29 22:25:36 rgb
-+ * Re-add ipsec_kversion.h to keep MALLOC happy.
-+ *
-+ * Revision 1.12 2002/01/29 01:59:10 mcr
-+ * removal of kversions.h - sources that needed it now use ipsec_param.h.
-+ * updating of IPv6 structures to match latest in6.h version.
-+ * removed dead code from openswan.h that also duplicated kversions.h
-+ * code.
-+ *
-+ * Revision 1.11 2001/10/18 04:45:24 rgb
-+ * 2.4.9 kernel deprecates linux/malloc.h in favour of linux/slab.h,
-+ * lib/openswan.h version macros moved to lib/kversions.h.
-+ * Other compiler directive cleanups.
-+ *
-+ * Revision 1.10 2001/09/08 21:13:35 rgb
-+ * Added pfkey ident extension support for ISAKMPd. (NetCelo)
-+ *
-+ * Revision 1.9 2001/06/14 19:35:16 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.8 2001/03/26 23:07:36 rgb
-+ * Remove requirement for auth and enc key from UPDATE.
-+ *
-+ * Revision 1.7 2000/09/12 22:35:37 rgb
-+ * Restructured to remove unused extensions from CLEARFLOW messages.
-+ *
-+ * Revision 1.6 2000/09/09 06:39:01 rgb
-+ * Added comments for clarity.
-+ *
-+ * Revision 1.5 2000/06/02 22:54:14 rgb
-+ * Added Gerhard Gessler's struct sockaddr_storage mods for IPv6 support.
-+ *
-+ * Revision 1.4 2000/01/21 06:27:56 rgb
-+ * Added address cases for eroute flows.
-+ * Added comments for each message type.
-+ * Added klipsdebug switching capability.
-+ * Fixed GRPSA bitfields.
-+ *
-+ * Revision 1.3 1999/12/01 22:20:27 rgb
-+ * Remove requirement for a proxy address in an incoming getspi message.
-+ *
-+ * Revision 1.2 1999/11/27 11:57:06 rgb
-+ * Consolidated the 4 1-d extension bitmap arrays into one 4-d array.
-+ * Add CVS log entry to bottom of file.
-+ * Cleaned out unused bits.
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/pfkey_v2_ext_process.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,951 @@
-+/*
-+ * @(#) RFC2367 PF_KEYv2 Key management API message parser
-+ * Copyright (C) 1998-2003 Richard Guy Briggs.
-+ * Copyright (C) 2004 Michael Richardson <mcr@xelerance.com>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: pfkey_v2_ext_process.c,v 1.20.2.2 2006/10/06 21:39:26 paul Exp $
-+ */
-+
-+/*
-+ * Template from klips/net/ipsec/ipsec/ipsec_netlink.c.
-+ */
-+
-+char pfkey_v2_ext_process_c_version[] = "$Id: pfkey_v2_ext_process.c,v 1.20.2.2 2006/10/06 21:39:26 paul Exp $";
-+
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "openswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/interrupt.h> /* mark_bh */
-+
-+#include <linux/netdevice.h> /* struct device, and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+#include <linux/skbuff.h>
-+
-+#include <openswan.h>
-+
-+#include <crypto/des.h>
-+
-+#ifdef SPINLOCK
-+# ifdef SPINLOCK_23
-+# include <linux/spinlock.h> /* *lock* */
-+# else /* SPINLOCK_23 */
-+# include <asm/spinlock.h> /* *lock* */
-+# endif /* SPINLOCK_23 */
-+#endif /* SPINLOCK */
-+#ifdef NET_21
-+# include <linux/in6.h>
-+# define ip_chk_addr inet_addr_type
-+# define IS_MYADDR RTN_LOCAL
-+#endif
-+
-+#include <net/ip.h>
-+#ifdef NETLINK_SOCK
-+# include <linux/netlink.h>
-+#else
-+# include <net/netlink.h>
-+#endif
-+
-+#include <linux/random.h> /* get_random_bytes() */
-+
-+#include "openswan/radij.h"
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_sa.h"
-+
-+#include "openswan/ipsec_radij.h"
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_ah.h"
-+#include "openswan/ipsec_esp.h"
-+#include "openswan/ipsec_tunnel.h"
-+#include "openswan/ipsec_rcv.h"
-+#include "openswan/ipcomp.h"
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+#include "openswan/ipsec_proto.h"
-+#include "openswan/ipsec_alg.h"
-+
-+#define SENDERR(_x) do { error = -(_x); goto errlab; } while (0)
-+
-+int
-+pfkey_sa_process(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr)
-+{
-+ struct sadb_sa *pfkey_sa = (struct sadb_sa *)pfkey_ext;
-+ int error = 0;
-+ struct ipsec_sa* ipsp;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sa_process: .\n");
-+
-+ if(!extr || !extr->ips) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sa_process: "
-+ "extr or extr->ips is NULL, fatal\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ switch(pfkey_ext->sadb_ext_type) {
-+ case SADB_EXT_SA:
-+ ipsp = extr->ips;
-+ break;
-+ case SADB_X_EXT_SA2:
-+ if(extr->ips2 == NULL) {
-+ extr->ips2 = ipsec_sa_alloc(&error); /* pass error var by pointer */
-+ }
-+ if(extr->ips2 == NULL) {
-+ SENDERR(-error);
-+ }
-+ ipsp = extr->ips2;
-+ break;
-+ default:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sa_process: "
-+ "invalid exttype=%d.\n",
-+ pfkey_ext->sadb_ext_type);
-+ SENDERR(EINVAL);
-+ }
-+
-+ ipsp->ips_said.spi = pfkey_sa->sadb_sa_spi;
-+ ipsp->ips_replaywin = pfkey_sa->sadb_sa_replay;
-+ ipsp->ips_state = pfkey_sa->sadb_sa_state;
-+ ipsp->ips_flags = pfkey_sa->sadb_sa_flags;
-+ ipsp->ips_replaywin_lastseq = ipsp->ips_replaywin_bitmap = 0;
-+ ipsp->ips_ref_rel = pfkey_sa->sadb_x_sa_ref;
-+
-+ switch(ipsp->ips_said.proto) {
-+ case IPPROTO_AH:
-+ ipsp->ips_authalg = pfkey_sa->sadb_sa_auth;
-+ ipsp->ips_encalg = SADB_EALG_NONE;
-+ break;
-+ case IPPROTO_ESP:
-+ ipsp->ips_authalg = pfkey_sa->sadb_sa_auth;
-+ ipsp->ips_encalg = pfkey_sa->sadb_sa_encrypt;
-+ ipsec_alg_sa_init(ipsp);
-+ break;
-+ case IPPROTO_IPIP:
-+ ipsp->ips_authalg = AH_NONE;
-+ ipsp->ips_encalg = ESP_NONE;
-+ break;
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ case IPPROTO_COMP:
-+ ipsp->ips_authalg = AH_NONE;
-+ ipsp->ips_encalg = pfkey_sa->sadb_sa_encrypt;
-+ break;
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+ case IPPROTO_INT:
-+ ipsp->ips_authalg = AH_NONE;
-+ ipsp->ips_encalg = ESP_NONE;
-+ break;
-+ case 0:
-+ break;
-+ default:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sa_process: "
-+ "unknown proto=%d.\n",
-+ ipsp->ips_said.proto);
-+ SENDERR(EINVAL);
-+ }
-+
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_lifetime_process(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+ struct sadb_lifetime *pfkey_lifetime = (struct sadb_lifetime *)pfkey_ext;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_lifetime_process: .\n");
-+
-+ if(!extr || !extr->ips) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_lifetime_process: "
-+ "extr or extr->ips is NULL, fatal\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ switch(pfkey_lifetime->sadb_lifetime_exttype) {
-+ case SADB_EXT_LIFETIME_CURRENT:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_lifetime_process: "
-+ "lifetime_current not supported yet.\n");
-+ SENDERR(EINVAL);
-+ break;
-+ case SADB_EXT_LIFETIME_HARD:
-+ ipsec_lifetime_update_hard(&extr->ips->ips_life.ipl_allocations,
-+ pfkey_lifetime->sadb_lifetime_allocations);
-+
-+ ipsec_lifetime_update_hard(&extr->ips->ips_life.ipl_bytes,
-+ pfkey_lifetime->sadb_lifetime_bytes);
-+
-+ ipsec_lifetime_update_hard(&extr->ips->ips_life.ipl_addtime,
-+ pfkey_lifetime->sadb_lifetime_addtime);
-+
-+ ipsec_lifetime_update_hard(&extr->ips->ips_life.ipl_usetime,
-+ pfkey_lifetime->sadb_lifetime_usetime);
-+
-+ break;
-+
-+ case SADB_EXT_LIFETIME_SOFT:
-+ ipsec_lifetime_update_soft(&extr->ips->ips_life.ipl_allocations,
-+ pfkey_lifetime->sadb_lifetime_allocations);
-+
-+ ipsec_lifetime_update_soft(&extr->ips->ips_life.ipl_bytes,
-+ pfkey_lifetime->sadb_lifetime_bytes);
-+
-+ ipsec_lifetime_update_soft(&extr->ips->ips_life.ipl_addtime,
-+ pfkey_lifetime->sadb_lifetime_addtime);
-+
-+ ipsec_lifetime_update_soft(&extr->ips->ips_life.ipl_usetime,
-+ pfkey_lifetime->sadb_lifetime_usetime);
-+
-+ break;
-+ default:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_lifetime_process: "
-+ "invalid exttype=%d.\n",
-+ pfkey_ext->sadb_ext_type);
-+ SENDERR(EINVAL);
-+ }
-+
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_address_process(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+ int saddr_len = 0;
-+ char ipaddr_txt[ADDRTOA_BUF];
-+ unsigned char **sap;
-+ unsigned short * portp = 0;
-+ struct sadb_address *pfkey_address = (struct sadb_address *)pfkey_ext;
-+ struct sockaddr* s = (struct sockaddr*)((char*)pfkey_address + sizeof(*pfkey_address));
-+ struct ipsec_sa* ipsp;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process:\n");
-+
-+ if(!extr || !extr->ips) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "extr or extr->ips is NULL, fatal\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ switch(s->sa_family) {
-+ case AF_INET:
-+ saddr_len = sizeof(struct sockaddr_in);
-+ addrtoa(((struct sockaddr_in*)s)->sin_addr, 0, ipaddr_txt, sizeof(ipaddr_txt));
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "found address family=%d, AF_INET, %s.\n",
-+ s->sa_family,
-+ ipaddr_txt);
-+ break;
-+#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
-+ case AF_INET6:
-+ saddr_len = sizeof(struct sockaddr_in6);
-+ break;
-+#endif /* defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) */
-+ default:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "s->sa_family=%d not supported.\n",
-+ s->sa_family);
-+ SENDERR(EPFNOSUPPORT);
-+ }
-+
-+ switch(pfkey_address->sadb_address_exttype) {
-+ case SADB_EXT_ADDRESS_SRC:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "found src address.\n");
-+ sap = (unsigned char **)&(extr->ips->ips_addr_s);
-+ extr->ips->ips_addr_s_size = saddr_len;
-+ break;
-+ case SADB_EXT_ADDRESS_DST:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "found dst address.\n");
-+ sap = (unsigned char **)&(extr->ips->ips_addr_d);
-+ extr->ips->ips_addr_d_size = saddr_len;
-+ break;
-+ case SADB_EXT_ADDRESS_PROXY:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "found proxy address.\n");
-+ sap = (unsigned char **)&(extr->ips->ips_addr_p);
-+ extr->ips->ips_addr_p_size = saddr_len;
-+ break;
-+ case SADB_X_EXT_ADDRESS_DST2:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "found 2nd dst address.\n");
-+ if(extr->ips2 == NULL) {
-+ extr->ips2 = ipsec_sa_alloc(&error); /* pass error var by pointer */
-+ }
-+ if(extr->ips2 == NULL) {
-+ SENDERR(-error);
-+ }
-+ sap = (unsigned char **)&(extr->ips2->ips_addr_d);
-+ extr->ips2->ips_addr_d_size = saddr_len;
-+ break;
-+ case SADB_X_EXT_ADDRESS_SRC_FLOW:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "found src flow address.\n");
-+ if(pfkey_alloc_eroute(&(extr->eroute)) == ENOMEM) {
-+ SENDERR(ENOMEM);
-+ }
-+ sap = (unsigned char **)&(extr->eroute->er_eaddr.sen_ip_src);
-+ portp = &(extr->eroute->er_eaddr.sen_sport);
-+ break;
-+ case SADB_X_EXT_ADDRESS_DST_FLOW:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "found dst flow address.\n");
-+ if(pfkey_alloc_eroute(&(extr->eroute)) == ENOMEM) {
-+ SENDERR(ENOMEM);
-+ }
-+ sap = (unsigned char **)&(extr->eroute->er_eaddr.sen_ip_dst);
-+ portp = &(extr->eroute->er_eaddr.sen_dport);
-+ break;
-+ case SADB_X_EXT_ADDRESS_SRC_MASK:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "found src mask address.\n");
-+ if(pfkey_alloc_eroute(&(extr->eroute)) == ENOMEM) {
-+ SENDERR(ENOMEM);
-+ }
-+ sap = (unsigned char **)&(extr->eroute->er_emask.sen_ip_src);
-+ portp = &(extr->eroute->er_emask.sen_sport);
-+ break;
-+ case SADB_X_EXT_ADDRESS_DST_MASK:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "found dst mask address.\n");
-+ if(pfkey_alloc_eroute(&(extr->eroute)) == ENOMEM) {
-+ SENDERR(ENOMEM);
-+ }
-+ sap = (unsigned char **)&(extr->eroute->er_emask.sen_ip_dst);
-+ portp = &(extr->eroute->er_emask.sen_dport);
-+ break;
-+#ifdef NAT_TRAVERSAL
-+ case SADB_X_EXT_NAT_T_OA:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "found NAT-OA address.\n");
-+ sap = (unsigned char **)&(extr->ips->ips_natt_oa);
-+ extr->ips->ips_natt_oa_size = saddr_len;
-+ break;
-+#endif
-+ default:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "unrecognised ext_type=%d.\n",
-+ pfkey_address->sadb_address_exttype);
-+ SENDERR(EINVAL);
-+ }
-+
-+ switch(pfkey_address->sadb_address_exttype) {
-+ case SADB_EXT_ADDRESS_SRC:
-+ case SADB_EXT_ADDRESS_DST:
-+ case SADB_EXT_ADDRESS_PROXY:
-+ case SADB_X_EXT_ADDRESS_DST2:
-+#ifdef NAT_TRAVERSAL
-+ case SADB_X_EXT_NAT_T_OA:
-+#endif
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "allocating %d bytes for saddr.\n",
-+ saddr_len);
-+ if(!(*sap = kmalloc(saddr_len, GFP_KERNEL))) {
-+ SENDERR(ENOMEM);
-+ }
-+ memcpy(*sap, s, saddr_len);
-+ break;
-+ default:
-+ if(s->sa_family != AF_INET) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "s->sa_family=%d not supported.\n",
-+ s->sa_family);
-+ SENDERR(EPFNOSUPPORT);
-+ }
-+ {
-+ unsigned long *ulsap = (unsigned long *)sap;
-+ *ulsap = ((struct sockaddr_in*)s)->sin_addr.s_addr;
-+ }
-+
-+ if (portp != 0)
-+ *portp = ((struct sockaddr_in*)s)->sin_port;
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(extr->eroute) {
-+ char buf1[64], buf2[64];
-+ if (debug_pfkey) {
-+ subnettoa(extr->eroute->er_eaddr.sen_ip_src,
-+ extr->eroute->er_emask.sen_ip_src, 0, buf1, sizeof(buf1));
-+ subnettoa(extr->eroute->er_eaddr.sen_ip_dst,
-+ extr->eroute->er_emask.sen_ip_dst, 0, buf2, sizeof(buf2));
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_parse: "
-+ "extr->eroute set to %s:%d->%s:%d\n",
-+ buf1,
-+ ntohs(extr->eroute->er_eaddr.sen_sport),
-+ buf2,
-+ ntohs(extr->eroute->er_eaddr.sen_dport));
-+ }
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ }
-+
-+ ipsp = extr->ips;
-+ switch(pfkey_address->sadb_address_exttype) {
-+ case SADB_X_EXT_ADDRESS_DST2:
-+ ipsp = extr->ips2;
-+ case SADB_EXT_ADDRESS_DST:
-+ if(s->sa_family == AF_INET) {
-+ ipsp->ips_said.dst.u.v4.sin_addr.s_addr = ((struct sockaddr_in*)(ipsp->ips_addr_d))->sin_addr.s_addr;
-+ ipsp->ips_said.dst.u.v4.sin_family = AF_INET;
-+ addrtoa(((struct sockaddr_in*)(ipsp->ips_addr_d))->sin_addr,
-+ 0,
-+ ipaddr_txt,
-+ sizeof(ipaddr_txt));
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "ips_said.dst set to %s.\n",
-+ ipaddr_txt);
-+ } else {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: "
-+ "uh, ips_said.dst doesn't do address family=%d yet, said will be invalid.\n",
-+ s->sa_family);
-+ }
-+ default:
-+ break;
-+ }
-+
-+ /* XXX check if port!=0 */
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_address_process: successful.\n");
-+ errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_key_process(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+ struct sadb_key *pfkey_key = (struct sadb_key *)pfkey_ext;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_key_process: .\n");
-+
-+ if(!extr || !extr->ips) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_key_process: "
-+ "extr or extr->ips is NULL, fatal\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ switch(pfkey_key->sadb_key_exttype) {
-+ case SADB_EXT_KEY_AUTH:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_key_process: "
-+ "allocating %d bytes for authkey.\n",
-+ DIVUP(pfkey_key->sadb_key_bits, 8));
-+ if(!(extr->ips->ips_key_a = kmalloc(DIVUP(pfkey_key->sadb_key_bits, 8), GFP_KERNEL))) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_key_process: "
-+ "memory allocation error.\n");
-+ SENDERR(ENOMEM);
-+ }
-+ extr->ips->ips_key_bits_a = pfkey_key->sadb_key_bits;
-+ extr->ips->ips_key_a_size = DIVUP(pfkey_key->sadb_key_bits, 8);
-+ memcpy(extr->ips->ips_key_a,
-+ (char*)pfkey_key + sizeof(struct sadb_key),
-+ extr->ips->ips_key_a_size);
-+ break;
-+ case SADB_EXT_KEY_ENCRYPT: /* Key(s) */
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_key_process: "
-+ "allocating %d bytes for enckey.\n",
-+ DIVUP(pfkey_key->sadb_key_bits, 8));
-+ if(!(extr->ips->ips_key_e = kmalloc(DIVUP(pfkey_key->sadb_key_bits, 8), GFP_KERNEL))) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_key_process: "
-+ "memory allocation error.\n");
-+ SENDERR(ENOMEM);
-+ }
-+ extr->ips->ips_key_bits_e = pfkey_key->sadb_key_bits;
-+ extr->ips->ips_key_e_size = DIVUP(pfkey_key->sadb_key_bits, 8);
-+ memcpy(extr->ips->ips_key_e,
-+ (char*)pfkey_key + sizeof(struct sadb_key),
-+ extr->ips->ips_key_e_size);
-+ break;
-+ default:
-+ SENDERR(EINVAL);
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_key_process: "
-+ "success.\n");
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_ident_process(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+ struct sadb_ident *pfkey_ident = (struct sadb_ident *)pfkey_ext;
-+ int data_len;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_ident_process: .\n");
-+
-+ if(!extr || !extr->ips) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_ident_process: "
-+ "extr or extr->ips is NULL, fatal\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ switch(pfkey_ident->sadb_ident_exttype) {
-+ case SADB_EXT_IDENTITY_SRC:
-+ data_len = pfkey_ident->sadb_ident_len * IPSEC_PFKEYv2_ALIGN - sizeof(struct sadb_ident);
-+
-+ extr->ips->ips_ident_s.type = pfkey_ident->sadb_ident_type;
-+ extr->ips->ips_ident_s.id = pfkey_ident->sadb_ident_id;
-+ extr->ips->ips_ident_s.len = pfkey_ident->sadb_ident_len;
-+ if(data_len) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_ident_process: "
-+ "allocating %d bytes for ident_s.\n",
-+ data_len);
-+ if(!(extr->ips->ips_ident_s.data
-+ = kmalloc(data_len, GFP_KERNEL))) {
-+ SENDERR(ENOMEM);
-+ }
-+ memcpy(extr->ips->ips_ident_s.data,
-+ (char*)pfkey_ident + sizeof(struct sadb_ident),
-+ data_len);
-+ } else {
-+ extr->ips->ips_ident_s.data = NULL;
-+ }
-+ break;
-+ case SADB_EXT_IDENTITY_DST: /* Identity(ies) */
-+ data_len = pfkey_ident->sadb_ident_len * IPSEC_PFKEYv2_ALIGN - sizeof(struct sadb_ident);
-+
-+ extr->ips->ips_ident_d.type = pfkey_ident->sadb_ident_type;
-+ extr->ips->ips_ident_d.id = pfkey_ident->sadb_ident_id;
-+ extr->ips->ips_ident_d.len = pfkey_ident->sadb_ident_len;
-+ if(data_len) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_ident_process: "
-+ "allocating %d bytes for ident_d.\n",
-+ data_len);
-+ if(!(extr->ips->ips_ident_d.data
-+ = kmalloc(data_len, GFP_KERNEL))) {
-+ SENDERR(ENOMEM);
-+ }
-+ memcpy(extr->ips->ips_ident_d.data,
-+ (char*)pfkey_ident + sizeof(struct sadb_ident),
-+ data_len);
-+ } else {
-+ extr->ips->ips_ident_d.data = NULL;
-+ }
-+ break;
-+ default:
-+ SENDERR(EINVAL);
-+ }
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_sens_process(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_sens_process: "
-+ "Sorry, I can't process exttype=%d yet.\n",
-+ pfkey_ext->sadb_ext_type);
-+ SENDERR(EINVAL); /* don't process these yet */
-+ errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_prop_process(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_prop_process: "
-+ "Sorry, I can't process exttype=%d yet.\n",
-+ pfkey_ext->sadb_ext_type);
-+ SENDERR(EINVAL); /* don't process these yet */
-+
-+ errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_supported_process(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_supported_process: "
-+ "Sorry, I can't process exttype=%d yet.\n",
-+ pfkey_ext->sadb_ext_type);
-+ SENDERR(EINVAL); /* don't process these yet */
-+
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_spirange_process(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_spirange_process: .\n");
-+/* errlab: */
-+ return error;
-+}
-+
-+int
-+pfkey_x_kmprivate_process(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_kmprivate_process: "
-+ "Sorry, I can't process exttype=%d yet.\n",
-+ pfkey_ext->sadb_ext_type);
-+ SENDERR(EINVAL); /* don't process these yet */
-+
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_x_satype_process(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+ struct sadb_x_satype *pfkey_x_satype = (struct sadb_x_satype *)pfkey_ext;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_satype_process: .\n");
-+
-+ if(!extr || !extr->ips) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_satype_process: "
-+ "extr or extr->ips is NULL, fatal\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(extr->ips2 == NULL) {
-+ extr->ips2 = ipsec_sa_alloc(&error); /* pass error var by pointer */
-+ }
-+ if(extr->ips2 == NULL) {
-+ SENDERR(-error);
-+ }
-+ if(!(extr->ips2->ips_said.proto = satype2proto(pfkey_x_satype->sadb_x_satype_satype))) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_satype_process: "
-+ "proto lookup from satype=%d failed.\n",
-+ pfkey_x_satype->sadb_x_satype_satype);
-+ SENDERR(EINVAL);
-+ }
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_satype_process: "
-+ "protocol==%d decoded from satype==%d(%s).\n",
-+ extr->ips2->ips_said.proto,
-+ pfkey_x_satype->sadb_x_satype_satype,
-+ satype2name(pfkey_x_satype->sadb_x_satype_satype));
-+
-+errlab:
-+ return error;
-+}
-+
-+
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+int
-+pfkey_x_nat_t_type_process(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+ struct sadb_x_nat_t_type *pfkey_x_nat_t_type = (struct sadb_x_nat_t_type *)pfkey_ext;
-+
-+ if(!pfkey_x_nat_t_type) {
-+ printk("klips_debug:pfkey_x_nat_t_type_process: "
-+ "null pointer passed in\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_nat_t_type_process: %d.\n",
-+ pfkey_x_nat_t_type->sadb_x_nat_t_type_type);
-+
-+ if(!extr || !extr->ips) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_nat_t_type_process: "
-+ "extr or extr->ips is NULL, fatal\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ switch(pfkey_x_nat_t_type->sadb_x_nat_t_type_type) {
-+ case ESPINUDP_WITH_NON_IKE: /* with Non-IKE (older version) */
-+ case ESPINUDP_WITH_NON_ESP: /* with Non-ESP */
-+
-+ extr->ips->ips_natt_type = pfkey_x_nat_t_type->sadb_x_nat_t_type_type;
-+ break;
-+ default:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_nat_t_type_process: "
-+ "unknown type %d.\n",
-+ pfkey_x_nat_t_type->sadb_x_nat_t_type_type);
-+ SENDERR(EINVAL);
-+ break;
-+ }
-+
-+errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_x_nat_t_port_process(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+ struct sadb_x_nat_t_port *pfkey_x_nat_t_port = (struct sadb_x_nat_t_port *)pfkey_ext;
-+
-+ if(!pfkey_x_nat_t_port) {
-+ printk("klips_debug:pfkey_x_nat_t_port_process: "
-+ "null pointer passed in\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_nat_t_port_process: %d/%d.\n",
-+ pfkey_x_nat_t_port->sadb_x_nat_t_port_exttype,
-+ pfkey_x_nat_t_port->sadb_x_nat_t_port_port);
-+
-+ if(!extr || !extr->ips) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_nat_t_type_process: "
-+ "extr or extr->ips is NULL, fatal\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ switch(pfkey_x_nat_t_port->sadb_x_nat_t_port_exttype) {
-+ case SADB_X_EXT_NAT_T_SPORT:
-+ extr->ips->ips_natt_sport = pfkey_x_nat_t_port->sadb_x_nat_t_port_port;
-+ break;
-+ case SADB_X_EXT_NAT_T_DPORT:
-+ extr->ips->ips_natt_dport = pfkey_x_nat_t_port->sadb_x_nat_t_port_port;
-+ break;
-+ default:
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_nat_t_port_process: "
-+ "unknown exttype %d.\n",
-+ pfkey_x_nat_t_port->sadb_x_nat_t_port_exttype);
-+ SENDERR(EINVAL);
-+ break;
-+ }
-+
-+errlab:
-+ return error;
-+}
-+#endif
-+
-+int
-+pfkey_x_debug_process(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+ struct sadb_x_debug *pfkey_x_debug = (struct sadb_x_debug *)pfkey_ext;
-+
-+ if(!pfkey_x_debug) {
-+ printk("klips_debug:pfkey_x_debug_process: "
-+ "null pointer passed in\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_debug_process: .\n");
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(pfkey_x_debug->sadb_x_debug_netlink >>
-+ (sizeof(pfkey_x_debug->sadb_x_debug_netlink) * 8 - 1)) {
-+ pfkey_x_debug->sadb_x_debug_netlink &=
-+ ~(1 << (sizeof(pfkey_x_debug->sadb_x_debug_netlink) * 8 -1));
-+ debug_tunnel |= pfkey_x_debug->sadb_x_debug_tunnel;
-+ debug_netlink |= pfkey_x_debug->sadb_x_debug_netlink;
-+ debug_xform |= pfkey_x_debug->sadb_x_debug_xform;
-+ debug_eroute |= pfkey_x_debug->sadb_x_debug_eroute;
-+ debug_spi |= pfkey_x_debug->sadb_x_debug_spi;
-+ debug_radij |= pfkey_x_debug->sadb_x_debug_radij;
-+ debug_esp |= pfkey_x_debug->sadb_x_debug_esp;
-+ debug_ah |= pfkey_x_debug->sadb_x_debug_ah;
-+ debug_rcv |= pfkey_x_debug->sadb_x_debug_rcv;
-+ debug_pfkey |= pfkey_x_debug->sadb_x_debug_pfkey;
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ sysctl_ipsec_debug_ipcomp |= pfkey_x_debug->sadb_x_debug_ipcomp;
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+ sysctl_ipsec_debug_verbose |= pfkey_x_debug->sadb_x_debug_verbose;
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_debug_process: "
-+ "set\n");
-+ } else {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_debug_process: "
-+ "unset\n");
-+ debug_tunnel &= pfkey_x_debug->sadb_x_debug_tunnel;
-+ debug_netlink &= pfkey_x_debug->sadb_x_debug_netlink;
-+ debug_xform &= pfkey_x_debug->sadb_x_debug_xform;
-+ debug_eroute &= pfkey_x_debug->sadb_x_debug_eroute;
-+ debug_spi &= pfkey_x_debug->sadb_x_debug_spi;
-+ debug_radij &= pfkey_x_debug->sadb_x_debug_radij;
-+ debug_esp &= pfkey_x_debug->sadb_x_debug_esp;
-+ debug_ah &= pfkey_x_debug->sadb_x_debug_ah;
-+ debug_rcv &= pfkey_x_debug->sadb_x_debug_rcv;
-+ debug_pfkey &= pfkey_x_debug->sadb_x_debug_pfkey;
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ sysctl_ipsec_debug_ipcomp &= pfkey_x_debug->sadb_x_debug_ipcomp;
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+ sysctl_ipsec_debug_verbose &= pfkey_x_debug->sadb_x_debug_verbose;
-+ }
-+#else /* CONFIG_KLIPS_DEBUG */
-+ printk("klips_debug:pfkey_x_debug_process: "
-+ "debugging not enabled\n");
-+ SENDERR(EINVAL);
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+errlab:
-+ return error;
-+}
-+
-+/*
-+ * $Log: pfkey_v2_ext_process.c,v $
-+ * Revision 1.20.2.2 2006/10/06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.20.2.1 2006/04/20 16:33:07 mcr
-+ * remove all of CONFIG_KLIPS_ALG --- one can no longer build without it.
-+ * Fix in-kernel module compilation. Sub-makefiles do not work.
-+ *
-+ * Revision 1.20 2005/04/29 05:10:22 mcr
-+ * removed from extraenous includes to make unit testing easier.
-+ *
-+ * Revision 1.19 2004/12/04 07:14:18 mcr
-+ * resolution to gcc3-ism was wrong. fixed to assign correct
-+ * variable.
-+ *
-+ * Revision 1.18 2004/12/03 21:25:57 mcr
-+ * compile time fixes for running on 2.6.
-+ * still experimental.
-+ *
-+ * Revision 1.17 2004/08/21 00:45:04 mcr
-+ * CONFIG_KLIPS_NAT was wrong, also need to include udp.h.
-+ *
-+ * Revision 1.16 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.15 2004/04/06 02:49:26 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.14 2004/02/03 03:13:59 mcr
-+ * no longer #ifdef out NON_ESP mode. That was a mistake.
-+ *
-+ * Revision 1.13 2003/12/15 18:13:12 mcr
-+ * when compiling with NAT traversal, don't assume that the
-+ * kernel has been patched, unless CONFIG_IPSEC_NAT_NON_ESP
-+ * is set.
-+ *
-+ * Revision 1.12.2.1 2003/12/22 15:25:52 jjo
-+ * Merged algo-0.8.1-rc11-test1 into alg-branch
-+ *
-+ * Revision 1.12 2003/12/10 01:14:27 mcr
-+ * NAT-traversal patches to KLIPS.
-+ *
-+ * Revision 1.11 2003/10/31 02:27:55 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.10.4.2 2003/10/29 01:30:41 mcr
-+ * elimited "struct sa_id".
-+ *
-+ * Revision 1.10.4.1 2003/09/21 13:59:56 mcr
-+ * pre-liminary X.509 patch - does not yet pass tests.
-+ *
-+ * Revision 1.10 2003/02/06 01:51:41 rgb
-+ * Removed no longer relevant comment
-+ *
-+ * Revision 1.9 2003/01/30 02:32:44 rgb
-+ *
-+ * Transmit error code through to caller from callee for better diagnosis of problems.
-+ *
-+ * Revision 1.8 2002/12/13 22:42:22 mcr
-+ * restored sa_ref code
-+ *
-+ * Revision 1.7 2002/12/13 22:40:48 mcr
-+ * temporarily removed sadb_x_sa_ref reference for 2.xx
-+ *
-+ * Revision 1.6 2002/10/05 05:02:58 dhr
-+ *
-+ * C labels go on statements
-+ *
-+ * Revision 1.5 2002/09/20 15:41:08 rgb
-+ * Switch from pfkey_alloc_ipsec_sa() to ipsec_sa_alloc().
-+ * Added sadb_x_sa_ref to struct sadb_sa.
-+ *
-+ * Revision 1.4 2002/09/20 05:02:02 rgb
-+ * Added memory allocation debugging.
-+ *
-+ * Revision 1.3 2002/07/24 18:44:54 rgb
-+ * Type fiddling to tame ia64 compiler.
-+ *
-+ * Revision 1.2 2002/05/27 18:55:03 rgb
-+ * Remove final vistiges of tdb references via IPSEC_KLIPS1_COMPAT.
-+ *
-+ * Revision 1.1 2002/05/14 02:33:51 rgb
-+ * Moved all the extension processing functions to pfkey_v2_ext_process.c.
-+ *
-+ *
-+ * Local variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/pfkey_v2_parse.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,1846 @@
-+/*
-+ * RFC2367 PF_KEYv2 Key management API message parser
-+ * Copyright (C) 1999, 2000, 2001 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: pfkey_v2_parse.c,v 1.65 2005/04/06 17:46:05 mcr Exp $
-+ */
-+
-+/*
-+ * Template from klips/net/ipsec/ipsec/ipsec_parser.c.
-+ */
-+
-+char pfkey_v2_parse_c_version[] = "$Id: pfkey_v2_parse.c,v 1.65 2005/04/06 17:46:05 mcr Exp $";
-+
-+/*
-+ * Some ugly stuff to allow consistent debugging code for use in the
-+ * kernel and in user space
-+*/
-+
-+#ifdef __KERNEL__
-+
-+# include <linux/kernel.h> /* for printk */
-+
-+#include "openswan/ipsec_kversion.h" /* for malloc switch */
-+
-+# ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+# else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+# endif /* MALLOC_SLAB */
-+# include <linux/errno.h> /* error codes */
-+# include <linux/types.h> /* size_t */
-+# include <linux/interrupt.h> /* mark_bh */
-+
-+# include <linux/netdevice.h> /* struct device, and other headers */
-+# include <linux/etherdevice.h> /* eth_type_trans */
-+# include <linux/ip.h> /* struct iphdr */
-+# if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
-+# include <linux/ipv6.h> /* struct ipv6hdr */
-+# endif /* if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) */
-+extern int debug_pfkey;
-+
-+# include <openswan.h>
-+
-+#include "openswan/ipsec_encap.h"
-+
-+#else /* __KERNEL__ */
-+
-+# include <sys/types.h>
-+# include <linux/types.h>
-+# include <linux/errno.h>
-+
-+# include <openswan.h>
-+# include "constants.h"
-+# include "programs/pluto/defs.h" /* for PRINTF_LIKE */
-+
-+#endif /* __KERNEL__ */
-+
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+#include "openswan/ipsec_sa.h" /* IPSEC_SAREF_NULL, IPSEC_SA_REF_TABLE_IDX_WIDTH */
-+
-+/*
-+ * how to handle debugging for pfkey.
-+ */
-+#include <openswan/pfkey_debug.h>
-+
-+unsigned int pfkey_lib_debug = PF_KEY_DEBUG_PARSE_NONE;
-+void (*pfkey_debug_func)(const char *message, ...) PRINTF_LIKE(1);
-+void (*pfkey_error_func)(const char *message, ...) PRINTF_LIKE(1);
-+
-+
-+#define SENDERR(_x) do { error = -(_x); goto errlab; } while (0)
-+
-+struct satype_tbl {
-+ uint8_t proto;
-+ uint8_t satype;
-+ char* name;
-+} static satype_tbl[] = {
-+#ifdef __KERNEL__
-+ { IPPROTO_ESP, SADB_SATYPE_ESP, "ESP" },
-+ { IPPROTO_AH, SADB_SATYPE_AH, "AH" },
-+ { IPPROTO_IPIP, SADB_X_SATYPE_IPIP, "IPIP" },
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ { IPPROTO_COMP, SADB_X_SATYPE_COMP, "COMP" },
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+ { IPPROTO_INT, SADB_X_SATYPE_INT, "INT" },
-+#else /* __KERNEL__ */
-+ { SA_ESP, SADB_SATYPE_ESP, "ESP" },
-+ { SA_AH, SADB_SATYPE_AH, "AH" },
-+ { SA_IPIP, SADB_X_SATYPE_IPIP, "IPIP" },
-+ { SA_COMP, SADB_X_SATYPE_COMP, "COMP" },
-+ { SA_INT, SADB_X_SATYPE_INT, "INT" },
-+#endif /* __KERNEL__ */
-+ { 0, 0, "UNKNOWN" }
-+};
-+
-+uint8_t
-+satype2proto(uint8_t satype)
-+{
-+ int i =0;
-+
-+ while(satype_tbl[i].satype != satype && satype_tbl[i].satype != 0) {
-+ i++;
-+ }
-+ return satype_tbl[i].proto;
-+}
-+
-+uint8_t
-+proto2satype(uint8_t proto)
-+{
-+ int i = 0;
-+
-+ while(satype_tbl[i].proto != proto && satype_tbl[i].proto != 0) {
-+ i++;
-+ }
-+ return satype_tbl[i].satype;
-+}
-+
-+char*
-+satype2name(uint8_t satype)
-+{
-+ int i = 0;
-+
-+ while(satype_tbl[i].satype != satype && satype_tbl[i].satype != 0) {
-+ i++;
-+ }
-+ return satype_tbl[i].name;
-+}
-+
-+char*
-+proto2name(uint8_t proto)
-+{
-+ int i = 0;
-+
-+ while(satype_tbl[i].proto != proto && satype_tbl[i].proto != 0) {
-+ i++;
-+ }
-+ return satype_tbl[i].name;
-+}
-+
-+/* Default extension parsers taken from the KLIPS code */
-+
-+DEBUG_NO_STATIC int
-+pfkey_sa_parse(struct sadb_ext *pfkey_ext)
-+{
-+ int error = 0;
-+ struct sadb_sa *pfkey_sa = (struct sadb_sa *)pfkey_ext;
-+#if 0
-+ struct sadb_sa sav2;
-+#endif
-+
-+ /* sanity checks... */
-+ if(!pfkey_sa) {
-+ ERROR("pfkey_sa_parse: "
-+ "NULL pointer passed in.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+#if 0
-+ /* check if this structure is short, and if so, fix it up.
-+ * XXX this is NOT the way to do things.
-+ */
-+ if(pfkey_sa->sadb_sa_len == sizeof(struct sadb_sa_v1)/IPSEC_PFKEYv2_ALIGN) {
-+
-+ /* yes, so clear out a temporary structure, and copy first */
-+ memset(&sav2, 0, sizeof(sav2));
-+ memcpy(&sav2, pfkey_sa, sizeof(struct sadb_sa_v1));
-+ sav2.sadb_x_sa_ref=-1;
-+ sav2.sadb_sa_len = sizeof(struct sadb_sa) / IPSEC_PFKEYv2_ALIGN;
-+
-+ pfkey_sa = &sav2;
-+ }
-+#endif
-+
-+
-+ if(pfkey_sa->sadb_sa_len != sizeof(struct sadb_sa) / IPSEC_PFKEYv2_ALIGN) {
-+ ERROR(
-+ "pfkey_sa_parse: "
-+ "length wrong pfkey_sa->sadb_sa_len=%d sizeof(struct sadb_sa)=%d.\n",
-+ pfkey_sa->sadb_sa_len,
-+ (int)sizeof(struct sadb_sa));
-+ SENDERR(EINVAL);
-+ }
-+
-+#if SADB_EALG_MAX < 255
-+ if(pfkey_sa->sadb_sa_encrypt > SADB_EALG_MAX) {
-+ ERROR(
-+ "pfkey_sa_parse: "
-+ "pfkey_sa->sadb_sa_encrypt=%d > SADB_EALG_MAX=%d.\n",
-+ pfkey_sa->sadb_sa_encrypt,
-+ SADB_EALG_MAX);
-+ SENDERR(EINVAL);
-+ }
-+#endif
-+
-+#if SADB_AALG_MAX < 255
-+ if(pfkey_sa->sadb_sa_auth > SADB_AALG_MAX) {
-+ ERROR(
-+ "pfkey_sa_parse: "
-+ "pfkey_sa->sadb_sa_auth=%d > SADB_AALG_MAX=%d.\n",
-+ pfkey_sa->sadb_sa_auth,
-+ SADB_AALG_MAX);
-+ SENDERR(EINVAL);
-+ }
-+#endif
-+
-+#if SADB_SASTATE_MAX < 255
-+ if(pfkey_sa->sadb_sa_state > SADB_SASTATE_MAX) {
-+ ERROR(
-+ "pfkey_sa_parse: "
-+ "state=%d exceeds MAX=%d.\n",
-+ pfkey_sa->sadb_sa_state,
-+ SADB_SASTATE_MAX);
-+ SENDERR(EINVAL);
-+ }
-+#endif
-+
-+ if(pfkey_sa->sadb_sa_state == SADB_SASTATE_DEAD) {
-+ ERROR(
-+ "pfkey_sa_parse: "
-+ "state=%d is DEAD=%d.\n",
-+ pfkey_sa->sadb_sa_state,
-+ SADB_SASTATE_DEAD);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_sa->sadb_sa_replay > 64) {
-+ ERROR(
-+ "pfkey_sa_parse: "
-+ "replay window size: %d -- must be 0 <= size <= 64\n",
-+ pfkey_sa->sadb_sa_replay);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(! ((pfkey_sa->sadb_sa_exttype == SADB_EXT_SA) ||
-+ (pfkey_sa->sadb_sa_exttype == SADB_X_EXT_SA2)))
-+ {
-+ ERROR(
-+ "pfkey_sa_parse: "
-+ "unknown exttype=%d, expecting SADB_EXT_SA=%d or SADB_X_EXT_SA2=%d.\n",
-+ pfkey_sa->sadb_sa_exttype,
-+ SADB_EXT_SA,
-+ SADB_X_EXT_SA2);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if((IPSEC_SAREF_NULL != pfkey_sa->sadb_x_sa_ref) && (pfkey_sa->sadb_x_sa_ref >= (1 << IPSEC_SA_REF_TABLE_IDX_WIDTH))) {
-+ ERROR(
-+ "pfkey_sa_parse: "
-+ "SAref=%d must be (SAref == IPSEC_SAREF_NULL(%d) || SAref < IPSEC_SA_REF_TABLE_NUM_ENTRIES(%d)).\n",
-+ pfkey_sa->sadb_x_sa_ref,
-+ IPSEC_SAREF_NULL,
-+ IPSEC_SA_REF_TABLE_NUM_ENTRIES);
-+ SENDERR(EINVAL);
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_STRUCT,
-+ "pfkey_sa_parse: "
-+ "successfully found len=%d exttype=%d(%s) spi=%08lx replay=%d state=%d auth=%d encrypt=%d flags=%d ref=%d.\n",
-+ pfkey_sa->sadb_sa_len,
-+ pfkey_sa->sadb_sa_exttype,
-+ pfkey_v2_sadb_ext_string(pfkey_sa->sadb_sa_exttype),
-+ (long unsigned int)ntohl(pfkey_sa->sadb_sa_spi),
-+ pfkey_sa->sadb_sa_replay,
-+ pfkey_sa->sadb_sa_state,
-+ pfkey_sa->sadb_sa_auth,
-+ pfkey_sa->sadb_sa_encrypt,
-+ pfkey_sa->sadb_sa_flags,
-+ pfkey_sa->sadb_x_sa_ref);
-+
-+ errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_lifetime_parse(struct sadb_ext *pfkey_ext)
-+{
-+ int error = 0;
-+ struct sadb_lifetime *pfkey_lifetime = (struct sadb_lifetime *)pfkey_ext;
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_FLOW,
-+ "pfkey_lifetime_parse:enter\n");
-+ /* sanity checks... */
-+ if(!pfkey_lifetime) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_lifetime_parse: "
-+ "NULL pointer passed in.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_lifetime->sadb_lifetime_len !=
-+ sizeof(struct sadb_lifetime) / IPSEC_PFKEYv2_ALIGN) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_lifetime_parse: "
-+ "length wrong pfkey_lifetime->sadb_lifetime_len=%d sizeof(struct sadb_lifetime)=%d.\n",
-+ pfkey_lifetime->sadb_lifetime_len,
-+ (int)sizeof(struct sadb_lifetime));
-+ SENDERR(EINVAL);
-+ }
-+
-+ if((pfkey_lifetime->sadb_lifetime_exttype != SADB_EXT_LIFETIME_HARD) &&
-+ (pfkey_lifetime->sadb_lifetime_exttype != SADB_EXT_LIFETIME_SOFT) &&
-+ (pfkey_lifetime->sadb_lifetime_exttype != SADB_EXT_LIFETIME_CURRENT)) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_lifetime_parse: "
-+ "unexpected ext_type=%d.\n",
-+ pfkey_lifetime->sadb_lifetime_exttype);
-+ SENDERR(EINVAL);
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_STRUCT,
-+ "pfkey_lifetime_parse: "
-+ "life_type=%d(%s) alloc=%u bytes=%u add=%u use=%u pkts=%u.\n",
-+ pfkey_lifetime->sadb_lifetime_exttype,
-+ pfkey_v2_sadb_ext_string(pfkey_lifetime->sadb_lifetime_exttype),
-+ pfkey_lifetime->sadb_lifetime_allocations,
-+ (unsigned)pfkey_lifetime->sadb_lifetime_bytes,
-+ (unsigned)pfkey_lifetime->sadb_lifetime_addtime,
-+ (unsigned)pfkey_lifetime->sadb_lifetime_usetime,
-+ pfkey_lifetime->sadb_x_lifetime_packets);
-+errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_address_parse(struct sadb_ext *pfkey_ext)
-+{
-+ int error = 0;
-+ int saddr_len = 0;
-+ struct sadb_address *pfkey_address = (struct sadb_address *)pfkey_ext;
-+ struct sockaddr* s = (struct sockaddr*)((char*)pfkey_address + sizeof(*pfkey_address));
-+ char ipaddr_txt[ADDRTOT_BUF];
-+
-+ /* sanity checks... */
-+ if(!pfkey_address) {
-+ ERROR(
-+ "pfkey_address_parse: "
-+ "NULL pointer passed in.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_address->sadb_address_len <
-+ (sizeof(struct sadb_address) + sizeof(struct sockaddr))/
-+ IPSEC_PFKEYv2_ALIGN) {
-+ ERROR("pfkey_address_parse: "
-+ "size wrong 1 ext_len=%d, adr_ext_len=%d, saddr_len=%d.\n",
-+ pfkey_address->sadb_address_len,
-+ (int)sizeof(struct sadb_address),
-+ (int)sizeof(struct sockaddr));
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_address->sadb_address_reserved) {
-+ ERROR("pfkey_address_parse: "
-+ "res=%d, must be zero.\n",
-+ pfkey_address->sadb_address_reserved);
-+ SENDERR(EINVAL);
-+ }
-+
-+ switch(pfkey_address->sadb_address_exttype) {
-+ case SADB_EXT_ADDRESS_SRC:
-+ case SADB_EXT_ADDRESS_DST:
-+ case SADB_EXT_ADDRESS_PROXY:
-+ case SADB_X_EXT_ADDRESS_DST2:
-+ case SADB_X_EXT_ADDRESS_SRC_FLOW:
-+ case SADB_X_EXT_ADDRESS_DST_FLOW:
-+ case SADB_X_EXT_ADDRESS_SRC_MASK:
-+ case SADB_X_EXT_ADDRESS_DST_MASK:
-+#ifdef NAT_TRAVERSAL
-+ case SADB_X_EXT_NAT_T_OA:
-+#endif
-+ break;
-+ default:
-+ ERROR(
-+ "pfkey_address_parse: "
-+ "unexpected ext_type=%d.\n",
-+ pfkey_address->sadb_address_exttype);
-+ SENDERR(ENOPKG);
-+ }
-+
-+ switch(s->sa_family) {
-+ case AF_INET:
-+ saddr_len = sizeof(struct sockaddr_in);
-+ sprintf(ipaddr_txt, "%d.%d.%d.%d"
-+ , (((struct sockaddr_in*)s)->sin_addr.s_addr >> 0) & 0xFF
-+ , (((struct sockaddr_in*)s)->sin_addr.s_addr >> 8) & 0xFF
-+ , (((struct sockaddr_in*)s)->sin_addr.s_addr >> 16) & 0xFF
-+ , (((struct sockaddr_in*)s)->sin_addr.s_addr >> 24) & 0xFF);
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_STRUCT,
-+ "pfkey_address_parse: "
-+ "found exttype=%u(%s) family=%d(AF_INET) address=%s proto=%u port=%u.\n",
-+ pfkey_address->sadb_address_exttype,
-+ pfkey_v2_sadb_ext_string(pfkey_address->sadb_address_exttype),
-+ s->sa_family,
-+ ipaddr_txt,
-+ pfkey_address->sadb_address_proto,
-+ ntohs(((struct sockaddr_in*)s)->sin_port));
-+ break;
-+ case AF_INET6:
-+ saddr_len = sizeof(struct sockaddr_in6);
-+ sprintf(ipaddr_txt, "%x:%x:%x:%x:%x:%x:%x:%x"
-+ , ntohs(((struct sockaddr_in6*)s)->sin6_addr.s6_addr16[0])
-+ , ntohs(((struct sockaddr_in6*)s)->sin6_addr.s6_addr16[1])
-+ , ntohs(((struct sockaddr_in6*)s)->sin6_addr.s6_addr16[2])
-+ , ntohs(((struct sockaddr_in6*)s)->sin6_addr.s6_addr16[3])
-+ , ntohs(((struct sockaddr_in6*)s)->sin6_addr.s6_addr16[4])
-+ , ntohs(((struct sockaddr_in6*)s)->sin6_addr.s6_addr16[5])
-+ , ntohs(((struct sockaddr_in6*)s)->sin6_addr.s6_addr16[6])
-+ , ntohs(((struct sockaddr_in6*)s)->sin6_addr.s6_addr16[7]));
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_STRUCT,
-+ "pfkey_address_parse: "
-+ "found exttype=%u(%s) family=%d(AF_INET6) address=%s proto=%u port=%u.\n",
-+ pfkey_address->sadb_address_exttype,
-+ pfkey_v2_sadb_ext_string(pfkey_address->sadb_address_exttype),
-+ s->sa_family,
-+ ipaddr_txt,
-+ pfkey_address->sadb_address_proto,
-+ ((struct sockaddr_in6*)s)->sin6_port);
-+ break;
-+ default:
-+ ERROR(
-+ "pfkey_address_parse: "
-+ "s->sa_family=%d not supported.\n",
-+ s->sa_family);
-+ SENDERR(EPFNOSUPPORT);
-+ }
-+
-+ if(pfkey_address->sadb_address_len !=
-+ DIVUP(sizeof(struct sadb_address) + saddr_len, IPSEC_PFKEYv2_ALIGN)) {
-+ ERROR(
-+ "pfkey_address_parse: "
-+ "size wrong 2 ext_len=%d, adr_ext_len=%d, saddr_len=%d.\n",
-+ pfkey_address->sadb_address_len,
-+ (int)sizeof(struct sadb_address),
-+ saddr_len);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_address->sadb_address_prefixlen != 0) {
-+ ERROR(
-+ "pfkey_address_parse: "
-+ "address prefixes not supported yet.\n");
-+ SENDERR(EAFNOSUPPORT); /* not supported yet */
-+ }
-+
-+ /* XXX check if port!=0 */
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_FLOW,
-+ "pfkey_address_parse: successful.\n");
-+ errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_key_parse(struct sadb_ext *pfkey_ext)
-+{
-+ int error = 0;
-+ struct sadb_key *pfkey_key = (struct sadb_key *)pfkey_ext;
-+
-+ /* sanity checks... */
-+
-+ if(!pfkey_key) {
-+ ERROR(
-+ "pfkey_key_parse: "
-+ "NULL pointer passed in.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_key->sadb_key_len < sizeof(struct sadb_key) / IPSEC_PFKEYv2_ALIGN) {
-+ ERROR(
-+ "pfkey_key_parse: "
-+ "size wrong ext_len=%d, key_ext_len=%d.\n",
-+ pfkey_key->sadb_key_len,
-+ (int)sizeof(struct sadb_key));
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(!pfkey_key->sadb_key_bits) {
-+ ERROR(
-+ "pfkey_key_parse: "
-+ "key length set to zero, must be non-zero.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_key->sadb_key_len !=
-+ DIVUP(sizeof(struct sadb_key) * OCTETBITS + pfkey_key->sadb_key_bits,
-+ PFKEYBITS)) {
-+ ERROR(
-+ "pfkey_key_parse: "
-+ "key length=%d does not agree with extension length=%d.\n",
-+ pfkey_key->sadb_key_bits,
-+ pfkey_key->sadb_key_len);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_key->sadb_key_reserved) {
-+ ERROR(
-+ "pfkey_key_parse: "
-+ "res=%d, must be zero.\n",
-+ pfkey_key->sadb_key_reserved);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(! ( (pfkey_key->sadb_key_exttype == SADB_EXT_KEY_AUTH) ||
-+ (pfkey_key->sadb_key_exttype == SADB_EXT_KEY_ENCRYPT))) {
-+ ERROR(
-+ "pfkey_key_parse: "
-+ "expecting extension type AUTH or ENCRYPT, got %d.\n",
-+ pfkey_key->sadb_key_exttype);
-+ SENDERR(EINVAL);
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_STRUCT,
-+ "pfkey_key_parse: "
-+ "success, found len=%d exttype=%d(%s) bits=%d reserved=%d.\n",
-+ pfkey_key->sadb_key_len,
-+ pfkey_key->sadb_key_exttype,
-+ pfkey_v2_sadb_ext_string(pfkey_key->sadb_key_exttype),
-+ pfkey_key->sadb_key_bits,
-+ pfkey_key->sadb_key_reserved);
-+
-+errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_ident_parse(struct sadb_ext *pfkey_ext)
-+{
-+ int error = 0;
-+ struct sadb_ident *pfkey_ident = (struct sadb_ident *)pfkey_ext;
-+
-+ /* sanity checks... */
-+ if(pfkey_ident->sadb_ident_len < sizeof(struct sadb_ident) / IPSEC_PFKEYv2_ALIGN) {
-+ ERROR(
-+ "pfkey_ident_parse: "
-+ "size wrong ext_len=%d, key_ext_len=%d.\n",
-+ pfkey_ident->sadb_ident_len,
-+ (int)sizeof(struct sadb_ident));
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_ident->sadb_ident_type > SADB_IDENTTYPE_MAX) {
-+ ERROR(
-+ "pfkey_ident_parse: "
-+ "ident_type=%d out of range, must be less than %d.\n",
-+ pfkey_ident->sadb_ident_type,
-+ SADB_IDENTTYPE_MAX);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_ident->sadb_ident_reserved) {
-+ ERROR(
-+ "pfkey_ident_parse: "
-+ "res=%d, must be zero.\n",
-+ pfkey_ident->sadb_ident_reserved);
-+ SENDERR(EINVAL);
-+ }
-+
-+ /* string terminator/padding must be zero */
-+ if(pfkey_ident->sadb_ident_len > sizeof(struct sadb_ident) / IPSEC_PFKEYv2_ALIGN) {
-+ if(*((char*)pfkey_ident + pfkey_ident->sadb_ident_len * IPSEC_PFKEYv2_ALIGN - 1)) {
-+ ERROR(
-+ "pfkey_ident_parse: "
-+ "string padding must be zero, last is 0x%02x.\n",
-+ *((char*)pfkey_ident +
-+ pfkey_ident->sadb_ident_len * IPSEC_PFKEYv2_ALIGN - 1));
-+ SENDERR(EINVAL);
-+ }
-+ }
-+
-+ if( ! ((pfkey_ident->sadb_ident_exttype == SADB_EXT_IDENTITY_SRC) ||
-+ (pfkey_ident->sadb_ident_exttype == SADB_EXT_IDENTITY_DST))) {
-+ ERROR(
-+ "pfkey_key_parse: "
-+ "expecting extension type IDENTITY_SRC or IDENTITY_DST, got %d.\n",
-+ pfkey_ident->sadb_ident_exttype);
-+ SENDERR(EINVAL);
-+ }
-+
-+errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_sens_parse(struct sadb_ext *pfkey_ext)
-+{
-+ int error = 0;
-+ struct sadb_sens *pfkey_sens = (struct sadb_sens *)pfkey_ext;
-+
-+ /* sanity checks... */
-+ if(pfkey_sens->sadb_sens_len < sizeof(struct sadb_sens) / IPSEC_PFKEYv2_ALIGN) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_sens_parse: "
-+ "size wrong ext_len=%d, key_ext_len=%d.\n",
-+ pfkey_sens->sadb_sens_len,
-+ (int)sizeof(struct sadb_sens));
-+ SENDERR(EINVAL);
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_sens_parse: "
-+ "Sorry, I can't parse exttype=%d yet.\n",
-+ pfkey_ext->sadb_ext_type);
-+#if 0
-+ SENDERR(EINVAL); /* don't process these yet */
-+#endif
-+
-+errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_prop_parse(struct sadb_ext *pfkey_ext)
-+{
-+ int error = 0;
-+ int i, num_comb;
-+ struct sadb_prop *pfkey_prop = (struct sadb_prop *)pfkey_ext;
-+ struct sadb_comb *pfkey_comb = (struct sadb_comb *)((char*)pfkey_ext + sizeof(struct sadb_prop));
-+
-+ /* sanity checks... */
-+ if((pfkey_prop->sadb_prop_len < sizeof(struct sadb_prop) / IPSEC_PFKEYv2_ALIGN) ||
-+ (((pfkey_prop->sadb_prop_len * IPSEC_PFKEYv2_ALIGN) - sizeof(struct sadb_prop)) % sizeof(struct sadb_comb))) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "size wrong ext_len=%d, prop_ext_len=%d comb_ext_len=%d.\n",
-+ pfkey_prop->sadb_prop_len,
-+ (int)sizeof(struct sadb_prop),
-+ (int)sizeof(struct sadb_comb));
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_prop->sadb_prop_replay > 64) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "replay window size: %d -- must be 0 <= size <= 64\n",
-+ pfkey_prop->sadb_prop_replay);
-+ SENDERR(EINVAL);
-+ }
-+
-+ for(i=0; i<3; i++) {
-+ if(pfkey_prop->sadb_prop_reserved[i]) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "res[%d]=%d, must be zero.\n",
-+ i, pfkey_prop->sadb_prop_reserved[i]);
-+ SENDERR(EINVAL);
-+ }
-+ }
-+
-+ num_comb = ((pfkey_prop->sadb_prop_len * IPSEC_PFKEYv2_ALIGN) - sizeof(struct sadb_prop)) / sizeof(struct sadb_comb);
-+
-+ for(i = 0; i < num_comb; i++) {
-+ if(pfkey_comb->sadb_comb_auth > SADB_AALG_MAX) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "pfkey_comb[%d]->sadb_comb_auth=%d > SADB_AALG_MAX=%d.\n",
-+ i,
-+ pfkey_comb->sadb_comb_auth,
-+ SADB_AALG_MAX);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_comb->sadb_comb_auth) {
-+ if(!pfkey_comb->sadb_comb_auth_minbits) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "pfkey_comb[%d]->sadb_comb_auth_minbits=0, fatal.\n",
-+ i);
-+ SENDERR(EINVAL);
-+ }
-+ if(!pfkey_comb->sadb_comb_auth_maxbits) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "pfkey_comb[%d]->sadb_comb_auth_maxbits=0, fatal.\n",
-+ i);
-+ SENDERR(EINVAL);
-+ }
-+ if(pfkey_comb->sadb_comb_auth_minbits > pfkey_comb->sadb_comb_auth_maxbits) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "pfkey_comb[%d]->sadb_comb_auth_minbits=%d > maxbits=%d, fatal.\n",
-+ i,
-+ pfkey_comb->sadb_comb_auth_minbits,
-+ pfkey_comb->sadb_comb_auth_maxbits);
-+ SENDERR(EINVAL);
-+ }
-+ } else {
-+ if(pfkey_comb->sadb_comb_auth_minbits) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "pfkey_comb[%d]->sadb_comb_auth_minbits=%d != 0, fatal.\n",
-+ i,
-+ pfkey_comb->sadb_comb_auth_minbits);
-+ SENDERR(EINVAL);
-+ }
-+ if(pfkey_comb->sadb_comb_auth_maxbits) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "pfkey_comb[%d]->sadb_comb_auth_maxbits=%d != 0, fatal.\n",
-+ i,
-+ pfkey_comb->sadb_comb_auth_maxbits);
-+ SENDERR(EINVAL);
-+ }
-+ }
-+
-+#if SADB_EALG_MAX < 255
-+ if(pfkey_comb->sadb_comb_encrypt > SADB_EALG_MAX) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_comb_parse: "
-+ "pfkey_comb[%d]->sadb_comb_encrypt=%d > SADB_EALG_MAX=%d.\n",
-+ i,
-+ pfkey_comb->sadb_comb_encrypt,
-+ SADB_EALG_MAX);
-+ SENDERR(EINVAL);
-+ }
-+#endif
-+
-+ if(pfkey_comb->sadb_comb_encrypt) {
-+ if(!pfkey_comb->sadb_comb_encrypt_minbits) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "pfkey_comb[%d]->sadb_comb_encrypt_minbits=0, fatal.\n",
-+ i);
-+ SENDERR(EINVAL);
-+ }
-+ if(!pfkey_comb->sadb_comb_encrypt_maxbits) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "pfkey_comb[%d]->sadb_comb_encrypt_maxbits=0, fatal.\n",
-+ i);
-+ SENDERR(EINVAL);
-+ }
-+ if(pfkey_comb->sadb_comb_encrypt_minbits > pfkey_comb->sadb_comb_encrypt_maxbits) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "pfkey_comb[%d]->sadb_comb_encrypt_minbits=%d > maxbits=%d, fatal.\n",
-+ i,
-+ pfkey_comb->sadb_comb_encrypt_minbits,
-+ pfkey_comb->sadb_comb_encrypt_maxbits);
-+ SENDERR(EINVAL);
-+ }
-+ } else {
-+ if(pfkey_comb->sadb_comb_encrypt_minbits) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "pfkey_comb[%d]->sadb_comb_encrypt_minbits=%d != 0, fatal.\n",
-+ i,
-+ pfkey_comb->sadb_comb_encrypt_minbits);
-+ SENDERR(EINVAL);
-+ }
-+ if(pfkey_comb->sadb_comb_encrypt_maxbits) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "pfkey_comb[%d]->sadb_comb_encrypt_maxbits=%d != 0, fatal.\n",
-+ i,
-+ pfkey_comb->sadb_comb_encrypt_maxbits);
-+ SENDERR(EINVAL);
-+ }
-+ }
-+
-+ /* XXX do sanity check on flags */
-+
-+ if(pfkey_comb->sadb_comb_hard_allocations && pfkey_comb->sadb_comb_soft_allocations > pfkey_comb->sadb_comb_hard_allocations) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "pfkey_comb[%d]->sadb_comb_soft_allocations=%d > hard_allocations=%d, fatal.\n",
-+ i,
-+ pfkey_comb->sadb_comb_soft_allocations,
-+ pfkey_comb->sadb_comb_hard_allocations);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_comb->sadb_comb_hard_bytes && pfkey_comb->sadb_comb_soft_bytes > pfkey_comb->sadb_comb_hard_bytes) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "pfkey_comb[%d]->sadb_comb_soft_bytes=%Ld > hard_bytes=%Ld, fatal.\n",
-+ i,
-+ (unsigned long long int)pfkey_comb->sadb_comb_soft_bytes,
-+ (unsigned long long int)pfkey_comb->sadb_comb_hard_bytes);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_comb->sadb_comb_hard_addtime && pfkey_comb->sadb_comb_soft_addtime > pfkey_comb->sadb_comb_hard_addtime) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "pfkey_comb[%d]->sadb_comb_soft_addtime=%Ld > hard_addtime=%Ld, fatal.\n",
-+ i,
-+ (unsigned long long int)pfkey_comb->sadb_comb_soft_addtime,
-+ (unsigned long long int)pfkey_comb->sadb_comb_hard_addtime);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_comb->sadb_comb_hard_usetime && pfkey_comb->sadb_comb_soft_usetime > pfkey_comb->sadb_comb_hard_usetime) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "pfkey_comb[%d]->sadb_comb_soft_usetime=%Ld > hard_usetime=%Ld, fatal.\n",
-+ i,
-+ (unsigned long long int)pfkey_comb->sadb_comb_soft_usetime,
-+ (unsigned long long int)pfkey_comb->sadb_comb_hard_usetime);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_comb->sadb_x_comb_hard_packets && pfkey_comb->sadb_x_comb_soft_packets > pfkey_comb->sadb_x_comb_hard_packets) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "pfkey_comb[%d]->sadb_x_comb_soft_packets=%d > hard_packets=%d, fatal.\n",
-+ i,
-+ pfkey_comb->sadb_x_comb_soft_packets,
-+ pfkey_comb->sadb_x_comb_hard_packets);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_comb->sadb_comb_reserved) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_prop_parse: "
-+ "comb[%d].res=%d, must be zero.\n",
-+ i,
-+ pfkey_comb->sadb_comb_reserved);
-+ SENDERR(EINVAL);
-+ }
-+ pfkey_comb++;
-+ }
-+
-+errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_supported_parse(struct sadb_ext *pfkey_ext)
-+{
-+ int error = 0;
-+ unsigned int i, num_alg;
-+ struct sadb_supported *pfkey_supported = (struct sadb_supported *)pfkey_ext;
-+ struct sadb_alg *pfkey_alg = (struct sadb_alg*)((char*)pfkey_ext + sizeof(struct sadb_supported));
-+
-+ /* sanity checks... */
-+ if((pfkey_supported->sadb_supported_len <
-+ sizeof(struct sadb_supported) / IPSEC_PFKEYv2_ALIGN) ||
-+ (((pfkey_supported->sadb_supported_len * IPSEC_PFKEYv2_ALIGN) -
-+ sizeof(struct sadb_supported)) % sizeof(struct sadb_alg))) {
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_supported_parse: "
-+ "size wrong ext_len=%d, supported_ext_len=%d alg_ext_len=%d.\n",
-+ pfkey_supported->sadb_supported_len,
-+ (int)sizeof(struct sadb_supported),
-+ (int)sizeof(struct sadb_alg));
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_supported->sadb_supported_reserved) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_supported_parse: "
-+ "res=%d, must be zero.\n",
-+ pfkey_supported->sadb_supported_reserved);
-+ SENDERR(EINVAL);
-+ }
-+
-+ num_alg = ((pfkey_supported->sadb_supported_len * IPSEC_PFKEYv2_ALIGN) - sizeof(struct sadb_supported)) / sizeof(struct sadb_alg);
-+
-+ for(i = 0; i < num_alg; i++) {
-+ /* process algo description */
-+ if(pfkey_alg->sadb_alg_reserved) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_supported_parse: "
-+ "alg[%d], id=%d, ivlen=%d, minbits=%d, maxbits=%d, res=%d, must be zero.\n",
-+ i,
-+ pfkey_alg->sadb_alg_id,
-+ pfkey_alg->sadb_alg_ivlen,
-+ pfkey_alg->sadb_alg_minbits,
-+ pfkey_alg->sadb_alg_maxbits,
-+ pfkey_alg->sadb_alg_reserved);
-+ SENDERR(EINVAL);
-+ }
-+
-+ /* XXX can alg_id auth/enc be determined from info given?
-+ Yes, but OpenBSD's method does not iteroperate with rfc2367.
-+ rgb, 2000-04-06 */
-+
-+ switch(pfkey_supported->sadb_supported_exttype) {
-+ case SADB_EXT_SUPPORTED_AUTH:
-+ if(pfkey_alg->sadb_alg_id > SADB_AALG_MAX) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_supported_parse: "
-+ "alg[%d], alg_id=%d > SADB_AALG_MAX=%d, fatal.\n",
-+ i,
-+ pfkey_alg->sadb_alg_id,
-+ SADB_AALG_MAX);
-+ SENDERR(EINVAL);
-+ }
-+ break;
-+ case SADB_EXT_SUPPORTED_ENCRYPT:
-+#if SADB_EALG_MAX < 255
-+ if(pfkey_alg->sadb_alg_id > SADB_EALG_MAX) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_supported_parse: "
-+ "alg[%d], alg_id=%d > SADB_EALG_MAX=%d, fatal.\n",
-+ i,
-+ pfkey_alg->sadb_alg_id,
-+ SADB_EALG_MAX);
-+ SENDERR(EINVAL);
-+ }
-+#endif
-+ break;
-+ default:
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_supported_parse: "
-+ "alg[%d], alg_id=%d > SADB_EALG_MAX=%d, fatal.\n",
-+ i,
-+ pfkey_alg->sadb_alg_id,
-+ SADB_EALG_MAX);
-+ SENDERR(EINVAL);
-+ }
-+ pfkey_alg++;
-+ }
-+
-+ errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_spirange_parse(struct sadb_ext *pfkey_ext)
-+{
-+ int error = 0;
-+ struct sadb_spirange *pfkey_spirange = (struct sadb_spirange *)pfkey_ext;
-+
-+ /* sanity checks... */
-+ if(pfkey_spirange->sadb_spirange_len !=
-+ sizeof(struct sadb_spirange) / IPSEC_PFKEYv2_ALIGN) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_spirange_parse: "
-+ "size wrong ext_len=%d, key_ext_len=%d.\n",
-+ pfkey_spirange->sadb_spirange_len,
-+ (int)sizeof(struct sadb_spirange));
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_spirange->sadb_spirange_reserved) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_spirange_parse: "
-+ "reserved=%d must be set to zero.\n",
-+ pfkey_spirange->sadb_spirange_reserved);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(ntohl(pfkey_spirange->sadb_spirange_max) < ntohl(pfkey_spirange->sadb_spirange_min)) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_spirange_parse: "
-+ "minspi=%08x must be < maxspi=%08x.\n",
-+ ntohl(pfkey_spirange->sadb_spirange_min),
-+ ntohl(pfkey_spirange->sadb_spirange_max));
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(ntohl(pfkey_spirange->sadb_spirange_min) <= 255) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_spirange_parse: "
-+ "minspi=%08x must be > 255.\n",
-+ ntohl(pfkey_spirange->sadb_spirange_min));
-+ SENDERR(EEXIST);
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_STRUCT,
-+ "pfkey_spirange_parse: "
-+ "ext_len=%u ext_type=%u(%s) min=%u max=%u res=%u.\n",
-+ pfkey_spirange->sadb_spirange_len,
-+ pfkey_spirange->sadb_spirange_exttype,
-+ pfkey_v2_sadb_ext_string(pfkey_spirange->sadb_spirange_exttype),
-+ pfkey_spirange->sadb_spirange_min,
-+ pfkey_spirange->sadb_spirange_max,
-+ pfkey_spirange->sadb_spirange_reserved);
-+ errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_x_kmprivate_parse(struct sadb_ext *pfkey_ext)
-+{
-+ int error = 0;
-+ struct sadb_x_kmprivate *pfkey_x_kmprivate = (struct sadb_x_kmprivate *)pfkey_ext;
-+
-+ /* sanity checks... */
-+ if(pfkey_x_kmprivate->sadb_x_kmprivate_len <
-+ sizeof(struct sadb_x_kmprivate) / IPSEC_PFKEYv2_ALIGN) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_x_kmprivate_parse: "
-+ "size wrong ext_len=%d, key_ext_len=%d.\n",
-+ pfkey_x_kmprivate->sadb_x_kmprivate_len,
-+ (int)sizeof(struct sadb_x_kmprivate));
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_x_kmprivate->sadb_x_kmprivate_reserved) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_x_kmprivate_parse: "
-+ "reserved=%d must be set to zero.\n",
-+ pfkey_x_kmprivate->sadb_x_kmprivate_reserved);
-+ SENDERR(EINVAL);
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_x_kmprivate_parse: "
-+ "Sorry, I can't parse exttype=%d yet.\n",
-+ pfkey_ext->sadb_ext_type);
-+ SENDERR(EINVAL); /* don't process these yet */
-+
-+errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_x_satype_parse(struct sadb_ext *pfkey_ext)
-+{
-+ int error = 0;
-+ int i;
-+ struct sadb_x_satype *pfkey_x_satype = (struct sadb_x_satype *)pfkey_ext;
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_FLOW,
-+ "pfkey_x_satype_parse: enter\n");
-+ /* sanity checks... */
-+ if(pfkey_x_satype->sadb_x_satype_len !=
-+ sizeof(struct sadb_x_satype) / IPSEC_PFKEYv2_ALIGN) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_x_satype_parse: "
-+ "size wrong ext_len=%d, key_ext_len=%d.\n",
-+ pfkey_x_satype->sadb_x_satype_len,
-+ (int)sizeof(struct sadb_x_satype));
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(!pfkey_x_satype->sadb_x_satype_satype) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_x_satype_parse: "
-+ "satype is zero, must be non-zero.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_x_satype->sadb_x_satype_satype > SADB_SATYPE_MAX) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_x_satype_parse: "
-+ "satype %d > max %d, invalid.\n",
-+ pfkey_x_satype->sadb_x_satype_satype, SADB_SATYPE_MAX);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(!(satype2proto(pfkey_x_satype->sadb_x_satype_satype))) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_x_satype_parse: "
-+ "proto lookup from satype=%d failed.\n",
-+ pfkey_x_satype->sadb_x_satype_satype);
-+ SENDERR(EINVAL);
-+ }
-+
-+ for(i = 0; i < 3; i++) {
-+ if(pfkey_x_satype->sadb_x_satype_reserved[i]) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_x_satype_parse: "
-+ "reserved[%d]=%d must be set to zero.\n",
-+ i, pfkey_x_satype->sadb_x_satype_reserved[i]);
-+ SENDERR(EINVAL);
-+ }
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_STRUCT,
-+ "pfkey_x_satype_parse: "
-+ "len=%u ext=%u(%s) satype=%u(%s) res=%u,%u,%u.\n",
-+ pfkey_x_satype->sadb_x_satype_len,
-+ pfkey_x_satype->sadb_x_satype_exttype,
-+ pfkey_v2_sadb_ext_string(pfkey_x_satype->sadb_x_satype_exttype),
-+ pfkey_x_satype->sadb_x_satype_satype,
-+ satype2name(pfkey_x_satype->sadb_x_satype_satype),
-+ pfkey_x_satype->sadb_x_satype_reserved[0],
-+ pfkey_x_satype->sadb_x_satype_reserved[1],
-+ pfkey_x_satype->sadb_x_satype_reserved[2]);
-+errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_x_ext_debug_parse(struct sadb_ext *pfkey_ext)
-+{
-+ int error = 0;
-+ int i;
-+ struct sadb_x_debug *pfkey_x_debug = (struct sadb_x_debug *)pfkey_ext;
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_FLOW,
-+ "pfkey_x_debug_parse: enter\n");
-+ /* sanity checks... */
-+ if(pfkey_x_debug->sadb_x_debug_len !=
-+ sizeof(struct sadb_x_debug) / IPSEC_PFKEYv2_ALIGN) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_x_debug_parse: "
-+ "size wrong ext_len=%d, key_ext_len=%d.\n",
-+ pfkey_x_debug->sadb_x_debug_len,
-+ (int)sizeof(struct sadb_x_debug));
-+ SENDERR(EINVAL);
-+ }
-+
-+ for(i = 0; i < 4; i++) {
-+ if(pfkey_x_debug->sadb_x_debug_reserved[i]) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_x_debug_parse: "
-+ "reserved[%d]=%d must be set to zero.\n",
-+ i, pfkey_x_debug->sadb_x_debug_reserved[i]);
-+ SENDERR(EINVAL);
-+ }
-+ }
-+
-+errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_x_ext_protocol_parse(struct sadb_ext *pfkey_ext)
-+{
-+ int error = 0;
-+ struct sadb_protocol *p = (struct sadb_protocol *)pfkey_ext;
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM, "pfkey_x_protocol_parse:\n");
-+ /* sanity checks... */
-+
-+ if (p->sadb_protocol_len != sizeof(*p)/IPSEC_PFKEYv2_ALIGN) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_x_protocol_parse: size wrong ext_len=%d, key_ext_len=%d.\n",
-+ p->sadb_protocol_len, (int)sizeof(*p));
-+ SENDERR(EINVAL);
-+ }
-+
-+ if (p->sadb_protocol_reserved2 != 0) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_protocol_parse: res=%d, must be zero.\n",
-+ p->sadb_protocol_reserved2);
-+ SENDERR(EINVAL);
-+ }
-+
-+ errlab:
-+ return error;
-+}
-+
-+#ifdef NAT_TRAVERSAL
-+DEBUG_NO_STATIC int
-+pfkey_x_ext_nat_t_type_parse(struct sadb_ext *pfkey_ext)
-+{
-+ return 0;
-+}
-+DEBUG_NO_STATIC int
-+pfkey_x_ext_nat_t_port_parse(struct sadb_ext *pfkey_ext)
-+{
-+ return 0;
-+}
-+#endif
-+
-+#define DEFINEPARSER(NAME) static struct pf_key_ext_parsers_def NAME##_def={NAME, #NAME};
-+
-+DEFINEPARSER(pfkey_sa_parse);
-+DEFINEPARSER(pfkey_lifetime_parse);
-+DEFINEPARSER(pfkey_address_parse);
-+DEFINEPARSER(pfkey_key_parse);
-+DEFINEPARSER(pfkey_ident_parse);
-+DEFINEPARSER(pfkey_sens_parse);
-+DEFINEPARSER(pfkey_prop_parse);
-+DEFINEPARSER(pfkey_supported_parse);
-+DEFINEPARSER(pfkey_spirange_parse);
-+DEFINEPARSER(pfkey_x_kmprivate_parse);
-+DEFINEPARSER(pfkey_x_satype_parse);
-+DEFINEPARSER(pfkey_x_ext_debug_parse);
-+DEFINEPARSER(pfkey_x_ext_protocol_parse);
-+#ifdef NAT_TRAVERSAL
-+DEFINEPARSER(pfkey_x_ext_nat_t_type_parse);
-+DEFINEPARSER(pfkey_x_ext_nat_t_port_parse);
-+#endif
-+
-+struct pf_key_ext_parsers_def *ext_default_parsers[]=
-+{
-+ NULL, /* pfkey_msg_parse, */
-+ &pfkey_sa_parse_def,
-+ &pfkey_lifetime_parse_def,
-+ &pfkey_lifetime_parse_def,
-+ &pfkey_lifetime_parse_def,
-+ &pfkey_address_parse_def,
-+ &pfkey_address_parse_def,
-+ &pfkey_address_parse_def,
-+ &pfkey_key_parse_def,
-+ &pfkey_key_parse_def,
-+ &pfkey_ident_parse_def,
-+ &pfkey_ident_parse_def,
-+ &pfkey_sens_parse_def,
-+ &pfkey_prop_parse_def,
-+ &pfkey_supported_parse_def,
-+ &pfkey_supported_parse_def,
-+ &pfkey_spirange_parse_def,
-+ &pfkey_x_kmprivate_parse_def,
-+ &pfkey_x_satype_parse_def,
-+ &pfkey_sa_parse_def,
-+ &pfkey_address_parse_def,
-+ &pfkey_address_parse_def,
-+ &pfkey_address_parse_def,
-+ &pfkey_address_parse_def,
-+ &pfkey_address_parse_def,
-+ &pfkey_x_ext_debug_parse_def,
-+ &pfkey_x_ext_protocol_parse_def
-+#ifdef NAT_TRAVERSAL
-+ ,
-+ &pfkey_x_ext_nat_t_type_parse_def,
-+ &pfkey_x_ext_nat_t_port_parse_def,
-+ &pfkey_x_ext_nat_t_port_parse_def,
-+ &pfkey_address_parse_def
-+#endif
-+};
-+
-+int
-+pfkey_msg_parse(struct sadb_msg *pfkey_msg,
-+ struct pf_key_ext_parsers_def *ext_parsers[],
-+ struct sadb_ext *extensions[],
-+ int dir)
-+{
-+ int error = 0;
-+ int remain;
-+ struct sadb_ext *pfkey_ext;
-+ int extensions_seen = 0;
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_STRUCT,
-+ "pfkey_msg_parse: "
-+ "parsing message ver=%d, type=%d(%s), errno=%d, satype=%d(%s), len=%d, res=%d, seq=%d, pid=%d.\n",
-+ pfkey_msg->sadb_msg_version,
-+ pfkey_msg->sadb_msg_type,
-+ pfkey_v2_sadb_type_string(pfkey_msg->sadb_msg_type),
-+ pfkey_msg->sadb_msg_errno,
-+ pfkey_msg->sadb_msg_satype,
-+ satype2name(pfkey_msg->sadb_msg_satype),
-+ pfkey_msg->sadb_msg_len,
-+ pfkey_msg->sadb_msg_reserved,
-+ pfkey_msg->sadb_msg_seq,
-+ pfkey_msg->sadb_msg_pid);
-+
-+ if(ext_parsers == NULL) ext_parsers = ext_default_parsers;
-+
-+ pfkey_extensions_init(extensions);
-+
-+ remain = pfkey_msg->sadb_msg_len;
-+ remain -= sizeof(struct sadb_msg) / IPSEC_PFKEYv2_ALIGN;
-+
-+ pfkey_ext = (struct sadb_ext*)((char*)pfkey_msg +
-+ sizeof(struct sadb_msg));
-+
-+ extensions[0] = (struct sadb_ext *) pfkey_msg;
-+
-+
-+ if(pfkey_msg->sadb_msg_version != PF_KEY_V2) {
-+ ERROR("pfkey_msg_parse: "
-+ "not PF_KEY_V2 msg, found %d, should be %d.\n",
-+ pfkey_msg->sadb_msg_version,
-+ PF_KEY_V2);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(!pfkey_msg->sadb_msg_type) {
-+ ERROR("pfkey_msg_parse: "
-+ "msg type not set, must be non-zero..\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(pfkey_msg->sadb_msg_type > SADB_MAX) {
-+ ERROR("pfkey_msg_parse: "
-+ "msg type=%d > max=%d.\n",
-+ pfkey_msg->sadb_msg_type,
-+ SADB_MAX);
-+ SENDERR(EINVAL);
-+ }
-+
-+ switch(pfkey_msg->sadb_msg_type) {
-+ case SADB_GETSPI:
-+ case SADB_UPDATE:
-+ case SADB_ADD:
-+ case SADB_DELETE:
-+ case SADB_GET:
-+ case SADB_X_GRPSA:
-+ case SADB_X_ADDFLOW:
-+ if(!satype2proto(pfkey_msg->sadb_msg_satype)) {
-+ ERROR("pfkey_msg_parse: "
-+ "satype %d conversion to proto failed for msg_type %d (%s).\n",
-+ pfkey_msg->sadb_msg_satype,
-+ pfkey_msg->sadb_msg_type,
-+ pfkey_v2_sadb_type_string(pfkey_msg->sadb_msg_type));
-+ SENDERR(EINVAL);
-+ } else {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "satype %d(%s) conversion to proto gives %d for msg_type %d(%s).\n",
-+ pfkey_msg->sadb_msg_satype,
-+ satype2name(pfkey_msg->sadb_msg_satype),
-+ satype2proto(pfkey_msg->sadb_msg_satype),
-+ pfkey_msg->sadb_msg_type,
-+ pfkey_v2_sadb_type_string(pfkey_msg->sadb_msg_type));
-+ }
-+ case SADB_ACQUIRE:
-+ case SADB_REGISTER:
-+ case SADB_EXPIRE:
-+ if(!pfkey_msg->sadb_msg_satype) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "satype is zero, must be non-zero for msg_type %d(%s).\n",
-+ pfkey_msg->sadb_msg_type,
-+ pfkey_v2_sadb_type_string(pfkey_msg->sadb_msg_type));
-+ SENDERR(EINVAL);
-+ }
-+ default:
-+ break;
-+ }
-+
-+ /* errno must not be set in downward messages */
-+ /* this is not entirely true... a response to an ACQUIRE could return an error */
-+ if((dir == EXT_BITS_IN) && (pfkey_msg->sadb_msg_type != SADB_ACQUIRE) && pfkey_msg->sadb_msg_errno) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "errno set to %d.\n",
-+ pfkey_msg->sadb_msg_errno);
-+ SENDERR(EINVAL);
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_FLOW,
-+ "pfkey_msg_parse: "
-+ "remain=%d\n",
-+ remain
-+ );
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_FLOW,
-+ "pfkey_msg_parse: "
-+ "extensions permitted=%08x, required=%08x.\n",
-+ extensions_bitmaps[dir][EXT_BITS_PERM][pfkey_msg->sadb_msg_type],
-+ extensions_bitmaps[dir][EXT_BITS_REQ][pfkey_msg->sadb_msg_type]);
-+
-+ extensions_seen = 1;
-+
-+ while( (remain * IPSEC_PFKEYv2_ALIGN) >= sizeof(struct sadb_ext) ) {
-+ /* Is there enough message left to support another extension header? */
-+ if(remain < pfkey_ext->sadb_ext_len) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "remain %d less than ext len %d.\n",
-+ remain, pfkey_ext->sadb_ext_len);
-+ SENDERR(EINVAL);
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_FLOW,
-+ "pfkey_msg_parse: "
-+ "parsing ext type=%d(%s) remain=%d.\n",
-+ pfkey_ext->sadb_ext_type,
-+ pfkey_v2_sadb_ext_string(pfkey_ext->sadb_ext_type),
-+ remain);
-+
-+ /* Is the extension header type valid? */
-+ if((pfkey_ext->sadb_ext_type > SADB_EXT_MAX) || (!pfkey_ext->sadb_ext_type)) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "ext type %d(%s) invalid, SADB_EXT_MAX=%d.\n",
-+ pfkey_ext->sadb_ext_type,
-+ pfkey_v2_sadb_ext_string(pfkey_ext->sadb_ext_type),
-+ SADB_EXT_MAX);
-+ SENDERR(EINVAL);
-+ }
-+
-+ /* Have we already seen this type of extension? */
-+ if((extensions_seen & ( 1 << pfkey_ext->sadb_ext_type )) != 0)
-+ {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "ext type %d(%s) already seen.\n",
-+ pfkey_ext->sadb_ext_type,
-+ pfkey_v2_sadb_ext_string(pfkey_ext->sadb_ext_type));
-+ SENDERR(EINVAL);
-+ }
-+
-+ /* Do I even know about this type of extension? */
-+ if(ext_parsers[pfkey_ext->sadb_ext_type]==NULL) {
-+ ERROR("pfkey_msg_parse: "
-+ "ext type %d(%s) unknown, ignoring.\n",
-+ pfkey_ext->sadb_ext_type,
-+ pfkey_v2_sadb_ext_string(pfkey_ext->sadb_ext_type));
-+ goto next_ext;
-+ }
-+
-+ /* Is this type of extension permitted for this type of message? */
-+ if(!(extensions_bitmaps[dir][EXT_BITS_PERM][pfkey_msg->sadb_msg_type] &
-+ 1<<pfkey_ext->sadb_ext_type)) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "ext type %d(%s) not permitted, exts_perm_in=%08x, 1<<type=%08x\n",
-+ pfkey_ext->sadb_ext_type,
-+ pfkey_v2_sadb_ext_string(pfkey_ext->sadb_ext_type),
-+ extensions_bitmaps[dir][EXT_BITS_PERM][pfkey_msg->sadb_msg_type],
-+ 1<<pfkey_ext->sadb_ext_type);
-+ SENDERR(EINVAL);
-+ }
-+
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_STRUCT,
-+ "pfkey_msg_parse: "
-+ "remain=%d ext_type=%d(%s) ext_len=%d parsing ext 0p%p with parser %s.\n",
-+ remain,
-+ pfkey_ext->sadb_ext_type,
-+ pfkey_v2_sadb_ext_string(pfkey_ext->sadb_ext_type),
-+ pfkey_ext->sadb_ext_len,
-+ pfkey_ext,
-+ ext_parsers[pfkey_ext->sadb_ext_type]->parser_name);
-+
-+ /* Parse the extension */
-+ if((error =
-+ (*ext_parsers[pfkey_ext->sadb_ext_type]->parser)(pfkey_ext))) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "extension parsing for type %d(%s) failed with error %d.\n",
-+ pfkey_ext->sadb_ext_type,
-+ pfkey_v2_sadb_ext_string(pfkey_ext->sadb_ext_type),
-+ error);
-+ SENDERR(-error);
-+ }
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_FLOW,
-+ "pfkey_msg_parse: "
-+ "Extension %d(%s) parsed.\n",
-+ pfkey_ext->sadb_ext_type,
-+ pfkey_v2_sadb_ext_string(pfkey_ext->sadb_ext_type));
-+
-+ /* Mark that we have seen this extension and remember the header location */
-+ extensions_seen |= ( 1 << pfkey_ext->sadb_ext_type );
-+ extensions[pfkey_ext->sadb_ext_type] = pfkey_ext;
-+
-+ next_ext:
-+ /* Calculate how much message remains */
-+ remain -= pfkey_ext->sadb_ext_len;
-+
-+ if(!remain) {
-+ break;
-+ }
-+ /* Find the next extension header */
-+ pfkey_ext = (struct sadb_ext*)((char*)pfkey_ext +
-+ pfkey_ext->sadb_ext_len * IPSEC_PFKEYv2_ALIGN);
-+ }
-+
-+ if(remain) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "unexpected remainder of %d.\n",
-+ remain);
-+ /* why is there still something remaining? */
-+ SENDERR(EINVAL);
-+ }
-+
-+ /* check required extensions */
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_STRUCT,
-+ "pfkey_msg_parse: "
-+ "extensions permitted=%08x, seen=%08x, required=%08x.\n",
-+ extensions_bitmaps[dir][EXT_BITS_PERM][pfkey_msg->sadb_msg_type],
-+ extensions_seen,
-+ extensions_bitmaps[dir][EXT_BITS_REQ][pfkey_msg->sadb_msg_type]);
-+
-+ /* don't check further if it is an error return message since it
-+ may not have a body */
-+ if(pfkey_msg->sadb_msg_errno) {
-+ SENDERR(-error);
-+ }
-+
-+ if((extensions_seen &
-+ extensions_bitmaps[dir][EXT_BITS_REQ][pfkey_msg->sadb_msg_type]) !=
-+ extensions_bitmaps[dir][EXT_BITS_REQ][pfkey_msg->sadb_msg_type]) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "required extensions missing:%08x.\n",
-+ extensions_bitmaps[dir][EXT_BITS_REQ][pfkey_msg->sadb_msg_type] -
-+ (extensions_seen &
-+ extensions_bitmaps[dir][EXT_BITS_REQ][pfkey_msg->sadb_msg_type]));
-+ SENDERR(EINVAL);
-+ }
-+
-+ if((dir == EXT_BITS_IN) && (pfkey_msg->sadb_msg_type == SADB_X_DELFLOW)
-+ && ((extensions_seen & SADB_X_EXT_ADDRESS_DELFLOW)
-+ != SADB_X_EXT_ADDRESS_DELFLOW)
-+ && (((extensions_seen & (1<<SADB_EXT_SA)) != (1<<SADB_EXT_SA))
-+ || ((((struct sadb_sa*)extensions[SADB_EXT_SA])->sadb_sa_flags
-+ & SADB_X_SAFLAGS_CLEARFLOW)
-+ != SADB_X_SAFLAGS_CLEARFLOW))) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "required SADB_X_DELFLOW extensions missing: either %08x must be present or %08x must be present with SADB_X_SAFLAGS_CLEARFLOW set.\n",
-+ SADB_X_EXT_ADDRESS_DELFLOW
-+ - (extensions_seen & SADB_X_EXT_ADDRESS_DELFLOW),
-+ (1<<SADB_EXT_SA) - (extensions_seen & (1<<SADB_EXT_SA)));
-+ SENDERR(EINVAL);
-+ }
-+
-+ switch(pfkey_msg->sadb_msg_type) {
-+ case SADB_ADD:
-+ case SADB_UPDATE:
-+ /* check maturity */
-+ if(((struct sadb_sa*)extensions[SADB_EXT_SA])->sadb_sa_state !=
-+ SADB_SASTATE_MATURE) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "state=%d for add or update should be MATURE=%d.\n",
-+ ((struct sadb_sa*)extensions[SADB_EXT_SA])->sadb_sa_state,
-+ SADB_SASTATE_MATURE);
-+ SENDERR(EINVAL);
-+ }
-+
-+ /* check AH and ESP */
-+ switch(((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_satype) {
-+ case SADB_SATYPE_AH:
-+ if(!(((struct sadb_sa*)extensions[SADB_EXT_SA]) &&
-+ ((struct sadb_sa*)extensions[SADB_EXT_SA])->sadb_sa_auth !=
-+ SADB_AALG_NONE)) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "auth alg is zero, must be non-zero for AH SAs.\n");
-+ SENDERR(EINVAL);
-+ }
-+ if(((struct sadb_sa*)(extensions[SADB_EXT_SA]))->sadb_sa_encrypt !=
-+ SADB_EALG_NONE) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "AH handed encalg=%d, must be zero.\n",
-+ ((struct sadb_sa*)(extensions[SADB_EXT_SA]))->sadb_sa_encrypt);
-+ SENDERR(EINVAL);
-+ }
-+ break;
-+ case SADB_SATYPE_ESP:
-+ if(!(((struct sadb_sa*)extensions[SADB_EXT_SA]) &&
-+ ((struct sadb_sa*)extensions[SADB_EXT_SA])->sadb_sa_encrypt !=
-+ SADB_EALG_NONE)) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "encrypt alg=%d is zero, must be non-zero for ESP=%d SAs.\n",
-+ ((struct sadb_sa*)extensions[SADB_EXT_SA])->sadb_sa_encrypt,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_satype);
-+ SENDERR(EINVAL);
-+ }
-+ if((((struct sadb_sa*)(extensions[SADB_EXT_SA]))->sadb_sa_encrypt ==
-+ SADB_EALG_NULL) &&
-+ (((struct sadb_sa*)(extensions[SADB_EXT_SA]))->sadb_sa_auth ==
-+ SADB_AALG_NONE) ) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "ESP handed encNULL+authNONE, illegal combination.\n");
-+ SENDERR(EINVAL);
-+ }
-+ break;
-+ case SADB_X_SATYPE_COMP:
-+ if(!(((struct sadb_sa*)extensions[SADB_EXT_SA]) &&
-+ ((struct sadb_sa*)extensions[SADB_EXT_SA])->sadb_sa_encrypt !=
-+ SADB_EALG_NONE)) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "encrypt alg=%d is zero, must be non-zero for COMP=%d SAs.\n",
-+ ((struct sadb_sa*)extensions[SADB_EXT_SA])->sadb_sa_encrypt,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_satype);
-+ SENDERR(EINVAL);
-+ }
-+ if(((struct sadb_sa*)(extensions[SADB_EXT_SA]))->sadb_sa_auth !=
-+ SADB_AALG_NONE) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "COMP handed auth=%d, must be zero.\n",
-+ ((struct sadb_sa*)(extensions[SADB_EXT_SA]))->sadb_sa_auth);
-+ SENDERR(EINVAL);
-+ }
-+ break;
-+ default:
-+ break;
-+ }
-+ if(ntohl(((struct sadb_sa*)(extensions[SADB_EXT_SA]))->sadb_sa_spi) <= 255) {
-+ DEBUGGING(PF_KEY_DEBUG_PARSE_PROBLEM,
-+ "pfkey_msg_parse: "
-+ "spi=%08x must be > 255.\n",
-+ ntohl(((struct sadb_sa*)(extensions[SADB_EXT_SA]))->sadb_sa_spi));
-+ SENDERR(EINVAL);
-+ }
-+ default:
-+ break;
-+ }
-+errlab:
-+
-+ return error;
-+}
-+
-+/*
-+ * $Log: pfkey_v2_parse.c,v $
-+ * Revision 1.65 2005/04/06 17:46:05 mcr
-+ * failure to recognize an extension is considered an error.
-+ * This could be a problem in the future, but we need some kind
-+ * of logging. This should be rate limited, probably.
-+ *
-+ * Revision 1.64 2005/01/26 00:50:35 mcr
-+ * adjustment of confusion of CONFIG_IPSEC_NAT vs CONFIG_KLIPS_NAT,
-+ * and make sure that NAT_TRAVERSAL is set as well to match
-+ * userspace compiles of code.
-+ *
-+ * Revision 1.63 2004/10/28 22:54:10 mcr
-+ * results from valgrind, thanks to: Harald Hoyer <harald@redhat.com>
-+ *
-+ * Revision 1.62 2004/10/03 01:26:36 mcr
-+ * fixes for gcc 3.4 compilation.
-+ *
-+ * Revision 1.61 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.59 2004/04/18 03:03:49 mcr
-+ * renamed common include files from pluto directory.
-+ *
-+ * Revision 1.58 2004/03/08 01:59:08 ken
-+ * freeswan.h -> openswan.h
-+ *
-+ * Revision 1.57 2003/12/10 01:20:19 mcr
-+ * NAT-traversal patches to KLIPS.
-+ *
-+ * Revision 1.56 2003/12/04 23:01:12 mcr
-+ * removed ipsec_netlink.h
-+ *
-+ * Revision 1.55 2003/11/07 01:30:37 ken
-+ * Cast sizeof() to int to keep things 64bit clean
-+ *
-+ * Revision 1.54 2003/10/31 02:27:12 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.53.20.2 2003/10/29 01:11:32 mcr
-+ * added debugging for pfkey library.
-+ *
-+ * Revision 1.53.20.1 2003/09/21 13:59:44 mcr
-+ * pre-liminary X.509 patch - does not yet pass tests.
-+ *
-+ * Revision 1.53 2003/01/30 02:32:09 rgb
-+ *
-+ * Rename SAref table macro names for clarity.
-+ * Convert IPsecSAref_t from signed to unsigned to fix apparent SAref exhaustion bug.
-+ *
-+ * Revision 1.52 2002/12/30 06:53:07 mcr
-+ * deal with short SA structures... #if 0 out for now. Probably
-+ * not quite the right way.
-+ *
-+ * Revision 1.51 2002/12/13 18:16:02 mcr
-+ * restored sa_ref code
-+ *
-+ * Revision 1.50 2002/12/13 18:06:52 mcr
-+ * temporarily removed sadb_x_sa_ref reference for 2.xx
-+ *
-+ * Revision 1.49 2002/10/05 05:02:58 dhr
-+ *
-+ * C labels go on statements
-+ *
-+ * Revision 1.48 2002/09/20 15:40:45 rgb
-+ * Added sadb_x_sa_ref to struct sadb_sa.
-+ *
-+ * Revision 1.47 2002/09/20 05:01:31 rgb
-+ * Fixed usage of pfkey_lib_debug.
-+ * Format for function declaration style consistency.
-+ * Added text labels to elucidate numeric values presented.
-+ * Re-organised debug output to reduce noise in output.
-+ *
-+ * Revision 1.46 2002/07/24 18:44:54 rgb
-+ * Type fiddling to tame ia64 compiler.
-+ *
-+ * Revision 1.45 2002/05/23 07:14:11 rgb
-+ * Cleaned up %p variants to 0p%p for test suite cleanup.
-+ *
-+ * Revision 1.44 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.43 2002/04/24 07:36:40 mcr
-+ * Moved from ./lib/pfkey_v2_parse.c,v
-+ *
-+ * Revision 1.42 2002/01/29 22:25:36 rgb
-+ * Re-add ipsec_kversion.h to keep MALLOC happy.
-+ *
-+ * Revision 1.41 2002/01/29 01:59:10 mcr
-+ * removal of kversions.h - sources that needed it now use ipsec_param.h.
-+ * updating of IPv6 structures to match latest in6.h version.
-+ * removed dead code from openswan.h that also duplicated kversions.h
-+ * code.
-+ *
-+ * Revision 1.40 2002/01/20 20:34:50 mcr
-+ * added pfkey_v2_sadb_type_string to decode sadb_type to string.
-+ *
-+ * Revision 1.39 2001/11/27 05:29:22 mcr
-+ * pfkey parses are now maintained by a structure
-+ * that includes their name for debug purposes.
-+ * DEBUGGING() macro changed so that it takes a debug
-+ * level so that pf_key() can use this to decode the
-+ * structures without innundanting humans.
-+ * Also uses pfkey_v2_sadb_ext_string() in messages.
-+ *
-+ * Revision 1.38 2001/11/06 19:47:47 rgb
-+ * Added packet parameter to lifetime and comb structures.
-+ *
-+ * Revision 1.37 2001/10/18 04:45:24 rgb
-+ * 2.4.9 kernel deprecates linux/malloc.h in favour of linux/slab.h,
-+ * lib/openswan.h version macros moved to lib/kversions.h.
-+ * Other compiler directive cleanups.
-+ *
-+ * Revision 1.36 2001/06/14 19:35:16 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.35 2001/05/03 19:44:51 rgb
-+ * Standardise on SENDERR() macro.
-+ *
-+ * Revision 1.34 2001/03/16 07:41:51 rgb
-+ * Put openswan.h include before pluto includes.
-+ *
-+ * Revision 1.33 2001/02/27 07:13:51 rgb
-+ * Added satype2name() function.
-+ * Added text to default satype_tbl entry.
-+ * Added satype2name() conversions for most satype debug output.
-+ *
-+ * Revision 1.32 2001/02/26 20:01:09 rgb
-+ * Added internal IP protocol 61 for magic SAs.
-+ * Ditch unused sadb_satype2proto[], replaced by satype2proto().
-+ * Re-formatted debug output (split lines, consistent spacing).
-+ * Removed acquire, register and expire requirements for a known satype.
-+ * Changed message type checking to a switch structure.
-+ * Verify expected NULL auth for IPCOMP.
-+ * Enforced spi > 0x100 requirement, now that pass uses a magic SA for
-+ * appropriate message types.
-+ *
-+ * Revision 1.31 2000/12/01 07:09:00 rgb
-+ * Added ipcomp sanity check to require encalgo is set.
-+ *
-+ * Revision 1.30 2000/11/17 18:10:30 rgb
-+ * Fixed bugs mostly relating to spirange, to treat all spi variables as
-+ * network byte order since this is the way PF_KEYv2 stored spis.
-+ *
-+ * Revision 1.29 2000/10/12 00:02:39 rgb
-+ * Removed 'format, ##' nonsense from debug macros for RH7.0.
-+ *
-+ * Revision 1.28 2000/09/20 16:23:04 rgb
-+ * Remove over-paranoid extension check in the presence of sadb_msg_errno.
-+ *
-+ * Revision 1.27 2000/09/20 04:04:21 rgb
-+ * Changed static functions to DEBUG_NO_STATIC to reveal function names in
-+ * oopsen.
-+ *
-+ * Revision 1.26 2000/09/15 11:37:02 rgb
-+ * Merge in heavily modified Svenning Soerensen's <svenning@post5.tele.dk>
-+ * IPCOMP zlib deflate code.
-+ *
-+ * Revision 1.25 2000/09/12 22:35:37 rgb
-+ * Restructured to remove unused extensions from CLEARFLOW messages.
-+ *
-+ * Revision 1.24 2000/09/12 18:59:54 rgb
-+ * Added Gerhard's IPv6 support to pfkey parts of libopenswan.
-+ *
-+ * Revision 1.23 2000/09/12 03:27:00 rgb
-+ * Moved DEBUGGING definition to compile kernel with debug off.
-+ *
-+ * Revision 1.22 2000/09/09 06:39:27 rgb
-+ * Restrict pfkey errno check to downward messages only.
-+ *
-+ * Revision 1.21 2000/09/08 19:22:34 rgb
-+ * Enabled pfkey_sens_parse().
-+ * Added check for errno on downward acquire messages only.
-+ *
-+ * Revision 1.20 2000/09/01 18:48:23 rgb
-+ * Fixed reserved check bug and added debug output in
-+ * pfkey_supported_parse().
-+ * Fixed debug output label bug in pfkey_ident_parse().
-+ *
-+ * Revision 1.19 2000/08/27 01:55:26 rgb
-+ * Define OCTETBITS and PFKEYBITS to avoid using 'magic' numbers in code.
-+ *
-+ * Revision 1.18 2000/08/24 17:00:36 rgb
-+ * Ignore unknown extensions instead of failing.
-+ *
-+ * Revision 1.17 2000/06/02 22:54:14 rgb
-+ * Added Gerhard Gessler's struct sockaddr_storage mods for IPv6 support.
-+ *
-+ * Revision 1.16 2000/05/10 19:25:11 rgb
-+ * Fleshed out proposal and supported extensions.
-+ *
-+ * Revision 1.15 2000/01/24 21:15:31 rgb
-+ * Added disabled pluto pfkey lib debug flag.
-+ * Added algo debugging reporting.
-+ *
-+ * Revision 1.14 2000/01/22 23:24:29 rgb
-+ * Added new functions proto2satype() and satype2proto() and lookup
-+ * table satype_tbl. Also added proto2name() since it was easy.
-+ *
-+ * Revision 1.13 2000/01/21 09:43:59 rgb
-+ * Cast ntohl(spi) as (unsigned long int) to shut up compiler.
-+ *
-+ * Revision 1.12 2000/01/21 06:28:19 rgb
-+ * Added address cases for eroute flows.
-+ * Indented compiler directives for readability.
-+ * Added klipsdebug switching capability.
-+ *
-+ * Revision 1.11 1999/12/29 21:14:59 rgb
-+ * Fixed debug text cut and paste typo.
-+ *
-+ * Revision 1.10 1999/12/10 17:45:24 rgb
-+ * Added address debugging.
-+ *
-+ * Revision 1.9 1999/12/09 23:11:42 rgb
-+ * Ditched <string.h> include since we no longer use memset().
-+ * Use new pfkey_extensions_init() instead of memset().
-+ * Added check for SATYPE in pfkey_msg_build().
-+ * Tidy up comments and debugging comments.
-+ *
-+ * Revision 1.8 1999/12/07 19:55:26 rgb
-+ * Removed unused first argument from extension parsers.
-+ * Removed static pluto debug flag.
-+ * Moved message type and state checking to pfkey_msg_parse().
-+ * Changed print[fk] type from lx to x to quiet compiler.
-+ * Removed redundant remain check.
-+ * Changed __u* types to uint* to avoid use of asm/types.h and
-+ * sys/types.h in userspace code.
-+ *
-+ * Revision 1.7 1999/12/01 22:20:51 rgb
-+ * Moved pfkey_lib_debug variable into the library.
-+ * Added pfkey version check into header parsing.
-+ * Added check for SATYPE only for those extensions that require a
-+ * non-zero value.
-+ *
-+ * Revision 1.6 1999/11/27 11:58:05 rgb
-+ * Added ipv6 headers.
-+ * Moved sadb_satype2proto protocol lookup table from
-+ * klips/net/ipsec/pfkey_v2_parser.c.
-+ * Enable lifetime_current checking.
-+ * Debugging error messages added.
-+ * Add argument to pfkey_msg_parse() for direction.
-+ * Consolidated the 4 1-d extension bitmap arrays into one 4-d array.
-+ * Add CVS log entry to bottom of file.
-+ * Moved auth and enc alg check to pfkey_msg_parse().
-+ * Enable accidentally disabled spirange parsing.
-+ * Moved protocol/algorithm checks from klips/net/ipsec/pfkey_v2_parser.c
-+ *
-+ * Local variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/pfkey_v2_parser.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,3520 @@
-+/*
-+ * @(#) RFC2367 PF_KEYv2 Key management API message parser
-+ * Copyright (C) 1999, 2000, 2001 Richard Guy Briggs <rgb@freeswan.org>
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: pfkey_v2_parser.c,v 1.134.2.2 2006/10/06 21:39:26 paul Exp $
-+ */
-+
-+/*
-+ * Template from klips/net/ipsec/ipsec/ipsec_netlink.c.
-+ */
-+
-+char pfkey_v2_parser_c_version[] = "$Id: pfkey_v2_parser.c,v 1.134.2.2 2006/10/06 21:39:26 paul Exp $";
-+
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "openswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/interrupt.h> /* mark_bh */
-+
-+#include <linux/netdevice.h> /* struct device, and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+#include <linux/skbuff.h>
-+
-+#include <openswan.h>
-+
-+#include <crypto/des.h>
-+
-+#ifdef SPINLOCK
-+# ifdef SPINLOCK_23
-+# include <linux/spinlock.h> /* *lock* */
-+# else /* SPINLOCK_23 */
-+# include <asm/spinlock.h> /* *lock* */
-+# endif /* SPINLOCK_23 */
-+#endif /* SPINLOCK */
-+
-+#include <linux/in6.h>
-+#include <net/route.h>
-+
-+#include <net/ip.h>
-+#ifdef NETLINK_SOCK
-+# include <linux/netlink.h>
-+#else
-+# include <net/netlink.h>
-+#endif
-+
-+#include <linux/random.h> /* get_random_bytes() */
-+
-+#include "openswan/radij.h"
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_sa.h"
-+
-+#include "openswan/ipsec_radij.h"
-+#include "openswan/ipsec_xform.h"
-+#include "openswan/ipsec_ah.h"
-+#include "openswan/ipsec_esp.h"
-+#include "openswan/ipsec_tunnel.h"
-+#include "openswan/ipsec_rcv.h"
-+#include "openswan/ipcomp.h"
-+
-+#include <pfkeyv2.h>
-+#include <pfkey.h>
-+
-+#include "openswan/ipsec_proto.h"
-+#include "openswan/ipsec_alg.h"
-+
-+#include "openswan/ipsec_kern24.h"
-+
-+#define SENDERR(_x) do { error = -(_x); goto errlab; } while (0)
-+
-+struct sklist_t {
-+ struct socket *sk;
-+ struct sklist_t* next;
-+} pfkey_sklist_head, *pfkey_sklist, *pfkey_sklist_prev;
-+
-+__u32 pfkey_msg_seq = 0;
-+
-+
-+#if 0
-+#define DUMP_SAID dump_said(&extr->ips->ips_said, __LINE__)
-+#define DUMP_SAID2 dump_said(&extr.ips->ips_said, __LINE__)
-+static void dump_said(ip_said *s, int line)
-+{
-+ char msa[SATOT_BUF];
-+ size_t msa_len;
-+
-+ msa_len = satot(s, 0, msa, sizeof(msa));
-+
-+ printk("line: %d msa: %s\n", line, msa);
-+}
-+#endif
-+
-+
-+int
-+pfkey_alloc_eroute(struct eroute** eroute)
-+{
-+ int error = 0;
-+ if(*eroute) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_alloc_eroute: "
-+ "eroute struct already allocated\n");
-+ SENDERR(EEXIST);
-+ }
-+
-+ if((*eroute = kmalloc(sizeof(**eroute), GFP_ATOMIC) ) == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_alloc_eroute: "
-+ "memory allocation error\n");
-+ SENDERR(ENOMEM);
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_alloc_eroute: "
-+ "allocating %lu bytes for an eroute at 0p%p\n",
-+ (unsigned long) sizeof(**eroute), *eroute);
-+
-+ memset((caddr_t)*eroute, 0, sizeof(**eroute));
-+ (*eroute)->er_eaddr.sen_len =
-+ (*eroute)->er_emask.sen_len = sizeof(struct sockaddr_encap);
-+ (*eroute)->er_eaddr.sen_family =
-+ (*eroute)->er_emask.sen_family = AF_ENCAP;
-+ (*eroute)->er_eaddr.sen_type = SENT_IP4;
-+ (*eroute)->er_emask.sen_type = 255;
-+ (*eroute)->er_pid = 0;
-+ (*eroute)->er_count = 0;
-+ (*eroute)->er_lasttime = jiffies/HZ;
-+
-+ errlab:
-+ return(error);
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_x_protocol_process(struct sadb_ext *pfkey_ext,
-+ struct pfkey_extracted_data *extr)
-+{
-+ int error = 0;
-+ struct sadb_protocol * p = (struct sadb_protocol *)pfkey_ext;
-+
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_x_protocol_process: %p\n", extr);
-+
-+ if (extr == 0) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_protocol_process:"
-+ "extr is NULL, fatal\n");
-+ SENDERR(EINVAL);
-+ }
-+ if (extr->eroute == 0) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_protocol_process:"
-+ "extr->eroute is NULL, fatal\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ extr->eroute->er_eaddr.sen_proto = p->sadb_protocol_proto;
-+ extr->eroute->er_emask.sen_proto = p->sadb_protocol_proto ? ~0:0;
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_protocol_process: protocol = %d.\n",
-+ p->sadb_protocol_proto);
-+ errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_ipsec_sa_init(struct ipsec_sa *ipsp)
-+{
-+
-+ return ipsec_sa_init(ipsp);
-+}
-+
-+int
-+pfkey_safe_build(int error, struct sadb_ext *extensions[SADB_MAX+1])
-+{
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_safe_build: "
-+ "error=%d\n",
-+ error);
-+ if (!error) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_safe_build:"
-+ "success.\n");
-+ return 1;
-+ } else {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_safe_build:"
-+ "caught error %d\n",
-+ error);
-+ pfkey_extensions_free(extensions);
-+ return 0;
-+ }
-+}
-+
-+
-+DEBUG_NO_STATIC int
-+pfkey_getspi_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+ ipsec_spi_t minspi = htonl(256), maxspi = htonl(-1L);
-+ int found_avail = 0;
-+ struct ipsec_sa *ipsq;
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+ struct sadb_ext *extensions_reply[SADB_EXT_MAX+1];
-+ struct sadb_msg *pfkey_reply = NULL;
-+ struct socket_list *pfkey_socketsp;
-+ uint8_t satype = ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_satype;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_getspi_parse: .\n");
-+
-+ pfkey_extensions_init(extensions_reply);
-+
-+ if(extr == NULL || extr->ips == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_getspi_parse: "
-+ "error, extr or extr->ipsec_sa pointer NULL\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(extensions[SADB_EXT_SPIRANGE]) {
-+ minspi = ((struct sadb_spirange *)extensions[SADB_EXT_SPIRANGE])->sadb_spirange_min;
-+ maxspi = ((struct sadb_spirange *)extensions[SADB_EXT_SPIRANGE])->sadb_spirange_max;
-+ }
-+
-+ if(maxspi == minspi) {
-+ extr->ips->ips_said.spi = maxspi;
-+ ipsq = ipsec_sa_getbyid(&(extr->ips->ips_said));
-+ if(ipsq != NULL) {
-+ sa_len = satot(&extr->ips->ips_said, 0, sa, sizeof(sa));
-+ ipsec_sa_put(ipsq);
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_getspi_parse: "
-+ "EMT_GETSPI found an old ipsec_sa for SA: %s, delete it first.\n",
-+ sa_len ? sa : " (error)");
-+ SENDERR(EEXIST);
-+ } else {
-+ found_avail = 1;
-+ }
-+ } else {
-+ int i = 0;
-+ __u32 rand_val;
-+ __u32 spi_diff;
-+ while( ( i < (spi_diff = (ntohl(maxspi) - ntohl(minspi)))) && !found_avail ) {
-+ prng_bytes(&ipsec_prng, (char *) &(rand_val),
-+ ( (spi_diff < (2^8)) ? 1 :
-+ ( (spi_diff < (2^16)) ? 2 :
-+ ( (spi_diff < (2^24)) ? 3 :
-+ 4 ) ) ) );
-+ extr->ips->ips_said.spi = htonl(ntohl(minspi) +
-+ (rand_val %
-+ (spi_diff + 1)));
-+ i++;
-+ ipsq = ipsec_sa_getbyid(&(extr->ips->ips_said));
-+ if(ipsq == NULL) {
-+ found_avail = 1;
-+ } else {
-+ ipsec_sa_put(ipsq);
-+ }
-+ }
-+ }
-+
-+ sa_len = satot(&extr->ips->ips_said, 0, sa, sizeof(sa));
-+
-+ if (!found_avail) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_getspi_parse: "
-+ "found an old ipsec_sa for SA: %s, delete it first.\n",
-+ sa_len ? sa : " (error)");
-+ SENDERR(EEXIST);
-+ }
-+
-+ if(inet_addr_type((unsigned long)extr->ips->ips_said.dst.u.v4.sin_addr.s_addr) == RTN_LOCAL) {
-+ extr->ips->ips_flags |= EMT_INBOUND;
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_getspi_parse: "
-+ "existing ipsec_sa not found (this is good) for SA: %s, %s-bound, allocating.\n",
-+ sa_len ? sa : " (error)",
-+ extr->ips->ips_flags & EMT_INBOUND ? "in" : "out");
-+
-+ /* XXX extr->ips->ips_rcvif = &(enc_softc[em->em_if].enc_if);*/
-+ extr->ips->ips_rcvif = NULL;
-+ extr->ips->ips_life.ipl_addtime.ipl_count = jiffies/HZ;
-+
-+ extr->ips->ips_state = SADB_SASTATE_LARVAL;
-+
-+ if(!extr->ips->ips_life.ipl_allocations.ipl_count) {
-+ extr->ips->ips_life.ipl_allocations.ipl_count += 1;
-+ }
-+
-+ if(!(pfkey_safe_build(error = pfkey_msg_hdr_build(&extensions_reply[0],
-+ SADB_GETSPI,
-+ satype,
-+ 0,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_seq,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_pid),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_sa_ref_build(&extensions_reply[SADB_EXT_SA],
-+ SADB_EXT_SA,
-+ extr->ips->ips_said.spi,
-+ 0,
-+ SADB_SASTATE_LARVAL,
-+ 0,
-+ 0,
-+ 0,
-+ extr->ips->ips_ref),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_EXT_ADDRESS_SRC],
-+ SADB_EXT_ADDRESS_SRC,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ extr->ips->ips_addr_s),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_EXT_ADDRESS_DST],
-+ SADB_EXT_ADDRESS_DST,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ extr->ips->ips_addr_d),
-+ extensions_reply) )) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_getspi_parse: "
-+ "failed to build the getspi reply message extensions\n");
-+ goto errlab;
-+ }
-+
-+ if((error = pfkey_msg_build(&pfkey_reply, extensions_reply, EXT_BITS_OUT))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_getspi_parse: "
-+ "failed to build the getspi reply message\n");
-+ SENDERR(-error);
-+ }
-+ for(pfkey_socketsp = pfkey_open_sockets;
-+ pfkey_socketsp;
-+ pfkey_socketsp = pfkey_socketsp->next) {
-+ if((error = pfkey_upmsg(pfkey_socketsp->socketp, pfkey_reply))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_getspi_parse: "
-+ "sending up getspi reply message for satype=%d(%s) to socket=0p%p failed with error=%d.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp,
-+ error);
-+ SENDERR(-error);
-+ }
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_getspi_parse: "
-+ "sending up getspi reply message for satype=%d(%s) to socket=0p%p succeeded.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp);
-+ }
-+
-+ if((error = ipsec_sa_add(extr->ips))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_getspi_parse: "
-+ "failed to add the larval SA=%s with error=%d.\n",
-+ sa_len ? sa : " (error)",
-+ error);
-+ SENDERR(-error);
-+ }
-+ extr->ips = NULL;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_getspi_parse: "
-+ "successful for SA: %s\n",
-+ sa_len ? sa : " (error)");
-+
-+ errlab:
-+ if (pfkey_reply) {
-+ pfkey_msg_free(&pfkey_reply);
-+ }
-+ pfkey_extensions_free(extensions_reply);
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_update_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+ struct ipsec_sa* ipsq;
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+ struct sadb_ext *extensions_reply[SADB_EXT_MAX+1];
-+ struct sadb_msg *pfkey_reply = NULL;
-+ struct socket_list *pfkey_socketsp;
-+ uint8_t satype = ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_satype;
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ struct ipsec_sa *nat_t_ips_saved = NULL;
-+#endif
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_update_parse: .\n");
-+
-+ pfkey_extensions_init(extensions_reply);
-+
-+ if(((struct sadb_sa*)extensions[SADB_EXT_SA])->sadb_sa_state != SADB_SASTATE_MATURE) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_update_parse: "
-+ "error, sa_state=%d must be MATURE=%d\n",
-+ ((struct sadb_sa*)extensions[SADB_EXT_SA])->sadb_sa_state,
-+ SADB_SASTATE_MATURE);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(extr == NULL || extr->ips == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_update_parse: "
-+ "error, extr or extr->ips pointer NULL\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ sa_len = satot(&extr->ips->ips_said, 0, sa, sizeof(sa));
-+
-+ spin_lock_bh(&tdb_lock);
-+
-+ ipsq = ipsec_sa_getbyid(&(extr->ips->ips_said));
-+ if (ipsq == NULL) {
-+ spin_unlock_bh(&tdb_lock);
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_update_parse: "
-+ "reserved ipsec_sa for SA: %s not found. Call SADB_GETSPI first or call SADB_ADD instead.\n",
-+ sa_len ? sa : " (error)");
-+ SENDERR(ENOENT);
-+ }
-+
-+ if(inet_addr_type((unsigned long)extr->ips->ips_said.dst.u.v4.sin_addr.s_addr) == RTN_LOCAL) {
-+ extr->ips->ips_flags |= EMT_INBOUND;
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_update_parse: "
-+ "existing ipsec_sa found (this is good) for SA: %s, %s-bound, updating.\n",
-+ sa_len ? sa : " (error)",
-+ extr->ips->ips_flags & EMT_INBOUND ? "in" : "out");
-+
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ if (extr->ips->ips_natt_sport || extr->ips->ips_natt_dport) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_update_parse: only updating NAT-T ports "
-+ "(%u:%u -> %u:%u)\n",
-+ ipsq->ips_natt_sport, ipsq->ips_natt_dport,
-+ extr->ips->ips_natt_sport, extr->ips->ips_natt_dport);
-+
-+ if (extr->ips->ips_natt_sport) {
-+ ipsq->ips_natt_sport = extr->ips->ips_natt_sport;
-+ if (ipsq->ips_addr_s->sa_family == AF_INET) {
-+ ((struct sockaddr_in *)(ipsq->ips_addr_s))->sin_port = htons(extr->ips->ips_natt_sport);
-+ }
-+ }
-+
-+ if (extr->ips->ips_natt_dport) {
-+ ipsq->ips_natt_dport = extr->ips->ips_natt_dport;
-+ if (ipsq->ips_addr_d->sa_family == AF_INET) {
-+ ((struct sockaddr_in *)(ipsq->ips_addr_d))->sin_port = htons(extr->ips->ips_natt_dport);
-+ }
-+ }
-+
-+ nat_t_ips_saved = extr->ips;
-+ extr->ips = ipsq;
-+ }
-+ else {
-+#endif
-+
-+ /* XXX extr->ips->ips_rcvif = &(enc_softc[em->em_if].enc_if);*/
-+ extr->ips->ips_rcvif = NULL;
-+ if ((error = pfkey_ipsec_sa_init(extr->ips))) {
-+ ipsec_sa_put(ipsq);
-+ spin_unlock_bh(&tdb_lock);
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_update_parse: "
-+ "not successful for SA: %s, deleting.\n",
-+ sa_len ? sa : " (error)");
-+ SENDERR(-error);
-+ }
-+
-+ extr->ips->ips_life.ipl_addtime.ipl_count = ipsq->ips_life.ipl_addtime.ipl_count;
-+ ipsec_sa_put(ipsq);
-+ if((error = ipsec_sa_delchain(ipsq))) {
-+ spin_unlock_bh(&tdb_lock);
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_update_parse: "
-+ "error=%d, trouble deleting intermediate ipsec_sa for SA=%s.\n",
-+ error,
-+ sa_len ? sa : " (error)");
-+ SENDERR(-error);
-+ }
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ }
-+#endif
-+
-+ spin_unlock_bh(&tdb_lock);
-+
-+ if(!(pfkey_safe_build(error = pfkey_msg_hdr_build(&extensions_reply[0],
-+ SADB_UPDATE,
-+ satype,
-+ 0,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_seq,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_pid),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_sa_ref_build(&extensions_reply[SADB_EXT_SA],
-+ SADB_EXT_SA,
-+ extr->ips->ips_said.spi,
-+ extr->ips->ips_replaywin,
-+ extr->ips->ips_state,
-+ extr->ips->ips_authalg,
-+ extr->ips->ips_encalg,
-+ extr->ips->ips_flags,
-+ extr->ips->ips_ref),
-+ extensions_reply)
-+ /* The 3 lifetime extentions should only be sent if non-zero. */
-+ && (extensions[SADB_EXT_LIFETIME_HARD]
-+ ? pfkey_safe_build(error = pfkey_lifetime_build(&extensions_reply[SADB_EXT_LIFETIME_HARD],
-+ SADB_EXT_LIFETIME_HARD,
-+ extr->ips->ips_life.ipl_allocations.ipl_hard,
-+ extr->ips->ips_life.ipl_bytes.ipl_hard,
-+ extr->ips->ips_life.ipl_addtime.ipl_hard,
-+ extr->ips->ips_life.ipl_usetime.ipl_hard,
-+ extr->ips->ips_life.ipl_packets.ipl_hard),
-+ extensions_reply) : 1)
-+ && (extensions[SADB_EXT_LIFETIME_SOFT]
-+ ? pfkey_safe_build(error = pfkey_lifetime_build(&extensions_reply[SADB_EXT_LIFETIME_SOFT],
-+ SADB_EXT_LIFETIME_SOFT,
-+ extr->ips->ips_life.ipl_allocations.ipl_count,
-+ extr->ips->ips_life.ipl_bytes.ipl_count,
-+ extr->ips->ips_life.ipl_addtime.ipl_count,
-+ extr->ips->ips_life.ipl_usetime.ipl_count,
-+ extr->ips->ips_life.ipl_packets.ipl_count),
-+ extensions_reply) : 1)
-+ && (extr->ips->ips_life.ipl_allocations.ipl_count
-+ || extr->ips->ips_life.ipl_bytes.ipl_count
-+ || extr->ips->ips_life.ipl_addtime.ipl_count
-+ || extr->ips->ips_life.ipl_usetime.ipl_count
-+ || extr->ips->ips_life.ipl_packets.ipl_count
-+
-+ ? pfkey_safe_build(error = pfkey_lifetime_build(&extensions_reply[SADB_EXT_LIFETIME_CURRENT],
-+ SADB_EXT_LIFETIME_CURRENT,
-+ extr->ips->ips_life.ipl_allocations.ipl_count,
-+ extr->ips->ips_life.ipl_bytes.ipl_count,
-+ extr->ips->ips_life.ipl_addtime.ipl_count,
-+ extr->ips->ips_life.ipl_usetime.ipl_count,
-+ extr->ips->ips_life.ipl_packets.ipl_count),
-+ extensions_reply) : 1)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_EXT_ADDRESS_SRC],
-+ SADB_EXT_ADDRESS_SRC,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ extr->ips->ips_addr_s),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_EXT_ADDRESS_DST],
-+ SADB_EXT_ADDRESS_DST,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ extr->ips->ips_addr_d),
-+ extensions_reply)
-+ && (extr->ips->ips_ident_s.data
-+ ? pfkey_safe_build(error = pfkey_ident_build(&extensions_reply[SADB_EXT_IDENTITY_SRC],
-+ SADB_EXT_IDENTITY_SRC,
-+ extr->ips->ips_ident_s.type,
-+ extr->ips->ips_ident_s.id,
-+ extr->ips->ips_ident_s.len,
-+ extr->ips->ips_ident_s.data),
-+ extensions_reply) : 1)
-+ && (extr->ips->ips_ident_d.data
-+ ? pfkey_safe_build(error = pfkey_ident_build(&extensions_reply[SADB_EXT_IDENTITY_DST],
-+ SADB_EXT_IDENTITY_DST,
-+ extr->ips->ips_ident_d.type,
-+ extr->ips->ips_ident_d.id,
-+ extr->ips->ips_ident_d.len,
-+ extr->ips->ips_ident_d.data),
-+ extensions_reply) : 1)
-+#if 0
-+ /* FIXME: This won't work yet because I have not finished
-+ it. */
-+ && (extr->ips->ips_sens_
-+ ? pfkey_safe_build(error = pfkey_sens_build(&extensions_reply[SADB_EXT_SENSITIVITY],
-+ extr->ips->ips_sens_dpd,
-+ extr->ips->ips_sens_sens_level,
-+ extr->ips->ips_sens_sens_len,
-+ extr->ips->ips_sens_sens_bitmap,
-+ extr->ips->ips_sens_integ_level,
-+ extr->ips->ips_sens_integ_len,
-+ extr->ips->ips_sens_integ_bitmap),
-+ extensions_reply) : 1)
-+#endif
-+ )) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_update_parse: "
-+ "failed to build the update reply message extensions\n");
-+ SENDERR(-error);
-+ }
-+
-+ if((error = pfkey_msg_build(&pfkey_reply, extensions_reply, EXT_BITS_OUT))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_update_parse: "
-+ "failed to build the update reply message\n");
-+ SENDERR(-error);
-+ }
-+ for(pfkey_socketsp = pfkey_open_sockets;
-+ pfkey_socketsp;
-+ pfkey_socketsp = pfkey_socketsp->next) {
-+ if((error = pfkey_upmsg(pfkey_socketsp->socketp, pfkey_reply))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_update_parse: "
-+ "sending up update reply message for satype=%d(%s) to socket=0p%p failed with error=%d.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp,
-+ error);
-+ SENDERR(-error);
-+ }
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_update_parse: "
-+ "sending up update reply message for satype=%d(%s) to socket=0p%p succeeded.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp);
-+ }
-+
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ if (nat_t_ips_saved) {
-+ /**
-+ * As we _really_ update existing SA, we keep tdbq and need to delete
-+ * parsed ips (nat_t_ips_saved, was extr->ips).
-+ *
-+ * goto errlab with extr->ips = nat_t_ips_saved will free it.
-+ */
-+
-+ extr->ips = nat_t_ips_saved;
-+
-+ error = 0;
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_update_parse (NAT-T ports): "
-+ "successful for SA: %s\n",
-+ sa_len ? sa : " (error)");
-+
-+ goto errlab;
-+ }
-+#endif
-+
-+ if((error = ipsec_sa_add(extr->ips))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_update_parse: "
-+ "failed to update the mature SA=%s with error=%d.\n",
-+ sa_len ? sa : " (error)",
-+ error);
-+ SENDERR(-error);
-+ }
-+ extr->ips = NULL;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_update_parse: "
-+ "successful for SA: %s\n",
-+ sa_len ? sa : " (error)");
-+
-+ errlab:
-+ if (pfkey_reply) {
-+ pfkey_msg_free(&pfkey_reply);
-+ }
-+ pfkey_extensions_free(extensions_reply);
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_add_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+ struct ipsec_sa* ipsq;
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+ struct sadb_ext *extensions_reply[SADB_EXT_MAX+1];
-+ struct sadb_msg *pfkey_reply = NULL;
-+ struct socket_list *pfkey_socketsp;
-+ uint8_t satype = ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_satype;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_add_parse: .\n");
-+
-+ pfkey_extensions_init(extensions_reply);
-+
-+ if(((struct sadb_sa*)extensions[SADB_EXT_SA])->sadb_sa_state != SADB_SASTATE_MATURE) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_add_parse: "
-+ "error, sa_state=%d must be MATURE=%d\n",
-+ ((struct sadb_sa*)extensions[SADB_EXT_SA])->sadb_sa_state,
-+ SADB_SASTATE_MATURE);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(!extr || !extr->ips) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_add_parse: "
-+ "extr or extr->ips pointer NULL\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ sa_len = satot(&extr->ips->ips_said, 0, sa, sizeof(sa));
-+
-+ ipsq = ipsec_sa_getbyid(&(extr->ips->ips_said));
-+ if(ipsq != NULL) {
-+ ipsec_sa_put(ipsq);
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_add_parse: "
-+ "found an old ipsec_sa for SA%s, delete it first.\n",
-+ sa_len ? sa : " (error)");
-+ SENDERR(EEXIST);
-+ }
-+
-+ if(inet_addr_type((unsigned long)extr->ips->ips_said.dst.u.v4.sin_addr.s_addr) == RTN_LOCAL) {
-+ extr->ips->ips_flags |= EMT_INBOUND;
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_add_parse: "
-+ "existing ipsec_sa not found (this is good) for SA%s, %s-bound, allocating.\n",
-+ sa_len ? sa : " (error)",
-+ extr->ips->ips_flags & EMT_INBOUND ? "in" : "out");
-+
-+ /* XXX extr->ips->ips_rcvif = &(enc_softc[em->em_if].enc_if);*/
-+ extr->ips->ips_rcvif = NULL;
-+
-+ if ((error = pfkey_ipsec_sa_init(extr->ips))) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_add_parse: "
-+ "not successful for SA: %s, deleting.\n",
-+ sa_len ? sa : " (error)");
-+ SENDERR(-error);
-+ }
-+
-+ extr->ips->ips_life.ipl_addtime.ipl_count = jiffies / HZ;
-+ if(!extr->ips->ips_life.ipl_allocations.ipl_count) {
-+ extr->ips->ips_life.ipl_allocations.ipl_count += 1;
-+ }
-+
-+ if(!(pfkey_safe_build(error = pfkey_msg_hdr_build(&extensions_reply[0],
-+ SADB_ADD,
-+ satype,
-+ 0,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_seq,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_pid),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_sa_ref_build(&extensions_reply[SADB_EXT_SA],
-+ SADB_EXT_SA,
-+ extr->ips->ips_said.spi,
-+ extr->ips->ips_replaywin,
-+ extr->ips->ips_state,
-+ extr->ips->ips_authalg,
-+ extr->ips->ips_encalg,
-+ extr->ips->ips_flags,
-+ extr->ips->ips_ref),
-+ extensions_reply)
-+ /* The 3 lifetime extentions should only be sent if non-zero. */
-+ && (extensions[SADB_EXT_LIFETIME_HARD]
-+ ? pfkey_safe_build(error = pfkey_lifetime_build(&extensions_reply[SADB_EXT_LIFETIME_HARD],
-+ SADB_EXT_LIFETIME_HARD,
-+ extr->ips->ips_life.ipl_allocations.ipl_hard,
-+ extr->ips->ips_life.ipl_bytes.ipl_hard,
-+ extr->ips->ips_life.ipl_addtime.ipl_hard,
-+ extr->ips->ips_life.ipl_usetime.ipl_hard,
-+ extr->ips->ips_life.ipl_packets.ipl_hard),
-+ extensions_reply) : 1)
-+ && (extensions[SADB_EXT_LIFETIME_SOFT]
-+ ? pfkey_safe_build(error = pfkey_lifetime_build(&extensions_reply[SADB_EXT_LIFETIME_SOFT],
-+ SADB_EXT_LIFETIME_SOFT,
-+ extr->ips->ips_life.ipl_allocations.ipl_soft,
-+ extr->ips->ips_life.ipl_bytes.ipl_soft,
-+ extr->ips->ips_life.ipl_addtime.ipl_soft,
-+ extr->ips->ips_life.ipl_usetime.ipl_soft,
-+ extr->ips->ips_life.ipl_packets.ipl_soft),
-+ extensions_reply) : 1)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_EXT_ADDRESS_SRC],
-+ SADB_EXT_ADDRESS_SRC,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ extr->ips->ips_addr_s),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_EXT_ADDRESS_DST],
-+ SADB_EXT_ADDRESS_DST,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ extr->ips->ips_addr_d),
-+ extensions_reply)
-+ && (extr->ips->ips_ident_s.data
-+ ? pfkey_safe_build(error = pfkey_ident_build(&extensions_reply[SADB_EXT_IDENTITY_SRC],
-+ SADB_EXT_IDENTITY_SRC,
-+ extr->ips->ips_ident_s.type,
-+ extr->ips->ips_ident_s.id,
-+ extr->ips->ips_ident_s.len,
-+ extr->ips->ips_ident_s.data),
-+ extensions_reply) : 1)
-+ && (extr->ips->ips_ident_d.data
-+ ? pfkey_safe_build(error = pfkey_ident_build(&extensions_reply[SADB_EXT_IDENTITY_DST],
-+ SADB_EXT_IDENTITY_DST,
-+ extr->ips->ips_ident_d.type,
-+ extr->ips->ips_ident_d.id,
-+ extr->ips->ips_ident_d.len,
-+ extr->ips->ips_ident_d.data),
-+ extensions_reply) : 1)
-+#if 0
-+ /* FIXME: This won't work yet because I have not finished
-+ it. */
-+ && (extr->ips->ips_sens_
-+ ? pfkey_safe_build(error = pfkey_sens_build(&extensions_reply[SADB_EXT_SENSITIVITY],
-+ extr->ips->ips_sens_dpd,
-+ extr->ips->ips_sens_sens_level,
-+ extr->ips->ips_sens_sens_len,
-+ extr->ips->ips_sens_sens_bitmap,
-+ extr->ips->ips_sens_integ_level,
-+ extr->ips->ips_sens_integ_len,
-+ extr->ips->ips_sens_integ_bitmap),
-+ extensions_reply) : 1)
-+#endif
-+ )) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_add_parse: "
-+ "failed to build the add reply message extensions\n");
-+ SENDERR(-error);
-+ }
-+
-+ if((error = pfkey_msg_build(&pfkey_reply, extensions_reply, EXT_BITS_OUT))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_add_parse: "
-+ "failed to build the add reply message\n");
-+ SENDERR(-error);
-+ }
-+ for(pfkey_socketsp = pfkey_open_sockets;
-+ pfkey_socketsp;
-+ pfkey_socketsp = pfkey_socketsp->next) {
-+ if((error = pfkey_upmsg(pfkey_socketsp->socketp, pfkey_reply))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_add_parse: "
-+ "sending up add reply message for satype=%d(%s) to socket=0p%p failed with error=%d.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp,
-+ error);
-+ SENDERR(-error);
-+ }
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_add_parse: "
-+ "sending up add reply message for satype=%d(%s) to socket=0p%p succeeded.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp);
-+ }
-+
-+ if((error = ipsec_sa_add(extr->ips))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_add_parse: "
-+ "failed to add the mature SA=%s with error=%d.\n",
-+ sa_len ? sa : " (error)",
-+ error);
-+ SENDERR(-error);
-+ }
-+ extr->ips = NULL;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_add_parse: "
-+ "successful for SA: %s\n",
-+ sa_len ? sa : " (error)");
-+
-+ errlab:
-+ if (pfkey_reply) {
-+ pfkey_msg_free(&pfkey_reply);
-+ }
-+ pfkey_extensions_free(extensions_reply);
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_delete_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ struct ipsec_sa *ipsp;
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+ int error = 0;
-+ struct sadb_ext *extensions_reply[SADB_EXT_MAX+1];
-+ struct sadb_msg *pfkey_reply = NULL;
-+ struct socket_list *pfkey_socketsp;
-+ uint8_t satype = ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_satype;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_delete_parse: .\n");
-+
-+ pfkey_extensions_init(extensions_reply);
-+
-+ if(!extr || !extr->ips) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_delete_parse: "
-+ "extr or extr->ips pointer NULL, fatal\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ sa_len = satot(&extr->ips->ips_said, 0, sa, sizeof(sa));
-+
-+ spin_lock_bh(&tdb_lock);
-+
-+ ipsp = ipsec_sa_getbyid(&(extr->ips->ips_said));
-+ if (ipsp == NULL) {
-+ spin_unlock_bh(&tdb_lock);
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_delete_parse: "
-+ "ipsec_sa not found for SA:%s, could not delete.\n",
-+ sa_len ? sa : " (error)");
-+ SENDERR(ESRCH);
-+ }
-+
-+ ipsec_sa_put(ipsp);
-+ if((error = ipsec_sa_delchain(ipsp))) {
-+ spin_unlock_bh(&tdb_lock);
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_delete_parse: "
-+ "error=%d returned trying to delete ipsec_sa for SA:%s.\n",
-+ error,
-+ sa_len ? sa : " (error)");
-+ SENDERR(-error);
-+ }
-+ spin_unlock_bh(&tdb_lock);
-+
-+ if(!(pfkey_safe_build(error = pfkey_msg_hdr_build(&extensions_reply[0],
-+ SADB_DELETE,
-+ satype,
-+ 0,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_seq,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_pid),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_sa_ref_build(&extensions_reply[SADB_EXT_SA],
-+ SADB_EXT_SA,
-+ extr->ips->ips_said.spi,
-+ 0,
-+ 0,
-+ 0,
-+ 0,
-+ 0,
-+ extr->ips->ips_ref),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_EXT_ADDRESS_SRC],
-+ SADB_EXT_ADDRESS_SRC,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ extr->ips->ips_addr_s),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_EXT_ADDRESS_DST],
-+ SADB_EXT_ADDRESS_DST,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ extr->ips->ips_addr_d),
-+ extensions_reply)
-+ )) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_delete_parse: "
-+ "failed to build the delete reply message extensions\n");
-+ SENDERR(-error);
-+ }
-+
-+ if((error = pfkey_msg_build(&pfkey_reply, extensions_reply, EXT_BITS_OUT))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_delete_parse: "
-+ "failed to build the delete reply message\n");
-+ SENDERR(-error);
-+ }
-+ for(pfkey_socketsp = pfkey_open_sockets;
-+ pfkey_socketsp;
-+ pfkey_socketsp = pfkey_socketsp->next) {
-+ if((error = pfkey_upmsg(pfkey_socketsp->socketp, pfkey_reply))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_delete_parse: "
-+ "sending up delete reply message for satype=%d(%s) to socket=0p%p failed with error=%d.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp,
-+ error);
-+ SENDERR(-error);
-+ }
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_delete_parse: "
-+ "sending up delete reply message for satype=%d(%s) to socket=0p%p succeeded.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp);
-+ }
-+
-+ errlab:
-+ if (pfkey_reply) {
-+ pfkey_msg_free(&pfkey_reply);
-+ }
-+ pfkey_extensions_free(extensions_reply);
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_get_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+ struct ipsec_sa *ipsp;
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+ struct sadb_ext *extensions_reply[SADB_EXT_MAX+1];
-+ struct sadb_msg *pfkey_reply = NULL;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_get_parse: .\n");
-+
-+ pfkey_extensions_init(extensions_reply);
-+
-+ if(!extr || !extr->ips) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_get_parse: "
-+ "extr or extr->ips pointer NULL, fatal\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ sa_len = satot(&extr->ips->ips_said, 0, sa, sizeof(sa));
-+
-+ spin_lock_bh(&tdb_lock);
-+
-+ ipsp = ipsec_sa_getbyid(&(extr->ips->ips_said));
-+ if (ipsp == NULL) {
-+ spin_unlock_bh(&tdb_lock);
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_get_parse: "
-+ "ipsec_sa not found for SA=%s, could not get.\n",
-+ sa_len ? sa : " (error)");
-+ SENDERR(ESRCH);
-+ }
-+
-+ if(!(pfkey_safe_build(error = pfkey_msg_hdr_build(&extensions_reply[0],
-+ SADB_GET,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_satype,
-+ 0,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_seq,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_pid),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_sa_ref_build(&extensions_reply[SADB_EXT_SA],
-+ SADB_EXT_SA,
-+ extr->ips->ips_said.spi,
-+ extr->ips->ips_replaywin,
-+ extr->ips->ips_state,
-+ extr->ips->ips_authalg,
-+ extr->ips->ips_encalg,
-+ extr->ips->ips_flags,
-+ extr->ips->ips_ref),
-+ extensions_reply)
-+ /* The 3 lifetime extentions should only be sent if non-zero. */
-+ && (ipsp->ips_life.ipl_allocations.ipl_count
-+ || ipsp->ips_life.ipl_bytes.ipl_count
-+ || ipsp->ips_life.ipl_addtime.ipl_count
-+ || ipsp->ips_life.ipl_usetime.ipl_count
-+ || ipsp->ips_life.ipl_packets.ipl_count
-+ ? pfkey_safe_build(error = pfkey_lifetime_build(&extensions_reply[SADB_EXT_LIFETIME_CURRENT],
-+ SADB_EXT_LIFETIME_CURRENT,
-+ ipsp->ips_life.ipl_allocations.ipl_count,
-+ ipsp->ips_life.ipl_bytes.ipl_count,
-+ ipsp->ips_life.ipl_addtime.ipl_count,
-+ ipsp->ips_life.ipl_usetime.ipl_count,
-+ ipsp->ips_life.ipl_packets.ipl_count),
-+ extensions_reply) : 1)
-+ && (ipsp->ips_life.ipl_allocations.ipl_hard
-+ || ipsp->ips_life.ipl_bytes.ipl_hard
-+ || ipsp->ips_life.ipl_addtime.ipl_hard
-+ || ipsp->ips_life.ipl_usetime.ipl_hard
-+ || ipsp->ips_life.ipl_packets.ipl_hard
-+ ? pfkey_safe_build(error = pfkey_lifetime_build(&extensions_reply[SADB_EXT_LIFETIME_HARD],
-+ SADB_EXT_LIFETIME_HARD,
-+ ipsp->ips_life.ipl_allocations.ipl_hard,
-+ ipsp->ips_life.ipl_bytes.ipl_hard,
-+ ipsp->ips_life.ipl_addtime.ipl_hard,
-+ ipsp->ips_life.ipl_usetime.ipl_hard,
-+ ipsp->ips_life.ipl_packets.ipl_hard),
-+ extensions_reply) : 1)
-+ && (ipsp->ips_life.ipl_allocations.ipl_soft
-+ || ipsp->ips_life.ipl_bytes.ipl_soft
-+ || ipsp->ips_life.ipl_addtime.ipl_soft
-+ || ipsp->ips_life.ipl_usetime.ipl_soft
-+ || ipsp->ips_life.ipl_packets.ipl_soft
-+ ? pfkey_safe_build(error = pfkey_lifetime_build(&extensions_reply[SADB_EXT_LIFETIME_SOFT],
-+ SADB_EXT_LIFETIME_SOFT,
-+ ipsp->ips_life.ipl_allocations.ipl_soft,
-+ ipsp->ips_life.ipl_bytes.ipl_soft,
-+ ipsp->ips_life.ipl_addtime.ipl_soft,
-+ ipsp->ips_life.ipl_usetime.ipl_soft,
-+ ipsp->ips_life.ipl_packets.ipl_soft),
-+ extensions_reply) : 1)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_EXT_ADDRESS_SRC],
-+ SADB_EXT_ADDRESS_SRC,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ extr->ips->ips_addr_s),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_EXT_ADDRESS_DST],
-+ SADB_EXT_ADDRESS_DST,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ extr->ips->ips_addr_d),
-+ extensions_reply)
-+ && (extr->ips->ips_addr_p
-+ ? pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_EXT_ADDRESS_PROXY],
-+ SADB_EXT_ADDRESS_PROXY,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ extr->ips->ips_addr_p),
-+ extensions_reply) : 1)
-+#if 0
-+ /* FIXME: This won't work yet because the keys are not
-+ stored directly in the ipsec_sa. They are stored as
-+ contexts. */
-+ && (extr->ips->ips_key_a_size
-+ ? pfkey_safe_build(error = pfkey_key_build(&extensions_reply[SADB_EXT_KEY_AUTH],
-+ SADB_EXT_KEY_AUTH,
-+ extr->ips->ips_key_a_size * 8,
-+ extr->ips->ips_key_a),
-+ extensions_reply) : 1)
-+ /* FIXME: This won't work yet because the keys are not
-+ stored directly in the ipsec_sa. They are stored as
-+ key schedules. */
-+ && (extr->ips->ips_key_e_size
-+ ? pfkey_safe_build(error = pfkey_key_build(&extensions_reply[SADB_EXT_KEY_ENCRYPT],
-+ SADB_EXT_KEY_ENCRYPT,
-+ extr->ips->ips_key_e_size * 8,
-+ extr->ips->ips_key_e),
-+ extensions_reply) : 1)
-+#endif
-+ && (extr->ips->ips_ident_s.data
-+ ? pfkey_safe_build(error = pfkey_ident_build(&extensions_reply[SADB_EXT_IDENTITY_SRC],
-+ SADB_EXT_IDENTITY_SRC,
-+ extr->ips->ips_ident_s.type,
-+ extr->ips->ips_ident_s.id,
-+ extr->ips->ips_ident_s.len,
-+ extr->ips->ips_ident_s.data),
-+ extensions_reply) : 1)
-+ && (extr->ips->ips_ident_d.data
-+ ? pfkey_safe_build(error = pfkey_ident_build(&extensions_reply[SADB_EXT_IDENTITY_DST],
-+ SADB_EXT_IDENTITY_DST,
-+ extr->ips->ips_ident_d.type,
-+ extr->ips->ips_ident_d.id,
-+ extr->ips->ips_ident_d.len,
-+ extr->ips->ips_ident_d.data),
-+ extensions_reply) : 1)
-+#if 0
-+ /* FIXME: This won't work yet because I have not finished
-+ it. */
-+ && (extr->ips->ips_sens_
-+ ? pfkey_safe_build(error = pfkey_sens_build(&extensions_reply[SADB_EXT_SENSITIVITY],
-+ extr->ips->ips_sens_dpd,
-+ extr->ips->ips_sens_sens_level,
-+ extr->ips->ips_sens_sens_len,
-+ extr->ips->ips_sens_sens_bitmap,
-+ extr->ips->ips_sens_integ_level,
-+ extr->ips->ips_sens_integ_len,
-+ extr->ips->ips_sens_integ_bitmap),
-+ extensions_reply) : 1)
-+#endif
-+ )) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_get_parse: "
-+ "failed to build the get reply message extensions\n");
-+ ipsec_sa_put(ipsp);
-+ spin_unlock_bh(&tdb_lock);
-+ SENDERR(-error);
-+ }
-+
-+ ipsec_sa_put(ipsp);
-+ spin_unlock_bh(&tdb_lock);
-+
-+ if((error = pfkey_msg_build(&pfkey_reply, extensions_reply, EXT_BITS_OUT))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_get_parse: "
-+ "failed to build the get reply message\n");
-+ SENDERR(-error);
-+ }
-+
-+ if((error = pfkey_upmsg(sk->sk_socket, pfkey_reply))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_get_parse: "
-+ "failed to send the get reply message\n");
-+ SENDERR(-error);
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_get_parse: "
-+ "succeeded in sending get reply message.\n");
-+
-+ errlab:
-+ if (pfkey_reply) {
-+ pfkey_msg_free(&pfkey_reply);
-+ }
-+ pfkey_extensions_free(extensions_reply);
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_acquire_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+ struct socket_list *pfkey_socketsp;
-+ uint8_t satype = ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_satype;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_acquire_parse: .\n");
-+
-+ /* XXX I don't know if we want an upper bound, since userspace may
-+ want to register itself for an satype > SADB_SATYPE_MAX. */
-+ if((satype == 0) || (satype > SADB_SATYPE_MAX)) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_acquire_parse: "
-+ "SATYPE=%d invalid.\n",
-+ satype);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(!(pfkey_registered_sockets[satype])) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_acquire_parse: "
-+ "no sockets registered for SAtype=%d(%s).\n",
-+ satype,
-+ satype2name(satype));
-+ SENDERR(EPROTONOSUPPORT);
-+ }
-+
-+ for(pfkey_socketsp = pfkey_registered_sockets[satype];
-+ pfkey_socketsp;
-+ pfkey_socketsp = pfkey_socketsp->next) {
-+ if((error = pfkey_upmsg(pfkey_socketsp->socketp,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_acquire_parse: "
-+ "sending up acquire reply message for satype=%d(%s) to socket=0p%p failed with error=%d.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp,
-+ error);
-+ SENDERR(-error);
-+ }
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_acquire_parse: "
-+ "sending up acquire reply message for satype=%d(%s) to socket=0p%p succeeded.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp);
-+ }
-+
-+ errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_register_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+ uint8_t satype = ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_satype;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_register_parse: .\n");
-+
-+ /* XXX I don't know if we want an upper bound, since userspace may
-+ want to register itself for an satype > SADB_SATYPE_MAX. */
-+ if((satype == 0) || (satype > SADB_SATYPE_MAX)) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_register_parse: "
-+ "SATYPE=%d invalid.\n",
-+ satype);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(!pfkey_list_insert_socket(sk->sk_socket,
-+ &(pfkey_registered_sockets[satype]))) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_register_parse: "
-+ "SATYPE=%02d(%s) successfully registered by KMd (pid=%d).\n",
-+ satype,
-+ satype2name(satype),
-+ key_pid(sk));
-+ };
-+
-+ /* send up register msg with supported SATYPE algos */
-+
-+ error=pfkey_register_reply(satype, (struct sadb_msg*)extensions[SADB_EXT_RESERVED]);
-+ errlab:
-+ return error;
-+}
-+
-+int
-+pfkey_register_reply(int satype, struct sadb_msg *sadb_msg)
-+{
-+ struct sadb_ext *extensions_reply[SADB_EXT_MAX+1];
-+ struct sadb_msg *pfkey_reply = NULL;
-+ struct socket_list *pfkey_socketsp;
-+ struct supported_list *pfkey_supported_listp;
-+ unsigned int alg_num_a = 0, alg_num_e = 0;
-+ struct sadb_alg *alg_a = NULL, *alg_e = NULL, *alg_ap = NULL, *alg_ep = NULL;
-+ int error = 0;
-+
-+ pfkey_extensions_init(extensions_reply);
-+
-+ if((satype == 0) || (satype > SADB_SATYPE_MAX)) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_register_reply: "
-+ "SAtype=%d unspecified or unknown.\n",
-+ satype);
-+ SENDERR(EINVAL);
-+ }
-+ if(!(pfkey_registered_sockets[satype])) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_register_reply: "
-+ "no sockets registered for SAtype=%d(%s).\n",
-+ satype,
-+ satype2name(satype));
-+ SENDERR(EPROTONOSUPPORT);
-+ }
-+ /* send up register msg with supported SATYPE algos */
-+ pfkey_supported_listp = pfkey_supported_list[satype];
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_register_reply: "
-+ "pfkey_supported_list[%d]=0p%p\n",
-+ satype,
-+ pfkey_supported_list[satype]);
-+ while(pfkey_supported_listp) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_register_reply: "
-+ "checking supported=0p%p\n",
-+ pfkey_supported_listp);
-+ if(pfkey_supported_listp->supportedp->ias_exttype == SADB_EXT_SUPPORTED_AUTH) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_register_reply: "
-+ "adding auth alg.\n");
-+ alg_num_a++;
-+ }
-+ if(pfkey_supported_listp->supportedp->ias_exttype == SADB_EXT_SUPPORTED_ENCRYPT) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_register_reply: "
-+ "adding encrypt alg.\n");
-+ alg_num_e++;
-+ }
-+ pfkey_supported_listp = pfkey_supported_listp->next;
-+ }
-+
-+ if(alg_num_a) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_register_reply: "
-+ "allocating %lu bytes for auth algs.\n",
-+ (unsigned long) (alg_num_a * sizeof(struct sadb_alg)));
-+ if((alg_a = kmalloc(alg_num_a * sizeof(struct sadb_alg), GFP_ATOMIC) ) == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_register_reply: "
-+ "auth alg memory allocation error\n");
-+ SENDERR(ENOMEM);
-+ }
-+ alg_ap = alg_a;
-+ }
-+
-+ if(alg_num_e) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_register_reply: "
-+ "allocating %lu bytes for enc algs.\n",
-+ (unsigned long) (alg_num_e * sizeof(struct sadb_alg)));
-+ if((alg_e = kmalloc(alg_num_e * sizeof(struct sadb_alg), GFP_ATOMIC) ) == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_register_reply: "
-+ "enc alg memory allocation error\n");
-+ SENDERR(ENOMEM);
-+ }
-+ alg_ep = alg_e;
-+ }
-+
-+ pfkey_supported_listp = pfkey_supported_list[satype];
-+ while(pfkey_supported_listp) {
-+ if(alg_num_a) {
-+ if(pfkey_supported_listp->supportedp->ias_exttype == SADB_EXT_SUPPORTED_AUTH) {
-+ alg_ap->sadb_alg_id = pfkey_supported_listp->supportedp->ias_id;
-+ alg_ap->sadb_alg_ivlen = pfkey_supported_listp->supportedp->ias_ivlen;
-+ alg_ap->sadb_alg_minbits = pfkey_supported_listp->supportedp->ias_keyminbits;
-+ alg_ap->sadb_alg_maxbits = pfkey_supported_listp->supportedp->ias_keymaxbits;
-+ alg_ap->sadb_alg_reserved = 0;
-+ KLIPS_PRINT(debug_pfkey && sysctl_ipsec_debug_verbose,
-+ "klips_debug:pfkey_register_reply: "
-+ "adding auth=0p%p\n",
-+ alg_ap);
-+ alg_ap++;
-+ }
-+ }
-+ if(alg_num_e) {
-+ if(pfkey_supported_listp->supportedp->ias_exttype == SADB_EXT_SUPPORTED_ENCRYPT) {
-+ alg_ep->sadb_alg_id = pfkey_supported_listp->supportedp->ias_id;
-+ alg_ep->sadb_alg_ivlen = pfkey_supported_listp->supportedp->ias_ivlen;
-+ alg_ep->sadb_alg_minbits = pfkey_supported_listp->supportedp->ias_keyminbits;
-+ alg_ep->sadb_alg_maxbits = pfkey_supported_listp->supportedp->ias_keymaxbits;
-+ alg_ep->sadb_alg_reserved = 0;
-+ KLIPS_PRINT(debug_pfkey && sysctl_ipsec_debug_verbose,
-+ "klips_debug:pfkey_register_reply: "
-+ "adding encrypt=0p%p\n",
-+ alg_ep);
-+ alg_ep++;
-+ }
-+ }
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_register_reply: "
-+ "found satype=%d(%s) exttype=%d id=%d ivlen=%d minbits=%d maxbits=%d.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_supported_listp->supportedp->ias_exttype,
-+ pfkey_supported_listp->supportedp->ias_id,
-+ pfkey_supported_listp->supportedp->ias_ivlen,
-+ pfkey_supported_listp->supportedp->ias_keyminbits,
-+ pfkey_supported_listp->supportedp->ias_keymaxbits);
-+ pfkey_supported_listp = pfkey_supported_listp->next;
-+ }
-+
-+ if(!(pfkey_safe_build(error = pfkey_msg_hdr_build(&extensions_reply[0],
-+ SADB_REGISTER,
-+ satype,
-+ 0,
-+ sadb_msg? sadb_msg->sadb_msg_seq : ++pfkey_msg_seq,
-+ sadb_msg? sadb_msg->sadb_msg_pid: current->pid),
-+ extensions_reply) &&
-+ (alg_num_a ? pfkey_safe_build(error = pfkey_supported_build(&extensions_reply[SADB_EXT_SUPPORTED_AUTH],
-+ SADB_EXT_SUPPORTED_AUTH,
-+ alg_num_a,
-+ alg_a),
-+ extensions_reply) : 1) &&
-+ (alg_num_e ? pfkey_safe_build(error = pfkey_supported_build(&extensions_reply[SADB_EXT_SUPPORTED_ENCRYPT],
-+ SADB_EXT_SUPPORTED_ENCRYPT,
-+ alg_num_e,
-+ alg_e),
-+ extensions_reply) : 1))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_register_reply: "
-+ "failed to build the register message extensions_reply\n");
-+ SENDERR(-error);
-+ }
-+
-+ if((error = pfkey_msg_build(&pfkey_reply, extensions_reply, EXT_BITS_OUT))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_register_reply: "
-+ "failed to build the register message\n");
-+ SENDERR(-error);
-+ }
-+ /* this should go to all registered sockets for that satype only */
-+ for(pfkey_socketsp = pfkey_registered_sockets[satype];
-+ pfkey_socketsp;
-+ pfkey_socketsp = pfkey_socketsp->next) {
-+ if((error = pfkey_upmsg(pfkey_socketsp->socketp, pfkey_reply))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_register_reply: "
-+ "sending up acquire message for satype=%d(%s) to socket=0p%p failed with error=%d.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp,
-+ error);
-+ SENDERR(-error);
-+ }
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_register_reply: "
-+ "sending up register message for satype=%d(%s) to socket=0p%p succeeded.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp);
-+ }
-+
-+ errlab:
-+ if(alg_a) {
-+ kfree(alg_a);
-+ }
-+ if(alg_e) {
-+ kfree(alg_e);
-+ }
-+
-+ if (pfkey_reply) {
-+ pfkey_msg_free(&pfkey_reply);
-+ }
-+ pfkey_extensions_free(extensions_reply);
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_expire_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+ struct socket_list *pfkey_socketsp;
-+#ifdef CONFIG_KLIPS_DEBUG
-+ uint8_t satype = ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_satype;
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_expire_parse: .\n");
-+
-+ if(pfkey_open_sockets) {
-+ for(pfkey_socketsp = pfkey_open_sockets;
-+ pfkey_socketsp;
-+ pfkey_socketsp = pfkey_socketsp->next) {
-+ if((error = pfkey_upmsg(pfkey_socketsp->socketp,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_expire_parse: "
-+ "sending up expire reply message for satype=%d(%s) to socket=0p%p failed with error=%d.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp,
-+ error);
-+ SENDERR(-error);
-+ }
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_expire_parse: "
-+ "sending up expire reply message for satype=%d(%s) to socket=0p%p succeeded.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp);
-+ }
-+ }
-+
-+ errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_flush_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+ struct socket_list *pfkey_socketsp;
-+ uint8_t satype = ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_satype;
-+ uint8_t proto = 0;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_flush_parse: "
-+ "flushing type %d SAs\n",
-+ satype);
-+
-+ if(satype && !(proto = satype2proto(satype))) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_flush_parse: "
-+ "satype %d lookup failed.\n",
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_satype);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if ((error = ipsec_sadb_cleanup(proto))) {
-+ SENDERR(-error);
-+ }
-+
-+ if(pfkey_open_sockets) {
-+ for(pfkey_socketsp = pfkey_open_sockets;
-+ pfkey_socketsp;
-+ pfkey_socketsp = pfkey_socketsp->next) {
-+ if((error = pfkey_upmsg(pfkey_socketsp->socketp,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_flush_parse: "
-+ "sending up flush reply message for satype=%d(%s) (proto=%d) to socket=0p%p failed with error=%d.\n",
-+ satype,
-+ satype2name(satype),
-+ proto,
-+ pfkey_socketsp->socketp,
-+ error);
-+ SENDERR(-error);
-+ }
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_flush_parse: "
-+ "sending up flush reply message for satype=%d(%s) to socket=0p%p succeeded.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp);
-+ }
-+ }
-+
-+ errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_dump_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_dump_parse: .\n");
-+
-+ SENDERR(ENOSYS);
-+ errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_x_promisc_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_promisc_parse: .\n");
-+
-+ SENDERR(ENOSYS);
-+ errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_x_pchange_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_pchange_parse: .\n");
-+
-+ SENDERR(ENOSYS);
-+ errlab:
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_x_grpsa_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ struct ipsec_sa *ips1p, *ips2p, *ipsp;
-+ struct sadb_ext *extensions_reply[SADB_EXT_MAX+1];
-+ struct sadb_msg *pfkey_reply = NULL;
-+ struct socket_list *pfkey_socketsp;
-+ uint8_t satype = ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_satype;
-+ char sa1[SATOT_BUF], sa2[SATOT_BUF];
-+ size_t sa_len1, sa_len2 = 0;
-+ int error = 0;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_grpsa_parse: .\n");
-+
-+ pfkey_extensions_init(extensions_reply);
-+
-+ if(extr == NULL || extr->ips == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_grpsa_parse: "
-+ "extr or extr->ips is NULL, fatal.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ sa_len1 = satot(&extr->ips->ips_said, 0, sa1, sizeof(sa1));
-+ if(extr->ips2 != NULL) {
-+ sa_len2 = satot(&extr->ips2->ips_said, 0, sa2, sizeof(sa2));
-+ }
-+
-+ spin_lock_bh(&tdb_lock);
-+
-+ ips1p = ipsec_sa_getbyid(&(extr->ips->ips_said));
-+ if(ips1p == NULL) {
-+ spin_unlock_bh(&tdb_lock);
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_grpsa_parse: "
-+ "reserved ipsec_sa for SA1: %s not found. Call SADB_ADD/UPDATE first.\n",
-+ sa_len1 ? sa1 : " (error)");
-+ SENDERR(ENOENT);
-+ }
-+ if(extr->ips2) { /* GRPSA */
-+ ips2p = ipsec_sa_getbyid(&(extr->ips2->ips_said));
-+ if(ips2p == NULL) {
-+ ipsec_sa_put(ips1p);
-+ spin_unlock_bh(&tdb_lock);
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_grpsa_parse: "
-+ "reserved ipsec_sa for SA2: %s not found. Call SADB_ADD/UPDATE first.\n",
-+ sa_len2 ? sa2 : " (error)");
-+ SENDERR(ENOENT);
-+ }
-+
-+ /* Is either one already linked? */
-+ if(ips1p->ips_onext) {
-+ ipsec_sa_put(ips1p);
-+ ipsec_sa_put(ips2p);
-+ spin_unlock_bh(&tdb_lock);
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_grpsa_parse: "
-+ "ipsec_sa for SA: %s is already linked.\n",
-+ sa_len1 ? sa1 : " (error)");
-+ SENDERR(EEXIST);
-+ }
-+ if(ips2p->ips_inext) {
-+ ipsec_sa_put(ips1p);
-+ ipsec_sa_put(ips2p);
-+ spin_unlock_bh(&tdb_lock);
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_grpsa_parse: "
-+ "ipsec_sa for SA: %s is already linked.\n",
-+ sa_len2 ? sa2 : " (error)");
-+ SENDERR(EEXIST);
-+ }
-+
-+ /* Is extr->ips already linked to extr->ips2? */
-+ ipsp = ips2p;
-+ while(ipsp) {
-+ if(ipsp == ips1p) {
-+ ipsec_sa_put(ips1p);
-+ ipsec_sa_put(ips2p);
-+ spin_unlock_bh(&tdb_lock);
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_grpsa_parse: "
-+ "ipsec_sa for SA: %s is already linked to %s.\n",
-+ sa_len1 ? sa1 : " (error)",
-+ sa_len2 ? sa2 : " (error)");
-+ SENDERR(EEXIST);
-+ }
-+ ipsp = ipsp->ips_onext;
-+ }
-+
-+ /* link 'em */
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_grpsa_parse: "
-+ "linking ipsec_sa SA: %s with %s.\n",
-+ sa_len1 ? sa1 : " (error)",
-+ sa_len2 ? sa2 : " (error)");
-+ ips1p->ips_onext = ips2p;
-+ ips2p->ips_inext = ips1p;
-+ } else { /* UNGRPSA */
-+ ipsec_sa_put(ips1p);
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_grpsa_parse: "
-+ "unlinking ipsec_sa SA: %s.\n",
-+ sa_len1 ? sa1 : " (error)");
-+ while(ips1p->ips_onext) {
-+ ips1p = ips1p->ips_onext;
-+ }
-+ while(ips1p->ips_inext) {
-+ ipsp = ips1p;
-+ ips1p = ips1p->ips_inext;
-+ ipsec_sa_put(ips1p);
-+ ipsp->ips_inext = NULL;
-+ ipsec_sa_put(ipsp);
-+ ips1p->ips_onext = NULL;
-+ }
-+ }
-+
-+ spin_unlock_bh(&tdb_lock);
-+
-+ if(!(pfkey_safe_build(error = pfkey_msg_hdr_build(&extensions_reply[0],
-+ SADB_X_GRPSA,
-+ satype,
-+ 0,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_seq,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_pid),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_sa_ref_build(&extensions_reply[SADB_EXT_SA],
-+ SADB_EXT_SA,
-+ extr->ips->ips_said.spi,
-+ extr->ips->ips_replaywin,
-+ extr->ips->ips_state,
-+ extr->ips->ips_authalg,
-+ extr->ips->ips_encalg,
-+ extr->ips->ips_flags,
-+ extr->ips->ips_ref),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_EXT_ADDRESS_DST],
-+ SADB_EXT_ADDRESS_DST,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ extr->ips->ips_addr_d),
-+ extensions_reply)
-+ && (extr->ips2
-+ ? (pfkey_safe_build(error = pfkey_x_satype_build(&extensions_reply[SADB_X_EXT_SATYPE2],
-+ ((struct sadb_x_satype*)extensions[SADB_X_EXT_SATYPE2])->sadb_x_satype_satype
-+ /* proto2satype(extr->ips2->ips_said.proto) */),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_sa_ref_build(&extensions_reply[SADB_X_EXT_SA2],
-+ SADB_X_EXT_SA2,
-+ extr->ips2->ips_said.spi,
-+ extr->ips2->ips_replaywin,
-+ extr->ips2->ips_state,
-+ extr->ips2->ips_authalg,
-+ extr->ips2->ips_encalg,
-+ extr->ips2->ips_flags,
-+ extr->ips2->ips_ref),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_X_EXT_ADDRESS_DST2],
-+ SADB_X_EXT_ADDRESS_DST2,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ extr->ips2->ips_addr_d),
-+ extensions_reply) ) : 1 )
-+ )) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_x_grpsa_parse: "
-+ "failed to build the x_grpsa reply message extensions\n");
-+ SENDERR(-error);
-+ }
-+
-+ if((error = pfkey_msg_build(&pfkey_reply, extensions_reply, EXT_BITS_OUT))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_x_grpsa_parse: "
-+ "failed to build the x_grpsa reply message\n");
-+ SENDERR(-error);
-+ }
-+
-+ for(pfkey_socketsp = pfkey_open_sockets;
-+ pfkey_socketsp;
-+ pfkey_socketsp = pfkey_socketsp->next) {
-+ if((error = pfkey_upmsg(pfkey_socketsp->socketp, pfkey_reply))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_x_grpsa_parse: "
-+ "sending up x_grpsa reply message for satype=%d(%s) to socket=0p%p failed with error=%d.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp,
-+ error);
-+ SENDERR(-error);
-+ }
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_x_grpsa_parse: "
-+ "sending up x_grpsa reply message for satype=%d(%s) to socket=0p%p succeeded.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp);
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_x_grpsa_parse: "
-+ "succeeded in sending x_grpsa reply message.\n");
-+
-+ errlab:
-+ if (pfkey_reply) {
-+ pfkey_msg_free(&pfkey_reply);
-+ }
-+ pfkey_extensions_free(extensions_reply);
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_x_addflow_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+#ifdef CONFIG_KLIPS_DEBUG
-+ char buf1[64], buf2[64];
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ struct sadb_ext *extensions_reply[SADB_EXT_MAX+1];
-+ struct sadb_msg *pfkey_reply = NULL;
-+ struct socket_list *pfkey_socketsp;
-+ uint8_t satype = ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_satype;
-+ ip_address srcflow, dstflow, srcmask, dstmask;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_addflow_parse: .\n");
-+
-+ pfkey_extensions_init(extensions_reply);
-+
-+ memset((caddr_t)&srcflow, 0, sizeof(srcflow));
-+ memset((caddr_t)&dstflow, 0, sizeof(dstflow));
-+ memset((caddr_t)&srcmask, 0, sizeof(srcmask));
-+ memset((caddr_t)&dstmask, 0, sizeof(dstmask));
-+
-+ if(!extr || !(extr->ips) || !(extr->eroute)) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_addflow_parse: "
-+ "missing extr, ipsec_sa or eroute data.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ srcflow.u.v4.sin_family = AF_INET;
-+ dstflow.u.v4.sin_family = AF_INET;
-+ srcmask.u.v4.sin_family = AF_INET;
-+ dstmask.u.v4.sin_family = AF_INET;
-+ srcflow.u.v4.sin_addr = extr->eroute->er_eaddr.sen_ip_src;
-+ dstflow.u.v4.sin_addr = extr->eroute->er_eaddr.sen_ip_dst;
-+ srcmask.u.v4.sin_addr = extr->eroute->er_emask.sen_ip_src;
-+ dstmask.u.v4.sin_addr = extr->eroute->er_emask.sen_ip_dst;
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if (debug_pfkey) {
-+ subnettoa(extr->eroute->er_eaddr.sen_ip_src,
-+ extr->eroute->er_emask.sen_ip_src, 0, buf1, sizeof(buf1));
-+ subnettoa(extr->eroute->er_eaddr.sen_ip_dst,
-+ extr->eroute->er_emask.sen_ip_dst, 0, buf2, sizeof(buf2));
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_addflow_parse: "
-+ "calling breakeroute and/or makeroute for %s->%s\n",
-+ buf1, buf2);
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+ if(extr->ips->ips_flags & SADB_X_SAFLAGS_INFLOW) {
-+ struct ipsec_sa *ipsp, *ipsq;
-+ char sa[SATOT_BUF];
-+ size_t sa_len;
-+
-+ ipsq = ipsec_sa_getbyid(&(extr->ips->ips_said));
-+ if(ipsq == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_addflow_parse: "
-+ "ipsec_sa not found, cannot set incoming policy.\n");
-+ SENDERR(ENOENT);
-+ }
-+
-+ ipsp = ipsq;
-+ while(ipsp && ipsp->ips_said.proto != IPPROTO_IPIP) {
-+ ipsp = ipsp->ips_inext;
-+ }
-+
-+ if(ipsp == NULL) {
-+ ipsec_sa_put(ipsq);
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_addflow_parse: "
-+ "SA chain does not have an IPIP SA, cannot set incoming policy.\n");
-+ SENDERR(ENOENT);
-+ }
-+
-+ sa_len = satot(&extr->ips->ips_said, 0, sa, sizeof(sa));
-+
-+ ipsp->ips_flags |= SADB_X_SAFLAGS_INFLOW;
-+ ipsp->ips_flow_s = srcflow;
-+ ipsp->ips_flow_d = dstflow;
-+ ipsp->ips_mask_s = srcmask;
-+ ipsp->ips_mask_d = dstmask;
-+
-+ ipsec_sa_put(ipsq);
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_addflow_parse: "
-+ "inbound eroute, setting incoming policy information in IPIP ipsec_sa for SA: %s.\n",
-+ sa_len ? sa : " (error)");
-+ } else {
-+ struct sk_buff *first = NULL, *last = NULL;
-+
-+ if(extr->ips->ips_flags & SADB_X_SAFLAGS_REPLACEFLOW) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_addflow_parse: "
-+ "REPLACEFLOW flag set, calling breakeroute.\n");
-+ if ((error = ipsec_breakroute(&(extr->eroute->er_eaddr),
-+ &(extr->eroute->er_emask),
-+ &first, &last))) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_addflow_parse: "
-+ "breakeroute returned %d. first=0p%p, last=0p%p\n",
-+ error,
-+ first,
-+ last);
-+ if(first != NULL) {
-+ ipsec_kfree_skb(first);
-+ }
-+ if(last != NULL) {
-+ ipsec_kfree_skb(last);
-+ }
-+ SENDERR(-error);
-+ }
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_addflow_parse: "
-+ "calling makeroute.\n");
-+
-+ if ((error = ipsec_makeroute(&(extr->eroute->er_eaddr),
-+ &(extr->eroute->er_emask),
-+ extr->ips->ips_said,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_pid,
-+ NULL,
-+ &(extr->ips->ips_ident_s),
-+ &(extr->ips->ips_ident_d)))) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_addflow_parse: "
-+ "makeroute returned %d.\n", error);
-+ SENDERR(-error);
-+ }
-+ if(first != NULL) {
-+ KLIPS_PRINT(debug_eroute,
-+ "klips_debug:pfkey_x_addflow_parse: "
-+ "first=0p%p HOLD packet re-injected.\n",
-+ first);
-+ DEV_QUEUE_XMIT(first, first->dev, SOPRI_NORMAL);
-+ }
-+ if(last != NULL) {
-+ KLIPS_PRINT(debug_eroute,
-+ "klips_debug:pfkey_x_addflow_parse: "
-+ "last=0p%p HOLD packet re-injected.\n",
-+ last);
-+ DEV_QUEUE_XMIT(last, last->dev, SOPRI_NORMAL);
-+ }
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_addflow_parse: "
-+ "makeroute call successful.\n");
-+
-+ if(!(pfkey_safe_build(error = pfkey_msg_hdr_build(&extensions_reply[0],
-+ SADB_X_ADDFLOW,
-+ satype,
-+ 0,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_seq,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_pid),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_sa_ref_build(&extensions_reply[SADB_EXT_SA],
-+ SADB_EXT_SA,
-+ extr->ips->ips_said.spi,
-+ extr->ips->ips_replaywin,
-+ extr->ips->ips_state,
-+ extr->ips->ips_authalg,
-+ extr->ips->ips_encalg,
-+ extr->ips->ips_flags,
-+ extr->ips->ips_ref),
-+ extensions_reply)
-+ && (extensions[SADB_EXT_ADDRESS_SRC]
-+ ? pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_EXT_ADDRESS_SRC],
-+ SADB_EXT_ADDRESS_SRC,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ extr->ips->ips_addr_s),
-+ extensions_reply) : 1)
-+ && (extensions[SADB_EXT_ADDRESS_DST]
-+ ? pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_EXT_ADDRESS_DST],
-+ SADB_EXT_ADDRESS_DST,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ extr->ips->ips_addr_d),
-+ extensions_reply) : 1)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_X_EXT_ADDRESS_SRC_FLOW],
-+ SADB_X_EXT_ADDRESS_SRC_FLOW,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ (struct sockaddr*)&srcflow),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_X_EXT_ADDRESS_DST_FLOW],
-+ SADB_X_EXT_ADDRESS_DST_FLOW,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ (struct sockaddr*)&dstflow),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_X_EXT_ADDRESS_SRC_MASK],
-+ SADB_X_EXT_ADDRESS_SRC_MASK,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ (struct sockaddr*)&srcmask),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_X_EXT_ADDRESS_DST_MASK],
-+ SADB_X_EXT_ADDRESS_DST_MASK,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ (struct sockaddr*)&dstmask),
-+ extensions_reply)
-+ )) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_x_addflow_parse: "
-+ "failed to build the x_addflow reply message extensions\n");
-+ SENDERR(-error);
-+ }
-+
-+ if((error = pfkey_msg_build(&pfkey_reply, extensions_reply, EXT_BITS_OUT))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_x_addflow_parse: "
-+ "failed to build the x_addflow reply message\n");
-+ SENDERR(-error);
-+ }
-+
-+ for(pfkey_socketsp = pfkey_open_sockets;
-+ pfkey_socketsp;
-+ pfkey_socketsp = pfkey_socketsp->next) {
-+ if((error = pfkey_upmsg(pfkey_socketsp->socketp, pfkey_reply))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_x_addflow_parse: "
-+ "sending up x_addflow reply message for satype=%d(%s) to socket=0p%p failed with error=%d.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp,
-+ error);
-+ SENDERR(-error);
-+ }
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_x_addflow_parse: "
-+ "sending up x_addflow reply message for satype=%d(%s) (proto=%d) to socket=0p%p succeeded.\n",
-+ satype,
-+ satype2name(satype),
-+ extr->ips->ips_said.proto,
-+ pfkey_socketsp->socketp);
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_addflow_parse: "
-+ "extr->ips cleaned up and freed.\n");
-+
-+ errlab:
-+ if (pfkey_reply) {
-+ pfkey_msg_free(&pfkey_reply);
-+ }
-+ pfkey_extensions_free(extensions_reply);
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_x_delflow_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+#ifdef CONFIG_KLIPS_DEBUG
-+ char buf1[64], buf2[64];
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ struct sadb_ext *extensions_reply[SADB_EXT_MAX+1];
-+ struct sadb_msg *pfkey_reply = NULL;
-+ struct socket_list *pfkey_socketsp;
-+ uint8_t satype = ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_satype;
-+ ip_address srcflow, dstflow, srcmask, dstmask;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_delflow_parse: .\n");
-+
-+ pfkey_extensions_init(extensions_reply);
-+
-+ memset((caddr_t)&srcflow, 0, sizeof(srcflow));
-+ memset((caddr_t)&dstflow, 0, sizeof(dstflow));
-+ memset((caddr_t)&srcmask, 0, sizeof(srcmask));
-+ memset((caddr_t)&dstmask, 0, sizeof(dstmask));
-+
-+ if(!extr || !(extr->ips)) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_delflow_parse: "
-+ "extr, or extr->ips is NULL, fatal\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(extr->ips->ips_flags & SADB_X_SAFLAGS_CLEARFLOW) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_delflow_parse: "
-+ "CLEARFLOW flag set, calling cleareroutes.\n");
-+ if ((error = ipsec_cleareroutes()))
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_delflow_parse: "
-+ "cleareroutes returned %d.\n", error);
-+ SENDERR(-error);
-+ } else {
-+ struct sk_buff *first = NULL, *last = NULL;
-+
-+ if(!(extr->eroute)) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_delflow_parse: "
-+ "extr->eroute is NULL, fatal.\n");
-+ SENDERR(EINVAL);
-+ }
-+
-+ srcflow.u.v4.sin_family = AF_INET;
-+ dstflow.u.v4.sin_family = AF_INET;
-+ srcmask.u.v4.sin_family = AF_INET;
-+ dstmask.u.v4.sin_family = AF_INET;
-+ srcflow.u.v4.sin_addr = extr->eroute->er_eaddr.sen_ip_src;
-+ dstflow.u.v4.sin_addr = extr->eroute->er_eaddr.sen_ip_dst;
-+ srcmask.u.v4.sin_addr = extr->eroute->er_emask.sen_ip_src;
-+ dstmask.u.v4.sin_addr = extr->eroute->er_emask.sen_ip_dst;
-+
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if (debug_pfkey) {
-+ subnettoa(extr->eroute->er_eaddr.sen_ip_src,
-+ extr->eroute->er_emask.sen_ip_src, 0, buf1, sizeof(buf1));
-+ subnettoa(extr->eroute->er_eaddr.sen_ip_dst,
-+ extr->eroute->er_emask.sen_ip_dst, 0, buf2, sizeof(buf2));
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_delflow_parse: "
-+ "calling breakeroute for %s->%s\n",
-+ buf1, buf2);
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ error = ipsec_breakroute(&(extr->eroute->er_eaddr),
-+ &(extr->eroute->er_emask),
-+ &first, &last);
-+ if(error) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_delflow_parse: "
-+ "breakeroute returned %d. first=0p%p, last=0p%p\n",
-+ error,
-+ first,
-+ last);
-+ }
-+ if(first != NULL) {
-+ ipsec_kfree_skb(first);
-+ }
-+ if(last != NULL) {
-+ ipsec_kfree_skb(last);
-+ }
-+ if(error) {
-+ SENDERR(-error);
-+ }
-+ }
-+
-+ if(!(pfkey_safe_build(error = pfkey_msg_hdr_build(&extensions_reply[0],
-+ SADB_X_DELFLOW,
-+ satype,
-+ 0,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_seq,
-+ ((struct sadb_msg*)extensions[SADB_EXT_RESERVED])->sadb_msg_pid),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_sa_ref_build(&extensions_reply[SADB_EXT_SA],
-+ SADB_EXT_SA,
-+ extr->ips->ips_said.spi,
-+ extr->ips->ips_replaywin,
-+ extr->ips->ips_state,
-+ extr->ips->ips_authalg,
-+ extr->ips->ips_encalg,
-+ extr->ips->ips_flags,
-+ extr->ips->ips_ref),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_X_EXT_ADDRESS_SRC_FLOW],
-+ SADB_X_EXT_ADDRESS_SRC_FLOW,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ (struct sockaddr*)&srcflow),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_X_EXT_ADDRESS_DST_FLOW],
-+ SADB_X_EXT_ADDRESS_DST_FLOW,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ (struct sockaddr*)&dstflow),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_X_EXT_ADDRESS_SRC_MASK],
-+ SADB_X_EXT_ADDRESS_SRC_MASK,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ (struct sockaddr*)&srcmask),
-+ extensions_reply)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions_reply[SADB_X_EXT_ADDRESS_DST_MASK],
-+ SADB_X_EXT_ADDRESS_DST_MASK,
-+ 0, /*extr->ips->ips_said.proto,*/
-+ 0,
-+ (struct sockaddr*)&dstmask),
-+ extensions_reply)
-+ )) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_x_delflow_parse: "
-+ "failed to build the x_delflow reply message extensions\n");
-+ SENDERR(-error);
-+ }
-+
-+ if((error = pfkey_msg_build(&pfkey_reply, extensions_reply, EXT_BITS_OUT))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_x_delflow_parse: "
-+ "failed to build the x_delflow reply message\n");
-+ SENDERR(-error);
-+ }
-+
-+ for(pfkey_socketsp = pfkey_open_sockets;
-+ pfkey_socketsp;
-+ pfkey_socketsp = pfkey_socketsp->next) {
-+ if((error = pfkey_upmsg(pfkey_socketsp->socketp, pfkey_reply))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_x_delflow_parse: "
-+ "sending up x_delflow reply message for satype=%d(%s) to socket=0p%p failed with error=%d.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp,
-+ error);
-+ SENDERR(-error);
-+ }
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_x_delflow_parse: "
-+ "sending up x_delflow reply message for satype=%d(%s) to socket=0p%p succeeded.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp);
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_delflow_parse: "
-+ "extr->ips cleaned up and freed.\n");
-+
-+ errlab:
-+ if (pfkey_reply) {
-+ pfkey_msg_free(&pfkey_reply);
-+ }
-+ pfkey_extensions_free(extensions_reply);
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_x_msg_debug_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ int error = 0;
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_x_msg_debug_parse: .\n");
-+
-+/* errlab:*/
-+ return error;
-+}
-+
-+/* pfkey_expire expects the ipsec_sa table to be locked before being called. */
-+int
-+pfkey_expire(struct ipsec_sa *ipsp, int hard)
-+{
-+ struct sadb_ext *extensions[SADB_EXT_MAX+1];
-+ struct sadb_msg *pfkey_msg = NULL;
-+ struct socket_list *pfkey_socketsp;
-+ int error = 0;
-+ uint8_t satype;
-+
-+ pfkey_extensions_init(extensions);
-+
-+ if(!(satype = proto2satype(ipsp->ips_said.proto))) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_expire: "
-+ "satype lookup for protocol %d lookup failed.\n",
-+ ipsp->ips_said.proto);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(!pfkey_open_sockets) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_expire: "
-+ "no sockets listening.\n");
-+ SENDERR(EPROTONOSUPPORT);
-+ }
-+
-+ if (!(pfkey_safe_build(error = pfkey_msg_hdr_build(&extensions[0],
-+ SADB_EXPIRE,
-+ satype,
-+ 0,
-+ ++pfkey_msg_seq,
-+ 0),
-+ extensions)
-+ && pfkey_safe_build(error = pfkey_sa_ref_build(&extensions[SADB_EXT_SA],
-+ SADB_EXT_SA,
-+ ipsp->ips_said.spi,
-+ ipsp->ips_replaywin,
-+ ipsp->ips_state,
-+ ipsp->ips_authalg,
-+ ipsp->ips_encalg,
-+ ipsp->ips_flags,
-+ ipsp->ips_ref),
-+ extensions)
-+ && pfkey_safe_build(error = pfkey_lifetime_build(&extensions[SADB_EXT_LIFETIME_CURRENT],
-+ SADB_EXT_LIFETIME_CURRENT,
-+ ipsp->ips_life.ipl_allocations.ipl_count,
-+ ipsp->ips_life.ipl_bytes.ipl_count,
-+ ipsp->ips_life.ipl_addtime.ipl_count,
-+ ipsp->ips_life.ipl_usetime.ipl_count,
-+ ipsp->ips_life.ipl_packets.ipl_count),
-+ extensions)
-+ && (hard ?
-+ pfkey_safe_build(error = pfkey_lifetime_build(&extensions[SADB_EXT_LIFETIME_HARD],
-+ SADB_EXT_LIFETIME_HARD,
-+ ipsp->ips_life.ipl_allocations.ipl_hard,
-+ ipsp->ips_life.ipl_bytes.ipl_hard,
-+ ipsp->ips_life.ipl_addtime.ipl_hard,
-+ ipsp->ips_life.ipl_usetime.ipl_hard,
-+ ipsp->ips_life.ipl_packets.ipl_hard),
-+ extensions)
-+ : pfkey_safe_build(error = pfkey_lifetime_build(&extensions[SADB_EXT_LIFETIME_SOFT],
-+ SADB_EXT_LIFETIME_SOFT,
-+ ipsp->ips_life.ipl_allocations.ipl_soft,
-+ ipsp->ips_life.ipl_bytes.ipl_soft,
-+ ipsp->ips_life.ipl_addtime.ipl_soft,
-+ ipsp->ips_life.ipl_usetime.ipl_soft,
-+ ipsp->ips_life.ipl_packets.ipl_soft),
-+ extensions))
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions[SADB_EXT_ADDRESS_SRC],
-+ SADB_EXT_ADDRESS_SRC,
-+ 0, /* ipsp->ips_said.proto, */
-+ 0,
-+ ipsp->ips_addr_s),
-+ extensions)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions[SADB_EXT_ADDRESS_DST],
-+ SADB_EXT_ADDRESS_DST,
-+ 0, /* ipsp->ips_said.proto, */
-+ 0,
-+ ipsp->ips_addr_d),
-+ extensions))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_expire: "
-+ "failed to build the expire message extensions\n");
-+ spin_unlock(&tdb_lock);
-+ goto errlab;
-+ }
-+
-+ if ((error = pfkey_msg_build(&pfkey_msg, extensions, EXT_BITS_OUT))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_expire: "
-+ "failed to build the expire message\n");
-+ SENDERR(-error);
-+ }
-+
-+ for(pfkey_socketsp = pfkey_open_sockets;
-+ pfkey_socketsp;
-+ pfkey_socketsp = pfkey_socketsp->next) {
-+ if((error = pfkey_upmsg(pfkey_socketsp->socketp, pfkey_msg))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_expire: "
-+ "sending up expire message for satype=%d(%s) to socket=0p%p failed with error=%d.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp,
-+ error);
-+ SENDERR(-error);
-+ }
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_expire: "
-+ "sending up expire message for satype=%d(%s) (proto=%d) to socket=0p%p succeeded.\n",
-+ satype,
-+ satype2name(satype),
-+ ipsp->ips_said.proto,
-+ pfkey_socketsp->socketp);
-+ }
-+
-+ errlab:
-+ if (pfkey_msg) {
-+ pfkey_msg_free(&pfkey_msg);
-+ }
-+ pfkey_extensions_free(extensions);
-+ return error;
-+}
-+
-+int
-+pfkey_acquire(struct ipsec_sa *ipsp)
-+{
-+ struct sadb_ext *extensions[SADB_EXT_MAX+1];
-+ struct sadb_msg *pfkey_msg = NULL;
-+ struct socket_list *pfkey_socketsp;
-+ int error = 0;
-+ struct sadb_comb comb[] = {
-+ /* auth; encrypt; flags; */
-+ /* auth_minbits; auth_maxbits; encrypt_minbits; encrypt_maxbits; */
-+ /* reserved; soft_allocations; hard_allocations; soft_bytes; hard_bytes; */
-+ /* soft_addtime; hard_addtime; soft_usetime; hard_usetime; */
-+ /* soft_packets; hard_packets; */
-+ { SADB_AALG_MD5HMAC, SADB_EALG_3DESCBC, SADB_SAFLAGS_PFS,
-+ 128, 128, 168, 168,
-+ 0, 0, 0, 0, 0,
-+ 57600, 86400, 57600, 86400,
-+ 0, 0 },
-+ { SADB_AALG_SHA1HMAC, SADB_EALG_3DESCBC, SADB_SAFLAGS_PFS,
-+ 160, 160, 168, 168,
-+ 0, 0, 0, 0, 0,
-+ 57600, 86400, 57600, 86400,
-+ 0, 0 }
-+ };
-+
-+ /* XXX This should not be hard-coded. It should be taken from the spdb */
-+ uint8_t satype = SADB_SATYPE_ESP;
-+
-+ pfkey_extensions_init(extensions);
-+
-+ if((satype == 0) || (satype > SADB_SATYPE_MAX)) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_acquire: "
-+ "SAtype=%d unspecified or unknown.\n",
-+ satype);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(!(pfkey_registered_sockets[satype])) {
-+ KLIPS_PRINT(1|debug_pfkey, "klips_debug:pfkey_acquire: "
-+ "no sockets registered for SAtype=%d(%s).\n",
-+ satype,
-+ satype2name(satype));
-+ SENDERR(EPROTONOSUPPORT);
-+ }
-+
-+ if (!(pfkey_safe_build(error = pfkey_msg_hdr_build(&extensions[0],
-+ SADB_ACQUIRE,
-+ satype,
-+ 0,
-+ ++pfkey_msg_seq,
-+ 0),
-+ extensions)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions[SADB_EXT_ADDRESS_SRC],
-+ SADB_EXT_ADDRESS_SRC,
-+ ipsp->ips_transport_protocol,
-+ 0,
-+ ipsp->ips_addr_s),
-+ extensions)
-+ && pfkey_safe_build(error = pfkey_address_build(&extensions[SADB_EXT_ADDRESS_DST],
-+ SADB_EXT_ADDRESS_DST,
-+ ipsp->ips_transport_protocol,
-+ 0,
-+ ipsp->ips_addr_d),
-+ extensions)
-+#if 0
-+ && (ipsp->ips_addr_p
-+ ? pfkey_safe_build(error = pfkey_address_build(&extensions[SADB_EXT_ADDRESS_PROXY],
-+ SADB_EXT_ADDRESS_PROXY,
-+ ipsp->ips_transport_protocol,
-+ 0,
-+ ipsp->ips_addr_p),
-+ extensions) : 1)
-+#endif
-+ && (ipsp->ips_ident_s.type != SADB_IDENTTYPE_RESERVED
-+ ? pfkey_safe_build(error = pfkey_ident_build(&extensions[SADB_EXT_IDENTITY_SRC],
-+ SADB_EXT_IDENTITY_SRC,
-+ ipsp->ips_ident_s.type,
-+ ipsp->ips_ident_s.id,
-+ ipsp->ips_ident_s.len,
-+ ipsp->ips_ident_s.data),
-+ extensions) : 1)
-+
-+ && (ipsp->ips_ident_d.type != SADB_IDENTTYPE_RESERVED
-+ ? pfkey_safe_build(error = pfkey_ident_build(&extensions[SADB_EXT_IDENTITY_DST],
-+ SADB_EXT_IDENTITY_DST,
-+ ipsp->ips_ident_d.type,
-+ ipsp->ips_ident_d.id,
-+ ipsp->ips_ident_d.len,
-+ ipsp->ips_ident_d.data),
-+ extensions) : 1)
-+#if 0
-+ /* FIXME: This won't work yet because I have not finished
-+ it. */
-+ && (ipsp->ips_sens_
-+ ? pfkey_safe_build(error = pfkey_sens_build(&extensions[SADB_EXT_SENSITIVITY],
-+ ipsp->ips_sens_dpd,
-+ ipsp->ips_sens_sens_level,
-+ ipsp->ips_sens_sens_len,
-+ ipsp->ips_sens_sens_bitmap,
-+ ipsp->ips_sens_integ_level,
-+ ipsp->ips_sens_integ_len,
-+ ipsp->ips_sens_integ_bitmap),
-+ extensions) : 1)
-+#endif
-+ && pfkey_safe_build(error = pfkey_prop_build(&extensions[SADB_EXT_PROPOSAL],
-+ 64, /* replay */
-+ sizeof(comb)/sizeof(struct sadb_comb),
-+ &(comb[0])),
-+ extensions)
-+ )) {
-+ KLIPS_PRINT(1|debug_pfkey, "klips_debug:pfkey_acquire: "
-+ "failed to build the acquire message extensions\n");
-+ SENDERR(-error);
-+ }
-+
-+ if ((error = pfkey_msg_build(&pfkey_msg, extensions, EXT_BITS_OUT))) {
-+ KLIPS_PRINT(1|debug_pfkey, "klips_debug:pfkey_acquire: "
-+ "failed to build the acquire message\n");
-+ SENDERR(-error);
-+ }
-+
-+#if KLIPS_PFKEY_ACQUIRE_LOSSAGE > 0
-+ if(sysctl_ipsec_regress_pfkey_lossage) {
-+ return(0);
-+ }
-+#endif
-+
-+ /* this should go to all registered sockets for that satype only */
-+ for(pfkey_socketsp = pfkey_registered_sockets[satype];
-+ pfkey_socketsp;
-+ pfkey_socketsp = pfkey_socketsp->next) {
-+ if((error = pfkey_upmsg(pfkey_socketsp->socketp, pfkey_msg))) {
-+ KLIPS_PRINT(1|debug_pfkey, "klips_debug:pfkey_acquire: "
-+ "sending up acquire message for satype=%d(%s) to socket=0p%p failed with error=%d.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp,
-+ error);
-+ SENDERR(-error);
-+ }
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_acquire: "
-+ "sending up acquire message for satype=%d(%s) to socket=0p%p succeeded.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp);
-+ }
-+
-+ errlab:
-+ if (pfkey_msg) {
-+ pfkey_msg_free(&pfkey_msg);
-+ }
-+ pfkey_extensions_free(extensions);
-+ return error;
-+}
-+
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+int
-+pfkey_nat_t_new_mapping(struct ipsec_sa *ipsp, struct sockaddr *ipaddr,
-+ __u16 sport)
-+{
-+ struct sadb_ext *extensions[SADB_EXT_MAX+1];
-+ struct sadb_msg *pfkey_msg = NULL;
-+ struct socket_list *pfkey_socketsp;
-+ int error = 0;
-+ uint8_t satype = (ipsp->ips_said.proto==IPPROTO_ESP) ? SADB_SATYPE_ESP : 0;
-+
-+ /* Construct SADB_X_NAT_T_NEW_MAPPING message */
-+
-+ pfkey_extensions_init(extensions);
-+
-+ if((satype == 0) || (satype > SADB_SATYPE_MAX)) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_nat_t_new_mapping: "
-+ "SAtype=%d unspecified or unknown.\n",
-+ satype);
-+ SENDERR(EINVAL);
-+ }
-+
-+ if(!(pfkey_registered_sockets[satype])) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_nat_t_new_mapping: "
-+ "no sockets registered for SAtype=%d(%s).\n",
-+ satype,
-+ satype2name(satype));
-+ SENDERR(EPROTONOSUPPORT);
-+ }
-+
-+ if (!(pfkey_safe_build
-+ (error = pfkey_msg_hdr_build(&extensions[0], SADB_X_NAT_T_NEW_MAPPING,
-+ satype, 0, ++pfkey_msg_seq, 0), extensions)
-+ /* SA */
-+ && pfkey_safe_build
-+ (error = pfkey_sa_build(&extensions[SADB_EXT_SA],
-+ SADB_EXT_SA, ipsp->ips_said.spi, 0, 0, 0, 0, 0), extensions)
-+ /* ADDRESS_SRC = old addr */
-+ && pfkey_safe_build
-+ (error = pfkey_address_build(&extensions[SADB_EXT_ADDRESS_SRC],
-+ SADB_EXT_ADDRESS_SRC, ipsp->ips_said.proto, 0, ipsp->ips_addr_s),
-+ extensions)
-+ /* NAT_T_SPORT = old port */
-+ && pfkey_safe_build
-+ (error = pfkey_x_nat_t_port_build(&extensions[SADB_X_EXT_NAT_T_SPORT],
-+ SADB_X_EXT_NAT_T_SPORT, ipsp->ips_natt_sport), extensions)
-+ /* ADDRESS_DST = new addr */
-+ && pfkey_safe_build
-+ (error = pfkey_address_build(&extensions[SADB_EXT_ADDRESS_DST],
-+ SADB_EXT_ADDRESS_DST, ipsp->ips_said.proto, 0, ipaddr), extensions)
-+ /* NAT_T_DPORT = new port */
-+ && pfkey_safe_build
-+ (error = pfkey_x_nat_t_port_build(&extensions[SADB_X_EXT_NAT_T_DPORT],
-+ SADB_X_EXT_NAT_T_DPORT, sport), extensions)
-+ )) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_nat_t_new_mapping: "
-+ "failed to build the nat_t_new_mapping message extensions\n");
-+ SENDERR(-error);
-+ }
-+
-+ if ((error = pfkey_msg_build(&pfkey_msg, extensions, EXT_BITS_OUT))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_nat_t_new_mapping: "
-+ "failed to build the nat_t_new_mapping message\n");
-+ SENDERR(-error);
-+ }
-+
-+ /* this should go to all registered sockets for that satype only */
-+ for(pfkey_socketsp = pfkey_registered_sockets[satype];
-+ pfkey_socketsp;
-+ pfkey_socketsp = pfkey_socketsp->next) {
-+ if((error = pfkey_upmsg(pfkey_socketsp->socketp, pfkey_msg))) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_nat_t_new_mapping: "
-+ "sending up nat_t_new_mapping message for satype=%d(%s) to socket=%p failed with error=%d.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp,
-+ error);
-+ SENDERR(-error);
-+ }
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_nat_t_new_mapping: "
-+ "sending up nat_t_new_mapping message for satype=%d(%s) to socket=%p succeeded.\n",
-+ satype,
-+ satype2name(satype),
-+ pfkey_socketsp->socketp);
-+ }
-+
-+ errlab:
-+ if (pfkey_msg) {
-+ pfkey_msg_free(&pfkey_msg);
-+ }
-+ pfkey_extensions_free(extensions);
-+ return error;
-+}
-+
-+DEBUG_NO_STATIC int
-+pfkey_x_nat_t_new_mapping_parse(struct sock *sk, struct sadb_ext **extensions, struct pfkey_extracted_data* extr)
-+{
-+ /* SADB_X_NAT_T_NEW_MAPPING not used in kernel */
-+ return -EINVAL;
-+}
-+#endif
-+
-+DEBUG_NO_STATIC int (*ext_processors[SADB_EXT_MAX+1])(struct sadb_ext *pfkey_ext, struct pfkey_extracted_data* extr) =
-+{
-+ NULL, /* pfkey_msg_process, */
-+ pfkey_sa_process,
-+ pfkey_lifetime_process,
-+ pfkey_lifetime_process,
-+ pfkey_lifetime_process,
-+ pfkey_address_process,
-+ pfkey_address_process,
-+ pfkey_address_process,
-+ pfkey_key_process,
-+ pfkey_key_process,
-+ pfkey_ident_process,
-+ pfkey_ident_process,
-+ pfkey_sens_process,
-+ pfkey_prop_process,
-+ pfkey_supported_process,
-+ pfkey_supported_process,
-+ pfkey_spirange_process,
-+ pfkey_x_kmprivate_process,
-+ pfkey_x_satype_process,
-+ pfkey_sa_process,
-+ pfkey_address_process,
-+ pfkey_address_process,
-+ pfkey_address_process,
-+ pfkey_address_process,
-+ pfkey_address_process,
-+ pfkey_x_debug_process,
-+ pfkey_x_protocol_process
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ ,
-+ pfkey_x_nat_t_type_process,
-+ pfkey_x_nat_t_port_process,
-+ pfkey_x_nat_t_port_process,
-+ pfkey_address_process
-+#endif
-+};
-+
-+
-+DEBUG_NO_STATIC int (*msg_parsers[SADB_MAX +1])(struct sock *sk, struct sadb_ext *extensions[], struct pfkey_extracted_data* extr)
-+ =
-+{
-+ NULL, /* RESERVED */
-+ pfkey_getspi_parse,
-+ pfkey_update_parse,
-+ pfkey_add_parse,
-+ pfkey_delete_parse,
-+ pfkey_get_parse,
-+ pfkey_acquire_parse,
-+ pfkey_register_parse,
-+ pfkey_expire_parse,
-+ pfkey_flush_parse,
-+ pfkey_dump_parse,
-+ pfkey_x_promisc_parse,
-+ pfkey_x_pchange_parse,
-+ pfkey_x_grpsa_parse,
-+ pfkey_x_addflow_parse,
-+ pfkey_x_delflow_parse,
-+ pfkey_x_msg_debug_parse
-+#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
-+ , pfkey_x_nat_t_new_mapping_parse
-+#endif
-+};
-+
-+int
-+pfkey_build_reply(struct sadb_msg *pfkey_msg,
-+ struct pfkey_extracted_data *extr,
-+ struct sadb_msg **pfkey_reply)
-+{
-+ struct sadb_ext *extensions[SADB_EXT_MAX+1];
-+ int error = 0;
-+ int msg_type = pfkey_msg->sadb_msg_type;
-+ int seq = pfkey_msg->sadb_msg_seq;
-+
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_build_reply: "
-+ "building reply with type: %d\n",
-+ msg_type);
-+ pfkey_extensions_init(extensions);
-+ if (!extr || !extr->ips) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_build_reply: "
-+ "bad ipsec_sa passed\n");
-+ return EINVAL;
-+ }
-+ error = pfkey_safe_build(pfkey_msg_hdr_build(&extensions[0],
-+ msg_type,
-+ proto2satype(extr->ips->ips_said.proto),
-+ 0,
-+ seq,
-+ pfkey_msg->sadb_msg_pid),
-+ extensions) &&
-+ (!(extensions_bitmaps[EXT_BITS_OUT][EXT_BITS_REQ][msg_type] &
-+ 1 << SADB_EXT_SA)
-+ || pfkey_safe_build(pfkey_sa_ref_build(&extensions[SADB_EXT_SA],
-+ SADB_EXT_SA,
-+ extr->ips->ips_said.spi,
-+ extr->ips->ips_replaywin,
-+ extr->ips->ips_state,
-+ extr->ips->ips_authalg,
-+ extr->ips->ips_encalg,
-+ extr->ips->ips_flags,
-+ extr->ips->ips_ref),
-+ extensions)) &&
-+ (!(extensions_bitmaps[EXT_BITS_OUT][EXT_BITS_REQ][msg_type] &
-+ 1 << SADB_EXT_LIFETIME_CURRENT)
-+ || pfkey_safe_build(pfkey_lifetime_build(&extensions
-+ [SADB_EXT_LIFETIME_CURRENT],
-+ SADB_EXT_LIFETIME_CURRENT,
-+ extr->ips->ips_life.ipl_allocations.ipl_count,
-+ extr->ips->ips_life.ipl_bytes.ipl_count,
-+ extr->ips->ips_life.ipl_addtime.ipl_count,
-+ extr->ips->ips_life.ipl_usetime.ipl_count,
-+ extr->ips->ips_life.ipl_packets.ipl_count),
-+ extensions)) &&
-+ (!(extensions_bitmaps[EXT_BITS_OUT][EXT_BITS_REQ][msg_type] &
-+ 1 << SADB_EXT_ADDRESS_SRC)
-+ || pfkey_safe_build(pfkey_address_build(&extensions[SADB_EXT_ADDRESS_SRC],
-+ SADB_EXT_ADDRESS_SRC,
-+ extr->ips->ips_said.proto,
-+ 0,
-+ extr->ips->ips_addr_s),
-+ extensions)) &&
-+ (!(extensions_bitmaps[EXT_BITS_OUT][EXT_BITS_REQ][msg_type] &
-+ 1 << SADB_EXT_ADDRESS_DST)
-+ || pfkey_safe_build(pfkey_address_build(&extensions[SADB_EXT_ADDRESS_DST],
-+ SADB_EXT_ADDRESS_DST,
-+ extr->ips->ips_said.proto,
-+ 0,
-+ extr->ips->ips_addr_d),
-+ extensions));
-+
-+ if (error == 0) {
-+ KLIPS_PRINT(debug_pfkey, "klips_debug:pfkey_build_reply: "
-+ "building extensions failed\n");
-+ return EINVAL;
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_build_reply: "
-+ "built extensions, proceed to build the message\n");
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_build_reply: "
-+ "extensions[1]=0p%p\n",
-+ extensions[1]);
-+ error = pfkey_msg_build(pfkey_reply, extensions, EXT_BITS_OUT);
-+ pfkey_extensions_free(extensions);
-+
-+ return error;
-+}
-+
-+int
-+pfkey_msg_interp(struct sock *sk, struct sadb_msg *pfkey_msg,
-+ struct sadb_msg **pfkey_reply)
-+{
-+ int error = 0;
-+ int i;
-+ struct sadb_ext *extensions[SADB_EXT_MAX+1];
-+ struct pfkey_extracted_data extr = {NULL, NULL, NULL};
-+
-+ pfkey_extensions_init(extensions);
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_msg_interp: "
-+ "parsing message ver=%d, type=%d, errno=%d, satype=%d(%s), len=%d, res=%d, seq=%d, pid=%d.\n",
-+ pfkey_msg->sadb_msg_version,
-+ pfkey_msg->sadb_msg_type,
-+ pfkey_msg->sadb_msg_errno,
-+ pfkey_msg->sadb_msg_satype,
-+ satype2name(pfkey_msg->sadb_msg_satype),
-+ pfkey_msg->sadb_msg_len,
-+ pfkey_msg->sadb_msg_reserved,
-+ pfkey_msg->sadb_msg_seq,
-+ pfkey_msg->sadb_msg_pid);
-+
-+ extr.ips = ipsec_sa_alloc(&error); /* pass in error var by pointer */
-+ if(extr.ips == NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_msg_interp: "
-+ "memory allocation error.\n");
-+ SENDERR(-error);
-+ }
-+
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_msg_interp: "
-+ "allocated extr->ips=0p%p.\n",
-+ extr.ips);
-+
-+ if(pfkey_msg->sadb_msg_satype > SADB_SATYPE_MAX) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_msg_interp: "
-+ "satype %d > max %d\n",
-+ pfkey_msg->sadb_msg_satype,
-+ SADB_SATYPE_MAX);
-+ SENDERR(EINVAL);
-+ }
-+
-+ switch(pfkey_msg->sadb_msg_type) {
-+ case SADB_GETSPI:
-+ case SADB_UPDATE:
-+ case SADB_ADD:
-+ case SADB_DELETE:
-+ case SADB_X_GRPSA:
-+ case SADB_X_ADDFLOW:
-+ if(!(extr.ips->ips_said.proto = satype2proto(pfkey_msg->sadb_msg_satype))) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_msg_interp: "
-+ "satype %d lookup failed.\n",
-+ pfkey_msg->sadb_msg_satype);
-+ SENDERR(EINVAL);
-+ } else {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_msg_interp: "
-+ "satype %d lookups to proto=%d.\n",
-+ pfkey_msg->sadb_msg_satype,
-+ extr.ips->ips_said.proto);
-+ }
-+ break;
-+ default:
-+ break;
-+ }
-+
-+ /* The NULL below causes the default extension parsers to be used */
-+ /* Parse the extensions */
-+ if((error = pfkey_msg_parse(pfkey_msg, NULL, extensions, EXT_BITS_IN)))
-+ {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_msg_interp: "
-+ "message parsing failed with error %d.\n",
-+ error);
-+ SENDERR(-error);
-+ }
-+
-+ /* Process the extensions */
-+ for(i=1; i <= SADB_EXT_MAX;i++) {
-+ if(extensions[i] != NULL) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_msg_interp: "
-+ "processing ext %d 0p%p with processor 0p%p.\n",
-+ i, extensions[i], ext_processors[i]);
-+ if((error = ext_processors[i](extensions[i], &extr))) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_msg_interp: "
-+ "extension processing for type %d failed with error %d.\n",
-+ i,
-+ error);
-+ SENDERR(-error);
-+ }
-+
-+ }
-+
-+ }
-+
-+ /* Parse the message types */
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_msg_interp: "
-+ "parsing message type %d(%s) with msg_parser 0p%p.\n",
-+ pfkey_msg->sadb_msg_type,
-+ pfkey_v2_sadb_type_string(pfkey_msg->sadb_msg_type),
-+ msg_parsers[pfkey_msg->sadb_msg_type]);
-+ if((error = msg_parsers[pfkey_msg->sadb_msg_type](sk, extensions, &extr))) {
-+ KLIPS_PRINT(debug_pfkey,
-+ "klips_debug:pfkey_msg_interp: "
-+ "message parsing failed with error %d.\n",
-+ error);
-+ SENDERR(-error);
-+ }
-+
-+#if 0
-+ error = pfkey_build_reply(pfkey_msg, &extr, pfkey_reply);
-+ if (error) {
-+ *pfkey_reply = NULL;
-+ }
-+#endif
-+ errlab:
-+ if(extr.ips != NULL) {
-+ ipsec_sa_wipe(extr.ips);
-+ }
-+ if(extr.ips2 != NULL) {
-+ ipsec_sa_wipe(extr.ips2);
-+ }
-+ if (extr.eroute != NULL) {
-+ kfree(extr.eroute);
-+ }
-+ return(error);
-+}
-+
-+/*
-+ * $Log: pfkey_v2_parser.c,v $
-+ * Revision 1.134.2.2 2006/10/06 21:39:26 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.134.2.1 2006/05/01 14:37:25 mcr
-+ * ip_chk_addr -> inet_addr_type for more direct 2.4/2.6 support.
-+ *
-+ * Revision 1.134 2005/05/11 01:48:20 mcr
-+ * removed "poor-man"s OOP in favour of proper C structures.
-+ *
-+ * Revision 1.133 2005/04/29 05:10:22 mcr
-+ * removed from extraenous includes to make unit testing easier.
-+ *
-+ * Revision 1.132 2005/04/14 20:56:24 mcr
-+ * moved (pfkey_)ipsec_sa_init to ipsec_sa.c.
-+ *
-+ * Revision 1.131 2005/01/26 00:50:35 mcr
-+ * adjustment of confusion of CONFIG_IPSEC_NAT vs CONFIG_KLIPS_NAT,
-+ * and make sure that NAT_TRAVERSAL is set as well to match
-+ * userspace compiles of code.
-+ *
-+ * Revision 1.130 2004/09/08 17:21:36 ken
-+ * Rename MD5* -> osMD5 functions to prevent clashes with other symbols exported by kernel modules (CIFS in 2.6 initiated this)
-+ *
-+ * Revision 1.129 2004/09/06 18:36:30 mcr
-+ * if a protocol can not be found, then log it. This is not
-+ * debugging.
-+ *
-+ * Revision 1.128 2004/08/21 00:45:19 mcr
-+ * CONFIG_KLIPS_NAT was wrong, also need to include udp.h.
-+ *
-+ * Revision 1.127 2004/08/20 21:45:45 mcr
-+ * CONFIG_KLIPS_NAT_TRAVERSAL is not used in an attempt to
-+ * be 26sec compatible. But, some defines where changed.
-+ *
-+ * Revision 1.126 2004/08/17 03:27:23 mcr
-+ * klips 2.6 edits.
-+ *
-+ * Revision 1.125 2004/08/04 15:57:07 mcr
-+ * moved des .h files to include/des/ *
-+ * included 2.6 protocol specific things
-+ * started at NAT-T support, but it will require a kernel patch.
-+ *
-+ * Revision 1.124 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.123 2004/04/06 02:49:26 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.122.2.2 2004/04/05 04:30:46 mcr
-+ * patches for alg-branch to compile/work with 2.x openswan
-+ *
-+ * Revision 1.122.2.1 2003/12/22 15:25:52 jjo
-+ * . Merged algo-0.8.1-rc11-test1 into alg-branch
-+ *
-+ * Revision 1.122 2003/12/10 01:14:27 mcr
-+ * NAT-traversal patches to KLIPS.
-+ *
-+ * Revision 1.121 2003/10/31 02:27:55 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.120.4.2 2003/10/29 01:30:41 mcr
-+ * elimited "struct sa_id".
-+ *
-+ * Revision 1.120.4.1 2003/09/21 13:59:56 mcr
-+ * pre-liminary X.509 patch - does not yet pass tests.
-+ *
-+ * Revision 1.120 2003/04/03 17:38:09 rgb
-+ * Centralised ipsec_kfree_skb and ipsec_dev_{get,put}.
-+ *
-+ * Revision 1.119 2003/02/06 01:52:37 rgb
-+ * Removed no longer relevant comment
-+ *
-+ * Revision 1.118 2003/01/30 02:32:44 rgb
-+ *
-+ * Transmit error code through to caller from callee for better diagnosis of problems.
-+ *
-+ * Revision 1.117 2003/01/16 18:48:13 rgb
-+ *
-+ * Fixed sign bug in error return from an sa allocation call in
-+ * pfkey_msg_interp.
-+ *
-+ * Revision 1.116 2002/10/17 16:38:01 rgb
-+ * Change pfkey_alloc_eroute() to never static since its consumers
-+ * have been moved outside the file.
-+ *
-+ * Revision 1.115 2002/10/12 23:11:53 dhr
-+ *
-+ * [KenB + DHR] more 64-bit cleanup
-+ *
-+ * Revision 1.114 2002/10/05 05:02:58 dhr
-+ *
-+ * C labels go on statements
-+ *
-+ * Revision 1.113 2002/09/30 19:11:22 rgb
-+ * Turn on debugging for upgoing acquire messages to test for reliability.
-+ *
-+ * Revision 1.112 2002/09/20 15:41:16 rgb
-+ * Switch from pfkey_alloc_ipsec_sa() to ipsec_sa_alloc().
-+ * Added sadb_x_sa_ref to struct sadb_sa.
-+ * Added ref parameter to pfkey_sa_build().
-+ *
-+ * Revision 1.111 2002/09/20 05:02:08 rgb
-+ * Added memory allocation debugging.
-+ * Convert to switch to divulge hmac keys for debugging.
-+ * Added text labels to elucidate numeric values presented.
-+ *
-+ * Revision 1.110 2002/08/03 18:03:05 mcr
-+ * loop that checks for SPI's to have been already linked
-+ * fails to actually step to next pointer, but continuously
-+ * resets to head of list. Wrong pointer used.
-+ * test east-icmp-02 revealed this.
-+ *
-+ * Revision 1.109 2002/07/26 08:48:31 rgb
-+ * Added SA ref table code.
-+ *
-+ * Revision 1.108 2002/05/27 18:55:03 rgb
-+ * Remove final vistiges of tdb references via IPSEC_KLIPS1_COMPAT.
-+ *
-+ * Revision 1.107 2002/05/23 07:16:08 rgb
-+ * Added ipsec_sa_put() for releasing an ipsec_sa refcount.
-+ * Pointer clean-up.
-+ * Added refcount code.
-+ *
-+ * Revision 1.106 2002/05/14 02:34:13 rgb
-+ * Converted reference from ipsec_sa_put to ipsec_sa_add to avoid confusion
-+ * with "put" usage in the kernel.
-+ * Change all references to tdb, TDB or Tunnel Descriptor Block to ips,
-+ * ipsec_sa or ipsec_sa.
-+ * Moved all the extension parsing functions to pfkey_v2_ext_process.c.
-+ *
-+ * Revision 1.105 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.104 2002/04/24 07:36:34 mcr
-+ * Moved from ./klips/net/ipsec/pfkey_v2_parser.c,v
-+ *
-+ * Revision 1.103 2002/04/20 00:12:25 rgb
-+ * Added esp IV CBC attack fix, disabled.
-+ *
-+ * Revision 1.102 2002/03/08 01:15:17 mcr
-+ * put some internal structure only debug messages behind
-+ * && sysctl_ipsec_debug_verbose.
-+ *
-+ * Revision 1.101 2002/01/29 17:17:57 mcr
-+ * moved include of ipsec_param.h to after include of linux/kernel.h
-+ * otherwise, it seems that some option that is set in ipsec_param.h
-+ * screws up something subtle in the include path to kernel.h, and
-+ * it complains on the snprintf() prototype.
-+ *
-+ * Revision 1.100 2002/01/29 04:00:54 mcr
-+ * more excise of kversions.h header.
-+ *
-+ * Revision 1.99 2002/01/29 02:13:19 mcr
-+ * introduction of ipsec_kversion.h means that include of
-+ * ipsec_param.h must preceed any decisions about what files to
-+ * include to deal with differences in kernel source.
-+ *
-+ * Revision 1.98 2002/01/12 02:57:57 mcr
-+ * first regression test causes acquire messages to be lost
-+ * 100% of the time. This is to help testing of pluto.
-+ *
-+ * Revision 1.97 2001/11/26 09:23:52 rgb
-+ * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
-+ *
-+ * Revision 1.93.2.4 2001/10/23 04:20:27 mcr
-+ * parity was forced on wrong structure! prototypes help here.
-+ *
-+ * Revision 1.93.2.3 2001/10/22 21:14:59 mcr
-+ * include des.h, removed phony prototypes and fixed calling
-+ * conventions to match real prototypes.
-+ *
-+ * Revision 1.93.2.2 2001/10/15 05:39:03 mcr
-+ * %08lx is not the right format for u32. Use %08x. 64-bit safe? ha.
-+ *
-+ * Revision 1.93.2.1 2001/09/25 02:30:14 mcr
-+ * struct tdb -> struct ipsec_sa.
-+ * use new lifetime structure. common format routines for debug.
-+ *
-+ * Revision 1.96 2001/11/06 20:47:54 rgb
-+ * Fixed user context call to ipsec_dev_start_xmit() bug. Call
-+ * dev_queue_xmit() instead.
-+ *
-+ * Revision 1.95 2001/11/06 19:47:46 rgb
-+ * Added packet parameter to lifetime and comb structures.
-+ *
-+ * Revision 1.94 2001/10/18 04:45:23 rgb
-+ * 2.4.9 kernel deprecates linux/malloc.h in favour of linux/slab.h,
-+ * lib/freeswan.h version macros moved to lib/kversions.h.
-+ * Other compiler directive cleanups.
-+ *
-+ * Revision 1.93 2001/09/20 15:32:59 rgb
-+ * Min/max cleanup.
-+ *
-+ * Revision 1.92 2001/09/19 16:35:48 rgb
-+ * PF_KEY ident fix for getspi from NetCelo (puttdb duplication).
-+ *
-+ * Revision 1.91 2001/09/15 16:24:06 rgb
-+ * Re-inject first and last HOLD packet when an eroute REPLACE is done.
-+ *
-+ * Revision 1.90 2001/09/14 16:58:38 rgb
-+ * Added support for storing the first and last packets through a HOLD.
-+ *
-+ * Revision 1.89 2001/09/08 21:14:07 rgb
-+ * Added pfkey ident extension support for ISAKMPd. (NetCelo)
-+ * Better state coherency (error management) between pf_key and IKE daemon.
-+ * (NetCelo)
-+ *
-+ * Revision 1.88 2001/08/27 19:42:44 rgb
-+ * Fix memory leak of encrypt and auth structs in pfkey register.
-+ *
-+ * Revision 1.87 2001/07/06 19:50:46 rgb
-+ * Removed unused debugging code.
-+ * Added inbound policy checking code for IPIP SAs.
-+ *
-+ * Revision 1.86 2001/06/20 06:26:04 rgb
-+ * Changed missing SA errors from EEXIST to ENOENT and added debug output
-+ * for already linked SAs.
-+ *
-+ * Revision 1.85 2001/06/15 04:57:02 rgb
-+ * Remove single error return condition check and check for all errors in
-+ * the case of a replace eroute delete operation. This means that
-+ * applications must expect to be deleting something before replacing it
-+ * and if nothing is found, complain.
-+ *
-+ * Revision 1.84 2001/06/14 19:35:12 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.83 2001/06/12 00:03:19 rgb
-+ * Silence debug set/unset under normal conditions.
-+ *
-+ * Revision 1.82 2001/05/30 08:14:04 rgb
-+ * Removed vestiges of esp-null transforms.
-+ *
-+ * Revision 1.81 2001/05/27 06:12:12 rgb
-+ * Added structures for pid, packet count and last access time to eroute.
-+ * Added packet count to beginning of /proc/net/ipsec_eroute.
-+ *
-+ * Revision 1.80 2001/05/03 19:43:59 rgb
-+ * Check error return codes for all build function calls.
-+ * Standardise on SENDERR() macro.
-+ *
-+ * Revision 1.79 2001/04/20 21:09:16 rgb
-+ * Cleaned up fixed tdbwipes.
-+ * Free pfkey_reply and clean up extensions_reply for grpsa, addflow and
-+ * delflow (Per Cederqvist) plugging memleaks.
-+ *
-+ * Revision 1.78 2001/04/19 19:02:39 rgb
-+ * Fixed extr.tdb freeing, stealing it for getspi, update and add.
-+ * Refined a couple of spinlocks, fixed the one in update.
-+ *
-+ * Revision 1.77 2001/04/18 20:26:16 rgb
-+ * Wipe/free eroute and both tdbs from extr at end of pfkey_msg_interp()
-+ * instead of inside each message type parser. This fixes two memleaks.
-+ *
-+ * Revision 1.76 2001/04/17 23:51:18 rgb
-+ * Quiet down pfkey_x_debug_process().
-+ *
-+ * Revision 1.75 2001/03/29 01:55:05 rgb
-+ * Fixed pfkey key init memleak.
-+ * Fixed pfkey encryption key debug output.
-+ *
-+ * Revision 1.74 2001/03/27 05:29:14 rgb
-+ * Debug output cleanup/silencing.
-+ *
-+ * Revision 1.73 2001/02/28 05:03:28 rgb
-+ * Clean up and rationalise startup messages.
-+ *
-+ * Revision 1.72 2001/02/27 22:24:56 rgb
-+ * Re-formatting debug output (line-splitting, joining, 1arg/line).
-+ * Check for satoa() return codes.
-+ *
-+ * Revision 1.71 2001/02/27 06:59:30 rgb
-+ * Added satype2name() conversions most places satype is debug printed.
-+ *
-+ * Revision 1.70 2001/02/26 22:37:08 rgb
-+ * Fixed 'unknown proto' INT bug in new code.
-+ * Added satype to protocol debugging instrumentation.
-+ *
-+ * Revision 1.69 2001/02/26 19:57:51 rgb
-+ * Re-formatted debug output (split lines, consistent spacing).
-+ * Fixed as yet undetected FLUSH bug which called ipsec_tdbcleanup()
-+ * with an satype instead of proto.
-+ * Checked for satype consistency and fixed minor bugs.
-+ * Fixed undetected ungrpspi bug that tried to upmsg a second tdb.
-+ * Check for satype sanity in pfkey_expire().
-+ * Added satype sanity check to addflow.
-+ *
-+ * Revision 1.68 2001/02/12 23:14:40 rgb
-+ * Remove double spin lock in pfkey_expire().
-+ *
-+ * Revision 1.67 2001/01/31 19:23:40 rgb
-+ * Fixed double-unlock bug introduced by grpsa upmsg (found by Lars Heete).
-+ *
-+ * Revision 1.66 2001/01/29 22:20:04 rgb
-+ * Fix minor add upmsg lifetime bug.
-+ *
-+ * Revision 1.65 2001/01/24 06:12:33 rgb
-+ * Fixed address extension compile bugs just introduced.
-+ *
-+ * Revision 1.64 2001/01/24 00:31:15 rgb
-+ * Added upmsg for addflow/delflow.
-+ *
-+ * Revision 1.63 2001/01/23 22:02:55 rgb
-+ * Added upmsg to x_grpsa.
-+ * Fixed lifetimes extentions to add/update/get upmsg.
-+ *
-+ * Revision 1.62 2000/11/30 21:47:51 rgb
-+ * Fix error return bug after returning from pfkey_tdb_init().
-+ *
-+ * Revision 1.61 2000/11/17 18:10:29 rgb
-+ * Fixed bugs mostly relating to spirange, to treat all spi variables as
-+ * network byte order since this is the way PF_KEYv2 stored spis.
-+ *
-+ * Revision 1.60 2000/11/06 04:34:53 rgb
-+ * Changed non-exported functions to DEBUG_NO_STATIC.
-+ * Add Svenning's adaptive content compression.
-+ * Ditched spin_lock_irqsave in favour of spin_lock/_bh.
-+ * Fixed double unlock bug (Svenning).
-+ * Fixed pfkey_msg uninitialized bug in pfkey_{expire,acquire}().
-+ * Fixed incorrect extension type (prop) in pfkey)acquire().
-+ *
-+ * Revision 1.59 2000/10/11 15:25:12 rgb
-+ * Fixed IPCOMP disabled compile bug.
-+ *
-+ * Revision 1.58 2000/10/11 14:54:03 rgb
-+ * Fixed pfkey_acquire() satype to SADB_SATYPE_ESP and removed pfkey
-+ * protocol violations of setting pfkey_address_build() protocol parameter
-+ * to non-zero except in the case of pfkey_acquire().
-+ *
-+ * Revision 1.57 2000/10/10 20:10:18 rgb
-+ * Added support for debug_ipcomp and debug_verbose to klipsdebug.
-+ *
-+ * Revision 1.56 2000/10/06 20:24:36 rgb
-+ * Fixes to pfkey_acquire to initialize extensions[] and use correct
-+ * ipproto.
-+ *
-+ * Revision 1.55 2000/10/03 03:20:57 rgb
-+ * Added brackets to get a?b:c scope right for pfkey_register reply.
-+ *
-+ * Revision 1.54 2000/09/29 19:49:30 rgb
-+ * As-yet-unused-bits cleanup.
-+ *
-+ * Revision 1.53 2000/09/28 00:35:45 rgb
-+ * Padded SATYPE printout in pfkey_register for vertical alignment.
-+ *
-+ * Revision 1.52 2000/09/20 16:21:58 rgb
-+ * Cleaned up ident string alloc/free.
-+ *
-+ * Revision 1.51 2000/09/20 04:04:20 rgb
-+ * Changed static functions to DEBUG_NO_STATIC to reveal function names in
-+ * oopsen.
-+ *
-+ * Revision 1.50 2000/09/16 01:10:53 rgb
-+ * Fixed unused var warning with debug off.
-+ *
-+ * Revision 1.49 2000/09/15 11:37:02 rgb
-+ * Merge in heavily modified Svenning Soerensen's <svenning@post5.tele.dk>
-+ * IPCOMP zlib deflate code.
-+ *
-+ * Revision 1.48 2000/09/15 04:57:57 rgb
-+ * Cleaned up existing IPCOMP code before svenning addition.
-+ * Initialize pfkey_reply and extensions_reply in case of early error in
-+ * message parsing functions (thanks Kai!).
-+ *
-+ * Revision 1.47 2000/09/13 08:02:56 rgb
-+ * Added KMd registration notification.
-+ *
-+ * Revision 1.46 2000/09/12 22:35:36 rgb
-+ * Restructured to remove unused extensions from CLEARFLOW messages.
-+ *
-+ * Revision 1.45 2000/09/12 03:24:23 rgb
-+ * Converted #if0 debugs to sysctl.
-+ *
-+ * Revision 1.44 2000/09/09 06:38:39 rgb
-+ * Correct SADB message type for update, add and delete.
-+ *
-+ * Revision 1.43 2000/09/08 19:19:56 rgb
-+ * Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
-+ * Removed all references to CONFIG_IPSEC_PFKEYv2.
-+ * Put in sanity checks in most msg type parsers to catch invalid satypes
-+ * and empty socket lists.
-+ * Moved spin-locks in pfkey_get_parse() to simplify.
-+ * Added pfkey_acquire().
-+ * Added upwards messages to update, add, delete, acquire_parse,
-+ * expire_parse and flush.
-+ * Fix pfkey_prop_build() parameter to be only single indirection.
-+ * Changed all replies to use pfkey_reply.
-+ * Check return code on puttdb() and deltdbchain() in getspi, update,
-+ * add, delete.
-+ * Fixed up all pfkey replies to open and registered sockets.
-+ *
-+ * Revision 1.42 2000/09/01 18:50:26 rgb
-+ * Added a supported algorithms array lists, one per satype and registered
-+ * existing algorithms.
-+ * Fixed pfkey_list_{insert,remove}_{socket,support}() to allow change to
-+ * list.
-+ * Only send pfkey_expire() messages to sockets registered for that satype.
-+ * Added reply to pfkey_getspi_parse().
-+ * Added reply to pfkey_get_parse().
-+ * Fixed debug output label bug in pfkey_lifetime_process().
-+ * Cleaned up pfkey_sa_process a little.
-+ * Moved pfkey_safe_build() above message type parsers to make it available
-+ * for creating replies.
-+ * Added comments for future work in pfkey_acquire_parse().
-+ * Fleshed out guts of pfkey_register_parse().
-+ *
-+ * Revision 1.41 2000/08/24 16:58:11 rgb
-+ * Fixed key debugging variables.
-+ * Fixed error return code for a failed search.
-+ * Changed order of pfkey_get operations.
-+ *
-+ * Revision 1.40 2000/08/21 16:32:27 rgb
-+ * Re-formatted for cosmetic consistency and readability.
-+ *
-+ * Revision 1.39 2000/08/20 21:38:57 rgb
-+ * Bugfixes to as-yet-unused pfkey_update_parse() and
-+ * pfkey_register_parse(). (Momchil)
-+ * Added functions pfkey_safe_build(), pfkey_expire() and
-+ * pfkey_build_reply(). (Momchil)
-+ * Added a pfkey_reply parameter to pfkey_msg_interp(). (Momchil)
-+ *
-+ * Revision 1.38 2000/08/18 21:30:41 rgb
-+ * Purged all tdb_spi, tdb_proto and tdb_dst macros. They are unclear.
-+ *
-+ * Revision 1.37 2000/08/18 18:18:02 rgb
-+ * Cosmetic and descriptive changes made to debug test.
-+ * getspi and update fixes from Momchil.
-+ *
-+ * Revision 1.36 2000/08/15 15:41:55 rgb
-+ * Fixed the (as yet unused and untested) pfkey_getspi() routine.
-+ *
-+ * Revision 1.35 2000/08/01 14:51:52 rgb
-+ * Removed _all_ remaining traces of DES.
-+ *
-+ * Revision 1.34 2000/07/28 14:58:32 rgb
-+ * Changed kfree_s to kfree, eliminating extra arg to fix 2.4.0-test5.
-+ *
-+ * Revision 1.33 2000/06/28 05:50:11 rgb
-+ * Actually set iv_bits.
-+ *
-+ * Revision 1.32 2000/05/30 18:36:56 rgb
-+ * Fix AH auth hash setup bug. This breaks interop with previous PF_KEY
-+ * FreeS/WAN, but fixes interop with other implementations.
-+ *
-+ * Revision 1.31 2000/03/16 14:05:48 rgb
-+ * Fixed brace scope preventing non-debug compile.
-+ * Added null parameter check for pfkey_x_debug().
-+ *
-+ * Revision 1.30 2000/01/22 23:21:13 rgb
-+ * Use new function satype2proto().
-+ *
-+ * Revision 1.29 2000/01/22 08:40:21 rgb
-+ * Invert condition to known value to avoid AF_INET6 in 2.0.36.
-+ *
-+ * Revision 1.28 2000/01/22 07:58:57 rgb
-+ * Fixed REPLACEFLOW bug, missing braces around KLIPS_PRINT *and* SENDERR.
-+ *
-+ * Revision 1.27 2000/01/22 03:48:01 rgb
-+ * Added extr pointer component debugging.
-+ *
-+ * Revision 1.26 2000/01/21 09:41:25 rgb
-+ * Changed a (void*) to (char*) cast to do proper pointer math.
-+ * Don't call tdbwipe if tdb2 is NULL.
-+ *
-+ * Revision 1.25 2000/01/21 06:21:01 rgb
-+ * Added address cases for eroute flows.
-+ * Tidied up compiler directive indentation for readability.
-+ * Added ictx,octx vars for simplification.
-+ * Added macros for HMAC padding magic numbers.
-+ * Converted from double tdb arguments to one structure (extr)
-+ * containing pointers to all temporary information structures
-+ * and checking for valid arguments to all ext processors and
-+ * msg type parsers.
-+ * Added spiungrp'ing.
-+ * Added klipsdebug switching capability.
-+ * Removed sa_process() check for zero protocol.
-+ * Added address case for DST2 for grouping.
-+ * Added/changed minor debugging instrumentation.
-+ * Fixed spigrp for single said, ungrouping case.
-+ * Added code to parse addflow and delflow messages.
-+ * Removed redundant statements duplicating tdbwipe() functionality
-+ * and causing double kfrees.
-+ * Permit addflow to have a protocol of 0.
-+ *
-+ * Revision 1.24 1999/12/09 23:23:00 rgb
-+ * Added check to pfkey_sa_process() to do eroutes.
-+ * Converted to DIVUP() macro.
-+ * Converted if() to switch() in pfkey_register_parse().
-+ * Use new pfkey_extensions_init() instead of memset().
-+ *
-+ * Revision 1.23 1999/12/01 22:18:13 rgb
-+ * Preset minspi and maxspi values in case and spirange extension is not
-+ * included and check for the presence of an spirange extension before
-+ * using it. Initialise tdb_sastate to LARVAL.
-+ * Fixed debugging output typo.
-+ * Fixed authentication context initialisation bugs (4 places).
-+ *
-+ * Revision 1.22 1999/11/27 11:53:08 rgb
-+ * Moved pfkey_msg_parse prototype to pfkey.h
-+ * Moved exts_permitted/required prototype to pfkey.h.
-+ * Moved sadb_satype2proto protocol lookup table to lib/pfkey_v2_parse.c.
-+ * Deleted SADB_X_EXT_SA2 code from pfkey_sa_process() since it will never
-+ * be called.
-+ * Moved protocol/algorithm checks to lib/pfkey_v2_parse.c
-+ * Debugging error messages added.
-+ * Enable lifetime_current checking.
-+ * Remove illegal requirement for SA extension to be present in an
-+ * originating GETSPI call.
-+ * Re-instate requirement for UPDATE or ADD message to be MATURE.
-+ * Add argument to pfkey_msg_parse() for direction.
-+ * Fixed IPIP dst address bug and purged redundant, leaky code.
-+ *
-+ * Revision 1.21 1999/11/24 05:24:20 rgb
-+ * hanged 'void*extensions' to 'struct sadb_ext*extensions'.
-+ * Fixed indention.
-+ * Ditched redundant replay check.
-+ * Fixed debug message text from 'parse' to 'process'.
-+ * Added more debug output.
-+ * Forgot to zero extensions array causing bug, fixed.
-+ *
-+ * Revision 1.20 1999/11/23 23:08:13 rgb
-+ * Move all common parsing code to lib/pfkey_v2_parse.c and rename
-+ * remaining bits to *_process. (PJO)
-+ * Add macros for dealing with alignment and rounding up more opaquely.
-+ * Use provided macro ADDRTOA_BUF instead of hardcoded value.
-+ * Sort out pfkey and freeswan headers, putting them in a library path.
-+ * Corrected a couple of bugs in as-yet-inactive code.
-+ *
-+ * Revision 1.19 1999/11/20 22:01:10 rgb
-+ * Add more descriptive error messages for non-zero reserved fields.
-+ * Add more descriptive error message for spirange parsing.
-+ * Start on supported extension parsing.
-+ * Start on register and get message parsing.
-+ *
-+ * Revision 1.18 1999/11/18 04:09:20 rgb
-+ * Replaced all kernel version macros to shorter, readable form.
-+ *
-+ * Revision 1.17 1999/11/17 15:53:41 rgb
-+ * Changed all occurrences of #include "../../../lib/freeswan.h"
-+ * to #include <freeswan.h> which works due to -Ilibfreeswan in the
-+ * klips/net/ipsec/Makefile.
-+ *
-+ * Revision 1.16 1999/10/26 16:57:43 rgb
-+ * Add shorter macros for compiler directives to visually clean-up.
-+ * Give ipv6 code meaningful compiler directive.
-+ * Add comments to other #if 0 debug code.
-+ * Remove unused *_bh_atomic() calls.
-+ * Fix mis-placed spinlock.
-+ *
-+ * Revision 1.15 1999/10/16 18:27:10 rgb
-+ * Clean-up unused cruft.
-+ * Fix-up lifetime_allocations_c and lifetime_addtime_c initialisations.
-+ *
-+ * Revision 1.14 1999/10/08 18:37:34 rgb
-+ * Fix end-of-line spacing to sate whining PHMs.
-+ *
-+ * Revision 1.13 1999/10/03 18:49:12 rgb
-+ * Spinlock fixes for 2.0.xx and 2.3.xx.
-+ *
-+ * Revision 1.12 1999/10/01 15:44:54 rgb
-+ * Move spinlock header include to 2.1> scope.
-+ *
-+ * Revision 1.11 1999/10/01 00:05:45 rgb
-+ * Added tdb structure locking.
-+ * Use 'jiffies' instead of do_get_timeofday().
-+ * Fix lifetime assignments.
-+ *
-+ * Revision 1.10 1999/09/21 15:24:45 rgb
-+ * Rework spirange code to save entropy and prevent endless loops.
-+ *
-+ * Revision 1.9 1999/09/16 12:10:21 rgb
-+ * Minor fixes to random spi selection for correctness and entropy conservation.
-+ *
-+ * Revision 1.8 1999/05/25 22:54:46 rgb
-+ * Fix comparison that should be an assignment in an if.
-+ *
-+ * Revision 1.7 1999/05/09 03:25:37 rgb
-+ * Fix bug introduced by 2.2 quick-and-dirty patch.
-+ *
-+ * Revision 1.6 1999/05/08 21:32:30 rgb
-+ * Fix error return reporting.
-+ *
-+ * Revision 1.5 1999/05/05 22:02:33 rgb
-+ * Add a quick and dirty port to 2.2 kernels by Marc Boucher <marc@mbsi.ca>.
-+ *
-+ * Revision 1.4 1999/04/29 15:22:40 rgb
-+ * Standardise an error return method.
-+ * Add debugging instrumentation.
-+ * Add check for existence of macros min/max.
-+ * Add extensions permitted/required in/out filters.
-+ * Add satype-to-protocol table.
-+ * Add a second tdb pointer to each parser to accomodate GRPSA.
-+ * Move AH & no_algo_set to GETSPI, UPDATE and ADD.
-+ * Add OOO window check.
-+ * Add support for IPPROTO_IPIP and hooks for IPPROTO_COMP.
-+ * Add timestamp to lifetime parse.
-+ * Fix address structure length checking bug.
-+ * Fix address structure allocation bug (forgot to kmalloc!).
-+ * Add checks for extension lengths.
-+ * Add checks for extension reserved illegal values.
-+ * Add check for spirange legal values.
-+ * Add an extension type for parsing a second satype, SA and
-+ * DST_ADDRESS.
-+ * Make changes to tdb_init() template to get pfkey_tdb_init(),
-+ * eliminating any mention of xformsw.
-+ * Implement getspi, update and grpsa (not tested).
-+ * Add stubs for as yet unimplemented message types.
-+ * Add table of message parsers to substitute for msg_parse switch.
-+ *
-+ * Revision 1.3 1999/04/15 17:58:07 rgb
-+ * Add RCSID labels.
-+ *
-+ * Revision 1.2 1999/04/15 15:37:26 rgb
-+ * Forward check changes from POST1_00 branch.
-+ *
-+ * Revision 1.1.2.1 1999/03/26 20:58:56 rgb
-+ * Add pfkeyv2 support to KLIPS.
-+ *
-+ * Local variables:
-+ * c-file-style: "linux"
-+ * End:
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/prng.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,201 @@
-+/*
-+ * crypto-class pseudorandom number generator
-+ * currently uses same algorithm as RC4(TM), from Schneier 2nd ed p397
-+ * Copyright (C) 2002 Henry Spencer.
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: prng.c,v 1.7 2004/07/10 07:48:36 mcr Exp $
-+ */
-+#include "openswan.h"
-+
-+/*
-+ - prng_init - initialize PRNG from a key
-+ */
-+void
-+prng_init(prng, key, keylen)
-+struct prng *prng;
-+const unsigned char *key;
-+size_t keylen;
-+{
-+ unsigned char k[256];
-+ int i, j;
-+ unsigned const char *p;
-+ unsigned const char *keyend = key + keylen;
-+ unsigned char t;
-+
-+ for (i = 0; i <= 255; i++)
-+ prng->sbox[i] = i;
-+ p = key;
-+ for (i = 0; i <= 255; i++) {
-+ k[i] = *p++;
-+ if (p >= keyend)
-+ p = key;
-+ }
-+ j = 0;
-+ for (i = 0; i <= 255; i++) {
-+ j = (j + prng->sbox[i] + k[i]) & 0xff;
-+ t = prng->sbox[i];
-+ prng->sbox[i] = prng->sbox[j];
-+ prng->sbox[j] = t;
-+ k[i] = 0; /* clear out key memory */
-+ }
-+ prng->i = 0;
-+ prng->j = 0;
-+ prng->count = 0;
-+}
-+
-+/*
-+ - prng_bytes - get some pseudorandom bytes from PRNG
-+ */
-+void
-+prng_bytes(prng, dst, dstlen)
-+struct prng *prng;
-+unsigned char *dst;
-+size_t dstlen;
-+{
-+ int i, j, t;
-+ unsigned char *p = dst;
-+ size_t remain = dstlen;
-+# define MAX 4000000000ul
-+
-+ while (remain > 0) {
-+ i = (prng->i + 1) & 0xff;
-+ prng->i = i;
-+ j = (prng->j + prng->sbox[i]) & 0xff;
-+ prng->j = j;
-+ t = prng->sbox[i];
-+ prng->sbox[i] = prng->sbox[j];
-+ prng->sbox[j] = t;
-+ t = (t + prng->sbox[i]) & 0xff;
-+ *p++ = prng->sbox[t];
-+ remain--;
-+ }
-+ if (prng->count < MAX - dstlen)
-+ prng->count += dstlen;
-+ else
-+ prng->count = MAX;
-+}
-+
-+/*
-+ - prnt_count - how many bytes have been extracted from PRNG so far?
-+ */
-+unsigned long
-+prng_count(prng)
-+struct prng *prng;
-+{
-+ return prng->count;
-+}
-+
-+/*
-+ - prng_final - clear out PRNG to ensure nothing left in memory
-+ */
-+void
-+prng_final(prng)
-+struct prng *prng;
-+{
-+ int i;
-+
-+ for (i = 0; i <= 255; i++)
-+ prng->sbox[i] = 0;
-+ prng->i = 0;
-+ prng->j = 0;
-+ prng->count = 0; /* just for good measure */
-+}
-+
-+
-+
-+#ifdef PRNG_MAIN
-+
-+#include <stdio.h>
-+
-+void regress();
-+
-+int
-+main(argc, argv)
-+int argc;
-+char *argv[];
-+{
-+ struct prng pr;
-+ unsigned char buf[100];
-+ unsigned char *p;
-+ size_t n;
-+
-+ if (argc < 2) {
-+ fprintf(stderr, "Usage: %s {key|-r}\n", argv[0]);
-+ exit(2);
-+ }
-+
-+ if (strcmp(argv[1], "-r") == 0) {
-+ regress();
-+ fprintf(stderr, "regress() returned?!?\n");
-+ exit(1);
-+ }
-+
-+ prng_init(&pr, argv[1], strlen(argv[1]));
-+ prng_bytes(&pr, buf, 32);
-+ printf("0x");
-+ for (p = buf, n = 32; n > 0; p++, n--)
-+ printf("%02x", *p);
-+ printf("\n%lu bytes\n", prng_count(&pr));
-+ prng_final(&pr);
-+ exit(0);
-+}
-+
-+void
-+regress()
-+{
-+ struct prng pr;
-+ unsigned char buf[100];
-+ unsigned char *p;
-+ size_t n;
-+ /* somewhat non-random sample key */
-+ unsigned char key[] = "here we go gathering nuts in May";
-+ /* first thirty bytes of output from that key */
-+ unsigned char good[] = "\x3f\x02\x8e\x4a\x2a\xea\x23\x18\x92\x7c"
-+ "\x09\x52\x83\x61\xaa\x26\xce\xbb\x9d\x71"
-+ "\x71\xe5\x10\x22\xaf\x60\x54\x8d\x5b\x28";
-+ int nzero, none;
-+ int show = 0;
-+
-+ prng_init(&pr, key, strlen(key));
-+ prng_bytes(&pr, buf, sizeof(buf));
-+ for (p = buf, n = sizeof(buf); n > 0; p++, n--) {
-+ if (*p == 0)
-+ nzero++;
-+ if (*p == 255)
-+ none++;
-+ }
-+ if (nzero > 3 || none > 3) {
-+ fprintf(stderr, "suspiciously non-random output!\n");
-+ show = 1;
-+ }
-+ if (memcmp(buf, good, strlen(good)) != 0) {
-+ fprintf(stderr, "incorrect output!\n");
-+ show = 1;
-+ }
-+ if (show) {
-+ fprintf(stderr, "0x");
-+ for (p = buf, n = sizeof(buf); n > 0; p++, n--)
-+ fprintf(stderr, "%02x", *p);
-+ fprintf(stderr, "\n");
-+ exit(1);
-+ }
-+ if (prng_count(&pr) != sizeof(buf)) {
-+ fprintf(stderr, "got %u bytes, but count is %lu\n",
-+ sizeof(buf), prng_count(&pr));
-+ exit(1);
-+ }
-+ prng_final(&pr);
-+ exit(0);
-+}
-+
-+#endif /* PRNG_MAIN */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/radij.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,1237 @@
-+char radij_c_version[] = "RCSID $Id: radij.c,v 1.48.2.1 2006/10/06 21:39:27 paul Exp $";
-+
-+/*
-+ * This file is defived from ${SRC}/sys/net/radix.c of BSD 4.4lite
-+ *
-+ * Variable and procedure names have been modified so that they don't
-+ * conflict with the original BSD code, as a small number of modifications
-+ * have been introduced and we may want to reuse this code in BSD.
-+ *
-+ * The `j' in `radij' is pronounced as a voiceless guttural (like a Greek
-+ * chi or a German ch sound (as `doch', not as in `milch'), or even a
-+ * spanish j as in Juan. It is not as far back in the throat like
-+ * the corresponding Hebrew sound, nor is it a soft breath like the English h.
-+ * It has nothing to do with the Dutch ij sound.
-+ *
-+ * Here is the appropriate copyright notice:
-+ */
-+
-+/*
-+ * Copyright (c) 1988, 1989, 1993
-+ * The Regents of the University of California. All rights reserved.
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions
-+ * are met:
-+ * 1. Redistributions of source code must retain the above copyright
-+ * notice, this list of conditions and the following disclaimer.
-+ * 2. Redistributions in binary form must reproduce the above copyright
-+ * notice, this list of conditions and the following disclaimer in the
-+ * documentation and/or other materials provided with the distribution.
-+ * 3. All advertising materials mentioning features or use of this software
-+ * must display the following acknowledgement:
-+ * This product includes software developed by the University of
-+ * California, Berkeley and its contributors.
-+ * 4. Neither the name of the University nor the names of its contributors
-+ * may be used to endorse or promote products derived from this software
-+ * without specific prior written permission.
-+ *
-+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
-+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
-+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-+ * SUCH DAMAGE.
-+ *
-+ * @(#)radix.c 8.2 (Berkeley) 1/4/94
-+ */
-+
-+/*
-+ * Routines to build and maintain radix trees for routing lookups.
-+ */
-+
-+#ifndef AUTOCONF_INCLUDED
-+#include <linux/config.h>
-+#endif
-+#include <linux/version.h>
-+#include <linux/kernel.h> /* printk() */
-+
-+#include "openswan/ipsec_param.h"
-+
-+#ifdef MALLOC_SLAB
-+# include <linux/slab.h> /* kmalloc() */
-+#else /* MALLOC_SLAB */
-+# include <linux/malloc.h> /* kmalloc() */
-+#endif /* MALLOC_SLAB */
-+#include <linux/errno.h> /* error codes */
-+#include <linux/types.h> /* size_t */
-+#include <linux/interrupt.h> /* mark_bh */
-+
-+#include <linux/netdevice.h> /* struct device, and other headers */
-+#include <linux/etherdevice.h> /* eth_type_trans */
-+#include <linux/ip.h> /* struct iphdr */
-+#include <linux/skbuff.h>
-+#ifdef NET_21
-+# include <linux/in6.h>
-+#endif /* NET_21 */
-+
-+#include <net/ip.h>
-+
-+#include <openswan.h>
-+
-+#include "openswan/radij.h"
-+#include "openswan/ipsec_encap.h"
-+#include "openswan/ipsec_radij.h"
-+
-+int maj_keylen;
-+struct radij_mask *rj_mkfreelist;
-+struct radij_node_head *mask_rjhead;
-+static int gotOddMasks;
-+static char *maskedKey;
-+static char *rj_zeroes, *rj_ones;
-+
-+#define rj_masktop (mask_rjhead->rnh_treetop)
-+#ifdef Bcmp
-+# undef Bcmp
-+#endif /* Bcmp */
-+#define Bcmp(a, b, l) (l == 0 ? 0 : memcmp((caddr_t)(b), (caddr_t)(a), (size_t)l))
-+/*
-+ * The data structure for the keys is a radix tree with one way
-+ * branching removed. The index rj_b at an internal node n represents a bit
-+ * position to be tested. The tree is arranged so that all descendants
-+ * of a node n have keys whose bits all agree up to position rj_b - 1.
-+ * (We say the index of n is rj_b.)
-+ *
-+ * There is at least one descendant which has a one bit at position rj_b,
-+ * and at least one with a zero there.
-+ *
-+ * A route is determined by a pair of key and mask. We require that the
-+ * bit-wise logical and of the key and mask to be the key.
-+ * We define the index of a route to associated with the mask to be
-+ * the first bit number in the mask where 0 occurs (with bit number 0
-+ * representing the highest order bit).
-+ *
-+ * We say a mask is normal if every bit is 0, past the index of the mask.
-+ * If a node n has a descendant (k, m) with index(m) == index(n) == rj_b,
-+ * and m is a normal mask, then the route applies to every descendant of n.
-+ * If the index(m) < rj_b, this implies the trailing last few bits of k
-+ * before bit b are all 0, (and hence consequently true of every descendant
-+ * of n), so the route applies to all descendants of the node as well.
-+ *
-+ * The present version of the code makes no use of normal routes,
-+ * but similar logic shows that a non-normal mask m such that
-+ * index(m) <= index(n) could potentially apply to many children of n.
-+ * Thus, for each non-host route, we attach its mask to a list at an internal
-+ * node as high in the tree as we can go.
-+ */
-+
-+struct radij_node *
-+rj_search(v_arg, head)
-+ void *v_arg;
-+ struct radij_node *head;
-+{
-+ register struct radij_node *x;
-+ register caddr_t v;
-+
-+ for (x = head, v = v_arg; x->rj_b >= 0;) {
-+ if (x->rj_bmask & v[x->rj_off])
-+ x = x->rj_r;
-+ else
-+ x = x->rj_l;
-+ }
-+ return (x);
-+};
-+
-+struct radij_node *
-+rj_search_m(v_arg, head, m_arg)
-+ struct radij_node *head;
-+ void *v_arg, *m_arg;
-+{
-+ register struct radij_node *x;
-+ register caddr_t v = v_arg, m = m_arg;
-+
-+ for (x = head; x->rj_b >= 0;) {
-+ if ((x->rj_bmask & m[x->rj_off]) &&
-+ (x->rj_bmask & v[x->rj_off]))
-+ x = x->rj_r;
-+ else
-+ x = x->rj_l;
-+ }
-+ return x;
-+};
-+
-+int
-+rj_refines(m_arg, n_arg)
-+ void *m_arg, *n_arg;
-+{
-+ register caddr_t m = m_arg, n = n_arg;
-+ register caddr_t lim, lim2 = lim = n + *(u_char *)n;
-+ int longer = (*(u_char *)n++) - (int)(*(u_char *)m++);
-+ int masks_are_equal = 1;
-+
-+ if (longer > 0)
-+ lim -= longer;
-+ while (n < lim) {
-+ if (*n & ~(*m))
-+ return 0;
-+ if (*n++ != *m++)
-+ masks_are_equal = 0;
-+
-+ }
-+ while (n < lim2)
-+ if (*n++)
-+ return 0;
-+ if (masks_are_equal && (longer < 0))
-+ for (lim2 = m - longer; m < lim2; )
-+ if (*m++)
-+ return 1;
-+ return (!masks_are_equal);
-+}
-+
-+
-+struct radij_node *
-+rj_match(v_arg, head)
-+ void *v_arg;
-+ struct radij_node_head *head;
-+{
-+ caddr_t v = v_arg;
-+ register struct radij_node *t = head->rnh_treetop, *x;
-+ register caddr_t cp = v, cp2, cp3;
-+ caddr_t cplim, mstart;
-+ struct radij_node *saved_t, *top = t;
-+ int off = t->rj_off, vlen = *(u_char *)cp, matched_off;
-+
-+ /*
-+ * Open code rj_search(v, top) to avoid overhead of extra
-+ * subroutine call.
-+ */
-+ for (; t->rj_b >= 0; ) {
-+ if (t->rj_bmask & cp[t->rj_off])
-+ t = t->rj_r;
-+ else
-+ t = t->rj_l;
-+ }
-+ /*
-+ * See if we match exactly as a host destination
-+ */
-+ KLIPS_PRINT(debug_radij,
-+ "klips_debug:rj_match: "
-+ "* See if we match exactly as a host destination\n");
-+
-+ cp += off; cp2 = t->rj_key + off; cplim = v + vlen;
-+ for (; cp < cplim; cp++, cp2++)
-+ if (*cp != *cp2)
-+ goto on1;
-+ /*
-+ * This extra grot is in case we are explicitly asked
-+ * to look up the default. Ugh!
-+ */
-+ if ((t->rj_flags & RJF_ROOT) && t->rj_dupedkey)
-+ t = t->rj_dupedkey;
-+ return t;
-+on1:
-+ matched_off = cp - v;
-+ saved_t = t;
-+ KLIPS_PRINT(debug_radij,
-+ "klips_debug:rj_match: "
-+ "** try to match a leaf, t=0p%p\n", t);
-+ do {
-+ if (t->rj_mask) {
-+ /*
-+ * Even if we don't match exactly as a hosts;
-+ * we may match if the leaf we wound up at is
-+ * a route to a net.
-+ */
-+ cp3 = matched_off + t->rj_mask;
-+ cp2 = matched_off + t->rj_key;
-+ for (; cp < cplim; cp++)
-+ if ((*cp2++ ^ *cp) & *cp3++)
-+ break;
-+ if (cp == cplim)
-+ return t;
-+ cp = matched_off + v;
-+ }
-+ } while ((t = t->rj_dupedkey));
-+ t = saved_t;
-+ /* start searching up the tree */
-+ KLIPS_PRINT(debug_radij,
-+ "klips_debug:rj_match: "
-+ "*** start searching up the tree, t=0p%p\n",
-+ t);
-+ do {
-+ register struct radij_mask *m;
-+
-+ t = t->rj_p;
-+ KLIPS_PRINT(debug_radij,
-+ "klips_debug:rj_match: "
-+ "**** t=0p%p\n",
-+ t);
-+ if ((m = t->rj_mklist)) {
-+ /*
-+ * After doing measurements here, it may
-+ * turn out to be faster to open code
-+ * rj_search_m here instead of always
-+ * copying and masking.
-+ */
-+ /* off = min(t->rj_off, matched_off); */
-+ off = t->rj_off;
-+ if (matched_off < off)
-+ off = matched_off;
-+ mstart = maskedKey + off;
-+ do {
-+ cp2 = mstart;
-+ cp3 = m->rm_mask + off;
-+ KLIPS_PRINT(debug_radij,
-+ "klips_debug:rj_match: "
-+ "***** cp2=0p%p cp3=0p%p\n",
-+ cp2, cp3);
-+ for (cp = v + off; cp < cplim;)
-+ *cp2++ = *cp++ & *cp3++;
-+ x = rj_search(maskedKey, t);
-+ while (x && x->rj_mask != m->rm_mask)
-+ x = x->rj_dupedkey;
-+ if (x &&
-+ (Bcmp(mstart, x->rj_key + off,
-+ vlen - off) == 0))
-+ return x;
-+ } while ((m = m->rm_mklist));
-+ }
-+ } while (t != top);
-+ KLIPS_PRINT(debug_radij,
-+ "klips_debug:rj_match: "
-+ "***** not found.\n");
-+ return 0;
-+};
-+
-+#ifdef RJ_DEBUG
-+int rj_nodenum;
-+struct radij_node *rj_clist;
-+int rj_saveinfo;
-+DEBUG_NO_STATIC void traverse(struct radij_node *);
-+#ifdef RJ_DEBUG2
-+int rj_debug = 1;
-+#else
-+int rj_debug = 0;
-+#endif /* RJ_DEBUG2 */
-+#endif /* RJ_DEBUG */
-+
-+struct radij_node *
-+rj_newpair(v, b, nodes)
-+ void *v;
-+ int b;
-+ struct radij_node nodes[2];
-+{
-+ register struct radij_node *tt = nodes, *t = tt + 1;
-+ t->rj_b = b; t->rj_bmask = 0x80 >> (b & 7);
-+ t->rj_l = tt; t->rj_off = b >> 3;
-+ tt->rj_b = -1; tt->rj_key = (caddr_t)v; tt->rj_p = t;
-+ tt->rj_flags = t->rj_flags = RJF_ACTIVE;
-+#ifdef RJ_DEBUG
-+ tt->rj_info = rj_nodenum++; t->rj_info = rj_nodenum++;
-+ tt->rj_twin = t; tt->rj_ybro = rj_clist; rj_clist = tt;
-+#endif /* RJ_DEBUG */
-+ return t;
-+}
-+
-+struct radij_node *
-+rj_insert(v_arg, head, dupentry, nodes)
-+ void *v_arg;
-+ struct radij_node_head *head;
-+ int *dupentry;
-+ struct radij_node nodes[2];
-+{
-+ caddr_t v = v_arg;
-+ struct radij_node *top = head->rnh_treetop;
-+ int head_off = top->rj_off, vlen = (int)*((u_char *)v);
-+ register struct radij_node *t = rj_search(v_arg, top);
-+ register caddr_t cp = v + head_off;
-+ register int b;
-+ struct radij_node *tt;
-+ /*
-+ *find first bit at which v and t->rj_key differ
-+ */
-+ {
-+ register caddr_t cp2 = t->rj_key + head_off;
-+ register int cmp_res;
-+ caddr_t cplim = v + vlen;
-+
-+ while (cp < cplim)
-+ if (*cp2++ != *cp++)
-+ goto on1;
-+ *dupentry = 1;
-+ return t;
-+on1:
-+ *dupentry = 0;
-+ cmp_res = (cp[-1] ^ cp2[-1]) & 0xff;
-+ for (b = (cp - v) << 3; cmp_res; b--)
-+ cmp_res >>= 1;
-+ }
-+ {
-+ register struct radij_node *p, *x = top;
-+ cp = v;
-+ do {
-+ p = x;
-+ if (cp[x->rj_off] & x->rj_bmask)
-+ x = x->rj_r;
-+ else x = x->rj_l;
-+ } while (b > (unsigned) x->rj_b); /* x->rj_b < b && x->rj_b >= 0 */
-+#ifdef RJ_DEBUG
-+ if (rj_debug)
-+ printk("klips_debug:rj_insert: Going In:\n"), traverse(p);
-+#endif /* RJ_DEBUG */
-+ t = rj_newpair(v_arg, b, nodes); tt = t->rj_l;
-+ if ((cp[p->rj_off] & p->rj_bmask) == 0)
-+ p->rj_l = t;
-+ else
-+ p->rj_r = t;
-+ x->rj_p = t; t->rj_p = p; /* frees x, p as temp vars below */
-+ if ((cp[t->rj_off] & t->rj_bmask) == 0) {
-+ t->rj_r = x;
-+ } else {
-+ t->rj_r = tt; t->rj_l = x;
-+ }
-+#ifdef RJ_DEBUG
-+ if (rj_debug)
-+ printk("klips_debug:rj_insert: Coming out:\n"), traverse(p);
-+#endif /* RJ_DEBUG */
-+ }
-+ return (tt);
-+}
-+
-+struct radij_node *
-+rj_addmask(n_arg, search, skip)
-+ int search, skip;
-+ void *n_arg;
-+{
-+ caddr_t netmask = (caddr_t)n_arg;
-+ register struct radij_node *x;
-+ register caddr_t cp, cplim;
-+ register int b, mlen, j;
-+ int maskduplicated;
-+
-+ mlen = *(u_char *)netmask;
-+ if (search) {
-+ x = rj_search(netmask, rj_masktop);
-+ mlen = *(u_char *)netmask;
-+ if (Bcmp(netmask, x->rj_key, mlen) == 0)
-+ return (x);
-+ }
-+ R_Malloc(x, struct radij_node *, maj_keylen + 2 * sizeof (*x));
-+ if (x == 0)
-+ return (0);
-+ Bzero(x, maj_keylen + 2 * sizeof (*x));
-+ cp = (caddr_t)(x + 2);
-+ Bcopy(netmask, cp, mlen);
-+ netmask = cp;
-+ x = rj_insert(netmask, mask_rjhead, &maskduplicated, x);
-+ /*
-+ * Calculate index of mask.
-+ */
-+ cplim = netmask + mlen;
-+ for (cp = netmask + skip; cp < cplim; cp++)
-+ if (*(u_char *)cp != 0xff)
-+ break;
-+ b = (cp - netmask) << 3;
-+ if (cp != cplim) {
-+ if (*cp != 0) {
-+ gotOddMasks = 1;
-+ for (j = 0x80; j; b++, j >>= 1)
-+ if ((j & *cp) == 0)
-+ break;
-+ }
-+ }
-+ x->rj_b = -1 - b;
-+ return (x);
-+}
-+
-+#if 0
-+struct radij_node *
-+#endif
-+int
-+rj_addroute(v_arg, n_arg, head, treenodes)
-+ void *v_arg, *n_arg;
-+ struct radij_node_head *head;
-+ struct radij_node treenodes[2];
-+{
-+ caddr_t v = (caddr_t)v_arg, netmask = (caddr_t)n_arg;
-+ register struct radij_node *t, *x=NULL, *tt;
-+ struct radij_node *saved_tt, *top = head->rnh_treetop;
-+ short b = 0, b_leaf;
-+ int mlen, keyduplicated;
-+ caddr_t cplim;
-+ struct radij_mask *m, **mp;
-+
-+ /*
-+ * In dealing with non-contiguous masks, there may be
-+ * many different routes which have the same mask.
-+ * We will find it useful to have a unique pointer to
-+ * the mask to speed avoiding duplicate references at
-+ * nodes and possibly save time in calculating indices.
-+ */
-+ if (netmask) {
-+ x = rj_search(netmask, rj_masktop);
-+ mlen = *(u_char *)netmask;
-+ if (Bcmp(netmask, x->rj_key, mlen) != 0) {
-+ x = rj_addmask(netmask, 0, top->rj_off);
-+ if (x == 0)
-+ return -ENOMEM; /* (0) rgb */
-+ }
-+ netmask = x->rj_key;
-+ b = -1 - x->rj_b;
-+ }
-+ /*
-+ * Deal with duplicated keys: attach node to previous instance
-+ */
-+ saved_tt = tt = rj_insert(v, head, &keyduplicated, treenodes);
-+#ifdef RJ_DEBUG
-+ printk("addkey: duplicated: %d\n", keyduplicated);
-+#endif
-+ if (keyduplicated) {
-+ do {
-+ if (tt->rj_mask == netmask)
-+ return -EEXIST; /* -ENXIO; (0) rgb */
-+ t = tt;
-+ if (netmask == 0 ||
-+ (tt->rj_mask && rj_refines(netmask, tt->rj_mask)))
-+ break;
-+ } while ((tt = tt->rj_dupedkey));
-+ /*
-+ * If the mask is not duplicated, we wouldn't
-+ * find it among possible duplicate key entries
-+ * anyway, so the above test doesn't hurt.
-+ *
-+ * We sort the masks for a duplicated key the same way as
-+ * in a masklist -- most specific to least specific.
-+ * This may require the unfortunate nuisance of relocating
-+ * the head of the list.
-+ */
-+ if (tt && t == saved_tt) {
-+ struct radij_node *xx = x;
-+ /* link in at head of list */
-+ (tt = treenodes)->rj_dupedkey = t;
-+ tt->rj_flags = t->rj_flags;
-+ tt->rj_p = x = t->rj_p;
-+ if (x->rj_l == t) x->rj_l = tt; else x->rj_r = tt;
-+ saved_tt = tt; x = xx;
-+ } else {
-+ (tt = treenodes)->rj_dupedkey = t->rj_dupedkey;
-+ t->rj_dupedkey = tt;
-+ }
-+#ifdef RJ_DEBUG
-+ t=tt+1; tt->rj_info = rj_nodenum++; t->rj_info = rj_nodenum++;
-+ tt->rj_twin = t; tt->rj_ybro = rj_clist; rj_clist = tt;
-+#endif /* RJ_DEBUG */
-+ t = saved_tt;
-+ tt->rj_key = (caddr_t) v;
-+ tt->rj_b = -1;
-+ tt->rj_flags = t->rj_flags & ~RJF_ROOT;
-+ }
-+ /*
-+ * Put mask in tree.
-+ */
-+ if (netmask) {
-+ tt->rj_mask = netmask;
-+ tt->rj_b = x->rj_b;
-+ }
-+ t = saved_tt->rj_p;
-+ b_leaf = -1 - t->rj_b;
-+ if (t->rj_r == saved_tt) x = t->rj_l; else x = t->rj_r;
-+ /* Promote general routes from below */
-+ if (x->rj_b < 0) {
-+ if (x->rj_mask && (x->rj_b >= b_leaf) && x->rj_mklist == 0) {
-+ MKGet(m);
-+ if (m) {
-+ Bzero(m, sizeof *m);
-+ m->rm_b = x->rj_b;
-+ m->rm_mask = x->rj_mask;
-+ x->rj_mklist = t->rj_mklist = m;
-+ }
-+ }
-+ } else if (x->rj_mklist) {
-+ /*
-+ * Skip over masks whose index is > that of new node
-+ */
-+ for (mp = &x->rj_mklist; (m = *mp); mp = &m->rm_mklist)
-+ if (m->rm_b >= b_leaf)
-+ break;
-+ t->rj_mklist = m; *mp = 0;
-+ }
-+ /* Add new route to highest possible ancestor's list */
-+ if ((netmask == 0) || (b > t->rj_b )) {
-+#ifdef RJ_DEBUG
-+ printk("klips:radij.c: netmask = %p or b(%d)>t->rjb(%d)\n", netmask, b, t->rj_b);
-+#endif
-+ return 0; /* tt rgb */ /* can't lift at all */
-+ }
-+ b_leaf = tt->rj_b;
-+ do {
-+ x = t;
-+ t = t->rj_p;
-+ } while (b <= t->rj_b && x != top);
-+ /*
-+ * Search through routes associated with node to
-+ * insert new route according to index.
-+ * For nodes of equal index, place more specific
-+ * masks first.
-+ */
-+ cplim = netmask + mlen;
-+ for (mp = &x->rj_mklist; (m = *mp); mp = &m->rm_mklist) {
-+ if (m->rm_b < b_leaf)
-+ continue;
-+ if (m->rm_b > b_leaf)
-+ break;
-+ if (m->rm_mask == netmask) {
-+ m->rm_refs++;
-+ tt->rj_mklist = m;
-+#ifdef RJ_DEBUG
-+ printk("klips:radij.c: m->rm_mask %p == netmask\n", netmask);
-+#endif
-+ return 0; /* tt rgb */
-+ }
-+ if (rj_refines(netmask, m->rm_mask))
-+ break;
-+ }
-+ MKGet(m);
-+ if (m == 0) {
-+ printk("klips_debug:rj_addroute: "
-+ "Mask for route not entered\n");
-+ return 0; /* (tt) rgb */
-+ }
-+ Bzero(m, sizeof *m);
-+ m->rm_b = b_leaf;
-+ m->rm_mask = netmask;
-+ m->rm_mklist = *mp;
-+ *mp = m;
-+ tt->rj_mklist = m;
-+#ifdef RJ_DEBUG
-+ printk("klips:radij.c: addroute done\n");
-+#endif
-+ return 0; /* tt rgb */
-+}
-+
-+int
-+rj_delete(v_arg, netmask_arg, head, node)
-+ void *v_arg, *netmask_arg;
-+ struct radij_node_head *head;
-+ struct radij_node **node;
-+{
-+ register struct radij_node *t, *p, *x, *tt;
-+ struct radij_mask *m, *saved_m, **mp;
-+ struct radij_node *dupedkey, *saved_tt, *top;
-+ caddr_t v, netmask;
-+ int b, head_off, vlen;
-+
-+ v = v_arg;
-+ netmask = netmask_arg;
-+ x = head->rnh_treetop;
-+ tt = rj_search(v, x);
-+ head_off = x->rj_off;
-+ vlen = *(u_char *)v;
-+ saved_tt = tt;
-+ top = x;
-+ if (tt == 0 ||
-+ Bcmp(v + head_off, tt->rj_key + head_off, vlen - head_off))
-+ return -EFAULT; /* (0) rgb */
-+ /*
-+ * Delete our route from mask lists.
-+ */
-+ if ((dupedkey = tt->rj_dupedkey)) {
-+ if (netmask)
-+ netmask = rj_search(netmask, rj_masktop)->rj_key;
-+ while (tt->rj_mask != netmask)
-+ if ((tt = tt->rj_dupedkey) == 0)
-+ return -ENOENT; /* -ENXIO; (0) rgb */
-+ }
-+ if (tt->rj_mask == 0 || (saved_m = m = tt->rj_mklist) == 0)
-+ goto on1;
-+ if (m->rm_mask != tt->rj_mask) {
-+ printk("klips_debug:rj_delete: "
-+ "inconsistent annotation\n");
-+ goto on1;
-+ }
-+ if (--m->rm_refs >= 0)
-+ goto on1;
-+ b = -1 - tt->rj_b;
-+ t = saved_tt->rj_p;
-+ if (b > t->rj_b)
-+ goto on1; /* Wasn't lifted at all */
-+ do {
-+ x = t;
-+ t = t->rj_p;
-+ } while (b <= t->rj_b && x != top);
-+ for (mp = &x->rj_mklist; (m = *mp); mp = &m->rm_mklist)
-+ if (m == saved_m) {
-+ *mp = m->rm_mklist;
-+ MKFree(m);
-+ break;
-+ }
-+ if (m == 0)
-+ printk("klips_debug:rj_delete: "
-+ "couldn't find our annotation\n");
-+on1:
-+ /*
-+ * Eliminate us from tree
-+ */
-+ if (tt->rj_flags & RJF_ROOT)
-+ return -EFAULT; /* (0) rgb */
-+#ifdef RJ_DEBUG
-+ /* Get us out of the creation list */
-+ for (t = rj_clist; t && t->rj_ybro != tt; t = t->rj_ybro) {}
-+ if (t) t->rj_ybro = tt->rj_ybro;
-+#endif /* RJ_DEBUG */
-+ t = tt->rj_p;
-+ if (dupedkey) {
-+ if (tt == saved_tt) {
-+ x = dupedkey; x->rj_p = t;
-+ if (t->rj_l == tt) t->rj_l = x; else t->rj_r = x;
-+ } else {
-+ for (x = p = saved_tt; p && p->rj_dupedkey != tt;)
-+ p = p->rj_dupedkey;
-+ if (p) p->rj_dupedkey = tt->rj_dupedkey;
-+ else printk("klips_debug:rj_delete: "
-+ "couldn't find node that we started with\n");
-+ }
-+ t = tt + 1;
-+ if (t->rj_flags & RJF_ACTIVE) {
-+#ifndef RJ_DEBUG
-+ *++x = *t; p = t->rj_p;
-+#else
-+ b = t->rj_info; *++x = *t; t->rj_info = b; p = t->rj_p;
-+#endif /* RJ_DEBUG */
-+ if (p->rj_l == t) p->rj_l = x; else p->rj_r = x;
-+ x->rj_l->rj_p = x; x->rj_r->rj_p = x;
-+ }
-+ goto out;
-+ }
-+ if (t->rj_l == tt) x = t->rj_r; else x = t->rj_l;
-+ p = t->rj_p;
-+ if (p->rj_r == t) p->rj_r = x; else p->rj_l = x;
-+ x->rj_p = p;
-+ /*
-+ * Demote routes attached to us.
-+ */
-+ if (t->rj_mklist) {
-+ if (x->rj_b >= 0) {
-+ for (mp = &x->rj_mklist; (m = *mp);)
-+ mp = &m->rm_mklist;
-+ *mp = t->rj_mklist;
-+ } else {
-+ for (m = t->rj_mklist; m;) {
-+ struct radij_mask *mm = m->rm_mklist;
-+ if (m == x->rj_mklist && (--(m->rm_refs) < 0)) {
-+ x->rj_mklist = 0;
-+ MKFree(m);
-+ } else
-+ printk("klips_debug:rj_delete: "
-+ "Orphaned Mask 0p%p at 0p%p\n", m, x);
-+ m = mm;
-+ }
-+ }
-+ }
-+ /*
-+ * We may be holding an active internal node in the tree.
-+ */
-+ x = tt + 1;
-+ if (t != x) {
-+#ifndef RJ_DEBUG
-+ *t = *x;
-+#else
-+ b = t->rj_info; *t = *x; t->rj_info = b;
-+#endif /* RJ_DEBUG */
-+ t->rj_l->rj_p = t; t->rj_r->rj_p = t;
-+ p = x->rj_p;
-+ if (p->rj_l == x) p->rj_l = t; else p->rj_r = t;
-+ }
-+out:
-+ tt->rj_flags &= ~RJF_ACTIVE;
-+ tt[1].rj_flags &= ~RJF_ACTIVE;
-+ *node = tt;
-+ return 0; /* (tt) rgb */
-+}
-+
-+int
-+rj_walktree(h, f, w)
-+ struct radij_node_head *h;
-+ register int (*f)(struct radij_node *,void *);
-+ void *w;
-+{
-+ int error;
-+ struct radij_node *base, *next;
-+ register struct radij_node *rn;
-+
-+ if(!h || !f /* || !w */) {
-+ return -ENODATA;
-+ }
-+
-+ rn = h->rnh_treetop;
-+ /*
-+ * This gets complicated because we may delete the node
-+ * while applying the function f to it, so we need to calculate
-+ * the successor node in advance.
-+ */
-+ /* First time through node, go left */
-+ while (rn->rj_b >= 0)
-+ rn = rn->rj_l;
-+ for (;;) {
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(debug_radij) {
-+ printk("klips_debug:rj_walktree: "
-+ "for: rn=0p%p rj_b=%d rj_flags=%x",
-+ rn,
-+ rn->rj_b,
-+ rn->rj_flags);
-+ rn->rj_b >= 0 ?
-+ printk(" node off=%x\n",
-+ rn->rj_off) :
-+ printk(" leaf key = %08x->%08x\n",
-+ (u_int)ntohl(((struct sockaddr_encap *)rn->rj_key)->sen_ip_src.s_addr),
-+ (u_int)ntohl(((struct sockaddr_encap *)rn->rj_key)->sen_ip_dst.s_addr))
-+ ;
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ base = rn;
-+ /* If at right child go back up, otherwise, go right */
-+ while (rn->rj_p->rj_r == rn && (rn->rj_flags & RJF_ROOT) == 0)
-+ rn = rn->rj_p;
-+ /* Find the next *leaf* since next node might vanish, too */
-+ for (rn = rn->rj_p->rj_r; rn->rj_b >= 0;)
-+ rn = rn->rj_l;
-+ next = rn;
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(debug_radij) {
-+ printk("klips_debug:rj_walktree: "
-+ "processing leaves, rn=0p%p rj_b=%d rj_flags=%x",
-+ rn,
-+ rn->rj_b,
-+ rn->rj_flags);
-+ rn->rj_b >= 0 ?
-+ printk(" node off=%x\n",
-+ rn->rj_off) :
-+ printk(" leaf key = %08x->%08x\n",
-+ (u_int)ntohl(((struct sockaddr_encap *)rn->rj_key)->sen_ip_src.s_addr),
-+ (u_int)ntohl(((struct sockaddr_encap *)rn->rj_key)->sen_ip_dst.s_addr))
-+ ;
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ /* Process leaves */
-+ while ((rn = base)) {
-+ base = rn->rj_dupedkey;
-+#ifdef CONFIG_KLIPS_DEBUG
-+ if(debug_radij) {
-+ printk("klips_debug:rj_walktree: "
-+ "while: base=0p%p rn=0p%p rj_b=%d rj_flags=%x",
-+ base,
-+ rn,
-+ rn->rj_b,
-+ rn->rj_flags);
-+ rn->rj_b >= 0 ?
-+ printk(" node off=%x\n",
-+ rn->rj_off) :
-+ printk(" leaf key = %08x->%08x\n",
-+ (u_int)ntohl(((struct sockaddr_encap *)rn->rj_key)->sen_ip_src.s_addr),
-+ (u_int)ntohl(((struct sockaddr_encap *)rn->rj_key)->sen_ip_dst.s_addr))
-+ ;
-+ }
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ if (!(rn->rj_flags & RJF_ROOT) && (error = (*f)(rn, w)))
-+ return (-error);
-+ }
-+ rn = next;
-+ if (rn->rj_flags & RJF_ROOT)
-+ return (0);
-+ }
-+ /* NOTREACHED */
-+}
-+
-+int
-+rj_inithead(head, off)
-+ void **head;
-+ int off;
-+{
-+ register struct radij_node_head *rnh;
-+ register struct radij_node *t, *tt, *ttt;
-+ if (*head)
-+ return (1);
-+ R_Malloc(rnh, struct radij_node_head *, sizeof (*rnh));
-+ if (rnh == NULL)
-+ return (0);
-+ Bzero(rnh, sizeof (*rnh));
-+ *head = rnh;
-+ t = rj_newpair(rj_zeroes, off, rnh->rnh_nodes);
-+ ttt = rnh->rnh_nodes + 2;
-+ t->rj_r = ttt;
-+ t->rj_p = t;
-+ tt = t->rj_l;
-+ tt->rj_flags = t->rj_flags = RJF_ROOT | RJF_ACTIVE;
-+ tt->rj_b = -1 - off;
-+ *ttt = *tt;
-+ ttt->rj_key = rj_ones;
-+ rnh->rnh_addaddr = rj_addroute;
-+ rnh->rnh_deladdr = rj_delete;
-+ rnh->rnh_matchaddr = rj_match;
-+ rnh->rnh_walktree = rj_walktree;
-+ rnh->rnh_treetop = t;
-+ return (1);
-+}
-+
-+void
-+rj_init()
-+{
-+ char *cp, *cplim;
-+
-+ if (maj_keylen == 0) {
-+ printk("klips_debug:rj_init: "
-+ "radij functions require maj_keylen be set\n");
-+ return;
-+ }
-+ R_Malloc(rj_zeroes, char *, 3 * maj_keylen);
-+ if (rj_zeroes == NULL)
-+ panic("rj_init");
-+ Bzero(rj_zeroes, 3 * maj_keylen);
-+ rj_ones = cp = rj_zeroes + maj_keylen;
-+ maskedKey = cplim = rj_ones + maj_keylen;
-+ while (cp < cplim)
-+ *cp++ = -1;
-+ if (rj_inithead((void **)&mask_rjhead, 0) == 0)
-+ panic("rj_init 2");
-+}
-+
-+void
-+rj_preorder(struct radij_node *rn, int l)
-+{
-+ int i;
-+
-+ if (rn == NULL){
-+ printk("klips_debug:rj_preorder: "
-+ "NULL pointer\n");
-+ return;
-+ }
-+
-+ if (rn->rj_b >= 0){
-+ rj_preorder(rn->rj_l, l+1);
-+ rj_preorder(rn->rj_r, l+1);
-+ printk("klips_debug:");
-+ for (i=0; i<l; i++)
-+ printk("*");
-+ printk(" off = %d\n",
-+ rn->rj_off);
-+ } else {
-+ printk("klips_debug:");
-+ for (i=0; i<l; i++)
-+ printk("@");
-+ printk(" flags = %x",
-+ (u_int)rn->rj_flags);
-+ if (rn->rj_flags & RJF_ACTIVE) {
-+ printk(" @key=0p%p",
-+ rn->rj_key);
-+ printk(" key = %08x->%08x",
-+ (u_int)ntohl(((struct sockaddr_encap *)rn->rj_key)->sen_ip_src.s_addr),
-+ (u_int)ntohl(((struct sockaddr_encap *)rn->rj_key)->sen_ip_dst.s_addr));
-+ printk(" @mask=0p%p",
-+ rn->rj_mask);
-+ if (rn->rj_mask)
-+ printk(" mask = %08x->%08x",
-+ (u_int)ntohl(((struct sockaddr_encap *)rn->rj_mask)->sen_ip_src.s_addr),
-+ (u_int)ntohl(((struct sockaddr_encap *)rn->rj_mask)->sen_ip_dst.s_addr));
-+ if (rn->rj_dupedkey)
-+ printk(" dupedkey = 0p%p",
-+ rn->rj_dupedkey);
-+ }
-+ printk("\n");
-+ }
-+}
-+
-+#ifdef RJ_DEBUG
-+DEBUG_NO_STATIC void traverse(struct radij_node *p)
-+{
-+ rj_preorder(p, 0);
-+}
-+#endif /* RJ_DEBUG */
-+
-+void
-+rj_dumptrees(void)
-+{
-+ rj_preorder(rnh->rnh_treetop, 0);
-+}
-+
-+void
-+rj_free_mkfreelist(void)
-+{
-+ struct radij_mask *mknp, *mknp2;
-+
-+ mknp = rj_mkfreelist;
-+ while(mknp)
-+ {
-+ mknp2 = mknp;
-+ mknp = mknp->rm_mklist;
-+ kfree(mknp2);
-+ }
-+}
-+
-+int
-+radijcleartree(void)
-+{
-+ return rj_walktree(rnh, ipsec_rj_walker_delete, NULL);
-+}
-+
-+int
-+radijcleanup(void)
-+{
-+ int error = 0;
-+
-+ error = radijcleartree();
-+
-+ rj_free_mkfreelist();
-+
-+/* rj_walktree(mask_rjhead, ipsec_rj_walker_delete, NULL); */
-+ if(mask_rjhead) {
-+ kfree(mask_rjhead);
-+ }
-+
-+ if(rj_zeroes) {
-+ kfree(rj_zeroes);
-+ }
-+
-+ if(rnh) {
-+ kfree(rnh);
-+ }
-+
-+ return error;
-+}
-+
-+/*
-+ * $Log: radij.c,v $
-+ * Revision 1.48.2.1 2006/10/06 21:39:27 paul
-+ * Fix for 2.6.18+ only include linux/config.h if AUTOCONF_INCLUDED is not
-+ * set. This is defined through autoconf.h which is included through the
-+ * linux kernel build macros.
-+ *
-+ * Revision 1.48 2005/04/29 05:10:22 mcr
-+ * removed from extraenous includes to make unit testing easier.
-+ *
-+ * Revision 1.47 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.46 2004/04/06 02:49:26 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.45 2003/10/31 02:27:55 mcr
-+ * pulled up port-selector patches and sa_id elimination.
-+ *
-+ * Revision 1.44.30.1 2003/10/29 01:30:41 mcr
-+ * elimited "struct sa_id".
-+ *
-+ * Revision 1.44 2002/07/24 18:44:54 rgb
-+ * Type fiddling to tame ia64 compiler.
-+ *
-+ * Revision 1.43 2002/05/23 07:14:11 rgb
-+ * Cleaned up %p variants to 0p%p for test suite cleanup.
-+ *
-+ * Revision 1.42 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.41 2002/04/24 07:36:35 mcr
-+ * Moved from ./klips/net/ipsec/radij.c,v
-+ *
-+ * Revision 1.40 2002/01/29 17:17:58 mcr
-+ * moved include of ipsec_param.h to after include of linux/kernel.h
-+ * otherwise, it seems that some option that is set in ipsec_param.h
-+ * screws up something subtle in the include path to kernel.h, and
-+ * it complains on the snprintf() prototype.
-+ *
-+ * Revision 1.39 2002/01/29 04:00:55 mcr
-+ * more excise of kversions.h header.
-+ *
-+ * Revision 1.38 2002/01/29 02:13:19 mcr
-+ * introduction of ipsec_kversion.h means that include of
-+ * ipsec_param.h must preceed any decisions about what files to
-+ * include to deal with differences in kernel source.
-+ *
-+ * Revision 1.37 2001/10/18 04:45:23 rgb
-+ * 2.4.9 kernel deprecates linux/malloc.h in favour of linux/slab.h,
-+ * lib/freeswan.h version macros moved to lib/kversions.h.
-+ * Other compiler directive cleanups.
-+ *
-+ * Revision 1.36 2001/08/22 13:43:51 henry
-+ * eliminate the single use of min() to avoid problems with Linus changing it
-+ *
-+ * Revision 1.35 2001/06/15 04:57:29 rgb
-+ * Clarified error return codes.
-+ * Changed mask add already exists to EEXIST.
-+ * Changed mask delete did not exist to ENOENT.
-+ *
-+ * Revision 1.34 2001/05/03 19:44:26 rgb
-+ * Fix sign of error return codes for rj_addroute().
-+ *
-+ * Revision 1.33 2001/02/27 22:24:56 rgb
-+ * Re-formatting debug output (line-splitting, joining, 1arg/line).
-+ * Check for satoa() return codes.
-+ *
-+ * Revision 1.32 2001/02/27 06:23:15 rgb
-+ * Debug line splitting.
-+ *
-+ * Revision 1.31 2000/11/06 04:35:21 rgb
-+ * Clear table *before* releasing other items in radijcleanup.
-+ *
-+ * Revision 1.30 2000/09/20 04:07:40 rgb
-+ * Changed static functions to DEBUG_NO_STATIC to reveal function names in
-+ * oopsen.
-+ *
-+ * Revision 1.29 2000/09/12 03:25:02 rgb
-+ * Moved radij_c_version printing to ipsec_version_get_info().
-+ *
-+ * Revision 1.28 2000/09/08 19:12:56 rgb
-+ * Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
-+ *
-+ * Revision 1.27 2000/07/28 14:58:32 rgb
-+ * Changed kfree_s to kfree, eliminating extra arg to fix 2.4.0-test5.
-+ *
-+ * Revision 1.26 2000/05/10 23:11:37 rgb
-+ * Comment out most of the startup version information.
-+ *
-+ * Revision 1.25 2000/01/21 06:21:47 rgb
-+ * Change return codes to negative on error.
-+ *
-+ * Revision 1.24 1999/11/18 04:09:20 rgb
-+ * Replaced all kernel version macros to shorter, readable form.
-+ *
-+ * Revision 1.23 1999/11/17 15:53:41 rgb
-+ * Changed all occurrences of #include "../../../lib/freeswan.h"
-+ * to #include <freeswan.h> which works due to -Ilibfreeswan in the
-+ * klips/net/ipsec/Makefile.
-+ *
-+ * Revision 1.22 1999/10/15 22:17:28 rgb
-+ * Modify radijcleanup() to call radijcleartree().
-+ *
-+ * Revision 1.21 1999/10/08 18:37:34 rgb
-+ * Fix end-of-line spacing to sate whining PHMs.
-+ *
-+ * Revision 1.20 1999/10/01 15:44:54 rgb
-+ * Move spinlock header include to 2.1> scope.
-+ *
-+ * Revision 1.19 1999/10/01 08:35:52 rgb
-+ * Add spinlock include to shut up compiler for 2.0.38.
-+ *
-+ * Revision 1.18 1999/09/23 18:02:52 rgb
-+ * De-alarm the search failure message so it doesn't sound so grave.
-+ *
-+ * Revision 1.17 1999/05/25 21:26:01 rgb
-+ * Fix rj_walktree() sanity checking bug.
-+ *
-+ * Revision 1.16 1999/05/09 03:25:38 rgb
-+ * Fix bug introduced by 2.2 quick-and-dirty patch.
-+ *
-+ * Revision 1.15 1999/05/05 22:02:33 rgb
-+ * Add a quick and dirty port to 2.2 kernels by Marc Boucher <marc@mbsi.ca>.
-+ *
-+ * Revision 1.14 1999/04/29 15:24:15 rgb
-+ * Add sanity checking for null pointer arguments.
-+ * Standardise an error return method.
-+ *
-+ * Revision 1.13 1999/04/11 00:29:02 henry
-+ * GPL boilerplate
-+ *
-+ * Revision 1.12 1999/04/06 04:54:28 rgb
-+ * Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+ * patch shell fixes.
-+ *
-+ * Revision 1.11 1999/02/17 16:52:53 rgb
-+ * Convert DEBUG_IPSEC to KLIPS_PRINT
-+ * Clean out unused cruft.
-+ *
-+ * Revision 1.10 1999/01/22 06:30:05 rgb
-+ * Cruft clean-out.
-+ * 64-bit clean-up.
-+ *
-+ * Revision 1.9 1998/12/01 13:22:04 rgb
-+ * Added support for debug printing of version info.
-+ *
-+ * Revision 1.8 1998/11/30 13:22:55 rgb
-+ * Rationalised all the klips kernel file headers. They are much shorter
-+ * now and won't conflict under RH5.2.
-+ *
-+ * Revision 1.7 1998/10/25 02:43:26 rgb
-+ * Change return type on rj_addroute and rj_delete and add and argument
-+ * to the latter to be able to transmit more infomation about errors.
-+ *
-+ * Revision 1.6 1998/10/19 14:30:06 rgb
-+ * Added inclusion of freeswan.h.
-+ *
-+ * Revision 1.5 1998/10/09 04:33:27 rgb
-+ * Added 'klips_debug' prefix to all klips printk debug statements.
-+ * Fixed output formatting slightly.
-+ *
-+ * Revision 1.4 1998/07/28 00:06:59 rgb
-+ * Add debug detail to tree traversing.
-+ *
-+ * Revision 1.3 1998/07/14 18:07:58 rgb
-+ * Add a routine to clear the eroute tree.
-+ *
-+ * Revision 1.2 1998/06/25 20:03:22 rgb
-+ * Cleanup #endif comments. Debug output for rj_init.
-+ *
-+ * Revision 1.1 1998/06/18 21:30:22 henry
-+ * move sources from klips/src to klips/net/ipsec to keep stupid kernel
-+ * build scripts happier about symlinks
-+ *
-+ * Revision 1.8 1998/05/25 20:34:15 rgb
-+ * Remove temporary ipsec_walk, rj_deltree and rj_delnodes functions.
-+ *
-+ * Rename ipsec_rj_walker (ipsec_walk) to ipsec_rj_walker_procprint and
-+ * add ipsec_rj_walker_delete.
-+ *
-+ * Recover memory for eroute table on unload of module.
-+ *
-+ * Revision 1.7 1998/05/21 12:58:58 rgb
-+ * Moved 'extern' definitions to ipsec_radij.h to support /proc 3k limit fix.
-+ *
-+ * Revision 1.6 1998/04/23 20:57:29 rgb
-+ * Cleaned up compiler warnings for unused debugging functions.
-+ *
-+ * Revision 1.5 1998/04/22 16:51:38 rgb
-+ * Tidy up radij debug code from recent rash of modifications to debug code.
-+ *
-+ * Revision 1.4 1998/04/21 21:28:56 rgb
-+ * Rearrange debug switches to change on the fly debug output from user
-+ * space. Only kernel changes checked in at this time. radij.c was also
-+ * changed to temporarily remove buggy debugging code in rj_delete causing
-+ * an OOPS and hence, netlink device open errors.
-+ *
-+ * Revision 1.3 1998/04/14 17:30:37 rgb
-+ * Fix up compiling errors for radij tree memory reclamation.
-+ *
-+ * Revision 1.2 1998/04/12 22:03:25 rgb
-+ * Updated ESP-3DES-HMAC-MD5-96,
-+ * ESP-DES-HMAC-MD5-96,
-+ * AH-HMAC-MD5-96,
-+ * AH-HMAC-SHA1-96 since Henry started freeswan cvs repository
-+ * from old standards (RFC182[5-9] to new (as of March 1998) drafts.
-+ *
-+ * Fixed eroute references in /proc/net/ipsec*.
-+ *
-+ * Started to patch module unloading memory leaks in ipsec_netlink and
-+ * radij tree unloading.
-+ *
-+ * Revision 1.1 1998/04/09 03:06:15 henry
-+ * sources moved up from linux/net/ipsec
-+ *
-+ * Revision 1.1.1.1 1998/04/08 05:35:03 henry
-+ * RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
-+ *
-+ * Revision 0.4 1997/01/15 01:28:15 ji
-+ * No changes.
-+ *
-+ * Revision 0.3 1996/11/20 14:39:04 ji
-+ * Minor cleanups.
-+ * Rationalized debugging code.
-+ *
-+ * Revision 0.2 1996/11/02 00:18:33 ji
-+ * First limited release.
-+ *
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/rangetoa.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,60 @@
-+/*
-+ * convert binary form of address range to ASCII
-+ * Copyright (C) 1998, 1999 Henry Spencer.
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: rangetoa.c,v 1.9 2004/07/10 07:48:37 mcr Exp $
-+ */
-+#include "openswan.h"
-+
-+/*
-+ - rangetoa - convert address range to ASCII
-+ */
-+size_t /* space needed for full conversion */
-+rangetoa(addrs, format, dst, dstlen)
-+struct in_addr addrs[2];
-+int format; /* character */
-+char *dst; /* need not be valid if dstlen is 0 */
-+size_t dstlen;
-+{
-+ size_t len;
-+ size_t rest;
-+ int n;
-+ char *p;
-+
-+ switch (format) {
-+ case 0:
-+ break;
-+ default:
-+ return 0;
-+ break;
-+ }
-+
-+ len = addrtoa(addrs[0], 0, dst, dstlen);
-+ if (len < dstlen)
-+ for (p = dst + len - 1, n = 3; len < dstlen && n > 0;
-+ p++, len++, n--)
-+ *p = '.';
-+ else
-+ p = NULL;
-+ if (len < dstlen)
-+ rest = dstlen - len;
-+ else {
-+ if (dstlen > 0)
-+ *(dst + dstlen - 1) = '\0';
-+ rest = 0;
-+ }
-+
-+ len += addrtoa(addrs[1], 0, p, rest);
-+
-+ return len;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/satot.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,133 @@
-+/*
-+ * convert from binary form of SA ID to text
-+ * Copyright (C) 2000, 2001 Henry Spencer.
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: satot.c,v 1.13 2004/07/10 07:48:37 mcr Exp $
-+ */
-+#include "openswan.h"
-+
-+static struct typename {
-+ char type;
-+ char *name;
-+} typenames[] = {
-+ { SA_AH, "ah" },
-+ { SA_ESP, "esp" },
-+ { SA_IPIP, "tun" },
-+ { SA_COMP, "comp" },
-+ { SA_INT, "int" },
-+ { 0, NULL }
-+};
-+
-+/*
-+ - satot - convert SA to text "ah507@1.2.3.4"
-+ */
-+size_t /* space needed for full conversion */
-+satot(sa, format, dst, dstlen)
-+const ip_said *sa;
-+int format; /* character */
-+char *dst; /* need not be valid if dstlen is 0 */
-+size_t dstlen;
-+{
-+ size_t len = 0; /* 0 means "not recognized yet" */
-+ int base;
-+ int showversion; /* use delimiter to show IP version? */
-+ struct typename *tn;
-+ char *p;
-+ char *pre;
-+ char buf[10+1+ULTOT_BUF+ADDRTOT_BUF];
-+ char unk[10];
-+
-+ switch (format) {
-+ case 0:
-+ base = 16;
-+ showversion = 1;
-+ break;
-+ case 'f':
-+ base = 17;
-+ showversion = 1;
-+ break;
-+ case 'x':
-+ base = 'x';
-+ showversion = 0;
-+ break;
-+ case 'd':
-+ base = 10;
-+ showversion = 0;
-+ break;
-+ default:
-+ return 0;
-+ break;
-+ }
-+
-+ memset(buf, 0, sizeof(buf));
-+
-+ pre = NULL;
-+ for (tn = typenames; tn->name != NULL; tn++)
-+ if (sa->proto == tn->type) {
-+ pre = tn->name;
-+ break; /* NOTE BREAK OUT */
-+ }
-+ if (pre == NULL) { /* unknown protocol */
-+ strcpy(unk, "unk");
-+ (void) ultot((unsigned char)sa->proto, 10, unk+strlen(unk),
-+ sizeof(unk)-strlen(unk));
-+ pre = unk;
-+ }
-+
-+ if (strcmp(pre, PASSTHROUGHTYPE) == 0 &&
-+ sa->spi == PASSTHROUGHSPI &&
-+ isunspecaddr(&sa->dst)) {
-+ strcpy(buf, (addrtypeof(&sa->dst) == AF_INET) ?
-+ PASSTHROUGH4NAME :
-+ PASSTHROUGH6NAME);
-+ len = strlen(buf);
-+ }
-+
-+ if (sa->proto == SA_INT) {
-+ switch (ntohl(sa->spi)) {
-+ case SPI_PASS: p = "%pass"; break;
-+ case SPI_DROP: p = "%drop"; break;
-+ case SPI_REJECT: p = "%reject"; break;
-+ case SPI_HOLD: p = "%hold"; break;
-+ case SPI_TRAP: p = "%trap"; break;
-+ case SPI_TRAPSUBNET: p = "%trapsubnet"; break;
-+ default: p = NULL; break;
-+ }
-+ if (p != NULL) {
-+ strcpy(buf, p);
-+ len = strlen(buf);
-+ }
-+ }
-+
-+ if (len == 0) { /* general case needed */
-+ strcpy(buf, pre);
-+ len = strlen(buf);
-+ if (showversion) {
-+ *(buf+len) = (addrtypeof(&sa->dst) == AF_INET) ? '.' :
-+ ':';
-+ len++;
-+ *(buf+len) = '\0';
-+ }
-+ len += ultot(ntohl(sa->spi), base, buf+len, sizeof(buf)-len);
-+ *(buf+len-1) = '@';
-+ len += addrtot(&sa->dst, 0, buf+len, sizeof(buf)-len);
-+ *(buf+len) = '\0';
-+ }
-+
-+ if (dst != NULL) {
-+ if (len > dstlen)
-+ *(buf+dstlen-1) = '\0';
-+ strcpy(dst, buf);
-+ }
-+ return len;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/subnetof.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,59 @@
-+/*
-+ * minor network-address manipulation utilities
-+ * Copyright (C) 1998, 1999 Henry Spencer.
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: subnetof.c,v 1.8 2004/07/10 07:48:37 mcr Exp $
-+ */
-+#include "openswan.h"
-+
-+/*
-+ - subnetof - given address and mask, return subnet part
-+ */
-+struct in_addr
-+subnetof(addr, mask)
-+struct in_addr addr;
-+struct in_addr mask;
-+{
-+ struct in_addr result;
-+
-+ result.s_addr = addr.s_addr & mask.s_addr;
-+ return result;
-+}
-+
-+/*
-+ - hostof - given address and mask, return host part
-+ */
-+struct in_addr
-+hostof(addr, mask)
-+struct in_addr addr;
-+struct in_addr mask;
-+{
-+ struct in_addr result;
-+
-+ result.s_addr = addr.s_addr & ~mask.s_addr;
-+ return result;
-+}
-+
-+/*
-+ - broadcastof - given (network) address and mask, return broadcast address
-+ */
-+struct in_addr
-+broadcastof(addr, mask)
-+struct in_addr addr;
-+struct in_addr mask;
-+{
-+ struct in_addr result;
-+
-+ result.s_addr = addr.s_addr | ~mask.s_addr;
-+ return result;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/subnettoa.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,61 @@
-+/*
-+ * convert binary form of subnet description to ASCII
-+ * Copyright (C) 1998, 1999 Henry Spencer.
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: subnettoa.c,v 1.11 2004/07/10 07:48:37 mcr Exp $
-+ */
-+#include "openswan.h"
-+
-+/*
-+ - subnettoa - convert address and mask to ASCII "addr/mask"
-+ * Output expresses the mask as a bit count if possible, else dotted decimal.
-+ */
-+size_t /* space needed for full conversion */
-+subnettoa(addr, mask, format, dst, dstlen)
-+struct in_addr addr;
-+struct in_addr mask;
-+int format; /* character */
-+char *dst; /* need not be valid if dstlen is 0 */
-+size_t dstlen;
-+{
-+ size_t len;
-+ size_t rest;
-+ int n;
-+ char *p;
-+
-+ switch (format) {
-+ case 0:
-+ break;
-+ default:
-+ return 0;
-+ break;
-+ }
-+
-+ len = addrtoa(addr, 0, dst, dstlen);
-+ if (len < dstlen) {
-+ dst[len - 1] = '/';
-+ p = dst + len;
-+ rest = dstlen - len;
-+ } else {
-+ p = NULL;
-+ rest = 0;
-+ }
-+
-+ n = masktobits(mask);
-+ if (n >= 0)
-+ len += ultoa((unsigned long)n, 10, p, rest);
-+ else
-+ len += addrtoa(mask, 0, p, rest);
-+
-+ return len;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/sysctl_net_ipsec.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,199 @@
-+/*
-+ * sysctl interface to net IPSEC subsystem.
-+ * Copyright (C) 1998, 1999, 2000, 2001 Richard Guy Briggs.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the
-+ * Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-+ *
-+ * This program is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-+ * for more details.
-+ *
-+ * RCSID $Id: sysctl_net_ipsec.c,v 1.17 2004/07/10 19:11:18 mcr Exp $
-+ */
-+
-+/* -*- linux-c -*-
-+ *
-+ * Initiated April 3, 1998, Richard Guy Briggs <rgb@conscoop.ottawa.on.ca>
-+ */
-+
-+#include <linux/mm.h>
-+#include <linux/sysctl.h>
-+
-+#include "openswan/ipsec_param.h"
-+
-+#ifdef CONFIG_SYSCTL
-+
-+#define NET_IPSEC 2112 /* Random number */
-+#ifdef CONFIG_KLIPS_DEBUG
-+extern int debug_ah;
-+extern int debug_esp;
-+extern int debug_tunnel;
-+extern int debug_eroute;
-+extern int debug_spi;
-+extern int debug_radij;
-+extern int debug_netlink;
-+extern int debug_xform;
-+extern int debug_rcv;
-+extern int debug_pfkey;
-+extern int sysctl_ipsec_debug_verbose;
-+#ifdef CONFIG_KLIPS_IPCOMP
-+extern int sysctl_ipsec_debug_ipcomp;
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+#endif /* CONFIG_KLIPS_DEBUG */
-+
-+extern int sysctl_ipsec_icmp;
-+extern int sysctl_ipsec_inbound_policy_check;
-+extern int sysctl_ipsec_tos;
-+int sysctl_ipsec_regress_pfkey_lossage;
-+
-+enum {
-+#ifdef CONFIG_KLIPS_DEBUG
-+ NET_IPSEC_DEBUG_AH=1,
-+ NET_IPSEC_DEBUG_ESP=2,
-+ NET_IPSEC_DEBUG_TUNNEL=3,
-+ NET_IPSEC_DEBUG_EROUTE=4,
-+ NET_IPSEC_DEBUG_SPI=5,
-+ NET_IPSEC_DEBUG_RADIJ=6,
-+ NET_IPSEC_DEBUG_NETLINK=7,
-+ NET_IPSEC_DEBUG_XFORM=8,
-+ NET_IPSEC_DEBUG_RCV=9,
-+ NET_IPSEC_DEBUG_PFKEY=10,
-+ NET_IPSEC_DEBUG_VERBOSE=11,
-+ NET_IPSEC_DEBUG_IPCOMP=12,
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ NET_IPSEC_ICMP=13,
-+ NET_IPSEC_INBOUND_POLICY_CHECK=14,
-+ NET_IPSEC_TOS=15,
-+ NET_IPSEC_REGRESS_PFKEY_LOSSAGE=16,
-+};
-+
-+static ctl_table ipsec_table[] = {
-+#ifdef CONFIG_KLIPS_DEBUG
-+ { NET_IPSEC_DEBUG_AH, "debug_ah", &debug_ah,
-+ sizeof(int), 0644, NULL, &proc_dointvec},
-+ { NET_IPSEC_DEBUG_ESP, "debug_esp", &debug_esp,
-+ sizeof(int), 0644, NULL, &proc_dointvec},
-+ { NET_IPSEC_DEBUG_TUNNEL, "debug_tunnel", &debug_tunnel,
-+ sizeof(int), 0644, NULL, &proc_dointvec},
-+ { NET_IPSEC_DEBUG_EROUTE, "debug_eroute", &debug_eroute,
-+ sizeof(int), 0644, NULL, &proc_dointvec},
-+ { NET_IPSEC_DEBUG_SPI, "debug_spi", &debug_spi,
-+ sizeof(int), 0644, NULL, &proc_dointvec},
-+ { NET_IPSEC_DEBUG_RADIJ, "debug_radij", &debug_radij,
-+ sizeof(int), 0644, NULL, &proc_dointvec},
-+ { NET_IPSEC_DEBUG_NETLINK, "debug_netlink", &debug_netlink,
-+ sizeof(int), 0644, NULL, &proc_dointvec},
-+ { NET_IPSEC_DEBUG_XFORM, "debug_xform", &debug_xform,
-+ sizeof(int), 0644, NULL, &proc_dointvec},
-+ { NET_IPSEC_DEBUG_RCV, "debug_rcv", &debug_rcv,
-+ sizeof(int), 0644, NULL, &proc_dointvec},
-+ { NET_IPSEC_DEBUG_PFKEY, "debug_pfkey", &debug_pfkey,
-+ sizeof(int), 0644, NULL, &proc_dointvec},
-+ { NET_IPSEC_DEBUG_VERBOSE, "debug_verbose",&sysctl_ipsec_debug_verbose,
-+ sizeof(int), 0644, NULL, &proc_dointvec},
-+#ifdef CONFIG_KLIPS_IPCOMP
-+ { NET_IPSEC_DEBUG_IPCOMP, "debug_ipcomp", &sysctl_ipsec_debug_ipcomp,
-+ sizeof(int), 0644, NULL, &proc_dointvec},
-+#endif /* CONFIG_KLIPS_IPCOMP */
-+
-+#ifdef CONFIG_KLIPS_REGRESS
-+ { NET_IPSEC_REGRESS_PFKEY_LOSSAGE, "pfkey_lossage",
-+ &sysctl_ipsec_regress_pfkey_lossage,
-+ sizeof(int), 0644, NULL, &proc_dointvec},
-+#endif /* CONFIG_KLIPS_REGRESS */
-+
-+#endif /* CONFIG_KLIPS_DEBUG */
-+ { NET_IPSEC_ICMP, "icmp", &sysctl_ipsec_icmp,
-+ sizeof(int), 0644, NULL, &proc_dointvec},
-+ { NET_IPSEC_INBOUND_POLICY_CHECK, "inbound_policy_check", &sysctl_ipsec_inbound_policy_check,
-+ sizeof(int), 0644, NULL, &proc_dointvec},
-+ { NET_IPSEC_TOS, "tos", &sysctl_ipsec_tos,
-+ sizeof(int), 0644, NULL, &proc_dointvec},
-+ {0}
-+};
-+
-+static ctl_table ipsec_net_table[] = {
-+ { NET_IPSEC, "ipsec", NULL, 0, 0555, ipsec_table },
-+ { 0 }
-+};
-+
-+static ctl_table ipsec_root_table[] = {
-+ { CTL_NET, "net", NULL, 0, 0555, ipsec_net_table },
-+ { 0 }
-+};
-+
-+static struct ctl_table_header *ipsec_table_header;
-+
-+int ipsec_sysctl_register(void)
-+{
-+ ipsec_table_header = register_sysctl_table(ipsec_root_table, 0);
-+ if (!ipsec_table_header) {
-+ return -ENOMEM;
-+ }
-+ return 0;
-+}
-+
-+void ipsec_sysctl_unregister(void)
-+{
-+ unregister_sysctl_table(ipsec_table_header);
-+}
-+
-+#endif /* CONFIG_SYSCTL */
-+
-+/*
-+ * $Log: sysctl_net_ipsec.c,v $
-+ * Revision 1.17 2004/07/10 19:11:18 mcr
-+ * CONFIG_IPSEC -> CONFIG_KLIPS.
-+ *
-+ * Revision 1.16 2004/04/06 02:49:26 mcr
-+ * pullup of algo code from alg-branch.
-+ *
-+ * Revision 1.15 2002/04/24 07:55:32 mcr
-+ * #include patches and Makefiles for post-reorg compilation.
-+ *
-+ * Revision 1.14 2002/04/24 07:36:35 mcr
-+ * Moved from ./klips/net/ipsec/sysctl_net_ipsec.c,v
-+ *
-+ * Revision 1.13 2002/01/12 02:58:32 mcr
-+ * first regression test causes acquire messages to be lost
-+ * 100% of the time. This is to help testing of pluto.
-+ *
-+ * Revision 1.12 2001/06/14 19:35:13 rgb
-+ * Update copyright date.
-+ *
-+ * Revision 1.11 2001/02/26 19:58:13 rgb
-+ * Drop sysctl_ipsec_{no_eroute_pass,opportunistic}, replaced by magic SAs.
-+ *
-+ * Revision 1.10 2000/09/16 01:50:15 rgb
-+ * Protect sysctl_ipsec_debug_ipcomp with compiler defines too so that the
-+ * linker won't blame rj_delete() for missing symbols. ;-> Damn statics...
-+ *
-+ * Revision 1.9 2000/09/15 23:17:51 rgb
-+ * Moved stuff around to compile with debug off.
-+ *
-+ * Revision 1.8 2000/09/15 11:37:02 rgb
-+ * Merge in heavily modified Svenning Soerensen's <svenning@post5.tele.dk>
-+ * IPCOMP zlib deflate code.
-+ *
-+ * Revision 1.7 2000/09/15 07:37:15 rgb
-+ * Munged silly log comment that was causing a warning.
-+ *
-+ * Revision 1.6 2000/09/15 04:58:23 rgb
-+ * Added tos runtime switch.
-+ * Removed 'sysctl_ipsec_' prefix from /proc/sys/net/ipsec/ filenames.
-+ *
-+ * Revision 1.5 2000/09/12 03:25:28 rgb
-+ * Filled in and implemented sysctl.
-+ *
-+ * Revision 1.4 1999/04/11 00:29:03 henry
-+ * GPL boilerplate
-+ *
-+ * Revision 1.3 1999/04/06 04:54:29 rgb
-+ * Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
-+ * patch shell fixes.
-+ *
-+ */
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/trees.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,1214 @@
-+/* trees.c -- output deflated data using Huffman coding
-+ * Copyright (C) 1995-2002 Jean-loup Gailly
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+/*
-+ * ALGORITHM
-+ *
-+ * The "deflation" process uses several Huffman trees. The more
-+ * common source values are represented by shorter bit sequences.
-+ *
-+ * Each code tree is stored in a compressed form which is itself
-+ * a Huffman encoding of the lengths of all the code strings (in
-+ * ascending order by source values). The actual code strings are
-+ * reconstructed from the lengths in the inflate process, as described
-+ * in the deflate specification.
-+ *
-+ * REFERENCES
-+ *
-+ * Deutsch, L.P.,"'Deflate' Compressed Data Format Specification".
-+ * Available in ftp.uu.net:/pub/archiving/zip/doc/deflate-1.1.doc
-+ *
-+ * Storer, James A.
-+ * Data Compression: Methods and Theory, pp. 49-50.
-+ * Computer Science Press, 1988. ISBN 0-7167-8156-5.
-+ *
-+ * Sedgewick, R.
-+ * Algorithms, p290.
-+ * Addison-Wesley, 1983. ISBN 0-201-06672-6.
-+ */
-+
-+/* @(#) $Id: trees.c,v 1.4 2004/07/10 07:48:39 mcr Exp $ */
-+
-+/* #define GEN_TREES_H */
-+
-+#include "deflate.h"
-+
-+#ifdef DEBUG
-+# include <ctype.h>
-+#endif
-+
-+/* ===========================================================================
-+ * Constants
-+ */
-+
-+#define MAX_BL_BITS 7
-+/* Bit length codes must not exceed MAX_BL_BITS bits */
-+
-+#define END_BLOCK 256
-+/* end of block literal code */
-+
-+#define REP_3_6 16
-+/* repeat previous bit length 3-6 times (2 bits of repeat count) */
-+
-+#define REPZ_3_10 17
-+/* repeat a zero length 3-10 times (3 bits of repeat count) */
-+
-+#define REPZ_11_138 18
-+/* repeat a zero length 11-138 times (7 bits of repeat count) */
-+
-+local const int extra_lbits[LENGTH_CODES] /* extra bits for each length code */
-+ = {0,0,0,0,0,0,0,0,1,1,1,1,2,2,2,2,3,3,3,3,4,4,4,4,5,5,5,5,0};
-+
-+local const int extra_dbits[D_CODES] /* extra bits for each distance code */
-+ = {0,0,0,0,1,1,2,2,3,3,4,4,5,5,6,6,7,7,8,8,9,9,10,10,11,11,12,12,13,13};
-+
-+local const int extra_blbits[BL_CODES]/* extra bits for each bit length code */
-+ = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,3,7};
-+
-+local const uch bl_order[BL_CODES]
-+ = {16,17,18,0,8,7,9,6,10,5,11,4,12,3,13,2,14,1,15};
-+/* The lengths of the bit length codes are sent in order of decreasing
-+ * probability, to avoid transmitting the lengths for unused bit length codes.
-+ */
-+
-+#define Buf_size (8 * 2*sizeof(char))
-+/* Number of bits used within bi_buf. (bi_buf might be implemented on
-+ * more than 16 bits on some systems.)
-+ */
-+
-+/* ===========================================================================
-+ * Local data. These are initialized only once.
-+ */
-+
-+#define DIST_CODE_LEN 512 /* see definition of array dist_code below */
-+
-+#if defined(GEN_TREES_H) || !defined(STDC)
-+/* non ANSI compilers may not accept trees.h */
-+
-+local ct_data static_ltree[L_CODES+2];
-+/* The static literal tree. Since the bit lengths are imposed, there is no
-+ * need for the L_CODES extra codes used during heap construction. However
-+ * The codes 286 and 287 are needed to build a canonical tree (see _tr_init
-+ * below).
-+ */
-+
-+local ct_data static_dtree[D_CODES];
-+/* The static distance tree. (Actually a trivial tree since all codes use
-+ * 5 bits.)
-+ */
-+
-+uch _dist_code[DIST_CODE_LEN];
-+/* Distance codes. The first 256 values correspond to the distances
-+ * 3 .. 258, the last 256 values correspond to the top 8 bits of
-+ * the 15 bit distances.
-+ */
-+
-+uch _length_code[MAX_MATCH-MIN_MATCH+1];
-+/* length code for each normalized match length (0 == MIN_MATCH) */
-+
-+local int base_length[LENGTH_CODES];
-+/* First normalized length for each code (0 = MIN_MATCH) */
-+
-+local int base_dist[D_CODES];
-+/* First normalized distance for each code (0 = distance of 1) */
-+
-+#else
-+# include "trees.h"
-+#endif /* GEN_TREES_H */
-+
-+struct static_tree_desc_s {
-+ const ct_data *static_tree; /* static tree or NULL */
-+ const intf *extra_bits; /* extra bits for each code or NULL */
-+ int extra_base; /* base index for extra_bits */
-+ int elems; /* max number of elements in the tree */
-+ int max_length; /* max bit length for the codes */
-+};
-+
-+local static_tree_desc static_l_desc =
-+{static_ltree, extra_lbits, LITERALS+1, L_CODES, MAX_BITS};
-+
-+local static_tree_desc static_d_desc =
-+{static_dtree, extra_dbits, 0, D_CODES, MAX_BITS};
-+
-+local static_tree_desc static_bl_desc =
-+{(const ct_data *)0, extra_blbits, 0, BL_CODES, MAX_BL_BITS};
-+
-+/* ===========================================================================
-+ * Local (static) routines in this file.
-+ */
-+
-+local void tr_static_init OF((void));
-+local void init_block OF((deflate_state *s));
-+local void pqdownheap OF((deflate_state *s, ct_data *tree, int k));
-+local void gen_bitlen OF((deflate_state *s, tree_desc *desc));
-+local void gen_codes OF((ct_data *tree, int max_code, ushf *bl_count));
-+local void build_tree OF((deflate_state *s, tree_desc *desc));
-+local void scan_tree OF((deflate_state *s, ct_data *tree, int max_code));
-+local void send_tree OF((deflate_state *s, ct_data *tree, int max_code));
-+local int build_bl_tree OF((deflate_state *s));
-+local void send_all_trees OF((deflate_state *s, int lcodes, int dcodes,
-+ int blcodes));
-+local void compress_block OF((deflate_state *s, const ct_data *ltree,
-+ const ct_data *dtree));
-+local void set_data_type OF((deflate_state *s));
-+local unsigned bi_reverse OF((unsigned value, int length));
-+local void bi_windup OF((deflate_state *s));
-+local void bi_flush OF((deflate_state *s));
-+local void copy_block OF((deflate_state *s, charf *buf, unsigned len,
-+ int header));
-+
-+#ifdef GEN_TREES_H
-+local void gen_trees_header OF((void));
-+#endif
-+
-+#ifndef DEBUG
-+# define send_code(s, c, tree) send_bits(s, tree[c].Code, tree[c].Len)
-+ /* Send a code of the given tree. c and tree must not have side effects */
-+
-+#else /* DEBUG */
-+# define send_code(s, c, tree) \
-+ { if (z_verbose>2) fprintf(stderr,"\ncd %3d ",(c)); \
-+ send_bits(s, tree[c].Code, tree[c].Len); }
-+#endif
-+
-+/* ===========================================================================
-+ * Output a short LSB first on the stream.
-+ * IN assertion: there is enough room in pendingBuf.
-+ */
-+#define put_short(s, w) { \
-+ put_byte(s, (uch)((w) & 0xff)); \
-+ put_byte(s, (uch)((ush)(w) >> 8)); \
-+}
-+
-+/* ===========================================================================
-+ * Send a value on a given number of bits.
-+ * IN assertion: length <= 16 and value fits in length bits.
-+ */
-+#ifdef DEBUG
-+local void send_bits OF((deflate_state *s, int value, int length));
-+
-+local void send_bits(s, value, length)
-+ deflate_state *s;
-+ int value; /* value to send */
-+ int length; /* number of bits */
-+{
-+ Tracevv((stderr," l %2d v %4x ", length, value));
-+ Assert(length > 0 && length <= 15, "invalid length");
-+ s->bits_sent += (ulg)length;
-+
-+ /* If not enough room in bi_buf, use (valid) bits from bi_buf and
-+ * (16 - bi_valid) bits from value, leaving (width - (16-bi_valid))
-+ * unused bits in value.
-+ */
-+ if (s->bi_valid > (int)Buf_size - length) {
-+ s->bi_buf |= (value << s->bi_valid);
-+ put_short(s, s->bi_buf);
-+ s->bi_buf = (ush)value >> (Buf_size - s->bi_valid);
-+ s->bi_valid += length - Buf_size;
-+ } else {
-+ s->bi_buf |= value << s->bi_valid;
-+ s->bi_valid += length;
-+ }
-+}
-+#else /* !DEBUG */
-+
-+#define send_bits(s, value, length) \
-+{ int len = length;\
-+ if (s->bi_valid > (int)Buf_size - len) {\
-+ int val = value;\
-+ s->bi_buf |= (val << s->bi_valid);\
-+ put_short(s, s->bi_buf);\
-+ s->bi_buf = (ush)val >> (Buf_size - s->bi_valid);\
-+ s->bi_valid += len - Buf_size;\
-+ } else {\
-+ s->bi_buf |= (value) << s->bi_valid;\
-+ s->bi_valid += len;\
-+ }\
-+}
-+#endif /* DEBUG */
-+
-+
-+#define MAX(a,b) (a >= b ? a : b)
-+/* the arguments must not have side effects */
-+
-+/* ===========================================================================
-+ * Initialize the various 'constant' tables.
-+ */
-+local void tr_static_init()
-+{
-+#if defined(GEN_TREES_H) || !defined(STDC)
-+ static int static_init_done = 0;
-+ int n; /* iterates over tree elements */
-+ int bits; /* bit counter */
-+ int length; /* length value */
-+ int code; /* code value */
-+ int dist; /* distance index */
-+ ush bl_count[MAX_BITS+1];
-+ /* number of codes at each bit length for an optimal tree */
-+
-+ if (static_init_done) return;
-+
-+ /* For some embedded targets, global variables are not initialized: */
-+ static_l_desc.static_tree = static_ltree;
-+ static_l_desc.extra_bits = extra_lbits;
-+ static_d_desc.static_tree = static_dtree;
-+ static_d_desc.extra_bits = extra_dbits;
-+ static_bl_desc.extra_bits = extra_blbits;
-+
-+ /* Initialize the mapping length (0..255) -> length code (0..28) */
-+ length = 0;
-+ for (code = 0; code < LENGTH_CODES-1; code++) {
-+ base_length[code] = length;
-+ for (n = 0; n < (1<<extra_lbits[code]); n++) {
-+ _length_code[length++] = (uch)code;
-+ }
-+ }
-+ Assert (length == 256, "tr_static_init: length != 256");
-+ /* Note that the length 255 (match length 258) can be represented
-+ * in two different ways: code 284 + 5 bits or code 285, so we
-+ * overwrite length_code[255] to use the best encoding:
-+ */
-+ _length_code[length-1] = (uch)code;
-+
-+ /* Initialize the mapping dist (0..32K) -> dist code (0..29) */
-+ dist = 0;
-+ for (code = 0 ; code < 16; code++) {
-+ base_dist[code] = dist;
-+ for (n = 0; n < (1<<extra_dbits[code]); n++) {
-+ _dist_code[dist++] = (uch)code;
-+ }
-+ }
-+ Assert (dist == 256, "tr_static_init: dist != 256");
-+ dist >>= 7; /* from now on, all distances are divided by 128 */
-+ for ( ; code < D_CODES; code++) {
-+ base_dist[code] = dist << 7;
-+ for (n = 0; n < (1<<(extra_dbits[code]-7)); n++) {
-+ _dist_code[256 + dist++] = (uch)code;
-+ }
-+ }
-+ Assert (dist == 256, "tr_static_init: 256+dist != 512");
-+
-+ /* Construct the codes of the static literal tree */
-+ for (bits = 0; bits <= MAX_BITS; bits++) bl_count[bits] = 0;
-+ n = 0;
-+ while (n <= 143) static_ltree[n++].Len = 8, bl_count[8]++;
-+ while (n <= 255) static_ltree[n++].Len = 9, bl_count[9]++;
-+ while (n <= 279) static_ltree[n++].Len = 7, bl_count[7]++;
-+ while (n <= 287) static_ltree[n++].Len = 8, bl_count[8]++;
-+ /* Codes 286 and 287 do not exist, but we must include them in the
-+ * tree construction to get a canonical Huffman tree (longest code
-+ * all ones)
-+ */
-+ gen_codes((ct_data *)static_ltree, L_CODES+1, bl_count);
-+
-+ /* The static distance tree is trivial: */
-+ for (n = 0; n < D_CODES; n++) {
-+ static_dtree[n].Len = 5;
-+ static_dtree[n].Code = bi_reverse((unsigned)n, 5);
-+ }
-+ static_init_done = 1;
-+
-+# ifdef GEN_TREES_H
-+ gen_trees_header();
-+# endif
-+#endif /* defined(GEN_TREES_H) || !defined(STDC) */
-+}
-+
-+/* ===========================================================================
-+ * Genererate the file trees.h describing the static trees.
-+ */
-+#ifdef GEN_TREES_H
-+# ifndef DEBUG
-+# include <stdio.h>
-+# endif
-+
-+# define SEPARATOR(i, last, width) \
-+ ((i) == (last)? "\n};\n\n" : \
-+ ((i) % (width) == (width)-1 ? ",\n" : ", "))
-+
-+void gen_trees_header()
-+{
-+ FILE *header = fopen("trees.h", "w");
-+ int i;
-+
-+ Assert (header != NULL, "Can't open trees.h");
-+ fprintf(header,
-+ "/* header created automatically with -DGEN_TREES_H */\n\n");
-+
-+ fprintf(header, "local const ct_data static_ltree[L_CODES+2] = {\n");
-+ for (i = 0; i < L_CODES+2; i++) {
-+ fprintf(header, "{{%3u},{%3u}}%s", static_ltree[i].Code,
-+ static_ltree[i].Len, SEPARATOR(i, L_CODES+1, 5));
-+ }
-+
-+ fprintf(header, "local const ct_data static_dtree[D_CODES] = {\n");
-+ for (i = 0; i < D_CODES; i++) {
-+ fprintf(header, "{{%2u},{%2u}}%s", static_dtree[i].Code,
-+ static_dtree[i].Len, SEPARATOR(i, D_CODES-1, 5));
-+ }
-+
-+ fprintf(header, "const uch _dist_code[DIST_CODE_LEN] = {\n");
-+ for (i = 0; i < DIST_CODE_LEN; i++) {
-+ fprintf(header, "%2u%s", _dist_code[i],
-+ SEPARATOR(i, DIST_CODE_LEN-1, 20));
-+ }
-+
-+ fprintf(header, "const uch _length_code[MAX_MATCH-MIN_MATCH+1]= {\n");
-+ for (i = 0; i < MAX_MATCH-MIN_MATCH+1; i++) {
-+ fprintf(header, "%2u%s", _length_code[i],
-+ SEPARATOR(i, MAX_MATCH-MIN_MATCH, 20));
-+ }
-+
-+ fprintf(header, "local const int base_length[LENGTH_CODES] = {\n");
-+ for (i = 0; i < LENGTH_CODES; i++) {
-+ fprintf(header, "%1u%s", base_length[i],
-+ SEPARATOR(i, LENGTH_CODES-1, 20));
-+ }
-+
-+ fprintf(header, "local const int base_dist[D_CODES] = {\n");
-+ for (i = 0; i < D_CODES; i++) {
-+ fprintf(header, "%5u%s", base_dist[i],
-+ SEPARATOR(i, D_CODES-1, 10));
-+ }
-+
-+ fclose(header);
-+}
-+#endif /* GEN_TREES_H */
-+
-+/* ===========================================================================
-+ * Initialize the tree data structures for a new zlib stream.
-+ */
-+void _tr_init(s)
-+ deflate_state *s;
-+{
-+ tr_static_init();
-+
-+ s->l_desc.dyn_tree = s->dyn_ltree;
-+ s->l_desc.stat_desc = &static_l_desc;
-+
-+ s->d_desc.dyn_tree = s->dyn_dtree;
-+ s->d_desc.stat_desc = &static_d_desc;
-+
-+ s->bl_desc.dyn_tree = s->bl_tree;
-+ s->bl_desc.stat_desc = &static_bl_desc;
-+
-+ s->bi_buf = 0;
-+ s->bi_valid = 0;
-+ s->last_eob_len = 8; /* enough lookahead for inflate */
-+#ifdef DEBUG
-+ s->compressed_len = 0L;
-+ s->bits_sent = 0L;
-+#endif
-+
-+ /* Initialize the first block of the first file: */
-+ init_block(s);
-+}
-+
-+/* ===========================================================================
-+ * Initialize a new block.
-+ */
-+local void init_block(s)
-+ deflate_state *s;
-+{
-+ int n; /* iterates over tree elements */
-+
-+ /* Initialize the trees. */
-+ for (n = 0; n < L_CODES; n++) s->dyn_ltree[n].Freq = 0;
-+ for (n = 0; n < D_CODES; n++) s->dyn_dtree[n].Freq = 0;
-+ for (n = 0; n < BL_CODES; n++) s->bl_tree[n].Freq = 0;
-+
-+ s->dyn_ltree[END_BLOCK].Freq = 1;
-+ s->opt_len = s->static_len = 0L;
-+ s->last_lit = s->matches = 0;
-+}
-+
-+#define SMALLEST 1
-+/* Index within the heap array of least frequent node in the Huffman tree */
-+
-+
-+/* ===========================================================================
-+ * Remove the smallest element from the heap and recreate the heap with
-+ * one less element. Updates heap and heap_len.
-+ */
-+#define pqremove(s, tree, top) \
-+{\
-+ top = s->heap[SMALLEST]; \
-+ s->heap[SMALLEST] = s->heap[s->heap_len--]; \
-+ pqdownheap(s, tree, SMALLEST); \
-+}
-+
-+/* ===========================================================================
-+ * Compares to subtrees, using the tree depth as tie breaker when
-+ * the subtrees have equal frequency. This minimizes the worst case length.
-+ */
-+#define smaller(tree, n, m, depth) \
-+ (tree[n].Freq < tree[m].Freq || \
-+ (tree[n].Freq == tree[m].Freq && depth[n] <= depth[m]))
-+
-+/* ===========================================================================
-+ * Restore the heap property by moving down the tree starting at node k,
-+ * exchanging a node with the smallest of its two sons if necessary, stopping
-+ * when the heap property is re-established (each father smaller than its
-+ * two sons).
-+ */
-+local void pqdownheap(s, tree, k)
-+ deflate_state *s;
-+ ct_data *tree; /* the tree to restore */
-+ int k; /* node to move down */
-+{
-+ int v = s->heap[k];
-+ int j = k << 1; /* left son of k */
-+ while (j <= s->heap_len) {
-+ /* Set j to the smallest of the two sons: */
-+ if (j < s->heap_len &&
-+ smaller(tree, s->heap[j+1], s->heap[j], s->depth)) {
-+ j++;
-+ }
-+ /* Exit if v is smaller than both sons */
-+ if (smaller(tree, v, s->heap[j], s->depth)) break;
-+
-+ /* Exchange v with the smallest son */
-+ s->heap[k] = s->heap[j]; k = j;
-+
-+ /* And continue down the tree, setting j to the left son of k */
-+ j <<= 1;
-+ }
-+ s->heap[k] = v;
-+}
-+
-+/* ===========================================================================
-+ * Compute the optimal bit lengths for a tree and update the total bit length
-+ * for the current block.
-+ * IN assertion: the fields freq and dad are set, heap[heap_max] and
-+ * above are the tree nodes sorted by increasing frequency.
-+ * OUT assertions: the field len is set to the optimal bit length, the
-+ * array bl_count contains the frequencies for each bit length.
-+ * The length opt_len is updated; static_len is also updated if stree is
-+ * not null.
-+ */
-+local void gen_bitlen(s, desc)
-+ deflate_state *s;
-+ tree_desc *desc; /* the tree descriptor */
-+{
-+ ct_data *tree = desc->dyn_tree;
-+ int max_code = desc->max_code;
-+ const ct_data *stree = desc->stat_desc->static_tree;
-+ const intf *extra = desc->stat_desc->extra_bits;
-+ int base = desc->stat_desc->extra_base;
-+ int max_length = desc->stat_desc->max_length;
-+ int h; /* heap index */
-+ int n, m; /* iterate over the tree elements */
-+ int bits; /* bit length */
-+ int xbits; /* extra bits */
-+ ush f; /* frequency */
-+ int overflow = 0; /* number of elements with bit length too large */
-+
-+ for (bits = 0; bits <= MAX_BITS; bits++) s->bl_count[bits] = 0;
-+
-+ /* In a first pass, compute the optimal bit lengths (which may
-+ * overflow in the case of the bit length tree).
-+ */
-+ tree[s->heap[s->heap_max]].Len = 0; /* root of the heap */
-+
-+ for (h = s->heap_max+1; h < HEAP_SIZE; h++) {
-+ n = s->heap[h];
-+ bits = tree[tree[n].Dad].Len + 1;
-+ if (bits > max_length) bits = max_length, overflow++;
-+ tree[n].Len = (ush)bits;
-+ /* We overwrite tree[n].Dad which is no longer needed */
-+
-+ if (n > max_code) continue; /* not a leaf node */
-+
-+ s->bl_count[bits]++;
-+ xbits = 0;
-+ if (n >= base) xbits = extra[n-base];
-+ f = tree[n].Freq;
-+ s->opt_len += (ulg)f * (bits + xbits);
-+ if (stree) s->static_len += (ulg)f * (stree[n].Len + xbits);
-+ }
-+ if (overflow == 0) return;
-+
-+ Trace((stderr,"\nbit length overflow\n"));
-+ /* This happens for example on obj2 and pic of the Calgary corpus */
-+
-+ /* Find the first bit length which could increase: */
-+ do {
-+ bits = max_length-1;
-+ while (s->bl_count[bits] == 0) bits--;
-+ s->bl_count[bits]--; /* move one leaf down the tree */
-+ s->bl_count[bits+1] += 2; /* move one overflow item as its brother */
-+ s->bl_count[max_length]--;
-+ /* The brother of the overflow item also moves one step up,
-+ * but this does not affect bl_count[max_length]
-+ */
-+ overflow -= 2;
-+ } while (overflow > 0);
-+
-+ /* Now recompute all bit lengths, scanning in increasing frequency.
-+ * h is still equal to HEAP_SIZE. (It is simpler to reconstruct all
-+ * lengths instead of fixing only the wrong ones. This idea is taken
-+ * from 'ar' written by Haruhiko Okumura.)
-+ */
-+ for (bits = max_length; bits != 0; bits--) {
-+ n = s->bl_count[bits];
-+ while (n != 0) {
-+ m = s->heap[--h];
-+ if (m > max_code) continue;
-+ if (tree[m].Len != (unsigned) bits) {
-+ Trace((stderr,"code %d bits %d->%d\n", m, tree[m].Len, bits));
-+ s->opt_len += ((long)bits - (long)tree[m].Len)
-+ *(long)tree[m].Freq;
-+ tree[m].Len = (ush)bits;
-+ }
-+ n--;
-+ }
-+ }
-+}
-+
-+/* ===========================================================================
-+ * Generate the codes for a given tree and bit counts (which need not be
-+ * optimal).
-+ * IN assertion: the array bl_count contains the bit length statistics for
-+ * the given tree and the field len is set for all tree elements.
-+ * OUT assertion: the field code is set for all tree elements of non
-+ * zero code length.
-+ */
-+local void gen_codes (tree, max_code, bl_count)
-+ ct_data *tree; /* the tree to decorate */
-+ int max_code; /* largest code with non zero frequency */
-+ ushf *bl_count; /* number of codes at each bit length */
-+{
-+ ush next_code[MAX_BITS+1]; /* next code value for each bit length */
-+ ush code = 0; /* running code value */
-+ int bits; /* bit index */
-+ int n; /* code index */
-+
-+ /* The distribution counts are first used to generate the code values
-+ * without bit reversal.
-+ */
-+ for (bits = 1; bits <= MAX_BITS; bits++) {
-+ next_code[bits] = code = (code + bl_count[bits-1]) << 1;
-+ }
-+ /* Check that the bit counts in bl_count are consistent. The last code
-+ * must be all ones.
-+ */
-+ Assert (code + bl_count[MAX_BITS]-1 == (1<<MAX_BITS)-1,
-+ "inconsistent bit counts");
-+ Tracev((stderr,"\ngen_codes: max_code %d ", max_code));
-+
-+ for (n = 0; n <= max_code; n++) {
-+ int len = tree[n].Len;
-+ if (len == 0) continue;
-+ /* Now reverse the bits */
-+ tree[n].Code = bi_reverse(next_code[len]++, len);
-+
-+ Tracecv(tree != static_ltree, (stderr,"\nn %3d %c l %2d c %4x (%x) ",
-+ n, (isgraph(n) ? n : ' '), len, tree[n].Code, next_code[len]-1));
-+ }
-+}
-+
-+/* ===========================================================================
-+ * Construct one Huffman tree and assigns the code bit strings and lengths.
-+ * Update the total bit length for the current block.
-+ * IN assertion: the field freq is set for all tree elements.
-+ * OUT assertions: the fields len and code are set to the optimal bit length
-+ * and corresponding code. The length opt_len is updated; static_len is
-+ * also updated if stree is not null. The field max_code is set.
-+ */
-+local void build_tree(s, desc)
-+ deflate_state *s;
-+ tree_desc *desc; /* the tree descriptor */
-+{
-+ ct_data *tree = desc->dyn_tree;
-+ const ct_data *stree = desc->stat_desc->static_tree;
-+ int elems = desc->stat_desc->elems;
-+ int n, m; /* iterate over heap elements */
-+ int max_code = -1; /* largest code with non zero frequency */
-+ int node; /* new node being created */
-+
-+ /* Construct the initial heap, with least frequent element in
-+ * heap[SMALLEST]. The sons of heap[n] are heap[2*n] and heap[2*n+1].
-+ * heap[0] is not used.
-+ */
-+ s->heap_len = 0, s->heap_max = HEAP_SIZE;
-+
-+ for (n = 0; n < elems; n++) {
-+ if (tree[n].Freq != 0) {
-+ s->heap[++(s->heap_len)] = max_code = n;
-+ s->depth[n] = 0;
-+ } else {
-+ tree[n].Len = 0;
-+ }
-+ }
-+
-+ /* The pkzip format requires that at least one distance code exists,
-+ * and that at least one bit should be sent even if there is only one
-+ * possible code. So to avoid special checks later on we force at least
-+ * two codes of non zero frequency.
-+ */
-+ while (s->heap_len < 2) {
-+ node = s->heap[++(s->heap_len)] = (max_code < 2 ? ++max_code : 0);
-+ tree[node].Freq = 1;
-+ s->depth[node] = 0;
-+ s->opt_len--; if (stree) s->static_len -= stree[node].Len;
-+ /* node is 0 or 1 so it does not have extra bits */
-+ }
-+ desc->max_code = max_code;
-+
-+ /* The elements heap[heap_len/2+1 .. heap_len] are leaves of the tree,
-+ * establish sub-heaps of increasing lengths:
-+ */
-+ for (n = s->heap_len/2; n >= 1; n--) pqdownheap(s, tree, n);
-+
-+ /* Construct the Huffman tree by repeatedly combining the least two
-+ * frequent nodes.
-+ */
-+ node = elems; /* next internal node of the tree */
-+ do {
-+ pqremove(s, tree, n); /* n = node of least frequency */
-+ m = s->heap[SMALLEST]; /* m = node of next least frequency */
-+
-+ s->heap[--(s->heap_max)] = n; /* keep the nodes sorted by frequency */
-+ s->heap[--(s->heap_max)] = m;
-+
-+ /* Create a new node father of n and m */
-+ tree[node].Freq = tree[n].Freq + tree[m].Freq;
-+ s->depth[node] = (uch) (MAX(s->depth[n], s->depth[m]) + 1);
-+ tree[n].Dad = tree[m].Dad = (ush)node;
-+#ifdef DUMP_BL_TREE
-+ if (tree == s->bl_tree) {
-+ fprintf(stderr,"\nnode %d(%d), sons %d(%d) %d(%d)",
-+ node, tree[node].Freq, n, tree[n].Freq, m, tree[m].Freq);
-+ }
-+#endif
-+ /* and insert the new node in the heap */
-+ s->heap[SMALLEST] = node++;
-+ pqdownheap(s, tree, SMALLEST);
-+
-+ } while (s->heap_len >= 2);
-+
-+ s->heap[--(s->heap_max)] = s->heap[SMALLEST];
-+
-+ /* At this point, the fields freq and dad are set. We can now
-+ * generate the bit lengths.
-+ */
-+ gen_bitlen(s, (tree_desc *)desc);
-+
-+ /* The field len is now set, we can generate the bit codes */
-+ gen_codes ((ct_data *)tree, max_code, s->bl_count);
-+}
-+
-+/* ===========================================================================
-+ * Scan a literal or distance tree to determine the frequencies of the codes
-+ * in the bit length tree.
-+ */
-+local void scan_tree (s, tree, max_code)
-+ deflate_state *s;
-+ ct_data *tree; /* the tree to be scanned */
-+ int max_code; /* and its largest code of non zero frequency */
-+{
-+ int n; /* iterates over all tree elements */
-+ int prevlen = -1; /* last emitted length */
-+ int curlen; /* length of current code */
-+ int nextlen = tree[0].Len; /* length of next code */
-+ int count = 0; /* repeat count of the current code */
-+ int max_count = 7; /* max repeat count */
-+ int min_count = 4; /* min repeat count */
-+
-+ if (nextlen == 0) max_count = 138, min_count = 3;
-+ tree[max_code+1].Len = (ush)0xffff; /* guard */
-+
-+ for (n = 0; n <= max_code; n++) {
-+ curlen = nextlen; nextlen = tree[n+1].Len;
-+ if (++count < max_count && curlen == nextlen) {
-+ continue;
-+ } else if (count < min_count) {
-+ s->bl_tree[curlen].Freq += count;
-+ } else if (curlen != 0) {
-+ if (curlen != prevlen) s->bl_tree[curlen].Freq++;
-+ s->bl_tree[REP_3_6].Freq++;
-+ } else if (count <= 10) {
-+ s->bl_tree[REPZ_3_10].Freq++;
-+ } else {
-+ s->bl_tree[REPZ_11_138].Freq++;
-+ }
-+ count = 0; prevlen = curlen;
-+ if (nextlen == 0) {
-+ max_count = 138, min_count = 3;
-+ } else if (curlen == nextlen) {
-+ max_count = 6, min_count = 3;
-+ } else {
-+ max_count = 7, min_count = 4;
-+ }
-+ }
-+}
-+
-+/* ===========================================================================
-+ * Send a literal or distance tree in compressed form, using the codes in
-+ * bl_tree.
-+ */
-+local void send_tree (s, tree, max_code)
-+ deflate_state *s;
-+ ct_data *tree; /* the tree to be scanned */
-+ int max_code; /* and its largest code of non zero frequency */
-+{
-+ int n; /* iterates over all tree elements */
-+ int prevlen = -1; /* last emitted length */
-+ int curlen; /* length of current code */
-+ int nextlen = tree[0].Len; /* length of next code */
-+ int count = 0; /* repeat count of the current code */
-+ int max_count = 7; /* max repeat count */
-+ int min_count = 4; /* min repeat count */
-+
-+ /* tree[max_code+1].Len = -1; */ /* guard already set */
-+ if (nextlen == 0) max_count = 138, min_count = 3;
-+
-+ for (n = 0; n <= max_code; n++) {
-+ curlen = nextlen; nextlen = tree[n+1].Len;
-+ if (++count < max_count && curlen == nextlen) {
-+ continue;
-+ } else if (count < min_count) {
-+ do { send_code(s, curlen, s->bl_tree); } while (--count != 0);
-+
-+ } else if (curlen != 0) {
-+ if (curlen != prevlen) {
-+ send_code(s, curlen, s->bl_tree); count--;
-+ }
-+ Assert(count >= 3 && count <= 6, " 3_6?");
-+ send_code(s, REP_3_6, s->bl_tree); send_bits(s, count-3, 2);
-+
-+ } else if (count <= 10) {
-+ send_code(s, REPZ_3_10, s->bl_tree); send_bits(s, count-3, 3);
-+
-+ } else {
-+ send_code(s, REPZ_11_138, s->bl_tree); send_bits(s, count-11, 7);
-+ }
-+ count = 0; prevlen = curlen;
-+ if (nextlen == 0) {
-+ max_count = 138, min_count = 3;
-+ } else if (curlen == nextlen) {
-+ max_count = 6, min_count = 3;
-+ } else {
-+ max_count = 7, min_count = 4;
-+ }
-+ }
-+}
-+
-+/* ===========================================================================
-+ * Construct the Huffman tree for the bit lengths and return the index in
-+ * bl_order of the last bit length code to send.
-+ */
-+local int build_bl_tree(s)
-+ deflate_state *s;
-+{
-+ int max_blindex; /* index of last bit length code of non zero freq */
-+
-+ /* Determine the bit length frequencies for literal and distance trees */
-+ scan_tree(s, (ct_data *)s->dyn_ltree, s->l_desc.max_code);
-+ scan_tree(s, (ct_data *)s->dyn_dtree, s->d_desc.max_code);
-+
-+ /* Build the bit length tree: */
-+ build_tree(s, (tree_desc *)(&(s->bl_desc)));
-+ /* opt_len now includes the length of the tree representations, except
-+ * the lengths of the bit lengths codes and the 5+5+4 bits for the counts.
-+ */
-+
-+ /* Determine the number of bit length codes to send. The pkzip format
-+ * requires that at least 4 bit length codes be sent. (appnote.txt says
-+ * 3 but the actual value used is 4.)
-+ */
-+ for (max_blindex = BL_CODES-1; max_blindex >= 3; max_blindex--) {
-+ if (s->bl_tree[bl_order[max_blindex]].Len != 0) break;
-+ }
-+ /* Update opt_len to include the bit length tree and counts */
-+ s->opt_len += 3*(max_blindex+1) + 5+5+4;
-+ Tracev((stderr, "\ndyn trees: dyn %ld, stat %ld",
-+ s->opt_len, s->static_len));
-+
-+ return max_blindex;
-+}
-+
-+/* ===========================================================================
-+ * Send the header for a block using dynamic Huffman trees: the counts, the
-+ * lengths of the bit length codes, the literal tree and the distance tree.
-+ * IN assertion: lcodes >= 257, dcodes >= 1, blcodes >= 4.
-+ */
-+local void send_all_trees(s, lcodes, dcodes, blcodes)
-+ deflate_state *s;
-+ int lcodes, dcodes, blcodes; /* number of codes for each tree */
-+{
-+ int rank; /* index in bl_order */
-+
-+ Assert (lcodes >= 257 && dcodes >= 1 && blcodes >= 4, "not enough codes");
-+ Assert (lcodes <= L_CODES && dcodes <= D_CODES && blcodes <= BL_CODES,
-+ "too many codes");
-+ Tracev((stderr, "\nbl counts: "));
-+ send_bits(s, lcodes-257, 5); /* not +255 as stated in appnote.txt */
-+ send_bits(s, dcodes-1, 5);
-+ send_bits(s, blcodes-4, 4); /* not -3 as stated in appnote.txt */
-+ for (rank = 0; rank < blcodes; rank++) {
-+ Tracev((stderr, "\nbl code %2d ", bl_order[rank]));
-+ send_bits(s, s->bl_tree[bl_order[rank]].Len, 3);
-+ }
-+ Tracev((stderr, "\nbl tree: sent %ld", s->bits_sent));
-+
-+ send_tree(s, (ct_data *)s->dyn_ltree, lcodes-1); /* literal tree */
-+ Tracev((stderr, "\nlit tree: sent %ld", s->bits_sent));
-+
-+ send_tree(s, (ct_data *)s->dyn_dtree, dcodes-1); /* distance tree */
-+ Tracev((stderr, "\ndist tree: sent %ld", s->bits_sent));
-+}
-+
-+/* ===========================================================================
-+ * Send a stored block
-+ */
-+void _tr_stored_block(s, buf, stored_len, eof)
-+ deflate_state *s;
-+ charf *buf; /* input block */
-+ ulg stored_len; /* length of input block */
-+ int eof; /* true if this is the last block for a file */
-+{
-+ send_bits(s, (STORED_BLOCK<<1)+eof, 3); /* send block type */
-+#ifdef DEBUG
-+ s->compressed_len = (s->compressed_len + 3 + 7) & (ulg)~7L;
-+ s->compressed_len += (stored_len + 4) << 3;
-+#endif
-+ copy_block(s, buf, (unsigned)stored_len, 1); /* with header */
-+}
-+
-+/* ===========================================================================
-+ * Send one empty static block to give enough lookahead for inflate.
-+ * This takes 10 bits, of which 7 may remain in the bit buffer.
-+ * The current inflate code requires 9 bits of lookahead. If the
-+ * last two codes for the previous block (real code plus EOB) were coded
-+ * on 5 bits or less, inflate may have only 5+3 bits of lookahead to decode
-+ * the last real code. In this case we send two empty static blocks instead
-+ * of one. (There are no problems if the previous block is stored or fixed.)
-+ * To simplify the code, we assume the worst case of last real code encoded
-+ * on one bit only.
-+ */
-+void _tr_align(s)
-+ deflate_state *s;
-+{
-+ send_bits(s, STATIC_TREES<<1, 3);
-+ send_code(s, END_BLOCK, static_ltree);
-+#ifdef DEBUG
-+ s->compressed_len += 10L; /* 3 for block type, 7 for EOB */
-+#endif
-+ bi_flush(s);
-+ /* Of the 10 bits for the empty block, we have already sent
-+ * (10 - bi_valid) bits. The lookahead for the last real code (before
-+ * the EOB of the previous block) was thus at least one plus the length
-+ * of the EOB plus what we have just sent of the empty static block.
-+ */
-+ if (1 + s->last_eob_len + 10 - s->bi_valid < 9) {
-+ send_bits(s, STATIC_TREES<<1, 3);
-+ send_code(s, END_BLOCK, static_ltree);
-+#ifdef DEBUG
-+ s->compressed_len += 10L;
-+#endif
-+ bi_flush(s);
-+ }
-+ s->last_eob_len = 7;
-+}
-+
-+/* ===========================================================================
-+ * Determine the best encoding for the current block: dynamic trees, static
-+ * trees or store, and output the encoded block to the zip file.
-+ */
-+void _tr_flush_block(s, buf, stored_len, eof)
-+ deflate_state *s;
-+ charf *buf; /* input block, or NULL if too old */
-+ ulg stored_len; /* length of input block */
-+ int eof; /* true if this is the last block for a file */
-+{
-+ ulg opt_lenb, static_lenb; /* opt_len and static_len in bytes */
-+ int max_blindex = 0; /* index of last bit length code of non zero freq */
-+
-+ /* Build the Huffman trees unless a stored block is forced */
-+ if (s->level > 0) {
-+
-+ /* Check if the file is ascii or binary */
-+ if (s->data_type == Z_UNKNOWN) set_data_type(s);
-+
-+ /* Construct the literal and distance trees */
-+ build_tree(s, (tree_desc *)(&(s->l_desc)));
-+ Tracev((stderr, "\nlit data: dyn %ld, stat %ld", s->opt_len,
-+ s->static_len));
-+
-+ build_tree(s, (tree_desc *)(&(s->d_desc)));
-+ Tracev((stderr, "\ndist data: dyn %ld, stat %ld", s->opt_len,
-+ s->static_len));
-+ /* At this point, opt_len and static_len are the total bit lengths of
-+ * the compressed block data, excluding the tree representations.
-+ */
-+
-+ /* Build the bit length tree for the above two trees, and get the index
-+ * in bl_order of the last bit length code to send.
-+ */
-+ max_blindex = build_bl_tree(s);
-+
-+ /* Determine the best encoding. Compute first the block length in bytes*/
-+ opt_lenb = (s->opt_len+3+7)>>3;
-+ static_lenb = (s->static_len+3+7)>>3;
-+
-+ Tracev((stderr, "\nopt %lu(%lu) stat %lu(%lu) stored %lu lit %u ",
-+ opt_lenb, s->opt_len, static_lenb, s->static_len, stored_len,
-+ s->last_lit));
-+
-+ if (static_lenb <= opt_lenb) opt_lenb = static_lenb;
-+
-+ } else {
-+ Assert(buf != (char*)0, "lost buf");
-+ opt_lenb = static_lenb = stored_len + 5; /* force a stored block */
-+ }
-+
-+#ifdef FORCE_STORED
-+ if (buf != (char*)0) { /* force stored block */
-+#else
-+ if (stored_len+4 <= opt_lenb && buf != (char*)0) {
-+ /* 4: two words for the lengths */
-+#endif
-+ /* The test buf != NULL is only necessary if LIT_BUFSIZE > WSIZE.
-+ * Otherwise we can't have processed more than WSIZE input bytes since
-+ * the last block flush, because compression would have been
-+ * successful. If LIT_BUFSIZE <= WSIZE, it is never too late to
-+ * transform a block into a stored block.
-+ */
-+ _tr_stored_block(s, buf, stored_len, eof);
-+
-+#ifdef FORCE_STATIC
-+ } else if (static_lenb >= 0) { /* force static trees */
-+#else
-+ } else if (static_lenb == opt_lenb) {
-+#endif
-+ send_bits(s, (STATIC_TREES<<1)+eof, 3);
-+ compress_block(s, static_ltree, static_dtree);
-+#ifdef DEBUG
-+ s->compressed_len += 3 + s->static_len;
-+#endif
-+ } else {
-+ send_bits(s, (DYN_TREES<<1)+eof, 3);
-+ send_all_trees(s, s->l_desc.max_code+1, s->d_desc.max_code+1,
-+ max_blindex+1);
-+ compress_block(s, s->dyn_ltree, s->dyn_dtree);
-+#ifdef DEBUG
-+ s->compressed_len += 3 + s->opt_len;
-+#endif
-+ }
-+ Assert (s->compressed_len == s->bits_sent, "bad compressed size");
-+ /* The above check is made mod 2^32, for files larger than 512 MB
-+ * and uLong implemented on 32 bits.
-+ */
-+ init_block(s);
-+
-+ if (eof) {
-+ bi_windup(s);
-+#ifdef DEBUG
-+ s->compressed_len += 7; /* align on byte boundary */
-+#endif
-+ }
-+ Tracev((stderr,"\ncomprlen %lu(%lu) ", s->compressed_len>>3,
-+ s->compressed_len-7*eof));
-+}
-+
-+/* ===========================================================================
-+ * Save the match info and tally the frequency counts. Return true if
-+ * the current block must be flushed.
-+ */
-+int _tr_tally (s, dist, lc)
-+ deflate_state *s;
-+ unsigned dist; /* distance of matched string */
-+ unsigned lc; /* match length-MIN_MATCH or unmatched char (if dist==0) */
-+{
-+ s->d_buf[s->last_lit] = (ush)dist;
-+ s->l_buf[s->last_lit++] = (uch)lc;
-+ if (dist == 0) {
-+ /* lc is the unmatched char */
-+ s->dyn_ltree[lc].Freq++;
-+ } else {
-+ s->matches++;
-+ /* Here, lc is the match length - MIN_MATCH */
-+ dist--; /* dist = match distance - 1 */
-+ Assert((ush)dist < (ush)MAX_DIST(s) &&
-+ (ush)lc <= (ush)(MAX_MATCH-MIN_MATCH) &&
-+ (ush)d_code(dist) < (ush)D_CODES, "_tr_tally: bad match");
-+
-+ s->dyn_ltree[_length_code[lc]+LITERALS+1].Freq++;
-+ s->dyn_dtree[d_code(dist)].Freq++;
-+ }
-+
-+#ifdef TRUNCATE_BLOCK
-+ /* Try to guess if it is profitable to stop the current block here */
-+ if ((s->last_lit & 0x1fff) == 0 && s->level > 2) {
-+ /* Compute an upper bound for the compressed length */
-+ ulg out_length = (ulg)s->last_lit*8L;
-+ ulg in_length = (ulg)((long)s->strstart - s->block_start);
-+ int dcode;
-+ for (dcode = 0; dcode < D_CODES; dcode++) {
-+ out_length += (ulg)s->dyn_dtree[dcode].Freq *
-+ (5L+extra_dbits[dcode]);
-+ }
-+ out_length >>= 3;
-+ Tracev((stderr,"\nlast_lit %u, in %ld, out ~%ld(%ld%%) ",
-+ s->last_lit, in_length, out_length,
-+ 100L - out_length*100L/in_length));
-+ if (s->matches < s->last_lit/2 && out_length < in_length/2) return 1;
-+ }
-+#endif
-+ return (s->last_lit == s->lit_bufsize-1);
-+ /* We avoid equality with lit_bufsize because of wraparound at 64K
-+ * on 16 bit machines and because stored blocks are restricted to
-+ * 64K-1 bytes.
-+ */
-+}
-+
-+/* ===========================================================================
-+ * Send the block data compressed using the given Huffman trees
-+ */
-+local void compress_block(s, ltree, dtree)
-+ deflate_state *s;
-+ const ct_data *ltree; /* literal tree */
-+ const ct_data *dtree; /* distance tree */
-+{
-+ unsigned dist; /* distance of matched string */
-+ int lc; /* match length or unmatched char (if dist == 0) */
-+ unsigned lx = 0; /* running index in l_buf */
-+ unsigned code; /* the code to send */
-+ int extra; /* number of extra bits to send */
-+
-+ if (s->last_lit != 0) do {
-+ dist = s->d_buf[lx];
-+ lc = s->l_buf[lx++];
-+ if (dist == 0) {
-+ send_code(s, lc, ltree); /* send a literal byte */
-+ Tracecv(isgraph(lc), (stderr," '%c' ", lc));
-+ } else {
-+ /* Here, lc is the match length - MIN_MATCH */
-+ code = _length_code[lc];
-+ send_code(s, code+LITERALS+1, ltree); /* send the length code */
-+ extra = extra_lbits[code];
-+ if (extra != 0) {
-+ lc -= base_length[code];
-+ send_bits(s, lc, extra); /* send the extra length bits */
-+ }
-+ dist--; /* dist is now the match distance - 1 */
-+ code = d_code(dist);
-+ Assert (code < D_CODES, "bad d_code");
-+
-+ send_code(s, code, dtree); /* send the distance code */
-+ extra = extra_dbits[code];
-+ if (extra != 0) {
-+ dist -= base_dist[code];
-+ send_bits(s, dist, extra); /* send the extra distance bits */
-+ }
-+ } /* literal or match pair ? */
-+
-+ /* Check that the overlay between pending_buf and d_buf+l_buf is ok: */
-+ Assert(s->pending < s->lit_bufsize + 2*lx, "pendingBuf overflow");
-+
-+ } while (lx < s->last_lit);
-+
-+ send_code(s, END_BLOCK, ltree);
-+ s->last_eob_len = ltree[END_BLOCK].Len;
-+}
-+
-+/* ===========================================================================
-+ * Set the data type to ASCII or BINARY, using a crude approximation:
-+ * binary if more than 20% of the bytes are <= 6 or >= 128, ascii otherwise.
-+ * IN assertion: the fields freq of dyn_ltree are set and the total of all
-+ * frequencies does not exceed 64K (to fit in an int on 16 bit machines).
-+ */
-+local void set_data_type(s)
-+ deflate_state *s;
-+{
-+ int n = 0;
-+ unsigned ascii_freq = 0;
-+ unsigned bin_freq = 0;
-+ while (n < 7) bin_freq += s->dyn_ltree[n++].Freq;
-+ while (n < 128) ascii_freq += s->dyn_ltree[n++].Freq;
-+ while (n < LITERALS) bin_freq += s->dyn_ltree[n++].Freq;
-+ s->data_type = (Byte)(bin_freq > (ascii_freq >> 2) ? Z_BINARY : Z_ASCII);
-+}
-+
-+/* ===========================================================================
-+ * Reverse the first len bits of a code, using straightforward code (a faster
-+ * method would use a table)
-+ * IN assertion: 1 <= len <= 15
-+ */
-+local unsigned bi_reverse(code, len)
-+ unsigned code; /* the value to invert */
-+ int len; /* its bit length */
-+{
-+ register unsigned res = 0;
-+ do {
-+ res |= code & 1;
-+ code >>= 1, res <<= 1;
-+ } while (--len > 0);
-+ return res >> 1;
-+}
-+
-+/* ===========================================================================
-+ * Flush the bit buffer, keeping at most 7 bits in it.
-+ */
-+local void bi_flush(s)
-+ deflate_state *s;
-+{
-+ if (s->bi_valid == 16) {
-+ put_short(s, s->bi_buf);
-+ s->bi_buf = 0;
-+ s->bi_valid = 0;
-+ } else if (s->bi_valid >= 8) {
-+ put_byte(s, (Byte)s->bi_buf);
-+ s->bi_buf >>= 8;
-+ s->bi_valid -= 8;
-+ }
-+}
-+
-+/* ===========================================================================
-+ * Flush the bit buffer and align the output on a byte boundary
-+ */
-+local void bi_windup(s)
-+ deflate_state *s;
-+{
-+ if (s->bi_valid > 8) {
-+ put_short(s, s->bi_buf);
-+ } else if (s->bi_valid > 0) {
-+ put_byte(s, (Byte)s->bi_buf);
-+ }
-+ s->bi_buf = 0;
-+ s->bi_valid = 0;
-+#ifdef DEBUG
-+ s->bits_sent = (s->bits_sent+7) & ~7;
-+#endif
-+}
-+
-+/* ===========================================================================
-+ * Copy a stored block, storing first the length and its
-+ * one's complement if requested.
-+ */
-+local void copy_block(s, buf, len, header)
-+ deflate_state *s;
-+ charf *buf; /* the input data */
-+ unsigned len; /* its length */
-+ int header; /* true if block header must be written */
-+{
-+ bi_windup(s); /* align on byte boundary */
-+ s->last_eob_len = 8; /* enough lookahead for inflate */
-+
-+ if (header) {
-+ put_short(s, (ush)len);
-+ put_short(s, (ush)~len);
-+#ifdef DEBUG
-+ s->bits_sent += 2*16;
-+#endif
-+ }
-+#ifdef DEBUG
-+ s->bits_sent += (ulg)len<<3;
-+#endif
-+ while (len--) {
-+ put_byte(s, *buf++);
-+ }
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/trees.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,128 @@
-+/* header created automatically with -DGEN_TREES_H */
-+
-+local const ct_data static_ltree[L_CODES+2] = {
-+{{ 12},{ 8}}, {{140},{ 8}}, {{ 76},{ 8}}, {{204},{ 8}}, {{ 44},{ 8}},
-+{{172},{ 8}}, {{108},{ 8}}, {{236},{ 8}}, {{ 28},{ 8}}, {{156},{ 8}},
-+{{ 92},{ 8}}, {{220},{ 8}}, {{ 60},{ 8}}, {{188},{ 8}}, {{124},{ 8}},
-+{{252},{ 8}}, {{ 2},{ 8}}, {{130},{ 8}}, {{ 66},{ 8}}, {{194},{ 8}},
-+{{ 34},{ 8}}, {{162},{ 8}}, {{ 98},{ 8}}, {{226},{ 8}}, {{ 18},{ 8}},
-+{{146},{ 8}}, {{ 82},{ 8}}, {{210},{ 8}}, {{ 50},{ 8}}, {{178},{ 8}},
-+{{114},{ 8}}, {{242},{ 8}}, {{ 10},{ 8}}, {{138},{ 8}}, {{ 74},{ 8}},
-+{{202},{ 8}}, {{ 42},{ 8}}, {{170},{ 8}}, {{106},{ 8}}, {{234},{ 8}},
-+{{ 26},{ 8}}, {{154},{ 8}}, {{ 90},{ 8}}, {{218},{ 8}}, {{ 58},{ 8}},
-+{{186},{ 8}}, {{122},{ 8}}, {{250},{ 8}}, {{ 6},{ 8}}, {{134},{ 8}},
-+{{ 70},{ 8}}, {{198},{ 8}}, {{ 38},{ 8}}, {{166},{ 8}}, {{102},{ 8}},
-+{{230},{ 8}}, {{ 22},{ 8}}, {{150},{ 8}}, {{ 86},{ 8}}, {{214},{ 8}},
-+{{ 54},{ 8}}, {{182},{ 8}}, {{118},{ 8}}, {{246},{ 8}}, {{ 14},{ 8}},
-+{{142},{ 8}}, {{ 78},{ 8}}, {{206},{ 8}}, {{ 46},{ 8}}, {{174},{ 8}},
-+{{110},{ 8}}, {{238},{ 8}}, {{ 30},{ 8}}, {{158},{ 8}}, {{ 94},{ 8}},
-+{{222},{ 8}}, {{ 62},{ 8}}, {{190},{ 8}}, {{126},{ 8}}, {{254},{ 8}},
-+{{ 1},{ 8}}, {{129},{ 8}}, {{ 65},{ 8}}, {{193},{ 8}}, {{ 33},{ 8}},
-+{{161},{ 8}}, {{ 97},{ 8}}, {{225},{ 8}}, {{ 17},{ 8}}, {{145},{ 8}},
-+{{ 81},{ 8}}, {{209},{ 8}}, {{ 49},{ 8}}, {{177},{ 8}}, {{113},{ 8}},
-+{{241},{ 8}}, {{ 9},{ 8}}, {{137},{ 8}}, {{ 73},{ 8}}, {{201},{ 8}},
-+{{ 41},{ 8}}, {{169},{ 8}}, {{105},{ 8}}, {{233},{ 8}}, {{ 25},{ 8}},
-+{{153},{ 8}}, {{ 89},{ 8}}, {{217},{ 8}}, {{ 57},{ 8}}, {{185},{ 8}},
-+{{121},{ 8}}, {{249},{ 8}}, {{ 5},{ 8}}, {{133},{ 8}}, {{ 69},{ 8}},
-+{{197},{ 8}}, {{ 37},{ 8}}, {{165},{ 8}}, {{101},{ 8}}, {{229},{ 8}},
-+{{ 21},{ 8}}, {{149},{ 8}}, {{ 85},{ 8}}, {{213},{ 8}}, {{ 53},{ 8}},
-+{{181},{ 8}}, {{117},{ 8}}, {{245},{ 8}}, {{ 13},{ 8}}, {{141},{ 8}},
-+{{ 77},{ 8}}, {{205},{ 8}}, {{ 45},{ 8}}, {{173},{ 8}}, {{109},{ 8}},
-+{{237},{ 8}}, {{ 29},{ 8}}, {{157},{ 8}}, {{ 93},{ 8}}, {{221},{ 8}},
-+{{ 61},{ 8}}, {{189},{ 8}}, {{125},{ 8}}, {{253},{ 8}}, {{ 19},{ 9}},
-+{{275},{ 9}}, {{147},{ 9}}, {{403},{ 9}}, {{ 83},{ 9}}, {{339},{ 9}},
-+{{211},{ 9}}, {{467},{ 9}}, {{ 51},{ 9}}, {{307},{ 9}}, {{179},{ 9}},
-+{{435},{ 9}}, {{115},{ 9}}, {{371},{ 9}}, {{243},{ 9}}, {{499},{ 9}},
-+{{ 11},{ 9}}, {{267},{ 9}}, {{139},{ 9}}, {{395},{ 9}}, {{ 75},{ 9}},
-+{{331},{ 9}}, {{203},{ 9}}, {{459},{ 9}}, {{ 43},{ 9}}, {{299},{ 9}},
-+{{171},{ 9}}, {{427},{ 9}}, {{107},{ 9}}, {{363},{ 9}}, {{235},{ 9}},
-+{{491},{ 9}}, {{ 27},{ 9}}, {{283},{ 9}}, {{155},{ 9}}, {{411},{ 9}},
-+{{ 91},{ 9}}, {{347},{ 9}}, {{219},{ 9}}, {{475},{ 9}}, {{ 59},{ 9}},
-+{{315},{ 9}}, {{187},{ 9}}, {{443},{ 9}}, {{123},{ 9}}, {{379},{ 9}},
-+{{251},{ 9}}, {{507},{ 9}}, {{ 7},{ 9}}, {{263},{ 9}}, {{135},{ 9}},
-+{{391},{ 9}}, {{ 71},{ 9}}, {{327},{ 9}}, {{199},{ 9}}, {{455},{ 9}},
-+{{ 39},{ 9}}, {{295},{ 9}}, {{167},{ 9}}, {{423},{ 9}}, {{103},{ 9}},
-+{{359},{ 9}}, {{231},{ 9}}, {{487},{ 9}}, {{ 23},{ 9}}, {{279},{ 9}},
-+{{151},{ 9}}, {{407},{ 9}}, {{ 87},{ 9}}, {{343},{ 9}}, {{215},{ 9}},
-+{{471},{ 9}}, {{ 55},{ 9}}, {{311},{ 9}}, {{183},{ 9}}, {{439},{ 9}},
-+{{119},{ 9}}, {{375},{ 9}}, {{247},{ 9}}, {{503},{ 9}}, {{ 15},{ 9}},
-+{{271},{ 9}}, {{143},{ 9}}, {{399},{ 9}}, {{ 79},{ 9}}, {{335},{ 9}},
-+{{207},{ 9}}, {{463},{ 9}}, {{ 47},{ 9}}, {{303},{ 9}}, {{175},{ 9}},
-+{{431},{ 9}}, {{111},{ 9}}, {{367},{ 9}}, {{239},{ 9}}, {{495},{ 9}},
-+{{ 31},{ 9}}, {{287},{ 9}}, {{159},{ 9}}, {{415},{ 9}}, {{ 95},{ 9}},
-+{{351},{ 9}}, {{223},{ 9}}, {{479},{ 9}}, {{ 63},{ 9}}, {{319},{ 9}},
-+{{191},{ 9}}, {{447},{ 9}}, {{127},{ 9}}, {{383},{ 9}}, {{255},{ 9}},
-+{{511},{ 9}}, {{ 0},{ 7}}, {{ 64},{ 7}}, {{ 32},{ 7}}, {{ 96},{ 7}},
-+{{ 16},{ 7}}, {{ 80},{ 7}}, {{ 48},{ 7}}, {{112},{ 7}}, {{ 8},{ 7}},
-+{{ 72},{ 7}}, {{ 40},{ 7}}, {{104},{ 7}}, {{ 24},{ 7}}, {{ 88},{ 7}},
-+{{ 56},{ 7}}, {{120},{ 7}}, {{ 4},{ 7}}, {{ 68},{ 7}}, {{ 36},{ 7}},
-+{{100},{ 7}}, {{ 20},{ 7}}, {{ 84},{ 7}}, {{ 52},{ 7}}, {{116},{ 7}},
-+{{ 3},{ 8}}, {{131},{ 8}}, {{ 67},{ 8}}, {{195},{ 8}}, {{ 35},{ 8}},
-+{{163},{ 8}}, {{ 99},{ 8}}, {{227},{ 8}}
-+};
-+
-+local const ct_data static_dtree[D_CODES] = {
-+{{ 0},{ 5}}, {{16},{ 5}}, {{ 8},{ 5}}, {{24},{ 5}}, {{ 4},{ 5}},
-+{{20},{ 5}}, {{12},{ 5}}, {{28},{ 5}}, {{ 2},{ 5}}, {{18},{ 5}},
-+{{10},{ 5}}, {{26},{ 5}}, {{ 6},{ 5}}, {{22},{ 5}}, {{14},{ 5}},
-+{{30},{ 5}}, {{ 1},{ 5}}, {{17},{ 5}}, {{ 9},{ 5}}, {{25},{ 5}},
-+{{ 5},{ 5}}, {{21},{ 5}}, {{13},{ 5}}, {{29},{ 5}}, {{ 3},{ 5}},
-+{{19},{ 5}}, {{11},{ 5}}, {{27},{ 5}}, {{ 7},{ 5}}, {{23},{ 5}}
-+};
-+
-+const uch _dist_code[DIST_CODE_LEN] = {
-+ 0, 1, 2, 3, 4, 4, 5, 5, 6, 6, 6, 6, 7, 7, 7, 7, 8, 8, 8, 8,
-+ 8, 8, 8, 8, 9, 9, 9, 9, 9, 9, 9, 9, 10, 10, 10, 10, 10, 10, 10, 10,
-+10, 10, 10, 10, 10, 10, 10, 10, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
-+11, 11, 11, 11, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
-+12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 13, 13, 13, 13,
-+13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
-+13, 13, 13, 13, 13, 13, 13, 13, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-+14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-+14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
-+14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 15, 15, 15, 15, 15, 15, 15, 15,
-+15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-+15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
-+15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 0, 0, 16, 17,
-+18, 18, 19, 19, 20, 20, 20, 20, 21, 21, 21, 21, 22, 22, 22, 22, 22, 22, 22, 22,
-+23, 23, 23, 23, 23, 23, 23, 23, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
-+24, 24, 24, 24, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25,
-+26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26,
-+26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 27, 27, 27, 27, 27, 27, 27, 27,
-+27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27,
-+27, 27, 27, 27, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28,
-+28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28,
-+28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28,
-+28, 28, 28, 28, 28, 28, 28, 28, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29,
-+29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29,
-+29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29,
-+29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29
-+};
-+
-+const uch _length_code[MAX_MATCH-MIN_MATCH+1]= {
-+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 8, 9, 9, 10, 10, 11, 11, 12, 12, 12, 12,
-+13, 13, 13, 13, 14, 14, 14, 14, 15, 15, 15, 15, 16, 16, 16, 16, 16, 16, 16, 16,
-+17, 17, 17, 17, 17, 17, 17, 17, 18, 18, 18, 18, 18, 18, 18, 18, 19, 19, 19, 19,
-+19, 19, 19, 19, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20,
-+21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 22, 22, 22, 22,
-+22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 23, 23, 23, 23, 23, 23, 23, 23,
-+23, 23, 23, 23, 23, 23, 23, 23, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
-+24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
-+25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25,
-+25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 26, 26, 26, 26, 26, 26, 26, 26,
-+26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26,
-+26, 26, 26, 26, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27,
-+27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 28
-+};
-+
-+local const int base_length[LENGTH_CODES] = {
-+0, 1, 2, 3, 4, 5, 6, 7, 8, 10, 12, 14, 16, 20, 24, 28, 32, 40, 48, 56,
-+64, 80, 96, 112, 128, 160, 192, 224, 0
-+};
-+
-+local const int base_dist[D_CODES] = {
-+ 0, 1, 2, 3, 4, 6, 8, 12, 16, 24,
-+ 32, 48, 64, 96, 128, 192, 256, 384, 512, 768,
-+ 1024, 1536, 2048, 3072, 4096, 6144, 8192, 12288, 16384, 24576
-+};
-+
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ultoa.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,66 @@
-+/*
-+ * convert unsigned long to ASCII
-+ * Copyright (C) 1998, 1999 Henry Spencer.
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: ultoa.c,v 1.10 2004/07/10 07:48:37 mcr Exp $
-+ */
-+#include "openswan.h"
-+
-+/*
-+ - ultoa - convert unsigned long to decimal ASCII
-+ */
-+size_t /* length required for full conversion */
-+ultoa(n, base, dst, dstlen)
-+unsigned long n;
-+int base;
-+char *dst; /* need not be valid if dstlen is 0 */
-+size_t dstlen;
-+{
-+ char buf[3*sizeof(unsigned long) + 1];
-+ char *bufend = buf + sizeof(buf);
-+ size_t len;
-+ char *p;
-+ static char hex[] = "0123456789abcdef";
-+
-+ p = bufend;
-+ *--p = '\0';
-+ if (base == 10) {
-+ do {
-+ *--p = n%10 + '0';
-+ n /= 10;
-+ } while (n != 0);
-+ } else if (base == 16) {
-+ do {
-+ *--p = hex[n&0xf];
-+ n >>= 4;
-+ } while (n != 0);
-+ *--p = 'x';
-+ *--p = '0';
-+ } else if (base == 8) {
-+ do {
-+ *--p = (n&07) + '0';
-+ n >>= 3;
-+ } while (n != 0);
-+ *--p = '0';
-+ } else
-+ *--p = '?';
-+
-+ len = bufend - p;
-+
-+ if (dstlen > 0) {
-+ if (len > dstlen)
-+ *(p + dstlen - 1) = '\0';
-+ strcpy(dst, p);
-+ }
-+ return len;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/ultot.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,82 @@
-+/*
-+ * convert unsigned long to text
-+ * Copyright (C) 2000 Henry Spencer.
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: ultot.c,v 1.5 2004/07/10 07:48:37 mcr Exp $
-+ */
-+#include "openswan.h"
-+
-+/*
-+ - ultot - convert unsigned long to text
-+ */
-+size_t /* length required for full conversion */
-+ultot(n, base, dst, dstlen)
-+unsigned long n;
-+int base;
-+char *dst; /* need not be valid if dstlen is 0 */
-+size_t dstlen;
-+{
-+ char buf[3*sizeof(unsigned long) + 1];
-+ char *bufend = buf + sizeof(buf);
-+ size_t len;
-+ char *p;
-+ static char hex[] = "0123456789abcdef";
-+# define HEX32 (32/4)
-+
-+ p = bufend;
-+ *--p = '\0';
-+ switch (base) {
-+ case 10:
-+ case 'd':
-+ do {
-+ *--p = n%10 + '0';
-+ n /= 10;
-+ } while (n != 0);
-+ break;
-+ case 16:
-+ case 17:
-+ case 'x':
-+ do {
-+ *--p = hex[n&0xf];
-+ n >>= 4;
-+ } while (n != 0);
-+ if (base == 17)
-+ while (bufend - p < HEX32 + 1)
-+ *--p = '0';
-+ if (base == 'x') {
-+ *--p = 'x';
-+ *--p = '0';
-+ }
-+ break;
-+ case 8:
-+ case 'o':
-+ do {
-+ *--p = (n&07) + '0';
-+ n >>= 3;
-+ } while (n != 0);
-+ if (base == 'o')
-+ *--p = '0';
-+ break;
-+ default:
-+ return 0;
-+ break;
-+ }
-+
-+ len = bufend - p;
-+ if (dstlen > 0) {
-+ if (len > dstlen)
-+ *(p + dstlen - 1) = '\0';
-+ strcpy(dst, p);
-+ }
-+ return len;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/version.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,44 @@
-+/*
-+ * return IPsec version information
-+ * Copyright (C) 2001 Henry Spencer.
-+ *
-+ * This library is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU Library General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or (at your
-+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
-+ *
-+ * This library is distributed in the hope that it will be useful, but
-+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
-+ * License for more details.
-+ *
-+ * RCSID $Id: version.in.c,v 1.2 2004/04/14 05:09:46 ken Exp $
-+ */
-+
-+#ifdef __KERNEL__
-+#include <linux/netdevice.h>
-+#endif
-+
-+#include "openswan.h"
-+
-+#define V "2.4.9" /* substituted in by Makefile */
-+static const char openswan_number[] = V;
-+static const char openswan_string[] = "Openswan " V;
-+
-+/*
-+ - ipsec_version_code - return IPsec version number/code, as string
-+ */
-+const char *
-+ipsec_version_code()
-+{
-+ return openswan_number;
-+}
-+
-+/*
-+ - ipsec_version_string - return full version string
-+ */
-+const char *
-+ipsec_version_string()
-+{
-+ return openswan_string;
-+}
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ linux/net/ipsec/zutil.c Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,227 @@
-+/* zutil.c -- target dependent utility functions for the compression library
-+ * Copyright (C) 1995-2002 Jean-loup Gailly.
-+ * For conditions of distribution and use, see copyright notice in zlib.h
-+ */
-+
-+/* @(#) $Id: zutil.c,v 1.5 2004/07/10 07:48:40 mcr Exp $ */
-+
-+#include <zlib/zutil.h>
-+
-+#define MY_ZCALLOC
-+
-+struct internal_state {int dummy;}; /* for buggy compilers */
-+
-+#ifndef STDC
-+extern void exit OF((int));
-+#endif
-+
-+const char *z_errmsg[10] = {
-+"need dictionary", /* Z_NEED_DICT 2 */
-+"stream end", /* Z_STREAM_END 1 */
-+"", /* Z_OK 0 */
-+"file error", /* Z_ERRNO (-1) */
-+"stream error", /* Z_STREAM_ERROR (-2) */
-+"data error", /* Z_DATA_ERROR (-3) */
-+"insufficient memory", /* Z_MEM_ERROR (-4) */
-+"buffer error", /* Z_BUF_ERROR (-5) */
-+"incompatible version",/* Z_VERSION_ERROR (-6) */
-+""};
-+
-+
-+const char * ZEXPORT zlibVersion()
-+{
-+ return ZLIB_VERSION;
-+}
-+
-+#ifdef DEBUG
-+
-+# ifndef verbose
-+# define verbose 0
-+# endif
-+int z_verbose = verbose;
-+
-+void z_error (m)
-+ char *m;
-+{
-+ fprintf(stderr, "%s\n", m);
-+ exit(1);
-+}
-+#endif
-+
-+/* exported to allow conversion of error code to string for compress() and
-+ * uncompress()
-+ */
-+const char * ZEXPORT zError(err)
-+ int err;
-+{
-+ return ERR_MSG(err);
-+}
-+
-+
-+#ifndef HAVE_MEMCPY
-+
-+void zmemcpy(dest, source, len)
-+ Bytef* dest;
-+ const Bytef* source;
-+ uInt len;
-+{
-+ if (len == 0) return;
-+ do {
-+ *dest++ = *source++; /* ??? to be unrolled */
-+ } while (--len != 0);
-+}
-+
-+int zmemcmp(s1, s2, len)
-+ const Bytef* s1;
-+ const Bytef* s2;
-+ uInt len;
-+{
-+ uInt j;
-+
-+ for (j = 0; j < len; j++) {
-+ if (s1[j] != s2[j]) return 2*(s1[j] > s2[j])-1;
-+ }
-+ return 0;
-+}
-+
-+void zmemzero(dest, len)
-+ Bytef* dest;
-+ uInt len;
-+{
-+ if (len == 0) return;
-+ do {
-+ *dest++ = 0; /* ??? to be unrolled */
-+ } while (--len != 0);
-+}
-+#endif
-+
-+#ifdef __TURBOC__
-+#if (defined( __BORLANDC__) || !defined(SMALL_MEDIUM)) && !defined(__32BIT__)
-+/* Small and medium model in Turbo C are for now limited to near allocation
-+ * with reduced MAX_WBITS and MAX_MEM_LEVEL
-+ */
-+# define MY_ZCALLOC
-+
-+/* Turbo C malloc() does not allow dynamic allocation of 64K bytes
-+ * and farmalloc(64K) returns a pointer with an offset of 8, so we
-+ * must fix the pointer. Warning: the pointer must be put back to its
-+ * original form in order to free it, use zcfree().
-+ */
-+
-+#define MAX_PTR 10
-+/* 10*64K = 640K */
-+
-+local int next_ptr = 0;
-+
-+typedef struct ptr_table_s {
-+ voidpf org_ptr;
-+ voidpf new_ptr;
-+} ptr_table;
-+
-+local ptr_table table[MAX_PTR];
-+/* This table is used to remember the original form of pointers
-+ * to large buffers (64K). Such pointers are normalized with a zero offset.
-+ * Since MSDOS is not a preemptive multitasking OS, this table is not
-+ * protected from concurrent access. This hack doesn't work anyway on
-+ * a protected system like OS/2. Use Microsoft C instead.
-+ */
-+
-+voidpf zcalloc (voidpf opaque, unsigned items, unsigned size)
-+{
-+ voidpf buf = opaque; /* just to make some compilers happy */
-+ ulg bsize = (ulg)items*size;
-+
-+ /* If we allocate less than 65520 bytes, we assume that farmalloc
-+ * will return a usable pointer which doesn't have to be normalized.
-+ */
-+ if (bsize < 65520L) {
-+ buf = farmalloc(bsize);
-+ if (*(ush*)&buf != 0) return buf;
-+ } else {
-+ buf = farmalloc(bsize + 16L);
-+ }
-+ if (buf == NULL || next_ptr >= MAX_PTR) return NULL;
-+ table[next_ptr].org_ptr = buf;
-+
-+ /* Normalize the pointer to seg:0 */
-+ *((ush*)&buf+1) += ((ush)((uch*)buf-0) + 15) >> 4;
-+ *(ush*)&buf = 0;
-+ table[next_ptr++].new_ptr = buf;
-+ return buf;
-+}
-+
-+void zcfree (voidpf opaque, voidpf ptr)
-+{
-+ int n;
-+ if (*(ush*)&ptr != 0) { /* object < 64K */
-+ farfree(ptr);
-+ return;
-+ }
-+ /* Find the original pointer */
-+ for (n = 0; n < next_ptr; n++) {
-+ if (ptr != table[n].new_ptr) continue;
-+
-+ farfree(table[n].org_ptr);
-+ while (++n < next_ptr) {
-+ table[n-1] = table[n];
-+ }
-+ next_ptr--;
-+ return;
-+ }
-+ ptr = opaque; /* just to make some compilers happy */
-+ Assert(0, "zcfree: ptr not found");
-+}
-+#endif
-+#endif /* __TURBOC__ */
-+
-+
-+#if defined(M_I86) && !defined(__32BIT__)
-+/* Microsoft C in 16-bit mode */
-+
-+# define MY_ZCALLOC
-+
-+#if (!defined(_MSC_VER) || (_MSC_VER <= 600))
-+# define _halloc halloc
-+# define _hfree hfree
-+#endif
-+
-+voidpf zcalloc (voidpf opaque, unsigned items, unsigned size)
-+{
-+ if (opaque) opaque = 0; /* to make compiler happy */
-+ return _halloc((long)items, size);
-+}
-+
-+void zcfree (voidpf opaque, voidpf ptr)
-+{
-+ if (opaque) opaque = 0; /* to make compiler happy */
-+ _hfree(ptr);
-+}
-+
-+#endif /* MSC */
-+
-+
-+#ifndef MY_ZCALLOC /* Any system without a special alloc function */
-+
-+#ifndef STDC
-+extern voidp calloc OF((uInt items, uInt size));
-+extern void free OF((voidpf ptr));
-+#endif
-+
-+voidpf zcalloc (opaque, items, size)
-+ voidpf opaque;
-+ unsigned items;
-+ unsigned size;
-+{
-+ if (opaque) items += size - size; /* make compiler happy */
-+ return (voidpf)calloc(items, size);
-+}
-+
-+void zcfree (opaque, ptr)
-+ voidpf opaque;
-+ voidpf ptr;
-+{
-+ free(ptr);
-+ if (opaque) return; /* make compiler happy */
-+}
-+
-+#endif /* MY_ZCALLOC */
---- swan26/net/ipv4/af_inet.c.orig Wed Jun 16 01:18:58 2004
-+++ swan26/net/ipv4/af_inet.c Fri Aug 13 23:09:27 2004
-@@ -1169,6 +1169,18 @@
- #if defined(CONFIG_IP_MROUTE)
- ip_mr_init();
- #endif
-+
-+#if defined(CONFIG_KLIPS)
-+ {
-+ extern int ipsec_klips_init(void);
-+ /*
-+ * Initialise AF_INET ESP and AH protocol support including
-+ * e-routing and SA tables
-+ */
-+ ipsec_klips_init();
-+ }
-+#endif /* CONFIG_IPSEC */
-+
- /*
- * Initialise per-cpu ipv4 mibs
- */
---- /dev/null Fri May 10 13:59:54 2002
-+++ linux/net/ipsec/Makefile.ver Sun Jul 28 22:10:40 2002
-@@ -0,0 +1 @@
-+IPSECVERSION=2.4.9
+++ /dev/null
-packaging/utils/nattpatch 2.6
---- /dev/null Tue Mar 11 13:02:56 2003
-+++ nat-t/include/net/xfrmudp.h Mon Feb 9 13:51:03 2004
-@@ -0,0 +1,10 @@
-+/*
-+ * pointer to function for type that xfrm4_input wants, to permit
-+ * decoupling of XFRM from udp.c
-+ */
-+#define HAVE_XFRM4_UDP_REGISTER
-+
-+typedef int (*xfrm4_rcv_encap_t)(struct sk_buff *skb, __u16 encap_type);
-+extern int udp4_register_esp_rcvencap(xfrm4_rcv_encap_t func
-+ , xfrm4_rcv_encap_t *oldfunc);
-+extern int udp4_unregister_esp_rcvencap(xfrm4_rcv_encap_t func);
---- /distros/kernel/linux-2.6.11.2/net/ipv4/Kconfig 2005-03-09 03:12:33.000000000 -0500
-+++ swan26/net/ipv4/Kconfig 2005-04-04 18:46:13.000000000 -0400
-@@ -351,2 +351,8 @@
-
-+config IPSEC_NAT_TRAVERSAL
-+ bool "IPSEC NAT-Traversal (KLIPS compatible)"
-+ depends on INET
-+ ---help---
-+ Includes support for RFC3947/RFC3948 NAT-Traversal of ESP over UDP.
-+
- config IP_TCPDIAG
---- plain26/net/ipv4/udp.c.orig 2006-01-02 22:21:10.000000000 -0500
-+++ plain26/net/ipv4/udp.c 2006-01-12 20:18:57.000000000 -0500
-@@ -110,2 +110,3 @@
- #include <net/xfrm.h>
-+#include <net/xfrmudp.h>
-
-@@ -894,6 +897,44 @@
- sk_common_release(sk);
- }
-
-+#if defined(CONFIG_XFRM) || defined(CONFIG_IPSEC_NAT_TRAVERSAL)
-+
-+/* if XFRM isn't a module, then register it directly. */
-+#if !defined(CONFIG_XFRM_MODULE)
-+static xfrm4_rcv_encap_t xfrm4_rcv_encap_func = xfrm4_rcv_encap;
-+#else
-+static xfrm4_rcv_encap_t xfrm4_rcv_encap_func = NULL;
-+#endif
-+
-+static xfrm4_rcv_encap_t xfrm4_rcv_encap_func;
-+
-+int udp4_register_esp_rcvencap(xfrm4_rcv_encap_t func
-+ , xfrm4_rcv_encap_t *oldfunc)
-+{
-+ if(oldfunc != NULL) {
-+ *oldfunc = xfrm4_rcv_encap_func;
-+ }
-+
-+#if 0
-+ if(xfrm4_rcv_encap_func != NULL)
-+ return -1;
-+#endif
-+
-+ xfrm4_rcv_encap_func = func;
-+ return 0;
-+}
-+
-+int udp4_unregister_esp_rcvencap(xfrm4_rcv_encap_t func)
-+{
-+ if(xfrm4_rcv_encap_func != func)
-+ return -1;
-+
-+ xfrm4_rcv_encap_func = NULL;
-+ return 0;
-+}
-+#endif /* CONFIG_XFRM || defined(CONFIG_IPSEC_NAT_TRAVERSAL)*/
-+
-+
- /* return:
- * 1 if the the UDP system should process it
- * 0 if we should drop this packet
-@@ -901,9 +940,9 @@
- */
- static int udp_encap_rcv(struct sock * sk, struct sk_buff *skb)
- {
--#ifndef CONFIG_XFRM
-+#if !defined(CONFIG_XFRM) && !defined(CONFIG_IPSEC_NAT_TRAVERSAL)
- return 1;
--#else
-+#else /* either CONFIG_XFRM or CONFIG_IPSEC_NAT_TRAVERSAL */
- struct udp_sock *up = udp_sk(sk);
- struct udphdr *uh = skb->h.uh;
- struct iphdr *iph;
-@@ -1021,10 +1060,14 @@
- return 0;
- }
- if (ret < 0) {
-- /* process the ESP packet */
-- ret = xfrm4_rcv_encap(skb, up->encap_type);
-- UDP_INC_STATS_BH(UDP_MIB_INDATAGRAMS);
-- return -ret;
-+ if(xfrm4_rcv_encap_func != NULL) {
-+ ret = (*xfrm4_rcv_encap_func)(skb, up->encap_type);
-+ UDP_INC_STATS_BH(UDP_MIB_INDATAGRAMS);
-+ } else {
-+ UDP_INC_STATS_BH(UDP_MIB_INERRORS);
-+ ret = 1;
-+ }
-+ return ret;
- }
- /* FALLTHROUGH -- it's a UDP Packet */
- }
-@@ -1114,7 +1157,6 @@
- /*
- * All we need to do is get the socket, and then do a checksum.
- */
--
- int udp_rcv(struct sk_buff *skb)
- {
- struct sock *sk;
-@@ -1571,3 +1613,9 @@
- EXPORT_SYMBOL(udp_proc_register);
- EXPORT_SYMBOL(udp_proc_unregister);
- #endif
-+
-+#if defined(CONFIG_IPSEC_NAT_TRAVERSAL)
-+EXPORT_SYMBOL(udp4_register_esp_rcvencap);
-+EXPORT_SYMBOL(udp4_unregister_esp_rcvencap);
-+#endif
-+
+++ /dev/null
-Merge master.kernel.org:/pub/scm/linux/kernel/git/herbert/crypto-2.6
-
-* master.kernel.org:/pub/scm/linux/kernel/git/herbert/crypto-2.6:
- [CRYPTO] aes: Fixed array boundary violation
- [CRYPTO] tcrypt: Fix key alignment
- [CRYPTO] all: Add missing cra_alignmask
- [CRYPTO] all: Use kzalloc where possible
- [CRYPTO] api: Align tfm context as wide as possible
- [CRYPTO] twofish: Use rol32/ror32 where appropriate
-
-Index: linux-2.6.16.50/arch/x86_64/crypto/aes.c
-===================================================================
---- linux-2.6.16.50.orig/arch/x86_64/crypto/aes.c 2006-07-14 18:09:26.335435750 +1200
-+++ linux-2.6.16.50/arch/x86_64/crypto/aes.c 2006-07-14 18:10:31.083482250 +1200
-@@ -77,12 +77,11 @@
- struct aes_ctx
- {
- u32 key_length;
-- u32 E[60];
-- u32 D[60];
-+ u32 buf[120];
- };
-
--#define E_KEY ctx->E
--#define D_KEY ctx->D
-+#define E_KEY (&ctx->buf[0])
-+#define D_KEY (&ctx->buf[60])
-
- static u8 pow_tab[256] __initdata;
- static u8 log_tab[256] __initdata;
-@@ -228,10 +227,10 @@
- t ^= E_KEY[8 * i + 7]; E_KEY[8 * i + 15] = t; \
- }
-
--static int aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len,
-- u32 *flags)
-+static int aes_set_key(struct crypto_tfm *tfm, const u8 *in_key,
-+ unsigned int key_len, u32 *flags)
- {
-- struct aes_ctx *ctx = ctx_arg;
-+ struct aes_ctx *ctx = crypto_tfm_ctx(tfm);
- const __le32 *key = (const __le32 *)in_key;
- u32 i, j, t, u, v, w;
-
-@@ -284,8 +283,18 @@
- return 0;
- }
-
--extern void aes_encrypt(void *ctx_arg, u8 *out, const u8 *in);
--extern void aes_decrypt(void *ctx_arg, u8 *out, const u8 *in);
-+asmlinkage void aes_enc_blk(struct crypto_tfm *tfm, u8 *out, const u8 *in);
-+asmlinkage void aes_dec_blk(struct crypto_tfm *tfm, u8 *out, const u8 *in);
-+
-+static void aes_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
-+{
-+ aes_enc_blk(tfm, dst, src);
-+}
-+
-+static void aes_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
-+{
-+ aes_dec_blk(tfm, dst, src);
-+}
-
- static struct crypto_alg aes_alg = {
- .cra_name = "aes",
-Index: linux-2.6.16.50/crypto/aes.c
-===================================================================
---- linux-2.6.16.50.orig/crypto/aes.c 2006-07-14 18:09:26.351436750 +1200
-+++ linux-2.6.16.50/crypto/aes.c 2006-07-14 18:10:31.087482500 +1200
-@@ -75,12 +75,11 @@
-
- struct aes_ctx {
- int key_length;
-- u32 E[60];
-- u32 D[60];
-+ u32 buf[120];
- };
-
--#define E_KEY ctx->E
--#define D_KEY ctx->D
-+#define E_KEY (&ctx->buf[0])
-+#define D_KEY (&ctx->buf[60])
-
- static u8 pow_tab[256] __initdata;
- static u8 log_tab[256] __initdata;
-@@ -249,10 +248,10 @@
- t ^= E_KEY[8 * i + 7]; E_KEY[8 * i + 15] = t; \
- }
-
--static int
--aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags)
-+static int aes_set_key(struct crypto_tfm *tfm, const u8 *in_key,
-+ unsigned int key_len, u32 *flags)
- {
-- struct aes_ctx *ctx = ctx_arg;
-+ struct aes_ctx *ctx = crypto_tfm_ctx(tfm);
- const __le32 *key = (const __le32 *)in_key;
- u32 i, t, u, v, w;
-
-@@ -319,9 +318,9 @@
- f_rl(bo, bi, 2, k); \
- f_rl(bo, bi, 3, k)
-
--static void aes_encrypt(void *ctx_arg, u8 *out, const u8 *in)
-+static void aes_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
- {
-- const struct aes_ctx *ctx = ctx_arg;
-+ const struct aes_ctx *ctx = crypto_tfm_ctx(tfm);
- const __le32 *src = (const __le32 *)in;
- __le32 *dst = (__le32 *)out;
- u32 b0[4], b1[4];
-@@ -374,9 +373,9 @@
- i_rl(bo, bi, 2, k); \
- i_rl(bo, bi, 3, k)
-
--static void aes_decrypt(void *ctx_arg, u8 *out, const u8 *in)
-+static void aes_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
- {
-- const struct aes_ctx *ctx = ctx_arg;
-+ const struct aes_ctx *ctx = crypto_tfm_ctx(tfm);
- const __le32 *src = (const __le32 *)in;
- __le32 *dst = (__le32 *)out;
- u32 b0[4], b1[4];
-Index: linux-2.6.16.50/crypto/api.c
-===================================================================
---- linux-2.6.16.50.orig/crypto/api.c 2006-07-14 18:09:26.351436750 +1200
-+++ linux-2.6.16.50/crypto/api.c 2006-07-14 18:10:31.091482750 +1200
-@@ -165,7 +165,7 @@
- break;
- }
-
-- return len + alg->cra_alignmask;
-+ return len + (alg->cra_alignmask & ~(crypto_tfm_ctx_alignment() - 1));
- }
-
- struct crypto_tfm *crypto_alloc_tfm(const char *name, u32 flags)
-@@ -179,24 +179,25 @@
- goto out;
-
- tfm_size = sizeof(*tfm) + crypto_ctxsize(alg, flags);
-- tfm = kmalloc(tfm_size, GFP_KERNEL);
-+ tfm = kzalloc(tfm_size, GFP_KERNEL);
- if (tfm == NULL)
- goto out_put;
-
-- memset(tfm, 0, tfm_size);
--
- tfm->__crt_alg = alg;
-
- if (crypto_init_flags(tfm, flags))
- goto out_free_tfm;
-
-- if (crypto_init_ops(tfm)) {
-- crypto_exit_ops(tfm);
-+ if (crypto_init_ops(tfm))
- goto out_free_tfm;
-- }
-+
-+ if (alg->cra_init && alg->cra_init(tfm))
-+ goto cra_init_failed;
-
- goto out;
-
-+cra_init_failed:
-+ crypto_exit_ops(tfm);
- out_free_tfm:
- kfree(tfm);
- tfm = NULL;
-@@ -217,6 +218,8 @@
- alg = tfm->__crt_alg;
- size = sizeof(*tfm) + alg->cra_ctxsize;
-
-+ if (alg->cra_exit)
-+ alg->cra_exit(tfm);
- crypto_exit_ops(tfm);
- crypto_alg_put(alg);
- memset(tfm, 0, size);
-@@ -226,7 +229,7 @@
- static inline int crypto_set_driver_name(struct crypto_alg *alg)
- {
- static const char suffix[] = "-generic";
-- char *driver_name = (char *)alg->cra_driver_name;
-+ char *driver_name = alg->cra_driver_name;
- int len;
-
- if (*driver_name)
-@@ -264,13 +267,13 @@
- down_write(&crypto_alg_sem);
-
- list_for_each_entry(q, &crypto_alg_list, cra_list) {
-- if (!strcmp(q->cra_driver_name, alg->cra_driver_name)) {
-+ if (q == alg) {
- ret = -EEXIST;
- goto out;
- }
- }
-
-- list_add_tail(&alg->cra_list, &crypto_alg_list);
-+ list_add(&alg->cra_list, &crypto_alg_list);
- out:
- up_write(&crypto_alg_sem);
- return ret;
-Index: linux-2.6.16.50/crypto/deflate.c
-===================================================================
---- linux-2.6.16.50.orig/crypto/deflate.c 2006-07-14 18:09:26.351436750 +1200
-+++ linux-2.6.16.50/crypto/deflate.c 2006-07-14 18:10:31.091482750 +1200
-@@ -73,12 +73,11 @@
- int ret = 0;
- struct z_stream_s *stream = &ctx->decomp_stream;
-
-- stream->workspace = kmalloc(zlib_inflate_workspacesize(), GFP_KERNEL);
-+ stream->workspace = kzalloc(zlib_inflate_workspacesize(), GFP_KERNEL);
- if (!stream->workspace ) {
- ret = -ENOMEM;
- goto out;
- }
-- memset(stream->workspace, 0, zlib_inflate_workspacesize());
- ret = zlib_inflateInit2(stream, -DEFLATE_DEF_WINBITS);
- if (ret != Z_OK) {
- ret = -EINVAL;
-@@ -103,8 +102,9 @@
- kfree(ctx->decomp_stream.workspace);
- }
-
--static int deflate_init(void *ctx)
-+static int deflate_init(struct crypto_tfm *tfm)
- {
-+ struct deflate_ctx *ctx = crypto_tfm_ctx(tfm);
- int ret;
-
- ret = deflate_comp_init(ctx);
-@@ -117,17 +117,19 @@
- return ret;
- }
-
--static void deflate_exit(void *ctx)
-+static void deflate_exit(struct crypto_tfm *tfm)
- {
-+ struct deflate_ctx *ctx = crypto_tfm_ctx(tfm);
-+
- deflate_comp_exit(ctx);
- deflate_decomp_exit(ctx);
- }
-
--static int deflate_compress(void *ctx, const u8 *src, unsigned int slen,
-- u8 *dst, unsigned int *dlen)
-+static int deflate_compress(struct crypto_tfm *tfm, const u8 *src,
-+ unsigned int slen, u8 *dst, unsigned int *dlen)
- {
- int ret = 0;
-- struct deflate_ctx *dctx = ctx;
-+ struct deflate_ctx *dctx = crypto_tfm_ctx(tfm);
- struct z_stream_s *stream = &dctx->comp_stream;
-
- ret = zlib_deflateReset(stream);
-@@ -152,12 +154,12 @@
- return ret;
- }
-
--static int deflate_decompress(void *ctx, const u8 *src, unsigned int slen,
-- u8 *dst, unsigned int *dlen)
-+static int deflate_decompress(struct crypto_tfm *tfm, const u8 *src,
-+ unsigned int slen, u8 *dst, unsigned int *dlen)
- {
-
- int ret = 0;
-- struct deflate_ctx *dctx = ctx;
-+ struct deflate_ctx *dctx = crypto_tfm_ctx(tfm);
- struct z_stream_s *stream = &dctx->decomp_stream;
-
- ret = zlib_inflateReset(stream);
-@@ -199,9 +201,9 @@
- .cra_ctxsize = sizeof(struct deflate_ctx),
- .cra_module = THIS_MODULE,
- .cra_list = LIST_HEAD_INIT(alg.cra_list),
-+ .cra_init = deflate_init,
-+ .cra_exit = deflate_exit,
- .cra_u = { .compress = {
-- .coa_init = deflate_init,
-- .coa_exit = deflate_exit,
- .coa_compress = deflate_compress,
- .coa_decompress = deflate_decompress } }
- };
-Index: linux-2.6.16.50/crypto/des.c
-===================================================================
---- linux-2.6.16.50.orig/crypto/des.c 2006-07-14 18:09:26.355437000 +1200
-+++ linux-2.6.16.50/crypto/des.c 2006-07-14 18:10:31.099483250 +1200
-@@ -783,9 +783,10 @@
- }
- }
-
--static int des_setkey(void *ctx, const u8 *key, unsigned int keylen, u32 *flags)
-+static int des_setkey(struct crypto_tfm *tfm, const u8 *key,
-+ unsigned int keylen, u32 *flags)
- {
-- struct des_ctx *dctx = ctx;
-+ struct des_ctx *dctx = crypto_tfm_ctx(tfm);
- u32 tmp[DES_EXPKEY_WORDS];
- int ret;
-
-@@ -803,9 +804,10 @@
- return 0;
- }
-
--static void des_encrypt(void *ctx, u8 *dst, const u8 *src)
-+static void des_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
- {
-- const u32 *K = ((struct des_ctx *)ctx)->expkey;
-+ struct des_ctx *ctx = crypto_tfm_ctx(tfm);
-+ const u32 *K = ctx->expkey;
- const __le32 *s = (const __le32 *)src;
- __le32 *d = (__le32 *)dst;
- u32 L, R, A, B;
-@@ -825,9 +827,10 @@
- d[1] = cpu_to_le32(L);
- }
-
--static void des_decrypt(void *ctx, u8 *dst, const u8 *src)
-+static void des_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
- {
-- const u32 *K = ((struct des_ctx *)ctx)->expkey + DES_EXPKEY_WORDS - 2;
-+ struct des_ctx *ctx = crypto_tfm_ctx(tfm);
-+ const u32 *K = ctx->expkey + DES_EXPKEY_WORDS - 2;
- const __le32 *s = (const __le32 *)src;
- __le32 *d = (__le32 *)dst;
- u32 L, R, A, B;
-@@ -860,11 +863,11 @@
- * property.
- *
- */
--static int des3_ede_setkey(void *ctx, const u8 *key,
-+static int des3_ede_setkey(struct crypto_tfm *tfm, const u8 *key,
- unsigned int keylen, u32 *flags)
- {
- const u32 *K = (const u32 *)key;
-- struct des3_ede_ctx *dctx = ctx;
-+ struct des3_ede_ctx *dctx = crypto_tfm_ctx(tfm);
- u32 *expkey = dctx->expkey;
-
- if (unlikely(!((K[0] ^ K[2]) | (K[1] ^ K[3])) ||
-@@ -881,9 +884,9 @@
- return 0;
- }
-
--static void des3_ede_encrypt(void *ctx, u8 *dst, const u8 *src)
-+static void des3_ede_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
- {
-- struct des3_ede_ctx *dctx = ctx;
-+ struct des3_ede_ctx *dctx = crypto_tfm_ctx(tfm);
- const u32 *K = dctx->expkey;
- const __le32 *s = (const __le32 *)src;
- __le32 *d = (__le32 *)dst;
-@@ -912,9 +915,9 @@
- d[1] = cpu_to_le32(L);
- }
-
--static void des3_ede_decrypt(void *ctx, u8 *dst, const u8 *src)
-+static void des3_ede_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
- {
-- struct des3_ede_ctx *dctx = ctx;
-+ struct des3_ede_ctx *dctx = crypto_tfm_ctx(tfm);
- const u32 *K = dctx->expkey + DES3_EDE_EXPKEY_WORDS - 2;
- const __le32 *s = (const __le32 *)src;
- __le32 *d = (__le32 *)dst;
-@@ -965,6 +968,7 @@
- .cra_blocksize = DES3_EDE_BLOCK_SIZE,
- .cra_ctxsize = sizeof(struct des3_ede_ctx),
- .cra_module = THIS_MODULE,
-+ .cra_alignmask = 3,
- .cra_list = LIST_HEAD_INIT(des3_ede_alg.cra_list),
- .cra_u = { .cipher = {
- .cia_min_keysize = DES3_EDE_KEY_SIZE,
-Index: linux-2.6.16.50/crypto/serpent.c
-===================================================================
---- linux-2.6.16.50.orig/crypto/serpent.c 2006-07-14 18:09:26.355437000 +1200
-+++ linux-2.6.16.50/crypto/serpent.c 2006-07-14 18:10:31.103483500 +1200
-@@ -215,9 +215,11 @@
- };
-
-
--static int serpent_setkey(void *ctx, const u8 *key, unsigned int keylen, u32 *flags)
-+static int serpent_setkey(struct crypto_tfm *tfm, const u8 *key,
-+ unsigned int keylen, u32 *flags)
- {
-- u32 *k = ((struct serpent_ctx *)ctx)->expkey;
-+ struct serpent_ctx *ctx = crypto_tfm_ctx(tfm);
-+ u32 *k = ctx->expkey;
- u8 *k8 = (u8 *)k;
- u32 r0,r1,r2,r3,r4;
- int i;
-@@ -365,10 +367,11 @@
- return 0;
- }
-
--static void serpent_encrypt(void *ctx, u8 *dst, const u8 *src)
-+static void serpent_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
- {
-+ struct serpent_ctx *ctx = crypto_tfm_ctx(tfm);
- const u32
-- *k = ((struct serpent_ctx *)ctx)->expkey,
-+ *k = ctx->expkey,
- *s = (const u32 *)src;
- u32 *d = (u32 *)dst,
- r0, r1, r2, r3, r4;
-@@ -423,8 +426,9 @@
- d[3] = cpu_to_le32(r3);
- }
-
--static void serpent_decrypt(void *ctx, u8 *dst, const u8 *src)
-+static void serpent_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
- {
-+ struct serpent_ctx *ctx = crypto_tfm_ctx(tfm);
- const u32
- *k = ((struct serpent_ctx *)ctx)->expkey,
- *s = (const u32 *)src;
-@@ -481,6 +485,7 @@
- .cra_flags = CRYPTO_ALG_TYPE_CIPHER,
- .cra_blocksize = SERPENT_BLOCK_SIZE,
- .cra_ctxsize = sizeof(struct serpent_ctx),
-+ .cra_alignmask = 3,
- .cra_module = THIS_MODULE,
- .cra_list = LIST_HEAD_INIT(serpent_alg.cra_list),
- .cra_u = { .cipher = {
-@@ -491,7 +496,8 @@
- .cia_decrypt = serpent_decrypt } }
- };
-
--static int tnepres_setkey(void *ctx, const u8 *key, unsigned int keylen, u32 *flags)
-+static int tnepres_setkey(struct crypto_tfm *tfm, const u8 *key,
-+ unsigned int keylen, u32 *flags)
- {
- u8 rev_key[SERPENT_MAX_KEY_SIZE];
- int i;
-@@ -505,10 +511,10 @@
- for (i = 0; i < keylen; ++i)
- rev_key[keylen - i - 1] = key[i];
-
-- return serpent_setkey(ctx, rev_key, keylen, flags);
-+ return serpent_setkey(tfm, rev_key, keylen, flags);
- }
-
--static void tnepres_encrypt(void *ctx, u8 *dst, const u8 *src)
-+static void tnepres_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
- {
- const u32 * const s = (const u32 * const)src;
- u32 * const d = (u32 * const)dst;
-@@ -520,7 +526,7 @@
- rs[2] = swab32(s[1]);
- rs[3] = swab32(s[0]);
-
-- serpent_encrypt(ctx, (u8 *)rd, (u8 *)rs);
-+ serpent_encrypt(tfm, (u8 *)rd, (u8 *)rs);
-
- d[0] = swab32(rd[3]);
- d[1] = swab32(rd[2]);
-@@ -528,7 +534,7 @@
- d[3] = swab32(rd[0]);
- }
-
--static void tnepres_decrypt(void *ctx, u8 *dst, const u8 *src)
-+static void tnepres_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
- {
- const u32 * const s = (const u32 * const)src;
- u32 * const d = (u32 * const)dst;
-@@ -540,7 +546,7 @@
- rs[2] = swab32(s[1]);
- rs[3] = swab32(s[0]);
-
-- serpent_decrypt(ctx, (u8 *)rd, (u8 *)rs);
-+ serpent_decrypt(tfm, (u8 *)rd, (u8 *)rs);
-
- d[0] = swab32(rd[3]);
- d[1] = swab32(rd[2]);
-Index: linux-2.6.16.50/crypto/tcrypt.h
-===================================================================
---- linux-2.6.16.50.orig/crypto/tcrypt.h 2006-07-14 18:09:26.355437000 +1200
-+++ linux-2.6.16.50/crypto/tcrypt.h 2006-07-14 18:10:31.111484000 +1200
-@@ -26,37 +26,38 @@
- #define MAX_IVLEN 32
-
- struct hash_testvec {
-+ /* only used with keyed hash algorithms */
-+ char key[128] __attribute__ ((__aligned__(4)));
- char plaintext[128];
-- unsigned char psize;
- char digest[MAX_DIGEST_SIZE];
-- unsigned char np;
- unsigned char tap[MAX_TAP];
-- char key[128]; /* only used with keyed hash algorithms */
-+ unsigned char psize;
-+ unsigned char np;
- unsigned char ksize;
- };
-
- struct hmac_testvec {
- char key[128];
-- unsigned char ksize;
- char plaintext[128];
-- unsigned char psize;
- char digest[MAX_DIGEST_SIZE];
-- unsigned char np;
- unsigned char tap[MAX_TAP];
-+ unsigned char ksize;
-+ unsigned char psize;
-+ unsigned char np;
- };
-
- struct cipher_testvec {
-+ char key[MAX_KEYLEN] __attribute__ ((__aligned__(4)));
-+ char iv[MAX_IVLEN];
-+ char input[48];
-+ char result[48];
-+ unsigned char tap[MAX_TAP];
-+ int np;
- unsigned char fail;
- unsigned char wk; /* weak key flag */
-- char key[MAX_KEYLEN];
- unsigned char klen;
-- char iv[MAX_IVLEN];
-- char input[48];
- unsigned char ilen;
-- char result[48];
- unsigned char rlen;
-- int np;
-- unsigned char tap[MAX_TAP];
- };
-
- struct cipher_speed {
-@@ -64,6 +65,11 @@
- unsigned int blen;
- };
-
-+struct digest_speed {
-+ unsigned int blen; /* buffer length */
-+ unsigned int plen; /* per-update length */
-+};
-+
- /*
- * MD4 test vectors from RFC1320
- */
-@@ -2974,4 +2980,35 @@
- { .klen = 0, .blen = 0, }
- };
-
-+/*
-+ * Digest speed tests
-+ */
-+static struct digest_speed generic_digest_speed_template[] = {
-+ { .blen = 16, .plen = 16, },
-+ { .blen = 64, .plen = 16, },
-+ { .blen = 64, .plen = 64, },
-+ { .blen = 256, .plen = 16, },
-+ { .blen = 256, .plen = 64, },
-+ { .blen = 256, .plen = 256, },
-+ { .blen = 1024, .plen = 16, },
-+ { .blen = 1024, .plen = 256, },
-+ { .blen = 1024, .plen = 1024, },
-+ { .blen = 2048, .plen = 16, },
-+ { .blen = 2048, .plen = 256, },
-+ { .blen = 2048, .plen = 1024, },
-+ { .blen = 2048, .plen = 2048, },
-+ { .blen = 4096, .plen = 16, },
-+ { .blen = 4096, .plen = 256, },
-+ { .blen = 4096, .plen = 1024, },
-+ { .blen = 4096, .plen = 4096, },
-+ { .blen = 8192, .plen = 16, },
-+ { .blen = 8192, .plen = 256, },
-+ { .blen = 8192, .plen = 1024, },
-+ { .blen = 8192, .plen = 4096, },
-+ { .blen = 8192, .plen = 8192, },
-+
-+ /* End marker */
-+ { .blen = 0, .plen = 0, }
-+};
-+
- #endif /* _CRYPTO_TCRYPT_H */
-Index: linux-2.6.16.50/crypto/twofish.c
-===================================================================
---- linux-2.6.16.50.orig/crypto/twofish.c 2006-07-14 18:09:26.359437250 +1200
-+++ linux-2.6.16.50/crypto/twofish.c 2006-07-14 18:10:31.119484500 +1200
-@@ -44,6 +44,7 @@
- #include <linux/types.h>
- #include <linux/errno.h>
- #include <linux/crypto.h>
-+#include <linux/bitops.h>
-
-
- /* The large precomputed tables for the Twofish cipher (twofish.c)
-@@ -542,9 +543,9 @@
- #define CALC_K(a, j, k, l, m, n) \
- x = CALC_K_2 (k, l, k, l, 0); \
- y = CALC_K_2 (m, n, m, n, 4); \
-- y = (y << 8) + (y >> 24); \
-+ y = rol32(y, 8); \
- x += y; y += x; ctx->a[j] = x; \
-- ctx->a[(j) + 1] = (y << 9) + (y >> 23)
-+ ctx->a[(j) + 1] = rol32(y, 9)
-
- #define CALC_K192_2(a, b, c, d, j) \
- CALC_K_2 (q0[a ^ key[(j) + 16]], \
-@@ -555,9 +556,9 @@
- #define CALC_K192(a, j, k, l, m, n) \
- x = CALC_K192_2 (l, l, k, k, 0); \
- y = CALC_K192_2 (n, n, m, m, 4); \
-- y = (y << 8) + (y >> 24); \
-+ y = rol32(y, 8); \
- x += y; y += x; ctx->a[j] = x; \
-- ctx->a[(j) + 1] = (y << 9) + (y >> 23)
-+ ctx->a[(j) + 1] = rol32(y, 9)
-
- #define CALC_K256_2(a, b, j) \
- CALC_K192_2 (q1[b ^ key[(j) + 24]], \
-@@ -568,9 +569,9 @@
- #define CALC_K256(a, j, k, l, m, n) \
- x = CALC_K256_2 (k, l, 0); \
- y = CALC_K256_2 (m, n, 4); \
-- y = (y << 8) + (y >> 24); \
-+ y = rol32(y, 8); \
- x += y; y += x; ctx->a[j] = x; \
-- ctx->a[(j) + 1] = (y << 9) + (y >> 23)
-+ ctx->a[(j) + 1] = rol32(y, 9)
-
-
- /* Macros to compute the g() function in the encryption and decryption
-@@ -594,15 +595,15 @@
- x = G1 (a); y = G2 (b); \
- x += y; y += x + ctx->k[2 * (n) + 1]; \
- (c) ^= x + ctx->k[2 * (n)]; \
-- (c) = ((c) >> 1) + ((c) << 31); \
-- (d) = (((d) << 1)+((d) >> 31)) ^ y
-+ (c) = ror32((c), 1); \
-+ (d) = rol32((d), 1) ^ y
-
- #define DECROUND(n, a, b, c, d) \
- x = G1 (a); y = G2 (b); \
- x += y; y += x; \
- (d) ^= y + ctx->k[2 * (n) + 1]; \
-- (d) = ((d) >> 1) + ((d) << 31); \
-- (c) = (((c) << 1)+((c) >> 31)); \
-+ (d) = ror32((d), 1); \
-+ (c) = rol32((c), 1); \
- (c) ^= (x + ctx->k[2 * (n)])
-
- /* Encryption and decryption cycles; each one is simply two Feistel rounds
-@@ -642,11 +643,11 @@
- };
-
- /* Perform the key setup. */
--static int twofish_setkey(void *cx, const u8 *key,
-- unsigned int key_len, u32 *flags)
-+static int twofish_setkey(struct crypto_tfm *tfm, const u8 *key,
-+ unsigned int key_len, u32 *flags)
- {
-
-- struct twofish_ctx *ctx = cx;
-+ struct twofish_ctx *ctx = crypto_tfm_ctx(tfm);
-
- int i, j, k;
-
-@@ -801,9 +802,9 @@
- }
-
- /* Encrypt one block. in and out may be the same. */
--static void twofish_encrypt(void *cx, u8 *out, const u8 *in)
-+static void twofish_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
- {
-- struct twofish_ctx *ctx = cx;
-+ struct twofish_ctx *ctx = crypto_tfm_ctx(tfm);
- const __le32 *src = (const __le32 *)in;
- __le32 *dst = (__le32 *)out;
-
-@@ -838,9 +839,9 @@
- }
-
- /* Decrypt one block. in and out may be the same. */
--static void twofish_decrypt(void *cx, u8 *out, const u8 *in)
-+static void twofish_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
- {
-- struct twofish_ctx *ctx = cx;
-+ struct twofish_ctx *ctx = crypto_tfm_ctx(tfm);
- const __le32 *src = (const __le32 *)in;
- __le32 *dst = (__le32 *)out;
-
-Index: linux-2.6.16.50/drivers/crypto/padlock-aes.c
-===================================================================
---- linux-2.6.16.50.orig/drivers/crypto/padlock-aes.c 2006-07-14 18:09:26.387439000 +1200
-+++ linux-2.6.16.50/drivers/crypto/padlock-aes.c 2006-07-18 01:35:50.305291201 +1200
-@@ -59,16 +59,20 @@
- #define AES_EXTENDED_KEY_SIZE 64 /* in uint32_t units */
- #define AES_EXTENDED_KEY_SIZE_B (AES_EXTENDED_KEY_SIZE * sizeof(uint32_t))
-
-+/* Whenever making any changes to the following
-+ * structure *make sure* you keep E, d_data
-+ * and cword aligned on 16 Bytes boundaries!!! */
- struct aes_ctx {
-- uint32_t e_data[AES_EXTENDED_KEY_SIZE];
-- uint32_t d_data[AES_EXTENDED_KEY_SIZE];
- struct {
- struct cword encrypt;
- struct cword decrypt;
- } cword;
-- uint32_t *E;
-- uint32_t *D;
-+ u32 *D;
- int key_length;
-+ u32 E[AES_EXTENDED_KEY_SIZE]
-+ __attribute__ ((__aligned__(PADLOCK_ALIGNMENT)));
-+ u32 d_data[AES_EXTENDED_KEY_SIZE]
-+ __attribute__ ((__aligned__(PADLOCK_ALIGNMENT)));
- };
-
- /* ====== Key management routines ====== */
-@@ -282,15 +286,20 @@
- return 0;
- }
-
--static inline struct aes_ctx *aes_ctx(void *ctx)
-+static inline struct aes_ctx *aes_ctx(struct crypto_tfm *tfm)
- {
-- return (struct aes_ctx *)ALIGN((unsigned long)ctx, PADLOCK_ALIGNMENT);
-+ unsigned long addr = (unsigned long)crypto_tfm_ctx(tfm);
-+ unsigned long align = PADLOCK_ALIGNMENT;
-+
-+ if (align <= crypto_tfm_ctx_alignment())
-+ align = 1;
-+ return (struct aes_ctx *)ALIGN(addr, align);
- }
-
--static int
--aes_set_key(void *ctx_arg, const uint8_t *in_key, unsigned int key_len, uint32_t *flags)
-+static int aes_set_key(struct crypto_tfm *tfm, const u8 *in_key,
-+ unsigned int key_len, u32 *flags)
- {
-- struct aes_ctx *ctx = aes_ctx(ctx_arg);
-+ struct aes_ctx *ctx = aes_ctx(tfm);
- const __le32 *key = (const __le32 *)in_key;
- uint32_t i, t, u, v, w;
- uint32_t P[AES_EXTENDED_KEY_SIZE];
-@@ -308,8 +317,7 @@
- * itself we must supply the plain key for both encryption
- * and decryption.
- */
-- ctx->E = ctx->e_data;
-- ctx->D = ctx->e_data;
-+ ctx->D = ctx->E;
-
- E_KEY[0] = le32_to_cpu(key[0]);
- E_KEY[1] = le32_to_cpu(key[1]);
-@@ -410,24 +418,22 @@
- return iv;
- }
-
--static void
--aes_encrypt(void *ctx_arg, uint8_t *out, const uint8_t *in)
-+static void aes_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
- {
-- struct aes_ctx *ctx = aes_ctx(ctx_arg);
-+ struct aes_ctx *ctx = aes_ctx(tfm);
- padlock_xcrypt_ecb(in, out, ctx->E, &ctx->cword.encrypt, 1);
- }
-
--static void
--aes_decrypt(void *ctx_arg, uint8_t *out, const uint8_t *in)
-+static void aes_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
- {
-- struct aes_ctx *ctx = aes_ctx(ctx_arg);
-+ struct aes_ctx *ctx = aes_ctx(tfm);
- padlock_xcrypt_ecb(in, out, ctx->D, &ctx->cword.decrypt, 1);
- }
-
- static unsigned int aes_encrypt_ecb(const struct cipher_desc *desc, u8 *out,
- const u8 *in, unsigned int nbytes)
- {
-- struct aes_ctx *ctx = aes_ctx(crypto_tfm_ctx(desc->tfm));
-+ struct aes_ctx *ctx = aes_ctx(desc->tfm);
- padlock_xcrypt_ecb(in, out, ctx->E, &ctx->cword.encrypt,
- nbytes / AES_BLOCK_SIZE);
- return nbytes & ~(AES_BLOCK_SIZE - 1);
-@@ -436,7 +442,7 @@
- static unsigned int aes_decrypt_ecb(const struct cipher_desc *desc, u8 *out,
- const u8 *in, unsigned int nbytes)
- {
-- struct aes_ctx *ctx = aes_ctx(crypto_tfm_ctx(desc->tfm));
-+ struct aes_ctx *ctx = aes_ctx(desc->tfm);
- padlock_xcrypt_ecb(in, out, ctx->D, &ctx->cword.decrypt,
- nbytes / AES_BLOCK_SIZE);
- return nbytes & ~(AES_BLOCK_SIZE - 1);
-@@ -445,7 +451,7 @@
- static unsigned int aes_encrypt_cbc(const struct cipher_desc *desc, u8 *out,
- const u8 *in, unsigned int nbytes)
- {
-- struct aes_ctx *ctx = aes_ctx(crypto_tfm_ctx(desc->tfm));
-+ struct aes_ctx *ctx = aes_ctx(desc->tfm);
- u8 *iv;
-
- iv = padlock_xcrypt_cbc(in, out, ctx->E, desc->info,
-@@ -458,7 +464,7 @@
- static unsigned int aes_decrypt_cbc(const struct cipher_desc *desc, u8 *out,
- const u8 *in, unsigned int nbytes)
- {
-- struct aes_ctx *ctx = aes_ctx(crypto_tfm_ctx(desc->tfm));
-+ struct aes_ctx *ctx = aes_ctx(desc->tfm);
- padlock_xcrypt_cbc(in, out, ctx->D, desc->info, &ctx->cword.decrypt,
- nbytes / AES_BLOCK_SIZE);
- return nbytes & ~(AES_BLOCK_SIZE - 1);
-Index: linux-2.6.16.50/include/linux/crypto.h
-===================================================================
---- linux-2.6.16.50.orig/include/linux/crypto.h 2006-07-14 18:09:26.387439000 +1200
-+++ linux-2.6.16.50/include/linux/crypto.h 2006-07-18 01:35:17.475239451 +1200
-@@ -67,7 +67,7 @@
-
- struct cipher_desc {
- struct crypto_tfm *tfm;
-- void (*crfn)(void *ctx, u8 *dst, const u8 *src);
-+ void (*crfn)(struct crypto_tfm *tfm, u8 *dst, const u8 *src);
- unsigned int (*prfn)(const struct cipher_desc *desc, u8 *dst,
- const u8 *src, unsigned int nbytes);
- void *info;
-@@ -80,10 +80,10 @@
- struct cipher_alg {
- unsigned int cia_min_keysize;
- unsigned int cia_max_keysize;
-- int (*cia_setkey)(void *ctx, const u8 *key,
-+ int (*cia_setkey)(struct crypto_tfm *tfm, const u8 *key,
- unsigned int keylen, u32 *flags);
-- void (*cia_encrypt)(void *ctx, u8 *dst, const u8 *src);
-- void (*cia_decrypt)(void *ctx, u8 *dst, const u8 *src);
-+ void (*cia_encrypt)(struct crypto_tfm *tfm, u8 *dst, const u8 *src);
-+ void (*cia_decrypt)(struct crypto_tfm *tfm, u8 *dst, const u8 *src);
-
- unsigned int (*cia_encrypt_ecb)(const struct cipher_desc *desc,
- u8 *dst, const u8 *src,
-@@ -101,20 +101,19 @@
-
- struct digest_alg {
- unsigned int dia_digestsize;
-- void (*dia_init)(void *ctx);
-- void (*dia_update)(void *ctx, const u8 *data, unsigned int len);
-- void (*dia_final)(void *ctx, u8 *out);
-- int (*dia_setkey)(void *ctx, const u8 *key,
-+ void (*dia_init)(struct crypto_tfm *tfm);
-+ void (*dia_update)(struct crypto_tfm *tfm, const u8 *data,
-+ unsigned int len);
-+ void (*dia_final)(struct crypto_tfm *tfm, u8 *out);
-+ int (*dia_setkey)(struct crypto_tfm *tfm, const u8 *key,
- unsigned int keylen, u32 *flags);
- };
-
- struct compress_alg {
-- int (*coa_init)(void *ctx);
-- void (*coa_exit)(void *ctx);
-- int (*coa_compress)(void *ctx, const u8 *src, unsigned int slen,
-- u8 *dst, unsigned int *dlen);
-- int (*coa_decompress)(void *ctx, const u8 *src, unsigned int slen,
-- u8 *dst, unsigned int *dlen);
-+ int (*coa_compress)(struct crypto_tfm *tfm, const u8 *src,
-+ unsigned int slen, u8 *dst, unsigned int *dlen);
-+ int (*coa_decompress)(struct crypto_tfm *tfm, const u8 *src,
-+ unsigned int slen, u8 *dst, unsigned int *dlen);
- };
-
- #define cra_cipher cra_u.cipher
-@@ -130,14 +129,17 @@
-
- int cra_priority;
-
-- const char cra_name[CRYPTO_MAX_ALG_NAME];
-- const char cra_driver_name[CRYPTO_MAX_ALG_NAME];
-+ char cra_name[CRYPTO_MAX_ALG_NAME];
-+ char cra_driver_name[CRYPTO_MAX_ALG_NAME];
-
- union {
- struct cipher_alg cipher;
- struct digest_alg digest;
- struct compress_alg compress;
- } cra_u;
-+
-+ int (*cra_init)(struct crypto_tfm *tfm);
-+ void (*cra_exit)(struct crypto_tfm *tfm);
-
- struct module *cra_module;
- };
-@@ -229,6 +231,8 @@
- } crt_u;
-
- struct crypto_alg *__crt_alg;
-+
-+ char __crt_ctx[] __attribute__ ((__aligned__));
- };
-
- /*
-@@ -301,7 +305,13 @@
-
- static inline void *crypto_tfm_ctx(struct crypto_tfm *tfm)
- {
-- return (void *)&tfm[1];
-+ return tfm->__crt_ctx;
-+}
-+
-+static inline unsigned int crypto_tfm_ctx_alignment(void)
-+{
-+ struct crypto_tfm *tfm;
-+ return __alignof__(tfm->__crt_ctx);
- }
-
- /*
-Index: linux-2.6.16.50/arch/i386/crypto/aes-i586-asm.S
-===================================================================
---- linux-2.6.16.50.orig/arch/i386/crypto/aes-i586-asm.S 2006-07-14 18:09:26.339436000 +1200
-+++ linux-2.6.16.50/arch/i386/crypto/aes-i586-asm.S 2006-07-14 18:10:31.131485250 +1200
-@@ -36,22 +36,19 @@
- .file "aes-i586-asm.S"
- .text
-
--// aes_rval aes_enc_blk(const unsigned char in_blk[], unsigned char out_blk[], const aes_ctx cx[1])//
--// aes_rval aes_dec_blk(const unsigned char in_blk[], unsigned char out_blk[], const aes_ctx cx[1])//
--
--#define tlen 1024 // length of each of 4 'xor' arrays (256 32-bit words)
--
--// offsets to parameters with one register pushed onto stack
-+#include <asm/asm-offsets.h>
-
--#define in_blk 8 // input byte array address parameter
--#define out_blk 12 // output byte array address parameter
--#define ctx 16 // AES context structure
--
--// offsets in context structure
-+#define tlen 1024 // length of each of 4 'xor' arrays (256 32-bit words)
-
--#define ekey 0 // encryption key schedule base address
--#define nrnd 256 // number of rounds
--#define dkey 260 // decryption key schedule base address
-+/* offsets to parameters with one register pushed onto stack */
-+#define tfm 8
-+#define out_blk 12
-+#define in_blk 16
-+
-+/* offsets in crypto_tfm structure */
-+#define ekey (crypto_tfm_ctx_offset + 0)
-+#define nrnd (crypto_tfm_ctx_offset + 256)
-+#define dkey (crypto_tfm_ctx_offset + 260)
-
- // register mapping for encrypt and decrypt subroutines
-
-@@ -220,6 +217,7 @@
- do_col (table, r5,r0,r1,r4, r2,r3); /* idx=r5 */
-
- // AES (Rijndael) Encryption Subroutine
-+/* void aes_enc_blk(struct crypto_tfm *tfm, u8 *out_blk, const u8 *in_blk) */
-
- .global aes_enc_blk
-
-@@ -230,7 +228,7 @@
-
- aes_enc_blk:
- push %ebp
-- mov ctx(%esp),%ebp // pointer to context
-+ mov tfm(%esp),%ebp
-
- // CAUTION: the order and the values used in these assigns
- // rely on the register mappings
-@@ -295,6 +293,7 @@
- ret
-
- // AES (Rijndael) Decryption Subroutine
-+/* void aes_dec_blk(struct crypto_tfm *tfm, u8 *out_blk, const u8 *in_blk) */
-
- .global aes_dec_blk
-
-@@ -305,7 +304,7 @@
-
- aes_dec_blk:
- push %ebp
-- mov ctx(%esp),%ebp // pointer to context
-+ mov tfm(%esp),%ebp
-
- // CAUTION: the order and the values used in these assigns
- // rely on the register mappings
-Index: linux-2.6.16.50/arch/i386/crypto/aes.c
-===================================================================
---- linux-2.6.16.50.orig/arch/i386/crypto/aes.c 2006-07-14 18:09:26.343436250 +1200
-+++ linux-2.6.16.50/arch/i386/crypto/aes.c 2006-07-14 18:10:31.135485500 +1200
-@@ -45,8 +45,8 @@
- #include <linux/crypto.h>
- #include <linux/linkage.h>
-
--asmlinkage void aes_enc_blk(const u8 *src, u8 *dst, void *ctx);
--asmlinkage void aes_dec_blk(const u8 *src, u8 *dst, void *ctx);
-+asmlinkage void aes_enc_blk(struct crypto_tfm *tfm, u8 *dst, const u8 *src);
-+asmlinkage void aes_dec_blk(struct crypto_tfm *tfm, u8 *dst, const u8 *src);
-
- #define AES_MIN_KEY_SIZE 16
- #define AES_MAX_KEY_SIZE 32
-@@ -378,12 +378,12 @@
- k[8*(i)+11] = ss[3]; \
- }
-
--static int
--aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags)
-+static int aes_set_key(struct crypto_tfm *tfm, const u8 *in_key,
-+ unsigned int key_len, u32 *flags)
- {
- int i;
- u32 ss[8];
-- struct aes_ctx *ctx = ctx_arg;
-+ struct aes_ctx *ctx = crypto_tfm_ctx(tfm);
- const __le32 *key = (const __le32 *)in_key;
-
- /* encryption schedule */
-@@ -464,16 +464,16 @@
- return 0;
- }
-
--static inline void aes_encrypt(void *ctx, u8 *dst, const u8 *src)
-+static void aes_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
- {
-- aes_enc_blk(src, dst, ctx);
-+ aes_enc_blk(tfm, dst, src);
- }
--static inline void aes_decrypt(void *ctx, u8 *dst, const u8 *src)
-+
-+static void aes_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
- {
-- aes_dec_blk(src, dst, ctx);
-+ aes_dec_blk(tfm, dst, src);
- }
-
--
- static struct crypto_alg aes_alg = {
- .cra_name = "aes",
- .cra_driver_name = "aes-i586",
-Index: linux-2.6.16.50/arch/i386/kernel/asm-offsets.c
-===================================================================
---- linux-2.6.16.50.orig/arch/i386/kernel/asm-offsets.c 2006-07-14 18:09:26.343436250 +1200
-+++ linux-2.6.16.50/arch/i386/kernel/asm-offsets.c 2006-07-14 18:10:31.139485750 +1200
-@@ -8,6 +8,7 @@
- #include <linux/signal.h>
- #include <linux/personality.h>
- #include <linux/suspend.h>
-+#include <linux/crypto.h>
- #include <asm/ucontext.h>
- #include "sigframe.h"
- #include <asm/fixmap.h>
-@@ -69,4 +70,6 @@
-
- DEFINE(PAGE_SIZE_asm, PAGE_SIZE);
- DEFINE(VSYSCALL_BASE, __fix_to_virt(FIX_VSYSCALL));
-+
-+ OFFSET(crypto_tfm_ctx_offset, crypto_tfm, __crt_ctx);
- }
-Index: linux-2.6.16.50/arch/s390/crypto/aes_s390.c
-===================================================================
---- linux-2.6.16.50.orig/arch/s390/crypto/aes_s390.c 2006-07-14 18:09:26.343436250 +1200
-+++ linux-2.6.16.50/arch/s390/crypto/aes_s390.c 2006-07-14 18:10:31.139485750 +1200
-@@ -37,10 +37,10 @@
- int key_len;
- };
-
--static int aes_set_key(void *ctx, const u8 *in_key, unsigned int key_len,
-- u32 *flags)
-+static int aes_set_key(struct crypto_tfm *tfm, const u8 *in_key,
-+ unsigned int key_len, u32 *flags)
- {
-- struct s390_aes_ctx *sctx = ctx;
-+ struct s390_aes_ctx *sctx = crypto_tfm_ctx(tfm);
-
- switch (key_len) {
- case 16:
-@@ -70,9 +70,9 @@
- return -EINVAL;
- }
-
--static void aes_encrypt(void *ctx, u8 *out, const u8 *in)
-+static void aes_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
- {
-- const struct s390_aes_ctx *sctx = ctx;
-+ const struct s390_aes_ctx *sctx = crypto_tfm_ctx(tfm);
-
- switch (sctx->key_len) {
- case 16:
-@@ -90,9 +90,9 @@
- }
- }
-
--static void aes_decrypt(void *ctx, u8 *out, const u8 *in)
-+static void aes_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
- {
-- const struct s390_aes_ctx *sctx = ctx;
-+ const struct s390_aes_ctx *sctx = crypto_tfm_ctx(tfm);
-
- switch (sctx->key_len) {
- case 16:
-Index: linux-2.6.16.50/arch/s390/crypto/des_s390.c
-===================================================================
---- linux-2.6.16.50.orig/arch/s390/crypto/des_s390.c 2006-07-14 18:09:26.347436500 +1200
-+++ linux-2.6.16.50/arch/s390/crypto/des_s390.c 2006-07-14 18:10:31.147486250 +1200
-@@ -44,10 +44,10 @@
- u8 key[DES3_192_KEY_SIZE];
- };
-
--static int des_setkey(void *ctx, const u8 *key, unsigned int keylen,
-- u32 *flags)
-+static int des_setkey(struct crypto_tfm *tfm, const u8 *key,
-+ unsigned int keylen, u32 *flags)
- {
-- struct crypt_s390_des_ctx *dctx = ctx;
-+ struct crypt_s390_des_ctx *dctx = crypto_tfm_ctx(tfm);
- int ret;
-
- /* test if key is valid (not a weak key) */
-@@ -57,16 +57,16 @@
- return ret;
- }
-
--static void des_encrypt(void *ctx, u8 *out, const u8 *in)
-+static void des_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
- {
-- struct crypt_s390_des_ctx *dctx = ctx;
-+ struct crypt_s390_des_ctx *dctx = crypto_tfm_ctx(tfm);
-
- crypt_s390_km(KM_DEA_ENCRYPT, dctx->key, out, in, DES_BLOCK_SIZE);
- }
-
--static void des_decrypt(void *ctx, u8 *out, const u8 *in)
-+static void des_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
- {
-- struct crypt_s390_des_ctx *dctx = ctx;
-+ struct crypt_s390_des_ctx *dctx = crypto_tfm_ctx(tfm);
-
- crypt_s390_km(KM_DEA_DECRYPT, dctx->key, out, in, DES_BLOCK_SIZE);
- }
-@@ -166,11 +166,11 @@
- * Implementers MUST reject keys that exhibit this property.
- *
- */
--static int des3_128_setkey(void *ctx, const u8 *key, unsigned int keylen,
-- u32 *flags)
-+static int des3_128_setkey(struct crypto_tfm *tfm, const u8 *key,
-+ unsigned int keylen, u32 *flags)
- {
- int i, ret;
-- struct crypt_s390_des3_128_ctx *dctx = ctx;
-+ struct crypt_s390_des3_128_ctx *dctx = crypto_tfm_ctx(tfm);
- const u8* temp_key = key;
-
- if (!(memcmp(key, &key[DES_KEY_SIZE], DES_KEY_SIZE))) {
-@@ -186,17 +186,17 @@
- return 0;
- }
-
--static void des3_128_encrypt(void *ctx, u8 *dst, const u8 *src)
-+static void des3_128_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
- {
-- struct crypt_s390_des3_128_ctx *dctx = ctx;
-+ struct crypt_s390_des3_128_ctx *dctx = crypto_tfm_ctx(tfm);
-
- crypt_s390_km(KM_TDEA_128_ENCRYPT, dctx->key, dst, (void*)src,
- DES3_128_BLOCK_SIZE);
- }
-
--static void des3_128_decrypt(void *ctx, u8 *dst, const u8 *src)
-+static void des3_128_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
- {
-- struct crypt_s390_des3_128_ctx *dctx = ctx;
-+ struct crypt_s390_des3_128_ctx *dctx = crypto_tfm_ctx(tfm);
-
- crypt_s390_km(KM_TDEA_128_DECRYPT, dctx->key, dst, (void*)src,
- DES3_128_BLOCK_SIZE);
-@@ -302,11 +302,11 @@
- * property.
- *
- */
--static int des3_192_setkey(void *ctx, const u8 *key, unsigned int keylen,
-- u32 *flags)
-+static int des3_192_setkey(struct crypto_tfm *tfm, const u8 *key,
-+ unsigned int keylen, u32 *flags)
- {
- int i, ret;
-- struct crypt_s390_des3_192_ctx *dctx = ctx;
-+ struct crypt_s390_des3_192_ctx *dctx = crypto_tfm_ctx(tfm);
- const u8* temp_key = key;
-
- if (!(memcmp(key, &key[DES_KEY_SIZE], DES_KEY_SIZE) &&
-@@ -325,17 +325,17 @@
- return 0;
- }
-
--static void des3_192_encrypt(void *ctx, u8 *dst, const u8 *src)
-+static void des3_192_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
- {
-- struct crypt_s390_des3_192_ctx *dctx = ctx;
-+ struct crypt_s390_des3_192_ctx *dctx = crypto_tfm_ctx(tfm);
-
- crypt_s390_km(KM_TDEA_192_ENCRYPT, dctx->key, dst, (void*)src,
- DES3_192_BLOCK_SIZE);
- }
-
--static void des3_192_decrypt(void *ctx, u8 *dst, const u8 *src)
-+static void des3_192_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
- {
-- struct crypt_s390_des3_192_ctx *dctx = ctx;
-+ struct crypt_s390_des3_192_ctx *dctx = crypto_tfm_ctx(tfm);
-
- crypt_s390_km(KM_TDEA_192_DECRYPT, dctx->key, dst, (void*)src,
- DES3_192_BLOCK_SIZE);
-Index: linux-2.6.16.50/arch/s390/crypto/sha1_s390.c
-===================================================================
---- linux-2.6.16.50.orig/arch/s390/crypto/sha1_s390.c 2006-07-14 18:09:26.347436500 +1200
-+++ linux-2.6.16.50/arch/s390/crypto/sha1_s390.c 2006-07-14 18:10:31.147486250 +1200
-@@ -40,28 +40,29 @@
- u8 buffer[2 * SHA1_BLOCK_SIZE];
- };
-
--static void
--sha1_init(void *ctx)
-+static void sha1_init(struct crypto_tfm *tfm)
- {
-- static const struct crypt_s390_sha1_ctx initstate = {
-- .state = {
-- 0x67452301,
-- 0xEFCDAB89,
-- 0x98BADCFE,
-- 0x10325476,
-- 0xC3D2E1F0
-- },
-+ struct crypt_s390_sha1_ctx *ctx = crypto_tfm_ctx(tfm);
-+ static const u32 initstate[5] = {
-+ 0x67452301,
-+ 0xEFCDAB89,
-+ 0x98BADCFE,
-+ 0x10325476,
-+ 0xC3D2E1F0
- };
-- memcpy(ctx, &initstate, sizeof(initstate));
-+
-+ ctx->count = 0;
-+ memcpy(ctx->state, &initstate, sizeof(initstate));
-+ ctx->buf_len = 0;
- }
-
--static void
--sha1_update(void *ctx, const u8 *data, unsigned int len)
-+static void sha1_update(struct crypto_tfm *tfm, const u8 *data,
-+ unsigned int len)
- {
- struct crypt_s390_sha1_ctx *sctx;
- long imd_len;
-
-- sctx = ctx;
-+ sctx = crypto_tfm_ctx(tfm);
- sctx->count += len * 8; //message bit length
-
- //anything in buffer yet? -> must be completed
-@@ -110,10 +111,9 @@
- }
-
- /* Add padding and return the message digest. */
--static void
--sha1_final(void* ctx, u8 *out)
-+static void sha1_final(struct crypto_tfm *tfm, u8 *out)
- {
-- struct crypt_s390_sha1_ctx *sctx = ctx;
-+ struct crypt_s390_sha1_ctx *sctx = crypto_tfm_ctx(tfm);
-
- //must perform manual padding
- pad_message(sctx);
-Index: linux-2.6.16.50/arch/s390/crypto/sha256_s390.c
-===================================================================
---- linux-2.6.16.50.orig/arch/s390/crypto/sha256_s390.c 2006-07-14 18:09:26.347436500 +1200
-+++ linux-2.6.16.50/arch/s390/crypto/sha256_s390.c 2006-07-14 18:10:31.151486500 +1200
-@@ -31,9 +31,9 @@
- u8 buf[2 * SHA256_BLOCK_SIZE];
- };
-
--static void sha256_init(void *ctx)
-+static void sha256_init(struct crypto_tfm *tfm)
- {
-- struct s390_sha256_ctx *sctx = ctx;
-+ struct s390_sha256_ctx *sctx = crypto_tfm_ctx(tfm);
-
- sctx->state[0] = 0x6a09e667;
- sctx->state[1] = 0xbb67ae85;
-@@ -44,12 +44,12 @@
- sctx->state[6] = 0x1f83d9ab;
- sctx->state[7] = 0x5be0cd19;
- sctx->count = 0;
-- memset(sctx->buf, 0, sizeof(sctx->buf));
- }
-
--static void sha256_update(void *ctx, const u8 *data, unsigned int len)
-+static void sha256_update(struct crypto_tfm *tfm, const u8 *data,
-+ unsigned int len)
- {
-- struct s390_sha256_ctx *sctx = ctx;
-+ struct s390_sha256_ctx *sctx = crypto_tfm_ctx(tfm);
- unsigned int index;
- int ret;
-
-@@ -108,9 +108,9 @@
- }
-
- /* Add padding and return the message digest */
--static void sha256_final(void* ctx, u8 *out)
-+static void sha256_final(struct crypto_tfm *tfm, u8 *out)
- {
-- struct s390_sha256_ctx *sctx = ctx;
-+ struct s390_sha256_ctx *sctx = crypto_tfm_ctx(tfm);
-
- /* must perform manual padding */
- pad_message(sctx);
-Index: linux-2.6.16.50/arch/x86_64/crypto/aes-x86_64-asm.S
-===================================================================
---- linux-2.6.16.50.orig/arch/x86_64/crypto/aes-x86_64-asm.S 2006-07-14 18:09:26.339436000 +1200
-+++ linux-2.6.16.50/arch/x86_64/crypto/aes-x86_64-asm.S 2006-07-14 18:10:31.151486500 +1200
-@@ -15,6 +15,10 @@
-
- .text
-
-+#include <asm/asm-offsets.h>
-+
-+#define BASE crypto_tfm_ctx_offset
-+
- #define R1 %rax
- #define R1E %eax
- #define R1X %ax
-@@ -46,19 +50,19 @@
- #define R10 %r10
- #define R11 %r11
-
--#define prologue(FUNC,BASE,B128,B192,r1,r2,r3,r4,r5,r6,r7,r8,r9,r10,r11) \
-+#define prologue(FUNC,KEY,B128,B192,r1,r2,r3,r4,r5,r6,r7,r8,r9,r10,r11) \
- .global FUNC; \
- .type FUNC,@function; \
- .align 8; \
- FUNC: movq r1,r2; \
- movq r3,r4; \
-- leaq BASE+52(r8),r9; \
-+ leaq BASE+KEY+52(r8),r9; \
- movq r10,r11; \
- movl (r7),r5 ## E; \
- movl 4(r7),r1 ## E; \
- movl 8(r7),r6 ## E; \
- movl 12(r7),r7 ## E; \
-- movl (r8),r10 ## E; \
-+ movl BASE(r8),r10 ## E; \
- xorl -48(r9),r5 ## E; \
- xorl -44(r9),r1 ## E; \
- xorl -40(r9),r6 ## E; \
-@@ -128,8 +132,8 @@
- movl r3 ## E,r1 ## E; \
- movl r4 ## E,r2 ## E;
-
--#define entry(FUNC,BASE,B128,B192) \
-- prologue(FUNC,BASE,B128,B192,R2,R8,R7,R9,R1,R3,R4,R6,R10,R5,R11)
-+#define entry(FUNC,KEY,B128,B192) \
-+ prologue(FUNC,KEY,B128,B192,R2,R8,R7,R9,R1,R3,R4,R6,R10,R5,R11)
-
- #define return epilogue(R8,R2,R9,R7,R5,R6,R3,R4,R11)
-
-@@ -147,9 +151,9 @@
- #define decrypt_final(TAB,OFFSET) \
- round(TAB,OFFSET,R2,R1,R4,R3,R6,R5,R7,R10,R5,R6,R3,R4)
-
--/* void aes_encrypt(void *ctx, u8 *out, const u8 *in) */
-+/* void aes_enc_blk(stuct crypto_tfm *tfm, u8 *out, const u8 *in) */
-
-- entry(aes_encrypt,0,enc128,enc192)
-+ entry(aes_enc_blk,0,enc128,enc192)
- encrypt_round(aes_ft_tab,-96)
- encrypt_round(aes_ft_tab,-80)
- enc192: encrypt_round(aes_ft_tab,-64)
-@@ -166,9 +170,9 @@
- encrypt_final(aes_fl_tab,112)
- return
-
--/* void aes_decrypt(void *ctx, u8 *out, const u8 *in) */
-+/* void aes_dec_blk(struct crypto_tfm *tfm, u8 *out, const u8 *in) */
-
-- entry(aes_decrypt,240,dec128,dec192)
-+ entry(aes_dec_blk,240,dec128,dec192)
- decrypt_round(aes_it_tab,-96)
- decrypt_round(aes_it_tab,-80)
- dec192: decrypt_round(aes_it_tab,-64)
-Index: linux-2.6.16.50/arch/x86_64/kernel/asm-offsets.c
-===================================================================
---- linux-2.6.16.50.orig/arch/x86_64/kernel/asm-offsets.c 2006-07-14 18:09:26.339436000 +1200
-+++ linux-2.6.16.50/arch/x86_64/kernel/asm-offsets.c 2006-07-14 18:10:31.155486750 +1200
-@@ -68,5 +68,7 @@
- DEFINE(pbe_next, offsetof(struct pbe, next));
- BLANK();
- DEFINE(TSS_ist, offsetof(struct tss_struct, ist));
-+ BLANK();
-+ DEFINE(crypto_tfm_ctx_offset, offsetof(struct crypto_tfm, __crt_ctx));
- return 0;
- }
-Index: linux-2.6.16.50/crypto/Kconfig
-===================================================================
---- linux-2.6.16.50.orig/crypto/Kconfig 2006-07-14 18:09:26.359437250 +1200
-+++ linux-2.6.16.50/crypto/Kconfig 2006-07-14 18:10:31.159487000 +1200
-@@ -337,7 +337,7 @@
-
- config CRYPTO_TEST
- tristate "Testing module"
-- depends on CRYPTO
-+ depends on CRYPTO && m
- help
- Quick & dirty crypto test module.
-
-Index: linux-2.6.16.50/crypto/anubis.c
-===================================================================
---- linux-2.6.16.50.orig/crypto/anubis.c 2006-07-14 18:09:26.359437250 +1200
-+++ linux-2.6.16.50/crypto/anubis.c 2006-07-14 18:10:31.163487250 +1200
-@@ -460,16 +460,15 @@
- 0xf726ffedU, 0xe89d6f8eU, 0x19a0f089U,
- };
-
--static int anubis_setkey(void *ctx_arg, const u8 *in_key,
-+static int anubis_setkey(struct crypto_tfm *tfm, const u8 *in_key,
- unsigned int key_len, u32 *flags)
- {
-+ struct anubis_ctx *ctx = crypto_tfm_ctx(tfm);
- const __be32 *key = (const __be32 *)in_key;
- int N, R, i, r;
- u32 kappa[ANUBIS_MAX_N];
- u32 inter[ANUBIS_MAX_N];
-
-- struct anubis_ctx *ctx = ctx_arg;
--
- switch (key_len)
- {
- case 16: case 20: case 24: case 28:
-@@ -660,15 +659,15 @@
- dst[i] = cpu_to_be32(inter[i]);
- }
-
--static void anubis_encrypt(void *ctx_arg, u8 *dst, const u8 *src)
-+static void anubis_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
- {
-- struct anubis_ctx *ctx = ctx_arg;
-+ struct anubis_ctx *ctx = crypto_tfm_ctx(tfm);
- anubis_crypt(ctx->E, dst, src, ctx->R);
- }
-
--static void anubis_decrypt(void *ctx_arg, u8 *dst, const u8 *src)
-+static void anubis_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
- {
-- struct anubis_ctx *ctx = ctx_arg;
-+ struct anubis_ctx *ctx = crypto_tfm_ctx(tfm);
- anubis_crypt(ctx->D, dst, src, ctx->R);
- }
-
-Index: linux-2.6.16.50/crypto/arc4.c
-===================================================================
---- linux-2.6.16.50.orig/crypto/arc4.c 2006-07-14 18:09:26.359437250 +1200
-+++ linux-2.6.16.50/crypto/arc4.c 2006-07-14 18:10:31.163487250 +1200
-@@ -24,9 +24,10 @@
- u8 x, y;
- };
-
--static int arc4_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags)
-+static int arc4_set_key(struct crypto_tfm *tfm, const u8 *in_key,
-+ unsigned int key_len, u32 *flags)
- {
-- struct arc4_ctx *ctx = ctx_arg;
-+ struct arc4_ctx *ctx = crypto_tfm_ctx(tfm);
- int i, j = 0, k = 0;
-
- ctx->x = 1;
-@@ -48,9 +49,9 @@
- return 0;
- }
-
--static void arc4_crypt(void *ctx_arg, u8 *out, const u8 *in)
-+static void arc4_crypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
- {
-- struct arc4_ctx *ctx = ctx_arg;
-+ struct arc4_ctx *ctx = crypto_tfm_ctx(tfm);
-
- u8 *const S = ctx->S;
- u8 x = ctx->x;
-Index: linux-2.6.16.50/crypto/blowfish.c
-===================================================================
---- linux-2.6.16.50.orig/crypto/blowfish.c 2006-07-14 18:09:26.363437500 +1200
-+++ linux-2.6.16.50/crypto/blowfish.c 2006-07-14 18:10:31.167487500 +1200
-@@ -349,7 +349,7 @@
- dst[1] = yl;
- }
-
--static void bf_encrypt(void *ctx, u8 *dst, const u8 *src)
-+static void bf_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
- {
- const __be32 *in_blk = (const __be32 *)src;
- __be32 *const out_blk = (__be32 *)dst;
-@@ -357,17 +357,18 @@
-
- in32[0] = be32_to_cpu(in_blk[0]);
- in32[1] = be32_to_cpu(in_blk[1]);
-- encrypt_block(ctx, out32, in32);
-+ encrypt_block(crypto_tfm_ctx(tfm), out32, in32);
- out_blk[0] = cpu_to_be32(out32[0]);
- out_blk[1] = cpu_to_be32(out32[1]);
- }
-
--static void bf_decrypt(void *ctx, u8 *dst, const u8 *src)
-+static void bf_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
- {
-+ struct bf_ctx *ctx = crypto_tfm_ctx(tfm);
- const __be32 *in_blk = (const __be32 *)src;
- __be32 *const out_blk = (__be32 *)dst;
-- const u32 *P = ((struct bf_ctx *)ctx)->p;
-- const u32 *S = ((struct bf_ctx *)ctx)->s;
-+ const u32 *P = ctx->p;
-+ const u32 *S = ctx->s;
- u32 yl = be32_to_cpu(in_blk[0]);
- u32 yr = be32_to_cpu(in_blk[1]);
-
-@@ -398,12 +399,14 @@
- /*
- * Calculates the blowfish S and P boxes for encryption and decryption.
- */
--static int bf_setkey(void *ctx, const u8 *key, unsigned int keylen, u32 *flags)
-+static int bf_setkey(struct crypto_tfm *tfm, const u8 *key,
-+ unsigned int keylen, u32 *flags)
- {
-+ struct bf_ctx *ctx = crypto_tfm_ctx(tfm);
-+ u32 *P = ctx->p;
-+ u32 *S = ctx->s;
- short i, j, count;
- u32 data[2], temp;
-- u32 *P = ((struct bf_ctx *)ctx)->p;
-- u32 *S = ((struct bf_ctx *)ctx)->s;
-
- /* Copy the initialization s-boxes */
- for (i = 0, count = 0; i < 256; i++)
-Index: linux-2.6.16.50/crypto/cast5.c
-===================================================================
---- linux-2.6.16.50.orig/crypto/cast5.c 2006-07-14 18:09:26.363437500 +1200
-+++ linux-2.6.16.50/crypto/cast5.c 2006-07-14 18:10:31.171487750 +1200
-@@ -577,9 +577,9 @@
- (((s1[I >> 24] + s2[(I>>16)&0xff]) ^ s3[(I>>8)&0xff]) - s4[I&0xff]) )
-
-
--static void cast5_encrypt(void *ctx, u8 * outbuf, const u8 * inbuf)
-+static void cast5_encrypt(struct crypto_tfm *tfm, u8 *outbuf, const u8 *inbuf)
- {
-- struct cast5_ctx *c = (struct cast5_ctx *) ctx;
-+ struct cast5_ctx *c = crypto_tfm_ctx(tfm);
- const __be32 *src = (const __be32 *)inbuf;
- __be32 *dst = (__be32 *)outbuf;
- u32 l, r, t;
-@@ -642,9 +642,9 @@
- dst[1] = cpu_to_be32(l);
- }
-
--static void cast5_decrypt(void *ctx, u8 * outbuf, const u8 * inbuf)
-+static void cast5_decrypt(struct crypto_tfm *tfm, u8 *outbuf, const u8 *inbuf)
- {
-- struct cast5_ctx *c = (struct cast5_ctx *) ctx;
-+ struct cast5_ctx *c = crypto_tfm_ctx(tfm);
- const __be32 *src = (const __be32 *)inbuf;
- __be32 *dst = (__be32 *)outbuf;
- u32 l, r, t;
-@@ -769,15 +769,15 @@
- }
-
-
--static int
--cast5_setkey(void *ctx, const u8 * key, unsigned key_len, u32 * flags)
-+static int cast5_setkey(struct crypto_tfm *tfm, const u8 *key,
-+ unsigned key_len, u32 *flags)
- {
-+ struct cast5_ctx *c = crypto_tfm_ctx(tfm);
- int i;
- u32 x[4];
- u32 z[4];
- u32 k[16];
- __be32 p_key[4];
-- struct cast5_ctx *c = (struct cast5_ctx *) ctx;
-
- if (key_len < 5 || key_len > 16) {
- *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
-Index: linux-2.6.16.50/crypto/cast6.c
-===================================================================
---- linux-2.6.16.50.orig/crypto/cast6.c 2006-07-14 18:09:26.363437500 +1200
-+++ linux-2.6.16.50/crypto/cast6.c 2006-07-14 18:10:31.175488000 +1200
-@@ -381,13 +381,13 @@
- key[7] ^= F2(key[0], Tr[i % 4][7], Tm[i][7]);
- }
-
--static int
--cast6_setkey(void *ctx, const u8 * in_key, unsigned key_len, u32 * flags)
-+static int cast6_setkey(struct crypto_tfm *tfm, const u8 *in_key,
-+ unsigned key_len, u32 *flags)
- {
- int i;
- u32 key[8];
- __be32 p_key[8]; /* padded key */
-- struct cast6_ctx *c = (struct cast6_ctx *) ctx;
-+ struct cast6_ctx *c = crypto_tfm_ctx(tfm);
-
- if (key_len < 16 || key_len > 32 || key_len % 4 != 0) {
- *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
-@@ -444,8 +444,9 @@
- block[2] ^= F1(block[3], Kr[0], Km[0]);
- }
-
--static void cast6_encrypt (void * ctx, u8 * outbuf, const u8 * inbuf) {
-- struct cast6_ctx * c = (struct cast6_ctx *)ctx;
-+static void cast6_encrypt(struct crypto_tfm *tfm, u8 *outbuf, const u8 *inbuf)
-+{
-+ struct cast6_ctx *c = crypto_tfm_ctx(tfm);
- const __be32 *src = (const __be32 *)inbuf;
- __be32 *dst = (__be32 *)outbuf;
- u32 block[4];
-@@ -476,8 +477,8 @@
- dst[3] = cpu_to_be32(block[3]);
- }
-
--static void cast6_decrypt (void * ctx, u8 * outbuf, const u8 * inbuf) {
-- struct cast6_ctx * c = (struct cast6_ctx *)ctx;
-+static void cast6_decrypt(struct crypto_tfm *tfm, u8 *outbuf, const u8 *inbuf) {
-+ struct cast6_ctx * c = crypto_tfm_ctx(tfm);
- const __be32 *src = (const __be32 *)inbuf;
- __be32 *dst = (__be32 *)outbuf;
- u32 block[4];
-Index: linux-2.6.16.50/crypto/cipher.c
-===================================================================
---- linux-2.6.16.50.orig/crypto/cipher.c 2006-07-14 18:09:26.367437750 +1200
-+++ linux-2.6.16.50/crypto/cipher.c 2006-07-14 18:10:31.179488250 +1200
-@@ -187,7 +187,7 @@
- void (*xor)(u8 *, const u8 *) = tfm->crt_u.cipher.cit_xor_block;
- int bsize = crypto_tfm_alg_blocksize(tfm);
-
-- void (*fn)(void *, u8 *, const u8 *) = desc->crfn;
-+ void (*fn)(struct crypto_tfm *, u8 *, const u8 *) = desc->crfn;
- u8 *iv = desc->info;
- unsigned int done = 0;
-
-@@ -195,7 +195,7 @@
-
- do {
- xor(iv, src);
-- fn(crypto_tfm_ctx(tfm), dst, iv);
-+ fn(tfm, dst, iv);
- memcpy(iv, dst, bsize);
-
- src += bsize;
-@@ -218,7 +218,7 @@
- u8 *buf = (u8 *)ALIGN((unsigned long)stack, alignmask + 1);
- u8 **dst_p = src == dst ? &buf : &dst;
-
-- void (*fn)(void *, u8 *, const u8 *) = desc->crfn;
-+ void (*fn)(struct crypto_tfm *, u8 *, const u8 *) = desc->crfn;
- u8 *iv = desc->info;
- unsigned int done = 0;
-
-@@ -227,7 +227,7 @@
- do {
- u8 *tmp_dst = *dst_p;
-
-- fn(crypto_tfm_ctx(tfm), tmp_dst, src);
-+ fn(tfm, tmp_dst, src);
- xor(tmp_dst, iv);
- memcpy(iv, src, bsize);
- if (tmp_dst != dst)
-@@ -245,13 +245,13 @@
- {
- struct crypto_tfm *tfm = desc->tfm;
- int bsize = crypto_tfm_alg_blocksize(tfm);
-- void (*fn)(void *, u8 *, const u8 *) = desc->crfn;
-+ void (*fn)(struct crypto_tfm *, u8 *, const u8 *) = desc->crfn;
- unsigned int done = 0;
-
- nbytes -= bsize;
-
- do {
-- fn(crypto_tfm_ctx(tfm), dst, src);
-+ fn(tfm, dst, src);
-
- src += bsize;
- dst += bsize;
-@@ -268,7 +268,7 @@
- tfm->crt_flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
- return -EINVAL;
- } else
-- return cia->cia_setkey(crypto_tfm_ctx(tfm), key, keylen,
-+ return cia->cia_setkey(tfm, key, keylen,
- &tfm->crt_flags);
- }
-
-Index: linux-2.6.16.50/crypto/compress.c
-===================================================================
---- linux-2.6.16.50.orig/crypto/compress.c 2006-07-14 18:09:26.367437750 +1200
-+++ linux-2.6.16.50/crypto/compress.c 2006-07-14 18:10:31.183488500 +1200
-@@ -22,8 +22,7 @@
- const u8 *src, unsigned int slen,
- u8 *dst, unsigned int *dlen)
- {
-- return tfm->__crt_alg->cra_compress.coa_compress(crypto_tfm_ctx(tfm),
-- src, slen, dst,
-+ return tfm->__crt_alg->cra_compress.coa_compress(tfm, src, slen, dst,
- dlen);
- }
-
-@@ -31,8 +30,7 @@
- const u8 *src, unsigned int slen,
- u8 *dst, unsigned int *dlen)
- {
-- return tfm->__crt_alg->cra_compress.coa_decompress(crypto_tfm_ctx(tfm),
-- src, slen, dst,
-+ return tfm->__crt_alg->cra_compress.coa_decompress(tfm, src, slen, dst,
- dlen);
- }
-
-@@ -43,21 +41,14 @@
-
- int crypto_init_compress_ops(struct crypto_tfm *tfm)
- {
-- int ret = 0;
- struct compress_tfm *ops = &tfm->crt_compress;
--
-- ret = tfm->__crt_alg->cra_compress.coa_init(crypto_tfm_ctx(tfm));
-- if (ret)
-- goto out;
-
- ops->cot_compress = crypto_compress;
- ops->cot_decompress = crypto_decompress;
-
--out:
-- return ret;
-+ return 0;
- }
-
- void crypto_exit_compress_ops(struct crypto_tfm *tfm)
- {
-- tfm->__crt_alg->cra_compress.coa_exit(crypto_tfm_ctx(tfm));
- }
-Index: linux-2.6.16.50/crypto/crc32c.c
-===================================================================
---- linux-2.6.16.50.orig/crypto/crc32c.c 2006-07-14 18:09:26.367437750 +1200
-+++ linux-2.6.16.50/crypto/crc32c.c 2006-07-14 18:10:31.183488500 +1200
-@@ -31,9 +31,9 @@
- * crc using table.
- */
-
--static void chksum_init(void *ctx)
-+static void chksum_init(struct crypto_tfm *tfm)
- {
-- struct chksum_ctx *mctx = ctx;
-+ struct chksum_ctx *mctx = crypto_tfm_ctx(tfm);
-
- mctx->crc = ~(u32)0; /* common usage */
- }
-@@ -43,10 +43,10 @@
- * If your algorithm starts with ~0, then XOR with ~0 before you set
- * the seed.
- */
--static int chksum_setkey(void *ctx, const u8 *key, unsigned int keylen,
-- u32 *flags)
-+static int chksum_setkey(struct crypto_tfm *tfm, const u8 *key,
-+ unsigned int keylen, u32 *flags)
- {
-- struct chksum_ctx *mctx = ctx;
-+ struct chksum_ctx *mctx = crypto_tfm_ctx(tfm);
-
- if (keylen != sizeof(mctx->crc)) {
- if (flags)
-@@ -57,9 +57,10 @@
- return 0;
- }
-
--static void chksum_update(void *ctx, const u8 *data, unsigned int length)
-+static void chksum_update(struct crypto_tfm *tfm, const u8 *data,
-+ unsigned int length)
- {
-- struct chksum_ctx *mctx = ctx;
-+ struct chksum_ctx *mctx = crypto_tfm_ctx(tfm);
- u32 mcrc;
-
- mcrc = crc32c(mctx->crc, data, (size_t)length);
-@@ -67,9 +68,9 @@
- mctx->crc = mcrc;
- }
-
--static void chksum_final(void *ctx, u8 *out)
-+static void chksum_final(struct crypto_tfm *tfm, u8 *out)
- {
-- struct chksum_ctx *mctx = ctx;
-+ struct chksum_ctx *mctx = crypto_tfm_ctx(tfm);
- u32 mcrc = (mctx->crc ^ ~(u32)0);
-
- *(u32 *)out = __le32_to_cpu(mcrc);
-Index: linux-2.6.16.50/crypto/crypto_null.c
-===================================================================
---- linux-2.6.16.50.orig/crypto/crypto_null.c 2006-07-14 18:09:26.371438000 +1200
-+++ linux-2.6.16.50/crypto/crypto_null.c 2006-07-14 18:10:31.187488750 +1200
-@@ -27,8 +27,8 @@
- #define NULL_BLOCK_SIZE 1
- #define NULL_DIGEST_SIZE 0
-
--static int null_compress(void *ctx, const u8 *src, unsigned int slen,
-- u8 *dst, unsigned int *dlen)
-+static int null_compress(struct crypto_tfm *tfm, const u8 *src,
-+ unsigned int slen, u8 *dst, unsigned int *dlen)
- {
- if (slen > *dlen)
- return -EINVAL;
-@@ -37,20 +37,21 @@
- return 0;
- }
-
--static void null_init(void *ctx)
-+static void null_init(struct crypto_tfm *tfm)
- { }
-
--static void null_update(void *ctx, const u8 *data, unsigned int len)
-+static void null_update(struct crypto_tfm *tfm, const u8 *data,
-+ unsigned int len)
- { }
-
--static void null_final(void *ctx, u8 *out)
-+static void null_final(struct crypto_tfm *tfm, u8 *out)
- { }
-
--static int null_setkey(void *ctx, const u8 *key,
-- unsigned int keylen, u32 *flags)
-+static int null_setkey(struct crypto_tfm *tfm, const u8 *key,
-+ unsigned int keylen, u32 *flags)
- { return 0; }
-
--static void null_crypt(void *ctx, u8 *dst, const u8 *src)
-+static void null_crypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
- {
- memcpy(dst, src, NULL_BLOCK_SIZE);
- }
-Index: linux-2.6.16.50/crypto/digest.c
-===================================================================
---- linux-2.6.16.50.orig/crypto/digest.c 2006-07-14 18:09:26.371438000 +1200
-+++ linux-2.6.16.50/crypto/digest.c 2006-07-14 18:10:31.191489000 +1200
-@@ -20,13 +20,14 @@
-
- static void init(struct crypto_tfm *tfm)
- {
-- tfm->__crt_alg->cra_digest.dia_init(crypto_tfm_ctx(tfm));
-+ tfm->__crt_alg->cra_digest.dia_init(tfm);
- }
-
- static void update(struct crypto_tfm *tfm,
- struct scatterlist *sg, unsigned int nsg)
- {
- unsigned int i;
-+ unsigned int alignmask = crypto_tfm_alg_alignmask(tfm);
-
- for (i = 0; i < nsg; i++) {
-
-@@ -38,12 +39,22 @@
- unsigned int bytes_from_page = min(l, ((unsigned int)
- (PAGE_SIZE)) -
- offset);
-- char *p = crypto_kmap(pg, 0) + offset;
-+ char *src = crypto_kmap(pg, 0);
-+ char *p = src + offset;
-
-- tfm->__crt_alg->cra_digest.dia_update
-- (crypto_tfm_ctx(tfm), p,
-- bytes_from_page);
-- crypto_kunmap(p, 0);
-+ if (unlikely(offset & alignmask)) {
-+ unsigned int bytes =
-+ alignmask + 1 - (offset & alignmask);
-+ bytes = min(bytes, bytes_from_page);
-+ tfm->__crt_alg->cra_digest.dia_update(tfm, p,
-+ bytes);
-+ p += bytes;
-+ bytes_from_page -= bytes;
-+ l -= bytes;
-+ }
-+ tfm->__crt_alg->cra_digest.dia_update(tfm, p,
-+ bytes_from_page);
-+ crypto_kunmap(src, 0);
- crypto_yield(tfm);
- offset = 0;
- pg++;
-@@ -54,7 +65,15 @@
-
- static void final(struct crypto_tfm *tfm, u8 *out)
- {
-- tfm->__crt_alg->cra_digest.dia_final(crypto_tfm_ctx(tfm), out);
-+ unsigned long alignmask = crypto_tfm_alg_alignmask(tfm);
-+ if (unlikely((unsigned long)out & alignmask)) {
-+ unsigned int size = crypto_tfm_alg_digestsize(tfm);
-+ u8 buffer[size + alignmask];
-+ u8 *dst = (u8 *)ALIGN((unsigned long)buffer, alignmask + 1);
-+ tfm->__crt_alg->cra_digest.dia_final(tfm, dst);
-+ memcpy(out, dst, size);
-+ } else
-+ tfm->__crt_alg->cra_digest.dia_final(tfm, out);
- }
-
- static int setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen)
-@@ -62,25 +81,15 @@
- u32 flags;
- if (tfm->__crt_alg->cra_digest.dia_setkey == NULL)
- return -ENOSYS;
-- return tfm->__crt_alg->cra_digest.dia_setkey(crypto_tfm_ctx(tfm),
-- key, keylen, &flags);
-+ return tfm->__crt_alg->cra_digest.dia_setkey(tfm, key, keylen, &flags);
- }
-
- static void digest(struct crypto_tfm *tfm,
- struct scatterlist *sg, unsigned int nsg, u8 *out)
- {
-- unsigned int i;
--
-- tfm->crt_digest.dit_init(tfm);
--
-- for (i = 0; i < nsg; i++) {
-- char *p = crypto_kmap(sg[i].page, 0) + sg[i].offset;
-- tfm->__crt_alg->cra_digest.dia_update(crypto_tfm_ctx(tfm),
-- p, sg[i].length);
-- crypto_kunmap(p, 0);
-- crypto_yield(tfm);
-- }
-- crypto_digest_final(tfm, out);
-+ init(tfm);
-+ update(tfm, sg, nsg);
-+ final(tfm, out);
- }
-
- int crypto_init_digest_flags(struct crypto_tfm *tfm, u32 flags)
-Index: linux-2.6.16.50/crypto/khazad.c
-===================================================================
---- linux-2.6.16.50.orig/crypto/khazad.c 2006-07-14 18:09:26.371438000 +1200
-+++ linux-2.6.16.50/crypto/khazad.c 2006-07-14 18:10:31.195489250 +1200
-@@ -754,11 +754,11 @@
- 0xccc41d14c363da5dULL, 0x5fdc7dcd7f5a6c5cULL, 0xf726ffede89d6f8eULL
- };
-
--static int khazad_setkey(void *ctx_arg, const u8 *in_key,
-- unsigned int key_len, u32 *flags)
-+static int khazad_setkey(struct crypto_tfm *tfm, const u8 *in_key,
-+ unsigned int key_len, u32 *flags)
- {
-- struct khazad_ctx *ctx = ctx_arg;
-- const __be64 *key = (const __be64 *)in_key;
-+ struct khazad_ctx *ctx = crypto_tfm_ctx(tfm);
-+ const __be32 *key = (const __be32 *)in_key;
- int r;
- const u64 *S = T7;
- u64 K2, K1;
-@@ -769,8 +769,9 @@
- return -EINVAL;
- }
-
-- K2 = be64_to_cpu(key[0]);
-- K1 = be64_to_cpu(key[1]);
-+ /* key is supposed to be 32-bit aligned */
-+ K2 = ((u64)be32_to_cpu(key[0]) << 32) | be32_to_cpu(key[1]);
-+ K1 = ((u64)be32_to_cpu(key[2]) << 32) | be32_to_cpu(key[3]);
-
- /* setup the encrypt key */
- for (r = 0; r <= KHAZAD_ROUNDS; r++) {
-@@ -840,15 +841,15 @@
- *dst = cpu_to_be64(state);
- }
-
--static void khazad_encrypt(void *ctx_arg, u8 *dst, const u8 *src)
-+static void khazad_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
- {
-- struct khazad_ctx *ctx = ctx_arg;
-+ struct khazad_ctx *ctx = crypto_tfm_ctx(tfm);
- khazad_crypt(ctx->E, dst, src);
- }
-
--static void khazad_decrypt(void *ctx_arg, u8 *dst, const u8 *src)
-+static void khazad_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
- {
-- struct khazad_ctx *ctx = ctx_arg;
-+ struct khazad_ctx *ctx = crypto_tfm_ctx(tfm);
- khazad_crypt(ctx->D, dst, src);
- }
-
-Index: linux-2.6.16.50/crypto/md4.c
-===================================================================
---- linux-2.6.16.50.orig/crypto/md4.c 2006-07-14 18:09:26.375438250 +1200
-+++ linux-2.6.16.50/crypto/md4.c 2006-07-14 18:10:31.199489500 +1200
-@@ -152,9 +152,9 @@
- md4_transform(ctx->hash, ctx->block);
- }
-
--static void md4_init(void *ctx)
-+static void md4_init(struct crypto_tfm *tfm)
- {
-- struct md4_ctx *mctx = ctx;
-+ struct md4_ctx *mctx = crypto_tfm_ctx(tfm);
-
- mctx->hash[0] = 0x67452301;
- mctx->hash[1] = 0xefcdab89;
-@@ -163,9 +163,9 @@
- mctx->byte_count = 0;
- }
-
--static void md4_update(void *ctx, const u8 *data, unsigned int len)
-+static void md4_update(struct crypto_tfm *tfm, const u8 *data, unsigned int len)
- {
-- struct md4_ctx *mctx = ctx;
-+ struct md4_ctx *mctx = crypto_tfm_ctx(tfm);
- const u32 avail = sizeof(mctx->block) - (mctx->byte_count & 0x3f);
-
- mctx->byte_count += len;
-@@ -193,9 +193,9 @@
- memcpy(mctx->block, data, len);
- }
-
--static void md4_final(void *ctx, u8 *out)
-+static void md4_final(struct crypto_tfm *tfm, u8 *out)
- {
-- struct md4_ctx *mctx = ctx;
-+ struct md4_ctx *mctx = crypto_tfm_ctx(tfm);
- const unsigned int offset = mctx->byte_count & 0x3f;
- char *p = (char *)mctx->block + offset;
- int padding = 56 - (offset + 1);
-Index: linux-2.6.16.50/crypto/md5.c
-===================================================================
---- linux-2.6.16.50.orig/crypto/md5.c 2006-07-14 18:09:26.375438250 +1200
-+++ linux-2.6.16.50/crypto/md5.c 2006-07-14 18:10:31.199489500 +1200
-@@ -147,9 +147,9 @@
- md5_transform(ctx->hash, ctx->block);
- }
-
--static void md5_init(void *ctx)
-+static void md5_init(struct crypto_tfm *tfm)
- {
-- struct md5_ctx *mctx = ctx;
-+ struct md5_ctx *mctx = crypto_tfm_ctx(tfm);
-
- mctx->hash[0] = 0x67452301;
- mctx->hash[1] = 0xefcdab89;
-@@ -158,9 +158,9 @@
- mctx->byte_count = 0;
- }
-
--static void md5_update(void *ctx, const u8 *data, unsigned int len)
-+static void md5_update(struct crypto_tfm *tfm, const u8 *data, unsigned int len)
- {
-- struct md5_ctx *mctx = ctx;
-+ struct md5_ctx *mctx = crypto_tfm_ctx(tfm);
- const u32 avail = sizeof(mctx->block) - (mctx->byte_count & 0x3f);
-
- mctx->byte_count += len;
-@@ -188,9 +188,9 @@
- memcpy(mctx->block, data, len);
- }
-
--static void md5_final(void *ctx, u8 *out)
-+static void md5_final(struct crypto_tfm *tfm, u8 *out)
- {
-- struct md5_ctx *mctx = ctx;
-+ struct md5_ctx *mctx = crypto_tfm_ctx(tfm);
- const unsigned int offset = mctx->byte_count & 0x3f;
- char *p = (char *)mctx->block + offset;
- int padding = 56 - (offset + 1);
-Index: linux-2.6.16.50/crypto/michael_mic.c
-===================================================================
---- linux-2.6.16.50.orig/crypto/michael_mic.c 2006-07-14 18:09:26.375438250 +1200
-+++ linux-2.6.16.50/crypto/michael_mic.c 2006-07-14 18:10:31.203489750 +1200
-@@ -45,16 +45,17 @@
- } while (0)
-
-
--static void michael_init(void *ctx)
-+static void michael_init(struct crypto_tfm *tfm)
- {
-- struct michael_mic_ctx *mctx = ctx;
-+ struct michael_mic_ctx *mctx = crypto_tfm_ctx(tfm);
- mctx->pending_len = 0;
- }
-
-
--static void michael_update(void *ctx, const u8 *data, unsigned int len)
-+static void michael_update(struct crypto_tfm *tfm, const u8 *data,
-+ unsigned int len)
- {
-- struct michael_mic_ctx *mctx = ctx;
-+ struct michael_mic_ctx *mctx = crypto_tfm_ctx(tfm);
- const __le32 *src;
-
- if (mctx->pending_len) {
-@@ -90,9 +91,9 @@
- }
-
-
--static void michael_final(void *ctx, u8 *out)
-+static void michael_final(struct crypto_tfm *tfm, u8 *out)
- {
-- struct michael_mic_ctx *mctx = ctx;
-+ struct michael_mic_ctx *mctx = crypto_tfm_ctx(tfm);
- u8 *data = mctx->pending;
- __le32 *dst = (__le32 *)out;
-
-@@ -121,10 +122,10 @@
- }
-
-
--static int michael_setkey(void *ctx, const u8 *key, unsigned int keylen,
-- u32 *flags)
-+static int michael_setkey(struct crypto_tfm *tfm, const u8 *key,
-+ unsigned int keylen, u32 *flags)
- {
-- struct michael_mic_ctx *mctx = ctx;
-+ struct michael_mic_ctx *mctx = crypto_tfm_ctx(tfm);
- const __le32 *data = (const __le32 *)key;
-
- if (keylen != 8) {
-@@ -145,6 +146,7 @@
- .cra_blocksize = 8,
- .cra_ctxsize = sizeof(struct michael_mic_ctx),
- .cra_module = THIS_MODULE,
-+ .cra_alignmask = 3,
- .cra_list = LIST_HEAD_INIT(michael_mic_alg.cra_list),
- .cra_u = { .digest = {
- .dia_digestsize = 8,
-Index: linux-2.6.16.50/crypto/sha1.c
-===================================================================
---- linux-2.6.16.50.orig/crypto/sha1.c 2006-07-14 18:09:26.379438500 +1200
-+++ linux-2.6.16.50/crypto/sha1.c 2006-07-18 01:35:17.455238201 +1200
-@@ -34,9 +34,9 @@
- u8 buffer[64];
- };
-
--static void sha1_init(void *ctx)
-+static void sha1_init(struct crypto_tfm *tfm)
- {
-- struct sha1_ctx *sctx = ctx;
-+ struct sha1_ctx *sctx = crypto_tfm_ctx(tfm);
- static const struct sha1_ctx initstate = {
- 0,
- { 0x67452301, 0xEFCDAB89, 0x98BADCFE, 0x10325476, 0xC3D2E1F0 },
-@@ -46,9 +46,10 @@
- *sctx = initstate;
- }
-
--static void sha1_update(void *ctx, const u8 *data, unsigned int len)
-+static void sha1_update(struct crypto_tfm *tfm, const u8 *data,
-+ unsigned int len)
- {
-- struct sha1_ctx *sctx = ctx;
-+ struct sha1_ctx *sctx = crypto_tfm_ctx(tfm);
- unsigned int partial, done;
- const u8 *src;
-
-@@ -80,9 +81,9 @@
-
-
- /* Add padding and return the message digest. */
--static void sha1_final(void* ctx, u8 *out)
-+static void sha1_final(struct crypto_tfm *tfm, u8 *out)
- {
-- struct sha1_ctx *sctx = ctx;
-+ struct sha1_ctx *sctx = crypto_tfm_ctx(tfm);
- __be32 *dst = (__be32 *)out;
- u32 i, index, padlen;
- __be64 bits;
-@@ -93,10 +94,10 @@
- /* Pad out to 56 mod 64 */
- index = sctx->count & 0x3f;
- padlen = (index < 56) ? (56 - index) : ((64+56) - index);
-- sha1_update(sctx, padding, padlen);
-+ sha1_update(tfm, padding, padlen);
-
- /* Append length */
-- sha1_update(sctx, (const u8 *)&bits, sizeof(bits));
-+ sha1_update(tfm, (const u8 *)&bits, sizeof(bits));
-
- /* Store state in digest */
- for (i = 0; i < 5; i++)
-@@ -112,6 +113,7 @@
- .cra_blocksize = SHA1_HMAC_BLOCK_SIZE,
- .cra_ctxsize = sizeof(struct sha1_ctx),
- .cra_module = THIS_MODULE,
-+ .cra_alignmask = 3,
- .cra_list = LIST_HEAD_INIT(alg.cra_list),
- .cra_u = { .digest = {
- .dia_digestsize = SHA1_DIGEST_SIZE,
-Index: linux-2.6.16.50/crypto/sha256.c
-===================================================================
---- linux-2.6.16.50.orig/crypto/sha256.c 2006-07-14 18:09:26.379438500 +1200
-+++ linux-2.6.16.50/crypto/sha256.c 2006-07-18 01:35:17.455238201 +1200
-@@ -230,9 +230,9 @@
- memset(W, 0, 64 * sizeof(u32));
- }
-
--static void sha256_init(void *ctx)
-+static void sha256_init(struct crypto_tfm *tfm)
- {
-- struct sha256_ctx *sctx = ctx;
-+ struct sha256_ctx *sctx = crypto_tfm_ctx(tfm);
- sctx->state[0] = H0;
- sctx->state[1] = H1;
- sctx->state[2] = H2;
-@@ -242,12 +242,12 @@
- sctx->state[6] = H6;
- sctx->state[7] = H7;
- sctx->count[0] = sctx->count[1] = 0;
-- memset(sctx->buf, 0, sizeof(sctx->buf));
- }
-
--static void sha256_update(void *ctx, const u8 *data, unsigned int len)
-+static void sha256_update(struct crypto_tfm *tfm, const u8 *data,
-+ unsigned int len)
- {
-- struct sha256_ctx *sctx = ctx;
-+ struct sha256_ctx *sctx = crypto_tfm_ctx(tfm);
- unsigned int i, index, part_len;
-
- /* Compute number of bytes mod 128 */
-@@ -277,9 +277,9 @@
- memcpy(&sctx->buf[index], &data[i], len-i);
- }
-
--static void sha256_final(void* ctx, u8 *out)
-+static void sha256_final(struct crypto_tfm *tfm, u8 *out)
- {
-- struct sha256_ctx *sctx = ctx;
-+ struct sha256_ctx *sctx = crypto_tfm_ctx(tfm);
- __be32 *dst = (__be32 *)out;
- __be32 bits[2];
- unsigned int index, pad_len;
-@@ -293,10 +293,10 @@
- /* Pad out to 56 mod 64. */
- index = (sctx->count[0] >> 3) & 0x3f;
- pad_len = (index < 56) ? (56 - index) : ((64+56) - index);
-- sha256_update(sctx, padding, pad_len);
-+ sha256_update(tfm, padding, pad_len);
-
- /* Append length (before padding) */
-- sha256_update(sctx, (const u8 *)bits, sizeof(bits));
-+ sha256_update(tfm, (const u8 *)bits, sizeof(bits));
-
- /* Store state in digest */
- for (i = 0; i < 8; i++)
-@@ -313,6 +313,7 @@
- .cra_blocksize = SHA256_HMAC_BLOCK_SIZE,
- .cra_ctxsize = sizeof(struct sha256_ctx),
- .cra_module = THIS_MODULE,
-+ .cra_alignmask = 3,
- .cra_list = LIST_HEAD_INIT(alg.cra_list),
- .cra_u = { .digest = {
- .dia_digestsize = SHA256_DIGEST_SIZE,
-Index: linux-2.6.16.50/crypto/sha512.c
-===================================================================
---- linux-2.6.16.50.orig/crypto/sha512.c 2006-07-14 18:09:26.379438500 +1200
-+++ linux-2.6.16.50/crypto/sha512.c 2006-07-14 18:10:31.211490250 +1200
-@@ -161,9 +161,9 @@
- }
-
- static void
--sha512_init(void *ctx)
-+sha512_init(struct crypto_tfm *tfm)
- {
-- struct sha512_ctx *sctx = ctx;
-+ struct sha512_ctx *sctx = crypto_tfm_ctx(tfm);
- sctx->state[0] = H0;
- sctx->state[1] = H1;
- sctx->state[2] = H2;
-@@ -173,13 +173,12 @@
- sctx->state[6] = H6;
- sctx->state[7] = H7;
- sctx->count[0] = sctx->count[1] = sctx->count[2] = sctx->count[3] = 0;
-- memset(sctx->buf, 0, sizeof(sctx->buf));
- }
-
- static void
--sha384_init(void *ctx)
-+sha384_init(struct crypto_tfm *tfm)
- {
-- struct sha512_ctx *sctx = ctx;
-+ struct sha512_ctx *sctx = crypto_tfm_ctx(tfm);
- sctx->state[0] = HP0;
- sctx->state[1] = HP1;
- sctx->state[2] = HP2;
-@@ -189,13 +188,12 @@
- sctx->state[6] = HP6;
- sctx->state[7] = HP7;
- sctx->count[0] = sctx->count[1] = sctx->count[2] = sctx->count[3] = 0;
-- memset(sctx->buf, 0, sizeof(sctx->buf));
- }
-
- static void
--sha512_update(void *ctx, const u8 *data, unsigned int len)
-+sha512_update(struct crypto_tfm *tfm, const u8 *data, unsigned int len)
- {
-- struct sha512_ctx *sctx = ctx;
-+ struct sha512_ctx *sctx = crypto_tfm_ctx(tfm);
-
- unsigned int i, index, part_len;
-
-@@ -233,9 +231,9 @@
- }
-
- static void
--sha512_final(void *ctx, u8 *hash)
-+sha512_final(struct crypto_tfm *tfm, u8 *hash)
- {
-- struct sha512_ctx *sctx = ctx;
-+ struct sha512_ctx *sctx = crypto_tfm_ctx(tfm);
- static u8 padding[128] = { 0x80, };
- __be64 *dst = (__be64 *)hash;
- __be32 bits[4];
-@@ -251,10 +249,10 @@
- /* Pad out to 112 mod 128. */
- index = (sctx->count[0] >> 3) & 0x7f;
- pad_len = (index < 112) ? (112 - index) : ((128+112) - index);
-- sha512_update(sctx, padding, pad_len);
-+ sha512_update(tfm, padding, pad_len);
-
- /* Append length (before padding) */
-- sha512_update(sctx, (const u8 *)bits, sizeof(bits));
-+ sha512_update(tfm, (const u8 *)bits, sizeof(bits));
-
- /* Store state in digest */
- for (i = 0; i < 8; i++)
-@@ -264,12 +262,11 @@
- memset(sctx, 0, sizeof(struct sha512_ctx));
- }
-
--static void sha384_final(void *ctx, u8 *hash)
-+static void sha384_final(struct crypto_tfm *tfm, u8 *hash)
- {
-- struct sha512_ctx *sctx = ctx;
- u8 D[64];
-
-- sha512_final(sctx, D);
-+ sha512_final(tfm, D);
-
- memcpy(hash, D, 48);
- memset(D, 0, 64);
-@@ -281,6 +278,7 @@
- .cra_blocksize = SHA512_HMAC_BLOCK_SIZE,
- .cra_ctxsize = sizeof(struct sha512_ctx),
- .cra_module = THIS_MODULE,
-+ .cra_alignmask = 3,
- .cra_list = LIST_HEAD_INIT(sha512.cra_list),
- .cra_u = { .digest = {
- .dia_digestsize = SHA512_DIGEST_SIZE,
-@@ -295,6 +293,7 @@
- .cra_flags = CRYPTO_ALG_TYPE_DIGEST,
- .cra_blocksize = SHA384_HMAC_BLOCK_SIZE,
- .cra_ctxsize = sizeof(struct sha512_ctx),
-+ .cra_alignmask = 3,
- .cra_module = THIS_MODULE,
- .cra_list = LIST_HEAD_INIT(sha384.cra_list),
- .cra_u = { .digest = {
-Index: linux-2.6.16.50/crypto/tcrypt.c
-===================================================================
---- linux-2.6.16.50.orig/crypto/tcrypt.c 2006-07-14 18:09:26.379438500 +1200
-+++ linux-2.6.16.50/crypto/tcrypt.c 2006-07-18 01:36:18.591058951 +1200
-@@ -570,6 +570,122 @@
- crypto_free_tfm(tfm);
- }
-
-+static void test_digest_jiffies(struct crypto_tfm *tfm, char *p, int blen,
-+ int plen, char *out, int sec)
-+{
-+ struct scatterlist sg[1];
-+ unsigned long start, end;
-+ int bcount, pcount;
-+
-+ for (start = jiffies, end = start + sec * HZ, bcount = 0;
-+ time_before(jiffies, end); bcount++) {
-+ crypto_digest_init(tfm);
-+ for (pcount = 0; pcount < blen; pcount += plen) {
-+ sg_set_buf(sg, p + pcount, plen);
-+ crypto_digest_update(tfm, sg, 1);
-+ }
-+ /* we assume there is enough space in 'out' for the result */
-+ crypto_digest_final(tfm, out);
-+ }
-+
-+ printk("%6u opers/sec, %9lu bytes/sec\n",
-+ bcount / sec, ((long)bcount * blen) / sec);
-+
-+ return;
-+}
-+
-+static void test_digest_cycles(struct crypto_tfm *tfm, char *p, int blen,
-+ int plen, char *out)
-+{
-+ struct scatterlist sg[1];
-+ unsigned long cycles = 0;
-+ int i, pcount;
-+
-+ local_bh_disable();
-+ local_irq_disable();
-+
-+ /* Warm-up run. */
-+ for (i = 0; i < 4; i++) {
-+ crypto_digest_init(tfm);
-+ for (pcount = 0; pcount < blen; pcount += plen) {
-+ sg_set_buf(sg, p + pcount, plen);
-+ crypto_digest_update(tfm, sg, 1);
-+ }
-+ crypto_digest_final(tfm, out);
-+ }
-+
-+ /* The real thing. */
-+ for (i = 0; i < 8; i++) {
-+ cycles_t start, end;
-+
-+ crypto_digest_init(tfm);
-+
-+ start = get_cycles();
-+
-+ for (pcount = 0; pcount < blen; pcount += plen) {
-+ sg_set_buf(sg, p + pcount, plen);
-+ crypto_digest_update(tfm, sg, 1);
-+ }
-+ crypto_digest_final(tfm, out);
-+
-+ end = get_cycles();
-+
-+ cycles += end - start;
-+ }
-+
-+ local_irq_enable();
-+ local_bh_enable();
-+
-+ printk("%6lu cycles/operation, %4lu cycles/byte\n",
-+ cycles / 8, cycles / (8 * blen));
-+
-+ return;
-+}
-+
-+static void test_digest_speed(char *algo, unsigned int sec,
-+ struct digest_speed *speed)
-+{
-+ struct crypto_tfm *tfm;
-+ char output[1024];
-+ int i;
-+
-+ printk("\ntesting speed of %s\n", algo);
-+
-+ tfm = crypto_alloc_tfm(algo, 0);
-+
-+ if (tfm == NULL) {
-+ printk("failed to load transform for %s\n", algo);
-+ return;
-+ }
-+
-+ if (crypto_tfm_alg_digestsize(tfm) > sizeof(output)) {
-+ printk("digestsize(%u) > outputbuffer(%zu)\n",
-+ crypto_tfm_alg_digestsize(tfm), sizeof(output));
-+ goto out;
-+ }
-+
-+ for (i = 0; speed[i].blen != 0; i++) {
-+ if (speed[i].blen > TVMEMSIZE) {
-+ printk("template (%u) too big for tvmem (%u)\n",
-+ speed[i].blen, TVMEMSIZE);
-+ goto out;
-+ }
-+
-+ printk("test%3u (%5u byte blocks,%5u bytes per update,%4u updates): ",
-+ i, speed[i].blen, speed[i].plen, speed[i].blen / speed[i].plen);
-+
-+ memset(tvmem, 0xff, speed[i].blen);
-+
-+ if (sec)
-+ test_digest_jiffies(tfm, tvmem, speed[i].blen, speed[i].plen, output, sec);
-+ else
-+ test_digest_cycles(tfm, tvmem, speed[i].blen, speed[i].plen, output);
-+ }
-+
-+out:
-+ crypto_free_tfm(tfm);
-+}
-+
- static void test_deflate(void)
- {
- unsigned int i;
-@@ -1086,6 +1202,60 @@
- des_speed_template);
- break;
-
-+ case 300:
-+ /* fall through */
-+
-+ case 301:
-+ test_digest_speed("md4", sec, generic_digest_speed_template);
-+ if (mode > 300 && mode < 400) break;
-+
-+ case 302:
-+ test_digest_speed("md5", sec, generic_digest_speed_template);
-+ if (mode > 300 && mode < 400) break;
-+
-+ case 303:
-+ test_digest_speed("sha1", sec, generic_digest_speed_template);
-+ if (mode > 300 && mode < 400) break;
-+
-+ case 304:
-+ test_digest_speed("sha256", sec, generic_digest_speed_template);
-+ if (mode > 300 && mode < 400) break;
-+
-+ case 305:
-+ test_digest_speed("sha384", sec, generic_digest_speed_template);
-+ if (mode > 300 && mode < 400) break;
-+
-+ case 306:
-+ test_digest_speed("sha512", sec, generic_digest_speed_template);
-+ if (mode > 300 && mode < 400) break;
-+
-+ case 307:
-+ test_digest_speed("wp256", sec, generic_digest_speed_template);
-+ if (mode > 300 && mode < 400) break;
-+
-+ case 308:
-+ test_digest_speed("wp384", sec, generic_digest_speed_template);
-+ if (mode > 300 && mode < 400) break;
-+
-+ case 309:
-+ test_digest_speed("wp512", sec, generic_digest_speed_template);
-+ if (mode > 300 && mode < 400) break;
-+
-+ case 310:
-+ test_digest_speed("tgr128", sec, generic_digest_speed_template);
-+ if (mode > 300 && mode < 400) break;
-+
-+ case 311:
-+ test_digest_speed("tgr160", sec, generic_digest_speed_template);
-+ if (mode > 300 && mode < 400) break;
-+
-+ case 312:
-+ test_digest_speed("tgr192", sec, generic_digest_speed_template);
-+ if (mode > 300 && mode < 400) break;
-+
-+ case 399:
-+ break;
-+
- case 1000:
- test_available();
- break;
-@@ -1113,7 +1283,14 @@
-
- kfree(xbuf);
- kfree(tvmem);
-- return 0;
-+
-+ /* We intentionaly return -EAGAIN to prevent keeping
-+ * the module. It does all its work from init()
-+ * and doesn't offer any runtime functionality
-+ * => we don't need it in the memory, do we?
-+ * -- mludvig
-+ */
-+ return -EAGAIN;
- }
-
- /*
-Index: linux-2.6.16.50/crypto/tea.c
-===================================================================
---- linux-2.6.16.50.orig/crypto/tea.c 2006-07-14 18:09:26.383438750 +1200
-+++ linux-2.6.16.50/crypto/tea.c 2006-07-14 18:10:31.223491000 +1200
-@@ -45,10 +45,10 @@
- u32 KEY[4];
- };
-
--static int tea_setkey(void *ctx_arg, const u8 *in_key,
-- unsigned int key_len, u32 *flags)
--{
-- struct tea_ctx *ctx = ctx_arg;
-+static int tea_setkey(struct crypto_tfm *tfm, const u8 *in_key,
-+ unsigned int key_len, u32 *flags)
-+{
-+ struct tea_ctx *ctx = crypto_tfm_ctx(tfm);
- const __le32 *key = (const __le32 *)in_key;
-
- if (key_len != 16)
-@@ -66,12 +66,11 @@
-
- }
-
--static void tea_encrypt(void *ctx_arg, u8 *dst, const u8 *src)
--{
-+static void tea_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
-+{
- u32 y, z, n, sum = 0;
- u32 k0, k1, k2, k3;
--
-- struct tea_ctx *ctx = ctx_arg;
-+ struct tea_ctx *ctx = crypto_tfm_ctx(tfm);
- const __le32 *in = (const __le32 *)src;
- __le32 *out = (__le32 *)dst;
-
-@@ -95,11 +94,11 @@
- out[1] = cpu_to_le32(z);
- }
-
--static void tea_decrypt(void *ctx_arg, u8 *dst, const u8 *src)
--{
-+static void tea_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
-+{
- u32 y, z, n, sum;
- u32 k0, k1, k2, k3;
-- struct tea_ctx *ctx = ctx_arg;
-+ struct tea_ctx *ctx = crypto_tfm_ctx(tfm);
- const __le32 *in = (const __le32 *)src;
- __le32 *out = (__le32 *)dst;
-
-@@ -125,10 +124,10 @@
- out[1] = cpu_to_le32(z);
- }
-
--static int xtea_setkey(void *ctx_arg, const u8 *in_key,
-- unsigned int key_len, u32 *flags)
--{
-- struct xtea_ctx *ctx = ctx_arg;
-+static int xtea_setkey(struct crypto_tfm *tfm, const u8 *in_key,
-+ unsigned int key_len, u32 *flags)
-+{
-+ struct xtea_ctx *ctx = crypto_tfm_ctx(tfm);
- const __le32 *key = (const __le32 *)in_key;
-
- if (key_len != 16)
-@@ -146,12 +145,11 @@
-
- }
-
--static void xtea_encrypt(void *ctx_arg, u8 *dst, const u8 *src)
--{
-+static void xtea_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
-+{
- u32 y, z, sum = 0;
- u32 limit = XTEA_DELTA * XTEA_ROUNDS;
--
-- struct xtea_ctx *ctx = ctx_arg;
-+ struct xtea_ctx *ctx = crypto_tfm_ctx(tfm);
- const __le32 *in = (const __le32 *)src;
- __le32 *out = (__le32 *)dst;
-
-@@ -168,10 +166,10 @@
- out[1] = cpu_to_le32(z);
- }
-
--static void xtea_decrypt(void *ctx_arg, u8 *dst, const u8 *src)
--{
-+static void xtea_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
-+{
- u32 y, z, sum;
-- struct tea_ctx *ctx = ctx_arg;
-+ struct tea_ctx *ctx = crypto_tfm_ctx(tfm);
- const __le32 *in = (const __le32 *)src;
- __le32 *out = (__le32 *)dst;
-
-@@ -191,12 +189,11 @@
- }
-
-
--static void xeta_encrypt(void *ctx_arg, u8 *dst, const u8 *src)
--{
-+static void xeta_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
-+{
- u32 y, z, sum = 0;
- u32 limit = XTEA_DELTA * XTEA_ROUNDS;
--
-- struct xtea_ctx *ctx = ctx_arg;
-+ struct xtea_ctx *ctx = crypto_tfm_ctx(tfm);
- const __le32 *in = (const __le32 *)src;
- __le32 *out = (__le32 *)dst;
-
-@@ -213,10 +210,10 @@
- out[1] = cpu_to_le32(z);
- }
-
--static void xeta_decrypt(void *ctx_arg, u8 *dst, const u8 *src)
--{
-+static void xeta_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
-+{
- u32 y, z, sum;
-- struct tea_ctx *ctx = ctx_arg;
-+ struct tea_ctx *ctx = crypto_tfm_ctx(tfm);
- const __le32 *in = (const __le32 *)src;
- __le32 *out = (__le32 *)dst;
-
-Index: linux-2.6.16.50/crypto/tgr192.c
-===================================================================
---- linux-2.6.16.50.orig/crypto/tgr192.c 2006-07-14 18:09:26.383438750 +1200
-+++ linux-2.6.16.50/crypto/tgr192.c 2006-07-14 18:10:31.227491250 +1200
-@@ -496,11 +496,10 @@
- tctx->c = c;
- }
-
--static void tgr192_init(void *ctx)
-+static void tgr192_init(struct crypto_tfm *tfm)
- {
-- struct tgr192_ctx *tctx = ctx;
-+ struct tgr192_ctx *tctx = crypto_tfm_ctx(tfm);
-
-- memset (tctx->hash, 0, 64);
- tctx->a = 0x0123456789abcdefULL;
- tctx->b = 0xfedcba9876543210ULL;
- tctx->c = 0xf096a5b4c3b2e187ULL;
-@@ -511,9 +510,10 @@
-
- /* Update the message digest with the contents
- * of INBUF with length INLEN. */
--static void tgr192_update(void *ctx, const u8 * inbuf, unsigned int len)
-+static void tgr192_update(struct crypto_tfm *tfm, const u8 *inbuf,
-+ unsigned int len)
- {
-- struct tgr192_ctx *tctx = ctx;
-+ struct tgr192_ctx *tctx = crypto_tfm_ctx(tfm);
-
- if (tctx->count == 64) { /* flush the buffer */
- tgr192_transform(tctx, tctx->hash);
-@@ -527,7 +527,7 @@
- for (; len && tctx->count < 64; len--) {
- tctx->hash[tctx->count++] = *inbuf++;
- }
-- tgr192_update(tctx, NULL, 0);
-+ tgr192_update(tfm, NULL, 0);
- if (!len) {
- return;
- }
-@@ -549,15 +549,15 @@
-
-
- /* The routine terminates the computation */
--static void tgr192_final(void *ctx, u8 * out)
-+static void tgr192_final(struct crypto_tfm *tfm, u8 * out)
- {
-- struct tgr192_ctx *tctx = ctx;
-+ struct tgr192_ctx *tctx = crypto_tfm_ctx(tfm);
- __be64 *dst = (__be64 *)out;
- __be64 *be64p;
- __le32 *le32p;
- u32 t, msb, lsb;
-
-- tgr192_update(tctx, NULL, 0); /* flush */ ;
-+ tgr192_update(tfm, NULL, 0); /* flush */ ;
-
- msb = 0;
- t = tctx->nblocks;
-@@ -585,7 +585,7 @@
- while (tctx->count < 64) {
- tctx->hash[tctx->count++] = 0;
- }
-- tgr192_update(tctx, NULL, 0); /* flush */ ;
-+ tgr192_update(tfm, NULL, 0); /* flush */ ;
- memset(tctx->hash, 0, 56); /* fill next block with zeroes */
- }
- /* append the 64 bit count */
-@@ -601,22 +601,20 @@
- dst[2] = be64p[2] = cpu_to_be64(tctx->c);
- }
-
--static void tgr160_final(void *ctx, u8 * out)
-+static void tgr160_final(struct crypto_tfm *tfm, u8 * out)
- {
-- struct tgr192_ctx *wctx = ctx;
- u8 D[64];
-
-- tgr192_final(wctx, D);
-+ tgr192_final(tfm, D);
- memcpy(out, D, TGR160_DIGEST_SIZE);
- memset(D, 0, TGR192_DIGEST_SIZE);
- }
-
--static void tgr128_final(void *ctx, u8 * out)
-+static void tgr128_final(struct crypto_tfm *tfm, u8 * out)
- {
-- struct tgr192_ctx *wctx = ctx;
- u8 D[64];
-
-- tgr192_final(wctx, D);
-+ tgr192_final(tfm, D);
- memcpy(out, D, TGR128_DIGEST_SIZE);
- memset(D, 0, TGR192_DIGEST_SIZE);
- }
-@@ -627,6 +625,7 @@
- .cra_blocksize = TGR192_BLOCK_SIZE,
- .cra_ctxsize = sizeof(struct tgr192_ctx),
- .cra_module = THIS_MODULE,
-+ .cra_alignmask = 7,
- .cra_list = LIST_HEAD_INIT(tgr192.cra_list),
- .cra_u = {.digest = {
- .dia_digestsize = TGR192_DIGEST_SIZE,
-@@ -641,6 +640,7 @@
- .cra_blocksize = TGR192_BLOCK_SIZE,
- .cra_ctxsize = sizeof(struct tgr192_ctx),
- .cra_module = THIS_MODULE,
-+ .cra_alignmask = 7,
- .cra_list = LIST_HEAD_INIT(tgr160.cra_list),
- .cra_u = {.digest = {
- .dia_digestsize = TGR160_DIGEST_SIZE,
-@@ -655,6 +655,7 @@
- .cra_blocksize = TGR192_BLOCK_SIZE,
- .cra_ctxsize = sizeof(struct tgr192_ctx),
- .cra_module = THIS_MODULE,
-+ .cra_alignmask = 7,
- .cra_list = LIST_HEAD_INIT(tgr128.cra_list),
- .cra_u = {.digest = {
- .dia_digestsize = TGR128_DIGEST_SIZE,
-Index: linux-2.6.16.50/crypto/wp512.c
-===================================================================
---- linux-2.6.16.50.orig/crypto/wp512.c 2006-07-14 18:09:26.383438750 +1200
-+++ linux-2.6.16.50/crypto/wp512.c 2006-07-14 18:10:31.235491750 +1200
-@@ -981,9 +981,9 @@
-
- }
-
--static void wp512_init (void *ctx) {
-+static void wp512_init(struct crypto_tfm *tfm) {
-+ struct wp512_ctx *wctx = crypto_tfm_ctx(tfm);
- int i;
-- struct wp512_ctx *wctx = ctx;
-
- memset(wctx->bitLength, 0, 32);
- wctx->bufferBits = wctx->bufferPos = 0;
-@@ -993,10 +993,10 @@
- }
- }
-
--static void wp512_update(void *ctx, const u8 *source, unsigned int len)
-+static void wp512_update(struct crypto_tfm *tfm, const u8 *source,
-+ unsigned int len)
- {
--
-- struct wp512_ctx *wctx = ctx;
-+ struct wp512_ctx *wctx = crypto_tfm_ctx(tfm);
- int sourcePos = 0;
- unsigned int bits_len = len * 8; // convert to number of bits
- int sourceGap = (8 - ((int)bits_len & 7)) & 7;
-@@ -1054,9 +1054,9 @@
-
- }
-
--static void wp512_final(void *ctx, u8 *out)
-+static void wp512_final(struct crypto_tfm *tfm, u8 *out)
- {
-- struct wp512_ctx *wctx = ctx;
-+ struct wp512_ctx *wctx = crypto_tfm_ctx(tfm);
- int i;
- u8 *buffer = wctx->buffer;
- u8 *bitLength = wctx->bitLength;
-@@ -1087,22 +1087,20 @@
- wctx->bufferPos = bufferPos;
- }
-
--static void wp384_final(void *ctx, u8 *out)
-+static void wp384_final(struct crypto_tfm *tfm, u8 *out)
- {
-- struct wp512_ctx *wctx = ctx;
- u8 D[64];
-
-- wp512_final (wctx, D);
-+ wp512_final(tfm, D);
- memcpy (out, D, WP384_DIGEST_SIZE);
- memset (D, 0, WP512_DIGEST_SIZE);
- }
-
--static void wp256_final(void *ctx, u8 *out)
-+static void wp256_final(struct crypto_tfm *tfm, u8 *out)
- {
-- struct wp512_ctx *wctx = ctx;
- u8 D[64];
-
-- wp512_final (wctx, D);
-+ wp512_final(tfm, D);
- memcpy (out, D, WP256_DIGEST_SIZE);
- memset (D, 0, WP512_DIGEST_SIZE);
- }
-Index: linux-2.6.16.50/arch/i386/kernel/cpu/proc.c
-===================================================================
---- linux-2.6.16.50.orig/arch/i386/kernel/cpu/proc.c 2006-07-15 00:03:51.220033250 +1200
-+++ linux-2.6.16.50/arch/i386/kernel/cpu/proc.c 2006-07-15 00:04:02.552741500 +1200
-@@ -52,7 +52,7 @@
-
- /* VIA/Cyrix/Centaur-defined */
- NULL, NULL, "rng", "rng_en", NULL, NULL, "ace", "ace_en",
-- NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
-+ "ace2", "ace2_en", "phe", "phe_en", "pmm", "pmm_en", NULL, NULL,
- NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
- NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
-
-Index: linux-2.6.16.50/include/asm-i386/cpufeature.h
-===================================================================
---- linux-2.6.16.50.orig/include/asm-i386/cpufeature.h 2006-07-15 00:03:51.648060000 +1200
-+++ linux-2.6.16.50/include/asm-i386/cpufeature.h 2006-07-15 00:04:02.552741500 +1200
-@@ -86,6 +86,12 @@
- #define X86_FEATURE_XSTORE_EN (5*32+ 3) /* on-CPU RNG enabled */
- #define X86_FEATURE_XCRYPT (5*32+ 6) /* on-CPU crypto (xcrypt insn) */
- #define X86_FEATURE_XCRYPT_EN (5*32+ 7) /* on-CPU crypto enabled */
-+#define X86_FEATURE_ACE2 (5*32+ 8) /* Advanced Cryptography Engine v2 */
-+#define X86_FEATURE_ACE2_EN (5*32+ 9) /* ACE v2 enabled */
-+#define X86_FEATURE_PHE (5*32+ 10) /* PadLock Hash Engine */
-+#define X86_FEATURE_PHE_EN (5*32+ 11) /* PHE enabled */
-+#define X86_FEATURE_PMM (5*32+ 12) /* PadLock Montgomery Multiplier */
-+#define X86_FEATURE_PMM_EN (5*32+ 13) /* PMM enabled */
-
- /* More extended AMD flags: CPUID level 0x80000001, ecx, word 6 */
- #define X86_FEATURE_LAHF_LM (6*32+ 0) /* LAHF/SAHF in long mode */
-@@ -119,6 +125,12 @@
- #define cpu_has_xstore_enabled boot_cpu_has(X86_FEATURE_XSTORE_EN)
- #define cpu_has_xcrypt boot_cpu_has(X86_FEATURE_XCRYPT)
- #define cpu_has_xcrypt_enabled boot_cpu_has(X86_FEATURE_XCRYPT_EN)
-+#define cpu_has_ace2 boot_cpu_has(X86_FEATURE_ACE2)
-+#define cpu_has_ace2_enabled boot_cpu_has(X86_FEATURE_ACE2_EN)
-+#define cpu_has_phe boot_cpu_has(X86_FEATURE_PHE)
-+#define cpu_has_phe_enabled boot_cpu_has(X86_FEATURE_PHE_EN)
-+#define cpu_has_pmm boot_cpu_has(X86_FEATURE_PMM)
-+#define cpu_has_pmm_enabled boot_cpu_has(X86_FEATURE_PMM_EN)
-
- #endif /* __ASM_I386_CPUFEATURE_H */
-
+++ /dev/null
---- ppp/pppd/demand.c
-+++ ppp/pppd/demand.c 2000/06/28 14:54:04
-@@ -25,6 +25,8 @@
- #include <errno.h>
- #include <fcntl.h>
- #include <netdb.h>
-+#include <unistd.h>
-+#include <syslog.h>
- #include <sys/param.h>
- #include <sys/types.h>
- #include <sys/wait.h>
-@@ -32,6 +34,8 @@
- #include <sys/resource.h>
- #include <sys/stat.h>
- #include <sys/socket.h>
-+#include <netinet/in.h>
-+#include <arpa/inet.h>
- #ifdef PPP_FILTER
- #include <net/if.h>
- #include <net/bpf.h>
-@@ -210,6 +214,14 @@
- int c, rv;
-
- rv = 0;
-+
-+/* check for synchronous connection... */
-+
-+ if ( (p[0] == 0xFF) && (p[1] == 0x03) ) {
-+ rv = loop_frame(p,n);
-+ return rv;
-+ }
-+
- for (; n > 0; --n) {
- c = *p++;
- if (c == PPP_FLAG) {
-@@ -288,17 +300,102 @@
- * loopback, now that the real serial link is up.
- */
- void
--demand_rexmit(proto)
-+demand_rexmit(proto, newip)
- int proto;
-+ u_int32_t newip;
- {
- struct packet *pkt, *prev, *nextpkt;
-+ unsigned short checksum;
-+ unsigned short pkt_checksum = 0;
-+ unsigned iphdr;
-+ struct timeval tv;
-+ char cv = 0;
-+ char ipstr[16];
-
- prev = NULL;
- pkt = pend_q;
- pend_q = NULL;
-+ tv.tv_sec = 1;
-+ tv.tv_usec = 0;
-+ select(0,NULL,NULL,NULL,&tv); /* Sleep for 1 Seconds */
- for (; pkt != NULL; pkt = nextpkt) {
- nextpkt = pkt->next;
- if (PPP_PROTOCOL(pkt->data) == proto) {
-+ if ( (proto == PPP_IP) && newip ) {
-+ /* Get old checksum */
-+
-+ iphdr = (pkt->data[4] & 15) << 2;
-+ checksum = *((unsigned short *) (pkt->data+14));
-+ if (checksum == 0xFFFF) {
-+ checksum = 0;
-+ }
-+
-+
-+ if (pkt->data[13] == 17) {
-+ pkt_checksum = *((unsigned short *) (pkt->data+10+iphdr));
-+ if (pkt_checksum) {
-+ cv = 1;
-+ if (pkt_checksum == 0xFFFF) {
-+ pkt_checksum = 0;
-+ }
-+ }
-+ else {
-+ cv = 0;
-+ }
-+ }
-+
-+ if (pkt->data[13] == 6) {
-+ pkt_checksum = *((unsigned short *) (pkt->data+20+iphdr));
-+ cv = 1;
-+ if (pkt_checksum == 0xFFFF) {
-+ pkt_checksum = 0;
-+ }
-+ }
-+
-+ /* Delete old Source-IP-Address */
-+ checksum -= *((unsigned short *) (pkt->data+16)) ^ 0xFFFF;
-+ checksum -= *((unsigned short *) (pkt->data+18)) ^ 0xFFFF;
-+
-+ pkt_checksum -= *((unsigned short *) (pkt->data+16)) ^ 0xFFFF;
-+ pkt_checksum -= *((unsigned short *) (pkt->data+18)) ^ 0xFFFF;
-+
-+ /* Change Source-IP-Address */
-+ * ((u_int32_t *) (pkt->data + 16)) = newip;
-+
-+ /* Add new Source-IP-Address */
-+ checksum += *((unsigned short *) (pkt->data+16)) ^ 0xFFFF;
-+ checksum += *((unsigned short *) (pkt->data+18)) ^ 0xFFFF;
-+
-+ pkt_checksum += *((unsigned short *) (pkt->data+16)) ^ 0xFFFF;
-+ pkt_checksum += *((unsigned short *) (pkt->data+18)) ^ 0xFFFF;
-+
-+ /* Write new checksum */
-+ if (!checksum) {
-+ checksum = 0xFFFF;
-+ }
-+ *((unsigned short *) (pkt->data+14)) = checksum;
-+ if (pkt->data[13] == 6) {
-+ *((unsigned short *) (pkt->data+20+iphdr)) = pkt_checksum;
-+ }
-+ if (cv && (pkt->data[13] == 17) ) {
-+ *((unsigned short *) (pkt->data+10+iphdr)) = pkt_checksum;
-+ }
-+
-+ /* Log Packet */
-+ strcpy(ipstr,inet_ntoa(*( (struct in_addr *) (pkt->data+16))));
-+ if (pkt->data[13] == 1) {
-+ syslog(LOG_INFO,"Open ICMP %s -> %s\n",
-+ ipstr,
-+ inet_ntoa(*( (struct in_addr *) (pkt->data+20))));
-+ } else {
-+ syslog(LOG_INFO,"Open %s %s:%d -> %s:%d\n",
-+ pkt->data[13] == 6 ? "TCP" : "UDP",
-+ ipstr,
-+ ntohs(*( (short *) (pkt->data+iphdr+4))),
-+ inet_ntoa(*( (struct in_addr *) (pkt->data+20))),
-+ ntohs(*( (short *) (pkt->data+iphdr+6))));
-+ }
-+ }
- output(0, pkt->data, pkt->length);
- free(pkt);
- } else {
---- ppp/pppd/ipcp.c
-+++ ppp/pppd/ipcp.c 2000/06/28 12:32:05
-@@ -1454,7 +1454,7 @@
- proxy_arp_set[f->unit] = 1;
-
- }
-- demand_rexmit(PPP_IP);
-+ demand_rexmit(PPP_IP,go->ouraddr);
- sifnpmode(f->unit, PPP_IP, NPMODE_PASS);
-
- } else {
---- ppp/pppd/ipv6cp.c
-+++ ppp/pppd/ipv6cp.c 2000/06/28 12:32:06
-@@ -1153,7 +1153,7 @@
- }
-
- }
-- demand_rexmit(PPP_IPV6);
-+ demand_rexmit(PPP_IPV6,0);
- sifnpmode(f->unit, PPP_IPV6, NPMODE_PASS);
-
- } else {
---- ppp/pppd/pppd.h
-+++ ppp/pppd/pppd.h 2000/06/28 12:32:06
-@@ -359,7 +359,7 @@
- void demand_block __P((void)); /* set all NPs to queue up packets */
- void demand_unblock __P((void)); /* set all NPs to pass packets */
- void demand_discard __P((void)); /* set all NPs to discard packets */
--void demand_rexmit __P((int)); /* retransmit saved frames for an NP */
-+void demand_rexmit __P((int, u_int32_t)); /* retransmit saved frames for an NP*/
- int loop_chars __P((unsigned char *, int)); /* process chars from loopback */
- int loop_frame __P((unsigned char *, int)); /* should we bring link up? */
-
+++ /dev/null
-diff -ur ppp-2.4.2.old/pppd/main.c ppp-2.4.2/pppd/main.c
---- ppp-2.4.2.old/pppd/main.c 2004-01-13 04:00:34.000000000 +0000
-+++ ppp-2.4.2/pppd/main.c 2004-05-24 19:05:34.000000000 +0100
-@@ -1662,8 +1648,11 @@
-
- /* Ensure that nothing of our device environment is inherited. */
- closelog();
-+ /* Some plugins dont have a close function, so just close the devfd */
- if (the_channel->close)
- (*the_channel->close)();
-+ else
-+ close(devfd);
-
- /* Don't pass handles to the PPP device, even by accident. */
- dup2(fd_devnull, 0);
+++ /dev/null
-diff -ruN ppp.orig/pppd/plugins/pppoatm.c ppp/pppd/plugins/pppoatm.c
---- ppp.orig/pppd/plugins/pppoatm.c 2003-10-17 22:03:40.000000000 +0200
-+++ ppp/pppd/plugins/pppoatm.c 2003-10-17 22:03:27.000000000 +0200
-@@ -148,7 +148,9 @@
- int fd;
- struct atm_qos qos;
-
-+/*
- system ("/sbin/modprobe pppoatm");
-+*/
-
- if (!device_got_set)
- no_device_given_pppoatm();
+++ /dev/null
---- ppp/pppd/plugins/pppoatm.c~ 2003-07-19 15:35:24.000000000 +0200
-+++ ppp/pppd/plugins/pppoatm.c 2003-07-19 15:42:26.000000000 +0200
-@@ -32,6 +32,7 @@
- static bool vc_encaps = 0;
- static int device_got_set = 0;
- static int pppoatm_max_mtu, pppoatm_max_mru;
-+static int pppoatmfd = -1;
- static int setdevname_pppoatm(const char *cp, const char **argv, int doit);
- struct channel pppoa_channel;
-
-@@ -173,9 +174,16 @@
- pppoatm_max_mru = lcp_wantoptions[0].mru;
- set_line_discipline_pppoatm(fd);
- strlcpy(ppp_devnam, devnam, sizeof(ppp_devnam));
-+ pppoatmfd = fd; /* need to save it for disconnect */
- return fd;
- }
-
-+static void disconnect_pppoatm(void)
-+{
-+ close(pppoatmfd);
-+ pppoatmfd = -1;
-+}
-+
- static void send_config_pppoa(int mtu,
- u_int32_t asyncmap,
- int pcomp,
-@@ -222,7 +230,7 @@
- process_extra_options: NULL,
- check_options: NULL,
- connect: &connect_pppoatm,
-- disconnect: NULL,
-+ disconnect: &disconnect_pppoatm,
- establish_ppp: &generic_establish_ppp,
- disestablish_ppp: &generic_disestablish_ppp,
- send_config: &send_config_pppoa,
+++ /dev/null
-diff -u -r -N a/ppp/pppd/plugins/Makefile.linux ppp/pppd/plugins/Makefile.linux
---- a/ppp/pppd/plugins/Makefile.linux 2003-02-16 23:31:24.000000000 +0100
-+++ b/pppd/plugins/Makefile.linux 2003-07-01 11:39:05.000000000 +0200
-@@ -6,7 +6,7 @@
- SUBDIRS := rp-pppoe
- # Uncomment the next line to include the radius authentication plugin
- # SUBDIRS += radius
--PLUGINS := minconn.so passprompt.so passwordfd.so
-+PLUGINS := minconn.so passprompt.so passwordfd.so pppoatm.so
-
- # include dependencies if present
- ifeq (.depend,$(wildcard .depend))
-@@ -16,6 +16,9 @@
- all: $(PLUGINS)
- for d in $(SUBDIRS); do $(MAKE) $(MFLAGS) -C $$d all; done
-
-+pppoatm.so: pppoatm.c
-+ $(CC) -o $@ $(LDFLAGS) $(CFLAGS) $^ -latm -lresolv
-+
- %.so: %.c
- $(CC) -o $@ $(LDFLAGS) $(CFLAGS) $^
-
-diff -u -r -N a/ppp/pppd/plugins/pppoatm.c ppp/pppd/plugins/pppoatm.c
---- /dev/null 1970-01-01 01:00:00.000000000 +0100
-+++ b/pppd/plugins/pppoatm.c 2003-07-01 11:39:37.000000000 +0200
-@@ -0,0 +1,232 @@
-+/* pppoatm.c - pppd plugin to implement PPPoATM protocol.
-+ *
-+ * Copyright 2000 Mitchell Blank Jr.
-+ * Based in part on work from Jens Axboe and Paul Mackerras.
-+ * Updated to ppp-2.4.1 by Bernhard Kaindl
-+ *
-+ * This program is free software; you can redistribute it and/or
-+ * modify it under the terms of the GNU General Public License
-+ * as published by the Free Software Foundation; either version
-+ * 2 of the License, or (at your option) any later version.
-+ */
-+#include <unistd.h>
-+#include <string.h>
-+#include <stdlib.h>
-+#include "pppd.h"
-+#include "pathnames.h"
-+#include "fsm.h" /* Needed for lcp.h to include cleanly */
-+#include "lcp.h"
-+#include <atm.h>
-+#include <linux/atmdev.h>
-+#include <linux/atmppp.h>
-+#include <sys/stat.h>
-+#include <net/if.h>
-+#include <sys/ioctl.h>
-+
-+const char pppd_version[] = VERSION;
-+
-+static struct sockaddr_atmpvc pvcaddr;
-+static char *qosstr = NULL;
-+/* static int pppoatm_accept = 0; */
-+static bool llc_encaps = 0;
-+static bool vc_encaps = 0;
-+static int device_got_set = 0;
-+static int pppoatm_max_mtu, pppoatm_max_mru;
-+static int setdevname_pppoatm(const char *cp, const char **argv, int doit);
-+struct channel pppoa_channel;
-+
-+static option_t pppoa_options[] = {
-+ { "device name", o_wild, (void *) &setdevname_pppoatm,
-+ "ATM service provider IDs: VPI.VCI",
-+ OPT_DEVNAM | OPT_PRIVFIX | OPT_NOARG | OPT_A2STRVAL | OPT_STATIC,
-+ devnam},
-+#if 0
-+ { "accept", o_bool, &pppoatm_accept,
-+ "set PPPoATM socket to accept incoming connections", 1 },
-+#endif
-+ { "llc-encaps", o_bool, &llc_encaps,
-+ "use LLC encapsulation for PPPoATM", 1},
-+ { "vc-encaps", o_bool, &vc_encaps,
-+ "use VC multiplexing for PPPoATM (default)", 1},
-+ { "qos", o_string, &qosstr,
-+ "set QoS for PPPoATM connection", 1},
-+ { NULL }
-+};
-+
-+/* returns:
-+ * -1 if there's a problem with setting the device
-+ * 0 if we can't parse "cp" as a valid name of a device
-+ * 1 if "cp" is a reasonable thing to name a device
-+ * Note that we don't actually open the device at this point
-+ * We do need to fill in:
-+ * devnam: a string representation of the device
-+ * devstat: a stat structure of the device. In this case
-+ * we're not opening a device, so we just make sure
-+ * to set up S_ISCHR(devstat.st_mode) != 1, so we
-+ * don't get confused that we're on stdin.
-+ */
-+int (*old_setdevname_hook)(const char* cp) = NULL;
-+static int setdevname_pppoatm(const char *cp, const char **argv, int doit)
-+{
-+ struct sockaddr_atmpvc addr;
-+ extern struct stat devstat;
-+ if (device_got_set)
-+ return 0;
-+ //info("PPPoATM setdevname_pppoatm: '%s'", cp);
-+ memset(&addr, 0, sizeof addr);
-+ if (text2atm(cp, (struct sockaddr *) &addr, sizeof(addr),
-+ T2A_PVC | T2A_NAME) < 0) {
-+ if(doit)
-+ info("atm does not recognize: %s", cp);
-+ return 0;
-+ }
-+ if (!doit) return 1;
-+ //if (!dev_set_ok()) return -1;
-+ memcpy(&pvcaddr, &addr, sizeof pvcaddr);
-+ strlcpy(devnam, cp, sizeof devnam);
-+ devstat.st_mode = S_IFSOCK;
-+ if (the_channel != &pppoa_channel) {
-+ static char *bad_options[] = {
-+ "noaccomp", "-ac",
-+ "default-asyncmap", "-am", "asyncmap", "-as", "escape",
-+ "receive-all",
-+ "crtscts", "-crtscts", "nocrtscts",
-+ "cdtrcts", "nocdtrcts",
-+ "xonxoff",
-+ "modem", "local", "sync",
-+ NULL };
-+ char **a;
-+ the_channel = &pppoa_channel;
-+ info("PPPoATM setdevname - remove unwanted options");
-+ for (a = bad_options; *a != NULL; a++)
-+ remove_option(*a);
-+ modem = 0;
-+ lcp_wantoptions[0].neg_accompression = 0;
-+ lcp_allowoptions[0].neg_accompression = 0;
-+ lcp_wantoptions[0].neg_asyncmap = 0;
-+ lcp_allowoptions[0].neg_asyncmap = 0;
-+ lcp_wantoptions[0].neg_pcompression = 0;
-+ }
-+ info("PPPoATM setdevname_pppoatm - SUCCESS:%s", cp);
-+ device_got_set = 1;
-+ return 1;
-+}
-+
-+#define pppoatm_overhead() (llc_encaps ? 6 : 2)
-+
-+static void no_device_given_pppoatm(void)
-+{
-+ fatal("No vpi.vci specified");
-+}
-+
-+static void set_line_discipline_pppoatm(int fd)
-+{
-+ struct atm_backend_ppp be;
-+ be.backend_num = ATM_BACKEND_PPP;
-+ if (!llc_encaps)
-+ be.encaps = PPPOATM_ENCAPS_VC;
-+ else if (!vc_encaps)
-+ be.encaps = PPPOATM_ENCAPS_LLC;
-+ else
-+ be.encaps = PPPOATM_ENCAPS_AUTODETECT;
-+ if (ioctl(fd, ATM_SETBACKEND, &be) < 0)
-+ fatal("ioctl(ATM_SETBACKEND): %m");
-+}
-+
-+#if 0
-+static void reset_line_discipline_pppoatm(int fd)
-+{
-+ atm_backend_t be = ATM_BACKEND_RAW;
-+ /* 2.4 doesn't support this yet */
-+ (void) ioctl(fd, ATM_SETBACKEND, &be);
-+}
-+#endif
-+
-+static int connect_pppoatm(void)
-+{
-+ int fd;
-+ struct atm_qos qos;
-+
-+ system ("/sbin/modprobe pppoatm");
-+
-+ if (!device_got_set)
-+ no_device_given_pppoatm();
-+ fd = socket(AF_ATMPVC, SOCK_DGRAM, 0);
-+ if (fd < 0)
-+ fatal("failed to create socket: %m");
-+ memset(&qos, 0, sizeof qos);
-+ qos.txtp.traffic_class = qos.rxtp.traffic_class = ATM_UBR;
-+ /* TODO: support simplified QoS setting */
-+ if (qosstr != NULL)
-+ if (text2qos(qosstr, &qos, 0))
-+ fatal("Can't parse QoS: \"%s\"");
-+ qos.txtp.max_sdu = lcp_allowoptions[0].mru + pppoatm_overhead();
-+ qos.rxtp.max_sdu = lcp_wantoptions[0].mru + pppoatm_overhead();
-+ qos.aal = ATM_AAL5;
-+ if (setsockopt(fd, SOL_ATM, SO_ATMQOS, &qos, sizeof(qos)) < 0)
-+ fatal("setsockopt(SO_ATMQOS): %m");
-+ /* TODO: accept on SVCs... */
-+ if (connect(fd, (struct sockaddr *) &pvcaddr,
-+ sizeof(struct sockaddr_atmpvc)))
-+ fatal("connect(%s): %m", devnam);
-+ pppoatm_max_mtu = lcp_allowoptions[0].mru;
-+ pppoatm_max_mru = lcp_wantoptions[0].mru;
-+ set_line_discipline_pppoatm(fd);
-+ strlcpy(ppp_devnam, devnam, sizeof(ppp_devnam));
-+ return fd;
-+}
-+
-+static void send_config_pppoa(int mtu,
-+ u_int32_t asyncmap,
-+ int pcomp,
-+ int accomp)
-+{
-+ int sock;
-+ struct ifreq ifr;
-+ if (mtu > pppoatm_max_mtu)
-+ error("Couldn't increase MTU to %d", mtu);
-+ sock = socket(AF_INET, SOCK_DGRAM, 0);
-+ if (sock < 0)
-+ fatal("Couldn't create IP socket: %m");
-+ strlcpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name));
-+ ifr.ifr_mtu = mtu;
-+ if (ioctl(sock, SIOCSIFMTU, (caddr_t) &ifr) < 0)
-+ fatal("ioctl(SIOCSIFMTU): %m");
-+ (void) close (sock);
-+}
-+
-+static void recv_config_pppoa(int mru,
-+ u_int32_t asyncmap,
-+ int pcomp,
-+ int accomp)
-+{
-+ if (mru > pppoatm_max_mru)
-+ error("Couldn't increase MRU to %d", mru);
-+}
-+
-+void plugin_init(void)
-+{
-+#if defined(__linux__)
-+ extern int new_style_driver; /* From sys-linux.c */
-+ if (!ppp_available() && !new_style_driver)
-+ fatal("Kernel doesn't support ppp_generic - "
-+ "needed for PPPoATM");
-+#else
-+ fatal("No PPPoATM support on this OS");
-+#endif
-+ info("PPPoATM plugin_init");
-+ add_options(pppoa_options);
-+}
-+struct channel pppoa_channel = {
-+ options: pppoa_options,
-+ process_extra_options: NULL,
-+ check_options: NULL,
-+ connect: &connect_pppoatm,
-+ disconnect: NULL,
-+ establish_ppp: &generic_establish_ppp,
-+ disestablish_ppp: &generic_disestablish_ppp,
-+ send_config: &send_config_pppoa,
-+ recv_config: &recv_config_pppoa,
-+ close: NULL,
-+ cleanup: NULL
-+};
-diff -u -r -N a/ppp/pppd/options.c ppp/pppd/options.c
---- a/ppp/pppd/options.c 2003-03-03 06:11:46.000000000 +0100
-+++ b/pppd/options.c 2003-07-01 11:17:12.000000000 +0200
-@@ -843,6 +843,22 @@
- }
-
- /*
-+ * remove_option - permanently remove an option from consideration...
-+ * for use by modules to remove choices which no longer make sense.
-+ * returns true if found an option
-+ */
-+int remove_option(const char *name)
-+{
-+ option_t *o;
-+
-+ o = find_option(name);
-+ if (o == NULL)
-+ return 0;
-+ o->name = "";
-+ return 1;
-+}
-+
-+/*
- * check_options - check that options are valid and consistent.
- */
- void
+++ /dev/null
-diff -ruN ppp-2.4.2.old/pppd/main.c ppp-2.4.2/pppd/main.c
---- ppp-2.4.2.old/pppd/main.c 2004-01-13 05:00:34.000000000 +0100
-+++ ppp-2.4.2/pppd/main.c 2004-02-19 14:41:23.000000000 +0100
-@@ -1127,7 +1127,6 @@
- die(status)
- int status;
- {
-- print_link_stats();
- cleanup();
- notify(exitnotify, status);
- syslog(LOG_INFO, "Exit.");
+++ /dev/null
-diff -ruN ppp-2.4.2.old/pppd/main.c ppp-2.4.2/pppd/main.c
---- ppp-2.4.2.old/pppd/main.c 2004-01-13 05:00:34.000000000 +0100
-+++ ppp-2.4.2/pppd/main.c 2004-02-19 13:41:17.000000000 +0100
-@@ -1338,8 +1338,8 @@
-
- act.sa_handler = SIG_IGN;
- act.sa_flags = 0;
-- sigaction(sig, &act, &oldact);
- kill(0, sig);
-+ sigaction(sig, &act, &oldact);
- sigaction(sig, &oldact, NULL);
- }
-
+++ /dev/null
-diff -urN linux-2.5/drivers/net/ppp_generic.c pmac-2.5/drivers/net/ppp_generic.c
---- linux-2.5/drivers/net/ppp_generic.c 2004-10-29 07:03:21.000000000 +1000
-+++ pmac-2.5/drivers/net/ppp_generic.c 2004-11-15 08:53:54.000000000 +1100
-@@ -19,7 +19,7 @@
- * PPP driver, written by Michael Callahan and Al Longyear, and
- * subsequently hacked by Paul Mackerras.
- *
-- * ==FILEVERSION 20020217==
-+ * ==FILEVERSION 20041108==
- */
-
- #include <linux/config.h>
-@@ -412,6 +412,17 @@
- ret = 0;
- if (pf->dead)
- break;
-+ if (pf->kind == INTERFACE) {
-+ /*
-+ * Return 0 (EOF) on an interface that has no
-+ * channels connected, unless it is looping
-+ * network traffic (demand mode).
-+ */
-+ struct ppp *ppp = PF_TO_PPP(pf);
-+ if (ppp->n_channels == 0
-+ && (ppp->flags & SC_LOOP_TRAFFIC) == 0)
-+ break;
-+ }
- ret = -EAGAIN;
- if (file->f_flags & O_NONBLOCK)
- break;
-@@ -491,6 +502,14 @@
- mask |= POLLIN | POLLRDNORM;
- if (pf->dead)
- mask |= POLLHUP;
-+ else if (pf->kind == INTERFACE) {
-+ /* see comment in ppp_read */
-+ struct ppp *ppp = PF_TO_PPP(pf);
-+ if (ppp->n_channels == 0
-+ && (ppp->flags & SC_LOOP_TRAFFIC) == 0)
-+ mask |= POLLIN | POLLRDNORM;
-+ }
-+
- return mask;
- }
-
-@@ -2559,7 +2578,8 @@
- /* remove it from the ppp unit's list */
- ppp_lock(ppp);
- list_del(&pch->clist);
-- --ppp->n_channels;
-+ if (--ppp->n_channels == 0)
-+ wake_up_interruptible(&ppp->file.rwait);
- ppp_unlock(ppp);
- if (atomic_dec_and_test(&ppp->file.refcnt))
- ppp_destroy_interface(ppp);
+++ /dev/null
-# This is a BitKeeper generated diff -Nru style patch.
-#
-# ChangeSet
-# 2004/06/01 02:58:12+02:00 kaber@trash.net
-# [NETFILTER]: Change permissions of /proc/net/ip_conntrack to 0440
-#
-# net/ipv4/netfilter/ip_conntrack_standalone.c
-# 2004/06/01 02:58:02+02:00 kaber@trash.net +1 -1
-# [NETFILTER]: Change permissions of /proc/net/ip_conntrack to 0440
-#
-diff -Nru a/net/ipv4/netfilter/ip_conntrack_standalone.c b/net/ipv4/netfilter/ip_conntrack_standalone.c
---- a/net/ipv4/netfilter/ip_conntrack_standalone.c 2004-06-02 03:23:39 +02:00
-+++ b/net/ipv4/netfilter/ip_conntrack_standalone.c 2004-06-02 03:23:39 +02:00
-@@ -502,7 +502,7 @@
- if (ret < 0)
- goto cleanup_nothing;
-
-- proc = proc_net_create("ip_conntrack",0,list_conntracks);
-+ proc = proc_net_create("ip_conntrack", 0440, list_conntracks);
- if (!proc) goto cleanup_init;
- proc->owner = THIS_MODULE;
-
+++ /dev/null
-Index: linux-2.6.16/Documentation/Changes
-===================================================================
---- linux-2.6.16.orig/Documentation/Changes
-+++ linux-2.6.16/Documentation/Changes
-@@ -54,6 +54,7 @@ o module-init-tools 0.9.10
- o e2fsprogs 1.29 # tune2fs
- o jfsutils 1.1.3 # fsck.jfs -V
- o reiserfsprogs 3.6.3 # reiserfsck -V 2>&1|grep reiserfsprogs
-+o reiser4progs 1.0.0 # fsck.reiser4 -V
- o xfsprogs 2.6.0 # xfs_db -V
- o pcmciautils 004
- o pcmcia-cs 3.1.21 # cardmgr -V
-@@ -163,6 +164,13 @@ The reiserfsprogs package should be used
- versions of mkreiserfs, resize_reiserfs, debugreiserfs and
- reiserfsck. These utils work on both i386 and alpha platforms.
-
-+Reiser4progs
-+------------
-+
-+The reiser4progs package contains utilities for the reiser4 file system.
-+Detailed instructions are provided in the README file located at:
-+<ftp://ftp.namesys.com/pub/reiser4progs/README>.
-+
- Xfsprogs
- --------
-
-@@ -344,6 +352,10 @@ Reiserfsprogs
- -------------
- o <http://www.namesys.com/pub/reiserfsprogs/reiserfsprogs-3.6.3.tar.gz>
-
-+Reiser4progs
-+------------
-+o <ftp://ftp.namesys.com/pub/reiser4progs/>
-+
- Xfsprogs
- --------
- o <ftp://oss.sgi.com/projects/xfs/download/>
-Index: linux-2.6.16/Documentation/filesystems/reiser4.txt
-===================================================================
---- /dev/null
-+++ linux-2.6.16/Documentation/filesystems/reiser4.txt
-@@ -0,0 +1,75 @@
-+Reiser4 filesystem
-+==================
-+Reiser4 is a file system based on dancing tree algorithms, and is
-+described at http://www.namesys.com
-+
-+
-+References
-+==========
-+web page http://namesys.com/v4/v4.html
-+source code ftp://ftp.namesys.com/pub/reiser4-for-2.6/
-+userland tools ftp://ftp.namesys.com/pub/reiser4progs/
-+install page http://www.namesys.com/install_v4.html
-+
-+Compile options
-+===============
-+Enable reiser4 debug mode
-+ This checks everything imaginable while reiser4
-+ runs
-+
-+Mount options
-+=============
-+tmgr.atom_max_size=N
-+ Atoms containing more than N blocks will be forced to commit.
-+ N is decimal.
-+ Default is nr_free_pagecache_pages() / 2 at mount time.
-+
-+tmgr.atom_max_age=N
-+ Atoms older than N seconds will be forced to commit. N is decimal.
-+ Default is 600.
-+
-+tmgr.atom_max_flushers=N
-+ Limit of concurrent flushers for one atom. 0 means no limit.
-+ Default is 0.
-+
-+tree.cbk_cache.nr_slots=N
-+ Number of slots in the cbk cache.
-+
-+flush.relocate_threshold=N
-+ If flush finds more than N adjacent dirty leaf-level blocks it
-+ will force them to be relocated.
-+ Default is 64.
-+
-+flush.relocate_distance=N
-+ If flush finds can find a block allocation closer than at most
-+ N from the preceder it will relocate to that position.
-+ Default is 64.
-+
-+flush.scan_maxnodes=N
-+ The maximum number of nodes to scan left on a level during
-+ flush.
-+ Default is 10000.
-+
-+optimal_io_size=N
-+ Preferred IO size. This value is used to set st_blksize of
-+ struct stat.
-+ Default is 65536.
-+
-+bsdgroups
-+ Turn on BSD-style gid assignment.
-+
-+32bittimes
-+ By default file in reiser4 have 64 bit timestamps. Files
-+ created when filesystem is mounted with 32bittimes mount
-+ option will get 32 bit timestamps.
-+
-+mtflush
-+ Turn off concurrent flushing.
-+
-+nopseudo
-+ Disable pseudo files support. See
-+ http://namesys.com/v4/pseudo.html for more about pseudo files.
-+
-+dont_load_bitmap
-+ Don't load all bitmap blocks at mount time, it is useful for
-+ machines with tiny RAM and large disks.
-Index: linux-2.6.16/fs/Kconfig
-===================================================================
---- linux-2.6.16.orig/fs/Kconfig
-+++ linux-2.6.16/fs/Kconfig
-@@ -177,6 +177,8 @@ config FS_MBCACHE
- default y if EXT2_FS=y || EXT3_FS=y
- default m if EXT2_FS=m || EXT3_FS=m
-
-+source "fs/reiser4/Kconfig"
-+
- config REISERFS_FS
- tristate "Reiserfs support"
- help
-Index: linux-2.6.16/fs/Makefile
-===================================================================
---- linux-2.6.16.orig/fs/Makefile
-+++ linux-2.6.16/fs/Makefile
-@@ -51,6 +51,7 @@ obj-$(CONFIG_PROFILING) += dcookies.o
-
- # Do not add any filesystems before this line
- obj-$(CONFIG_REISERFS_FS) += reiserfs/
-+obj-$(CONFIG_REISER4_FS) += reiser4/
- obj-$(CONFIG_EXT3_FS) += ext3/ # Before ext2 so root fs can be ext3
- obj-$(CONFIG_JBD) += jbd/
- obj-$(CONFIG_EXT2_FS) += ext2/
-Index: linux-2.6.16/fs/fs-writeback.c
-===================================================================
---- linux-2.6.16.orig/fs/fs-writeback.c
-+++ linux-2.6.16/fs/fs-writeback.c
-@@ -286,8 +286,6 @@ __writeback_single_inode(struct inode *i
- * WB_SYNC_HOLD is a hack for sys_sync(): reattach the inode to sb->s_dirty so
- * that it can be located for waiting on in __writeback_single_inode().
- *
-- * Called under inode_lock.
-- *
- * If `bdi' is non-zero then we're being asked to writeback a specific queue.
- * This function assumes that the blockdev superblock's inodes are backed by
- * a variety of queues, so all inodes are searched. For other superblocks,
-@@ -303,11 +301,13 @@ __writeback_single_inode(struct inode *i
- * on the writer throttling path, and we get decent balancing between many
- * throttled threads: we don't want them all piling up on __wait_on_inode.
- */
--static void
--sync_sb_inodes(struct super_block *sb, struct writeback_control *wbc)
-+void
-+generic_sync_sb_inodes(struct super_block *sb, struct writeback_control *wbc)
- {
- const unsigned long start = jiffies; /* livelock avoidance */
-
-+ spin_lock(&inode_lock);
-+
- if (!wbc->for_kupdate || list_empty(&sb->s_io))
- list_splice_init(&sb->s_dirty, &sb->s_io);
-
-@@ -387,8 +387,19 @@ sync_sb_inodes(struct super_block *sb, s
- if (wbc->nr_to_write <= 0)
- break;
- }
-+ spin_unlock(&inode_lock);
- return; /* Leave any unwritten inodes on s_io */
- }
-+EXPORT_SYMBOL(generic_sync_sb_inodes);
-+
-+static void
-+sync_sb_inodes(struct super_block *sb, struct writeback_control *wbc)
-+{
-+ if (sb->s_op->sync_inodes)
-+ sb->s_op->sync_inodes(sb, wbc);
-+ else
-+ generic_sync_sb_inodes(sb, wbc);
-+}
-
- /*
- * Start writeback of dirty pagecache data against all unlocked inodes.
-@@ -429,11 +440,8 @@ restart:
- * be unmounted by the time it is released.
- */
- if (down_read_trylock(&sb->s_umount)) {
-- if (sb->s_root) {
-- spin_lock(&inode_lock);
-+ if (sb->s_root)
- sync_sb_inodes(sb, wbc);
-- spin_unlock(&inode_lock);
-- }
- up_read(&sb->s_umount);
- }
- spin_lock(&sb_lock);
-@@ -469,9 +477,7 @@ void sync_inodes_sb(struct super_block *
- (inodes_stat.nr_inodes - inodes_stat.nr_unused) +
- nr_dirty + nr_unstable;
- wbc.nr_to_write += wbc.nr_to_write / 2; /* Bit more for luck */
-- spin_lock(&inode_lock);
- sync_sb_inodes(sb, &wbc);
-- spin_unlock(&inode_lock);
- }
-
- /*
-Index: linux-2.6.16/fs/reiser4/Kconfig
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/Kconfig
-@@ -0,0 +1,31 @@
-+config REISER4_FS
-+ tristate "Reiser4 (EXPERIMENTAL)"
-+ depends on EXPERIMENTAL
-+ select ZLIB_INFLATE
-+ select ZLIB_DEFLATE
-+ help
-+ Reiser4 is a filesystem that performs all filesystem operations
-+ as atomic transactions, which means that it either performs a
-+ write, or it does not, and in the event of a crash it does not
-+ partially perform it or corrupt it.
-+
-+ It stores files in dancing trees, which are like balanced trees but
-+ faster. It packs small files together so that they share blocks
-+ without wasting space. This means you can use it to store really
-+ small files. It also means that it saves you disk space. It avoids
-+ hassling you with anachronisms like having a maximum number of
-+ inodes, and wasting space if you use less than that number.
-+
-+ Reiser4 is a distinct filesystem type from reiserfs (V3).
-+ It's therefore not possible to use reiserfs file systems
-+ with reiser4.
-+
-+ To learn more about reiser4, go to http://www.namesys.com
-+
-+config REISER4_DEBUG
-+ bool "Enable reiser4 debug mode"
-+ depends on REISER4_FS
-+ help
-+ Don't use this unless you are debugging reiser4.
-+
-+ If unsure, say N.
-Index: linux-2.6.16/fs/reiser4/Makefile
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/Makefile
-@@ -0,0 +1,100 @@
-+#
-+# reiser4/Makefile
-+#
-+
-+obj-$(CONFIG_REISER4_FS) += reiser4.o
-+
-+reiser4-y := \
-+ debug.o \
-+ jnode.o \
-+ znode.o \
-+ key.o \
-+ pool.o \
-+ tree_mod.o \
-+ estimate.o \
-+ carry.o \
-+ carry_ops.o \
-+ lock.o \
-+ tree.o \
-+ context.o \
-+ tap.o \
-+ coord.o \
-+ block_alloc.o \
-+ txnmgr.o \
-+ kassign.o \
-+ flush.o \
-+ wander.o \
-+ eottl.o \
-+ search.o \
-+ page_cache.o \
-+ seal.o \
-+ dscale.o \
-+ flush_queue.o \
-+ ktxnmgrd.o \
-+ blocknrset.o \
-+ super.o \
-+ super_ops.o \
-+ fsdata.o \
-+ export_ops.o \
-+ oid.o \
-+ tree_walk.o \
-+ inode.o \
-+ vfs_ops.o \
-+ as_ops.o \
-+ entd.o\
-+ readahead.o \
-+ status_flags.o \
-+ init_super.o \
-+ safe_link.o \
-+ \
-+ plugin/plugin.o \
-+ plugin/plugin_set.o \
-+ plugin/node/node.o \
-+ plugin/object.o \
-+ plugin/cluster.o \
-+ plugin/inode_ops.o \
-+ plugin/inode_ops_rename.o \
-+ plugin/file_ops.o \
-+ plugin/file_ops_readdir.o \
-+ plugin/file_plugin_common.o \
-+ plugin/file/file.o \
-+ plugin/file/tail_conversion.o \
-+ plugin/file/symlink.o \
-+ plugin/file/cryptcompress.o \
-+ plugin/dir_plugin_common.o \
-+ plugin/dir/hashed_dir.o \
-+ plugin/dir/seekable_dir.o \
-+ plugin/node/node40.o \
-+ \
-+ plugin/crypto/cipher.o \
-+ plugin/crypto/digest.o \
-+ \
-+ plugin/compress/minilzo.o \
-+ plugin/compress/compress.o \
-+ plugin/compress/compress_mode.o \
-+ \
-+ plugin/item/static_stat.o \
-+ plugin/item/sde.o \
-+ plugin/item/cde.o \
-+ plugin/item/blackbox.o \
-+ plugin/item/internal.o \
-+ plugin/item/tail.o \
-+ plugin/item/ctail.o \
-+ plugin/item/extent.o \
-+ plugin/item/extent_item_ops.o \
-+ plugin/item/extent_file_ops.o \
-+ plugin/item/extent_flush_ops.o \
-+ \
-+ plugin/hash.o \
-+ plugin/fibration.o \
-+ plugin/tail_policy.o \
-+ plugin/item/item.o \
-+ \
-+ plugin/security/perm.o \
-+ plugin/space/bitmap.o \
-+ \
-+ plugin/disk_format/disk_format40.o \
-+ plugin/disk_format/disk_format.o \
-+ \
-+ plugin/regular.o
-+
-Index: linux-2.6.16/fs/reiser4/README
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/README
-@@ -0,0 +1,125 @@
-+[LICENSING]
-+
-+Reiser4 is hereby licensed under the GNU General
-+Public License version 2.
-+
-+Source code files that contain the phrase "licensing governed by
-+reiser4/README" are "governed files" throughout this file. Governed
-+files are licensed under the GPL. The portions of them owned by Hans
-+Reiser, or authorized to be licensed by him, have been in the past,
-+and likely will be in the future, licensed to other parties under
-+other licenses. If you add your code to governed files, and don't
-+want it to be owned by Hans Reiser, put your copyright label on that
-+code so the poor blight and his customers can keep things straight.
-+All portions of governed files not labeled otherwise are owned by Hans
-+Reiser, and by adding your code to it, widely distributing it to
-+others or sending us a patch, and leaving the sentence in stating that
-+licensing is governed by the statement in this file, you accept this.
-+It will be a kindness if you identify whether Hans Reiser is allowed
-+to license code labeled as owned by you on your behalf other than
-+under the GPL, because he wants to know if it is okay to do so and put
-+a check in the mail to you (for non-trivial improvements) when he
-+makes his next sale. He makes no guarantees as to the amount if any,
-+though he feels motivated to motivate contributors, and you can surely
-+discuss this with him before or after contributing. You have the
-+right to decline to allow him to license your code contribution other
-+than under the GPL.
-+
-+Further licensing options are available for commercial and/or other
-+interests directly from Hans Reiser: reiser@namesys.com. If you interpret
-+the GPL as not allowing those additional licensing options, you read
-+it wrongly, and Richard Stallman agrees with me, when carefully read
-+you can see that those restrictions on additional terms do not apply
-+to the owner of the copyright, and my interpretation of this shall
-+govern for this license.
-+
-+[END LICENSING]
-+
-+Reiser4 is a file system based on dancing tree algorithms, and is
-+described at http://www.namesys.com
-+
-+mkfs.reiser4 and other utilities are on our webpage or wherever your
-+Linux provider put them. You really want to be running the latest
-+version off the website if you use fsck.
-+
-+Yes, if you update your reiser4 kernel module you do have to
-+recompile your kernel, most of the time. The errors you get will be
-+quite cryptic if your forget to do so.
-+
-+Hideous Commercial Pitch: Spread your development costs across other OS
-+vendors. Select from the best in the world, not the best in your
-+building, by buying from third party OS component suppliers. Leverage
-+the software component development power of the internet. Be the most
-+aggressive in taking advantage of the commercial possibilities of
-+decentralized internet development, and add value through your branded
-+integration that you sell as an operating system. Let your competitors
-+be the ones to compete against the entire internet by themselves. Be
-+hip, get with the new economic trend, before your competitors do. Send
-+email to reiser@namesys.com
-+
-+Hans Reiser was the primary architect of Reiser4, but a whole team
-+chipped their ideas in. He invested everything he had into Namesys
-+for 5.5 dark years of no money before Reiser3 finally started to work well
-+enough to bring in money. He owns the copyright.
-+
-+DARPA was the primary sponsor of Reiser4. DARPA does not endorse
-+Reiser4, it merely sponsors it. DARPA is, in solely Hans's personal
-+opinion, unique in its willingness to invest into things more
-+theoretical than the VC community can readily understand, and more
-+longterm than allows them to be sure that they will be the ones to
-+extract the economic benefits from. DARPA also integrated us into a
-+security community that transformed our security worldview.
-+
-+Vladimir Saveliev is our lead programmer, with us from the beginning,
-+and he worked long hours writing the cleanest code. This is why he is
-+now the lead programmer after years of commitment to our work. He
-+always made the effort to be the best he could be, and to make his
-+code the best that it could be. What resulted was quite remarkable. I
-+don't think that money can ever motivate someone to work the way he
-+did, he is one of the most selfless men I know.
-+
-+Alexander Lyamin was our sysadmin, and helped to educate us in
-+security issues. Moscow State University and IMT were very generous
-+in the internet access they provided us, and in lots of other little
-+ways that a generous institution can be.
-+
-+Alexander Zarochentcev (sometimes known as zam, or sasha), wrote the
-+locking code, the block allocator, and finished the flushing code.
-+His code is always crystal clean and well structured.
-+
-+Nikita Danilov wrote the core of the balancing code, the core of the
-+plugins code, and the directory code. He worked a steady pace of long
-+hours that produced a whole lot of well abstracted code. He is our
-+senior computer scientist.
-+
-+Vladimir Demidov wrote the parser. Writing an in kernel parser is
-+something very few persons have the skills for, and it is thanks to
-+him that we can say that the parser is really not so big compared to
-+various bits of our other code, and making a parser work in the kernel
-+was not so complicated as everyone would imagine mainly because it was
-+him doing it...
-+
-+Joshua McDonald wrote the transaction manager, and the flush code.
-+The flush code unexpectedly turned out be extremely hairy for reasons
-+you can read about on our web page, and he did a great job on an
-+extremely difficult task.
-+
-+Nina Reiser handled our accounting, government relations, and much
-+more.
-+
-+Ramon Reiser developed our website.
-+
-+Beverly Palmer drew our graphics.
-+
-+Vitaly Fertman developed librepair, userspace plugins repair code, fsck
-+and worked with Umka on developing libreiser4 and userspace plugins.
-+
-+Yury Umanets (aka Umka) developed libreiser4, userspace plugins and
-+userspace tools (reiser4progs).
-+
-+Oleg Drokin (aka Green) is the release manager who fixes everything.
-+It is so nice to have someone like that on the team. He (plus Chris
-+and Jeff) make it possible for the entire rest of the Namesys team to
-+focus on Reiser4, and he fixed a whole lot of Reiser4 bugs also. It
-+is just amazing to watch his talent for spotting bugs in action.
-+
-Index: linux-2.6.16/fs/reiser4/as_ops.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/as_ops.c
-@@ -0,0 +1,392 @@
-+/* Copyright 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* Interface to VFS. Reiser4 address_space_operations are defined here. */
-+
-+#include "forward.h"
-+#include "debug.h"
-+#include "dformat.h"
-+#include "coord.h"
-+#include "plugin/item/item.h"
-+#include "plugin/file/file.h"
-+#include "plugin/security/perm.h"
-+#include "plugin/disk_format/disk_format.h"
-+#include "plugin/plugin.h"
-+#include "plugin/plugin_set.h"
-+#include "plugin/object.h"
-+#include "txnmgr.h"
-+#include "jnode.h"
-+#include "znode.h"
-+#include "block_alloc.h"
-+#include "tree.h"
-+#include "vfs_ops.h"
-+#include "inode.h"
-+#include "page_cache.h"
-+#include "ktxnmgrd.h"
-+#include "super.h"
-+#include "reiser4.h"
-+#include "entd.h"
-+
-+#include <linux/profile.h>
-+#include <linux/types.h>
-+#include <linux/mount.h>
-+#include <linux/vfs.h>
-+#include <linux/mm.h>
-+#include <linux/buffer_head.h>
-+#include <linux/dcache.h>
-+#include <linux/list.h>
-+#include <linux/pagemap.h>
-+#include <linux/slab.h>
-+#include <linux/seq_file.h>
-+#include <linux/init.h>
-+#include <linux/module.h>
-+#include <linux/writeback.h>
-+#include <linux/backing-dev.h>
-+#include <linux/quotaops.h>
-+#include <linux/security.h>
-+
-+/* address space operations */
-+
-+/**
-+ * reiser4_set_page_dirty - set dirty bit, tag in page tree, dirty accounting
-+ * @page: page to be dirtied
-+ *
-+ * Operation of struct address_space_operations. This implementation is used by
-+ * unix and crc file plugins.
-+ *
-+ * This is called when reiser4 page gets dirtied outside of reiser4, for
-+ * example, when dirty bit is moved from pte to physical page.
-+ *
-+ * Tags page in the mapping's page tree with special tag so that it is possible
-+ * to do all the reiser4 specific work wrt dirty pages (jnode creation,
-+ * capturing by an atom) later because it can not be done in the contexts where
-+ * set_page_dirty is called.
-+ */
-+int reiser4_set_page_dirty(struct page *page)
-+{
-+ /* this page can be unformatted only */
-+ assert("vs-1734", (page->mapping &&
-+ page->mapping->host &&
-+ get_super_fake(page->mapping->host->i_sb) !=
-+ page->mapping->host
-+ && get_cc_fake(page->mapping->host->i_sb) !=
-+ page->mapping->host
-+ && get_bitmap_fake(page->mapping->host->i_sb) !=
-+ page->mapping->host));
-+
-+ if (!TestSetPageDirty(page)) {
-+ struct address_space *mapping = page->mapping;
-+
-+ if (mapping) {
-+ write_lock_irq(&mapping->tree_lock);
-+
-+ /* check for race with truncate */
-+ if (page->mapping) {
-+ assert("vs-1652", page->mapping == mapping);
-+ if (mapping_cap_account_dirty(mapping))
-+ inc_page_state(nr_dirty);
-+ radix_tree_tag_set(&mapping->page_tree,
-+ page->index,
-+ PAGECACHE_TAG_REISER4_MOVED);
-+ }
-+ write_unlock_irq(&mapping->tree_lock);
-+ __mark_inode_dirty(mapping->host, I_DIRTY_PAGES);
-+ }
-+ }
-+ return 0;
-+}
-+
-+static int filler(void *vp, struct page *page)
-+{
-+ return page->mapping->a_ops->readpage(vp, page);
-+}
-+
-+/**
-+ * reiser4_readpages - submit read for a set of pages
-+ * @file: file to read
-+ * @mapping: address space
-+ * @pages: list of pages to submit read for
-+ * @nr_pages: number of pages no the list
-+ *
-+ * Operation of struct address_space_operations. This implementation is used by
-+ * unix and crc file plugins.
-+ *
-+ * Calls read_cache_pages or readpages hook if it is set.
-+ */
-+int
-+reiser4_readpages(struct file *file, struct address_space *mapping,
-+ struct list_head *pages, unsigned nr_pages)
-+{
-+ reiser4_context *ctx;
-+ reiser4_file_fsdata *fsdata;
-+
-+ ctx = init_context(mapping->host->i_sb);
-+ if (IS_ERR(ctx))
-+ return PTR_ERR(ctx);
-+
-+ fsdata = reiser4_get_file_fsdata(file);
-+ if (IS_ERR(fsdata)) {
-+ reiser4_exit_context(ctx);
-+ return PTR_ERR(fsdata);
-+ }
-+
-+ if (fsdata->ra2.readpages)
-+ fsdata->ra2.readpages(mapping, pages, fsdata->ra2.data);
-+ else {
-+ /*
-+ * filler (reiser4 readpage method) may involve tree search
-+ * which is not allowed when lock stack is not clean. If lock
-+ * stack is not clean - do nothing.
-+ */
-+ if (lock_stack_isclean(get_current_lock_stack()))
-+ read_cache_pages(mapping, pages, filler, file);
-+ else {
-+ while (!list_empty(pages)) {
-+ struct page *victim;
-+
-+ victim = list_entry(pages->prev, struct page, lru);
-+ list_del(&victim->lru);
-+ page_cache_release(victim);
-+ }
-+ }
-+ }
-+ reiser4_exit_context(ctx);
-+ return 0;
-+}
-+
-+/* ->invalidatepage method for reiser4 */
-+
-+/*
-+ * this is called for each truncated page from
-+ * truncate_inode_pages()->truncate_{complete,partial}_page().
-+ *
-+ * At the moment of call, page is under lock, and outstanding io (if any) has
-+ * completed.
-+ */
-+
-+/**
-+ * reiser4_invalidatepage
-+ * @page: page to invalidate
-+ * @offset: starting offset for partial invalidation
-+ *
-+ */
-+int reiser4_invalidatepage(struct page *page, unsigned long offset)
-+{
-+ int ret = 0;
-+ reiser4_context *ctx;
-+ struct inode *inode;
-+ jnode *node;
-+
-+ /*
-+ * This is called to truncate file's page.
-+ *
-+ * Originally, reiser4 implemented truncate in a standard way
-+ * (vmtruncate() calls ->invalidatepage() on all truncated pages
-+ * first, then file system ->truncate() call-back is invoked).
-+ *
-+ * This lead to the problem when ->invalidatepage() was called on a
-+ * page with jnode that was captured into atom in ASTAGE_PRE_COMMIT
-+ * process. That is, truncate was bypassing transactions. To avoid
-+ * this, try_capture_page_to_invalidate() call was added here.
-+ *
-+ * After many troubles with vmtruncate() based truncate (including
-+ * races with flush, tail conversion, etc.) it was re-written in the
-+ * top-to-bottom style: items are killed in cut_tree_object() and
-+ * pages belonging to extent are invalidated in kill_hook_extent(). So
-+ * probably now additional call to capture is not needed here.
-+ */
-+
-+ assert("nikita-3137", PageLocked(page));
-+ assert("nikita-3138", !PageWriteback(page));
-+ inode = page->mapping->host;
-+
-+ /*
-+ * ->invalidatepage() should only be called for the unformatted
-+ * jnodes. Destruction of all other types of jnodes is performed
-+ * separately. But, during some corner cases (like handling errors
-+ * during mount) it is simpler to let ->invalidatepage to be called on
-+ * them. Check for this, and do nothing.
-+ */
-+ if (get_super_fake(inode->i_sb) == inode)
-+ return 0;
-+ if (get_cc_fake(inode->i_sb) == inode)
-+ return 0;
-+ if (get_bitmap_fake(inode->i_sb) == inode)
-+ return 0;
-+ assert("vs-1426", PagePrivate(page));
-+ assert("vs-1427",
-+ page->mapping == jnode_get_mapping(jnode_by_page(page)));
-+ assert("", jprivate(page) != NULL);
-+ assert("", ergo(inode_file_plugin(inode) !=
-+ file_plugin_by_id(CRC_FILE_PLUGIN_ID), offset == 0));
-+
-+ ctx = init_context(inode->i_sb);
-+ if (IS_ERR(ctx))
-+ return PTR_ERR(ctx);
-+
-+ node = jprivate(page);
-+ spin_lock_jnode(node);
-+ if (!(node->state & ((1 << JNODE_DIRTY) | (1<< JNODE_FLUSH_QUEUED) |
-+ (1 << JNODE_WRITEBACK) | (1 << JNODE_OVRWR)))) {
-+ /* there is not need to capture */
-+ jref(node);
-+ JF_SET(node, JNODE_HEARD_BANSHEE);
-+ page_clear_jnode(page, node);
-+ uncapture_jnode(node);
-+ unhash_unformatted_jnode(node);
-+ jput(node);
-+ reiser4_exit_context(ctx);
-+ return 0;
-+ }
-+ spin_unlock_jnode(node);
-+
-+ /* capture page being truncated. */
-+ ret = try_capture_page_to_invalidate(page);
-+ if (ret != 0)
-+ warning("nikita-3141", "Cannot capture: %i", ret);
-+
-+ if (offset == 0) {
-+ /* remove jnode from transaction and detach it from page. */
-+ jref(node);
-+ JF_SET(node, JNODE_HEARD_BANSHEE);
-+ /* page cannot be detached from jnode concurrently, because it
-+ * is locked */
-+ uncapture_page(page);
-+
-+ /* this detaches page from jnode, so that jdelete will not try
-+ * to lock page which is already locked */
-+ spin_lock_jnode(node);
-+ page_clear_jnode(page, node);
-+ spin_unlock_jnode(node);
-+ unhash_unformatted_jnode(node);
-+
-+ jput(node);
-+ }
-+
-+ reiser4_exit_context(ctx);
-+ return 0;
-+}
-+
-+/* help function called from reiser4_releasepage(). It returns true if jnode
-+ * can be detached from its page and page released. */
-+int jnode_is_releasable(jnode * node /* node to check */ )
-+{
-+ assert("nikita-2781", node != NULL);
-+ assert_spin_locked(&(node->guard));
-+ assert_spin_locked(&(node->load));
-+
-+ /* is some thread is currently using jnode page, later cannot be
-+ * detached */
-+ if (atomic_read(&node->d_count) != 0) {
-+ return 0;
-+ }
-+
-+ assert("vs-1214", !jnode_is_loaded(node));
-+
-+ /*
-+ * can only release page if real block number is assigned to it. Simple
-+ * check for ->atom wouldn't do, because it is possible for node to be
-+ * clean, not it atom yet, and still having fake block number. For
-+ * example, node just created in jinit_new().
-+ */
-+ if (blocknr_is_fake(jnode_get_block(node)))
-+ return 0;
-+
-+ /*
-+ * pages prepared for write can not be released anyway, so avoid
-+ * detaching jnode from the page
-+ */
-+ if (JF_ISSET(node, JNODE_WRITE_PREPARED))
-+ return 0;
-+
-+ /*
-+ * dirty jnode cannot be released. It can however be submitted to disk
-+ * as part of early flushing, but only after getting flush-prepped.
-+ */
-+ if (JF_ISSET(node, JNODE_DIRTY))
-+ return 0;
-+
-+ /* overwrite set is only written by log writer. */
-+ if (JF_ISSET(node, JNODE_OVRWR))
-+ return 0;
-+
-+ /* jnode is already under writeback */
-+ if (JF_ISSET(node, JNODE_WRITEBACK))
-+ return 0;
-+
-+ /* don't flush bitmaps or journal records */
-+ if (!jnode_is_znode(node) && !jnode_is_unformatted(node))
-+ return 0;
-+
-+ return 1;
-+}
-+
-+/*
-+ * ->releasepage method for reiser4
-+ *
-+ * This is called by VM scanner when it comes across clean page. What we have
-+ * to do here is to check whether page can really be released (freed that is)
-+ * and if so, detach jnode from it and remove page from the page cache.
-+ *
-+ * Check for releasability is done by releasable() function.
-+ */
-+int reiser4_releasepage(struct page *page, gfp_t gfp UNUSED_ARG)
-+{
-+ jnode *node;
-+
-+ assert("nikita-2257", PagePrivate(page));
-+ assert("nikita-2259", PageLocked(page));
-+ assert("nikita-2892", !PageWriteback(page));
-+ assert("nikita-3019", schedulable());
-+
-+ /* NOTE-NIKITA: this can be called in the context of reiser4 call. It
-+ is not clear what to do in this case. A lot of deadlocks seems be
-+ possible. */
-+
-+ node = jnode_by_page(page);
-+ assert("nikita-2258", node != NULL);
-+ assert("reiser4-4", page->mapping != NULL);
-+ assert("reiser4-5", page->mapping->host != NULL);
-+
-+ if (PageDirty(page))
-+ return 0;
-+
-+ if (page_count(page) > 3)
-+ return 0;
-+
-+ /* releasable() needs jnode lock, because it looks at the jnode fields
-+ * and we need jload_lock here to avoid races with jload(). */
-+ spin_lock_jnode(node);
-+ spin_lock(&(node->load));
-+ if (jnode_is_releasable(node)) {
-+ struct address_space *mapping;
-+
-+ mapping = page->mapping;
-+ jref(node);
-+ /* there is no need to synchronize against
-+ * jnode_extent_write() here, because pages seen by
-+ * jnode_extent_write() are !releasable(). */
-+ page_clear_jnode(page, node);
-+ spin_unlock(&(node->load));
-+ spin_unlock_jnode(node);
-+
-+ /* we are under memory pressure so release jnode also. */
-+ jput(node);
-+
-+ return 1;
-+ } else {
-+ spin_unlock(&(node->load));
-+ spin_unlock_jnode(node);
-+ assert("nikita-3020", schedulable());
-+ return 0;
-+ }
-+}
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/block_alloc.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/block_alloc.c
-@@ -0,0 +1,1139 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+#include "debug.h"
-+#include "dformat.h"
-+#include "plugin/plugin.h"
-+#include "txnmgr.h"
-+#include "znode.h"
-+#include "block_alloc.h"
-+#include "tree.h"
-+#include "super.h"
-+
-+#include <linux/types.h> /* for __u?? */
-+#include <linux/fs.h> /* for struct super_block */
-+#include <linux/spinlock.h>
-+
-+/* THE REISER4 DISK SPACE RESERVATION SCHEME. */
-+
-+/* We need to be able to reserve enough disk space to ensure that an atomic
-+ operation will have enough disk space to flush (see flush.c and
-+ http://namesys.com/v4/v4.html) and commit it once it is started.
-+
-+ In our design a call for reserving disk space may fail but not an actual
-+ block allocation.
-+
-+ All free blocks, already allocated blocks, and all kinds of reserved blocks
-+ are counted in different per-fs block counters.
-+
-+ A reiser4 super block's set of block counters currently is:
-+
-+ free -- free blocks,
-+ used -- already allocated blocks,
-+
-+ grabbed -- initially reserved for performing an fs operation, those blocks
-+ are taken from free blocks, then grabbed disk space leaks from grabbed
-+ blocks counter to other counters like "fake allocated", "flush
-+ reserved", "used", the rest of not used grabbed space is returned to
-+ free space at the end of fs operation;
-+
-+ fake allocated -- counts all nodes without real disk block numbers assigned,
-+ we have separate accounting for formatted and unformatted
-+ nodes (for easier debugging);
-+
-+ flush reserved -- disk space needed for flushing and committing an atom.
-+ Each dirty already allocated block could be written as a
-+ part of atom's overwrite set or as a part of atom's
-+ relocate set. In both case one additional block is needed,
-+ it is used as a wandered block if we do overwrite or as a
-+ new location for a relocated block.
-+
-+ In addition, blocks in some states are counted on per-thread and per-atom
-+ basis. A reiser4 context has a counter of blocks grabbed by this transaction
-+ and the sb's grabbed blocks counter is a sum of grabbed blocks counter values
-+ of each reiser4 context. Each reiser4 atom has a counter of "flush reserved"
-+ blocks, which are reserved for flush processing and atom commit. */
-+
-+/* AN EXAMPLE: suppose we insert new item to the reiser4 tree. We estimate
-+ number of blocks to grab for most expensive case of balancing when the leaf
-+ node we insert new item to gets split and new leaf node is allocated.
-+
-+ So, we need to grab blocks for
-+
-+ 1) one block for possible dirtying the node we insert an item to. That block
-+ would be used for node relocation at flush time or for allocating of a
-+ wandered one, it depends what will be a result (what set, relocate or
-+ overwrite the node gets assigned to) of the node processing by the flush
-+ algorithm.
-+
-+ 2) one block for either allocating a new node, or dirtying of right or left
-+ clean neighbor, only one case may happen.
-+
-+ VS-FIXME-HANS: why can only one case happen? I would expect to see dirtying of left neighbor, right neighbor, current
-+ node, and creation of new node. have I forgotten something? email me.
-+
-+ These grabbed blocks are counted in both reiser4 context "grabbed blocks"
-+ counter and in the fs-wide one (both ctx->grabbed_blocks and
-+ sbinfo->blocks_grabbed get incremented by 2), sb's free blocks counter is
-+ decremented by 2.
-+
-+ Suppose both two blocks were spent for dirtying of an already allocated clean
-+ node (one block went from "grabbed" to "flush reserved") and for new block
-+ allocating (one block went from "grabbed" to "fake allocated formatted").
-+
-+ Inserting of a child pointer to the parent node caused parent node to be
-+ split, the balancing code takes care about this grabbing necessary space
-+ immediately by calling reiser4_grab with BA_RESERVED flag set which means
-+ "can use the 5% reserved disk space".
-+
-+ At this moment insertion completes and grabbed blocks (if they were not used)
-+ should be returned to the free space counter.
-+
-+ However the atom life-cycle is not completed. The atom had one "flush
-+ reserved" block added by our insertion and the new fake allocated node is
-+ counted as a "fake allocated formatted" one. The atom has to be fully
-+ processed by flush before commit. Suppose that the flush moved the first,
-+ already allocated node to the atom's overwrite list, the new fake allocated
-+ node, obviously, went into the atom relocate set. The reiser4 flush
-+ allocates the new node using one unit from "fake allocated formatted"
-+ counter, the log writer uses one from "flush reserved" for wandered block
-+ allocation.
-+
-+ And, it is not the end. When the wandered block is deallocated after the
-+ atom gets fully played (see wander.c for term description), the disk space
-+ occupied for it is returned to free blocks. */
-+
-+/* BLOCK NUMBERS */
-+
-+/* Any reiser4 node has a block number assigned to it. We use these numbers for
-+ indexing in hash tables, so if a block has not yet been assigned a location
-+ on disk we need to give it a temporary fake block number.
-+
-+ Current implementation of reiser4 uses 64-bit integers for block numbers. We
-+ use highest bit in 64-bit block number to distinguish fake and real block
-+ numbers. So, only 63 bits may be used to addressing of real device
-+ blocks. That "fake" block numbers space is divided into subspaces of fake
-+ block numbers for data blocks and for shadow (working) bitmap blocks.
-+
-+ Fake block numbers for data blocks are generated by a cyclic counter, which
-+ gets incremented after each real block allocation. We assume that it is
-+ impossible to overload this counter during one transaction life. */
-+
-+/* Initialize a blocknr hint. */
-+void blocknr_hint_init(reiser4_blocknr_hint * hint)
-+{
-+ memset(hint, 0, sizeof(reiser4_blocknr_hint));
-+}
-+
-+/* Release any resources of a blocknr hint. */
-+void blocknr_hint_done(reiser4_blocknr_hint * hint UNUSED_ARG)
-+{
-+ /* No resources should be freed in current blocknr_hint implementation. */
-+}
-+
-+/* see above for explanation of fake block number. */
-+/* Audited by: green(2002.06.11) */
-+int blocknr_is_fake(const reiser4_block_nr * da)
-+{
-+ /* The reason for not simply returning result of '&' operation is that
-+ while return value is (possibly 32bit) int, the reiser4_block_nr is
-+ at least 64 bits long, and high bit (which is the only possible
-+ non zero bit after the masking) would be stripped off */
-+ return (*da & REISER4_FAKE_BLOCKNR_BIT_MASK) ? 1 : 0;
-+}
-+
-+/* Static functions for <reiser4 super block>/<reiser4 context> block counters
-+ arithmetic. Mostly, they are isolated to not to code same assertions in
-+ several places. */
-+static void sub_from_ctx_grabbed(reiser4_context * ctx, __u64 count)
-+{
-+ BUG_ON(ctx->grabbed_blocks < count);
-+ assert("zam-527", ctx->grabbed_blocks >= count);
-+ ctx->grabbed_blocks -= count;
-+}
-+
-+static void add_to_ctx_grabbed(reiser4_context * ctx, __u64 count)
-+{
-+ ctx->grabbed_blocks += count;
-+}
-+
-+static void sub_from_sb_grabbed(reiser4_super_info_data * sbinfo, __u64 count)
-+{
-+ assert("zam-525", sbinfo->blocks_grabbed >= count);
-+ sbinfo->blocks_grabbed -= count;
-+}
-+
-+/* Decrease the counter of block reserved for flush in super block. */
-+static void
-+sub_from_sb_flush_reserved(reiser4_super_info_data * sbinfo, __u64 count)
-+{
-+ assert("vpf-291", sbinfo->blocks_flush_reserved >= count);
-+ sbinfo->blocks_flush_reserved -= count;
-+}
-+
-+static void
-+sub_from_sb_fake_allocated(reiser4_super_info_data * sbinfo, __u64 count,
-+ reiser4_ba_flags_t flags)
-+{
-+ if (flags & BA_FORMATTED) {
-+ assert("zam-806", sbinfo->blocks_fake_allocated >= count);
-+ sbinfo->blocks_fake_allocated -= count;
-+ } else {
-+ assert("zam-528",
-+ sbinfo->blocks_fake_allocated_unformatted >= count);
-+ sbinfo->blocks_fake_allocated_unformatted -= count;
-+ }
-+}
-+
-+static void sub_from_sb_used(reiser4_super_info_data * sbinfo, __u64 count)
-+{
-+ assert("zam-530",
-+ sbinfo->blocks_used >= count + sbinfo->min_blocks_used);
-+ sbinfo->blocks_used -= count;
-+}
-+
-+static void
-+sub_from_cluster_reserved(reiser4_super_info_data * sbinfo, __u64 count)
-+{
-+ assert("edward-501", sbinfo->blocks_clustered >= count);
-+ sbinfo->blocks_clustered -= count;
-+}
-+
-+/* Increase the counter of block reserved for flush in atom. */
-+static void add_to_atom_flush_reserved_nolock(txn_atom * atom, __u32 count)
-+{
-+ assert("zam-772", atom != NULL);
-+ assert_spin_locked(&(atom->alock));
-+ atom->flush_reserved += count;
-+}
-+
-+/* Decrease the counter of block reserved for flush in atom. */
-+static void sub_from_atom_flush_reserved_nolock(txn_atom * atom, __u32 count)
-+{
-+ assert("zam-774", atom != NULL);
-+ assert_spin_locked(&(atom->alock));
-+ assert("nikita-2790", atom->flush_reserved >= count);
-+ atom->flush_reserved -= count;
-+}
-+
-+/* super block has 6 counters: free, used, grabbed, fake allocated
-+ (formatted and unformatted) and flush reserved. Their sum must be
-+ number of blocks on a device. This function checks this */
-+int check_block_counters(const struct super_block *super)
-+{
-+ __u64 sum;
-+
-+ sum = reiser4_grabbed_blocks(super) + reiser4_free_blocks(super) +
-+ reiser4_data_blocks(super) + reiser4_fake_allocated(super) +
-+ reiser4_fake_allocated_unformatted(super) + flush_reserved(super) +
-+ reiser4_clustered_blocks(super);
-+ if (reiser4_block_count(super) != sum) {
-+ printk("super block counters: "
-+ "used %llu, free %llu, "
-+ "grabbed %llu, fake allocated (formatetd %llu, unformatted %llu), "
-+ "reserved %llu, clustered %llu, sum %llu, must be (block count) %llu\n",
-+ (unsigned long long)reiser4_data_blocks(super),
-+ (unsigned long long)reiser4_free_blocks(super),
-+ (unsigned long long)reiser4_grabbed_blocks(super),
-+ (unsigned long long)reiser4_fake_allocated(super),
-+ (unsigned long long)
-+ reiser4_fake_allocated_unformatted(super),
-+ (unsigned long long)flush_reserved(super),
-+ (unsigned long long)reiser4_clustered_blocks(super),
-+ (unsigned long long)sum,
-+ (unsigned long long)reiser4_block_count(super));
-+ return 0;
-+ }
-+ return 1;
-+}
-+
-+/* Adjust "working" free blocks counter for number of blocks we are going to
-+ allocate. Record number of grabbed blocks in fs-wide and per-thread
-+ counters. This function should be called before bitmap scanning or
-+ allocating fake block numbers
-+
-+ @super -- pointer to reiser4 super block;
-+ @count -- number of blocks we reserve;
-+
-+ @return -- 0 if success, -ENOSPC, if all
-+ free blocks are preserved or already allocated.
-+*/
-+
-+static int
-+reiser4_grab(reiser4_context * ctx, __u64 count, reiser4_ba_flags_t flags)
-+{
-+ __u64 free_blocks;
-+ int ret = 0, use_reserved = flags & BA_RESERVED;
-+ reiser4_super_info_data *sbinfo;
-+
-+ assert("vs-1276", ctx == get_current_context());
-+
-+ /* Do not grab anything on ro-mounted fs. */
-+ if (rofs_super(ctx->super)) {
-+ ctx->grab_enabled = 0;
-+ return 0;
-+ }
-+
-+ sbinfo = get_super_private(ctx->super);
-+
-+ spin_lock_reiser4_super(sbinfo);
-+
-+ free_blocks = sbinfo->blocks_free;
-+
-+ if ((use_reserved && free_blocks < count) ||
-+ (!use_reserved && free_blocks < count + sbinfo->blocks_reserved)) {
-+ ret = RETERR(-ENOSPC);
-+ goto unlock_and_ret;
-+ }
-+
-+ add_to_ctx_grabbed(ctx, count);
-+
-+ sbinfo->blocks_grabbed += count;
-+ sbinfo->blocks_free -= count;
-+
-+#if REISER4_DEBUG
-+ if (ctx->grabbed_initially == 0)
-+ ctx->grabbed_initially = count;
-+#endif
-+
-+ assert("nikita-2986", check_block_counters(ctx->super));
-+
-+ /* disable grab space in current context */
-+ ctx->grab_enabled = 0;
-+
-+ unlock_and_ret:
-+ spin_unlock_reiser4_super(sbinfo);
-+
-+ return ret;
-+}
-+
-+int reiser4_grab_space(__u64 count, reiser4_ba_flags_t flags)
-+{
-+ int ret;
-+ reiser4_context *ctx;
-+
-+ assert("nikita-2964", ergo(flags & BA_CAN_COMMIT,
-+ lock_stack_isclean(get_current_lock_stack
-+ ())));
-+ ctx = get_current_context();
-+ if (!(flags & BA_FORCE) && !is_grab_enabled(ctx)) {
-+ return 0;
-+ }
-+
-+ ret = reiser4_grab(ctx, count, flags);
-+ if (ret == -ENOSPC) {
-+
-+ /* Trying to commit the all transactions if BA_CAN_COMMIT flag present */
-+ if (flags & BA_CAN_COMMIT) {
-+ txnmgr_force_commit_all(ctx->super, 0);
-+ ctx->grab_enabled = 1;
-+ ret = reiser4_grab(ctx, count, flags);
-+ }
-+ }
-+ /*
-+ * allocation from reserved pool cannot fail. This is severe error.
-+ */
-+ assert("nikita-3005", ergo(flags & BA_RESERVED, ret == 0));
-+ return ret;
-+}
-+
-+/*
-+ * SPACE RESERVED FOR UNLINK/TRUNCATE
-+ *
-+ * Unlink and truncate require space in transaction (to update stat data, at
-+ * least). But we don't want rm(1) to fail with "No space on device" error.
-+ *
-+ * Solution is to reserve 5% of disk space for truncates and
-+ * unlinks. Specifically, normal space grabbing requests don't grab space from
-+ * reserved area. Only requests with BA_RESERVED bit in flags are allowed to
-+ * drain it. Per super block delete_sema semaphore is used to allow only one
-+ * thread at a time to grab from reserved area.
-+ *
-+ * Grabbing from reserved area should always be performed with BA_CAN_COMMIT
-+ * flag.
-+ *
-+ */
-+
-+int reiser4_grab_reserved(struct super_block *super,
-+ __u64 count, reiser4_ba_flags_t flags)
-+{
-+ reiser4_super_info_data *sbinfo = get_super_private(super);
-+
-+ assert("nikita-3175", flags & BA_CAN_COMMIT);
-+
-+ /* Check the delete semaphore already taken by us, we assume that
-+ * reading of machine word is atomic. */
-+ if (sbinfo->delete_sema_owner == current) {
-+ if (reiser4_grab_space
-+ (count, (flags | BA_RESERVED) & ~BA_CAN_COMMIT)) {
-+ warning("zam-1003",
-+ "nested call of grab_reserved fails count=(%llu)",
-+ (unsigned long long)count);
-+ reiser4_release_reserved(super);
-+ return RETERR(-ENOSPC);
-+ }
-+ return 0;
-+ }
-+
-+ if (reiser4_grab_space(count, flags)) {
-+ down(&sbinfo->delete_sema);
-+ assert("nikita-2929", sbinfo->delete_sema_owner == NULL);
-+ sbinfo->delete_sema_owner = current;
-+
-+ if (reiser4_grab_space(count, flags | BA_RESERVED)) {
-+ warning("zam-833",
-+ "reserved space is not enough (%llu)",
-+ (unsigned long long)count);
-+ reiser4_release_reserved(super);
-+ return RETERR(-ENOSPC);
-+ }
-+ }
-+ return 0;
-+}
-+
-+void reiser4_release_reserved(struct super_block *super)
-+{
-+ reiser4_super_info_data *info;
-+
-+ info = get_super_private(super);
-+ if (info->delete_sema_owner == current) {
-+ info->delete_sema_owner = NULL;
-+ up(&info->delete_sema);
-+ }
-+}
-+
-+static reiser4_super_info_data *grabbed2fake_allocated_head(int count)
-+{
-+ reiser4_context *ctx;
-+ reiser4_super_info_data *sbinfo;
-+
-+ ctx = get_current_context();
-+ sub_from_ctx_grabbed(ctx, count);
-+
-+ sbinfo = get_super_private(ctx->super);
-+ spin_lock_reiser4_super(sbinfo);
-+
-+ sub_from_sb_grabbed(sbinfo, count);
-+ /* return sbinfo locked */
-+ return sbinfo;
-+}
-+
-+/* is called after @count fake block numbers are allocated and pointer to
-+ those blocks are inserted into tree. */
-+static void grabbed2fake_allocated_formatted(void)
-+{
-+ reiser4_super_info_data *sbinfo;
-+
-+ sbinfo = grabbed2fake_allocated_head(1);
-+ sbinfo->blocks_fake_allocated++;
-+
-+ assert("vs-922", check_block_counters(reiser4_get_current_sb()));
-+
-+ spin_unlock_reiser4_super(sbinfo);
-+}
-+
-+/**
-+ * grabbed2fake_allocated_unformatted
-+ * @count:
-+ *
-+ */
-+static void grabbed2fake_allocated_unformatted(int count)
-+{
-+ reiser4_super_info_data *sbinfo;
-+
-+ sbinfo = grabbed2fake_allocated_head(count);
-+ sbinfo->blocks_fake_allocated_unformatted += count;
-+
-+ assert("vs-9221", check_block_counters(reiser4_get_current_sb()));
-+
-+ spin_unlock_reiser4_super(sbinfo);
-+}
-+
-+void grabbed2cluster_reserved(int count)
-+{
-+ reiser4_context *ctx;
-+ reiser4_super_info_data *sbinfo;
-+
-+ ctx = get_current_context();
-+ sub_from_ctx_grabbed(ctx, count);
-+
-+ sbinfo = get_super_private(ctx->super);
-+ spin_lock_reiser4_super(sbinfo);
-+
-+ sub_from_sb_grabbed(sbinfo, count);
-+ sbinfo->blocks_clustered += count;
-+
-+ assert("edward-504", check_block_counters(ctx->super));
-+
-+ spin_unlock_reiser4_super(sbinfo);
-+}
-+
-+void cluster_reserved2grabbed(int count)
-+{
-+ reiser4_context *ctx;
-+ reiser4_super_info_data *sbinfo;
-+
-+ ctx = get_current_context();
-+
-+ sbinfo = get_super_private(ctx->super);
-+ spin_lock_reiser4_super(sbinfo);
-+
-+ sub_from_cluster_reserved(sbinfo, count);
-+ sbinfo->blocks_grabbed += count;
-+
-+ assert("edward-505", check_block_counters(ctx->super));
-+
-+ spin_unlock_reiser4_super(sbinfo);
-+ add_to_ctx_grabbed(ctx, count);
-+}
-+
-+void cluster_reserved2free(int count)
-+{
-+ reiser4_context *ctx;
-+ reiser4_super_info_data *sbinfo;
-+
-+ assert("edward-503", get_current_context()->grabbed_blocks == 0);
-+
-+ ctx = get_current_context();
-+ sbinfo = get_super_private(ctx->super);
-+ spin_lock_reiser4_super(sbinfo);
-+
-+ sub_from_cluster_reserved(sbinfo, count);
-+ sbinfo->blocks_free += count;
-+
-+ assert("edward-502", check_block_counters(ctx->super));
-+
-+ spin_unlock_reiser4_super(sbinfo);
-+}
-+
-+static DEFINE_SPINLOCK(fake_lock);
-+static reiser4_block_nr fake_gen = 0;
-+
-+/**
-+ * assign_fake_blocknr
-+ * @blocknr:
-+ * @count:
-+ *
-+ * Obtain a fake block number for new node which will be used to refer to
-+ * this newly allocated node until real allocation is done.
-+ */
-+static void assign_fake_blocknr(reiser4_block_nr *blocknr, int count)
-+{
-+ spin_lock(&fake_lock);
-+ *blocknr = fake_gen;
-+ fake_gen += count;
-+ spin_unlock(&fake_lock);
-+
-+ BUG_ON(*blocknr & REISER4_BLOCKNR_STATUS_BIT_MASK);
-+ /**blocknr &= ~REISER4_BLOCKNR_STATUS_BIT_MASK;*/
-+ *blocknr |= REISER4_UNALLOCATED_STATUS_VALUE;
-+ assert("zam-394", zlook(current_tree, blocknr) == NULL);
-+}
-+
-+int assign_fake_blocknr_formatted(reiser4_block_nr * blocknr)
-+{
-+ assign_fake_blocknr(blocknr, 1);
-+ grabbed2fake_allocated_formatted();
-+ return 0;
-+}
-+
-+/**
-+ * fake_blocknrs_unformatted
-+ * @count: number of fake numbers to get
-+ *
-+ * Allocates @count fake block numbers which will be assigned to jnodes
-+ */
-+reiser4_block_nr fake_blocknr_unformatted(int count)
-+{
-+ reiser4_block_nr blocknr;
-+
-+ assign_fake_blocknr(&blocknr, count);
-+ grabbed2fake_allocated_unformatted(count);
-+
-+ return blocknr;
-+}
-+
-+/* adjust sb block counters, if real (on-disk) block allocation immediately
-+ follows grabbing of free disk space. */
-+void grabbed2used(reiser4_context *ctx, reiser4_super_info_data *sbinfo,
-+ __u64 count)
-+{
-+ sub_from_ctx_grabbed(ctx, count);
-+
-+ spin_lock_reiser4_super(sbinfo);
-+
-+ sub_from_sb_grabbed(sbinfo, count);
-+ sbinfo->blocks_used += count;
-+
-+ assert("nikita-2679", check_block_counters(ctx->super));
-+
-+ spin_unlock_reiser4_super(sbinfo);
-+}
-+
-+/* adjust sb block counters when @count unallocated blocks get mapped to disk */
-+void fake_allocated2used(reiser4_super_info_data *sbinfo, __u64 count,
-+ reiser4_ba_flags_t flags)
-+{
-+ spin_lock_reiser4_super(sbinfo);
-+
-+ sub_from_sb_fake_allocated(sbinfo, count, flags);
-+ sbinfo->blocks_used += count;
-+
-+ assert("nikita-2680", check_block_counters(reiser4_get_current_sb()));
-+
-+ spin_unlock_reiser4_super(sbinfo);
-+}
-+
-+void flush_reserved2used(txn_atom * atom, __u64 count)
-+{
-+ reiser4_super_info_data *sbinfo;
-+
-+ assert("zam-787", atom != NULL);
-+ assert_spin_locked(&(atom->alock));
-+
-+ sub_from_atom_flush_reserved_nolock(atom, (__u32) count);
-+
-+ sbinfo = get_current_super_private();
-+ spin_lock_reiser4_super(sbinfo);
-+
-+ sub_from_sb_flush_reserved(sbinfo, count);
-+ sbinfo->blocks_used += count;
-+
-+ assert("zam-789", check_block_counters(reiser4_get_current_sb()));
-+
-+ spin_unlock_reiser4_super(sbinfo);
-+}
-+
-+/* update the per fs blocknr hint default value. */
-+void
-+update_blocknr_hint_default(const struct super_block *s,
-+ const reiser4_block_nr * block)
-+{
-+ reiser4_super_info_data *sbinfo = get_super_private(s);
-+
-+ assert("nikita-3342", !blocknr_is_fake(block));
-+
-+ spin_lock_reiser4_super(sbinfo);
-+ if (*block < sbinfo->block_count) {
-+ sbinfo->blocknr_hint_default = *block;
-+ } else {
-+ warning("zam-676",
-+ "block number %llu is too large to be used in a blocknr hint\n",
-+ (unsigned long long)*block);
-+ dump_stack();
-+ DEBUGON(1);
-+ }
-+ spin_unlock_reiser4_super(sbinfo);
-+}
-+
-+/* get current value of the default blocknr hint. */
-+void get_blocknr_hint_default(reiser4_block_nr * result)
-+{
-+ reiser4_super_info_data *sbinfo = get_current_super_private();
-+
-+ spin_lock_reiser4_super(sbinfo);
-+ *result = sbinfo->blocknr_hint_default;
-+ assert("zam-677", *result < sbinfo->block_count);
-+ spin_unlock_reiser4_super(sbinfo);
-+}
-+
-+/* Allocate "real" disk blocks by calling a proper space allocation plugin
-+ * method. Blocks are allocated in one contiguous disk region. The plugin
-+ * independent part accounts blocks by subtracting allocated amount from grabbed
-+ * or fake block counter and add the same amount to the counter of allocated
-+ * blocks.
-+ *
-+ * @hint -- a reiser4 blocknr hint object which contains further block
-+ * allocation hints and parameters (search start, a stage of block
-+ * which will be mapped to disk, etc.),
-+ * @blk -- an out parameter for the beginning of the allocated region,
-+ * @len -- in/out parameter, it should contain the maximum number of allocated
-+ * blocks, after block allocation completes, it contains the length of
-+ * allocated disk region.
-+ * @flags -- see reiser4_ba_flags_t description.
-+ *
-+ * @return -- 0 if success, error code otherwise.
-+ */
-+int
-+reiser4_alloc_blocks(reiser4_blocknr_hint * hint, reiser4_block_nr * blk,
-+ reiser4_block_nr * len, reiser4_ba_flags_t flags)
-+{
-+ __u64 needed = *len;
-+ reiser4_context *ctx;
-+ reiser4_super_info_data *sbinfo;
-+ int ret;
-+
-+ assert("zam-986", hint != NULL);
-+
-+ ctx = get_current_context();
-+ sbinfo = get_super_private(ctx->super);
-+
-+ /* For write-optimized data we use default search start value, which is
-+ * close to last write location. */
-+ if (flags & BA_USE_DEFAULT_SEARCH_START) {
-+ get_blocknr_hint_default(&hint->blk);
-+ }
-+
-+ /* VITALY: allocator should grab this for internal/tx-lists/similar only. */
-+/* VS-FIXME-HANS: why is this comment above addressed to vitaly (from vitaly)? */
-+ if (hint->block_stage == BLOCK_NOT_COUNTED) {
-+ ret = reiser4_grab_space_force(*len, flags);
-+ if (ret != 0)
-+ return ret;
-+ }
-+
-+ ret =
-+ sa_alloc_blocks(get_space_allocator(ctx->super), hint, (int)needed,
-+ blk, len);
-+
-+ if (!ret) {
-+ assert("zam-680", *blk < reiser4_block_count(ctx->super));
-+ assert("zam-681",
-+ *blk + *len <= reiser4_block_count(ctx->super));
-+
-+ if (flags & BA_PERMANENT) {
-+ /* we assume that current atom exists at this moment */
-+ txn_atom *atom = get_current_atom_locked();
-+ atom->nr_blocks_allocated += *len;
-+ spin_unlock_atom(atom);
-+ }
-+
-+ switch (hint->block_stage) {
-+ case BLOCK_NOT_COUNTED:
-+ case BLOCK_GRABBED:
-+ grabbed2used(ctx, sbinfo, *len);
-+ break;
-+ case BLOCK_UNALLOCATED:
-+ fake_allocated2used(sbinfo, *len, flags);
-+ break;
-+ case BLOCK_FLUSH_RESERVED:
-+ {
-+ txn_atom *atom = get_current_atom_locked();
-+ flush_reserved2used(atom, *len);
-+ spin_unlock_atom(atom);
-+ }
-+ break;
-+ default:
-+ impossible("zam-531", "wrong block stage");
-+ }
-+ } else {
-+ assert("zam-821",
-+ ergo(hint->max_dist == 0
-+ && !hint->backward, ret != -ENOSPC));
-+ if (hint->block_stage == BLOCK_NOT_COUNTED)
-+ grabbed2free(ctx, sbinfo, needed);
-+ }
-+
-+ return ret;
-+}
-+
-+/* used -> fake_allocated -> grabbed -> free */
-+
-+/* adjust sb block counters when @count unallocated blocks get unmapped from
-+ disk */
-+static void
-+used2fake_allocated(reiser4_super_info_data * sbinfo, __u64 count,
-+ int formatted)
-+{
-+ spin_lock_reiser4_super(sbinfo);
-+
-+ if (formatted)
-+ sbinfo->blocks_fake_allocated += count;
-+ else
-+ sbinfo->blocks_fake_allocated_unformatted += count;
-+
-+ sub_from_sb_used(sbinfo, count);
-+
-+ assert("nikita-2681", check_block_counters(reiser4_get_current_sb()));
-+
-+ spin_unlock_reiser4_super(sbinfo);
-+}
-+
-+static void
-+used2flush_reserved(reiser4_super_info_data * sbinfo, txn_atom * atom,
-+ __u64 count, reiser4_ba_flags_t flags UNUSED_ARG)
-+{
-+ assert("nikita-2791", atom != NULL);
-+ assert_spin_locked(&(atom->alock));
-+
-+ add_to_atom_flush_reserved_nolock(atom, (__u32) count);
-+
-+ spin_lock_reiser4_super(sbinfo);
-+
-+ sbinfo->blocks_flush_reserved += count;
-+ /*add_to_sb_flush_reserved(sbinfo, count); */
-+ sub_from_sb_used(sbinfo, count);
-+
-+ assert("nikita-2681", check_block_counters(reiser4_get_current_sb()));
-+
-+ spin_unlock_reiser4_super(sbinfo);
-+}
-+
-+/* disk space, virtually used by fake block numbers is counted as "grabbed" again. */
-+static void
-+fake_allocated2grabbed(reiser4_context * ctx, reiser4_super_info_data * sbinfo,
-+ __u64 count, reiser4_ba_flags_t flags)
-+{
-+ add_to_ctx_grabbed(ctx, count);
-+
-+ spin_lock_reiser4_super(sbinfo);
-+
-+ assert("nikita-2682", check_block_counters(ctx->super));
-+
-+ sbinfo->blocks_grabbed += count;
-+ sub_from_sb_fake_allocated(sbinfo, count, flags & BA_FORMATTED);
-+
-+ assert("nikita-2683", check_block_counters(ctx->super));
-+
-+ spin_unlock_reiser4_super(sbinfo);
-+}
-+
-+void fake_allocated2free(__u64 count, reiser4_ba_flags_t flags)
-+{
-+ reiser4_context *ctx;
-+ reiser4_super_info_data *sbinfo;
-+
-+ ctx = get_current_context();
-+ sbinfo = get_super_private(ctx->super);
-+
-+ fake_allocated2grabbed(ctx, sbinfo, count, flags);
-+ grabbed2free(ctx, sbinfo, count);
-+}
-+
-+void grabbed2free_mark(__u64 mark)
-+{
-+ reiser4_context *ctx;
-+ reiser4_super_info_data *sbinfo;
-+
-+ ctx = get_current_context();
-+ sbinfo = get_super_private(ctx->super);
-+
-+ assert("nikita-3007", (__s64) mark >= 0);
-+ assert("nikita-3006", ctx->grabbed_blocks >= mark);
-+ grabbed2free(ctx, sbinfo, ctx->grabbed_blocks - mark);
-+}
-+
-+/**
-+ * grabbed2free - adjust grabbed and free block counters
-+ * @ctx: context to update grabbed block counter of
-+ * @sbinfo: super block to update grabbed and free block counters of
-+ * @count: number of blocks to adjust counters by
-+ *
-+ * Decreases context's and per filesystem's counters of grabbed
-+ * blocks. Increases per filesystem's counter of free blocks.
-+ */
-+void grabbed2free(reiser4_context *ctx, reiser4_super_info_data *sbinfo,
-+ __u64 count)
-+{
-+ sub_from_ctx_grabbed(ctx, count);
-+
-+ spin_lock_reiser4_super(sbinfo);
-+
-+ sub_from_sb_grabbed(sbinfo, count);
-+ sbinfo->blocks_free += count;
-+ assert("nikita-2684", check_block_counters(ctx->super));
-+
-+ spin_unlock_reiser4_super(sbinfo);
-+}
-+
-+void grabbed2flush_reserved_nolock(txn_atom * atom, __u64 count)
-+{
-+ reiser4_context *ctx;
-+ reiser4_super_info_data *sbinfo;
-+
-+ assert("vs-1095", atom);
-+
-+ ctx = get_current_context();
-+ sbinfo = get_super_private(ctx->super);
-+
-+ sub_from_ctx_grabbed(ctx, count);
-+
-+ add_to_atom_flush_reserved_nolock(atom, count);
-+
-+ spin_lock_reiser4_super(sbinfo);
-+
-+ sbinfo->blocks_flush_reserved += count;
-+ sub_from_sb_grabbed(sbinfo, count);
-+
-+ assert("vpf-292", check_block_counters(ctx->super));
-+
-+ spin_unlock_reiser4_super(sbinfo);
-+}
-+
-+void grabbed2flush_reserved(__u64 count)
-+{
-+ txn_atom *atom = get_current_atom_locked();
-+
-+ grabbed2flush_reserved_nolock(atom, count);
-+
-+ spin_unlock_atom(atom);
-+}
-+
-+void flush_reserved2grabbed(txn_atom * atom, __u64 count)
-+{
-+ reiser4_context *ctx;
-+ reiser4_super_info_data *sbinfo;
-+
-+ assert("nikita-2788", atom != NULL);
-+ assert_spin_locked(&(atom->alock));
-+
-+ ctx = get_current_context();
-+ sbinfo = get_super_private(ctx->super);
-+
-+ add_to_ctx_grabbed(ctx, count);
-+
-+ sub_from_atom_flush_reserved_nolock(atom, (__u32) count);
-+
-+ spin_lock_reiser4_super(sbinfo);
-+
-+ sbinfo->blocks_grabbed += count;
-+ sub_from_sb_flush_reserved(sbinfo, count);
-+
-+ assert("vpf-292", check_block_counters(ctx->super));
-+
-+ spin_unlock_reiser4_super(sbinfo);
-+}
-+
-+/**
-+ * all_grabbed2free - releases all blocks grabbed in context
-+ *
-+ * Decreases context's and super block's grabbed block counters by number of
-+ * blocks grabbed by current context and increases super block's free block
-+ * counter correspondingly.
-+ */
-+void all_grabbed2free(void)
-+{
-+ reiser4_context *ctx = get_current_context();
-+
-+ grabbed2free(ctx, get_super_private(ctx->super), ctx->grabbed_blocks);
-+}
-+
-+/* adjust sb block counters if real (on-disk) blocks do not become unallocated
-+ after freeing, @count blocks become "grabbed". */
-+static void
-+used2grabbed(reiser4_context * ctx, reiser4_super_info_data * sbinfo,
-+ __u64 count)
-+{
-+ add_to_ctx_grabbed(ctx, count);
-+
-+ spin_lock_reiser4_super(sbinfo);
-+
-+ sbinfo->blocks_grabbed += count;
-+ sub_from_sb_used(sbinfo, count);
-+
-+ assert("nikita-2685", check_block_counters(ctx->super));
-+
-+ spin_unlock_reiser4_super(sbinfo);
-+}
-+
-+/* this used to be done through used2grabbed and grabbed2free*/
-+static void used2free(reiser4_super_info_data * sbinfo, __u64 count)
-+{
-+ spin_lock_reiser4_super(sbinfo);
-+
-+ sbinfo->blocks_free += count;
-+ sub_from_sb_used(sbinfo, count);
-+
-+ assert("nikita-2685", check_block_counters(reiser4_get_current_sb()));
-+
-+ spin_unlock_reiser4_super(sbinfo);
-+}
-+
-+#if REISER4_DEBUG
-+
-+/* check "allocated" state of given block range */
-+static void
-+reiser4_check_blocks(const reiser4_block_nr * start,
-+ const reiser4_block_nr * len, int desired)
-+{
-+ sa_check_blocks(start, len, desired);
-+}
-+
-+/* check "allocated" state of given block */
-+void reiser4_check_block(const reiser4_block_nr * block, int desired)
-+{
-+ const reiser4_block_nr one = 1;
-+
-+ reiser4_check_blocks(block, &one, desired);
-+}
-+
-+#endif
-+
-+/* Blocks deallocation function may do an actual deallocation through space
-+ plugin allocation or store deleted block numbers in atom's delete_set data
-+ structure depend on @defer parameter. */
-+
-+/* if BA_DEFER bit is not turned on, @target_stage means the stage of blocks which
-+ will be deleted from WORKING bitmap. They might be just unmapped from disk, or
-+ freed but disk space is still grabbed by current thread, or these blocks must
-+ not be counted in any reiser4 sb block counters, see block_stage_t comment */
-+
-+/* BA_FORMATTED bit is only used when BA_DEFER in not present: it is used to
-+ distinguish blocks allocated for unformatted and formatted nodes */
-+
-+int
-+reiser4_dealloc_blocks(const reiser4_block_nr * start,
-+ const reiser4_block_nr * len,
-+ block_stage_t target_stage, reiser4_ba_flags_t flags)
-+{
-+ txn_atom *atom = NULL;
-+ int ret;
-+ reiser4_context *ctx;
-+ reiser4_super_info_data *sbinfo;
-+
-+ ctx = get_current_context();
-+ sbinfo = get_super_private(ctx->super);
-+
-+ if (REISER4_DEBUG) {
-+ assert("zam-431", *len != 0);
-+ assert("zam-432", *start != 0);
-+ assert("zam-558", !blocknr_is_fake(start));
-+
-+ spin_lock_reiser4_super(sbinfo);
-+ assert("zam-562", *start < sbinfo->block_count);
-+ spin_unlock_reiser4_super(sbinfo);
-+ }
-+
-+ if (flags & BA_DEFER) {
-+ blocknr_set_entry *bsep = NULL;
-+
-+ /* storing deleted block numbers in a blocknr set
-+ datastructure for further actual deletion */
-+ do {
-+ atom = get_current_atom_locked();
-+ assert("zam-430", atom != NULL);
-+
-+ ret =
-+ blocknr_set_add_extent(atom, &atom->delete_set,
-+ &bsep, start, len);
-+
-+ if (ret == -ENOMEM)
-+ return ret;
-+
-+ /* This loop might spin at most two times */
-+ } while (ret == -E_REPEAT);
-+
-+ assert("zam-477", ret == 0);
-+ assert("zam-433", atom != NULL);
-+
-+ spin_unlock_atom(atom);
-+
-+ } else {
-+ assert("zam-425", get_current_super_private() != NULL);
-+ sa_dealloc_blocks(get_space_allocator(ctx->super), *start,
-+ *len);
-+
-+ if (flags & BA_PERMANENT) {
-+ /* These blocks were counted as allocated, we have to revert it
-+ * back if allocation is discarded. */
-+ txn_atom *atom = get_current_atom_locked();
-+ atom->nr_blocks_allocated -= *len;
-+ spin_unlock_atom(atom);
-+ }
-+
-+ switch (target_stage) {
-+ case BLOCK_NOT_COUNTED:
-+ assert("vs-960", flags & BA_FORMATTED);
-+ /* VITALY: This is what was grabbed for internal/tx-lists/similar only */
-+ used2free(sbinfo, *len);
-+ break;
-+
-+ case BLOCK_GRABBED:
-+ used2grabbed(ctx, sbinfo, *len);
-+ break;
-+
-+ case BLOCK_UNALLOCATED:
-+ used2fake_allocated(sbinfo, *len, flags & BA_FORMATTED);
-+ break;
-+
-+ case BLOCK_FLUSH_RESERVED:{
-+ txn_atom *atom;
-+
-+ atom = get_current_atom_locked();
-+ used2flush_reserved(sbinfo, atom, *len,
-+ flags & BA_FORMATTED);
-+ spin_unlock_atom(atom);
-+ break;
-+ }
-+ default:
-+ impossible("zam-532", "wrong block stage");
-+ }
-+ }
-+
-+ return 0;
-+}
-+
-+/* wrappers for block allocator plugin methods */
-+int pre_commit_hook(void)
-+{
-+ assert("zam-502", get_current_super_private() != NULL);
-+ sa_pre_commit_hook();
-+ return 0;
-+}
-+
-+/* an actor which applies delete set to block allocator data */
-+static int
-+apply_dset(txn_atom * atom UNUSED_ARG, const reiser4_block_nr * a,
-+ const reiser4_block_nr * b, void *data UNUSED_ARG)
-+{
-+ reiser4_context *ctx;
-+ reiser4_super_info_data *sbinfo;
-+
-+ __u64 len = 1;
-+
-+ ctx = get_current_context();
-+ sbinfo = get_super_private(ctx->super);
-+
-+ assert("zam-877", atom->stage >= ASTAGE_PRE_COMMIT);
-+ assert("zam-552", sbinfo != NULL);
-+
-+ if (b != NULL)
-+ len = *b;
-+
-+ if (REISER4_DEBUG) {
-+ spin_lock_reiser4_super(sbinfo);
-+
-+ assert("zam-554", *a < reiser4_block_count(ctx->super));
-+ assert("zam-555", *a + len <= reiser4_block_count(ctx->super));
-+
-+ spin_unlock_reiser4_super(sbinfo);
-+ }
-+
-+ sa_dealloc_blocks(&sbinfo->space_allocator, *a, len);
-+ /* adjust sb block counters */
-+ used2free(sbinfo, len);
-+ return 0;
-+}
-+
-+void post_commit_hook(void)
-+{
-+ txn_atom *atom;
-+
-+ atom = get_current_atom_locked();
-+ assert("zam-452", atom->stage == ASTAGE_POST_COMMIT);
-+ spin_unlock_atom(atom);
-+
-+ /* do the block deallocation which was deferred
-+ until commit is done */
-+ blocknr_set_iterator(atom, &atom->delete_set, apply_dset, NULL, 1);
-+
-+ assert("zam-504", get_current_super_private() != NULL);
-+ sa_post_commit_hook();
-+}
-+
-+void post_write_back_hook(void)
-+{
-+ assert("zam-504", get_current_super_private() != NULL);
-+
-+ sa_post_commit_hook();
-+}
-+
-+/*
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/block_alloc.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/block_alloc.h
-@@ -0,0 +1,175 @@
-+/* Copyright 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+#if !defined (__FS_REISER4_BLOCK_ALLOC_H__)
-+#define __FS_REISER4_BLOCK_ALLOC_H__
-+
-+#include "dformat.h"
-+#include "forward.h"
-+
-+#include <linux/types.h> /* for __u?? */
-+#include <linux/fs.h>
-+
-+/* Mask when is applied to given block number shows is that block number is a fake one */
-+#define REISER4_FAKE_BLOCKNR_BIT_MASK 0x8000000000000000ULL
-+/* Mask which isolates a type of object this fake block number was assigned to */
-+#define REISER4_BLOCKNR_STATUS_BIT_MASK 0xC000000000000000ULL
-+
-+/*result after applying the REISER4_BLOCKNR_STATUS_BIT_MASK should be compared
-+ against these two values to understand is the object unallocated or bitmap
-+ shadow object (WORKING BITMAP block, look at the plugin/space/bitmap.c) */
-+#define REISER4_UNALLOCATED_STATUS_VALUE 0xC000000000000000ULL
-+#define REISER4_BITMAP_BLOCKS_STATUS_VALUE 0x8000000000000000ULL
-+
-+/* specification how block allocation was counted in sb block counters */
-+typedef enum {
-+ BLOCK_NOT_COUNTED = 0, /* reiser4 has no info about this block yet */
-+ BLOCK_GRABBED = 1, /* free space grabbed for further allocation
-+ of this block */
-+ BLOCK_FLUSH_RESERVED = 2, /* block is reserved for flush needs. */
-+ BLOCK_UNALLOCATED = 3, /* block is used for existing in-memory object
-+ ( unallocated formatted or unformatted
-+ node) */
-+ BLOCK_ALLOCATED = 4 /* block is mapped to disk, real on-disk block
-+ number assigned */
-+} block_stage_t;
-+
-+/* a hint for block allocator */
-+struct reiser4_blocknr_hint {
-+ /* FIXME: I think we want to add a longterm lock on the bitmap block here. This
-+ is to prevent jnode_flush() calls from interleaving allocations on the same
-+ bitmap, once a hint is established. */
-+
-+ /* search start hint */
-+ reiser4_block_nr blk;
-+ /* if not zero, it is a region size we search for free blocks in */
-+ reiser4_block_nr max_dist;
-+ /* level for allocation, may be useful have branch-level and higher
-+ write-optimized. */
-+ tree_level level;
-+ /* block allocator assumes that blocks, which will be mapped to disk,
-+ are in this specified block_stage */
-+ block_stage_t block_stage;
-+ /* If direction = 1 allocate blocks in backward direction from the end
-+ * of disk to the beginning of disk. */
-+ unsigned int backward:1;
-+
-+};
-+
-+/* These flags control block allocation/deallocation behavior */
-+enum reiser4_ba_flags {
-+ /* do allocatations from reserved (5%) area */
-+ BA_RESERVED = (1 << 0),
-+
-+ /* block allocator can do commit trying to recover free space */
-+ BA_CAN_COMMIT = (1 << 1),
-+
-+ /* if operation will be applied to formatted block */
-+ BA_FORMATTED = (1 << 2),
-+
-+ /* defer actual block freeing until transaction commit */
-+ BA_DEFER = (1 << 3),
-+
-+ /* allocate blocks for permanent fs objects (formatted or unformatted), not
-+ wandered of log blocks */
-+ BA_PERMANENT = (1 << 4),
-+
-+ /* grab space even it was disabled */
-+ BA_FORCE = (1 << 5),
-+
-+ /* use default start value for free blocks search. */
-+ BA_USE_DEFAULT_SEARCH_START = (1 << 6)
-+};
-+
-+typedef enum reiser4_ba_flags reiser4_ba_flags_t;
-+
-+extern void blocknr_hint_init(reiser4_blocknr_hint * hint);
-+extern void blocknr_hint_done(reiser4_blocknr_hint * hint);
-+extern void update_blocknr_hint_default(const struct super_block *,
-+ const reiser4_block_nr *);
-+extern void get_blocknr_hint_default(reiser4_block_nr *);
-+
-+extern reiser4_block_nr reiser4_fs_reserved_space(struct super_block *super);
-+
-+int assign_fake_blocknr_formatted(reiser4_block_nr *);
-+reiser4_block_nr fake_blocknr_unformatted(int);
-+
-+/* free -> grabbed -> fake_allocated -> used */
-+
-+int reiser4_grab_space(__u64 count, reiser4_ba_flags_t flags);
-+void all_grabbed2free(void);
-+void grabbed2free(reiser4_context *, reiser4_super_info_data *, __u64 count);
-+void fake_allocated2free(__u64 count, reiser4_ba_flags_t flags);
-+void grabbed2flush_reserved_nolock(txn_atom * atom, __u64 count);
-+void grabbed2flush_reserved(__u64 count);
-+int reiser4_alloc_blocks(reiser4_blocknr_hint * hint,
-+ reiser4_block_nr * start,
-+ reiser4_block_nr * len, reiser4_ba_flags_t flags);
-+int reiser4_dealloc_blocks(const reiser4_block_nr *,
-+ const reiser4_block_nr *,
-+ block_stage_t, reiser4_ba_flags_t flags);
-+
-+static inline int reiser4_alloc_block(reiser4_blocknr_hint * hint,
-+ reiser4_block_nr * start,
-+ reiser4_ba_flags_t flags)
-+{
-+ reiser4_block_nr one = 1;
-+ return reiser4_alloc_blocks(hint, start, &one, flags);
-+}
-+
-+static inline int reiser4_dealloc_block(const reiser4_block_nr * block,
-+ block_stage_t stage,
-+ reiser4_ba_flags_t flags)
-+{
-+ const reiser4_block_nr one = 1;
-+ return reiser4_dealloc_blocks(block, &one, stage, flags);
-+}
-+
-+#define reiser4_grab_space_force(count, flags) \
-+ reiser4_grab_space(count, flags | BA_FORCE)
-+
-+extern void grabbed2free_mark(__u64 mark);
-+extern int reiser4_grab_reserved(struct super_block *,
-+ __u64, reiser4_ba_flags_t);
-+extern void reiser4_release_reserved(struct super_block *super);
-+
-+/* grabbed -> fake_allocated */
-+
-+/* fake_allocated -> used */
-+
-+/* used -> fake_allocated -> grabbed -> free */
-+
-+extern void flush_reserved2grabbed(txn_atom * atom, __u64 count);
-+
-+extern int blocknr_is_fake(const reiser4_block_nr * da);
-+
-+extern void grabbed2cluster_reserved(int count);
-+extern void cluster_reserved2grabbed(int count);
-+extern void cluster_reserved2free(int count);
-+
-+extern int check_block_counters(const struct super_block *);
-+
-+#if REISER4_DEBUG
-+
-+extern void reiser4_check_block(const reiser4_block_nr *, int);
-+
-+#else
-+
-+# define reiser4_check_block(beg, val) noop
-+
-+#endif
-+
-+extern int pre_commit_hook(void);
-+extern void post_commit_hook(void);
-+extern void post_write_back_hook(void);
-+
-+#endif /* __FS_REISER4_BLOCK_ALLOC_H__ */
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/blocknrset.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/blocknrset.c
-@@ -0,0 +1,368 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* This file contains code for various block number sets used by the atom to
-+ track the deleted set and wandered block mappings. */
-+
-+#include "debug.h"
-+#include "dformat.h"
-+#include "txnmgr.h"
-+#include "context.h"
-+
-+#include <linux/slab.h>
-+
-+/* The proposed data structure for storing unordered block number sets is a
-+ list of elements, each of which contains an array of block number or/and
-+ array of block number pairs. That element called blocknr_set_entry is used
-+ to store block numbers from the beginning and for extents from the end of
-+ the data field (char data[...]). The ->nr_blocks and ->nr_pairs fields
-+ count numbers of blocks and extents.
-+
-+ +------------------- blocknr_set_entry->data ------------------+
-+ |block1|block2| ... <free space> ... |pair3|pair2|pair1|
-+ +------------------------------------------------------------+
-+
-+ When current blocknr_set_entry is full, allocate a new one. */
-+
-+/* Usage examples: blocknr sets are used in reiser4 for storing atom's delete
-+ * set (single blocks and block extents), in that case blocknr pair represent an
-+ * extent; atom's wandered map is also stored as a blocknr set, blocknr pairs
-+ * there represent a (real block) -> (wandered block) mapping. */
-+
-+typedef struct blocknr_pair blocknr_pair;
-+
-+/* The total size of a blocknr_set_entry. */
-+#define BLOCKNR_SET_ENTRY_SIZE 128
-+
-+/* The number of blocks that can fit the blocknr data area. */
-+#define BLOCKNR_SET_ENTRIES_NUMBER \
-+ ((BLOCKNR_SET_ENTRY_SIZE - \
-+ 2 * sizeof (unsigned) - \
-+ sizeof(struct list_head)) / \
-+ sizeof(reiser4_block_nr))
-+
-+/* An entry of the blocknr_set */
-+struct blocknr_set_entry {
-+ unsigned nr_singles;
-+ unsigned nr_pairs;
-+ struct list_head link;
-+ reiser4_block_nr entries[BLOCKNR_SET_ENTRIES_NUMBER];
-+};
-+
-+/* A pair of blocks as recorded in the blocknr_set_entry data. */
-+struct blocknr_pair {
-+ reiser4_block_nr a;
-+ reiser4_block_nr b;
-+};
-+
-+/* Return the number of blocknr slots available in a blocknr_set_entry. */
-+/* Audited by: green(2002.06.11) */
-+static unsigned bse_avail(blocknr_set_entry * bse)
-+{
-+ unsigned used = bse->nr_singles + 2 * bse->nr_pairs;
-+
-+ assert("jmacd-5088", BLOCKNR_SET_ENTRIES_NUMBER >= used);
-+ cassert(sizeof(blocknr_set_entry) == BLOCKNR_SET_ENTRY_SIZE);
-+
-+ return BLOCKNR_SET_ENTRIES_NUMBER - used;
-+}
-+
-+/* Initialize a blocknr_set_entry. */
-+static void bse_init(blocknr_set_entry *bse)
-+{
-+ bse->nr_singles = 0;
-+ bse->nr_pairs = 0;
-+ INIT_LIST_HEAD(&bse->link);
-+}
-+
-+/* Allocate and initialize a blocknr_set_entry. */
-+/* Audited by: green(2002.06.11) */
-+static blocknr_set_entry *bse_alloc(void)
-+{
-+ blocknr_set_entry *e;
-+
-+ if ((e = (blocknr_set_entry *) kmalloc(sizeof(blocknr_set_entry),
-+ get_gfp_mask())) == NULL)
-+ return NULL;
-+
-+ bse_init(e);
-+
-+ return e;
-+}
-+
-+/* Free a blocknr_set_entry. */
-+/* Audited by: green(2002.06.11) */
-+static void bse_free(blocknr_set_entry * bse)
-+{
-+ kfree(bse);
-+}
-+
-+/* Add a block number to a blocknr_set_entry */
-+/* Audited by: green(2002.06.11) */
-+static void
-+bse_put_single(blocknr_set_entry * bse, const reiser4_block_nr * block)
-+{
-+ assert("jmacd-5099", bse_avail(bse) >= 1);
-+
-+ bse->entries[bse->nr_singles++] = *block;
-+}
-+
-+/* Get a pair of block numbers */
-+/* Audited by: green(2002.06.11) */
-+static inline blocknr_pair *bse_get_pair(blocknr_set_entry * bse, unsigned pno)
-+{
-+ assert("green-1", BLOCKNR_SET_ENTRIES_NUMBER >= 2 * (pno + 1));
-+
-+ return (blocknr_pair *) (bse->entries + BLOCKNR_SET_ENTRIES_NUMBER -
-+ 2 * (pno + 1));
-+}
-+
-+/* Add a pair of block numbers to a blocknr_set_entry */
-+/* Audited by: green(2002.06.11) */
-+static void
-+bse_put_pair(blocknr_set_entry * bse, const reiser4_block_nr * a,
-+ const reiser4_block_nr * b)
-+{
-+ blocknr_pair *pair;
-+
-+ assert("jmacd-5100", bse_avail(bse) >= 2 && a != NULL && b != NULL);
-+
-+ pair = bse_get_pair(bse, bse->nr_pairs++);
-+
-+ pair->a = *a;
-+ pair->b = *b;
-+}
-+
-+/* Add either a block or pair of blocks to the block number set. The first
-+ blocknr (@a) must be non-NULL. If @b is NULL a single blocknr is added, if
-+ @b is non-NULL a pair is added. The block number set belongs to atom, and
-+ the call is made with the atom lock held. There may not be enough space in
-+ the current blocknr_set_entry. If new_bsep points to a non-NULL
-+ blocknr_set_entry then it will be added to the blocknr_set and new_bsep
-+ will be set to NULL. If new_bsep contains NULL then the atom lock will be
-+ released and a new bse will be allocated in new_bsep. E_REPEAT will be
-+ returned with the atom unlocked for the operation to be tried again. If
-+ the operation succeeds, 0 is returned. If new_bsep is non-NULL and not
-+ used during the call, it will be freed automatically. */
-+static int blocknr_set_add(txn_atom *atom, blocknr_set *bset,
-+ blocknr_set_entry **new_bsep, const reiser4_block_nr *a,
-+ const reiser4_block_nr *b)
-+{
-+ blocknr_set_entry *bse;
-+ unsigned entries_needed;
-+
-+ assert("jmacd-5101", a != NULL);
-+
-+ entries_needed = (b == NULL) ? 1 : 2;
-+ if (list_empty(&bset->entries) ||
-+ bse_avail(list_entry(bset->entries.next, blocknr_set_entry, link)) < entries_needed) {
-+ /* See if a bse was previously allocated. */
-+ if (*new_bsep == NULL) {
-+ spin_unlock_atom(atom);
-+ *new_bsep = bse_alloc();
-+ return (*new_bsep != NULL) ? -E_REPEAT :
-+ RETERR(-ENOMEM);
-+ }
-+
-+ /* Put it on the head of the list. */
-+ list_add(&((*new_bsep)->link), &bset->entries);
-+
-+ *new_bsep = NULL;
-+ }
-+
-+ /* Add the single or pair. */
-+ bse = list_entry(bset->entries.next, blocknr_set_entry, link);
-+ if (b == NULL) {
-+ bse_put_single(bse, a);
-+ } else {
-+ bse_put_pair(bse, a, b);
-+ }
-+
-+ /* If new_bsep is non-NULL then there was an allocation race, free this copy. */
-+ if (*new_bsep != NULL) {
-+ bse_free(*new_bsep);
-+ *new_bsep = NULL;
-+ }
-+
-+ return 0;
-+}
-+
-+/* Add an extent to the block set. If the length is 1, it is treated as a
-+ single block (e.g., reiser4_set_add_block). */
-+/* Audited by: green(2002.06.11) */
-+/* Auditor note: Entire call chain cannot hold any spinlocks, because
-+ kmalloc might schedule. The only exception is atom spinlock, which is
-+ properly freed. */
-+int
-+blocknr_set_add_extent(txn_atom * atom,
-+ blocknr_set * bset,
-+ blocknr_set_entry ** new_bsep,
-+ const reiser4_block_nr * start,
-+ const reiser4_block_nr * len)
-+{
-+ assert("jmacd-5102", start != NULL && len != NULL && *len > 0);
-+ return blocknr_set_add(atom, bset, new_bsep, start,
-+ *len == 1 ? NULL : len);
-+}
-+
-+/* Add a block pair to the block set. It adds exactly a pair, which is checked
-+ * by an assertion that both arguments are not null.*/
-+/* Audited by: green(2002.06.11) */
-+/* Auditor note: Entire call chain cannot hold any spinlocks, because
-+ kmalloc might schedule. The only exception is atom spinlock, which is
-+ properly freed. */
-+int
-+blocknr_set_add_pair(txn_atom * atom,
-+ blocknr_set * bset,
-+ blocknr_set_entry ** new_bsep, const reiser4_block_nr * a,
-+ const reiser4_block_nr * b)
-+{
-+ assert("jmacd-5103", a != NULL && b != NULL);
-+ return blocknr_set_add(atom, bset, new_bsep, a, b);
-+}
-+
-+/* Initialize a blocknr_set. */
-+void blocknr_set_init(blocknr_set *bset)
-+{
-+ INIT_LIST_HEAD(&bset->entries);
-+}
-+
-+/* Release the entries of a blocknr_set. */
-+void blocknr_set_destroy(blocknr_set *bset)
-+{
-+ blocknr_set_entry *bse;
-+
-+ while (!list_empty_careful(&bset->entries)) {
-+ bse = list_entry(bset->entries.next, blocknr_set_entry, link);
-+ list_del_init(&bse->link);
-+ bse_free(bse);
-+ }
-+}
-+
-+/* Merge blocknr_set entries out of @from into @into. */
-+/* Audited by: green(2002.06.11) */
-+/* Auditor comments: This merge does not know if merged sets contain
-+ blocks pairs (As for wandered sets) or extents, so it cannot really merge
-+ overlapping ranges if there is some. So I believe it may lead to
-+ some blocks being presented several times in one blocknr_set. To help
-+ debugging such problems it might help to check for duplicate entries on
-+ actual processing of this set. Testing this kind of stuff right here is
-+ also complicated by the fact that these sets are not sorted and going
-+ through whole set on each element addition is going to be CPU-heavy task */
-+void blocknr_set_merge(blocknr_set * from, blocknr_set * into)
-+{
-+ blocknr_set_entry *bse_into = NULL;
-+
-+ /* If @from is empty, no work to perform. */
-+ if (list_empty_careful(&from->entries)) {
-+ return;
-+ }
-+
-+ /* If @into is not empty, try merging partial-entries. */
-+ if (!list_empty_careful(&into->entries)) {
-+
-+ /* Neither set is empty, pop the front to members and try to combine them. */
-+ blocknr_set_entry *bse_from;
-+ unsigned into_avail;
-+
-+ bse_into = list_entry(into->entries.next, blocknr_set_entry, link);
-+ list_del_init(&bse_into->link);
-+ bse_from = list_entry(from->entries.next, blocknr_set_entry, link);
-+ list_del_init(&bse_from->link);
-+
-+ /* Combine singles. */
-+ for (into_avail = bse_avail(bse_into);
-+ into_avail != 0 && bse_from->nr_singles != 0;
-+ into_avail -= 1) {
-+ bse_put_single(bse_into,
-+ &bse_from->entries[--bse_from->
-+ nr_singles]);
-+ }
-+
-+ /* Combine pairs. */
-+ for (; into_avail > 1 && bse_from->nr_pairs != 0;
-+ into_avail -= 2) {
-+ blocknr_pair *pair =
-+ bse_get_pair(bse_from, --bse_from->nr_pairs);
-+ bse_put_pair(bse_into, &pair->a, &pair->b);
-+ }
-+
-+ /* If bse_from is empty, delete it now. */
-+ if (bse_avail(bse_from) == BLOCKNR_SET_ENTRIES_NUMBER) {
-+ bse_free(bse_from);
-+ } else {
-+ /* Otherwise, bse_into is full or nearly full (e.g.,
-+ it could have one slot avail and bse_from has one
-+ pair left). Push it back onto the list. bse_from
-+ becomes bse_into, which will be the new partial. */
-+ list_add(&bse_into->link, &into->entries);
-+ bse_into = bse_from;
-+ }
-+ }
-+
-+ /* Splice lists together. */
-+ list_splice_init(&from->entries, into->entries.prev);
-+
-+ /* Add the partial entry back to the head of the list. */
-+ if (bse_into != NULL) {
-+ list_add(&bse_into->link, &into->entries);
-+ }
-+}
-+
-+/* Iterate over all blocknr set elements. */
-+int blocknr_set_iterator(txn_atom *atom, blocknr_set *bset,
-+ blocknr_set_actor_f actor, void *data, int delete)
-+{
-+
-+ blocknr_set_entry *entry;
-+
-+ assert("zam-429", atom != NULL);
-+ assert("zam-430", atom_is_protected(atom));
-+ assert("zam-431", bset != 0);
-+ assert("zam-432", actor != NULL);
-+
-+ entry = list_entry(bset->entries.next, blocknr_set_entry, link);
-+ while (&bset->entries != &entry->link) {
-+ blocknr_set_entry *tmp = list_entry(entry->link.next, blocknr_set_entry, link);
-+ unsigned int i;
-+ int ret;
-+
-+ for (i = 0; i < entry->nr_singles; i++) {
-+ ret = actor(atom, &entry->entries[i], NULL, data);
-+
-+ /* We can't break a loop if delete flag is set. */
-+ if (ret != 0 && !delete)
-+ return ret;
-+ }
-+
-+ for (i = 0; i < entry->nr_pairs; i++) {
-+ struct blocknr_pair *ab;
-+
-+ ab = bse_get_pair(entry, i);
-+
-+ ret = actor(atom, &ab->a, &ab->b, data);
-+
-+ if (ret != 0 && !delete)
-+ return ret;
-+ }
-+
-+ if (delete) {
-+ list_del(&entry->link);
-+ bse_free(entry);
-+ }
-+
-+ entry = tmp;
-+ }
-+
-+ return 0;
-+}
-+
-+/*
-+ * Local variables:
-+ * c-indentation-style: "K&R"
-+ * mode-name: "LC"
-+ * c-basic-offset: 8
-+ * tab-width: 8
-+ * fill-column: 79
-+ * scroll-step: 1
-+ * End:
-+ */
-Index: linux-2.6.16/fs/reiser4/carry.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/carry.c
-@@ -0,0 +1,1381 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+/* Functions to "carry" tree modification(s) upward. */
-+/* Tree is modified one level at a time. As we modify a level we accumulate a
-+ set of changes that need to be propagated to the next level. We manage
-+ node locking such that any searches that collide with carrying are
-+ restarted, from the root if necessary.
-+
-+ Insertion of a new item may result in items being moved among nodes and
-+ this requires the delimiting key to be updated at the least common parent
-+ of the nodes modified to preserve search tree invariants. Also, insertion
-+ may require allocation of a new node. A pointer to the new node has to be
-+ inserted into some node on the parent level, etc.
-+
-+ Tree carrying is meant to be analogous to arithmetic carrying.
-+
-+ A carry operation is always associated with some node (&carry_node).
-+
-+ Carry process starts with some initial set of operations to be performed
-+ and an initial set of already locked nodes. Operations are performed one
-+ by one. Performing each single operation has following possible effects:
-+
-+ - content of carry node associated with operation is modified
-+ - new carry nodes are locked and involved into carry process on this level
-+ - new carry operations are posted to the next level
-+
-+ After all carry operations on this level are done, process is repeated for
-+ the accumulated sequence on carry operations for the next level. This
-+ starts by trying to lock (in left to right order) all carry nodes
-+ associated with carry operations on the parent level. After this, we decide
-+ whether more nodes are required on the left of already locked set. If so,
-+ all locks taken on the parent level are released, new carry nodes are
-+ added, and locking process repeats.
-+
-+ It may happen that balancing process fails owing to unrecoverable error on
-+ some of upper levels of a tree (possible causes are io error, failure to
-+ allocate new node, etc.). In this case we should unmount the filesystem,
-+ rebooting if it is the root, and possibly advise the use of fsck.
-+
-+ USAGE:
-+
-+ int some_tree_operation( znode *node, ... )
-+ {
-+ // Allocate on a stack pool of carry objects: operations and nodes.
-+ // Most carry processes will only take objects from here, without
-+ // dynamic allocation.
-+
-+I feel uneasy about this pool. It adds to code complexity, I understand why it exists, but.... -Hans
-+
-+ carry_pool pool;
-+ carry_level lowest_level;
-+ carry_op *op;
-+
-+ init_carry_pool( &pool );
-+ init_carry_level( &lowest_level, &pool );
-+
-+ // operation may be one of:
-+ // COP_INSERT --- insert new item into node
-+ // COP_CUT --- remove part of or whole node
-+ // COP_PASTE --- increase size of item
-+ // COP_DELETE --- delete pointer from parent node
-+ // COP_UPDATE --- update delimiting key in least
-+ // common ancestor of two
-+
-+ op = post_carry( &lowest_level, operation, node, 0 );
-+ if( IS_ERR( op ) || ( op == NULL ) ) {
-+ handle error
-+ } else {
-+ // fill in remaining fields in @op, according to carry.h:carry_op
-+ result = carry( &lowest_level, NULL );
-+ }
-+ done_carry_pool( &pool );
-+ }
-+
-+ When you are implementing node plugin method that participates in carry
-+ (shifting, insertion, deletion, etc.), do the following:
-+
-+ int foo_node_method( znode *node, ..., carry_level *todo )
-+ {
-+ carry_op *op;
-+
-+ ....
-+
-+ // note, that last argument to post_carry() is non-null
-+ // here, because @op is to be applied to the parent of @node, rather
-+ // than to the @node itself as in the previous case.
-+
-+ op = node_post_carry( todo, operation, node, 1 );
-+ // fill in remaining fields in @op, according to carry.h:carry_op
-+
-+ ....
-+
-+ }
-+
-+ BATCHING:
-+
-+ One of the main advantages of level-by-level balancing implemented here is
-+ ability to batch updates on a parent level and to peform them more
-+ efficiently as a result.
-+
-+ Description To Be Done (TBD).
-+
-+ DIFFICULTIES AND SUBTLE POINTS:
-+
-+ 1. complex plumbing is required, because:
-+
-+ a. effective allocation through pools is needed
-+
-+ b. target of operation is not exactly known when operation is
-+ posted. This is worked around through bitfields in &carry_node and
-+ logic in lock_carry_node()
-+
-+ c. of interaction with locking code: node should be added into sibling
-+ list when pointer to it is inserted into its parent, which is some time
-+ after node was created. Between these moments, node is somewhat in
-+ suspended state and is only registered in the carry lists
-+
-+ 2. whole balancing logic is implemented here, in particular, insertion
-+ logic is coded in make_space().
-+
-+ 3. special cases like insertion (add_tree_root()) or deletion
-+ (kill_tree_root()) of tree root and morphing of paste into insert
-+ (insert_paste()) have to be handled.
-+
-+ 4. there is non-trivial interdependency between allocation of new nodes
-+ and almost everything else. This is mainly due to the (1.c) above. I shall
-+ write about this later.
-+
-+*/
-+
-+#include "forward.h"
-+#include "debug.h"
-+#include "key.h"
-+#include "coord.h"
-+#include "plugin/item/item.h"
-+#include "plugin/item/extent.h"
-+#include "plugin/node/node.h"
-+#include "jnode.h"
-+#include "znode.h"
-+#include "tree_mod.h"
-+#include "tree_walk.h"
-+#include "block_alloc.h"
-+#include "pool.h"
-+#include "tree.h"
-+#include "carry.h"
-+#include "carry_ops.h"
-+#include "super.h"
-+#include "reiser4.h"
-+
-+#include <linux/types.h>
-+
-+/* level locking/unlocking */
-+static int lock_carry_level(carry_level * level);
-+static void unlock_carry_level(carry_level * level, int failure);
-+static void done_carry_level(carry_level * level);
-+static void unlock_carry_node(carry_level * level, carry_node * node, int fail);
-+
-+int lock_carry_node(carry_level * level, carry_node * node);
-+int lock_carry_node_tail(carry_node * node);
-+
-+/* carry processing proper */
-+static int carry_on_level(carry_level * doing, carry_level * todo);
-+
-+static carry_op *add_op(carry_level * level, pool_ordering order,
-+ carry_op * reference);
-+
-+/* handlers for carry operations. */
-+
-+static void fatal_carry_error(carry_level * doing, int ecode);
-+static int add_new_root(carry_level * level, carry_node * node, znode * fake);
-+
-+
-+static void print_level(const char *prefix, carry_level * level);
-+
-+#if REISER4_DEBUG
-+typedef enum {
-+ CARRY_TODO,
-+ CARRY_DOING
-+} carry_queue_state;
-+static int carry_level_invariant(carry_level * level, carry_queue_state state);
-+#endif
-+
-+/* main entry point for tree balancing.
-+
-+ Tree carry performs operations from @doing and while doing so accumulates
-+ information about operations to be performed on the next level ("carried"
-+ to the parent level). Carried operations are performed, causing possibly
-+ more operations to be carried upward etc. carry() takes care about
-+ locking and pinning znodes while operating on them.
-+
-+ For usage, see comment at the top of fs/reiser4/carry.c
-+
-+*/
-+int carry(carry_level * doing /* set of carry operations to be performed */ ,
-+ carry_level * done /* set of nodes, already performed at the
-+ * previous level. NULL in most cases */ )
-+{
-+ int result = 0;
-+ /* queue of new requests */
-+ carry_level *todo;
-+ ON_DEBUG(STORE_COUNTERS);
-+
-+ assert("nikita-888", doing != NULL);
-+ BUG_ON(done != NULL);
-+
-+ todo = doing + 1;
-+ init_carry_level(todo, doing->pool);
-+
-+ /* queue of requests preformed on the previous level */
-+ done = todo + 1;
-+ init_carry_level(done, doing->pool);
-+
-+ /* iterate until there is nothing more to do */
-+ while (result == 0 && doing->ops_num > 0) {
-+ carry_level *tmp;
-+
-+ /* at this point @done is locked. */
-+ /* repeat lock/do/unlock while
-+
-+ (1) lock_carry_level() fails due to deadlock avoidance, or
-+
-+ (2) carry_on_level() decides that more nodes have to
-+ be involved.
-+
-+ (3) some unexpected error occurred while balancing on the
-+ upper levels. In this case all changes are rolled back.
-+
-+ */
-+ while (1) {
-+ result = lock_carry_level(doing);
-+ if (result == 0) {
-+ /* perform operations from @doing and
-+ accumulate new requests in @todo */
-+ result = carry_on_level(doing, todo);
-+ if (result == 0)
-+ break;
-+ else if (result != -E_REPEAT ||
-+ !doing->restartable) {
-+ warning("nikita-1043",
-+ "Fatal error during carry: %i",
-+ result);
-+ print_level("done", done);
-+ print_level("doing", doing);
-+ print_level("todo", todo);
-+ /* do some rough stuff like aborting
-+ all pending transcrashes and thus
-+ pushing tree back to the consistent
-+ state. Alternatvely, just panic.
-+ */
-+ fatal_carry_error(doing, result);
-+ return result;
-+ }
-+ } else if (result != -E_REPEAT) {
-+ fatal_carry_error(doing, result);
-+ return result;
-+ }
-+ unlock_carry_level(doing, 1);
-+ }
-+ /* at this point @done can be safely unlocked */
-+ done_carry_level(done);
-+
-+ /* cyclically shift queues */
-+ tmp = done;
-+ done = doing;
-+ doing = todo;
-+ todo = tmp;
-+ init_carry_level(todo, doing->pool);
-+
-+ /* give other threads chance to run */
-+ preempt_point();
-+ }
-+ done_carry_level(done);
-+
-+ /* all counters, but x_refs should remain the same. x_refs can change
-+ owing to transaction manager */
-+ ON_DEBUG(CHECK_COUNTERS);
-+ return result;
-+}
-+
-+/* perform carry operations on given level.
-+
-+ Optimizations proposed by pooh:
-+
-+ (1) don't lock all nodes from queue at the same time. Lock nodes lazily as
-+ required;
-+
-+ (2) unlock node if there are no more operations to be performed upon it and
-+ node didn't add any operation to @todo. This can be implemented by
-+ attaching to each node two counters: counter of operaions working on this
-+ node and counter and operations carried upward from this node.
-+
-+*/
-+static int carry_on_level(carry_level * doing /* queue of carry operations to
-+ * do on this level */ ,
-+ carry_level * todo /* queue where new carry
-+ * operations to be performed on
-+ * the * parent level are
-+ * accumulated during @doing
-+ * processing. */ )
-+{
-+ int result;
-+ int (*f) (carry_op *, carry_level *, carry_level *);
-+ carry_op *op;
-+ carry_op *tmp_op;
-+
-+ assert("nikita-1034", doing != NULL);
-+ assert("nikita-1035", todo != NULL);
-+
-+ /* @doing->nodes are locked. */
-+
-+ /* This function can be split into two phases: analysis and modification.
-+
-+ Analysis calculates precisely what items should be moved between
-+ nodes. This information is gathered in some structures attached to
-+ each carry_node in a @doing queue. Analysis also determines whether
-+ new nodes are to be allocated etc.
-+
-+ After analysis is completed, actual modification is performed. Here
-+ we can take advantage of "batch modification": if there are several
-+ operations acting on the same node, modifications can be performed
-+ more efficiently when batched together.
-+
-+ Above is an optimization left for the future.
-+ */
-+ /* Important, but delayed optimization: it's possible to batch
-+ operations together and perform them more efficiently as a
-+ result. For example, deletion of several neighboring items from a
-+ node can be converted to a single ->cut() operation.
-+
-+ Before processing queue, it should be scanned and "mergeable"
-+ operations merged.
-+ */
-+ result = 0;
-+ for_all_ops(doing, op, tmp_op) {
-+ carry_opcode opcode;
-+
-+ assert("nikita-1041", op != NULL);
-+ opcode = op->op;
-+ assert("nikita-1042", op->op < COP_LAST_OP);
-+ f = op_dispatch_table[op->op].handler;
-+ result = f(op, doing, todo);
-+ /* locking can fail with -E_REPEAT. Any different error is fatal
-+ and will be handled by fatal_carry_error() sledgehammer.
-+ */
-+ if (result != 0)
-+ break;
-+ }
-+ if (result == 0) {
-+ carry_plugin_info info;
-+ carry_node *scan;
-+ carry_node *tmp_scan;
-+
-+ info.doing = doing;
-+ info.todo = todo;
-+
-+ assert("nikita-3002",
-+ carry_level_invariant(doing, CARRY_DOING));
-+ for_all_nodes(doing, scan, tmp_scan) {
-+ znode *node;
-+
-+ node = carry_real(scan);
-+ assert("nikita-2547", node != NULL);
-+ if (node_is_empty(node)) {
-+ result =
-+ node_plugin_by_node(node)->
-+ prepare_removal(node, &info);
-+ if (result != 0)
-+ break;
-+ }
-+ }
-+ }
-+ return result;
-+}
-+
-+/* post carry operation
-+
-+ This is main function used by external carry clients: node layout plugins
-+ and tree operations to create new carry operation to be performed on some
-+ level.
-+
-+ New operation will be included in the @level queue. To actually perform it,
-+ call carry( level, ... ). This function takes write lock on @node. Carry
-+ manages all its locks by itself, don't worry about this.
-+
-+ This function adds operation and node at the end of the queue. It is up to
-+ caller to guarantee proper ordering of node queue.
-+
-+*/
-+carry_op *post_carry(carry_level * level /* queue where new operation is to
-+ * be posted at */ ,
-+ carry_opcode op /* opcode of operation */ ,
-+ znode * node /* node on which this operation
-+ * will operate */ ,
-+ int apply_to_parent_p /* whether operation will operate
-+ * directly on @node or on it
-+ * parent. */ )
-+{
-+ carry_op *result;
-+ carry_node *child;
-+
-+ assert("nikita-1046", level != NULL);
-+ assert("nikita-1788", znode_is_write_locked(node));
-+
-+ result = add_op(level, POOLO_LAST, NULL);
-+ if (IS_ERR(result))
-+ return result;
-+ child = add_carry(level, POOLO_LAST, NULL);
-+ if (IS_ERR(child)) {
-+ reiser4_pool_free(&level->pool->op_pool, &result->header);
-+ return (carry_op *) child;
-+ }
-+ result->node = child;
-+ result->op = op;
-+ child->parent = apply_to_parent_p;
-+ if (ZF_ISSET(node, JNODE_ORPHAN))
-+ child->left_before = 1;
-+ child->node = node;
-+ return result;
-+}
-+
-+/* initialize carry queue */
-+void init_carry_level(carry_level * level /* level to initialize */ ,
-+ carry_pool * pool /* pool @level will allocate objects
-+ * from */ )
-+{
-+ assert("nikita-1045", level != NULL);
-+ assert("nikita-967", pool != NULL);
-+
-+ memset(level, 0, sizeof *level);
-+ level->pool = pool;
-+
-+ INIT_LIST_HEAD(&level->nodes);
-+ INIT_LIST_HEAD(&level->ops);
-+}
-+
-+/* allocate carry pool and initialize pools within queue */
-+carry_pool *init_carry_pool(int size)
-+{
-+ carry_pool *pool;
-+
-+ assert("", size >= sizeof(carry_pool) + 3 * sizeof(carry_level));
-+ pool = kmalloc(size, get_gfp_mask());
-+ if (pool == NULL)
-+ return ERR_PTR(RETERR(-ENOMEM));
-+
-+ reiser4_init_pool(&pool->op_pool, sizeof(carry_op), CARRIES_POOL_SIZE,
-+ (char *)pool->op);
-+ reiser4_init_pool(&pool->node_pool, sizeof(carry_node),
-+ NODES_LOCKED_POOL_SIZE, (char *)pool->node);
-+ return pool;
-+}
-+
-+/* finish with queue pools */
-+void done_carry_pool(carry_pool * pool /* pool to destroy */ )
-+{
-+ reiser4_done_pool(&pool->op_pool);
-+ reiser4_done_pool(&pool->node_pool);
-+ kfree(pool);
-+}
-+
-+/* add new carry node to the @level.
-+
-+ Returns pointer to the new carry node allocated from pool. It's up to
-+ callers to maintain proper order in the @level. Assumption is that if carry
-+ nodes on one level are already sorted and modifications are peroformed from
-+ left to right, carry nodes added on the parent level will be ordered
-+ automatically. To control ordering use @order and @reference parameters.
-+
-+*/
-+carry_node *add_carry_skip(carry_level * level /* &carry_level to add node
-+ * to */ ,
-+ pool_ordering order /* where to insert: at the
-+ * beginning of @level,
-+ * before @reference, after
-+ * @reference, at the end
-+ * of @level */ ,
-+ carry_node * reference /* reference node for
-+ * insertion */ )
-+{
-+ ON_DEBUG(carry_node * orig_ref = reference);
-+
-+ if (order == POOLO_BEFORE) {
-+ reference = find_left_carry(reference, level);
-+ if (reference == NULL)
-+ reference = list_entry(level->nodes.next, carry_node,
-+ header.level_linkage);
-+ else
-+ reference = list_entry(reference->header.level_linkage.next,
-+ carry_node, header.level_linkage);
-+ } else if (order == POOLO_AFTER) {
-+ reference = find_right_carry(reference, level);
-+ if (reference == NULL)
-+ reference = list_entry(level->nodes.prev, carry_node,
-+ header.level_linkage);
-+ else
-+ reference = list_entry(reference->header.level_linkage.prev,
-+ carry_node, header.level_linkage);
-+ }
-+ assert("nikita-2209",
-+ ergo(orig_ref != NULL,
-+ carry_real(reference) == carry_real(orig_ref)));
-+ return add_carry(level, order, reference);
-+}
-+
-+carry_node *add_carry(carry_level * level /* &carry_level to add node
-+ * to */ ,
-+ pool_ordering order /* where to insert: at the
-+ * beginning of @level, before
-+ * @reference, after @reference,
-+ * at the end of @level */ ,
-+ carry_node * reference /* reference node for
-+ * insertion */ )
-+{
-+ carry_node *result;
-+
-+ result =
-+ (carry_node *) add_obj(&level->pool->node_pool, &level->nodes,
-+ order, &reference->header);
-+ if (!IS_ERR(result) && (result != NULL))
-+ ++level->nodes_num;
-+ return result;
-+}
-+
-+/* add new carry operation to the @level.
-+
-+ Returns pointer to the new carry operations allocated from pool. It's up to
-+ callers to maintain proper order in the @level. To control ordering use
-+ @order and @reference parameters.
-+
-+*/
-+static carry_op *add_op(carry_level * level /* &carry_level to add node to */ ,
-+ pool_ordering order /* where to insert: at the beginning of
-+ * @level, before @reference, after
-+ * @reference, at the end of @level */ ,
-+ carry_op *
-+ reference /* reference node for insertion */ )
-+{
-+ carry_op *result;
-+
-+ result =
-+ (carry_op *) add_obj(&level->pool->op_pool, &level->ops, order,
-+ &reference->header);
-+ if (!IS_ERR(result) && (result != NULL))
-+ ++level->ops_num;
-+ return result;
-+}
-+
-+/* Return node on the right of which @node was created.
-+
-+ Each node is created on the right of some existing node (or it is new root,
-+ which is special case not handled here).
-+
-+ @node is new node created on some level, but not yet inserted into its
-+ parent, it has corresponding bit (JNODE_ORPHAN) set in zstate.
-+
-+*/
-+static carry_node *find_begetting_brother(carry_node * node /* node to start search
-+ * from */ ,
-+ carry_level * kin UNUSED_ARG /* level to
-+ * scan */ )
-+{
-+ carry_node *scan;
-+
-+ assert("nikita-1614", node != NULL);
-+ assert("nikita-1615", kin != NULL);
-+ assert("nikita-1616", LOCK_CNT_GTZ(rw_locked_tree));
-+ assert("nikita-1619", ergo(carry_real(node) != NULL,
-+ ZF_ISSET(carry_real(node), JNODE_ORPHAN)));
-+
-+ for (scan = node;;
-+ scan = list_entry(scan->header.level_linkage.prev, carry_node,
-+ header.level_linkage)) {
-+ assert("nikita-1617", &kin->nodes != &scan->header.level_linkage);
-+ if ((scan->node != node->node) &&
-+ !ZF_ISSET(scan->node, JNODE_ORPHAN)) {
-+ assert("nikita-1618", carry_real(scan) != NULL);
-+ break;
-+ }
-+ }
-+ return scan;
-+}
-+
-+static cmp_t
-+carry_node_cmp(carry_level * level, carry_node * n1, carry_node * n2)
-+{
-+ assert("nikita-2199", n1 != NULL);
-+ assert("nikita-2200", n2 != NULL);
-+
-+ if (n1 == n2)
-+ return EQUAL_TO;
-+ while (1) {
-+ n1 = carry_node_next(n1);
-+ if (carry_node_end(level, n1))
-+ return GREATER_THAN;
-+ if (n1 == n2)
-+ return LESS_THAN;
-+ }
-+ impossible("nikita-2201", "End of level reached");
-+}
-+
-+carry_node *find_carry_node(carry_level * level, const znode * node)
-+{
-+ carry_node *scan;
-+ carry_node *tmp_scan;
-+
-+ assert("nikita-2202", level != NULL);
-+ assert("nikita-2203", node != NULL);
-+
-+ for_all_nodes(level, scan, tmp_scan) {
-+ if (carry_real(scan) == node)
-+ return scan;
-+ }
-+ return NULL;
-+}
-+
-+znode *carry_real(const carry_node * node)
-+{
-+ assert("nikita-3061", node != NULL);
-+
-+ return node->lock_handle.node;
-+}
-+
-+carry_node *insert_carry_node(carry_level * doing, carry_level * todo,
-+ const znode * node)
-+{
-+ carry_node *base;
-+ carry_node *scan;
-+ carry_node *tmp_scan;
-+ carry_node *proj;
-+
-+ base = find_carry_node(doing, node);
-+ assert("nikita-2204", base != NULL);
-+
-+ for_all_nodes(todo, scan, tmp_scan) {
-+ proj = find_carry_node(doing, scan->node);
-+ assert("nikita-2205", proj != NULL);
-+ if (carry_node_cmp(doing, proj, base) != LESS_THAN)
-+ break;
-+ }
-+ return scan;
-+}
-+
-+static carry_node *add_carry_atplace(carry_level * doing, carry_level * todo,
-+ znode * node)
-+{
-+ carry_node *reference;
-+
-+ assert("nikita-2994", doing != NULL);
-+ assert("nikita-2995", todo != NULL);
-+ assert("nikita-2996", node != NULL);
-+
-+ reference = insert_carry_node(doing, todo, node);
-+ assert("nikita-2997", reference != NULL);
-+
-+ return add_carry(todo, POOLO_BEFORE, reference);
-+}
-+
-+/* like post_carry(), but designed to be called from node plugin methods.
-+ This function is different from post_carry() in that it finds proper place
-+ to insert node in the queue. */
-+carry_op *node_post_carry(carry_plugin_info * info /* carry parameters
-+ * passed down to node
-+ * plugin */ ,
-+ carry_opcode op /* opcode of operation */ ,
-+ znode * node /* node on which this
-+ * operation will operate */ ,
-+ int apply_to_parent_p /* whether operation will
-+ * operate directly on @node
-+ * or on it parent. */ )
-+{
-+ carry_op *result;
-+ carry_node *child;
-+
-+ assert("nikita-2207", info != NULL);
-+ assert("nikita-2208", info->todo != NULL);
-+
-+ if (info->doing == NULL)
-+ return post_carry(info->todo, op, node, apply_to_parent_p);
-+
-+ result = add_op(info->todo, POOLO_LAST, NULL);
-+ if (IS_ERR(result))
-+ return result;
-+ child = add_carry_atplace(info->doing, info->todo, node);
-+ if (IS_ERR(child)) {
-+ reiser4_pool_free(&info->todo->pool->op_pool, &result->header);
-+ return (carry_op *) child;
-+ }
-+ result->node = child;
-+ result->op = op;
-+ child->parent = apply_to_parent_p;
-+ if (ZF_ISSET(node, JNODE_ORPHAN))
-+ child->left_before = 1;
-+ child->node = node;
-+ return result;
-+}
-+
-+/* lock all carry nodes in @level */
-+static int lock_carry_level(carry_level * level /* level to lock */ )
-+{
-+ int result;
-+ carry_node *node;
-+ carry_node *tmp_node;
-+
-+ assert("nikita-881", level != NULL);
-+ assert("nikita-2229", carry_level_invariant(level, CARRY_TODO));
-+
-+ /* lock nodes from left to right */
-+ result = 0;
-+ for_all_nodes(level, node, tmp_node) {
-+ result = lock_carry_node(level, node);
-+ if (result != 0)
-+ break;
-+ }
-+ return result;
-+}
-+
-+/* Synchronize delimiting keys between @node and its left neighbor.
-+
-+ To reduce contention on dk key and simplify carry code, we synchronize
-+ delimiting keys only when carry ultimately leaves tree level (carrying
-+ changes upward) and unlocks nodes at this level.
-+
-+ This function first finds left neighbor of @node and then updates left
-+ neighbor's right delimiting key to conincide with least key in @node.
-+
-+*/
-+
-+ON_DEBUG(extern atomic_t delim_key_version;
-+ )
-+
-+static void sync_dkeys(znode * spot /* node to update */ )
-+{
-+ reiser4_key pivot;
-+ reiser4_tree *tree;
-+
-+ assert("nikita-1610", spot != NULL);
-+ assert("nikita-1612", LOCK_CNT_NIL(rw_locked_dk));
-+
-+ tree = znode_get_tree(spot);
-+ read_lock_tree(tree);
-+ write_lock_dk(tree);
-+
-+ assert("nikita-2192", znode_is_loaded(spot));
-+
-+ /* sync left delimiting key of @spot with key in its leftmost item */
-+ if (node_is_empty(spot))
-+ pivot = *znode_get_rd_key(spot);
-+ else
-+ leftmost_key_in_node(spot, &pivot);
-+
-+ znode_set_ld_key(spot, &pivot);
-+
-+ /* there can be sequence of empty nodes pending removal on the left of
-+ @spot. Scan them and update their left and right delimiting keys to
-+ match left delimiting key of @spot. Also, update right delimiting
-+ key of first non-empty left neighbor.
-+ */
-+ while (1) {
-+ if (!ZF_ISSET(spot, JNODE_LEFT_CONNECTED))
-+ break;
-+
-+ spot = spot->left;
-+ if (spot == NULL)
-+ break;
-+
-+ znode_set_rd_key(spot, &pivot);
-+ /* don't sink into the domain of another balancing */
-+ if (!znode_is_write_locked(spot))
-+ break;
-+ if (ZF_ISSET(spot, JNODE_HEARD_BANSHEE))
-+ znode_set_ld_key(spot, &pivot);
-+ else
-+ break;
-+ }
-+
-+ write_unlock_dk(tree);
-+ read_unlock_tree(tree);
-+}
-+
-+/* unlock all carry nodes in @level */
-+static void unlock_carry_level(carry_level * level /* level to unlock */ ,
-+ int failure /* true if unlocking owing to
-+ * failure */ )
-+{
-+ carry_node *node;
-+ carry_node *tmp_node;
-+
-+ assert("nikita-889", level != NULL);
-+
-+ if (!failure) {
-+ znode *spot;
-+
-+ spot = NULL;
-+ /* update delimiting keys */
-+ for_all_nodes(level, node, tmp_node) {
-+ if (carry_real(node) != spot) {
-+ spot = carry_real(node);
-+ sync_dkeys(spot);
-+ }
-+ }
-+ }
-+
-+ /* nodes can be unlocked in arbitrary order. In preemptible
-+ environment it's better to unlock in reverse order of locking,
-+ though.
-+ */
-+ for_all_nodes_back(level, node, tmp_node) {
-+ /* all allocated nodes should be already linked to their
-+ parents at this moment. */
-+ assert("nikita-1631", ergo(!failure, !ZF_ISSET(carry_real(node),
-+ JNODE_ORPHAN)));
-+ ON_DEBUG(check_dkeys(carry_real(node)));
-+ unlock_carry_node(level, node, failure);
-+ }
-+ level->new_root = NULL;
-+}
-+
-+/* finish with @level
-+
-+ Unlock nodes and release all allocated resources */
-+static void done_carry_level(carry_level * level /* level to finish */ )
-+{
-+ carry_node *node;
-+ carry_node *tmp_node;
-+ carry_op *op;
-+ carry_op *tmp_op;
-+
-+ assert("nikita-1076", level != NULL);
-+
-+ unlock_carry_level(level, 0);
-+ for_all_nodes(level, node, tmp_node) {
-+ assert("nikita-2113", list_empty_careful(&node->lock_handle.locks_link));
-+ assert("nikita-2114", list_empty_careful(&node->lock_handle.owners_link));
-+ reiser4_pool_free(&level->pool->node_pool, &node->header);
-+ }
-+ for_all_ops(level, op, tmp_op)
-+ reiser4_pool_free(&level->pool->op_pool, &op->header);
-+}
-+
-+/* helper function to complete locking of carry node
-+
-+ Finish locking of carry node. There are several ways in which new carry
-+ node can be added into carry level and locked. Normal is through
-+ lock_carry_node(), but also from find_{left|right}_neighbor(). This
-+ function factors out common final part of all locking scenarios. It
-+ supposes that @node -> lock_handle is lock handle for lock just taken and
-+ fills ->real_node from this lock handle.
-+
-+*/
-+int lock_carry_node_tail(carry_node * node /* node to complete locking of */ )
-+{
-+ assert("nikita-1052", node != NULL);
-+ assert("nikita-1187", carry_real(node) != NULL);
-+ assert("nikita-1188", !node->unlock);
-+
-+ node->unlock = 1;
-+ /* Load node content into memory and install node plugin by
-+ looking at the node header.
-+
-+ Most of the time this call is cheap because the node is
-+ already in memory.
-+
-+ Corresponding zrelse() is in unlock_carry_node()
-+ */
-+ return zload(carry_real(node));
-+}
-+
-+/* lock carry node
-+
-+ "Resolve" node to real znode, lock it and mark as locked.
-+ This requires recursive locking of znodes.
-+
-+ When operation is posted to the parent level, node it will be applied to is
-+ not yet known. For example, when shifting data between two nodes,
-+ delimiting has to be updated in parent or parents of nodes involved. But
-+ their parents is not yet locked and, moreover said nodes can be reparented
-+ by concurrent balancing.
-+
-+ To work around this, carry operation is applied to special "carry node"
-+ rather than to the znode itself. Carry node consists of some "base" or
-+ "reference" znode and flags indicating how to get to the target of carry
-+ operation (->real_node field of carry_node) from base.
-+
-+*/
-+int lock_carry_node(carry_level * level /* level @node is in */ ,
-+ carry_node * node /* node to lock */ )
-+{
-+ int result;
-+ znode *reference_point;
-+ lock_handle lh;
-+ lock_handle tmp_lh;
-+ reiser4_tree *tree;
-+
-+ assert("nikita-887", level != NULL);
-+ assert("nikita-882", node != NULL);
-+
-+ result = 0;
-+ reference_point = node->node;
-+ init_lh(&lh);
-+ init_lh(&tmp_lh);
-+ if (node->left_before) {
-+ /* handling of new nodes, allocated on the previous level:
-+
-+ some carry ops were propably posted from the new node, but
-+ this node neither has parent pointer set, nor is
-+ connected. This will be done in ->create_hook() for
-+ internal item.
-+
-+ No then less, parent of new node has to be locked. To do
-+ this, first go to the "left" in the carry order. This
-+ depends on the decision to always allocate new node on the
-+ right of existing one.
-+
-+ Loop handles case when multiple nodes, all orphans, were
-+ inserted.
-+
-+ Strictly speaking, taking tree lock is not necessary here,
-+ because all nodes scanned by loop in
-+ find_begetting_brother() are write-locked by this thread,
-+ and thus, their sibling linkage cannot change.
-+
-+ */
-+ tree = znode_get_tree(reference_point);
-+ read_lock_tree(tree);
-+ reference_point = find_begetting_brother(node, level)->node;
-+ read_unlock_tree(tree);
-+ assert("nikita-1186", reference_point != NULL);
-+ }
-+ if (node->parent && (result == 0)) {
-+ result =
-+ reiser4_get_parent(&tmp_lh, reference_point,
-+ ZNODE_WRITE_LOCK);
-+ if (result != 0) {
-+ ; /* nothing */
-+ } else if (znode_get_level(tmp_lh.node) == 0) {
-+ assert("nikita-1347", znode_above_root(tmp_lh.node));
-+ result = add_new_root(level, node, tmp_lh.node);
-+ if (result == 0) {
-+ reference_point = level->new_root;
-+ move_lh(&lh, &node->lock_handle);
-+ }
-+ } else if ((level->new_root != NULL)
-+ && (level->new_root !=
-+ znode_parent_nolock(reference_point))) {
-+ /* parent of node exists, but this level aready
-+ created different new root, so */
-+ warning("nikita-1109",
-+ /* it should be "radicis", but tradition is
-+ tradition. do banshees read latin? */
-+ "hodie natus est radici frater");
-+ result = -EIO;
-+ } else {
-+ move_lh(&lh, &tmp_lh);
-+ reference_point = lh.node;
-+ }
-+ }
-+ if (node->left && (result == 0)) {
-+ assert("nikita-1183", node->parent);
-+ assert("nikita-883", reference_point != NULL);
-+ result =
-+ reiser4_get_left_neighbor(&tmp_lh, reference_point,
-+ ZNODE_WRITE_LOCK,
-+ GN_CAN_USE_UPPER_LEVELS);
-+ if (result == 0) {
-+ done_lh(&lh);
-+ move_lh(&lh, &tmp_lh);
-+ reference_point = lh.node;
-+ }
-+ }
-+ if (!node->parent && !node->left && !node->left_before) {
-+ result =
-+ longterm_lock_znode(&lh, reference_point, ZNODE_WRITE_LOCK,
-+ ZNODE_LOCK_HIPRI);
-+ }
-+ if (result == 0) {
-+ move_lh(&node->lock_handle, &lh);
-+ result = lock_carry_node_tail(node);
-+ }
-+ done_lh(&tmp_lh);
-+ done_lh(&lh);
-+ return result;
-+}
-+
-+/* release a lock on &carry_node.
-+
-+ Release if necessary lock on @node. This opearion is pair of
-+ lock_carry_node() and is idempotent: you can call it more than once on the
-+ same node.
-+
-+*/
-+static void
-+unlock_carry_node(carry_level * level,
-+ carry_node * node /* node to be released */ ,
-+ int failure /* 0 if node is unlocked due
-+ * to some error */ )
-+{
-+ znode *real_node;
-+
-+ assert("nikita-884", node != NULL);
-+
-+ real_node = carry_real(node);
-+ /* pair to zload() in lock_carry_node_tail() */
-+ zrelse(real_node);
-+ if (node->unlock && (real_node != NULL)) {
-+ assert("nikita-899", real_node == node->lock_handle.node);
-+ longterm_unlock_znode(&node->lock_handle);
-+ }
-+ if (failure) {
-+ if (node->deallocate && (real_node != NULL)) {
-+ /* free node in bitmap
-+
-+ Prepare node for removal. Last zput() will finish
-+ with it.
-+ */
-+ ZF_SET(real_node, JNODE_HEARD_BANSHEE);
-+ }
-+ if (node->free) {
-+ assert("nikita-2177",
-+ list_empty_careful(&node->lock_handle.locks_link));
-+ assert("nikita-2112",
-+ list_empty_careful(&node->lock_handle.owners_link));
-+ reiser4_pool_free(&level->pool->node_pool,
-+ &node->header);
-+ }
-+ }
-+}
-+
-+/* fatal_carry_error() - all-catching error handling function
-+
-+ It is possible that carry faces unrecoverable error, like unability to
-+ insert pointer at the internal level. Our simple solution is just panic in
-+ this situation. More sophisticated things like attempt to remount
-+ file-system as read-only can be implemented without much difficlties.
-+
-+ It is believed, that:
-+
-+ 1. in stead of panicking, all current transactions can be aborted rolling
-+ system back to the consistent state.
-+
-+Umm, if you simply panic without doing anything more at all, then all current
-+transactions are aborted and the system is rolled back to a consistent state,
-+by virtue of the design of the transactional mechanism. Well, wait, let's be
-+precise. If an internal node is corrupted on disk due to hardware failure,
-+then there may be no consistent state that can be rolled back to, so instead
-+we should say that it will rollback the transactions, which barring other
-+factors means rolling back to a consistent state.
-+
-+# Nikita: there is a subtle difference between panic and aborting
-+# transactions: machine doesn't reboot. Processes aren't killed. Processes
-+# don't using reiser4 (not that we care about such processes), or using other
-+# reiser4 mounts (about them we do care) will simply continue to run. With
-+# some luck, even application using aborted file system can survive: it will
-+# get some error, like EBADF, from each file descriptor on failed file system,
-+# but applications that do care about tolerance will cope with this (squid
-+# will).
-+
-+It would be a nice feature though to support rollback without rebooting
-+followed by remount, but this can wait for later versions.
-+
-+ 2. once isolated transactions will be implemented it will be possible to
-+ roll back offending transaction.
-+
-+2. is additional code complexity of inconsistent value (it implies that a broken tree should be kept in operation), so we must think about
-+it more before deciding if it should be done. -Hans
-+
-+*/
-+static void fatal_carry_error(carry_level * doing UNUSED_ARG /* carry level
-+ * where
-+ * unrecoverable
-+ * error
-+ * occurred */ ,
-+ int ecode /* error code */ )
-+{
-+ assert("nikita-1230", doing != NULL);
-+ assert("nikita-1231", ecode < 0);
-+
-+ reiser4_panic("nikita-1232", "Carry failed: %i", ecode);
-+}
-+
-+/* add new root to the tree
-+
-+ This function itself only manages changes in carry structures and delegates
-+ all hard work (allocation of znode for new root, changes of parent and
-+ sibling pointers to the add_tree_root().
-+
-+ Locking: old tree root is locked by carry at this point. Fake znode is also
-+ locked.
-+
-+*/
-+static int add_new_root(carry_level * level /* carry level in context of which
-+ * operation is performed */ ,
-+ carry_node * node /* carry node for existing root */ ,
-+ znode * fake /* "fake" znode already locked by
-+ * us */ )
-+{
-+ int result;
-+
-+ assert("nikita-1104", level != NULL);
-+ assert("nikita-1105", node != NULL);
-+
-+ assert("nikita-1403", znode_is_write_locked(node->node));
-+ assert("nikita-1404", znode_is_write_locked(fake));
-+
-+ /* trying to create new root. */
-+ /* @node is root and it's already locked by us. This
-+ means that nobody else can be trying to add/remove
-+ tree root right now.
-+ */
-+ if (level->new_root == NULL)
-+ level->new_root = add_tree_root(node->node, fake);
-+ if (!IS_ERR(level->new_root)) {
-+ assert("nikita-1210", znode_is_root(level->new_root));
-+ node->deallocate = 1;
-+ result =
-+ longterm_lock_znode(&node->lock_handle, level->new_root,
-+ ZNODE_WRITE_LOCK, ZNODE_LOCK_LOPRI);
-+ if (result == 0)
-+ zput(level->new_root);
-+ } else {
-+ result = PTR_ERR(level->new_root);
-+ level->new_root = NULL;
-+ }
-+ return result;
-+}
-+
-+/* allocate new znode and add the operation that inserts the
-+ pointer to it into the parent node into the todo level
-+
-+ Allocate new znode, add it into carry queue and post into @todo queue
-+ request to add pointer to new node into its parent.
-+
-+ This is carry related routing that calls new_node() to allocate new
-+ node.
-+*/
-+carry_node *add_new_znode(znode * brother /* existing left neighbor of new
-+ * node */ ,
-+ carry_node * ref /* carry node after which new
-+ * carry node is to be inserted
-+ * into queue. This affects
-+ * locking. */ ,
-+ carry_level * doing /* carry queue where new node is
-+ * to be added */ ,
-+ carry_level * todo /* carry queue where COP_INSERT
-+ * operation to add pointer to
-+ * new node will ne added */ )
-+{
-+ carry_node *fresh;
-+ znode *new_znode;
-+ carry_op *add_pointer;
-+ carry_plugin_info info;
-+
-+ assert("nikita-1048", brother != NULL);
-+ assert("nikita-1049", todo != NULL);
-+
-+ /* There is a lot of possible variations here: to what parent
-+ new node will be attached and where. For simplicity, always
-+ do the following:
-+
-+ (1) new node and @brother will have the same parent.
-+
-+ (2) new node is added on the right of @brother
-+
-+ */
-+
-+ fresh = add_carry_skip(doing, ref ? POOLO_AFTER : POOLO_LAST, ref);
-+ if (IS_ERR(fresh))
-+ return fresh;
-+
-+ fresh->deallocate = 1;
-+ fresh->free = 1;
-+
-+ new_znode = new_node(brother, znode_get_level(brother));
-+ if (IS_ERR(new_znode))
-+ /* @fresh will be deallocated automatically by error
-+ handling code in the caller. */
-+ return (carry_node *) new_znode;
-+
-+ /* new_znode returned znode with x_count 1. Caller has to decrease
-+ it. make_space() does. */
-+
-+ ZF_SET(new_znode, JNODE_ORPHAN);
-+ fresh->node = new_znode;
-+
-+ while (ZF_ISSET(carry_real(ref), JNODE_ORPHAN)) {
-+ ref = carry_node_prev(ref);
-+ assert("nikita-1606", !carry_node_end(doing, ref));
-+ }
-+
-+ info.todo = todo;
-+ info.doing = doing;
-+ add_pointer = node_post_carry(&info, COP_INSERT, carry_real(ref), 1);
-+ if (IS_ERR(add_pointer)) {
-+ /* no need to deallocate @new_znode here: it will be
-+ deallocated during carry error handling. */
-+ return (carry_node *) add_pointer;
-+ }
-+
-+ add_pointer->u.insert.type = COPT_CHILD;
-+ add_pointer->u.insert.child = fresh;
-+ add_pointer->u.insert.brother = brother;
-+ /* initially new node spawns empty key range */
-+ write_lock_dk(znode_get_tree(brother));
-+ znode_set_ld_key(new_znode,
-+ znode_set_rd_key(new_znode,
-+ znode_get_rd_key(brother)));
-+ write_unlock_dk(znode_get_tree(brother));
-+ return fresh;
-+}
-+
-+/* DEBUGGING FUNCTIONS.
-+
-+ Probably we also should leave them on even when
-+ debugging is turned off to print dumps at errors.
-+*/
-+#if REISER4_DEBUG
-+static int carry_level_invariant(carry_level * level, carry_queue_state state)
-+{
-+ carry_node *node;
-+ carry_node *tmp_node;
-+
-+ if (level == NULL)
-+ return 0;
-+
-+ if (level->track_type != 0 &&
-+ level->track_type != CARRY_TRACK_NODE &&
-+ level->track_type != CARRY_TRACK_CHANGE)
-+ return 0;
-+
-+ /* check that nodes are in ascending order */
-+ for_all_nodes(level, node, tmp_node) {
-+ znode *left;
-+ znode *right;
-+
-+ reiser4_key lkey;
-+ reiser4_key rkey;
-+
-+ if (node != carry_node_front(level)) {
-+ if (state == CARRY_TODO) {
-+ right = node->node;
-+ left = carry_node_prev(node)->node;
-+ } else {
-+ right = carry_real(node);
-+ left = carry_real(carry_node_prev(node));
-+ }
-+ if (right == NULL || left == NULL)
-+ continue;
-+ if (node_is_empty(right) || node_is_empty(left))
-+ continue;
-+ if (!keyle(leftmost_key_in_node(left, &lkey),
-+ leftmost_key_in_node(right, &rkey))) {
-+ warning("", "wrong key order");
-+ return 0;
-+ }
-+ }
-+ }
-+ return 1;
-+}
-+#endif
-+
-+/* get symbolic name for boolean */
-+static const char *tf(int boolean /* truth value */ )
-+{
-+ return boolean ? "t" : "f";
-+}
-+
-+/* symbolic name for carry operation */
-+static const char *carry_op_name(carry_opcode op /* carry opcode */ )
-+{
-+ switch (op) {
-+ case COP_INSERT:
-+ return "COP_INSERT";
-+ case COP_DELETE:
-+ return "COP_DELETE";
-+ case COP_CUT:
-+ return "COP_CUT";
-+ case COP_PASTE:
-+ return "COP_PASTE";
-+ case COP_UPDATE:
-+ return "COP_UPDATE";
-+ case COP_EXTENT:
-+ return "COP_EXTENT";
-+ case COP_INSERT_FLOW:
-+ return "COP_INSERT_FLOW";
-+ default:{
-+ /* not mt safe, but who cares? */
-+ static char buf[20];
-+
-+ sprintf(buf, "unknown op: %x", op);
-+ return buf;
-+ }
-+ }
-+}
-+
-+/* dump information about carry node */
-+static void print_carry(const char *prefix /* prefix to print */ ,
-+ carry_node * node /* node to print */ )
-+{
-+ if (node == NULL) {
-+ printk("%s: null\n", prefix);
-+ return;
-+ }
-+ printk
-+ ("%s: %p parent: %s, left: %s, unlock: %s, free: %s, dealloc: %s\n",
-+ prefix, node, tf(node->parent), tf(node->left), tf(node->unlock),
-+ tf(node->free), tf(node->deallocate));
-+}
-+
-+/* dump information about carry operation */
-+static void print_op(const char *prefix /* prefix to print */ ,
-+ carry_op * op /* operation to print */ )
-+{
-+ if (op == NULL) {
-+ printk("%s: null\n", prefix);
-+ return;
-+ }
-+ printk("%s: %p carry_opcode: %s\n", prefix, op, carry_op_name(op->op));
-+ print_carry("\tnode", op->node);
-+ switch (op->op) {
-+ case COP_INSERT:
-+ case COP_PASTE:
-+ print_coord("\tcoord",
-+ op->u.insert.d ? op->u.insert.d->coord : NULL, 0);
-+ print_key("\tkey", op->u.insert.d ? op->u.insert.d->key : NULL);
-+ print_carry("\tchild", op->u.insert.child);
-+ break;
-+ case COP_DELETE:
-+ print_carry("\tchild", op->u.delete.child);
-+ break;
-+ case COP_CUT:
-+ if (op->u.cut_or_kill.is_cut) {
-+ print_coord("\tfrom",
-+ op->u.cut_or_kill.u.kill->params.from, 0);
-+ print_coord("\tto", op->u.cut_or_kill.u.kill->params.to,
-+ 0);
-+ } else {
-+ print_coord("\tfrom",
-+ op->u.cut_or_kill.u.cut->params.from, 0);
-+ print_coord("\tto", op->u.cut_or_kill.u.cut->params.to,
-+ 0);
-+ }
-+ break;
-+ case COP_UPDATE:
-+ print_carry("\tleft", op->u.update.left);
-+ break;
-+ default:
-+ /* do nothing */
-+ break;
-+ }
-+}
-+
-+/* dump information about all nodes and operations in a @level */
-+static void print_level(const char *prefix /* prefix to print */ ,
-+ carry_level * level /* level to print */ )
-+{
-+ carry_node *node;
-+ carry_node *tmp_node;
-+ carry_op *op;
-+ carry_op *tmp_op;
-+
-+ if (level == NULL) {
-+ printk("%s: null\n", prefix);
-+ return;
-+ }
-+ printk("%s: %p, restartable: %s\n",
-+ prefix, level, tf(level->restartable));
-+
-+ for_all_nodes(level, node, tmp_node)
-+ print_carry("\tcarry node", node);
-+ for_all_ops(level, op, tmp_op)
-+ print_op("\tcarry op", op);
-+}
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/carry.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/carry.h
-@@ -0,0 +1,442 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* Functions and data types to "carry" tree modification(s) upward.
-+ See fs/reiser4/carry.c for details. */
-+
-+#if !defined( __FS_REISER4_CARRY_H__ )
-+#define __FS_REISER4_CARRY_H__
-+
-+#include "forward.h"
-+#include "debug.h"
-+#include "pool.h"
-+#include "znode.h"
-+
-+#include <linux/types.h>
-+
-+/* &carry_node - "location" of carry node.
-+
-+ "location" of node that is involved or going to be involved into
-+ carry process. Node where operation will be carried to on the
-+ parent level cannot be recorded explicitly. Operation will be carried
-+ usually to the parent of some node (where changes are performed at
-+ the current level) or, to the left neighbor of its parent. But while
-+ modifications are performed at the current level, parent may
-+ change. So, we have to allow some indirection (or, positevly,
-+ flexibility) in locating carry nodes.
-+
-+*/
-+typedef struct carry_node {
-+ /* pool linkage */
-+ reiser4_pool_header header;
-+
-+ /* base node from which real_node is calculated. See
-+ fs/reiser4/carry.c:lock_carry_node(). */
-+ znode *node;
-+
-+ /* how to get ->real_node */
-+ /* to get ->real_node obtain parent of ->node */
-+ __u32 parent:1;
-+ /* to get ->real_node obtain left neighbor of parent of
-+ ->node */
-+ __u32 left:1;
-+ __u32 left_before:1;
-+
-+ /* locking */
-+
-+ /* this node was locked by carry process and should be
-+ unlocked when carry leaves a level */
-+ __u32 unlock:1;
-+
-+ /* disk block for this node was allocated by carry process and
-+ should be deallocated when carry leaves a level */
-+ __u32 deallocate:1;
-+ /* this carry node was allocated by carry process and should be
-+ freed when carry leaves a level */
-+ __u32 free:1;
-+
-+ /* type of lock we want to take on this node */
-+ lock_handle lock_handle;
-+} carry_node;
-+
-+/* &carry_opcode - elementary operations that can be carried upward
-+
-+ Operations that carry() can handle. This list is supposed to be
-+ expanded.
-+
-+ Each carry operation (cop) is handled by appropriate function defined
-+ in fs/reiser4/carry.c. For example COP_INSERT is handled by
-+ fs/reiser4/carry.c:carry_insert() etc. These functions in turn
-+ call plugins of nodes affected by operation to modify nodes' content
-+ and to gather operations to be performed on the next level.
-+
-+*/
-+typedef enum {
-+ /* insert new item into node. */
-+ COP_INSERT,
-+ /* delete pointer from parent node */
-+ COP_DELETE,
-+ /* remove part of or whole node. */
-+ COP_CUT,
-+ /* increase size of item. */
-+ COP_PASTE,
-+ /* insert extent (that is sequence of unformatted nodes). */
-+ COP_EXTENT,
-+ /* update delimiting key in least common ancestor of two
-+ nodes. This is performed when items are moved between two
-+ nodes.
-+ */
-+ COP_UPDATE,
-+ /* insert flow */
-+ COP_INSERT_FLOW,
-+ COP_LAST_OP,
-+} carry_opcode;
-+
-+#define CARRY_FLOW_NEW_NODES_LIMIT 20
-+
-+/* mode (or subtype) of COP_{INSERT|PASTE} operation. Specifies how target
-+ item is determined. */
-+typedef enum {
-+ /* target item is one containing pointer to the ->child node */
-+ COPT_CHILD,
-+ /* target item is given explicitly by @coord */
-+ COPT_ITEM_DATA,
-+ /* target item is given by key */
-+ COPT_KEY,
-+ /* see insert_paste_common() for more comments on this. */
-+ COPT_PASTE_RESTARTED,
-+} cop_insert_pos_type;
-+
-+/* flags to cut and delete */
-+typedef enum {
-+ /* don't kill node even if it became completely empty as results of
-+ * cut. This is needed for eottl handling. See carry_extent() for
-+ * details. */
-+ DELETE_RETAIN_EMPTY = (1 << 0)
-+} cop_delete_flag;
-+
-+/*
-+ * carry() implements "lock handle tracking" feature.
-+ *
-+ * Callers supply carry with node where to perform initial operation and lock
-+ * handle on this node. Trying to optimize node utilization carry may actually
-+ * move insertion point to different node. Callers expect that lock handle
-+ * will rebe transferred to the new node also.
-+ *
-+ */
-+typedef enum {
-+ /* transfer lock handle along with insertion point */
-+ CARRY_TRACK_CHANGE = 1,
-+ /* acquire new lock handle to the node where insertion point is. This
-+ * is used when carry() client doesn't initially possess lock handle
-+ * on the insertion point node, for example, by extent insertion
-+ * code. See carry_extent(). */
-+ CARRY_TRACK_NODE = 2
-+} carry_track_type;
-+
-+/* data supplied to COP_{INSERT|PASTE} by callers */
-+typedef struct carry_insert_data {
-+ /* position where new item is to be inserted */
-+ coord_t *coord;
-+ /* new item description */
-+ reiser4_item_data *data;
-+ /* key of new item */
-+ const reiser4_key *key;
-+} carry_insert_data;
-+
-+/* cut and kill are similar, so carry_cut_data and carry_kill_data share the below structure of parameters */
-+struct cut_kill_params {
-+ /* coord where cut starts (inclusive) */
-+ coord_t *from;
-+ /* coord where cut stops (inclusive, this item/unit will also be
-+ * cut) */
-+ coord_t *to;
-+ /* starting key. This is necessary when item and unit pos don't
-+ * uniquely identify what portion or tree to remove. For example, this
-+ * indicates what portion of extent unit will be affected. */
-+ const reiser4_key *from_key;
-+ /* exclusive stop key */
-+ const reiser4_key *to_key;
-+ /* if this is not NULL, smallest actually removed key is stored
-+ * here. */
-+ reiser4_key *smallest_removed;
-+ /* kill_node_content() is called for file truncate */
-+ int truncate;
-+};
-+
-+struct carry_cut_data {
-+ struct cut_kill_params params;
-+};
-+
-+struct carry_kill_data {
-+ struct cut_kill_params params;
-+ /* parameter to be passed to the ->kill_hook() method of item
-+ * plugin */
-+ /*void *iplug_params; *//* FIXME: unused currently */
-+ /* if not NULL---inode whose items are being removed. This is needed
-+ * for ->kill_hook() of extent item to update VM structures when
-+ * removing pages. */
-+ struct inode *inode;
-+ /* sibling list maintenance is complicated by existence of eottl. When
-+ * eottl whose left and right neighbors are formatted leaves is
-+ * removed, one has to connect said leaves in the sibling list. This
-+ * cannot be done when extent removal is just started as locking rules
-+ * require sibling list update to happen atomically with removal of
-+ * extent item. Therefore: 1. pointers to left and right neighbors
-+ * have to be passed down to the ->kill_hook() of extent item, and
-+ * 2. said neighbors have to be locked. */
-+ lock_handle *left;
-+ lock_handle *right;
-+ /* flags modifying behavior of kill. Currently, it may have DELETE_RETAIN_EMPTY set. */
-+ unsigned flags;
-+ char *buf;
-+};
-+
-+/* &carry_tree_op - operation to "carry" upward.
-+
-+ Description of an operation we want to "carry" to the upper level of
-+ a tree: e.g, when we insert something and there is not enough space
-+ we allocate a new node and "carry" the operation of inserting a
-+ pointer to the new node to the upper level, on removal of empty node,
-+ we carry up operation of removing appropriate entry from parent.
-+
-+ There are two types of carry ops: when adding or deleting node we
-+ node at the parent level where appropriate modification has to be
-+ performed is known in advance. When shifting items between nodes
-+ (split, merge), delimiting key should be changed in the least common
-+ parent of the nodes involved that is not known in advance.
-+
-+ For the operations of the first type we store in &carry_op pointer to
-+ the &carry_node at the parent level. For the operation of the second
-+ type we store &carry_node or parents of the left and right nodes
-+ modified and keep track of them upward until they coincide.
-+
-+*/
-+typedef struct carry_op {
-+ /* pool linkage */
-+ reiser4_pool_header header;
-+ carry_opcode op;
-+ /* node on which operation is to be performed:
-+
-+ for insert, paste: node where new item is to be inserted
-+
-+ for delete: node where pointer is to be deleted
-+
-+ for cut: node to cut from
-+
-+ for update: node where delimiting key is to be modified
-+
-+ for modify: parent of modified node
-+
-+ */
-+ carry_node *node;
-+ union {
-+ struct {
-+ /* (sub-)type of insertion/paste. Taken from
-+ cop_insert_pos_type. */
-+ __u8 type;
-+ /* various operation flags. Taken from
-+ cop_insert_flag. */
-+ __u8 flags;
-+ carry_insert_data *d;
-+ carry_node *child;
-+ znode *brother;
-+ } insert, paste, extent;
-+
-+ struct {
-+ int is_cut;
-+ union {
-+ carry_kill_data *kill;
-+ carry_cut_data *cut;
-+ } u;
-+ } cut_or_kill;
-+
-+ struct {
-+ carry_node *left;
-+ } update;
-+ struct {
-+ /* changed child */
-+ carry_node *child;
-+ /* bitmask of changes. See &cop_modify_flag */
-+ __u32 flag;
-+ } modify;
-+ struct {
-+ /* flags to deletion operation. Are taken from
-+ cop_delete_flag */
-+ __u32 flags;
-+ /* child to delete from parent. If this is
-+ NULL, delete op->node. */
-+ carry_node *child;
-+ } delete;
-+ struct {
-+ /* various operation flags. Taken from
-+ cop_insert_flag. */
-+ __u32 flags;
-+ flow_t *flow;
-+ coord_t *insert_point;
-+ reiser4_item_data *data;
-+ /* flow insertion is limited by number of new blocks
-+ added in that operation which do not get any data
-+ but part of flow. This limit is set by macro
-+ CARRY_FLOW_NEW_NODES_LIMIT. This field stores number
-+ of nodes added already during one carry_flow */
-+ int new_nodes;
-+ } insert_flow;
-+ } u;
-+} carry_op;
-+
-+/* &carry_op_pool - preallocated pool of carry operations, and nodes */
-+typedef struct carry_pool {
-+ carry_op op[CARRIES_POOL_SIZE];
-+ reiser4_pool op_pool;
-+ carry_node node[NODES_LOCKED_POOL_SIZE];
-+ reiser4_pool node_pool;
-+} carry_pool;
-+
-+/* &carry_tree_level - carry process on given level
-+
-+ Description of balancing process on the given level.
-+
-+ No need for locking here, as carry_tree_level is essentially per
-+ thread thing (for now).
-+
-+*/
-+struct carry_level {
-+ /* this level may be restarted */
-+ __u32 restartable:1;
-+ /* list of carry nodes on this level, ordered by key order */
-+ struct list_head nodes;
-+ struct list_head ops;
-+ /* pool where new objects are allocated from */
-+ carry_pool *pool;
-+ int ops_num;
-+ int nodes_num;
-+ /* new root created on this level, if any */
-+ znode *new_root;
-+ /* This is set by caller (insert_by_key(), resize_item(), etc.) when
-+ they want ->tracked to automagically wander to the node where
-+ insertion point moved after insert or paste.
-+ */
-+ carry_track_type track_type;
-+ /* lock handle supplied by user that we are tracking. See
-+ above. */
-+ lock_handle *tracked;
-+};
-+
-+/* information carry passes to plugin methods that may add new operations to
-+ the @todo queue */
-+struct carry_plugin_info {
-+ carry_level *doing;
-+ carry_level *todo;
-+};
-+
-+int carry(carry_level * doing, carry_level * done);
-+
-+carry_node *add_carry(carry_level * level, pool_ordering order,
-+ carry_node * reference);
-+carry_node *add_carry_skip(carry_level * level, pool_ordering order,
-+ carry_node * reference);
-+
-+extern carry_node *insert_carry_node(carry_level * doing,
-+ carry_level * todo, const znode * node);
-+
-+extern carry_pool *init_carry_pool(int);
-+extern void done_carry_pool(carry_pool * pool);
-+
-+extern void init_carry_level(carry_level * level, carry_pool * pool);
-+
-+extern carry_op *post_carry(carry_level * level, carry_opcode op, znode * node,
-+ int apply_to_parent);
-+extern carry_op *node_post_carry(carry_plugin_info * info, carry_opcode op,
-+ znode * node, int apply_to_parent_p);
-+
-+carry_node *add_new_znode(znode * brother, carry_node * reference,
-+ carry_level * doing, carry_level * todo);
-+
-+carry_node *find_carry_node(carry_level * level, const znode * node);
-+
-+extern znode *carry_real(const carry_node * node);
-+
-+/* helper macros to iterate over carry queues */
-+
-+#define carry_node_next( node ) \
-+ list_entry((node)->header.level_linkage.next, carry_node, \
-+ header.level_linkage)
-+
-+#define carry_node_prev( node ) \
-+ list_entry((node)->header.level_linkage.prev, carry_node, \
-+ header.level_linkage)
-+
-+#define carry_node_front( level ) \
-+ list_entry((level)->nodes.next, carry_node, header.level_linkage)
-+
-+#define carry_node_back( level ) \
-+ list_entry((level)->nodes.prev, carry_node, header.level_linkage)
-+
-+#define carry_node_end( level, node ) \
-+ (&(level)->nodes == &(node)->header.level_linkage)
-+
-+/* macro to iterate over all operations in a @level */
-+#define for_all_ops( level /* carry level (of type carry_level *) */, \
-+ op /* pointer to carry operation, modified by loop (of \
-+ * type carry_op *) */, \
-+ tmp /* pointer to carry operation (of type carry_op *), \
-+ * used to make iterator stable in the face of \
-+ * deletions from the level */ ) \
-+for (op = list_entry(level->ops.next, carry_op, header.level_linkage), \
-+ tmp = list_entry(op->header.level_linkage.next, carry_op, header.level_linkage); \
-+ &op->header.level_linkage != &level->ops; \
-+ op = tmp, \
-+ tmp = list_entry(op->header.level_linkage.next, carry_op, header.level_linkage))
-+
-+#if 0
-+for( op = ( carry_op * ) pool_level_list_front( &level -> ops ), \
-+ tmp = ( carry_op * ) pool_level_list_next( &op -> header ) ; \
-+ ! pool_level_list_end( &level -> ops, &op -> header ) ; \
-+ op = tmp, tmp = ( carry_op * ) pool_level_list_next( &op -> header ) )
-+#endif
-+
-+/* macro to iterate over all nodes in a @level */ \
-+#define for_all_nodes( level /* carry level (of type carry_level *) */, \
-+ node /* pointer to carry node, modified by loop (of \
-+ * type carry_node *) */, \
-+ tmp /* pointer to carry node (of type carry_node *), \
-+ * used to make iterator stable in the face of * \
-+ * deletions from the level */ ) \
-+for (node = list_entry(level->nodes.next, carry_node, header.level_linkage), \
-+ tmp = list_entry(node->header.level_linkage.next, carry_node, header.level_linkage); \
-+ &node->header.level_linkage != &level->nodes; \
-+ node = tmp, \
-+ tmp = list_entry(node->header.level_linkage.next, carry_node, header.level_linkage))
-+
-+#if 0
-+for( node = carry_node_front( level ), \
-+ tmp = carry_node_next( node ) ; ! carry_node_end( level, node ) ; \
-+ node = tmp, tmp = carry_node_next( node ) )
-+#endif
-+
-+/* macro to iterate over all nodes in a @level in reverse order
-+
-+ This is used, because nodes are unlocked in reversed order of locking */
-+#define for_all_nodes_back( level /* carry level (of type carry_level *) */, \
-+ node /* pointer to carry node, modified by loop \
-+ * (of type carry_node *) */, \
-+ tmp /* pointer to carry node (of type carry_node \
-+ * *), used to make iterator stable in the \
-+ * face of deletions from the level */ ) \
-+for( node = carry_node_back( level ), \
-+ tmp = carry_node_prev( node ) ; ! carry_node_end( level, node ) ; \
-+ node = tmp, tmp = carry_node_prev( node ) )
-+
-+/* __FS_REISER4_CARRY_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/carry_ops.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/carry_ops.c
-@@ -0,0 +1,2103 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* implementation of carry operations */
-+
-+#include "forward.h"
-+#include "debug.h"
-+#include "key.h"
-+#include "coord.h"
-+#include "plugin/item/item.h"
-+#include "plugin/node/node.h"
-+#include "jnode.h"
-+#include "znode.h"
-+#include "block_alloc.h"
-+#include "tree_walk.h"
-+#include "pool.h"
-+#include "tree_mod.h"
-+#include "carry.h"
-+#include "carry_ops.h"
-+#include "tree.h"
-+#include "super.h"
-+#include "reiser4.h"
-+
-+#include <linux/types.h>
-+#include <linux/err.h>
-+
-+static int carry_shift_data(sideof side, coord_t * insert_coord, znode * node,
-+ carry_level * doing, carry_level * todo,
-+ unsigned int including_insert_coord_p);
-+
-+extern int lock_carry_node(carry_level * level, carry_node * node);
-+extern int lock_carry_node_tail(carry_node * node);
-+
-+/* find left neighbor of a carry node
-+
-+ Look for left neighbor of @node and add it to the @doing queue. See
-+ comments in the body.
-+
-+*/
-+static carry_node *find_left_neighbor(carry_op * op /* node to find left
-+ * neighbor of */ ,
-+ carry_level * doing /* level to scan */ )
-+{
-+ int result;
-+ carry_node *node;
-+ carry_node *left;
-+ int flags;
-+ reiser4_tree *tree;
-+
-+ node = op->node;
-+
-+ tree = current_tree;
-+ read_lock_tree(tree);
-+ /* first, check whether left neighbor is already in a @doing queue */
-+ if (carry_real(node)->left != NULL) {
-+ /* NOTE: there is locking subtlety here. Look into
-+ * find_right_neighbor() for more info */
-+ if (find_carry_node(doing, carry_real(node)->left) != NULL) {
-+ read_unlock_tree(tree);
-+ left = node;
-+ do {
-+ left = list_entry(left->header.level_linkage.prev,
-+ carry_node, header.level_linkage);
-+ assert("nikita-3408", !carry_node_end(doing,
-+ left));
-+ } while (carry_real(left) == carry_real(node));
-+ return left;
-+ }
-+ }
-+ read_unlock_tree(tree);
-+
-+ left = add_carry_skip(doing, POOLO_BEFORE, node);
-+ if (IS_ERR(left))
-+ return left;
-+
-+ left->node = node->node;
-+ left->free = 1;
-+
-+ flags = GN_TRY_LOCK;
-+ if (!op->u.insert.flags & COPI_LOAD_LEFT)
-+ flags |= GN_NO_ALLOC;
-+
-+ /* then, feeling lucky, peek left neighbor in the cache. */
-+ result = reiser4_get_left_neighbor(&left->lock_handle, carry_real(node),
-+ ZNODE_WRITE_LOCK, flags);
-+ if (result == 0) {
-+ /* ok, node found and locked. */
-+ result = lock_carry_node_tail(left);
-+ if (result != 0)
-+ left = ERR_PTR(result);
-+ } else if (result == -E_NO_NEIGHBOR || result == -ENOENT) {
-+ /* node is leftmost node in a tree, or neighbor wasn't in
-+ cache, or there is an extent on the left. */
-+ reiser4_pool_free(&doing->pool->node_pool, &left->header);
-+ left = NULL;
-+ } else if (doing->restartable) {
-+ /* if left neighbor is locked, and level is restartable, add
-+ new node to @doing and restart. */
-+ assert("nikita-913", node->parent != 0);
-+ assert("nikita-914", node->node != NULL);
-+ left->left = 1;
-+ left->free = 0;
-+ left = ERR_PTR(-E_REPEAT);
-+ } else {
-+ /* left neighbor is locked, level cannot be restarted. Just
-+ ignore left neighbor. */
-+ reiser4_pool_free(&doing->pool->node_pool, &left->header);
-+ left = NULL;
-+ }
-+ return left;
-+}
-+
-+/* find right neighbor of a carry node
-+
-+ Look for right neighbor of @node and add it to the @doing queue. See
-+ comments in the body.
-+
-+*/
-+static carry_node *find_right_neighbor(carry_op * op /* node to find right
-+ * neighbor of */ ,
-+ carry_level * doing /* level to scan */ )
-+{
-+ int result;
-+ carry_node *node;
-+ carry_node *right;
-+ lock_handle lh;
-+ int flags;
-+ reiser4_tree *tree;
-+
-+ init_lh(&lh);
-+
-+ node = op->node;
-+
-+ tree = current_tree;
-+ read_lock_tree(tree);
-+ /* first, check whether right neighbor is already in a @doing queue */
-+ if (carry_real(node)->right != NULL) {
-+ /*
-+ * Tree lock is taken here anyway, because, even if _outcome_
-+ * of (find_carry_node() != NULL) doesn't depends on
-+ * concurrent updates to ->right, find_carry_node() cannot
-+ * work with second argument NULL. Hence, following comment is
-+ * of historic importance only.
-+ *
-+ * Subtle:
-+ *
-+ * Q: why don't we need tree lock here, looking for the right
-+ * neighbor?
-+ *
-+ * A: even if value of node->real_node->right were changed
-+ * during find_carry_node() execution, outcome of execution
-+ * wouldn't change, because (in short) other thread cannot add
-+ * elements to the @doing, and if node->real_node->right
-+ * already was in @doing, value of node->real_node->right
-+ * couldn't change, because node cannot be inserted between
-+ * locked neighbors.
-+ */
-+ if (find_carry_node(doing, carry_real(node)->right) != NULL) {
-+ read_unlock_tree(tree);
-+ /*
-+ * What we are doing here (this is also applicable to
-+ * the find_left_neighbor()).
-+ *
-+ * tree_walk.c code requires that insertion of a
-+ * pointer to a child, modification of parent pointer
-+ * in the child, and insertion of the child into
-+ * sibling list are atomic (see
-+ * plugin/item/internal.c:create_hook_internal()).
-+ *
-+ * carry allocates new node long before pointer to it
-+ * is inserted into parent and, actually, long before
-+ * parent is even known. Such allocated-but-orphaned
-+ * nodes are only trackable through carry level lists.
-+ *
-+ * Situation that is handled here is following: @node
-+ * has valid ->right pointer, but there is
-+ * allocated-but-orphaned node in the carry queue that
-+ * is logically between @node and @node->right. Here
-+ * we are searching for it. Critical point is that
-+ * this is only possible if @node->right is also in
-+ * the carry queue (this is checked above), because
-+ * this is the only way new orphaned node could be
-+ * inserted between them (before inserting new node,
-+ * make_space() first tries to shift to the right, so,
-+ * right neighbor will be locked and queued).
-+ *
-+ */
-+ right = node;
-+ do {
-+ right = list_entry(right->header.level_linkage.next,
-+ carry_node, header.level_linkage);
-+ assert("nikita-3408", !carry_node_end(doing,
-+ right));
-+ } while (carry_real(right) == carry_real(node));
-+ return right;
-+ }
-+ }
-+ read_unlock_tree(tree);
-+
-+ flags = GN_CAN_USE_UPPER_LEVELS;
-+ if (!op->u.insert.flags & COPI_LOAD_RIGHT)
-+ flags = GN_NO_ALLOC;
-+
-+ /* then, try to lock right neighbor */
-+ init_lh(&lh);
-+ result = reiser4_get_right_neighbor(&lh, carry_real(node),
-+ ZNODE_WRITE_LOCK, flags);
-+ if (result == 0) {
-+ /* ok, node found and locked. */
-+ right = add_carry_skip(doing, POOLO_AFTER, node);
-+ if (!IS_ERR(right)) {
-+ right->node = lh.node;
-+ move_lh(&right->lock_handle, &lh);
-+ right->free = 1;
-+ result = lock_carry_node_tail(right);
-+ if (result != 0)
-+ right = ERR_PTR(result);
-+ }
-+ } else if ((result == -E_NO_NEIGHBOR) || (result == -ENOENT)) {
-+ /* node is rightmost node in a tree, or neighbor wasn't in
-+ cache, or there is an extent on the right. */
-+ right = NULL;
-+ } else
-+ right = ERR_PTR(result);
-+ done_lh(&lh);
-+ return right;
-+}
-+
-+/* how much free space in a @node is needed for @op
-+
-+ How much space in @node is required for completion of @op, where @op is
-+ insert or paste operation.
-+*/
-+static unsigned int space_needed_for_op(znode * node /* znode data are
-+ * inserted or
-+ * pasted in */ ,
-+ carry_op * op /* carry
-+ operation */ )
-+{
-+ assert("nikita-919", op != NULL);
-+
-+ switch (op->op) {
-+ default:
-+ impossible("nikita-1701", "Wrong opcode");
-+ case COP_INSERT:
-+ return space_needed(node, NULL, op->u.insert.d->data, 1);
-+ case COP_PASTE:
-+ return space_needed(node, op->u.insert.d->coord,
-+ op->u.insert.d->data, 0);
-+ }
-+}
-+
-+/* how much space in @node is required to insert or paste @data at
-+ @coord. */
-+unsigned int space_needed(const znode * node /* node data are inserted or
-+ * pasted in */ ,
-+ const coord_t * coord /* coord where data are
-+ * inserted or pasted
-+ * at */ ,
-+ const reiser4_item_data * data /* data to insert or
-+ * paste */ ,
-+ int insertion /* non-0 is inserting, 0---paste */ )
-+{
-+ int result;
-+ item_plugin *iplug;
-+
-+ assert("nikita-917", node != NULL);
-+ assert("nikita-918", node_plugin_by_node(node) != NULL);
-+ assert("vs-230", !insertion || (coord == NULL));
-+
-+ result = 0;
-+ iplug = data->iplug;
-+ if (iplug->b.estimate != NULL) {
-+ /* ask item plugin how much space is needed to insert this
-+ item */
-+ result += iplug->b.estimate(insertion ? NULL : coord, data);
-+ } else {
-+ /* reasonable default */
-+ result += data->length;
-+ }
-+ if (insertion) {
-+ node_plugin *nplug;
-+
-+ nplug = node->nplug;
-+ /* and add node overhead */
-+ if (nplug->item_overhead != NULL) {
-+ result += nplug->item_overhead(node, NULL);
-+ }
-+ }
-+ return result;
-+}
-+
-+/* find &coord in parent where pointer to new child is to be stored. */
-+static int find_new_child_coord(carry_op * op /* COP_INSERT carry operation to
-+ * insert pointer to new
-+ * child */ )
-+{
-+ int result;
-+ znode *node;
-+ znode *child;
-+
-+ assert("nikita-941", op != NULL);
-+ assert("nikita-942", op->op == COP_INSERT);
-+
-+ node = carry_real(op->node);
-+ assert("nikita-943", node != NULL);
-+ assert("nikita-944", node_plugin_by_node(node) != NULL);
-+
-+ child = carry_real(op->u.insert.child);
-+ result =
-+ find_new_child_ptr(node, child, op->u.insert.brother,
-+ op->u.insert.d->coord);
-+
-+ build_child_ptr_data(child, op->u.insert.d->data);
-+ return result;
-+}
-+
-+/* additional amount of free space in @node required to complete @op */
-+static int free_space_shortage(znode * node /* node to check */ ,
-+ carry_op * op /* operation being performed */ )
-+{
-+ assert("nikita-1061", node != NULL);
-+ assert("nikita-1062", op != NULL);
-+
-+ switch (op->op) {
-+ default:
-+ impossible("nikita-1702", "Wrong opcode");
-+ case COP_INSERT:
-+ case COP_PASTE:
-+ return space_needed_for_op(node, op) - znode_free_space(node);
-+ case COP_EXTENT:
-+ /* when inserting extent shift data around until insertion
-+ point is utmost in the node. */
-+ if (coord_wrt(op->u.insert.d->coord) == COORD_INSIDE)
-+ return +1;
-+ else
-+ return -1;
-+ }
-+}
-+
-+/* helper function: update node pointer in operation after insertion
-+ point was probably shifted into @target. */
-+static znode *sync_op(carry_op * op, carry_node * target)
-+{
-+ znode *insertion_node;
-+
-+ /* reget node from coord: shift might move insertion coord to
-+ the neighbor */
-+ insertion_node = op->u.insert.d->coord->node;
-+ /* if insertion point was actually moved into new node,
-+ update carry node pointer in operation. */
-+ if (insertion_node != carry_real(op->node)) {
-+ op->node = target;
-+ assert("nikita-2540", carry_real(target) == insertion_node);
-+ }
-+ assert("nikita-2541",
-+ carry_real(op->node) == op->u.insert.d->coord->node);
-+ return insertion_node;
-+}
-+
-+/*
-+ * complete make_space() call: update tracked lock handle if necessary. See
-+ * comments for fs/reiser4/carry.h:carry_track_type
-+ */
-+static int
-+make_space_tail(carry_op * op, carry_level * doing, znode * orig_node)
-+{
-+ int result;
-+ carry_track_type tracking;
-+ znode *node;
-+
-+ tracking = doing->track_type;
-+ node = op->u.insert.d->coord->node;
-+
-+ if (tracking == CARRY_TRACK_NODE ||
-+ (tracking == CARRY_TRACK_CHANGE && node != orig_node)) {
-+ /* inserting or pasting into node different from
-+ original. Update lock handle supplied by caller. */
-+ assert("nikita-1417", doing->tracked != NULL);
-+ done_lh(doing->tracked);
-+ init_lh(doing->tracked);
-+ result = longterm_lock_znode(doing->tracked, node,
-+ ZNODE_WRITE_LOCK,
-+ ZNODE_LOCK_HIPRI);
-+ } else
-+ result = 0;
-+ return result;
-+}
-+
-+/* This is insertion policy function. It shifts data to the left and right
-+ neighbors of insertion coord and allocates new nodes until there is enough
-+ free space to complete @op.
-+
-+ See comments in the body.
-+
-+ Assumes that the node format favors insertions at the right end of the node
-+ as node40 does.
-+
-+ See carry_flow() on detail about flow insertion
-+*/
-+static int make_space(carry_op * op /* carry operation, insert or paste */ ,
-+ carry_level * doing /* current carry queue */ ,
-+ carry_level * todo /* carry queue on the parent level */ )
-+{
-+ znode *node;
-+ int result;
-+ int not_enough_space;
-+ int blk_alloc;
-+ znode *orig_node;
-+ __u32 flags;
-+
-+ coord_t *coord;
-+
-+ assert("nikita-890", op != NULL);
-+ assert("nikita-891", todo != NULL);
-+ assert("nikita-892",
-+ op->op == COP_INSERT ||
-+ op->op == COP_PASTE || op->op == COP_EXTENT);
-+ assert("nikita-1607",
-+ carry_real(op->node) == op->u.insert.d->coord->node);
-+
-+ flags = op->u.insert.flags;
-+
-+ /* NOTE check that new node can only be allocated after checking left
-+ * and right neighbors. This is necessary for proper work of
-+ * find_{left,right}_neighbor(). */
-+ assert("nikita-3410", ergo(flags & COPI_DONT_ALLOCATE,
-+ flags & COPI_DONT_SHIFT_LEFT));
-+ assert("nikita-3411", ergo(flags & COPI_DONT_ALLOCATE,
-+ flags & COPI_DONT_SHIFT_RIGHT));
-+
-+ coord = op->u.insert.d->coord;
-+ orig_node = node = coord->node;
-+
-+ assert("nikita-908", node != NULL);
-+ assert("nikita-909", node_plugin_by_node(node) != NULL);
-+
-+ result = 0;
-+ /* If there is not enough space in a node, try to shift something to
-+ the left neighbor. This is a bit tricky, as locking to the left is
-+ low priority. This is handled by restart logic in carry().
-+ */
-+ not_enough_space = free_space_shortage(node, op);
-+ if (not_enough_space <= 0)
-+ /* it is possible that carry was called when there actually
-+ was enough space in the node. For example, when inserting
-+ leftmost item so that delimiting keys have to be updated.
-+ */
-+ return make_space_tail(op, doing, orig_node);
-+ if (!(flags & COPI_DONT_SHIFT_LEFT)) {
-+ carry_node *left;
-+ /* make note in statistics of an attempt to move
-+ something into the left neighbor */
-+ left = find_left_neighbor(op, doing);
-+ if (unlikely(IS_ERR(left))) {
-+ if (PTR_ERR(left) == -E_REPEAT)
-+ return -E_REPEAT;
-+ else {
-+ /* some error other than restart request
-+ occurred. This shouldn't happen. Issue a
-+ warning and continue as if left neighbor
-+ weren't existing.
-+ */
-+ warning("nikita-924",
-+ "Error accessing left neighbor: %li",
-+ PTR_ERR(left));
-+ }
-+ } else if (left != NULL) {
-+
-+ /* shift everything possible on the left of and
-+ including insertion coord into the left neighbor */
-+ result = carry_shift_data(LEFT_SIDE, coord,
-+ carry_real(left), doing, todo,
-+ flags & COPI_GO_LEFT);
-+
-+ /* reget node from coord: shift_left() might move
-+ insertion coord to the left neighbor */
-+ node = sync_op(op, left);
-+
-+ not_enough_space = free_space_shortage(node, op);
-+ /* There is not enough free space in @node, but
-+ may be, there is enough free space in
-+ @left. Various balancing decisions are valid here.
-+ The same for the shifiting to the right.
-+ */
-+ }
-+ }
-+ /* If there still is not enough space, shift to the right */
-+ if (not_enough_space > 0 && !(flags & COPI_DONT_SHIFT_RIGHT)) {
-+ carry_node *right;
-+
-+ right = find_right_neighbor(op, doing);
-+ if (IS_ERR(right)) {
-+ warning("nikita-1065",
-+ "Error accessing right neighbor: %li",
-+ PTR_ERR(right));
-+ } else if (right != NULL) {
-+ /* node containing insertion point, and its right
-+ neighbor node are write locked by now.
-+
-+ shift everything possible on the right of but
-+ excluding insertion coord into the right neighbor
-+ */
-+ result = carry_shift_data(RIGHT_SIDE, coord,
-+ carry_real(right),
-+ doing, todo,
-+ flags & COPI_GO_RIGHT);
-+ /* reget node from coord: shift_right() might move
-+ insertion coord to the right neighbor */
-+ node = sync_op(op, right);
-+ not_enough_space = free_space_shortage(node, op);
-+ }
-+ }
-+ /* If there is still not enough space, allocate new node(s).
-+
-+ We try to allocate new blocks if COPI_DONT_ALLOCATE is not set in
-+ the carry operation flags (currently this is needed during flush
-+ only).
-+ */
-+ for (blk_alloc = 0;
-+ not_enough_space > 0 && result == 0 && blk_alloc < 2 &&
-+ !(flags & COPI_DONT_ALLOCATE); ++blk_alloc) {
-+ carry_node *fresh; /* new node we are allocating */
-+ coord_t coord_shadow; /* remembered insertion point before
-+ * shifting data into new node */
-+ carry_node *node_shadow; /* remembered insertion node before
-+ * shifting */
-+ unsigned int gointo; /* whether insertion point should move
-+ * into newly allocated node */
-+
-+ /* allocate new node on the right of @node. Znode and disk
-+ fake block number for new node are allocated.
-+
-+ add_new_znode() posts carry operation COP_INSERT with
-+ COPT_CHILD option to the parent level to add
-+ pointer to newly created node to its parent.
-+
-+ Subtle point: if several new nodes are required to complete
-+ insertion operation at this level, they will be inserted
-+ into their parents in the order of creation, which means
-+ that @node will be valid "cookie" at the time of insertion.
-+
-+ */
-+ fresh = add_new_znode(node, op->node, doing, todo);
-+ if (IS_ERR(fresh))
-+ return PTR_ERR(fresh);
-+
-+ /* Try to shift into new node. */
-+ result = lock_carry_node(doing, fresh);
-+ zput(carry_real(fresh));
-+ if (result != 0) {
-+ warning("nikita-947",
-+ "Cannot lock new node: %i", result);
-+ return result;
-+ }
-+
-+ /* both nodes are write locked by now.
-+
-+ shift everything possible on the right of and
-+ including insertion coord into the right neighbor.
-+ */
-+ coord_dup(&coord_shadow, op->u.insert.d->coord);
-+ node_shadow = op->node;
-+ /* move insertion point into newly created node if:
-+
-+ . insertion point is rightmost in the source node, or
-+ . this is not the first node we are allocating in a row.
-+ */
-+ gointo =
-+ (blk_alloc > 0) ||
-+ coord_is_after_rightmost(op->u.insert.d->coord);
-+
-+ result = carry_shift_data(RIGHT_SIDE, coord, carry_real(fresh),
-+ doing, todo, gointo);
-+ /* if insertion point was actually moved into new node,
-+ update carry node pointer in operation. */
-+ node = sync_op(op, fresh);
-+ not_enough_space = free_space_shortage(node, op);
-+ if ((not_enough_space > 0) && (node != coord_shadow.node)) {
-+ /* there is not enough free in new node. Shift
-+ insertion point back to the @shadow_node so that
-+ next new node would be inserted between
-+ @shadow_node and @fresh.
-+ */
-+ coord_normalize(&coord_shadow);
-+ coord_dup(coord, &coord_shadow);
-+ node = coord->node;
-+ op->node = node_shadow;
-+ if (1 || (flags & COPI_STEP_BACK)) {
-+ /* still not enough space?! Maybe there is
-+ enough space in the source node (i.e., node
-+ data are moved from) now.
-+ */
-+ not_enough_space =
-+ free_space_shortage(node, op);
-+ }
-+ }
-+ }
-+ if (not_enough_space > 0) {
-+ if (!(flags & COPI_DONT_ALLOCATE))
-+ warning("nikita-948", "Cannot insert new item");
-+ result = -E_NODE_FULL;
-+ }
-+ assert("nikita-1622", ergo(result == 0,
-+ carry_real(op->node) == coord->node));
-+ assert("nikita-2616", coord == op->u.insert.d->coord);
-+ if (result == 0)
-+ result = make_space_tail(op, doing, orig_node);
-+ return result;
-+}
-+
-+/* insert_paste_common() - common part of insert and paste operations
-+
-+ This function performs common part of COP_INSERT and COP_PASTE.
-+
-+ There are two ways in which insertion/paste can be requested:
-+
-+ . by directly supplying reiser4_item_data. In this case, op ->
-+ u.insert.type is set to COPT_ITEM_DATA.
-+
-+ . by supplying child pointer to which is to inserted into parent. In this
-+ case op -> u.insert.type == COPT_CHILD.
-+
-+ . by supplying key of new item/unit. This is currently only used during
-+ extent insertion
-+
-+ This is required, because when new node is allocated we don't know at what
-+ position pointer to it is to be stored in the parent. Actually, we don't
-+ even know what its parent will be, because parent can be re-balanced
-+ concurrently and new node re-parented, and because parent can be full and
-+ pointer to the new node will go into some other node.
-+
-+ insert_paste_common() resolves pointer to child node into position in the
-+ parent by calling find_new_child_coord(), that fills
-+ reiser4_item_data. After this, insertion/paste proceeds uniformly.
-+
-+ Another complication is with finding free space during pasting. It may
-+ happen that while shifting items to the neighbors and newly allocated
-+ nodes, insertion coord can no longer be in the item we wanted to paste
-+ into. At this point, paste becomes (morphs) into insert. Moreover free
-+ space analysis has to be repeated, because amount of space required for
-+ insertion is different from that of paste (item header overhead, etc).
-+
-+ This function "unifies" different insertion modes (by resolving child
-+ pointer or key into insertion coord), and then calls make_space() to free
-+ enough space in the node by shifting data to the left and right and by
-+ allocating new nodes if necessary. Carry operation knows amount of space
-+ required for its completion. After enough free space is obtained, caller of
-+ this function (carry_{insert,paste,etc.}) performs actual insertion/paste
-+ by calling item plugin method.
-+
-+*/
-+static int insert_paste_common(carry_op * op /* carry operation being
-+ * performed */ ,
-+ carry_level * doing /* current carry level */ ,
-+ carry_level * todo /* next carry level */ ,
-+ carry_insert_data * cdata /* pointer to
-+ * cdata */ ,
-+ coord_t * coord /* insertion/paste coord */ ,
-+ reiser4_item_data * data /* data to be
-+ * inserted/pasted */ )
-+{
-+ assert("nikita-981", op != NULL);
-+ assert("nikita-980", todo != NULL);
-+ assert("nikita-979", (op->op == COP_INSERT) || (op->op == COP_PASTE)
-+ || (op->op == COP_EXTENT));
-+
-+ if (op->u.insert.type == COPT_PASTE_RESTARTED) {
-+ /* nothing to do. Fall through to make_space(). */
-+ ;
-+ } else if (op->u.insert.type == COPT_KEY) {
-+ node_search_result intra_node;
-+ znode *node;
-+ /* Problem with doing batching at the lowest level, is that
-+ operations here are given by coords where modification is
-+ to be performed, and one modification can invalidate coords
-+ of all following operations.
-+
-+ So, we are implementing yet another type for operation that
-+ will use (the only) "locator" stable across shifting of
-+ data between nodes, etc.: key (COPT_KEY).
-+
-+ This clause resolves key to the coord in the node.
-+
-+ But node can change also. Probably some pieces have to be
-+ added to the lock_carry_node(), to lock node by its key.
-+
-+ */
-+ /* NOTE-NIKITA Lookup bias is fixed to FIND_EXACT. Complain
-+ if you need something else. */
-+ op->u.insert.d->coord = coord;
-+ node = carry_real(op->node);
-+ intra_node = node_plugin_by_node(node)->lookup
-+ (node, op->u.insert.d->key, FIND_EXACT,
-+ op->u.insert.d->coord);
-+ if ((intra_node != NS_FOUND) && (intra_node != NS_NOT_FOUND)) {
-+ warning("nikita-1715", "Intra node lookup failure: %i",
-+ intra_node);
-+ return intra_node;
-+ }
-+ } else if (op->u.insert.type == COPT_CHILD) {
-+ /* if we are asked to insert pointer to the child into
-+ internal node, first convert pointer to the child into
-+ coord within parent node.
-+ */
-+ znode *child;
-+ int result;
-+
-+ op->u.insert.d = cdata;
-+ op->u.insert.d->coord = coord;
-+ op->u.insert.d->data = data;
-+ op->u.insert.d->coord->node = carry_real(op->node);
-+ result = find_new_child_coord(op);
-+ child = carry_real(op->u.insert.child);
-+ if (result != NS_NOT_FOUND) {
-+ warning("nikita-993",
-+ "Cannot find a place for child pointer: %i",
-+ result);
-+ return result;
-+ }
-+ /* This only happens when we did multiple insertions at
-+ the previous level, trying to insert single item and
-+ it so happened, that insertion of pointers to all new
-+ nodes before this one already caused parent node to
-+ split (may be several times).
-+
-+ I am going to come up with better solution.
-+
-+ You are not expected to understand this.
-+ -- v6root/usr/sys/ken/slp.c
-+
-+ Basically, what happens here is the following: carry came
-+ to the parent level and is about to insert internal item
-+ pointing to the child node that it just inserted in the
-+ level below. Position where internal item is to be inserted
-+ was found by find_new_child_coord() above, but node of the
-+ current carry operation (that is, parent node of child
-+ inserted on the previous level), was determined earlier in
-+ the lock_carry_level/lock_carry_node. It could so happen
-+ that other carry operations already performed on the parent
-+ level already split parent node, so that insertion point
-+ moved into another node. Handle this by creating new carry
-+ node for insertion point if necessary.
-+ */
-+ if (carry_real(op->node) != op->u.insert.d->coord->node) {
-+ pool_ordering direction;
-+ znode *z1;
-+ znode *z2;
-+ reiser4_key k1;
-+ reiser4_key k2;
-+
-+ /*
-+ * determine in what direction insertion point
-+ * moved. Do this by comparing delimiting keys.
-+ */
-+ z1 = op->u.insert.d->coord->node;
-+ z2 = carry_real(op->node);
-+ if (keyle(leftmost_key_in_node(z1, &k1),
-+ leftmost_key_in_node(z2, &k2)))
-+ /* insertion point moved to the left */
-+ direction = POOLO_BEFORE;
-+ else
-+ /* insertion point moved to the right */
-+ direction = POOLO_AFTER;
-+
-+ op->node = add_carry_skip(doing, direction, op->node);
-+ if (IS_ERR(op->node))
-+ return PTR_ERR(op->node);
-+ op->node->node = op->u.insert.d->coord->node;
-+ op->node->free = 1;
-+ result = lock_carry_node(doing, op->node);
-+ if (result != 0)
-+ return result;
-+ }
-+
-+ /*
-+ * set up key of an item being inserted: we are inserting
-+ * internal item and its key is (by the very definition of
-+ * search tree) is leftmost key in the child node.
-+ */
-+ write_lock_dk(znode_get_tree(child));
-+ op->u.insert.d->key = leftmost_key_in_node(child,
-+ znode_get_ld_key(child));
-+ write_unlock_dk(znode_get_tree(child));
-+ op->u.insert.d->data->arg = op->u.insert.brother;
-+ } else {
-+ assert("vs-243", op->u.insert.d->coord != NULL);
-+ op->u.insert.d->coord->node = carry_real(op->node);
-+ }
-+
-+ /* find free space. */
-+ return make_space(op, doing, todo);
-+}
-+
-+/* handle carry COP_INSERT operation.
-+
-+ Insert new item into node. New item can be given in one of two ways:
-+
-+ - by passing &tree_coord and &reiser4_item_data as part of @op. This is
-+ only applicable at the leaf/twig level.
-+
-+ - by passing a child node pointer to which is to be inserted by this
-+ operation.
-+
-+*/
-+static int carry_insert(carry_op * op /* operation to perform */ ,
-+ carry_level * doing /* queue of operations @op
-+ * is part of */ ,
-+ carry_level * todo /* queue where new operations
-+ * are accumulated */ )
-+{
-+ znode *node;
-+ carry_insert_data cdata;
-+ coord_t coord;
-+ reiser4_item_data data;
-+ carry_plugin_info info;
-+ int result;
-+
-+ assert("nikita-1036", op != NULL);
-+ assert("nikita-1037", todo != NULL);
-+ assert("nikita-1038", op->op == COP_INSERT);
-+
-+ coord_init_zero(&coord);
-+
-+ /* perform common functionality of insert and paste. */
-+ result = insert_paste_common(op, doing, todo, &cdata, &coord, &data);
-+ if (result != 0)
-+ return result;
-+
-+ node = op->u.insert.d->coord->node;
-+ assert("nikita-1039", node != NULL);
-+ assert("nikita-1040", node_plugin_by_node(node) != NULL);
-+
-+ assert("nikita-949",
-+ space_needed_for_op(node, op) <= znode_free_space(node));
-+
-+ /* ask node layout to create new item. */
-+ info.doing = doing;
-+ info.todo = todo;
-+ result = node_plugin_by_node(node)->create_item
-+ (op->u.insert.d->coord, op->u.insert.d->key, op->u.insert.d->data,
-+ &info);
-+ doing->restartable = 0;
-+ znode_make_dirty(node);
-+
-+ return result;
-+}
-+
-+/*
-+ * Flow insertion code. COP_INSERT_FLOW is special tree operation that is
-+ * supplied with a "flow" (that is, a stream of data) and inserts it into tree
-+ * by slicing into multiple items.
-+ */
-+
-+#define flow_insert_point(op) ( ( op ) -> u.insert_flow.insert_point )
-+#define flow_insert_flow(op) ( ( op ) -> u.insert_flow.flow )
-+#define flow_insert_data(op) ( ( op ) -> u.insert_flow.data )
-+
-+static size_t item_data_overhead(carry_op * op)
-+{
-+ if (flow_insert_data(op)->iplug->b.estimate == NULL)
-+ return 0;
-+ return (flow_insert_data(op)->iplug->b.
-+ estimate(NULL /* estimate insertion */ , flow_insert_data(op)) -
-+ flow_insert_data(op)->length);
-+}
-+
-+/* FIXME-VS: this is called several times during one make_flow_for_insertion
-+ and it will always return the same result. Some optimization could be made
-+ by calculating this value once at the beginning and passing it around. That
-+ would reduce some flexibility in future changes
-+*/
-+static int can_paste(coord_t *, const reiser4_key *, const reiser4_item_data *);
-+static size_t flow_insertion_overhead(carry_op * op)
-+{
-+ znode *node;
-+ size_t insertion_overhead;
-+
-+ node = flow_insert_point(op)->node;
-+ insertion_overhead = 0;
-+ if (node->nplug->item_overhead &&
-+ !can_paste(flow_insert_point(op), &flow_insert_flow(op)->key,
-+ flow_insert_data(op)))
-+ insertion_overhead =
-+ node->nplug->item_overhead(node, NULL) +
-+ item_data_overhead(op);
-+ return insertion_overhead;
-+}
-+
-+/* how many bytes of flow does fit to the node */
-+static int what_can_fit_into_node(carry_op * op)
-+{
-+ size_t free, overhead;
-+
-+ overhead = flow_insertion_overhead(op);
-+ free = znode_free_space(flow_insert_point(op)->node);
-+ if (free <= overhead)
-+ return 0;
-+ free -= overhead;
-+ /* FIXME: flow->length is loff_t only to not get overflowed in case of expandign truncate */
-+ if (free < op->u.insert_flow.flow->length)
-+ return free;
-+ return (int)op->u.insert_flow.flow->length;
-+}
-+
-+/* in make_space_for_flow_insertion we need to check either whether whole flow
-+ fits into a node or whether minimal fraction of flow fits into a node */
-+static int enough_space_for_whole_flow(carry_op * op)
-+{
-+ return (unsigned)what_can_fit_into_node(op) ==
-+ op->u.insert_flow.flow->length;
-+}
-+
-+#define MIN_FLOW_FRACTION 1
-+static int enough_space_for_min_flow_fraction(carry_op * op)
-+{
-+ assert("vs-902", coord_is_after_rightmost(flow_insert_point(op)));
-+
-+ return what_can_fit_into_node(op) >= MIN_FLOW_FRACTION;
-+}
-+
-+/* this returns 0 if left neighbor was obtained successfully and everything
-+ upto insertion point including it were shifted and left neighbor still has
-+ some free space to put minimal fraction of flow into it */
-+static int
-+make_space_by_shift_left(carry_op * op, carry_level * doing, carry_level * todo)
-+{
-+ carry_node *left;
-+ znode *orig;
-+
-+ left = find_left_neighbor(op, doing);
-+ if (unlikely(IS_ERR(left))) {
-+ warning("vs-899",
-+ "make_space_by_shift_left: "
-+ "error accessing left neighbor: %li", PTR_ERR(left));
-+ return 1;
-+ }
-+ if (left == NULL)
-+ /* left neighbor either does not exist or is unformatted
-+ node */
-+ return 1;
-+
-+ orig = flow_insert_point(op)->node;
-+ /* try to shift content of node @orig from its head upto insert point
-+ including insertion point into the left neighbor */
-+ carry_shift_data(LEFT_SIDE, flow_insert_point(op), carry_real(left), doing, todo, 1 /* including insert
-+ * point */ );
-+ if (carry_real(left) != flow_insert_point(op)->node) {
-+ /* insertion point did not move */
-+ return 1;
-+ }
-+
-+ /* insertion point is set after last item in the node */
-+ assert("vs-900", coord_is_after_rightmost(flow_insert_point(op)));
-+
-+ if (!enough_space_for_min_flow_fraction(op)) {
-+ /* insertion point node does not have enough free space to put
-+ even minimal portion of flow into it, therefore, move
-+ insertion point back to orig node (before first item) */
-+ coord_init_before_first_item(flow_insert_point(op), orig);
-+ return 1;
-+ }
-+
-+ /* part of flow is to be written to the end of node */
-+ op->node = left;
-+ return 0;
-+}
-+
-+/* this returns 0 if right neighbor was obtained successfully and everything to
-+ the right of insertion point was shifted to it and node got enough free
-+ space to put minimal fraction of flow into it */
-+static int
-+make_space_by_shift_right(carry_op * op, carry_level * doing,
-+ carry_level * todo)
-+{
-+ carry_node *right;
-+
-+ right = find_right_neighbor(op, doing);
-+ if (unlikely(IS_ERR(right))) {
-+ warning("nikita-1065", "shift_right_excluding_insert_point: "
-+ "error accessing right neighbor: %li", PTR_ERR(right));
-+ return 1;
-+ }
-+ if (right) {
-+ /* shift everything possible on the right of but excluding
-+ insertion coord into the right neighbor */
-+ carry_shift_data(RIGHT_SIDE, flow_insert_point(op), carry_real(right), doing, todo, 0 /* not
-+ * including
-+ * insert
-+ * point */ );
-+ } else {
-+ /* right neighbor either does not exist or is unformatted
-+ node */
-+ ;
-+ }
-+ if (coord_is_after_rightmost(flow_insert_point(op))) {
-+ if (enough_space_for_min_flow_fraction(op)) {
-+ /* part of flow is to be written to the end of node */
-+ return 0;
-+ }
-+ }
-+
-+ /* new node is to be added if insert point node did not get enough
-+ space for whole flow */
-+ return 1;
-+}
-+
-+/* this returns 0 when insert coord is set at the node end and fraction of flow
-+ fits into that node */
-+static int
-+make_space_by_new_nodes(carry_op * op, carry_level * doing, carry_level * todo)
-+{
-+ int result;
-+ znode *node;
-+ carry_node *new;
-+
-+ node = flow_insert_point(op)->node;
-+
-+ if (op->u.insert_flow.new_nodes == CARRY_FLOW_NEW_NODES_LIMIT)
-+ return RETERR(-E_NODE_FULL);
-+ /* add new node after insert point node */
-+ new = add_new_znode(node, op->node, doing, todo);
-+ if (unlikely(IS_ERR(new))) {
-+ return PTR_ERR(new);
-+ }
-+ result = lock_carry_node(doing, new);
-+ zput(carry_real(new));
-+ if (unlikely(result)) {
-+ return result;
-+ }
-+ op->u.insert_flow.new_nodes++;
-+ if (!coord_is_after_rightmost(flow_insert_point(op))) {
-+ carry_shift_data(RIGHT_SIDE, flow_insert_point(op), carry_real(new), doing, todo, 0 /* not
-+ * including
-+ * insert
-+ * point */ );
-+
-+ assert("vs-901",
-+ coord_is_after_rightmost(flow_insert_point(op)));
-+
-+ if (enough_space_for_min_flow_fraction(op)) {
-+ return 0;
-+ }
-+ if (op->u.insert_flow.new_nodes == CARRY_FLOW_NEW_NODES_LIMIT)
-+ return RETERR(-E_NODE_FULL);
-+
-+ /* add one more new node */
-+ new = add_new_znode(node, op->node, doing, todo);
-+ if (unlikely(IS_ERR(new))) {
-+ return PTR_ERR(new);
-+ }
-+ result = lock_carry_node(doing, new);
-+ zput(carry_real(new));
-+ if (unlikely(result)) {
-+ return result;
-+ }
-+ op->u.insert_flow.new_nodes++;
-+ }
-+
-+ /* move insertion point to new node */
-+ coord_init_before_first_item(flow_insert_point(op), carry_real(new));
-+ op->node = new;
-+ return 0;
-+}
-+
-+static int
-+make_space_for_flow_insertion(carry_op * op, carry_level * doing,
-+ carry_level * todo)
-+{
-+ __u32 flags = op->u.insert_flow.flags;
-+
-+ if (enough_space_for_whole_flow(op)) {
-+ /* whole flow fits into insert point node */
-+ return 0;
-+ }
-+
-+ if (!(flags & COPI_DONT_SHIFT_LEFT)
-+ && (make_space_by_shift_left(op, doing, todo) == 0)) {
-+ /* insert point is shifted to left neighbor of original insert
-+ point node and is set after last unit in that node. It has
-+ enough space to fit at least minimal fraction of flow. */
-+ return 0;
-+ }
-+
-+ if (enough_space_for_whole_flow(op)) {
-+ /* whole flow fits into insert point node */
-+ return 0;
-+ }
-+
-+ if (!(flags & COPI_DONT_SHIFT_RIGHT)
-+ && (make_space_by_shift_right(op, doing, todo) == 0)) {
-+ /* insert point is still set to the same node, but there is
-+ nothing to the right of insert point. */
-+ return 0;
-+ }
-+
-+ if (enough_space_for_whole_flow(op)) {
-+ /* whole flow fits into insert point node */
-+ return 0;
-+ }
-+
-+ return make_space_by_new_nodes(op, doing, todo);
-+}
-+
-+/* implements COP_INSERT_FLOW operation */
-+static int
-+carry_insert_flow(carry_op * op, carry_level * doing, carry_level * todo)
-+{
-+ int result;
-+ flow_t *f;
-+ coord_t *insert_point;
-+ node_plugin *nplug;
-+ carry_plugin_info info;
-+ znode *orig_node;
-+ lock_handle *orig_lh;
-+
-+ f = op->u.insert_flow.flow;
-+ result = 0;
-+
-+ /* carry system needs this to work */
-+ info.doing = doing;
-+ info.todo = todo;
-+
-+ orig_node = flow_insert_point(op)->node;
-+ orig_lh = doing->tracked;
-+
-+ while (f->length) {
-+ result = make_space_for_flow_insertion(op, doing, todo);
-+ if (result)
-+ break;
-+
-+ insert_point = flow_insert_point(op);
-+ nplug = node_plugin_by_node(insert_point->node);
-+
-+ /* compose item data for insertion/pasting */
-+ flow_insert_data(op)->data = f->data;
-+ flow_insert_data(op)->length = what_can_fit_into_node(op);
-+
-+ if (can_paste(insert_point, &f->key, flow_insert_data(op))) {
-+ /* insert point is set to item of file we are writing to and we have to append to it */
-+ assert("vs-903", insert_point->between == AFTER_UNIT);
-+ nplug->change_item_size(insert_point,
-+ flow_insert_data(op)->length);
-+ flow_insert_data(op)->iplug->b.paste(insert_point,
-+ flow_insert_data
-+ (op), &info);
-+ } else {
-+ /* new item must be inserted */
-+ pos_in_node_t new_pos;
-+ flow_insert_data(op)->length += item_data_overhead(op);
-+
-+ /* FIXME-VS: this is because node40_create_item changes
-+ insert_point for obscure reasons */
-+ switch (insert_point->between) {
-+ case AFTER_ITEM:
-+ new_pos = insert_point->item_pos + 1;
-+ break;
-+ case EMPTY_NODE:
-+ new_pos = 0;
-+ break;
-+ case BEFORE_ITEM:
-+ assert("vs-905", insert_point->item_pos == 0);
-+ new_pos = 0;
-+ break;
-+ default:
-+ impossible("vs-906",
-+ "carry_insert_flow: invalid coord");
-+ new_pos = 0;
-+ break;
-+ }
-+
-+ nplug->create_item(insert_point, &f->key,
-+ flow_insert_data(op), &info);
-+ coord_set_item_pos(insert_point, new_pos);
-+ }
-+ coord_init_after_item_end(insert_point);
-+ doing->restartable = 0;
-+ znode_make_dirty(insert_point->node);
-+
-+ move_flow_forward(f, (unsigned)flow_insert_data(op)->length);
-+ }
-+
-+ if (orig_node != flow_insert_point(op)->node) {
-+ /* move lock to new insert point */
-+ done_lh(orig_lh);
-+ init_lh(orig_lh);
-+ result =
-+ longterm_lock_znode(orig_lh, flow_insert_point(op)->node,
-+ ZNODE_WRITE_LOCK, ZNODE_LOCK_HIPRI);
-+ }
-+
-+ return result;
-+}
-+
-+/* implements COP_DELETE operation
-+
-+ Remove pointer to @op -> u.delete.child from it's parent.
-+
-+ This function also handles killing of a tree root is last pointer from it
-+ was removed. This is complicated by our handling of "twig" level: root on
-+ twig level is never killed.
-+
-+*/
-+static int carry_delete(carry_op * op /* operation to be performed */ ,
-+ carry_level * doing UNUSED_ARG /* current carry
-+ * level */ ,
-+ carry_level * todo /* next carry level */ )
-+{
-+ int result;
-+ coord_t coord;
-+ coord_t coord2;
-+ znode *parent;
-+ znode *child;
-+ carry_plugin_info info;
-+ reiser4_tree *tree;
-+
-+ /*
-+ * This operation is called to delete internal item pointing to the
-+ * child node that was removed by carry from the tree on the previous
-+ * tree level.
-+ */
-+
-+ assert("nikita-893", op != NULL);
-+ assert("nikita-894", todo != NULL);
-+ assert("nikita-895", op->op == COP_DELETE);
-+
-+ coord_init_zero(&coord);
-+ coord_init_zero(&coord2);
-+
-+ parent = carry_real(op->node);
-+ child = op->u.delete.child ?
-+ carry_real(op->u.delete.child) : op->node->node;
-+ tree = znode_get_tree(child);
-+ read_lock_tree(tree);
-+
-+ /*
-+ * @parent was determined when carry entered parent level
-+ * (lock_carry_level/lock_carry_node). Since then, actual parent of
-+ * @child node could change due to other carry operations performed on
-+ * the parent level. Check for this.
-+ */
-+
-+ if (znode_parent(child) != parent) {
-+ /* NOTE-NIKITA add stat counter for this. */
-+ parent = znode_parent(child);
-+ assert("nikita-2581", find_carry_node(doing, parent));
-+ }
-+ read_unlock_tree(tree);
-+
-+ assert("nikita-1213", znode_get_level(parent) > LEAF_LEVEL);
-+
-+ /* Twig level horrors: tree should be of height at least 2. So, last
-+ pointer from the root at twig level is preserved even if child is
-+ empty. This is ugly, but so it was architectured.
-+ */
-+
-+ if (znode_is_root(parent) &&
-+ znode_get_level(parent) <= REISER4_MIN_TREE_HEIGHT &&
-+ node_num_items(parent) == 1) {
-+ /* Delimiting key manipulations. */
-+ write_lock_dk(tree);
-+ znode_set_ld_key(child, znode_set_ld_key(parent, min_key()));
-+ znode_set_rd_key(child, znode_set_rd_key(parent, max_key()));
-+ ZF_SET(child, JNODE_DKSET);
-+ write_unlock_dk(tree);
-+
-+ /* @child escaped imminent death! */
-+ ZF_CLR(child, JNODE_HEARD_BANSHEE);
-+ return 0;
-+ }
-+
-+ /* convert child pointer to the coord_t */
-+ result = find_child_ptr(parent, child, &coord);
-+ if (result != NS_FOUND) {
-+ warning("nikita-994", "Cannot find child pointer: %i", result);
-+ print_coord_content("coord", &coord);
-+ return result;
-+ }
-+
-+ coord_dup(&coord2, &coord);
-+ info.doing = doing;
-+ info.todo = todo;
-+ {
-+ /*
-+ * Actually kill internal item: prepare structure with
-+ * arguments for ->cut_and_kill() method...
-+ */
-+
-+ struct carry_kill_data kdata;
-+ kdata.params.from = &coord;
-+ kdata.params.to = &coord2;
-+ kdata.params.from_key = NULL;
-+ kdata.params.to_key = NULL;
-+ kdata.params.smallest_removed = NULL;
-+ kdata.params.truncate = 1;
-+ kdata.flags = op->u.delete.flags;
-+ kdata.inode = NULL;
-+ kdata.left = NULL;
-+ kdata.right = NULL;
-+ kdata.buf = NULL;
-+ /* ... and call it. */
-+ result = node_plugin_by_node(parent)->cut_and_kill(&kdata,
-+ &info);
-+ }
-+ doing->restartable = 0;
-+
-+ /* check whether root should be killed violently */
-+ if (znode_is_root(parent) &&
-+ /* don't kill roots at and lower than twig level */
-+ znode_get_level(parent) > REISER4_MIN_TREE_HEIGHT &&
-+ node_num_items(parent) == 1) {
-+ result = kill_tree_root(coord.node);
-+ }
-+
-+ return result < 0 ? : 0;
-+}
-+
-+/* implements COP_CUT opration
-+
-+ Cuts part or whole content of node.
-+
-+*/
-+static int carry_cut(carry_op * op /* operation to be performed */ ,
-+ carry_level * doing /* current carry level */ ,
-+ carry_level * todo /* next carry level */ )
-+{
-+ int result;
-+ carry_plugin_info info;
-+ node_plugin *nplug;
-+
-+ assert("nikita-896", op != NULL);
-+ assert("nikita-897", todo != NULL);
-+ assert("nikita-898", op->op == COP_CUT);
-+
-+ info.doing = doing;
-+ info.todo = todo;
-+
-+ nplug = node_plugin_by_node(carry_real(op->node));
-+ if (op->u.cut_or_kill.is_cut)
-+ result = nplug->cut(op->u.cut_or_kill.u.cut, &info);
-+ else
-+ result = nplug->cut_and_kill(op->u.cut_or_kill.u.kill, &info);
-+
-+ doing->restartable = 0;
-+ return result < 0 ? : 0;
-+}
-+
-+/* helper function for carry_paste(): returns true if @op can be continued as
-+ paste */
-+static int
-+can_paste(coord_t * icoord, const reiser4_key * key,
-+ const reiser4_item_data * data)
-+{
-+ coord_t circa;
-+ item_plugin *new_iplug;
-+ item_plugin *old_iplug;
-+ int result = 0; /* to keep gcc shut */
-+
-+ assert("", icoord->between != AT_UNIT);
-+
-+ /* obviously, one cannot paste when node is empty---there is nothing
-+ to paste into. */
-+ if (node_is_empty(icoord->node))
-+ return 0;
-+ /* if insertion point is at the middle of the item, then paste */
-+ if (!coord_is_between_items(icoord))
-+ return 1;
-+ coord_dup(&circa, icoord);
-+ circa.between = AT_UNIT;
-+
-+ old_iplug = item_plugin_by_coord(&circa);
-+ new_iplug = data->iplug;
-+
-+ /* check whether we can paste to the item @icoord is "at" when we
-+ ignore ->between field */
-+ if (old_iplug == new_iplug && item_can_contain_key(&circa, key, data)) {
-+ result = 1;
-+ } else if (icoord->between == BEFORE_UNIT
-+ || icoord->between == BEFORE_ITEM) {
-+ /* otherwise, try to glue to the item at the left, if any */
-+ coord_dup(&circa, icoord);
-+ if (coord_set_to_left(&circa)) {
-+ result = 0;
-+ coord_init_before_item(icoord);
-+ } else {
-+ old_iplug = item_plugin_by_coord(&circa);
-+ result = (old_iplug == new_iplug)
-+ && item_can_contain_key(icoord, key, data);
-+ if (result) {
-+ coord_dup(icoord, &circa);
-+ icoord->between = AFTER_UNIT;
-+ }
-+ }
-+ } else if (icoord->between == AFTER_UNIT
-+ || icoord->between == AFTER_ITEM) {
-+ coord_dup(&circa, icoord);
-+ /* otherwise, try to glue to the item at the right, if any */
-+ if (coord_set_to_right(&circa)) {
-+ result = 0;
-+ coord_init_after_item(icoord);
-+ } else {
-+ int (*cck) (const coord_t *, const reiser4_key *,
-+ const reiser4_item_data *);
-+
-+ old_iplug = item_plugin_by_coord(&circa);
-+
-+ cck = old_iplug->b.can_contain_key;
-+ if (cck == NULL)
-+ /* item doesn't define ->can_contain_key
-+ method? So it is not expandable. */
-+ result = 0;
-+ else {
-+ result = (old_iplug == new_iplug)
-+ && cck(&circa /*icoord */ , key, data);
-+ if (result) {
-+ coord_dup(icoord, &circa);
-+ icoord->between = BEFORE_UNIT;
-+ }
-+ }
-+ }
-+ } else
-+ impossible("nikita-2513", "Nothing works");
-+ if (result) {
-+ if (icoord->between == BEFORE_ITEM) {
-+ assert("vs-912", icoord->unit_pos == 0);
-+ icoord->between = BEFORE_UNIT;
-+ } else if (icoord->between == AFTER_ITEM) {
-+ coord_init_after_item_end(icoord);
-+ }
-+ }
-+ return result;
-+}
-+
-+/* implements COP_PASTE operation
-+
-+ Paste data into existing item. This is complicated by the fact that after
-+ we shifted something to the left or right neighbors trying to free some
-+ space, item we were supposed to paste into can be in different node than
-+ insertion coord. If so, we are no longer doing paste, but insert. See
-+ comments in insert_paste_common().
-+
-+*/
-+static int carry_paste(carry_op * op /* operation to be performed */ ,
-+ carry_level * doing UNUSED_ARG /* current carry
-+ * level */ ,
-+ carry_level * todo /* next carry level */ )
-+{
-+ znode *node;
-+ carry_insert_data cdata;
-+ coord_t dcoord;
-+ reiser4_item_data data;
-+ int result;
-+ int real_size;
-+ item_plugin *iplug;
-+ carry_plugin_info info;
-+ coord_t *coord;
-+
-+ assert("nikita-982", op != NULL);
-+ assert("nikita-983", todo != NULL);
-+ assert("nikita-984", op->op == COP_PASTE);
-+
-+ coord_init_zero(&dcoord);
-+
-+ result = insert_paste_common(op, doing, todo, &cdata, &dcoord, &data);
-+ if (result != 0)
-+ return result;
-+
-+ coord = op->u.insert.d->coord;
-+
-+ /* handle case when op -> u.insert.coord doesn't point to the item
-+ of required type. restart as insert. */
-+ if (!can_paste(coord, op->u.insert.d->key, op->u.insert.d->data)) {
-+ op->op = COP_INSERT;
-+ op->u.insert.type = COPT_PASTE_RESTARTED;
-+ result = op_dispatch_table[COP_INSERT].handler(op, doing, todo);
-+
-+ return result;
-+ }
-+
-+ node = coord->node;
-+ iplug = item_plugin_by_coord(coord);
-+ assert("nikita-992", iplug != NULL);
-+
-+ assert("nikita-985", node != NULL);
-+ assert("nikita-986", node_plugin_by_node(node) != NULL);
-+
-+ assert("nikita-987",
-+ space_needed_for_op(node, op) <= znode_free_space(node));
-+
-+ assert("nikita-1286", coord_is_existing_item(coord));
-+
-+ /*
-+ * if item is expanded as a result of this operation, we should first
-+ * change item size, than call ->b.paste item method. If item is
-+ * shrunk, it should be done other way around: first call ->b.paste
-+ * method, then reduce item size.
-+ */
-+
-+ real_size = space_needed_for_op(node, op);
-+ if (real_size > 0)
-+ node->nplug->change_item_size(coord, real_size);
-+
-+ doing->restartable = 0;
-+ info.doing = doing;
-+ info.todo = todo;
-+
-+ result = iplug->b.paste(coord, op->u.insert.d->data, &info);
-+
-+ if (real_size < 0)
-+ node->nplug->change_item_size(coord, real_size);
-+
-+ /* if we pasted at the beginning of the item, update item's key. */
-+ if (coord->unit_pos == 0 && coord->between != AFTER_UNIT)
-+ node->nplug->update_item_key(coord, op->u.insert.d->key, &info);
-+
-+ znode_make_dirty(node);
-+ return result;
-+}
-+
-+/* handle carry COP_EXTENT operation. */
-+static int carry_extent(carry_op * op /* operation to perform */ ,
-+ carry_level * doing /* queue of operations @op
-+ * is part of */ ,
-+ carry_level * todo /* queue where new operations
-+ * are accumulated */ )
-+{
-+ znode *node;
-+ carry_insert_data cdata;
-+ coord_t coord;
-+ reiser4_item_data data;
-+ carry_op *delete_dummy;
-+ carry_op *insert_extent;
-+ int result;
-+ carry_plugin_info info;
-+
-+ assert("nikita-1751", op != NULL);
-+ assert("nikita-1752", todo != NULL);
-+ assert("nikita-1753", op->op == COP_EXTENT);
-+
-+ /* extent insertion overview:
-+
-+ extents live on the TWIG LEVEL, which is level one above the leaf
-+ one. This complicates extent insertion logic somewhat: it may
-+ happen (and going to happen all the time) that in logical key
-+ ordering extent has to be placed between items I1 and I2, located
-+ at the leaf level, but I1 and I2 are in the same formatted leaf
-+ node N1. To insert extent one has to
-+
-+ (1) reach node N1 and shift data between N1, its neighbors and
-+ possibly newly allocated nodes until I1 and I2 fall into different
-+ nodes. Since I1 and I2 are still neighboring items in logical key
-+ order, they will be necessary utmost items in their respective
-+ nodes.
-+
-+ (2) After this new extent item is inserted into node on the twig
-+ level.
-+
-+ Fortunately this process can reuse almost all code from standard
-+ insertion procedure (viz. make_space() and insert_paste_common()),
-+ due to the following observation: make_space() only shifts data up
-+ to and excluding or including insertion point. It never
-+ "over-moves" through insertion point. Thus, one can use
-+ make_space() to perform step (1). All required for this is just to
-+ instruct free_space_shortage() to keep make_space() shifting data
-+ until insertion point is at the node border.
-+
-+ */
-+
-+ /* perform common functionality of insert and paste. */
-+ result = insert_paste_common(op, doing, todo, &cdata, &coord, &data);
-+ if (result != 0)
-+ return result;
-+
-+ node = op->u.extent.d->coord->node;
-+ assert("nikita-1754", node != NULL);
-+ assert("nikita-1755", node_plugin_by_node(node) != NULL);
-+ assert("nikita-1700", coord_wrt(op->u.extent.d->coord) != COORD_INSIDE);
-+
-+ /* NOTE-NIKITA add some checks here. Not assertions, -EIO. Check that
-+ extent fits between items. */
-+
-+ info.doing = doing;
-+ info.todo = todo;
-+
-+ /* there is another complication due to placement of extents on the
-+ twig level: extents are "rigid" in the sense that key-range
-+ occupied by extent cannot grow indefinitely to the right as it is
-+ for the formatted leaf nodes. Because of this when search finds two
-+ adjacent extents on the twig level, it has to "drill" to the leaf
-+ level, creating new node. Here we are removing this node.
-+ */
-+ if (node_is_empty(node)) {
-+ delete_dummy = node_post_carry(&info, COP_DELETE, node, 1);
-+ if (IS_ERR(delete_dummy))
-+ return PTR_ERR(delete_dummy);
-+ delete_dummy->u.delete.child = NULL;
-+ delete_dummy->u.delete.flags = DELETE_RETAIN_EMPTY;
-+ ZF_SET(node, JNODE_HEARD_BANSHEE);
-+ }
-+
-+ /* proceed with inserting extent item into parent. We are definitely
-+ inserting rather than pasting if we get that far. */
-+ insert_extent = node_post_carry(&info, COP_INSERT, node, 1);
-+ if (IS_ERR(insert_extent))
-+ /* @delete_dummy will be automatically destroyed on the level
-+ exiting */
-+ return PTR_ERR(insert_extent);
-+ /* NOTE-NIKITA insertion by key is simplest option here. Another
-+ possibility is to insert on the left or right of already existing
-+ item.
-+ */
-+ insert_extent->u.insert.type = COPT_KEY;
-+ insert_extent->u.insert.d = op->u.extent.d;
-+ assert("nikita-1719", op->u.extent.d->key != NULL);
-+ insert_extent->u.insert.d->data->arg = op->u.extent.d->coord;
-+ insert_extent->u.insert.flags =
-+ znode_get_tree(node)->carry.new_extent_flags;
-+
-+ /*
-+ * if carry was asked to track lock handle we should actually track
-+ * lock handle on the twig node rather than on the leaf where
-+ * operation was started from. Transfer tracked lock handle.
-+ */
-+ if (doing->track_type) {
-+ assert("nikita-3242", doing->tracked != NULL);
-+ assert("nikita-3244", todo->tracked == NULL);
-+ todo->tracked = doing->tracked;
-+ todo->track_type = CARRY_TRACK_NODE;
-+ doing->tracked = NULL;
-+ doing->track_type = 0;
-+ }
-+
-+ return 0;
-+}
-+
-+/* update key in @parent between pointers to @left and @right.
-+
-+ Find coords of @left and @right and update delimiting key between them.
-+ This is helper function called by carry_update(). Finds position of
-+ internal item involved. Updates item key. Updates delimiting keys of child
-+ nodes involved.
-+*/
-+static int update_delimiting_key(znode * parent /* node key is updated
-+ * in */ ,
-+ znode * left /* child of @parent */ ,
-+ znode * right /* child of @parent */ ,
-+ carry_level * doing /* current carry
-+ * level */ ,
-+ carry_level * todo /* parent carry
-+ * level */ ,
-+ const char **error_msg /* place to
-+ * store error
-+ * message */ )
-+{
-+ coord_t left_pos;
-+ coord_t right_pos;
-+ int result;
-+ reiser4_key ldkey;
-+ carry_plugin_info info;
-+
-+ assert("nikita-1177", right != NULL);
-+ /* find position of right left child in a parent */
-+ result = find_child_ptr(parent, right, &right_pos);
-+ if (result != NS_FOUND) {
-+ *error_msg = "Cannot find position of right child";
-+ return result;
-+ }
-+
-+ if ((left != NULL) && !coord_is_leftmost_unit(&right_pos)) {
-+ /* find position of the left child in a parent */
-+ result = find_child_ptr(parent, left, &left_pos);
-+ if (result != NS_FOUND) {
-+ *error_msg = "Cannot find position of left child";
-+ return result;
-+ }
-+ assert("nikita-1355", left_pos.node != NULL);
-+ } else
-+ left_pos.node = NULL;
-+
-+ /* check that they are separated by exactly one key and are basically
-+ sane */
-+ if (REISER4_DEBUG) {
-+ if ((left_pos.node != NULL)
-+ && !coord_is_existing_unit(&left_pos)) {
-+ *error_msg = "Left child is bastard";
-+ return RETERR(-EIO);
-+ }
-+ if (!coord_is_existing_unit(&right_pos)) {
-+ *error_msg = "Right child is bastard";
-+ return RETERR(-EIO);
-+ }
-+ if (left_pos.node != NULL &&
-+ !coord_are_neighbors(&left_pos, &right_pos)) {
-+ *error_msg = "Children are not direct siblings";
-+ return RETERR(-EIO);
-+ }
-+ }
-+ *error_msg = NULL;
-+
-+ info.doing = doing;
-+ info.todo = todo;
-+
-+ /*
-+ * If child node is not empty, new key of internal item is a key of
-+ * leftmost item in the child node. If the child is empty, take its
-+ * right delimiting key as a new key of the internal item. Precise key
-+ * in the latter case is not important per se, because the child (and
-+ * the internal item) are going to be killed shortly anyway, but we
-+ * have to preserve correct order of keys in the parent node.
-+ */
-+
-+ if (!ZF_ISSET(right, JNODE_HEARD_BANSHEE))
-+ leftmost_key_in_node(right, &ldkey);
-+ else {
-+ read_lock_dk(znode_get_tree(parent));
-+ ldkey = *znode_get_rd_key(right);
-+ read_unlock_dk(znode_get_tree(parent));
-+ }
-+ node_plugin_by_node(parent)->update_item_key(&right_pos, &ldkey, &info);
-+ doing->restartable = 0;
-+ znode_make_dirty(parent);
-+ return 0;
-+}
-+
-+/* implements COP_UPDATE opration
-+
-+ Update delimiting keys.
-+
-+*/
-+static int carry_update(carry_op * op /* operation to be performed */ ,
-+ carry_level * doing /* current carry level */ ,
-+ carry_level * todo /* next carry level */ )
-+{
-+ int result;
-+ carry_node *missing UNUSED_ARG;
-+ znode *left;
-+ znode *right;
-+ carry_node *lchild;
-+ carry_node *rchild;
-+ const char *error_msg;
-+ reiser4_tree *tree;
-+
-+ /*
-+ * This operation is called to update key of internal item. This is
-+ * necessary when carry shifted of cut data on the child
-+ * level. Arguments of this operation are:
-+ *
-+ * @right --- child node. Operation should update key of internal
-+ * item pointing to @right.
-+ *
-+ * @left --- left neighbor of @right. This parameter is optional.
-+ */
-+
-+ assert("nikita-902", op != NULL);
-+ assert("nikita-903", todo != NULL);
-+ assert("nikita-904", op->op == COP_UPDATE);
-+
-+ lchild = op->u.update.left;
-+ rchild = op->node;
-+
-+ if (lchild != NULL) {
-+ assert("nikita-1001", lchild->parent);
-+ assert("nikita-1003", !lchild->left);
-+ left = carry_real(lchild);
-+ } else
-+ left = NULL;
-+
-+ tree = znode_get_tree(rchild->node);
-+ read_lock_tree(tree);
-+ right = znode_parent(rchild->node);
-+ read_unlock_tree(tree);
-+
-+ if (right != NULL) {
-+ result = update_delimiting_key(right,
-+ lchild ? lchild->node : NULL,
-+ rchild->node,
-+ doing, todo, &error_msg);
-+ } else {
-+ error_msg = "Cannot find node to update key in";
-+ result = RETERR(-EIO);
-+ }
-+ /* operation will be reposted to the next level by the
-+ ->update_item_key() method of node plugin, if necessary. */
-+
-+ if (result != 0) {
-+ warning("nikita-999", "Error updating delimiting key: %s (%i)",
-+ error_msg ? : "", result);
-+ }
-+ return result;
-+}
-+
-+/* move items from @node during carry */
-+static int carry_shift_data(sideof side /* in what direction to move data */ ,
-+ coord_t * insert_coord /* coord where new item
-+ * is to be inserted */ ,
-+ znode * node /* node which data are moved from */ ,
-+ carry_level * doing /* active carry queue */ ,
-+ carry_level * todo /* carry queue where new
-+ * operations are to be put
-+ * in */ ,
-+ unsigned int including_insert_coord_p /* true if
-+ * @insertion_coord
-+ * can be moved */ )
-+{
-+ int result;
-+ znode *source;
-+ carry_plugin_info info;
-+ node_plugin *nplug;
-+
-+ source = insert_coord->node;
-+
-+ info.doing = doing;
-+ info.todo = todo;
-+
-+ nplug = node_plugin_by_node(node);
-+ result = nplug->shift(insert_coord, node,
-+ (side == LEFT_SIDE) ? SHIFT_LEFT : SHIFT_RIGHT, 0,
-+ (int)including_insert_coord_p, &info);
-+ /* the only error ->shift() method of node plugin can return is
-+ -ENOMEM due to carry node/operation allocation. */
-+ assert("nikita-915", result >= 0 || result == -ENOMEM);
-+ if (result > 0) {
-+ /*
-+ * if some number of bytes was actually shifted, mark nodes
-+ * dirty, and carry level as non-restartable.
-+ */
-+ doing->restartable = 0;
-+ znode_make_dirty(source);
-+ znode_make_dirty(node);
-+ }
-+
-+ assert("nikita-2077", coord_check(insert_coord));
-+ return 0;
-+}
-+
-+typedef carry_node *(*carry_iterator) (carry_node * node);
-+static carry_node *find_dir_carry(carry_node * node, carry_level * level,
-+ carry_iterator iterator);
-+
-+static carry_node *pool_level_list_prev(carry_node *node)
-+{
-+ return list_entry(node->header.level_linkage.prev, carry_node, header.level_linkage);
-+}
-+
-+/* look for the left neighbor of given carry node in a carry queue.
-+
-+ This is used by find_left_neighbor(), but I am not sure that this
-+ really gives any advantage. More statistics required.
-+
-+*/
-+carry_node *find_left_carry(carry_node * node /* node to find left neighbor
-+ * of */ ,
-+ carry_level * level /* level to scan */ )
-+{
-+ return find_dir_carry(node, level,
-+ (carry_iterator) pool_level_list_prev);
-+}
-+
-+static carry_node *pool_level_list_next(carry_node *node)
-+{
-+ return list_entry(node->header.level_linkage.next, carry_node, header.level_linkage);
-+}
-+
-+/* look for the right neighbor of given carry node in a
-+ carry queue.
-+
-+ This is used by find_right_neighbor(), but I am not sure that this
-+ really gives any advantage. More statistics required.
-+
-+*/
-+carry_node *find_right_carry(carry_node * node /* node to find right neighbor
-+ * of */ ,
-+ carry_level * level /* level to scan */ )
-+{
-+ return find_dir_carry(node, level,
-+ (carry_iterator) pool_level_list_next);
-+}
-+
-+/* look for the left or right neighbor of given carry node in a carry
-+ queue.
-+
-+ Helper function used by find_{left|right}_carry().
-+*/
-+static carry_node *find_dir_carry(carry_node * node /* node to start scanning
-+ * from */ ,
-+ carry_level * level /* level to scan */ ,
-+ carry_iterator iterator /* operation to
-+ * move to the next
-+ * node */ )
-+{
-+ carry_node *neighbor;
-+
-+ assert("nikita-1059", node != NULL);
-+ assert("nikita-1060", level != NULL);
-+
-+ /* scan list of carry nodes on this list dir-ward, skipping all
-+ carry nodes referencing the same znode. */
-+ neighbor = node;
-+ while (1) {
-+ neighbor = iterator(neighbor);
-+ if (carry_node_end(level, neighbor))
-+ /* list head is reached */
-+ return NULL;
-+ if (carry_real(neighbor) != carry_real(node))
-+ return neighbor;
-+ }
-+}
-+
-+/*
-+ * Memory reservation estimation.
-+ *
-+ * Carry process proceeds through tree levels upwards. Carry assumes that it
-+ * takes tree in consistent state (e.g., that search tree invariants hold),
-+ * and leaves tree consistent after it finishes. This means that when some
-+ * error occurs carry cannot simply return if there are pending carry
-+ * operations. Generic solution for this problem is carry-undo either as
-+ * transaction manager feature (requiring checkpoints and isolation), or
-+ * through some carry specific mechanism.
-+ *
-+ * Our current approach is to panic if carry hits an error while tree is
-+ * inconsistent. Unfortunately -ENOMEM can easily be triggered. To work around
-+ * this "memory reservation" mechanism was added.
-+ *
-+ * Memory reservation is implemented by perthread-pages.diff patch from
-+ * core-patches. Its API is defined in <linux/gfp.h>
-+ *
-+ * int perthread_pages_reserve(int nrpages, gfp_t gfp);
-+ * void perthread_pages_release(int nrpages);
-+ * int perthread_pages_count(void);
-+ *
-+ * carry estimates its worst case memory requirements at the entry, reserved
-+ * enough memory, and released unused pages before returning.
-+ *
-+ * Code below estimates worst case memory requirements for a given carry
-+ * queue. This is dome by summing worst case memory requirements for each
-+ * operation in the queue.
-+ *
-+ */
-+
-+/*
-+ * Memory memory requirements of many operations depends on the tree
-+ * height. For example, item insertion requires new node to be inserted at
-+ * each tree level in the worst case. What tree height should be used for
-+ * estimation? Current tree height is wrong, because tree height can change
-+ * between the time when estimation was done and the time when operation is
-+ * actually performed. Maximal possible tree height (REISER4_MAX_ZTREE_HEIGHT)
-+ * is also not desirable, because it would lead to the huge over-estimation
-+ * all the time. Plausible solution is "capped tree height": if current tree
-+ * height is less than some TREE_HEIGHT_CAP constant, capped tree height is
-+ * TREE_HEIGHT_CAP, otherwise it's current tree height. Idea behind this is
-+ * that if tree height is TREE_HEIGHT_CAP or larger, it's extremely unlikely
-+ * to be increased even more during short interval of time.
-+ */
-+#define TREE_HEIGHT_CAP (5)
-+
-+/* return capped tree height for the @tree. See comment above. */
-+static int cap_tree_height(reiser4_tree * tree)
-+{
-+ return max_t(int, tree->height, TREE_HEIGHT_CAP);
-+}
-+
-+/* return capped tree height for the current tree. */
-+static int capped_height(void)
-+{
-+ return cap_tree_height(current_tree);
-+}
-+
-+/* return number of pages required to store given number of bytes */
-+static int bytes_to_pages(int bytes)
-+{
-+ return (bytes + PAGE_CACHE_SIZE - 1) >> PAGE_CACHE_SHIFT;
-+}
-+
-+/* how many pages are required to allocate znodes during item insertion. */
-+static int carry_estimate_znodes(void)
-+{
-+ /*
-+ * Note, that there we have some problem here: there is no way to
-+ * reserve pages specifically for the given slab. This means that
-+ * these pages can be hijacked for some other end.
-+ */
-+
-+ /* in the worst case we need 3 new znode on each tree level */
-+ return bytes_to_pages(capped_height() * sizeof(znode) * 3);
-+}
-+
-+/*
-+ * how many pages are required to load bitmaps. One bitmap per level.
-+ */
-+static int carry_estimate_bitmaps(void)
-+{
-+ if (reiser4_is_set(reiser4_get_current_sb(), REISER4_DONT_LOAD_BITMAP)) {
-+ int bytes;
-+
-+ bytes = capped_height() * (0 + /* bnode should be added, but its is private to
-+ * bitmap.c, skip for now. */
-+ 2 * sizeof(jnode)); /* working and commit jnodes */
-+ return bytes_to_pages(bytes) + 2; /* and their contents */
-+ } else
-+ /* bitmaps were pre-loaded during mount */
-+ return 0;
-+}
-+
-+/* worst case item insertion memory requirements */
-+static int carry_estimate_insert(carry_op * op, carry_level * level)
-+{
-+ return carry_estimate_bitmaps() + carry_estimate_znodes() + 1 + /* new atom */
-+ capped_height() + /* new block on each level */
-+ 1 + /* and possibly extra new block at the leaf level */
-+ 3; /* loading of leaves into memory */
-+}
-+
-+/* worst case item deletion memory requirements */
-+static int carry_estimate_delete(carry_op * op, carry_level * level)
-+{
-+ return carry_estimate_bitmaps() + carry_estimate_znodes() + 1 + /* new atom */
-+ 3; /* loading of leaves into memory */
-+}
-+
-+/* worst case tree cut memory requirements */
-+static int carry_estimate_cut(carry_op * op, carry_level * level)
-+{
-+ return carry_estimate_bitmaps() + carry_estimate_znodes() + 1 + /* new atom */
-+ 3; /* loading of leaves into memory */
-+}
-+
-+/* worst case memory requirements of pasting into item */
-+static int carry_estimate_paste(carry_op * op, carry_level * level)
-+{
-+ return carry_estimate_bitmaps() + carry_estimate_znodes() + 1 + /* new atom */
-+ capped_height() + /* new block on each level */
-+ 1 + /* and possibly extra new block at the leaf level */
-+ 3; /* loading of leaves into memory */
-+}
-+
-+/* worst case memory requirements of extent insertion */
-+static int carry_estimate_extent(carry_op * op, carry_level * level)
-+{
-+ return carry_estimate_insert(op, level) + /* insert extent */
-+ carry_estimate_delete(op, level); /* kill leaf */
-+}
-+
-+/* worst case memory requirements of key update */
-+static int carry_estimate_update(carry_op * op, carry_level * level)
-+{
-+ return 0;
-+}
-+
-+/* worst case memory requirements of flow insertion */
-+static int carry_estimate_insert_flow(carry_op * op, carry_level * level)
-+{
-+ int newnodes;
-+
-+ newnodes = min(bytes_to_pages(op->u.insert_flow.flow->length),
-+ CARRY_FLOW_NEW_NODES_LIMIT);
-+ /*
-+ * roughly estimate insert_flow as a sequence of insertions.
-+ */
-+ return newnodes * carry_estimate_insert(op, level);
-+}
-+
-+/* This is dispatch table for carry operations. It can be trivially
-+ abstracted into useful plugin: tunable balancing policy is a good
-+ thing. */
-+carry_op_handler op_dispatch_table[COP_LAST_OP] = {
-+ [COP_INSERT] = {
-+ .handler = carry_insert,
-+ .estimate = carry_estimate_insert}
-+ ,
-+ [COP_DELETE] = {
-+ .handler = carry_delete,
-+ .estimate = carry_estimate_delete}
-+ ,
-+ [COP_CUT] = {
-+ .handler = carry_cut,
-+ .estimate = carry_estimate_cut}
-+ ,
-+ [COP_PASTE] = {
-+ .handler = carry_paste,
-+ .estimate = carry_estimate_paste}
-+ ,
-+ [COP_EXTENT] = {
-+ .handler = carry_extent,
-+ .estimate = carry_estimate_extent}
-+ ,
-+ [COP_UPDATE] = {
-+ .handler = carry_update,
-+ .estimate = carry_estimate_update}
-+ ,
-+ [COP_INSERT_FLOW] = {
-+ .handler = carry_insert_flow,
-+ .estimate = carry_estimate_insert_flow}
-+};
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/carry_ops.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/carry_ops.h
-@@ -0,0 +1,42 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* implementation of carry operations. See carry_ops.c for details. */
-+
-+#if !defined( __CARRY_OPS_H__ )
-+#define __CARRY_OPS_H__
-+
-+#include "forward.h"
-+#include "znode.h"
-+#include "carry.h"
-+
-+/* carry operation handlers */
-+typedef struct carry_op_handler {
-+ /* perform operation */
-+ int (*handler) (carry_op * op, carry_level * doing, carry_level * todo);
-+ /* estimate memory requirements for @op */
-+ int (*estimate) (carry_op * op, carry_level * level);
-+} carry_op_handler;
-+
-+/* This is dispatch table for carry operations. It can be trivially
-+ abstracted into useful plugin: tunable balancing policy is a good
-+ thing. */
-+extern carry_op_handler op_dispatch_table[COP_LAST_OP];
-+
-+unsigned int space_needed(const znode * node, const coord_t * coord,
-+ const reiser4_item_data * data, int inserting);
-+extern carry_node *find_left_carry(carry_node * node, carry_level * level);
-+extern carry_node *find_right_carry(carry_node * node, carry_level * level);
-+
-+/* __CARRY_OPS_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/context.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/context.c
-@@ -0,0 +1,278 @@
-+/* Copyright 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* Manipulation of reiser4_context */
-+
-+/*
-+ * global context used during system call. Variable of this type is allocated
-+ * on the stack at the beginning of the reiser4 part of the system call and
-+ * pointer to it is stored in the current->fs_context. This allows us to avoid
-+ * passing pointer to current transaction and current lockstack (both in
-+ * one-to-one mapping with threads) all over the call chain.
-+ *
-+ * It's kind of like those global variables the prof used to tell you not to
-+ * use in CS1, except thread specific.;-) Nikita, this was a good idea.
-+ *
-+ * In some situations it is desirable to have ability to enter reiser4_context
-+ * more than once for the same thread (nested contexts). For example, there
-+ * are some functions that can be called either directly from VFS/VM or from
-+ * already active reiser4 context (->writepage, for example).
-+ *
-+ * In such situations "child" context acts like dummy: all activity is
-+ * actually performed in the top level context, and get_current_context()
-+ * always returns top level context. Of course, init_context()/done_context()
-+ * have to be properly nested any way.
-+ *
-+ * Note that there is an important difference between reiser4 uses
-+ * ->fs_context and the way other file systems use it. Other file systems
-+ * (ext3 and reiserfs) use ->fs_context only for the duration of _transaction_
-+ * (this is why ->fs_context was initially called ->journal_info). This means,
-+ * that when ext3 or reiserfs finds that ->fs_context is not NULL on the entry
-+ * to the file system, they assume that some transaction is already underway,
-+ * and usually bail out, because starting nested transaction would most likely
-+ * lead to the deadlock. This gives false positives with reiser4, because we
-+ * set ->fs_context before starting transaction.
-+ */
-+
-+#include "debug.h"
-+#include "super.h"
-+#include "context.h"
-+
-+#include <linux/writeback.h> /* balance_dirty_pages() */
-+#include <linux/hardirq.h>
-+
-+
-+static void _init_context(reiser4_context * context, struct super_block *super)
-+{
-+ memset(context, 0, sizeof(*context));
-+
-+ context->super = super;
-+ context->magic = context_magic;
-+ context->outer = current->journal_info;
-+ current->journal_info = (void *)context;
-+ context->nr_children = 0;
-+ context->gfp_mask = GFP_KERNEL;
-+
-+ init_lock_stack(&context->stack);
-+
-+ txn_begin(context);
-+
-+ /* initialize head of tap list */
-+ INIT_LIST_HEAD(&context->taps);
-+#if REISER4_DEBUG
-+ context->task = current;
-+#endif
-+ grab_space_enable();
-+}
-+
-+/* initialize context and bind it to the current thread
-+
-+ This function should be called at the beginning of reiser4 part of
-+ syscall.
-+*/
-+reiser4_context *init_context(struct super_block *super /* super block we are going to
-+ * work with */ )
-+{
-+ reiser4_context *context;
-+
-+ assert("nikita-2662", !in_interrupt() && !in_irq());
-+ assert("nikita-3357", super != NULL);
-+ assert("nikita-3358", super->s_op == NULL || is_reiser4_super(super));
-+
-+ context = get_current_context_check();
-+ if (context && context->super == super) {
-+ context = (reiser4_context *) current->journal_info;
-+ context->nr_children++;
-+ return context;
-+ }
-+
-+ context = kmalloc(sizeof(*context), GFP_KERNEL);
-+ if (context == NULL)
-+ return ERR_PTR(RETERR(-ENOMEM));
-+
-+ _init_context(context, super);
-+ return context;
-+}
-+
-+/* this is used in scan_mgr which is called with spinlock held and in
-+ reiser4_fill_super magic */
-+void init_stack_context(reiser4_context *context, struct super_block *super)
-+{
-+ assert("nikita-2662", !in_interrupt() && !in_irq());
-+ assert("nikita-3357", super != NULL);
-+ assert("nikita-3358", super->s_op == NULL || is_reiser4_super(super));
-+ assert("vs-12", !is_in_reiser4_context());
-+
-+ _init_context(context, super);
-+ context->on_stack = 1;
-+ return;
-+}
-+
-+/* cast lock stack embedded into reiser4 context up to its container */
-+reiser4_context *get_context_by_lock_stack(lock_stack * owner)
-+{
-+ return container_of(owner, reiser4_context, stack);
-+}
-+
-+/* true if there is already _any_ reiser4 context for the current thread */
-+int is_in_reiser4_context(void)
-+{
-+ reiser4_context *ctx;
-+
-+ ctx = current->journal_info;
-+ return ctx != NULL && ((unsigned long)ctx->magic) == context_magic;
-+}
-+
-+/*
-+ * call balance dirty pages for the current context.
-+ *
-+ * File system is expected to call balance_dirty_pages_ratelimited() whenever
-+ * it dirties a page. reiser4 does this for unformatted nodes (that is, during
-+ * write---this covers vast majority of all dirty traffic), but we cannot do
-+ * this immediately when formatted node is dirtied, because long term lock is
-+ * usually held at that time. To work around this, dirtying of formatted node
-+ * simply increases ->nr_marked_dirty counter in the current reiser4
-+ * context. When we are about to leave this context,
-+ * balance_dirty_pages_ratelimited() is called, if necessary.
-+ *
-+ * This introduces another problem: sometimes we do not want to run
-+ * balance_dirty_pages_ratelimited() when leaving a context, for example
-+ * because some important lock (like ->i_mutex on the parent directory) is
-+ * held. To achieve this, ->nobalance flag can be set in the current context.
-+ */
-+static void balance_dirty_pages_at(reiser4_context *context)
-+{
-+ reiser4_super_info_data *sbinfo = get_super_private(context->super);
-+
-+ /*
-+ * call balance_dirty_pages_ratelimited() to process formatted nodes
-+ * dirtied during this system call. Do that only if we are not in mount
-+ * and there were nodes dirtied in this context and we are not in
-+ * writepage (to avoid deadlock) and not in pdflush
-+ */
-+ if (sbinfo != NULL && sbinfo->fake != NULL &&
-+ context->nr_marked_dirty != 0 &&
-+ !(current->flags & PF_MEMALLOC) &&
-+ !current_is_pdflush())
-+ balance_dirty_pages_ratelimited(sbinfo->fake->i_mapping);
-+}
-+
-+/* release resources associated with context.
-+
-+ This function should be called at the end of "session" with reiser4,
-+ typically just before leaving reiser4 driver back to VFS.
-+
-+ This is good place to put some degugging consistency checks, like that
-+ thread released all locks and closed transcrash etc.
-+
-+*/
-+static void done_context(reiser4_context * context /* context being released */ )
-+{
-+ assert("nikita-860", context != NULL);
-+ assert("nikita-859", context->magic == context_magic);
-+ assert("vs-646", (reiser4_context *) current->journal_info == context);
-+ assert("zam-686", !in_interrupt() && !in_irq());
-+
-+ /* only do anything when leaving top-level reiser4 context. All nested
-+ * contexts are just dummies. */
-+ if (context->nr_children == 0) {
-+ assert("jmacd-673", context->trans == NULL);
-+ assert("jmacd-1002", lock_stack_isclean(&context->stack));
-+ assert("nikita-1936", no_counters_are_held());
-+ assert("nikita-2626", list_empty_careful(taps_list()));
-+ assert("zam-1004", ergo(get_super_private(context->super),
-+ get_super_private(context->super)->delete_sema_owner !=
-+ current));
-+
-+ /* release all grabbed but as yet unused blocks */
-+ if (context->grabbed_blocks != 0)
-+ all_grabbed2free();
-+
-+ /*
-+ * synchronize against longterm_unlock_znode():
-+ * wake_up_requestor() wakes up requestors without holding
-+ * zlock (otherwise they will immediately bump into that lock
-+ * after wake up on another CPU). To work around (rare)
-+ * situation where requestor has been woken up asynchronously
-+ * and managed to run until completion (and destroy its
-+ * context and lock stack) before wake_up_requestor() called
-+ * wake_up() on it, wake_up_requestor() synchronize on lock
-+ * stack spin lock. It has actually been observed that spin
-+ * lock _was_ locked at this point, because
-+ * wake_up_requestor() took interrupt.
-+ */
-+ spin_lock_stack(&context->stack);
-+ spin_unlock_stack(&context->stack);
-+
-+ assert("zam-684", context->nr_children == 0);
-+ /* restore original ->fs_context value */
-+ current->journal_info = context->outer;
-+ if (context->on_stack == 0)
-+ kfree(context);
-+ } else {
-+ context->nr_children--;
-+#if REISER4_DEBUG
-+ assert("zam-685", context->nr_children >= 0);
-+#endif
-+ }
-+}
-+
-+/*
-+ * exit reiser4 context. Call balance_dirty_pages_at() if necessary. Close
-+ * transaction. Call done_context() to do context related book-keeping.
-+ */
-+void reiser4_exit_context(reiser4_context * context)
-+{
-+ assert("nikita-3021", schedulable());
-+
-+ if (context->nr_children == 0) {
-+ if (!context->nobalance) {
-+ txn_restart(context);
-+ balance_dirty_pages_at(context);
-+ }
-+
-+ /* if filesystem is mounted with -o sync or -o dirsync - commit
-+ transaction. FIXME: TXNH_DONT_COMMIT is used to avoid
-+ commiting on exit_context when inode semaphore is held and
-+ to have ktxnmgrd to do commit instead to get better
-+ concurrent filesystem accesses. But, when one mounts with -o
-+ sync, he cares more about reliability than about
-+ performance. So, for now we have this simple mount -o sync
-+ support. */
-+ if (context->super->s_flags & (MS_SYNCHRONOUS | MS_DIRSYNC)) {
-+ txn_atom *atom;
-+
-+ atom = get_current_atom_locked_nocheck();
-+ if (atom) {
-+ atom->flags |= ATOM_FORCE_COMMIT;
-+ context->trans->flags &= ~TXNH_DONT_COMMIT;
-+ spin_unlock_atom(atom);
-+ }
-+ }
-+ txn_end(context);
-+ }
-+ done_context(context);
-+}
-+
-+void set_gfp_mask(void)
-+{
-+ reiser4_context *ctx;
-+
-+ ctx = get_current_context();
-+ if (ctx->entd == 0 &&
-+ list_empty(&ctx->stack.locks) &&
-+ ctx->trans->atom == NULL)
-+ ctx->gfp_mask = GFP_KERNEL;
-+ else
-+ ctx->gfp_mask = GFP_NOFS;
-+}
-+
-+/*
-+ * Local variables:
-+ * c-indentation-style: "K&R"
-+ * mode-name: "LC"
-+ * c-basic-offset: 8
-+ * tab-width: 8
-+ * fill-column: 120
-+ * scroll-step: 1
-+ * End:
-+ */
-Index: linux-2.6.16/fs/reiser4/context.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/context.h
-@@ -0,0 +1,228 @@
-+/* Copyright 2001, 2002, 2003, 2004 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* Reiser4 context. See context.c for details. */
-+
-+#if !defined( __REISER4_CONTEXT_H__ )
-+#define __REISER4_CONTEXT_H__
-+
-+#include "forward.h"
-+#include "debug.h"
-+#include "dformat.h"
-+#include "tap.h"
-+#include "lock.h"
-+
-+#include <linux/types.h> /* for __u?? */
-+#include <linux/fs.h> /* for struct super_block */
-+#include <linux/spinlock.h>
-+#include <linux/sched.h> /* for struct task_struct */
-+
-+
-+/* reiser4 per-thread context */
-+struct reiser4_context {
-+ /* magic constant. For identification of reiser4 contexts. */
-+ __u32 magic;
-+
-+ /* current lock stack. See lock.[ch]. This is where list of all
-+ locks taken by current thread is kept. This is also used in
-+ deadlock detection. */
-+ lock_stack stack;
-+
-+ /* current transcrash. */
-+ txn_handle *trans;
-+ /* transaction handle embedded into reiser4_context. ->trans points
-+ * here by default. */
-+ txn_handle trans_in_ctx;
-+
-+ /* super block we are working with. To get the current tree
-+ use &get_super_private (reiser4_get_current_sb ())->tree. */
-+ struct super_block *super;
-+
-+ /* parent fs activation */
-+ struct fs_activation *outer;
-+
-+ /* per-thread grabbed (for further allocation) blocks counter */
-+ reiser4_block_nr grabbed_blocks;
-+
-+ /* list of taps currently monitored. See tap.c */
-+ struct list_head taps;
-+
-+ /* grabbing space is enabled */
-+ unsigned int grab_enabled:1;
-+ /* should be set when we are write dirty nodes to disk in jnode_flush or
-+ * reiser4_write_logs() */
-+ unsigned int writeout_mode:1;
-+ /* true, if current thread is an ent thread */
-+ unsigned int entd:1;
-+ /* true, if balance_dirty_pages() should not be run when leaving this
-+ * context. This is used to avoid lengthly balance_dirty_pages()
-+ * operation when holding some important resource, like directory
-+ * ->i_mutex */
-+ unsigned int nobalance:1;
-+
-+ /* this bit is used on done_context to decide whether context is
-+ kmalloc-ed and has to be kfree-ed */
-+ unsigned int on_stack:1;
-+
-+ /* count non-trivial jnode_set_dirty() calls */
-+ unsigned long nr_marked_dirty;
-+
-+ /* reiser4_sync_inodes calls (via generic_sync_sb_inodes)
-+ * reiser4_writepages for each of dirty inodes. Reiser4_writepages
-+ * captures pages. When number of pages captured in one
-+ * reiser4_sync_inodes reaches some threshold - some atoms get
-+ * flushed */
-+ int nr_captured;
-+ int nr_children; /* number of child contexts */
-+#if REISER4_DEBUG
-+ /* debugging information about reiser4 locks held by the current
-+ * thread */
-+ lock_counters_info locks;
-+ struct task_struct *task; /* so we can easily find owner of the stack */
-+
-+ /*
-+ * disk space grabbing debugging support
-+ */
-+ /* how many disk blocks were grabbed by the first call to
-+ * reiser4_grab_space() in this context */
-+ reiser4_block_nr grabbed_initially;
-+
-+ /* list of all threads doing flush currently */
-+ struct list_head flushers_link;
-+ /* information about last error encountered by reiser4 */
-+ err_site err;
-+#endif
-+ void *vp;
-+ gfp_t gfp_mask;
-+};
-+
-+extern reiser4_context *get_context_by_lock_stack(lock_stack *);
-+
-+/* Debugging helps. */
-+#if REISER4_DEBUG
-+extern void print_contexts(void);
-+#endif
-+
-+#define current_tree (&(get_super_private(reiser4_get_current_sb())->tree))
-+#define current_blocksize reiser4_get_current_sb()->s_blocksize
-+#define current_blocksize_bits reiser4_get_current_sb()->s_blocksize_bits
-+
-+extern reiser4_context *init_context(struct super_block *);
-+extern void init_stack_context(reiser4_context *, struct super_block *);
-+extern void reiser4_exit_context(reiser4_context *);
-+
-+/* magic constant we store in reiser4_context allocated at the stack. Used to
-+ catch accesses to staled or uninitialized contexts. */
-+#define context_magic ((__u32) 0x4b1b5d0b)
-+
-+extern int is_in_reiser4_context(void);
-+
-+/*
-+ * return reiser4_context for the thread @tsk
-+ */
-+static inline reiser4_context *get_context(const struct task_struct *tsk)
-+{
-+ assert("vs-1682",
-+ ((reiser4_context *) tsk->journal_info)->magic == context_magic);
-+ return (reiser4_context *) tsk->journal_info;
-+}
-+
-+/*
-+ * return reiser4 context of the current thread, or NULL if there is none.
-+ */
-+static inline reiser4_context *get_current_context_check(void)
-+{
-+ if (is_in_reiser4_context())
-+ return get_context(current);
-+ else
-+ return NULL;
-+}
-+
-+static inline reiser4_context *get_current_context(void); /* __attribute__((const)); */
-+
-+/* return context associated with current thread */
-+static inline reiser4_context *get_current_context(void)
-+{
-+ return get_context(current);
-+}
-+
-+static inline gfp_t get_gfp_mask(void)
-+{
-+ reiser4_context *ctx;
-+
-+ ctx = get_current_context_check();
-+ return (ctx == NULL) ? GFP_KERNEL : ctx->gfp_mask;
-+}
-+
-+void set_gfp_mask(void);
-+
-+/*
-+ * true if current thread is in the write-out mode. Thread enters write-out
-+ * mode during jnode_flush and reiser4_write_logs().
-+ */
-+static inline int is_writeout_mode(void)
-+{
-+ return get_current_context()->writeout_mode;
-+}
-+
-+/*
-+ * enter write-out mode
-+ */
-+static inline void writeout_mode_enable(void)
-+{
-+ assert("zam-941", !get_current_context()->writeout_mode);
-+ get_current_context()->writeout_mode = 1;
-+}
-+
-+/*
-+ * leave write-out mode
-+ */
-+static inline void writeout_mode_disable(void)
-+{
-+ assert("zam-942", get_current_context()->writeout_mode);
-+ get_current_context()->writeout_mode = 0;
-+}
-+
-+static inline void grab_space_enable(void)
-+{
-+ get_current_context()->grab_enabled = 1;
-+}
-+
-+static inline void grab_space_disable(void)
-+{
-+ get_current_context()->grab_enabled = 0;
-+}
-+
-+static inline void grab_space_set_enabled(int enabled)
-+{
-+ get_current_context()->grab_enabled = enabled;
-+}
-+
-+static inline int is_grab_enabled(reiser4_context * ctx)
-+{
-+ return ctx->grab_enabled;
-+}
-+
-+/* mark transaction handle in @ctx as TXNH_DONT_COMMIT, so that no commit or
-+ * flush would be performed when it is closed. This is necessary when handle
-+ * has to be closed under some coarse semaphore, like i_mutex of
-+ * directory. Commit will be performed by ktxnmgrd. */
-+static inline void context_set_commit_async(reiser4_context * context)
-+{
-+ context->nobalance = 1;
-+ context->trans->flags |= TXNH_DONT_COMMIT;
-+}
-+
-+/* __REISER4_CONTEXT_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/coord.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/coord.c
-@@ -0,0 +1,937 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+#include "forward.h"
-+#include "debug.h"
-+#include "dformat.h"
-+#include "tree.h"
-+#include "plugin/item/item.h"
-+#include "znode.h"
-+#include "coord.h"
-+
-+/* Internal constructor. */
-+static inline void
-+coord_init_values(coord_t * coord, const znode * node, pos_in_node_t item_pos,
-+ pos_in_node_t unit_pos, between_enum between)
-+{
-+ coord->node = (znode *) node;
-+ coord_set_item_pos(coord, item_pos);
-+ coord->unit_pos = unit_pos;
-+ coord->between = between;
-+ ON_DEBUG(coord->plug_v = 0);
-+ ON_DEBUG(coord->body_v = 0);
-+
-+ /*ON_TRACE (TRACE_COORDS, "init coord %p node %p: %u %u %s\n", coord, node, item_pos, unit_pos, coord_tween_tostring (between)); */
-+}
-+
-+/* after shifting of node content, coord previously set properly may become
-+ invalid, try to "normalize" it. */
-+void coord_normalize(coord_t * coord)
-+{
-+ znode *node;
-+
-+ node = coord->node;
-+ assert("vs-683", node);
-+
-+ coord_clear_iplug(coord);
-+
-+ if (node_is_empty(node)) {
-+ coord_init_first_unit(coord, node);
-+ } else if ((coord->between == AFTER_ITEM)
-+ || (coord->between == AFTER_UNIT)) {
-+ return;
-+ } else if (coord->item_pos == coord_num_items(coord)
-+ && coord->between == BEFORE_ITEM) {
-+ coord_dec_item_pos(coord);
-+ coord->between = AFTER_ITEM;
-+ } else if (coord->unit_pos == coord_num_units(coord)
-+ && coord->between == BEFORE_UNIT) {
-+ coord->unit_pos--;
-+ coord->between = AFTER_UNIT;
-+ } else if (coord->item_pos == coord_num_items(coord)
-+ && coord->unit_pos == 0 && coord->between == BEFORE_UNIT) {
-+ coord_dec_item_pos(coord);
-+ coord->unit_pos = 0;
-+ coord->between = AFTER_ITEM;
-+ }
-+}
-+
-+/* Copy a coordinate. */
-+void coord_dup(coord_t * coord, const coord_t * old_coord)
-+{
-+ assert("jmacd-9800", coord_check(old_coord));
-+ coord_dup_nocheck(coord, old_coord);
-+}
-+
-+/* Copy a coordinate without check. Useful when old_coord->node is not
-+ loaded. As in cbk_tree_lookup -> connect_znode -> connect_one_side */
-+void coord_dup_nocheck(coord_t * coord, const coord_t * old_coord)
-+{
-+ coord->node = old_coord->node;
-+ coord_set_item_pos(coord, old_coord->item_pos);
-+ coord->unit_pos = old_coord->unit_pos;
-+ coord->between = old_coord->between;
-+ coord->iplugid = old_coord->iplugid;
-+ ON_DEBUG(coord->plug_v = old_coord->plug_v);
-+ ON_DEBUG(coord->body_v = old_coord->body_v);
-+}
-+
-+/* Initialize an invalid coordinate. */
-+void coord_init_invalid(coord_t * coord, const znode * node)
-+{
-+ coord_init_values(coord, node, 0, 0, INVALID_COORD);
-+}
-+
-+void coord_init_first_unit_nocheck(coord_t * coord, const znode * node)
-+{
-+ coord_init_values(coord, node, 0, 0, AT_UNIT);
-+}
-+
-+/* Initialize a coordinate to point at the first unit of the first item. If the node is
-+ empty, it is positioned at the EMPTY_NODE. */
-+void coord_init_first_unit(coord_t * coord, const znode * node)
-+{
-+ int is_empty = node_is_empty(node);
-+
-+ coord_init_values(coord, node, 0, 0, (is_empty ? EMPTY_NODE : AT_UNIT));
-+
-+ assert("jmacd-9801", coord_check(coord));
-+}
-+
-+/* Initialize a coordinate to point at the last unit of the last item. If the node is
-+ empty, it is positioned at the EMPTY_NODE. */
-+void coord_init_last_unit(coord_t * coord, const znode * node)
-+{
-+ int is_empty = node_is_empty(node);
-+
-+ coord_init_values(coord, node,
-+ (is_empty ? 0 : node_num_items(node) - 1), 0,
-+ (is_empty ? EMPTY_NODE : AT_UNIT));
-+ if (!is_empty)
-+ coord->unit_pos = coord_last_unit_pos(coord);
-+ assert("jmacd-9802", coord_check(coord));
-+}
-+
-+/* Initialize a coordinate to before the first item. If the node is empty, it is
-+ positioned at the EMPTY_NODE. */
-+void coord_init_before_first_item(coord_t * coord, const znode * node)
-+{
-+ int is_empty = node_is_empty(node);
-+
-+ coord_init_values(coord, node, 0, 0,
-+ (is_empty ? EMPTY_NODE : BEFORE_UNIT));
-+
-+ assert("jmacd-9803", coord_check(coord));
-+}
-+
-+/* Initialize a coordinate to after the last item. If the node is empty, it is positioned
-+ at the EMPTY_NODE. */
-+void coord_init_after_last_item(coord_t * coord, const znode * node)
-+{
-+ int is_empty = node_is_empty(node);
-+
-+ coord_init_values(coord, node,
-+ (is_empty ? 0 : node_num_items(node) - 1), 0,
-+ (is_empty ? EMPTY_NODE : AFTER_ITEM));
-+
-+ assert("jmacd-9804", coord_check(coord));
-+}
-+
-+/* Initialize a coordinate to after last unit in the item. Coord must be set
-+ already to existing item */
-+void coord_init_after_item_end(coord_t * coord)
-+{
-+ coord->between = AFTER_UNIT;
-+ coord->unit_pos = coord_last_unit_pos(coord);
-+}
-+
-+/* Initialize a coordinate to before the item. Coord must be set already to existing item */
-+void coord_init_before_item(coord_t * coord)
-+{
-+ coord->unit_pos = 0;
-+ coord->between = BEFORE_ITEM;
-+}
-+
-+/* Initialize a coordinate to after the item. Coord must be set already to existing item */
-+void coord_init_after_item(coord_t * coord)
-+{
-+ coord->unit_pos = 0;
-+ coord->between = AFTER_ITEM;
-+}
-+
-+/* Initialize a coordinate by 0s. Used in places where init_coord was used and
-+ it was not clear how actually */
-+void coord_init_zero(coord_t * coord)
-+{
-+ memset(coord, 0, sizeof(*coord));
-+}
-+
-+/* Return the number of units at the present item. Asserts coord_is_existing_item(). */
-+unsigned coord_num_units(const coord_t * coord)
-+{
-+ assert("jmacd-9806", coord_is_existing_item(coord));
-+
-+ return item_plugin_by_coord(coord)->b.nr_units(coord);
-+}
-+
-+/* Returns true if the coord was initializewd by coord_init_invalid (). */
-+/* Audited by: green(2002.06.15) */
-+int coord_is_invalid(const coord_t * coord)
-+{
-+ return coord->between == INVALID_COORD;
-+}
-+
-+/* Returns true if the coordinate is positioned at an existing item, not before or after
-+ an item. It may be placed at, before, or after any unit within the item, whether
-+ existing or not. */
-+int coord_is_existing_item(const coord_t * coord)
-+{
-+ switch (coord->between) {
-+ case EMPTY_NODE:
-+ case BEFORE_ITEM:
-+ case AFTER_ITEM:
-+ case INVALID_COORD:
-+ return 0;
-+
-+ case BEFORE_UNIT:
-+ case AT_UNIT:
-+ case AFTER_UNIT:
-+ return coord->item_pos < coord_num_items(coord);
-+ }
-+
-+ impossible("jmacd-9900", "unreachable coord: %p", coord);
-+ return 0;
-+}
-+
-+/* Returns true if the coordinate is positioned at an existing unit, not before or after a
-+ unit. */
-+/* Audited by: green(2002.06.15) */
-+int coord_is_existing_unit(const coord_t * coord)
-+{
-+ switch (coord->between) {
-+ case EMPTY_NODE:
-+ case BEFORE_UNIT:
-+ case AFTER_UNIT:
-+ case BEFORE_ITEM:
-+ case AFTER_ITEM:
-+ case INVALID_COORD:
-+ return 0;
-+
-+ case AT_UNIT:
-+ return (coord->item_pos < coord_num_items(coord)
-+ && coord->unit_pos < coord_num_units(coord));
-+ }
-+
-+ impossible("jmacd-9902", "unreachable");
-+ return 0;
-+}
-+
-+/* Returns true if the coordinate is positioned at the first unit of the first item. Not
-+ true for empty nodes nor coordinates positioned before the first item. */
-+/* Audited by: green(2002.06.15) */
-+int coord_is_leftmost_unit(const coord_t * coord)
-+{
-+ return (coord->between == AT_UNIT && coord->item_pos == 0
-+ && coord->unit_pos == 0);
-+}
-+
-+#if REISER4_DEBUG
-+/* For assertions only, checks for a valid coordinate. */
-+int coord_check(const coord_t * coord)
-+{
-+ if (coord->node == NULL) {
-+ return 0;
-+ }
-+ if (znode_above_root(coord->node))
-+ return 1;
-+
-+ switch (coord->between) {
-+ default:
-+ case INVALID_COORD:
-+ return 0;
-+ case EMPTY_NODE:
-+ if (!node_is_empty(coord->node)) {
-+ return 0;
-+ }
-+ return coord->item_pos == 0 && coord->unit_pos == 0;
-+
-+ case BEFORE_UNIT:
-+ case AFTER_UNIT:
-+ if (node_is_empty(coord->node) && (coord->item_pos == 0)
-+ && (coord->unit_pos == 0))
-+ return 1;
-+ case AT_UNIT:
-+ break;
-+ case AFTER_ITEM:
-+ case BEFORE_ITEM:
-+ /* before/after item should not set unit_pos. */
-+ if (coord->unit_pos != 0) {
-+ return 0;
-+ }
-+ break;
-+ }
-+
-+ if (coord->item_pos >= node_num_items(coord->node)) {
-+ return 0;
-+ }
-+
-+ /* FIXME-VS: we are going to check unit_pos. This makes no sense when
-+ between is set either AFTER_ITEM or BEFORE_ITEM */
-+ if (coord->between == AFTER_ITEM || coord->between == BEFORE_ITEM)
-+ return 1;
-+
-+ if (coord_is_iplug_set(coord) &&
-+ coord->unit_pos >
-+ item_plugin_by_coord(coord)->b.nr_units(coord) - 1) {
-+ return 0;
-+ }
-+ return 1;
-+}
-+#endif
-+
-+/* Adjust coordinate boundaries based on the number of items prior to coord_next/prev.
-+ Returns 1 if the new position is does not exist. */
-+static int coord_adjust_items(coord_t * coord, unsigned items, int is_next)
-+{
-+ /* If the node is invalid, leave it. */
-+ if (coord->between == INVALID_COORD) {
-+ return 1;
-+ }
-+
-+ /* If the node is empty, set it appropriately. */
-+ if (items == 0) {
-+ coord->between = EMPTY_NODE;
-+ coord_set_item_pos(coord, 0);
-+ coord->unit_pos = 0;
-+ return 1;
-+ }
-+
-+ /* If it was empty and it no longer is, set to BEFORE/AFTER_ITEM. */
-+ if (coord->between == EMPTY_NODE) {
-+ coord->between = (is_next ? BEFORE_ITEM : AFTER_ITEM);
-+ coord_set_item_pos(coord, 0);
-+ coord->unit_pos = 0;
-+ return 0;
-+ }
-+
-+ /* If the item_pos is out-of-range, set it appropriatly. */
-+ if (coord->item_pos >= items) {
-+ coord->between = AFTER_ITEM;
-+ coord_set_item_pos(coord, items - 1);
-+ coord->unit_pos = 0;
-+ /* If is_next, return 1 (can't go any further). */
-+ return is_next;
-+ }
-+
-+ return 0;
-+}
-+
-+/* Advances the coordinate by one unit to the right. If empty, no change. If
-+ coord_is_rightmost_unit, advances to AFTER THE LAST ITEM. Returns 0 if new position is an
-+ existing unit. */
-+int coord_next_unit(coord_t * coord)
-+{
-+ unsigned items = coord_num_items(coord);
-+
-+ if (coord_adjust_items(coord, items, 1) == 1) {
-+ return 1;
-+ }
-+
-+ switch (coord->between) {
-+ case BEFORE_UNIT:
-+ /* Now it is positioned at the same unit. */
-+ coord->between = AT_UNIT;
-+ return 0;
-+
-+ case AFTER_UNIT:
-+ case AT_UNIT:
-+ /* If it was at or after a unit and there are more units in this item,
-+ advance to the next one. */
-+ if (coord->unit_pos < coord_last_unit_pos(coord)) {
-+ coord->unit_pos += 1;
-+ coord->between = AT_UNIT;
-+ return 0;
-+ }
-+
-+ /* Otherwise, it is crossing an item boundary and treated as if it was
-+ after the current item. */
-+ coord->between = AFTER_ITEM;
-+ coord->unit_pos = 0;
-+ /* FALLTHROUGH */
-+
-+ case AFTER_ITEM:
-+ /* Check for end-of-node. */
-+ if (coord->item_pos == items - 1) {
-+ return 1;
-+ }
-+
-+ coord_inc_item_pos(coord);
-+ coord->unit_pos = 0;
-+ coord->between = AT_UNIT;
-+ return 0;
-+
-+ case BEFORE_ITEM:
-+ /* The adjust_items checks ensure that we are valid here. */
-+ coord->unit_pos = 0;
-+ coord->between = AT_UNIT;
-+ return 0;
-+
-+ case INVALID_COORD:
-+ case EMPTY_NODE:
-+ /* Handled in coord_adjust_items(). */
-+ break;
-+ }
-+
-+ impossible("jmacd-9902", "unreachable");
-+ return 0;
-+}
-+
-+/* Advances the coordinate by one item to the right. If empty, no change. If
-+ coord_is_rightmost_unit, advances to AFTER THE LAST ITEM. Returns 0 if new position is
-+ an existing item. */
-+int coord_next_item(coord_t * coord)
-+{
-+ unsigned items = coord_num_items(coord);
-+
-+ if (coord_adjust_items(coord, items, 1) == 1) {
-+ return 1;
-+ }
-+
-+ switch (coord->between) {
-+ case AFTER_UNIT:
-+ case AT_UNIT:
-+ case BEFORE_UNIT:
-+ case AFTER_ITEM:
-+ /* Check for end-of-node. */
-+ if (coord->item_pos == items - 1) {
-+ coord->between = AFTER_ITEM;
-+ coord->unit_pos = 0;
-+ coord_clear_iplug(coord);
-+ return 1;
-+ }
-+
-+ /* Anywhere in an item, go to the next one. */
-+ coord->between = AT_UNIT;
-+ coord_inc_item_pos(coord);
-+ coord->unit_pos = 0;
-+ return 0;
-+
-+ case BEFORE_ITEM:
-+ /* The out-of-range check ensures that we are valid here. */
-+ coord->unit_pos = 0;
-+ coord->between = AT_UNIT;
-+ return 0;
-+ case INVALID_COORD:
-+ case EMPTY_NODE:
-+ /* Handled in coord_adjust_items(). */
-+ break;
-+ }
-+
-+ impossible("jmacd-9903", "unreachable");
-+ return 0;
-+}
-+
-+/* Advances the coordinate by one unit to the left. If empty, no change. If
-+ coord_is_leftmost_unit, advances to BEFORE THE FIRST ITEM. Returns 0 if new position
-+ is an existing unit. */
-+int coord_prev_unit(coord_t * coord)
-+{
-+ unsigned items = coord_num_items(coord);
-+
-+ if (coord_adjust_items(coord, items, 0) == 1) {
-+ return 1;
-+ }
-+
-+ switch (coord->between) {
-+ case AT_UNIT:
-+ case BEFORE_UNIT:
-+ if (coord->unit_pos > 0) {
-+ coord->unit_pos -= 1;
-+ coord->between = AT_UNIT;
-+ return 0;
-+ }
-+
-+ if (coord->item_pos == 0) {
-+ coord->between = BEFORE_ITEM;
-+ return 1;
-+ }
-+
-+ coord_dec_item_pos(coord);
-+ coord->unit_pos = coord_last_unit_pos(coord);
-+ coord->between = AT_UNIT;
-+ return 0;
-+
-+ case AFTER_UNIT:
-+ /* What if unit_pos is out-of-range? */
-+ assert("jmacd-5442",
-+ coord->unit_pos <= coord_last_unit_pos(coord));
-+ coord->between = AT_UNIT;
-+ return 0;
-+
-+ case BEFORE_ITEM:
-+ if (coord->item_pos == 0) {
-+ return 1;
-+ }
-+
-+ coord_dec_item_pos(coord);
-+ /* FALLTHROUGH */
-+
-+ case AFTER_ITEM:
-+ coord->between = AT_UNIT;
-+ coord->unit_pos = coord_last_unit_pos(coord);
-+ return 0;
-+
-+ case INVALID_COORD:
-+ case EMPTY_NODE:
-+ break;
-+ }
-+
-+ impossible("jmacd-9904", "unreachable");
-+ return 0;
-+}
-+
-+/* Advances the coordinate by one item to the left. If empty, no change. If
-+ coord_is_leftmost_unit, advances to BEFORE THE FIRST ITEM. Returns 0 if new position
-+ is an existing item. */
-+int coord_prev_item(coord_t * coord)
-+{
-+ unsigned items = coord_num_items(coord);
-+
-+ if (coord_adjust_items(coord, items, 0) == 1) {
-+ return 1;
-+ }
-+
-+ switch (coord->between) {
-+ case AT_UNIT:
-+ case AFTER_UNIT:
-+ case BEFORE_UNIT:
-+ case BEFORE_ITEM:
-+
-+ if (coord->item_pos == 0) {
-+ coord->between = BEFORE_ITEM;
-+ coord->unit_pos = 0;
-+ return 1;
-+ }
-+
-+ coord_dec_item_pos(coord);
-+ coord->unit_pos = 0;
-+ coord->between = AT_UNIT;
-+ return 0;
-+
-+ case AFTER_ITEM:
-+ coord->between = AT_UNIT;
-+ coord->unit_pos = 0;
-+ return 0;
-+
-+ case INVALID_COORD:
-+ case EMPTY_NODE:
-+ break;
-+ }
-+
-+ impossible("jmacd-9905", "unreachable");
-+ return 0;
-+}
-+
-+/* Calls either coord_init_first_unit or coord_init_last_unit depending on sideof argument. */
-+void coord_init_sideof_unit(coord_t * coord, const znode * node, sideof dir)
-+{
-+ assert("jmacd-9821", dir == LEFT_SIDE || dir == RIGHT_SIDE);
-+ if (dir == LEFT_SIDE) {
-+ coord_init_first_unit(coord, node);
-+ } else {
-+ coord_init_last_unit(coord, node);
-+ }
-+}
-+
-+/* Calls either coord_is_before_leftmost or coord_is_after_rightmost depending on sideof
-+ argument. */
-+/* Audited by: green(2002.06.15) */
-+int coord_is_after_sideof_unit(coord_t * coord, sideof dir)
-+{
-+ assert("jmacd-9822", dir == LEFT_SIDE || dir == RIGHT_SIDE);
-+ if (dir == LEFT_SIDE) {
-+ return coord_is_before_leftmost(coord);
-+ } else {
-+ return coord_is_after_rightmost(coord);
-+ }
-+}
-+
-+/* Calls either coord_next_unit or coord_prev_unit depending on sideof argument. */
-+/* Audited by: green(2002.06.15) */
-+int coord_sideof_unit(coord_t * coord, sideof dir)
-+{
-+ assert("jmacd-9823", dir == LEFT_SIDE || dir == RIGHT_SIDE);
-+ if (dir == LEFT_SIDE) {
-+ return coord_prev_unit(coord);
-+ } else {
-+ return coord_next_unit(coord);
-+ }
-+}
-+
-+#if REISER4_DEBUG
-+#define DEBUG_COORD_FIELDS (sizeof(c1->plug_v) + sizeof(c1->body_v))
-+#else
-+#define DEBUG_COORD_FIELDS (0)
-+#endif
-+
-+int coords_equal(const coord_t * c1, const coord_t * c2)
-+{
-+ assert("nikita-2840", c1 != NULL);
-+ assert("nikita-2841", c2 != NULL);
-+
-+ return
-+ c1->node == c2->node &&
-+ c1->item_pos == c2->item_pos &&
-+ c1->unit_pos == c2->unit_pos && c1->between == c2->between;
-+}
-+
-+/* If coord_is_after_rightmost return NCOORD_ON_THE_RIGHT, if coord_is_after_leftmost
-+ return NCOORD_ON_THE_LEFT, otherwise return NCOORD_INSIDE. */
-+/* Audited by: green(2002.06.15) */
-+coord_wrt_node coord_wrt(const coord_t * coord)
-+{
-+ if (coord_is_before_leftmost(coord)) {
-+ return COORD_ON_THE_LEFT;
-+ }
-+
-+ if (coord_is_after_rightmost(coord)) {
-+ return COORD_ON_THE_RIGHT;
-+ }
-+
-+ return COORD_INSIDE;
-+}
-+
-+/* Returns true if the coordinate is positioned after the last item or after the last unit
-+ of the last item or it is an empty node. */
-+/* Audited by: green(2002.06.15) */
-+int coord_is_after_rightmost(const coord_t * coord)
-+{
-+ assert("jmacd-7313", coord_check(coord));
-+
-+ switch (coord->between) {
-+ case INVALID_COORD:
-+ case AT_UNIT:
-+ case BEFORE_UNIT:
-+ case BEFORE_ITEM:
-+ return 0;
-+
-+ case EMPTY_NODE:
-+ return 1;
-+
-+ case AFTER_ITEM:
-+ return (coord->item_pos == node_num_items(coord->node) - 1);
-+
-+ case AFTER_UNIT:
-+ return ((coord->item_pos == node_num_items(coord->node) - 1) &&
-+ coord->unit_pos == coord_last_unit_pos(coord));
-+ }
-+
-+ impossible("jmacd-9908", "unreachable");
-+ return 0;
-+}
-+
-+/* Returns true if the coordinate is positioned before the first item or it is an empty
-+ node. */
-+int coord_is_before_leftmost(const coord_t * coord)
-+{
-+ /* FIXME-VS: coord_check requires node to be loaded whereas it is not
-+ necessary to check if coord is set before leftmost
-+ assert ("jmacd-7313", coord_check (coord)); */
-+ switch (coord->between) {
-+ case INVALID_COORD:
-+ case AT_UNIT:
-+ case AFTER_ITEM:
-+ case AFTER_UNIT:
-+ return 0;
-+
-+ case EMPTY_NODE:
-+ return 1;
-+
-+ case BEFORE_ITEM:
-+ case BEFORE_UNIT:
-+ return (coord->item_pos == 0) && (coord->unit_pos == 0);
-+ }
-+
-+ impossible("jmacd-9908", "unreachable");
-+ return 0;
-+}
-+
-+/* Returns true if the coordinate is positioned after a item, before a item, after the
-+ last unit of an item, before the first unit of an item, or at an empty node. */
-+/* Audited by: green(2002.06.15) */
-+int coord_is_between_items(const coord_t * coord)
-+{
-+ assert("jmacd-7313", coord_check(coord));
-+
-+ switch (coord->between) {
-+ case INVALID_COORD:
-+ case AT_UNIT:
-+ return 0;
-+
-+ case AFTER_ITEM:
-+ case BEFORE_ITEM:
-+ case EMPTY_NODE:
-+ return 1;
-+
-+ case BEFORE_UNIT:
-+ return coord->unit_pos == 0;
-+
-+ case AFTER_UNIT:
-+ return coord->unit_pos == coord_last_unit_pos(coord);
-+ }
-+
-+ impossible("jmacd-9908", "unreachable");
-+ return 0;
-+}
-+
-+/* Returns true if the coordinates are positioned at adjacent units, regardless of
-+ before-after or item boundaries. */
-+int coord_are_neighbors(coord_t * c1, coord_t * c2)
-+{
-+ coord_t *left;
-+ coord_t *right;
-+
-+ assert("nikita-1241", c1 != NULL);
-+ assert("nikita-1242", c2 != NULL);
-+ assert("nikita-1243", c1->node == c2->node);
-+ assert("nikita-1244", coord_is_existing_unit(c1));
-+ assert("nikita-1245", coord_is_existing_unit(c2));
-+
-+ left = right = NULL;
-+ switch (coord_compare(c1, c2)) {
-+ case COORD_CMP_ON_LEFT:
-+ left = c1;
-+ right = c2;
-+ break;
-+ case COORD_CMP_ON_RIGHT:
-+ left = c2;
-+ right = c1;
-+ break;
-+ case COORD_CMP_SAME:
-+ return 0;
-+ default:
-+ wrong_return_value("nikita-1246", "compare_coords()");
-+ }
-+ assert("vs-731", left && right);
-+ if (left->item_pos == right->item_pos) {
-+ return left->unit_pos + 1 == right->unit_pos;
-+ } else if (left->item_pos + 1 == right->item_pos) {
-+ return (left->unit_pos == coord_last_unit_pos(left))
-+ && (right->unit_pos == 0);
-+ } else {
-+ return 0;
-+ }
-+}
-+
-+/* Assuming two coordinates are positioned in the same node, return COORD_CMP_ON_RIGHT,
-+ COORD_CMP_ON_LEFT, or COORD_CMP_SAME depending on c1's position relative to c2. */
-+/* Audited by: green(2002.06.15) */
-+coord_cmp coord_compare(coord_t * c1, coord_t * c2)
-+{
-+ assert("vs-209", c1->node == c2->node);
-+ assert("vs-194", coord_is_existing_unit(c1)
-+ && coord_is_existing_unit(c2));
-+
-+ if (c1->item_pos > c2->item_pos)
-+ return COORD_CMP_ON_RIGHT;
-+ if (c1->item_pos < c2->item_pos)
-+ return COORD_CMP_ON_LEFT;
-+ if (c1->unit_pos > c2->unit_pos)
-+ return COORD_CMP_ON_RIGHT;
-+ if (c1->unit_pos < c2->unit_pos)
-+ return COORD_CMP_ON_LEFT;
-+ return COORD_CMP_SAME;
-+}
-+
-+/* If the coordinate is between items, shifts it to the right. Returns 0 on success and
-+ non-zero if there is no position to the right. */
-+int coord_set_to_right(coord_t * coord)
-+{
-+ unsigned items = coord_num_items(coord);
-+
-+ if (coord_adjust_items(coord, items, 1) == 1) {
-+ return 1;
-+ }
-+
-+ switch (coord->between) {
-+ case AT_UNIT:
-+ return 0;
-+
-+ case BEFORE_ITEM:
-+ case BEFORE_UNIT:
-+ coord->between = AT_UNIT;
-+ return 0;
-+
-+ case AFTER_UNIT:
-+ if (coord->unit_pos < coord_last_unit_pos(coord)) {
-+ coord->unit_pos += 1;
-+ coord->between = AT_UNIT;
-+ return 0;
-+ } else {
-+
-+ coord->unit_pos = 0;
-+
-+ if (coord->item_pos == items - 1) {
-+ coord->between = AFTER_ITEM;
-+ return 1;
-+ }
-+
-+ coord_inc_item_pos(coord);
-+ coord->between = AT_UNIT;
-+ return 0;
-+ }
-+
-+ case AFTER_ITEM:
-+ if (coord->item_pos == items - 1) {
-+ return 1;
-+ }
-+
-+ coord_inc_item_pos(coord);
-+ coord->unit_pos = 0;
-+ coord->between = AT_UNIT;
-+ return 0;
-+
-+ case EMPTY_NODE:
-+ return 1;
-+
-+ case INVALID_COORD:
-+ break;
-+ }
-+
-+ impossible("jmacd-9920", "unreachable");
-+ return 0;
-+}
-+
-+/* If the coordinate is between items, shifts it to the left. Returns 0 on success and
-+ non-zero if there is no position to the left. */
-+int coord_set_to_left(coord_t * coord)
-+{
-+ unsigned items = coord_num_items(coord);
-+
-+ if (coord_adjust_items(coord, items, 0) == 1) {
-+ return 1;
-+ }
-+
-+ switch (coord->between) {
-+ case AT_UNIT:
-+ return 0;
-+
-+ case AFTER_UNIT:
-+ coord->between = AT_UNIT;
-+ return 0;
-+
-+ case AFTER_ITEM:
-+ coord->between = AT_UNIT;
-+ coord->unit_pos = coord_last_unit_pos(coord);
-+ return 0;
-+
-+ case BEFORE_UNIT:
-+ if (coord->unit_pos > 0) {
-+ coord->unit_pos -= 1;
-+ coord->between = AT_UNIT;
-+ return 0;
-+ } else {
-+
-+ if (coord->item_pos == 0) {
-+ coord->between = BEFORE_ITEM;
-+ return 1;
-+ }
-+
-+ coord->unit_pos = coord_last_unit_pos(coord);
-+ coord_dec_item_pos(coord);
-+ coord->between = AT_UNIT;
-+ return 0;
-+ }
-+
-+ case BEFORE_ITEM:
-+ if (coord->item_pos == 0) {
-+ return 1;
-+ }
-+
-+ coord_dec_item_pos(coord);
-+ coord->unit_pos = coord_last_unit_pos(coord);
-+ coord->between = AT_UNIT;
-+ return 0;
-+
-+ case EMPTY_NODE:
-+ return 1;
-+
-+ case INVALID_COORD:
-+ break;
-+ }
-+
-+ impossible("jmacd-9920", "unreachable");
-+ return 0;
-+}
-+
-+static const char *coord_tween_tostring(between_enum n)
-+{
-+ switch (n) {
-+ case BEFORE_UNIT:
-+ return "before unit";
-+ case BEFORE_ITEM:
-+ return "before item";
-+ case AT_UNIT:
-+ return "at unit";
-+ case AFTER_UNIT:
-+ return "after unit";
-+ case AFTER_ITEM:
-+ return "after item";
-+ case EMPTY_NODE:
-+ return "empty node";
-+ case INVALID_COORD:
-+ return "invalid";
-+ default:
-+ {
-+ static char buf[30];
-+
-+ sprintf(buf, "unknown: %i", n);
-+ return buf;
-+ }
-+ }
-+}
-+
-+void print_coord(const char *mes, const coord_t * coord, int node)
-+{
-+ if (coord == NULL) {
-+ printk("%s: null\n", mes);
-+ return;
-+ }
-+ printk("%s: item_pos = %d, unit_pos %d, tween=%s, iplug=%d\n",
-+ mes, coord->item_pos, coord->unit_pos,
-+ coord_tween_tostring(coord->between), coord->iplugid);
-+}
-+
-+int
-+item_utmost_child_real_block(const coord_t * coord, sideof side,
-+ reiser4_block_nr * blk)
-+{
-+ return item_plugin_by_coord(coord)->f.utmost_child_real_block(coord,
-+ side,
-+ blk);
-+}
-+
-+int item_utmost_child(const coord_t * coord, sideof side, jnode ** child)
-+{
-+ return item_plugin_by_coord(coord)->f.utmost_child(coord, side, child);
-+}
-+
-+/* @count bytes of flow @f got written, update correspondingly f->length,
-+ f->data and f->key */
-+void move_flow_forward(flow_t * f, unsigned count)
-+{
-+ if (f->data)
-+ f->data += count;
-+ f->length -= count;
-+ set_key_offset(&f->key, get_key_offset(&f->key) + count);
-+}
-+
-+/*
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/coord.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/coord.h
-@@ -0,0 +1,389 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* Coords */
-+
-+#if !defined( __REISER4_COORD_H__ )
-+#define __REISER4_COORD_H__
-+
-+#include "forward.h"
-+#include "debug.h"
-+#include "dformat.h"
-+#include "key.h"
-+
-+/* insertions happen between coords in the tree, so we need some means
-+ of specifying the sense of betweenness. */
-+typedef enum {
-+ BEFORE_UNIT, /* Note: we/init_coord depends on this value being zero. */
-+ AT_UNIT,
-+ AFTER_UNIT,
-+ BEFORE_ITEM,
-+ AFTER_ITEM,
-+ INVALID_COORD,
-+ EMPTY_NODE,
-+} between_enum;
-+
-+/* location of coord w.r.t. its node */
-+typedef enum {
-+ COORD_ON_THE_LEFT = -1,
-+ COORD_ON_THE_RIGHT = +1,
-+ COORD_INSIDE = 0
-+} coord_wrt_node;
-+
-+typedef enum {
-+ COORD_CMP_SAME = 0, COORD_CMP_ON_LEFT = -1, COORD_CMP_ON_RIGHT = +1
-+} coord_cmp;
-+
-+struct coord {
-+ /* node in a tree */
-+ /* 0 */ znode *node;
-+
-+ /* position of item within node */
-+ /* 4 */ pos_in_node_t item_pos;
-+ /* position of unit within item */
-+ /* 6 */ pos_in_node_t unit_pos;
-+ /* optimization: plugin of item is stored in coord_t. Until this was
-+ implemented, item_plugin_by_coord() was major CPU consumer. ->iplugid
-+ is invalidated (set to 0xff) on each modification of ->item_pos,
-+ and all such modifications are funneled through coord_*_item_pos()
-+ functions below.
-+ */
-+ /* 8 */ char iplugid;
-+ /* position of coord w.r.t. to neighboring items and/or units.
-+ Values are taken from &between_enum above.
-+ */
-+ /* 9 */ char between;
-+ /* padding. It will be added by the compiler anyway to conform to the
-+ * C language alignment requirements. We keep it here to be on the
-+ * safe side and to have a clear picture of the memory layout of this
-+ * structure. */
-+ /* 10 */ __u16 pad;
-+ /* 12 */ int offset;
-+#if REISER4_DEBUG
-+ unsigned long plug_v;
-+ unsigned long body_v;
-+#endif
-+};
-+
-+#define INVALID_PLUGID ((char)((1 << 8) - 1))
-+#define INVALID_OFFSET -1
-+
-+static inline void coord_clear_iplug(coord_t * coord)
-+{
-+ assert("nikita-2835", coord != NULL);
-+ coord->iplugid = INVALID_PLUGID;
-+ coord->offset = INVALID_OFFSET;
-+}
-+
-+static inline int coord_is_iplug_set(const coord_t * coord)
-+{
-+ assert("nikita-2836", coord != NULL);
-+ return coord->iplugid != INVALID_PLUGID;
-+}
-+
-+static inline void coord_set_item_pos(coord_t * coord, pos_in_node_t pos)
-+{
-+ assert("nikita-2478", coord != NULL);
-+ coord->item_pos = pos;
-+ coord_clear_iplug(coord);
-+}
-+
-+static inline void coord_dec_item_pos(coord_t * coord)
-+{
-+ assert("nikita-2480", coord != NULL);
-+ --coord->item_pos;
-+ coord_clear_iplug(coord);
-+}
-+
-+static inline void coord_inc_item_pos(coord_t * coord)
-+{
-+ assert("nikita-2481", coord != NULL);
-+ ++coord->item_pos;
-+ coord_clear_iplug(coord);
-+}
-+
-+static inline void coord_add_item_pos(coord_t * coord, int delta)
-+{
-+ assert("nikita-2482", coord != NULL);
-+ coord->item_pos += delta;
-+ coord_clear_iplug(coord);
-+}
-+
-+static inline void coord_invalid_item_pos(coord_t * coord)
-+{
-+ assert("nikita-2832", coord != NULL);
-+ coord->item_pos = (unsigned short)~0;
-+ coord_clear_iplug(coord);
-+}
-+
-+/* Reverse a direction. */
-+static inline sideof sideof_reverse(sideof side)
-+{
-+ return side == LEFT_SIDE ? RIGHT_SIDE : LEFT_SIDE;
-+}
-+
-+/* NOTE: There is a somewhat odd mixture of the following opposed terms:
-+
-+ "first" and "last"
-+ "next" and "prev"
-+ "before" and "after"
-+ "leftmost" and "rightmost"
-+
-+ But I think the chosen names are decent the way they are.
-+*/
-+
-+/* COORD INITIALIZERS */
-+
-+/* Initialize an invalid coordinate. */
-+extern void coord_init_invalid(coord_t * coord, const znode * node);
-+
-+extern void coord_init_first_unit_nocheck(coord_t * coord, const znode * node);
-+
-+/* Initialize a coordinate to point at the first unit of the first item. If the node is
-+ empty, it is positioned at the EMPTY_NODE. */
-+extern void coord_init_first_unit(coord_t * coord, const znode * node);
-+
-+/* Initialize a coordinate to point at the last unit of the last item. If the node is
-+ empty, it is positioned at the EMPTY_NODE. */
-+extern void coord_init_last_unit(coord_t * coord, const znode * node);
-+
-+/* Initialize a coordinate to before the first item. If the node is empty, it is
-+ positioned at the EMPTY_NODE. */
-+extern void coord_init_before_first_item(coord_t * coord, const znode * node);
-+
-+/* Initialize a coordinate to after the last item. If the node is empty, it is positioned
-+ at the EMPTY_NODE. */
-+extern void coord_init_after_last_item(coord_t * coord, const znode * node);
-+
-+/* Initialize a coordinate to after last unit in the item. Coord must be set
-+ already to existing item */
-+void coord_init_after_item_end(coord_t * coord);
-+
-+/* Initialize a coordinate to before the item. Coord must be set already to existing item */
-+void coord_init_before_item(coord_t *);
-+/* Initialize a coordinate to after the item. Coord must be set already to existing item */
-+void coord_init_after_item(coord_t *);
-+
-+/* Calls either coord_init_first_unit or coord_init_last_unit depending on sideof argument. */
-+extern void coord_init_sideof_unit(coord_t * coord, const znode * node,
-+ sideof dir);
-+
-+/* Initialize a coordinate by 0s. Used in places where init_coord was used and
-+ it was not clear how actually
-+ FIXME-VS: added by vs (2002, june, 8) */
-+extern void coord_init_zero(coord_t * coord);
-+
-+/* COORD METHODS */
-+
-+/* after shifting of node content, coord previously set properly may become
-+ invalid, try to "normalize" it. */
-+void coord_normalize(coord_t * coord);
-+
-+/* Copy a coordinate. */
-+extern void coord_dup(coord_t * coord, const coord_t * old_coord);
-+
-+/* Copy a coordinate without check. */
-+void coord_dup_nocheck(coord_t * coord, const coord_t * old_coord);
-+
-+unsigned coord_num_units(const coord_t * coord);
-+
-+/* Return the last valid unit number at the present item (i.e.,
-+ coord_num_units() - 1). */
-+static inline unsigned coord_last_unit_pos(const coord_t * coord)
-+{
-+ return coord_num_units(coord) - 1;
-+}
-+
-+#if REISER4_DEBUG
-+/* For assertions only, checks for a valid coordinate. */
-+extern int coord_check(const coord_t * coord);
-+
-+extern unsigned long znode_times_locked(const znode * z);
-+
-+static inline void coord_update_v(coord_t * coord)
-+{
-+ coord->plug_v = coord->body_v = znode_times_locked(coord->node);
-+}
-+#endif
-+
-+extern int coords_equal(const coord_t * c1, const coord_t * c2);
-+
-+extern void print_coord(const char *mes, const coord_t * coord, int print_node);
-+
-+/* If coord_is_after_rightmost return NCOORD_ON_THE_RIGHT, if coord_is_after_leftmost
-+ return NCOORD_ON_THE_LEFT, otherwise return NCOORD_INSIDE. */
-+extern coord_wrt_node coord_wrt(const coord_t * coord);
-+
-+/* Returns true if the coordinates are positioned at adjacent units, regardless of
-+ before-after or item boundaries. */
-+extern int coord_are_neighbors(coord_t * c1, coord_t * c2);
-+
-+/* Assuming two coordinates are positioned in the same node, return NCOORD_CMP_ON_RIGHT,
-+ NCOORD_CMP_ON_LEFT, or NCOORD_CMP_SAME depending on c1's position relative to c2. */
-+extern coord_cmp coord_compare(coord_t * c1, coord_t * c2);
-+
-+/* COORD PREDICATES */
-+
-+/* Returns true if the coord was initializewd by coord_init_invalid (). */
-+extern int coord_is_invalid(const coord_t * coord);
-+
-+/* Returns true if the coordinate is positioned at an existing item, not before or after
-+ an item. It may be placed at, before, or after any unit within the item, whether
-+ existing or not. If this is true you can call methods of the item plugin. */
-+extern int coord_is_existing_item(const coord_t * coord);
-+
-+/* Returns true if the coordinate is positioned after a item, before a item, after the
-+ last unit of an item, before the first unit of an item, or at an empty node. */
-+extern int coord_is_between_items(const coord_t * coord);
-+
-+/* Returns true if the coordinate is positioned at an existing unit, not before or after a
-+ unit. */
-+extern int coord_is_existing_unit(const coord_t * coord);
-+
-+/* Returns true if the coordinate is positioned at an empty node. */
-+extern int coord_is_empty(const coord_t * coord);
-+
-+/* Returns true if the coordinate is positioned at the first unit of the first item. Not
-+ true for empty nodes nor coordinates positioned before the first item. */
-+extern int coord_is_leftmost_unit(const coord_t * coord);
-+
-+/* Returns true if the coordinate is positioned after the last item or after the last unit
-+ of the last item or it is an empty node. */
-+extern int coord_is_after_rightmost(const coord_t * coord);
-+
-+/* Returns true if the coordinate is positioned before the first item or it is an empty
-+ node. */
-+extern int coord_is_before_leftmost(const coord_t * coord);
-+
-+/* Calls either coord_is_before_leftmost or coord_is_after_rightmost depending on sideof
-+ argument. */
-+extern int coord_is_after_sideof_unit(coord_t * coord, sideof dir);
-+
-+/* COORD MODIFIERS */
-+
-+/* Advances the coordinate by one unit to the right. If empty, no change. If
-+ coord_is_rightmost_unit, advances to AFTER THE LAST ITEM. Returns 0 if new position is
-+ an existing unit. */
-+extern int coord_next_unit(coord_t * coord);
-+
-+/* Advances the coordinate by one item to the right. If empty, no change. If
-+ coord_is_rightmost_unit, advances to AFTER THE LAST ITEM. Returns 0 if new position is
-+ an existing item. */
-+extern int coord_next_item(coord_t * coord);
-+
-+/* Advances the coordinate by one unit to the left. If empty, no change. If
-+ coord_is_leftmost_unit, advances to BEFORE THE FIRST ITEM. Returns 0 if new position
-+ is an existing unit. */
-+extern int coord_prev_unit(coord_t * coord);
-+
-+/* Advances the coordinate by one item to the left. If empty, no change. If
-+ coord_is_leftmost_unit, advances to BEFORE THE FIRST ITEM. Returns 0 if new position
-+ is an existing item. */
-+extern int coord_prev_item(coord_t * coord);
-+
-+/* If the coordinate is between items, shifts it to the right. Returns 0 on success and
-+ non-zero if there is no position to the right. */
-+extern int coord_set_to_right(coord_t * coord);
-+
-+/* If the coordinate is between items, shifts it to the left. Returns 0 on success and
-+ non-zero if there is no position to the left. */
-+extern int coord_set_to_left(coord_t * coord);
-+
-+/* If the coordinate is at an existing unit, set to after that unit. Returns 0 on success
-+ and non-zero if the unit did not exist. */
-+extern int coord_set_after_unit(coord_t * coord);
-+
-+/* Calls either coord_next_unit or coord_prev_unit depending on sideof argument. */
-+extern int coord_sideof_unit(coord_t * coord, sideof dir);
-+
-+/* iterate over all units in @node */
-+#define for_all_units( coord, node ) \
-+ for( coord_init_before_first_item( ( coord ), ( node ) ) ; \
-+ coord_next_unit( coord ) == 0 ; )
-+
-+/* iterate over all items in @node */
-+#define for_all_items( coord, node ) \
-+ for( coord_init_before_first_item( ( coord ), ( node ) ) ; \
-+ coord_next_item( coord ) == 0 ; )
-+
-+/* COORD/ITEM METHODS */
-+
-+extern int item_utmost_child_real_block(const coord_t * coord, sideof side,
-+ reiser4_block_nr * blk);
-+extern int item_utmost_child(const coord_t * coord, sideof side,
-+ jnode ** child);
-+
-+/* a flow is a sequence of bytes being written to or read from the tree. The
-+ tree will slice the flow into items while storing it into nodes, but all of
-+ that is hidden from anything outside the tree. */
-+
-+struct flow {
-+ reiser4_key key; /* key of start of flow's sequence of bytes */
-+ loff_t length; /* length of flow's sequence of bytes */
-+ char *data; /* start of flow's sequence of bytes */
-+ int user; /* if 1 data is user space, 0 - kernel space */
-+ rw_op op; /* NIKITA-FIXME-HANS: comment is where? */
-+};
-+
-+void move_flow_forward(flow_t * f, unsigned count);
-+
-+/* &reiser4_item_data - description of data to be inserted or pasted
-+
-+ Q: articulate the reasons for the difference between this and flow.
-+
-+ A: Becides flow we insert into tree other things: stat data, directory
-+ entry, etc. To insert them into tree one has to provide this structure. If
-+ one is going to insert flow - he can use insert_flow, where this structure
-+ does not have to be created
-+*/
-+struct reiser4_item_data {
-+ /* actual data to be inserted. If NULL, ->create_item() will not
-+ do xmemcpy itself, leaving this up to the caller. This can
-+ save some amount of unnecessary memory copying, for example,
-+ during insertion of stat data.
-+
-+ */
-+ char *data;
-+ /* 1 if 'char * data' contains pointer to user space and 0 if it is
-+ kernel space */
-+ int user;
-+ /* amount of data we are going to insert or paste */
-+ int length;
-+ /* "Arg" is opaque data that is passed down to the
-+ ->create_item() method of node layout, which in turn
-+ hands it to the ->create_hook() of item being created. This
-+ arg is currently used by:
-+
-+ . ->create_hook() of internal item
-+ (fs/reiser4/plugin/item/internal.c:internal_create_hook()),
-+ . ->paste() method of directory item.
-+ . ->create_hook() of extent item
-+
-+ For internal item, this is left "brother" of new node being
-+ inserted and it is used to add new node into sibling list
-+ after parent to it was just inserted into parent.
-+
-+ While ->arg does look somewhat of unnecessary compication,
-+ it actually saves a lot of headache in many places, because
-+ all data necessary to insert or paste new data into tree are
-+ collected in one place, and this eliminates a lot of extra
-+ argument passing and storing everywhere.
-+
-+ */
-+ void *arg;
-+ /* plugin of item we are inserting */
-+ item_plugin *iplug;
-+};
-+
-+/* __REISER4_COORD_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/debug.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/debug.c
-@@ -0,0 +1,300 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* Debugging facilities. */
-+
-+/*
-+ * This file contains generic debugging functions used by reiser4. Roughly
-+ * following:
-+ *
-+ * panicking: reiser4_do_panic(), reiser4_print_prefix().
-+ *
-+ * locking: schedulable(), lock_counters(), print_lock_counters(),
-+ * no_counters_are_held(), commit_check_locks()
-+ *
-+ * error code monitoring (see comment before RETERR macro): return_err(),
-+ * report_err().
-+ *
-+ * stack back-tracing: fill_backtrace()
-+ *
-+ * miscellaneous: preempt_point(), call_on_each_assert(), debugtrap().
-+ *
-+ */
-+
-+#include "reiser4.h"
-+#include "context.h"
-+#include "super.h"
-+#include "txnmgr.h"
-+#include "znode.h"
-+
-+#include <linux/sysfs.h>
-+#include <linux/slab.h>
-+#include <linux/types.h>
-+#include <linux/fs.h>
-+#include <linux/spinlock.h>
-+#include <linux/kallsyms.h>
-+#include <linux/vmalloc.h>
-+#include <linux/ctype.h>
-+#include <linux/sysctl.h>
-+#include <linux/hardirq.h>
-+
-+#if REISER4_DEBUG
-+static void report_err(void);
-+#else
-+#define report_err() noop
-+#endif
-+
-+/*
-+ * global buffer where message given to reiser4_panic is formatted.
-+ */
-+static char panic_buf[REISER4_PANIC_MSG_BUFFER_SIZE];
-+
-+/*
-+ * lock protecting consistency of panic_buf under concurrent panics
-+ */
-+static DEFINE_SPINLOCK(panic_guard);
-+
-+/* Your best friend. Call it on each occasion. This is called by
-+ fs/reiser4/debug.h:reiser4_panic(). */
-+void reiser4_do_panic(const char *format /* format string */ , ... /* rest */ )
-+{
-+ static int in_panic = 0;
-+ va_list args;
-+
-+ /*
-+ * check for recursive panic.
-+ */
-+ if (in_panic == 0) {
-+ in_panic = 1;
-+
-+ spin_lock(&panic_guard);
-+ va_start(args, format);
-+ vsnprintf(panic_buf, sizeof(panic_buf), format, args);
-+ va_end(args);
-+ printk(KERN_EMERG "reiser4 panicked cowardly: %s", panic_buf);
-+ spin_unlock(&panic_guard);
-+
-+ /*
-+ * if kernel debugger is configured---drop in. Early dropping
-+ * into kgdb is not always convenient, because panic message
-+ * is not yet printed most of the times. But:
-+ *
-+ * (1) message can be extracted from printk_buf[]
-+ * (declared static inside of printk()), and
-+ *
-+ * (2) sometimes serial/kgdb combo dies while printing
-+ * long panic message, so it's more prudent to break into
-+ * debugger earlier.
-+ *
-+ */
-+ DEBUGON(1);
-+ }
-+ /* to make gcc happy about noreturn attribute */
-+ panic("%s", panic_buf);
-+}
-+
-+void
-+reiser4_print_prefix(const char *level, int reperr, const char *mid,
-+ const char *function, const char *file, int lineno)
-+{
-+ const char *comm;
-+ int pid;
-+
-+ if (unlikely(in_interrupt() || in_irq())) {
-+ comm = "interrupt";
-+ pid = 0;
-+ } else {
-+ comm = current->comm;
-+ pid = current->pid;
-+ }
-+ printk("%sreiser4[%.16s(%i)]: %s (%s:%i)[%s]:\n",
-+ level, comm, pid, function, file, lineno, mid);
-+ if (reperr)
-+ report_err();
-+}
-+
-+/* Preemption point: this should be called periodically during long running
-+ operations (carry, allocate, and squeeze are best examples) */
-+int preempt_point(void)
-+{
-+ assert("nikita-3008", schedulable());
-+ cond_resched();
-+ return signal_pending(current);
-+}
-+
-+#if REISER4_DEBUG
-+/* Debugging aid: return struct where information about locks taken by current
-+ thread is accumulated. This can be used to formulate lock ordering
-+ constraints and various assertions.
-+
-+*/
-+lock_counters_info *lock_counters(void)
-+{
-+ reiser4_context *ctx = get_current_context();
-+ assert("jmacd-1123", ctx != NULL);
-+ return &ctx->locks;
-+}
-+
-+/*
-+ * print human readable information about locks held by the reiser4 context.
-+ */
-+static void print_lock_counters(const char *prefix,
-+ const lock_counters_info * info)
-+{
-+ printk("%s: jnode: %i, tree: %i (r:%i,w:%i), dk: %i (r:%i,w:%i)\n"
-+ "jload: %i, "
-+ "txnh: %i, atom: %i, stack: %i, txnmgr: %i, "
-+ "ktxnmgrd: %i, fq: %i\n"
-+ "inode: %i, "
-+ "cbk_cache: %i (r:%i,w%i), "
-+ "eflush: %i, "
-+ "zlock: %i,\n"
-+ "spin: %i, long: %i inode_sem: (r:%i,w:%i)\n"
-+ "d: %i, x: %i, t: %i\n", prefix,
-+ info->spin_locked_jnode,
-+ info->rw_locked_tree, info->read_locked_tree,
-+ info->write_locked_tree,
-+ info->rw_locked_dk, info->read_locked_dk, info->write_locked_dk,
-+ info->spin_locked_jload,
-+ info->spin_locked_txnh,
-+ info->spin_locked_atom, info->spin_locked_stack,
-+ info->spin_locked_txnmgr, info->spin_locked_ktxnmgrd,
-+ info->spin_locked_fq,
-+ info->spin_locked_inode,
-+ info->rw_locked_cbk_cache,
-+ info->read_locked_cbk_cache,
-+ info->write_locked_cbk_cache,
-+ info->spin_locked_super_eflush,
-+ info->spin_locked_zlock,
-+ info->spin_locked,
-+ info->long_term_locked_znode,
-+ info->inode_sem_r, info->inode_sem_w,
-+ info->d_refs, info->x_refs, info->t_refs);
-+}
-+
-+/* check that no spinlocks are held */
-+int schedulable(void)
-+{
-+ if (get_current_context_check() != NULL) {
-+ if (!LOCK_CNT_NIL(spin_locked)) {
-+ print_lock_counters("in atomic", lock_counters());
-+ return 0;
-+ }
-+ }
-+ might_sleep();
-+ return 1;
-+}
-+/*
-+ * return true, iff no locks are held.
-+ */
-+int no_counters_are_held(void)
-+{
-+ lock_counters_info *counters;
-+
-+ counters = lock_counters();
-+ return
-+ (counters->spin_locked_zlock == 0) &&
-+ (counters->spin_locked_jnode == 0) &&
-+ (counters->rw_locked_tree == 0) &&
-+ (counters->read_locked_tree == 0) &&
-+ (counters->write_locked_tree == 0) &&
-+ (counters->rw_locked_dk == 0) &&
-+ (counters->read_locked_dk == 0) &&
-+ (counters->write_locked_dk == 0) &&
-+ (counters->spin_locked_txnh == 0) &&
-+ (counters->spin_locked_atom == 0) &&
-+ (counters->spin_locked_stack == 0) &&
-+ (counters->spin_locked_txnmgr == 0) &&
-+ (counters->spin_locked_inode == 0) &&
-+ (counters->spin_locked == 0) &&
-+ (counters->long_term_locked_znode == 0) &&
-+ (counters->inode_sem_r == 0) &&
-+ (counters->inode_sem_w == 0) && (counters->d_refs == 0);
-+}
-+
-+/*
-+ * return true, iff transaction commit can be done under locks held by the
-+ * current thread.
-+ */
-+int commit_check_locks(void)
-+{
-+ lock_counters_info *counters;
-+ int inode_sem_r;
-+ int inode_sem_w;
-+ int result;
-+
-+ /*
-+ * inode's read/write semaphore is the only reiser4 lock that can be
-+ * held during commit.
-+ */
-+
-+ counters = lock_counters();
-+ inode_sem_r = counters->inode_sem_r;
-+ inode_sem_w = counters->inode_sem_w;
-+
-+ counters->inode_sem_r = counters->inode_sem_w = 0;
-+ result = no_counters_are_held();
-+ counters->inode_sem_r = inode_sem_r;
-+ counters->inode_sem_w = inode_sem_w;
-+ return result;
-+}
-+
-+/*
-+ * fill "error site" in the current reiser4 context. See comment before RETERR
-+ * macro for more details.
-+ */
-+void return_err(int code, const char *file, int line)
-+{
-+ if (code < 0 && is_in_reiser4_context()) {
-+ reiser4_context *ctx = get_current_context();
-+
-+ if (ctx != NULL) {
-+ ctx->err.code = code;
-+ ctx->err.file = file;
-+ ctx->err.line = line;
-+ }
-+ }
-+}
-+
-+/*
-+ * report error information recorder by return_err().
-+ */
-+static void report_err(void)
-+{
-+ reiser4_context *ctx = get_current_context_check();
-+
-+ if (ctx != NULL) {
-+ if (ctx->err.code != 0) {
-+ printk("code: %i at %s:%i\n",
-+ ctx->err.code, ctx->err.file, ctx->err.line);
-+ }
-+ }
-+}
-+
-+#endif /* REISER4_DEBUG */
-+
-+#if KERNEL_DEBUGGER
-+
-+/*
-+ * this functions just drops into kernel debugger. It is a convenient place to
-+ * put breakpoint in.
-+ */
-+void debugtrap(void)
-+{
-+ /* do nothing. Put break point here. */
-+#if defined(CONFIG_KGDB) && !defined(CONFIG_REISER4_FS_MODULE)
-+ extern void breakpoint(void);
-+ breakpoint();
-+#endif
-+}
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/debug.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/debug.h
-@@ -0,0 +1,350 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* Declarations of debug macros. */
-+
-+#if !defined( __FS_REISER4_DEBUG_H__ )
-+#define __FS_REISER4_DEBUG_H__
-+
-+#include "forward.h"
-+#include "reiser4.h"
-+
-+/* generic function to produce formatted output, decorating it with
-+ whatever standard prefixes/postfixes we want. "Fun" is a function
-+ that will be actually called, can be printk, panic etc.
-+ This is for use by other debugging macros, not by users. */
-+#define DCALL(lev, fun, reperr, label, format, ...) \
-+({ \
-+ fun(lev "reiser4[%.16s(%i)]: %s (%s:%i)[%s]:\n" format "\n" , \
-+ current->comm, current->pid, __FUNCTION__, \
-+ __FILE__, __LINE__, label, ## __VA_ARGS__); \
-+})
-+
-+/*
-+ * cause kernel to crash
-+ */
-+#define reiser4_panic(mid, format, ...) \
-+ DCALL("", reiser4_do_panic, 1, mid, format , ## __VA_ARGS__)
-+
-+/* print message with indication of current process, file, line and
-+ function */
-+#define reiser4_log(label, format, ...) \
-+ DCALL(KERN_DEBUG, printk, 0, label, format , ## __VA_ARGS__)
-+
-+/* Assertion checked during compilation.
-+ If "cond" is false (0) we get duplicate case label in switch.
-+ Use this to check something like famous
-+ cassert (sizeof(struct reiserfs_journal_commit) == 4096) ;
-+ in 3.x journal.c. If cassertion fails you get compiler error,
-+ so no "maintainer-id".
-+*/
-+#define cassert(cond) ({ switch(-1) { case (cond): case 0: break; } })
-+
-+#define noop do {;} while(0)
-+
-+#if REISER4_DEBUG
-+/* version of info that only actually prints anything when _d_ebugging
-+ is on */
-+#define dinfo(format, ...) printk(format , ## __VA_ARGS__)
-+/* macro to catch logical errors. Put it into `default' clause of
-+ switch() statement. */
-+#define impossible(label, format, ...) \
-+ reiser4_panic(label, "impossible: " format , ## __VA_ARGS__)
-+/* assert assures that @cond is true. If it is not, reiser4_panic() is
-+ called. Use this for checking logical consistency and _never_ call
-+ this to check correctness of external data: disk blocks and user-input . */
-+#define assert(label, cond) \
-+({ \
-+ /* call_on_each_assert(); */ \
-+ if (cond) { \
-+ /* put negated check to avoid using !(cond) that would lose \
-+ * warnings for things like assert(a = b); */ \
-+ ; \
-+ } else { \
-+ DEBUGON(1); \
-+ reiser4_panic(label, "assertion failed: %s", #cond); \
-+ } \
-+})
-+
-+/* like assertion, but @expr is evaluated even if REISER4_DEBUG is off. */
-+#define check_me( label, expr ) assert( label, ( expr ) )
-+
-+#define ON_DEBUG( exp ) exp
-+
-+extern int schedulable(void);
-+extern void call_on_each_assert(void);
-+
-+#else
-+
-+#define dinfo( format, args... ) noop
-+#define impossible( label, format, args... ) noop
-+#define assert( label, cond ) noop
-+#define check_me( label, expr ) ( ( void ) ( expr ) )
-+#define ON_DEBUG( exp )
-+#define schedulable() might_sleep()
-+
-+/* REISER4_DEBUG */
-+#endif
-+
-+#if REISER4_DEBUG
-+/* per-thread information about lock acquired by this thread. Used by lock
-+ * ordering checking in spin_macros.h */
-+typedef struct lock_counters_info {
-+ int rw_locked_tree;
-+ int read_locked_tree;
-+ int write_locked_tree;
-+
-+ int rw_locked_dk;
-+ int read_locked_dk;
-+ int write_locked_dk;
-+
-+ int rw_locked_cbk_cache;
-+ int read_locked_cbk_cache;
-+ int write_locked_cbk_cache;
-+
-+ int spin_locked_zlock;
-+ int spin_locked_jnode;
-+ int spin_locked_jload;
-+ int spin_locked_txnh;
-+ int spin_locked_atom;
-+ int spin_locked_stack;
-+ int spin_locked_txnmgr;
-+ int spin_locked_ktxnmgrd;
-+ int spin_locked_fq;
-+ int spin_locked_inode;
-+ int spin_locked_super_eflush;
-+ int spin_locked;
-+ int long_term_locked_znode;
-+
-+ int inode_sem_r;
-+ int inode_sem_w;
-+
-+ int d_refs;
-+ int x_refs;
-+ int t_refs;
-+} lock_counters_info;
-+
-+extern lock_counters_info *lock_counters(void);
-+#define IN_CONTEXT(a, b) (is_in_reiser4_context() ? (a) : (b))
-+
-+/* increment lock-counter @counter, if present */
-+#define LOCK_CNT_INC(counter) IN_CONTEXT(++(lock_counters()->counter), 0)
-+
-+/* decrement lock-counter @counter, if present */
-+#define LOCK_CNT_DEC(counter) IN_CONTEXT(--(lock_counters()->counter), 0)
-+
-+/* check that lock-counter is zero. This is for use in assertions */
-+#define LOCK_CNT_NIL(counter) IN_CONTEXT(lock_counters()->counter == 0, 1)
-+
-+/* check that lock-counter is greater than zero. This is for use in
-+ * assertions */
-+#define LOCK_CNT_GTZ(counter) IN_CONTEXT(lock_counters()->counter > 0, 1)
-+#define LOCK_CNT_LT(counter,n) IN_CONTEXT(lock_counters()->counter < n, 1)
-+
-+#else /* REISER4_DEBUG */
-+
-+/* no-op versions on the above */
-+
-+typedef struct lock_counters_info {
-+} lock_counters_info;
-+
-+#define lock_counters() ((lock_counters_info *)NULL)
-+#define LOCK_CNT_INC(counter) noop
-+#define LOCK_CNT_DEC(counter) noop
-+#define LOCK_CNT_NIL(counter) (1)
-+#define LOCK_CNT_GTZ(counter) (1)
-+#define LOCK_CNT_LT(counter,n) (1)
-+
-+#endif /* REISER4_DEBUG */
-+
-+#define assert_spin_not_locked(lock) BUG_ON(0)
-+#define assert_rw_write_locked(lock) BUG_ON(0)
-+#define assert_rw_read_locked(lock) BUG_ON(0)
-+#define assert_rw_locked(lock) BUG_ON(0)
-+#define assert_rw_not_write_locked(lock) BUG_ON(0)
-+#define assert_rw_not_read_locked(lock) BUG_ON(0)
-+#define assert_rw_not_locked(lock) BUG_ON(0)
-+
-+/* flags controlling debugging behavior. Are set through debug_flags=N mount
-+ option. */
-+typedef enum {
-+ /* print a lot of information during panic. When this is on all jnodes
-+ * are listed. This can be *very* large output. Usually you don't want
-+ * this. Especially over serial line. */
-+ REISER4_VERBOSE_PANIC = 0x00000001,
-+ /* print a lot of information during umount */
-+ REISER4_VERBOSE_UMOUNT = 0x00000002,
-+ /* print gathered statistics on umount */
-+ REISER4_STATS_ON_UMOUNT = 0x00000004,
-+ /* check node consistency */
-+ REISER4_CHECK_NODE = 0x00000008
-+} reiser4_debug_flags;
-+
-+extern int is_in_reiser4_context(void);
-+
-+/*
-+ * evaluate expression @e only if with reiser4 context
-+ */
-+#define ON_CONTEXT(e) do { \
-+ if(is_in_reiser4_context()) { \
-+ e; \
-+ } } while(0)
-+
-+/*
-+ * evaluate expression @e only when within reiser4_context and debugging is
-+ * on.
-+ */
-+#define ON_DEBUG_CONTEXT( e ) ON_DEBUG( ON_CONTEXT( e ) )
-+
-+/*
-+ * complain about unexpected function result and crash. Used in "default"
-+ * branches of switch statements and alike to assert that invalid results are
-+ * not silently ignored.
-+ */
-+#define wrong_return_value( label, function ) \
-+ impossible( label, "wrong return value from " function )
-+
-+/* Issue different types of reiser4 messages to the console */
-+#define warning( label, format, ... ) \
-+ DCALL( KERN_WARNING, \
-+ printk, 1, label, "WARNING: " format , ## __VA_ARGS__ )
-+#define notice( label, format, ... ) \
-+ DCALL( KERN_NOTICE, \
-+ printk, 1, label, "NOTICE: " format , ## __VA_ARGS__ )
-+
-+/* mark not yet implemented functionality */
-+#define not_yet( label, format, ... ) \
-+ reiser4_panic( label, "NOT YET IMPLEMENTED: " format , ## __VA_ARGS__ )
-+
-+extern void reiser4_do_panic(const char *format, ...)
-+ __attribute__ ((noreturn, format(printf, 1, 2)));
-+
-+extern void reiser4_print_prefix(const char *level, int reperr, const char *mid,
-+ const char *function,
-+ const char *file, int lineno);
-+
-+extern int preempt_point(void);
-+extern void reiser4_print_stats(void);
-+
-+
-+#if REISER4_DEBUG
-+extern int no_counters_are_held(void);
-+extern int commit_check_locks(void);
-+#else
-+#define no_counters_are_held() (1)
-+#define commit_check_locks() (1)
-+#endif
-+
-+/* true if @i is power-of-two. Useful for rate-limited warnings, etc. */
-+#define IS_POW(i) \
-+({ \
-+ typeof(i) __i; \
-+ \
-+ __i = (i); \
-+ !(__i & (__i - 1)); \
-+})
-+
-+#define KERNEL_DEBUGGER (1)
-+
-+#if KERNEL_DEBUGGER
-+
-+extern void debugtrap(void);
-+
-+/*
-+ * Check condition @cond and drop into kernel debugger (kgdb) if it's true. If
-+ * kgdb is not compiled in, do nothing.
-+ */
-+#define DEBUGON(cond) \
-+({ \
-+ if (unlikely(cond)) \
-+ debugtrap(); \
-+})
-+#else
-+#define DEBUGON(cond) noop
-+#endif
-+
-+/*
-+ * Error code tracing facility. (Idea is borrowed from XFS code.)
-+ *
-+ * Suppose some strange and/or unexpected code is returned from some function
-+ * (for example, write(2) returns -EEXIST). It is possible to place a
-+ * breakpoint in the reiser4_write(), but it is too late here. How to find out
-+ * in what particular place -EEXIST was generated first?
-+ *
-+ * In reiser4 all places where actual error codes are produced (that is,
-+ * statements of the form
-+ *
-+ * return -EFOO; // (1), or
-+ *
-+ * result = -EFOO; // (2)
-+ *
-+ * are replaced with
-+ *
-+ * return RETERR(-EFOO); // (1a), and
-+ *
-+ * result = RETERR(-EFOO); // (2a) respectively
-+ *
-+ * RETERR() macro fills a backtrace in reiser4_context. This back-trace is
-+ * printed in error and warning messages. Moreover, it's possible to put a
-+ * conditional breakpoint in return_err (low-level function called by RETERR()
-+ * to do the actual work) to break into debugger immediately when particular
-+ * error happens.
-+ *
-+ */
-+
-+#if REISER4_DEBUG
-+
-+/*
-+ * data-type to store information about where error happened ("error site").
-+ */
-+typedef struct err_site {
-+ int code; /* error code */
-+ const char *file; /* source file, filled by __FILE__ */
-+ int line; /* source file line, filled by __LINE__ */
-+} err_site;
-+
-+extern void return_err(int code, const char *file, int line);
-+
-+/*
-+ * fill &get_current_context()->err_site with error information.
-+ */
-+#define RETERR(code) \
-+({ \
-+ typeof(code) __code; \
-+ \
-+ __code = (code); \
-+ return_err(__code, __FILE__, __LINE__); \
-+ __code; \
-+})
-+
-+#else
-+
-+/*
-+ * no-op versions of the above
-+ */
-+
-+typedef struct err_site {
-+} err_site;
-+#define RETERR(code) code
-+#endif
-+
-+#if REISER4_LARGE_KEY
-+/*
-+ * conditionally compile arguments only if REISER4_LARGE_KEY is on.
-+ */
-+#define ON_LARGE_KEY(...) __VA_ARGS__
-+#else
-+#define ON_LARGE_KEY(...)
-+#endif
-+
-+/* __FS_REISER4_DEBUG_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/dformat.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/dformat.h
-@@ -0,0 +1,71 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* Formats of on-disk data and conversion functions. */
-+
-+/* put all item formats in the files describing the particular items,
-+ our model is, everything you need to do to add an item to reiser4,
-+ (excepting the changes to the plugin that uses the item which go
-+ into the file defining that plugin), you put into one file. */
-+/* Data on disk are stored in little-endian format.
-+ To declare fields of on-disk structures, use d8, d16, d32 and d64.
-+ d??tocpu() and cputod??() to convert. */
-+
-+#if !defined( __FS_REISER4_DFORMAT_H__ )
-+#define __FS_REISER4_DFORMAT_H__
-+
-+#include <asm/byteorder.h>
-+#include <asm/unaligned.h>
-+#include <linux/types.h>
-+
-+
-+typedef __u8 d8;
-+typedef __le16 d16;
-+typedef __le32 d32;
-+typedef __le64 d64;
-+
-+#define PACKED __attribute__((packed))
-+
-+/* data-type for block number */
-+typedef __u64 reiser4_block_nr;
-+
-+/* data-type for block number on disk, disk format */
-+typedef __le64 reiser4_dblock_nr;
-+
-+/**
-+ * disk_addr_eq - compare disk addresses
-+ * @b1: pointer to block number ot compare
-+ * @b2: pointer to block number ot compare
-+ *
-+ * Returns true if if disk addresses are the same
-+ */
-+static inline int disk_addr_eq(const reiser4_block_nr *b1,
-+ const reiser4_block_nr * b2)
-+{
-+ assert("nikita-1033", b1 != NULL);
-+ assert("nikita-1266", b2 != NULL);
-+
-+ return !memcmp(b1, b2, sizeof *b1);
-+}
-+
-+/* structure of master reiser4 super block */
-+typedef struct reiser4_master_sb {
-+ char magic[16]; /* "ReIsEr4" */
-+ __le16 disk_plugin_id; /* id of disk layout plugin */
-+ __le16 blocksize;
-+ char uuid[16]; /* unique id */
-+ char label[16]; /* filesystem label */
-+ __le64 diskmap; /* location of the diskmap. 0 if not present */
-+} reiser4_master_sb;
-+
-+/* __FS_REISER4_DFORMAT_H__ */
-+#endif
-+
-+/*
-+ * Local variables:
-+ * c-indentation-style: "K&R"
-+ * mode-name: "LC"
-+ * c-basic-offset: 8
-+ * tab-width: 8
-+ * fill-column: 79
-+ * End:
-+ */
-Index: linux-2.6.16/fs/reiser4/dscale.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/dscale.c
-@@ -0,0 +1,174 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* Scalable on-disk integers */
-+
-+/*
-+ * Various on-disk structures contain integer-like structures. Stat-data
-+ * contain [yes, "data" is plural, check the dictionary] file size, link
-+ * count; extent unit contains extent width etc. To accommodate for general
-+ * case enough space is reserved to keep largest possible value. 64 bits in
-+ * all cases above. But in overwhelming majority of cases numbers actually
-+ * stored in these fields will be comparatively small and reserving 8 bytes is
-+ * a waste of precious disk bandwidth.
-+ *
-+ * Scalable integers are one way to solve this problem. dscale_write()
-+ * function stores __u64 value in the given area consuming from 1 to 9 bytes,
-+ * depending on the magnitude of the value supplied. dscale_read() reads value
-+ * previously stored by dscale_write().
-+ *
-+ * dscale_write() produces format not completely unlike of UTF: two highest
-+ * bits of the first byte are used to store "tag". One of 4 possible tag
-+ * values is chosen depending on the number being encoded:
-+ *
-+ * 0 ... 0x3f => 0 [table 1]
-+ * 0x40 ... 0x3fff => 1
-+ * 0x4000 ... 0x3fffffff => 2
-+ * 0x40000000 ... 0xffffffffffffffff => 3
-+ *
-+ * (see dscale_range() function)
-+ *
-+ * Values in the range 0x40000000 ... 0xffffffffffffffff require 8 full bytes
-+ * to be stored, so in this case there is no place in the first byte to store
-+ * tag. For such values tag is stored in an extra 9th byte.
-+ *
-+ * As _highest_ bits are used for the test (which is natural) scaled integers
-+ * are stored in BIG-ENDIAN format in contrast with the rest of reiser4 which
-+ * uses LITTLE-ENDIAN.
-+ *
-+ */
-+
-+#include "debug.h"
-+#include "dscale.h"
-+
-+/* return tag of scaled integer stored at @address */
-+static int gettag(const unsigned char *address)
-+{
-+ /* tag is stored in two highest bits */
-+ return (*address) >> 6;
-+}
-+
-+/* clear tag from value. Clear tag embedded into @value. */
-+static void cleartag(__u64 * value, int tag)
-+{
-+ /*
-+ * W-w-what ?!
-+ *
-+ * Actually, this is rather simple: @value passed here was read by
-+ * dscale_read(), converted from BIG-ENDIAN, and padded to __u64 by
-+ * zeroes. Tag is still stored in the highest (arithmetically)
-+ * non-zero bits of @value, but relative position of tag within __u64
-+ * depends on @tag.
-+ *
-+ * For example if @tag is 0, it's stored 2 highest bits of lowest
-+ * byte, and its offset (counting from lowest bit) is 8 - 2 == 6 bits.
-+ *
-+ * If tag is 1, it's stored in two highest bits of 2nd lowest byte,
-+ * and it's offset if (2 * 8) - 2 == 14 bits.
-+ *
-+ * See table 1 above for details.
-+ *
-+ * All these cases are captured by the formula:
-+ */
-+ *value &= ~(3 << (((1 << tag) << 3) - 2));
-+ /*
-+ * That is, clear two (3 == 0t11) bits at the offset
-+ *
-+ * 8 * (2 ^ tag) - 2,
-+ *
-+ * that is, two highest bits of (2 ^ tag)-th byte of @value.
-+ */
-+}
-+
-+/* return tag for @value. See table 1 above for details. */
-+static int dscale_range(__u64 value)
-+{
-+ if (value > 0x3fffffff)
-+ return 3;
-+ if (value > 0x3fff)
-+ return 2;
-+ if (value > 0x3f)
-+ return 1;
-+ return 0;
-+}
-+
-+/* restore value stored at @adderss by dscale_write() and return number of
-+ * bytes consumed */
-+int dscale_read(unsigned char *address, __u64 * value)
-+{
-+ int tag;
-+
-+ /* read tag */
-+ tag = gettag(address);
-+ switch (tag) {
-+ case 3:
-+ /* In this case tag is stored in an extra byte, skip this byte
-+ * and decode value stored in the next 8 bytes.*/
-+ *value = __be64_to_cpu(get_unaligned((__be64 *)(address + 1)));
-+ /* worst case: 8 bytes for value itself plus one byte for
-+ * tag. */
-+ return 9;
-+ case 0:
-+ *value = get_unaligned(address);
-+ break;
-+ case 1:
-+ *value = __be16_to_cpu(get_unaligned((__be16 *)address));
-+ break;
-+ case 2:
-+ *value = __be32_to_cpu(get_unaligned((__be32 *)address));
-+ break;
-+ default:
-+ return RETERR(-EIO);
-+ }
-+ /* clear tag embedded into @value */
-+ cleartag(value, tag);
-+ /* number of bytes consumed is (2 ^ tag)---see table 1. */
-+ return 1 << tag;
-+}
-+
-+/* store @value at @address and return number of bytes consumed */
-+int dscale_write(unsigned char *address, __u64 value)
-+{
-+ int tag;
-+ int shift;
-+ __be64 v;
-+ unsigned char *valarr;
-+
-+ tag = dscale_range(value);
-+ v = __cpu_to_be64(value);
-+ valarr = (unsigned char *)&v;
-+ shift = (tag == 3) ? 1 : 0;
-+ memcpy(address + shift, valarr + sizeof v - (1 << tag), 1 << tag);
-+ *address |= (tag << 6);
-+ return shift + (1 << tag);
-+}
-+
-+/* number of bytes required to store @value */
-+int dscale_bytes(__u64 value)
-+{
-+ int bytes;
-+
-+ bytes = 1 << dscale_range(value);
-+ if (bytes == 8)
-+ ++bytes;
-+ return bytes;
-+}
-+
-+/* returns true if @value and @other require the same number of bytes to be
-+ * stored. Used by detect when data structure (like stat-data) has to be
-+ * expanded or contracted. */
-+int dscale_fit(__u64 value, __u64 other)
-+{
-+ return dscale_range(value) == dscale_range(other);
-+}
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/dscale.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/dscale.h
-@@ -0,0 +1,27 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* Scalable on-disk integers. See dscale.h for details. */
-+
-+#if !defined( __FS_REISER4_DSCALE_H__ )
-+#define __FS_REISER4_DSCALE_H__
-+
-+#include "dformat.h"
-+
-+extern int dscale_read(unsigned char *address, __u64 * value);
-+extern int dscale_write(unsigned char *address, __u64 value);
-+extern int dscale_bytes(__u64 value);
-+extern int dscale_fit(__u64 value, __u64 other);
-+
-+/* __FS_REISER4_DSCALE_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/entd.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/entd.c
-@@ -0,0 +1,356 @@
-+/* Copyright 2003, 2004 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* Ent daemon. */
-+
-+#include "debug.h"
-+#include "txnmgr.h"
-+#include "tree.h"
-+#include "entd.h"
-+#include "super.h"
-+#include "context.h"
-+#include "reiser4.h"
-+#include "vfs_ops.h"
-+#include "page_cache.h"
-+#include "inode.h"
-+
-+#include <linux/sched.h> /* struct task_struct */
-+#include <linux/suspend.h>
-+#include <linux/kernel.h>
-+#include <linux/writeback.h>
-+#include <linux/time.h> /* INITIAL_JIFFIES */
-+#include <linux/backing-dev.h> /* bdi_write_congested */
-+#include <linux/wait.h>
-+#include <linux/kthread.h>
-+
-+#define LLONG_MAX ((long long)(~0ULL>>1))
-+
-+#define DEF_PRIORITY 12
-+#define MAX_ENTD_ITERS 10
-+
-+static void entd_flush(struct super_block *, struct wbq *);
-+static int entd(void *arg);
-+
-+/*
-+ * set ->comm field of end thread to make its state visible to the user level
-+ */
-+#define entd_set_comm(state) \
-+ snprintf(current->comm, sizeof(current->comm), \
-+ "ent:%s%s", super->s_id, (state))
-+
-+/**
-+ * init_entd - initialize entd context and start kernel daemon
-+ * @super: super block to start ent thread for
-+ *
-+ * Creates entd contexts, starts kernel thread and waits until it
-+ * initializes.
-+ */
-+int init_entd(struct super_block *super)
-+{
-+ entd_context *ctx;
-+
-+ assert("nikita-3104", super != NULL);
-+
-+ ctx = get_entd_context(super);
-+
-+ memset(ctx, 0, sizeof *ctx);
-+ spin_lock_init(&ctx->guard);
-+ init_waitqueue_head(&ctx->wait);
-+#if REISER4_DEBUG
-+ INIT_LIST_HEAD(&ctx->flushers_list);
-+#endif
-+ /* lists of writepage requests */
-+ INIT_LIST_HEAD(&ctx->todo_list);
-+ INIT_LIST_HEAD(&ctx->done_list);
-+ /* start entd */
-+ ctx->tsk = kthread_run(entd, super, "ent:%s", super->s_id);
-+ if (IS_ERR(ctx->tsk))
-+ return PTR_ERR(ctx->tsk);
-+ return 0;
-+}
-+
-+static void __put_wbq(entd_context *ent, struct wbq *rq)
-+{
-+ up(&rq->sem);
-+}
-+
-+/* ent should be locked */
-+static struct wbq *__get_wbq(entd_context * ent)
-+{
-+ struct wbq *wbq;
-+
-+ if (list_empty_careful(&ent->todo_list))
-+ return NULL;
-+
-+ ent->nr_todo_reqs --;
-+ wbq = list_entry(ent->todo_list.next, struct wbq, link);
-+ list_del_init(&wbq->link);
-+ return wbq;
-+}
-+
-+static void wakeup_all_wbq(entd_context * ent)
-+{
-+ struct wbq *rq;
-+
-+ spin_lock(&ent->guard);
-+ while ((rq = __get_wbq(ent)) != NULL)
-+ __put_wbq(ent, rq);
-+ spin_unlock(&ent->guard);
-+}
-+
-+/* ent thread function */
-+static int entd(void *arg)
-+{
-+ struct super_block *super;
-+ entd_context *ent;
-+ int done = 0;
-+
-+ super = arg;
-+ /* do_fork() just copies task_struct into the new
-+ thread. ->fs_context shouldn't be copied of course. This shouldn't
-+ be a problem for the rest of the code though.
-+ */
-+ current->journal_info = NULL;
-+
-+ ent = get_entd_context(super);
-+
-+ while (!done) {
-+ try_to_freeze();
-+
-+ spin_lock(&ent->guard);
-+ while (ent->nr_todo_reqs != 0) {
-+ struct wbq *rq, *next;
-+
-+ assert("", list_empty_careful(&ent->done_list));
-+
-+ /* take request from the queue head */
-+ rq = __get_wbq(ent);
-+ assert("", rq != NULL);
-+ ent->cur_request = rq;
-+ spin_unlock(&ent->guard);
-+
-+ entd_set_comm("!");
-+ entd_flush(super, rq);
-+
-+ iput(rq->mapping->host);
-+ up(&(rq->sem));
-+
-+ /*
-+ * wakeup all requestors and iput their inodes
-+ */
-+ spin_lock(&ent->guard);
-+ list_for_each_entry_safe(rq, next, &ent->done_list, link) {
-+ list_del_init(&(rq->link));
-+ ent->nr_done_reqs --;
-+ spin_unlock(&ent->guard);
-+
-+ assert("", rq->written == 1);
-+ iput(rq->mapping->host);
-+ up(&(rq->sem));
-+ spin_lock(&ent->guard);
-+ }
-+ }
-+ spin_unlock(&ent->guard);
-+
-+ entd_set_comm(".");
-+
-+ {
-+ DEFINE_WAIT(__wait);
-+
-+ do {
-+ prepare_to_wait(&ent->wait, &__wait, TASK_INTERRUPTIBLE);
-+ if (kthread_should_stop()) {
-+ done = 1;
-+ break;
-+ }
-+ if (ent->nr_todo_reqs != 0)
-+ break;
-+ schedule();
-+ } while (0);
-+ finish_wait(&ent->wait, &__wait);
-+ }
-+ }
-+ spin_lock(&ent->guard);
-+ BUG_ON(ent->nr_todo_reqs != 0);
-+ spin_unlock(&ent->guard);
-+ wakeup_all_wbq(ent);
-+ return 0;
-+}
-+
-+/**
-+ * done_entd - stop entd kernel thread
-+ * @super: super block to stop ent thread for
-+ *
-+ * It is called on umount. Sends stop signal to entd and wait until it handles
-+ * it.
-+ */
-+void done_entd(struct super_block *super)
-+{
-+ entd_context *ent;
-+
-+ assert("nikita-3103", super != NULL);
-+
-+ ent = get_entd_context(super);
-+ assert("zam-1055", ent->tsk != NULL);
-+ kthread_stop(ent->tsk);
-+}
-+
-+/* called at the beginning of jnode_flush to register flusher thread with ent
-+ * daemon */
-+void enter_flush(struct super_block *super)
-+{
-+ entd_context *ent;
-+
-+ assert("zam-1029", super != NULL);
-+ ent = get_entd_context(super);
-+
-+ assert("zam-1030", ent != NULL);
-+
-+ spin_lock(&ent->guard);
-+ ent->flushers++;
-+#if REISER4_DEBUG
-+ list_add(&get_current_context()->flushers_link, &ent->flushers_list);
-+#endif
-+ spin_unlock(&ent->guard);
-+}
-+
-+/* called at the end of jnode_flush */
-+void leave_flush(struct super_block *super)
-+{
-+ entd_context *ent;
-+ int wake_up_ent;
-+
-+ assert("zam-1027", super != NULL);
-+ ent = get_entd_context(super);
-+
-+ assert("zam-1028", ent != NULL);
-+
-+ spin_lock(&ent->guard);
-+ ent->flushers--;
-+ wake_up_ent = (ent->flushers == 0 && ent->nr_todo_reqs != 0);
-+#if REISER4_DEBUG
-+ list_del_init(&get_current_context()->flushers_link);
-+#endif
-+ spin_unlock(&ent->guard);
-+ if (wake_up_ent)
-+ wake_up(&ent->wait);
-+}
-+
-+#define ENTD_CAPTURE_APAGE_BURST SWAP_CLUSTER_MAX
-+
-+static void entd_flush(struct super_block *super, struct wbq *rq)
-+{
-+ reiser4_context ctx;
-+ int tmp;
-+
-+ init_stack_context(&ctx, super);
-+ ctx.entd = 1;
-+ ctx.gfp_mask = GFP_NOFS;
-+
-+ rq->wbc->start = rq->page->index << PAGE_CACHE_SHIFT;
-+ rq->wbc->end = (rq->page->index + ENTD_CAPTURE_APAGE_BURST) << PAGE_CACHE_SHIFT;
-+ tmp = rq->wbc->nr_to_write;
-+ rq->mapping->a_ops->writepages(rq->mapping, rq->wbc);
-+
-+ if (rq->wbc->nr_to_write > 0) {
-+ rq->wbc->start = 0;
-+ rq->wbc->end = LLONG_MAX;
-+ generic_sync_sb_inodes(super, rq->wbc);
-+ }
-+ rq->wbc->nr_to_write = ENTD_CAPTURE_APAGE_BURST;
-+ writeout(super, rq->wbc);
-+
-+ context_set_commit_async(&ctx);
-+ reiser4_exit_context(&ctx);
-+}
-+
-+/**
-+ * write_page_by_ent - ask entd thread to flush this page as part of slum
-+ * @page: page to be written
-+ * @wbc: writeback control passed to reiser4_writepage
-+ *
-+ * Creates a request, puts it on entd list of requests, wakeups entd if
-+ * necessary, waits until entd completes with the request.
-+ */
-+int write_page_by_ent(struct page *page, struct writeback_control *wbc)
-+{
-+ struct super_block *sb;
-+ struct inode *inode;
-+ entd_context *ent;
-+ struct wbq rq;
-+
-+ assert("", PageLocked(page));
-+ assert("", page->mapping != NULL);
-+
-+ sb = page->mapping->host->i_sb;
-+ ent = get_entd_context(sb);
-+ assert("", ent && ent->done == 0);
-+
-+ /*
-+ * we are going to unlock page and ask ent thread to write the
-+ * page. Re-dirty page before unlocking so that if ent thread fails to
-+ * write it - it will remain dirty
-+ */
-+ set_page_dirty_internal(page);
-+
-+ /*
-+ * pin inode in memory, unlock page, entd_flush will iput. We can not
-+ * iput here becasue we can not allow delete_inode to be called here
-+ */
-+ inode = igrab(page->mapping->host);
-+ unlock_page(page);
-+ if (inode == NULL)
-+ /* inode is getting freed */
-+ return 0;
-+
-+ /* init wbq */
-+ INIT_LIST_HEAD(&rq.link);
-+ rq.magic = WBQ_MAGIC;
-+ rq.wbc = wbc;
-+ rq.page = page;
-+ rq.mapping = inode->i_mapping;
-+ rq.node = NULL;
-+ rq.written = 0;
-+ sema_init(&rq.sem, 0);
-+
-+ /* add request to entd's list of writepage requests */
-+ spin_lock(&ent->guard);
-+ ent->nr_todo_reqs++;
-+ list_add_tail(&rq.link, &ent->todo_list);
-+ if (ent->nr_todo_reqs == 1)
-+ wake_up(&ent->wait);
-+
-+ spin_unlock(&ent->guard);
-+
-+ /* wait until entd finishes */
-+ down(&rq.sem);
-+
-+ /*
-+ * spin until entd thread which did up(&rq.sem) does not need rq
-+ * anymore
-+ */
-+ spin_lock(&ent->guard);
-+ spin_unlock(&ent->guard);
-+
-+ if (rq.written)
-+ /* Eventually ENTD has written the page to disk. */
-+ return 0;
-+ return 0;
-+}
-+
-+int wbq_available(void)
-+{
-+ struct super_block *sb = reiser4_get_current_sb();
-+ entd_context *ent = get_entd_context(sb);
-+ return ent->nr_todo_reqs;
-+}
-+
-+/*
-+ * Local variables:
-+ * c-indentation-style: "K&R"
-+ * mode-name: "LC"
-+ * c-basic-offset: 8
-+ * tab-width: 8
-+ * fill-column: 79
-+ * End:
-+ */
-Index: linux-2.6.16/fs/reiser4/entd.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/entd.h
-@@ -0,0 +1,90 @@
-+/* Copyright 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* Ent daemon. */
-+
-+#ifndef __ENTD_H__
-+#define __ENTD_H__
-+
-+#include "context.h"
-+
-+#include <linux/fs.h>
-+#include <linux/completion.h>
-+#include <linux/wait.h>
-+#include <linux/spinlock.h>
-+#include <linux/sched.h> /* for struct task_struct */
-+
-+#define WBQ_MAGIC 0x7876dc76
-+
-+/* write-back request. */
-+struct wbq {
-+ int magic;
-+ struct list_head link; /* list head of this list is in entd context */
-+ struct writeback_control *wbc;
-+ struct page *page;
-+ struct address_space *mapping;
-+ struct semaphore sem;
-+ jnode *node; /* set if ent thread captured requested page */
-+ int written; /* set if ent thread wrote requested page */
-+};
-+
-+/* ent-thread context. This is used to synchronize starting/stopping ent
-+ * threads. */
-+typedef struct entd_context {
-+ /* wait queue that ent thread waits on for more work. It's
-+ * signaled by write_page_by_ent(). */
-+ wait_queue_head_t wait;
-+ /* spinlock protecting other fields */
-+ spinlock_t guard;
-+ /* ent thread */
-+ struct task_struct *tsk;
-+ /* set to indicate that ent thread should leave. */
-+ int done;
-+ /* counter of active flushers */
-+ int flushers;
-+ /*
-+ * when reiser4_writepage asks entd to write a page - it adds struct
-+ * wbq to this list
-+ */
-+ struct list_head todo_list;
-+ /* number of elements on the above list */
-+ int nr_todo_reqs;
-+
-+ struct wbq *cur_request;
-+ /*
-+ * when entd writes a page it moves write-back request from todo_list
-+ * to done_list. This list is used at the end of entd iteration to
-+ * wakeup requestors and iput inodes.
-+ */
-+ struct list_head done_list;
-+ /* number of elements on the above list */
-+ int nr_done_reqs;
-+
-+#if REISER4_DEBUG
-+ /* list of all active flushers */
-+ struct list_head flushers_list;
-+#endif
-+} entd_context;
-+
-+extern int init_entd(struct super_block *);
-+extern void done_entd(struct super_block *);
-+
-+extern void enter_flush(struct super_block *);
-+extern void leave_flush(struct super_block *);
-+
-+extern int write_page_by_ent(struct page *, struct writeback_control *);
-+extern int wbq_available(void);
-+extern void ent_writes_page(struct super_block *, struct page *);
-+
-+extern jnode *get_jnode_by_wbq(struct super_block *, struct wbq *);
-+/* __ENTD_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/eottl.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/eottl.c
-@@ -0,0 +1,510 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+#include "forward.h"
-+#include "debug.h"
-+#include "key.h"
-+#include "coord.h"
-+#include "plugin/item/item.h"
-+#include "plugin/node/node.h"
-+#include "znode.h"
-+#include "block_alloc.h"
-+#include "tree_walk.h"
-+#include "tree_mod.h"
-+#include "carry.h"
-+#include "tree.h"
-+#include "super.h"
-+
-+#include <linux/types.h> /* for __u?? */
-+
-+/*
-+ * Extents on the twig level (EOTTL) handling.
-+ *
-+ * EOTTL poses some problems to the tree traversal, that are better explained
-+ * by example.
-+ *
-+ * Suppose we have block B1 on the twig level with the following items:
-+ *
-+ * 0. internal item I0 with key (0:0:0:0) (locality, key-type, object-id,
-+ * offset)
-+ * 1. extent item E1 with key (1:4:100:0), having 10 blocks of 4k each
-+ * 2. internal item I2 with key (10:0:0:0)
-+ *
-+ * We are trying to insert item with key (5:0:0:0). Lookup finds node B1, and
-+ * then intra-node lookup is done. This lookup finished on the E1, because the
-+ * key we are looking for is larger than the key of E1 and is smaller than key
-+ * the of I2.
-+ *
-+ * Here search is stuck.
-+ *
-+ * After some thought it is clear what is wrong here: extents on the twig level
-+ * break some basic property of the *search* tree (on the pretext, that they
-+ * restore property of balanced tree).
-+ *
-+ * Said property is the following: if in the internal node of the search tree
-+ * we have [ ... Key1 Pointer Key2 ... ] then, all data that are or will be
-+ * keyed in the tree with the Key such that Key1 <= Key < Key2 are accessible
-+ * through the Pointer.
-+ *
-+ * This is not true, when Pointer is Extent-Pointer, simply because extent
-+ * cannot expand indefinitely to the right to include any item with
-+ *
-+ * Key1 <= Key <= Key2.
-+ *
-+ * For example, our E1 extent is only responsible for the data with keys
-+ *
-+ * (1:4:100:0) <= key <= (1:4:100:0xffffffffffffffff), and
-+ *
-+ * so, key range
-+ *
-+ * ( (1:4:100:0xffffffffffffffff), (10:0:0:0) )
-+ *
-+ * is orphaned: there is no way to get there from the tree root.
-+ *
-+ * In other words, extent pointers are different than normal child pointers as
-+ * far as search tree is concerned, and this creates such problems.
-+ *
-+ * Possible solution for this problem is to insert our item into node pointed
-+ * to by I2. There are some problems through:
-+ *
-+ * (1) I2 can be in a different node.
-+ * (2) E1 can be immediately followed by another extent E2.
-+ *
-+ * (1) is solved by calling reiser4_get_right_neighbor() and accounting
-+ * for locks/coords as necessary.
-+ *
-+ * (2) is more complex. Solution here is to insert new empty leaf node and
-+ * insert internal item between E1 and E2 pointing to said leaf node. This is
-+ * further complicated by possibility that E2 is in a different node, etc.
-+ *
-+ * Problems:
-+ *
-+ * (1) if there was internal item I2 immediately on the right of an extent E1
-+ * we and we decided to insert new item S1 into node N2 pointed to by I2, then
-+ * key of S1 will be less than smallest key in the N2. Normally, search key
-+ * checks that key we are looking for is in the range of keys covered by the
-+ * node key is being looked in. To work around of this situation, while
-+ * preserving useful consistency check new flag CBK_TRUST_DK was added to the
-+ * cbk falgs bitmask. This flag is automatically set on entrance to the
-+ * coord_by_key() and is only cleared when we are about to enter situation
-+ * described above.
-+ *
-+ * (2) If extent E1 is immediately followed by another extent E2 and we are
-+ * searching for the key that is between E1 and E2 we only have to insert new
-+ * empty leaf node when coord_by_key was called for insertion, rather than just
-+ * for lookup. To distinguish these cases, new flag CBK_FOR_INSERT was added to
-+ * the cbk falgs bitmask. This flag is automatically set by coord_by_key calls
-+ * performed by insert_by_key() and friends.
-+ *
-+ * (3) Insertion of new empty leaf node (possibly) requires balancing. In any
-+ * case it requires modification of node content which is only possible under
-+ * write lock. It may well happen that we only have read lock on the node where
-+ * new internal pointer is to be inserted (common case: lookup of non-existent
-+ * stat-data that fells between two extents). If only read lock is held, tree
-+ * traversal is restarted with lock_level modified so that next time we hit
-+ * this problem, write lock will be held. Once we have write lock, balancing
-+ * will be performed.
-+ */
-+
-+/**
-+ * is_next_item_internal - check whether next item is internal
-+ * @coord: coordinate of extent item in twig node
-+ * @key: search key
-+ * @lh: twig node lock handle
-+ *
-+ * Looks at the unit next to @coord. If it is an internal one - 1 is returned,
-+ * @coord is set to that unit. If that unit is in right neighbor, @lh is moved
-+ * to that node, @coord is set to its first unit. If next item is not internal
-+ * or does not exist then 0 is returned, @coord and @lh are left unchanged. 2
-+ * is returned if search restart has to be done.
-+ */
-+static int
-+is_next_item_internal(coord_t *coord, const reiser4_key *key,
-+ lock_handle *lh)
-+{
-+ coord_t next;
-+ lock_handle rn;
-+ int result;
-+
-+ coord_dup(&next, coord);
-+ if (coord_next_unit(&next) == 0) {
-+ /* next unit is in this node */
-+ if (item_is_internal(&next)) {
-+ coord_dup(coord, &next);
-+ return 1;
-+ }
-+ assert("vs-3", item_is_extent(&next));
-+ return 0;
-+ }
-+
-+ /*
-+ * next unit either does not exist or is in right neighbor. If it is in
-+ * right neighbor we have to check right delimiting key because
-+ * concurrent thread could get their first and insert item with a key
-+ * smaller than @key
-+ */
-+ read_lock_dk(current_tree);
-+ result = keycmp(key, znode_get_rd_key(coord->node));
-+ read_unlock_dk(current_tree);
-+ assert("vs-6", result != EQUAL_TO);
-+ if (result == GREATER_THAN)
-+ return 2;
-+
-+ /* lock right neighbor */
-+ init_lh(&rn);
-+ result = reiser4_get_right_neighbor(&rn, coord->node,
-+ znode_is_wlocked(coord->node) ?
-+ ZNODE_WRITE_LOCK : ZNODE_READ_LOCK,
-+ GN_CAN_USE_UPPER_LEVELS);
-+ if (result == -E_NO_NEIGHBOR) {
-+ /* we are on the rightmost edge of the tree */
-+ done_lh(&rn);
-+ return 0;
-+ }
-+
-+ if (result) {
-+ assert("vs-4", result < 0);
-+ done_lh(&rn);
-+ return result;
-+ }
-+
-+ /*
-+ * check whether concurrent thread managed to insert item with a key
-+ * smaller than @key
-+ */
-+ read_lock_dk(current_tree);
-+ result = keycmp(key, znode_get_ld_key(rn.node));
-+ read_unlock_dk(current_tree);
-+ assert("vs-6", result != EQUAL_TO);
-+ if (result == GREATER_THAN) {
-+ done_lh(&rn);
-+ return 2;
-+ }
-+
-+ result = zload(rn.node);
-+ if (result) {
-+ assert("vs-5", result < 0);
-+ done_lh(&rn);
-+ return result;
-+ }
-+
-+ coord_init_first_unit(&next, rn.node);
-+ if (item_is_internal(&next)) {
-+ /*
-+ * next unit is in right neighbor and it is an unit of internal
-+ * item. Unlock coord->node. Move @lh to right neighbor. @coord
-+ * is set to the first unit of right neighbor.
-+ */
-+ coord_dup(coord, &next);
-+ zrelse(rn.node);
-+ done_lh(lh);
-+ move_lh(lh, &rn);
-+ return 1;
-+ }
-+
-+ /*
-+ * next unit is unit of extent item. Return without chaning @lh and
-+ * @coord.
-+ */
-+ assert("vs-6", item_is_extent(&next));
-+ zrelse(rn.node);
-+ done_lh(&rn);
-+ return 0;
-+}
-+
-+/**
-+ * rd_key - calculate key of an item next to the given one
-+ * @coord: position in a node
-+ * @key: storage for result key
-+ *
-+ * @coord is set between items or after the last item in a node. Calculate key
-+ * of item to the right of @coord.
-+ */
-+static reiser4_key *rd_key(const coord_t *coord, reiser4_key *key)
-+{
-+ coord_t dup;
-+
-+ assert("nikita-2281", coord_is_between_items(coord));
-+ coord_dup(&dup, coord);
-+
-+ if (coord_set_to_right(&dup) == 0)
-+ /* next item is in this node. Return its key. */
-+ unit_key_by_coord(&dup, key);
-+ else {
-+ /*
-+ * next item either does not exist or is in right
-+ * neighbor. Return znode's right delimiting key.
-+ */
-+ read_lock_dk(current_tree);
-+ *key = *znode_get_rd_key(coord->node);
-+ read_unlock_dk(current_tree);
-+ }
-+ return key;
-+}
-+
-+/**
-+ * add_empty_leaf - insert empty leaf between two extents
-+ * @insert_coord: position in twig node between two extents
-+ * @lh: twig node lock handle
-+ * @key: left delimiting key of new node
-+ * @rdkey: right delimiting key of new node
-+ *
-+ * Inserts empty leaf node between two extent items. It is necessary when we
-+ * have to insert an item on leaf level between two extents (items on the twig
-+ * level).
-+ */
-+static int
-+add_empty_leaf(coord_t *insert_coord, lock_handle *lh,
-+ const reiser4_key *key, const reiser4_key *rdkey)
-+{
-+ int result;
-+ carry_pool *pool;
-+ carry_level *todo;
-+ reiser4_item_data *item;
-+ carry_insert_data *cdata;
-+ carry_op *op;
-+ znode *node;
-+ reiser4_tree *tree;
-+
-+ assert("vs-49827", znode_contains_key_lock(insert_coord->node, key));
-+ tree = znode_get_tree(insert_coord->node);
-+ node = new_node(insert_coord->node, LEAF_LEVEL);
-+ if (IS_ERR(node))
-+ return PTR_ERR(node);
-+
-+ /* setup delimiting keys for node being inserted */
-+ write_lock_dk(tree);
-+ znode_set_ld_key(node, key);
-+ znode_set_rd_key(node, rdkey);
-+ ON_DEBUG(node->creator = current);
-+ ON_DEBUG(node->first_key = *key);
-+ write_unlock_dk(tree);
-+
-+ ZF_SET(node, JNODE_ORPHAN);
-+
-+ /*
-+ * allocate carry_pool, 3 carry_level-s, reiser4_item_data and
-+ * carry_insert_data
-+ */
-+ pool = init_carry_pool(sizeof(*pool) + 3 * sizeof(*todo) +
-+ sizeof(*item) + sizeof(*cdata));
-+ if (IS_ERR(pool))
-+ return PTR_ERR(pool);
-+ todo = (carry_level *) (pool + 1);
-+ init_carry_level(todo, pool);
-+
-+ item = (reiser4_item_data *) (todo + 3);
-+ cdata = (carry_insert_data *) (item + 1);
-+
-+ op = post_carry(todo, COP_INSERT, insert_coord->node, 0);
-+ if (!IS_ERR(op)) {
-+ cdata->coord = insert_coord;
-+ cdata->key = key;
-+ cdata->data = item;
-+ op->u.insert.d = cdata;
-+ op->u.insert.type = COPT_ITEM_DATA;
-+ build_child_ptr_data(node, item);
-+ item->arg = NULL;
-+ /* have @insert_coord to be set at inserted item after
-+ insertion is done */
-+ todo->track_type = CARRY_TRACK_CHANGE;
-+ todo->tracked = lh;
-+
-+ result = carry(todo, NULL);
-+ if (result == 0) {
-+ /*
-+ * pin node in memory. This is necessary for
-+ * znode_make_dirty() below.
-+ */
-+ result = zload(node);
-+ if (result == 0) {
-+ lock_handle local_lh;
-+
-+ /*
-+ * if we inserted new child into tree we have
-+ * to mark it dirty so that flush will be able
-+ * to process it.
-+ */
-+ init_lh(&local_lh);
-+ result = longterm_lock_znode(&local_lh, node,
-+ ZNODE_WRITE_LOCK,
-+ ZNODE_LOCK_LOPRI);
-+ if (result == 0) {
-+ znode_make_dirty(node);
-+
-+ /*
-+ * when internal item pointing to @node
-+ * was inserted into twig node
-+ * create_hook_internal did not connect
-+ * it properly because its right
-+ * neighbor was not known. Do it
-+ * here
-+ */
-+ write_lock_tree(tree);
-+ assert("nikita-3312",
-+ znode_is_right_connected(node));
-+ assert("nikita-2984",
-+ node->right == NULL);
-+ ZF_CLR(node, JNODE_RIGHT_CONNECTED);
-+ write_unlock_tree(tree);
-+ result =
-+ connect_znode(insert_coord, node);
-+ if (result == 0)
-+ ON_DEBUG(check_dkeys(node));
-+
-+ done_lh(lh);
-+ move_lh(lh, &local_lh);
-+ assert("vs-1676", node_is_empty(node));
-+ coord_init_first_unit(insert_coord,
-+ node);
-+ } else {
-+ warning("nikita-3136",
-+ "Cannot lock child");
-+ }
-+ done_lh(&local_lh);
-+ zrelse(node);
-+ }
-+ }
-+ } else
-+ result = PTR_ERR(op);
-+ zput(node);
-+ done_carry_pool(pool);
-+ return result;
-+}
-+
-+/**
-+ * handle_eottl - handle extent-on-the-twig-level cases in tree traversal
-+ * @h: search handle
-+ * @outcome: flag saying whether search has to restart or is done
-+ *
-+ * Handles search on twig level. If this function completes search itself then
-+ * it returns 1. If search has to go one level down then 0 is returned. If
-+ * error happens then LOOKUP_DONE is returned via @outcome and error code is saved
-+ * in @h->result.
-+ */
-+int handle_eottl(cbk_handle *h, int *outcome)
-+{
-+ int result;
-+ reiser4_key key;
-+ coord_t *coord;
-+
-+ coord = h->coord;
-+
-+ if (h->level != TWIG_LEVEL ||
-+ (coord_is_existing_item(coord) && item_is_internal(coord))) {
-+ /* Continue to traverse tree downward. */
-+ return 0;
-+ }
-+
-+ /*
-+ * make sure that @h->coord is set to twig node and that it is either
-+ * set to extent item or after extent item
-+ */
-+ assert("vs-356", h->level == TWIG_LEVEL);
-+ assert("vs-357", ( {
-+ coord_t lcoord;
-+ coord_dup(&lcoord, coord);
-+ check_me("vs-733", coord_set_to_left(&lcoord) == 0);
-+ item_is_extent(&lcoord);
-+ }
-+ ));
-+
-+ if (*outcome == NS_FOUND) {
-+ /* we have found desired key on twig level in extent item */
-+ h->result = CBK_COORD_FOUND;
-+ *outcome = LOOKUP_DONE;
-+ return 1;
-+ }
-+
-+ if (!(h->flags & CBK_FOR_INSERT)) {
-+ /* tree traversal is not for insertion. Just return
-+ CBK_COORD_NOTFOUND. */
-+ h->result = CBK_COORD_NOTFOUND;
-+ *outcome = LOOKUP_DONE;
-+ return 1;
-+ }
-+
-+ /* take a look at the item to the right of h -> coord */
-+ result = is_next_item_internal(coord, h->key, h->active_lh);
-+ if (unlikely(result < 0)) {
-+ h->error = "get_right_neighbor failed";
-+ h->result = result;
-+ *outcome = LOOKUP_DONE;
-+ return 1;
-+ }
-+ if (result == 0) {
-+ /*
-+ * item to the right is also an extent one. Allocate a new node
-+ * and insert pointer to it after item h -> coord.
-+ *
-+ * This is a result of extents being located at the twig
-+ * level. For explanation, see comment just above
-+ * is_next_item_internal().
-+ */
-+ znode *loaded;
-+
-+ if (cbk_lock_mode(h->level, h) != ZNODE_WRITE_LOCK) {
-+ /*
-+ * we got node read locked, restart coord_by_key to
-+ * have write lock on twig level
-+ */
-+ h->lock_level = TWIG_LEVEL;
-+ h->lock_mode = ZNODE_WRITE_LOCK;
-+ *outcome = LOOKUP_REST;
-+ return 1;
-+ }
-+
-+ loaded = coord->node;
-+ result =
-+ add_empty_leaf(coord, h->active_lh, h->key,
-+ rd_key(coord, &key));
-+ if (result) {
-+ h->error = "could not add empty leaf";
-+ h->result = result;
-+ *outcome = LOOKUP_DONE;
-+ return 1;
-+ }
-+ /* added empty leaf is locked (h->active_lh), its parent node
-+ is unlocked, h->coord is set as EMPTY */
-+ assert("vs-13", coord->between == EMPTY_NODE);
-+ assert("vs-14", znode_is_write_locked(coord->node));
-+ assert("vs-15",
-+ WITH_DATA(coord->node, node_is_empty(coord->node)));
-+ assert("vs-16", jnode_is_leaf(ZJNODE(coord->node)));
-+ assert("vs-17", coord->node == h->active_lh->node);
-+ *outcome = LOOKUP_DONE;
-+ h->result = CBK_COORD_NOTFOUND;
-+ return 1;
-+ } else if (result == 1) {
-+ /*
-+ * this is special case mentioned in the comment on
-+ * tree.h:cbk_flags. We have found internal item immediately on
-+ * the right of extent, and we are going to insert new item
-+ * there. Key of item we are going to insert is smaller than
-+ * leftmost key in the node pointed to by said internal item
-+ * (otherwise search wouldn't come to the extent in the first
-+ * place).
-+ *
-+ * This is a result of extents being located at the twig
-+ * level. For explanation, see comment just above
-+ * is_next_item_internal().
-+ */
-+ h->flags &= ~CBK_TRUST_DK;
-+ } else {
-+ assert("vs-8", result == 2);
-+ *outcome = LOOKUP_REST;
-+ return 1;
-+ }
-+ assert("vs-362", WITH_DATA(coord->node, item_is_internal(coord)));
-+ return 0;
-+}
-+
-+/*
-+ * Local variables:
-+ * c-indentation-style: "K&R"
-+ * mode-name: "LC"
-+ * c-basic-offset: 8
-+ * tab-width: 8
-+ * fill-column: 120
-+ * scroll-step: 1
-+ * End:
-+ */
-Index: linux-2.6.16/fs/reiser4/estimate.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/estimate.c
-@@ -0,0 +1,111 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+#include "debug.h"
-+#include "dformat.h"
-+#include "tree.h"
-+#include "carry.h"
-+#include "inode.h"
-+#include "plugin/cluster.h"
-+#include "plugin/item/ctail.h"
-+
-+/* this returns how many nodes might get dirty and added nodes if @children nodes are dirtied
-+
-+ Amount of internals which will get dirty or get allocated we estimate as 5% of the childs + 1 balancing. 1 balancing
-+ is 2 neighbours, 2 new blocks and the current block on the leaf level, 2 neighbour nodes + the current (or 1
-+ neighbour and 1 new and the current) on twig level, 2 neighbour nodes on upper levels and 1 for a new root. So 5 for
-+ leaf level, 3 for twig level, 2 on upper + 1 for root.
-+
-+ Do not calculate the current node of the lowest level here - this is overhead only.
-+
-+ children is almost always 1 here. Exception is flow insertion
-+*/
-+static reiser4_block_nr
-+max_balance_overhead(reiser4_block_nr childen, tree_level tree_height)
-+{
-+ reiser4_block_nr ten_percent;
-+
-+ ten_percent = ((103 * childen) >> 10);
-+
-+ /* If we have too many balancings at the time, tree height can raise on more
-+ then 1. Assume that if tree_height is 5, it can raise on 1 only. */
-+ return ((tree_height < 5 ? 5 : tree_height) * 2 + (4 + ten_percent));
-+}
-+
-+/* this returns maximal possible number of nodes which can be modified plus number of new nodes which can be required to
-+ perform insertion of one item into the tree */
-+/* it is only called when tree height changes, or gets initialized */
-+reiser4_block_nr calc_estimate_one_insert(tree_level height)
-+{
-+ return 1 + max_balance_overhead(1, height);
-+}
-+
-+reiser4_block_nr estimate_one_insert_item(reiser4_tree * tree)
-+{
-+ return tree->estimate_one_insert;
-+}
-+
-+/* this returns maximal possible number of nodes which can be modified plus number of new nodes which can be required to
-+ perform insertion of one unit into an item in the tree */
-+reiser4_block_nr estimate_one_insert_into_item(reiser4_tree * tree)
-+{
-+ /* estimate insert into item just like item insertion */
-+ return tree->estimate_one_insert;
-+}
-+
-+reiser4_block_nr estimate_one_item_removal(reiser4_tree * tree)
-+{
-+ /* on item removal reiser4 does not try to pack nodes more complact, so, only one node may be dirtied on leaf
-+ level */
-+ return tree->estimate_one_insert;
-+}
-+
-+/* on leaf level insert_flow may add CARRY_FLOW_NEW_NODES_LIMIT new nodes and dirty 3 existing nodes (insert point and
-+ both its neighbors). Max_balance_overhead should estimate number of blocks which may change/get added on internal
-+ levels */
-+reiser4_block_nr estimate_insert_flow(tree_level height)
-+{
-+ return 3 + CARRY_FLOW_NEW_NODES_LIMIT + max_balance_overhead(3 +
-+ CARRY_FLOW_NEW_NODES_LIMIT,
-+ height);
-+}
-+
-+/* returnes max number of nodes can be occupied by disk cluster */
-+static reiser4_block_nr estimate_cluster(struct inode * inode, int unprepped)
-+{
-+ int per_cluster;
-+ per_cluster = (unprepped ? 1 : cluster_nrpages(inode));
-+ return 3 + per_cluster +
-+ max_balance_overhead(3 + per_cluster,
-+ REISER4_MAX_ZTREE_HEIGHT);
-+}
-+
-+/* how many nodes might get dirty and added
-+ during insertion of a disk cluster */
-+reiser4_block_nr estimate_insert_cluster(struct inode * inode)
-+{
-+ return estimate_cluster(inode, 1); /* 24 */
-+}
-+
-+/* how many nodes might get dirty and added
-+ during update of a (prepped or unprepped) disk cluster */
-+reiser4_block_nr estimate_update_cluster(struct inode * inode)
-+{
-+ return estimate_cluster(inode, 0); /* 44, for 64K-cluster */
-+}
-+
-+/* how many nodes occupied by a disk cluster might get dirty */
-+reiser4_block_nr estimate_dirty_cluster(struct inode * inode)
-+{
-+ return 2 + cluster_nrpages(inode);
-+}
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/export_ops.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/export_ops.c
-@@ -0,0 +1,296 @@
-+/* Copyright 2005 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+#include "inode.h"
-+#include "plugin/plugin.h"
-+
-+
-+/*
-+ * Supported file-handle types
-+ */
-+typedef enum {
-+ FH_WITH_PARENT = 0x10, /* file handle with parent */
-+ FH_WITHOUT_PARENT = 0x11 /* file handle without parent */
-+} reiser4_fhtype;
-+
-+#define NFSERROR (255)
-+
-+/* initialize place-holder for object */
-+static void object_on_wire_init(reiser4_object_on_wire *o)
-+{
-+ o->plugin = NULL;
-+}
-+
-+/* finish with @o */
-+static void object_on_wire_done(reiser4_object_on_wire *o)
-+{
-+ if (o->plugin != NULL)
-+ o->plugin->wire.done(o);
-+}
-+
-+/*
-+ * read serialized object identity from @addr and store information about
-+ * object in @obj. This is dual to encode_inode().
-+ */
-+static char *decode_inode(struct super_block *s, char *addr,
-+ reiser4_object_on_wire * obj)
-+{
-+ file_plugin *fplug;
-+
-+ /* identifier of object plugin is stored in the first two bytes,
-+ * followed by... */
-+ fplug = file_plugin_by_disk_id(get_tree(s), (d16 *) addr);
-+ if (fplug != NULL) {
-+ addr += sizeof(d16);
-+ obj->plugin = fplug;
-+ assert("nikita-3520", fplug->wire.read != NULL);
-+ /* plugin specific encoding of object identity. */
-+ addr = fplug->wire.read(addr, obj);
-+ } else
-+ addr = ERR_PTR(RETERR(-EINVAL));
-+ return addr;
-+}
-+
-+/**
-+ * reiser4_decode_fh - decode_fh of export operations
-+ * @super: super block
-+ * @fh: nfsd file handle
-+ * @len: length of file handle
-+ * @fhtype: type of file handle
-+ * @acceptable: acceptability testing function
-+ * @context: argument for @acceptable
-+ *
-+ * Returns dentry referring to the same file as @fh.
-+ */
-+static struct dentry *reiser4_decode_fh(struct super_block *super, __u32 *fh,
-+ int len, int fhtype,
-+ int (*acceptable) (void *context,
-+ struct dentry *de),
-+ void *context)
-+{
-+ reiser4_context *ctx;
-+ reiser4_object_on_wire object;
-+ reiser4_object_on_wire parent;
-+ char *addr;
-+ int with_parent;
-+
-+ ctx = init_context(super);
-+ if (IS_ERR(ctx))
-+ return (struct dentry *)ctx;
-+
-+ assert("vs-1482",
-+ fhtype == FH_WITH_PARENT || fhtype == FH_WITHOUT_PARENT);
-+
-+ with_parent = (fhtype == FH_WITH_PARENT);
-+
-+ addr = (char *)fh;
-+
-+ object_on_wire_init(&object);
-+ object_on_wire_init(&parent);
-+
-+ addr = decode_inode(super, addr, &object);
-+ if (!IS_ERR(addr)) {
-+ if (with_parent)
-+ addr = decode_inode(super, addr, &parent);
-+ if (!IS_ERR(addr)) {
-+ struct dentry *d;
-+ typeof(super->s_export_op->find_exported_dentry) fn;
-+
-+ fn = super->s_export_op->find_exported_dentry;
-+ assert("nikita-3521", fn != NULL);
-+ d = fn(super, &object, with_parent ? &parent : NULL,
-+ acceptable, context);
-+ if (d != NULL && !IS_ERR(d))
-+ /* FIXME check for -ENOMEM */
-+ reiser4_get_dentry_fsdata(d)->stateless = 1;
-+ addr = (char *)d;
-+ }
-+ }
-+
-+ object_on_wire_done(&object);
-+ object_on_wire_done(&parent);
-+
-+ reiser4_exit_context(ctx);
-+ return (void *)addr;
-+}
-+
-+/*
-+ * Object serialization support.
-+ *
-+ * To support knfsd file system provides export_operations that are used to
-+ * construct and interpret NFS file handles. As a generalization of this,
-+ * reiser4 object plugins have serialization support: it provides methods to
-+ * create on-wire representation of identity of reiser4 object, and
-+ * re-create/locate object given its on-wire identity.
-+ *
-+ */
-+
-+/*
-+ * return number of bytes that on-wire representation of @inode's identity
-+ * consumes.
-+ */
-+static int encode_inode_size(struct inode *inode)
-+{
-+ assert("nikita-3514", inode != NULL);
-+ assert("nikita-3515", inode_file_plugin(inode) != NULL);
-+ assert("nikita-3516", inode_file_plugin(inode)->wire.size != NULL);
-+
-+ return inode_file_plugin(inode)->wire.size(inode) + sizeof(d16);
-+}
-+
-+/*
-+ * store on-wire representation of @inode's identity at the area beginning at
-+ * @start.
-+ */
-+static char *encode_inode(struct inode *inode, char *start)
-+{
-+ assert("nikita-3517", inode != NULL);
-+ assert("nikita-3518", inode_file_plugin(inode) != NULL);
-+ assert("nikita-3519", inode_file_plugin(inode)->wire.write != NULL);
-+
-+ /*
-+ * first, store two-byte identifier of object plugin, then
-+ */
-+ save_plugin_id(file_plugin_to_plugin(inode_file_plugin(inode)),
-+ (d16 *) start);
-+ start += sizeof(d16);
-+ /*
-+ * call plugin to serialize object's identity
-+ */
-+ return inode_file_plugin(inode)->wire.write(inode, start);
-+}
-+
-+/* this returns number of 32 bit long numbers encoded in @lenp. 255 is
-+ * returned if file handle can not be stored */
-+/**
-+ * reiser4_encode_fh - encode_fh of export operations
-+ * @dentry:
-+ * @fh:
-+ * @lenp:
-+ * @need_parent:
-+ *
-+ */
-+static int
-+reiser4_encode_fh(struct dentry *dentry, __u32 *fh, int *lenp,
-+ int need_parent)
-+{
-+ struct inode *inode;
-+ struct inode *parent;
-+ char *addr;
-+ int need;
-+ int delta;
-+ int result;
-+ reiser4_context *ctx;
-+
-+ /*
-+ * knfsd asks as to serialize object in @dentry, and, optionally its
-+ * parent (if need_parent != 0).
-+ *
-+ * encode_inode() and encode_inode_size() is used to build
-+ * representation of object and its parent. All hard work is done by
-+ * object plugins.
-+ */
-+ inode = dentry->d_inode;
-+ parent = dentry->d_parent->d_inode;
-+
-+ addr = (char *)fh;
-+
-+ need = encode_inode_size(inode);
-+ if (need < 0)
-+ return NFSERROR;
-+ if (need_parent) {
-+ delta = encode_inode_size(parent);
-+ if (delta < 0)
-+ return NFSERROR;
-+ need += delta;
-+ }
-+
-+ ctx = init_context(dentry->d_inode->i_sb);
-+ if (IS_ERR(ctx))
-+ return PTR_ERR(ctx);
-+
-+ if (need <= sizeof(__u32) * (*lenp)) {
-+ addr = encode_inode(inode, addr);
-+ if (need_parent)
-+ addr = encode_inode(parent, addr);
-+
-+ /* store in lenp number of 32bit words required for file
-+ * handle. */
-+ *lenp = (need + sizeof(__u32) - 1) >> 2;
-+ result = need_parent ? FH_WITH_PARENT : FH_WITHOUT_PARENT;
-+ } else
-+ /* no enough space in file handle */
-+ result = NFSERROR;
-+ reiser4_exit_context(ctx);
-+ return result;
-+}
-+
-+/**
-+ * reiser4_get_dentry_parent - get_parent of export operations
-+ * @child:
-+ *
-+ */
-+static struct dentry *reiser4_get_dentry_parent(struct dentry *child)
-+{
-+ struct inode *dir;
-+ dir_plugin *dplug;
-+
-+ assert("nikita-3527", child != NULL);
-+ /* see comment in reiser4_get_dentry() about following assertion */
-+ assert("nikita-3528", is_in_reiser4_context());
-+
-+ dir = child->d_inode;
-+ assert("nikita-3529", dir != NULL);
-+ dplug = inode_dir_plugin(dir);
-+ assert("nikita-3531", ergo(dplug != NULL, dplug->get_parent != NULL));
-+ if (dplug != NULL)
-+ return dplug->get_parent(dir);
-+ else
-+ return ERR_PTR(RETERR(-ENOTDIR));
-+}
-+
-+/**
-+ * reiser4_get_dentry - get_dentry of export operations
-+ * @super:
-+ * @data:
-+ *
-+ *
-+ */
-+static struct dentry *reiser4_get_dentry(struct super_block *super, void *data)
-+{
-+ reiser4_object_on_wire *o;
-+
-+ assert("nikita-3522", super != NULL);
-+ assert("nikita-3523", data != NULL);
-+ /*
-+ * this is only supposed to be called by
-+ *
-+ * reiser4_decode_fh->find_exported_dentry
-+ *
-+ * so, reiser4_context should be here already.
-+ */
-+ assert("nikita-3526", is_in_reiser4_context());
-+
-+ o = (reiser4_object_on_wire *)data;
-+ assert("nikita-3524", o->plugin != NULL);
-+ assert("nikita-3525", o->plugin->wire.get != NULL);
-+
-+ return o->plugin->wire.get(super, o);
-+}
-+
-+struct export_operations reiser4_export_operations = {
-+ .encode_fh = reiser4_encode_fh,
-+ .decode_fh = reiser4_decode_fh,
-+ .get_parent = reiser4_get_dentry_parent,
-+ .get_dentry = reiser4_get_dentry
-+};
-+
-+/*
-+ * Local variables:
-+ * c-indentation-style: "K&R"
-+ * mode-name: "LC"
-+ * c-basic-offset: 8
-+ * tab-width: 8
-+ * fill-column: 79
-+ * End:
-+ */
-Index: linux-2.6.16/fs/reiser4/flush.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/flush.c
-@@ -0,0 +1,3626 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* The design document for this file is at http://www.namesys.com/v4/v4.html. */
-+
-+#include "forward.h"
-+#include "debug.h"
-+#include "dformat.h"
-+#include "key.h"
-+#include "coord.h"
-+#include "plugin/item/item.h"
-+#include "plugin/plugin.h"
-+#include "plugin/object.h"
-+#include "txnmgr.h"
-+#include "jnode.h"
-+#include "znode.h"
-+#include "block_alloc.h"
-+#include "tree_walk.h"
-+#include "carry.h"
-+#include "tree.h"
-+#include "vfs_ops.h"
-+#include "inode.h"
-+#include "page_cache.h"
-+#include "wander.h"
-+#include "super.h"
-+#include "entd.h"
-+#include "reiser4.h"
-+#include "flush.h"
-+#include "writeout.h"
-+
-+#include <asm/atomic.h>
-+#include <linux/fs.h> /* for struct super_block */
-+#include <linux/mm.h> /* for struct page */
-+#include <linux/bio.h> /* for struct bio */
-+#include <linux/pagemap.h>
-+#include <linux/blkdev.h>
-+
-+/* IMPLEMENTATION NOTES */
-+
-+/* PARENT-FIRST: Some terminology: A parent-first traversal is a way of assigning a total
-+ order to the nodes of the tree in which the parent is placed before its children, which
-+ are ordered (recursively) in left-to-right order. When we speak of a "parent-first preceder", it
-+ describes the node that "came before in forward parent-first order". When we speak of a
-+ "parent-first follower", it describes the node that "comes next in parent-first
-+ order" (alternatively the node that "came before in reverse parent-first order").
-+
-+ The following pseudo-code prints the nodes of a tree in forward parent-first order:
-+
-+ void parent_first (node)
-+ {
-+ print_node (node);
-+ if (node->level > leaf) {
-+ for (i = 0; i < num_children; i += 1) {
-+ parent_first (node->child[i]);
-+ }
-+ }
-+ }
-+*/
-+
-+/* JUST WHAT ARE WE TRYING TO OPTIMIZE, HERE? The idea is to optimize block allocation so
-+ that a left-to-right scan of the tree's data (i.e., the leaves in left-to-right order)
-+ can be accomplished with sequential reads, which results in reading nodes in their
-+ parent-first order. This is a read-optimization aspect of the flush algorithm, and
-+ there is also a write-optimization aspect, which is that we wish to make large
-+ sequential writes to the disk by allocating or reallocating blocks so that they can be
-+ written in sequence. Sometimes the read-optimization and write-optimization goals
-+ conflict with each other, as we discuss in more detail below.
-+*/
-+
-+/* STATE BITS: The flush code revolves around the state of the jnodes it covers. Here are
-+ the relevant jnode->state bits and their relevence to flush:
-+
-+ JNODE_DIRTY: If a node is dirty, it must be flushed. But in order to be written it
-+ must be allocated first. In order to be considered allocated, the jnode must have
-+ exactly one of { JNODE_OVRWR, JNODE_RELOC } set. These two bits are exclusive, and
-+ all dirtied jnodes eventually have one of these bits set during each transaction.
-+
-+ JNODE_CREATED: The node was freshly created in its transaction and has no previous
-+ block address, so it is unconditionally assigned to be relocated, although this is
-+ mainly for code-convenience. It is not being 'relocated' from anything, but in
-+ almost every regard it is treated as part of the relocate set. The JNODE_CREATED bit
-+ remains set even after JNODE_RELOC is set, so the actual relocate can be
-+ distinguished from the created-and-allocated set easily: relocate-set members
-+ (belonging to the preserve-set) have (JNODE_RELOC) set and created-set members which
-+ have no previous location to preserve have (JNODE_RELOC | JNODE_CREATED) set.
-+
-+ JNODE_OVRWR: The node belongs to atom's overwrite set. The flush algorithm made the
-+ decision to maintain the pre-existing location for this node and it will be written
-+ to the wandered-log.
-+
-+ JNODE_RELOC: The flush algorithm made the decision to relocate this block (if it was
-+ not created, see note above). A block with JNODE_RELOC set is eligible for
-+ early-flushing and may be submitted during flush_empty_queues. When the JNODE_RELOC
-+ bit is set on a znode, the parent node's internal item is modified and the znode is
-+ rehashed.
-+
-+ JNODE_SQUEEZABLE: Before shifting everything left, the flush algorithm scans the node
-+ and calls plugin->f.squeeze() method for its items. By this technology we update disk
-+ clusters of cryptcompress objects. Also if leftmost point that was found by flush scan
-+ has this flag (races with write(), rare case) the flush algorythm makes the decision
-+ to pass it to squalloc() in spite of its flushprepped status for squeezing, not for
-+ repeated allocation.
-+
-+ JNODE_FLUSH_QUEUED: This bit is set when a call to flush enters the jnode into its
-+ flush queue. This means the jnode is not on any clean or dirty list, instead it is
-+ moved to one of the flush queue (see flush_queue.h) object private list. This
-+ prevents multiple concurrent flushes from attempting to start flushing from the
-+ same node.
-+
-+ (DEAD STATE BIT) JNODE_FLUSH_BUSY: This bit was set during the bottom-up
-+ squeeze-and-allocate on a node while its children are actively being squeezed and
-+ allocated. This flag was created to avoid submitting a write request for a node
-+ while its children are still being allocated and squeezed. Then flush queue was
-+ re-implemented to allow unlimited number of nodes be queued. This flag support was
-+ commented out in source code because we decided that there was no reason to submit
-+ queued nodes before jnode_flush() finishes. However, current code calls fq_write()
-+ during a slum traversal and may submit "busy nodes" to disk. Probably we can
-+ re-enable the JNODE_FLUSH_BUSY bit support in future.
-+
-+ With these state bits, we describe a test used frequently in the code below,
-+ jnode_is_flushprepped() (and the spin-lock-taking jnode_check_flushprepped()). The
-+ test for "flushprepped" returns true if any of the following are true:
-+
-+ - The node is not dirty
-+ - The node has JNODE_RELOC set
-+ - The node has JNODE_OVRWR set
-+
-+ If either the node is not dirty or it has already been processed by flush (and assigned
-+ JNODE_OVRWR or JNODE_RELOC), then it is prepped. If jnode_is_flushprepped() returns
-+ true then flush has work to do on that node.
-+*/
-+
-+/* FLUSH_PREP_ONCE_PER_TRANSACTION: Within a single transaction a node is never
-+ flushprepped twice (unless an explicit call to flush_unprep is made as described in
-+ detail below). For example a node is dirtied, allocated, and then early-flushed to
-+ disk and set clean. Before the transaction commits, the page is dirtied again and, due
-+ to memory pressure, the node is flushed again. The flush algorithm will not relocate
-+ the node to a new disk location, it will simply write it to the same, previously
-+ relocated position again.
-+*/
-+
-+/* THE BOTTOM-UP VS. TOP-DOWN ISSUE: This code implements a bottom-up algorithm where we
-+ start at a leaf node and allocate in parent-first order by iterating to the right. At
-+ each step of the iteration, we check for the right neighbor. Before advancing to the
-+ right neighbor, we check if the current position and the right neighbor share the same
-+ parent. If they do not share the same parent, the parent is allocated before the right
-+ neighbor.
-+
-+ This process goes recursively up the tree and squeeze nodes level by level as long as
-+ the right neighbor and the current position have different parents, then it allocates
-+ the right-neighbors-with-different-parents on the way back down. This process is
-+ described in more detail in flush_squalloc_changed_ancestor and the recursive function
-+ squalloc_one_changed_ancestor. But the purpose here is not to discuss the
-+ specifics of the bottom-up approach as it is to contrast the bottom-up and top-down
-+ approaches.
-+
-+ The top-down algorithm was implemented earlier (April-May 2002). In the top-down
-+ approach, we find a starting point by scanning left along each level past dirty nodes,
-+ then going up and repeating the process until the left node and the parent node are
-+ clean. We then perform a parent-first traversal from the starting point, which makes
-+ allocating in parent-first order trivial. After one subtree has been allocated in this
-+ manner, we move to the right, try moving upward, then repeat the parent-first
-+ traversal.
-+
-+ Both approaches have problems that need to be addressed. Both are approximately the
-+ same amount of code, but the bottom-up approach has advantages in the order it acquires
-+ locks which, at the very least, make it the better approach. At first glance each one
-+ makes the other one look simpler, so it is important to remember a few of the problems
-+ with each one.
-+
-+ Main problem with the top-down approach: When you encounter a clean child during the
-+ parent-first traversal, what do you do? You would like to avoid searching through a
-+ large tree of nodes just to find a few dirty leaves at the bottom, and there is not an
-+ obvious solution. One of the advantages of the top-down approach is that during the
-+ parent-first traversal you check every child of a parent to see if it is dirty. In
-+ this way, the top-down approach easily handles the main problem of the bottom-up
-+ approach: unallocated children.
-+
-+ The unallocated children problem is that before writing a node to disk we must make
-+ sure that all of its children are allocated. Otherwise, the writing the node means
-+ extra I/O because the node will have to be written again when the child is finally
-+ allocated.
-+
-+ WE HAVE NOT YET ELIMINATED THE UNALLOCATED CHILDREN PROBLEM. Except for bugs, this
-+ should not cause any file system corruption, it only degrades I/O performance because a
-+ node may be written when it is sure to be written at least one more time in the same
-+ transaction when the remaining children are allocated. What follows is a description
-+ of how we will solve the problem.
-+*/
-+
-+/* HANDLING UNALLOCATED CHILDREN: During flush we may allocate a parent node then,
-+ proceeding in parent first order, allocate some of its left-children, then encounter a
-+ clean child in the middle of the parent. We do not allocate the clean child, but there
-+ may remain unallocated (dirty) children to the right of the clean child. If we were to
-+ stop flushing at this moment and write everything to disk, the parent might still
-+ contain unallocated children.
-+
-+ We could try to allocate all the descendents of every node that we allocate, but this
-+ is not necessary. Doing so could result in allocating the entire tree: if the root
-+ node is allocated then every unallocated node would have to be allocated before
-+ flushing. Actually, we do not have to write a node just because we allocate it. It is
-+ possible to allocate but not write a node during flush, when it still has unallocated
-+ children. However, this approach is probably not optimal for the following reason.
-+
-+ The flush algorithm is designed to allocate nodes in parent-first order in an attempt
-+ to optimize reads that occur in the same order. Thus we are read-optimizing for a
-+ left-to-right scan through all the leaves in the system, and we are hoping to
-+ write-optimize at the same time because those nodes will be written together in batch.
-+ What happens, however, if we assign a block number to a node in its read-optimized
-+ order but then avoid writing it because it has unallocated children? In that
-+ situation, we lose out on the write-optimization aspect because a node will have to be
-+ written again to the its location on the device, later, which likely means seeking back
-+ to that location.
-+
-+ So there are tradeoffs. We can choose either:
-+
-+ A. Allocate all unallocated children to preserve both write-optimization and
-+ read-optimization, but this is not always desirable because it may mean having to
-+ allocate and flush very many nodes at once.
-+
-+ B. Defer writing nodes with unallocated children, keep their read-optimized locations,
-+ but sacrifice write-optimization because those nodes will be written again.
-+
-+ C. Defer writing nodes with unallocated children, but do not keep their read-optimized
-+ locations. Instead, choose to write-optimize them later, when they are written. To
-+ facilitate this, we "undo" the read-optimized allocation that was given to the node so
-+ that later it can be write-optimized, thus "unpreparing" the flush decision. This is a
-+ case where we disturb the FLUSH_PREP_ONCE_PER_TRANSACTION rule described above. By a
-+ call to flush_unprep() we will: if the node was wandered, unset the JNODE_OVRWR bit;
-+ if the node was relocated, unset the JNODE_RELOC bit, non-deferred-deallocate its block
-+ location, and set the JNODE_CREATED bit, effectively setting the node back to an
-+ unallocated state.
-+
-+ We will take the following approach in v4.0: for twig nodes we will always finish
-+ allocating unallocated children (A). For nodes with (level > TWIG) we will defer
-+ writing and choose write-optimization (C).
-+
-+ To summarize, there are several parts to a solution that avoids the problem with
-+ unallocated children:
-+
-+ FIXME-ZAM: Still no one approach is implemented to eliminate the "UNALLOCATED CHILDREN"
-+ problem because there was an experiment which was done showed that we have 1-2 nodes
-+ with unallocated children for thousands of written nodes. The experiment was simple
-+ like coping / deletion of linux kernel sources. However the problem can arise in more
-+ complex tests. I think we have jnode_io_hook to insert a check for unallocated
-+ children and see what kind of problem we have.
-+
-+ 1. When flush reaches a stopping point (e.g., a clean node), it should continue calling
-+ squeeze-and-allocate on any remaining unallocated children. FIXME: Difficulty to
-+ implement: should be simple -- amounts to adding a while loop to jnode_flush, see
-+ comments in that function.
-+
-+ 2. When flush reaches flush_empty_queue(), some of the (level > TWIG) nodes may still
-+ have unallocated children. If the twig level has unallocated children it is an
-+ assertion failure. If a higher-level node has unallocated children, then it should be
-+ explicitly de-allocated by a call to flush_unprep(). FIXME: Difficulty to implement:
-+ should be simple.
-+
-+ 3. (CPU-Optimization) Checking whether a node has unallocated children may consume more
-+ CPU cycles than we would like, and it is possible (but medium complexity) to optimize
-+ this somewhat in the case where large sub-trees are flushed. The following observation
-+ helps: if both the left- and right-neighbor of a node are processed by the flush
-+ algorithm then the node itself is guaranteed to have all of its children allocated.
-+ However, the cost of this check may not be so expensive after all: it is not needed for
-+ leaves and flush can guarantee this property for twigs. That leaves only (level >
-+ TWIG) nodes that have to be checked, so this optimization only helps if at least three
-+ (level > TWIG) nodes are flushed in one pass, and the savings will be very small unless
-+ there are many more (level > TWIG) nodes. But if there are many (level > TWIG) nodes
-+ then the number of blocks being written will be very large, so the savings may be
-+ insignificant. That said, the idea is to maintain both the left and right edges of
-+ nodes that are processed in flush. When flush_empty_queue() is called, a relatively
-+ simple test will tell whether the (level > TWIG) node is on the edge. If it is on the
-+ edge, the slow check is necessary, but if it is in the interior then it can be assumed
-+ to have all of its children allocated. FIXME: medium complexity to implement, but
-+ simple to verify given that we must have a slow check anyway.
-+
-+ 4. (Optional) This part is optional, not for v4.0--flush should work independently of
-+ whether this option is used or not. Called RAPID_SCAN, the idea is to amend the
-+ left-scan operation to take unallocated children into account. Normally, the left-scan
-+ operation goes left as long as adjacent nodes are dirty up until some large maximum
-+ value (FLUSH_SCAN_MAXNODES) at which point it stops and begins flushing. But scan-left
-+ may stop at a position where there are unallocated children to the left with the same
-+ parent. When RAPID_SCAN is enabled, the ordinary scan-left operation stops after
-+ FLUSH_RELOCATE_THRESHOLD, which is much smaller than FLUSH_SCAN_MAXNODES, then procedes
-+ with a rapid scan. The rapid scan skips all the interior children of a node--if the
-+ leftmost child of a twig is dirty, check its left neighbor (the rightmost child of the
-+ twig to the left). If the left neighbor of the leftmost child is also dirty, then
-+ continue the scan at the left twig and repeat. This option will cause flush to
-+ allocate more twigs in a single pass, but it also has the potential to write many more
-+ nodes than would otherwise be written without the RAPID_SCAN option. RAPID_SCAN
-+ was partially implemented, code removed August 12, 2002 by JMACD.
-+*/
-+
-+/* FLUSH CALLED ON NON-LEAF LEVEL. Most of our design considerations assume that the
-+ starting point for flush is a leaf node, but actually the flush code cares very little
-+ about whether or not this is true. It is possible that all the leaf nodes are flushed
-+ and dirty parent nodes still remain, in which case jnode_flush() is called on a
-+ non-leaf argument. Flush doesn't care--it treats the argument node as if it were a
-+ leaf, even when it is not. This is a simple approach, and there may be a more optimal
-+ policy but until a problem with this approach is discovered, simplest is probably best.
-+
-+ NOTE: In this case, the ordering produced by flush is parent-first only if you ignore
-+ the leaves. This is done as a matter of simplicity and there is only one (shaky)
-+ justification. When an atom commits, it flushes all leaf level nodes first, followed
-+ by twigs, and so on. With flushing done in this order, if flush is eventually called
-+ on a non-leaf node it means that (somehow) we reached a point where all leaves are
-+ clean and only internal nodes need to be flushed. If that it the case, then it means
-+ there were no leaves that were the parent-first preceder/follower of the parent. This
-+ is expected to be a rare case, which is why we do nothing special about it. However,
-+ memory pressure may pass an internal node to flush when there are still dirty leaf
-+ nodes that need to be flushed, which could prove our original assumptions
-+ "inoperative". If this needs to be fixed, then scan_left/right should have
-+ special checks for the non-leaf levels. For example, instead of passing from a node to
-+ the left neighbor, it should pass from the node to the left neighbor's rightmost
-+ descendent (if dirty).
-+
-+*/
-+
-+/* UNIMPLEMENTED AS YET: REPACKING AND RESIZING. We walk the tree in 4MB-16MB chunks, dirtying everything and putting
-+ it into a transaction. We tell the allocator to allocate the blocks as far as possible towards one end of the
-+ logical device--the left (starting) end of the device if we are walking from left to right, the right end of the
-+ device if we are walking from right to left. We then make passes in alternating directions, and as we do this the
-+ device becomes sorted such that tree order and block number order fully correlate.
-+
-+ Resizing is done by shifting everything either all the way to the left or all the way
-+ to the right, and then reporting the last block.
-+*/
-+
-+/* RELOCATE DECISIONS: The code makes a decision to relocate in several places. This
-+ descibes the policy from the highest level:
-+
-+ The FLUSH_RELOCATE_THRESHOLD parameter: If we count this many consecutive nodes on the
-+ leaf level during flush-scan (right, left), then we unconditionally decide to relocate
-+ leaf nodes.
-+
-+ Otherwise, there are two contexts in which we make a decision to relocate:
-+
-+ 1. The REVERSE PARENT-FIRST context: Implemented in reverse_relocate_test().
-+ During the initial stages of flush, after scan-right completes, we want to ask the
-+ question: should we relocate this leaf node and thus dirty the parent node. Then if
-+ the node is a leftmost child its parent is its own parent-first preceder, thus we repeat
-+ the question at the next level up, and so on. In these cases we are moving in the
-+ reverse-parent first direction.
-+
-+ There is another case which is considered the reverse direction, which comes at the end
-+ of a twig in reverse_relocate_end_of_twig(). As we finish processing a twig we may
-+ reach a point where there is a clean twig to the right with a dirty leftmost child. In
-+ this case, we may wish to relocate the child by testing if it should be relocated
-+ relative to its parent.
-+
-+ 2. The FORWARD PARENT-FIRST context: Testing for forward relocation is done in
-+ allocate_znode. What distinguishes the forward parent-first case from the
-+ reverse-parent first case is that the preceder has already been allocated in the
-+ forward case, whereas in the reverse case we don't know what the preceder is until we
-+ finish "going in reverse". That simplifies the forward case considerably, and there we
-+ actually use the block allocator to determine whether, e.g., a block closer to the
-+ preceder is available.
-+*/
-+
-+/* SQUEEZE_LEFT_EDGE: Unimplemented idea for future consideration. The idea is, once we
-+ finish scan-left and find a starting point, if the parent's left neighbor is dirty then
-+ squeeze the parent's left neighbor and the parent. This may change the
-+ flush-starting-node's parent. Repeat until the child's parent is stable. If the child
-+ is a leftmost child, repeat this left-edge squeezing operation at the next level up.
-+ Note that we cannot allocate extents during this or they will be out of parent-first
-+ order. There is also some difficult coordinate maintenence issues. We can't do a tree
-+ search to find coordinates again (because we hold locks), we have to determine them
-+ from the two nodes being squeezed. Looks difficult, but has potential to increase
-+ space utilization. */
-+
-+/* Flush-scan helper functions. */
-+static void scan_init(flush_scan * scan);
-+static void scan_done(flush_scan * scan);
-+
-+/* Flush-scan algorithm. */
-+static int scan_left(flush_scan * scan, flush_scan * right, jnode * node,
-+ unsigned limit);
-+static int scan_right(flush_scan * scan, jnode * node, unsigned limit);
-+static int scan_common(flush_scan * scan, flush_scan * other);
-+static int scan_formatted(flush_scan * scan);
-+static int scan_unformatted(flush_scan * scan, flush_scan * other);
-+static int scan_by_coord(flush_scan * scan);
-+
-+/* Initial flush-point ancestor allocation. */
-+static int alloc_pos_and_ancestors(flush_pos_t * pos);
-+static int alloc_one_ancestor(const coord_t * coord, flush_pos_t * pos);
-+static int set_preceder(const coord_t * coord_in, flush_pos_t * pos);
-+
-+/* Main flush algorithm. Note on abbreviation: "squeeze and allocate" == "squalloc". */
-+static int squalloc(flush_pos_t * pos);
-+
-+/* Flush squeeze implementation. */
-+static int squeeze_right_non_twig(znode * left, znode * right);
-+static int shift_one_internal_unit(znode * left, znode * right);
-+
-+/* Flush reverse parent-first relocation routines. */
-+static int reverse_relocate_if_close_enough(const reiser4_block_nr * pblk,
-+ const reiser4_block_nr * nblk);
-+static int reverse_relocate_test(jnode * node, const coord_t * parent_coord,
-+ flush_pos_t * pos);
-+static int reverse_relocate_check_dirty_parent(jnode * node,
-+ const coord_t * parent_coord,
-+ flush_pos_t * pos);
-+
-+/* Flush allocate write-queueing functions: */
-+static int allocate_znode(znode * node, const coord_t * parent_coord,
-+ flush_pos_t * pos);
-+static int allocate_znode_update(znode * node, const coord_t * parent_coord,
-+ flush_pos_t * pos);
-+static int lock_parent_and_allocate_znode(znode *, flush_pos_t *);
-+
-+/* Flush helper functions: */
-+static int jnode_lock_parent_coord(jnode * node,
-+ coord_t * coord,
-+ lock_handle * parent_lh,
-+ load_count * parent_zh,
-+ znode_lock_mode mode, int try);
-+static int neighbor_in_slum(znode * node, lock_handle * right_lock, sideof side,
-+ znode_lock_mode mode, int check_dirty);
-+static int znode_same_parents(znode * a, znode * b);
-+
-+static int znode_check_flushprepped(znode * node)
-+{
-+ return jnode_check_flushprepped(ZJNODE(node));
-+}
-+
-+/* Flush position functions */
-+static void pos_init(flush_pos_t * pos);
-+static int pos_valid(flush_pos_t * pos);
-+static void pos_done(flush_pos_t * pos);
-+static int pos_stop(flush_pos_t * pos);
-+
-+/* check that @org is first jnode extent unit, if extent is unallocated,
-+ * because all jnodes of unallocated extent are dirty and of the same atom. */
-+#define checkchild(scan) \
-+assert("nikita-3435", \
-+ ergo(scan->direction == LEFT_SIDE && \
-+ (scan->parent_coord.node->level == TWIG_LEVEL) && \
-+ jnode_is_unformatted(scan->node) && \
-+ extent_is_unallocated(&scan->parent_coord), \
-+ extent_unit_index(&scan->parent_coord) == index_jnode(scan->node)))
-+
-+/* This flush_cnt variable is used to track the number of concurrent flush operations,
-+ useful for debugging. It is initialized in txnmgr.c out of laziness (because flush has
-+ no static initializer function...) */
-+ON_DEBUG(atomic_t flush_cnt;
-+ )
-+
-+/* check fs backing device for write congestion */
-+static int check_write_congestion(void)
-+{
-+ struct super_block *sb;
-+ struct backing_dev_info *bdi;
-+
-+ sb = reiser4_get_current_sb();
-+ bdi = get_super_fake(sb)->i_mapping->backing_dev_info;
-+ return bdi_write_congested(bdi);
-+}
-+
-+/* conditionally write flush queue */
-+static int write_prepped_nodes(flush_pos_t * pos)
-+{
-+ int ret;
-+
-+ assert("zam-831", pos);
-+ assert("zam-832", pos->fq);
-+
-+ if (!(pos->flags & JNODE_FLUSH_WRITE_BLOCKS))
-+ return 0;
-+
-+ if (check_write_congestion())
-+ return 0;
-+
-+ ret = write_fq(pos->fq, pos->nr_written,
-+ WRITEOUT_SINGLE_STREAM | WRITEOUT_FOR_PAGE_RECLAIM);
-+ return ret;
-+}
-+
-+/* Proper release all flush pos. resources then move flush position to new
-+ locked node */
-+static void move_flush_pos(flush_pos_t * pos, lock_handle * new_lock,
-+ load_count * new_load, const coord_t * new_coord)
-+{
-+ assert("zam-857", new_lock->node == new_load->node);
-+
-+ if (new_coord) {
-+ assert("zam-858", new_coord->node == new_lock->node);
-+ coord_dup(&pos->coord, new_coord);
-+ } else {
-+ coord_init_first_unit(&pos->coord, new_lock->node);
-+ }
-+
-+ if (pos->child) {
-+ jput(pos->child);
-+ pos->child = NULL;
-+ }
-+
-+ move_load_count(&pos->load, new_load);
-+ done_lh(&pos->lock);
-+ move_lh(&pos->lock, new_lock);
-+}
-+
-+/* delete empty node which link from the parent still exists. */
-+static int delete_empty_node(znode * node)
-+{
-+ reiser4_key smallest_removed;
-+
-+ assert("zam-1019", node != NULL);
-+ assert("zam-1020", node_is_empty(node));
-+ assert("zam-1023", znode_is_wlocked(node));
-+
-+ return delete_node(node, &smallest_removed, NULL, 1);
-+}
-+
-+/* Prepare flush position for alloc_pos_and_ancestors() and squalloc() */
-+static int prepare_flush_pos(flush_pos_t * pos, jnode * org)
-+{
-+ int ret;
-+ load_count load;
-+ lock_handle lock;
-+
-+ init_lh(&lock);
-+ init_load_count(&load);
-+
-+ if (jnode_is_znode(org)) {
-+ ret = longterm_lock_znode(&lock, JZNODE(org),
-+ ZNODE_WRITE_LOCK, ZNODE_LOCK_HIPRI);
-+ if (ret)
-+ return ret;
-+
-+ ret = incr_load_count_znode(&load, JZNODE(org));
-+ if (ret)
-+ return ret;
-+
-+ pos->state =
-+ (jnode_get_level(org) ==
-+ LEAF_LEVEL) ? POS_ON_LEAF : POS_ON_INTERNAL;
-+ move_flush_pos(pos, &lock, &load, NULL);
-+ } else {
-+ coord_t parent_coord;
-+ ret = jnode_lock_parent_coord(org, &parent_coord, &lock,
-+ &load, ZNODE_WRITE_LOCK, 0);
-+ if (ret)
-+ goto done;
-+ if (!item_is_extent(&parent_coord)) {
-+ /* file was converted to tail, org became HB, we found internal
-+ item */
-+ ret = -EAGAIN;
-+ goto done;
-+ }
-+
-+ pos->state = POS_ON_EPOINT;
-+ move_flush_pos(pos, &lock, &load, &parent_coord);
-+ pos->child = jref(org);
-+ if (extent_is_unallocated(&parent_coord)
-+ && extent_unit_index(&parent_coord) != index_jnode(org)) {
-+ /* @org is not first child of its parent unit. This may happen
-+ because longerm lock of its parent node was released between
-+ scan_left and scan_right. For now work around this having flush to repeat */
-+ ret = -EAGAIN;
-+ }
-+ }
-+
-+ done:
-+ done_load_count(&load);
-+ done_lh(&lock);
-+ return ret;
-+}
-+
-+/* TODO LIST (no particular order): */
-+/* I have labelled most of the legitimate FIXME comments in this file with letters to
-+ indicate which issue they relate to. There are a few miscellaneous FIXMEs with
-+ specific names mentioned instead that need to be inspected/resolved. */
-+/* B. There is an issue described in reverse_relocate_test having to do with an
-+ imprecise is_preceder? check having to do with partially-dirty extents. The code that
-+ sets preceder hints and computes the preceder is basically untested. Careful testing
-+ needs to be done that preceder calculations are done correctly, since if it doesn't
-+ affect correctness we will not catch this stuff during regular testing. */
-+/* C. EINVAL, E_DEADLOCK, E_NO_NEIGHBOR, ENOENT handling. It is unclear which of these are
-+ considered expected but unlikely conditions. Flush currently returns 0 (i.e., success
-+ but no progress, i.e., restart) whenever it receives any of these in jnode_flush().
-+ Many of the calls that may produce one of these return values (i.e.,
-+ longterm_lock_znode, reiser4_get_parent, reiser4_get_neighbor, ...) check some of these
-+ values themselves and, for instance, stop flushing instead of resulting in a restart.
-+ If any of these results are true error conditions then flush will go into a busy-loop,
-+ as we noticed during testing when a corrupt tree caused find_child_ptr to return
-+ ENOENT. It needs careful thought and testing of corner conditions.
-+*/
-+/* D. Atomicity of flush_prep against deletion and flush concurrency. Suppose a created
-+ block is assigned a block number then early-flushed to disk. It is dirtied again and
-+ flush is called again. Concurrently, that block is deleted, and the de-allocation of
-+ its block number does not need to be deferred, since it is not part of the preserve set
-+ (i.e., it didn't exist before the transaction). I think there may be a race condition
-+ where flush writes the dirty, created block after the non-deferred deallocated block
-+ number is re-allocated, making it possible to write deleted data on top of non-deleted
-+ data. Its just a theory, but it needs to be thought out. */
-+/* F. bio_alloc() failure is not handled gracefully. */
-+/* G. Unallocated children. */
-+/* H. Add a WANDERED_LIST to the atom to clarify the placement of wandered blocks. */
-+/* I. Rename flush-scan to scan-point, (flush-pos to flush-point?) */
-+
-+/* JNODE_FLUSH: MAIN ENTRY POINT */
-+/* This is the main entry point for flushing a jnode and its dirty neighborhood (dirty
-+ neighborhood is named "slum"). Jnode_flush() is called if reiser4 has to write dirty
-+ blocks to disk, it happens when Linux VM decides to reduce number of dirty pages or as
-+ a part of transaction commit.
-+
-+ Our objective here is to prep and flush the slum the jnode belongs to. We want to
-+ squish the slum together, and allocate the nodes in it as we squish because allocation
-+ of children affects squishing of parents.
-+
-+ The "argument" @node tells flush where to start. From there, flush finds the left edge
-+ of the slum, and calls squalloc (in which nodes are squeezed and allocated). To find a
-+ "better place" to start squalloc first we perform a flush_scan.
-+
-+ Flush-scanning may be performed in both left and right directions, but for different
-+ purposes. When scanning to the left, we are searching for a node that precedes a
-+ sequence of parent-first-ordered nodes which we will then flush in parent-first order.
-+ During flush-scanning, we also take the opportunity to count the number of consecutive
-+ leaf nodes. If this number is past some threshold (FLUSH_RELOCATE_THRESHOLD), then we
-+ make a decision to reallocate leaf nodes (thus favoring write-optimization).
-+
-+ Since the flush argument node can be anywhere in a sequence of dirty leaves, there may
-+ also be dirty nodes to the right of the argument. If the scan-left operation does not
-+ count at least FLUSH_RELOCATE_THRESHOLD nodes then we follow it with a right-scan
-+ operation to see whether there is, in fact, enough nodes to meet the relocate
-+ threshold. Each right- and left-scan operation uses a single flush_scan object.
-+
-+ After left-scan and possibly right-scan, we prepare a flush_position object with the
-+ starting flush point or parent coordinate, which was determined using scan-left.
-+
-+ Next we call the main flush routine, squalloc, which iterates along the
-+ leaf level, squeezing and allocating nodes (and placing them into the flush queue).
-+
-+ After squalloc returns we take extra steps to ensure that all the children
-+ of the final twig node are allocated--this involves repeating squalloc
-+ until we finish at a twig with no unallocated children.
-+
-+ Finally, we call flush_empty_queue to submit write-requests to disk. If we encounter
-+ any above-twig nodes during flush_empty_queue that still have unallocated children, we
-+ flush_unprep them.
-+
-+ Flush treats several "failure" cases as non-failures, essentially causing them to start
-+ over. E_DEADLOCK is one example. FIXME:(C) EINVAL, E_NO_NEIGHBOR, ENOENT: these should
-+ probably be handled properly rather than restarting, but there are a bunch of cases to
-+ audit.
-+*/
-+
-+static int
-+jnode_flush(jnode * node, long nr_to_write, long *nr_written,
-+ flush_queue_t * fq, int flags)
-+{
-+ long ret = 0;
-+ flush_scan *right_scan;
-+ flush_scan *left_scan;
-+ flush_pos_t *flush_pos;
-+ int todo;
-+ struct super_block *sb;
-+ reiser4_super_info_data *sbinfo;
-+ jnode *leftmost_in_slum = NULL;
-+
-+ assert("jmacd-76619", lock_stack_isclean(get_current_lock_stack()));
-+ assert("nikita-3022", schedulable());
-+
-+ /* lock ordering: delete_sema and flush_sema are unordered */
-+ assert("nikita-3185",
-+ get_current_super_private()->delete_sema_owner != current);
-+
-+ /* allocate right_scan, left_scan and flush_pos */
-+ right_scan =
-+ kmalloc(2 * sizeof(*right_scan) + sizeof(*flush_pos), get_gfp_mask());
-+ if (right_scan == NULL)
-+ return RETERR(-ENOMEM);
-+ left_scan = right_scan + 1;
-+ flush_pos = (flush_pos_t *) (left_scan + 1);
-+
-+ sb = reiser4_get_current_sb();
-+ sbinfo = get_super_private(sb);
-+ if (!reiser4_is_set(sb, REISER4_MTFLUSH)) {
-+ down(&sbinfo->flush_sema);
-+ }
-+
-+ /* Flush-concurrency debug code */
-+#if REISER4_DEBUG
-+ atomic_inc(&flush_cnt);
-+#endif
-+
-+ enter_flush(sb);
-+
-+ /* Initialize a flush position. */
-+ pos_init(flush_pos);
-+
-+ flush_pos->nr_written = nr_written;
-+ flush_pos->fq = fq;
-+ flush_pos->flags = flags;
-+ flush_pos->nr_to_write = nr_to_write;
-+
-+ scan_init(right_scan);
-+ scan_init(left_scan);
-+
-+ /* First scan left and remember the leftmost scan position. If the leftmost
-+ position is unformatted we remember its parent_coord. We scan until counting
-+ FLUSH_SCAN_MAXNODES.
-+
-+ If starting @node is unformatted, at the beginning of left scan its
-+ parent (twig level node, containing extent item) will be long term
-+ locked and lock handle will be stored in the
-+ @right_scan->parent_lock. This lock is used to start the rightward
-+ scan without redoing the tree traversal (necessary to find parent)
-+ and, hence, is kept during leftward scan. As a result, we have to
-+ use try-lock when taking long term locks during the leftward scan.
-+ */
-+ ret = scan_left(left_scan, right_scan,
-+ node, sbinfo->flush.scan_maxnodes);
-+ if (ret != 0)
-+ goto failed;
-+
-+ leftmost_in_slum = jref(left_scan->node);
-+ scan_done(left_scan);
-+
-+ /* Then possibly go right to decide if we will use a policy of relocating leaves.
-+ This is only done if we did not scan past (and count) enough nodes during the
-+ leftward scan. If we do scan right, we only care to go far enough to establish
-+ that at least FLUSH_RELOCATE_THRESHOLD number of nodes are being flushed. The
-+ scan limit is the difference between left_scan.count and the threshold. */
-+
-+ todo = sbinfo->flush.relocate_threshold - left_scan->count;
-+ /* scan right is inherently deadlock prone, because we are
-+ * (potentially) holding a lock on the twig node at this moment.
-+ * FIXME: this is incorrect comment: lock is not held */
-+ if (todo > 0) {
-+ ret = scan_right(right_scan, node, (unsigned)todo);
-+ if (ret != 0)
-+ goto failed;
-+ }
-+
-+ /* Only the right-scan count is needed, release any rightward locks right away. */
-+ scan_done(right_scan);
-+
-+ /* ... and the answer is: we should relocate leaf nodes if at least
-+ FLUSH_RELOCATE_THRESHOLD nodes were found. */
-+ flush_pos->leaf_relocate = JF_ISSET(node, JNODE_REPACK) ||
-+ (left_scan->count + right_scan->count >=
-+ sbinfo->flush.relocate_threshold);
-+
-+ /* Funny business here. We set the 'point' in the flush_position at prior to
-+ starting squalloc regardless of whether the first point is
-+ formatted or unformatted. Without this there would be an invariant, in the
-+ rest of the code, that if the flush_position is unformatted then
-+ flush_position->point is NULL and flush_position->parent_{lock,coord} is set,
-+ and if the flush_position is formatted then flush_position->point is non-NULL
-+ and no parent info is set.
-+
-+ This seems lazy, but it makes the initial calls to reverse_relocate_test
-+ (which ask "is it the pos->point the leftmost child of its parent") much easier
-+ because we know the first child already. Nothing is broken by this, but the
-+ reasoning is subtle. Holding an extra reference on a jnode during flush can
-+ cause us to see nodes with HEARD_BANSHEE during squalloc, because nodes are not
-+ removed from sibling lists until they have zero reference count. Flush would
-+ never observe a HEARD_BANSHEE node on the left-edge of flush, nodes are only
-+ deleted to the right. So if nothing is broken, why fix it?
-+
-+ NOTE-NIKITA actually, flush can meet HEARD_BANSHEE node at any
-+ point and in any moment, because of the concurrent file system
-+ activity (for example, truncate). */
-+
-+ /* Check jnode state after flush_scan completed. Having a lock on this
-+ node or its parent (in case of unformatted) helps us in case of
-+ concurrent flushing. */
-+ if (jnode_check_flushprepped(leftmost_in_slum)
-+ && !jnode_convertible(leftmost_in_slum)) {
-+ ret = 0;
-+ goto failed;
-+ }
-+
-+ /* Now setup flush_pos using scan_left's endpoint. */
-+ ret = prepare_flush_pos(flush_pos, leftmost_in_slum);
-+ if (ret)
-+ goto failed;
-+
-+ if (znode_get_level(flush_pos->coord.node) == LEAF_LEVEL
-+ && node_is_empty(flush_pos->coord.node)) {
-+ znode *empty = flush_pos->coord.node;
-+
-+ assert("zam-1022", !ZF_ISSET(empty, JNODE_HEARD_BANSHEE));
-+ ret = delete_empty_node(empty);
-+ goto failed;
-+ }
-+
-+ if (jnode_check_flushprepped(leftmost_in_slum)
-+ && !jnode_convertible(leftmost_in_slum)) {
-+ ret = 0;
-+ goto failed;
-+ }
-+
-+ /* Set pos->preceder and (re)allocate pos and its ancestors if it is needed */
-+ ret = alloc_pos_and_ancestors(flush_pos);
-+ if (ret)
-+ goto failed;
-+
-+ /* Do the main rightward-bottom-up squeeze and allocate loop. */
-+ ret = squalloc(flush_pos);
-+ pos_stop(flush_pos);
-+ if (ret)
-+ goto failed;
-+
-+ /* FIXME_NFQUCMPD: Here, handle the twig-special case for unallocated children.
-+ First, the pos_stop() and pos_valid() routines should be modified
-+ so that pos_stop() sets a flush_position->stop flag to 1 without
-+ releasing the current position immediately--instead release it in
-+ pos_done(). This is a better implementation than the current one anyway.
-+
-+ It is not clear that all fields of the flush_position should not be released,
-+ but at the very least the parent_lock, parent_coord, and parent_load should
-+ remain held because they are hold the last twig when pos_stop() is
-+ called.
-+
-+ When we reach this point in the code, if the parent_coord is set to after the
-+ last item then we know that flush reached the end of a twig (and according to
-+ the new flush queueing design, we will return now). If parent_coord is not
-+ past the last item, we should check if the current twig has any unallocated
-+ children to the right (we are not concerned with unallocated children to the
-+ left--in that case the twig itself should not have been allocated). If the
-+ twig has unallocated children to the right, set the parent_coord to that
-+ position and then repeat the call to squalloc.
-+
-+ Testing for unallocated children may be defined in two ways: if any internal
-+ item has a fake block number, it is unallocated; if any extent item is
-+ unallocated then all of its children are unallocated. But there is a more
-+ aggressive approach: if there are any dirty children of the twig to the right
-+ of the current position, we may wish to relocate those nodes now. Checking for
-+ potential relocation is more expensive as it requires knowing whether there are
-+ any dirty children that are not unallocated. The extent_needs_allocation
-+ should be used after setting the correct preceder.
-+
-+ When we reach the end of a twig at this point in the code, if the flush can
-+ continue (when the queue is ready) it will need some information on the future
-+ starting point. That should be stored away in the flush_handle using a seal, I
-+ believe. Holding a jref() on the future starting point may break other code
-+ that deletes that node.
-+ */
-+
-+ /* FIXME_NFQUCMPD: Also, we don't want to do any flushing when flush is called
-+ above the twig level. If the VM calls flush above the twig level, do nothing
-+ and return (but figure out why this happens). The txnmgr should be modified to
-+ only flush its leaf-level dirty list. This will do all the necessary squeeze
-+ and allocate steps but leave unallocated branches and possibly unallocated
-+ twigs (when the twig's leftmost child is not dirty). After flushing the leaf
-+ level, the remaining unallocated nodes should be given write-optimized
-+ locations. (Possibly, the remaining unallocated twigs should be allocated just
-+ before their leftmost child.)
-+ */
-+
-+ /* Any failure reaches this point. */
-+ failed:
-+
-+ switch (ret) {
-+ case -E_REPEAT:
-+ case -EINVAL:
-+ case -E_DEADLOCK:
-+ case -E_NO_NEIGHBOR:
-+ case -ENOENT:
-+ /* FIXME(C): Except for E_DEADLOCK, these should probably be handled properly
-+ in each case. They already are handled in many cases. */
-+ /* Something bad happened, but difficult to avoid... Try again! */
-+ ret = 0;
-+ }
-+
-+ if (leftmost_in_slum)
-+ jput(leftmost_in_slum);
-+
-+ pos_done(flush_pos);
-+ scan_done(left_scan);
-+ scan_done(right_scan);
-+ kfree(right_scan);
-+
-+ ON_DEBUG(atomic_dec(&flush_cnt));
-+
-+ leave_flush(sb);
-+
-+ if (!reiser4_is_set(sb, REISER4_MTFLUSH))
-+ up(&sbinfo->flush_sema);
-+
-+ return ret;
-+}
-+
-+/* The reiser4 flush subsystem can be turned into "rapid flush mode" means that
-+ * flusher should submit all prepped nodes immediately without keeping them in
-+ * flush queues for long time. The reason for rapid flush mode is to free
-+ * memory as fast as possible. */
-+
-+#if REISER4_USE_RAPID_FLUSH
-+
-+/**
-+ * submit all prepped nodes if rapid flush mode is set,
-+ * turn rapid flush mode off.
-+ */
-+
-+static int rapid_flush(flush_pos_t * pos)
-+{
-+ if (!wbq_available())
-+ return 0;
-+
-+ return write_prepped_nodes(pos);
-+}
-+
-+#else
-+
-+#define rapid_flush(pos) (0)
-+
-+#endif /* REISER4_USE_RAPID_FLUSH */
-+
-+static jnode *find_flush_start_jnode(jnode *start, txn_atom *atom,
-+ flush_queue_t *fq, int *nr_queued,
-+ int flags)
-+{
-+ jnode * node;
-+
-+ if (start != NULL) {
-+ spin_lock_jnode(start);
-+ if (!jnode_is_flushprepped(start)) {
-+ assert("zam-1056", start->atom == atom);
-+ node = start;
-+ goto enter;
-+ }
-+ spin_unlock_jnode(start);
-+ }
-+ /*
-+ * In this loop we process all already prepped (RELOC or OVRWR) and dirtied again
-+ * nodes. The atom spin lock is not released until all dirty nodes processed or
-+ * not prepped node found in the atom dirty lists.
-+ */
-+ while ((node = find_first_dirty_jnode(atom, flags))) {
-+ spin_lock_jnode(node);
-+ enter:
-+ assert("zam-881", JF_ISSET(node, JNODE_DIRTY));
-+ assert("zam-898", !JF_ISSET(node, JNODE_OVRWR));
-+
-+ if (JF_ISSET(node, JNODE_WRITEBACK)) {
-+ /* move node to the end of atom's writeback list */
-+ list_move_tail(&node->capture_link, ATOM_WB_LIST(atom));
-+
-+ /*
-+ * jnode is not necessarily on dirty list: if it was dirtied when
-+ * it was on flush queue - it does not get moved to dirty list
-+ */
-+ ON_DEBUG(count_jnode(atom, node, NODE_LIST(node),
-+ WB_LIST, 1));
-+
-+ } else if (jnode_is_znode(node)
-+ && znode_above_root(JZNODE(node))) {
-+ /*
-+ * A special case for znode-above-root. The above-root (fake)
-+ * znode is captured and dirtied when the tree height changes or
-+ * when the root node is relocated. This causes atoms to fuse so
-+ * that changes at the root are serialized. However, this node is
-+ * never flushed. This special case used to be in lock.c to
-+ * prevent the above-root node from ever being captured, but now
-+ * that it is captured we simply prevent it from flushing. The
-+ * log-writer code relies on this to properly log superblock
-+ * modifications of the tree height.
-+ */
-+ jnode_make_wander_nolock(node);
-+ } else if (JF_ISSET(node, JNODE_RELOC)) {
-+ queue_jnode(fq, node);
-+ ++(*nr_queued);
-+ } else
-+ break;
-+
-+ spin_unlock_jnode(node);
-+ }
-+ return node;
-+}
-+
-+
-+/* Flush some nodes of current atom, usually slum, return -E_REPEAT if there are more nodes
-+ * to flush, return 0 if atom's dirty lists empty and keep current atom locked, return
-+ * other errors as they are. */
-+int
-+flush_current_atom(int flags, long nr_to_write, long *nr_submitted,
-+ txn_atom ** atom, jnode *start)
-+{
-+ reiser4_super_info_data *sinfo = get_current_super_private();
-+ flush_queue_t *fq = NULL;
-+ jnode *node;
-+ int nr_queued;
-+ int ret;
-+
-+ assert("zam-889", atom != NULL && *atom != NULL);
-+ assert_spin_locked(&((*atom)->alock));
-+ assert("zam-892", get_current_context()->trans->atom == *atom);
-+
-+ nr_to_write = LONG_MAX;
-+ while (1) {
-+ ret = fq_by_atom(*atom, &fq);
-+ if (ret != -E_REPEAT)
-+ break;
-+ *atom = get_current_atom_locked();
-+ }
-+ if (ret)
-+ return ret;
-+
-+ assert_spin_locked(&((*atom)->alock));
-+
-+ /* parallel flushers limit */
-+ if (sinfo->tmgr.atom_max_flushers != 0) {
-+ while ((*atom)->nr_flushers >= sinfo->tmgr.atom_max_flushers) {
-+ /* An atom_send_event() call is inside fq_put_nolock() which is
-+ called when flush is finished and nr_flushers is
-+ decremented. */
-+ atom_wait_event(*atom);
-+ *atom = get_current_atom_locked();
-+ }
-+ }
-+
-+ /* count ourself as a flusher */
-+ (*atom)->nr_flushers++;
-+
-+ writeout_mode_enable();
-+
-+ nr_queued = 0;
-+ node = find_flush_start_jnode(start, *atom, fq, &nr_queued, flags);
-+
-+ if (node == NULL) {
-+ if (nr_queued == 0) {
-+ (*atom)->nr_flushers--;
-+ fq_put_nolock(fq);
-+ atom_send_event(*atom);
-+ /* current atom remains locked */
-+ writeout_mode_disable();
-+ return 0;
-+ }
-+ spin_unlock_atom(*atom);
-+ } else {
-+ jref(node);
-+ BUG_ON((*atom)->super != node->tree->super);
-+ spin_unlock_atom(*atom);
-+ spin_unlock_jnode(node);
-+ BUG_ON(nr_to_write == 0);
-+ ret = jnode_flush(node, nr_to_write, nr_submitted, fq, flags);
-+ jput(node);
-+ }
-+
-+ ret =
-+ write_fq(fq, nr_submitted,
-+ WRITEOUT_SINGLE_STREAM | WRITEOUT_FOR_PAGE_RECLAIM);
-+
-+ *atom = get_current_atom_locked();
-+ (*atom)->nr_flushers--;
-+ fq_put_nolock(fq);
-+ atom_send_event(*atom);
-+ spin_unlock_atom(*atom);
-+
-+ writeout_mode_disable();
-+
-+ if (ret == 0)
-+ ret = -E_REPEAT;
-+
-+ return ret;
-+}
-+
-+/* REVERSE PARENT-FIRST RELOCATION POLICIES */
-+
-+/* This implements the is-it-close-enough-to-its-preceder? test for relocation in the
-+ reverse parent-first relocate context. Here all we know is the preceder and the block
-+ number. Since we are going in reverse, the preceder may still be relocated as well, so
-+ we can't ask the block allocator "is there a closer block available to relocate?" here.
-+ In the _forward_ parent-first relocate context (not here) we actually call the block
-+ allocator to try and find a closer location. */
-+static int
-+reverse_relocate_if_close_enough(const reiser4_block_nr * pblk,
-+ const reiser4_block_nr * nblk)
-+{
-+ reiser4_block_nr dist;
-+
-+ assert("jmacd-7710", *pblk != 0 && *nblk != 0);
-+ assert("jmacd-7711", !blocknr_is_fake(pblk));
-+ assert("jmacd-7712", !blocknr_is_fake(nblk));
-+
-+ /* Distance is the absolute value. */
-+ dist = (*pblk > *nblk) ? (*pblk - *nblk) : (*nblk - *pblk);
-+
-+ /* If the block is less than FLUSH_RELOCATE_DISTANCE blocks away from its preceder
-+ block, do not relocate. */
-+ if (dist <= get_current_super_private()->flush.relocate_distance) {
-+ return 0;
-+ }
-+
-+ return 1;
-+}
-+
-+/* This function is a predicate that tests for relocation. Always called in the
-+ reverse-parent-first context, when we are asking whether the current node should be
-+ relocated in order to expand the flush by dirtying the parent level (and thus
-+ proceeding to flush that level). When traversing in the forward parent-first direction
-+ (not here), relocation decisions are handled in two places: allocate_znode() and
-+ extent_needs_allocation(). */
-+static int
-+reverse_relocate_test(jnode * node, const coord_t * parent_coord,
-+ flush_pos_t * pos)
-+{
-+ reiser4_block_nr pblk = 0;
-+ reiser4_block_nr nblk = 0;
-+
-+ assert("jmacd-8989", !jnode_is_root(node));
-+
-+ /*
-+ * This function is called only from the
-+ * reverse_relocate_check_dirty_parent() and only if the parent
-+ * node is clean. This implies that the parent has the real (i.e., not
-+ * fake) block number, and, so does the child, because otherwise the
-+ * parent would be dirty.
-+ */
-+
-+ /* New nodes are treated as if they are being relocated. */
-+ if (JF_ISSET (node, JNODE_CREATED) ||
-+ (pos->leaf_relocate && jnode_get_level(node) == LEAF_LEVEL)) {
-+ return 1;
-+ }
-+
-+ /* Find the preceder. FIXME(B): When the child is an unformatted, previously
-+ existing node, the coord may be leftmost even though the child is not the
-+ parent-first preceder of the parent. If the first dirty node appears somewhere
-+ in the middle of the first extent unit, this preceder calculation is wrong.
-+ Needs more logic in here. */
-+ if (coord_is_leftmost_unit(parent_coord)) {
-+ pblk = *znode_get_block(parent_coord->node);
-+ } else {
-+ pblk = pos->preceder.blk;
-+ }
-+ check_preceder(pblk);
-+
-+ /* If (pblk == 0) then the preceder isn't allocated or isn't known: relocate. */
-+ if (pblk == 0) {
-+ return 1;
-+ }
-+
-+ nblk = *jnode_get_block(node);
-+
-+ if (blocknr_is_fake(&nblk))
-+ /* child is unallocated, mark parent dirty */
-+ return 1;
-+
-+ return reverse_relocate_if_close_enough(&pblk, &nblk);
-+}
-+
-+/* This function calls reverse_relocate_test to make a reverse-parent-first
-+ relocation decision and then, if yes, it marks the parent dirty. */
-+static int
-+reverse_relocate_check_dirty_parent(jnode * node, const coord_t * parent_coord,
-+ flush_pos_t * pos)
-+{
-+ int ret;
-+
-+ if (!JF_ISSET(ZJNODE(parent_coord->node), JNODE_DIRTY)) {
-+
-+ ret = reverse_relocate_test(node, parent_coord, pos);
-+ if (ret < 0) {
-+ return ret;
-+ }
-+
-+ /* FIXME-ZAM
-+ if parent is already relocated - we do not want to grab space, right? */
-+ if (ret == 1) {
-+ int grabbed;
-+
-+ grabbed = get_current_context()->grabbed_blocks;
-+ if (reiser4_grab_space_force((__u64) 1, BA_RESERVED) !=
-+ 0)
-+ reiser4_panic("umka-1250",
-+ "No space left during flush.");
-+
-+ assert("jmacd-18923",
-+ znode_is_write_locked(parent_coord->node));
-+ znode_make_dirty(parent_coord->node);
-+ grabbed2free_mark(grabbed);
-+ }
-+ }
-+
-+ return 0;
-+}
-+
-+/* INITIAL ALLOCATE ANCESTORS STEP (REVERSE PARENT-FIRST ALLOCATION BEFORE FORWARD
-+ PARENT-FIRST LOOP BEGINS) */
-+
-+/* Get the leftmost child for given coord. */
-+static int get_leftmost_child_of_unit(const coord_t * coord, jnode ** child)
-+{
-+ int ret;
-+
-+ ret = item_utmost_child(coord, LEFT_SIDE, child);
-+
-+ if (ret)
-+ return ret;
-+
-+ if (IS_ERR(*child))
-+ return PTR_ERR(*child);
-+
-+ return 0;
-+}
-+
-+/* This step occurs after the left- and right-scans are completed, before starting the
-+ forward parent-first traversal. Here we attempt to allocate ancestors of the starting
-+ flush point, which means continuing in the reverse parent-first direction to the
-+ parent, grandparent, and so on (as long as the child is a leftmost child). This
-+ routine calls a recursive process, alloc_one_ancestor, which does the real work,
-+ except there is special-case handling here for the first ancestor, which may be a twig.
-+ At each level (here and alloc_one_ancestor), we check for relocation and then, if
-+ the child is a leftmost child, repeat at the next level. On the way back down (the
-+ recursion), we allocate the ancestors in parent-first order. */
-+static int alloc_pos_and_ancestors(flush_pos_t * pos)
-+{
-+ int ret = 0;
-+ lock_handle plock;
-+ load_count pload;
-+ coord_t pcoord;
-+
-+ if (znode_check_flushprepped(pos->lock.node))
-+ return 0;
-+
-+ coord_init_invalid(&pcoord, NULL);
-+ init_lh(&plock);
-+ init_load_count(&pload);
-+
-+ if (pos->state == POS_ON_EPOINT) {
-+ /* a special case for pos on twig level, where we already have
-+ a lock on parent node. */
-+ /* The parent may not be dirty, in which case we should decide
-+ whether to relocate the child now. If decision is made to
-+ relocate the child, the parent is marked dirty. */
-+ ret =
-+ reverse_relocate_check_dirty_parent(pos->child, &pos->coord,
-+ pos);
-+ if (ret)
-+ goto exit;
-+
-+ /* FIXME_NFQUCMPD: We only need to allocate the twig (if child
-+ is leftmost) and the leaf/child, so recursion is not needed.
-+ Levels above the twig will be allocated for
-+ write-optimization before the transaction commits. */
-+
-+ /* Do the recursive step, allocating zero or more of our
-+ * ancestors. */
-+ ret = alloc_one_ancestor(&pos->coord, pos);
-+
-+ } else {
-+ if (!znode_is_root(pos->lock.node)) {
-+ /* all formatted nodes except tree root */
-+ ret =
-+ reiser4_get_parent(&plock, pos->lock.node,
-+ ZNODE_WRITE_LOCK);
-+ if (ret)
-+ goto exit;
-+
-+ ret = incr_load_count_znode(&pload, plock.node);
-+ if (ret)
-+ goto exit;
-+
-+ ret =
-+ find_child_ptr(plock.node, pos->lock.node, &pcoord);
-+ if (ret)
-+ goto exit;
-+
-+ ret =
-+ reverse_relocate_check_dirty_parent(ZJNODE
-+ (pos->lock.
-+ node), &pcoord,
-+ pos);
-+ if (ret)
-+ goto exit;
-+
-+ ret = alloc_one_ancestor(&pcoord, pos);
-+ if (ret)
-+ goto exit;
-+ }
-+
-+ ret = allocate_znode(pos->lock.node, &pcoord, pos);
-+ }
-+ exit:
-+ done_load_count(&pload);
-+ done_lh(&plock);
-+ return ret;
-+}
-+
-+/* This is the recursive step described in alloc_pos_and_ancestors, above. Ignoring the
-+ call to set_preceder, which is the next function described, this checks if the
-+ child is a leftmost child and returns if it is not. If the child is a leftmost child
-+ it checks for relocation, possibly dirtying the parent. Then it performs the recursive
-+ step. */
-+static int alloc_one_ancestor(const coord_t * coord, flush_pos_t * pos)
-+{
-+ int ret = 0;
-+ lock_handle alock;
-+ load_count aload;
-+ coord_t acoord;
-+
-+ /* As we ascend at the left-edge of the region to flush, take this opportunity at
-+ the twig level to find our parent-first preceder unless we have already set
-+ it. */
-+ if (pos->preceder.blk == 0) {
-+ ret = set_preceder(coord, pos);
-+ if (ret != 0)
-+ return ret;
-+ }
-+
-+ /* If the ancestor is clean or already allocated, or if the child is not a
-+ leftmost child, stop going up, even leaving coord->node not flushprepped. */
-+ if (znode_check_flushprepped(coord->node)
-+ || !coord_is_leftmost_unit(coord))
-+ return 0;
-+
-+ init_lh(&alock);
-+ init_load_count(&aload);
-+ coord_init_invalid(&acoord, NULL);
-+
-+ /* Only ascend to the next level if it is a leftmost child, but write-lock the
-+ parent in case we will relocate the child. */
-+ if (!znode_is_root(coord->node)) {
-+
-+ ret =
-+ jnode_lock_parent_coord(ZJNODE(coord->node), &acoord,
-+ &alock, &aload, ZNODE_WRITE_LOCK,
-+ 0);
-+ if (ret != 0) {
-+ /* FIXME(C): check EINVAL, E_DEADLOCK */
-+ goto exit;
-+ }
-+
-+ ret =
-+ reverse_relocate_check_dirty_parent(ZJNODE(coord->node),
-+ &acoord, pos);
-+ if (ret != 0) {
-+ goto exit;
-+ }
-+
-+ /* Recursive call. */
-+ if (!znode_check_flushprepped(acoord.node)) {
-+ ret = alloc_one_ancestor(&acoord, pos);
-+ if (ret)
-+ goto exit;
-+ }
-+ }
-+
-+ /* Note: we call allocate with the parent write-locked (except at the root) in
-+ case we relocate the child, in which case it will modify the parent during this
-+ call. */
-+ ret = allocate_znode(coord->node, &acoord, pos);
-+
-+ exit:
-+ done_load_count(&aload);
-+ done_lh(&alock);
-+ return ret;
-+}
-+
-+/* During the reverse parent-first alloc_pos_and_ancestors process described above there is
-+ a call to this function at the twig level. During alloc_pos_and_ancestors we may ask:
-+ should this node be relocated (in reverse parent-first context)? We repeat this
-+ process as long as the child is the leftmost child, eventually reaching an ancestor of
-+ the flush point that is not a leftmost child. The preceder of that ancestors, which is
-+ not a leftmost child, is actually on the leaf level. The preceder of that block is the
-+ left-neighbor of the flush point. The preceder of that block is the rightmost child of
-+ the twig on the left. So, when alloc_pos_and_ancestors passes upward through the twig
-+ level, it stops momentarily to remember the block of the rightmost child of the twig on
-+ the left and sets it to the flush_position's preceder_hint.
-+
-+ There is one other place where we may set the flush_position's preceder hint, which is
-+ during scan-left.
-+*/
-+static int set_preceder(const coord_t * coord_in, flush_pos_t * pos)
-+{
-+ int ret;
-+ coord_t coord;
-+ lock_handle left_lock;
-+ load_count left_load;
-+
-+ coord_dup(&coord, coord_in);
-+
-+ init_lh(&left_lock);
-+ init_load_count(&left_load);
-+
-+ /* FIXME(B): Same FIXME as in "Find the preceder" in reverse_relocate_test.
-+ coord_is_leftmost_unit is not the right test if the unformatted child is in the
-+ middle of the first extent unit. */
-+ if (!coord_is_leftmost_unit(&coord)) {
-+ coord_prev_unit(&coord);
-+ } else {
-+ ret =
-+ reiser4_get_left_neighbor(&left_lock, coord.node,
-+ ZNODE_READ_LOCK, GN_SAME_ATOM);
-+ if (ret) {
-+ /* If we fail for any reason it doesn't matter because the
-+ preceder is only a hint. We are low-priority at this point, so
-+ this must be the case. */
-+ if (ret == -E_REPEAT || ret == -E_NO_NEIGHBOR ||
-+ ret == -ENOENT || ret == -EINVAL
-+ || ret == -E_DEADLOCK) {
-+ ret = 0;
-+ }
-+ goto exit;
-+ }
-+
-+ ret = incr_load_count_znode(&left_load, left_lock.node);
-+ if (ret)
-+ goto exit;
-+
-+ coord_init_last_unit(&coord, left_lock.node);
-+ }
-+
-+ ret =
-+ item_utmost_child_real_block(&coord, RIGHT_SIDE,
-+ &pos->preceder.blk);
-+ exit:
-+ check_preceder(pos->preceder.blk);
-+ done_load_count(&left_load);
-+ done_lh(&left_lock);
-+ return ret;
-+}
-+
-+/* MAIN SQUEEZE AND ALLOCATE LOOP (THREE BIG FUNCTIONS) */
-+
-+/* This procedure implements the outer loop of the flush algorithm. To put this in
-+ context, here is the general list of steps taken by the flush routine as a whole:
-+
-+ 1. Scan-left
-+ 2. Scan-right (maybe)
-+ 3. Allocate initial flush position and its ancestors
-+ 4. <handle extents>
-+ 5. <squeeze and next position and its ancestors to-the-right,
-+ then update position to-the-right>
-+ 6. <repeat from #4 until flush is stopped>
-+
-+ This procedure implements the loop in steps 4 through 6 in the above listing.
-+
-+ Step 4: if the current flush position is an extent item (position on the twig level),
-+ it allocates the extent (allocate_extent_item_in_place) then shifts to the next
-+ coordinate. If the next coordinate's leftmost child needs flushprep, we will continue.
-+ If the next coordinate is an internal item, we descend back to the leaf level,
-+ otherwise we repeat a step #4 (labeled ALLOC_EXTENTS below). If the "next coordinate"
-+ brings us past the end of the twig level, then we call
-+ reverse_relocate_end_of_twig to possibly dirty the next (right) twig, prior to
-+ step #5 which moves to the right.
-+
-+ Step 5: calls squalloc_changed_ancestors, which initiates a recursive call up the
-+ tree to allocate any ancestors of the next-right flush position that are not also
-+ ancestors of the current position. Those ancestors (in top-down order) are the next in
-+ parent-first order. We squeeze adjacent nodes on the way up until the right node and
-+ current node share the same parent, then allocate on the way back down. Finally, this
-+ step sets the flush position to the next-right node. Then repeat steps 4 and 5.
-+*/
-+
-+/* SQUEEZE CODE */
-+
-+/* squalloc_right_twig helper function, cut a range of extent items from
-+ cut node to->node from the beginning up to coord @to. */
-+static int squalloc_right_twig_cut(coord_t * to, reiser4_key * to_key,
-+ znode * left)
-+{
-+ coord_t from;
-+ reiser4_key from_key;
-+
-+ coord_init_first_unit(&from, to->node);
-+ item_key_by_coord(&from, &from_key);
-+
-+ return cut_node_content(&from, to, &from_key, to_key, NULL);
-+}
-+
-+/* Copy as much of the leading extents from @right to @left, allocating
-+ unallocated extents as they are copied. Returns SQUEEZE_TARGET_FULL or
-+ SQUEEZE_SOURCE_EMPTY when no more can be shifted. If the next item is an
-+ internal item it calls shift_one_internal_unit and may then return
-+ SUBTREE_MOVED. */
-+static int squeeze_right_twig(znode * left, znode * right, flush_pos_t * pos)
-+{
-+ int ret = SUBTREE_MOVED;
-+ coord_t coord; /* used to iterate over items */
-+ reiser4_key stop_key;
-+
-+ assert("jmacd-2008", !node_is_empty(right));
-+ coord_init_first_unit(&coord, right);
-+
-+ /* FIXME: can be optimized to cut once */
-+ while (!node_is_empty(coord.node) && item_is_extent(&coord)) {
-+ ON_DEBUG(void *vp);
-+
-+ assert("vs-1468", coord_is_leftmost_unit(&coord));
-+ ON_DEBUG(vp = shift_check_prepare(left, coord.node));
-+
-+ /* stop_key is used to find what was copied and what to cut */
-+ stop_key = *min_key();
-+ ret = squalloc_extent(left, &coord, pos, &stop_key);
-+ if (ret != SQUEEZE_CONTINUE) {
-+ ON_DEBUG(kfree(vp));
-+ break;
-+ }
-+ assert("vs-1465", !keyeq(&stop_key, min_key()));
-+
-+ /* Helper function to do the cutting. */
-+ set_key_offset(&stop_key, get_key_offset(&stop_key) - 1);
-+ check_me("vs-1466",
-+ squalloc_right_twig_cut(&coord, &stop_key, left) == 0);
-+
-+ ON_DEBUG(shift_check(vp, left, coord.node));
-+ }
-+
-+ if (node_is_empty(coord.node))
-+ ret = SQUEEZE_SOURCE_EMPTY;
-+
-+ if (ret == SQUEEZE_TARGET_FULL) {
-+ goto out;
-+ }
-+
-+ if (node_is_empty(right)) {
-+ /* The whole right node was copied into @left. */
-+ assert("vs-464", ret == SQUEEZE_SOURCE_EMPTY);
-+ goto out;
-+ }
-+
-+ coord_init_first_unit(&coord, right);
-+
-+ if (!item_is_internal(&coord)) {
-+ /* we do not want to squeeze anything else to left neighbor because "slum"
-+ is over */
-+ ret = SQUEEZE_TARGET_FULL;
-+ goto out;
-+ }
-+ assert("jmacd-433", item_is_internal(&coord));
-+
-+ /* Shift an internal unit. The child must be allocated before shifting any more
-+ extents, so we stop here. */
-+ ret = shift_one_internal_unit(left, right);
-+
-+ out:
-+ assert("jmacd-8612", ret < 0 || ret == SQUEEZE_TARGET_FULL
-+ || ret == SUBTREE_MOVED || ret == SQUEEZE_SOURCE_EMPTY);
-+
-+ if (ret == SQUEEZE_TARGET_FULL) {
-+ /* We submit prepped nodes here and expect that this @left twig
-+ * will not be modified again during this jnode_flush() call. */
-+ int ret1;
-+
-+ /* NOTE: seems like io is done under long term locks. */
-+ ret1 = write_prepped_nodes(pos);
-+ if (ret1 < 0)
-+ return ret1;
-+ }
-+
-+ return ret;
-+}
-+
-+#if REISER4_DEBUG
-+static void item_convert_invariant(flush_pos_t * pos)
-+{
-+ assert("edward-1225", coord_is_existing_item(&pos->coord));
-+ if (chaining_data_present(pos)) {
-+ item_plugin *iplug = item_convert_plug(pos);
-+
-+ assert("edward-1000",
-+ iplug == item_plugin_by_coord(&pos->coord));
-+ assert("edward-1001", iplug->f.convert != NULL);
-+ } else
-+ assert("edward-1226", pos->child == NULL);
-+}
-+#else
-+
-+#define item_convert_invariant(pos) noop
-+
-+#endif
-+
-+/* Scan node items starting from the first one and apply for each
-+ item its flush ->convert() method (if any). This method may
-+ resize/kill the item so the tree will be changed.
-+*/
-+static int convert_node(flush_pos_t * pos, znode * node)
-+{
-+ int ret = 0;
-+ item_plugin *iplug;
-+
-+ assert("edward-304", pos != NULL);
-+ assert("edward-305", pos->child == NULL);
-+ assert("edward-475", znode_convertible(node));
-+ assert("edward-669", znode_is_wlocked(node));
-+ assert("edward-1210", !node_is_empty(node));
-+
-+ if (znode_get_level(node) != LEAF_LEVEL)
-+ /* unsupported */
-+ goto exit;
-+
-+ coord_init_first_unit(&pos->coord, node);
-+
-+ while (1) {
-+ ret = 0;
-+ coord_set_to_left(&pos->coord);
-+ item_convert_invariant(pos);
-+
-+ iplug = item_plugin_by_coord(&pos->coord);
-+ assert("edward-844", iplug != NULL);
-+
-+ if (iplug->f.convert) {
-+ ret = iplug->f.convert(pos);
-+ if (ret)
-+ goto exit;
-+ }
-+ assert("edward-307", pos->child == NULL);
-+
-+ if (coord_next_item(&pos->coord)) {
-+ /* node is over */
-+
-+ if (!chaining_data_present(pos))
-+ /* finished this node */
-+ break;
-+ if (should_chain_next_node(pos)) {
-+ /* go to next node */
-+ move_chaining_data(pos, 0 /* to next node */ );
-+ break;
-+ }
-+ /* repeat this node */
-+ move_chaining_data(pos, 1 /* this node */ );
-+ continue;
-+ }
-+ /* Node is not over.
-+ Check if there is attached convert data.
-+ If so roll one item position back and repeat
-+ on this node
-+ */
-+ if (chaining_data_present(pos)) {
-+
-+ if (iplug != item_plugin_by_coord(&pos->coord))
-+ set_item_convert_count(pos, 0);
-+
-+ ret = coord_prev_item(&pos->coord);
-+ assert("edward-1003", !ret);
-+
-+ move_chaining_data(pos, 1 /* this node */ );
-+ }
-+ }
-+ JF_CLR(ZJNODE(node), JNODE_CONVERTIBLE);
-+ znode_make_dirty(node);
-+ exit:
-+ assert("edward-1004", !ret);
-+ return ret;
-+}
-+
-+/* Squeeze and allocate the right neighbor. This is called after @left and
-+ its current children have been squeezed and allocated already. This
-+ procedure's job is to squeeze and items from @right to @left.
-+
-+ If at the leaf level, use the shift_everything_left memcpy-optimized
-+ version of shifting (squeeze_right_leaf).
-+
-+ If at the twig level, extents are allocated as they are shifted from @right
-+ to @left (squalloc_right_twig).
-+
-+ At any other level, shift one internal item and return to the caller
-+ (squalloc_parent_first) so that the shifted-subtree can be processed in
-+ parent-first order.
-+
-+ When unit of internal item is moved, squeezing stops and SUBTREE_MOVED is
-+ returned. When all content of @right is squeezed, SQUEEZE_SOURCE_EMPTY is
-+ returned. If nothing can be moved into @left anymore, SQUEEZE_TARGET_FULL
-+ is returned.
-+*/
-+
-+static int squeeze_right_neighbor(flush_pos_t * pos, znode * left,
-+ znode * right)
-+{
-+ int ret;
-+
-+ /* FIXME it is possible to see empty hasn't-heard-banshee node in a
-+ * tree owing to error (for example, ENOSPC) in write */
-+ /* assert("jmacd-9321", !node_is_empty(left)); */
-+ assert("jmacd-9322", !node_is_empty(right));
-+ assert("jmacd-9323", znode_get_level(left) == znode_get_level(right));
-+
-+ switch (znode_get_level(left)) {
-+ case TWIG_LEVEL:
-+ /* Shift with extent allocating until either an internal item
-+ is encountered or everything is shifted or no free space
-+ left in @left */
-+ ret = squeeze_right_twig(left, right, pos);
-+ break;
-+
-+ default:
-+ /* All other levels can use shift_everything until we implement per-item
-+ flush plugins. */
-+ ret = squeeze_right_non_twig(left, right);
-+ break;
-+ }
-+
-+ assert("jmacd-2011", (ret < 0 ||
-+ ret == SQUEEZE_SOURCE_EMPTY
-+ || ret == SQUEEZE_TARGET_FULL
-+ || ret == SUBTREE_MOVED));
-+ return ret;
-+}
-+
-+static int squeeze_right_twig_and_advance_coord(flush_pos_t * pos,
-+ znode * right)
-+{
-+ int ret;
-+
-+ ret = squeeze_right_twig(pos->lock.node, right, pos);
-+ if (ret < 0)
-+ return ret;
-+ if (ret > 0) {
-+ coord_init_after_last_item(&pos->coord, pos->lock.node);
-+ return ret;
-+ }
-+
-+ coord_init_last_unit(&pos->coord, pos->lock.node);
-+ return 0;
-+}
-+
-+/* forward declaration */
-+static int squalloc_upper_levels(flush_pos_t *, znode *, znode *);
-+
-+/* do a fast check for "same parents" condition before calling
-+ * squalloc_upper_levels() */
-+static inline int check_parents_and_squalloc_upper_levels(flush_pos_t * pos,
-+ znode * left,
-+ znode * right)
-+{
-+ if (znode_same_parents(left, right))
-+ return 0;
-+
-+ return squalloc_upper_levels(pos, left, right);
-+}
-+
-+/* Check whether the parent of given @right node needs to be processes
-+ ((re)allocated) prior to processing of the child. If @left and @right do not
-+ share at least the parent of the @right is after the @left but before the
-+ @right in parent-first order, we have to (re)allocate it before the @right
-+ gets (re)allocated. */
-+static int squalloc_upper_levels(flush_pos_t * pos, znode * left, znode * right)
-+{
-+ int ret;
-+
-+ lock_handle left_parent_lock;
-+ lock_handle right_parent_lock;
-+
-+ load_count left_parent_load;
-+ load_count right_parent_load;
-+
-+ init_lh(&left_parent_lock);
-+ init_lh(&right_parent_lock);
-+
-+ init_load_count(&left_parent_load);
-+ init_load_count(&right_parent_load);
-+
-+ ret = reiser4_get_parent(&left_parent_lock, left, ZNODE_WRITE_LOCK);
-+ if (ret)
-+ goto out;
-+
-+ ret = reiser4_get_parent(&right_parent_lock, right, ZNODE_WRITE_LOCK);
-+ if (ret)
-+ goto out;
-+
-+ /* Check for same parents */
-+ if (left_parent_lock.node == right_parent_lock.node)
-+ goto out;
-+
-+ if (znode_check_flushprepped(right_parent_lock.node)) {
-+ /* Keep parent-first order. In the order, the right parent node stands
-+ before the @right node. If it is already allocated, we set the
-+ preceder (next block search start point) to its block number, @right
-+ node should be allocated after it.
-+
-+ However, preceder is set only if the right parent is on twig level.
-+ The explanation is the following: new branch nodes are allocated over
-+ already allocated children while the tree grows, it is difficult to
-+ keep tree ordered, we assume that only leaves and twings are correctly
-+ allocated. So, only twigs are used as a preceder for allocating of the
-+ rest of the slum. */
-+ if (znode_get_level(right_parent_lock.node) == TWIG_LEVEL) {
-+ pos->preceder.blk =
-+ *znode_get_block(right_parent_lock.node);
-+ check_preceder(pos->preceder.blk);
-+ }
-+ goto out;
-+ }
-+
-+ ret = incr_load_count_znode(&left_parent_load, left_parent_lock.node);
-+ if (ret)
-+ goto out;
-+
-+ ret = incr_load_count_znode(&right_parent_load, right_parent_lock.node);
-+ if (ret)
-+ goto out;
-+
-+ ret =
-+ squeeze_right_neighbor(pos, left_parent_lock.node,
-+ right_parent_lock.node);
-+ /* We stop if error. We stop if some items/units were shifted (ret == 0)
-+ * and thus @right changed its parent. It means we have not process
-+ * right_parent node prior to processing of @right. Positive return
-+ * values say that shifting items was not happen because of "empty
-+ * source" or "target full" conditions. */
-+ if (ret <= 0)
-+ goto out;
-+
-+ /* parent(@left) and parent(@right) may have different parents also. We
-+ * do a recursive call for checking that. */
-+ ret =
-+ check_parents_and_squalloc_upper_levels(pos, left_parent_lock.node,
-+ right_parent_lock.node);
-+ if (ret)
-+ goto out;
-+
-+ /* allocate znode when going down */
-+ ret = lock_parent_and_allocate_znode(right_parent_lock.node, pos);
-+
-+ out:
-+ done_load_count(&left_parent_load);
-+ done_load_count(&right_parent_load);
-+
-+ done_lh(&left_parent_lock);
-+ done_lh(&right_parent_lock);
-+
-+ return ret;
-+}
-+
-+/* Check the leftmost child "flushprepped" status, also returns true if child
-+ * node was not found in cache. */
-+static int leftmost_child_of_unit_check_flushprepped(const coord_t * coord)
-+{
-+ int ret;
-+ int prepped;
-+
-+ jnode *child;
-+
-+ ret = get_leftmost_child_of_unit(coord, &child);
-+
-+ if (ret)
-+ return ret;
-+
-+ if (child) {
-+ prepped = jnode_check_flushprepped(child);
-+ jput(child);
-+ } else {
-+ /* We consider not existing child as a node which slum
-+ processing should not continue to. Not cached node is clean,
-+ so it is flushprepped. */
-+ prepped = 1;
-+ }
-+
-+ return prepped;
-+}
-+
-+/* (re)allocate znode with automated getting parent node */
-+static int lock_parent_and_allocate_znode(znode * node, flush_pos_t * pos)
-+{
-+ int ret;
-+ lock_handle parent_lock;
-+ load_count parent_load;
-+ coord_t pcoord;
-+
-+ assert("zam-851", znode_is_write_locked(node));
-+
-+ init_lh(&parent_lock);
-+ init_load_count(&parent_load);
-+
-+ ret = reiser4_get_parent(&parent_lock, node, ZNODE_WRITE_LOCK);
-+ if (ret)
-+ goto out;
-+
-+ ret = incr_load_count_znode(&parent_load, parent_lock.node);
-+ if (ret)
-+ goto out;
-+
-+ ret = find_child_ptr(parent_lock.node, node, &pcoord);
-+ if (ret)
-+ goto out;
-+
-+ ret = allocate_znode(node, &pcoord, pos);
-+
-+ out:
-+ done_load_count(&parent_load);
-+ done_lh(&parent_lock);
-+ return ret;
-+}
-+
-+/* Process nodes on leaf level until unformatted node or rightmost node in the
-+ * slum reached. */
-+static int handle_pos_on_formatted(flush_pos_t * pos)
-+{
-+ int ret;
-+ lock_handle right_lock;
-+ load_count right_load;
-+
-+ init_lh(&right_lock);
-+ init_load_count(&right_load);
-+
-+ if (should_convert_node(pos, pos->lock.node)) {
-+ ret = convert_node(pos, pos->lock.node);
-+ if (ret)
-+ return ret;
-+ }
-+
-+ while (1) {
-+ ret =
-+ neighbor_in_slum(pos->lock.node, &right_lock, RIGHT_SIDE,
-+ ZNODE_WRITE_LOCK,
-+ !should_convert_next_node(pos,
-+ right_lock.
-+ node));
-+ if (ret)
-+ break;
-+
-+ /* we don't prep(allocate) nodes for flushing twice. This can be suboptimal, or it
-+ * can be optimal. For now we choose to live with the risk that it will
-+ * be suboptimal because it would be quite complex to code it to be
-+ * smarter. */
-+ if (znode_check_flushprepped(right_lock.node)
-+ && !znode_convertible(right_lock.node)) {
-+ assert("edward-1005",
-+ !should_convert_next_node(pos, right_lock.node));
-+ pos_stop(pos);
-+ break;
-+ }
-+
-+ ret = incr_load_count_znode(&right_load, right_lock.node);
-+ if (ret)
-+ break;
-+
-+ if (should_convert_node(pos, right_lock.node)) {
-+ ret = convert_node(pos, right_lock.node);
-+ if (ret)
-+ break;
-+ if (node_is_empty(right_lock.node)) {
-+ /* node became empty after converting, repeat */
-+ done_load_count(&right_load);
-+ done_lh(&right_lock);
-+ continue;
-+ }
-+ }
-+
-+ /* squeeze _before_ going upward. */
-+ ret =
-+ squeeze_right_neighbor(pos, pos->lock.node,
-+ right_lock.node);
-+ if (ret < 0)
-+ break;
-+
-+ if (znode_check_flushprepped(right_lock.node)) {
-+ if (should_convert_next_node(pos, right_lock.node)) {
-+ /* in spite of flushprepped status of the node,
-+ its right slum neighbor should be converted */
-+ assert("edward-953", convert_data(pos));
-+ assert("edward-954", item_convert_data(pos));
-+
-+ if (node_is_empty(right_lock.node)) {
-+ done_load_count(&right_load);
-+ done_lh(&right_lock);
-+ } else
-+ move_flush_pos(pos, &right_lock,
-+ &right_load, NULL);
-+ continue;
-+ }
-+ pos_stop(pos);
-+ break;
-+ }
-+
-+ if (node_is_empty(right_lock.node)) {
-+ /* repeat if right node was squeezed completely */
-+ done_load_count(&right_load);
-+ done_lh(&right_lock);
-+ continue;
-+ }
-+
-+ /* parent(right_lock.node) has to be processed before
-+ * (right_lock.node) due to "parent-first" allocation order. */
-+ ret =
-+ check_parents_and_squalloc_upper_levels(pos, pos->lock.node,
-+ right_lock.node);
-+ if (ret)
-+ break;
-+ /* (re)allocate _after_ going upward */
-+ ret = lock_parent_and_allocate_znode(right_lock.node, pos);
-+ if (ret)
-+ break;
-+
-+ if (should_terminate_squalloc(pos)) {
-+ set_item_convert_count(pos, 0);
-+ break;
-+ }
-+
-+ /* advance the flush position to the right neighbor */
-+ move_flush_pos(pos, &right_lock, &right_load, NULL);
-+
-+ ret = rapid_flush(pos);
-+ if (ret)
-+ break;
-+ }
-+
-+ assert("edward-1006", !convert_data(pos) || !item_convert_data(pos));
-+
-+ done_load_count(&right_load);
-+ done_lh(&right_lock);
-+
-+ /* This function indicates via pos whether to stop or go to twig or continue on current
-+ * level. */
-+ return ret;
-+
-+}
-+
-+/* Process nodes on leaf level until unformatted node or rightmost node in the
-+ * slum reached. */
-+static int handle_pos_on_leaf(flush_pos_t * pos)
-+{
-+ int ret;
-+
-+ assert("zam-845", pos->state == POS_ON_LEAF);
-+
-+ ret = handle_pos_on_formatted(pos);
-+
-+ if (ret == -E_NO_NEIGHBOR) {
-+ /* cannot get right neighbor, go process extents. */
-+ pos->state = POS_TO_TWIG;
-+ return 0;
-+ }
-+
-+ return ret;
-+}
-+
-+/* Process slum on level > 1 */
-+static int handle_pos_on_internal(flush_pos_t * pos)
-+{
-+ assert("zam-850", pos->state == POS_ON_INTERNAL);
-+ return handle_pos_on_formatted(pos);
-+}
-+
-+/* check whether squalloc should stop before processing given extent */
-+static int squalloc_extent_should_stop(flush_pos_t * pos)
-+{
-+ assert("zam-869", item_is_extent(&pos->coord));
-+
-+ /* pos->child is a jnode handle_pos_on_extent() should start with in
-+ * stead of the first child of the first extent unit. */
-+ if (pos->child) {
-+ int prepped;
-+
-+ assert("vs-1383", jnode_is_unformatted(pos->child));
-+ prepped = jnode_check_flushprepped(pos->child);
-+ pos->pos_in_unit =
-+ jnode_get_index(pos->child) -
-+ extent_unit_index(&pos->coord);
-+ assert("vs-1470",
-+ pos->pos_in_unit < extent_unit_width(&pos->coord));
-+ assert("nikita-3434",
-+ ergo(extent_is_unallocated(&pos->coord),
-+ pos->pos_in_unit == 0));
-+ jput(pos->child);
-+ pos->child = NULL;
-+
-+ return prepped;
-+ }
-+
-+ pos->pos_in_unit = 0;
-+ if (extent_is_unallocated(&pos->coord))
-+ return 0;
-+
-+ return leftmost_child_of_unit_check_flushprepped(&pos->coord);
-+}
-+
-+/* Handle the case when regular reiser4 tree (znodes connected one to its
-+ * neighbors by sibling pointers) is interrupted on leaf level by one or more
-+ * unformatted nodes. By having a lock on twig level and use extent code
-+ * routines to process unformatted nodes we swim around an irregular part of
-+ * reiser4 tree. */
-+static int handle_pos_on_twig(flush_pos_t * pos)
-+{
-+ int ret;
-+
-+ assert("zam-844", pos->state == POS_ON_EPOINT);
-+ assert("zam-843", item_is_extent(&pos->coord));
-+
-+ /* We decide should we continue slum processing with current extent
-+ unit: if leftmost child of current extent unit is flushprepped
-+ (i.e. clean or already processed by flush) we stop squalloc(). There
-+ is a fast check for unallocated extents which we assume contain all
-+ not flushprepped nodes. */
-+ /* FIXME: Here we implement simple check, we are only looking on the
-+ leftmost child. */
-+ ret = squalloc_extent_should_stop(pos);
-+ if (ret != 0) {
-+ pos_stop(pos);
-+ return ret;
-+ }
-+
-+ while (pos_valid(pos) && coord_is_existing_unit(&pos->coord)
-+ && item_is_extent(&pos->coord)) {
-+ ret = alloc_extent(pos);
-+ if (ret) {
-+ break;
-+ }
-+ coord_next_unit(&pos->coord);
-+ }
-+
-+ if (coord_is_after_rightmost(&pos->coord)) {
-+ pos->state = POS_END_OF_TWIG;
-+ return 0;
-+ }
-+ if (item_is_internal(&pos->coord)) {
-+ pos->state = POS_TO_LEAF;
-+ return 0;
-+ }
-+
-+ assert("zam-860", item_is_extent(&pos->coord));
-+
-+ /* "slum" is over */
-+ pos->state = POS_INVALID;
-+ return 0;
-+}
-+
-+/* When we about to return flush position from twig to leaf level we can process
-+ * the right twig node or move position to the leaf. This processes right twig
-+ * if it is possible and jump to leaf level if not. */
-+static int handle_pos_end_of_twig(flush_pos_t * pos)
-+{
-+ int ret;
-+ lock_handle right_lock;
-+ load_count right_load;
-+ coord_t at_right;
-+ jnode *child = NULL;
-+
-+ assert("zam-848", pos->state == POS_END_OF_TWIG);
-+ assert("zam-849", coord_is_after_rightmost(&pos->coord));
-+
-+ init_lh(&right_lock);
-+ init_load_count(&right_load);
-+
-+ /* We get a lock on the right twig node even it is not dirty because
-+ * slum continues or discontinues on leaf level not on next twig. This
-+ * lock on the right twig is needed for getting its leftmost child. */
-+ ret =
-+ reiser4_get_right_neighbor(&right_lock, pos->lock.node,
-+ ZNODE_WRITE_LOCK, GN_SAME_ATOM);
-+ if (ret)
-+ goto out;
-+
-+ ret = incr_load_count_znode(&right_load, right_lock.node);
-+ if (ret)
-+ goto out;
-+
-+ /* right twig could be not dirty */
-+ if (JF_ISSET(ZJNODE(right_lock.node), JNODE_DIRTY)) {
-+ /* If right twig node is dirty we always attempt to squeeze it
-+ * content to the left... */
-+ became_dirty:
-+ ret =
-+ squeeze_right_twig_and_advance_coord(pos, right_lock.node);
-+ if (ret <= 0) {
-+ /* pos->coord is on internal item, go to leaf level, or
-+ * we have an error which will be caught in squalloc() */
-+ pos->state = POS_TO_LEAF;
-+ goto out;
-+ }
-+
-+ /* If right twig was squeezed completely we wave to re-lock
-+ * right twig. now it is done through the top-level squalloc
-+ * routine. */
-+ if (node_is_empty(right_lock.node))
-+ goto out;
-+
-+ /* ... and prep it if it is not yet prepped */
-+ if (!znode_check_flushprepped(right_lock.node)) {
-+ /* As usual, process parent before ... */
-+ ret =
-+ check_parents_and_squalloc_upper_levels(pos,
-+ pos->lock.
-+ node,
-+ right_lock.
-+ node);
-+ if (ret)
-+ goto out;
-+
-+ /* ... processing the child */
-+ ret =
-+ lock_parent_and_allocate_znode(right_lock.node,
-+ pos);
-+ if (ret)
-+ goto out;
-+ }
-+ } else {
-+ coord_init_first_unit(&at_right, right_lock.node);
-+
-+ /* check first child of next twig, should we continue there ? */
-+ ret = get_leftmost_child_of_unit(&at_right, &child);
-+ if (ret || child == NULL || jnode_check_flushprepped(child)) {
-+ pos_stop(pos);
-+ goto out;
-+ }
-+
-+ /* check clean twig for possible relocation */
-+ if (!znode_check_flushprepped(right_lock.node)) {
-+ ret =
-+ reverse_relocate_check_dirty_parent(child,
-+ &at_right, pos);
-+ if (ret)
-+ goto out;
-+ if (JF_ISSET(ZJNODE(right_lock.node), JNODE_DIRTY))
-+ goto became_dirty;
-+ }
-+ }
-+
-+ assert("zam-875", znode_check_flushprepped(right_lock.node));
-+
-+ /* Update the preceder by a block number of just processed right twig
-+ * node. The code above could miss the preceder updating because
-+ * allocate_znode() could not be called for this node. */
-+ pos->preceder.blk = *znode_get_block(right_lock.node);
-+ check_preceder(pos->preceder.blk);
-+
-+ coord_init_first_unit(&at_right, right_lock.node);
-+ assert("zam-868", coord_is_existing_unit(&at_right));
-+
-+ pos->state = item_is_extent(&at_right) ? POS_ON_EPOINT : POS_TO_LEAF;
-+ move_flush_pos(pos, &right_lock, &right_load, &at_right);
-+
-+ out:
-+ done_load_count(&right_load);
-+ done_lh(&right_lock);
-+
-+ if (child)
-+ jput(child);
-+
-+ return ret;
-+}
-+
-+/* Move the pos->lock to leaf node pointed by pos->coord, check should we
-+ * continue there. */
-+static int handle_pos_to_leaf(flush_pos_t * pos)
-+{
-+ int ret;
-+ lock_handle child_lock;
-+ load_count child_load;
-+ jnode *child;
-+
-+ assert("zam-846", pos->state == POS_TO_LEAF);
-+ assert("zam-847", item_is_internal(&pos->coord));
-+
-+ init_lh(&child_lock);
-+ init_load_count(&child_load);
-+
-+ ret = get_leftmost_child_of_unit(&pos->coord, &child);
-+ if (ret)
-+ return ret;
-+ if (child == NULL) {
-+ pos_stop(pos);
-+ return 0;
-+ }
-+
-+ if (jnode_check_flushprepped(child)) {
-+ pos->state = POS_INVALID;
-+ goto out;
-+ }
-+
-+ ret =
-+ longterm_lock_znode(&child_lock, JZNODE(child), ZNODE_WRITE_LOCK,
-+ ZNODE_LOCK_LOPRI);
-+ if (ret)
-+ goto out;
-+
-+ ret = incr_load_count_znode(&child_load, JZNODE(child));
-+ if (ret)
-+ goto out;
-+
-+ ret = allocate_znode(JZNODE(child), &pos->coord, pos);
-+ if (ret)
-+ goto out;
-+
-+ /* move flush position to leaf level */
-+ pos->state = POS_ON_LEAF;
-+ move_flush_pos(pos, &child_lock, &child_load, NULL);
-+
-+ if (node_is_empty(JZNODE(child))) {
-+ ret = delete_empty_node(JZNODE(child));
-+ pos->state = POS_INVALID;
-+ }
-+ out:
-+ done_load_count(&child_load);
-+ done_lh(&child_lock);
-+ jput(child);
-+
-+ return ret;
-+}
-+
-+/* move pos from leaf to twig, and move lock from leaf to twig. */
-+/* Move pos->lock to upper (twig) level */
-+static int handle_pos_to_twig(flush_pos_t * pos)
-+{
-+ int ret;
-+
-+ lock_handle parent_lock;
-+ load_count parent_load;
-+ coord_t pcoord;
-+
-+ assert("zam-852", pos->state == POS_TO_TWIG);
-+
-+ init_lh(&parent_lock);
-+ init_load_count(&parent_load);
-+
-+ ret =
-+ reiser4_get_parent(&parent_lock, pos->lock.node, ZNODE_WRITE_LOCK);
-+ if (ret)
-+ goto out;
-+
-+ ret = incr_load_count_znode(&parent_load, parent_lock.node);
-+ if (ret)
-+ goto out;
-+
-+ ret = find_child_ptr(parent_lock.node, pos->lock.node, &pcoord);
-+ if (ret)
-+ goto out;
-+
-+ assert("zam-870", item_is_internal(&pcoord));
-+ coord_next_item(&pcoord);
-+
-+ if (coord_is_after_rightmost(&pcoord))
-+ pos->state = POS_END_OF_TWIG;
-+ else if (item_is_extent(&pcoord))
-+ pos->state = POS_ON_EPOINT;
-+ else {
-+ /* Here we understand that getting -E_NO_NEIGHBOR in
-+ * handle_pos_on_leaf() was because of just a reaching edge of
-+ * slum */
-+ pos_stop(pos);
-+ goto out;
-+ }
-+
-+ move_flush_pos(pos, &parent_lock, &parent_load, &pcoord);
-+
-+ out:
-+ done_load_count(&parent_load);
-+ done_lh(&parent_lock);
-+
-+ return ret;
-+}
-+
-+typedef int (*pos_state_handle_t) (flush_pos_t *);
-+static pos_state_handle_t flush_pos_handlers[] = {
-+ /* process formatted nodes on leaf level, keep lock on a leaf node */
-+ [POS_ON_LEAF] = handle_pos_on_leaf,
-+ /* process unformatted nodes, keep lock on twig node, pos->coord points to extent currently
-+ * being processed */
-+ [POS_ON_EPOINT] = handle_pos_on_twig,
-+ /* move a lock from leaf node to its parent for further processing of unformatted nodes */
-+ [POS_TO_TWIG] = handle_pos_to_twig,
-+ /* move a lock from twig to leaf level when a processing of unformatted nodes finishes,
-+ * pos->coord points to the leaf node we jump to */
-+ [POS_TO_LEAF] = handle_pos_to_leaf,
-+ /* after processing last extent in the twig node, attempting to shift items from the twigs
-+ * right neighbor and process them while shifting */
-+ [POS_END_OF_TWIG] = handle_pos_end_of_twig,
-+ /* process formatted nodes on internal level, keep lock on an internal node */
-+ [POS_ON_INTERNAL] = handle_pos_on_internal
-+};
-+
-+/* Advance flush position horizontally, prepare for flushing ((re)allocate, squeeze,
-+ * encrypt) nodes and their ancestors in "parent-first" order */
-+static int squalloc(flush_pos_t * pos)
-+{
-+ int ret = 0;
-+
-+ /* maybe needs to be made a case statement with handle_pos_on_leaf as first case, for
-+ * greater CPU efficiency? Measure and see.... -Hans */
-+ while (pos_valid(pos)) {
-+ ret = flush_pos_handlers[pos->state] (pos);
-+ if (ret < 0)
-+ break;
-+
-+ ret = rapid_flush(pos);
-+ if (ret)
-+ break;
-+ }
-+
-+ /* any positive value or -E_NO_NEIGHBOR are legal return codes for handle_pos*
-+ routines, -E_NO_NEIGHBOR means that slum edge was reached */
-+ if (ret > 0 || ret == -E_NO_NEIGHBOR)
-+ ret = 0;
-+
-+ return ret;
-+}
-+
-+static void update_ldkey(znode * node)
-+{
-+ reiser4_key ldkey;
-+
-+ assert_rw_write_locked(&(znode_get_tree(node)->dk_lock));
-+ if (node_is_empty(node))
-+ return;
-+
-+ znode_set_ld_key(node, leftmost_key_in_node(node, &ldkey));
-+}
-+
-+/* this is to be called after calling of shift node's method to shift data from @right to
-+ @left. It sets left delimiting keys of @left and @right to keys of first items of @left
-+ and @right correspondingly and sets right delimiting key of @left to first key of @right */
-+static void update_znode_dkeys(znode * left, znode * right)
-+{
-+ assert_rw_write_locked(&(znode_get_tree(right)->dk_lock));
-+ assert("vs-1629", (znode_is_write_locked(left) &&
-+ znode_is_write_locked(right)));
-+
-+ /* we need to update left delimiting of left if it was empty before shift */
-+ update_ldkey(left);
-+ update_ldkey(right);
-+ if (node_is_empty(right))
-+ znode_set_rd_key(left, znode_get_rd_key(right));
-+ else
-+ znode_set_rd_key(left, znode_get_ld_key(right));
-+}
-+
-+/* try to shift everything from @right to @left. If everything was shifted -
-+ @right is removed from the tree. Result is the number of bytes shifted. */
-+static int
-+shift_everything_left(znode * right, znode * left, carry_level * todo)
-+{
-+ coord_t from;
-+ node_plugin *nplug;
-+ carry_plugin_info info;
-+
-+ coord_init_after_last_item(&from, right);
-+
-+ nplug = node_plugin_by_node(right);
-+ info.doing = NULL;
-+ info.todo = todo;
-+ return nplug->shift(&from, left, SHIFT_LEFT,
-+ 1 /* delete @right if it becomes empty */ ,
-+ 1
-+ /* move coord @from to node @left if everything will be shifted */
-+ ,
-+ &info);
-+}
-+
-+/* Shift as much as possible from @right to @left using the memcpy-optimized
-+ shift_everything_left. @left and @right are formatted neighboring nodes on
-+ leaf level. */
-+static int squeeze_right_non_twig(znode * left, znode * right)
-+{
-+ int ret;
-+ carry_pool *pool;
-+ carry_level *todo;
-+
-+ assert("nikita-2246", znode_get_level(left) == znode_get_level(right));
-+
-+ if (!JF_ISSET(ZJNODE(left), JNODE_DIRTY) ||
-+ !JF_ISSET(ZJNODE(right), JNODE_DIRTY))
-+ return SQUEEZE_TARGET_FULL;
-+
-+ pool = init_carry_pool(sizeof(*pool) + 3 * sizeof(*todo));
-+ if (IS_ERR(pool))
-+ return PTR_ERR(pool);
-+ todo = (carry_level *) (pool + 1);
-+ init_carry_level(todo, pool);
-+
-+ ret = shift_everything_left(right, left, todo);
-+ if (ret > 0) {
-+ /* something was shifted */
-+ reiser4_tree *tree;
-+ __u64 grabbed;
-+
-+ znode_make_dirty(left);
-+ znode_make_dirty(right);
-+
-+ /* update delimiting keys of nodes which participated in
-+ shift. FIXME: it would be better to have this in shift
-+ node's operation. But it can not be done there. Nobody
-+ remembers why, though */
-+ tree = znode_get_tree(left);
-+ write_lock_dk(tree);
-+ update_znode_dkeys(left, right);
-+ write_unlock_dk(tree);
-+
-+ /* Carry is called to update delimiting key and, maybe, to remove empty
-+ node. */
-+ grabbed = get_current_context()->grabbed_blocks;
-+ ret = reiser4_grab_space_force(tree->height, BA_RESERVED);
-+ assert("nikita-3003", ret == 0); /* reserved space is exhausted. Ask Hans. */
-+ ret = carry(todo, NULL /* previous level */ );
-+ grabbed2free_mark(grabbed);
-+ } else {
-+ /* Shifting impossible, we return appropriate result code */
-+ ret =
-+ node_is_empty(right) ? SQUEEZE_SOURCE_EMPTY :
-+ SQUEEZE_TARGET_FULL;
-+ }
-+
-+ done_carry_pool(pool);
-+
-+ return ret;
-+}
-+
-+#if REISER4_DEBUG
-+static int sibling_link_is_ok(const znode *left, const znode *right)
-+{
-+ int result;
-+
-+ read_lock_tree(znode_get_tree(left));
-+ result = (left->right == right && left == right->left);
-+ read_unlock_tree(znode_get_tree(left));
-+ return result;
-+}
-+#endif
-+
-+/* Shift first unit of first item if it is an internal one. Return
-+ SQUEEZE_TARGET_FULL if it fails to shift an item, otherwise return
-+ SUBTREE_MOVED. */
-+static int shift_one_internal_unit(znode * left, znode * right)
-+{
-+ int ret;
-+ carry_pool *pool;
-+ carry_level *todo;
-+ coord_t *coord;
-+ carry_plugin_info *info;
-+ int size, moved;
-+
-+ assert("nikita-2247", znode_get_level(left) == znode_get_level(right));
-+ assert("nikita-2435", znode_is_write_locked(left));
-+ assert("nikita-2436", znode_is_write_locked(right));
-+ assert("nikita-2434", sibling_link_is_ok(left, right));
-+
-+ pool = init_carry_pool(sizeof(*pool) + 3 * sizeof(*todo) +
-+ sizeof(*coord) + sizeof(*info)
-+#if REISER4_DEBUG
-+ + sizeof(*coord) + 2 * sizeof(reiser4_key)
-+#endif
-+ );
-+ if (IS_ERR(pool))
-+ return PTR_ERR(pool);
-+ todo = (carry_level *) (pool + 1);
-+ init_carry_level(todo, pool);
-+
-+ coord = (coord_t *) (todo + 3);
-+ coord_init_first_unit(coord, right);
-+ info = (carry_plugin_info *) (coord + 1);
-+
-+#if REISER4_DEBUG
-+ if (!node_is_empty(left)) {
-+ coord_t *last;
-+ reiser4_key *right_key;
-+ reiser4_key *left_key;
-+
-+ last = (coord_t *) (info + 1);
-+ right_key = (reiser4_key *) (last + 1);
-+ left_key = right_key + 1;
-+ coord_init_last_unit(last, left);
-+
-+ assert("nikita-2463",
-+ keyle(item_key_by_coord(last, left_key),
-+ item_key_by_coord(coord, right_key)));
-+ }
-+#endif
-+
-+ assert("jmacd-2007", item_is_internal(coord));
-+
-+ size = item_length_by_coord(coord);
-+ info->todo = todo;
-+ info->doing = NULL;
-+
-+ ret = node_plugin_by_node(left)->shift(coord, left, SHIFT_LEFT,
-+ 1
-+ /* delete @right if it becomes empty */
-+ ,
-+ 0
-+ /* do not move coord @coord to node @left */
-+ ,
-+ info);
-+
-+ /* If shift returns positive, then we shifted the item. */
-+ assert("vs-423", ret <= 0 || size == ret);
-+ moved = (ret > 0);
-+
-+ if (moved) {
-+ /* something was moved */
-+ reiser4_tree *tree;
-+ int grabbed;
-+
-+ znode_make_dirty(left);
-+ znode_make_dirty(right);
-+ tree = znode_get_tree(left);
-+ write_lock_dk(tree);
-+ update_znode_dkeys(left, right);
-+ write_unlock_dk(tree);
-+
-+ /* reserve space for delimiting keys after shifting */
-+ grabbed = get_current_context()->grabbed_blocks;
-+ ret = reiser4_grab_space_force(tree->height, BA_RESERVED);
-+ assert("nikita-3003", ret == 0); /* reserved space is exhausted. Ask Hans. */
-+
-+ ret = carry(todo, NULL /* previous level */ );
-+ grabbed2free_mark(grabbed);
-+ }
-+
-+ done_carry_pool(pool);
-+
-+ if (ret != 0) {
-+ /* Shift or carry operation failed. */
-+ assert("jmacd-7325", ret < 0);
-+ return ret;
-+ }
-+
-+ return moved ? SUBTREE_MOVED : SQUEEZE_TARGET_FULL;
-+}
-+
-+/* Make the final relocate/wander decision during forward parent-first squalloc for a
-+ znode. For unformatted nodes this is done in plugin/item/extent.c:extent_needs_allocation(). */
-+static int
-+allocate_znode_loaded(znode * node,
-+ const coord_t * parent_coord, flush_pos_t * pos)
-+{
-+ int ret;
-+ reiser4_super_info_data *sbinfo = get_current_super_private();
-+ /* FIXME(D): We have the node write-locked and should have checked for !
-+ allocated() somewhere before reaching this point, but there can be a race, so
-+ this assertion is bogus. */
-+ assert("jmacd-7987", !jnode_check_flushprepped(ZJNODE(node)));
-+ assert("jmacd-7988", znode_is_write_locked(node));
-+ assert("jmacd-7989", coord_is_invalid(parent_coord)
-+ || znode_is_write_locked(parent_coord->node));
-+
-+ if (ZF_ISSET(node, JNODE_REPACK) || ZF_ISSET(node, JNODE_CREATED) ||
-+ znode_is_root(node) ||
-+ /* We have enough nodes to relocate no matter what. */
-+ (pos->leaf_relocate != 0 && znode_get_level(node) == LEAF_LEVEL)) {
-+ /* No need to decide with new nodes, they are treated the same as
-+ relocate. If the root node is dirty, relocate. */
-+ if (pos->preceder.blk == 0) {
-+ /* preceder is unknown and we have decided to relocate node --
-+ using of default value for search start is better than search
-+ from block #0. */
-+ get_blocknr_hint_default(&pos->preceder.blk);
-+ check_preceder(pos->preceder.blk);
-+ }
-+
-+ goto best_reloc;
-+
-+ } else if (pos->preceder.blk == 0) {
-+ /* If we don't know the preceder, leave it where it is. */
-+ jnode_make_wander(ZJNODE(node));
-+ } else {
-+ /* Make a decision based on block distance. */
-+ reiser4_block_nr dist;
-+ reiser4_block_nr nblk = *znode_get_block(node);
-+
-+ assert("jmacd-6172", !blocknr_is_fake(&nblk));
-+ assert("jmacd-6173", !blocknr_is_fake(&pos->preceder.blk));
-+ assert("jmacd-6174", pos->preceder.blk != 0);
-+
-+ if (pos->preceder.blk == nblk - 1) {
-+ /* Ideal. */
-+ jnode_make_wander(ZJNODE(node));
-+ } else {
-+
-+ dist =
-+ (nblk <
-+ pos->preceder.blk) ? (pos->preceder.blk -
-+ nblk) : (nblk -
-+ pos->preceder.blk);
-+
-+ /* See if we can find a closer block (forward direction only). */
-+ pos->preceder.max_dist =
-+ min((reiser4_block_nr) sbinfo->flush.
-+ relocate_distance, dist);
-+ pos->preceder.level = znode_get_level(node);
-+
-+ ret = allocate_znode_update(node, parent_coord, pos);
-+
-+ pos->preceder.max_dist = 0;
-+
-+ if (ret && (ret != -ENOSPC))
-+ return ret;
-+
-+ if (ret == 0) {
-+ /* Got a better allocation. */
-+ znode_make_reloc(node, pos->fq);
-+ } else if (dist < sbinfo->flush.relocate_distance) {
-+ /* The present allocation is good enough. */
-+ jnode_make_wander(ZJNODE(node));
-+ } else {
-+ /* Otherwise, try to relocate to the best position. */
-+ best_reloc:
-+ ret =
-+ allocate_znode_update(node, parent_coord,
-+ pos);
-+ if (ret != 0)
-+ return ret;
-+
-+ /* set JNODE_RELOC bit _after_ node gets allocated */
-+ znode_make_reloc(node, pos->fq);
-+ }
-+ }
-+ }
-+
-+ /* This is the new preceder. */
-+ pos->preceder.blk = *znode_get_block(node);
-+ check_preceder(pos->preceder.blk);
-+ pos->alloc_cnt += 1;
-+
-+ assert("jmacd-4277", !blocknr_is_fake(&pos->preceder.blk));
-+
-+ return 0;
-+}
-+
-+static int
-+allocate_znode(znode * node, const coord_t * parent_coord, flush_pos_t * pos)
-+{
-+ /*
-+ * perform znode allocation with znode pinned in memory to avoid races
-+ * with asynchronous emergency flush (which plays with
-+ * JNODE_FLUSH_RESERVED bit).
-+ */
-+ return WITH_DATA(node, allocate_znode_loaded(node, parent_coord, pos));
-+}
-+
-+/* A subroutine of allocate_znode, this is called first to see if there is a close
-+ position to relocate to. It may return ENOSPC if there is no close position. If there
-+ is no close position it may not relocate. This takes care of updating the parent node
-+ with the relocated block address. */
-+static int
-+allocate_znode_update(znode * node, const coord_t * parent_coord,
-+ flush_pos_t * pos)
-+{
-+ int ret;
-+ reiser4_block_nr blk;
-+ lock_handle uber_lock;
-+ int flush_reserved_used = 0;
-+ int grabbed;
-+ reiser4_context *ctx;
-+ reiser4_super_info_data *sbinfo;
-+
-+ init_lh(&uber_lock);
-+
-+ ctx = get_current_context();
-+ sbinfo = get_super_private(ctx->super);
-+
-+ grabbed = ctx->grabbed_blocks;
-+
-+ /* discard e-flush allocation */
-+ ret = zload(node);
-+ if (ret)
-+ return ret;
-+
-+ if (ZF_ISSET(node, JNODE_CREATED)) {
-+ assert("zam-816", blocknr_is_fake(znode_get_block(node)));
-+ pos->preceder.block_stage = BLOCK_UNALLOCATED;
-+ } else {
-+ pos->preceder.block_stage = BLOCK_GRABBED;
-+
-+ /* The disk space for relocating the @node is already reserved in "flush reserved"
-+ * counter if @node is leaf, otherwise we grab space using BA_RESERVED (means grab
-+ * space from whole disk not from only 95%). */
-+ if (znode_get_level(node) == LEAF_LEVEL) {
-+ /*
-+ * earlier (during do_jnode_make_dirty()) we decided
-+ * that @node can possibly go into overwrite set and
-+ * reserved block for its wandering location.
-+ */
-+ txn_atom *atom = get_current_atom_locked();
-+ assert("nikita-3449",
-+ ZF_ISSET(node, JNODE_FLUSH_RESERVED));
-+ flush_reserved2grabbed(atom, (__u64) 1);
-+ spin_unlock_atom(atom);
-+ /*
-+ * we are trying to move node into relocate
-+ * set. Allocation of relocated position "uses"
-+ * reserved block.
-+ */
-+ ZF_CLR(node, JNODE_FLUSH_RESERVED);
-+ flush_reserved_used = 1;
-+ } else {
-+ ret = reiser4_grab_space_force((__u64) 1, BA_RESERVED);
-+ if (ret != 0)
-+ goto exit;
-+ }
-+ }
-+
-+ /* We may do not use 5% of reserved disk space here and flush will not pack tightly. */
-+ ret = reiser4_alloc_block(&pos->preceder, &blk,
-+ BA_FORMATTED | BA_PERMANENT);
-+ if (ret)
-+ goto exit;
-+
-+ if (!ZF_ISSET(node, JNODE_CREATED) &&
-+ (ret =
-+ reiser4_dealloc_block(znode_get_block(node), 0,
-+ BA_DEFER | BA_FORMATTED)))
-+ goto exit;
-+
-+ if (likely(!znode_is_root(node))) {
-+ item_plugin *iplug;
-+
-+ iplug = item_plugin_by_coord(parent_coord);
-+ assert("nikita-2954", iplug->f.update != NULL);
-+ iplug->f.update(parent_coord, &blk);
-+
-+ znode_make_dirty(parent_coord->node);
-+
-+ } else {
-+ reiser4_tree *tree = znode_get_tree(node);
-+ znode *uber;
-+
-+ /* We take a longterm lock on the fake node in order to change
-+ the root block number. This may cause atom fusion. */
-+ ret = get_uber_znode(tree, ZNODE_WRITE_LOCK, ZNODE_LOCK_HIPRI,
-+ &uber_lock);
-+ /* The fake node cannot be deleted, and we must have priority
-+ here, and may not be confused with ENOSPC. */
-+ assert("jmacd-74412",
-+ ret != -EINVAL && ret != -E_DEADLOCK && ret != -ENOSPC);
-+
-+ if (ret)
-+ goto exit;
-+
-+ uber = uber_lock.node;
-+
-+ write_lock_tree(tree);
-+ tree->root_block = blk;
-+ write_unlock_tree(tree);
-+
-+ znode_make_dirty(uber);
-+ }
-+
-+ ret = znode_rehash(node, &blk);
-+ exit:
-+ if (ret) {
-+ /* Get flush reserved block back if something fails, because
-+ * callers assume that on error block wasn't relocated and its
-+ * flush reserved block wasn't used. */
-+ if (flush_reserved_used) {
-+ /*
-+ * ok, we failed to move node into relocate
-+ * set. Restore status quo.
-+ */
-+ grabbed2flush_reserved((__u64) 1);
-+ ZF_SET(node, JNODE_FLUSH_RESERVED);
-+ }
-+ }
-+ zrelse(node);
-+ done_lh(&uber_lock);
-+ grabbed2free_mark(grabbed);
-+ return ret;
-+}
-+
-+/* JNODE INTERFACE */
-+
-+/* Lock a node (if formatted) and then get its parent locked, set the child's
-+ coordinate in the parent. If the child is the root node, the above_root
-+ znode is returned but the coord is not set. This function may cause atom
-+ fusion, but it is only used for read locks (at this point) and therefore
-+ fusion only occurs when the parent is already dirty. */
-+/* Hans adds this note: remember to ask how expensive this operation is vs. storing parent
-+ pointer in jnodes. */
-+static int
-+jnode_lock_parent_coord(jnode * node,
-+ coord_t * coord,
-+ lock_handle * parent_lh,
-+ load_count * parent_zh,
-+ znode_lock_mode parent_mode, int try)
-+{
-+ int ret;
-+
-+ assert("edward-53", jnode_is_unformatted(node) || jnode_is_znode(node));
-+ assert("edward-54", jnode_is_unformatted(node)
-+ || znode_is_any_locked(JZNODE(node)));
-+
-+ if (!jnode_is_znode(node)) {
-+ reiser4_key key;
-+ tree_level stop_level = TWIG_LEVEL;
-+ lookup_bias bias = FIND_EXACT;
-+
-+ assert("edward-168", !(jnode_get_type(node) == JNODE_BITMAP));
-+
-+ /* The case when node is not znode, but can have parent coord
-+ (unformatted node, node which represents cluster page,
-+ etc..). Generate a key for the appropriate entry, search
-+ in the tree using coord_by_key, which handles locking for
-+ us. */
-+
-+ /*
-+ * nothing is locked at this moment, so, nothing prevents
-+ * concurrent truncate from removing jnode from inode. To
-+ * prevent this spin-lock jnode. jnode can be truncated just
-+ * after call to the jnode_build_key(), but this is ok,
-+ * because coord_by_key() will just fail to find appropriate
-+ * extent.
-+ */
-+ spin_lock_jnode(node);
-+ if (!JF_ISSET(node, JNODE_HEARD_BANSHEE)) {
-+ jnode_build_key(node, &key);
-+ ret = 0;
-+ } else
-+ ret = RETERR(-ENOENT);
-+ spin_unlock_jnode(node);
-+
-+ if (ret != 0)
-+ return ret;
-+
-+ if (jnode_is_cluster_page(node))
-+ stop_level = LEAF_LEVEL;
-+
-+ assert("jmacd-1812", coord != NULL);
-+
-+ ret = coord_by_key(jnode_get_tree(node), &key, coord, parent_lh,
-+ parent_mode, bias, stop_level, stop_level,
-+ CBK_UNIQUE, NULL /*ra_info */ );
-+ switch (ret) {
-+ case CBK_COORD_NOTFOUND:
-+ assert("edward-1038",
-+ ergo(jnode_is_cluster_page(node),
-+ JF_ISSET(node, JNODE_HEARD_BANSHEE)));
-+ if (!JF_ISSET(node, JNODE_HEARD_BANSHEE))
-+ warning("nikita-3177", "Parent not found");
-+ return ret;
-+ case CBK_COORD_FOUND:
-+ if (coord->between != AT_UNIT) {
-+ /* FIXME: comment needed */
-+ done_lh(parent_lh);
-+ if (!JF_ISSET(node, JNODE_HEARD_BANSHEE)) {
-+ warning("nikita-3178",
-+ "Found but not happy: %i",
-+ coord->between);
-+ }
-+ return RETERR(-ENOENT);
-+ }
-+ ret = incr_load_count_znode(parent_zh, parent_lh->node);
-+ if (ret != 0)
-+ return ret;
-+ /* if (jnode_is_cluster_page(node)) {
-+ races with write() are possible
-+ check_child_cluster (parent_lh->node);
-+ }
-+ */
-+ break;
-+ default:
-+ return ret;
-+ }
-+
-+ } else {
-+ int flags;
-+ znode *z;
-+
-+ z = JZNODE(node);
-+ /* Formatted node case: */
-+ assert("jmacd-2061", !znode_is_root(z));
-+
-+ flags = GN_ALLOW_NOT_CONNECTED;
-+ if (try)
-+ flags |= GN_TRY_LOCK;
-+
-+ ret =
-+ reiser4_get_parent_flags(parent_lh, z, parent_mode, flags);
-+ if (ret != 0)
-+ /* -E_REPEAT is ok here, it is handled by the caller. */
-+ return ret;
-+
-+ /* Make the child's position "hint" up-to-date. (Unless above
-+ root, which caller must check.) */
-+ if (coord != NULL) {
-+
-+ ret = incr_load_count_znode(parent_zh, parent_lh->node);
-+ if (ret != 0) {
-+ warning("jmacd-976812386",
-+ "incr_load_count_znode failed: %d",
-+ ret);
-+ return ret;
-+ }
-+
-+ ret = find_child_ptr(parent_lh->node, z, coord);
-+ if (ret != 0) {
-+ warning("jmacd-976812",
-+ "find_child_ptr failed: %d", ret);
-+ return ret;
-+ }
-+ }
-+ }
-+
-+ return 0;
-+}
-+
-+/* Get the (locked) next neighbor of a znode which is dirty and a member of the same atom.
-+ If there is no next neighbor or the neighbor is not in memory or if there is a
-+ neighbor but it is not dirty or not in the same atom, -E_NO_NEIGHBOR is returned.
-+ In some cases the slum may include nodes which are not dirty, if so @check_dirty should be 0 */
-+static int neighbor_in_slum(znode * node, /* starting point */
-+ lock_handle * lock, /* lock on starting point */
-+ sideof side, /* left or right direction we seek the next node in */
-+ znode_lock_mode mode, /* kind of lock we want */
-+ int check_dirty)
-+{ /* true if the neighbor should be dirty */
-+ int ret;
-+
-+ assert("jmacd-6334", znode_is_connected(node));
-+
-+ ret =
-+ reiser4_get_neighbor(lock, node, mode,
-+ GN_SAME_ATOM | (side ==
-+ LEFT_SIDE ? GN_GO_LEFT : 0));
-+
-+ if (ret) {
-+ /* May return -ENOENT or -E_NO_NEIGHBOR. */
-+ /* FIXME(C): check EINVAL, E_DEADLOCK */
-+ if (ret == -ENOENT) {
-+ ret = RETERR(-E_NO_NEIGHBOR);
-+ }
-+
-+ return ret;
-+ }
-+ if (!check_dirty)
-+ return 0;
-+ /* Check dirty bit of locked znode, no races here */
-+ if (JF_ISSET(ZJNODE(lock->node), JNODE_DIRTY))
-+ return 0;
-+
-+ done_lh(lock);
-+ return RETERR(-E_NO_NEIGHBOR);
-+}
-+
-+/* Return true if two znodes have the same parent. This is called with both nodes
-+ write-locked (for squeezing) so no tree lock is needed. */
-+static int znode_same_parents(znode * a, znode * b)
-+{
-+ int result;
-+
-+ assert("jmacd-7011", znode_is_write_locked(a));
-+ assert("jmacd-7012", znode_is_write_locked(b));
-+
-+ /* We lock the whole tree for this check.... I really don't like whole tree
-+ * locks... -Hans */
-+ read_lock_tree(znode_get_tree(a));
-+ result = (znode_parent(a) == znode_parent(b));
-+ read_unlock_tree(znode_get_tree(a));
-+ return result;
-+}
-+
-+/* FLUSH SCAN */
-+
-+/* Initialize the flush_scan data structure. */
-+static void scan_init(flush_scan * scan)
-+{
-+ memset(scan, 0, sizeof(*scan));
-+ init_lh(&scan->node_lock);
-+ init_lh(&scan->parent_lock);
-+ init_load_count(&scan->parent_load);
-+ init_load_count(&scan->node_load);
-+ coord_init_invalid(&scan->parent_coord, NULL);
-+}
-+
-+/* Release any resources held by the flush scan, e.g., release locks, free memory, etc. */
-+static void scan_done(flush_scan * scan)
-+{
-+ done_load_count(&scan->node_load);
-+ if (scan->node != NULL) {
-+ jput(scan->node);
-+ scan->node = NULL;
-+ }
-+ done_load_count(&scan->parent_load);
-+ done_lh(&scan->parent_lock);
-+ done_lh(&scan->node_lock);
-+}
-+
-+/* Returns true if flush scanning is finished. */
-+int scan_finished(flush_scan * scan)
-+{
-+ return scan->stop || (scan->direction == RIGHT_SIDE &&
-+ scan->count >= scan->max_count);
-+}
-+
-+/* Return true if the scan should continue to the @tonode. True if the node meets the
-+ same_slum_check condition. If not, deref the "left" node and stop the scan. */
-+int scan_goto(flush_scan * scan, jnode * tonode)
-+{
-+ int go = same_slum_check(scan->node, tonode, 1, 0);
-+
-+ if (!go) {
-+ scan->stop = 1;
-+ jput(tonode);
-+ }
-+
-+ return go;
-+}
-+
-+/* Set the current scan->node, refcount it, increment count by the @add_count (number to
-+ count, e.g., skipped unallocated nodes), deref previous current, and copy the current
-+ parent coordinate. */
-+int
-+scan_set_current(flush_scan * scan, jnode * node, unsigned add_count,
-+ const coord_t * parent)
-+{
-+ /* Release the old references, take the new reference. */
-+ done_load_count(&scan->node_load);
-+
-+ if (scan->node != NULL) {
-+ jput(scan->node);
-+ }
-+ scan->node = node;
-+ scan->count += add_count;
-+
-+ /* This next stmt is somewhat inefficient. The scan_extent_coord code could
-+ delay this update step until it finishes and update the parent_coord only once.
-+ It did that before, but there was a bug and this was the easiest way to make it
-+ correct. */
-+ if (parent != NULL) {
-+ coord_dup(&scan->parent_coord, parent);
-+ }
-+
-+ /* Failure may happen at the incr_load_count call, but the caller can assume the reference
-+ is safely taken. */
-+ return incr_load_count_jnode(&scan->node_load, node);
-+}
-+
-+/* Return true if scanning in the leftward direction. */
-+int scanning_left(flush_scan * scan)
-+{
-+ return scan->direction == LEFT_SIDE;
-+}
-+
-+/* Performs leftward scanning starting from either kind of node. Counts the starting
-+ node. The right-scan object is passed in for the left-scan in order to copy the parent
-+ of an unformatted starting position. This way we avoid searching for the unformatted
-+ node's parent when scanning in each direction. If we search for the parent once it is
-+ set in both scan objects. The limit parameter tells flush-scan when to stop.
-+
-+ Rapid scanning is used only during scan_left, where we are interested in finding the
-+ 'leftpoint' where we begin flushing. We are interested in stopping at the left child
-+ of a twig that does not have a dirty left neighbor. THIS IS A SPECIAL CASE. The
-+ problem is finding a way to flush only those nodes without unallocated children, and it
-+ is difficult to solve in the bottom-up flushing algorithm we are currently using. The
-+ problem can be solved by scanning left at every level as we go upward, but this would
-+ basically bring us back to using a top-down allocation strategy, which we already tried
-+ (see BK history from May 2002), and has a different set of problems. The top-down
-+ strategy makes avoiding unallocated children easier, but makes it difficult to
-+ propertly flush dirty children with clean parents that would otherwise stop the
-+ top-down flush, only later to dirty the parent once the children are flushed. So we
-+ solve the problem in the bottom-up algorithm with a special case for twigs and leaves
-+ only.
-+
-+ The first step in solving the problem is this rapid leftward scan. After we determine
-+ that there are at least enough nodes counted to qualify for FLUSH_RELOCATE_THRESHOLD we
-+ are no longer interested in the exact count, we are only interested in finding a the
-+ best place to start the flush. We could choose one of two possibilities:
-+
-+ 1. Stop at the leftmost child (of a twig) that does not have a dirty left neighbor.
-+ This requires checking one leaf per rapid-scan twig
-+
-+ 2. Stop at the leftmost child (of a twig) where there are no dirty children of the twig
-+ to the left. This requires checking possibly all of the in-memory children of each
-+ twig during the rapid scan.
-+
-+ For now we implement the first policy.
-+*/
-+static int
-+scan_left(flush_scan * scan, flush_scan * right, jnode * node, unsigned limit)
-+{
-+ int ret = 0;
-+
-+ scan->max_count = limit;
-+ scan->direction = LEFT_SIDE;
-+
-+ ret = scan_set_current(scan, jref(node), 1, NULL);
-+ if (ret != 0) {
-+ return ret;
-+ }
-+
-+ ret = scan_common(scan, right);
-+ if (ret != 0) {
-+ return ret;
-+ }
-+
-+ /* Before rapid scanning, we need a lock on scan->node so that we can get its
-+ parent, only if formatted. */
-+ if (jnode_is_znode(scan->node)) {
-+ ret = longterm_lock_znode(&scan->node_lock, JZNODE(scan->node),
-+ ZNODE_WRITE_LOCK, ZNODE_LOCK_LOPRI);
-+ }
-+
-+ /* Rapid_scan would go here (with limit set to FLUSH_RELOCATE_THRESHOLD). */
-+ return ret;
-+}
-+
-+/* Performs rightward scanning... Does not count the starting node. The limit parameter
-+ is described in scan_left. If the starting node is unformatted then the
-+ parent_coord was already set during scan_left. The rapid_after parameter is not used
-+ during right-scanning.
-+
-+ scan_right is only called if the scan_left operation does not count at least
-+ FLUSH_RELOCATE_THRESHOLD nodes for flushing. Otherwise, the limit parameter is set to
-+ the difference between scan-left's count and FLUSH_RELOCATE_THRESHOLD, meaning
-+ scan-right counts as high as FLUSH_RELOCATE_THRESHOLD and then stops. */
-+static int scan_right(flush_scan * scan, jnode * node, unsigned limit)
-+{
-+ int ret;
-+
-+ scan->max_count = limit;
-+ scan->direction = RIGHT_SIDE;
-+
-+ ret = scan_set_current(scan, jref(node), 0, NULL);
-+ if (ret != 0) {
-+ return ret;
-+ }
-+
-+ return scan_common(scan, NULL);
-+}
-+
-+/* Common code to perform left or right scanning. */
-+static int scan_common(flush_scan * scan, flush_scan * other)
-+{
-+ int ret;
-+
-+ assert("nikita-2376", scan->node != NULL);
-+ assert("edward-54", jnode_is_unformatted(scan->node)
-+ || jnode_is_znode(scan->node));
-+
-+ /* Special case for starting at an unformatted node. Optimization: we only want
-+ to search for the parent (which requires a tree traversal) once. Obviously, we
-+ shouldn't have to call it once for the left scan and once for the right scan.
-+ For this reason, if we search for the parent during scan-left we then duplicate
-+ the coord/lock/load into the scan-right object. */
-+ if (jnode_is_unformatted(scan->node)) {
-+ ret = scan_unformatted(scan, other);
-+ if (ret != 0)
-+ return ret;
-+ }
-+ /* This loop expects to start at a formatted position and performs chaining of
-+ formatted regions */
-+ while (!scan_finished(scan)) {
-+
-+ ret = scan_formatted(scan);
-+ if (ret != 0) {
-+ return ret;
-+ }
-+ }
-+
-+ return 0;
-+}
-+
-+static int scan_unformatted(flush_scan * scan, flush_scan * other)
-+{
-+ int ret = 0;
-+ int try = 0;
-+
-+ if (!coord_is_invalid(&scan->parent_coord))
-+ goto scan;
-+
-+ /* set parent coord from */
-+ if (!jnode_is_unformatted(scan->node)) {
-+ /* formatted position */
-+
-+ lock_handle lock;
-+ assert("edward-301", jnode_is_znode(scan->node));
-+ init_lh(&lock);
-+
-+ /*
-+ * when flush starts from unformatted node, first thing it
-+ * does is tree traversal to find formatted parent of starting
-+ * node. This parent is then kept lock across scans to the
-+ * left and to the right. This means that during scan to the
-+ * left we cannot take left-ward lock, because this is
-+ * dead-lock prone. So, if we are scanning to the left and
-+ * there is already lock held by this thread,
-+ * jnode_lock_parent_coord() should use try-lock.
-+ */
-+ try = scanning_left(scan)
-+ && !lock_stack_isclean(get_current_lock_stack());
-+ /* Need the node locked to get the parent lock, We have to
-+ take write lock since there is at least one call path
-+ where this znode is already write-locked by us. */
-+ ret =
-+ longterm_lock_znode(&lock, JZNODE(scan->node),
-+ ZNODE_WRITE_LOCK,
-+ scanning_left(scan) ? ZNODE_LOCK_LOPRI :
-+ ZNODE_LOCK_HIPRI);
-+ if (ret != 0)
-+ /* EINVAL or E_DEADLOCK here mean... try again! At this point we've
-+ scanned too far and can't back out, just start over. */
-+ return ret;
-+
-+ ret = jnode_lock_parent_coord(scan->node,
-+ &scan->parent_coord,
-+ &scan->parent_lock,
-+ &scan->parent_load,
-+ ZNODE_WRITE_LOCK, try);
-+
-+ /* FIXME(C): check EINVAL, E_DEADLOCK */
-+ done_lh(&lock);
-+ if (ret == -E_REPEAT) {
-+ scan->stop = 1;
-+ return 0;
-+ }
-+ if (ret)
-+ return ret;
-+
-+ } else {
-+ /* unformatted position */
-+
-+ ret =
-+ jnode_lock_parent_coord(scan->node, &scan->parent_coord,
-+ &scan->parent_lock,
-+ &scan->parent_load,
-+ ZNODE_WRITE_LOCK, try);
-+
-+ if (IS_CBKERR(ret))
-+ return ret;
-+
-+ if (ret == CBK_COORD_NOTFOUND)
-+ /* FIXME(C): check EINVAL, E_DEADLOCK */
-+ return ret;
-+
-+ /* parent was found */
-+ assert("jmacd-8661", other != NULL);
-+ /* Duplicate the reference into the other flush_scan. */
-+ coord_dup(&other->parent_coord, &scan->parent_coord);
-+ copy_lh(&other->parent_lock, &scan->parent_lock);
-+ copy_load_count(&other->parent_load, &scan->parent_load);
-+ }
-+ scan:
-+ return scan_by_coord(scan);
-+}
-+
-+/* Performs left- or rightward scanning starting from a formatted node. Follow left
-+ pointers under tree lock as long as:
-+
-+ - node->left/right is non-NULL
-+ - node->left/right is connected, dirty
-+ - node->left/right belongs to the same atom
-+ - scan has not reached maximum count
-+*/
-+static int scan_formatted(flush_scan * scan)
-+{
-+ int ret;
-+ znode *neighbor = NULL;
-+
-+ assert("jmacd-1401", !scan_finished(scan));
-+
-+ do {
-+ znode *node = JZNODE(scan->node);
-+
-+ /* Node should be connected, but if not stop the scan. */
-+ if (!znode_is_connected(node)) {
-+ scan->stop = 1;
-+ break;
-+ }
-+
-+ /* Lock the tree, check-for and reference the next sibling. */
-+ read_lock_tree(znode_get_tree(node));
-+
-+ /* It may be that a node is inserted or removed between a node and its
-+ left sibling while the tree lock is released, but the flush-scan count
-+ does not need to be precise. Thus, we release the tree lock as soon as
-+ we get the neighboring node. */
-+ neighbor = scanning_left(scan) ? node->left : node->right;
-+ if (neighbor != NULL) {
-+ zref(neighbor);
-+ }
-+
-+ read_unlock_tree(znode_get_tree(node));
-+
-+ /* If neighbor is NULL at the leaf level, need to check for an unformatted
-+ sibling using the parent--break in any case. */
-+ if (neighbor == NULL) {
-+ break;
-+ }
-+
-+ /* Check the condition for going left, break if it is not met. This also
-+ releases (jputs) the neighbor if false. */
-+ if (!scan_goto(scan, ZJNODE(neighbor))) {
-+ break;
-+ }
-+
-+ /* Advance the flush_scan state to the left, repeat. */
-+ ret = scan_set_current(scan, ZJNODE(neighbor), 1, NULL);
-+ if (ret != 0) {
-+ return ret;
-+ }
-+
-+ } while (!scan_finished(scan));
-+
-+ /* If neighbor is NULL then we reached the end of a formatted region, or else the
-+ sibling is out of memory, now check for an extent to the left (as long as
-+ LEAF_LEVEL). */
-+ if (neighbor != NULL || jnode_get_level(scan->node) != LEAF_LEVEL
-+ || scan_finished(scan)) {
-+ scan->stop = 1;
-+ return 0;
-+ }
-+ /* Otherwise, calls scan_by_coord for the right(left)most item of the
-+ left(right) neighbor on the parent level, then possibly continue. */
-+
-+ coord_init_invalid(&scan->parent_coord, NULL);
-+ return scan_unformatted(scan, NULL);
-+}
-+
-+/* NOTE-EDWARD:
-+ This scans adjacent items of the same type and calls scan flush plugin for each one.
-+ Performs left(right)ward scanning starting from a (possibly) unformatted node. If we start
-+ from unformatted node, then we continue only if the next neighbor is also unformatted.
-+ When called from scan_formatted, we skip first iteration (to make sure that
-+ right(left)most item of the left(right) neighbor on the parent level is of the same
-+ type and set appropriate coord). */
-+static int scan_by_coord(flush_scan * scan)
-+{
-+ int ret = 0;
-+ int scan_this_coord;
-+ lock_handle next_lock;
-+ load_count next_load;
-+ coord_t next_coord;
-+ jnode *child;
-+ item_plugin *iplug;
-+
-+ init_lh(&next_lock);
-+ init_load_count(&next_load);
-+ scan_this_coord = (jnode_is_unformatted(scan->node) ? 1 : 0);
-+
-+ /* set initial item id */
-+ iplug = item_plugin_by_coord(&scan->parent_coord);
-+
-+ for (; !scan_finished(scan); scan_this_coord = 1) {
-+ if (scan_this_coord) {
-+ /* Here we expect that unit is scannable. it would not be so due
-+ * to race with extent->tail conversion. */
-+ if (iplug->f.scan == NULL) {
-+ scan->stop = 1;
-+ ret = -E_REPEAT;
-+ /* skip the check at the end. */
-+ goto race;
-+ }
-+
-+ ret = iplug->f.scan(scan);
-+ if (ret != 0)
-+ goto exit;
-+
-+ if (scan_finished(scan)) {
-+ checkchild(scan);
-+ break;
-+ }
-+ } else {
-+ /* the same race against truncate as above is possible
-+ * here, it seems */
-+
-+ /* NOTE-JMACD: In this case, apply the same end-of-node logic but don't scan
-+ the first coordinate. */
-+ assert("jmacd-1231",
-+ item_is_internal(&scan->parent_coord));
-+ }
-+
-+ if (iplug->f.utmost_child == NULL
-+ || znode_get_level(scan->parent_coord.node) != TWIG_LEVEL) {
-+ /* stop this coord and continue on parrent level */
-+ ret =
-+ scan_set_current(scan,
-+ ZJNODE(zref
-+ (scan->parent_coord.node)),
-+ 1, NULL);
-+ if (ret != 0)
-+ goto exit;
-+ break;
-+ }
-+
-+ /* Either way, the invariant is that scan->parent_coord is set to the
-+ parent of scan->node. Now get the next unit. */
-+ coord_dup(&next_coord, &scan->parent_coord);
-+ coord_sideof_unit(&next_coord, scan->direction);
-+
-+ /* If off-the-end of the twig, try the next twig. */
-+ if (coord_is_after_sideof_unit(&next_coord, scan->direction)) {
-+ /* We take the write lock because we may start flushing from this
-+ * coordinate. */
-+ ret =
-+ neighbor_in_slum(next_coord.node, &next_lock,
-+ scan->direction, ZNODE_WRITE_LOCK,
-+ 1 /* check dirty */ );
-+ if (ret == -E_NO_NEIGHBOR) {
-+ scan->stop = 1;
-+ ret = 0;
-+ break;
-+ }
-+
-+ if (ret != 0) {
-+ goto exit;
-+ }
-+
-+ ret = incr_load_count_znode(&next_load, next_lock.node);
-+ if (ret != 0) {
-+ goto exit;
-+ }
-+
-+ coord_init_sideof_unit(&next_coord, next_lock.node,
-+ sideof_reverse(scan->direction));
-+ }
-+
-+ iplug = item_plugin_by_coord(&next_coord);
-+
-+ /* Get the next child. */
-+ ret =
-+ iplug->f.utmost_child(&next_coord,
-+ sideof_reverse(scan->direction),
-+ &child);
-+ if (ret != 0)
-+ goto exit;
-+ /* If the next child is not in memory, or, item_utmost_child
-+ failed (due to race with unlink, most probably), stop
-+ here. */
-+ if (child == NULL || IS_ERR(child)) {
-+ scan->stop = 1;
-+ checkchild(scan);
-+ break;
-+ }
-+
-+ assert("nikita-2374", jnode_is_unformatted(child)
-+ || jnode_is_znode(child));
-+
-+ /* See if it is dirty, part of the same atom. */
-+ if (!scan_goto(scan, child)) {
-+ checkchild(scan);
-+ break;
-+ }
-+
-+ /* If so, make this child current. */
-+ ret = scan_set_current(scan, child, 1, &next_coord);
-+ if (ret != 0)
-+ goto exit;
-+
-+ /* Now continue. If formatted we release the parent lock and return, then
-+ proceed. */
-+ if (jnode_is_znode(child))
-+ break;
-+
-+ /* Otherwise, repeat the above loop with next_coord. */
-+ if (next_load.node != NULL) {
-+ done_lh(&scan->parent_lock);
-+ move_lh(&scan->parent_lock, &next_lock);
-+ move_load_count(&scan->parent_load, &next_load);
-+ }
-+ }
-+
-+ assert("jmacd-6233", scan_finished(scan) || jnode_is_znode(scan->node));
-+ exit:
-+ checkchild(scan);
-+ race: /* skip the above check */
-+ if (jnode_is_znode(scan->node)) {
-+ done_lh(&scan->parent_lock);
-+ done_load_count(&scan->parent_load);
-+ }
-+
-+ done_load_count(&next_load);
-+ done_lh(&next_lock);
-+ return ret;
-+}
-+
-+/* FLUSH POS HELPERS */
-+
-+/* Initialize the fields of a flush_position. */
-+static void pos_init(flush_pos_t * pos)
-+{
-+ memset(pos, 0, sizeof *pos);
-+
-+ pos->state = POS_INVALID;
-+ coord_init_invalid(&pos->coord, NULL);
-+ init_lh(&pos->lock);
-+ init_load_count(&pos->load);
-+
-+ blocknr_hint_init(&pos->preceder);
-+}
-+
-+/* The flush loop inside squalloc periodically checks pos_valid to
-+ determine when "enough flushing" has been performed. This will return true until one
-+ of the following conditions is met:
-+
-+ 1. the number of flush-queued nodes has reached the kernel-supplied "int *nr_to_flush"
-+ parameter, meaning we have flushed as many blocks as the kernel requested. When
-+ flushing to commit, this parameter is NULL.
-+
-+ 2. pos_stop() is called because squalloc discovers that the "next" node in the
-+ flush order is either non-existant, not dirty, or not in the same atom.
-+*/
-+
-+static int pos_valid(flush_pos_t * pos)
-+{
-+ return pos->state != POS_INVALID;
-+}
-+
-+/* Release any resources of a flush_position. Called when jnode_flush finishes. */
-+static void pos_done(flush_pos_t * pos)
-+{
-+ pos_stop(pos);
-+ blocknr_hint_done(&pos->preceder);
-+ if (convert_data(pos))
-+ free_convert_data(pos);
-+}
-+
-+/* Reset the point and parent. Called during flush subroutines to terminate the
-+ squalloc loop. */
-+static int pos_stop(flush_pos_t * pos)
-+{
-+ pos->state = POS_INVALID;
-+ done_lh(&pos->lock);
-+ done_load_count(&pos->load);
-+ coord_init_invalid(&pos->coord, NULL);
-+
-+ if (pos->child) {
-+ jput(pos->child);
-+ pos->child = NULL;
-+ }
-+
-+ return 0;
-+}
-+
-+/* Return the flush_position's block allocator hint. */
-+reiser4_blocknr_hint *pos_hint(flush_pos_t * pos)
-+{
-+ return &pos->preceder;
-+}
-+
-+flush_queue_t *pos_fq(flush_pos_t * pos)
-+{
-+ return pos->fq;
-+}
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 90
-+ LocalWords: preceder
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/flush.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/flush.h
-@@ -0,0 +1,274 @@
-+/* Copyright 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* DECLARATIONS: */
-+
-+#if !defined(__REISER4_FLUSH_H__)
-+#define __REISER4_FLUSH_H__
-+
-+#include "plugin/cluster.h"
-+
-+/* The flush_scan data structure maintains the state of an in-progress flush-scan on a
-+ single level of the tree. A flush-scan is used for counting the number of adjacent
-+ nodes to flush, which is used to determine whether we should relocate, and it is also
-+ used to find a starting point for flush. A flush-scan object can scan in both right
-+ and left directions via the scan_left() and scan_right() interfaces. The
-+ right- and left-variations are similar but perform different functions. When scanning
-+ left we (optionally perform rapid scanning and then) longterm-lock the endpoint node.
-+ When scanning right we are simply counting the number of adjacent, dirty nodes. */
-+struct flush_scan {
-+
-+ /* The current number of nodes scanned on this level. */
-+ unsigned count;
-+
-+ /* There may be a maximum number of nodes for a scan on any single level. When
-+ going leftward, max_count is determined by FLUSH_SCAN_MAXNODES (see reiser4.h) */
-+ unsigned max_count;
-+
-+ /* Direction: Set to one of the sideof enumeration: { LEFT_SIDE, RIGHT_SIDE }. */
-+ sideof direction;
-+
-+ /* Initially @stop is set to false then set true once some condition stops the
-+ search (e.g., we found a clean node before reaching max_count or we found a
-+ node belonging to another atom). */
-+ int stop;
-+
-+ /* The current scan position. If @node is non-NULL then its reference count has
-+ been incremented to reflect this reference. */
-+ jnode *node;
-+
-+ /* A handle for zload/zrelse of current scan position node. */
-+ load_count node_load;
-+
-+ /* During left-scan, if the final position (a.k.a. endpoint node) is formatted the
-+ node is locked using this lock handle. The endpoint needs to be locked for
-+ transfer to the flush_position object after scanning finishes. */
-+ lock_handle node_lock;
-+
-+ /* When the position is unformatted, its parent, coordinate, and parent
-+ zload/zrelse handle. */
-+ lock_handle parent_lock;
-+ coord_t parent_coord;
-+ load_count parent_load;
-+
-+ /* The block allocator preceder hint. Sometimes flush_scan determines what the
-+ preceder is and if so it sets it here, after which it is copied into the
-+ flush_position. Otherwise, the preceder is computed later. */
-+ reiser4_block_nr preceder_blk;
-+};
-+
-+typedef struct convert_item_info {
-+ dc_item_stat d_cur; /* disk cluster state of the current item */
-+ dc_item_stat d_next; /* disk cluster state of the next slum item */
-+ struct inode *inode;
-+ flow_t flow;
-+} convert_item_info_t;
-+
-+typedef struct convert_info {
-+ int count; /* for squalloc terminating */
-+ reiser4_cluster_t clust; /* transform cluster */
-+ item_plugin *iplug; /* current item plugin */
-+ convert_item_info_t *itm; /* current item info */
-+} convert_info_t;
-+
-+typedef enum flush_position_state {
-+ POS_INVALID, /* Invalid or stopped pos, do not continue slum
-+ * processing */
-+ POS_ON_LEAF, /* pos points to already prepped, locked formatted node at
-+ * leaf level */
-+ POS_ON_EPOINT, /* pos keeps a lock on twig level, "coord" field is used
-+ * to traverse unformatted nodes */
-+ POS_TO_LEAF, /* pos is being moved to leaf level */
-+ POS_TO_TWIG, /* pos is being moved to twig level */
-+ POS_END_OF_TWIG, /* special case of POS_ON_TWIG, when coord is after
-+ * rightmost unit of the current twig */
-+ POS_ON_INTERNAL /* same as POS_ON_LEAF, but points to internal node */
-+} flushpos_state_t;
-+
-+/* An encapsulation of the current flush point and all the parameters that are passed
-+ through the entire squeeze-and-allocate stage of the flush routine. A single
-+ flush_position object is constructed after left- and right-scanning finishes. */
-+struct flush_position {
-+ flushpos_state_t state;
-+
-+ coord_t coord; /* coord to traverse unformatted nodes */
-+ lock_handle lock; /* current lock we hold */
-+ load_count load; /* load status for current locked formatted node */
-+
-+ jnode *child; /* for passing a reference to unformatted child
-+ * across pos state changes */
-+
-+ reiser4_blocknr_hint preceder; /* The flush 'hint' state. */
-+ int leaf_relocate; /* True if enough leaf-level nodes were
-+ * found to suggest a relocate policy. */
-+ int alloc_cnt; /* The number of nodes allocated during squeeze and allococate. */
-+ int prep_or_free_cnt; /* The number of nodes prepared for write (allocate) or squeezed and freed. */
-+ flush_queue_t *fq;
-+ long *nr_written; /* number of nodes submitted to disk */
-+ int flags; /* a copy of jnode_flush flags argument */
-+
-+ znode *prev_twig; /* previous parent pointer value, used to catch
-+ * processing of new twig node */
-+ convert_info_t *sq; /* convert info */
-+
-+ unsigned long pos_in_unit; /* for extents only. Position
-+ within an extent unit of first
-+ jnode of slum */
-+ long nr_to_write; /* number of unformatted nodes to handle on flush */
-+};
-+
-+static inline int item_convert_count(flush_pos_t * pos)
-+{
-+ return pos->sq->count;
-+}
-+static inline void inc_item_convert_count(flush_pos_t * pos)
-+{
-+ pos->sq->count++;
-+}
-+static inline void set_item_convert_count(flush_pos_t * pos, int count)
-+{
-+ pos->sq->count = count;
-+}
-+static inline item_plugin *item_convert_plug(flush_pos_t * pos)
-+{
-+ return pos->sq->iplug;
-+}
-+
-+static inline convert_info_t *convert_data(flush_pos_t * pos)
-+{
-+ return pos->sq;
-+}
-+
-+static inline convert_item_info_t *item_convert_data(flush_pos_t * pos)
-+{
-+ assert("edward-955", convert_data(pos));
-+ return pos->sq->itm;
-+}
-+
-+static inline tfm_cluster_t *tfm_cluster_sq(flush_pos_t * pos)
-+{
-+ return &pos->sq->clust.tc;
-+}
-+
-+static inline tfm_stream_t *tfm_stream_sq(flush_pos_t * pos, tfm_stream_id id)
-+{
-+ assert("edward-854", pos->sq != NULL);
-+ return tfm_stream(tfm_cluster_sq(pos), id);
-+}
-+
-+static inline int chaining_data_present(flush_pos_t * pos)
-+{
-+ return convert_data(pos) && item_convert_data(pos);
-+}
-+
-+/* Returns true if next node contains next item of the disk cluster
-+ so item convert data should be moved to the right slum neighbor.
-+*/
-+static inline int should_chain_next_node(flush_pos_t * pos)
-+{
-+ int result = 0;
-+
-+ assert("edward-1007", chaining_data_present(pos));
-+
-+ switch (item_convert_data(pos)->d_next) {
-+ case DC_CHAINED_ITEM:
-+ result = 1;
-+ break;
-+ case DC_AFTER_CLUSTER:
-+ break;
-+ default:
-+ impossible("edward-1009", "bad state of next slum item");
-+ }
-+ return result;
-+}
-+
-+/* update item state in a disk cluster to assign conversion mode */
-+static inline void
-+move_chaining_data(flush_pos_t * pos, int this_node /* where is next item */ )
-+{
-+
-+ assert("edward-1010", chaining_data_present(pos));
-+
-+ if (this_node == 0) {
-+ /* next item is on the right neighbor */
-+ assert("edward-1011",
-+ item_convert_data(pos)->d_cur == DC_FIRST_ITEM ||
-+ item_convert_data(pos)->d_cur == DC_CHAINED_ITEM);
-+ assert("edward-1012",
-+ item_convert_data(pos)->d_next == DC_CHAINED_ITEM);
-+
-+ item_convert_data(pos)->d_cur = DC_CHAINED_ITEM;
-+ item_convert_data(pos)->d_next = DC_INVALID_STATE;
-+ } else {
-+ /* next item is on the same node */
-+ assert("edward-1013",
-+ item_convert_data(pos)->d_cur == DC_FIRST_ITEM ||
-+ item_convert_data(pos)->d_cur == DC_CHAINED_ITEM);
-+ assert("edward-1227",
-+ item_convert_data(pos)->d_next == DC_AFTER_CLUSTER ||
-+ item_convert_data(pos)->d_next == DC_INVALID_STATE);
-+
-+ item_convert_data(pos)->d_cur = DC_AFTER_CLUSTER;
-+ item_convert_data(pos)->d_next = DC_INVALID_STATE;
-+ }
-+}
-+
-+static inline int should_convert_node(flush_pos_t * pos, znode * node)
-+{
-+ return znode_convertible(node);
-+}
-+
-+/* true if there is attached convert item info */
-+static inline int should_convert_next_node(flush_pos_t * pos, znode * node)
-+{
-+ return convert_data(pos) && item_convert_data(pos);
-+}
-+
-+#define SQUALLOC_THRESHOLD 256
-+
-+static inline int should_terminate_squalloc(flush_pos_t * pos)
-+{
-+ return convert_data(pos) &&
-+ !item_convert_data(pos) &&
-+ item_convert_count(pos) >= SQUALLOC_THRESHOLD;
-+}
-+
-+void free_convert_data(flush_pos_t * pos);
-+/* used in extent.c */
-+int scan_set_current(flush_scan * scan, jnode * node, unsigned add_size,
-+ const coord_t * parent);
-+int scan_finished(flush_scan * scan);
-+int scanning_left(flush_scan * scan);
-+int scan_goto(flush_scan * scan, jnode * tonode);
-+txn_atom *atom_locked_by_fq(flush_queue_t * fq);
-+int alloc_extent(flush_pos_t *flush_pos);
-+squeeze_result squalloc_extent(znode *left, const coord_t *, flush_pos_t *,
-+ reiser4_key *stop_key);
-+extern int init_fqs(void);
-+extern void done_fqs(void);
-+
-+#if REISER4_DEBUG
-+
-+extern void check_fq(const txn_atom *atom);
-+extern atomic_t flush_cnt;
-+
-+#define check_preceder(blk) \
-+assert("nikita-2588", blk < reiser4_block_count(reiser4_get_current_sb()));
-+extern void check_pos(flush_pos_t * pos);
-+#else
-+#define check_preceder(b) noop
-+#define check_pos(pos) noop
-+#endif
-+
-+/* __REISER4_FLUSH_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 90
-+ LocalWords: preceder
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/flush_queue.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/flush_queue.c
-@@ -0,0 +1,681 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+#include "debug.h"
-+#include "super.h"
-+#include "txnmgr.h"
-+#include "jnode.h"
-+#include "znode.h"
-+#include "page_cache.h"
-+#include "wander.h"
-+#include "vfs_ops.h"
-+#include "writeout.h"
-+#include "flush.h"
-+
-+#include <linux/bio.h>
-+#include <linux/mm.h>
-+#include <linux/pagemap.h>
-+#include <linux/blkdev.h>
-+#include <linux/writeback.h>
-+
-+/* A flush queue object is an accumulator for keeping jnodes prepared
-+ by the jnode_flush() function for writing to disk. Those "queued" jnodes are
-+ kept on the flush queue until memory pressure or atom commit asks
-+ flush queues to write some or all from their jnodes. */
-+
-+/*
-+ LOCKING:
-+
-+ fq->guard spin lock protects fq->atom pointer and nothing else. fq->prepped
-+ list protected by atom spin lock. fq->prepped list uses the following
-+ locking:
-+
-+ two ways to protect fq->prepped list for read-only list traversal:
-+
-+ 1. atom spin-lock atom.
-+ 2. fq is IN_USE, atom->nr_running_queues increased.
-+
-+ and one for list modification:
-+
-+ 1. atom is spin-locked and one condition is true: fq is IN_USE or
-+ atom->nr_running_queues == 0.
-+
-+ The deadlock-safe order for flush queues and atoms is: first lock atom, then
-+ lock flush queue, then lock jnode.
-+*/
-+
-+#define fq_in_use(fq) ((fq)->state & FQ_IN_USE)
-+#define fq_ready(fq) (!fq_in_use(fq))
-+
-+#define mark_fq_in_use(fq) do { (fq)->state |= FQ_IN_USE; } while (0)
-+#define mark_fq_ready(fq) do { (fq)->state &= ~FQ_IN_USE; } while (0)
-+
-+/* get lock on atom from locked flush queue object */
-+static txn_atom *atom_locked_by_fq_nolock(flush_queue_t * fq)
-+{
-+ /* This code is similar to jnode_get_atom(), look at it for the
-+ * explanation. */
-+ txn_atom *atom;
-+
-+ assert_spin_locked(&(fq->guard));
-+
-+ while (1) {
-+ atom = fq->atom;
-+ if (atom == NULL)
-+ break;
-+
-+ if (spin_trylock_atom(atom))
-+ break;
-+
-+ atomic_inc(&atom->refcount);
-+ spin_unlock(&(fq->guard));
-+ spin_lock_atom(atom);
-+ spin_lock(&(fq->guard));
-+
-+ if (fq->atom == atom) {
-+ atomic_dec(&atom->refcount);
-+ break;
-+ }
-+
-+ spin_unlock(&(fq->guard));
-+ atom_dec_and_unlock(atom);
-+ spin_lock(&(fq->guard));
-+ }
-+
-+ return atom;
-+}
-+
-+txn_atom *atom_locked_by_fq(flush_queue_t * fq)
-+{
-+ txn_atom *atom;
-+
-+ spin_lock(&(fq->guard));
-+ atom = atom_locked_by_fq_nolock(fq);
-+ spin_unlock(&(fq->guard));
-+ return atom;
-+}
-+
-+static void init_fq(flush_queue_t * fq)
-+{
-+ memset(fq, 0, sizeof *fq);
-+
-+ atomic_set(&fq->nr_submitted, 0);
-+
-+ INIT_LIST_HEAD(ATOM_FQ_LIST(fq));
-+
-+ sema_init(&fq->io_sem, 0);
-+ spin_lock_init(&fq->guard);
-+}
-+
-+/* slab for flush queues */
-+static kmem_cache_t *fq_slab;
-+
-+
-+/**
-+ * init_fqs - create flush queue cache
-+ *
-+ * Initializes slab cache of flush queues. It is part of reiser4 module
-+ * initialization.
-+ */
-+int init_fqs(void)
-+{
-+ fq_slab = kmem_cache_create("fq",
-+ sizeof(flush_queue_t),
-+ 0, SLAB_HWCACHE_ALIGN, NULL, NULL);
-+ if (fq_slab == NULL)
-+ return RETERR(-ENOMEM);
-+ return 0;
-+}
-+
-+/**
-+ * done_fqs - delete flush queue cache
-+ *
-+ * This is called on reiser4 module unloading or system shutdown.
-+ */
-+void done_fqs(void)
-+{
-+ destroy_reiser4_cache(&fq_slab);
-+}
-+
-+/* create new flush queue object */
-+static flush_queue_t *create_fq(gfp_t gfp)
-+{
-+ flush_queue_t *fq;
-+
-+ fq = kmem_cache_alloc(fq_slab, gfp);
-+ if (fq)
-+ init_fq(fq);
-+
-+ return fq;
-+}
-+
-+/* adjust atom's and flush queue's counters of queued nodes */
-+static void count_enqueued_node(flush_queue_t * fq)
-+{
-+ ON_DEBUG(fq->atom->num_queued++);
-+}
-+
-+static void count_dequeued_node(flush_queue_t * fq)
-+{
-+ assert("zam-993", fq->atom->num_queued > 0);
-+ ON_DEBUG(fq->atom->num_queued--);
-+}
-+
-+/* attach flush queue object to the atom */
-+static void attach_fq(txn_atom *atom, flush_queue_t *fq)
-+{
-+ assert_spin_locked(&(atom->alock));
-+ list_add(&fq->alink, &atom->flush_queues);
-+ fq->atom = atom;
-+ ON_DEBUG(atom->nr_flush_queues++);
-+}
-+
-+static void detach_fq(flush_queue_t * fq)
-+{
-+ assert_spin_locked(&(fq->atom->alock));
-+
-+ spin_lock(&(fq->guard));
-+ list_del_init(&fq->alink);
-+ assert("vs-1456", fq->atom->nr_flush_queues > 0);
-+ ON_DEBUG(fq->atom->nr_flush_queues--);
-+ fq->atom = NULL;
-+ spin_unlock(&(fq->guard));
-+}
-+
-+/* destroy flush queue object */
-+static void done_fq(flush_queue_t * fq)
-+{
-+ assert("zam-763", list_empty_careful(ATOM_FQ_LIST(fq)));
-+ assert("zam-766", atomic_read(&fq->nr_submitted) == 0);
-+
-+ kmem_cache_free(fq_slab, fq);
-+}
-+
-+/* */
-+void mark_jnode_queued(flush_queue_t * fq, jnode * node)
-+{
-+ JF_SET(node, JNODE_FLUSH_QUEUED);
-+ count_enqueued_node(fq);
-+}
-+
-+/* Putting jnode into the flush queue. Both atom and jnode should be
-+ spin-locked. */
-+void queue_jnode(flush_queue_t * fq, jnode * node)
-+{
-+ assert_spin_locked(&(node->guard));
-+ assert("zam-713", node->atom != NULL);
-+ assert_spin_locked(&(node->atom->alock));
-+ assert("zam-716", fq->atom != NULL);
-+ assert("zam-717", fq->atom == node->atom);
-+ assert("zam-907", fq_in_use(fq));
-+
-+ assert("zam-714", JF_ISSET(node, JNODE_DIRTY));
-+ assert("zam-826", JF_ISSET(node, JNODE_RELOC));
-+ assert("vs-1481", !JF_ISSET(node, JNODE_FLUSH_QUEUED));
-+ assert("vs-1481", NODE_LIST(node) != FQ_LIST);
-+
-+ mark_jnode_queued(fq, node);
-+ list_move_tail(&node->capture_link, ATOM_FQ_LIST(fq));
-+
-+ ON_DEBUG(count_jnode(node->atom, node, NODE_LIST(node),
-+ FQ_LIST, 1));
-+}
-+
-+/* repeatable process for waiting io completion on a flush queue object */
-+static int wait_io(flush_queue_t * fq, int *nr_io_errors)
-+{
-+ assert("zam-738", fq->atom != NULL);
-+ assert_spin_locked(&(fq->atom->alock));
-+ assert("zam-736", fq_in_use(fq));
-+ assert("zam-911", list_empty_careful(ATOM_FQ_LIST(fq)));
-+
-+ if (atomic_read(&fq->nr_submitted) != 0) {
-+ struct super_block *super;
-+
-+ spin_unlock_atom(fq->atom);
-+
-+ assert("nikita-3013", schedulable());
-+
-+ super = reiser4_get_current_sb();
-+
-+ /* FIXME: this is instead of blk_run_queues() */
-+ blk_run_address_space(get_super_fake(super)->i_mapping);
-+
-+ if (!(super->s_flags & MS_RDONLY))
-+ down(&fq->io_sem);
-+
-+ /* Ask the caller to re-acquire the locks and call this
-+ function again. Note: this technique is commonly used in
-+ the txnmgr code. */
-+ return -E_REPEAT;
-+ }
-+
-+ *nr_io_errors += atomic_read(&fq->nr_errors);
-+ return 0;
-+}
-+
-+/* wait on I/O completion, re-submit dirty nodes to write */
-+static int finish_fq(flush_queue_t * fq, int *nr_io_errors)
-+{
-+ int ret;
-+ txn_atom *atom = fq->atom;
-+
-+ assert("zam-801", atom != NULL);
-+ assert_spin_locked(&(atom->alock));
-+ assert("zam-762", fq_in_use(fq));
-+
-+ ret = wait_io(fq, nr_io_errors);
-+ if (ret)
-+ return ret;
-+
-+ detach_fq(fq);
-+ done_fq(fq);
-+
-+ atom_send_event(atom);
-+
-+ return 0;
-+}
-+
-+/* wait for all i/o for given atom to be completed, actually do one iteration
-+ on that and return -E_REPEAT if there more iterations needed */
-+static int finish_all_fq(txn_atom * atom, int *nr_io_errors)
-+{
-+ flush_queue_t *fq;
-+
-+ assert_spin_locked(&(atom->alock));
-+
-+ if (list_empty_careful(&atom->flush_queues))
-+ return 0;
-+
-+ list_for_each_entry(fq, &atom->flush_queues, alink) {
-+ if (fq_ready(fq)) {
-+ int ret;
-+
-+ mark_fq_in_use(fq);
-+ assert("vs-1247", fq->owner == NULL);
-+ ON_DEBUG(fq->owner = current);
-+ ret = finish_fq(fq, nr_io_errors);
-+
-+ if (*nr_io_errors)
-+ reiser4_handle_error();
-+
-+ if (ret) {
-+ fq_put(fq);
-+ return ret;
-+ }
-+
-+ spin_unlock_atom(atom);
-+
-+ return -E_REPEAT;
-+ }
-+ }
-+
-+ /* All flush queues are in use; atom remains locked */
-+ return -EBUSY;
-+}
-+
-+/* wait all i/o for current atom */
-+int current_atom_finish_all_fq(void)
-+{
-+ txn_atom *atom;
-+ int nr_io_errors = 0;
-+ int ret = 0;
-+
-+ do {
-+ while (1) {
-+ atom = get_current_atom_locked();
-+ ret = finish_all_fq(atom, &nr_io_errors);
-+ if (ret != -EBUSY)
-+ break;
-+ atom_wait_event(atom);
-+ }
-+ } while (ret == -E_REPEAT);
-+
-+ /* we do not need locked atom after this function finishes, SUCCESS or
-+ -EBUSY are two return codes when atom remains locked after
-+ finish_all_fq */
-+ if (!ret)
-+ spin_unlock_atom(atom);
-+
-+ assert_spin_not_locked(&(atom->alock));
-+
-+ if (ret)
-+ return ret;
-+
-+ if (nr_io_errors)
-+ return RETERR(-EIO);
-+
-+ return 0;
-+}
-+
-+/* change node->atom field for all jnode from given list */
-+static void
-+scan_fq_and_update_atom_ref(struct list_head *list, txn_atom *atom)
-+{
-+ jnode *cur;
-+
-+ list_for_each_entry(cur, list, capture_link) {
-+ spin_lock_jnode(cur);
-+ cur->atom = atom;
-+ spin_unlock_jnode(cur);
-+ }
-+}
-+
-+/* support for atom fusion operation */
-+void fuse_fq(txn_atom *to, txn_atom *from)
-+{
-+ flush_queue_t *fq;
-+
-+ assert_spin_locked(&(to->alock));
-+ assert_spin_locked(&(from->alock));
-+
-+ list_for_each_entry(fq, &from->flush_queues, alink) {
-+ scan_fq_and_update_atom_ref(ATOM_FQ_LIST(fq), to);
-+ spin_lock(&(fq->guard));
-+ fq->atom = to;
-+ spin_unlock(&(fq->guard));
-+ }
-+
-+ list_splice_init(&from->flush_queues, to->flush_queues.prev);
-+
-+#if REISER4_DEBUG
-+ to->num_queued += from->num_queued;
-+ to->nr_flush_queues += from->nr_flush_queues;
-+ from->nr_flush_queues = 0;
-+#endif
-+}
-+
-+#if REISER4_DEBUG
-+int atom_fq_parts_are_clean(txn_atom * atom)
-+{
-+ assert("zam-915", atom != NULL);
-+ return list_empty_careful(&atom->flush_queues);
-+}
-+#endif
-+/* Bio i/o completion routine for reiser4 write operations. */
-+static int
-+end_io_handler(struct bio *bio, unsigned int bytes_done UNUSED_ARG,
-+ int err)
-+{
-+ int i;
-+ int nr_errors = 0;
-+ flush_queue_t *fq;
-+
-+ assert("zam-958", bio->bi_rw & WRITE);
-+
-+ /* i/o op. is not fully completed */
-+ if (bio->bi_size != 0)
-+ return 1;
-+
-+ if (err == -EOPNOTSUPP)
-+ set_bit(BIO_EOPNOTSUPP, &bio->bi_flags);
-+
-+ /* we expect that bio->private is set to NULL or fq object which is used
-+ * for synchronization and error counting. */
-+ fq = bio->bi_private;
-+ /* Check all elements of io_vec for correct write completion. */
-+ for (i = 0; i < bio->bi_vcnt; i += 1) {
-+ struct page *pg = bio->bi_io_vec[i].bv_page;
-+
-+ if (!test_bit(BIO_UPTODATE, &bio->bi_flags)) {
-+ SetPageError(pg);
-+ nr_errors++;
-+ }
-+
-+ {
-+ /* jnode WRITEBACK ("write is in progress bit") is
-+ * atomically cleared here. */
-+ jnode *node;
-+
-+ assert("zam-736", pg != NULL);
-+ assert("zam-736", PagePrivate(pg));
-+ node = jprivate(pg);
-+
-+ JF_CLR(node, JNODE_WRITEBACK);
-+ }
-+
-+ end_page_writeback(pg);
-+ page_cache_release(pg);
-+ }
-+
-+ if (fq) {
-+ /* count i/o error in fq object */
-+ atomic_add(nr_errors, &fq->nr_errors);
-+
-+ /* If all write requests registered in this "fq" are done we up
-+ * the semaphore. */
-+ if (atomic_sub_and_test(bio->bi_vcnt, &fq->nr_submitted))
-+ up(&fq->io_sem);
-+ }
-+
-+ bio_put(bio);
-+ return 0;
-+}
-+
-+/* Count I/O requests which will be submitted by @bio in given flush queues
-+ @fq */
-+void add_fq_to_bio(flush_queue_t * fq, struct bio *bio)
-+{
-+ bio->bi_private = fq;
-+ bio->bi_end_io = end_io_handler;
-+
-+ if (fq)
-+ atomic_add(bio->bi_vcnt, &fq->nr_submitted);
-+}
-+
-+/* Move all queued nodes out from @fq->prepped list. */
-+static void release_prepped_list(flush_queue_t * fq)
-+{
-+ txn_atom *atom;
-+
-+ assert("zam-904", fq_in_use(fq));
-+ atom = atom_locked_by_fq(fq);
-+
-+ while (!list_empty(ATOM_FQ_LIST(fq))) {
-+ jnode *cur;
-+
-+ cur = list_entry(ATOM_FQ_LIST(fq)->next, jnode, capture_link);
-+ list_del_init(&cur->capture_link);
-+
-+ count_dequeued_node(fq);
-+ spin_lock_jnode(cur);
-+ assert("nikita-3154", !JF_ISSET(cur, JNODE_OVRWR));
-+ assert("nikita-3154", JF_ISSET(cur, JNODE_RELOC));
-+ assert("nikita-3154", JF_ISSET(cur, JNODE_FLUSH_QUEUED));
-+ JF_CLR(cur, JNODE_FLUSH_QUEUED);
-+
-+ if (JF_ISSET(cur, JNODE_DIRTY)) {
-+ list_add_tail(&cur->capture_link,
-+ ATOM_DIRTY_LIST(atom, jnode_get_level(cur)));
-+ ON_DEBUG(count_jnode(atom, cur, FQ_LIST,
-+ DIRTY_LIST, 1));
-+ } else {
-+ list_add_tail(&cur->capture_link, ATOM_CLEAN_LIST(atom));
-+ ON_DEBUG(count_jnode(atom, cur, FQ_LIST,
-+ CLEAN_LIST, 1));
-+ }
-+
-+ spin_unlock_jnode(cur);
-+ }
-+
-+ if (--atom->nr_running_queues == 0)
-+ atom_send_event(atom);
-+
-+ spin_unlock_atom(atom);
-+}
-+
-+/* Submit write requests for nodes on the already filled flush queue @fq.
-+
-+ @fq: flush queue object which contains jnodes we can (and will) write.
-+ @return: number of submitted blocks (>=0) if success, otherwise -- an error
-+ code (<0). */
-+int write_fq(flush_queue_t * fq, long *nr_submitted, int flags)
-+{
-+ int ret;
-+ txn_atom *atom;
-+
-+ while (1) {
-+ atom = atom_locked_by_fq(fq);
-+ assert("zam-924", atom);
-+ /* do not write fq in parallel. */
-+ if (atom->nr_running_queues == 0
-+ || !(flags & WRITEOUT_SINGLE_STREAM))
-+ break;
-+ atom_wait_event(atom);
-+ }
-+
-+ atom->nr_running_queues++;
-+ spin_unlock_atom(atom);
-+
-+ ret = write_jnode_list(ATOM_FQ_LIST(fq), fq, nr_submitted, flags);
-+ release_prepped_list(fq);
-+
-+ return ret;
-+}
-+
-+/* Getting flush queue object for exclusive use by one thread. May require
-+ several iterations which is indicated by -E_REPEAT return code.
-+
-+ This function does not contain code for obtaining an atom lock because an
-+ atom lock is obtained by different ways in different parts of reiser4,
-+ usually it is current atom, but we need a possibility for getting fq for the
-+ atom of given jnode. */
-+static int fq_by_atom_gfp(txn_atom *atom, flush_queue_t **new_fq, gfp_t gfp)
-+{
-+ flush_queue_t *fq;
-+
-+ assert_spin_locked(&(atom->alock));
-+
-+ fq = list_entry(atom->flush_queues.next, flush_queue_t, alink);
-+ while (&atom->flush_queues != &fq->alink) {
-+ spin_lock(&(fq->guard));
-+
-+ if (fq_ready(fq)) {
-+ mark_fq_in_use(fq);
-+ assert("vs-1246", fq->owner == NULL);
-+ ON_DEBUG(fq->owner = current);
-+ spin_unlock(&(fq->guard));
-+
-+ if (*new_fq)
-+ done_fq(*new_fq);
-+
-+ *new_fq = fq;
-+
-+ return 0;
-+ }
-+
-+ spin_unlock(&(fq->guard));
-+
-+ fq = list_entry(fq->alink.next, flush_queue_t, alink);
-+ }
-+
-+ /* Use previously allocated fq object */
-+ if (*new_fq) {
-+ mark_fq_in_use(*new_fq);
-+ assert("vs-1248", (*new_fq)->owner == 0);
-+ ON_DEBUG((*new_fq)->owner = current);
-+ attach_fq(atom, *new_fq);
-+
-+ return 0;
-+ }
-+
-+ spin_unlock_atom(atom);
-+
-+ *new_fq = create_fq(gfp);
-+
-+ if (*new_fq == NULL)
-+ return RETERR(-ENOMEM);
-+
-+ return RETERR(-E_REPEAT);
-+}
-+
-+int fq_by_atom(txn_atom * atom, flush_queue_t ** new_fq)
-+{
-+ return fq_by_atom_gfp(atom, new_fq, get_gfp_mask());
-+}
-+
-+/* A wrapper around fq_by_atom for getting a flush queue object for current
-+ * atom, if success fq->atom remains locked. */
-+flush_queue_t *get_fq_for_current_atom(void)
-+{
-+ flush_queue_t *fq = NULL;
-+ txn_atom *atom;
-+ int ret;
-+
-+ do {
-+ atom = get_current_atom_locked();
-+ ret = fq_by_atom(atom, &fq);
-+ } while (ret == -E_REPEAT);
-+
-+ if (ret)
-+ return ERR_PTR(ret);
-+ return fq;
-+}
-+
-+/* Releasing flush queue object after exclusive use */
-+void fq_put_nolock(flush_queue_t *fq)
-+{
-+ assert("zam-747", fq->atom != NULL);
-+ assert("zam-902", list_empty_careful(ATOM_FQ_LIST(fq)));
-+ mark_fq_ready(fq);
-+ assert("vs-1245", fq->owner == current);
-+ ON_DEBUG(fq->owner = NULL);
-+}
-+
-+void fq_put(flush_queue_t * fq)
-+{
-+ txn_atom *atom;
-+
-+ spin_lock(&(fq->guard));
-+ atom = atom_locked_by_fq_nolock(fq);
-+
-+ assert("zam-746", atom != NULL);
-+
-+ fq_put_nolock(fq);
-+ atom_send_event(atom);
-+
-+ spin_unlock(&(fq->guard));
-+ spin_unlock_atom(atom);
-+}
-+
-+/* A part of atom object initialization related to the embedded flush queue
-+ list head */
-+
-+void init_atom_fq_parts(txn_atom *atom)
-+{
-+ INIT_LIST_HEAD(&atom->flush_queues);
-+}
-+
-+#if REISER4_DEBUG
-+
-+void check_fq(const txn_atom *atom)
-+{
-+ /* check number of nodes on all atom's flush queues */
-+ flush_queue_t *fq;
-+ int count;
-+ struct list_head *pos;
-+
-+ count = 0;
-+ list_for_each_entry(fq, &atom->flush_queues, alink) {
-+ spin_lock(&(fq->guard));
-+ /* calculate number of jnodes on fq' list of prepped jnodes */
-+ list_for_each(pos, ATOM_FQ_LIST(fq))
-+ count++;
-+ spin_unlock(&(fq->guard));
-+ }
-+ if (count != atom->fq)
-+ warning("", "fq counter %d, real %d\n", atom->fq, count);
-+
-+}
-+
-+#endif
-+
-+/*
-+ * Local variables:
-+ * c-indentation-style: "K&R"
-+ * mode-name: "LC"
-+ * c-basic-offset: 8
-+ * tab-width: 8
-+ * fill-column: 79
-+ * scroll-step: 1
-+ * End:
-+ */
-Index: linux-2.6.16/fs/reiser4/forward.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/forward.h
-@@ -0,0 +1,258 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* Forward declarations. Thank you Kernighan. */
-+
-+#if !defined( __REISER4_FORWARD_H__ )
-+#define __REISER4_FORWARD_H__
-+
-+#include <asm/errno.h>
-+#include <linux/types.h>
-+
-+typedef struct zlock zlock;
-+typedef struct lock_stack lock_stack;
-+typedef struct lock_handle lock_handle;
-+typedef struct znode znode;
-+typedef struct flow flow_t;
-+typedef struct coord coord_t;
-+typedef struct tree_access_pointer tap_t;
-+typedef struct item_coord item_coord;
-+typedef struct shift_params shift_params;
-+typedef struct reiser4_object_create_data reiser4_object_create_data;
-+typedef union reiser4_plugin reiser4_plugin;
-+typedef __u16 reiser4_plugin_id;
-+typedef struct item_plugin item_plugin;
-+typedef struct jnode_plugin jnode_plugin;
-+typedef struct reiser4_item_data reiser4_item_data;
-+typedef union reiser4_key reiser4_key;
-+typedef struct reiser4_tree reiser4_tree;
-+typedef struct carry_cut_data carry_cut_data;
-+typedef struct carry_kill_data carry_kill_data;
-+typedef struct carry_tree_op carry_tree_op;
-+typedef struct carry_tree_node carry_tree_node;
-+typedef struct carry_plugin_info carry_plugin_info;
-+typedef struct reiser4_journal reiser4_journal;
-+typedef struct txn_atom txn_atom;
-+typedef struct txn_handle txn_handle;
-+typedef struct txn_mgr txn_mgr;
-+typedef struct reiser4_dir_entry_desc reiser4_dir_entry_desc;
-+typedef struct reiser4_context reiser4_context;
-+typedef struct carry_level carry_level;
-+typedef struct blocknr_set blocknr_set;
-+typedef struct blocknr_set_entry blocknr_set_entry;
-+/* super_block->s_fs_info points to this */
-+typedef struct reiser4_super_info_data reiser4_super_info_data;
-+/* next two objects are fields of reiser4_super_info_data */
-+typedef struct reiser4_oid_allocator reiser4_oid_allocator;
-+typedef struct reiser4_space_allocator reiser4_space_allocator;
-+
-+typedef struct flush_scan flush_scan;
-+typedef struct flush_position flush_pos_t;
-+
-+typedef unsigned short pos_in_node_t;
-+#define MAX_POS_IN_NODE 65535
-+
-+typedef struct jnode jnode;
-+typedef struct reiser4_blocknr_hint reiser4_blocknr_hint;
-+
-+typedef struct uf_coord uf_coord_t;
-+typedef struct hint hint_t;
-+
-+typedef struct ktxnmgrd_context ktxnmgrd_context;
-+
-+typedef struct reiser4_xattr_plugin reiser4_xattr_plugin;
-+
-+struct inode;
-+struct page;
-+struct file;
-+struct dentry;
-+struct super_block;
-+
-+/* return values of coord_by_key(). cbk == coord_by_key */
-+typedef enum {
-+ CBK_COORD_FOUND = 0,
-+ CBK_COORD_NOTFOUND = -ENOENT,
-+} lookup_result;
-+
-+/* results of lookup with directory file */
-+typedef enum {
-+ FILE_NAME_FOUND = 0,
-+ FILE_NAME_NOTFOUND = -ENOENT,
-+ FILE_IO_ERROR = -EIO, /* FIXME: it seems silly to have special OOM, IO_ERROR return codes for each search. */
-+ FILE_OOM = -ENOMEM /* FIXME: it seems silly to have special OOM, IO_ERROR return codes for each search. */
-+} file_lookup_result;
-+
-+/* behaviors of lookup. If coord we are looking for is actually in a tree,
-+ both coincide. */
-+typedef enum {
-+ /* search exactly for the coord with key given */
-+ FIND_EXACT,
-+ /* search for coord with the maximal key not greater than one
-+ given */
-+ FIND_MAX_NOT_MORE_THAN /*LEFT_SLANT_BIAS */
-+} lookup_bias;
-+
-+typedef enum {
-+ /* number of leaf level of the tree
-+ The fake root has (tree_level=0). */
-+ LEAF_LEVEL = 1,
-+
-+ /* number of level one above leaf level of the tree.
-+
-+ It is supposed that internal tree used by reiser4 to store file
-+ system data and meta data will have height 2 initially (when
-+ created by mkfs).
-+ */
-+ TWIG_LEVEL = 2,
-+} tree_level;
-+
-+/* The "real" maximum ztree height is the 0-origin size of any per-level
-+ array, since the zero'th level is not used. */
-+#define REAL_MAX_ZTREE_HEIGHT (REISER4_MAX_ZTREE_HEIGHT-LEAF_LEVEL)
-+
-+/* enumeration of possible mutual position of item and coord. This enum is
-+ return type of ->is_in_item() item plugin method which see. */
-+typedef enum {
-+ /* coord is on the left of an item */
-+ IP_ON_THE_LEFT,
-+ /* coord is inside item */
-+ IP_INSIDE,
-+ /* coord is inside item, but to the right of the rightmost unit of
-+ this item */
-+ IP_RIGHT_EDGE,
-+ /* coord is on the right of an item */
-+ IP_ON_THE_RIGHT
-+} interposition;
-+
-+/* type of lock to acquire on znode before returning it to caller */
-+typedef enum {
-+ ZNODE_NO_LOCK = 0,
-+ ZNODE_READ_LOCK = 1,
-+ ZNODE_WRITE_LOCK = 2,
-+} znode_lock_mode;
-+
-+/* type of lock request */
-+typedef enum {
-+ ZNODE_LOCK_LOPRI = 0,
-+ ZNODE_LOCK_HIPRI = (1 << 0),
-+
-+ /* By setting the ZNODE_LOCK_NONBLOCK flag in a lock request the call to longterm_lock_znode will not sleep
-+ waiting for the lock to become available. If the lock is unavailable, reiser4_znode_lock will immediately
-+ return the value -E_REPEAT. */
-+ ZNODE_LOCK_NONBLOCK = (1 << 1),
-+ /* An option for longterm_lock_znode which prevents atom fusion */
-+ ZNODE_LOCK_DONT_FUSE = (1 << 2)
-+} znode_lock_request;
-+
-+typedef enum { READ_OP = 0, WRITE_OP = 1 } rw_op;
-+
-+/* used to specify direction of shift. These must be -1 and 1 */
-+typedef enum {
-+ SHIFT_LEFT = 1,
-+ SHIFT_RIGHT = -1
-+} shift_direction;
-+
-+typedef enum {
-+ LEFT_SIDE,
-+ RIGHT_SIDE
-+} sideof;
-+
-+#define round_up( value, order ) \
-+ ( ( typeof( value ) )( ( ( long ) ( value ) + ( order ) - 1U ) & \
-+ ~( ( order ) - 1 ) ) )
-+
-+/* values returned by squalloc_right_neighbor and its auxiliary functions */
-+typedef enum {
-+ /* unit of internal item is moved */
-+ SUBTREE_MOVED = 0,
-+ /* nothing else can be squeezed into left neighbor */
-+ SQUEEZE_TARGET_FULL = 1,
-+ /* all content of node is squeezed into its left neighbor */
-+ SQUEEZE_SOURCE_EMPTY = 2,
-+ /* one more item is copied (this is only returned by
-+ allocate_and_copy_extent to squalloc_twig)) */
-+ SQUEEZE_CONTINUE = 3
-+} squeeze_result;
-+
-+/* Do not change items ids. If you do - there will be format change */
-+typedef enum {
-+ STATIC_STAT_DATA_ID = 0x0,
-+ SIMPLE_DIR_ENTRY_ID = 0x1,
-+ COMPOUND_DIR_ID = 0x2,
-+ NODE_POINTER_ID = 0x3,
-+ EXTENT_POINTER_ID = 0x5,
-+ FORMATTING_ID = 0x6,
-+ CTAIL_ID = 0x7,
-+ BLACK_BOX_ID = 0x8,
-+ LAST_ITEM_ID = 0x9
-+} item_id;
-+
-+/* Flags passed to jnode_flush() to allow it to distinguish default settings based on
-+ whether commit() was called or VM memory pressure was applied. */
-+typedef enum {
-+ /* submit flush queue to disk at jnode_flush completion */
-+ JNODE_FLUSH_WRITE_BLOCKS = 1,
-+
-+ /* flush is called for commit */
-+ JNODE_FLUSH_COMMIT = 2,
-+ /* not implemented */
-+ JNODE_FLUSH_MEMORY_FORMATTED = 4,
-+
-+ /* not implemented */
-+ JNODE_FLUSH_MEMORY_UNFORMATTED = 8,
-+} jnode_flush_flags;
-+
-+/* Flags to insert/paste carry operations. Currently they only used in
-+ flushing code, but in future, they can be used to optimize for repetitive
-+ accesses. */
-+typedef enum {
-+ /* carry is not allowed to shift data to the left when trying to find
-+ free space */
-+ COPI_DONT_SHIFT_LEFT = (1 << 0),
-+ /* carry is not allowed to shift data to the right when trying to find
-+ free space */
-+ COPI_DONT_SHIFT_RIGHT = (1 << 1),
-+ /* carry is not allowed to allocate new node(s) when trying to find
-+ free space */
-+ COPI_DONT_ALLOCATE = (1 << 2),
-+ /* try to load left neighbor if its not in a cache */
-+ COPI_LOAD_LEFT = (1 << 3),
-+ /* try to load right neighbor if its not in a cache */
-+ COPI_LOAD_RIGHT = (1 << 4),
-+ /* shift insertion point to the left neighbor */
-+ COPI_GO_LEFT = (1 << 5),
-+ /* shift insertion point to the right neighbor */
-+ COPI_GO_RIGHT = (1 << 6),
-+ /* try to step back into original node if insertion into new node
-+ fails after shifting data there. */
-+ COPI_STEP_BACK = (1 << 7)
-+} cop_insert_flag;
-+
-+typedef enum {
-+ SAFE_UNLINK, /* safe-link for unlink */
-+ SAFE_TRUNCATE /* safe-link for truncate */
-+} reiser4_safe_link_t;
-+
-+/* this is to show on which list of atom jnode is */
-+typedef enum {
-+ NOT_CAPTURED,
-+ DIRTY_LIST,
-+ CLEAN_LIST,
-+ FQ_LIST,
-+ WB_LIST,
-+ OVRWR_LIST
-+} atom_list;
-+
-+
-+
-+/* __REISER4_FORWARD_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/fsdata.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/fsdata.c
-@@ -0,0 +1,803 @@
-+/* Copyright 2001, 2002, 2003, 2004, 2005 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+#include "fsdata.h"
-+#include "inode.h"
-+
-+
-+/* cache or dir_cursors */
-+static kmem_cache_t *d_cursor_cache;
-+static struct shrinker *d_cursor_shrinker;
-+
-+/* list of unused cursors */
-+static LIST_HEAD(cursor_cache);
-+
-+/* number of cursors in list of ununsed cursors */
-+static unsigned long d_cursor_unused = 0;
-+
-+/* spinlock protecting manipulations with dir_cursor's hash table and lists */
-+DEFINE_SPINLOCK(d_lock);
-+
-+static reiser4_file_fsdata *create_fsdata(struct file *file);
-+static int file_is_stateless(struct file *file);
-+static void free_fsdata(reiser4_file_fsdata *fsdata);
-+static void kill_cursor(dir_cursor *);
-+
-+/**
-+ * d_cursor_shrink - shrink callback for cache of dir_cursor-s
-+ * @nr: number of objects to free
-+ * @mask: GFP mask
-+ *
-+ * Shrinks d_cursor_cache. Scan LRU list of unused cursors, freeing requested
-+ * number. Return number of still freeable cursors.
-+ */
-+static int d_cursor_shrink(int nr, gfp_t mask)
-+{
-+ if (nr != 0) {
-+ dir_cursor *scan;
-+ int killed;
-+
-+ killed = 0;
-+ spin_lock(&d_lock);
-+ while (!list_empty(&cursor_cache)) {
-+ scan = list_entry(cursor_cache.next, dir_cursor, alist);
-+ assert("nikita-3567", scan->ref == 0);
-+ kill_cursor(scan);
-+ ++killed;
-+ --nr;
-+ if (nr == 0)
-+ break;
-+ }
-+ spin_unlock(&d_lock);
-+ }
-+ return d_cursor_unused;
-+}
-+
-+/**
-+ * init_d_cursor - create d_cursor cache
-+ *
-+ * Initializes slab cache of d_cursors. It is part of reiser4 module
-+ * initialization.
-+ */
-+int init_d_cursor(void)
-+{
-+ d_cursor_cache = kmem_cache_create("d_cursor", sizeof(dir_cursor), 0,
-+ SLAB_HWCACHE_ALIGN, NULL, NULL);
-+ if (d_cursor_cache == NULL)
-+ return RETERR(-ENOMEM);
-+
-+ /*
-+ * actually, d_cursors are "priceless", because there is no way to
-+ * recover information stored in them. On the other hand, we don't
-+ * want to consume all kernel memory by them. As a compromise, just
-+ * assign higher "seeks" value to d_cursor cache, so that it will be
-+ * shrunk only if system is really tight on memory.
-+ */
-+ d_cursor_shrinker = set_shrinker(DEFAULT_SEEKS << 3,
-+ d_cursor_shrink);
-+ if (d_cursor_shrinker == NULL) {
-+ destroy_reiser4_cache(&d_cursor_cache);
-+ d_cursor_cache = NULL;
-+ return RETERR(-ENOMEM);
-+ }
-+ return 0;
-+}
-+
-+/**
-+ * done_d_cursor - delete d_cursor cache and d_cursor shrinker
-+ *
-+ * This is called on reiser4 module unloading or system shutdown.
-+ */
-+void done_d_cursor(void)
-+{
-+ BUG_ON(d_cursor_shrinker == NULL);
-+ remove_shrinker(d_cursor_shrinker);
-+ d_cursor_shrinker = NULL;
-+
-+ destroy_reiser4_cache(&d_cursor_cache);
-+}
-+
-+#define D_CURSOR_TABLE_SIZE (256)
-+
-+static inline unsigned long
-+d_cursor_hash(d_cursor_hash_table *table, const d_cursor_key *key)
-+{
-+ assert("nikita-3555", IS_POW(D_CURSOR_TABLE_SIZE));
-+ return (key->oid + key->cid) & (D_CURSOR_TABLE_SIZE - 1);
-+}
-+
-+static inline int d_cursor_eq(const d_cursor_key *k1, const d_cursor_key *k2)
-+{
-+ return k1->cid == k2->cid && k1->oid == k2->oid;
-+}
-+
-+/*
-+ * define functions to manipulate reiser4 super block's hash table of
-+ * dir_cursors
-+ */
-+#define KMALLOC(size) kmalloc((size), get_gfp_mask())
-+#define KFREE(ptr, size) kfree(ptr)
-+TYPE_SAFE_HASH_DEFINE(d_cursor,
-+ dir_cursor,
-+ d_cursor_key, key, hash, d_cursor_hash, d_cursor_eq);
-+#undef KFREE
-+#undef KMALLOC
-+
-+/**
-+ * init_super_d_info - initialize per-super-block d_cursor resources
-+ * @super: super block to initialize
-+ *
-+ * Initializes per-super-block d_cursor's hash table and radix tree. It is part
-+ * of mount.
-+ */
-+int init_super_d_info(struct super_block *super)
-+{
-+ d_cursor_info *p;
-+
-+ p = &get_super_private(super)->d_info;
-+
-+ INIT_RADIX_TREE(&p->tree, get_gfp_mask());
-+ return d_cursor_hash_init(&p->table, D_CURSOR_TABLE_SIZE);
-+}
-+
-+/**
-+ * done_super_d_info - release per-super-block d_cursor resources
-+ * @super: super block being umounted
-+ *
-+ * It is called on umount. Kills all directory cursors attached to suoer block.
-+ */
-+void done_super_d_info(struct super_block *super)
-+{
-+ d_cursor_info *d_info;
-+ dir_cursor *cursor, *next;
-+
-+ d_info = &get_super_private(super)->d_info;
-+ for_all_in_htable(&d_info->table, d_cursor, cursor, next)
-+ kill_cursor(cursor);
-+
-+ BUG_ON(d_info->tree.rnode != NULL);
-+ d_cursor_hash_done(&d_info->table);
-+}
-+
-+/**
-+ * kill_cursor - free dir_cursor and reiser4_file_fsdata attached to it
-+ * @cursor: cursor to free
-+ *
-+ * Removes reiser4_file_fsdata attached to @cursor from readdir list of
-+ * reiser4_inode, frees that reiser4_file_fsdata. Removes @cursor from from
-+ * indices, hash table, list of unused cursors and frees it.
-+ */
-+static void kill_cursor(dir_cursor *cursor)
-+{
-+ unsigned long index;
-+
-+ assert("nikita-3566", cursor->ref == 0);
-+ assert("nikita-3572", cursor->fsdata != NULL);
-+
-+ index = (unsigned long)cursor->key.oid;
-+ list_del_init(&cursor->fsdata->dir.linkage);
-+ free_fsdata(cursor->fsdata);
-+ cursor->fsdata = NULL;
-+
-+ if (list_empty_careful(&cursor->list))
-+ /* this is last cursor for a file. Kill radix-tree entry */
-+ radix_tree_delete(&cursor->info->tree, index);
-+ else {
-+ void **slot;
-+
-+ /*
-+ * there are other cursors for the same oid.
-+ */
-+
-+ /*
-+ * if radix tree point to the cursor being removed, re-target
-+ * radix tree slot to the next cursor in the (non-empty as was
-+ * checked above) element of the circular list of all cursors
-+ * for this oid.
-+ */
-+ slot = radix_tree_lookup_slot(&cursor->info->tree, index);
-+ assert("nikita-3571", *slot != NULL);
-+ if (*slot == cursor)
-+ *slot = list_entry(cursor->list.next, dir_cursor, list);
-+ /* remove cursor from circular list */
-+ list_del_init(&cursor->list);
-+ }
-+ /* remove cursor from the list of unused cursors */
-+ list_del_init(&cursor->alist);
-+ /* remove cursor from the hash table */
-+ d_cursor_hash_remove(&cursor->info->table, cursor);
-+ /* and free it */
-+ kmem_cache_free(d_cursor_cache, cursor);
-+ --d_cursor_unused;
-+}
-+
-+/* possible actions that can be performed on all cursors for the given file */
-+enum cursor_action {
-+ /*
-+ * load all detached state: this is called when stat-data is loaded
-+ * from the disk to recover information about all pending readdirs
-+ */
-+ CURSOR_LOAD,
-+ /*
-+ * detach all state from inode, leaving it in the cache. This is called
-+ * when inode is removed form the memory by memory pressure
-+ */
-+ CURSOR_DISPOSE,
-+ /*
-+ * detach cursors from the inode, and free them. This is called when
-+ * inode is destroyed
-+ */
-+ CURSOR_KILL
-+};
-+
-+/*
-+ * return d_cursor data for the file system @inode is in.
-+ */
-+static inline d_cursor_info *d_info(struct inode *inode)
-+{
-+ return &get_super_private(inode->i_sb)->d_info;
-+}
-+
-+/*
-+ * lookup d_cursor in the per-super-block radix tree.
-+ */
-+static inline dir_cursor *lookup(d_cursor_info * info, unsigned long index)
-+{
-+ return (dir_cursor *) radix_tree_lookup(&info->tree, index);
-+}
-+
-+/*
-+ * attach @cursor to the radix tree. There may be multiple cursors for the
-+ * same oid, they are chained into circular list.
-+ */
-+static void bind_cursor(dir_cursor * cursor, unsigned long index)
-+{
-+ dir_cursor *head;
-+
-+ head = lookup(cursor->info, index);
-+ if (head == NULL) {
-+ /* this is the first cursor for this index */
-+ INIT_LIST_HEAD(&cursor->list);
-+ radix_tree_insert(&cursor->info->tree, index, cursor);
-+ } else {
-+ /* some cursor already exists. Chain ours */
-+ list_add(&cursor->list, &head->list);
-+ }
-+}
-+
-+/*
-+ * detach fsdata (if detachable) from file descriptor, and put cursor on the
-+ * "unused" list. Called when file descriptor is not longer in active use.
-+ */
-+static void clean_fsdata(struct file *file)
-+{
-+ dir_cursor *cursor;
-+ reiser4_file_fsdata *fsdata;
-+
-+ assert("nikita-3570", file_is_stateless(file));
-+
-+ fsdata = (reiser4_file_fsdata *) file->private_data;
-+ if (fsdata != NULL) {
-+ cursor = fsdata->cursor;
-+ if (cursor != NULL) {
-+ spin_lock(&d_lock);
-+ --cursor->ref;
-+ if (cursor->ref == 0) {
-+ list_add_tail(&cursor->alist, &cursor_cache);
-+ ++d_cursor_unused;
-+ }
-+ spin_unlock(&d_lock);
-+ file->private_data = NULL;
-+ }
-+ }
-+}
-+
-+/*
-+ * global counter used to generate "client ids". These ids are encoded into
-+ * high bits of fpos.
-+ */
-+static __u32 cid_counter = 0;
-+#define CID_SHIFT (20)
-+#define CID_MASK (0xfffffull)
-+
-+static void free_file_fsdata_nolock(struct file *);
-+
-+/**
-+ * insert_cursor - allocate file_fsdata, insert cursor to tree and hash table
-+ * @cursor:
-+ * @file:
-+ * @inode:
-+ *
-+ * Allocates reiser4_file_fsdata, attaches it to @cursor, inserts cursor to
-+ * reiser4 super block's hash table and radix tree.
-+ add detachable readdir
-+ * state to the @f
-+ */
-+static int insert_cursor(dir_cursor *cursor, struct file *file,
-+ struct inode *inode)
-+{
-+ int result;
-+ reiser4_file_fsdata *fsdata;
-+
-+ memset(cursor, 0, sizeof *cursor);
-+
-+ /* this is either first call to readdir, or rewind. Anyway, create new
-+ * cursor. */
-+ fsdata = create_fsdata(NULL);
-+ if (fsdata != NULL) {
-+ result = radix_tree_preload(get_gfp_mask());
-+ if (result == 0) {
-+ d_cursor_info *info;
-+ oid_t oid;
-+
-+ info = d_info(inode);
-+ oid = get_inode_oid(inode);
-+ /* cid occupies higher 12 bits of f->f_pos. Don't
-+ * allow it to become negative: this confuses
-+ * nfsd_readdir() */
-+ cursor->key.cid = (++cid_counter) & 0x7ff;
-+ cursor->key.oid = oid;
-+ cursor->fsdata = fsdata;
-+ cursor->info = info;
-+ cursor->ref = 1;
-+
-+ spin_lock_inode(inode);
-+ /* install cursor as @f's private_data, discarding old
-+ * one if necessary */
-+#if REISER4_DEBUG
-+ if (file->private_data)
-+ warning("", "file has fsdata already");
-+#endif
-+ clean_fsdata(file);
-+ free_file_fsdata_nolock(file);
-+ file->private_data = fsdata;
-+ fsdata->cursor = cursor;
-+ spin_unlock_inode(inode);
-+ spin_lock(&d_lock);
-+ /* insert cursor into hash table */
-+ d_cursor_hash_insert(&info->table, cursor);
-+ /* and chain it into radix-tree */
-+ bind_cursor(cursor, (unsigned long)oid);
-+ spin_unlock(&d_lock);
-+ radix_tree_preload_end();
-+ file->f_pos = ((__u64) cursor->key.cid) << CID_SHIFT;
-+ }
-+ } else
-+ result = RETERR(-ENOMEM);
-+ return result;
-+}
-+
-+/**
-+ * process_cursors - do action on each cursor attached to inode
-+ * @inode:
-+ * @act: action to do
-+ *
-+ * Finds all cursors of @inode in reiser4's super block radix tree of cursors
-+ * and performs action specified by @act on each of cursors.
-+ */
-+static void process_cursors(struct inode *inode, enum cursor_action act)
-+{
-+ oid_t oid;
-+ dir_cursor *start;
-+ struct list_head *head;
-+ reiser4_context *ctx;
-+ d_cursor_info *info;
-+
-+ /* this can be called by
-+ *
-+ * kswapd->...->prune_icache->..reiser4_destroy_inode
-+ *
-+ * without reiser4_context
-+ */
-+ ctx = init_context(inode->i_sb);
-+ if (IS_ERR(ctx)) {
-+ warning("vs-23", "failed to init context");
-+ return;
-+ }
-+
-+ assert("nikita-3558", inode != NULL);
-+
-+ info = d_info(inode);
-+ oid = get_inode_oid(inode);
-+ spin_lock_inode(inode);
-+ head = get_readdir_list(inode);
-+ spin_lock(&d_lock);
-+ /* find any cursor for this oid: reference to it is hanging of radix
-+ * tree */
-+ start = lookup(info, (unsigned long)oid);
-+ if (start != NULL) {
-+ dir_cursor *scan;
-+ reiser4_file_fsdata *fsdata;
-+
-+ /* process circular list of cursors for this oid */
-+ scan = start;
-+ do {
-+ dir_cursor *next;
-+
-+ next = list_entry(scan->list.next, dir_cursor, list);
-+ fsdata = scan->fsdata;
-+ assert("nikita-3557", fsdata != NULL);
-+ if (scan->key.oid == oid) {
-+ switch (act) {
-+ case CURSOR_DISPOSE:
-+ list_del_init(&fsdata->dir.linkage);
-+ break;
-+ case CURSOR_LOAD:
-+ list_add(&fsdata->dir.linkage, head);
-+ break;
-+ case CURSOR_KILL:
-+ kill_cursor(scan);
-+ break;
-+ }
-+ }
-+ if (scan == next)
-+ /* last cursor was just killed */
-+ break;
-+ scan = next;
-+ } while (scan != start);
-+ }
-+ spin_unlock(&d_lock);
-+ /* check that we killed 'em all */
-+ assert("nikita-3568",
-+ ergo(act == CURSOR_KILL,
-+ list_empty_careful(get_readdir_list(inode))));
-+ assert("nikita-3569",
-+ ergo(act == CURSOR_KILL, lookup(info, oid) == NULL));
-+ spin_unlock_inode(inode);
-+ reiser4_exit_context(ctx);
-+}
-+
-+/**
-+ * dispose_cursors - removes cursors from inode's list
-+ * @inode: inode to dispose cursors of
-+ *
-+ * For each of cursors corresponding to @inode - removes reiser4_file_fsdata
-+ * attached to cursor from inode's readdir list. This is called when inode is
-+ * removed from the memory by memory pressure.
-+ */
-+void dispose_cursors(struct inode *inode)
-+{
-+ process_cursors(inode, CURSOR_DISPOSE);
-+}
-+
-+/**
-+ * load_cursors - attach cursors to inode
-+ * @inode: inode to load cursors to
-+ *
-+ * For each of cursors corresponding to @inode - attaches reiser4_file_fsdata
-+ * attached to cursor to inode's readdir list. This is done when inode is
-+ * loaded into memory.
-+ */
-+void load_cursors(struct inode *inode)
-+{
-+ process_cursors(inode, CURSOR_LOAD);
-+}
-+
-+/**
-+ * kill_cursors - kill all inode cursors
-+ * @inode: inode to kill cursors of
-+ *
-+ * Frees all cursors for this inode. This is called when inode is destroyed.
-+ */
-+void kill_cursors(struct inode *inode)
-+{
-+ process_cursors(inode, CURSOR_KILL);
-+}
-+
-+/**
-+ * file_is_stateless -
-+ * @file:
-+ *
-+ * true, if file descriptor @f is created by NFS server by "demand" to serve
-+ * one file system operation. This means that there may be "detached state"
-+ * for underlying inode.
-+ */
-+static int file_is_stateless(struct file *file)
-+{
-+ return reiser4_get_dentry_fsdata(file->f_dentry)->stateless;
-+}
-+
-+/**
-+ * get_dir_fpos -
-+ * @dir:
-+ *
-+ * Calculates ->fpos from user-supplied cookie. Normally it is dir->f_pos, but
-+ * in the case of stateless directory operation (readdir-over-nfs), client id
-+ * was encoded in the high bits of cookie and should me masked off.
-+ */
-+loff_t get_dir_fpos(struct file *dir)
-+{
-+ if (file_is_stateless(dir))
-+ return dir->f_pos & CID_MASK;
-+ else
-+ return dir->f_pos;
-+}
-+
-+/**
-+ * try_to_attach_fsdata - ???
-+ * @file:
-+ * @inode:
-+ *
-+ * Finds or creates cursor for readdir-over-nfs.
-+ */
-+int try_to_attach_fsdata(struct file *file, struct inode *inode)
-+{
-+ loff_t pos;
-+ int result;
-+ dir_cursor *cursor;
-+
-+ /*
-+ * we are serialized by inode->i_mutex
-+ */
-+ if (!file_is_stateless(file))
-+ return 0;
-+
-+ pos = file->f_pos;
-+ result = 0;
-+ if (pos == 0) {
-+ /*
-+ * first call to readdir (or rewind to the beginning of
-+ * directory)
-+ */
-+ cursor = kmem_cache_alloc(d_cursor_cache, get_gfp_mask());
-+ if (cursor != NULL)
-+ result = insert_cursor(cursor, file, inode);
-+ else
-+ result = RETERR(-ENOMEM);
-+ } else {
-+ /* try to find existing cursor */
-+ d_cursor_key key;
-+
-+ key.cid = pos >> CID_SHIFT;
-+ key.oid = get_inode_oid(inode);
-+ spin_lock(&d_lock);
-+ cursor = d_cursor_hash_find(&d_info(inode)->table, &key);
-+ if (cursor != NULL) {
-+ /* cursor was found */
-+ if (cursor->ref == 0) {
-+ /* move it from unused list */
-+ list_del_init(&cursor->alist);
-+ --d_cursor_unused;
-+ }
-+ ++cursor->ref;
-+ }
-+ spin_unlock(&d_lock);
-+ if (cursor != NULL) {
-+ spin_lock_inode(inode);
-+ assert("nikita-3556", cursor->fsdata->back == NULL);
-+ clean_fsdata(file);
-+ free_file_fsdata_nolock(file);
-+ file->private_data = cursor->fsdata;
-+ spin_unlock_inode(inode);
-+ }
-+ }
-+ return result;
-+}
-+
-+/**
-+ * detach_fsdata - ???
-+ * @file:
-+ *
-+ * detach fsdata, if necessary
-+ */
-+void detach_fsdata(struct file *file)
-+{
-+ struct inode *inode;
-+
-+ if (!file_is_stateless(file))
-+ return;
-+
-+ inode = file->f_dentry->d_inode;
-+ spin_lock_inode(inode);
-+ clean_fsdata(file);
-+ spin_unlock_inode(inode);
-+}
-+
-+/* slab for reiser4_dentry_fsdata */
-+static kmem_cache_t *dentry_fsdata_cache;
-+
-+/**
-+ * init_dentry_fsdata - create cache of dentry_fsdata
-+ *
-+ * Initializes slab cache of structures attached to denty->d_fsdata. It is
-+ * part of reiser4 module initialization.
-+ */
-+int init_dentry_fsdata(void)
-+{
-+ dentry_fsdata_cache = kmem_cache_create("dentry_fsdata",
-+ sizeof(reiser4_dentry_fsdata),
-+ 0,
-+ SLAB_HWCACHE_ALIGN |
-+ SLAB_RECLAIM_ACCOUNT, NULL,
-+ NULL);
-+ if (dentry_fsdata_cache == NULL)
-+ return RETERR(-ENOMEM);
-+ return 0;
-+}
-+
-+/**
-+ * done_dentry_fsdata - delete cache of dentry_fsdata
-+ *
-+ * This is called on reiser4 module unloading or system shutdown.
-+ */
-+void done_dentry_fsdata(void)
-+{
-+ destroy_reiser4_cache(&dentry_fsdata_cache);
-+}
-+
-+/**
-+ * reiser4_get_dentry_fsdata - get fs-specific dentry data
-+ * @dentry: queried dentry
-+ *
-+ * Allocates if necessary and returns per-dentry data that we attach to each
-+ * dentry.
-+ */
-+reiser4_dentry_fsdata *reiser4_get_dentry_fsdata(struct dentry *dentry)
-+{
-+ assert("nikita-1365", dentry != NULL);
-+
-+ if (dentry->d_fsdata == NULL) {
-+ dentry->d_fsdata = kmem_cache_alloc(dentry_fsdata_cache,
-+ get_gfp_mask());
-+ if (dentry->d_fsdata == NULL)
-+ return ERR_PTR(RETERR(-ENOMEM));
-+ memset(dentry->d_fsdata, 0, sizeof(reiser4_dentry_fsdata));
-+ }
-+ return dentry->d_fsdata;
-+}
-+
-+/**
-+ * reiser4_free_dentry_fsdata - detach and free dentry_fsdata
-+ * @dentry: dentry to free fsdata of
-+ *
-+ * Detaches and frees fs-specific dentry data
-+ */
-+void reiser4_free_dentry_fsdata(struct dentry *dentry)
-+{
-+ if (dentry->d_fsdata != NULL) {
-+ kmem_cache_free(dentry_fsdata_cache, dentry->d_fsdata);
-+ dentry->d_fsdata = NULL;
-+ }
-+}
-+
-+
-+/* slab for reiser4_file_fsdata */
-+static kmem_cache_t *file_fsdata_cache;
-+
-+/**
-+ * init_file_fsdata - create cache of reiser4_file_fsdata
-+ *
-+ * Initializes slab cache of structures attached to file->private_data. It is
-+ * part of reiser4 module initialization.
-+ */
-+int init_file_fsdata(void)
-+{
-+ file_fsdata_cache = kmem_cache_create("file_fsdata",
-+ sizeof(reiser4_file_fsdata),
-+ 0,
-+ SLAB_HWCACHE_ALIGN |
-+ SLAB_RECLAIM_ACCOUNT, NULL, NULL);
-+ if (file_fsdata_cache == NULL)
-+ return RETERR(-ENOMEM);
-+ return 0;
-+}
-+
-+/**
-+ * done_file_fsdata - delete cache of reiser4_file_fsdata
-+ *
-+ * This is called on reiser4 module unloading or system shutdown.
-+ */
-+void done_file_fsdata(void)
-+{
-+ destroy_reiser4_cache(&file_fsdata_cache);
-+}
-+
-+/**
-+ * create_fsdata - allocate and initialize reiser4_file_fsdata
-+ * @file: what to create file_fsdata for, may be NULL
-+ *
-+ * Allocates and initializes reiser4_file_fsdata structure.
-+ */
-+static reiser4_file_fsdata *create_fsdata(struct file *file)
-+{
-+ reiser4_file_fsdata *fsdata;
-+
-+ fsdata = kmem_cache_alloc(file_fsdata_cache, get_gfp_mask());
-+ if (fsdata != NULL) {
-+ memset(fsdata, 0, sizeof *fsdata);
-+ fsdata->ra1.max_window_size = VM_MAX_READAHEAD * 1024;
-+ fsdata->back = file;
-+ INIT_LIST_HEAD(&fsdata->dir.linkage);
-+ }
-+ return fsdata;
-+}
-+
-+/**
-+ * free_fsdata - free reiser4_file_fsdata
-+ * @fsdata: object to free
-+ *
-+ * Dual to create_fsdata(). Free reiser4_file_fsdata.
-+ */
-+static void free_fsdata(reiser4_file_fsdata *fsdata)
-+{
-+ BUG_ON(fsdata == NULL);
-+ kmem_cache_free(file_fsdata_cache, fsdata);
-+}
-+
-+/**
-+ * reiser4_get_file_fsdata - get fs-specific file data
-+ * @file: queried file
-+ *
-+ * Returns fs-specific data of @file. If it is NULL, allocates it and attaches
-+ * to @file.
-+ */
-+reiser4_file_fsdata *reiser4_get_file_fsdata(struct file *file)
-+{
-+ assert("nikita-1603", file != NULL);
-+
-+ if (file->private_data == NULL) {
-+ reiser4_file_fsdata *fsdata;
-+ struct inode *inode;
-+
-+ fsdata = create_fsdata(file);
-+ if (fsdata == NULL)
-+ return ERR_PTR(RETERR(-ENOMEM));
-+
-+ inode = file->f_dentry->d_inode;
-+ spin_lock_inode(inode);
-+ if (file->private_data == NULL) {
-+ file->private_data = fsdata;
-+ fsdata = NULL;
-+ }
-+ spin_unlock_inode(inode);
-+ if (fsdata != NULL)
-+ /* other thread initialized ->fsdata */
-+ kmem_cache_free(file_fsdata_cache, fsdata);
-+ }
-+ assert("nikita-2665", file->private_data != NULL);
-+ return file->private_data;
-+}
-+
-+/**
-+ * free_file_fsdata_nolock - detach and free reiser4_file_fsdata
-+ * @file:
-+ *
-+ * Detaches reiser4_file_fsdata from @file, removes reiser4_file_fsdata from
-+ * readdir list, frees if it is not linked to d_cursor object.
-+ */
-+static void free_file_fsdata_nolock(struct file *file)
-+{
-+ reiser4_file_fsdata *fsdata;
-+
-+ assert("", spin_inode_is_locked(file->f_dentry->d_inode));
-+ fsdata = file->private_data;
-+ if (fsdata != NULL) {
-+ list_del_init(&fsdata->dir.linkage);
-+ if (fsdata->cursor == NULL)
-+ free_fsdata(fsdata);
-+ }
-+ file->private_data = NULL;
-+}
-+
-+/**
-+ * reiser4_free_file_fsdata - detach from struct file and free reiser4_file_fsdata
-+ * @file:
-+ *
-+ * Spinlocks inode and calls free_file_fsdata_nolock to do the work.
-+ */
-+void reiser4_free_file_fsdata(struct file *file)
-+{
-+ spin_lock_inode(file->f_dentry->d_inode);
-+ free_file_fsdata_nolock(file);
-+ spin_unlock_inode(file->f_dentry->d_inode);
-+}
-+
-+/*
-+ * Local variables:
-+ * c-indentation-style: "K&R"
-+ * mode-name: "LC"
-+ * c-basic-offset: 8
-+ * tab-width: 8
-+ * fill-column: 79
-+ * End:
-+ */
-Index: linux-2.6.16/fs/reiser4/fsdata.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/fsdata.h
-@@ -0,0 +1,218 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+#if !defined( __REISER4_FSDATA_H__ )
-+#define __REISER4_FSDATA_H__
-+
-+#include "debug.h"
-+#include "kassign.h"
-+#include "seal.h"
-+#include "type_safe_hash.h"
-+#include "plugin/file/file.h"
-+#include "readahead.h"
-+
-+/*
-+ * comment about reiser4_dentry_fsdata
-+ *
-+ *
-+ */
-+
-+/*
-+ * locking: fields of per file descriptor readdir_pos and ->f_pos are
-+ * protected by ->i_mutex on inode. Under this lock following invariant
-+ * holds:
-+ *
-+ * file descriptor is "looking" at the entry_no-th directory entry from
-+ * the beginning of directory. This entry has key dir_entry_key and is
-+ * pos-th entry with duplicate-key sequence.
-+ *
-+ */
-+
-+/* logical position within directory */
-+typedef struct {
-+ /* key of directory entry (actually, part of a key sufficient to
-+ identify directory entry) */
-+ de_id dir_entry_key;
-+ /* ordinal number of directory entry among all entries with the same
-+ key. (Starting from 0.) */
-+ unsigned pos;
-+} dir_pos;
-+
-+typedef struct {
-+ /* f_pos corresponding to this readdir position */
-+ __u64 fpos;
-+ /* logical position within directory */
-+ dir_pos position;
-+ /* logical number of directory entry within
-+ directory */
-+ __u64 entry_no;
-+} readdir_pos;
-+
-+/*
-+ * this is used to speed up lookups for directory entry: on initial call to
-+ * ->lookup() seal and coord of directory entry (if found, that is) are stored
-+ * in struct dentry and reused later to avoid tree traversals.
-+ */
-+typedef struct de_location {
-+ /* seal covering directory entry */
-+ seal_t entry_seal;
-+ /* coord of directory entry */
-+ coord_t entry_coord;
-+ /* ordinal number of directory entry among all entries with the same
-+ key. (Starting from 0.) */
-+ int pos;
-+} de_location;
-+
-+/**
-+ * reiser4_dentry_fsdata - reiser4-specific data attached to dentries
-+ *
-+ * This is allocated dynamically and released in d_op->d_release()
-+ *
-+ * Currently it only contains cached location (hint) of directory entry, but
-+ * it is expected that other information will be accumulated here.
-+ */
-+typedef struct reiser4_dentry_fsdata {
-+ /*
-+ * here will go fields filled by ->lookup() to speedup next
-+ * create/unlink, like blocknr of znode with stat-data, or key of
-+ * stat-data.
-+ */
-+ de_location dec;
-+ int stateless; /* created through reiser4_decode_fh, needs special
-+ * treatment in readdir. */
-+} reiser4_dentry_fsdata;
-+
-+extern int init_dentry_fsdata(void);
-+extern void done_dentry_fsdata(void);
-+extern reiser4_dentry_fsdata *reiser4_get_dentry_fsdata(struct dentry *);
-+extern void reiser4_free_dentry_fsdata(struct dentry *dentry);
-+
-+
-+/**
-+ * reiser4_file_fsdata - reiser4-specific data attached to file->private_data
-+ *
-+ * This is allocated dynamically and released in inode->i_fop->release
-+ */
-+typedef struct reiser4_file_fsdata {
-+ /*
-+ * pointer back to the struct file which this reiser4_file_fsdata is
-+ * part of
-+ */
-+ struct file *back;
-+ /* detached cursor for stateless readdir. */
-+ struct dir_cursor *cursor;
-+ /*
-+ * We need both directory and regular file parts here, because there
-+ * are file system objects that are files and directories.
-+ */
-+ struct {
-+ /*
-+ * position in directory. It is updated each time directory is
-+ * modified
-+ */
-+ readdir_pos readdir;
-+ /* head of this list is reiser4_inode->lists.readdir_list */
-+ struct list_head linkage;
-+ } dir;
-+ /* hints to speed up operations with regular files: read and write. */
-+ struct {
-+ hint_t hint;
-+ } reg;
-+ /* */
-+ struct {
-+ /* this is called by reiser4_readpages if set */
-+ void (*readpages) (struct address_space *,
-+ struct list_head * pages, void *data);
-+ /* reiser4_readpaextended coord. It is set by read_extent before
-+ calling page_cache_readahead */
-+ void *data;
-+ } ra2;
-+ struct reiser4_file_ra_state ra1;
-+
-+} reiser4_file_fsdata;
-+
-+extern int init_file_fsdata(void);
-+extern void done_file_fsdata(void);
-+extern reiser4_file_fsdata *reiser4_get_file_fsdata(struct file *);
-+extern void reiser4_free_file_fsdata(struct file *);
-+
-+
-+/*
-+ * d_cursor is reiser4_file_fsdata not attached to struct file. d_cursors are
-+ * used to address problem reiser4 has with readdir accesses via NFS. See
-+ * plugin/file_ops_readdir.c for more details.
-+ */
-+typedef struct {
-+ __u16 cid;
-+ __u64 oid;
-+} d_cursor_key;
-+
-+/*
-+ * define structures d_cursor_hash_table d_cursor_hash_link which are used to
-+ * maintain hash table of dir_cursor-s in reiser4's super block
-+ */
-+typedef struct dir_cursor dir_cursor;
-+TYPE_SAFE_HASH_DECLARE(d_cursor, dir_cursor);
-+
-+typedef struct d_cursor_info d_cursor_info;
-+
-+struct dir_cursor {
-+ int ref;
-+ reiser4_file_fsdata *fsdata;
-+
-+ /* link to reiser4 super block hash table of cursors */
-+ d_cursor_hash_link hash;
-+
-+ /*
-+ * this is to link cursors to reiser4 super block's radix tree of
-+ * cursors if there are more than one cursor of the same objectid
-+ */
-+ struct list_head list;
-+ d_cursor_key key;
-+ d_cursor_info *info;
-+ /* list of unused cursors */
-+ struct list_head alist;
-+};
-+
-+extern int init_d_cursor(void);
-+extern void done_d_cursor(void);
-+
-+extern int init_super_d_info(struct super_block *);
-+extern void done_super_d_info(struct super_block *);
-+
-+extern loff_t get_dir_fpos(struct file *);
-+extern int try_to_attach_fsdata(struct file *, struct inode *);
-+extern void detach_fsdata(struct file *);
-+
-+
-+/* these are needed for "stateless" readdir. See plugin/file_ops_readdir.c for
-+ more details */
-+void dispose_cursors(struct inode *inode);
-+void load_cursors(struct inode *inode);
-+void kill_cursors(struct inode *inode);
-+void adjust_dir_file(struct inode *dir, const struct dentry *de, int offset, int adj);
-+
-+/*
-+ * this structure is embedded to reise4_super_info_data. It maintains d_cursors
-+ * (detached readdir state). See plugin/file_ops_readdir.c for more details.
-+ */
-+struct d_cursor_info {
-+ d_cursor_hash_table table;
-+ struct radix_tree_root tree;
-+};
-+
-+/* spinlock protecting readdir cursors */
-+extern spinlock_t d_lock;
-+
-+/* __REISER4_FSDATA_H__ */
-+#endif
-+
-+/*
-+ * Local variables:
-+ * c-indentation-style: "K&R"
-+ * mode-name: "LC"
-+ * c-basic-offset: 8
-+ * tab-width: 8
-+ * fill-column: 120
-+ * End:
-+ */
-Index: linux-2.6.16/fs/reiser4/init_super.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/init_super.c
-@@ -0,0 +1,739 @@
-+/* Copyright by Hans Reiser, 2003 */
-+
-+#include "super.h"
-+#include "inode.h"
-+#include "plugin/plugin_set.h"
-+
-+#include <linux/swap.h>
-+
-+
-+/**
-+ * init_fs_info - allocate reiser4 specific super block
-+ * @super: super block of filesystem
-+ *
-+ * Allocates and initialize reiser4_super_info_data, attaches it to
-+ * super->s_fs_info, initializes structures maintaining d_cursor-s.
-+ */
-+int init_fs_info(struct super_block *super)
-+{
-+ reiser4_super_info_data *sbinfo;
-+
-+ sbinfo = kmalloc(sizeof(reiser4_super_info_data), get_gfp_mask());
-+ if (!sbinfo)
-+ return RETERR(-ENOMEM);
-+
-+ super->s_fs_info = sbinfo;
-+ super->s_op = NULL;
-+ memset(sbinfo, 0, sizeof(*sbinfo));
-+
-+ ON_DEBUG(INIT_LIST_HEAD(&sbinfo->all_jnodes));
-+ ON_DEBUG(spin_lock_init(&sbinfo->all_guard));
-+
-+ sema_init(&sbinfo->delete_sema, 1);
-+ sema_init(&sbinfo->flush_sema, 1);
-+ spin_lock_init(&(sbinfo->guard));
-+
-+ /* initialize per-super-block d_cursor resources */
-+ init_super_d_info(super);
-+
-+ return 0;
-+}
-+
-+/**
-+ * done_fs_info - free reiser4 specific super block
-+ * @super: super block of filesystem
-+ *
-+ * Performs some sanity checks, releases structures maintaining d_cursor-s,
-+ * frees reiser4_super_info_data.
-+ */
-+void done_fs_info(struct super_block *super)
-+{
-+ assert("zam-990", super->s_fs_info != NULL);
-+
-+ /* release per-super-block d_cursor resources */
-+ done_super_d_info(super);
-+
-+ /* make sure that there are not jnodes already */
-+ assert("", list_empty(&get_super_private(super)->all_jnodes));
-+ assert("", get_current_context()->trans->atom == NULL);
-+ check_block_counters(super);
-+ kfree(super->s_fs_info);
-+ super->s_fs_info = NULL;
-+}
-+
-+/* type of option parseable by parse_option() */
-+typedef enum {
-+ /* value of option is arbitrary string */
-+ OPT_STRING,
-+
-+ /*
-+ * option specifies bit in a bitmask. When option is set - bit in
-+ * sbinfo->fs_flags is set. Examples are bsdgroups, 32bittimes, mtflush,
-+ * dont_load_bitmap, atomic_write.
-+ */
-+ OPT_BIT,
-+
-+ /*
-+ * value of option should conform to sprintf() format. Examples are
-+ * tmgr.atom_max_size=N, tmgr.atom_max_age=N
-+ */
-+ OPT_FORMAT,
-+
-+ /*
-+ * option can take one of predefined values. Example is onerror=panic or
-+ * onerror=remount-ro
-+ */
-+ OPT_ONEOF,
-+} opt_type_t;
-+
-+typedef struct opt_bitmask_bit {
-+ const char *bit_name;
-+ int bit_nr;
-+} opt_bitmask_bit;
-+
-+/* description of option parseable by parse_option() */
-+typedef struct opt_desc {
-+ /* option name.
-+
-+ parsed portion of string has a form "name=value".
-+ */
-+ const char *name;
-+ /* type of option */
-+ opt_type_t type;
-+ union {
-+ /* where to store value of string option (type == OPT_STRING) */
-+ char **string;
-+ /* description of bits for bit option (type == OPT_BIT) */
-+ struct {
-+ int nr;
-+ void *addr;
-+ } bit;
-+ /* description of format and targets for format option (type
-+ == OPT_FORMAT) */
-+ struct {
-+ const char *format;
-+ int nr_args;
-+ void *arg1;
-+ void *arg2;
-+ void *arg3;
-+ void *arg4;
-+ } f;
-+ struct {
-+ int *result;
-+ const char *list[10];
-+ } oneof;
-+ struct {
-+ void *addr;
-+ int nr_bits;
-+ opt_bitmask_bit *bits;
-+ } bitmask;
-+ } u;
-+} opt_desc_t;
-+
-+/**
-+ * parse_option - parse one option
-+ * @opt_strin: starting point of parsing
-+ * @opt: option description
-+ *
-+ * foo=bar,
-+ * ^ ^ ^
-+ * | | +-- replaced to '\0'
-+ * | +-- val_start
-+ * +-- opt_string
-+ * Figures out option type and handles option correspondingly.
-+ */
-+static int parse_option(char *opt_string, opt_desc_t *opt)
-+{
-+ char *val_start;
-+ int result;
-+ const char *err_msg;
-+
-+ /* NOTE-NIKITA think about using lib/cmdline.c functions here. */
-+
-+ val_start = strchr(opt_string, '=');
-+ if (val_start != NULL) {
-+ *val_start = '\0';
-+ ++val_start;
-+ }
-+
-+ err_msg = NULL;
-+ result = 0;
-+ switch (opt->type) {
-+ case OPT_STRING:
-+ if (val_start == NULL) {
-+ err_msg = "String arg missing";
-+ result = RETERR(-EINVAL);
-+ } else
-+ *opt->u.string = val_start;
-+ break;
-+ case OPT_BIT:
-+ if (val_start != NULL)
-+ err_msg = "Value ignored";
-+ else
-+ set_bit(opt->u.bit.nr, opt->u.bit.addr);
-+ break;
-+ case OPT_FORMAT:
-+ if (val_start == NULL) {
-+ err_msg = "Formatted arg missing";
-+ result = RETERR(-EINVAL);
-+ break;
-+ }
-+ if (sscanf(val_start, opt->u.f.format,
-+ opt->u.f.arg1, opt->u.f.arg2, opt->u.f.arg3,
-+ opt->u.f.arg4) != opt->u.f.nr_args) {
-+ err_msg = "Wrong conversion";
-+ result = RETERR(-EINVAL);
-+ }
-+ break;
-+ case OPT_ONEOF:
-+ {
-+ int i = 0;
-+
-+ if (val_start == NULL) {
-+ err_msg = "Value is missing";
-+ result = RETERR(-EINVAL);
-+ break;
-+ }
-+ err_msg = "Wrong option value";
-+ result = RETERR(-EINVAL);
-+ while (opt->u.oneof.list[i]) {
-+ if (!strcmp(opt->u.oneof.list[i], val_start)) {
-+ result = 0;
-+ err_msg = NULL;
-+ *opt->u.oneof.result = i;
-+ break;
-+ }
-+ i++;
-+ }
-+ break;
-+ }
-+ default:
-+ wrong_return_value("nikita-2100", "opt -> type");
-+ break;
-+ }
-+ if (err_msg != NULL) {
-+ warning("nikita-2496", "%s when parsing option \"%s%s%s\"",
-+ err_msg, opt->name, val_start ? "=" : "",
-+ val_start ? : "");
-+ }
-+ return result;
-+}
-+
-+/**
-+ * parse_options - parse reiser4 mount options
-+ * @opt_string: starting point
-+ * @opts: array of option description
-+ * @nr_opts: number of elements in @opts
-+ *
-+ * Parses comma separated list of reiser4 mount options.
-+ */
-+static int parse_options(char *opt_string, opt_desc_t *opts, int nr_opts)
-+{
-+ int result;
-+
-+ result = 0;
-+ while ((result == 0) && opt_string && *opt_string) {
-+ int j;
-+ char *next;
-+
-+ next = strchr(opt_string, ',');
-+ if (next != NULL) {
-+ *next = '\0';
-+ ++next;
-+ }
-+ for (j = 0; j < nr_opts; ++j) {
-+ if (!strncmp(opt_string, opts[j].name,
-+ strlen(opts[j].name))) {
-+ result = parse_option(opt_string, &opts[j]);
-+ break;
-+ }
-+ }
-+ if (j == nr_opts) {
-+ warning("nikita-2307", "Unrecognized option: \"%s\"",
-+ opt_string);
-+ /* traditionally, -EINVAL is returned on wrong mount
-+ option */
-+ result = RETERR(-EINVAL);
-+ }
-+ opt_string = next;
-+ }
-+ return result;
-+}
-+
-+#define NUM_OPT( label, fmt, addr ) \
-+ { \
-+ .name = ( label ), \
-+ .type = OPT_FORMAT, \
-+ .u = { \
-+ .f = { \
-+ .format = ( fmt ), \
-+ .nr_args = 1, \
-+ .arg1 = ( addr ), \
-+ .arg2 = NULL, \
-+ .arg3 = NULL, \
-+ .arg4 = NULL \
-+ } \
-+ } \
-+ }
-+
-+#define SB_FIELD_OPT( field, fmt ) NUM_OPT( #field, fmt, &sbinfo -> field )
-+
-+#define BIT_OPT(label, bitnr) \
-+ { \
-+ .name = label, \
-+ .type = OPT_BIT, \
-+ .u = { \
-+ .bit = { \
-+ .nr = bitnr, \
-+ .addr = &sbinfo->fs_flags \
-+ } \
-+ } \
-+ }
-+
-+#define MAX_NR_OPTIONS (30)
-+
-+/**
-+ * init_super_data - initialize reiser4 private super block
-+ * @super: super block to initialize
-+ * @opt_string: list of reiser4 mount options
-+ *
-+ * Sets various reiser4 parameters to default values. Parses mount options and
-+ * overwrites default settings.
-+ */
-+int init_super_data(struct super_block *super, char *opt_string)
-+{
-+ int result;
-+ opt_desc_t *opts, *p;
-+ reiser4_super_info_data *sbinfo = get_super_private(super);
-+
-+ /* initialize super, export, dentry operations */
-+ sbinfo->ops.super = reiser4_super_operations;
-+ sbinfo->ops.export = reiser4_export_operations;
-+ sbinfo->ops.dentry = reiser4_dentry_operations;
-+ super->s_op = &sbinfo->ops.super;
-+ super->s_export_op = &sbinfo->ops.export;
-+
-+ /* initialize transaction manager parameters to default values */
-+ sbinfo->tmgr.atom_max_size = totalram_pages / 4;
-+ sbinfo->tmgr.atom_max_age = REISER4_ATOM_MAX_AGE / HZ;
-+ sbinfo->tmgr.atom_min_size = 256;
-+ sbinfo->tmgr.atom_max_flushers = ATOM_MAX_FLUSHERS;
-+
-+ /* initialize cbk cache parameter */
-+ sbinfo->tree.cbk_cache.nr_slots = CBK_CACHE_SLOTS;
-+
-+ /* initialize flush parameters */
-+ sbinfo->flush.relocate_threshold = FLUSH_RELOCATE_THRESHOLD;
-+ sbinfo->flush.relocate_distance = FLUSH_RELOCATE_DISTANCE;
-+ sbinfo->flush.written_threshold = FLUSH_WRITTEN_THRESHOLD;
-+ sbinfo->flush.scan_maxnodes = FLUSH_SCAN_MAXNODES;
-+
-+ sbinfo->optimal_io_size = REISER4_OPTIMAL_IO_SIZE;
-+
-+ /* preliminary tree initializations */
-+ sbinfo->tree.super = super;
-+ sbinfo->tree.carry.new_node_flags = REISER4_NEW_NODE_FLAGS;
-+ sbinfo->tree.carry.new_extent_flags = REISER4_NEW_EXTENT_FLAGS;
-+ sbinfo->tree.carry.paste_flags = REISER4_PASTE_FLAGS;
-+ sbinfo->tree.carry.insert_flags = REISER4_INSERT_FLAGS;
-+ rwlock_init(&(sbinfo->tree.tree_lock));
-+ spin_lock_init(&(sbinfo->tree.epoch_lock));
-+
-+ /* initialize default readahead params */
-+ sbinfo->ra_params.max = num_physpages / 4;
-+ sbinfo->ra_params.flags = 0;
-+
-+ /* allocate memory for structure describing reiser4 mount options */
-+ opts = kmalloc(sizeof(opt_desc_t) * MAX_NR_OPTIONS, get_gfp_mask());
-+ if (opts == NULL)
-+ return RETERR(-ENOMEM);
-+
-+ /* initialize structure describing reiser4 mount options */
-+ p = opts;
-+
-+#if REISER4_DEBUG
-+# define OPT_ARRAY_CHECK if ((p) > (opts) + MAX_NR_OPTIONS) { \
-+ warning ("zam-1046", "opt array is overloaded"); break; \
-+ }
-+#else
-+# define OPT_ARRAY_CHECK noop
-+#endif
-+
-+#define PUSH_OPT(...) \
-+do { \
-+ opt_desc_t o = __VA_ARGS__; \
-+ OPT_ARRAY_CHECK; \
-+ *p ++ = o; \
-+} while (0)
-+
-+#define PUSH_SB_FIELD_OPT(field, format) PUSH_OPT(SB_FIELD_OPT(field, format))
-+#define PUSH_BIT_OPT(name, bit) PUSH_OPT(BIT_OPT(name, bit))
-+
-+ /*
-+ * tmgr.atom_max_size=N
-+ * Atoms containing more than N blocks will be forced to commit. N is
-+ * decimal.
-+ */
-+ PUSH_SB_FIELD_OPT(tmgr.atom_max_size, "%u");
-+ /*
-+ * tmgr.atom_max_age=N
-+ * Atoms older than N seconds will be forced to commit. N is decimal.
-+ */
-+ PUSH_SB_FIELD_OPT(tmgr.atom_max_age, "%u");
-+ /*
-+ * tmgr.atom_min_size=N
-+ * In committing an atom to free dirty pages, force the atom less than
-+ * N in size to fuse with another one.
-+ */
-+ PUSH_SB_FIELD_OPT(tmgr.atom_min_size, "%u");
-+ /*
-+ * tmgr.atom_max_flushers=N
-+ * limit of concurrent flushers for one atom. 0 means no limit.
-+ */
-+ PUSH_SB_FIELD_OPT(tmgr.atom_max_flushers, "%u");
-+ /*
-+ * tree.cbk_cache_slots=N
-+ * Number of slots in the cbk cache.
-+ */
-+ PUSH_SB_FIELD_OPT(tree.cbk_cache.nr_slots, "%u");
-+ /*
-+ * If flush finds more than FLUSH_RELOCATE_THRESHOLD adjacent dirty
-+ * leaf-level blocks it will force them to be relocated.
-+ */
-+ PUSH_SB_FIELD_OPT(flush.relocate_threshold, "%u");
-+ /*
-+ * If flush finds can find a block allocation closer than at most
-+ * FLUSH_RELOCATE_DISTANCE from the preceder it will relocate to that
-+ * position.
-+ */
-+ PUSH_SB_FIELD_OPT(flush.relocate_distance, "%u");
-+ /*
-+ * If we have written this much or more blocks before encountering busy
-+ * jnode in flush list - abort flushing hoping that next time we get
-+ * called this jnode will be clean already, and we will save some
-+ * seeks.
-+ */
-+ PUSH_SB_FIELD_OPT(flush.written_threshold, "%u");
-+ /* The maximum number of nodes to scan left on a level during flush. */
-+ PUSH_SB_FIELD_OPT(flush.scan_maxnodes, "%u");
-+ /* preferred IO size */
-+ PUSH_SB_FIELD_OPT(optimal_io_size, "%u");
-+ /* carry flags used for insertion of new nodes */
-+ PUSH_SB_FIELD_OPT(tree.carry.new_node_flags, "%u");
-+ /* carry flags used for insertion of new extents */
-+ PUSH_SB_FIELD_OPT(tree.carry.new_extent_flags, "%u");
-+ /* carry flags used for paste operations */
-+ PUSH_SB_FIELD_OPT(tree.carry.paste_flags, "%u");
-+ /* carry flags used for insert operations */
-+ PUSH_SB_FIELD_OPT(tree.carry.insert_flags, "%u");
-+
-+#ifdef CONFIG_REISER4_BADBLOCKS
-+ /*
-+ * Alternative master superblock location in case if it's original
-+ * location is not writeable/accessable. This is offset in BYTES.
-+ */
-+ PUSH_SB_FIELD_OPT(altsuper, "%lu");
-+#endif
-+
-+ /* turn on BSD-style gid assignment */
-+ PUSH_BIT_OPT("bsdgroups", REISER4_BSD_GID);
-+ /* turn on 32 bit times */
-+ PUSH_BIT_OPT("32bittimes", REISER4_32_BIT_TIMES);
-+ /* turn off concurrent flushing */
-+ PUSH_BIT_OPT("mtflush", REISER4_MTFLUSH);
-+ /*
-+ * Don't load all bitmap blocks at mount time, it is useful for
-+ * machines with tiny RAM and large disks.
-+ */
-+ PUSH_BIT_OPT("dont_load_bitmap", REISER4_DONT_LOAD_BITMAP);
-+ /* disable transaction commits during write() */
-+ PUSH_BIT_OPT("atomic_write", REISER4_ATOMIC_WRITE);
-+ /* disable use of write barriers in the reiser4 log writer. */
-+ PUSH_BIT_OPT("no_write_barrier", REISER4_NO_WRITE_BARRIER);
-+
-+ PUSH_OPT(
-+ {
-+ /*
-+ * tree traversal readahead parameters:
-+ * -o readahead:MAXNUM:FLAGS
-+ * MAXNUM - max number fo nodes to request readahead for: -1UL
-+ * will set it to max_sane_readahead()
-+ * FLAGS - combination of bits: RA_ADJCENT_ONLY, RA_ALL_LEVELS,
-+ * CONTINUE_ON_PRESENT
-+ */
-+ .name = "readahead",
-+ .type = OPT_FORMAT,
-+ .u = {
-+ .f = {
-+ .format = "%u:%u",
-+ .nr_args = 2,
-+ .arg1 = &sbinfo->ra_params.max,
-+ .arg2 = &sbinfo->ra_params.flags,
-+ .arg3 = NULL,
-+ .arg4 = NULL
-+ }
-+ }
-+ }
-+ );
-+
-+ /* What to do in case of fs error */
-+ PUSH_OPT(
-+ {
-+ .name = "onerror",
-+ .type = OPT_ONEOF,
-+ .u = {
-+ .oneof = {
-+ .result = &sbinfo->onerror,
-+ .list = {
-+ "panic", "remount-ro", NULL
-+ },
-+ }
-+ }
-+ }
-+ );
-+
-+ /* modify default settings to values set by mount options */
-+ result = parse_options(opt_string, opts, p - opts);
-+ kfree(opts);
-+ if (result != 0)
-+ return result;
-+
-+ /* correct settings to sanity values */
-+ sbinfo->tmgr.atom_max_age *= HZ;
-+ if (sbinfo->tmgr.atom_max_age <= 0)
-+ /* overflow */
-+ sbinfo->tmgr.atom_max_age = REISER4_ATOM_MAX_AGE;
-+
-+ /* round optimal io size up to 512 bytes */
-+ sbinfo->optimal_io_size >>= VFS_BLKSIZE_BITS;
-+ sbinfo->optimal_io_size <<= VFS_BLKSIZE_BITS;
-+ if (sbinfo->optimal_io_size == 0) {
-+ warning("nikita-2497", "optimal_io_size is too small");
-+ return RETERR(-EINVAL);
-+ }
-+
-+ /* disable single-threaded flush as it leads to deadlock */
-+ sbinfo->fs_flags |= (1 << REISER4_MTFLUSH);
-+ return result;
-+}
-+
-+/**
-+ * init_read_super - read reiser4 master super block
-+ * @super: super block to fill
-+ * @silent: if 0 - print warnings
-+ *
-+ * Reads reiser4 master super block either from predefined location or from
-+ * location specified by altsuper mount option, initializes disk format plugin.
-+ */
-+int init_read_super(struct super_block *super, int silent)
-+{
-+ struct buffer_head *super_bh;
-+ struct reiser4_master_sb *master_sb;
-+ reiser4_super_info_data *sbinfo = get_super_private(super);
-+ unsigned long blocksize;
-+
-+ read_super_block:
-+#ifdef CONFIG_REISER4_BADBLOCKS
-+ if (sbinfo->altsuper)
-+ /*
-+ * read reiser4 master super block at position specified by
-+ * mount option
-+ */
-+ super_bh = sb_bread(super,
-+ (sector_t)(sbinfo->altsuper / super->s_blocksize));
-+ else
-+#endif
-+ /* read reiser4 master super block at 16-th 4096 block */
-+ super_bh = sb_bread(super,
-+ (sector_t)(REISER4_MAGIC_OFFSET / super->s_blocksize));
-+ if (!super_bh)
-+ return RETERR(-EIO);
-+
-+ master_sb = (struct reiser4_master_sb *)super_bh->b_data;
-+ /* check reiser4 magic string */
-+ if (!strncmp(master_sb->magic, REISER4_SUPER_MAGIC_STRING,
-+ sizeof(REISER4_SUPER_MAGIC_STRING))) {
-+ /* reiser4 master super block contains filesystem blocksize */
-+ blocksize = le16_to_cpu(get_unaligned(&master_sb->blocksize));
-+
-+ if (blocksize != PAGE_CACHE_SIZE) {
-+ /*
-+ * currenly reiser4's blocksize must be equal to
-+ * pagesize
-+ */
-+ if (!silent)
-+ warning("nikita-2609",
-+ "%s: wrong block size %ld\n", super->s_id,
-+ blocksize);
-+ brelse(super_bh);
-+ return RETERR(-EINVAL);
-+ }
-+ if (blocksize != super->s_blocksize) {
-+ /*
-+ * filesystem uses different blocksize. Reread master
-+ * super block with correct blocksize
-+ */
-+ brelse(super_bh);
-+ if (!sb_set_blocksize(super, (int)blocksize))
-+ return RETERR(-EINVAL);
-+ goto read_super_block;
-+ }
-+
-+ sbinfo->df_plug =
-+ disk_format_plugin_by_id(
-+ le16_to_cpu(get_unaligned(&master_sb->disk_plugin_id)));
-+ if (sbinfo->df_plug == NULL) {
-+ if (!silent)
-+ warning("nikita-26091",
-+ "%s: unknown disk format plugin %d\n",
-+ super->s_id,
-+ le16_to_cpu(get_unaligned(&master_sb->disk_plugin_id)));
-+ brelse(super_bh);
-+ return RETERR(-EINVAL);
-+ }
-+ sbinfo->diskmap_block = le64_to_cpu(get_unaligned(&master_sb->diskmap));
-+ brelse(super_bh);
-+ return 0;
-+ }
-+
-+ /* there is no reiser4 on the device */
-+ if (!silent)
-+ warning("nikita-2608",
-+ "%s: wrong master super block magic", super->s_id);
-+ brelse(super_bh);
-+ return RETERR(-EINVAL);
-+}
-+
-+static struct {
-+ reiser4_plugin_type type;
-+ reiser4_plugin_id id;
-+} default_plugins[PSET_LAST] = {
-+ [PSET_FILE] = {
-+ .type = REISER4_FILE_PLUGIN_TYPE,
-+ .id = UNIX_FILE_PLUGIN_ID
-+ },
-+ [PSET_DIR] = {
-+ .type = REISER4_DIR_PLUGIN_TYPE,
-+ .id = HASHED_DIR_PLUGIN_ID
-+ },
-+ [PSET_HASH] = {
-+ .type = REISER4_HASH_PLUGIN_TYPE,
-+ .id = R5_HASH_ID
-+ },
-+ [PSET_FIBRATION] = {
-+ .type = REISER4_FIBRATION_PLUGIN_TYPE,
-+ .id = FIBRATION_DOT_O
-+ },
-+ [PSET_PERM] = {
-+ .type = REISER4_PERM_PLUGIN_TYPE,
-+ .id = NULL_PERM_ID
-+ },
-+ [PSET_FORMATTING] = {
-+ .type = REISER4_FORMATTING_PLUGIN_TYPE,
-+ .id = SMALL_FILE_FORMATTING_ID
-+ },
-+ [PSET_SD] = {
-+ .type = REISER4_ITEM_PLUGIN_TYPE,
-+ .id = STATIC_STAT_DATA_ID
-+ },
-+ [PSET_DIR_ITEM] = {
-+ .type = REISER4_ITEM_PLUGIN_TYPE,
-+ .id = COMPOUND_DIR_ID
-+ },
-+ [PSET_CIPHER] = {
-+ .type = REISER4_CIPHER_PLUGIN_TYPE,
-+ .id = NONE_CIPHER_ID
-+ },
-+ [PSET_DIGEST] = {
-+ .type = REISER4_DIGEST_PLUGIN_TYPE,
-+ .id = SHA256_32_DIGEST_ID
-+ },
-+ [PSET_COMPRESSION] = {
-+ .type = REISER4_COMPRESSION_PLUGIN_TYPE,
-+ .id = LZO1_COMPRESSION_ID
-+ },
-+ [PSET_COMPRESSION_MODE] = {
-+ .type = REISER4_COMPRESSION_MODE_PLUGIN_TYPE,
-+ .id = COL_16_COMPRESSION_MODE_ID
-+ },
-+ [PSET_CLUSTER] = {
-+ .type = REISER4_CLUSTER_PLUGIN_TYPE,
-+ .id = CLUSTER_64K_ID
-+ },
-+ [PSET_REGULAR_ENTRY] = {
-+ .type = REISER4_REGULAR_PLUGIN_TYPE,
-+ .id = UF_REGULAR_ID
-+ }
-+};
-+
-+/* access to default plugin table */
-+static reiser4_plugin *get_default_plugin(pset_member memb)
-+{
-+ return plugin_by_id(default_plugins[memb].type,
-+ default_plugins[memb].id);
-+}
-+
-+/**
-+ * init_root_inode - obtain inode of root directory
-+ * @super: super block of filesystem
-+ *
-+ * Obtains inode of root directory (reading it from disk), initializes plugin
-+ * set it was not initialized.
-+ */
-+int init_root_inode(struct super_block *super)
-+{
-+ reiser4_super_info_data *sbinfo = get_super_private(super);
-+ struct inode *inode;
-+ int result = 0;
-+
-+ inode = reiser4_iget(super, sbinfo->df_plug->root_dir_key(super), 0);
-+ if (IS_ERR(inode))
-+ return RETERR(PTR_ERR(inode));
-+
-+ super->s_root = d_alloc_root(inode);
-+ if (!super->s_root) {
-+ iput(inode);
-+ return RETERR(-ENOMEM);
-+ }
-+
-+ super->s_root->d_op = &sbinfo->ops.dentry;
-+
-+ if (!is_inode_loaded(inode)) {
-+ pset_member memb;
-+
-+ for (memb = 0; memb < PSET_LAST; ++memb) {
-+ reiser4_plugin *plug;
-+
-+ plug = get_default_plugin(memb);
-+ result = grab_plugin_from(inode, memb, plug);
-+ if (result != 0)
-+ break;
-+ }
-+
-+ if (result == 0) {
-+ if (REISER4_DEBUG) {
-+ plugin_set *pset;
-+
-+ pset = reiser4_inode_data(inode)->pset;
-+ for (memb = 0; memb < PSET_LAST; ++memb)
-+ assert("nikita-3500",
-+ pset_get(pset, memb) != NULL);
-+ }
-+ } else
-+ warning("nikita-3448", "Cannot set plugins of root: %i",
-+ result);
-+ reiser4_iget_complete(inode);
-+ }
-+ super->s_maxbytes = MAX_LFS_FILESIZE;
-+ return result;
-+}
-+
-+/*
-+ * Local variables:
-+ * c-indentation-style: "K&R"
-+ * mode-name: "LC"
-+ * c-basic-offset: 8
-+ * tab-width: 8
-+ * fill-column: 79
-+ * End:
-+ */
-Index: linux-2.6.16/fs/reiser4/inode.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/inode.c
-@@ -0,0 +1,727 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* Inode specific operations. */
-+
-+#include "forward.h"
-+#include "debug.h"
-+#include "key.h"
-+#include "kassign.h"
-+#include "coord.h"
-+#include "seal.h"
-+#include "dscale.h"
-+#include "plugin/item/item.h"
-+#include "plugin/security/perm.h"
-+#include "plugin/plugin.h"
-+#include "plugin/object.h"
-+#include "znode.h"
-+#include "vfs_ops.h"
-+#include "inode.h"
-+#include "super.h"
-+#include "reiser4.h"
-+
-+#include <linux/fs.h> /* for struct super_block, address_space */
-+
-+/* return reiser4 internal tree which inode belongs to */
-+/* Audited by: green(2002.06.17) */
-+reiser4_tree *tree_by_inode(const struct inode *inode /* inode queried */ )
-+{
-+ assert("nikita-256", inode != NULL);
-+ assert("nikita-257", inode->i_sb != NULL);
-+ return get_tree(inode->i_sb);
-+}
-+
-+/* return reiser4-specific inode flags */
-+static inline unsigned long *inode_flags(const struct inode *const inode)
-+{
-+ assert("nikita-2842", inode != NULL);
-+ return &reiser4_inode_data(inode)->flags;
-+}
-+
-+/* set reiser4-specific flag @f in @inode */
-+void inode_set_flag(struct inode *inode, reiser4_file_plugin_flags f)
-+{
-+ assert("nikita-2248", inode != NULL);
-+ set_bit((int)f, inode_flags(inode));
-+}
-+
-+/* clear reiser4-specific flag @f in @inode */
-+void inode_clr_flag(struct inode *inode, reiser4_file_plugin_flags f)
-+{
-+ assert("nikita-2250", inode != NULL);
-+ clear_bit((int)f, inode_flags(inode));
-+}
-+
-+/* true if reiser4-specific flag @f is set in @inode */
-+int inode_get_flag(const struct inode *inode, reiser4_file_plugin_flags f)
-+{
-+ assert("nikita-2251", inode != NULL);
-+ return test_bit((int)f, inode_flags(inode));
-+}
-+
-+/* convert oid to inode number */
-+ino_t oid_to_ino(oid_t oid)
-+{
-+ return (ino_t) oid;
-+}
-+
-+/* convert oid to user visible inode number */
-+ino_t oid_to_uino(oid_t oid)
-+{
-+ /* reiser4 object is uniquely identified by oid which is 64 bit
-+ quantity. Kernel in-memory inode is indexed (in the hash table) by
-+ 32 bit i_ino field, but this is not a problem, because there is a
-+ way to further distinguish inodes with identical inode numbers
-+ (find_actor supplied to iget()).
-+
-+ But user space expects unique 32 bit inode number. Obviously this
-+ is impossible. Work-around is to somehow hash oid into user visible
-+ inode number.
-+ */
-+ oid_t max_ino = (ino_t) ~ 0;
-+
-+ if (REISER4_INO_IS_OID || (oid <= max_ino))
-+ return oid;
-+ else
-+ /* this is remotely similar to algorithm used to find next pid
-+ to use for process: after wrap-around start from some
-+ offset rather than from 0. Idea is that there are some long
-+ living objects with which we don't want to collide.
-+ */
-+ return REISER4_UINO_SHIFT + ((oid - max_ino) & (max_ino >> 1));
-+}
-+
-+/* check that "inode" is on reiser4 file-system */
-+int is_reiser4_inode(const struct inode *inode /* inode queried */ )
-+{
-+ return inode != NULL && is_reiser4_super(inode->i_sb);
-+}
-+
-+/* Maximal length of a name that can be stored in directory @inode.
-+
-+ This is used in check during file creation and lookup. */
-+int reiser4_max_filename_len(const struct inode *inode /* inode queried */ )
-+{
-+ assert("nikita-287", is_reiser4_inode(inode));
-+ assert("nikita-1710", inode_dir_item_plugin(inode));
-+ if (inode_dir_item_plugin(inode)->s.dir.max_name_len)
-+ return inode_dir_item_plugin(inode)->s.dir.max_name_len(inode);
-+ else
-+ return 255;
-+}
-+
-+#if REISER4_USE_COLLISION_LIMIT
-+/* Maximal number of hash collisions for this directory. */
-+int max_hash_collisions(const struct inode *dir /* inode queried */ )
-+{
-+ assert("nikita-1711", dir != NULL);
-+ return reiser4_inode_data(dir)->plugin.max_collisions;
-+}
-+#endif /* REISER4_USE_COLLISION_LIMIT */
-+
-+/* Install file, inode, and address_space operation on @inode, depending on
-+ its mode. */
-+int setup_inode_ops(struct inode *inode /* inode to intialize */ ,
-+ reiser4_object_create_data * data /* parameters to create
-+ * object */ )
-+{
-+ reiser4_super_info_data *sinfo;
-+ file_plugin *fplug;
-+ dir_plugin *dplug;
-+
-+ fplug = inode_file_plugin(inode);
-+ dplug = inode_dir_plugin(inode);
-+
-+ sinfo = get_super_private(inode->i_sb);
-+
-+ switch (inode->i_mode & S_IFMT) {
-+ case S_IFSOCK:
-+ case S_IFBLK:
-+ case S_IFCHR:
-+ case S_IFIFO:
-+ {
-+ dev_t rdev; /* to keep gcc happy */
-+
-+ assert("vs-46", fplug != NULL);
-+ /* ugly hack with rdev */
-+ if (data == NULL) {
-+ rdev = inode->i_rdev;
-+ inode->i_rdev = 0;
-+ } else
-+ rdev = data->rdev;
-+ inode->i_blocks = 0;
-+ assert("vs-42", fplug->h.id == SPECIAL_FILE_PLUGIN_ID);
-+ inode->i_op = &file_plugins[fplug->h.id].inode_ops;
-+ /* initialize inode->i_fop and inode->i_rdev for block and char
-+ devices */
-+ init_special_inode(inode, inode->i_mode, rdev);
-+ /* all address space operations are null */
-+ inode->i_mapping->a_ops =
-+ &file_plugins[fplug->h.id].as_ops;
-+ break;
-+ }
-+ case S_IFLNK:
-+ assert("vs-46", fplug != NULL);
-+ assert("vs-42", fplug->h.id == SYMLINK_FILE_PLUGIN_ID);
-+ inode->i_op = &file_plugins[fplug->h.id].inode_ops;
-+ inode->i_fop = NULL;
-+ /* all address space operations are null */
-+ inode->i_mapping->a_ops = &file_plugins[fplug->h.id].as_ops;
-+ break;
-+ case S_IFDIR:
-+ assert("vs-46", dplug != NULL);
-+ assert("vs-43", (dplug->h.id == HASHED_DIR_PLUGIN_ID ||
-+ dplug->h.id == SEEKABLE_HASHED_DIR_PLUGIN_ID));
-+ inode->i_op = &dir_plugins[dplug->h.id].inode_ops;
-+ inode->i_fop = &dir_plugins[dplug->h.id].file_ops;
-+ inode->i_mapping->a_ops = &dir_plugins[dplug->h.id].as_ops;
-+ break;
-+ case S_IFREG:
-+ assert("vs-46", fplug != NULL);
-+ assert("vs-43", (fplug->h.id == UNIX_FILE_PLUGIN_ID ||
-+ fplug->h.id == CRC_FILE_PLUGIN_ID));
-+ inode->i_op = &file_plugins[fplug->h.id].inode_ops;
-+ inode->i_fop = &file_plugins[fplug->h.id].file_ops;
-+ inode->i_mapping->a_ops = &file_plugins[fplug->h.id].as_ops;
-+ break;
-+ default:
-+ warning("nikita-291", "wrong file mode: %o for %llu",
-+ inode->i_mode,
-+ (unsigned long long)get_inode_oid(inode));
-+ reiser4_make_bad_inode(inode);
-+ return RETERR(-EINVAL);
-+ }
-+ return 0;
-+}
-+
-+/* initialize inode from disk data. Called with inode locked.
-+ Return inode locked. */
-+static int init_inode(struct inode *inode /* inode to intialise */ ,
-+ coord_t * coord /* coord of stat data */ )
-+{
-+ int result;
-+ item_plugin *iplug;
-+ void *body;
-+ int length;
-+ reiser4_inode *state;
-+
-+ assert("nikita-292", coord != NULL);
-+ assert("nikita-293", inode != NULL);
-+
-+ coord_clear_iplug(coord);
-+ result = zload(coord->node);
-+ if (result)
-+ return result;
-+ iplug = item_plugin_by_coord(coord);
-+ body = item_body_by_coord(coord);
-+ length = item_length_by_coord(coord);
-+
-+ assert("nikita-295", iplug != NULL);
-+ assert("nikita-296", body != NULL);
-+ assert("nikita-297", length > 0);
-+
-+ /* inode is under I_LOCK now */
-+
-+ state = reiser4_inode_data(inode);
-+ /* call stat-data plugin method to load sd content into inode */
-+ result = iplug->s.sd.init_inode(inode, body, length);
-+ plugin_set_sd(&state->pset, iplug);
-+ if (result == 0) {
-+ result = setup_inode_ops(inode, NULL);
-+ if (result == 0 &&
-+ inode->i_sb->s_root && inode->i_sb->s_root->d_inode) {
-+ struct inode *root;
-+ pset_member ind;
-+
-+ /* take missing plugins from file-system defaults */
-+ root = inode->i_sb->s_root->d_inode;
-+ /* file and directory plugins are already initialized. */
-+ for (ind = PSET_DIR + 1; ind < PSET_LAST; ++ind) {
-+ result = grab_plugin(inode, root, ind);
-+ if (result != 0)
-+ break;
-+ }
-+ if (result != 0) {
-+ warning("nikita-3447",
-+ "Cannot set up plugins for %lli",
-+ (unsigned long long)
-+ get_inode_oid(inode));
-+ }
-+ }
-+ }
-+ zrelse(coord->node);
-+ return result;
-+}
-+
-+/* read `inode' from the disk. This is what was previously in
-+ reiserfs_read_inode2().
-+
-+ Must be called with inode locked. Return inode still locked.
-+*/
-+static int read_inode(struct inode *inode /* inode to read from disk */ ,
-+ const reiser4_key * key /* key of stat data */ ,
-+ int silent)
-+{
-+ int result;
-+ lock_handle lh;
-+ reiser4_inode *info;
-+ coord_t coord;
-+
-+ assert("nikita-298", inode != NULL);
-+ assert("nikita-1945", !is_inode_loaded(inode));
-+
-+ info = reiser4_inode_data(inode);
-+ assert("nikita-300", info->locality_id != 0);
-+
-+ coord_init_zero(&coord);
-+ init_lh(&lh);
-+ /* locate stat-data in a tree and return znode locked */
-+ result = lookup_sd(inode, ZNODE_READ_LOCK, &coord, &lh, key, silent);
-+ assert("nikita-301", !is_inode_loaded(inode));
-+ if (result == 0) {
-+ /* use stat-data plugin to load sd into inode. */
-+ result = init_inode(inode, &coord);
-+ if (result == 0) {
-+ /* initialize stat-data seal */
-+ spin_lock_inode(inode);
-+ seal_init(&info->sd_seal, &coord, key);
-+ info->sd_coord = coord;
-+ spin_unlock_inode(inode);
-+
-+ /* call file plugin's method to initialize plugin
-+ * specific part of inode */
-+ if (inode_file_plugin(inode)->init_inode_data)
-+ inode_file_plugin(inode)->init_inode_data(inode,
-+ NULL,
-+ 0);
-+ /* load detached directory cursors for stateless
-+ * directory readers (NFS). */
-+ load_cursors(inode);
-+
-+ /* Check the opened inode for consistency. */
-+ result =
-+ get_super_private(inode->i_sb)->df_plug->
-+ check_open(inode);
-+ }
-+ }
-+ /* lookup_sd() doesn't release coord because we want znode
-+ stay read-locked while stat-data fields are accessed in
-+ init_inode() */
-+ done_lh(&lh);
-+
-+ if (result != 0)
-+ reiser4_make_bad_inode(inode);
-+ return result;
-+}
-+
-+/* initialise new reiser4 inode being inserted into hash table. */
-+static int init_locked_inode(struct inode *inode /* new inode */ ,
-+ void *opaque /* key of stat data passed to the
-+ * iget5_locked as cookie */ )
-+{
-+ reiser4_key *key;
-+
-+ assert("nikita-1995", inode != NULL);
-+ assert("nikita-1996", opaque != NULL);
-+ key = opaque;
-+ set_inode_oid(inode, get_key_objectid(key));
-+ reiser4_inode_data(inode)->locality_id = get_key_locality(key);
-+ return 0;
-+}
-+
-+/* reiser4_inode_find_actor() - "find actor" supplied by reiser4 to iget5_locked().
-+
-+ This function is called by iget5_locked() to distinguish reiser4 inodes
-+ having the same inode numbers. Such inodes can only exist due to some error
-+ condition. One of them should be bad. Inodes with identical inode numbers
-+ (objectids) are distinguished by their packing locality.
-+
-+*/
-+static int reiser4_inode_find_actor(struct inode *inode /* inode from hash table to
-+ * check */ ,
-+ void *opaque /* "cookie" passed to
-+ * iget5_locked(). This is stat data
-+ * key */ )
-+{
-+ reiser4_key *key;
-+
-+ key = opaque;
-+ return
-+ /* oid is unique, so first term is enough, actually. */
-+ get_inode_oid(inode) == get_key_objectid(key) &&
-+ /*
-+ * also, locality should be checked, but locality is stored in
-+ * the reiser4-specific part of the inode, and actor can be
-+ * called against arbitrary inode that happened to be in this
-+ * hash chain. Hence we first have to check that this is
-+ * reiser4 inode at least. is_reiser4_inode() is probably too
-+ * early to call, as inode may have ->i_op not yet
-+ * initialised.
-+ */
-+ is_reiser4_super(inode->i_sb) &&
-+ /*
-+ * usually objectid is unique, but pseudo files use counter to
-+ * generate objectid. All pseudo files are placed into special
-+ * (otherwise unused) locality.
-+ */
-+ reiser4_inode_data(inode)->locality_id == get_key_locality(key);
-+}
-+
-+/* hook for kmem_cache_create */
-+void loading_init_once(reiser4_inode * info)
-+{
-+ sema_init(&info->loading, 1);
-+}
-+
-+/* for reiser4_alloc_inode */
-+void loading_alloc(reiser4_inode * info)
-+{
-+#if REISER4_DEBUG
-+ assert("vs-1717", down_trylock(&info->loading) == 0);
-+ up(&info->loading);
-+#endif
-+}
-+
-+/* for reiser4_destroy */
-+void loading_destroy(reiser4_inode * info)
-+{
-+#if REISER4_DEBUG
-+ assert("vs-1717", down_trylock(&info->loading) == 0);
-+ up(&info->loading);
-+#endif
-+}
-+
-+static void loading_down(reiser4_inode * info)
-+{
-+ down(&info->loading);
-+}
-+
-+static void loading_up(reiser4_inode * info)
-+{
-+ up(&info->loading);
-+}
-+
-+/**
-+ * reiser4_iget - obtain inode via iget5_locked, read from disk if necessary
-+ * @super: super block of filesystem
-+ * @key: key of inode's stat-data
-+ * @silent:
-+ *
-+ * This is our helper function a la iget(). This is be called by
-+ * reiser4_lookup() and reiser4_read_super(). Return inode locked or error
-+ * encountered.
-+ */
-+struct inode *reiser4_iget(struct super_block *super, const reiser4_key *key,
-+ int silent)
-+{
-+ struct inode *inode;
-+ int result;
-+ reiser4_inode *info;
-+
-+ assert("nikita-302", super != NULL);
-+ assert("nikita-303", key != NULL);
-+
-+ result = 0;
-+
-+ /* call iget(). Our ->read_inode() is dummy, so this will either
-+ find inode in cache or return uninitialised inode */
-+ inode = iget5_locked(super,
-+ (unsigned long)get_key_objectid(key),
-+ reiser4_inode_find_actor,
-+ init_locked_inode, (reiser4_key *) key);
-+ if (inode == NULL)
-+ return ERR_PTR(RETERR(-ENOMEM));
-+ if (is_bad_inode(inode)) {
-+ warning("nikita-304", "Bad inode found");
-+ print_key("key", key);
-+ iput(inode);
-+ return ERR_PTR(RETERR(-EIO));
-+ }
-+
-+ info = reiser4_inode_data(inode);
-+
-+ /* Reiser4 inode state bit REISER4_LOADED is used to distinguish fully
-+ loaded and initialized inode from just allocated inode. If
-+ REISER4_LOADED bit is not set, reiser4_iget() completes loading under
-+ info->loading. The place in reiser4 which uses not initialized inode
-+ is the reiser4 repacker, see repacker-related functions in
-+ plugin/item/extent.c */
-+ if (!is_inode_loaded(inode)) {
-+ loading_down(info);
-+ if (!is_inode_loaded(inode)) {
-+ /* locking: iget5_locked returns locked inode */
-+ assert("nikita-1941", !is_inode_loaded(inode));
-+ assert("nikita-1949",
-+ reiser4_inode_find_actor(inode,
-+ (reiser4_key *) key));
-+ /* now, inode has objectid as ->i_ino and locality in
-+ reiser4-specific part. This is enough for
-+ read_inode() to read stat data from the disk */
-+ result = read_inode(inode, key, silent);
-+ } else
-+ loading_up(info);
-+ }
-+
-+ if (inode->i_state & I_NEW)
-+ unlock_new_inode(inode);
-+
-+ if (is_bad_inode(inode)) {
-+ assert("vs-1717", result != 0);
-+ loading_up(info);
-+ iput(inode);
-+ inode = ERR_PTR(result);
-+ } else if (REISER4_DEBUG) {
-+ reiser4_key found_key;
-+
-+ assert("vs-1717", result == 0);
-+ build_sd_key(inode, &found_key);
-+ if (!keyeq(&found_key, key)) {
-+ warning("nikita-305", "Wrong key in sd");
-+ print_key("sought for", key);
-+ print_key("found", &found_key);
-+ }
-+ if (inode->i_nlink == 0) {
-+ warning("nikita-3559", "Unlinked inode found: %llu\n",
-+ (unsigned long long)get_inode_oid(inode));
-+ }
-+ }
-+ return inode;
-+}
-+
-+/* reiser4_iget() may return not fully initialized inode, this function should
-+ * be called after one completes reiser4 inode initializing. */
-+void reiser4_iget_complete(struct inode *inode)
-+{
-+ assert("zam-988", is_reiser4_inode(inode));
-+
-+ if (!is_inode_loaded(inode)) {
-+ inode_set_flag(inode, REISER4_LOADED);
-+ loading_up(reiser4_inode_data(inode));
-+ }
-+}
-+
-+void reiser4_make_bad_inode(struct inode *inode)
-+{
-+ assert("nikita-1934", inode != NULL);
-+
-+ /* clear LOADED bit */
-+ inode_clr_flag(inode, REISER4_LOADED);
-+ make_bad_inode(inode);
-+ return;
-+}
-+
-+file_plugin *inode_file_plugin(const struct inode * inode)
-+{
-+ assert("nikita-1997", inode != NULL);
-+ return reiser4_inode_data(inode)->pset->file;
-+}
-+
-+dir_plugin *inode_dir_plugin(const struct inode * inode)
-+{
-+ assert("nikita-1998", inode != NULL);
-+ return reiser4_inode_data(inode)->pset->dir;
-+}
-+
-+#if 0
-+perm_plugin *inode_perm_plugin(const struct inode * inode)
-+{
-+ assert("nikita-1999", inode != NULL);
-+ return reiser4_inode_data(inode)->pset->perm;
-+}
-+#endif /* 0 */
-+
-+formatting_plugin *inode_formatting_plugin(const struct inode * inode)
-+{
-+ assert("nikita-2000", inode != NULL);
-+ return reiser4_inode_data(inode)->pset->formatting;
-+}
-+
-+hash_plugin *inode_hash_plugin(const struct inode * inode)
-+{
-+ assert("nikita-2001", inode != NULL);
-+ return reiser4_inode_data(inode)->pset->hash;
-+}
-+
-+fibration_plugin *inode_fibration_plugin(const struct inode * inode)
-+{
-+ assert("nikita-2001", inode != NULL);
-+ return reiser4_inode_data(inode)->pset->fibration;
-+}
-+
-+cipher_plugin *inode_cipher_plugin(const struct inode * inode)
-+{
-+ assert("edward-36", inode != NULL);
-+ return reiser4_inode_data(inode)->pset->cipher;
-+}
-+
-+compression_plugin *inode_compression_plugin(const struct inode * inode)
-+{
-+ assert("edward-37", inode != NULL);
-+ return reiser4_inode_data(inode)->pset->compression;
-+}
-+
-+compression_mode_plugin *inode_compression_mode_plugin(const struct inode *
-+ inode)
-+{
-+ assert("edward-1330", inode != NULL);
-+ return reiser4_inode_data(inode)->pset->compression_mode;
-+}
-+
-+cluster_plugin *inode_cluster_plugin(const struct inode * inode)
-+{
-+ assert("edward-1328", inode != NULL);
-+ return reiser4_inode_data(inode)->pset->cluster;
-+}
-+
-+regular_plugin *inode_regular_plugin(const struct inode * inode)
-+{
-+ assert("edward-1329", inode != NULL);
-+ return reiser4_inode_data(inode)->pset->regular_entry;
-+}
-+
-+digest_plugin *inode_digest_plugin(const struct inode * inode)
-+{
-+ assert("edward-86", inode != NULL);
-+ return reiser4_inode_data(inode)->pset->digest;
-+}
-+
-+item_plugin *inode_sd_plugin(const struct inode * inode)
-+{
-+ assert("vs-534", inode != NULL);
-+ return reiser4_inode_data(inode)->pset->sd;
-+}
-+
-+item_plugin *inode_dir_item_plugin(const struct inode * inode)
-+{
-+ assert("vs-534", inode != NULL);
-+ return reiser4_inode_data(inode)->pset->dir_item;
-+}
-+
-+void inode_set_extension(struct inode *inode, sd_ext_bits ext)
-+{
-+ reiser4_inode *state;
-+
-+ assert("nikita-2716", inode != NULL);
-+ assert("nikita-2717", ext < LAST_SD_EXTENSION);
-+ assert("nikita-3491", spin_inode_is_locked(inode));
-+
-+ state = reiser4_inode_data(inode);
-+ state->extmask |= 1 << ext;
-+ /* force re-calculation of stat-data length on next call to
-+ update_sd(). */
-+ inode_clr_flag(inode, REISER4_SDLEN_KNOWN);
-+}
-+
-+void
-+inode_set_plugin(struct inode *inode, reiser4_plugin * plug, pset_member memb)
-+{
-+ assert("nikita-2718", inode != NULL);
-+ assert("nikita-2719", plug != NULL);
-+
-+ reiser4_inode_data(inode)->plugin_mask |= (1 << memb);
-+}
-+
-+void inode_check_scale_nolock(struct inode *inode, __u64 old, __u64 new)
-+{
-+ assert("edward-1287", inode != NULL);
-+ if (!dscale_fit(old, new))
-+ inode_clr_flag(inode, REISER4_SDLEN_KNOWN);
-+ return;
-+}
-+
-+void inode_check_scale(struct inode *inode, __u64 old, __u64 new)
-+{
-+ assert("nikita-2875", inode != NULL);
-+ spin_lock_inode(inode);
-+ inode_check_scale_nolock(inode, old, new);
-+ spin_unlock_inode(inode);
-+}
-+
-+/*
-+ * initialize ->ordering field of inode. This field defines how file stat-data
-+ * and body is ordered within a tree with respect to other objects within the
-+ * same parent directory.
-+ */
-+void
-+init_inode_ordering(struct inode *inode,
-+ reiser4_object_create_data * crd, int create)
-+{
-+ reiser4_key key;
-+
-+ if (create) {
-+ struct inode *parent;
-+
-+ parent = crd->parent;
-+ assert("nikita-3224", inode_dir_plugin(parent) != NULL);
-+ inode_dir_plugin(parent)->build_entry_key(parent,
-+ &crd->dentry->d_name,
-+ &key);
-+ } else {
-+ coord_t *coord;
-+
-+ coord = &reiser4_inode_data(inode)->sd_coord;
-+ coord_clear_iplug(coord);
-+ /* safe to use ->sd_coord, because node is under long term
-+ * lock */
-+ WITH_DATA(coord->node, item_key_by_coord(coord, &key));
-+ }
-+
-+ set_inode_ordering(inode, get_key_ordering(&key));
-+}
-+
-+znode *inode_get_vroot(struct inode *inode)
-+{
-+ reiser4_block_nr blk;
-+ znode *result;
-+
-+ spin_lock_inode(inode);
-+ blk = reiser4_inode_data(inode)->vroot;
-+ spin_unlock_inode(inode);
-+ if (!disk_addr_eq(&UBER_TREE_ADDR, &blk))
-+ result = zlook(tree_by_inode(inode), &blk);
-+ else
-+ result = NULL;
-+ return result;
-+}
-+
-+void inode_set_vroot(struct inode *inode, znode *vroot)
-+{
-+ spin_lock_inode(inode);
-+ reiser4_inode_data(inode)->vroot = *znode_get_block(vroot);
-+ spin_unlock_inode(inode);
-+}
-+
-+#if REISER4_DEBUG
-+
-+void inode_invariant(const struct inode *inode)
-+{
-+ assert("nikita-3077", spin_inode_is_locked(inode));
-+}
-+
-+int inode_has_no_jnodes(reiser4_inode * r4_inode)
-+{
-+ return jnode_tree_by_reiser4_inode(r4_inode)->rnode == NULL &&
-+ r4_inode->nr_jnodes == 0;
-+}
-+
-+#endif
-+
-+/* true if directory is empty (only contains dot and dotdot) */
-+/* FIXME: shouldn't it be dir plugin method? */
-+int is_dir_empty(const struct inode *dir)
-+{
-+ assert("nikita-1976", dir != NULL);
-+
-+ /* rely on our method to maintain directory i_size being equal to the
-+ number of entries. */
-+ return dir->i_size <= 2 ? 0 : RETERR(-ENOTEMPTY);
-+}
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/inode.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/inode.h
-@@ -0,0 +1,430 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* Inode functions. */
-+
-+#if !defined( __REISER4_INODE_H__ )
-+#define __REISER4_INODE_H__
-+
-+#include "forward.h"
-+#include "debug.h"
-+#include "key.h"
-+#include "seal.h"
-+#include "plugin/plugin.h"
-+#include "plugin/file/cryptcompress.h"
-+#include "plugin/file/file.h"
-+#include "plugin/dir/dir.h"
-+#include "plugin/plugin_set.h"
-+#include "plugin/security/perm.h"
-+#include "vfs_ops.h"
-+#include "jnode.h"
-+#include "fsdata.h"
-+
-+#include <linux/types.h> /* for __u?? , ino_t */
-+#include <linux/fs.h> /* for struct super_block, struct
-+ * rw_semaphore, etc */
-+#include <linux/spinlock.h>
-+#include <asm/types.h>
-+
-+/* reiser4-specific inode flags. They are "transient" and are not
-+ supposed to be stored on disk. Used to trace "state" of
-+ inode
-+*/
-+typedef enum {
-+ /* this is light-weight inode, inheriting some state from its
-+ parent */
-+ REISER4_LIGHT_WEIGHT = 0,
-+ /* stat data wasn't yet created */
-+ REISER4_NO_SD = 1,
-+ /* internal immutable flag. Currently is only used
-+ to avoid race condition during file creation.
-+ See comment in create_object(). */
-+ REISER4_IMMUTABLE = 2,
-+ /* inode was read from storage */
-+ REISER4_LOADED = 3,
-+ /* this bit is set for symlinks. inode->u.generic_ip points to target
-+ name of symlink. */
-+ REISER4_GENERIC_PTR_USED = 4,
-+ /* set if size of stat-data item for this inode is known. If this is
-+ * set we can avoid recalculating size of stat-data on each update. */
-+ REISER4_SDLEN_KNOWN = 5,
-+ /* reiser4_inode->crypt points to the crypto stat */
-+ REISER4_CRYPTO_STAT_LOADED = 6,
-+ /* cryptcompress_inode_data points to the secret key */
-+ REISER4_SECRET_KEY_INSTALLED = 7,
-+ /* File (possibly) has pages corresponding to the tail items, that
-+ * were created by ->readpage. It is set by mmap_unix_file() and
-+ * sendfile_unix_file(). This bit is inspected by write_unix_file and
-+ * kill-hook of tail items. It is never cleared once set. This bit is
-+ * modified and inspected under i_mutex. */
-+ REISER4_HAS_MMAP = 8,
-+
-+ REISER4_PART_MIXED = 9,
-+ REISER4_PART_IN_CONV = 10
-+} reiser4_file_plugin_flags;
-+
-+/* state associated with each inode.
-+ reiser4 inode.
-+
-+ NOTE-NIKITA In 2.5 kernels it is not necessary that all file-system inodes
-+ be of the same size. File-system allocates inodes by itself through
-+ s_op->allocate_inode() method. So, it is possible to adjust size of inode
-+ at the time of its creation.
-+
-+ Invariants involving parts of this data-type:
-+
-+ [inode->eflushed]
-+
-+*/
-+
-+typedef struct reiser4_inode reiser4_inode;
-+/* return pointer to reiser4-specific part of inode */
-+static inline reiser4_inode *reiser4_inode_data(const struct inode *inode
-+ /* inode queried */ );
-+
-+#if BITS_PER_LONG == 64
-+
-+#define REISER4_INO_IS_OID (1)
-+typedef struct {;
-+} oid_hi_t;
-+
-+/* BITS_PER_LONG == 64 */
-+#else
-+
-+#define REISER4_INO_IS_OID (0)
-+typedef __u32 oid_hi_t;
-+
-+/* BITS_PER_LONG == 64 */
-+#endif
-+
-+struct reiser4_inode {
-+ /* spin lock protecting fields of this structure. */
-+ spinlock_t guard;
-+ /* object plugins */
-+ plugin_set *pset;
-+ /* plugins set for inheritance */
-+ plugin_set *hset;
-+ /* high 32 bits of object id */
-+ oid_hi_t oid_hi;
-+ /* seal for stat-data */
-+ seal_t sd_seal;
-+ /* locality id for this file */
-+ oid_t locality_id;
-+#if REISER4_LARGE_KEY
-+ __u64 ordering;
-+#endif
-+ /* coord of stat-data in sealed node */
-+ coord_t sd_coord;
-+ /* bit-mask of stat-data extentions used by this file */
-+ __u64 extmask;
-+ /* bitmask of non-default plugins for this inode */
-+ __u16 plugin_mask;
-+ union {
-+ struct list_head readdir_list;
-+ struct list_head not_used;
-+ } lists;
-+ /* per-inode flags. Filled by values of reiser4_file_plugin_flags */
-+ unsigned long flags;
-+ union {
-+ /* fields specific to unix_file plugin */
-+ unix_file_info_t unix_file_info;
-+ /* fields specific to cryptcompress plugin */
-+ cryptcompress_info_t cryptcompress_info;
-+ } file_plugin_data;
-+
-+ /* tree of jnodes. Phantom jnodes (ones not attched to any atom) are
-+ tagged in that tree by EFLUSH_TAG_ANONYMOUS */
-+ struct radix_tree_root jnodes_tree;
-+#if REISER4_DEBUG
-+ /* number of unformatted node jnodes of this file in jnode hash table */
-+ unsigned long nr_jnodes;
-+#endif
-+
-+ /* block number of virtual root for this object. See comment above
-+ * fs/reiser4/search.c:handle_vroot() */
-+ reiser4_block_nr vroot;
-+ struct semaphore loading;
-+};
-+
-+void loading_init_once(reiser4_inode *);
-+void loading_alloc(reiser4_inode *);
-+void loading_destroy(reiser4_inode *);
-+
-+typedef struct reiser4_inode_object {
-+ /* private part */
-+ reiser4_inode p;
-+ /* generic fields not specific to reiser4, but used by VFS */
-+ struct inode vfs_inode;
-+} reiser4_inode_object;
-+
-+/* return pointer to the reiser4 specific portion of @inode */
-+static inline reiser4_inode *reiser4_inode_data(const struct inode *inode
-+ /* inode queried */ )
-+{
-+ assert("nikita-254", inode != NULL);
-+ return &container_of(inode, reiser4_inode_object, vfs_inode)->p;
-+}
-+
-+static inline struct inode *inode_by_reiser4_inode(const reiser4_inode *
-+ r4_inode /* inode queried */
-+ )
-+{
-+ return &container_of(r4_inode, reiser4_inode_object, p)->vfs_inode;
-+}
-+
-+/*
-+ * reiser4 inodes are identified by 64bit object-id (oid_t), but in struct
-+ * inode ->i_ino field is of type ino_t (long) that can be either 32 or 64
-+ * bits.
-+ *
-+ * If ->i_ino is 32 bits we store remaining 32 bits in reiser4 specific part
-+ * of inode, otherwise whole oid is stored in i_ino.
-+ *
-+ * Wrappers below ([sg]et_inode_oid()) are used to hide this difference.
-+ */
-+
-+#define OID_HI_SHIFT (sizeof(ino_t) * 8)
-+
-+#if REISER4_INO_IS_OID
-+
-+static inline oid_t get_inode_oid(const struct inode *inode)
-+{
-+ return inode->i_ino;
-+}
-+
-+static inline void set_inode_oid(struct inode *inode, oid_t oid)
-+{
-+ inode->i_ino = oid;
-+}
-+
-+/* REISER4_INO_IS_OID */
-+#else
-+
-+static inline oid_t get_inode_oid(const struct inode *inode)
-+{
-+ return
-+ ((__u64) reiser4_inode_data(inode)->oid_hi << OID_HI_SHIFT) |
-+ inode->i_ino;
-+}
-+
-+static inline void set_inode_oid(struct inode *inode, oid_t oid)
-+{
-+ assert("nikita-2519", inode != NULL);
-+ inode->i_ino = (ino_t) (oid);
-+ reiser4_inode_data(inode)->oid_hi = (oid) >> OID_HI_SHIFT;
-+ assert("nikita-2521", get_inode_oid(inode) == (oid));
-+}
-+
-+/* REISER4_INO_IS_OID */
-+#endif
-+
-+static inline oid_t get_inode_locality(const struct inode *inode)
-+{
-+ return reiser4_inode_data(inode)->locality_id;
-+}
-+
-+#if REISER4_LARGE_KEY
-+static inline __u64 get_inode_ordering(const struct inode *inode)
-+{
-+ return reiser4_inode_data(inode)->ordering;
-+}
-+
-+static inline void set_inode_ordering(const struct inode *inode, __u64 ordering)
-+{
-+ reiser4_inode_data(inode)->ordering = ordering;
-+}
-+
-+#else
-+
-+#define get_inode_ordering(inode) (0)
-+#define set_inode_ordering(inode, val) noop
-+
-+#endif
-+
-+/* return inode in which @uf_info is embedded */
-+static inline struct inode *unix_file_info_to_inode(const unix_file_info_t *
-+ uf_info)
-+{
-+ return &container_of(uf_info, reiser4_inode_object,
-+ p.file_plugin_data.unix_file_info)->vfs_inode;
-+}
-+
-+
-+extern ino_t oid_to_ino(oid_t oid) __attribute__ ((const));
-+extern ino_t oid_to_uino(oid_t oid) __attribute__ ((const));
-+
-+extern reiser4_tree *tree_by_inode(const struct inode *inode);
-+
-+#if REISER4_DEBUG
-+extern void inode_invariant(const struct inode *inode);
-+extern int inode_has_no_jnodes(reiser4_inode *);
-+#else
-+#define inode_invariant(inode) noop
-+#endif
-+
-+static inline int spin_inode_is_locked(const struct inode *inode)
-+{
-+ assert_spin_locked(&reiser4_inode_data(inode)->guard);
-+ return 1;
-+}
-+
-+/**
-+ * spin_lock_inode - lock reiser4_inode' embedded spinlock
-+ * @inode: inode to lock
-+ *
-+ * In debug mode it checks that lower priority locks are not held and
-+ * increments reiser4_context's lock counters on which lock ordering checking
-+ * is based.
-+ */
-+static inline void spin_lock_inode(struct inode *inode)
-+{
-+ assert("", LOCK_CNT_NIL(spin_locked));
-+ /* check lock ordering */
-+ assert_spin_not_locked(&d_lock);
-+
-+ spin_lock(&reiser4_inode_data(inode)->guard);
-+
-+ LOCK_CNT_INC(spin_locked_inode);
-+ LOCK_CNT_INC(spin_locked);
-+
-+ inode_invariant(inode);
-+}
-+
-+/**
-+ * spin_unlock_inode - unlock reiser4_inode' embedded spinlock
-+ * @inode: inode to unlock
-+ *
-+ * In debug mode it checks that spinlock is held and decrements
-+ * reiser4_context's lock counters on which lock ordering checking is based.
-+ */
-+static inline void spin_unlock_inode(struct inode *inode)
-+{
-+ assert_spin_locked(&reiser4_inode_data(inode)->guard);
-+ assert("nikita-1375", LOCK_CNT_GTZ(spin_locked_inode));
-+ assert("nikita-1376", LOCK_CNT_GTZ(spin_locked));
-+
-+ inode_invariant(inode);
-+
-+ LOCK_CNT_DEC(spin_locked_inode);
-+ LOCK_CNT_DEC(spin_locked);
-+
-+ spin_unlock(&reiser4_inode_data(inode)->guard);
-+}
-+
-+
-+extern znode *inode_get_vroot(struct inode *inode);
-+extern void inode_set_vroot(struct inode *inode, znode * vroot);
-+
-+extern int reiser4_max_filename_len(const struct inode *inode);
-+extern int max_hash_collisions(const struct inode *dir);
-+extern void reiser4_unlock_inode(struct inode *inode);
-+extern int is_reiser4_inode(const struct inode *inode);
-+extern int setup_inode_ops(struct inode *inode, reiser4_object_create_data *);
-+extern struct inode *reiser4_iget(struct super_block *super,
-+ const reiser4_key * key, int silent);
-+extern void reiser4_iget_complete(struct inode *inode);
-+extern void inode_set_flag(struct inode *inode, reiser4_file_plugin_flags f);
-+extern void inode_clr_flag(struct inode *inode, reiser4_file_plugin_flags f);
-+extern int inode_get_flag(const struct inode *inode,
-+ reiser4_file_plugin_flags f);
-+
-+/* has inode been initialized? */
-+static inline int
-+is_inode_loaded(const struct inode *inode /* inode queried */ )
-+{
-+ assert("nikita-1120", inode != NULL);
-+ return inode_get_flag(inode, REISER4_LOADED);
-+}
-+
-+extern file_plugin *inode_file_plugin(const struct inode *inode);
-+extern dir_plugin *inode_dir_plugin(const struct inode *inode);
-+extern formatting_plugin *inode_formatting_plugin(const struct inode *inode);
-+extern hash_plugin *inode_hash_plugin(const struct inode *inode);
-+extern fibration_plugin *inode_fibration_plugin(const struct inode *inode);
-+extern cipher_plugin *inode_cipher_plugin(const struct inode *inode);
-+extern digest_plugin *inode_digest_plugin(const struct inode *inode);
-+extern compression_plugin *inode_compression_plugin(const struct inode *inode);
-+extern compression_mode_plugin *inode_compression_mode_plugin(const struct inode
-+ *inode);
-+extern cluster_plugin *inode_cluster_plugin(const struct inode *inode);
-+extern regular_plugin *inode_regular_plugin(const struct inode *inode);
-+extern item_plugin *inode_sd_plugin(const struct inode *inode);
-+extern item_plugin *inode_dir_item_plugin(const struct inode *inode);
-+
-+extern void inode_set_plugin(struct inode *inode,
-+ reiser4_plugin * plug, pset_member memb);
-+extern void reiser4_make_bad_inode(struct inode *inode);
-+
-+extern void inode_set_extension(struct inode *inode, sd_ext_bits ext);
-+extern void inode_check_scale(struct inode *inode, __u64 old, __u64 new);
-+extern void inode_check_scale_nolock(struct inode * inode, __u64 old, __u64 new);
-+
-+/*
-+ * update field @field in inode @i to contain value @value.
-+ */
-+#define INODE_SET_FIELD(i, field, value) \
-+({ \
-+ struct inode *__i; \
-+ typeof(value) __v; \
-+ \
-+ __i = (i); \
-+ __v = (value); \
-+ inode_check_scale(__i, __i->field, __v); \
-+ __i->field = __v; \
-+})
-+
-+#define INODE_INC_FIELD(i, field) \
-+({ \
-+ struct inode *__i; \
-+ \
-+ __i = (i); \
-+ inode_check_scale(__i, __i->field, __i->field + 1); \
-+ ++ __i->field; \
-+})
-+
-+#define INODE_DEC_FIELD(i, field) \
-+({ \
-+ struct inode *__i; \
-+ \
-+ __i = (i); \
-+ inode_check_scale(__i, __i->field, __i->field - 1); \
-+ -- __i->field; \
-+})
-+
-+/* See comment before readdir_common() for description. */
-+static inline struct list_head *get_readdir_list(const struct inode *inode)
-+{
-+ return &reiser4_inode_data(inode)->lists.readdir_list;
-+}
-+
-+extern void init_inode_ordering(struct inode *inode,
-+ reiser4_object_create_data * crd, int create);
-+
-+static inline struct radix_tree_root *jnode_tree_by_inode(struct inode *inode)
-+{
-+ return &reiser4_inode_data(inode)->jnodes_tree;
-+}
-+
-+static inline struct radix_tree_root *jnode_tree_by_reiser4_inode(reiser4_inode
-+ * r4_inode)
-+{
-+ return &r4_inode->jnodes_tree;
-+}
-+
-+#if REISER4_DEBUG
-+extern void print_inode(const char *prefix, const struct inode *i);
-+#endif
-+
-+int is_dir_empty(const struct inode *);
-+
-+/* __REISER4_INODE_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/ioctl.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/ioctl.h
-@@ -0,0 +1,41 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+#if !defined( __REISER4_IOCTL_H__ )
-+#define __REISER4_IOCTL_H__
-+
-+#include <linux/fs.h>
-+
-+/*
-+ * ioctl(2) command used to "unpack" reiser4 file, that is, convert it into
-+ * extents and fix in this state. This is used by applications that rely on
-+ *
-+ * . files being block aligned, and
-+ *
-+ * . files never migrating on disk
-+ *
-+ * for example, boot loaders (LILO) need this.
-+ *
-+ * This ioctl should be used as
-+ *
-+ * result = ioctl(fd, REISER4_IOC_UNPACK);
-+ *
-+ * File behind fd descriptor will be converted to the extents (if necessary),
-+ * and its stat-data will be updated so that it will never be converted back
-+ * into tails again.
-+ */
-+#define REISER4_IOC_UNPACK _IOW(0xCD,1,long)
-+
-+/* __REISER4_IOCTL_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/jnode.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/jnode.c
-@@ -0,0 +1,1921 @@
-+/* Copyright 2001, 2002, 2003, 2004 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+/* Jnode manipulation functions. */
-+/* Jnode is entity used to track blocks with data and meta-data in reiser4.
-+
-+ In particular, jnodes are used to track transactional information
-+ associated with each block. Each znode contains jnode as ->zjnode field.
-+
-+ Jnode stands for either Josh or Journal node.
-+*/
-+
-+/*
-+ * Taxonomy.
-+ *
-+ * Jnode represents block containing data or meta-data. There are jnodes
-+ * for:
-+ *
-+ * unformatted blocks (jnodes proper). There are plans, however to
-+ * have a handle per extent unit rather than per each unformatted
-+ * block, because there are so many of them.
-+ *
-+ * For bitmaps. Each bitmap is actually represented by two jnodes--one
-+ * for working and another for "commit" data, together forming bnode.
-+ *
-+ * For io-heads. These are used by log writer.
-+ *
-+ * For formatted nodes (znode). See comment at the top of znode.c for
-+ * details specific to the formatted nodes (znodes).
-+ *
-+ * Node data.
-+ *
-+ * Jnode provides access to the data of node it represents. Data are
-+ * stored in a page. Page is kept in a page cache. This means, that jnodes
-+ * are highly interconnected with page cache and VM internals.
-+ *
-+ * jnode has a pointer to page (->pg) containing its data. Pointer to data
-+ * themselves is cached in ->data field to avoid frequent calls to
-+ * page_address().
-+ *
-+ * jnode and page are attached to each other by jnode_attach_page(). This
-+ * function places pointer to jnode in set_page_private(), sets PG_private
-+ * flag and increments page counter.
-+ *
-+ * Opposite operation is performed by page_clear_jnode().
-+ *
-+ * jnode->pg is protected by jnode spin lock, and page->private is
-+ * protected by page lock. See comment at the top of page_cache.c for
-+ * more.
-+ *
-+ * page can be detached from jnode for two reasons:
-+ *
-+ * . jnode is removed from a tree (file is truncated, of formatted
-+ * node is removed by balancing).
-+ *
-+ * . during memory pressure, VM calls ->releasepage() method
-+ * (reiser4_releasepage()) to evict page from memory.
-+ *
-+ * (there, of course, is also umount, but this is special case we are not
-+ * concerned with here).
-+ *
-+ * To protect jnode page from eviction, one calls jload() function that
-+ * "pins" page in memory (loading it if necessary), increments
-+ * jnode->d_count, and kmap()s page. Page is unpinned through call to
-+ * jrelse().
-+ *
-+ * Jnode life cycle.
-+ *
-+ * jnode is created, placed in hash table, and, optionally, in per-inode
-+ * radix tree. Page can be attached to jnode, pinned, released, etc.
-+ *
-+ * When jnode is captured into atom its reference counter is
-+ * increased. While being part of an atom, jnode can be "early
-+ * flushed". This means that as part of flush procedure, jnode is placed
-+ * into "relocate set", and its page is submitted to the disk. After io
-+ * completes, page can be detached, then loaded again, re-dirtied, etc.
-+ *
-+ * Thread acquired reference to jnode by calling jref() and releases it by
-+ * jput(). When last reference is removed, jnode is still retained in
-+ * memory (cached) if it has page attached, _unless_ it is scheduled for
-+ * destruction (has JNODE_HEARD_BANSHEE bit set).
-+ *
-+ * Tree read-write lock was used as "existential" lock for jnodes. That is,
-+ * jnode->x_count could be changed from 0 to 1 only under tree write lock,
-+ * that is, tree lock protected unreferenced jnodes stored in the hash
-+ * table, from recycling.
-+ *
-+ * This resulted in high contention on tree lock, because jref()/jput() is
-+ * frequent operation. To ameliorate this problem, RCU is used: when jput()
-+ * is just about to release last reference on jnode it sets JNODE_RIP bit
-+ * on it, and then proceed with jnode destruction (removing jnode from hash
-+ * table, cbk_cache, detaching page, etc.). All places that change jnode
-+ * reference counter from 0 to 1 (jlookup(), zlook(), zget(), and
-+ * cbk_cache_scan_slots()) check for JNODE_RIP bit (this is done by
-+ * jnode_rip_check() function), and pretend that nothing was found in hash
-+ * table if bit is set.
-+ *
-+ * jput defers actual return of jnode into slab cache to some later time
-+ * (by call_rcu()), this guarantees that other threads can safely continue
-+ * working with JNODE_RIP-ped jnode.
-+ *
-+ */
-+
-+#include "reiser4.h"
-+#include "debug.h"
-+#include "dformat.h"
-+#include "jnode.h"
-+#include "plugin/plugin_header.h"
-+#include "plugin/plugin.h"
-+#include "txnmgr.h"
-+/*#include "jnode.h"*/
-+#include "znode.h"
-+#include "tree.h"
-+#include "tree_walk.h"
-+#include "super.h"
-+#include "inode.h"
-+#include "page_cache.h"
-+
-+#include <asm/uaccess.h> /* UML needs this for PAGE_OFFSET */
-+#include <linux/types.h>
-+#include <linux/slab.h>
-+#include <linux/pagemap.h>
-+#include <linux/vmalloc.h> /* for vmalloc(), vfree() */
-+#include <linux/swap.h>
-+#include <linux/fs.h> /* for struct address_space */
-+#include <linux/writeback.h> /* for inode_lock */
-+
-+static kmem_cache_t *_jnode_slab = NULL;
-+
-+static void jnode_set_type(jnode * node, jnode_type type);
-+static int jdelete(jnode * node);
-+static int jnode_try_drop(jnode * node);
-+
-+#if REISER4_DEBUG
-+static int jnode_invariant(const jnode * node, int tlocked, int jlocked);
-+#endif
-+
-+/* true if valid page is attached to jnode */
-+static inline int jnode_is_parsed(jnode * node)
-+{
-+ return JF_ISSET(node, JNODE_PARSED);
-+}
-+
-+/* hash table support */
-+
-+/* compare two jnode keys for equality. Used by hash-table macros */
-+static inline int jnode_key_eq(const jnode_key_t * k1, const jnode_key_t * k2)
-+{
-+ assert("nikita-2350", k1 != NULL);
-+ assert("nikita-2351", k2 != NULL);
-+
-+ return (k1->index == k2->index && k1->objectid == k2->objectid);
-+}
-+
-+/* Hash jnode by its key (inode plus offset). Used by hash-table macros */
-+static inline __u32
-+jnode_key_hashfn(j_hash_table * table, const jnode_key_t * key)
-+{
-+ assert("nikita-2352", key != NULL);
-+ assert("nikita-3346", IS_POW(table->_buckets));
-+
-+ /* yes, this is remarkable simply (where not stupid) hash function. */
-+ return (key->objectid + key->index) & (table->_buckets - 1);
-+}
-+
-+/* The hash table definition */
-+#define KMALLOC(size) vmalloc(size)
-+#define KFREE(ptr, size) vfree(ptr)
-+TYPE_SAFE_HASH_DEFINE(j, jnode, jnode_key_t, key.j, link.j, jnode_key_hashfn,
-+ jnode_key_eq);
-+#undef KFREE
-+#undef KMALLOC
-+
-+/* call this to initialise jnode hash table */
-+int jnodes_tree_init(reiser4_tree * tree /* tree to initialise jnodes for */ )
-+{
-+ assert("nikita-2359", tree != NULL);
-+ return j_hash_init(&tree->jhash_table, 16384);
-+}
-+
-+/* call this to destroy jnode hash table. This is called during umount. */
-+int jnodes_tree_done(reiser4_tree * tree /* tree to destroy jnodes for */ )
-+{
-+ j_hash_table *jtable;
-+ jnode *node;
-+ jnode *next;
-+
-+ assert("nikita-2360", tree != NULL);
-+
-+ /*
-+ * Scan hash table and free all jnodes.
-+ */
-+ jtable = &tree->jhash_table;
-+ if (jtable->_table) {
-+ for_all_in_htable(jtable, j, node, next) {
-+ assert("nikita-2361", !atomic_read(&node->x_count));
-+ jdrop(node);
-+ }
-+
-+ j_hash_done(&tree->jhash_table);
-+ }
-+ return 0;
-+}
-+
-+/**
-+ * init_jnodes - create jnode cache
-+ *
-+ * Initializes slab cache jnodes. It is part of reiser4 module initialization.
-+ */
-+int init_jnodes(void)
-+{
-+ assert("umka-168", _jnode_slab == NULL);
-+
-+ _jnode_slab = kmem_cache_create("jnode", sizeof(jnode), 0,
-+ SLAB_HWCACHE_ALIGN |
-+ SLAB_RECLAIM_ACCOUNT, NULL, NULL);
-+ if (_jnode_slab == NULL)
-+ return RETERR(-ENOMEM);
-+
-+ return 0;
-+}
-+
-+/**
-+ * done_znodes - delete znode cache
-+ *
-+ * This is called on reiser4 module unloading or system shutdown.
-+ */
-+void done_jnodes(void)
-+{
-+ destroy_reiser4_cache(&_jnode_slab);
-+}
-+
-+/* Initialize a jnode. */
-+void jnode_init(jnode * node, reiser4_tree * tree, jnode_type type)
-+{
-+ assert("umka-175", node != NULL);
-+
-+ memset(node, 0, sizeof(jnode));
-+ ON_DEBUG(node->magic = JMAGIC);
-+ jnode_set_type(node, type);
-+ atomic_set(&node->d_count, 0);
-+ atomic_set(&node->x_count, 0);
-+ spin_lock_init(&node->guard);
-+ spin_lock_init(&node->load);
-+ node->atom = NULL;
-+ node->tree = tree;
-+ INIT_LIST_HEAD(&node->capture_link);
-+
-+ ASSIGN_NODE_LIST(node, NOT_CAPTURED);
-+
-+ INIT_RCU_HEAD(&node->rcu);
-+
-+#if REISER4_DEBUG
-+ {
-+ reiser4_super_info_data *sbinfo;
-+
-+ sbinfo = get_super_private(tree->super);
-+ spin_lock_irq(&sbinfo->all_guard);
-+ list_add(&node->jnodes, &sbinfo->all_jnodes);
-+ spin_unlock_irq(&sbinfo->all_guard);
-+ }
-+#endif
-+}
-+
-+#if REISER4_DEBUG
-+/*
-+ * Remove jnode from ->all_jnodes list.
-+ */
-+static void jnode_done(jnode * node, reiser4_tree * tree)
-+{
-+ reiser4_super_info_data *sbinfo;
-+
-+ sbinfo = get_super_private(tree->super);
-+
-+ spin_lock_irq(&sbinfo->all_guard);
-+ assert("nikita-2422", !list_empty(&node->jnodes));
-+ list_del_init(&node->jnodes);
-+ spin_unlock_irq(&sbinfo->all_guard);
-+}
-+#endif
-+
-+/* return already existing jnode of page */
-+jnode *jnode_by_page(struct page *pg)
-+{
-+ assert("nikita-2066", pg != NULL);
-+ assert("nikita-2400", PageLocked(pg));
-+ assert("nikita-2068", PagePrivate(pg));
-+ assert("nikita-2067", jprivate(pg) != NULL);
-+ return jprivate(pg);
-+}
-+
-+/* exported functions to allocate/free jnode objects outside this file */
-+jnode *jalloc(void)
-+{
-+ jnode *jal = kmem_cache_alloc(_jnode_slab, get_gfp_mask());
-+ return jal;
-+}
-+
-+/* return jnode back to the slab allocator */
-+inline void jfree(jnode * node)
-+{
-+ assert("zam-449", node != NULL);
-+
-+ assert("nikita-2663", (list_empty_careful(&node->capture_link) &&
-+ NODE_LIST(node) == NOT_CAPTURED));
-+ assert("nikita-3222", list_empty(&node->jnodes));
-+ assert("nikita-3221", jnode_page(node) == NULL);
-+
-+ /* not yet phash_jnode_destroy(node); */
-+
-+ kmem_cache_free(_jnode_slab, node);
-+}
-+
-+/*
-+ * This function is supplied as RCU callback. It actually frees jnode when
-+ * last reference to it is gone.
-+ */
-+static void jnode_free_actor(struct rcu_head *head)
-+{
-+ jnode *node;
-+ jnode_type jtype;
-+
-+ node = container_of(head, jnode, rcu);
-+ jtype = jnode_get_type(node);
-+
-+ ON_DEBUG(jnode_done(node, jnode_get_tree(node)));
-+
-+ switch (jtype) {
-+ case JNODE_IO_HEAD:
-+ case JNODE_BITMAP:
-+ case JNODE_UNFORMATTED_BLOCK:
-+ jfree(node);
-+ break;
-+ case JNODE_FORMATTED_BLOCK:
-+ zfree(JZNODE(node));
-+ break;
-+ case JNODE_INODE:
-+ default:
-+ wrong_return_value("nikita-3197", "Wrong jnode type");
-+ }
-+}
-+
-+/*
-+ * Free a jnode. Post a callback to be executed later through RCU when all
-+ * references to @node are released.
-+ */
-+static inline void jnode_free(jnode * node, jnode_type jtype)
-+{
-+ if (jtype != JNODE_INODE) {
-+ /*assert("nikita-3219", list_empty(&node->rcu.list)); */
-+ call_rcu(&node->rcu, jnode_free_actor);
-+ } else
-+ jnode_list_remove(node);
-+}
-+
-+/* allocate new unformatted jnode */
-+static jnode *jnew_unformatted(void)
-+{
-+ jnode *jal;
-+
-+ jal = jalloc();
-+ if (jal == NULL)
-+ return NULL;
-+
-+ jnode_init(jal, current_tree, JNODE_UNFORMATTED_BLOCK);
-+ jal->key.j.mapping = NULL;
-+ jal->key.j.index = (unsigned long)-1;
-+ jal->key.j.objectid = 0;
-+ return jal;
-+}
-+
-+/* look for jnode with given mapping and offset within hash table */
-+jnode *jlookup(reiser4_tree * tree, oid_t objectid, unsigned long index)
-+{
-+ jnode_key_t jkey;
-+ jnode *node;
-+
-+ assert("nikita-2353", tree != NULL);
-+
-+ jkey.objectid = objectid;
-+ jkey.index = index;
-+
-+ /*
-+ * hash table is _not_ protected by any lock during lookups. All we
-+ * have to do is to disable preemption to keep RCU happy.
-+ */
-+
-+ rcu_read_lock();
-+ node = j_hash_find(&tree->jhash_table, &jkey);
-+ if (node != NULL) {
-+ /* protect @node from recycling */
-+ jref(node);
-+ assert("nikita-2955", jnode_invariant(node, 0, 0));
-+ node = jnode_rip_check(tree, node);
-+ }
-+ rcu_read_unlock();
-+ return node;
-+}
-+
-+/* per inode radix tree of jnodes is protected by tree's read write spin lock */
-+static jnode *jfind_nolock(struct address_space *mapping, unsigned long index)
-+{
-+ assert("vs-1694", mapping->host != NULL);
-+
-+ return radix_tree_lookup(jnode_tree_by_inode(mapping->host), index);
-+}
-+
-+jnode *jfind(struct address_space * mapping, unsigned long index)
-+{
-+ reiser4_tree *tree;
-+ jnode *node;
-+
-+ assert("vs-1694", mapping->host != NULL);
-+ tree = tree_by_inode(mapping->host);
-+
-+ read_lock_tree(tree);
-+ node = jfind_nolock(mapping, index);
-+ if (node != NULL)
-+ jref(node);
-+ read_unlock_tree(tree);
-+ return node;
-+}
-+
-+static void inode_attach_jnode(jnode * node)
-+{
-+ struct inode *inode;
-+ reiser4_inode *info;
-+ struct radix_tree_root *rtree;
-+
-+ assert_rw_write_locked(&(jnode_get_tree(node)->tree_lock));
-+ assert("zam-1043", node->key.j.mapping != NULL);
-+ inode = node->key.j.mapping->host;
-+ info = reiser4_inode_data(inode);
-+ rtree = jnode_tree_by_reiser4_inode(info);
-+ if (rtree->rnode == NULL) {
-+ /* prevent inode from being pruned when it has jnodes attached
-+ to it */
-+ write_lock_irq(&inode->i_data.tree_lock);
-+ inode->i_data.nrpages++;
-+ write_unlock_irq(&inode->i_data.tree_lock);
-+ }
-+ assert("zam-1049", equi(rtree->rnode != NULL, info->nr_jnodes != 0));
-+ check_me("zam-1045",
-+ !radix_tree_insert(rtree, node->key.j.index, node));
-+ ON_DEBUG(info->nr_jnodes++);
-+}
-+
-+static void inode_detach_jnode(jnode * node)
-+{
-+ struct inode *inode;
-+ reiser4_inode *info;
-+ struct radix_tree_root *rtree;
-+
-+ assert_rw_write_locked(&(jnode_get_tree(node)->tree_lock));
-+ assert("zam-1044", node->key.j.mapping != NULL);
-+ inode = node->key.j.mapping->host;
-+ info = reiser4_inode_data(inode);
-+ rtree = jnode_tree_by_reiser4_inode(info);
-+
-+ assert("zam-1051", info->nr_jnodes != 0);
-+ assert("zam-1052", rtree->rnode != NULL);
-+ ON_DEBUG(info->nr_jnodes--);
-+
-+ /* delete jnode from inode's radix tree of jnodes */
-+ check_me("zam-1046", radix_tree_delete(rtree, node->key.j.index));
-+ if (rtree->rnode == NULL) {
-+ /* inode can be pruned now */
-+ write_lock_irq(&inode->i_data.tree_lock);
-+ inode->i_data.nrpages--;
-+ write_unlock_irq(&inode->i_data.tree_lock);
-+ }
-+}
-+
-+/* put jnode into hash table (where they can be found by flush who does not know
-+ mapping) and to inode's tree of jnodes (where they can be found (hopefully
-+ faster) in places where mapping is known). Currently it is used by
-+ fs/reiser4/plugin/item/extent_file_ops.c:index_extent_jnode when new jnode is
-+ created */
-+static void
-+hash_unformatted_jnode(jnode * node, struct address_space *mapping,
-+ unsigned long index)
-+{
-+ j_hash_table *jtable;
-+
-+ assert("vs-1446", jnode_is_unformatted(node));
-+ assert("vs-1442", node->key.j.mapping == 0);
-+ assert("vs-1443", node->key.j.objectid == 0);
-+ assert("vs-1444", node->key.j.index == (unsigned long)-1);
-+ assert_rw_write_locked(&(jnode_get_tree(node)->tree_lock));
-+
-+ node->key.j.mapping = mapping;
-+ node->key.j.objectid = get_inode_oid(mapping->host);
-+ node->key.j.index = index;
-+
-+ jtable = &jnode_get_tree(node)->jhash_table;
-+
-+ /* race with some other thread inserting jnode into the hash table is
-+ * impossible, because we keep the page lock. */
-+ /*
-+ * following assertion no longer holds because of RCU: it is possible
-+ * jnode is in the hash table, but with JNODE_RIP bit set.
-+ */
-+ /* assert("nikita-3211", j_hash_find(jtable, &node->key.j) == NULL); */
-+ j_hash_insert_rcu(jtable, node);
-+ inode_attach_jnode(node);
-+}
-+
-+static void unhash_unformatted_node_nolock(jnode * node)
-+{
-+ assert("vs-1683", node->key.j.mapping != NULL);
-+ assert("vs-1684",
-+ node->key.j.objectid ==
-+ get_inode_oid(node->key.j.mapping->host));
-+
-+ /* remove jnode from hash-table */
-+ j_hash_remove_rcu(&node->tree->jhash_table, node);
-+ inode_detach_jnode(node);
-+ node->key.j.mapping = NULL;
-+ node->key.j.index = (unsigned long)-1;
-+ node->key.j.objectid = 0;
-+
-+}
-+
-+/* remove jnode from hash table and from inode's tree of jnodes. This is used in
-+ reiser4_invalidatepage and in kill_hook_extent -> truncate_inode_jnodes ->
-+ uncapture_jnode */
-+void unhash_unformatted_jnode(jnode * node)
-+{
-+ assert("vs-1445", jnode_is_unformatted(node));
-+
-+ write_lock_tree(node->tree);
-+ unhash_unformatted_node_nolock(node);
-+ write_unlock_tree(node->tree);
-+}
-+
-+/*
-+ * search hash table for a jnode with given oid and index. If not found,
-+ * allocate new jnode, insert it, and also insert into radix tree for the
-+ * given inode/mapping.
-+ */
-+jnode *find_get_jnode(reiser4_tree * tree, struct address_space *mapping,
-+ oid_t oid, unsigned long index)
-+{
-+ jnode *result;
-+ jnode *shadow;
-+ int preload;
-+
-+ result = jnew_unformatted();
-+
-+ if (unlikely(result == NULL))
-+ return ERR_PTR(RETERR(-ENOMEM));
-+
-+ preload = radix_tree_preload(get_gfp_mask());
-+ if (preload != 0)
-+ return ERR_PTR(preload);
-+
-+ write_lock_tree(tree);
-+ shadow = jfind_nolock(mapping, index);
-+ if (likely(shadow == NULL)) {
-+ /* add new jnode to hash table and inode's radix tree of jnodes */
-+ jref(result);
-+ hash_unformatted_jnode(result, mapping, index);
-+ } else {
-+ /* jnode is found in inode's radix tree of jnodes */
-+ jref(shadow);
-+ jnode_free(result, JNODE_UNFORMATTED_BLOCK);
-+ assert("vs-1498", shadow->key.j.mapping == mapping);
-+ result = shadow;
-+ }
-+ write_unlock_tree(tree);
-+
-+ assert("nikita-2955",
-+ ergo(result != NULL, jnode_invariant(result, 0, 0)));
-+ radix_tree_preload_end();
-+ return result;
-+}
-+
-+/* jget() (a la zget() but for unformatted nodes). Returns (and possibly
-+ creates) jnode corresponding to page @pg. jnode is attached to page and
-+ inserted into jnode hash-table. */
-+static jnode *do_jget(reiser4_tree * tree, struct page *pg)
-+{
-+ /*
-+ * There are two ways to create jnode: starting with pre-existing page
-+ * and without page.
-+ *
-+ * When page already exists, jnode is created
-+ * (jnode_of_page()->do_jget()) under page lock. This is done in
-+ * ->writepage(), or when capturing anonymous page dirtied through
-+ * mmap.
-+ *
-+ * Jnode without page is created by index_extent_jnode().
-+ *
-+ */
-+
-+ jnode *result;
-+ oid_t oid = get_inode_oid(pg->mapping->host);
-+
-+ assert("umka-176", pg != NULL);
-+ assert("nikita-2394", PageLocked(pg));
-+
-+ result = jprivate(pg);
-+ if (likely(result != NULL))
-+ return jref(result);
-+
-+ tree = tree_by_page(pg);
-+
-+ /* check hash-table first */
-+ result = jfind(pg->mapping, pg->index);
-+ if (unlikely(result != NULL)) {
-+ spin_lock_jnode(result);
-+ jnode_attach_page(result, pg);
-+ spin_unlock_jnode(result);
-+ result->key.j.mapping = pg->mapping;
-+ return result;
-+ }
-+
-+ result = find_get_jnode(tree, pg->mapping, oid, pg->index);
-+ if (unlikely(IS_ERR(result)))
-+ return result;
-+ /* attach jnode to page */
-+ spin_lock_jnode(result);
-+ jnode_attach_page(result, pg);
-+ spin_unlock_jnode(result);
-+ return result;
-+}
-+
-+/*
-+ * return jnode for @pg, creating it if necessary.
-+ */
-+jnode *jnode_of_page(struct page * pg)
-+{
-+ jnode *result;
-+
-+ assert("umka-176", pg != NULL);
-+ assert("nikita-2394", PageLocked(pg));
-+
-+ result = do_jget(tree_by_page(pg), pg);
-+
-+ if (REISER4_DEBUG && !IS_ERR(result)) {
-+ assert("nikita-3210", result == jprivate(pg));
-+ assert("nikita-2046", jnode_page(jprivate(pg)) == pg);
-+ if (jnode_is_unformatted(jprivate(pg))) {
-+ assert("nikita-2364",
-+ jprivate(pg)->key.j.index == pg->index);
-+ assert("nikita-2367",
-+ jprivate(pg)->key.j.mapping == pg->mapping);
-+ assert("nikita-2365",
-+ jprivate(pg)->key.j.objectid ==
-+ get_inode_oid(pg->mapping->host));
-+ assert("vs-1200",
-+ jprivate(pg)->key.j.objectid ==
-+ pg->mapping->host->i_ino);
-+ assert("nikita-2356",
-+ jnode_is_unformatted(jnode_by_page(pg)));
-+ }
-+ assert("nikita-2956", jnode_invariant(jprivate(pg), 0, 0));
-+ }
-+ return result;
-+}
-+
-+/* attach page to jnode: set ->pg pointer in jnode, and ->private one in the
-+ * page.*/
-+void jnode_attach_page(jnode * node, struct page *pg)
-+{
-+ assert("nikita-2060", node != NULL);
-+ assert("nikita-2061", pg != NULL);
-+
-+ assert("nikita-2050", jprivate(pg) == 0ul);
-+ assert("nikita-2393", !PagePrivate(pg));
-+ assert("vs-1741", node->pg == NULL);
-+
-+ assert("nikita-2396", PageLocked(pg));
-+ assert_spin_locked(&(node->guard));
-+
-+ page_cache_get(pg);
-+ set_page_private(pg, (unsigned long)node);
-+ node->pg = pg;
-+ SetPagePrivate(pg);
-+}
-+
-+/* Dual to jnode_attach_page: break a binding between page and jnode */
-+void page_clear_jnode(struct page *page, jnode * node)
-+{
-+ assert("nikita-2424", page != NULL);
-+ assert("nikita-2425", PageLocked(page));
-+ assert("nikita-2426", node != NULL);
-+ assert_spin_locked(&(node->guard));
-+ assert("nikita-2428", PagePrivate(page));
-+
-+ assert("nikita-3551", !PageWriteback(page));
-+
-+ JF_CLR(node, JNODE_PARSED);
-+ set_page_private(page, 0ul);
-+ ClearPagePrivate(page);
-+ node->pg = NULL;
-+ page_cache_release(page);
-+}
-+
-+/* it is only used in one place to handle error */
-+void
-+page_detach_jnode(struct page *page, struct address_space *mapping,
-+ unsigned long index)
-+{
-+ assert("nikita-2395", page != NULL);
-+
-+ lock_page(page);
-+ if ((page->mapping == mapping) && (page->index == index)
-+ && PagePrivate(page)) {
-+ jnode *node;
-+
-+ node = jprivate(page);
-+ spin_lock_jnode(node);
-+ page_clear_jnode(page, node);
-+ spin_unlock_jnode(node);
-+ }
-+ unlock_page(page);
-+}
-+
-+/* return @node page locked.
-+
-+ Locking ordering requires that one first takes page lock and afterwards
-+ spin lock on node attached to this page. Sometimes it is necessary to go in
-+ the opposite direction. This is done through standard trylock-and-release
-+ loop.
-+*/
-+static struct page *jnode_lock_page(jnode * node)
-+{
-+ struct page *page;
-+
-+ assert("nikita-2052", node != NULL);
-+ assert("nikita-2401", LOCK_CNT_NIL(spin_locked_jnode));
-+
-+ while (1) {
-+
-+ spin_lock_jnode(node);
-+ page = jnode_page(node);
-+ if (page == NULL) {
-+ break;
-+ }
-+
-+ /* no need to page_cache_get( page ) here, because page cannot
-+ be evicted from memory without detaching it from jnode and
-+ this requires spin lock on jnode that we already hold.
-+ */
-+ if (!TestSetPageLocked(page)) {
-+ /* We won a lock on jnode page, proceed. */
-+ break;
-+ }
-+
-+ /* Page is locked by someone else. */
-+ page_cache_get(page);
-+ spin_unlock_jnode(node);
-+ wait_on_page_locked(page);
-+ /* it is possible that page was detached from jnode and
-+ returned to the free pool, or re-assigned while we were
-+ waiting on locked bit. This will be rechecked on the next
-+ loop iteration.
-+ */
-+ page_cache_release(page);
-+
-+ /* try again */
-+ }
-+ return page;
-+}
-+
-+/*
-+ * is JNODE_PARSED bit is not set, call ->parse() method of jnode, to verify
-+ * validness of jnode content.
-+ */
-+static inline int jparse(jnode * node)
-+{
-+ int result;
-+
-+ assert("nikita-2466", node != NULL);
-+
-+ spin_lock_jnode(node);
-+ if (likely(!jnode_is_parsed(node))) {
-+ result = jnode_ops(node)->parse(node);
-+ if (likely(result == 0))
-+ JF_SET(node, JNODE_PARSED);
-+ } else
-+ result = 0;
-+ spin_unlock_jnode(node);
-+ return result;
-+}
-+
-+/* Lock a page attached to jnode, create and attach page to jnode if it had no
-+ * one. */
-+struct page *jnode_get_page_locked(jnode * node, gfp_t gfp_flags)
-+{
-+ struct page *page;
-+
-+ spin_lock_jnode(node);
-+ page = jnode_page(node);
-+
-+ if (page == NULL) {
-+ spin_unlock_jnode(node);
-+ page = find_or_create_page(jnode_get_mapping(node),
-+ jnode_get_index(node), gfp_flags);
-+ if (page == NULL)
-+ return ERR_PTR(RETERR(-ENOMEM));
-+ } else {
-+ if (!TestSetPageLocked(page)) {
-+ spin_unlock_jnode(node);
-+ return page;
-+ }
-+ page_cache_get(page);
-+ spin_unlock_jnode(node);
-+ lock_page(page);
-+ assert("nikita-3134", page->mapping == jnode_get_mapping(node));
-+ }
-+
-+ spin_lock_jnode(node);
-+ if (!jnode_page(node))
-+ jnode_attach_page(node, page);
-+ spin_unlock_jnode(node);
-+
-+ page_cache_release(page);
-+ assert("zam-894", jnode_page(node) == page);
-+ return page;
-+}
-+
-+/* Start read operation for jnode's page if page is not up-to-date. */
-+static int jnode_start_read(jnode * node, struct page *page)
-+{
-+ assert("zam-893", PageLocked(page));
-+
-+ if (PageUptodate(page)) {
-+ unlock_page(page);
-+ return 0;
-+ }
-+ return page_io(page, node, READ, get_gfp_mask());
-+}
-+
-+#if REISER4_DEBUG
-+static void check_jload(jnode * node, struct page *page)
-+{
-+ if (jnode_is_znode(node)) {
-+ node40_header *nh;
-+ znode *z;
-+
-+ z = JZNODE(node);
-+ if (znode_is_any_locked(z)) {
-+ nh = (node40_header *) kmap(page);
-+ /* this only works for node40-only file systems. For
-+ * debugging. */
-+ assert("nikita-3253",
-+ z->nr_items == le16_to_cpu(get_unaligned(&nh->nr_items)));
-+ kunmap(page);
-+ }
-+ assert("nikita-3565", znode_invariant(z));
-+ }
-+}
-+#else
-+#define check_jload(node, page) noop
-+#endif
-+
-+/* prefetch jnode to speed up next call to jload. Call this when you are going
-+ * to call jload() shortly. This will bring appropriate portion of jnode into
-+ * CPU cache. */
-+void jload_prefetch(jnode * node)
-+{
-+ prefetchw(&node->x_count);
-+}
-+
-+/* load jnode's data into memory */
-+int jload_gfp(jnode * node /* node to load */ ,
-+ gfp_t gfp_flags /* allocation flags */ ,
-+ int do_kmap /* true if page should be kmapped */ )
-+{
-+ struct page *page;
-+ int result = 0;
-+ int parsed;
-+
-+ assert("nikita-3010", schedulable());
-+
-+ prefetchw(&node->pg);
-+
-+ /* taking d-reference implies taking x-reference. */
-+ jref(node);
-+
-+ /*
-+ * acquiring d-reference to @jnode and check for JNODE_PARSED bit
-+ * should be atomic, otherwise there is a race against
-+ * reiser4_releasepage().
-+ */
-+ spin_lock(&(node->load));
-+ add_d_ref(node);
-+ parsed = jnode_is_parsed(node);
-+ spin_unlock(&(node->load));
-+
-+ if (unlikely(!parsed)) {
-+ page = jnode_get_page_locked(node, gfp_flags);
-+ if (unlikely(IS_ERR(page))) {
-+ result = PTR_ERR(page);
-+ goto failed;
-+ }
-+
-+ result = jnode_start_read(node, page);
-+ if (unlikely(result != 0))
-+ goto failed;
-+
-+ wait_on_page_locked(page);
-+ if (unlikely(!PageUptodate(page))) {
-+ result = RETERR(-EIO);
-+ goto failed;
-+ }
-+
-+ if (do_kmap)
-+ node->data = kmap(page);
-+
-+ result = jparse(node);
-+ if (unlikely(result != 0)) {
-+ if (do_kmap)
-+ kunmap(page);
-+ goto failed;
-+ }
-+ check_jload(node, page);
-+ } else {
-+ page = jnode_page(node);
-+ check_jload(node, page);
-+ if (do_kmap)
-+ node->data = kmap(page);
-+ }
-+
-+ if (!is_writeout_mode())
-+ /* We do not mark pages active if jload is called as a part of
-+ * jnode_flush() or reiser4_write_logs(). Both jnode_flush()
-+ * and write_logs() add no value to cached data, there is no
-+ * sense to mark pages as active when they go to disk, it just
-+ * confuses vm scanning routines because clean page could be
-+ * moved out from inactive list as a result of this
-+ * mark_page_accessed() call. */
-+ mark_page_accessed(page);
-+
-+ return 0;
-+
-+ failed:
-+ jrelse_tail(node);
-+ return result;
-+
-+}
-+
-+/* start asynchronous reading for given jnode's page. */
-+int jstartio(jnode * node)
-+{
-+ struct page *page;
-+
-+ page = jnode_get_page_locked(node, get_gfp_mask());
-+ if (IS_ERR(page))
-+ return PTR_ERR(page);
-+
-+ return jnode_start_read(node, page);
-+}
-+
-+/* Initialize a node by calling appropriate plugin instead of reading
-+ * node from disk as in jload(). */
-+int jinit_new(jnode * node, gfp_t gfp_flags)
-+{
-+ struct page *page;
-+ int result;
-+
-+ jref(node);
-+ add_d_ref(node);
-+
-+ page = jnode_get_page_locked(node, gfp_flags);
-+ if (IS_ERR(page)) {
-+ result = PTR_ERR(page);
-+ goto failed;
-+ }
-+
-+ SetPageUptodate(page);
-+ unlock_page(page);
-+
-+ node->data = kmap(page);
-+
-+ if (!jnode_is_parsed(node)) {
-+ jnode_plugin *jplug = jnode_ops(node);
-+ spin_lock_jnode(node);
-+ result = jplug->init(node);
-+ spin_unlock_jnode(node);
-+ if (result) {
-+ kunmap(page);
-+ goto failed;
-+ }
-+ JF_SET(node, JNODE_PARSED);
-+ }
-+
-+ return 0;
-+
-+ failed:
-+ jrelse(node);
-+ return result;
-+}
-+
-+/* release a reference to jnode acquired by jload(), decrement ->d_count */
-+void jrelse_tail(jnode * node /* jnode to release references to */ )
-+{
-+ assert("nikita-489", atomic_read(&node->d_count) > 0);
-+ atomic_dec(&node->d_count);
-+ /* release reference acquired in jload_gfp() or jinit_new() */
-+ jput(node);
-+ if (jnode_is_unformatted(node) || jnode_is_znode(node))
-+ LOCK_CNT_DEC(d_refs);
-+}
-+
-+/* drop reference to node data. When last reference is dropped, data are
-+ unloaded. */
-+void jrelse(jnode * node /* jnode to release references to */ )
-+{
-+ struct page *page;
-+
-+ assert("nikita-487", node != NULL);
-+ assert_spin_not_locked(&(node->guard));
-+
-+ page = jnode_page(node);
-+ if (likely(page != NULL)) {
-+ /*
-+ * it is safe not to lock jnode here, because at this point
-+ * @node->d_count is greater than zero (if jrelse() is used
-+ * correctly, that is). JNODE_PARSED may be not set yet, if,
-+ * for example, we got here as a result of error handling path
-+ * in jload(). Anyway, page cannot be detached by
-+ * reiser4_releasepage(). truncate will invalidate page
-+ * regardless, but this should not be a problem.
-+ */
-+ kunmap(page);
-+ }
-+ jrelse_tail(node);
-+}
-+
-+/* called from jput() to wait for io completion */
-+static void jnode_finish_io(jnode * node)
-+{
-+ struct page *page;
-+
-+ assert("nikita-2922", node != NULL);
-+
-+ spin_lock_jnode(node);
-+ page = jnode_page(node);
-+ if (page != NULL) {
-+ page_cache_get(page);
-+ spin_unlock_jnode(node);
-+ wait_on_page_writeback(page);
-+ page_cache_release(page);
-+ } else
-+ spin_unlock_jnode(node);
-+}
-+
-+/*
-+ * This is called by jput() when last reference to jnode is released. This is
-+ * separate function, because we want fast path of jput() to be inline and,
-+ * therefore, small.
-+ */
-+void jput_final(jnode * node)
-+{
-+ int r_i_p;
-+
-+ /* A fast check for keeping node in cache. We always keep node in cache
-+ * if its page is present and node was not marked for deletion */
-+ if (jnode_page(node) != NULL && !JF_ISSET(node, JNODE_HEARD_BANSHEE)) {
-+ rcu_read_unlock();
-+ return;
-+ }
-+ assert("edward-1432", node->page_count == 0);
-+
-+ r_i_p = !JF_TEST_AND_SET(node, JNODE_RIP);
-+ /*
-+ * if r_i_p is true, we were first to set JNODE_RIP on this node. In
-+ * this case it is safe to access node after unlock.
-+ */
-+ rcu_read_unlock();
-+ if (r_i_p) {
-+ jnode_finish_io(node);
-+ if (JF_ISSET(node, JNODE_HEARD_BANSHEE))
-+ /* node is removed from the tree. */
-+ jdelete(node);
-+ else
-+ jnode_try_drop(node);
-+ }
-+ /* if !r_i_p some other thread is already killing it */
-+}
-+
-+int jwait_io(jnode * node, int rw)
-+{
-+ struct page *page;
-+ int result;
-+
-+ assert("zam-447", node != NULL);
-+ assert("zam-448", jnode_page(node) != NULL);
-+
-+ page = jnode_page(node);
-+
-+ result = 0;
-+ if (rw == READ) {
-+ wait_on_page_locked(page);
-+ } else {
-+ assert("nikita-2227", rw == WRITE);
-+ wait_on_page_writeback(page);
-+ }
-+ if (PageError(page))
-+ result = RETERR(-EIO);
-+
-+ return result;
-+}
-+
-+/*
-+ * jnode types and plugins.
-+ *
-+ * jnode by itself is a "base type". There are several different jnode
-+ * flavors, called "jnode types" (see jnode_type for a list). Sometimes code
-+ * has to do different things based on jnode type. In the standard reiser4 way
-+ * this is done by having jnode plugin (see fs/reiser4/plugin.h:jnode_plugin).
-+ *
-+ * Functions below deal with jnode types and define methods of jnode plugin.
-+ *
-+ */
-+
-+/* set jnode type. This is done during jnode initialization. */
-+static void jnode_set_type(jnode * node, jnode_type type)
-+{
-+ static unsigned long type_to_mask[] = {
-+ [JNODE_UNFORMATTED_BLOCK] = 1,
-+ [JNODE_FORMATTED_BLOCK] = 0,
-+ [JNODE_BITMAP] = 2,
-+ [JNODE_IO_HEAD] = 6,
-+ [JNODE_INODE] = 4
-+ };
-+
-+ assert("zam-647", type < LAST_JNODE_TYPE);
-+ assert("nikita-2815", !jnode_is_loaded(node));
-+ assert("nikita-3386", node->state == 0);
-+
-+ node->state |= (type_to_mask[type] << JNODE_TYPE_1);
-+}
-+
-+/* ->init() method of jnode plugin for jnodes that don't require plugin
-+ * specific initialization. */
-+static int init_noinit(jnode * node UNUSED_ARG)
-+{
-+ return 0;
-+}
-+
-+/* ->parse() method of jnode plugin for jnodes that don't require plugin
-+ * specific pasring. */
-+static int parse_noparse(jnode * node UNUSED_ARG)
-+{
-+ return 0;
-+}
-+
-+/* ->mapping() method for unformatted jnode */
-+struct address_space *mapping_jnode(const jnode * node)
-+{
-+ struct address_space *map;
-+
-+ assert("nikita-2713", node != NULL);
-+
-+ /* mapping is stored in jnode */
-+
-+ map = node->key.j.mapping;
-+ assert("nikita-2714", map != NULL);
-+ assert("nikita-2897", is_reiser4_inode(map->host));
-+ assert("nikita-2715", get_inode_oid(map->host) == node->key.j.objectid);
-+ return map;
-+}
-+
-+/* ->index() method for unformatted jnodes */
-+unsigned long index_jnode(const jnode * node)
-+{
-+ /* index is stored in jnode */
-+ return node->key.j.index;
-+}
-+
-+/* ->remove() method for unformatted jnodes */
-+static inline void remove_jnode(jnode * node, reiser4_tree * tree)
-+{
-+ /* remove jnode from hash table and radix tree */
-+ if (node->key.j.mapping)
-+ unhash_unformatted_node_nolock(node);
-+}
-+
-+/* ->mapping() method for znodes */
-+static struct address_space *mapping_znode(const jnode * node)
-+{
-+ /* all znodes belong to fake inode */
-+ return get_super_fake(jnode_get_tree(node)->super)->i_mapping;
-+}
-+
-+/* ->index() method for znodes */
-+static unsigned long index_znode(const jnode * node)
-+{
-+ unsigned long addr;
-+ assert("nikita-3317", (1 << znode_shift_order) < sizeof(znode));
-+
-+ /* index of znode is just its address (shifted) */
-+ addr = (unsigned long)node;
-+ return (addr - PAGE_OFFSET) >> znode_shift_order;
-+}
-+
-+/* ->mapping() method for bitmap jnode */
-+static struct address_space *mapping_bitmap(const jnode * node)
-+{
-+ /* all bitmap blocks belong to special bitmap inode */
-+ return get_super_private(jnode_get_tree(node)->super)->bitmap->
-+ i_mapping;
-+}
-+
-+/* ->index() method for jnodes that are indexed by address */
-+static unsigned long index_is_address(const jnode * node)
-+{
-+ unsigned long ind;
-+
-+ ind = (unsigned long)node;
-+ return ind - PAGE_OFFSET;
-+}
-+
-+/* resolve race with jput */
-+jnode *jnode_rip_sync(reiser4_tree *tree, jnode *node)
-+{
-+ /*
-+ * This is used as part of RCU-based jnode handling.
-+ *
-+ * jlookup(), zlook(), zget(), and cbk_cache_scan_slots() have to work
-+ * with unreferenced jnodes (ones with ->x_count == 0). Hash table is
-+ * not protected during this, so concurrent thread may execute
-+ * zget-set-HEARD_BANSHEE-zput, or somehow else cause jnode to be
-+ * freed in jput_final(). To avoid such races, jput_final() sets
-+ * JNODE_RIP on jnode (under tree lock). All places that work with
-+ * unreferenced jnodes call this function. It checks for JNODE_RIP bit
-+ * (first without taking tree lock), and if this bit is set, released
-+ * reference acquired by the current thread and returns NULL.
-+ *
-+ * As a result, if jnode is being concurrently freed, NULL is returned
-+ * and caller should pretend that jnode wasn't found in the first
-+ * place.
-+ *
-+ * Otherwise it's safe to release "rcu-read-lock" and continue with
-+ * jnode.
-+ */
-+ if (unlikely(JF_ISSET(node, JNODE_RIP))) {
-+ read_lock_tree(tree);
-+ if (JF_ISSET(node, JNODE_RIP)) {
-+ dec_x_ref(node);
-+ node = NULL;
-+ }
-+ read_unlock_tree(tree);
-+ }
-+ return node;
-+}
-+
-+reiser4_key *jnode_build_key(const jnode * node, reiser4_key * key)
-+{
-+ struct inode *inode;
-+ item_plugin *iplug;
-+ loff_t off;
-+
-+ assert("nikita-3092", node != NULL);
-+ assert("nikita-3093", key != NULL);
-+ assert("nikita-3094", jnode_is_unformatted(node));
-+
-+ off = ((loff_t) index_jnode(node)) << PAGE_CACHE_SHIFT;
-+ inode = mapping_jnode(node)->host;
-+
-+ if (node->parent_item_id != 0)
-+ iplug = item_plugin_by_id(node->parent_item_id);
-+ else
-+ iplug = NULL;
-+
-+ if (iplug != NULL && iplug->f.key_by_offset)
-+ iplug->f.key_by_offset(inode, off, key);
-+ else {
-+ file_plugin *fplug;
-+
-+ fplug = inode_file_plugin(inode);
-+ assert("zam-1007", fplug != NULL);
-+ assert("zam-1008", fplug->key_by_inode != NULL);
-+
-+ fplug->key_by_inode(inode, off, key);
-+ }
-+
-+ return key;
-+}
-+
-+/* ->parse() method for formatted nodes */
-+static int parse_znode(jnode * node)
-+{
-+ return zparse(JZNODE(node));
-+}
-+
-+/* ->delete() method for formatted nodes */
-+static void delete_znode(jnode * node, reiser4_tree * tree)
-+{
-+ znode *z;
-+
-+ assert_rw_write_locked(&(tree->tree_lock));
-+ assert("vs-898", JF_ISSET(node, JNODE_HEARD_BANSHEE));
-+
-+ z = JZNODE(node);
-+ assert("vs-899", z->c_count == 0);
-+
-+ /* delete znode from sibling list. */
-+ sibling_list_remove(z);
-+
-+ znode_remove(z, tree);
-+}
-+
-+/* ->remove() method for formatted nodes */
-+static int remove_znode(jnode * node, reiser4_tree * tree)
-+{
-+ znode *z;
-+
-+ assert_rw_write_locked(&(tree->tree_lock));
-+ z = JZNODE(node);
-+
-+ if (z->c_count == 0) {
-+ /* detach znode from sibling list. */
-+ sibling_list_drop(z);
-+ /* this is called with tree spin-lock held, so call
-+ znode_remove() directly (rather than znode_lock_remove()). */
-+ znode_remove(z, tree);
-+ return 0;
-+ }
-+ return RETERR(-EBUSY);
-+}
-+
-+/* ->init() method for formatted nodes */
-+static int init_znode(jnode * node)
-+{
-+ znode *z;
-+
-+ z = JZNODE(node);
-+ /* call node plugin to do actual initialization */
-+ return z->nplug->init(z);
-+}
-+
-+/* ->clone() method for formatted nodes */
-+static jnode *clone_formatted(jnode * node)
-+{
-+ znode *clone;
-+
-+ assert("vs-1430", jnode_is_znode(node));
-+ clone = zalloc(get_gfp_mask());
-+ if (clone == NULL)
-+ return ERR_PTR(RETERR(-ENOMEM));
-+ zinit(clone, NULL, current_tree);
-+ jnode_set_block(ZJNODE(clone), jnode_get_block(node));
-+ /* ZJNODE(clone)->key.z is not initialized */
-+ clone->level = JZNODE(node)->level;
-+
-+ return ZJNODE(clone);
-+}
-+
-+/* jplug->clone for unformatted nodes */
-+static jnode *clone_unformatted(jnode * node)
-+{
-+ jnode *clone;
-+
-+ assert("vs-1431", jnode_is_unformatted(node));
-+ clone = jalloc();
-+ if (clone == NULL)
-+ return ERR_PTR(RETERR(-ENOMEM));
-+
-+ jnode_init(clone, current_tree, JNODE_UNFORMATTED_BLOCK);
-+ jnode_set_block(clone, jnode_get_block(node));
-+
-+ return clone;
-+
-+}
-+
-+/*
-+ * Setup jnode plugin methods for various jnode types.
-+ */
-+jnode_plugin jnode_plugins[LAST_JNODE_TYPE] = {
-+ [JNODE_UNFORMATTED_BLOCK] = {
-+ .h = {
-+ .type_id = REISER4_JNODE_PLUGIN_TYPE,
-+ .id = JNODE_UNFORMATTED_BLOCK,
-+ .pops = NULL,
-+ .label = "unformatted",
-+ .desc = "unformatted node",
-+ .linkage = {NULL, NULL}
-+ },
-+ .init = init_noinit,
-+ .parse = parse_noparse,
-+ .mapping = mapping_jnode,
-+ .index = index_jnode,
-+ .clone = clone_unformatted
-+ },
-+ [JNODE_FORMATTED_BLOCK] = {
-+ .h = {
-+ .type_id = REISER4_JNODE_PLUGIN_TYPE,
-+ .id = JNODE_FORMATTED_BLOCK,
-+ .pops = NULL,
-+ .label = "formatted",
-+ .desc = "formatted tree node",
-+ .linkage = {NULL, NULL}
-+ },
-+ .init = init_znode,
-+ .parse = parse_znode,
-+ .mapping = mapping_znode,
-+ .index = index_znode,
-+ .clone = clone_formatted
-+ },
-+ [JNODE_BITMAP] = {
-+ .h = {
-+ .type_id = REISER4_JNODE_PLUGIN_TYPE,
-+ .id = JNODE_BITMAP,
-+ .pops = NULL,
-+ .label = "bitmap",
-+ .desc = "bitmap node",
-+ .linkage = {NULL, NULL}
-+ },
-+ .init = init_noinit,
-+ .parse = parse_noparse,
-+ .mapping = mapping_bitmap,
-+ .index = index_is_address,
-+ .clone = NULL
-+ },
-+ [JNODE_IO_HEAD] = {
-+ .h = {
-+ .type_id = REISER4_JNODE_PLUGIN_TYPE,
-+ .id = JNODE_IO_HEAD,
-+ .pops = NULL,
-+ .label = "io head",
-+ .desc = "io head",
-+ .linkage = {NULL, NULL}
-+ },
-+ .init = init_noinit,
-+ .parse = parse_noparse,
-+ .mapping = mapping_bitmap,
-+ .index = index_is_address,
-+ .clone = NULL
-+ },
-+ [JNODE_INODE] = {
-+ .h = {
-+ .type_id = REISER4_JNODE_PLUGIN_TYPE,
-+ .id = JNODE_INODE,
-+ .pops = NULL,
-+ .label = "inode",
-+ .desc = "inode's builtin jnode",
-+ .linkage = {NULL, NULL}
-+ },
-+ .init = NULL,
-+ .parse = NULL,
-+ .mapping = NULL,
-+ .index = NULL,
-+ .clone = NULL
-+ }
-+};
-+
-+/*
-+ * jnode destruction.
-+ *
-+ * Thread may use a jnode after it acquired a reference to it. References are
-+ * counted in ->x_count field. Reference protects jnode from being
-+ * recycled. This is different from protecting jnode data (that are stored in
-+ * jnode page) from being evicted from memory. Data are protected by jload()
-+ * and released by jrelse().
-+ *
-+ * If thread already possesses a reference to the jnode it can acquire another
-+ * one through jref(). Initial reference is obtained (usually) by locating
-+ * jnode in some indexing structure that depends on jnode type: formatted
-+ * nodes are kept in global hash table, where they are indexed by block
-+ * number, and also in the cbk cache. Unformatted jnodes are also kept in hash
-+ * table, which is indexed by oid and offset within file, and in per-inode
-+ * radix tree.
-+ *
-+ * Reference to jnode is released by jput(). If last reference is released,
-+ * jput_final() is called. This function determines whether jnode has to be
-+ * deleted (this happens when corresponding node is removed from the file
-+ * system, jnode is marked with JNODE_HEARD_BANSHEE bit in this case), or it
-+ * should be just "removed" (deleted from memory).
-+ *
-+ * Jnode destruction is signally delicate dance because of locking and RCU.
-+ */
-+
-+/*
-+ * Returns true if jnode cannot be removed right now. This check is called
-+ * under tree lock. If it returns true, jnode is irrevocably committed to be
-+ * deleted/removed.
-+ */
-+static inline int jnode_is_busy(const jnode * node, jnode_type jtype)
-+{
-+ /* if other thread managed to acquire a reference to this jnode, don't
-+ * free it. */
-+ if (atomic_read(&node->x_count) > 0)
-+ return 1;
-+ /* also, don't free znode that has children in memory */
-+ if (jtype == JNODE_FORMATTED_BLOCK && JZNODE(node)->c_count > 0)
-+ return 1;
-+ return 0;
-+}
-+
-+/*
-+ * this is called as part of removing jnode. Based on jnode type, call
-+ * corresponding function that removes jnode from indices and returns it back
-+ * to the appropriate slab (through RCU).
-+ */
-+static inline void
-+jnode_remove(jnode * node, jnode_type jtype, reiser4_tree * tree)
-+{
-+ switch (jtype) {
-+ case JNODE_UNFORMATTED_BLOCK:
-+ remove_jnode(node, tree);
-+ break;
-+ case JNODE_IO_HEAD:
-+ case JNODE_BITMAP:
-+ break;
-+ case JNODE_INODE:
-+ break;
-+ case JNODE_FORMATTED_BLOCK:
-+ remove_znode(node, tree);
-+ break;
-+ default:
-+ wrong_return_value("nikita-3196", "Wrong jnode type");
-+ }
-+}
-+
-+/*
-+ * this is called as part of deleting jnode. Based on jnode type, call
-+ * corresponding function that removes jnode from indices and returns it back
-+ * to the appropriate slab (through RCU).
-+ *
-+ * This differs from jnode_remove() only for formatted nodes---for them
-+ * sibling list handling is different for removal and deletion.
-+ */
-+static inline void
-+jnode_delete(jnode * node, jnode_type jtype, reiser4_tree * tree UNUSED_ARG)
-+{
-+ switch (jtype) {
-+ case JNODE_UNFORMATTED_BLOCK:
-+ remove_jnode(node, tree);
-+ break;
-+ case JNODE_IO_HEAD:
-+ case JNODE_BITMAP:
-+ break;
-+ case JNODE_FORMATTED_BLOCK:
-+ delete_znode(node, tree);
-+ break;
-+ case JNODE_INODE:
-+ default:
-+ wrong_return_value("nikita-3195", "Wrong jnode type");
-+ }
-+}
-+
-+#if REISER4_DEBUG
-+/*
-+ * remove jnode from the debugging list of all jnodes hanging off super-block.
-+ */
-+void jnode_list_remove(jnode * node)
-+{
-+ reiser4_super_info_data *sbinfo;
-+
-+ sbinfo = get_super_private(jnode_get_tree(node)->super);
-+
-+ spin_lock_irq(&sbinfo->all_guard);
-+ assert("nikita-2422", !list_empty(&node->jnodes));
-+ list_del_init(&node->jnodes);
-+ spin_unlock_irq(&sbinfo->all_guard);
-+}
-+#endif
-+
-+/*
-+ * this is called by jput_final() to remove jnode when last reference to it is
-+ * released.
-+ */
-+static int jnode_try_drop(jnode * node)
-+{
-+ int result;
-+ reiser4_tree *tree;
-+ jnode_type jtype;
-+
-+ assert("nikita-2491", node != NULL);
-+ assert("nikita-2583", JF_ISSET(node, JNODE_RIP));
-+
-+ tree = jnode_get_tree(node);
-+ jtype = jnode_get_type(node);
-+
-+ spin_lock_jnode(node);
-+ write_lock_tree(tree);
-+ /*
-+ * if jnode has a page---leave it alone. Memory pressure will
-+ * eventually kill page and jnode.
-+ */
-+ if (jnode_page(node) != NULL) {
-+ write_unlock_tree(tree);
-+ spin_unlock_jnode(node);
-+ JF_CLR(node, JNODE_RIP);
-+ return RETERR(-EBUSY);
-+ }
-+
-+ /* re-check ->x_count under tree lock. */
-+ result = jnode_is_busy(node, jtype);
-+ if (result == 0) {
-+ assert("nikita-2582", !JF_ISSET(node, JNODE_HEARD_BANSHEE));
-+ assert("jmacd-511/b", atomic_read(&node->d_count) == 0);
-+
-+ spin_unlock_jnode(node);
-+ /* no page and no references---despatch him. */
-+ jnode_remove(node, jtype, tree);
-+ write_unlock_tree(tree);
-+ jnode_free(node, jtype);
-+ } else {
-+ /* busy check failed: reference was acquired by concurrent
-+ * thread. */
-+ write_unlock_tree(tree);
-+ spin_unlock_jnode(node);
-+ JF_CLR(node, JNODE_RIP);
-+ }
-+ return result;
-+}
-+
-+/* jdelete() -- Delete jnode from the tree and file system */
-+static int jdelete(jnode * node /* jnode to finish with */ )
-+{
-+ struct page *page;
-+ int result;
-+ reiser4_tree *tree;
-+ jnode_type jtype;
-+
-+ assert("nikita-467", node != NULL);
-+ assert("nikita-2531", JF_ISSET(node, JNODE_RIP));
-+
-+ jtype = jnode_get_type(node);
-+
-+ page = jnode_lock_page(node);
-+ assert_spin_locked(&(node->guard));
-+
-+ tree = jnode_get_tree(node);
-+
-+ write_lock_tree(tree);
-+ /* re-check ->x_count under tree lock. */
-+ result = jnode_is_busy(node, jtype);
-+ if (likely(!result)) {
-+ assert("nikita-2123", JF_ISSET(node, JNODE_HEARD_BANSHEE));
-+ assert("jmacd-511", atomic_read(&node->d_count) == 0);
-+
-+ /* detach page */
-+ if (page != NULL) {
-+ /*
-+ * FIXME this is racy against jnode_extent_write().
-+ */
-+ page_clear_jnode(page, node);
-+ }
-+ spin_unlock_jnode(node);
-+ /* goodbye */
-+ jnode_delete(node, jtype, tree);
-+ write_unlock_tree(tree);
-+ jnode_free(node, jtype);
-+ /* @node is no longer valid pointer */
-+ if (page != NULL)
-+ drop_page(page);
-+ } else {
-+ /* busy check failed: reference was acquired by concurrent
-+ * thread. */
-+ JF_CLR(node, JNODE_RIP);
-+ write_unlock_tree(tree);
-+ spin_unlock_jnode(node);
-+ if (page != NULL)
-+ unlock_page(page);
-+ }
-+ return result;
-+}
-+
-+/* drop jnode on the floor.
-+
-+ Return value:
-+
-+ -EBUSY: failed to drop jnode, because there are still references to it
-+
-+ 0: successfully dropped jnode
-+
-+*/
-+static int jdrop_in_tree(jnode * node, reiser4_tree * tree)
-+{
-+ struct page *page;
-+ jnode_type jtype;
-+ int result;
-+
-+ assert("zam-602", node != NULL);
-+ assert_rw_not_read_locked(&(tree->tree_lock));
-+ assert_rw_not_write_locked(&(tree->tree_lock));
-+ assert("nikita-2403", !JF_ISSET(node, JNODE_HEARD_BANSHEE));
-+
-+ jtype = jnode_get_type(node);
-+
-+ page = jnode_lock_page(node);
-+ assert_spin_locked(&(node->guard));
-+
-+ write_lock_tree(tree);
-+
-+ /* re-check ->x_count under tree lock. */
-+ result = jnode_is_busy(node, jtype);
-+ if (!result) {
-+ assert("nikita-2488", page == jnode_page(node));
-+ assert("nikita-2533", atomic_read(&node->d_count) == 0);
-+ if (page != NULL) {
-+ assert("nikita-2126", !PageDirty(page));
-+ assert("nikita-2127", PageUptodate(page));
-+ assert("nikita-2181", PageLocked(page));
-+ page_clear_jnode(page, node);
-+ }
-+ spin_unlock_jnode(node);
-+ jnode_remove(node, jtype, tree);
-+ write_unlock_tree(tree);
-+ jnode_free(node, jtype);
-+ if (page != NULL) {
-+ drop_page(page);
-+ }
-+ } else {
-+ /* busy check failed: reference was acquired by concurrent
-+ * thread. */
-+ JF_CLR(node, JNODE_RIP);
-+ write_unlock_tree(tree);
-+ spin_unlock_jnode(node);
-+ if (page != NULL)
-+ unlock_page(page);
-+ }
-+ return result;
-+}
-+
-+/* This function frees jnode "if possible". In particular, [dcx]_count has to
-+ be 0 (where applicable). */
-+void jdrop(jnode * node)
-+{
-+ jdrop_in_tree(node, jnode_get_tree(node));
-+}
-+
-+/* IO head jnode implementation; The io heads are simple j-nodes with limited
-+ functionality (these j-nodes are not in any hash table) just for reading
-+ from and writing to disk. */
-+
-+jnode *alloc_io_head(const reiser4_block_nr * block)
-+{
-+ jnode *jal = jalloc();
-+
-+ if (jal != NULL) {
-+ jnode_init(jal, current_tree, JNODE_IO_HEAD);
-+ jnode_set_block(jal, block);
-+ }
-+
-+ jref(jal);
-+
-+ return jal;
-+}
-+
-+void drop_io_head(jnode * node)
-+{
-+ assert("zam-648", jnode_get_type(node) == JNODE_IO_HEAD);
-+
-+ jput(node);
-+ jdrop(node);
-+}
-+
-+/* protect keep jnode data from reiser4_releasepage() */
-+void pin_jnode_data(jnode * node)
-+{
-+ assert("zam-671", jnode_page(node) != NULL);
-+ page_cache_get(jnode_page(node));
-+}
-+
-+/* make jnode data free-able again */
-+void unpin_jnode_data(jnode * node)
-+{
-+ assert("zam-672", jnode_page(node) != NULL);
-+ page_cache_release(jnode_page(node));
-+}
-+
-+struct address_space *jnode_get_mapping(const jnode * node)
-+{
-+ assert("nikita-3162", node != NULL);
-+ return jnode_ops(node)->mapping(node);
-+}
-+
-+#if REISER4_DEBUG
-+/* debugging aid: jnode invariant */
-+int jnode_invariant_f(const jnode * node, char const **msg)
-+{
-+#define _ergo(ant, con) \
-+ ((*msg) = "{" #ant "} ergo {" #con "}", ergo((ant), (con)))
-+#define _check(exp) ((*msg) = #exp, (exp))
-+
-+ return _check(node != NULL) &&
-+ /* [jnode-queued] */
-+ /* only relocated node can be queued, except that when znode
-+ * is being deleted, its JNODE_RELOC bit is cleared */
-+ _ergo(JF_ISSET(node, JNODE_FLUSH_QUEUED),
-+ JF_ISSET(node, JNODE_RELOC) ||
-+ JF_ISSET(node, JNODE_HEARD_BANSHEE)) &&
-+ _check(node->jnodes.prev != NULL) &&
-+ _check(node->jnodes.next != NULL) &&
-+ /* [jnode-dirty] invariant */
-+ /* dirty inode is part of atom */
-+ _ergo(JF_ISSET(node, JNODE_DIRTY), node->atom != NULL) &&
-+ /* [jnode-oid] invariant */
-+ /* for unformatted node ->objectid and ->mapping fields are
-+ * consistent */
-+ _ergo(jnode_is_unformatted(node) && node->key.j.mapping != NULL,
-+ node->key.j.objectid ==
-+ get_inode_oid(node->key.j.mapping->host)) &&
-+ /* [jnode-atom-valid] invariant */
-+ /* node atom has valid state */
-+ _ergo(node->atom != NULL, node->atom->stage != ASTAGE_INVALID) &&
-+ /* [jnode-page-binding] invariant */
-+ /* if node points to page, it points back to node */
-+ _ergo(node->pg != NULL, jprivate(node->pg) == node) &&
-+ /* [jnode-refs] invariant */
-+ /* only referenced jnode can be loaded */
-+ _check(atomic_read(&node->x_count) >= atomic_read(&node->d_count));
-+
-+}
-+
-+static const char *jnode_type_name(jnode_type type)
-+{
-+ switch (type) {
-+ case JNODE_UNFORMATTED_BLOCK:
-+ return "unformatted";
-+ case JNODE_FORMATTED_BLOCK:
-+ return "formatted";
-+ case JNODE_BITMAP:
-+ return "bitmap";
-+ case JNODE_IO_HEAD:
-+ return "io head";
-+ case JNODE_INODE:
-+ return "inode";
-+ case LAST_JNODE_TYPE:
-+ return "last";
-+ default:{
-+ static char unknown[30];
-+
-+ sprintf(unknown, "unknown %i", type);
-+ return unknown;
-+ }
-+ }
-+}
-+
-+#define jnode_state_name( node, flag ) \
-+ ( JF_ISSET( ( node ), ( flag ) ) ? ((#flag "|")+6) : "" )
-+
-+/* debugging aid: output human readable information about @node */
-+static void info_jnode(const char *prefix /* prefix to print */ ,
-+ const jnode * node /* node to print */ )
-+{
-+ assert("umka-068", prefix != NULL);
-+
-+ if (node == NULL) {
-+ printk("%s: null\n", prefix);
-+ return;
-+ }
-+
-+ printk
-+ ("%s: %p: state: %lx: [%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s], level: %i,"
-+ " block: %s, d_count: %d, x_count: %d, "
-+ "pg: %p, atom: %p, lock: %i:%i, type: %s, ", prefix, node,
-+ node->state,
-+ jnode_state_name(node, JNODE_PARSED),
-+ jnode_state_name(node, JNODE_HEARD_BANSHEE),
-+ jnode_state_name(node, JNODE_LEFT_CONNECTED),
-+ jnode_state_name(node, JNODE_RIGHT_CONNECTED),
-+ jnode_state_name(node, JNODE_ORPHAN),
-+ jnode_state_name(node, JNODE_CREATED),
-+ jnode_state_name(node, JNODE_RELOC),
-+ jnode_state_name(node, JNODE_OVRWR),
-+ jnode_state_name(node, JNODE_DIRTY),
-+ jnode_state_name(node, JNODE_IS_DYING),
-+ jnode_state_name(node, JNODE_RIP),
-+ jnode_state_name(node, JNODE_MISSED_IN_CAPTURE),
-+ jnode_state_name(node, JNODE_WRITEBACK),
-+ jnode_state_name(node, JNODE_NEW),
-+ jnode_state_name(node, JNODE_DKSET),
-+ jnode_state_name(node, JNODE_REPACK),
-+ jnode_state_name(node, JNODE_CLUSTER_PAGE),
-+ jnode_get_level(node), sprint_address(jnode_get_block(node)),
-+ atomic_read(&node->d_count), atomic_read(&node->x_count),
-+ jnode_page(node), node->atom, 0, 0,
-+ jnode_type_name(jnode_get_type(node)));
-+ if (jnode_is_unformatted(node)) {
-+ printk("inode: %llu, index: %lu, ",
-+ node->key.j.objectid, node->key.j.index);
-+ }
-+}
-+
-+/* debugging aid: check znode invariant and panic if it doesn't hold */
-+static int jnode_invariant(const jnode * node, int tlocked, int jlocked)
-+{
-+ char const *failed_msg;
-+ int result;
-+ reiser4_tree *tree;
-+
-+ tree = jnode_get_tree(node);
-+
-+ assert("umka-063312", node != NULL);
-+ assert("umka-064321", tree != NULL);
-+
-+ if (!jlocked && !tlocked)
-+ spin_lock_jnode((jnode *) node);
-+ if (!tlocked)
-+ read_lock_tree(jnode_get_tree(node));
-+ result = jnode_invariant_f(node, &failed_msg);
-+ if (!result) {
-+ info_jnode("corrupted node", node);
-+ warning("jmacd-555", "Condition %s failed", failed_msg);
-+ }
-+ if (!tlocked)
-+ read_unlock_tree(jnode_get_tree(node));
-+ if (!jlocked && !tlocked)
-+ spin_unlock_jnode((jnode *) node);
-+ return result;
-+}
-+
-+#endif /* REISER4_DEBUG */
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 80
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/jnode.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/jnode.h
-@@ -0,0 +1,711 @@
-+/* Copyright 2001, 2002, 2003, 2004 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* Declaration of jnode. See jnode.c for details. */
-+
-+#ifndef __JNODE_H__
-+#define __JNODE_H__
-+
-+#include "forward.h"
-+#include "type_safe_hash.h"
-+#include "txnmgr.h"
-+#include "key.h"
-+#include "debug.h"
-+#include "dformat.h"
-+#include "context.h"
-+
-+#include "plugin/plugin.h"
-+
-+#include <linux/fs.h>
-+#include <linux/mm.h>
-+#include <linux/spinlock.h>
-+#include <asm/atomic.h>
-+#include <asm/bitops.h>
-+#include <linux/list.h>
-+#include <linux/rcupdate.h>
-+
-+/* declare hash table of jnodes (jnodes proper, that is, unformatted
-+ nodes) */
-+TYPE_SAFE_HASH_DECLARE(j, jnode);
-+
-+/* declare hash table of znodes */
-+TYPE_SAFE_HASH_DECLARE(z, znode);
-+
-+typedef struct {
-+ __u64 objectid;
-+ unsigned long index;
-+ struct address_space *mapping;
-+} jnode_key_t;
-+
-+/*
-+ Jnode is the "base class" of other nodes in reiser4. It is also happens to
-+ be exactly the node we use for unformatted tree nodes.
-+
-+ Jnode provides following basic functionality:
-+
-+ . reference counting and indexing.
-+
-+ . integration with page cache. Jnode has ->pg reference to which page can
-+ be attached.
-+
-+ . interface to transaction manager. It is jnode that is kept in transaction
-+ manager lists, attached to atoms, etc. (NOTE-NIKITA one may argue that this
-+ means, there should be special type of jnode for inode.)
-+
-+ Locking:
-+
-+ Spin lock: the following fields are protected by the per-jnode spin lock:
-+
-+ ->state
-+ ->atom
-+ ->capture_link
-+
-+ Following fields are protected by the global tree lock:
-+
-+ ->link
-+ ->key.z (content of ->key.z is only changed in znode_rehash())
-+ ->key.j
-+
-+ Atomic counters
-+
-+ ->x_count
-+ ->d_count
-+
-+ ->pg, and ->data are protected by spin lock for unused jnode and are
-+ immutable for used jnode (one for which fs/reiser4/vfs_ops.c:releasable()
-+ is false).
-+
-+ ->tree is immutable after creation
-+
-+ Unclear
-+
-+ ->blocknr: should be under jnode spin-lock, but current interface is based
-+ on passing of block address.
-+
-+ If you ever need to spin lock two nodes at once, do this in "natural"
-+ memory order: lock znode with lower address first. (See lock_two_nodes().)
-+
-+ Invariants involving this data-type:
-+
-+ [jnode-dirty]
-+ [jnode-refs]
-+ [jnode-oid]
-+ [jnode-queued]
-+ [jnode-atom-valid]
-+ [jnode-page-binding]
-+*/
-+
-+struct jnode {
-+#if REISER4_DEBUG
-+#define JMAGIC 0x52654973 /* "ReIs" */
-+ int magic;
-+#endif
-+ /* FIRST CACHE LINE (16 bytes): data used by jload */
-+
-+ /* jnode's state: bitwise flags from the reiser4_jnode_state enum. */
-+ /* 0 */ unsigned long state;
-+
-+ /* lock, protecting jnode's fields. */
-+ /* 4 */ spinlock_t load;
-+
-+ /* counter of references to jnode itself. Increased on jref().
-+ Decreased on jput().
-+ */
-+ /* 8 */ atomic_t x_count;
-+
-+ /* counter of references to jnode's data. Pin data page(s) in
-+ memory while this is greater than 0. Increased on jload().
-+ Decreased on jrelse().
-+ */
-+ /* 12 */ atomic_t d_count;
-+
-+ /* SECOND CACHE LINE: data used by hash table lookups */
-+
-+ /* 16 */ union {
-+ /* znodes are hashed by block number */
-+ reiser4_block_nr z;
-+ /* unformatted nodes are hashed by mapping plus offset */
-+ jnode_key_t j;
-+ } key;
-+
-+ /* THIRD CACHE LINE */
-+
-+ /* 32 */ union {
-+ /* pointers to maintain hash-table */
-+ z_hash_link z;
-+ j_hash_link j;
-+ } link;
-+
-+ /* pointer to jnode page. */
-+ /* 36 */ struct page *pg;
-+ /* pointer to node itself. This is page_address(node->pg) when page is
-+ attached to the jnode
-+ */
-+ /* 40 */ void *data;
-+
-+ /* 44 */ reiser4_tree *tree;
-+
-+ /* FOURTH CACHE LINE: atom related fields */
-+
-+ /* 48 */ spinlock_t guard;
-+
-+ /* atom the block is in, if any */
-+ /* 52 */ txn_atom *atom;
-+
-+ /* capture list */
-+ /* 56 */ struct list_head capture_link;
-+
-+ /* FIFTH CACHE LINE */
-+
-+ /* 64 */ struct rcu_head rcu;
-+ /* crosses cache line */
-+
-+ /* SIXTH CACHE LINE */
-+
-+ /* the real blocknr (where io is going to/from) */
-+ /* 80 */ reiser4_block_nr blocknr;
-+ /* Parent item type, unformatted and CRC need it for offset => key conversion. */
-+ /* NOTE: this parent_item_id looks like jnode type. */
-+ /* 88 */ reiser4_plugin_id parent_item_id;
-+ /* 92 */
-+#if REISER4_DEBUG
-+ /* number of pages referenced by the jnode (meaningful while capturing of
-+ page clusters) */
-+ int page_count;
-+ /* list of all jnodes for debugging purposes. */
-+ struct list_head jnodes;
-+ /* how many times this jnode was written in one transaction */
-+ int written;
-+ /* this indicates which atom's list the jnode is on */
-+ atom_list list;
-+#endif
-+} __attribute__ ((aligned(16)));
-+
-+/*
-+ * jnode types. Enumeration of existing jnode types.
-+ */
-+typedef enum {
-+ JNODE_UNFORMATTED_BLOCK, /* unformatted block */
-+ JNODE_FORMATTED_BLOCK, /* formatted block, znode */
-+ JNODE_BITMAP, /* bitmap */
-+ JNODE_IO_HEAD, /* jnode representing a block in the
-+ * wandering log */
-+ JNODE_INODE, /* jnode embedded into inode */
-+ LAST_JNODE_TYPE
-+} jnode_type;
-+
-+/* jnode states */
-+typedef enum {
-+ /* jnode's page is loaded and data checked */
-+ JNODE_PARSED = 0,
-+ /* node was deleted, not all locks on it were released. This
-+ node is empty and is going to be removed from the tree
-+ shortly. */
-+ JNODE_HEARD_BANSHEE = 1,
-+ /* left sibling pointer is valid */
-+ JNODE_LEFT_CONNECTED = 2,
-+ /* right sibling pointer is valid */
-+ JNODE_RIGHT_CONNECTED = 3,
-+
-+ /* znode was just created and doesn't yet have a pointer from
-+ its parent */
-+ JNODE_ORPHAN = 4,
-+
-+ /* this node was created by its transaction and has not been assigned
-+ a block address. */
-+ JNODE_CREATED = 5,
-+
-+ /* this node is currently relocated */
-+ JNODE_RELOC = 6,
-+ /* this node is currently wandered */
-+ JNODE_OVRWR = 7,
-+
-+ /* this znode has been modified */
-+ JNODE_DIRTY = 8,
-+
-+ /* znode lock is being invalidated */
-+ JNODE_IS_DYING = 9,
-+
-+ /* THIS PLACE IS INTENTIONALLY LEFT BLANK */
-+
-+ /* jnode is queued for flushing. */
-+ JNODE_FLUSH_QUEUED = 12,
-+
-+ /* In the following bits jnode type is encoded. */
-+ JNODE_TYPE_1 = 13,
-+ JNODE_TYPE_2 = 14,
-+ JNODE_TYPE_3 = 15,
-+
-+ /* jnode is being destroyed */
-+ JNODE_RIP = 16,
-+
-+ /* znode was not captured during locking (it might so be because
-+ ->level != LEAF_LEVEL and lock_mode == READ_LOCK) */
-+ JNODE_MISSED_IN_CAPTURE = 17,
-+
-+ /* write is in progress */
-+ JNODE_WRITEBACK = 18,
-+
-+ /* FIXME: now it is used by crypto-compress plugin only */
-+ JNODE_NEW = 19,
-+
-+ /* delimiting keys are already set for this znode. */
-+ JNODE_DKSET = 20,
-+
-+ /* when this bit is set page and jnode can not be disconnected */
-+ JNODE_WRITE_PREPARED = 21,
-+
-+ JNODE_CLUSTER_PAGE = 22,
-+ /* Jnode is marked for repacking, that means the reiser4 flush and the
-+ * block allocator should process this node special way */
-+ JNODE_REPACK = 23,
-+ /* node should be converted by flush in squalloc phase */
-+ JNODE_CONVERTIBLE = 24,
-+ /*
-+ * When jnode is dirtied for the first time in given transaction,
-+ * do_jnode_make_dirty() checks whether this jnode can possible became
-+ * member of overwrite set. If so, this bit is set, and one block is
-+ * reserved in the ->flush_reserved space of atom.
-+ *
-+ * This block is "used" (and JNODE_FLUSH_RESERVED bit is cleared) when
-+ *
-+ * (1) flush decides that we want this block to go into relocate
-+ * set after all.
-+ *
-+ * (2) wandering log is allocated (by log writer)
-+ *
-+ * (3) extent is allocated
-+ *
-+ */
-+ JNODE_FLUSH_RESERVED = 29
-+} reiser4_jnode_state;
-+
-+/* Macros for accessing the jnode state. */
-+
-+static inline void JF_CLR(jnode * j, int f)
-+{
-+ assert("unknown-1", j->magic == JMAGIC);
-+ clear_bit(f, &j->state);
-+}
-+static inline int JF_ISSET(const jnode * j, int f)
-+{
-+ assert("unknown-2", j->magic == JMAGIC);
-+ return test_bit(f, &((jnode *) j)->state);
-+}
-+static inline void JF_SET(jnode * j, int f)
-+{
-+ assert("unknown-3", j->magic == JMAGIC);
-+ set_bit(f, &j->state);
-+}
-+
-+static inline int JF_TEST_AND_SET(jnode * j, int f)
-+{
-+ assert("unknown-4", j->magic == JMAGIC);
-+ return test_and_set_bit(f, &j->state);
-+}
-+
-+static inline void spin_lock_jnode(jnode *node)
-+{
-+ /* check that spinlocks of lower priorities are not held */
-+ assert("", (LOCK_CNT_NIL(rw_locked_tree) &&
-+ LOCK_CNT_NIL(spin_locked_txnh) &&
-+ LOCK_CNT_NIL(spin_locked_zlock) &&
-+ LOCK_CNT_NIL(rw_locked_dk) &&
-+ LOCK_CNT_LT(spin_locked_jnode, 2)));
-+
-+ spin_lock(&(node->guard));
-+
-+ LOCK_CNT_INC(spin_locked_jnode);
-+ LOCK_CNT_INC(spin_locked);
-+}
-+
-+static inline void spin_unlock_jnode(jnode *node)
-+{
-+ assert_spin_locked(&(node->guard));
-+ assert("nikita-1375", LOCK_CNT_GTZ(spin_locked_jnode));
-+ assert("nikita-1376", LOCK_CNT_GTZ(spin_locked));
-+
-+ LOCK_CNT_DEC(spin_locked_jnode);
-+ LOCK_CNT_DEC(spin_locked);
-+
-+ spin_unlock(&(node->guard));
-+}
-+
-+static inline int jnode_is_in_deleteset(const jnode * node)
-+{
-+ return JF_ISSET(node, JNODE_RELOC);
-+}
-+
-+extern int init_jnodes(void);
-+extern void done_jnodes(void);
-+
-+/* Jnode routines */
-+extern jnode *jalloc(void);
-+extern void jfree(jnode * node) NONNULL;
-+extern jnode *jclone(jnode *);
-+extern jnode *jlookup(reiser4_tree * tree,
-+ oid_t objectid, unsigned long ind) NONNULL;
-+extern jnode *jfind(struct address_space *, unsigned long index) NONNULL;
-+extern jnode *jnode_by_page(struct page *pg) NONNULL;
-+extern jnode *jnode_of_page(struct page *pg) NONNULL;
-+void jnode_attach_page(jnode * node, struct page *pg);
-+jnode *find_get_jnode(reiser4_tree * tree,
-+ struct address_space *mapping, oid_t oid,
-+ unsigned long index);
-+
-+void unhash_unformatted_jnode(jnode *);
-+struct page *jnode_get_page_locked(jnode *, gfp_t gfp_flags);
-+extern jnode *page_next_jnode(jnode * node) NONNULL;
-+extern void jnode_init(jnode * node, reiser4_tree * tree, jnode_type) NONNULL;
-+extern void jnode_make_dirty(jnode * node) NONNULL;
-+extern void jnode_make_clean(jnode * node) NONNULL;
-+extern void jnode_make_wander_nolock(jnode * node) NONNULL;
-+extern void jnode_make_wander(jnode *) NONNULL;
-+extern void znode_make_reloc(znode *, flush_queue_t *) NONNULL;
-+extern void unformatted_make_reloc(jnode *, flush_queue_t *) NONNULL;
-+extern struct address_space *jnode_get_mapping(const jnode * node) NONNULL;
-+
-+/**
-+ * jnode_get_block
-+ * @node: jnode to query
-+ *
-+ */
-+static inline const reiser4_block_nr *jnode_get_block(const jnode *node)
-+{
-+ assert("nikita-528", node != NULL);
-+
-+ return &node->blocknr;
-+}
-+
-+/**
-+ * jnode_set_block
-+ * @node: jnode to update
-+ * @blocknr: new block nr
-+ */
-+static inline void jnode_set_block(jnode *node, const reiser4_block_nr *blocknr)
-+{
-+ assert("nikita-2020", node != NULL);
-+ assert("umka-055", blocknr != NULL);
-+ node->blocknr = *blocknr;
-+}
-+
-+
-+/* block number for IO. Usually this is the same as jnode_get_block(), unless
-+ * jnode was emergency flushed---then block number chosen by eflush is
-+ * used. */
-+static inline const reiser4_block_nr *jnode_get_io_block(jnode * node)
-+{
-+ assert("nikita-2768", node != NULL);
-+ assert_spin_locked(&(node->guard));
-+
-+ return jnode_get_block(node);
-+}
-+
-+/* Jnode flush interface. */
-+extern reiser4_blocknr_hint *pos_hint(flush_pos_t * pos);
-+extern flush_queue_t *pos_fq(flush_pos_t * pos);
-+
-+/* FIXME-VS: these are used in plugin/item/extent.c */
-+
-+/* does extent_get_block have to be called */
-+#define jnode_mapped(node) JF_ISSET (node, JNODE_MAPPED)
-+#define jnode_set_mapped(node) JF_SET (node, JNODE_MAPPED)
-+
-+/* the node should be converted during flush squalloc phase */
-+#define jnode_convertible(node) JF_ISSET (node, JNODE_CONVERTIBLE)
-+#define jnode_set_convertible(node) JF_SET (node, JNODE_CONVERTIBLE)
-+
-+/* Macros to convert from jnode to znode, znode to jnode. These are macros
-+ because C doesn't allow overloading of const prototypes. */
-+#define ZJNODE(x) (& (x) -> zjnode)
-+#define JZNODE(x) \
-+({ \
-+ typeof (x) __tmp_x; \
-+ \
-+ __tmp_x = (x); \
-+ assert ("jmacd-1300", jnode_is_znode (__tmp_x)); \
-+ (znode*) __tmp_x; \
-+})
-+
-+extern int jnodes_tree_init(reiser4_tree * tree);
-+extern int jnodes_tree_done(reiser4_tree * tree);
-+
-+#if REISER4_DEBUG
-+
-+extern int znode_is_any_locked(const znode * node);
-+extern void jnode_list_remove(jnode * node);
-+
-+#else
-+
-+#define jnode_list_remove(node) noop
-+
-+#endif
-+
-+int znode_is_root(const znode * node) NONNULL;
-+
-+/* bump reference counter on @node */
-+static inline void add_x_ref(jnode * node /* node to increase x_count of */ )
-+{
-+ assert("nikita-1911", node != NULL);
-+
-+ atomic_inc(&node->x_count);
-+ LOCK_CNT_INC(x_refs);
-+}
-+
-+static inline void dec_x_ref(jnode * node)
-+{
-+ assert("nikita-3215", node != NULL);
-+ assert("nikita-3216", atomic_read(&node->x_count) > 0);
-+
-+ atomic_dec(&node->x_count);
-+ assert("nikita-3217", LOCK_CNT_GTZ(x_refs));
-+ LOCK_CNT_DEC(x_refs);
-+}
-+
-+/* jref() - increase counter of references to jnode/znode (x_count) */
-+static inline jnode *jref(jnode * node)
-+{
-+ assert("jmacd-508", (node != NULL) && !IS_ERR(node));
-+ add_x_ref(node);
-+ return node;
-+}
-+
-+/* get the page of jnode */
-+static inline struct page *jnode_page(const jnode * node)
-+{
-+ return node->pg;
-+}
-+
-+/* return pointer to jnode data */
-+static inline char *jdata(const jnode * node)
-+{
-+ assert("nikita-1415", node != NULL);
-+ assert("nikita-3198", jnode_page(node) != NULL);
-+ return node->data;
-+}
-+
-+static inline int jnode_is_loaded(const jnode * node)
-+{
-+ assert("zam-506", node != NULL);
-+ return atomic_read(&node->d_count) > 0;
-+}
-+
-+extern void page_detach_jnode(struct page *page,
-+ struct address_space *mapping,
-+ unsigned long index) NONNULL;
-+extern void page_clear_jnode(struct page *page, jnode * node) NONNULL;
-+
-+static inline void jnode_set_reloc(jnode * node)
-+{
-+ assert("nikita-2431", node != NULL);
-+ assert("nikita-2432", !JF_ISSET(node, JNODE_OVRWR));
-+ JF_SET(node, JNODE_RELOC);
-+}
-+
-+/* jload/jwrite/junload give a bread/bwrite/brelse functionality for jnodes */
-+
-+extern int jload_gfp(jnode *, gfp_t, int do_kmap) NONNULL;
-+
-+static inline int jload(jnode *node)
-+{
-+ return jload_gfp(node, get_gfp_mask(), 1);
-+}
-+
-+extern int jinit_new(jnode *, gfp_t) NONNULL;
-+extern int jstartio(jnode *) NONNULL;
-+
-+extern void jdrop(jnode *) NONNULL;
-+extern int jwait_io(jnode *, int rw) NONNULL;
-+
-+void jload_prefetch(jnode *);
-+
-+extern jnode *alloc_io_head(const reiser4_block_nr * block) NONNULL;
-+extern void drop_io_head(jnode * node) NONNULL;
-+
-+static inline reiser4_tree *jnode_get_tree(const jnode * node)
-+{
-+ assert("nikita-2691", node != NULL);
-+ return node->tree;
-+}
-+
-+extern void pin_jnode_data(jnode *);
-+extern void unpin_jnode_data(jnode *);
-+
-+static inline jnode_type jnode_get_type(const jnode * node)
-+{
-+ static const unsigned long state_mask =
-+ (1 << JNODE_TYPE_1) | (1 << JNODE_TYPE_2) | (1 << JNODE_TYPE_3);
-+
-+ static jnode_type mask_to_type[] = {
-+ /* JNODE_TYPE_3 : JNODE_TYPE_2 : JNODE_TYPE_1 */
-+
-+ /* 000 */
-+ [0] = JNODE_FORMATTED_BLOCK,
-+ /* 001 */
-+ [1] = JNODE_UNFORMATTED_BLOCK,
-+ /* 010 */
-+ [2] = JNODE_BITMAP,
-+ /* 011 */
-+ [3] = LAST_JNODE_TYPE, /*invalid */
-+ /* 100 */
-+ [4] = JNODE_INODE,
-+ /* 101 */
-+ [5] = LAST_JNODE_TYPE,
-+ /* 110 */
-+ [6] = JNODE_IO_HEAD,
-+ /* 111 */
-+ [7] = LAST_JNODE_TYPE, /* invalid */
-+ };
-+
-+ return mask_to_type[(node->state & state_mask) >> JNODE_TYPE_1];
-+}
-+
-+/* returns true if node is a znode */
-+static inline int jnode_is_znode(const jnode * node)
-+{
-+ return jnode_get_type(node) == JNODE_FORMATTED_BLOCK;
-+}
-+
-+static inline int jnode_is_flushprepped(jnode * node)
-+{
-+ assert("jmacd-78212", node != NULL);
-+ assert_spin_locked(&(node->guard));
-+ return !JF_ISSET(node, JNODE_DIRTY) || JF_ISSET(node, JNODE_RELOC) ||
-+ JF_ISSET(node, JNODE_OVRWR);
-+}
-+
-+/* Return true if @node has already been processed by the squeeze and allocate
-+ process. This implies the block address has been finalized for the
-+ duration of this atom (or it is clean and will remain in place). If this
-+ returns true you may use the block number as a hint. */
-+static inline int jnode_check_flushprepped(jnode * node)
-+{
-+ int result;
-+
-+ /* It must be clean or relocated or wandered. New allocations are set to relocate. */
-+ spin_lock_jnode(node);
-+ result = jnode_is_flushprepped(node);
-+ spin_unlock_jnode(node);
-+ return result;
-+}
-+
-+/* returns true if node is unformatted */
-+static inline int jnode_is_unformatted(const jnode * node)
-+{
-+ assert("jmacd-0123", node != NULL);
-+ return jnode_get_type(node) == JNODE_UNFORMATTED_BLOCK;
-+}
-+
-+/* returns true if node represents a cluster cache page */
-+static inline int jnode_is_cluster_page(const jnode * node)
-+{
-+ assert("edward-50", node != NULL);
-+ return (JF_ISSET(node, JNODE_CLUSTER_PAGE));
-+}
-+
-+/* returns true is node is builtin inode's jnode */
-+static inline int jnode_is_inode(const jnode * node)
-+{
-+ assert("vs-1240", node != NULL);
-+ return jnode_get_type(node) == JNODE_INODE;
-+}
-+
-+static inline jnode_plugin *jnode_ops_of(const jnode_type type)
-+{
-+ assert("nikita-2367", type < LAST_JNODE_TYPE);
-+ return jnode_plugin_by_id((reiser4_plugin_id) type);
-+}
-+
-+static inline jnode_plugin *jnode_ops(const jnode * node)
-+{
-+ assert("nikita-2366", node != NULL);
-+
-+ return jnode_ops_of(jnode_get_type(node));
-+}
-+
-+/* Get the index of a block. */
-+static inline unsigned long jnode_get_index(jnode * node)
-+{
-+ return jnode_ops(node)->index(node);
-+}
-+
-+/* return true if "node" is the root */
-+static inline int jnode_is_root(const jnode * node)
-+{
-+ return jnode_is_znode(node) && znode_is_root(JZNODE(node));
-+}
-+
-+extern struct address_space *mapping_jnode(const jnode * node);
-+extern unsigned long index_jnode(const jnode * node);
-+
-+static inline void jput(jnode * node);
-+extern void jput_final(jnode * node);
-+
-+/* bump data counter on @node */
-+static inline void add_d_ref(jnode * node /* node to increase d_count of */ )
-+{
-+ assert("nikita-1962", node != NULL);
-+
-+ atomic_inc(&node->d_count);
-+ if (jnode_is_unformatted(node) || jnode_is_znode(node))
-+ LOCK_CNT_INC(d_refs);
-+}
-+
-+/* jput() - decrement x_count reference counter on znode.
-+
-+ Count may drop to 0, jnode stays in cache until memory pressure causes the
-+ eviction of its page. The c_count variable also ensures that children are
-+ pressured out of memory before the parent. The jnode remains hashed as
-+ long as the VM allows its page to stay in memory.
-+*/
-+static inline void jput(jnode * node)
-+{
-+ assert("jmacd-509", node != NULL);
-+ assert("jmacd-510", atomic_read(&node->x_count) > 0);
-+ assert("zam-926", schedulable());
-+ LOCK_CNT_DEC(x_refs);
-+
-+ rcu_read_lock();
-+ /*
-+ * we don't need any kind of lock here--jput_final() uses RCU.
-+ */
-+ if (unlikely(atomic_dec_and_test(&node->x_count))) {
-+ jput_final(node);
-+ } else
-+ rcu_read_unlock();
-+ assert("nikita-3473", schedulable());
-+}
-+
-+extern void jrelse(jnode * node);
-+extern void jrelse_tail(jnode * node);
-+
-+extern jnode *jnode_rip_sync(reiser4_tree * t, jnode * node);
-+
-+/* resolve race with jput */
-+static inline jnode *jnode_rip_check(reiser4_tree * tree, jnode * node)
-+{
-+ if (unlikely(JF_ISSET(node, JNODE_RIP)))
-+ node = jnode_rip_sync(tree, node);
-+ return node;
-+}
-+
-+extern reiser4_key *jnode_build_key(const jnode *node, reiser4_key * key);
-+
-+#if REISER4_DEBUG
-+extern int jnode_invariant_f(const jnode *node, char const **msg);
-+#endif
-+
-+extern jnode_plugin jnode_plugins[LAST_JNODE_TYPE];
-+
-+/* __JNODE_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/kassign.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/kassign.c
-@@ -0,0 +1,659 @@
-+/* Copyright 2001, 2002, 2003, 2004 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* Key assignment policy implementation */
-+
-+/*
-+ * In reiser4 every piece of file system data and meta-data has a key. Keys
-+ * are used to store information in and retrieve it from reiser4 internal
-+ * tree. In addition to this, keys define _ordering_ of all file system
-+ * information: things having close keys are placed into the same or
-+ * neighboring (in the tree order) nodes of the tree. As our block allocator
-+ * tries to respect tree order (see flush.c), keys also define order in which
-+ * things are laid out on the disk, and hence, affect performance directly.
-+ *
-+ * Obviously, assignment of keys to data and meta-data should be consistent
-+ * across whole file system. Algorithm that calculates a key for a given piece
-+ * of data or meta-data is referred to as "key assignment".
-+ *
-+ * Key assignment is too expensive to be implemented as a plugin (that is,
-+ * with an ability to support different key assignment schemas in the same
-+ * compiled kernel image). As a compromise, all key-assignment functions and
-+ * data-structures are collected in this single file, so that modifications to
-+ * key assignment algorithm can be localized. Additional changes may be
-+ * required in key.[ch].
-+ *
-+ * Current default reiser4 key assignment algorithm is dubbed "Plan A". As one
-+ * may guess, there is "Plan B" too.
-+ *
-+ */
-+
-+/*
-+ * Additional complication with key assignment implementation is a requirement
-+ * to support different key length.
-+ */
-+
-+/*
-+ * KEY ASSIGNMENT: PLAN A, LONG KEYS.
-+ *
-+ * DIRECTORY ITEMS
-+ *
-+ * | 60 | 4 | 7 |1| 56 | 64 | 64 |
-+ * +--------------+---+---+-+-------------+------------------+-----------------+
-+ * | dirid | 0 | F |H| prefix-1 | prefix-2 | prefix-3/hash |
-+ * +--------------+---+---+-+-------------+------------------+-----------------+
-+ * | | | | |
-+ * | 8 bytes | 8 bytes | 8 bytes | 8 bytes |
-+ *
-+ * dirid objectid of directory this item is for
-+ *
-+ * F fibration, see fs/reiser4/plugin/fibration.[ch]
-+ *
-+ * H 1 if last 8 bytes of the key contain hash,
-+ * 0 if last 8 bytes of the key contain prefix-3
-+ *
-+ * prefix-1 first 7 characters of file name.
-+ * Padded by zeroes if name is not long enough.
-+ *
-+ * prefix-2 next 8 characters of the file name.
-+ *
-+ * prefix-3 next 8 characters of the file name.
-+ *
-+ * hash hash of the rest of file name (i.e., portion of file
-+ * name not included into prefix-1 and prefix-2).
-+ *
-+ * File names shorter than 23 (== 7 + 8 + 8) characters are completely encoded
-+ * in the key. Such file names are called "short". They are distinguished by H
-+ * bit set 0 in the key.
-+ *
-+ * Other file names are "long". For long name, H bit is 1, and first 15 (== 7
-+ * + 8) characters are encoded in prefix-1 and prefix-2 portions of the
-+ * key. Last 8 bytes of the key are occupied by hash of the remaining
-+ * characters of the name.
-+ *
-+ * This key assignment reaches following important goals:
-+ *
-+ * (1) directory entries are sorted in approximately lexicographical
-+ * order.
-+ *
-+ * (2) collisions (when multiple directory items have the same key), while
-+ * principally unavoidable in a tree with fixed length keys, are rare.
-+ *
-+ * STAT DATA
-+ *
-+ * | 60 | 4 | 64 | 4 | 60 | 64 |
-+ * +--------------+---+-----------------+---+--------------+-----------------+
-+ * | locality id | 1 | ordering | 0 | objectid | 0 |
-+ * +--------------+---+-----------------+---+--------------+-----------------+
-+ * | | | | |
-+ * | 8 bytes | 8 bytes | 8 bytes | 8 bytes |
-+ *
-+ * locality id object id of a directory where first name was created for
-+ * the object
-+ *
-+ * ordering copy of second 8-byte portion of the key of directory
-+ * entry for the first name of this object. Ordering has a form
-+ * {
-+ * fibration :7;
-+ * h :1;
-+ * prefix1 :56;
-+ * }
-+ * see description of key for directory entry above.
-+ *
-+ * objectid object id for this object
-+ *
-+ * This key assignment policy is designed to keep stat-data in the same order
-+ * as corresponding directory items, thus speeding up readdir/stat types of
-+ * workload.
-+ *
-+ * FILE BODY
-+ *
-+ * | 60 | 4 | 64 | 4 | 60 | 64 |
-+ * +--------------+---+-----------------+---+--------------+-----------------+
-+ * | locality id | 4 | ordering | 0 | objectid | offset |
-+ * +--------------+---+-----------------+---+--------------+-----------------+
-+ * | | | | |
-+ * | 8 bytes | 8 bytes | 8 bytes | 8 bytes |
-+ *
-+ * locality id object id of a directory where first name was created for
-+ * the object
-+ *
-+ * ordering the same as in the key of stat-data for this object
-+ *
-+ * objectid object id for this object
-+ *
-+ * offset logical offset from the beginning of this file.
-+ * Measured in bytes.
-+ *
-+ *
-+ * KEY ASSIGNMENT: PLAN A, SHORT KEYS.
-+ *
-+ * DIRECTORY ITEMS
-+ *
-+ * | 60 | 4 | 7 |1| 56 | 64 |
-+ * +--------------+---+---+-+-------------+-----------------+
-+ * | dirid | 0 | F |H| prefix-1 | prefix-2/hash |
-+ * +--------------+---+---+-+-------------+-----------------+
-+ * | | | |
-+ * | 8 bytes | 8 bytes | 8 bytes |
-+ *
-+ * dirid objectid of directory this item is for
-+ *
-+ * F fibration, see fs/reiser4/plugin/fibration.[ch]
-+ *
-+ * H 1 if last 8 bytes of the key contain hash,
-+ * 0 if last 8 bytes of the key contain prefix-2
-+ *
-+ * prefix-1 first 7 characters of file name.
-+ * Padded by zeroes if name is not long enough.
-+ *
-+ * prefix-2 next 8 characters of the file name.
-+ *
-+ * hash hash of the rest of file name (i.e., portion of file
-+ * name not included into prefix-1).
-+ *
-+ * File names shorter than 15 (== 7 + 8) characters are completely encoded in
-+ * the key. Such file names are called "short". They are distinguished by H
-+ * bit set in the key.
-+ *
-+ * Other file names are "long". For long name, H bit is 0, and first 7
-+ * characters are encoded in prefix-1 portion of the key. Last 8 bytes of the
-+ * key are occupied by hash of the remaining characters of the name.
-+ *
-+ * STAT DATA
-+ *
-+ * | 60 | 4 | 4 | 60 | 64 |
-+ * +--------------+---+---+--------------+-----------------+
-+ * | locality id | 1 | 0 | objectid | 0 |
-+ * +--------------+---+---+--------------+-----------------+
-+ * | | | |
-+ * | 8 bytes | 8 bytes | 8 bytes |
-+ *
-+ * locality id object id of a directory where first name was created for
-+ * the object
-+ *
-+ * objectid object id for this object
-+ *
-+ * FILE BODY
-+ *
-+ * | 60 | 4 | 4 | 60 | 64 |
-+ * +--------------+---+---+--------------+-----------------+
-+ * | locality id | 4 | 0 | objectid | offset |
-+ * +--------------+---+---+--------------+-----------------+
-+ * | | | |
-+ * | 8 bytes | 8 bytes | 8 bytes |
-+ *
-+ * locality id object id of a directory where first name was created for
-+ * the object
-+ *
-+ * objectid object id for this object
-+ *
-+ * offset logical offset from the beginning of this file.
-+ * Measured in bytes.
-+ *
-+ *
-+ */
-+
-+#include "debug.h"
-+#include "key.h"
-+#include "kassign.h"
-+#include "vfs_ops.h"
-+#include "inode.h"
-+#include "super.h"
-+#include "dscale.h"
-+
-+#include <linux/types.h> /* for __u?? */
-+#include <linux/fs.h> /* for struct super_block, etc */
-+
-+/* bitmask for H bit (see comment at the beginning of this file */
-+static const __u64 longname_mark = 0x0100000000000000ull;
-+/* bitmask for F and H portions of the key. */
-+static const __u64 fibration_mask = 0xff00000000000000ull;
-+
-+/* return true if name is not completely encoded in @key */
-+int is_longname_key(const reiser4_key * key)
-+{
-+ __u64 highpart;
-+
-+ assert("nikita-2863", key != NULL);
-+ if (get_key_type(key) != KEY_FILE_NAME_MINOR)
-+ print_key("oops", key);
-+ assert("nikita-2864", get_key_type(key) == KEY_FILE_NAME_MINOR);
-+
-+ if (REISER4_LARGE_KEY)
-+ highpart = get_key_ordering(key);
-+ else
-+ highpart = get_key_objectid(key);
-+
-+ return (highpart & longname_mark) ? 1 : 0;
-+}
-+
-+/* return true if @name is too long to be completely encoded in the key */
-+int is_longname(const char *name UNUSED_ARG, int len)
-+{
-+ if (REISER4_LARGE_KEY)
-+ return len > 23;
-+ else
-+ return len > 15;
-+}
-+
-+/* code ascii string into __u64.
-+
-+ Put characters of @name into result (@str) one after another starting
-+ from @start_idx-th highest (arithmetically) byte. This produces
-+ endian-safe encoding. memcpy(2) will not do.
-+
-+*/
-+static __u64 pack_string(const char *name /* string to encode */ ,
-+ int start_idx /* highest byte in result from
-+ * which to start encoding */ )
-+{
-+ unsigned i;
-+ __u64 str;
-+
-+ str = 0;
-+ for (i = 0; (i < sizeof str - start_idx) && name[i]; ++i) {
-+ str <<= 8;
-+ str |= (unsigned char)name[i];
-+ }
-+ str <<= (sizeof str - i - start_idx) << 3;
-+ return str;
-+}
-+
-+/* opposite to pack_string(). Takes value produced by pack_string(), restores
-+ * string encoded in it and stores result in @buf */
-+char *unpack_string(__u64 value, char *buf)
-+{
-+ do {
-+ *buf = value >> (64 - 8);
-+ if (*buf)
-+ ++buf;
-+ value <<= 8;
-+ } while (value != 0);
-+ *buf = 0;
-+ return buf;
-+}
-+
-+/* obtain name encoded in @key and store it in @buf */
-+char *extract_name_from_key(const reiser4_key * key, char *buf)
-+{
-+ char *c;
-+
-+ assert("nikita-2868", !is_longname_key(key));
-+
-+ c = buf;
-+ if (REISER4_LARGE_KEY) {
-+ c = unpack_string(get_key_ordering(key) & ~fibration_mask, c);
-+ c = unpack_string(get_key_fulloid(key), c);
-+ } else
-+ c = unpack_string(get_key_fulloid(key) & ~fibration_mask, c);
-+ unpack_string(get_key_offset(key), c);
-+ return buf;
-+}
-+
-+/**
-+ * complete_entry_key - calculate entry key by name
-+ * @dir: directory where entry is (or will be) in
-+ * @name: name to calculate key of
-+ * @len: lenth of name
-+ * @result: place to store result in
-+ *
-+ * Sets fields of entry key @result which depend on file name.
-+ * When REISER4_LARGE_KEY is defined three fields of @result are set: ordering,
-+ * objectid and offset. Otherwise, objectid and offset are set.
-+ */
-+void complete_entry_key(const struct inode *dir, const char *name,
-+ int len, reiser4_key *result)
-+{
-+#if REISER4_LARGE_KEY
-+ __u64 ordering;
-+ __u64 objectid;
-+ __u64 offset;
-+
-+ assert("nikita-1139", dir != NULL);
-+ assert("nikita-1142", result != NULL);
-+ assert("nikita-2867", strlen(name) == len);
-+
-+ /*
-+ * key allocation algorithm for directory entries in case of large
-+ * keys:
-+ *
-+ * If name is not longer than 7 + 8 + 8 = 23 characters, put first 7
-+ * characters into ordering field of key, next 8 charactes (if any)
-+ * into objectid field of key and next 8 ones (of any) into offset
-+ * field of key
-+ *
-+ * If file name is longer than 23 characters, put first 7 characters
-+ * into key's ordering, next 8 to objectid and hash of remaining
-+ * characters into offset field.
-+ *
-+ * To distinguish above cases, in latter set up unused high bit in
-+ * ordering field.
-+ */
-+
-+ /* [0-6] characters to ordering */
-+ ordering = pack_string(name, 1);
-+ if (len > 7) {
-+ /* [7-14] characters to objectid */
-+ objectid = pack_string(name + 7, 0);
-+ if (len > 15) {
-+ if (len <= 23) {
-+ /* [15-23] characters to offset */
-+ offset = pack_string(name + 15, 0);
-+ } else {
-+ /* note in a key the fact that offset contains hash. */
-+ ordering |= longname_mark;
-+
-+ /* offset is the hash of the file name's tail. */
-+ offset = inode_hash_plugin(dir)->hash(name + 15,
-+ len - 15);
-+ }
-+ } else {
-+ offset = 0ull;
-+ }
-+ } else {
-+ objectid = 0ull;
-+ offset = 0ull;
-+ }
-+
-+ assert("nikita-3480", inode_fibration_plugin(dir) != NULL);
-+ ordering |= inode_fibration_plugin(dir)->fibre(dir, name, len);
-+
-+ set_key_ordering(result, ordering);
-+ set_key_fulloid(result, objectid);
-+ set_key_offset(result, offset);
-+ return;
-+
-+#else
-+ __u64 objectid;
-+ __u64 offset;
-+
-+ assert("nikita-1139", dir != NULL);
-+ assert("nikita-1142", result != NULL);
-+ assert("nikita-2867", strlen(name) == len);
-+
-+ /*
-+ * key allocation algorithm for directory entries in case of not large
-+ * keys:
-+ *
-+ * If name is not longer than 7 + 8 = 15 characters, put first 7
-+ * characters into objectid field of key, next 8 charactes (if any)
-+ * into offset field of key
-+ *
-+ * If file name is longer than 15 characters, put first 7 characters
-+ * into key's objectid, and hash of remaining characters into offset
-+ * field.
-+ *
-+ * To distinguish above cases, in latter set up unused high bit in
-+ * objectid field.
-+ */
-+
-+ /* [0-6] characters to objectid */
-+ objectid = pack_string(name, 1);
-+ if (len > 7) {
-+ if (len <= 15) {
-+ /* [7-14] characters to offset */
-+ offset = pack_string(name + 7, 0);
-+ } else {
-+ /* note in a key the fact that offset contains hash. */
-+ objectid |= longname_mark;
-+
-+ /* offset is the hash of the file name. */
-+ offset = inode_hash_plugin(dir)->hash(name + 7,
-+ len - 7);
-+ }
-+ } else
-+ offset = 0ull;
-+
-+ assert("nikita-3480", inode_fibration_plugin(dir) != NULL);
-+ objectid |= inode_fibration_plugin(dir)->fibre(dir, name, len);
-+
-+ set_key_fulloid(result, objectid);
-+ set_key_offset(result, offset);
-+ return;
-+#endif /* ! REISER4_LARGE_KEY */
-+}
-+
-+/* true, if @key is the key of "." */
-+int is_dot_key(const reiser4_key * key /* key to check */ )
-+{
-+ assert("nikita-1717", key != NULL);
-+ assert("nikita-1718", get_key_type(key) == KEY_FILE_NAME_MINOR);
-+ return
-+ (get_key_ordering(key) == 0ull) &&
-+ (get_key_objectid(key) == 0ull) && (get_key_offset(key) == 0ull);
-+}
-+
-+/* build key for stat-data.
-+
-+ return key of stat-data of this object. This should became sd plugin
-+ method in the future. For now, let it be here.
-+
-+*/
-+reiser4_key *build_sd_key(const struct inode * target /* inode of an object */ ,
-+ reiser4_key * result /* resulting key of @target
-+ stat-data */ )
-+{
-+ assert("nikita-261", result != NULL);
-+
-+ reiser4_key_init(result);
-+ set_key_locality(result, reiser4_inode_data(target)->locality_id);
-+ set_key_ordering(result, get_inode_ordering(target));
-+ set_key_objectid(result, get_inode_oid(target));
-+ set_key_type(result, KEY_SD_MINOR);
-+ set_key_offset(result, (__u64) 0);
-+ return result;
-+}
-+
-+/* encode part of key into &obj_key_id
-+
-+ This encodes into @id part of @key sufficient to restore @key later,
-+ given that latter is key of object (key of stat-data).
-+
-+ See &obj_key_id
-+*/
-+int build_obj_key_id(const reiser4_key * key /* key to encode */ ,
-+ obj_key_id * id /* id where key is encoded in */ )
-+{
-+ assert("nikita-1151", key != NULL);
-+ assert("nikita-1152", id != NULL);
-+
-+ memcpy(id, key, sizeof *id);
-+ return 0;
-+}
-+
-+/* encode reference to @obj in @id.
-+
-+ This is like build_obj_key_id() above, but takes inode as parameter. */
-+int build_inode_key_id(const struct inode *obj /* object to build key of */ ,
-+ obj_key_id * id /* result */ )
-+{
-+ reiser4_key sdkey;
-+
-+ assert("nikita-1166", obj != NULL);
-+ assert("nikita-1167", id != NULL);
-+
-+ build_sd_key(obj, &sdkey);
-+ build_obj_key_id(&sdkey, id);
-+ return 0;
-+}
-+
-+/* decode @id back into @key
-+
-+ Restore key of object stat-data from @id. This is dual to
-+ build_obj_key_id() above.
-+*/
-+int extract_key_from_id(const obj_key_id * id /* object key id to extract key
-+ * from */ ,
-+ reiser4_key * key /* result */ )
-+{
-+ assert("nikita-1153", id != NULL);
-+ assert("nikita-1154", key != NULL);
-+
-+ reiser4_key_init(key);
-+ memcpy(key, id, sizeof *id);
-+ return 0;
-+}
-+
-+/* extract objectid of directory from key of directory entry within said
-+ directory.
-+ */
-+oid_t extract_dir_id_from_key(const reiser4_key * de_key /* key of
-+ * directory
-+ * entry */ )
-+{
-+ assert("nikita-1314", de_key != NULL);
-+ return get_key_locality(de_key);
-+}
-+
-+/* encode into @id key of directory entry.
-+
-+ Encode into @id information sufficient to later distinguish directory
-+ entries within the same directory. This is not whole key, because all
-+ directory entries within directory item share locality which is equal
-+ to objectid of their directory.
-+
-+*/
-+int build_de_id(const struct inode *dir /* inode of directory */ ,
-+ const struct qstr *name /* name to be given to @obj by
-+ * directory entry being
-+ * constructed */ ,
-+ de_id * id /* short key of directory entry */ )
-+{
-+ reiser4_key key;
-+
-+ assert("nikita-1290", dir != NULL);
-+ assert("nikita-1292", id != NULL);
-+
-+ /* NOTE-NIKITA this is suboptimal. */
-+ inode_dir_plugin(dir)->build_entry_key(dir, name, &key);
-+ return build_de_id_by_key(&key, id);
-+}
-+
-+/* encode into @id key of directory entry.
-+
-+ Encode into @id information sufficient to later distinguish directory
-+ entries within the same directory. This is not whole key, because all
-+ directory entries within directory item share locality which is equal
-+ to objectid of their directory.
-+
-+*/
-+int build_de_id_by_key(const reiser4_key * entry_key /* full key of directory
-+ * entry */ ,
-+ de_id * id /* short key of directory entry */ )
-+{
-+ memcpy(id, ((__u64 *) entry_key) + 1, sizeof *id);
-+ return 0;
-+}
-+
-+/* restore from @id key of directory entry.
-+
-+ Function dual to build_de_id(): given @id and locality, build full
-+ key of directory entry within directory item.
-+
-+*/
-+int extract_key_from_de_id(const oid_t locality /* locality of directory
-+ * entry */ ,
-+ const de_id * id /* directory entry id */ ,
-+ reiser4_key * key /* result */ )
-+{
-+ /* no need to initialise key here: all fields are overwritten */
-+ memcpy(((__u64 *) key) + 1, id, sizeof *id);
-+ set_key_locality(key, locality);
-+ set_key_type(key, KEY_FILE_NAME_MINOR);
-+ return 0;
-+}
-+
-+/* compare two &de_id's */
-+cmp_t de_id_cmp(const de_id * id1 /* first &de_id to compare */ ,
-+ const de_id * id2 /* second &de_id to compare */ )
-+{
-+ /* NOTE-NIKITA ugly implementation */
-+ reiser4_key k1;
-+ reiser4_key k2;
-+
-+ extract_key_from_de_id((oid_t) 0, id1, &k1);
-+ extract_key_from_de_id((oid_t) 0, id2, &k2);
-+ return keycmp(&k1, &k2);
-+}
-+
-+/* compare &de_id with key */
-+cmp_t de_id_key_cmp(const de_id * id /* directory entry id to compare */ ,
-+ const reiser4_key * key /* key to compare */ )
-+{
-+ cmp_t result;
-+ reiser4_key *k1;
-+
-+ k1 = (reiser4_key *) (((unsigned long)id) - sizeof key->el[0]);
-+ result = KEY_DIFF_EL(k1, key, 1);
-+ if (result == EQUAL_TO) {
-+ result = KEY_DIFF_EL(k1, key, 2);
-+ if (REISER4_LARGE_KEY && result == EQUAL_TO) {
-+ result = KEY_DIFF_EL(k1, key, 3);
-+ }
-+ }
-+ return result;
-+}
-+
-+/*
-+ * return number of bytes necessary to encode @inode identity.
-+ */
-+int inode_onwire_size(const struct inode *inode)
-+{
-+ int result;
-+
-+ result = dscale_bytes(get_inode_oid(inode));
-+ result += dscale_bytes(get_inode_locality(inode));
-+
-+ /*
-+ * ordering is large (it usually has highest bits set), so it makes
-+ * little sense to dscale it.
-+ */
-+ if (REISER4_LARGE_KEY)
-+ result += sizeof(get_inode_ordering(inode));
-+ return result;
-+}
-+
-+/*
-+ * encode @inode identity at @start
-+ */
-+char *build_inode_onwire(const struct inode *inode, char *start)
-+{
-+ start += dscale_write(start, get_inode_locality(inode));
-+ start += dscale_write(start, get_inode_oid(inode));
-+
-+ if (REISER4_LARGE_KEY) {
-+ put_unaligned(cpu_to_le64(get_inode_ordering(inode)), (__le64 *)start);
-+ start += sizeof(get_inode_ordering(inode));
-+ }
-+ return start;
-+}
-+
-+/*
-+ * extract key that was previously encoded by build_inode_onwire() at @addr
-+ */
-+char *extract_obj_key_id_from_onwire(char *addr, obj_key_id * key_id)
-+{
-+ __u64 val;
-+
-+ addr += dscale_read(addr, &val);
-+ val = (val << KEY_LOCALITY_SHIFT) | KEY_SD_MINOR;
-+ put_unaligned(cpu_to_le64(val), (__le64 *)key_id->locality);
-+ addr += dscale_read(addr, &val);
-+ put_unaligned(cpu_to_le64(val), (__le64 *)key_id->objectid);
-+#if REISER4_LARGE_KEY
-+ memcpy(&key_id->ordering, addr, sizeof key_id->ordering);
-+ addr += sizeof key_id->ordering;
-+#endif
-+ return addr;
-+}
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/kassign.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/kassign.h
-@@ -0,0 +1,110 @@
-+/* Copyright 2001, 2002, 2003, 2004 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* Key assignment policy interface. See kassign.c for details. */
-+
-+#if !defined( __KASSIGN_H__ )
-+#define __KASSIGN_H__
-+
-+#include "forward.h"
-+#include "key.h"
-+#include "dformat.h"
-+
-+#include <linux/types.h> /* for __u?? */
-+#include <linux/fs.h> /* for struct super_block, etc */
-+#include <linux/dcache.h> /* for struct qstr */
-+
-+/* key assignment functions */
-+
-+/* Information from which key of file stat-data can be uniquely
-+ restored. This depends on key assignment policy for
-+ stat-data. Currently it's enough to store object id and locality id
-+ (60+60==120) bits, because minor packing locality and offset of
-+ stat-data key are always known constants: KEY_SD_MINOR and 0
-+ respectively. For simplicity 4 bits are wasted in each id, and just
-+ two 64 bit integers are stored.
-+
-+ This field has to be byte-aligned, because we don't want to waste
-+ space in directory entries. There is another side of a coin of
-+ course: we waste CPU and bus bandwidth in stead, by copying data back
-+ and forth.
-+
-+ Next optimization: &obj_key_id is mainly used to address stat data from
-+ directory entries. Under the assumption that majority of files only have
-+ only name (one hard link) from *the* parent directory it seems reasonable
-+ to only store objectid of stat data and take its locality from key of
-+ directory item.
-+
-+ This requires some flag to be added to the &obj_key_id to distinguish
-+ between these two cases. Remaining bits in flag byte are then asking to be
-+ used to store file type.
-+
-+ This optimization requires changes in directory item handling code.
-+
-+*/
-+typedef struct obj_key_id {
-+ d8 locality[sizeof(__u64)];
-+ ON_LARGE_KEY(d8 ordering[sizeof(__u64)];
-+ )
-+ d8 objectid[sizeof(__u64)];
-+}
-+obj_key_id;
-+
-+/* Information sufficient to uniquely identify directory entry within
-+ compressed directory item.
-+
-+ For alignment issues see &obj_key_id above.
-+*/
-+typedef struct de_id {
-+ ON_LARGE_KEY(d8 ordering[sizeof(__u64)];)
-+ d8 objectid[sizeof(__u64)];
-+ d8 offset[sizeof(__u64)];
-+}
-+de_id;
-+
-+extern int inode_onwire_size(const struct inode *obj);
-+extern char *build_inode_onwire(const struct inode *obj, char *area);
-+extern char *extract_obj_key_id_from_onwire(char *area, obj_key_id * key_id);
-+
-+extern int build_inode_key_id(const struct inode *obj, obj_key_id * id);
-+extern int extract_key_from_id(const obj_key_id * id, reiser4_key * key);
-+extern int build_obj_key_id(const reiser4_key * key, obj_key_id * id);
-+extern oid_t extract_dir_id_from_key(const reiser4_key * de_key);
-+extern int build_de_id(const struct inode *dir, const struct qstr *name,
-+ de_id * id);
-+extern int build_de_id_by_key(const reiser4_key * entry_key, de_id * id);
-+extern int extract_key_from_de_id(const oid_t locality, const de_id * id,
-+ reiser4_key * key);
-+extern cmp_t de_id_cmp(const de_id * id1, const de_id * id2);
-+extern cmp_t de_id_key_cmp(const de_id * id, const reiser4_key * key);
-+
-+extern int build_readdir_key_common(struct file *dir, reiser4_key * result);
-+extern void build_entry_key_common(const struct inode *dir,
-+ const struct qstr *name,
-+ reiser4_key * result);
-+extern void build_entry_key_stable_entry(const struct inode *dir,
-+ const struct qstr *name,
-+ reiser4_key * result);
-+extern int is_dot_key(const reiser4_key * key);
-+extern reiser4_key *build_sd_key(const struct inode *target,
-+ reiser4_key * result);
-+
-+extern int is_longname_key(const reiser4_key * key);
-+extern int is_longname(const char *name, int len);
-+extern char *extract_name_from_key(const reiser4_key * key, char *buf);
-+extern char *unpack_string(__u64 value, char *buf);
-+extern void complete_entry_key(const struct inode *dir, const char *name,
-+ int len, reiser4_key *result);
-+
-+/* __KASSIGN_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/key.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/key.c
-@@ -0,0 +1,137 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* Key manipulations. */
-+
-+#include "debug.h"
-+#include "key.h"
-+#include "super.h"
-+#include "reiser4.h"
-+
-+#include <linux/types.h> /* for __u?? */
-+
-+/* Minimal possible key: all components are zero. It is presumed that this is
-+ independent of key scheme. */
-+static const reiser4_key MINIMAL_KEY = {
-+ .el = {
-+ 0ull,
-+ ON_LARGE_KEY(0ull,)
-+ 0ull,
-+ 0ull
-+ }
-+};
-+
-+/* Maximal possible key: all components are ~0. It is presumed that this is
-+ independent of key scheme. */
-+static const reiser4_key MAXIMAL_KEY = {
-+ .el = {
-+ __constant_cpu_to_le64(~0ull),
-+ ON_LARGE_KEY(__constant_cpu_to_le64(~0ull),)
-+ __constant_cpu_to_le64(~0ull),
-+ __constant_cpu_to_le64(~0ull)
-+ }
-+};
-+
-+/* Initialize key. */
-+void reiser4_key_init(reiser4_key * key /* key to init */ )
-+{
-+ assert("nikita-1169", key != NULL);
-+ memset(key, 0, sizeof *key);
-+}
-+
-+/* minimal possible key in the tree. Return pointer to the static storage. */
-+const reiser4_key *min_key(void)
-+{
-+ return &MINIMAL_KEY;
-+}
-+
-+/* maximum possible key in the tree. Return pointer to the static storage. */
-+const reiser4_key *max_key(void)
-+{
-+ return &MAXIMAL_KEY;
-+}
-+
-+#if REISER4_DEBUG
-+/* debugging aid: print symbolic name of key type */
-+static const char *type_name(unsigned int key_type /* key type */ )
-+{
-+ switch (key_type) {
-+ case KEY_FILE_NAME_MINOR:
-+ return "file name";
-+ case KEY_SD_MINOR:
-+ return "stat data";
-+ case KEY_ATTR_NAME_MINOR:
-+ return "attr name";
-+ case KEY_ATTR_BODY_MINOR:
-+ return "attr body";
-+ case KEY_BODY_MINOR:
-+ return "file body";
-+ default:
-+ return "unknown";
-+ }
-+}
-+
-+/* debugging aid: print human readable information about key */
-+void print_key(const char *prefix /* prefix to print */ ,
-+ const reiser4_key * key /* key to print */ )
-+{
-+ /* turn bold on */
-+ /* printf ("\033[1m"); */
-+ if (key == NULL)
-+ printk("%s: null key\n", prefix);
-+ else {
-+ if (REISER4_LARGE_KEY)
-+ printk("%s: (%Lx:%x:%Lx:%Lx:%Lx:%Lx)", prefix,
-+ get_key_locality(key),
-+ get_key_type(key),
-+ get_key_ordering(key),
-+ get_key_band(key),
-+ get_key_objectid(key), get_key_offset(key));
-+ else
-+ printk("%s: (%Lx:%x:%Lx:%Lx:%Lx)", prefix,
-+ get_key_locality(key),
-+ get_key_type(key),
-+ get_key_band(key),
-+ get_key_objectid(key), get_key_offset(key));
-+ /*
-+ * if this is a key of directory entry, try to decode part of
-+ * a name stored in the key, and output it.
-+ */
-+ if (get_key_type(key) == KEY_FILE_NAME_MINOR) {
-+ char buf[DE_NAME_BUF_LEN];
-+ char *c;
-+
-+ c = buf;
-+ c = unpack_string(get_key_ordering(key), c);
-+ unpack_string(get_key_fulloid(key), c);
-+ printk("[%s", buf);
-+ if (is_longname_key(key))
-+ /*
-+ * only part of the name is stored in the key.
-+ */
-+ printk("...]\n");
-+ else {
-+ /*
-+ * whole name is stored in the key.
-+ */
-+ unpack_string(get_key_offset(key), buf);
-+ printk("%s]\n", buf);
-+ }
-+ } else {
-+ printk("[%s]\n", type_name(get_key_type(key)));
-+ }
-+ }
-+ /* turn bold off */
-+ /* printf ("\033[m\017"); */
-+}
-+
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/key.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/key.h
-@@ -0,0 +1,384 @@
-+/* Copyright 2000, 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* Declarations of key-related data-structures and operations on keys. */
-+
-+#if !defined( __REISER4_KEY_H__ )
-+#define __REISER4_KEY_H__
-+
-+#include "dformat.h"
-+#include "forward.h"
-+#include "debug.h"
-+
-+#include <linux/types.h> /* for __u?? */
-+
-+/* Operations on keys in reiser4 tree */
-+
-+/* No access to any of these fields shall be done except via a
-+ wrapping macro/function, and that wrapping macro/function shall
-+ convert to little endian order. Compare keys will consider cpu byte order. */
-+
-+/* A storage layer implementation difference between a regular unix file body and its attributes is in the typedef below
-+ which causes all of the attributes of a file to be near in key to all of the other attributes for all of the files
-+ within that directory, and not near to the file itself. It is interesting to consider whether this is the wrong
-+ approach, and whether there should be no difference at all. For current usage patterns this choice is probably the
-+ right one. */
-+
-+/* possible values for minor packing locality (4 bits required) */
-+typedef enum {
-+ /* file name */
-+ KEY_FILE_NAME_MINOR = 0,
-+ /* stat-data */
-+ KEY_SD_MINOR = 1,
-+ /* file attribute name */
-+ KEY_ATTR_NAME_MINOR = 2,
-+ /* file attribute value */
-+ KEY_ATTR_BODY_MINOR = 3,
-+ /* file body (tail or extent) */
-+ KEY_BODY_MINOR = 4,
-+} key_minor_locality;
-+
-+/* everything stored in the tree has a unique key, which means that the tree is (logically) fully ordered by key.
-+ Physical order is determined by dynamic heuristics that attempt to reflect key order when allocating available space,
-+ and by the repacker. It is stylistically better to put aggregation information into the key. Thus, if you want to
-+ segregate extents from tails, it is better to give them distinct minor packing localities rather than changing
-+ block_alloc.c to check the node type when deciding where to allocate the node.
-+
-+ The need to randomly displace new directories and large files disturbs this symmetry unfortunately. However, it
-+ should be noted that this is a need that is not clearly established given the existence of a repacker. Also, in our
-+ current implementation tails have a different minor packing locality from extents, and no files have both extents and
-+ tails, so maybe symmetry can be had without performance cost after all. Symmetry is what we ship for now....
-+*/
-+
-+/* Arbitrary major packing localities can be assigned to objects using
-+ the reiser4(filenameA/..packing<=some_number) system call.
-+
-+ In reiser4, the creat() syscall creates a directory
-+
-+ whose default flow (that which is referred to if the directory is
-+ read as a file) is the traditional unix file body.
-+
-+ whose directory plugin is the 'filedir'
-+
-+ whose major packing locality is that of the parent of the object created.
-+
-+ The static_stat item is a particular commonly used directory
-+ compression (the one for normal unix files).
-+
-+ The filedir plugin checks to see if the static_stat item exists.
-+ There is a unique key for static_stat. If yes, then it uses the
-+ static_stat item for all of the values that it contains. The
-+ static_stat item contains a flag for each stat it contains which
-+ indicates whether one should look outside the static_stat item for its
-+ contents.
-+*/
-+
-+/* offset of fields in reiser4_key. Value of each element of this enum
-+ is index within key (thought as array of __u64's) where this field
-+ is. */
-+typedef enum {
-+ /* major "locale", aka dirid. Sits in 1st element */
-+ KEY_LOCALITY_INDEX = 0,
-+ /* minor "locale", aka item type. Sits in 1st element */
-+ KEY_TYPE_INDEX = 0,
-+ ON_LARGE_KEY(KEY_ORDERING_INDEX,)
-+ /* "object band". Sits in 2nd element */
-+ KEY_BAND_INDEX,
-+ /* objectid. Sits in 2nd element */
-+ KEY_OBJECTID_INDEX = KEY_BAND_INDEX,
-+ /* full objectid. Sits in 2nd element */
-+ KEY_FULLOID_INDEX = KEY_BAND_INDEX,
-+ /* Offset. Sits in 3rd element */
-+ KEY_OFFSET_INDEX,
-+ /* Name hash. Sits in 3rd element */
-+ KEY_HASH_INDEX = KEY_OFFSET_INDEX,
-+ KEY_CACHELINE_END = KEY_OFFSET_INDEX,
-+ KEY_LAST_INDEX
-+} reiser4_key_field_index;
-+
-+/* key in reiser4 internal "balanced" tree. It is just array of three
-+ 64bit integers in disk byte order (little-endian by default). This
-+ array is actually indexed by reiser4_key_field. Each __u64 within
-+ this array is called "element". Logical key component encoded within
-+ elements are called "fields".
-+
-+ We declare this as union with second component dummy to suppress
-+ inconvenient array<->pointer casts implied in C. */
-+union reiser4_key {
-+ __le64 el[KEY_LAST_INDEX];
-+ int pad;
-+};
-+
-+/* bitmasks showing where within reiser4_key particular key is stored. */
-+/* major locality occupies higher 60 bits of the first element */
-+#define KEY_LOCALITY_MASK 0xfffffffffffffff0ull
-+
-+/* minor locality occupies lower 4 bits of the first element */
-+#define KEY_TYPE_MASK 0xfull
-+
-+/* controversial band occupies higher 4 bits of the 2nd element */
-+#define KEY_BAND_MASK 0xf000000000000000ull
-+
-+/* objectid occupies lower 60 bits of the 2nd element */
-+#define KEY_OBJECTID_MASK 0x0fffffffffffffffull
-+
-+/* full 64bit objectid*/
-+#define KEY_FULLOID_MASK 0xffffffffffffffffull
-+
-+/* offset is just 3rd L.M.Nt itself */
-+#define KEY_OFFSET_MASK 0xffffffffffffffffull
-+
-+/* ordering is whole second element */
-+#define KEY_ORDERING_MASK 0xffffffffffffffffull
-+
-+/* how many bits key element should be shifted to left to get particular field */
-+typedef enum {
-+ KEY_LOCALITY_SHIFT = 4,
-+ KEY_TYPE_SHIFT = 0,
-+ KEY_BAND_SHIFT = 60,
-+ KEY_OBJECTID_SHIFT = 0,
-+ KEY_FULLOID_SHIFT = 0,
-+ KEY_OFFSET_SHIFT = 0,
-+ KEY_ORDERING_SHIFT = 0,
-+} reiser4_key_field_shift;
-+
-+static inline __u64
-+get_key_el(const reiser4_key * key, reiser4_key_field_index off)
-+{
-+ assert("nikita-753", key != NULL);
-+ assert("nikita-754", off < KEY_LAST_INDEX);
-+ return le64_to_cpu(get_unaligned(&key->el[off]));
-+}
-+
-+static inline void
-+set_key_el(reiser4_key * key, reiser4_key_field_index off, __u64 value)
-+{
-+ assert("nikita-755", key != NULL);
-+ assert("nikita-756", off < KEY_LAST_INDEX);
-+ put_unaligned(cpu_to_le64(value), &key->el[off]);
-+}
-+
-+/* macro to define getter and setter functions for field F with type T */
-+#define DEFINE_KEY_FIELD( L, U, T ) \
-+static inline T get_key_ ## L ( const reiser4_key *key ) \
-+{ \
-+ assert( "nikita-750", key != NULL ); \
-+ return ( T ) ( get_key_el( key, KEY_ ## U ## _INDEX ) & \
-+ KEY_ ## U ## _MASK ) >> KEY_ ## U ## _SHIFT; \
-+} \
-+ \
-+static inline void set_key_ ## L ( reiser4_key *key, T loc ) \
-+{ \
-+ __u64 el; \
-+ \
-+ assert( "nikita-752", key != NULL ); \
-+ \
-+ el = get_key_el( key, KEY_ ## U ## _INDEX ); \
-+ /* clear field bits in the key */ \
-+ el &= ~KEY_ ## U ## _MASK; \
-+ /* actually it should be \
-+ \
-+ el |= ( loc << KEY_ ## U ## _SHIFT ) & KEY_ ## U ## _MASK; \
-+ \
-+ but we trust user to never pass values that wouldn't fit \
-+ into field. Clearing extra bits is one operation, but this \
-+ function is time-critical. \
-+ But check this in assertion. */ \
-+ assert( "nikita-759", ( ( loc << KEY_ ## U ## _SHIFT ) & \
-+ ~KEY_ ## U ## _MASK ) == 0 ); \
-+ el |= ( loc << KEY_ ## U ## _SHIFT ); \
-+ set_key_el( key, KEY_ ## U ## _INDEX, el ); \
-+}
-+
-+typedef __u64 oid_t;
-+
-+/* define get_key_locality(), set_key_locality() */
-+DEFINE_KEY_FIELD(locality, LOCALITY, oid_t);
-+/* define get_key_type(), set_key_type() */
-+DEFINE_KEY_FIELD(type, TYPE, key_minor_locality);
-+/* define get_key_band(), set_key_band() */
-+DEFINE_KEY_FIELD(band, BAND, __u64);
-+/* define get_key_objectid(), set_key_objectid() */
-+DEFINE_KEY_FIELD(objectid, OBJECTID, oid_t);
-+/* define get_key_fulloid(), set_key_fulloid() */
-+DEFINE_KEY_FIELD(fulloid, FULLOID, oid_t);
-+/* define get_key_offset(), set_key_offset() */
-+DEFINE_KEY_FIELD(offset, OFFSET, __u64);
-+#if (REISER4_LARGE_KEY)
-+/* define get_key_ordering(), set_key_ordering() */
-+DEFINE_KEY_FIELD(ordering, ORDERING, __u64);
-+#else
-+static inline __u64 get_key_ordering(const reiser4_key * key)
-+{
-+ return 0;
-+}
-+
-+static inline void set_key_ordering(reiser4_key * key, __u64 val)
-+{
-+}
-+#endif
-+
-+/* key comparison result */
-+typedef enum { LESS_THAN = -1, /* if first key is less than second */
-+ EQUAL_TO = 0, /* if keys are equal */
-+ GREATER_THAN = +1 /* if first key is greater than second */
-+} cmp_t;
-+
-+void reiser4_key_init(reiser4_key * key);
-+
-+/* minimal possible key in the tree. Return pointer to the static storage. */
-+extern const reiser4_key *min_key(void);
-+extern const reiser4_key *max_key(void);
-+
-+/* helper macro for keycmp() */
-+#define KEY_DIFF(k1, k2, field) \
-+({ \
-+ typeof (get_key_ ## field (k1)) f1; \
-+ typeof (get_key_ ## field (k2)) f2; \
-+ \
-+ f1 = get_key_ ## field (k1); \
-+ f2 = get_key_ ## field (k2); \
-+ \
-+ (f1 < f2) ? LESS_THAN : ((f1 == f2) ? EQUAL_TO : GREATER_THAN); \
-+})
-+
-+/* helper macro for keycmp() */
-+#define KEY_DIFF_EL(k1, k2, off) \
-+({ \
-+ __u64 e1; \
-+ __u64 e2; \
-+ \
-+ e1 = get_key_el(k1, off); \
-+ e2 = get_key_el(k2, off); \
-+ \
-+ (e1 < e2) ? LESS_THAN : ((e1 == e2) ? EQUAL_TO : GREATER_THAN); \
-+})
-+
-+/* compare `k1' and `k2'. This function is a heart of "key allocation
-+ policy". All you need to implement new policy is to add yet another
-+ clause here. */
-+static inline cmp_t keycmp(const reiser4_key * k1 /* first key to compare */ ,
-+ const reiser4_key * k2 /* second key to compare */ )
-+{
-+ cmp_t result;
-+
-+ /*
-+ * This function is the heart of reiser4 tree-routines. Key comparison
-+ * is among most heavily used operations in the file system.
-+ */
-+
-+ assert("nikita-439", k1 != NULL);
-+ assert("nikita-440", k2 != NULL);
-+
-+ /* there is no actual branch here: condition is compile time constant
-+ * and constant folding and propagation ensures that only one branch
-+ * is actually compiled in. */
-+
-+ if (REISER4_PLANA_KEY_ALLOCATION) {
-+ /* if physical order of fields in a key is identical
-+ with logical order, we can implement key comparison
-+ as three 64bit comparisons. */
-+ /* logical order of fields in plan-a:
-+ locality->type->objectid->offset. */
-+ /* compare locality and type at once */
-+ result = KEY_DIFF_EL(k1, k2, 0);
-+ if (result == EQUAL_TO) {
-+ /* compare objectid (and band if it's there) */
-+ result = KEY_DIFF_EL(k1, k2, 1);
-+ /* compare offset */
-+ if (result == EQUAL_TO) {
-+ result = KEY_DIFF_EL(k1, k2, 2);
-+ if (REISER4_LARGE_KEY && result == EQUAL_TO) {
-+ result = KEY_DIFF_EL(k1, k2, 3);
-+ }
-+ }
-+ }
-+ } else if (REISER4_3_5_KEY_ALLOCATION) {
-+ result = KEY_DIFF(k1, k2, locality);
-+ if (result == EQUAL_TO) {
-+ result = KEY_DIFF(k1, k2, objectid);
-+ if (result == EQUAL_TO) {
-+ result = KEY_DIFF(k1, k2, type);
-+ if (result == EQUAL_TO)
-+ result = KEY_DIFF(k1, k2, offset);
-+ }
-+ }
-+ } else
-+ impossible("nikita-441", "Unknown key allocation scheme!");
-+ return result;
-+}
-+
-+/* true if @k1 equals @k2 */
-+static inline int keyeq(const reiser4_key * k1 /* first key to compare */ ,
-+ const reiser4_key * k2 /* second key to compare */ )
-+{
-+ assert("nikita-1879", k1 != NULL);
-+ assert("nikita-1880", k2 != NULL);
-+ return !memcmp(k1, k2, sizeof *k1);
-+}
-+
-+/* true if @k1 is less than @k2 */
-+static inline int keylt(const reiser4_key * k1 /* first key to compare */ ,
-+ const reiser4_key * k2 /* second key to compare */ )
-+{
-+ assert("nikita-1952", k1 != NULL);
-+ assert("nikita-1953", k2 != NULL);
-+ return keycmp(k1, k2) == LESS_THAN;
-+}
-+
-+/* true if @k1 is less than or equal to @k2 */
-+static inline int keyle(const reiser4_key * k1 /* first key to compare */ ,
-+ const reiser4_key * k2 /* second key to compare */ )
-+{
-+ assert("nikita-1954", k1 != NULL);
-+ assert("nikita-1955", k2 != NULL);
-+ return keycmp(k1, k2) != GREATER_THAN;
-+}
-+
-+/* true if @k1 is greater than @k2 */
-+static inline int keygt(const reiser4_key * k1 /* first key to compare */ ,
-+ const reiser4_key * k2 /* second key to compare */ )
-+{
-+ assert("nikita-1959", k1 != NULL);
-+ assert("nikita-1960", k2 != NULL);
-+ return keycmp(k1, k2) == GREATER_THAN;
-+}
-+
-+/* true if @k1 is greater than or equal to @k2 */
-+static inline int keyge(const reiser4_key * k1 /* first key to compare */ ,
-+ const reiser4_key * k2 /* second key to compare */ )
-+{
-+ assert("nikita-1956", k1 != NULL);
-+ assert("nikita-1957", k2 != NULL); /* October 4: sputnik launched
-+ * November 3: Laika */
-+ return keycmp(k1, k2) != LESS_THAN;
-+}
-+
-+static inline void prefetchkey(reiser4_key * key)
-+{
-+ prefetch(key);
-+ prefetch(&key->el[KEY_CACHELINE_END]);
-+}
-+
-+/* (%Lx:%x:%Lx:%Lx:%Lx:%Lx) =
-+ 1 + 16 + 1 + 1 + 1 + 1 + 1 + 16 + 1 + 16 + 1 + 16 + 1 */
-+/* size of a buffer suitable to hold human readable key representation */
-+#define KEY_BUF_LEN (80)
-+
-+#if REISER4_DEBUG
-+extern void print_key(const char *prefix, const reiser4_key * key);
-+#else
-+#define print_key(p,k) noop
-+#endif
-+
-+/* __FS_REISERFS_KEY_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/ktxnmgrd.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/ktxnmgrd.c
-@@ -0,0 +1,214 @@
-+/* Copyright 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+/* Transaction manager daemon. */
-+
-+/*
-+ * ktxnmgrd is a kernel daemon responsible for committing transactions. It is
-+ * needed/important for the following reasons:
-+ *
-+ * 1. in reiser4 atom is not committed immediately when last transaction
-+ * handle closes, unless atom is either too old or too large (see
-+ * atom_should_commit()). This is done to avoid committing too frequently.
-+ * because:
-+ *
-+ * 2. sometimes we don't want to commit atom when closing last transaction
-+ * handle even if it is old and fat enough. For example, because we are at
-+ * this point under directory semaphore, and committing would stall all
-+ * accesses to this directory.
-+ *
-+ * ktxnmgrd binds its time sleeping on condition variable. When is awakes
-+ * either due to (tunable) timeout or because it was explicitly woken up by
-+ * call to ktxnmgrd_kick(), it scans list of all atoms and commits ones
-+ * eligible.
-+ *
-+ */
-+
-+#include "debug.h"
-+#include "txnmgr.h"
-+#include "tree.h"
-+#include "ktxnmgrd.h"
-+#include "super.h"
-+#include "reiser4.h"
-+
-+#include <linux/sched.h> /* for struct task_struct */
-+#include <linux/wait.h>
-+#include <linux/suspend.h>
-+#include <linux/kernel.h>
-+#include <linux/writeback.h>
-+#include <linux/kthread.h>
-+
-+static int scan_mgr(struct super_block *);
-+
-+/*
-+ * change current->comm so that ps, top, and friends will see changed
-+ * state. This serves no useful purpose whatsoever, but also costs nothing. May
-+ * be it will make lonely system administrator feeling less alone at 3 A.M.
-+ */
-+#define set_comm( state ) \
-+ snprintf( current -> comm, sizeof( current -> comm ), \
-+ "%s:%s:%s", __FUNCTION__, (super)->s_id, ( state ) )
-+
-+/**
-+ * ktxnmgrd - kernel txnmgr daemon
-+ * @arg: pointer to super block
-+ *
-+ * The background transaction manager daemon, started as a kernel thread during
-+ * reiser4 initialization.
-+ */
-+static int ktxnmgrd(void *arg)
-+{
-+ struct super_block *super;
-+ ktxnmgrd_context *ctx;
-+ txn_mgr *mgr;
-+ int done = 0;
-+
-+ super = arg;
-+ mgr = &get_super_private(super)->tmgr;
-+
-+ /*
-+ * do_fork() just copies task_struct into the new thread. ->fs_context
-+ * shouldn't be copied of course. This shouldn't be a problem for the
-+ * rest of the code though.
-+ */
-+ current->journal_info = NULL;
-+ ctx = mgr->daemon;
-+ while (1) {
-+ try_to_freeze();
-+ set_comm("wait");
-+ {
-+ DEFINE_WAIT(__wait);
-+
-+ prepare_to_wait(&ctx->wait, &__wait, TASK_INTERRUPTIBLE);
-+ if (kthread_should_stop()) {
-+ done = 1;
-+ } else
-+ schedule_timeout(ctx->timeout);
-+ finish_wait(&ctx->wait, &__wait);
-+ }
-+ if (done)
-+ break;
-+ set_comm("run");
-+ spin_lock(&ctx->guard);
-+ /*
-+ * wait timed out or ktxnmgrd was woken up by explicit request
-+ * to commit something. Scan list of atoms in txnmgr and look
-+ * for too old atoms.
-+ */
-+ do {
-+ ctx->rescan = 0;
-+ scan_mgr(super);
-+ spin_lock(&ctx->guard);
-+ if (ctx->rescan) {
-+ /*
-+ * the list could be modified while ctx
-+ * spinlock was released, we have to repeat
-+ * scanning from the beginning
-+ */
-+ break;
-+ }
-+ } while (ctx->rescan);
-+ spin_unlock(&ctx->guard);
-+ }
-+ return 0;
-+}
-+
-+#undef set_comm
-+
-+/**
-+ * init_ktxnmgrd - initialize ktxnmgrd context and start kernel daemon
-+ * @super: pointer to super block
-+ *
-+ * Allocates and initializes ktxnmgrd_context, attaches it to transaction
-+ * manager. Starts kernel txnmgr daemon. This is called on mount.
-+ */
-+int init_ktxnmgrd(struct super_block *super)
-+{
-+ txn_mgr *mgr;
-+ ktxnmgrd_context *ctx;
-+
-+ mgr = &get_super_private(super)->tmgr;
-+
-+ assert("zam-1014", mgr->daemon == NULL);
-+
-+ ctx = kmalloc(sizeof(ktxnmgrd_context), get_gfp_mask());
-+ if (ctx == NULL)
-+ return RETERR(-ENOMEM);
-+
-+ assert("nikita-2442", ctx != NULL);
-+
-+ memset(ctx, 0, sizeof *ctx);
-+ init_waitqueue_head(&ctx->wait);
-+
-+ /*kcond_init(&ctx->startup);*/
-+ spin_lock_init(&ctx->guard);
-+ ctx->timeout = REISER4_TXNMGR_TIMEOUT;
-+ ctx->rescan = 1;
-+ mgr->daemon = ctx;
-+
-+ ctx->tsk = kthread_run(ktxnmgrd, super, "ktxnmgrd");
-+ if (IS_ERR(ctx->tsk)) {
-+ int ret = PTR_ERR(ctx->tsk);
-+ mgr->daemon = NULL;
-+ kfree(ctx);
-+ return RETERR(ret);
-+ }
-+ return 0;
-+}
-+
-+void ktxnmgrd_kick(txn_mgr *mgr)
-+{
-+ assert("nikita-3234", mgr != NULL);
-+ assert("nikita-3235", mgr->daemon != NULL);
-+ wake_up(&mgr->daemon->wait);
-+}
-+
-+int is_current_ktxnmgrd(void)
-+{
-+ return (get_current_super_private()->tmgr.daemon->tsk == current);
-+}
-+
-+/**
-+ * scan_mgr - commit atoms which are to be committed
-+ * @super: super block to commit atoms of
-+ *
-+ * Commits old atoms.
-+ */
-+static int scan_mgr(struct super_block *super)
-+{
-+ int ret;
-+ reiser4_context ctx;
-+
-+ init_stack_context(&ctx, super);
-+
-+ ret = commit_some_atoms(&get_super_private(super)->tmgr);
-+
-+ reiser4_exit_context(&ctx);
-+ return ret;
-+}
-+
-+/**
-+ * done_ktxnmgrd - stop kernel thread and frees ktxnmgrd context
-+ * @mgr:
-+ *
-+ * This is called on umount. Stops ktxnmgrd and free t
-+ */
-+void done_ktxnmgrd(struct super_block *super)
-+{
-+ txn_mgr *mgr;
-+
-+ mgr = &get_super_private(super)->tmgr;
-+ assert("zam-1012", mgr->daemon != NULL);
-+
-+ kthread_stop(mgr->daemon->tsk);
-+ kfree(mgr->daemon);
-+ mgr->daemon = NULL;
-+}
-+
-+/*
-+ * Local variables:
-+ * c-indentation-style: "K&R"
-+ * mode-name: "LC"
-+ * c-basic-offset: 8
-+ * tab-width: 8
-+ * fill-column: 120
-+ * End:
-+ */
-Index: linux-2.6.16/fs/reiser4/ktxnmgrd.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/ktxnmgrd.h
-@@ -0,0 +1,52 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* Transaction manager daemon. See ktxnmgrd.c for comments. */
-+
-+#ifndef __KTXNMGRD_H__
-+#define __KTXNMGRD_H__
-+
-+#include "txnmgr.h"
-+
-+#include <linux/fs.h>
-+#include <linux/wait.h>
-+#include <linux/completion.h>
-+#include <linux/spinlock.h>
-+#include <asm/atomic.h>
-+#include <linux/sched.h> /* for struct task_struct */
-+
-+/* in this structure all data necessary to start up, shut down and communicate
-+ * with ktxnmgrd are kept. */
-+struct ktxnmgrd_context {
-+ /* wait queue head on which ktxnmgrd sleeps */
-+ wait_queue_head_t wait;
-+ /* spin lock protecting all fields of this structure */
-+ spinlock_t guard;
-+ /* timeout of sleeping on ->wait */
-+ signed long timeout;
-+ /* kernel thread running ktxnmgrd */
-+ struct task_struct *tsk;
-+ /* list of all file systems served by this ktxnmgrd */
-+ struct list_head queue;
-+ /* should ktxnmgrd repeat scanning of atoms? */
-+ unsigned int rescan:1;
-+};
-+
-+extern int init_ktxnmgrd(struct super_block *);
-+extern void done_ktxnmgrd(struct super_block *);
-+
-+extern void ktxnmgrd_kick(txn_mgr * mgr);
-+extern int is_current_ktxnmgrd(void);
-+
-+/* __KTXNMGRD_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/lock.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/lock.c
-@@ -0,0 +1,1261 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* Traditional deadlock avoidance is achieved by acquiring all locks in a single
-+ order. V4 balances the tree from the bottom up, and searches the tree from
-+ the top down, and that is really the way we want it, so tradition won't work
-+ for us.
-+
-+ Instead we have two lock orderings, a high priority lock ordering, and a low
-+ priority lock ordering. Each node in the tree has a lock in its znode.
-+
-+ Suppose we have a set of processes which lock (R/W) tree nodes. Each process
-+ has a set (maybe empty) of already locked nodes ("process locked set"). Each
-+ process may have a pending lock request to a node locked by another process.
-+ Note: we lock and unlock, but do not transfer locks: it is possible
-+ transferring locks instead would save some bus locking....
-+
-+ Deadlock occurs when we have a loop constructed from process locked sets and
-+ lock request vectors.
-+
-+ NOTE: The reiser4 "tree" is a tree on disk, but its cached representation in
-+ memory is extended with "znodes" with which we connect nodes with their left
-+ and right neighbors using sibling pointers stored in the znodes. When we
-+ perform balancing operations we often go from left to right and from right to
-+ left.
-+
-+ +-P1-+ +-P3-+
-+ |+--+| V1 |+--+|
-+ ||N1|| -------> ||N3||
-+ |+--+| |+--+|
-+ +----+ +----+
-+ ^ |
-+ |V2 |V3
-+ | v
-+ +---------P2---------+
-+ |+--+ +--+|
-+ ||N2| -------- |N4||
-+ |+--+ +--+|
-+ +--------------------+
-+
-+ We solve this by ensuring that only low priority processes lock in top to
-+ bottom order and from right to left, and high priority processes lock from
-+ bottom to top and left to right.
-+
-+ ZAM-FIXME-HANS: order not just node locks in this way, order atom locks, and
-+ kill those damn busy loops.
-+ ANSWER(ZAM): atom locks (which are introduced by ASTAGE_CAPTURE_WAIT atom
-+ stage) cannot be ordered that way. There are no rules what nodes can belong
-+ to the atom and what nodes cannot. We cannot define what is right or left
-+ direction, what is top or bottom. We can take immediate parent or side
-+ neighbor of one node, but nobody guarantees that, say, left neighbor node is
-+ not a far right neighbor for other nodes from the same atom. It breaks
-+ deadlock avoidance rules and hi-low priority locking cannot be applied for
-+ atom locks.
-+
-+ How does it help to avoid deadlocks ?
-+
-+ Suppose we have a deadlock with n processes. Processes from one priority
-+ class never deadlock because they take locks in one consistent
-+ order.
-+
-+ So, any possible deadlock loop must have low priority as well as high
-+ priority processes. There are no other lock priority levels except low and
-+ high. We know that any deadlock loop contains at least one node locked by a
-+ low priority process and requested by a high priority process. If this
-+ situation is caught and resolved it is sufficient to avoid deadlocks.
-+
-+ V4 DEADLOCK PREVENTION ALGORITHM IMPLEMENTATION.
-+
-+ The deadlock prevention algorithm is based on comparing
-+ priorities of node owners (processes which keep znode locked) and
-+ requesters (processes which want to acquire a lock on znode). We
-+ implement a scheme where low-priority owners yield locks to
-+ high-priority requesters. We created a signal passing system that
-+ is used to ask low-priority processes to yield one or more locked
-+ znodes.
-+
-+ The condition when a znode needs to change its owners is described by the
-+ following formula:
-+
-+ #############################################
-+ # #
-+ # (number of high-priority requesters) > 0 #
-+ # AND #
-+ # (numbers of high-priority owners) == 0 #
-+ # #
-+ #############################################
-+
-+ Note that a low-priority process delays node releasing if another
-+ high-priority process owns this node. So, slightly more strictly speaking,
-+ to have a deadlock capable cycle you must have a loop in which a high
-+ priority process is waiting on a low priority process to yield a node, which
-+ is slightly different from saying a high priority process is waiting on a
-+ node owned by a low priority process.
-+
-+ It is enough to avoid deadlocks if we prevent any low-priority process from
-+ falling asleep if its locked set contains a node which satisfies the
-+ deadlock condition.
-+
-+ That condition is implicitly or explicitly checked in all places where new
-+ high-priority requests may be added or removed from node request queue or
-+ high-priority process takes or releases a lock on node. The main
-+ goal of these checks is to never lose the moment when node becomes "has
-+ wrong owners" and send "must-yield-this-lock" signals to its low-pri owners
-+ at that time.
-+
-+ The information about received signals is stored in the per-process
-+ structure (lock stack) and analyzed before a low-priority process goes to
-+ sleep but after a "fast" attempt to lock a node fails. Any signal wakes
-+ sleeping process up and forces him to re-check lock status and received
-+ signal info. If "must-yield-this-lock" signals were received the locking
-+ primitive (longterm_lock_znode()) fails with -E_DEADLOCK error code.
-+
-+ V4 LOCKING DRAWBACKS
-+
-+ If we have already balanced on one level, and we are propagating our changes
-+ upward to a higher level, it could be very messy to surrender all locks on
-+ the lower level because we put so much computational work into it, and
-+ reverting them to their state before they were locked might be very complex.
-+ We also don't want to acquire all locks before performing balancing because
-+ that would either be almost as much work as the balancing, or it would be
-+ too conservative and lock too much. We want balancing to be done only at
-+ high priority. Yet, we might want to go to the left one node and use some
-+ of its empty space... So we make one attempt at getting the node to the left
-+ using try_lock, and if it fails we do without it, because we didn't really
-+ need it, it was only a nice to have.
-+
-+ LOCK STRUCTURES DESCRIPTION
-+
-+ The following data structures are used in the reiser4 locking
-+ implementation:
-+
-+ All fields related to long-term locking are stored in znode->lock.
-+
-+ The lock stack is a per thread object. It owns all znodes locked by the
-+ thread. One znode may be locked by several threads in case of read lock or
-+ one znode may be write locked by one thread several times. The special link
-+ objects (lock handles) support n<->m relation between znodes and lock
-+ owners.
-+
-+ <Thread 1> <Thread 2>
-+
-+ +---------+ +---------+
-+ | LS1 | | LS2 |
-+ +---------+ +---------+
-+ ^ ^
-+ |---------------+ +----------+
-+ v v v v
-+ +---------+ +---------+ +---------+ +---------+
-+ | LH1 | | LH2 | | LH3 | | LH4 |
-+ +---------+ +---------+ +---------+ +---------+
-+ ^ ^ ^ ^
-+ | +------------+ |
-+ v v v
-+ +---------+ +---------+ +---------+
-+ | Z1 | | Z2 | | Z3 |
-+ +---------+ +---------+ +---------+
-+
-+ Thread 1 locked znodes Z1 and Z2, thread 2 locked znodes Z2 and Z3. The
-+ picture above shows that lock stack LS1 has a list of 2 lock handles LH1 and
-+ LH2, lock stack LS2 has a list with lock handles LH3 and LH4 on it. Znode
-+ Z1 is locked by only one thread, znode has only one lock handle LH1 on its
-+ list, similar situation is for Z3 which is locked by the thread 2 only. Z2
-+ is locked (for read) twice by different threads and two lock handles are on
-+ its list. Each lock handle represents a single relation of a locking of a
-+ znode by a thread. Locking of a znode is an establishing of a locking
-+ relation between the lock stack and the znode by adding of a new lock handle
-+ to a list of lock handles, the lock stack. The lock stack links all lock
-+ handles for all znodes locked by the lock stack. The znode list groups all
-+ lock handles for all locks stacks which locked the znode.
-+
-+ Yet another relation may exist between znode and lock owners. If lock
-+ procedure cannot immediately take lock on an object it adds the lock owner
-+ on special `requestors' list belongs to znode. That list represents a
-+ queue of pending lock requests. Because one lock owner may request only
-+ only one lock object at a time, it is a 1->n relation between lock objects
-+ and a lock owner implemented as it is described above. Full information
-+ (priority, pointers to lock and link objects) about each lock request is
-+ stored in lock owner structure in `request' field.
-+
-+ SHORT_TERM LOCKING
-+
-+ This is a list of primitive operations over lock stacks / lock handles /
-+ znodes and locking descriptions for them.
-+
-+ 1. locking / unlocking which is done by two list insertion/deletion, one
-+ to/from znode's list of lock handles, another one is to/from lock stack's
-+ list of lock handles. The first insertion is protected by
-+ znode->lock.guard spinlock. The list owned by the lock stack can be
-+ modified only by thread who owns the lock stack and nobody else can
-+ modify/read it. There is nothing to be protected by a spinlock or
-+ something else.
-+
-+ 2. adding/removing a lock request to/from znode requesters list. The rule is
-+ that znode->lock.guard spinlock should be taken for this.
-+
-+ 3. we can traverse list of lock handles and use references to lock stacks who
-+ locked given znode if znode->lock.guard spinlock is taken.
-+
-+ 4. If a lock stack is associated with a znode as a lock requestor or lock
-+ owner its existence is guaranteed by znode->lock.guard spinlock. Some its
-+ (lock stack's) fields should be protected from being accessed in parallel
-+ by two or more threads. Please look at lock_stack structure definition
-+ for the info how those fields are protected. */
-+
-+/* Znode lock and capturing intertwining. */
-+/* In current implementation we capture formatted nodes before locking
-+ them. Take a look on longterm lock znode, try_capture() request precedes
-+ locking requests. The longterm_lock_znode function unconditionally captures
-+ znode before even checking of locking conditions.
-+
-+ Another variant is to capture znode after locking it. It was not tested, but
-+ at least one deadlock condition is supposed to be there. One thread has
-+ locked a znode (Node-1) and calls try_capture() for it. Try_capture() sleeps
-+ because znode's atom has CAPTURE_WAIT state. Second thread is a flushing
-+ thread, its current atom is the atom Node-1 belongs to. Second thread wants
-+ to lock Node-1 and sleeps because Node-1 is locked by the first thread. The
-+ described situation is a deadlock. */
-+
-+#include "debug.h"
-+#include "txnmgr.h"
-+#include "znode.h"
-+#include "jnode.h"
-+#include "tree.h"
-+#include "plugin/node/node.h"
-+#include "super.h"
-+
-+#include <linux/spinlock.h>
-+
-+#if REISER4_DEBUG
-+static int request_is_deadlock_safe(znode *, znode_lock_mode,
-+ znode_lock_request);
-+#endif
-+
-+/* Returns a lock owner associated with current thread */
-+lock_stack *get_current_lock_stack(void)
-+{
-+ return &get_current_context()->stack;
-+}
-+
-+/* Wakes up all low priority owners informing them about possible deadlock */
-+static void wake_up_all_lopri_owners(znode * node)
-+{
-+ lock_handle *handle;
-+
-+ assert_spin_locked(&(node->lock.guard));
-+ list_for_each_entry(handle, &node->lock.owners, owners_link) {
-+ assert("nikita-1832", handle->node == node);
-+ /* count this signal in owner->nr_signaled */
-+ if (!handle->signaled) {
-+ handle->signaled = 1;
-+ atomic_inc(&handle->owner->nr_signaled);
-+ /* Wake up a single process */
-+ reiser4_wake_up(handle->owner);
-+ }
-+ }
-+}
-+
-+/* Adds a lock to a lock owner, which means creating a link to the lock and
-+ putting the link into the two lists all links are on (the doubly linked list
-+ that forms the lock_stack, and the doubly linked list of links attached
-+ to a lock.
-+*/
-+static inline void
-+link_object(lock_handle * handle, lock_stack * owner, znode * node)
-+{
-+ assert("jmacd-810", handle->owner == NULL);
-+ assert_spin_locked(&(node->lock.guard));
-+
-+ handle->owner = owner;
-+ handle->node = node;
-+
-+ assert("reiser4-4",
-+ ergo(list_empty_careful(&owner->locks), owner->nr_locks == 0));
-+
-+ /* add lock handle to the end of lock_stack's list of locks */
-+ list_add_tail(&handle->locks_link, &owner->locks);
-+ ON_DEBUG(owner->nr_locks++);
-+ set_gfp_mask();
-+
-+ /* add lock handle to the head of znode's list of owners */
-+ list_add(&handle->owners_link, &node->lock.owners);
-+ handle->signaled = 0;
-+}
-+
-+/* Breaks a relation between a lock and its owner */
-+static inline void unlink_object(lock_handle * handle)
-+{
-+ assert("zam-354", handle->owner != NULL);
-+ assert("nikita-1608", handle->node != NULL);
-+ assert_spin_locked(&(handle->node->lock.guard));
-+ assert("nikita-1829", handle->owner == get_current_lock_stack());
-+ assert("reiser4-5", handle->owner->nr_locks > 0);
-+
-+ /* remove lock handle from lock_stack's list of locks */
-+ list_del(&handle->locks_link);
-+ ON_DEBUG(handle->owner->nr_locks--);
-+ set_gfp_mask();
-+ assert("reiser4-6",
-+ ergo(list_empty_careful(&handle->owner->locks),
-+ handle->owner->nr_locks == 0));
-+ /* remove lock handle from znode's list of owners */
-+ list_del(&handle->owners_link);
-+ /* indicates that lock handle is free now */
-+ handle->node = NULL;
-+#if REISER4_DEBUG
-+ INIT_LIST_HEAD(&handle->locks_link);
-+ INIT_LIST_HEAD(&handle->owners_link);
-+ handle->owner = NULL;
-+#endif
-+}
-+
-+/* Actually locks an object knowing that we are able to do this */
-+static void lock_object(lock_stack * owner)
-+{
-+ lock_request *request;
-+ znode *node;
-+
-+ request = &owner->request;
-+ node = request->node;
-+ assert_spin_locked(&(node->lock.guard));
-+ if (request->mode == ZNODE_READ_LOCK) {
-+ node->lock.nr_readers++;
-+ } else {
-+ /* check that we don't switched from read to write lock */
-+ assert("nikita-1840", node->lock.nr_readers <= 0);
-+ /* We allow recursive locking; a node can be locked several
-+ times for write by same process */
-+ node->lock.nr_readers--;
-+ }
-+
-+ link_object(request->handle, owner, node);
-+
-+ if (owner->curpri) {
-+ node->lock.nr_hipri_owners++;
-+ }
-+}
-+
-+/* Check for recursive write locking */
-+static int recursive(lock_stack * owner)
-+{
-+ int ret;
-+ znode *node;
-+ lock_handle *lh;
-+
-+ node = owner->request.node;
-+
-+ /* Owners list is not empty for a locked node */
-+ assert("zam-314", !list_empty_careful(&node->lock.owners));
-+ assert("nikita-1841", owner == get_current_lock_stack());
-+ assert_spin_locked(&(node->lock.guard));
-+
-+
-+ lh = list_entry(node->lock.owners.next, lock_handle, owners_link);
-+ ret = (lh->owner == owner);
-+
-+ /* Recursive read locking should be done usual way */
-+ assert("zam-315", !ret || owner->request.mode == ZNODE_WRITE_LOCK);
-+ /* mixing of read/write locks is not allowed */
-+ assert("zam-341", !ret || znode_is_wlocked(node));
-+
-+ return ret;
-+}
-+
-+#if REISER4_DEBUG
-+/* Returns true if the lock is held by the calling thread. */
-+int znode_is_any_locked(const znode * node)
-+{
-+ lock_handle *handle;
-+ lock_stack *stack;
-+ int ret;
-+
-+ if (!znode_is_locked(node)) {
-+ return 0;
-+ }
-+
-+ stack = get_current_lock_stack();
-+
-+ spin_lock_stack(stack);
-+
-+ ret = 0;
-+
-+ list_for_each_entry(handle, &stack->locks, locks_link) {
-+ if (handle->node == node) {
-+ ret = 1;
-+ break;
-+ }
-+ }
-+
-+ spin_unlock_stack(stack);
-+
-+ return ret;
-+}
-+
-+#endif
-+
-+/* Returns true if a write lock is held by the calling thread. */
-+int znode_is_write_locked(const znode * node)
-+{
-+ lock_stack *stack;
-+ lock_handle *handle;
-+
-+ assert("jmacd-8765", node != NULL);
-+
-+ if (!znode_is_wlocked(node)) {
-+ return 0;
-+ }
-+
-+ stack = get_current_lock_stack();
-+
-+ /*
-+ * When znode is write locked, all owner handles point to the same lock
-+ * stack. Get pointer to lock stack from the first lock handle from
-+ * znode's owner list
-+ */
-+ handle = list_entry(node->lock.owners.next, lock_handle, owners_link);
-+
-+ return (handle->owner == stack);
-+}
-+
-+/* This "deadlock" condition is the essential part of reiser4 locking
-+ implementation. This condition is checked explicitly by calling
-+ check_deadlock_condition() or implicitly in all places where znode lock
-+ state (set of owners and request queue) is changed. Locking code is
-+ designed to use this condition to trigger procedure of passing object from
-+ low priority owner(s) to high priority one(s).
-+
-+ The procedure results in passing an event (setting lock_handle->signaled
-+ flag) and counting this event in nr_signaled field of owner's lock stack
-+ object and wakeup owner's process.
-+*/
-+static inline int check_deadlock_condition(znode * node)
-+{
-+ assert_spin_locked(&(node->lock.guard));
-+ return node->lock.nr_hipri_requests > 0
-+ && node->lock.nr_hipri_owners == 0;
-+}
-+
-+static int check_livelock_condition(znode * node, znode_lock_mode mode)
-+{
-+ zlock * lock = &node->lock;
-+
-+ return mode == ZNODE_READ_LOCK &&
-+ lock -> nr_readers >= 0 && lock->nr_hipri_write_requests > 0;
-+}
-+
-+/* checks lock/request compatibility */
-+static int can_lock_object(lock_stack * owner)
-+{
-+ znode *node = owner->request.node;
-+
-+ assert_spin_locked(&(node->lock.guard));
-+
-+ /* See if the node is disconnected. */
-+ if (unlikely(ZF_ISSET(node, JNODE_IS_DYING)))
-+ return RETERR(-EINVAL);
-+
-+ /* Do not ever try to take a lock if we are going in low priority
-+ direction and a node have a high priority request without high
-+ priority owners. */
-+ if (unlikely(!owner->curpri && check_deadlock_condition(node)))
-+ return RETERR(-E_REPEAT);
-+ if (unlikely(owner->curpri && check_livelock_condition(node, owner->request.mode)))
-+ return RETERR(-E_REPEAT);
-+ if (unlikely(!is_lock_compatible(node, owner->request.mode)))
-+ return RETERR(-E_REPEAT);
-+ return 0;
-+}
-+
-+/* Setting of a high priority to the process. It clears "signaled" flags
-+ because znode locked by high-priority process can't satisfy our "deadlock
-+ condition". */
-+static void set_high_priority(lock_stack * owner)
-+{
-+ assert("nikita-1846", owner == get_current_lock_stack());
-+ /* Do nothing if current priority is already high */
-+ if (!owner->curpri) {
-+ /* We don't need locking for owner->locks list, because, this
-+ * function is only called with the lock stack of the current
-+ * thread, and no other thread can play with owner->locks list
-+ * and/or change ->node pointers of lock handles in this list.
-+ *
-+ * (Interrupts also are not involved.)
-+ */
-+ lock_handle *item = list_entry(owner->locks.next, lock_handle, locks_link);
-+ while (&owner->locks != &item->locks_link) {
-+ znode *node = item->node;
-+
-+ spin_lock_zlock(&node->lock);
-+
-+ node->lock.nr_hipri_owners++;
-+
-+ /* we can safely set signaled to zero, because
-+ previous statement (nr_hipri_owners ++) guarantees
-+ that signaled will be never set again. */
-+ item->signaled = 0;
-+ spin_unlock_zlock(&node->lock);
-+
-+ item = list_entry(item->locks_link.next, lock_handle, locks_link);
-+ }
-+ owner->curpri = 1;
-+ atomic_set(&owner->nr_signaled, 0);
-+ }
-+}
-+
-+/* Sets a low priority to the process. */
-+static void set_low_priority(lock_stack * owner)
-+{
-+ assert("nikita-3075", owner == get_current_lock_stack());
-+ /* Do nothing if current priority is already low */
-+ if (owner->curpri) {
-+ /* scan all locks (lock handles) held by @owner, which is
-+ actually current thread, and check whether we are reaching
-+ deadlock possibility anywhere.
-+ */
-+ lock_handle *handle = list_entry(owner->locks.next, lock_handle, locks_link);
-+ while (&owner->locks != &handle->locks_link) {
-+ znode *node = handle->node;
-+ spin_lock_zlock(&node->lock);
-+ /* this thread just was hipri owner of @node, so
-+ nr_hipri_owners has to be greater than zero. */
-+ assert("nikita-1835", node->lock.nr_hipri_owners > 0);
-+ node->lock.nr_hipri_owners--;
-+ /* If we have deadlock condition, adjust a nr_signaled
-+ field. It is enough to set "signaled" flag only for
-+ current process, other low-pri owners will be
-+ signaled and waken up after current process unlocks
-+ this object and any high-priority requestor takes
-+ control. */
-+ if (check_deadlock_condition(node)
-+ && !handle->signaled) {
-+ handle->signaled = 1;
-+ atomic_inc(&owner->nr_signaled);
-+ }
-+ spin_unlock_zlock(&node->lock);
-+ handle = list_entry(handle->locks_link.next, lock_handle, locks_link);
-+ }
-+ owner->curpri = 0;
-+ }
-+}
-+
-+static void remove_lock_request(lock_stack * requestor)
-+{
-+ zlock * lock = &requestor->request.node->lock;
-+
-+ if (requestor->curpri) {
-+ assert("nikita-1838", lock->nr_hipri_requests > 0);
-+ lock->nr_hipri_requests--;
-+ if (requestor->request.mode == ZNODE_WRITE_LOCK)
-+ lock->nr_hipri_write_requests --;
-+ }
-+ list_del(&requestor->requestors_link);
-+}
-+
-+
-+static void invalidate_all_lock_requests(znode * node)
-+{
-+ lock_stack *requestor, *tmp;
-+
-+ assert_spin_locked(&(node->lock.guard));
-+
-+ list_for_each_entry_safe(requestor, tmp, &node->lock.requestors, requestors_link) {
-+ remove_lock_request(requestor);
-+ requestor->request.ret_code = -EINVAL;
-+ reiser4_wake_up(requestor);
-+ requestor->request.mode = ZNODE_NO_LOCK;
-+ }
-+}
-+
-+static void dispatch_lock_requests(znode * node)
-+{
-+ lock_stack *requestor, *tmp;
-+
-+ assert_spin_locked(&(node->lock.guard));
-+
-+ list_for_each_entry_safe(requestor, tmp, &node->lock.requestors, requestors_link) {
-+ if (znode_is_write_locked(node))
-+ break;
-+ if (!can_lock_object(requestor)) {
-+ lock_object(requestor);
-+ remove_lock_request(requestor);
-+ requestor->request.ret_code = 0;
-+ reiser4_wake_up(requestor);
-+ requestor->request.mode = ZNODE_NO_LOCK;
-+ }
-+ }
-+}
-+
-+/* release long-term lock, acquired by longterm_lock_znode() */
-+void longterm_unlock_znode(lock_handle * handle)
-+{
-+ znode *node = handle->node;
-+ lock_stack *oldowner = handle->owner;
-+ int hipri;
-+ int readers;
-+ int rdelta;
-+ int youdie;
-+
-+ /*
-+ * this is time-critical and highly optimized code. Modify carefully.
-+ */
-+
-+ assert("jmacd-1021", handle != NULL);
-+ assert("jmacd-1022", handle->owner != NULL);
-+ assert("nikita-1392", LOCK_CNT_GTZ(long_term_locked_znode));
-+
-+ assert("zam-130", oldowner == get_current_lock_stack());
-+
-+ LOCK_CNT_DEC(long_term_locked_znode);
-+
-+ /*
-+ * to minimize amount of operations performed under lock, pre-compute
-+ * all variables used within critical section. This makes code
-+ * obscure.
-+ */
-+
-+ /* was this lock of hi or lo priority */
-+ hipri = oldowner->curpri ? -1 : 0;
-+ /* number of readers */
-+ readers = node->lock.nr_readers;
-+ /* +1 if write lock, -1 if read lock */
-+ rdelta = (readers > 0) ? -1 : +1;
-+ /* true if node is to die and write lock is released */
-+ youdie = ZF_ISSET(node, JNODE_HEARD_BANSHEE) && (readers < 0);
-+
-+ spin_lock_zlock(&node->lock);
-+
-+ assert("zam-101", znode_is_locked(node));
-+
-+ /* Adjust a number of high priority owners of this lock */
-+ node->lock.nr_hipri_owners += hipri;
-+ assert("nikita-1836", node->lock.nr_hipri_owners >= 0);
-+
-+ /* Handle znode deallocation on last write-lock release. */
-+ if (znode_is_wlocked_once(node)) {
-+ if (youdie) {
-+ forget_znode(handle);
-+ assert("nikita-2191", znode_invariant(node));
-+ zput(node);
-+ return;
-+ }
-+ }
-+
-+ if (handle->signaled)
-+ atomic_dec(&oldowner->nr_signaled);
-+
-+ /* Unlocking means owner<->object link deletion */
-+ unlink_object(handle);
-+
-+ /* This is enough to be sure whether an object is completely
-+ unlocked. */
-+ node->lock.nr_readers += rdelta;
-+
-+ /* If the node is locked it must have an owners list. Likewise, if
-+ the node is unlocked it must have an empty owners list. */
-+ assert("zam-319", equi(znode_is_locked(node),
-+ !list_empty_careful(&node->lock.owners)));
-+
-+#if REISER4_DEBUG
-+ if (!znode_is_locked(node))
-+ ++node->times_locked;
-+#endif
-+
-+ /* If there are pending lock requests we wake up a requestor */
-+ if (!znode_is_wlocked(node))
-+ dispatch_lock_requests(node);
-+ if (check_deadlock_condition(node))
-+ wake_up_all_lopri_owners(node);
-+ spin_unlock_zlock(&node->lock);
-+
-+ /* minus one reference from handle->node */
-+ assert("nikita-2190", znode_invariant(node));
-+ ON_DEBUG(check_lock_data());
-+ ON_DEBUG(check_lock_node_data(node));
-+ zput(node);
-+}
-+
-+/* final portion of longterm-lock */
-+static int
-+lock_tail(lock_stack * owner, int ok, znode_lock_mode mode)
-+{
-+ znode *node = owner->request.node;
-+
-+ assert_spin_locked(&(node->lock.guard));
-+
-+ /* If we broke with (ok == 0) it means we can_lock, now do it. */
-+ if (ok == 0) {
-+ lock_object(owner);
-+ owner->request.mode = 0;
-+ /* count a reference from lockhandle->node
-+
-+ znode was already referenced at the entry to this function,
-+ hence taking spin-lock here is not necessary (see comment
-+ in the zref()).
-+ */
-+ zref(node);
-+
-+ LOCK_CNT_INC(long_term_locked_znode);
-+ }
-+ spin_unlock_zlock(&node->lock);
-+ ON_DEBUG(check_lock_data());
-+ ON_DEBUG(check_lock_node_data(node));
-+ return ok;
-+}
-+
-+/*
-+ * version of longterm_znode_lock() optimized for the most common case: read
-+ * lock without any special flags. This is the kind of lock that any tree
-+ * traversal takes on the root node of the tree, which is very frequent.
-+ */
-+static int longterm_lock_tryfast(lock_stack * owner)
-+{
-+ int result;
-+ znode *node;
-+ zlock *lock;
-+
-+ node = owner->request.node;
-+ lock = &node->lock;
-+
-+ assert("nikita-3340", schedulable());
-+ assert("nikita-3341", request_is_deadlock_safe(node,
-+ ZNODE_READ_LOCK,
-+ ZNODE_LOCK_LOPRI));
-+ spin_lock_zlock(lock);
-+ result = can_lock_object(owner);
-+ spin_unlock_zlock(lock);
-+
-+ if (likely(result != -EINVAL)) {
-+ spin_lock_znode(node);
-+ result = try_capture(ZJNODE(node), ZNODE_READ_LOCK, 0);
-+ spin_unlock_znode(node);
-+ spin_lock_zlock(lock);
-+ if (unlikely(result != 0)) {
-+ owner->request.mode = 0;
-+ } else {
-+ result = can_lock_object(owner);
-+ if (unlikely(result == -E_REPEAT)) {
-+ /* fall back to longterm_lock_znode() */
-+ spin_unlock_zlock(lock);
-+ return 1;
-+ }
-+ }
-+ return lock_tail(owner, result, ZNODE_READ_LOCK);
-+ } else
-+ return 1;
-+}
-+
-+/* locks given lock object */
-+int longterm_lock_znode(
-+ /* local link object (allocated by lock owner thread, usually on its own
-+ * stack) */
-+ lock_handle * handle,
-+ /* znode we want to lock. */
-+ znode * node,
-+ /* {ZNODE_READ_LOCK, ZNODE_WRITE_LOCK}; */
-+ znode_lock_mode mode,
-+ /* {0, -EINVAL, -E_DEADLOCK}, see return codes description. */
-+ znode_lock_request request) {
-+ int ret;
-+ int hipri = (request & ZNODE_LOCK_HIPRI) != 0;
-+ int non_blocking = 0;
-+ int has_atom;
-+ txn_capture cap_flags;
-+ zlock *lock;
-+ txn_handle *txnh;
-+ tree_level level;
-+
-+ /* Get current process context */
-+ lock_stack *owner = get_current_lock_stack();
-+
-+ /* Check that the lock handle is initialized and isn't already being
-+ * used. */
-+ assert("jmacd-808", handle->owner == NULL);
-+ assert("nikita-3026", schedulable());
-+ assert("nikita-3219", request_is_deadlock_safe(node, mode, request));
-+ assert("zam-1056", atomic_read(&ZJNODE(node)->x_count) > 0);
-+ /* long term locks are not allowed in the VM contexts (->writepage(),
-+ * prune_{d,i}cache()).
-+ *
-+ * FIXME this doesn't work due to unused-dentry-with-unlinked-inode
-+ * bug caused by d_splice_alias() only working for directories.
-+ */
-+ assert("nikita-3547", 1 || ((current->flags & PF_MEMALLOC) == 0));
-+ assert ("zam-1055", mode != ZNODE_NO_LOCK);
-+
-+ cap_flags = 0;
-+ if (request & ZNODE_LOCK_NONBLOCK) {
-+ cap_flags |= TXN_CAPTURE_NONBLOCKING;
-+ non_blocking = 1;
-+ }
-+
-+ if (request & ZNODE_LOCK_DONT_FUSE)
-+ cap_flags |= TXN_CAPTURE_DONT_FUSE;
-+
-+ /* If we are changing our process priority we must adjust a number
-+ of high priority owners for each znode that we already lock */
-+ if (hipri) {
-+ set_high_priority(owner);
-+ } else {
-+ set_low_priority(owner);
-+ }
-+
-+ level = znode_get_level(node);
-+
-+ /* Fill request structure with our values. */
-+ owner->request.mode = mode;
-+ owner->request.handle = handle;
-+ owner->request.node = node;
-+
-+ txnh = get_current_context()->trans;
-+ lock = &node->lock;
-+
-+ if (mode == ZNODE_READ_LOCK && request == 0) {
-+ ret = longterm_lock_tryfast(owner);
-+ if (ret <= 0)
-+ return ret;
-+ }
-+
-+ has_atom = (txnh->atom != NULL);
-+
-+ /* Synchronize on node's zlock guard lock. */
-+ spin_lock_zlock(lock);
-+
-+ if (znode_is_locked(node) &&
-+ mode == ZNODE_WRITE_LOCK && recursive(owner))
-+ return lock_tail(owner, 0, mode);
-+
-+ for (;;) {
-+ /* Check the lock's availability: if it is unavaiable we get
-+ E_REPEAT, 0 indicates "can_lock", otherwise the node is
-+ invalid. */
-+ ret = can_lock_object(owner);
-+
-+ if (unlikely(ret == -EINVAL)) {
-+ /* @node is dying. Leave it alone. */
-+ break;
-+ }
-+
-+ if (unlikely(ret == -E_REPEAT && non_blocking)) {
-+ /* either locking of @node by the current thread will
-+ * lead to the deadlock, or lock modes are
-+ * incompatible. */
-+ break;
-+ }
-+
-+ assert("nikita-1844", (ret == 0)
-+ || ((ret == -E_REPEAT) && !non_blocking));
-+ /* If we can get the lock... Try to capture first before
-+ taking the lock. */
-+
-+ /* first handle commonest case where node and txnh are already
-+ * in the same atom. */
-+ /* safe to do without taking locks, because:
-+ *
-+ * 1. read of aligned word is atomic with respect to writes to
-+ * this word
-+ *
-+ * 2. false negatives are handled in try_capture().
-+ *
-+ * 3. false positives are impossible.
-+ *
-+ * PROOF: left as an exercise to the curious reader.
-+ *
-+ * Just kidding. Here is one:
-+ *
-+ * At the time T0 txnh->atom is stored in txnh_atom.
-+ *
-+ * At the time T1 node->atom is stored in node_atom.
-+ *
-+ * At the time T2 we observe that
-+ *
-+ * txnh_atom != NULL && node_atom == txnh_atom.
-+ *
-+ * Imagine that at this moment we acquire node and txnh spin
-+ * lock in this order. Suppose that under spin lock we have
-+ *
-+ * node->atom != txnh->atom, (S1)
-+ *
-+ * at the time T3.
-+ *
-+ * txnh->atom != NULL still, because txnh is open by the
-+ * current thread.
-+ *
-+ * Suppose node->atom == NULL, that is, node was un-captured
-+ * between T1, and T3. But un-capturing of formatted node is
-+ * always preceded by the call to invalidate_lock(), which
-+ * marks znode as JNODE_IS_DYING under zlock spin
-+ * lock. Contradiction, because can_lock_object() above checks
-+ * for JNODE_IS_DYING. Hence, node->atom != NULL at T3.
-+ *
-+ * Suppose that node->atom != node_atom, that is, atom, node
-+ * belongs to was fused into another atom: node_atom was fused
-+ * into node->atom. Atom of txnh was equal to node_atom at T2,
-+ * which means that under spin lock, txnh->atom == node->atom,
-+ * because txnh->atom can only follow fusion
-+ * chain. Contradicts S1.
-+ *
-+ * The same for hypothesis txnh->atom != txnh_atom. Hence,
-+ * node->atom == node_atom == txnh_atom == txnh->atom. Again
-+ * contradicts S1. Hence S1 is false. QED.
-+ *
-+ */
-+
-+ if (likely(has_atom && ZJNODE(node)->atom == txnh->atom)) {
-+ ;
-+ } else {
-+ /*
-+ * unlock zlock spin lock here. It is possible for
-+ * longterm_unlock_znode() to sneak in here, but there
-+ * is no harm: invalidate_lock() will mark znode as
-+ * JNODE_IS_DYING and this will be noted by
-+ * can_lock_object() below.
-+ */
-+ spin_unlock_zlock(lock);
-+ spin_lock_znode(node);
-+ ret = try_capture(ZJNODE(node), mode, cap_flags);
-+ spin_unlock_znode(node);
-+ spin_lock_zlock(lock);
-+ if (unlikely(ret != 0)) {
-+ /* In the failure case, the txnmgr releases
-+ the znode's lock (or in some cases, it was
-+ released a while ago). There's no need to
-+ reacquire it so we should return here,
-+ avoid releasing the lock. */
-+ owner->request.mode = 0;
-+ break;
-+ }
-+
-+ /* Check the lock's availability again -- this is
-+ because under some circumstances the capture code
-+ has to release and reacquire the znode spinlock. */
-+ ret = can_lock_object(owner);
-+ }
-+
-+ /* This time, a return of (ret == 0) means we can lock, so we
-+ should break out of the loop. */
-+ if (likely(ret != -E_REPEAT || non_blocking)) {
-+ break;
-+ }
-+
-+ /* Lock is unavailable, we have to wait. */
-+
-+ /* By having semaphore initialization here we cannot lose
-+ wakeup signal even if it comes after `nr_signaled' field
-+ check. */
-+ ret = prepare_to_sleep(owner);
-+ if (unlikely(ret != 0)) {
-+ break;
-+ }
-+
-+ assert_spin_locked(&(node->lock.guard));
-+ if (hipri) {
-+ /* If we are going in high priority direction then
-+ increase high priority requests counter for the
-+ node */
-+ lock->nr_hipri_requests++;
-+ if (mode == ZNODE_WRITE_LOCK)
-+ lock->nr_hipri_write_requests ++;
-+ /* If there are no high priority owners for a node,
-+ then immediately wake up low priority owners, so
-+ they can detect possible deadlock */
-+ if (lock->nr_hipri_owners == 0)
-+ wake_up_all_lopri_owners(node);
-+ }
-+ list_add_tail(&owner->requestors_link, &lock->requestors);
-+
-+ /* Ok, here we have prepared a lock request, so unlock
-+ a znode ... */
-+ spin_unlock_zlock(lock);
-+ /* ... and sleep */
-+ go_to_sleep(owner);
-+ if (owner->request.mode == ZNODE_NO_LOCK)
-+ goto request_is_done;
-+ spin_lock_zlock(lock);
-+ if (owner->request.mode == ZNODE_NO_LOCK) {
-+ spin_unlock_zlock(lock);
-+ request_is_done:
-+ if (owner->request.ret_code == 0) {
-+ LOCK_CNT_INC(long_term_locked_znode);
-+ zref(node);
-+ }
-+ return owner->request.ret_code;
-+ }
-+ remove_lock_request(owner);
-+ }
-+
-+ return lock_tail(owner, ret, mode);
-+}
-+
-+/* lock object invalidation means changing of lock object state to `INVALID'
-+ and waiting for all other processes to cancel theirs lock requests. */
-+void invalidate_lock(lock_handle * handle /* path to lock
-+ * owner and lock
-+ * object is being
-+ * invalidated. */ )
-+{
-+ znode *node = handle->node;
-+ lock_stack *owner = handle->owner;
-+
-+ assert("zam-325", owner == get_current_lock_stack());
-+ assert("zam-103", znode_is_write_locked(node));
-+ assert("nikita-1393", !ZF_ISSET(node, JNODE_LEFT_CONNECTED));
-+ assert("nikita-1793", !ZF_ISSET(node, JNODE_RIGHT_CONNECTED));
-+ assert("nikita-1394", ZF_ISSET(node, JNODE_HEARD_BANSHEE));
-+ assert("nikita-3097", znode_is_wlocked_once(node));
-+ assert_spin_locked(&(node->lock.guard));
-+
-+ if (handle->signaled)
-+ atomic_dec(&owner->nr_signaled);
-+
-+ ZF_SET(node, JNODE_IS_DYING);
-+ unlink_object(handle);
-+ node->lock.nr_readers = 0;
-+
-+ invalidate_all_lock_requests(node);
-+ spin_unlock_zlock(&node->lock);
-+}
-+
-+/* Initializes lock_stack. */
-+void init_lock_stack(lock_stack * owner /* pointer to
-+ * allocated
-+ * structure. */ )
-+{
-+ INIT_LIST_HEAD(&owner->locks);
-+ INIT_LIST_HEAD(&owner->requestors_link);
-+ spin_lock_init(&owner->sguard);
-+ owner->curpri = 1;
-+ sema_init(&owner->sema, 0);
-+}
-+
-+/* Initializes lock object. */
-+void reiser4_init_lock(zlock * lock /* pointer on allocated
-+ * uninitialized lock object
-+ * structure. */ )
-+{
-+ memset(lock, 0, sizeof(zlock));
-+ spin_lock_init(&lock->guard);
-+ INIT_LIST_HEAD(&lock->requestors);
-+ INIT_LIST_HEAD(&lock->owners);
-+}
-+
-+/* Transfer a lock handle (presumably so that variables can be moved between stack and
-+ heap locations). */
-+static void
-+move_lh_internal(lock_handle * new, lock_handle * old, int unlink_old)
-+{
-+ znode *node = old->node;
-+ lock_stack *owner = old->owner;
-+ int signaled;
-+
-+ /* locks_list, modified by link_object() is not protected by
-+ anything. This is valid because only current thread ever modifies
-+ locks_list of its lock_stack.
-+ */
-+ assert("nikita-1827", owner == get_current_lock_stack());
-+ assert("nikita-1831", new->owner == NULL);
-+
-+ spin_lock_zlock(&node->lock);
-+
-+ signaled = old->signaled;
-+ if (unlink_old) {
-+ unlink_object(old);
-+ } else {
-+ if (node->lock.nr_readers > 0) {
-+ node->lock.nr_readers += 1;
-+ } else {
-+ node->lock.nr_readers -= 1;
-+ }
-+ if (signaled) {
-+ atomic_inc(&owner->nr_signaled);
-+ }
-+ if (owner->curpri) {
-+ node->lock.nr_hipri_owners += 1;
-+ }
-+ LOCK_CNT_INC(long_term_locked_znode);
-+
-+ zref(node);
-+ }
-+ link_object(new, owner, node);
-+ new->signaled = signaled;
-+
-+ spin_unlock_zlock(&node->lock);
-+}
-+
-+void move_lh(lock_handle * new, lock_handle * old)
-+{
-+ move_lh_internal(new, old, /*unlink_old */ 1);
-+}
-+
-+void copy_lh(lock_handle * new, lock_handle * old)
-+{
-+ move_lh_internal(new, old, /*unlink_old */ 0);
-+}
-+
-+/* after getting -E_DEADLOCK we unlock znodes until this function returns false */
-+int check_deadlock(void)
-+{
-+ lock_stack *owner = get_current_lock_stack();
-+ return atomic_read(&owner->nr_signaled) != 0;
-+}
-+
-+/* Before going to sleep we re-check "release lock" requests which might come from threads with hi-pri lock
-+ priorities. */
-+int prepare_to_sleep(lock_stack * owner)
-+{
-+ assert("nikita-1847", owner == get_current_lock_stack());
-+ /* NOTE(Zam): We cannot reset the lock semaphore here because it may
-+ clear wake-up signal. The initial design was to re-check all
-+ conditions under which we continue locking, release locks or sleep
-+ until conditions are changed. However, even lock.c does not follow
-+ that design. So, wake-up signal which is stored in semaphore state
-+ could we loosen by semaphore reset. The less complex scheme without
-+ resetting the semaphore is enough to not to loose wake-ups.
-+
-+ if (0) {
-+
-+ NOTE-NIKITA: I commented call to sema_init() out hoping
-+ that it is the reason or thread sleeping in
-+ down(&owner->sema) without any other thread running.
-+
-+ Anyway, it is just an optimization: is semaphore is not
-+ reinitialised at this point, in the worst case
-+ longterm_lock_znode() would have to iterate its loop once
-+ more.
-+ spin_lock_stack(owner);
-+ sema_init(&owner->sema, 0);
-+ spin_unlock_stack(owner);
-+ }
-+ */
-+
-+ /* We return -E_DEADLOCK if one or more "give me the lock" messages are
-+ * counted in nr_signaled */
-+ if (unlikely(atomic_read(&owner->nr_signaled) != 0)) {
-+ assert("zam-959", !owner->curpri);
-+ return RETERR(-E_DEADLOCK);
-+ }
-+ return 0;
-+}
-+
-+/* Wakes up a single thread */
-+void __reiser4_wake_up(lock_stack * owner)
-+{
-+ up(&owner->sema);
-+}
-+
-+/* Puts a thread to sleep */
-+void go_to_sleep(lock_stack * owner)
-+{
-+ /* Well, we might sleep here, so holding of any spinlocks is no-no */
-+ assert("nikita-3027", schedulable());
-+ /* return down_interruptible(&owner->sema); */
-+ down(&owner->sema);
-+}
-+
-+int lock_stack_isclean(lock_stack * owner)
-+{
-+ if (list_empty_careful(&owner->locks)) {
-+ assert("zam-353", atomic_read(&owner->nr_signaled) == 0);
-+ return 1;
-+ }
-+
-+ return 0;
-+}
-+
-+#if REISER4_DEBUG
-+
-+/*
-+ * debugging functions
-+ */
-+
-+static void list_check(struct list_head *head)
-+{
-+ struct list_head *pos;
-+
-+ list_for_each(pos, head)
-+ assert("", (pos->prev != NULL && pos->next != NULL &&
-+ pos->prev->next == pos && pos->next->prev == pos));
-+}
-+
-+/* check consistency of locking data-structures hanging of the @stack */
-+static void check_lock_stack(lock_stack * stack)
-+{
-+ spin_lock_stack(stack);
-+ /* check that stack->locks is not corrupted */
-+ list_check(&stack->locks);
-+ spin_unlock_stack(stack);
-+}
-+
-+/* check consistency of locking data structures */
-+void check_lock_data(void)
-+{
-+ check_lock_stack(&get_current_context()->stack);
-+}
-+
-+/* check consistency of locking data structures for @node */
-+void check_lock_node_data(znode * node)
-+{
-+ spin_lock_zlock(&node->lock);
-+ list_check(&node->lock.owners);
-+ list_check(&node->lock.requestors);
-+ spin_unlock_zlock(&node->lock);
-+}
-+
-+/* check that given lock request is dead lock safe. This check is, of course,
-+ * not exhaustive. */
-+static int
-+request_is_deadlock_safe(znode * node, znode_lock_mode mode,
-+ znode_lock_request request)
-+{
-+ lock_stack *owner;
-+
-+ owner = get_current_lock_stack();
-+ /*
-+ * check that hipri lock request is not issued when there are locked
-+ * nodes at the higher levels.
-+ */
-+ if (request & ZNODE_LOCK_HIPRI && !(request & ZNODE_LOCK_NONBLOCK) &&
-+ znode_get_level(node) != 0) {
-+ lock_handle *item;
-+
-+ list_for_each_entry(item, &owner->locks, locks_link) {
-+ znode *other;
-+
-+ other = item->node;
-+
-+ if (znode_get_level(other) == 0)
-+ continue;
-+ if (znode_get_level(other) > znode_get_level(node))
-+ return 0;
-+ }
-+ }
-+ return 1;
-+}
-+
-+#endif
-+
-+/* return pointer to static storage with name of lock_mode. For
-+ debugging */
-+const char *lock_mode_name(znode_lock_mode lock /* lock mode to get name of */ )
-+{
-+ if (lock == ZNODE_READ_LOCK)
-+ return "read";
-+ else if (lock == ZNODE_WRITE_LOCK)
-+ return "write";
-+ else {
-+ static char buf[30];
-+
-+ sprintf(buf, "unknown: %i", lock);
-+ return buf;
-+ }
-+}
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 79
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/lock.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/lock.h
-@@ -0,0 +1,272 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* Long term locking data structures. See lock.c for details. */
-+
-+#ifndef __LOCK_H__
-+#define __LOCK_H__
-+
-+#include "forward.h"
-+#include "debug.h"
-+#include "dformat.h"
-+#include "key.h"
-+#include "coord.h"
-+#include "plugin/node/node.h"
-+#include "txnmgr.h"
-+#include "readahead.h"
-+
-+#include <linux/types.h>
-+#include <linux/spinlock.h>
-+#include <linux/pagemap.h> /* for PAGE_CACHE_SIZE */
-+#include <asm/atomic.h>
-+#include <asm/semaphore.h>
-+
-+/* Per-znode lock object */
-+struct zlock {
-+ spinlock_t guard;
-+ /* The number of readers if positive; the number of recursively taken
-+ write locks if negative. Protected by zlock spin lock. */
-+ int nr_readers;
-+ /* A number of processes (lock_stacks) that have this object
-+ locked with high priority */
-+ unsigned nr_hipri_owners;
-+ /* A number of attempts to lock znode in high priority direction */
-+ unsigned nr_hipri_requests;
-+ /* A linked list of lock_handle objects that contains pointers
-+ for all lock_stacks which have this lock object locked */
-+ unsigned nr_hipri_write_requests;
-+ struct list_head owners;
-+ /* A linked list of lock_stacks that wait for this lock */
-+ struct list_head requestors;
-+};
-+
-+static inline void spin_lock_zlock(zlock *lock)
-+{
-+ /* check that zlock is not locked */
-+ assert("", LOCK_CNT_NIL(spin_locked_zlock));
-+ /* check that spinlocks of lower priorities are not held */
-+ assert("", LOCK_CNT_NIL(spin_locked_stack));
-+
-+ spin_lock(&lock->guard);
-+
-+ LOCK_CNT_INC(spin_locked_zlock);
-+ LOCK_CNT_INC(spin_locked);
-+}
-+
-+static inline void spin_unlock_zlock(zlock *lock)
-+{
-+ assert("nikita-1375", LOCK_CNT_GTZ(spin_locked_zlock));
-+ assert("nikita-1376", LOCK_CNT_GTZ(spin_locked));
-+
-+ LOCK_CNT_DEC(spin_locked_zlock);
-+ LOCK_CNT_DEC(spin_locked);
-+
-+ spin_unlock(&lock->guard);
-+}
-+
-+#define lock_is_locked(lock) ((lock)->nr_readers != 0)
-+#define lock_is_rlocked(lock) ((lock)->nr_readers > 0)
-+#define lock_is_wlocked(lock) ((lock)->nr_readers < 0)
-+#define lock_is_wlocked_once(lock) ((lock)->nr_readers == -1)
-+#define lock_can_be_rlocked(lock) ((lock)->nr_readers >=0)
-+#define lock_mode_compatible(lock, mode) \
-+ (((mode) == ZNODE_WRITE_LOCK && !lock_is_locked(lock)) || \
-+ ((mode) == ZNODE_READ_LOCK && lock_can_be_rlocked(lock)))
-+
-+/* Since we have R/W znode locks we need additional bidirectional `link'
-+ objects to implement n<->m relationship between lock owners and lock
-+ objects. We call them `lock handles'.
-+
-+ Locking: see lock.c/"SHORT-TERM LOCKING"
-+*/
-+struct lock_handle {
-+ /* This flag indicates that a signal to yield a lock was passed to
-+ lock owner and counted in owner->nr_signalled
-+
-+ Locking: this is accessed under spin lock on ->node.
-+ */
-+ int signaled;
-+ /* A link to owner of a lock */
-+ lock_stack *owner;
-+ /* A link to znode locked */
-+ znode *node;
-+ /* A list of all locks for a process */
-+ struct list_head locks_link;
-+ /* A list of all owners for a znode */
-+ struct list_head owners_link;
-+};
-+
-+typedef struct lock_request {
-+ /* A pointer to uninitialized link object */
-+ lock_handle *handle;
-+ /* A pointer to the object we want to lock */
-+ znode *node;
-+ /* Lock mode (ZNODE_READ_LOCK or ZNODE_WRITE_LOCK) */
-+ znode_lock_mode mode;
-+ /* how dispatch_lock_requests() returns lock request result code */
-+ int ret_code;
-+} lock_request;
-+
-+/* A lock stack structure for accumulating locks owned by a process */
-+struct lock_stack {
-+ /* A guard lock protecting a lock stack */
-+ spinlock_t sguard;
-+ /* number of znodes which were requested by high priority processes */
-+ atomic_t nr_signaled;
-+ /* Current priority of a process
-+
-+ This is only accessed by the current thread and thus requires no
-+ locking.
-+ */
-+ int curpri;
-+ /* A list of all locks owned by this process. Elements can be added to
-+ * this list only by the current thread. ->node pointers in this list
-+ * can be only changed by the current thread. */
-+ struct list_head locks;
-+ /* When lock_stack waits for the lock, it puts itself on double-linked
-+ requestors list of that lock */
-+ struct list_head requestors_link;
-+ /* Current lock request info.
-+
-+ This is only accessed by the current thread and thus requires no
-+ locking.
-+ */
-+ lock_request request;
-+ /* It is a lock_stack's synchronization object for when process sleeps
-+ when requested lock not on this lock_stack but which it wishes to
-+ add to this lock_stack is not immediately available. It is used
-+ instead of wait_queue_t object due to locking problems (lost wake
-+ up). "lost wakeup" occurs when process is waken up before he actually
-+ becomes 'sleepy' (through sleep_on()). Using of semaphore object is
-+ simplest way to avoid that problem.
-+
-+ A semaphore is used in the following way: only the process that is
-+ the owner of the lock_stack initializes it (to zero) and calls
-+ down(sema) on it. Usually this causes the process to sleep on the
-+ semaphore. Other processes may wake him up by calling up(sema). The
-+ advantage to a semaphore is that up() and down() calls are not
-+ required to preserve order. Unlike wait_queue it works when process
-+ is woken up before getting to sleep.
-+
-+ NOTE-NIKITA: Transaction manager is going to have condition variables
-+ (&kcondvar_t) anyway, so this probably will be replaced with
-+ one in the future.
-+
-+ After further discussion, Nikita has shown me that Zam's implementation is
-+ exactly a condition variable. The znode's {zguard,requestors_list} represents
-+ condition variable and the lock_stack's {sguard,semaphore} guards entry and
-+ exit from the condition variable's wait queue. But the existing code can't
-+ just be replaced with a more general abstraction, and I think its fine the way
-+ it is. */
-+ struct semaphore sema;
-+#if REISER4_DEBUG
-+ int nr_locks; /* number of lock handles in the above list */
-+#endif
-+};
-+
-+
-+/*
-+ User-visible znode locking functions
-+*/
-+
-+extern int longterm_lock_znode(lock_handle * handle,
-+ znode * node,
-+ znode_lock_mode mode,
-+ znode_lock_request request);
-+
-+extern void longterm_unlock_znode(lock_handle * handle);
-+
-+extern int check_deadlock(void);
-+
-+extern lock_stack *get_current_lock_stack(void);
-+
-+extern void init_lock_stack(lock_stack * owner);
-+extern void reiser4_init_lock(zlock * lock);
-+
-+static inline void init_lh(lock_handle *lh)
-+{
-+#if REISER4_DEBUG
-+ memset(lh, 0, sizeof *lh);
-+ INIT_LIST_HEAD(&lh->locks_link);
-+ INIT_LIST_HEAD(&lh->owners_link);
-+#else
-+ lh->node = NULL;
-+#endif
-+}
-+
-+static inline void done_lh(lock_handle *lh)
-+{
-+ assert("zam-342", lh != NULL);
-+ if (lh->node != NULL)
-+ longterm_unlock_znode(lh);
-+}
-+
-+extern void move_lh(lock_handle * new, lock_handle * old);
-+extern void copy_lh(lock_handle * new, lock_handle * old);
-+
-+extern int prepare_to_sleep(lock_stack * owner);
-+extern void go_to_sleep(lock_stack * owner);
-+extern void __reiser4_wake_up(lock_stack * owner);
-+
-+extern int lock_stack_isclean(lock_stack * owner);
-+
-+/* zlock object state check macros: only used in assertions. Both forms imply that the
-+ lock is held by the current thread. */
-+extern int znode_is_write_locked(const znode *);
-+extern void invalidate_lock(lock_handle *);
-+
-+/* lock ordering is: first take zlock spin lock, then lock stack spin lock */
-+#define spin_ordering_pred_stack(stack) \
-+ (LOCK_CNT_NIL(spin_locked_stack) && \
-+ LOCK_CNT_NIL(spin_locked_txnmgr) && \
-+ LOCK_CNT_NIL(spin_locked_inode) && \
-+ LOCK_CNT_NIL(rw_locked_cbk_cache) && \
-+ LOCK_CNT_NIL(spin_locked_super_eflush) )
-+
-+static inline void spin_lock_stack(lock_stack *stack)
-+{
-+ assert("", spin_ordering_pred_stack(stack));
-+ spin_lock(&(stack->sguard));
-+ LOCK_CNT_INC(spin_locked_stack);
-+ LOCK_CNT_INC(spin_locked);
-+}
-+
-+static inline void spin_unlock_stack(lock_stack *stack)
-+{
-+ assert_spin_locked(&(stack->sguard));
-+ assert("nikita-1375", LOCK_CNT_GTZ(spin_locked_stack));
-+ assert("nikita-1376", LOCK_CNT_GTZ(spin_locked));
-+ LOCK_CNT_DEC(spin_locked_stack);
-+ LOCK_CNT_DEC(spin_locked);
-+ spin_unlock(&(stack->sguard));
-+}
-+
-+
-+static inline void reiser4_wake_up(lock_stack * owner)
-+{
-+ spin_lock_stack(owner);
-+ __reiser4_wake_up(owner);
-+ spin_unlock_stack(owner);
-+}
-+
-+const char *lock_mode_name(znode_lock_mode lock);
-+
-+#if REISER4_DEBUG
-+extern void check_lock_data(void);
-+extern void check_lock_node_data(znode * node);
-+#else
-+#define check_lock_data() noop
-+#define check_lock_node_data() noop
-+#endif
-+
-+/* __LOCK_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/oid.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/oid.c
-@@ -0,0 +1,141 @@
-+/* Copyright 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+#include "debug.h"
-+#include "super.h"
-+#include "txnmgr.h"
-+
-+/* we used to have oid allocation plugin. It was removed because it
-+ was recognized as providing unneeded level of abstraction. If one
-+ ever will find it useful - look at yet_unneeded_abstractions/oid
-+*/
-+
-+/*
-+ * initialize in-memory data for oid allocator at @super. @nr_files and @next
-+ * are provided by disk format plugin that reads them from the disk during
-+ * mount.
-+ */
-+int oid_init_allocator(struct super_block *super, oid_t nr_files, oid_t next)
-+{
-+ reiser4_super_info_data *sbinfo;
-+
-+ sbinfo = get_super_private(super);
-+
-+ sbinfo->next_to_use = next;
-+ sbinfo->oids_in_use = nr_files;
-+ return 0;
-+}
-+
-+/*
-+ * allocate oid and return it. ABSOLUTE_MAX_OID is returned when allocator
-+ * runs out of oids.
-+ */
-+oid_t oid_allocate(struct super_block * super)
-+{
-+ reiser4_super_info_data *sbinfo;
-+ oid_t oid;
-+
-+ sbinfo = get_super_private(super);
-+
-+ spin_lock_reiser4_super(sbinfo);
-+ if (sbinfo->next_to_use != ABSOLUTE_MAX_OID) {
-+ oid = sbinfo->next_to_use++;
-+ sbinfo->oids_in_use++;
-+ } else
-+ oid = ABSOLUTE_MAX_OID;
-+ spin_unlock_reiser4_super(sbinfo);
-+ return oid;
-+}
-+
-+/*
-+ * Tell oid allocator that @oid is now free.
-+ */
-+int oid_release(struct super_block *super, oid_t oid UNUSED_ARG)
-+{
-+ reiser4_super_info_data *sbinfo;
-+
-+ sbinfo = get_super_private(super);
-+
-+ spin_lock_reiser4_super(sbinfo);
-+ sbinfo->oids_in_use--;
-+ spin_unlock_reiser4_super(sbinfo);
-+ return 0;
-+}
-+
-+/*
-+ * return next @oid that would be allocated (i.e., returned by oid_allocate())
-+ * without actually allocating it. This is used by disk format plugin to save
-+ * oid allocator state on the disk.
-+ */
-+oid_t oid_next(const struct super_block * super)
-+{
-+ reiser4_super_info_data *sbinfo;
-+ oid_t oid;
-+
-+ sbinfo = get_super_private(super);
-+
-+ spin_lock_reiser4_super(sbinfo);
-+ oid = sbinfo->next_to_use;
-+ spin_unlock_reiser4_super(sbinfo);
-+ return oid;
-+}
-+
-+/*
-+ * returns number of currently used oids. This is used by statfs(2) to report
-+ * number of "inodes" and by disk format plugin to save oid allocator state on
-+ * the disk.
-+ */
-+long oids_used(const struct super_block *super)
-+{
-+ reiser4_super_info_data *sbinfo;
-+ oid_t used;
-+
-+ sbinfo = get_super_private(super);
-+
-+ spin_lock_reiser4_super(sbinfo);
-+ used = sbinfo->oids_in_use;
-+ spin_unlock_reiser4_super(sbinfo);
-+ if (used < (__u64) ((long)~0) >> 1)
-+ return (long)used;
-+ else
-+ return (long)-1;
-+}
-+
-+/*
-+ * Count oid as allocated in atom. This is done after call to oid_allocate()
-+ * at the point when we are irrevocably committed to creation of the new file
-+ * (i.e., when oid allocation cannot be any longer rolled back due to some
-+ * error).
-+ */
-+void oid_count_allocated(void)
-+{
-+ txn_atom *atom;
-+
-+ atom = get_current_atom_locked();
-+ atom->nr_objects_created++;
-+ spin_unlock_atom(atom);
-+}
-+
-+/*
-+ * Count oid as free in atom. This is done after call to oid_release() at the
-+ * point when we are irrevocably committed to the deletion of the file (i.e.,
-+ * when oid release cannot be any longer rolled back due to some error).
-+ */
-+void oid_count_released(void)
-+{
-+ txn_atom *atom;
-+
-+ atom = get_current_atom_locked();
-+ atom->nr_objects_deleted++;
-+ spin_unlock_atom(atom);
-+}
-+
-+/*
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/page_cache.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/page_cache.c
-@@ -0,0 +1,712 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* Memory pressure hooks. Fake inodes handling. */
-+/* We store all file system meta data (and data, of course) in the page cache.
-+
-+ What does this mean? In stead of using bread/brelse we create special
-+ "fake" inode (one per super block) and store content of formatted nodes
-+ into pages bound to this inode in the page cache. In newer kernels bread()
-+ already uses inode attached to block device (bd_inode). Advantage of having
-+ our own fake inode is that we can install appropriate methods in its
-+ address_space operations. Such methods are called by VM on memory pressure
-+ (or during background page flushing) and we can use them to react
-+ appropriately.
-+
-+ In initial version we only support one block per page. Support for multiple
-+ blocks per page is complicated by relocation.
-+
-+ To each page, used by reiser4, jnode is attached. jnode is analogous to
-+ buffer head. Difference is that jnode is bound to the page permanently:
-+ jnode cannot be removed from memory until its backing page is.
-+
-+ jnode contain pointer to page (->pg field) and page contain pointer to
-+ jnode in ->private field. Pointer from jnode to page is protected to by
-+ jnode's spinlock and pointer from page to jnode is protected by page lock
-+ (PG_locked bit). Lock ordering is: first take page lock, then jnode spin
-+ lock. To go into reverse direction use jnode_lock_page() function that uses
-+ standard try-lock-and-release device.
-+
-+ Properties:
-+
-+ 1. when jnode-to-page mapping is established (by jnode_attach_page()), page
-+ reference counter is increased.
-+
-+ 2. when jnode-to-page mapping is destroyed (by jnode_detach_page() and
-+ page_detach_jnode()), page reference counter is decreased.
-+
-+ 3. on jload() reference counter on jnode page is increased, page is
-+ kmapped and `referenced'.
-+
-+ 4. on jrelse() inverse operations are performed.
-+
-+ 5. kmapping/kunmapping of unformatted pages is done by read/write methods.
-+
-+ DEADLOCKS RELATED TO MEMORY PRESSURE. [OUTDATED. Only interesting
-+ historically.]
-+
-+ [In the following discussion, `lock' invariably means long term lock on
-+ znode.] (What about page locks?)
-+
-+ There is some special class of deadlock possibilities related to memory
-+ pressure. Locks acquired by other reiser4 threads are accounted for in
-+ deadlock prevention mechanism (lock.c), but when ->vm_writeback() is
-+ invoked additional hidden arc is added to the locking graph: thread that
-+ tries to allocate memory waits for ->vm_writeback() to finish. If this
-+ thread keeps lock and ->vm_writeback() tries to acquire this lock, deadlock
-+ prevention is useless.
-+
-+ Another related problem is possibility for ->vm_writeback() to run out of
-+ memory itself. This is not a problem for ext2 and friends, because their
-+ ->vm_writeback() don't allocate much memory, but reiser4 flush is
-+ definitely able to allocate huge amounts of memory.
-+
-+ It seems that there is no reliable way to cope with the problems above. In
-+ stead it was decided that ->vm_writeback() (as invoked in the kswapd
-+ context) wouldn't perform any flushing itself, but rather should just wake
-+ up some auxiliary thread dedicated for this purpose (or, the same thread
-+ that does periodic commit of old atoms (ktxnmgrd.c)).
-+
-+ Details:
-+
-+ 1. Page is called `reclaimable' against particular reiser4 mount F if this
-+ page can be ultimately released by try_to_free_pages() under presumptions
-+ that:
-+
-+ a. ->vm_writeback() for F is no-op, and
-+
-+ b. none of the threads accessing F are making any progress, and
-+
-+ c. other reiser4 mounts obey the same memory reservation protocol as F
-+ (described below).
-+
-+ For example, clean un-pinned page, or page occupied by ext2 data are
-+ reclaimable against any reiser4 mount.
-+
-+ When there is more than one reiser4 mount in a system, condition (c) makes
-+ reclaim-ability not easily verifiable beyond trivial cases mentioned above.
-+
-+ THIS COMMENT IS VALID FOR "MANY BLOCKS ON PAGE" CASE
-+
-+ Fake inode is used to bound formatted nodes and each node is indexed within
-+ fake inode by its block number. If block size of smaller than page size, it
-+ may so happen that block mapped to the page with formatted node is occupied
-+ by unformatted node or is unallocated. This lead to some complications,
-+ because flushing whole page can lead to an incorrect overwrite of
-+ unformatted node that is moreover, can be cached in some other place as
-+ part of the file body. To avoid this, buffers for unformatted nodes are
-+ never marked dirty. Also pages in the fake are never marked dirty. This
-+ rules out usage of ->writepage() as memory pressure hook. In stead
-+ ->releasepage() is used.
-+
-+ Josh is concerned that page->buffer is going to die. This should not pose
-+ significant problem though, because we need to add some data structures to
-+ the page anyway (jnode) and all necessary book keeping can be put there.
-+
-+*/
-+
-+/* Life cycle of pages/nodes.
-+
-+ jnode contains reference to page and page contains reference back to
-+ jnode. This reference is counted in page ->count. Thus, page bound to jnode
-+ cannot be released back into free pool.
-+
-+ 1. Formatted nodes.
-+
-+ 1. formatted node is represented by znode. When new znode is created its
-+ ->pg pointer is NULL initially.
-+
-+ 2. when node content is loaded into znode (by call to zload()) for the
-+ first time following happens (in call to ->read_node() or
-+ ->allocate_node()):
-+
-+ 1. new page is added to the page cache.
-+
-+ 2. this page is attached to znode and its ->count is increased.
-+
-+ 3. page is kmapped.
-+
-+ 3. if more calls to zload() follow (without corresponding zrelses), page
-+ counter is left intact and in its stead ->d_count is increased in znode.
-+
-+ 4. each call to zrelse decreases ->d_count. When ->d_count drops to zero
-+ ->release_node() is called and page is kunmapped as result.
-+
-+ 5. at some moment node can be captured by a transaction. Its ->x_count
-+ is then increased by transaction manager.
-+
-+ 6. if node is removed from the tree (empty node with JNODE_HEARD_BANSHEE
-+ bit set) following will happen (also see comment at the top of znode.c):
-+
-+ 1. when last lock is released, node will be uncaptured from
-+ transaction. This released reference that transaction manager acquired
-+ at the step 5.
-+
-+ 2. when last reference is released, zput() detects that node is
-+ actually deleted and calls ->delete_node()
-+ operation. page_cache_delete_node() implementation detaches jnode from
-+ page and releases page.
-+
-+ 7. otherwise (node wasn't removed from the tree), last reference to
-+ znode will be released after transaction manager committed transaction
-+ node was in. This implies squallocing of this node (see
-+ flush.c). Nothing special happens at this point. Znode is still in the
-+ hash table and page is still attached to it.
-+
-+ 8. znode is actually removed from the memory because of the memory
-+ pressure, or during umount (znodes_tree_done()). Anyway, znode is
-+ removed by the call to zdrop(). At this moment, page is detached from
-+ znode and removed from the inode address space.
-+
-+*/
-+
-+#include "debug.h"
-+#include "dformat.h"
-+#include "key.h"
-+#include "txnmgr.h"
-+#include "jnode.h"
-+#include "znode.h"
-+#include "block_alloc.h"
-+#include "tree.h"
-+#include "vfs_ops.h"
-+#include "inode.h"
-+#include "super.h"
-+#include "entd.h"
-+#include "page_cache.h"
-+#include "ktxnmgrd.h"
-+
-+#include <linux/types.h>
-+#include <linux/fs.h>
-+#include <linux/mm.h> /* for struct page */
-+#include <linux/swap.h> /* for struct page */
-+#include <linux/pagemap.h>
-+#include <linux/bio.h>
-+#include <linux/writeback.h>
-+#include <linux/blkdev.h>
-+
-+static struct bio *page_bio(struct page *, jnode *, int rw, gfp_t gfp);
-+
-+static struct address_space_operations formatted_fake_as_ops;
-+
-+static const oid_t fake_ino = 0x1;
-+static const oid_t bitmap_ino = 0x2;
-+static const oid_t cc_ino = 0x3;
-+
-+static void
-+init_fake_inode(struct super_block *super, struct inode *fake,
-+ struct inode **pfake)
-+{
-+ assert("nikita-2168", fake->i_state & I_NEW);
-+ fake->i_mapping->a_ops = &formatted_fake_as_ops;
-+ *pfake = fake;
-+ /* NOTE-NIKITA something else? */
-+ unlock_new_inode(fake);
-+}
-+
-+/**
-+ * init_formatted_fake - iget inodes for formatted nodes and bitmaps
-+ * @super: super block to init fake inode for
-+ *
-+ * Initializes fake inode to which formatted nodes are bound in the page cache
-+ * and inode for bitmaps.
-+ */
-+int init_formatted_fake(struct super_block *super)
-+{
-+ struct inode *fake;
-+ struct inode *bitmap;
-+ struct inode *cc;
-+ reiser4_super_info_data *sinfo;
-+
-+ assert("nikita-1703", super != NULL);
-+
-+ sinfo = get_super_private_nocheck(super);
-+ fake = iget_locked(super, oid_to_ino(fake_ino));
-+
-+ if (fake != NULL) {
-+ init_fake_inode(super, fake, &sinfo->fake);
-+
-+ bitmap = iget_locked(super, oid_to_ino(bitmap_ino));
-+ if (bitmap != NULL) {
-+ init_fake_inode(super, bitmap, &sinfo->bitmap);
-+
-+ cc = iget_locked(super, oid_to_ino(cc_ino));
-+ if (cc != NULL) {
-+ init_fake_inode(super, cc, &sinfo->cc);
-+ return 0;
-+ } else {
-+ iput(sinfo->fake);
-+ iput(sinfo->bitmap);
-+ sinfo->fake = NULL;
-+ sinfo->bitmap = NULL;
-+ }
-+ } else {
-+ iput(sinfo->fake);
-+ sinfo->fake = NULL;
-+ }
-+ }
-+ return RETERR(-ENOMEM);
-+}
-+
-+/**
-+ * done_formatted_fake - release inode used by formatted nodes and bitmaps
-+ * @super: super block to init fake inode for
-+ *
-+ * Releases inodes which were used as address spaces of bitmap and formatted
-+ * nodes.
-+ */
-+void done_formatted_fake(struct super_block *super)
-+{
-+ reiser4_super_info_data *sinfo;
-+
-+ sinfo = get_super_private_nocheck(super);
-+
-+ if (sinfo->fake != NULL) {
-+ assert("vs-1426", sinfo->fake->i_data.nrpages == 0);
-+ iput(sinfo->fake);
-+ sinfo->fake = NULL;
-+ }
-+
-+ if (sinfo->bitmap != NULL) {
-+ iput(sinfo->bitmap);
-+ sinfo->bitmap = NULL;
-+ }
-+
-+ if (sinfo->cc != NULL) {
-+ iput(sinfo->cc);
-+ sinfo->cc = NULL;
-+ }
-+ return;
-+}
-+
-+void reiser4_wait_page_writeback(struct page *page)
-+{
-+ assert("zam-783", PageLocked(page));
-+
-+ do {
-+ unlock_page(page);
-+ wait_on_page_writeback(page);
-+ lock_page(page);
-+ } while (PageWriteback(page));
-+}
-+
-+/* return tree @page is in */
-+reiser4_tree *tree_by_page(const struct page *page /* page to query */ )
-+{
-+ assert("nikita-2461", page != NULL);
-+ return &get_super_private(page->mapping->host->i_sb)->tree;
-+}
-+
-+/* completion handler for single page bio-based read.
-+
-+ mpage_end_io_read() would also do. But it's static.
-+
-+*/
-+static int
-+end_bio_single_page_read(struct bio *bio, unsigned int bytes_done UNUSED_ARG,
-+ int err UNUSED_ARG)
-+{
-+ struct page *page;
-+
-+ if (bio->bi_size != 0) {
-+ warning("nikita-3332", "Truncated single page read: %i",
-+ bio->bi_size);
-+ return 1;
-+ }
-+
-+ page = bio->bi_io_vec[0].bv_page;
-+
-+ if (test_bit(BIO_UPTODATE, &bio->bi_flags)) {
-+ SetPageUptodate(page);
-+ } else {
-+ ClearPageUptodate(page);
-+ SetPageError(page);
-+ }
-+ unlock_page(page);
-+ bio_put(bio);
-+ return 0;
-+}
-+
-+/* completion handler for single page bio-based write.
-+
-+ mpage_end_io_write() would also do. But it's static.
-+
-+*/
-+static int
-+end_bio_single_page_write(struct bio *bio, unsigned int bytes_done UNUSED_ARG,
-+ int err UNUSED_ARG)
-+{
-+ struct page *page;
-+
-+ if (bio->bi_size != 0) {
-+ warning("nikita-3333", "Truncated single page write: %i",
-+ bio->bi_size);
-+ return 1;
-+ }
-+
-+ page = bio->bi_io_vec[0].bv_page;
-+
-+ if (!test_bit(BIO_UPTODATE, &bio->bi_flags))
-+ SetPageError(page);
-+ end_page_writeback(page);
-+ bio_put(bio);
-+ return 0;
-+}
-+
-+/* ->readpage() method for formatted nodes */
-+static int formatted_readpage(struct file *f UNUSED_ARG,
-+ struct page *page /* page to read */ )
-+{
-+ assert("nikita-2412", PagePrivate(page) && jprivate(page));
-+ return page_io(page, jprivate(page), READ, get_gfp_mask());
-+}
-+
-+/**
-+ * page_io - submit single-page bio request
-+ * @page: page to perform io for
-+ * @node: jnode of page
-+ * @rw: read or write
-+ * @gfp: gfp mask for bio allocation
-+ *
-+ * Submits single page read or write.
-+ */
-+int page_io(struct page *page, jnode *node, int rw, gfp_t gfp)
-+{
-+ struct bio *bio;
-+ int result;
-+
-+ assert("nikita-2094", page != NULL);
-+ assert("nikita-2226", PageLocked(page));
-+ assert("nikita-2634", node != NULL);
-+ assert("nikita-2893", rw == READ || rw == WRITE);
-+
-+ if (rw) {
-+ if (unlikely(page->mapping->host->i_sb->s_flags & MS_RDONLY)) {
-+ unlock_page(page);
-+ return 0;
-+ }
-+ }
-+
-+ bio = page_bio(page, node, rw, gfp);
-+ if (!IS_ERR(bio)) {
-+ if (rw == WRITE) {
-+ SetPageWriteback(page);
-+ unlock_page(page);
-+ }
-+ reiser4_submit_bio(rw, bio);
-+ result = 0;
-+ } else {
-+ unlock_page(page);
-+ result = PTR_ERR(bio);
-+ }
-+
-+ return result;
-+}
-+
-+/* helper function to construct bio for page */
-+static struct bio *page_bio(struct page *page, jnode * node, int rw, gfp_t gfp)
-+{
-+ struct bio *bio;
-+ assert("nikita-2092", page != NULL);
-+ assert("nikita-2633", node != NULL);
-+
-+ /* Simple implementation in the assumption that blocksize == pagesize.
-+
-+ We only have to submit one block, but submit_bh() will allocate bio
-+ anyway, so lets use all the bells-and-whistles of bio code.
-+ */
-+
-+ bio = bio_alloc(gfp, 1);
-+ if (bio != NULL) {
-+ int blksz;
-+ struct super_block *super;
-+ reiser4_block_nr blocknr;
-+
-+ super = page->mapping->host->i_sb;
-+ assert("nikita-2029", super != NULL);
-+ blksz = super->s_blocksize;
-+ assert("nikita-2028", blksz == (int)PAGE_CACHE_SIZE);
-+
-+ spin_lock_jnode(node);
-+ blocknr = *jnode_get_io_block(node);
-+ spin_unlock_jnode(node);
-+
-+ assert("nikita-2275", blocknr != (reiser4_block_nr) 0);
-+ assert("nikita-2276", !blocknr_is_fake(&blocknr));
-+
-+ bio->bi_bdev = super->s_bdev;
-+ /* fill bio->bi_sector before calling bio_add_page(), because
-+ * q->merge_bvec_fn may want to inspect it (see
-+ * drivers/md/linear.c:linear_mergeable_bvec() for example. */
-+ bio->bi_sector = blocknr * (blksz >> 9);
-+
-+ if (!bio_add_page(bio, page, blksz, 0)) {
-+ warning("nikita-3452",
-+ "Single page bio cannot be constructed");
-+ return ERR_PTR(RETERR(-EINVAL));
-+ }
-+
-+ /* bio -> bi_idx is filled by bio_init() */
-+ bio->bi_end_io = (rw == READ) ?
-+ end_bio_single_page_read : end_bio_single_page_write;
-+
-+ return bio;
-+ } else
-+ return ERR_PTR(RETERR(-ENOMEM));
-+}
-+
-+/* this function is internally called by jnode_make_dirty() */
-+int set_page_dirty_internal(struct page *page)
-+{
-+ struct address_space *mapping;
-+
-+ mapping = page->mapping;
-+ BUG_ON(mapping == NULL);
-+
-+ if (!TestSetPageDirty(page)) {
-+ if (mapping_cap_account_dirty(mapping))
-+ inc_page_state(nr_dirty);
-+
-+ __mark_inode_dirty(mapping->host, I_DIRTY_PAGES);
-+ }
-+
-+ /* znode must be dirty ? */
-+ if (mapping->host == get_super_fake(mapping->host->i_sb))
-+ assert("", JF_ISSET(jprivate(page), JNODE_DIRTY));
-+ return 0;
-+}
-+
-+#if REISER4_DEBUG
-+
-+/**
-+ * can_hit_entd
-+ *
-+ * This is used on
-+ */
-+static int can_hit_entd(reiser4_context *ctx, struct super_block *s)
-+{
-+ if (ctx == NULL || ((unsigned long)ctx->magic) != context_magic)
-+ return 1;
-+ if (ctx->super != s)
-+ return 1;
-+ if (get_super_private(s)->entd.tsk == current)
-+ return 0;
-+ if (!lock_stack_isclean(&ctx->stack))
-+ return 0;
-+ if (ctx->trans->atom != NULL)
-+ return 0;
-+ return 1;
-+}
-+
-+#endif
-+
-+/**
-+ * reiser4_writepage - writepage of struct address_space_operations
-+ * @page: page to write
-+ * @wbc:
-+ *
-+ *
-+ */
-+/* Common memory pressure notification. */
-+int reiser4_writepage(struct page *page,
-+ struct writeback_control *wbc)
-+{
-+ struct super_block *s;
-+ reiser4_context *ctx;
-+
-+ assert("vs-828", PageLocked(page));
-+
-+ s = page->mapping->host->i_sb;
-+ ctx = get_current_context_check();
-+
-+ assert("", can_hit_entd(ctx, s));
-+
-+ return write_page_by_ent(page, wbc);
-+}
-+
-+/* ->set_page_dirty() method of formatted address_space */
-+static int formatted_set_page_dirty(struct page *page)
-+{
-+ assert("nikita-2173", page != NULL);
-+ BUG();
-+ return __set_page_dirty_nobuffers(page);
-+}
-+
-+/* writepages method of address space operations in reiser4 is used to involve
-+ into transactions pages which are dirtied via mmap. Only regular files can
-+ have such pages. Fake inode is used to access formatted nodes via page
-+ cache. As formatted nodes can never be mmaped, fake inode's writepages has
-+ nothing to do */
-+static int
-+writepages_fake(struct address_space *mapping, struct writeback_control *wbc)
-+{
-+ return 0;
-+}
-+
-+/* address space operations for the fake inode */
-+static struct address_space_operations formatted_fake_as_ops = {
-+ /* Perform a writeback of a single page as a memory-freeing
-+ * operation. */
-+ .writepage = reiser4_writepage,
-+ /* this is called to read formatted node */
-+ .readpage = formatted_readpage,
-+ /* ->sync_page() method of fake inode address space operations. Called
-+ from wait_on_page() and lock_page().
-+
-+ This is most annoyingly misnomered method. Actually it is called
-+ from wait_on_page_bit() and lock_page() and its purpose is to
-+ actually start io by jabbing device drivers.
-+ */
-+ .sync_page = block_sync_page,
-+ /* Write back some dirty pages from this mapping. Called from sync.
-+ called during sync (pdflush) */
-+ .writepages = writepages_fake,
-+ /* Set a page dirty */
-+ .set_page_dirty = formatted_set_page_dirty,
-+ /* used for read-ahead. Not applicable */
-+ .readpages = NULL,
-+ .prepare_write = NULL,
-+ .commit_write = NULL,
-+ .bmap = NULL,
-+ /* called just before page is being detached from inode mapping and
-+ removed from memory. Called on truncate, cut/squeeze, and
-+ umount. */
-+ .invalidatepage = reiser4_invalidatepage,
-+ /* this is called by shrink_cache() so that file system can try to
-+ release objects (jnodes, buffers, journal heads) attached to page
-+ and, may be made page itself free-able.
-+ */
-+ .releasepage = reiser4_releasepage,
-+ .direct_IO = NULL
-+};
-+
-+/* called just before page is released (no longer used by reiser4). Callers:
-+ jdelete() and extent2tail(). */
-+void drop_page(struct page *page)
-+{
-+ assert("nikita-2181", PageLocked(page));
-+ clear_page_dirty_for_io(page);
-+ ClearPageUptodate(page);
-+#if defined(PG_skipped)
-+ ClearPageSkipped(page);
-+#endif
-+ if (page->mapping != NULL) {
-+ remove_from_page_cache(page);
-+ unlock_page(page);
-+ page_cache_release(page);
-+ } else
-+ unlock_page(page);
-+}
-+
-+/* this is called by truncate_jnodes_range which in its turn is always called
-+ after truncate_mapping_pages_range. Therefore, here jnode can not have
-+ page. New pages can not be created because truncate_jnodes_range goes under
-+ exclusive access on file obtained, where as new page creation requires
-+ non-exclusive access obtained */
-+static void invalidate_unformatted(jnode * node)
-+{
-+ struct page *page;
-+
-+ spin_lock_jnode(node);
-+ page = node->pg;
-+ if (page) {
-+ loff_t from, to;
-+
-+ page_cache_get(page);
-+ spin_unlock_jnode(node);
-+ /* FIXME: use truncate_complete_page instead */
-+ from = (loff_t) page->index << PAGE_CACHE_SHIFT;
-+ to = from + PAGE_CACHE_SIZE - 1;
-+ truncate_inode_pages_range(page->mapping, from, to);
-+ page_cache_release(page);
-+ } else {
-+ JF_SET(node, JNODE_HEARD_BANSHEE);
-+ uncapture_jnode(node);
-+ unhash_unformatted_jnode(node);
-+ }
-+}
-+
-+#define JNODE_GANG_SIZE (16)
-+
-+/* find all eflushed jnodes from range specified and invalidate them */
-+static int
-+truncate_jnodes_range(struct inode *inode, pgoff_t from, pgoff_t count)
-+{
-+ reiser4_inode *info;
-+ int truncated_jnodes;
-+ reiser4_tree *tree;
-+ unsigned long index;
-+ unsigned long end;
-+
-+ truncated_jnodes = 0;
-+
-+ info = reiser4_inode_data(inode);
-+ tree = tree_by_inode(inode);
-+
-+ index = from;
-+ end = from + count;
-+
-+ while (1) {
-+ jnode *gang[JNODE_GANG_SIZE];
-+ int taken;
-+ int i;
-+ jnode *node;
-+
-+ assert("nikita-3466", index <= end);
-+
-+ read_lock_tree(tree);
-+ taken =
-+ radix_tree_gang_lookup(jnode_tree_by_reiser4_inode(info),
-+ (void **)gang, index,
-+ JNODE_GANG_SIZE);
-+ for (i = 0; i < taken; ++i) {
-+ node = gang[i];
-+ if (index_jnode(node) < end)
-+ jref(node);
-+ else
-+ gang[i] = NULL;
-+ }
-+ read_unlock_tree(tree);
-+
-+ for (i = 0; i < taken; ++i) {
-+ node = gang[i];
-+ if (node != NULL) {
-+ index = max(index, index_jnode(node));
-+ invalidate_unformatted(node);
-+ truncated_jnodes++;
-+ jput(node);
-+ } else
-+ break;
-+ }
-+ if (i != taken || taken == 0)
-+ break;
-+ }
-+ return truncated_jnodes;
-+}
-+
-+void
-+reiser4_invalidate_pages(struct address_space *mapping, pgoff_t from,
-+ unsigned long count, int even_cows)
-+{
-+ loff_t from_bytes, count_bytes;
-+
-+ if (count == 0)
-+ return;
-+ from_bytes = ((loff_t) from) << PAGE_CACHE_SHIFT;
-+ count_bytes = ((loff_t) count) << PAGE_CACHE_SHIFT;
-+
-+ unmap_mapping_range(mapping, from_bytes, count_bytes, even_cows);
-+ truncate_inode_pages_range(mapping, from_bytes,
-+ from_bytes + count_bytes - 1);
-+ truncate_jnodes_range(mapping->host, from, count);
-+}
-+
-+/*
-+ * Local variables:
-+ * c-indentation-style: "K&R"
-+ * mode-name: "LC"
-+ * c-basic-offset: 8
-+ * tab-width: 8
-+ * fill-column: 120
-+ * scroll-step: 1
-+ * End:
-+ */
-Index: linux-2.6.16/fs/reiser4/page_cache.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/page_cache.h
-@@ -0,0 +1,62 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+/* Memory pressure hooks. Fake inodes handling. See page_cache.c. */
-+
-+#if !defined( __REISER4_PAGE_CACHE_H__ )
-+#define __REISER4_PAGE_CACHE_H__
-+
-+#include "forward.h"
-+#include "debug.h"
-+
-+#include <linux/fs.h> /* for struct super_block, address_space */
-+#include <linux/mm.h> /* for struct page */
-+#include <linux/pagemap.h> /* for lock_page() */
-+
-+
-+extern int init_formatted_fake(struct super_block *);
-+extern void done_formatted_fake(struct super_block *);
-+
-+extern reiser4_tree *tree_by_page(const struct page *);
-+
-+extern int set_page_dirty_internal(struct page *);
-+
-+#define reiser4_submit_bio(rw, bio) submit_bio((rw), (bio))
-+
-+extern void reiser4_wait_page_writeback(struct page *);
-+static inline void lock_and_wait_page_writeback(struct page *page)
-+{
-+ lock_page(page);
-+ if (unlikely(PageWriteback(page)))
-+ reiser4_wait_page_writeback(page);
-+}
-+
-+#define jprivate(page) ((jnode *)page_private(page))
-+
-+extern int page_io(struct page *, jnode *, int rw, gfp_t);
-+extern void drop_page(struct page *);
-+extern void reiser4_invalidate_pages(struct address_space *, pgoff_t from,
-+ unsigned long count, int even_cows);
-+extern void capture_reiser4_inodes(struct super_block *,
-+ struct writeback_control *);
-+
-+#define PAGECACHE_TAG_REISER4_MOVED PAGECACHE_TAG_DIRTY
-+
-+#if REISER4_DEBUG
-+extern void print_page(const char *prefix, struct page *page);
-+#else
-+#define print_page(prf, p) noop
-+#endif
-+
-+/* __REISER4_PAGE_CACHE_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/Makefile
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/Makefile
-@@ -0,0 +1,26 @@
-+obj-$(CONFIG_REISER4_FS) += plugins.o
-+
-+plugins-objs := \
-+ plugin.o \
-+ plugin_set.o \
-+ object.o \
-+ inode_ops.o \
-+ inode_ops_rename.o \
-+ file_ops.o \
-+ file_ops_readdir.o \
-+ file_plugin_common.o \
-+ dir_plugin_common.o \
-+ digest.o \
-+ hash.o \
-+ fibration.o \
-+ tail_policy.o \
-+ regular.o
-+
-+obj-$(CONFIG_REISER4_FS) += item/
-+obj-$(CONFIG_REISER4_FS) += file/
-+obj-$(CONFIG_REISER4_FS) += dir/
-+obj-$(CONFIG_REISER4_FS) += node/
-+obj-$(CONFIG_REISER4_FS) += compress/
-+obj-$(CONFIG_REISER4_FS) += space/
-+obj-$(CONFIG_REISER4_FS) += disk_format/
-+obj-$(CONFIG_REISER4_FS) += security/
-Index: linux-2.6.16/fs/reiser4/plugin/cluster.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/cluster.c
-@@ -0,0 +1,66 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* Contains reiser4 cluster plugins (see
-+ http://www.namesys.com/cryptcompress_design.html
-+ "Concepts of clustering" for details). */
-+
-+#include "plugin_header.h"
-+#include "plugin.h"
-+#include "../inode.h"
-+
-+static int change_cluster(struct inode *inode, reiser4_plugin * plugin)
-+{
-+ int result = 0;
-+
-+ assert("edward-1324", inode != NULL);
-+ assert("edward-1325", plugin != NULL);
-+ assert("edward-1326", is_reiser4_inode(inode));
-+ assert("edward-1327", plugin->h.type_id == REISER4_CLUSTER_PLUGIN_TYPE);
-+
-+ if (inode_file_plugin(inode)->h.id == DIRECTORY_FILE_PLUGIN_ID)
-+ result = plugin_set_cluster(&reiser4_inode_data(inode)->pset,
-+ &plugin->clust);
-+ else
-+ result = RETERR(-EINVAL);
-+ return result;
-+}
-+
-+static reiser4_plugin_ops cluster_plugin_ops = {
-+ .init = NULL,
-+ .load = NULL,
-+ .save_len = NULL,
-+ .save = NULL,
-+ .change = &change_cluster
-+};
-+
-+#define SUPPORT_CLUSTER(SHIFT, ID, LABEL, DESC) \
-+ [CLUSTER_ ## ID ## _ID] = { \
-+ .h = { \
-+ .type_id = REISER4_CLUSTER_PLUGIN_TYPE, \
-+ .id = CLUSTER_ ## ID ## _ID, \
-+ .pops = &cluster_plugin_ops, \
-+ .label = LABEL, \
-+ .desc = DESC, \
-+ .linkage = {NULL, NULL} \
-+ }, \
-+ .shift = SHIFT \
-+ }
-+
-+cluster_plugin cluster_plugins[LAST_CLUSTER_ID] = {
-+ SUPPORT_CLUSTER(16, 64K, "64K", "Large"),
-+ SUPPORT_CLUSTER(15, 32K, "32K", "Big"),
-+ SUPPORT_CLUSTER(14, 16K, "16K", "Average"),
-+ SUPPORT_CLUSTER(13, 8K, "8K", "Small"),
-+ SUPPORT_CLUSTER(12, 4K, "4K", "Minimal")
-+};
-+
-+/*
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/cluster.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/cluster.h
-@@ -0,0 +1,316 @@
-+/* Copyright 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* This file contains page/cluster index translators and offset modulators
-+ See http://www.namesys.com/cryptcompress_design.html for details */
-+
-+#if !defined( __FS_REISER4_CLUSTER_H__ )
-+#define __FS_REISER4_CLUSTER_H__
-+
-+#include "../inode.h"
-+
-+static inline int inode_cluster_shift(struct inode *inode)
-+{
-+ assert("edward-92", inode != NULL);
-+ assert("edward-93", reiser4_inode_data(inode) != NULL);
-+
-+ return inode_cluster_plugin(inode)->shift;
-+}
-+
-+static inline unsigned cluster_nrpages_shift(struct inode *inode)
-+{
-+ return inode_cluster_shift(inode) - PAGE_CACHE_SHIFT;
-+}
-+
-+/* cluster size in page units */
-+static inline unsigned cluster_nrpages(struct inode *inode)
-+{
-+ return 1U << cluster_nrpages_shift(inode);
-+}
-+
-+static inline size_t inode_cluster_size(struct inode *inode)
-+{
-+ assert("edward-96", inode != NULL);
-+
-+ return 1U << inode_cluster_shift(inode);
-+}
-+
-+static inline cloff_t pg_to_clust(pgoff_t idx, struct inode *inode)
-+{
-+ return idx >> cluster_nrpages_shift(inode);
-+}
-+
-+static inline pgoff_t clust_to_pg(cloff_t idx, struct inode *inode)
-+{
-+ return idx << cluster_nrpages_shift(inode);
-+}
-+
-+static inline pgoff_t pg_to_clust_to_pg(pgoff_t idx, struct inode *inode)
-+{
-+ return clust_to_pg(pg_to_clust(idx, inode), inode);
-+}
-+
-+static inline pgoff_t off_to_pg(loff_t off)
-+{
-+ return (off >> PAGE_CACHE_SHIFT);
-+}
-+
-+static inline loff_t pg_to_off(pgoff_t idx)
-+{
-+ return ((loff_t) (idx) << PAGE_CACHE_SHIFT);
-+}
-+
-+static inline cloff_t off_to_clust(loff_t off, struct inode *inode)
-+{
-+ return off >> inode_cluster_shift(inode);
-+}
-+
-+static inline loff_t clust_to_off(cloff_t idx, struct inode *inode)
-+{
-+ return (loff_t) idx << inode_cluster_shift(inode);
-+}
-+
-+static inline unsigned long count_to_nr(loff_t count, unsigned shift)
-+{
-+ return (count + (1UL << shift) - 1) >> shift;
-+}
-+
-+/* number of pages occupied by @count bytes */
-+static inline pgoff_t count_to_nrpages(loff_t count)
-+{
-+ return count_to_nr(count, PAGE_CACHE_SHIFT);
-+}
-+
-+/* number of clusters occupied by @count bytes */
-+static inline cloff_t count_to_nrclust(loff_t count, struct inode *inode)
-+{
-+ return count_to_nr(count, inode_cluster_shift(inode));
-+}
-+
-+/* number of clusters occupied by @count pages */
-+static inline cloff_t pgcount_to_nrclust(pgoff_t count, struct inode *inode)
-+{
-+ return count_to_nr(count, cluster_nrpages_shift(inode));
-+}
-+
-+static inline loff_t off_to_clust_to_off(loff_t off, struct inode *inode)
-+{
-+ return clust_to_off(off_to_clust(off, inode), inode);
-+}
-+
-+static inline pgoff_t off_to_clust_to_pg(loff_t off, struct inode *inode)
-+{
-+ return clust_to_pg(off_to_clust(off, inode), inode);
-+}
-+
-+static inline unsigned off_to_pgoff(loff_t off)
-+{
-+ return off & (PAGE_CACHE_SIZE - 1);
-+}
-+
-+static inline unsigned off_to_cloff(loff_t off, struct inode *inode)
-+{
-+ return off & ((loff_t) (inode_cluster_size(inode)) - 1);
-+}
-+
-+static inline unsigned
-+pg_to_off_to_cloff(unsigned long idx, struct inode *inode)
-+{
-+ return off_to_cloff(pg_to_off(idx), inode);
-+}
-+
-+/* if @size != 0, returns index of the page
-+ which contains the last byte of the file */
-+static inline pgoff_t size_to_pg(loff_t size)
-+{
-+ return (size ? off_to_pg(size - 1) : 0);
-+}
-+
-+/* minimal index of the page which doesn't contain
-+ file data */
-+static inline pgoff_t size_to_next_pg(loff_t size)
-+{
-+ return (size ? off_to_pg(size - 1) + 1 : 0);
-+}
-+
-+/* how many bytes of file of size @cnt can be contained
-+ in page of index @idx */
-+static inline unsigned cnt_to_pgcnt(loff_t cnt, pgoff_t idx)
-+{
-+ if (idx > off_to_pg(cnt))
-+ return 0;
-+ if (idx < off_to_pg(cnt))
-+ return PAGE_CACHE_SIZE;
-+ return off_to_pgoff(cnt);
-+}
-+
-+/* how many bytes of file of size @cnt can be contained
-+ in logical cluster of index @idx */
-+static inline unsigned cnt_to_clcnt(loff_t cnt, cloff_t idx,
-+ struct inode *inode)
-+{
-+ if (idx > off_to_clust(cnt, inode))
-+ return 0;
-+ if (idx < off_to_clust(cnt, inode))
-+ return inode_cluster_size(inode);
-+ return off_to_cloff(cnt, inode);
-+}
-+
-+static inline unsigned
-+fsize_to_count(reiser4_cluster_t * clust, struct inode *inode)
-+{
-+ assert("edward-288", clust != NULL);
-+ assert("edward-289", inode != NULL);
-+
-+ return cnt_to_clcnt(inode->i_size, clust->index, inode);
-+}
-+
-+static inline int
-+cluster_is_complete(reiser4_cluster_t * clust, struct inode * inode)
-+{
-+ return clust->tc.lsize == inode_cluster_size(inode);
-+}
-+
-+static inline void reiser4_slide_init(reiser4_slide_t * win)
-+{
-+ assert("edward-1084", win != NULL);
-+ memset(win, 0, sizeof *win);
-+}
-+
-+static inline void
-+tfm_cluster_init_act(tfm_cluster_t * tc, tfm_action act)
-+{
-+ assert("edward-1356", tc != NULL);
-+ tc->act = act;
-+}
-+
-+static inline void
-+cluster_init_act (reiser4_cluster_t * clust, tfm_action act, reiser4_slide_t * window){
-+ assert("edward-84", clust != NULL);
-+ memset(clust, 0, sizeof *clust);
-+ tfm_cluster_init_act(&clust->tc, act);
-+ clust->dstat = INVAL_DISK_CLUSTER;
-+ clust->win = window;
-+}
-+
-+static inline void
-+cluster_init_read(reiser4_cluster_t * clust, reiser4_slide_t * window)
-+{
-+ cluster_init_act (clust, TFM_READ_ACT, window);
-+}
-+
-+static inline void
-+cluster_init_write(reiser4_cluster_t * clust, reiser4_slide_t * window)
-+{
-+ cluster_init_act (clust, TFM_WRITE_ACT, window);
-+}
-+
-+static inline int dclust_get_extension(hint_t * hint)
-+{
-+ return hint->ext_coord.extension.ctail.shift;
-+}
-+
-+static inline void dclust_set_extension(hint_t * hint)
-+{
-+ assert("edward-1270",
-+ item_id_by_coord(&hint->ext_coord.coord) == CTAIL_ID);
-+ hint->ext_coord.extension.ctail.shift =
-+ cluster_shift_by_coord(&hint->ext_coord.coord);
-+}
-+
-+static inline int hint_is_unprepped_dclust(hint_t * hint)
-+{
-+ return dclust_get_extension(hint) == (int)UCTAIL_SHIFT;
-+}
-+
-+static inline void coord_set_between_clusters(coord_t * coord)
-+{
-+#if REISER4_DEBUG
-+ int result;
-+ result = zload(coord->node);
-+ assert("edward-1296", !result);
-+#endif
-+ if (!coord_is_between_items(coord)) {
-+ coord->between = AFTER_ITEM;
-+ coord->unit_pos = 0;
-+ }
-+#if REISER4_DEBUG
-+ zrelse(coord->node);
-+#endif
-+}
-+
-+int inflate_cluster(reiser4_cluster_t *, struct inode *);
-+int find_cluster(reiser4_cluster_t *, struct inode *, int read, int write);
-+void forget_cluster_pages(struct page **page, int nrpages);
-+int flush_cluster_pages(reiser4_cluster_t *, jnode *, struct inode *);
-+int deflate_cluster(reiser4_cluster_t *, struct inode *);
-+void truncate_page_cluster(struct inode *inode, cloff_t start);
-+void invalidate_hint_cluster(reiser4_cluster_t * clust);
-+void put_hint_cluster(reiser4_cluster_t * clust, struct inode *inode,
-+ znode_lock_mode mode);
-+int get_disk_cluster_locked(reiser4_cluster_t * clust, struct inode *inode,
-+ znode_lock_mode lock_mode);
-+void reset_cluster_params(reiser4_cluster_t * clust);
-+int set_cluster_by_page(reiser4_cluster_t * clust, struct page * page,
-+ int count);
-+int prepare_page_cluster(struct inode *inode, reiser4_cluster_t * clust,
-+ int capture);
-+void release_cluster_pages(reiser4_cluster_t *);
-+void put_cluster_handle(reiser4_cluster_t * clust);
-+int grab_tfm_stream(struct inode *inode, tfm_cluster_t * tc, tfm_stream_id id);
-+int tfm_cluster_is_uptodate(tfm_cluster_t * tc);
-+void tfm_cluster_set_uptodate(tfm_cluster_t * tc);
-+void tfm_cluster_clr_uptodate(tfm_cluster_t * tc);
-+
-+/* move cluster handle to the target position
-+ specified by the page of index @pgidx
-+*/
-+static inline void
-+move_cluster_forward(reiser4_cluster_t * clust, struct inode *inode,
-+ pgoff_t pgidx, int *progress)
-+{
-+ assert("edward-1297", clust != NULL);
-+ assert("edward-1298", inode != NULL);
-+
-+ reset_cluster_params(clust);
-+ if (*progress &&
-+ /* Hole in the indices. Hint became invalid and can not be
-+ used by find_cluster_item() even if seal/node versions
-+ will coincide */
-+ pg_to_clust(pgidx, inode) != clust->index + 1) {
-+ unset_hint(clust->hint);
-+ invalidate_hint_cluster(clust);
-+ }
-+ *progress = 1;
-+ clust->index = pg_to_clust(pgidx, inode);
-+}
-+
-+static inline int
-+alloc_clust_pages(reiser4_cluster_t * clust, struct inode *inode)
-+{
-+ assert("edward-791", clust != NULL);
-+ assert("edward-792", inode != NULL);
-+ clust->pages =
-+ kmalloc(sizeof(*clust->pages) << inode_cluster_shift(inode),
-+ GFP_KERNEL);
-+ if (!clust->pages)
-+ return -ENOMEM;
-+ return 0;
-+}
-+
-+static inline void free_clust_pages(reiser4_cluster_t * clust)
-+{
-+ kfree(clust->pages);
-+}
-+
-+#endif /* __FS_REISER4_CLUSTER_H__ */
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/compress/Makefile
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/compress/Makefile
-@@ -0,0 +1,6 @@
-+obj-$(CONFIG_REISER4_FS) += compress_plugins.o
-+
-+compress_plugins-objs := \
-+ compress.o \
-+ minilzo.o \
-+ compress_mode.o
-Index: linux-2.6.16/fs/reiser4/plugin/compress/compress.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/compress/compress.c
-@@ -0,0 +1,370 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+/* reiser4 compression transform plugins */
-+
-+#include "../../debug.h"
-+#include "../../inode.h"
-+#include "../plugin.h"
-+#include "minilzo.h"
-+
-+#include <linux/config.h>
-+#include <linux/zlib.h>
-+#include <linux/types.h>
-+#include <linux/hardirq.h>
-+
-+static int change_compression(struct inode *inode, reiser4_plugin * plugin)
-+{
-+ assert("edward-1316", inode != NULL);
-+ assert("edward-1317", plugin != NULL);
-+ assert("edward-1318", is_reiser4_inode(inode));
-+ assert("edward-1319",
-+ plugin->h.type_id == REISER4_COMPRESSION_PLUGIN_TYPE);
-+ /* cannot change compression plugin of already existing object */
-+ return RETERR(-EINVAL);
-+}
-+
-+static reiser4_plugin_ops compression_plugin_ops = {
-+ .init = NULL,
-+ .load = NULL,
-+ .save_len = NULL,
-+ .save = NULL,
-+ .change = &change_compression
-+};
-+
-+/******************************************************************************/
-+/* gzip1 compression */
-+/******************************************************************************/
-+
-+#define GZIP1_DEF_LEVEL Z_BEST_SPEED
-+#define GZIP1_DEF_WINBITS 15
-+#define GZIP1_DEF_MEMLEVEL MAX_MEM_LEVEL
-+
-+static int gzip1_init(void)
-+{
-+ int ret = -EINVAL;
-+#if REISER4_ZLIB
-+ ret = 0;
-+#endif
-+ if (ret == -EINVAL)
-+ warning("edward-1337", "Zlib not compiled into kernel");
-+ return ret;
-+}
-+
-+static int gzip1_overrun(unsigned src_len UNUSED_ARG)
-+{
-+ return 0;
-+}
-+
-+static coa_t gzip1_alloc(tfm_action act)
-+{
-+ coa_t coa = NULL;
-+#if REISER4_ZLIB
-+ int ret = 0;
-+ switch (act) {
-+ case TFM_WRITE_ACT: /* compress */
-+ coa = vmalloc(zlib_deflate_workspacesize());
-+ if (!coa) {
-+ ret = -ENOMEM;
-+ break;
-+ }
-+ memset(coa, 0, zlib_deflate_workspacesize());
-+ break;
-+ case TFM_READ_ACT: /* decompress */
-+ coa = vmalloc(zlib_inflate_workspacesize());
-+ if (!coa) {
-+ ret = -ENOMEM;
-+ break;
-+ }
-+ memset(coa, 0, zlib_inflate_workspacesize());
-+ break;
-+ default:
-+ impossible("edward-767",
-+ "trying to alloc workspace for unknown tfm action");
-+ }
-+ if (ret) {
-+ warning("edward-768",
-+ "alloc workspace for gzip1 (tfm action = %d) failed\n",
-+ act);
-+ return ERR_PTR(ret);
-+ }
-+#endif
-+ return coa;
-+}
-+
-+static void gzip1_free(coa_t coa, tfm_action act)
-+{
-+ assert("edward-769", coa != NULL);
-+
-+ switch (act) {
-+ case TFM_WRITE_ACT: /* compress */
-+ vfree(coa);
-+ break;
-+ case TFM_READ_ACT: /* decompress */
-+ vfree(coa);
-+ break;
-+ default:
-+ impossible("edward-770", "unknown tfm action");
-+ }
-+ return;
-+}
-+
-+static int gzip1_min_size_deflate(void)
-+{
-+ return 64;
-+}
-+
-+static void
-+gzip1_compress(coa_t coa, __u8 * src_first, unsigned src_len,
-+ __u8 * dst_first, unsigned *dst_len)
-+{
-+#if REISER4_ZLIB
-+ int ret = 0;
-+ struct z_stream_s stream;
-+
-+ memset(&stream, 0, sizeof(stream));
-+
-+ assert("edward-842", coa != NULL);
-+ assert("edward-875", src_len != 0);
-+
-+ stream.workspace = coa;
-+ ret = zlib_deflateInit2(&stream, GZIP1_DEF_LEVEL, Z_DEFLATED,
-+ -GZIP1_DEF_WINBITS, GZIP1_DEF_MEMLEVEL,
-+ Z_DEFAULT_STRATEGY);
-+ if (ret != Z_OK) {
-+ warning("edward-771", "zlib_deflateInit2 returned %d\n", ret);
-+ goto rollback;
-+ }
-+ ret = zlib_deflateReset(&stream);
-+ if (ret != Z_OK) {
-+ warning("edward-772", "zlib_deflateReset returned %d\n", ret);
-+ goto rollback;
-+ }
-+ stream.next_in = src_first;
-+ stream.avail_in = src_len;
-+ stream.next_out = dst_first;
-+ stream.avail_out = *dst_len;
-+
-+ ret = zlib_deflate(&stream, Z_FINISH);
-+ if (ret != Z_STREAM_END) {
-+ if (ret != Z_OK)
-+ warning("edward-773",
-+ "zlib_deflate returned %d\n", ret);
-+ goto rollback;
-+ }
-+ *dst_len = stream.total_out;
-+ return;
-+ rollback:
-+ *dst_len = src_len;
-+#endif
-+ return;
-+}
-+
-+static void
-+gzip1_decompress(coa_t coa, __u8 * src_first, unsigned src_len,
-+ __u8 * dst_first, unsigned *dst_len)
-+{
-+#if REISER4_ZLIB
-+ int ret = 0;
-+ struct z_stream_s stream;
-+
-+ memset(&stream, 0, sizeof(stream));
-+
-+ assert("edward-843", coa != NULL);
-+ assert("edward-876", src_len != 0);
-+
-+ stream.workspace = coa;
-+ ret = zlib_inflateInit2(&stream, -GZIP1_DEF_WINBITS);
-+ if (ret != Z_OK) {
-+ warning("edward-774", "zlib_inflateInit2 returned %d\n", ret);
-+ return;
-+ }
-+ ret = zlib_inflateReset(&stream);
-+ if (ret != Z_OK) {
-+ warning("edward-775", "zlib_inflateReset returned %d\n", ret);
-+ return;
-+ }
-+
-+ stream.next_in = src_first;
-+ stream.avail_in = src_len;
-+ stream.next_out = dst_first;
-+ stream.avail_out = *dst_len;
-+
-+ ret = zlib_inflate(&stream, Z_SYNC_FLUSH);
-+ /*
-+ * Work around a bug in zlib, which sometimes wants to taste an extra
-+ * byte when being used in the (undocumented) raw deflate mode.
-+ * (From USAGI).
-+ */
-+ if (ret == Z_OK && !stream.avail_in && stream.avail_out) {
-+ u8 zerostuff = 0;
-+ stream.next_in = &zerostuff;
-+ stream.avail_in = 1;
-+ ret = zlib_inflate(&stream, Z_FINISH);
-+ }
-+ if (ret != Z_STREAM_END) {
-+ warning("edward-776", "zlib_inflate returned %d\n", ret);
-+ return;
-+ }
-+ *dst_len = stream.total_out;
-+#endif
-+ return;
-+}
-+
-+/******************************************************************************/
-+/* lzo1 compression */
-+/******************************************************************************/
-+
-+static int lzo1_init(void)
-+{
-+ int ret;
-+ ret = lzo_init();
-+ if (ret != LZO_E_OK)
-+ warning("edward-848", "lzo_init() failed with ret = %d\n", ret);
-+ return ret;
-+}
-+
-+static int lzo1_overrun(unsigned in_len)
-+{
-+ return in_len / 64 + 16 + 3;
-+}
-+
-+#define LZO_HEAP_SIZE(size) \
-+ sizeof(lzo_align_t) * (((size) + (sizeof(lzo_align_t) - 1)) / sizeof(lzo_align_t))
-+
-+static coa_t lzo1_alloc(tfm_action act)
-+{
-+ int ret = 0;
-+ coa_t coa = NULL;
-+
-+ switch (act) {
-+ case TFM_WRITE_ACT: /* compress */
-+ coa = vmalloc(LZO_HEAP_SIZE(LZO1X_1_MEM_COMPRESS));
-+ if (!coa) {
-+ ret = -ENOMEM;
-+ break;
-+ }
-+ memset(coa, 0, LZO_HEAP_SIZE(LZO1X_1_MEM_COMPRESS));
-+ case TFM_READ_ACT: /* decompress */
-+ break;
-+ default:
-+ impossible("edward-877",
-+ "trying to alloc workspace for unknown tfm action");
-+ }
-+ if (ret) {
-+ warning("edward-878",
-+ "alloc workspace for lzo1 (tfm action = %d) failed\n",
-+ act);
-+ return ERR_PTR(ret);
-+ }
-+ return coa;
-+}
-+
-+static void lzo1_free(coa_t coa, tfm_action act)
-+{
-+ assert("edward-879", coa != NULL);
-+
-+ switch (act) {
-+ case TFM_WRITE_ACT: /* compress */
-+ vfree(coa);
-+ break;
-+ case TFM_READ_ACT: /* decompress */
-+ impossible("edward-1304",
-+ "trying to free non-allocated workspace");
-+ default:
-+ impossible("edward-880", "unknown tfm action");
-+ }
-+ return;
-+}
-+
-+static int lzo1_min_size_deflate(void)
-+{
-+ return 256;
-+}
-+
-+static void
-+lzo1_compress(coa_t coa, __u8 * src_first, unsigned src_len,
-+ __u8 * dst_first, unsigned *dst_len)
-+{
-+ int result;
-+
-+ assert("edward-846", coa != NULL);
-+ assert("edward-847", src_len != 0);
-+
-+ result = lzo1x_1_compress(src_first, src_len, dst_first, dst_len, coa);
-+ if (result != LZO_E_OK) {
-+ warning("edward-849", "lzo1x_1_compress failed\n");
-+ goto out;
-+ }
-+ if (*dst_len >= src_len) {
-+ //warning("edward-850", "lzo1x_1_compress: incompressible data\n");
-+ goto out;
-+ }
-+ return;
-+ out:
-+ *dst_len = src_len;
-+ return;
-+}
-+
-+static void
-+lzo1_decompress(coa_t coa, __u8 * src_first, unsigned src_len,
-+ __u8 * dst_first, unsigned *dst_len)
-+{
-+ int result;
-+
-+ assert("edward-851", coa == NULL);
-+ assert("edward-852", src_len != 0);
-+
-+ result = lzo1x_decompress(src_first, src_len, dst_first, dst_len, NULL);
-+ if (result != LZO_E_OK)
-+ warning("edward-853", "lzo1x_1_decompress failed\n");
-+ return;
-+}
-+
-+compression_plugin compression_plugins[LAST_COMPRESSION_ID] = {
-+ [LZO1_COMPRESSION_ID] = {
-+ .h = {
-+ .type_id = REISER4_COMPRESSION_PLUGIN_TYPE,
-+ .id = LZO1_COMPRESSION_ID,
-+ .pops = &compression_plugin_ops,
-+ .label = "lzo1",
-+ .desc = "lzo1 compression transform",
-+ .linkage = {NULL, NULL}
-+ },
-+ .init = lzo1_init,
-+ .overrun = lzo1_overrun,
-+ .alloc = lzo1_alloc,
-+ .free = lzo1_free,
-+ .min_size_deflate = lzo1_min_size_deflate,
-+ .checksum = reiser4_adler32,
-+ .compress = lzo1_compress,
-+ .decompress = lzo1_decompress
-+ },
-+ [GZIP1_COMPRESSION_ID] = {
-+ .h = {
-+ .type_id = REISER4_COMPRESSION_PLUGIN_TYPE,
-+ .id = GZIP1_COMPRESSION_ID,
-+ .pops = &compression_plugin_ops,
-+ .label = "gzip1",
-+ .desc = "gzip1 compression transform",
-+ .linkage = {NULL, NULL}
-+ },
-+ .init = gzip1_init,
-+ .overrun = gzip1_overrun,
-+ .alloc = gzip1_alloc,
-+ .free = gzip1_free,
-+ .min_size_deflate = gzip1_min_size_deflate,
-+ .checksum = NULL,
-+ .compress = gzip1_compress,
-+ .decompress = gzip1_decompress
-+ }
-+};
-+
-+/*
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/compress/compress.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/compress/compress.h
-@@ -0,0 +1,38 @@
-+#if !defined( __FS_REISER4_COMPRESS_H__ )
-+#define __FS_REISER4_COMPRESS_H__
-+
-+#include <linux/types.h>
-+#include <linux/string.h>
-+
-+typedef enum {
-+ TFM_READ_ACT,
-+ TFM_WRITE_ACT,
-+ TFM_LAST_ACT
-+} tfm_action;
-+
-+/* builtin compression plugins */
-+
-+typedef enum {
-+ LZO1_COMPRESSION_ID,
-+ GZIP1_COMPRESSION_ID,
-+ LAST_COMPRESSION_ID,
-+} reiser4_compression_id;
-+
-+typedef unsigned long cloff_t;
-+typedef void *coa_t;
-+typedef coa_t coa_set[LAST_COMPRESSION_ID][TFM_LAST_ACT];
-+
-+__u32 reiser4_adler32(char *data, __u32 len);
-+
-+#endif /* __FS_REISER4_COMPRESS_H__ */
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/compress/compress_mode.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/compress/compress_mode.c
-@@ -0,0 +1,163 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+/* This file contains Reiser4 compression mode plugins.
-+
-+ Compression mode plugin is a set of handlers called by compressor
-+ at flush time and represent some heuristics including the ones
-+ which are to avoid compression of incompressible data, see
-+ http://www.namesys.com/cryptcompress_design.html for more details.
-+*/
-+#include "../../inode.h"
-+#include "../plugin.h"
-+
-+static int should_deflate_test(struct inode * inode, cloff_t index)
-+{
-+ return !test_bit(0, &index);
-+}
-+
-+static int should_deflate_none(struct inode * inode, cloff_t index)
-+{
-+ return 0;
-+}
-+
-+static int should_deflate_common(struct inode * inode, cloff_t index)
-+{
-+ return compression_is_on(cryptcompress_inode_data(inode));
-+}
-+
-+static int turn_off_compression(struct inode *inode, cloff_t index)
-+{
-+ toggle_compression(cryptcompress_inode_data(inode), 0);
-+ return 0;
-+}
-+
-+static int turn_on_compression(struct inode *inode, cloff_t index)
-+{
-+ toggle_compression(cryptcompress_inode_data(inode), 1);
-+ return 0;
-+}
-+
-+static int turn_off_compression_on_zero(struct inode *inode, cloff_t index)
-+{
-+ assert("edward-1308", inode != NULL);
-+ if (index == 0)
-+ toggle_compression(cryptcompress_inode_data(inode), 0);
-+ return 0;
-+}
-+
-+/* Check on lattice (COL) of some sparseness factor,
-+ the family of adaptive compression modes which define
-+ the following behavior:
-+
-+ Compression is on: try to compress everything and turn
-+ it off, whenever cluster is incompressible.
-+
-+ Compression is off: try to compress clusters of indexes
-+ k * FACTOR (k = 0, 1, 2, ...) and turn it on, if some of
-+ them is compressible. */
-+
-+/* check if @index belongs to one-dimensional lattice
-+ of sparce factor @factor */
-+static int check_on_lattice(cloff_t index, int factor)
-+{
-+ return (factor ? index % factor == 0: index == 0);
-+}
-+
-+#define DEFINE_CHECK_ON_LATTICE(FACTOR) \
-+ static int check_on_lattice_ ## FACTOR (struct inode * inode, \
-+ cloff_t index) \
-+{ \
-+ return should_deflate_common(inode, index) || \
-+ check_on_lattice(index, FACTOR); \
-+}
-+
-+#define SUPPORT_COL_COMPRESSION_MODE(FACTOR, LABEL) \
-+[COL_ ## FACTOR ## _COMPRESSION_MODE_ID] = { \
-+ .h = { \
-+ .type_id = REISER4_COMPRESSION_MODE_PLUGIN_TYPE, \
-+ .id = COL_ ## FACTOR ## _COMPRESSION_MODE_ID, \
-+ .pops = NULL, \
-+ .label = LABEL, \
-+ .desc = LABEL, \
-+ .linkage = {NULL, NULL} \
-+ }, \
-+ .should_deflate = check_on_lattice_ ## FACTOR, \
-+ .accept_hook = turn_on_compression, \
-+ .discard_hook = turn_off_compression \
-+}
-+
-+DEFINE_CHECK_ON_LATTICE(8)
-+DEFINE_CHECK_ON_LATTICE(16)
-+DEFINE_CHECK_ON_LATTICE(32)
-+
-+/* compression mode_plugins */
-+compression_mode_plugin compression_mode_plugins[LAST_COMPRESSION_MODE_ID] = {
-+ [NONE_COMPRESSION_MODE_ID] = {
-+ .h = {
-+ .type_id = REISER4_COMPRESSION_MODE_PLUGIN_TYPE,
-+ .id = NONE_COMPRESSION_MODE_ID,
-+ .pops = NULL,
-+ .label = "none",
-+ .desc = "Don't compress",
-+ .linkage = {NULL, NULL}
-+ },
-+ .should_deflate = should_deflate_none,
-+ .accept_hook = NULL,
-+ .discard_hook = NULL
-+ },
-+ /* Check-on-lattice adaptive compression modes */
-+ SUPPORT_COL_COMPRESSION_MODE(8, "col8"),
-+ SUPPORT_COL_COMPRESSION_MODE(16, "col16"),
-+ SUPPORT_COL_COMPRESSION_MODE(32, "col32"),
-+ /* Turn off compression if logical cluster of index == 0
-+ is incompressible, then don't check anymore */
-+ [COZ_COMPRESSION_MODE_ID] = {
-+ .h = {
-+ .type_id = REISER4_COMPRESSION_MODE_PLUGIN_TYPE,
-+ .id = COZ_COMPRESSION_MODE_ID,
-+ .pops = NULL,
-+ .label = "coz",
-+ .desc = "Check on zero",
-+ .linkage = {NULL, NULL}
-+ },
-+ .should_deflate = should_deflate_common,
-+ .accept_hook = NULL,
-+ .discard_hook = turn_off_compression_on_zero
-+ },
-+ [FORCE_COMPRESSION_MODE_ID] = {
-+ .h = {
-+ .type_id = REISER4_COMPRESSION_MODE_PLUGIN_TYPE,
-+ .id = FORCE_COMPRESSION_MODE_ID,
-+ .pops = NULL,
-+ .label = "force",
-+ .desc = "Compress everything",
-+ .linkage = {NULL, NULL}
-+ },
-+ .should_deflate = NULL,
-+ .accept_hook = NULL,
-+ .discard_hook = NULL
-+ },
-+ [TEST_COMPRESSION_MODE_ID] = {
-+ .h = {
-+ .type_id = REISER4_COMPRESSION_MODE_PLUGIN_TYPE,
-+ .id = TEST_COMPRESSION_MODE_ID,
-+ .pops = NULL,
-+ .label = "test", /* This mode is for benchmarks only */
-+ .desc = "Don't compress odd clusters",
-+ .linkage = {NULL, NULL}
-+ },
-+ .should_deflate = should_deflate_test,
-+ .accept_hook = NULL,
-+ .discard_hook = NULL
-+ }
-+};
-+
-+/*
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/compress/lzoconf.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/compress/lzoconf.h
-@@ -0,0 +1,420 @@
-+/* lzoconf.h -- configuration for the LZO real-time data compression library
-+ adopted for reiser4 compression transform plugin.
-+
-+ This file is part of the LZO real-time data compression library
-+ and not included in any proprietary licenses of reiser4.
-+
-+ Copyright (C) 2002 Markus Franz Xaver Johannes Oberhumer
-+ Copyright (C) 2001 Markus Franz Xaver Johannes Oberhumer
-+ Copyright (C) 2000 Markus Franz Xaver Johannes Oberhumer
-+ Copyright (C) 1999 Markus Franz Xaver Johannes Oberhumer
-+ Copyright (C) 1998 Markus Franz Xaver Johannes Oberhumer
-+ Copyright (C) 1997 Markus Franz Xaver Johannes Oberhumer
-+ Copyright (C) 1996 Markus Franz Xaver Johannes Oberhumer
-+ All Rights Reserved.
-+
-+ The LZO library is free software; you can redistribute it and/or
-+ modify it under the terms of the GNU General Public License as
-+ published by the Free Software Foundation; either version 2 of
-+ the License, or (at your option) any later version.
-+
-+ The LZO library is distributed in the hope that it will be useful,
-+ but WITHOUT ANY WARRANTY; without even the implied warranty of
-+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-+ GNU General Public License for more details.
-+
-+ You should have received a copy of the GNU General Public License
-+ along with the LZO library; see the file COPYING.
-+ If not, write to the Free Software Foundation, Inc.,
-+ 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
-+
-+ Markus F.X.J. Oberhumer
-+ <markus@oberhumer.com>
-+ http://www.oberhumer.com/opensource/lzo/
-+ */
-+
-+#include <linux/kernel.h> /* for UINT_MAX, ULONG_MAX - edward */
-+
-+#ifndef __LZOCONF_H
-+#define __LZOCONF_H
-+
-+#define LZO_VERSION 0x1080
-+#define LZO_VERSION_STRING "1.08"
-+#define LZO_VERSION_DATE "Jul 12 2002"
-+
-+/* internal Autoconf configuration file - only used when building LZO */
-+#if defined(LZO_HAVE_CONFIG_H)
-+# include <config.h>
-+#endif
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+/***********************************************************************
-+// LZO requires a conforming <limits.h>
-+************************************************************************/
-+
-+#define CHAR_BIT 8
-+#define USHRT_MAX 0xffff
-+
-+/* workaround a cpp bug under hpux 10.20 */
-+#define LZO_0xffffffffL 4294967295ul
-+
-+/***********************************************************************
-+// architecture defines
-+************************************************************************/
-+
-+#if !defined(__LZO_WIN) && !defined(__LZO_DOS) && !defined(__LZO_OS2)
-+# if defined(__WINDOWS__) || defined(_WINDOWS) || defined(_Windows)
-+# define __LZO_WIN
-+# elif defined(__WIN32__) || defined(_WIN32) || defined(WIN32)
-+# define __LZO_WIN
-+# elif defined(__NT__) || defined(__NT_DLL__) || defined(__WINDOWS_386__)
-+# define __LZO_WIN
-+# elif defined(__DOS__) || defined(__MSDOS__) || defined(MSDOS)
-+# define __LZO_DOS
-+# elif defined(__OS2__) || defined(__OS2V2__) || defined(OS2)
-+# define __LZO_OS2
-+# elif defined(__palmos__)
-+# define __LZO_PALMOS
-+# elif defined(__TOS__) || defined(__atarist__)
-+# define __LZO_TOS
-+# endif
-+#endif
-+
-+#if (UINT_MAX < LZO_0xffffffffL)
-+# if defined(__LZO_WIN)
-+# define __LZO_WIN16
-+# elif defined(__LZO_DOS)
-+# define __LZO_DOS16
-+# elif defined(__LZO_PALMOS)
-+# define __LZO_PALMOS16
-+# elif defined(__LZO_TOS)
-+# define __LZO_TOS16
-+# elif defined(__C166__)
-+# else
-+ /* porting hint: for pure 16-bit architectures try compiling
-+ * everything with -D__LZO_STRICT_16BIT */
-+# error "16-bit target not supported - contact me for porting hints"
-+# endif
-+#endif
-+
-+#if !defined(__LZO_i386)
-+# if defined(__LZO_DOS) || defined(__LZO_WIN16)
-+# define __LZO_i386
-+# elif defined(__i386__) || defined(__386__) || defined(_M_IX86)
-+# define __LZO_i386
-+# endif
-+#endif
-+
-+#if defined(__LZO_STRICT_16BIT)
-+# if (UINT_MAX < LZO_0xffffffffL)
-+# include <lzo16bit.h>
-+# endif
-+#endif
-+
-+/* memory checkers */
-+#if !defined(__LZO_CHECKER)
-+# if defined(__BOUNDS_CHECKING_ON)
-+# define __LZO_CHECKER
-+# elif defined(__CHECKER__)
-+# define __LZO_CHECKER
-+# elif defined(__INSURE__)
-+# define __LZO_CHECKER
-+# elif defined(__PURIFY__)
-+# define __LZO_CHECKER
-+# endif
-+#endif
-+
-+/***********************************************************************
-+// integral and pointer types
-+************************************************************************/
-+
-+/* Integral types with 32 bits or more */
-+#if !defined(LZO_UINT32_MAX)
-+# if (UINT_MAX >= LZO_0xffffffffL)
-+ typedef unsigned int lzo_uint32;
-+ typedef int lzo_int32;
-+# define LZO_UINT32_MAX UINT_MAX
-+# define LZO_INT32_MAX INT_MAX
-+# define LZO_INT32_MIN INT_MIN
-+# elif (ULONG_MAX >= LZO_0xffffffffL)
-+ typedef unsigned long lzo_uint32;
-+ typedef long lzo_int32;
-+# define LZO_UINT32_MAX ULONG_MAX
-+# define LZO_INT32_MAX LONG_MAX
-+# define LZO_INT32_MIN LONG_MIN
-+# else
-+# error "lzo_uint32"
-+# endif
-+#endif
-+
-+/* lzo_uint is used like size_t */
-+#if !defined(LZO_UINT_MAX)
-+# if (UINT_MAX >= LZO_0xffffffffL)
-+ typedef unsigned int lzo_uint;
-+ typedef int lzo_int;
-+# define LZO_UINT_MAX UINT_MAX
-+# define LZO_INT_MAX INT_MAX
-+# define LZO_INT_MIN INT_MIN
-+# elif (ULONG_MAX >= LZO_0xffffffffL)
-+ typedef unsigned long lzo_uint;
-+ typedef long lzo_int;
-+# define LZO_UINT_MAX ULONG_MAX
-+# define LZO_INT_MAX LONG_MAX
-+# define LZO_INT_MIN LONG_MIN
-+# else
-+# error "lzo_uint"
-+# endif
-+#endif
-+
-+ typedef int lzo_bool;
-+
-+/***********************************************************************
-+// memory models
-+************************************************************************/
-+
-+/* Memory model for the public code segment. */
-+#if !defined(__LZO_CMODEL)
-+# if defined(__LZO_DOS16) || defined(__LZO_WIN16)
-+# define __LZO_CMODEL __far
-+# elif defined(__LZO_i386) && defined(__WATCOMC__)
-+# define __LZO_CMODEL __near
-+# else
-+# define __LZO_CMODEL
-+# endif
-+#endif
-+
-+/* Memory model for the public data segment. */
-+#if !defined(__LZO_DMODEL)
-+# if defined(__LZO_DOS16) || defined(__LZO_WIN16)
-+# define __LZO_DMODEL __far
-+# elif defined(__LZO_i386) && defined(__WATCOMC__)
-+# define __LZO_DMODEL __near
-+# else
-+# define __LZO_DMODEL
-+# endif
-+#endif
-+
-+/* Memory model that allows to access memory at offsets of lzo_uint. */
-+#if !defined(__LZO_MMODEL)
-+# if (LZO_UINT_MAX <= UINT_MAX)
-+# define __LZO_MMODEL
-+# elif defined(__LZO_DOS16) || defined(__LZO_WIN16)
-+# define __LZO_MMODEL __huge
-+# define LZO_999_UNSUPPORTED
-+# elif defined(__LZO_PALMOS16) || defined(__LZO_TOS16)
-+# define __LZO_MMODEL
-+# else
-+# error "__LZO_MMODEL"
-+# endif
-+#endif
-+
-+/* no typedef here because of const-pointer issues */
-+#define lzo_byte unsigned char __LZO_MMODEL
-+#define lzo_bytep unsigned char __LZO_MMODEL *
-+#define lzo_charp char __LZO_MMODEL *
-+#define lzo_voidp void __LZO_MMODEL *
-+#define lzo_shortp short __LZO_MMODEL *
-+#define lzo_ushortp unsigned short __LZO_MMODEL *
-+#define lzo_uint32p lzo_uint32 __LZO_MMODEL *
-+#define lzo_int32p lzo_int32 __LZO_MMODEL *
-+#define lzo_uintp lzo_uint __LZO_MMODEL *
-+#define lzo_intp lzo_int __LZO_MMODEL *
-+#define lzo_voidpp lzo_voidp __LZO_MMODEL *
-+#define lzo_bytepp lzo_bytep __LZO_MMODEL *
-+
-+#ifndef lzo_sizeof_dict_t
-+# define lzo_sizeof_dict_t sizeof(lzo_bytep)
-+#endif
-+
-+/***********************************************************************
-+// calling conventions and function types
-+************************************************************************/
-+
-+/* linkage */
-+#if !defined(__LZO_EXTERN_C)
-+# ifdef __cplusplus
-+# define __LZO_EXTERN_C extern "C"
-+# else
-+# define __LZO_EXTERN_C extern
-+# endif
-+#endif
-+
-+/* calling convention */
-+#if !defined(__LZO_CDECL)
-+# if defined(__LZO_DOS16) || defined(__LZO_WIN16)
-+# define __LZO_CDECL __LZO_CMODEL __cdecl
-+# elif defined(__LZO_i386) && defined(_MSC_VER)
-+# define __LZO_CDECL __LZO_CMODEL __cdecl
-+# elif defined(__LZO_i386) && defined(__WATCOMC__)
-+# define __LZO_CDECL __LZO_CMODEL __cdecl
-+# else
-+# define __LZO_CDECL __LZO_CMODEL
-+# endif
-+#endif
-+#if !defined(__LZO_ENTRY)
-+# define __LZO_ENTRY __LZO_CDECL
-+#endif
-+
-+/* C++ exception specification for extern "C" function types */
-+#if !defined(__cplusplus)
-+# undef LZO_NOTHROW
-+# define LZO_NOTHROW
-+#elif !defined(LZO_NOTHROW)
-+# define LZO_NOTHROW
-+#endif
-+
-+ typedef int
-+ (__LZO_ENTRY * lzo_compress_t) (const lzo_byte * src, lzo_uint src_len,
-+ lzo_byte * dst, lzo_uintp dst_len,
-+ lzo_voidp wrkmem);
-+
-+ typedef int
-+ (__LZO_ENTRY * lzo_decompress_t) (const lzo_byte * src,
-+ lzo_uint src_len, lzo_byte * dst,
-+ lzo_uintp dst_len, lzo_voidp wrkmem);
-+
-+ typedef int
-+ (__LZO_ENTRY * lzo_optimize_t) (lzo_byte * src, lzo_uint src_len,
-+ lzo_byte * dst, lzo_uintp dst_len,
-+ lzo_voidp wrkmem);
-+
-+ typedef int
-+ (__LZO_ENTRY * lzo_compress_dict_t) (const lzo_byte * src,
-+ lzo_uint src_len, lzo_byte * dst,
-+ lzo_uintp dst_len,
-+ lzo_voidp wrkmem,
-+ const lzo_byte * dict,
-+ lzo_uint dict_len);
-+
-+ typedef int
-+ (__LZO_ENTRY * lzo_decompress_dict_t) (const lzo_byte * src,
-+ lzo_uint src_len,
-+ lzo_byte * dst,
-+ lzo_uintp dst_len,
-+ lzo_voidp wrkmem,
-+ const lzo_byte * dict,
-+ lzo_uint dict_len);
-+
-+/* assembler versions always use __cdecl */
-+ typedef int
-+ (__LZO_CDECL * lzo_compress_asm_t) (const lzo_byte * src,
-+ lzo_uint src_len, lzo_byte * dst,
-+ lzo_uintp dst_len,
-+ lzo_voidp wrkmem);
-+
-+ typedef int
-+ (__LZO_CDECL * lzo_decompress_asm_t) (const lzo_byte * src,
-+ lzo_uint src_len, lzo_byte * dst,
-+ lzo_uintp dst_len,
-+ lzo_voidp wrkmem);
-+
-+/* a progress indicator callback function */
-+ typedef void (__LZO_ENTRY * lzo_progress_callback_t) (lzo_uint,
-+ lzo_uint);
-+
-+/***********************************************************************
-+// export information
-+************************************************************************/
-+
-+/* DLL export information */
-+#if !defined(__LZO_EXPORT1)
-+# define __LZO_EXPORT1
-+#endif
-+#if !defined(__LZO_EXPORT2)
-+# define __LZO_EXPORT2
-+#endif
-+
-+/* exported calling convention for C functions */
-+#if !defined(LZO_PUBLIC)
-+# define LZO_PUBLIC(_rettype) \
-+ __LZO_EXPORT1 _rettype __LZO_EXPORT2 __LZO_ENTRY
-+#endif
-+#if !defined(LZO_EXTERN)
-+# define LZO_EXTERN(_rettype) __LZO_EXTERN_C LZO_PUBLIC(_rettype)
-+#endif
-+#if !defined(LZO_PRIVATE)
-+# define LZO_PRIVATE(_rettype) static _rettype __LZO_ENTRY
-+#endif
-+
-+/* exported __cdecl calling convention for assembler functions */
-+#if !defined(LZO_PUBLIC_CDECL)
-+# define LZO_PUBLIC_CDECL(_rettype) \
-+ __LZO_EXPORT1 _rettype __LZO_EXPORT2 __LZO_CDECL
-+#endif
-+#if !defined(LZO_EXTERN_CDECL)
-+# define LZO_EXTERN_CDECL(_rettype) __LZO_EXTERN_C LZO_PUBLIC_CDECL(_rettype)
-+#endif
-+
-+/* exported global variables (LZO currently uses no static variables and
-+ * is fully thread safe) */
-+#if !defined(LZO_PUBLIC_VAR)
-+# define LZO_PUBLIC_VAR(_type) \
-+ __LZO_EXPORT1 _type __LZO_EXPORT2 __LZO_DMODEL
-+#endif
-+#if !defined(LZO_EXTERN_VAR)
-+# define LZO_EXTERN_VAR(_type) extern LZO_PUBLIC_VAR(_type)
-+#endif
-+
-+/***********************************************************************
-+// error codes and prototypes
-+************************************************************************/
-+
-+/* Error codes for the compression/decompression functions. Negative
-+ * values are errors, positive values will be used for special but
-+ * normal events.
-+ */
-+#define LZO_E_OK 0
-+#define LZO_E_ERROR (-1)
-+#define LZO_E_OUT_OF_MEMORY (-2) /* not used right now */
-+#define LZO_E_NOT_COMPRESSIBLE (-3) /* not used right now */
-+#define LZO_E_INPUT_OVERRUN (-4)
-+#define LZO_E_OUTPUT_OVERRUN (-5)
-+#define LZO_E_LOOKBEHIND_OVERRUN (-6)
-+#define LZO_E_EOF_NOT_FOUND (-7)
-+#define LZO_E_INPUT_NOT_CONSUMED (-8)
-+
-+/* lzo_init() should be the first function you call.
-+ * Check the return code !
-+ *
-+ * lzo_init() is a macro to allow checking that the library and the
-+ * compiler's view of various types are consistent.
-+ */
-+#define lzo_init() __lzo_init2(LZO_VERSION,(int)sizeof(short),(int)sizeof(int),\
-+ (int)sizeof(long),(int)sizeof(lzo_uint32),(int)sizeof(lzo_uint),\
-+ (int)lzo_sizeof_dict_t,(int)sizeof(char *),(int)sizeof(lzo_voidp),\
-+ (int)sizeof(lzo_compress_t))
-+ LZO_EXTERN(int) __lzo_init2(unsigned, int, int, int, int, int, int,
-+ int, int, int);
-+
-+/* checksum functions */
-+ LZO_EXTERN(lzo_uint32)
-+ lzo_crc32(lzo_uint32 _c, const lzo_byte * _buf, lzo_uint _len);
-+
-+/* misc. */
-+ typedef union {
-+ lzo_bytep p;
-+ lzo_uint u;
-+ } __lzo_pu_u;
-+ typedef union {
-+ lzo_bytep p;
-+ lzo_uint32 u32;
-+ } __lzo_pu32_u;
-+ typedef union {
-+ void *vp;
-+ lzo_bytep bp;
-+ lzo_uint32 u32;
-+ long l;
-+ } lzo_align_t;
-+
-+#define LZO_PTR_ALIGN_UP(_ptr,_size) \
-+ ((_ptr) + (lzo_uint) __lzo_align_gap((const lzo_voidp)(_ptr),(lzo_uint)(_size)))
-+
-+/* deprecated - only for backward compatibility */
-+#define LZO_ALIGN(_ptr,_size) LZO_PTR_ALIGN_UP(_ptr,_size)
-+
-+#ifdef __cplusplus
-+} /* extern "C" */
-+#endif
-+#endif /* already included */
-Index: linux-2.6.16/fs/reiser4/plugin/compress/minilzo.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/compress/minilzo.c
-@@ -0,0 +1,2155 @@
-+/* minilzo.c -- mini subset of the LZO real-time data compression library
-+ adopted for reiser4 compression transform plugin.
-+
-+ This file is part of the LZO real-time data compression library
-+ and not included in any proprietary licenses of reiser4.
-+
-+ Copyright (C) 2002 Markus Franz Xaver Johannes Oberhumer
-+ Copyright (C) 2001 Markus Franz Xaver Johannes Oberhumer
-+ Copyright (C) 2000 Markus Franz Xaver Johannes Oberhumer
-+ Copyright (C) 1999 Markus Franz Xaver Johannes Oberhumer
-+ Copyright (C) 1998 Markus Franz Xaver Johannes Oberhumer
-+ Copyright (C) 1997 Markus Franz Xaver Johannes Oberhumer
-+ Copyright (C) 1996 Markus Franz Xaver Johannes Oberhumer
-+ All Rights Reserved.
-+
-+ The LZO library is free software; you can redistribute it and/or
-+ modify it under the terms of the GNU General Public License as
-+ published by the Free Software Foundation; either version 2 of
-+ the License, or (at your option) any later version.
-+
-+ The LZO library is distributed in the hope that it will be useful,
-+ but WITHOUT ANY WARRANTY; without even the implied warranty of
-+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-+ GNU General Public License for more details.
-+
-+ You should have received a copy of the GNU General Public License
-+ along with the LZO library; see the file COPYING.
-+ If not, write to the Free Software Foundation, Inc.,
-+ 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
-+
-+ Markus F.X.J. Oberhumer
-+ <markus@oberhumer.com>
-+ http://www.oberhumer.com/opensource/lzo/
-+ */
-+
-+/*
-+ * NOTE:
-+ * the full LZO package can be found at
-+ * http://www.oberhumer.com/opensource/lzo/
-+ */
-+
-+#include "../../debug.h" /* for reiser4 assert macro -edward */
-+
-+#define __LZO_IN_MINILZO
-+#define LZO_BUILD
-+
-+#ifdef MINILZO_HAVE_CONFIG_H
-+# include <config.h>
-+#endif
-+
-+#undef LZO_HAVE_CONFIG_H
-+#include "minilzo.h"
-+
-+#if !defined(MINILZO_VERSION) || (MINILZO_VERSION != 0x1080)
-+# error "version mismatch in miniLZO source files"
-+#endif
-+
-+#ifdef MINILZO_HAVE_CONFIG_H
-+# define LZO_HAVE_CONFIG_H
-+#endif
-+
-+
-+#ifndef __LZO_CONF_H
-+#define __LZO_CONF_H
-+
-+#if !defined(__LZO_IN_MINILZO)
-+# ifndef __LZOCONF_H
-+# include <lzoconf.h>
-+# endif
-+#endif
-+
-+#if defined(__BOUNDS_CHECKING_ON)
-+# include <unchecked.h>
-+#else
-+# define BOUNDS_CHECKING_OFF_DURING(stmt) stmt
-+# define BOUNDS_CHECKING_OFF_IN_EXPR(expr) (expr)
-+#endif
-+
-+# define HAVE_MEMCMP
-+# define HAVE_MEMCPY
-+# define HAVE_MEMMOVE
-+# define HAVE_MEMSET
-+
-+#if defined(__LZO_DOS16) || defined(__LZO_WIN16)
-+# define HAVE_MALLOC_H
-+# define HAVE_HALLOC
-+#endif
-+
-+#undef NDEBUG
-+#if !defined(LZO_DEBUG)
-+# define NDEBUG
-+#endif
-+#if defined(LZO_DEBUG) || !defined(NDEBUG)
-+# if !defined(NO_STDIO_H)
-+# include <stdio.h>
-+# endif
-+#endif
-+# if 0 /* edward */
-+#include <assert.h>
-+#endif /* edward */
-+
-+#if !defined(LZO_COMPILE_TIME_ASSERT)
-+# define LZO_COMPILE_TIME_ASSERT(expr) \
-+ { typedef int __lzo_compile_time_assert_fail[1 - 2 * !(expr)]; }
-+#endif
-+
-+#if !defined(LZO_UNUSED)
-+# if 1
-+# define LZO_UNUSED(var) ((void)&var)
-+# elif 0
-+# define LZO_UNUSED(var) { typedef int __lzo_unused[sizeof(var) ? 2 : 1]; }
-+# else
-+# define LZO_UNUSED(parm) (parm = parm)
-+# endif
-+#endif
-+
-+#if !defined(__inline__) && !defined(__GNUC__)
-+# if defined(__cplusplus)
-+# define __inline__ inline
-+# else
-+# define __inline__
-+# endif
-+#endif
-+
-+#if defined(NO_MEMCMP)
-+# undef HAVE_MEMCMP
-+#endif
-+
-+#if !defined(HAVE_MEMSET)
-+# undef memset
-+# define memset lzo_memset
-+#endif
-+
-+# define LZO_BYTE(x) ((unsigned char) ((x) & 0xff))
-+
-+#define LZO_MAX(a,b) ((a) >= (b) ? (a) : (b))
-+#define LZO_MIN(a,b) ((a) <= (b) ? (a) : (b))
-+#define LZO_MAX3(a,b,c) ((a) >= (b) ? LZO_MAX(a,c) : LZO_MAX(b,c))
-+#define LZO_MIN3(a,b,c) ((a) <= (b) ? LZO_MIN(a,c) : LZO_MIN(b,c))
-+
-+#define lzo_sizeof(type) ((lzo_uint) (sizeof(type)))
-+
-+#define LZO_HIGH(array) ((lzo_uint) (sizeof(array)/sizeof(*(array))))
-+
-+#define LZO_SIZE(bits) (1u << (bits))
-+#define LZO_MASK(bits) (LZO_SIZE(bits) - 1)
-+
-+#define LZO_LSIZE(bits) (1ul << (bits))
-+#define LZO_LMASK(bits) (LZO_LSIZE(bits) - 1)
-+
-+#define LZO_USIZE(bits) ((lzo_uint) 1 << (bits))
-+#define LZO_UMASK(bits) (LZO_USIZE(bits) - 1)
-+
-+#define LZO_STYPE_MAX(b) (((1l << (8*(b)-2)) - 1l) + (1l << (8*(b)-2)))
-+#define LZO_UTYPE_MAX(b) (((1ul << (8*(b)-1)) - 1ul) + (1ul << (8*(b)-1)))
-+
-+#if !defined(SIZEOF_UNSIGNED)
-+# if (UINT_MAX == 0xffff)
-+# define SIZEOF_UNSIGNED 2
-+# elif (UINT_MAX == LZO_0xffffffffL)
-+# define SIZEOF_UNSIGNED 4
-+# elif (UINT_MAX >= LZO_0xffffffffL)
-+# define SIZEOF_UNSIGNED 8
-+# else
-+# error "SIZEOF_UNSIGNED"
-+# endif
-+#endif
-+
-+#if !defined(SIZEOF_UNSIGNED_LONG)
-+# if (ULONG_MAX == LZO_0xffffffffL)
-+# define SIZEOF_UNSIGNED_LONG 4
-+# elif (ULONG_MAX >= LZO_0xffffffffL)
-+# define SIZEOF_UNSIGNED_LONG 8
-+# else
-+# error "SIZEOF_UNSIGNED_LONG"
-+# endif
-+#endif
-+
-+#if !defined(SIZEOF_SIZE_T)
-+# define SIZEOF_SIZE_T SIZEOF_UNSIGNED
-+#endif
-+#if !defined(SIZE_T_MAX)
-+# define SIZE_T_MAX LZO_UTYPE_MAX(SIZEOF_SIZE_T)
-+#endif
-+
-+#if 1 && defined(__LZO_i386) && (UINT_MAX == LZO_0xffffffffL)
-+# if !defined(LZO_UNALIGNED_OK_2) && (USHRT_MAX == 0xffff)
-+# define LZO_UNALIGNED_OK_2
-+# endif
-+# if !defined(LZO_UNALIGNED_OK_4) && (LZO_UINT32_MAX == LZO_0xffffffffL)
-+# define LZO_UNALIGNED_OK_4
-+# endif
-+#endif
-+
-+#if defined(LZO_UNALIGNED_OK_2) || defined(LZO_UNALIGNED_OK_4)
-+# if !defined(LZO_UNALIGNED_OK)
-+# define LZO_UNALIGNED_OK
-+# endif
-+#endif
-+
-+#if defined(__LZO_NO_UNALIGNED)
-+# undef LZO_UNALIGNED_OK
-+# undef LZO_UNALIGNED_OK_2
-+# undef LZO_UNALIGNED_OK_4
-+#endif
-+
-+#if defined(LZO_UNALIGNED_OK_2) && (USHRT_MAX != 0xffff)
-+# error "LZO_UNALIGNED_OK_2 must not be defined on this system"
-+#endif
-+#if defined(LZO_UNALIGNED_OK_4) && (LZO_UINT32_MAX != LZO_0xffffffffL)
-+# error "LZO_UNALIGNED_OK_4 must not be defined on this system"
-+#endif
-+
-+#if defined(__LZO_NO_ALIGNED)
-+# undef LZO_ALIGNED_OK_4
-+#endif
-+
-+#if defined(LZO_ALIGNED_OK_4) && (LZO_UINT32_MAX != LZO_0xffffffffL)
-+# error "LZO_ALIGNED_OK_4 must not be defined on this system"
-+#endif
-+
-+#define LZO_LITTLE_ENDIAN 1234
-+#define LZO_BIG_ENDIAN 4321
-+#define LZO_PDP_ENDIAN 3412
-+
-+#if !defined(LZO_BYTE_ORDER)
-+# if defined(MFX_BYTE_ORDER)
-+# define LZO_BYTE_ORDER MFX_BYTE_ORDER
-+# elif defined(__LZO_i386)
-+# define LZO_BYTE_ORDER LZO_LITTLE_ENDIAN
-+# elif defined(BYTE_ORDER)
-+# define LZO_BYTE_ORDER BYTE_ORDER
-+# elif defined(__BYTE_ORDER)
-+# define LZO_BYTE_ORDER __BYTE_ORDER
-+# endif
-+#endif
-+
-+#if defined(LZO_BYTE_ORDER)
-+# if (LZO_BYTE_ORDER != LZO_LITTLE_ENDIAN) && \
-+ (LZO_BYTE_ORDER != LZO_BIG_ENDIAN)
-+# error "invalid LZO_BYTE_ORDER"
-+# endif
-+#endif
-+
-+#if defined(LZO_UNALIGNED_OK) && !defined(LZO_BYTE_ORDER)
-+# error "LZO_BYTE_ORDER is not defined"
-+#endif
-+
-+#define LZO_OPTIMIZE_GNUC_i386_IS_BUGGY
-+
-+#if defined(NDEBUG) && !defined(LZO_DEBUG) && !defined(__LZO_CHECKER)
-+# if defined(__GNUC__) && defined(__i386__)
-+# if !defined(LZO_OPTIMIZE_GNUC_i386_IS_BUGGY)
-+# define LZO_OPTIMIZE_GNUC_i386
-+# endif
-+# endif
-+#endif
-+
-+__LZO_EXTERN_C const lzo_uint32 _lzo_crc32_table[256];
-+
-+#define _LZO_STRINGIZE(x) #x
-+#define _LZO_MEXPAND(x) _LZO_STRINGIZE(x)
-+
-+#define _LZO_CONCAT2(a,b) a ## b
-+#define _LZO_CONCAT3(a,b,c) a ## b ## c
-+#define _LZO_CONCAT4(a,b,c,d) a ## b ## c ## d
-+#define _LZO_CONCAT5(a,b,c,d,e) a ## b ## c ## d ## e
-+
-+#define _LZO_ECONCAT2(a,b) _LZO_CONCAT2(a,b)
-+#define _LZO_ECONCAT3(a,b,c) _LZO_CONCAT3(a,b,c)
-+#define _LZO_ECONCAT4(a,b,c,d) _LZO_CONCAT4(a,b,c,d)
-+#define _LZO_ECONCAT5(a,b,c,d,e) _LZO_CONCAT5(a,b,c,d,e)
-+
-+#ifndef __LZO_PTR_H
-+#define __LZO_PTR_H
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+#if defined(__LZO_DOS16) || defined(__LZO_WIN16)
-+# include <dos.h>
-+# if 1 && defined(__WATCOMC__)
-+# include <i86.h>
-+ __LZO_EXTERN_C unsigned char _HShift;
-+# define __LZO_HShift _HShift
-+# elif 1 && defined(_MSC_VER)
-+ __LZO_EXTERN_C unsigned short __near _AHSHIFT;
-+# define __LZO_HShift ((unsigned) &_AHSHIFT)
-+# elif defined(__LZO_WIN16)
-+# define __LZO_HShift 3
-+# else
-+# define __LZO_HShift 12
-+# endif
-+# if !defined(_FP_SEG) && defined(FP_SEG)
-+# define _FP_SEG FP_SEG
-+# endif
-+# if !defined(_FP_OFF) && defined(FP_OFF)
-+# define _FP_OFF FP_OFF
-+# endif
-+#endif
-+
-+#if !defined(lzo_ptrdiff_t)
-+# if (UINT_MAX >= LZO_0xffffffffL)
-+ typedef ptrdiff_t lzo_ptrdiff_t;
-+# else
-+ typedef long lzo_ptrdiff_t;
-+# endif
-+#endif
-+
-+#if !defined(__LZO_HAVE_PTR_T)
-+# if defined(lzo_ptr_t)
-+# define __LZO_HAVE_PTR_T
-+# endif
-+#endif
-+#if !defined(__LZO_HAVE_PTR_T)
-+# if defined(SIZEOF_CHAR_P) && defined(SIZEOF_UNSIGNED_LONG)
-+# if (SIZEOF_CHAR_P == SIZEOF_UNSIGNED_LONG)
-+ typedef unsigned long lzo_ptr_t;
-+ typedef long lzo_sptr_t;
-+# define __LZO_HAVE_PTR_T
-+# endif
-+# endif
-+#endif
-+#if !defined(__LZO_HAVE_PTR_T)
-+# if defined(SIZEOF_CHAR_P) && defined(SIZEOF_UNSIGNED)
-+# if (SIZEOF_CHAR_P == SIZEOF_UNSIGNED)
-+ typedef unsigned int lzo_ptr_t;
-+ typedef int lzo_sptr_t;
-+# define __LZO_HAVE_PTR_T
-+# endif
-+# endif
-+#endif
-+#if !defined(__LZO_HAVE_PTR_T)
-+# if defined(SIZEOF_CHAR_P) && defined(SIZEOF_UNSIGNED_SHORT)
-+# if (SIZEOF_CHAR_P == SIZEOF_UNSIGNED_SHORT)
-+ typedef unsigned short lzo_ptr_t;
-+ typedef short lzo_sptr_t;
-+# define __LZO_HAVE_PTR_T
-+# endif
-+# endif
-+#endif
-+#if !defined(__LZO_HAVE_PTR_T)
-+# if defined(LZO_HAVE_CONFIG_H) || defined(SIZEOF_CHAR_P)
-+# error "no suitable type for lzo_ptr_t"
-+# else
-+ typedef unsigned long lzo_ptr_t;
-+ typedef long lzo_sptr_t;
-+# define __LZO_HAVE_PTR_T
-+# endif
-+#endif
-+
-+#if defined(__LZO_DOS16) || defined(__LZO_WIN16)
-+#define PTR(a) ((lzo_bytep) (a))
-+#define PTR_ALIGNED_4(a) ((_FP_OFF(a) & 3) == 0)
-+#define PTR_ALIGNED2_4(a,b) (((_FP_OFF(a) | _FP_OFF(b)) & 3) == 0)
-+#else
-+#define PTR(a) ((lzo_ptr_t) (a))
-+#define PTR_LINEAR(a) PTR(a)
-+#define PTR_ALIGNED_4(a) ((PTR_LINEAR(a) & 3) == 0)
-+#define PTR_ALIGNED_8(a) ((PTR_LINEAR(a) & 7) == 0)
-+#define PTR_ALIGNED2_4(a,b) (((PTR_LINEAR(a) | PTR_LINEAR(b)) & 3) == 0)
-+#define PTR_ALIGNED2_8(a,b) (((PTR_LINEAR(a) | PTR_LINEAR(b)) & 7) == 0)
-+#endif
-+
-+#define PTR_LT(a,b) (PTR(a) < PTR(b))
-+#define PTR_GE(a,b) (PTR(a) >= PTR(b))
-+#define PTR_DIFF(a,b) ((lzo_ptrdiff_t) (PTR(a) - PTR(b)))
-+#define pd(a,b) ((lzo_uint) ((a)-(b)))
-+
-+ typedef union {
-+ char a_char;
-+ unsigned char a_uchar;
-+ short a_short;
-+ unsigned short a_ushort;
-+ int a_int;
-+ unsigned int a_uint;
-+ long a_long;
-+ unsigned long a_ulong;
-+ lzo_int a_lzo_int;
-+ lzo_uint a_lzo_uint;
-+ lzo_int32 a_lzo_int32;
-+ lzo_uint32 a_lzo_uint32;
-+ ptrdiff_t a_ptrdiff_t;
-+ lzo_ptrdiff_t a_lzo_ptrdiff_t;
-+ lzo_ptr_t a_lzo_ptr_t;
-+ lzo_voidp a_lzo_voidp;
-+ void *a_void_p;
-+ lzo_bytep a_lzo_bytep;
-+ lzo_bytepp a_lzo_bytepp;
-+ lzo_uintp a_lzo_uintp;
-+ lzo_uint *a_lzo_uint_p;
-+ lzo_uint32p a_lzo_uint32p;
-+ lzo_uint32 *a_lzo_uint32_p;
-+ unsigned char *a_uchar_p;
-+ char *a_char_p;
-+ } lzo_full_align_t;
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+#endif
-+#define LZO_DETERMINISTIC
-+#define LZO_DICT_USE_PTR
-+#if defined(__LZO_DOS16) || defined(__LZO_WIN16) || defined(__LZO_STRICT_16BIT)
-+# undef LZO_DICT_USE_PTR
-+#endif
-+#if defined(LZO_DICT_USE_PTR)
-+# define lzo_dict_t const lzo_bytep
-+# define lzo_dict_p lzo_dict_t __LZO_MMODEL *
-+#else
-+# define lzo_dict_t lzo_uint
-+# define lzo_dict_p lzo_dict_t __LZO_MMODEL *
-+#endif
-+#if !defined(lzo_moff_t)
-+#define lzo_moff_t lzo_uint
-+#endif
-+#endif
-+static lzo_ptr_t __lzo_ptr_linear(const lzo_voidp ptr)
-+{
-+ lzo_ptr_t p;
-+
-+#if defined(__LZO_DOS16) || defined(__LZO_WIN16)
-+ p = (((lzo_ptr_t) (_FP_SEG(ptr))) << (16 - __LZO_HShift)) +
-+ (_FP_OFF(ptr));
-+#else
-+ p = PTR_LINEAR(ptr);
-+#endif
-+
-+ return p;
-+}
-+
-+static unsigned __lzo_align_gap(const lzo_voidp ptr, lzo_uint size)
-+{
-+ lzo_ptr_t p, s, n;
-+
-+ assert("lzo-01", size > 0);
-+
-+ p = __lzo_ptr_linear(ptr);
-+ s = (lzo_ptr_t) (size - 1);
-+ n = (((p + s) / size) * size) - p;
-+
-+ assert("lzo-02", (long)n >= 0);
-+ assert("lzo-03", n <= s);
-+
-+ return (unsigned)n;
-+}
-+
-+#ifndef __LZO_UTIL_H
-+#define __LZO_UTIL_H
-+
-+#ifndef __LZO_CONF_H
-+#endif
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+#if 1 && defined(HAVE_MEMCPY)
-+#if !defined(__LZO_DOS16) && !defined(__LZO_WIN16)
-+
-+#define MEMCPY8_DS(dest,src,len) \
-+ memcpy(dest,src,len); \
-+ dest += len; \
-+ src += len
-+
-+#endif
-+#endif
-+
-+#if !defined(MEMCPY8_DS)
-+
-+#define MEMCPY8_DS(dest,src,len) \
-+ { register lzo_uint __l = (len) / 8; \
-+ do { \
-+ *dest++ = *src++; \
-+ *dest++ = *src++; \
-+ *dest++ = *src++; \
-+ *dest++ = *src++; \
-+ *dest++ = *src++; \
-+ *dest++ = *src++; \
-+ *dest++ = *src++; \
-+ *dest++ = *src++; \
-+ } while (--__l > 0); }
-+
-+#endif
-+
-+#define MEMCPY_DS(dest,src,len) \
-+ do *dest++ = *src++; \
-+ while (--len > 0)
-+
-+#define MEMMOVE_DS(dest,src,len) \
-+ do *dest++ = *src++; \
-+ while (--len > 0)
-+
-+
-+#if (LZO_UINT_MAX <= SIZE_T_MAX) && defined(HAVE_MEMSET)
-+
-+#define BZERO8_PTR(s,l,n) memset((s),0,(lzo_uint)(l)*(n))
-+
-+#else
-+
-+#define BZERO8_PTR(s,l,n) \
-+ lzo_memset((lzo_voidp)(s),0,(lzo_uint)(l)*(n))
-+
-+#endif
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+
-+#endif
-+
-+/* If you use the LZO library in a product, you *must* keep this
-+ * copyright string in the executable of your product.
-+ */
-+
-+static const lzo_byte __lzo_copyright[] =
-+#if !defined(__LZO_IN_MINLZO)
-+ LZO_VERSION_STRING;
-+#else
-+ "\n\n\n"
-+ "LZO real-time data compression library.\n"
-+ "Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002 Markus Franz Xaver Johannes Oberhumer\n"
-+ "<markus.oberhumer@jk.uni-linz.ac.at>\n"
-+ "http://www.oberhumer.com/opensource/lzo/\n"
-+ "\n"
-+ "LZO version: v" LZO_VERSION_STRING ", " LZO_VERSION_DATE "\n"
-+ "LZO build date: " __DATE__ " " __TIME__ "\n\n"
-+ "LZO special compilation options:\n"
-+#ifdef __cplusplus
-+ " __cplusplus\n"
-+#endif
-+#if defined(__PIC__)
-+ " __PIC__\n"
-+#elif defined(__pic__)
-+ " __pic__\n"
-+#endif
-+#if (UINT_MAX < LZO_0xffffffffL)
-+ " 16BIT\n"
-+#endif
-+#if defined(__LZO_STRICT_16BIT)
-+ " __LZO_STRICT_16BIT\n"
-+#endif
-+#if (UINT_MAX > LZO_0xffffffffL)
-+ " UINT_MAX=" _LZO_MEXPAND(UINT_MAX) "\n"
-+#endif
-+#if (ULONG_MAX > LZO_0xffffffffL)
-+ " ULONG_MAX=" _LZO_MEXPAND(ULONG_MAX) "\n"
-+#endif
-+#if defined(LZO_BYTE_ORDER)
-+ " LZO_BYTE_ORDER=" _LZO_MEXPAND(LZO_BYTE_ORDER) "\n"
-+#endif
-+#if defined(LZO_UNALIGNED_OK_2)
-+ " LZO_UNALIGNED_OK_2\n"
-+#endif
-+#if defined(LZO_UNALIGNED_OK_4)
-+ " LZO_UNALIGNED_OK_4\n"
-+#endif
-+#if defined(LZO_ALIGNED_OK_4)
-+ " LZO_ALIGNED_OK_4\n"
-+#endif
-+#if defined(LZO_DICT_USE_PTR)
-+ " LZO_DICT_USE_PTR\n"
-+#endif
-+#if defined(__LZO_QUERY_COMPRESS)
-+ " __LZO_QUERY_COMPRESS\n"
-+#endif
-+#if defined(__LZO_QUERY_DECOMPRESS)
-+ " __LZO_QUERY_DECOMPRESS\n"
-+#endif
-+#if defined(__LZO_IN_MINILZO)
-+ " __LZO_IN_MINILZO\n"
-+#endif
-+ "\n\n" "$Id: LZO " LZO_VERSION_STRING " built " __DATE__ " " __TIME__
-+#if defined(__GNUC__) && defined(__VERSION__)
-+ " by gcc " __VERSION__
-+#elif defined(__BORLANDC__)
-+ " by Borland C " _LZO_MEXPAND(__BORLANDC__)
-+#elif defined(_MSC_VER)
-+ " by Microsoft C " _LZO_MEXPAND(_MSC_VER)
-+#elif defined(__PUREC__)
-+ " by Pure C " _LZO_MEXPAND(__PUREC__)
-+#elif defined(__SC__)
-+ " by Symantec C " _LZO_MEXPAND(__SC__)
-+#elif defined(__TURBOC__)
-+ " by Turbo C " _LZO_MEXPAND(__TURBOC__)
-+#elif defined(__WATCOMC__)
-+ " by Watcom C " _LZO_MEXPAND(__WATCOMC__)
-+#endif
-+ " $\n"
-+ "$Copyright: LZO (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002 Markus Franz Xaver Johannes Oberhumer $\n";
-+#endif
-+
-+#define LZO_BASE 65521u
-+#define LZO_NMAX 5552
-+
-+#define LZO_DO1(buf,i) {s1 += buf[i]; s2 += s1;}
-+#define LZO_DO2(buf,i) LZO_DO1(buf,i); LZO_DO1(buf,i+1);
-+#define LZO_DO4(buf,i) LZO_DO2(buf,i); LZO_DO2(buf,i+2);
-+#define LZO_DO8(buf,i) LZO_DO4(buf,i); LZO_DO4(buf,i+4);
-+#define LZO_DO16(buf,i) LZO_DO8(buf,i); LZO_DO8(buf,i+8);
-+
-+# define IS_SIGNED(type) (((type) (-1)) < ((type) 0))
-+# define IS_UNSIGNED(type) (((type) (-1)) > ((type) 0))
-+
-+#define IS_POWER_OF_2(x) (((x) & ((x) - 1)) == 0)
-+
-+static lzo_bool schedule_insns_bug(void);
-+static lzo_bool strength_reduce_bug(int *);
-+
-+# define __lzo_assert(x) ((x) ? 1 : 0)
-+
-+#undef COMPILE_TIME_ASSERT
-+
-+# define COMPILE_TIME_ASSERT(expr) LZO_COMPILE_TIME_ASSERT(expr)
-+
-+static lzo_bool basic_integral_check(void)
-+{
-+ lzo_bool r = 1;
-+
-+ COMPILE_TIME_ASSERT(CHAR_BIT == 8);
-+ COMPILE_TIME_ASSERT(sizeof(char) == 1);
-+ COMPILE_TIME_ASSERT(sizeof(short) >= 2);
-+ COMPILE_TIME_ASSERT(sizeof(long) >= 4);
-+ COMPILE_TIME_ASSERT(sizeof(int) >= sizeof(short));
-+ COMPILE_TIME_ASSERT(sizeof(long) >= sizeof(int));
-+
-+ COMPILE_TIME_ASSERT(sizeof(lzo_uint) == sizeof(lzo_int));
-+ COMPILE_TIME_ASSERT(sizeof(lzo_uint32) == sizeof(lzo_int32));
-+
-+ COMPILE_TIME_ASSERT(sizeof(lzo_uint32) >= 4);
-+ COMPILE_TIME_ASSERT(sizeof(lzo_uint32) >= sizeof(unsigned));
-+#if defined(__LZO_STRICT_16BIT)
-+ COMPILE_TIME_ASSERT(sizeof(lzo_uint) == 2);
-+#else
-+ COMPILE_TIME_ASSERT(sizeof(lzo_uint) >= 4);
-+ COMPILE_TIME_ASSERT(sizeof(lzo_uint) >= sizeof(unsigned));
-+#endif
-+
-+#if (USHRT_MAX == 65535u)
-+ COMPILE_TIME_ASSERT(sizeof(short) == 2);
-+#elif (USHRT_MAX == LZO_0xffffffffL)
-+ COMPILE_TIME_ASSERT(sizeof(short) == 4);
-+#elif (USHRT_MAX >= LZO_0xffffffffL)
-+ COMPILE_TIME_ASSERT(sizeof(short) > 4);
-+#endif
-+#if 0 /* to make gcc happy -edward */
-+#if (UINT_MAX == 65535u)
-+ COMPILE_TIME_ASSERT(sizeof(int) == 2);
-+#elif (UINT_MAX == LZO_0xffffffffL)
-+ COMPILE_TIME_ASSERT(sizeof(int) == 4);
-+#elif (UINT_MAX >= LZO_0xffffffffL)
-+ COMPILE_TIME_ASSERT(sizeof(int) > 4);
-+#endif
-+#if (ULONG_MAX == 65535ul)
-+ COMPILE_TIME_ASSERT(sizeof(long) == 2);
-+#elif (ULONG_MAX == LZO_0xffffffffL)
-+ COMPILE_TIME_ASSERT(sizeof(long) == 4);
-+#elif (ULONG_MAX >= LZO_0xffffffffL)
-+ COMPILE_TIME_ASSERT(sizeof(long) > 4);
-+#endif
-+#if defined(SIZEOF_UNSIGNED)
-+ COMPILE_TIME_ASSERT(SIZEOF_UNSIGNED == sizeof(unsigned));
-+#endif
-+#if defined(SIZEOF_UNSIGNED_LONG)
-+ COMPILE_TIME_ASSERT(SIZEOF_UNSIGNED_LONG == sizeof(unsigned long));
-+#endif
-+#if defined(SIZEOF_UNSIGNED_SHORT)
-+ COMPILE_TIME_ASSERT(SIZEOF_UNSIGNED_SHORT == sizeof(unsigned short));
-+#endif
-+#if !defined(__LZO_IN_MINILZO)
-+#if defined(SIZEOF_SIZE_T)
-+ COMPILE_TIME_ASSERT(SIZEOF_SIZE_T == sizeof(size_t));
-+#endif
-+#endif
-+#endif /* -edward */
-+
-+ COMPILE_TIME_ASSERT(IS_UNSIGNED(unsigned char));
-+ COMPILE_TIME_ASSERT(IS_UNSIGNED(unsigned short));
-+ COMPILE_TIME_ASSERT(IS_UNSIGNED(unsigned));
-+ COMPILE_TIME_ASSERT(IS_UNSIGNED(unsigned long));
-+ COMPILE_TIME_ASSERT(IS_SIGNED(short));
-+ COMPILE_TIME_ASSERT(IS_SIGNED(int));
-+ COMPILE_TIME_ASSERT(IS_SIGNED(long));
-+
-+ COMPILE_TIME_ASSERT(IS_UNSIGNED(lzo_uint32));
-+ COMPILE_TIME_ASSERT(IS_UNSIGNED(lzo_uint));
-+ COMPILE_TIME_ASSERT(IS_SIGNED(lzo_int32));
-+ COMPILE_TIME_ASSERT(IS_SIGNED(lzo_int));
-+
-+ COMPILE_TIME_ASSERT(INT_MAX == LZO_STYPE_MAX(sizeof(int)));
-+ COMPILE_TIME_ASSERT(UINT_MAX == LZO_UTYPE_MAX(sizeof(unsigned)));
-+ COMPILE_TIME_ASSERT(LONG_MAX == LZO_STYPE_MAX(sizeof(long)));
-+ COMPILE_TIME_ASSERT(ULONG_MAX == LZO_UTYPE_MAX(sizeof(unsigned long)));
-+ // COMPILE_TIME_ASSERT(SHRT_MAX == LZO_STYPE_MAX(sizeof(short))); /* edward */
-+ COMPILE_TIME_ASSERT(USHRT_MAX == LZO_UTYPE_MAX(sizeof(unsigned short)));
-+ COMPILE_TIME_ASSERT(LZO_UINT32_MAX ==
-+ LZO_UTYPE_MAX(sizeof(lzo_uint32)));
-+ COMPILE_TIME_ASSERT(LZO_UINT_MAX == LZO_UTYPE_MAX(sizeof(lzo_uint)));
-+#if !defined(__LZO_IN_MINILZO)
-+ COMPILE_TIME_ASSERT(SIZE_T_MAX == LZO_UTYPE_MAX(sizeof(size_t)));
-+#endif
-+
-+ r &= __lzo_assert(LZO_BYTE(257) == 1);
-+
-+ return r;
-+}
-+
-+static lzo_bool basic_ptr_check(void)
-+{
-+ lzo_bool r = 1;
-+
-+ COMPILE_TIME_ASSERT(sizeof(char *) >= sizeof(int));
-+ COMPILE_TIME_ASSERT(sizeof(lzo_byte *) >= sizeof(char *));
-+
-+ COMPILE_TIME_ASSERT(sizeof(lzo_voidp) == sizeof(lzo_byte *));
-+ COMPILE_TIME_ASSERT(sizeof(lzo_voidp) == sizeof(lzo_voidpp));
-+ COMPILE_TIME_ASSERT(sizeof(lzo_voidp) == sizeof(lzo_bytepp));
-+ COMPILE_TIME_ASSERT(sizeof(lzo_voidp) >= sizeof(lzo_uint));
-+
-+ COMPILE_TIME_ASSERT(sizeof(lzo_ptr_t) == sizeof(lzo_voidp));
-+ COMPILE_TIME_ASSERT(sizeof(lzo_ptr_t) == sizeof(lzo_sptr_t));
-+ COMPILE_TIME_ASSERT(sizeof(lzo_ptr_t) >= sizeof(lzo_uint));
-+
-+ COMPILE_TIME_ASSERT(sizeof(lzo_ptrdiff_t) >= 4);
-+ COMPILE_TIME_ASSERT(sizeof(lzo_ptrdiff_t) >= sizeof(ptrdiff_t));
-+
-+ COMPILE_TIME_ASSERT(sizeof(ptrdiff_t) >= sizeof(size_t));
-+ COMPILE_TIME_ASSERT(sizeof(lzo_ptrdiff_t) >= sizeof(lzo_uint));
-+
-+#if defined(SIZEOF_CHAR_P)
-+ COMPILE_TIME_ASSERT(SIZEOF_CHAR_P == sizeof(char *));
-+#endif
-+#if defined(SIZEOF_PTRDIFF_T)
-+ COMPILE_TIME_ASSERT(SIZEOF_PTRDIFF_T == sizeof(ptrdiff_t));
-+#endif
-+
-+ COMPILE_TIME_ASSERT(IS_SIGNED(ptrdiff_t));
-+ COMPILE_TIME_ASSERT(IS_UNSIGNED(size_t));
-+ COMPILE_TIME_ASSERT(IS_SIGNED(lzo_ptrdiff_t));
-+ COMPILE_TIME_ASSERT(IS_SIGNED(lzo_sptr_t));
-+ COMPILE_TIME_ASSERT(IS_UNSIGNED(lzo_ptr_t));
-+ COMPILE_TIME_ASSERT(IS_UNSIGNED(lzo_moff_t));
-+
-+ return r;
-+}
-+
-+static lzo_bool ptr_check(void)
-+{
-+ lzo_bool r = 1;
-+ int i;
-+ char _wrkmem[10 * sizeof(lzo_byte *) + sizeof(lzo_full_align_t)];
-+ lzo_bytep wrkmem;
-+ lzo_bytepp dict;
-+ unsigned char x[4 * sizeof(lzo_full_align_t)];
-+ long d;
-+ lzo_full_align_t a;
-+ lzo_full_align_t u;
-+
-+ for (i = 0; i < (int)sizeof(x); i++)
-+ x[i] = LZO_BYTE(i);
-+
-+ wrkmem =
-+ LZO_PTR_ALIGN_UP((lzo_byte *) _wrkmem, sizeof(lzo_full_align_t));
-+
-+ u.a_lzo_bytep = wrkmem;
-+ dict = u.a_lzo_bytepp;
-+
-+ d = (long)((const lzo_bytep)dict - (const lzo_bytep)_wrkmem);
-+ r &= __lzo_assert(d >= 0);
-+ r &= __lzo_assert(d < (long)sizeof(lzo_full_align_t));
-+
-+ memset(&a, 0, sizeof(a));
-+ r &= __lzo_assert(a.a_lzo_voidp == NULL);
-+
-+ memset(&a, 0xff, sizeof(a));
-+ r &= __lzo_assert(a.a_ushort == USHRT_MAX);
-+ r &= __lzo_assert(a.a_uint == UINT_MAX);
-+ r &= __lzo_assert(a.a_ulong == ULONG_MAX);
-+ r &= __lzo_assert(a.a_lzo_uint == LZO_UINT_MAX);
-+ r &= __lzo_assert(a.a_lzo_uint32 == LZO_UINT32_MAX);
-+
-+ if (r == 1) {
-+ for (i = 0; i < 8; i++)
-+ r &= __lzo_assert((const lzo_voidp)(&dict[i]) ==
-+ (const
-+ lzo_voidp)(&wrkmem[i *
-+ sizeof(lzo_byte
-+ *)]));
-+ }
-+
-+ memset(&a, 0, sizeof(a));
-+ r &= __lzo_assert(a.a_char_p == NULL);
-+ r &= __lzo_assert(a.a_lzo_bytep == NULL);
-+ r &= __lzo_assert(NULL == (void *)0);
-+ if (r == 1) {
-+ for (i = 0; i < 10; i++)
-+ dict[i] = wrkmem;
-+ BZERO8_PTR(dict + 1, sizeof(dict[0]), 8);
-+ r &= __lzo_assert(dict[0] == wrkmem);
-+ for (i = 1; i < 9; i++)
-+ r &= __lzo_assert(dict[i] == NULL);
-+ r &= __lzo_assert(dict[9] == wrkmem);
-+ }
-+
-+ if (r == 1) {
-+ unsigned k = 1;
-+ const unsigned n = (unsigned)sizeof(lzo_uint32);
-+ lzo_byte *p0;
-+ lzo_byte *p1;
-+
-+ k += __lzo_align_gap(&x[k], n);
-+ p0 = (lzo_bytep) & x[k];
-+#if defined(PTR_LINEAR)
-+ r &= __lzo_assert((PTR_LINEAR(p0) & (n - 1)) == 0);
-+#else
-+ r &= __lzo_assert(n == 4);
-+ r &= __lzo_assert(PTR_ALIGNED_4(p0));
-+#endif
-+
-+ r &= __lzo_assert(k >= 1);
-+ p1 = (lzo_bytep) & x[1];
-+ r &= __lzo_assert(PTR_GE(p0, p1));
-+
-+ r &= __lzo_assert(k < 1 + n);
-+ p1 = (lzo_bytep) & x[1 + n];
-+ r &= __lzo_assert(PTR_LT(p0, p1));
-+
-+ if (r == 1) {
-+ lzo_uint32 v0, v1;
-+
-+ u.a_uchar_p = &x[k];
-+ v0 = *u.a_lzo_uint32_p;
-+ u.a_uchar_p = &x[k + n];
-+ v1 = *u.a_lzo_uint32_p;
-+
-+ r &= __lzo_assert(v0 > 0);
-+ r &= __lzo_assert(v1 > 0);
-+ }
-+ }
-+
-+ return r;
-+}
-+
-+static int _lzo_config_check(void)
-+{
-+ lzo_bool r = 1;
-+ int i;
-+ union {
-+ lzo_uint32 a;
-+ unsigned short b;
-+ lzo_uint32 aa[4];
-+ unsigned char x[4 * sizeof(lzo_full_align_t)];
-+ }
-+ u;
-+
-+ COMPILE_TIME_ASSERT((int)((unsigned char)((signed char)-1)) == 255);
-+ COMPILE_TIME_ASSERT((((unsigned char)128) << (int)(8 * sizeof(int) - 8))
-+ < 0);
-+
-+ r &= basic_integral_check();
-+ r &= basic_ptr_check();
-+ if (r != 1)
-+ return LZO_E_ERROR;
-+
-+ u.a = 0;
-+ u.b = 0;
-+ for (i = 0; i < (int)sizeof(u.x); i++)
-+ u.x[i] = LZO_BYTE(i);
-+
-+#if defined(LZO_BYTE_ORDER)
-+ if (r == 1) {
-+# if (LZO_BYTE_ORDER == LZO_LITTLE_ENDIAN)
-+ lzo_uint32 a = (lzo_uint32) (u.a & LZO_0xffffffffL);
-+ unsigned short b = (unsigned short)(u.b & 0xffff);
-+ r &= __lzo_assert(a == 0x03020100L);
-+ r &= __lzo_assert(b == 0x0100);
-+# elif (LZO_BYTE_ORDER == LZO_BIG_ENDIAN)
-+ lzo_uint32 a = u.a >> (8 * sizeof(u.a) - 32);
-+ unsigned short b = u.b >> (8 * sizeof(u.b) - 16);
-+ r &= __lzo_assert(a == 0x00010203L);
-+ r &= __lzo_assert(b == 0x0001);
-+# else
-+# error "invalid LZO_BYTE_ORDER"
-+# endif
-+ }
-+#endif
-+
-+#if defined(LZO_UNALIGNED_OK_2)
-+ COMPILE_TIME_ASSERT(sizeof(short) == 2);
-+ if (r == 1) {
-+ unsigned short b[4];
-+
-+ for (i = 0; i < 4; i++)
-+ b[i] = *(const unsigned short *)&u.x[i];
-+
-+# if (LZO_BYTE_ORDER == LZO_LITTLE_ENDIAN)
-+ r &= __lzo_assert(b[0] == 0x0100);
-+ r &= __lzo_assert(b[1] == 0x0201);
-+ r &= __lzo_assert(b[2] == 0x0302);
-+ r &= __lzo_assert(b[3] == 0x0403);
-+# elif (LZO_BYTE_ORDER == LZO_BIG_ENDIAN)
-+ r &= __lzo_assert(b[0] == 0x0001);
-+ r &= __lzo_assert(b[1] == 0x0102);
-+ r &= __lzo_assert(b[2] == 0x0203);
-+ r &= __lzo_assert(b[3] == 0x0304);
-+# endif
-+ }
-+#endif
-+
-+#if defined(LZO_UNALIGNED_OK_4)
-+ COMPILE_TIME_ASSERT(sizeof(lzo_uint32) == 4);
-+ if (r == 1) {
-+ lzo_uint32 a[4];
-+
-+ for (i = 0; i < 4; i++)
-+ a[i] = *(const lzo_uint32 *)&u.x[i];
-+
-+# if (LZO_BYTE_ORDER == LZO_LITTLE_ENDIAN)
-+ r &= __lzo_assert(a[0] == 0x03020100L);
-+ r &= __lzo_assert(a[1] == 0x04030201L);
-+ r &= __lzo_assert(a[2] == 0x05040302L);
-+ r &= __lzo_assert(a[3] == 0x06050403L);
-+# elif (LZO_BYTE_ORDER == LZO_BIG_ENDIAN)
-+ r &= __lzo_assert(a[0] == 0x00010203L);
-+ r &= __lzo_assert(a[1] == 0x01020304L);
-+ r &= __lzo_assert(a[2] == 0x02030405L);
-+ r &= __lzo_assert(a[3] == 0x03040506L);
-+# endif
-+ }
-+#endif
-+
-+#if defined(LZO_ALIGNED_OK_4)
-+ COMPILE_TIME_ASSERT(sizeof(lzo_uint32) == 4);
-+#endif
-+
-+ COMPILE_TIME_ASSERT(lzo_sizeof_dict_t == sizeof(lzo_dict_t));
-+
-+ if (r == 1) {
-+ r &= __lzo_assert(!schedule_insns_bug());
-+ }
-+
-+ if (r == 1) {
-+ static int x[3];
-+ static unsigned xn = 3;
-+ register unsigned j;
-+
-+ for (j = 0; j < xn; j++)
-+ x[j] = (int)j - 3;
-+ r &= __lzo_assert(!strength_reduce_bug(x));
-+ }
-+
-+ if (r == 1) {
-+ r &= ptr_check();
-+ }
-+
-+ return r == 1 ? LZO_E_OK : LZO_E_ERROR;
-+}
-+
-+static lzo_bool schedule_insns_bug(void)
-+{
-+#if defined(__LZO_CHECKER)
-+ return 0;
-+#else
-+ const int clone[] = { 1, 2, 0 };
-+ const int *q;
-+ q = clone;
-+ return (*q) ? 0 : 1;
-+#endif
-+}
-+
-+static lzo_bool strength_reduce_bug(int *x)
-+{
-+ return x[0] != -3 || x[1] != -2 || x[2] != -1;
-+}
-+
-+#undef COMPILE_TIME_ASSERT
-+
-+LZO_PUBLIC(int)
-+ __lzo_init2(unsigned v, int s1, int s2, int s3, int s4, int s5,
-+ int s6, int s7, int s8, int s9)
-+{
-+ int r;
-+
-+ if (v == 0)
-+ return LZO_E_ERROR;
-+
-+ r = (s1 == -1 || s1 == (int)sizeof(short)) &&
-+ (s2 == -1 || s2 == (int)sizeof(int)) &&
-+ (s3 == -1 || s3 == (int)sizeof(long)) &&
-+ (s4 == -1 || s4 == (int)sizeof(lzo_uint32)) &&
-+ (s5 == -1 || s5 == (int)sizeof(lzo_uint)) &&
-+ (s6 == -1 || s6 == (int)lzo_sizeof_dict_t) &&
-+ (s7 == -1 || s7 == (int)sizeof(char *)) &&
-+ (s8 == -1 || s8 == (int)sizeof(lzo_voidp)) &&
-+ (s9 == -1 || s9 == (int)sizeof(lzo_compress_t));
-+ if (!r)
-+ return LZO_E_ERROR;
-+
-+ r = _lzo_config_check();
-+ if (r != LZO_E_OK)
-+ return r;
-+
-+ return r;
-+}
-+
-+#if !defined(__LZO_IN_MINILZO)
-+
-+LZO_EXTERN(int)
-+ __lzo_init(unsigned v, int s1, int s2, int s3, int s4, int s5, int s6, int s7);
-+
-+LZO_PUBLIC(int)
-+__lzo_init(unsigned v, int s1, int s2, int s3, int s4, int s5, int s6, int s7)
-+{
-+ if (v == 0 || v > 0x1010)
-+ return LZO_E_ERROR;
-+ return __lzo_init2(v, s1, s2, s3, s4, s5, -1, -1, s6, s7);
-+}
-+
-+#endif
-+
-+#define do_compress _lzo1x_1_do_compress
-+
-+#define LZO_NEED_DICT_H
-+#define D_BITS 14
-+#define D_INDEX1(d,p) d = DM((0x21*DX3(p,5,5,6)) >> 5)
-+#define D_INDEX2(d,p) d = (d & (D_MASK & 0x7ff)) ^ (D_HIGH | 0x1f)
-+
-+#ifndef __LZO_CONFIG1X_H
-+#define __LZO_CONFIG1X_H
-+
-+#if !defined(LZO1X) && !defined(LZO1Y) && !defined(LZO1Z)
-+# define LZO1X
-+#endif
-+
-+#if !defined(__LZO_IN_MINILZO)
-+#include <lzo1x.h>
-+#endif
-+
-+#define LZO_EOF_CODE
-+#undef LZO_DETERMINISTIC
-+
-+#define M1_MAX_OFFSET 0x0400
-+#ifndef M2_MAX_OFFSET
-+#define M2_MAX_OFFSET 0x0800
-+#endif
-+#define M3_MAX_OFFSET 0x4000
-+#define M4_MAX_OFFSET 0xbfff
-+
-+#define MX_MAX_OFFSET (M1_MAX_OFFSET + M2_MAX_OFFSET)
-+
-+#define M1_MIN_LEN 2
-+#define M1_MAX_LEN 2
-+#define M2_MIN_LEN 3
-+#ifndef M2_MAX_LEN
-+#define M2_MAX_LEN 8
-+#endif
-+#define M3_MIN_LEN 3
-+#define M3_MAX_LEN 33
-+#define M4_MIN_LEN 3
-+#define M4_MAX_LEN 9
-+
-+#define M1_MARKER 0
-+#define M2_MARKER 64
-+#define M3_MARKER 32
-+#define M4_MARKER 16
-+
-+#ifndef MIN_LOOKAHEAD
-+#define MIN_LOOKAHEAD (M2_MAX_LEN + 1)
-+#endif
-+
-+#if defined(LZO_NEED_DICT_H)
-+
-+#ifndef LZO_HASH
-+#define LZO_HASH LZO_HASH_LZO_INCREMENTAL_B
-+#endif
-+#define DL_MIN_LEN M2_MIN_LEN
-+
-+#ifndef __LZO_DICT_H
-+#define __LZO_DICT_H
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+#if !defined(D_BITS) && defined(DBITS)
-+# define D_BITS DBITS
-+#endif
-+#if !defined(D_BITS)
-+# error "D_BITS is not defined"
-+#endif
-+#if (D_BITS < 16)
-+# define D_SIZE LZO_SIZE(D_BITS)
-+# define D_MASK LZO_MASK(D_BITS)
-+#else
-+# define D_SIZE LZO_USIZE(D_BITS)
-+# define D_MASK LZO_UMASK(D_BITS)
-+#endif
-+#define D_HIGH ((D_MASK >> 1) + 1)
-+
-+#if !defined(DD_BITS)
-+# define DD_BITS 0
-+#endif
-+#define DD_SIZE LZO_SIZE(DD_BITS)
-+#define DD_MASK LZO_MASK(DD_BITS)
-+
-+#if !defined(DL_BITS)
-+# define DL_BITS (D_BITS - DD_BITS)
-+#endif
-+#if (DL_BITS < 16)
-+# define DL_SIZE LZO_SIZE(DL_BITS)
-+# define DL_MASK LZO_MASK(DL_BITS)
-+#else
-+# define DL_SIZE LZO_USIZE(DL_BITS)
-+# define DL_MASK LZO_UMASK(DL_BITS)
-+#endif
-+
-+#if (D_BITS != DL_BITS + DD_BITS)
-+# error "D_BITS does not match"
-+#endif
-+#if (D_BITS < 8 || D_BITS > 18)
-+# error "invalid D_BITS"
-+#endif
-+#if (DL_BITS < 8 || DL_BITS > 20)
-+# error "invalid DL_BITS"
-+#endif
-+#if (DD_BITS < 0 || DD_BITS > 6)
-+# error "invalid DD_BITS"
-+#endif
-+
-+#if !defined(DL_MIN_LEN)
-+# define DL_MIN_LEN 3
-+#endif
-+#if !defined(DL_SHIFT)
-+# define DL_SHIFT ((DL_BITS + (DL_MIN_LEN - 1)) / DL_MIN_LEN)
-+#endif
-+
-+#define LZO_HASH_GZIP 1
-+#define LZO_HASH_GZIP_INCREMENTAL 2
-+#define LZO_HASH_LZO_INCREMENTAL_A 3
-+#define LZO_HASH_LZO_INCREMENTAL_B 4
-+
-+#if !defined(LZO_HASH)
-+# error "choose a hashing strategy"
-+#endif
-+
-+#if (DL_MIN_LEN == 3)
-+# define _DV2_A(p,shift1,shift2) \
-+ (((( (lzo_uint32)((p)[0]) << shift1) ^ (p)[1]) << shift2) ^ (p)[2])
-+# define _DV2_B(p,shift1,shift2) \
-+ (((( (lzo_uint32)((p)[2]) << shift1) ^ (p)[1]) << shift2) ^ (p)[0])
-+# define _DV3_B(p,shift1,shift2,shift3) \
-+ ((_DV2_B((p)+1,shift1,shift2) << (shift3)) ^ (p)[0])
-+#elif (DL_MIN_LEN == 2)
-+# define _DV2_A(p,shift1,shift2) \
-+ (( (lzo_uint32)(p[0]) << shift1) ^ p[1])
-+# define _DV2_B(p,shift1,shift2) \
-+ (( (lzo_uint32)(p[1]) << shift1) ^ p[2])
-+#else
-+# error "invalid DL_MIN_LEN"
-+#endif
-+#define _DV_A(p,shift) _DV2_A(p,shift,shift)
-+#define _DV_B(p,shift) _DV2_B(p,shift,shift)
-+#define DA2(p,s1,s2) \
-+ (((((lzo_uint32)((p)[2]) << (s2)) + (p)[1]) << (s1)) + (p)[0])
-+#define DS2(p,s1,s2) \
-+ (((((lzo_uint32)((p)[2]) << (s2)) - (p)[1]) << (s1)) - (p)[0])
-+#define DX2(p,s1,s2) \
-+ (((((lzo_uint32)((p)[2]) << (s2)) ^ (p)[1]) << (s1)) ^ (p)[0])
-+#define DA3(p,s1,s2,s3) ((DA2((p)+1,s2,s3) << (s1)) + (p)[0])
-+#define DS3(p,s1,s2,s3) ((DS2((p)+1,s2,s3) << (s1)) - (p)[0])
-+#define DX3(p,s1,s2,s3) ((DX2((p)+1,s2,s3) << (s1)) ^ (p)[0])
-+#define DMS(v,s) ((lzo_uint) (((v) & (D_MASK >> (s))) << (s)))
-+#define DM(v) DMS(v,0)
-+
-+#if (LZO_HASH == LZO_HASH_GZIP)
-+# define _DINDEX(dv,p) (_DV_A((p),DL_SHIFT))
-+
-+#elif (LZO_HASH == LZO_HASH_GZIP_INCREMENTAL)
-+# define __LZO_HASH_INCREMENTAL
-+# define DVAL_FIRST(dv,p) dv = _DV_A((p),DL_SHIFT)
-+# define DVAL_NEXT(dv,p) dv = (((dv) << DL_SHIFT) ^ p[2])
-+# define _DINDEX(dv,p) (dv)
-+# define DVAL_LOOKAHEAD DL_MIN_LEN
-+
-+#elif (LZO_HASH == LZO_HASH_LZO_INCREMENTAL_A)
-+# define __LZO_HASH_INCREMENTAL
-+# define DVAL_FIRST(dv,p) dv = _DV_A((p),5)
-+# define DVAL_NEXT(dv,p) \
-+ dv ^= (lzo_uint32)(p[-1]) << (2*5); dv = (((dv) << 5) ^ p[2])
-+# define _DINDEX(dv,p) ((0x9f5f * (dv)) >> 5)
-+# define DVAL_LOOKAHEAD DL_MIN_LEN
-+
-+#elif (LZO_HASH == LZO_HASH_LZO_INCREMENTAL_B)
-+# define __LZO_HASH_INCREMENTAL
-+# define DVAL_FIRST(dv,p) dv = _DV_B((p),5)
-+# define DVAL_NEXT(dv,p) \
-+ dv ^= p[-1]; dv = (((dv) >> 5) ^ ((lzo_uint32)(p[2]) << (2*5)))
-+# define _DINDEX(dv,p) ((0x9f5f * (dv)) >> 5)
-+# define DVAL_LOOKAHEAD DL_MIN_LEN
-+
-+#else
-+# error "choose a hashing strategy"
-+#endif
-+
-+#ifndef DINDEX
-+#define DINDEX(dv,p) ((lzo_uint)((_DINDEX(dv,p)) & DL_MASK) << DD_BITS)
-+#endif
-+#if !defined(DINDEX1) && defined(D_INDEX1)
-+#define DINDEX1 D_INDEX1
-+#endif
-+#if !defined(DINDEX2) && defined(D_INDEX2)
-+#define DINDEX2 D_INDEX2
-+#endif
-+
-+#if !defined(__LZO_HASH_INCREMENTAL)
-+# define DVAL_FIRST(dv,p) ((void) 0)
-+# define DVAL_NEXT(dv,p) ((void) 0)
-+# define DVAL_LOOKAHEAD 0
-+#endif
-+
-+#if !defined(DVAL_ASSERT)
-+#if defined(__LZO_HASH_INCREMENTAL) && !defined(NDEBUG)
-+ static void DVAL_ASSERT(lzo_uint32 dv, const lzo_byte * p) {
-+ lzo_uint32 df;
-+ DVAL_FIRST(df, (p));
-+ assert(DINDEX(dv, p) == DINDEX(df, p));
-+ }
-+#else
-+# define DVAL_ASSERT(dv,p) ((void) 0)
-+#endif
-+#endif
-+
-+#if defined(LZO_DICT_USE_PTR)
-+# define DENTRY(p,in) (p)
-+# define GINDEX(m_pos,m_off,dict,dindex,in) m_pos = dict[dindex]
-+#else
-+# define DENTRY(p,in) ((lzo_uint) ((p)-(in)))
-+# define GINDEX(m_pos,m_off,dict,dindex,in) m_off = dict[dindex]
-+#endif
-+
-+#if (DD_BITS == 0)
-+
-+# define UPDATE_D(dict,drun,dv,p,in) dict[ DINDEX(dv,p) ] = DENTRY(p,in)
-+# define UPDATE_I(dict,drun,index,p,in) dict[index] = DENTRY(p,in)
-+# define UPDATE_P(ptr,drun,p,in) (ptr)[0] = DENTRY(p,in)
-+
-+#else
-+
-+# define UPDATE_D(dict,drun,dv,p,in) \
-+ dict[ DINDEX(dv,p) + drun++ ] = DENTRY(p,in); drun &= DD_MASK
-+# define UPDATE_I(dict,drun,index,p,in) \
-+ dict[ (index) + drun++ ] = DENTRY(p,in); drun &= DD_MASK
-+# define UPDATE_P(ptr,drun,p,in) \
-+ (ptr) [ drun++ ] = DENTRY(p,in); drun &= DD_MASK
-+
-+#endif
-+
-+#if defined(LZO_DICT_USE_PTR)
-+
-+#define LZO_CHECK_MPOS_DET(m_pos,m_off,in,ip,max_offset) \
-+ (m_pos == NULL || (m_off = (lzo_moff_t) (ip - m_pos)) > max_offset)
-+
-+#define LZO_CHECK_MPOS_NON_DET(m_pos,m_off,in,ip,max_offset) \
-+ (BOUNDS_CHECKING_OFF_IN_EXPR( \
-+ (PTR_LT(m_pos,in) || \
-+ (m_off = (lzo_moff_t) PTR_DIFF(ip,m_pos)) <= 0 || \
-+ m_off > max_offset) ))
-+
-+#else
-+
-+#define LZO_CHECK_MPOS_DET(m_pos,m_off,in,ip,max_offset) \
-+ (m_off == 0 || \
-+ ((m_off = (lzo_moff_t) ((ip)-(in)) - m_off) > max_offset) || \
-+ (m_pos = (ip) - (m_off), 0) )
-+
-+#define LZO_CHECK_MPOS_NON_DET(m_pos,m_off,in,ip,max_offset) \
-+ ((lzo_moff_t) ((ip)-(in)) <= m_off || \
-+ ((m_off = (lzo_moff_t) ((ip)-(in)) - m_off) > max_offset) || \
-+ (m_pos = (ip) - (m_off), 0) )
-+
-+#endif
-+
-+#if defined(LZO_DETERMINISTIC)
-+# define LZO_CHECK_MPOS LZO_CHECK_MPOS_DET
-+#else
-+# define LZO_CHECK_MPOS LZO_CHECK_MPOS_NON_DET
-+#endif
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+#endif
-+#endif
-+#endif
-+#define DO_COMPRESS lzo1x_1_compress
-+static
-+lzo_uint do_compress(const lzo_byte * in, lzo_uint in_len,
-+ lzo_byte * out, lzo_uintp out_len, lzo_voidp wrkmem)
-+{
-+ register const lzo_byte *ip;
-+ lzo_byte *op;
-+ const lzo_byte *const in_end = in + in_len;
-+ const lzo_byte *const ip_end = in + in_len - M2_MAX_LEN - 5;
-+ const lzo_byte *ii;
-+ lzo_dict_p const dict = (lzo_dict_p) wrkmem;
-+
-+ op = out;
-+ ip = in;
-+ ii = ip;
-+
-+ ip += 4;
-+ for (;;) {
-+ register const lzo_byte *m_pos;
-+
-+ lzo_moff_t m_off;
-+ lzo_uint m_len;
-+ lzo_uint dindex;
-+
-+ DINDEX1(dindex, ip);
-+ GINDEX(m_pos, m_off, dict, dindex, in);
-+ if (LZO_CHECK_MPOS_NON_DET(m_pos, m_off, in, ip, M4_MAX_OFFSET))
-+ goto literal;
-+#if 1
-+ if (m_off <= M2_MAX_OFFSET || m_pos[3] == ip[3])
-+ goto try_match;
-+ DINDEX2(dindex, ip);
-+#endif
-+ GINDEX(m_pos, m_off, dict, dindex, in);
-+ if (LZO_CHECK_MPOS_NON_DET(m_pos, m_off, in, ip, M4_MAX_OFFSET))
-+ goto literal;
-+ if (m_off <= M2_MAX_OFFSET || m_pos[3] == ip[3])
-+ goto try_match;
-+ goto literal;
-+
-+ try_match:
-+#if 1 && defined(LZO_UNALIGNED_OK_2)
-+ if (*(const lzo_ushortp)m_pos != *(const lzo_ushortp)ip) {
-+#else
-+ if (m_pos[0] != ip[0] || m_pos[1] != ip[1]) {
-+#endif
-+ ;
-+ } else {
-+ if (m_pos[2] == ip[2]) {
-+ goto match;
-+ } else {
-+ ;
-+ }
-+ }
-+
-+ literal:
-+ UPDATE_I(dict, 0, dindex, ip, in);
-+ ++ip;
-+ if (ip >= ip_end)
-+ break;
-+ continue;
-+
-+ match:
-+ UPDATE_I(dict, 0, dindex, ip, in);
-+ if (pd(ip, ii) > 0) {
-+ register lzo_uint t = pd(ip, ii);
-+
-+ if (t <= 3) {
-+ assert("lzo-04", op - 2 > out);
-+ op[-2] |= LZO_BYTE(t);
-+ } else if (t <= 18)
-+ *op++ = LZO_BYTE(t - 3);
-+ else {
-+ register lzo_uint tt = t - 18;
-+
-+ *op++ = 0;
-+ while (tt > 255) {
-+ tt -= 255;
-+ *op++ = 0;
-+ }
-+ assert("lzo-05", tt > 0);
-+ *op++ = LZO_BYTE(tt);
-+ }
-+ do
-+ *op++ = *ii++;
-+ while (--t > 0);
-+ }
-+
-+ assert("lzo-06", ii == ip);
-+ ip += 3;
-+ if (m_pos[3] != *ip++ || m_pos[4] != *ip++ || m_pos[5] != *ip++
-+ || m_pos[6] != *ip++ || m_pos[7] != *ip++
-+ || m_pos[8] != *ip++
-+#ifdef LZO1Y
-+ || m_pos[9] != *ip++ || m_pos[10] != *ip++
-+ || m_pos[11] != *ip++ || m_pos[12] != *ip++
-+ || m_pos[13] != *ip++ || m_pos[14] != *ip++
-+#endif
-+ ) {
-+ --ip;
-+ m_len = ip - ii;
-+ assert("lzo-07", m_len >= 3);
-+ assert("lzo-08", m_len <= M2_MAX_LEN);
-+
-+ if (m_off <= M2_MAX_OFFSET) {
-+ m_off -= 1;
-+#if defined(LZO1X)
-+ *op++ =
-+ LZO_BYTE(((m_len -
-+ 1) << 5) | ((m_off & 7) << 2));
-+ *op++ = LZO_BYTE(m_off >> 3);
-+#elif defined(LZO1Y)
-+ *op++ =
-+ LZO_BYTE(((m_len +
-+ 1) << 4) | ((m_off & 3) << 2));
-+ *op++ = LZO_BYTE(m_off >> 2);
-+#endif
-+ } else if (m_off <= M3_MAX_OFFSET) {
-+ m_off -= 1;
-+ *op++ = LZO_BYTE(M3_MARKER | (m_len - 2));
-+ goto m3_m4_offset;
-+ } else
-+#if defined(LZO1X)
-+ {
-+ m_off -= 0x4000;
-+ assert("lzo-09", m_off > 0);
-+ assert("lzo-10", m_off <= 0x7fff);
-+ *op++ = LZO_BYTE(M4_MARKER |
-+ ((m_off & 0x4000) >> 11) |
-+ (m_len - 2));
-+ goto m3_m4_offset;
-+ }
-+#elif defined(LZO1Y)
-+ goto m4_match;
-+#endif
-+ } else {
-+ {
-+ const lzo_byte *end = in_end;
-+ const lzo_byte *m = m_pos + M2_MAX_LEN + 1;
-+ while (ip < end && *m == *ip)
-+ m++, ip++;
-+ m_len = (ip - ii);
-+ }
-+ assert("lzo-11", m_len > M2_MAX_LEN);
-+
-+ if (m_off <= M3_MAX_OFFSET) {
-+ m_off -= 1;
-+ if (m_len <= 33)
-+ *op++ =
-+ LZO_BYTE(M3_MARKER | (m_len - 2));
-+ else {
-+ m_len -= 33;
-+ *op++ = M3_MARKER | 0;
-+ goto m3_m4_len;
-+ }
-+ } else {
-+#if defined(LZO1Y)
-+ m4_match:
-+#endif
-+ m_off -= 0x4000;
-+ assert("lzo-12", m_off > 0);
-+ assert("lzo-13", m_off <= 0x7fff);
-+ if (m_len <= M4_MAX_LEN)
-+ *op++ = LZO_BYTE(M4_MARKER |
-+ ((m_off & 0x4000) >>
-+ 11) | (m_len - 2));
-+ else {
-+ m_len -= M4_MAX_LEN;
-+ *op++ =
-+ LZO_BYTE(M4_MARKER |
-+ ((m_off & 0x4000) >> 11));
-+ m3_m4_len:
-+ while (m_len > 255) {
-+ m_len -= 255;
-+ *op++ = 0;
-+ }
-+ assert("lzo-14", m_len > 0);
-+ *op++ = LZO_BYTE(m_len);
-+ }
-+ }
-+
-+ m3_m4_offset:
-+ *op++ = LZO_BYTE((m_off & 63) << 2);
-+ *op++ = LZO_BYTE(m_off >> 6);
-+ }
-+
-+ ii = ip;
-+ if (ip >= ip_end)
-+ break;
-+ }
-+
-+ *out_len = op - out;
-+ return pd(in_end, ii);
-+}
-+
-+LZO_PUBLIC(int)
-+ DO_COMPRESS(const lzo_byte * in, lzo_uint in_len,
-+ lzo_byte * out, lzo_uintp out_len, lzo_voidp wrkmem)
-+{
-+ lzo_byte *op = out;
-+ lzo_uint t;
-+
-+#if defined(__LZO_QUERY_COMPRESS)
-+ if (__LZO_IS_COMPRESS_QUERY(in, in_len, out, out_len, wrkmem))
-+ return __LZO_QUERY_COMPRESS(in, in_len, out, out_len, wrkmem,
-+ D_SIZE, lzo_sizeof(lzo_dict_t));
-+#endif
-+
-+ if (in_len <= M2_MAX_LEN + 5)
-+ t = in_len;
-+ else {
-+ t = do_compress(in, in_len, op, out_len, wrkmem);
-+ op += *out_len;
-+ }
-+
-+ if (t > 0) {
-+ const lzo_byte *ii = in + in_len - t;
-+
-+ if (op == out && t <= 238)
-+ *op++ = LZO_BYTE(17 + t);
-+ else if (t <= 3)
-+ op[-2] |= LZO_BYTE(t);
-+ else if (t <= 18)
-+ *op++ = LZO_BYTE(t - 3);
-+ else {
-+ lzo_uint tt = t - 18;
-+
-+ *op++ = 0;
-+ while (tt > 255) {
-+ tt -= 255;
-+ *op++ = 0;
-+ }
-+ assert("lzo-15", tt > 0);
-+ *op++ = LZO_BYTE(tt);
-+ }
-+ do
-+ *op++ = *ii++;
-+ while (--t > 0);
-+ }
-+
-+ *op++ = M4_MARKER | 1;
-+ *op++ = 0;
-+ *op++ = 0;
-+
-+ *out_len = op - out;
-+ return LZO_E_OK;
-+}
-+
-+#undef do_compress
-+#undef DO_COMPRESS
-+#undef LZO_HASH
-+
-+#undef LZO_TEST_DECOMPRESS_OVERRUN
-+#undef LZO_TEST_DECOMPRESS_OVERRUN_INPUT
-+#undef LZO_TEST_DECOMPRESS_OVERRUN_OUTPUT
-+#undef LZO_TEST_DECOMPRESS_OVERRUN_LOOKBEHIND
-+#undef DO_DECOMPRESS
-+#define DO_DECOMPRESS lzo1x_decompress
-+
-+#if defined(LZO_TEST_DECOMPRESS_OVERRUN)
-+# if !defined(LZO_TEST_DECOMPRESS_OVERRUN_INPUT)
-+# define LZO_TEST_DECOMPRESS_OVERRUN_INPUT 2
-+# endif
-+# if !defined(LZO_TEST_DECOMPRESS_OVERRUN_OUTPUT)
-+# define LZO_TEST_DECOMPRESS_OVERRUN_OUTPUT 2
-+# endif
-+# if !defined(LZO_TEST_DECOMPRESS_OVERRUN_LOOKBEHIND)
-+# define LZO_TEST_DECOMPRESS_OVERRUN_LOOKBEHIND
-+# endif
-+#endif
-+
-+#undef TEST_IP
-+#undef TEST_OP
-+#undef TEST_LOOKBEHIND
-+#undef NEED_IP
-+#undef NEED_OP
-+#undef HAVE_TEST_IP
-+#undef HAVE_TEST_OP
-+#undef HAVE_NEED_IP
-+#undef HAVE_NEED_OP
-+#undef HAVE_ANY_IP
-+#undef HAVE_ANY_OP
-+
-+#if defined(LZO_TEST_DECOMPRESS_OVERRUN_INPUT)
-+# if (LZO_TEST_DECOMPRESS_OVERRUN_INPUT >= 1)
-+# define TEST_IP (ip < ip_end)
-+# endif
-+# if (LZO_TEST_DECOMPRESS_OVERRUN_INPUT >= 2)
-+# define NEED_IP(x) \
-+ if ((lzo_uint)(ip_end - ip) < (lzo_uint)(x)) goto input_overrun
-+# endif
-+#endif
-+
-+#if defined(LZO_TEST_DECOMPRESS_OVERRUN_OUTPUT)
-+# if (LZO_TEST_DECOMPRESS_OVERRUN_OUTPUT >= 1)
-+# define TEST_OP (op <= op_end)
-+# endif
-+# if (LZO_TEST_DECOMPRESS_OVERRUN_OUTPUT >= 2)
-+# undef TEST_OP
-+# define NEED_OP(x) \
-+ if ((lzo_uint)(op_end - op) < (lzo_uint)(x)) goto output_overrun
-+# endif
-+#endif
-+
-+#if defined(LZO_TEST_DECOMPRESS_OVERRUN_LOOKBEHIND)
-+# define TEST_LOOKBEHIND(m_pos,out) if (m_pos < out) goto lookbehind_overrun
-+#else
-+# define TEST_LOOKBEHIND(m_pos,op) ((void) 0)
-+#endif
-+
-+#if !defined(LZO_EOF_CODE) && !defined(TEST_IP)
-+# define TEST_IP (ip < ip_end)
-+#endif
-+
-+#if defined(TEST_IP)
-+# define HAVE_TEST_IP
-+#else
-+# define TEST_IP 1
-+#endif
-+#if defined(TEST_OP)
-+# define HAVE_TEST_OP
-+#else
-+# define TEST_OP 1
-+#endif
-+
-+#if defined(NEED_IP)
-+# define HAVE_NEED_IP
-+#else
-+# define NEED_IP(x) ((void) 0)
-+#endif
-+#if defined(NEED_OP)
-+# define HAVE_NEED_OP
-+#else
-+# define NEED_OP(x) ((void) 0)
-+#endif
-+
-+#if defined(HAVE_TEST_IP) || defined(HAVE_NEED_IP)
-+# define HAVE_ANY_IP
-+#endif
-+#if defined(HAVE_TEST_OP) || defined(HAVE_NEED_OP)
-+# define HAVE_ANY_OP
-+#endif
-+
-+#undef __COPY4
-+#define __COPY4(dst,src) * (lzo_uint32p)(dst) = * (const lzo_uint32p)(src)
-+
-+#undef COPY4
-+#if defined(LZO_UNALIGNED_OK_4)
-+# define COPY4(dst,src) __COPY4(dst,src)
-+#elif defined(LZO_ALIGNED_OK_4)
-+# define COPY4(dst,src) __COPY4((lzo_ptr_t)(dst),(lzo_ptr_t)(src))
-+#endif
-+
-+#if defined(DO_DECOMPRESS)
-+LZO_PUBLIC(int)
-+ DO_DECOMPRESS(const lzo_byte * in, lzo_uint in_len,
-+ lzo_byte * out, lzo_uintp out_len, lzo_voidp wrkmem)
-+#endif
-+{
-+ register lzo_byte *op;
-+ register const lzo_byte *ip;
-+ register lzo_uint t;
-+#if defined(COPY_DICT)
-+ lzo_uint m_off;
-+ const lzo_byte *dict_end;
-+#else
-+ register const lzo_byte *m_pos;
-+#endif
-+
-+ const lzo_byte *const ip_end = in + in_len;
-+#if defined(HAVE_ANY_OP)
-+ lzo_byte *const op_end = out + *out_len;
-+#endif
-+#if defined(LZO1Z)
-+ lzo_uint last_m_off = 0;
-+#endif
-+
-+ LZO_UNUSED(wrkmem);
-+
-+#if defined(__LZO_QUERY_DECOMPRESS)
-+ if (__LZO_IS_DECOMPRESS_QUERY(in, in_len, out, out_len, wrkmem))
-+ return __LZO_QUERY_DECOMPRESS(in, in_len, out, out_len, wrkmem,
-+ 0, 0);
-+#endif
-+
-+#if defined(COPY_DICT)
-+ if (dict) {
-+ if (dict_len > M4_MAX_OFFSET) {
-+ dict += dict_len - M4_MAX_OFFSET;
-+ dict_len = M4_MAX_OFFSET;
-+ }
-+ dict_end = dict + dict_len;
-+ } else {
-+ dict_len = 0;
-+ dict_end = NULL;
-+ }
-+#endif
-+
-+ *out_len = 0;
-+
-+ op = out;
-+ ip = in;
-+
-+ if (*ip > 17) {
-+ t = *ip++ - 17;
-+ if (t < 4)
-+ goto match_next;
-+ assert("lzo-16", t > 0);
-+ NEED_OP(t);
-+ NEED_IP(t + 1);
-+ do
-+ *op++ = *ip++;
-+ while (--t > 0);
-+ goto first_literal_run;
-+ }
-+
-+ while (TEST_IP && TEST_OP) {
-+ t = *ip++;
-+ if (t >= 16)
-+ goto match;
-+ if (t == 0) {
-+ NEED_IP(1);
-+ while (*ip == 0) {
-+ t += 255;
-+ ip++;
-+ NEED_IP(1);
-+ }
-+ t += 15 + *ip++;
-+ }
-+ assert("lzo-17", t > 0);
-+ NEED_OP(t + 3);
-+ NEED_IP(t + 4);
-+#if defined(LZO_UNALIGNED_OK_4) || defined(LZO_ALIGNED_OK_4)
-+#if !defined(LZO_UNALIGNED_OK_4)
-+ if (PTR_ALIGNED2_4(op, ip)) {
-+#endif
-+ COPY4(op, ip);
-+ op += 4;
-+ ip += 4;
-+ if (--t > 0) {
-+ if (t >= 4) {
-+ do {
-+ COPY4(op, ip);
-+ op += 4;
-+ ip += 4;
-+ t -= 4;
-+ } while (t >= 4);
-+ if (t > 0)
-+ do
-+ *op++ = *ip++;
-+ while (--t > 0);
-+ } else
-+ do
-+ *op++ = *ip++;
-+ while (--t > 0);
-+ }
-+#if !defined(LZO_UNALIGNED_OK_4)
-+ } else
-+#endif
-+#endif
-+#if !defined(LZO_UNALIGNED_OK_4)
-+ {
-+ *op++ = *ip++;
-+ *op++ = *ip++;
-+ *op++ = *ip++;
-+ do
-+ *op++ = *ip++;
-+ while (--t > 0);
-+ }
-+#endif
-+
-+ first_literal_run:
-+
-+ t = *ip++;
-+ if (t >= 16)
-+ goto match;
-+#if defined(COPY_DICT)
-+#if defined(LZO1Z)
-+ m_off = (1 + M2_MAX_OFFSET) + (t << 6) + (*ip++ >> 2);
-+ last_m_off = m_off;
-+#else
-+ m_off = (1 + M2_MAX_OFFSET) + (t >> 2) + (*ip++ << 2);
-+#endif
-+ NEED_OP(3);
-+ t = 3;
-+ COPY_DICT(t, m_off)
-+#else
-+#if defined(LZO1Z)
-+ t = (1 + M2_MAX_OFFSET) + (t << 6) + (*ip++ >> 2);
-+ m_pos = op - t;
-+ last_m_off = t;
-+#else
-+ m_pos = op - (1 + M2_MAX_OFFSET);
-+ m_pos -= t >> 2;
-+ m_pos -= *ip++ << 2;
-+#endif
-+ TEST_LOOKBEHIND(m_pos, out);
-+ NEED_OP(3);
-+ *op++ = *m_pos++;
-+ *op++ = *m_pos++;
-+ *op++ = *m_pos;
-+#endif
-+ goto match_done;
-+
-+ while (TEST_IP && TEST_OP) {
-+ match:
-+ if (t >= 64) {
-+#if defined(COPY_DICT)
-+#if defined(LZO1X)
-+ m_off = 1 + ((t >> 2) & 7) + (*ip++ << 3);
-+ t = (t >> 5) - 1;
-+#elif defined(LZO1Y)
-+ m_off = 1 + ((t >> 2) & 3) + (*ip++ << 2);
-+ t = (t >> 4) - 3;
-+#elif defined(LZO1Z)
-+ m_off = t & 0x1f;
-+ if (m_off >= 0x1c)
-+ m_off = last_m_off;
-+ else {
-+ m_off = 1 + (m_off << 6) + (*ip++ >> 2);
-+ last_m_off = m_off;
-+ }
-+ t = (t >> 5) - 1;
-+#endif
-+#else
-+#if defined(LZO1X)
-+ m_pos = op - 1;
-+ m_pos -= (t >> 2) & 7;
-+ m_pos -= *ip++ << 3;
-+ t = (t >> 5) - 1;
-+#elif defined(LZO1Y)
-+ m_pos = op - 1;
-+ m_pos -= (t >> 2) & 3;
-+ m_pos -= *ip++ << 2;
-+ t = (t >> 4) - 3;
-+#elif defined(LZO1Z)
-+ {
-+ lzo_uint off = t & 0x1f;
-+ m_pos = op;
-+ if (off >= 0x1c) {
-+ assert(last_m_off > 0);
-+ m_pos -= last_m_off;
-+ } else {
-+ off =
-+ 1 + (off << 6) +
-+ (*ip++ >> 2);
-+ m_pos -= off;
-+ last_m_off = off;
-+ }
-+ }
-+ t = (t >> 5) - 1;
-+#endif
-+ TEST_LOOKBEHIND(m_pos, out);
-+ assert("lzo-18", t > 0);
-+ NEED_OP(t + 3 - 1);
-+ goto copy_match;
-+#endif
-+ } else if (t >= 32) {
-+ t &= 31;
-+ if (t == 0) {
-+ NEED_IP(1);
-+ while (*ip == 0) {
-+ t += 255;
-+ ip++;
-+ NEED_IP(1);
-+ }
-+ t += 31 + *ip++;
-+ }
-+#if defined(COPY_DICT)
-+#if defined(LZO1Z)
-+ m_off = 1 + (ip[0] << 6) + (ip[1] >> 2);
-+ last_m_off = m_off;
-+#else
-+ m_off = 1 + (ip[0] >> 2) + (ip[1] << 6);
-+#endif
-+#else
-+#if defined(LZO1Z)
-+ {
-+ lzo_uint off =
-+ 1 + (ip[0] << 6) + (ip[1] >> 2);
-+ m_pos = op - off;
-+ last_m_off = off;
-+ }
-+#elif defined(LZO_UNALIGNED_OK_2) && (LZO_BYTE_ORDER == LZO_LITTLE_ENDIAN)
-+ m_pos = op - 1;
-+ m_pos -= (*(const lzo_ushortp)ip) >> 2;
-+#else
-+ m_pos = op - 1;
-+ m_pos -= (ip[0] >> 2) + (ip[1] << 6);
-+#endif
-+#endif
-+ ip += 2;
-+ } else if (t >= 16) {
-+#if defined(COPY_DICT)
-+ m_off = (t & 8) << 11;
-+#else
-+ m_pos = op;
-+ m_pos -= (t & 8) << 11;
-+#endif
-+ t &= 7;
-+ if (t == 0) {
-+ NEED_IP(1);
-+ while (*ip == 0) {
-+ t += 255;
-+ ip++;
-+ NEED_IP(1);
-+ }
-+ t += 7 + *ip++;
-+ }
-+#if defined(COPY_DICT)
-+#if defined(LZO1Z)
-+ m_off += (ip[0] << 6) + (ip[1] >> 2);
-+#else
-+ m_off += (ip[0] >> 2) + (ip[1] << 6);
-+#endif
-+ ip += 2;
-+ if (m_off == 0)
-+ goto eof_found;
-+ m_off += 0x4000;
-+#if defined(LZO1Z)
-+ last_m_off = m_off;
-+#endif
-+#else
-+#if defined(LZO1Z)
-+ m_pos -= (ip[0] << 6) + (ip[1] >> 2);
-+#elif defined(LZO_UNALIGNED_OK_2) && (LZO_BYTE_ORDER == LZO_LITTLE_ENDIAN)
-+ m_pos -= (*(const lzo_ushortp)ip) >> 2;
-+#else
-+ m_pos -= (ip[0] >> 2) + (ip[1] << 6);
-+#endif
-+ ip += 2;
-+ if (m_pos == op)
-+ goto eof_found;
-+ m_pos -= 0x4000;
-+#if defined(LZO1Z)
-+ last_m_off = op - m_pos;
-+#endif
-+#endif
-+ } else {
-+#if defined(COPY_DICT)
-+#if defined(LZO1Z)
-+ m_off = 1 + (t << 6) + (*ip++ >> 2);
-+ last_m_off = m_off;
-+#else
-+ m_off = 1 + (t >> 2) + (*ip++ << 2);
-+#endif
-+ NEED_OP(2);
-+ t = 2;
-+ COPY_DICT(t, m_off)
-+#else
-+#if defined(LZO1Z)
-+ t = 1 + (t << 6) + (*ip++ >> 2);
-+ m_pos = op - t;
-+ last_m_off = t;
-+#else
-+ m_pos = op - 1;
-+ m_pos -= t >> 2;
-+ m_pos -= *ip++ << 2;
-+#endif
-+ TEST_LOOKBEHIND(m_pos, out);
-+ NEED_OP(2);
-+ *op++ = *m_pos++;
-+ *op++ = *m_pos;
-+#endif
-+ goto match_done;
-+ }
-+
-+#if defined(COPY_DICT)
-+
-+ NEED_OP(t + 3 - 1);
-+ t += 3 - 1;
-+ COPY_DICT(t, m_off)
-+#else
-+
-+ TEST_LOOKBEHIND(m_pos, out);
-+ assert("lzo-19", t > 0);
-+ NEED_OP(t + 3 - 1);
-+#if defined(LZO_UNALIGNED_OK_4) || defined(LZO_ALIGNED_OK_4)
-+#if !defined(LZO_UNALIGNED_OK_4)
-+ if (t >= 2 * 4 - (3 - 1) && PTR_ALIGNED2_4(op, m_pos)) {
-+ assert((op - m_pos) >= 4);
-+#else
-+ if (t >= 2 * 4 - (3 - 1) && (op - m_pos) >= 4) {
-+#endif
-+ COPY4(op, m_pos);
-+ op += 4;
-+ m_pos += 4;
-+ t -= 4 - (3 - 1);
-+ do {
-+ COPY4(op, m_pos);
-+ op += 4;
-+ m_pos += 4;
-+ t -= 4;
-+ } while (t >= 4);
-+ if (t > 0)
-+ do
-+ *op++ = *m_pos++;
-+ while (--t > 0);
-+ } else
-+#endif
-+ {
-+ copy_match:
-+ *op++ = *m_pos++;
-+ *op++ = *m_pos++;
-+ do
-+ *op++ = *m_pos++;
-+ while (--t > 0);
-+ }
-+
-+#endif
-+
-+ match_done:
-+#if defined(LZO1Z)
-+ t = ip[-1] & 3;
-+#else
-+ t = ip[-2] & 3;
-+#endif
-+ if (t == 0)
-+ break;
-+
-+ match_next:
-+ assert("lzo-20", t > 0);
-+ NEED_OP(t);
-+ NEED_IP(t + 1);
-+ do
-+ *op++ = *ip++;
-+ while (--t > 0);
-+ t = *ip++;
-+ }
-+ }
-+
-+#if defined(HAVE_TEST_IP) || defined(HAVE_TEST_OP)
-+ *out_len = op - out;
-+ return LZO_E_EOF_NOT_FOUND;
-+#endif
-+
-+ eof_found:
-+ assert("lzo-21", t == 1);
-+ *out_len = op - out;
-+ return (ip == ip_end ? LZO_E_OK :
-+ (ip < ip_end ? LZO_E_INPUT_NOT_CONSUMED : LZO_E_INPUT_OVERRUN));
-+
-+#if defined(HAVE_NEED_IP)
-+ input_overrun:
-+ *out_len = op - out;
-+ return LZO_E_INPUT_OVERRUN;
-+#endif
-+
-+#if defined(HAVE_NEED_OP)
-+ output_overrun:
-+ *out_len = op - out;
-+ return LZO_E_OUTPUT_OVERRUN;
-+#endif
-+
-+#if defined(LZO_TEST_DECOMPRESS_OVERRUN_LOOKBEHIND)
-+ lookbehind_overrun:
-+ *out_len = op - out;
-+ return LZO_E_LOOKBEHIND_OVERRUN;
-+#endif
-+}
-+
-+#define LZO_TEST_DECOMPRESS_OVERRUN
-+#undef DO_DECOMPRESS
-+#define DO_DECOMPRESS lzo1x_decompress_safe
-+
-+#if defined(LZO_TEST_DECOMPRESS_OVERRUN)
-+# if !defined(LZO_TEST_DECOMPRESS_OVERRUN_INPUT)
-+# define LZO_TEST_DECOMPRESS_OVERRUN_INPUT 2
-+# endif
-+# if !defined(LZO_TEST_DECOMPRESS_OVERRUN_OUTPUT)
-+# define LZO_TEST_DECOMPRESS_OVERRUN_OUTPUT 2
-+# endif
-+# if !defined(LZO_TEST_DECOMPRESS_OVERRUN_LOOKBEHIND)
-+# define LZO_TEST_DECOMPRESS_OVERRUN_LOOKBEHIND
-+# endif
-+#endif
-+
-+#undef TEST_IP
-+#undef TEST_OP
-+#undef TEST_LOOKBEHIND
-+#undef NEED_IP
-+#undef NEED_OP
-+#undef HAVE_TEST_IP
-+#undef HAVE_TEST_OP
-+#undef HAVE_NEED_IP
-+#undef HAVE_NEED_OP
-+#undef HAVE_ANY_IP
-+#undef HAVE_ANY_OP
-+
-+#if defined(LZO_TEST_DECOMPRESS_OVERRUN_INPUT)
-+# if (LZO_TEST_DECOMPRESS_OVERRUN_INPUT >= 1)
-+# define TEST_IP (ip < ip_end)
-+# endif
-+# if (LZO_TEST_DECOMPRESS_OVERRUN_INPUT >= 2)
-+# define NEED_IP(x) \
-+ if ((lzo_uint)(ip_end - ip) < (lzo_uint)(x)) goto input_overrun
-+# endif
-+#endif
-+
-+#if defined(LZO_TEST_DECOMPRESS_OVERRUN_OUTPUT)
-+# if (LZO_TEST_DECOMPRESS_OVERRUN_OUTPUT >= 1)
-+# define TEST_OP (op <= op_end)
-+# endif
-+# if (LZO_TEST_DECOMPRESS_OVERRUN_OUTPUT >= 2)
-+# undef TEST_OP
-+# define NEED_OP(x) \
-+ if ((lzo_uint)(op_end - op) < (lzo_uint)(x)) goto output_overrun
-+# endif
-+#endif
-+
-+#if defined(LZO_TEST_DECOMPRESS_OVERRUN_LOOKBEHIND)
-+# define TEST_LOOKBEHIND(m_pos,out) if (m_pos < out) goto lookbehind_overrun
-+#else
-+# define TEST_LOOKBEHIND(m_pos,op) ((void) 0)
-+#endif
-+
-+#if !defined(LZO_EOF_CODE) && !defined(TEST_IP)
-+# define TEST_IP (ip < ip_end)
-+#endif
-+
-+#if defined(TEST_IP)
-+# define HAVE_TEST_IP
-+#else
-+# define TEST_IP 1
-+#endif
-+#if defined(TEST_OP)
-+# define HAVE_TEST_OP
-+#else
-+# define TEST_OP 1
-+#endif
-+
-+#if defined(NEED_IP)
-+# define HAVE_NEED_IP
-+#else
-+# define NEED_IP(x) ((void) 0)
-+#endif
-+#if defined(NEED_OP)
-+# define HAVE_NEED_OP
-+#else
-+# define NEED_OP(x) ((void) 0)
-+#endif
-+
-+#if defined(HAVE_TEST_IP) || defined(HAVE_NEED_IP)
-+# define HAVE_ANY_IP
-+#endif
-+#if defined(HAVE_TEST_OP) || defined(HAVE_NEED_OP)
-+# define HAVE_ANY_OP
-+#endif
-+
-+#undef __COPY4
-+#define __COPY4(dst,src) * (lzo_uint32p)(dst) = * (const lzo_uint32p)(src)
-+
-+#undef COPY4
-+#if defined(LZO_UNALIGNED_OK_4)
-+# define COPY4(dst,src) __COPY4(dst,src)
-+#elif defined(LZO_ALIGNED_OK_4)
-+# define COPY4(dst,src) __COPY4((lzo_ptr_t)(dst),(lzo_ptr_t)(src))
-+#endif
-+
-+/***** End of minilzo.c *****/
-Index: linux-2.6.16/fs/reiser4/plugin/compress/minilzo.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/compress/minilzo.h
-@@ -0,0 +1,94 @@
-+/* minilzo.h -- mini subset of the LZO real-time data compression library
-+ adopted for reiser4 compression transform plugin.
-+
-+ This file is part of the LZO real-time data compression library
-+ and not included in any proprietary licenses of reiser4.
-+
-+ Copyright (C) 2002 Markus Franz Xaver Johannes Oberhumer
-+ Copyright (C) 2001 Markus Franz Xaver Johannes Oberhumer
-+ Copyright (C) 2000 Markus Franz Xaver Johannes Oberhumer
-+ Copyright (C) 1999 Markus Franz Xaver Johannes Oberhumer
-+ Copyright (C) 1998 Markus Franz Xaver Johannes Oberhumer
-+ Copyright (C) 1997 Markus Franz Xaver Johannes Oberhumer
-+ Copyright (C) 1996 Markus Franz Xaver Johannes Oberhumer
-+ All Rights Reserved.
-+
-+ The LZO library is free software; you can redistribute it and/or
-+ modify it under the terms of the GNU General Public License as
-+ published by the Free Software Foundation; either version 2 of
-+ the License, or (at your option) any later version.
-+
-+ The LZO library is distributed in the hope that it will be useful,
-+ but WITHOUT ANY WARRANTY; without even the implied warranty of
-+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-+ GNU General Public License for more details.
-+
-+ You should have received a copy of the GNU General Public License
-+ along with the LZO library; see the file COPYING.
-+ If not, write to the Free Software Foundation, Inc.,
-+ 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
-+
-+ Markus F.X.J. Oberhumer
-+ <markus@oberhumer.com>
-+ http://www.oberhumer.com/opensource/lzo/
-+ */
-+
-+/*
-+ * NOTE:
-+ * the full LZO package can be found at
-+ * http://www.oberhumer.com/opensource/lzo/
-+ */
-+
-+#ifndef __MINILZO_H
-+#define __MINILZO_H
-+
-+#define MINILZO_VERSION 0x1080
-+
-+#ifdef __LZOCONF_H
-+# error "you cannot use both LZO and miniLZO"
-+#endif
-+
-+#undef LZO_HAVE_CONFIG_H
-+#include "lzoconf.h"
-+
-+#if !defined(LZO_VERSION) || (LZO_VERSION != MINILZO_VERSION)
-+# error "version mismatch in header files"
-+#endif
-+
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
-+
-+/***********************************************************************
-+//
-+************************************************************************/
-+
-+/* Memory required for the wrkmem parameter.
-+ * When the required size is 0, you can also pass a NULL pointer.
-+ */
-+
-+#define LZO1X_MEM_COMPRESS LZO1X_1_MEM_COMPRESS
-+#define LZO1X_1_MEM_COMPRESS ((lzo_uint32) (16384L * lzo_sizeof_dict_t))
-+#define LZO1X_MEM_DECOMPRESS (0)
-+
-+/* compression */
-+ LZO_EXTERN(int)
-+ lzo1x_1_compress(const lzo_byte * src, lzo_uint src_len,
-+ lzo_byte * dst, lzo_uintp dst_len, lzo_voidp wrkmem);
-+
-+/* decompression */
-+ LZO_EXTERN(int)
-+ lzo1x_decompress(const lzo_byte * src, lzo_uint src_len,
-+ lzo_byte * dst, lzo_uintp dst_len,
-+ lzo_voidp wrkmem /* NOT USED */ );
-+
-+/* safe decompression with overrun testing */
-+ LZO_EXTERN(int)
-+ lzo1x_decompress_safe(const lzo_byte * src, lzo_uint src_len,
-+ lzo_byte * dst, lzo_uintp dst_len,
-+ lzo_voidp wrkmem /* NOT USED */ );
-+
-+#ifdef __cplusplus
-+} /* extern "C" */
-+#endif
-+#endif /* already included */
-Index: linux-2.6.16/fs/reiser4/plugin/crypto/cipher.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/crypto/cipher.c
-@@ -0,0 +1,116 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser,
-+ licensing governed by reiser4/README */
-+/* Reiser4 cipher transform plugins */
-+
-+#include "../../debug.h"
-+#include "../plugin.h"
-+#include "../file/cryptcompress.h"
-+#include <linux/types.h>
-+#include <linux/random.h>
-+
-+#define MIN_CIPHER_BLOCKSIZE 8
-+#define MAX_CIPHER_BLOCKSIZE 128
-+
-+/*
-+ Default align() method of the cipher plugin (look for description of this
-+ method in plugin/plugin.h)
-+
-+ 1) creates the aligning armored format of the input flow before encryption.
-+ "armored" means that padding is filled by private data (for example,
-+ pseudo-random sequence of bytes is not private data).
-+ 2) returns length of appended padding
-+
-+ [ flow | aligning_padding ]
-+ ^
-+ |
-+ @pad
-+*/
-+static int align_stream_common(__u8 * pad,
-+ int flow_size /* size of non-aligned flow */,
-+ int blocksize /* cipher block size */)
-+{
-+ int pad_size;
-+
-+ assert("edward-01", pad != NULL);
-+ assert("edward-02", flow_size != 0);
-+ assert("edward-03", blocksize != 0
-+ || blocksize <= MAX_CIPHER_BLOCKSIZE);
-+
-+ pad_size = blocksize - (flow_size % blocksize);
-+ get_random_bytes(pad, pad_size);
-+ return pad_size;
-+}
-+
-+/* This is used for all the cipher algorithms which do not inflate
-+ block-aligned data */
-+static loff_t scale_common(struct inode *inode, size_t blocksize,
-+ loff_t src_off /* offset to scale */ )
-+{
-+ return src_off;
-+}
-+
-+static void free_aes (struct crypto_tfm * tfm)
-+{
-+#if REISER4_AES
-+ crypto_free_tfm(tfm);
-+#endif
-+ return;
-+}
-+
-+static struct crypto_tfm * alloc_aes (void)
-+{
-+#if REISER4_AES
-+ return crypto_alloc_tfm ("aes", 0);
-+#else
-+ warning("edward-1417", "aes unsupported");
-+ return ERR_PTR(-EINVAL);
-+#endif /* REISER4_AES */
-+}
-+
-+cipher_plugin cipher_plugins[LAST_CIPHER_ID] = {
-+ [NONE_CIPHER_ID] = {
-+ .h = {
-+ .type_id = REISER4_CIPHER_PLUGIN_TYPE,
-+ .id = NONE_CIPHER_ID,
-+ .pops = NULL,
-+ .label = "none",
-+ .desc = "no cipher transform",
-+ .linkage = {NULL, NULL}
-+ },
-+ .alloc = NULL,
-+ .free = NULL,
-+ .scale = NULL,
-+ .align_stream = NULL,
-+ .setkey = NULL,
-+ .encrypt = NULL,
-+ .decrypt = NULL
-+ },
-+ [AES_CIPHER_ID] = {
-+ .h = {
-+ .type_id = REISER4_CIPHER_PLUGIN_TYPE,
-+ .id = AES_CIPHER_ID,
-+ .pops = NULL,
-+ .label = "aes",
-+ .desc = "aes cipher transform",
-+ .linkage = {NULL, NULL}
-+ },
-+ .alloc = alloc_aes,
-+ .free = free_aes,
-+ .scale = scale_common,
-+ .align_stream = align_stream_common,
-+ .setkey = NULL,
-+ .encrypt = NULL,
-+ .decrypt = NULL
-+ }
-+};
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/crypto/cipher.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/crypto/cipher.h
-@@ -0,0 +1,67 @@
-+/* Copyright 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+/* This file contains definitions for the objects operated
-+ by reiser4 key manager, which is something like keyring
-+ wrapped by appropriate reiser4 plugin */
-+
-+#if !defined( __FS_REISER4_CRYPT_H__ )
-+#define __FS_REISER4_CRYPT_H__
-+
-+#include <linux/crypto.h>
-+
-+
-+/* Transform actions involved in ciphering process and
-+ supported by reiser4 via appropriate transform plugins */
-+typedef enum {
-+ CIPHER_TFM, /* cipher transform */
-+ DIGEST_TFM, /* digest transform */
-+ LAST_TFM
-+} reiser4_tfm;
-+
-+/* This represents a transform action in reiser4 */
-+typedef struct reiser4_tfma {
-+ reiser4_plugin * plug; /* transform plugin */
-+ struct crypto_tfm * tfm; /* low-level info, operated by
-+ linux crypto-api (see linux/crypto) */
-+} reiser4_tfma_t;
-+
-+/* key info imported from user space */
-+typedef struct crypto_data {
-+ int keysize; /* uninstantiated key size */
-+ __u8 * key; /* uninstantiated key */
-+ int keyid_size; /* size of passphrase */
-+ __u8 * keyid; /* passphrase */
-+} crypto_data_t;
-+
-+/* This object contains all needed infrastructure to implement
-+ cipher transform. This is operated (allocating, inheriting,
-+ validating, binding to host inode, etc..) by reiser4 key manager.
-+
-+ This info can be allocated in two cases:
-+ 1. importing a key from user space.
-+ 2. reading inode from disk */
-+typedef struct crypto_stat {
-+ reiser4_tfma_t tfma[LAST_TFM];
-+// cipher_key_plugin * kplug; /* key manager */
-+ __u8 * keyid; /* key fingerprint, created by digest plugin,
-+ using uninstantiated key and passphrase.
-+ supposed to be stored in disk stat-data */
-+ int inst; /* this indicates if the cipher key is
-+ instantiated (case 1 above) */
-+ int keysize; /* uninstantiated key size (bytes), supposed
-+ to be stored in disk stat-data */
-+ int keyload_count; /* number of the objects which has this
-+ crypto-stat attached */
-+} crypto_stat_t;
-+
-+#endif /* __FS_REISER4_CRYPT_H__ */
-+
-+/*
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/crypto/digest.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/crypto/digest.c
-@@ -0,0 +1,58 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* reiser4 digest transform plugin (is used by cryptcompress object plugin) */
-+/* EDWARD-FIXME-HANS: and it does what? a digest is a what? */
-+#include "../../debug.h"
-+#include "../plugin_header.h"
-+#include "../plugin.h"
-+#include "../file/cryptcompress.h"
-+
-+#include <linux/types.h>
-+
-+extern digest_plugin digest_plugins[LAST_DIGEST_ID];
-+
-+static struct crypto_tfm * alloc_sha256 (void)
-+{
-+#if REISER4_SHA256
-+ return crypto_alloc_tfm ("sha256", 0);
-+#else
-+ warning("edward-1418", "sha256 unsupported");
-+ return ERR_PTR(-EINVAL);
-+#endif
-+}
-+
-+static void free_sha256 (struct crypto_tfm * tfm)
-+{
-+#if REISER4_SHA256
-+ crypto_free_tfm(tfm);
-+#endif
-+ return;
-+}
-+
-+/* digest plugins */
-+digest_plugin digest_plugins[LAST_DIGEST_ID] = {
-+ [SHA256_32_DIGEST_ID] = {
-+ .h = {
-+ .type_id = REISER4_DIGEST_PLUGIN_TYPE,
-+ .id = SHA256_32_DIGEST_ID,
-+ .pops = NULL,
-+ .label = "sha256_32",
-+ .desc = "sha256_32 digest transform",
-+ .linkage = {NULL, NULL}
-+ },
-+ .fipsize = sizeof(__u32),
-+ .alloc = alloc_sha256,
-+ .free = free_sha256
-+ }
-+};
-+
-+/*
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/dir/Makefile
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/dir/Makefile
-@@ -0,0 +1,5 @@
-+obj-$(CONFIG_REISER4_FS) += dir_plugins.o
-+
-+dir_plugins-objs := \
-+ hashed_dir.o \
-+ seekable_dir.o
-Index: linux-2.6.16/fs/reiser4/plugin/dir/dir.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/dir/dir.h
-@@ -0,0 +1,36 @@
-+/* Copyright 2001, 2002, 2003, 2004 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* this file contains declarations of methods implementing directory plugins */
-+
-+#if !defined( __REISER4_DIR_H__ )
-+#define __REISER4_DIR_H__
-+
-+/*#include "../../key.h"
-+
-+#include <linux/fs.h>*/
-+
-+/* declarations of functions implementing HASHED_DIR_PLUGIN_ID dir plugin */
-+
-+/* "hashed" directory methods of dir plugin */
-+void build_entry_key_hashed(const struct inode *, const struct qstr *,
-+ reiser4_key *);
-+
-+/* declarations of functions implementing SEEKABLE_HASHED_DIR_PLUGIN_ID dir plugin */
-+
-+/* "seekable" directory methods of dir plugin */
-+void build_entry_key_seekable(const struct inode *, const struct qstr *,
-+ reiser4_key *);
-+
-+/* __REISER4_DIR_H__ */
-+#endif
-+
-+/*
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/dir/hashed_dir.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/dir/hashed_dir.c
-@@ -0,0 +1,81 @@
-+/* Copyright 2001, 2002, 2003, 2004 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* Directory plugin using hashes (see fs/reiser4/plugin/hash.c) to map file
-+ names to the files. */
-+
-+/*
-+ * Hashed directory logically consists of persistent directory
-+ * entries. Directory entry is a pair of a file name and a key of stat-data of
-+ * a file that has this name in the given directory.
-+ *
-+ * Directory entries are stored in the tree in the form of directory
-+ * items. Directory item should implement dir_entry_ops portion of item plugin
-+ * interface (see plugin/item/item.h). Hashed directory interacts with
-+ * directory item plugin exclusively through dir_entry_ops operations.
-+ *
-+ * Currently there are two implementations of directory items: "simple
-+ * directory item" (plugin/item/sde.[ch]), and "compound directory item"
-+ * (plugin/item/cde.[ch]) with the latter being the default.
-+ *
-+ * There is, however some delicate way through which directory code interferes
-+ * with item plugin: key assignment policy. A key for a directory item is
-+ * chosen by directory code, and as described in kassign.c, this key contains
-+ * a portion of file name. Directory item uses this knowledge to avoid storing
-+ * this portion of file name twice: in the key and in the directory item body.
-+ *
-+ */
-+
-+#include "../../inode.h"
-+
-+void complete_entry_key(const struct inode *, const char *name,
-+ int len, reiser4_key * result);
-+
-+/* this is implementation of build_entry_key method of dir
-+ plugin for HASHED_DIR_PLUGIN_ID
-+ */
-+void build_entry_key_hashed(const struct inode *dir, /* directory where entry is
-+ * (or will be) in.*/
-+ const struct qstr *qname, /* name of file referenced
-+ * by this entry */
-+ reiser4_key * result /* resulting key of directory
-+ * entry */ )
-+{
-+ const char *name;
-+ int len;
-+
-+ assert("nikita-1139", dir != NULL);
-+ assert("nikita-1140", qname != NULL);
-+ assert("nikita-1141", qname->name != NULL);
-+ assert("nikita-1142", result != NULL);
-+
-+ name = qname->name;
-+ len = qname->len;
-+
-+ assert("nikita-2867", strlen(name) == len);
-+
-+ reiser4_key_init(result);
-+ /* locality of directory entry's key is objectid of parent
-+ directory */
-+ set_key_locality(result, get_inode_oid(dir));
-+ /* minor packing locality is constant */
-+ set_key_type(result, KEY_FILE_NAME_MINOR);
-+ /* dot is special case---we always want it to be first entry in
-+ a directory. Actually, we just want to have smallest
-+ directory entry.
-+ */
-+ if (len == 1 && name[0] == '.')
-+ return;
-+
-+ /* initialize part of entry key which depends on file name */
-+ complete_entry_key(dir, name, len, result);
-+}
-+
-+/* Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/dir/seekable_dir.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/dir/seekable_dir.c
-@@ -0,0 +1,46 @@
-+/* Copyright 2005 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+#include "../../inode.h"
-+
-+/* this is implementation of build_entry_key method of dir
-+ plugin for SEEKABLE_HASHED_DIR_PLUGIN_ID
-+ This is for directories where we want repeatable and restartable readdir()
-+ even in case 32bit user level struct dirent (readdir(3)).
-+*/
-+void
-+build_entry_key_seekable(const struct inode *dir, const struct qstr *name,
-+ reiser4_key * result)
-+{
-+ oid_t objectid;
-+
-+ assert("nikita-2283", dir != NULL);
-+ assert("nikita-2284", name != NULL);
-+ assert("nikita-2285", name->name != NULL);
-+ assert("nikita-2286", result != NULL);
-+
-+ reiser4_key_init(result);
-+ /* locality of directory entry's key is objectid of parent
-+ directory */
-+ set_key_locality(result, get_inode_oid(dir));
-+ /* minor packing locality is constant */
-+ set_key_type(result, KEY_FILE_NAME_MINOR);
-+ /* dot is special case---we always want it to be first entry in
-+ a directory. Actually, we just want to have smallest
-+ directory entry.
-+ */
-+ if ((name->len == 1) && (name->name[0] == '.'))
-+ return;
-+
-+ /* objectid of key is 31 lowest bits of hash. */
-+ objectid =
-+ inode_hash_plugin(dir)->hash(name->name,
-+ (int)name->len) & 0x7fffffff;
-+
-+ assert("nikita-2303", !(objectid & ~KEY_OBJECTID_MASK));
-+ set_key_objectid(result, objectid);
-+
-+ /* offset is always 0. */
-+ set_key_offset(result, (__u64) 0);
-+ return;
-+}
-Index: linux-2.6.16/fs/reiser4/plugin/dir_plugin_common.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/dir_plugin_common.c
-@@ -0,0 +1,864 @@
-+/* Copyright 2005 by Hans Reiser, licensing governed by
-+ reiser4/README */
-+
-+/* this file contains typical implementations for most of methods of
-+ directory plugin
-+*/
-+
-+#include "../inode.h"
-+
-+int find_entry(struct inode *dir, struct dentry *name,
-+ lock_handle *, znode_lock_mode, reiser4_dir_entry_desc *);
-+int lookup_name(struct inode *parent, struct dentry *dentry, reiser4_key * key);
-+void check_light_weight(struct inode *inode, struct inode *parent);
-+
-+/* this is common implementation of get_parent method of dir plugin
-+ this is used by NFS kernel server to "climb" up directory tree to
-+ check permissions
-+ */
-+struct dentry *get_parent_common(struct inode *child)
-+{
-+ struct super_block *s;
-+ struct inode *parent;
-+ struct dentry dotdot;
-+ struct dentry *dentry;
-+ reiser4_key key;
-+ int result;
-+
-+ /*
-+ * lookup dotdot entry.
-+ */
-+
-+ s = child->i_sb;
-+ memset(&dotdot, 0, sizeof(dotdot));
-+ dotdot.d_name.name = "..";
-+ dotdot.d_name.len = 2;
-+ dotdot.d_op = &get_super_private(s)->ops.dentry;
-+
-+ result = lookup_name(child, &dotdot, &key);
-+ if (result != 0)
-+ return ERR_PTR(result);
-+
-+ parent = reiser4_iget(s, &key, 1);
-+ if (!IS_ERR(parent)) {
-+ /*
-+ * FIXME-NIKITA dubious: attributes are inherited from @child
-+ * to @parent. But:
-+ *
-+ * (*) this is the only this we can do
-+ *
-+ * (*) attributes of light-weight object are inherited
-+ * from a parent through which object was looked up first,
-+ * so it is ambiguous anyway.
-+ *
-+ */
-+ check_light_weight(parent, child);
-+ reiser4_iget_complete(parent);
-+ dentry = d_alloc_anon(parent);
-+ if (dentry == NULL) {
-+ iput(parent);
-+ dentry = ERR_PTR(RETERR(-ENOMEM));
-+ } else
-+ dentry->d_op = &get_super_private(s)->ops.dentry;
-+ } else if (PTR_ERR(parent) == -ENOENT)
-+ dentry = ERR_PTR(RETERR(-ESTALE));
-+ else
-+ dentry = (void *)parent;
-+ return dentry;
-+}
-+
-+/* this is common implementation of is_name_acceptable method of dir
-+ plugin
-+ */
-+int is_name_acceptable_common(const struct inode *inode, /* directory to check */
-+ const char *name UNUSED_ARG, /* name to check */
-+ int len /* @name's length */ )
-+{
-+ assert("nikita-733", inode != NULL);
-+ assert("nikita-734", name != NULL);
-+ assert("nikita-735", len > 0);
-+
-+ return len <= reiser4_max_filename_len(inode);
-+}
-+
-+/* there is no common implementation of build_entry_key method of dir
-+ plugin. See plugin/dir/hashed_dir.c:build_entry_key_hashed() or
-+ plugin/dir/seekable.c:build_entry_key_seekable() for example
-+*/
-+
-+/* this is common implementation of build_readdir_key method of dir
-+ plugin
-+ see readdir_common for more details
-+*/
-+int build_readdir_key_common(struct file *dir /* directory being read */ ,
-+ reiser4_key * result /* where to store key */ )
-+{
-+ reiser4_file_fsdata *fdata;
-+ struct inode *inode;
-+
-+ assert("nikita-1361", dir != NULL);
-+ assert("nikita-1362", result != NULL);
-+ assert("nikita-1363", dir->f_dentry != NULL);
-+ inode = dir->f_dentry->d_inode;
-+ assert("nikita-1373", inode != NULL);
-+
-+ fdata = reiser4_get_file_fsdata(dir);
-+ if (IS_ERR(fdata))
-+ return PTR_ERR(fdata);
-+ assert("nikita-1364", fdata != NULL);
-+ return extract_key_from_de_id(get_inode_oid(inode),
-+ &fdata->dir.readdir.position.
-+ dir_entry_key, result);
-+
-+}
-+
-+void adjust_dir_file(struct inode *, const struct dentry *, int offset,
-+ int adj);
-+
-+/* this is common implementation of add_entry method of dir plugin
-+*/
-+int add_entry_common(struct inode *object, /* directory to add new name
-+ * in */
-+ struct dentry *where, /* new name */
-+ reiser4_object_create_data * data UNUSED_ARG, /* parameters
-+ * of new
-+ * object */
-+ reiser4_dir_entry_desc * entry /* parameters of new
-+ * directory entry */ )
-+{
-+ int result;
-+ coord_t *coord;
-+ lock_handle lh;
-+ reiser4_dentry_fsdata *fsdata;
-+ reiser4_block_nr reserve;
-+
-+ assert("nikita-1114", object != NULL);
-+ assert("nikita-1250", where != NULL);
-+
-+ fsdata = reiser4_get_dentry_fsdata(where);
-+ if (unlikely(IS_ERR(fsdata)))
-+ return PTR_ERR(fsdata);
-+
-+ reserve = inode_dir_plugin(object)->estimate.add_entry(object);
-+ if (reiser4_grab_space(reserve, BA_CAN_COMMIT))
-+ return RETERR(-ENOSPC);
-+
-+ init_lh(&lh);
-+ coord = &fsdata->dec.entry_coord;
-+ coord_clear_iplug(coord);
-+
-+ /* check for this entry in a directory. This is plugin method. */
-+ result = find_entry(object, where, &lh, ZNODE_WRITE_LOCK, entry);
-+ if (likely(result == -ENOENT)) {
-+ /* add new entry. Just pass control to the directory
-+ item plugin. */
-+ assert("nikita-1709", inode_dir_item_plugin(object));
-+ assert("nikita-2230", coord->node == lh.node);
-+ seal_done(&fsdata->dec.entry_seal);
-+ result =
-+ inode_dir_item_plugin(object)->s.dir.add_entry(object,
-+ coord, &lh,
-+ where,
-+ entry);
-+ if (result == 0) {
-+ adjust_dir_file(object, where, fsdata->dec.pos + 1, +1);
-+ INODE_INC_FIELD(object, i_size);
-+ }
-+ } else if (result == 0) {
-+ assert("nikita-2232", coord->node == lh.node);
-+ result = RETERR(-EEXIST);
-+ }
-+ done_lh(&lh);
-+
-+ return result;
-+}
-+
-+/**
-+ * rem_entry - remove entry from directory item
-+ * @dir:
-+ * @dentry:
-+ * @entry:
-+ * @coord:
-+ * @lh:
-+ *
-+ * Checks that coordinate @coord is set properly and calls item plugin
-+ * method to cut entry.
-+ */
-+static int
-+rem_entry(struct inode *dir, struct dentry *dentry,
-+ reiser4_dir_entry_desc * entry, coord_t * coord, lock_handle * lh)
-+{
-+ item_plugin *iplug;
-+ struct inode *child;
-+
-+ iplug = inode_dir_item_plugin(dir);
-+ child = dentry->d_inode;
-+ assert("nikita-3399", child != NULL);
-+
-+ /* check that we are really destroying an entry for @child */
-+ if (REISER4_DEBUG) {
-+ int result;
-+ reiser4_key key;
-+
-+ result = iplug->s.dir.extract_key(coord, &key);
-+ if (result != 0)
-+ return result;
-+ if (get_key_objectid(&key) != get_inode_oid(child)) {
-+ warning("nikita-3397",
-+ "rem_entry: %#llx != %#llx\n",
-+ get_key_objectid(&key),
-+ (unsigned long long)get_inode_oid(child));
-+ return RETERR(-EIO);
-+ }
-+ }
-+ return iplug->s.dir.rem_entry(dir, &dentry->d_name, coord, lh, entry);
-+}
-+
-+/**
-+ * rem_entry_common - remove entry from a directory
-+ * @dir: directory to remove entry from
-+ * @where: name that is being removed
-+ * @entry: description of entry being removed
-+ *
-+ * This is common implementation of rem_entry method of dir plugin.
-+ */
-+int rem_entry_common(struct inode *dir,
-+ struct dentry *dentry,
-+ reiser4_dir_entry_desc *entry)
-+{
-+ int result;
-+ coord_t *coord;
-+ lock_handle lh;
-+ reiser4_dentry_fsdata *fsdata;
-+ __u64 tograb;
-+
-+ assert("nikita-1124", dir != NULL);
-+ assert("nikita-1125", dentry != NULL);
-+
-+ tograb = inode_dir_plugin(dir)->estimate.rem_entry(dir);
-+ result = reiser4_grab_space(tograb, BA_CAN_COMMIT | BA_RESERVED);
-+ if (result != 0)
-+ return RETERR(-ENOSPC);
-+
-+ init_lh(&lh);
-+
-+ /* check for this entry in a directory. This is plugin method. */
-+ result = find_entry(dir, dentry, &lh, ZNODE_WRITE_LOCK, entry);
-+ fsdata = reiser4_get_dentry_fsdata(dentry);
-+ if (IS_ERR(fsdata)) {
-+ done_lh(&lh);
-+ return PTR_ERR(fsdata);
-+ }
-+
-+ coord = &fsdata->dec.entry_coord;
-+
-+ assert("nikita-3404",
-+ get_inode_oid(dentry->d_inode) != get_inode_oid(dir) ||
-+ dir->i_size <= 1);
-+
-+ coord_clear_iplug(coord);
-+ if (result == 0) {
-+ /* remove entry. Just pass control to the directory item
-+ plugin. */
-+ assert("vs-542", inode_dir_item_plugin(dir));
-+ seal_done(&fsdata->dec.entry_seal);
-+ adjust_dir_file(dir, dentry, fsdata->dec.pos, -1);
-+ result =
-+ WITH_COORD(coord,
-+ rem_entry(dir, dentry, entry, coord, &lh));
-+ if (result == 0) {
-+ if (dir->i_size >= 1)
-+ INODE_DEC_FIELD(dir, i_size);
-+ else {
-+ warning("nikita-2509", "Dir %llu is runt",
-+ (unsigned long long)
-+ get_inode_oid(dir));
-+ result = RETERR(-EIO);
-+ }
-+
-+ assert("nikita-3405", dentry->d_inode->i_nlink != 1 ||
-+ dentry->d_inode->i_size != 2 ||
-+ inode_dir_plugin(dentry->d_inode) == NULL);
-+ }
-+ }
-+ done_lh(&lh);
-+
-+ return result;
-+}
-+
-+static reiser4_block_nr estimate_init(struct inode *parent,
-+ struct inode *object);
-+static int create_dot_dotdot(struct inode *object, struct inode *parent);
-+
-+/* this is common implementation of init method of dir plugin
-+ create "." and ".." entries
-+*/
-+int init_common(struct inode *object, /* new directory */
-+ struct inode *parent, /* parent directory */
-+ reiser4_object_create_data * data UNUSED_ARG /* info passed
-+ * to us, this
-+ * is filled by
-+ * reiser4()
-+ * syscall in
-+ * particular */ )
-+{
-+ reiser4_block_nr reserve;
-+
-+ assert("nikita-680", object != NULL);
-+ assert("nikita-681", S_ISDIR(object->i_mode));
-+ assert("nikita-682", parent != NULL);
-+ assert("nikita-684", data != NULL);
-+ assert("nikita-686", data->id == DIRECTORY_FILE_PLUGIN_ID);
-+ assert("nikita-687", object->i_mode & S_IFDIR);
-+
-+ reserve = estimate_init(parent, object);
-+ if (reiser4_grab_space(reserve, BA_CAN_COMMIT))
-+ return RETERR(-ENOSPC);
-+
-+ return create_dot_dotdot(object, parent);
-+}
-+
-+/* this is common implementation of done method of dir plugin
-+ remove "." entry
-+*/
-+int done_common(struct inode *object /* object being deleted */ )
-+{
-+ int result;
-+ reiser4_block_nr reserve;
-+ struct dentry goodby_dots;
-+ reiser4_dir_entry_desc entry;
-+
-+ assert("nikita-1449", object != NULL);
-+
-+ if (inode_get_flag(object, REISER4_NO_SD))
-+ return 0;
-+
-+ /* of course, this can be rewritten to sweep everything in one
-+ cut_tree(). */
-+ memset(&entry, 0, sizeof entry);
-+
-+ /* FIXME: this done method is called from delete_directory_common which
-+ * reserved space already */
-+ reserve = inode_dir_plugin(object)->estimate.rem_entry(object);
-+ if (reiser4_grab_space(reserve, BA_CAN_COMMIT | BA_RESERVED))
-+ return RETERR(-ENOSPC);
-+
-+ memset(&goodby_dots, 0, sizeof goodby_dots);
-+ entry.obj = goodby_dots.d_inode = object;
-+ goodby_dots.d_name.name = ".";
-+ goodby_dots.d_name.len = 1;
-+ result = rem_entry_common(object, &goodby_dots, &entry);
-+ reiser4_free_dentry_fsdata(&goodby_dots);
-+ if (unlikely(result != 0 && result != -ENOMEM && result != -ENOENT))
-+ /* only worth a warning
-+
-+ "values of \ eB\ f will give rise to dom!\n"
-+ -- v6src/s2/mv.c:89
-+ */
-+ warning("nikita-2252", "Cannot remove dot of %lli: %i",
-+ (unsigned long long)get_inode_oid(object), result);
-+ return 0;
-+}
-+
-+/* this is common implementation of attach method of dir plugin
-+*/
-+int
-+attach_common(struct inode *child UNUSED_ARG, struct inode *parent UNUSED_ARG)
-+{
-+ assert("nikita-2647", child != NULL);
-+ assert("nikita-2648", parent != NULL);
-+
-+ return 0;
-+}
-+
-+/* this is common implementation of detach method of dir plugin
-+ remove "..", decrease nlink on parent
-+*/
-+int detach_common(struct inode *object, struct inode *parent)
-+{
-+ int result;
-+ struct dentry goodby_dots;
-+ reiser4_dir_entry_desc entry;
-+
-+ assert("nikita-2885", object != NULL);
-+ assert("nikita-2886", !inode_get_flag(object, REISER4_NO_SD));
-+
-+ memset(&entry, 0, sizeof entry);
-+
-+ /* NOTE-NIKITA this only works if @parent is -the- parent of
-+ @object, viz. object whose key is stored in dotdot
-+ entry. Wouldn't work with hard-links on directories. */
-+ memset(&goodby_dots, 0, sizeof goodby_dots);
-+ entry.obj = goodby_dots.d_inode = parent;
-+ goodby_dots.d_name.name = "..";
-+ goodby_dots.d_name.len = 2;
-+ result = rem_entry_common(object, &goodby_dots, &entry);
-+ reiser4_free_dentry_fsdata(&goodby_dots);
-+ if (result == 0) {
-+ /* the dot should be the only entry remaining at this time... */
-+ assert("nikita-3400", object->i_size == 1 &&
-+ (object->i_nlink >= 0 && object->i_nlink <= 2));
-+#if 0
-+ /* and, together with the only name directory can have, they
-+ * provides for the last 2 remaining references. If we get
-+ * here as part of error handling during mkdir, @object
-+ * possibly has no name yet, so its nlink == 1. If we get here
-+ * from rename (targeting empty directory), it has no name
-+ * already, so its nlink == 1. */
-+ assert("nikita-3401",
-+ object->i_nlink == 2 || object->i_nlink == 1);
-+#endif
-+
-+ /* decrement nlink of directory removed ".." pointed
-+ to */
-+ reiser4_del_nlink(parent, NULL, 0);
-+ }
-+ return result;
-+}
-+
-+/* this is common implementation of estimate.add_entry method of
-+ dir plugin
-+ estimation of adding entry which supposes that entry is inserting a
-+ unit into item
-+*/
-+reiser4_block_nr estimate_add_entry_common(const struct inode * inode)
-+{
-+ return estimate_one_insert_into_item(tree_by_inode(inode));
-+}
-+
-+/* this is common implementation of estimate.rem_entry method of dir
-+ plugin
-+*/
-+reiser4_block_nr estimate_rem_entry_common(const struct inode * inode)
-+{
-+ return estimate_one_item_removal(tree_by_inode(inode));
-+}
-+
-+/* this is common implementation of estimate.unlink method of dir
-+ plugin
-+*/
-+reiser4_block_nr
-+dir_estimate_unlink_common(const struct inode * parent,
-+ const struct inode * object)
-+{
-+ reiser4_block_nr res;
-+
-+ /* hashed_rem_entry(object) */
-+ res = inode_dir_plugin(object)->estimate.rem_entry(object);
-+ /* del_nlink(parent) */
-+ res += 2 * inode_file_plugin(parent)->estimate.update(parent);
-+
-+ return res;
-+}
-+
-+/*
-+ * helper for inode_ops ->lookup() and dir plugin's ->get_parent()
-+ * methods: if @inode is a light-weight file, setup its credentials
-+ * that are not stored in the stat-data in this case
-+ */
-+void check_light_weight(struct inode *inode, struct inode *parent)
-+{
-+ if (inode_get_flag(inode, REISER4_LIGHT_WEIGHT)) {
-+ inode->i_uid = parent->i_uid;
-+ inode->i_gid = parent->i_gid;
-+ /* clear light-weight flag. If inode would be read by any
-+ other name, [ug]id wouldn't change. */
-+ inode_clr_flag(inode, REISER4_LIGHT_WEIGHT);
-+ }
-+}
-+
-+/* looks for name specified in @dentry in directory @parent and if name is
-+ found - key of object found entry points to is stored in @entry->key */
-+int lookup_name(struct inode *parent, /* inode of directory to lookup for
-+ * name in */
-+ struct dentry *dentry, /* name to look for */
-+ reiser4_key * key /* place to store key */ )
-+{
-+ int result;
-+ coord_t *coord;
-+ lock_handle lh;
-+ const char *name;
-+ int len;
-+ reiser4_dir_entry_desc entry;
-+ reiser4_dentry_fsdata *fsdata;
-+
-+ assert("nikita-1247", parent != NULL);
-+ assert("nikita-1248", dentry != NULL);
-+ assert("nikita-1123", dentry->d_name.name != NULL);
-+ assert("vs-1486",
-+ dentry->d_op == &get_super_private(parent->i_sb)->ops.dentry);
-+
-+ name = dentry->d_name.name;
-+ len = dentry->d_name.len;
-+
-+ if (!inode_dir_plugin(parent)->is_name_acceptable(parent, name, len))
-+ /* some arbitrary error code to return */
-+ return RETERR(-ENAMETOOLONG);
-+
-+ fsdata = reiser4_get_dentry_fsdata(dentry);
-+ if (IS_ERR(fsdata))
-+ return PTR_ERR(fsdata);
-+
-+ coord = &fsdata->dec.entry_coord;
-+ coord_clear_iplug(coord);
-+ init_lh(&lh);
-+
-+ /* find entry in a directory. This is plugin method. */
-+ result = find_entry(parent, dentry, &lh, ZNODE_READ_LOCK, &entry);
-+ if (result == 0) {
-+ /* entry was found, extract object key from it. */
-+ result =
-+ WITH_COORD(coord,
-+ item_plugin_by_coord(coord)->s.dir.
-+ extract_key(coord, key));
-+ }
-+ done_lh(&lh);
-+ return result;
-+
-+}
-+
-+/* helper for init_common(): estimate number of blocks to reserve */
-+static reiser4_block_nr
-+estimate_init(struct inode *parent, struct inode *object)
-+{
-+ reiser4_block_nr res = 0;
-+
-+ assert("vpf-321", parent != NULL);
-+ assert("vpf-322", object != NULL);
-+
-+ /* hashed_add_entry(object) */
-+ res += inode_dir_plugin(object)->estimate.add_entry(object);
-+ /* reiser4_add_nlink(object) */
-+ res += inode_file_plugin(object)->estimate.update(object);
-+ /* hashed_add_entry(object) */
-+ res += inode_dir_plugin(object)->estimate.add_entry(object);
-+ /* reiser4_add_nlink(parent) */
-+ res += inode_file_plugin(parent)->estimate.update(parent);
-+
-+ return 0;
-+}
-+
-+/* helper function for init_common(). Create "." and ".." */
-+static int create_dot_dotdot(struct inode *object /* object to create dot and
-+ * dotdot for */ ,
-+ struct inode *parent /* parent of @object */ )
-+{
-+ int result;
-+ struct dentry dots_entry;
-+ reiser4_dir_entry_desc entry;
-+
-+ assert("nikita-688", object != NULL);
-+ assert("nikita-689", S_ISDIR(object->i_mode));
-+ assert("nikita-691", parent != NULL);
-+
-+ /* We store dot and dotdot as normal directory entries. This is
-+ not necessary, because almost all information stored in them
-+ is already in the stat-data of directory, the only thing
-+ being missed is objectid of grand-parent directory that can
-+ easily be added there as extension.
-+
-+ But it is done the way it is done, because not storing dot
-+ and dotdot will lead to the following complications:
-+
-+ . special case handling in ->lookup().
-+ . addition of another extension to the sd.
-+ . dependency on key allocation policy for stat data.
-+
-+ */
-+
-+ memset(&entry, 0, sizeof entry);
-+ memset(&dots_entry, 0, sizeof dots_entry);
-+ entry.obj = dots_entry.d_inode = object;
-+ dots_entry.d_name.name = ".";
-+ dots_entry.d_name.len = 1;
-+ result = add_entry_common(object, &dots_entry, NULL, &entry);
-+ reiser4_free_dentry_fsdata(&dots_entry);
-+
-+ if (result == 0) {
-+ result = reiser4_add_nlink(object, object, 0);
-+ if (result == 0) {
-+ entry.obj = dots_entry.d_inode = parent;
-+ dots_entry.d_name.name = "..";
-+ dots_entry.d_name.len = 2;
-+ result = add_entry_common(object,
-+ &dots_entry, NULL, &entry);
-+ reiser4_free_dentry_fsdata(&dots_entry);
-+ /* if creation of ".." failed, iput() will delete
-+ object with ".". */
-+ if (result == 0) {
-+ result = reiser4_add_nlink(parent, object, 0);
-+ if (result != 0)
-+ /*
-+ * if we failed to bump i_nlink, try
-+ * to remove ".."
-+ */
-+ detach_common(object, parent);
-+ }
-+ }
-+ }
-+
-+ if (result != 0) {
-+ /*
-+ * in the case of error, at least update stat-data so that,
-+ * ->i_nlink updates are not lingering.
-+ */
-+ reiser4_update_sd(object);
-+ reiser4_update_sd(parent);
-+ }
-+
-+ return result;
-+}
-+
-+/*
-+ * return 0 iff @coord contains a directory entry for the file with the name
-+ * @name.
-+ */
-+static int
-+check_item(const struct inode *dir, const coord_t * coord, const char *name)
-+{
-+ item_plugin *iplug;
-+ char buf[DE_NAME_BUF_LEN];
-+
-+ iplug = item_plugin_by_coord(coord);
-+ if (iplug == NULL) {
-+ warning("nikita-1135", "Cannot get item plugin");
-+ print_coord("coord", coord, 1);
-+ return RETERR(-EIO);
-+ } else if (item_id_by_coord(coord) !=
-+ item_id_by_plugin(inode_dir_item_plugin(dir))) {
-+ /* item id of current item does not match to id of items a
-+ directory is built of */
-+ warning("nikita-1136", "Wrong item plugin");
-+ print_coord("coord", coord, 1);
-+ return RETERR(-EIO);
-+ }
-+ assert("nikita-1137", iplug->s.dir.extract_name);
-+
-+ /* Compare name stored in this entry with name we are looking for.
-+
-+ NOTE-NIKITA Here should go code for support of something like
-+ unicode, code tables, etc.
-+ */
-+ return !!strcmp(name, iplug->s.dir.extract_name(coord, buf));
-+}
-+
-+static int
-+check_entry(const struct inode *dir, coord_t * coord, const struct qstr *name)
-+{
-+ return WITH_COORD(coord, check_item(dir, coord, name->name));
-+}
-+
-+/*
-+ * argument package used by entry_actor to scan entries with identical keys.
-+ */
-+typedef struct entry_actor_args {
-+ /* name we are looking for */
-+ const char *name;
-+ /* key of directory entry. entry_actor() scans through sequence of
-+ * items/units having the same key */
-+ reiser4_key *key;
-+ /* how many entries with duplicate key was scanned so far. */
-+ int non_uniq;
-+#if REISER4_USE_COLLISION_LIMIT
-+ /* scan limit */
-+ int max_non_uniq;
-+#endif
-+ /* return parameter: set to true, if ->name wasn't found */
-+ int not_found;
-+ /* what type of lock to take when moving to the next node during
-+ * scan */
-+ znode_lock_mode mode;
-+
-+ /* last coord that was visited during scan */
-+ coord_t last_coord;
-+ /* last node locked during scan */
-+ lock_handle last_lh;
-+ /* inode of directory */
-+ const struct inode *inode;
-+} entry_actor_args;
-+
-+/* Function called by find_entry() to look for given name in the directory. */
-+static int entry_actor(reiser4_tree * tree UNUSED_ARG /* tree being scanned */ ,
-+ coord_t * coord /* current coord */ ,
-+ lock_handle * lh /* current lock handle */ ,
-+ void *entry_actor_arg /* argument to scan */ )
-+{
-+ reiser4_key unit_key;
-+ entry_actor_args *args;
-+
-+ assert("nikita-1131", tree != NULL);
-+ assert("nikita-1132", coord != NULL);
-+ assert("nikita-1133", entry_actor_arg != NULL);
-+
-+ args = entry_actor_arg;
-+ ++args->non_uniq;
-+#if REISER4_USE_COLLISION_LIMIT
-+ if (args->non_uniq > args->max_non_uniq) {
-+ args->not_found = 1;
-+ /* hash collision overflow. */
-+ return RETERR(-EBUSY);
-+ }
-+#endif
-+
-+ /*
-+ * did we just reach the end of the sequence of items/units with
-+ * identical keys?
-+ */
-+ if (!keyeq(args->key, unit_key_by_coord(coord, &unit_key))) {
-+ assert("nikita-1791",
-+ keylt(args->key, unit_key_by_coord(coord, &unit_key)));
-+ args->not_found = 1;
-+ args->last_coord.between = AFTER_UNIT;
-+ return 0;
-+ }
-+
-+ coord_dup(&args->last_coord, coord);
-+ /*
-+ * did scan just moved to the next node?
-+ */
-+ if (args->last_lh.node != lh->node) {
-+ int lock_result;
-+
-+ /*
-+ * if so, lock new node with the mode requested by the caller
-+ */
-+ done_lh(&args->last_lh);
-+ assert("nikita-1896", znode_is_any_locked(lh->node));
-+ lock_result = longterm_lock_znode(&args->last_lh, lh->node,
-+ args->mode, ZNODE_LOCK_HIPRI);
-+ if (lock_result != 0)
-+ return lock_result;
-+ }
-+ return check_item(args->inode, coord, args->name);
-+}
-+
-+/* Look for given @name within directory @dir.
-+
-+ This is called during lookup, creation and removal of directory
-+ entries and on rename_common
-+
-+ First calculate key that directory entry for @name would have. Search
-+ for this key in the tree. If such key is found, scan all items with
-+ the same key, checking name in each directory entry along the way.
-+*/
-+int find_entry(struct inode *dir, /* directory to scan */
-+ struct dentry *de, /* name to search for */
-+ lock_handle * lh, /* resulting lock handle */
-+ znode_lock_mode mode, /* required lock mode */
-+ reiser4_dir_entry_desc * entry /* parameters of found directory
-+ * entry */ )
-+{
-+ const struct qstr *name;
-+ seal_t *seal;
-+ coord_t *coord;
-+ int result;
-+ __u32 flags;
-+ de_location *dec;
-+ reiser4_dentry_fsdata *fsdata;
-+
-+ assert("nikita-1130", lh != NULL);
-+ assert("nikita-1128", dir != NULL);
-+
-+ name = &de->d_name;
-+ assert("nikita-1129", name != NULL);
-+
-+ /* dentry private data don't require lock, because dentry
-+ manipulations are protected by i_mutex on parent.
-+
-+ This is not so for inodes, because there is no -the- parent in
-+ inode case.
-+ */
-+ fsdata = reiser4_get_dentry_fsdata(de);
-+ if (IS_ERR(fsdata))
-+ return PTR_ERR(fsdata);
-+ dec = &fsdata->dec;
-+
-+ coord = &dec->entry_coord;
-+ coord_clear_iplug(coord);
-+ seal = &dec->entry_seal;
-+ /* compose key of directory entry for @name */
-+ inode_dir_plugin(dir)->build_entry_key(dir, name, &entry->key);
-+
-+ if (seal_is_set(seal)) {
-+ /* check seal */
-+ result = seal_validate(seal, coord, &entry->key,
-+ lh, mode, ZNODE_LOCK_LOPRI);
-+ if (result == 0) {
-+ /* key was found. Check that it is really item we are
-+ looking for. */
-+ result = check_entry(dir, coord, name);
-+ if (result == 0)
-+ return 0;
-+ }
-+ }
-+ flags = (mode == ZNODE_WRITE_LOCK) ? CBK_FOR_INSERT : 0;
-+ /*
-+ * find place in the tree where directory item should be located.
-+ */
-+ result = object_lookup(dir, &entry->key, coord, lh, mode,
-+ FIND_EXACT, LEAF_LEVEL, LEAF_LEVEL, flags,
-+ NULL /*ra_info */ );
-+ if (result == CBK_COORD_FOUND) {
-+ entry_actor_args arg;
-+
-+ /* fast path: no hash collisions */
-+ result = check_entry(dir, coord, name);
-+ if (result == 0) {
-+ seal_init(seal, coord, &entry->key);
-+ dec->pos = 0;
-+ } else if (result > 0) {
-+ /* Iterate through all units with the same keys. */
-+ arg.name = name->name;
-+ arg.key = &entry->key;
-+ arg.not_found = 0;
-+ arg.non_uniq = 0;
-+#if REISER4_USE_COLLISION_LIMIT
-+ arg.max_non_uniq = max_hash_collisions(dir);
-+ assert("nikita-2851", arg.max_non_uniq > 1);
-+#endif
-+ arg.mode = mode;
-+ arg.inode = dir;
-+ coord_init_zero(&arg.last_coord);
-+ init_lh(&arg.last_lh);
-+
-+ result = iterate_tree(tree_by_inode(dir), coord, lh,
-+ entry_actor, &arg, mode, 1);
-+ /* if end of the tree or extent was reached during
-+ scanning. */
-+ if (arg.not_found || (result == -E_NO_NEIGHBOR)) {
-+ /* step back */
-+ done_lh(lh);
-+
-+ result = zload(arg.last_coord.node);
-+ if (result == 0) {
-+ coord_clear_iplug(&arg.last_coord);
-+ coord_dup(coord, &arg.last_coord);
-+ move_lh(lh, &arg.last_lh);
-+ result = RETERR(-ENOENT);
-+ zrelse(arg.last_coord.node);
-+ --arg.non_uniq;
-+ }
-+ }
-+
-+ done_lh(&arg.last_lh);
-+ if (result == 0)
-+ seal_init(seal, coord, &entry->key);
-+
-+ if (result == 0 || result == -ENOENT) {
-+ assert("nikita-2580", arg.non_uniq > 0);
-+ dec->pos = arg.non_uniq - 1;
-+ }
-+ }
-+ } else
-+ dec->pos = -1;
-+ return result;
-+}
-+
-+/* Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/disk_format/Makefile
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/disk_format/Makefile
-@@ -0,0 +1,5 @@
-+obj-$(CONFIG_REISER4_FS) += df_plugins.o
-+
-+df_plugins-objs := \
-+ disk_format40.o \
-+ disk_format.o
-Index: linux-2.6.16/fs/reiser4/plugin/disk_format/disk_format.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/disk_format/disk_format.c
-@@ -0,0 +1,37 @@
-+/* Copyright 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+#include "../../debug.h"
-+#include "../plugin_header.h"
-+#include "disk_format40.h"
-+#include "disk_format.h"
-+#include "../plugin.h"
-+
-+/* initialization of disk layout plugins */
-+disk_format_plugin format_plugins[LAST_FORMAT_ID] = {
-+ [FORMAT40_ID] = {
-+ .h = {
-+ .type_id = REISER4_FORMAT_PLUGIN_TYPE,
-+ .id = FORMAT40_ID,
-+ .pops = NULL,
-+ .label = "reiser40",
-+ .desc = "standard disk layout for reiser40",
-+ .linkage = {NULL, NULL}
-+ },
-+ .init_format = init_format_format40,
-+ .root_dir_key = root_dir_key_format40,
-+ .release = release_format40,
-+ .log_super = log_super_format40,
-+ .check_open = check_open_format40
-+ }
-+};
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/disk_format/disk_format.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/disk_format/disk_format.h
-@@ -0,0 +1,27 @@
-+/* Copyright 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* identifiers for disk layouts, they are also used as indexes in array of disk
-+ plugins */
-+
-+#if !defined( __REISER4_DISK_FORMAT_H__ )
-+#define __REISER4_DISK_FORMAT_H__
-+
-+typedef enum {
-+ /* standard reiser4 disk layout plugin id */
-+ FORMAT40_ID,
-+ LAST_FORMAT_ID
-+} disk_format_id;
-+
-+/* __REISER4_DISK_FORMAT_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/disk_format/disk_format40.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/disk_format/disk_format40.c
-@@ -0,0 +1,556 @@
-+/* Copyright 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+#include "../../debug.h"
-+#include "../../dformat.h"
-+#include "../../key.h"
-+#include "../node/node.h"
-+#include "../space/space_allocator.h"
-+#include "disk_format40.h"
-+#include "../plugin.h"
-+#include "../../txnmgr.h"
-+#include "../../jnode.h"
-+#include "../../tree.h"
-+#include "../../super.h"
-+#include "../../wander.h"
-+#include "../../inode.h"
-+#include "../../ktxnmgrd.h"
-+#include "../../status_flags.h"
-+
-+#include <linux/types.h> /* for __u?? */
-+#include <linux/fs.h> /* for struct super_block */
-+#include <linux/buffer_head.h>
-+
-+/* reiser 4.0 default disk layout */
-+
-+/* Amount of free blocks needed to perform release_format40 when fs gets
-+ mounted RW: 1 for SB, 1 for non-leaves in overwrite set, 2 for tx header
-+ & tx record. */
-+#define RELEASE_RESERVED 4
-+
-+/* functions to access fields of format40_disk_super_block */
-+static __u64 get_format40_block_count(const format40_disk_super_block * sb)
-+{
-+ return le64_to_cpu(get_unaligned(&sb->block_count));
-+}
-+
-+static __u64 get_format40_free_blocks(const format40_disk_super_block * sb)
-+{
-+ return le64_to_cpu(get_unaligned(&sb->free_blocks));
-+}
-+
-+static __u64 get_format40_root_block(const format40_disk_super_block * sb)
-+{
-+ return le64_to_cpu(get_unaligned(&sb->root_block));
-+}
-+
-+static __u16 get_format40_tree_height(const format40_disk_super_block * sb)
-+{
-+ return le16_to_cpu(get_unaligned(&sb->tree_height));
-+}
-+
-+static __u64 get_format40_file_count(const format40_disk_super_block * sb)
-+{
-+ return le64_to_cpu(get_unaligned(&sb->file_count));
-+}
-+
-+static __u64 get_format40_oid(const format40_disk_super_block * sb)
-+{
-+ return le64_to_cpu(get_unaligned(&sb->oid));
-+}
-+
-+static __u32 get_format40_mkfs_id(const format40_disk_super_block * sb)
-+{
-+ return le32_to_cpu(get_unaligned(&sb->mkfs_id));
-+}
-+
-+static __u64 get_format40_flags(const format40_disk_super_block * sb)
-+{
-+ return le64_to_cpu(get_unaligned(&sb->flags));
-+}
-+
-+static format40_super_info *get_sb_info(struct super_block *super)
-+{
-+ return &get_super_private(super)->u.format40;
-+}
-+
-+static int consult_diskmap(struct super_block *s)
-+{
-+ format40_super_info *info;
-+ journal_location *jloc;
-+
-+ info = get_sb_info(s);
-+ jloc = &get_super_private(s)->jloc;
-+ /* Default format-specific locations, if there is nothing in
-+ * diskmap */
-+ jloc->footer = FORMAT40_JOURNAL_FOOTER_BLOCKNR;
-+ jloc->header = FORMAT40_JOURNAL_HEADER_BLOCKNR;
-+ info->loc.super = FORMAT40_OFFSET / s->s_blocksize;
-+#ifdef CONFIG_REISER4_BADBLOCKS
-+ reiser4_get_diskmap_value(FORMAT40_PLUGIN_DISKMAP_ID, FORMAT40_JF,
-+ &jloc->footer);
-+ reiser4_get_diskmap_value(FORMAT40_PLUGIN_DISKMAP_ID, FORMAT40_JH,
-+ &jloc->header);
-+ reiser4_get_diskmap_value(FORMAT40_PLUGIN_DISKMAP_ID, FORMAT40_SUPER,
-+ &info->loc.super);
-+#endif
-+ return 0;
-+}
-+
-+/* find any valid super block of disk_format40 (even if the first
-+ super block is destroyed), will change block numbers of actual journal header/footer (jf/jh)
-+ if needed */
-+static struct buffer_head *find_a_disk_format40_super_block(struct super_block
-+ *s)
-+{
-+ struct buffer_head *super_bh;
-+ format40_disk_super_block *disk_sb;
-+ format40_super_info *info;
-+
-+ assert("umka-487", s != NULL);
-+
-+ info = get_sb_info(s);
-+
-+ super_bh = sb_bread(s, info->loc.super);
-+ if (super_bh == NULL)
-+ return ERR_PTR(RETERR(-EIO));
-+
-+ disk_sb = (format40_disk_super_block *) super_bh->b_data;
-+ if (strncmp(disk_sb->magic, FORMAT40_MAGIC, sizeof(FORMAT40_MAGIC))) {
-+ brelse(super_bh);
-+ return ERR_PTR(RETERR(-EINVAL));
-+ }
-+
-+ reiser4_set_block_count(s, le64_to_cpu(get_unaligned(&disk_sb->block_count)));
-+ reiser4_set_data_blocks(s, le64_to_cpu(get_unaligned(&disk_sb->block_count)) -
-+ le64_to_cpu(get_unaligned(&disk_sb->free_blocks)));
-+ reiser4_set_free_blocks(s, le64_to_cpu(get_unaligned(&disk_sb->free_blocks)));
-+
-+ return super_bh;
-+}
-+
-+/* find the most recent version of super block. This is called after journal is
-+ replayed */
-+static struct buffer_head *read_super_block(struct super_block *s UNUSED_ARG)
-+{
-+ /* Here the most recent superblock copy has to be read. However, as
-+ journal replay isn't complete, we are using
-+ find_a_disk_format40_super_block() function. */
-+ return find_a_disk_format40_super_block(s);
-+}
-+
-+static int get_super_jnode(struct super_block *s)
-+{
-+ reiser4_super_info_data *sbinfo = get_super_private(s);
-+ jnode *sb_jnode;
-+ int ret;
-+
-+ sb_jnode = alloc_io_head(&get_sb_info(s)->loc.super);
-+
-+ ret = jload(sb_jnode);
-+
-+ if (ret) {
-+ drop_io_head(sb_jnode);
-+ return ret;
-+ }
-+
-+ pin_jnode_data(sb_jnode);
-+ jrelse(sb_jnode);
-+
-+ sbinfo->u.format40.sb_jnode = sb_jnode;
-+
-+ return 0;
-+}
-+
-+static void done_super_jnode(struct super_block *s)
-+{
-+ jnode *sb_jnode = get_super_private(s)->u.format40.sb_jnode;
-+
-+ if (sb_jnode) {
-+ unpin_jnode_data(sb_jnode);
-+ drop_io_head(sb_jnode);
-+ }
-+}
-+
-+typedef enum format40_init_stage {
-+ NONE_DONE = 0,
-+ CONSULT_DISKMAP,
-+ FIND_A_SUPER,
-+ INIT_JOURNAL_INFO,
-+ INIT_STATUS,
-+ JOURNAL_REPLAY,
-+ READ_SUPER,
-+ KEY_CHECK,
-+ INIT_OID,
-+ INIT_TREE,
-+ JOURNAL_RECOVER,
-+ INIT_SA,
-+ INIT_JNODE,
-+ ALL_DONE
-+} format40_init_stage;
-+
-+static format40_disk_super_block *copy_sb(const struct buffer_head *super_bh)
-+{
-+ format40_disk_super_block *sb_copy;
-+
-+ sb_copy = kmalloc(sizeof(format40_disk_super_block), get_gfp_mask());
-+ if (sb_copy == NULL)
-+ return ERR_PTR(RETERR(-ENOMEM));
-+ memcpy(sb_copy, ((format40_disk_super_block *) super_bh->b_data),
-+ sizeof(format40_disk_super_block));
-+ return sb_copy;
-+}
-+
-+static int check_key_format(const format40_disk_super_block *sb_copy)
-+{
-+ if (!equi(REISER4_LARGE_KEY,
-+ get_format40_flags(sb_copy) & (1 << FORMAT40_LARGE_KEYS))) {
-+ warning("nikita-3228", "Key format mismatch. "
-+ "Only %s keys are supported.",
-+ REISER4_LARGE_KEY ? "large" : "small");
-+ return RETERR(-EINVAL);
-+ }
-+ return 0;
-+}
-+
-+/**
-+ * try_init_format40
-+ * @super:
-+ * @stage:
-+ *
-+ */
-+static int try_init_format40(struct super_block *super,
-+ format40_init_stage *stage)
-+{
-+ int result;
-+ struct buffer_head *super_bh;
-+ reiser4_super_info_data *sbinfo;
-+ format40_disk_super_block *sb_copy;
-+ tree_level height;
-+ reiser4_block_nr root_block;
-+ node_plugin *nplug;
-+
-+ assert("vs-475", super != NULL);
-+ assert("vs-474", get_super_private(super));
-+
-+ *stage = NONE_DONE;
-+
-+ result = consult_diskmap(super);
-+ if (result)
-+ return result;
-+ *stage = CONSULT_DISKMAP;
-+
-+ super_bh = find_a_disk_format40_super_block(super);
-+ if (IS_ERR(super_bh))
-+ return PTR_ERR(super_bh);
-+ brelse(super_bh);
-+ *stage = FIND_A_SUPER;
-+
-+ /* map jnodes for journal control blocks (header, footer) to disk */
-+ result = init_journal_info(super);
-+ if (result)
-+ return result;
-+ *stage = INIT_JOURNAL_INFO;
-+
-+ /* ok, we are sure that filesystem format is a format40 format */
-+ /* Now check it's state */
-+ result = reiser4_status_init(FORMAT40_STATUS_BLOCKNR);
-+ if (result != 0 && result != -EINVAL)
-+ /* -EINVAL means there is no magic, so probably just old
-+ * fs. */
-+ return result;
-+ *stage = INIT_STATUS;
-+
-+ result = reiser4_status_query(NULL, NULL);
-+ if (result == REISER4_STATUS_MOUNT_WARN)
-+ printk("Warning, mounting filesystem with errors\n");
-+ if (result == REISER4_STATUS_MOUNT_RO) {
-+ printk
-+ ("Warning, mounting filesystem with fatal errors, forcing read-only mount\n");
-+ /* FIXME: here we should actually enforce read-only mount,
-+ * only it is unsupported yet. */
-+ }
-+
-+ result = reiser4_journal_replay(super);
-+ if (result)
-+ return result;
-+ *stage = JOURNAL_REPLAY;
-+
-+ super_bh = read_super_block(super);
-+ if (IS_ERR(super_bh))
-+ return PTR_ERR(super_bh);
-+ *stage = READ_SUPER;
-+
-+ /* allocate and make a copy of format40_disk_super_block */
-+ sb_copy = copy_sb(super_bh);
-+ brelse(super_bh);
-+ if (IS_ERR(sb_copy))
-+ return PTR_ERR(sb_copy);
-+
-+ /* make sure that key format of kernel and filesyste match */
-+ result = check_key_format(sb_copy);
-+ if (result) {
-+ kfree(sb_copy);
-+ return result;
-+ }
-+ *stage = KEY_CHECK;
-+
-+ result = oid_init_allocator(super, get_format40_file_count(sb_copy),
-+ get_format40_oid(sb_copy));
-+ if (result) {
-+ kfree(sb_copy);
-+ return result;
-+ }
-+ *stage = INIT_OID;
-+
-+ /* get things necessary to init reiser4_tree */
-+ root_block = get_format40_root_block(sb_copy);
-+ height = get_format40_tree_height(sb_copy);
-+ nplug = node_plugin_by_id(NODE40_ID);
-+
-+
-+ /* initialize reiser4_super_info_data */
-+ sbinfo = get_super_private(super);
-+ assert("", sbinfo->tree.super == super);
-+ /* init reiser4_tree for the filesystem */
-+ result = init_tree(&sbinfo->tree, &root_block, height, nplug);
-+ if (result) {
-+ kfree(sb_copy);
-+ return result;
-+ }
-+ *stage = INIT_TREE;
-+
-+ /*
-+ * initialize reiser4_super_info_data with data from format40 super
-+ * block
-+ */
-+ sbinfo->default_uid = 0;
-+ sbinfo->default_gid = 0;
-+ sbinfo->mkfs_id = get_format40_mkfs_id(sb_copy);
-+ /* number of blocks in filesystem and reserved space */
-+ reiser4_set_block_count(super, get_format40_block_count(sb_copy));
-+ sbinfo->blocks_free = get_format40_free_blocks(sb_copy);
-+ kfree(sb_copy);
-+
-+ sbinfo->fsuid = 0;
-+ sbinfo->fs_flags |= (1 << REISER4_ADG); /* hard links for directories
-+ * are not supported */
-+ sbinfo->fs_flags |= (1 << REISER4_ONE_NODE_PLUGIN); /* all nodes in
-+ * layout 40 are
-+ * of one
-+ * plugin */
-+ /* sbinfo->tmgr is initialized already */
-+
-+ /* recover sb data which were logged separately from sb block */
-+
-+ /* NOTE-NIKITA: reiser4_journal_recover_sb_data() calls
-+ * oid_init_allocator() and reiser4_set_free_blocks() with new
-+ * data. What's the reason to call them above? */
-+ result = reiser4_journal_recover_sb_data(super);
-+ if (result != 0)
-+ return result;
-+ *stage = JOURNAL_RECOVER;
-+
-+ /*
-+ * Set number of used blocks. The number of used blocks is not stored
-+ * neither in on-disk super block nor in the journal footer blocks. At
-+ * this moment actual values of total blocks and free block counters
-+ * are set in the reiser4 super block (in-memory structure) and we can
-+ * calculate number of used blocks from them.
-+ */
-+ reiser4_set_data_blocks(super,
-+ reiser4_block_count(super) -
-+ reiser4_free_blocks(super));
-+
-+#if REISER4_DEBUG
-+ sbinfo->min_blocks_used = 16 /* reserved area */ +
-+ 2 /* super blocks */ +
-+ 2 /* journal footer and header */ ;
-+#endif
-+
-+ /* init disk space allocator */
-+ result = sa_init_allocator(get_space_allocator(super), super, NULL);
-+ if (result)
-+ return result;
-+ *stage = INIT_SA;
-+
-+ result = get_super_jnode(super);
-+ if (result == 0)
-+ *stage = ALL_DONE;
-+ return result;
-+}
-+
-+/* plugin->u.format.get_ready */
-+int init_format_format40(struct super_block *s, void *data UNUSED_ARG)
-+{
-+ int result;
-+ format40_init_stage stage;
-+
-+ result = try_init_format40(s, &stage);
-+ switch (stage) {
-+ case ALL_DONE:
-+ assert("nikita-3458", result == 0);
-+ break;
-+ case INIT_JNODE:
-+ done_super_jnode(s);
-+ case INIT_SA:
-+ sa_destroy_allocator(get_space_allocator(s), s);
-+ case JOURNAL_RECOVER:
-+ case INIT_TREE:
-+ done_tree(&get_super_private(s)->tree);
-+ case INIT_OID:
-+ case KEY_CHECK:
-+ case READ_SUPER:
-+ case JOURNAL_REPLAY:
-+ case INIT_STATUS:
-+ reiser4_status_finish();
-+ case INIT_JOURNAL_INFO:
-+ done_journal_info(s);
-+ case FIND_A_SUPER:
-+ case CONSULT_DISKMAP:
-+ case NONE_DONE:
-+ break;
-+ default:
-+ impossible("nikita-3457", "init stage: %i", stage);
-+ }
-+
-+ if (!rofs_super(s) && reiser4_free_blocks(s) < RELEASE_RESERVED)
-+ return RETERR(-ENOSPC);
-+
-+ return result;
-+}
-+
-+static void pack_format40_super(const struct super_block *s, char *data)
-+{
-+ format40_disk_super_block *super_data =
-+ (format40_disk_super_block *) data;
-+ reiser4_super_info_data *sbinfo = get_super_private(s);
-+
-+ assert("zam-591", data != NULL);
-+
-+ put_unaligned(cpu_to_le64(reiser4_free_committed_blocks(s)),
-+ &super_data->free_blocks);
-+ put_unaligned(cpu_to_le64(sbinfo->tree.root_block), &super_data->root_block);
-+
-+ put_unaligned(cpu_to_le64(oid_next(s)), &super_data->oid);
-+ put_unaligned(cpu_to_le64(oids_used(s)), &super_data->file_count);
-+
-+ put_unaligned(cpu_to_le16(sbinfo->tree.height), &super_data->tree_height);
-+}
-+
-+/* plugin->u.format.log_super
-+ return a jnode which should be added to transaction when the super block
-+ gets logged */
-+jnode *log_super_format40(struct super_block *s)
-+{
-+ jnode *sb_jnode;
-+
-+ sb_jnode = get_super_private(s)->u.format40.sb_jnode;
-+
-+ jload(sb_jnode);
-+
-+ pack_format40_super(s, jdata(sb_jnode));
-+
-+ jrelse(sb_jnode);
-+
-+ return sb_jnode;
-+}
-+
-+/* plugin->u.format.release */
-+int release_format40(struct super_block *s)
-+{
-+ int ret;
-+ reiser4_super_info_data *sbinfo;
-+
-+ sbinfo = get_super_private(s);
-+ assert("zam-579", sbinfo != NULL);
-+
-+ if (!rofs_super(s)) {
-+ ret = capture_super_block(s);
-+ if (ret != 0)
-+ warning("vs-898", "capture_super_block failed: %d",
-+ ret);
-+
-+ ret = txnmgr_force_commit_all(s, 1);
-+ if (ret != 0)
-+ warning("jmacd-74438", "txn_force failed: %d", ret);
-+
-+ all_grabbed2free();
-+ }
-+
-+ sa_destroy_allocator(&sbinfo->space_allocator, s);
-+ done_journal_info(s);
-+ done_super_jnode(s);
-+
-+ rcu_barrier();
-+ done_tree(&sbinfo->tree);
-+ /* call finish_rcu(), because some znode were "released" in
-+ * done_tree(). */
-+ rcu_barrier();
-+
-+ return 0;
-+}
-+
-+#define FORMAT40_ROOT_LOCALITY 41
-+#define FORMAT40_ROOT_OBJECTID 42
-+
-+/* plugin->u.format.root_dir_key */
-+const reiser4_key *root_dir_key_format40(const struct super_block *super
-+ UNUSED_ARG)
-+{
-+ static const reiser4_key FORMAT40_ROOT_DIR_KEY = {
-+ .el = {
-+ __constant_cpu_to_le64((FORMAT40_ROOT_LOCALITY << 4) | KEY_SD_MINOR),
-+#if REISER4_LARGE_KEY
-+ ON_LARGE_KEY(0ull,)
-+#endif
-+ __constant_cpu_to_le64(FORMAT40_ROOT_OBJECTID),
-+ 0ull
-+ }
-+ };
-+
-+ return &FORMAT40_ROOT_DIR_KEY;
-+}
-+
-+/* plugin->u.format.check_open.
-+ Check the opened object for validness. For now it checks for the valid oid &
-+ locality only, can be improved later and it its work may depend on the mount
-+ options. */
-+int check_open_format40(const struct inode *object)
-+{
-+ oid_t max, oid;
-+
-+ max = oid_next(object->i_sb) - 1;
-+
-+ /* Check the oid. */
-+ oid = get_inode_oid(object);
-+ if (oid > max) {
-+ warning("vpf-1360", "The object with the oid %llu "
-+ "greater then the max used oid %llu found.",
-+ (unsigned long long)oid, (unsigned long long)max);
-+
-+ return RETERR(-EIO);
-+ }
-+
-+ /* Check the locality. */
-+ oid = reiser4_inode_data(object)->locality_id;
-+ if (oid > max) {
-+ warning("vpf-1360", "The object with the locality %llu "
-+ "greater then the max used oid %llu found.",
-+ (unsigned long long)oid, (unsigned long long)max);
-+
-+ return RETERR(-EIO);
-+ }
-+
-+ return 0;
-+}
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/disk_format/disk_format40.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/disk_format/disk_format40.h
-@@ -0,0 +1,99 @@
-+/* Copyright 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* this file contains:
-+ - definition of ondisk super block of standart disk layout for
-+ reiser 4.0 (layout 40)
-+ - definition of layout 40 specific portion of in-core super block
-+ - declarations of functions implementing methods of layout plugin
-+ for layout 40
-+ - declarations of functions used to get/set fields in layout 40 super block
-+*/
-+
-+#ifndef __DISK_FORMAT40_H__
-+#define __DISK_FORMAT40_H__
-+
-+/* magic for default reiser4 layout */
-+#define FORMAT40_MAGIC "ReIsEr40FoRmAt"
-+#define FORMAT40_OFFSET (REISER4_MASTER_OFFSET + PAGE_CACHE_SIZE)
-+
-+#include "../../dformat.h"
-+
-+#include <linux/fs.h> /* for struct super_block */
-+
-+typedef enum {
-+ FORMAT40_LARGE_KEYS
-+} format40_flags;
-+
-+/* ondisk super block for format 40. It is 512 bytes long */
-+typedef struct format40_disk_super_block {
-+ /* 0 */ d64 block_count;
-+ /* number of block in a filesystem */
-+ /* 8 */ d64 free_blocks;
-+ /* number of free blocks */
-+ /* 16 */ d64 root_block;
-+ /* filesystem tree root block */
-+ /* 24 */ d64 oid;
-+ /* smallest free objectid */
-+ /* 32 */ d64 file_count;
-+ /* number of files in a filesystem */
-+ /* 40 */ d64 flushes;
-+ /* number of times super block was
-+ flushed. Needed if format 40
-+ will have few super blocks */
-+ /* 48 */ d32 mkfs_id;
-+ /* unique identifier of fs */
-+ /* 52 */ char magic[16];
-+ /* magic string ReIsEr40FoRmAt */
-+ /* 68 */ d16 tree_height;
-+ /* height of filesystem tree */
-+ /* 70 */ d16 formatting_policy;
-+ /* 72 */ d64 flags;
-+ /* 72 */ char not_used[432];
-+} format40_disk_super_block;
-+
-+/* format 40 specific part of reiser4_super_info_data */
-+typedef struct format40_super_info {
-+/* format40_disk_super_block actual_sb; */
-+ jnode *sb_jnode;
-+ struct {
-+ reiser4_block_nr super;
-+ } loc;
-+} format40_super_info;
-+
-+/* Defines for journal header and footer respectively. */
-+#define FORMAT40_JOURNAL_HEADER_BLOCKNR \
-+ ((REISER4_MASTER_OFFSET / PAGE_CACHE_SIZE) + 3)
-+
-+#define FORMAT40_JOURNAL_FOOTER_BLOCKNR \
-+ ((REISER4_MASTER_OFFSET / PAGE_CACHE_SIZE) + 4)
-+
-+#define FORMAT40_STATUS_BLOCKNR \
-+ ((REISER4_MASTER_OFFSET / PAGE_CACHE_SIZE) + 5)
-+
-+/* Diskmap declarations */
-+#define FORMAT40_PLUGIN_DISKMAP_ID ((REISER4_FORMAT_PLUGIN_TYPE<<16) | (FORMAT40_ID))
-+#define FORMAT40_SUPER 1
-+#define FORMAT40_JH 2
-+#define FORMAT40_JF 3
-+
-+/* declarations of functions implementing methods of layout plugin for
-+ format 40. The functions theirself are in disk_format40.c */
-+int init_format_format40(struct super_block *, void *data);
-+const reiser4_key *root_dir_key_format40(const struct super_block *);
-+int release_format40(struct super_block *s);
-+jnode *log_super_format40(struct super_block *s);
-+int check_open_format40(const struct inode *object);
-+
-+/* __DISK_FORMAT40_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/fibration.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/fibration.c
-@@ -0,0 +1,174 @@
-+/* Copyright 2004 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* Directory fibrations */
-+
-+/*
-+ * Suppose we have a directory tree with sources of some project. During
-+ * compilation .o files are created within this tree. This makes access
-+ * to the original source files less efficient, because source files are
-+ * now "diluted" by object files: default directory plugin uses prefix
-+ * of a file name as a part of the key for directory entry (and this
-+ * part is also inherited by the key of file body). This means that
-+ * foo.o will be located close to foo.c and foo.h in the tree.
-+ *
-+ * To avoid this effect directory plugin fill highest 7 (unused
-+ * originally) bits of the second component of the directory entry key
-+ * by bit-pattern depending on the file name (see
-+ * fs/reiser4/kassign.c:build_entry_key_common()). These bits are called
-+ * "fibre". Fibre of the file name key is inherited by key of stat data
-+ * and keys of file body (in the case of REISER4_LARGE_KEY).
-+ *
-+ * Fibre for a given file is chosen by per-directory fibration
-+ * plugin. Names within given fibre are ordered lexicographically.
-+ */
-+
-+#include "../debug.h"
-+#include "plugin_header.h"
-+#include "plugin.h"
-+#include "../super.h"
-+#include "../inode.h"
-+
-+#include <linux/types.h>
-+
-+static const int fibre_shift = 57;
-+
-+#define FIBRE_NO(n) (((__u64)(n)) << fibre_shift)
-+
-+/*
-+ * Trivial fibration: all files of directory are just ordered
-+ * lexicographically.
-+ */
-+static __u64 fibre_trivial(const struct inode *dir, const char *name, int len)
-+{
-+ return FIBRE_NO(0);
-+}
-+
-+/*
-+ * dot-o fibration: place .o files after all others.
-+ */
-+static __u64 fibre_dot_o(const struct inode *dir, const char *name, int len)
-+{
-+ /* special treatment for .*\.o */
-+ if (len > 2 && name[len - 1] == 'o' && name[len - 2] == '.')
-+ return FIBRE_NO(1);
-+ else
-+ return FIBRE_NO(0);
-+}
-+
-+/*
-+ * ext.1 fibration: subdivide directory into 128 fibrations one for each
-+ * 7bit extension character (file "foo.h" goes into fibre "h"), plus
-+ * default fibre for the rest.
-+ */
-+static __u64 fibre_ext_1(const struct inode *dir, const char *name, int len)
-+{
-+ if (len > 2 && name[len - 2] == '.')
-+ return FIBRE_NO(name[len - 1]);
-+ else
-+ return FIBRE_NO(0);
-+}
-+
-+/*
-+ * ext.3 fibration: try to separate files with different 3-character
-+ * extensions from each other.
-+ */
-+static __u64 fibre_ext_3(const struct inode *dir, const char *name, int len)
-+{
-+ if (len > 4 && name[len - 4] == '.')
-+ return FIBRE_NO(name[len - 3] + name[len - 2] + name[len - 1]);
-+ else
-+ return FIBRE_NO(0);
-+}
-+
-+static int change_fibration(struct inode *inode, reiser4_plugin * plugin)
-+{
-+ int result;
-+
-+ assert("nikita-3503", inode != NULL);
-+ assert("nikita-3504", plugin != NULL);
-+
-+ assert("nikita-3505", is_reiser4_inode(inode));
-+ assert("nikita-3506", inode_dir_plugin(inode) != NULL);
-+ assert("nikita-3507",
-+ plugin->h.type_id == REISER4_FIBRATION_PLUGIN_TYPE);
-+
-+ result = 0;
-+ if (inode_fibration_plugin(inode) == NULL ||
-+ inode_fibration_plugin(inode)->h.id != plugin->h.id) {
-+ if (is_dir_empty(inode) == 0)
-+ result =
-+ plugin_set_fibration(&reiser4_inode_data(inode)->
-+ pset, &plugin->fibration);
-+ else
-+ result = RETERR(-ENOTEMPTY);
-+
-+ }
-+ return result;
-+}
-+
-+static reiser4_plugin_ops fibration_plugin_ops = {
-+ .init = NULL,
-+ .load = NULL,
-+ .save_len = NULL,
-+ .save = NULL,
-+ .change = change_fibration
-+};
-+
-+/* fibration plugins */
-+fibration_plugin fibration_plugins[LAST_FIBRATION_ID] = {
-+ [FIBRATION_LEXICOGRAPHIC] = {
-+ .h = {
-+ .type_id = REISER4_FIBRATION_PLUGIN_TYPE,
-+ .id = FIBRATION_LEXICOGRAPHIC,
-+ .pops = &fibration_plugin_ops,
-+ .label = "lexicographic",
-+ .desc = "no fibration",
-+ .linkage = {NULL, NULL}
-+ },
-+ .fibre = fibre_trivial
-+ },
-+ [FIBRATION_DOT_O] = {
-+ .h = {
-+ .type_id = REISER4_FIBRATION_PLUGIN_TYPE,
-+ .id = FIBRATION_DOT_O,
-+ .pops = &fibration_plugin_ops,
-+ .label = "dot-o",
-+ .desc = "fibrate .o files separately",
-+ .linkage = {NULL, NULL}
-+ },
-+ .fibre = fibre_dot_o
-+ },
-+ [FIBRATION_EXT_1] = {
-+ .h = {
-+ .type_id = REISER4_FIBRATION_PLUGIN_TYPE,
-+ .id = FIBRATION_EXT_1,
-+ .pops = &fibration_plugin_ops,
-+ .label = "ext-1",
-+ .desc = "fibrate file by single character extension",
-+ .linkage = {NULL, NULL}
-+ },
-+ .fibre = fibre_ext_1
-+ },
-+ [FIBRATION_EXT_3] = {
-+ .h = {
-+ .type_id = REISER4_FIBRATION_PLUGIN_TYPE,
-+ .id = FIBRATION_EXT_3,
-+ .pops = &fibration_plugin_ops,
-+ .label = "ext-3",
-+ .desc = "fibrate file by three character extension",
-+ .linkage = {NULL, NULL}
-+ },
-+ .fibre = fibre_ext_3
-+ }
-+};
-+
-+/*
-+ * Local variables:
-+ * c-indentation-style: "K&R"
-+ * mode-name: "LC"
-+ * c-basic-offset: 8
-+ * tab-width: 8
-+ * fill-column: 79
-+ * End:
-+ */
-Index: linux-2.6.16/fs/reiser4/plugin/fibration.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/fibration.h
-@@ -0,0 +1,37 @@
-+/* Copyright 2004 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* Fibration plugin used by hashed directory plugin to segment content
-+ * of directory. See fs/reiser4/plugin/fibration.c for more on this. */
-+
-+#if !defined( __FS_REISER4_PLUGIN_FIBRATION_H__ )
-+#define __FS_REISER4_PLUGIN_FIBRATION_H__
-+
-+#include "plugin_header.h"
-+
-+typedef struct fibration_plugin {
-+ /* generic fields */
-+ plugin_header h;
-+
-+ __u64(*fibre) (const struct inode * dir, const char *name, int len);
-+} fibration_plugin;
-+
-+typedef enum {
-+ FIBRATION_LEXICOGRAPHIC,
-+ FIBRATION_DOT_O,
-+ FIBRATION_EXT_1,
-+ FIBRATION_EXT_3,
-+ LAST_FIBRATION_ID
-+} reiser4_fibration_id;
-+
-+/* __FS_REISER4_PLUGIN_FIBRATION_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/file/Makefile
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/file/Makefile
-@@ -0,0 +1,7 @@
-+obj-$(CONFIG_REISER4_FS) += file_plugins.o
-+
-+file_plugins-objs := \
-+ file.o \
-+ tail_conversion.o \
-+ symlink.o \
-+ cryptcompress.o
-Index: linux-2.6.16/fs/reiser4/plugin/file/cryptcompress.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/file/cryptcompress.c
-@@ -0,0 +1,3817 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ reiser4/README */
-+
-+/* This file contains implementations of inode/file/address_space/file plugin
-+ * operations specific for cryptcompress file plugin which manages files with
-+ * compressed and encrypted bodies. "Cryptcompress file" is built of items of
-+ * CTAIL_ID (see http://www.namesys.com/cryptcompress_design.html for details).
-+ */
-+
-+#include "../../page_cache.h"
-+#include "../../inode.h"
-+#include "../cluster.h"
-+#include "../object.h"
-+#include "../../tree_walk.h"
-+#include "cryptcompress.h"
-+
-+#include <asm/scatterlist.h>
-+#include <linux/pagevec.h>
-+#include <asm/uaccess.h>
-+#include <linux/swap.h>
-+#include <linux/writeback.h>
-+#include <linux/random.h>
-+
-+/* get cryptcompress specific portion of inode */
-+cryptcompress_info_t *cryptcompress_inode_data(const struct inode *inode)
-+{
-+ return &reiser4_inode_data(inode)->file_plugin_data.cryptcompress_info;
-+}
-+
-+/* plugin->u.file.init_inode_data */
-+void
-+init_inode_data_cryptcompress(struct inode *inode,
-+ reiser4_object_create_data * crd, int create)
-+{
-+ cryptcompress_info_t *data;
-+
-+ data = cryptcompress_inode_data(inode);
-+ assert("edward-685", data != NULL);
-+
-+ memset(data, 0, sizeof(*data));
-+
-+ init_rwsem(&data->lock);
-+ toggle_compression(data, 1);
-+ init_inode_ordering(inode, crd, create);
-+}
-+
-+#if REISER4_DEBUG
-+int crc_inode_ok(struct inode *inode)
-+{
-+ if (cluster_shift_ok(inode_cluster_shift(inode)))
-+ return 1;
-+ assert("edward-686", 0);
-+ return 0;
-+}
-+#endif
-+
-+static int check_cryptcompress(struct inode *inode)
-+{
-+ int result = 0;
-+ assert("edward-1307", inode_compression_plugin(inode) != NULL);
-+
-+ if (inode_cluster_size(inode) < PAGE_CACHE_SIZE) {
-+ warning("edward-1331",
-+ "%s clusters are unsupported",
-+ inode_cluster_plugin(inode)->h.label);
-+ return RETERR(-EINVAL);
-+ }
-+
-+ /* FIXME-EDWARD: init? or check? */
-+ if (inode_compression_plugin(inode)->init)
-+ result = inode_compression_plugin(inode)->init();
-+ return result;
-+}
-+
-+/* The following is a part of reiser4 cipher key manager
-+ which is called when opening/creating a cryptcompress file */
-+
-+/* get/set cipher key info */
-+crypto_stat_t * inode_crypto_stat (struct inode * inode)
-+{
-+ assert("edward-90", inode != NULL);
-+ assert("edward-91", reiser4_inode_data(inode) != NULL);
-+ return cryptcompress_inode_data(inode)->crypt;
-+}
-+
-+static void set_inode_crypto_stat (struct inode * inode, crypto_stat_t * stat)
-+{
-+ cryptcompress_inode_data(inode)->crypt = stat;
-+}
-+
-+/* allocate a cipher key info */
-+crypto_stat_t * alloc_crypto_stat (struct inode * inode)
-+{
-+ crypto_stat_t * info;
-+ int fipsize;
-+
-+ assert("edward-1421", 0);
-+ info = kmalloc(sizeof(*info), GFP_KERNEL);
-+ if (!info)
-+ return ERR_PTR(-ENOMEM);
-+ memset(info, 0, sizeof (*info));
-+ fipsize = inode_digest_plugin(inode)->fipsize;
-+ info->keyid = kmalloc(fipsize, GFP_KERNEL);
-+ if (!info->keyid) {
-+ kfree(info);
-+ return ERR_PTR(-ENOMEM);
-+ }
-+ return info;
-+}
-+
-+#if 0
-+/* allocate/free low-level info for cipher and digest
-+ transforms */
-+static int
-+alloc_crypto_tfms(plugin_set * pset, crypto_stat_t * info)
-+{
-+ struct crypto_tfm * ret = NULL;
-+ cipher_plugin * cplug = pset->cipher;
-+ digest_plugin * dplug = pset->digest;
-+
-+ assert("edward-1363", info != NULL);
-+ assert("edward-414", cplug != NULL);
-+ assert("edward-415", dplug != NULL);
-+
-+ if (cplug->alloc) {
-+ ret = cplug->alloc();
-+ if (ret == NULL) {
-+ warning("edward-1364",
-+ "Can not allocate info for %s\n",
-+ cplug->h.desc);
-+ return RETERR(-EINVAL);
-+ }
-+ }
-+ info_set_tfm(info, CIPHER_TFM, ret);
-+ if (dplug->alloc) {
-+ ret = dplug->alloc();
-+ if (ret == NULL) {
-+ warning("edward-1365",
-+ "Can not allocate info for %s\n",
-+ dplug->h.desc);
-+ goto err;
-+ }
-+ }
-+ info_set_tfm(info, DIGEST_TFM, ret);
-+ return 0;
-+ err:
-+ if (cplug->free) {
-+ cplug->free(info->tfma[CIPHER_TFM].tfm);
-+ info_set_tfm(info, CIPHER_TFM, NULL);
-+ }
-+ return RETERR(-EINVAL);
-+}
-+#endif
-+
-+static void
-+free_crypto_tfms(crypto_stat_t * info)
-+{
-+ assert("edward-1366", info != NULL);
-+ if (!info_cipher_tfm(info))
-+ return;
-+ info_cipher_plugin(info)->free(info_cipher_tfm(info));
-+ info_set_tfm(info, CIPHER_TFM, NULL);
-+ info_digest_plugin(info)->free(info_digest_tfm(info));
-+ info_set_tfm(info, DIGEST_TFM, NULL);
-+ return;
-+}
-+
-+#if 0
-+/* create a key fingerprint for disk stat-data */
-+static int create_keyid (crypto_stat_t * info, crypto_data_t * data)
-+{
-+ int ret = -ENOMEM;
-+ size_t blk, pad;
-+ __u8 * dmem;
-+ __u8 * cmem;
-+ struct crypto_tfm * dtfm;
-+ struct crypto_tfm * ctfm;
-+ struct scatterlist sg;
-+
-+ assert("edward-1422", 0);
-+ assert("edward-1367", info != NULL);
-+ assert("edward-1368", info->keyid != NULL);
-+
-+ dtfm = info_digest_tfm(info);
-+ ctfm = info_cipher_tfm(info);
-+
-+ dmem = kmalloc((size_t)crypto_tfm_alg_digestsize(dtfm),
-+ GFP_KERNEL);
-+ if (!dmem)
-+ goto exit1;
-+
-+ blk = crypto_tfm_alg_blocksize(ctfm);
-+
-+ pad = data->keyid_size % blk;
-+ pad = (pad ? blk - pad : 0);
-+
-+ cmem = kmalloc((size_t)data->keyid_size + pad, GFP_KERNEL);
-+ if (!cmem)
-+ goto exit2;
-+ memcpy(cmem, data->keyid, data->keyid_size);
-+ memset(cmem + data->keyid_size, 0, pad);
-+
-+ sg.page = virt_to_page(cmem);
-+ sg.offset = offset_in_page(cmem);
-+ sg.length = data->keyid_size + pad;
-+
-+ ret = crypto_cipher_encrypt(ctfm, &sg, &sg, data->keyid_size + pad);
-+ if (ret) {
-+ warning("edward-1369",
-+ "encryption failed flags=%x\n", ctfm->crt_flags);
-+ goto exit3;
-+ }
-+ crypto_digest_init (dtfm);
-+ crypto_digest_update (dtfm, &sg, 1);
-+ crypto_digest_final (dtfm, dmem);
-+ memcpy(info->keyid, dmem, info_digest_plugin(info)->fipsize);
-+ exit3:
-+ kfree(cmem);
-+ exit2:
-+ kfree(dmem);
-+ exit1:
-+ return ret;
-+}
-+#endif
-+
-+static void destroy_keyid(crypto_stat_t * info)
-+{
-+ assert("edward-1370", info != NULL);
-+ assert("edward-1371", info->keyid != NULL);
-+ kfree(info->keyid);
-+ return;
-+}
-+
-+static void free_crypto_stat (crypto_stat_t * info)
-+{
-+ assert("edward-1372", info != NULL);
-+
-+ free_crypto_tfms(info);
-+ destroy_keyid(info);
-+ kfree(info);
-+}
-+
-+#if 0
-+static void instantiate_crypto_stat(crypto_stat_t * info)
-+{
-+ assert("edward-1373", info != NULL);
-+ assert("edward-1374", info->inst == 0);
-+ info->inst = 1;
-+}
-+#endif
-+
-+static void uninstantiate_crypto_stat(crypto_stat_t * info)
-+{
-+ assert("edward-1375", info != NULL);
-+ info->inst = 0;
-+}
-+
-+static int crypto_stat_instantiated(crypto_stat_t * info)
-+{
-+ return info->inst;
-+}
-+
-+static int inode_has_cipher_key(struct inode * inode)
-+{
-+ assert("edward-1376", inode != NULL);
-+ return inode_crypto_stat(inode) &&
-+ crypto_stat_instantiated(inode_crypto_stat(inode));
-+}
-+
-+static void inode_free_crypto_stat (struct inode * inode)
-+{
-+ uninstantiate_crypto_stat(inode_crypto_stat(inode));
-+ free_crypto_stat(inode_crypto_stat(inode));
-+}
-+
-+static int need_cipher(struct inode * inode)
-+{
-+ return inode_cipher_plugin(inode) !=
-+ cipher_plugin_by_id(NONE_CIPHER_ID);
-+}
-+
-+/* Create a crypto-stat and attach result to the @object.
-+ If success is returned, then low-level cipher info contains
-+ an instantiated key */
-+#if 0
-+crypto_stat_t *
-+create_crypto_stat(struct inode * object,
-+ crypto_data_t * data /* this contains a (uninstantiated)
-+ cipher key imported from user
-+ space */)
-+{
-+ int ret;
-+ crypto_stat_t * info;
-+
-+ assert("edward-1377", data != NULL);
-+ assert("edward-1378", need_cipher(object));
-+
-+ if (inode_file_plugin(object) !=
-+ file_plugin_by_id(DIRECTORY_FILE_PLUGIN_ID))
-+ return ERR_PTR(-EINVAL);
-+
-+ info = alloc_crypto_stat(object);
-+ if (IS_ERR(info))
-+ return info;
-+ ret = alloc_crypto_tfms(reiser4_inode_data(object)->pset, info);
-+ if (ret)
-+ goto err;
-+ /* Someone can change plugins of the host (for example if
-+ the host is a directory), so we keep the original ones
-+ in the crypto-stat. */
-+ info_set_cipher_plugin(info, inode_cipher_plugin(object));
-+ info_set_digest_plugin(info, inode_digest_plugin(object));
-+ /* instantiating a key */
-+ ret = crypto_cipher_setkey(info_cipher_tfm(info),
-+ data->key,
-+ data->keysize);
-+ if (ret) {
-+ warning("edward-1379",
-+ "setkey failed flags=%x\n",
-+ info_cipher_tfm(info)->crt_flags);
-+ goto err;
-+ }
-+ info->keysize = data->keysize;
-+ ret = create_keyid(info, data);
-+ if (ret)
-+ goto err;
-+ instantiate_crypto_stat(info);
-+ return info;
-+ err:
-+ free_crypto_stat(info);
-+ return ERR_PTR(ret);
-+}
-+#endif
-+
-+/* increment/decrement a load counter when
-+ attaching/detaching the crypto-stat to any object */
-+static void load_crypto_stat(crypto_stat_t * info)
-+{
-+ assert("edward-1380", info != NULL);
-+ inc_keyload_count(info);
-+}
-+
-+static void unload_crypto_stat(struct inode * inode)
-+{
-+ crypto_stat_t * info = inode_crypto_stat(inode);
-+ assert("edward-1381", info->keyload_count > 0);
-+
-+ dec_keyload_count(inode_crypto_stat(inode));
-+ if (info->keyload_count == 0)
-+ /* final release */
-+ inode_free_crypto_stat(inode);
-+}
-+
-+/* attach/detach an existing crypto-stat */
-+void attach_crypto_stat(struct inode * inode, crypto_stat_t * info)
-+{
-+ assert("edward-1382", inode != NULL);
-+ assert("edward-1383", info != NULL);
-+ assert("edward-1384", inode_crypto_stat(inode) == NULL);
-+
-+ set_inode_crypto_stat(inode, info);
-+ load_crypto_stat(info);
-+}
-+
-+/* returns true, if crypto stat can be attached to the @host */
-+#if REISER4_DEBUG
-+static int host_allows_crypto_stat(struct inode * host)
-+{
-+ int ret;
-+ file_plugin * fplug = inode_file_plugin(host);
-+
-+ switch (fplug->h.id) {
-+ case CRC_FILE_PLUGIN_ID:
-+ ret = 1;
-+ break;
-+ default:
-+ ret = 0;
-+ }
-+ return ret;
-+}
-+#endif /* REISER4_DEBUG */
-+
-+void detach_crypto_stat(struct inode * inode)
-+{
-+ assert("edward-1385", inode != NULL);
-+ assert("edward-1386", host_allows_crypto_stat(inode));
-+
-+ if (inode_crypto_stat(inode))
-+ unload_crypto_stat(inode);
-+ set_inode_crypto_stat(inode, NULL);
-+}
-+
-+#if 0
-+
-+/* compare fingerprints of @child and @parent */
-+static int keyid_eq(crypto_stat_t * child, crypto_stat_t * parent)
-+{
-+ return !memcmp(child->keyid, parent->keyid, info_digest_plugin(parent)->fipsize);
-+}
-+
-+/* check if a crypto-stat (which is bound to @parent) can be inherited */
-+int can_inherit_crypto_crc(struct inode *child, struct inode *parent)
-+{
-+ if (!need_cipher(child))
-+ return 0;
-+ /* the child is created */
-+ if (!inode_crypto_stat(child))
-+ return 1;
-+ /* the child is looked up */
-+ if (!inode_crypto_stat(parent))
-+ return 0;
-+ return (inode_cipher_plugin(child) == inode_cipher_plugin(parent) &&
-+ inode_digest_plugin(child) == inode_digest_plugin(parent) &&
-+ inode_crypto_stat(child)->keysize == inode_crypto_stat(parent)->keysize &&
-+ keyid_eq(inode_crypto_stat(child), inode_crypto_stat(parent)));
-+}
-+#endif
-+
-+/* helper functions for ->create() method of the cryptcompress plugin */
-+static int inode_set_crypto(struct inode * object)
-+{
-+ reiser4_inode * info;
-+ if (!inode_crypto_stat(object)) {
-+ if (need_cipher(object))
-+ return RETERR(-EINVAL);
-+ /* the file is not to be encrypted */
-+ return 0;
-+ }
-+ info = reiser4_inode_data(object);
-+ info->extmask |= (1 << CRYPTO_STAT);
-+ info->plugin_mask |= (1 << PSET_CIPHER) | (1 << PSET_DIGEST);
-+ return 0;
-+}
-+
-+static int
-+inode_set_compression(struct inode * object)
-+{
-+ int result = 0;
-+ compression_plugin * cplug;
-+ reiser4_inode * info = reiser4_inode_data(object);
-+
-+ cplug = inode_compression_plugin(object);
-+
-+ if (cplug->init != NULL) {
-+ result = cplug->init();
-+ if (result)
-+ return result;
-+ }
-+ info->plugin_mask |= (1 << PSET_COMPRESSION);
-+
-+ return 0;
-+}
-+
-+static void
-+inode_set_compression_mode(struct inode * object)
-+{
-+ reiser4_inode * info = reiser4_inode_data(object);
-+
-+ info->plugin_mask |= (1 << PSET_COMPRESSION_MODE);
-+ return;
-+}
-+
-+static int inode_set_cluster(struct inode *object)
-+{
-+ reiser4_inode *info;
-+ cluster_plugin *cplug;
-+
-+ assert("edward-696", object != NULL);
-+
-+ info = reiser4_inode_data(object);
-+ cplug = inode_cluster_plugin(object);
-+
-+ if (cplug->shift < PAGE_CACHE_SHIFT) {
-+ warning("edward-1320",
-+ "Can not support %p clusters (less then page size)",
-+ cplug->h.label);
-+ return RETERR(-EINVAL);
-+ }
-+ info->plugin_mask |= (1 << PSET_CLUSTER);
-+ return 0;
-+}
-+
-+/* ->destroy_inode() method of the cryptcompress plugin */
-+void destroy_inode_cryptcompress(struct inode * inode)
-+{
-+ assert("edward-23", cryptcompress_inode_data(inode)->pgcount == 0);
-+ detach_crypto_stat(inode);
-+ return;
-+}
-+
-+/* ->create() method of the cryptcompress plugin
-+
-+. install plugins
-+. attach crypto info if specified
-+. attach compression info if specified
-+. attach cluster info
-+*/
-+int
-+create_cryptcompress(struct inode *object, struct inode *parent,
-+ reiser4_object_create_data * data)
-+{
-+ int result;
-+ reiser4_inode *info;
-+
-+ assert("edward-23", object != NULL);
-+ assert("edward-24", parent != NULL);
-+ assert("edward-30", data != NULL);
-+ assert("edward-26", inode_get_flag(object, REISER4_NO_SD));
-+ assert("edward-27", data->id == CRC_FILE_PLUGIN_ID);
-+
-+ info = reiser4_inode_data(object);
-+
-+ assert("edward-29", info != NULL);
-+
-+ /* set file bit */
-+ info->plugin_mask |= (1 << PSET_FILE);
-+
-+ /* set crypto */
-+ result = inode_set_crypto(object);
-+ if (result)
-+ goto error;
-+ /* set compression */
-+ result = inode_set_compression(object);
-+ if (result)
-+ goto error;
-+ inode_set_compression_mode(object);
-+
-+ /* set cluster info */
-+ result = inode_set_cluster(object);
-+ if (result)
-+ goto error;
-+ /* set plugin mask */
-+ info->extmask |= (1 << PLUGIN_STAT);
-+
-+ /* save everything in disk stat-data */
-+ result = write_sd_by_inode_common(object);
-+ if (!result)
-+ return 0;
-+ error:
-+ detach_crypto_stat(object);
-+ return result;
-+}
-+
-+/* ->open() method of the cryptcompress plugin */
-+int open_cryptcompress(struct inode * inode, struct file * file)
-+{
-+ struct inode * parent;
-+
-+ assert("edward-1394", inode != NULL);
-+ assert("edward-1395", file != NULL);
-+ assert("edward-1396", file != NULL);
-+ assert("edward-1397", file->f_dentry->d_inode == inode);
-+ assert("edward-1398", file->f_dentry->d_parent != NULL);
-+ assert("edward-1399", file->f_dentry->d_parent->d_inode != NULL);
-+ assert("edward-698",
-+ inode_file_plugin(inode) ==
-+ file_plugin_by_id(CRC_FILE_PLUGIN_ID));
-+
-+ if (!need_cipher(inode))
-+ /* the file is not to be ciphered */
-+ return 0;
-+ parent = file->f_dentry->d_parent->d_inode;
-+ if (!inode_has_cipher_key(inode))
-+ return RETERR(-EINVAL);
-+ return 0;
-+}
-+
-+/* returns a blocksize, the attribute of a cipher algorithm */
-+static unsigned int
-+cipher_blocksize(struct inode * inode)
-+{
-+ assert("edward-758", need_cipher(inode));
-+ assert("edward-1400", inode_crypto_stat(inode) != NULL);
-+ return crypto_tfm_alg_blocksize
-+ (info_cipher_tfm(inode_crypto_stat(inode)));
-+}
-+
-+/* returns offset translated by scale factor of the crypto-algorithm */
-+static loff_t inode_scaled_offset (struct inode * inode,
-+ const loff_t src_off /* input offset */)
-+{
-+ assert("edward-97", inode != NULL);
-+
-+ if (!need_cipher(inode) ||
-+ src_off == get_key_offset(min_key()) ||
-+ src_off == get_key_offset(max_key()))
-+ return src_off;
-+
-+ return inode_cipher_plugin(inode)->scale(inode,
-+ cipher_blocksize(inode),
-+ src_off);
-+}
-+
-+/* returns disk cluster size */
-+size_t inode_scaled_cluster_size(struct inode * inode)
-+{
-+ assert("edward-110", inode != NULL);
-+
-+ return inode_scaled_offset(inode, inode_cluster_size(inode));
-+}
-+
-+static int new_cluster(reiser4_cluster_t * clust, struct inode *inode)
-+{
-+ return (clust_to_off(clust->index, inode) >= inode->i_size);
-+}
-+
-+/* set number of cluster pages */
-+static void set_cluster_nrpages(reiser4_cluster_t * clust, struct inode *inode)
-+{
-+ reiser4_slide_t *win;
-+
-+ assert("edward-180", clust != NULL);
-+ assert("edward-1040", inode != NULL);
-+
-+ win = clust->win;
-+ if (!win) {
-+ /* NOTE-EDWARD: i_size should be protected */
-+ clust->nr_pages =
-+ count_to_nrpages(fsize_to_count(clust, inode));
-+ return;
-+ }
-+ assert("edward-1176", clust->op != PCL_UNKNOWN);
-+ assert("edward-1064", win->off + win->count + win->delta != 0);
-+
-+ if (win->stat == HOLE_WINDOW &&
-+ win->off == 0 && win->count == inode_cluster_size(inode)) {
-+ /* special case: we start write hole from fake cluster */
-+ clust->nr_pages = 0;
-+ return;
-+ }
-+ clust->nr_pages =
-+ count_to_nrpages(max_count(win->off + win->count + win->delta,
-+ fsize_to_count(clust, inode)));
-+ return;
-+}
-+
-+/* ->key_by_inode() method of the cryptcompress plugin */
-+/* see plugin/plugin.h for details */
-+int
-+key_by_inode_cryptcompress(struct inode *inode, loff_t off, reiser4_key * key)
-+{
-+ loff_t clust_off;
-+
-+ assert("edward-64", inode != 0);
-+ // assert("edward-112", ergo(off != get_key_offset(max_key()), !off_to_cloff(off, inode)));
-+ /* don't come here with other offsets */
-+
-+ clust_off =
-+ (off ==
-+ get_key_offset(max_key())? get_key_offset(max_key()) :
-+ off_to_clust_to_off(off, inode));
-+
-+ key_by_inode_and_offset_common(inode, 0, key);
-+ set_key_offset(key,
-+ (__u64) (!inode_crypto_stat(inode) ? clust_off :
-+ inode_scaled_offset(inode, clust_off)));
-+ return 0;
-+}
-+
-+/* plugin->flow_by_inode */
-+int
-+flow_by_inode_cryptcompress(struct inode *inode /* file to build flow for */ ,
-+ const char __user *buf /* user level buffer */ ,
-+ int user /* 1 if @buf is of user space, 0 - if it is
-+ kernel space */ ,
-+ loff_t size /* buffer size */ ,
-+ loff_t off /* offset to start io from */ ,
-+ rw_op op /* READ or WRITE */ ,
-+ flow_t * f /* resulting flow */ )
-+{
-+ assert("edward-436", f != NULL);
-+ assert("edward-149", inode != NULL);
-+ assert("edward-150", inode_file_plugin(inode) != NULL);
-+ assert("edward-151",
-+ inode_file_plugin(inode)->key_by_inode ==
-+ key_by_inode_cryptcompress);
-+
-+ f->length = size;
-+ memcpy(&f->data, &buf, sizeof(buf));
-+ f->user = user;
-+ f->op = op;
-+
-+ if (op == WRITE_OP && user == 1)
-+ return 0;
-+ return key_by_inode_cryptcompress(inode, off, &f->key);
-+}
-+
-+static int
-+crc_hint_validate(hint_t * hint, const reiser4_key * key,
-+ znode_lock_mode lock_mode)
-+{
-+ coord_t *coord;
-+
-+ assert("edward-704", hint != NULL);
-+ assert("edward-1089", !hint->ext_coord.valid);
-+ assert("edward-706", hint->lh.owner == NULL);
-+
-+ coord = &hint->ext_coord.coord;
-+
-+ if (!hint || !hint_is_set(hint) || hint->mode != lock_mode)
-+ /* hint either not set or set by different operation */
-+ return RETERR(-E_REPEAT);
-+
-+ if (get_key_offset(key) != hint->offset)
-+ /* hint is set for different key */
-+ return RETERR(-E_REPEAT);
-+
-+ assert("edward-707", schedulable());
-+
-+ return seal_validate(&hint->seal, &hint->ext_coord.coord,
-+ key, &hint->lh, lock_mode, ZNODE_LOCK_LOPRI);
-+}
-+
-+/* reserve disk space when writing a logical cluster */
-+static int reserve4cluster(struct inode *inode, reiser4_cluster_t *clust)
-+{
-+ int result = 0;
-+
-+ assert("edward-965", schedulable());
-+ assert("edward-439", inode != NULL);
-+ assert("edward-440", clust != NULL);
-+ assert("edward-441", clust->pages != NULL);
-+ assert("edward-1261", get_current_context()->grabbed_blocks == 0);
-+
-+ if (clust->nr_pages == 0) {
-+ assert("edward-1152", clust->win != NULL);
-+ assert("edward-1153", clust->win->stat == HOLE_WINDOW);
-+ /* don't reserve space for fake disk clusteer */
-+ return 0;
-+ }
-+ assert("edward-442", jprivate(clust->pages[0]) != NULL);
-+
-+ result = reiser4_grab_space_force(estimate_insert_cluster(inode) +
-+ estimate_update_cluster(inode),
-+ BA_CAN_COMMIT);
-+ if (result)
-+ return result;
-+ clust->reserved = 1;
-+ grabbed2cluster_reserved(estimate_insert_cluster(inode) +
-+ estimate_update_cluster(inode));
-+#if REISER4_DEBUG
-+ clust->reserved_prepped = estimate_update_cluster(inode);
-+ clust->reserved_unprepped = estimate_insert_cluster(inode);
-+#endif
-+ /* there can be space grabbed by txnmgr_force_commit_all */
-+ all_grabbed2free();
-+ return 0;
-+}
-+
-+/* free reserved disk space if writing a logical cluster fails */
-+static void
-+free_reserved4cluster(struct inode *inode, reiser4_cluster_t * clust, int count)
-+{
-+ assert("edward-967", clust->reserved == 1);
-+
-+ cluster_reserved2free(count);
-+ clust->reserved = 0;
-+}
-+
-+/* The core search procedure of the cryptcompress plugin.
-+ If returned value is not cbk_errored, then current znode is locked */
-+static int find_cluster_item(hint_t * hint,
-+ const reiser4_key * key, /* key of the item we are
-+ looking for */
-+ znode_lock_mode lock_mode /* which lock */ ,
-+ ra_info_t * ra_info, lookup_bias bias, __u32 flags)
-+{
-+ int result;
-+ reiser4_key ikey;
-+ coord_t *coord = &hint->ext_coord.coord;
-+ coord_t orig = *coord;
-+
-+ assert("edward-152", hint != NULL);
-+
-+ if (hint->ext_coord.valid == 0) {
-+ result = crc_hint_validate(hint, key, lock_mode);
-+ if (result == -E_REPEAT)
-+ goto traverse_tree;
-+ else if (result) {
-+ assert("edward-1216", 0);
-+ return result;
-+ }
-+ hint->ext_coord.valid = 1;
-+ }
-+ assert("edward-709", znode_is_any_locked(coord->node));
-+
-+ /* In-place lookup is going here, it means we just need to
-+ check if next item of the @coord match to the @keyhint) */
-+
-+ if (equal_to_rdk(coord->node, key)) {
-+ result = goto_right_neighbor(coord, &hint->lh);
-+ if (result == -E_NO_NEIGHBOR) {
-+ assert("edward-1217", 0);
-+ return RETERR(-EIO);
-+ }
-+ if (result)
-+ return result;
-+ assert("edward-1218", equal_to_ldk(coord->node, key));
-+ } else {
-+ coord->item_pos++;
-+ coord->unit_pos = 0;
-+ coord->between = AT_UNIT;
-+ }
-+ result = zload(coord->node);
-+ if (result)
-+ return result;
-+ assert("edward-1219", !node_is_empty(coord->node));
-+
-+ if (!coord_is_existing_item(coord)) {
-+ zrelse(coord->node);
-+ goto not_found;
-+ }
-+ item_key_by_coord(coord, &ikey);
-+ zrelse(coord->node);
-+ if (!keyeq(key, &ikey))
-+ goto not_found;
-+ return CBK_COORD_FOUND;
-+
-+ not_found:
-+ assert("edward-1220", coord->item_pos > 0);
-+ //coord->item_pos--;
-+ /* roll back */
-+ *coord = orig;
-+ ON_DEBUG(coord_update_v(coord));
-+ return CBK_COORD_NOTFOUND;
-+
-+ traverse_tree:
-+ assert("edward-713", hint->lh.owner == NULL);
-+ assert("edward-714", schedulable());
-+
-+ unset_hint(hint);
-+ coord_init_zero(coord);
-+ result = coord_by_key(current_tree, key, coord, &hint->lh,
-+ lock_mode, bias, LEAF_LEVEL, LEAF_LEVEL,
-+ CBK_UNIQUE | flags, ra_info);
-+ if (cbk_errored(result))
-+ return result;
-+ hint->ext_coord.valid = 1;
-+ return result;
-+}
-+
-+/* This function is called by deflate[inflate] manager when
-+ creating a transformed/plain stream to check if we should
-+ create/cut some overhead. If this returns true, then @oh
-+ contains the size of this overhead.
-+ */
-+static int
-+need_cut_or_align(struct inode * inode, reiser4_cluster_t * clust,
-+ rw_op rw, int * oh)
-+{
-+ tfm_cluster_t * tc = &clust->tc;
-+ switch (rw) {
-+ case WRITE_OP: /* estimate align */
-+ *oh = tc->len % cipher_blocksize(inode);
-+ if (*oh != 0)
-+ return 1;
-+ break;
-+ case READ_OP: /* estimate cut */
-+ *oh = *(tfm_output_data(clust) + tc->len - 1);
-+ break;
-+ default:
-+ impossible("edward-1401", "bad option");
-+ }
-+ return (tc->len != tc->lsize);
-+}
-+
-+/* create/cut an overhead of transformed/plain stream */
-+static void
-+align_or_cut_overhead(struct inode * inode, reiser4_cluster_t * clust, rw_op rw)
-+{
-+ int oh;
-+ cipher_plugin * cplug = inode_cipher_plugin(inode);
-+
-+ assert("edward-1402", need_cipher(inode));
-+
-+ if (!need_cut_or_align(inode, clust, rw, &oh))
-+ return;
-+ switch (rw) {
-+ case WRITE_OP: /* do align */
-+ clust->tc.len +=
-+ cplug->align_stream(tfm_input_data(clust) +
-+ clust->tc.len, clust->tc.len,
-+ cipher_blocksize(inode));
-+ *(tfm_input_data(clust) + clust->tc.len - 1) =
-+ cipher_blocksize(inode) - oh;
-+ break;
-+ case READ_OP: /* do cut */
-+ assert("edward-1403", oh <= cipher_blocksize(inode));
-+ clust->tc.len -= oh;
-+ break;
-+ default:
-+ impossible("edward-1404", "bad option");
-+ }
-+ return;
-+}
-+
-+/* the following two functions are to evaluate results
-+ of compression transform */
-+static unsigned
-+max_cipher_overhead(struct inode * inode)
-+{
-+ if (!need_cipher(inode) || !inode_cipher_plugin(inode)->align_stream)
-+ return 0;
-+ return cipher_blocksize(inode);
-+}
-+
-+static int deflate_overhead(struct inode *inode)
-+{
-+ return (inode_compression_plugin(inode)->
-+ checksum ? DC_CHECKSUM_SIZE : 0);
-+}
-+
-+static unsigned deflate_overrun(struct inode * inode, int ilen)
-+{
-+ return coa_overrun(inode_compression_plugin(inode), ilen);
-+}
-+
-+/* Estimating compressibility of a logical cluster by various
-+ policies represented by compression mode plugin.
-+ If this returns false, then compressor won't be called for
-+ the cluster of index @index.
-+*/
-+static int should_compress(tfm_cluster_t * tc, cloff_t index,
-+ struct inode *inode)
-+{
-+ compression_plugin *cplug = inode_compression_plugin(inode);
-+ compression_mode_plugin *mplug = inode_compression_mode_plugin(inode);
-+
-+ assert("edward-1321", tc->len != 0);
-+ assert("edward-1322", cplug != NULL);
-+ assert("edward-1323", mplug != NULL);
-+
-+ return /* estimate by size */
-+ (cplug->min_size_deflate ?
-+ tc->len >= cplug->min_size_deflate() :
-+ 1) &&
-+ /* estimate by compression mode plugin */
-+ (mplug->should_deflate ?
-+ mplug->should_deflate(inode, index) :
-+ 1);
-+}
-+
-+/* Evaluating results of compression transform.
-+ Returns true, if we need to accept this results */
-+static int
-+save_compressed(int size_before, int size_after, struct inode * inode)
-+{
-+ return (size_after + deflate_overhead(inode) +
-+ max_cipher_overhead(inode) < size_before);
-+}
-+
-+/* Guess result of the evaluation above */
-+static int
-+need_inflate(reiser4_cluster_t * clust, struct inode *inode,
-+ int encrypted /* is cluster encrypted */ )
-+{
-+ tfm_cluster_t *tc = &clust->tc;
-+
-+ assert("edward-142", tc != 0);
-+ assert("edward-143", inode != NULL);
-+
-+ return tc->len <
-+ (encrypted ?
-+ inode_scaled_offset(inode, tc->lsize) :
-+ tc->lsize);
-+}
-+
-+/* If results of compression were accepted, then we add
-+ a checksum to catch possible disk cluster corruption.
-+ The following is a format of the data stored in disk clusters:
-+
-+ data This is (transformed) logical cluster.
-+ cipher_overhead This is created by ->align() method
-+ of cipher plugin. May be absent.
-+ checksum (4) This is created by ->checksum method
-+ of compression plugin to check
-+ integrity. May be absent.
-+
-+ Crypto overhead format:
-+
-+ data
-+ control_byte (1) contains aligned overhead size:
-+ 1 <= overhead <= cipher_blksize
-+*/
-+/* Append a checksum at the end of a transformed stream */
-+static void dc_set_checksum(compression_plugin * cplug, tfm_cluster_t * tc)
-+{
-+ __u32 checksum;
-+
-+ assert("edward-1309", tc != NULL);
-+ assert("edward-1310", tc->len > 0);
-+ assert("edward-1311", cplug->checksum != NULL);
-+
-+ checksum = cplug->checksum(tfm_stream_data(tc, OUTPUT_STREAM), tc->len);
-+ put_unaligned(cpu_to_le32(checksum),
-+ (d32 *)(tfm_stream_data(tc, OUTPUT_STREAM) + tc->len));
-+ tc->len += (int)DC_CHECKSUM_SIZE;
-+}
-+
-+/* Check a disk cluster checksum.
-+ Returns 0 if checksum is correct, otherwise returns 1 */
-+static int dc_check_checksum(compression_plugin * cplug, tfm_cluster_t * tc)
-+{
-+ assert("edward-1312", tc != NULL);
-+ assert("edward-1313", tc->len > (int)DC_CHECKSUM_SIZE);
-+ assert("edward-1314", cplug->checksum != NULL);
-+
-+ if (cplug->checksum(tfm_stream_data(tc, INPUT_STREAM),
-+ tc->len - (int)DC_CHECKSUM_SIZE) !=
-+ le32_to_cpu(get_unaligned((d32 *)
-+ (tfm_stream_data(tc, INPUT_STREAM)
-+ + tc->len - (int)DC_CHECKSUM_SIZE)))) {
-+ warning("edward-156",
-+ "Bad disk cluster checksum %d, (should be %d) Fsck?\n",
-+ (int)le32_to_cpu
-+ (get_unaligned((d32 *)
-+ (tfm_stream_data(tc, INPUT_STREAM) +
-+ tc->len - (int)DC_CHECKSUM_SIZE))),
-+ (int)cplug->checksum
-+ (tfm_stream_data(tc, INPUT_STREAM),
-+ tc->len - (int)DC_CHECKSUM_SIZE));
-+ return 1;
-+ }
-+ tc->len -= (int)DC_CHECKSUM_SIZE;
-+ return 0;
-+}
-+
-+/* get input/output stream for some transform action */
-+int grab_tfm_stream(struct inode * inode, tfm_cluster_t * tc,
-+ tfm_stream_id id)
-+{
-+ size_t size = inode_scaled_cluster_size(inode);
-+
-+ assert("edward-901", tc != NULL);
-+ assert("edward-1027", inode_compression_plugin(inode) != NULL);
-+
-+ if (tc->act == TFM_WRITE_ACT)
-+ size += deflate_overrun(inode, inode_cluster_size(inode));
-+
-+ if (!tfm_stream(tc, id) && id == INPUT_STREAM)
-+ alternate_streams(tc);
-+ if (!tfm_stream(tc, id))
-+ return alloc_tfm_stream(tc, size, id);
-+
-+ assert("edward-902", tfm_stream_is_set(tc, id));
-+
-+ if (tfm_stream_size(tc, id) < size)
-+ return realloc_tfm_stream(tc, size, id);
-+ return 0;
-+}
-+
-+/* Common deflate manager */
-+int deflate_cluster(reiser4_cluster_t * clust, struct inode * inode)
-+{
-+ int result = 0;
-+ int compressed = 0;
-+ int encrypted = 0;
-+ tfm_cluster_t * tc = &clust->tc;
-+ compression_plugin * coplug;
-+
-+ assert("edward-401", inode != NULL);
-+ assert("edward-903", tfm_stream_is_set(tc, INPUT_STREAM));
-+ assert("edward-1348", tc->act == TFM_WRITE_ACT);
-+ assert("edward-498", !tfm_cluster_is_uptodate(tc));
-+
-+ coplug = inode_compression_plugin(inode);
-+ if (should_compress(tc, clust->index, inode)) {
-+ /* try to compress, discard bad results */
-+ __u32 dst_len;
-+ compression_mode_plugin * mplug =
-+ inode_compression_mode_plugin(inode);
-+ assert("edward-602", coplug != NULL);
-+ assert("edward-1423", coplug->compress != NULL);
-+
-+ result = grab_coa(tc, coplug);
-+ if (result) {
-+ warning("edward-1424",
-+ "alloc_coa failed with ret=%d, skipped compression",
-+ result);
-+ goto cipher;
-+ }
-+ result = grab_tfm_stream(inode, tc, OUTPUT_STREAM);
-+ if (result) {
-+ warning("edward-1425",
-+ "alloc stream failed with ret=%d, skipped compression",
-+ result);
-+ goto cipher;
-+ }
-+ dst_len = tfm_stream_size(tc, OUTPUT_STREAM);
-+ coplug->compress(get_coa(tc, coplug->h.id, tc->act),
-+ tfm_input_data(clust), tc->len,
-+ tfm_output_data(clust), &dst_len);
-+ /* make sure we didn't overwrite extra bytes */
-+ assert("edward-603",
-+ dst_len <= tfm_stream_size(tc, OUTPUT_STREAM));
-+
-+ /* evaluate results of compression transform */
-+ if (save_compressed(tc->len, dst_len, inode)) {
-+ /* good result, accept */
-+ tc->len = dst_len;
-+ if (mplug->accept_hook != NULL) {
-+ result = mplug->accept_hook(inode, clust->index);
-+ if (result)
-+ warning("edward-1426",
-+ "accept_hook failed with ret=%d",
-+ result);
-+ }
-+ compressed = 1;
-+ }
-+ else {
-+ /* bad result, discard */
-+#if REISER4_DEBUG
-+ if (cluster_is_complete(clust, inode))
-+ warning("edward-1338",
-+ "incompressible cluster %lu (inode %llu)",
-+ clust->index,
-+ (unsigned long long)get_inode_oid(inode));
-+#endif
-+ if (mplug->discard_hook != NULL &&
-+ cluster_is_complete(clust, inode)) {
-+ result = mplug->discard_hook(inode,
-+ clust->index);
-+ if (result)
-+ warning("edward-1427",
-+ "discard_hook failed with ret=%d",
-+ result);
-+ }
-+ }
-+ }
-+ cipher:
-+ if (need_cipher(inode)) {
-+ cipher_plugin * ciplug;
-+ struct crypto_tfm * tfm;
-+ struct scatterlist src;
-+ struct scatterlist dst;
-+
-+ ciplug = inode_cipher_plugin(inode);
-+ tfm = info_cipher_tfm(inode_crypto_stat(inode));
-+ if (compressed)
-+ alternate_streams(tc);
-+ result = grab_tfm_stream(inode, tc, OUTPUT_STREAM);
-+ if (result)
-+ return result;
-+
-+ align_or_cut_overhead(inode, clust, WRITE_OP);
-+ src.page = virt_to_page(tfm_input_data(clust));
-+ src.offset = offset_in_page(tfm_input_data(clust));
-+ src.length = tc->len;
-+
-+ dst.page = virt_to_page(tfm_output_data(clust));
-+ dst.offset = offset_in_page(tfm_output_data(clust));
-+ dst.length = tc->len;
-+
-+ result = crypto_cipher_encrypt(tfm, &dst, &src, tc->len);
-+ if (result) {
-+ warning("edward-1405",
-+ "encryption failed flags=%x\n", tfm->crt_flags);
-+ return result;
-+ }
-+ encrypted = 1;
-+ }
-+ if (compressed && coplug->checksum != NULL)
-+ dc_set_checksum(coplug, tc);
-+ if (!compressed && !encrypted)
-+ alternate_streams(tc);
-+ return result;
-+}
-+
-+/* Common inflate manager. */
-+int inflate_cluster(reiser4_cluster_t * clust, struct inode * inode)
-+{
-+ int result = 0;
-+ int transformed = 0;
-+ tfm_cluster_t * tc = &clust->tc;
-+ compression_plugin * coplug;
-+
-+ assert("edward-905", inode != NULL);
-+ assert("edward-1178", clust->dstat == PREP_DISK_CLUSTER);
-+ assert("edward-906", tfm_stream_is_set(&clust->tc, INPUT_STREAM));
-+ assert("edward-1349", tc->act == TFM_READ_ACT);
-+ assert("edward-907", !tfm_cluster_is_uptodate(tc));
-+
-+ /* Handle a checksum (if any) */
-+ coplug = inode_compression_plugin(inode);
-+ if (need_inflate(clust, inode, need_cipher(inode)) &&
-+ coplug->checksum != NULL) {
-+ result = dc_check_checksum(coplug, tc);
-+ if (result)
-+ return RETERR(-EIO);
-+ }
-+ if (need_cipher(inode)) {
-+ cipher_plugin * ciplug;
-+ struct crypto_tfm * tfm;
-+ struct scatterlist src;
-+ struct scatterlist dst;
-+
-+ ciplug = inode_cipher_plugin(inode);
-+ tfm = info_cipher_tfm(inode_crypto_stat(inode));
-+ result = grab_tfm_stream(inode, tc, OUTPUT_STREAM);
-+ if (result)
-+ return result;
-+ assert("edward-909", tfm_cluster_is_set(tc));
-+
-+ src.page = virt_to_page(tfm_input_data(clust));
-+ src.offset = offset_in_page(tfm_input_data(clust));
-+ src.length = tc->len;
-+
-+ dst.page = virt_to_page(tfm_output_data(clust));
-+ dst.offset = offset_in_page(tfm_output_data(clust));
-+ dst.length = tc->len;
-+
-+ result = crypto_cipher_decrypt(tfm, &dst, &src, tc->len);
-+ if (result)
-+ return result;
-+ align_or_cut_overhead(inode, clust, READ_OP);
-+ transformed = 1;
-+ }
-+ if (need_inflate(clust, inode, 0)) {
-+ unsigned dst_len = inode_cluster_size(inode);
-+ if(transformed)
-+ alternate_streams(tc);
-+
-+ result = grab_tfm_stream(inode, tc, OUTPUT_STREAM);
-+ if (result)
-+ return result;
-+ assert("edward-1305", coplug->decompress != NULL);
-+ assert("edward-910", tfm_cluster_is_set(tc));
-+
-+ coplug->decompress(get_coa(tc, coplug->h.id, tc->act),
-+ tfm_input_data(clust), tc->len,
-+ tfm_output_data(clust), &dst_len);
-+ /* check length */
-+ tc->len = dst_len;
-+ assert("edward-157", dst_len == tc->lsize);
-+ transformed = 1;
-+ }
-+ if (!transformed)
-+ alternate_streams(tc);
-+ return result;
-+}
-+
-+/* This is implementation of readpage method of struct
-+ address_space_operations for cryptcompress plugin. */
-+int readpage_cryptcompress(struct file *file, struct page *page)
-+{
-+ reiser4_context *ctx;
-+ reiser4_cluster_t clust;
-+ item_plugin *iplug;
-+ int result;
-+
-+ assert("edward-88", PageLocked(page));
-+ assert("vs-976", !PageUptodate(page));
-+ assert("edward-89", page->mapping && page->mapping->host);
-+
-+ ctx = init_context(page->mapping->host->i_sb);
-+ if (IS_ERR(ctx))
-+ return PTR_ERR(ctx);
-+ result = check_cryptcompress(page->mapping->host);
-+ if (result) {
-+ unlock_page(page);
-+ reiser4_exit_context(ctx);
-+ return result;
-+ }
-+ assert("edward-113",
-+ ergo(file != NULL,
-+ page->mapping == file->f_dentry->d_inode->i_mapping));
-+
-+ if (PageUptodate(page)) {
-+ warning("edward-1338", "page is already uptodate\n");
-+ reiser4_exit_context(ctx);
-+ return 0;
-+ }
-+ cluster_init_read(&clust, NULL);
-+ clust.file = file;
-+ iplug = item_plugin_by_id(CTAIL_ID);
-+ if (!iplug->s.file.readpage) {
-+ unlock_page(page);
-+ put_cluster_handle(&clust);
-+ reiser4_exit_context(ctx);
-+ return -EINVAL;
-+ }
-+ result = iplug->s.file.readpage(&clust, page);
-+ if (result)
-+ unlock_page(page);
-+ assert("edward-64",
-+ ergo(result == 0, (PageLocked(page) || PageUptodate(page))));
-+ put_cluster_handle(&clust);
-+ reiser4_exit_context(ctx);
-+ return result;
-+}
-+
-+/* how much pages will be captured */
-+static int cluster_nrpages_to_capture(reiser4_cluster_t * clust)
-+{
-+ switch (clust->op) {
-+ case PCL_APPEND:
-+ return clust->nr_pages;
-+ case PCL_TRUNCATE:
-+ assert("edward-1179", clust->win != NULL);
-+ return count_to_nrpages(clust->win->off + clust->win->count);
-+ default:
-+ impossible("edward-1180", "bad page cluster option");
-+ return 0;
-+ }
-+}
-+
-+static void set_cluster_pages_dirty(reiser4_cluster_t * clust)
-+{
-+ int i;
-+ struct page *pg;
-+ int nrpages = cluster_nrpages_to_capture(clust);
-+
-+ for (i = 0; i < nrpages; i++) {
-+
-+ pg = clust->pages[i];
-+ assert("edward-968", pg != NULL);
-+ lock_page(pg);
-+ assert("edward-1065", PageUptodate(pg));
-+ set_page_dirty_internal(pg);
-+ unlock_page(pg);
-+ mark_page_accessed(pg);
-+ }
-+}
-+
-+static void clear_cluster_pages_dirty(reiser4_cluster_t * clust)
-+{
-+ int i;
-+ assert("edward-1275", clust != NULL);
-+
-+ for (i = 0; i < clust->nr_pages; i++) {
-+ assert("edward-1276", clust->pages[i] != NULL);
-+
-+ lock_page(clust->pages[i]);
-+ if (PageDirty(clust->pages[i])) {
-+ assert("edward-1277", PageUptodate(clust->pages[i]));
-+ clear_page_dirty_for_io(clust->pages[i]);
-+ }
-+#if REISER4_DEBUG
-+ else
-+ /* Race between flush and write:
-+ some pages became clean when write() (or another
-+ process which modifies data) capture the cluster. */
-+ warning("edward-985", "Page of index %lu (inode %llu)"
-+ " is not dirty\n", clust->pages[i]->index,
-+ (unsigned long long)get_inode_oid(clust->
-+ pages[i]->
-+ mapping->
-+ host));
-+#endif
-+ unlock_page(clust->pages[i]);
-+ }
-+}
-+
-+/* update i_size by window */
-+static void inode_set_new_size(reiser4_cluster_t * clust, struct inode *inode)
-+{
-+ loff_t size;
-+ reiser4_slide_t *win;
-+
-+ assert("edward-1181", clust != NULL);
-+ assert("edward-1182", inode != NULL);
-+
-+ win = clust->win;
-+ assert("edward-1183", win != NULL);
-+
-+ size = clust_to_off(clust->index, inode) + win->off;
-+
-+ switch (clust->op) {
-+ case PCL_APPEND:
-+ if (size + win->count <= inode->i_size)
-+ /* overwrite only */
-+ return;
-+ size += win->count;
-+ break;
-+ case PCL_TRUNCATE:
-+ break;
-+ default:
-+ impossible("edward-1184", "bad page cluster option");
-+ break;
-+ }
-+ inode_check_scale_nolock(inode, inode->i_size, size);
-+ inode->i_size = size;
-+ return;
-+}
-+
-+/* Check in page cluster modifications.
-+ . Make jnode dirty, if it wasn't;
-+ . Reserve space for a disk cluster update by flush algorithm, if needed;
-+ . Clean up old references (if any).
-+ . Put pages (grabbed in this thread) which will be truncated
-+*/
-+static void
-+make_cluster_jnode_dirty_locked(reiser4_cluster_t * clust, jnode * node,
-+ loff_t * old_isize, struct inode *inode)
-+{
-+ int i;
-+ int old_nrpages;
-+ int new_nrpages = cluster_nrpages_to_capture(clust);
-+
-+ assert("edward-973", new_nrpages > 0);
-+ assert("edward-221", node != NULL);
-+ assert("edward-971", clust->reserved == 1);
-+ assert_spin_locked(&(node->guard));
-+ assert("edward-972", node->page_count < cluster_nrpages(inode));
-+ assert("edward-1263",
-+ clust->reserved_prepped == estimate_update_cluster(inode));
-+ assert("edward-1264", clust->reserved_unprepped == 0);
-+
-+ if (JF_ISSET(node, JNODE_DIRTY)) {
-+ /* someone has modified this cluster, but
-+ the modifications are not committed yet */
-+ old_nrpages =
-+ count_to_nrpages(cnt_to_clcnt(*old_isize,
-+ clust->index, inode));
-+ /* free space which is already reserved */
-+ free_reserved4cluster(inode, clust,
-+ estimate_update_cluster(inode));
-+ /* put old references */
-+ for (i = 0; i < old_nrpages; i++) {
-+ assert("edward-975", clust->pages[i]);
-+ assert("edward-1185", PageUptodate(clust->pages[i]));
-+
-+ page_cache_release(clust->pages[i]);
-+#if REISER4_DEBUG
-+ cryptcompress_inode_data(inode)->pgcount --;
-+#endif
-+ }
-+ } else {
-+ /* no captured pages */
-+ assert("edward-1043", node->page_count == 0);
-+ jnode_make_dirty_locked(node);
-+ clust->reserved = 0;
-+ }
-+ /* put pages that will be truncated (if any) */
-+ for (i = new_nrpages; i < clust->nr_pages; i++) {
-+ assert("edward-1433", clust->pages[i]);
-+ assert("edward-1434", PageUptodate(clust->pages[i]));
-+ page_cache_release(clust->pages[i]);
-+#if REISER4_DEBUG
-+ cryptcompress_inode_data(inode)->pgcount --;
-+#endif
-+ }
-+#if REISER4_DEBUG
-+ clust->reserved_prepped -= estimate_update_cluster(inode);
-+ node->page_count = new_nrpages - 1;
-+#endif
-+ return;
-+}
-+
-+/* This function spawns a transaction and
-+ is called by any thread as a final step in page cluster modification.
-+*/
-+static int try_capture_cluster(reiser4_cluster_t * clust, struct inode *inode)
-+{
-+ int result = 0;
-+ loff_t old_size;
-+ jnode *node;
-+
-+ assert("edward-1029", clust != NULL);
-+ assert("edward-1030", clust->reserved == 1);
-+ assert("edward-1031", clust->nr_pages != 0);
-+ assert("edward-1032", clust->pages != NULL);
-+ assert("edward-1033", clust->pages[0] != NULL);
-+
-+ node = jprivate(clust->pages[0]);
-+
-+ assert("edward-1035", node != NULL);
-+
-+ spin_lock_jnode(node);
-+ old_size = inode->i_size;
-+ if (clust->win)
-+ inode_set_new_size(clust, inode);
-+
-+ result = try_capture(node, ZNODE_WRITE_LOCK, 0);
-+ if (result)
-+ goto exit;
-+ make_cluster_jnode_dirty_locked(clust, node, &old_size, inode);
-+ exit:
-+ assert("edward-1034", !result);
-+ spin_unlock_jnode(node);
-+ jput(node);
-+ return result;
-+}
-+
-+/* Collect unlocked cluster pages for any modifications and attach a jnode.
-+ We allocate only one jnode per cluster, this jnode is binded to the first
-+ page of this cluster, so we have an extra-reference that will exist with
-+ this jnode, other references will be cleaned up in flush time.
-+*/
-+static int
-+grab_cluster_pages_jnode(struct inode *inode, reiser4_cluster_t * clust)
-+{
-+ int i;
-+ int result = 0;
-+ jnode *node = NULL;
-+
-+ assert("edward-182", clust != NULL);
-+ assert("edward-183", clust->pages != NULL);
-+ assert("edward-184", clust->nr_pages <= cluster_nrpages(inode));
-+
-+ if (clust->nr_pages == 0)
-+ return 0;
-+
-+ for (i = 0; i < clust->nr_pages; i++) {
-+
-+ assert("edward-1044", clust->pages[i] == NULL);
-+
-+ clust->pages[i] =
-+ grab_cache_page(inode->i_mapping,
-+ clust_to_pg(clust->index, inode) + i);
-+ if (!clust->pages[i]) {
-+ result = RETERR(-ENOMEM);
-+ break;
-+ }
-+ if (i == 0) {
-+ node = jnode_of_page(clust->pages[i]);
-+ if (IS_ERR(node)) {
-+ result = PTR_ERR(node);
-+ unlock_page(clust->pages[i]);
-+ break;
-+ }
-+ JF_SET(node, JNODE_CLUSTER_PAGE);
-+ unlock_page(clust->pages[i]);
-+ assert("edward-919", node);
-+ continue;
-+ }
-+ unlock_page(clust->pages[i]);
-+ }
-+ if (result) {
-+ while (i)
-+ page_cache_release(clust->pages[--i]);
-+ if (node && !IS_ERR(node))
-+ jput(node);
-+ return result;
-+ }
-+ assert("edward-920", jprivate(clust->pages[0]));
-+#if REISER4_DEBUG
-+ cryptcompress_inode_data(inode)->pgcount += clust->nr_pages;
-+#endif
-+ return 0;
-+}
-+
-+/* Collect unlocked cluster pages only for read (not to modify) */
-+static int grab_cluster_pages(struct inode *inode, reiser4_cluster_t * clust)
-+{
-+ int i;
-+ int result = 0;
-+
-+ assert("edward-1428", inode != NULL);
-+ assert("edward-1429", inode->i_mapping != NULL);
-+ assert("edward-787", clust != NULL);
-+ assert("edward-788", clust->pages != NULL);
-+ assert("edward-789", clust->nr_pages != 0);
-+ assert("edward-790", clust->nr_pages <= cluster_nrpages(inode));
-+
-+ for (i = 0; i < clust->nr_pages; i++) {
-+ clust->pages[i] =
-+ grab_cache_page(inode->i_mapping,
-+ clust_to_pg(clust->index, inode) + i);
-+ if (!clust->pages[i]) {
-+ result = RETERR(-ENOMEM);
-+ break;
-+ }
-+ unlock_page(clust->pages[i]);
-+ }
-+ if (result)
-+ while (i)
-+ page_cache_release(clust->pages[--i]);
-+ return result;
-+}
-+
-+/* @node might be attached by reiser4_writepage(), not by
-+ cryptcompress plugin code, but emergency flush should
-+ understand that pages of cryptcompress files are not
-+ flushable.
-+*/
-+int jnode_of_cluster(const jnode * node, struct page * page)
-+{
-+ assert("edward-1339", node != NULL);
-+ assert("edward-1340", page != NULL);
-+ assert("edward-1341", page->mapping != NULL);
-+ assert("edward-1342", page->mapping->host != NULL);
-+ assert("edward-1343",
-+ ergo(jnode_is_unformatted(node),
-+ get_inode_oid(page->mapping->host) ==
-+ node->key.j.objectid));
-+ if (inode_file_plugin(page->mapping->host) ==
-+ file_plugin_by_id(CRC_FILE_PLUGIN_ID)) {
-+#if REISER4_DEBUG
-+ if (!jnode_is_cluster_page(node))
-+ warning("edward-1345",
-+ "inode %llu: cluster page of index %lu became private",
-+ (unsigned long long)get_inode_oid(page->mapping->host),
-+ page->index);
-+#endif
-+ return 1;
-+ }
-+ return 0;
-+}
-+
-+/* put cluster pages */
-+void release_cluster_pages(reiser4_cluster_t * clust)
-+{
-+ int i;
-+
-+ assert("edward-447", clust != NULL);
-+ for (i = 0; i < clust->nr_pages; i++) {
-+
-+ assert("edward-449", clust->pages[i] != NULL);
-+
-+ page_cache_release(clust->pages[i]);
-+ }
-+}
-+
-+/* this is called when something is failed */
-+static void release_cluster_pages_and_jnode(reiser4_cluster_t * clust)
-+{
-+ jnode *node;
-+
-+ assert("edward-445", clust != NULL);
-+ assert("edward-922", clust->pages != NULL);
-+ assert("edward-446", clust->pages[0] != NULL);
-+
-+ node = jprivate(clust->pages[0]);
-+
-+ assert("edward-447", node != NULL);
-+
-+ release_cluster_pages(clust);
-+ jput(node);
-+}
-+
-+#if REISER4_DEBUG
-+static int window_ok(reiser4_slide_t * win, struct inode *inode)
-+{
-+ assert("edward-1115", win != NULL);
-+ assert("edward-1116", ergo(win->delta, win->stat == HOLE_WINDOW));
-+
-+ return (win->off != inode_cluster_size(inode)) &&
-+ (win->off + win->count + win->delta <= inode_cluster_size(inode));
-+}
-+
-+static int cluster_ok(reiser4_cluster_t * clust, struct inode *inode)
-+{
-+ assert("edward-279", clust != NULL);
-+
-+ if (!clust->pages)
-+ return 0;
-+ return (clust->win ? window_ok(clust->win, inode) : 1);
-+}
-+#endif
-+
-+/* guess next window stat */
-+static inline window_stat next_window_stat(reiser4_slide_t * win)
-+{
-+ assert("edward-1130", win != NULL);
-+ return ((win->stat == HOLE_WINDOW && win->delta == 0) ?
-+ HOLE_WINDOW : DATA_WINDOW);
-+}
-+
-+/* guess next cluster index and window params */
-+static void
-+update_cluster(struct inode *inode, reiser4_cluster_t * clust, loff_t file_off,
-+ loff_t to_file)
-+{
-+ reiser4_slide_t *win;
-+
-+ assert("edward-185", clust != NULL);
-+ assert("edward-438", clust->pages != NULL);
-+ assert("edward-281", cluster_ok(clust, inode));
-+
-+ win = clust->win;
-+ if (!win)
-+ return;
-+
-+ switch (win->stat) {
-+ case DATA_WINDOW:
-+ /* increment window position */
-+ clust->index++;
-+ win->stat = DATA_WINDOW;
-+ win->off = 0;
-+ win->count = min_count(inode_cluster_size(inode), to_file);
-+ break;
-+ case HOLE_WINDOW:
-+ switch (next_window_stat(win)) {
-+ case HOLE_WINDOW:
-+ /* set window to fit the offset we start write from */
-+ clust->index = off_to_clust(file_off, inode);
-+ win->stat = HOLE_WINDOW;
-+ win->off = 0;
-+ win->count = off_to_cloff(file_off, inode);
-+ win->delta =
-+ min_count(inode_cluster_size(inode) - win->count,
-+ to_file);
-+ break;
-+ case DATA_WINDOW:
-+ /* do not move the window, just change its state,
-+ off+count+delta=inv */
-+ win->stat = DATA_WINDOW;
-+ win->off = win->off + win->count;
-+ win->count = win->delta;
-+ win->delta = 0;
-+ break;
-+ default:
-+ impossible("edward-282", "wrong next window state");
-+ }
-+ break;
-+ default:
-+ impossible("edward-283", "wrong current window state");
-+ }
-+ assert("edward-1068", cluster_ok(clust, inode));
-+}
-+
-+static int update_sd_cryptcompress(struct inode *inode)
-+{
-+ int result = 0;
-+
-+ assert("edward-978", schedulable());
-+ assert("edward-1265", get_current_context()->grabbed_blocks == 0);
-+
-+ result = reiser4_grab_space_force( /* one for stat data update */
-+ estimate_update_common(inode),
-+ BA_CAN_COMMIT);
-+ assert("edward-979", !result);
-+ if (result)
-+ return result;
-+ inode->i_ctime = inode->i_mtime = CURRENT_TIME;
-+ result = reiser4_update_sd(inode);
-+
-+ all_grabbed2free();
-+ return result;
-+}
-+
-+
-+/* NOTE-Edward: this is too similar to reiser4/txnmgr.c:uncapture_jnode() */
-+static void uncapture_cluster_jnode(jnode * node)
-+{
-+ txn_atom *atom;
-+
-+ assert_spin_locked(&(node->guard));
-+
-+ /*jnode_make_clean(node); */
-+ atom = jnode_get_atom(node);
-+ if (atom == NULL) {
-+ assert("jmacd-7111", !JF_ISSET(node, JNODE_DIRTY));
-+ spin_unlock_jnode(node);
-+ return;
-+ }
-+
-+ uncapture_block(node);
-+ spin_unlock_atom(atom);
-+ jput(node);
-+}
-+
-+void forget_cluster_pages(struct page **pages, int nr)
-+{
-+ int i;
-+ for (i = 0; i < nr; i++) {
-+
-+ assert("edward-1045", pages[i] != NULL);
-+ page_cache_release(pages[i]);
-+ }
-+}
-+
-+/* Check out last modifications we are about to commit,
-+ and prepare input stream for transform operations.
-+*/
-+int
-+flush_cluster_pages(reiser4_cluster_t * clust, jnode * node,
-+ struct inode *inode)
-+{
-+ int result = 0;
-+ int i;
-+ int nr_pages = 0;
-+ tfm_cluster_t *tc = &clust->tc;
-+
-+ assert("edward-980", node != NULL);
-+ assert("edward-236", inode != NULL);
-+ assert("edward-237", clust != NULL);
-+ assert("edward-240", !clust->win);
-+ assert("edward-241", schedulable());
-+ assert("edward-718", crc_inode_ok(inode));
-+
-+ result = grab_tfm_stream(inode, tc, INPUT_STREAM);
-+ if (result) {
-+ warning("edward-1430",
-+ "alloc stream failed with ret=%d", result);
-+ return result;
-+ }
-+ spin_lock_jnode(node);
-+ assert("edward-1435", JF_ISSET(node, JNODE_DIRTY));
-+
-+ /* Check out a size of logical cluster and
-+ set a number of cluster pages to commit. */
-+ tc->len = tc->lsize = fsize_to_count(clust, inode);
-+ clust->nr_pages = count_to_nrpages(tc->len);
-+
-+ assert("edward-983", clust->nr_pages == node->page_count + 1);
-+#if REISER4_DEBUG
-+ node->page_count = 0;
-+#endif
-+ cluster_reserved2grabbed(estimate_update_cluster(inode));
-+ uncapture_cluster_jnode(node);
-+
-+ assert("edward-1224", schedulable());
-+ /* Check out cluster pages to commit */
-+ nr_pages =
-+ find_get_pages(inode->i_mapping, clust_to_pg(clust->index, inode),
-+ clust->nr_pages, clust->pages);
-+
-+ assert("edward-1280", nr_pages == clust->nr_pages);
-+ /* Construct input stream from the checked out pages */
-+ for (i = 0; i < clust->nr_pages; i++) {
-+ char *data;
-+
-+ assert("edward-242", clust->pages[i] != NULL);
-+ assert("edward-1436", clust->pages[i]->index ==
-+ clust_to_pg(clust->index, inode) + i);
-+ assert("edward-1437", PageUptodate(clust->pages[i]));
-+ /* flush the page into the input stream */
-+ lock_page(clust->pages[i]);
-+ data = kmap(clust->pages[i]);
-+
-+ assert("edward-986", cnt_to_pgcnt(tc->len, i) != 0);
-+
-+ memcpy(tfm_stream_data(tc, INPUT_STREAM) + pg_to_off(i),
-+ data, cnt_to_pgcnt(tc->len, i));
-+ kunmap(clust->pages[i]);
-+ unlock_page(clust->pages[i]);
-+ }
-+ clear_cluster_pages_dirty(clust);
-+ release_cluster_pages(clust);
-+#if REISER4_DEBUG
-+ cryptcompress_inode_data(inode)->pgcount -= clust->nr_pages;
-+#endif
-+ /* put pages that were found here */
-+ release_cluster_pages(clust);
-+ return result;
-+}
-+
-+/* set hint for the cluster of the index @index */
-+static void set_hint_cluster(struct inode *inode, hint_t * hint,
-+ cloff_t index, znode_lock_mode mode)
-+{
-+ reiser4_key key;
-+ assert("edward-722", crc_inode_ok(inode));
-+ assert("edward-723",
-+ inode_file_plugin(inode) ==
-+ file_plugin_by_id(CRC_FILE_PLUGIN_ID));
-+
-+ inode_file_plugin(inode)->key_by_inode(inode,
-+ clust_to_off(index, inode),
-+ &key);
-+
-+ seal_init(&hint->seal, &hint->ext_coord.coord, &key);
-+ hint->offset = get_key_offset(&key);
-+ hint->mode = mode;
-+}
-+
-+void invalidate_hint_cluster(reiser4_cluster_t * clust)
-+{
-+ assert("edward-1291", clust != NULL);
-+ assert("edward-1292", clust->hint != NULL);
-+
-+ done_lh(&clust->hint->lh);
-+ clust->hint->ext_coord.valid = 0;
-+}
-+
-+void put_hint_cluster(reiser4_cluster_t * clust, struct inode *inode,
-+ znode_lock_mode mode)
-+{
-+ assert("edward-1286", clust != NULL);
-+ assert("edward-1287", clust->hint != NULL);
-+
-+ set_hint_cluster(inode, clust->hint, clust->index + 1, mode);
-+ invalidate_hint_cluster(clust);
-+}
-+
-+static int
-+balance_dirty_page_cluster(reiser4_cluster_t * clust, struct inode *inode,
-+ loff_t off, loff_t to_file)
-+{
-+ int result;
-+
-+ assert("edward-724", inode != NULL);
-+ assert("edward-725", crc_inode_ok(inode));
-+ assert("edward-1272", get_current_context()->grabbed_blocks == 0);
-+
-+ /* set next window params */
-+ update_cluster(inode, clust, off, to_file);
-+
-+ result = update_sd_cryptcompress(inode);
-+ assert("edward-988", !result);
-+ if (result)
-+ return result;
-+ assert("edward-726", clust->hint->lh.owner == NULL);
-+
-+ reiser4_throttle_write(inode);
-+ all_grabbed2free();
-+ return 0;
-+}
-+
-+/* set zeroes to the cluster, update it, and maybe, try to capture its pages */
-+static int
-+write_hole(struct inode *inode, reiser4_cluster_t * clust, loff_t file_off,
-+ loff_t to_file)
-+{
-+ char *data;
-+ int result = 0;
-+ unsigned cl_off, cl_count = 0;
-+ unsigned to_pg, pg_off;
-+ reiser4_slide_t *win;
-+
-+ assert("edward-190", clust != NULL);
-+ assert("edward-1069", clust->win != NULL);
-+ assert("edward-191", inode != NULL);
-+ assert("edward-727", crc_inode_ok(inode));
-+ assert("edward-1171", clust->dstat != INVAL_DISK_CLUSTER);
-+ assert("edward-1154",
-+ ergo(clust->dstat != FAKE_DISK_CLUSTER, clust->reserved == 1));
-+
-+ win = clust->win;
-+
-+ assert("edward-1070", win != NULL);
-+ assert("edward-201", win->stat == HOLE_WINDOW);
-+ assert("edward-192", cluster_ok(clust, inode));
-+
-+ if (win->off == 0 && win->count == inode_cluster_size(inode)) {
-+ /* the hole will be represented by fake disk cluster */
-+ update_cluster(inode, clust, file_off, to_file);
-+ return 0;
-+ }
-+ cl_count = win->count; /* number of zeroes to write */
-+ cl_off = win->off;
-+ pg_off = off_to_pgoff(win->off);
-+
-+ while (cl_count) {
-+ struct page *page;
-+ page = clust->pages[off_to_pg(cl_off)];
-+
-+ assert("edward-284", page != NULL);
-+
-+ to_pg = min_count(PAGE_CACHE_SIZE - pg_off, cl_count);
-+ lock_page(page);
-+ data = kmap_atomic(page, KM_USER0);
-+ memset(data + pg_off, 0, to_pg);
-+ flush_dcache_page(page);
-+ kunmap_atomic(data, KM_USER0);
-+ SetPageUptodate(page);
-+ unlock_page(page);
-+
-+ cl_off += to_pg;
-+ cl_count -= to_pg;
-+ pg_off = 0;
-+ }
-+ if (!win->delta) {
-+ /* only zeroes, try to capture */
-+
-+ set_cluster_pages_dirty(clust);
-+ result = try_capture_cluster(clust, inode);
-+ if (result)
-+ return result;
-+ put_hint_cluster(clust, inode, ZNODE_WRITE_LOCK);
-+ result =
-+ balance_dirty_page_cluster(clust, inode, file_off, to_file);
-+ } else
-+ update_cluster(inode, clust, file_off, to_file);
-+ return result;
-+}
-+
-+/*
-+ The main disk search procedure for cryptcompress plugins, which
-+ . scans all items of disk cluster
-+ . maybe reads each one (if @read != 0)
-+ . maybe makes its znode dirty (if @write != 0)
-+
-+ NOTE-EDWARD: Callers should handle the case when disk cluster
-+ is incomplete (-EIO)
-+*/
-+int
-+find_cluster(reiser4_cluster_t * clust,
-+ struct inode *inode, int read, int write)
-+{
-+ flow_t f;
-+ hint_t *hint;
-+ int result = 0;
-+ unsigned long cl_idx;
-+ ra_info_t ra_info;
-+ file_plugin *fplug;
-+ item_plugin *iplug;
-+ tfm_cluster_t *tc;
-+ int was_grabbed;
-+
-+ assert("edward-138", clust != NULL);
-+ assert("edward-728", clust->hint != NULL);
-+ assert("edward-225", read || write);
-+ assert("edward-226", schedulable());
-+ assert("edward-137", inode != NULL);
-+ assert("edward-729", crc_inode_ok(inode));
-+
-+ hint = clust->hint;
-+ cl_idx = clust->index;
-+ fplug = inode_file_plugin(inode);
-+ was_grabbed = get_current_context()->grabbed_blocks;
-+ tc = &clust->tc;
-+
-+ assert("edward-462", !tfm_cluster_is_uptodate(tc));
-+ assert("edward-461", ergo(read, tfm_stream_is_set(tc, INPUT_STREAM)));
-+
-+ /* set key of the first disk cluster item */
-+ fplug->flow_by_inode(inode,
-+ (read ? (char __user *)tfm_stream_data(tc, INPUT_STREAM) : NULL),
-+ 0 /* kernel space */ ,
-+ inode_scaled_cluster_size(inode),
-+ clust_to_off(cl_idx, inode), READ_OP, &f);
-+ if (write) {
-+ /* reserve for flush to make dirty all the leaf nodes
-+ which contain disk cluster */
-+ result =
-+ reiser4_grab_space_force(estimate_dirty_cluster(inode),
-+ BA_CAN_COMMIT);
-+ assert("edward-990", !result);
-+ if (result)
-+ goto out;
-+ }
-+
-+ ra_info.key_to_stop = f.key;
-+ set_key_offset(&ra_info.key_to_stop, get_key_offset(max_key()));
-+
-+ while (f.length) {
-+ result = find_cluster_item(hint,
-+ &f.key,
-+ (write ? ZNODE_WRITE_LOCK :
-+ ZNODE_READ_LOCK), NULL, FIND_EXACT,
-+ (write ? CBK_FOR_INSERT : 0));
-+ switch (result) {
-+ case CBK_COORD_NOTFOUND:
-+ result = 0;
-+ if (inode_scaled_offset
-+ (inode,
-+ clust_to_off(cl_idx,
-+ inode)) == get_key_offset(&f.key)) {
-+ /* first item not found, this is treated
-+ as disk cluster is absent */
-+ clust->dstat = FAKE_DISK_CLUSTER;
-+ goto out;
-+ }
-+ /* we are outside the cluster, stop search here */
-+ assert("edward-146",
-+ f.length != inode_scaled_cluster_size(inode));
-+ goto ok;
-+ case CBK_COORD_FOUND:
-+ assert("edward-148",
-+ hint->ext_coord.coord.between == AT_UNIT);
-+ assert("edward-460",
-+ hint->ext_coord.coord.unit_pos == 0);
-+
-+ coord_clear_iplug(&hint->ext_coord.coord);
-+ result = zload_ra(hint->ext_coord.coord.node, &ra_info);
-+ if (unlikely(result))
-+ goto out;
-+ iplug = item_plugin_by_coord(&hint->ext_coord.coord);
-+ assert("edward-147",
-+ item_id_by_coord(&hint->ext_coord.coord) ==
-+ CTAIL_ID);
-+
-+ result = iplug->s.file.read(NULL, &f, hint);
-+ if (result) {
-+ zrelse(hint->ext_coord.coord.node);
-+ goto out;
-+ }
-+ if (write) {
-+ znode_make_dirty(hint->ext_coord.coord.node);
-+ znode_set_convertible(hint->ext_coord.coord.
-+ node);
-+ }
-+ zrelse(hint->ext_coord.coord.node);
-+ break;
-+ default:
-+ goto out;
-+ }
-+ }
-+ ok:
-+ /* at least one item was found */
-+ /* NOTE-EDWARD: Callers should handle the case
-+ when disk cluster is incomplete (-EIO) */
-+ tc->len = inode_scaled_cluster_size(inode) - f.length;
-+ tc->lsize = fsize_to_count(clust, inode);
-+ assert("edward-1196", tc->len > 0);
-+ assert("edward-1406", tc->lsize > 0);
-+
-+ if (hint_is_unprepped_dclust(clust->hint))
-+ clust->dstat = UNPR_DISK_CLUSTER;
-+ else
-+ clust->dstat = PREP_DISK_CLUSTER;
-+ out:
-+ assert("edward-1339",
-+ get_current_context()->grabbed_blocks >= was_grabbed);
-+ grabbed2free(get_current_context(),
-+ get_current_super_private(),
-+ get_current_context()->grabbed_blocks - was_grabbed);
-+ return result;
-+}
-+
-+int
-+get_disk_cluster_locked(reiser4_cluster_t * clust, struct inode *inode,
-+ znode_lock_mode lock_mode)
-+{
-+ reiser4_key key;
-+ ra_info_t ra_info;
-+
-+ assert("edward-730", schedulable());
-+ assert("edward-731", clust != NULL);
-+ assert("edward-732", inode != NULL);
-+
-+ if (clust->hint->ext_coord.valid) {
-+ assert("edward-1293", clust->dstat != INVAL_DISK_CLUSTER);
-+ assert("edward-1294",
-+ znode_is_write_locked(clust->hint->lh.node));
-+ /* already have a valid locked position */
-+ return (clust->dstat ==
-+ FAKE_DISK_CLUSTER ? CBK_COORD_NOTFOUND :
-+ CBK_COORD_FOUND);
-+ }
-+ key_by_inode_cryptcompress(inode, clust_to_off(clust->index, inode),
-+ &key);
-+ ra_info.key_to_stop = key;
-+ set_key_offset(&ra_info.key_to_stop, get_key_offset(max_key()));
-+
-+ return find_cluster_item(clust->hint, &key, lock_mode, NULL, FIND_EXACT,
-+ CBK_FOR_INSERT);
-+}
-+
-+/* Read needed cluster pages before modifying.
-+ If success, @clust->hint contains locked position in the tree.
-+ Also:
-+ . find and set disk cluster state
-+ . make disk cluster dirty if its state is not FAKE_DISK_CLUSTER.
-+*/
-+static int
-+read_some_cluster_pages(struct inode *inode, reiser4_cluster_t * clust)
-+{
-+ int i;
-+ int result = 0;
-+ item_plugin *iplug;
-+ reiser4_slide_t *win = clust->win;
-+
-+ iplug = item_plugin_by_id(CTAIL_ID);
-+
-+ assert("edward-733", get_current_context()->grabbed_blocks == 0);
-+ assert("edward-924", !tfm_cluster_is_uptodate(&clust->tc));
-+
-+#if REISER4_DEBUG
-+ if (clust->nr_pages == 0) {
-+ /* start write hole from fake disk cluster */
-+ assert("edward-1117", win != NULL);
-+ assert("edward-1118", win->stat == HOLE_WINDOW);
-+ assert("edward-1119", new_cluster(clust, inode));
-+ }
-+#endif
-+ if (new_cluster(clust, inode)) {
-+ /*
-+ new page cluster is about to be written, nothing to read,
-+ */
-+ assert("edward-734", schedulable());
-+ assert("edward-735", clust->hint->lh.owner == NULL);
-+
-+ if (clust->nr_pages) {
-+ int off;
-+ char *data;
-+ struct page * pg;
-+ assert("edward-1419", clust->pages != NULL);
-+ pg = clust->pages[clust->nr_pages - 1];
-+ assert("edward-1420", pg != NULL);
-+ off = off_to_pgoff(win->off+win->count+win->delta);
-+ if (off) {
-+ lock_page(pg);
-+ data = kmap_atomic(pg, KM_USER0);
-+ memset(data + off, 0, PAGE_CACHE_SIZE - off);
-+ flush_dcache_page(pg);
-+ kunmap_atomic(data, KM_USER0);
-+ unlock_page(pg);
-+ }
-+ }
-+ clust->dstat = FAKE_DISK_CLUSTER;
-+ return 0;
-+ }
-+ /*
-+ Here we should search for disk cluster to figure out its real state.
-+ Also there is one more important reason to do disk search: we need
-+ to make disk cluster _dirty_ if it exists
-+ */
-+
-+ /* if windows is specified, read the only pages
-+ that will be modified partially */
-+
-+ for (i = 0; i < clust->nr_pages; i++) {
-+ struct page *pg = clust->pages[i];
-+
-+ lock_page(pg);
-+ if (PageUptodate(pg)) {
-+ unlock_page(pg);
-+ continue;
-+ }
-+ unlock_page(pg);
-+
-+ if (win &&
-+ i >= count_to_nrpages(win->off) &&
-+ i < off_to_pg(win->off + win->count + win->delta))
-+ /* page will be completely overwritten */
-+ continue;
-+
-+ if (win && (i == clust->nr_pages - 1) &&
-+ /* the last page is
-+ partially modified,
-+ not uptodate .. */
-+ (count_to_nrpages(inode->i_size) <= pg->index)) {
-+ /* .. and appended,
-+ so set zeroes to the rest */
-+ char *data;
-+ int offset;
-+ lock_page(pg);
-+ data = kmap_atomic(pg, KM_USER0);
-+
-+ assert("edward-1260",
-+ count_to_nrpages(win->off + win->count +
-+ win->delta) - 1 == i);
-+
-+ offset =
-+ off_to_pgoff(win->off + win->count + win->delta);
-+ memset(data + offset, 0, PAGE_CACHE_SIZE - offset);
-+ flush_dcache_page(pg);
-+ kunmap_atomic(data, KM_USER0);
-+ unlock_page(pg);
-+ /* still not uptodate */
-+ break;
-+ }
-+ if (!tfm_cluster_is_uptodate(&clust->tc)) {
-+ result = ctail_read_disk_cluster(clust, inode, 1);
-+ assert("edward-992", !result);
-+ if (result)
-+ goto out;
-+ assert("edward-925",
-+ tfm_cluster_is_uptodate(&clust->tc));
-+ }
-+ lock_page(pg);
-+ result = do_readpage_ctail(inode, clust, pg);
-+ unlock_page(pg);
-+ assert("edward-993", !result);
-+ if (result) {
-+ impossible("edward-219",
-+ "do_readpage_ctail returned crap");
-+ goto out;
-+ }
-+ }
-+ if (!tfm_cluster_is_uptodate(&clust->tc)) {
-+ /* disk cluster unclaimed, but we need to make its znodes dirty
-+ to make flush update convert its content */
-+ result =
-+ find_cluster(clust, inode, 0 /* do not read */ ,
-+ 1 /* write */ );
-+ assert("edward-994", !result);
-+ }
-+ out:
-+ tfm_cluster_clr_uptodate(&clust->tc);
-+ return result;
-+}
-+
-+static int
-+should_create_unprepped_cluster(reiser4_cluster_t * clust, struct inode *inode)
-+{
-+ assert("edward-737", clust != NULL);
-+
-+ switch (clust->dstat) {
-+ case PREP_DISK_CLUSTER:
-+ case UNPR_DISK_CLUSTER:
-+ return 0;
-+ case FAKE_DISK_CLUSTER:
-+ if (clust->win &&
-+ clust->win->stat == HOLE_WINDOW && clust->nr_pages == 0) {
-+ assert("edward-1172", new_cluster(clust, inode));
-+ return 0;
-+ }
-+ return 1;
-+ default:
-+ impossible("edward-1173", "bad disk cluster state");
-+ return 0;
-+ }
-+}
-+
-+static int
-+crc_make_unprepped_cluster(reiser4_cluster_t * clust, struct inode *inode)
-+{
-+ int result;
-+
-+ assert("edward-1123", schedulable());
-+ assert("edward-737", clust != NULL);
-+ assert("edward-738", inode != NULL);
-+ assert("edward-739", crc_inode_ok(inode));
-+ assert("edward-1053", clust->hint != NULL);
-+ assert("edward-1266", get_current_context()->grabbed_blocks == 0);
-+
-+ if (clust->reserved) {
-+ cluster_reserved2grabbed(estimate_insert_cluster(inode));
-+#if REISER4_DEBUG
-+ assert("edward-1267",
-+ clust->reserved_unprepped ==
-+ estimate_insert_cluster(inode));
-+ clust->reserved_unprepped -= estimate_insert_cluster(inode);
-+#endif
-+ }
-+ if (!should_create_unprepped_cluster(clust, inode)) {
-+ all_grabbed2free();
-+ return 0;
-+ } else {
-+ assert("edward-1268", clust->reserved == 1);
-+ }
-+ result = ctail_insert_unprepped_cluster(clust, inode);
-+ all_grabbed2free();
-+ if (result)
-+ return result;
-+
-+ assert("edward-743", crc_inode_ok(inode));
-+ assert("edward-1269", get_current_context()->grabbed_blocks == 0);
-+ assert("edward-744", znode_is_write_locked(clust->hint->lh.node));
-+
-+ clust->dstat = UNPR_DISK_CLUSTER;
-+ return 0;
-+}
-+
-+#if REISER4_DEBUG
-+static int jnode_truncate_ok(struct inode *inode, cloff_t index)
-+{
-+ jnode *node;
-+ node =
-+ jlookup(current_tree, get_inode_oid(inode),
-+ clust_to_pg(index, inode));
-+ if (likely(!node))
-+ return 1;
-+ /* someone got this jnode */
-+ warning("edward-1315", "jnode %p is untruncated\n", node);
-+ jput(node);
-+ return (atomic_read(&node->x_count));
-+}
-+#endif
-+
-+/* Collect unlocked cluster pages and jnode (the last is in the
-+ case when the page cluster will be modified and captured) */
-+int
-+prepare_page_cluster(struct inode *inode, reiser4_cluster_t * clust,
-+ int capture)
-+{
-+ assert("edward-177", inode != NULL);
-+ assert("edward-741", crc_inode_ok(inode));
-+ assert("edward-740", clust->pages != NULL);
-+
-+ set_cluster_nrpages(clust, inode);
-+ reset_cluster_pgset(clust, cluster_nrpages(inode));
-+ return (capture ?
-+ grab_cluster_pages_jnode(inode, clust) :
-+ grab_cluster_pages(inode, clust));
-+}
-+
-+/* Truncate all pages of the cluster of index @index.
-+ This is called by ->kill_hook() method of item plugin */
-+void truncate_page_cluster(struct inode *inode, cloff_t index)
-+{
-+ int i;
-+ int found = 0;
-+ int nr_pages;
-+ jnode *node;
-+ struct page *pages[MAX_CLUSTER_NRPAGES];
-+
-+ node =
-+ jlookup(current_tree, get_inode_oid(inode),
-+ clust_to_pg(index, inode));
-+ /* jnode is absent, just drop pages which can not
-+ acquire jnode because of exclusive access */
-+ if (!node) {
-+ truncate_inode_pages_range(inode->i_mapping,
-+ clust_to_off(index, inode),
-+ clust_to_off(index,
-+ inode) +
-+ inode_cluster_size(inode) - 1);
-+ return;
-+ }
-+ /* jnode is present and may be dirty */
-+ nr_pages = count_to_nrpages(cnt_to_clcnt(inode->i_size, index, inode));
-+
-+ found = find_get_pages(inode->i_mapping, clust_to_pg(index, inode),
-+ nr_pages, pages);
-+ spin_lock_jnode(node);
-+ if (JF_ISSET(node, JNODE_DIRTY)) {
-+ /* someone has done modifications which are not
-+ yet committed, so we need to release some resources */
-+
-+ /* free disk space grabbed for disk cluster converting */
-+ cluster_reserved2grabbed(estimate_update_cluster(inode));
-+ grabbed2free(get_current_context(),
-+ get_current_super_private(),
-+ estimate_update_cluster(inode));
-+
-+ assert("edward-1198", found == nr_pages);
-+ assert("edward-1199", node->page_count + 1 == nr_pages);
-+#if REISER4_DEBUG
-+ node->page_count = 0;
-+#endif
-+ /* This will clear dirty bit */
-+ uncapture_cluster_jnode(node);
-+
-+ /* put pages grabbed for last uncommitted modifications */
-+ for (i = 0; i < nr_pages; i++) {
-+ assert("edward-1200", PageUptodate(pages[i]));
-+ page_cache_release(pages[i]);
-+#if REISER4_DEBUG
-+ cryptcompress_inode_data(inode)->pgcount --;
-+#endif
-+ }
-+ } else
-+ spin_unlock_jnode(node);
-+ /* FIXME-EDWARD: Use truncate_complete_page in the loop above instead */
-+
-+ jput(node);
-+ /* put pages found here */
-+ forget_cluster_pages(pages, found);
-+ truncate_inode_pages_range(inode->i_mapping,
-+ clust_to_off(index, inode),
-+ clust_to_off(index,
-+ inode) +
-+ inode_cluster_size(inode) - 1);
-+ assert("edward-1201", jnode_truncate_ok(inode, index));
-+ return;
-+}
-+
-+/* Prepare cluster handle before(after) modifications
-+ which are supposed to be committed.
-+
-+ . grab cluster pages;
-+ . reserve disk space;
-+ . maybe read pages from disk and set the disk cluster dirty;
-+ . maybe write hole;
-+ . maybe create 'unprepped' disk cluster if the last one is fake
-+ (i.e. is not represenred by any items)
-+*/
-+
-+static int
-+prepare_cluster(struct inode *inode,
-+ loff_t file_off /* write position in the file */ ,
-+ loff_t to_file, /* bytes of users data to write to the file */
-+ reiser4_cluster_t * clust, page_cluster_op op)
-+{
-+ int result = 0;
-+ reiser4_slide_t *win = clust->win;
-+
-+ assert("edward-1273", get_current_context()->grabbed_blocks == 0);
-+ reset_cluster_params(clust);
-+#if REISER4_DEBUG
-+ clust->ctx = get_current_context();
-+#endif
-+ assert("edward-1190", op != PCL_UNKNOWN);
-+
-+ clust->op = op;
-+
-+ result = prepare_page_cluster(inode, clust, 1);
-+ if (result)
-+ return result;
-+ result = reserve4cluster(inode, clust);
-+ if (result)
-+ goto err1;
-+ result = read_some_cluster_pages(inode, clust);
-+ if (result) {
-+ free_reserved4cluster(inode,
-+ clust,
-+ estimate_update_cluster(inode) +
-+ estimate_insert_cluster(inode));
-+ goto err1;
-+ }
-+ assert("edward-1124", clust->dstat != INVAL_DISK_CLUSTER);
-+
-+ result = crc_make_unprepped_cluster(clust, inode);
-+ if (result)
-+ goto err2;
-+ if (win && win->stat == HOLE_WINDOW) {
-+ result = write_hole(inode, clust, file_off, to_file);
-+ if (result)
-+ goto err2;
-+ }
-+ return 0;
-+ err2:
-+ free_reserved4cluster(inode, clust,
-+ estimate_update_cluster(inode));
-+ err1:
-+ release_cluster_pages_and_jnode(clust);
-+ assert("edward-1125", result == -ENOSPC);
-+ return result;
-+}
-+
-+/* set window by two offsets */
-+static void
-+set_window(reiser4_cluster_t * clust, reiser4_slide_t * win,
-+ struct inode *inode, loff_t o1, loff_t o2)
-+{
-+ assert("edward-295", clust != NULL);
-+ assert("edward-296", inode != NULL);
-+ assert("edward-1071", win != NULL);
-+ assert("edward-297", o1 <= o2);
-+
-+ clust->index = off_to_clust(o1, inode);
-+
-+ win->off = off_to_cloff(o1, inode);
-+ win->count = min_count(inode_cluster_size(inode) - win->off, o2 - o1);
-+ win->delta = 0;
-+
-+ clust->win = win;
-+}
-+
-+static int
-+set_cluster_by_window(struct inode *inode, reiser4_cluster_t * clust,
-+ reiser4_slide_t * win, flow_t * f, loff_t file_off)
-+{
-+ int result;
-+
-+ assert("edward-197", clust != NULL);
-+ assert("edward-1072", win != NULL);
-+ assert("edward-198", inode != NULL);
-+
-+ result = alloc_cluster_pgset(clust, cluster_nrpages(inode));
-+ if (result)
-+ return result;
-+
-+ if (file_off > inode->i_size) {
-+ /* Uhmm, hole in cryptcompress file... */
-+ loff_t hole_size;
-+ hole_size = file_off - inode->i_size;
-+
-+ set_window(clust, win, inode, inode->i_size, file_off);
-+ win->stat = HOLE_WINDOW;
-+ if (win->off + hole_size < inode_cluster_size(inode))
-+ /* there is also user's data to append to the hole */
-+ win->delta =
-+ min_count(inode_cluster_size(inode) -
-+ (win->off + win->count), f->length);
-+ return 0;
-+ }
-+ set_window(clust, win, inode, file_off, file_off + f->length);
-+ win->stat = DATA_WINDOW;
-+ return 0;
-+}
-+
-+int set_cluster_by_page(reiser4_cluster_t * clust, struct page * page,
-+ int count)
-+{
-+ int result = 0;
-+ int (*setting_actor)(reiser4_cluster_t * clust, int count);
-+
-+ assert("edward-1358", clust != NULL);
-+ assert("edward-1359", page != NULL);
-+ assert("edward-1360", page->mapping != NULL);
-+ assert("edward-1361", page->mapping->host != NULL);
-+
-+ setting_actor = (clust->pages ? reset_cluster_pgset : alloc_cluster_pgset);
-+ result = setting_actor(clust, count);
-+ clust->index = pg_to_clust(page->index, page->mapping->host);
-+ return result;
-+}
-+
-+/* reset all the params that not get updated */
-+void reset_cluster_params(reiser4_cluster_t * clust)
-+{
-+ assert("edward-197", clust != NULL);
-+
-+ clust->dstat = INVAL_DISK_CLUSTER;
-+ clust->tc.uptodate = 0;
-+ clust->tc.len = 0;
-+}
-+
-+/* Core write procedure of cryptcompress plugin, which slices user's
-+ flow into logical clusters, maps the last ones to the appropriate
-+ page clusters, and tries to capture them.
-+ If @buf != NULL, returns number of successfully written bytes,
-+ otherwise returns error
-+*/
-+static loff_t
-+write_cryptcompress_flow(struct file *file, struct inode *inode,
-+ const char __user *buf, size_t count, loff_t pos)
-+{
-+ int i;
-+ flow_t f;
-+ hint_t *hint;
-+ int result = 0;
-+ size_t to_write = 0;
-+ loff_t file_off;
-+ reiser4_slide_t win;
-+ reiser4_cluster_t clust;
-+
-+ assert("edward-161", schedulable());
-+ assert("edward-748", crc_inode_ok(inode));
-+ assert("edward-159", current_blocksize == PAGE_CACHE_SIZE);
-+ assert("edward-1274", get_current_context()->grabbed_blocks == 0);
-+
-+ result = check_cryptcompress(inode);
-+ if (result)
-+ return result;
-+ hint = kmalloc(sizeof(*hint), GFP_KERNEL);
-+ if (hint == NULL)
-+ return RETERR(-ENOMEM);
-+
-+ result = load_file_hint(file, hint);
-+ if (result) {
-+ kfree(hint);
-+ return result;
-+ }
-+
-+ result =
-+ flow_by_inode_cryptcompress(inode, buf, 1 /* user space */ ,
-+ count, pos, WRITE_OP, &f);
-+ if (result)
-+ goto out;
-+ to_write = f.length;
-+
-+ /* current write position in file */
-+ file_off = pos;
-+ reiser4_slide_init(&win);
-+ cluster_init_read(&clust, &win);
-+ clust.hint = hint;
-+
-+ result = set_cluster_by_window(inode, &clust, &win, &f, file_off);
-+ if (result)
-+ goto out;
-+
-+ if (next_window_stat(&win) == HOLE_WINDOW) {
-+ result =
-+ prepare_cluster(inode, file_off, f.length, &clust,
-+ PCL_APPEND);
-+ if (result)
-+ goto out;
-+ }
-+ do {
-+ char *src;
-+ unsigned page_off, page_count;
-+
-+ assert("edward-750", schedulable());
-+
-+ result =
-+ prepare_cluster(inode, file_off, f.length, &clust,
-+ PCL_APPEND);
-+ if (result)
-+ goto out;
-+
-+ assert("edward-751", crc_inode_ok(inode));
-+ assert("edward-204", win.stat == DATA_WINDOW);
-+ assert("edward-1288", clust.hint->ext_coord.valid);
-+ assert("edward-752",
-+ znode_is_write_locked(hint->ext_coord.coord.node));
-+
-+ put_hint_cluster(&clust, inode, ZNODE_WRITE_LOCK);
-+
-+ /* set write position in page */
-+ page_off = off_to_pgoff(win.off);
-+
-+ /* copy user's data to cluster pages */
-+ for (i = off_to_pg(win.off), src = f.data;
-+ i < count_to_nrpages(win.off + win.count);
-+ i++, src += page_count) {
-+ page_count =
-+ cnt_to_pgcnt(win.off + win.count, i) - page_off;
-+
-+ assert("edward-1039",
-+ page_off + page_count <= PAGE_CACHE_SIZE);
-+ assert("edward-287", clust.pages[i] != NULL);
-+
-+ lock_page(clust.pages[i]);
-+ result =
-+ __copy_from_user((char *)kmap(clust.pages[i]) +
-+ page_off, (char __user *)src, page_count);
-+ kunmap(clust.pages[i]);
-+ if (unlikely(result)) {
-+ unlock_page(clust.pages[i]);
-+ result = -EFAULT;
-+ goto err2;
-+ }
-+ SetPageUptodate(clust.pages[i]);
-+ unlock_page(clust.pages[i]);
-+ page_off = 0;
-+ }
-+ assert("edward-753", crc_inode_ok(inode));
-+
-+ set_cluster_pages_dirty(&clust);
-+
-+ result = try_capture_cluster(&clust, inode);
-+ if (result)
-+ goto err2;
-+
-+ assert("edward-998", f.user == 1);
-+
-+ move_flow_forward(&f, win.count);
-+
-+ /* disk cluster may be already clean at this point */
-+
-+ /* . update cluster
-+ . set hint for new offset
-+ . unlock znode
-+ . update inode
-+ . balance dirty pages
-+ */
-+ result = balance_dirty_page_cluster(&clust, inode, 0, f.length);
-+ if (result)
-+ goto err1;
-+ assert("edward-755", hint->lh.owner == NULL);
-+ reset_cluster_params(&clust);
-+ continue;
-+ err2:
-+ release_cluster_pages_and_jnode(&clust);
-+ err1:
-+ if (clust.reserved)
-+ free_reserved4cluster(inode,
-+ &clust,
-+ estimate_update_cluster(inode));
-+ break;
-+ } while (f.length);
-+ out:
-+ done_lh(&hint->lh);
-+ if (result == -EEXIST)
-+ warning("edward-1407", "write returns EEXIST!\n");
-+
-+ put_cluster_handle(&clust);
-+ save_file_hint(file, hint);
-+ kfree(hint);
-+ if (buf) {
-+ /* if nothing were written - there must be an error */
-+ assert("edward-195", ergo((to_write == f.length), result < 0));
-+ return (to_write - f.length) ? (to_write - f.length) : result;
-+ }
-+ return result;
-+}
-+
-+static ssize_t write_crc_file(struct file *file, /* file to write to */
-+ struct inode *inode, /* inode */
-+ const char __user *buf, /* address of user-space buffer */
-+ size_t count, /* number of bytes to write */
-+ loff_t * off /* position to write which */ )
-+{
-+
-+ int result;
-+ loff_t pos;
-+ ssize_t written;
-+ cryptcompress_info_t *info = cryptcompress_inode_data(inode);
-+
-+ assert("edward-196", crc_inode_ok(inode));
-+
-+ result = generic_write_checks(file, off, &count, 0);
-+ if (unlikely(result != 0))
-+ return result;
-+
-+ if (unlikely(count == 0))
-+ return 0;
-+
-+ down_write(&info->lock);
-+ LOCK_CNT_INC(inode_sem_w);
-+
-+ pos = *off;
-+ written =
-+ write_cryptcompress_flow(file, inode, buf, count, pos);
-+
-+ up_write(&info->lock);
-+ LOCK_CNT_DEC(inode_sem_w);
-+
-+ if (written < 0) {
-+ if (written == -EEXIST)
-+ printk("write_crc_file returns EEXIST!\n");
-+ return written;
-+ }
-+ /* update position in a file */
-+ *off = pos + written;
-+ /* return number of written bytes */
-+ return written;
-+}
-+
-+/**
-+ * write_cryptcompress - write of struct file_operations
-+ * @file: file to write to
-+ * @buf: address of user-space buffer
-+ * @read_amount: number of bytes to write
-+ * @off: position in file to write to
-+ *
-+ * This is implementation of vfs's write method of struct file_operations for
-+ * cryptcompress plugin.
-+ */
-+ssize_t write_cryptcompress(struct file *file, const char __user *buf,
-+ size_t count, loff_t *off)
-+{
-+ ssize_t result;
-+ struct inode *inode;
-+ reiser4_context *ctx;
-+
-+ inode = file->f_dentry->d_inode;
-+
-+ ctx = init_context(inode->i_sb);
-+ if (IS_ERR(ctx))
-+ return PTR_ERR(ctx);
-+
-+ mutex_lock(&inode->i_mutex);
-+
-+ result = write_crc_file(file, inode, buf, count, off);
-+
-+ mutex_unlock(&inode->i_mutex);
-+
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+ return result;
-+}
-+
-+static void
-+readpages_crc(struct address_space *mapping, struct list_head *pages,
-+ void *data)
-+{
-+ file_plugin *fplug;
-+ item_plugin *iplug;
-+
-+ assert("edward-1112", mapping != NULL);
-+ assert("edward-1113", mapping->host != NULL);
-+
-+ fplug = inode_file_plugin(mapping->host);
-+ assert("edward-1114", fplug == file_plugin_by_id(CRC_FILE_PLUGIN_ID));
-+ iplug = item_plugin_by_id(CTAIL_ID);
-+
-+ iplug->s.file.readpages(data, mapping, pages);
-+
-+ return;
-+}
-+
-+static reiser4_block_nr cryptcompress_estimate_read(struct inode *inode)
-+{
-+ /* reserve one block to update stat data item */
-+ assert("edward-1193",
-+ inode_file_plugin(inode)->estimate.update ==
-+ estimate_update_common);
-+ return estimate_update_common(inode);
-+}
-+
-+/**
-+ * read_cryptcompress - read of struct file_operations
-+ * @file: file to read from
-+ * @buf: address of user-space buffer
-+ * @read_amount: number of bytes to read
-+ * @off: position in file to read from
-+ *
-+ * This is implementation of vfs's read method of struct file_operations for
-+ * cryptcompress plugin.
-+ */
-+ssize_t read_cryptcompress(struct file * file, char __user *buf, size_t size,
-+ loff_t * off)
-+{
-+ ssize_t result;
-+ struct inode *inode;
-+ reiser4_context *ctx;
-+ reiser4_file_fsdata *fsdata;
-+ cryptcompress_info_t *info;
-+ reiser4_block_nr needed;
-+
-+ inode = file->f_dentry->d_inode;
-+ assert("edward-1194", !inode_get_flag(inode, REISER4_NO_SD));
-+
-+ ctx = init_context(inode->i_sb);
-+ if (IS_ERR(ctx))
-+ return PTR_ERR(ctx);
-+
-+ info = cryptcompress_inode_data(inode);
-+ needed = cryptcompress_estimate_read(inode);
-+
-+ /* FIXME-EDWARD:
-+ Grab space for sd_update so find_cluster will be happy */
-+ result = reiser4_grab_space(needed, BA_CAN_COMMIT);
-+ if (result != 0) {
-+ reiser4_exit_context(ctx);
-+ return result;
-+ }
-+ fsdata = reiser4_get_file_fsdata(file);
-+ fsdata->ra2.data = file;
-+ fsdata->ra2.readpages = readpages_crc;
-+
-+ down_read(&info->lock);
-+ LOCK_CNT_INC(inode_sem_r);
-+
-+ result = generic_file_read(file, buf, size, off);
-+
-+ up_read(&info->lock);
-+ LOCK_CNT_DEC(inode_sem_r);
-+
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+
-+ return result;
-+}
-+
-+/* If @index > 0, find real disk cluster of the index (@index - 1),
-+ If @index == 0 find the real disk cluster of the object of maximal index.
-+ Keep incremented index of the result in @found.
-+ It succes was returned:
-+ (@index == 0 && @found == 0) means that the object doesn't have real disk
-+ clusters.
-+ (@index != 0 && @found == 0) means that disk cluster of (@index -1) doesn't
-+ exist.
-+*/
-+static int
-+find_real_disk_cluster(struct inode *inode, cloff_t * found, cloff_t index)
-+{
-+ int result;
-+ reiser4_key key;
-+ loff_t offset;
-+ hint_t *hint;
-+ lock_handle *lh;
-+ lookup_bias bias;
-+ coord_t *coord;
-+ item_plugin *iplug;
-+
-+ assert("edward-1131", inode != NULL);
-+ assert("edward-95", crc_inode_ok(inode));
-+
-+ hint = kmalloc(sizeof(*hint), GFP_KERNEL);
-+ if (hint == NULL)
-+ return RETERR(-ENOMEM);
-+ hint_init_zero(hint);
-+ lh = &hint->lh;
-+
-+ bias = (index ? FIND_EXACT : FIND_MAX_NOT_MORE_THAN);
-+ offset =
-+ (index ? clust_to_off(index, inode) -
-+ 1 : get_key_offset(max_key()));
-+
-+ key_by_inode_cryptcompress(inode, offset, &key);
-+
-+ /* find the last item of this object */
-+ result =
-+ find_cluster_item(hint, &key, ZNODE_READ_LOCK, NULL /* ra_info */,
-+ bias, 0);
-+ if (cbk_errored(result)) {
-+ done_lh(lh);
-+ kfree(hint);
-+ return result;
-+ }
-+ if (result == CBK_COORD_NOTFOUND) {
-+ /* no real disk clusters */
-+ done_lh(lh);
-+ kfree(hint);
-+ *found = 0;
-+ return 0;
-+ }
-+ /* disk cluster is found */
-+ coord = &hint->ext_coord.coord;
-+ coord_clear_iplug(coord);
-+ result = zload(coord->node);
-+ if (unlikely(result)) {
-+ done_lh(lh);
-+ kfree(hint);
-+ return result;
-+ }
-+ iplug = item_plugin_by_coord(coord);
-+ assert("edward-277", iplug == item_plugin_by_id(CTAIL_ID));
-+ assert("edward-1202", ctail_ok(coord));
-+
-+ item_key_by_coord(coord, &key);
-+ *found = off_to_clust(get_key_offset(&key), inode) + 1;
-+
-+ assert("edward-1132", ergo(index, index == *found));
-+
-+ zrelse(coord->node);
-+ done_lh(lh);
-+ kfree(hint);
-+ return 0;
-+}
-+
-+static int find_fake_appended(struct inode *inode, cloff_t * index)
-+{
-+ return find_real_disk_cluster(inode, index,
-+ 0 /* find last real one */ );
-+}
-+
-+/* Set left coord when unit is not found after node_lookup()
-+ This takes into account that there can be holes in a sequence
-+ of disk clusters */
-+
-+static void adjust_left_coord(coord_t * left_coord)
-+{
-+ switch (left_coord->between) {
-+ case AFTER_UNIT:
-+ left_coord->between = AFTER_ITEM;
-+ case AFTER_ITEM:
-+ case BEFORE_UNIT:
-+ break;
-+ default:
-+ impossible("edward-1204", "bad left coord to cut");
-+ }
-+ return;
-+}
-+
-+#define CRC_CUT_TREE_MIN_ITERATIONS 64
-+int
-+cut_tree_worker_cryptcompress(tap_t * tap, const reiser4_key * from_key,
-+ const reiser4_key * to_key,
-+ reiser4_key * smallest_removed,
-+ struct inode *object, int truncate, int *progress)
-+{
-+ lock_handle next_node_lock;
-+ coord_t left_coord;
-+ int result;
-+
-+ assert("edward-1158", tap->coord->node != NULL);
-+ assert("edward-1159", znode_is_write_locked(tap->coord->node));
-+ assert("edward-1160", znode_get_level(tap->coord->node) == LEAF_LEVEL);
-+
-+ *progress = 0;
-+ init_lh(&next_node_lock);
-+
-+ while (1) {
-+ znode *node; /* node from which items are cut */
-+ node_plugin *nplug; /* node plugin for @node */
-+
-+ node = tap->coord->node;
-+
-+ /* Move next_node_lock to the next node on the left. */
-+ result =
-+ reiser4_get_left_neighbor(&next_node_lock, node,
-+ ZNODE_WRITE_LOCK,
-+ GN_CAN_USE_UPPER_LEVELS);
-+ if (result != 0 && result != -E_NO_NEIGHBOR)
-+ break;
-+ /* FIXME-EDWARD: Check can we delete the node as a whole. */
-+ result = tap_load(tap);
-+ if (result)
-+ return result;
-+
-+ /* Prepare the second (right) point for cut_node() */
-+ if (*progress)
-+ coord_init_last_unit(tap->coord, node);
-+
-+ else if (item_plugin_by_coord(tap->coord)->b.lookup == NULL)
-+ /* set rightmost unit for the items without lookup method */
-+ tap->coord->unit_pos = coord_last_unit_pos(tap->coord);
-+
-+ nplug = node->nplug;
-+
-+ assert("edward-1161", nplug);
-+ assert("edward-1162", nplug->lookup);
-+
-+ /* left_coord is leftmost unit cut from @node */
-+ result = nplug->lookup(node, from_key, FIND_EXACT, &left_coord);
-+
-+ if (IS_CBKERR(result))
-+ break;
-+
-+ if (result == CBK_COORD_NOTFOUND)
-+ adjust_left_coord(&left_coord);
-+
-+ /* adjust coordinates so that they are set to existing units */
-+ if (coord_set_to_right(&left_coord)
-+ || coord_set_to_left(tap->coord)) {
-+ result = 0;
-+ break;
-+ }
-+
-+ if (coord_compare(&left_coord, tap->coord) ==
-+ COORD_CMP_ON_RIGHT) {
-+ /* keys from @from_key to @to_key are not in the tree */
-+ result = 0;
-+ break;
-+ }
-+
-+ /* cut data from one node */
-+ *smallest_removed = *min_key();
-+ result = kill_node_content(&left_coord,
-+ tap->coord,
-+ from_key,
-+ to_key,
-+ smallest_removed,
-+ next_node_lock.node,
-+ object, truncate);
-+#if REISER4_DEBUG
-+ /*node_check(node, ~0U); */
-+#endif
-+ tap_relse(tap);
-+
-+ if (result)
-+ break;
-+
-+ ++(*progress);
-+
-+ /* Check whether all items with keys >= from_key were removed
-+ * from the tree. */
-+ if (keyle(smallest_removed, from_key))
-+ /* result = 0; */
-+ break;
-+
-+ if (next_node_lock.node == NULL)
-+ break;
-+
-+ result = tap_move(tap, &next_node_lock);
-+ done_lh(&next_node_lock);
-+ if (result)
-+ break;
-+
-+ /* Break long cut_tree operation (deletion of a large file) if
-+ * atom requires commit. */
-+ if (*progress > CRC_CUT_TREE_MIN_ITERATIONS
-+ && current_atom_should_commit()) {
-+ result = -E_REPEAT;
-+ break;
-+ }
-+ }
-+ done_lh(&next_node_lock);
-+ return result;
-+}
-+
-+/* Append or expand hole in two steps (exclusive access should be aquired!)
-+ 1) write zeroes to the current real cluster,
-+ 2) expand hole via fake clusters (just increase i_size) */
-+static int
-+cryptcompress_append_hole(struct inode *inode /*contains old i_size */ ,
-+ loff_t new_size)
-+{
-+ int result = 0;
-+ hint_t *hint;
-+ lock_handle *lh;
-+ loff_t hole_size;
-+ int nr_zeroes;
-+ reiser4_slide_t win;
-+ reiser4_cluster_t clust;
-+
-+ assert("edward-1133", inode->i_size < new_size);
-+ assert("edward-1134", schedulable());
-+ assert("edward-1135", crc_inode_ok(inode));
-+ assert("edward-1136", current_blocksize == PAGE_CACHE_SIZE);
-+ assert("edward-1333", off_to_cloff(inode->i_size, inode) != 0);
-+
-+ hint = kmalloc(sizeof(*hint), GFP_KERNEL);
-+ if (hint == NULL)
-+ return RETERR(-ENOMEM);
-+ hint_init_zero(hint);
-+ lh = &hint->lh;
-+
-+ reiser4_slide_init(&win);
-+ cluster_init_read(&clust, &win);
-+ clust.hint = hint;
-+
-+ result = alloc_cluster_pgset(&clust, cluster_nrpages(inode));
-+ if (result)
-+ goto out;
-+ if (off_to_cloff(inode->i_size, inode) == 0)
-+ goto fake_append;
-+ hole_size = new_size - inode->i_size;
-+ nr_zeroes =
-+ inode_cluster_size(inode) - off_to_cloff(inode->i_size, inode);
-+ if (hole_size < nr_zeroes)
-+ nr_zeroes = hole_size;
-+ set_window(&clust, &win, inode, inode->i_size,
-+ inode->i_size + nr_zeroes);
-+ win.stat = HOLE_WINDOW;
-+
-+ assert("edward-1137",
-+ clust.index == off_to_clust(inode->i_size, inode));
-+
-+ result = prepare_cluster(inode, 0, 0, &clust, PCL_APPEND);
-+
-+ assert("edward-1271", !result || result == -ENOSPC);
-+ if (result)
-+ goto out;
-+ assert("edward-1139",
-+ clust.dstat == PREP_DISK_CLUSTER ||
-+ clust.dstat == UNPR_DISK_CLUSTER);
-+
-+ assert("edward-1431", hole_size >= nr_zeroes);
-+ if (hole_size == nr_zeroes)
-+ /* nothing to append anymore */
-+ goto out;
-+ fake_append:
-+ INODE_SET_FIELD(inode, i_size, new_size);
-+ out:
-+ done_lh(lh);
-+ kfree(hint);
-+ put_cluster_handle(&clust);
-+ return result;
-+}
-+
-+#if REISER4_DEBUG
-+static int
-+pages_truncate_ok(struct inode *inode, loff_t old_size, pgoff_t start)
-+{
-+ struct pagevec pvec;
-+ int i;
-+ int count;
-+ int rest;
-+
-+ rest = count_to_nrpages(old_size) - start;
-+
-+ pagevec_init(&pvec, 0);
-+ count = min_count(pagevec_space(&pvec), rest);
-+
-+ while (rest) {
-+ count = min_count(pagevec_space(&pvec), rest);
-+ pvec.nr = find_get_pages(inode->i_mapping, start,
-+ count, pvec.pages);
-+ for (i = 0; i < pagevec_count(&pvec); i++) {
-+ if (PageUptodate(pvec.pages[i])) {
-+ warning("edward-1205",
-+ "truncated page of index %lu is uptodate",
-+ pvec.pages[i]->index);
-+ return 0;
-+ }
-+ }
-+ start += count;
-+ rest -= count;
-+ pagevec_release(&pvec);
-+ }
-+ return 1;
-+}
-+
-+static int body_truncate_ok(struct inode *inode, cloff_t aidx)
-+{
-+ int result;
-+ cloff_t raidx;
-+
-+ result = find_fake_appended(inode, &raidx);
-+ return !result && (aidx == raidx);
-+}
-+#endif
-+
-+static int
-+update_cryptcompress_size(struct inode *inode, reiser4_key * key, int update_sd)
-+{
-+ return (get_key_offset(key) & ((loff_t) (inode_cluster_size(inode)) - 1)
-+ ? 0 : update_file_size(inode, key, update_sd));
-+}
-+
-+/* prune cryptcompress file in two steps (exclusive access should be acquired!)
-+ 1) cut all disk clusters but the last one partially truncated,
-+ 2) set zeroes and capture last partially truncated page cluster if the last
-+ one exists, otherwise truncate via prune fake cluster (just decrease i_size)
-+*/
-+static int
-+prune_cryptcompress(struct inode *inode, loff_t new_size, int update_sd,
-+ cloff_t aidx)
-+{
-+ int result = 0;
-+ unsigned nr_zeroes;
-+ loff_t to_prune;
-+ loff_t old_size;
-+ cloff_t ridx;
-+
-+ hint_t *hint;
-+ lock_handle *lh;
-+ reiser4_slide_t win;
-+ reiser4_cluster_t clust;
-+
-+ assert("edward-1140", inode->i_size >= new_size);
-+ assert("edward-1141", schedulable());
-+ assert("edward-1142", crc_inode_ok(inode));
-+ assert("edward-1143", current_blocksize == PAGE_CACHE_SIZE);
-+
-+ hint = kmalloc(sizeof(*hint), GFP_KERNEL);
-+ if (hint == NULL)
-+ return RETERR(-ENOMEM);
-+ hint_init_zero(hint);
-+ lh = &hint->lh;
-+
-+ reiser4_slide_init(&win);
-+ cluster_init_read(&clust, &win);
-+ clust.hint = hint;
-+
-+ /* rightmost completely truncated cluster */
-+ ridx = count_to_nrclust(new_size, inode);
-+
-+ assert("edward-1174", ridx <= aidx);
-+ old_size = inode->i_size;
-+ if (ridx != aidx) {
-+ result = cut_file_items(inode,
-+ clust_to_off(ridx, inode),
-+ update_sd,
-+ clust_to_off(aidx, inode),
-+ update_cryptcompress_size);
-+ if (result)
-+ goto out;
-+ }
-+ if (!off_to_cloff(new_size, inode)) {
-+ /* no partially truncated clusters */
-+ assert("edward-1145", inode->i_size == new_size);
-+ goto finish;
-+ }
-+ assert("edward-1146", new_size < inode->i_size);
-+
-+ to_prune = inode->i_size - new_size;
-+
-+ /* partial truncate of leftmost cluster,
-+ first check if it is fake */
-+ result = find_real_disk_cluster(inode, &aidx, ridx);
-+ if (result)
-+ goto out;
-+ if (!aidx)
-+ /* yup, this is fake one */
-+ goto finish;
-+
-+ assert("edward-1148", aidx == ridx);
-+
-+ /* do partial truncate of the leftmost page cluster,
-+ then try to capture this one */
-+ result = alloc_cluster_pgset(&clust, cluster_nrpages(inode));
-+ if (result)
-+ goto out;
-+ nr_zeroes = (off_to_pgoff(new_size) ?
-+ PAGE_CACHE_SIZE - off_to_pgoff(new_size) : 0);
-+ set_window(&clust, &win, inode, new_size, new_size + nr_zeroes);
-+ win.stat = HOLE_WINDOW;
-+
-+ assert("edward-1149", clust.index == ridx - 1);
-+
-+ result = prepare_cluster(inode, 0, 0, &clust, PCL_TRUNCATE);
-+ if (result)
-+ goto out;
-+ assert("edward-1151",
-+ clust.dstat == PREP_DISK_CLUSTER ||
-+ clust.dstat == UNPR_DISK_CLUSTER);
-+
-+ assert("edward-1191", inode->i_size == new_size);
-+ assert("edward-1206", body_truncate_ok(inode, ridx));
-+ finish:
-+ /* drop all the pages that don't have jnodes (i.e. pages
-+ which can not be truncated by cut_file_items() because
-+ of holes represented by fake disk clusters) including
-+ the pages of partially truncated cluster which was
-+ released by prepare_cluster() */
-+ truncate_inode_pages(inode->i_mapping, new_size);
-+ INODE_SET_FIELD(inode, i_size, new_size);
-+ out:
-+ assert("edward-1334", !result || result == -ENOSPC);
-+ assert("edward-1209",
-+ pages_truncate_ok(inode, old_size, count_to_nrpages(new_size)));
-+ done_lh(lh);
-+ kfree(hint);
-+ put_cluster_handle(&clust);
-+ return result;
-+}
-+
-+/* Prepare cryptcompress file for truncate:
-+ prune or append rightmost fake logical clusters (if any)
-+*/
-+static int
-+start_truncate_fake(struct inode *inode, cloff_t aidx, loff_t new_size,
-+ int update_sd)
-+{
-+ int result = 0;
-+ int bytes;
-+
-+ if (new_size > inode->i_size) {
-+ /* append */
-+ if (inode->i_size < clust_to_off(aidx, inode))
-+ /* no fake bytes */
-+ return 0;
-+ bytes = new_size - inode->i_size;
-+ INODE_SET_FIELD(inode, i_size, inode->i_size + bytes);
-+ } else {
-+ /* prune */
-+ if (inode->i_size <= clust_to_off(aidx, inode))
-+ /* no fake bytes */
-+ return 0;
-+ bytes =
-+ inode->i_size - max_count(new_size,
-+ clust_to_off(aidx, inode));
-+ if (!bytes)
-+ return 0;
-+ INODE_SET_FIELD(inode, i_size, inode->i_size - bytes);
-+ /* In the case of fake prune we need to drop page cluster.
-+ There are only 2 cases for partially truncated page:
-+ 1. If is is dirty, therefore it is anonymous
-+ (was dirtied via mmap), and will be captured
-+ later via ->capture().
-+ 2. If is clean, therefore it is filled by zeroes.
-+ In both cases we don't need to make it dirty and
-+ capture here.
-+ */
-+ truncate_inode_pages(inode->i_mapping, inode->i_size);
-+ }
-+ if (update_sd)
-+ result = update_sd_cryptcompress(inode);
-+ return result;
-+}
-+
-+/* This is called in setattr_cryptcompress when it is used to truncate,
-+ and in delete_cryptcompress */
-+static int cryptcompress_truncate(struct inode *inode, /* old size */
-+ loff_t new_size, /* new size */
-+ int update_sd)
-+{
-+ int result;
-+ cloff_t aidx;
-+
-+ result = find_fake_appended(inode, &aidx);
-+ if (result)
-+ return result;
-+ assert("edward-1208",
-+ ergo(aidx > 0, inode->i_size > clust_to_off(aidx - 1, inode)));
-+
-+ result = start_truncate_fake(inode, aidx, new_size, update_sd);
-+ if (result)
-+ return result;
-+ if (inode->i_size == new_size)
-+ /* nothing to truncate anymore */
-+ return 0;
-+ return (inode->i_size < new_size ?
-+ cryptcompress_append_hole(inode, new_size) :
-+ prune_cryptcompress(inode, new_size, update_sd, aidx));
-+}
-+
-+static void clear_moved_tag_cluster(struct address_space * mapping,
-+ reiser4_cluster_t * clust)
-+{
-+ int i;
-+ void * ret;
-+ read_lock_irq(&mapping->tree_lock);
-+ for (i = 0; i < clust->nr_pages; i++) {
-+ assert("edward-1438", clust->pages[i] != NULL);
-+ ret = radix_tree_tag_clear(&mapping->page_tree,
-+ clust->pages[i]->index,
-+ PAGECACHE_TAG_REISER4_MOVED);
-+ assert("edward-1439", ret == clust->pages[i]);
-+ }
-+ read_unlock_irq(&mapping->tree_lock);
-+}
-+
-+/* Capture an anonymous pager cluster. (Page cluser is
-+ anonymous if it contains at least one anonymous page */
-+static int
-+capture_page_cluster(reiser4_cluster_t * clust, struct inode *inode)
-+{
-+ int result;
-+
-+ assert("edward-1073", clust != NULL);
-+ assert("edward-1074", inode != NULL);
-+ assert("edward-1075", clust->dstat == INVAL_DISK_CLUSTER);
-+
-+ result = prepare_cluster(inode, 0, 0, clust, PCL_APPEND);
-+ if (result)
-+ return result;
-+ set_cluster_pages_dirty(clust);
-+ clear_moved_tag_cluster(inode->i_mapping, clust);
-+
-+ result = try_capture_cluster(clust, inode);
-+ put_hint_cluster(clust, inode, ZNODE_WRITE_LOCK);
-+ if (unlikely(result)) {
-+ /* set cleared tag back, so it will be
-+ possible to capture it again later */
-+ read_lock_irq(&inode->i_mapping->tree_lock);
-+ radix_tree_tag_set(&inode->i_mapping->page_tree,
-+ clust_to_pg(clust->index, inode),
-+ PAGECACHE_TAG_REISER4_MOVED);
-+ read_unlock_irq(&inode->i_mapping->tree_lock);
-+
-+ release_cluster_pages_and_jnode(clust);
-+ }
-+ return result;
-+}
-+
-+#define MAX_CLUSTERS_TO_CAPTURE(inode) (1024 >> cluster_nrpages_shift(inode))
-+
-+/* read lock should be acquired */
-+static int
-+capture_anonymous_clusters(struct address_space *mapping, pgoff_t * index,
-+ int to_capture)
-+{
-+ int result = 0;
-+ int found;
-+ int progress = 0;
-+ struct page *page = NULL;
-+ hint_t *hint;
-+ lock_handle *lh;
-+ reiser4_cluster_t clust;
-+
-+ assert("edward-1127", mapping != NULL);
-+ assert("edward-1128", mapping->host != NULL);
-+ assert("edward-1440", mapping->host->i_mapping == mapping);
-+
-+ hint = kmalloc(sizeof(*hint), GFP_KERNEL);
-+ if (hint == NULL)
-+ return RETERR(-ENOMEM);
-+ hint_init_zero(hint);
-+ lh = &hint->lh;
-+
-+ cluster_init_read(&clust, NULL);
-+ clust.hint = hint;
-+
-+ result = alloc_cluster_pgset(&clust, cluster_nrpages(mapping->host));
-+ if (result)
-+ goto out;
-+
-+ while (to_capture > 0) {
-+ found =
-+ find_get_pages_tag(mapping, index,
-+ PAGECACHE_TAG_REISER4_MOVED, 1, &page);
-+ if (!found) {
-+ *index = (pgoff_t) - 1;
-+ break;
-+ }
-+ assert("edward-1109", page != NULL);
-+
-+ move_cluster_forward(&clust, mapping->host, page->index,
-+ &progress);
-+ result = capture_page_cluster(&clust, mapping->host);
-+ page_cache_release(page);
-+ if (result)
-+ break;
-+ to_capture--;
-+ }
-+ if (result) {
-+ warning("edward-1077",
-+ "Cannot capture anon pages: result=%i (captured=%d)\n",
-+ result,
-+ ((__u32) MAX_CLUSTERS_TO_CAPTURE(mapping->host)) -
-+ to_capture);
-+ } else {
-+ /* something had to be found */
-+ assert("edward-1078",
-+ to_capture <= MAX_CLUSTERS_TO_CAPTURE(mapping->host));
-+ if (to_capture <= 0)
-+ /* there may be left more pages */
-+ __mark_inode_dirty(mapping->host, I_DIRTY_PAGES);
-+ }
-+ out:
-+ done_lh(lh);
-+ kfree(hint);
-+ put_cluster_handle(&clust);
-+ return result;
-+}
-+
-+/* Check mapping for existence of not captured dirty pages.
-+ This returns !0 if either page tree contains pages tagged
-+ PAGECACHE_TAG_REISER4_MOVED */
-+static int crc_inode_has_anon_pages(struct inode *inode)
-+{
-+ return mapping_tagged(inode->i_mapping, PAGECACHE_TAG_REISER4_MOVED);
-+}
-+
-+/* this is implementation of vfs's writepages method of struct
-+ address_space_operations */
-+int
-+writepages_cryptcompress(struct address_space *mapping,
-+ struct writeback_control *wbc)
-+{
-+ int result;
-+ int to_capture;
-+ pgoff_t nrpages;
-+ pgoff_t index = 0;
-+ cryptcompress_info_t *info;
-+ struct inode *inode;
-+
-+ inode = mapping->host;
-+ if (!crc_inode_has_anon_pages(inode)) {
-+ result = 0;
-+ goto end;
-+ }
-+
-+ info = cryptcompress_inode_data(inode);
-+ nrpages = count_to_nrpages(i_size_read(inode));
-+
-+ if (wbc->sync_mode != WB_SYNC_ALL)
-+ to_capture =
-+ min_count(wbc->nr_to_write, MAX_CLUSTERS_TO_CAPTURE(inode));
-+ else
-+ to_capture = MAX_CLUSTERS_TO_CAPTURE(inode);
-+ do {
-+ reiser4_context *ctx;
-+
-+ if (is_in_reiser4_context()) {
-+ /* FIXME-EDWARD: REMOVEME */
-+ all_grabbed2free();
-+
-+ /* It can be in the context of write system call from
-+ balance_dirty_pages() */
-+ if (down_read_trylock(&info->lock) == 0) {
-+ result = RETERR(-EBUSY);
-+ break;
-+ }
-+ } else
-+ down_read(&info->lock);
-+
-+ ctx = init_context(inode->i_sb);
-+ if (IS_ERR(ctx)) {
-+ result = PTR_ERR(ctx);
-+ break;
-+ }
-+ ctx->nobalance = 1;
-+
-+ assert("edward-1079",
-+ lock_stack_isclean(get_current_lock_stack()));
-+
-+ LOCK_CNT_INC(inode_sem_r);
-+
-+ result =
-+ capture_anonymous_clusters(inode->i_mapping, &index,
-+ to_capture);
-+
-+ up_read(&info->lock);
-+
-+ LOCK_CNT_DEC(inode_sem_r);
-+
-+ if (result != 0 || wbc->sync_mode != WB_SYNC_ALL) {
-+ reiser4_exit_context(ctx);
-+ break;
-+ }
-+ result = txnmgr_force_commit_all(inode->i_sb, 0);
-+ reiser4_exit_context(ctx);
-+ } while (result == 0 && index < nrpages);
-+
-+ end:
-+ if (is_in_reiser4_context()) {
-+ if (get_current_context()->nr_captured >= CAPTURE_APAGE_BURST) {
-+ /* there are already pages to flush, flush them out, do
-+ not delay until end of reiser4_sync_inodes */
-+ writeout(inode->i_sb, wbc);
-+ get_current_context()->nr_captured = 0;
-+ }
-+ }
-+ return result;
-+}
-+
-+/* plugin->u.file.mmap */
-+int mmap_cryptcompress(struct file *file, struct vm_area_struct *vma)
-+{
-+ //return -ENOSYS;
-+ return generic_file_mmap(file, vma);
-+}
-+
-+/* plugin->u.file.release */
-+/* plugin->u.file.get_block */
-+
-+/* this is implementation of delete method of file plugin for
-+ cryptcompress objects */
-+int delete_cryptcompress(struct inode *inode)
-+{
-+ int result;
-+
-+ assert("edward-429", inode->i_nlink == 0);
-+
-+ if (inode->i_size) {
-+ result = cryptcompress_truncate(inode, 0, 0);
-+ if (result) {
-+ warning("edward-430",
-+ "cannot truncate cryptcompress file %lli: %i",
-+ (unsigned long long)get_inode_oid(inode),
-+ result);
-+ return result;
-+ }
-+ }
-+ /* and remove stat data */
-+ return delete_object_common(inode);
-+}
-+
-+/* plugin->u.file.setattr method
-+ see plugin.h for description */
-+int setattr_cryptcompress(struct dentry *dentry, /* Object to change attributes */
-+ struct iattr *attr /* change description */ )
-+{
-+ int result;
-+ struct inode *inode;
-+
-+ inode = dentry->d_inode;
-+ result = check_cryptcompress(inode);
-+ if (result)
-+ return result;
-+ if (attr->ia_valid & ATTR_SIZE) {
-+ /* EDWARD-FIXME-HANS: VS-FIXME-HANS:
-+ Q: this case occurs when? truncate?
-+ A: yes
-+
-+ Q: If so, why isn't this code in truncate itself instead of here?
-+
-+ A: because vfs calls fs's truncate after it has called truncate_inode_pages to get rid of pages
-+ corresponding to part of file being truncated. In reiser4 it may cause existence of unallocated
-+ extents which do not have jnodes. Flush code does not expect that. Solution of this problem is
-+ straightforward. As vfs's truncate is implemented using setattr operation (common implementaion of
-+ which calls truncate_inode_pages and fs's truncate in case when size of file changes) - it seems
-+ reasonable to have reiser4_setattr which will take care of removing pages, jnodes and extents
-+ simultaneously in case of truncate.
-+ Q: do you think implementing truncate using setattr is ugly,
-+ and vfs needs improving, or is there some sense in which this is a good design?
-+
-+ A: VS-FIXME-HANS:
-+ */
-+
-+ /* truncate does reservation itself and requires exclusive access obtained */
-+ if (inode->i_size != attr->ia_size) {
-+ reiser4_context *ctx;
-+ loff_t old_size;
-+ cryptcompress_info_t *info =
-+ cryptcompress_inode_data(inode);
-+
-+ ctx = init_context(dentry->d_inode->i_sb);
-+ if (IS_ERR(ctx))
-+ return PTR_ERR(ctx);
-+
-+ down_write(&info->lock);
-+ LOCK_CNT_INC(inode_sem_w);
-+
-+ inode_check_scale(inode, inode->i_size, attr->ia_size);
-+
-+ old_size = inode->i_size;
-+
-+ result =
-+ cryptcompress_truncate(inode, attr->ia_size,
-+ 1 /* update stat data */ );
-+ if (result) {
-+ warning("edward-1192",
-+ "truncate_cryptcompress failed: oid %lli, "
-+ "old size %lld, new size %lld, retval %d",
-+ (unsigned long long)
-+ get_inode_oid(inode), old_size,
-+ attr->ia_size, result);
-+ }
-+ up_write(&info->lock);
-+ LOCK_CNT_DEC(inode_sem_w);
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+ } else
-+ result = 0;
-+ } else
-+ result = setattr_common(dentry, attr);
-+ return result;
-+}
-+
-+/* sendfile_cryptcompress - sendfile of struct file_operations */
-+ssize_t
-+sendfile_cryptcompress(struct file *file, loff_t *ppos, size_t count,
-+ read_actor_t actor, void *target)
-+{
-+ reiser4_context *ctx;
-+ ssize_t result;
-+ struct inode *inode;
-+ cryptcompress_info_t *info;
-+
-+ inode = file->f_dentry->d_inode;
-+ ctx = init_context(inode->i_sb);
-+ if (IS_ERR(ctx))
-+ return PTR_ERR(ctx);
-+ /*
-+ * generic_file_sndfile may want to call update_atime. Grab space for
-+ * stat data update
-+ */
-+ result = reiser4_grab_space(estimate_update_common(inode),
-+ BA_CAN_COMMIT);
-+ if (result)
-+ goto exit;
-+ info = cryptcompress_inode_data(inode);
-+ down_read(&info->lock);
-+ result = generic_file_sendfile(file, ppos, count, actor, target);
-+ up_read(&info->lock);
-+ exit:
-+ reiser4_exit_context(ctx);
-+ return result;
-+}
-+
-+/*
-+ * release_cryptcompress - release of struct file_operations
-+ * @inode: inode of released file
-+ * @file: file to release
-+ */
-+int release_cryptcompress(struct inode *inode, struct file *file)
-+{
-+ reiser4_context *ctx = init_context(inode->i_sb);
-+
-+ if (IS_ERR(ctx))
-+ return PTR_ERR(ctx);
-+ reiser4_free_file_fsdata(file);
-+ reiser4_exit_context(ctx);
-+ return 0;
-+}
-+
-+static int
-+save_len_cryptcompress_plugin(struct inode *inode, reiser4_plugin * plugin)
-+{
-+ assert("edward-457", inode != NULL);
-+ assert("edward-458", plugin != NULL);
-+ assert("edward-459", plugin->h.id == CRC_FILE_PLUGIN_ID);
-+ return 0;
-+}
-+
-+static int
-+load_cryptcompress_plugin(struct inode *inode, reiser4_plugin * plugin,
-+ char **area, int *len)
-+{
-+ assert("edward-455", inode != NULL);
-+ assert("edward-456", (reiser4_inode_data(inode)->pset != NULL));
-+
-+ plugin_set_file(&reiser4_inode_data(inode)->pset,
-+ file_plugin_by_id(CRC_FILE_PLUGIN_ID));
-+ return 0;
-+}
-+
-+static int change_cryptcompress(struct inode *inode, reiser4_plugin * plugin)
-+{
-+ /* cannot change object plugin of already existing object */
-+ return RETERR(-EINVAL);
-+}
-+
-+struct reiser4_plugin_ops cryptcompress_plugin_ops = {
-+ .load = load_cryptcompress_plugin,
-+ .save_len = save_len_cryptcompress_plugin,
-+ .save = NULL,
-+ .alignment = 8,
-+ .change = change_cryptcompress
-+};
-+
-+/*
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 80
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/file/cryptcompress.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/file/cryptcompress.h
-@@ -0,0 +1,551 @@
-+/* Copyright 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+/* See http://www.namesys.com/cryptcompress_design.html */
-+
-+#if !defined( __FS_REISER4_CRYPTCOMPRESS_H__ )
-+#define __FS_REISER4_CRYPTCOMPRESS_H__
-+
-+#include "../compress/compress.h"
-+#include "../crypto/cipher.h"
-+
-+#include <linux/pagemap.h>
-+#include <linux/vmalloc.h>
-+
-+#define MIN_CLUSTER_SIZE PAGE_CACHE_SIZE
-+#define MIN_CLUSTER_SHIFT PAGE_CACHE_SHIFT
-+#define MAX_CLUSTER_SHIFT 16
-+#define MAX_CLUSTER_NRPAGES (1U << MAX_CLUSTER_SHIFT >> PAGE_CACHE_SHIFT)
-+#define DC_CHECKSUM_SIZE 4
-+
-+static inline loff_t min_count(loff_t a, loff_t b)
-+{
-+ return (a < b ? a : b);
-+}
-+
-+static inline loff_t max_count(loff_t a, loff_t b)
-+{
-+ return (a > b ? a : b);
-+}
-+
-+#if REISER4_DEBUG
-+static inline int cluster_shift_ok(int shift)
-+{
-+ return (shift >= MIN_CLUSTER_SHIFT) && (shift <= MAX_CLUSTER_SHIFT);
-+}
-+#endif
-+
-+typedef struct tfm_stream {
-+ __u8 *data;
-+ size_t size;
-+} tfm_stream_t;
-+
-+typedef enum {
-+ INPUT_STREAM,
-+ OUTPUT_STREAM,
-+ LAST_STREAM
-+} tfm_stream_id;
-+
-+typedef tfm_stream_t *tfm_unit[LAST_STREAM];
-+
-+static inline __u8 *ts_data(tfm_stream_t * stm)
-+{
-+ assert("edward-928", stm != NULL);
-+ return stm->data;
-+}
-+
-+static inline size_t ts_size(tfm_stream_t * stm)
-+{
-+ assert("edward-929", stm != NULL);
-+ return stm->size;
-+}
-+
-+static inline void set_ts_size(tfm_stream_t * stm, size_t size)
-+{
-+ assert("edward-930", stm != NULL);
-+
-+ stm->size = size;
-+}
-+
-+static inline int alloc_ts(tfm_stream_t ** stm)
-+{
-+ assert("edward-931", stm);
-+ assert("edward-932", *stm == NULL);
-+
-+ *stm = kmalloc(sizeof **stm, GFP_KERNEL);
-+ if (*stm == NULL)
-+ return -ENOMEM;
-+ memset(*stm, 0, sizeof **stm);
-+ return 0;
-+}
-+
-+static inline void free_ts(tfm_stream_t * stm)
-+{
-+ assert("edward-933", !ts_data(stm));
-+ assert("edward-934", !ts_size(stm));
-+
-+ kfree(stm);
-+}
-+
-+static inline int alloc_ts_data(tfm_stream_t * stm, size_t size)
-+{
-+ assert("edward-935", !ts_data(stm));
-+ assert("edward-936", !ts_size(stm));
-+ assert("edward-937", size != 0);
-+
-+ stm->data = vmalloc(size);
-+ if (!stm->data)
-+ return -ENOMEM;
-+ set_ts_size(stm, size);
-+ return 0;
-+}
-+
-+static inline void free_ts_data(tfm_stream_t * stm)
-+{
-+ assert("edward-938", equi(ts_data(stm), ts_size(stm)));
-+
-+ if (ts_data(stm))
-+ vfree(ts_data(stm));
-+ memset(stm, 0, sizeof *stm);
-+}
-+
-+/* Write modes for item conversion in flush convert phase */
-+typedef enum {
-+ CRC_APPEND_ITEM = 1,
-+ CRC_OVERWRITE_ITEM = 2,
-+ CRC_CUT_ITEM = 3
-+} crc_write_mode_t;
-+
-+typedef enum {
-+ PCL_UNKNOWN = 0, /* invalid option */
-+ PCL_APPEND = 1, /* append and/or overwrite */
-+ PCL_TRUNCATE = 2 /* truncate */
-+} page_cluster_op;
-+
-+/* Reiser4 file write/read transforms page cluster into disk cluster (and back)
-+ using crypto/compression transforms implemented by reiser4 transform plugins.
-+ Before each transform we allocate a pair of streams (tfm_unit) and assemble
-+ page cluster into the input one. After transform we split output stream into
-+ a set of items (disk cluster).
-+*/
-+typedef struct tfm_cluster {
-+ coa_set coa;
-+ tfm_unit tun;
-+ tfm_action act;
-+ int uptodate;
-+ int lsize; /* size of the logical cluster */
-+ int len; /* length of the transform stream */
-+} tfm_cluster_t;
-+
-+static inline coa_t get_coa(tfm_cluster_t * tc, reiser4_compression_id id, tfm_action act)
-+{
-+ return tc->coa[id][act];
-+}
-+
-+static inline void
-+set_coa(tfm_cluster_t * tc, reiser4_compression_id id, tfm_action act, coa_t coa)
-+{
-+ tc->coa[id][act] = coa;
-+}
-+
-+static inline int
-+alloc_coa(tfm_cluster_t * tc, compression_plugin * cplug)
-+{
-+ coa_t coa;
-+
-+ coa = cplug->alloc(tc->act);
-+ if (IS_ERR(coa))
-+ return PTR_ERR(coa);
-+ set_coa(tc, cplug->h.id, tc->act, coa);
-+ return 0;
-+}
-+
-+static inline int
-+grab_coa(tfm_cluster_t * tc, compression_plugin * cplug)
-+{
-+ return (cplug->alloc && !get_coa(tc, cplug->h.id, tc->act) ?
-+ alloc_coa(tc, cplug) : 0);
-+}
-+
-+static inline void free_coa_set(tfm_cluster_t * tc)
-+{
-+ tfm_action j;
-+ reiser4_compression_id i;
-+ compression_plugin *cplug;
-+
-+ assert("edward-810", tc != NULL);
-+
-+ for (j = 0; j < LAST_TFM; j++)
-+ for (i = 0; i < LAST_COMPRESSION_ID; i++) {
-+ if (!get_coa(tc, i, j))
-+ continue;
-+ cplug = compression_plugin_by_id(i);
-+ assert("edward-812", cplug->free != NULL);
-+ cplug->free(get_coa(tc, i, j), j);
-+ set_coa(tc, i, j, 0);
-+ }
-+ return;
-+}
-+
-+static inline tfm_stream_t *tfm_stream(tfm_cluster_t * tc, tfm_stream_id id)
-+{
-+ return tc->tun[id];
-+}
-+
-+static inline void
-+set_tfm_stream(tfm_cluster_t * tc, tfm_stream_id id, tfm_stream_t * ts)
-+{
-+ tc->tun[id] = ts;
-+}
-+
-+static inline __u8 *tfm_stream_data(tfm_cluster_t * tc, tfm_stream_id id)
-+{
-+ return ts_data(tfm_stream(tc, id));
-+}
-+
-+static inline void
-+set_tfm_stream_data(tfm_cluster_t * tc, tfm_stream_id id, __u8 * data)
-+{
-+ tfm_stream(tc, id)->data = data;
-+}
-+
-+static inline size_t tfm_stream_size(tfm_cluster_t * tc, tfm_stream_id id)
-+{
-+ return ts_size(tfm_stream(tc, id));
-+}
-+
-+static inline void
-+set_tfm_stream_size(tfm_cluster_t * tc, tfm_stream_id id, size_t size)
-+{
-+ tfm_stream(tc, id)->size = size;
-+}
-+
-+static inline int
-+alloc_tfm_stream(tfm_cluster_t * tc, size_t size, tfm_stream_id id)
-+{
-+ assert("edward-939", tc != NULL);
-+ assert("edward-940", !tfm_stream(tc, id));
-+
-+ tc->tun[id] = kmalloc(sizeof(tfm_stream_t), GFP_KERNEL);
-+ if (!tc->tun[id])
-+ return -ENOMEM;
-+ memset(tfm_stream(tc, id), 0, sizeof(tfm_stream_t));
-+ return alloc_ts_data(tfm_stream(tc, id), size);
-+}
-+
-+static inline int
-+realloc_tfm_stream(tfm_cluster_t * tc, size_t size, tfm_stream_id id)
-+{
-+ assert("edward-941", tfm_stream_size(tc, id) < size);
-+ free_ts_data(tfm_stream(tc, id));
-+ return alloc_ts_data(tfm_stream(tc, id), size);
-+}
-+
-+static inline void free_tfm_stream(tfm_cluster_t * tc, tfm_stream_id id)
-+{
-+ free_ts_data(tfm_stream(tc, id));
-+ free_ts(tfm_stream(tc, id));
-+ set_tfm_stream(tc, id, 0);
-+}
-+
-+static inline unsigned coa_overrun(compression_plugin * cplug, int ilen)
-+{
-+ return (cplug->overrun != NULL ? cplug->overrun(ilen) : 0);
-+}
-+
-+static inline void free_tfm_unit(tfm_cluster_t * tc)
-+{
-+ tfm_stream_id id;
-+ for (id = 0; id < LAST_STREAM; id++) {
-+ if (!tfm_stream(tc, id))
-+ continue;
-+ free_tfm_stream(tc, id);
-+ }
-+}
-+
-+static inline void put_tfm_cluster(tfm_cluster_t * tc)
-+{
-+ assert("edward-942", tc != NULL);
-+ free_coa_set(tc);
-+ free_tfm_unit(tc);
-+}
-+
-+static inline int tfm_cluster_is_uptodate(tfm_cluster_t * tc)
-+{
-+ assert("edward-943", tc != NULL);
-+ assert("edward-944", tc->uptodate == 0 || tc->uptodate == 1);
-+ return (tc->uptodate == 1);
-+}
-+
-+static inline void tfm_cluster_set_uptodate(tfm_cluster_t * tc)
-+{
-+ assert("edward-945", tc != NULL);
-+ assert("edward-946", tc->uptodate == 0 || tc->uptodate == 1);
-+ tc->uptodate = 1;
-+ return;
-+}
-+
-+static inline void tfm_cluster_clr_uptodate(tfm_cluster_t * tc)
-+{
-+ assert("edward-947", tc != NULL);
-+ assert("edward-948", tc->uptodate == 0 || tc->uptodate == 1);
-+ tc->uptodate = 0;
-+ return;
-+}
-+
-+static inline int tfm_stream_is_set(tfm_cluster_t * tc, tfm_stream_id id)
-+{
-+ return (tfm_stream(tc, id) &&
-+ tfm_stream_data(tc, id) && tfm_stream_size(tc, id));
-+}
-+
-+static inline int tfm_cluster_is_set(tfm_cluster_t * tc)
-+{
-+ int i;
-+ for (i = 0; i < LAST_STREAM; i++)
-+ if (!tfm_stream_is_set(tc, i))
-+ return 0;
-+ return 1;
-+}
-+
-+static inline void alternate_streams(tfm_cluster_t * tc)
-+{
-+ tfm_stream_t *tmp = tfm_stream(tc, INPUT_STREAM);
-+
-+ set_tfm_stream(tc, INPUT_STREAM, tfm_stream(tc, OUTPUT_STREAM));
-+ set_tfm_stream(tc, OUTPUT_STREAM, tmp);
-+}
-+
-+/* a kind of data that we can write to the window */
-+typedef enum {
-+ DATA_WINDOW, /* the data we copy form user space */
-+ HOLE_WINDOW /* zeroes if we write hole */
-+} window_stat;
-+
-+/* Sliding window of cluster size which should be set to the approprite position
-+ (defined by cluster index) in a file before page cluster modification by
-+ file_write. Then we translate file size, offset to write from, number of
-+ bytes to write, etc.. to the following configuration needed to estimate
-+ number of pages to read before write, etc...
-+*/
-+typedef struct reiser4_slide {
-+ unsigned off; /* offset we start to write/truncate from */
-+ unsigned count; /* number of bytes (zeroes) to write/truncate */
-+ unsigned delta; /* number of bytes to append to the hole */
-+ window_stat stat; /* a kind of data to write to the window */
-+} reiser4_slide_t;
-+
-+/* The following is a set of possible disk cluster states */
-+typedef enum {
-+ INVAL_DISK_CLUSTER, /* unknown state */
-+ PREP_DISK_CLUSTER, /* disk cluster got converted by flush
-+ at least 1 time */
-+ UNPR_DISK_CLUSTER, /* disk cluster just created and should be
-+ converted by flush */
-+ FAKE_DISK_CLUSTER /* disk cluster doesn't exist neither in memory
-+ nor on disk */
-+} disk_cluster_stat;
-+
-+/*
-+ While implementing all transforms (from page to disk cluster, and back)
-+ reiser4 cluster manager fills the following structure incapsulating pointers
-+ to all the clusters for the same index including the sliding window above
-+*/
-+typedef struct reiser4_cluster {
-+ tfm_cluster_t tc; /* transform cluster */
-+ int nr_pages; /* number of pages */
-+ struct page **pages; /* page cluster */
-+ page_cluster_op op; /* page cluster operation */
-+ struct file *file;
-+ hint_t *hint; /* disk cluster item for traversal */
-+ disk_cluster_stat dstat; /* state of the current disk cluster */
-+ cloff_t index; /* offset in the units of cluster size */
-+ reiser4_slide_t *win; /* sliding window of cluster size */
-+ int reserved; /* this indicates that space for disk
-+ cluster modification is reserved */
-+#if REISER4_DEBUG
-+ reiser4_context *ctx;
-+ int reserved_prepped;
-+ int reserved_unprepped;
-+#endif
-+
-+} reiser4_cluster_t;
-+
-+static inline __u8 * tfm_input_data (reiser4_cluster_t * clust)
-+{
-+ return tfm_stream_data(&clust->tc, INPUT_STREAM);
-+}
-+
-+static inline __u8 * tfm_output_data (reiser4_cluster_t * clust)
-+{
-+ return tfm_stream_data(&clust->tc, OUTPUT_STREAM);
-+}
-+
-+static inline int reset_cluster_pgset(reiser4_cluster_t * clust, int nrpages)
-+{
-+ assert("edward-1057", clust->pages != NULL);
-+ memset(clust->pages, 0, sizeof(*clust->pages) * nrpages);
-+ return 0;
-+}
-+
-+static inline int alloc_cluster_pgset(reiser4_cluster_t * clust, int nrpages)
-+{
-+ assert("edward-949", clust != NULL);
-+ assert("edward-1362", clust->pages == NULL);
-+ assert("edward-950", nrpages != 0 && nrpages <= MAX_CLUSTER_NRPAGES);
-+
-+ clust->pages =
-+ kmalloc(sizeof(*clust->pages) * nrpages, GFP_KERNEL);
-+ if (!clust->pages)
-+ return RETERR(-ENOMEM);
-+ reset_cluster_pgset(clust, nrpages);
-+ return 0;
-+}
-+
-+static inline void free_cluster_pgset(reiser4_cluster_t * clust)
-+{
-+ assert("edward-951", clust->pages != NULL);
-+ kfree(clust->pages);
-+ clust->pages = NULL;
-+}
-+
-+static inline void put_cluster_handle(reiser4_cluster_t * clust)
-+{
-+ assert("edward-435", clust != NULL);
-+
-+ put_tfm_cluster(&clust->tc);
-+ if (clust->pages)
-+ free_cluster_pgset(clust);
-+ memset(clust, 0, sizeof *clust);
-+}
-+
-+static inline void inc_keyload_count(crypto_stat_t * data)
-+{
-+ assert("edward-1410", data != NULL);
-+ data->keyload_count++;
-+}
-+
-+static inline void dec_keyload_count(crypto_stat_t * data)
-+{
-+ assert("edward-1411", data != NULL);
-+ assert("edward-1412", data->keyload_count > 0);
-+ data->keyload_count--;
-+}
-+
-+/* cryptcompress specific part of reiser4_inode */
-+typedef struct cryptcompress_info {
-+ struct rw_semaphore lock;
-+ crypto_stat_t *crypt;
-+ int compress_toggle; /* current status of compressibility
-+ is set by compression mode plugin */
-+#if REISER4_DEBUG
-+ int pgcount; /* number of captured pages */
-+#endif
-+} cryptcompress_info_t;
-+
-+
-+static inline void toggle_compression (cryptcompress_info_t * info, int val)
-+{
-+ info->compress_toggle = val;
-+}
-+
-+static inline int compression_is_on (cryptcompress_info_t * info)
-+{
-+ return info->compress_toggle;
-+}
-+
-+cryptcompress_info_t *cryptcompress_inode_data(const struct inode *);
-+int equal_to_rdk(znode *, const reiser4_key *);
-+int goto_right_neighbor(coord_t *, lock_handle *);
-+int load_file_hint(struct file *, hint_t *);
-+void save_file_hint(struct file *, const hint_t *);
-+void hint_init_zero(hint_t *);
-+int crc_inode_ok(struct inode *inode);
-+int jnode_of_cluster(const jnode * node, struct page * page);
-+extern int ctail_read_disk_cluster (reiser4_cluster_t *, struct inode *, int);
-+extern int do_readpage_ctail(struct inode *, reiser4_cluster_t *,
-+ struct page * page);
-+extern int ctail_insert_unprepped_cluster(reiser4_cluster_t * clust,
-+ struct inode * inode);
-+int bind_cryptcompress(struct inode *child, struct inode *parent);
-+void destroy_inode_cryptcompress(struct inode * inode);
-+crypto_stat_t * inode_crypto_stat (struct inode * inode);
-+void inherit_crypto_stat_common(struct inode * parent, struct inode * object,
-+ int (*can_inherit)(struct inode * child,
-+ struct inode * parent));
-+void attach_crypto_stat(struct inode * inode, crypto_stat_t * info);
-+void detach_crypto_stat(struct inode * inode);
-+void change_crypto_stat(struct inode * inode, crypto_stat_t * new);
-+crypto_stat_t * alloc_crypto_stat (struct inode * inode);
-+
-+
-+static inline reiser4_tfma_t *
-+info_get_tfma (crypto_stat_t * info, reiser4_tfm id)
-+{
-+ return &info->tfma[id];
-+}
-+
-+static inline struct crypto_tfm *
-+info_get_tfm (crypto_stat_t * info, reiser4_tfm id)
-+{
-+ return info_get_tfma(info, id)->tfm;
-+}
-+
-+static inline void
-+info_set_tfm (crypto_stat_t * info, reiser4_tfm id, struct crypto_tfm * tfm)
-+{
-+ info_get_tfma(info, id)->tfm = tfm;
-+}
-+
-+static inline struct crypto_tfm *
-+info_cipher_tfm (crypto_stat_t * info)
-+{
-+ return info_get_tfm(info, CIPHER_TFM);
-+}
-+
-+static inline struct crypto_tfm *
-+info_digest_tfm (crypto_stat_t * info)
-+{
-+ return info_get_tfm(info, DIGEST_TFM);
-+}
-+
-+static inline cipher_plugin *
-+info_cipher_plugin (crypto_stat_t * info)
-+{
-+ return &info_get_tfma(info, CIPHER_TFM)->plug->cipher;
-+}
-+
-+static inline digest_plugin *
-+info_digest_plugin (crypto_stat_t * info)
-+{
-+ return &info_get_tfma(info, DIGEST_TFM)->plug->digest;
-+}
-+
-+static inline void
-+info_set_plugin(crypto_stat_t * info, reiser4_tfm id, reiser4_plugin * plugin)
-+{
-+ info_get_tfma(info, id)->plug = plugin;
-+}
-+
-+static inline void
-+info_set_cipher_plugin(crypto_stat_t * info, cipher_plugin * cplug)
-+{
-+ info_set_plugin(info, CIPHER_TFM, cipher_plugin_to_plugin(cplug));
-+}
-+
-+static inline void
-+info_set_digest_plugin(crypto_stat_t * info, digest_plugin * plug)
-+{
-+ info_set_plugin(info, DIGEST_TFM, digest_plugin_to_plugin(plug));
-+}
-+
-+#endif /* __FS_REISER4_CRYPTCOMPRESS_H__ */
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/file/file.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/file/file.c
-@@ -0,0 +1,2712 @@
-+/* Copyright 2001, 2002, 2003, 2004 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/*
-+ * this file contains implementations of inode/file/address_space/file plugin
-+ * operations specific for "unix file plugin" (plugin id is
-+ * UNIX_FILE_PLUGIN_ID). "Unix file" is either built of tail items only
-+ * (FORMATTING_ID) or of extent items only (EXTENT_POINTER_ID) or empty (have
-+ * no items but stat data)
-+ */
-+
-+#include "../../inode.h"
-+#include "../../super.h"
-+#include "../../tree_walk.h"
-+#include "../../carry.h"
-+#include "../../page_cache.h"
-+#include "../../ioctl.h"
-+#include "../object.h"
-+#include "../../safe_link.h"
-+
-+#include <linux/writeback.h>
-+#include <linux/pagevec.h>
-+#include <linux/syscalls.h>
-+
-+
-+static int unpack(struct file *file, struct inode *inode, int forever);
-+
-+/* get unix file plugin specific portion of inode */
-+unix_file_info_t *unix_file_inode_data(const struct inode *inode)
-+{
-+ return &reiser4_inode_data(inode)->file_plugin_data.unix_file_info;
-+}
-+
-+/**
-+ * equal_to_rdk - compare key and znode's right delimiting key
-+ * @node: node whose right delimiting key to compare with @key
-+ * @key: key to compare with @node's right delimiting key
-+ *
-+ * Returns true if @key is equal to right delimiting key of @node.
-+ */
-+int equal_to_rdk(znode *node, const reiser4_key *key)
-+{
-+ int result;
-+
-+ read_lock_dk(znode_get_tree(node));
-+ result = keyeq(key, znode_get_rd_key(node));
-+ read_unlock_dk(znode_get_tree(node));
-+ return result;
-+}
-+
-+#if REISER4_DEBUG
-+
-+/**
-+ * equal_to_ldk - compare key and znode's left delimiting key
-+ * @node: node whose left delimiting key to compare with @key
-+ * @key: key to compare with @node's left delimiting key
-+ *
-+ * Returns true if @key is equal to left delimiting key of @node.
-+ */
-+int equal_to_ldk(znode *node, const reiser4_key *key)
-+{
-+ int result;
-+
-+ read_lock_dk(znode_get_tree(node));
-+ result = keyeq(key, znode_get_ld_key(node));
-+ read_unlock_dk(znode_get_tree(node));
-+ return result;
-+}
-+
-+/**
-+ * check_coord - check whether coord corresponds to key
-+ * @coord: coord to check
-+ * @key: key @coord has to correspond to
-+ *
-+ * Returns true if @coord is set as if it was set as result of lookup with @key
-+ * in coord->node.
-+ */
-+static int check_coord(const coord_t *coord, const reiser4_key *key)
-+{
-+ coord_t twin;
-+
-+ node_plugin_by_node(coord->node)->lookup(coord->node, key,
-+ FIND_MAX_NOT_MORE_THAN, &twin);
-+ return coords_equal(coord, &twin);
-+}
-+
-+#endif /* REISER4_DEBUG */
-+
-+/**
-+ * init_uf_coord - initialize extended coord
-+ * @uf_coord:
-+ * @lh:
-+ *
-+ *
-+ */
-+void init_uf_coord(uf_coord_t *uf_coord, lock_handle *lh)
-+{
-+ coord_init_zero(&uf_coord->coord);
-+ coord_clear_iplug(&uf_coord->coord);
-+ uf_coord->lh = lh;
-+ init_lh(lh);
-+ memset(&uf_coord->extension, 0, sizeof(uf_coord->extension));
-+ uf_coord->valid = 0;
-+}
-+
-+void validate_extended_coord(uf_coord_t *uf_coord, loff_t offset)
-+{
-+ assert("vs-1333", uf_coord->valid == 0);
-+
-+ if (coord_is_between_items(&uf_coord->coord))
-+ return;
-+
-+ assert("vs-1348",
-+ item_plugin_by_coord(&uf_coord->coord)->s.file.
-+ init_coord_extension);
-+
-+ item_body_by_coord(&uf_coord->coord);
-+ item_plugin_by_coord(&uf_coord->coord)->s.file.
-+ init_coord_extension(uf_coord, offset);
-+}
-+
-+/**
-+ * goto_right_neighbor - lock right neighbor, drop current node lock
-+ * @coord:
-+ * @lh:
-+ *
-+ * Obtain lock on right neighbor and drop lock on current node.
-+ */
-+int goto_right_neighbor(coord_t *coord, lock_handle *lh)
-+{
-+ int result;
-+ lock_handle lh_right;
-+
-+ assert("vs-1100", znode_is_locked(coord->node));
-+
-+ init_lh(&lh_right);
-+ result = reiser4_get_right_neighbor(&lh_right, coord->node,
-+ znode_is_wlocked(coord->node) ?
-+ ZNODE_WRITE_LOCK : ZNODE_READ_LOCK,
-+ GN_CAN_USE_UPPER_LEVELS);
-+ if (result) {
-+ done_lh(&lh_right);
-+ return result;
-+ }
-+
-+ /*
-+ * we hold two longterm locks on neighboring nodes. Unlock left of
-+ * them
-+ */
-+ done_lh(lh);
-+
-+ coord_init_first_unit_nocheck(coord, lh_right.node);
-+ move_lh(lh, &lh_right);
-+
-+ return 0;
-+
-+}
-+
-+/**
-+ * set_file_state
-+ * @uf_info:
-+ * @cbk_result:
-+ * @level:
-+ *
-+ * This is to be used by find_file_item and in find_file_state to
-+ * determine real state of file
-+ */
-+static void set_file_state(unix_file_info_t *uf_info, int cbk_result,
-+ tree_level level)
-+{
-+ if (cbk_errored(cbk_result))
-+ /* error happened in find_file_item */
-+ return;
-+
-+ assert("vs-1164", level == LEAF_LEVEL || level == TWIG_LEVEL);
-+
-+ if (uf_info->container == UF_CONTAINER_UNKNOWN) {
-+ /*
-+ * container is unknown, therefore conversion can not be in
-+ * progress
-+ */
-+ assert("", !inode_get_flag(unix_file_info_to_inode(uf_info),
-+ REISER4_PART_IN_CONV));
-+ if (cbk_result == CBK_COORD_NOTFOUND)
-+ uf_info->container = UF_CONTAINER_EMPTY;
-+ else if (level == LEAF_LEVEL)
-+ uf_info->container = UF_CONTAINER_TAILS;
-+ else
-+ uf_info->container = UF_CONTAINER_EXTENTS;
-+ } else {
-+ /*
-+ * file state is known, check whether it is set correctly if
-+ * file is not being tail converted
-+ */
-+ if (!inode_get_flag(unix_file_info_to_inode(uf_info),
-+ REISER4_PART_IN_CONV)) {
-+ assert("vs-1162",
-+ ergo(level == LEAF_LEVEL &&
-+ cbk_result == CBK_COORD_FOUND,
-+ uf_info->container == UF_CONTAINER_TAILS));
-+ assert("vs-1165",
-+ ergo(level == TWIG_LEVEL &&
-+ cbk_result == CBK_COORD_FOUND,
-+ uf_info->container == UF_CONTAINER_EXTENTS));
-+ }
-+ }
-+}
-+
-+int find_file_item_nohint(coord_t *coord, lock_handle *lh,
-+ const reiser4_key *key, znode_lock_mode lock_mode,
-+ struct inode *inode)
-+{
-+ return object_lookup(inode, key, coord, lh, lock_mode,
-+ FIND_MAX_NOT_MORE_THAN,
-+ TWIG_LEVEL, LEAF_LEVEL,
-+ (lock_mode == ZNODE_READ_LOCK) ? CBK_UNIQUE :
-+ (CBK_UNIQUE | CBK_FOR_INSERT),
-+ NULL /* ra_info */ );
-+}
-+
-+/**
-+ * find_file_item - look for file item in the tree
-+ * @hint: provides coordinate, lock handle, seal
-+ * @key: key for search
-+ * @mode: mode of lock to put on returned node
-+ * @ra_info:
-+ * @inode:
-+ *
-+ * This finds position in the tree corresponding to @key. It first tries to use
-+ * @hint's seal if it is set.
-+ */
-+int find_file_item(hint_t *hint, const reiser4_key *key,
-+ znode_lock_mode lock_mode,
-+ struct inode *inode)
-+{
-+ int result;
-+ coord_t *coord;
-+ lock_handle *lh;
-+
-+ assert("nikita-3030", schedulable());
-+ assert("vs-1707", hint != NULL);
-+ assert("vs-47", inode != NULL);
-+
-+ coord = &hint->ext_coord.coord;
-+ lh = hint->ext_coord.lh;
-+ init_lh(lh);
-+
-+ result = hint_validate(hint, key, 1 /* check key */, lock_mode);
-+ if (!result) {
-+ if (coord->between == AFTER_UNIT &&
-+ equal_to_rdk(coord->node, key)) {
-+ result = goto_right_neighbor(coord, lh);
-+ if (result == -E_NO_NEIGHBOR)
-+ return RETERR(-EIO);
-+ if (result)
-+ return result;
-+ assert("vs-1152", equal_to_ldk(coord->node, key));
-+ /*
-+ * we moved to different node. Invalidate coord
-+ * extension, zload is necessary to init it again
-+ */
-+ hint->ext_coord.valid = 0;
-+ }
-+
-+ set_file_state(unix_file_inode_data(inode), CBK_COORD_FOUND,
-+ znode_get_level(coord->node));
-+
-+ return CBK_COORD_FOUND;
-+ }
-+
-+ coord_init_zero(coord);
-+ result = find_file_item_nohint(coord, lh, key, lock_mode, inode);
-+ set_file_state(unix_file_inode_data(inode), result,
-+ znode_get_level(coord->node));
-+
-+ /* FIXME: we might already have coord extension initialized */
-+ hint->ext_coord.valid = 0;
-+ return result;
-+}
-+
-+/* plugin->u.file.write_flowom = NULL
-+ plugin->u.file.read_flow = NULL */
-+
-+void hint_init_zero(hint_t * hint)
-+{
-+ memset(hint, 0, sizeof(*hint));
-+ init_lh(&hint->lh);
-+ hint->ext_coord.lh = &hint->lh;
-+}
-+
-+static int find_file_state(struct inode *inode, unix_file_info_t *uf_info)
-+{
-+ int result;
-+ reiser4_key key;
-+ coord_t coord;
-+ lock_handle lh;
-+
-+ assert("vs-1628", ea_obtained(uf_info));
-+
-+ if (uf_info->container == UF_CONTAINER_UNKNOWN) {
-+ key_by_inode_and_offset_common(inode, 0, &key);
-+ init_lh(&lh);
-+ result = find_file_item_nohint(&coord, &lh, &key,
-+ ZNODE_READ_LOCK, inode);
-+ set_file_state(uf_info, result, znode_get_level(coord.node));
-+ done_lh(&lh);
-+ if (!cbk_errored(result))
-+ result = 0;
-+ } else
-+ result = 0;
-+ assert("vs-1074",
-+ ergo(result == 0, uf_info->container != UF_CONTAINER_UNKNOWN));
-+ txn_restart_current();
-+ return result;
-+}
-+
-+/* estimate and reserve space needed to truncate page which gets partially truncated: one block for page itself, stat
-+ data update (estimate_one_insert_into_item) and one item insertion (estimate_one_insert_into_item) which may happen
-+ if page corresponds to hole extent and unallocated one will have to be created */
-+static int reserve_partial_page(reiser4_tree * tree)
-+{
-+ grab_space_enable();
-+ return reiser4_grab_reserved(reiser4_get_current_sb(),
-+ 1 +
-+ 2 * estimate_one_insert_into_item(tree),
-+ BA_CAN_COMMIT);
-+}
-+
-+/* estimate and reserve space needed to cut one item and update one stat data */
-+static int reserve_cut_iteration(reiser4_tree * tree)
-+{
-+ __u64 estimate = estimate_one_item_removal(tree)
-+ + estimate_one_insert_into_item(tree);
-+
-+ assert("nikita-3172", lock_stack_isclean(get_current_lock_stack()));
-+
-+ grab_space_enable();
-+ /* We need to double our estimate now that we can delete more than one
-+ node. */
-+ return reiser4_grab_reserved(reiser4_get_current_sb(), estimate * 2,
-+ BA_CAN_COMMIT);
-+}
-+
-+int update_file_size(struct inode *inode, reiser4_key * key, int update_sd)
-+{
-+ int result = 0;
-+
-+ INODE_SET_FIELD(inode, i_size, get_key_offset(key));
-+ if (update_sd) {
-+ inode->i_ctime = inode->i_mtime = CURRENT_TIME;
-+ result = reiser4_update_sd(inode);
-+ }
-+ return result;
-+}
-+
-+/* cut file items one by one starting from the last one until new file size (inode->i_size) is reached. Reserve space
-+ and update file stat data on every single cut from the tree */
-+int
-+cut_file_items(struct inode *inode, loff_t new_size, int update_sd,
-+ loff_t cur_size, int (*update_actor) (struct inode *,
-+ reiser4_key *, int))
-+{
-+ reiser4_key from_key, to_key;
-+ reiser4_key smallest_removed;
-+ file_plugin *fplug = inode_file_plugin(inode);
-+ int result;
-+ int progress = 0;
-+
-+ assert("vs-1248",
-+ fplug == file_plugin_by_id(UNIX_FILE_PLUGIN_ID) ||
-+ fplug == file_plugin_by_id(CRC_FILE_PLUGIN_ID));
-+
-+ fplug->key_by_inode(inode, new_size, &from_key);
-+ to_key = from_key;
-+ set_key_offset(&to_key, cur_size - 1 /*get_key_offset(max_key()) */ );
-+ /* this loop normally runs just once */
-+ while (1) {
-+ result = reserve_cut_iteration(tree_by_inode(inode));
-+ if (result)
-+ break;
-+
-+ result = cut_tree_object(current_tree, &from_key, &to_key,
-+ &smallest_removed, inode, 1,
-+ &progress);
-+ if (result == -E_REPEAT) {
-+ /* -E_REPEAT is a signal to interrupt a long file truncation process */
-+ if (progress) {
-+ result =
-+ update_actor(inode, &smallest_removed,
-+ update_sd);
-+ if (result)
-+ break;
-+ }
-+
-+ /* the below does up(sbinfo->delete_sema). Do not get folled */
-+ reiser4_release_reserved(inode->i_sb);
-+
-+ /* cut_tree_object() was interrupted probably because
-+ * current atom requires commit, we have to release
-+ * transaction handle to allow atom commit. */
-+ txn_restart_current();
-+ continue;
-+ }
-+ if (result
-+ && !(result == CBK_COORD_NOTFOUND && new_size == 0
-+ && inode->i_size == 0))
-+ break;
-+
-+ set_key_offset(&smallest_removed, new_size);
-+ /* Final sd update after the file gets its correct size */
-+ result = update_actor(inode, &smallest_removed, update_sd);
-+ break;
-+ }
-+
-+ /* the below does up(sbinfo->delete_sema). Do not get folled */
-+ reiser4_release_reserved(inode->i_sb);
-+
-+ return result;
-+}
-+
-+int find_or_create_extent(struct page *page);
-+
-+static int filler(void *vp, struct page *page)
-+{
-+ return readpage_unix_file_nolock(vp, page);
-+}
-+
-+/* part of truncate_file_body: it is called when truncate is used to make file
-+ shorter */
-+static int shorten_file(struct inode *inode, loff_t new_size)
-+{
-+ int result;
-+ struct page *page;
-+ int padd_from;
-+ unsigned long index;
-+ char *kaddr;
-+ unix_file_info_t *uf_info;
-+
-+ /*
-+ * all items of ordinary reiser4 file are grouped together. That is why
-+ * we can use cut_tree. Plan B files (for instance) can not be
-+ * truncated that simply
-+ */
-+ result = cut_file_items(inode, new_size, 1 /*update_sd */ ,
-+ get_key_offset(max_key()), update_file_size);
-+ if (result)
-+ return result;
-+
-+ uf_info = unix_file_inode_data(inode);
-+ assert("vs-1105", new_size == inode->i_size);
-+ if (new_size == 0) {
-+ uf_info->container = UF_CONTAINER_EMPTY;
-+ return 0;
-+ }
-+
-+ result = find_file_state(inode, uf_info);
-+ if (result)
-+ return result;
-+ if (uf_info->container == UF_CONTAINER_TAILS)
-+ /*
-+ * No need to worry about zeroing last page after new file
-+ * end
-+ */
-+ return 0;
-+
-+ padd_from = inode->i_size & (PAGE_CACHE_SIZE - 1);
-+ if (!padd_from)
-+ /* file is truncated to page boundary */
-+ return 0;
-+
-+ result = reserve_partial_page(tree_by_inode(inode));
-+ if (result) {
-+ reiser4_release_reserved(inode->i_sb);
-+ return result;
-+ }
-+
-+ /* last page is partially truncated - zero its content */
-+ index = (inode->i_size >> PAGE_CACHE_SHIFT);
-+ page = read_cache_page(inode->i_mapping, index, filler, NULL);
-+ if (IS_ERR(page)) {
-+ /*
-+ * the below does up(sbinfo->delete_sema). Do not get
-+ * confused
-+ */
-+ reiser4_release_reserved(inode->i_sb);
-+ if (likely(PTR_ERR(page) == -EINVAL)) {
-+ /* looks like file is built of tail items */
-+ return 0;
-+ }
-+ return PTR_ERR(page);
-+ }
-+ wait_on_page_locked(page);
-+ if (!PageUptodate(page)) {
-+ page_cache_release(page);
-+ /*
-+ * the below does up(sbinfo->delete_sema). Do not get
-+ * confused
-+ */
-+ reiser4_release_reserved(inode->i_sb);
-+ return RETERR(-EIO);
-+ }
-+
-+ /*
-+ * if page correspons to hole extent unit - unallocated one will be
-+ * created here. This is not necessary
-+ */
-+ result = find_or_create_extent(page);
-+
-+ /*
-+ * FIXME: cut_file_items has already updated inode. Probably it would
-+ * be better to update it here when file is really truncated
-+ */
-+ if (result) {
-+ page_cache_release(page);
-+ /*
-+ * the below does up(sbinfo->delete_sema). Do not get
-+ * confused
-+ */
-+ reiser4_release_reserved(inode->i_sb);
-+ return result;
-+ }
-+
-+ lock_page(page);
-+ assert("vs-1066", PageLocked(page));
-+ kaddr = kmap_atomic(page, KM_USER0);
-+ memset(kaddr + padd_from, 0, PAGE_CACHE_SIZE - padd_from);
-+ flush_dcache_page(page);
-+ kunmap_atomic(kaddr, KM_USER0);
-+ unlock_page(page);
-+ page_cache_release(page);
-+ /* the below does up(sbinfo->delete_sema). Do not get confused */
-+ reiser4_release_reserved(inode->i_sb);
-+ return 0;
-+}
-+
-+/**
-+ * should_have_notail
-+ * @uf_info:
-+ * @new_size:
-+ *
-+ * Calls formatting plugin to see whether file of size @new_size has to be
-+ * stored in unformatted nodes or in tail items. 0 is returned for later case.
-+ */
-+static int should_have_notail(const unix_file_info_t *uf_info, loff_t new_size)
-+{
-+ if (!uf_info->tplug)
-+ return 1;
-+ return !uf_info->tplug->have_tail(unix_file_info_to_inode(uf_info),
-+ new_size);
-+
-+}
-+
-+/**
-+ * truncate_file_body - change length of file
-+ * @inode: inode of file
-+ * @new_size: new file length
-+ *
-+ * Adjusts items file @inode is built of to match @new_size. It may either cut
-+ * items or add them to represent a hole at the end of file. The caller has to
-+ * obtain exclusive access to the file.
-+ */
-+static int truncate_file_body(struct inode *inode, loff_t new_size)
-+{
-+ int result;
-+
-+ if (inode->i_size < new_size) {
-+ /* expanding truncate */
-+ struct dentry dentry;
-+ struct file file;
-+ unix_file_info_t *uf_info;
-+
-+ dentry.d_inode = inode;
-+ file.f_dentry = &dentry;
-+ file.private_data = NULL;
-+ file.f_pos = new_size;
-+ file.private_data = NULL;
-+ uf_info = unix_file_inode_data(inode);
-+ result = find_file_state(inode, uf_info);
-+ if (result)
-+ return result;
-+
-+ if (should_have_notail(uf_info, new_size)) {
-+ /*
-+ * file of size @new_size has to be built of
-+ * extents. If it is built of tails - convert to
-+ * extents
-+ */
-+ if (uf_info->container == UF_CONTAINER_TAILS) {
-+ /*
-+ * if file is being convered by another process
-+ * - wait until it completes
-+ */
-+ while (1) {
-+ if (inode_get_flag(inode, REISER4_PART_IN_CONV)) {
-+ drop_exclusive_access(uf_info);
-+ schedule();
-+ get_exclusive_access(uf_info);
-+ continue;
-+ }
-+ break;
-+ }
-+
-+ if (uf_info->container == UF_CONTAINER_TAILS) {
-+ result = tail2extent(uf_info);
-+ if (result)
-+ return result;
-+ }
-+ }
-+ result = write_extent(&file, NULL, 0, &new_size);
-+ if (result)
-+ return result;
-+ uf_info->container = UF_CONTAINER_EXTENTS;
-+ } else {
-+ if (uf_info->container == UF_CONTAINER_EXTENTS) {
-+ result = write_extent(&file, NULL, 0, &new_size);
-+ if (result)
-+ return result;
-+ } else {
-+ result = write_tail(&file, NULL, 0, &new_size);
-+ if (result)
-+ return result;
-+ uf_info->container = UF_CONTAINER_TAILS;
-+ }
-+ }
-+ BUG_ON(result > 0);
-+ INODE_SET_FIELD(inode, i_size, new_size);
-+ file_update_time(&file);
-+ result = reiser4_update_sd(inode);
-+ BUG_ON(result != 0);
-+ reiser4_free_file_fsdata(&file);
-+ } else
-+ result = shorten_file(inode, new_size);
-+ return result;
-+}
-+
-+/* plugin->u.write_sd_by_inode = write_sd_by_inode_common */
-+
-+/**
-+ * load_file_hint - copy hint from struct file to local variable
-+ * @file: file to get hint from
-+ * @hint: structure to fill
-+ *
-+ * Reiser4 specific portion of struct file may contain information (hint)
-+ * stored on exiting from previous read or write. That information includes
-+ * seal of znode and coord within that znode where previous read or write
-+ * stopped. This function copies that information to @hint if it was stored or
-+ * initializes @hint by 0s otherwise.
-+ */
-+int load_file_hint(struct file *file, hint_t *hint)
-+{
-+ reiser4_file_fsdata *fsdata;
-+
-+ if (file) {
-+ fsdata = reiser4_get_file_fsdata(file);
-+ if (IS_ERR(fsdata))
-+ return PTR_ERR(fsdata);
-+
-+ spin_lock_inode(file->f_dentry->d_inode);
-+ if (seal_is_set(&fsdata->reg.hint.seal)) {
-+ *hint = fsdata->reg.hint;
-+ init_lh(&hint->lh);
-+ hint->ext_coord.lh = &hint->lh;
-+ spin_unlock_inode(file->f_dentry->d_inode);
-+ /*
-+ * force re-validation of the coord on the first
-+ * iteration of the read/write loop.
-+ */
-+ hint->ext_coord.valid = 0;
-+ assert("nikita-19892", coords_equal(&hint->seal.coord1,
-+ &hint->ext_coord.
-+ coord));
-+ return 0;
-+ }
-+ memset(&fsdata->reg.hint, 0, sizeof(hint_t));
-+ spin_unlock_inode(file->f_dentry->d_inode);
-+ }
-+ hint_init_zero(hint);
-+ return 0;
-+}
-+
-+/**
-+ * save_file_hint - copy hint to reiser4 private struct file's part
-+ * @file: file to save hint in
-+ * @hint: hint to save
-+ *
-+ * This copies @hint to reiser4 private part of struct file. It can help
-+ * speedup future accesses to the file.
-+ */
-+void save_file_hint(struct file *file, const hint_t *hint)
-+{
-+ reiser4_file_fsdata *fsdata;
-+
-+ assert("edward-1337", hint != NULL);
-+
-+ if (!file || !seal_is_set(&hint->seal))
-+ return;
-+ fsdata = reiser4_get_file_fsdata(file);
-+ assert("vs-965", !IS_ERR(fsdata));
-+ assert("nikita-19891",
-+ coords_equal(&hint->seal.coord1, &hint->ext_coord.coord));
-+ assert("vs-30", hint->lh.owner == NULL);
-+ spin_lock_inode(file->f_dentry->d_inode);
-+ fsdata->reg.hint = *hint;
-+ spin_unlock_inode(file->f_dentry->d_inode);
-+ return;
-+}
-+
-+void unset_hint(hint_t * hint)
-+{
-+ assert("vs-1315", hint);
-+ hint->ext_coord.valid = 0;
-+ seal_done(&hint->seal);
-+ done_lh(&hint->lh);
-+}
-+
-+/* coord must be set properly. So, that set_hint has nothing to do */
-+void set_hint(hint_t * hint, const reiser4_key * key, znode_lock_mode mode)
-+{
-+ ON_DEBUG(coord_t * coord = &hint->ext_coord.coord);
-+ assert("vs-1207", WITH_DATA(coord->node, check_coord(coord, key)));
-+
-+ seal_init(&hint->seal, &hint->ext_coord.coord, key);
-+ hint->offset = get_key_offset(key);
-+ hint->mode = mode;
-+ done_lh(&hint->lh);
-+}
-+
-+int hint_is_set(const hint_t * hint)
-+{
-+ return seal_is_set(&hint->seal);
-+}
-+
-+#if REISER4_DEBUG
-+static int all_but_offset_key_eq(const reiser4_key * k1, const reiser4_key * k2)
-+{
-+ return (get_key_locality(k1) == get_key_locality(k2) &&
-+ get_key_type(k1) == get_key_type(k2) &&
-+ get_key_band(k1) == get_key_band(k2) &&
-+ get_key_ordering(k1) == get_key_ordering(k2) &&
-+ get_key_objectid(k1) == get_key_objectid(k2));
-+}
-+#endif
-+
-+int
-+hint_validate(hint_t * hint, const reiser4_key * key, int check_key,
-+ znode_lock_mode lock_mode)
-+{
-+ if (!hint || !hint_is_set(hint) || hint->mode != lock_mode)
-+ /* hint either not set or set by different operation */
-+ return RETERR(-E_REPEAT);
-+
-+ assert("vs-1277", all_but_offset_key_eq(key, &hint->seal.key));
-+
-+ if (check_key && get_key_offset(key) != hint->offset)
-+ /* hint is set for different key */
-+ return RETERR(-E_REPEAT);
-+
-+ assert("vs-31", hint->ext_coord.lh == &hint->lh);
-+ return seal_validate(&hint->seal, &hint->ext_coord.coord, key,
-+ hint->ext_coord.lh, lock_mode, ZNODE_LOCK_LOPRI);
-+}
-+
-+int xversion;
-+
-+/**
-+ * find_or_create_extent -
-+ * @page:
-+ *
-+ *
-+ */
-+/* look for place at twig level for extent corresponding to page, call extent's writepage method to create
-+ unallocated extent if it does not exist yet, initialize jnode, capture page */
-+int find_or_create_extent(struct page *page)
-+{
-+ int result;
-+ struct inode *inode;
-+ int plugged_hole;
-+
-+ jnode *node;
-+
-+ assert("vs-1065", page->mapping && page->mapping->host);
-+ inode = page->mapping->host;
-+
-+ lock_page(page);
-+ node = jnode_of_page(page);
-+ unlock_page(page);
-+ if (IS_ERR(node))
-+ return PTR_ERR(node);
-+
-+ if (node->blocknr == 0) {
-+ plugged_hole = 0;
-+ result = update_extent(inode, node,
-+ (loff_t)page->index << PAGE_CACHE_SHIFT,
-+ &plugged_hole);
-+ if (result) {
-+ jput(node);
-+ warning("", "update_extent failed: %d", result);
-+ return result;
-+ }
-+ if (plugged_hole)
-+ reiser4_update_sd(inode);
-+ } else {
-+ spin_lock_jnode(node);
-+ result = try_capture(node, ZNODE_WRITE_LOCK, 0);
-+ BUG_ON(result != 0);
-+ jnode_make_dirty_locked(node);
-+ spin_unlock_jnode(node);
-+ }
-+
-+ BUG_ON(node->atom == NULL);
-+ jput(node);
-+
-+ if (get_current_context()->entd) {
-+ entd_context *ent = get_entd_context(node->tree->super);
-+
-+ if (ent->cur_request->page == page)
-+ ent->cur_request->node = node;
-+ }
-+ return 0;
-+}
-+
-+/**
-+ * has_anonymous_pages - check whether inode has pages dirtied via mmap
-+ * @inode: inode to check
-+ *
-+ * Returns true if inode's mapping has dirty pages which do not belong to any
-+ * atom. Those are either tagged PAGECACHE_TAG_REISER4_MOVED in mapping's page
-+ * tree or were eflushed and can be found via jnodes tagged
-+ * EFLUSH_TAG_ANONYMOUS in radix tree of jnodes.
-+ */
-+static int has_anonymous_pages(struct inode *inode)
-+{
-+ int result;
-+
-+ read_lock_irq(&inode->i_mapping->tree_lock);
-+ result = radix_tree_tagged(&inode->i_mapping->page_tree, PAGECACHE_TAG_REISER4_MOVED);
-+ read_unlock_irq(&inode->i_mapping->tree_lock);
-+ return result;
-+}
-+
-+/**
-+ * capture_page_and_create_extent -
-+ * @page: page to be captured
-+ *
-+ * Grabs space for extent creation and stat data update and calls function to
-+ * do actual work.
-+ */
-+static int capture_page_and_create_extent(struct page *page)
-+{
-+ int result;
-+ struct inode *inode;
-+
-+ assert("vs-1084", page->mapping && page->mapping->host);
-+ inode = page->mapping->host;
-+ assert("vs-1139",
-+ unix_file_inode_data(inode)->container == UF_CONTAINER_EXTENTS);
-+ /* page belongs to file */
-+ assert("vs-1393",
-+ inode->i_size > ((loff_t) page->index << PAGE_CACHE_SHIFT));
-+
-+ /* page capture may require extent creation (if it does not exist yet)
-+ and stat data's update (number of blocks changes on extent
-+ creation) */
-+ grab_space_enable();
-+ result =
-+ reiser4_grab_space(2 *
-+ estimate_one_insert_into_item(tree_by_inode
-+ (inode)),
-+ BA_CAN_COMMIT);
-+ if (likely(!result))
-+ result = find_or_create_extent(page);
-+
-+ if (result != 0)
-+ SetPageError(page);
-+ return result;
-+}
-+
-+/* this is implementation of method commit_write of struct
-+ address_space_operations for unix file plugin */
-+int
-+commit_write_unix_file(struct file *file, struct page *page,
-+ unsigned from, unsigned to)
-+{
-+ reiser4_context *ctx;
-+ struct inode *inode;
-+ int result;
-+
-+ assert("umka-3101", file != NULL);
-+ assert("umka-3102", page != NULL);
-+ assert("umka-3093", PageLocked(page));
-+
-+ SetPageUptodate(page);
-+
-+ inode = page->mapping->host;
-+ ctx = init_context(page->mapping->host->i_sb);
-+ if (IS_ERR(ctx))
-+ return PTR_ERR(ctx);
-+ page_cache_get(page);
-+ unlock_page(page);
-+ result = capture_page_and_create_extent(page);
-+ lock_page(page);
-+ page_cache_release(page);
-+
-+ /* don't commit transaction under inode semaphore */
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+ return result;
-+}
-+
-+/*
-+ * Support for "anonymous" pages and jnodes.
-+ *
-+ * When file is write-accessed through mmap pages can be dirtied from the user
-+ * level. In this case kernel is not notified until one of following happens:
-+ *
-+ * (1) msync()
-+ *
-+ * (2) truncate() (either explicit or through unlink)
-+ *
-+ * (3) VM scanner starts reclaiming mapped pages, dirtying them before
-+ * starting write-back.
-+ *
-+ * As a result of (3) ->writepage may be called on a dirty page without
-+ * jnode. Such page is called "anonymous" in reiser4. Certain work-loads
-+ * (iozone) generate huge number of anonymous pages. Emergency flush handles
-+ * this situation by creating jnode for anonymous page, starting IO on the
-+ * page, and marking jnode with JNODE_KEEPME bit so that it's not thrown out of
-+ * memory. Such jnode is also called anonymous.
-+ *
-+ * reiser4_sync_sb() method tries to insert anonymous pages and jnodes into
-+ * tree. This is done by capture_anonymous_*() functions below.
-+ */
-+
-+/**
-+ * capture_anonymous_page - involve page into transaction
-+ * @pg: page to deal with
-+ *
-+ * Takes care that @page has corresponding metadata in the tree, creates jnode
-+ * for @page and captures it. On success 1 is returned.
-+ */
-+static int capture_anonymous_page(struct page *page)
-+{
-+ int result;
-+
-+ if (PageWriteback(page))
-+ /* FIXME: do nothing? */
-+ return 0;
-+
-+ result = capture_page_and_create_extent(page);
-+ if (result == 0) {
-+ result = 1;
-+ } else
-+ warning("nikita-3329",
-+ "Cannot capture anon page: %i", result);
-+
-+ return result;
-+}
-+
-+/**
-+ * capture_anonymous_pages - find and capture pages dirtied via mmap
-+ * @mapping: address space where to look for pages
-+ * @index: start index
-+ * @to_capture: maximum number of pages to capture
-+ *
-+ * Looks for pages tagged REISER4_MOVED starting from the *@index-th page,
-+ * captures (involves into atom) them, returns number of captured pages,
-+ * updates @index to next page after the last captured one.
-+ */
-+static int
-+capture_anonymous_pages(struct address_space *mapping, pgoff_t *index,
-+ unsigned int to_capture)
-+{
-+ int result;
-+ struct pagevec pvec;
-+ unsigned int i, count;
-+ int nr;
-+
-+ pagevec_init(&pvec, 0);
-+ count = min(pagevec_space(&pvec), to_capture);
-+ nr = 0;
-+
-+ /* find pages tagged MOVED */
-+ write_lock_irq(&mapping->tree_lock);
-+ pvec.nr = radix_tree_gang_lookup_tag(&mapping->page_tree,
-+ (void **)pvec.pages, *index, count,
-+ PAGECACHE_TAG_REISER4_MOVED);
-+ if (pagevec_count(&pvec) == 0) {
-+ /*
-+ * there are no pages tagged MOVED in mapping->page_tree
-+ * starting from *index
-+ */
-+ write_unlock_irq(&mapping->tree_lock);
-+ *index = (pgoff_t)-1;
-+ return 0;
-+ }
-+
-+ /* clear MOVED tag for all found pages */
-+ for (i = 0; i < pagevec_count(&pvec); i++) {
-+ void *p;
-+
-+ page_cache_get(pvec.pages[i]);
-+ p = radix_tree_tag_clear(&mapping->page_tree, pvec.pages[i]->index,
-+ PAGECACHE_TAG_REISER4_MOVED);
-+ assert("vs-49", p == pvec.pages[i]);
-+ }
-+ write_unlock_irq(&mapping->tree_lock);
-+
-+
-+ *index = pvec.pages[i - 1]->index + 1;
-+
-+ for (i = 0; i < pagevec_count(&pvec); i++) {
-+ /*
-+ * tag PAGECACHE_TAG_REISER4_MOVED will be cleared by
-+ * set_page_dirty_internal which is called when jnode is
-+ * captured
-+ */
-+ result = capture_anonymous_page(pvec.pages[i]);
-+ if (result == 1)
-+ nr++;
-+ else {
-+ if (result < 0) {
-+ warning("vs-1454",
-+ "failed to capture page: "
-+ "result=%d, captured=%d)\n",
-+ result, i);
-+
-+ /*
-+ * set MOVED tag to all pages which left not
-+ * captured
-+ */
-+ write_lock_irq(&mapping->tree_lock);
-+ for (; i < pagevec_count(&pvec); i ++) {
-+ radix_tree_tag_set(&mapping->page_tree,
-+ pvec.pages[i]->index,
-+ PAGECACHE_TAG_REISER4_MOVED);
-+ }
-+ write_unlock_irq(&mapping->tree_lock);
-+
-+ pagevec_release(&pvec);
-+ return result;
-+ } else {
-+ /*
-+ * result == 0. capture_anonymous_page returns
-+ * 0 for Writeback-ed page. Set MOVED tag on
-+ * that page
-+ */
-+ write_lock_irq(&mapping->tree_lock);
-+ radix_tree_tag_set(&mapping->page_tree,
-+ pvec.pages[i]->index,
-+ PAGECACHE_TAG_REISER4_MOVED);
-+ write_unlock_irq(&mapping->tree_lock);
-+ if (i == 0)
-+ *index = pvec.pages[0]->index;
-+ else
-+ *index = pvec.pages[i - 1]->index + 1;
-+ }
-+ }
-+ }
-+ pagevec_release(&pvec);
-+ return nr;
-+}
-+
-+/**
-+ * capture_anonymous_jnodes - find and capture anonymous jnodes
-+ * @mapping: address space where to look for jnodes
-+ * @from: start index
-+ * @to: end index
-+ * @to_capture: maximum number of jnodes to capture
-+ *
-+ * Looks for jnodes tagged EFLUSH_TAG_ANONYMOUS in inode's tree of jnodes in
-+ * the range of indexes @from-@to and captures them, returns number of captured
-+ * jnodes, updates @from to next jnode after the last captured one.
-+ */
-+static int
-+capture_anonymous_jnodes(struct address_space *mapping,
-+ pgoff_t *from, pgoff_t to, int to_capture)
-+{
-+ *from = to;
-+ return 0;
-+}
-+
-+/*
-+ * Commit atom of the jnode of a page.
-+ */
-+static int sync_page(struct page *page)
-+{
-+ int result;
-+ do {
-+ jnode *node;
-+ txn_atom *atom;
-+
-+ lock_page(page);
-+ node = jprivate(page);
-+ if (node != NULL) {
-+ spin_lock_jnode(node);
-+ atom = jnode_get_atom(node);
-+ spin_unlock_jnode(node);
-+ } else
-+ atom = NULL;
-+ unlock_page(page);
-+ result = sync_atom(atom);
-+ } while (result == -E_REPEAT);
-+ /*
-+ * ZAM-FIXME-HANS: document the logic of this loop, is it just to
-+ * handle the case where more pages get added to the atom while we are
-+ * syncing it?
-+ */
-+ assert("nikita-3485", ergo(result == 0,
-+ get_current_context()->trans->atom == NULL));
-+ return result;
-+}
-+
-+/*
-+ * Commit atoms of pages on @pages list.
-+ * call sync_page for each page from mapping's page tree
-+ */
-+static int sync_page_list(struct inode *inode)
-+{
-+ int result;
-+ struct address_space *mapping;
-+ unsigned long from; /* start index for radix_tree_gang_lookup */
-+ unsigned int found; /* return value for radix_tree_gang_lookup */
-+
-+ mapping = inode->i_mapping;
-+ from = 0;
-+ result = 0;
-+ read_lock_irq(&mapping->tree_lock);
-+ while (result == 0) {
-+ struct page *page;
-+
-+ found =
-+ radix_tree_gang_lookup(&mapping->page_tree, (void **)&page,
-+ from, 1);
-+ assert("", found < 2);
-+ if (found == 0)
-+ break;
-+
-+ /* page may not leave radix tree because it is protected from truncating by inode->i_mutex locked by
-+ sys_fsync */
-+ page_cache_get(page);
-+ read_unlock_irq(&mapping->tree_lock);
-+
-+ from = page->index + 1;
-+
-+ result = sync_page(page);
-+
-+ page_cache_release(page);
-+ read_lock_irq(&mapping->tree_lock);
-+ }
-+
-+ read_unlock_irq(&mapping->tree_lock);
-+ return result;
-+}
-+
-+static int commit_file_atoms(struct inode *inode)
-+{
-+ int result;
-+ unix_file_info_t *uf_info;
-+
-+ uf_info = unix_file_inode_data(inode);
-+
-+ get_exclusive_access(uf_info);
-+ /*
-+ * find what items file is made from
-+ */
-+ result = find_file_state(inode, uf_info);
-+ drop_exclusive_access(uf_info);
-+ if (result != 0)
-+ return result;
-+
-+ /*
-+ * file state cannot change because we are under ->i_mutex
-+ */
-+ switch (uf_info->container) {
-+ case UF_CONTAINER_EXTENTS:
-+ /* find_file_state might open join an atom */
-+ txn_restart_current();
-+ result =
-+ /*
-+ * when we are called by
-+ * filemap_fdatawrite->
-+ * do_writepages()->
-+ * reiser4_writepages()
-+ *
-+ * inode->i_mapping->dirty_pages are spices into
-+ * ->io_pages, leaving ->dirty_pages dirty.
-+ *
-+ * When we are called from
-+ * reiser4_fsync()->sync_unix_file(), we have to
-+ * commit atoms of all pages on the ->dirty_list.
-+ *
-+ * So for simplicity we just commit ->io_pages and
-+ * ->dirty_pages.
-+ */
-+ sync_page_list(inode);
-+ break;
-+ case UF_CONTAINER_TAILS:
-+ /*
-+ * NOTE-NIKITA probably we can be smarter for tails. For now
-+ * just commit all existing atoms.
-+ */
-+ result = txnmgr_force_commit_all(inode->i_sb, 0);
-+ break;
-+ case UF_CONTAINER_EMPTY:
-+ result = 0;
-+ break;
-+ case UF_CONTAINER_UNKNOWN:
-+ default:
-+ result = -EIO;
-+ break;
-+ }
-+
-+ /*
-+ * commit current transaction: there can be captured nodes from
-+ * find_file_state() and finish_conversion().
-+ */
-+ txn_restart_current();
-+ return result;
-+}
-+
-+/**
-+ * writepages_unix_file - writepages of struct address_space_operations
-+ * @mapping:
-+ * @wbc:
-+ *
-+ * This captures anonymous pages and anonymous jnodes. Anonymous pages are
-+ * pages which are dirtied via mmapping. Anonymous jnodes are ones which were
-+ * created by reiser4_writepage.
-+ */
-+int writepages_unix_file(struct address_space *mapping,
-+ struct writeback_control *wbc)
-+{
-+ int result;
-+ unix_file_info_t *uf_info;
-+ pgoff_t pindex, jindex, nr_pages;
-+ long to_capture;
-+ struct inode *inode;
-+
-+ inode = mapping->host;
-+ if (!has_anonymous_pages(inode)) {
-+ result = 0;
-+ goto end;
-+ }
-+ jindex = pindex = wbc->start >> PAGE_CACHE_SHIFT;
-+ result = 0;
-+ nr_pages =
-+ (i_size_read(inode) + PAGE_CACHE_SIZE - 1) >> PAGE_CACHE_SHIFT;
-+ uf_info = unix_file_inode_data(inode);
-+
-+ do {
-+ reiser4_context *ctx;
-+
-+ if (wbc->sync_mode != WB_SYNC_ALL)
-+ to_capture = min(wbc->nr_to_write, CAPTURE_APAGE_BURST);
-+ else
-+ to_capture = CAPTURE_APAGE_BURST;
-+
-+ ctx = init_context(inode->i_sb);
-+ if (IS_ERR(ctx)) {
-+ result = PTR_ERR(ctx);
-+ break;
-+ }
-+ /* avoid recursive calls to ->sync_inodes */
-+ ctx->nobalance = 1;
-+ assert("zam-760", lock_stack_isclean(get_current_lock_stack()));
-+ assert("", LOCK_CNT_NIL(inode_sem_w));
-+ assert("", LOCK_CNT_NIL(inode_sem_r));
-+
-+ txn_restart_current();
-+
-+ /* we have to get nonexclusive access to the file */
-+ if (get_current_context()->entd) {
-+ /*
-+ * use nonblocking version of nonexclusive_access to
-+ * avoid deadlock which might look like the following:
-+ * process P1 holds NEA on file F1 and called entd to
-+ * reclaim some memory. Entd works for P1 and is going
-+ * to capture pages of file F2. To do that entd has to
-+ * get NEA to F2. F2 is held by process P2 which also
-+ * called entd. But entd is serving P1 at the moment
-+ * and P2 has to wait. Process P3 trying to get EA to
-+ * file F2. Existence of pending EA request to file F2
-+ * makes impossible for entd to get NEA to file
-+ * F2. Neither of these process can continue. Using
-+ * nonblocking version of gettign NEA is supposed to
-+ * avoid this deadlock.
-+ */
-+ if (try_to_get_nonexclusive_access(uf_info) == 0) {
-+ result = RETERR(-EBUSY);
-+ reiser4_exit_context(ctx);
-+ break;
-+ }
-+ } else
-+ get_nonexclusive_access(uf_info);
-+
-+ while (to_capture > 0) {
-+ pgoff_t start;
-+
-+ assert("vs-1727", jindex <= pindex);
-+ if (pindex == jindex) {
-+ start = pindex;
-+ result =
-+ capture_anonymous_pages(inode->i_mapping,
-+ &pindex,
-+ to_capture);
-+ if (result <= 0)
-+ break;
-+ to_capture -= result;
-+ wbc->nr_to_write -= result;
-+ if (start + result == pindex) {
-+ jindex = pindex;
-+ continue;
-+ }
-+ if (to_capture <= 0)
-+ break;
-+ }
-+ /* deal with anonymous jnodes between jindex and pindex */
-+ result =
-+ capture_anonymous_jnodes(inode->i_mapping, &jindex,
-+ pindex, to_capture);
-+ if (result < 0)
-+ break;
-+ to_capture -= result;
-+ get_current_context()->nr_captured += result;
-+
-+ if (jindex == (pgoff_t) - 1) {
-+ assert("vs-1728", pindex == (pgoff_t) - 1);
-+ break;
-+ }
-+ }
-+ if (to_capture <= 0)
-+ /* there may be left more pages */
-+ __mark_inode_dirty(inode, I_DIRTY_PAGES);
-+
-+ drop_nonexclusive_access(uf_info);
-+ if (result < 0) {
-+ /* error happened */
-+ reiser4_exit_context(ctx);
-+ return result;
-+ }
-+ if (wbc->sync_mode != WB_SYNC_ALL) {
-+ reiser4_exit_context(ctx);
-+ return 0;
-+ }
-+ result = commit_file_atoms(inode);
-+ reiser4_exit_context(ctx);
-+ if (pindex >= nr_pages && jindex == pindex)
-+ break;
-+ } while (1);
-+
-+ end:
-+ if (is_in_reiser4_context()) {
-+ if (get_current_context()->nr_captured >= CAPTURE_APAGE_BURST) {
-+ /*
-+ * there are already pages to flush, flush them out, do
-+ * not delay until end of reiser4_sync_inodes
-+ */
-+ writeout(inode->i_sb, wbc);
-+ get_current_context()->nr_captured = 0;
-+ }
-+ }
-+ return result;
-+}
-+
-+/*
-+ * ->sync() method for unix file.
-+ *
-+ * We are trying to be smart here. Instead of committing all atoms (original
-+ * solution), we scan dirty pages of this file and commit all atoms they are
-+ * part of.
-+ *
-+ * Situation is complicated by anonymous pages: i.e., extent-less pages
-+ * dirtied through mmap. Fortunately sys_fsync() first calls
-+ * filemap_fdatawrite() that will ultimately call reiser4_writepages(), insert
-+ * all missing extents and capture anonymous pages.
-+ */
-+int sync_unix_file(struct file *file, struct dentry *dentry, int datasync)
-+{
-+ reiser4_context *ctx;
-+ txn_atom *atom;
-+ reiser4_block_nr reserve;
-+
-+ ctx = init_context(dentry->d_inode->i_sb);
-+ if (IS_ERR(ctx))
-+ return PTR_ERR(ctx);
-+
-+ reserve = estimate_update_common(dentry->d_inode);
-+ if (reiser4_grab_space(reserve, BA_CAN_COMMIT)) {
-+ reiser4_exit_context(ctx);
-+ return RETERR(-ENOSPC);
-+ }
-+ write_sd_by_inode_common(dentry->d_inode);
-+
-+ atom = get_current_atom_locked();
-+ spin_lock_txnh(ctx->trans);
-+ force_commit_atom(ctx->trans);
-+ reiser4_exit_context(ctx);
-+ return 0;
-+}
-+
-+/**
-+ * readpage_unix_file_nolock - readpage of struct address_space_operations
-+ * @file:
-+ * @page:
-+ *
-+ * Compose a key and search for item containing information about @page
-+ * data. If item is found - its readpage method is called.
-+ */
-+int readpage_unix_file_nolock(struct file *file, struct page *page)
-+{
-+ reiser4_context *ctx;
-+ int result;
-+ struct inode *inode;
-+ reiser4_key key;
-+ item_plugin *iplug;
-+ hint_t *hint;
-+ lock_handle *lh;
-+ coord_t *coord;
-+
-+ assert("vs-1062", PageLocked(page));
-+ assert("vs-976", !PageUptodate(page));
-+ assert("vs-1061", page->mapping && page->mapping->host);
-+
-+ if ((page->mapping->host->i_size <=
-+ ((loff_t) page->index << PAGE_CACHE_SHIFT))) {
-+ /* page is out of file already */
-+ unlock_page(page);
-+ return -EINVAL;
-+ }
-+
-+ inode = page->mapping->host;
-+ ctx = init_context(inode->i_sb);
-+ if (IS_ERR(ctx)) {
-+ unlock_page(page);
-+ return PTR_ERR(ctx);
-+ }
-+
-+ hint = kmalloc(sizeof(*hint), get_gfp_mask());
-+ if (hint == NULL) {
-+ unlock_page(page);
-+ reiser4_exit_context(ctx);
-+ return RETERR(-ENOMEM);
-+ }
-+
-+ result = load_file_hint(file, hint);
-+ if (result) {
-+ kfree(hint);
-+ unlock_page(page);
-+ reiser4_exit_context(ctx);
-+ return result;
-+ }
-+ lh = &hint->lh;
-+
-+ /* get key of first byte of the page */
-+ key_by_inode_and_offset_common(inode,
-+ (loff_t) page->index << PAGE_CACHE_SHIFT,
-+ &key);
-+
-+ /* look for file metadata corresponding to first byte of page */
-+ page_cache_get(page);
-+ unlock_page(page);
-+ result = find_file_item(hint, &key, ZNODE_READ_LOCK, inode);
-+ lock_page(page);
-+ page_cache_release(page);
-+
-+ if (page->mapping == NULL) {
-+ /*
-+ * readpage allows truncate to run concurrently. Page was
-+ * truncated while it was not locked
-+ */
-+ done_lh(lh);
-+ kfree(hint);
-+ unlock_page(page);
-+ txn_restart(ctx);
-+ reiser4_exit_context(ctx);
-+ return -EINVAL;
-+ }
-+
-+ if (result != CBK_COORD_FOUND || hint->ext_coord.coord.between != AT_UNIT) {
-+ if (result == CBK_COORD_FOUND &&
-+ hint->ext_coord.coord.between != AT_UNIT)
-+ /* file is truncated */
-+ result = -EINVAL;
-+ done_lh(lh);
-+ kfree(hint);
-+ unlock_page(page);
-+ txn_restart(ctx);
-+ reiser4_exit_context(ctx);
-+ return result;
-+ }
-+
-+ /*
-+ * item corresponding to page is found. It can not be removed because
-+ * znode lock is held
-+ */
-+ if (PageUptodate(page)) {
-+ done_lh(lh);
-+ kfree(hint);
-+ unlock_page(page);
-+ txn_restart(ctx);
-+ reiser4_exit_context(ctx);
-+ return 0;
-+ }
-+
-+ coord = &hint->ext_coord.coord;
-+ result = zload(coord->node);
-+ if (result) {
-+ done_lh(lh);
-+ kfree(hint);
-+ unlock_page(page);
-+ txn_restart(ctx);
-+ reiser4_exit_context(ctx);
-+ return result;
-+ }
-+
-+ validate_extended_coord(&hint->ext_coord,
-+ (loff_t) page->index << PAGE_CACHE_SHIFT);
-+
-+ if (!coord_is_existing_unit(coord)) {
-+ /* this indicates corruption */
-+ warning("vs-280",
-+ "Looking for page %lu of file %llu (size %lli). "
-+ "No file items found (%d). File is corrupted?\n",
-+ page->index, (unsigned long long)get_inode_oid(inode),
-+ inode->i_size, result);
-+ zrelse(coord->node);
-+ done_lh(lh);
-+ kfree(hint);
-+ unlock_page(page);
-+ txn_restart(ctx);
-+ reiser4_exit_context(ctx);
-+ return RETERR(-EIO);
-+ }
-+
-+ /*
-+ * get plugin of found item or use plugin if extent if there are no
-+ * one
-+ */
-+ iplug = item_plugin_by_coord(coord);
-+ if (iplug->s.file.readpage)
-+ result = iplug->s.file.readpage(coord, page);
-+ else
-+ result = RETERR(-EINVAL);
-+
-+ if (!result) {
-+ set_key_offset(&key,
-+ (loff_t) (page->index + 1) << PAGE_CACHE_SHIFT);
-+ /* FIXME should call set_hint() */
-+ unset_hint(hint);
-+ } else {
-+ unlock_page(page);
-+ unset_hint(hint);
-+ }
-+ assert("vs-979",
-+ ergo(result == 0, (PageLocked(page) || PageUptodate(page))));
-+ assert("vs-9791", ergo(result != 0, !PageLocked(page)));
-+
-+ zrelse(coord->node);
-+ done_lh(lh);
-+
-+ save_file_hint(file, hint);
-+ kfree(hint);
-+
-+ /*
-+ * FIXME: explain why it is needed. HINT: page allocation in write can
-+ * not be done when atom is not NULL because reiser4_writepage can not
-+ * kick entd and have to eflush
-+ */
-+ txn_restart(ctx);
-+ reiser4_exit_context(ctx);
-+ return result;
-+}
-+
-+/**
-+ * readpage_unix_file - readpage of struct address_space_operations
-+ * @file: file @page belongs to
-+ * @page: page to read
-+ *
-+ * Get non exclusive access to a file to avoid races with truncate. If page is
-+ * out of file - return error. Call readpage_unix_file_nolock to do the rest.
-+ */
-+int readpage_unix_file(struct file *file, struct page *page)
-+{
-+ return readpage_unix_file_nolock(file, page);
-+}
-+
-+static reiser4_block_nr unix_file_estimate_read(struct inode *inode,
-+ loff_t count UNUSED_ARG)
-+{
-+ /* We should reserve one block, because of updating of the stat data
-+ item */
-+ assert("vs-1249",
-+ inode_file_plugin(inode)->estimate.update ==
-+ estimate_update_common);
-+ return estimate_update_common(inode);
-+}
-+
-+/* this is called with nonexclusive access obtained, file's container can not change */
-+static size_t read_file(hint_t * hint, struct file *file, /* file to read from to */
-+ char __user *buf, /* address of user-space buffer */
-+ size_t count, /* number of bytes to read */
-+ loff_t * off)
-+{
-+ int result;
-+ struct inode *inode;
-+ flow_t flow;
-+ int (*read_f) (struct file *, flow_t *, hint_t *);
-+ coord_t *coord;
-+ znode *loaded;
-+
-+ inode = file->f_dentry->d_inode;
-+
-+ /* build flow */
-+ assert("vs-1250",
-+ inode_file_plugin(inode)->flow_by_inode ==
-+ flow_by_inode_unix_file);
-+ result =
-+ flow_by_inode_unix_file(inode, buf, 1 /* user space */ , count,
-+ *off, READ_OP, &flow);
-+ if (unlikely(result))
-+ return result;
-+
-+ /* get seal and coord sealed with it from reiser4 private data
-+ of struct file. The coord will tell us where our last read
-+ of this file finished, and the seal will help to determine
-+ if that location is still valid.
-+ */
-+ coord = &hint->ext_coord.coord;
-+ while (flow.length && result == 0) {
-+ result =
-+ find_file_item(hint, &flow.key, ZNODE_READ_LOCK, inode);
-+ if (cbk_errored(result))
-+ /* error happened */
-+ break;
-+
-+ if (coord->between != AT_UNIT) {
-+ /* there were no items corresponding to given offset */
-+ done_lh(hint->ext_coord.lh);
-+ break;
-+ }
-+
-+ loaded = coord->node;
-+ result = zload(loaded);
-+ if (unlikely(result)) {
-+ done_lh(hint->ext_coord.lh);
-+ break;
-+ }
-+
-+ if (hint->ext_coord.valid == 0)
-+ validate_extended_coord(&hint->ext_coord,
-+ get_key_offset(&flow.key));
-+
-+ assert("vs-4", hint->ext_coord.valid == 1);
-+ assert("vs-33", hint->ext_coord.lh == &hint->lh);
-+ /* call item's read method */
-+ read_f = item_plugin_by_coord(coord)->s.file.read;
-+ result = read_f(file, &flow, hint);
-+ zrelse(loaded);
-+ done_lh(hint->ext_coord.lh);
-+ }
-+
-+ return (count - flow.length) ? (count - flow.length) : result;
-+}
-+
-+/**
-+ * read_unix_file - read of struct file_operations
-+ * @file: file to read from
-+ * @buf: address of user-space buffer
-+ * @read_amount: number of bytes to read
-+ * @off: position in file to read from
-+ *
-+ * This is implementation of vfs's read method of struct file_operations for
-+ * unix file plugin.
-+ */
-+ssize_t read_unix_file(struct file *file, char __user *buf, size_t read_amount,
-+ loff_t *off)
-+{
-+ reiser4_context *ctx;
-+ int result;
-+ struct inode *inode;
-+ hint_t *hint;
-+ unix_file_info_t *uf_info;
-+ size_t count, read, left;
-+ reiser4_block_nr needed;
-+ loff_t size;
-+
-+ if (unlikely(read_amount == 0))
-+ return 0;
-+
-+ assert("umka-072", file != NULL);
-+ assert("umka-074", off != NULL);
-+ inode = file->f_dentry->d_inode;
-+ assert("vs-972", !inode_get_flag(inode, REISER4_NO_SD));
-+
-+ ctx = init_context(inode->i_sb);
-+ if (IS_ERR(ctx))
-+ return PTR_ERR(ctx);
-+
-+ hint = kmalloc(sizeof(*hint), get_gfp_mask());
-+ if (hint == NULL) {
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+ return RETERR(-ENOMEM);
-+ }
-+
-+ result = load_file_hint(file, hint);
-+ if (result) {
-+ kfree(hint);
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+ return result;
-+ }
-+
-+ left = read_amount;
-+ count = 0;
-+ uf_info = unix_file_inode_data(inode);
-+ while (left > 0) {
-+ txn_restart_current();
-+
-+ get_nonexclusive_access(uf_info);
-+
-+ size = i_size_read(inode);
-+ if (*off >= size) {
-+ /* position to read from is past the end of file */
-+ drop_nonexclusive_access(uf_info);
-+ break;
-+ }
-+ if (*off + left > size)
-+ left = size - *off;
-+
-+ /* faultin user page */
-+ if(fault_in_pages_writeable(buf, left > PAGE_CACHE_SIZE ? PAGE_CACHE_SIZE : left)) {
-+ drop_nonexclusive_access(uf_info);
-+ result = RETERR(-EFAULT);
-+ break;
-+ }
-+
-+ read = read_file(hint, file, buf,
-+ left > PAGE_CACHE_SIZE ? PAGE_CACHE_SIZE : left,
-+ off);
-+
-+ drop_nonexclusive_access(uf_info);
-+
-+ if (read < 0) {
-+ result = read;
-+ break;
-+ }
-+ left -= read;
-+ buf += read;
-+
-+ /* update position in a file */
-+ *off += read;
-+ /* total number of read bytes */
-+ count += read;
-+ }
-+ save_file_hint(file, hint);
-+ done_lh(&hint->lh);
-+ kfree(hint);
-+
-+ if (count) {
-+ /*
-+ * something was read. Grab space for stat data update and
-+ * update atime
-+ */
-+ needed = unix_file_estimate_read(inode, read_amount);
-+ result = reiser4_grab_space_force(needed, BA_CAN_COMMIT);
-+ if (result == 0)
-+ file_accessed(file);
-+ else
-+ warning("", "failed to grab space for atime update");
-+ }
-+
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+
-+ /* return number of read bytes or error code if nothing is read */
-+ return count ? count : result;
-+}
-+
-+/* This function takes care about @file's pages. First of all it checks if
-+ filesystems readonly and if so gets out. Otherwise, it throws out all
-+ pages of file if it was mapped for read and going to be mapped for write
-+ and consists of tails. This is done in order to not manage few copies
-+ of the data (first in page cache and second one in tails them selves)
-+ for the case of mapping files consisting tails.
-+
-+ Here also tail2extent conversion is performed if it is allowed and file
-+ is going to be written or mapped for write. This functions may be called
-+ from write_unix_file() or mmap_unix_file(). */
-+static int check_pages_unix_file(struct file *file, struct inode *inode)
-+{
-+ reiser4_invalidate_pages(inode->i_mapping, 0,
-+ (inode->i_size + PAGE_CACHE_SIZE -
-+ 1) >> PAGE_CACHE_SHIFT, 0);
-+ return unpack(file, inode, 0 /* not forever */ );
-+}
-+
-+/**
-+ * mmap_unix_file - mmap of struct file_operations
-+ * @file: file to mmap
-+ * @vma:
-+ *
-+ * This is implementation of vfs's mmap method of struct file_operations for
-+ * unix file plugin. It converts file to extent if necessary. Sets
-+ * reiser4_inode's flag - REISER4_HAS_MMAP.
-+ */
-+int mmap_unix_file(struct file *file, struct vm_area_struct *vma)
-+{
-+ reiser4_context *ctx;
-+ int result;
-+ struct inode *inode;
-+ unix_file_info_t *uf_info;
-+ reiser4_block_nr needed;
-+
-+ inode = file->f_dentry->d_inode;
-+ ctx = init_context(inode->i_sb);
-+ if (IS_ERR(ctx))
-+ return PTR_ERR(ctx);
-+
-+ uf_info = unix_file_inode_data(inode);
-+
-+ down(&uf_info->write);
-+ get_exclusive_access(uf_info);
-+
-+ if (!IS_RDONLY(inode) && (vma->vm_flags & (VM_MAYWRITE | VM_SHARED))) {
-+ /*
-+ * we need file built of extent items. If it is still built of
-+ * tail items we have to convert it. Find what items the file
-+ * is built of
-+ */
-+ result = find_file_state(inode, uf_info);
-+ if (result != 0) {
-+ drop_exclusive_access(uf_info);
-+ up(&uf_info->write);
-+ reiser4_exit_context(ctx);
-+ return result;
-+ }
-+
-+ assert("vs-1648", (uf_info->container == UF_CONTAINER_TAILS ||
-+ uf_info->container == UF_CONTAINER_EXTENTS ||
-+ uf_info->container == UF_CONTAINER_EMPTY));
-+ if (uf_info->container == UF_CONTAINER_TAILS) {
-+ /*
-+ * invalidate all pages and convert file from tails to
-+ * extents
-+ */
-+ result = check_pages_unix_file(file, inode);
-+ if (result) {
-+ drop_exclusive_access(uf_info);
-+ up(&uf_info->write);
-+ reiser4_exit_context(ctx);
-+ return result;
-+ }
-+ }
-+ }
-+
-+ /*
-+ * generic_file_mmap will do update_atime. Grab space for stat data
-+ * update.
-+ */
-+ needed = inode_file_plugin(inode)->estimate.update(inode);
-+ result = reiser4_grab_space_force(needed, BA_CAN_COMMIT);
-+ if (result) {
-+ drop_exclusive_access(uf_info);
-+ up(&uf_info->write);
-+ reiser4_exit_context(ctx);
-+ return result;
-+ }
-+
-+ result = generic_file_mmap(file, vma);
-+ if (result == 0) {
-+ /* mark file as having mapping. */
-+ inode_set_flag(inode, REISER4_HAS_MMAP);
-+ }
-+
-+ drop_exclusive_access(uf_info);
-+ up(&uf_info->write);
-+ reiser4_exit_context(ctx);
-+ return result;
-+}
-+
-+/**
-+ * find_first_item
-+ * @inode:
-+ *
-+ * Finds file item which is responsible for first byte in the file.
-+ */
-+static int find_first_item(struct inode *inode)
-+{
-+ coord_t coord;
-+ lock_handle lh;
-+ reiser4_key key;
-+ int result;
-+
-+ coord_init_zero(&coord);
-+ init_lh(&lh);
-+ inode_file_plugin(inode)->key_by_inode(inode, 0, &key);
-+ result = find_file_item_nohint(&coord, &lh, &key, ZNODE_READ_LOCK,
-+ inode);
-+ if (result == CBK_COORD_FOUND) {
-+ if (coord.between == AT_UNIT) {
-+ result = zload(coord.node);
-+ if (result == 0) {
-+ result = item_id_by_coord(&coord);
-+ zrelse(coord.node);
-+ if (result != EXTENT_POINTER_ID &&
-+ result != FORMATTING_ID)
-+ result = RETERR(-EIO);
-+ }
-+ } else
-+ result = RETERR(-EIO);
-+ }
-+ done_lh(&lh);
-+ return result;
-+}
-+
-+/**
-+ * open_unix_file
-+ * @inode:
-+ * @file:
-+ *
-+ * If filesystem is not readonly - complete uncompleted tail conversion if
-+ * there was one
-+ */
-+int open_unix_file(struct inode *inode, struct file *file)
-+{
-+ int result;
-+ reiser4_context *ctx;
-+ unix_file_info_t *uf_info;
-+
-+ if (IS_RDONLY(inode))
-+ return 0;
-+
-+ if (!inode_get_flag(inode, REISER4_PART_MIXED))
-+ return 0;
-+
-+ ctx = init_context(inode->i_sb);
-+ if (IS_ERR(ctx))
-+ return PTR_ERR(ctx);
-+
-+ uf_info = unix_file_inode_data(inode);
-+ get_exclusive_access(uf_info);
-+
-+ /*
-+ * it may happen that another process is doing tail conversion. Wait
-+ * until it completes
-+ */
-+ while (1) {
-+ if (inode_get_flag(inode, REISER4_PART_IN_CONV)) {
-+ drop_exclusive_access(uf_info);
-+ schedule();
-+ get_exclusive_access(uf_info);
-+ continue;
-+ }
-+ break;
-+ }
-+
-+ if (!inode_get_flag(inode, REISER4_PART_MIXED)) {
-+ /*
-+ * other process completed the conversion
-+ */
-+ drop_exclusive_access(uf_info);
-+ reiser4_exit_context(ctx);
-+ return 0;
-+ }
-+
-+ /*
-+ * file left in semi converted state after unclean shutdown or another
-+ * thread is doing conversion and dropped exclusive access which doing
-+ * balance dirty pages. Complete the conversion
-+ */
-+ result = find_first_item(inode);
-+ if (result == EXTENT_POINTER_ID)
-+ /*
-+ * first item is extent, therefore there was incomplete
-+ * tail2extent conversion. Complete it
-+ */
-+ result = tail2extent(unix_file_inode_data(inode));
-+ else if (result == FORMATTING_ID)
-+ /*
-+ * first item is formatting item, therefore there was
-+ * incomplete extent2tail conversion. Complete it
-+ */
-+ result = extent2tail(unix_file_inode_data(inode));
-+ else
-+ result = -EIO;
-+
-+ assert("vs-1712",
-+ ergo(result == 0, (!inode_get_flag(inode, REISER4_PART_MIXED) &&
-+ !inode_get_flag(inode, REISER4_PART_IN_CONV))));
-+ drop_exclusive_access(uf_info);
-+ reiser4_exit_context(ctx);
-+ return result;
-+}
-+
-+#define NEITHER_OBTAINED 0
-+#define EA_OBTAINED 1
-+#define NEA_OBTAINED 2
-+
-+static void drop_access(unix_file_info_t *uf_info)
-+{
-+ if (uf_info->exclusive_use)
-+ drop_exclusive_access(uf_info);
-+ else
-+ drop_nonexclusive_access(uf_info);
-+}
-+
-+#define debug_wuf(format, ...) printk("%s: %d: %s: " format "\n", \
-+ __FILE__, __LINE__, __FUNCTION__, ## __VA_ARGS__)
-+
-+void balance_dirty_pages(struct address_space *mapping);
-+
-+/**
-+ * write_unix_file - write of struct file_operations
-+ * @file: file to write to
-+ * @buf: address of user-space buffer
-+ * @write_amount: number of bytes to write
-+ * @off: position in file to write to
-+ *
-+ * This is implementation of vfs's write method of struct file_operations for
-+ * unix file plugin.
-+ */
-+ssize_t write_unix_file(struct file *file, const char __user *buf,
-+ size_t count, loff_t *pos)
-+{
-+ int result;
-+ reiser4_context *ctx;
-+ struct inode *inode;
-+ unix_file_info_t *uf_info;
-+ ssize_t written;
-+ int try_free_space;
-+ int to_write = PAGE_CACHE_SIZE * WRITE_GRANULARITY;
-+ size_t left;
-+ ssize_t (*write_op)(struct file *, const char __user *, size_t,
-+ loff_t *pos);
-+ int ea;
-+ loff_t new_size;
-+
-+ inode = file->f_dentry->d_inode;
-+ ctx = init_context(inode->i_sb);
-+ if (IS_ERR(ctx))
-+ return PTR_ERR(ctx);
-+
-+ mutex_lock(&inode->i_mutex);
-+
-+ assert("vs-947", !inode_get_flag(inode, REISER4_NO_SD));
-+ assert("vs-9471", (!inode_get_flag(inode, REISER4_PART_MIXED)));
-+
-+ /* check amount of bytes to write and writing position */
-+ result = generic_write_checks(file, pos, &count, 0);
-+ if (result) {
-+ mutex_unlock(&inode->i_mutex);
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+ return result;
-+ }
-+
-+ result = remove_suid(file->f_dentry);
-+ if (result) {
-+ mutex_unlock(&inode->i_mutex);
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+ return result;
-+ }
-+
-+ uf_info = unix_file_inode_data(inode);
-+
-+ current->backing_dev_info = inode->i_mapping->backing_dev_info;
-+ written = 0;
-+ try_free_space = 0;
-+ left = count;
-+ ea = NEITHER_OBTAINED;
-+
-+ new_size = i_size_read(inode);
-+ if (*pos + count > new_size)
-+ new_size = *pos + count;
-+
-+ while (left) {
-+ if (left < to_write)
-+ to_write = left;
-+
-+ if (uf_info->container == UF_CONTAINER_EMPTY) {
-+ get_exclusive_access(uf_info);
-+ ea = EA_OBTAINED;
-+ if (uf_info->container != UF_CONTAINER_EMPTY) {
-+ /* file is made not empty by another process */
-+ drop_exclusive_access(uf_info);
-+ ea = NEITHER_OBTAINED;
-+ continue;
-+ }
-+ } else if (uf_info->container == UF_CONTAINER_UNKNOWN) {
-+ /*
-+ * get exclusive access directly just to not have to
-+ * re-obtain it if file will appear empty
-+ */
-+ get_exclusive_access(uf_info);
-+ ea = EA_OBTAINED;
-+ result = find_file_state(inode, uf_info);
-+ if (result) {
-+ drop_exclusive_access(uf_info);
-+ ea = NEITHER_OBTAINED;
-+ break;
-+ }
-+ } else {
-+ get_nonexclusive_access(uf_info);
-+ ea = NEA_OBTAINED;
-+ }
-+
-+ /* either EA or NEA is obtained. Choose item write method */
-+ if (uf_info->container == UF_CONTAINER_EXTENTS) {
-+ /* file is built of extent items */
-+ write_op = write_extent;
-+ } else if (uf_info->container == UF_CONTAINER_EMPTY) {
-+ /* file is empty */
-+ if (should_have_notail(uf_info, new_size))
-+ write_op = write_extent;
-+ else
-+ write_op = write_tail;
-+ } else {
-+ /* file is built of tail items */
-+ if (should_have_notail(uf_info, new_size)) {
-+ if (ea == NEA_OBTAINED) {
-+ drop_nonexclusive_access(uf_info);
-+ get_exclusive_access(uf_info);
-+ ea = EA_OBTAINED;
-+ }
-+ if (uf_info->container == UF_CONTAINER_TAILS) {
-+ /*
-+ * if file is being convered by another
-+ * process - wait until it completes
-+ */
-+ while (1) {
-+ if (inode_get_flag(inode, REISER4_PART_IN_CONV)) {
-+ drop_exclusive_access(uf_info);
-+ schedule();
-+ get_exclusive_access(uf_info);
-+ continue;
-+ }
-+ break;
-+ }
-+ if (uf_info->container == UF_CONTAINER_TAILS) {
-+ result = tail2extent(uf_info);
-+ if (result)
-+ break;
-+ }
-+ }
-+ drop_exclusive_access(uf_info);
-+ ea = NEITHER_OBTAINED;
-+ continue;
-+ }
-+ write_op = write_tail;
-+ }
-+
-+ written = write_op(file, buf, to_write, pos);
-+ if (written == -ENOSPC && try_free_space) {
-+ drop_access(uf_info);
-+ txnmgr_force_commit_all(inode->i_sb, 0);
-+ try_free_space = 0;
-+ continue;
-+ }
-+ if (written < 0) {
-+ drop_access(uf_info);
-+ result = written;
-+ break;
-+ }
-+ /* something is written. */
-+ if (uf_info->container == UF_CONTAINER_EMPTY) {
-+ assert("", ea == EA_OBTAINED);
-+ uf_info->container = (write_op == write_extent) ?
-+ UF_CONTAINER_EXTENTS : UF_CONTAINER_TAILS;
-+ } else {
-+ assert("", ergo(uf_info->container == UF_CONTAINER_EXTENTS,
-+ write_op == write_extent));
-+ assert("", ergo(uf_info->container == UF_CONTAINER_TAILS,
-+ write_op == write_tail));
-+ }
-+ if (*pos + written > inode->i_size)
-+ INODE_SET_FIELD(inode, i_size, *pos + written);
-+ file_update_time(file);
-+ result = reiser4_update_sd(inode);
-+ if (result) {
-+ mutex_unlock(&inode->i_mutex);
-+ current->backing_dev_info = NULL;
-+ drop_access(uf_info);
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+ return result;
-+ }
-+ drop_access(uf_info);
-+ ea = NEITHER_OBTAINED;
-+ txn_restart(ctx);
-+ current->journal_info = NULL;
-+ /*
-+ * tell VM how many pages were dirtied. Maybe number of pages
-+ * which were dirty already should not be counted
-+ */
-+ balance_dirty_pages(inode->i_mapping);
-+ current->journal_info = ctx;
-+
-+ left -= written;
-+ buf += written;
-+ *pos += written;
-+ }
-+
-+ mutex_unlock(&inode->i_mutex);
-+
-+ if (result == 0 && ((file->f_flags & O_SYNC) || IS_SYNC(inode))) {
-+ txn_restart_current();
-+ grab_space_enable();
-+ result = sync_unix_file(file, file->f_dentry,
-+ 0 /* data and stat data */ );
-+ if (result)
-+ warning("reiser4-7", "failed to sync file %llu",
-+ (unsigned long long)get_inode_oid(inode));
-+ }
-+
-+ current->backing_dev_info = NULL;
-+
-+ reiser4_exit_context(ctx);
-+
-+ /*
-+ * return number of written bytes or error code if nothing is
-+ * written. Note, that it does not work correctly in case when
-+ * sync_unix_file returns error
-+ */
-+ return (count - left) ? (count - left) : result;
-+}
-+
-+/**
-+ * release_unix_file - release of struct file_operations
-+ * @inode: inode of released file
-+ * @file: file to release
-+ *
-+ * Implementation of release method of struct file_operations for unix file
-+ * plugin. If last reference to indode is released - convert all extent items
-+ * into tail items if necessary. Frees reiser4 specific file data.
-+ */
-+int release_unix_file(struct inode *inode, struct file *file)
-+{
-+ reiser4_context *ctx;
-+ unix_file_info_t *uf_info;
-+ int result;
-+ int in_reiser4;
-+
-+ in_reiser4 = is_in_reiser4_context();
-+
-+ ctx = init_context(inode->i_sb);
-+ if (IS_ERR(ctx))
-+ return PTR_ERR(ctx);
-+
-+ result = 0;
-+ if (in_reiser4 == 0) {
-+ uf_info = unix_file_inode_data(inode);
-+
-+ down(&uf_info->write);
-+ get_exclusive_access(uf_info);
-+ if (atomic_read(&file->f_dentry->d_count) == 1 &&
-+ uf_info->container == UF_CONTAINER_EXTENTS &&
-+ !should_have_notail(uf_info, inode->i_size) &&
-+ !rofs_inode(inode)) {
-+ result = extent2tail(uf_info);
-+ if (result != 0) {
-+ warning("nikita-3233",
-+ "Failed (%d) to convert in %s (%llu)",
-+ result, __FUNCTION__,
-+ (unsigned long long)
-+ get_inode_oid(inode));
-+ }
-+ }
-+ drop_exclusive_access(uf_info);
-+ up(&uf_info->write);
-+ } else {
-+ /*
-+ we are within reiser4 context already. How latter is
-+ possible? Simple:
-+
-+ (gdb) bt
-+ #0 get_exclusive_access ()
-+ #2 0xc01e56d3 in release_unix_file ()
-+ #3 0xc01c3643 in reiser4_release ()
-+ #4 0xc014cae0 in __fput ()
-+ #5 0xc013ffc3 in remove_vm_struct ()
-+ #6 0xc0141786 in exit_mmap ()
-+ #7 0xc0118480 in mmput ()
-+ #8 0xc0133205 in oom_kill ()
-+ #9 0xc01332d1 in out_of_memory ()
-+ #10 0xc013bc1d in try_to_free_pages ()
-+ #11 0xc013427b in __alloc_pages ()
-+ #12 0xc013f058 in do_anonymous_page ()
-+ #13 0xc013f19d in do_no_page ()
-+ #14 0xc013f60e in handle_mm_fault ()
-+ #15 0xc01131e5 in do_page_fault ()
-+ #16 0xc0104935 in error_code ()
-+ #17 0xc025c0c6 in __copy_to_user_ll ()
-+ #18 0xc01d496f in read_tail ()
-+ #19 0xc01e4def in read_unix_file ()
-+ #20 0xc01c3504 in reiser4_read ()
-+ #21 0xc014bd4f in vfs_read ()
-+ #22 0xc014bf66 in sys_read ()
-+ */
-+ warning("vs-44", "out of memory?");
-+ }
-+
-+ reiser4_free_file_fsdata(file);
-+
-+ reiser4_exit_context(ctx);
-+ return result;
-+}
-+
-+static void set_file_notail(struct inode *inode)
-+{
-+ reiser4_inode *state;
-+ formatting_plugin *tplug;
-+
-+ state = reiser4_inode_data(inode);
-+ tplug = formatting_plugin_by_id(NEVER_TAILS_FORMATTING_ID);
-+ plugin_set_formatting(&state->pset, tplug);
-+ inode_set_plugin(inode,
-+ formatting_plugin_to_plugin(tplug), PSET_FORMATTING);
-+}
-+
-+/* if file is built of tails - convert it to extents */
-+static int unpack(struct file *filp, struct inode *inode, int forever)
-+{
-+ int result = 0;
-+ unix_file_info_t *uf_info;
-+
-+ uf_info = unix_file_inode_data(inode);
-+ assert("vs-1628", ea_obtained(uf_info));
-+
-+ result = find_file_state(inode, uf_info);
-+ if (result)
-+ return result;
-+ assert("vs-1074", uf_info->container != UF_CONTAINER_UNKNOWN);
-+
-+ if (uf_info->container == UF_CONTAINER_TAILS) {
-+ /*
-+ * if file is being convered by another process - wait until it
-+ * completes
-+ */
-+ while (1) {
-+ if (inode_get_flag(inode, REISER4_PART_IN_CONV)) {
-+ drop_exclusive_access(uf_info);
-+ schedule();
-+ get_exclusive_access(uf_info);
-+ continue;
-+ }
-+ break;
-+ }
-+ if (uf_info->container == UF_CONTAINER_TAILS) {
-+ result = tail2extent(uf_info);
-+ if (result)
-+ return result;
-+ }
-+ }
-+ if (forever) {
-+ /* safe new formatting plugin in stat data */
-+ __u64 tograb;
-+
-+ set_file_notail(inode);
-+
-+ grab_space_enable();
-+ tograb = inode_file_plugin(inode)->estimate.update(inode);
-+ result = reiser4_grab_space(tograb, BA_CAN_COMMIT);
-+ result = reiser4_update_sd(inode);
-+ }
-+
-+ return result;
-+}
-+
-+/* implentation of vfs' ioctl method of struct file_operations for unix file
-+ plugin
-+*/
-+int
-+ioctl_unix_file(struct inode *inode, struct file *filp,
-+ unsigned int cmd, unsigned long arg UNUSED_ARG)
-+{
-+ reiser4_context *ctx;
-+ int result;
-+
-+ ctx = init_context(inode->i_sb);
-+ if (IS_ERR(ctx))
-+ return PTR_ERR(ctx);
-+
-+ switch (cmd) {
-+ case REISER4_IOC_UNPACK:
-+ get_exclusive_access(unix_file_inode_data(inode));
-+ result = unpack(filp, inode, 1 /* forever */ );
-+ drop_exclusive_access(unix_file_inode_data(inode));
-+ break;
-+
-+ default:
-+ result = RETERR(-ENOSYS);
-+ break;
-+ }
-+ reiser4_exit_context(ctx);
-+ return result;
-+}
-+
-+/* implentation of vfs' bmap method of struct address_space_operations for unix
-+ file plugin
-+*/
-+sector_t bmap_unix_file(struct address_space * mapping, sector_t lblock)
-+{
-+ reiser4_context *ctx;
-+ sector_t result;
-+ reiser4_key key;
-+ coord_t coord;
-+ lock_handle lh;
-+ struct inode *inode;
-+ item_plugin *iplug;
-+ sector_t block;
-+
-+ inode = mapping->host;
-+
-+ ctx = init_context(inode->i_sb);
-+ if (IS_ERR(ctx))
-+ return PTR_ERR(ctx);
-+ key_by_inode_and_offset_common(inode,
-+ (loff_t) lblock * current_blocksize,
-+ &key);
-+
-+ init_lh(&lh);
-+ result =
-+ find_file_item_nohint(&coord, &lh, &key, ZNODE_READ_LOCK, inode);
-+ if (cbk_errored(result)) {
-+ done_lh(&lh);
-+ reiser4_exit_context(ctx);
-+ return result;
-+ }
-+
-+ result = zload(coord.node);
-+ if (result) {
-+ done_lh(&lh);
-+ reiser4_exit_context(ctx);
-+ return result;
-+ }
-+
-+ iplug = item_plugin_by_coord(&coord);
-+ if (iplug->s.file.get_block) {
-+ result = iplug->s.file.get_block(&coord, lblock, &block);
-+ if (result == 0)
-+ result = block;
-+ } else
-+ result = RETERR(-EINVAL);
-+
-+ zrelse(coord.node);
-+ done_lh(&lh);
-+ reiser4_exit_context(ctx);
-+ return result;
-+}
-+
-+/**
-+ * flow_by_inode_unix_file - initizlize structure flow
-+ * @inode: inode of file for which read or write is abou
-+ * @buf: buffer to perform read to or write from
-+ * @user: flag showing whether @buf is user space or kernel space
-+ * @size: size of buffer @buf
-+ * @off: start offset fro read or write
-+ * @op: READ or WRITE
-+ * @flow:
-+ *
-+ * Initializes fields of @flow: key, size of data, i/o mode (read or write).
-+ */
-+int flow_by_inode_unix_file(struct inode *inode,
-+ const char __user *buf, int user,
-+ loff_t size, loff_t off,
-+ rw_op op, flow_t *flow)
-+{
-+ assert("nikita-1100", inode != NULL);
-+
-+ flow->length = size;
-+ memcpy(&flow->data, &buf, sizeof(buf));
-+ flow->user = user;
-+ flow->op = op;
-+ assert("nikita-1931", inode_file_plugin(inode) != NULL);
-+ assert("nikita-1932",
-+ inode_file_plugin(inode)->key_by_inode ==
-+ key_by_inode_and_offset_common);
-+ /* calculate key of write position and insert it into flow->key */
-+ return key_by_inode_and_offset_common(inode, off, &flow->key);
-+}
-+
-+/* plugin->u.file.set_plug_in_sd = NULL
-+ plugin->u.file.set_plug_in_inode = NULL
-+ plugin->u.file.create_blank_sd = NULL */
-+/* plugin->u.file.delete */
-+/*
-+ plugin->u.file.add_link = add_link_common
-+ plugin->u.file.rem_link = NULL */
-+
-+/* plugin->u.file.owns_item
-+ this is common_file_owns_item with assertion */
-+/* Audited by: green(2002.06.15) */
-+int
-+owns_item_unix_file(const struct inode *inode /* object to check against */ ,
-+ const coord_t * coord /* coord to check */ )
-+{
-+ int result;
-+
-+ result = owns_item_common(inode, coord);
-+ if (!result)
-+ return 0;
-+ if (item_type_by_coord(coord) != UNIX_FILE_METADATA_ITEM_TYPE)
-+ return 0;
-+ assert("vs-547",
-+ item_id_by_coord(coord) == EXTENT_POINTER_ID ||
-+ item_id_by_coord(coord) == FORMATTING_ID);
-+ return 1;
-+}
-+
-+static int setattr_truncate(struct inode *inode, struct iattr *attr)
-+{
-+ int result;
-+ int s_result;
-+ loff_t old_size;
-+ reiser4_tree *tree;
-+
-+ inode_check_scale(inode, inode->i_size, attr->ia_size);
-+
-+ old_size = inode->i_size;
-+ tree = tree_by_inode(inode);
-+
-+ result = safe_link_grab(tree, BA_CAN_COMMIT);
-+ if (result == 0)
-+ result = safe_link_add(inode, SAFE_TRUNCATE);
-+ if (result == 0)
-+ result = truncate_file_body(inode, attr->ia_size);
-+ if (result)
-+ warning("vs-1588", "truncate_file failed: oid %lli, "
-+ "old size %lld, new size %lld, retval %d",
-+ (unsigned long long)get_inode_oid(inode),
-+ old_size, attr->ia_size, result);
-+
-+ s_result = safe_link_grab(tree, BA_CAN_COMMIT);
-+ if (s_result == 0)
-+ s_result =
-+ safe_link_del(tree, get_inode_oid(inode), SAFE_TRUNCATE);
-+ if (s_result != 0) {
-+ warning("nikita-3417", "Cannot kill safelink %lli: %i",
-+ (unsigned long long)get_inode_oid(inode), s_result);
-+ }
-+ safe_link_release(tree);
-+ return result;
-+}
-+
-+/* plugin->u.file.setattr method */
-+/* This calls inode_setattr and if truncate is in effect it also takes
-+ exclusive inode access to avoid races */
-+int setattr_unix_file(struct dentry *dentry, /* Object to change attributes */
-+ struct iattr *attr /* change description */ )
-+{
-+ int result;
-+
-+ if (attr->ia_valid & ATTR_SIZE) {
-+ reiser4_context *ctx;
-+ unix_file_info_t *uf_info;
-+
-+ /* truncate does reservation itself and requires exclusive
-+ access obtained */
-+ ctx = init_context(dentry->d_inode->i_sb);
-+ if (IS_ERR(ctx))
-+ return PTR_ERR(ctx);
-+
-+ uf_info = unix_file_inode_data(dentry->d_inode);
-+ down(&uf_info->write);
-+ get_exclusive_access(uf_info);
-+ result = setattr_truncate(dentry->d_inode, attr);
-+ drop_exclusive_access(uf_info);
-+ up(&uf_info->write);
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+ } else
-+ result = setattr_common(dentry, attr);
-+
-+ return result;
-+}
-+
-+/* plugin->u.file.init_inode_data */
-+void
-+init_inode_data_unix_file(struct inode *inode,
-+ reiser4_object_create_data * crd, int create)
-+{
-+ unix_file_info_t *data;
-+
-+ data = unix_file_inode_data(inode);
-+ data->container = create ? UF_CONTAINER_EMPTY : UF_CONTAINER_UNKNOWN;
-+ init_rwsem(&data->latch);
-+ sema_init(&data->write, 1);
-+ data->tplug = inode_formatting_plugin(inode);
-+ data->exclusive_use = 0;
-+
-+#if REISER4_DEBUG
-+ data->ea_owner = NULL;
-+ atomic_set(&data->nr_neas, 0);
-+#endif
-+ init_inode_ordering(inode, crd, create);
-+}
-+
-+/**
-+ * delete_object_unix_file - delete_object of file_plugin
-+ * @inode: inode to be deleted
-+ *
-+ * Truncates file to length 0, removes stat data and safe link.
-+ */
-+int delete_object_unix_file(struct inode *inode)
-+{
-+ unix_file_info_t *uf_info;
-+ int result;
-+
-+ if (inode_get_flag(inode, REISER4_NO_SD))
-+ return 0;
-+
-+ /* truncate file bogy first */
-+ uf_info = unix_file_inode_data(inode);
-+ get_exclusive_access(uf_info);
-+ result = truncate_file_body(inode, 0 /* size */ );
-+ drop_exclusive_access(uf_info);
-+
-+ if (result)
-+ warning("", "failed to truncate file (%llu) on removal: %d",
-+ get_inode_oid(inode), result);
-+
-+ /* remove stat data and safe link */
-+ return delete_object_common(inode);
-+}
-+
-+/**
-+ * sendfile_unix_file - sendfile of struct file_operations
-+ * @file: file to be sent
-+ * @ppos: position to start from
-+ * @count: number of bytes to send
-+ * @actor: function to copy data
-+ * @target: where to copy read data
-+ *
-+ * Reads @count bytes from @file and calls @actor for every page read. This is
-+ * needed for loop back devices support.
-+ */
-+ssize_t
-+sendfile_unix_file(struct file *file, loff_t *ppos, size_t count,
-+ read_actor_t actor, void *target)
-+{
-+ reiser4_context *ctx;
-+ ssize_t result;
-+ struct inode *inode;
-+ unix_file_info_t *uf_info;
-+
-+ inode = file->f_dentry->d_inode;
-+ ctx = init_context(inode->i_sb);
-+ if (IS_ERR(ctx))
-+ return PTR_ERR(ctx);
-+
-+ /*
-+ * generic_file_sndfile may want to call update_atime. Grab space for
-+ * stat data update
-+ */
-+ result = reiser4_grab_space(estimate_update_common(inode),
-+ BA_CAN_COMMIT);
-+ if (result)
-+ goto error;
-+ mutex_lock(&inode->i_mutex);
-+ inode_set_flag(inode, REISER4_HAS_MMAP);
-+ mutex_unlock(&inode->i_mutex);
-+
-+ uf_info = unix_file_inode_data(inode);
-+ get_nonexclusive_access(uf_info);
-+ result = generic_file_sendfile(file, ppos, count, actor, target);
-+ drop_nonexclusive_access(uf_info);
-+ error:
-+ reiser4_exit_context(ctx);
-+ return result;
-+}
-+
-+int
-+prepare_write_unix_file(struct file *file, struct page *page,
-+ unsigned from, unsigned to)
-+{
-+ reiser4_context *ctx;
-+ unix_file_info_t *uf_info;
-+ int ret;
-+
-+ ctx = init_context(file->f_dentry->d_inode->i_sb);
-+ if (IS_ERR(ctx))
-+ return PTR_ERR(ctx);
-+
-+ uf_info = unix_file_inode_data(file->f_dentry->d_inode);
-+ get_exclusive_access(uf_info);
-+ ret = find_file_state(file->f_dentry->d_inode, uf_info);
-+ if (ret == 0) {
-+ if (uf_info->container == UF_CONTAINER_TAILS)
-+ ret = -EINVAL;
-+ else
-+ ret = do_prepare_write(file, page, from, to);
-+ }
-+ drop_exclusive_access(uf_info);
-+
-+ /* don't commit transaction under inode semaphore */
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+ return ret;
-+}
-+
-+/*
-+ * Local variables:
-+ * c-indentation-style: "K&R"
-+ * mode-name: "LC"
-+ * c-basic-offset: 8
-+ * tab-width: 8
-+ * fill-column: 79
-+ * scroll-step: 1
-+ * End:
-+ */
-Index: linux-2.6.16/fs/reiser4/plugin/file/file.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/file/file.h
-@@ -0,0 +1,257 @@
-+/* Copyright 2001, 2002, 2003, 2004 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* this file contains declarations of methods implementing file plugins
-+ (UNIX_FILE_PLUGIN_ID, SYMLINK_FILE_PLUGIN_ID and CRC_FILE_PLUGIN_ID) */
-+
-+#if !defined( __REISER4_FILE_H__ )
-+#define __REISER4_FILE_H__
-+
-+/* declarations of functions implementing UNIX_FILE_PLUGIN_ID file plugin */
-+
-+/* inode operations */
-+int setattr_unix_file(struct dentry *, struct iattr *);
-+
-+/* file operations */
-+ssize_t read_unix_file(struct file *, char __user *buf, size_t read_amount,
-+ loff_t *off);
-+ssize_t write_unix_file(struct file *, const char __user *buf, size_t write_amount,
-+ loff_t * off);
-+int ioctl_unix_file(struct inode *, struct file *, unsigned int cmd,
-+ unsigned long arg);
-+int mmap_unix_file(struct file *, struct vm_area_struct *);
-+int open_unix_file(struct inode *, struct file *);
-+int release_unix_file(struct inode *, struct file *);
-+int sync_unix_file(struct file *, struct dentry *, int datasync);
-+ssize_t sendfile_unix_file(struct file *, loff_t *ppos, size_t count,
-+ read_actor_t, void *target);
-+
-+/* address space operations */
-+int readpage_unix_file(struct file *, struct page *);
-+int readpage_unix_file_nolock(struct file *, struct page *);
-+int writepages_unix_file(struct address_space *, struct writeback_control *);
-+int prepare_write_unix_file(struct file *, struct page *, unsigned from,
-+ unsigned to);
-+int commit_write_unix_file(struct file *, struct page *, unsigned from,
-+ unsigned to);
-+sector_t bmap_unix_file(struct address_space *, sector_t lblock);
-+
-+/* file plugin operations */
-+int flow_by_inode_unix_file(struct inode *, const char __user *buf,
-+ int user, loff_t, loff_t, rw_op, flow_t *);
-+int owns_item_unix_file(const struct inode *, const coord_t *);
-+void init_inode_data_unix_file(struct inode *, reiser4_object_create_data *,
-+ int create);
-+int delete_object_unix_file(struct inode *);
-+
-+/*
-+ * all the write into unix file is performed by item write method. Write method
-+ * of unix file plugin only decides which item plugin (extent or tail) and in
-+ * which mode (one from the enum below) to call
-+ */
-+typedef enum {
-+ FIRST_ITEM = 1,
-+ APPEND_ITEM = 2,
-+ OVERWRITE_ITEM = 3
-+} write_mode_t;
-+
-+/* unix file may be in one the following states */
-+typedef enum {
-+ UF_CONTAINER_UNKNOWN = 0,
-+ UF_CONTAINER_TAILS = 1,
-+ UF_CONTAINER_EXTENTS = 2,
-+ UF_CONTAINER_EMPTY = 3
-+} file_container_t;
-+
-+struct formatting_plugin;
-+struct inode;
-+
-+/* unix file plugin specific part of reiser4 inode */
-+typedef struct unix_file_info {
-+ /*
-+ * this read-write lock protects file containerization change. Accesses
-+ * which do not change file containerization (see file_container_t)
-+ * (read, readpage, writepage, write (until tail conversion is
-+ * involved)) take read-lock. Accesses which modify file
-+ * containerization (truncate, conversion from tail to extent and back)
-+ * take write-lock.
-+ */
-+ struct rw_semaphore latch;
-+ /*
-+ * this semaphore is used to serialize writes instead of inode->i_mutex,
-+ * because write_unix_file uses get_user_pages which is to be used
-+ * under mm->mmap_sem and because it is required to take mm->mmap_sem
-+ * before inode->i_mutex, so inode->i_mutex would have to be unlocked
-+ * before calling to get_user_pages which is unacceptable
-+ */
-+ struct semaphore write;
-+ /* this enum specifies which items are used to build the file */
-+ file_container_t container;
-+ /*
-+ * plugin which controls when file is to be converted to extents and
-+ * back to tail
-+ */
-+ struct formatting_plugin *tplug;
-+ /* if this is set, file is in exclusive use */
-+ int exclusive_use;
-+#if REISER4_DEBUG
-+ /* pointer to task struct of thread owning exclusive access to file */
-+ void *ea_owner;
-+ atomic_t nr_neas;
-+ void *last_reader;
-+#endif
-+} unix_file_info_t;
-+
-+struct unix_file_info *unix_file_inode_data(const struct inode *inode);
-+void get_exclusive_access(unix_file_info_t *);
-+void drop_exclusive_access(unix_file_info_t *);
-+void get_nonexclusive_access(unix_file_info_t *);
-+void drop_nonexclusive_access(unix_file_info_t *);
-+int try_to_get_nonexclusive_access(unix_file_info_t *);
-+int find_file_item(hint_t *, const reiser4_key *, znode_lock_mode,
-+ struct inode *);
-+int find_file_item_nohint(coord_t *, lock_handle *,
-+ const reiser4_key *, znode_lock_mode,
-+ struct inode *);
-+
-+void validate_extended_coord(uf_coord_t *, loff_t offset);
-+int load_file_hint(struct file *, hint_t *);
-+void save_file_hint(struct file *, const hint_t *);
-+
-+
-+#include "../item/extent.h"
-+#include "../item/tail.h"
-+#include "../item/ctail.h"
-+
-+struct uf_coord {
-+ coord_t coord;
-+ lock_handle *lh;
-+ int valid;
-+ union {
-+ extent_coord_extension_t extent;
-+ tail_coord_extension_t tail;
-+ ctail_coord_extension_t ctail;
-+ } extension;
-+};
-+
-+#include "../../forward.h"
-+#include "../../seal.h"
-+#include "../../lock.h"
-+
-+/*
-+ * This structure is used to speed up file operations (reads and writes). A
-+ * hint is a suggestion about where a key resolved to last time. A seal
-+ * indicates whether a node has been modified since a hint was last recorded.
-+ * You check the seal, and if the seal is still valid, you can use the hint
-+ * without traversing the tree again.
-+ */
-+struct hint {
-+ seal_t seal; /* a seal over last file item accessed */
-+ uf_coord_t ext_coord;
-+ loff_t offset;
-+ znode_lock_mode mode;
-+ lock_handle lh;
-+};
-+
-+void set_hint(hint_t *, const reiser4_key *, znode_lock_mode);
-+int hint_is_set(const hint_t *);
-+void unset_hint(hint_t *);
-+int hint_validate(hint_t *, const reiser4_key *, int check_key,
-+ znode_lock_mode);
-+void hint_init_zero(hint_t *);
-+
-+int update_file_size(struct inode *, reiser4_key *, int update_sd);
-+int cut_file_items(struct inode *, loff_t new_size, int update_sd,
-+ loff_t cur_size, int (*update_actor) (struct inode *,
-+ reiser4_key *, int));
-+
-+
-+#if REISER4_DEBUG
-+
-+/* return 1 is exclusive access is obtained, 0 - otherwise */
-+static inline int ea_obtained(unix_file_info_t * uf_info)
-+{
-+ int ret;
-+
-+ ret = down_read_trylock(&uf_info->latch);
-+ if (ret)
-+ up_read(&uf_info->latch);
-+ return !ret;
-+}
-+
-+#endif
-+
-+/* declarations of functions implementing SYMLINK_FILE_PLUGIN_ID file plugin */
-+int create_symlink(struct inode *symlink, struct inode *dir,
-+ reiser4_object_create_data *);
-+void destroy_inode_symlink(struct inode *);
-+
-+/* declarations of functions implementing CRC_FILE_PLUGIN_ID file plugin */
-+
-+/* inode operations */
-+int setattr_cryptcompress(struct dentry *, struct iattr *);
-+
-+/* file operations */
-+ssize_t read_cryptcompress(struct file *, char __user *buf, size_t read_amount,
-+ loff_t * off);
-+ssize_t write_cryptcompress(struct file *, const char __user *buf, size_t write_amount,
-+ loff_t * off);
-+int mmap_cryptcompress(struct file *, struct vm_area_struct *);
-+ssize_t sendfile_cryptcompress(struct file *file, loff_t *ppos, size_t count,
-+ read_actor_t actor, void *target);
-+int release_cryptcompress(struct inode *, struct file *);
-+
-+/* address space operations */
-+extern int readpage_cryptcompress(struct file *, struct page *);
-+extern int writepages_cryptcompress(struct address_space *,
-+ struct writeback_control *);
-+
-+
-+/* file plugin operations */
-+int flow_by_inode_cryptcompress(struct inode *, const char __user *buf,
-+ int user, loff_t, loff_t, rw_op, flow_t *);
-+int key_by_inode_cryptcompress(struct inode *, loff_t off, reiser4_key *);
-+int create_cryptcompress(struct inode *, struct inode *,
-+ reiser4_object_create_data *);
-+int delete_cryptcompress(struct inode *);
-+void init_inode_data_cryptcompress(struct inode *, reiser4_object_create_data *,
-+ int create);
-+int cut_tree_worker_cryptcompress(tap_t *, const reiser4_key * from_key,
-+ const reiser4_key * to_key,
-+ reiser4_key * smallest_removed,
-+ struct inode *object, int truncate,
-+ int *progress);
-+void destroy_inode_cryptcompress(struct inode *);
-+
-+extern reiser4_plugin_ops cryptcompress_plugin_ops;
-+
-+#define WRITE_GRANULARITY 32
-+
-+
-+int tail2extent(unix_file_info_t *);
-+int extent2tail(unix_file_info_t *);
-+
-+int goto_right_neighbor(coord_t *, lock_handle *);
-+int find_or_create_extent(struct page *);
-+int equal_to_ldk(znode *, const reiser4_key *);
-+
-+
-+extern inline int cbk_errored(int cbk_result)
-+{
-+ return (cbk_result != CBK_COORD_NOTFOUND
-+ && cbk_result != CBK_COORD_FOUND);
-+}
-+
-+/* __REISER4_FILE_H__ */
-+#endif
-+
-+/*
-+ * Local variables:
-+ * c-indentation-style: "K&R"
-+ * mode-name: "LC"
-+ * c-basic-offset: 8
-+ * tab-width: 8
-+ * fill-column: 79
-+ * scroll-step: 1
-+ * End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/file/invert.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/file/invert.c
-@@ -0,0 +1,493 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* Suppose you want to conveniently read and write a large variety of small files conveniently within a single emacs
-+ buffer, without having a separate buffer for each 8 byte or so file. Inverts are the way to do that. An invert
-+ provides you with the contents of a set of subfiles plus its own contents. It is a file which inherits other files
-+ when you read it, and allows you to write to it and through it to the files that it inherits from. In order for it
-+ to know which subfiles each part of your write should go into, there must be delimiters indicating that. It tries to
-+ make that easy for you by providing those delimiters in what you read from it.
-+
-+ When you read it, an invert performs an inverted assignment. Instead of taking an assignment command and writing a
-+ bunch of files, it takes a bunch of files and composes an assignment command for you to read from it that if executed
-+ would create those files. But which files? Well, that must be specified in the body of the invert using a special
-+ syntax, and that specification is called the invert of the assignment.
-+
-+ When written to, an invert performs the assignment command that is written
-+ to it, and modifies its own body to contain the invert of that
-+ assignment.
-+
-+ In other words, writing to an invert file what you have read from it
-+ is the identity operation.
-+
-+ Malformed assignments cause write errors. Partial writes are not
-+ supported in v4.0, but will be.
-+
-+ Example:
-+
-+ If an invert contains:
-+
-+ /filenameA/<>+"(some text stored in the invert)+/filenameB/<>
-+
-+======================
-+Each element in this definition should be an invert, and all files
-+should be called recursively - too. This is bad. If one of the
-+included files in not a regular or invert file, then we can't read
-+main file.
-+
-+I think to make it is possible easier:
-+
-+internal structure of invert file should be like symlink file. But
-+read and write method should be explitely indicated in i/o operation..
-+
-+By default we read and write (if probably) as symlink and if we
-+specify ..invert at reading time that too we can specify it at write time.
-+
-+example:
-+/my_invert_file/..invert<- ( (/filenameA<-"(The contents of filenameA))+"(some text stored in the invert)+(/filenameB<-"(The contents of filenameB) ) )
-+will create /my_invert_file as invert, and will creat /filenameA and /filenameB with specified body.
-+
-+read of /my_invert_file/..invert will be
-+/filenameA<-"(The contents of filenameA)+"(some text stored in the invert)+/filenameB<-"(The contents of filenameB)
-+
-+but read of /my_invert_file/ will be
-+The contents of filenameAsome text stored in the invertThe contents of filenameB
-+
-+we also can creat this file as
-+/my_invert_file/<-/filenameA+"(some text stored in the invert)+/filenameB
-+will create /my_invert_file , and use existing files /filenameA and /filenameB.
-+
-+and when we will read it will be as previously invert file.
-+
-+This is correct?
-+
-+ vv
-+DEMIDOV-FIXME-HANS:
-+
-+Maybe you are right, but then you must disable writes to /my_invert_file/ and only allow writes to /my_invert_file/..invert
-+
-+Do you agree? Discuss it on reiserfs-list....
-+
-+-Hans
-+=======================
-+
-+ Then a read will return:
-+
-+ /filenameA<-"(The contents of filenameA)+"(some text stored in the invert)+/filenameB<-"(The contents of filenameB)
-+
-+ and a write of the line above to the invert will set the contents of
-+ the invert and filenameA and filenameB to their original values.
-+
-+ Note that the contents of an invert have no influence on the effect
-+ of a write unless the write is a partial write (and a write of a
-+ shorter file without using truncate first is a partial write).
-+
-+ truncate() has no effect on filenameA and filenameB, it merely
-+ resets the value of the invert.
-+
-+ Writes to subfiles via the invert are implemented by preceding them
-+ with truncates.
-+
-+ Parse failures cause write failures.
-+
-+ Questions to ponder: should the invert be acted on prior to file
-+ close when writing to an open filedescriptor?
-+
-+ Example:
-+
-+ If an invert contains:
-+
-+ "(This text and a pair of quotes are all that is here.)
-+
-+Then a read will return:
-+
-+ "(This text and a pair of quotes are all that is here.)
-+
-+*/
-+
-+/* OPEN method places a struct file in memory associated with invert body
-+ and returns something like file descriptor to the user for the future access
-+ to the invert file.
-+ During opening we parse the body of invert and get a list of the 'entryes'
-+ (that describes all its subfiles) and place pointer on the first struct in
-+ reiserfs-specific part of invert inode (arbitrary decision).
-+
-+ Each subfile is described by the struct inv_entry that has a pointer @sd on
-+ in-core based stat-data and a pointer on struct file @f (if we find that the
-+ subfile uses more then one unformated node (arbitrary decision), we load
-+ struct file in memory, otherwise we load base stat-data (and maybe 1-2 bytes
-+ of some other information we need)
-+
-+ Since READ and WRITE methods for inverts were formulated in assignment
-+ language, they don't contain arguments 'size' and 'offset' that make sense
-+ only in ordinary read/write methods.
-+
-+ READ method is a combination of two methods:
-+ 1) ordinary read method (with offset=0, lenght = @f->...->i_size) for entries
-+ with @f != 0, this method uses pointer on struct file as an argument
-+ 2) read method for inode-less files with @sd != 0, this method uses
-+ in-core based stat-data instead struct file as an argument.
-+ in the first case we don't use pagecache, just copy data that we got after
-+ cbk() into userspace.
-+
-+ WRITE method for invert files is more complex.
-+ Besides declared WRITE-interface in assignment languageb above we need
-+ to have an opportunity to edit unwrapped body of invert file with some
-+ text editor, it means we need GENERIC WRITE METHOD for invert file:
-+
-+ my_invert_file/..invert <- "string"
-+
-+ this method parses "string" and looks for correct subfile signatures, also
-+ the parsing process splits this "string" on the set of flows in accordance
-+ with the set of subfiles specified by this signarure.
-+ The found list of signatures #S is compared with the opened one #I of invert
-+ file. If it doesn't have this one (#I==0, it will be so for instance if we
-+ have just create this invert file) the write method assignes found signature
-+ (#I=#S;) to the invert file. Then if #I==#S, generic write method splits
-+ itself to the some write methods for ordinary or light-weight, or call itself
-+ recursively for invert files with corresponding flows.
-+ I am not sure, but the list of signatures looks like what mr.Demidov means
-+ by 'delimiters'.
-+
-+ The cases when #S<#I (#I<#S) (in the sense of set-theory) are also available
-+ and cause delete (create new) subfiles (arbitrary decision - it may looks
-+ too complex, but this interface will be the completest). The order of entries
-+ of list #S (#I) and inherited order on #I (#S) must coincide.
-+ The other parsing results give malformed signature that aborts READ method
-+ and releases all resources.
-+
-+ Format of subfile (entry) signature:
-+
-+ "START_MAGIC"<>(TYPE="...",LOOKUP_ARG="...")SUBFILE_BODY"END_MAGIC"
-+
-+ Legend:
-+
-+ START_MAGIC - keyword indicates the start of subfile signature;
-+
-+ <> indicates the start of 'subfile metadata', that is the pair
-+ (TYPE="...",LOOKUP_ARG="...") in parenthesis separated by comma.
-+
-+ TYPE - the string "type" indicates the start of one of the three words:
-+ - ORDINARY_FILE,
-+ - LIGHT_WEIGHT_FILE,
-+ - INVERT_FILE;
-+
-+ LOOKUP_ARG - lookup argument depends on previous type:
-+ */
-+
-+ /************************************************************/
-+ /* TYPE * LOOKUP ARGUMENT */
-+ /************************************************************/
-+ /* LIGH_WEIGHT_FILE * stat-data key */
-+ /************************************************************/
-+ /* ORDINARY_FILE * filename */
-+ /************************************************************/
-+ /* INVERT_FILE * filename */
-+ /************************************************************/
-+
-+ /* where:
-+ *stat-data key - the string contains stat data key of this subfile, it will be
-+ passed to fast-access lookup method for light-weight files;
-+ *filename - pathname of this subfile, iyt well be passed to VFS lookup methods
-+ for ordinary and invert files;
-+
-+ SUBFILE_BODY - data of this subfile (it will go to the flow)
-+ END_MAGIC - the keyword indicates the end of subfile signature.
-+
-+ The other simbols inside the signature interpreted as 'unformatted content',
-+ which is available with VFS's read_link() (arbitraruy decision).
-+
-+ NOTE: Parse method for a body of invert file uses mentioned signatures _without_
-+ subfile bodies.
-+
-+ Now the only unclear thing is WRITE in regular light-weight subfile A that we
-+ can describe only in assignment language:
-+
-+ A <- "some_string"
-+
-+ I guess we don't want to change stat-data and body items of file A
-+ if this file exist, and size(A) != size("some_string") because this operation is
-+ expencive, so we only do the partial write if size(A) > size("some_string")
-+ and do truncate of the "some_string", and then do A <- "truncated string", if
-+ size(A) < size("some_string"). This decision is also arbitrary..
-+ */
-+
-+/* here is infrastructure for formated flows */
-+
-+#define SUBFILE_HEADER_MAGIC 0x19196605
-+#define FLOW_HEADER_MAGIC 0x01194304
-+
-+#include "../plugin.h"
-+#include "../../debug.h"
-+#include "../../forward.h"
-+#include "../object.h"
-+#include "../item/item.h"
-+#include "../item/static_stat.h"
-+#include "../../dformat.h"
-+#include "../znode.h"
-+#include "../inode.h"
-+
-+#include <linux/types.h>
-+#include <linux/fs.h> /* for struct file */
-+#include <linux/list.h> /* for struct list_head */
-+
-+typedef enum {
-+ LIGHT_WEIGHT_FILE,
-+ ORDINARY_FILE,
-+ INVERT_FILE
-+} inv_entry_type;
-+
-+typedef struct flow_header {
-+ d32 fl_magic;
-+ d16 fl_nr; /* number of subfiles in the flow */
-+};
-+
-+typedef struct subfile_header {
-+ d32 sh_magic; /* subfile magic */
-+ d16 sh_type; /* type of subfile: light-weight, ordinary, invert */
-+ d16 sh_arg_len; /* lenght of lookup argument (filename, key) */
-+ d32 sh_body_len; /* lenght of subfile body */
-+};
-+
-+/* functions to get/set fields of flow header */
-+
-+static void fl_set_magic(flow_header * fh, __u32 value)
-+{
-+ cputod32(value, &fh->fh_magic);
-+}
-+
-+static __u32 fl_get_magic(flow_header * fh)
-+{
-+ return d32tocpu(&fh->fh_magic);
-+}
-+static void fl_set_number(flow_header * fh, __u16 value)
-+{
-+ cputod16(value, &fh->fh_nr);
-+}
-+static unsigned fl_get_number(flow_header * fh)
-+{
-+ return d16tocpu(&fh->fh_nr);
-+}
-+
-+/* functions to get/set fields of subfile header */
-+
-+static void sh_set_magic(subfile_header * sh, __u32 value)
-+{
-+ cputod32(value, &sh->sh_magic);
-+}
-+
-+static __u32 sh_get_magic(subfile_header * sh)
-+{
-+ return d32tocpu(&sh->sh_magic);
-+}
-+static void sh_set_type(subfile_header * sh, __u16 value)
-+{
-+ cputod16(value, &sh->sh_magic);
-+}
-+static unsigned sh_get_type(subfile_header * sh)
-+{
-+ return d16tocpu(&sh->sh_magic);
-+}
-+static void sh_set_arg_len(subfile_header * sh, __u16 value)
-+{
-+ cputod16(value, &sh->sh_arg_len);
-+}
-+static unsigned sh_get_arg_len(subfile_header * sh)
-+{
-+ return d16tocpu(&sh->sh_arg_len);
-+}
-+static void sh_set_body_len(subfile_header * sh, __u32 value)
-+{
-+ cputod32(value, &sh->sh_body_len);
-+}
-+
-+static __u32 sh_get_body_len(subfile_header * sh)
-+{
-+ return d32tocpu(&sh->sh_body_len);
-+}
-+
-+/* in-core minimal stat-data, light-weight analog of inode */
-+
-+struct incore_sd_base {
-+ umode_t isd_mode;
-+ nlink_t isd_nlink;
-+ loff_t isd_size;
-+ char *isd_data; /* 'subflow' to write */
-+};
-+
-+/* open invert create a list of invert entries,
-+ every entry is represented by structure inv_entry */
-+
-+struct inv_entry {
-+ struct list_head *ie_list;
-+ struct file *ie_file; /* this is NULL if the file doesn't
-+ have unformated nodes */
-+ struct incore_sd_base *ie_sd; /* inode-less analog of struct file */
-+};
-+
-+/* allocate and init invert entry */
-+
-+static struct inv_entry *allocate_inv_entry(void)
-+{
-+ struct inv_entry *inv_entry;
-+
-+ inv_entry = reiser4_kmalloc(sizeof(struct inv_entry), GFP_KERNEL);
-+ if (!inv_entry)
-+ return ERR_PTR(RETERR(-ENOMEM));
-+ inv_entry->ie_file = NULL;
-+ inv_entry->ie_sd = NULL;
-+ INIT_LIST_HEAD(&inv_entry->ie_list);
-+ return inv_entry;
-+}
-+
-+static int put_inv_entry(struct inv_entry *ientry)
-+{
-+ int result = 0;
-+
-+ assert("edward-96", ientry != NULL);
-+ assert("edward-97", ientry->ie_list != NULL);
-+
-+ list_del(ientry->ie_list);
-+ if (ientry->ie_sd != NULL) {
-+ kfree(ientry->ie_sd);
-+ kfree(ientry);
-+ }
-+ if (ientry->ie_file != NULL)
-+ result = filp_close(ientry->file, NULL);
-+ return result;
-+}
-+
-+static int allocate_incore_sd_base(struct inv_entry *inv_entry)
-+{
-+ struct incore_sd_base *isd_base assert("edward-98", inv_entry != NULL);
-+ assert("edward-99", inv_entry->ie_inode = NULL);
-+ assert("edward-100", inv_entry->ie_sd = NULL);
-+
-+ isd_base = reiser4_kmalloc(sizeof(struct incore_sd_base), GFP_KERNEL);
-+ if (!isd_base)
-+ return RETERR(-ENOMEM);
-+ inv_entry->ie_sd = isd_base;
-+ return 0;
-+}
-+
-+/* this can be installed as ->init_inv_entry () method of
-+ item_plugins[ STATIC_STAT_DATA_IT ] (fs/reiser4/plugin/item/item.c).
-+ Copies data from on-disk stat-data format into light-weight analog of inode .
-+ Doesn't hanlde stat-data extensions. */
-+
-+static void sd_base_load(struct inv_entry *inv_entry, char *sd)
-+{
-+ reiser4_stat_data_base *sd_base;
-+
-+ assert("edward-101", inv_entry != NULL);
-+ assert("edward-101", inv_entry->ie_sd != NULL);
-+ assert("edward-102", sd != NULL);
-+
-+ sd_base = (reiser4_stat_data_base *) sd;
-+ inv_entry->incore_sd_base->isd_mode = d16tocpu(&sd_base->mode);
-+ inv_entry->incore_sd_base->isd_nlink = d32tocpu(&sd_base->nlink);
-+ inv_entry->incore_sd_base->isd_size = d64tocpu(&sd_base->size);
-+ inv_entry->incore_sd_base->isd_data = NULL;
-+}
-+
-+/* initialise incore stat-data */
-+
-+static void init_incore_sd_base(struct inv_entry *inv_entry, coord_t * coord)
-+{
-+ reiser4_plugin *plugin = item_plugin_by_coord(coord);
-+ void *body = item_body_by_coord(coord);
-+
-+ assert("edward-103", inv_entry != NULL);
-+ assert("edward-104", plugin != NULL);
-+ assert("edward-105", body != NULL);
-+
-+ sd_base_load(inv_entry, body);
-+}
-+
-+/* takes a key or filename and allocates new invert_entry,
-+ init and adds it into the list,
-+ we use lookup_sd_by_key() for light-weight files and VFS lookup by filename */
-+
-+int get_inv_entry(struct inode *invert_inode, /* inode of invert's body */
-+ inv_entry_type type, /* LIGHT-WEIGHT or ORDINARY */
-+ const reiser4_key * key, /* key of invert entry stat-data */
-+ char *filename, /* filename of the file to be opened */
-+ int flags, int mode)
-+{
-+ int result;
-+ struct inv_entry *ientry;
-+
-+ assert("edward-107", invert_inode != NULL);
-+
-+ ientry = allocate_inv_entry();
-+ if (IS_ERR(ientry))
-+ return (PTR_ERR(ientry));
-+
-+ if (type == LIGHT_WEIGHT_FILE) {
-+ coord_t coord;
-+ lock_handle lh;
-+
-+ assert("edward-108", key != NULL);
-+
-+ init_coord(&coord);
-+ init_lh(&lh);
-+ result =
-+ lookup_sd_by_key(tree_by_inode(invert_inode),
-+ ZNODE_READ_LOCK, &coord, &lh, key);
-+ if (result == 0)
-+ init_incore_sd_base(ientry, coord);
-+
-+ done_lh(&lh);
-+ done_coord(&coord);
-+ return (result);
-+ } else {
-+ struct file *file = filp_open(filename, flags, mode);
-+ /* FIXME_EDWARD here we need to check if we
-+ did't follow to any mount point */
-+
-+ assert("edward-108", filename != NULL);
-+
-+ if (IS_ERR(file))
-+ return (PTR_ERR(file));
-+ ientry->ie_file = file;
-+ return 0;
-+ }
-+}
-+
-+/* takes inode of invert, reads the body of this invert, parses it,
-+ opens all invert entries and return pointer on the first inv_entry */
-+
-+struct inv_entry *open_invert(struct file *invert_file)
-+{
-+
-+}
-+
-+ssize_t subfile_read(struct *invert_entry, flow * f)
-+{
-+
-+}
-+
-+ssize_t subfile_write(struct *invert_entry, flow * f)
-+{
-+
-+}
-+
-+ssize_t invert_read(struct *file, flow * f)
-+{
-+
-+}
-+
-+ssize_t invert_write(struct *file, flow * f)
-+{
-+
-+}
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/file/symfile.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/file/symfile.c
-@@ -0,0 +1,87 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* Symfiles are a generalization of Unix symlinks.
-+
-+ A symfile when read behaves as though you took its contents and
-+ substituted them into the reiser4 naming system as the right hand side
-+ of an assignment, and then read that which you had assigned to it.
-+
-+ A key issue for symfiles is how to implement writes through to
-+ subfiles. In general, one must have some method of determining what
-+ of that which is written to the symfile is written to what subfile.
-+ This can be done by use of custom plugin methods written by users, or
-+ by using a few general methods we provide for those willing to endure
-+ the insertion of delimiters into what is read.
-+
-+ Writing to symfiles without delimiters to denote what is written to
-+ what subfile is not supported by any plugins we provide in this
-+ release. Our most sophisticated support for writes is that embodied
-+ by the invert plugin (see invert.c).
-+
-+ A read only version of the /etc/passwd file might be
-+ constructed as a symfile whose contents are as follows:
-+
-+ /etc/passwd/userlines/*
-+
-+ or
-+
-+ /etc/passwd/userlines/demidov+/etc/passwd/userlines/edward+/etc/passwd/userlines/reiser+/etc/passwd/userlines/root
-+
-+ or
-+
-+ /etc/passwd/userlines/(demidov+edward+reiser+root)
-+
-+ A symfile with contents
-+
-+ /filenameA+"(some text stored in the uninvertable symfile)+/filenameB
-+
-+ will return when read
-+
-+ The contents of filenameAsome text stored in the uninvertable symfileThe contents of filenameB
-+
-+ and write of what has been read will not be possible to implement as
-+ an identity operation because there are no delimiters denoting the
-+ boundaries of what is to be written to what subfile.
-+
-+ Note that one could make this a read/write symfile if one specified
-+ delimiters, and the write method understood those delimiters delimited
-+ what was written to subfiles.
-+
-+ So, specifying the symfile in a manner that allows writes:
-+
-+ /etc/passwd/userlines/demidov+"(
-+ )+/etc/passwd/userlines/edward+"(
-+ )+/etc/passwd/userlines/reiser+"(
-+ )+/etc/passwd/userlines/root+"(
-+ )
-+
-+ or
-+
-+ /etc/passwd/userlines/(demidov+"(
-+ )+edward+"(
-+ )+reiser+"(
-+ )+root+"(
-+ ))
-+
-+ and the file demidov might be specified as:
-+
-+ /etc/passwd/userlines/demidov/username+"(:)+/etc/passwd/userlines/demidov/password+"(:)+/etc/passwd/userlines/demidov/userid+"(:)+/etc/passwd/userlines/demidov/groupid+"(:)+/etc/passwd/userlines/demidov/gecos+"(:)+/etc/passwd/userlines/demidov/home+"(:)+/etc/passwd/userlines/demidov/shell
-+
-+ or
-+
-+ /etc/passwd/userlines/demidov/(username+"(:)+password+"(:)+userid+"(:)+groupid+"(:)+gecos+"(:)+home+"(:)+shell)
-+
-+ Notice that if the file demidov has a carriage return in it, the
-+ parsing fails, but then if you put carriage returns in the wrong place
-+ in a normal /etc/passwd file it breaks things also.
-+
-+ Note that it is forbidden to have no text between two interpolations
-+ if one wants to be able to define what parts of a write go to what
-+ subfiles referenced in an interpolation.
-+
-+ If one wants to be able to add new lines by writing to the file, one
-+ must either write a custom plugin for /etc/passwd that knows how to
-+ name an added line, or one must use an invert, or one must use a more
-+ sophisticated symfile syntax that we are not planning to write for
-+ version 4.0.
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/file/symlink.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/file/symlink.c
-@@ -0,0 +1,92 @@
-+/* Copyright 2002, 2003, 2005 by Hans Reiser, licensing governed by reiser4/README */
-+
-+#include "../../inode.h"
-+
-+#include <linux/types.h>
-+#include <linux/fs.h>
-+
-+/* file plugin methods specific for symlink files
-+ (SYMLINK_FILE_PLUGIN_ID) */
-+
-+/* this is implementation of create_object method of file plugin for
-+ SYMLINK_FILE_PLUGIN_ID
-+ */
-+
-+/**
-+ * create_symlink - create_object of file plugin for SYMLINK_FILE_PLUGIN_ID
-+ * @symlink: inode of symlink object
-+ * @dir: inode of parent directory
-+ * @info: parameters of new object
-+ *
-+ * Inserts stat data with symlink extension where into the tree.
-+ */
-+int create_symlink(struct inode *symlink,
-+ struct inode *dir UNUSED_ARG,
-+ reiser4_object_create_data *data /* info passed to us,
-+ * this is filled by
-+ * reiser4() syscall
-+ * in particular */ )
-+{
-+ int result;
-+
-+ assert("nikita-680", symlink != NULL);
-+ assert("nikita-681", S_ISLNK(symlink->i_mode));
-+ assert("nikita-685", inode_get_flag(symlink, REISER4_NO_SD));
-+ assert("nikita-682", dir != NULL);
-+ assert("nikita-684", data != NULL);
-+ assert("nikita-686", data->id == SYMLINK_FILE_PLUGIN_ID);
-+
-+ /*
-+ * stat data of symlink has symlink extension in which we store
-+ * symlink content, that is, path symlink is pointing to.
-+ */
-+ reiser4_inode_data(symlink)->extmask |= (1 << SYMLINK_STAT);
-+
-+ assert("vs-838", symlink->u.generic_ip == NULL);
-+ symlink->u.generic_ip = (void *)data->name;
-+
-+ assert("vs-843", symlink->i_size == 0);
-+ INODE_SET_FIELD(symlink, i_size, strlen(data->name));
-+
-+ /* insert stat data appended with data->name */
-+ result = inode_file_plugin(symlink)->write_sd_by_inode(symlink);
-+ if (result) {
-+ /* FIXME-VS: Make sure that symlink->u.generic_ip is not attached
-+ to kmalloced data */
-+ INODE_SET_FIELD(symlink, i_size, 0);
-+ } else {
-+ assert("vs-849", symlink->u.generic_ip
-+ && inode_get_flag(symlink, REISER4_GENERIC_PTR_USED));
-+ assert("vs-850",
-+ !memcmp((char *)symlink->u.generic_ip, data->name,
-+ (size_t) symlink->i_size + 1));
-+ }
-+ return result;
-+}
-+
-+/* this is implementation of destroy_inode method of file plugin for
-+ SYMLINK_FILE_PLUGIN_ID
-+ */
-+void destroy_inode_symlink(struct inode *inode)
-+{
-+ assert("edward-799",
-+ inode_file_plugin(inode) ==
-+ file_plugin_by_id(SYMLINK_FILE_PLUGIN_ID));
-+ assert("edward-800", !is_bad_inode(inode) && is_inode_loaded(inode));
-+ assert("edward-801", inode_get_flag(inode, REISER4_GENERIC_PTR_USED));
-+ assert("vs-839", S_ISLNK(inode->i_mode));
-+
-+ kfree(inode->u.generic_ip);
-+ inode->u.generic_ip = NULL;
-+ inode_clr_flag(inode, REISER4_GENERIC_PTR_USED);
-+}
-+
-+/* Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/file/tail_conversion.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/file/tail_conversion.c
-@@ -0,0 +1,728 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+#include "../../inode.h"
-+#include "../../super.h"
-+#include "../../page_cache.h"
-+#include "../../carry.h"
-+#include "../../safe_link.h"
-+#include "../../vfs_ops.h"
-+
-+#include <linux/writeback.h>
-+
-+/* this file contains:
-+ tail2extent and extent2tail */
-+
-+/* exclusive access to a file is acquired when file state changes: tail2extent, empty2tail, extent2tail, etc */
-+void get_exclusive_access(unix_file_info_t * uf_info)
-+{
-+ assert("nikita-3028", schedulable());
-+ assert("nikita-3047", LOCK_CNT_NIL(inode_sem_w));
-+ assert("nikita-3048", LOCK_CNT_NIL(inode_sem_r));
-+ /*
-+ * "deadlock avoidance": sometimes we commit a transaction under
-+ * rw-semaphore on a file. Such commit can deadlock with another
-+ * thread that captured some block (hence preventing atom from being
-+ * committed) and waits on rw-semaphore.
-+ */
-+ txn_restart_current();
-+ LOCK_CNT_INC(inode_sem_w);
-+ down_write(&uf_info->latch);
-+ uf_info->exclusive_use = 1;
-+ assert("vs-1713", uf_info->ea_owner == NULL);
-+ assert("vs-1713", atomic_read(&uf_info->nr_neas) == 0);
-+ ON_DEBUG(uf_info->ea_owner = current);
-+}
-+
-+void drop_exclusive_access(unix_file_info_t * uf_info)
-+{
-+ assert("vs-1714", uf_info->ea_owner == current);
-+ assert("vs-1715", atomic_read(&uf_info->nr_neas) == 0);
-+ ON_DEBUG(uf_info->ea_owner = NULL);
-+ uf_info->exclusive_use = 0;
-+ up_write(&uf_info->latch);
-+ assert("nikita-3049", LOCK_CNT_NIL(inode_sem_r));
-+ assert("nikita-3049", LOCK_CNT_GTZ(inode_sem_w));
-+ LOCK_CNT_DEC(inode_sem_w);
-+ txn_restart_current();
-+}
-+
-+/**
-+ * nea_grabbed - do something when file semaphore is down_read-ed
-+ * @uf_info:
-+ *
-+ * This is called when nonexclisive access is obtained on file. All it does is
-+ * for debugging purposes.
-+ */
-+static void nea_grabbed(unix_file_info_t *uf_info)
-+{
-+#if REISER4_DEBUG
-+ LOCK_CNT_INC(inode_sem_r);
-+ assert("vs-1716", uf_info->ea_owner == NULL);
-+ atomic_inc(&uf_info->nr_neas);
-+ uf_info->last_reader = current;
-+#endif
-+}
-+
-+/**
-+ * get_nonexclusive_access - get nonexclusive access to a file
-+ * @uf_info: unix file specific part of inode to obtain access to
-+ *
-+ * Nonexclusive access is obtained on a file before read, write, readpage.
-+ */
-+void get_nonexclusive_access(unix_file_info_t *uf_info)
-+{
-+ assert("nikita-3029", schedulable());
-+ assert("nikita-3361", get_current_context()->trans->atom == NULL);
-+
-+ down_read(&uf_info->latch);
-+ nea_grabbed(uf_info);
-+}
-+
-+/**
-+ * try_to_get_nonexclusive_access - try to get nonexclusive access to a file
-+ * @uf_info: unix file specific part of inode to obtain access to
-+ *
-+ * Non-blocking version of nonexclusive access obtaining.
-+ */
-+int try_to_get_nonexclusive_access(unix_file_info_t *uf_info)
-+{
-+ int result;
-+
-+ result = down_read_trylock(&uf_info->latch);
-+ if (result)
-+ nea_grabbed(uf_info);
-+ return result;
-+}
-+
-+void drop_nonexclusive_access(unix_file_info_t * uf_info)
-+{
-+ assert("vs-1718", uf_info->ea_owner == NULL);
-+ assert("vs-1719", atomic_read(&uf_info->nr_neas) > 0);
-+ ON_DEBUG(atomic_dec(&uf_info->nr_neas));
-+
-+ up_read(&uf_info->latch);
-+
-+ LOCK_CNT_DEC(inode_sem_r);
-+ txn_restart_current();
-+}
-+
-+/* part of tail2extent. Cut all items covering @count bytes starting from
-+ @offset */
-+/* Audited by: green(2002.06.15) */
-+static int cut_formatting_items(struct inode *inode, loff_t offset, int count)
-+{
-+ reiser4_key from, to;
-+
-+ /* AUDIT: How about putting an assertion here, what would check
-+ all provided range is covered by tail items only? */
-+ /* key of first byte in the range to be cut */
-+ inode_file_plugin(inode)->key_by_inode(inode, offset, &from);
-+
-+ /* key of last byte in that range */
-+ to = from;
-+ set_key_offset(&to, (__u64) (offset + count - 1));
-+
-+ /* cut everything between those keys */
-+ return cut_tree(tree_by_inode(inode), &from, &to, inode, 0);
-+}
-+
-+static void release_all_pages(struct page **pages, unsigned nr_pages)
-+{
-+ unsigned i;
-+
-+ for (i = 0; i < nr_pages; i++) {
-+ if (pages[i] == NULL) {
-+ unsigned j;
-+ for (j = i + 1; j < nr_pages; j++)
-+ assert("vs-1620", pages[j] == NULL);
-+ break;
-+ }
-+ page_cache_release(pages[i]);
-+ pages[i] = NULL;
-+ }
-+}
-+
-+/* part of tail2extent. replace tail items with extent one. Content of tail
-+ items (@count bytes) being cut are copied already into
-+ pages. extent_writepage method is called to create extents corresponding to
-+ those pages */
-+static int replace(struct inode *inode, struct page **pages, unsigned nr_pages, int count)
-+{
-+ int result;
-+ unsigned i;
-+ STORE_COUNTERS;
-+
-+ if (nr_pages == 0)
-+ return 0;
-+
-+ assert("vs-596", pages[0]);
-+
-+ /* cut copied items */
-+ result =
-+ cut_formatting_items(inode,
-+ (loff_t) pages[0]->index << PAGE_CACHE_SHIFT,
-+ count);
-+ if (result)
-+ return result;
-+
-+ CHECK_COUNTERS;
-+
-+ /* put into tree replacement for just removed items: extent item, namely */
-+ for (i = 0; i < nr_pages; i++) {
-+ result = add_to_page_cache_lru(pages[i], inode->i_mapping,
-+ pages[i]->index,
-+ mapping_gfp_mask(inode->
-+ i_mapping));
-+ if (result)
-+ break;
-+ unlock_page(pages[i]);
-+ result = find_or_create_extent(pages[i]);
-+ if (result)
-+ break;
-+ SetPageUptodate(pages[i]);
-+ }
-+ return result;
-+}
-+
-+#define TAIL2EXTENT_PAGE_NUM 3 /* number of pages to fill before cutting tail
-+ * items */
-+
-+static int reserve_tail2extent_iteration(struct inode *inode)
-+{
-+ reiser4_block_nr unformatted_nodes;
-+ reiser4_tree *tree;
-+
-+ tree = tree_by_inode(inode);
-+
-+ /* number of unformatted nodes which will be created */
-+ unformatted_nodes = TAIL2EXTENT_PAGE_NUM;
-+
-+ /*
-+ * space required for one iteration of extent->tail conversion:
-+ *
-+ * 1. kill N tail items
-+ *
-+ * 2. insert TAIL2EXTENT_PAGE_NUM unformatted nodes
-+ *
-+ * 3. insert TAIL2EXTENT_PAGE_NUM (worst-case single-block
-+ * extents) extent units.
-+ *
-+ * 4. drilling to the leaf level by coord_by_key()
-+ *
-+ * 5. possible update of stat-data
-+ *
-+ */
-+ grab_space_enable();
-+ return reiser4_grab_space
-+ (2 * tree->height +
-+ TAIL2EXTENT_PAGE_NUM +
-+ TAIL2EXTENT_PAGE_NUM * estimate_one_insert_into_item(tree) +
-+ 1 + estimate_one_insert_item(tree) +
-+ inode_file_plugin(inode)->estimate.update(inode), BA_CAN_COMMIT);
-+}
-+
-+/* clear stat data's flag indicating that conversion is being converted */
-+static int complete_conversion(struct inode *inode)
-+{
-+ int result;
-+
-+ grab_space_enable();
-+ result =
-+ reiser4_grab_space(inode_file_plugin(inode)->estimate.update(inode),
-+ BA_CAN_COMMIT);
-+ if (result == 0) {
-+ inode_clr_flag(inode, REISER4_PART_MIXED);
-+ result = reiser4_update_sd(inode);
-+ }
-+ if (result)
-+ warning("vs-1696", "Failed to clear converting bit of %llu: %i",
-+ (unsigned long long)get_inode_oid(inode), result);
-+ return 0;
-+}
-+
-+/**
-+ * find_start
-+ * @inode:
-+ * @id:
-+ * @offset:
-+ *
-+ * this is used by tail2extent and extent2tail to detect where previous
-+ * uncompleted conversion stopped
-+ */
-+static int find_start(struct inode *inode, reiser4_plugin_id id, __u64 *offset)
-+{
-+ int result;
-+ lock_handle lh;
-+ coord_t coord;
-+ unix_file_info_t *ufo;
-+ int found;
-+ reiser4_key key;
-+
-+ ufo = unix_file_inode_data(inode);
-+ init_lh(&lh);
-+ result = 0;
-+ found = 0;
-+ inode_file_plugin(inode)->key_by_inode(inode, *offset, &key);
-+ do {
-+ init_lh(&lh);
-+ result = find_file_item_nohint(&coord, &lh, &key,
-+ ZNODE_READ_LOCK, inode);
-+
-+ if (result == CBK_COORD_FOUND) {
-+ if (coord.between == AT_UNIT) {
-+ /*coord_clear_iplug(&coord); */
-+ result = zload(coord.node);
-+ if (result == 0) {
-+ if (item_id_by_coord(&coord) == id)
-+ found = 1;
-+ else
-+ item_plugin_by_coord(&coord)->s.
-+ file.append_key(&coord,
-+ &key);
-+ zrelse(coord.node);
-+ }
-+ } else
-+ result = RETERR(-ENOENT);
-+ }
-+ done_lh(&lh);
-+ } while (result == 0 && !found);
-+ *offset = get_key_offset(&key);
-+ return result;
-+}
-+
-+/**
-+ * tail2extent
-+ * @uf_info:
-+ *
-+ *
-+ */
-+int tail2extent(unix_file_info_t *uf_info)
-+{
-+ int result;
-+ reiser4_key key; /* key of next byte to be moved to page */
-+ char *p_data; /* data of page */
-+ unsigned page_off = 0, /* offset within the page where to copy data */
-+ count; /* number of bytes of item which can be
-+ * copied to page */
-+ struct page *pages[TAIL2EXTENT_PAGE_NUM];
-+ struct page *page;
-+ int done; /* set to 1 when all file is read */
-+ char *item;
-+ int i;
-+ struct inode *inode;
-+ int first_iteration;
-+ int bytes;
-+ __u64 offset;
-+
-+ assert("nikita-3362", ea_obtained(uf_info));
-+ inode = unix_file_info_to_inode(uf_info);
-+ assert("nikita-3412", !IS_RDONLY(inode));
-+ assert("vs-1649", uf_info->container != UF_CONTAINER_EXTENTS);
-+ assert("", !inode_get_flag(inode, REISER4_PART_IN_CONV));
-+
-+ offset = 0;
-+ first_iteration = 1;
-+ result = 0;
-+ if (inode_get_flag(inode, REISER4_PART_MIXED)) {
-+ /*
-+ * file is marked on disk as there was a conversion which did
-+ * not complete due to either crash or some error. Find which
-+ * offset tail conversion stopped at
-+ */
-+ result = find_start(inode, FORMATTING_ID, &offset);
-+ if (result == -ENOENT) {
-+ /* no tail items found, everything is converted */
-+ uf_info->container = UF_CONTAINER_EXTENTS;
-+ complete_conversion(inode);
-+ return 0;
-+ } else if (result != 0)
-+ /* some other error */
-+ return result;
-+ first_iteration = 0;
-+ }
-+
-+ inode_set_flag(inode, REISER4_PART_IN_CONV);
-+
-+ /* get key of first byte of a file */
-+ inode_file_plugin(inode)->key_by_inode(inode, offset, &key);
-+
-+ done = 0;
-+ while (done == 0) {
-+ memset(pages, 0, sizeof(pages));
-+ result = reserve_tail2extent_iteration(inode);
-+ if (result != 0)
-+ goto out;
-+ if (first_iteration) {
-+ inode_set_flag(inode, REISER4_PART_MIXED);
-+ reiser4_update_sd(inode);
-+ first_iteration = 0;
-+ }
-+ bytes = 0;
-+ for (i = 0; i < sizeof_array(pages) && done == 0; i++) {
-+ assert("vs-598",
-+ (get_key_offset(&key) & ~PAGE_CACHE_MASK) == 0);
-+ page = alloc_page(get_gfp_mask());
-+ if (!page) {
-+ result = RETERR(-ENOMEM);
-+ goto error;
-+ }
-+
-+ page->index =
-+ (unsigned long)(get_key_offset(&key) >>
-+ PAGE_CACHE_SHIFT);
-+ /*
-+ * usually when one is going to longterm lock znode (as
-+ * find_file_item does, for instance) he must not hold
-+ * locked pages. However, there is an exception for
-+ * case tail2extent. Pages appearing here are not
-+ * reachable to everyone else, they are clean, they do
-+ * not have jnodes attached so keeping them locked do
-+ * not risk deadlock appearance
-+ */
-+ assert("vs-983", !PagePrivate(page));
-+ reiser4_invalidate_pages(inode->i_mapping, page->index,
-+ 1, 0);
-+
-+ for (page_off = 0; page_off < PAGE_CACHE_SIZE;) {
-+ coord_t coord;
-+ lock_handle lh;
-+
-+ /* get next item */
-+ /* FIXME: we might want to readahead here */
-+ init_lh(&lh);
-+ result =
-+ find_file_item_nohint(&coord, &lh, &key,
-+ ZNODE_READ_LOCK,
-+ inode);
-+ if (result != CBK_COORD_FOUND) {
-+ /*
-+ * error happened of not items of file
-+ * were found
-+ */
-+ done_lh(&lh);
-+ page_cache_release(page);
-+ goto error;
-+ }
-+
-+ if (coord.between == AFTER_UNIT) {
-+ /*
-+ * end of file is reached. Padd page
-+ * with zeros
-+ */
-+ done_lh(&lh);
-+ done = 1;
-+ p_data = kmap_atomic(page, KM_USER0);
-+ memset(p_data + page_off, 0,
-+ PAGE_CACHE_SIZE - page_off);
-+ kunmap_atomic(p_data, KM_USER0);
-+ break;
-+ }
-+
-+ result = zload(coord.node);
-+ if (result) {
-+ page_cache_release(page);
-+ done_lh(&lh);
-+ goto error;
-+ }
-+ assert("vs-856", coord.between == AT_UNIT);
-+ item = ((char *)item_body_by_coord(&coord)) +
-+ coord.unit_pos;
-+
-+ /* how many bytes to copy */
-+ count =
-+ item_length_by_coord(&coord) -
-+ coord.unit_pos;
-+ /* limit length of copy to end of page */
-+ if (count > PAGE_CACHE_SIZE - page_off)
-+ count = PAGE_CACHE_SIZE - page_off;
-+
-+ /*
-+ * copy item (as much as will fit starting from
-+ * the beginning of the item) into the page
-+ */
-+ p_data = kmap_atomic(page, KM_USER0);
-+ memcpy(p_data + page_off, item, count);
-+ kunmap_atomic(p_data, KM_USER0);
-+
-+ page_off += count;
-+ bytes += count;
-+ set_key_offset(&key,
-+ get_key_offset(&key) + count);
-+
-+ zrelse(coord.node);
-+ done_lh(&lh);
-+ } /* end of loop which fills one page by content of
-+ * formatting items */
-+
-+ if (page_off) {
-+ /* something was copied into page */
-+ pages[i] = page;
-+ } else {
-+ page_cache_release(page);
-+ assert("vs-1648", done == 1);
-+ break;
-+ }
-+ } /* end of loop through pages of one conversion iteration */
-+
-+ if (i > 0) {
-+ result = replace(inode, pages, i, bytes);
-+ release_all_pages(pages, sizeof_array(pages));
-+ if (result)
-+ goto error;
-+ /*
-+ * we have to drop exclusive access to avoid deadlock
-+ * which may happen because called by
-+ * reiser4_writepages capture_unix_file requires to get
-+ * non-exclusive access to a file. It is safe to drop
-+ * EA in the middle of tail2extent conversion because
-+ * write_unix_file/unix_setattr(truncate)/release_unix_file(extent2tail)
-+ * are serialized by uf_info->write semaphore and
-+ * because read_unix_file works (should at least) on
-+ * partially converted files
-+ */
-+ drop_exclusive_access(uf_info);
-+ /* throttle the conversion */
-+ reiser4_throttle_write(inode);
-+ get_exclusive_access(uf_info);
-+
-+ /*
-+ * nobody is allowed to complete conversion but a
-+ * process which started it
-+ */
-+ assert("", inode_get_flag(inode, REISER4_PART_MIXED));
-+ }
-+ }
-+
-+ inode_clr_flag(inode, REISER4_PART_IN_CONV);
-+
-+ if (result == 0) {
-+ /* file is converted to extent items */
-+ assert("vs-1697", inode_get_flag(inode, REISER4_PART_MIXED));
-+
-+ uf_info->container = UF_CONTAINER_EXTENTS;
-+ complete_conversion(inode);
-+ } else {
-+ /*
-+ * conversion is not complete. Inode was already marked as
-+ * REISER4_PART_CONV and stat-data were updated at the first
-+ * iteration of the loop above.
-+ */
-+ error:
-+ release_all_pages(pages, sizeof_array(pages));
-+ warning("nikita-2282", "Partial conversion of %llu: %i",
-+ (unsigned long long)get_inode_oid(inode), result);
-+ }
-+
-+ out:
-+ return result;
-+}
-+
-+static int reserve_extent2tail_iteration(struct inode *inode)
-+{
-+ reiser4_tree *tree;
-+
-+ tree = tree_by_inode(inode);
-+ /*
-+ * reserve blocks for (in this order):
-+ *
-+ * 1. removal of extent item
-+ *
-+ * 2. insertion of tail by insert_flow()
-+ *
-+ * 3. drilling to the leaf level by coord_by_key()
-+ *
-+ * 4. possible update of stat-data
-+ */
-+ grab_space_enable();
-+ return reiser4_grab_space
-+ (estimate_one_item_removal(tree) +
-+ estimate_insert_flow(tree->height) +
-+ 1 + estimate_one_insert_item(tree) +
-+ inode_file_plugin(inode)->estimate.update(inode), BA_CAN_COMMIT);
-+}
-+
-+static int filler(void *vp, struct page *page)
-+{
-+ return readpage_unix_file_nolock(vp, page);
-+}
-+
-+/* for every page of file: read page, cut part of extent pointing to this page,
-+ put data of page tree by tail item */
-+int extent2tail(unix_file_info_t *uf_info)
-+{
-+ int result;
-+ struct inode *inode;
-+ struct page *page;
-+ unsigned long num_pages, i;
-+ unsigned long start_page;
-+ reiser4_key from;
-+ reiser4_key to;
-+ unsigned count;
-+ __u64 offset;
-+
-+ assert("nikita-3362", ea_obtained(uf_info));
-+ inode = unix_file_info_to_inode(uf_info);
-+ assert("nikita-3412", !IS_RDONLY(inode));
-+ assert("vs-1649", uf_info->container != UF_CONTAINER_TAILS);
-+ assert("", !inode_get_flag(inode, REISER4_PART_IN_CONV));
-+
-+ offset = 0;
-+ if (inode_get_flag(inode, REISER4_PART_MIXED)) {
-+ /*
-+ * file is marked on disk as there was a conversion which did
-+ * not complete due to either crash or some error. Find which
-+ * offset tail conversion stopped at
-+ */
-+ result = find_start(inode, EXTENT_POINTER_ID, &offset);
-+ if (result == -ENOENT) {
-+ /* no extent found, everything is converted */
-+ uf_info->container = UF_CONTAINER_TAILS;
-+ complete_conversion(inode);
-+ return 0;
-+ } else if (result != 0)
-+ /* some other error */
-+ return result;
-+ }
-+
-+ inode_set_flag(inode, REISER4_PART_IN_CONV);
-+
-+ /* number of pages in the file */
-+ num_pages =
-+ (inode->i_size + - offset + PAGE_CACHE_SIZE - 1) >> PAGE_CACHE_SHIFT;
-+ start_page = offset >> PAGE_CACHE_SHIFT;
-+
-+ inode_file_plugin(inode)->key_by_inode(inode, offset, &from);
-+ to = from;
-+
-+ result = 0;
-+ for (i = 0; i < num_pages; i++) {
-+ __u64 start_byte;
-+
-+ result = reserve_extent2tail_iteration(inode);
-+ if (result != 0)
-+ break;
-+ if (i == 0 && offset == 0) {
-+ inode_set_flag(inode, REISER4_PART_MIXED);
-+ reiser4_update_sd(inode);
-+ }
-+
-+ page = read_cache_page(inode->i_mapping,
-+ (unsigned)(i + start_page), filler, NULL);
-+ if (IS_ERR(page)) {
-+ result = PTR_ERR(page);
-+ break;
-+ }
-+
-+ wait_on_page_locked(page);
-+
-+ if (!PageUptodate(page)) {
-+ page_cache_release(page);
-+ result = RETERR(-EIO);
-+ break;
-+ }
-+
-+ /* cut part of file we have read */
-+ start_byte = (__u64) (i << PAGE_CACHE_SHIFT);
-+ set_key_offset(&from, start_byte);
-+ set_key_offset(&to, start_byte + PAGE_CACHE_SIZE - 1);
-+ /*
-+ * cut_tree_object() returns -E_REPEAT to allow atom
-+ * commits during over-long truncates. But
-+ * extent->tail conversion should be performed in one
-+ * transaction.
-+ */
-+ result = cut_tree(tree_by_inode(inode), &from, &to, inode, 0);
-+
-+ if (result) {
-+ page_cache_release(page);
-+ break;
-+ }
-+
-+ /* put page data into tree via tail_write */
-+ count = PAGE_CACHE_SIZE;
-+ if ((i == (num_pages - 1)) &&
-+ (inode->i_size & ~PAGE_CACHE_MASK))
-+ /* last page can be incompleted */
-+ count = (inode->i_size & ~PAGE_CACHE_MASK);
-+ while (count) {
-+ struct dentry dentry;
-+ struct file file;
-+ loff_t pos;
-+
-+ dentry.d_inode = inode;
-+ file.f_dentry = &dentry;
-+ file.private_data = NULL;
-+ file.f_pos = start_byte;
-+ file.private_data = NULL;
-+ pos = start_byte;
-+ result = write_tail(&file, (char __user *)kmap(page),
-+ count, &pos);
-+ reiser4_free_file_fsdata(&file);
-+ if (result <= 0) {
-+ warning("", "write_tail failed");
-+ page_cache_release(page);
-+ inode_clr_flag(inode, REISER4_PART_IN_CONV);
-+ return result;
-+ }
-+ count -= result;
-+ }
-+
-+ /* release page */
-+ lock_page(page);
-+ /* page is already detached from jnode and mapping. */
-+ assert("vs-1086", page->mapping == NULL);
-+ assert("nikita-2690",
-+ (!PagePrivate(page) && jprivate(page) == 0));
-+ /* waiting for writeback completion with page lock held is
-+ * perfectly valid. */
-+ wait_on_page_writeback(page);
-+ drop_page(page);
-+ /* release reference taken by read_cache_page() above */
-+ page_cache_release(page);
-+
-+ drop_exclusive_access(uf_info);
-+ /* throttle the conversion */
-+ reiser4_throttle_write(inode);
-+ get_exclusive_access(uf_info);
-+ /*
-+ * nobody is allowed to complete conversion but a process which
-+ * started it
-+ */
-+ assert("", inode_get_flag(inode, REISER4_PART_MIXED));
-+ }
-+
-+ inode_clr_flag(inode, REISER4_PART_IN_CONV);
-+
-+ if (i == num_pages) {
-+ /* file is converted to formatted items */
-+ assert("vs-1698", inode_get_flag(inode, REISER4_PART_MIXED));
-+ assert("vs-1260",
-+ inode_has_no_jnodes(reiser4_inode_data(inode)));
-+
-+ uf_info->container = UF_CONTAINER_TAILS;
-+ complete_conversion(inode);
-+ return 0;
-+ }
-+ /*
-+ * conversion is not complete. Inode was already marked as
-+ * REISER4_PART_MIXED and stat-data were updated at the first *
-+ * iteration of the loop above.
-+ */
-+ warning("nikita-2282",
-+ "Partial conversion of %llu: %lu of %lu: %i",
-+ (unsigned long long)get_inode_oid(inode), i,
-+ num_pages, result);
-+
-+ return result;
-+}
-+
-+/*
-+ * Local variables:
-+ * c-indentation-style: "K&R"
-+ * mode-name: "LC"
-+ * c-basic-offset: 8
-+ * tab-width: 8
-+ * fill-column: 79
-+ * scroll-step: 1
-+ * End:
-+ */
-Index: linux-2.6.16/fs/reiser4/plugin/file_ops.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/file_ops.c
-@@ -0,0 +1,167 @@
-+/* Copyright 2005 by Hans Reiser, licensing governed by
-+ reiser4/README */
-+
-+/* this file contains typical implementations for some of methods of
-+ struct file_operations and of struct address_space_operations
-+*/
-+
-+#include "../inode.h"
-+#include "object.h"
-+
-+/* file operations */
-+
-+/* implementation of vfs's llseek method of struct file_operations for
-+ typical directory can be found in readdir_common.c
-+*/
-+loff_t llseek_common_dir(struct file *, loff_t, int origin);
-+
-+/* implementation of vfs's readdir method of struct file_operations for
-+ typical directory can be found in readdir_common.c
-+*/
-+int readdir_common(struct file *, void *dirent, filldir_t);
-+
-+/**
-+ * release_dir_common - release of struct file_operations
-+ * @inode: inode of released file
-+ * @file: file to release
-+ *
-+ * Implementation of release method of struct file_operations for typical
-+ * directory. All it does is freeing of reiser4 specific file data.
-+*/
-+int release_dir_common(struct inode *inode, struct file *file)
-+{
-+ reiser4_context *ctx;
-+
-+ ctx = init_context(inode->i_sb);
-+ if (IS_ERR(ctx))
-+ return PTR_ERR(ctx);
-+ reiser4_free_file_fsdata(file);
-+ reiser4_exit_context(ctx);
-+ return 0;
-+}
-+
-+/* this is common implementation of vfs's fsync method of struct
-+ file_operations
-+*/
-+int sync_common(struct file *file, struct dentry *dentry, int datasync)
-+{
-+ reiser4_context *ctx;
-+ int result;
-+
-+ ctx = init_context(dentry->d_inode->i_sb);
-+ if (IS_ERR(ctx))
-+ return PTR_ERR(ctx);
-+ result = txnmgr_force_commit_all(dentry->d_inode->i_sb, 0);
-+
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+ return result;
-+}
-+
-+/* this is common implementation of vfs's sendfile method of struct
-+ file_operations
-+
-+ Reads @count bytes from @file and calls @actor for every page read. This is
-+ needed for loop back devices support.
-+*/
-+#if 0
-+ssize_t
-+sendfile_common(struct file *file, loff_t *ppos, size_t count,
-+ read_actor_t actor, void *target)
-+{
-+ reiser4_context *ctx;
-+ ssize_t result;
-+
-+ ctx = init_context(file->f_dentry->d_inode->i_sb);
-+ if (IS_ERR(ctx))
-+ return PTR_ERR(ctx);
-+ result = generic_file_sendfile(file, ppos, count, actor, target);
-+ reiser4_exit_context(ctx);
-+ return result;
-+}
-+#endif /* 0 */
-+
-+/* address space operations */
-+
-+/* this is common implementation of vfs's prepare_write method of struct
-+ address_space_operations
-+*/
-+int
-+prepare_write_common(struct file *file, struct page *page, unsigned from,
-+ unsigned to)
-+{
-+ reiser4_context *ctx;
-+ int result;
-+
-+ ctx = init_context(page->mapping->host->i_sb);
-+ result = do_prepare_write(file, page, from, to);
-+
-+ /* don't commit transaction under inode semaphore */
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+
-+ return result;
-+}
-+
-+/* this is helper for prepare_write_common and prepare_write_unix_file
-+ */
-+int
-+do_prepare_write(struct file *file, struct page *page, unsigned from,
-+ unsigned to)
-+{
-+ int result;
-+ file_plugin *fplug;
-+ struct inode *inode;
-+
-+ assert("umka-3099", file != NULL);
-+ assert("umka-3100", page != NULL);
-+ assert("umka-3095", PageLocked(page));
-+
-+ if (to - from == PAGE_CACHE_SIZE || PageUptodate(page))
-+ return 0;
-+
-+ inode = page->mapping->host;
-+ fplug = inode_file_plugin(inode);
-+
-+ if (page->mapping->a_ops->readpage == NULL)
-+ return RETERR(-EINVAL);
-+
-+ result = page->mapping->a_ops->readpage(file, page);
-+ if (result != 0) {
-+ SetPageError(page);
-+ ClearPageUptodate(page);
-+ /* All reiser4 readpage() implementations should return the
-+ * page locked in case of error. */
-+ assert("nikita-3472", PageLocked(page));
-+ } else {
-+ /*
-+ * ->readpage() either:
-+ *
-+ * 1. starts IO against @page. @page is locked for IO in
-+ * this case.
-+ *
-+ * 2. doesn't start IO. @page is unlocked.
-+ *
-+ * In either case, page should be locked.
-+ */
-+ lock_page(page);
-+ /*
-+ * IO (if any) is completed at this point. Check for IO
-+ * errors.
-+ */
-+ if (!PageUptodate(page))
-+ result = RETERR(-EIO);
-+ }
-+ assert("umka-3098", PageLocked(page));
-+ return result;
-+}
-+
-+/*
-+ * Local variables:
-+ * c-indentation-style: "K&R"
-+ * mode-name: "LC"
-+ * c-basic-offset: 8
-+ * tab-width: 8
-+ * fill-column: 79
-+ * End:
-+ */
-Index: linux-2.6.16/fs/reiser4/plugin/file_ops_readdir.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/file_ops_readdir.c
-@@ -0,0 +1,654 @@
-+/* Copyright 2005 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+#include "../inode.h"
-+
-+/* return true, iff @coord points to the valid directory item that is part of
-+ * @inode directory. */
-+static int is_valid_dir_coord(struct inode *inode, coord_t * coord)
-+{
-+ return
-+ item_type_by_coord(coord) == DIR_ENTRY_ITEM_TYPE &&
-+ inode_file_plugin(inode)->owns_item(inode, coord);
-+}
-+
-+/* compare two logical positions within the same directory */
-+static cmp_t dir_pos_cmp(const dir_pos * p1, const dir_pos * p2)
-+{
-+ cmp_t result;
-+
-+ assert("nikita-2534", p1 != NULL);
-+ assert("nikita-2535", p2 != NULL);
-+
-+ result = de_id_cmp(&p1->dir_entry_key, &p2->dir_entry_key);
-+ if (result == EQUAL_TO) {
-+ int diff;
-+
-+ diff = p1->pos - p2->pos;
-+ result =
-+ (diff < 0) ? LESS_THAN : (diff ? GREATER_THAN : EQUAL_TO);
-+ }
-+ return result;
-+}
-+
-+
-+/* see comment before readdir_common() for overview of why "adjustment" is
-+ * necessary. */
-+static void
-+adjust_dir_pos(struct file *dir,
-+ readdir_pos * readdir_spot, const dir_pos * mod_point, int adj)
-+{
-+ dir_pos *pos;
-+
-+ /*
-+ * new directory entry was added (adj == +1) or removed (adj == -1) at
-+ * the @mod_point. Directory file descriptor @dir is doing readdir and
-+ * is currently positioned at @readdir_spot. Latter has to be updated
-+ * to maintain stable readdir.
-+ */
-+ /* directory is positioned to the beginning. */
-+ if (readdir_spot->entry_no == 0)
-+ return;
-+
-+ pos = &readdir_spot->position;
-+ switch (dir_pos_cmp(mod_point, pos)) {
-+ case LESS_THAN:
-+ /* @mod_pos is _before_ @readdir_spot, that is, entry was
-+ * added/removed on the left (in key order) of current
-+ * position. */
-+ /* logical number of directory entry readdir is "looking" at
-+ * changes */
-+ readdir_spot->entry_no += adj;
-+ assert("nikita-2577",
-+ ergo(dir != NULL, get_dir_fpos(dir) + adj >= 0));
-+ if (de_id_cmp(&pos->dir_entry_key,
-+ &mod_point->dir_entry_key) == EQUAL_TO) {
-+ assert("nikita-2575", mod_point->pos < pos->pos);
-+ /*
-+ * if entry added/removed has the same key as current
-+ * for readdir, update counter of duplicate keys in
-+ * @readdir_spot.
-+ */
-+ pos->pos += adj;
-+ }
-+ break;
-+ case GREATER_THAN:
-+ /* directory is modified after @pos: nothing to do. */
-+ break;
-+ case EQUAL_TO:
-+ /* cannot insert an entry readdir is looking at, because it
-+ already exists. */
-+ assert("nikita-2576", adj < 0);
-+ /* directory entry to which @pos points to is being
-+ removed.
-+
-+ NOTE-NIKITA: Right thing to do is to update @pos to point
-+ to the next entry. This is complex (we are under spin-lock
-+ for one thing). Just rewind it to the beginning. Next
-+ readdir will have to scan the beginning of
-+ directory. Proper solution is to use semaphore in
-+ spin lock's stead and use rewind_right() here.
-+
-+ NOTE-NIKITA: now, semaphore is used, so...
-+ */
-+ memset(readdir_spot, 0, sizeof *readdir_spot);
-+ }
-+}
-+
-+/* scan all file-descriptors for this directory and adjust their
-+ positions respectively. Should be used by implementations of
-+ add_entry and rem_entry of dir plugin */
-+void
-+adjust_dir_file(struct inode *dir, const struct dentry *de, int offset, int adj)
-+{
-+ reiser4_file_fsdata *scan;
-+ dir_pos mod_point;
-+
-+ assert("nikita-2536", dir != NULL);
-+ assert("nikita-2538", de != NULL);
-+ assert("nikita-2539", adj != 0);
-+
-+ build_de_id(dir, &de->d_name, &mod_point.dir_entry_key);
-+ mod_point.pos = offset;
-+
-+ spin_lock_inode(dir);
-+
-+ /*
-+ * new entry was added/removed in directory @dir. Scan all file
-+ * descriptors for @dir that are currently involved into @readdir and
-+ * update them.
-+ */
-+
-+ list_for_each_entry(scan, get_readdir_list(dir), dir.linkage)
-+ adjust_dir_pos(scan->back, &scan->dir.readdir, &mod_point, adj);
-+
-+ spin_unlock_inode(dir);
-+}
-+
-+/*
-+ * traverse tree to start/continue readdir from the readdir position @pos.
-+ */
-+static int dir_go_to(struct file *dir, readdir_pos * pos, tap_t * tap)
-+{
-+ reiser4_key key;
-+ int result;
-+ struct inode *inode;
-+
-+ assert("nikita-2554", pos != NULL);
-+
-+ inode = dir->f_dentry->d_inode;
-+ result = inode_dir_plugin(inode)->build_readdir_key(dir, &key);
-+ if (result != 0)
-+ return result;
-+ result = object_lookup(inode,
-+ &key,
-+ tap->coord,
-+ tap->lh,
-+ tap->mode,
-+ FIND_EXACT,
-+ LEAF_LEVEL, LEAF_LEVEL, 0, &tap->ra_info);
-+ if (result == CBK_COORD_FOUND)
-+ result = rewind_right(tap, (int)pos->position.pos);
-+ else {
-+ tap->coord->node = NULL;
-+ done_lh(tap->lh);
-+ result = RETERR(-EIO);
-+ }
-+ return result;
-+}
-+
-+/*
-+ * handling of non-unique keys: calculate at what ordinal position within
-+ * sequence of directory items with identical keys @pos is.
-+ */
-+static int set_pos(struct inode *inode, readdir_pos * pos, tap_t * tap)
-+{
-+ int result;
-+ coord_t coord;
-+ lock_handle lh;
-+ tap_t scan;
-+ de_id *did;
-+ reiser4_key de_key;
-+
-+ coord_init_zero(&coord);
-+ init_lh(&lh);
-+ tap_init(&scan, &coord, &lh, ZNODE_READ_LOCK);
-+ tap_copy(&scan, tap);
-+ tap_load(&scan);
-+ pos->position.pos = 0;
-+
-+ did = &pos->position.dir_entry_key;
-+
-+ if (is_valid_dir_coord(inode, scan.coord)) {
-+
-+ build_de_id_by_key(unit_key_by_coord(scan.coord, &de_key), did);
-+
-+ while (1) {
-+
-+ result = go_prev_unit(&scan);
-+ if (result != 0)
-+ break;
-+
-+ if (!is_valid_dir_coord(inode, scan.coord)) {
-+ result = -EINVAL;
-+ break;
-+ }
-+
-+ /* get key of directory entry */
-+ unit_key_by_coord(scan.coord, &de_key);
-+ if (de_id_key_cmp(did, &de_key) != EQUAL_TO) {
-+ /* duplicate-sequence is over */
-+ break;
-+ }
-+ pos->position.pos++;
-+ }
-+ } else
-+ result = RETERR(-ENOENT);
-+ tap_relse(&scan);
-+ tap_done(&scan);
-+ return result;
-+}
-+
-+/*
-+ * "rewind" directory to @offset, i.e., set @pos and @tap correspondingly.
-+ */
-+static int dir_rewind(struct file *dir, readdir_pos * pos, tap_t * tap)
-+{
-+ __u64 destination;
-+ __s64 shift;
-+ int result;
-+ struct inode *inode;
-+ loff_t dirpos;
-+
-+ assert("nikita-2553", dir != NULL);
-+ assert("nikita-2548", pos != NULL);
-+ assert("nikita-2551", tap->coord != NULL);
-+ assert("nikita-2552", tap->lh != NULL);
-+
-+ dirpos = get_dir_fpos(dir);
-+ shift = dirpos - pos->fpos;
-+ /* this is logical directory entry within @dir which we are rewinding
-+ * to */
-+ destination = pos->entry_no + shift;
-+
-+ inode = dir->f_dentry->d_inode;
-+ if (dirpos < 0)
-+ return RETERR(-EINVAL);
-+ else if (destination == 0ll || dirpos == 0) {
-+ /* rewind to the beginning of directory */
-+ memset(pos, 0, sizeof *pos);
-+ return dir_go_to(dir, pos, tap);
-+ } else if (destination >= inode->i_size)
-+ return RETERR(-ENOENT);
-+
-+ if (shift < 0) {
-+ /* I am afraid of negative numbers */
-+ shift = -shift;
-+ /* rewinding to the left */
-+ if (shift <= (int)pos->position.pos) {
-+ /* destination is within sequence of entries with
-+ duplicate keys. */
-+ result = dir_go_to(dir, pos, tap);
-+ } else {
-+ shift -= pos->position.pos;
-+ while (1) {
-+ /* repetitions: deadlock is possible when
-+ going to the left. */
-+ result = dir_go_to(dir, pos, tap);
-+ if (result == 0) {
-+ result = rewind_left(tap, shift);
-+ if (result == -E_DEADLOCK) {
-+ tap_done(tap);
-+ continue;
-+ }
-+ }
-+ break;
-+ }
-+ }
-+ } else {
-+ /* rewinding to the right */
-+ result = dir_go_to(dir, pos, tap);
-+ if (result == 0)
-+ result = rewind_right(tap, shift);
-+ }
-+ if (result == 0) {
-+ result = set_pos(inode, pos, tap);
-+ if (result == 0) {
-+ /* update pos->position.pos */
-+ pos->entry_no = destination;
-+ pos->fpos = dirpos;
-+ }
-+ }
-+ return result;
-+}
-+
-+/*
-+ * Function that is called by common_readdir() on each directory entry while
-+ * doing readdir. ->filldir callback may block, so we had to release long term
-+ * lock while calling it. To avoid repeating tree traversal, seal is used. If
-+ * seal is broken, we return -E_REPEAT. Node is unlocked in this case.
-+ *
-+ * Whether node is unlocked in case of any other error is undefined. It is
-+ * guaranteed to be still locked if success (0) is returned.
-+ *
-+ * When ->filldir() wants no more, feed_entry() returns 1, and node is
-+ * unlocked.
-+ */
-+static int
-+feed_entry(struct file *f,
-+ readdir_pos * pos, tap_t * tap, filldir_t filldir, void *dirent)
-+{
-+ item_plugin *iplug;
-+ char *name;
-+ reiser4_key sd_key;
-+ int result;
-+ char buf[DE_NAME_BUF_LEN];
-+ char name_buf[32];
-+ char *local_name;
-+ unsigned file_type;
-+ seal_t seal;
-+ coord_t *coord;
-+ reiser4_key entry_key;
-+
-+ coord = tap->coord;
-+ iplug = item_plugin_by_coord(coord);
-+
-+ /* pointer to name within the node */
-+ name = iplug->s.dir.extract_name(coord, buf);
-+ assert("nikita-1371", name != NULL);
-+
-+ /* key of object the entry points to */
-+ if (iplug->s.dir.extract_key(coord, &sd_key) != 0)
-+ return RETERR(-EIO);
-+
-+ /* we must release longterm znode lock before calling filldir to avoid
-+ deadlock which may happen if filldir causes page fault. So, copy
-+ name to intermediate buffer */
-+ if (strlen(name) + 1 > sizeof(name_buf)) {
-+ local_name = kmalloc(strlen(name) + 1, get_gfp_mask());
-+ if (local_name == NULL)
-+ return RETERR(-ENOMEM);
-+ } else
-+ local_name = name_buf;
-+
-+ strcpy(local_name, name);
-+ file_type = iplug->s.dir.extract_file_type(coord);
-+
-+ unit_key_by_coord(coord, &entry_key);
-+ seal_init(&seal, coord, &entry_key);
-+
-+ longterm_unlock_znode(tap->lh);
-+
-+ /*
-+ * send information about directory entry to the ->filldir() filler
-+ * supplied to us by caller (VFS).
-+ *
-+ * ->filldir is entitled to do weird things. For example, ->filldir
-+ * supplied by knfsd re-enters file system. Make sure no locks are
-+ * held.
-+ */
-+ assert("nikita-3436", lock_stack_isclean(get_current_lock_stack()));
-+
-+ result = filldir(dirent, name, (int)strlen(name),
-+ /* offset of this entry */
-+ f->f_pos,
-+ /* inode number of object bounden by this entry */
-+ oid_to_uino(get_key_objectid(&sd_key)), file_type);
-+ if (local_name != name_buf)
-+ kfree(local_name);
-+ if (result < 0)
-+ /* ->filldir() is satisfied. (no space in buffer, IOW) */
-+ result = 1;
-+ else
-+ result = seal_validate(&seal, coord, &entry_key,
-+ tap->lh, tap->mode, ZNODE_LOCK_HIPRI);
-+ return result;
-+}
-+
-+static void move_entry(readdir_pos * pos, coord_t * coord)
-+{
-+ reiser4_key de_key;
-+ de_id *did;
-+
-+ /* update @pos */
-+ ++pos->entry_no;
-+ did = &pos->position.dir_entry_key;
-+
-+ /* get key of directory entry */
-+ unit_key_by_coord(coord, &de_key);
-+
-+ if (de_id_key_cmp(did, &de_key) == EQUAL_TO)
-+ /* we are within sequence of directory entries
-+ with duplicate keys. */
-+ ++pos->position.pos;
-+ else {
-+ pos->position.pos = 0;
-+ build_de_id_by_key(&de_key, did);
-+ }
-+ ++pos->fpos;
-+}
-+
-+/*
-+ * STATELESS READDIR
-+ *
-+ * readdir support in reiser4 relies on ability to update readdir_pos embedded
-+ * into reiser4_file_fsdata on each directory modification (name insertion and
-+ * removal), see readdir_common() function below. This obviously doesn't work
-+ * when reiser4 is accessed over NFS, because NFS doesn't keep any state
-+ * across client READDIR requests for the same directory.
-+ *
-+ * To address this we maintain a "pool" of detached reiser4_file_fsdata
-+ * (d_cursor). Whenever NFS readdir request comes, we detect this, and try to
-+ * find detached reiser4_file_fsdata corresponding to previous readdir
-+ * request. In other words, additional state is maintained on the
-+ * server. (This is somewhat contrary to the design goals of NFS protocol.)
-+ *
-+ * To efficiently detect when our ->readdir() method is called by NFS server,
-+ * dentry is marked as "stateless" in reiser4_decode_fh() (this is checked by
-+ * file_is_stateless() function).
-+ *
-+ * To find out d_cursor in the pool, we encode client id (cid) in the highest
-+ * bits of NFS readdir cookie: when first readdir request comes to the given
-+ * directory from the given client, cookie is set to 0. This situation is
-+ * detected, global cid_counter is incremented, and stored in highest bits of
-+ * all direntry offsets returned to the client, including last one. As the
-+ * only valid readdir cookie is one obtained as direntry->offset, we are
-+ * guaranteed that next readdir request (continuing current one) will have
-+ * current cid in the highest bits of starting readdir cookie. All d_cursors
-+ * are hashed into per-super-block hash table by (oid, cid) key.
-+ *
-+ * In addition d_cursors are placed into per-super-block radix tree where they
-+ * are keyed by oid alone. This is necessary to efficiently remove them during
-+ * rmdir.
-+ *
-+ * At last, currently unused d_cursors are linked into special list. This list
-+ * is used d_cursor_shrink to reclaim d_cursors on memory pressure.
-+ *
-+ */
-+
-+
-+/*
-+ * prepare for readdir.
-+ */
-+static int dir_readdir_init(struct file *f, tap_t * tap, readdir_pos ** pos)
-+{
-+ struct inode *inode;
-+ reiser4_file_fsdata *fsdata;
-+ int result;
-+
-+ assert("nikita-1359", f != NULL);
-+ inode = f->f_dentry->d_inode;
-+ assert("nikita-1360", inode != NULL);
-+
-+ if (!S_ISDIR(inode->i_mode))
-+ return RETERR(-ENOTDIR);
-+
-+ /* try to find detached readdir state */
-+ result = try_to_attach_fsdata(f, inode);
-+ if (result != 0)
-+ return result;
-+
-+ fsdata = reiser4_get_file_fsdata(f);
-+ assert("nikita-2571", fsdata != NULL);
-+ if (IS_ERR(fsdata))
-+ return PTR_ERR(fsdata);
-+
-+ /* add file descriptor to the readdir list hanging of directory
-+ * inode. This list is used to scan "readdirs-in-progress" while
-+ * inserting or removing names in the directory. */
-+ spin_lock_inode(inode);
-+ if (list_empty_careful(&fsdata->dir.linkage))
-+ list_add(&fsdata->dir.linkage, get_readdir_list(inode));
-+ *pos = &fsdata->dir.readdir;
-+ spin_unlock_inode(inode);
-+
-+ /* move @tap to the current position */
-+ return dir_rewind(f, *pos, tap);
-+}
-+
-+/* this is implementation of vfs's llseek method of struct file_operations for
-+ typical directory
-+ See comment before readdir_common() for explanation.
-+*/
-+loff_t llseek_common_dir(struct file * file, loff_t off, int origin)
-+{
-+ reiser4_context *ctx;
-+ loff_t result;
-+ struct inode *inode;
-+
-+ inode = file->f_dentry->d_inode;
-+
-+ ctx = init_context(inode->i_sb);
-+ if (IS_ERR(ctx))
-+ return PTR_ERR(ctx);
-+
-+ mutex_lock(&inode->i_mutex);
-+
-+ /* update ->f_pos */
-+ result = default_llseek(file, off, origin);
-+ if (result >= 0) {
-+ int ff;
-+ coord_t coord;
-+ lock_handle lh;
-+ tap_t tap;
-+ readdir_pos *pos;
-+
-+ coord_init_zero(&coord);
-+ init_lh(&lh);
-+ tap_init(&tap, &coord, &lh, ZNODE_READ_LOCK);
-+
-+ ff = dir_readdir_init(file, &tap, &pos);
-+ detach_fsdata(file);
-+ if (ff != 0)
-+ result = (loff_t) ff;
-+ tap_done(&tap);
-+ }
-+ detach_fsdata(file);
-+ mutex_unlock(&inode->i_mutex);
-+
-+ reiser4_exit_context(ctx);
-+ return result;
-+}
-+
-+/* this is common implementation of vfs's readdir method of struct
-+ file_operations
-+
-+ readdir problems:
-+
-+ readdir(2)/getdents(2) interface is based on implicit assumption that
-+ readdir can be restarted from any particular point by supplying file system
-+ with off_t-full of data. That is, file system fills ->d_off field in struct
-+ dirent and later user passes ->d_off to the seekdir(3), which is, actually,
-+ implemented by glibc as lseek(2) on directory.
-+
-+ Reiser4 cannot restart readdir from 64 bits of data, because two last
-+ components of the key of directory entry are unknown, which given 128 bits:
-+ locality and type fields in the key of directory entry are always known, to
-+ start readdir() from given point objectid and offset fields have to be
-+ filled.
-+
-+ Traditional UNIX API for scanning through directory
-+ (readdir/seekdir/telldir/opendir/closedir/rewindir/getdents) is based on the
-+ assumption that directory is structured very much like regular file, in
-+ particular, it is implied that each name within given directory (directory
-+ entry) can be uniquely identified by scalar offset and that such offset is
-+ stable across the life-time of the name is identifies.
-+
-+ This is manifestly not so for reiser4. In reiser4 the only stable unique
-+ identifies for the directory entry is its key that doesn't fit into
-+ seekdir/telldir API.
-+
-+ solution:
-+
-+ Within each file descriptor participating in readdir-ing of directory
-+ plugin/dir/dir.h:readdir_pos is maintained. This structure keeps track of
-+ the "current" directory entry that file descriptor looks at. It contains a
-+ key of directory entry (plus some additional info to deal with non-unique
-+ keys that we wouldn't dwell onto here) and a logical position of this
-+ directory entry starting from the beginning of the directory, that is
-+ ordinal number of this entry in the readdir order.
-+
-+ Obviously this logical position is not stable in the face of directory
-+ modifications. To work around this, on each addition or removal of directory
-+ entry all file descriptors for directory inode are scanned and their
-+ readdir_pos are updated accordingly (adjust_dir_pos()).
-+*/
-+int readdir_common(struct file *f /* directory file being read */ ,
-+ void *dirent /* opaque data passed to us by VFS */ ,
-+ filldir_t filld /* filler function passed to us by VFS */ )
-+{
-+ reiser4_context *ctx;
-+ int result;
-+ struct inode *inode;
-+ coord_t coord;
-+ lock_handle lh;
-+ tap_t tap;
-+ readdir_pos *pos;
-+
-+ assert("nikita-1359", f != NULL);
-+ inode = f->f_dentry->d_inode;
-+ assert("nikita-1360", inode != NULL);
-+
-+ if (!S_ISDIR(inode->i_mode))
-+ return RETERR(-ENOTDIR);
-+
-+ ctx = init_context(inode->i_sb);
-+ if (IS_ERR(ctx))
-+ return PTR_ERR(ctx);
-+
-+ coord_init_zero(&coord);
-+ init_lh(&lh);
-+ tap_init(&tap, &coord, &lh, ZNODE_READ_LOCK);
-+
-+ reiser4_readdir_readahead_init(inode, &tap);
-+
-+ repeat:
-+ result = dir_readdir_init(f, &tap, &pos);
-+ if (result == 0) {
-+ result = tap_load(&tap);
-+ /* scan entries one by one feeding them to @filld */
-+ while (result == 0) {
-+ coord_t *coord;
-+
-+ coord = tap.coord;
-+ assert("nikita-2572", coord_is_existing_unit(coord));
-+ assert("nikita-3227", is_valid_dir_coord(inode, coord));
-+
-+ result = feed_entry(f, pos, &tap, filld, dirent);
-+ if (result > 0) {
-+ break;
-+ } else if (result == 0) {
-+ ++f->f_pos;
-+ result = go_next_unit(&tap);
-+ if (result == -E_NO_NEIGHBOR ||
-+ result == -ENOENT) {
-+ result = 0;
-+ break;
-+ } else if (result == 0) {
-+ if (is_valid_dir_coord(inode, coord))
-+ move_entry(pos, coord);
-+ else
-+ break;
-+ }
-+ } else if (result == -E_REPEAT) {
-+ /* feed_entry() had to restart. */
-+ ++f->f_pos;
-+ tap_relse(&tap);
-+ goto repeat;
-+ } else
-+ warning("vs-1617",
-+ "readdir_common: unexpected error %d",
-+ result);
-+ }
-+ tap_relse(&tap);
-+
-+ if (result >= 0)
-+ f->f_version = inode->i_version;
-+ } else if (result == -E_NO_NEIGHBOR || result == -ENOENT)
-+ result = 0;
-+ tap_done(&tap);
-+ detach_fsdata(f);
-+
-+ /* try to update directory's atime */
-+ if (reiser4_grab_space(inode_file_plugin(inode)->estimate.update(inode),
-+ BA_CAN_COMMIT) != 0)
-+ warning("", "failed to update atime on readdir: %llu",
-+ get_inode_oid(inode));
-+ else
-+ file_accessed(f);
-+
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+
-+ return (result <= 0) ? result : 0;
-+}
-+
-+/*
-+ * Local variables:
-+ * c-indentation-style: "K&R"
-+ * mode-name: "LC"
-+ * c-basic-offset: 8
-+ * tab-width: 8
-+ * fill-column: 79
-+ * End:
-+ */
-Index: linux-2.6.16/fs/reiser4/plugin/file_plugin_common.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/file_plugin_common.c
-@@ -0,0 +1,929 @@
-+/* Copyright 2005 by Hans Reiser, licensing governed by
-+ reiser4/README */
-+
-+/* this file contains typical implementations for most of methods of
-+ file plugin
-+*/
-+
-+#include "../inode.h"
-+#include "object.h"
-+#include "../safe_link.h"
-+
-+#include <linux/quotaops.h>
-+
-+static int insert_new_sd(struct inode *inode);
-+static int update_sd(struct inode *inode);
-+
-+/* this is common implementation of write_sd_by_inode method of file plugin
-+ either insert stat data or update it
-+ */
-+int write_sd_by_inode_common(struct inode *inode /* object to save */ )
-+{
-+ int result;
-+
-+ assert("nikita-730", inode != NULL);
-+
-+ if (inode_get_flag(inode, REISER4_NO_SD))
-+ /* object doesn't have stat-data yet */
-+ result = insert_new_sd(inode);
-+ else
-+ result = update_sd(inode);
-+ if (result != 0 && result != -ENAMETOOLONG && result != -ENOMEM)
-+ /* Don't issue warnings about "name is too long" */
-+ warning("nikita-2221", "Failed to save sd for %llu: %i",
-+ (unsigned long long)get_inode_oid(inode), result);
-+ return result;
-+}
-+
-+/* this is common implementation of key_by_inode method of file plugin
-+ */
-+int
-+key_by_inode_and_offset_common(struct inode *inode, loff_t off,
-+ reiser4_key * key)
-+{
-+ reiser4_key_init(key);
-+ set_key_locality(key, reiser4_inode_data(inode)->locality_id);
-+ set_key_ordering(key, get_inode_ordering(inode));
-+ set_key_objectid(key, get_inode_oid(inode)); /*FIXME: inode->i_ino */
-+ set_key_type(key, KEY_BODY_MINOR);
-+ set_key_offset(key, (__u64) off);
-+ return 0;
-+}
-+
-+/* this is common implementation of set_plug_in_inode method of file plugin
-+ */
-+int set_plug_in_inode_common(struct inode *object /* inode to set plugin on */ ,
-+ struct inode *parent /* parent object */ ,
-+ reiser4_object_create_data * data /* creational
-+ * data */ )
-+{
-+ __u64 mask;
-+
-+ object->i_mode = data->mode;
-+ /* this should be plugin decision */
-+ object->i_uid = current->fsuid;
-+ object->i_mtime = object->i_atime = object->i_ctime = CURRENT_TIME;
-+
-+ /* support for BSD style group-id assignment. See mount's manual page
-+ description of bsdgroups ext2 mount options for more details */
-+ if (reiser4_is_set(object->i_sb, REISER4_BSD_GID))
-+ object->i_gid = parent->i_gid;
-+ else if (parent->i_mode & S_ISGID) {
-+ /* parent directory has sguid bit */
-+ object->i_gid = parent->i_gid;
-+ if (S_ISDIR(object->i_mode))
-+ /* sguid is inherited by sub-directories */
-+ object->i_mode |= S_ISGID;
-+ } else
-+ object->i_gid = current->fsgid;
-+
-+ /* this object doesn't have stat-data yet */
-+ inode_set_flag(object, REISER4_NO_SD);
-+#if 0
-+ /* this is now called after all inode plugins are initialized:
-+ do_create_vfs_child after adjust_to_parent */
-+ /* setup inode and file-operations for this inode */
-+ setup_inode_ops(object, data);
-+#endif
-+ object->i_nlink = 0;
-+ seal_init(&reiser4_inode_data(object)->sd_seal, NULL, NULL);
-+ mask = (1 << UNIX_STAT) | (1 << LIGHT_WEIGHT_STAT);
-+ if (!reiser4_is_set(object->i_sb, REISER4_32_BIT_TIMES))
-+ mask |= (1 << LARGE_TIMES_STAT);
-+
-+ reiser4_inode_data(object)->extmask = mask;
-+ return 0;
-+}
-+
-+/* this is common implementation of adjust_to_parent method of file plugin for
-+ regular files
-+ */
-+int adjust_to_parent_common(struct inode *object /* new object */ ,
-+ struct inode *parent /* parent directory */ ,
-+ struct inode *root /* root directory */ )
-+{
-+ assert("nikita-2165", object != NULL);
-+ if (parent == NULL)
-+ parent = root;
-+ assert("nikita-2069", parent != NULL);
-+
-+ /*
-+ * inherit missing plugins from parent
-+ */
-+
-+ grab_plugin(object, parent, PSET_FILE);
-+ grab_plugin(object, parent, PSET_SD);
-+ grab_plugin(object, parent, PSET_FORMATTING);
-+ grab_plugin(object, parent, PSET_PERM);
-+ return 0;
-+}
-+
-+/* this is common implementation of adjust_to_parent method of file plugin for
-+ typical directories
-+ */
-+int adjust_to_parent_common_dir(struct inode *object /* new object */ ,
-+ struct inode *parent /* parent directory */ ,
-+ struct inode *root /* root directory */ )
-+{
-+ int result = 0;
-+ pset_member memb;
-+
-+ assert("nikita-2166", object != NULL);
-+ if (parent == NULL)
-+ parent = root;
-+ assert("nikita-2167", parent != NULL);
-+
-+ /*
-+ * inherit missing plugins from parent
-+ */
-+ for (memb = 0; memb < PSET_LAST; ++memb) {
-+ result = grab_plugin(object, parent, memb);
-+ if (result != 0)
-+ break;
-+ }
-+ return result;
-+}
-+
-+int adjust_to_parent_cryptcompress(struct inode *object /* new object */ ,
-+ struct inode *parent /* parent directory */,
-+ struct inode *root /* root directory */)
-+{
-+ int result;
-+ result = adjust_to_parent_common(object, parent, root);
-+ if (result)
-+ return result;
-+ assert("edward-1416", parent != NULL);
-+
-+ grab_plugin(object, parent, PSET_CLUSTER);
-+ grab_plugin(object, parent, PSET_CIPHER);
-+ grab_plugin(object, parent, PSET_DIGEST);
-+ grab_plugin(object, parent, PSET_COMPRESSION);
-+ grab_plugin(object, parent, PSET_COMPRESSION_MODE);
-+
-+ return 0;
-+}
-+
-+/* this is common implementation of create_object method of file plugin
-+ */
-+int
-+create_object_common(struct inode *object, struct inode *parent UNUSED_ARG,
-+ reiser4_object_create_data * data UNUSED_ARG)
-+{
-+ reiser4_block_nr reserve;
-+ assert("nikita-744", object != NULL);
-+ assert("nikita-745", parent != NULL);
-+ assert("nikita-747", data != NULL);
-+ assert("nikita-748", inode_get_flag(object, REISER4_NO_SD));
-+
-+ reserve = estimate_create_common(object);
-+ if (reiser4_grab_space(reserve, BA_CAN_COMMIT))
-+ return RETERR(-ENOSPC);
-+ return write_sd_by_inode_common(object);
-+}
-+
-+static int common_object_delete_no_reserve(struct inode *inode);
-+
-+/**
-+ * delete_object_common - delete_object of file_plugin
-+ * @inode: inode to be deleted
-+ *
-+ * This is common implementation of delete_object method of file_plugin. It
-+ * applies to object its deletion consists of removing two items - stat data
-+ * and safe-link.
-+ */
-+int delete_object_common(struct inode *inode)
-+{
-+ int result;
-+
-+ assert("nikita-1477", inode != NULL);
-+ /* FIXME: if file body deletion failed (i/o error, for instance),
-+ inode->i_size can be != 0 here */
-+ assert("nikita-3420", inode->i_size == 0 || S_ISLNK(inode->i_mode));
-+ assert("nikita-3421", inode->i_nlink == 0);
-+
-+
-+ if (!inode_get_flag(inode, REISER4_NO_SD)) {
-+ reiser4_block_nr reserve;
-+
-+ /* grab space which is needed to remove 2 items from the tree:
-+ stat data and safe-link */
-+ reserve = 2 * estimate_one_item_removal(tree_by_inode(inode));
-+ if (reiser4_grab_space_force(reserve,
-+ BA_RESERVED | BA_CAN_COMMIT))
-+ return RETERR(-ENOSPC);
-+ result = common_object_delete_no_reserve(inode);
-+ } else
-+ result = 0;
-+ return result;
-+}
-+
-+/**
-+ * delete_directory_common - delete_object of file_plugin
-+ * @inode: inode to be deleted
-+ *
-+ * This is common implementation of delete_object method of file_plugin for
-+ * typical directory. It calls done method of dir_plugin to remove "." and
-+ * removes stat data and safe-link.
-+ */
-+int delete_directory_common(struct inode *inode)
-+{
-+ int result;
-+ dir_plugin *dplug;
-+
-+ assert("", (get_current_context() &&
-+ get_current_context()->trans->atom == NULL));
-+
-+ dplug = inode_dir_plugin(inode);
-+ assert("vs-1101", dplug && dplug->done);
-+
-+ /* kill cursors which might be attached to inode */
-+ kill_cursors(inode);
-+
-+ /* grab space enough for removing two items */
-+ if (reiser4_grab_space
-+ (2 * estimate_one_item_removal(tree_by_inode(inode)),
-+ BA_RESERVED | BA_CAN_COMMIT))
-+ return RETERR(-ENOSPC);
-+
-+ result = dplug->done(inode);
-+ if (!result)
-+ result = common_object_delete_no_reserve(inode);
-+ return result;
-+}
-+
-+/* this is common implementation of add_link method of file plugin
-+ */
-+int add_link_common(struct inode *object, struct inode *parent UNUSED_ARG)
-+{
-+ /*
-+ * increment ->i_nlink and update ->i_ctime
-+ */
-+
-+ INODE_INC_FIELD(object, i_nlink);
-+ object->i_ctime = CURRENT_TIME;
-+ return 0;
-+}
-+
-+/* this is common implementation of rem_link method of file plugin
-+ */
-+int rem_link_common(struct inode *object, struct inode *parent UNUSED_ARG)
-+{
-+ assert("nikita-2021", object != NULL);
-+ assert("nikita-2163", object->i_nlink > 0);
-+
-+ /*
-+ * decrement ->i_nlink and update ->i_ctime
-+ */
-+
-+ INODE_DEC_FIELD(object, i_nlink);
-+ object->i_ctime = CURRENT_TIME;
-+ return 0;
-+}
-+
-+/* this is common implementation of rem_link method of file plugin for typical
-+ directory
-+*/
-+int rem_link_common_dir(struct inode *object, struct inode *parent UNUSED_ARG)
-+{
-+ assert("nikita-20211", object != NULL);
-+ assert("nikita-21631", object->i_nlink > 0);
-+
-+ /*
-+ * decrement ->i_nlink and update ->i_ctime
-+ */
-+ INODE_DEC_FIELD(object, i_nlink);
-+ if (object->i_nlink == 1)
-+ INODE_DEC_FIELD(object, i_nlink);
-+ object->i_ctime = CURRENT_TIME;
-+ return 0;
-+}
-+
-+/* this is common implementation of owns_item method of file plugin
-+ compare objectids of keys in inode and coord */
-+int owns_item_common(const struct inode *inode, /* object to check
-+ * against */
-+ const coord_t * coord /* coord to check */ )
-+{
-+ reiser4_key item_key;
-+ reiser4_key file_key;
-+
-+ assert("nikita-760", inode != NULL);
-+ assert("nikita-761", coord != NULL);
-+
-+ return coord_is_existing_item(coord) &&
-+ (get_key_objectid(build_sd_key(inode, &file_key)) ==
-+ get_key_objectid(item_key_by_coord(coord, &item_key)));
-+}
-+
-+/* this is common implementation of owns_item method of file plugin
-+ for typical directory
-+*/
-+int owns_item_common_dir(const struct inode *inode, /* object to check against */
-+ const coord_t * coord /* coord of item to check */ )
-+{
-+ reiser4_key item_key;
-+
-+ assert("nikita-1335", inode != NULL);
-+ assert("nikita-1334", coord != NULL);
-+
-+ if (item_type_by_coord(coord) == DIR_ENTRY_ITEM_TYPE)
-+ return get_key_locality(item_key_by_coord(coord, &item_key)) ==
-+ get_inode_oid(inode);
-+ else
-+ return owns_item_common(inode, coord);
-+}
-+
-+/* this is common implementation of can_add_link method of file plugin
-+ checks whether yet another hard links to this object can be added
-+*/
-+int can_add_link_common(const struct inode *object /* object to check */ )
-+{
-+ assert("nikita-732", object != NULL);
-+
-+ /* inode->i_nlink is unsigned int, so just check for integer
-+ overflow */
-+ return object->i_nlink + 1 != 0;
-+}
-+
-+/* this is common implementation of can_rem_link method of file plugin for
-+ typical directory
-+*/
-+int can_rem_link_common_dir(const struct inode *inode)
-+{
-+ /* is_dir_empty() returns 0 is dir is empty */
-+ return !is_dir_empty(inode);
-+}
-+
-+/* this is common implementation of detach method of file plugin for typical
-+ directory
-+*/
-+int detach_common_dir(struct inode *child, struct inode *parent)
-+{
-+ dir_plugin *dplug;
-+
-+ dplug = inode_dir_plugin(child);
-+ assert("nikita-2883", dplug != NULL);
-+ assert("nikita-2884", dplug->detach != NULL);
-+ return dplug->detach(child, parent);
-+}
-+
-+/* this is common implementation of bind method of file plugin for typical
-+ directory
-+*/
-+int bind_common_dir(struct inode *child, struct inode *parent)
-+{
-+ dir_plugin *dplug;
-+
-+ dplug = inode_dir_plugin(child);
-+ assert("nikita-2646", dplug != NULL);
-+ return dplug->attach(child, parent);
-+}
-+
-+static int process_truncate(struct inode *, __u64 size);
-+
-+/* this is common implementation of safelink method of file plugin
-+ */
-+int safelink_common(struct inode *object, reiser4_safe_link_t link, __u64 value)
-+{
-+ int result;
-+
-+ assert("vs-1705", get_current_context()->trans->atom == NULL);
-+ if (link == SAFE_UNLINK)
-+ /* nothing to do. iput() in the caller (process_safelink) will
-+ * finish with file */
-+ result = 0;
-+ else if (link == SAFE_TRUNCATE)
-+ result = process_truncate(object, value);
-+ else {
-+ warning("nikita-3438", "Unrecognized safe-link type: %i", link);
-+ result = RETERR(-EIO);
-+ }
-+ return result;
-+}
-+
-+/* this is common implementation of estimate.create method of file plugin
-+ can be used when object creation involves insertion of one item (usually stat
-+ data) into tree
-+*/
-+reiser4_block_nr estimate_create_common(const struct inode * object)
-+{
-+ return estimate_one_insert_item(tree_by_inode(object));
-+}
-+
-+/* this is common implementation of estimate.create method of file plugin for
-+ typical directory
-+ can be used when directory creation involves insertion of two items (usually
-+ stat data and item containing "." and "..") into tree
-+*/
-+reiser4_block_nr estimate_create_common_dir(const struct inode * object)
-+{
-+ return 2 * estimate_one_insert_item(tree_by_inode(object));
-+}
-+
-+/* this is common implementation of estimate.update method of file plugin
-+ can be used when stat data update does not do more than inserting a unit
-+ into a stat data item which is probably true for most cases
-+*/
-+reiser4_block_nr estimate_update_common(const struct inode * inode)
-+{
-+ return estimate_one_insert_into_item(tree_by_inode(inode));
-+}
-+
-+/* this is common implementation of estimate.unlink method of file plugin
-+ */
-+reiser4_block_nr
-+estimate_unlink_common(const struct inode * object UNUSED_ARG,
-+ const struct inode * parent UNUSED_ARG)
-+{
-+ return 0;
-+}
-+
-+/* this is common implementation of estimate.unlink method of file plugin for
-+ typical directory
-+*/
-+reiser4_block_nr
-+estimate_unlink_common_dir(const struct inode * object,
-+ const struct inode * parent)
-+{
-+ dir_plugin *dplug;
-+
-+ dplug = inode_dir_plugin(object);
-+ assert("nikita-2888", dplug != NULL);
-+ assert("nikita-2887", dplug->estimate.unlink != NULL);
-+ return dplug->estimate.unlink(object, parent);
-+}
-+
-+char *wire_write_common(struct inode *inode, char *start)
-+{
-+ return build_inode_onwire(inode, start);
-+}
-+
-+char *wire_read_common(char *addr, reiser4_object_on_wire * obj)
-+{
-+ return extract_obj_key_id_from_onwire(addr, &obj->u.std.key_id);
-+}
-+
-+struct dentry *wire_get_common(struct super_block *sb,
-+ reiser4_object_on_wire * obj)
-+{
-+ struct inode *inode;
-+ struct dentry *dentry;
-+ reiser4_key key;
-+
-+ extract_key_from_id(&obj->u.std.key_id, &key);
-+ inode = reiser4_iget(sb, &key, 1);
-+ if (!IS_ERR(inode)) {
-+ reiser4_iget_complete(inode);
-+ dentry = d_alloc_anon(inode);
-+ if (dentry == NULL) {
-+ iput(inode);
-+ dentry = ERR_PTR(-ENOMEM);
-+ } else
-+ dentry->d_op = &get_super_private(sb)->ops.dentry;
-+ } else if (PTR_ERR(inode) == -ENOENT)
-+ /*
-+ * inode wasn't found at the key encoded in the file
-+ * handle. Hence, file handle is stale.
-+ */
-+ dentry = ERR_PTR(RETERR(-ESTALE));
-+ else
-+ dentry = (void *)inode;
-+ return dentry;
-+}
-+
-+int wire_size_common(struct inode *inode)
-+{
-+ return inode_onwire_size(inode);
-+}
-+
-+void wire_done_common(reiser4_object_on_wire * obj)
-+{
-+ /* nothing to do */
-+}
-+
-+/* helper function to print errors */
-+static void key_warning(const reiser4_key * key /* key to print */ ,
-+ const struct inode *inode,
-+ int code /* error code to print */ )
-+{
-+ assert("nikita-716", key != NULL);
-+
-+ if (code != -ENOMEM) {
-+ warning("nikita-717", "Error for inode %llu (%i)",
-+ (unsigned long long)get_key_objectid(key), code);
-+ print_key("for key", key);
-+ }
-+}
-+
-+/* NIKITA-FIXME-HANS: perhaps this function belongs in another file? */
-+#if REISER4_DEBUG
-+static void
-+check_inode_seal(const struct inode *inode,
-+ const coord_t * coord, const reiser4_key * key)
-+{
-+ reiser4_key unit_key;
-+
-+ unit_key_by_coord(coord, &unit_key);
-+ assert("nikita-2752",
-+ WITH_DATA_RET(coord->node, 1, keyeq(key, &unit_key)));
-+ assert("nikita-2753", get_inode_oid(inode) == get_key_objectid(key));
-+}
-+
-+static void check_sd_coord(coord_t * coord, const reiser4_key * key)
-+{
-+ reiser4_key ukey;
-+
-+ coord_clear_iplug(coord);
-+ if (zload(coord->node))
-+ return;
-+
-+ if (!coord_is_existing_unit(coord) ||
-+ !item_plugin_by_coord(coord) ||
-+ !keyeq(unit_key_by_coord(coord, &ukey), key) ||
-+ (znode_get_level(coord->node) != LEAF_LEVEL) ||
-+ !item_is_statdata(coord)) {
-+ warning("nikita-1901", "Conspicuous seal");
-+ print_key("key", key);
-+ print_coord("coord", coord, 1);
-+ impossible("nikita-2877", "no way");
-+ }
-+ zrelse(coord->node);
-+}
-+
-+#else
-+#define check_inode_seal(inode, coord, key) noop
-+#define check_sd_coord(coord, key) noop
-+#endif
-+
-+/* insert new stat-data into tree. Called with inode state
-+ locked. Return inode state locked. */
-+static int insert_new_sd(struct inode *inode /* inode to create sd for */ )
-+{
-+ int result;
-+ reiser4_key key;
-+ coord_t coord;
-+ reiser4_item_data data;
-+ char *area;
-+ reiser4_inode *ref;
-+ lock_handle lh;
-+ oid_t oid;
-+
-+ assert("nikita-723", inode != NULL);
-+ assert("nikita-3406", inode_get_flag(inode, REISER4_NO_SD));
-+
-+ ref = reiser4_inode_data(inode);
-+ spin_lock_inode(inode);
-+
-+ if (ref->plugin_mask != 0)
-+ /* inode has non-standard plugins */
-+ inode_set_extension(inode, PLUGIN_STAT);
-+ /*
-+ * prepare specification of new item to be inserted
-+ */
-+
-+ data.iplug = inode_sd_plugin(inode);
-+ data.length = data.iplug->s.sd.save_len(inode);
-+ spin_unlock_inode(inode);
-+
-+ data.data = NULL;
-+ data.user = 0;
-+/* could be optimized for case where there is only one node format in
-+ * use in the filesystem, probably there are lots of such
-+ * places we could optimize for only one node layout.... -Hans */
-+ if (data.length > tree_by_inode(inode)->nplug->max_item_size()) {
-+ /* This is silly check, but we don't know actual node where
-+ insertion will go into. */
-+ return RETERR(-ENAMETOOLONG);
-+ }
-+ oid = oid_allocate(inode->i_sb);
-+/* NIKITA-FIXME-HANS: what is your opinion on whether this error check should be encapsulated into oid_allocate? */
-+ if (oid == ABSOLUTE_MAX_OID)
-+ return RETERR(-EOVERFLOW);
-+
-+ set_inode_oid(inode, oid);
-+
-+ coord_init_zero(&coord);
-+ init_lh(&lh);
-+
-+ result = insert_by_key(tree_by_inode(inode),
-+ build_sd_key(inode, &key), &data, &coord, &lh,
-+ /* stat data lives on a leaf level */
-+ LEAF_LEVEL, CBK_UNIQUE);
-+
-+ /* we don't want to re-check that somebody didn't insert
-+ stat-data while we were doing io, because if it did,
-+ insert_by_key() returned error. */
-+ /* but what _is_ possible is that plugin for inode's stat-data,
-+ list of non-standard plugins or their state would change
-+ during io, so that stat-data wouldn't fit into sd. To avoid
-+ this race we keep inode_state lock. This lock has to be
-+ taken each time you access inode in a way that would cause
-+ changes in sd size: changing plugins etc.
-+ */
-+
-+ if (result == IBK_INSERT_OK) {
-+ coord_clear_iplug(&coord);
-+ result = zload(coord.node);
-+ if (result == 0) {
-+ /* have we really inserted stat data? */
-+ assert("nikita-725", item_is_statdata(&coord));
-+
-+ /* inode was just created. It is inserted into hash
-+ table, but no directory entry was yet inserted into
-+ parent. So, inode is inaccessible through
-+ ->lookup(). All places that directly grab inode
-+ from hash-table (like old knfsd), should check
-+ IMMUTABLE flag that is set by common_create_child.
-+ */
-+ assert("nikita-3240", data.iplug != NULL);
-+ assert("nikita-3241", data.iplug->s.sd.save != NULL);
-+ area = item_body_by_coord(&coord);
-+ result = data.iplug->s.sd.save(inode, &area);
-+ znode_make_dirty(coord.node);
-+ if (result == 0) {
-+ /* object has stat-data now */
-+ inode_clr_flag(inode, REISER4_NO_SD);
-+ inode_set_flag(inode, REISER4_SDLEN_KNOWN);
-+ /* initialise stat-data seal */
-+ seal_init(&ref->sd_seal, &coord, &key);
-+ ref->sd_coord = coord;
-+ check_inode_seal(inode, &coord, &key);
-+ } else if (result != -ENOMEM)
-+ /*
-+ * convert any other error code to -EIO to
-+ * avoid confusing user level with unexpected
-+ * errors.
-+ */
-+ result = RETERR(-EIO);
-+ zrelse(coord.node);
-+ }
-+ }
-+ done_lh(&lh);
-+
-+ if (result != 0)
-+ key_warning(&key, inode, result);
-+ else
-+ oid_count_allocated();
-+
-+ return result;
-+}
-+
-+/* find sd of inode in a tree, deal with errors */
-+int lookup_sd(struct inode *inode /* inode to look sd for */ ,
-+ znode_lock_mode lock_mode /* lock mode */ ,
-+ coord_t * coord /* resulting coord */ ,
-+ lock_handle * lh /* resulting lock handle */ ,
-+ const reiser4_key * key /* resulting key */ ,
-+ int silent)
-+{
-+ int result;
-+ __u32 flags;
-+
-+ assert("nikita-1692", inode != NULL);
-+ assert("nikita-1693", coord != NULL);
-+ assert("nikita-1694", key != NULL);
-+
-+ /* look for the object's stat data in a tree.
-+ This returns in "node" pointer to a locked znode and in "pos"
-+ position of an item found in node. Both are only valid if
-+ coord_found is returned. */
-+ flags = (lock_mode == ZNODE_WRITE_LOCK) ? CBK_FOR_INSERT : 0;
-+ flags |= CBK_UNIQUE;
-+ /*
-+ * traverse tree to find stat data. We cannot use vroot here, because
-+ * it only covers _body_ of the file, and stat data don't belong
-+ * there.
-+ */
-+ result = coord_by_key(tree_by_inode(inode),
-+ key,
-+ coord,
-+ lh,
-+ lock_mode,
-+ FIND_EXACT, LEAF_LEVEL, LEAF_LEVEL, flags, NULL);
-+ if (REISER4_DEBUG && result == 0)
-+ check_sd_coord(coord, key);
-+
-+ if (result != 0 && !silent)
-+ key_warning(key, inode, result);
-+ return result;
-+}
-+
-+static int
-+locate_inode_sd(struct inode *inode,
-+ reiser4_key * key, coord_t * coord, lock_handle * lh)
-+{
-+ reiser4_inode *state;
-+ seal_t seal;
-+ int result;
-+
-+ assert("nikita-3483", inode != NULL);
-+
-+ state = reiser4_inode_data(inode);
-+ spin_lock_inode(inode);
-+ *coord = state->sd_coord;
-+ coord_clear_iplug(coord);
-+ seal = state->sd_seal;
-+ spin_unlock_inode(inode);
-+
-+ build_sd_key(inode, key);
-+ if (seal_is_set(&seal)) {
-+ /* first, try to use seal */
-+ result = seal_validate(&seal,
-+ coord,
-+ key,
-+ lh, ZNODE_WRITE_LOCK, ZNODE_LOCK_LOPRI);
-+ if (result == 0)
-+ check_sd_coord(coord, key);
-+ } else
-+ result = -E_REPEAT;
-+
-+ if (result != 0) {
-+ coord_init_zero(coord);
-+ result = lookup_sd(inode, ZNODE_WRITE_LOCK, coord, lh, key, 0);
-+ }
-+ return result;
-+}
-+
-+/* update stat-data at @coord */
-+static int
-+update_sd_at(struct inode *inode, coord_t * coord, reiser4_key * key,
-+ lock_handle * lh)
-+{
-+ int result;
-+ reiser4_item_data data;
-+ char *area;
-+ reiser4_inode *state;
-+ znode *loaded;
-+
-+ state = reiser4_inode_data(inode);
-+
-+ coord_clear_iplug(coord);
-+ result = zload(coord->node);
-+ if (result != 0)
-+ return result;
-+ loaded = coord->node;
-+
-+ spin_lock_inode(inode);
-+ assert("nikita-728", inode_sd_plugin(inode) != NULL);
-+ data.iplug = inode_sd_plugin(inode);
-+
-+ /* if inode has non-standard plugins, add appropriate stat data
-+ * extension */
-+ if (state->plugin_mask != 0)
-+ inode_set_extension(inode, PLUGIN_STAT);
-+
-+ /* data.length is how much space to add to (or remove
-+ from if negative) sd */
-+ if (!inode_get_flag(inode, REISER4_SDLEN_KNOWN)) {
-+ /* recalculate stat-data length */
-+ data.length =
-+ data.iplug->s.sd.save_len(inode) -
-+ item_length_by_coord(coord);
-+ inode_set_flag(inode, REISER4_SDLEN_KNOWN);
-+ } else
-+ data.length = 0;
-+ spin_unlock_inode(inode);
-+
-+ /* if on-disk stat data is of different length than required
-+ for this inode, resize it */
-+ if (data.length != 0) {
-+ data.data = NULL;
-+ data.user = 0;
-+
-+ /* insertion code requires that insertion point (coord) was
-+ * between units. */
-+ coord->between = AFTER_UNIT;
-+ result = resize_item(coord,
-+ &data, key, lh, COPI_DONT_SHIFT_LEFT);
-+ if (result != 0) {
-+ key_warning(key, inode, result);
-+ zrelse(loaded);
-+ return result;
-+ }
-+ if (loaded != coord->node) {
-+ /* resize_item moved coord to another node. Zload it */
-+ zrelse(loaded);
-+ coord_clear_iplug(coord);
-+ result = zload(coord->node);
-+ if (result != 0)
-+ return result;
-+ loaded = coord->node;
-+ }
-+ }
-+
-+ area = item_body_by_coord(coord);
-+ spin_lock_inode(inode);
-+ result = data.iplug->s.sd.save(inode, &area);
-+ znode_make_dirty(coord->node);
-+
-+ /* re-initialise stat-data seal */
-+
-+ /*
-+ * coord.between was possibly skewed from AT_UNIT when stat-data size
-+ * was changed and new extensions were pasted into item.
-+ */
-+ coord->between = AT_UNIT;
-+ seal_init(&state->sd_seal, coord, key);
-+ state->sd_coord = *coord;
-+ spin_unlock_inode(inode);
-+ check_inode_seal(inode, coord, key);
-+ zrelse(loaded);
-+ return result;
-+}
-+
-+/* Update existing stat-data in a tree. Called with inode state locked. Return
-+ inode state locked. */
-+static int update_sd(struct inode *inode /* inode to update sd for */ )
-+{
-+ int result;
-+ reiser4_key key;
-+ coord_t coord;
-+ lock_handle lh;
-+
-+ assert("nikita-726", inode != NULL);
-+
-+ /* no stat-data, nothing to update?! */
-+ assert("nikita-3482", !inode_get_flag(inode, REISER4_NO_SD));
-+
-+ init_lh(&lh);
-+
-+ result = locate_inode_sd(inode, &key, &coord, &lh);
-+ if (result == 0)
-+ result = update_sd_at(inode, &coord, &key, &lh);
-+ done_lh(&lh);
-+
-+ return result;
-+}
-+
-+/* helper for delete_object_common and delete_directory_common. Remove object
-+ stat data. Space for that must be reserved by caller before
-+*/
-+static int
-+common_object_delete_no_reserve(struct inode *inode /* object to remove */ )
-+{
-+ int result;
-+
-+ assert("nikita-1477", inode != NULL);
-+
-+ if (!inode_get_flag(inode, REISER4_NO_SD)) {
-+ reiser4_key sd_key;
-+
-+ DQUOT_FREE_INODE(inode);
-+ DQUOT_DROP(inode);
-+
-+ build_sd_key(inode, &sd_key);
-+ result =
-+ cut_tree(tree_by_inode(inode), &sd_key, &sd_key, NULL, 0);
-+ if (result == 0) {
-+ inode_set_flag(inode, REISER4_NO_SD);
-+ result = oid_release(inode->i_sb, get_inode_oid(inode));
-+ if (result == 0) {
-+ oid_count_released();
-+
-+ result = safe_link_del(tree_by_inode(inode),
-+ get_inode_oid(inode),
-+ SAFE_UNLINK);
-+ }
-+ }
-+ } else
-+ result = 0;
-+ return result;
-+}
-+
-+/* helper for safelink_common */
-+static int process_truncate(struct inode *inode, __u64 size)
-+{
-+ int result;
-+ struct iattr attr;
-+ file_plugin *fplug;
-+ reiser4_context *ctx;
-+ struct dentry dentry;
-+
-+ assert("vs-21", is_in_reiser4_context());
-+ ctx = init_context(inode->i_sb);
-+ assert("vs-22", !IS_ERR(ctx));
-+
-+ attr.ia_size = size;
-+ attr.ia_valid = ATTR_SIZE | ATTR_CTIME;
-+ fplug = inode_file_plugin(inode);
-+
-+ mutex_lock(&inode->i_mutex);
-+ assert("vs-1704", get_current_context()->trans->atom == NULL);
-+ dentry.d_inode = inode;
-+ result = inode->i_op->setattr(&dentry, &attr);
-+ mutex_unlock(&inode->i_mutex);
-+
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+
-+ return result;
-+}
-+
-+/* Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/hash.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/hash.c
-@@ -0,0 +1,350 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* Hash functions */
-+
-+#include "../debug.h"
-+#include "plugin_header.h"
-+#include "plugin.h"
-+#include "../super.h"
-+#include "../inode.h"
-+
-+#include <linux/types.h>
-+
-+/* old rupasov (yura) hash */
-+static __u64 hash_rupasov(const unsigned char *name /* name to hash */ ,
-+ int len /* @name's length */ )
-+{
-+ int i;
-+ int j;
-+ int pow;
-+ __u64 a;
-+ __u64 c;
-+
-+ assert("nikita-672", name != NULL);
-+ assert("nikita-673", len >= 0);
-+
-+ for (pow = 1, i = 1; i < len; ++i)
-+ pow = pow * 10;
-+
-+ if (len == 1)
-+ a = name[0] - 48;
-+ else
-+ a = (name[0] - 48) * pow;
-+
-+ for (i = 1; i < len; ++i) {
-+ c = name[i] - 48;
-+ for (pow = 1, j = i; j < len - 1; ++j)
-+ pow = pow * 10;
-+ a = a + c * pow;
-+ }
-+ for (; i < 40; ++i) {
-+ c = '0' - 48;
-+ for (pow = 1, j = i; j < len - 1; ++j)
-+ pow = pow * 10;
-+ a = a + c * pow;
-+ }
-+
-+ for (; i < 256; ++i) {
-+ c = i;
-+ for (pow = 1, j = i; j < len - 1; ++j)
-+ pow = pow * 10;
-+ a = a + c * pow;
-+ }
-+
-+ a = a << 7;
-+ return a;
-+}
-+
-+/* r5 hash */
-+static __u64 hash_r5(const unsigned char *name /* name to hash */ ,
-+ int len UNUSED_ARG /* @name's length */ )
-+{
-+ __u64 a = 0;
-+
-+ assert("nikita-674", name != NULL);
-+ assert("nikita-675", len >= 0);
-+
-+ while (*name) {
-+ a += *name << 4;
-+ a += *name >> 4;
-+ a *= 11;
-+ name++;
-+ }
-+ return a;
-+}
-+
-+/* Keyed 32-bit hash function using TEA in a Davis-Meyer function
-+ H0 = Key
-+ Hi = E Mi(Hi-1) + Hi-1
-+
-+ (see Applied Cryptography, 2nd edition, p448).
-+
-+ Jeremy Fitzhardinge <jeremy@zip.com.au> 1998
-+
-+ Jeremy has agreed to the contents of reiserfs/README. -Hans
-+
-+ This code was blindly upgraded to __u64 by s/__u32/__u64/g.
-+*/
-+static __u64 hash_tea(const unsigned char *name /* name to hash */ ,
-+ int len /* @name's length */ )
-+{
-+ __u64 k[] = { 0x9464a485u, 0x542e1a94u, 0x3e846bffu, 0xb75bcfc3u };
-+
-+ __u64 h0 = k[0], h1 = k[1];
-+ __u64 a, b, c, d;
-+ __u64 pad;
-+ int i;
-+
-+ assert("nikita-676", name != NULL);
-+ assert("nikita-677", len >= 0);
-+
-+#define DELTA 0x9E3779B9u
-+#define FULLROUNDS 10 /* 32 is overkill, 16 is strong crypto */
-+#define PARTROUNDS 6 /* 6 gets complete mixing */
-+
-+/* a, b, c, d - data; h0, h1 - accumulated hash */
-+#define TEACORE(rounds) \
-+ do { \
-+ __u64 sum = 0; \
-+ int n = rounds; \
-+ __u64 b0, b1; \
-+ \
-+ b0 = h0; \
-+ b1 = h1; \
-+ \
-+ do \
-+ { \
-+ sum += DELTA; \
-+ b0 += ((b1 << 4)+a) ^ (b1+sum) ^ ((b1 >> 5)+b); \
-+ b1 += ((b0 << 4)+c) ^ (b0+sum) ^ ((b0 >> 5)+d); \
-+ } while(--n); \
-+ \
-+ h0 += b0; \
-+ h1 += b1; \
-+ } while(0)
-+
-+ pad = (__u64) len | ((__u64) len << 8);
-+ pad |= pad << 16;
-+
-+ while (len >= 16) {
-+ a = (__u64) name[0] | (__u64) name[1] << 8 | (__u64) name[2] <<
-+ 16 | (__u64) name[3] << 24;
-+ b = (__u64) name[4] | (__u64) name[5] << 8 | (__u64) name[6] <<
-+ 16 | (__u64) name[7] << 24;
-+ c = (__u64) name[8] | (__u64) name[9] << 8 | (__u64) name[10] <<
-+ 16 | (__u64) name[11] << 24;
-+ d = (__u64) name[12] | (__u64) name[13] << 8 | (__u64) name[14]
-+ << 16 | (__u64) name[15] << 24;
-+
-+ TEACORE(PARTROUNDS);
-+
-+ len -= 16;
-+ name += 16;
-+ }
-+
-+ if (len >= 12) {
-+ //assert(len < 16);
-+ if (len >= 16)
-+ *(int *)0 = 0;
-+
-+ a = (__u64) name[0] | (__u64) name[1] << 8 | (__u64) name[2] <<
-+ 16 | (__u64) name[3] << 24;
-+ b = (__u64) name[4] | (__u64) name[5] << 8 | (__u64) name[6] <<
-+ 16 | (__u64) name[7] << 24;
-+ c = (__u64) name[8] | (__u64) name[9] << 8 | (__u64) name[10] <<
-+ 16 | (__u64) name[11] << 24;
-+
-+ d = pad;
-+ for (i = 12; i < len; i++) {
-+ d <<= 8;
-+ d |= name[i];
-+ }
-+ } else if (len >= 8) {
-+ //assert(len < 12);
-+ if (len >= 12)
-+ *(int *)0 = 0;
-+ a = (__u64) name[0] | (__u64) name[1] << 8 | (__u64) name[2] <<
-+ 16 | (__u64) name[3] << 24;
-+ b = (__u64) name[4] | (__u64) name[5] << 8 | (__u64) name[6] <<
-+ 16 | (__u64) name[7] << 24;
-+
-+ c = d = pad;
-+ for (i = 8; i < len; i++) {
-+ c <<= 8;
-+ c |= name[i];
-+ }
-+ } else if (len >= 4) {
-+ //assert(len < 8);
-+ if (len >= 8)
-+ *(int *)0 = 0;
-+ a = (__u64) name[0] | (__u64) name[1] << 8 | (__u64) name[2] <<
-+ 16 | (__u64) name[3] << 24;
-+
-+ b = c = d = pad;
-+ for (i = 4; i < len; i++) {
-+ b <<= 8;
-+ b |= name[i];
-+ }
-+ } else {
-+ //assert(len < 4);
-+ if (len >= 4)
-+ *(int *)0 = 0;
-+ a = b = c = d = pad;
-+ for (i = 0; i < len; i++) {
-+ a <<= 8;
-+ a |= name[i];
-+ }
-+ }
-+
-+ TEACORE(FULLROUNDS);
-+
-+/* return 0;*/
-+ return h0 ^ h1;
-+
-+}
-+
-+/* classical 64 bit Fowler/Noll/Vo-1 (FNV-1) hash.
-+
-+ See http://www.isthe.com/chongo/tech/comp/fnv/ for details.
-+
-+ Excerpts:
-+
-+ FNV hashes are designed to be fast while maintaining a low collision
-+ rate.
-+
-+ [This version also seems to preserve lexicographical order locally.]
-+
-+ FNV hash algorithms and source code have been released into the public
-+ domain.
-+
-+*/
-+static __u64 hash_fnv1(const unsigned char *name /* name to hash */ ,
-+ int len UNUSED_ARG /* @name's length */ )
-+{
-+ unsigned long long a = 0xcbf29ce484222325ull;
-+ const unsigned long long fnv_64_prime = 0x100000001b3ull;
-+
-+ assert("nikita-678", name != NULL);
-+ assert("nikita-679", len >= 0);
-+
-+ /* FNV-1 hash each octet in the buffer */
-+ for (; *name; ++name) {
-+ /* multiply by the 32 bit FNV magic prime mod 2^64 */
-+ a *= fnv_64_prime;
-+ /* xor the bottom with the current octet */
-+ a ^= (unsigned long long)(*name);
-+ }
-+ /* return our new hash value */
-+ return a;
-+}
-+
-+/* degenerate hash function used to simplify testing of non-unique key
-+ handling */
-+static __u64 hash_deg(const unsigned char *name UNUSED_ARG /* name to hash */ ,
-+ int len UNUSED_ARG /* @name's length */ )
-+{
-+ return 0xc0c0c0c010101010ull;
-+}
-+
-+static int change_hash(struct inode *inode, reiser4_plugin * plugin)
-+{
-+ int result;
-+
-+ assert("nikita-3503", inode != NULL);
-+ assert("nikita-3504", plugin != NULL);
-+
-+ assert("nikita-3505", is_reiser4_inode(inode));
-+ assert("nikita-3506", inode_dir_plugin(inode) != NULL);
-+ assert("nikita-3507", plugin->h.type_id == REISER4_HASH_PLUGIN_TYPE);
-+
-+ result = 0;
-+ if (inode_hash_plugin(inode) == NULL ||
-+ inode_hash_plugin(inode)->h.id != plugin->h.id) {
-+ if (is_dir_empty(inode) == 0)
-+ result =
-+ plugin_set_hash(&reiser4_inode_data(inode)->pset,
-+ &plugin->hash);
-+ else
-+ result = RETERR(-ENOTEMPTY);
-+
-+ }
-+ return result;
-+}
-+
-+static reiser4_plugin_ops hash_plugin_ops = {
-+ .init = NULL,
-+ .load = NULL,
-+ .save_len = NULL,
-+ .save = NULL,
-+ .change = change_hash
-+};
-+
-+/* hash plugins */
-+hash_plugin hash_plugins[LAST_HASH_ID] = {
-+ [RUPASOV_HASH_ID] = {
-+ .h = {
-+ .type_id = REISER4_HASH_PLUGIN_TYPE,
-+ .id = RUPASOV_HASH_ID,
-+ .pops = &hash_plugin_ops,
-+ .label = "rupasov",
-+ .desc = "Original Yura's hash",
-+ .linkage = {NULL, NULL}
-+ },
-+ .hash = hash_rupasov
-+ },
-+ [R5_HASH_ID] = {
-+ .h = {
-+ .type_id = REISER4_HASH_PLUGIN_TYPE,
-+ .id = R5_HASH_ID,
-+ .pops = &hash_plugin_ops,
-+ .label = "r5",
-+ .desc = "r5 hash",
-+ .linkage = {NULL, NULL}
-+ },
-+ .hash = hash_r5
-+ },
-+ [TEA_HASH_ID] = {
-+ .h = {
-+ .type_id = REISER4_HASH_PLUGIN_TYPE,
-+ .id = TEA_HASH_ID,
-+ .pops = &hash_plugin_ops,
-+ .label = "tea",
-+ .desc = "tea hash",
-+ .linkage = {NULL, NULL}
-+ },
-+ .hash = hash_tea
-+ },
-+ [FNV1_HASH_ID] = {
-+ .h = {
-+ .type_id = REISER4_HASH_PLUGIN_TYPE,
-+ .id = FNV1_HASH_ID,
-+ .pops = &hash_plugin_ops,
-+ .label = "fnv1",
-+ .desc = "fnv1 hash",
-+ .linkage = {NULL, NULL}
-+ },
-+ .hash = hash_fnv1
-+ },
-+ [DEGENERATE_HASH_ID] = {
-+ .h = {
-+ .type_id = REISER4_HASH_PLUGIN_TYPE,
-+ .id = DEGENERATE_HASH_ID,
-+ .pops = &hash_plugin_ops,
-+ .label = "degenerate hash",
-+ .desc = "Degenerate hash: only for testing",
-+ .linkage = {NULL, NULL}
-+ },
-+ .hash = hash_deg
-+ }
-+};
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/inode_ops.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/inode_ops.c
-@@ -0,0 +1,886 @@
-+/*
-+ * Copyright 2005 by Hans Reiser, licensing governed by reiser4/README
-+ */
-+
-+/*
-+ * this file contains typical implementations for most of methods of struct
-+ * inode_operations
-+ */
-+
-+#include "../inode.h"
-+#include "../safe_link.h"
-+
-+#include <linux/quotaops.h>
-+#include <linux/namei.h>
-+
-+
-+static int create_vfs_object(struct inode *parent, struct dentry *dentry,
-+ reiser4_object_create_data *data);
-+
-+/**
-+ * create_common - create of inode operations
-+ * @parent: inode of parent directory
-+ * @dentry: dentry of new object to create
-+ * @mode: the permissions to use
-+ * @nameidata:
-+ *
-+ * This is common implementation of vfs's create method of struct
-+ * inode_operations.
-+ * Creates regular file using file plugin from parent directory plugin set.
-+ */
-+int create_common(struct inode *parent, struct dentry *dentry,
-+ int mode, struct nameidata *nameidata)
-+{
-+ reiser4_object_create_data data;
-+
-+ memset(&data, 0, sizeof data);
-+ data.mode = S_IFREG | mode;
-+ data.id = inode_regular_plugin(parent)->id;
-+ return create_vfs_object(parent, dentry, &data);
-+}
-+
-+int lookup_name(struct inode *dir, struct dentry *, reiser4_key *);
-+void check_light_weight(struct inode *inode, struct inode *parent);
-+
-+/**
-+ * lookup_common - lookup of inode operations
-+ * @parent: inode of directory to lookup into
-+ * @dentry: name to look for
-+ * @nameidata:
-+ *
-+ * This is common implementation of vfs's lookup method of struct
-+ * inode_operations.
-+ */
-+struct dentry *lookup_common(struct inode *parent, struct dentry *dentry,
-+ struct nameidata *nameidata)
-+{
-+ reiser4_context *ctx;
-+ int result;
-+ struct dentry *new;
-+ struct inode *inode;
-+ reiser4_dir_entry_desc entry;
-+
-+ ctx = init_context(parent->i_sb);
-+ if (IS_ERR(ctx))
-+ return (struct dentry *)ctx;
-+
-+ /* set up operations on dentry. */
-+ dentry->d_op = &get_super_private(parent->i_sb)->ops.dentry;
-+
-+ result = lookup_name(parent, dentry, &entry.key);
-+ if (result) {
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+ if (result == -ENOENT) {
-+ /* object not found */
-+ if (!IS_DEADDIR(parent))
-+ d_add(dentry, NULL);
-+ return NULL;
-+ }
-+ return ERR_PTR(result);
-+ }
-+
-+ inode = reiser4_iget(parent->i_sb, &entry.key, 0);
-+ if (IS_ERR(inode)) {
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+ return ERR_PTR(PTR_ERR(inode));
-+ }
-+
-+ /* success */
-+ check_light_weight(inode, parent);
-+ new = d_splice_alias(inode, dentry);
-+ reiser4_iget_complete(inode);
-+
-+ /* prevent balance_dirty_pages() from being called: we don't want to
-+ * do this under directory i_mutex. */
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+ return new;
-+}
-+
-+static reiser4_block_nr common_estimate_link(struct inode *parent,
-+ struct inode *object);
-+int reiser4_update_dir(struct inode *);
-+
-+/**
-+ * link_common - link of inode operations
-+ * @existing: dentry of object which is to get new name
-+ * @parent: directory where new name is to be created
-+ * @newname: new name
-+ *
-+ * This is common implementation of vfs's link method of struct
-+ * inode_operations.
-+ */
-+int link_common(struct dentry *existing, struct inode *parent,
-+ struct dentry *newname)
-+{
-+ reiser4_context *ctx;
-+ int result;
-+ struct inode *object;
-+ dir_plugin *parent_dplug;
-+ reiser4_dir_entry_desc entry;
-+ reiser4_object_create_data data;
-+ reiser4_block_nr reserve;
-+
-+ ctx = init_context(parent->i_sb);
-+ if (IS_ERR(ctx))
-+ return PTR_ERR(ctx);
-+
-+ assert("nikita-1431", existing != NULL);
-+ assert("nikita-1432", parent != NULL);
-+ assert("nikita-1433", newname != NULL);
-+
-+ object = existing->d_inode;
-+ assert("nikita-1434", object != NULL);
-+
-+ /* check for race with create_object() */
-+ if (inode_get_flag(object, REISER4_IMMUTABLE)) {
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+ return RETERR(-E_REPEAT);
-+ }
-+
-+ parent_dplug = inode_dir_plugin(parent);
-+
-+ memset(&entry, 0, sizeof entry);
-+ entry.obj = object;
-+
-+ data.mode = object->i_mode;
-+ data.id = inode_file_plugin(object)->h.id;
-+
-+ reserve = common_estimate_link(parent, existing->d_inode);
-+ if ((__s64) reserve < 0) {
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+ return reserve;
-+ }
-+
-+ if (reiser4_grab_space(reserve, BA_CAN_COMMIT)) {
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+ return RETERR(-ENOSPC);
-+ }
-+
-+ /*
-+ * Subtle race handling: sys_link() doesn't take i_mutex on @parent. It
-+ * means that link(2) can race against unlink(2) or rename(2), and
-+ * inode is dead (->i_nlink == 0) when reiser4_link() is entered.
-+ *
-+ * For such inode we have to undo special processing done in
-+ * reiser4_unlink() viz. creation of safe-link.
-+ */
-+ if (unlikely(object->i_nlink == 0)) {
-+ result = safe_link_del(tree_by_inode(object),
-+ get_inode_oid(object), SAFE_UNLINK);
-+ if (result != 0) {
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+ return result;
-+ }
-+ }
-+
-+ /* increment nlink of @existing and update its stat data */
-+ result = reiser4_add_nlink(object, parent, 1);
-+ if (result == 0) {
-+ /* add entry to the parent */
-+ result =
-+ parent_dplug->add_entry(parent, newname, &data, &entry);
-+ if (result != 0) {
-+ /* failed to add entry to the parent, decrement nlink
-+ of @existing */
-+ reiser4_del_nlink(object, parent, 1);
-+ /*
-+ * now, if that failed, we have a file with too big
-+ * nlink---space leak, much better than directory
-+ * entry pointing to nowhere
-+ */
-+ }
-+ }
-+ if (result == 0) {
-+ atomic_inc(&object->i_count);
-+ /*
-+ * Upon successful completion, link() shall mark for update
-+ * the st_ctime field of the file. Also, the st_ctime and
-+ * st_mtime fields of the directory that contains the new
-+ * entry shall be marked for update. --SUS
-+ */
-+ result = reiser4_update_dir(parent);
-+ }
-+ if (result == 0)
-+ d_instantiate(newname, existing->d_inode);
-+
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+ return result;
-+}
-+
-+static int unlink_check_and_grab(struct inode *parent, struct dentry *victim);
-+
-+/**
-+ * unlink_common - unlink of inode operations
-+ * @parent: inode of directory to remove name from
-+ * @victim: name to be removed
-+ *
-+ * This is common implementation of vfs's unlink method of struct
-+ * inode_operations.
-+ */
-+int unlink_common(struct inode *parent, struct dentry *victim)
-+{
-+ reiser4_context *ctx;
-+ int result;
-+ struct inode *object;
-+ file_plugin *fplug;
-+
-+ ctx = init_context(parent->i_sb);
-+ if (IS_ERR(ctx))
-+ return PTR_ERR(ctx);
-+
-+ object = victim->d_inode;
-+ fplug = inode_file_plugin(object);
-+ assert("nikita-2882", fplug->detach != NULL);
-+
-+ result = unlink_check_and_grab(parent, victim);
-+ if (result != 0) {
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+ return result;
-+ }
-+
-+ result = fplug->detach(object, parent);
-+ if (result == 0) {
-+ dir_plugin *parent_dplug;
-+ reiser4_dir_entry_desc entry;
-+
-+ parent_dplug = inode_dir_plugin(parent);
-+ memset(&entry, 0, sizeof entry);
-+
-+ /* first, delete directory entry */
-+ result = parent_dplug->rem_entry(parent, victim, &entry);
-+ if (result == 0) {
-+ /*
-+ * if name was removed successfully, we _have_ to
-+ * return 0 from this function, because upper level
-+ * caller (vfs_{rmdir,unlink}) expect this.
-+ *
-+ * now that directory entry is removed, update
-+ * stat-data
-+ */
-+ reiser4_del_nlink(object, parent, 1);
-+ /*
-+ * Upon successful completion, unlink() shall mark for
-+ * update the st_ctime and st_mtime fields of the
-+ * parent directory. Also, if the file's link count is
-+ * not 0, the st_ctime field of the file shall be
-+ * marked for update. --SUS
-+ */
-+ reiser4_update_dir(parent);
-+ /* add safe-link for this file */
-+ if (object->i_nlink == 0)
-+ safe_link_add(object, SAFE_UNLINK);
-+ }
-+ }
-+
-+ if (unlikely(result != 0)) {
-+ if (result != -ENOMEM)
-+ warning("nikita-3398", "Cannot unlink %llu (%i)",
-+ (unsigned long long)get_inode_oid(object),
-+ result);
-+ /* if operation failed commit pending inode modifications to
-+ * the stat-data */
-+ reiser4_update_sd(object);
-+ reiser4_update_sd(parent);
-+ }
-+
-+ reiser4_release_reserved(object->i_sb);
-+
-+ /* @object's i_ctime was updated by ->rem_link() method(). */
-+
-+ /* @victim can be already removed from the disk by this time. Inode is
-+ then marked so that iput() wouldn't try to remove stat data. But
-+ inode itself is still there.
-+ */
-+
-+ /*
-+ * we cannot release directory semaphore here, because name has
-+ * already been deleted, but dentry (@victim) still exists. Prevent
-+ * balance_dirty_pages() from being called on exiting this context: we
-+ * don't want to do this under directory i_mutex.
-+ */
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+ return result;
-+}
-+
-+/**
-+ * symlink_common - symlink of inode operations
-+ * @parent: inode of parent directory
-+ * @dentry: dentry of object to be created
-+ * @linkname: string symlink is to contain
-+ *
-+ * This is common implementation of vfs's symlink method of struct
-+ * inode_operations.
-+ * Creates object using file plugin SYMLINK_FILE_PLUGIN_ID.
-+ */
-+int symlink_common(struct inode *parent, struct dentry *dentry,
-+ const char *linkname)
-+{
-+ reiser4_object_create_data data;
-+
-+ memset(&data, 0, sizeof data);
-+ data.name = linkname;
-+ data.id = SYMLINK_FILE_PLUGIN_ID;
-+ data.mode = S_IFLNK | S_IRWXUGO;
-+ return create_vfs_object(parent, dentry, &data);
-+}
-+
-+/**
-+ * mkdir_common - mkdir of inode operations
-+ * @parent: inode of parent directory
-+ * @dentry: dentry of object to be created
-+ * @mode: the permissions to use
-+ *
-+ * This is common implementation of vfs's mkdir method of struct
-+ * inode_operations.
-+ * Creates object using file plugin DIRECTORY_FILE_PLUGIN_ID.
-+ */
-+int mkdir_common(struct inode *parent, struct dentry *dentry, int mode)
-+{
-+ reiser4_object_create_data data;
-+
-+ memset(&data, 0, sizeof data);
-+ data.mode = S_IFDIR | mode;
-+ data.id = DIRECTORY_FILE_PLUGIN_ID;
-+ return create_vfs_object(parent, dentry, &data);
-+}
-+
-+/**
-+ * mknod_common - mknod of inode operations
-+ * @parent: inode of parent directory
-+ * @dentry: dentry of object to be created
-+ * @mode: the permissions to use and file type
-+ * @rdev: minor and major of new device file
-+ *
-+ * This is common implementation of vfs's mknod method of struct
-+ * inode_operations.
-+ * Creates object using file plugin SPECIAL_FILE_PLUGIN_ID.
-+ */
-+int mknod_common(struct inode *parent, struct dentry *dentry,
-+ int mode, dev_t rdev)
-+{
-+ reiser4_object_create_data data;
-+
-+ memset(&data, 0, sizeof data);
-+ data.mode = mode;
-+ data.rdev = rdev;
-+ data.id = SPECIAL_FILE_PLUGIN_ID;
-+ return create_vfs_object(parent, dentry, &data);
-+}
-+
-+/*
-+ * implementation of vfs's rename method of struct inode_operations for typical
-+ * directory is in inode_ops_rename.c
-+ */
-+
-+/**
-+ * follow_link_common - follow_link of inode operations
-+ * @dentry: dentry of symlink
-+ * @data:
-+ *
-+ * This is common implementation of vfs's followlink method of struct
-+ * inode_operations.
-+ * Assumes that inode's generic_ip points to the content of symbolic link.
-+ */
-+void *follow_link_common(struct dentry *dentry, struct nameidata *nd)
-+{
-+ assert("vs-851", S_ISLNK(dentry->d_inode->i_mode));
-+
-+ if (!dentry->d_inode->u.generic_ip
-+ || !inode_get_flag(dentry->d_inode, REISER4_GENERIC_PTR_USED))
-+ return ERR_PTR(RETERR(-EINVAL));
-+ nd_set_link(nd, dentry->d_inode->u.generic_ip);
-+ return NULL;
-+}
-+
-+/**
-+ * permission_common - permission of inode operations
-+ * @inode: inode to check permissions for
-+ * @mask: mode bits to check permissions for
-+ * @nameidata:
-+ *
-+ * Uses generic function to check for rwx permissions.
-+ */
-+int permission_common(struct inode *inode, int mask,
-+ struct nameidata *nameidata)
-+{
-+ return generic_permission(inode, mask, NULL);
-+}
-+
-+static int setattr_reserve(reiser4_tree *);
-+
-+/* this is common implementation of vfs's setattr method of struct
-+ inode_operations
-+*/
-+int setattr_common(struct dentry *dentry, struct iattr *attr)
-+{
-+ reiser4_context *ctx;
-+ struct inode *inode;
-+ int result;
-+
-+ inode = dentry->d_inode;
-+ result = inode_change_ok(inode, attr);
-+ if (result)
-+ return result;
-+
-+ ctx = init_context(inode->i_sb);
-+ if (IS_ERR(ctx))
-+ return PTR_ERR(ctx);
-+
-+ assert("nikita-3119", !(attr->ia_valid & ATTR_SIZE));
-+
-+ /*
-+ * grab disk space and call standard inode_setattr().
-+ */
-+ result = setattr_reserve(tree_by_inode(inode));
-+ if (!result) {
-+ if ((attr->ia_valid & ATTR_UID && attr->ia_uid != inode->i_uid)
-+ || (attr->ia_valid & ATTR_GID
-+ && attr->ia_gid != inode->i_gid)) {
-+ result = DQUOT_TRANSFER(inode, attr) ? -EDQUOT : 0;
-+ if (result) {
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+ return result;
-+ }
-+ }
-+ result = inode_setattr(inode, attr);
-+ if (!result)
-+ reiser4_update_sd(inode);
-+ }
-+
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+ return result;
-+}
-+
-+/* this is common implementation of vfs's getattr method of struct
-+ inode_operations
-+*/
-+int
-+getattr_common(struct vfsmount *mnt UNUSED_ARG, struct dentry *dentry,
-+ struct kstat *stat)
-+{
-+ struct inode *obj;
-+
-+ assert("nikita-2298", dentry != NULL);
-+ assert("nikita-2299", stat != NULL);
-+ assert("nikita-2300", dentry->d_inode != NULL);
-+
-+ obj = dentry->d_inode;
-+
-+ stat->dev = obj->i_sb->s_dev;
-+ stat->ino = oid_to_uino(get_inode_oid(obj));
-+ stat->mode = obj->i_mode;
-+ /* don't confuse userland with huge nlink. This is not entirely
-+ * correct, because nlink_t is not necessary 16 bit signed. */
-+ stat->nlink = min(obj->i_nlink, (typeof(obj->i_nlink)) 0x7fff);
-+ stat->uid = obj->i_uid;
-+ stat->gid = obj->i_gid;
-+ stat->rdev = obj->i_rdev;
-+ stat->atime = obj->i_atime;
-+ stat->mtime = obj->i_mtime;
-+ stat->ctime = obj->i_ctime;
-+ stat->size = obj->i_size;
-+ stat->blocks =
-+ (inode_get_bytes(obj) + VFS_BLKSIZE - 1) >> VFS_BLKSIZE_BITS;
-+ /* "preferred" blocksize for efficient file system I/O */
-+ stat->blksize = get_super_private(obj->i_sb)->optimal_io_size;
-+
-+ return 0;
-+}
-+
-+/* Estimate the maximum amount of nodes which might be allocated or changed on
-+ typical new object creation. Typical creation consists of calling create
-+ method of file plugin, adding directory entry to parent and update parent
-+ directory's stat data.
-+*/
-+static reiser4_block_nr estimate_create_vfs_object(struct inode *parent, /* parent object */
-+ struct inode *object
-+ /* object */ )
-+{
-+ assert("vpf-309", parent != NULL);
-+ assert("vpf-307", object != NULL);
-+
-+ return
-+ /* object creation estimation */
-+ inode_file_plugin(object)->estimate.create(object) +
-+ /* stat data of parent directory estimation */
-+ inode_file_plugin(parent)->estimate.update(parent) +
-+ /* adding entry estimation */
-+ inode_dir_plugin(parent)->estimate.add_entry(parent) +
-+ /* to undo in the case of failure */
-+ inode_dir_plugin(parent)->estimate.rem_entry(parent);
-+}
-+
-+/* Create child in directory.
-+
-+ . get object's plugin
-+ . get fresh inode
-+ . initialize inode
-+ . add object's stat-data
-+ . initialize object's directory
-+ . add entry to the parent
-+ . instantiate dentry
-+
-+*/
-+static int do_create_vfs_child(reiser4_object_create_data * data, /* parameters of new
-+ object */
-+ struct inode **retobj)
-+{
-+ int result;
-+
-+ struct dentry *dentry; /* parent object */
-+ struct inode *parent; /* new name */
-+
-+ dir_plugin *par_dir; /* directory plugin on the parent */
-+ dir_plugin *obj_dir; /* directory plugin on the new object */
-+ file_plugin *obj_plug; /* object plugin on the new object */
-+ struct inode *object; /* new object */
-+ reiser4_block_nr reserve;
-+
-+ reiser4_dir_entry_desc entry; /* new directory entry */
-+
-+ assert("nikita-1420", data != NULL);
-+ parent = data->parent;
-+ dentry = data->dentry;
-+
-+ assert("nikita-1418", parent != NULL);
-+ assert("nikita-1419", dentry != NULL);
-+
-+ /* check, that name is acceptable for parent */
-+ par_dir = inode_dir_plugin(parent);
-+ if (par_dir->is_name_acceptable &&
-+ !par_dir->is_name_acceptable(parent,
-+ dentry->d_name.name,
-+ (int)dentry->d_name.len))
-+ return RETERR(-ENAMETOOLONG);
-+
-+ result = 0;
-+ obj_plug = file_plugin_by_id((int)data->id);
-+ if (obj_plug == NULL) {
-+ warning("nikita-430", "Cannot find plugin %i", data->id);
-+ return RETERR(-ENOENT);
-+ }
-+ object = new_inode(parent->i_sb);
-+ if (object == NULL)
-+ return RETERR(-ENOMEM);
-+ /* we'll update i_nlink below */
-+ object->i_nlink = 0;
-+ /* new_inode() initializes i_ino to "arbitrary" value. Reset it to 0,
-+ * to simplify error handling: if some error occurs before i_ino is
-+ * initialized with oid, i_ino should already be set to some
-+ * distinguished value. */
-+ object->i_ino = 0;
-+
-+ /* So that on error iput will be called. */
-+ *retobj = object;
-+
-+ if (DQUOT_ALLOC_INODE(object)) {
-+ DQUOT_DROP(object);
-+ object->i_flags |= S_NOQUOTA;
-+ return RETERR(-EDQUOT);
-+ }
-+
-+ memset(&entry, 0, sizeof entry);
-+ entry.obj = object;
-+
-+ plugin_set_file(&reiser4_inode_data(object)->pset, obj_plug);
-+ result = obj_plug->set_plug_in_inode(object, parent, data);
-+ if (result) {
-+ warning("nikita-431", "Cannot install plugin %i on %llx",
-+ data->id, (unsigned long long)get_inode_oid(object));
-+ DQUOT_FREE_INODE(object);
-+ object->i_flags |= S_NOQUOTA;
-+ return result;
-+ }
-+
-+ /* reget plugin after installation */
-+ obj_plug = inode_file_plugin(object);
-+
-+ if (obj_plug->create_object == NULL) {
-+ DQUOT_FREE_INODE(object);
-+ object->i_flags |= S_NOQUOTA;
-+ return RETERR(-EPERM);
-+ }
-+
-+ /* if any of hash, tail, sd or permission plugins for newly created
-+ object are not set yet set them here inheriting them from parent
-+ directory
-+ */
-+ assert("nikita-2070", obj_plug->adjust_to_parent != NULL);
-+ result = obj_plug->adjust_to_parent(object,
-+ parent,
-+ object->i_sb->s_root->d_inode);
-+ if (result != 0) {
-+ warning("nikita-432", "Cannot inherit from %llx to %llx",
-+ (unsigned long long)get_inode_oid(parent),
-+ (unsigned long long)get_inode_oid(object));
-+ DQUOT_FREE_INODE(object);
-+ object->i_flags |= S_NOQUOTA;
-+ return result;
-+ }
-+
-+ /* setup inode and file-operations for this inode */
-+ setup_inode_ops(object, data);
-+
-+ /* call file plugin's method to initialize plugin specific part of
-+ * inode */
-+ if (obj_plug->init_inode_data)
-+ obj_plug->init_inode_data(object, data, 1 /*create */ );
-+
-+ /* obtain directory plugin (if any) for new object. */
-+ obj_dir = inode_dir_plugin(object);
-+ if (obj_dir != NULL && obj_dir->init == NULL) {
-+ DQUOT_FREE_INODE(object);
-+ object->i_flags |= S_NOQUOTA;
-+ return RETERR(-EPERM);
-+ }
-+
-+ reiser4_inode_data(object)->locality_id = get_inode_oid(parent);
-+
-+ reserve = estimate_create_vfs_object(parent, object);
-+ if (reiser4_grab_space(reserve, BA_CAN_COMMIT)) {
-+ DQUOT_FREE_INODE(object);
-+ object->i_flags |= S_NOQUOTA;
-+ return RETERR(-ENOSPC);
-+ }
-+
-+ /* mark inode `immutable'. We disable changes to the file being
-+ created until valid directory entry for it is inserted. Otherwise,
-+ if file were expanded and insertion of directory entry fails, we
-+ have to remove file, but we only alloted enough space in
-+ transaction to remove _empty_ file. 3.x code used to remove stat
-+ data in different transaction thus possibly leaking disk space on
-+ crash. This all only matters if it's possible to access file
-+ without name, for example, by inode number
-+ */
-+ inode_set_flag(object, REISER4_IMMUTABLE);
-+
-+ /* create empty object, this includes allocation of new objectid. For
-+ directories this implies creation of dot and dotdot */
-+ assert("nikita-2265", inode_get_flag(object, REISER4_NO_SD));
-+
-+ /* mark inode as `loaded'. From this point onward
-+ reiser4_delete_inode() will try to remove its stat-data. */
-+ inode_set_flag(object, REISER4_LOADED);
-+
-+ result = obj_plug->create_object(object, parent, data);
-+ if (result != 0) {
-+ inode_clr_flag(object, REISER4_IMMUTABLE);
-+ if (result != -ENAMETOOLONG && result != -ENOMEM)
-+ warning("nikita-2219",
-+ "Failed to create sd for %llu",
-+ (unsigned long long)get_inode_oid(object));
-+ DQUOT_FREE_INODE(object);
-+ object->i_flags |= S_NOQUOTA;
-+ return result;
-+ }
-+
-+ if (obj_dir != NULL)
-+ result = obj_dir->init(object, parent, data);
-+ if (result == 0) {
-+ assert("nikita-434", !inode_get_flag(object, REISER4_NO_SD));
-+ /* insert inode into VFS hash table */
-+ insert_inode_hash(object);
-+ /* create entry */
-+ result = par_dir->add_entry(parent, dentry, data, &entry);
-+ if (result == 0) {
-+ result = reiser4_add_nlink(object, parent, 0);
-+ /* If O_CREAT is set and the file did not previously
-+ exist, upon successful completion, open() shall
-+ mark for update the st_atime, st_ctime, and
-+ st_mtime fields of the file and the st_ctime and
-+ st_mtime fields of the parent directory. --SUS
-+ */
-+ /* @object times are already updated by
-+ reiser4_add_nlink() */
-+ if (result == 0)
-+ reiser4_update_dir(parent);
-+ if (result != 0)
-+ /* cleanup failure to add nlink */
-+ par_dir->rem_entry(parent, dentry, &entry);
-+ }
-+ if (result != 0)
-+ /* cleanup failure to add entry */
-+ obj_plug->detach(object, parent);
-+ } else if (result != -ENOMEM)
-+ warning("nikita-2219", "Failed to initialize dir for %llu: %i",
-+ (unsigned long long)get_inode_oid(object), result);
-+
-+ /*
-+ * update stat-data, committing all pending modifications to the inode
-+ * fields.
-+ */
-+ reiser4_update_sd(object);
-+ if (result != 0) {
-+ DQUOT_FREE_INODE(object);
-+ object->i_flags |= S_NOQUOTA;
-+ /* if everything was ok (result == 0), parent stat-data is
-+ * already updated above (update_parent_dir()) */
-+ reiser4_update_sd(parent);
-+ /* failure to create entry, remove object */
-+ obj_plug->delete_object(object);
-+ }
-+
-+ /* file has name now, clear immutable flag */
-+ inode_clr_flag(object, REISER4_IMMUTABLE);
-+
-+ /* on error, iput() will call ->delete_inode(). We should keep track
-+ of the existence of stat-data for this inode and avoid attempt to
-+ remove it in reiser4_delete_inode(). This is accomplished through
-+ REISER4_NO_SD bit in inode.u.reiser4_i.plugin.flags
-+ */
-+ return result;
-+}
-+
-+/* this is helper for common implementations of reiser4_mkdir, reiser4_create,
-+ reiser4_mknod and reiser4_symlink
-+*/
-+static int
-+create_vfs_object(struct inode *parent,
-+ struct dentry *dentry, reiser4_object_create_data * data)
-+{
-+ reiser4_context *ctx;
-+ int result;
-+ struct inode *child;
-+
-+ ctx = init_context(parent->i_sb);
-+ if (IS_ERR(ctx))
-+ return PTR_ERR(ctx);
-+ context_set_commit_async(ctx);
-+
-+ data->parent = parent;
-+ data->dentry = dentry;
-+ child = NULL;
-+ result = do_create_vfs_child(data, &child);
-+ if (unlikely(result != 0)) {
-+ if (child != NULL) {
-+ reiser4_make_bad_inode(child);
-+ iput(child);
-+ }
-+ } else
-+ d_instantiate(dentry, child);
-+
-+ reiser4_exit_context(ctx);
-+ return result;
-+}
-+
-+/* helper for link_common. Estimate disk space necessary to add a link
-+ from @parent to @object
-+*/
-+static reiser4_block_nr common_estimate_link(struct inode *parent, /* parent directory */
-+ struct inode *object
-+ /* object to which new link is being cerated */
-+ )
-+{
-+ reiser4_block_nr res = 0;
-+ file_plugin *fplug;
-+ dir_plugin *dplug;
-+
-+ assert("vpf-317", object != NULL);
-+ assert("vpf-318", parent != NULL);
-+
-+ fplug = inode_file_plugin(object);
-+ dplug = inode_dir_plugin(parent);
-+ /* VS-FIXME-HANS: why do we do fplug->estimate.update(object) twice instead of multiplying by 2? */
-+ /* reiser4_add_nlink(object) */
-+ res += fplug->estimate.update(object);
-+ /* add_entry(parent) */
-+ res += dplug->estimate.add_entry(parent);
-+ /* reiser4_del_nlink(object) */
-+ res += fplug->estimate.update(object);
-+ /* update_dir(parent) */
-+ res += inode_file_plugin(parent)->estimate.update(parent);
-+ /* safe-link */
-+ res += estimate_one_item_removal(tree_by_inode(object));
-+
-+ return res;
-+}
-+
-+/* Estimate disk space necessary to remove a link between @parent and
-+ @object.
-+*/
-+static reiser4_block_nr estimate_unlink(struct inode *parent, /* parent directory */
-+ struct inode *object
-+ /* object to which new link is being cerated */
-+ )
-+{
-+ reiser4_block_nr res = 0;
-+ file_plugin *fplug;
-+ dir_plugin *dplug;
-+
-+ assert("vpf-317", object != NULL);
-+ assert("vpf-318", parent != NULL);
-+
-+ fplug = inode_file_plugin(object);
-+ dplug = inode_dir_plugin(parent);
-+
-+ /* rem_entry(parent) */
-+ res += dplug->estimate.rem_entry(parent);
-+ /* reiser4_del_nlink(object) */
-+ res += fplug->estimate.update(object);
-+ /* update_dir(parent) */
-+ res += inode_file_plugin(parent)->estimate.update(parent);
-+ /* fplug->unlink */
-+ res += fplug->estimate.unlink(object, parent);
-+ /* safe-link */
-+ res += estimate_one_insert_item(tree_by_inode(object));
-+
-+ return res;
-+}
-+
-+/* helper for unlink_common. Estimate and grab space for unlink. */
-+static int unlink_check_and_grab(struct inode *parent, struct dentry *victim)
-+{
-+ file_plugin *fplug;
-+ struct inode *child;
-+ int result;
-+
-+ result = 0;
-+ child = victim->d_inode;
-+ fplug = inode_file_plugin(child);
-+
-+ /* check for race with create_object() */
-+ if (inode_get_flag(child, REISER4_IMMUTABLE))
-+ return RETERR(-E_REPEAT);
-+ /* object being deleted should have stat data */
-+ assert("vs-949", !inode_get_flag(child, REISER4_NO_SD));
-+
-+ /* ask object plugin */
-+ if (fplug->can_rem_link != NULL && !fplug->can_rem_link(child))
-+ return RETERR(-ENOTEMPTY);
-+
-+ result = (int)estimate_unlink(parent, child);
-+ if (result < 0)
-+ return result;
-+
-+ return reiser4_grab_reserved(child->i_sb, result, BA_CAN_COMMIT);
-+}
-+
-+/* helper for setattr_common */
-+static int setattr_reserve(reiser4_tree * tree)
-+{
-+ assert("vs-1096", is_grab_enabled(get_current_context()));
-+ return reiser4_grab_space(estimate_one_insert_into_item(tree),
-+ BA_CAN_COMMIT);
-+}
-+
-+/* helper function. Standards require that for many file-system operations
-+ on success ctime and mtime of parent directory is to be updated. */
-+int reiser4_update_dir(struct inode *dir)
-+{
-+ assert("nikita-2525", dir != NULL);
-+
-+ dir->i_ctime = dir->i_mtime = CURRENT_TIME;
-+ return reiser4_update_sd(dir);
-+}
-Index: linux-2.6.16/fs/reiser4/plugin/inode_ops_rename.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/inode_ops_rename.c
-@@ -0,0 +1,904 @@
-+/* Copyright 2001, 2002, 2003, 2004 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+#include "../inode.h"
-+#include "../safe_link.h"
-+
-+static const char *possible_leak = "Possible disk space leak.";
-+
-+/* re-bind existing name at @from_coord in @from_dir to point to @to_inode.
-+
-+ Helper function called from hashed_rename() */
-+static int replace_name(struct inode *to_inode, /* inode where @from_coord is
-+ * to be re-targeted at */
-+ struct inode *from_dir, /* directory where @from_coord
-+ * lives */
-+ struct inode *from_inode, /* inode @from_coord
-+ * originally point to */
-+ coord_t * from_coord, /* where directory entry is in
-+ * the tree */
-+ lock_handle * from_lh /* lock handle on @from_coord */ )
-+{
-+ item_plugin *from_item;
-+ int result;
-+ znode *node;
-+
-+ coord_clear_iplug(from_coord);
-+ node = from_coord->node;
-+ result = zload(node);
-+ if (result != 0)
-+ return result;
-+ from_item = item_plugin_by_coord(from_coord);
-+ if (item_type_by_coord(from_coord) == DIR_ENTRY_ITEM_TYPE) {
-+ reiser4_key to_key;
-+
-+ build_sd_key(to_inode, &to_key);
-+
-+ /* everything is found and prepared to change directory entry
-+ at @from_coord to point to @to_inode.
-+
-+ @to_inode is just about to get new name, so bump its link
-+ counter.
-+
-+ */
-+ result = reiser4_add_nlink(to_inode, from_dir, 0);
-+ if (result != 0) {
-+ /* Don't issue warning: this may be plain -EMLINK */
-+ zrelse(node);
-+ return result;
-+ }
-+
-+ result =
-+ from_item->s.dir.update_key(from_coord, &to_key, from_lh);
-+ if (result != 0) {
-+ reiser4_del_nlink(to_inode, from_dir, 0);
-+ zrelse(node);
-+ return result;
-+ }
-+
-+ /* @from_inode just lost its name, he-he.
-+
-+ If @from_inode was directory, it contained dotdot pointing
-+ to @from_dir. @from_dir i_nlink will be decreased when
-+ iput() will be called on @from_inode.
-+
-+ If file-system is not ADG (hard-links are
-+ supported on directories), iput(from_inode) will not remove
-+ @from_inode, and thus above is incorrect, but hard-links on
-+ directories are problematic in many other respects.
-+ */
-+ result = reiser4_del_nlink(from_inode, from_dir, 0);
-+ if (result != 0) {
-+ warning("nikita-2330",
-+ "Cannot remove link from source: %i. %s",
-+ result, possible_leak);
-+ }
-+ /* Has to return success, because entry is already
-+ * modified. */
-+ result = 0;
-+
-+ /* NOTE-NIKITA consider calling plugin method in stead of
-+ accessing inode fields directly. */
-+ from_dir->i_mtime = CURRENT_TIME;
-+ } else {
-+ warning("nikita-2326", "Unexpected item type");
-+ result = RETERR(-EIO);
-+ }
-+ zrelse(node);
-+ return result;
-+}
-+
-+/* add new entry pointing to @inode into @dir at @coord, locked by @lh
-+
-+ Helper function used by hashed_rename(). */
-+static int add_name(struct inode *inode, /* inode where @coord is to be
-+ * re-targeted at */
-+ struct inode *dir, /* directory where @coord lives */
-+ struct dentry *name, /* new name */
-+ coord_t * coord, /* where directory entry is in the tree */
-+ lock_handle * lh, /* lock handle on @coord */
-+ int is_dir /* true, if @inode is directory */ )
-+{
-+ int result;
-+ reiser4_dir_entry_desc entry;
-+
-+ assert("nikita-2333", lh->node == coord->node);
-+ assert("nikita-2334", is_dir == S_ISDIR(inode->i_mode));
-+
-+ memset(&entry, 0, sizeof entry);
-+ entry.obj = inode;
-+ /* build key of directory entry description */
-+ inode_dir_plugin(dir)->build_entry_key(dir, &name->d_name, &entry.key);
-+
-+ /* ext2 does this in different order: first inserts new entry,
-+ then increases directory nlink. We don't want do this,
-+ because reiser4_add_nlink() calls ->add_link() plugin
-+ method that can fail for whatever reason, leaving as with
-+ cleanup problems.
-+ */
-+ /* @inode is getting new name */
-+ reiser4_add_nlink(inode, dir, 0);
-+ /* create @new_name in @new_dir pointing to
-+ @old_inode */
-+ result = WITH_COORD(coord,
-+ inode_dir_item_plugin(dir)->s.dir.add_entry(dir,
-+ coord,
-+ lh,
-+ name,
-+ &entry));
-+ if (result != 0) {
-+ int result2;
-+ result2 = reiser4_del_nlink(inode, dir, 0);
-+ if (result2 != 0) {
-+ warning("nikita-2327",
-+ "Cannot drop link on %lli %i. %s",
-+ (unsigned long long)get_inode_oid(inode),
-+ result2, possible_leak);
-+ }
-+ } else
-+ INODE_INC_FIELD(dir, i_size);
-+ return result;
-+}
-+
-+static reiser4_block_nr estimate_rename(struct inode *old_dir, /* directory where @old is located */
-+ struct dentry *old_name, /* old name */
-+ struct inode *new_dir, /* directory where @new is located */
-+ struct dentry *new_name /* new name */ )
-+{
-+ reiser4_block_nr res1, res2;
-+ dir_plugin *p_parent_old, *p_parent_new;
-+ file_plugin *p_child_old, *p_child_new;
-+
-+ assert("vpf-311", old_dir != NULL);
-+ assert("vpf-312", new_dir != NULL);
-+ assert("vpf-313", old_name != NULL);
-+ assert("vpf-314", new_name != NULL);
-+
-+ p_parent_old = inode_dir_plugin(old_dir);
-+ p_parent_new = inode_dir_plugin(new_dir);
-+ p_child_old = inode_file_plugin(old_name->d_inode);
-+ if (new_name->d_inode)
-+ p_child_new = inode_file_plugin(new_name->d_inode);
-+ else
-+ p_child_new = NULL;
-+
-+ /* find_entry - can insert one leaf. */
-+ res1 = res2 = 1;
-+
-+ /* replace_name */
-+ {
-+ /* reiser4_add_nlink(p_child_old) and reiser4_del_nlink(p_child_old) */
-+ res1 += 2 * p_child_old->estimate.update(old_name->d_inode);
-+ /* update key */
-+ res1 += 1;
-+ /* reiser4_del_nlink(p_child_new) */
-+ if (p_child_new)
-+ res1 += p_child_new->estimate.update(new_name->d_inode);
-+ }
-+
-+ /* else add_name */
-+ {
-+ /* reiser4_add_nlink(p_parent_new) and reiser4_del_nlink(p_parent_new) */
-+ res2 +=
-+ 2 * inode_file_plugin(new_dir)->estimate.update(new_dir);
-+ /* reiser4_add_nlink(p_parent_old) */
-+ res2 += p_child_old->estimate.update(old_name->d_inode);
-+ /* add_entry(p_parent_new) */
-+ res2 += p_parent_new->estimate.add_entry(new_dir);
-+ /* reiser4_del_nlink(p_parent_old) */
-+ res2 += p_child_old->estimate.update(old_name->d_inode);
-+ }
-+
-+ res1 = res1 < res2 ? res2 : res1;
-+
-+ /* reiser4_write_sd(p_parent_new) */
-+ res1 += inode_file_plugin(new_dir)->estimate.update(new_dir);
-+
-+ /* reiser4_write_sd(p_child_new) */
-+ if (p_child_new)
-+ res1 += p_child_new->estimate.update(new_name->d_inode);
-+
-+ /* hashed_rem_entry(p_parent_old) */
-+ res1 += p_parent_old->estimate.rem_entry(old_dir);
-+
-+ /* reiser4_del_nlink(p_child_old) */
-+ res1 += p_child_old->estimate.update(old_name->d_inode);
-+
-+ /* replace_name */
-+ {
-+ /* reiser4_add_nlink(p_parent_dir_new) */
-+ res1 += inode_file_plugin(new_dir)->estimate.update(new_dir);
-+ /* update_key */
-+ res1 += 1;
-+ /* reiser4_del_nlink(p_parent_new) */
-+ res1 += inode_file_plugin(new_dir)->estimate.update(new_dir);
-+ /* reiser4_del_nlink(p_parent_old) */
-+ res1 += inode_file_plugin(old_dir)->estimate.update(old_dir);
-+ }
-+
-+ /* reiser4_write_sd(p_parent_old) */
-+ res1 += inode_file_plugin(old_dir)->estimate.update(old_dir);
-+
-+ /* reiser4_write_sd(p_child_old) */
-+ res1 += p_child_old->estimate.update(old_name->d_inode);
-+
-+ return res1;
-+}
-+
-+static int hashed_rename_estimate_and_grab(struct inode *old_dir, /* directory where @old is located */
-+ struct dentry *old_name, /* old name */
-+ struct inode *new_dir, /* directory where @new is located */
-+ struct dentry *new_name
-+ /* new name */ )
-+{
-+ reiser4_block_nr reserve;
-+
-+ reserve = estimate_rename(old_dir, old_name, new_dir, new_name);
-+
-+ if (reiser4_grab_space(reserve, BA_CAN_COMMIT))
-+ return RETERR(-ENOSPC);
-+
-+ return 0;
-+}
-+
-+/* check whether @old_inode and @new_inode can be moved within file system
-+ * tree. This singles out attempts to rename pseudo-files, for example. */
-+static int can_rename(struct inode *old_dir, struct inode *old_inode,
-+ struct inode *new_dir, struct inode *new_inode)
-+{
-+ file_plugin *fplug;
-+ dir_plugin *dplug;
-+
-+ assert("nikita-3370", old_inode != NULL);
-+
-+ dplug = inode_dir_plugin(new_dir);
-+ fplug = inode_file_plugin(old_inode);
-+
-+ if (dplug == NULL)
-+ return RETERR(-ENOTDIR);
-+ else if (new_dir->i_op->create == NULL)
-+ return RETERR(-EPERM);
-+ else if (!fplug->can_add_link(old_inode))
-+ return RETERR(-EMLINK);
-+ else if (new_inode != NULL) {
-+ fplug = inode_file_plugin(new_inode);
-+ if (fplug->can_rem_link != NULL &&
-+ !fplug->can_rem_link(new_inode))
-+ return RETERR(-EBUSY);
-+ }
-+ return 0;
-+}
-+
-+int find_entry(struct inode *, struct dentry *, lock_handle *,
-+ znode_lock_mode, reiser4_dir_entry_desc *);
-+int reiser4_update_dir(struct inode *);
-+
-+/* this is common implementation of vfs's rename method of struct
-+ inode_operations
-+ See comments in the body.
-+
-+ It is arguable that this function can be made generic so, that it
-+ will be applicable to any kind of directory plugin that deals with
-+ directories composed out of directory entries. The only obstacle
-+ here is that we don't have any data-type to represent directory
-+ entry. This should be re-considered when more than one different
-+ directory plugin will be implemented.
-+*/
-+int rename_common(struct inode *old_dir /* directory where @old is located */ ,
-+ struct dentry *old_name /* old name */ ,
-+ struct inode *new_dir /* directory where @new is located */ ,
-+ struct dentry *new_name /* new name */ )
-+{
-+ /* From `The Open Group Base Specifications Issue 6'
-+
-+ If either the old or new argument names a symbolic link, rename()
-+ shall operate on the symbolic link itself, and shall not resolve
-+ the last component of the argument. If the old argument and the new
-+ argument resolve to the same existing file, rename() shall return
-+ successfully and perform no other action.
-+
-+ [this is done by VFS: vfs_rename()]
-+
-+ If the old argument points to the pathname of a file that is not a
-+ directory, the new argument shall not point to the pathname of a
-+ directory.
-+
-+ [checked by VFS: vfs_rename->may_delete()]
-+
-+ If the link named by the new argument exists, it shall
-+ be removed and old renamed to new. In this case, a link named new
-+ shall remain visible to other processes throughout the renaming
-+ operation and refer either to the file referred to by new or old
-+ before the operation began.
-+
-+ [we should assure this]
-+
-+ Write access permission is required for
-+ both the directory containing old and the directory containing new.
-+
-+ [checked by VFS: vfs_rename->may_delete(), may_create()]
-+
-+ If the old argument points to the pathname of a directory, the new
-+ argument shall not point to the pathname of a file that is not a
-+ directory.
-+
-+ [checked by VFS: vfs_rename->may_delete()]
-+
-+ If the directory named by the new argument exists, it
-+ shall be removed and old renamed to new. In this case, a link named
-+ new shall exist throughout the renaming operation and shall refer
-+ either to the directory referred to by new or old before the
-+ operation began.
-+
-+ [we should assure this]
-+
-+ If new names an existing directory, it shall be
-+ required to be an empty directory.
-+
-+ [we should check this]
-+
-+ If the old argument points to a pathname of a symbolic link, the
-+ symbolic link shall be renamed. If the new argument points to a
-+ pathname of a symbolic link, the symbolic link shall be removed.
-+
-+ The new pathname shall not contain a path prefix that names
-+ old. Write access permission is required for the directory
-+ containing old and the directory containing new. If the old
-+ argument points to the pathname of a directory, write access
-+ permission may be required for the directory named by old, and, if
-+ it exists, the directory named by new.
-+
-+ [checked by VFS: vfs_rename(), vfs_rename_dir()]
-+
-+ If the link named by the new argument exists and the file's link
-+ count becomes 0 when it is removed and no process has the file
-+ open, the space occupied by the file shall be freed and the file
-+ shall no longer be accessible. If one or more processes have the
-+ file open when the last link is removed, the link shall be removed
-+ before rename() returns, but the removal of the file contents shall
-+ be postponed until all references to the file are closed.
-+
-+ [iput() handles this, but we can do this manually, a la
-+ reiser4_unlink()]
-+
-+ Upon successful completion, rename() shall mark for update the
-+ st_ctime and st_mtime fields of the parent directory of each file.
-+
-+ [N/A]
-+
-+ */
-+ reiser4_context *ctx;
-+ int result;
-+ int is_dir; /* is @old_name directory */
-+
-+ struct inode *old_inode;
-+ struct inode *new_inode;
-+ coord_t *new_coord;
-+
-+ reiser4_dentry_fsdata *new_fsdata;
-+ dir_plugin *dplug;
-+ file_plugin *fplug;
-+
-+ reiser4_dir_entry_desc *old_entry, *new_entry, *dotdot_entry;
-+ lock_handle *new_lh, *dotdot_lh;
-+ struct dentry *dotdot_name;
-+ reiser4_dentry_fsdata *dataonstack;
-+
-+ ctx = init_context(old_dir->i_sb);
-+ if (IS_ERR(ctx))
-+ return PTR_ERR(ctx);
-+
-+ old_entry = kmalloc(3 * sizeof(*old_entry) + 2 * sizeof(*new_lh) +
-+ sizeof(*dotdot_name) + sizeof(*dataonstack),
-+ GFP_KERNEL);
-+ if (old_entry == NULL) {
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+ return RETERR(-ENOMEM);
-+ }
-+ memset(old_entry, 0, 3 * sizeof(*old_entry) + 2 * sizeof(*new_lh) +
-+ sizeof(*dotdot_name) + sizeof(*dataonstack));
-+
-+ new_entry = old_entry + 1;
-+ dotdot_entry = old_entry + 2;
-+ new_lh = (lock_handle *)(old_entry + 3);
-+ dotdot_lh = new_lh + 1;
-+ dotdot_name = (struct dentry *)(new_lh + 2);
-+ dataonstack = (reiser4_dentry_fsdata *)(dotdot_name + 1);
-+
-+ assert("nikita-2318", old_dir != NULL);
-+ assert("nikita-2319", new_dir != NULL);
-+ assert("nikita-2320", old_name != NULL);
-+ assert("nikita-2321", new_name != NULL);
-+
-+ old_inode = old_name->d_inode;
-+ new_inode = new_name->d_inode;
-+
-+ dplug = inode_dir_plugin(old_dir);
-+ fplug = NULL;
-+
-+ new_fsdata = reiser4_get_dentry_fsdata(new_name);
-+ if (IS_ERR(new_fsdata)) {
-+ kfree(old_entry);
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+ return PTR_ERR(new_fsdata);
-+ }
-+
-+ new_coord = &new_fsdata->dec.entry_coord;
-+ coord_clear_iplug(new_coord);
-+
-+ is_dir = S_ISDIR(old_inode->i_mode);
-+
-+ assert("nikita-3461", old_inode->i_nlink >= 1 + !!is_dir);
-+
-+ /* if target is existing directory and it's not empty---return error.
-+
-+ This check is done specifically, because is_dir_empty() requires
-+ tree traversal and have to be done before locks are taken.
-+ */
-+ if (is_dir && new_inode != NULL && is_dir_empty(new_inode) != 0) {
-+ kfree(old_entry);
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+ return RETERR(-ENOTEMPTY);
-+ }
-+
-+ result = can_rename(old_dir, old_inode, new_dir, new_inode);
-+ if (result != 0) {
-+ kfree(old_entry);
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+ return result;
-+ }
-+
-+ result = hashed_rename_estimate_and_grab(old_dir, old_name,
-+ new_dir, new_name);
-+ if (result != 0) {
-+ kfree(old_entry);
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+ return result;
-+ }
-+
-+ init_lh(new_lh);
-+
-+ /* find entry for @new_name */
-+ result = find_entry(new_dir,
-+ new_name, new_lh, ZNODE_WRITE_LOCK, new_entry);
-+
-+ if (IS_CBKERR(result)) {
-+ done_lh(new_lh);
-+ kfree(old_entry);
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+ return result;
-+ }
-+
-+ seal_done(&new_fsdata->dec.entry_seal);
-+
-+ /* add or replace name for @old_inode as @new_name */
-+ if (new_inode != NULL) {
-+ /* target (@new_name) exists. */
-+ /* Not clear what to do with objects that are
-+ both directories and files at the same time. */
-+ if (result == CBK_COORD_FOUND) {
-+ result = replace_name(old_inode,
-+ new_dir,
-+ new_inode, new_coord, new_lh);
-+ if (result == 0)
-+ fplug = inode_file_plugin(new_inode);
-+ } else if (result == CBK_COORD_NOTFOUND) {
-+ /* VFS told us that @new_name is bound to existing
-+ inode, but we failed to find directory entry. */
-+ warning("nikita-2324", "Target not found");
-+ result = RETERR(-ENOENT);
-+ }
-+ } else {
-+ /* target (@new_name) doesn't exists. */
-+ if (result == CBK_COORD_NOTFOUND)
-+ result = add_name(old_inode,
-+ new_dir,
-+ new_name, new_coord, new_lh, is_dir);
-+ else if (result == CBK_COORD_FOUND) {
-+ /* VFS told us that @new_name is "negative" dentry,
-+ but we found directory entry. */
-+ warning("nikita-2331", "Target found unexpectedly");
-+ result = RETERR(-EIO);
-+ }
-+ }
-+
-+ assert("nikita-3462", ergo(result == 0,
-+ old_inode->i_nlink >= 2 + !!is_dir));
-+
-+ /* We are done with all modifications to the @new_dir, release lock on
-+ node. */
-+ done_lh(new_lh);
-+
-+ if (fplug != NULL) {
-+ /* detach @new_inode from name-space */
-+ result = fplug->detach(new_inode, new_dir);
-+ if (result != 0)
-+ warning("nikita-2330", "Cannot detach %lli: %i. %s",
-+ (unsigned long long)get_inode_oid(new_inode),
-+ result, possible_leak);
-+ }
-+
-+ if (new_inode != NULL)
-+ reiser4_update_sd(new_inode);
-+
-+ if (result == 0) {
-+ old_entry->obj = old_inode;
-+
-+ dplug->build_entry_key(old_dir,
-+ &old_name->d_name, &old_entry->key);
-+
-+ /* At this stage new name was introduced for
-+ @old_inode. @old_inode, @new_dir, and @new_inode i_nlink
-+ counters were updated.
-+
-+ We want to remove @old_name now. If @old_inode wasn't
-+ directory this is simple.
-+ */
-+ result = dplug->rem_entry(old_dir, old_name, old_entry);
-+ if (result != 0 && result != -ENOMEM) {
-+ warning("nikita-2335",
-+ "Cannot remove old name: %i", result);
-+ } else {
-+ result = reiser4_del_nlink(old_inode, old_dir, 0);
-+ if (result != 0 && result != -ENOMEM) {
-+ warning("nikita-2337",
-+ "Cannot drop link on old: %i", result);
-+ }
-+ }
-+
-+ if (result == 0 && is_dir) {
-+ /* @old_inode is directory. We also have to update
-+ dotdot entry. */
-+ coord_t *dotdot_coord;
-+
-+ memset(dataonstack, 0, sizeof dataonstack);
-+ memset(dotdot_entry, 0, sizeof dotdot_entry);
-+ dotdot_entry->obj = old_dir;
-+ memset(dotdot_name, 0, sizeof dotdot_name);
-+ dotdot_name->d_name.name = "..";
-+ dotdot_name->d_name.len = 2;
-+ /*
-+ * allocate ->d_fsdata on the stack to avoid using
-+ * reiser4_get_dentry_fsdata(). Locking is not needed,
-+ * because dentry is private to the current thread.
-+ */
-+ dotdot_name->d_fsdata = dataonstack;
-+ init_lh(dotdot_lh);
-+
-+ dotdot_coord = &dataonstack->dec.entry_coord;
-+ coord_clear_iplug(dotdot_coord);
-+
-+ result = find_entry(old_inode, dotdot_name, dotdot_lh,
-+ ZNODE_WRITE_LOCK, dotdot_entry);
-+ if (result == 0) {
-+ /* replace_name() decreases i_nlink on
-+ * @old_dir */
-+ result = replace_name(new_dir,
-+ old_inode,
-+ old_dir,
-+ dotdot_coord, dotdot_lh);
-+ } else
-+ result = RETERR(-EIO);
-+ done_lh(dotdot_lh);
-+ }
-+ }
-+ reiser4_update_dir(new_dir);
-+ reiser4_update_dir(old_dir);
-+ reiser4_update_sd(old_inode);
-+ if (result == 0) {
-+ file_plugin *fplug;
-+
-+ if (new_inode != NULL) {
-+ /* add safe-link for target file (in case we removed
-+ * last reference to the poor fellow */
-+ fplug = inode_file_plugin(new_inode);
-+ if (new_inode->i_nlink == 0)
-+ result = safe_link_add(new_inode, SAFE_UNLINK);
-+ }
-+ }
-+ kfree(old_entry);
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+ return result;
-+}
-+
-+#if 0
-+int rename_common(struct inode *old_dir /* directory where @old is located */ ,
-+ struct dentry *old_name /* old name */ ,
-+ struct inode *new_dir /* directory where @new is located */ ,
-+ struct dentry *new_name /* new name */ )
-+{
-+ /* From `The Open Group Base Specifications Issue 6'
-+
-+ If either the old or new argument names a symbolic link, rename()
-+ shall operate on the symbolic link itself, and shall not resolve
-+ the last component of the argument. If the old argument and the new
-+ argument resolve to the same existing file, rename() shall return
-+ successfully and perform no other action.
-+
-+ [this is done by VFS: vfs_rename()]
-+
-+ If the old argument points to the pathname of a file that is not a
-+ directory, the new argument shall not point to the pathname of a
-+ directory.
-+
-+ [checked by VFS: vfs_rename->may_delete()]
-+
-+ If the link named by the new argument exists, it shall
-+ be removed and old renamed to new. In this case, a link named new
-+ shall remain visible to other processes throughout the renaming
-+ operation and refer either to the file referred to by new or old
-+ before the operation began.
-+
-+ [we should assure this]
-+
-+ Write access permission is required for
-+ both the directory containing old and the directory containing new.
-+
-+ [checked by VFS: vfs_rename->may_delete(), may_create()]
-+
-+ If the old argument points to the pathname of a directory, the new
-+ argument shall not point to the pathname of a file that is not a
-+ directory.
-+
-+ [checked by VFS: vfs_rename->may_delete()]
-+
-+ If the directory named by the new argument exists, it
-+ shall be removed and old renamed to new. In this case, a link named
-+ new shall exist throughout the renaming operation and shall refer
-+ either to the directory referred to by new or old before the
-+ operation began.
-+
-+ [we should assure this]
-+
-+ If new names an existing directory, it shall be
-+ required to be an empty directory.
-+
-+ [we should check this]
-+
-+ If the old argument points to a pathname of a symbolic link, the
-+ symbolic link shall be renamed. If the new argument points to a
-+ pathname of a symbolic link, the symbolic link shall be removed.
-+
-+ The new pathname shall not contain a path prefix that names
-+ old. Write access permission is required for the directory
-+ containing old and the directory containing new. If the old
-+ argument points to the pathname of a directory, write access
-+ permission may be required for the directory named by old, and, if
-+ it exists, the directory named by new.
-+
-+ [checked by VFS: vfs_rename(), vfs_rename_dir()]
-+
-+ If the link named by the new argument exists and the file's link
-+ count becomes 0 when it is removed and no process has the file
-+ open, the space occupied by the file shall be freed and the file
-+ shall no longer be accessible. If one or more processes have the
-+ file open when the last link is removed, the link shall be removed
-+ before rename() returns, but the removal of the file contents shall
-+ be postponed until all references to the file are closed.
-+
-+ [iput() handles this, but we can do this manually, a la
-+ reiser4_unlink()]
-+
-+ Upon successful completion, rename() shall mark for update the
-+ st_ctime and st_mtime fields of the parent directory of each file.
-+
-+ [N/A]
-+
-+ */
-+ reiser4_context *ctx;
-+ int result;
-+ int is_dir; /* is @old_name directory */
-+ struct inode *old_inode;
-+ struct inode *new_inode;
-+ reiser4_dir_entry_desc old_entry;
-+ reiser4_dir_entry_desc new_entry;
-+ coord_t *new_coord;
-+ reiser4_dentry_fsdata *new_fsdata;
-+ lock_handle new_lh;
-+ dir_plugin *dplug;
-+ file_plugin *fplug;
-+
-+ ctx = init_context(old_dir->i_sb);
-+ if (IS_ERR(ctx))
-+ return PTR_ERR(ctx);
-+
-+ assert("nikita-2318", old_dir != NULL);
-+ assert("nikita-2319", new_dir != NULL);
-+ assert("nikita-2320", old_name != NULL);
-+ assert("nikita-2321", new_name != NULL);
-+
-+ old_inode = old_name->d_inode;
-+ new_inode = new_name->d_inode;
-+
-+ dplug = inode_dir_plugin(old_dir);
-+ fplug = NULL;
-+
-+ new_fsdata = reiser4_get_dentry_fsdata(new_name);
-+ if (IS_ERR(new_fsdata)) {
-+ result = PTR_ERR(new_fsdata);
-+ goto exit;
-+ }
-+
-+ new_coord = &new_fsdata->dec.entry_coord;
-+ coord_clear_iplug(new_coord);
-+
-+ is_dir = S_ISDIR(old_inode->i_mode);
-+
-+ assert("nikita-3461", old_inode->i_nlink >= 1 + !!is_dir);
-+
-+ /* if target is existing directory and it's not empty---return error.
-+
-+ This check is done specifically, because is_dir_empty() requires
-+ tree traversal and have to be done before locks are taken.
-+ */
-+ if (is_dir && new_inode != NULL && is_dir_empty(new_inode) != 0)
-+ return RETERR(-ENOTEMPTY);
-+
-+ result = can_rename(old_dir, old_inode, new_dir, new_inode);
-+ if (result != 0)
-+ goto exit;
-+
-+ result = hashed_rename_estimate_and_grab(old_dir, old_name,
-+ new_dir, new_name);
-+ if (result != 0)
-+ goto exit;
-+
-+ init_lh(&new_lh);
-+
-+ /* find entry for @new_name */
-+ result = find_entry(new_dir,
-+ new_name, &new_lh, ZNODE_WRITE_LOCK, &new_entry);
-+
-+ if (IS_CBKERR(result)) {
-+ done_lh(&new_lh);
-+ goto exit;
-+ }
-+
-+ seal_done(&new_fsdata->dec.entry_seal);
-+
-+ /* add or replace name for @old_inode as @new_name */
-+ if (new_inode != NULL) {
-+ /* target (@new_name) exists. */
-+ /* Not clear what to do with objects that are
-+ both directories and files at the same time. */
-+ if (result == CBK_COORD_FOUND) {
-+ result = replace_name(old_inode,
-+ new_dir,
-+ new_inode, new_coord, &new_lh);
-+ if (result == 0)
-+ fplug = inode_file_plugin(new_inode);
-+ } else if (result == CBK_COORD_NOTFOUND) {
-+ /* VFS told us that @new_name is bound to existing
-+ inode, but we failed to find directory entry. */
-+ warning("nikita-2324", "Target not found");
-+ result = RETERR(-ENOENT);
-+ }
-+ } else {
-+ /* target (@new_name) doesn't exists. */
-+ if (result == CBK_COORD_NOTFOUND)
-+ result = add_name(old_inode,
-+ new_dir,
-+ new_name, new_coord, &new_lh, is_dir);
-+ else if (result == CBK_COORD_FOUND) {
-+ /* VFS told us that @new_name is "negative" dentry,
-+ but we found directory entry. */
-+ warning("nikita-2331", "Target found unexpectedly");
-+ result = RETERR(-EIO);
-+ }
-+ }
-+
-+ assert("nikita-3462", ergo(result == 0,
-+ old_inode->i_nlink >= 2 + !!is_dir));
-+
-+ /* We are done with all modifications to the @new_dir, release lock on
-+ node. */
-+ done_lh(&new_lh);
-+
-+ if (fplug != NULL) {
-+ /* detach @new_inode from name-space */
-+ result = fplug->detach(new_inode, new_dir);
-+ if (result != 0)
-+ warning("nikita-2330", "Cannot detach %lli: %i. %s",
-+ (unsigned long long)get_inode_oid(new_inode),
-+ result, possible_leak);
-+ }
-+
-+ if (new_inode != NULL)
-+ reiser4_update_sd(new_inode);
-+
-+ if (result == 0) {
-+ memset(&old_entry, 0, sizeof old_entry);
-+ old_entry.obj = old_inode;
-+
-+ dplug->build_entry_key(old_dir,
-+ &old_name->d_name, &old_entry.key);
-+
-+ /* At this stage new name was introduced for
-+ @old_inode. @old_inode, @new_dir, and @new_inode i_nlink
-+ counters were updated.
-+
-+ We want to remove @old_name now. If @old_inode wasn't
-+ directory this is simple.
-+ */
-+ result = dplug->rem_entry(old_dir, old_name, &old_entry);
-+ /*result = rem_entry_hashed(old_dir, old_name, &old_entry); */
-+ if (result != 0 && result != -ENOMEM) {
-+ warning("nikita-2335",
-+ "Cannot remove old name: %i", result);
-+ } else {
-+ result = reiser4_del_nlink(old_inode, old_dir, 0);
-+ if (result != 0 && result != -ENOMEM) {
-+ warning("nikita-2337",
-+ "Cannot drop link on old: %i", result);
-+ }
-+ }
-+
-+ if (result == 0 && is_dir) {
-+ /* @old_inode is directory. We also have to update
-+ dotdot entry. */
-+ coord_t *dotdot_coord;
-+ lock_handle dotdot_lh;
-+ struct dentry dotdot_name;
-+ reiser4_dir_entry_desc dotdot_entry;
-+ reiser4_dentry_fsdata dataonstack;
-+ reiser4_dentry_fsdata *fsdata;
-+
-+ memset(&dataonstack, 0, sizeof dataonstack);
-+ memset(&dotdot_entry, 0, sizeof dotdot_entry);
-+ dotdot_entry.obj = old_dir;
-+ memset(&dotdot_name, 0, sizeof dotdot_name);
-+ dotdot_name.d_name.name = "..";
-+ dotdot_name.d_name.len = 2;
-+ /*
-+ * allocate ->d_fsdata on the stack to avoid using
-+ * reiser4_get_dentry_fsdata(). Locking is not needed,
-+ * because dentry is private to the current thread.
-+ */
-+ dotdot_name.d_fsdata = &dataonstack;
-+ init_lh(&dotdot_lh);
-+
-+ fsdata = &dataonstack;
-+ dotdot_coord = &fsdata->dec.entry_coord;
-+ coord_clear_iplug(dotdot_coord);
-+
-+ result = find_entry(old_inode, &dotdot_name, &dotdot_lh,
-+ ZNODE_WRITE_LOCK, &dotdot_entry);
-+ if (result == 0) {
-+ /* replace_name() decreases i_nlink on
-+ * @old_dir */
-+ result = replace_name(new_dir,
-+ old_inode,
-+ old_dir,
-+ dotdot_coord, &dotdot_lh);
-+ } else
-+ result = RETERR(-EIO);
-+ done_lh(&dotdot_lh);
-+ }
-+ }
-+ reiser4_update_dir(new_dir);
-+ reiser4_update_dir(old_dir);
-+ reiser4_update_sd(old_inode);
-+ if (result == 0) {
-+ file_plugin *fplug;
-+
-+ if (new_inode != NULL) {
-+ /* add safe-link for target file (in case we removed
-+ * last reference to the poor fellow */
-+ fplug = inode_file_plugin(new_inode);
-+ if (new_inode->i_nlink == 0)
-+ result = safe_link_add(new_inode, SAFE_UNLINK);
-+ }
-+ }
-+ exit:
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+ return result;
-+}
-+#endif
-Index: linux-2.6.16/fs/reiser4/plugin/item/Makefile
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/item/Makefile
-@@ -0,0 +1,18 @@
-+obj-$(CONFIG_REISER4_FS) += item_plugins.o
-+
-+item_plugins-objs := \
-+ item.o \
-+ static_stat.o \
-+ sde.o \
-+ cde.o \
-+ blackbox.o \
-+ internal.o \
-+ tail.o \
-+ ctail.o \
-+ extent.o \
-+ extent_item_ops.o \
-+ extent_file_ops.o \
-+ extent_flush_ops.o
-+
-+
-+
-Index: linux-2.6.16/fs/reiser4/plugin/item/acl.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/item/acl.h
-@@ -0,0 +1,66 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* Directory entry. */
-+
-+#if !defined( __FS_REISER4_PLUGIN_DIRECTORY_ENTRY_H__ )
-+#define __FS_REISER4_PLUGIN_DIRECTORY_ENTRY_H__
-+
-+#include "../../forward.h"
-+#include "../../dformat.h"
-+#include "../../kassign.h"
-+#include "../../key.h"
-+
-+#include <linux/fs.h>
-+#include <linux/dcache.h> /* for struct dentry */
-+
-+typedef struct directory_entry_format {
-+ /* key of object stat-data. It's not necessary to store whole
-+ key here, because it's always key of stat-data, so minor
-+ packing locality and offset can be omitted here. But this
-+ relies on particular key allocation scheme for stat-data, so,
-+ for extensibility sake, whole key can be stored here.
-+
-+ We store key as array of bytes, because we don't want 8-byte
-+ alignment of dir entries.
-+ */
-+ obj_key_id id;
-+ /* file name. Null terminated string. */
-+ d8 name[0];
-+} directory_entry_format;
-+
-+void print_de(const char *prefix, coord_t * coord);
-+int extract_key_de(const coord_t * coord, reiser4_key * key);
-+int update_key_de(const coord_t * coord, const reiser4_key * key,
-+ lock_handle * lh);
-+char *extract_name_de(const coord_t * coord, char *buf);
-+unsigned extract_file_type_de(const coord_t * coord);
-+int add_entry_de(struct inode *dir, coord_t * coord,
-+ lock_handle * lh, const struct dentry *name,
-+ reiser4_dir_entry_desc * entry);
-+int rem_entry_de(struct inode *dir, const struct qstr *name, coord_t * coord,
-+ lock_handle * lh, reiser4_dir_entry_desc * entry);
-+int max_name_len_de(const struct inode *dir);
-+
-+int de_rem_and_shrink(struct inode *dir, coord_t * coord, int length);
-+
-+char *extract_dent_name(const coord_t * coord,
-+ directory_entry_format * dent, char *buf);
-+
-+#if REISER4_LARGE_KEY
-+#define DE_NAME_BUF_LEN (24)
-+#else
-+#define DE_NAME_BUF_LEN (16)
-+#endif
-+
-+/* __FS_REISER4_PLUGIN_DIRECTORY_ENTRY_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/item/blackbox.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/item/blackbox.c
-@@ -0,0 +1,142 @@
-+/* Copyright 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* Black box item implementation */
-+
-+#include "../../forward.h"
-+#include "../../debug.h"
-+#include "../../dformat.h"
-+#include "../../kassign.h"
-+#include "../../coord.h"
-+#include "../../tree.h"
-+#include "../../lock.h"
-+
-+#include "blackbox.h"
-+#include "item.h"
-+#include "../plugin.h"
-+
-+int
-+store_black_box(reiser4_tree * tree,
-+ const reiser4_key * key, void *data, int length)
-+{
-+ int result;
-+ reiser4_item_data idata;
-+ coord_t coord;
-+ lock_handle lh;
-+
-+ memset(&idata, 0, sizeof idata);
-+
-+ idata.data = data;
-+ idata.user = 0;
-+ idata.length = length;
-+ idata.iplug = item_plugin_by_id(BLACK_BOX_ID);
-+
-+ init_lh(&lh);
-+ result = insert_by_key(tree, key,
-+ &idata, &coord, &lh, LEAF_LEVEL, CBK_UNIQUE);
-+
-+ assert("nikita-3413",
-+ ergo(result == 0,
-+ WITH_COORD(&coord,
-+ item_length_by_coord(&coord) == length)));
-+
-+ done_lh(&lh);
-+ return result;
-+}
-+
-+int
-+load_black_box(reiser4_tree * tree,
-+ reiser4_key * key, void *data, int length, int exact)
-+{
-+ int result;
-+ coord_t coord;
-+ lock_handle lh;
-+
-+ init_lh(&lh);
-+ result = coord_by_key(tree, key,
-+ &coord, &lh, ZNODE_READ_LOCK,
-+ exact ? FIND_EXACT : FIND_MAX_NOT_MORE_THAN,
-+ LEAF_LEVEL, LEAF_LEVEL, CBK_UNIQUE, NULL);
-+
-+ if (result == 0) {
-+ int ilen;
-+
-+ result = zload(coord.node);
-+ if (result == 0) {
-+ ilen = item_length_by_coord(&coord);
-+ if (ilen <= length) {
-+ memcpy(data, item_body_by_coord(&coord), ilen);
-+ unit_key_by_coord(&coord, key);
-+ } else if (exact) {
-+ /*
-+ * item is larger than buffer provided by the
-+ * user. Only issue a warning if @exact is
-+ * set. If @exact is false, we are iterating
-+ * over all safe-links and here we are reaching
-+ * the end of the iteration.
-+ */
-+ warning("nikita-3415",
-+ "Wrong black box length: %i > %i",
-+ ilen, length);
-+ result = RETERR(-EIO);
-+ }
-+ zrelse(coord.node);
-+ }
-+ }
-+
-+ done_lh(&lh);
-+ return result;
-+
-+}
-+
-+int
-+update_black_box(reiser4_tree * tree,
-+ const reiser4_key * key, void *data, int length)
-+{
-+ int result;
-+ coord_t coord;
-+ lock_handle lh;
-+
-+ init_lh(&lh);
-+ result = coord_by_key(tree, key,
-+ &coord, &lh, ZNODE_READ_LOCK,
-+ FIND_EXACT,
-+ LEAF_LEVEL, LEAF_LEVEL, CBK_UNIQUE, NULL);
-+ if (result == 0) {
-+ int ilen;
-+
-+ result = zload(coord.node);
-+ if (result == 0) {
-+ ilen = item_length_by_coord(&coord);
-+ if (length <= ilen) {
-+ memcpy(item_body_by_coord(&coord), data,
-+ length);
-+ } else {
-+ warning("nikita-3437",
-+ "Wrong black box length: %i < %i",
-+ ilen, length);
-+ result = RETERR(-EIO);
-+ }
-+ zrelse(coord.node);
-+ }
-+ }
-+
-+ done_lh(&lh);
-+ return result;
-+
-+}
-+
-+int kill_black_box(reiser4_tree * tree, const reiser4_key * key)
-+{
-+ return cut_tree(tree, key, key, NULL, 1);
-+}
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/item/blackbox.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/item/blackbox.h
-@@ -0,0 +1,33 @@
-+/* Copyright 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* "Black box" entry to fixed-width contain user supplied data */
-+
-+#if !defined( __FS_REISER4_BLACK_BOX_H__ )
-+#define __FS_REISER4_BLACK_BOX_H__
-+
-+#include "../../forward.h"
-+#include "../../dformat.h"
-+#include "../../kassign.h"
-+#include "../../key.h"
-+
-+extern int store_black_box(reiser4_tree * tree,
-+ const reiser4_key * key, void *data, int length);
-+extern int load_black_box(reiser4_tree * tree,
-+ reiser4_key * key, void *data, int length, int exact);
-+extern int kill_black_box(reiser4_tree * tree, const reiser4_key * key);
-+extern int update_black_box(reiser4_tree * tree,
-+ const reiser4_key * key, void *data, int length);
-+
-+/* __FS_REISER4_BLACK_BOX_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/item/cde.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/item/cde.c
-@@ -0,0 +1,1007 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* Directory entry implementation */
-+
-+/* DESCRIPTION:
-+
-+ This is "compound" directory item plugin implementation. This directory
-+ item type is compound (as opposed to the "simple directory item" in
-+ fs/reiser4/plugin/item/sde.[ch]), because it consists of several directory
-+ entries.
-+
-+ The reason behind this decision is disk space efficiency: all directory
-+ entries inside the same directory have identical fragment in their
-+ keys. This, of course, depends on key assignment policy. In our default key
-+ assignment policy, all directory entries have the same locality which is
-+ equal to the object id of their directory.
-+
-+ Composing directory item out of several directory entries for the same
-+ directory allows us to store said key fragment only once. That is, this is
-+ some ad hoc form of key compression (stem compression) that is implemented
-+ here, because general key compression is not supposed to be implemented in
-+ v4.0.
-+
-+ Another decision that was made regarding all directory item plugins, is
-+ that they will store entry keys unaligned. This is for that sake of disk
-+ space efficiency again.
-+
-+ In should be noted, that storing keys unaligned increases CPU consumption,
-+ at least on some architectures.
-+
-+ Internal on-disk structure of the compound directory item is the following:
-+
-+ HEADER cde_item_format. Here number of entries is stored.
-+ ENTRY_HEADER_0 cde_unit_header. Here part of entry key and
-+ ENTRY_HEADER_1 offset of entry body are stored.
-+ ENTRY_HEADER_2 (basically two last parts of key)
-+ ...
-+ ENTRY_HEADER_N
-+ ENTRY_BODY_0 directory_entry_format. Here part of stat data key and
-+ ENTRY_BODY_1 NUL-terminated name are stored.
-+ ENTRY_BODY_2 (part of statadta key in the
-+ sence that since all SDs have
-+ zero offset, this offset is not
-+ stored on disk).
-+ ...
-+ ENTRY_BODY_N
-+
-+ When it comes to the balancing, each directory entry in compound directory
-+ item is unit, that is, something that can be cut from one item and pasted
-+ into another item of the same type. Handling of unit cut and paste is major
-+ reason for the complexity of code below.
-+
-+*/
-+
-+#include "../../forward.h"
-+#include "../../debug.h"
-+#include "../../dformat.h"
-+#include "../../kassign.h"
-+#include "../../key.h"
-+#include "../../coord.h"
-+#include "sde.h"
-+#include "cde.h"
-+#include "item.h"
-+#include "../node/node.h"
-+#include "../plugin.h"
-+#include "../../znode.h"
-+#include "../../carry.h"
-+#include "../../tree.h"
-+#include "../../inode.h"
-+
-+#include <linux/fs.h> /* for struct inode */
-+#include <linux/dcache.h> /* for struct dentry */
-+#include <linux/quotaops.h>
-+
-+#if 0
-+#define CHECKME(coord) \
-+({ \
-+ const char *message; \
-+ coord_t dup; \
-+ \
-+ coord_dup_nocheck(&dup, (coord)); \
-+ dup.unit_pos = 0; \
-+ assert("nikita-2871", cde_check(&dup, &message) == 0); \
-+})
-+#else
-+#define CHECKME(coord) noop
-+#endif
-+
-+/* return body of compound directory item at @coord */
-+static inline cde_item_format *formatted_at(const coord_t * coord)
-+{
-+ assert("nikita-1282", coord != NULL);
-+ return item_body_by_coord(coord);
-+}
-+
-+/* return entry header at @coord */
-+static inline cde_unit_header *header_at(const coord_t *
-+ coord /* coord of item */ ,
-+ int idx /* index of unit */ )
-+{
-+ assert("nikita-1283", coord != NULL);
-+ return &formatted_at(coord)->entry[idx];
-+}
-+
-+/* return number of units in compound directory item at @coord */
-+static int units(const coord_t * coord /* coord of item */ )
-+{
-+ return le16_to_cpu(get_unaligned(&formatted_at(coord)->num_of_entries));
-+}
-+
-+/* return offset of the body of @idx-th entry in @coord */
-+static unsigned int offset_of(const coord_t * coord /* coord of item */ ,
-+ int idx /* index of unit */ )
-+{
-+ if (idx < units(coord))
-+ return le16_to_cpu(get_unaligned(&header_at(coord, idx)->offset));
-+ else if (idx == units(coord))
-+ return item_length_by_coord(coord);
-+ else
-+ impossible("nikita-1308", "Wrong idx");
-+ return 0;
-+}
-+
-+/* set offset of the body of @idx-th entry in @coord */
-+static void set_offset(const coord_t * coord /* coord of item */ ,
-+ int idx /* index of unit */ ,
-+ unsigned int offset /* new offset */ )
-+{
-+ put_unaligned(cpu_to_le16((__u16) offset), &header_at(coord, idx)->offset);
-+}
-+
-+static void adj_offset(const coord_t * coord /* coord of item */ ,
-+ int idx /* index of unit */ ,
-+ int delta /* offset change */ )
-+{
-+ d16 *doffset;
-+ __u16 offset;
-+
-+ doffset = &header_at(coord, idx)->offset;
-+ offset = le16_to_cpu(get_unaligned(doffset));
-+ offset += delta;
-+ put_unaligned(cpu_to_le16((__u16) offset), doffset);
-+}
-+
-+/* return pointer to @offset-th byte from the beginning of @coord */
-+static char *address(const coord_t * coord /* coord of item */ ,
-+ int offset)
-+{
-+ return ((char *)item_body_by_coord(coord)) + offset;
-+}
-+
-+/* return pointer to the body of @idx-th entry in @coord */
-+static directory_entry_format *entry_at(const coord_t * coord /* coord of
-+ * item */ ,
-+ int idx /* index of unit */ )
-+{
-+ return (directory_entry_format *) address(coord,
-+ (int)offset_of(coord, idx));
-+}
-+
-+/* return number of unit referenced by @coord */
-+static int idx_of(const coord_t * coord /* coord of item */ )
-+{
-+ assert("nikita-1285", coord != NULL);
-+ return coord->unit_pos;
-+}
-+
-+/* find position where entry with @entry_key would be inserted into @coord */
-+static int find(const coord_t * coord /* coord of item */ ,
-+ const reiser4_key * entry_key /* key to look for */ ,
-+ cmp_t * last /* result of last comparison */ )
-+{
-+ int entries;
-+
-+ int left;
-+ int right;
-+
-+ cde_unit_header *header;
-+
-+ assert("nikita-1295", coord != NULL);
-+ assert("nikita-1296", entry_key != NULL);
-+ assert("nikita-1297", last != NULL);
-+
-+ entries = units(coord);
-+ left = 0;
-+ right = entries - 1;
-+ while (right - left >= REISER4_SEQ_SEARCH_BREAK) {
-+ int median;
-+
-+ median = (left + right) >> 1;
-+
-+ header = header_at(coord, median);
-+ *last = de_id_key_cmp(&header->hash, entry_key);
-+ switch (*last) {
-+ case LESS_THAN:
-+ left = median;
-+ break;
-+ case GREATER_THAN:
-+ right = median;
-+ break;
-+ case EQUAL_TO:{
-+ do {
-+ median--;
-+ header--;
-+ } while (median >= 0 &&
-+ de_id_key_cmp(&header->hash,
-+ entry_key) == EQUAL_TO);
-+ return median + 1;
-+ }
-+ }
-+ }
-+ header = header_at(coord, left);
-+ for (; left < entries; ++left, ++header) {
-+ prefetch(header + 1);
-+ *last = de_id_key_cmp(&header->hash, entry_key);
-+ if (*last != LESS_THAN)
-+ break;
-+ }
-+ if (left < entries)
-+ return left;
-+ else
-+ return RETERR(-ENOENT);
-+
-+}
-+
-+/* expand @coord as to accommodate for insertion of @no new entries starting
-+ from @pos, with total bodies size @size. */
-+static int expand_item(const coord_t * coord /* coord of item */ ,
-+ int pos /* unit position */ , int no /* number of new
-+ * units*/ ,
-+ int size /* total size of new units' data */ ,
-+ unsigned int data_size /* free space already reserved
-+ * in the item for insertion */ )
-+{
-+ int entries;
-+ cde_unit_header *header;
-+ char *dent;
-+ int i;
-+
-+ assert("nikita-1310", coord != NULL);
-+ assert("nikita-1311", pos >= 0);
-+ assert("nikita-1312", no > 0);
-+ assert("nikita-1313", data_size >= no * sizeof(directory_entry_format));
-+ assert("nikita-1343",
-+ item_length_by_coord(coord) >=
-+ (int)(size + data_size + no * sizeof *header));
-+
-+ entries = units(coord);
-+
-+ if (pos == entries)
-+ dent = address(coord, size);
-+ else
-+ dent = (char *)entry_at(coord, pos);
-+ /* place where new header will be in */
-+ header = header_at(coord, pos);
-+ /* free space for new entry headers */
-+ memmove(header + no, header,
-+ (unsigned)(address(coord, size) - (char *)header));
-+ /* if adding to the end initialise first new header */
-+ if (pos == entries) {
-+ set_offset(coord, pos, (unsigned)size);
-+ }
-+
-+ /* adjust entry pointer and size */
-+ dent = dent + no * sizeof *header;
-+ size += no * sizeof *header;
-+ /* free space for new entries */
-+ memmove(dent + data_size, dent,
-+ (unsigned)(address(coord, size) - dent));
-+
-+ /* increase counter */
-+ entries += no;
-+ put_unaligned(cpu_to_le16((__u16) entries), &formatted_at(coord)->num_of_entries);
-+
-+ /* [ 0 ... pos ] entries were shifted by no * ( sizeof *header )
-+ bytes. */
-+ for (i = 0; i <= pos; ++i)
-+ adj_offset(coord, i, no * sizeof *header);
-+ /* [ pos + no ... +\infty ) entries were shifted by ( no *
-+ sizeof *header + data_size ) bytes */
-+ for (i = pos + no; i < entries; ++i)
-+ adj_offset(coord, i, no * sizeof *header + data_size);
-+ return 0;
-+}
-+
-+/* insert new @entry into item */
-+static int expand(const coord_t * coord /* coord of item */ ,
-+ cde_entry * entry /* entry to insert */ ,
-+ int len /* length of @entry data */ ,
-+ int *pos /* position to insert */ ,
-+ reiser4_dir_entry_desc * dir_entry /* parameters for new
-+ * entry */ )
-+{
-+ cmp_t cmp_res;
-+ int datasize;
-+
-+ *pos = find(coord, &dir_entry->key, &cmp_res);
-+ if (*pos < 0)
-+ *pos = units(coord);
-+
-+ datasize = sizeof(directory_entry_format);
-+ if (is_longname(entry->name->name, entry->name->len))
-+ datasize += entry->name->len + 1;
-+
-+ expand_item(coord, *pos, 1, item_length_by_coord(coord) - len,
-+ datasize);
-+ return 0;
-+}
-+
-+/* paste body of @entry into item */
-+static int paste_entry(const coord_t * coord /* coord of item */ ,
-+ cde_entry * entry /* new entry */ ,
-+ int pos /* position to insert */ ,
-+ reiser4_dir_entry_desc * dir_entry /* parameters for
-+ * new entry */ )
-+{
-+ cde_unit_header *header;
-+ directory_entry_format *dent;
-+ const char *name;
-+ int len;
-+
-+ header = header_at(coord, pos);
-+ dent = entry_at(coord, pos);
-+
-+ build_de_id_by_key(&dir_entry->key, &header->hash);
-+ build_inode_key_id(entry->obj, &dent->id);
-+ /* AUDIT unsafe strcpy() operation! It should be replaced with
-+ much less CPU hungry
-+ memcpy( ( char * ) dent -> name, entry -> name -> name , entry -> name -> len );
-+
-+ Also a more major thing is that there should be a way to figure out
-+ amount of space in dent -> name and be able to check that we are
-+ not going to overwrite more than we supposed to */
-+ name = entry->name->name;
-+ len = entry->name->len;
-+ if (is_longname(name, len)) {
-+ strcpy((unsigned char *)dent->name, name);
-+ put_unaligned(0, &dent->name[len]);
-+ }
-+ return 0;
-+}
-+
-+/* estimate how much space is necessary in item to insert/paste set of entries
-+ described in @data. */
-+int estimate_cde(const coord_t * coord /* coord of item */ ,
-+ const reiser4_item_data * data /* parameters for new item */ )
-+{
-+ cde_entry_data *e;
-+ int result;
-+ int i;
-+
-+ e = (cde_entry_data *) data->data;
-+
-+ assert("nikita-1288", e != NULL);
-+ assert("nikita-1289", e->num_of_entries >= 0);
-+
-+ if (coord == NULL)
-+ /* insert */
-+ result = sizeof(cde_item_format);
-+ else
-+ /* paste */
-+ result = 0;
-+
-+ result += e->num_of_entries *
-+ (sizeof(cde_unit_header) + sizeof(directory_entry_format));
-+ for (i = 0; i < e->num_of_entries; ++i) {
-+ const char *name;
-+ int len;
-+
-+ name = e->entry[i].name->name;
-+ len = e->entry[i].name->len;
-+ assert("nikita-2054", strlen(name) == len);
-+ if (is_longname(name, len))
-+ result += len + 1;
-+ }
-+ ((reiser4_item_data *) data)->length = result;
-+ return result;
-+}
-+
-+/* ->nr_units() method for this item plugin. */
-+pos_in_node_t nr_units_cde(const coord_t * coord /* coord of item */ )
-+{
-+ return units(coord);
-+}
-+
-+/* ->unit_key() method for this item plugin. */
-+reiser4_key *unit_key_cde(const coord_t * coord /* coord of item */ ,
-+ reiser4_key * key /* resulting key */ )
-+{
-+ assert("nikita-1452", coord != NULL);
-+ assert("nikita-1345", idx_of(coord) < units(coord));
-+ assert("nikita-1346", key != NULL);
-+
-+ item_key_by_coord(coord, key);
-+ extract_key_from_de_id(extract_dir_id_from_key(key),
-+ &header_at(coord, idx_of(coord))->hash, key);
-+ return key;
-+}
-+
-+/* mergeable_cde(): implementation of ->mergeable() item method.
-+
-+ Two directory items are mergeable iff they are from the same
-+ directory. That simple.
-+
-+*/
-+int mergeable_cde(const coord_t * p1 /* coord of first item */ ,
-+ const coord_t * p2 /* coord of second item */ )
-+{
-+ reiser4_key k1;
-+ reiser4_key k2;
-+
-+ assert("nikita-1339", p1 != NULL);
-+ assert("nikita-1340", p2 != NULL);
-+
-+ return
-+ (item_plugin_by_coord(p1) == item_plugin_by_coord(p2)) &&
-+ (extract_dir_id_from_key(item_key_by_coord(p1, &k1)) ==
-+ extract_dir_id_from_key(item_key_by_coord(p2, &k2)));
-+
-+}
-+
-+/* ->max_key_inside() method for this item plugin. */
-+reiser4_key *max_key_inside_cde(const coord_t * coord /* coord of item */ ,
-+ reiser4_key * result /* resulting key */ )
-+{
-+ assert("nikita-1342", coord != NULL);
-+
-+ item_key_by_coord(coord, result);
-+ set_key_ordering(result, get_key_ordering(max_key()));
-+ set_key_fulloid(result, get_key_fulloid(max_key()));
-+ set_key_offset(result, get_key_offset(max_key()));
-+ return result;
-+}
-+
-+/* @data contains data which are to be put into tree */
-+int can_contain_key_cde(const coord_t * coord /* coord of item */ ,
-+ const reiser4_key * key /* key to check */ ,
-+ const reiser4_item_data * data /* parameters of new
-+ * item/unit being
-+ * created */ )
-+{
-+ reiser4_key item_key;
-+
-+ /* FIXME-VS: do not rely on anything but iplug field of @data. Only
-+ data->iplug is initialized */
-+ assert("vs-457", data && data->iplug);
-+/* assert( "vs-553", data -> user == 0 );*/
-+ item_key_by_coord(coord, &item_key);
-+
-+ return (item_plugin_by_coord(coord) == data->iplug) &&
-+ (extract_dir_id_from_key(&item_key) ==
-+ extract_dir_id_from_key(key));
-+}
-+
-+#if REISER4_DEBUG
-+/* cde_check ->check() method for compressed directory items
-+
-+ used for debugging, every item should have here the most complete
-+ possible check of the consistency of the item that the inventor can
-+ construct
-+*/
-+int check_cde(const coord_t * coord /* coord of item to check */ ,
-+ const char **error /* where to store error message */ )
-+{
-+ int i;
-+ int result;
-+ char *item_start;
-+ char *item_end;
-+ reiser4_key key;
-+
-+ coord_t c;
-+
-+ assert("nikita-1357", coord != NULL);
-+ assert("nikita-1358", error != NULL);
-+
-+ if (!ergo(coord->item_pos != 0,
-+ is_dot_key(item_key_by_coord(coord, &key)))) {
-+ *error = "CDE doesn't start with dot";
-+ return -1;
-+ }
-+ item_start = item_body_by_coord(coord);
-+ item_end = item_start + item_length_by_coord(coord);
-+
-+ coord_dup(&c, coord);
-+ result = 0;
-+ for (i = 0; i < units(coord); ++i) {
-+ directory_entry_format *entry;
-+
-+ if ((char *)(header_at(coord, i) + 1) >
-+ item_end - units(coord) * sizeof *entry) {
-+ *error = "CDE header is out of bounds";
-+ result = -1;
-+ break;
-+ }
-+ entry = entry_at(coord, i);
-+ if ((char *)entry < item_start + sizeof(cde_item_format)) {
-+ *error = "CDE header is too low";
-+ result = -1;
-+ break;
-+ }
-+ if ((char *)(entry + 1) > item_end) {
-+ *error = "CDE header is too high";
-+ result = -1;
-+ break;
-+ }
-+ }
-+
-+ return result;
-+}
-+#endif
-+
-+/* ->init() method for this item plugin. */
-+int init_cde(coord_t * coord /* coord of item */ ,
-+ coord_t * from UNUSED_ARG, reiser4_item_data * data /* structure used for insertion */
-+ UNUSED_ARG)
-+{
-+ put_unaligned(cpu_to_le16(0), &formatted_at(coord)->num_of_entries);
-+ return 0;
-+}
-+
-+/* ->lookup() method for this item plugin. */
-+lookup_result lookup_cde(const reiser4_key * key /* key to search for */ ,
-+ lookup_bias bias /* search bias */ ,
-+ coord_t * coord /* coord of item to lookup in */ )
-+{
-+ cmp_t last_comp;
-+ int pos;
-+
-+ reiser4_key utmost_key;
-+
-+ assert("nikita-1293", coord != NULL);
-+ assert("nikita-1294", key != NULL);
-+
-+ CHECKME(coord);
-+
-+ if (keygt(item_key_by_coord(coord, &utmost_key), key)) {
-+ coord->unit_pos = 0;
-+ coord->between = BEFORE_UNIT;
-+ return CBK_COORD_NOTFOUND;
-+ }
-+ pos = find(coord, key, &last_comp);
-+ if (pos >= 0) {
-+ coord->unit_pos = (int)pos;
-+ switch (last_comp) {
-+ case EQUAL_TO:
-+ coord->between = AT_UNIT;
-+ return CBK_COORD_FOUND;
-+ case GREATER_THAN:
-+ coord->between = BEFORE_UNIT;
-+ return RETERR(-ENOENT);
-+ case LESS_THAN:
-+ default:
-+ impossible("nikita-1298", "Broken find");
-+ return RETERR(-EIO);
-+ }
-+ } else {
-+ coord->unit_pos = units(coord) - 1;
-+ coord->between = AFTER_UNIT;
-+ return (bias ==
-+ FIND_MAX_NOT_MORE_THAN) ? CBK_COORD_FOUND :
-+ CBK_COORD_NOTFOUND;
-+ }
-+}
-+
-+/* ->paste() method for this item plugin. */
-+int paste_cde(coord_t * coord /* coord of item */ ,
-+ reiser4_item_data * data /* parameters of new unit being
-+ * inserted */ ,
-+ carry_plugin_info * info UNUSED_ARG /* todo carry queue */ )
-+{
-+ cde_entry_data *e;
-+ int result;
-+ int i;
-+
-+ CHECKME(coord);
-+ e = (cde_entry_data *) data->data;
-+
-+ result = 0;
-+ for (i = 0; i < e->num_of_entries; ++i) {
-+ int pos;
-+ int phantom_size;
-+
-+ phantom_size = data->length;
-+ if (units(coord) == 0)
-+ phantom_size -= sizeof(cde_item_format);
-+
-+ result =
-+ expand(coord, e->entry + i, phantom_size, &pos, data->arg);
-+ if (result != 0)
-+ break;
-+ result = paste_entry(coord, e->entry + i, pos, data->arg);
-+ if (result != 0)
-+ break;
-+ }
-+ CHECKME(coord);
-+ return result;
-+}
-+
-+/* amount of space occupied by all entries starting from @idx both headers and
-+ bodies. */
-+static unsigned int part_size(const coord_t * coord /* coord of item */ ,
-+ int idx /* index of unit */ )
-+{
-+ assert("nikita-1299", coord != NULL);
-+ assert("nikita-1300", idx < (int)units(coord));
-+
-+ return sizeof(cde_item_format) +
-+ (idx + 1) * sizeof(cde_unit_header) + offset_of(coord,
-+ idx + 1) -
-+ offset_of(coord, 0);
-+}
-+
-+/* how many but not more than @want units of @source can be merged with
-+ item in @target node. If pend == append - we try to append last item
-+ of @target by first units of @source. If pend == prepend - we try to
-+ "prepend" first item in @target by last units of @source. @target
-+ node has @free_space bytes of free space. Total size of those units
-+ are returned via @size */
-+int can_shift_cde(unsigned free_space /* free space in item */ ,
-+ coord_t * coord /* coord of source item */ ,
-+ znode * target /* target node */ ,
-+ shift_direction pend /* shift direction */ ,
-+ unsigned *size /* resulting number of shifted bytes */ ,
-+ unsigned want /* maximal number of bytes to shift */ )
-+{
-+ int shift;
-+
-+ CHECKME(coord);
-+ if (want == 0) {
-+ *size = 0;
-+ return 0;
-+ }
-+
-+ /* pend == SHIFT_LEFT <==> shifting to the left */
-+ if (pend == SHIFT_LEFT) {
-+ for (shift = min((int)want - 1, units(coord)); shift >= 0;
-+ --shift) {
-+ *size = part_size(coord, shift);
-+ if (target != NULL)
-+ *size -= sizeof(cde_item_format);
-+ if (*size <= free_space)
-+ break;
-+ }
-+ shift = shift + 1;
-+ } else {
-+ int total_size;
-+
-+ assert("nikita-1301", pend == SHIFT_RIGHT);
-+
-+ total_size = item_length_by_coord(coord);
-+ for (shift = units(coord) - want - 1; shift < units(coord) - 1;
-+ ++shift) {
-+ *size = total_size - part_size(coord, shift);
-+ if (target == NULL)
-+ *size += sizeof(cde_item_format);
-+ if (*size <= free_space)
-+ break;
-+ }
-+ shift = units(coord) - shift - 1;
-+ }
-+ if (shift == 0)
-+ *size = 0;
-+ CHECKME(coord);
-+ return shift;
-+}
-+
-+/* ->copy_units() method for this item plugin. */
-+void copy_units_cde(coord_t * target /* coord of target item */ ,
-+ coord_t * source /* coord of source item */ ,
-+ unsigned from /* starting unit */ ,
-+ unsigned count /* how many units to copy */ ,
-+ shift_direction where_is_free_space /* shift direction */ ,
-+ unsigned free_space /* free space in item */ )
-+{
-+ char *header_from;
-+ char *header_to;
-+
-+ char *entry_from;
-+ char *entry_to;
-+
-+ int pos_in_target;
-+ int data_size;
-+ int data_delta;
-+ int i;
-+
-+ assert("nikita-1303", target != NULL);
-+ assert("nikita-1304", source != NULL);
-+ assert("nikita-1305", (int)from < units(source));
-+ assert("nikita-1307", (int)(from + count) <= units(source));
-+
-+ if (where_is_free_space == SHIFT_LEFT) {
-+ assert("nikita-1453", from == 0);
-+ pos_in_target = units(target);
-+ } else {
-+ assert("nikita-1309", (int)(from + count) == units(source));
-+ pos_in_target = 0;
-+ memmove(item_body_by_coord(target),
-+ (char *)item_body_by_coord(target) + free_space,
-+ item_length_by_coord(target) - free_space);
-+ }
-+
-+ CHECKME(target);
-+ CHECKME(source);
-+
-+ /* expand @target */
-+ data_size =
-+ offset_of(source, (int)(from + count)) - offset_of(source,
-+ (int)from);
-+
-+ if (units(target) == 0)
-+ free_space -= sizeof(cde_item_format);
-+
-+ expand_item(target, pos_in_target, (int)count,
-+ (int)(item_length_by_coord(target) - free_space),
-+ (unsigned)data_size);
-+
-+ /* copy first @count units of @source into @target */
-+ data_delta =
-+ offset_of(target, pos_in_target) - offset_of(source, (int)from);
-+
-+ /* copy entries */
-+ entry_from = (char *)entry_at(source, (int)from);
-+ entry_to = (char *)entry_at(source, (int)(from + count));
-+ memmove(entry_at(target, pos_in_target), entry_from,
-+ (unsigned)(entry_to - entry_from));
-+
-+ /* copy headers */
-+ header_from = (char *)header_at(source, (int)from);
-+ header_to = (char *)header_at(source, (int)(from + count));
-+ memmove(header_at(target, pos_in_target), header_from,
-+ (unsigned)(header_to - header_from));
-+
-+ /* update offsets */
-+ for (i = pos_in_target; i < (int)(pos_in_target + count); ++i)
-+ adj_offset(target, i, data_delta);
-+ CHECKME(target);
-+ CHECKME(source);
-+}
-+
-+/* ->cut_units() method for this item plugin. */
-+int cut_units_cde(coord_t * coord /* coord of item */ ,
-+ pos_in_node_t from /* start unit pos */ ,
-+ pos_in_node_t to /* stop unit pos */ ,
-+ struct carry_cut_data *cdata UNUSED_ARG,
-+ reiser4_key * smallest_removed, reiser4_key * new_first)
-+{
-+ char *header_from;
-+ char *header_to;
-+
-+ char *entry_from;
-+ char *entry_to;
-+
-+ int size;
-+ int entry_delta;
-+ int header_delta;
-+ int i;
-+
-+ unsigned count;
-+
-+ CHECKME(coord);
-+
-+ count = to - from + 1;
-+
-+ assert("nikita-1454", coord != NULL);
-+ assert("nikita-1455", (int)(from + count) <= units(coord));
-+
-+ if (smallest_removed)
-+ unit_key_by_coord(coord, smallest_removed);
-+
-+ if (new_first) {
-+ coord_t next;
-+
-+ /* not everything is cut from item head */
-+ assert("vs-1527", from == 0);
-+ assert("vs-1528", to < units(coord) - 1);
-+
-+ coord_dup(&next, coord);
-+ next.unit_pos++;
-+ unit_key_by_coord(&next, new_first);
-+ }
-+
-+ size = item_length_by_coord(coord);
-+ if (count == (unsigned)units(coord)) {
-+ return size;
-+ }
-+
-+ header_from = (char *)header_at(coord, (int)from);
-+ header_to = (char *)header_at(coord, (int)(from + count));
-+
-+ entry_from = (char *)entry_at(coord, (int)from);
-+ entry_to = (char *)entry_at(coord, (int)(from + count));
-+
-+ /* move headers */
-+ memmove(header_from, header_to,
-+ (unsigned)(address(coord, size) - header_to));
-+
-+ header_delta = header_to - header_from;
-+
-+ entry_from -= header_delta;
-+ entry_to -= header_delta;
-+ size -= header_delta;
-+
-+ /* copy entries */
-+ memmove(entry_from, entry_to,
-+ (unsigned)(address(coord, size) - entry_to));
-+
-+ entry_delta = entry_to - entry_from;
-+ size -= entry_delta;
-+
-+ /* update offsets */
-+
-+ for (i = 0; i < (int)from; ++i)
-+ adj_offset(coord, i, -header_delta);
-+
-+ for (i = from; i < units(coord) - (int)count; ++i)
-+ adj_offset(coord, i, -header_delta - entry_delta);
-+
-+ put_unaligned(cpu_to_le16((__u16) units(coord) - count),
-+ &formatted_at(coord)->num_of_entries);
-+
-+ if (from == 0) {
-+ /* entries from head was removed - move remaining to right */
-+ memmove((char *)item_body_by_coord(coord) +
-+ header_delta + entry_delta, item_body_by_coord(coord),
-+ (unsigned)size);
-+ if (REISER4_DEBUG)
-+ memset(item_body_by_coord(coord), 0,
-+ (unsigned)header_delta + entry_delta);
-+ } else {
-+ /* freed space is already at the end of item */
-+ if (REISER4_DEBUG)
-+ memset((char *)item_body_by_coord(coord) + size, 0,
-+ (unsigned)header_delta + entry_delta);
-+ }
-+
-+ return header_delta + entry_delta;
-+}
-+
-+int kill_units_cde(coord_t * coord /* coord of item */ ,
-+ pos_in_node_t from /* start unit pos */ ,
-+ pos_in_node_t to /* stop unit pos */ ,
-+ struct carry_kill_data *kdata UNUSED_ARG,
-+ reiser4_key * smallest_removed, reiser4_key * new_first)
-+{
-+ return cut_units_cde(coord, from, to, NULL, smallest_removed, new_first);
-+}
-+
-+/* ->s.dir.extract_key() method for this item plugin. */
-+int extract_key_cde(const coord_t * coord /* coord of item */ ,
-+ reiser4_key * key /* resulting key */ )
-+{
-+ directory_entry_format *dent;
-+
-+ assert("nikita-1155", coord != NULL);
-+ assert("nikita-1156", key != NULL);
-+
-+ dent = entry_at(coord, idx_of(coord));
-+ return extract_key_from_id(&dent->id, key);
-+}
-+
-+int
-+update_key_cde(const coord_t * coord, const reiser4_key * key,
-+ lock_handle * lh UNUSED_ARG)
-+{
-+ directory_entry_format *dent;
-+ obj_key_id obj_id;
-+ int result;
-+
-+ assert("nikita-2344", coord != NULL);
-+ assert("nikita-2345", key != NULL);
-+
-+ dent = entry_at(coord, idx_of(coord));
-+ result = build_obj_key_id(key, &obj_id);
-+ if (result == 0) {
-+ dent->id = obj_id;
-+ znode_make_dirty(coord->node);
-+ }
-+ return 0;
-+}
-+
-+/* ->s.dir.extract_name() method for this item plugin. */
-+char *extract_name_cde(const coord_t * coord /* coord of item */ , char *buf)
-+{
-+ directory_entry_format *dent;
-+
-+ assert("nikita-1157", coord != NULL);
-+
-+ dent = entry_at(coord, idx_of(coord));
-+ return extract_dent_name(coord, dent, buf);
-+}
-+
-+static int cde_bytes(int pasting, const reiser4_item_data * data)
-+{
-+ int result;
-+
-+ result = data->length;
-+ if (!pasting)
-+ result -= sizeof(cde_item_format);
-+ return result;
-+}
-+
-+/* ->s.dir.add_entry() method for this item plugin */
-+int add_entry_cde(struct inode *dir /* directory object */ ,
-+ coord_t * coord /* coord of item */ ,
-+ lock_handle * lh /* lock handle for insertion */ ,
-+ const struct dentry *name /* name to insert */ ,
-+ reiser4_dir_entry_desc * dir_entry /* parameters of new
-+ * directory entry */ )
-+{
-+ reiser4_item_data data;
-+ cde_entry entry;
-+ cde_entry_data edata;
-+ int result;
-+
-+ assert("nikita-1656", coord->node == lh->node);
-+ assert("nikita-1657", znode_is_write_locked(coord->node));
-+
-+ edata.num_of_entries = 1;
-+ edata.entry = &entry;
-+
-+ entry.dir = dir;
-+ entry.obj = dir_entry->obj;
-+ entry.name = &name->d_name;
-+
-+ data.data = (char *)&edata;
-+ data.user = 0; /* &edata is not user space */
-+ data.iplug = item_plugin_by_id(COMPOUND_DIR_ID);
-+ data.arg = dir_entry;
-+ assert("nikita-1302", data.iplug != NULL);
-+
-+ result = is_dot_key(&dir_entry->key);
-+ data.length = estimate_cde(result ? coord : NULL, &data);
-+
-+ /* NOTE-NIKITA quota plugin? */
-+ if (DQUOT_ALLOC_SPACE_NODIRTY(dir, cde_bytes(result, &data)))
-+ return RETERR(-EDQUOT);
-+
-+ if (result)
-+ result = insert_by_coord(coord, &data, &dir_entry->key, lh, 0);
-+ else
-+ result = resize_item(coord, &data, &dir_entry->key, lh, 0);
-+ return result;
-+}
-+
-+/* ->s.dir.rem_entry() */
-+int rem_entry_cde(struct inode *dir /* directory of item */ ,
-+ const struct qstr *name, coord_t * coord /* coord of item */ ,
-+ lock_handle * lh UNUSED_ARG /* lock handle for
-+ * removal */ ,
-+ reiser4_dir_entry_desc * entry UNUSED_ARG /* parameters of
-+ * directory entry
-+ * being removed */ )
-+{
-+ coord_t shadow;
-+ int result;
-+ int length;
-+ ON_DEBUG(char buf[DE_NAME_BUF_LEN]);
-+
-+ assert("nikita-2870", strlen(name->name) == name->len);
-+ assert("nikita-2869",
-+ !strcmp(name->name, extract_name_cde(coord, buf)));
-+
-+ length = sizeof(directory_entry_format) + sizeof(cde_unit_header);
-+ if (is_longname(name->name, name->len))
-+ length += name->len + 1;
-+
-+ if (inode_get_bytes(dir) < length) {
-+ warning("nikita-2628", "Dir is broke: %llu: %llu",
-+ (unsigned long long)get_inode_oid(dir),
-+ inode_get_bytes(dir));
-+
-+ return RETERR(-EIO);
-+ }
-+
-+ /* cut_node() is supposed to take pointers to _different_
-+ coords, because it will modify them without respect to
-+ possible aliasing. To work around this, create temporary copy
-+ of @coord.
-+ */
-+ coord_dup(&shadow, coord);
-+ result =
-+ kill_node_content(coord, &shadow, NULL, NULL, NULL, NULL, NULL, 0);
-+ if (result == 0) {
-+ /* NOTE-NIKITA quota plugin? */
-+ DQUOT_FREE_SPACE_NODIRTY(dir, length);
-+ }
-+ return result;
-+}
-+
-+/* ->s.dir.max_name_len() method for this item plugin */
-+int max_name_len_cde(const struct inode *dir /* directory */ )
-+{
-+ return
-+ tree_by_inode(dir)->nplug->max_item_size() -
-+ sizeof(directory_entry_format) - sizeof(cde_item_format) -
-+ sizeof(cde_unit_header) - 2;
-+}
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/item/cde.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/item/cde.h
-@@ -0,0 +1,87 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* Compound directory item. See cde.c for description. */
-+
-+#if !defined( __FS_REISER4_PLUGIN_COMPRESSED_DE_H__ )
-+#define __FS_REISER4_PLUGIN_COMPRESSED_DE_H__
-+
-+#include "../../forward.h"
-+#include "../../kassign.h"
-+#include "../../dformat.h"
-+
-+#include <linux/fs.h> /* for struct inode */
-+#include <linux/dcache.h> /* for struct dentry, etc */
-+
-+typedef struct cde_unit_header {
-+ de_id hash;
-+ d16 offset;
-+} cde_unit_header;
-+
-+typedef struct cde_item_format {
-+ d16 num_of_entries;
-+ cde_unit_header entry[0];
-+} cde_item_format;
-+
-+typedef struct cde_entry {
-+ const struct inode *dir;
-+ const struct inode *obj;
-+ const struct qstr *name;
-+} cde_entry;
-+
-+typedef struct cde_entry_data {
-+ int num_of_entries;
-+ cde_entry *entry;
-+} cde_entry_data;
-+
-+/* plugin->item.b.* */
-+reiser4_key *max_key_inside_cde(const coord_t * coord, reiser4_key * result);
-+int can_contain_key_cde(const coord_t * coord, const reiser4_key * key,
-+ const reiser4_item_data *);
-+int mergeable_cde(const coord_t * p1, const coord_t * p2);
-+pos_in_node_t nr_units_cde(const coord_t * coord);
-+reiser4_key *unit_key_cde(const coord_t * coord, reiser4_key * key);
-+int estimate_cde(const coord_t * coord, const reiser4_item_data * data);
-+void print_cde(const char *prefix, coord_t * coord);
-+int init_cde(coord_t * coord, coord_t * from, reiser4_item_data * data);
-+lookup_result lookup_cde(const reiser4_key * key, lookup_bias bias,
-+ coord_t * coord);
-+int paste_cde(coord_t * coord, reiser4_item_data * data,
-+ carry_plugin_info * info UNUSED_ARG);
-+int can_shift_cde(unsigned free_space, coord_t * coord, znode * target,
-+ shift_direction pend, unsigned *size, unsigned want);
-+void copy_units_cde(coord_t * target, coord_t * source, unsigned from,
-+ unsigned count, shift_direction where_is_free_space,
-+ unsigned free_space);
-+int cut_units_cde(coord_t * coord, pos_in_node_t from, pos_in_node_t to,
-+ struct carry_cut_data *, reiser4_key * smallest_removed,
-+ reiser4_key * new_first);
-+int kill_units_cde(coord_t * coord, pos_in_node_t from, pos_in_node_t to,
-+ struct carry_kill_data *, reiser4_key * smallest_removed,
-+ reiser4_key * new_first);
-+void print_cde(const char *prefix, coord_t * coord);
-+int check_cde(const coord_t * coord, const char **error);
-+
-+/* plugin->u.item.s.dir.* */
-+int extract_key_cde(const coord_t * coord, reiser4_key * key);
-+int update_key_cde(const coord_t * coord, const reiser4_key * key,
-+ lock_handle * lh);
-+char *extract_name_cde(const coord_t * coord, char *buf);
-+int add_entry_cde(struct inode *dir, coord_t * coord,
-+ lock_handle * lh, const struct dentry *name,
-+ reiser4_dir_entry_desc * entry);
-+int rem_entry_cde(struct inode *dir, const struct qstr *name, coord_t * coord,
-+ lock_handle * lh, reiser4_dir_entry_desc * entry);
-+int max_name_len_cde(const struct inode *dir);
-+
-+/* __FS_REISER4_PLUGIN_COMPRESSED_DE_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/item/ctail.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/item/ctail.c
-@@ -0,0 +1,1588 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* ctails (aka "clustered tails") are items for cryptcompress objects */
-+
-+/* DESCRIPTION:
-+
-+Each cryptcompress object is stored on disk as a set of clusters sliced
-+into ctails.
-+
-+Internal on-disk structure:
-+
-+ HEADER (1) Here stored disk cluster shift
-+ BODY
-+*/
-+
-+#include "../../forward.h"
-+#include "../../debug.h"
-+#include "../../dformat.h"
-+#include "../../kassign.h"
-+#include "../../key.h"
-+#include "../../coord.h"
-+#include "item.h"
-+#include "../node/node.h"
-+#include "../plugin.h"
-+#include "../object.h"
-+#include "../../znode.h"
-+#include "../../carry.h"
-+#include "../../tree.h"
-+#include "../../inode.h"
-+#include "../../super.h"
-+#include "../../context.h"
-+#include "../../page_cache.h"
-+#include "../cluster.h"
-+#include "../../flush.h"
-+#include "../../tree_walk.h"
-+
-+#include <linux/pagevec.h>
-+#include <linux/swap.h>
-+#include <linux/fs.h>
-+
-+/* return body of ctail item at @coord */
-+static ctail_item_format *ctail_formatted_at(const coord_t * coord)
-+{
-+ assert("edward-60", coord != NULL);
-+ return item_body_by_coord(coord);
-+}
-+
-+int cluster_shift_by_coord(const coord_t * coord)
-+{
-+ return get_unaligned(&ctail_formatted_at(coord)->cluster_shift);
-+}
-+
-+static loff_t off_by_coord(const coord_t * coord)
-+{
-+ reiser4_key key;
-+ return get_key_offset(item_key_by_coord(coord, &key));
-+}
-+
-+static int coord_is_unprepped_ctail(const coord_t * coord)
-+{
-+ assert("edward-1233", coord != NULL);
-+ assert("edward-1234", item_id_by_coord(coord) == CTAIL_ID);
-+ assert("edward-1235",
-+ ergo((int)cluster_shift_by_coord(coord) == (int)UCTAIL_SHIFT,
-+ nr_units_ctail(coord) == (pos_in_node_t) UCTAIL_NR_UNITS));
-+
-+ return (int)cluster_shift_by_coord(coord) == (int)UCTAIL_SHIFT;
-+}
-+
-+static cloff_t clust_by_coord(const coord_t * coord, struct inode *inode)
-+{
-+ int shift;
-+
-+ if (inode != NULL) {
-+ shift = inode_cluster_shift(inode);
-+ assert("edward-1236",
-+ ergo(!coord_is_unprepped_ctail(coord),
-+ shift == cluster_shift_by_coord(coord)));
-+ } else {
-+ assert("edward-1237", !coord_is_unprepped_ctail(coord));
-+ shift = cluster_shift_by_coord(coord);
-+ }
-+ return off_by_coord(coord) >> shift;
-+}
-+
-+static int disk_cluster_size(const coord_t * coord)
-+{
-+ assert("edward-1156",
-+ item_plugin_by_coord(coord) == item_plugin_by_id(CTAIL_ID));
-+ /* calculation of disk cluster size
-+ is meaninless if ctail is unprepped */
-+ assert("edward-1238", !coord_is_unprepped_ctail(coord));
-+
-+ return 1 << cluster_shift_by_coord(coord);
-+}
-+
-+/* true if the key is of first disk cluster item */
-+static int is_disk_cluster_key(const reiser4_key * key, const coord_t * coord)
-+{
-+ assert("edward-1239", item_id_by_coord(coord) == CTAIL_ID);
-+
-+ return coord_is_unprepped_ctail(coord) ||
-+ ((get_key_offset(key) &
-+ ((loff_t) disk_cluster_size(coord) - 1)) == 0);
-+}
-+
-+static char *first_unit(coord_t * coord)
-+{
-+ /* FIXME: warning: pointer of type `void *' used in arithmetic */
-+ return (char *)item_body_by_coord(coord) + sizeof(ctail_item_format);
-+}
-+
-+/* plugin->u.item.b.max_key_inside :
-+ tail_max_key_inside */
-+
-+/* plugin->u.item.b.can_contain_key */
-+int
-+can_contain_key_ctail(const coord_t * coord, const reiser4_key * key,
-+ const reiser4_item_data * data)
-+{
-+ reiser4_key item_key;
-+
-+ if (item_plugin_by_coord(coord) != data->iplug)
-+ return 0;
-+
-+ item_key_by_coord(coord, &item_key);
-+ if (get_key_locality(key) != get_key_locality(&item_key) ||
-+ get_key_objectid(key) != get_key_objectid(&item_key))
-+ return 0;
-+ if (get_key_offset(&item_key) + nr_units_ctail(coord) !=
-+ get_key_offset(key))
-+ return 0;
-+ if (is_disk_cluster_key(key, coord))
-+ return 0;
-+ return 1;
-+}
-+
-+/* plugin->u.item.b.mergeable
-+ c-tails of different clusters are not mergeable */
-+int mergeable_ctail(const coord_t * p1, const coord_t * p2)
-+{
-+ reiser4_key key1, key2;
-+
-+ assert("edward-62", item_id_by_coord(p1) == CTAIL_ID);
-+ assert("edward-61",
-+ item_type_by_coord(p1) == UNIX_FILE_METADATA_ITEM_TYPE);
-+
-+ if (item_id_by_coord(p2) != CTAIL_ID) {
-+ /* second item is of another type */
-+ return 0;
-+ }
-+
-+ item_key_by_coord(p1, &key1);
-+ item_key_by_coord(p2, &key2);
-+ if (get_key_locality(&key1) != get_key_locality(&key2) ||
-+ get_key_objectid(&key1) != get_key_objectid(&key2) ||
-+ get_key_type(&key1) != get_key_type(&key2)) {
-+ /* items of different objects */
-+ return 0;
-+ }
-+ if (get_key_offset(&key1) + nr_units_ctail(p1) != get_key_offset(&key2))
-+ /* not adjacent items */
-+ return 0;
-+ if (is_disk_cluster_key(&key2, p2))
-+ return 0;
-+ return 1;
-+}
-+
-+/* plugin->u.item.b.nr_units */
-+pos_in_node_t nr_units_ctail(const coord_t * coord)
-+{
-+ return (item_length_by_coord(coord) -
-+ sizeof(ctail_formatted_at(coord)->cluster_shift));
-+}
-+
-+/* plugin->u.item.b.estimate:
-+ estimate how much space is needed to insert/paste @data->length bytes
-+ into ctail at @coord */
-+int estimate_ctail(const coord_t * coord /* coord of item */ ,
-+ const reiser4_item_data *
-+ data /* parameters for new item */ )
-+{
-+ if (coord == NULL)
-+ /* insert */
-+ return (sizeof(ctail_item_format) + data->length);
-+ else
-+ /* paste */
-+ return data->length;
-+}
-+
-+/* ->init() method for this item plugin. */
-+int init_ctail(coord_t * to /* coord of item */ ,
-+ coord_t * from /* old_item */ ,
-+ reiser4_item_data * data /* structure used for insertion */ )
-+{
-+ int cluster_shift; /* cpu value to convert */
-+
-+ if (data) {
-+ assert("edward-463", data->length > sizeof(ctail_item_format));
-+ cluster_shift = *((int *)(data->arg));
-+ data->length -= sizeof(ctail_item_format);
-+ } else {
-+ assert("edward-464", from != NULL);
-+ assert("edward-855", ctail_ok(from));
-+ cluster_shift = (int)(cluster_shift_by_coord(from));
-+ }
-+ put_unaligned((d8)cluster_shift, &ctail_formatted_at(to)->cluster_shift);
-+ assert("edward-856", ctail_ok(to));
-+ return 0;
-+}
-+
-+/* plugin->u.item.b.lookup:
-+ NULL: We are looking for item keys only */
-+
-+#if REISER4_DEBUG
-+int ctail_ok(const coord_t * coord)
-+{
-+ return coord_is_unprepped_ctail(coord) ||
-+ cluster_shift_ok(cluster_shift_by_coord(coord));
-+}
-+
-+/* plugin->u.item.b.check */
-+int check_ctail(const coord_t * coord, const char **error)
-+{
-+ if (!ctail_ok(coord)) {
-+ if (error)
-+ *error = "bad cluster shift in ctail";
-+ return 1;
-+ }
-+ return 0;
-+}
-+#endif
-+
-+/* plugin->u.item.b.paste */
-+int
-+paste_ctail(coord_t * coord, reiser4_item_data * data,
-+ carry_plugin_info * info UNUSED_ARG)
-+{
-+ unsigned old_nr_units;
-+
-+ assert("edward-268", data->data != NULL);
-+ /* copy only from kernel space */
-+ assert("edward-66", data->user == 0);
-+
-+ old_nr_units =
-+ item_length_by_coord(coord) - sizeof(ctail_item_format) -
-+ data->length;
-+
-+ /* ctail items never get pasted in the middle */
-+
-+ if (coord->unit_pos == 0 && coord->between == AT_UNIT) {
-+
-+ /* paste at the beginning when create new item */
-+ assert("edward-450",
-+ item_length_by_coord(coord) ==
-+ data->length + sizeof(ctail_item_format));
-+ assert("edward-451", old_nr_units == 0);
-+ } else if (coord->unit_pos == old_nr_units - 1
-+ && coord->between == AFTER_UNIT) {
-+
-+ /* paste at the end */
-+ coord->unit_pos++;
-+ } else
-+ impossible("edward-453", "bad paste position");
-+
-+ memcpy(first_unit(coord) + coord->unit_pos, data->data, data->length);
-+
-+ assert("edward-857", ctail_ok(coord));
-+
-+ return 0;
-+}
-+
-+/* plugin->u.item.b.fast_paste */
-+
-+/* plugin->u.item.b.can_shift
-+ number of units is returned via return value, number of bytes via @size. For
-+ ctail items they coincide */
-+int
-+can_shift_ctail(unsigned free_space, coord_t * source,
-+ znode * target, shift_direction direction UNUSED_ARG,
-+ unsigned *size /* number of bytes */ , unsigned want)
-+{
-+ /* make sure that that we do not want to shift more than we have */
-+ assert("edward-68", want > 0 && want <= nr_units_ctail(source));
-+
-+ *size = min(want, free_space);
-+
-+ if (!target) {
-+ /* new item will be created */
-+ if (*size <= sizeof(ctail_item_format)) {
-+ *size = 0;
-+ return 0;
-+ }
-+ return *size - sizeof(ctail_item_format);
-+ }
-+ return *size;
-+}
-+
-+/* plugin->u.item.b.copy_units
-+ cooperates with ->can_shift() */
-+void
-+copy_units_ctail(coord_t * target, coord_t * source,
-+ unsigned from, unsigned count /* units */ ,
-+ shift_direction where_is_free_space,
-+ unsigned free_space /* bytes */ )
-+{
-+ /* make sure that item @target is expanded already */
-+ assert("edward-69", (unsigned)item_length_by_coord(target) >= count);
-+ assert("edward-70", free_space == count || free_space == count + 1);
-+
-+ assert("edward-858", ctail_ok(source));
-+
-+ if (where_is_free_space == SHIFT_LEFT) {
-+ /* append item @target with @count first bytes of @source:
-+ this restriction came from ordinary tails */
-+ assert("edward-71", from == 0);
-+ assert("edward-860", ctail_ok(target));
-+
-+ memcpy(first_unit(target) + nr_units_ctail(target) - count,
-+ first_unit(source), count);
-+ } else {
-+ /* target item is moved to right already */
-+ reiser4_key key;
-+
-+ assert("edward-72", nr_units_ctail(source) == from + count);
-+
-+ if (free_space == count) {
-+ init_ctail(target, source, NULL);
-+ } else {
-+ /* new item has been created */
-+ assert("edward-862", ctail_ok(target));
-+ }
-+ memcpy(first_unit(target), first_unit(source) + from, count);
-+
-+ assert("edward-863", ctail_ok(target));
-+
-+ /* new units are inserted before first unit in an item,
-+ therefore, we have to update item key */
-+ item_key_by_coord(source, &key);
-+ set_key_offset(&key, get_key_offset(&key) + from);
-+
-+ node_plugin_by_node(target->node)->update_item_key(target, &key,
-+ NULL /*info */);
-+ }
-+}
-+
-+/* plugin->u.item.b.create_hook */
-+int create_hook_ctail(const coord_t * coord, void *arg)
-+{
-+ assert("edward-864", znode_is_loaded(coord->node));
-+
-+ znode_set_convertible(coord->node);
-+ return 0;
-+}
-+
-+/* plugin->u.item.b.kill_hook */
-+int
-+kill_hook_ctail(const coord_t * coord, pos_in_node_t from, pos_in_node_t count,
-+ carry_kill_data * kdata)
-+{
-+ struct inode *inode;
-+
-+ assert("edward-1157", item_id_by_coord(coord) == CTAIL_ID);
-+ assert("edward-291", znode_is_write_locked(coord->node));
-+
-+ inode = kdata->inode;
-+ if (inode) {
-+ reiser4_key key;
-+ item_key_by_coord(coord, &key);
-+
-+ if (from == 0 && is_disk_cluster_key(&key, coord)) {
-+ cloff_t start =
-+ off_to_clust(get_key_offset(&key), inode);
-+ truncate_page_cluster(inode, start);
-+ }
-+ }
-+ return 0;
-+}
-+
-+/* for shift_hook_ctail(),
-+ return true if the first disk cluster item has dirty child
-+*/
-+static int ctail_convertible(const coord_t * coord)
-+{
-+ int result;
-+ reiser4_key key;
-+ jnode *child = NULL;
-+
-+ assert("edward-477", coord != NULL);
-+ assert("edward-478", item_id_by_coord(coord) == CTAIL_ID);
-+
-+ if (coord_is_unprepped_ctail(coord))
-+ /* unprepped ctail should be converted */
-+ return 1;
-+
-+ item_key_by_coord(coord, &key);
-+ child = jlookup(current_tree,
-+ get_key_objectid(&key),
-+ off_to_pg(off_by_coord(coord)));
-+ if (!child)
-+ return 0;
-+ result = JF_ISSET(child, JNODE_DIRTY);
-+ jput(child);
-+ return result;
-+}
-+
-+/* FIXME-EDWARD */
-+/* plugin->u.item.b.shift_hook */
-+int shift_hook_ctail(const coord_t * item /* coord of item */ ,
-+ unsigned from UNUSED_ARG /* start unit */ ,
-+ unsigned count UNUSED_ARG /* stop unit */ ,
-+ znode * old_node /* old parent */ )
-+{
-+ assert("edward-479", item != NULL);
-+ assert("edward-480", item->node != old_node);
-+
-+ if (!znode_convertible(old_node) || znode_convertible(item->node))
-+ return 0;
-+ if (ctail_convertible(item))
-+ znode_set_convertible(item->node);
-+ return 0;
-+}
-+
-+static int
-+cut_or_kill_ctail_units(coord_t * coord, pos_in_node_t from, pos_in_node_t to,
-+ int cut, void *p, reiser4_key * smallest_removed,
-+ reiser4_key * new_first)
-+{
-+ pos_in_node_t count; /* number of units to cut */
-+ char *item;
-+
-+ count = to - from + 1;
-+ item = item_body_by_coord(coord);
-+
-+ assert("edward-74", ergo(from != 0, to == coord_last_unit_pos(coord)));
-+
-+ if (smallest_removed) {
-+ /* store smallest key removed */
-+ item_key_by_coord(coord, smallest_removed);
-+ set_key_offset(smallest_removed,
-+ get_key_offset(smallest_removed) + from);
-+ }
-+
-+ if (new_first) {
-+ assert("vs-1531", from == 0);
-+
-+ item_key_by_coord(coord, new_first);
-+ set_key_offset(new_first,
-+ get_key_offset(new_first) + from + count);
-+ }
-+
-+ if (!cut)
-+ kill_hook_ctail(coord, from, 0, (struct carry_kill_data *)p);
-+
-+ if (from == 0) {
-+ if (count != nr_units_ctail(coord)) {
-+ /* part of item is removed, so move free space at the beginning
-+ of the item and update item key */
-+ reiser4_key key;
-+ memcpy(item + to + 1, item, sizeof(ctail_item_format));
-+ item_key_by_coord(coord, &key);
-+ set_key_offset(&key, get_key_offset(&key) + count);
-+ node_plugin_by_node(coord->node)->update_item_key(coord,
-+ &key,
-+ NULL);
-+ } else {
-+ /* cut_units should not be called to cut evrything */
-+ assert("vs-1532", ergo(cut, 0));
-+ /* whole item is cut, so more then amount of space occupied
-+ by units got freed */
-+ count += sizeof(ctail_item_format);
-+ }
-+ if (REISER4_DEBUG)
-+ memset(item, 0, count);
-+ } else if (REISER4_DEBUG)
-+ memset(item + sizeof(ctail_item_format) + from, 0, count);
-+ return count;
-+}
-+
-+/* plugin->u.item.b.cut_units */
-+int
-+cut_units_ctail(coord_t * item, pos_in_node_t from, pos_in_node_t to,
-+ carry_cut_data * cdata, reiser4_key * smallest_removed,
-+ reiser4_key * new_first)
-+{
-+ return cut_or_kill_ctail_units(item, from, to, 1, NULL,
-+ smallest_removed, new_first);
-+}
-+
-+/* plugin->u.item.b.kill_units */
-+int
-+kill_units_ctail(coord_t * item, pos_in_node_t from, pos_in_node_t to,
-+ struct carry_kill_data *kdata, reiser4_key * smallest_removed,
-+ reiser4_key * new_first)
-+{
-+ return cut_or_kill_ctail_units(item, from, to, 0, kdata,
-+ smallest_removed, new_first);
-+}
-+
-+/* plugin->u.item.s.file.read */
-+int read_ctail(struct file *file UNUSED_ARG, flow_t * f, hint_t * hint)
-+{
-+ uf_coord_t *uf_coord;
-+ coord_t *coord;
-+
-+ uf_coord = &hint->ext_coord;
-+ coord = &uf_coord->coord;
-+ assert("edward-127", f->user == 0);
-+ assert("edward-129", coord && coord->node);
-+ assert("edward-130", coord_is_existing_unit(coord));
-+ assert("edward-132", znode_is_loaded(coord->node));
-+
-+ /* start read only from the beginning of ctail */
-+ assert("edward-133", coord->unit_pos == 0);
-+ /* read only whole ctails */
-+ assert("edward-135", nr_units_ctail(coord) <= f->length);
-+
-+ assert("edward-136", schedulable());
-+ assert("edward-886", ctail_ok(coord));
-+
-+ if (f->data)
-+ memcpy(f->data, (char *)first_unit(coord),
-+ (size_t) nr_units_ctail(coord));
-+
-+ dclust_set_extension(hint);
-+ mark_page_accessed(znode_page(coord->node));
-+ move_flow_forward(f, nr_units_ctail(coord));
-+
-+ return 0;
-+}
-+
-+/* Reads a disk cluster consists of ctail items,
-+ attaches a transform stream with plain text */
-+int ctail_read_disk_cluster(reiser4_cluster_t * clust, struct inode *inode,
-+ int write)
-+{
-+ int result;
-+ assert("edward-671", clust->hint != NULL);
-+ assert("edward-140", clust->dstat == INVAL_DISK_CLUSTER);
-+ assert("edward-672", crc_inode_ok(inode));
-+
-+ /* set input stream */
-+ result = grab_tfm_stream(inode, &clust->tc, INPUT_STREAM);
-+ if (result)
-+ return result;
-+
-+ result = find_cluster(clust, inode, 1 /* read */ , write);
-+ assert("edward-1340", !result);
-+ if (result)
-+ return result;
-+ if (!write)
-+ /* write still need the lock to insert unprepped
-+ items, etc... */
-+ put_hint_cluster(clust, inode, ZNODE_READ_LOCK);
-+
-+ assert("edward-673",
-+ ergo(write, znode_is_write_locked(clust->hint->lh.node)));
-+
-+ if (clust->dstat == FAKE_DISK_CLUSTER ||
-+ clust->dstat == UNPR_DISK_CLUSTER) {
-+ tfm_cluster_set_uptodate(&clust->tc);
-+ return 0;
-+ }
-+ result = grab_coa(&clust->tc, inode_compression_plugin(inode));
-+ if (result)
-+ return result;
-+ result = inflate_cluster(clust, inode);
-+ if (result)
-+ return result;
-+ tfm_cluster_set_uptodate(&clust->tc);
-+ return 0;
-+}
-+
-+/* read one locked page */
-+int do_readpage_ctail(struct inode * inode, reiser4_cluster_t * clust,
-+ struct page *page)
-+{
-+ int ret;
-+ unsigned cloff;
-+ char *data;
-+ size_t pgcnt;
-+ tfm_cluster_t *tc = &clust->tc;
-+
-+ assert("edward-212", PageLocked(page));
-+
-+ if (PageUptodate(page))
-+ goto exit;
-+
-+ if (!tfm_cluster_is_uptodate(&clust->tc)) {
-+ clust->index = pg_to_clust(page->index, inode);
-+ unlock_page(page);
-+ ret = ctail_read_disk_cluster(clust, inode, 0 /* read */ );
-+ lock_page(page);
-+ if (ret)
-+ return ret;
-+ }
-+ if (PageUptodate(page))
-+ /* races with another read/write */
-+ goto exit;
-+
-+ /* bytes in the page */
-+ pgcnt = cnt_to_pgcnt(i_size_read(inode), page->index);
-+
-+ if (pgcnt == 0) {
-+ assert("edward-1290", 0);
-+ return RETERR(-EINVAL);
-+ }
-+ assert("edward-119", tfm_cluster_is_uptodate(tc));
-+
-+ switch (clust->dstat) {
-+ case UNPR_DISK_CLUSTER:
-+ assert("edward-1285", 0);
-+#if REISER4_DEBUG
-+ warning("edward-1168",
-+ "page %lu is not uptodate and disk cluster %lu (inode %llu) is unprepped\n",
-+ page->index, clust->index,
-+ (unsigned long long)get_inode_oid(inode));
-+#endif
-+ case FAKE_DISK_CLUSTER:
-+ /* fill the page by zeroes */
-+ data = kmap_atomic(page, KM_USER0);
-+
-+ memset(data, 0, PAGE_CACHE_SIZE);
-+ flush_dcache_page(page);
-+ kunmap_atomic(data, KM_USER0);
-+ SetPageUptodate(page);
-+ break;
-+ case PREP_DISK_CLUSTER:
-+ /* fill the page by transformed data */
-+ assert("edward-1058", !PageUptodate(page));
-+ assert("edward-120", tc->len <= inode_cluster_size(inode));
-+
-+ /* start page offset in the cluster */
-+ cloff = pg_to_off_to_cloff(page->index, inode);
-+
-+ data = kmap(page);
-+ memcpy(data, tfm_stream_data(tc, OUTPUT_STREAM) + cloff, pgcnt);
-+ memset(data + pgcnt, 0, (size_t) PAGE_CACHE_SIZE - pgcnt);
-+ flush_dcache_page(page);
-+ kunmap(page);
-+ SetPageUptodate(page);
-+ break;
-+ default:
-+ impossible("edward-1169", "bad disk cluster state");
-+ }
-+ exit:
-+ return 0;
-+}
-+
-+/* plugin->u.item.s.file.readpage */
-+int readpage_ctail(void *vp, struct page *page)
-+{
-+ int result;
-+ hint_t *hint;
-+ reiser4_cluster_t *clust = vp;
-+
-+ assert("edward-114", clust != NULL);
-+ assert("edward-115", PageLocked(page));
-+ assert("edward-116", !PageUptodate(page));
-+ assert("edward-117", !jprivate(page) && !PagePrivate(page));
-+ assert("edward-118", page->mapping && page->mapping->host);
-+ assert("edward-867", !tfm_cluster_is_uptodate(&clust->tc));
-+
-+ hint = kmalloc(sizeof(*hint), GFP_KERNEL);
-+ if (hint == NULL)
-+ return RETERR(-ENOMEM);
-+ clust->hint = hint;
-+ result = load_file_hint(clust->file, hint);
-+ if (result) {
-+ kfree(hint);
-+ return result;
-+ }
-+ assert("vs-25", hint->ext_coord.lh == &hint->lh);
-+ result = do_readpage_ctail(page->mapping->host, clust, page);
-+
-+ assert("edward-213", PageLocked(page));
-+ assert("edward-1163", ergo(!result, PageUptodate(page)));
-+ assert("edward-868",
-+ ergo(!result, tfm_cluster_is_uptodate(&clust->tc)));
-+
-+ unlock_page(page);
-+ done_lh(&hint->lh);
-+ hint->ext_coord.valid = 0;
-+ save_file_hint(clust->file, hint);
-+ kfree(hint);
-+ tfm_cluster_clr_uptodate(&clust->tc);
-+
-+ return result;
-+}
-+
-+/* This unconditionally reads a disk cluster.
-+ Helper function for ->readpages() */
-+static int
-+ctail_read_page_cluster(reiser4_cluster_t * clust, struct inode *inode)
-+{
-+ int i;
-+ int result;
-+ assert("edward-779", clust != NULL);
-+ assert("edward-1059", clust->win == NULL);
-+ assert("edward-780", inode != NULL);
-+
-+ result = prepare_page_cluster(inode, clust, 0 /* do not capture */ );
-+ if (result)
-+ return result;
-+ result = ctail_read_disk_cluster(clust, inode, 0 /* read */ );
-+ if (result)
-+ goto out;
-+ /* at this point stream with valid plain text is attached */
-+ assert("edward-781", tfm_cluster_is_uptodate(&clust->tc));
-+
-+ for (i = 0; i < clust->nr_pages; i++) {
-+ struct page *page = clust->pages[i];
-+ lock_page(page);
-+ result = do_readpage_ctail(inode, clust, page);
-+ unlock_page(page);
-+ if (result)
-+ break;
-+ }
-+ tfm_cluster_clr_uptodate(&clust->tc);
-+ out:
-+ release_cluster_pages(clust);
-+ return result;
-+}
-+
-+#define list_to_page(head) (list_entry((head)->prev, struct page, lru))
-+#define list_to_next_page(head) (list_entry((head)->prev->prev, struct page, lru))
-+
-+#if REISER4_DEBUG
-+#define check_order(pages) \
-+assert("edward-214", ergo(!list_empty(pages) && pages->next != pages->prev, \
-+ list_to_page(pages)->index < list_to_next_page(pages)->index))
-+#endif
-+
-+/* plugin->u.item.s.file.readpages
-+ Populate an address space with some page clusters,
-+ and start reads against them.
-+ FIXME-EDWARD: this function should return errors?
-+*/
-+void
-+readpages_ctail(void *vp, struct address_space *mapping,
-+ struct list_head *pages)
-+{
-+ int ret = 0;
-+ hint_t *hint;
-+ reiser4_cluster_t clust;
-+ struct page *page;
-+ struct pagevec lru_pvec;
-+ struct inode *inode = mapping->host;
-+ int progress = 0;
-+
-+ assert("edward-214", ergo(!list_empty(pages) &&
-+ pages->next != pages->prev,
-+ list_to_page(pages)->index <
-+ list_to_next_page(pages)->index));
-+ pagevec_init(&lru_pvec, 0);
-+ cluster_init_read(&clust, NULL);
-+ clust.file = vp;
-+ hint = kmalloc(sizeof(*hint), GFP_KERNEL);
-+ if (hint == NULL) {
-+ warning("vs-28", "failed to allocate hint");
-+ goto exit1;
-+ }
-+ clust.hint = hint;
-+ ret = load_file_hint(clust.file, hint);
-+ if (ret)
-+ goto exit2;
-+ ret = alloc_cluster_pgset(&clust, cluster_nrpages(inode));
-+ if (ret)
-+ goto exit3;
-+ assert("vs-26", hint->ext_coord.lh == &hint->lh);
-+
-+ /* address_space-level file readahead doesn't know about
-+ reiser4 concept of clustering, so we work around this
-+ fact: with each page of the list @pages address space
-+ will be populated with the whole page cluster.
-+ */
-+ while (!list_empty(pages)) {
-+ page = list_to_page(pages);
-+ list_del(&page->lru);
-+ if (add_to_page_cache(page, mapping, page->index, GFP_KERNEL)) {
-+ page_cache_release(page);
-+ continue;
-+ }
-+ if (PageUptodate(page)) {
-+ if (!pagevec_add(&lru_pvec, page))
-+ __pagevec_lru_add(&lru_pvec);
-+ unlock_page(page);
-+ continue;
-+ }
-+ unlock_page(page);
-+
-+ move_cluster_forward(&clust, inode, page->index, &progress);
-+ ret = ctail_read_page_cluster(&clust, inode);
-+ if (ret)
-+ break;
-+ assert("edward-869", !tfm_cluster_is_uptodate(&clust.tc));
-+ lock_page(page);
-+
-+ ret = do_readpage_ctail(inode, &clust, page);
-+ if (!pagevec_add(&lru_pvec, page))
-+ __pagevec_lru_add(&lru_pvec);
-+ if (ret) {
-+ warning("edward-215", "do_readpage_ctail failed");
-+ unlock_page(page);
-+ break;
-+ }
-+ assert("edward-1061", PageUptodate(page));
-+
-+ unlock_page(page);
-+ }
-+ assert("edward-870", !tfm_cluster_is_uptodate(&clust.tc));
-+ exit3:
-+ done_lh(&hint->lh);
-+ save_file_hint(clust.file, hint);
-+ hint->ext_coord.valid = 0;
-+ exit2:
-+ kfree(hint);
-+ exit1:
-+ while (!list_empty(pages)) {
-+ struct page *victim;
-+ victim = list_to_page(pages);
-+ list_del(&victim->lru);
-+ page_cache_release(victim);
-+ }
-+ put_cluster_handle(&clust);
-+ pagevec_lru_add(&lru_pvec);
-+ return;
-+}
-+
-+/*
-+ plugin->u.item.s.file.append_key
-+ key of the first item of the next disk cluster
-+*/
-+reiser4_key *append_key_ctail(const coord_t * coord, reiser4_key * key)
-+{
-+ assert("edward-1241", item_id_by_coord(coord) == CTAIL_ID);
-+ assert("edward-1242", cluster_shift_ok(cluster_shift_by_coord(coord)));
-+
-+ item_key_by_coord(coord, key);
-+ set_key_offset(key,
-+ ((__u64) (clust_by_coord(coord, NULL)) +
-+ 1) << cluster_shift_by_coord(coord));
-+ return key;
-+}
-+
-+static int
-+insert_unprepped_ctail(reiser4_cluster_t * clust, struct inode *inode)
-+{
-+ int result;
-+ char buf[UCTAIL_NR_UNITS];
-+ reiser4_item_data data;
-+ reiser4_key key;
-+ int shift = (int)UCTAIL_SHIFT;
-+
-+ memset(buf, 0, (size_t) UCTAIL_NR_UNITS);
-+ result = key_by_inode_cryptcompress(inode,
-+ clust_to_off(clust->index, inode),
-+ &key);
-+ if (result)
-+ return result;
-+ data.user = 0;
-+ data.iplug = item_plugin_by_id(CTAIL_ID);
-+ data.arg = &shift;
-+ data.length = sizeof(ctail_item_format) + (size_t) UCTAIL_NR_UNITS;
-+ data.data = buf;
-+
-+ result = insert_by_coord(&clust->hint->ext_coord.coord,
-+ &data, &key, clust->hint->ext_coord.lh, 0);
-+ return result;
-+}
-+
-+static int
-+insert_crc_flow(coord_t * coord, lock_handle * lh, flow_t * f,
-+ struct inode *inode)
-+{
-+ int result;
-+ carry_pool *pool;
-+ carry_level *lowest_level;
-+ reiser4_item_data *data;
-+ carry_op *op;
-+ int cluster_shift = inode_cluster_shift(inode);
-+
-+ pool =
-+ init_carry_pool(sizeof(*pool) + 3 * sizeof(*lowest_level) +
-+ sizeof(*data));
-+ if (IS_ERR(pool))
-+ return PTR_ERR(pool);
-+ lowest_level = (carry_level *) (pool + 1);
-+ init_carry_level(lowest_level, pool);
-+ data = (reiser4_item_data *) (lowest_level + 3);
-+
-+ assert("edward-466", coord->between == AFTER_ITEM
-+ || coord->between == AFTER_UNIT || coord->between == BEFORE_ITEM
-+ || coord->between == EMPTY_NODE
-+ || coord->between == BEFORE_UNIT);
-+
-+ if (coord->between == AFTER_UNIT) {
-+ coord->unit_pos = 0;
-+ coord->between = AFTER_ITEM;
-+ }
-+ op = post_carry(lowest_level, COP_INSERT_FLOW, coord->node,
-+ 0 /* operate directly on coord -> node */ );
-+ if (IS_ERR(op) || (op == NULL)) {
-+ done_carry_pool(pool);
-+ return RETERR(op ? PTR_ERR(op) : -EIO);
-+ }
-+ data->user = 0;
-+ data->iplug = item_plugin_by_id(CTAIL_ID);
-+ data->arg = &cluster_shift;
-+
-+ data->length = 0;
-+ data->data = NULL;
-+
-+ op->u.insert_flow.flags = COPI_DONT_SHIFT_LEFT | COPI_DONT_SHIFT_RIGHT;
-+ op->u.insert_flow.insert_point = coord;
-+ op->u.insert_flow.flow = f;
-+ op->u.insert_flow.data = data;
-+ op->u.insert_flow.new_nodes = 0;
-+
-+ lowest_level->track_type = CARRY_TRACK_CHANGE;
-+ lowest_level->tracked = lh;
-+
-+ result = carry(lowest_level, NULL);
-+ done_carry_pool(pool);
-+
-+ return result;
-+}
-+
-+/* Implementation of CRC_APPEND_ITEM mode of ctail conversion */
-+static int
-+insert_crc_flow_in_place(coord_t * coord, lock_handle * lh, flow_t * f,
-+ struct inode *inode)
-+{
-+ int ret;
-+ coord_t pos;
-+ lock_handle lock;
-+
-+ assert("edward-674", f->length <= inode_scaled_cluster_size(inode));
-+ assert("edward-484", coord->between == AT_UNIT
-+ || coord->between == AFTER_ITEM);
-+ assert("edward-485", item_id_by_coord(coord) == CTAIL_ID);
-+
-+ coord_dup(&pos, coord);
-+ pos.unit_pos = 0;
-+ pos.between = AFTER_ITEM;
-+
-+ init_lh(&lock);
-+ copy_lh(&lock, lh);
-+
-+ ret = insert_crc_flow(&pos, &lock, f, inode);
-+ done_lh(&lock);
-+ assert("edward-1347", znode_is_write_locked(lh->node));
-+ assert("edward-1228", !ret);
-+ return ret;
-+}
-+
-+/* Implementation of CRC_OVERWRITE_ITEM mode of ctail conversion */
-+static int overwrite_ctail(coord_t * coord, flow_t * f)
-+{
-+ unsigned count;
-+
-+ assert("edward-269", f->user == 0);
-+ assert("edward-270", f->data != NULL);
-+ assert("edward-271", f->length > 0);
-+ assert("edward-272", coord_is_existing_unit(coord));
-+ assert("edward-273", coord->unit_pos == 0);
-+ assert("edward-274", znode_is_write_locked(coord->node));
-+ assert("edward-275", schedulable());
-+ assert("edward-467", item_id_by_coord(coord) == CTAIL_ID);
-+ assert("edward-1243", ctail_ok(coord));
-+
-+ count = nr_units_ctail(coord);
-+
-+ if (count > f->length)
-+ count = f->length;
-+ memcpy(first_unit(coord), f->data, count);
-+ move_flow_forward(f, count);
-+ coord->unit_pos += count;
-+ return 0;
-+}
-+
-+/* Implementation of CRC_CUT_ITEM mode of ctail conversion:
-+ cut ctail (part or whole) starting from next unit position */
-+static int cut_ctail(coord_t * coord)
-+{
-+ coord_t stop;
-+
-+ assert("edward-435", coord->between == AT_UNIT &&
-+ coord->item_pos < coord_num_items(coord) &&
-+ coord->unit_pos <= coord_num_units(coord));
-+
-+ if (coord->unit_pos == coord_num_units(coord))
-+ /* nothing to cut */
-+ return 0;
-+ coord_dup(&stop, coord);
-+ stop.unit_pos = coord_last_unit_pos(coord);
-+
-+ return cut_node_content(coord, &stop, NULL, NULL, NULL);
-+}
-+
-+int
-+ctail_insert_unprepped_cluster(reiser4_cluster_t * clust, struct inode *inode)
-+{
-+ int result;
-+ assert("edward-1244", inode != NULL);
-+ assert("edward-1245", clust->hint != NULL);
-+ assert("edward-1246", clust->dstat == FAKE_DISK_CLUSTER);
-+ assert("edward-1247", clust->reserved == 1);
-+ assert("edward-1248", get_current_context()->grabbed_blocks ==
-+ estimate_insert_cluster(inode));
-+
-+ result = get_disk_cluster_locked(clust, inode, ZNODE_WRITE_LOCK);
-+ if (cbk_errored(result))
-+ return result;
-+ assert("edward-1249", result == CBK_COORD_NOTFOUND);
-+ assert("edward-1250", znode_is_write_locked(clust->hint->lh.node));
-+
-+ assert("edward-1295",
-+ clust->hint->ext_coord.lh->node ==
-+ clust->hint->ext_coord.coord.node);
-+
-+ coord_set_between_clusters(&clust->hint->ext_coord.coord);
-+
-+ result = insert_unprepped_ctail(clust, inode);
-+ all_grabbed2free();
-+
-+ assert("edward-1251", !result);
-+ assert("edward-1252", crc_inode_ok(inode));
-+ assert("edward-1253", znode_is_write_locked(clust->hint->lh.node));
-+ assert("edward-1254",
-+ reiser4_clustered_blocks(reiser4_get_current_sb()));
-+ assert("edward-1255",
-+ znode_convertible(clust->hint->ext_coord.coord.node));
-+
-+ return result;
-+}
-+
-+static int do_convert_ctail(flush_pos_t * pos, crc_write_mode_t mode)
-+{
-+ int result = 0;
-+ convert_item_info_t *info;
-+
-+ assert("edward-468", pos != NULL);
-+ assert("edward-469", pos->sq != NULL);
-+ assert("edward-845", item_convert_data(pos) != NULL);
-+
-+ info = item_convert_data(pos);
-+ assert("edward-679", info->flow.data != NULL);
-+
-+ switch (mode) {
-+ case CRC_APPEND_ITEM:
-+ assert("edward-1229", info->flow.length != 0);
-+ assert("edward-1256",
-+ cluster_shift_ok(cluster_shift_by_coord(&pos->coord)));
-+ result =
-+ insert_crc_flow_in_place(&pos->coord, &pos->lock,
-+ &info->flow, info->inode);
-+ break;
-+ case CRC_OVERWRITE_ITEM:
-+ assert("edward-1230", info->flow.length != 0);
-+ overwrite_ctail(&pos->coord, &info->flow);
-+ if (info->flow.length != 0)
-+ break;
-+ case CRC_CUT_ITEM:
-+ assert("edward-1231", info->flow.length == 0);
-+ result = cut_ctail(&pos->coord);
-+ break;
-+ default:
-+ result = RETERR(-EIO);
-+ impossible("edward-244", "bad convert mode");
-+ }
-+ return result;
-+}
-+
-+/* plugin->u.item.f.scan */
-+int scan_ctail(flush_scan * scan)
-+{
-+ int result = 0;
-+ struct page *page;
-+ struct inode *inode;
-+ jnode *node = scan->node;
-+
-+ assert("edward-227", scan->node != NULL);
-+ assert("edward-228", jnode_is_cluster_page(scan->node));
-+ assert("edward-639", znode_is_write_locked(scan->parent_lock.node));
-+
-+ page = jnode_page(node);
-+ inode = page->mapping->host;
-+
-+ if (!scanning_left(scan))
-+ return result;
-+ if (!ZF_ISSET(scan->parent_lock.node, JNODE_DIRTY))
-+ znode_make_dirty(scan->parent_lock.node);
-+
-+ if (!znode_convertible(scan->parent_lock.node)) {
-+ if (JF_ISSET(scan->node, JNODE_DIRTY))
-+ znode_set_convertible(scan->parent_lock.node);
-+ else {
-+ warning("edward-681",
-+ "cluster page is already processed");
-+ return -EAGAIN;
-+ }
-+ }
-+ return result;
-+}
-+
-+/* If true, this function attaches children */
-+static int should_attach_convert_idata(flush_pos_t * pos)
-+{
-+ int result;
-+ assert("edward-431", pos != NULL);
-+ assert("edward-432", pos->child == NULL);
-+ assert("edward-619", znode_is_write_locked(pos->coord.node));
-+ assert("edward-470",
-+ item_plugin_by_coord(&pos->coord) ==
-+ item_plugin_by_id(CTAIL_ID));
-+
-+ /* check for leftmost child */
-+ utmost_child_ctail(&pos->coord, LEFT_SIDE, &pos->child);
-+
-+ if (!pos->child)
-+ return 0;
-+ spin_lock_jnode(pos->child);
-+ result = (JF_ISSET(pos->child, JNODE_DIRTY) &&
-+ pos->child->atom == ZJNODE(pos->coord.node)->atom);
-+ spin_unlock_jnode(pos->child);
-+ if (!result && pos->child) {
-+ /* existing child isn't to attach, clear up this one */
-+ jput(pos->child);
-+ pos->child = NULL;
-+ }
-+ return result;
-+}
-+
-+/* plugin->init_convert_data() */
-+static int
-+init_convert_data_ctail(convert_item_info_t * idata, struct inode *inode)
-+{
-+ assert("edward-813", idata != NULL);
-+ assert("edward-814", inode != NULL);
-+
-+ idata->inode = inode;
-+ idata->d_cur = DC_FIRST_ITEM;
-+ idata->d_next = DC_INVALID_STATE;
-+
-+ return 0;
-+}
-+
-+static int alloc_item_convert_data(convert_info_t * sq)
-+{
-+ assert("edward-816", sq != NULL);
-+ assert("edward-817", sq->itm == NULL);
-+
-+ sq->itm = kmalloc(sizeof(*sq->itm), GFP_KERNEL);
-+ if (sq->itm == NULL)
-+ return RETERR(-ENOMEM);
-+ return 0;
-+}
-+
-+static void free_item_convert_data(convert_info_t * sq)
-+{
-+ assert("edward-818", sq != NULL);
-+ assert("edward-819", sq->itm != NULL);
-+ assert("edward-820", sq->iplug != NULL);
-+
-+ kfree(sq->itm);
-+ sq->itm = NULL;
-+ return;
-+}
-+
-+static int alloc_convert_data(flush_pos_t * pos)
-+{
-+ assert("edward-821", pos != NULL);
-+ assert("edward-822", pos->sq == NULL);
-+
-+ pos->sq = kmalloc(sizeof(*pos->sq), GFP_KERNEL);
-+ if (!pos->sq)
-+ return RETERR(-ENOMEM);
-+ memset(pos->sq, 0, sizeof(*pos->sq));
-+ cluster_init_write(&pos->sq->clust, 0);
-+ return 0;
-+}
-+
-+void free_convert_data(flush_pos_t * pos)
-+{
-+ convert_info_t *sq;
-+
-+ assert("edward-823", pos != NULL);
-+ assert("edward-824", pos->sq != NULL);
-+
-+ sq = pos->sq;
-+ if (sq->itm)
-+ free_item_convert_data(sq);
-+ put_cluster_handle(&sq->clust);
-+ kfree(pos->sq);
-+ pos->sq = NULL;
-+ return;
-+}
-+
-+static int init_item_convert_data(flush_pos_t * pos, struct inode *inode)
-+{
-+ convert_info_t *sq;
-+
-+ assert("edward-825", pos != NULL);
-+ assert("edward-826", pos->sq != NULL);
-+ assert("edward-827", item_convert_data(pos) != NULL);
-+ assert("edward-828", inode != NULL);
-+
-+ sq = pos->sq;
-+
-+ memset(sq->itm, 0, sizeof(*sq->itm));
-+
-+ /* iplug->init_convert_data() */
-+ return init_convert_data_ctail(sq->itm, inode);
-+}
-+
-+/* create and attach disk cluster info used by 'convert' phase of the flush
-+ squalloc() */
-+static int attach_convert_idata(flush_pos_t * pos, struct inode *inode)
-+{
-+ int ret = 0;
-+ convert_item_info_t *info;
-+ reiser4_cluster_t *clust;
-+ file_plugin *fplug = inode_file_plugin(inode);
-+ compression_plugin *cplug = inode_compression_plugin(inode);
-+
-+ assert("edward-248", pos != NULL);
-+ assert("edward-249", pos->child != NULL);
-+ assert("edward-251", inode != NULL);
-+ assert("edward-682", crc_inode_ok(inode));
-+ assert("edward-252", fplug == file_plugin_by_id(CRC_FILE_PLUGIN_ID));
-+ assert("edward-473",
-+ item_plugin_by_coord(&pos->coord) ==
-+ item_plugin_by_id(CTAIL_ID));
-+
-+ if (!pos->sq) {
-+ ret = alloc_convert_data(pos);
-+ if (ret)
-+ return ret;
-+ }
-+ clust = &pos->sq->clust;
-+ ret = grab_coa(&clust->tc, cplug);
-+ if (ret)
-+ goto err;
-+ ret = set_cluster_by_page(clust,
-+ jnode_page(pos->child),
-+ MAX_CLUSTER_NRPAGES);
-+ if (ret)
-+ goto err;
-+
-+ assert("edward-829", pos->sq != NULL);
-+ assert("edward-250", item_convert_data(pos) == NULL);
-+
-+ pos->sq->iplug = item_plugin_by_id(CTAIL_ID);
-+
-+ ret = alloc_item_convert_data(pos->sq);
-+ if (ret)
-+ goto err;
-+ ret = init_item_convert_data(pos, inode);
-+ if (ret)
-+ goto err;
-+ info = item_convert_data(pos);
-+
-+ ret = flush_cluster_pages(clust, pos->child, inode);
-+ if (ret)
-+ goto err;
-+
-+ deflate_cluster(clust, inode);
-+ inc_item_convert_count(pos);
-+
-+ /* make flow by transformed stream */
-+ fplug->flow_by_inode(info->inode,
-+ (const char __user *)tfm_stream_data(&clust->tc, OUTPUT_STREAM),
-+ 0 /* kernel space */ ,
-+ clust->tc.len,
-+ clust_to_off(clust->index, inode),
-+ WRITE_OP, &info->flow);
-+ jput(pos->child);
-+
-+ assert("edward-683", crc_inode_ok(inode));
-+ return 0;
-+ err:
-+ jput(pos->child);
-+ free_convert_data(pos);
-+ return ret;
-+}
-+
-+/* clear up disk cluster info */
-+static void detach_convert_idata(convert_info_t * sq)
-+{
-+ convert_item_info_t *info;
-+
-+ assert("edward-253", sq != NULL);
-+ assert("edward-840", sq->itm != NULL);
-+
-+ info = sq->itm;
-+ assert("edward-255", info->inode != NULL);
-+ assert("edward-1212", info->flow.length == 0);
-+
-+ free_item_convert_data(sq);
-+ return;
-+}
-+
-+/* plugin->u.item.f.utmost_child */
-+
-+/* This function sets leftmost child for a first cluster item,
-+ if the child exists, and NULL in other cases.
-+ NOTE-EDWARD: Do not call this for RIGHT_SIDE */
-+
-+int utmost_child_ctail(const coord_t * coord, sideof side, jnode ** child)
-+{
-+ reiser4_key key;
-+
-+ item_key_by_coord(coord, &key);
-+
-+ assert("edward-257", coord != NULL);
-+ assert("edward-258", child != NULL);
-+ assert("edward-259", side == LEFT_SIDE);
-+ assert("edward-260",
-+ item_plugin_by_coord(coord) == item_plugin_by_id(CTAIL_ID));
-+
-+ if (!is_disk_cluster_key(&key, coord))
-+ *child = NULL;
-+ else
-+ *child = jlookup(current_tree,
-+ get_key_objectid(item_key_by_coord
-+ (coord, &key)),
-+ off_to_pg(get_key_offset(&key)));
-+ return 0;
-+}
-+
-+/* Returns true if @p2 is the next item to @p1
-+ in the _same_ disk cluster.
-+ Disk cluster is a set of items. If ->clustered() != NULL,
-+ with each item the whole disk cluster should be read/modified
-+*/
-+static int clustered_ctail(const coord_t * p1, const coord_t * p2)
-+{
-+ return mergeable_ctail(p1, p2);
-+}
-+
-+/* Go rightward and check for next disk cluster item, set
-+ d_next to DC_CHAINED_ITEM, if the last one exists.
-+ If the current position is last item, go to right neighbor.
-+ Skip empty nodes. Note, that right neighbors may be not in
-+ the slum because of races. If so, make it dirty and
-+ convertible.
-+*/
-+static int next_item_dc_stat(flush_pos_t * pos)
-+{
-+ int ret = 0;
-+ int stop = 0;
-+ znode *cur;
-+ coord_t coord;
-+ lock_handle lh;
-+ lock_handle right_lock;
-+
-+ assert("edward-1232", !node_is_empty(pos->coord.node));
-+ assert("edward-1014",
-+ pos->coord.item_pos < coord_num_items(&pos->coord));
-+ assert("edward-1015", chaining_data_present(pos));
-+ assert("edward-1017",
-+ item_convert_data(pos)->d_next == DC_INVALID_STATE);
-+
-+ item_convert_data(pos)->d_next = DC_AFTER_CLUSTER;
-+
-+ if (item_convert_data(pos)->d_cur == DC_AFTER_CLUSTER)
-+ return ret;
-+ if (pos->coord.item_pos < coord_num_items(&pos->coord) - 1)
-+ return ret;
-+
-+ /* check next slum item */
-+ init_lh(&right_lock);
-+ cur = pos->coord.node;
-+
-+ while (!stop) {
-+ init_lh(&lh);
-+ ret = reiser4_get_right_neighbor(&lh,
-+ cur,
-+ ZNODE_WRITE_LOCK,
-+ GN_CAN_USE_UPPER_LEVELS);
-+ if (ret)
-+ break;
-+ ret = zload(lh.node);
-+ if (ret) {
-+ done_lh(&lh);
-+ break;
-+ }
-+ coord_init_before_first_item(&coord, lh.node);
-+
-+ if (node_is_empty(lh.node)) {
-+ znode_make_dirty(lh.node);
-+ znode_set_convertible(lh.node);
-+ stop = 0;
-+ } else if (clustered_ctail(&pos->coord, &coord)) {
-+
-+ item_convert_data(pos)->d_next = DC_CHAINED_ITEM;
-+
-+ if (!ZF_ISSET(lh.node, JNODE_DIRTY)) {
-+ /*
-+ warning("edward-1024",
-+ "next slum item mergeable, "
-+ "but znode %p isn't dirty\n",
-+ lh.node);
-+ */
-+ znode_make_dirty(lh.node);
-+ }
-+ if (!znode_convertible(lh.node)) {
-+ /*
-+ warning("edward-1272",
-+ "next slum item mergeable, "
-+ "but znode %p isn't convertible\n",
-+ lh.node);
-+ */
-+ znode_set_convertible(lh.node);
-+ }
-+ stop = 1;
-+ } else
-+ stop = 1;
-+ zrelse(lh.node);
-+ done_lh(&right_lock);
-+ copy_lh(&right_lock, &lh);
-+ done_lh(&lh);
-+ cur = right_lock.node;
-+ }
-+ done_lh(&right_lock);
-+
-+ if (ret == -E_NO_NEIGHBOR)
-+ ret = 0;
-+ return ret;
-+}
-+
-+static int
-+assign_convert_mode(convert_item_info_t * idata, crc_write_mode_t * mode)
-+{
-+ int result = 0;
-+
-+ assert("edward-1025", idata != NULL);
-+
-+ if (idata->flow.length) {
-+ /* append or overwrite */
-+ switch (idata->d_cur) {
-+ case DC_FIRST_ITEM:
-+ case DC_CHAINED_ITEM:
-+ *mode = CRC_OVERWRITE_ITEM;
-+ break;
-+ case DC_AFTER_CLUSTER:
-+ *mode = CRC_APPEND_ITEM;
-+ break;
-+ default:
-+ impossible("edward-1018", "wrong current item state");
-+ }
-+ } else {
-+ /* cut or invalidate */
-+ switch (idata->d_cur) {
-+ case DC_FIRST_ITEM:
-+ case DC_CHAINED_ITEM:
-+ *mode = CRC_CUT_ITEM;
-+ break;
-+ case DC_AFTER_CLUSTER:
-+ result = 1;
-+ break;
-+ default:
-+ impossible("edward-1019", "wrong current item state");
-+ }
-+ }
-+ return result;
-+}
-+
-+/* plugin->u.item.f.convert */
-+/* write ctail in guessed mode */
-+int convert_ctail(flush_pos_t * pos)
-+{
-+ int result;
-+ int nr_items;
-+ crc_write_mode_t mode = CRC_OVERWRITE_ITEM;
-+
-+ assert("edward-1020", pos != NULL);
-+ assert("edward-1213", coord_num_items(&pos->coord) != 0);
-+ assert("edward-1257", item_id_by_coord(&pos->coord) == CTAIL_ID);
-+ assert("edward-1258", ctail_ok(&pos->coord));
-+ assert("edward-261", pos->coord.node != NULL);
-+
-+ nr_items = coord_num_items(&pos->coord);
-+ if (!chaining_data_present(pos)) {
-+ if (should_attach_convert_idata(pos)) {
-+ /* attach convert item info */
-+ struct inode *inode;
-+
-+ assert("edward-264", pos->child != NULL);
-+ assert("edward-265", jnode_page(pos->child) != NULL);
-+ assert("edward-266",
-+ jnode_page(pos->child)->mapping != NULL);
-+
-+ inode = jnode_page(pos->child)->mapping->host;
-+
-+ assert("edward-267", inode != NULL);
-+
-+ /* attach item convert info by child and put the last one */
-+ result = attach_convert_idata(pos, inode);
-+ pos->child = NULL;
-+ if (result == -E_REPEAT) {
-+ /* jnode became clean, or there is no dirty
-+ pages (nothing to update in disk cluster) */
-+ warning("edward-1021",
-+ "convert_ctail: nothing to attach");
-+ return 0;
-+ }
-+ if (result != 0)
-+ return result;
-+ } else
-+ /* unconvertible */
-+ return 0;
-+ } else {
-+ /* use old convert info */
-+
-+ convert_item_info_t *idata;
-+
-+ idata = item_convert_data(pos);
-+
-+ result = assign_convert_mode(idata, &mode);
-+ if (result) {
-+ /* disk cluster is over,
-+ nothing to update anymore */
-+ detach_convert_idata(pos->sq);
-+ return 0;
-+ }
-+ }
-+
-+ assert("edward-433", chaining_data_present(pos));
-+ assert("edward-1022",
-+ pos->coord.item_pos < coord_num_items(&pos->coord));
-+
-+ result = next_item_dc_stat(pos);
-+ if (result) {
-+ detach_convert_idata(pos->sq);
-+ return result;
-+ }
-+ result = do_convert_ctail(pos, mode);
-+ if (result) {
-+ detach_convert_idata(pos->sq);
-+ return result;
-+ }
-+ switch (mode) {
-+ case CRC_CUT_ITEM:
-+ assert("edward-1214", item_convert_data(pos)->flow.length == 0);
-+ assert("edward-1215",
-+ coord_num_items(&pos->coord) == nr_items ||
-+ coord_num_items(&pos->coord) == nr_items - 1);
-+ if (item_convert_data(pos)->d_next == DC_CHAINED_ITEM)
-+ break;
-+ if (coord_num_items(&pos->coord) != nr_items) {
-+ /* the item was killed, no more chained items */
-+ detach_convert_idata(pos->sq);
-+ if (!node_is_empty(pos->coord.node))
-+ /* make sure the next item will be scanned */
-+ coord_init_before_item(&pos->coord);
-+ break;
-+ }
-+ case CRC_APPEND_ITEM:
-+ assert("edward-434", item_convert_data(pos)->flow.length == 0);
-+ detach_convert_idata(pos->sq);
-+ break;
-+ case CRC_OVERWRITE_ITEM:
-+ if (coord_is_unprepped_ctail(&pos->coord)) {
-+ /* convert unpprepped ctail to prepped one */
-+ int shift;
-+ shift =
-+ inode_cluster_shift(item_convert_data(pos)->inode);
-+ assert("edward-1259", cluster_shift_ok(shift));
-+ put_unaligned((d8)shift,
-+ &ctail_formatted_at(&pos->coord)->
-+ cluster_shift);
-+ }
-+ break;
-+ }
-+ return result;
-+}
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/item/ctail.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/item/ctail.h
-@@ -0,0 +1,89 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+#if !defined( __FS_REISER4_CTAIL_H__ )
-+#define __FS_REISER4_CTAIL_H__
-+
-+/* cryptcompress object item. See ctail.c for description. */
-+
-+#define UCTAIL_NR_UNITS 1
-+#define UCTAIL_SHIFT 0xff
-+
-+typedef struct ctail_item_format {
-+ /* cluster shift */
-+ d8 cluster_shift;
-+ /* ctail body */
-+ d8 body[0];
-+} __attribute__ ((packed)) ctail_item_format;
-+
-+/* The following is a set of various item states in a disk cluster.
-+ Disk cluster is a set of items whose keys belong to the interval
-+ [dc_key , dc_key + disk_cluster_size - 1] */
-+typedef enum {
-+ DC_INVALID_STATE = 0,
-+ DC_FIRST_ITEM = 1,
-+ DC_CHAINED_ITEM = 2,
-+ DC_AFTER_CLUSTER = 3
-+} dc_item_stat;
-+
-+typedef struct {
-+ int shift; /* we keep here a cpu value of cluster_shift field
-+ of ctail_item_format (see above) */
-+} ctail_coord_extension_t;
-+
-+struct cut_list;
-+
-+/* plugin->item.b.* */
-+int can_contain_key_ctail(const coord_t *, const reiser4_key *,
-+ const reiser4_item_data *);
-+int mergeable_ctail(const coord_t * p1, const coord_t * p2);
-+pos_in_node_t nr_units_ctail(const coord_t * coord);
-+int estimate_ctail(const coord_t * coord, const reiser4_item_data * data);
-+void print_ctail(const char *prefix, coord_t * coord);
-+lookup_result lookup_ctail(const reiser4_key *, lookup_bias, coord_t *);
-+
-+int paste_ctail(coord_t * coord, reiser4_item_data * data,
-+ carry_plugin_info * info UNUSED_ARG);
-+int init_ctail(coord_t *, coord_t *, reiser4_item_data *);
-+int can_shift_ctail(unsigned free_space, coord_t * coord,
-+ znode * target, shift_direction pend, unsigned *size,
-+ unsigned want);
-+void copy_units_ctail(coord_t * target, coord_t * source, unsigned from,
-+ unsigned count, shift_direction where_is_free_space,
-+ unsigned free_space);
-+int cut_units_ctail(coord_t * coord, pos_in_node_t from, pos_in_node_t to,
-+ carry_cut_data *, reiser4_key * smallest_removed,
-+ reiser4_key * new_first);
-+int kill_units_ctail(coord_t * coord, pos_in_node_t from, pos_in_node_t to,
-+ carry_kill_data *, reiser4_key * smallest_removed,
-+ reiser4_key * new_first);
-+int ctail_ok(const coord_t * coord);
-+int check_ctail(const coord_t * coord, const char **error);
-+
-+/* plugin->u.item.s.* */
-+int read_ctail(struct file *, flow_t *, hint_t *);
-+int readpage_ctail(void *, struct page *);
-+void readpages_ctail(void *, struct address_space *, struct list_head *);
-+reiser4_key *append_key_ctail(const coord_t *, reiser4_key *);
-+int create_hook_ctail(const coord_t * coord, void *arg);
-+int kill_hook_ctail(const coord_t *, pos_in_node_t, pos_in_node_t,
-+ carry_kill_data *);
-+int shift_hook_ctail(const coord_t *, unsigned, unsigned, znode *);
-+
-+/* plugin->u.item.f */
-+int utmost_child_ctail(const coord_t *, sideof, jnode **);
-+int scan_ctail(flush_scan *);
-+int convert_ctail(flush_pos_t *);
-+size_t inode_scaled_cluster_size(struct inode *);
-+int cluster_shift_by_coord(const coord_t * coord);
-+
-+#endif /* __FS_REISER4_CTAIL_H__ */
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/item/extent.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/item/extent.c
-@@ -0,0 +1,197 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+#include "item.h"
-+#include "../../key.h"
-+#include "../../super.h"
-+#include "../../carry.h"
-+#include "../../inode.h"
-+#include "../../page_cache.h"
-+#include "../../flush.h"
-+#include "../object.h"
-+
-+/* prepare structure reiser4_item_data. It is used to put one extent unit into tree */
-+/* Audited by: green(2002.06.13) */
-+reiser4_item_data *init_new_extent(reiser4_item_data * data, void *ext_unit,
-+ int nr_extents)
-+{
-+ data->data = ext_unit;
-+ /* data->data is kernel space */
-+ data->user = 0;
-+ data->length = sizeof(reiser4_extent) * nr_extents;
-+ data->arg = NULL;
-+ data->iplug = item_plugin_by_id(EXTENT_POINTER_ID);
-+ return data;
-+}
-+
-+/* how many bytes are addressed by @nr first extents of the extent item */
-+reiser4_block_nr extent_size(const coord_t * coord, pos_in_node_t nr)
-+{
-+ pos_in_node_t i;
-+ reiser4_block_nr blocks;
-+ reiser4_extent *ext;
-+
-+ ext = item_body_by_coord(coord);
-+ assert("vs-263", nr <= nr_units_extent(coord));
-+
-+ blocks = 0;
-+ for (i = 0; i < nr; i++, ext++) {
-+ blocks += extent_get_width(ext);
-+ }
-+
-+ return blocks * current_blocksize;
-+}
-+
-+extent_state state_of_extent(reiser4_extent * ext)
-+{
-+ switch ((int)extent_get_start(ext)) {
-+ case 0:
-+ return HOLE_EXTENT;
-+ case 1:
-+ return UNALLOCATED_EXTENT;
-+ default:
-+ break;
-+ }
-+ return ALLOCATED_EXTENT;
-+}
-+
-+int extent_is_unallocated(const coord_t * item)
-+{
-+ assert("jmacd-5133", item_is_extent(item));
-+
-+ return state_of_extent(extent_by_coord(item)) == UNALLOCATED_EXTENT;
-+}
-+
-+/* set extent's start and width */
-+void
-+set_extent(reiser4_extent * ext, reiser4_block_nr start, reiser4_block_nr width)
-+{
-+ extent_set_start(ext, start);
-+ extent_set_width(ext, width);
-+}
-+
-+
-+/**
-+ * replace_extent - replace extent and paste 1 or 2 after it
-+ * @un_extent: coordinate of extent to be overwritten
-+ * @lh: need better comment
-+ * @key: need better comment
-+ * @exts_to_add: data prepared for insertion into tree
-+ * @replace: need better comment
-+ * @flags: need better comment
-+ * @return_insert_position: need better comment
-+ *
-+ * Overwrites one extent, pastes 1 or 2 more ones after overwritten one. If
-+ * @return_inserted_position is 1 - @un_extent and @lh are returned set to
-+ * first of newly inserted units, if it is 0 - @un_extent and @lh are returned
-+ * set to extent which was overwritten.
-+ */
-+int replace_extent(struct replace_handle *h, int return_inserted_position)
-+{
-+ int result;
-+ znode *orig_znode;
-+ /*ON_DEBUG(reiser4_extent orig_ext);*/ /* this is for debugging */
-+
-+ assert("vs-990", coord_is_existing_unit(h->coord));
-+ assert("vs-1375", znode_is_write_locked(h->coord->node));
-+ assert("vs-1426", extent_get_width(&h->overwrite) != 0);
-+ assert("vs-1427", extent_get_width(&h->new_extents[0]) != 0);
-+ assert("vs-1427", ergo(h->nr_new_extents == 2,
-+ extent_get_width(&h->new_extents[1]) != 0));
-+
-+ /* compose structure for paste */
-+ init_new_extent(&h->item, &h->new_extents[0], h->nr_new_extents);
-+
-+ coord_dup(&h->coord_after, h->coord);
-+ init_lh(&h->lh_after);
-+ copy_lh(&h->lh_after, h->lh);
-+ tap_init(&h->watch, &h->coord_after, &h->lh_after, ZNODE_WRITE_LOCK);
-+ tap_monitor(&h->watch);
-+
-+ ON_DEBUG(h->orig_ext = *extent_by_coord(h->coord));
-+ orig_znode = h->coord->node;
-+
-+#if REISER4_DEBUG
-+ /* make sure that key is set properly */
-+ unit_key_by_coord(h->coord, &h->tmp);
-+ set_key_offset(&h->tmp,
-+ get_key_offset(&h->tmp) +
-+ extent_get_width(&h->overwrite) * current_blocksize);
-+ assert("vs-1080", keyeq(&h->tmp, &h->paste_key));
-+#endif
-+
-+ /* set insert point after unit to be replaced */
-+ h->coord->between = AFTER_UNIT;
-+
-+ result = insert_into_item(h->coord, return_inserted_position ? h->lh : NULL,
-+ &h->paste_key, &h->item, h->flags);
-+ if (!result) {
-+ /* now we have to replace the unit after which new units were
-+ inserted. Its position is tracked by @watch */
-+ reiser4_extent *ext;
-+ znode *node;
-+
-+ node = h->coord_after.node;
-+ if (node != orig_znode) {
-+ coord_clear_iplug(&h->coord_after);
-+ result = zload(node);
-+ }
-+
-+ if (likely(!result)) {
-+ ext = extent_by_coord(&h->coord_after);
-+
-+ assert("vs-987", znode_is_loaded(node));
-+ assert("vs-988", !memcmp(ext, &h->orig_ext, sizeof(*ext)));
-+
-+ /* overwrite extent unit */
-+ memcpy(ext, &h->overwrite, sizeof(reiser4_extent));
-+ znode_make_dirty(node);
-+
-+ if (node != orig_znode)
-+ zrelse(node);
-+
-+ if (return_inserted_position == 0) {
-+ /* coord and lh are to be set to overwritten
-+ extent */
-+ assert("vs-1662",
-+ WITH_DATA(node, !memcmp(&h->overwrite,
-+ extent_by_coord(
-+ &h->coord_after),
-+ sizeof(reiser4_extent))));
-+
-+ *h->coord = h->coord_after;
-+ done_lh(h->lh);
-+ copy_lh(h->lh, &h->lh_after);
-+ } else {
-+ /* h->coord and h->lh are to be set to first of
-+ inserted units */
-+ assert("vs-1663",
-+ WITH_DATA(h->coord->node,
-+ !memcmp(&h->new_extents[0],
-+ extent_by_coord(h->coord),
-+ sizeof(reiser4_extent))));
-+ assert("vs-1664", h->lh->node == h->coord->node);
-+ }
-+ }
-+ }
-+ tap_done(&h->watch);
-+
-+ return result;
-+}
-+
-+lock_handle *znode_lh(znode *node)
-+{
-+ assert("vs-1371", znode_is_write_locked(node));
-+ assert("vs-1372", znode_is_wlocked_once(node));
-+ return list_entry(node->lock.owners.next, lock_handle, owners_link);
-+}
-+
-+/*
-+ * Local variables:
-+ * c-indentation-style: "K&R"
-+ * mode-name: "LC"
-+ * c-basic-offset: 8
-+ * tab-width: 8
-+ * fill-column: 79
-+ * scroll-step: 1
-+ * End:
-+ */
-Index: linux-2.6.16/fs/reiser4/plugin/item/extent.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/item/extent.h
-@@ -0,0 +1,228 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+#ifndef __REISER4_EXTENT_H__
-+#define __REISER4_EXTENT_H__
-+
-+/* on disk extent */
-+typedef struct {
-+ reiser4_dblock_nr start;
-+ reiser4_dblock_nr width;
-+} reiser4_extent;
-+
-+typedef struct extent_stat {
-+ int unallocated_units;
-+ int unallocated_blocks;
-+ int allocated_units;
-+ int allocated_blocks;
-+ int hole_units;
-+ int hole_blocks;
-+} extent_stat;
-+
-+/* extents in an extent item can be either holes, or unallocated or allocated
-+ extents */
-+typedef enum {
-+ HOLE_EXTENT,
-+ UNALLOCATED_EXTENT,
-+ ALLOCATED_EXTENT
-+} extent_state;
-+
-+#define HOLE_EXTENT_START 0
-+#define UNALLOCATED_EXTENT_START 1
-+#define UNALLOCATED_EXTENT_START2 2
-+
-+typedef struct {
-+ reiser4_block_nr pos_in_unit;
-+ reiser4_block_nr width; /* width of current unit */
-+ pos_in_node_t nr_units; /* number of units */
-+ int ext_offset; /* offset from the beginning of zdata() */
-+ unsigned long expected_page;
-+#if REISER4_DEBUG
-+ reiser4_extent extent;
-+#endif
-+} extent_coord_extension_t;
-+
-+/* macros to set/get fields of on-disk extent */
-+static inline reiser4_block_nr extent_get_start(const reiser4_extent * ext)
-+{
-+ return le64_to_cpu(ext->start);
-+}
-+
-+static inline reiser4_block_nr extent_get_width(const reiser4_extent * ext)
-+{
-+ return le64_to_cpu(ext->width);
-+}
-+
-+extern __u64 reiser4_current_block_count(void);
-+
-+static inline void
-+extent_set_start(reiser4_extent * ext, reiser4_block_nr start)
-+{
-+ cassert(sizeof(ext->start) == 8);
-+ assert("nikita-2510",
-+ ergo(start > 1, start < reiser4_current_block_count()));
-+ put_unaligned(cpu_to_le64(start), &ext->start);
-+}
-+
-+static inline void
-+extent_set_width(reiser4_extent * ext, reiser4_block_nr width)
-+{
-+ cassert(sizeof(ext->width) == 8);
-+ assert("", width > 0);
-+ put_unaligned(cpu_to_le64(width), &ext->width);
-+ assert("nikita-2511",
-+ ergo(extent_get_start(ext) > 1,
-+ extent_get_start(ext) + width <=
-+ reiser4_current_block_count()));
-+}
-+
-+#define extent_item(coord) \
-+({ \
-+ assert("nikita-3143", item_is_extent(coord)); \
-+ ((reiser4_extent *)item_body_by_coord (coord)); \
-+})
-+
-+#define extent_by_coord(coord) \
-+({ \
-+ assert("nikita-3144", item_is_extent(coord)); \
-+ (extent_item (coord) + (coord)->unit_pos); \
-+})
-+
-+#define width_by_coord(coord) \
-+({ \
-+ assert("nikita-3145", item_is_extent(coord)); \
-+ extent_get_width (extent_by_coord(coord)); \
-+})
-+
-+struct carry_cut_data;
-+struct carry_kill_data;
-+
-+/* plugin->u.item.b.* */
-+reiser4_key *max_key_inside_extent(const coord_t *, reiser4_key *);
-+int can_contain_key_extent(const coord_t * coord, const reiser4_key * key,
-+ const reiser4_item_data *);
-+int mergeable_extent(const coord_t * p1, const coord_t * p2);
-+pos_in_node_t nr_units_extent(const coord_t *);
-+lookup_result lookup_extent(const reiser4_key *, lookup_bias, coord_t *);
-+void init_coord_extent(coord_t *);
-+int init_extent(coord_t *, reiser4_item_data *);
-+int paste_extent(coord_t *, reiser4_item_data *, carry_plugin_info *);
-+int can_shift_extent(unsigned free_space,
-+ coord_t * source, znode * target, shift_direction,
-+ unsigned *size, unsigned want);
-+void copy_units_extent(coord_t * target, coord_t * source, unsigned from,
-+ unsigned count, shift_direction where_is_free_space,
-+ unsigned free_space);
-+int kill_hook_extent(const coord_t *, pos_in_node_t from, pos_in_node_t count,
-+ struct carry_kill_data *);
-+int create_hook_extent(const coord_t * coord, void *arg);
-+int cut_units_extent(coord_t * coord, pos_in_node_t from, pos_in_node_t to,
-+ struct carry_cut_data *, reiser4_key * smallest_removed,
-+ reiser4_key * new_first);
-+int kill_units_extent(coord_t * coord, pos_in_node_t from, pos_in_node_t to,
-+ struct carry_kill_data *, reiser4_key * smallest_removed,
-+ reiser4_key * new_first);
-+reiser4_key *unit_key_extent(const coord_t *, reiser4_key *);
-+reiser4_key *max_unit_key_extent(const coord_t *, reiser4_key *);
-+void print_extent(const char *, coord_t *);
-+int utmost_child_extent(const coord_t * coord, sideof side, jnode ** child);
-+int utmost_child_real_block_extent(const coord_t * coord, sideof side,
-+ reiser4_block_nr * block);
-+void item_stat_extent(const coord_t * coord, void *vp);
-+int check_extent(const coord_t * coord, const char **error);
-+
-+/* plugin->u.item.s.file.* */
-+ssize_t write_extent(struct file *, const char __user *, size_t, loff_t *);
-+int read_extent(struct file *, flow_t *, hint_t *);
-+int readpage_extent(void *, struct page *);
-+void readpages_extent(void *, struct address_space *, struct list_head *pages);
-+reiser4_key *append_key_extent(const coord_t *, reiser4_key *);
-+void init_coord_extension_extent(uf_coord_t *, loff_t offset);
-+int get_block_address_extent(const coord_t *, sector_t block,
-+ sector_t * result);
-+
-+/* these are used in flush.c
-+ FIXME-VS: should they be somewhere in item_plugin? */
-+int allocate_extent_item_in_place(coord_t *, lock_handle *, flush_pos_t * pos);
-+int allocate_and_copy_extent(znode * left, coord_t * right, flush_pos_t * pos,
-+ reiser4_key * stop_key);
-+
-+int extent_is_unallocated(const coord_t * item); /* True if this extent is unallocated (i.e., not a hole, not allocated). */
-+__u64 extent_unit_index(const coord_t * item); /* Block offset of this unit. */
-+__u64 extent_unit_width(const coord_t * item); /* Number of blocks in this unit. */
-+
-+/* plugin->u.item.f. */
-+int scan_extent(flush_scan * scan);
-+extern int key_by_offset_extent(struct inode *, loff_t, reiser4_key *);
-+
-+reiser4_item_data *init_new_extent(reiser4_item_data * data, void *ext_unit,
-+ int nr_extents);
-+reiser4_block_nr extent_size(const coord_t * coord, pos_in_node_t nr);
-+extent_state state_of_extent(reiser4_extent * ext);
-+void set_extent(reiser4_extent *, reiser4_block_nr start,
-+ reiser4_block_nr width);
-+int update_extent(struct inode *, jnode *, loff_t pos, int *plugged_hole);
-+
-+#include "../../coord.h"
-+#include "../../lock.h"
-+#include "../../tap.h"
-+
-+struct replace_handle {
-+ /* these are to be set before calling replace_extent */
-+ coord_t *coord;
-+ lock_handle *lh;
-+ reiser4_key key;
-+ reiser4_key *pkey;
-+ reiser4_extent overwrite;
-+ reiser4_extent new_extents[2];
-+ int nr_new_extents;
-+ unsigned flags;
-+
-+ /* these are used by replace_extent */
-+ reiser4_item_data item;
-+ coord_t coord_after;
-+ lock_handle lh_after;
-+ tap_t watch;
-+ reiser4_key paste_key;
-+#if REISER4_DEBUG
-+ reiser4_extent orig_ext;
-+ reiser4_key tmp;
-+#endif
-+};
-+
-+/* this structure is kmalloced before calling make_extent to avoid excessive
-+ stack consumption on plug_hole->replace_extent */
-+struct make_extent_handle {
-+ uf_coord_t *uf_coord;
-+ reiser4_block_nr blocknr;
-+ int created;
-+ struct inode *inode;
-+ union {
-+ struct {
-+ } append;
-+ struct replace_handle replace;
-+ } u;
-+};
-+
-+int replace_extent(struct replace_handle *, int return_inserted_position);
-+lock_handle *znode_lh(znode *);
-+
-+/* the reiser4 repacker support */
-+struct repacker_cursor;
-+extern int process_extent_backward_for_repacking(tap_t *,
-+ struct repacker_cursor *);
-+extern int mark_extent_for_repacking(tap_t *, int);
-+
-+#define coord_by_uf_coord(uf_coord) (&((uf_coord)->coord))
-+#define ext_coord_by_uf_coord(uf_coord) (&((uf_coord)->extension.extent))
-+
-+/* __REISER4_EXTENT_H__ */
-+#endif
-+/*
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/item/extent_file_ops.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/item/extent_file_ops.c
-@@ -0,0 +1,1712 @@
-+/* COPYRIGHT 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+#include "item.h"
-+#include "../../inode.h"
-+#include "../../page_cache.h"
-+#include "../object.h"
-+
-+#include <linux/quotaops.h>
-+#include <linux/swap.h>
-+#include "../../../../mm/filemap.h"
-+
-+
-+static inline reiser4_extent *ext_by_offset(const znode *node, int offset)
-+{
-+ reiser4_extent *ext;
-+
-+ ext = (reiser4_extent *) (zdata(node) + offset);
-+ return ext;
-+}
-+
-+/**
-+ * check_uf_coord - verify coord extension
-+ * @uf_coord:
-+ * @key:
-+ *
-+ * Makes sure that all fields of @uf_coord are set properly. If @key is
-+ * specified - check whether @uf_coord is set correspondingly.
-+ */
-+static void check_uf_coord(const uf_coord_t *uf_coord, const reiser4_key *key)
-+{
-+#if REISER4_DEBUG
-+ const coord_t *coord;
-+ const extent_coord_extension_t *ext_coord;
-+ reiser4_extent *ext;
-+
-+ coord = &uf_coord->coord;
-+ ext_coord = &uf_coord->extension.extent;
-+ ext = ext_by_offset(coord->node, uf_coord->extension.extent.ext_offset);
-+
-+ assert("",
-+ WITH_DATA(coord->node,
-+ (uf_coord->valid == 1 &&
-+ coord_is_iplug_set(coord) &&
-+ item_is_extent(coord) &&
-+ ext_coord->nr_units == nr_units_extent(coord) &&
-+ ext == extent_by_coord(coord) &&
-+ ext_coord->width == extent_get_width(ext) &&
-+ coord->unit_pos < ext_coord->nr_units &&
-+ ext_coord->pos_in_unit < ext_coord->width &&
-+ memcmp(ext, &ext_coord->extent,
-+ sizeof(reiser4_extent)) == 0)));
-+ if (key) {
-+ reiser4_key coord_key;
-+
-+ unit_key_by_coord(&uf_coord->coord, &coord_key);
-+ set_key_offset(&coord_key,
-+ get_key_offset(&coord_key) +
-+ (uf_coord->extension.extent.
-+ pos_in_unit << PAGE_CACHE_SHIFT));
-+ assert("", keyeq(key, &coord_key));
-+ }
-+#endif
-+}
-+
-+static inline reiser4_extent *ext_by_ext_coord(const uf_coord_t *uf_coord)
-+{
-+ check_uf_coord(uf_coord, NULL);
-+
-+ return ext_by_offset(uf_coord->coord.node,
-+ uf_coord->extension.extent.ext_offset);
-+}
-+
-+#if REISER4_DEBUG
-+
-+/**
-+ * offset_is_in_unit
-+ *
-+ *
-+ *
-+ */
-+/* return 1 if offset @off is inside of extent unit pointed to by @coord. Set
-+ pos_in_unit inside of unit correspondingly */
-+static int offset_is_in_unit(const coord_t *coord, loff_t off)
-+{
-+ reiser4_key unit_key;
-+ __u64 unit_off;
-+ reiser4_extent *ext;
-+
-+ ext = extent_by_coord(coord);
-+
-+ unit_key_extent(coord, &unit_key);
-+ unit_off = get_key_offset(&unit_key);
-+ if (off < unit_off)
-+ return 0;
-+ if (off >= (unit_off + (current_blocksize * extent_get_width(ext))))
-+ return 0;
-+ return 1;
-+}
-+
-+static int
-+coord_matches_key_extent(const coord_t * coord, const reiser4_key * key)
-+{
-+ reiser4_key item_key;
-+
-+ assert("vs-771", coord_is_existing_unit(coord));
-+ assert("vs-1258", keylt(key, append_key_extent(coord, &item_key)));
-+ assert("vs-1259", keyge(key, item_key_by_coord(coord, &item_key)));
-+
-+ return offset_is_in_unit(coord, get_key_offset(key));
-+}
-+
-+#endif
-+
-+/**
-+ * can_append -
-+ * @key:
-+ * @coord:
-+ *
-+ * Returns 1 if @key is equal to an append key of item @coord is set to
-+ */
-+static int can_append(const reiser4_key *key, const coord_t *coord)
-+{
-+ reiser4_key append_key;
-+
-+ return keyeq(key, append_key_extent(coord, &append_key));
-+}
-+
-+/**
-+ * append_hole
-+ * @coord:
-+ * @lh:
-+ * @key:
-+ *
-+ */
-+static int append_hole(coord_t *coord, lock_handle *lh,
-+ const reiser4_key *key)
-+{
-+ reiser4_key append_key;
-+ reiser4_block_nr hole_width;
-+ reiser4_extent *ext, new_ext;
-+ reiser4_item_data idata;
-+
-+ /* last item of file may have to be appended with hole */
-+ assert("vs-708", znode_get_level(coord->node) == TWIG_LEVEL);
-+ assert("vs-714", item_id_by_coord(coord) == EXTENT_POINTER_ID);
-+
-+ /* key of first byte which is not addressed by this extent */
-+ append_key_extent(coord, &append_key);
-+
-+ assert("", keyle(&append_key, key));
-+
-+ /*
-+ * extent item has to be appended with hole. Calculate length of that
-+ * hole
-+ */
-+ hole_width = ((get_key_offset(key) - get_key_offset(&append_key) +
-+ current_blocksize - 1) >> current_blocksize_bits);
-+ assert("vs-954", hole_width > 0);
-+
-+ /* set coord after last unit */
-+ coord_init_after_item_end(coord);
-+
-+ /* get last extent in the item */
-+ ext = extent_by_coord(coord);
-+ if (state_of_extent(ext) == HOLE_EXTENT) {
-+ /*
-+ * last extent of a file is hole extent. Widen that extent by
-+ * @hole_width blocks. Note that we do not worry about
-+ * overflowing - extent width is 64 bits
-+ */
-+ set_extent(ext, HOLE_EXTENT_START,
-+ extent_get_width(ext) + hole_width);
-+ znode_make_dirty(coord->node);
-+ return 0;
-+ }
-+
-+ /* append last item of the file with hole extent unit */
-+ assert("vs-713", (state_of_extent(ext) == ALLOCATED_EXTENT ||
-+ state_of_extent(ext) == UNALLOCATED_EXTENT));
-+
-+ set_extent(&new_ext, HOLE_EXTENT_START, hole_width);
-+ init_new_extent(&idata, &new_ext, 1);
-+ return insert_into_item(coord, lh, &append_key, &idata, 0);
-+}
-+
-+/**
-+ * check_jnodes
-+ * @twig: longterm locked twig node
-+ * @key:
-+ *
-+ */
-+static void check_jnodes(znode *twig, const reiser4_key *key, int count)
-+{
-+#if REISER4_DEBUG
-+ coord_t c;
-+ reiser4_key node_key, jnode_key;
-+
-+ jnode_key = *key;
-+
-+ assert("", twig != NULL);
-+ assert("", znode_get_level(twig) == TWIG_LEVEL);
-+ assert("", znode_is_write_locked(twig));
-+
-+ zload(twig);
-+ /* get the smallest key in twig node */
-+ coord_init_first_unit(&c, twig);
-+ unit_key_by_coord(&c, &node_key);
-+ assert("", keyle(&node_key, &jnode_key));
-+
-+ coord_init_last_unit(&c, twig);
-+ unit_key_by_coord(&c, &node_key);
-+ if (item_plugin_by_coord(&c)->s.file.append_key)
-+ item_plugin_by_coord(&c)->s.file.append_key(&c, &node_key);
-+ set_key_offset(&jnode_key,
-+ get_key_offset(&jnode_key) + (loff_t)count * PAGE_CACHE_SIZE - 1);
-+ assert("", keylt(&jnode_key, &node_key));
-+ zrelse(twig);
-+#endif
-+}
-+
-+/**
-+ * append_last_extent - append last file item
-+ * @uf_coord: coord to start insertion from
-+ * @jnodes: array of jnodes
-+ * @count: number of jnodes in the array
-+ *
-+ * There is already at least one extent item of file @inode in the tree. Append
-+ * the last of them with unallocated extent unit of width @count. Assign
-+ * fake block numbers to jnodes corresponding to the inserted extent.
-+ */
-+static int append_last_extent(uf_coord_t *uf_coord, const reiser4_key *key,
-+ jnode **jnodes, int count)
-+{
-+ int result;
-+ reiser4_extent new_ext;
-+ reiser4_item_data idata;
-+ coord_t *coord;
-+ extent_coord_extension_t *ext_coord;
-+ reiser4_extent *ext;
-+ reiser4_block_nr block;
-+ jnode *node;
-+ int i;
-+
-+ coord = &uf_coord->coord;
-+ ext_coord = &uf_coord->extension.extent;
-+ ext = ext_by_ext_coord(uf_coord);
-+
-+ /* check correctness of position in the item */
-+ assert("vs-228", coord->unit_pos == coord_last_unit_pos(coord));
-+ assert("vs-1311", coord->between == AFTER_UNIT);
-+ assert("vs-1302", ext_coord->pos_in_unit == ext_coord->width - 1);
-+
-+ if (!can_append(key, coord)) {
-+ /* hole extent has to be inserted */
-+ result = append_hole(coord, uf_coord->lh, key);
-+ uf_coord->valid = 0;
-+ return result;
-+ }
-+
-+ if (count == 0)
-+ return 0;
-+
-+ assert("", get_key_offset(key) == (loff_t)index_jnode(jnodes[0]) * PAGE_CACHE_SIZE);
-+
-+ result = DQUOT_ALLOC_BLOCK_NODIRTY(mapping_jnode(jnodes[0])->host,
-+ count);
-+ BUG_ON(result != 0);
-+
-+ switch (state_of_extent(ext)) {
-+ case UNALLOCATED_EXTENT:
-+ /*
-+ * last extent unit of the file is unallocated one. Increase
-+ * its width by @count
-+ */
-+ set_extent(ext, UNALLOCATED_EXTENT_START,
-+ extent_get_width(ext) + count);
-+ znode_make_dirty(coord->node);
-+
-+ /* update coord extension */
-+ ext_coord->width += count;
-+ ON_DEBUG(extent_set_width
-+ (&uf_coord->extension.extent.extent,
-+ ext_coord->width));
-+ break;
-+
-+ case HOLE_EXTENT:
-+ case ALLOCATED_EXTENT:
-+ /*
-+ * last extent unit of the file is either hole or allocated
-+ * one. Append one unallocated extent of width @count
-+ */
-+ set_extent(&new_ext, UNALLOCATED_EXTENT_START, count);
-+ init_new_extent(&idata, &new_ext, 1);
-+ result = insert_into_item(coord, uf_coord->lh, key, &idata, 0);
-+ uf_coord->valid = 0;
-+ if (result)
-+ return result;
-+ break;
-+
-+ default:
-+ return RETERR(-EIO);
-+ }
-+
-+ /*
-+ * make sure that we hold long term locked twig node containing all
-+ * jnodes we are about to capture
-+ */
-+ check_jnodes(uf_coord->lh->node, key, count);
-+
-+ /*
-+ * assign fake block numbers to all jnodes. FIXME: make sure whether
-+ * twig node containing inserted extent item is locked
-+ */
-+ block = fake_blocknr_unformatted(count);
-+ for (i = 0; i < count; i ++, block ++) {
-+ node = jnodes[i];
-+ spin_lock_jnode(node);
-+ JF_SET(node, JNODE_CREATED);
-+ jnode_set_block(node, &block);
-+ result = try_capture(node, ZNODE_WRITE_LOCK, 0);
-+ BUG_ON(result != 0);
-+ jnode_make_dirty_locked(node);
-+ spin_unlock_jnode(node);
-+ }
-+ return count;
-+}
-+
-+/**
-+ * insert_first_hole - inser hole extent into tree
-+ * @coord:
-+ * @lh:
-+ * @key:
-+ *
-+ *
-+ */
-+static int insert_first_hole(coord_t *coord, lock_handle *lh,
-+ const reiser4_key *key)
-+{
-+ reiser4_extent new_ext;
-+ reiser4_item_data idata;
-+ reiser4_key item_key;
-+ reiser4_block_nr hole_width;
-+
-+ /* @coord must be set for inserting of new item */
-+ assert("vs-711", coord_is_between_items(coord));
-+
-+ item_key = *key;
-+ set_key_offset(&item_key, 0ull);
-+
-+ hole_width = ((get_key_offset(key) + current_blocksize - 1) >>
-+ current_blocksize_bits);
-+ assert("vs-710", hole_width > 0);
-+
-+ /* compose body of hole extent and insert item into tree */
-+ set_extent(&new_ext, HOLE_EXTENT_START, hole_width);
-+ init_new_extent(&idata, &new_ext, 1);
-+ return insert_extent_by_coord(coord, &idata, &item_key, lh);
-+}
-+
-+
-+/**
-+ * insert_first_extent - insert first file item
-+ * @inode: inode of file
-+ * @uf_coord: coord to start insertion from
-+ * @jnodes: array of jnodes
-+ * @count: number of jnodes in the array
-+ * @inode:
-+ *
-+ * There are no items of file @inode in the tree yet. Insert unallocated extent
-+ * of width @count into tree or hole extent if writing not to the
-+ * beginning. Assign fake block numbers to jnodes corresponding to the inserted
-+ * unallocated extent. Returns number of jnodes or error code.
-+ */
-+static int insert_first_extent(uf_coord_t *uf_coord, const reiser4_key *key,
-+ jnode **jnodes, int count,
-+ struct inode *inode)
-+{
-+ int result;
-+ int i;
-+ reiser4_extent new_ext;
-+ reiser4_item_data idata;
-+ reiser4_block_nr block;
-+ unix_file_info_t *uf_info;
-+ jnode *node;
-+
-+ /* first extent insertion starts at leaf level */
-+ assert("vs-719", znode_get_level(uf_coord->coord.node) == LEAF_LEVEL);
-+ assert("vs-711", coord_is_between_items(&uf_coord->coord));
-+
-+ if (get_key_offset(key) != 0) {
-+ result = insert_first_hole(&uf_coord->coord, uf_coord->lh, key);
-+ uf_coord->valid = 0;
-+ uf_info = unix_file_inode_data(inode);
-+
-+ /*
-+ * first item insertion is only possible when writing to empty
-+ * file or performing tail conversion
-+ */
-+ assert("", (uf_info->container == UF_CONTAINER_EMPTY ||
-+ (inode_get_flag(inode, REISER4_PART_MIXED) &&
-+ inode_get_flag(inode, REISER4_PART_IN_CONV))));
-+
-+ /* if file was empty - update its state */
-+ if (result == 0 && uf_info->container == UF_CONTAINER_EMPTY)
-+ uf_info->container = UF_CONTAINER_EXTENTS;
-+ return result;
-+ }
-+
-+ if (count == 0)
-+ return 0;
-+
-+ result = DQUOT_ALLOC_BLOCK_NODIRTY(mapping_jnode(jnodes[0])->host, count);
-+ BUG_ON(result != 0);
-+
-+ /*
-+ * prepare for tree modification: compose body of item and item data
-+ * structure needed for insertion
-+ */
-+ set_extent(&new_ext, UNALLOCATED_EXTENT_START, count);
-+ init_new_extent(&idata, &new_ext, 1);
-+
-+ /* insert extent item into the tree */
-+ result = insert_extent_by_coord(&uf_coord->coord, &idata, key,
-+ uf_coord->lh);
-+ if (result)
-+ return result;
-+
-+ /*
-+ * make sure that we hold long term locked twig node containing all
-+ * jnodes we are about to capture
-+ */
-+ check_jnodes(uf_coord->lh->node, key, count);
-+ /*
-+ * assign fake block numbers to all jnodes, capture and mark them dirty
-+ */
-+ block = fake_blocknr_unformatted(count);
-+ for (i = 0; i < count; i ++, block ++) {
-+ node = jnodes[i];
-+ spin_lock_jnode(node);
-+ JF_SET(node, JNODE_CREATED);
-+ jnode_set_block(node, &block);
-+ result = try_capture(node, ZNODE_WRITE_LOCK, 0);
-+ BUG_ON(result != 0);
-+ jnode_make_dirty_locked(node);
-+ spin_unlock_jnode(node);
-+ }
-+
-+ /*
-+ * invalidate coordinate, research must be performed to continue
-+ * because write will continue on twig level
-+ */
-+ uf_coord->valid = 0;
-+ return count;
-+}
-+
-+/**
-+ * plug_hole - replace hole extent with unallocated and holes
-+ * @uf_coord:
-+ * @key:
-+ * @node:
-+ * @h: structure containing coordinate, lock handle, key, etc
-+ *
-+ * Creates an unallocated extent of width 1 within a hole. In worst case two
-+ * additional extents can be created.
-+ */
-+static int plug_hole(uf_coord_t *uf_coord, const reiser4_key *key, int *how)
-+{
-+ struct replace_handle rh;
-+ reiser4_extent *ext;
-+ reiser4_block_nr width, pos_in_unit;
-+ coord_t *coord;
-+ extent_coord_extension_t *ext_coord;
-+ int return_inserted_position;
-+
-+ check_uf_coord(uf_coord, key);
-+
-+ rh.coord = coord_by_uf_coord(uf_coord);
-+ rh.lh = uf_coord->lh;
-+ rh.flags = 0;
-+
-+ coord = coord_by_uf_coord(uf_coord);
-+ ext_coord = ext_coord_by_uf_coord(uf_coord);
-+ ext = ext_by_ext_coord(uf_coord);
-+
-+ width = ext_coord->width;
-+ pos_in_unit = ext_coord->pos_in_unit;
-+
-+ *how = 0;
-+ if (width == 1) {
-+ set_extent(ext, UNALLOCATED_EXTENT_START, 1);
-+ znode_make_dirty(coord->node);
-+ /* update uf_coord */
-+ ON_DEBUG(ext_coord->extent = *ext);
-+ *how = 1;
-+ return 0;
-+ } else if (pos_in_unit == 0) {
-+ /* we deal with first element of extent */
-+ if (coord->unit_pos) {
-+ /* there is an extent to the left */
-+ if (state_of_extent(ext - 1) == UNALLOCATED_EXTENT) {
-+ /*
-+ * left neighboring unit is an unallocated
-+ * extent. Increase its width and decrease
-+ * width of hole
-+ */
-+ extent_set_width(ext - 1,
-+ extent_get_width(ext - 1) + 1);
-+ extent_set_width(ext, width - 1);
-+ znode_make_dirty(coord->node);
-+
-+ /* update coord extension */
-+ coord->unit_pos--;
-+ ext_coord->width = extent_get_width(ext - 1);
-+ ext_coord->pos_in_unit = ext_coord->width - 1;
-+ ext_coord->ext_offset -= sizeof(reiser4_extent);
-+ ON_DEBUG(ext_coord->extent =
-+ *extent_by_coord(coord));
-+ *how = 2;
-+ return 0;
-+ }
-+ }
-+ /* extent for replace */
-+ set_extent(&rh.overwrite, UNALLOCATED_EXTENT_START, 1);
-+ /* extent to be inserted */
-+ set_extent(&rh.new_extents[0], HOLE_EXTENT_START, width - 1);
-+ rh.nr_new_extents = 1;
-+
-+ /* have replace_extent to return with @coord and @uf_coord->lh
-+ set to unit which was replaced */
-+ return_inserted_position = 0;
-+ *how = 3;
-+ } else if (pos_in_unit == width - 1) {
-+ /* we deal with last element of extent */
-+ if (coord->unit_pos < nr_units_extent(coord) - 1) {
-+ /* there is an extent unit to the right */
-+ if (state_of_extent(ext + 1) == UNALLOCATED_EXTENT) {
-+ /*
-+ * right neighboring unit is an unallocated
-+ * extent. Increase its width and decrease
-+ * width of hole
-+ */
-+ extent_set_width(ext + 1,
-+ extent_get_width(ext + 1) + 1);
-+ extent_set_width(ext, width - 1);
-+ znode_make_dirty(coord->node);
-+
-+ /* update coord extension */
-+ coord->unit_pos++;
-+ ext_coord->width = extent_get_width(ext + 1);
-+ ext_coord->pos_in_unit = 0;
-+ ext_coord->ext_offset += sizeof(reiser4_extent);
-+ ON_DEBUG(ext_coord->extent =
-+ *extent_by_coord(coord));
-+ *how = 4;
-+ return 0;
-+ }
-+ }
-+ /* extent for replace */
-+ set_extent(&rh.overwrite, HOLE_EXTENT_START, width - 1);
-+ /* extent to be inserted */
-+ set_extent(&rh.new_extents[0], UNALLOCATED_EXTENT_START, 1);
-+ rh.nr_new_extents = 1;
-+
-+ /* have replace_extent to return with @coord and @uf_coord->lh
-+ set to unit which was inserted */
-+ return_inserted_position = 1;
-+ *how = 5;
-+ } else {
-+ /* extent for replace */
-+ set_extent(&rh.overwrite, HOLE_EXTENT_START, pos_in_unit);
-+ /* extents to be inserted */
-+ set_extent(&rh.new_extents[0], UNALLOCATED_EXTENT_START, 1);
-+ set_extent(&rh.new_extents[1], HOLE_EXTENT_START,
-+ width - pos_in_unit - 1);
-+ rh.nr_new_extents = 2;
-+
-+ /* have replace_extent to return with @coord and @uf_coord->lh
-+ set to first of units which were inserted */
-+ return_inserted_position = 1;
-+ *how = 6;
-+ }
-+ unit_key_by_coord(coord, &rh.paste_key);
-+ set_key_offset(&rh.paste_key, get_key_offset(&rh.paste_key) +
-+ extent_get_width(&rh.overwrite) * current_blocksize);
-+
-+ uf_coord->valid = 0;
-+ return replace_extent(&rh, return_inserted_position);
-+}
-+
-+/**
-+ * overwrite_one_block -
-+ * @uf_coord:
-+ * @key:
-+ * @node:
-+ *
-+ * If @node corresponds to hole extent - create unallocated extent for it and
-+ * assign fake block number. If @node corresponds to allocated extent - assign
-+ * block number of jnode
-+ */
-+static int overwrite_one_block(uf_coord_t *uf_coord, const reiser4_key *key,
-+ jnode *node, int *hole_plugged)
-+{
-+ int result;
-+ extent_coord_extension_t *ext_coord;
-+ reiser4_extent *ext;
-+ reiser4_block_nr block;
-+ int how;
-+
-+ assert("vs-1312", uf_coord->coord.between == AT_UNIT);
-+
-+ result = 0;
-+ ext_coord = ext_coord_by_uf_coord(uf_coord);
-+ ext = ext_by_ext_coord(uf_coord);
-+ assert("", state_of_extent(ext) != UNALLOCATED_EXTENT);
-+
-+ switch (state_of_extent(ext)) {
-+ case ALLOCATED_EXTENT:
-+ block = extent_get_start(ext) + ext_coord->pos_in_unit;
-+ break;
-+
-+ case HOLE_EXTENT:
-+ result = DQUOT_ALLOC_BLOCK_NODIRTY(mapping_jnode(node)->host, 1);
-+ BUG_ON(result != 0);
-+ result = plug_hole(uf_coord, key, &how);
-+ if (result)
-+ return result;
-+ block = fake_blocknr_unformatted(1);
-+ if (hole_plugged)
-+ *hole_plugged = 1;
-+ JF_SET(node, JNODE_CREATED);
-+ break;
-+
-+ default:
-+ return RETERR(-EIO);
-+ }
-+
-+ jnode_set_block(node, &block);
-+ return 0;
-+}
-+
-+/**
-+ * move_coord - move coordinate forward
-+ * @uf_coord:
-+ *
-+ * Move coordinate one data block pointer forward. Return 1 if coord is set to
-+ * the last one already or is invalid.
-+ */
-+static int move_coord(uf_coord_t *uf_coord)
-+{
-+ extent_coord_extension_t *ext_coord;
-+
-+ if (uf_coord->valid == 0)
-+ return 1;
-+ ext_coord = &uf_coord->extension.extent;
-+ ext_coord->pos_in_unit ++;
-+ if (ext_coord->pos_in_unit < ext_coord->width)
-+ /* coordinate moved within the unit */
-+ return 0;
-+
-+ /* end of unit is reached. Try to move to next unit */
-+ ext_coord->pos_in_unit = 0;
-+ uf_coord->coord.unit_pos ++;
-+ if (uf_coord->coord.unit_pos < ext_coord->nr_units) {
-+ /* coordinate moved to next unit */
-+ ext_coord->ext_offset += sizeof(reiser4_extent);
-+ ext_coord->width =
-+ extent_get_width(ext_by_offset
-+ (uf_coord->coord.node,
-+ ext_coord->ext_offset));
-+ ON_DEBUG(ext_coord->extent =
-+ *ext_by_offset(uf_coord->coord.node,
-+ ext_coord->ext_offset));
-+ return 0;
-+ }
-+ /* end of item is reached */
-+ uf_coord->valid = 0;
-+ return 1;
-+}
-+
-+/**
-+ * overwrite_extent -
-+ * @inode:
-+ *
-+ * Returns number of handled jnodes.
-+ */
-+static int overwrite_extent(uf_coord_t *uf_coord, const reiser4_key *key,
-+ jnode **jnodes, int count, int *plugged_hole)
-+{
-+ int result;
-+ reiser4_key k;
-+ int i;
-+ jnode *node;
-+
-+ k = *key;
-+ for (i = 0; i < count; i ++) {
-+ node = jnodes[i];
-+ if (*jnode_get_block(node) == 0) {
-+ result = overwrite_one_block(uf_coord, &k, node, plugged_hole);
-+ if (result)
-+ return result;
-+ }
-+ /*
-+ * make sure that we hold long term locked twig node containing
-+ * all jnodes we are about to capture
-+ */
-+ check_jnodes(uf_coord->lh->node, &k, 1);
-+ /*
-+ * assign fake block numbers to all jnodes, capture and mark
-+ * them dirty
-+ */
-+ spin_lock_jnode(node);
-+ result = try_capture(node, ZNODE_WRITE_LOCK, 0);
-+ BUG_ON(result != 0);
-+ jnode_make_dirty_locked(node);
-+ spin_unlock_jnode(node);
-+
-+ if (uf_coord->valid == 0)
-+ return i + 1;
-+
-+ check_uf_coord(uf_coord, &k);
-+
-+ if (move_coord(uf_coord)) {
-+ /*
-+ * failed to move to the next node pointer. Either end
-+ * of file or end of twig node is reached. In the later
-+ * case we might go to the right neighbor.
-+ */
-+ uf_coord->valid = 0;
-+ return i + 1;
-+ }
-+ set_key_offset(&k, get_key_offset(&k) + PAGE_CACHE_SIZE);
-+ }
-+
-+ return count;
-+}
-+
-+void init_uf_coord(uf_coord_t *uf_coord, lock_handle *lh);
-+
-+/**
-+ * update_extent
-+ * @file:
-+ * @jnodes:
-+ * @count:
-+ * @off:
-+ *
-+ */
-+int update_extent(struct inode *inode, jnode *node, loff_t pos,
-+ int *plugged_hole)
-+{
-+ int result;
-+ znode *loaded;
-+ uf_coord_t uf_coord;
-+ coord_t *coord;
-+ lock_handle lh;
-+ reiser4_key key;
-+
-+ assert("", lock_counters()->d_refs == 0);
-+
-+ key_by_inode_and_offset_common(inode, pos, &key);
-+
-+ init_uf_coord(&uf_coord, &lh);
-+ coord = &uf_coord.coord;
-+ result = find_file_item_nohint(coord, &lh, &key,
-+ ZNODE_WRITE_LOCK, inode);
-+ if (IS_CBKERR(result)) {
-+ assert("", lock_counters()->d_refs == 0);
-+ return result;
-+ }
-+
-+ result = zload(coord->node);
-+ BUG_ON(result != 0);
-+ loaded = coord->node;
-+
-+ if (coord->between == AFTER_UNIT) {
-+ /*
-+ * append existing extent item with unallocated extent of width
-+ * nr_jnodes
-+ */
-+ init_coord_extension_extent(&uf_coord,
-+ get_key_offset(&key));
-+ result = append_last_extent(&uf_coord, &key,
-+ &node, 1);
-+ } else if (coord->between == AT_UNIT) {
-+ /*
-+ * overwrite
-+ * not optimal yet. Will be optimized if new write will show
-+ * performance win.
-+ */
-+ init_coord_extension_extent(&uf_coord,
-+ get_key_offset(&key));
-+ result = overwrite_extent(&uf_coord, &key,
-+ &node, 1, plugged_hole);
-+ } else {
-+ /*
-+ * there are no items of this file in the tree yet. Create
-+ * first item of the file inserting one unallocated extent of
-+ * width nr_jnodes
-+ */
-+ result = insert_first_extent(&uf_coord, &key, &node, 1, inode);
-+ }
-+ assert("", result == 1 || result < 0);
-+ zrelse(loaded);
-+ done_lh(&lh);
-+ assert("", lock_counters()->d_refs == 0);
-+ return (result == 1) ? 0 : result;
-+}
-+
-+/**
-+ * update_extents
-+ * @file:
-+ * @jnodes:
-+ * @count:
-+ * @off:
-+ *
-+ */
-+static int update_extents(struct file *file, jnode **jnodes, int count, loff_t pos)
-+{
-+ struct inode *inode;
-+ struct hint hint;
-+ reiser4_key key;
-+ int result;
-+ znode *loaded;
-+
-+ result = load_file_hint(file, &hint);
-+ BUG_ON(result != 0);
-+
-+ inode = file->f_dentry->d_inode;
-+ if (count != 0)
-+ /*
-+ * count == 0 is special case: expanding truncate
-+ */
-+ pos = (loff_t)index_jnode(jnodes[0]) << PAGE_CACHE_SHIFT;
-+ key_by_inode_and_offset_common(inode, pos, &key);
-+
-+ assert("", lock_counters()->d_refs == 0);
-+
-+ do {
-+ result = find_file_item(&hint, &key, ZNODE_WRITE_LOCK, inode);
-+ if (IS_CBKERR(result)) {
-+ assert("", lock_counters()->d_refs == 0);
-+ return result;
-+ }
-+
-+ result = zload(hint.ext_coord.coord.node);
-+ BUG_ON(result != 0);
-+ loaded = hint.ext_coord.coord.node;
-+
-+ if (hint.ext_coord.coord.between == AFTER_UNIT) {
-+ /*
-+ * append existing extent item with unallocated extent
-+ * of width nr_jnodes
-+ */
-+ if (hint.ext_coord.valid == 0)
-+ /* NOTE: get statistics on this */
-+ init_coord_extension_extent(&hint.ext_coord,
-+ get_key_offset(&key));
-+ result = append_last_extent(&hint.ext_coord, &key,
-+ jnodes, count);
-+ } else if (hint.ext_coord.coord.between == AT_UNIT) {
-+ /*
-+ * overwrite
-+ * not optimal yet. Will be optimized if new write will
-+ * show performance win.
-+ */
-+ if (hint.ext_coord.valid == 0)
-+ /* NOTE: get statistics on this */
-+ init_coord_extension_extent(&hint.ext_coord,
-+ get_key_offset(&key));
-+ result = overwrite_extent(&hint.ext_coord, &key,
-+ jnodes, count, NULL);
-+ } else {
-+ /*
-+ * there are no items of this file in the tree
-+ * yet. Create first item of the file inserting one
-+ * unallocated extent of * width nr_jnodes
-+ */
-+ result = insert_first_extent(&hint.ext_coord, &key,
-+ jnodes, count, inode);
-+ }
-+ zrelse(loaded);
-+ if (result < 0) {
-+ done_lh(hint.ext_coord.lh);
-+ break;
-+ }
-+
-+ jnodes += result;
-+ count -= result;
-+ set_key_offset(&key, get_key_offset(&key) + result * PAGE_CACHE_SIZE);
-+
-+ /* seal and unlock znode */
-+ if (hint.ext_coord.valid)
-+ set_hint(&hint, &key, ZNODE_WRITE_LOCK);
-+ else
-+ unset_hint(&hint);
-+
-+ } while (count > 0);
-+
-+ save_file_hint(file, &hint);
-+ assert("", lock_counters()->d_refs == 0);
-+ return result;
-+}
-+
-+/**
-+ * write_extent_reserve_space - reserve space for extent write operation
-+ * @inode:
-+ *
-+ * Estimates and reserves space which may be required for writing
-+ * WRITE_GRANULARITY pages of file.
-+ */
-+static int write_extent_reserve_space(struct inode *inode)
-+{
-+ __u64 count;
-+ reiser4_tree *tree;
-+
-+ /*
-+ * to write WRITE_GRANULARITY pages to a file by extents we have to
-+ * reserve disk space for:
-+
-+ * 1. find_file_item may have to insert empty node to the tree (empty
-+ * leaf node between two extent items). This requires 1 block and
-+ * number of blocks which are necessary to perform insertion of an
-+ * internal item into twig level.
-+
-+ * 2. for each of written pages there might be needed 1 block and
-+ * number of blocks which might be necessary to perform insertion of or
-+ * paste to an extent item.
-+
-+ * 3. stat data update
-+ */
-+ tree = tree_by_inode(inode);
-+ count = estimate_one_insert_item(tree) +
-+ WRITE_GRANULARITY * (1 + estimate_one_insert_into_item(tree)) +
-+ estimate_one_insert_item(tree);
-+ grab_space_enable();
-+ return reiser4_grab_space(count, 0 /* flags */);
-+}
-+
-+/**
-+ * write_extent - write method of extent item plugin
-+ * @file: file to write to
-+ * @buf: address of user-space buffer
-+ * @write_amount: number of bytes to write
-+ * @off: position in file to write to
-+ *
-+ */
-+ssize_t write_extent(struct file *file, const char __user *buf, size_t count,
-+ loff_t *pos)
-+{
-+ int have_to_update_extent;
-+ int nr_pages;
-+ struct page *page;
-+ jnode *jnodes[WRITE_GRANULARITY + 1];
-+ struct inode *inode;
-+ unsigned long index;
-+ unsigned long end;
-+ int i;
-+ int to_page, page_off;
-+ size_t left, written;
-+ int result;
-+
-+ inode = file->f_dentry->d_inode;
-+ if (write_extent_reserve_space(inode))
-+ return RETERR(-ENOSPC);
-+
-+ if (count == 0) {
-+ /* truncate case */
-+ update_extents(file, jnodes, 0, *pos);
-+ return 0;
-+ }
-+
-+ BUG_ON(get_current_context()->trans->atom != NULL);
-+
-+ index = *pos >> PAGE_CACHE_SHIFT;
-+ /* calculate number of pages which are to be written */
-+ end = ((*pos + count - 1) >> PAGE_CACHE_SHIFT);
-+ nr_pages = end - index + 1;
-+ assert("", nr_pages <= WRITE_GRANULARITY + 1);
-+
-+ /* get pages and jnodes */
-+ for (i = 0; i < nr_pages; i ++) {
-+ page = find_or_create_page(inode->i_mapping, index + i, get_gfp_mask());
-+ if (page == NULL) {
-+ while(i --) {
-+ unlock_page(jnode_page(jnodes[i]));
-+ page_cache_release(jnode_page(jnodes[i]));
-+ }
-+ return RETERR(-ENOMEM);
-+ }
-+
-+ jnodes[i] = jnode_of_page(page);
-+ if (IS_ERR(jnodes[i])) {
-+ unlock_page(page);
-+ page_cache_release(page);
-+ while (i --) {
-+ jput(jnodes[i]);
-+ page_cache_release(jnode_page(jnodes[i]));
-+ }
-+ return RETERR(-ENOMEM);
-+ }
-+ /* prevent jnode and page from disconnecting */
-+ JF_SET(jnodes[i], JNODE_WRITE_PREPARED);
-+ unlock_page(page);
-+ }
-+
-+ BUG_ON(get_current_context()->trans->atom != NULL);
-+
-+ have_to_update_extent = 0;
-+
-+ left = count;
-+ page_off = (*pos & (PAGE_CACHE_SIZE - 1));
-+ for (i = 0; i < nr_pages; i ++) {
-+ to_page = PAGE_CACHE_SIZE - page_off;
-+ if (to_page > left)
-+ to_page = left;
-+ page = jnode_page(jnodes[i]);
-+ if (((loff_t)page->index << PAGE_CACHE_SHIFT) < inode->i_size &&
-+ !PageUptodate(page) && to_page != PAGE_CACHE_SIZE) {
-+ /*
-+ * the above is not optimal for partial write to last
-+ * page of file when file size is not at boundary of
-+ * page
-+ */
-+ lock_page(page);
-+ if (!PageUptodate(page)) {
-+ result = readpage_unix_file(NULL, page);
-+ BUG_ON(result != 0);
-+ /* wait for read completion */
-+ lock_page(page);
-+ BUG_ON(!PageUptodate(page));
-+ unlock_page(page);
-+ } else
-+ result = 0;
-+ }
-+
-+ BUG_ON(get_current_context()->trans->atom != NULL);
-+ fault_in_pages_readable(buf, to_page);
-+ BUG_ON(get_current_context()->trans->atom != NULL);
-+
-+ lock_page(page);
-+ if (!PageUptodate(page) && to_page != PAGE_CACHE_SIZE) {
-+ void *kaddr;
-+
-+ kaddr = kmap_atomic(page, KM_USER0);
-+ memset(kaddr, 0, page_off);
-+ memset(kaddr + page_off + to_page, 0,
-+ PAGE_CACHE_SIZE - (page_off + to_page));
-+ flush_dcache_page(page);
-+ kunmap_atomic(kaddr, KM_USER0);
-+ }
-+
-+ written = filemap_copy_from_user(page, page_off, buf, to_page);
-+ if (written != to_page) {
-+ unlock_page(page);
-+ page_cache_release(page);
-+ nr_pages = i;
-+ jput(jnodes[i]);
-+ result = RETERR(-EFAULT);
-+ break;
-+ }
-+ flush_dcache_page(page);
-+ set_page_dirty_internal(page);
-+ unlock_page(page);
-+ mark_page_accessed(page);
-+ SetPageUptodate(page);
-+ page_cache_release(page);
-+
-+ if (jnodes[i]->blocknr == 0)
-+ have_to_update_extent ++;
-+
-+ page_off = 0;
-+ buf += to_page;
-+ left -= to_page;
-+ BUG_ON(get_current_context()->trans->atom != NULL);
-+ }
-+
-+ if (have_to_update_extent) {
-+ update_extents(file, jnodes, nr_pages, *pos);
-+ } else {
-+ for (i = 0; i < nr_pages; i ++) {
-+ spin_lock_jnode(jnodes[i]);
-+ result = try_capture(jnodes[i], ZNODE_WRITE_LOCK, 0);
-+ BUG_ON(result != 0);
-+ jnode_make_dirty_locked(jnodes[i]);
-+ spin_unlock_jnode(jnodes[i]);
-+ }
-+ }
-+
-+ for (i = 0; i < nr_pages; i ++) {
-+ JF_CLR(jnodes[i], JNODE_WRITE_PREPARED);
-+ jput(jnodes[i]);
-+ }
-+
-+ /* the only error handled so far is EFAULT on copy_from_user */
-+ return (count - left) ? (count - left) : -EFAULT;
-+}
-+
-+static inline void zero_page(struct page *page)
-+{
-+ char *kaddr = kmap_atomic(page, KM_USER0);
-+
-+ memset(kaddr, 0, PAGE_CACHE_SIZE);
-+ flush_dcache_page(page);
-+ kunmap_atomic(kaddr, KM_USER0);
-+ SetPageUptodate(page);
-+ unlock_page(page);
-+}
-+
-+static int
-+do_readpage_extent(reiser4_extent * ext, reiser4_block_nr pos,
-+ struct page *page)
-+{
-+ jnode *j;
-+ struct address_space *mapping;
-+ unsigned long index;
-+ oid_t oid;
-+ reiser4_block_nr block;
-+
-+ mapping = page->mapping;
-+ oid = get_inode_oid(mapping->host);
-+ index = page->index;
-+
-+ switch (state_of_extent(ext)) {
-+ case HOLE_EXTENT:
-+ /*
-+ * it is possible to have hole page with jnode, if page was
-+ * eflushed previously.
-+ */
-+ j = jfind(mapping, index);
-+ if (j == NULL) {
-+ zero_page(page);
-+ return 0;
-+ }
-+ spin_lock_jnode(j);
-+ if (!jnode_page(j)) {
-+ jnode_attach_page(j, page);
-+ } else {
-+ BUG_ON(jnode_page(j) != page);
-+ assert("vs-1504", jnode_page(j) == page);
-+ }
-+ block = *jnode_get_io_block(j);
-+ spin_unlock_jnode(j);
-+ if (block == 0) {
-+ zero_page(page);
-+ jput(j);
-+ return 0;
-+ }
-+ break;
-+
-+ case ALLOCATED_EXTENT:
-+ j = jnode_of_page(page);
-+ if (IS_ERR(j))
-+ return PTR_ERR(j);
-+ if (*jnode_get_block(j) == 0) {
-+ reiser4_block_nr blocknr;
-+
-+ blocknr = extent_get_start(ext) + pos;
-+ jnode_set_block(j, &blocknr);
-+ } else
-+ assert("vs-1403",
-+ j->blocknr == extent_get_start(ext) + pos);
-+ break;
-+
-+ case UNALLOCATED_EXTENT:
-+ j = jfind(mapping, index);
-+ assert("nikita-2688", j);
-+ assert("vs-1426", jnode_page(j) == NULL);
-+
-+ spin_lock_jnode(j);
-+ jnode_attach_page(j, page);
-+ spin_unlock_jnode(j);
-+ break;
-+
-+ default:
-+ warning("vs-957", "wrong extent\n");
-+ return RETERR(-EIO);
-+ }
-+
-+ BUG_ON(j == 0);
-+ page_io(page, j, READ, get_gfp_mask());
-+ jput(j);
-+ return 0;
-+}
-+
-+static int
-+move_coord_pages(coord_t * coord, extent_coord_extension_t * ext_coord,
-+ unsigned count)
-+{
-+ reiser4_extent *ext;
-+
-+ ext_coord->expected_page += count;
-+
-+ ext = ext_by_offset(coord->node, ext_coord->ext_offset);
-+
-+ do {
-+ if (ext_coord->pos_in_unit + count < ext_coord->width) {
-+ ext_coord->pos_in_unit += count;
-+ break;
-+ }
-+
-+ if (coord->unit_pos == ext_coord->nr_units - 1) {
-+ coord->between = AFTER_UNIT;
-+ return 1;
-+ }
-+
-+ /* shift to next unit */
-+ count -= (ext_coord->width - ext_coord->pos_in_unit);
-+ coord->unit_pos++;
-+ ext_coord->pos_in_unit = 0;
-+ ext_coord->ext_offset += sizeof(reiser4_extent);
-+ ext++;
-+ ON_DEBUG(ext_coord->extent = *ext);
-+ ext_coord->width = extent_get_width(ext);
-+ } while (1);
-+
-+ return 0;
-+}
-+
-+static int readahead_readpage_extent(void *vp, struct page *page)
-+{
-+ int result;
-+ uf_coord_t *uf_coord;
-+ coord_t *coord;
-+ extent_coord_extension_t *ext_coord;
-+
-+ uf_coord = vp;
-+ coord = &uf_coord->coord;
-+
-+ if (coord->between != AT_UNIT) {
-+ unlock_page(page);
-+ return RETERR(-EINVAL);
-+ }
-+
-+ ext_coord = &uf_coord->extension.extent;
-+ if (ext_coord->expected_page != page->index) {
-+ /* read_cache_pages skipped few pages. Try to adjust coord to page */
-+ assert("vs-1269", page->index > ext_coord->expected_page);
-+ if (move_coord_pages
-+ (coord, ext_coord,
-+ page->index - ext_coord->expected_page)) {
-+ /* extent pointing to this page is not here */
-+ unlock_page(page);
-+ return RETERR(-EINVAL);
-+ }
-+
-+ assert("vs-1274", offset_is_in_unit(coord,
-+ (loff_t) page->
-+ index << PAGE_CACHE_SHIFT));
-+ ext_coord->expected_page = page->index;
-+ }
-+
-+ assert("vs-1281", page->index == ext_coord->expected_page);
-+ result =
-+ do_readpage_extent(ext_by_ext_coord(uf_coord),
-+ ext_coord->pos_in_unit, page);
-+ if (!result)
-+ move_coord_pages(coord, ext_coord, 1);
-+ return result;
-+}
-+
-+static int move_coord_forward(uf_coord_t *ext_coord)
-+{
-+ coord_t *coord;
-+ extent_coord_extension_t *extension;
-+
-+ check_uf_coord(ext_coord, NULL);
-+
-+ extension = &ext_coord->extension.extent;
-+ extension->pos_in_unit++;
-+ if (extension->pos_in_unit < extension->width)
-+ /* stay within the same extent unit */
-+ return 0;
-+
-+ coord = &ext_coord->coord;
-+
-+ /* try to move to the next extent unit */
-+ coord->unit_pos++;
-+ if (coord->unit_pos < extension->nr_units) {
-+ /* went to the next extent unit */
-+ reiser4_extent *ext;
-+
-+ extension->pos_in_unit = 0;
-+ extension->ext_offset += sizeof(reiser4_extent);
-+ ext = ext_by_offset(coord->node, extension->ext_offset);
-+ ON_DEBUG(extension->extent = *ext);
-+ extension->width = extent_get_width(ext);
-+ return 0;
-+ }
-+
-+ /* there is no units in the item anymore */
-+ return 1;
-+}
-+
-+/* this is called by read_cache_pages for each of readahead pages */
-+static int extent_readpage_filler(void *data, struct page *page)
-+{
-+ hint_t *hint;
-+ loff_t offset;
-+ reiser4_key key;
-+ uf_coord_t *ext_coord;
-+ int result;
-+
-+ offset = (loff_t) page->index << PAGE_CACHE_SHIFT;
-+ key_by_inode_and_offset_common(page->mapping->host, offset, &key);
-+
-+ hint = (hint_t *) data;
-+ ext_coord = &hint->ext_coord;
-+
-+ BUG_ON(PageUptodate(page));
-+ unlock_page(page);
-+
-+ if (hint_validate(hint, &key, 1 /* check key */ , ZNODE_READ_LOCK) != 0) {
-+ result = coord_by_key(current_tree, &key, &ext_coord->coord,
-+ ext_coord->lh, ZNODE_READ_LOCK,
-+ FIND_EXACT, TWIG_LEVEL,
-+ TWIG_LEVEL, CBK_UNIQUE, NULL);
-+ if (result != CBK_COORD_FOUND) {
-+ unset_hint(hint);
-+ return result;
-+ }
-+ ext_coord->valid = 0;
-+ }
-+
-+ if (zload(ext_coord->coord.node)) {
-+ unset_hint(hint);
-+ return RETERR(-EIO);
-+ }
-+ if (!item_is_extent(&ext_coord->coord)) {
-+ /* tail conversion is running in parallel */
-+ zrelse(ext_coord->coord.node);
-+ unset_hint(hint);
-+ return RETERR(-EIO);
-+ }
-+
-+ if (ext_coord->valid == 0)
-+ init_coord_extension_extent(ext_coord, offset);
-+
-+ check_uf_coord(ext_coord, &key);
-+
-+ lock_page(page);
-+ if (!PageUptodate(page)) {
-+ result = do_readpage_extent(ext_by_ext_coord(ext_coord),
-+ ext_coord->extension.extent.
-+ pos_in_unit, page);
-+ if (result)
-+ unlock_page(page);
-+ } else {
-+ unlock_page(page);
-+ result = 0;
-+ }
-+ if (!result && move_coord_forward(ext_coord) == 0) {
-+ set_key_offset(&key, offset + PAGE_CACHE_SIZE);
-+ set_hint(hint, &key, ZNODE_READ_LOCK);
-+ } else
-+ unset_hint(hint);
-+ zrelse(ext_coord->coord.node);
-+ return result;
-+}
-+
-+/* this is called by reiser4_readpages */
-+static void
-+extent_readpages_hook(struct address_space *mapping, struct list_head *pages,
-+ void *data)
-+{
-+ /* FIXME: try whether having reiser4_read_cache_pages improves anything */
-+ read_cache_pages(mapping, pages, extent_readpage_filler, data);
-+}
-+
-+static int
-+call_page_cache_readahead(struct address_space *mapping, struct file *file,
-+ hint_t * hint,
-+ unsigned long page_nr,
-+ unsigned long ra_pages, struct file_ra_state *ra)
-+{
-+ reiser4_file_fsdata *fsdata;
-+ int result;
-+
-+ fsdata = reiser4_get_file_fsdata(file);
-+ if (IS_ERR(fsdata))
-+ return page_nr;
-+ fsdata->ra2.data = hint;
-+ fsdata->ra2.readpages = extent_readpages_hook;
-+
-+ result = page_cache_readahead(mapping, ra, file, page_nr, ra_pages);
-+ fsdata->ra2.readpages = NULL;
-+ return result;
-+}
-+
-+/* this is called when readahead did not */
-+static int call_readpage(struct file *file, struct page *page)
-+{
-+ int result;
-+
-+ result = readpage_unix_file_nolock(file, page);
-+ if (result)
-+ return result;
-+
-+ lock_page(page);
-+ if (!PageUptodate(page)) {
-+ unlock_page(page);
-+ page_detach_jnode(page, page->mapping, page->index);
-+ warning("jmacd-97178", "page is not up to date");
-+ return RETERR(-EIO);
-+ }
-+ unlock_page(page);
-+ return 0;
-+}
-+
-+static int filler(void *vp, struct page *page)
-+{
-+ return readpage_unix_file_nolock(vp, page);
-+}
-+
-+/* Implements plugin->u.item.s.file.read operation for extent items. */
-+int read_extent(struct file *file, flow_t *flow, hint_t *hint)
-+{
-+ int result;
-+ struct page *page;
-+ unsigned long cur_page, next_page;
-+ unsigned long page_off, count;
-+ struct address_space *mapping;
-+ loff_t file_off;
-+ uf_coord_t *uf_coord;
-+ coord_t *coord;
-+ extent_coord_extension_t *ext_coord;
-+ unsigned long nr_pages, prev_page;
-+ struct file_ra_state ra;
-+ char *kaddr;
-+
-+ assert("vs-1353", current_blocksize == PAGE_CACHE_SIZE);
-+ assert("vs-572", flow->user == 1);
-+ assert("vs-1351", flow->length > 0);
-+
-+ uf_coord = &hint->ext_coord;
-+
-+ check_uf_coord(uf_coord, NULL);
-+ assert("vs-33", uf_coord->lh == &hint->lh);
-+
-+ coord = &uf_coord->coord;
-+ assert("vs-1119", znode_is_rlocked(coord->node));
-+ assert("vs-1120", znode_is_loaded(coord->node));
-+ assert("vs-1256", coord_matches_key_extent(coord, &flow->key));
-+
-+ mapping = file->f_dentry->d_inode->i_mapping;
-+ ext_coord = &uf_coord->extension.extent;
-+
-+ /* offset in a file to start read from */
-+ file_off = get_key_offset(&flow->key);
-+ /* offset within the page to start read from */
-+ page_off = (unsigned long)(file_off & (PAGE_CACHE_SIZE - 1));
-+ /* bytes which can be read from the page which contains file_off */
-+ count = PAGE_CACHE_SIZE - page_off;
-+
-+ /* index of page containing offset read is to start from */
-+ cur_page = (unsigned long)(file_off >> PAGE_CACHE_SHIFT);
-+ next_page = cur_page;
-+ /* number of pages flow spans over */
-+ nr_pages =
-+ ((file_off + flow->length + PAGE_CACHE_SIZE -
-+ 1) >> PAGE_CACHE_SHIFT) - cur_page;
-+
-+ /* we start having twig node read locked. However, we do not want to
-+ keep that lock all the time readahead works. So, set a sel and
-+ release twig node. */
-+ set_hint(hint, &flow->key, ZNODE_READ_LOCK);
-+ /* &hint->lh is done-ed */
-+
-+ ra = file->f_ra;
-+ prev_page = ra.prev_page;
-+ do {
-+ txn_restart_current();
-+ if (next_page == cur_page)
-+ next_page =
-+ call_page_cache_readahead(mapping, file, hint,
-+ cur_page, nr_pages, &ra);
-+
-+ page = find_get_page(mapping, cur_page);
-+ if (unlikely(page == NULL)) {
-+ handle_ra_miss(mapping, &ra, cur_page);
-+ page = read_cache_page(mapping, cur_page, filler, file);
-+ if (IS_ERR(page))
-+ return PTR_ERR(page);
-+ lock_page(page);
-+ if (!PageUptodate(page)) {
-+ unlock_page(page);
-+ page_detach_jnode(page, mapping, cur_page);
-+ page_cache_release(page);
-+ warning("jmacd-97178",
-+ "extent_read: page is not up to date");
-+ return RETERR(-EIO);
-+ }
-+ unlock_page(page);
-+ } else {
-+ if (!PageUptodate(page)) {
-+ lock_page(page);
-+
-+ assert("", page->mapping == mapping);
-+ if (PageUptodate(page))
-+ unlock_page(page);
-+ else {
-+ result = call_readpage(file, page);
-+ if (result) {
-+ page_cache_release(page);
-+ return RETERR(result);
-+ }
-+ }
-+ }
-+ if (prev_page != cur_page)
-+ mark_page_accessed(page);
-+ prev_page = cur_page;
-+ }
-+
-+ /* If users can be writing to this page using arbitrary virtual
-+ addresses, take care about potential aliasing before reading
-+ the page on the kernel side.
-+ */
-+ if (mapping_writably_mapped(mapping))
-+ flush_dcache_page(page);
-+
-+ assert("nikita-3034", schedulable());
-+
-+ /* number of bytes which are to be read from the page */
-+ if (count > flow->length)
-+ count = flow->length;
-+
-+ result = fault_in_pages_writeable(flow->data, count);
-+ if (result) {
-+ page_cache_release(page);
-+ return RETERR(-EFAULT);
-+ }
-+
-+ kaddr = kmap_atomic(page, KM_USER0);
-+ result = __copy_to_user_inatomic(flow->data,
-+ kaddr + page_off, count);
-+ kunmap_atomic(kaddr, KM_USER0);
-+ if (result != 0) {
-+ kaddr = kmap(page);
-+ result = __copy_to_user(flow->data, kaddr + page_off, count);
-+ kunmap(page);
-+ if (unlikely(result))
-+ return RETERR(-EFAULT);
-+ }
-+
-+ page_cache_release(page);
-+
-+ /* increase key (flow->key), update user area pointer (flow->data) */
-+ move_flow_forward(flow, count);
-+
-+ page_off = 0;
-+ cur_page ++;
-+ count = PAGE_CACHE_SIZE;
-+ nr_pages--;
-+ } while (flow->length);
-+
-+ file->f_ra = ra;
-+ return 0;
-+}
-+
-+/*
-+ plugin->u.item.s.file.readpages
-+*/
-+void
-+readpages_extent(void *vp, struct address_space *mapping,
-+ struct list_head *pages)
-+{
-+ assert("vs-1739", 0);
-+ if (vp)
-+ read_cache_pages(mapping, pages, readahead_readpage_extent, vp);
-+}
-+
-+/*
-+ plugin->s.file.readpage
-+ reiser4_read->unix_file_read->page_cache_readahead->reiser4_readpage->unix_file_readpage->extent_readpage
-+ or
-+ filemap_nopage->reiser4_readpage->readpage_unix_file->->readpage_extent
-+
-+ At the beginning: coord->node is read locked, zloaded, page is
-+ locked, coord is set to existing unit inside of extent item (it is not necessary that coord matches to page->index)
-+*/
-+int readpage_extent(void *vp, struct page *page)
-+{
-+ uf_coord_t *uf_coord = vp;
-+ ON_DEBUG(coord_t * coord = &uf_coord->coord);
-+ ON_DEBUG(reiser4_key key);
-+
-+ assert("vs-1040", PageLocked(page));
-+ assert("vs-1050", !PageUptodate(page));
-+ assert("vs-1039", page->mapping && page->mapping->host);
-+
-+ assert("vs-1044", znode_is_loaded(coord->node));
-+ assert("vs-758", item_is_extent(coord));
-+ assert("vs-1046", coord_is_existing_unit(coord));
-+ assert("vs-1045", znode_is_rlocked(coord->node));
-+ assert("vs-1047",
-+ page->mapping->host->i_ino ==
-+ get_key_objectid(item_key_by_coord(coord, &key)));
-+ check_uf_coord(uf_coord, NULL);
-+
-+ return do_readpage_extent(ext_by_ext_coord(uf_coord),
-+ uf_coord->extension.extent.pos_in_unit, page);
-+}
-+
-+/**
-+ * get_block_address_extent
-+ * @coord:
-+ * @block:
-+ * @result:
-+ *
-+ *
-+ */
-+int get_block_address_extent(const coord_t *coord, sector_t block,
-+ sector_t *result)
-+{
-+ reiser4_extent *ext;
-+
-+ if (!coord_is_existing_unit(coord))
-+ return RETERR(-EINVAL);
-+
-+ ext = extent_by_coord(coord);
-+
-+ if (state_of_extent(ext) != ALLOCATED_EXTENT)
-+ /* FIXME: bad things may happen if it is unallocated extent */
-+ *result = 0;
-+ else {
-+ reiser4_key key;
-+
-+ unit_key_by_coord(coord, &key);
-+ assert("vs-1645",
-+ block >= get_key_offset(&key) >> current_blocksize_bits);
-+ assert("vs-1646",
-+ block <
-+ (get_key_offset(&key) >> current_blocksize_bits) +
-+ extent_get_width(ext));
-+ *result =
-+ extent_get_start(ext) + (block -
-+ (get_key_offset(&key) >>
-+ current_blocksize_bits));
-+ }
-+ return 0;
-+}
-+
-+/*
-+ plugin->u.item.s.file.append_key
-+ key of first byte which is the next to last byte by addressed by this extent
-+*/
-+reiser4_key *append_key_extent(const coord_t * coord, reiser4_key * key)
-+{
-+ item_key_by_coord(coord, key);
-+ set_key_offset(key,
-+ get_key_offset(key) + extent_size(coord,
-+ nr_units_extent
-+ (coord)));
-+
-+ assert("vs-610", get_key_offset(key)
-+ && (get_key_offset(key) & (current_blocksize - 1)) == 0);
-+ return key;
-+}
-+
-+/* plugin->u.item.s.file.init_coord_extension */
-+void init_coord_extension_extent(uf_coord_t * uf_coord, loff_t lookuped)
-+{
-+ coord_t *coord;
-+ extent_coord_extension_t *ext_coord;
-+ reiser4_key key;
-+ loff_t offset;
-+
-+ assert("vs-1295", uf_coord->valid == 0);
-+
-+ coord = &uf_coord->coord;
-+ assert("vs-1288", coord_is_iplug_set(coord));
-+ assert("vs-1327", znode_is_loaded(coord->node));
-+
-+ if (coord->between != AFTER_UNIT && coord->between != AT_UNIT)
-+ return;
-+
-+ ext_coord = &uf_coord->extension.extent;
-+ ext_coord->nr_units = nr_units_extent(coord);
-+ ext_coord->ext_offset =
-+ (char *)extent_by_coord(coord) - zdata(coord->node);
-+ ext_coord->width = extent_get_width(extent_by_coord(coord));
-+ ON_DEBUG(ext_coord->extent = *extent_by_coord(coord));
-+ uf_coord->valid = 1;
-+
-+ /* pos_in_unit is the only uninitialized field in extended coord */
-+ if (coord->between == AFTER_UNIT) {
-+ assert("vs-1330",
-+ coord->unit_pos == nr_units_extent(coord) - 1);
-+
-+ ext_coord->pos_in_unit = ext_coord->width - 1;
-+ } else {
-+ /* AT_UNIT */
-+ unit_key_by_coord(coord, &key);
-+ offset = get_key_offset(&key);
-+
-+ assert("vs-1328", offset <= lookuped);
-+ assert("vs-1329",
-+ lookuped <
-+ offset + ext_coord->width * current_blocksize);
-+ ext_coord->pos_in_unit =
-+ ((lookuped - offset) >> current_blocksize_bits);
-+ }
-+}
-+
-+/*
-+ * Local variables:
-+ * c-indentation-style: "K&R"
-+ * mode-name: "LC"
-+ * c-basic-offset: 8
-+ * tab-width: 8
-+ * fill-column: 79
-+ * scroll-step: 1
-+ * End:
-+ */
-Index: linux-2.6.16/fs/reiser4/plugin/item/extent_flush_ops.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/item/extent_flush_ops.c
-@@ -0,0 +1,1018 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+#include "item.h"
-+#include "../../tree.h"
-+#include "../../jnode.h"
-+#include "../../super.h"
-+#include "../../flush.h"
-+#include "../../carry.h"
-+#include "../object.h"
-+
-+#include <linux/pagemap.h>
-+
-+static reiser4_block_nr extent_unit_start(const coord_t * item);
-+
-+/* Return either first or last extent (depending on @side) of the item
-+ @coord is set to. Set @pos_in_unit either to first or to last block
-+ of extent. */
-+static reiser4_extent *extent_utmost_ext(const coord_t * coord, sideof side,
-+ reiser4_block_nr * pos_in_unit)
-+{
-+ reiser4_extent *ext;
-+
-+ if (side == LEFT_SIDE) {
-+ /* get first extent of item */
-+ ext = extent_item(coord);
-+ *pos_in_unit = 0;
-+ } else {
-+ /* get last extent of item and last position within it */
-+ assert("vs-363", side == RIGHT_SIDE);
-+ ext = extent_item(coord) + coord_last_unit_pos(coord);
-+ *pos_in_unit = extent_get_width(ext) - 1;
-+ }
-+
-+ return ext;
-+}
-+
-+/* item_plugin->f.utmost_child */
-+/* Return the child. Coord is set to extent item. Find jnode corresponding
-+ either to first or to last unformatted node pointed by the item */
-+int utmost_child_extent(const coord_t * coord, sideof side, jnode ** childp)
-+{
-+ reiser4_extent *ext;
-+ reiser4_block_nr pos_in_unit;
-+
-+ ext = extent_utmost_ext(coord, side, &pos_in_unit);
-+
-+ switch (state_of_extent(ext)) {
-+ case HOLE_EXTENT:
-+ *childp = NULL;
-+ return 0;
-+ case ALLOCATED_EXTENT:
-+ case UNALLOCATED_EXTENT:
-+ break;
-+ default:
-+ /* this should never happen */
-+ assert("vs-1417", 0);
-+ }
-+
-+ {
-+ reiser4_key key;
-+ reiser4_tree *tree;
-+ unsigned long index;
-+
-+ if (side == LEFT_SIDE) {
-+ /* get key of first byte addressed by the extent */
-+ item_key_by_coord(coord, &key);
-+ } else {
-+ /* get key of byte which next after last byte addressed by the extent */
-+ append_key_extent(coord, &key);
-+ }
-+
-+ assert("vs-544",
-+ (get_key_offset(&key) >> PAGE_CACHE_SHIFT) < ~0ul);
-+ /* index of first or last (depending on @side) page addressed
-+ by the extent */
-+ index =
-+ (unsigned long)(get_key_offset(&key) >> PAGE_CACHE_SHIFT);
-+ if (side == RIGHT_SIDE)
-+ index--;
-+
-+ tree = coord->node->zjnode.tree;
-+ *childp = jlookup(tree, get_key_objectid(&key), index);
-+ }
-+
-+ return 0;
-+}
-+
-+/* item_plugin->f.utmost_child_real_block */
-+/* Return the child's block, if allocated. */
-+int
-+utmost_child_real_block_extent(const coord_t * coord, sideof side,
-+ reiser4_block_nr * block)
-+{
-+ reiser4_extent *ext;
-+
-+ ext = extent_by_coord(coord);
-+
-+ switch (state_of_extent(ext)) {
-+ case ALLOCATED_EXTENT:
-+ *block = extent_get_start(ext);
-+ if (side == RIGHT_SIDE)
-+ *block += extent_get_width(ext) - 1;
-+ break;
-+ case HOLE_EXTENT:
-+ case UNALLOCATED_EXTENT:
-+ *block = 0;
-+ break;
-+ default:
-+ /* this should never happen */
-+ assert("vs-1418", 0);
-+ }
-+
-+ return 0;
-+}
-+
-+/* item_plugin->f.scan */
-+/* Performs leftward scanning starting from an unformatted node and its parent coordinate.
-+ This scan continues, advancing the parent coordinate, until either it encounters a
-+ formatted child or it finishes scanning this node.
-+
-+ If unallocated, the entire extent must be dirty and in the same atom. (Actually, I'm
-+ not sure this is last property (same atom) is enforced, but it should be the case since
-+ one atom must write the parent and the others must read the parent, thus fusing?). In
-+ any case, the code below asserts this case for unallocated extents. Unallocated
-+ extents are thus optimized because we can skip to the endpoint when scanning.
-+
-+ It returns control to scan_extent, handles these terminating conditions, e.g., by
-+ loading the next twig.
-+*/
-+int scan_extent(flush_scan * scan)
-+{
-+ coord_t coord;
-+ jnode *neighbor;
-+ unsigned long scan_index, unit_index, unit_width, scan_max, scan_dist;
-+ reiser4_block_nr unit_start;
-+ __u64 oid;
-+ reiser4_key key;
-+ int ret = 0, allocated, incr;
-+ reiser4_tree *tree;
-+
-+ if (!JF_ISSET(scan->node, JNODE_DIRTY)) {
-+ scan->stop = 1;
-+ return 0; /* Race with truncate, this node is already
-+ * truncated. */
-+ }
-+
-+ coord_dup(&coord, &scan->parent_coord);
-+
-+ assert("jmacd-1404", !scan_finished(scan));
-+ assert("jmacd-1405", jnode_get_level(scan->node) == LEAF_LEVEL);
-+ assert("jmacd-1406", jnode_is_unformatted(scan->node));
-+
-+ /* The scan_index variable corresponds to the current page index of the
-+ unformatted block scan position. */
-+ scan_index = index_jnode(scan->node);
-+
-+ assert("jmacd-7889", item_is_extent(&coord));
-+
-+ repeat:
-+ /* objectid of file */
-+ oid = get_key_objectid(item_key_by_coord(&coord, &key));
-+
-+ allocated = !extent_is_unallocated(&coord);
-+ /* Get the values of this extent unit: */
-+ unit_index = extent_unit_index(&coord);
-+ unit_width = extent_unit_width(&coord);
-+ unit_start = extent_unit_start(&coord);
-+
-+ assert("jmacd-7187", unit_width > 0);
-+ assert("jmacd-7188", scan_index >= unit_index);
-+ assert("jmacd-7189", scan_index <= unit_index + unit_width - 1);
-+
-+ /* Depending on the scan direction, we set different maximum values for scan_index
-+ (scan_max) and the number of nodes that would be passed if the scan goes the
-+ entire way (scan_dist). Incr is an integer reflecting the incremental
-+ direction of scan_index. */
-+ if (scanning_left(scan)) {
-+ scan_max = unit_index;
-+ scan_dist = scan_index - unit_index;
-+ incr = -1;
-+ } else {
-+ scan_max = unit_index + unit_width - 1;
-+ scan_dist = scan_max - unit_index;
-+ incr = +1;
-+ }
-+
-+ tree = coord.node->zjnode.tree;
-+
-+ /* If the extent is allocated we have to check each of its blocks. If the extent
-+ is unallocated we can skip to the scan_max. */
-+ if (allocated) {
-+ do {
-+ neighbor = jlookup(tree, oid, scan_index);
-+ if (neighbor == NULL)
-+ goto stop_same_parent;
-+
-+ if (scan->node != neighbor
-+ && !scan_goto(scan, neighbor)) {
-+ /* @neighbor was jput() by scan_goto(). */
-+ goto stop_same_parent;
-+ }
-+
-+ ret = scan_set_current(scan, neighbor, 1, &coord);
-+ if (ret != 0) {
-+ goto exit;
-+ }
-+
-+ /* reference to @neighbor is stored in @scan, no need
-+ to jput(). */
-+ scan_index += incr;
-+
-+ } while (incr + scan_max != scan_index);
-+
-+ } else {
-+ /* Optimized case for unallocated extents, skip to the end. */
-+ neighbor = jlookup(tree, oid, scan_max /*index */ );
-+ if (neighbor == NULL) {
-+ /* Race with truncate */
-+ scan->stop = 1;
-+ ret = 0;
-+ goto exit;
-+ }
-+
-+ assert("zam-1043", blocknr_is_fake(jnode_get_block(neighbor)));
-+
-+ ret = scan_set_current(scan, neighbor, scan_dist, &coord);
-+ if (ret != 0) {
-+ goto exit;
-+ }
-+ }
-+
-+ if (coord_sideof_unit(&coord, scan->direction) == 0
-+ && item_is_extent(&coord)) {
-+ /* Continue as long as there are more extent units. */
-+
-+ scan_index =
-+ extent_unit_index(&coord) +
-+ (scanning_left(scan) ? extent_unit_width(&coord) - 1 : 0);
-+ goto repeat;
-+ }
-+
-+ if (0) {
-+ stop_same_parent:
-+
-+ /* If we are scanning left and we stop in the middle of an allocated
-+ extent, we know the preceder immediately.. */
-+ /* middle of extent is (scan_index - unit_index) != 0. */
-+ if (scanning_left(scan) && (scan_index - unit_index) != 0) {
-+ /* FIXME(B): Someone should step-through and verify that this preceder
-+ calculation is indeed correct. */
-+ /* @unit_start is starting block (number) of extent
-+ unit. Flush stopped at the @scan_index block from
-+ the beginning of the file, which is (scan_index -
-+ unit_index) block within extent.
-+ */
-+ if (unit_start) {
-+ /* skip preceder update when we are at hole */
-+ scan->preceder_blk =
-+ unit_start + scan_index - unit_index;
-+ check_preceder(scan->preceder_blk);
-+ }
-+ }
-+
-+ /* In this case, we leave coord set to the parent of scan->node. */
-+ scan->stop = 1;
-+
-+ } else {
-+ /* In this case, we are still scanning, coord is set to the next item which is
-+ either off-the-end of the node or not an extent. */
-+ assert("jmacd-8912", scan->stop == 0);
-+ assert("jmacd-7812",
-+ (coord_is_after_sideof_unit(&coord, scan->direction)
-+ || !item_is_extent(&coord)));
-+ }
-+
-+ ret = 0;
-+ exit:
-+ return ret;
-+}
-+
-+/* ask block allocator for some blocks */
-+static void extent_allocate_blocks(reiser4_blocknr_hint *preceder,
-+ reiser4_block_nr wanted_count,
-+ reiser4_block_nr *first_allocated,
-+ reiser4_block_nr *allocated,
-+ block_stage_t block_stage)
-+{
-+ *allocated = wanted_count;
-+ preceder->max_dist = 0; /* scan whole disk, if needed */
-+
-+ /* that number of blocks (wanted_count) is either in UNALLOCATED or in GRABBED */
-+ preceder->block_stage = block_stage;
-+
-+ /* FIXME: we do not handle errors here now */
-+ check_me("vs-420",
-+ reiser4_alloc_blocks(preceder, first_allocated, allocated,
-+ BA_PERMANENT) == 0);
-+ /* update flush_pos's preceder to last allocated block number */
-+ preceder->blk = *first_allocated + *allocated - 1;
-+}
-+
-+/* when on flush time unallocated extent is to be replaced with allocated one it may happen that one unallocated extent
-+ will have to be replaced with set of allocated extents. In this case insert_into_item will be called which may have
-+ to add new nodes into tree. Space for that is taken from inviolable reserve (5%). */
-+static reiser4_block_nr reserve_replace(void)
-+{
-+ reiser4_block_nr grabbed, needed;
-+
-+ grabbed = get_current_context()->grabbed_blocks;
-+ needed = estimate_one_insert_into_item(current_tree);
-+ check_me("vpf-340", !reiser4_grab_space_force(needed, BA_RESERVED));
-+ return grabbed;
-+}
-+
-+static void free_replace_reserved(reiser4_block_nr grabbed)
-+{
-+ reiser4_context *ctx;
-+
-+ ctx = get_current_context();
-+ grabbed2free(ctx, get_super_private(ctx->super),
-+ ctx->grabbed_blocks - grabbed);
-+}
-+
-+/* Block offset of first block addressed by unit */
-+__u64 extent_unit_index(const coord_t * item)
-+{
-+ reiser4_key key;
-+
-+ assert("vs-648", coord_is_existing_unit(item));
-+ unit_key_by_coord(item, &key);
-+ return get_key_offset(&key) >> current_blocksize_bits;
-+}
-+
-+/* AUDIT shouldn't return value be of reiser4_block_nr type?
-+ Josh's answer: who knows? Is a "number of blocks" the same type as "block offset"? */
-+__u64 extent_unit_width(const coord_t * item)
-+{
-+ assert("vs-649", coord_is_existing_unit(item));
-+ return width_by_coord(item);
-+}
-+
-+/* Starting block location of this unit */
-+static reiser4_block_nr extent_unit_start(const coord_t * item)
-+{
-+ return extent_get_start(extent_by_coord(item));
-+}
-+
-+/**
-+ * split_allocated_extent -
-+ * @coord:
-+ * @pos_in_unit:
-+ *
-+ * replace allocated extent with two allocated extents
-+ */
-+static int split_allocated_extent(coord_t *coord, reiser4_block_nr pos_in_unit)
-+{
-+ int result;
-+ struct replace_handle *h;
-+ reiser4_extent *ext;
-+ reiser4_block_nr grabbed;
-+
-+ ext = extent_by_coord(coord);
-+ assert("vs-1410", state_of_extent(ext) == ALLOCATED_EXTENT);
-+ assert("vs-1411", extent_get_width(ext) > pos_in_unit);
-+
-+ h = kmalloc(sizeof(*h), get_gfp_mask());
-+ if (h == NULL)
-+ return RETERR(-ENOMEM);
-+ h->coord = coord;
-+ h->lh = znode_lh(coord->node);
-+ h->pkey = &h->key;
-+ unit_key_by_coord(coord, h->pkey);
-+ set_key_offset(h->pkey,
-+ (get_key_offset(h->pkey) +
-+ pos_in_unit * current_blocksize));
-+ set_extent(&h->overwrite, extent_get_start(ext), pos_in_unit);
-+ set_extent(&h->new_extents[0], extent_get_start(ext) + pos_in_unit,
-+ extent_get_width(ext) - pos_in_unit);
-+ h->nr_new_extents = 1;
-+ h->flags = COPI_DONT_SHIFT_LEFT;
-+ h->paste_key = h->key;
-+
-+ /* reserve space for extent unit paste, @grabbed is reserved before */
-+ grabbed = reserve_replace();
-+ result = replace_extent(h, 0 /* leave @coord set to overwritten
-+ extent */);
-+ /* restore reserved */
-+ free_replace_reserved(grabbed);
-+ kfree(h);
-+ return result;
-+}
-+
-+/* replace extent @ext by extent @replace. Try to merge @replace with previous extent of the item (if there is
-+ one). Return 1 if it succeeded, 0 - otherwise */
-+static int try_to_merge_with_left(coord_t *coord, reiser4_extent *ext,
-+ reiser4_extent *replace)
-+{
-+ assert("vs-1415", extent_by_coord(coord) == ext);
-+
-+ if (coord->unit_pos == 0
-+ || state_of_extent(ext - 1) != ALLOCATED_EXTENT)
-+ /* @ext either does not exist or is not allocated extent */
-+ return 0;
-+ if (extent_get_start(ext - 1) + extent_get_width(ext - 1) !=
-+ extent_get_start(replace))
-+ return 0;
-+
-+ /* we can glue, widen previous unit */
-+ extent_set_width(ext - 1,
-+ extent_get_width(ext - 1) + extent_get_width(replace));
-+
-+ if (extent_get_width(ext) != extent_get_width(replace)) {
-+ /* make current extent narrower */
-+ if (state_of_extent(ext) == ALLOCATED_EXTENT)
-+ extent_set_start(ext,
-+ extent_get_start(ext) +
-+ extent_get_width(replace));
-+ extent_set_width(ext,
-+ extent_get_width(ext) -
-+ extent_get_width(replace));
-+ } else {
-+ /* current extent completely glued with its left neighbor, remove it */
-+ coord_t from, to;
-+
-+ coord_dup(&from, coord);
-+ from.unit_pos = nr_units_extent(coord) - 1;
-+ coord_dup(&to, &from);
-+
-+ /* currently cut from extent can cut either from the beginning or from the end. Move place which got
-+ freed after unit removal to end of item */
-+ memmove(ext, ext + 1,
-+ (from.unit_pos -
-+ coord->unit_pos) * sizeof(reiser4_extent));
-+ /* wipe part of item which is going to be cut, so that node_check will not be confused */
-+ cut_node_content(&from, &to, NULL, NULL, NULL);
-+ }
-+ znode_make_dirty(coord->node);
-+ /* move coord back */
-+ coord->unit_pos--;
-+ return 1;
-+}
-+
-+/**
-+ * conv_extent - replace extent with 2 ones
-+ * @coord: coordinate of extent to be replaced
-+ * @replace: extent to overwrite the one @coord is set to
-+ *
-+ * Overwrites extent @coord is set to and paste one extent unit after
-+ * overwritten one if @replace is shorter than initial extent
-+ */
-+static int conv_extent(coord_t *coord, reiser4_extent *replace)
-+{
-+ int result;
-+ struct replace_handle *h;
-+ reiser4_extent *ext;
-+ reiser4_block_nr start, width, new_width;
-+ reiser4_block_nr grabbed;
-+ extent_state state;
-+
-+ ext = extent_by_coord(coord);
-+ state = state_of_extent(ext);
-+ start = extent_get_start(ext);
-+ width = extent_get_width(ext);
-+ new_width = extent_get_width(replace);
-+
-+ assert("vs-1458", (state == UNALLOCATED_EXTENT ||
-+ state == ALLOCATED_EXTENT));
-+ assert("vs-1459", width >= new_width);
-+
-+ if (try_to_merge_with_left(coord, ext, replace)) {
-+ /* merged @replace with left neighbor. Current unit is either
-+ removed or narrowed */
-+ return 0;
-+ }
-+
-+ if (width == new_width) {
-+ /* replace current extent with @replace */
-+ *ext = *replace;
-+ znode_make_dirty(coord->node);
-+ return 0;
-+ }
-+
-+ h = kmalloc(sizeof(*h), get_gfp_mask());
-+ if (h == NULL)
-+ return RETERR(-ENOMEM);
-+ h->coord = coord;
-+ h->lh = znode_lh(coord->node);
-+ h->pkey = &h->key;
-+ unit_key_by_coord(coord, h->pkey);
-+ set_key_offset(h->pkey,
-+ (get_key_offset(h->pkey) + new_width * current_blocksize));
-+ h->overwrite = *replace;
-+
-+ /* replace @ext with @replace and padding extent */
-+ set_extent(&h->new_extents[0],
-+ (state == ALLOCATED_EXTENT) ? (start + new_width) : UNALLOCATED_EXTENT_START,
-+ width - new_width);
-+ h->nr_new_extents = 1;
-+ h->flags = COPI_DONT_SHIFT_LEFT;
-+ h->paste_key = h->key;
-+
-+ /* reserve space for extent unit paste, @grabbed is reserved before */
-+ grabbed = reserve_replace();
-+ result = replace_extent(h, 0 /* leave @coord set to overwritten
-+ extent */);
-+
-+ /* restore reserved */
-+ free_replace_reserved(grabbed);
-+ kfree(h);
-+ return result;
-+}
-+
-+/**
-+ * assign_real_blocknrs
-+ * @flush_pos:
-+ * @oid: objectid of file jnodes to assign block number to belongs to
-+ * @index: first jnode on the range
-+ * @count: number of jnodes to assign block numbers to
-+ * @first: start of allocated block range
-+ *
-+ * Assigns block numbers to each of @count jnodes. Index of first jnode is
-+ * @index. Jnodes get lookuped with jlookup.
-+ */
-+static void assign_real_blocknrs(flush_pos_t *flush_pos, oid_t oid,
-+ unsigned long index, reiser4_block_nr count,
-+ reiser4_block_nr first)
-+{
-+ unsigned long i;
-+ reiser4_tree *tree;
-+ txn_atom *atom;
-+ int nr;
-+
-+ atom = atom_locked_by_fq(flush_pos->fq);
-+ assert("vs-1468", atom);
-+ BUG_ON(atom == NULL);
-+
-+ nr = 0;
-+ tree = current_tree;
-+ for (i = 0; i < count; ++i, ++index) {
-+ jnode *node;
-+
-+ node = jlookup(tree, oid, index);
-+ assert("", node != NULL);
-+ BUG_ON(node == NULL);
-+
-+ spin_lock_jnode(node);
-+ assert("", !jnode_is_flushprepped(node));
-+ assert("vs-1475", node->atom == atom);
-+ assert("vs-1476", atomic_read(&node->x_count) > 0);
-+
-+ JF_CLR(node, JNODE_FLUSH_RESERVED);
-+ jnode_set_block(node, &first);
-+ unformatted_make_reloc(node, flush_pos->fq);
-+ ON_DEBUG(count_jnode(node->atom, node, NODE_LIST(node),
-+ FQ_LIST, 0));
-+ spin_unlock_jnode(node);
-+ first++;
-+
-+ atomic_dec(&node->x_count);
-+ nr ++;
-+ }
-+
-+ spin_unlock_atom(atom);
-+ return;
-+}
-+
-+/**
-+ * make_node_ovrwr - assign node to overwrite set
-+ * @jnodes: overwrite set list head
-+ * @node: jnode to belong to overwrite set
-+ *
-+ * Sets OVRWR jnode state bit and puts @node to the end of list head @jnodes
-+ * which is an accumulator for nodes before they get to overwrite set list of
-+ * atom.
-+ */
-+static void make_node_ovrwr(struct list_head *jnodes, jnode *node)
-+{
-+ spin_lock_jnode(node);
-+
-+ assert("zam-917", !JF_ISSET(node, JNODE_RELOC));
-+ assert("zam-918", !JF_ISSET(node, JNODE_OVRWR));
-+
-+ JF_SET(node, JNODE_OVRWR);
-+ list_move_tail(&node->capture_link, jnodes);
-+ ON_DEBUG(count_jnode(node->atom, node, DIRTY_LIST, OVRWR_LIST, 0));
-+
-+ spin_unlock_jnode(node);
-+}
-+
-+/**
-+ * mark_jnodes_overwrite - put bunch of jnodes to overwrite set
-+ * @flush_pos: flush position
-+ * @oid: objectid of file jnodes belong to
-+ * @index: starting index
-+ * @width: extent width
-+ *
-+ * Puts nodes of one extent (file objectid @oid, extent width @width) to atom's
-+ * overwrite set. Starting from the one with index @index. If end of slum is
-+ * detected (node is not found or flushprepped) - stop iterating and set flush
-+ * position's state to POS_INVALID.
-+ */
-+static void mark_jnodes_overwrite(flush_pos_t *flush_pos, oid_t oid,
-+ unsigned long index, reiser4_block_nr width)
-+{
-+ unsigned long i;
-+ reiser4_tree *tree;
-+ jnode *node;
-+ txn_atom *atom;
-+ LIST_HEAD(jnodes);
-+
-+ tree = current_tree;
-+
-+ atom = atom_locked_by_fq(pos_fq(flush_pos));
-+ assert("vs-1478", atom);
-+
-+ for (i = flush_pos->pos_in_unit; i < width; i++, index++) {
-+ node = jlookup(tree, oid, index);
-+ if (!node) {
-+ flush_pos->state = POS_INVALID;
-+ break;
-+ }
-+ if (jnode_check_flushprepped(node)) {
-+ flush_pos->state = POS_INVALID;
-+ atomic_dec(&node->x_count);
-+ break;
-+ }
-+ if (node->atom != atom) {
-+ flush_pos->state = POS_INVALID;
-+ atomic_dec(&node->x_count);
-+ break;
-+ }
-+ make_node_ovrwr(&jnodes, node);
-+ atomic_dec(&node->x_count);
-+ }
-+
-+ list_splice_init(&jnodes, ATOM_OVRWR_LIST(atom)->prev);
-+ spin_unlock_atom(atom);
-+}
-+
-+/**
-+ * allocated_extent_slum_size
-+ * @flush_pos:
-+ * @oid:
-+ * @index:
-+ * @count:
-+ *
-+ *
-+ */
-+static int allocated_extent_slum_size(flush_pos_t *flush_pos, oid_t oid,
-+ unsigned long index, unsigned long count)
-+{
-+ unsigned long i;
-+ reiser4_tree *tree;
-+ txn_atom *atom;
-+ int nr;
-+
-+ atom = atom_locked_by_fq(pos_fq(flush_pos));
-+ assert("vs-1468", atom);
-+
-+ nr = 0;
-+ tree = current_tree;
-+ for (i = 0; i < count; ++i, ++index) {
-+ jnode *node;
-+
-+ node = jlookup(tree, oid, index);
-+ if (!node)
-+ break;
-+
-+ if (jnode_check_flushprepped(node)) {
-+ atomic_dec(&node->x_count);
-+ break;
-+ }
-+
-+ if (node->atom != atom) {
-+ /*
-+ * this is possible on overwrite: extent_write may
-+ * capture several unformatted nodes without capturing
-+ * any formatted nodes.
-+ */
-+ atomic_dec(&node->x_count);
-+ break;
-+ }
-+
-+ assert("vs-1476", atomic_read(&node->x_count) > 1);
-+ atomic_dec(&node->x_count);
-+ nr ++;
-+ }
-+
-+ spin_unlock_atom(atom);
-+ return nr;
-+}
-+
-+/**
-+ * alloc_extent
-+ * @flush_pos:
-+ *
-+ *
-+ * this is called by handle_pos_on_twig to proceed extent unit flush_pos->coord
-+ * is set to. It is to prepare for flushing sequence of not flushprepped nodes
-+ * (slum). It supposes that slum starts at flush_pos->pos_in_unit position
-+ * within the extent. Slum gets to relocate set if flush_pos->leaf_relocate is
-+ * set to 1 and to overwrite set otherwise
-+ */
-+int alloc_extent(flush_pos_t *flush_pos)
-+{
-+ coord_t *coord;
-+ reiser4_extent *ext;
-+ reiser4_extent replace_ext;
-+ oid_t oid;
-+ reiser4_block_nr protected;
-+ reiser4_block_nr start;
-+ __u64 index;
-+ __u64 width;
-+ extent_state state;
-+ int result;
-+ reiser4_block_nr first_allocated;
-+ __u64 allocated;
-+ reiser4_key key;
-+ block_stage_t block_stage;
-+
-+ assert("vs-1468", flush_pos->state == POS_ON_EPOINT);
-+ assert("vs-1469", coord_is_existing_unit(&flush_pos->coord)
-+ && item_is_extent(&flush_pos->coord));
-+
-+ coord = &flush_pos->coord;
-+
-+ ext = extent_by_coord(coord);
-+ state = state_of_extent(ext);
-+ if (state == HOLE_EXTENT) {
-+ flush_pos->state = POS_INVALID;
-+ return 0;
-+ }
-+
-+ item_key_by_coord(coord, &key);
-+ oid = get_key_objectid(&key);
-+ index = extent_unit_index(coord) + flush_pos->pos_in_unit;
-+ start = extent_get_start(ext);
-+ width = extent_get_width(ext);
-+
-+ assert("vs-1457", width > flush_pos->pos_in_unit);
-+
-+ if (flush_pos->leaf_relocate || state == UNALLOCATED_EXTENT) {
-+ /* relocate */
-+ if (flush_pos->pos_in_unit) {
-+ /* split extent unit into two */
-+ result =
-+ split_allocated_extent(coord,
-+ flush_pos->pos_in_unit);
-+ flush_pos->pos_in_unit = 0;
-+ return result;
-+ }
-+
-+ /* limit number of nodes to allocate */
-+ if (flush_pos->nr_to_write < width)
-+ width = flush_pos->nr_to_write;
-+
-+ if (state == ALLOCATED_EXTENT) {
-+ /*
-+ * all protected nodes are not flushprepped, therefore
-+ * they are counted as flush_reserved
-+ */
-+ block_stage = BLOCK_FLUSH_RESERVED;
-+ protected = allocated_extent_slum_size(flush_pos, oid,
-+ index, width);
-+ if (protected == 0) {
-+ flush_pos->state = POS_INVALID;
-+ flush_pos->pos_in_unit = 0;
-+ return 0;
-+ }
-+ } else {
-+ block_stage = BLOCK_UNALLOCATED;
-+ protected = width;
-+ }
-+
-+ /*
-+ * look at previous unit if possible. If it is allocated, make
-+ * preceder more precise
-+ */
-+ if (coord->unit_pos &&
-+ (state_of_extent(ext - 1) == ALLOCATED_EXTENT))
-+ pos_hint(flush_pos)->blk = extent_get_start(ext - 1) +
-+ extent_get_width(ext - 1);
-+
-+ /* allocate new block numbers for protected nodes */
-+ extent_allocate_blocks(pos_hint(flush_pos), protected,
-+ &first_allocated, &allocated,
-+ block_stage);
-+
-+ if (state == ALLOCATED_EXTENT)
-+ /*
-+ * on relocating - free nodes which are going to be
-+ * relocated
-+ */
-+ reiser4_dealloc_blocks(&start, &allocated,
-+ BLOCK_ALLOCATED, BA_DEFER);
-+
-+ /* assign new block numbers to protected nodes */
-+ assign_real_blocknrs(flush_pos, oid, index, allocated, first_allocated);
-+
-+
-+ /* prepare extent which will replace current one */
-+ set_extent(&replace_ext, first_allocated, allocated);
-+
-+ /* adjust extent item */
-+ result = conv_extent(coord, &replace_ext);
-+ if (result != 0 && result != -ENOMEM) {
-+ warning("vs-1461",
-+ "Failed to allocate extent. Should not happen\n");
-+ return result;
-+ }
-+
-+ /*
-+ * break flush: we prepared for flushing as many blocks as we
-+ * were asked for
-+ */
-+ if (flush_pos->nr_to_write == allocated)
-+ flush_pos->state = POS_INVALID;
-+ } else {
-+ /* overwrite */
-+ mark_jnodes_overwrite(flush_pos, oid, index, width);
-+ }
-+ flush_pos->pos_in_unit = 0;
-+ return 0;
-+}
-+
-+/* if @key is glueable to the item @coord is set to */
-+static int must_insert(const coord_t *coord, const reiser4_key *key)
-+{
-+ reiser4_key last;
-+
-+ if (item_id_by_coord(coord) == EXTENT_POINTER_ID
-+ && keyeq(append_key_extent(coord, &last), key))
-+ return 0;
-+ return 1;
-+}
-+
-+/* copy extent @copy to the end of @node. It may have to either insert new item after the last one, or append last item,
-+ or modify last unit of last item to have greater width */
-+static int put_unit_to_end(znode *node, const reiser4_key *key,
-+ reiser4_extent *copy_ext)
-+{
-+ int result;
-+ coord_t coord;
-+ cop_insert_flag flags;
-+ reiser4_extent *last_ext;
-+ reiser4_item_data data;
-+
-+ /* set coord after last unit in an item */
-+ coord_init_last_unit(&coord, node);
-+ coord.between = AFTER_UNIT;
-+
-+ flags =
-+ COPI_DONT_SHIFT_LEFT | COPI_DONT_SHIFT_RIGHT | COPI_DONT_ALLOCATE;
-+ if (must_insert(&coord, key)) {
-+ result =
-+ insert_by_coord(&coord, init_new_extent(&data, copy_ext, 1),
-+ key, NULL /*lh */ , flags);
-+
-+ } else {
-+ /* try to glue with last unit */
-+ last_ext = extent_by_coord(&coord);
-+ if (state_of_extent(last_ext) &&
-+ extent_get_start(last_ext) + extent_get_width(last_ext) ==
-+ extent_get_start(copy_ext)) {
-+ /* widen last unit of node */
-+ extent_set_width(last_ext,
-+ extent_get_width(last_ext) +
-+ extent_get_width(copy_ext));
-+ znode_make_dirty(node);
-+ return 0;
-+ }
-+
-+ /* FIXME: put an assertion here that we can not merge last unit in @node and new unit */
-+ result =
-+ insert_into_item(&coord, NULL /*lh */ , key,
-+ init_new_extent(&data, copy_ext, 1),
-+ flags);
-+ }
-+
-+ assert("vs-438", result == 0 || result == -E_NODE_FULL);
-+ return result;
-+}
-+
-+/* @coord is set to extent unit */
-+squeeze_result squalloc_extent(znode *left, const coord_t *coord,
-+ flush_pos_t *flush_pos,
-+ reiser4_key *stop_key)
-+{
-+ reiser4_extent *ext;
-+ __u64 index;
-+ __u64 width;
-+ reiser4_block_nr start;
-+ extent_state state;
-+ oid_t oid;
-+ reiser4_block_nr first_allocated;
-+ __u64 allocated;
-+ __u64 protected;
-+ reiser4_extent copy_extent;
-+ reiser4_key key;
-+ int result;
-+ block_stage_t block_stage;
-+
-+ assert("vs-1457", flush_pos->pos_in_unit == 0);
-+ assert("vs-1467", coord_is_leftmost_unit(coord));
-+ assert("vs-1467", item_is_extent(coord));
-+
-+ ext = extent_by_coord(coord);
-+ index = extent_unit_index(coord);
-+ start = extent_get_start(ext);
-+ width = extent_get_width(ext);
-+ state = state_of_extent(ext);
-+ unit_key_by_coord(coord, &key);
-+ oid = get_key_objectid(&key);
-+
-+ if ((flush_pos->leaf_relocate && state == ALLOCATED_EXTENT) ||
-+ (state == UNALLOCATED_EXTENT)) {
-+ /* relocate */
-+ if (state == ALLOCATED_EXTENT) {
-+ /* all protected nodes are not flushprepped, therefore
-+ * they are counted as flush_reserved */
-+ block_stage = BLOCK_FLUSH_RESERVED;
-+ protected = allocated_extent_slum_size(flush_pos, oid,
-+ index, width);
-+ if (protected == 0) {
-+ flush_pos->state = POS_INVALID;
-+ flush_pos->pos_in_unit = 0;
-+ return 0;
-+ }
-+ } else {
-+ block_stage = BLOCK_UNALLOCATED;
-+ protected = width;
-+ }
-+
-+ /*
-+ * look at previous unit if possible. If it is allocated, make
-+ * preceder more precise
-+ */
-+ if (coord->unit_pos &&
-+ (state_of_extent(ext - 1) == ALLOCATED_EXTENT))
-+ pos_hint(flush_pos)->blk = extent_get_start(ext - 1) +
-+ extent_get_width(ext - 1);
-+
-+ /* allocate new block numbers for protected nodes */
-+ extent_allocate_blocks(pos_hint(flush_pos), protected,
-+ &first_allocated, &allocated,
-+ block_stage);
-+
-+ /* prepare extent which will be copied to left */
-+ set_extent(©_extent, first_allocated, allocated);
-+
-+ result = put_unit_to_end(left, &key, ©_extent);
-+ if (result == -E_NODE_FULL) {
-+ int target_block_stage;
-+
-+ /* free blocks which were just allocated */
-+ target_block_stage =
-+ (state ==
-+ ALLOCATED_EXTENT) ? BLOCK_FLUSH_RESERVED :
-+ BLOCK_UNALLOCATED;
-+ reiser4_dealloc_blocks(&first_allocated, &allocated,
-+ target_block_stage,
-+ BA_PERMANENT);
-+
-+ /* rewind the preceder. */
-+ flush_pos->preceder.blk = first_allocated;
-+ check_preceder(flush_pos->preceder.blk);
-+
-+ return SQUEEZE_TARGET_FULL;
-+ }
-+
-+ if (state == ALLOCATED_EXTENT) {
-+ /* free nodes which were relocated */
-+ reiser4_dealloc_blocks(&start, &allocated,
-+ BLOCK_ALLOCATED, BA_DEFER);
-+ }
-+
-+ /* assign new block numbers to protected nodes */
-+ assign_real_blocknrs(flush_pos, oid, index, allocated,
-+ first_allocated);
-+
-+ set_key_offset(&key,
-+ get_key_offset(&key) +
-+ (allocated << current_blocksize_bits));
-+ } else {
-+ /*
-+ * overwrite: try to copy unit as it is to left neighbor and
-+ * make all first not flushprepped nodes overwrite nodes
-+ */
-+ set_extent(©_extent, start, width);
-+ result = put_unit_to_end(left, &key, ©_extent);
-+ if (result == -E_NODE_FULL)
-+ return SQUEEZE_TARGET_FULL;
-+
-+ if (state != HOLE_EXTENT)
-+ mark_jnodes_overwrite(flush_pos, oid, index, width);
-+ set_key_offset(&key,
-+ get_key_offset(&key) +
-+ (width << current_blocksize_bits));
-+ }
-+ *stop_key = key;
-+ return SQUEEZE_CONTINUE;
-+}
-+
-+int key_by_offset_extent(struct inode *inode, loff_t off, reiser4_key * key)
-+{
-+ return key_by_inode_and_offset_common(inode, off, key);
-+}
-+
-+/*
-+ * Local variables:
-+ * c-indentation-style: "K&R"
-+ * mode-name: "LC"
-+ * c-basic-offset: 8
-+ * tab-width: 8
-+ * fill-column: 79
-+ * scroll-step: 1
-+ * End:
-+ */
-Index: linux-2.6.16/fs/reiser4/plugin/item/extent_item_ops.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/item/extent_item_ops.c
-@@ -0,0 +1,882 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+#include "item.h"
-+#include "../../inode.h"
-+#include "../../tree_walk.h" /* check_sibling_list() */
-+#include "../../page_cache.h"
-+#include "../../carry.h"
-+
-+#include <linux/quotaops.h>
-+
-+/* item_plugin->b.max_key_inside */
-+reiser4_key *max_key_inside_extent(const coord_t * coord, reiser4_key * key)
-+{
-+ item_key_by_coord(coord, key);
-+ set_key_offset(key, get_key_offset(max_key()));
-+ return key;
-+}
-+
-+/* item_plugin->b.can_contain_key
-+ this checks whether @key of @data is matching to position set by @coord */
-+int
-+can_contain_key_extent(const coord_t * coord, const reiser4_key * key,
-+ const reiser4_item_data * data)
-+{
-+ reiser4_key item_key;
-+
-+ if (item_plugin_by_coord(coord) != data->iplug)
-+ return 0;
-+
-+ item_key_by_coord(coord, &item_key);
-+ if (get_key_locality(key) != get_key_locality(&item_key) ||
-+ get_key_objectid(key) != get_key_objectid(&item_key) ||
-+ get_key_ordering(key) != get_key_ordering(&item_key))
-+ return 0;
-+
-+ return 1;
-+}
-+
-+/* item_plugin->b.mergeable
-+ first item is of extent type */
-+/* Audited by: green(2002.06.13) */
-+int mergeable_extent(const coord_t * p1, const coord_t * p2)
-+{
-+ reiser4_key key1, key2;
-+
-+ assert("vs-299", item_id_by_coord(p1) == EXTENT_POINTER_ID);
-+ /* FIXME-VS: Which is it? Assert or return 0 */
-+ if (item_id_by_coord(p2) != EXTENT_POINTER_ID) {
-+ return 0;
-+ }
-+
-+ item_key_by_coord(p1, &key1);
-+ item_key_by_coord(p2, &key2);
-+ if (get_key_locality(&key1) != get_key_locality(&key2) ||
-+ get_key_objectid(&key1) != get_key_objectid(&key2) ||
-+ get_key_ordering(&key1) != get_key_ordering(&key2) ||
-+ get_key_type(&key1) != get_key_type(&key2))
-+ return 0;
-+ if (get_key_offset(&key1) + extent_size(p1, nr_units_extent(p1)) !=
-+ get_key_offset(&key2))
-+ return 0;
-+ return 1;
-+}
-+
-+/* item_plugin->b.nr_units */
-+pos_in_node_t nr_units_extent(const coord_t * coord)
-+{
-+ /* length of extent item has to be multiple of extent size */
-+ assert("vs-1424",
-+ (item_length_by_coord(coord) % sizeof(reiser4_extent)) == 0);
-+ return item_length_by_coord(coord) / sizeof(reiser4_extent);
-+}
-+
-+/* item_plugin->b.lookup */
-+lookup_result
-+lookup_extent(const reiser4_key * key, lookup_bias bias UNUSED_ARG,
-+ coord_t * coord)
-+{ /* znode and item_pos are
-+ set to an extent item to
-+ look through */
-+ reiser4_key item_key;
-+ reiser4_block_nr lookuped, offset;
-+ unsigned i, nr_units;
-+ reiser4_extent *ext;
-+ unsigned blocksize;
-+ unsigned char blocksize_bits;
-+
-+ item_key_by_coord(coord, &item_key);
-+ offset = get_key_offset(&item_key);
-+
-+ /* key we are looking for must be greater than key of item @coord */
-+ assert("vs-414", keygt(key, &item_key));
-+
-+ assert("umka-99945",
-+ !keygt(key, max_key_inside_extent(coord, &item_key)));
-+
-+ ext = extent_item(coord);
-+ assert("vs-1350", (char *)ext == (zdata(coord->node) + coord->offset));
-+
-+ blocksize = current_blocksize;
-+ blocksize_bits = current_blocksize_bits;
-+
-+ /* offset we are looking for */
-+ lookuped = get_key_offset(key);
-+
-+ nr_units = nr_units_extent(coord);
-+ /* go through all extents until the one which address given offset */
-+ for (i = 0; i < nr_units; i++, ext++) {
-+ offset += (extent_get_width(ext) << blocksize_bits);
-+ if (offset > lookuped) {
-+ /* desired byte is somewhere in this extent */
-+ coord->unit_pos = i;
-+ coord->between = AT_UNIT;
-+ return CBK_COORD_FOUND;
-+ }
-+ }
-+
-+ /* set coord after last unit */
-+ coord->unit_pos = nr_units - 1;
-+ coord->between = AFTER_UNIT;
-+ return CBK_COORD_FOUND;
-+}
-+
-+/* item_plugin->b.paste
-+ item @coord is set to has been appended with @data->length of free
-+ space. data->data contains data to be pasted into the item in position
-+ @coord->in_item.unit_pos. It must fit into that free space.
-+ @coord must be set between units.
-+*/
-+int
-+paste_extent(coord_t * coord, reiser4_item_data * data,
-+ carry_plugin_info * info UNUSED_ARG)
-+{
-+ unsigned old_nr_units;
-+ reiser4_extent *ext;
-+ int item_length;
-+
-+ ext = extent_item(coord);
-+ item_length = item_length_by_coord(coord);
-+ old_nr_units = (item_length - data->length) / sizeof(reiser4_extent);
-+
-+ /* this is also used to copy extent into newly created item, so
-+ old_nr_units could be 0 */
-+ assert("vs-260", item_length >= data->length);
-+
-+ /* make sure that coord is set properly */
-+ assert("vs-35",
-+ ((!coord_is_existing_unit(coord))
-+ || (!old_nr_units && !coord->unit_pos)));
-+
-+ /* first unit to be moved */
-+ switch (coord->between) {
-+ case AFTER_UNIT:
-+ coord->unit_pos++;
-+ case BEFORE_UNIT:
-+ coord->between = AT_UNIT;
-+ break;
-+ case AT_UNIT:
-+ assert("vs-331", !old_nr_units && !coord->unit_pos);
-+ break;
-+ default:
-+ impossible("vs-330", "coord is set improperly");
-+ }
-+
-+ /* prepare space for new units */
-+ memmove(ext + coord->unit_pos + data->length / sizeof(reiser4_extent),
-+ ext + coord->unit_pos,
-+ (old_nr_units - coord->unit_pos) * sizeof(reiser4_extent));
-+
-+ /* copy new data from kernel space */
-+ assert("vs-556", data->user == 0);
-+ memcpy(ext + coord->unit_pos, data->data, (unsigned)data->length);
-+
-+ /* after paste @coord is set to first of pasted units */
-+ assert("vs-332", coord_is_existing_unit(coord));
-+ assert("vs-333",
-+ !memcmp(data->data, extent_by_coord(coord),
-+ (unsigned)data->length));
-+ return 0;
-+}
-+
-+/* item_plugin->b.can_shift */
-+int
-+can_shift_extent(unsigned free_space, coord_t * source,
-+ znode * target UNUSED_ARG, shift_direction pend UNUSED_ARG,
-+ unsigned *size, unsigned want)
-+{
-+ *size = item_length_by_coord(source);
-+ if (*size > free_space)
-+ /* never split a unit of extent item */
-+ *size = free_space - free_space % sizeof(reiser4_extent);
-+
-+ /* we can shift *size bytes, calculate how many do we want to shift */
-+ if (*size > want * sizeof(reiser4_extent))
-+ *size = want * sizeof(reiser4_extent);
-+
-+ if (*size % sizeof(reiser4_extent) != 0)
-+ impossible("vs-119", "Wrong extent size: %i %zd", *size,
-+ sizeof(reiser4_extent));
-+ return *size / sizeof(reiser4_extent);
-+
-+}
-+
-+/* item_plugin->b.copy_units */
-+void
-+copy_units_extent(coord_t * target, coord_t * source,
-+ unsigned from, unsigned count,
-+ shift_direction where_is_free_space, unsigned free_space)
-+{
-+ char *from_ext, *to_ext;
-+
-+ assert("vs-217", free_space == count * sizeof(reiser4_extent));
-+
-+ from_ext = item_body_by_coord(source);
-+ to_ext = item_body_by_coord(target);
-+
-+ if (where_is_free_space == SHIFT_LEFT) {
-+ assert("vs-215", from == 0);
-+
-+ /* At this moment, item length was already updated in the item
-+ header by shifting code, hence nr_units_extent() will
-+ return "new" number of units---one we obtain after copying
-+ units.
-+ */
-+ to_ext +=
-+ (nr_units_extent(target) - count) * sizeof(reiser4_extent);
-+ } else {
-+ reiser4_key key;
-+ coord_t coord;
-+
-+ assert("vs-216",
-+ from + count == coord_last_unit_pos(source) + 1);
-+
-+ from_ext += item_length_by_coord(source) - free_space;
-+
-+ /* new units are inserted before first unit in an item,
-+ therefore, we have to update item key */
-+ coord = *source;
-+ coord.unit_pos = from;
-+ unit_key_extent(&coord, &key);
-+
-+ node_plugin_by_node(target->node)->update_item_key(target, &key,
-+ NULL /*info */);
-+ }
-+
-+ memcpy(to_ext, from_ext, free_space);
-+}
-+
-+/* item_plugin->b.create_hook
-+ @arg is znode of leaf node for which we need to update right delimiting key */
-+int create_hook_extent(const coord_t * coord, void *arg)
-+{
-+ coord_t *child_coord;
-+ znode *node;
-+ reiser4_key key;
-+ reiser4_tree *tree;
-+
-+ if (!arg)
-+ return 0;
-+
-+ child_coord = arg;
-+ tree = znode_get_tree(coord->node);
-+
-+ assert("nikita-3246", znode_get_level(child_coord->node) == LEAF_LEVEL);
-+
-+ write_lock_tree(tree);
-+ write_lock_dk(tree);
-+ /* find a node on the left level for which right delimiting key has to
-+ be updated */
-+ if (coord_wrt(child_coord) == COORD_ON_THE_LEFT) {
-+ assert("vs-411", znode_is_left_connected(child_coord->node));
-+ node = child_coord->node->left;
-+ } else {
-+ assert("vs-412", coord_wrt(child_coord) == COORD_ON_THE_RIGHT);
-+ node = child_coord->node;
-+ assert("nikita-3314", node != NULL);
-+ }
-+
-+ if (node != NULL) {
-+ znode_set_rd_key(node, item_key_by_coord(coord, &key));
-+
-+ assert("nikita-3282", check_sibling_list(node));
-+ /* break sibling links */
-+ if (ZF_ISSET(node, JNODE_RIGHT_CONNECTED) && node->right) {
-+ ON_DEBUG(node->right->left_version =
-+ atomic_inc_return(&delim_key_version);
-+ node->right_version =
-+ atomic_inc_return(&delim_key_version););
-+
-+ node->right->left = NULL;
-+ node->right = NULL;
-+ }
-+ }
-+ write_unlock_dk(tree);
-+ write_unlock_tree(tree);
-+ return 0;
-+}
-+
-+#define ITEM_TAIL_KILLED 0
-+#define ITEM_HEAD_KILLED 1
-+#define ITEM_KILLED 2
-+
-+/* item_plugin->b.kill_hook
-+ this is called when @count units starting from @from-th one are going to be removed
-+ */
-+int
-+kill_hook_extent(const coord_t * coord, pos_in_node_t from, pos_in_node_t count,
-+ struct carry_kill_data *kdata)
-+{
-+ reiser4_extent *ext;
-+ reiser4_block_nr start, length;
-+ const reiser4_key *pfrom_key, *pto_key;
-+ struct inode *inode;
-+ reiser4_tree *tree;
-+ pgoff_t from_off, to_off, offset, skip;
-+ int retval;
-+
-+ /* these are located in memory kmalloc-ed by kill_node_content */
-+ reiser4_key *min_item_key, *max_item_key, *from_key, *to_key, *key;
-+ coord_t *dup, *next;
-+
-+ assert("zam-811", znode_is_write_locked(coord->node));
-+ assert("nikita-3315", kdata != NULL);
-+ assert("vs-34", kdata->buf != NULL);
-+
-+ /* map structures to kdata->buf */
-+ min_item_key = (reiser4_key *) (kdata->buf);
-+ max_item_key = min_item_key + 1;
-+ from_key = max_item_key + 1;
-+ to_key = from_key + 1;
-+ key = to_key + 1;
-+ dup = (coord_t *) (key + 1);
-+ next = dup + 1;
-+
-+ item_key_by_coord(coord, min_item_key);
-+ max_item_key_by_coord(coord, max_item_key);
-+
-+ if (kdata->params.from_key) {
-+ pfrom_key = kdata->params.from_key;
-+ pto_key = kdata->params.to_key;
-+ } else {
-+ assert("vs-1549", from == coord->unit_pos);
-+ unit_key_by_coord(coord, from_key);
-+ pfrom_key = from_key;
-+
-+ coord_dup(dup, coord);
-+ dup->unit_pos = from + count - 1;
-+ max_unit_key_by_coord(dup, to_key);
-+ pto_key = to_key;
-+ }
-+
-+ if (!keylt(pto_key, max_item_key)) {
-+ if (!keygt(pfrom_key, min_item_key)) {
-+ znode *left, *right;
-+
-+ /* item is to be removed completely */
-+ assert("nikita-3316", kdata->left != NULL
-+ && kdata->right != NULL);
-+
-+ left = kdata->left->node;
-+ right = kdata->right->node;
-+
-+ tree = current_tree;
-+ /* we have to do two things:
-+ *
-+ * 1. link left and right formatted neighbors of
-+ * extent being removed, and
-+ *
-+ * 2. update their delimiting keys.
-+ *
-+ * atomicity of these operations is protected by
-+ * taking dk-lock and tree-lock.
-+ */
-+ /* if neighbors of item being removed are znodes -
-+ * link them */
-+ write_lock_tree(tree);
-+ write_lock_dk(tree);
-+ link_left_and_right(left, right);
-+ if (left) {
-+ /* update right delimiting key of left
-+ * neighbor of extent item */
-+ /*coord_t next;
-+ reiser4_key key; */
-+
-+ coord_dup(next, coord);
-+
-+ if (coord_next_item(next))
-+ *key = *znode_get_rd_key(coord->node);
-+ else
-+ item_key_by_coord(next, key);
-+ znode_set_rd_key(left, key);
-+ }
-+ write_unlock_dk(tree);
-+ write_unlock_tree(tree);
-+
-+ from_off =
-+ get_key_offset(min_item_key) >> PAGE_CACHE_SHIFT;
-+ to_off =
-+ (get_key_offset(max_item_key) +
-+ 1) >> PAGE_CACHE_SHIFT;
-+ retval = ITEM_KILLED;
-+ } else {
-+ /* tail of item is to be removed */
-+ from_off =
-+ (get_key_offset(pfrom_key) + PAGE_CACHE_SIZE -
-+ 1) >> PAGE_CACHE_SHIFT;
-+ to_off =
-+ (get_key_offset(max_item_key) +
-+ 1) >> PAGE_CACHE_SHIFT;
-+ retval = ITEM_TAIL_KILLED;
-+ }
-+ } else {
-+ /* head of item is to be removed */
-+ assert("vs-1571", keyeq(pfrom_key, min_item_key));
-+ assert("vs-1572",
-+ (get_key_offset(pfrom_key) & (PAGE_CACHE_SIZE - 1)) ==
-+ 0);
-+ assert("vs-1573",
-+ ((get_key_offset(pto_key) + 1) & (PAGE_CACHE_SIZE -
-+ 1)) == 0);
-+
-+ if (kdata->left->node) {
-+ /* update right delimiting key of left neighbor of extent item */
-+ /*reiser4_key key; */
-+
-+ *key = *pto_key;
-+ set_key_offset(key, get_key_offset(pto_key) + 1);
-+
-+ write_lock_dk(current_tree);
-+ znode_set_rd_key(kdata->left->node, key);
-+ write_unlock_dk(current_tree);
-+ }
-+
-+ from_off = get_key_offset(pfrom_key) >> PAGE_CACHE_SHIFT;
-+ to_off = (get_key_offset(pto_key) + 1) >> PAGE_CACHE_SHIFT;
-+ retval = ITEM_HEAD_KILLED;
-+ }
-+
-+ inode = kdata->inode;
-+ assert("vs-1545", inode != NULL);
-+ if (inode != NULL)
-+ /* take care of pages and jnodes corresponding to part of item being killed */
-+ reiser4_invalidate_pages(inode->i_mapping, from_off,
-+ to_off - from_off,
-+ kdata->params.truncate);
-+
-+ ext = extent_item(coord) + from;
-+ offset =
-+ (get_key_offset(min_item_key) +
-+ extent_size(coord, from)) >> PAGE_CACHE_SHIFT;
-+
-+ assert("vs-1551", from_off >= offset);
-+ assert("vs-1552", from_off - offset <= extent_get_width(ext));
-+ skip = from_off - offset;
-+ offset = from_off;
-+
-+ while (offset < to_off) {
-+ length = extent_get_width(ext) - skip;
-+ if (state_of_extent(ext) == HOLE_EXTENT) {
-+ skip = 0;
-+ offset += length;
-+ ext++;
-+ continue;
-+ }
-+
-+ if (offset + length > to_off) {
-+ length = to_off - offset;
-+ }
-+
-+ DQUOT_FREE_BLOCK_NODIRTY(inode, length);
-+
-+ if (state_of_extent(ext) == UNALLOCATED_EXTENT) {
-+ /* some jnodes corresponding to this unallocated extent */
-+ fake_allocated2free(length, 0 /* unformatted */ );
-+
-+ skip = 0;
-+ offset += length;
-+ ext++;
-+ continue;
-+ }
-+
-+ assert("vs-1218", state_of_extent(ext) == ALLOCATED_EXTENT);
-+
-+ if (length != 0) {
-+ start = extent_get_start(ext) + skip;
-+
-+ /* BA_DEFER bit parameter is turned on because blocks which get freed are not safe to be freed
-+ immediately */
-+ reiser4_dealloc_blocks(&start, &length,
-+ 0 /* not used */ ,
-+ BA_DEFER
-+ /* unformatted with defer */ );
-+ }
-+ skip = 0;
-+ offset += length;
-+ ext++;
-+ }
-+ return retval;
-+}
-+
-+/* item_plugin->b.kill_units */
-+int
-+kill_units_extent(coord_t * coord, pos_in_node_t from, pos_in_node_t to,
-+ struct carry_kill_data *kdata, reiser4_key * smallest_removed,
-+ reiser4_key * new_first)
-+{
-+ reiser4_extent *ext;
-+ reiser4_key item_key;
-+ pos_in_node_t count;
-+ reiser4_key from_key, to_key;
-+ const reiser4_key *pfrom_key, *pto_key;
-+ loff_t off;
-+ int result;
-+
-+ assert("vs-1541",
-+ ((kdata->params.from_key == NULL && kdata->params.to_key == NULL)
-+ || (kdata->params.from_key != NULL
-+ && kdata->params.to_key != NULL)));
-+
-+ if (kdata->params.from_key) {
-+ pfrom_key = kdata->params.from_key;
-+ pto_key = kdata->params.to_key;
-+ } else {
-+ coord_t dup;
-+
-+ /* calculate key range of kill */
-+ assert("vs-1549", from == coord->unit_pos);
-+ unit_key_by_coord(coord, &from_key);
-+ pfrom_key = &from_key;
-+
-+ coord_dup(&dup, coord);
-+ dup.unit_pos = to;
-+ max_unit_key_by_coord(&dup, &to_key);
-+ pto_key = &to_key;
-+ }
-+
-+ item_key_by_coord(coord, &item_key);
-+
-+#if REISER4_DEBUG
-+ {
-+ reiser4_key max_item_key;
-+
-+ max_item_key_by_coord(coord, &max_item_key);
-+
-+ if (new_first) {
-+ /* head of item is to be cut */
-+ assert("vs-1542", keyeq(pfrom_key, &item_key));
-+ assert("vs-1538", keylt(pto_key, &max_item_key));
-+ } else {
-+ /* tail of item is to be cut */
-+ assert("vs-1540", keygt(pfrom_key, &item_key));
-+ assert("vs-1543", !keylt(pto_key, &max_item_key));
-+ }
-+ }
-+#endif
-+
-+ if (smallest_removed)
-+ *smallest_removed = *pfrom_key;
-+
-+ if (new_first) {
-+ /* item head is cut. Item key will change. This new key is calculated here */
-+ assert("vs-1556",
-+ (get_key_offset(pto_key) & (PAGE_CACHE_SIZE - 1)) ==
-+ (PAGE_CACHE_SIZE - 1));
-+ *new_first = *pto_key;
-+ set_key_offset(new_first, get_key_offset(new_first) + 1);
-+ }
-+
-+ count = to - from + 1;
-+ result = kill_hook_extent(coord, from, count, kdata);
-+ if (result == ITEM_TAIL_KILLED) {
-+ assert("vs-1553",
-+ get_key_offset(pfrom_key) >=
-+ get_key_offset(&item_key) + extent_size(coord, from));
-+ off =
-+ get_key_offset(pfrom_key) - (get_key_offset(&item_key) +
-+ extent_size(coord, from));
-+ if (off) {
-+ /* unit @from is to be cut partially. Its width decreases */
-+ ext = extent_item(coord) + from;
-+ extent_set_width(ext,
-+ (off + PAGE_CACHE_SIZE -
-+ 1) >> PAGE_CACHE_SHIFT);
-+ count--;
-+ }
-+ } else {
-+ __u64 max_to_offset;
-+ __u64 rest;
-+
-+ assert("vs-1575", result == ITEM_HEAD_KILLED);
-+ assert("", from == 0);
-+ assert("",
-+ ((get_key_offset(pto_key) + 1) & (PAGE_CACHE_SIZE -
-+ 1)) == 0);
-+ assert("",
-+ get_key_offset(pto_key) + 1 >
-+ get_key_offset(&item_key) + extent_size(coord, to));
-+ max_to_offset =
-+ get_key_offset(&item_key) + extent_size(coord, to + 1) - 1;
-+ assert("", get_key_offset(pto_key) <= max_to_offset);
-+
-+ rest =
-+ (max_to_offset -
-+ get_key_offset(pto_key)) >> PAGE_CACHE_SHIFT;
-+ if (rest) {
-+ /* unit @to is to be cut partially */
-+ ext = extent_item(coord) + to;
-+
-+ assert("", extent_get_width(ext) > rest);
-+
-+ if (state_of_extent(ext) == ALLOCATED_EXTENT)
-+ extent_set_start(ext,
-+ extent_get_start(ext) +
-+ (extent_get_width(ext) -
-+ rest));
-+
-+ extent_set_width(ext, rest);
-+ count--;
-+ }
-+ }
-+ return count * sizeof(reiser4_extent);
-+}
-+
-+/* item_plugin->b.cut_units
-+ this is too similar to kill_units_extent */
-+int
-+cut_units_extent(coord_t * coord, pos_in_node_t from, pos_in_node_t to,
-+ struct carry_cut_data *cdata, reiser4_key * smallest_removed,
-+ reiser4_key * new_first)
-+{
-+ reiser4_extent *ext;
-+ reiser4_key item_key;
-+ pos_in_node_t count;
-+ reiser4_key from_key, to_key;
-+ const reiser4_key *pfrom_key, *pto_key;
-+ loff_t off;
-+
-+ assert("vs-1541",
-+ ((cdata->params.from_key == NULL && cdata->params.to_key == NULL)
-+ || (cdata->params.from_key != NULL
-+ && cdata->params.to_key != NULL)));
-+
-+ if (cdata->params.from_key) {
-+ pfrom_key = cdata->params.from_key;
-+ pto_key = cdata->params.to_key;
-+ } else {
-+ coord_t dup;
-+
-+ /* calculate key range of kill */
-+ coord_dup(&dup, coord);
-+ dup.unit_pos = from;
-+ unit_key_by_coord(&dup, &from_key);
-+
-+ dup.unit_pos = to;
-+ max_unit_key_by_coord(&dup, &to_key);
-+
-+ pfrom_key = &from_key;
-+ pto_key = &to_key;
-+ }
-+
-+ assert("vs-1555",
-+ (get_key_offset(pfrom_key) & (PAGE_CACHE_SIZE - 1)) == 0);
-+ assert("vs-1556",
-+ (get_key_offset(pto_key) & (PAGE_CACHE_SIZE - 1)) ==
-+ (PAGE_CACHE_SIZE - 1));
-+
-+ item_key_by_coord(coord, &item_key);
-+
-+#if REISER4_DEBUG
-+ {
-+ reiser4_key max_item_key;
-+
-+ assert("vs-1584",
-+ get_key_locality(pfrom_key) ==
-+ get_key_locality(&item_key));
-+ assert("vs-1585",
-+ get_key_type(pfrom_key) == get_key_type(&item_key));
-+ assert("vs-1586",
-+ get_key_objectid(pfrom_key) ==
-+ get_key_objectid(&item_key));
-+ assert("vs-1587",
-+ get_key_ordering(pfrom_key) ==
-+ get_key_ordering(&item_key));
-+
-+ max_item_key_by_coord(coord, &max_item_key);
-+
-+ if (new_first != NULL) {
-+ /* head of item is to be cut */
-+ assert("vs-1542", keyeq(pfrom_key, &item_key));
-+ assert("vs-1538", keylt(pto_key, &max_item_key));
-+ } else {
-+ /* tail of item is to be cut */
-+ assert("vs-1540", keygt(pfrom_key, &item_key));
-+ assert("vs-1543", keyeq(pto_key, &max_item_key));
-+ }
-+ }
-+#endif
-+
-+ if (smallest_removed)
-+ *smallest_removed = *pfrom_key;
-+
-+ if (new_first) {
-+ /* item head is cut. Item key will change. This new key is calculated here */
-+ *new_first = *pto_key;
-+ set_key_offset(new_first, get_key_offset(new_first) + 1);
-+ }
-+
-+ count = to - from + 1;
-+
-+ assert("vs-1553",
-+ get_key_offset(pfrom_key) >=
-+ get_key_offset(&item_key) + extent_size(coord, from));
-+ off =
-+ get_key_offset(pfrom_key) - (get_key_offset(&item_key) +
-+ extent_size(coord, from));
-+ if (off) {
-+ /* tail of unit @from is to be cut partially. Its width decreases */
-+ assert("vs-1582", new_first == NULL);
-+ ext = extent_item(coord) + from;
-+ extent_set_width(ext, off >> PAGE_CACHE_SHIFT);
-+ count--;
-+ }
-+
-+ assert("vs-1554",
-+ get_key_offset(pto_key) <=
-+ get_key_offset(&item_key) + extent_size(coord, to + 1) - 1);
-+ off =
-+ (get_key_offset(&item_key) + extent_size(coord, to + 1) - 1) -
-+ get_key_offset(pto_key);
-+ if (off) {
-+ /* @to_key is smaller than max key of unit @to. Unit @to will not be removed. It gets start increased
-+ and width decreased. */
-+ assert("vs-1583", (off & (PAGE_CACHE_SIZE - 1)) == 0);
-+ ext = extent_item(coord) + to;
-+ if (state_of_extent(ext) == ALLOCATED_EXTENT)
-+ extent_set_start(ext,
-+ extent_get_start(ext) +
-+ (extent_get_width(ext) -
-+ (off >> PAGE_CACHE_SHIFT)));
-+
-+ extent_set_width(ext, (off >> PAGE_CACHE_SHIFT));
-+ count--;
-+ }
-+ return count * sizeof(reiser4_extent);
-+}
-+
-+/* item_plugin->b.unit_key */
-+reiser4_key *unit_key_extent(const coord_t * coord, reiser4_key * key)
-+{
-+ assert("vs-300", coord_is_existing_unit(coord));
-+
-+ item_key_by_coord(coord, key);
-+ set_key_offset(key,
-+ (get_key_offset(key) +
-+ extent_size(coord, coord->unit_pos)));
-+
-+ return key;
-+}
-+
-+/* item_plugin->b.max_unit_key */
-+reiser4_key *max_unit_key_extent(const coord_t * coord, reiser4_key * key)
-+{
-+ assert("vs-300", coord_is_existing_unit(coord));
-+
-+ item_key_by_coord(coord, key);
-+ set_key_offset(key,
-+ (get_key_offset(key) +
-+ extent_size(coord, coord->unit_pos + 1) - 1));
-+ return key;
-+}
-+
-+/* item_plugin->b.estimate
-+ item_plugin->b.item_data_by_flow */
-+
-+#if REISER4_DEBUG
-+
-+/* item_plugin->b.check
-+ used for debugging, every item should have here the most complete
-+ possible check of the consistency of the item that the inventor can
-+ construct
-+*/
-+int check_extent(const coord_t * coord /* coord of item to check */ ,
-+ const char **error /* where to store error message */ )
-+{
-+ reiser4_extent *ext, *first;
-+ unsigned i, j;
-+ reiser4_block_nr start, width, blk_cnt;
-+ unsigned num_units;
-+ reiser4_tree *tree;
-+ oid_t oid;
-+ reiser4_key key;
-+ coord_t scan;
-+
-+ assert("vs-933", REISER4_DEBUG);
-+
-+ if (znode_get_level(coord->node) != TWIG_LEVEL) {
-+ *error = "Extent on the wrong level";
-+ return -1;
-+ }
-+ if (item_length_by_coord(coord) % sizeof(reiser4_extent) != 0) {
-+ *error = "Wrong item size";
-+ return -1;
-+ }
-+ ext = first = extent_item(coord);
-+ blk_cnt = reiser4_block_count(reiser4_get_current_sb());
-+ num_units = coord_num_units(coord);
-+ tree = znode_get_tree(coord->node);
-+ item_key_by_coord(coord, &key);
-+ oid = get_key_objectid(&key);
-+ coord_dup(&scan, coord);
-+
-+ for (i = 0; i < num_units; ++i, ++ext) {
-+ __u64 index;
-+
-+ scan.unit_pos = i;
-+ index = extent_unit_index(&scan);
-+
-+#if 0
-+ /* check that all jnodes are present for the unallocated
-+ * extent */
-+ if (state_of_extent(ext) == UNALLOCATED_EXTENT) {
-+ for (j = 0; j < extent_get_width(ext); j++) {
-+ jnode *node;
-+
-+ node = jlookup(tree, oid, index + j);
-+ if (node == NULL) {
-+ print_coord("scan", &scan, 0);
-+ *error = "Jnode missing";
-+ return -1;
-+ }
-+ jput(node);
-+ }
-+ }
-+#endif
-+
-+ start = extent_get_start(ext);
-+ if (start < 2)
-+ continue;
-+ /* extent is allocated one */
-+ width = extent_get_width(ext);
-+ if (start >= blk_cnt) {
-+ *error = "Start too large";
-+ return -1;
-+ }
-+ if (start + width > blk_cnt) {
-+ *error = "End too large";
-+ return -1;
-+ }
-+ /* make sure that this extent does not overlap with other
-+ allocated extents extents */
-+ for (j = 0; j < i; j++) {
-+ if (state_of_extent(first + j) != ALLOCATED_EXTENT)
-+ continue;
-+ if (!
-+ ((extent_get_start(ext) >=
-+ extent_get_start(first + j) +
-+ extent_get_width(first + j))
-+ || (extent_get_start(ext) +
-+ extent_get_width(ext) <=
-+ extent_get_start(first + j)))) {
-+ *error = "Extent overlaps with others";
-+ return -1;
-+ }
-+ }
-+
-+ }
-+
-+ return 0;
-+}
-+
-+#endif /* REISER4_DEBUG */
-+
-+/*
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/item/internal.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/item/internal.c
-@@ -0,0 +1,392 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* Implementation of internal-item plugin methods. */
-+
-+#include "../../forward.h"
-+#include "../../debug.h"
-+#include "../../dformat.h"
-+#include "../../key.h"
-+#include "../../coord.h"
-+#include "internal.h"
-+#include "item.h"
-+#include "../node/node.h"
-+#include "../plugin.h"
-+#include "../../jnode.h"
-+#include "../../znode.h"
-+#include "../../tree_walk.h"
-+#include "../../tree_mod.h"
-+#include "../../tree.h"
-+#include "../../super.h"
-+#include "../../block_alloc.h"
-+
-+/* see internal.h for explanation */
-+
-+/* plugin->u.item.b.mergeable */
-+int mergeable_internal(const coord_t * p1 UNUSED_ARG /* first item */ ,
-+ const coord_t * p2 UNUSED_ARG /* second item */ )
-+{
-+ /* internal items are not mergeable */
-+ return 0;
-+}
-+
-+/* ->lookup() method for internal items */
-+lookup_result lookup_internal(const reiser4_key * key /* key to look up */ ,
-+ lookup_bias bias UNUSED_ARG /* lookup bias */ ,
-+ coord_t * coord /* coord of item */ )
-+{
-+ reiser4_key ukey;
-+
-+ switch (keycmp(unit_key_by_coord(coord, &ukey), key)) {
-+ default:
-+ impossible("", "keycmp()?!");
-+ case LESS_THAN:
-+ /* FIXME-VS: AFTER_ITEM used to be here. But with new coord
-+ item plugin can not be taken using coord set this way */
-+ assert("vs-681", coord->unit_pos == 0);
-+ coord->between = AFTER_UNIT;
-+ case EQUAL_TO:
-+ return CBK_COORD_FOUND;
-+ case GREATER_THAN:
-+ return CBK_COORD_NOTFOUND;
-+ }
-+}
-+
-+/* return body of internal item at @coord */
-+static internal_item_layout *internal_at(const coord_t * coord /* coord of
-+ * item */ )
-+{
-+ assert("nikita-607", coord != NULL);
-+ assert("nikita-1650",
-+ item_plugin_by_coord(coord) ==
-+ item_plugin_by_id(NODE_POINTER_ID));
-+ return (internal_item_layout *) item_body_by_coord(coord);
-+}
-+
-+void update_internal(const coord_t * coord, const reiser4_block_nr * blocknr)
-+{
-+ internal_item_layout *item = internal_at(coord);
-+ assert("nikita-2959", reiser4_blocknr_is_sane(blocknr));
-+
-+ put_unaligned(cpu_to_le64(*blocknr), &item->pointer);
-+}
-+
-+/* return child block number stored in the internal item at @coord */
-+static reiser4_block_nr pointer_at(const coord_t * coord /* coord of item */ )
-+{
-+ assert("nikita-608", coord != NULL);
-+ return le64_to_cpu(get_unaligned(&internal_at(coord)->pointer));
-+}
-+
-+/* get znode pointed to by internal @item */
-+static znode *znode_at(const coord_t * item /* coord of item */ ,
-+ znode * parent /* parent node */ )
-+{
-+ return child_znode(item, parent, 1, 0);
-+}
-+
-+/* store pointer from internal item into "block". Implementation of
-+ ->down_link() method */
-+void down_link_internal(const coord_t * coord /* coord of item */ ,
-+ const reiser4_key * key UNUSED_ARG /* key to get
-+ * pointer for */ ,
-+ reiser4_block_nr * block /* resulting block number */ )
-+{
-+ ON_DEBUG(reiser4_key item_key);
-+
-+ assert("nikita-609", coord != NULL);
-+ assert("nikita-611", block != NULL);
-+ assert("nikita-612", (key == NULL) ||
-+ /* twig horrors */
-+ (znode_get_level(coord->node) == TWIG_LEVEL)
-+ || keyle(item_key_by_coord(coord, &item_key), key));
-+
-+ *block = pointer_at(coord);
-+ assert("nikita-2960", reiser4_blocknr_is_sane(block));
-+}
-+
-+/* Get the child's block number, or 0 if the block is unallocated. */
-+int
-+utmost_child_real_block_internal(const coord_t * coord, sideof side UNUSED_ARG,
-+ reiser4_block_nr * block)
-+{
-+ assert("jmacd-2059", coord != NULL);
-+
-+ *block = pointer_at(coord);
-+ assert("nikita-2961", reiser4_blocknr_is_sane(block));
-+
-+ if (blocknr_is_fake(block)) {
-+ *block = 0;
-+ }
-+
-+ return 0;
-+}
-+
-+/* Return the child. */
-+int
-+utmost_child_internal(const coord_t * coord, sideof side UNUSED_ARG,
-+ jnode ** childp)
-+{
-+ reiser4_block_nr block = pointer_at(coord);
-+ znode *child;
-+
-+ assert("jmacd-2059", childp != NULL);
-+ assert("nikita-2962", reiser4_blocknr_is_sane(&block));
-+
-+ child = zlook(znode_get_tree(coord->node), &block);
-+
-+ if (IS_ERR(child)) {
-+ return PTR_ERR(child);
-+ }
-+
-+ *childp = ZJNODE(child);
-+
-+ return 0;
-+}
-+
-+static void check_link(znode * left, znode * right)
-+{
-+ znode *scan;
-+
-+ for (scan = left; scan != right; scan = scan->right) {
-+ if (ZF_ISSET(scan, JNODE_RIP))
-+ break;
-+ if (znode_is_right_connected(scan) && scan->right != NULL) {
-+ if (ZF_ISSET(scan->right, JNODE_RIP))
-+ break;
-+ assert("nikita-3285",
-+ znode_is_left_connected(scan->right));
-+ assert("nikita-3265",
-+ ergo(scan != left,
-+ ZF_ISSET(scan, JNODE_HEARD_BANSHEE)));
-+ assert("nikita-3284", scan->right->left == scan);
-+ } else
-+ break;
-+ }
-+}
-+
-+int check__internal(const coord_t * coord, const char **error)
-+{
-+ reiser4_block_nr blk;
-+ znode *child;
-+ coord_t cpy;
-+
-+ blk = pointer_at(coord);
-+ if (!reiser4_blocknr_is_sane(&blk)) {
-+ *error = "Invalid pointer";
-+ return -1;
-+ }
-+ coord_dup(&cpy, coord);
-+ child = znode_at(&cpy, cpy.node);
-+ if (child != NULL) {
-+ znode *left_child;
-+ znode *right_child;
-+
-+ left_child = right_child = NULL;
-+
-+ assert("nikita-3256", znode_invariant(child));
-+ if (coord_prev_item(&cpy) == 0 && item_is_internal(&cpy)) {
-+ left_child = znode_at(&cpy, cpy.node);
-+ if (left_child != NULL) {
-+ read_lock_tree(znode_get_tree(child));
-+ check_link(left_child, child);
-+ read_unlock_tree(znode_get_tree(child));
-+ zput(left_child);
-+ }
-+ }
-+ coord_dup(&cpy, coord);
-+ if (coord_next_item(&cpy) == 0 && item_is_internal(&cpy)) {
-+ right_child = znode_at(&cpy, cpy.node);
-+ if (right_child != NULL) {
-+ read_lock_tree(znode_get_tree(child));
-+ check_link(child, right_child);
-+ read_unlock_tree(znode_get_tree(child));
-+ zput(right_child);
-+ }
-+ }
-+ zput(child);
-+ }
-+ return 0;
-+}
-+
-+/* return true only if this item really points to "block" */
-+/* Audited by: green(2002.06.14) */
-+int has_pointer_to_internal(const coord_t * coord /* coord of item */ ,
-+ const reiser4_block_nr * block /* block number to
-+ * check */ )
-+{
-+ assert("nikita-613", coord != NULL);
-+ assert("nikita-614", block != NULL);
-+
-+ return pointer_at(coord) == *block;
-+}
-+
-+/* hook called by ->create_item() method of node plugin after new internal
-+ item was just created.
-+
-+ This is point where pointer to new node is inserted into tree. Initialize
-+ parent pointer in child znode, insert child into sibling list and slum.
-+
-+*/
-+int create_hook_internal(const coord_t * item /* coord of item */ ,
-+ void *arg /* child's left neighbor, if any */ )
-+{
-+ znode *child;
-+ __u64 child_ptr;
-+
-+ assert("nikita-1252", item != NULL);
-+ assert("nikita-1253", item->node != NULL);
-+ assert("nikita-1181", znode_get_level(item->node) > LEAF_LEVEL);
-+ assert("nikita-1450", item->unit_pos == 0);
-+
-+ /*
-+ * preparing to item insertion build_child_ptr_data sets pointer to
-+ * data to be inserted to jnode's blocknr which is in cpu byte
-+ * order. Node's create_item simply copied those data. As result we
-+ * have child pointer in cpu's byte order. Convert content of internal
-+ * item to little endian byte order.
-+ */
-+ child_ptr = get_unaligned((__u64 *)item_body_by_coord(item));
-+ update_internal(item, &child_ptr);
-+
-+ child = znode_at(item, item->node);
-+ if (child != NULL && !IS_ERR(child)) {
-+ znode *left;
-+ int result = 0;
-+ reiser4_tree *tree;
-+
-+ left = arg;
-+ tree = znode_get_tree(item->node);
-+ write_lock_tree(tree);
-+ write_lock_dk(tree);
-+ assert("nikita-1400", (child->in_parent.node == NULL)
-+ || (znode_above_root(child->in_parent.node)));
-+ ++item->node->c_count;
-+ coord_to_parent_coord(item, &child->in_parent);
-+ sibling_list_insert_nolock(child, left);
-+
-+ assert("nikita-3297", ZF_ISSET(child, JNODE_ORPHAN));
-+ ZF_CLR(child, JNODE_ORPHAN);
-+
-+ if ((left != NULL) && !keyeq(znode_get_rd_key(left),
-+ znode_get_rd_key(child))) {
-+ znode_set_rd_key(child, znode_get_rd_key(left));
-+ }
-+ write_unlock_dk(tree);
-+ write_unlock_tree(tree);
-+ zput(child);
-+ return result;
-+ } else {
-+ if (child == NULL)
-+ child = ERR_PTR(-EIO);
-+ return PTR_ERR(child);
-+ }
-+}
-+
-+/* hook called by ->cut_and_kill() method of node plugin just before internal
-+ item is removed.
-+
-+ This is point where empty node is removed from the tree. Clear parent
-+ pointer in child, and mark node for pending deletion.
-+
-+ Node will be actually deleted later and in several installations:
-+
-+ . when last lock on this node will be released, node will be removed from
-+ the sibling list and its lock will be invalidated
-+
-+ . when last reference to this node will be dropped, bitmap will be updated
-+ and node will be actually removed from the memory.
-+
-+
-+*/
-+int kill_hook_internal(const coord_t * item /* coord of item */ ,
-+ pos_in_node_t from UNUSED_ARG /* start unit */ ,
-+ pos_in_node_t count UNUSED_ARG /* stop unit */ ,
-+ struct carry_kill_data *p UNUSED_ARG)
-+{
-+ znode *child;
-+
-+ assert("nikita-1222", item != NULL);
-+ assert("nikita-1224", from == 0);
-+ assert("nikita-1225", count == 1);
-+
-+ child = znode_at(item, item->node);
-+ if (IS_ERR(child))
-+ return PTR_ERR(child);
-+ else if (node_is_empty(child)) {
-+ reiser4_tree *tree;
-+
-+ assert("nikita-1397", znode_is_write_locked(child));
-+ assert("nikita-1398", child->c_count == 0);
-+ assert("nikita-2546", ZF_ISSET(child, JNODE_HEARD_BANSHEE));
-+
-+ tree = znode_get_tree(item->node);
-+ write_lock_tree(tree);
-+ init_parent_coord(&child->in_parent, NULL);
-+ --item->node->c_count;
-+ write_unlock_tree(tree);
-+ zput(child);
-+ return 0;
-+ } else {
-+ warning("nikita-1223",
-+ "Cowardly refuse to remove link to non-empty node");
-+ zput(child);
-+ return RETERR(-EIO);
-+ }
-+}
-+
-+/* hook called by ->shift() node plugin method when iternal item was just
-+ moved from one node to another.
-+
-+ Update parent pointer in child and c_counts in old and new parent
-+
-+*/
-+int shift_hook_internal(const coord_t * item /* coord of item */ ,
-+ unsigned from UNUSED_ARG /* start unit */ ,
-+ unsigned count UNUSED_ARG /* stop unit */ ,
-+ znode * old_node /* old parent */ )
-+{
-+ znode *child;
-+ znode *new_node;
-+ reiser4_tree *tree;
-+
-+ assert("nikita-1276", item != NULL);
-+ assert("nikita-1277", from == 0);
-+ assert("nikita-1278", count == 1);
-+ assert("nikita-1451", item->unit_pos == 0);
-+
-+ new_node = item->node;
-+ assert("nikita-2132", new_node != old_node);
-+ tree = znode_get_tree(item->node);
-+ child = child_znode(item, old_node, 1, 0);
-+ if (child == NULL)
-+ return 0;
-+ if (!IS_ERR(child)) {
-+ write_lock_tree(tree);
-+ ++new_node->c_count;
-+ assert("nikita-1395", znode_parent(child) == old_node);
-+ assert("nikita-1396", old_node->c_count > 0);
-+ coord_to_parent_coord(item, &child->in_parent);
-+ assert("nikita-1781", znode_parent(child) == new_node);
-+ assert("nikita-1782",
-+ check_tree_pointer(item, child) == NS_FOUND);
-+ --old_node->c_count;
-+ write_unlock_tree(tree);
-+ zput(child);
-+ return 0;
-+ } else
-+ return PTR_ERR(child);
-+}
-+
-+/* plugin->u.item.b.max_key_inside - not defined */
-+
-+/* plugin->u.item.b.nr_units - item.c:single_unit */
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/item/internal.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/item/internal.h
-@@ -0,0 +1,57 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+/* Internal item contains down-link to the child of the internal/twig
-+ node in a tree. It is internal items that are actually used during
-+ tree traversal. */
-+
-+#if !defined( __FS_REISER4_PLUGIN_ITEM_INTERNAL_H__ )
-+#define __FS_REISER4_PLUGIN_ITEM_INTERNAL_H__
-+
-+#include "../../forward.h"
-+#include "../../dformat.h"
-+
-+/* on-disk layout of internal item */
-+typedef struct internal_item_layout {
-+ /* 0 */ reiser4_dblock_nr pointer;
-+ /* 4 */
-+} internal_item_layout;
-+
-+struct cut_list;
-+
-+int mergeable_internal(const coord_t * p1, const coord_t * p2);
-+lookup_result lookup_internal(const reiser4_key * key, lookup_bias bias,
-+ coord_t * coord);
-+/* store pointer from internal item into "block". Implementation of
-+ ->down_link() method */
-+extern void down_link_internal(const coord_t * coord, const reiser4_key * key,
-+ reiser4_block_nr * block);
-+extern int has_pointer_to_internal(const coord_t * coord,
-+ const reiser4_block_nr * block);
-+extern int create_hook_internal(const coord_t * item, void *arg);
-+extern int kill_hook_internal(const coord_t * item, pos_in_node_t from,
-+ pos_in_node_t count, struct carry_kill_data *);
-+extern int shift_hook_internal(const coord_t * item, unsigned from,
-+ unsigned count, znode * old_node);
-+extern void print_internal(const char *prefix, coord_t * coord);
-+
-+extern int utmost_child_internal(const coord_t * coord, sideof side,
-+ jnode ** child);
-+int utmost_child_real_block_internal(const coord_t * coord, sideof side,
-+ reiser4_block_nr * block);
-+
-+extern void update_internal(const coord_t * coord,
-+ const reiser4_block_nr * blocknr);
-+/* FIXME: reiserfs has check_internal */
-+extern int check__internal(const coord_t * coord, const char **error);
-+
-+/* __FS_REISER4_PLUGIN_ITEM_INTERNAL_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/item/item.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/item/item.c
-@@ -0,0 +1,727 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* definition of item plugins. */
-+
-+#include "../../forward.h"
-+#include "../../debug.h"
-+#include "../../key.h"
-+#include "../../coord.h"
-+#include "../plugin_header.h"
-+#include "sde.h"
-+#include "internal.h"
-+#include "item.h"
-+#include "static_stat.h"
-+#include "../plugin.h"
-+#include "../../znode.h"
-+#include "../../tree.h"
-+#include "../../context.h"
-+#include "ctail.h"
-+
-+/* return pointer to item body */
-+void item_body_by_coord_hard(coord_t * coord /* coord to query */ )
-+{
-+ assert("nikita-324", coord != NULL);
-+ assert("nikita-325", coord->node != NULL);
-+ assert("nikita-326", znode_is_loaded(coord->node));
-+ assert("nikita-3200", coord->offset == INVALID_OFFSET);
-+
-+ coord->offset =
-+ node_plugin_by_node(coord->node)->item_by_coord(coord) -
-+ zdata(coord->node);
-+ ON_DEBUG(coord->body_v = coord->node->times_locked);
-+}
-+
-+void *item_body_by_coord_easy(const coord_t * coord /* coord to query */ )
-+{
-+ return zdata(coord->node) + coord->offset;
-+}
-+
-+#if REISER4_DEBUG
-+
-+int item_body_is_valid(const coord_t * coord)
-+{
-+ return
-+ coord->offset ==
-+ node_plugin_by_node(coord->node)->item_by_coord(coord) -
-+ zdata(coord->node);
-+}
-+
-+#endif
-+
-+/* return length of item at @coord */
-+pos_in_node_t item_length_by_coord(const coord_t * coord /* coord to query */ )
-+{
-+ int len;
-+
-+ assert("nikita-327", coord != NULL);
-+ assert("nikita-328", coord->node != NULL);
-+ assert("nikita-329", znode_is_loaded(coord->node));
-+
-+ len = node_plugin_by_node(coord->node)->length_by_coord(coord);
-+ return len;
-+}
-+
-+void obtain_item_plugin(const coord_t * coord)
-+{
-+ assert("nikita-330", coord != NULL);
-+ assert("nikita-331", coord->node != NULL);
-+ assert("nikita-332", znode_is_loaded(coord->node));
-+
-+ coord_set_iplug((coord_t *) coord,
-+ node_plugin_by_node(coord->node)->
-+ plugin_by_coord(coord));
-+ assert("nikita-2479",
-+ coord_iplug(coord) ==
-+ node_plugin_by_node(coord->node)->plugin_by_coord(coord));
-+}
-+
-+/* return type of item at @coord */
-+item_type_id item_type_by_coord(const coord_t * coord /* coord to query */ )
-+{
-+ assert("nikita-333", coord != NULL);
-+ assert("nikita-334", coord->node != NULL);
-+ assert("nikita-335", znode_is_loaded(coord->node));
-+ assert("nikita-336", item_plugin_by_coord(coord) != NULL);
-+
-+ return item_plugin_by_coord(coord)->b.item_type;
-+}
-+
-+/* return id of item */
-+/* Audited by: green(2002.06.15) */
-+item_id item_id_by_coord(const coord_t * coord /* coord to query */ )
-+{
-+ assert("vs-539", coord != NULL);
-+ assert("vs-538", coord->node != NULL);
-+ assert("vs-537", znode_is_loaded(coord->node));
-+ assert("vs-536", item_plugin_by_coord(coord) != NULL);
-+ assert("vs-540",
-+ item_id_by_plugin(item_plugin_by_coord(coord)) < LAST_ITEM_ID);
-+
-+ return item_id_by_plugin(item_plugin_by_coord(coord));
-+}
-+
-+/* return key of item at @coord */
-+/* Audited by: green(2002.06.15) */
-+reiser4_key *item_key_by_coord(const coord_t * coord /* coord to query */ ,
-+ reiser4_key * key /* result */ )
-+{
-+ assert("nikita-338", coord != NULL);
-+ assert("nikita-339", coord->node != NULL);
-+ assert("nikita-340", znode_is_loaded(coord->node));
-+
-+ return node_plugin_by_node(coord->node)->key_at(coord, key);
-+}
-+
-+/* this returns max key in the item */
-+reiser4_key *max_item_key_by_coord(const coord_t * coord /* coord to query */ ,
-+ reiser4_key * key /* result */ )
-+{
-+ coord_t last;
-+
-+ assert("nikita-338", coord != NULL);
-+ assert("nikita-339", coord->node != NULL);
-+ assert("nikita-340", znode_is_loaded(coord->node));
-+
-+ /* make coord pointing to last item's unit */
-+ coord_dup(&last, coord);
-+ last.unit_pos = coord_num_units(&last) - 1;
-+ assert("vs-1560", coord_is_existing_unit(&last));
-+
-+ max_unit_key_by_coord(&last, key);
-+ return key;
-+}
-+
-+/* return key of unit at @coord */
-+reiser4_key *unit_key_by_coord(const coord_t * coord /* coord to query */ ,
-+ reiser4_key * key /* result */ )
-+{
-+ assert("nikita-772", coord != NULL);
-+ assert("nikita-774", coord->node != NULL);
-+ assert("nikita-775", znode_is_loaded(coord->node));
-+
-+ if (item_plugin_by_coord(coord)->b.unit_key != NULL)
-+ return item_plugin_by_coord(coord)->b.unit_key(coord, key);
-+ else
-+ return item_key_by_coord(coord, key);
-+}
-+
-+/* return the biggest key contained the unit @coord */
-+reiser4_key *max_unit_key_by_coord(const coord_t * coord /* coord to query */ ,
-+ reiser4_key * key /* result */ )
-+{
-+ assert("nikita-772", coord != NULL);
-+ assert("nikita-774", coord->node != NULL);
-+ assert("nikita-775", znode_is_loaded(coord->node));
-+
-+ if (item_plugin_by_coord(coord)->b.max_unit_key != NULL)
-+ return item_plugin_by_coord(coord)->b.max_unit_key(coord, key);
-+ else
-+ return unit_key_by_coord(coord, key);
-+}
-+
-+/* ->max_key_inside() method for items consisting of exactly one key (like
-+ stat-data) */
-+static reiser4_key *max_key_inside_single_key(const coord_t *
-+ coord /* coord of item */ ,
-+ reiser4_key *
-+ result /* resulting key */ )
-+{
-+ assert("nikita-604", coord != NULL);
-+
-+ /* coord -> key is starting key of this item and it has to be already
-+ filled in */
-+ return unit_key_by_coord(coord, result);
-+}
-+
-+/* ->nr_units() method for items consisting of exactly one unit always */
-+static pos_in_node_t
-+nr_units_single_unit(const coord_t * coord UNUSED_ARG /* coord of item */ )
-+{
-+ return 1;
-+}
-+
-+static int
-+paste_no_paste(coord_t * coord UNUSED_ARG,
-+ reiser4_item_data * data UNUSED_ARG,
-+ carry_plugin_info * info UNUSED_ARG)
-+{
-+ return 0;
-+}
-+
-+/* default ->fast_paste() method */
-+static int
-+agree_to_fast_op(const coord_t * coord UNUSED_ARG /* coord of item */ )
-+{
-+ return 1;
-+}
-+
-+int item_can_contain_key(const coord_t * item /* coord of item */ ,
-+ const reiser4_key * key /* key to check */ ,
-+ const reiser4_item_data * data /* parameters of item
-+ * being created */ )
-+{
-+ item_plugin *iplug;
-+ reiser4_key min_key_in_item;
-+ reiser4_key max_key_in_item;
-+
-+ assert("nikita-1658", item != NULL);
-+ assert("nikita-1659", key != NULL);
-+
-+ iplug = item_plugin_by_coord(item);
-+ if (iplug->b.can_contain_key != NULL)
-+ return iplug->b.can_contain_key(item, key, data);
-+ else {
-+ assert("nikita-1681", iplug->b.max_key_inside != NULL);
-+ item_key_by_coord(item, &min_key_in_item);
-+ iplug->b.max_key_inside(item, &max_key_in_item);
-+
-+ /* can contain key if
-+ min_key_in_item <= key &&
-+ key <= max_key_in_item
-+ */
-+ return keyle(&min_key_in_item, key)
-+ && keyle(key, &max_key_in_item);
-+ }
-+}
-+
-+/* mergeable method for non mergeable items */
-+static int
-+not_mergeable(const coord_t * i1 UNUSED_ARG, const coord_t * i2 UNUSED_ARG)
-+{
-+ return 0;
-+}
-+
-+/* return 0 if @item1 and @item2 are not mergeable, !0 - otherwise */
-+int are_items_mergeable(const coord_t * i1 /* coord of first item */ ,
-+ const coord_t * i2 /* coord of second item */ )
-+{
-+ item_plugin *iplug;
-+ reiser4_key k1;
-+ reiser4_key k2;
-+
-+ assert("nikita-1336", i1 != NULL);
-+ assert("nikita-1337", i2 != NULL);
-+
-+ iplug = item_plugin_by_coord(i1);
-+ assert("nikita-1338", iplug != NULL);
-+
-+ /* NOTE-NIKITA are_items_mergeable() is also called by assertions in
-+ shifting code when nodes are in "suspended" state. */
-+ assert("nikita-1663",
-+ keyle(item_key_by_coord(i1, &k1), item_key_by_coord(i2, &k2)));
-+
-+ if (iplug->b.mergeable != NULL) {
-+ return iplug->b.mergeable(i1, i2);
-+ } else if (iplug->b.max_key_inside != NULL) {
-+ iplug->b.max_key_inside(i1, &k1);
-+ item_key_by_coord(i2, &k2);
-+
-+ /* mergeable if ->max_key_inside() >= key of i2; */
-+ return keyge(iplug->b.max_key_inside(i1, &k1),
-+ item_key_by_coord(i2, &k2));
-+ } else {
-+ item_key_by_coord(i1, &k1);
-+ item_key_by_coord(i2, &k2);
-+
-+ return
-+ (get_key_locality(&k1) == get_key_locality(&k2)) &&
-+ (get_key_objectid(&k1) == get_key_objectid(&k2))
-+ && (iplug == item_plugin_by_coord(i2));
-+ }
-+}
-+
-+int item_is_extent(const coord_t * item)
-+{
-+ assert("vs-482", coord_is_existing_item(item));
-+ return item_id_by_coord(item) == EXTENT_POINTER_ID;
-+}
-+
-+int item_is_tail(const coord_t * item)
-+{
-+ assert("vs-482", coord_is_existing_item(item));
-+ return item_id_by_coord(item) == FORMATTING_ID;
-+}
-+
-+int item_is_statdata(const coord_t * item)
-+{
-+ assert("vs-516", coord_is_existing_item(item));
-+ return item_type_by_coord(item) == STAT_DATA_ITEM_TYPE;
-+}
-+
-+int item_is_ctail(const coord_t * item)
-+{
-+ assert("edward-xx", coord_is_existing_item(item));
-+ return item_id_by_coord(item) == CTAIL_ID;
-+}
-+
-+static int change_item(struct inode *inode, reiser4_plugin * plugin)
-+{
-+ /* cannot change constituent item (sd, or dir_item) */
-+ return RETERR(-EINVAL);
-+}
-+
-+static reiser4_plugin_ops item_plugin_ops = {
-+ .init = NULL,
-+ .load = NULL,
-+ .save_len = NULL,
-+ .save = NULL,
-+ .change = change_item
-+};
-+
-+item_plugin item_plugins[LAST_ITEM_ID] = {
-+ [STATIC_STAT_DATA_ID] = {
-+ .h = {
-+ .type_id = REISER4_ITEM_PLUGIN_TYPE,
-+ .id = STATIC_STAT_DATA_ID,
-+ .pops = &item_plugin_ops,
-+ .label = "sd",
-+ .desc = "stat-data",
-+ .linkage = {NULL, NULL}
-+ },
-+ .b = {
-+ .item_type = STAT_DATA_ITEM_TYPE,
-+ .max_key_inside = max_key_inside_single_key,
-+ .can_contain_key = NULL,
-+ .mergeable = not_mergeable,
-+ .nr_units = nr_units_single_unit,
-+ .lookup = NULL,
-+ .init = NULL,
-+ .paste = paste_no_paste,
-+ .fast_paste = NULL,
-+ .can_shift = NULL,
-+ .copy_units = NULL,
-+ .create_hook = NULL,
-+ .kill_hook = NULL,
-+ .shift_hook = NULL,
-+ .cut_units = NULL,
-+ .kill_units = NULL,
-+ .unit_key = NULL,
-+ .max_unit_key = NULL,
-+ .estimate = NULL,
-+ .item_data_by_flow = NULL,
-+#if REISER4_DEBUG
-+ .check = NULL
-+#endif
-+ },
-+ .f = {
-+ .utmost_child = NULL,
-+ .utmost_child_real_block = NULL,
-+ .update = NULL,
-+ .scan = NULL,
-+ .convert = NULL
-+ },
-+ .s = {
-+ .sd = {
-+ .init_inode = init_inode_static_sd,
-+ .save_len = save_len_static_sd,
-+ .save = save_static_sd
-+ }
-+ }
-+ },
-+ [SIMPLE_DIR_ENTRY_ID] = {
-+ .h = {
-+ .type_id = REISER4_ITEM_PLUGIN_TYPE,
-+ .id = SIMPLE_DIR_ENTRY_ID,
-+ .pops = &item_plugin_ops,
-+ .label = "de",
-+ .desc = "directory entry",
-+ .linkage = {NULL, NULL}
-+ },
-+ .b = {
-+ .item_type = DIR_ENTRY_ITEM_TYPE,
-+ .max_key_inside = max_key_inside_single_key,
-+ .can_contain_key = NULL,
-+ .mergeable = NULL,
-+ .nr_units = nr_units_single_unit,
-+ .lookup = NULL,
-+ .init = NULL,
-+ .paste = NULL,
-+ .fast_paste = NULL,
-+ .can_shift = NULL,
-+ .copy_units = NULL,
-+ .create_hook = NULL,
-+ .kill_hook = NULL,
-+ .shift_hook = NULL,
-+ .cut_units = NULL,
-+ .kill_units = NULL,
-+ .unit_key = NULL,
-+ .max_unit_key = NULL,
-+ .estimate = NULL,
-+ .item_data_by_flow = NULL,
-+#if REISER4_DEBUG
-+ .check = NULL
-+#endif
-+ },
-+ .f = {
-+ .utmost_child = NULL,
-+ .utmost_child_real_block = NULL,
-+ .update = NULL,
-+ .scan = NULL,
-+ .convert = NULL
-+ },
-+ .s = {
-+ .dir = {
-+ .extract_key = extract_key_de,
-+ .update_key = update_key_de,
-+ .extract_name = extract_name_de,
-+ .extract_file_type = extract_file_type_de,
-+ .add_entry = add_entry_de,
-+ .rem_entry = rem_entry_de,
-+ .max_name_len = max_name_len_de
-+ }
-+ }
-+ },
-+ [COMPOUND_DIR_ID] = {
-+ .h = {
-+ .type_id = REISER4_ITEM_PLUGIN_TYPE,
-+ .id = COMPOUND_DIR_ID,
-+ .pops = &item_plugin_ops,
-+ .label = "cde",
-+ .desc = "compressed directory entry",
-+ .linkage = {NULL, NULL}
-+ },
-+ .b = {
-+ .item_type = DIR_ENTRY_ITEM_TYPE,
-+ .max_key_inside = max_key_inside_cde,
-+ .can_contain_key = can_contain_key_cde,
-+ .mergeable = mergeable_cde,
-+ .nr_units = nr_units_cde,
-+ .lookup = lookup_cde,
-+ .init = init_cde,
-+ .paste = paste_cde,
-+ .fast_paste = agree_to_fast_op,
-+ .can_shift = can_shift_cde,
-+ .copy_units = copy_units_cde,
-+ .create_hook = NULL,
-+ .kill_hook = NULL,
-+ .shift_hook = NULL,
-+ .cut_units = cut_units_cde,
-+ .kill_units = kill_units_cde,
-+ .unit_key = unit_key_cde,
-+ .max_unit_key = unit_key_cde,
-+ .estimate = estimate_cde,
-+ .item_data_by_flow = NULL,
-+#if REISER4_DEBUG
-+ .check = check_cde
-+#endif
-+ },
-+ .f = {
-+ .utmost_child = NULL,
-+ .utmost_child_real_block = NULL,
-+ .update = NULL,
-+ .scan = NULL,
-+ .convert = NULL
-+ },
-+ .s = {
-+ .dir = {
-+ .extract_key = extract_key_cde,
-+ .update_key = update_key_cde,
-+ .extract_name = extract_name_cde,
-+ .extract_file_type = extract_file_type_de,
-+ .add_entry = add_entry_cde,
-+ .rem_entry = rem_entry_cde,
-+ .max_name_len = max_name_len_cde
-+ }
-+ }
-+ },
-+ [NODE_POINTER_ID] = {
-+ .h = {
-+ .type_id = REISER4_ITEM_PLUGIN_TYPE,
-+ .id = NODE_POINTER_ID,
-+ .pops = NULL,
-+ .label = "internal",
-+ .desc = "internal item",
-+ .linkage = {NULL, NULL}
-+ },
-+ .b = {
-+ .item_type = INTERNAL_ITEM_TYPE,
-+ .max_key_inside = NULL,
-+ .can_contain_key = NULL,
-+ .mergeable = mergeable_internal,
-+ .nr_units = nr_units_single_unit,
-+ .lookup = lookup_internal,
-+ .init = NULL,
-+ .paste = NULL,
-+ .fast_paste = NULL,
-+ .can_shift = NULL,
-+ .copy_units = NULL,
-+ .create_hook = create_hook_internal,
-+ .kill_hook = kill_hook_internal,
-+ .shift_hook = shift_hook_internal,
-+ .cut_units = NULL,
-+ .kill_units = NULL,
-+ .unit_key = NULL,
-+ .max_unit_key = NULL,
-+ .estimate = NULL,
-+ .item_data_by_flow = NULL,
-+#if REISER4_DEBUG
-+ .check = check__internal
-+#endif
-+ },
-+ .f = {
-+ .utmost_child = utmost_child_internal,
-+ .utmost_child_real_block =
-+ utmost_child_real_block_internal,
-+ .update = update_internal,
-+ .scan = NULL,
-+ .convert = NULL
-+ },
-+ .s = {
-+ .internal = {
-+ .down_link = down_link_internal,
-+ .has_pointer_to = has_pointer_to_internal
-+ }
-+ }
-+ },
-+ [EXTENT_POINTER_ID] = {
-+ .h = {
-+ .type_id = REISER4_ITEM_PLUGIN_TYPE,
-+ .id = EXTENT_POINTER_ID,
-+ .pops = NULL,
-+ .label = "extent",
-+ .desc = "extent item",
-+ .linkage = {NULL, NULL}
-+ },
-+ .b = {
-+ .item_type = UNIX_FILE_METADATA_ITEM_TYPE,
-+ .max_key_inside = max_key_inside_extent,
-+ .can_contain_key = can_contain_key_extent,
-+ .mergeable = mergeable_extent,
-+ .nr_units = nr_units_extent,
-+ .lookup = lookup_extent,
-+ .init = NULL,
-+ .paste = paste_extent,
-+ .fast_paste = agree_to_fast_op,
-+ .can_shift = can_shift_extent,
-+ .create_hook = create_hook_extent,
-+ .copy_units = copy_units_extent,
-+ .kill_hook = kill_hook_extent,
-+ .shift_hook = NULL,
-+ .cut_units = cut_units_extent,
-+ .kill_units = kill_units_extent,
-+ .unit_key = unit_key_extent,
-+ .max_unit_key = max_unit_key_extent,
-+ .estimate = NULL,
-+ .item_data_by_flow = NULL,
-+#if REISER4_DEBUG
-+ .check = check_extent
-+#endif
-+ },
-+ .f = {
-+ .utmost_child = utmost_child_extent,
-+ .utmost_child_real_block =
-+ utmost_child_real_block_extent,
-+ .update = NULL,
-+ .scan = scan_extent,
-+ .convert = NULL,
-+ .key_by_offset = key_by_offset_extent
-+ },
-+ .s = {
-+ .file = {
-+ .write = write_extent,
-+ .read = read_extent,
-+ .readpage = readpage_extent,
-+ .get_block = get_block_address_extent,
-+ .readpages = readpages_extent,
-+ .append_key = append_key_extent,
-+ .init_coord_extension =
-+ init_coord_extension_extent
-+ }
-+ }
-+ },
-+ [FORMATTING_ID] = {
-+ .h = {
-+ .type_id = REISER4_ITEM_PLUGIN_TYPE,
-+ .id = FORMATTING_ID,
-+ .pops = NULL,
-+ .label = "body",
-+ .desc = "body (or tail?) item",
-+ .linkage = {NULL, NULL}
-+ },
-+ .b = {
-+ .item_type = UNIX_FILE_METADATA_ITEM_TYPE,
-+ .max_key_inside = max_key_inside_tail,
-+ .can_contain_key = can_contain_key_tail,
-+ .mergeable = mergeable_tail,
-+ .nr_units = nr_units_tail,
-+ .lookup = lookup_tail,
-+ .init = NULL,
-+ .paste = paste_tail,
-+ .fast_paste = agree_to_fast_op,
-+ .can_shift = can_shift_tail,
-+ .create_hook = NULL,
-+ .copy_units = copy_units_tail,
-+ .kill_hook = kill_hook_tail,
-+ .shift_hook = NULL,
-+ .cut_units = cut_units_tail,
-+ .kill_units = kill_units_tail,
-+ .unit_key = unit_key_tail,
-+ .max_unit_key = unit_key_tail,
-+ .estimate = NULL,
-+ .item_data_by_flow = NULL,
-+#if REISER4_DEBUG
-+ .check = NULL
-+#endif
-+ },
-+ .f = {
-+ .utmost_child = NULL,
-+ .utmost_child_real_block = NULL,
-+ .update = NULL,
-+ .scan = NULL,
-+ .convert = NULL
-+ },
-+ .s = {
-+ .file = {
-+ .write = write_tail,
-+ .read = read_tail,
-+ .readpage = readpage_tail,
-+ .get_block = NULL,
-+ .readpages = NULL,
-+ .append_key = append_key_tail,
-+ .init_coord_extension =
-+ init_coord_extension_tail
-+ }
-+ }
-+ },
-+ [CTAIL_ID] = {
-+ .h = {
-+ .type_id = REISER4_ITEM_PLUGIN_TYPE,
-+ .id = CTAIL_ID,
-+ .pops = NULL,
-+ .label = "ctail",
-+ .desc = "cryptcompress tail item",
-+ .linkage = {NULL, NULL}
-+ },
-+ .b = {
-+ .item_type = UNIX_FILE_METADATA_ITEM_TYPE,
-+ .max_key_inside = max_key_inside_tail,
-+ .can_contain_key = can_contain_key_ctail,
-+ .mergeable = mergeable_ctail,
-+ .nr_units = nr_units_ctail,
-+ .lookup = NULL,
-+ .init = init_ctail,
-+ .paste = paste_ctail,
-+ .fast_paste = agree_to_fast_op,
-+ .can_shift = can_shift_ctail,
-+ .create_hook = create_hook_ctail,
-+ .copy_units = copy_units_ctail,
-+ .kill_hook = kill_hook_ctail,
-+ .shift_hook = shift_hook_ctail,
-+ .cut_units = cut_units_ctail,
-+ .kill_units = kill_units_ctail,
-+ .unit_key = unit_key_tail,
-+ .max_unit_key = unit_key_tail,
-+ .estimate = estimate_ctail,
-+ .item_data_by_flow = NULL,
-+#if REISER4_DEBUG
-+ .check = check_ctail
-+#endif
-+ },
-+ .f = {
-+ .utmost_child = utmost_child_ctail,
-+ /* FIXME-EDWARD: write this */
-+ .utmost_child_real_block = NULL,
-+ .update = NULL,
-+ .scan = scan_ctail,
-+ .convert = convert_ctail
-+ },
-+ .s = {
-+ .file = {
-+ .write = NULL,
-+ .read = read_ctail,
-+ .readpage = readpage_ctail,
-+ .get_block = get_block_address_tail,
-+ .readpages = readpages_ctail,
-+ .append_key = append_key_ctail,
-+ .init_coord_extension =
-+ init_coord_extension_tail
-+ }
-+ }
-+ },
-+ [BLACK_BOX_ID] = {
-+ .h = {
-+ .type_id = REISER4_ITEM_PLUGIN_TYPE,
-+ .id = BLACK_BOX_ID,
-+ .pops = NULL,
-+ .label = "blackbox",
-+ .desc = "black box item",
-+ .linkage = {NULL, NULL}
-+ },
-+ .b = {
-+ .item_type = OTHER_ITEM_TYPE,
-+ .max_key_inside = NULL,
-+ .can_contain_key = NULL,
-+ .mergeable = not_mergeable,
-+ .nr_units = nr_units_single_unit,
-+ /* to need for ->lookup method */
-+ .lookup = NULL,
-+ .init = NULL,
-+ .paste = NULL,
-+ .fast_paste = NULL,
-+ .can_shift = NULL,
-+ .copy_units = NULL,
-+ .create_hook = NULL,
-+ .kill_hook = NULL,
-+ .shift_hook = NULL,
-+ .cut_units = NULL,
-+ .kill_units = NULL,
-+ .unit_key = NULL,
-+ .max_unit_key = NULL,
-+ .estimate = NULL,
-+ .item_data_by_flow = NULL,
-+#if REISER4_DEBUG
-+ .check = NULL
-+#endif
-+ }
-+ }
-+};
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/item/item.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/item/item.h
-@@ -0,0 +1,399 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* first read balance.c comments before reading this */
-+
-+/* An item_plugin implements all of the operations required for
-+ balancing that are item specific. */
-+
-+/* an item plugin also implements other operations that are specific to that
-+ item. These go into the item specific operations portion of the item
-+ handler, and all of the item specific portions of the item handler are put
-+ into a union. */
-+
-+#if !defined( __REISER4_ITEM_H__ )
-+#define __REISER4_ITEM_H__
-+
-+#include "../../forward.h"
-+#include "../plugin_header.h"
-+#include "../../dformat.h"
-+#include "../../seal.h"
-+#include "../../plugin/file/file.h"
-+
-+#include <linux/fs.h> /* for struct file, struct inode */
-+#include <linux/mm.h> /* for struct page */
-+#include <linux/dcache.h> /* for struct dentry */
-+
-+typedef enum {
-+ STAT_DATA_ITEM_TYPE,
-+ DIR_ENTRY_ITEM_TYPE,
-+ INTERNAL_ITEM_TYPE,
-+ UNIX_FILE_METADATA_ITEM_TYPE,
-+ OTHER_ITEM_TYPE
-+} item_type_id;
-+
-+/* this is the part of each item plugin that all items are expected to
-+ support or at least explicitly fail to support by setting the
-+ pointer to null. */
-+typedef struct {
-+ item_type_id item_type;
-+
-+ /* operations called by balancing
-+
-+ It is interesting to consider that some of these item
-+ operations could be given sources or targets that are not
-+ really items in nodes. This could be ok/useful.
-+
-+ */
-+ /* maximal key that can _possibly_ be occupied by this item
-+
-+ When inserting, and node ->lookup() method (called by
-+ coord_by_key()) reaches an item after binary search,
-+ the ->max_key_inside() item plugin method is used to determine
-+ whether new item should pasted into existing item
-+ (new_key<=max_key_inside()) or new item has to be created
-+ (new_key>max_key_inside()).
-+
-+ For items that occupy exactly one key (like stat-data)
-+ this method should return this key. For items that can
-+ grow indefinitely (extent, directory item) this should
-+ return max_key().
-+
-+ For example extent with the key
-+
-+ (LOCALITY,4,OBJID,STARTING-OFFSET), and length BLK blocks,
-+
-+ ->max_key_inside is (LOCALITY,4,OBJID,0xffffffffffffffff), and
-+ */
-+ reiser4_key *(*max_key_inside) (const coord_t *, reiser4_key *);
-+
-+ /* true if item @coord can merge data at @key. */
-+ int (*can_contain_key) (const coord_t *, const reiser4_key *,
-+ const reiser4_item_data *);
-+ /* mergeable() - check items for mergeability
-+
-+ Optional method. Returns true if two items can be merged.
-+
-+ */
-+ int (*mergeable) (const coord_t *, const coord_t *);
-+
-+ /* number of atomic things in an item */
-+ pos_in_node_t(*nr_units) (const coord_t *);
-+
-+ /* search within item for a unit within the item, and return a
-+ pointer to it. This can be used to calculate how many
-+ bytes to shrink an item if you use pointer arithmetic and
-+ compare to the start of the item body if the item's data
-+ are continuous in the node, if the item's data are not
-+ continuous in the node, all sorts of other things are maybe
-+ going to break as well. */
-+ lookup_result(*lookup) (const reiser4_key *, lookup_bias, coord_t *);
-+ /* method called by ode_plugin->create_item() to initialise new
-+ item */
-+ int (*init) (coord_t * target, coord_t * from,
-+ reiser4_item_data * data);
-+ /* method called (e.g., by resize_item()) to place new data into
-+ item when it grows */
-+ int (*paste) (coord_t *, reiser4_item_data *, carry_plugin_info *);
-+ /* return true if paste into @coord is allowed to skip
-+ carry. That is, if such paste would require any changes
-+ at the parent level
-+ */
-+ int (*fast_paste) (const coord_t *);
-+ /* how many but not more than @want units of @source can be
-+ shifted into @target node. If pend == append - we try to
-+ append last item of @target by first units of @source. If
-+ pend == prepend - we try to "prepend" first item in @target
-+ by last units of @source. @target node has @free_space
-+ bytes of free space. Total size of those units are returned
-+ via @size.
-+
-+ @target is not NULL if shifting to the mergeable item and
-+ NULL is new item will be created during shifting.
-+ */
-+ int (*can_shift) (unsigned free_space, coord_t *,
-+ znode *, shift_direction, unsigned *size,
-+ unsigned want);
-+
-+ /* starting off @from-th unit of item @source append or
-+ prepend @count units to @target. @target has been already
-+ expanded by @free_space bytes. That must be exactly what is
-+ needed for those items in @target. If @where_is_free_space
-+ == SHIFT_LEFT - free space is at the end of @target item,
-+ othersize - it is in the beginning of it. */
-+ void (*copy_units) (coord_t *, coord_t *,
-+ unsigned from, unsigned count,
-+ shift_direction where_is_free_space,
-+ unsigned free_space);
-+
-+ int (*create_hook) (const coord_t *, void *);
-+ /* do whatever is necessary to do when @count units starting
-+ from @from-th one are removed from the tree */
-+ /* FIXME-VS: this is used to be here for, in particular,
-+ extents and items of internal type to free blocks they point
-+ to at the same time with removing items from a
-+ tree. Problems start, however, when dealloc_block fails due
-+ to some reason. Item gets removed, but blocks it pointed to
-+ are not freed. It is not clear how to fix this for items of
-+ internal type because a need to remove internal item may
-+ appear in the middle of balancing, and there is no way to
-+ undo changes made. OTOH, if space allocator involves
-+ balancing to perform dealloc_block - this will probably
-+ break balancing due to deadlock issues
-+ */
-+ int (*kill_hook) (const coord_t *, pos_in_node_t from,
-+ pos_in_node_t count, struct carry_kill_data *);
-+ int (*shift_hook) (const coord_t *, unsigned from, unsigned count,
-+ znode * _node);
-+
-+ /* unit @*from contains @from_key. unit @*to contains @to_key. Cut all keys between @from_key and @to_key
-+ including boundaries. When units are cut from item beginning - move space which gets freed to head of
-+ item. When units are cut from item end - move freed space to item end. When units are cut from the middle of
-+ item - move freed space to item head. Return amount of space which got freed. Save smallest removed key in
-+ @smallest_removed if it is not 0. Save new first item key in @new_first_key if it is not 0
-+ */
-+ int (*cut_units) (coord_t *, pos_in_node_t from, pos_in_node_t to,
-+ struct carry_cut_data *,
-+ reiser4_key * smallest_removed,
-+ reiser4_key * new_first_key);
-+
-+ /* like cut_units, except that these units are removed from the
-+ tree, not only from a node */
-+ int (*kill_units) (coord_t *, pos_in_node_t from, pos_in_node_t to,
-+ struct carry_kill_data *,
-+ reiser4_key * smallest_removed,
-+ reiser4_key * new_first);
-+
-+ /* if @key_of_coord == 1 - returned key of coord, otherwise -
-+ key of unit is returned. If @coord is not set to certain
-+ unit - ERR_PTR(-ENOENT) is returned */
-+ reiser4_key *(*unit_key) (const coord_t *, reiser4_key *);
-+ reiser4_key *(*max_unit_key) (const coord_t *, reiser4_key *);
-+ /* estimate how much space is needed for paste @data into item at
-+ @coord. if @coord==0 - estimate insertion, otherwise - estimate
-+ pasting
-+ */
-+ int (*estimate) (const coord_t *, const reiser4_item_data *);
-+
-+ /* converts flow @f to item data. @coord == 0 on insert */
-+ int (*item_data_by_flow) (const coord_t *, const flow_t *,
-+ reiser4_item_data *);
-+
-+ /*void (*show) (struct seq_file *, coord_t *); */
-+
-+#if REISER4_DEBUG
-+ /* used for debugging, every item should have here the most
-+ complete possible check of the consistency of the item that
-+ the inventor can construct */
-+ int (*check) (const coord_t *, const char **error);
-+#endif
-+
-+} balance_ops;
-+
-+typedef struct {
-+ /* return the right or left child of @coord, only if it is in memory */
-+ int (*utmost_child) (const coord_t *, sideof side, jnode ** child);
-+
-+ /* return whether the right or left child of @coord has a non-fake
-+ block number. */
-+ int (*utmost_child_real_block) (const coord_t *, sideof side,
-+ reiser4_block_nr *);
-+ /* relocate child at @coord to the @block */
-+ void (*update) (const coord_t *, const reiser4_block_nr *);
-+ /* count unformatted nodes per item for leave relocation policy, etc.. */
-+ int (*scan) (flush_scan * scan);
-+ /* convert item by flush */
-+ int (*convert) (flush_pos_t * pos);
-+ /* backward mapping from jnode offset to a key. */
-+ int (*key_by_offset) (struct inode *, loff_t, reiser4_key *);
-+} flush_ops;
-+
-+/* operations specific to the directory item */
-+typedef struct {
-+ /* extract stat-data key from directory entry at @coord and place it
-+ into @key. */
-+ int (*extract_key) (const coord_t *, reiser4_key * key);
-+ /* update object key in item. */
-+ int (*update_key) (const coord_t *, const reiser4_key *, lock_handle *);
-+ /* extract name from directory entry at @coord and return it */
-+ char *(*extract_name) (const coord_t *, char *buf);
-+ /* extract file type (DT_* stuff) from directory entry at @coord and
-+ return it */
-+ unsigned (*extract_file_type) (const coord_t *);
-+ int (*add_entry) (struct inode * dir,
-+ coord_t *, lock_handle *,
-+ const struct dentry * name,
-+ reiser4_dir_entry_desc * entry);
-+ int (*rem_entry) (struct inode * dir, const struct qstr * name,
-+ coord_t *, lock_handle *,
-+ reiser4_dir_entry_desc * entry);
-+ int (*max_name_len) (const struct inode * dir);
-+} dir_entry_ops;
-+
-+/* operations specific to items regular (unix) file metadata are built of */
-+typedef struct {
-+ int (*write) (struct file *, const char __user *, size_t, loff_t *pos);
-+ int (*read) (struct file *, flow_t *, hint_t *);
-+ int (*readpage) (void *, struct page *);
-+ int (*get_block) (const coord_t *, sector_t, sector_t *);
-+ void (*readpages) (void *, struct address_space *,
-+ struct list_head * pages);
-+ /*
-+ * key of first byte which is not addressed by the item @coord is set
-+ * to.
-+ * For example, for extent item with the key
-+ *
-+ * (LOCALITY,4,OBJID,STARTING-OFFSET), and length BLK blocks,
-+ *
-+ * ->append_key is
-+ *
-+ * (LOCALITY,4,OBJID,STARTING-OFFSET + BLK * block_size)
-+ */
-+ reiser4_key *(*append_key) (const coord_t *, reiser4_key *);
-+
-+ void (*init_coord_extension) (uf_coord_t *, loff_t);
-+} file_ops;
-+
-+/* operations specific to items of stat data type */
-+typedef struct {
-+ int (*init_inode) (struct inode * inode, char *sd, int len);
-+ int (*save_len) (struct inode * inode);
-+ int (*save) (struct inode * inode, char **area);
-+} sd_ops;
-+
-+/* operations specific to internal item */
-+typedef struct {
-+ /* all tree traversal want to know from internal item is where
-+ to go next. */
-+ void (*down_link) (const coord_t * coord,
-+ const reiser4_key * key, reiser4_block_nr * block);
-+ /* check that given internal item contains given pointer. */
-+ int (*has_pointer_to) (const coord_t * coord,
-+ const reiser4_block_nr * block);
-+} internal_item_ops;
-+
-+struct item_plugin {
-+ /* generic fields */
-+ plugin_header h;
-+
-+ /* methods common for all item types */
-+ balance_ops b;
-+ /* methods used during flush */
-+ flush_ops f;
-+
-+ /* methods specific to particular type of item */
-+ union {
-+ dir_entry_ops dir;
-+ file_ops file;
-+ sd_ops sd;
-+ internal_item_ops internal;
-+ } s;
-+
-+};
-+
-+static inline item_id item_id_by_plugin(item_plugin * plugin)
-+{
-+ return plugin->h.id;
-+}
-+
-+static inline char get_iplugid(item_plugin * iplug)
-+{
-+ assert("nikita-2838", iplug != NULL);
-+ assert("nikita-2839", iplug->h.id < 0xff);
-+ return (char)item_id_by_plugin(iplug);
-+}
-+
-+extern unsigned long znode_times_locked(const znode * z);
-+
-+static inline void coord_set_iplug(coord_t * coord, item_plugin * iplug)
-+{
-+ assert("nikita-2837", coord != NULL);
-+ assert("nikita-2838", iplug != NULL);
-+ coord->iplugid = get_iplugid(iplug);
-+ ON_DEBUG(coord->plug_v = znode_times_locked(coord->node));
-+}
-+
-+static inline item_plugin *coord_iplug(const coord_t * coord)
-+{
-+ assert("nikita-2833", coord != NULL);
-+ assert("nikita-2834", coord->iplugid != INVALID_PLUGID);
-+ assert("nikita-3549", coord->plug_v == znode_times_locked(coord->node));
-+ return (item_plugin *) plugin_by_id(REISER4_ITEM_PLUGIN_TYPE,
-+ coord->iplugid);
-+}
-+
-+extern int item_can_contain_key(const coord_t * item, const reiser4_key * key,
-+ const reiser4_item_data *);
-+extern int are_items_mergeable(const coord_t * i1, const coord_t * i2);
-+extern int item_is_extent(const coord_t *);
-+extern int item_is_tail(const coord_t *);
-+extern int item_is_statdata(const coord_t * item);
-+extern int item_is_ctail(const coord_t *);
-+
-+extern pos_in_node_t item_length_by_coord(const coord_t * coord);
-+extern item_type_id item_type_by_coord(const coord_t * coord);
-+extern item_id item_id_by_coord(const coord_t * coord /* coord to query */ );
-+extern reiser4_key *item_key_by_coord(const coord_t * coord, reiser4_key * key);
-+extern reiser4_key *max_item_key_by_coord(const coord_t *, reiser4_key *);
-+extern reiser4_key *unit_key_by_coord(const coord_t * coord, reiser4_key * key);
-+extern reiser4_key *max_unit_key_by_coord(const coord_t * coord,
-+ reiser4_key * key);
-+
-+extern void obtain_item_plugin(const coord_t * coord);
-+
-+#if defined(REISER4_DEBUG)
-+extern int znode_is_loaded(const znode * node);
-+#endif
-+
-+/* return plugin of item at @coord */
-+static inline item_plugin *item_plugin_by_coord(const coord_t *
-+ coord /* coord to query */ )
-+{
-+ assert("nikita-330", coord != NULL);
-+ assert("nikita-331", coord->node != NULL);
-+ assert("nikita-332", znode_is_loaded(coord->node));
-+
-+ if (unlikely(!coord_is_iplug_set(coord)))
-+ obtain_item_plugin(coord);
-+ return coord_iplug(coord);
-+}
-+
-+/* this returns true if item is of internal type */
-+static inline int item_is_internal(const coord_t * item)
-+{
-+ assert("vs-483", coord_is_existing_item(item));
-+ return item_type_by_coord(item) == INTERNAL_ITEM_TYPE;
-+}
-+
-+extern void item_body_by_coord_hard(coord_t * coord);
-+extern void *item_body_by_coord_easy(const coord_t * coord);
-+#if REISER4_DEBUG
-+extern int item_body_is_valid(const coord_t * coord);
-+#endif
-+
-+/* return pointer to item body */
-+static inline void *item_body_by_coord(const coord_t *
-+ coord /* coord to query */ )
-+{
-+ assert("nikita-324", coord != NULL);
-+ assert("nikita-325", coord->node != NULL);
-+ assert("nikita-326", znode_is_loaded(coord->node));
-+
-+ if (coord->offset == INVALID_OFFSET)
-+ item_body_by_coord_hard((coord_t *) coord);
-+ assert("nikita-3201", item_body_is_valid(coord));
-+ assert("nikita-3550", coord->body_v == znode_times_locked(coord->node));
-+ return item_body_by_coord_easy(coord);
-+}
-+
-+/* __REISER4_ITEM_H__ */
-+#endif
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/item/sde.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/item/sde.c
-@@ -0,0 +1,190 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* Directory entry implementation */
-+#include "../../forward.h"
-+#include "../../debug.h"
-+#include "../../dformat.h"
-+#include "../../kassign.h"
-+#include "../../coord.h"
-+#include "sde.h"
-+#include "item.h"
-+#include "../plugin.h"
-+#include "../../znode.h"
-+#include "../../carry.h"
-+#include "../../tree.h"
-+#include "../../inode.h"
-+
-+#include <linux/fs.h> /* for struct inode */
-+#include <linux/dcache.h> /* for struct dentry */
-+#include <linux/quotaops.h>
-+
-+/* ->extract_key() method of simple directory item plugin. */
-+int extract_key_de(const coord_t * coord /* coord of item */ ,
-+ reiser4_key * key /* resulting key */ )
-+{
-+ directory_entry_format *dent;
-+
-+ assert("nikita-1458", coord != NULL);
-+ assert("nikita-1459", key != NULL);
-+
-+ dent = (directory_entry_format *) item_body_by_coord(coord);
-+ assert("nikita-1158", item_length_by_coord(coord) >= (int)sizeof *dent);
-+ return extract_key_from_id(&dent->id, key);
-+}
-+
-+int
-+update_key_de(const coord_t * coord, const reiser4_key * key,
-+ lock_handle * lh UNUSED_ARG)
-+{
-+ directory_entry_format *dent;
-+ obj_key_id obj_id;
-+ int result;
-+
-+ assert("nikita-2342", coord != NULL);
-+ assert("nikita-2343", key != NULL);
-+
-+ dent = (directory_entry_format *) item_body_by_coord(coord);
-+ result = build_obj_key_id(key, &obj_id);
-+ if (result == 0) {
-+ dent->id = obj_id;
-+ znode_make_dirty(coord->node);
-+ }
-+ return 0;
-+}
-+
-+char *extract_dent_name(const coord_t * coord, directory_entry_format * dent,
-+ char *buf)
-+{
-+ reiser4_key key;
-+
-+ unit_key_by_coord(coord, &key);
-+ if (get_key_type(&key) != KEY_FILE_NAME_MINOR)
-+ reiser4_print_address("oops", znode_get_block(coord->node));
-+ if (!is_longname_key(&key)) {
-+ if (is_dot_key(&key))
-+ return (char *)".";
-+ else
-+ return extract_name_from_key(&key, buf);
-+ } else
-+ return (char *)dent->name;
-+}
-+
-+/* ->extract_name() method of simple directory item plugin. */
-+char *extract_name_de(const coord_t * coord /* coord of item */ , char *buf)
-+{
-+ directory_entry_format *dent;
-+
-+ assert("nikita-1460", coord != NULL);
-+
-+ dent = (directory_entry_format *) item_body_by_coord(coord);
-+ return extract_dent_name(coord, dent, buf);
-+}
-+
-+/* ->extract_file_type() method of simple directory item plugin. */
-+unsigned extract_file_type_de(const coord_t * coord UNUSED_ARG /* coord of
-+ * item */ )
-+{
-+ assert("nikita-1764", coord != NULL);
-+ /* we don't store file type in the directory entry yet.
-+
-+ But see comments at kassign.h:obj_key_id
-+ */
-+ return DT_UNKNOWN;
-+}
-+
-+int add_entry_de(struct inode *dir /* directory of item */ ,
-+ coord_t * coord /* coord of item */ ,
-+ lock_handle * lh /* insertion lock handle */ ,
-+ const struct dentry *de /* name to add */ ,
-+ reiser4_dir_entry_desc * entry /* parameters of new directory
-+ * entry */ )
-+{
-+ reiser4_item_data data;
-+ directory_entry_format *dent;
-+ int result;
-+ const char *name;
-+ int len;
-+ int longname;
-+
-+ name = de->d_name.name;
-+ len = de->d_name.len;
-+ assert("nikita-1163", strlen(name) == len);
-+
-+ longname = is_longname(name, len);
-+
-+ data.length = sizeof *dent;
-+ if (longname)
-+ data.length += len + 1;
-+ data.data = NULL;
-+ data.user = 0;
-+ data.iplug = item_plugin_by_id(SIMPLE_DIR_ENTRY_ID);
-+
-+ /* NOTE-NIKITA quota plugin */
-+ if (DQUOT_ALLOC_SPACE_NODIRTY(dir, data.length))
-+ return -EDQUOT;
-+
-+ result = insert_by_coord(coord, &data, &entry->key, lh, 0 /*flags */ );
-+ if (result != 0)
-+ return result;
-+
-+ dent = (directory_entry_format *) item_body_by_coord(coord);
-+ build_inode_key_id(entry->obj, &dent->id);
-+ if (longname) {
-+ memcpy(dent->name, name, len);
-+ put_unaligned(0, &dent->name[len]);
-+ }
-+ return 0;
-+}
-+
-+int rem_entry_de(struct inode *dir /* directory of item */ ,
-+ const struct qstr *name UNUSED_ARG,
-+ coord_t * coord /* coord of item */ ,
-+ lock_handle * lh UNUSED_ARG /* lock handle for
-+ * removal */ ,
-+ reiser4_dir_entry_desc * entry UNUSED_ARG /* parameters of
-+ * directory entry
-+ * being removed */ )
-+{
-+ coord_t shadow;
-+ int result;
-+ int length;
-+
-+ length = item_length_by_coord(coord);
-+ if (inode_get_bytes(dir) < length) {
-+ warning("nikita-2627", "Dir is broke: %llu: %llu",
-+ (unsigned long long)get_inode_oid(dir),
-+ inode_get_bytes(dir));
-+
-+ return RETERR(-EIO);
-+ }
-+
-+ /* cut_node() is supposed to take pointers to _different_
-+ coords, because it will modify them without respect to
-+ possible aliasing. To work around this, create temporary copy
-+ of @coord.
-+ */
-+ coord_dup(&shadow, coord);
-+ result =
-+ kill_node_content(coord, &shadow, NULL, NULL, NULL, NULL, NULL, 0);
-+ if (result == 0) {
-+ /* NOTE-NIKITA quota plugin */
-+ DQUOT_FREE_SPACE_NODIRTY(dir, length);
-+ }
-+ return result;
-+}
-+
-+int max_name_len_de(const struct inode *dir)
-+{
-+ return tree_by_inode(dir)->nplug->max_item_size() -
-+ sizeof(directory_entry_format) - 2;
-+}
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/item/sde.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/item/sde.h
-@@ -0,0 +1,66 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* Directory entry. */
-+
-+#if !defined( __FS_REISER4_PLUGIN_DIRECTORY_ENTRY_H__ )
-+#define __FS_REISER4_PLUGIN_DIRECTORY_ENTRY_H__
-+
-+#include "../../forward.h"
-+#include "../../dformat.h"
-+#include "../../kassign.h"
-+#include "../../key.h"
-+
-+#include <linux/fs.h>
-+#include <linux/dcache.h> /* for struct dentry */
-+
-+typedef struct directory_entry_format {
-+ /* key of object stat-data. It's not necessary to store whole
-+ key here, because it's always key of stat-data, so minor
-+ packing locality and offset can be omitted here. But this
-+ relies on particular key allocation scheme for stat-data, so,
-+ for extensibility sake, whole key can be stored here.
-+
-+ We store key as array of bytes, because we don't want 8-byte
-+ alignment of dir entries.
-+ */
-+ obj_key_id id;
-+ /* file name. Null terminated string. */
-+ d8 name[0];
-+} directory_entry_format;
-+
-+void print_de(const char *prefix, coord_t * coord);
-+int extract_key_de(const coord_t * coord, reiser4_key * key);
-+int update_key_de(const coord_t * coord, const reiser4_key * key,
-+ lock_handle * lh);
-+char *extract_name_de(const coord_t * coord, char *buf);
-+unsigned extract_file_type_de(const coord_t * coord);
-+int add_entry_de(struct inode *dir, coord_t * coord,
-+ lock_handle * lh, const struct dentry *name,
-+ reiser4_dir_entry_desc * entry);
-+int rem_entry_de(struct inode *dir, const struct qstr *name, coord_t * coord,
-+ lock_handle * lh, reiser4_dir_entry_desc * entry);
-+int max_name_len_de(const struct inode *dir);
-+
-+int de_rem_and_shrink(struct inode *dir, coord_t * coord, int length);
-+
-+char *extract_dent_name(const coord_t * coord,
-+ directory_entry_format * dent, char *buf);
-+
-+#if REISER4_LARGE_KEY
-+#define DE_NAME_BUF_LEN (24)
-+#else
-+#define DE_NAME_BUF_LEN (16)
-+#endif
-+
-+/* __FS_REISER4_PLUGIN_DIRECTORY_ENTRY_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/item/static_stat.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/item/static_stat.c
-@@ -0,0 +1,1040 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* stat data manipulation. */
-+
-+#include "../../forward.h"
-+#include "../../super.h"
-+#include "../../vfs_ops.h"
-+#include "../../inode.h"
-+#include "../../debug.h"
-+#include "../../dformat.h"
-+#include "../object.h"
-+#include "../plugin.h"
-+#include "../plugin_header.h"
-+#include "static_stat.h"
-+#include "item.h"
-+
-+#include <linux/types.h>
-+#include <linux/fs.h>
-+
-+/* see static_stat.h for explanation */
-+
-+/* helper function used while we are dumping/loading inode/plugin state
-+ to/from the stat-data. */
-+
-+static void move_on(int *length /* space remaining in stat-data */ ,
-+ char **area /* current coord in stat data */ ,
-+ int size_of /* how many bytes to move forward */ )
-+{
-+ assert("nikita-615", length != NULL);
-+ assert("nikita-616", area != NULL);
-+
-+ *length -= size_of;
-+ *area += size_of;
-+
-+ assert("nikita-617", *length >= 0);
-+}
-+
-+/* helper function used while loading inode/plugin state from stat-data.
-+ Complain if there is less space in stat-data than was expected.
-+ Can only happen on disk corruption. */
-+static int not_enough_space(struct inode *inode /* object being processed */ ,
-+ const char *where /* error message */ )
-+{
-+ assert("nikita-618", inode != NULL);
-+
-+ warning("nikita-619", "Not enough space in %llu while loading %s",
-+ (unsigned long long)get_inode_oid(inode), where);
-+
-+ return RETERR(-EINVAL);
-+}
-+
-+/* helper function used while loading inode/plugin state from
-+ stat-data. Call it if invalid plugin id was found. */
-+static int unknown_plugin(reiser4_plugin_id id /* invalid id */ ,
-+ struct inode *inode /* object being processed */ )
-+{
-+ warning("nikita-620", "Unknown plugin %i in %llu",
-+ id, (unsigned long long)get_inode_oid(inode));
-+
-+ return RETERR(-EINVAL);
-+}
-+
-+/* this is installed as ->init_inode() method of
-+ item_plugins[ STATIC_STAT_DATA_IT ] (fs/reiser4/plugin/item/item.c).
-+ Copies data from on-disk stat-data format into inode.
-+ Handles stat-data extensions. */
-+/* was sd_load */
-+int init_inode_static_sd(struct inode *inode /* object being processed */ ,
-+ char *sd /* stat-data body */ ,
-+ int len /* length of stat-data */ )
-+{
-+ int result;
-+ int bit;
-+ int chunk;
-+ __u16 mask;
-+ __u64 bigmask;
-+ reiser4_stat_data_base *sd_base;
-+ reiser4_inode *state;
-+
-+ assert("nikita-625", inode != NULL);
-+ assert("nikita-626", sd != NULL);
-+
-+ result = 0;
-+ sd_base = (reiser4_stat_data_base *) sd;
-+ state = reiser4_inode_data(inode);
-+ mask = le16_to_cpu(get_unaligned(&sd_base->extmask));
-+ bigmask = mask;
-+ inode_set_flag(inode, REISER4_SDLEN_KNOWN);
-+
-+ move_on(&len, &sd, sizeof *sd_base);
-+ for (bit = 0, chunk = 0;
-+ mask != 0 || bit <= LAST_IMPORTANT_SD_EXTENSION;
-+ ++bit, mask >>= 1) {
-+ if (((bit + 1) % 16) != 0) {
-+ /* handle extension */
-+ sd_ext_plugin *sdplug;
-+
-+ if (bit >= LAST_SD_EXTENSION) {
-+ warning("vpf-1904",
-+ "No such extension %i in inode %llu",
-+ bit,
-+ (unsigned long long)
-+ get_inode_oid(inode));
-+
-+ result = RETERR(-EINVAL);
-+ break;
-+ }
-+
-+ sdplug = sd_ext_plugin_by_id(bit);
-+ if (sdplug == NULL) {
-+ warning("nikita-627",
-+ "No such extension %i in inode %llu",
-+ bit,
-+ (unsigned long long)
-+ get_inode_oid(inode));
-+
-+ result = RETERR(-EINVAL);
-+ break;
-+ }
-+ if (mask & 1) {
-+ assert("nikita-628", sdplug->present);
-+ /* alignment is not supported in node layout
-+ plugin yet.
-+ result = align( inode, &len, &sd,
-+ sdplug -> alignment );
-+ if( result != 0 )
-+ return result; */
-+ result = sdplug->present(inode, &sd, &len);
-+ } else if (sdplug->absent != NULL)
-+ result = sdplug->absent(inode);
-+ if (result)
-+ break;
-+ /* else, we are looking at the last bit in 16-bit
-+ portion of bitmask */
-+ } else if (mask & 1) {
-+ /* next portion of bitmask */
-+ if (len < (int)sizeof(d16)) {
-+ warning("nikita-629",
-+ "No space for bitmap in inode %llu",
-+ (unsigned long long)
-+ get_inode_oid(inode));
-+
-+ result = RETERR(-EINVAL);
-+ break;
-+ }
-+ mask = le16_to_cpu(get_unaligned((d16 *)sd));
-+ bigmask <<= 16;
-+ bigmask |= mask;
-+ move_on(&len, &sd, sizeof(d16));
-+ ++chunk;
-+ if (chunk == 3) {
-+ if (!(mask & 0x8000)) {
-+ /* clear last bit */
-+ mask &= ~0x8000;
-+ continue;
-+ }
-+ /* too much */
-+ warning("nikita-630",
-+ "Too many extensions in %llu",
-+ (unsigned long long)
-+ get_inode_oid(inode));
-+
-+ result = RETERR(-EINVAL);
-+ break;
-+ }
-+ } else
-+ /* bitmask exhausted */
-+ break;
-+ }
-+ state->extmask = bigmask;
-+ /* common initialisations */
-+ inode->i_blksize = get_super_private(inode->i_sb)->optimal_io_size;
-+ if (len - (bit / 16 * sizeof(d16)) > 0) {
-+ /* alignment in save_len_static_sd() is taken into account
-+ -edward */
-+ warning("nikita-631", "unused space in inode %llu",
-+ (unsigned long long)get_inode_oid(inode));
-+ }
-+
-+ return result;
-+}
-+
-+/* estimates size of stat-data required to store inode.
-+ Installed as ->save_len() method of
-+ item_plugins[ STATIC_STAT_DATA_IT ] (fs/reiser4/plugin/item/item.c). */
-+/* was sd_len */
-+int save_len_static_sd(struct inode *inode /* object being processed */ )
-+{
-+ unsigned int result;
-+ __u64 mask;
-+ int bit;
-+
-+ assert("nikita-632", inode != NULL);
-+
-+ result = sizeof(reiser4_stat_data_base);
-+ mask = reiser4_inode_data(inode)->extmask;
-+ for (bit = 0; mask != 0; ++bit, mask >>= 1) {
-+ if (mask & 1) {
-+ sd_ext_plugin *sdplug;
-+
-+ sdplug = sd_ext_plugin_by_id(bit);
-+ assert("nikita-633", sdplug != NULL);
-+ /* no aligment support
-+ result +=
-+ round_up( result, sdplug -> alignment ) - result; */
-+ result += sdplug->save_len(inode);
-+ }
-+ }
-+ result += bit / 16 * sizeof(d16);
-+ return result;
-+}
-+
-+/* saves inode into stat-data.
-+ Installed as ->save() method of
-+ item_plugins[ STATIC_STAT_DATA_IT ] (fs/reiser4/plugin/item/item.c). */
-+/* was sd_save */
-+int save_static_sd(struct inode *inode /* object being processed */ ,
-+ char **area /* where to save stat-data */ )
-+{
-+ int result;
-+ __u64 emask;
-+ int bit;
-+ unsigned int len;
-+ reiser4_stat_data_base *sd_base;
-+
-+ assert("nikita-634", inode != NULL);
-+ assert("nikita-635", area != NULL);
-+
-+ result = 0;
-+ emask = reiser4_inode_data(inode)->extmask;
-+ sd_base = (reiser4_stat_data_base *) * area;
-+ put_unaligned(cpu_to_le16((__u16)(emask & 0xffff)), &sd_base->extmask);
-+ /*cputod16((unsigned)(emask & 0xffff), &sd_base->extmask);*/
-+
-+ *area += sizeof *sd_base;
-+ len = 0xffffffffu;
-+ for (bit = 0; emask != 0; ++bit, emask >>= 1) {
-+ if (emask & 1) {
-+ if ((bit + 1) % 16 != 0) {
-+ sd_ext_plugin *sdplug;
-+ sdplug = sd_ext_plugin_by_id(bit);
-+ assert("nikita-636", sdplug != NULL);
-+ /* no alignment support yet
-+ align( inode, &len, area,
-+ sdplug -> alignment ); */
-+ result = sdplug->save(inode, area);
-+ if (result)
-+ break;
-+ } else {
-+ put_unaligned(cpu_to_le16((__u16)(emask & 0xffff)),
-+ (d16 *)(*area));
-+ /*cputod16((unsigned)(emask & 0xffff),
-+ (d16 *) * area);*/
-+ *area += sizeof(d16);
-+ }
-+ }
-+ }
-+ return result;
-+}
-+
-+/* stat-data extension handling functions. */
-+
-+static int present_lw_sd(struct inode *inode /* object being processed */ ,
-+ char **area /* position in stat-data */ ,
-+ int *len /* remaining length */ )
-+{
-+ if (*len >= (int)sizeof(reiser4_light_weight_stat)) {
-+ reiser4_light_weight_stat *sd_lw;
-+
-+ sd_lw = (reiser4_light_weight_stat *) * area;
-+
-+ inode->i_mode = le16_to_cpu(get_unaligned(&sd_lw->mode));
-+ inode->i_nlink = le32_to_cpu(get_unaligned(&sd_lw->nlink));
-+ inode->i_size = le64_to_cpu(get_unaligned(&sd_lw->size));
-+ if ((inode->i_mode & S_IFMT) == (S_IFREG | S_IFIFO)) {
-+ inode->i_mode &= ~S_IFIFO;
-+ warning("", "partially converted file is encountered");
-+ inode_set_flag(inode, REISER4_PART_MIXED);
-+ }
-+ move_on(len, area, sizeof *sd_lw);
-+ return 0;
-+ } else
-+ return not_enough_space(inode, "lw sd");
-+}
-+
-+static int save_len_lw_sd(struct inode *inode UNUSED_ARG /* object being
-+ * processed */ )
-+{
-+ return sizeof(reiser4_light_weight_stat);
-+}
-+
-+static int save_lw_sd(struct inode *inode /* object being processed */ ,
-+ char **area /* position in stat-data */ )
-+{
-+ reiser4_light_weight_stat *sd;
-+ mode_t delta;
-+
-+ assert("nikita-2705", inode != NULL);
-+ assert("nikita-2706", area != NULL);
-+ assert("nikita-2707", *area != NULL);
-+
-+ sd = (reiser4_light_weight_stat *) * area;
-+
-+ delta = (inode_get_flag(inode, REISER4_PART_MIXED) ? S_IFIFO : 0);
-+ put_unaligned(cpu_to_le16(inode->i_mode | delta), &sd->mode);
-+ put_unaligned(cpu_to_le32(inode->i_nlink), &sd->nlink);
-+ put_unaligned(cpu_to_le64((__u64) inode->i_size), &sd->size);
-+ *area += sizeof *sd;
-+ return 0;
-+}
-+
-+static int present_unix_sd(struct inode *inode /* object being processed */ ,
-+ char **area /* position in stat-data */ ,
-+ int *len /* remaining length */ )
-+{
-+ assert("nikita-637", inode != NULL);
-+ assert("nikita-638", area != NULL);
-+ assert("nikita-639", *area != NULL);
-+ assert("nikita-640", len != NULL);
-+ assert("nikita-641", *len > 0);
-+
-+ if (*len >= (int)sizeof(reiser4_unix_stat)) {
-+ reiser4_unix_stat *sd;
-+
-+ sd = (reiser4_unix_stat *) * area;
-+
-+ inode->i_uid = le32_to_cpu(get_unaligned(&sd->uid));
-+ inode->i_gid = le32_to_cpu(get_unaligned(&sd->gid));
-+ inode->i_atime.tv_sec = le32_to_cpu(get_unaligned(&sd->atime));
-+ inode->i_mtime.tv_sec = le32_to_cpu(get_unaligned(&sd->mtime));
-+ inode->i_ctime.tv_sec = le32_to_cpu(get_unaligned(&sd->ctime));
-+ if (S_ISBLK(inode->i_mode) || S_ISCHR(inode->i_mode))
-+ inode->i_rdev = le64_to_cpu(get_unaligned(&sd->u.rdev));
-+ else
-+ inode_set_bytes(inode, (loff_t) le64_to_cpu(get_unaligned(&sd->u.bytes)));
-+ move_on(len, area, sizeof *sd);
-+ return 0;
-+ } else
-+ return not_enough_space(inode, "unix sd");
-+}
-+
-+static int absent_unix_sd(struct inode *inode /* object being processed */ )
-+{
-+ inode->i_uid = get_super_private(inode->i_sb)->default_uid;
-+ inode->i_gid = get_super_private(inode->i_sb)->default_gid;
-+ inode->i_atime = inode->i_mtime = inode->i_ctime = CURRENT_TIME;
-+ inode_set_bytes(inode, inode->i_size);
-+ /* mark inode as lightweight, so that caller (reiser4_lookup) will
-+ complete initialisation by copying [ug]id from a parent. */
-+ inode_set_flag(inode, REISER4_LIGHT_WEIGHT);
-+ return 0;
-+}
-+
-+/* Audited by: green(2002.06.14) */
-+static int save_len_unix_sd(struct inode *inode UNUSED_ARG /* object being
-+ * processed */ )
-+{
-+ return sizeof(reiser4_unix_stat);
-+}
-+
-+static int save_unix_sd(struct inode *inode /* object being processed */ ,
-+ char **area /* position in stat-data */ )
-+{
-+ reiser4_unix_stat *sd;
-+
-+ assert("nikita-642", inode != NULL);
-+ assert("nikita-643", area != NULL);
-+ assert("nikita-644", *area != NULL);
-+
-+ sd = (reiser4_unix_stat *) * area;
-+ put_unaligned(cpu_to_le32(inode->i_uid), &sd->uid);
-+ put_unaligned(cpu_to_le32(inode->i_gid), &sd->gid);
-+ put_unaligned(cpu_to_le32((__u32) inode->i_atime.tv_sec), &sd->atime);
-+ put_unaligned(cpu_to_le32((__u32) inode->i_ctime.tv_sec), &sd->ctime);
-+ put_unaligned(cpu_to_le32((__u32) inode->i_mtime.tv_sec), &sd->mtime);
-+ if (S_ISBLK(inode->i_mode) || S_ISCHR(inode->i_mode))
-+ put_unaligned(cpu_to_le64(inode->i_rdev), &sd->u.rdev);
-+ else
-+ put_unaligned(cpu_to_le64((__u64) inode_get_bytes(inode)), &sd->u.bytes);
-+ *area += sizeof *sd;
-+ return 0;
-+}
-+
-+static int
-+present_large_times_sd(struct inode *inode /* object being processed */ ,
-+ char **area /* position in stat-data */ ,
-+ int *len /* remaining length */ )
-+{
-+ if (*len >= (int)sizeof(reiser4_large_times_stat)) {
-+ reiser4_large_times_stat *sd_lt;
-+
-+ sd_lt = (reiser4_large_times_stat *) * area;
-+
-+ inode->i_atime.tv_nsec = le32_to_cpu(get_unaligned(&sd_lt->atime));
-+ inode->i_mtime.tv_nsec = le32_to_cpu(get_unaligned(&sd_lt->mtime));
-+ inode->i_ctime.tv_nsec = le32_to_cpu(get_unaligned(&sd_lt->ctime));
-+
-+ move_on(len, area, sizeof *sd_lt);
-+ return 0;
-+ } else
-+ return not_enough_space(inode, "large times sd");
-+}
-+
-+static int
-+save_len_large_times_sd(struct inode *inode UNUSED_ARG
-+ /* object being processed */ )
-+{
-+ return sizeof(reiser4_large_times_stat);
-+}
-+
-+static int
-+save_large_times_sd(struct inode *inode /* object being processed */ ,
-+ char **area /* position in stat-data */ )
-+{
-+ reiser4_large_times_stat *sd;
-+
-+ assert("nikita-2817", inode != NULL);
-+ assert("nikita-2818", area != NULL);
-+ assert("nikita-2819", *area != NULL);
-+
-+ sd = (reiser4_large_times_stat *) * area;
-+
-+ put_unaligned(cpu_to_le32((__u32) inode->i_atime.tv_nsec), &sd->atime);
-+ put_unaligned(cpu_to_le32((__u32) inode->i_ctime.tv_nsec), &sd->ctime);
-+ put_unaligned(cpu_to_le32((__u32) inode->i_mtime.tv_nsec), &sd->mtime);
-+
-+ *area += sizeof *sd;
-+ return 0;
-+}
-+
-+/* symlink stat data extension */
-+
-+/* allocate memory for symlink target and attach it to inode->u.generic_ip */
-+static int
-+symlink_target_to_inode(struct inode *inode, const char *target, int len)
-+{
-+ assert("vs-845", inode->u.generic_ip == NULL);
-+ assert("vs-846", !inode_get_flag(inode, REISER4_GENERIC_PTR_USED));
-+
-+ /* FIXME-VS: this is prone to deadlock. Not more than other similar
-+ places, though */
-+ inode->u.generic_ip = kmalloc((size_t) len + 1, get_gfp_mask());
-+ if (!inode->u.generic_ip)
-+ return RETERR(-ENOMEM);
-+
-+ memcpy((char *)(inode->u.generic_ip), target, (size_t) len);
-+ ((char *)(inode->u.generic_ip))[len] = 0;
-+ inode_set_flag(inode, REISER4_GENERIC_PTR_USED);
-+ return 0;
-+}
-+
-+/* this is called on read_inode. There is nothing to do actually, but some
-+ sanity checks */
-+static int present_symlink_sd(struct inode *inode, char **area, int *len)
-+{
-+ int result;
-+ int length;
-+ reiser4_symlink_stat *sd;
-+
-+ length = (int)inode->i_size;
-+ /*
-+ * *len is number of bytes in stat data item from *area to the end of
-+ * item. It must be not less than size of symlink + 1 for ending 0
-+ */
-+ if (length > *len)
-+ return not_enough_space(inode, "symlink");
-+
-+ if (*(*area + length) != 0) {
-+ warning("vs-840", "Symlink is not zero terminated");
-+ return RETERR(-EIO);
-+ }
-+
-+ sd = (reiser4_symlink_stat *) * area;
-+ result = symlink_target_to_inode(inode, sd->body, length);
-+
-+ move_on(len, area, length + 1);
-+ return result;
-+}
-+
-+static int save_len_symlink_sd(struct inode *inode)
-+{
-+ return inode->i_size + 1;
-+}
-+
-+/* this is called on create and update stat data. Do nothing on update but
-+ update @area */
-+static int save_symlink_sd(struct inode *inode, char **area)
-+{
-+ int result;
-+ int length;
-+ reiser4_symlink_stat *sd;
-+
-+ length = (int)inode->i_size;
-+ /* inode->i_size must be set already */
-+ assert("vs-841", length);
-+
-+ result = 0;
-+ sd = (reiser4_symlink_stat *) * area;
-+ if (!inode_get_flag(inode, REISER4_GENERIC_PTR_USED)) {
-+ const char *target;
-+
-+ target = (const char *)(inode->u.generic_ip);
-+ inode->u.generic_ip = NULL;
-+
-+ result = symlink_target_to_inode(inode, target, length);
-+
-+ /* copy symlink to stat data */
-+ memcpy(sd->body, target, (size_t) length);
-+ (*area)[length] = 0;
-+ } else {
-+ /* there is nothing to do in update but move area */
-+ assert("vs-844",
-+ !memcmp(inode->u.generic_ip, sd->body,
-+ (size_t) length + 1));
-+ }
-+
-+ *area += (length + 1);
-+ return result;
-+}
-+
-+static int present_flags_sd(struct inode *inode /* object being processed */ ,
-+ char **area /* position in stat-data */ ,
-+ int *len /* remaining length */ )
-+{
-+ assert("nikita-645", inode != NULL);
-+ assert("nikita-646", area != NULL);
-+ assert("nikita-647", *area != NULL);
-+ assert("nikita-648", len != NULL);
-+ assert("nikita-649", *len > 0);
-+
-+ if (*len >= (int)sizeof(reiser4_flags_stat)) {
-+ reiser4_flags_stat *sd;
-+
-+ sd = (reiser4_flags_stat *) * area;
-+ inode->i_flags = le32_to_cpu(get_unaligned(&sd->flags));
-+ move_on(len, area, sizeof *sd);
-+ return 0;
-+ } else
-+ return not_enough_space(inode, "generation and attrs");
-+}
-+
-+/* Audited by: green(2002.06.14) */
-+static int save_len_flags_sd(struct inode *inode UNUSED_ARG /* object being
-+ * processed */ )
-+{
-+ return sizeof(reiser4_flags_stat);
-+}
-+
-+static int save_flags_sd(struct inode *inode /* object being processed */ ,
-+ char **area /* position in stat-data */ )
-+{
-+ reiser4_flags_stat *sd;
-+
-+ assert("nikita-650", inode != NULL);
-+ assert("nikita-651", area != NULL);
-+ assert("nikita-652", *area != NULL);
-+
-+ sd = (reiser4_flags_stat *) * area;
-+ put_unaligned(cpu_to_le32(inode->i_flags), &sd->flags);
-+ *area += sizeof *sd;
-+ return 0;
-+}
-+
-+static int absent_plugin_sd(struct inode *inode);
-+static int present_plugin_sd(struct inode *inode /* object being processed */ ,
-+ char **area /* position in stat-data */ ,
-+ int *len /* remaining length */ )
-+{
-+ reiser4_plugin_stat *sd;
-+ reiser4_plugin *plugin;
-+ int i;
-+ __u16 mask;
-+ int result;
-+ int num_of_plugins;
-+
-+ assert("nikita-653", inode != NULL);
-+ assert("nikita-654", area != NULL);
-+ assert("nikita-655", *area != NULL);
-+ assert("nikita-656", len != NULL);
-+ assert("nikita-657", *len > 0);
-+
-+ if (*len < (int)sizeof(reiser4_plugin_stat))
-+ return not_enough_space(inode, "plugin");
-+
-+ sd = (reiser4_plugin_stat *) * area;
-+
-+ mask = 0;
-+ num_of_plugins = le16_to_cpu(get_unaligned(&sd->plugins_no));
-+ move_on(len, area, sizeof *sd);
-+ result = 0;
-+ for (i = 0; i < num_of_plugins; ++i) {
-+ reiser4_plugin_slot *slot;
-+ reiser4_plugin_type type;
-+ pset_member memb;
-+
-+ slot = (reiser4_plugin_slot *) * area;
-+ if (*len < (int)sizeof *slot)
-+ return not_enough_space(inode, "additional plugin");
-+
-+ memb = le16_to_cpu(get_unaligned(&slot->pset_memb));
-+ type = pset_member_to_type_unsafe(memb);
-+ if (type == REISER4_PLUGIN_TYPES) {
-+ warning("nikita-3502",
-+ "wrong pset member (%i) for %llu", memb,
-+ (unsigned long long)get_inode_oid(inode));
-+ return RETERR(-EINVAL);
-+ }
-+ plugin = plugin_by_disk_id(tree_by_inode(inode),
-+ type, &slot->id);
-+ if (plugin == NULL)
-+ return unknown_plugin(le16_to_cpu(get_unaligned(&slot->id)), inode);
-+
-+ /* plugin is loaded into inode, mark this into inode's
-+ bitmask of loaded non-standard plugins */
-+ if (!(mask & (1 << memb))) {
-+ mask |= (1 << memb);
-+ } else {
-+ warning("nikita-658", "duplicate plugin for %llu",
-+ (unsigned long long)get_inode_oid(inode));
-+ return RETERR(-EINVAL);
-+ }
-+ move_on(len, area, sizeof *slot);
-+ /* load plugin data, if any */
-+ if (plugin->h.pops != NULL && plugin->h.pops->load) {
-+ result = plugin->h.pops->load(inode, plugin, area, len);
-+ if (result != 0)
-+ return result;
-+ } else
-+ result = grab_plugin_from(inode, memb, plugin);
-+ }
-+ /* if object plugin wasn't loaded from stat-data, guess it by
-+ mode bits */
-+ plugin = file_plugin_to_plugin(inode_file_plugin(inode));
-+ if (plugin == NULL)
-+ result = absent_plugin_sd(inode);
-+
-+ reiser4_inode_data(inode)->plugin_mask = mask;
-+ return result;
-+}
-+
-+/* Determine object plugin for @inode based on i_mode.
-+
-+ Many objects in reiser4 file system are controlled by standard object
-+ plugins that emulate traditional unix objects: unix file, directory, symlink, fifo, and so on.
-+
-+ For such files we don't explicitly store plugin id in object stat
-+ data. Rather required plugin is guessed from mode bits, where file "type"
-+ is encoded (see stat(2)).
-+*/
-+static int
-+guess_plugin_by_mode(struct inode *inode /* object to guess plugins for */ )
-+{
-+ int fplug_id;
-+ int dplug_id;
-+ reiser4_inode *info;
-+
-+ assert("nikita-736", inode != NULL);
-+
-+ dplug_id = fplug_id = -1;
-+
-+ switch (inode->i_mode & S_IFMT) {
-+ case S_IFSOCK:
-+ case S_IFBLK:
-+ case S_IFCHR:
-+ case S_IFIFO:
-+ fplug_id = SPECIAL_FILE_PLUGIN_ID;
-+ break;
-+ case S_IFLNK:
-+ fplug_id = SYMLINK_FILE_PLUGIN_ID;
-+ break;
-+ case S_IFDIR:
-+ fplug_id = DIRECTORY_FILE_PLUGIN_ID;
-+ dplug_id = HASHED_DIR_PLUGIN_ID;
-+ break;
-+ default:
-+ warning("nikita-737", "wrong file mode: %o", inode->i_mode);
-+ return RETERR(-EIO);
-+ case S_IFREG:
-+ fplug_id = UNIX_FILE_PLUGIN_ID;
-+ break;
-+ }
-+ info = reiser4_inode_data(inode);
-+ plugin_set_file(&info->pset,
-+ (fplug_id >= 0) ? file_plugin_by_id(fplug_id) : NULL);
-+ plugin_set_dir(&info->pset,
-+ (dplug_id >= 0) ? dir_plugin_by_id(dplug_id) : NULL);
-+ return 0;
-+}
-+
-+/* Audited by: green(2002.06.14) */
-+static int absent_plugin_sd(struct inode *inode /* object being processed */ )
-+{
-+ int result;
-+
-+ assert("nikita-659", inode != NULL);
-+
-+ result = guess_plugin_by_mode(inode);
-+ /* if mode was wrong, guess_plugin_by_mode() returns "regular file",
-+ but setup_inode_ops() will call make_bad_inode().
-+ Another, more logical but bit more complex solution is to add
-+ "bad-file plugin". */
-+ /* FIXME-VS: activate was called here */
-+ return result;
-+}
-+
-+/* helper function for plugin_sd_save_len(): calculate how much space
-+ required to save state of given plugin */
-+/* Audited by: green(2002.06.14) */
-+static int len_for(reiser4_plugin * plugin /* plugin to save */ ,
-+ struct inode *inode /* object being processed */ ,
-+ pset_member memb, int len)
-+{
-+ reiser4_inode *info;
-+ assert("nikita-661", inode != NULL);
-+
-+ info = reiser4_inode_data(inode);
-+ if (plugin != NULL && (info->plugin_mask & (1 << memb))) {
-+ len += sizeof(reiser4_plugin_slot);
-+ if (plugin->h.pops && plugin->h.pops->save_len != NULL) {
-+ /* non-standard plugin, call method */
-+ /* commented as it is incompatible with alignment
-+ * policy in save_plug() -edward */
-+ /* len = round_up(len, plugin->h.pops->alignment); */
-+ len += plugin->h.pops->save_len(inode, plugin);
-+ }
-+ }
-+ return len;
-+}
-+
-+/* calculate how much space is required to save state of all plugins,
-+ associated with inode */
-+static int save_len_plugin_sd(struct inode *inode /* object being processed */ )
-+{
-+ int len;
-+ reiser4_inode *state;
-+ pset_member memb;
-+
-+ assert("nikita-663", inode != NULL);
-+
-+ state = reiser4_inode_data(inode);
-+ /* common case: no non-standard plugins */
-+ if (state->plugin_mask == 0)
-+ return 0;
-+ len = sizeof(reiser4_plugin_stat);
-+ for (memb = 0; memb < PSET_LAST; ++memb)
-+ len = len_for(pset_get(state->pset, memb), inode, memb, len);
-+ assert("nikita-664", len > (int)sizeof(reiser4_plugin_stat));
-+ return len;
-+}
-+
-+/* helper function for plugin_sd_save(): save plugin, associated with
-+ inode. */
-+static int save_plug(reiser4_plugin * plugin /* plugin to save */ ,
-+ struct inode *inode /* object being processed */ ,
-+ pset_member memb /* what element of pset is saved */ ,
-+ char **area /* position in stat-data */ ,
-+ int *count /* incremented if plugin were actually
-+ * saved. */ )
-+{
-+ reiser4_plugin_slot *slot;
-+ int fake_len;
-+ int result;
-+
-+ assert("nikita-665", inode != NULL);
-+ assert("nikita-666", area != NULL);
-+ assert("nikita-667", *area != NULL);
-+
-+ if (plugin == NULL)
-+ return 0;
-+ if (!(reiser4_inode_data(inode)->plugin_mask & (1 << memb)))
-+ return 0;
-+ slot = (reiser4_plugin_slot *) * area;
-+ put_unaligned(cpu_to_le16(memb), &slot->pset_memb);
-+ put_unaligned(cpu_to_le16(plugin->h.id), &slot->id);
-+ fake_len = (int)0xffff;
-+ move_on(&fake_len, area, sizeof *slot);
-+ ++*count;
-+ result = 0;
-+ if (plugin->h.pops != NULL) {
-+ if (plugin->h.pops->save != NULL)
-+ result = plugin->h.pops->save(inode, plugin, area);
-+ }
-+ return result;
-+}
-+
-+/* save state of all non-standard plugins associated with inode */
-+static int save_plugin_sd(struct inode *inode /* object being processed */ ,
-+ char **area /* position in stat-data */ )
-+{
-+ int result = 0;
-+ int num_of_plugins;
-+ reiser4_plugin_stat *sd;
-+ reiser4_inode *state;
-+ int fake_len;
-+ pset_member memb;
-+
-+ assert("nikita-669", inode != NULL);
-+ assert("nikita-670", area != NULL);
-+ assert("nikita-671", *area != NULL);
-+
-+ state = reiser4_inode_data(inode);
-+ if (state->plugin_mask == 0)
-+ return 0;
-+ sd = (reiser4_plugin_stat *) * area;
-+ fake_len = (int)0xffff;
-+ move_on(&fake_len, area, sizeof *sd);
-+
-+ num_of_plugins = 0;
-+ for (memb = 0; memb < PSET_LAST; ++memb) {
-+ result = save_plug(pset_get(state->pset, memb),
-+ inode, memb, area, &num_of_plugins);
-+ if (result != 0)
-+ break;
-+ }
-+
-+ put_unaligned(cpu_to_le16((__u16)num_of_plugins), &sd->plugins_no);
-+ return result;
-+}
-+
-+/* helper function for crypto_sd_present(), crypto_sd_save.
-+ Allocates memory for crypto stat, keyid and attaches it to the inode */
-+static int extract_crypto_stat (struct inode * inode,
-+ reiser4_crypto_stat * sd)
-+{
-+ crypto_stat_t * info;
-+ assert("edward-11", !inode_crypto_stat(inode));
-+ assert("edward-1413",
-+ !inode_get_flag(inode, REISER4_CRYPTO_STAT_LOADED));
-+ /* create and attach a crypto-stat without secret key loaded */
-+ info = alloc_crypto_stat(inode);
-+ if (IS_ERR(info))
-+ return PTR_ERR(info);
-+ info->keysize = le16_to_cpu(get_unaligned(&sd->keysize));
-+ memcpy(info->keyid, sd->keyid, inode_digest_plugin(inode)->fipsize);
-+ attach_crypto_stat(inode, info);
-+ inode_set_flag(inode, REISER4_CRYPTO_STAT_LOADED);
-+ return 0;
-+}
-+
-+/* crypto stat-data extension */
-+
-+static int present_crypto_sd(struct inode *inode, char **area, int *len)
-+{
-+ int result;
-+ reiser4_crypto_stat *sd;
-+ digest_plugin *dplug = inode_digest_plugin(inode);
-+
-+ assert("edward-06", dplug != NULL);
-+ assert("edward-684", dplug->fipsize);
-+ assert("edward-07", area != NULL);
-+ assert("edward-08", *area != NULL);
-+ assert("edward-09", len != NULL);
-+ assert("edward-10", *len > 0);
-+
-+ if (*len < (int)sizeof(reiser4_crypto_stat)) {
-+ return not_enough_space(inode, "crypto-sd");
-+ }
-+ /* *len is number of bytes in stat data item from *area to the end of
-+ item. It must be not less than size of this extension */
-+ assert("edward-75", sizeof(*sd) + dplug->fipsize <= *len);
-+
-+ sd = (reiser4_crypto_stat *) * area;
-+ result = extract_crypto_stat(inode, sd);
-+ move_on(len, area, sizeof(*sd) + dplug->fipsize);
-+
-+ return result;
-+}
-+
-+static int save_len_crypto_sd(struct inode *inode)
-+{
-+ return sizeof(reiser4_crypto_stat) +
-+ inode_digest_plugin(inode)->fipsize;
-+}
-+
-+static int save_crypto_sd(struct inode *inode, char **area)
-+{
-+ int result = 0;
-+ reiser4_crypto_stat *sd;
-+ crypto_stat_t * info = inode_crypto_stat(inode);
-+ digest_plugin *dplug = inode_digest_plugin(inode);
-+
-+ assert("edward-12", dplug != NULL);
-+ assert("edward-13", area != NULL);
-+ assert("edward-14", *area != NULL);
-+ assert("edward-15", info != NULL);
-+ assert("edward-1414", info->keyid != NULL);
-+ assert("edward-1415", info->keysize != 0);
-+ assert("edward-76", reiser4_inode_data(inode) != NULL);
-+
-+ if (!inode_get_flag(inode, REISER4_CRYPTO_STAT_LOADED)) {
-+ /* file is just created */
-+ sd = (reiser4_crypto_stat *) *area;
-+ /* copy everything but private key to the disk stat-data */
-+ put_unaligned(cpu_to_le16(info->keysize), &sd->keysize);
-+ memcpy(sd->keyid, info->keyid, (size_t) dplug->fipsize);
-+ inode_set_flag(inode, REISER4_CRYPTO_STAT_LOADED);
-+ }
-+ *area += (sizeof(*sd) + dplug->fipsize);
-+ return result;
-+}
-+
-+static int eio(struct inode *inode, char **area, int *len)
-+{
-+ return RETERR(-EIO);
-+}
-+
-+sd_ext_plugin sd_ext_plugins[LAST_SD_EXTENSION] = {
-+ [LIGHT_WEIGHT_STAT] = {
-+ .h = {
-+ .type_id = REISER4_SD_EXT_PLUGIN_TYPE,
-+ .id = LIGHT_WEIGHT_STAT,
-+ .pops = NULL,
-+ .label = "light-weight sd",
-+ .desc = "sd for light-weight files",
-+ .linkage = {NULL,NULL}
-+ },
-+ .present = present_lw_sd,
-+ .absent = NULL,
-+ .save_len = save_len_lw_sd,
-+ .save = save_lw_sd,
-+ .alignment = 8
-+ },
-+ [UNIX_STAT] = {
-+ .h = {
-+ .type_id = REISER4_SD_EXT_PLUGIN_TYPE,
-+ .id = UNIX_STAT,
-+ .pops = NULL,
-+ .label = "unix-sd",
-+ .desc = "unix stat-data fields",
-+ .linkage = {NULL,NULL}
-+ },
-+ .present = present_unix_sd,
-+ .absent = absent_unix_sd,
-+ .save_len = save_len_unix_sd,
-+ .save = save_unix_sd,
-+ .alignment = 8
-+ },
-+ [LARGE_TIMES_STAT] = {
-+ .h = {
-+ .type_id = REISER4_SD_EXT_PLUGIN_TYPE,
-+ .id = LARGE_TIMES_STAT,
-+ .pops = NULL,
-+ .label = "64time-sd",
-+ .desc = "nanosecond resolution for times",
-+ .linkage = {NULL,NULL}
-+ },
-+ .present = present_large_times_sd,
-+ .absent = NULL,
-+ .save_len = save_len_large_times_sd,
-+ .save = save_large_times_sd,
-+ .alignment = 8
-+ },
-+ [SYMLINK_STAT] = {
-+ /* stat data of symlink has this extension */
-+ .h = {
-+ .type_id = REISER4_SD_EXT_PLUGIN_TYPE,
-+ .id = SYMLINK_STAT,
-+ .pops = NULL,
-+ .label = "symlink-sd",
-+ .desc =
-+ "stat data is appended with symlink name",
-+ .linkage = {NULL,NULL}
-+ },
-+ .present = present_symlink_sd,
-+ .absent = NULL,
-+ .save_len = save_len_symlink_sd,
-+ .save = save_symlink_sd,
-+ .alignment = 8
-+ },
-+ [PLUGIN_STAT] = {
-+ .h = {
-+ .type_id = REISER4_SD_EXT_PLUGIN_TYPE,
-+ .id = PLUGIN_STAT,
-+ .pops = NULL,
-+ .label = "plugin-sd",
-+ .desc = "plugin stat-data fields",
-+ .linkage = {NULL,NULL}
-+ },
-+ .present = present_plugin_sd,
-+ .absent = absent_plugin_sd,
-+ .save_len = save_len_plugin_sd,
-+ .save = save_plugin_sd,
-+ .alignment = 8
-+ },
-+ [FLAGS_STAT] = {
-+ .h = {
-+ .type_id = REISER4_SD_EXT_PLUGIN_TYPE,
-+ .id = FLAGS_STAT,
-+ .pops = NULL,
-+ .label = "flags-sd",
-+ .desc = "inode bit flags",
-+ .linkage = {NULL, NULL}
-+ },
-+ .present = present_flags_sd,
-+ .absent = NULL,
-+ .save_len = save_len_flags_sd,
-+ .save = save_flags_sd,
-+ .alignment = 8
-+ },
-+ [CAPABILITIES_STAT] = {
-+ .h = {
-+ .type_id = REISER4_SD_EXT_PLUGIN_TYPE,
-+ .id = CAPABILITIES_STAT,
-+ .pops = NULL,
-+ .label = "capabilities-sd",
-+ .desc = "capabilities",
-+ .linkage = {NULL, NULL}
-+ },
-+ .present = eio,
-+ .absent = NULL,
-+ .save_len = save_len_flags_sd,
-+ .save = save_flags_sd,
-+ .alignment = 8
-+ },
-+ [CRYPTO_STAT] = {
-+ .h = {
-+ .type_id = REISER4_SD_EXT_PLUGIN_TYPE,
-+ .id = CRYPTO_STAT,
-+ .pops = NULL,
-+ .label = "crypto-sd",
-+ .desc = "secret key size and id",
-+ .linkage = {NULL, NULL}
-+ },
-+ .present = present_crypto_sd,
-+ .absent = NULL,
-+ .save_len = save_len_crypto_sd,
-+ .save = save_crypto_sd,
-+ .alignment = 8
-+ }
-+};
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/item/static_stat.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/item/static_stat.h
-@@ -0,0 +1,219 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* This describes the static_stat item, used to hold all information needed by the stat() syscall.
-+
-+In the case where each file has not less than the fields needed by the
-+stat() syscall, it is more compact to store those fields in this
-+struct.
-+
-+If this item does not exist, then all stats are dynamically resolved.
-+At the moment, we either resolve all stats dynamically or all of them
-+statically. If you think this is not fully optimal, and the rest of
-+reiser4 is working, then fix it...:-)
-+
-+*/
-+
-+#if !defined( __FS_REISER4_PLUGIN_ITEM_STATIC_STAT_H__ )
-+#define __FS_REISER4_PLUGIN_ITEM_STATIC_STAT_H__
-+
-+#include "../../forward.h"
-+#include "../../dformat.h"
-+
-+#include <linux/fs.h> /* for struct inode */
-+
-+/* Stat data layout: goals and implementation.
-+
-+ We want to be able to have lightweight files which have complete flexibility in what semantic metadata is attached to
-+ them, including not having semantic metadata attached to them.
-+
-+ There is one problem with doing that, which is that if in fact you have exactly the same metadata for most files you
-+ want to store, then it takes more space to store that metadata in a dynamically sized structure than in a statically
-+ sized structure because the statically sized structure knows without recording it what the names and lengths of the
-+ attributes are.
-+
-+ This leads to a natural compromise, which is to special case those files which have simply the standard unix file
-+ attributes, and only employ the full dynamic stat data mechanism for those files that differ from the standard unix
-+ file in their use of file attributes.
-+
-+ Yet this compromise deserves to be compromised a little.
-+
-+ We accommodate the case where you have no more than the standard unix file attributes by using an "extension
-+ bitmask": each bit in it indicates presence or absence of or particular stat data extension (see sd_ext_bits enum).
-+
-+ If the first bit of the extension bitmask bit is 0, we have light-weight file whose attributes are either inherited
-+ from parent directory (as uid, gid) or initialised to some sane values.
-+
-+ To capitalize on existing code infrastructure, extensions are
-+ implemented as plugins of type REISER4_SD_EXT_PLUGIN_TYPE.
-+ Each stat-data extension plugin implements four methods:
-+
-+ ->present() called by sd_load() when this extension is found in stat-data
-+ ->absent() called by sd_load() when this extension is not found in stat-data
-+ ->save_len() called by sd_len() to calculate total length of stat-data
-+ ->save() called by sd_save() to store extension data into stat-data
-+
-+ Implementation is in fs/reiser4/plugin/item/static_stat.c
-+*/
-+
-+/* stat-data extension. Please order this by presumed frequency of use */
-+typedef enum {
-+ /* support for light-weight files */
-+ LIGHT_WEIGHT_STAT,
-+ /* data required to implement unix stat(2) call. Layout is in
-+ reiser4_unix_stat. If this is not present, file is light-weight */
-+ UNIX_STAT,
-+ /* this contains additional set of 32bit [anc]time fields to implement
-+ nanosecond resolution. Layout is in reiser4_large_times_stat. Usage
-+ if this extension is governed by 32bittimes mount option. */
-+ LARGE_TIMES_STAT,
-+ /* stat data has link name included */
-+ SYMLINK_STAT,
-+ /* if this is present, file is controlled by non-standard
-+ plugin (that is, plugin that cannot be deduced from file
-+ mode bits), for example, aggregation, interpolation etc. */
-+ PLUGIN_STAT,
-+ /* this extension contains persistent inode flags. These flags are
-+ single bits: immutable, append, only, etc. Layout is in
-+ reiser4_flags_stat. */
-+ FLAGS_STAT,
-+ /* this extension contains capabilities sets, associated with this
-+ file. Layout is in reiser4_capabilities_stat */
-+ CAPABILITIES_STAT,
-+ /* this extension contains size and public id of the secret key.
-+ Layout is in reiser4_crypto_stat */
-+ CRYPTO_STAT,
-+ LAST_SD_EXTENSION,
-+ /*
-+ * init_inode_static_sd() iterates over extension mask until all
-+ * non-zero bits are processed. This means, that neither ->present(),
-+ * nor ->absent() methods will be called for stat-data extensions that
-+ * go after last present extension. But some basic extensions, we want
-+ * either ->absent() or ->present() method to be called, because these
-+ * extensions set up something in inode even when they are not
-+ * present. This is what LAST_IMPORTANT_SD_EXTENSION is for: for all
-+ * extensions before and including LAST_IMPORTANT_SD_EXTENSION either
-+ * ->present(), or ->absent() method will be called, independently of
-+ * what other extensions are present.
-+ */
-+ LAST_IMPORTANT_SD_EXTENSION = PLUGIN_STAT,
-+} sd_ext_bits;
-+
-+/* minimal stat-data. This allows to support light-weight files. */
-+typedef struct reiser4_stat_data_base {
-+ /* 0 */ __le16 extmask;
-+ /* 2 */
-+} PACKED reiser4_stat_data_base;
-+
-+typedef struct reiser4_light_weight_stat {
-+ /* 0 */ __le16 mode;
-+ /* 2 */ __le32 nlink;
-+ /* 8 */ __le64 size;
-+ /* size in bytes */
-+ /* 16 */
-+} PACKED reiser4_light_weight_stat;
-+
-+typedef struct reiser4_unix_stat {
-+ /* owner id */
-+ /* 0 */ __le32 uid;
-+ /* group id */
-+ /* 4 */ __le32 gid;
-+ /* access time */
-+ /* 8 */ __le32 atime;
-+ /* modification time */
-+ /* 12 */ __le32 mtime;
-+ /* change time */
-+ /* 16 */ __le32 ctime;
-+ union {
-+ /* minor:major for device files */
-+ /* 20 */ __le64 rdev;
-+ /* bytes used by file */
-+ /* 20 */ __le64 bytes;
-+ } u;
-+ /* 28 */
-+} PACKED reiser4_unix_stat;
-+
-+/* symlink stored as part of inode */
-+typedef struct reiser4_symlink_stat {
-+ char body[0];
-+} PACKED reiser4_symlink_stat;
-+
-+typedef struct reiser4_plugin_slot {
-+ /* 0 */ __le16 pset_memb;
-+ /* 2 */ __le16 id;
-+ /* 4 *//* here plugin stores its persistent state */
-+} PACKED reiser4_plugin_slot;
-+
-+/* stat-data extension for files with non-standard plugin. */
-+typedef struct reiser4_plugin_stat {
-+ /* number of additional plugins, associated with this object */
-+ /* 0 */ __le16 plugins_no;
-+ /* 2 */ reiser4_plugin_slot slot[0];
-+ /* 2 */
-+} PACKED reiser4_plugin_stat;
-+
-+/* stat-data extension for inode flags. Currently it is just fixed-width 32
-+ * bit mask. If need arise, this can be replaced with variable width
-+ * bitmask. */
-+typedef struct reiser4_flags_stat {
-+ /* 0 */ __le32 flags;
-+ /* 4 */
-+} PACKED reiser4_flags_stat;
-+
-+typedef struct reiser4_capabilities_stat {
-+ /* 0 */ __le32 effective;
-+ /* 8 */ __le32 permitted;
-+ /* 16 */
-+} PACKED reiser4_capabilities_stat;
-+
-+typedef struct reiser4_cluster_stat {
-+/* this defines cluster size (an attribute of cryptcompress objects) as PAGE_SIZE << cluster shift */
-+ /* 0 */ d8 cluster_shift;
-+ /* 1 */
-+} PACKED reiser4_cluster_stat;
-+
-+typedef struct reiser4_crypto_stat {
-+ /* secret key size, bits */
-+ /* 0 */ d16 keysize;
-+ /* secret key id */
-+ /* 2 */ d8 keyid[0];
-+ /* 2 */
-+} PACKED reiser4_crypto_stat;
-+
-+typedef struct reiser4_large_times_stat {
-+ /* access time */
-+ /* 0 */ d32 atime;
-+ /* modification time */
-+ /* 8 */ d32 mtime;
-+ /* change time */
-+ /* 16 */ d32 ctime;
-+ /* 24 */
-+} PACKED reiser4_large_times_stat;
-+
-+/* this structure is filled by sd_item_stat */
-+typedef struct sd_stat {
-+ int dirs;
-+ int files;
-+ int others;
-+} sd_stat;
-+
-+/* plugin->item.common.* */
-+extern void print_sd(const char *prefix, coord_t * coord);
-+extern void item_stat_static_sd(const coord_t * coord, void *vp);
-+
-+/* plugin->item.s.sd.* */
-+extern int init_inode_static_sd(struct inode *inode, char *sd, int len);
-+extern int save_len_static_sd(struct inode *inode);
-+extern int save_static_sd(struct inode *inode, char **area);
-+
-+/* __FS_REISER4_PLUGIN_ITEM_STATIC_STAT_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/item/tail.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/item/tail.c
-@@ -0,0 +1,805 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+#include "item.h"
-+#include "../../inode.h"
-+#include "../../page_cache.h"
-+#include "../../carry.h"
-+#include "../../vfs_ops.h"
-+
-+#include <linux/quotaops.h>
-+#include <asm/uaccess.h>
-+#include <linux/swap.h>
-+#include <linux/writeback.h>
-+
-+/* plugin->u.item.b.max_key_inside */
-+reiser4_key *max_key_inside_tail(const coord_t *coord, reiser4_key *key)
-+{
-+ item_key_by_coord(coord, key);
-+ set_key_offset(key, get_key_offset(max_key()));
-+ return key;
-+}
-+
-+/* plugin->u.item.b.can_contain_key */
-+int can_contain_key_tail(const coord_t *coord, const reiser4_key *key,
-+ const reiser4_item_data *data)
-+{
-+ reiser4_key item_key;
-+
-+ if (item_plugin_by_coord(coord) != data->iplug)
-+ return 0;
-+
-+ item_key_by_coord(coord, &item_key);
-+ if (get_key_locality(key) != get_key_locality(&item_key) ||
-+ get_key_objectid(key) != get_key_objectid(&item_key))
-+ return 0;
-+
-+ return 1;
-+}
-+
-+/* plugin->u.item.b.mergeable
-+ first item is of tail type */
-+/* Audited by: green(2002.06.14) */
-+int mergeable_tail(const coord_t *p1, const coord_t *p2)
-+{
-+ reiser4_key key1, key2;
-+
-+ assert("vs-535",
-+ item_type_by_coord(p1) == UNIX_FILE_METADATA_ITEM_TYPE);
-+ assert("vs-365", item_id_by_coord(p1) == FORMATTING_ID);
-+
-+ if (item_id_by_coord(p2) != FORMATTING_ID) {
-+ /* second item is of another type */
-+ return 0;
-+ }
-+
-+ item_key_by_coord(p1, &key1);
-+ item_key_by_coord(p2, &key2);
-+ if (get_key_locality(&key1) != get_key_locality(&key2) ||
-+ get_key_objectid(&key1) != get_key_objectid(&key2)
-+ || get_key_type(&key1) != get_key_type(&key2)) {
-+ /* items of different objects */
-+ return 0;
-+ }
-+ if (get_key_offset(&key1) + nr_units_tail(p1) != get_key_offset(&key2)) {
-+ /* not adjacent items */
-+ return 0;
-+ }
-+ return 1;
-+}
-+
-+/* plugin->u.item.b.print
-+ plugin->u.item.b.check */
-+
-+/* plugin->u.item.b.nr_units */
-+pos_in_node_t nr_units_tail(const coord_t * coord)
-+{
-+ return item_length_by_coord(coord);
-+}
-+
-+/* plugin->u.item.b.lookup */
-+lookup_result
-+lookup_tail(const reiser4_key * key, lookup_bias bias, coord_t * coord)
-+{
-+ reiser4_key item_key;
-+ __u64 lookuped, offset;
-+ unsigned nr_units;
-+
-+ item_key_by_coord(coord, &item_key);
-+ offset = get_key_offset(item_key_by_coord(coord, &item_key));
-+ nr_units = nr_units_tail(coord);
-+
-+ /* key we are looking for must be greater than key of item @coord */
-+ assert("vs-416", keygt(key, &item_key));
-+
-+ /* offset we are looking for */
-+ lookuped = get_key_offset(key);
-+
-+ if (lookuped >= offset && lookuped < offset + nr_units) {
-+ /* byte we are looking for is in this item */
-+ coord->unit_pos = lookuped - offset;
-+ coord->between = AT_UNIT;
-+ return CBK_COORD_FOUND;
-+ }
-+
-+ /* set coord after last unit */
-+ coord->unit_pos = nr_units - 1;
-+ coord->between = AFTER_UNIT;
-+ return bias ==
-+ FIND_MAX_NOT_MORE_THAN ? CBK_COORD_FOUND : CBK_COORD_NOTFOUND;
-+}
-+
-+/* plugin->u.item.b.paste */
-+int
-+paste_tail(coord_t *coord, reiser4_item_data *data,
-+ carry_plugin_info *info UNUSED_ARG)
-+{
-+ unsigned old_item_length;
-+ char *item;
-+
-+ /* length the item had before resizing has been performed */
-+ old_item_length = item_length_by_coord(coord) - data->length;
-+
-+ /* tail items never get pasted in the middle */
-+ assert("vs-363",
-+ (coord->unit_pos == 0 && coord->between == BEFORE_UNIT) ||
-+ (coord->unit_pos == old_item_length - 1 &&
-+ coord->between == AFTER_UNIT) ||
-+ (coord->unit_pos == 0 && old_item_length == 0
-+ && coord->between == AT_UNIT));
-+
-+ item = item_body_by_coord(coord);
-+ if (coord->unit_pos == 0)
-+ /* make space for pasted data when pasting at the beginning of
-+ the item */
-+ memmove(item + data->length, item, old_item_length);
-+
-+ if (coord->between == AFTER_UNIT)
-+ coord->unit_pos++;
-+
-+ if (data->data) {
-+ assert("vs-554", data->user == 0 || data->user == 1);
-+ if (data->user) {
-+ assert("nikita-3035", schedulable());
-+ /* copy from user space */
-+ if (__copy_from_user(item + coord->unit_pos,
-+ (const char __user *)data->data,
-+ (unsigned)data->length))
-+ return RETERR(-EFAULT);
-+ } else
-+ /* copy from kernel space */
-+ memcpy(item + coord->unit_pos, data->data,
-+ (unsigned)data->length);
-+ } else {
-+ memset(item + coord->unit_pos, 0, (unsigned)data->length);
-+ }
-+ return 0;
-+}
-+
-+/* plugin->u.item.b.fast_paste */
-+
-+/* plugin->u.item.b.can_shift
-+ number of units is returned via return value, number of bytes via @size. For
-+ tail items they coincide */
-+int
-+can_shift_tail(unsigned free_space, coord_t * source UNUSED_ARG,
-+ znode * target UNUSED_ARG, shift_direction direction UNUSED_ARG,
-+ unsigned *size, unsigned want)
-+{
-+ /* make sure that that we do not want to shift more than we have */
-+ assert("vs-364", want > 0
-+ && want <= (unsigned)item_length_by_coord(source));
-+
-+ *size = min(want, free_space);
-+ return *size;
-+}
-+
-+/* plugin->u.item.b.copy_units */
-+void
-+copy_units_tail(coord_t * target, coord_t * source,
-+ unsigned from, unsigned count,
-+ shift_direction where_is_free_space,
-+ unsigned free_space UNUSED_ARG)
-+{
-+ /* make sure that item @target is expanded already */
-+ assert("vs-366", (unsigned)item_length_by_coord(target) >= count);
-+ assert("vs-370", free_space >= count);
-+
-+ if (where_is_free_space == SHIFT_LEFT) {
-+ /* append item @target with @count first bytes of @source */
-+ assert("vs-365", from == 0);
-+
-+ memcpy((char *)item_body_by_coord(target) +
-+ item_length_by_coord(target) - count,
-+ (char *)item_body_by_coord(source), count);
-+ } else {
-+ /* target item is moved to right already */
-+ reiser4_key key;
-+
-+ assert("vs-367",
-+ (unsigned)item_length_by_coord(source) == from + count);
-+
-+ memcpy((char *)item_body_by_coord(target),
-+ (char *)item_body_by_coord(source) + from, count);
-+
-+ /* new units are inserted before first unit in an item,
-+ therefore, we have to update item key */
-+ item_key_by_coord(source, &key);
-+ set_key_offset(&key, get_key_offset(&key) + from);
-+
-+ node_plugin_by_node(target->node)->update_item_key(target, &key,
-+ NULL /*info */);
-+ }
-+}
-+
-+/* plugin->u.item.b.create_hook */
-+
-+/* item_plugin->b.kill_hook
-+ this is called when @count units starting from @from-th one are going to be removed
-+ */
-+int
-+kill_hook_tail(const coord_t * coord, pos_in_node_t from,
-+ pos_in_node_t count, struct carry_kill_data *kdata)
-+{
-+ reiser4_key key;
-+ loff_t start, end;
-+
-+ assert("vs-1577", kdata);
-+ assert("vs-1579", kdata->inode);
-+
-+ item_key_by_coord(coord, &key);
-+ start = get_key_offset(&key) + from;
-+ end = start + count;
-+ fake_kill_hook_tail(kdata->inode, start, end, kdata->params.truncate);
-+ return 0;
-+}
-+
-+/* plugin->u.item.b.shift_hook */
-+
-+/* helper for kill_units_tail and cut_units_tail */
-+static int
-+do_cut_or_kill(coord_t * coord, pos_in_node_t from, pos_in_node_t to,
-+ reiser4_key * smallest_removed, reiser4_key * new_first)
-+{
-+ pos_in_node_t count;
-+
-+ /* this method is only called to remove part of item */
-+ assert("vs-374", (to - from + 1) < item_length_by_coord(coord));
-+ /* tails items are never cut from the middle of an item */
-+ assert("vs-396", ergo(from != 0, to == coord_last_unit_pos(coord)));
-+ assert("vs-1558", ergo(from == 0, to < coord_last_unit_pos(coord)));
-+
-+ count = to - from + 1;
-+
-+ if (smallest_removed) {
-+ /* store smallest key removed */
-+ item_key_by_coord(coord, smallest_removed);
-+ set_key_offset(smallest_removed,
-+ get_key_offset(smallest_removed) + from);
-+ }
-+ if (new_first) {
-+ /* head of item is cut */
-+ assert("vs-1529", from == 0);
-+
-+ item_key_by_coord(coord, new_first);
-+ set_key_offset(new_first,
-+ get_key_offset(new_first) + from + count);
-+ }
-+
-+ if (REISER4_DEBUG)
-+ memset((char *)item_body_by_coord(coord) + from, 0, count);
-+ return count;
-+}
-+
-+/* plugin->u.item.b.cut_units */
-+int
-+cut_units_tail(coord_t * coord, pos_in_node_t from, pos_in_node_t to,
-+ struct carry_cut_data *cdata UNUSED_ARG,
-+ reiser4_key * smallest_removed, reiser4_key * new_first)
-+{
-+ return do_cut_or_kill(coord, from, to, smallest_removed, new_first);
-+}
-+
-+/* plugin->u.item.b.kill_units */
-+int
-+kill_units_tail(coord_t * coord, pos_in_node_t from, pos_in_node_t to,
-+ struct carry_kill_data *kdata, reiser4_key * smallest_removed,
-+ reiser4_key * new_first)
-+{
-+ kill_hook_tail(coord, from, to - from + 1, kdata);
-+ return do_cut_or_kill(coord, from, to, smallest_removed, new_first);
-+}
-+
-+/* plugin->u.item.b.unit_key */
-+reiser4_key *unit_key_tail(const coord_t * coord, reiser4_key * key)
-+{
-+ assert("vs-375", coord_is_existing_unit(coord));
-+
-+ item_key_by_coord(coord, key);
-+ set_key_offset(key, (get_key_offset(key) + coord->unit_pos));
-+
-+ return key;
-+}
-+
-+/* plugin->u.item.b.estimate
-+ plugin->u.item.b.item_data_by_flow */
-+
-+/* tail redpage function. It is called from readpage_tail(). */
-+static int do_readpage_tail(uf_coord_t *uf_coord, struct page *page)
-+{
-+ tap_t tap;
-+ int result;
-+ coord_t coord;
-+ lock_handle lh;
-+ int count, mapped;
-+ struct inode *inode;
-+ char *pagedata;
-+
-+ /* saving passed coord in order to do not move it by tap. */
-+ init_lh(&lh);
-+ copy_lh(&lh, uf_coord->lh);
-+ inode = page->mapping->host;
-+ coord_dup(&coord, &uf_coord->coord);
-+
-+ tap_init(&tap, &coord, &lh, ZNODE_READ_LOCK);
-+
-+ if ((result = tap_load(&tap)))
-+ goto out_tap_done;
-+
-+ /* lookup until page is filled up. */
-+ for (mapped = 0; mapped < PAGE_CACHE_SIZE; ) {
-+ /* number of bytes to be copied to page */
-+ count = item_length_by_coord(&coord) - coord.unit_pos;
-+ if (count > PAGE_CACHE_SIZE - mapped)
-+ count = PAGE_CACHE_SIZE - mapped;
-+
-+ /* attach @page to address space and get data address */
-+ pagedata = kmap_atomic(page, KM_USER0);
-+
-+ /* copy tail item to page */
-+ memcpy(pagedata + mapped,
-+ ((char *)item_body_by_coord(&coord) + coord.unit_pos),
-+ count);
-+ mapped += count;
-+
-+ flush_dcache_page(page);
-+
-+ /* dettach page from address space */
-+ kunmap_atomic(pagedata, KM_USER0);
-+
-+ /* Getting next tail item. */
-+ if (mapped < PAGE_CACHE_SIZE) {
-+ /*
-+ * unlock page in order to avoid keep it locked
-+ * during tree lookup, which takes long term locks
-+ */
-+ unlock_page(page);
-+
-+ /* getting right neighbour. */
-+ result = go_dir_el(&tap, RIGHT_SIDE, 0);
-+
-+ /* lock page back */
-+ lock_page(page);
-+ if (PageUptodate(page)) {
-+ /*
-+ * another thread read the page, we have
-+ * nothing to do
-+ */
-+ result = 0;
-+ goto out_unlock_page;
-+ }
-+
-+ if (result) {
-+ if (result == -E_NO_NEIGHBOR) {
-+ /*
-+ * rigth neighbor is not a formatted
-+ * node
-+ */
-+ result = 0;
-+ goto done;
-+ } else {
-+ goto out_tap_relse;
-+ }
-+ } else {
-+ if (!inode_file_plugin(inode)->
-+ owns_item(inode, &coord)) {
-+ /* item of another file is found */
-+ result = 0;
-+ goto done;
-+ }
-+ }
-+ }
-+ }
-+
-+ done:
-+ if (mapped != PAGE_CACHE_SIZE) {
-+ pagedata = kmap_atomic(page, KM_USER0);
-+ memset(pagedata + mapped, 0, PAGE_CACHE_SIZE - mapped);
-+ flush_dcache_page(page);
-+ kunmap_atomic(pagedata, KM_USER0);
-+ }
-+ SetPageUptodate(page);
-+ out_unlock_page:
-+ unlock_page(page);
-+ out_tap_relse:
-+ tap_relse(&tap);
-+ out_tap_done:
-+ tap_done(&tap);
-+ return result;
-+}
-+
-+/*
-+ plugin->s.file.readpage
-+ reiser4_read->unix_file_read->page_cache_readahead->reiser4_readpage->unix_file_readpage->readpage_tail
-+ or
-+ filemap_nopage->reiser4_readpage->readpage_unix_file->->readpage_tail
-+
-+ At the beginning: coord->node is read locked, zloaded, page is locked, coord is set to existing unit inside of tail
-+ item. */
-+int readpage_tail(void *vp, struct page *page)
-+{
-+ uf_coord_t *uf_coord = vp;
-+ ON_DEBUG(coord_t * coord = &uf_coord->coord);
-+ ON_DEBUG(reiser4_key key);
-+
-+ assert("umka-2515", PageLocked(page));
-+ assert("umka-2516", !PageUptodate(page));
-+ assert("umka-2517", !jprivate(page) && !PagePrivate(page));
-+ assert("umka-2518", page->mapping && page->mapping->host);
-+
-+ assert("umka-2519", znode_is_loaded(coord->node));
-+ assert("umka-2520", item_is_tail(coord));
-+ assert("umka-2521", coord_is_existing_unit(coord));
-+ assert("umka-2522", znode_is_rlocked(coord->node));
-+ assert("umka-2523",
-+ page->mapping->host->i_ino ==
-+ get_key_objectid(item_key_by_coord(coord, &key)));
-+
-+ return do_readpage_tail(uf_coord, page);
-+}
-+
-+/**
-+ * overwrite_tail
-+ * @flow:
-+ * @coord:
-+ *
-+ * Overwrites tail item or its part by user data. Returns number of bytes
-+ * written or error code.
-+ */
-+static int overwrite_tail(flow_t *flow, coord_t *coord)
-+{
-+ unsigned count;
-+
-+ assert("vs-570", flow->user == 1);
-+ assert("vs-946", flow->data);
-+ assert("vs-947", coord_is_existing_unit(coord));
-+ assert("vs-948", znode_is_write_locked(coord->node));
-+ assert("nikita-3036", schedulable());
-+
-+ count = item_length_by_coord(coord) - coord->unit_pos;
-+ if (count > flow->length)
-+ count = flow->length;
-+
-+ if (__copy_from_user((char *)item_body_by_coord(coord) + coord->unit_pos,
-+ (const char __user *)flow->data, count))
-+ return RETERR(-EFAULT);
-+
-+ znode_make_dirty(coord->node);
-+ return count;
-+}
-+
-+/**
-+ * insert_first_tail
-+ * @inode:
-+ * @flow:
-+ * @coord:
-+ * @lh:
-+ *
-+ * Returns number of bytes written or error code.
-+ */
-+static ssize_t insert_first_tail(struct inode *inode, flow_t *flow,
-+ coord_t *coord, lock_handle *lh)
-+{
-+ int result;
-+ loff_t to_write;
-+ unix_file_info_t *uf_info;
-+
-+ if (get_key_offset(&flow->key) != 0) {
-+ /*
-+ * file is empty and we have to write not to the beginning of
-+ * file. Create a hole at the beginning of file. On success
-+ * insert_flow returns 0 as number of written bytes which is
-+ * what we have to return on padding a file with holes
-+ */
-+ flow->data = NULL;
-+ flow->length = get_key_offset(&flow->key);
-+ set_key_offset(&flow->key, 0);
-+ /*
-+ * holes in files built of tails are stored just like if there
-+ * were real data which are all zeros. Therefore we have to
-+ * allocate quota here as well
-+ */
-+ if (DQUOT_ALLOC_SPACE_NODIRTY(inode, flow->length))
-+ return RETERR(-EDQUOT);
-+ result = insert_flow(coord, lh, flow);
-+ if (flow->length)
-+ DQUOT_FREE_SPACE_NODIRTY(inode, flow->length);
-+
-+ uf_info = unix_file_inode_data(inode);
-+
-+ /*
-+ * first item insertion is only possible when writing to empty
-+ * file or performing tail conversion
-+ */
-+ assert("", (uf_info->container == UF_CONTAINER_EMPTY ||
-+ (inode_get_flag(inode, REISER4_PART_MIXED) &&
-+ inode_get_flag(inode, REISER4_PART_IN_CONV))));
-+
-+ /* if file was empty - update its state */
-+ if (result == 0 && uf_info->container == UF_CONTAINER_EMPTY)
-+ uf_info->container = UF_CONTAINER_TAILS;
-+ return result;
-+ }
-+
-+ /* check quota before appending data */
-+ if (DQUOT_ALLOC_SPACE_NODIRTY(inode, flow->length))
-+ return RETERR(-EDQUOT);
-+
-+ to_write = flow->length;
-+ result = insert_flow(coord, lh, flow);
-+ if (flow->length)
-+ DQUOT_FREE_SPACE_NODIRTY(inode, flow->length);
-+ return (to_write - flow->length) ? (to_write - flow->length) : result;
-+}
-+
-+/**
-+ * append_tail
-+ * @inode:
-+ * @flow:
-+ * @coord:
-+ * @lh:
-+ *
-+ * Returns number of bytes written or error code.
-+ */
-+static ssize_t append_tail(struct inode *inode,
-+ flow_t *flow, coord_t *coord, lock_handle *lh)
-+{
-+ int result;
-+ reiser4_key append_key;
-+ loff_t to_write;
-+
-+ if (!keyeq(&flow->key, append_key_tail(coord, &append_key))) {
-+ flow->data = NULL;
-+ flow->length = get_key_offset(&flow->key) - get_key_offset(&append_key);
-+ set_key_offset(&flow->key, get_key_offset(&append_key));
-+ /*
-+ * holes in files built of tails are stored just like if there
-+ * were real data which are all zeros. Therefore we have to
-+ * allocate quota here as well
-+ */
-+ if (DQUOT_ALLOC_SPACE_NODIRTY(inode, flow->length))
-+ return RETERR(-EDQUOT);
-+ result = insert_flow(coord, lh, flow);
-+ if (flow->length)
-+ DQUOT_FREE_SPACE_NODIRTY(inode, flow->length);
-+ return result;
-+ }
-+
-+ /* check quota before appending data */
-+ if (DQUOT_ALLOC_SPACE_NODIRTY(inode, flow->length))
-+ return RETERR(-EDQUOT);
-+
-+ to_write = flow->length;
-+ result = insert_flow(coord, lh, flow);
-+ if (flow->length)
-+ DQUOT_FREE_SPACE_NODIRTY(inode, flow->length);
-+ return (to_write - flow->length) ? (to_write - flow->length) : result;
-+}
-+
-+/**
-+ * write_tail_reserve_space - reserve space for tail write operation
-+ * @inode:
-+ *
-+ * Estimates and reserves space which may be required for writing one flow to a
-+ * file
-+ */
-+static int write_extent_reserve_space(struct inode *inode)
-+{
-+ __u64 count;
-+ reiser4_tree *tree;
-+
-+ /*
-+ * to write one flow to a file by tails we have to reserve disk space for:
-+
-+ * 1. find_file_item may have to insert empty node to the tree (empty
-+ * leaf node between two extent items). This requires 1 block and
-+ * number of blocks which are necessary to perform insertion of an
-+ * internal item into twig level.
-+ *
-+ * 2. flow insertion
-+ *
-+ * 3. stat data update
-+ */
-+ tree = tree_by_inode(inode);
-+ count = estimate_one_insert_item(tree) +
-+ estimate_insert_flow(tree->height) +
-+ estimate_one_insert_item(tree);
-+ grab_space_enable();
-+ return reiser4_grab_space(count, 0 /* flags */);
-+}
-+
-+#define PAGE_PER_FLOW 4
-+
-+static loff_t faultin_user_pages(const char __user *buf, size_t count)
-+{
-+ loff_t faulted;
-+ int to_fault;
-+
-+ if (count > PAGE_PER_FLOW * PAGE_CACHE_SIZE)
-+ count = PAGE_PER_FLOW * PAGE_CACHE_SIZE;
-+ faulted = 0;
-+ while (count > 0) {
-+ to_fault = PAGE_CACHE_SIZE;
-+ if (count < to_fault)
-+ to_fault = count;
-+ fault_in_pages_readable(buf + faulted, to_fault);
-+ count -= to_fault;
-+ faulted += to_fault;
-+ }
-+ return faulted;
-+}
-+
-+/**
-+ * write_extent - write method of tail item plugin
-+ * @file: file to write to
-+ * @buf: address of user-space buffer
-+ * @count: number of bytes to write
-+ * @pos: position in file to write to
-+ *
-+ * Returns number of written bytes or error code.
-+ */
-+ssize_t write_tail(struct file *file, const char __user *buf, size_t count,
-+ loff_t *pos)
-+{
-+ struct inode *inode;
-+ struct hint hint;
-+ int result;
-+ flow_t flow;
-+ coord_t *coord;
-+ lock_handle *lh;
-+ znode *loaded;
-+
-+ inode = file->f_dentry->d_inode;
-+
-+ if (write_extent_reserve_space(inode))
-+ return RETERR(-ENOSPC);
-+
-+ result = load_file_hint(file, &hint);
-+ BUG_ON(result != 0);
-+
-+ flow.length = faultin_user_pages(buf, count);
-+ flow.user = 1;
-+ memcpy(&flow.data, &buf, sizeof(buf));
-+ flow.op = WRITE_OP;
-+ key_by_inode_and_offset_common(inode, *pos, &flow.key);
-+
-+ result = find_file_item(&hint, &flow.key, ZNODE_WRITE_LOCK, inode);
-+ if (IS_CBKERR(result))
-+ return result;
-+
-+ coord = &hint.ext_coord.coord;
-+ lh = hint.ext_coord.lh;
-+
-+ result = zload(coord->node);
-+ BUG_ON(result != 0);
-+ loaded = coord->node;
-+
-+ if (coord->between == AFTER_UNIT) {
-+ /* append with data or hole */
-+ result = append_tail(inode, &flow, coord, lh);
-+ } else if (coord->between == AT_UNIT) {
-+ /* overwrite */
-+ result = overwrite_tail(&flow, coord);
-+ } else {
-+ /* no items of this file yet. insert data or hole */
-+ result = insert_first_tail(inode, &flow, coord, lh);
-+ }
-+ zrelse(loaded);
-+ if (result < 0) {
-+ done_lh(lh);
-+ return result;
-+ }
-+
-+ /* seal and unlock znode */
-+ hint.ext_coord.valid = 0;
-+ if (hint.ext_coord.valid)
-+ set_hint(&hint, &flow.key, ZNODE_WRITE_LOCK);
-+ else
-+ unset_hint(&hint);
-+
-+ save_file_hint(file, &hint);
-+ return result;
-+}
-+
-+#if REISER4_DEBUG
-+
-+static int
-+coord_matches_key_tail(const coord_t * coord, const reiser4_key * key)
-+{
-+ reiser4_key item_key;
-+
-+ assert("vs-1356", coord_is_existing_unit(coord));
-+ assert("vs-1354", keylt(key, append_key_tail(coord, &item_key)));
-+ assert("vs-1355", keyge(key, item_key_by_coord(coord, &item_key)));
-+ return get_key_offset(key) ==
-+ get_key_offset(&item_key) + coord->unit_pos;
-+
-+}
-+
-+#endif
-+
-+/* plugin->u.item.s.file.read */
-+int read_tail(struct file *file UNUSED_ARG, flow_t *f, hint_t *hint)
-+{
-+ unsigned count;
-+ int item_length;
-+ coord_t *coord;
-+ uf_coord_t *uf_coord;
-+
-+ uf_coord = &hint->ext_coord;
-+ coord = &uf_coord->coord;
-+
-+ assert("vs-571", f->user == 1);
-+ assert("vs-571", f->data);
-+ assert("vs-967", coord && coord->node);
-+ assert("vs-1117", znode_is_rlocked(coord->node));
-+ assert("vs-1118", znode_is_loaded(coord->node));
-+
-+ assert("nikita-3037", schedulable());
-+ assert("vs-1357", coord_matches_key_tail(coord, &f->key));
-+
-+ /* calculate number of bytes to read off the item */
-+ item_length = item_length_by_coord(coord);
-+ count = item_length_by_coord(coord) - coord->unit_pos;
-+ if (count > f->length)
-+ count = f->length;
-+
-+ /* user page has to be brought in so that major page fault does not
-+ * occur here when longtem lock is held */
-+ if (__copy_to_user((char __user *)f->data,
-+ ((char *)item_body_by_coord(coord) + coord->unit_pos),
-+ count))
-+ return RETERR(-EFAULT);
-+
-+ /* probably mark_page_accessed() should only be called if
-+ * coord->unit_pos is zero. */
-+ mark_page_accessed(znode_page(coord->node));
-+ move_flow_forward(f, count);
-+
-+ coord->unit_pos += count;
-+ if (item_length == coord->unit_pos) {
-+ coord->unit_pos--;
-+ coord->between = AFTER_UNIT;
-+ }
-+
-+ return 0;
-+}
-+
-+/*
-+ plugin->u.item.s.file.append_key
-+ key of first byte which is the next to last byte by addressed by this item
-+*/
-+reiser4_key *append_key_tail(const coord_t * coord, reiser4_key * key)
-+{
-+ item_key_by_coord(coord, key);
-+ set_key_offset(key, get_key_offset(key) + item_length_by_coord(coord));
-+ return key;
-+}
-+
-+/* plugin->u.item.s.file.init_coord_extension */
-+void init_coord_extension_tail(uf_coord_t * uf_coord, loff_t lookuped)
-+{
-+ uf_coord->valid = 1;
-+}
-+
-+/*
-+ plugin->u.item.s.file.get_block
-+*/
-+int
-+get_block_address_tail(const coord_t * coord, sector_t lblock, sector_t * block)
-+{
-+ assert("nikita-3252", znode_get_level(coord->node) == LEAF_LEVEL);
-+
-+ *block = *znode_get_block(coord->node);
-+ return 0;
-+}
-+
-+/*
-+ * Local variables:
-+ * c-indentation-style: "K&R"
-+ * mode-name: "LC"
-+ * c-basic-offset: 8
-+ * tab-width: 8
-+ * fill-column: 79
-+ * scroll-step: 1
-+ * End:
-+ */
-Index: linux-2.6.16/fs/reiser4/plugin/item/tail.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/item/tail.h
-@@ -0,0 +1,58 @@
-+/* Copyright 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+#if !defined( __REISER4_TAIL_H__ )
-+#define __REISER4_TAIL_H__
-+
-+typedef struct {
-+ int not_used;
-+} tail_coord_extension_t;
-+
-+struct cut_list;
-+
-+/* plugin->u.item.b.* */
-+reiser4_key *max_key_inside_tail(const coord_t *, reiser4_key *);
-+int can_contain_key_tail(const coord_t * coord, const reiser4_key * key,
-+ const reiser4_item_data *);
-+int mergeable_tail(const coord_t * p1, const coord_t * p2);
-+pos_in_node_t nr_units_tail(const coord_t *);
-+lookup_result lookup_tail(const reiser4_key *, lookup_bias, coord_t *);
-+int paste_tail(coord_t *, reiser4_item_data *, carry_plugin_info *);
-+int can_shift_tail(unsigned free_space, coord_t * source,
-+ znode * target, shift_direction, unsigned *size,
-+ unsigned want);
-+void copy_units_tail(coord_t * target, coord_t * source, unsigned from,
-+ unsigned count, shift_direction, unsigned free_space);
-+int kill_hook_tail(const coord_t *, pos_in_node_t from, pos_in_node_t count,
-+ struct carry_kill_data *);
-+int cut_units_tail(coord_t *, pos_in_node_t from, pos_in_node_t to,
-+ struct carry_cut_data *, reiser4_key * smallest_removed,
-+ reiser4_key * new_first);
-+int kill_units_tail(coord_t *, pos_in_node_t from, pos_in_node_t to,
-+ struct carry_kill_data *, reiser4_key * smallest_removed,
-+ reiser4_key * new_first);
-+reiser4_key *unit_key_tail(const coord_t *, reiser4_key *);
-+
-+/* plugin->u.item.s.* */
-+ssize_t write_tail(struct file *file, const char __user *buf, size_t count,
-+ loff_t *pos);
-+int read_tail(struct file *, flow_t *, hint_t *);
-+int readpage_tail(void *vp, struct page *page);
-+reiser4_key *append_key_tail(const coord_t *, reiser4_key *);
-+void init_coord_extension_tail(uf_coord_t *, loff_t offset);
-+int get_block_address_tail(const coord_t *, sector_t, sector_t *);
-+int item_balance_dirty_pages(struct address_space *, const flow_t *,
-+ hint_t *, int back_to_dirty, int set_hint);
-+
-+/* __REISER4_TAIL_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/node/Makefile
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/node/Makefile
-@@ -0,0 +1,5 @@
-+obj-$(CONFIG_REISER4_FS) += node_plugins.o
-+
-+node_plugins-objs := \
-+ node.o \
-+ node40.o
-Index: linux-2.6.16/fs/reiser4/plugin/node/node.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/node/node.c
-@@ -0,0 +1,131 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* Node plugin interface.
-+
-+ Description: The tree provides the abstraction of flows, which it
-+ internally fragments into items which it stores in nodes.
-+
-+ A key_atom is a piece of data bound to a single key.
-+
-+ For reasonable space efficiency to be achieved it is often
-+ necessary to store key_atoms in the nodes in the form of items, where
-+ an item is a sequence of key_atoms of the same or similar type. It is
-+ more space-efficient, because the item can implement (very)
-+ efficient compression of key_atom's bodies using internal knowledge
-+ about their semantics, and it can often avoid having a key for each
-+ key_atom. Each type of item has specific operations implemented by its
-+ item handler (see balance.c).
-+
-+ Rationale: the rest of the code (specifically balancing routines)
-+ accesses leaf level nodes through this interface. This way we can
-+ implement various block layouts and even combine various layouts
-+ within the same tree. Balancing/allocating algorithms should not
-+ care about peculiarities of splitting/merging specific item types,
-+ but rather should leave that to the item's item handler.
-+
-+ Items, including those that provide the abstraction of flows, have
-+ the property that if you move them in part or in whole to another
-+ node, the balancing code invokes their is_left_mergeable()
-+ item_operation to determine if they are mergeable with their new
-+ neighbor in the node you have moved them to. For some items the
-+ is_left_mergeable() function always returns null.
-+
-+ When moving the bodies of items from one node to another:
-+
-+ if a partial item is shifted to another node the balancing code invokes
-+ an item handler method to handle the item splitting.
-+
-+ if the balancing code needs to merge with an item in the node it
-+ is shifting to, it will invoke an item handler method to handle
-+ the item merging.
-+
-+ if it needs to move whole item bodies unchanged, the balancing code uses xmemcpy()
-+ adjusting the item headers after the move is done using the node handler.
-+*/
-+
-+#include "../../forward.h"
-+#include "../../debug.h"
-+#include "../../key.h"
-+#include "../../coord.h"
-+#include "../plugin_header.h"
-+#include "../item/item.h"
-+#include "node.h"
-+#include "../plugin.h"
-+#include "../../znode.h"
-+#include "../../tree.h"
-+#include "../../super.h"
-+#include "../../reiser4.h"
-+
-+/**
-+ * leftmost_key_in_node - get the smallest key in node
-+ * @node:
-+ * @key: store result here
-+ *
-+ * Stores the leftmost key of @node in @key.
-+ */
-+reiser4_key *leftmost_key_in_node(const znode *node, reiser4_key *key)
-+{
-+ assert("nikita-1634", node != NULL);
-+ assert("nikita-1635", key != NULL);
-+
-+ if (!node_is_empty(node)) {
-+ coord_t first_item;
-+
-+ coord_init_first_unit(&first_item, (znode *) node);
-+ item_key_by_coord(&first_item, key);
-+ } else
-+ *key = *max_key();
-+ return key;
-+}
-+
-+node_plugin node_plugins[LAST_NODE_ID] = {
-+ [NODE40_ID] = {
-+ .h = {
-+ .type_id = REISER4_NODE_PLUGIN_TYPE,
-+ .id = NODE40_ID,
-+ .pops = NULL,
-+ .label = "unified",
-+ .desc = "unified node layout",
-+ .linkage = {NULL, NULL}
-+ },
-+ .item_overhead = item_overhead_node40,
-+ .free_space = free_space_node40,
-+ .lookup = lookup_node40,
-+ .num_of_items = num_of_items_node40,
-+ .item_by_coord = item_by_coord_node40,
-+ .length_by_coord = length_by_coord_node40,
-+ .plugin_by_coord = plugin_by_coord_node40,
-+ .key_at = key_at_node40,
-+ .estimate = estimate_node40,
-+ .check = check_node40,
-+ .parse = parse_node40,
-+ .init = init_node40,
-+#ifdef GUESS_EXISTS
-+ .guess = guess_node40,
-+#endif
-+ .change_item_size = change_item_size_node40,
-+ .create_item = create_item_node40,
-+ .update_item_key = update_item_key_node40,
-+ .cut_and_kill = kill_node40,
-+ .cut = cut_node40,
-+ .shift = shift_node40,
-+ .shrink_item = shrink_item_node40,
-+ .fast_insert = fast_insert_node40,
-+ .fast_paste = fast_paste_node40,
-+ .fast_cut = fast_cut_node40,
-+ .max_item_size = max_item_size_node40,
-+ .prepare_removal = prepare_removal_node40,
-+ .set_item_plugin = set_item_plugin_node40
-+ }
-+};
-+
-+/*
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/node/node.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/node/node.h
-@@ -0,0 +1,272 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* We need a definition of the default node layout here. */
-+
-+/* Generally speaking, it is best to have free space in the middle of the
-+ node so that two sets of things can grow towards it, and to have the
-+ item bodies on the left so that the last one of them grows into free
-+ space. We optimize for the case where we append new items to the end
-+ of the node, or grow the last item, because it hurts nothing to so
-+ optimize and it is a common special case to do massive insertions in
-+ increasing key order (and one of cases more likely to have a real user
-+ notice the delay time for).
-+
-+ formatted leaf default layout: (leaf1)
-+
-+ |node header:item bodies:free space:key + pluginid + item offset|
-+
-+ We grow towards the middle, optimizing layout for the case where we
-+ append new items to the end of the node. The node header is fixed
-+ length. Keys, and item offsets plus pluginids for the items
-+ corresponding to them are in increasing key order, and are fixed
-+ length. Item offsets are relative to start of node (16 bits creating
-+ a node size limit of 64k, 12 bits might be a better choice....). Item
-+ bodies are in decreasing key order. Item bodies have a variable size.
-+ There is a one to one to one mapping of keys to item offsets to item
-+ bodies. Item offsets consist of pointers to the zeroth byte of the
-+ item body. Item length equals the start of the next item minus the
-+ start of this item, except the zeroth item whose length equals the end
-+ of the node minus the start of that item (plus a byte). In other
-+ words, the item length is not recorded anywhere, and it does not need
-+ to be since it is computable.
-+
-+ Leaf variable length items and keys layout : (lvar)
-+
-+ |node header:key offset + item offset + pluginid triplets:free space:key bodies:item bodies|
-+
-+ We grow towards the middle, optimizing layout for the case where we
-+ append new items to the end of the node. The node header is fixed
-+ length. Keys and item offsets for the items corresponding to them are
-+ in increasing key order, and keys are variable length. Item offsets
-+ are relative to start of node (16 bits). Item bodies are in
-+ decreasing key order. Item bodies have a variable size. There is a
-+ one to one to one mapping of keys to item offsets to item bodies.
-+ Item offsets consist of pointers to the zeroth byte of the item body.
-+ Item length equals the start of the next item's key minus the start of
-+ this item, except the zeroth item whose length equals the end of the
-+ node minus the start of that item (plus a byte).
-+
-+ leaf compressed keys layout: (lcomp)
-+
-+ |node header:key offset + key inherit + item offset pairs:free space:key bodies:item bodies|
-+
-+ We grow towards the middle, optimizing layout for the case where we
-+ append new items to the end of the node. The node header is fixed
-+ length. Keys and item offsets for the items corresponding to them are
-+ in increasing key order, and keys are variable length. The "key
-+ inherit" field indicates how much of the key prefix is identical to
-+ the previous key (stem compression as described in "Managing
-+ Gigabytes" is used). key_inherit is a one byte integer. The
-+ intra-node searches performed through this layout are linear searches,
-+ and this is theorized to not hurt performance much due to the high
-+ cost of processor stalls on modern CPUs, and the small number of keys
-+ in a single node. Item offsets are relative to start of node (16
-+ bits). Item bodies are in decreasing key order. Item bodies have a
-+ variable size. There is a one to one to one mapping of keys to item
-+ offsets to item bodies. Item offsets consist of pointers to the
-+ zeroth byte of the item body. Item length equals the start of the
-+ next item minus the start of this item, except the zeroth item whose
-+ length equals the end of the node minus the start of that item (plus a
-+ byte). In other words, item length and key length is not recorded
-+ anywhere, and it does not need to be since it is computable.
-+
-+ internal node default layout: (idef1)
-+
-+ just like ldef1 except that item bodies are either blocknrs of
-+ children or extents, and moving them may require updating parent
-+ pointers in the nodes that they point to.
-+*/
-+
-+/* There is an inherent 3-way tradeoff between optimizing and
-+ exchanging disks between different architectures and code
-+ complexity. This is optimal and simple and inexchangeable.
-+ Someone else can do the code for exchanging disks and make it
-+ complex. It would not be that hard. Using other than the PAGE_SIZE
-+ might be suboptimal.
-+*/
-+
-+#if !defined( __REISER4_NODE_H__ )
-+#define __REISER4_NODE_H__
-+
-+#define LEAF40_NODE_SIZE PAGE_CACHE_SIZE
-+
-+#include "../../dformat.h"
-+#include "../plugin_header.h"
-+
-+#include <linux/types.h>
-+
-+typedef enum {
-+ NS_FOUND = 0,
-+ NS_NOT_FOUND = -ENOENT
-+} node_search_result;
-+
-+/* Maximal possible space overhead for creation of new item in a node */
-+#define REISER4_NODE_MAX_OVERHEAD ( sizeof( reiser4_key ) + 32 )
-+
-+typedef enum {
-+ REISER4_NODE_DKEYS = (1 << 0),
-+ REISER4_NODE_TREE_STABLE = (1 << 1)
-+} reiser4_node_check_flag;
-+
-+/* cut and cut_and_kill have too long list of parameters. This structure is just to safe some space on stack */
-+struct cut_list {
-+ coord_t *from;
-+ coord_t *to;
-+ const reiser4_key *from_key;
-+ const reiser4_key *to_key;
-+ reiser4_key *smallest_removed;
-+ carry_plugin_info *info;
-+ __u32 flags;
-+ struct inode *inode; /* this is to pass list of eflushed jnodes down to extent_kill_hook */
-+ lock_handle *left;
-+ lock_handle *right;
-+};
-+
-+struct carry_cut_data;
-+struct carry_kill_data;
-+
-+/* The responsibility of the node plugin is to store and give access
-+ to the sequence of items within the node. */
-+typedef struct node_plugin {
-+ /* generic plugin fields */
-+ plugin_header h;
-+
-+ /* calculates the amount of space that will be required to store an
-+ item which is in addition to the space consumed by the item body.
-+ (the space consumed by the item body can be gotten by calling
-+ item->estimate) */
-+ size_t(*item_overhead) (const znode * node, flow_t * f);
-+
-+ /* returns free space by looking into node (i.e., without using
-+ znode->free_space). */
-+ size_t(*free_space) (znode * node);
-+ /* search within the node for the one item which might
-+ contain the key, invoking item->search_within to search within
-+ that item to see if it is in there */
-+ node_search_result(*lookup) (znode * node, const reiser4_key * key,
-+ lookup_bias bias, coord_t * coord);
-+ /* number of items in node */
-+ int (*num_of_items) (const znode * node);
-+
-+ /* store information about item in @coord in @data */
-+ /* break into several node ops, don't add any more uses of this before doing so */
-+ /*int ( *item_at )( const coord_t *coord, reiser4_item_data *data ); */
-+ char *(*item_by_coord) (const coord_t * coord);
-+ int (*length_by_coord) (const coord_t * coord);
-+ item_plugin *(*plugin_by_coord) (const coord_t * coord);
-+
-+ /* store item key in @key */
-+ reiser4_key *(*key_at) (const coord_t * coord, reiser4_key * key);
-+ /* conservatively estimate whether unit of what size can fit
-+ into node. This estimation should be performed without
-+ actually looking into the node's content (free space is saved in
-+ znode). */
-+ size_t(*estimate) (znode * node);
-+
-+ /* performs every consistency check the node plugin author could
-+ imagine. Optional. */
-+ int (*check) (const znode * node, __u32 flags, const char **error);
-+
-+ /* Called when node is read into memory and node plugin is
-+ already detected. This should read some data into znode (like free
-+ space counter) and, optionally, check data consistency.
-+ */
-+ int (*parse) (znode * node);
-+ /* This method is called on a new node to initialise plugin specific
-+ data (header, etc.) */
-+ int (*init) (znode * node);
-+ /* Check whether @node content conforms to this plugin format.
-+ Probably only useful after support for old V3.x formats is added.
-+ Uncomment after 4.0 only.
-+ */
-+ /* int ( *guess )( const znode *node ); */
-+#if REISER4_DEBUG
-+ void (*print) (const char *prefix, const znode * node, __u32 flags);
-+#endif
-+ /* change size of @item by @by bytes. @item->node has enough free
-+ space. When @by > 0 - free space is appended to end of item. When
-+ @by < 0 - item is truncated - it is assumed that last @by bytes if
-+ the item are freed already */
-+ void (*change_item_size) (coord_t * item, int by);
-+
-+ /* create new item @length bytes long in coord @target */
-+ int (*create_item) (coord_t * target, const reiser4_key * key,
-+ reiser4_item_data * data, carry_plugin_info * info);
-+
-+ /* update key of item. */
-+ void (*update_item_key) (coord_t * target, const reiser4_key * key,
-+ carry_plugin_info * info);
-+
-+ int (*cut_and_kill) (struct carry_kill_data *, carry_plugin_info *);
-+ int (*cut) (struct carry_cut_data *, carry_plugin_info *);
-+
-+ /*
-+ * shrink item pointed to by @coord by @delta bytes.
-+ */
-+ int (*shrink_item) (coord_t * coord, int delta);
-+
-+ /* copy as much as possible but not more than up to @stop from
-+ @stop->node to @target. If (pend == append) then data from beginning of
-+ @stop->node are copied to the end of @target. If (pend == prepend) then
-+ data from the end of @stop->node are copied to the beginning of
-+ @target. Copied data are removed from @stop->node. Information
-+ about what to do on upper level is stored in @todo */
-+ int (*shift) (coord_t * stop, znode * target, shift_direction pend,
-+ int delete_node, int including_insert_coord,
-+ carry_plugin_info * info);
-+ /* return true if this node allows skip carry() in some situations
-+ (see fs/reiser4/tree.c:insert_by_coord()). Reiser3.x format
-+ emulation doesn't.
-+
-+ This will speedup insertions that doesn't require updates to the
-+ parent, by bypassing initialisation of carry() structures. It's
-+ believed that majority of insertions will fit there.
-+
-+ */
-+ int (*fast_insert) (const coord_t * coord);
-+ int (*fast_paste) (const coord_t * coord);
-+ int (*fast_cut) (const coord_t * coord);
-+ /* this limits max size of item which can be inserted into a node and
-+ number of bytes item in a node may be appended with */
-+ int (*max_item_size) (void);
-+ int (*prepare_removal) (znode * empty, carry_plugin_info * info);
-+ /* change plugin id of items which are in a node already. Currently it is Used in tail conversion for regular
-+ * files */
-+ int (*set_item_plugin) (coord_t * coord, item_id);
-+} node_plugin;
-+
-+typedef enum {
-+ /* standard unified node layout used for both leaf and internal
-+ nodes */
-+ NODE40_ID,
-+ LAST_NODE_ID
-+} reiser4_node_id;
-+
-+extern reiser4_key *leftmost_key_in_node(const znode * node, reiser4_key * key);
-+#if REISER4_DEBUG
-+extern void print_node_content(const char *prefix, const znode * node,
-+ __u32 flags);
-+#endif
-+
-+extern void indent_znode(const znode * node);
-+
-+typedef struct common_node_header {
-+ /*
-+ * identifier of node plugin. Must be located at the very beginning of
-+ * a node.
-+ */
-+ __le16 plugin_id;
-+} common_node_header;
-+
-+/* __REISER4_NODE_H__ */
-+#endif
-+/*
-+ * Local variables:
-+ * c-indentation-style: "K&R"
-+ * mode-name: "LC"
-+ * c-basic-offset: 8
-+ * tab-width: 8
-+ * fill-column: 79
-+ * scroll-step: 1
-+ * End:
-+ */
-Index: linux-2.6.16/fs/reiser4/plugin/node/node40.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/node/node40.c
-@@ -0,0 +1,2924 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+#include "../../debug.h"
-+#include "../../key.h"
-+#include "../../coord.h"
-+#include "../plugin_header.h"
-+#include "../item/item.h"
-+#include "node.h"
-+#include "node40.h"
-+#include "../plugin.h"
-+#include "../../jnode.h"
-+#include "../../znode.h"
-+#include "../../pool.h"
-+#include "../../carry.h"
-+#include "../../tap.h"
-+#include "../../tree.h"
-+#include "../../super.h"
-+#include "../../reiser4.h"
-+
-+#include <asm/uaccess.h>
-+#include <linux/types.h>
-+#include <linux/prefetch.h>
-+
-+/* leaf 40 format:
-+
-+ [node header | item 0, item 1, .., item N-1 | free space | item_head N-1, .. item_head 1, item head 0 ]
-+ plugin_id (16) key
-+ free_space (16) pluginid (16)
-+ free_space_start (16) offset (16)
-+ level (8)
-+ num_items (16)
-+ magic (32)
-+ flush_time (32)
-+*/
-+/* NIKITA-FIXME-HANS: I told you guys not less than 10 times to not call it r4fs. Change to "ReIs". */
-+/* magic number that is stored in ->magic field of node header */
-+static const __u32 REISER4_NODE_MAGIC = 0x52344653; /* (*(__u32 *)"R4FS"); */
-+
-+static int prepare_for_update(znode * left, znode * right,
-+ carry_plugin_info * info);
-+
-+/* header of node of reiser40 format is at the beginning of node */
-+static inline node40_header *node40_node_header(const znode * node /* node to
-+ * query */ )
-+{
-+ assert("nikita-567", node != NULL);
-+ assert("nikita-568", znode_page(node) != NULL);
-+ assert("nikita-569", zdata(node) != NULL);
-+ return (node40_header *) zdata(node);
-+}
-+
-+/* functions to get/set fields of node40_header */
-+#define nh40_get_magic(nh) le32_to_cpu(get_unaligned(&(nh)->magic))
-+#define nh40_get_free_space(nh) le16_to_cpu(get_unaligned(&(nh)->free_space))
-+#define nh40_get_free_space_start(nh) le16_to_cpu(get_unaligned(&(nh)->free_space_start))
-+#define nh40_get_level(nh) get_unaligned(&(nh)->level)
-+#define nh40_get_num_items(nh) le16_to_cpu(get_unaligned(&(nh)->nr_items))
-+#define nh40_get_flush_id(nh) le64_to_cpu(get_unaligned(&(nh)->flush_id))
-+
-+#define nh40_set_magic(nh, value) put_unaligned(cpu_to_le32(value), &(nh)->magic)
-+#define nh40_set_free_space(nh, value) put_unaligned(cpu_to_le16(value), &(nh)->free_space)
-+#define nh40_set_free_space_start(nh, value) put_unaligned(cpu_to_le16(value), &(nh)->free_space_start)
-+#define nh40_set_level(nh, value) put_unaligned(value, &(nh)->level)
-+#define nh40_set_num_items(nh, value) put_unaligned(cpu_to_le16(value), &(nh)->nr_items)
-+#define nh40_set_mkfs_id(nh, value) put_unaligned(cpu_to_le32(value), &(nh)->mkfs_id)
-+
-+
-+/* plugin field of node header should be read/set by
-+ plugin_by_disk_id/save_disk_plugin */
-+
-+/* array of item headers is at the end of node */
-+static inline item_header40 *node40_ih_at(const znode * node, unsigned pos)
-+{
-+ return (item_header40 *) (zdata(node) + znode_size(node)) - pos - 1;
-+}
-+
-+/* ( page_address( node -> pg ) + PAGE_CACHE_SIZE ) - pos - 1
-+ */
-+static inline item_header40 *node40_ih_at_coord(const coord_t * coord)
-+{
-+ return (item_header40 *) (zdata(coord->node) +
-+ znode_size(coord->node)) - (coord->item_pos) -
-+ 1;
-+}
-+
-+/* functions to get/set fields of item_header40 */
-+#define ih40_get_offset(ih) le16_to_cpu(get_unaligned(&(ih)->offset))
-+
-+#define ih40_set_offset(ih, value) put_unaligned(cpu_to_le16(value), &(ih)->offset)
-+
-+/* plugin field of item header should be read/set by
-+ plugin_by_disk_id/save_disk_plugin */
-+
-+/* plugin methods */
-+
-+/* plugin->u.node.item_overhead
-+ look for description of this method in plugin/node/node.h */
-+size_t
-+item_overhead_node40(const znode * node UNUSED_ARG, flow_t * f UNUSED_ARG)
-+{
-+ return sizeof(item_header40);
-+}
-+
-+/* plugin->u.node.free_space
-+ look for description of this method in plugin/node/node.h */
-+size_t free_space_node40(znode * node)
-+{
-+ assert("nikita-577", node != NULL);
-+ assert("nikita-578", znode_is_loaded(node));
-+ assert("nikita-579", zdata(node) != NULL);
-+
-+ return nh40_get_free_space(node40_node_header(node));
-+}
-+
-+/* private inline version of node40_num_of_items() for use in this file. This
-+ is necessary, because address of node40_num_of_items() is taken and it is
-+ never inlined as a result. */
-+static inline short node40_num_of_items_internal(const znode * node)
-+{
-+ return nh40_get_num_items(node40_node_header(node));
-+}
-+
-+#if REISER4_DEBUG
-+static inline void check_num_items(const znode * node)
-+{
-+ assert("nikita-2749",
-+ node40_num_of_items_internal(node) == node->nr_items);
-+ assert("nikita-2746", znode_is_write_locked(node));
-+}
-+#else
-+#define check_num_items(node) noop
-+#endif
-+
-+/* plugin->u.node.num_of_items
-+ look for description of this method in plugin/node/node.h */
-+int num_of_items_node40(const znode * node)
-+{
-+ return node40_num_of_items_internal(node);
-+}
-+
-+static void
-+node40_set_num_items(znode * node, node40_header * nh, unsigned value)
-+{
-+ assert("nikita-2751", node != NULL);
-+ assert("nikita-2750", nh == node40_node_header(node));
-+
-+ check_num_items(node);
-+ nh40_set_num_items(nh, value);
-+ node->nr_items = value;
-+ check_num_items(node);
-+}
-+
-+/* plugin->u.node.item_by_coord
-+ look for description of this method in plugin/node/node.h */
-+char *item_by_coord_node40(const coord_t * coord)
-+{
-+ item_header40 *ih;
-+ char *p;
-+
-+ /* @coord is set to existing item */
-+ assert("nikita-596", coord != NULL);
-+ assert("vs-255", coord_is_existing_item(coord));
-+
-+ ih = node40_ih_at_coord(coord);
-+ p = zdata(coord->node) + ih40_get_offset(ih);
-+ return p;
-+}
-+
-+/* plugin->u.node.length_by_coord
-+ look for description of this method in plugin/node/node.h */
-+int length_by_coord_node40(const coord_t * coord)
-+{
-+ item_header40 *ih;
-+ int result;
-+
-+ /* @coord is set to existing item */
-+ assert("vs-256", coord != NULL);
-+ assert("vs-257", coord_is_existing_item(coord));
-+
-+ ih = node40_ih_at_coord(coord);
-+ if ((int)coord->item_pos ==
-+ node40_num_of_items_internal(coord->node) - 1)
-+ result =
-+ nh40_get_free_space_start(node40_node_header(coord->node)) -
-+ ih40_get_offset(ih);
-+ else
-+ result = ih40_get_offset(ih - 1) - ih40_get_offset(ih);
-+
-+ return result;
-+}
-+
-+static pos_in_node_t
-+node40_item_length(const znode * node, pos_in_node_t item_pos)
-+{
-+ item_header40 *ih;
-+ pos_in_node_t result;
-+
-+ /* @coord is set to existing item */
-+ assert("vs-256", node != NULL);
-+ assert("vs-257", node40_num_of_items_internal(node) > item_pos);
-+
-+ ih = node40_ih_at(node, item_pos);
-+ if (item_pos == node40_num_of_items_internal(node) - 1)
-+ result =
-+ nh40_get_free_space_start(node40_node_header(node)) -
-+ ih40_get_offset(ih);
-+ else
-+ result = ih40_get_offset(ih - 1) - ih40_get_offset(ih);
-+
-+ return result;
-+}
-+
-+/* plugin->u.node.plugin_by_coord
-+ look for description of this method in plugin/node/node.h */
-+item_plugin *plugin_by_coord_node40(const coord_t * coord)
-+{
-+ item_header40 *ih;
-+ item_plugin *result;
-+
-+ /* @coord is set to existing item */
-+ assert("vs-258", coord != NULL);
-+ assert("vs-259", coord_is_existing_item(coord));
-+
-+ ih = node40_ih_at_coord(coord);
-+ /* pass NULL in stead of current tree. This is time critical call. */
-+ result = item_plugin_by_disk_id(NULL, &ih->plugin_id);
-+ return result;
-+}
-+
-+/* plugin->u.node.key_at
-+ look for description of this method in plugin/node/node.h */
-+reiser4_key *key_at_node40(const coord_t * coord, reiser4_key * key)
-+{
-+ item_header40 *ih;
-+
-+ assert("nikita-1765", coord_is_existing_item(coord));
-+
-+ /* @coord is set to existing item */
-+ ih = node40_ih_at_coord(coord);
-+ memcpy(key, &ih->key, sizeof(reiser4_key));
-+ return key;
-+}
-+
-+/* VS-FIXME-HANS: please review whether the below are properly disabled when debugging is disabled */
-+
-+#define NODE_INCSTAT(n, counter) \
-+ reiser4_stat_inc_at_level(znode_get_level(n), node.lookup.counter)
-+
-+#define NODE_ADDSTAT(n, counter, val) \
-+ reiser4_stat_add_at_level(znode_get_level(n), node.lookup.counter, val)
-+
-+/* plugin->u.node.lookup
-+ look for description of this method in plugin/node/node.h */
-+node_search_result lookup_node40(znode * node /* node to query */ ,
-+ const reiser4_key * key /* key to look for */ ,
-+ lookup_bias bias /* search bias */ ,
-+ coord_t * coord /* resulting coord */ )
-+{
-+ int left;
-+ int right;
-+ int found;
-+ int items;
-+
-+ item_header40 *lefth;
-+ item_header40 *righth;
-+
-+ item_plugin *iplug;
-+ item_header40 *bstop;
-+ item_header40 *ih;
-+ cmp_t order;
-+
-+ assert("nikita-583", node != NULL);
-+ assert("nikita-584", key != NULL);
-+ assert("nikita-585", coord != NULL);
-+ assert("nikita-2693", znode_is_any_locked(node));
-+ cassert(REISER4_SEQ_SEARCH_BREAK > 2);
-+
-+ items = node_num_items(node);
-+
-+ if (unlikely(items == 0)) {
-+ coord_init_first_unit(coord, node);
-+ return NS_NOT_FOUND;
-+ }
-+
-+ /* binary search for item that can contain given key */
-+ left = 0;
-+ right = items - 1;
-+ coord->node = node;
-+ coord_clear_iplug(coord);
-+ found = 0;
-+
-+ lefth = node40_ih_at(node, left);
-+ righth = node40_ih_at(node, right);
-+
-+ /* It is known that for small arrays sequential search is on average
-+ more efficient than binary. This is because sequential search is
-+ coded as tight loop that can be better optimized by compilers and
-+ for small array size gain from this optimization makes sequential
-+ search the winner. Another, maybe more important, reason for this,
-+ is that sequential array is more CPU cache friendly, whereas binary
-+ search effectively destroys CPU caching.
-+
-+ Critical here is the notion of "smallness". Reasonable value of
-+ REISER4_SEQ_SEARCH_BREAK can be found by playing with code in
-+ fs/reiser4/ulevel/ulevel.c:test_search().
-+
-+ Don't try to further optimize sequential search by scanning from
-+ right to left in attempt to use more efficient loop termination
-+ condition (comparison with 0). This doesn't work.
-+
-+ */
-+
-+ while (right - left >= REISER4_SEQ_SEARCH_BREAK) {
-+ int median;
-+ item_header40 *medianh;
-+
-+ median = (left + right) / 2;
-+ medianh = node40_ih_at(node, median);
-+
-+ assert("nikita-1084", median >= 0);
-+ assert("nikita-1085", median < items);
-+ switch (keycmp(key, &medianh->key)) {
-+ case LESS_THAN:
-+ right = median;
-+ righth = medianh;
-+ break;
-+ default:
-+ wrong_return_value("nikita-586", "keycmp");
-+ case GREATER_THAN:
-+ left = median;
-+ lefth = medianh;
-+ break;
-+ case EQUAL_TO:
-+ do {
-+ --median;
-+ /* headers are ordered from right to left */
-+ ++medianh;
-+ } while (median >= 0 && keyeq(key, &medianh->key));
-+ right = left = median + 1;
-+ ih = lefth = righth = medianh - 1;
-+ found = 1;
-+ break;
-+ }
-+ }
-+ /* sequential scan. Item headers, and, therefore, keys are stored at
-+ the rightmost part of a node from right to left. We are trying to
-+ access memory from left to right, and hence, scan in _descending_
-+ order of item numbers.
-+ */
-+ if (!found) {
-+ for (left = right, ih = righth; left >= 0; ++ih, --left) {
-+ cmp_t comparison;
-+
-+ prefetchkey(&(ih + 1)->key);
-+ comparison = keycmp(&ih->key, key);
-+ if (comparison == GREATER_THAN)
-+ continue;
-+ if (comparison == EQUAL_TO) {
-+ found = 1;
-+ do {
-+ --left;
-+ ++ih;
-+ } while (left >= 0 && keyeq(&ih->key, key));
-+ ++left;
-+ --ih;
-+ } else {
-+ assert("nikita-1256", comparison == LESS_THAN);
-+ }
-+ break;
-+ }
-+ if (unlikely(left < 0))
-+ left = 0;
-+ }
-+
-+ assert("nikita-3212", right >= left);
-+ assert("nikita-3214",
-+ equi(found, keyeq(&node40_ih_at(node, left)->key, key)));
-+
-+ coord_set_item_pos(coord, left);
-+ coord->unit_pos = 0;
-+ coord->between = AT_UNIT;
-+
-+ /* key < leftmost key in a mode or node is corrupted and keys
-+ are not sorted */
-+ bstop = node40_ih_at(node, (unsigned)left);
-+ order = keycmp(&bstop->key, key);
-+ if (unlikely(order == GREATER_THAN)) {
-+ if (unlikely(left != 0)) {
-+ /* screw up */
-+ warning("nikita-587", "Key less than %i key in a node",
-+ left);
-+ print_key("key", key);
-+ print_key("min", &bstop->key);
-+ print_coord_content("coord", coord);
-+ return RETERR(-EIO);
-+ } else {
-+ coord->between = BEFORE_UNIT;
-+ return NS_NOT_FOUND;
-+ }
-+ }
-+ /* left <= key, ok */
-+ iplug = item_plugin_by_disk_id(znode_get_tree(node), &bstop->plugin_id);
-+
-+ if (unlikely(iplug == NULL)) {
-+ warning("nikita-588", "Unknown plugin %i",
-+ le16_to_cpu(get_unaligned(&bstop->plugin_id)));
-+ print_key("key", key);
-+ print_coord_content("coord", coord);
-+ return RETERR(-EIO);
-+ }
-+
-+ coord_set_iplug(coord, iplug);
-+
-+ /* if exact key from item header was found by binary search, no
-+ further checks are necessary. */
-+ if (found) {
-+ assert("nikita-1259", order == EQUAL_TO);
-+ return NS_FOUND;
-+ }
-+ if (iplug->b.max_key_inside != NULL) {
-+ reiser4_key max_item_key;
-+
-+ /* key > max_item_key --- outside of an item */
-+ if (keygt(key, iplug->b.max_key_inside(coord, &max_item_key))) {
-+ coord->unit_pos = 0;
-+ coord->between = AFTER_ITEM;
-+ /* FIXME-VS: key we are looking for does not fit into
-+ found item. Return NS_NOT_FOUND then. Without that
-+ the following case does not work: there is extent of
-+ file 10000, 10001. File 10000, 10002 has been just
-+ created. When writing to position 0 in that file -
-+ traverse_tree will stop here on twig level. When we
-+ want it to go down to leaf level
-+ */
-+ return NS_NOT_FOUND;
-+ }
-+ }
-+
-+ if (iplug->b.lookup != NULL) {
-+ return iplug->b.lookup(key, bias, coord);
-+ } else {
-+ assert("nikita-1260", order == LESS_THAN);
-+ coord->between = AFTER_UNIT;
-+ return (bias == FIND_EXACT) ? NS_NOT_FOUND : NS_FOUND;
-+ }
-+}
-+
-+#undef NODE_ADDSTAT
-+#undef NODE_INCSTAT
-+
-+/* plugin->u.node.estimate
-+ look for description of this method in plugin/node/node.h */
-+size_t estimate_node40(znode * node)
-+{
-+ size_t result;
-+
-+ assert("nikita-597", node != NULL);
-+
-+ result = free_space_node40(node) - sizeof(item_header40);
-+
-+ return (result > 0) ? result : 0;
-+}
-+
-+/* plugin->u.node.check
-+ look for description of this method in plugin/node/node.h */
-+int check_node40(const znode * node /* node to check */ ,
-+ __u32 flags /* check flags */ ,
-+ const char **error /* where to store error message */ )
-+{
-+ int nr_items;
-+ int i;
-+ reiser4_key prev;
-+ unsigned old_offset;
-+ tree_level level;
-+ coord_t coord;
-+ int result;
-+
-+ assert("nikita-580", node != NULL);
-+ assert("nikita-581", error != NULL);
-+ assert("nikita-2948", znode_is_loaded(node));
-+
-+ if (ZF_ISSET(node, JNODE_HEARD_BANSHEE))
-+ return 0;
-+
-+ assert("nikita-582", zdata(node) != NULL);
-+
-+ nr_items = node40_num_of_items_internal(node);
-+ if (nr_items < 0) {
-+ *error = "Negative number of items";
-+ return -1;
-+ }
-+
-+ if (flags & REISER4_NODE_DKEYS)
-+ prev = *znode_get_ld_key((znode *) node);
-+ else
-+ prev = *min_key();
-+
-+ old_offset = 0;
-+ coord_init_zero(&coord);
-+ coord.node = (znode *) node;
-+ coord.unit_pos = 0;
-+ coord.between = AT_UNIT;
-+ level = znode_get_level(node);
-+ for (i = 0; i < nr_items; i++) {
-+ item_header40 *ih;
-+ reiser4_key unit_key;
-+ unsigned j;
-+
-+ ih = node40_ih_at(node, (unsigned)i);
-+ coord_set_item_pos(&coord, i);
-+ if ((ih40_get_offset(ih) >=
-+ znode_size(node) - nr_items * sizeof(item_header40)) ||
-+ (ih40_get_offset(ih) < sizeof(node40_header))) {
-+ *error = "Offset is out of bounds";
-+ return -1;
-+ }
-+ if (ih40_get_offset(ih) <= old_offset) {
-+ *error = "Offsets are in wrong order";
-+ return -1;
-+ }
-+ if ((i == 0) && (ih40_get_offset(ih) != sizeof(node40_header))) {
-+ *error = "Wrong offset of first item";
-+ return -1;
-+ }
-+ old_offset = ih40_get_offset(ih);
-+
-+ if (keygt(&prev, &ih->key)) {
-+ *error = "Keys are in wrong order";
-+ return -1;
-+ }
-+ if (!keyeq(&ih->key, unit_key_by_coord(&coord, &unit_key))) {
-+ *error = "Wrong key of first unit";
-+ return -1;
-+ }
-+ prev = ih->key;
-+ for (j = 0; j < coord_num_units(&coord); ++j) {
-+ coord.unit_pos = j;
-+ unit_key_by_coord(&coord, &unit_key);
-+ if (keygt(&prev, &unit_key)) {
-+ *error = "Unit keys are in wrong order";
-+ return -1;
-+ }
-+ prev = unit_key;
-+ }
-+ coord.unit_pos = 0;
-+ if (level != TWIG_LEVEL && item_is_extent(&coord)) {
-+ *error = "extent on the wrong level";
-+ return -1;
-+ }
-+ if (level == LEAF_LEVEL && item_is_internal(&coord)) {
-+ *error = "internal item on the wrong level";
-+ return -1;
-+ }
-+ if (level != LEAF_LEVEL &&
-+ !item_is_internal(&coord) && !item_is_extent(&coord)) {
-+ *error = "wrong item on the internal level";
-+ return -1;
-+ }
-+ if (level > TWIG_LEVEL && !item_is_internal(&coord)) {
-+ *error = "non-internal item on the internal level";
-+ return -1;
-+ }
-+#if REISER4_DEBUG
-+ if (item_plugin_by_coord(&coord)->b.check
-+ && item_plugin_by_coord(&coord)->b.check(&coord, error))
-+ return -1;
-+#endif
-+ if (i) {
-+ coord_t prev_coord;
-+ /* two neighboring items can not be mergeable */
-+ coord_dup(&prev_coord, &coord);
-+ coord_prev_item(&prev_coord);
-+ if (are_items_mergeable(&prev_coord, &coord)) {
-+ *error = "mergeable items in one node";
-+ return -1;
-+ }
-+
-+ }
-+ }
-+
-+ if ((flags & REISER4_NODE_DKEYS) && !node_is_empty(node)) {
-+ coord_t coord;
-+ item_plugin *iplug;
-+
-+ coord_init_last_unit(&coord, node);
-+ iplug = item_plugin_by_coord(&coord);
-+ if ((item_is_extent(&coord) || item_is_tail(&coord)) &&
-+ iplug->s.file.append_key != NULL) {
-+ reiser4_key mkey;
-+
-+ iplug->s.file.append_key(&coord, &mkey);
-+ set_key_offset(&mkey, get_key_offset(&mkey) - 1);
-+ read_lock_dk(current_tree);
-+ result = keygt(&mkey, znode_get_rd_key((znode *) node));
-+ read_unlock_dk(current_tree);
-+ if (result) {
-+ *error = "key of rightmost item is too large";
-+ return -1;
-+ }
-+ }
-+ }
-+ if (flags & REISER4_NODE_DKEYS) {
-+ read_lock_tree(current_tree);
-+ read_lock_dk(current_tree);
-+
-+ flags |= REISER4_NODE_TREE_STABLE;
-+
-+ if (keygt(&prev, znode_get_rd_key((znode *) node))) {
-+ if (flags & REISER4_NODE_TREE_STABLE) {
-+ *error = "Last key is greater than rdkey";
-+ read_unlock_dk(current_tree);
-+ read_unlock_tree(current_tree);
-+ return -1;
-+ }
-+ }
-+ if (keygt
-+ (znode_get_ld_key((znode *) node),
-+ znode_get_rd_key((znode *) node))) {
-+ *error = "ldkey is greater than rdkey";
-+ read_unlock_dk(current_tree);
-+ read_unlock_tree(current_tree);
-+ return -1;
-+ }
-+ if (ZF_ISSET(node, JNODE_LEFT_CONNECTED) &&
-+ (node->left != NULL) &&
-+ !ZF_ISSET(node->left, JNODE_HEARD_BANSHEE) &&
-+ ergo(flags & REISER4_NODE_TREE_STABLE,
-+ !keyeq(znode_get_rd_key(node->left),
-+ znode_get_ld_key((znode *) node)))
-+ && ergo(!(flags & REISER4_NODE_TREE_STABLE),
-+ keygt(znode_get_rd_key(node->left),
-+ znode_get_ld_key((znode *) node)))) {
-+ *error = "left rdkey or ldkey is wrong";
-+ read_unlock_dk(current_tree);
-+ read_unlock_tree(current_tree);
-+ return -1;
-+ }
-+ if (ZF_ISSET(node, JNODE_RIGHT_CONNECTED) &&
-+ (node->right != NULL) &&
-+ !ZF_ISSET(node->right, JNODE_HEARD_BANSHEE) &&
-+ ergo(flags & REISER4_NODE_TREE_STABLE,
-+ !keyeq(znode_get_rd_key((znode *) node),
-+ znode_get_ld_key(node->right)))
-+ && ergo(!(flags & REISER4_NODE_TREE_STABLE),
-+ keygt(znode_get_rd_key((znode *) node),
-+ znode_get_ld_key(node->right)))) {
-+ *error = "rdkey or right ldkey is wrong";
-+ read_unlock_dk(current_tree);
-+ read_unlock_tree(current_tree);
-+ return -1;
-+ }
-+
-+ read_unlock_dk(current_tree);
-+ read_unlock_tree(current_tree);
-+ }
-+
-+ return 0;
-+}
-+
-+/* plugin->u.node.parse
-+ look for description of this method in plugin/node/node.h */
-+int parse_node40(znode * node /* node to parse */ )
-+{
-+ node40_header *header;
-+ int result;
-+ d8 level;
-+
-+ header = node40_node_header((znode *) node);
-+ result = -EIO;
-+ level = nh40_get_level(header);
-+ if (unlikely(((__u8) znode_get_level(node)) != level))
-+ warning("nikita-494", "Wrong level found in node: %i != %i",
-+ znode_get_level(node), level);
-+ else if (unlikely(nh40_get_magic(header) != REISER4_NODE_MAGIC))
-+ warning("nikita-495",
-+ "Wrong magic in tree node: want %x, got %x",
-+ REISER4_NODE_MAGIC, nh40_get_magic(header));
-+ else {
-+ node->nr_items = node40_num_of_items_internal(node);
-+ result = 0;
-+ }
-+ if (unlikely(result != 0))
-+ /* print_znode("node", node) */ ;
-+ return RETERR(result);
-+}
-+
-+/* plugin->u.node.init
-+ look for description of this method in plugin/node/node.h */
-+int init_node40(znode * node /* node to initialise */ )
-+{
-+ node40_header *header;
-+
-+ assert("nikita-570", node != NULL);
-+ assert("nikita-572", zdata(node) != NULL);
-+
-+ header = node40_node_header(node);
-+ memset(header, 0, sizeof(node40_header));
-+ nh40_set_free_space(header, znode_size(node) - sizeof(node40_header));
-+ nh40_set_free_space_start(header, sizeof(node40_header));
-+ /* sane hypothesis: 0 in CPU format is 0 in disk format */
-+ /* items: 0 */
-+ save_plugin_id(node_plugin_to_plugin(node->nplug),
-+ &header->common_header.plugin_id);
-+ nh40_set_level(header, znode_get_level(node));
-+ nh40_set_magic(header, REISER4_NODE_MAGIC);
-+ node->nr_items = 0;
-+ nh40_set_mkfs_id(header, reiser4_mkfs_id(reiser4_get_current_sb()));
-+
-+ /* flags: 0 */
-+ return 0;
-+}
-+
-+#ifdef GUESS_EXISTS
-+int guess_node40(const znode * node /* node to guess plugin of */ )
-+{
-+ node40_header *nethack;
-+
-+ assert("nikita-1058", node != NULL);
-+ nethack = node40_node_header(node);
-+ return
-+ (nh40_get_magic(nethack) == REISER4_NODE_MAGIC) &&
-+ (plugin_by_disk_id(znode_get_tree(node),
-+ REISER4_NODE_PLUGIN_TYPE,
-+ &nethack->common_header.plugin_id)->h.id ==
-+ NODE40_ID);
-+}
-+#endif
-+
-+/* plugin->u.node.chage_item_size
-+ look for description of this method in plugin/node/node.h */
-+void change_item_size_node40(coord_t * coord, int by)
-+{
-+ node40_header *nh;
-+ item_header40 *ih;
-+ char *item_data;
-+ int item_length;
-+ unsigned i;
-+
-+ /* make sure that @item is coord of existing item */
-+ assert("vs-210", coord_is_existing_item(coord));
-+
-+ nh = node40_node_header(coord->node);
-+
-+ item_data = item_by_coord_node40(coord);
-+ item_length = length_by_coord_node40(coord);
-+
-+ /* move item bodies */
-+ ih = node40_ih_at_coord(coord);
-+ memmove(item_data + item_length + by, item_data + item_length,
-+ nh40_get_free_space_start(node40_node_header(coord->node)) -
-+ (ih40_get_offset(ih) + item_length));
-+
-+ /* update offsets of moved items */
-+ for (i = coord->item_pos + 1; i < nh40_get_num_items(nh); i++) {
-+ ih = node40_ih_at(coord->node, i);
-+ ih40_set_offset(ih, ih40_get_offset(ih) + by);
-+ }
-+
-+ /* update node header */
-+ nh40_set_free_space(nh, nh40_get_free_space(nh) - by);
-+ nh40_set_free_space_start(nh, nh40_get_free_space_start(nh) + by);
-+}
-+
-+static int should_notify_parent(const znode * node)
-+{
-+ /* FIXME_JMACD This looks equivalent to znode_is_root(), right? -josh */
-+ return !disk_addr_eq(znode_get_block(node),
-+ &znode_get_tree(node)->root_block);
-+}
-+
-+/* plugin->u.node.create_item
-+ look for description of this method in plugin/node/node.h */
-+int
-+create_item_node40(coord_t *target, const reiser4_key *key,
-+ reiser4_item_data *data, carry_plugin_info *info)
-+{
-+ node40_header *nh;
-+ item_header40 *ih;
-+ unsigned offset;
-+ unsigned i;
-+
-+ nh = node40_node_header(target->node);
-+
-+ assert("vs-212", coord_is_between_items(target));
-+ /* node must have enough free space */
-+ assert("vs-254",
-+ free_space_node40(target->node) >=
-+ data->length + sizeof(item_header40));
-+ assert("vs-1410", data->length >= 0);
-+
-+ if (coord_set_to_right(target))
-+ /* there are not items to the right of @target, so, new item
-+ will be inserted after last one */
-+ coord_set_item_pos(target, nh40_get_num_items(nh));
-+
-+ if (target->item_pos < nh40_get_num_items(nh)) {
-+ /* there are items to be moved to prepare space for new
-+ item */
-+ ih = node40_ih_at_coord(target);
-+ /* new item will start at this offset */
-+ offset = ih40_get_offset(ih);
-+
-+ memmove(zdata(target->node) + offset + data->length,
-+ zdata(target->node) + offset,
-+ nh40_get_free_space_start(nh) - offset);
-+ /* update headers of moved items */
-+ for (i = target->item_pos; i < nh40_get_num_items(nh); i++) {
-+ ih = node40_ih_at(target->node, i);
-+ ih40_set_offset(ih, ih40_get_offset(ih) + data->length);
-+ }
-+
-+ /* @ih is set to item header of the last item, move item headers */
-+ memmove(ih - 1, ih,
-+ sizeof(item_header40) * (nh40_get_num_items(nh) -
-+ target->item_pos));
-+ } else {
-+ /* new item will start at this offset */
-+ offset = nh40_get_free_space_start(nh);
-+ }
-+
-+ /* make item header for the new item */
-+ ih = node40_ih_at_coord(target);
-+ memcpy(&ih->key, key, sizeof(reiser4_key));
-+ ih40_set_offset(ih, offset);
-+ save_plugin_id(item_plugin_to_plugin(data->iplug), &ih->plugin_id);
-+
-+ /* update node header */
-+ nh40_set_free_space(nh,
-+ nh40_get_free_space(nh) - data->length -
-+ sizeof(item_header40));
-+ nh40_set_free_space_start(nh,
-+ nh40_get_free_space_start(nh) + data->length);
-+ node40_set_num_items(target->node, nh, nh40_get_num_items(nh) + 1);
-+
-+ /* FIXME: check how does create_item work when between is set to BEFORE_UNIT */
-+ target->unit_pos = 0;
-+ target->between = AT_UNIT;
-+ coord_clear_iplug(target);
-+
-+ /* initialize item */
-+ if (data->iplug->b.init != NULL) {
-+ data->iplug->b.init(target, NULL, data);
-+ }
-+ /* copy item body */
-+ if (data->iplug->b.paste != NULL) {
-+ data->iplug->b.paste(target, data, info);
-+ } else if (data->data != NULL) {
-+ if (data->user) {
-+ /* AUDIT: Are we really should not check that pointer
-+ from userspace was valid and data bytes were
-+ available? How will we return -EFAULT of some kind
-+ without this check? */
-+ assert("nikita-3038", schedulable());
-+ /* copy data from user space */
-+ __copy_from_user(zdata(target->node) + offset,
-+ (const char __user *)data->data,
-+ (unsigned)data->length);
-+ } else
-+ /* copy from kernel space */
-+ memcpy(zdata(target->node) + offset, data->data,
-+ (unsigned)data->length);
-+ }
-+
-+ if (target->item_pos == 0) {
-+ /* left delimiting key has to be updated */
-+ prepare_for_update(NULL, target->node, info);
-+ }
-+
-+ if (item_plugin_by_coord(target)->b.create_hook != NULL) {
-+ item_plugin_by_coord(target)->b.create_hook(target, data->arg);
-+ }
-+
-+ return 0;
-+}
-+
-+/* plugin->u.node.update_item_key
-+ look for description of this method in plugin/node/node.h */
-+void
-+update_item_key_node40(coord_t * target, const reiser4_key * key,
-+ carry_plugin_info * info)
-+{
-+ item_header40 *ih;
-+
-+ ih = node40_ih_at_coord(target);
-+ memcpy(&ih->key, key, sizeof(reiser4_key));
-+
-+ if (target->item_pos == 0) {
-+ prepare_for_update(NULL, target->node, info);
-+ }
-+}
-+
-+/* this bits encode cut mode */
-+#define CMODE_TAIL 1
-+#define CMODE_WHOLE 2
-+#define CMODE_HEAD 4
-+
-+struct cut40_info {
-+ int mode;
-+ pos_in_node_t tail_removed; /* position of item which gets tail removed */
-+ pos_in_node_t first_removed; /* position of first the leftmost item among items removed completely */
-+ pos_in_node_t removed_count; /* number of items removed completely */
-+ pos_in_node_t head_removed; /* position of item which gets head removed */
-+
-+ pos_in_node_t freed_space_start;
-+ pos_in_node_t freed_space_end;
-+ pos_in_node_t first_moved;
-+ pos_in_node_t head_removed_location;
-+};
-+
-+static void init_cinfo(struct cut40_info *cinfo)
-+{
-+ cinfo->mode = 0;
-+ cinfo->tail_removed = MAX_POS_IN_NODE;
-+ cinfo->first_removed = MAX_POS_IN_NODE;
-+ cinfo->removed_count = MAX_POS_IN_NODE;
-+ cinfo->head_removed = MAX_POS_IN_NODE;
-+ cinfo->freed_space_start = MAX_POS_IN_NODE;
-+ cinfo->freed_space_end = MAX_POS_IN_NODE;
-+ cinfo->first_moved = MAX_POS_IN_NODE;
-+ cinfo->head_removed_location = MAX_POS_IN_NODE;
-+}
-+
-+/* complete cut_node40/kill_node40 content by removing the gap created by */
-+static void compact(znode * node, struct cut40_info *cinfo)
-+{
-+ node40_header *nh;
-+ item_header40 *ih;
-+ pos_in_node_t freed;
-+ pos_in_node_t pos, nr_items;
-+
-+ assert("vs-1526", (cinfo->freed_space_start != MAX_POS_IN_NODE &&
-+ cinfo->freed_space_end != MAX_POS_IN_NODE &&
-+ cinfo->first_moved != MAX_POS_IN_NODE));
-+ assert("vs-1523", cinfo->freed_space_end >= cinfo->freed_space_start);
-+
-+ nh = node40_node_header(node);
-+ nr_items = nh40_get_num_items(nh);
-+
-+ /* remove gap made up by removal */
-+ memmove(zdata(node) + cinfo->freed_space_start,
-+ zdata(node) + cinfo->freed_space_end,
-+ nh40_get_free_space_start(nh) - cinfo->freed_space_end);
-+
-+ /* update item headers of moved items - change their locations */
-+ pos = cinfo->first_moved;
-+ ih = node40_ih_at(node, pos);
-+ if (cinfo->head_removed_location != MAX_POS_IN_NODE) {
-+ assert("vs-1580", pos == cinfo->head_removed);
-+ ih40_set_offset(ih, cinfo->head_removed_location);
-+ pos++;
-+ ih--;
-+ }
-+
-+ freed = cinfo->freed_space_end - cinfo->freed_space_start;
-+ for (; pos < nr_items; pos++, ih--) {
-+ assert("vs-1581", ih == node40_ih_at(node, pos));
-+ ih40_set_offset(ih, ih40_get_offset(ih) - freed);
-+ }
-+
-+ /* free space start moved to right */
-+ nh40_set_free_space_start(nh, nh40_get_free_space_start(nh) - freed);
-+
-+ if (cinfo->removed_count != MAX_POS_IN_NODE) {
-+ /* number of items changed. Remove item headers of those items */
-+ ih = node40_ih_at(node, nr_items - 1);
-+ memmove(ih + cinfo->removed_count, ih,
-+ sizeof(item_header40) * (nr_items -
-+ cinfo->removed_count -
-+ cinfo->first_removed));
-+ freed += sizeof(item_header40) * cinfo->removed_count;
-+ node40_set_num_items(node, nh, nr_items - cinfo->removed_count);
-+ }
-+
-+ /* total amount of free space increased */
-+ nh40_set_free_space(nh, nh40_get_free_space(nh) + freed);
-+}
-+
-+int shrink_item_node40(coord_t * coord, int delta)
-+{
-+ node40_header *nh;
-+ item_header40 *ih;
-+ pos_in_node_t pos;
-+ pos_in_node_t nr_items;
-+ char *end;
-+ znode *node;
-+ int off;
-+
-+ assert("nikita-3487", coord != NULL);
-+ assert("nikita-3488", delta >= 0);
-+
-+ node = coord->node;
-+ nh = node40_node_header(node);
-+ nr_items = nh40_get_num_items(nh);
-+
-+ ih = node40_ih_at_coord(coord);
-+ assert("nikita-3489", delta <= length_by_coord_node40(coord));
-+ off = ih40_get_offset(ih) + length_by_coord_node40(coord);
-+ end = zdata(node) + off;
-+
-+ /* remove gap made up by removal */
-+ memmove(end - delta, end, nh40_get_free_space_start(nh) - off);
-+
-+ /* update item headers of moved items - change their locations */
-+ pos = coord->item_pos + 1;
-+ ih = node40_ih_at(node, pos);
-+ for (; pos < nr_items; pos++, ih--) {
-+ assert("nikita-3490", ih == node40_ih_at(node, pos));
-+ ih40_set_offset(ih, ih40_get_offset(ih) - delta);
-+ }
-+
-+ /* free space start moved to left */
-+ nh40_set_free_space_start(nh, nh40_get_free_space_start(nh) - delta);
-+ /* total amount of free space increased */
-+ nh40_set_free_space(nh, nh40_get_free_space(nh) + delta);
-+ /*
-+ * This method does _not_ changes number of items. Hence, it cannot
-+ * make node empty. Also it doesn't remove items at all, which means
-+ * that no keys have to be updated either.
-+ */
-+ return 0;
-+}
-+
-+/* this is used by cut_node40 and kill_node40. It analyses input parameters and calculates cut mode. There are 2 types
-+ of cut. First is when a unit is removed from the middle of an item. In this case this function returns 1. All the
-+ rest fits into second case: 0 or 1 of items getting tail cut, 0 or more items removed completely and 0 or 1 item
-+ getting head cut. Function returns 0 in this case */
-+static int
-+parse_cut(struct cut40_info *cinfo, const struct cut_kill_params *params)
-+{
-+ reiser4_key left_key, right_key;
-+ reiser4_key min_from_key, max_to_key;
-+ const reiser4_key *from_key, *to_key;
-+
-+ init_cinfo(cinfo);
-+
-+ /* calculate minimal key stored in first item of items to be cut (params->from) */
-+ item_key_by_coord(params->from, &min_from_key);
-+ /* and max key stored in last item of items to be cut (params->to) */
-+ max_item_key_by_coord(params->to, &max_to_key);
-+
-+ /* if cut key range is not defined in input parameters - define it using cut coord range */
-+ if (params->from_key == NULL) {
-+ assert("vs-1513", params->to_key == NULL);
-+ unit_key_by_coord(params->from, &left_key);
-+ from_key = &left_key;
-+ max_unit_key_by_coord(params->to, &right_key);
-+ to_key = &right_key;
-+ } else {
-+ from_key = params->from_key;
-+ to_key = params->to_key;
-+ }
-+
-+ if (params->from->item_pos == params->to->item_pos) {
-+ if (keylt(&min_from_key, from_key)
-+ && keylt(to_key, &max_to_key))
-+ return 1;
-+
-+ if (keygt(from_key, &min_from_key)) {
-+ /* tail of item is to be cut cut */
-+ cinfo->tail_removed = params->from->item_pos;
-+ cinfo->mode |= CMODE_TAIL;
-+ } else if (keylt(to_key, &max_to_key)) {
-+ /* head of item is to be cut */
-+ cinfo->head_removed = params->from->item_pos;
-+ cinfo->mode |= CMODE_HEAD;
-+ } else {
-+ /* item is removed completely */
-+ cinfo->first_removed = params->from->item_pos;
-+ cinfo->removed_count = 1;
-+ cinfo->mode |= CMODE_WHOLE;
-+ }
-+ } else {
-+ cinfo->first_removed = params->from->item_pos + 1;
-+ cinfo->removed_count =
-+ params->to->item_pos - params->from->item_pos - 1;
-+
-+ if (keygt(from_key, &min_from_key)) {
-+ /* first item is not cut completely */
-+ cinfo->tail_removed = params->from->item_pos;
-+ cinfo->mode |= CMODE_TAIL;
-+ } else {
-+ cinfo->first_removed--;
-+ cinfo->removed_count++;
-+ }
-+ if (keylt(to_key, &max_to_key)) {
-+ /* last item is not cut completely */
-+ cinfo->head_removed = params->to->item_pos;
-+ cinfo->mode |= CMODE_HEAD;
-+ } else {
-+ cinfo->removed_count++;
-+ }
-+ if (cinfo->removed_count)
-+ cinfo->mode |= CMODE_WHOLE;
-+ }
-+
-+ return 0;
-+}
-+
-+static void
-+call_kill_hooks(znode * node, pos_in_node_t from, pos_in_node_t count,
-+ carry_kill_data * kdata)
-+{
-+ coord_t coord;
-+ item_plugin *iplug;
-+ pos_in_node_t pos;
-+
-+ coord.node = node;
-+ coord.unit_pos = 0;
-+ coord.between = AT_UNIT;
-+ for (pos = 0; pos < count; pos++) {
-+ coord_set_item_pos(&coord, from + pos);
-+ coord.unit_pos = 0;
-+ coord.between = AT_UNIT;
-+ iplug = item_plugin_by_coord(&coord);
-+ if (iplug->b.kill_hook) {
-+ iplug->b.kill_hook(&coord, 0, coord_num_units(&coord),
-+ kdata);
-+ }
-+ }
-+}
-+
-+/* this is used to kill item partially */
-+static pos_in_node_t
-+kill_units(coord_t * coord, pos_in_node_t from, pos_in_node_t to, void *data,
-+ reiser4_key * smallest_removed, reiser4_key * new_first_key)
-+{
-+ struct carry_kill_data *kdata;
-+ item_plugin *iplug;
-+
-+ kdata = data;
-+ iplug = item_plugin_by_coord(coord);
-+
-+ assert("vs-1524", iplug->b.kill_units);
-+ return iplug->b.kill_units(coord, from, to, kdata, smallest_removed,
-+ new_first_key);
-+}
-+
-+/* call item plugin to cut tail of file */
-+static pos_in_node_t
-+kill_tail(coord_t * coord, void *data, reiser4_key * smallest_removed)
-+{
-+ struct carry_kill_data *kdata;
-+ pos_in_node_t to;
-+
-+ kdata = data;
-+ to = coord_last_unit_pos(coord);
-+ return kill_units(coord, coord->unit_pos, to, kdata, smallest_removed,
-+ NULL);
-+}
-+
-+/* call item plugin to cut head of item */
-+static pos_in_node_t
-+kill_head(coord_t * coord, void *data, reiser4_key * smallest_removed,
-+ reiser4_key * new_first_key)
-+{
-+ return kill_units(coord, 0, coord->unit_pos, data, smallest_removed,
-+ new_first_key);
-+}
-+
-+/* this is used to cut item partially */
-+static pos_in_node_t
-+cut_units(coord_t * coord, pos_in_node_t from, pos_in_node_t to, void *data,
-+ reiser4_key * smallest_removed, reiser4_key * new_first_key)
-+{
-+ carry_cut_data *cdata;
-+ item_plugin *iplug;
-+
-+ cdata = data;
-+ iplug = item_plugin_by_coord(coord);
-+ assert("vs-302", iplug->b.cut_units);
-+ return iplug->b.cut_units(coord, from, to, cdata, smallest_removed,
-+ new_first_key);
-+}
-+
-+/* call item plugin to cut tail of file */
-+static pos_in_node_t
-+cut_tail(coord_t * coord, void *data, reiser4_key * smallest_removed)
-+{
-+ carry_cut_data *cdata;
-+ pos_in_node_t to;
-+
-+ cdata = data;
-+ to = coord_last_unit_pos(cdata->params.from);
-+ return cut_units(coord, coord->unit_pos, to, data, smallest_removed, NULL);
-+}
-+
-+/* call item plugin to cut head of item */
-+static pos_in_node_t
-+cut_head(coord_t * coord, void *data, reiser4_key * smallest_removed,
-+ reiser4_key * new_first_key)
-+{
-+ return cut_units(coord, 0, coord->unit_pos, data, smallest_removed,
-+ new_first_key);
-+}
-+
-+/* this returns 1 of key of first item changed, 0 - if it did not */
-+static int
-+prepare_for_compact(struct cut40_info *cinfo,
-+ const struct cut_kill_params *params, int is_cut,
-+ void *data, carry_plugin_info * info)
-+{
-+ znode *node;
-+ item_header40 *ih;
-+ pos_in_node_t freed;
-+ pos_in_node_t item_pos;
-+ coord_t coord;
-+ reiser4_key new_first_key;
-+ pos_in_node_t(*kill_units_f) (coord_t *, pos_in_node_t, pos_in_node_t,
-+ void *, reiser4_key *, reiser4_key *);
-+ pos_in_node_t(*kill_tail_f) (coord_t *, void *, reiser4_key *);
-+ pos_in_node_t(*kill_head_f) (coord_t *, void *, reiser4_key *,
-+ reiser4_key *);
-+ int retval;
-+
-+ retval = 0;
-+
-+ node = params->from->node;
-+
-+ assert("vs-184", node == params->to->node);
-+ assert("vs-312", !node_is_empty(node));
-+ assert("vs-297",
-+ coord_compare(params->from, params->to) != COORD_CMP_ON_RIGHT);
-+
-+ if (is_cut) {
-+ kill_units_f = cut_units;
-+ kill_tail_f = cut_tail;
-+ kill_head_f = cut_head;
-+ } else {
-+ kill_units_f = kill_units;
-+ kill_tail_f = kill_tail;
-+ kill_head_f = kill_head;
-+ }
-+
-+ if (parse_cut(cinfo, params) == 1) {
-+ /* cut from the middle of item */
-+ freed =
-+ kill_units_f(params->from, params->from->unit_pos,
-+ params->to->unit_pos, data,
-+ params->smallest_removed, NULL);
-+
-+ item_pos = params->from->item_pos;
-+ ih = node40_ih_at(node, item_pos);
-+ cinfo->freed_space_start =
-+ ih40_get_offset(ih) + node40_item_length(node,
-+ item_pos) - freed;
-+ cinfo->freed_space_end = cinfo->freed_space_start + freed;
-+ cinfo->first_moved = item_pos + 1;
-+ } else {
-+ assert("vs-1521", (cinfo->tail_removed != MAX_POS_IN_NODE ||
-+ cinfo->first_removed != MAX_POS_IN_NODE ||
-+ cinfo->head_removed != MAX_POS_IN_NODE));
-+
-+ switch (cinfo->mode) {
-+ case CMODE_TAIL:
-+ /* one item gets cut partially from its end */
-+ assert("vs-1562",
-+ cinfo->tail_removed == params->from->item_pos);
-+
-+ freed =
-+ kill_tail_f(params->from, data,
-+ params->smallest_removed);
-+
-+ item_pos = cinfo->tail_removed;
-+ ih = node40_ih_at(node, item_pos);
-+ cinfo->freed_space_start =
-+ ih40_get_offset(ih) + node40_item_length(node,
-+ item_pos) -
-+ freed;
-+ cinfo->freed_space_end =
-+ cinfo->freed_space_start + freed;
-+ cinfo->first_moved = cinfo->tail_removed + 1;
-+ break;
-+
-+ case CMODE_WHOLE:
-+ /* one or more items get removed completely */
-+ assert("vs-1563",
-+ cinfo->first_removed == params->from->item_pos);
-+ assert("vs-1564", cinfo->removed_count > 0
-+ && cinfo->removed_count != MAX_POS_IN_NODE);
-+
-+ /* call kill hook for all items removed completely */
-+ if (is_cut == 0)
-+ call_kill_hooks(node, cinfo->first_removed,
-+ cinfo->removed_count, data);
-+
-+ item_pos = cinfo->first_removed;
-+ ih = node40_ih_at(node, item_pos);
-+
-+ if (params->smallest_removed)
-+ memcpy(params->smallest_removed, &ih->key,
-+ sizeof(reiser4_key));
-+
-+ cinfo->freed_space_start = ih40_get_offset(ih);
-+
-+ item_pos += (cinfo->removed_count - 1);
-+ ih -= (cinfo->removed_count - 1);
-+ cinfo->freed_space_end =
-+ ih40_get_offset(ih) + node40_item_length(node,
-+ item_pos);
-+ cinfo->first_moved = item_pos + 1;
-+ if (cinfo->first_removed == 0)
-+ /* key of first item of the node changes */
-+ retval = 1;
-+ break;
-+
-+ case CMODE_HEAD:
-+ /* one item gets cut partially from its head */
-+ assert("vs-1565",
-+ cinfo->head_removed == params->from->item_pos);
-+
-+ freed =
-+ kill_head_f(params->to, data,
-+ params->smallest_removed,
-+ &new_first_key);
-+
-+ item_pos = cinfo->head_removed;
-+ ih = node40_ih_at(node, item_pos);
-+ cinfo->freed_space_start = ih40_get_offset(ih);
-+ cinfo->freed_space_end = ih40_get_offset(ih) + freed;
-+ cinfo->first_moved = cinfo->head_removed + 1;
-+
-+ /* item head is removed, therefore, item key changed */
-+ coord.node = node;
-+ coord_set_item_pos(&coord, item_pos);
-+ coord.unit_pos = 0;
-+ coord.between = AT_UNIT;
-+ update_item_key_node40(&coord, &new_first_key, NULL);
-+ if (item_pos == 0)
-+ /* key of first item of the node changes */
-+ retval = 1;
-+ break;
-+
-+ case CMODE_TAIL | CMODE_WHOLE:
-+ /* one item gets cut from its end and one or more items get removed completely */
-+ assert("vs-1566",
-+ cinfo->tail_removed == params->from->item_pos);
-+ assert("vs-1567",
-+ cinfo->first_removed == cinfo->tail_removed + 1);
-+ assert("vs-1564", cinfo->removed_count > 0
-+ && cinfo->removed_count != MAX_POS_IN_NODE);
-+
-+ freed =
-+ kill_tail_f(params->from, data,
-+ params->smallest_removed);
-+
-+ item_pos = cinfo->tail_removed;
-+ ih = node40_ih_at(node, item_pos);
-+ cinfo->freed_space_start =
-+ ih40_get_offset(ih) + node40_item_length(node,
-+ item_pos) -
-+ freed;
-+
-+ /* call kill hook for all items removed completely */
-+ if (is_cut == 0)
-+ call_kill_hooks(node, cinfo->first_removed,
-+ cinfo->removed_count, data);
-+
-+ item_pos += cinfo->removed_count;
-+ ih -= cinfo->removed_count;
-+ cinfo->freed_space_end =
-+ ih40_get_offset(ih) + node40_item_length(node,
-+ item_pos);
-+ cinfo->first_moved = item_pos + 1;
-+ break;
-+
-+ case CMODE_WHOLE | CMODE_HEAD:
-+ /* one or more items get removed completely and one item gets cut partially from its head */
-+ assert("vs-1568",
-+ cinfo->first_removed == params->from->item_pos);
-+ assert("vs-1564", cinfo->removed_count > 0
-+ && cinfo->removed_count != MAX_POS_IN_NODE);
-+ assert("vs-1569",
-+ cinfo->head_removed ==
-+ cinfo->first_removed + cinfo->removed_count);
-+
-+ /* call kill hook for all items removed completely */
-+ if (is_cut == 0)
-+ call_kill_hooks(node, cinfo->first_removed,
-+ cinfo->removed_count, data);
-+
-+ item_pos = cinfo->first_removed;
-+ ih = node40_ih_at(node, item_pos);
-+
-+ if (params->smallest_removed)
-+ memcpy(params->smallest_removed, &ih->key,
-+ sizeof(reiser4_key));
-+
-+ freed =
-+ kill_head_f(params->to, data, NULL, &new_first_key);
-+
-+ cinfo->freed_space_start = ih40_get_offset(ih);
-+
-+ ih = node40_ih_at(node, cinfo->head_removed);
-+ /* this is the most complex case. Item which got head removed and items which are to be moved
-+ intact change their location differently. */
-+ cinfo->freed_space_end = ih40_get_offset(ih) + freed;
-+ cinfo->first_moved = cinfo->head_removed;
-+ cinfo->head_removed_location = cinfo->freed_space_start;
-+
-+ /* item head is removed, therefore, item key changed */
-+ coord.node = node;
-+ coord_set_item_pos(&coord, cinfo->head_removed);
-+ coord.unit_pos = 0;
-+ coord.between = AT_UNIT;
-+ update_item_key_node40(&coord, &new_first_key, NULL);
-+
-+ assert("vs-1579", cinfo->first_removed == 0);
-+ /* key of first item of the node changes */
-+ retval = 1;
-+ break;
-+
-+ case CMODE_TAIL | CMODE_HEAD:
-+ /* one item get cut from its end and its neighbor gets cut from its tail */
-+ impossible("vs-1576", "this can not happen currently");
-+ break;
-+
-+ case CMODE_TAIL | CMODE_WHOLE | CMODE_HEAD:
-+ impossible("vs-1577", "this can not happen currently");
-+ break;
-+ default:
-+ impossible("vs-1578", "unexpected cut mode");
-+ break;
-+ }
-+ }
-+ return retval;
-+}
-+
-+/* plugin->u.node.kill
-+ return value is number of items removed completely */
-+int kill_node40(struct carry_kill_data *kdata, carry_plugin_info * info)
-+{
-+ znode *node;
-+ struct cut40_info cinfo;
-+ int first_key_changed;
-+
-+ node = kdata->params.from->node;
-+
-+ first_key_changed =
-+ prepare_for_compact(&cinfo, &kdata->params, 0 /* not cut */ , kdata,
-+ info);
-+ compact(node, &cinfo);
-+
-+ if (info) {
-+ /* it is not called by node40_shift, so we have to take care
-+ of changes on upper levels */
-+ if (node_is_empty(node)
-+ && !(kdata->flags & DELETE_RETAIN_EMPTY))
-+ /* all contents of node is deleted */
-+ prepare_removal_node40(node, info);
-+ else if (first_key_changed) {
-+ prepare_for_update(NULL, node, info);
-+ }
-+ }
-+
-+ coord_clear_iplug(kdata->params.from);
-+ coord_clear_iplug(kdata->params.to);
-+
-+ znode_make_dirty(node);
-+ return cinfo.removed_count == MAX_POS_IN_NODE ? 0 : cinfo.removed_count;
-+}
-+
-+/* plugin->u.node.cut
-+ return value is number of items removed completely */
-+int cut_node40(struct carry_cut_data *cdata, carry_plugin_info * info)
-+{
-+ znode *node;
-+ struct cut40_info cinfo;
-+ int first_key_changed;
-+
-+ node = cdata->params.from->node;
-+
-+ first_key_changed =
-+ prepare_for_compact(&cinfo, &cdata->params, 1 /* not cut */ , cdata,
-+ info);
-+ compact(node, &cinfo);
-+
-+ if (info) {
-+ /* it is not called by node40_shift, so we have to take care
-+ of changes on upper levels */
-+ if (node_is_empty(node))
-+ /* all contents of node is deleted */
-+ prepare_removal_node40(node, info);
-+ else if (first_key_changed) {
-+ prepare_for_update(NULL, node, info);
-+ }
-+ }
-+
-+ coord_clear_iplug(cdata->params.from);
-+ coord_clear_iplug(cdata->params.to);
-+
-+ znode_make_dirty(node);
-+ return cinfo.removed_count == MAX_POS_IN_NODE ? 0 : cinfo.removed_count;
-+}
-+
-+/* this structure is used by shift method of node40 plugin */
-+struct shift_params {
-+ shift_direction pend; /* when @pend == append - we are shifting to
-+ left, when @pend == prepend - to right */
-+ coord_t wish_stop; /* when shifting to left this is last unit we
-+ want shifted, when shifting to right - this
-+ is set to unit we want to start shifting
-+ from */
-+ znode *target;
-+ int everything; /* it is set to 1 if everything we have to shift is
-+ shifted, 0 - otherwise */
-+
-+ /* FIXME-VS: get rid of read_stop */
-+
-+ /* these are set by estimate_shift */
-+ coord_t real_stop; /* this will be set to last unit which will be
-+ really shifted */
-+
-+ /* coordinate in source node before operation of unit which becomes
-+ first after shift to left of last after shift to right */
-+ union {
-+ coord_t future_first;
-+ coord_t future_last;
-+ } u;
-+
-+ unsigned merging_units; /* number of units of first item which have to
-+ be merged with last item of target node */
-+ unsigned merging_bytes; /* number of bytes in those units */
-+
-+ unsigned entire; /* items shifted in their entirety */
-+ unsigned entire_bytes; /* number of bytes in those items */
-+
-+ unsigned part_units; /* number of units of partially copied item */
-+ unsigned part_bytes; /* number of bytes in those units */
-+
-+ unsigned shift_bytes; /* total number of bytes in items shifted (item
-+ headers not included) */
-+
-+};
-+
-+static int item_creation_overhead(coord_t *item)
-+{
-+ return node_plugin_by_coord(item)->item_overhead(item->node, NULL);
-+}
-+
-+/* how many units are there in @source starting from source->unit_pos
-+ but not further than @stop_coord */
-+static int
-+wanted_units(coord_t *source, coord_t *stop_coord, shift_direction pend)
-+{
-+ if (pend == SHIFT_LEFT) {
-+ assert("vs-181", source->unit_pos == 0);
-+ } else {
-+ assert("vs-182",
-+ source->unit_pos == coord_last_unit_pos(source));
-+ }
-+
-+ if (source->item_pos != stop_coord->item_pos) {
-+ /* @source and @stop_coord are different items */
-+ return coord_last_unit_pos(source) + 1;
-+ }
-+
-+ if (pend == SHIFT_LEFT) {
-+ return stop_coord->unit_pos + 1;
-+ } else {
-+ return source->unit_pos - stop_coord->unit_pos + 1;
-+ }
-+}
-+
-+/* this calculates what can be copied from @shift->wish_stop.node to
-+ @shift->target */
-+static void
-+estimate_shift(struct shift_params *shift, const reiser4_context * ctx)
-+{
-+ unsigned target_free_space, size;
-+ pos_in_node_t stop_item; /* item which estimating should not consider */
-+ unsigned want; /* number of units of item we want shifted */
-+ coord_t source; /* item being estimated */
-+ item_plugin *iplug;
-+
-+ /* shifting to left/right starts from first/last units of
-+ @shift->wish_stop.node */
-+ if (shift->pend == SHIFT_LEFT) {
-+ coord_init_first_unit(&source, shift->wish_stop.node);
-+ } else {
-+ coord_init_last_unit(&source, shift->wish_stop.node);
-+ }
-+ shift->real_stop = source;
-+
-+ /* free space in target node and number of items in source */
-+ target_free_space = znode_free_space(shift->target);
-+
-+ shift->everything = 0;
-+ if (!node_is_empty(shift->target)) {
-+ /* target node is not empty, check for boundary items
-+ mergeability */
-+ coord_t to;
-+
-+ /* item we try to merge @source with */
-+ if (shift->pend == SHIFT_LEFT) {
-+ coord_init_last_unit(&to, shift->target);
-+ } else {
-+ coord_init_first_unit(&to, shift->target);
-+ }
-+
-+ if ((shift->pend == SHIFT_LEFT) ? are_items_mergeable(&to,
-+ &source) :
-+ are_items_mergeable(&source, &to)) {
-+ /* how many units of @source do we want to merge to
-+ item @to */
-+ want =
-+ wanted_units(&source, &shift->wish_stop,
-+ shift->pend);
-+
-+ /* how many units of @source we can merge to item
-+ @to */
-+ iplug = item_plugin_by_coord(&source);
-+ if (iplug->b.can_shift != NULL)
-+ shift->merging_units =
-+ iplug->b.can_shift(target_free_space,
-+ &source, shift->target,
-+ shift->pend, &size,
-+ want);
-+ else {
-+ shift->merging_units = 0;
-+ size = 0;
-+ }
-+ shift->merging_bytes = size;
-+ shift->shift_bytes += size;
-+ /* update stop coord to be set to last unit of @source
-+ we can merge to @target */
-+ if (shift->merging_units)
-+ /* at least one unit can be shifted */
-+ shift->real_stop.unit_pos =
-+ (shift->merging_units - source.unit_pos -
-+ 1) * shift->pend;
-+ else {
-+ /* nothing can be shifted */
-+ if (shift->pend == SHIFT_LEFT)
-+ coord_init_before_first_item(&shift->
-+ real_stop,
-+ source.
-+ node);
-+ else
-+ coord_init_after_last_item(&shift->
-+ real_stop,
-+ source.node);
-+ }
-+ assert("nikita-2081", shift->real_stop.unit_pos + 1);
-+
-+ if (shift->merging_units != want) {
-+ /* we could not copy as many as we want, so,
-+ there is no reason for estimating any
-+ longer */
-+ return;
-+ }
-+
-+ target_free_space -= size;
-+ coord_add_item_pos(&source, shift->pend);
-+ }
-+ }
-+
-+ /* number of item nothing of which we want to shift */
-+ stop_item = shift->wish_stop.item_pos + shift->pend;
-+
-+ /* calculate how many items can be copied into given free
-+ space as whole */
-+ for (; source.item_pos != stop_item;
-+ coord_add_item_pos(&source, shift->pend)) {
-+ if (shift->pend == SHIFT_RIGHT)
-+ source.unit_pos = coord_last_unit_pos(&source);
-+
-+ /* how many units of @source do we want to copy */
-+ want = wanted_units(&source, &shift->wish_stop, shift->pend);
-+
-+ if (want == coord_last_unit_pos(&source) + 1) {
-+ /* we want this item to be copied entirely */
-+ size =
-+ item_length_by_coord(&source) +
-+ item_creation_overhead(&source);
-+ if (size <= target_free_space) {
-+ /* item fits into target node as whole */
-+ target_free_space -= size;
-+ shift->shift_bytes +=
-+ size - item_creation_overhead(&source);
-+ shift->entire_bytes +=
-+ size - item_creation_overhead(&source);
-+ shift->entire++;
-+
-+ /* update shift->real_stop coord to be set to
-+ last unit of @source we can merge to
-+ @target */
-+ shift->real_stop = source;
-+ if (shift->pend == SHIFT_LEFT)
-+ shift->real_stop.unit_pos =
-+ coord_last_unit_pos(&shift->
-+ real_stop);
-+ else
-+ shift->real_stop.unit_pos = 0;
-+ continue;
-+ }
-+ }
-+
-+ /* we reach here only for an item which does not fit into
-+ target node in its entirety. This item may be either
-+ partially shifted, or not shifted at all. We will have to
-+ create new item in target node, so decrease amout of free
-+ space by an item creation overhead. We can reach here also
-+ if stop coord is in this item */
-+ if (target_free_space >=
-+ (unsigned)item_creation_overhead(&source)) {
-+ target_free_space -= item_creation_overhead(&source);
-+ iplug = item_plugin_by_coord(&source);
-+ if (iplug->b.can_shift) {
-+ shift->part_units = iplug->b.can_shift(target_free_space,
-+ &source,
-+ NULL, /* target */
-+ shift->pend,
-+ &size,
-+ want);
-+ } else {
-+ target_free_space = 0;
-+ shift->part_units = 0;
-+ size = 0;
-+ }
-+ } else {
-+ target_free_space = 0;
-+ shift->part_units = 0;
-+ size = 0;
-+ }
-+ shift->part_bytes = size;
-+ shift->shift_bytes += size;
-+
-+ /* set @shift->real_stop to last unit of @source we can merge
-+ to @shift->target */
-+ if (shift->part_units) {
-+ shift->real_stop = source;
-+ shift->real_stop.unit_pos =
-+ (shift->part_units - source.unit_pos -
-+ 1) * shift->pend;
-+ assert("nikita-2082", shift->real_stop.unit_pos + 1);
-+ }
-+
-+ if (want != shift->part_units)
-+ /* not everything wanted were shifted */
-+ return;
-+ break;
-+ }
-+
-+ shift->everything = 1;
-+}
-+
-+static void
-+copy_units(coord_t * target, coord_t * source, unsigned from, unsigned count,
-+ shift_direction dir, unsigned free_space)
-+{
-+ item_plugin *iplug;
-+
-+ assert("nikita-1463", target != NULL);
-+ assert("nikita-1464", source != NULL);
-+ assert("nikita-1465", from + count <= coord_num_units(source));
-+
-+ iplug = item_plugin_by_coord(source);
-+ assert("nikita-1468", iplug == item_plugin_by_coord(target));
-+ iplug->b.copy_units(target, source, from, count, dir, free_space);
-+
-+ if (dir == SHIFT_RIGHT) {
-+ /* FIXME-VS: this looks not necessary. update_item_key was
-+ called already by copy_units method */
-+ reiser4_key split_key;
-+
-+ assert("nikita-1469", target->unit_pos == 0);
-+
-+ unit_key_by_coord(target, &split_key);
-+ node_plugin_by_coord(target)->update_item_key(target,
-+ &split_key, NULL);
-+ }
-+}
-+
-+/* copy part of @shift->real_stop.node starting either from its beginning or
-+ from its end and ending at @shift->real_stop to either the end or the
-+ beginning of @shift->target */
-+static void copy(struct shift_params *shift)
-+{
-+ node40_header *nh;
-+ coord_t from;
-+ coord_t to;
-+ item_header40 *from_ih, *to_ih;
-+ int free_space_start;
-+ int new_items;
-+ unsigned old_items;
-+ int old_offset;
-+ unsigned i;
-+
-+ nh = node40_node_header(shift->target);
-+ free_space_start = nh40_get_free_space_start(nh);
-+ old_items = nh40_get_num_items(nh);
-+ new_items = shift->entire + (shift->part_units ? 1 : 0);
-+ assert("vs-185",
-+ shift->shift_bytes ==
-+ shift->merging_bytes + shift->entire_bytes + shift->part_bytes);
-+
-+ from = shift->wish_stop;
-+
-+ coord_init_first_unit(&to, shift->target);
-+
-+ /* NOTE:NIKITA->VS not sure what I am doing: shift->target is empty,
-+ hence to.between is set to EMPTY_NODE above. Looks like we want it
-+ to be AT_UNIT.
-+
-+ Oh, wonders of ->betweeness...
-+
-+ */
-+ to.between = AT_UNIT;
-+
-+ if (shift->pend == SHIFT_LEFT) {
-+ /* copying to left */
-+
-+ coord_set_item_pos(&from, 0);
-+ from_ih = node40_ih_at(from.node, 0);
-+
-+ coord_set_item_pos(&to,
-+ node40_num_of_items_internal(to.node) - 1);
-+ if (shift->merging_units) {
-+ /* expand last item, so that plugin methods will see
-+ correct data */
-+ free_space_start += shift->merging_bytes;
-+ nh40_set_free_space_start(nh,
-+ (unsigned)free_space_start);
-+ nh40_set_free_space(nh,
-+ nh40_get_free_space(nh) -
-+ shift->merging_bytes);
-+
-+ /* appending last item of @target */
-+ copy_units(&to, &from, 0, /* starting from 0-th unit */
-+ shift->merging_units, SHIFT_LEFT,
-+ shift->merging_bytes);
-+ coord_inc_item_pos(&from);
-+ from_ih--;
-+ coord_inc_item_pos(&to);
-+ }
-+
-+ to_ih = node40_ih_at(shift->target, old_items);
-+ if (shift->entire) {
-+ /* copy @entire items entirely */
-+
-+ /* copy item headers */
-+ memcpy(to_ih - shift->entire + 1,
-+ from_ih - shift->entire + 1,
-+ shift->entire * sizeof(item_header40));
-+ /* update item header offset */
-+ old_offset = ih40_get_offset(from_ih);
-+ /* AUDIT: Looks like if we calculate old_offset + free_space_start here instead of just old_offset, we can perform one "add" operation less per each iteration */
-+ for (i = 0; i < shift->entire; i++, to_ih--, from_ih--)
-+ ih40_set_offset(to_ih,
-+ ih40_get_offset(from_ih) -
-+ old_offset + free_space_start);
-+
-+ /* copy item bodies */
-+ memcpy(zdata(shift->target) + free_space_start, zdata(from.node) + old_offset, /*ih40_get_offset (from_ih), */
-+ shift->entire_bytes);
-+
-+ coord_add_item_pos(&from, (int)shift->entire);
-+ coord_add_item_pos(&to, (int)shift->entire);
-+ }
-+
-+ nh40_set_free_space_start(nh,
-+ free_space_start +
-+ shift->shift_bytes -
-+ shift->merging_bytes);
-+ nh40_set_free_space(nh,
-+ nh40_get_free_space(nh) -
-+ (shift->shift_bytes - shift->merging_bytes +
-+ sizeof(item_header40) * new_items));
-+
-+ /* update node header */
-+ node40_set_num_items(shift->target, nh, old_items + new_items);
-+ assert("vs-170",
-+ nh40_get_free_space(nh) < znode_size(shift->target));
-+
-+ if (shift->part_units) {
-+ /* copy heading part (@part units) of @source item as
-+ a new item into @target->node */
-+
-+ /* copy item header of partially copied item */
-+ coord_set_item_pos(&to,
-+ node40_num_of_items_internal(to.node)
-+ - 1);
-+ memcpy(to_ih, from_ih, sizeof(item_header40));
-+ ih40_set_offset(to_ih,
-+ nh40_get_free_space_start(nh) -
-+ shift->part_bytes);
-+ if (item_plugin_by_coord(&to)->b.init)
-+ item_plugin_by_coord(&to)->b.init(&to, &from,
-+ NULL);
-+ copy_units(&to, &from, 0, shift->part_units, SHIFT_LEFT,
-+ shift->part_bytes);
-+ }
-+
-+ } else {
-+ /* copying to right */
-+
-+ coord_set_item_pos(&from,
-+ node40_num_of_items_internal(from.node) - 1);
-+ from_ih = node40_ih_at_coord(&from);
-+
-+ coord_set_item_pos(&to, 0);
-+
-+ /* prepare space for new items */
-+ memmove(zdata(to.node) + sizeof(node40_header) +
-+ shift->shift_bytes,
-+ zdata(to.node) + sizeof(node40_header),
-+ free_space_start - sizeof(node40_header));
-+ /* update item headers of moved items */
-+ to_ih = node40_ih_at(to.node, 0);
-+ /* first item gets @merging_bytes longer. free space appears
-+ at its beginning */
-+ if (!node_is_empty(to.node))
-+ ih40_set_offset(to_ih,
-+ ih40_get_offset(to_ih) +
-+ shift->shift_bytes -
-+ shift->merging_bytes);
-+
-+ for (i = 1; i < old_items; i++)
-+ ih40_set_offset(to_ih - i,
-+ ih40_get_offset(to_ih - i) +
-+ shift->shift_bytes);
-+
-+ /* move item headers to make space for new items */
-+ memmove(to_ih - old_items + 1 - new_items,
-+ to_ih - old_items + 1,
-+ sizeof(item_header40) * old_items);
-+ to_ih -= (new_items - 1);
-+
-+ nh40_set_free_space_start(nh,
-+ free_space_start +
-+ shift->shift_bytes);
-+ nh40_set_free_space(nh,
-+ nh40_get_free_space(nh) -
-+ (shift->shift_bytes +
-+ sizeof(item_header40) * new_items));
-+
-+ /* update node header */
-+ node40_set_num_items(shift->target, nh, old_items + new_items);
-+ assert("vs-170",
-+ nh40_get_free_space(nh) < znode_size(shift->target));
-+
-+ if (shift->merging_units) {
-+ coord_add_item_pos(&to, new_items);
-+ to.unit_pos = 0;
-+ to.between = AT_UNIT;
-+ /* prepend first item of @to */
-+ copy_units(&to, &from,
-+ coord_last_unit_pos(&from) -
-+ shift->merging_units + 1,
-+ shift->merging_units, SHIFT_RIGHT,
-+ shift->merging_bytes);
-+ coord_dec_item_pos(&from);
-+ from_ih++;
-+ }
-+
-+ if (shift->entire) {
-+ /* copy @entire items entirely */
-+
-+ /* copy item headers */
-+ memcpy(to_ih, from_ih,
-+ shift->entire * sizeof(item_header40));
-+
-+ /* update item header offset */
-+ old_offset =
-+ ih40_get_offset(from_ih + shift->entire - 1);
-+ /* AUDIT: old_offset + sizeof (node40_header) + shift->part_bytes calculation can be taken off the loop. */
-+ for (i = 0; i < shift->entire; i++, to_ih++, from_ih++)
-+ ih40_set_offset(to_ih,
-+ ih40_get_offset(from_ih) -
-+ old_offset +
-+ sizeof(node40_header) +
-+ shift->part_bytes);
-+ /* copy item bodies */
-+ coord_add_item_pos(&from, -(int)(shift->entire - 1));
-+ memcpy(zdata(to.node) + sizeof(node40_header) +
-+ shift->part_bytes, item_by_coord_node40(&from),
-+ shift->entire_bytes);
-+ coord_dec_item_pos(&from);
-+ }
-+
-+ if (shift->part_units) {
-+ coord_set_item_pos(&to, 0);
-+ to.unit_pos = 0;
-+ to.between = AT_UNIT;
-+ /* copy heading part (@part units) of @source item as
-+ a new item into @target->node */
-+
-+ /* copy item header of partially copied item */
-+ memcpy(to_ih, from_ih, sizeof(item_header40));
-+ ih40_set_offset(to_ih, sizeof(node40_header));
-+ if (item_plugin_by_coord(&to)->b.init)
-+ item_plugin_by_coord(&to)->b.init(&to, &from,
-+ NULL);
-+ copy_units(&to, &from,
-+ coord_last_unit_pos(&from) -
-+ shift->part_units + 1, shift->part_units,
-+ SHIFT_RIGHT, shift->part_bytes);
-+ }
-+ }
-+}
-+
-+/* remove everything either before or after @fact_stop. Number of items
-+ removed completely is returned */
-+static int delete_copied(struct shift_params *shift)
-+{
-+ coord_t from;
-+ coord_t to;
-+ struct carry_cut_data cdata;
-+
-+ if (shift->pend == SHIFT_LEFT) {
-+ /* we were shifting to left, remove everything from the
-+ beginning of @shift->wish_stop->node upto
-+ @shift->wish_stop */
-+ coord_init_first_unit(&from, shift->real_stop.node);
-+ to = shift->real_stop;
-+
-+ /* store old coordinate of unit which will be first after
-+ shift to left */
-+ shift->u.future_first = to;
-+ coord_next_unit(&shift->u.future_first);
-+ } else {
-+ /* we were shifting to right, remove everything from
-+ @shift->stop_coord upto to end of
-+ @shift->stop_coord->node */
-+ from = shift->real_stop;
-+ coord_init_last_unit(&to, from.node);
-+
-+ /* store old coordinate of unit which will be last after
-+ shift to right */
-+ shift->u.future_last = from;
-+ coord_prev_unit(&shift->u.future_last);
-+ }
-+
-+ cdata.params.from = &from;
-+ cdata.params.to = &to;
-+ cdata.params.from_key = NULL;
-+ cdata.params.to_key = NULL;
-+ cdata.params.smallest_removed = NULL;
-+ return cut_node40(&cdata, NULL);
-+}
-+
-+/* something was moved between @left and @right. Add carry operation to @info
-+ list to have carry to update delimiting key between them */
-+static int
-+prepare_for_update(znode * left, znode * right, carry_plugin_info * info)
-+{
-+ carry_op *op;
-+ carry_node *cn;
-+
-+ if (info == NULL)
-+ /* nowhere to send operation to. */
-+ return 0;
-+
-+ if (!should_notify_parent(right))
-+ return 0;
-+
-+ op = node_post_carry(info, COP_UPDATE, right, 1);
-+ if (IS_ERR(op) || op == NULL)
-+ return op ? PTR_ERR(op) : -EIO;
-+
-+ if (left != NULL) {
-+ carry_node *reference;
-+
-+ if (info->doing)
-+ reference = insert_carry_node(info->doing,
-+ info->todo, left);
-+ else
-+ reference = op->node;
-+ assert("nikita-2992", reference != NULL);
-+ cn = add_carry(info->todo, POOLO_BEFORE, reference);
-+ if (IS_ERR(cn))
-+ return PTR_ERR(cn);
-+ cn->parent = 1;
-+ cn->node = left;
-+ if (ZF_ISSET(left, JNODE_ORPHAN))
-+ cn->left_before = 1;
-+ op->u.update.left = cn;
-+ } else
-+ op->u.update.left = NULL;
-+ return 0;
-+}
-+
-+/* plugin->u.node.prepare_removal
-+ to delete a pointer to @empty from the tree add corresponding carry
-+ operation (delete) to @info list */
-+int prepare_removal_node40(znode * empty, carry_plugin_info * info)
-+{
-+ carry_op *op;
-+ reiser4_tree *tree;
-+
-+ if (!should_notify_parent(empty))
-+ return 0;
-+ /* already on a road to Styx */
-+ if (ZF_ISSET(empty, JNODE_HEARD_BANSHEE))
-+ return 0;
-+ op = node_post_carry(info, COP_DELETE, empty, 1);
-+ if (IS_ERR(op) || op == NULL)
-+ return RETERR(op ? PTR_ERR(op) : -EIO);
-+
-+ op->u.delete.child = NULL;
-+ op->u.delete.flags = 0;
-+
-+ /* fare thee well */
-+ tree = znode_get_tree(empty);
-+ read_lock_tree(tree);
-+ write_lock_dk(tree);
-+ znode_set_ld_key(empty, znode_get_rd_key(empty));
-+ if (znode_is_left_connected(empty) && empty->left)
-+ znode_set_rd_key(empty->left, znode_get_rd_key(empty));
-+ write_unlock_dk(tree);
-+ read_unlock_tree(tree);
-+
-+ ZF_SET(empty, JNODE_HEARD_BANSHEE);
-+ return 0;
-+}
-+
-+/* something were shifted from @insert_coord->node to @shift->target, update
-+ @insert_coord correspondingly */
-+static void
-+adjust_coord(coord_t * insert_coord, struct shift_params *shift, int removed,
-+ int including_insert_coord)
-+{
-+ /* item plugin was invalidated by shifting */
-+ coord_clear_iplug(insert_coord);
-+
-+ if (node_is_empty(shift->wish_stop.node)) {
-+ assert("vs-242", shift->everything);
-+ if (including_insert_coord) {
-+ if (shift->pend == SHIFT_RIGHT) {
-+ /* set @insert_coord before first unit of
-+ @shift->target node */
-+ coord_init_before_first_item(insert_coord,
-+ shift->target);
-+ } else {
-+ /* set @insert_coord after last in target node */
-+ coord_init_after_last_item(insert_coord,
-+ shift->target);
-+ }
-+ } else {
-+ /* set @insert_coord inside of empty node. There is
-+ only one possible coord within an empty
-+ node. init_first_unit will set that coord */
-+ coord_init_first_unit(insert_coord,
-+ shift->wish_stop.node);
-+ }
-+ return;
-+ }
-+
-+ if (shift->pend == SHIFT_RIGHT) {
-+ /* there was shifting to right */
-+ if (shift->everything) {
-+ /* everything wanted was shifted */
-+ if (including_insert_coord) {
-+ /* @insert_coord is set before first unit of
-+ @to node */
-+ coord_init_before_first_item(insert_coord,
-+ shift->target);
-+ insert_coord->between = BEFORE_UNIT;
-+ } else {
-+ /* @insert_coord is set after last unit of
-+ @insert->node */
-+ coord_init_last_unit(insert_coord,
-+ shift->wish_stop.node);
-+ insert_coord->between = AFTER_UNIT;
-+ }
-+ }
-+ return;
-+ }
-+
-+ /* there was shifting to left */
-+ if (shift->everything) {
-+ /* everything wanted was shifted */
-+ if (including_insert_coord) {
-+ /* @insert_coord is set after last unit in @to node */
-+ coord_init_after_last_item(insert_coord, shift->target);
-+ } else {
-+ /* @insert_coord is set before first unit in the same
-+ node */
-+ coord_init_before_first_item(insert_coord,
-+ shift->wish_stop.node);
-+ }
-+ return;
-+ }
-+
-+ /* FIXME-VS: the code below is complicated because with between ==
-+ AFTER_ITEM unit_pos is set to 0 */
-+
-+ if (!removed) {
-+ /* no items were shifted entirely */
-+ assert("vs-195", shift->merging_units == 0
-+ || shift->part_units == 0);
-+
-+ if (shift->real_stop.item_pos == insert_coord->item_pos) {
-+ if (shift->merging_units) {
-+ if (insert_coord->between == AFTER_UNIT) {
-+ assert("nikita-1441",
-+ insert_coord->unit_pos >=
-+ shift->merging_units);
-+ insert_coord->unit_pos -=
-+ shift->merging_units;
-+ } else if (insert_coord->between == BEFORE_UNIT) {
-+ assert("nikita-2090",
-+ insert_coord->unit_pos >
-+ shift->merging_units);
-+ insert_coord->unit_pos -=
-+ shift->merging_units;
-+ }
-+
-+ assert("nikita-2083",
-+ insert_coord->unit_pos + 1);
-+ } else {
-+ if (insert_coord->between == AFTER_UNIT) {
-+ assert("nikita-1442",
-+ insert_coord->unit_pos >=
-+ shift->part_units);
-+ insert_coord->unit_pos -=
-+ shift->part_units;
-+ } else if (insert_coord->between == BEFORE_UNIT) {
-+ assert("nikita-2089",
-+ insert_coord->unit_pos >
-+ shift->part_units);
-+ insert_coord->unit_pos -=
-+ shift->part_units;
-+ }
-+
-+ assert("nikita-2084",
-+ insert_coord->unit_pos + 1);
-+ }
-+ }
-+ return;
-+ }
-+
-+ /* we shifted to left and there was no enough space for everything */
-+ switch (insert_coord->between) {
-+ case AFTER_UNIT:
-+ case BEFORE_UNIT:
-+ if (shift->real_stop.item_pos == insert_coord->item_pos)
-+ insert_coord->unit_pos -= shift->part_units;
-+ case AFTER_ITEM:
-+ coord_add_item_pos(insert_coord, -removed);
-+ break;
-+ default:
-+ impossible("nikita-2087", "not ready");
-+ }
-+ assert("nikita-2085", insert_coord->unit_pos + 1);
-+}
-+
-+static int call_shift_hooks(struct shift_params *shift)
-+{
-+ unsigned i, shifted;
-+ coord_t coord;
-+ item_plugin *iplug;
-+
-+ assert("vs-275", !node_is_empty(shift->target));
-+
-+ /* number of items shift touches */
-+ shifted =
-+ shift->entire + (shift->merging_units ? 1 : 0) +
-+ (shift->part_units ? 1 : 0);
-+
-+ if (shift->pend == SHIFT_LEFT) {
-+ /* moved items are at the end */
-+ coord_init_last_unit(&coord, shift->target);
-+ coord.unit_pos = 0;
-+
-+ assert("vs-279", shift->pend == 1);
-+ for (i = 0; i < shifted; i++) {
-+ unsigned from, count;
-+
-+ iplug = item_plugin_by_coord(&coord);
-+ if (i == 0 && shift->part_units) {
-+ assert("vs-277",
-+ coord_num_units(&coord) ==
-+ shift->part_units);
-+ count = shift->part_units;
-+ from = 0;
-+ } else if (i == shifted - 1 && shift->merging_units) {
-+ count = shift->merging_units;
-+ from = coord_num_units(&coord) - count;
-+ } else {
-+ count = coord_num_units(&coord);
-+ from = 0;
-+ }
-+
-+ if (iplug->b.shift_hook) {
-+ iplug->b.shift_hook(&coord, from, count,
-+ shift->wish_stop.node);
-+ }
-+ coord_add_item_pos(&coord, -shift->pend);
-+ }
-+ } else {
-+ /* moved items are at the beginning */
-+ coord_init_first_unit(&coord, shift->target);
-+
-+ assert("vs-278", shift->pend == -1);
-+ for (i = 0; i < shifted; i++) {
-+ unsigned from, count;
-+
-+ iplug = item_plugin_by_coord(&coord);
-+ if (i == 0 && shift->part_units) {
-+ assert("vs-277",
-+ coord_num_units(&coord) ==
-+ shift->part_units);
-+ count = coord_num_units(&coord);
-+ from = 0;
-+ } else if (i == shifted - 1 && shift->merging_units) {
-+ count = shift->merging_units;
-+ from = 0;
-+ } else {
-+ count = coord_num_units(&coord);
-+ from = 0;
-+ }
-+
-+ if (iplug->b.shift_hook) {
-+ iplug->b.shift_hook(&coord, from, count,
-+ shift->wish_stop.node);
-+ }
-+ coord_add_item_pos(&coord, -shift->pend);
-+ }
-+ }
-+
-+ return 0;
-+}
-+
-+/* shift to left is completed. Return 1 if unit @old was moved to left neighbor */
-+static int
-+unit_moved_left(const struct shift_params *shift, const coord_t * old)
-+{
-+ assert("vs-944", shift->real_stop.node == old->node);
-+
-+ if (shift->real_stop.item_pos < old->item_pos)
-+ return 0;
-+ if (shift->real_stop.item_pos == old->item_pos) {
-+ if (shift->real_stop.unit_pos < old->unit_pos)
-+ return 0;
-+ }
-+ return 1;
-+}
-+
-+/* shift to right is completed. Return 1 if unit @old was moved to right
-+ neighbor */
-+static int
-+unit_moved_right(const struct shift_params *shift, const coord_t * old)
-+{
-+ assert("vs-944", shift->real_stop.node == old->node);
-+
-+ if (shift->real_stop.item_pos > old->item_pos)
-+ return 0;
-+ if (shift->real_stop.item_pos == old->item_pos) {
-+ if (shift->real_stop.unit_pos > old->unit_pos)
-+ return 0;
-+ }
-+ return 1;
-+}
-+
-+/* coord @old was set in node from which shift was performed. What was shifted
-+ is stored in @shift. Update @old correspondingly to performed shift */
-+static coord_t *adjust_coord2(const struct shift_params *shift,
-+ const coord_t * old, coord_t * new)
-+{
-+ coord_clear_iplug(new);
-+ new->between = old->between;
-+
-+ coord_clear_iplug(new);
-+ if (old->node == shift->target) {
-+ if (shift->pend == SHIFT_LEFT) {
-+ /* coord which is set inside of left neighbor does not
-+ change during shift to left */
-+ coord_dup(new, old);
-+ return new;
-+ }
-+ new->node = old->node;
-+ coord_set_item_pos(new,
-+ old->item_pos + shift->entire +
-+ (shift->part_units ? 1 : 0));
-+ new->unit_pos = old->unit_pos;
-+ if (old->item_pos == 0 && shift->merging_units)
-+ new->unit_pos += shift->merging_units;
-+ return new;
-+ }
-+
-+ assert("vs-977", old->node == shift->wish_stop.node);
-+ if (shift->pend == SHIFT_LEFT) {
-+ if (unit_moved_left(shift, old)) {
-+ /* unit @old moved to left neighbor. Calculate its
-+ coordinate there */
-+ new->node = shift->target;
-+ coord_set_item_pos(new,
-+ node_num_items(shift->target) -
-+ shift->entire -
-+ (shift->part_units ? 1 : 0) +
-+ old->item_pos);
-+
-+ new->unit_pos = old->unit_pos;
-+ if (shift->merging_units) {
-+ coord_dec_item_pos(new);
-+ if (old->item_pos == 0) {
-+ /* unit_pos only changes if item got
-+ merged */
-+ new->unit_pos =
-+ coord_num_units(new) -
-+ (shift->merging_units -
-+ old->unit_pos);
-+ }
-+ }
-+ } else {
-+ /* unit @old did not move to left neighbor.
-+
-+ Use _nocheck, because @old is outside of its node.
-+ */
-+ coord_dup_nocheck(new, old);
-+ coord_add_item_pos(new,
-+ -shift->u.future_first.item_pos);
-+ if (new->item_pos == 0)
-+ new->unit_pos -= shift->u.future_first.unit_pos;
-+ }
-+ } else {
-+ if (unit_moved_right(shift, old)) {
-+ /* unit @old moved to right neighbor */
-+ new->node = shift->target;
-+ coord_set_item_pos(new,
-+ old->item_pos -
-+ shift->real_stop.item_pos);
-+ if (new->item_pos == 0) {
-+ /* unit @old might change unit pos */
-+ coord_set_item_pos(new,
-+ old->unit_pos -
-+ shift->real_stop.unit_pos);
-+ }
-+ } else {
-+ /* unit @old did not move to right neighbor, therefore
-+ it did not change */
-+ coord_dup(new, old);
-+ }
-+ }
-+ coord_set_iplug(new, item_plugin_by_coord(new));
-+ return new;
-+}
-+
-+/* this is called when shift is completed (something of source node is copied
-+ to target and deleted in source) to update all taps set in current
-+ context */
-+static void update_taps(const struct shift_params *shift)
-+{
-+ tap_t *tap;
-+ coord_t new;
-+
-+ for_all_taps(tap) {
-+ /* update only taps set to nodes participating in shift */
-+ if (tap->coord->node == shift->wish_stop.node
-+ || tap->coord->node == shift->target)
-+ tap_to_coord(tap,
-+ adjust_coord2(shift, tap->coord, &new));
-+ }
-+}
-+
-+#if REISER4_DEBUG
-+
-+struct shift_check {
-+ reiser4_key key;
-+ __u16 plugin_id;
-+ union {
-+ __u64 bytes;
-+ __u64 entries;
-+ void *unused;
-+ } u;
-+};
-+
-+void *shift_check_prepare(const znode * left, const znode * right)
-+{
-+ pos_in_node_t i, nr_items;
-+ int mergeable;
-+ struct shift_check *data;
-+ item_header40 *ih;
-+
-+ if (node_is_empty(left) || node_is_empty(right))
-+ mergeable = 0;
-+ else {
-+ coord_t l, r;
-+
-+ coord_init_last_unit(&l, left);
-+ coord_init_first_unit(&r, right);
-+ mergeable = are_items_mergeable(&l, &r);
-+ }
-+ nr_items =
-+ node40_num_of_items_internal(left) +
-+ node40_num_of_items_internal(right) - (mergeable ? 1 : 0);
-+ data =
-+ kmalloc(sizeof(struct shift_check) * nr_items, get_gfp_mask());
-+ if (data != NULL) {
-+ coord_t coord;
-+ pos_in_node_t item_pos;
-+
-+ coord_init_first_unit(&coord, left);
-+ i = 0;
-+
-+ for (item_pos = 0;
-+ item_pos < node40_num_of_items_internal(left);
-+ item_pos++) {
-+
-+ coord_set_item_pos(&coord, item_pos);
-+ ih = node40_ih_at_coord(&coord);
-+
-+ data[i].key = ih->key;
-+ data[i].plugin_id = le16_to_cpu(get_unaligned(&ih->plugin_id));
-+ switch (data[i].plugin_id) {
-+ case CTAIL_ID:
-+ case FORMATTING_ID:
-+ data[i].u.bytes = coord_num_units(&coord);
-+ break;
-+ case EXTENT_POINTER_ID:
-+ data[i].u.bytes =
-+ extent_size(&coord,
-+ coord_num_units(&coord));
-+ break;
-+ case COMPOUND_DIR_ID:
-+ data[i].u.entries = coord_num_units(&coord);
-+ break;
-+ default:
-+ data[i].u.unused = NULL;
-+ break;
-+ }
-+ i++;
-+ }
-+
-+ coord_init_first_unit(&coord, right);
-+
-+ if (mergeable) {
-+ assert("vs-1609", i != 0);
-+
-+ ih = node40_ih_at_coord(&coord);
-+
-+ assert("vs-1589",
-+ data[i - 1].plugin_id ==
-+ le16_to_cpu(get_unaligned(&ih->plugin_id)));
-+ switch (data[i - 1].plugin_id) {
-+ case CTAIL_ID:
-+ case FORMATTING_ID:
-+ data[i - 1].u.bytes += coord_num_units(&coord);
-+ break;
-+ case EXTENT_POINTER_ID:
-+ data[i - 1].u.bytes +=
-+ extent_size(&coord,
-+ coord_num_units(&coord));
-+ break;
-+ case COMPOUND_DIR_ID:
-+ data[i - 1].u.entries +=
-+ coord_num_units(&coord);
-+ break;
-+ default:
-+ impossible("vs-1605", "wrong mergeable item");
-+ break;
-+ }
-+ item_pos = 1;
-+ } else
-+ item_pos = 0;
-+ for (; item_pos < node40_num_of_items_internal(right);
-+ item_pos++) {
-+
-+ assert("vs-1604", i < nr_items);
-+ coord_set_item_pos(&coord, item_pos);
-+ ih = node40_ih_at_coord(&coord);
-+
-+ data[i].key = ih->key;
-+ data[i].plugin_id = le16_to_cpu(get_unaligned(&ih->plugin_id));
-+ switch (data[i].plugin_id) {
-+ case CTAIL_ID:
-+ case FORMATTING_ID:
-+ data[i].u.bytes = coord_num_units(&coord);
-+ break;
-+ case EXTENT_POINTER_ID:
-+ data[i].u.bytes =
-+ extent_size(&coord,
-+ coord_num_units(&coord));
-+ break;
-+ case COMPOUND_DIR_ID:
-+ data[i].u.entries = coord_num_units(&coord);
-+ break;
-+ default:
-+ data[i].u.unused = NULL;
-+ break;
-+ }
-+ i++;
-+ }
-+ assert("vs-1606", i == nr_items);
-+ }
-+ return data;
-+}
-+
-+void shift_check(void *vp, const znode * left, const znode * right)
-+{
-+ pos_in_node_t i, nr_items;
-+ coord_t coord;
-+ __u64 last_bytes;
-+ int mergeable;
-+ item_header40 *ih;
-+ pos_in_node_t item_pos;
-+ struct shift_check *data;
-+
-+ data = (struct shift_check *)vp;
-+
-+ if (data == NULL)
-+ return;
-+
-+ if (node_is_empty(left) || node_is_empty(right))
-+ mergeable = 0;
-+ else {
-+ coord_t l, r;
-+
-+ coord_init_last_unit(&l, left);
-+ coord_init_first_unit(&r, right);
-+ mergeable = are_items_mergeable(&l, &r);
-+ }
-+
-+ nr_items =
-+ node40_num_of_items_internal(left) +
-+ node40_num_of_items_internal(right) - (mergeable ? 1 : 0);
-+
-+ i = 0;
-+ last_bytes = 0;
-+
-+ coord_init_first_unit(&coord, left);
-+
-+ for (item_pos = 0; item_pos < node40_num_of_items_internal(left);
-+ item_pos++) {
-+
-+ coord_set_item_pos(&coord, item_pos);
-+ ih = node40_ih_at_coord(&coord);
-+
-+ assert("vs-1611", i == item_pos);
-+ assert("vs-1590", keyeq(&ih->key, &data[i].key));
-+ assert("vs-1591",
-+ le16_to_cpu(get_unaligned(&ih->plugin_id)) == data[i].plugin_id);
-+ if ((i < (node40_num_of_items_internal(left) - 1))
-+ || !mergeable) {
-+ switch (data[i].plugin_id) {
-+ case CTAIL_ID:
-+ case FORMATTING_ID:
-+ assert("vs-1592",
-+ data[i].u.bytes ==
-+ coord_num_units(&coord));
-+ break;
-+ case EXTENT_POINTER_ID:
-+ assert("vs-1593",
-+ data[i].u.bytes == extent_size(&coord,
-+ coord_num_units
-+ (&coord)));
-+ break;
-+ case COMPOUND_DIR_ID:
-+ assert("vs-1594",
-+ data[i].u.entries ==
-+ coord_num_units(&coord));
-+ break;
-+ default:
-+ break;
-+ }
-+ }
-+ if (item_pos == (node40_num_of_items_internal(left) - 1)
-+ && mergeable) {
-+ switch (data[i].plugin_id) {
-+ case CTAIL_ID:
-+ case FORMATTING_ID:
-+ last_bytes = coord_num_units(&coord);
-+ break;
-+ case EXTENT_POINTER_ID:
-+ last_bytes =
-+ extent_size(&coord,
-+ coord_num_units(&coord));
-+ break;
-+ case COMPOUND_DIR_ID:
-+ last_bytes = coord_num_units(&coord);
-+ break;
-+ default:
-+ impossible("vs-1595", "wrong mergeable item");
-+ break;
-+ }
-+ }
-+ i++;
-+ }
-+
-+ coord_init_first_unit(&coord, right);
-+ if (mergeable) {
-+ ih = node40_ih_at_coord(&coord);
-+
-+ assert("vs-1589",
-+ data[i - 1].plugin_id == le16_to_cpu(get_unaligned(&ih->plugin_id)));
-+ assert("vs-1608", last_bytes != 0);
-+ switch (data[i - 1].plugin_id) {
-+ case CTAIL_ID:
-+ case FORMATTING_ID:
-+ assert("vs-1596",
-+ data[i - 1].u.bytes ==
-+ last_bytes + coord_num_units(&coord));
-+ break;
-+
-+ case EXTENT_POINTER_ID:
-+ assert("vs-1597",
-+ data[i - 1].u.bytes ==
-+ last_bytes + extent_size(&coord,
-+ coord_num_units
-+ (&coord)));
-+ break;
-+
-+ case COMPOUND_DIR_ID:
-+ assert("vs-1598",
-+ data[i - 1].u.bytes ==
-+ last_bytes + coord_num_units(&coord));
-+ break;
-+ default:
-+ impossible("vs-1599", "wrong mergeable item");
-+ break;
-+ }
-+ item_pos = 1;
-+ } else
-+ item_pos = 0;
-+
-+ for (; item_pos < node40_num_of_items_internal(right); item_pos++) {
-+
-+ coord_set_item_pos(&coord, item_pos);
-+ ih = node40_ih_at_coord(&coord);
-+
-+ assert("vs-1612", keyeq(&ih->key, &data[i].key));
-+ assert("vs-1613",
-+ le16_to_cpu(get_unaligned(&ih->plugin_id)) == data[i].plugin_id);
-+ switch (data[i].plugin_id) {
-+ case CTAIL_ID:
-+ case FORMATTING_ID:
-+ assert("vs-1600",
-+ data[i].u.bytes == coord_num_units(&coord));
-+ break;
-+ case EXTENT_POINTER_ID:
-+ assert("vs-1601",
-+ data[i].u.bytes == extent_size(&coord,
-+ coord_num_units
-+ (&coord)));
-+ break;
-+ case COMPOUND_DIR_ID:
-+ assert("vs-1602",
-+ data[i].u.entries == coord_num_units(&coord));
-+ break;
-+ default:
-+ break;
-+ }
-+ i++;
-+ }
-+
-+ assert("vs-1603", i == nr_items);
-+ kfree(data);
-+}
-+
-+#endif
-+
-+/* plugin->u.node.shift
-+ look for description of this method in plugin/node/node.h */
-+int shift_node40(coord_t * from, znode * to, shift_direction pend, int delete_child, /* if @from->node becomes empty - it will be
-+ deleted from the tree if this is set to 1 */
-+ int including_stop_coord, carry_plugin_info * info)
-+{
-+ struct shift_params shift;
-+ int result;
-+ znode *left, *right;
-+ znode *source;
-+ int target_empty;
-+
-+ assert("nikita-2161", coord_check(from));
-+
-+ memset(&shift, 0, sizeof(shift));
-+ shift.pend = pend;
-+ shift.wish_stop = *from;
-+ shift.target = to;
-+
-+ assert("nikita-1473", znode_is_write_locked(from->node));
-+ assert("nikita-1474", znode_is_write_locked(to));
-+
-+ source = from->node;
-+
-+ /* set @shift.wish_stop to rightmost/leftmost unit among units we want
-+ shifted */
-+ if (pend == SHIFT_LEFT) {
-+ result = coord_set_to_left(&shift.wish_stop);
-+ left = to;
-+ right = from->node;
-+ } else {
-+ result = coord_set_to_right(&shift.wish_stop);
-+ left = from->node;
-+ right = to;
-+ }
-+
-+ if (result) {
-+ /* move insertion coord even if there is nothing to move */
-+ if (including_stop_coord) {
-+ /* move insertion coord (@from) */
-+ if (pend == SHIFT_LEFT) {
-+ /* after last item in target node */
-+ coord_init_after_last_item(from, to);
-+ } else {
-+ /* before first item in target node */
-+ coord_init_before_first_item(from, to);
-+ }
-+ }
-+
-+ if (delete_child && node_is_empty(shift.wish_stop.node))
-+ result =
-+ prepare_removal_node40(shift.wish_stop.node, info);
-+ else
-+ result = 0;
-+ /* there is nothing to shift */
-+ assert("nikita-2078", coord_check(from));
-+ return result;
-+ }
-+
-+ target_empty = node_is_empty(to);
-+
-+ /* when first node plugin with item body compression is implemented,
-+ this must be changed to call node specific plugin */
-+
-+ /* shift->stop_coord is updated to last unit which really will be
-+ shifted */
-+ estimate_shift(&shift, get_current_context());
-+ if (!shift.shift_bytes) {
-+ /* we could not shift anything */
-+ assert("nikita-2079", coord_check(from));
-+ return 0;
-+ }
-+
-+ copy(&shift);
-+
-+ /* result value of this is important. It is used by adjust_coord below */
-+ result = delete_copied(&shift);
-+
-+ assert("vs-1610", result >= 0);
-+ assert("vs-1471",
-+ ((reiser4_context *) current->journal_info)->magic ==
-+ context_magic);
-+
-+ /* item which has been moved from one node to another might want to do
-+ something on that event. This can be done by item's shift_hook
-+ method, which will be now called for every moved items */
-+ call_shift_hooks(&shift);
-+
-+ assert("vs-1472",
-+ ((reiser4_context *) current->journal_info)->magic ==
-+ context_magic);
-+
-+ update_taps(&shift);
-+
-+ assert("vs-1473",
-+ ((reiser4_context *) current->journal_info)->magic ==
-+ context_magic);
-+
-+ /* adjust @from pointer in accordance with @including_stop_coord flag
-+ and amount of data which was really shifted */
-+ adjust_coord(from, &shift, result, including_stop_coord);
-+
-+ if (target_empty)
-+ /*
-+ * items were shifted into empty node. Update delimiting key.
-+ */
-+ result = prepare_for_update(NULL, left, info);
-+
-+ /* add update operation to @info, which is the list of operations to
-+ be performed on a higher level */
-+ result = prepare_for_update(left, right, info);
-+ if (!result && node_is_empty(source) && delete_child) {
-+ /* all contents of @from->node is moved to @to and @from->node
-+ has to be removed from the tree, so, on higher level we
-+ will be removing the pointer to node @from->node */
-+ result = prepare_removal_node40(source, info);
-+ }
-+ assert("nikita-2080", coord_check(from));
-+ return result ? result : (int)shift.shift_bytes;
-+}
-+
-+/* plugin->u.node.fast_insert()
-+ look for description of this method in plugin/node/node.h */
-+int fast_insert_node40(const coord_t * coord UNUSED_ARG /* node to query */ )
-+{
-+ return 1;
-+}
-+
-+/* plugin->u.node.fast_paste()
-+ look for description of this method in plugin/node/node.h */
-+int fast_paste_node40(const coord_t * coord UNUSED_ARG /* node to query */ )
-+{
-+ return 1;
-+}
-+
-+/* plugin->u.node.fast_cut()
-+ look for description of this method in plugin/node/node.h */
-+int fast_cut_node40(const coord_t * coord UNUSED_ARG /* node to query */ )
-+{
-+ return 1;
-+}
-+
-+/* plugin->u.node.modify - not defined */
-+
-+/* plugin->u.node.max_item_size */
-+int max_item_size_node40(void)
-+{
-+ return reiser4_get_current_sb()->s_blocksize - sizeof(node40_header) -
-+ sizeof(item_header40);
-+}
-+
-+/* plugin->u.node.set_item_plugin */
-+int set_item_plugin_node40(coord_t *coord, item_id id)
-+{
-+ item_header40 *ih;
-+
-+ ih = node40_ih_at_coord(coord);
-+ put_unaligned(cpu_to_le16(id), &ih->plugin_id);
-+ coord->iplugid = id;
-+ return 0;
-+}
-+
-+/*
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/node/node40.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/node/node40.h
-@@ -0,0 +1,125 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+#if !defined( __REISER4_NODE40_H__ )
-+#define __REISER4_NODE40_H__
-+
-+#include "../../forward.h"
-+#include "../../dformat.h"
-+#include "node.h"
-+
-+#include <linux/types.h>
-+
-+/* format of node header for 40 node layouts. Keep bloat out of this struct. */
-+typedef struct node40_header {
-+ /* identifier of node plugin. Must be located at the very beginning
-+ of a node. */
-+ common_node_header common_header; /* this is 16 bits */
-+ /* number of items. Should be first element in the node header,
-+ because we haven't yet finally decided whether it shouldn't go into
-+ common_header.
-+ */
-+/* NIKITA-FIXME-HANS: Create a macro such that if there is only one
-+ * node format at compile time, and it is this one, accesses do not function dereference when
-+ * accessing these fields (and otherwise they do). Probably 80% of users will only have one node format at a time throughout the life of reiser4. */
-+ d16 nr_items;
-+ /* free space in node measured in bytes */
-+ d16 free_space;
-+ /* offset to start of free space in node */
-+ d16 free_space_start;
-+ /* for reiser4_fsck. When information about what is a free
-+ block is corrupted, and we try to recover everything even
-+ if marked as freed, then old versions of data may
-+ duplicate newer versions, and this field allows us to
-+ restore the newer version. Also useful for when users
-+ who don't have the new trashcan installed on their linux distro
-+ delete the wrong files and send us desperate emails
-+ offering $25 for them back. */
-+
-+ /* magic field we need to tell formatted nodes NIKITA-FIXME-HANS: improve this comment */
-+ d32 magic;
-+ /* flushstamp is made of mk_id and write_counter. mk_id is an
-+ id generated randomly at mkreiserfs time. So we can just
-+ skip all nodes with different mk_id. write_counter is d64
-+ incrementing counter of writes on disk. It is used for
-+ choosing the newest data at fsck time. NIKITA-FIXME-HANS: why was field name changed but not comment? */
-+
-+ d32 mkfs_id;
-+ d64 flush_id;
-+ /* node flags to be used by fsck (reiser4ck or reiser4fsck?)
-+ and repacker NIKITA-FIXME-HANS: say more or reference elsewhere that says more */
-+ d16 flags;
-+
-+ /* 1 is leaf level, 2 is twig level, root is the numerically
-+ largest level */
-+ d8 level;
-+
-+ d8 pad;
-+} PACKED node40_header;
-+
-+/* item headers are not standard across all node layouts, pass
-+ pos_in_node to functions instead */
-+typedef struct item_header40 {
-+ /* key of item */
-+ /* 0 */ reiser4_key key;
-+ /* offset from start of a node measured in 8-byte chunks */
-+ /* 24 */ d16 offset;
-+ /* 26 */ d16 flags;
-+ /* 28 */ d16 plugin_id;
-+} PACKED item_header40;
-+
-+size_t item_overhead_node40(const znode * node, flow_t * aflow);
-+size_t free_space_node40(znode * node);
-+node_search_result lookup_node40(znode * node, const reiser4_key * key,
-+ lookup_bias bias, coord_t * coord);
-+int num_of_items_node40(const znode * node);
-+char *item_by_coord_node40(const coord_t * coord);
-+int length_by_coord_node40(const coord_t * coord);
-+item_plugin *plugin_by_coord_node40(const coord_t * coord);
-+reiser4_key *key_at_node40(const coord_t * coord, reiser4_key * key);
-+size_t estimate_node40(znode * node);
-+int check_node40(const znode * node, __u32 flags, const char **error);
-+int parse_node40(znode * node);
-+int init_node40(znode * node);
-+#ifdef GUESS_EXISTS
-+int guess_node40(const znode * node);
-+#endif
-+void change_item_size_node40(coord_t * coord, int by);
-+int create_item_node40(coord_t * target, const reiser4_key * key,
-+ reiser4_item_data * data, carry_plugin_info * info);
-+void update_item_key_node40(coord_t * target, const reiser4_key * key,
-+ carry_plugin_info * info);
-+int kill_node40(struct carry_kill_data *, carry_plugin_info *);
-+int cut_node40(struct carry_cut_data *, carry_plugin_info *);
-+int shift_node40(coord_t * from, znode * to, shift_direction pend,
-+ /* if @from->node becomes
-+ empty - it will be deleted from
-+ the tree if this is set to 1
-+ */
-+ int delete_child, int including_stop_coord,
-+ carry_plugin_info * info);
-+
-+int fast_insert_node40(const coord_t * coord);
-+int fast_paste_node40(const coord_t * coord);
-+int fast_cut_node40(const coord_t * coord);
-+int max_item_size_node40(void);
-+int prepare_removal_node40(znode * empty, carry_plugin_info * info);
-+int set_item_plugin_node40(coord_t * coord, item_id id);
-+int shrink_item_node40(coord_t * coord, int delta);
-+
-+#if REISER4_DEBUG
-+void *shift_check_prepare(const znode *left, const znode *right);
-+void shift_check(void *vp, const znode *left, const znode *right);
-+#endif
-+
-+/* __REISER4_NODE40_H__ */
-+#endif
-+/*
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/object.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/object.c
-@@ -0,0 +1,501 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/*
-+ * Examples of object plugins: file, directory, symlink, special file.
-+ *
-+ * Plugins associated with inode:
-+ *
-+ * Plugin of inode is plugin referenced by plugin-id field of on-disk
-+ * stat-data. How we store this plugin in in-core inode is not
-+ * important. Currently pointers are used, another variant is to store offsets
-+ * and do array lookup on each access.
-+ *
-+ * Now, each inode has one selected plugin: object plugin that
-+ * determines what type of file this object is: directory, regular etc.
-+ *
-+ * This main plugin can use other plugins that are thus subordinated to
-+ * it. Directory instance of object plugin uses hash; regular file
-+ * instance uses tail policy plugin.
-+ *
-+ * Object plugin is either taken from id in stat-data or guessed from
-+ * i_mode bits. Once it is established we ask it to install its
-+ * subordinate plugins, by looking again in stat-data or inheriting them
-+ * from parent.
-+ *
-+ * How new inode is initialized during ->read_inode():
-+ * 1 read stat-data and initialize inode fields: i_size, i_mode,
-+ * i_generation, capabilities etc.
-+ * 2 read plugin id from stat data or try to guess plugin id
-+ * from inode->i_mode bits if plugin id is missing.
-+ * 3 Call ->init_inode() method of stat-data plugin to initialise inode fields.
-+ *
-+ * NIKITA-FIXME-HANS: can you say a little about 1 being done before 3? What
-+ * if stat data does contain i_size, etc., due to it being an unusual plugin?
-+ *
-+ * 4 Call ->activate() method of object's plugin. Plugin is either read from
-+ * from stat-data or guessed from mode bits
-+ * 5 Call ->inherit() method of object plugin to inherit as yet un initialized
-+ * plugins from parent.
-+ *
-+ * Easy induction proves that on last step all plugins of inode would be
-+ * initialized.
-+ *
-+ * When creating new object:
-+ * 1 obtain object plugin id (see next period)
-+ * NIKITA-FIXME-HANS: period?
-+ * 2 ->install() this plugin
-+ * 3 ->inherit() the rest from the parent
-+ *
-+ * We need some examples of creating an object with default and non-default
-+ * plugin ids. Nikita, please create them.
-+ */
-+
-+#include "../inode.h"
-+
-+static int _bugop(void)
-+{
-+ BUG_ON(1);
-+ return 0;
-+}
-+
-+#define bugop ((void *)_bugop)
-+
-+static int _dummyop(void)
-+{
-+ return 0;
-+}
-+
-+#define dummyop ((void *)_dummyop)
-+
-+static int change_file(struct inode *inode, reiser4_plugin * plugin)
-+{
-+ /* cannot change object plugin of already existing object */
-+ return RETERR(-EINVAL);
-+}
-+
-+static reiser4_plugin_ops file_plugin_ops = {
-+ .change = change_file
-+};
-+
-+/*
-+ * Definitions of object plugins.
-+ */
-+
-+file_plugin file_plugins[LAST_FILE_PLUGIN_ID] = {
-+ [UNIX_FILE_PLUGIN_ID] = {
-+ .h = {
-+ .type_id = REISER4_FILE_PLUGIN_TYPE,
-+ .id = UNIX_FILE_PLUGIN_ID,
-+ .pops = &file_plugin_ops,
-+ .label = "reg",
-+ .desc = "regular file",
-+ .linkage = {NULL, NULL},
-+ },
-+ .inode_ops = {
-+ .permission = permission_common,
-+ .setattr = setattr_unix_file,
-+ .getattr = getattr_common
-+ },
-+ .file_ops = {
-+ .llseek = generic_file_llseek,
-+ .read = read_unix_file,
-+ .write = write_unix_file,
-+ .ioctl = ioctl_unix_file,
-+ .mmap = mmap_unix_file,
-+ .open = open_unix_file,
-+ .release = release_unix_file,
-+ .fsync = sync_unix_file,
-+ .sendfile = sendfile_unix_file
-+ },
-+ .as_ops = {
-+ .writepage = reiser4_writepage,
-+ .readpage = readpage_unix_file,
-+ .sync_page = block_sync_page,
-+ .writepages = writepages_unix_file,
-+ .set_page_dirty = reiser4_set_page_dirty,
-+ .readpages = reiser4_readpages,
-+ .prepare_write = prepare_write_unix_file,
-+ .commit_write = commit_write_unix_file,
-+ .bmap = bmap_unix_file,
-+ .invalidatepage = reiser4_invalidatepage,
-+ .releasepage = reiser4_releasepage
-+ },
-+ .write_sd_by_inode = write_sd_by_inode_common,
-+ .flow_by_inode = flow_by_inode_unix_file,
-+ .key_by_inode = key_by_inode_and_offset_common,
-+ .set_plug_in_inode = set_plug_in_inode_common,
-+ .adjust_to_parent = adjust_to_parent_common,
-+ .create_object = create_object_common, /* this is not inode_operations's create */
-+ .delete_object = delete_object_unix_file,
-+ .add_link = add_link_common,
-+ .rem_link = rem_link_common,
-+ .owns_item = owns_item_unix_file,
-+ .can_add_link = can_add_link_common,
-+ .detach = dummyop,
-+ .bind = dummyop,
-+ .safelink = safelink_common,
-+ .estimate = {
-+ .create = estimate_create_common,
-+ .update = estimate_update_common,
-+ .unlink = estimate_unlink_common
-+ },
-+ .init_inode_data = init_inode_data_unix_file,
-+ .cut_tree_worker = cut_tree_worker_common,
-+ .wire = {
-+ .write = wire_write_common,
-+ .read = wire_read_common,
-+ .get = wire_get_common,
-+ .size = wire_size_common,
-+ .done = wire_done_common
-+ }
-+ },
-+ [DIRECTORY_FILE_PLUGIN_ID] = {
-+ .h = {
-+ .type_id = REISER4_FILE_PLUGIN_TYPE,
-+ .id = DIRECTORY_FILE_PLUGIN_ID,
-+ .pops = &file_plugin_ops,
-+ .label = "dir",
-+ .desc = "directory",
-+ .linkage = {NULL, NULL}
-+ },
-+ .inode_ops = {NULL,},
-+ .file_ops = {NULL,},
-+ .as_ops = {NULL,},
-+
-+ .write_sd_by_inode = write_sd_by_inode_common,
-+ .flow_by_inode = bugop,
-+ .key_by_inode = bugop,
-+ .set_plug_in_inode = set_plug_in_inode_common,
-+ .adjust_to_parent = adjust_to_parent_common_dir,
-+ .create_object = create_object_common,
-+ .delete_object = delete_directory_common,
-+ .add_link = add_link_common,
-+ .rem_link = rem_link_common_dir,
-+ .owns_item = owns_item_common_dir,
-+ .can_add_link = can_add_link_common,
-+ .can_rem_link = can_rem_link_common_dir,
-+ .detach = detach_common_dir,
-+ .bind = bind_common_dir,
-+ .safelink = safelink_common,
-+ .estimate = {
-+ .create = estimate_create_common_dir,
-+ .update = estimate_update_common,
-+ .unlink = estimate_unlink_common_dir
-+ },
-+ .wire = {
-+ .write = wire_write_common,
-+ .read = wire_read_common,
-+ .get = wire_get_common,
-+ .size = wire_size_common,
-+ .done = wire_done_common
-+ },
-+ .init_inode_data = init_inode_ordering,
-+ .cut_tree_worker = cut_tree_worker_common,
-+ },
-+ [SYMLINK_FILE_PLUGIN_ID] = {
-+ .h = {
-+ .type_id = REISER4_FILE_PLUGIN_TYPE,
-+ .id = SYMLINK_FILE_PLUGIN_ID,
-+ .pops = &file_plugin_ops,
-+ .label = "symlink",
-+ .desc = "symbolic link",
-+ .linkage = {NULL,NULL}
-+ },
-+ .inode_ops = {
-+ .readlink = generic_readlink,
-+ .follow_link = follow_link_common,
-+ .permission = permission_common,
-+ .setattr = setattr_common,
-+ .getattr = getattr_common
-+ },
-+ /* inode->i_fop of symlink is initialized by NULL in setup_inode_ops */
-+ .file_ops = {NULL,},
-+ .as_ops = {NULL,},
-+
-+ .write_sd_by_inode = write_sd_by_inode_common,
-+ .set_plug_in_inode = set_plug_in_inode_common,
-+ .adjust_to_parent = adjust_to_parent_common,
-+ .create_object = create_symlink,
-+ .delete_object = delete_object_common,
-+ .add_link = add_link_common,
-+ .rem_link = rem_link_common,
-+ .can_add_link = can_add_link_common,
-+ .detach = dummyop,
-+ .bind = dummyop,
-+ .safelink = safelink_common,
-+ .estimate = {
-+ .create = estimate_create_common,
-+ .update = estimate_update_common,
-+ .unlink = estimate_unlink_common
-+ },
-+ .init_inode_data = init_inode_ordering,
-+ .cut_tree_worker = cut_tree_worker_common,
-+ .destroy_inode = destroy_inode_symlink,
-+ .wire = {
-+ .write = wire_write_common,
-+ .read = wire_read_common,
-+ .get = wire_get_common,
-+ .size = wire_size_common,
-+ .done = wire_done_common
-+ }
-+ },
-+ [SPECIAL_FILE_PLUGIN_ID] = {
-+ .h = {
-+ .type_id = REISER4_FILE_PLUGIN_TYPE,
-+ .id = SPECIAL_FILE_PLUGIN_ID,
-+ .pops = &file_plugin_ops,
-+ .label = "special",
-+ .desc =
-+ "special: fifo, device or socket",
-+ .linkage = {NULL, NULL}
-+ },
-+ .inode_ops = {
-+ .permission = permission_common,
-+ .setattr = setattr_common,
-+ .getattr = getattr_common
-+ },
-+ /* file_ops of special files (sockets, block, char, fifo) are
-+ initialized by init_special_inode. */
-+ .file_ops = {NULL,},
-+ .as_ops = {NULL,},
-+
-+ .write_sd_by_inode = write_sd_by_inode_common,
-+ .set_plug_in_inode = set_plug_in_inode_common,
-+ .adjust_to_parent = adjust_to_parent_common,
-+ .create_object = create_object_common,
-+ .delete_object = delete_object_common,
-+ .add_link = add_link_common,
-+ .rem_link = rem_link_common,
-+ .owns_item = owns_item_common,
-+ .can_add_link = can_add_link_common,
-+ .detach = dummyop,
-+ .bind = dummyop,
-+ .safelink = safelink_common,
-+ .estimate = {
-+ .create = estimate_create_common,
-+ .update = estimate_update_common,
-+ .unlink = estimate_unlink_common
-+ },
-+ .init_inode_data = init_inode_ordering,
-+ .cut_tree_worker = cut_tree_worker_common,
-+ .wire = {
-+ .write = wire_write_common,
-+ .read = wire_read_common,
-+ .get = wire_get_common,
-+ .size = wire_size_common,
-+ .done = wire_done_common
-+ }
-+ },
-+ [CRC_FILE_PLUGIN_ID] = {
-+ .h = {
-+ .type_id = REISER4_FILE_PLUGIN_TYPE,
-+ .id = CRC_FILE_PLUGIN_ID,
-+ .pops = &cryptcompress_plugin_ops,
-+ .label = "cryptcompress",
-+ .desc = "cryptcompress file",
-+ .linkage = {NULL, NULL}
-+ },
-+ .inode_ops = {
-+ .permission = permission_common,
-+ .setattr = setattr_cryptcompress,
-+ .getattr = getattr_common
-+ },
-+ .file_ops = {
-+ .llseek = generic_file_llseek,
-+ .read = read_cryptcompress,
-+ .write = write_cryptcompress,
-+ .mmap = mmap_cryptcompress,
-+ .release = release_cryptcompress,
-+ .fsync = sync_common,
-+ .sendfile = sendfile_cryptcompress
-+ },
-+ .as_ops = {
-+ .writepage = reiser4_writepage,
-+ .readpage = readpage_cryptcompress,
-+ .sync_page = block_sync_page,
-+ .writepages = writepages_cryptcompress,
-+ .set_page_dirty = reiser4_set_page_dirty,
-+ .readpages = reiser4_readpages,
-+ .prepare_write = prepare_write_common,
-+ .invalidatepage = reiser4_invalidatepage,
-+ .releasepage = reiser4_releasepage
-+ },
-+ .write_sd_by_inode = write_sd_by_inode_common,
-+ .flow_by_inode = flow_by_inode_cryptcompress,
-+ .key_by_inode = key_by_inode_cryptcompress,
-+ .set_plug_in_inode = set_plug_in_inode_common,
-+ .adjust_to_parent = adjust_to_parent_cryptcompress,
-+ .create_object = create_cryptcompress,
-+ .open_object = open_cryptcompress,
-+ .delete_object = delete_cryptcompress,
-+ .add_link = add_link_common,
-+ .rem_link = rem_link_common,
-+ .owns_item = owns_item_common,
-+ .can_add_link = can_add_link_common,
-+ .detach = dummyop,
-+ .bind = dummyop,
-+ .safelink = safelink_common,
-+ .estimate = {
-+ .create = estimate_create_common,
-+ .update = estimate_update_common,
-+ .unlink = estimate_unlink_common
-+ },
-+ .init_inode_data = init_inode_data_cryptcompress,
-+ .cut_tree_worker = cut_tree_worker_cryptcompress,
-+ .destroy_inode = destroy_inode_cryptcompress,
-+ .wire = {
-+ .write = wire_write_common,
-+ .read = wire_read_common,
-+ .get = wire_get_common,
-+ .size = wire_size_common,
-+ .done = wire_done_common
-+ }
-+ }
-+};
-+
-+static int change_dir(struct inode *inode, reiser4_plugin * plugin)
-+{
-+ /* cannot change dir plugin of already existing object */
-+ return RETERR(-EINVAL);
-+}
-+
-+static reiser4_plugin_ops dir_plugin_ops = {
-+ .change = change_dir
-+};
-+
-+/*
-+ * definition of directory plugins
-+ */
-+
-+dir_plugin dir_plugins[LAST_DIR_ID] = {
-+ /* standard hashed directory plugin */
-+ [HASHED_DIR_PLUGIN_ID] = {
-+ .h = {
-+ .type_id = REISER4_DIR_PLUGIN_TYPE,
-+ .id = HASHED_DIR_PLUGIN_ID,
-+ .pops = &dir_plugin_ops,
-+ .label = "dir",
-+ .desc = "hashed directory",
-+ .linkage = {NULL, NULL}
-+ },
-+ .inode_ops = {
-+ .create = create_common,
-+ .lookup = lookup_common,
-+ .link = link_common,
-+ .unlink = unlink_common,
-+ .symlink = symlink_common,
-+ .mkdir = mkdir_common,
-+ .rmdir = unlink_common,
-+ .mknod = mknod_common,
-+ .rename = rename_common,
-+ .permission = permission_common,
-+ .setattr = setattr_common,
-+ .getattr = getattr_common
-+ },
-+ .file_ops = {
-+ .llseek = llseek_common_dir,
-+ .read = generic_read_dir,
-+ .readdir = readdir_common,
-+ .release = release_dir_common,
-+ .fsync = sync_common
-+ },
-+ .as_ops = {
-+ .writepage = bugop,
-+ .sync_page = bugop,
-+ .writepages = dummyop,
-+ .set_page_dirty = bugop,
-+ .readpages = bugop,
-+ .prepare_write = bugop,
-+ .commit_write = bugop,
-+ .bmap = bugop,
-+ .invalidatepage = bugop,
-+ .releasepage = bugop
-+ },
-+ .get_parent = get_parent_common,
-+ .is_name_acceptable = is_name_acceptable_common,
-+ .build_entry_key = build_entry_key_hashed,
-+ .build_readdir_key = build_readdir_key_common,
-+ .add_entry = add_entry_common,
-+ .rem_entry = rem_entry_common,
-+ .init = init_common,
-+ .done = done_common,
-+ .attach = attach_common,
-+ .detach = detach_common,
-+ .estimate = {
-+ .add_entry = estimate_add_entry_common,
-+ .rem_entry = estimate_rem_entry_common,
-+ .unlink = dir_estimate_unlink_common
-+ }
-+ },
-+ /* hashed directory for which seekdir/telldir are guaranteed to
-+ * work. Brain-damage. */
-+ [SEEKABLE_HASHED_DIR_PLUGIN_ID] = {
-+ .h = {
-+ .type_id = REISER4_DIR_PLUGIN_TYPE,
-+ .id = SEEKABLE_HASHED_DIR_PLUGIN_ID,
-+ .pops = &dir_plugin_ops,
-+ .label = "dir32",
-+ .desc = "directory hashed with 31 bit hash",
-+ .linkage = {NULL, NULL}
-+ },
-+ .inode_ops = {
-+ .create = create_common,
-+ .lookup = lookup_common,
-+ .link = link_common,
-+ .unlink = unlink_common,
-+ .symlink = symlink_common,
-+ .mkdir = mkdir_common,
-+ .rmdir = unlink_common,
-+ .mknod = mknod_common,
-+ .rename = rename_common,
-+ .permission = permission_common,
-+ .setattr = setattr_common,
-+ .getattr = getattr_common
-+ },
-+ .file_ops = {
-+ .llseek = llseek_common_dir,
-+ .read = generic_read_dir,
-+ .readdir = readdir_common,
-+ .release = release_dir_common,
-+ .fsync = sync_common
-+ },
-+ .as_ops = {
-+ .writepage = bugop,
-+ .sync_page = bugop,
-+ .writepages = dummyop,
-+ .set_page_dirty = bugop,
-+ .readpages = bugop,
-+ .prepare_write = bugop,
-+ .commit_write = bugop,
-+ .bmap = bugop,
-+ .invalidatepage = bugop,
-+ .releasepage = bugop
-+ },
-+ .get_parent = get_parent_common,
-+ .is_name_acceptable = is_name_acceptable_common,
-+ .build_entry_key = build_entry_key_seekable,
-+ .build_readdir_key = build_readdir_key_common,
-+ .add_entry = add_entry_common,
-+ .rem_entry = rem_entry_common,
-+ .init = init_common,
-+ .done = done_common,
-+ .attach = attach_common,
-+ .detach = detach_common,
-+ .estimate = {
-+ .add_entry = estimate_add_entry_common,
-+ .rem_entry = estimate_rem_entry_common,
-+ .unlink = dir_estimate_unlink_common
-+ }
-+ }
-+};
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/object.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/object.h
-@@ -0,0 +1,121 @@
-+/* Copyright 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* Declaration of object plugin functions. */
-+
-+#if !defined( __FS_REISER4_PLUGIN_OBJECT_H__ )
-+#define __FS_REISER4_PLUGIN_OBJECT_H__
-+
-+#include "../type_safe_hash.h"
-+
-+/* common implementations of inode operations */
-+int create_common(struct inode *parent, struct dentry *dentry,
-+ int mode, struct nameidata *);
-+struct dentry *lookup_common(struct inode *parent, struct dentry *dentry,
-+ struct nameidata *nameidata);
-+int link_common(struct dentry *existing, struct inode *parent,
-+ struct dentry *newname);
-+int unlink_common(struct inode *parent, struct dentry *victim);
-+int mkdir_common(struct inode *parent, struct dentry *dentry, int mode);
-+int symlink_common(struct inode *parent, struct dentry *dentry,
-+ const char *linkname);
-+int mknod_common(struct inode *parent, struct dentry *dentry,
-+ int mode, dev_t rdev);
-+int rename_common(struct inode *old_dir, struct dentry *old_name,
-+ struct inode *new_dir, struct dentry *new_name);
-+void *follow_link_common(struct dentry *, struct nameidata *data);
-+int permission_common(struct inode *, int mask, /* mode bits to check permissions for */
-+ struct nameidata *nameidata);
-+int setattr_common(struct dentry *, struct iattr *);
-+int getattr_common(struct vfsmount *mnt, struct dentry *, struct kstat *);
-+
-+/* common implementations of file operations */
-+loff_t llseek_common_dir(struct file *, loff_t off, int origin);
-+int readdir_common(struct file *, void *dirent, filldir_t);
-+int release_dir_common(struct inode *, struct file *);
-+int sync_common(struct file *, struct dentry *, int datasync);
-+
-+/* common implementations of address space operations */
-+int prepare_write_common(struct file *, struct page *, unsigned from,
-+ unsigned to);
-+
-+/* file plugin operations: common implementations */
-+int write_sd_by_inode_common(struct inode *);
-+int key_by_inode_and_offset_common(struct inode *, loff_t, reiser4_key *);
-+int set_plug_in_inode_common(struct inode *object, struct inode *parent,
-+ reiser4_object_create_data *);
-+int adjust_to_parent_common(struct inode *object, struct inode *parent,
-+ struct inode *root);
-+int adjust_to_parent_common_dir(struct inode *object, struct inode *parent,
-+ struct inode *root);
-+int adjust_to_parent_cryptcompress(struct inode *object, struct inode *parent,
-+ struct inode *root);
-+int create_object_common(struct inode *object, struct inode *parent,
-+ reiser4_object_create_data *);
-+int delete_object_common(struct inode *);
-+int delete_directory_common(struct inode *);
-+int add_link_common(struct inode *object, struct inode *parent);
-+int rem_link_common(struct inode *object, struct inode *parent);
-+int rem_link_common_dir(struct inode *object, struct inode *parent);
-+int owns_item_common(const struct inode *, const coord_t *);
-+int owns_item_common_dir(const struct inode *, const coord_t *);
-+int can_add_link_common(const struct inode *);
-+int can_rem_link_common_dir(const struct inode *);
-+int detach_common_dir(struct inode *child, struct inode *parent);
-+int open_cryptcompress(struct inode * inode, struct file * file);
-+int bind_common_dir(struct inode *child, struct inode *parent);
-+int safelink_common(struct inode *, reiser4_safe_link_t, __u64 value);
-+reiser4_block_nr estimate_create_common(const struct inode *);
-+reiser4_block_nr estimate_create_common_dir(const struct inode *);
-+reiser4_block_nr estimate_update_common(const struct inode *);
-+reiser4_block_nr estimate_unlink_common(const struct inode *,
-+ const struct inode *);
-+reiser4_block_nr estimate_unlink_common_dir(const struct inode *,
-+ const struct inode *);
-+char *wire_write_common(struct inode *, char *start);
-+char *wire_read_common(char *addr, reiser4_object_on_wire *);
-+struct dentry *wire_get_common(struct super_block *, reiser4_object_on_wire *);
-+int wire_size_common(struct inode *);
-+void wire_done_common(reiser4_object_on_wire *);
-+
-+/* dir plugin operations: common implementations */
-+struct dentry *get_parent_common(struct inode *child);
-+int is_name_acceptable_common(const struct inode *, const char *name, int len);
-+void build_entry_key_common(const struct inode *,
-+ const struct qstr *qname, reiser4_key *);
-+int build_readdir_key_common(struct file *dir, reiser4_key *);
-+int add_entry_common(struct inode *object, struct dentry *where,
-+ reiser4_object_create_data *, reiser4_dir_entry_desc *);
-+int rem_entry_common(struct inode *object, struct dentry *where,
-+ reiser4_dir_entry_desc *);
-+int init_common(struct inode *object, struct inode *parent,
-+ reiser4_object_create_data *);
-+int done_common(struct inode *);
-+int attach_common(struct inode *child, struct inode *parent);
-+int detach_common(struct inode *object, struct inode *parent);
-+reiser4_block_nr estimate_add_entry_common(const struct inode *);
-+reiser4_block_nr estimate_rem_entry_common(const struct inode *);
-+reiser4_block_nr dir_estimate_unlink_common(const struct inode *,
-+ const struct inode *);
-+
-+/* these are essential parts of common implementations, they are to make
-+ customized implementations easier */
-+int do_prepare_write(struct file *, struct page *, unsigned from, unsigned to);
-+
-+/* merely useful functions */
-+int lookup_sd(struct inode *, znode_lock_mode, coord_t *, lock_handle *,
-+ const reiser4_key *, int silent);
-+
-+
-+/* __FS_REISER4_PLUGIN_OBJECT_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/plugin.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/plugin.c
-@@ -0,0 +1,533 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* Basic plugin infrastructure, lookup etc. */
-+
-+/* PLUGINS:
-+
-+ Plugins are internal Reiser4 "modules" or "objects" used to increase
-+ extensibility and allow external users to easily adapt reiser4 to
-+ their needs.
-+
-+ Plugins are classified into several disjoint "types". Plugins
-+ belonging to the particular plugin type are termed "instances" of
-+ this type. Currently the following types are present:
-+
-+ . object plugin
-+ . hash plugin
-+ . tail plugin
-+ . perm plugin
-+ . item plugin
-+ . node layout plugin
-+
-+NIKITA-FIXME-HANS: update this list, and review this entire comment for currency
-+
-+ Object (file) plugin determines how given file-system object serves
-+ standard VFS requests for read, write, seek, mmap etc. Instances of
-+ file plugins are: regular file, directory, symlink. Another example
-+ of file plugin is audit plugin, that optionally records accesses to
-+ underlying object and forwards requests to it.
-+
-+ Hash plugins compute hashes used by reiser4 to store and locate
-+ files within directories. Instances of hash plugin type are: r5,
-+ tea, rupasov.
-+
-+ Tail plugins (or, more precisely, tail policy plugins) determine
-+ when last part of the file should be stored in a formatted item.
-+
-+ Perm plugins control permissions granted for a process accessing a file.
-+
-+ Scope and lookup:
-+
-+ label such that pair ( type_label, plugin_label ) is unique. This
-+ pair is a globally persistent and user-visible plugin
-+ identifier. Internally kernel maintains plugins and plugin types in
-+ arrays using an index into those arrays as plugin and plugin type
-+ identifiers. File-system in turn, also maintains persistent
-+ "dictionary" which is mapping from plugin label to numerical
-+ identifier which is stored in file-system objects. That is, we
-+ store the offset into the plugin array for that plugin type as the
-+ plugin id in the stat data of the filesystem object.
-+
-+ plugin_labels have meaning for the user interface that assigns
-+ plugins to files, and may someday have meaning for dynamic loading of
-+ plugins and for copying of plugins from one fs instance to
-+ another by utilities like cp and tar.
-+
-+ Internal kernel plugin type identifier (index in plugins[] array) is
-+ of type reiser4_plugin_type. Set of available plugin types is
-+ currently static, but dynamic loading doesn't seem to pose
-+ insurmountable problems.
-+
-+ Within each type plugins are addressed by the identifiers of type
-+ reiser4_plugin_id (indices in
-+ reiser4_plugin_type_data.builtin[]). Such identifiers are only
-+ required to be unique within one type, not globally.
-+
-+ Thus, plugin in memory is uniquely identified by the pair (type_id,
-+ id).
-+
-+ Usage:
-+
-+ There exists only one instance of each plugin instance, but this
-+ single instance can be associated with many entities (file-system
-+ objects, items, nodes, transactions, file-descriptors etc.). Entity
-+ to which plugin of given type is termed (due to the lack of
-+ imagination) "subject" of this plugin type and, by abuse of
-+ terminology, subject of particular instance of this type to which
-+ it's attached currently. For example, inode is subject of object
-+ plugin type. Inode representing directory is subject of directory
-+ plugin, hash plugin type and some particular instance of hash plugin
-+ type. Inode, representing regular file is subject of "regular file"
-+ plugin, tail-policy plugin type etc.
-+
-+ With each subject the plugin possibly stores some state. For example,
-+ the state of a directory plugin (instance of object plugin type) is pointer
-+ to hash plugin (if directories always use hashing that is). State of
-+ audit plugin is file descriptor (struct file) of log file or some
-+ magic value to do logging through printk().
-+
-+ Interface:
-+
-+ In addition to a scalar identifier, each plugin type and plugin
-+ proper has a "label": short string and a "description"---longer
-+ descriptive string. Labels and descriptions of plugin types are
-+ hard-coded into plugins[] array, declared and defined in
-+ plugin.c. Label and description of plugin are stored in .label and
-+ .desc fields of reiser4_plugin_header respectively. It's possible to
-+ locate plugin by the pair of labels.
-+
-+ Features:
-+
-+ . user-level plugin manipulations:
-+ + reiser4("filename/..file_plugin<='audit'");
-+ + write(open("filename/..file_plugin"), "audit", 8);
-+
-+ . user level utilities lsplug and chplug to manipulate plugins.
-+ Utilities are not of primary priority. Possibly they will be not
-+ working on v4.0
-+
-+NIKITA-FIXME-HANS: this should be a mkreiserfs option not a mount option, do you agree? I don't think that specifying it at mount time, and then changing it with each mount, is a good model for usage.
-+
-+ . mount option "plug" to set-up plugins of root-directory.
-+ "plug=foo:bar" will set "bar" as default plugin of type "foo".
-+
-+ Limitations:
-+
-+ . each plugin type has to provide at least one builtin
-+ plugin. This is technical limitation and it can be lifted in the
-+ future.
-+
-+ TODO:
-+
-+ New plugin types/plugings:
-+ Things we should be able to separately choose to inherit:
-+
-+ security plugins
-+
-+ stat data
-+
-+ file bodies
-+
-+ file plugins
-+
-+ dir plugins
-+
-+ . perm:acl
-+
-+ d audi---audit plugin intercepting and possibly logging all
-+ accesses to object. Requires to put stub functions in file_operations
-+ in stead of generic_file_*.
-+
-+NIKITA-FIXME-HANS: why make overflows a plugin?
-+ . over---handle hash overflows
-+
-+ . sqnt---handle different access patterns and instruments read-ahead
-+
-+NIKITA-FIXME-HANS: describe the line below in more detail.
-+
-+ . hier---handle inheritance of plugins along file-system hierarchy
-+
-+ Different kinds of inheritance: on creation vs. on access.
-+ Compatible/incompatible plugins.
-+ Inheritance for multi-linked files.
-+ Layered plugins.
-+ Notion of plugin context is abandoned.
-+
-+Each file is associated
-+ with one plugin and dependant plugins (hash, etc.) are stored as
-+ main plugin state. Now, if we have plugins used for regular files
-+ but not for directories, how such plugins would be inherited?
-+ . always store them with directories also
-+
-+NIKTIA-FIXME-HANS: Do the line above. It is not exclusive of doing the line below which is also useful.
-+
-+ . use inheritance hierarchy, independent of file-system namespace
-+
-+*/
-+
-+#include "../debug.h"
-+#include "../dformat.h"
-+#include "plugin_header.h"
-+#include "item/static_stat.h"
-+#include "node/node.h"
-+#include "security/perm.h"
-+#include "space/space_allocator.h"
-+#include "disk_format/disk_format.h"
-+#include "plugin.h"
-+#include "../reiser4.h"
-+#include "../jnode.h"
-+#include "../inode.h"
-+
-+#include <linux/fs.h> /* for struct super_block */
-+
-+/* public interface */
-+
-+/* initialise plugin sub-system. Just call this once on reiser4 startup. */
-+int init_plugins(void);
-+int setup_plugins(struct super_block *super, reiser4_plugin ** area);
-+int locate_plugin(struct inode *inode, plugin_locator * loc);
-+
-+
-+/**
-+ * init_plugins - initialize plugins
-+ *
-+ * Initializes plugin sub-system. It is part of reiser4 module
-+ * initialization. For each plugin of each type init method is called and each
-+ * plugin is put into list of plugins.
-+ */
-+int init_plugins(void)
-+{
-+ reiser4_plugin_type type_id;
-+
-+ for (type_id = 0; type_id < REISER4_PLUGIN_TYPES; ++type_id) {
-+ reiser4_plugin_type_data *ptype;
-+ int i;
-+
-+ ptype = &plugins[type_id];
-+ assert("nikita-3508", ptype->label != NULL);
-+ assert("nikita-3509", ptype->type_id == type_id);
-+
-+ INIT_LIST_HEAD(&ptype->plugins_list);
-+/* NIKITA-FIXME-HANS: change builtin_num to some other name lacking the term builtin. */
-+ for (i = 0; i < ptype->builtin_num; ++i) {
-+ reiser4_plugin *plugin;
-+
-+ plugin = plugin_at(ptype, i);
-+
-+ if (plugin->h.label == NULL)
-+ /* uninitialized slot encountered */
-+ continue;
-+ assert("nikita-3445", plugin->h.type_id == type_id);
-+ plugin->h.id = i;
-+ if (plugin->h.pops != NULL &&
-+ plugin->h.pops->init != NULL) {
-+ int result;
-+
-+ result = plugin->h.pops->init(plugin);
-+ if (result != 0)
-+ return result;
-+ }
-+ INIT_LIST_HEAD(&plugin->h.linkage);
-+ list_add_tail(&plugin->h.linkage, &ptype->plugins_list);
-+ }
-+ }
-+ return 0;
-+}
-+
-+/* true if plugin type id is valid */
-+int is_type_id_valid(reiser4_plugin_type type_id /* plugin type id */ )
-+{
-+ /* "type_id" is unsigned, so no comparison with 0 is
-+ necessary */
-+ return (type_id < REISER4_PLUGIN_TYPES);
-+}
-+
-+/* true if plugin id is valid */
-+int is_plugin_id_valid(reiser4_plugin_type type_id /* plugin type id */ ,
-+ reiser4_plugin_id id /* plugin id */ )
-+{
-+ assert("nikita-1653", is_type_id_valid(type_id));
-+ return id < plugins[type_id].builtin_num;
-+}
-+
-+/* return plugin by its @type_id and @id.
-+
-+ Both arguments are checked for validness: this is supposed to be called
-+ from user-level.
-+
-+NIKITA-FIXME-HANS: Do you instead mean that this checks ids created in
-+user space, and passed to the filesystem by use of method files? Your
-+comment really confused me on the first reading....
-+
-+*/
-+reiser4_plugin *plugin_by_unsafe_id(reiser4_plugin_type type_id /* plugin
-+ * type id,
-+ * unchecked */ ,
-+ reiser4_plugin_id id /* plugin id,
-+ * unchecked */ )
-+{
-+ if (is_type_id_valid(type_id)) {
-+ if (is_plugin_id_valid(type_id, id))
-+ return plugin_at(&plugins[type_id], id);
-+ else
-+ /* id out of bounds */
-+ warning("nikita-2913",
-+ "Invalid plugin id: [%i:%i]", type_id, id);
-+ } else
-+ /* type_id out of bounds */
-+ warning("nikita-2914", "Invalid type_id: %i", type_id);
-+ return NULL;
-+}
-+
-+/**
-+ * save_plugin_id - store plugin id in disk format
-+ * @plugin: plugin to convert
-+ * @area: where to store result
-+ *
-+ * Puts id of @plugin in little endian format to address @area.
-+ */
-+int save_plugin_id(reiser4_plugin *plugin /* plugin to convert */ ,
-+ d16 *area /* where to store result */ )
-+{
-+ assert("nikita-1261", plugin != NULL);
-+ assert("nikita-1262", area != NULL);
-+
-+ put_unaligned(cpu_to_le16(plugin->h.id), area);
-+ return 0;
-+}
-+
-+/* list of all plugins of given type */
-+struct list_head *get_plugin_list(reiser4_plugin_type type_id /* plugin type
-+ * id */ )
-+{
-+ assert("nikita-1056", is_type_id_valid(type_id));
-+ return &plugins[type_id].plugins_list;
-+}
-+
-+int grab_plugin(struct inode *self, struct inode *ancestor, pset_member memb)
-+{
-+ reiser4_plugin *plug;
-+ reiser4_inode *parent;
-+
-+ parent = reiser4_inode_data(ancestor);
-+ plug = pset_get(parent->hset, memb) ? : pset_get(parent->pset, memb);
-+ return grab_plugin_from(self, memb, plug);
-+}
-+
-+static void update_plugin_mask(reiser4_inode * info, pset_member memb)
-+{
-+ struct dentry *rootdir;
-+ reiser4_inode *root;
-+
-+ rootdir = inode_by_reiser4_inode(info)->i_sb->s_root;
-+ if (rootdir != NULL) {
-+ root = reiser4_inode_data(rootdir->d_inode);
-+ /*
-+ * if inode is different from the default one, or we are
-+ * changing plugin of root directory, update plugin_mask
-+ */
-+ if (pset_get(info->pset, memb) != pset_get(root->pset, memb) ||
-+ info == root)
-+ info->plugin_mask |= (1 << memb);
-+ }
-+}
-+
-+int
-+grab_plugin_from(struct inode *self, pset_member memb, reiser4_plugin * plug)
-+{
-+ reiser4_inode *info;
-+ int result = 0;
-+
-+ info = reiser4_inode_data(self);
-+ if (pset_get(info->pset, memb) == NULL) {
-+ result = pset_set(&info->pset, memb, plug);
-+ if (result == 0)
-+ update_plugin_mask(info, memb);
-+ }
-+ return result;
-+}
-+
-+int force_plugin(struct inode *self, pset_member memb, reiser4_plugin * plug)
-+{
-+ reiser4_inode *info;
-+ int result = 0;
-+
-+ info = reiser4_inode_data(self);
-+ if (plug->h.pops != NULL && plug->h.pops->change != NULL)
-+ result = plug->h.pops->change(self, plug);
-+ else
-+ result = pset_set(&info->pset, memb, plug);
-+ if (result == 0)
-+ update_plugin_mask(info, memb);
-+ return result;
-+}
-+
-+reiser4_plugin_type_data plugins[REISER4_PLUGIN_TYPES] = {
-+ /* C90 initializers */
-+ [REISER4_FILE_PLUGIN_TYPE] = {
-+ .type_id = REISER4_FILE_PLUGIN_TYPE,
-+ .label = "file",
-+ .desc = "Object plugins",
-+ .builtin_num = sizeof_array(file_plugins),
-+ .builtin = file_plugins,
-+ .plugins_list = {NULL, NULL},
-+ .size = sizeof(file_plugin)
-+ },
-+ [REISER4_DIR_PLUGIN_TYPE] = {
-+ .type_id = REISER4_DIR_PLUGIN_TYPE,
-+ .label = "dir",
-+ .desc = "Directory plugins",
-+ .builtin_num = sizeof_array(dir_plugins),
-+ .builtin = dir_plugins,
-+ .plugins_list = {NULL, NULL},
-+ .size = sizeof(dir_plugin)
-+ },
-+ [REISER4_HASH_PLUGIN_TYPE] = {
-+ .type_id = REISER4_HASH_PLUGIN_TYPE,
-+ .label = "hash",
-+ .desc = "Directory hashes",
-+ .builtin_num = sizeof_array(hash_plugins),
-+ .builtin = hash_plugins,
-+ .plugins_list = {NULL, NULL},
-+ .size = sizeof(hash_plugin)
-+ },
-+ [REISER4_FIBRATION_PLUGIN_TYPE] = {
-+ .type_id =
-+ REISER4_FIBRATION_PLUGIN_TYPE,
-+ .label = "fibration",
-+ .desc = "Directory fibrations",
-+ .builtin_num = sizeof_array(fibration_plugins),
-+ .builtin = fibration_plugins,
-+ .plugins_list = {NULL, NULL},
-+ .size = sizeof(fibration_plugin)
-+ },
-+ [REISER4_CIPHER_PLUGIN_TYPE] = {
-+ .type_id = REISER4_CIPHER_PLUGIN_TYPE,
-+ .label = "cipher",
-+ .desc = "Cipher plugins",
-+ .builtin_num = sizeof_array(cipher_plugins),
-+ .builtin = cipher_plugins,
-+ .plugins_list = {NULL, NULL},
-+ .size = sizeof(cipher_plugin)
-+ },
-+ [REISER4_DIGEST_PLUGIN_TYPE] = {
-+ .type_id = REISER4_DIGEST_PLUGIN_TYPE,
-+ .label = "digest",
-+ .desc = "Digest plugins",
-+ .builtin_num = sizeof_array(digest_plugins),
-+ .builtin = digest_plugins,
-+ .plugins_list = {NULL, NULL},
-+ .size = sizeof(digest_plugin)
-+ },
-+ [REISER4_COMPRESSION_PLUGIN_TYPE] = {
-+ .type_id = REISER4_COMPRESSION_PLUGIN_TYPE,
-+ .label = "compression",
-+ .desc = "Compression plugins",
-+ .builtin_num = sizeof_array(compression_plugins),
-+ .builtin = compression_plugins,
-+ .plugins_list = {NULL, NULL},
-+ .size = sizeof(compression_plugin)
-+ },
-+ [REISER4_FORMATTING_PLUGIN_TYPE] = {
-+ .type_id = REISER4_FORMATTING_PLUGIN_TYPE,
-+ .label = "formatting",
-+ .desc = "Tail inlining policies",
-+ .builtin_num = sizeof_array(formatting_plugins),
-+ .builtin = formatting_plugins,
-+ .plugins_list = {NULL, NULL},
-+ .size = sizeof(formatting_plugin)
-+ },
-+ [REISER4_PERM_PLUGIN_TYPE] = {
-+ .type_id = REISER4_PERM_PLUGIN_TYPE,
-+ .label = "perm",
-+ .desc = "Permission checks",
-+ .builtin_num = sizeof_array(perm_plugins),
-+ .builtin = perm_plugins,
-+ .plugins_list = {NULL, NULL},
-+ .size = sizeof(perm_plugin)
-+ },
-+ [REISER4_ITEM_PLUGIN_TYPE] = {
-+ .type_id = REISER4_ITEM_PLUGIN_TYPE,
-+ .label = "item",
-+ .desc = "Item handlers",
-+ .builtin_num = sizeof_array(item_plugins),
-+ .builtin = item_plugins,
-+ .plugins_list = {NULL, NULL},
-+ .size = sizeof(item_plugin)
-+ },
-+ [REISER4_NODE_PLUGIN_TYPE] = {
-+ .type_id = REISER4_NODE_PLUGIN_TYPE,
-+ .label = "node",
-+ .desc = "node layout handlers",
-+ .builtin_num = sizeof_array(node_plugins),
-+ .builtin = node_plugins,
-+ .plugins_list = {NULL, NULL},
-+ .size = sizeof(node_plugin)
-+ },
-+ [REISER4_SD_EXT_PLUGIN_TYPE] = {
-+ .type_id = REISER4_SD_EXT_PLUGIN_TYPE,
-+ .label = "sd_ext",
-+ .desc = "Parts of stat-data",
-+ .builtin_num = sizeof_array(sd_ext_plugins),
-+ .builtin = sd_ext_plugins,
-+ .plugins_list = {NULL, NULL},
-+ .size = sizeof(sd_ext_plugin)
-+ },
-+ [REISER4_FORMAT_PLUGIN_TYPE] = {
-+ .type_id = REISER4_FORMAT_PLUGIN_TYPE,
-+ .label = "disk_layout",
-+ .desc = "defines filesystem on disk layout",
-+ .builtin_num = sizeof_array(format_plugins),
-+ .builtin = format_plugins,
-+ .plugins_list = {NULL, NULL},
-+ .size = sizeof(disk_format_plugin)
-+ },
-+ [REISER4_JNODE_PLUGIN_TYPE] = {
-+ .type_id = REISER4_JNODE_PLUGIN_TYPE,
-+ .label = "jnode",
-+ .desc = "defines kind of jnode",
-+ .builtin_num = sizeof_array(jnode_plugins),
-+ .builtin = jnode_plugins,
-+ .plugins_list = {NULL, NULL},
-+ .size = sizeof(jnode_plugin)
-+ },
-+ [REISER4_COMPRESSION_MODE_PLUGIN_TYPE] = {
-+ .type_id = REISER4_COMPRESSION_MODE_PLUGIN_TYPE,
-+ .label = "compression_mode",
-+ .desc = "Defines compression mode",
-+ .builtin_num = sizeof_array(compression_mode_plugins),
-+ .builtin = compression_mode_plugins,
-+ .plugins_list = {NULL, NULL},
-+ .size = sizeof(compression_mode_plugin)
-+ },
-+ [REISER4_CLUSTER_PLUGIN_TYPE] = {
-+ .type_id = REISER4_CLUSTER_PLUGIN_TYPE,
-+ .label = "cluster",
-+ .desc = "Defines cluster size",
-+ .builtin_num = sizeof_array(cluster_plugins),
-+ .builtin = cluster_plugins,
-+ .plugins_list = {NULL, NULL},
-+ .size = sizeof(cluster_plugin)
-+ },
-+ [REISER4_REGULAR_PLUGIN_TYPE] = {
-+ .type_id = REISER4_REGULAR_PLUGIN_TYPE,
-+ .label = "regular",
-+ .desc = "Defines kind of regular file",
-+ .builtin_num =
-+ sizeof_array(regular_plugins),
-+ .builtin = regular_plugins,
-+ .plugins_list = {NULL, NULL},
-+ .size = sizeof(regular_plugin)
-+ }
-+};
-+
-+/*
-+ * Local variables:
-+ * c-indentation-style: "K&R"
-+ * mode-name: "LC"
-+ * c-basic-offset: 8
-+ * tab-width: 8
-+ * fill-column: 120
-+ * End:
-+ */
-Index: linux-2.6.16/fs/reiser4/plugin/plugin.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/plugin.h
-@@ -0,0 +1,936 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* Basic plugin data-types.
-+ see fs/reiser4/plugin/plugin.c for details */
-+
-+#if !defined( __FS_REISER4_PLUGIN_TYPES_H__ )
-+#define __FS_REISER4_PLUGIN_TYPES_H__
-+
-+#include "../forward.h"
-+#include "../debug.h"
-+#include "../dformat.h"
-+#include "../key.h"
-+#include "compress/compress.h"
-+#include "crypto/cipher.h"
-+#include "plugin_header.h"
-+#include "item/static_stat.h"
-+#include "item/internal.h"
-+#include "item/sde.h"
-+#include "item/cde.h"
-+#include "item/item.h"
-+#include "node/node.h"
-+#include "node/node40.h"
-+#include "security/perm.h"
-+#include "fibration.h"
-+
-+#include "space/bitmap.h"
-+#include "space/space_allocator.h"
-+
-+#include "disk_format/disk_format40.h"
-+#include "disk_format/disk_format.h"
-+
-+#include <linux/fs.h> /* for struct super_block, address_space */
-+#include <linux/mm.h> /* for struct page */
-+#include <linux/buffer_head.h> /* for struct buffer_head */
-+#include <linux/dcache.h> /* for struct dentry */
-+#include <linux/types.h>
-+#include <linux/crypto.h>
-+
-+typedef struct reiser4_object_on_wire reiser4_object_on_wire;
-+
-+/*
-+ * File plugin. Defines the set of methods that file plugins implement, some
-+ * of which are optional.
-+ *
-+ * A file plugin offers to the caller an interface for IO ( writing to and/or
-+ * reading from) to what the caller sees as one sequence of bytes. An IO to it
-+ * may affect more than one physical sequence of bytes, or no physical sequence
-+ * of bytes, it may affect sequences of bytes offered by other file plugins to
-+ * the semantic layer, and the file plugin may invoke other plugins and
-+ * delegate work to them, but its interface is structured for offering the
-+ * caller the ability to read and/or write what the caller sees as being a
-+ * single sequence of bytes.
-+ *
-+ * The file plugin must present a sequence of bytes to the caller, but it does
-+ * not necessarily have to store a sequence of bytes, it does not necessarily
-+ * have to support efficient tree traversal to any offset in the sequence of
-+ * bytes (tail and extent items, whose keys contain offsets, do however provide
-+ * efficient non-sequential lookup of any offset in the sequence of bytes).
-+ *
-+ * Directory plugins provide methods for selecting file plugins by resolving a
-+ * name for them.
-+ *
-+ * The functionality other filesystems call an attribute, and rigidly tie
-+ * together, we decompose into orthogonal selectable features of files. Using
-+ * the terminology we will define next, an attribute is a perhaps constrained,
-+ * perhaps static length, file whose parent has a uni-count-intra-link to it,
-+ * which might be grandparent-major-packed, and whose parent has a deletion
-+ * method that deletes it.
-+ *
-+ * File plugins can implement constraints.
-+ *
-+ * Files can be of variable length (e.g. regular unix files), or of static
-+ * length (e.g. static sized attributes).
-+ *
-+ * An object may have many sequences of bytes, and many file plugins, but, it
-+ * has exactly one objectid. It is usually desirable that an object has a
-+ * deletion method which deletes every item with that objectid. Items cannot
-+ * in general be found by just their objectids. This means that an object must
-+ * have either a method built into its deletion plugin method for knowing what
-+ * items need to be deleted, or links stored with the object that provide the
-+ * plugin with a method for finding those items. Deleting a file within an
-+ * object may or may not have the effect of deleting the entire object,
-+ * depending on the file plugin's deletion method.
-+ *
-+ * LINK TAXONOMY:
-+ *
-+ * Many objects have a reference count, and when the reference count reaches 0
-+ * the object's deletion method is invoked. Some links embody a reference
-+ * count increase ("countlinks"), and others do not ("nocountlinks").
-+ *
-+ * Some links are bi-directional links ("bilinks"), and some are
-+ * uni-directional("unilinks").
-+ *
-+ * Some links are between parts of the same object ("intralinks"), and some are
-+ * between different objects ("interlinks").
-+ *
-+ * PACKING TAXONOMY:
-+ *
-+ * Some items of an object are stored with a major packing locality based on
-+ * their object's objectid (e.g. unix directory items in plan A), and these are
-+ * called "self-major-packed".
-+ *
-+ * Some items of an object are stored with a major packing locality based on
-+ * their semantic parent object's objectid (e.g. unix file bodies in plan A),
-+ * and these are called "parent-major-packed".
-+ *
-+ * Some items of an object are stored with a major packing locality based on
-+ * their semantic grandparent, and these are called "grandparent-major-packed".
-+ * Now carefully notice that we run into trouble with key length if we have to
-+ * store a 8 byte major+minor grandparent based packing locality, an 8 byte
-+ * parent objectid, an 8 byte attribute objectid, and an 8 byte offset, all in
-+ * a 24 byte key. One of these fields must be sacrificed if an item is to be
-+ * grandparent-major-packed, and which to sacrifice is left to the item author
-+ * choosing to make the item grandparent-major-packed. You cannot make tail
-+ * items and extent items grandparent-major-packed, though you could make them
-+ * self-major-packed (usually they are parent-major-packed).
-+ *
-+ * In the case of ACLs (which are composed of fixed length ACEs which consist
-+ * of {subject-type, subject, and permission bitmask} triples), it makes sense
-+ * to not have an offset field in the ACE item key, and to allow duplicate keys
-+ * for ACEs. Thus, the set of ACES for a given file is found by looking for a
-+ * key consisting of the objectid of the grandparent (thus grouping all ACLs in
-+ * a directory together), the minor packing locality of ACE, the objectid of
-+ * the file, and 0.
-+ *
-+ * IO involves moving data from one location to another, which means that two
-+ * locations must be specified, source and destination.
-+ *
-+ * This source and destination can be in the filesystem, or they can be a
-+ * pointer in the user process address space plus a byte count.
-+ *
-+ * If both source and destination are in the filesystem, then at least one of
-+ * them must be representable as a pure stream of bytes (which we call a flow,
-+ * and define as a struct containing a key, a data pointer, and a length).
-+ * This may mean converting one of them into a flow. We provide a generic
-+ * cast_into_flow() method, which will work for any plugin supporting
-+ * read_flow(), though it is inefficiently implemented in that it temporarily
-+ * stores the flow in a buffer (Question: what to do with huge flows that
-+ * cannot fit into memory? Answer: we must not convert them all at once. )
-+ *
-+ * Performing a write requires resolving the write request into a flow defining
-+ * the source, and a method that performs the write, and a key that defines
-+ * where in the tree the write is to go.
-+ *
-+ * Performing a read requires resolving the read request into a flow defining
-+ * the target, and a method that performs the read, and a key that defines
-+ * where in the tree the read is to come from.
-+ *
-+ * There will exist file plugins which have no pluginid stored on the disk for
-+ * them, and which are only invoked by other plugins.
-+ */
-+
-+/* builtin file-plugins */
-+typedef enum {
-+ /* regular file */
-+ UNIX_FILE_PLUGIN_ID,
-+ /* directory */
-+ DIRECTORY_FILE_PLUGIN_ID,
-+ /* symlink */
-+ SYMLINK_FILE_PLUGIN_ID,
-+ /* for objects completely handled by the VFS: fifos, devices,
-+ sockets */
-+ SPECIAL_FILE_PLUGIN_ID,
-+ /* regular cryptcompress file */
-+ CRC_FILE_PLUGIN_ID,
-+ /* number of file plugins. Used as size of arrays to hold
-+ file plugins. */
-+ LAST_FILE_PLUGIN_ID
-+} reiser4_file_id;
-+
-+typedef struct file_plugin {
-+
-+ /* generic fields */
-+ plugin_header h;
-+
-+ struct inode_operations inode_ops;
-+ struct file_operations file_ops;
-+ struct address_space_operations as_ops;
-+
-+ /* save inode cached stat-data onto disk. It was called
-+ reiserfs_update_sd() in 3.x */
-+ int (*write_sd_by_inode) (struct inode *);
-+
-+ /*
-+ * private methods: These are optional. If used they will allow you to
-+ * minimize the amount of code needed to implement a deviation from
-+ * some other method that also uses them.
-+ */
-+
-+ /*
-+ * Construct flow into @flow according to user-supplied data.
-+ *
-+ * This is used by read/write methods to construct a flow to
-+ * write/read. ->flow_by_inode() is plugin method, rather than single
-+ * global implementation, because key in a flow used by plugin may
-+ * depend on data in a @buf.
-+ *
-+ * NIKITA-FIXME-HANS: please create statistics on what functions are
-+ * dereferenced how often for the mongo benchmark. You can supervise
-+ * Elena doing this for you if that helps. Email me the list of the
-+ * top 10, with their counts, and an estimate of the total number of
-+ * CPU cycles spent dereferencing as a percentage of CPU cycles spent
-+ * processing (non-idle processing). If the total percent is, say,
-+ * less than 1%, it will make our coding discussions much easier, and
-+ * keep me from questioning whether functions like the below are too
-+ * frequently called to be dereferenced. If the total percent is more
-+ * than 1%, perhaps private methods should be listed in a "required"
-+ * comment at the top of each plugin (with stern language about how if
-+ * the comment is missing it will not be accepted by the maintainer),
-+ * and implemented using macros not dereferenced functions. How about
-+ * replacing this whole private methods part of the struct with a
-+ * thorough documentation of what the standard helper functions are for
-+ * use in constructing plugins? I think users have been asking for
-+ * that, though not in so many words.
-+ */
-+ int (*flow_by_inode) (struct inode *, const char __user *buf,
-+ int user, loff_t size,
-+ loff_t off, rw_op op, flow_t *);
-+
-+ /*
-+ * Return the key used to retrieve an offset of a file. It is used by
-+ * default implementation of ->flow_by_inode() method
-+ * (common_build_flow()) and, among other things, to get to the extent
-+ * from jnode of unformatted node.
-+ */
-+ int (*key_by_inode) (struct inode *, loff_t off, reiser4_key *);
-+
-+ /* NIKITA-FIXME-HANS: this comment is not as clear to others as you think.... */
-+ /*
-+ * set the plugin for a file. Called during file creation in creat()
-+ * but not reiser4() unless an inode already exists for the file.
-+ */
-+ int (*set_plug_in_inode) (struct inode *inode, struct inode *parent,
-+ reiser4_object_create_data *);
-+
-+ /* NIKITA-FIXME-HANS: comment and name seem to say different things,
-+ * are you setting up the object itself also or just adjusting the
-+ * parent?.... */
-+ /* set up plugins for new @object created in @parent. @root is root
-+ directory. */
-+ int (*adjust_to_parent) (struct inode *object, struct inode *parent,
-+ struct inode *root);
-+ /*
-+ * this does whatever is necessary to do when object is created. For
-+ * instance, for unix files stat data is inserted. It is supposed to be
-+ * called by create of struct inode_operations.
-+ */
-+ int (*create_object) (struct inode *object, struct inode *parent,
-+ reiser4_object_create_data *);
-+
-+ /* this does whatever is necessary to do when object is opened */
-+ int (*open_object) (struct inode * inode, struct file * file);
-+ /*
-+ * this method should check REISER4_NO_SD and set REISER4_NO_SD on
-+ * success. Deletion of an object usually includes removal of items
-+ * building file body (for directories this is removal of "." and "..")
-+ * and removal of stat-data item.
-+ */
-+ int (*delete_object) (struct inode *);
-+
-+ /* add link from @parent to @object */
-+ int (*add_link) (struct inode *object, struct inode *parent);
-+
-+ /* remove link from @parent to @object */
-+ int (*rem_link) (struct inode *object, struct inode *parent);
-+
-+ /*
-+ * return true if item addressed by @coord belongs to @inode. This is
-+ * used by read/write to properly slice flow into items in presence of
-+ * multiple key assignment policies, because items of a file are not
-+ * necessarily contiguous in a key space, for example, in a plan-b.
-+ */
-+ int (*owns_item) (const struct inode *, const coord_t *);
-+
-+ /* checks whether yet another hard links to this object can be
-+ added */
-+ int (*can_add_link) (const struct inode *);
-+
-+ /* checks whether hard links to this object can be removed */
-+ int (*can_rem_link) (const struct inode *);
-+
-+ /* not empty for DIRECTORY_FILE_PLUGIN_ID only currently. It calls
-+ detach of directory plugin to remove ".." */
-+ int (*detach) (struct inode * child, struct inode * parent);
-+
-+ /* called when @child was just looked up in the @parent. It is not
-+ empty for DIRECTORY_FILE_PLUGIN_ID only where it calls attach of
-+ directory plugin */
-+ int (*bind) (struct inode * child, struct inode * parent);
-+
-+ /* process safe-link during mount */
-+ int (*safelink) (struct inode * object, reiser4_safe_link_t link,
-+ __u64 value);
-+
-+ /* The couple of estimate methods for all file operations */
-+ struct {
-+ reiser4_block_nr(*create) (const struct inode *);
-+ reiser4_block_nr(*update) (const struct inode *);
-+ reiser4_block_nr(*unlink) (const struct inode *,
-+ const struct inode *);
-+ } estimate;
-+
-+ /*
-+ * reiser4 specific part of inode has a union of structures which are
-+ * specific to a plugin. This method is called when inode is read
-+ * (read_inode) and when file is created (common_create_child) so that
-+ * file plugin could initialize its inode data
-+ */
-+ void (*init_inode_data) (struct inode *, reiser4_object_create_data *,
-+ int);
-+
-+ /*
-+ * This method performs progressive deletion of items and whole nodes
-+ * from right to left.
-+ *
-+ * @tap: the point deletion process begins from,
-+ * @from_key: the beginning of the deleted key range,
-+ * @to_key: the end of the deleted key range,
-+ * @smallest_removed: the smallest removed key,
-+ *
-+ * @return: 0 if success, error code otherwise, -E_REPEAT means that long cut_tree
-+ * operation was interrupted for allowing atom commit .
-+ */
-+ int (*cut_tree_worker) (tap_t *, const reiser4_key * from_key,
-+ const reiser4_key * to_key,
-+ reiser4_key * smallest_removed, struct inode *,
-+ int, int *);
-+
-+ /* called from ->destroy_inode() */
-+ void (*destroy_inode) (struct inode *);
-+
-+ /*
-+ * methods to serialize object identify. This is used, for example, by
-+ * reiser4_{en,de}code_fh().
-+ */
-+ struct {
-+ /* store object's identity at @area */
-+ char *(*write) (struct inode * inode, char *area);
-+ /* parse object from wire to the @obj */
-+ char *(*read) (char *area, reiser4_object_on_wire * obj);
-+ /* given object identity in @obj, find or create its dentry */
-+ struct dentry *(*get) (struct super_block * s,
-+ reiser4_object_on_wire * obj);
-+ /* how many bytes ->wire.write() consumes */
-+ int (*size) (struct inode * inode);
-+ /* finish with object identify */
-+ void (*done) (reiser4_object_on_wire * obj);
-+ } wire;
-+} file_plugin;
-+
-+extern file_plugin file_plugins[LAST_FILE_PLUGIN_ID];
-+
-+struct reiser4_object_on_wire {
-+ file_plugin *plugin;
-+ union {
-+ struct {
-+ obj_key_id key_id;
-+ } std;
-+ void *generic;
-+ } u;
-+};
-+
-+/* builtin dir-plugins */
-+typedef enum {
-+ HASHED_DIR_PLUGIN_ID,
-+ SEEKABLE_HASHED_DIR_PLUGIN_ID,
-+ LAST_DIR_ID
-+} reiser4_dir_id;
-+
-+typedef struct dir_plugin {
-+ /* generic fields */
-+ plugin_header h;
-+
-+ struct inode_operations inode_ops;
-+ struct file_operations file_ops;
-+ struct address_space_operations as_ops;
-+
-+ /*
-+ * private methods: These are optional. If used they will allow you to
-+ * minimize the amount of code needed to implement a deviation from
-+ * some other method that uses them. You could logically argue that
-+ * they should be a separate type of plugin.
-+ */
-+
-+ struct dentry *(*get_parent) (struct inode * childdir);
-+
-+ /*
-+ * check whether "name" is acceptable name to be inserted into this
-+ * object. Optionally implemented by directory-like objects. Can check
-+ * for maximal length, reserved symbols etc
-+ */
-+ int (*is_name_acceptable) (const struct inode * inode, const char *name,
-+ int len);
-+
-+ void (*build_entry_key) (const struct inode * dir /* directory where
-+ * entry is (or will
-+ * be) in.*/ ,
-+ const struct qstr * name /* name of file
-+ * referenced by this
-+ * entry */ ,
-+ reiser4_key * result /* resulting key of
-+ * directory entry */ );
-+ int (*build_readdir_key) (struct file * dir, reiser4_key * result);
-+ int (*add_entry) (struct inode * object, struct dentry * where,
-+ reiser4_object_create_data * data,
-+ reiser4_dir_entry_desc * entry);
-+ int (*rem_entry) (struct inode * object, struct dentry * where,
-+ reiser4_dir_entry_desc * entry);
-+
-+ /*
-+ * initialize directory structure for newly created object. For normal
-+ * unix directories, insert dot and dotdot.
-+ */
-+ int (*init) (struct inode * object, struct inode * parent,
-+ reiser4_object_create_data * data);
-+
-+ /* destroy directory */
-+ int (*done) (struct inode * child);
-+
-+ /* called when @subdir was just looked up in the @dir */
-+ int (*attach) (struct inode * subdir, struct inode * dir);
-+ int (*detach) (struct inode * subdir, struct inode * dir);
-+
-+ struct {
-+ reiser4_block_nr(*add_entry) (const struct inode *);
-+ reiser4_block_nr(*rem_entry) (const struct inode *);
-+ reiser4_block_nr(*unlink) (const struct inode *,
-+ const struct inode *);
-+ } estimate;
-+} dir_plugin;
-+
-+extern dir_plugin dir_plugins[LAST_DIR_ID];
-+
-+typedef struct formatting_plugin {
-+ /* generic fields */
-+ plugin_header h;
-+ /* returns non-zero iff file's tail has to be stored
-+ in a direct item. */
-+ int (*have_tail) (const struct inode * inode, loff_t size);
-+} formatting_plugin;
-+
-+typedef struct hash_plugin {
-+ /* generic fields */
-+ plugin_header h;
-+ /* computes hash of the given name */
-+ __u64(*hash) (const unsigned char *name, int len);
-+} hash_plugin;
-+
-+typedef struct cipher_plugin {
-+ /* generic fields */
-+ plugin_header h;
-+ struct crypto_tfm * (*alloc) (void);
-+ void (*free) (struct crypto_tfm * tfm);
-+ /* Offset translator. For each offset this returns (k * offset), where
-+ k (k >= 1) is an expansion factor of the cipher algorithm.
-+ For all symmetric algorithms k == 1. For asymmetric algorithms (which
-+ inflate data) offset translation guarantees that all disk cluster's
-+ units will have keys smaller then next cluster's one.
-+ */
-+ loff_t(*scale) (struct inode * inode, size_t blocksize, loff_t src);
-+ /* Cipher algorithms can accept data only by chunks of cipher block
-+ size. This method is to align any flow up to cipher block size when
-+ we pass it to cipher algorithm. To align means to append padding of
-+ special format specific to the cipher algorithm */
-+ int (*align_stream) (__u8 * tail, int clust_size, int blocksize);
-+ /* low-level key manager (check, install, etc..) */
-+ int (*setkey) (struct crypto_tfm * tfm, const __u8 * key,
-+ unsigned int keylen);
-+ /* main text processing procedures */
-+ void (*encrypt) (__u32 * expkey, __u8 * dst, const __u8 * src);
-+ void (*decrypt) (__u32 * expkey, __u8 * dst, const __u8 * src);
-+} cipher_plugin;
-+
-+typedef struct digest_plugin {
-+ /* generic fields */
-+ plugin_header h;
-+ /* fingerprint size in bytes */
-+ int fipsize;
-+ struct crypto_tfm * (*alloc) (void);
-+ void (*free) (struct crypto_tfm * tfm);
-+} digest_plugin;
-+
-+typedef struct compression_plugin {
-+ /* generic fields */
-+ plugin_header h;
-+ int (*init) (void);
-+ /* the maximum number of bytes the size of the "compressed" data can
-+ * exceed the uncompressed data. */
-+ int (*overrun) (unsigned src_len);
-+ coa_t(*alloc) (tfm_action act);
-+ void (*free) (coa_t coa, tfm_action act);
-+ /* minimal size of the flow we still try to compress */
-+ int (*min_size_deflate) (void);
-+ __u32(*checksum) (char *data, __u32 length);
-+ /* main transform procedures */
-+ void (*compress) (coa_t coa, __u8 * src_first, unsigned src_len,
-+ __u8 * dst_first, unsigned *dst_len);
-+ void (*decompress) (coa_t coa, __u8 * src_first, unsigned src_len,
-+ __u8 * dst_first, unsigned *dst_len);
-+} compression_plugin;
-+
-+typedef struct compression_mode_plugin {
-+ /* generic fields */
-+ plugin_header h;
-+ /* this is called when estimating compressibility
-+ of a logical cluster by its content */
-+ int (*should_deflate) (struct inode * inode, cloff_t index);
-+ /* this is called when results of compression should be saved */
-+ int (*accept_hook) (struct inode * inode, cloff_t index);
-+ /* this is called when results of compression should be discarded */
-+ int (*discard_hook) (struct inode * inode, cloff_t index);
-+} compression_mode_plugin;
-+
-+typedef struct regular_plugin {
-+ /* generic fields */
-+ plugin_header h;
-+ /* file plugin id which implements regular file */
-+ reiser4_file_id id;
-+} regular_plugin;
-+
-+typedef struct cluster_plugin {
-+ /* generic fields */
-+ plugin_header h;
-+ int shift;
-+} cluster_plugin;
-+
-+typedef struct sd_ext_plugin {
-+ /* generic fields */
-+ plugin_header h;
-+ int (*present) (struct inode * inode, char **area, int *len);
-+ int (*absent) (struct inode * inode);
-+ int (*save_len) (struct inode * inode);
-+ int (*save) (struct inode * inode, char **area);
-+ /* alignment requirement for this stat-data part */
-+ int alignment;
-+} sd_ext_plugin;
-+
-+/* this plugin contains methods to allocate objectid for newly created files,
-+ to deallocate objectid when file gets removed, to report number of used and
-+ free objectids */
-+typedef struct oid_allocator_plugin {
-+ /* generic fields */
-+ plugin_header h;
-+ int (*init_oid_allocator) (reiser4_oid_allocator * map, __u64 nr_files,
-+ __u64 oids);
-+ /* used to report statfs->f_files */
-+ __u64(*oids_used) (reiser4_oid_allocator * map);
-+ /* get next oid to use */
-+ __u64(*next_oid) (reiser4_oid_allocator * map);
-+ /* used to report statfs->f_ffree */
-+ __u64(*oids_free) (reiser4_oid_allocator * map);
-+ /* allocate new objectid */
-+ int (*allocate_oid) (reiser4_oid_allocator * map, oid_t *);
-+ /* release objectid */
-+ int (*release_oid) (reiser4_oid_allocator * map, oid_t);
-+ /* how many pages to reserve in transaction for allocation of new
-+ objectid */
-+ int (*oid_reserve_allocate) (reiser4_oid_allocator * map);
-+ /* how many pages to reserve in transaction for freeing of an
-+ objectid */
-+ int (*oid_reserve_release) (reiser4_oid_allocator * map);
-+ void (*print_info) (const char *, reiser4_oid_allocator *);
-+} oid_allocator_plugin;
-+
-+/* disk layout plugin: this specifies super block, journal, bitmap (if there
-+ are any) locations, etc */
-+typedef struct disk_format_plugin {
-+ /* generic fields */
-+ plugin_header h;
-+ /* replay journal, initialize super_info_data, etc */
-+ int (*init_format) (struct super_block *, void *data);
-+
-+ /* key of root directory stat data */
-+ const reiser4_key *(*root_dir_key) (const struct super_block *);
-+
-+ int (*release) (struct super_block *);
-+ jnode *(*log_super) (struct super_block *);
-+ int (*check_open) (const struct inode * object);
-+} disk_format_plugin;
-+
-+struct jnode_plugin {
-+ /* generic fields */
-+ plugin_header h;
-+ int (*init) (jnode * node);
-+ int (*parse) (jnode * node);
-+ struct address_space *(*mapping) (const jnode * node);
-+ unsigned long (*index) (const jnode * node);
-+ jnode *(*clone) (jnode * node);
-+};
-+
-+/* plugin instance. */
-+/* */
-+/* This is "wrapper" union for all types of plugins. Most of the code uses */
-+/* plugins of particular type (file_plugin, dir_plugin, etc.) rather than */
-+/* operates with pointers to reiser4_plugin. This union is only used in */
-+/* some generic code in plugin/plugin.c that operates on all */
-+/* plugins. Technically speaking purpose of this union is to add type */
-+/* safety to said generic code: each plugin type (file_plugin, for */
-+/* example), contains plugin_header as its first memeber. This first member */
-+/* is located at the same place in memory as .h member of */
-+/* reiser4_plugin. Generic code, obtains pointer to reiser4_plugin and */
-+/* looks in the .h which is header of plugin type located in union. This */
-+/* allows to avoid type-casts. */
-+union reiser4_plugin {
-+ /* generic fields */
-+ plugin_header h;
-+ /* file plugin */
-+ file_plugin file;
-+ /* directory plugin */
-+ dir_plugin dir;
-+ /* hash plugin, used by directory plugin */
-+ hash_plugin hash;
-+ /* fibration plugin used by directory plugin */
-+ fibration_plugin fibration;
-+ /* cipher transform plugin, used by file plugin */
-+ cipher_plugin cipher;
-+ /* digest transform plugin, used by file plugin */
-+ digest_plugin digest;
-+ /* compression transform plugin, used by file plugin */
-+ compression_plugin compression;
-+ /* tail plugin, used by file plugin */
-+ formatting_plugin formatting;
-+ /* permission plugin */
-+ perm_plugin perm;
-+ /* node plugin */
-+ node_plugin node;
-+ /* item plugin */
-+ item_plugin item;
-+ /* stat-data extension plugin */
-+ sd_ext_plugin sd_ext;
-+ /* disk layout plugin */
-+ disk_format_plugin format;
-+ /* object id allocator plugin */
-+ oid_allocator_plugin oid_allocator;
-+ /* plugin for different jnode types */
-+ jnode_plugin jnode;
-+ /* compression mode plugin, used by object plugin */
-+ compression_mode_plugin compression_mode;
-+ /* cluster plugin, used by object plugin */
-+ cluster_plugin clust;
-+ /* regular plugin, used by directory plugin */
-+ regular_plugin regular;
-+ /* place-holder for new plugin types that can be registered
-+ dynamically, and used by other dynamically loaded plugins. */
-+ void *generic;
-+};
-+
-+struct reiser4_plugin_ops {
-+ /* called when plugin is initialized */
-+ int (*init) (reiser4_plugin * plugin);
-+ /* called when plugin is unloaded */
-+ int (*done) (reiser4_plugin * plugin);
-+ /* load given plugin from disk */
-+ int (*load) (struct inode * inode,
-+ reiser4_plugin * plugin, char **area, int *len);
-+ /* how many space is required to store this plugin's state
-+ in stat-data */
-+ int (*save_len) (struct inode * inode, reiser4_plugin * plugin);
-+ /* save persistent plugin-data to disk */
-+ int (*save) (struct inode * inode, reiser4_plugin * plugin,
-+ char **area);
-+ /* alignment requirement for on-disk state of this plugin
-+ in number of bytes */
-+ int alignment;
-+ /* install itself into given inode. This can return error
-+ (e.g., you cannot change hash of non-empty directory). */
-+ int (*change) (struct inode * inode, reiser4_plugin * plugin);
-+ /* install itself into given inode. This can return error
-+ (e.g., you cannot change hash of non-empty directory). */
-+ int (*inherit) (struct inode * inode, struct inode * parent,
-+ reiser4_plugin * plugin);
-+};
-+
-+/* functions implemented in fs/reiser4/plugin/plugin.c */
-+
-+/* stores plugin reference in reiser4-specific part of inode */
-+extern int set_object_plugin(struct inode *inode, reiser4_plugin_id id);
-+extern int setup_plugins(struct super_block *super, reiser4_plugin ** area);
-+extern int init_plugins(void);
-+
-+/* builtin plugins */
-+
-+/* builtin hash-plugins */
-+
-+typedef enum {
-+ RUPASOV_HASH_ID,
-+ R5_HASH_ID,
-+ TEA_HASH_ID,
-+ FNV1_HASH_ID,
-+ DEGENERATE_HASH_ID,
-+ LAST_HASH_ID
-+} reiser4_hash_id;
-+
-+/* builtin cipher plugins */
-+
-+typedef enum {
-+ NONE_CIPHER_ID,
-+ AES_CIPHER_ID,
-+ LAST_CIPHER_ID
-+} reiser4_cipher_id;
-+
-+/* builtin digest plugins */
-+
-+typedef enum {
-+ SHA256_32_DIGEST_ID,
-+ LAST_DIGEST_ID
-+} reiser4_digest_id;
-+
-+/* builtin compression mode plugins */
-+typedef enum {
-+ NONE_COMPRESSION_MODE_ID,
-+ COL_8_COMPRESSION_MODE_ID,
-+ COL_16_COMPRESSION_MODE_ID,
-+ COL_32_COMPRESSION_MODE_ID,
-+ COZ_COMPRESSION_MODE_ID,
-+ FORCE_COMPRESSION_MODE_ID,
-+ TEST_COMPRESSION_MODE_ID,
-+ LAST_COMPRESSION_MODE_ID
-+} reiser4_compression_mode_id;
-+
-+/* builtin cluster plugins */
-+typedef enum {
-+ CLUSTER_64K_ID,
-+ CLUSTER_32K_ID,
-+ CLUSTER_16K_ID,
-+ CLUSTER_8K_ID,
-+ CLUSTER_4K_ID,
-+ LAST_CLUSTER_ID
-+} reiser4_cluster_id;
-+
-+/* builtin regular plugins */
-+typedef enum {
-+ UF_REGULAR_ID,
-+ CRC_REGULAR_ID,
-+ LAST_REGULAR_ID
-+} reiser4_regular_id;
-+
-+/* builtin tail-plugins */
-+
-+typedef enum {
-+ NEVER_TAILS_FORMATTING_ID,
-+ ALWAYS_TAILS_FORMATTING_ID,
-+ SMALL_FILE_FORMATTING_ID,
-+ LAST_TAIL_FORMATTING_ID
-+} reiser4_formatting_id;
-+
-+/* compression/clustering specific data */
-+typedef struct compression_data {
-+ reiser4_compression_id coa; /* id of the compression algorithm */
-+} compression_data_t;
-+
-+typedef __u8 cluster_data_t; /* cluster info */
-+
-+/* data type used to pack parameters that we pass to vfs object creation
-+ function create_object() */
-+struct reiser4_object_create_data {
-+ /* plugin to control created object */
-+ reiser4_file_id id;
-+ /* mode of regular file, directory or special file */
-+/* what happens if some other sort of perm plugin is in use? */
-+ int mode;
-+ /* rdev of special file */
-+ dev_t rdev;
-+ /* symlink target */
-+ const char *name;
-+ /* add here something for non-standard objects you invent, like
-+ query for interpolation file etc. */
-+
-+ crypto_stat_t * crypto;
-+ compression_data_t *compression;
-+ cluster_data_t *cluster;
-+
-+ struct inode *parent;
-+ struct dentry *dentry;
-+};
-+
-+/* description of directory entry being created/destroyed/sought for
-+
-+ It is passed down to the directory plugin and farther to the
-+ directory item plugin methods. Creation of new directory is done in
-+ several stages: first we search for an entry with the same name, then
-+ create new one. reiser4_dir_entry_desc is used to store some information
-+ collected at some stage of this process and required later: key of
-+ item that we want to insert/delete and pointer to an object that will
-+ be bound by the new directory entry. Probably some more fields will
-+ be added there.
-+
-+*/
-+struct reiser4_dir_entry_desc {
-+ /* key of directory entry */
-+ reiser4_key key;
-+ /* object bound by this entry. */
-+ struct inode *obj;
-+};
-+
-+#define MAX_PLUGIN_TYPE_LABEL_LEN 32
-+#define MAX_PLUGIN_PLUG_LABEL_LEN 32
-+
-+/* used for interface with user-land: table-driven parsing in
-+ reiser4(). */
-+typedef struct plugin_locator {
-+ reiser4_plugin_type type_id;
-+ reiser4_plugin_id id;
-+ char type_label[MAX_PLUGIN_TYPE_LABEL_LEN];
-+ char plug_label[MAX_PLUGIN_PLUG_LABEL_LEN];
-+} plugin_locator;
-+
-+extern int locate_plugin(struct inode *inode, plugin_locator * loc);
-+
-+
-+#define PLUGIN_BY_ID(TYPE,ID,FIELD) \
-+static inline TYPE *TYPE ## _by_id( reiser4_plugin_id id ) \
-+{ \
-+ reiser4_plugin *plugin = plugin_by_id ( ID, id ); \
-+ return plugin ? & plugin -> FIELD : NULL; \
-+} \
-+static inline TYPE *TYPE ## _by_disk_id( reiser4_tree *tree, d16 *id ) \
-+{ \
-+ reiser4_plugin *plugin = plugin_by_disk_id ( tree, ID, id ); \
-+ return plugin ? & plugin -> FIELD : NULL; \
-+} \
-+static inline TYPE *TYPE ## _by_unsafe_id( reiser4_plugin_id id ) \
-+{ \
-+ reiser4_plugin *plugin = plugin_by_unsafe_id ( ID, id ); \
-+ return plugin ? & plugin -> FIELD : NULL; \
-+} \
-+static inline reiser4_plugin* TYPE ## _to_plugin( TYPE* plugin ) \
-+{ \
-+ return ( reiser4_plugin * ) plugin; \
-+} \
-+static inline reiser4_plugin_id TYPE ## _id( TYPE* plugin ) \
-+{ \
-+ return TYPE ## _to_plugin (plugin) -> h.id; \
-+} \
-+typedef struct { int foo; } TYPE ## _plugin_dummy
-+
-+PLUGIN_BY_ID(item_plugin, REISER4_ITEM_PLUGIN_TYPE, item);
-+PLUGIN_BY_ID(file_plugin, REISER4_FILE_PLUGIN_TYPE, file);
-+PLUGIN_BY_ID(dir_plugin, REISER4_DIR_PLUGIN_TYPE, dir);
-+PLUGIN_BY_ID(node_plugin, REISER4_NODE_PLUGIN_TYPE, node);
-+PLUGIN_BY_ID(sd_ext_plugin, REISER4_SD_EXT_PLUGIN_TYPE, sd_ext);
-+PLUGIN_BY_ID(perm_plugin, REISER4_PERM_PLUGIN_TYPE, perm);
-+PLUGIN_BY_ID(hash_plugin, REISER4_HASH_PLUGIN_TYPE, hash);
-+PLUGIN_BY_ID(fibration_plugin, REISER4_FIBRATION_PLUGIN_TYPE, fibration);
-+PLUGIN_BY_ID(cipher_plugin, REISER4_CIPHER_PLUGIN_TYPE, cipher);
-+PLUGIN_BY_ID(digest_plugin, REISER4_DIGEST_PLUGIN_TYPE, digest);
-+PLUGIN_BY_ID(compression_plugin, REISER4_COMPRESSION_PLUGIN_TYPE, compression);
-+PLUGIN_BY_ID(formatting_plugin, REISER4_FORMATTING_PLUGIN_TYPE, formatting);
-+PLUGIN_BY_ID(disk_format_plugin, REISER4_FORMAT_PLUGIN_TYPE, format);
-+PLUGIN_BY_ID(jnode_plugin, REISER4_JNODE_PLUGIN_TYPE, jnode);
-+PLUGIN_BY_ID(compression_mode_plugin, REISER4_COMPRESSION_MODE_PLUGIN_TYPE,
-+ compression_mode);
-+PLUGIN_BY_ID(cluster_plugin, REISER4_CLUSTER_PLUGIN_TYPE, clust);
-+PLUGIN_BY_ID(regular_plugin, REISER4_REGULAR_PLUGIN_TYPE, regular);
-+
-+extern int save_plugin_id(reiser4_plugin * plugin, d16 * area);
-+
-+extern struct list_head *get_plugin_list(reiser4_plugin_type type_id);
-+
-+#define for_all_plugins(ptype, plugin) \
-+for (plugin = list_entry(get_plugin_list(ptype)->next, reiser4_plugin, h.linkage); \
-+ get_plugin_list(ptype) != &plugin->h.linkage; \
-+ plugin = list_entry(plugin->h.linkage.next, reiser4_plugin, h.linkage))
-+
-+
-+/* enumeration of fields within plugin_set */
-+typedef enum {
-+ PSET_FILE,
-+ PSET_DIR, /* PSET_FILE and PSET_DIR should be first elements:
-+ * inode.c:read_inode() depends on this. */
-+ PSET_PERM,
-+ PSET_FORMATTING,
-+ PSET_HASH,
-+ PSET_FIBRATION,
-+ PSET_SD,
-+ PSET_DIR_ITEM,
-+ PSET_CIPHER,
-+ PSET_DIGEST,
-+ PSET_COMPRESSION,
-+ PSET_COMPRESSION_MODE,
-+ PSET_CLUSTER,
-+ PSET_REGULAR_ENTRY,
-+ PSET_LAST
-+} pset_member;
-+
-+int grab_plugin(struct inode *self, struct inode *ancestor, pset_member memb);
-+int grab_plugin_from(struct inode *self, pset_member memb,
-+ reiser4_plugin * plug);
-+int force_plugin(struct inode *self, pset_member memb, reiser4_plugin * plug);
-+
-+/* defined in fs/reiser4/plugin/object.c */
-+extern file_plugin file_plugins[LAST_FILE_PLUGIN_ID];
-+/* defined in fs/reiser4/plugin/object.c */
-+extern dir_plugin dir_plugins[LAST_DIR_ID];
-+/* defined in fs/reiser4/plugin/item/static_stat.c */
-+extern sd_ext_plugin sd_ext_plugins[LAST_SD_EXTENSION];
-+/* defined in fs/reiser4/plugin/hash.c */
-+extern hash_plugin hash_plugins[LAST_HASH_ID];
-+/* defined in fs/reiser4/plugin/fibration.c */
-+extern fibration_plugin fibration_plugins[LAST_FIBRATION_ID];
-+/* defined in fs/reiser4/plugin/crypt.c */
-+extern cipher_plugin cipher_plugins[LAST_CIPHER_ID];
-+/* defined in fs/reiser4/plugin/digest.c */
-+extern digest_plugin digest_plugins[LAST_DIGEST_ID];
-+/* defined in fs/reiser4/plugin/compress/compress.c */
-+extern compression_plugin compression_plugins[LAST_COMPRESSION_ID];
-+/* defined in fs/reiser4/plugin/compress/compression_mode.c */
-+extern compression_mode_plugin
-+compression_mode_plugins[LAST_COMPRESSION_MODE_ID];
-+/* defined in fs/reiser4/plugin/cluster.c */
-+extern cluster_plugin cluster_plugins[LAST_CLUSTER_ID];
-+/* defined in fs/reiser4/plugin/regular.c */
-+extern regular_plugin regular_plugins[LAST_REGULAR_ID];
-+/* defined in fs/reiser4/plugin/tail.c */
-+extern formatting_plugin formatting_plugins[LAST_TAIL_FORMATTING_ID];
-+/* defined in fs/reiser4/plugin/security/security.c */
-+extern perm_plugin perm_plugins[LAST_PERM_ID];
-+/* defined in fs/reiser4/plugin/item/item.c */
-+extern item_plugin item_plugins[LAST_ITEM_ID];
-+/* defined in fs/reiser4/plugin/node/node.c */
-+extern node_plugin node_plugins[LAST_NODE_ID];
-+/* defined in fs/reiser4/plugin/disk_format/disk_format.c */
-+extern disk_format_plugin format_plugins[LAST_FORMAT_ID];
-+
-+/* __FS_REISER4_PLUGIN_TYPES_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/plugin_header.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/plugin_header.h
-@@ -0,0 +1,136 @@
-+/* Copyright 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* plugin header. Data structures required by all plugin types. */
-+
-+#if !defined( __PLUGIN_HEADER_H__ )
-+#define __PLUGIN_HEADER_H__
-+
-+/* plugin data-types and constants */
-+
-+#include "../debug.h"
-+#include "../dformat.h"
-+
-+typedef enum {
-+ REISER4_FILE_PLUGIN_TYPE,
-+ REISER4_DIR_PLUGIN_TYPE,
-+ REISER4_ITEM_PLUGIN_TYPE,
-+ REISER4_NODE_PLUGIN_TYPE,
-+ REISER4_HASH_PLUGIN_TYPE,
-+ REISER4_FIBRATION_PLUGIN_TYPE,
-+ REISER4_FORMATTING_PLUGIN_TYPE,
-+ REISER4_PERM_PLUGIN_TYPE,
-+ REISER4_SD_EXT_PLUGIN_TYPE,
-+ REISER4_FORMAT_PLUGIN_TYPE,
-+ REISER4_JNODE_PLUGIN_TYPE,
-+ REISER4_CIPHER_PLUGIN_TYPE,
-+ REISER4_DIGEST_PLUGIN_TYPE,
-+ REISER4_COMPRESSION_PLUGIN_TYPE,
-+ REISER4_COMPRESSION_MODE_PLUGIN_TYPE,
-+ REISER4_CLUSTER_PLUGIN_TYPE,
-+ REISER4_REGULAR_PLUGIN_TYPE,
-+ REISER4_PLUGIN_TYPES
-+} reiser4_plugin_type;
-+
-+struct reiser4_plugin_ops;
-+/* generic plugin operations, supported by each
-+ plugin type. */
-+typedef struct reiser4_plugin_ops reiser4_plugin_ops;
-+
-+/* the common part of all plugin instances. */
-+typedef struct plugin_header {
-+ /* plugin type */
-+ reiser4_plugin_type type_id;
-+ /* id of this plugin */
-+ reiser4_plugin_id id;
-+ /* plugin operations */
-+ reiser4_plugin_ops *pops;
-+/* NIKITA-FIXME-HANS: usage of and access to label and desc is not commented and defined. */
-+ /* short label of this plugin */
-+ const char *label;
-+ /* descriptive string.. */
-+ const char *desc;
-+ /* list linkage */
-+ struct list_head linkage;
-+} plugin_header;
-+
-+/* PRIVATE INTERFACES */
-+/* NIKITA-FIXME-HANS: what is this for and why does it duplicate what is in plugin_header? */
-+/* plugin type representation. */
-+typedef struct reiser4_plugin_type_data {
-+ /* internal plugin type identifier. Should coincide with
-+ index of this item in plugins[] array. */
-+ reiser4_plugin_type type_id;
-+ /* short symbolic label of this plugin type. Should be no longer
-+ than MAX_PLUGIN_TYPE_LABEL_LEN characters including '\0'. */
-+ const char *label;
-+ /* plugin type description longer than .label */
-+ const char *desc;
-+
-+/* NIKITA-FIXME-HANS: define built-in */
-+ /* number of built-in plugin instances of this type */
-+ int builtin_num;
-+ /* array of built-in plugins */
-+ void *builtin;
-+ struct list_head plugins_list;
-+ size_t size;
-+} reiser4_plugin_type_data;
-+
-+extern reiser4_plugin_type_data plugins[REISER4_PLUGIN_TYPES];
-+
-+int is_type_id_valid(reiser4_plugin_type type_id);
-+int is_plugin_id_valid(reiser4_plugin_type type_id, reiser4_plugin_id id);
-+
-+static inline reiser4_plugin *plugin_at(reiser4_plugin_type_data * ptype, int i)
-+{
-+ char *builtin;
-+
-+ builtin = ptype->builtin;
-+ return (reiser4_plugin *) (builtin + i * ptype->size);
-+}
-+
-+/* return plugin by its @type_id and @id */
-+static inline reiser4_plugin *plugin_by_id(reiser4_plugin_type type_id
-+ /* plugin type id */ ,
-+ reiser4_plugin_id id /* plugin id */
-+ )
-+{
-+ assert("nikita-1651", is_type_id_valid(type_id));
-+ assert("nikita-1652", is_plugin_id_valid(type_id, id));
-+ return plugin_at(&plugins[type_id], id);
-+}
-+
-+extern reiser4_plugin *plugin_by_unsafe_id(reiser4_plugin_type type_id,
-+ reiser4_plugin_id id);
-+
-+/**
-+ * plugin_by_disk_id - get reiser4_plugin
-+ * @type_id: plugin type id
-+ * @did: plugin id in disk format
-+ *
-+ * Returns reiser4_plugin by plugin type id an dplugin_id.
-+ */
-+static inline reiser4_plugin *plugin_by_disk_id(reiser4_tree * tree UNUSED_ARG,
-+ reiser4_plugin_type type_id,
-+ __le16 *plugin_id)
-+{
-+ /*
-+ * what we should do properly is to maintain within each file-system a
-+ * dictionary that maps on-disk plugin ids to "universal" ids. This
-+ * dictionary will be resolved on mount time, so that this function
-+ * will perform just one additional array lookup.
-+ */
-+ return plugin_by_unsafe_id(type_id, le16_to_cpu(*plugin_id));
-+}
-+
-+/* __PLUGIN_HEADER_H__ */
-+#endif
-+
-+/*
-+ * Local variables:
-+ * c-indentation-style: "K&R"
-+ * mode-name: "LC"
-+ * c-basic-offset: 8
-+ * tab-width: 8
-+ * fill-column: 79
-+ * End:
-+ */
-Index: linux-2.6.16/fs/reiser4/plugin/plugin_set.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/plugin_set.c
-@@ -0,0 +1,378 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+/* NIKITA-FIXME-HANS: you didn't discuss this with me before coding it did you? Remove plugin-sets from code by March 15th, 2004 */
-+/* plugin-sets */
-+
-+/*
-+ * Each inode comes with a whole set of plugins: file plugin, directory
-+ * plugin, hash plugin, tail policy plugin, security plugin, etc.
-+ *
-+ * Storing them (pointers to them, that is) in inode is a waste of
-+ * space. Especially, given that on average file system plugins of vast
-+ * majority of files will belong to few sets (e.g., one set for regular files,
-+ * another set for standard directory, etc.)
-+ *
-+ * Plugin set (pset) is an object containing pointers to all plugins required
-+ * by inode. Inode only stores a pointer to pset. psets are "interned", that
-+ * is, different inodes with the same set of plugins point to the same
-+ * pset. This is archived by storing psets in global hash table. Races are
-+ * avoided by simple (and efficient so far) solution of never recycling psets,
-+ * even when last inode pointing to it is destroyed.
-+ *
-+ */
-+
-+#include "../debug.h"
-+#include "../super.h"
-+#include "plugin_set.h"
-+
-+#include <linux/slab.h>
-+#include <linux/stddef.h>
-+
-+/* slab for plugin sets */
-+static kmem_cache_t *plugin_set_slab;
-+
-+static spinlock_t plugin_set_lock[8] __cacheline_aligned_in_smp = {
-+ [0 ... 7] = SPIN_LOCK_UNLOCKED
-+};
-+
-+/* hash table support */
-+
-+#define PS_TABLE_SIZE (32)
-+
-+static inline plugin_set *cast_to(const unsigned long *a)
-+{
-+ return container_of(a, plugin_set, hashval);
-+}
-+
-+static inline int pseq(const unsigned long *a1, const unsigned long *a2)
-+{
-+ plugin_set *set1;
-+ plugin_set *set2;
-+
-+ /* make sure fields are not missed in the code below */
-+ cassert(sizeof *set1 ==
-+ sizeof set1->hashval +
-+ sizeof set1->link +
-+ sizeof set1->file +
-+ sizeof set1->dir +
-+ sizeof set1->perm +
-+ sizeof set1->formatting +
-+ sizeof set1->hash +
-+ sizeof set1->fibration +
-+ sizeof set1->sd +
-+ sizeof set1->dir_item +
-+ sizeof set1->cipher +
-+ sizeof set1->digest +
-+ sizeof set1->compression +
-+ sizeof set1->compression_mode +
-+ sizeof set1->cluster + sizeof set1->regular_entry);
-+
-+ set1 = cast_to(a1);
-+ set2 = cast_to(a2);
-+ return
-+ set1->hashval == set2->hashval &&
-+ set1->file == set2->file &&
-+ set1->dir == set2->dir &&
-+ set1->perm == set2->perm &&
-+ set1->formatting == set2->formatting &&
-+ set1->hash == set2->hash &&
-+ set1->fibration == set2->fibration &&
-+ set1->sd == set2->sd &&
-+ set1->dir_item == set2->dir_item &&
-+ set1->cipher == set2->cipher &&
-+ set1->digest == set2->digest &&
-+ set1->compression == set2->compression &&
-+ set1->compression_mode == set2->compression_mode &&
-+ set1->cluster == set2->cluster &&
-+ set1->regular_entry == set2->regular_entry;
-+}
-+
-+#define HASH_FIELD(hash, set, field) \
-+({ \
-+ (hash) += (unsigned long)(set)->field >> 2; \
-+})
-+
-+static inline unsigned long calculate_hash(const plugin_set * set)
-+{
-+ unsigned long result;
-+
-+ result = 0;
-+ HASH_FIELD(result, set, file);
-+ HASH_FIELD(result, set, dir);
-+ HASH_FIELD(result, set, perm);
-+ HASH_FIELD(result, set, formatting);
-+ HASH_FIELD(result, set, hash);
-+ HASH_FIELD(result, set, fibration);
-+ HASH_FIELD(result, set, sd);
-+ HASH_FIELD(result, set, dir_item);
-+ HASH_FIELD(result, set, cipher);
-+ HASH_FIELD(result, set, digest);
-+ HASH_FIELD(result, set, compression);
-+ HASH_FIELD(result, set, compression_mode);
-+ HASH_FIELD(result, set, cluster);
-+ HASH_FIELD(result, set, regular_entry);
-+ return result & (PS_TABLE_SIZE - 1);
-+}
-+
-+static inline unsigned long
-+pshash(ps_hash_table * table, const unsigned long *a)
-+{
-+ return *a;
-+}
-+
-+/* The hash table definition */
-+#define KMALLOC(size) kmalloc((size), get_gfp_mask())
-+#define KFREE(ptr, size) kfree(ptr)
-+TYPE_SAFE_HASH_DEFINE(ps, plugin_set, unsigned long, hashval, link, pshash,
-+ pseq);
-+#undef KFREE
-+#undef KMALLOC
-+
-+static ps_hash_table ps_table;
-+static plugin_set empty_set = {
-+ .hashval = 0,
-+ .file = NULL,
-+ .dir = NULL,
-+ .perm = NULL,
-+ .formatting = NULL,
-+ .hash = NULL,
-+ .fibration = NULL,
-+ .sd = NULL,
-+ .dir_item = NULL,
-+ .cipher = NULL,
-+ .digest = NULL,
-+ .compression = NULL,
-+ .compression_mode = NULL,
-+ .cluster = NULL,
-+ .regular_entry = NULL,
-+ .link = {NULL}
-+};
-+
-+plugin_set *plugin_set_get_empty(void)
-+{
-+ return &empty_set;
-+}
-+
-+void plugin_set_put(plugin_set * set)
-+{
-+}
-+
-+static inline unsigned long *pset_field(plugin_set * set, int offset)
-+{
-+ return (unsigned long *)(((char *)set) + offset);
-+}
-+
-+static int plugin_set_field(plugin_set ** set, const unsigned long val,
-+ const int offset)
-+{
-+ unsigned long *spot;
-+ spinlock_t *lock;
-+ plugin_set replica;
-+ plugin_set *twin;
-+ plugin_set *psal;
-+ plugin_set *orig;
-+
-+ assert("nikita-2902", set != NULL);
-+ assert("nikita-2904", *set != NULL);
-+
-+ spot = pset_field(*set, offset);
-+ if (unlikely(*spot == val))
-+ return 0;
-+
-+ replica = *(orig = *set);
-+ *pset_field(&replica, offset) = val;
-+ replica.hashval = calculate_hash(&replica);
-+ rcu_read_lock();
-+ twin = ps_hash_find(&ps_table, &replica.hashval);
-+ if (unlikely(twin == NULL)) {
-+ rcu_read_unlock();
-+ psal = kmem_cache_alloc(plugin_set_slab, get_gfp_mask());
-+ if (psal == NULL)
-+ return RETERR(-ENOMEM);
-+ *psal = replica;
-+ lock = &plugin_set_lock[replica.hashval & 7];
-+ spin_lock(lock);
-+ twin = ps_hash_find(&ps_table, &replica.hashval);
-+ if (likely(twin == NULL)) {
-+ *set = psal;
-+ ps_hash_insert_rcu(&ps_table, psal);
-+ } else {
-+ *set = twin;
-+ kmem_cache_free(plugin_set_slab, psal);
-+ }
-+ spin_unlock(lock);
-+ } else {
-+ rcu_read_unlock();
-+ *set = twin;
-+ }
-+ return 0;
-+}
-+
-+static struct {
-+ int offset;
-+ reiser4_plugin_type type;
-+} pset_descr[PSET_LAST] = {
-+ [PSET_FILE] = {
-+ .offset = offsetof(plugin_set, file),
-+ .type = REISER4_FILE_PLUGIN_TYPE
-+ },
-+ [PSET_DIR] = {
-+ .offset = offsetof(plugin_set, dir),
-+ .type = REISER4_DIR_PLUGIN_TYPE
-+ },
-+ [PSET_PERM] = {
-+ .offset = offsetof(plugin_set, perm),
-+ .type = REISER4_PERM_PLUGIN_TYPE
-+ },
-+ [PSET_FORMATTING] = {
-+ .offset = offsetof(plugin_set, formatting),
-+ .type = REISER4_FORMATTING_PLUGIN_TYPE
-+ },
-+ [PSET_HASH] = {
-+ .offset = offsetof(plugin_set, hash),
-+ .type = REISER4_HASH_PLUGIN_TYPE
-+ },
-+ [PSET_FIBRATION] = {
-+ .offset = offsetof(plugin_set, fibration),
-+ .type = REISER4_FIBRATION_PLUGIN_TYPE
-+ },
-+ [PSET_SD] = {
-+ .offset = offsetof(plugin_set, sd),
-+ .type = REISER4_ITEM_PLUGIN_TYPE
-+ },
-+ [PSET_DIR_ITEM] = {
-+ .offset = offsetof(plugin_set, dir_item),
-+ .type = REISER4_ITEM_PLUGIN_TYPE
-+ },
-+ [PSET_CIPHER] = {
-+ .offset = offsetof(plugin_set, cipher),
-+ .type = REISER4_CIPHER_PLUGIN_TYPE
-+ },
-+ [PSET_DIGEST] = {
-+ .offset = offsetof(plugin_set, digest),
-+ .type = REISER4_DIGEST_PLUGIN_TYPE
-+ },
-+ [PSET_COMPRESSION] = {
-+ .offset = offsetof(plugin_set, compression),
-+ .type = REISER4_COMPRESSION_PLUGIN_TYPE
-+ },
-+ [PSET_COMPRESSION_MODE] = {
-+ .offset = offsetof(plugin_set, compression_mode),
-+ .type = REISER4_COMPRESSION_MODE_PLUGIN_TYPE
-+ },
-+ [PSET_CLUSTER] = {
-+ .offset = offsetof(plugin_set, cluster),
-+ .type = REISER4_CLUSTER_PLUGIN_TYPE
-+ },
-+ [PSET_REGULAR_ENTRY] = {
-+ .offset = offsetof(plugin_set, regular_entry),
-+ .type = REISER4_REGULAR_PLUGIN_TYPE
-+ }
-+};
-+
-+#if REISER4_DEBUG
-+static reiser4_plugin_type pset_member_to_type(pset_member memb)
-+{
-+ assert("nikita-3501", 0 <= memb && memb < PSET_LAST);
-+ return pset_descr[memb].type;
-+}
-+#endif
-+
-+reiser4_plugin_type pset_member_to_type_unsafe(pset_member memb)
-+{
-+ if (0 <= memb && memb < PSET_LAST)
-+ return pset_descr[memb].type;
-+ else
-+ return REISER4_PLUGIN_TYPES;
-+}
-+
-+int pset_set(plugin_set ** set, pset_member memb, reiser4_plugin * plugin)
-+{
-+ assert("nikita-3492", set != NULL);
-+ assert("nikita-3493", *set != NULL);
-+ assert("nikita-3494", plugin != NULL);
-+ assert("nikita-3495", 0 <= memb && memb < PSET_LAST);
-+ assert("nikita-3496", plugin->h.type_id == pset_member_to_type(memb));
-+
-+ return plugin_set_field(set,
-+ (unsigned long)plugin, pset_descr[memb].offset);
-+}
-+
-+reiser4_plugin *pset_get(plugin_set * set, pset_member memb)
-+{
-+ assert("nikita-3497", set != NULL);
-+ assert("nikita-3498", 0 <= memb && memb < PSET_LAST);
-+
-+ return *(reiser4_plugin **) (((char *)set) + pset_descr[memb].offset);
-+}
-+
-+#define DEFINE_PLUGIN_SET(type, field) \
-+int plugin_set_ ## field(plugin_set **set, type *val) \
-+{ \
-+ cassert(sizeof val == sizeof(unsigned long)); \
-+ return plugin_set_field(set, (unsigned long)val, \
-+ offsetof(plugin_set, field)); \
-+}
-+
-+DEFINE_PLUGIN_SET(file_plugin, file)
-+ DEFINE_PLUGIN_SET(dir_plugin, dir)
-+ DEFINE_PLUGIN_SET(formatting_plugin, formatting)
-+ DEFINE_PLUGIN_SET(hash_plugin, hash)
-+ DEFINE_PLUGIN_SET(fibration_plugin, fibration)
-+ DEFINE_PLUGIN_SET(item_plugin, sd)
-+ /* DEFINE_PLUGIN_SET(cipher_plugin, cipher) */
-+ /* DEFINE_PLUGIN_SET(digest_plugin, digest) */
-+ DEFINE_PLUGIN_SET(compression_plugin, compression)
-+ /* DEFINE_PLUGIN_SET(compression_mode_plugin, compression_mode) */
-+ DEFINE_PLUGIN_SET(cluster_plugin, cluster)
-+ /* DEFINE_PLUGIN_SET(regular_plugin, regular_entry) */
-+
-+
-+/**
-+ * init_plugin_set - create pset cache and hash table
-+ *
-+ * Initializes slab cache of plugin_set-s and their hash table. It is part of
-+ * reiser4 module initialization.
-+ */
-+int init_plugin_set(void)
-+{
-+ int result;
-+
-+ result = ps_hash_init(&ps_table, PS_TABLE_SIZE);
-+ if (result == 0) {
-+ plugin_set_slab = kmem_cache_create("plugin_set",
-+ sizeof(plugin_set), 0,
-+ SLAB_HWCACHE_ALIGN,
-+ NULL, NULL);
-+ if (plugin_set_slab == NULL)
-+ result = RETERR(-ENOMEM);
-+ }
-+ return result;
-+}
-+
-+/**
-+ * done_plugin_set - delete plugin_set cache and plugin_set hash table
-+ *
-+ * This is called on reiser4 module unloading or system shutdown.
-+ */
-+void done_plugin_set(void)
-+{
-+ plugin_set *cur, *next;
-+
-+ for_all_in_htable(&ps_table, ps, cur, next) {
-+ ps_hash_remove(&ps_table, cur);
-+ kmem_cache_free(plugin_set_slab, cur);
-+ }
-+ destroy_reiser4_cache(&plugin_set_slab);
-+ ps_hash_done(&ps_table);
-+}
-+
-+/*
-+ * Local variables:
-+ * c-indentation-style: "K&R"
-+ * mode-name: "LC"
-+ * c-basic-offset: 8
-+ * tab-width: 8
-+ * fill-column: 120
-+ * End:
-+ */
-Index: linux-2.6.16/fs/reiser4/plugin/plugin_set.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/plugin_set.h
-@@ -0,0 +1,83 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* plugin-sets. see fs/reiser4/plugin/plugin_set.c for details */
-+
-+#if !defined( __PLUGIN_SET_H__ )
-+#define __PLUGIN_SET_H__
-+
-+#include "../type_safe_hash.h"
-+#include "plugin.h"
-+
-+#include <linux/rcupdate.h>
-+
-+struct plugin_set;
-+typedef struct plugin_set plugin_set;
-+
-+TYPE_SAFE_HASH_DECLARE(ps, plugin_set);
-+
-+struct plugin_set {
-+ unsigned long hashval;
-+ /* plugin of file */
-+ file_plugin *file;
-+ /* plugin of dir */
-+ dir_plugin *dir;
-+ /* perm plugin for this file */
-+ perm_plugin *perm;
-+ /* tail policy plugin. Only meaningful for regular files */
-+ formatting_plugin *formatting;
-+ /* hash plugin. Only meaningful for directories. */
-+ hash_plugin *hash;
-+ /* fibration plugin. Only meaningful for directories. */
-+ fibration_plugin *fibration;
-+ /* plugin of stat-data */
-+ item_plugin *sd;
-+ /* plugin of items a directory is built of */
-+ item_plugin *dir_item;
-+ /* cipher plugin */
-+ cipher_plugin *cipher;
-+ /* digest plugin */
-+ digest_plugin *digest;
-+ /* compression plugin */
-+ compression_plugin *compression;
-+ /* compression mode plugin */
-+ compression_mode_plugin *compression_mode;
-+ /* cluster plugin */
-+ cluster_plugin *cluster;
-+ /* plugin of regular child should be created */
-+ regular_plugin *regular_entry;
-+ ps_hash_link link;
-+};
-+
-+extern plugin_set *plugin_set_get_empty(void);
-+extern void plugin_set_put(plugin_set * set);
-+
-+extern int plugin_set_file(plugin_set ** set, file_plugin * plug);
-+extern int plugin_set_dir(plugin_set ** set, dir_plugin * plug);
-+extern int plugin_set_formatting(plugin_set ** set, formatting_plugin * plug);
-+extern int plugin_set_hash(plugin_set ** set, hash_plugin * plug);
-+extern int plugin_set_fibration(plugin_set ** set, fibration_plugin * plug);
-+extern int plugin_set_sd(plugin_set ** set, item_plugin * plug);
-+extern int plugin_set_compression(plugin_set ** set, compression_plugin * plug);
-+extern int plugin_set_cluster(plugin_set ** set, cluster_plugin * plug);
-+
-+extern int init_plugin_set(void);
-+extern void done_plugin_set(void);
-+
-+extern int pset_set(plugin_set ** set, pset_member memb,
-+ reiser4_plugin * plugin);
-+extern reiser4_plugin *pset_get(plugin_set * set, pset_member memb);
-+
-+extern reiser4_plugin_type pset_member_to_type_unsafe(pset_member memb);
-+
-+/* __PLUGIN_SET_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/regular.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/regular.c
-@@ -0,0 +1,44 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* Contains Reiser4 regular plugins which:
-+ . specify a set of reiser4 regular object plugins,
-+ . used by directory plugin to create entries powered by specified
-+ regular plugins */
-+
-+#include "plugin.h"
-+
-+regular_plugin regular_plugins[LAST_REGULAR_ID] = {
-+ [UF_REGULAR_ID] = {
-+ .h = {
-+ .type_id = REISER4_REGULAR_PLUGIN_TYPE,
-+ .id = UF_REGULAR_ID,
-+ .pops = NULL,
-+ .label = "unixfile",
-+ .desc = "Unix file regular plugin",
-+ .linkage = {NULL, NULL}
-+ },
-+ .id = UNIX_FILE_PLUGIN_ID
-+ },
-+ [CRC_REGULAR_ID] = {
-+ .h = {
-+ .type_id = REISER4_REGULAR_PLUGIN_TYPE,
-+ .id = CRC_REGULAR_ID,
-+ .pops = NULL,
-+ .label = "cryptcompress",
-+ .desc = "Cryptcompress regular plugin",
-+ .linkage = {NULL, NULL}
-+ },
-+ .id = CRC_FILE_PLUGIN_ID
-+ }
-+};
-+
-+/*
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/security/Makefile
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/security/Makefile
-@@ -0,0 +1,4 @@
-+obj-$(CONFIG_REISER4_FS) += security_plugins.o
-+
-+security_plugins-objs := \
-+ perm.o
-Index: linux-2.6.16/fs/reiser4/plugin/security/perm.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/security/perm.c
-@@ -0,0 +1,44 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/*
-+ * this file contains implementation of permission plugins. Currently, only
-+ * RWX_PERM_ID is implemented
-+ */
-+
-+#include "../plugin.h"
-+#include "../plugin_header.h"
-+#include "../../debug.h"
-+
-+perm_plugin perm_plugins[LAST_PERM_ID] = {
-+ [NULL_PERM_ID] = {
-+ .h = {
-+ .type_id = REISER4_PERM_PLUGIN_TYPE,
-+ .id = NULL_PERM_ID,
-+ .pops = NULL,
-+ .label = "null",
-+ .desc = "stub permission plugin",
-+ .linkage = {NULL, NULL}
-+ },
-+ .read_ok = NULL,
-+ .write_ok = NULL,
-+ .lookup_ok = NULL,
-+ .create_ok = NULL,
-+ .link_ok = NULL,
-+ .unlink_ok = NULL,
-+ .delete_ok = NULL,
-+ .mask_ok = NULL,
-+ .setattr_ok = NULL,
-+ .getattr_ok = NULL,
-+ .rename_ok = NULL,
-+ }
-+};
-+
-+/*
-+ * Local variables:
-+ * c-indentation-style: "K&R"
-+ * mode-name: "LC"
-+ * c-basic-offset: 8
-+ * tab-width: 8
-+ * fill-column: 79
-+ * End:
-+ */
-Index: linux-2.6.16/fs/reiser4/plugin/security/perm.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/security/perm.h
-@@ -0,0 +1,82 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* Perm (short for "permissions") plugins common stuff. */
-+
-+#if !defined( __REISER4_PERM_H__ )
-+#define __REISER4_PERM_H__
-+
-+#include "../../forward.h"
-+#include "../plugin_header.h"
-+
-+#include <linux/types.h>
-+#include <linux/fs.h> /* for struct file */
-+#include <linux/dcache.h> /* for struct dentry */
-+
-+/* interface for perm plugin.
-+
-+ Perm plugin method can be implemented through:
-+
-+ 1. consulting ->i_mode bits in stat data
-+
-+ 2. obtaining acl from the tree and inspecting it
-+
-+ 3. asking some kernel module or user-level program to authorize access.
-+
-+ This allows for integration with things like capabilities, SELinux-style
-+ secutiry contexts, etc.
-+
-+*/
-+/* NIKITA-FIXME-HANS: define what this is targeted for. It does not seem to be intended for use with sys_reiser4. Explain. */
-+typedef struct perm_plugin {
-+ /* generic plugin fields */
-+ plugin_header h;
-+
-+ /* check permissions for read/write */
-+ int (*read_ok) (struct file *file, const char __user *buf,
-+ size_t size, loff_t *off);
-+ int (*write_ok) (struct file *file, const char __user *buf,
-+ size_t size, loff_t *off);
-+
-+ /* check permissions for lookup */
-+ int (*lookup_ok) (struct inode * parent, struct dentry * dentry);
-+
-+ /* check permissions for create */
-+ int (*create_ok) (struct inode * parent, struct dentry * dentry,
-+ reiser4_object_create_data * data);
-+
-+ /* check permissions for linking @where to @existing */
-+ int (*link_ok) (struct dentry * existing, struct inode * parent,
-+ struct dentry * where);
-+
-+ /* check permissions for unlinking @victim from @parent */
-+ int (*unlink_ok) (struct inode * parent, struct dentry * victim);
-+
-+ /* check permissions for deletion of @object whose last reference is
-+ by @parent */
-+ int (*delete_ok) (struct inode * parent, struct dentry * victim);
-+ int (*mask_ok) (struct inode * inode, int mask);
-+ /* check whether attribute change is acceptable */
-+ int (*setattr_ok) (struct dentry * dentry, struct iattr * attr);
-+
-+ /* check whether stat(2) is allowed */
-+ int (*getattr_ok) (struct vfsmount * mnt UNUSED_ARG,
-+ struct dentry * dentry, struct kstat * stat);
-+ /* check whether rename(2) is allowed */
-+ int (*rename_ok) (struct inode * old_dir, struct dentry * old,
-+ struct inode * new_dir, struct dentry * new);
-+} perm_plugin;
-+
-+typedef enum { NULL_PERM_ID, LAST_PERM_ID } reiser4_perm_id;
-+
-+/* __REISER4_PERM_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/space/Makefile
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/space/Makefile
-@@ -0,0 +1,4 @@
-+obj-$(CONFIG_REISER4_FS) += space_plugins.o
-+
-+space_plugins-objs := \
-+ bitmap.o
-Index: linux-2.6.16/fs/reiser4/plugin/space/bitmap.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/space/bitmap.c
-@@ -0,0 +1,1592 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+#include "../../debug.h"
-+#include "../../dformat.h"
-+#include "../../txnmgr.h"
-+#include "../../jnode.h"
-+#include "../../block_alloc.h"
-+#include "../../tree.h"
-+#include "../../super.h"
-+#include "../plugin.h"
-+#include "space_allocator.h"
-+#include "bitmap.h"
-+
-+#include <linux/types.h>
-+#include <linux/fs.h> /* for struct super_block */
-+#include <asm/semaphore.h>
-+#include <linux/vmalloc.h>
-+#include <asm/div64.h>
-+
-+/* Proposed (but discarded) optimization: dynamic loading/unloading of bitmap
-+ * blocks
-+
-+ A useful optimization of reiser4 bitmap handling would be dynamic bitmap
-+ blocks loading/unloading which is different from v3.x where all bitmap
-+ blocks are loaded at mount time.
-+
-+ To implement bitmap blocks unloading we need to count bitmap block usage
-+ and detect currently unused blocks allowing them to be unloaded. It is not
-+ a simple task since we allow several threads to modify one bitmap block
-+ simultaneously.
-+
-+ Briefly speaking, the following schema is proposed: we count in special
-+ variable associated with each bitmap block. That is for counting of block
-+ alloc/dealloc operations on that bitmap block. With a deferred block
-+ deallocation feature of reiser4 all those operation will be represented in
-+ atom dirty/deleted lists as jnodes for freshly allocated or deleted
-+ nodes.
-+
-+ So, we increment usage counter for each new node allocated or deleted, and
-+ decrement it at atom commit one time for each node from the dirty/deleted
-+ atom's list. Of course, freshly allocated node deletion and node reusing
-+ from atom deleted (if we do so) list should decrement bitmap usage counter
-+ also.
-+
-+ This schema seems to be working but that reference counting is
-+ not easy to debug. I think we should agree with Hans and do not implement
-+ it in v4.0. Current code implements "on-demand" bitmap blocks loading only.
-+
-+ For simplicity all bitmap nodes (both commit and working bitmap blocks) are
-+ loaded into memory on fs mount time or each bitmap nodes are loaded at the
-+ first access to it, the "dont_load_bitmap" mount option controls whether
-+ bimtap nodes should be loaded at mount time. Dynamic unloading of bitmap
-+ nodes currently is not supported. */
-+
-+#define CHECKSUM_SIZE 4
-+
-+#define BYTES_PER_LONG (sizeof(long))
-+
-+#if BITS_PER_LONG == 64
-+# define LONG_INT_SHIFT (6)
-+#else
-+# define LONG_INT_SHIFT (5)
-+#endif
-+
-+#define LONG_INT_MASK (BITS_PER_LONG - 1UL)
-+
-+typedef unsigned long ulong_t;
-+
-+#define bmap_size(blocksize) ((blocksize) - CHECKSUM_SIZE)
-+#define bmap_bit_count(blocksize) (bmap_size(blocksize) << 3)
-+
-+/* Block allocation/deallocation are done through special bitmap objects which
-+ are allocated in an array at fs mount. */
-+struct bitmap_node {
-+ struct semaphore sema; /* long term lock object */
-+
-+ jnode *wjnode; /* j-nodes for WORKING ... */
-+ jnode *cjnode; /* ... and COMMIT bitmap blocks */
-+
-+ bmap_off_t first_zero_bit; /* for skip_busy option implementation */
-+
-+ atomic_t loaded; /* a flag which shows that bnode is loaded
-+ * already */
-+};
-+
-+static inline char *bnode_working_data(struct bitmap_node *bnode)
-+{
-+ char *data;
-+
-+ data = jdata(bnode->wjnode);
-+ assert("zam-429", data != NULL);
-+
-+ return data + CHECKSUM_SIZE;
-+}
-+
-+static inline char *bnode_commit_data(const struct bitmap_node *bnode)
-+{
-+ char *data;
-+
-+ data = jdata(bnode->cjnode);
-+ assert("zam-430", data != NULL);
-+
-+ return data + CHECKSUM_SIZE;
-+}
-+
-+static inline __u32 bnode_commit_crc(const struct bitmap_node *bnode)
-+{
-+ char *data;
-+
-+ data = jdata(bnode->cjnode);
-+ assert("vpf-261", data != NULL);
-+
-+ return le32_to_cpu(get_unaligned((d32 *)data));
-+}
-+
-+static inline void bnode_set_commit_crc(struct bitmap_node *bnode, __u32 crc)
-+{
-+ char *data;
-+
-+ data = jdata(bnode->cjnode);
-+ assert("vpf-261", data != NULL);
-+
-+ put_unaligned(cpu_to_le32(crc), (d32 *)data);
-+}
-+
-+/* ZAM-FIXME-HANS: is the idea that this might be a union someday? having
-+ * written the code, does this added abstraction still have */
-+/* ANSWER(Zam): No, the abstractions is in the level above (exact place is the
-+ * reiser4_space_allocator structure) */
-+/* ZAM-FIXME-HANS: I don't understand your english in comment above. */
-+/* FIXME-HANS(Zam): I don't understand the questions like "might be a union
-+ * someday?". What they about? If there is a reason to have a union, it should
-+ * be a union, if not, it should not be a union. "..might be someday" means no
-+ * reason. */
-+struct bitmap_allocator_data {
-+ /* an array for bitmap blocks direct access */
-+ struct bitmap_node *bitmap;
-+};
-+
-+#define get_barray(super) \
-+(((struct bitmap_allocator_data *)(get_super_private(super)->space_allocator.u.generic)) -> bitmap)
-+
-+#define get_bnode(super, i) (get_barray(super) + i)
-+
-+/* allocate and initialize jnode with JNODE_BITMAP type */
-+static jnode *bnew(void)
-+{
-+ jnode *jal = jalloc();
-+
-+ if (jal)
-+ jnode_init(jal, current_tree, JNODE_BITMAP);
-+
-+ return jal;
-+}
-+
-+/* this file contains:
-+ - bitmap based implementation of space allocation plugin
-+ - all the helper functions like set bit, find_first_zero_bit, etc */
-+
-+/* Audited by: green(2002.06.12) */
-+static int find_next_zero_bit_in_word(ulong_t word, int start_bit)
-+{
-+ ulong_t mask = 1UL << start_bit;
-+ int i = start_bit;
-+
-+ while ((word & mask) != 0) {
-+ mask <<= 1;
-+ if (++i >= BITS_PER_LONG)
-+ break;
-+ }
-+
-+ return i;
-+}
-+
-+#include <asm/bitops.h>
-+
-+#if BITS_PER_LONG == 64
-+
-+#define OFF(addr) (((ulong_t)(addr) & (BYTES_PER_LONG - 1)) << 3)
-+#define BASE(addr) ((ulong_t*) ((ulong_t)(addr) & ~(BYTES_PER_LONG - 1)))
-+
-+static inline void reiser4_set_bit(int nr, void *addr)
-+{
-+ ext2_set_bit(nr + OFF(addr), BASE(addr));
-+}
-+
-+static inline void reiser4_clear_bit(int nr, void *addr)
-+{
-+ ext2_clear_bit(nr + OFF(addr), BASE(addr));
-+}
-+
-+static inline int reiser4_test_bit(int nr, void *addr)
-+{
-+ return ext2_test_bit(nr + OFF(addr), BASE(addr));
-+}
-+static inline int reiser4_find_next_zero_bit(void *addr, int maxoffset,
-+ int offset)
-+{
-+ int off = OFF(addr);
-+
-+ return ext2_find_next_zero_bit(BASE(addr), maxoffset + off,
-+ offset + off) - off;
-+}
-+
-+#else
-+
-+#define reiser4_set_bit(nr, addr) ext2_set_bit(nr, addr)
-+#define reiser4_clear_bit(nr, addr) ext2_clear_bit(nr, addr)
-+#define reiser4_test_bit(nr, addr) ext2_test_bit(nr, addr)
-+
-+#define reiser4_find_next_zero_bit(addr, maxoffset, offset) \
-+ext2_find_next_zero_bit(addr, maxoffset, offset)
-+#endif
-+
-+/* Search for a set bit in the bit array [@start_offset, @max_offset[, offsets
-+ * are counted from @addr, return the offset of the first bit if it is found,
-+ * @maxoffset otherwise. */
-+static bmap_off_t __reiser4_find_next_set_bit(void *addr, bmap_off_t max_offset,
-+ bmap_off_t start_offset)
-+{
-+ ulong_t *base = addr;
-+ /* start_offset is in bits, convert it to byte offset within bitmap. */
-+ int word_nr = start_offset >> LONG_INT_SHIFT;
-+ /* bit number within the byte. */
-+ int bit_nr = start_offset & LONG_INT_MASK;
-+ int max_word_nr = (max_offset - 1) >> LONG_INT_SHIFT;
-+
-+ assert("zam-387", max_offset != 0);
-+
-+ /* Unaligned @start_offset case. */
-+ if (bit_nr != 0) {
-+ bmap_nr_t nr;
-+
-+ nr = find_next_zero_bit_in_word(~(base[word_nr]), bit_nr);
-+
-+ if (nr < BITS_PER_LONG)
-+ return (word_nr << LONG_INT_SHIFT) + nr;
-+
-+ ++word_nr;
-+ }
-+
-+ /* Fast scan trough aligned words. */
-+ while (word_nr <= max_word_nr) {
-+ if (base[word_nr] != 0) {
-+ return (word_nr << LONG_INT_SHIFT)
-+ + find_next_zero_bit_in_word(~(base[word_nr]), 0);
-+ }
-+
-+ ++word_nr;
-+ }
-+
-+ return max_offset;
-+}
-+
-+#if BITS_PER_LONG == 64
-+
-+static bmap_off_t reiser4_find_next_set_bit(void *addr, bmap_off_t max_offset,
-+ bmap_off_t start_offset)
-+{
-+ bmap_off_t off = OFF(addr);
-+
-+ return __reiser4_find_next_set_bit(BASE(addr), max_offset + off,
-+ start_offset + off) - off;
-+}
-+
-+#else
-+#define reiser4_find_next_set_bit(addr, max_offset, start_offset) \
-+ __reiser4_find_next_set_bit(addr, max_offset, start_offset)
-+#endif
-+
-+/* search for the first set bit in single word. */
-+static int find_last_set_bit_in_word(ulong_t word, int start_bit)
-+{
-+ ulong_t bit_mask;
-+ int nr = start_bit;
-+
-+ assert("zam-965", start_bit < BITS_PER_LONG);
-+ assert("zam-966", start_bit >= 0);
-+
-+ bit_mask = (1UL << nr);
-+
-+ while (bit_mask != 0) {
-+ if (bit_mask & word)
-+ return nr;
-+ bit_mask >>= 1;
-+ nr--;
-+ }
-+ return BITS_PER_LONG;
-+}
-+
-+/* Search bitmap for a set bit in backward direction from the end to the
-+ * beginning of given region
-+ *
-+ * @result: result offset of the last set bit
-+ * @addr: base memory address,
-+ * @low_off: low end of the search region, edge bit included into the region,
-+ * @high_off: high end of the search region, edge bit included into the region,
-+ *
-+ * @return: 0 - set bit was found, -1 otherwise.
-+ */
-+static int
-+reiser4_find_last_set_bit(bmap_off_t * result, void *addr, bmap_off_t low_off,
-+ bmap_off_t high_off)
-+{
-+ ulong_t *base = addr;
-+ int last_word;
-+ int first_word;
-+ int last_bit;
-+ int nr;
-+
-+ assert("zam-961", high_off >= 0);
-+ assert("zam-962", high_off >= low_off);
-+
-+ last_word = high_off >> LONG_INT_SHIFT;
-+ last_bit = high_off & LONG_INT_MASK;
-+ first_word = low_off >> LONG_INT_SHIFT;
-+
-+ if (last_bit < BITS_PER_LONG) {
-+ nr = find_last_set_bit_in_word(base[last_word], last_bit);
-+ if (nr < BITS_PER_LONG) {
-+ *result = (last_word << LONG_INT_SHIFT) + nr;
-+ return 0;
-+ }
-+ --last_word;
-+ }
-+ while (last_word >= first_word) {
-+ if (base[last_word] != 0x0) {
-+ last_bit =
-+ find_last_set_bit_in_word(base[last_word],
-+ BITS_PER_LONG - 1);
-+ assert("zam-972", last_bit < BITS_PER_LONG);
-+ *result = (last_word << LONG_INT_SHIFT) + last_bit;
-+ return 0;
-+ }
-+ --last_word;
-+ }
-+
-+ return -1; /* set bit not found */
-+}
-+
-+/* Search bitmap for a clear bit in backward direction from the end to the
-+ * beginning of given region */
-+static int
-+reiser4_find_last_zero_bit(bmap_off_t * result, void *addr, bmap_off_t low_off,
-+ bmap_off_t high_off)
-+{
-+ ulong_t *base = addr;
-+ int last_word;
-+ int first_word;
-+ int last_bit;
-+ int nr;
-+
-+ last_word = high_off >> LONG_INT_SHIFT;
-+ last_bit = high_off & LONG_INT_MASK;
-+ first_word = low_off >> LONG_INT_SHIFT;
-+
-+ if (last_bit < BITS_PER_LONG) {
-+ nr = find_last_set_bit_in_word(~base[last_word], last_bit);
-+ if (nr < BITS_PER_LONG) {
-+ *result = (last_word << LONG_INT_SHIFT) + nr;
-+ return 0;
-+ }
-+ --last_word;
-+ }
-+ while (last_word >= first_word) {
-+ if (base[last_word] != (ulong_t) (-1)) {
-+ *result = (last_word << LONG_INT_SHIFT) +
-+ find_last_set_bit_in_word(~base[last_word],
-+ BITS_PER_LONG - 1);
-+ return 0;
-+ }
-+ --last_word;
-+ }
-+
-+ return -1; /* zero bit not found */
-+}
-+
-+/* Audited by: green(2002.06.12) */
-+static void reiser4_clear_bits(char *addr, bmap_off_t start, bmap_off_t end)
-+{
-+ int first_byte;
-+ int last_byte;
-+
-+ unsigned char first_byte_mask = 0xFF;
-+ unsigned char last_byte_mask = 0xFF;
-+
-+ assert("zam-410", start < end);
-+
-+ first_byte = start >> 3;
-+ last_byte = (end - 1) >> 3;
-+
-+ if (last_byte > first_byte + 1)
-+ memset(addr + first_byte + 1, 0,
-+ (size_t) (last_byte - first_byte - 1));
-+
-+ first_byte_mask >>= 8 - (start & 0x7);
-+ last_byte_mask <<= ((end - 1) & 0x7) + 1;
-+
-+ if (first_byte == last_byte) {
-+ addr[first_byte] &= (first_byte_mask | last_byte_mask);
-+ } else {
-+ addr[first_byte] &= first_byte_mask;
-+ addr[last_byte] &= last_byte_mask;
-+ }
-+}
-+
-+/* Audited by: green(2002.06.12) */
-+/* ZAM-FIXME-HANS: comment this */
-+static void reiser4_set_bits(char *addr, bmap_off_t start, bmap_off_t end)
-+{
-+ int first_byte;
-+ int last_byte;
-+
-+ unsigned char first_byte_mask = 0xFF;
-+ unsigned char last_byte_mask = 0xFF;
-+
-+ assert("zam-386", start < end);
-+
-+ first_byte = start >> 3;
-+ last_byte = (end - 1) >> 3;
-+
-+ if (last_byte > first_byte + 1)
-+ memset(addr + first_byte + 1, 0xFF,
-+ (size_t) (last_byte - first_byte - 1));
-+
-+ first_byte_mask <<= start & 0x7;
-+ last_byte_mask >>= 7 - ((end - 1) & 0x7);
-+
-+ if (first_byte == last_byte) {
-+ addr[first_byte] |= (first_byte_mask & last_byte_mask);
-+ } else {
-+ addr[first_byte] |= first_byte_mask;
-+ addr[last_byte] |= last_byte_mask;
-+ }
-+}
-+
-+#define ADLER_BASE 65521
-+#define ADLER_NMAX 5552
-+
-+/* Calculates the adler32 checksum for the data pointed by `data` of the
-+ length `len`. This function was originally taken from zlib, version 1.1.3,
-+ July 9th, 1998.
-+
-+ Copyright (C) 1995-1998 Jean-loup Gailly and Mark Adler
-+
-+ This software is provided 'as-is', without any express or implied
-+ warranty. In no event will the authors be held liable for any damages
-+ arising from the use of this software.
-+
-+ Permission is granted to anyone to use this software for any purpose,
-+ including commercial applications, and to alter it and redistribute it
-+ freely, subject to the following restrictions:
-+
-+ 1. The origin of this software must not be misrepresented; you must not
-+ claim that you wrote the original software. If you use this software
-+ in a product, an acknowledgment in the product documentation would be
-+ appreciated but is not required.
-+ 2. Altered source versions must be plainly marked as such, and must not be
-+ misrepresented as being the original software.
-+ 3. This notice may not be removed or altered from any source distribution.
-+
-+ Jean-loup Gailly Mark Adler
-+ jloup@gzip.org madler@alumni.caltech.edu
-+
-+ The above comment applies only to the reiser4_adler32 function.
-+*/
-+
-+__u32 reiser4_adler32(char *data, __u32 len)
-+{
-+ unsigned char *t = data;
-+ __u32 s1 = 1;
-+ __u32 s2 = 0;
-+ int k;
-+
-+ while (len > 0) {
-+ k = len < ADLER_NMAX ? len : ADLER_NMAX;
-+ len -= k;
-+
-+ while (k--) {
-+ s1 += *t++;
-+ s2 += s1;
-+ }
-+
-+ s1 %= ADLER_BASE;
-+ s2 %= ADLER_BASE;
-+ }
-+ return (s2 << 16) | s1;
-+}
-+
-+#define sb_by_bnode(bnode) \
-+ ((struct super_block *)jnode_get_tree(bnode->wjnode)->super)
-+
-+static __u32 bnode_calc_crc(const struct bitmap_node *bnode, unsigned long size)
-+{
-+ return reiser4_adler32(bnode_commit_data(bnode), bmap_size(size));
-+}
-+
-+static int
-+bnode_check_adler32(const struct bitmap_node *bnode, unsigned long size)
-+{
-+ if (bnode_calc_crc(bnode, size) != bnode_commit_crc(bnode)) {
-+ bmap_nr_t bmap;
-+
-+ bmap = bnode - get_bnode(sb_by_bnode(bnode), 0);
-+
-+ warning("vpf-263",
-+ "Checksum for the bitmap block %llu is incorrect",
-+ bmap);
-+
-+ return RETERR(-EIO);
-+ }
-+
-+ return 0;
-+}
-+
-+#define REISER4_CHECK_BMAP_CRC (0)
-+
-+#if REISER4_CHECK_BMAP_CRC
-+static int bnode_check_crc(const struct bitmap_node *bnode)
-+{
-+ return bnode_check_adler32(bnode,
-+ bmap_size(sb_by_bnode(bnode)->s_blocksize));
-+}
-+
-+/* REISER4_CHECK_BMAP_CRC */
-+#else
-+
-+#define bnode_check_crc(bnode) (0)
-+
-+/* REISER4_CHECK_BMAP_CRC */
-+#endif
-+
-+/* Recalculates the adler32 checksum for only 1 byte change.
-+ adler - previous adler checksum
-+ old_data, data - old, new byte values.
-+ tail == (chunk - offset) : length, checksum was calculated for, - offset of
-+ the changed byte within this chunk.
-+ This function can be used for checksum calculation optimisation.
-+*/
-+
-+static __u32
-+adler32_recalc(__u32 adler, unsigned char old_data, unsigned char data,
-+ __u32 tail)
-+{
-+ __u32 delta = data - old_data + 2 * ADLER_BASE;
-+ __u32 s1 = adler & 0xffff;
-+ __u32 s2 = (adler >> 16) & 0xffff;
-+
-+ s1 = (delta + s1) % ADLER_BASE;
-+ s2 = (delta * tail + s2) % ADLER_BASE;
-+
-+ return (s2 << 16) | s1;
-+}
-+
-+#define LIMIT(val, boundary) ((val) > (boundary) ? (boundary) : (val))
-+
-+/**
-+ * get_nr_bitmap - calculate number of bitmap blocks
-+ * @super: super block with initialized blocksize and block count
-+ *
-+ * Calculates number of bitmap blocks of a filesystem which uses bitmaps to
-+ * maintain free disk space. It assumes that each bitmap addresses the same
-+ * number of blocks which is calculated by bmap_block_count macro defined in
-+ * above. Number of blocks in the filesystem has to be initialized in reiser4
-+ * private data of super block already so that it can be obtained via
-+ * reiser4_block_count(). Unfortunately, number of blocks addressed by a bitmap
-+ * is not power of 2 because 4 bytes are used for checksum. Therefore, we have
-+ * to use special function to divide and modulo 64bits filesystem block
-+ * counters.
-+ *
-+ * Example: suppose filesystem have 32768 blocks. Blocksize is 4096. Each bitmap
-+ * block addresses (4096 - 4) * 8 = 32736 blocks. Number of bitmaps to address
-+ * all 32768 blocks is calculated as (32768 - 1) / 32736 + 1 = 2.
-+ */
-+static bmap_nr_t get_nr_bmap(const struct super_block *super)
-+{
-+ u64 quotient;
-+
-+ assert("zam-393", reiser4_block_count(super) != 0);
-+
-+ quotient = reiser4_block_count(super) - 1;
-+ do_div(quotient, bmap_bit_count(super->s_blocksize));
-+ return quotient + 1;
-+}
-+
-+/**
-+ * parse_blocknr - calculate bitmap number and offset in it by block number
-+ * @block: pointer to block number to calculate location in bitmap of
-+ * @bmap: pointer where to store bitmap block number
-+ * @offset: pointer where to store offset within bitmap block
-+ *
-+ * Calculates location of bit which is responsible for allocation/freeing of
-+ * block @*block. That location is represented by bitmap block number and offset
-+ * within that bitmap block.
-+ */
-+static void
-+parse_blocknr(const reiser4_block_nr *block, bmap_nr_t *bmap,
-+ bmap_off_t *offset)
-+{
-+ struct super_block *super = get_current_context()->super;
-+ u64 quotient = *block;
-+
-+ *offset = do_div(quotient, bmap_bit_count(super->s_blocksize));
-+ *bmap = quotient;
-+
-+ assert("zam-433", *bmap < get_nr_bmap(super));
-+ assert("", *offset < bmap_bit_count(super->s_blocksize));
-+}
-+
-+#if REISER4_DEBUG
-+/* Audited by: green(2002.06.12) */
-+static void
-+check_block_range(const reiser4_block_nr * start, const reiser4_block_nr * len)
-+{
-+ struct super_block *sb = reiser4_get_current_sb();
-+
-+ assert("zam-436", sb != NULL);
-+
-+ assert("zam-455", start != NULL);
-+ assert("zam-437", *start != 0);
-+ assert("zam-541", !blocknr_is_fake(start));
-+ assert("zam-441", *start < reiser4_block_count(sb));
-+
-+ if (len != NULL) {
-+ assert("zam-438", *len != 0);
-+ assert("zam-442", *start + *len <= reiser4_block_count(sb));
-+ }
-+}
-+
-+static void check_bnode_loaded(const struct bitmap_node *bnode)
-+{
-+ assert("zam-485", bnode != NULL);
-+ assert("zam-483", jnode_page(bnode->wjnode) != NULL);
-+ assert("zam-484", jnode_page(bnode->cjnode) != NULL);
-+ assert("nikita-2820", jnode_is_loaded(bnode->wjnode));
-+ assert("nikita-2821", jnode_is_loaded(bnode->cjnode));
-+}
-+
-+#else
-+
-+# define check_block_range(start, len) do { /* nothing */} while(0)
-+# define check_bnode_loaded(bnode) do { /* nothing */} while(0)
-+
-+#endif
-+
-+/* modify bnode->first_zero_bit (if we free bits before); bnode should be
-+ spin-locked */
-+static inline void
-+adjust_first_zero_bit(struct bitmap_node *bnode, bmap_off_t offset)
-+{
-+ if (offset < bnode->first_zero_bit)
-+ bnode->first_zero_bit = offset;
-+}
-+
-+/* return a physical disk address for logical bitmap number @bmap */
-+/* FIXME-VS: this is somehow related to disk layout? */
-+/* ZAM-FIXME-HANS: your answer is? Use not more than one function dereference
-+ * per block allocation so that performance is not affected. Probably this
-+ * whole file should be considered part of the disk layout plugin, and other
-+ * disk layouts can use other defines and efficiency will not be significantly
-+ * affected. */
-+
-+#define REISER4_FIRST_BITMAP_BLOCK \
-+ ((REISER4_MASTER_OFFSET / PAGE_CACHE_SIZE) + 2)
-+
-+/* Audited by: green(2002.06.12) */
-+static void
-+get_bitmap_blocknr(struct super_block *super, bmap_nr_t bmap,
-+ reiser4_block_nr * bnr)
-+{
-+
-+ assert("zam-390", bmap < get_nr_bmap(super));
-+
-+#ifdef CONFIG_REISER4_BADBLOCKS
-+#define BITMAP_PLUGIN_DISKMAP_ID ((0xc0e1<<16) | (0xe0ff))
-+ /* Check if the diskmap have this already, first. */
-+ if (reiser4_get_diskmap_value(BITMAP_PLUGIN_DISKMAP_ID, bmap, bnr) == 0)
-+ return; /* Found it in diskmap */
-+#endif
-+ /* FIXME_ZAM: before discussing of disk layouts and disk format
-+ plugins I implement bitmap location scheme which is close to scheme
-+ used in reiser 3.6 */
-+ if (bmap == 0) {
-+ *bnr = REISER4_FIRST_BITMAP_BLOCK;
-+ } else {
-+ *bnr = bmap * bmap_bit_count(super->s_blocksize);
-+ }
-+}
-+
-+/* construct a fake block number for shadow bitmap (WORKING BITMAP) block */
-+/* Audited by: green(2002.06.12) */
-+static void get_working_bitmap_blocknr(bmap_nr_t bmap, reiser4_block_nr * bnr)
-+{
-+ *bnr =
-+ (reiser4_block_nr) ((bmap & ~REISER4_BLOCKNR_STATUS_BIT_MASK) |
-+ REISER4_BITMAP_BLOCKS_STATUS_VALUE);
-+}
-+
-+/* bnode structure initialization */
-+static void
-+init_bnode(struct bitmap_node *bnode,
-+ struct super_block *super UNUSED_ARG, bmap_nr_t bmap UNUSED_ARG)
-+{
-+ memset(bnode, 0, sizeof(struct bitmap_node));
-+
-+ sema_init(&bnode->sema, 1);
-+ atomic_set(&bnode->loaded, 0);
-+}
-+
-+static void release(jnode * node)
-+{
-+ jrelse(node);
-+ JF_SET(node, JNODE_HEARD_BANSHEE);
-+ jput(node);
-+}
-+
-+/* This function is for internal bitmap.c use because it assumes that jnode is
-+ in under full control of this thread */
-+static void done_bnode(struct bitmap_node *bnode)
-+{
-+ if (bnode) {
-+ atomic_set(&bnode->loaded, 0);
-+ if (bnode->wjnode != NULL)
-+ release(bnode->wjnode);
-+ if (bnode->cjnode != NULL)
-+ release(bnode->cjnode);
-+ bnode->wjnode = bnode->cjnode = NULL;
-+ }
-+}
-+
-+/* ZAM-FIXME-HANS: comment this. Called only by load_and_lock_bnode()*/
-+static int
-+prepare_bnode(struct bitmap_node *bnode, jnode ** cjnode_ret,
-+ jnode ** wjnode_ret)
-+{
-+ struct super_block *super;
-+ jnode *cjnode;
-+ jnode *wjnode;
-+ bmap_nr_t bmap;
-+ int ret;
-+
-+ super = reiser4_get_current_sb();
-+
-+ *wjnode_ret = wjnode = bnew();
-+ if (wjnode == NULL) {
-+ *cjnode_ret = NULL;
-+ return RETERR(-ENOMEM);
-+ }
-+
-+ *cjnode_ret = cjnode = bnew();
-+ if (cjnode == NULL)
-+ return RETERR(-ENOMEM);
-+
-+ bmap = bnode - get_bnode(super, 0);
-+
-+ get_working_bitmap_blocknr(bmap, &wjnode->blocknr);
-+ get_bitmap_blocknr(super, bmap, &cjnode->blocknr);
-+
-+ jref(cjnode);
-+ jref(wjnode);
-+
-+ /* load commit bitmap */
-+ ret = jload_gfp(cjnode, GFP_NOFS, 1);
-+
-+ if (ret)
-+ goto error;
-+
-+ /* allocate memory for working bitmap block. Note that for
-+ * bitmaps jinit_new() doesn't actually modifies node content,
-+ * so parallel calls to this are ok. */
-+ ret = jinit_new(wjnode, GFP_NOFS);
-+
-+ if (ret != 0) {
-+ jrelse(cjnode);
-+ goto error;
-+ }
-+
-+ return 0;
-+
-+ error:
-+ jput(cjnode);
-+ jput(wjnode);
-+ *wjnode_ret = *cjnode_ret = NULL;
-+ return ret;
-+
-+}
-+
-+/* Check the bnode data on read. */
-+static int check_struct_bnode(struct bitmap_node *bnode, __u32 blksize)
-+{
-+ void *data;
-+ int ret;
-+
-+ /* Check CRC */
-+ ret = bnode_check_adler32(bnode, blksize);
-+
-+ if (ret) {
-+ return ret;
-+ }
-+
-+ data = jdata(bnode->cjnode) + CHECKSUM_SIZE;
-+
-+ /* Check the very first bit -- it must be busy. */
-+ if (!reiser4_test_bit(0, data)) {
-+ warning("vpf-1362", "The allocator block %llu is not marked "
-+ "as used.", (unsigned long long)bnode->cjnode->blocknr);
-+
-+ return -EINVAL;
-+ }
-+
-+ return 0;
-+}
-+
-+/* load bitmap blocks "on-demand" */
-+static int load_and_lock_bnode(struct bitmap_node *bnode)
-+{
-+ int ret;
-+
-+ jnode *cjnode;
-+ jnode *wjnode;
-+
-+ assert("nikita-3040", schedulable());
-+
-+/* ZAM-FIXME-HANS: since bitmaps are never unloaded, this does not
-+ * need to be atomic, right? Just leave a comment that if bitmaps were
-+ * unloadable, this would need to be atomic. */
-+ if (atomic_read(&bnode->loaded)) {
-+ /* bitmap is already loaded, nothing to do */
-+ check_bnode_loaded(bnode);
-+ down(&bnode->sema);
-+ assert("nikita-2827", atomic_read(&bnode->loaded));
-+ return 0;
-+ }
-+
-+ ret = prepare_bnode(bnode, &cjnode, &wjnode);
-+ if (ret == 0) {
-+ down(&bnode->sema);
-+
-+ if (!atomic_read(&bnode->loaded)) {
-+ assert("nikita-2822", cjnode != NULL);
-+ assert("nikita-2823", wjnode != NULL);
-+ assert("nikita-2824", jnode_is_loaded(cjnode));
-+ assert("nikita-2825", jnode_is_loaded(wjnode));
-+
-+ bnode->wjnode = wjnode;
-+ bnode->cjnode = cjnode;
-+
-+ ret = check_struct_bnode(bnode, current_blocksize);
-+ if (!ret) {
-+ cjnode = wjnode = NULL;
-+ atomic_set(&bnode->loaded, 1);
-+ /* working bitmap is initialized by on-disk
-+ * commit bitmap. This should be performed
-+ * under semaphore. */
-+ memcpy(bnode_working_data(bnode),
-+ bnode_commit_data(bnode),
-+ bmap_size(current_blocksize));
-+ } else {
-+ up(&bnode->sema);
-+ }
-+ } else
-+ /* race: someone already loaded bitmap while we were
-+ * busy initializing data. */
-+ check_bnode_loaded(bnode);
-+ }
-+
-+ if (wjnode != NULL) {
-+ release(wjnode);
-+ bnode->wjnode = NULL;
-+ }
-+ if (cjnode != NULL) {
-+ release(cjnode);
-+ bnode->cjnode = NULL;
-+ }
-+
-+ return ret;
-+}
-+
-+static void release_and_unlock_bnode(struct bitmap_node *bnode)
-+{
-+ check_bnode_loaded(bnode);
-+ up(&bnode->sema);
-+}
-+
-+/* This function does all block allocation work but only for one bitmap
-+ block.*/
-+/* FIXME_ZAM: It does not allow us to allocate block ranges across bitmap
-+ block responsibility zone boundaries. This had no sense in v3.6 but may
-+ have it in v4.x */
-+/* ZAM-FIXME-HANS: do you mean search one bitmap block forward? */
-+static int
-+search_one_bitmap_forward(bmap_nr_t bmap, bmap_off_t * offset,
-+ bmap_off_t max_offset, int min_len, int max_len)
-+{
-+ struct super_block *super = get_current_context()->super;
-+ struct bitmap_node *bnode = get_bnode(super, bmap);
-+
-+ char *data;
-+
-+ bmap_off_t search_end;
-+ bmap_off_t start;
-+ bmap_off_t end;
-+
-+ int set_first_zero_bit = 0;
-+
-+ int ret;
-+
-+ assert("zam-364", min_len > 0);
-+ assert("zam-365", max_len >= min_len);
-+ assert("zam-366", *offset <= max_offset);
-+
-+ ret = load_and_lock_bnode(bnode);
-+
-+ if (ret)
-+ return ret;
-+
-+ data = bnode_working_data(bnode);
-+
-+ start = *offset;
-+
-+ if (bnode->first_zero_bit >= start) {
-+ start = bnode->first_zero_bit;
-+ set_first_zero_bit = 1;
-+ }
-+
-+ while (start + min_len < max_offset) {
-+
-+ start =
-+ reiser4_find_next_zero_bit((long *)data, max_offset, start);
-+ if (set_first_zero_bit) {
-+ bnode->first_zero_bit = start;
-+ set_first_zero_bit = 0;
-+ }
-+ if (start >= max_offset)
-+ break;
-+
-+ search_end = LIMIT(start + max_len, max_offset);
-+ end =
-+ reiser4_find_next_set_bit((long *)data, search_end, start);
-+ if (end >= start + min_len) {
-+ /* we can't trust find_next_set_bit result if set bit
-+ was not fount, result may be bigger than
-+ max_offset */
-+ if (end > search_end)
-+ end = search_end;
-+
-+ ret = end - start;
-+ *offset = start;
-+
-+ reiser4_set_bits(data, start, end);
-+
-+ /* FIXME: we may advance first_zero_bit if [start,
-+ end] region overlaps the first_zero_bit point */
-+
-+ break;
-+ }
-+
-+ start = end + 1;
-+ }
-+
-+ release_and_unlock_bnode(bnode);
-+
-+ return ret;
-+}
-+
-+static int
-+search_one_bitmap_backward(bmap_nr_t bmap, bmap_off_t * start_offset,
-+ bmap_off_t end_offset, int min_len, int max_len)
-+{
-+ struct super_block *super = get_current_context()->super;
-+ struct bitmap_node *bnode = get_bnode(super, bmap);
-+ char *data;
-+ bmap_off_t start;
-+ int ret;
-+
-+ assert("zam-958", min_len > 0);
-+ assert("zam-959", max_len >= min_len);
-+ assert("zam-960", *start_offset >= end_offset);
-+
-+ ret = load_and_lock_bnode(bnode);
-+ if (ret)
-+ return ret;
-+
-+ data = bnode_working_data(bnode);
-+ start = *start_offset;
-+
-+ while (1) {
-+ bmap_off_t end, search_end;
-+
-+ /* Find the beginning of the zero filled region */
-+ if (reiser4_find_last_zero_bit(&start, data, end_offset, start))
-+ break;
-+ /* Is there more than `min_len' bits from `start' to
-+ * `end_offset'? */
-+ if (start < end_offset + min_len - 1)
-+ break;
-+
-+ /* Do not search to `end_offset' if we need to find less than
-+ * `max_len' zero bits. */
-+ if (end_offset + max_len - 1 < start)
-+ search_end = start - max_len + 1;
-+ else
-+ search_end = end_offset;
-+
-+ if (reiser4_find_last_set_bit(&end, data, search_end, start))
-+ end = search_end;
-+ else
-+ end++;
-+
-+ if (end + min_len <= start + 1) {
-+ if (end < search_end)
-+ end = search_end;
-+ ret = start - end + 1;
-+ *start_offset = end; /* `end' is lowest offset */
-+ assert("zam-987",
-+ reiser4_find_next_set_bit(data, start + 1,
-+ end) >= start + 1);
-+ reiser4_set_bits(data, end, start + 1);
-+ break;
-+ }
-+
-+ if (end <= end_offset)
-+ /* left search boundary reached. */
-+ break;
-+ start = end - 1;
-+ }
-+
-+ release_and_unlock_bnode(bnode);
-+ return ret;
-+}
-+
-+/* allocate contiguous range of blocks in bitmap */
-+static int bitmap_alloc_forward(reiser4_block_nr * start,
-+ const reiser4_block_nr * end, int min_len,
-+ int max_len)
-+{
-+ bmap_nr_t bmap, end_bmap;
-+ bmap_off_t offset, end_offset;
-+ int len;
-+
-+ reiser4_block_nr tmp;
-+
-+ struct super_block *super = get_current_context()->super;
-+ const bmap_off_t max_offset = bmap_bit_count(super->s_blocksize);
-+
-+ parse_blocknr(start, &bmap, &offset);
-+
-+ tmp = *end - 1;
-+ parse_blocknr(&tmp, &end_bmap, &end_offset);
-+ ++end_offset;
-+
-+ assert("zam-358", end_bmap >= bmap);
-+ assert("zam-359", ergo(end_bmap == bmap, end_offset >= offset));
-+
-+ for (; bmap < end_bmap; bmap++, offset = 0) {
-+ len =
-+ search_one_bitmap_forward(bmap, &offset, max_offset,
-+ min_len, max_len);
-+ if (len != 0)
-+ goto out;
-+ }
-+
-+ len =
-+ search_one_bitmap_forward(bmap, &offset, end_offset, min_len,
-+ max_len);
-+ out:
-+ *start = bmap * max_offset + offset;
-+ return len;
-+}
-+
-+/* allocate contiguous range of blocks in bitmap (from @start to @end in
-+ * backward direction) */
-+static int bitmap_alloc_backward(reiser4_block_nr * start,
-+ const reiser4_block_nr * end, int min_len,
-+ int max_len)
-+{
-+ bmap_nr_t bmap, end_bmap;
-+ bmap_off_t offset, end_offset;
-+ int len;
-+ struct super_block *super = get_current_context()->super;
-+ const bmap_off_t max_offset = bmap_bit_count(super->s_blocksize);
-+
-+ parse_blocknr(start, &bmap, &offset);
-+ parse_blocknr(end, &end_bmap, &end_offset);
-+
-+ assert("zam-961", end_bmap <= bmap);
-+ assert("zam-962", ergo(end_bmap == bmap, end_offset <= offset));
-+
-+ for (; bmap > end_bmap; bmap--, offset = max_offset - 1) {
-+ len =
-+ search_one_bitmap_backward(bmap, &offset, 0, min_len,
-+ max_len);
-+ if (len != 0)
-+ goto out;
-+ }
-+
-+ len =
-+ search_one_bitmap_backward(bmap, &offset, end_offset, min_len,
-+ max_len);
-+ out:
-+ *start = bmap * max_offset + offset;
-+ return len;
-+}
-+
-+/* plugin->u.space_allocator.alloc_blocks() */
-+static int alloc_blocks_forward(reiser4_blocknr_hint *hint, int needed,
-+ reiser4_block_nr *start, reiser4_block_nr *len)
-+{
-+ struct super_block *super = get_current_context()->super;
-+ int actual_len;
-+
-+ reiser4_block_nr search_start;
-+ reiser4_block_nr search_end;
-+
-+ assert("zam-398", super != NULL);
-+ assert("zam-412", hint != NULL);
-+ assert("zam-397", hint->blk <= reiser4_block_count(super));
-+
-+ if (hint->max_dist == 0)
-+ search_end = reiser4_block_count(super);
-+ else
-+ search_end =
-+ LIMIT(hint->blk + hint->max_dist,
-+ reiser4_block_count(super));
-+
-+ /* We use @hint -> blk as a search start and search from it to the end
-+ of the disk or in given region if @hint -> max_dist is not zero */
-+ search_start = hint->blk;
-+
-+ actual_len =
-+ bitmap_alloc_forward(&search_start, &search_end, 1, needed);
-+
-+ /* There is only one bitmap search if max_dist was specified or first
-+ pass was from the beginning of the bitmap. We also do one pass for
-+ scanning bitmap in backward direction. */
-+ if (!(actual_len != 0 || hint->max_dist != 0 || search_start == 0)) {
-+ /* next step is a scanning from 0 to search_start */
-+ search_end = search_start;
-+ search_start = 0;
-+ actual_len =
-+ bitmap_alloc_forward(&search_start, &search_end, 1, needed);
-+ }
-+ if (actual_len == 0)
-+ return RETERR(-ENOSPC);
-+ if (actual_len < 0)
-+ return RETERR(actual_len);
-+ *len = actual_len;
-+ *start = search_start;
-+ return 0;
-+}
-+
-+static int alloc_blocks_backward(reiser4_blocknr_hint * hint, int needed,
-+ reiser4_block_nr * start,
-+ reiser4_block_nr * len)
-+{
-+ reiser4_block_nr search_start;
-+ reiser4_block_nr search_end;
-+ int actual_len;
-+
-+ ON_DEBUG(struct super_block *super = reiser4_get_current_sb());
-+
-+ assert("zam-969", super != NULL);
-+ assert("zam-970", hint != NULL);
-+ assert("zam-971", hint->blk <= reiser4_block_count(super));
-+
-+ search_start = hint->blk;
-+ if (hint->max_dist == 0 || search_start <= hint->max_dist)
-+ search_end = 0;
-+ else
-+ search_end = search_start - hint->max_dist;
-+
-+ actual_len =
-+ bitmap_alloc_backward(&search_start, &search_end, 1, needed);
-+ if (actual_len == 0)
-+ return RETERR(-ENOSPC);
-+ if (actual_len < 0)
-+ return RETERR(actual_len);
-+ *len = actual_len;
-+ *start = search_start;
-+ return 0;
-+}
-+
-+/* plugin->u.space_allocator.alloc_blocks() */
-+int
-+alloc_blocks_bitmap(reiser4_space_allocator * allocator UNUSED_ARG,
-+ reiser4_blocknr_hint * hint, int needed,
-+ reiser4_block_nr * start, reiser4_block_nr * len)
-+{
-+ if (hint->backward)
-+ return alloc_blocks_backward(hint, needed, start, len);
-+ return alloc_blocks_forward(hint, needed, start, len);
-+}
-+
-+/* plugin->u.space_allocator.dealloc_blocks(). */
-+/* It just frees blocks in WORKING BITMAP. Usually formatted an unformatted
-+ nodes deletion is deferred until transaction commit. However, deallocation
-+ of temporary objects like wandered blocks and transaction commit records
-+ requires immediate node deletion from WORKING BITMAP.*/
-+void
-+dealloc_blocks_bitmap(reiser4_space_allocator * allocator UNUSED_ARG,
-+ reiser4_block_nr start, reiser4_block_nr len)
-+{
-+ struct super_block *super = reiser4_get_current_sb();
-+
-+ bmap_nr_t bmap;
-+ bmap_off_t offset;
-+
-+ struct bitmap_node *bnode;
-+ int ret;
-+
-+ assert("zam-468", len != 0);
-+ check_block_range(&start, &len);
-+
-+ parse_blocknr(&start, &bmap, &offset);
-+
-+ assert("zam-469", offset + len <= bmap_bit_count(super->s_blocksize));
-+
-+ bnode = get_bnode(super, bmap);
-+
-+ assert("zam-470", bnode != NULL);
-+
-+ ret = load_and_lock_bnode(bnode);
-+ assert("zam-481", ret == 0);
-+
-+ reiser4_clear_bits(bnode_working_data(bnode), offset,
-+ (bmap_off_t) (offset + len));
-+
-+ adjust_first_zero_bit(bnode, offset);
-+
-+ release_and_unlock_bnode(bnode);
-+}
-+
-+/* plugin->u.space_allocator.check_blocks(). */
-+void
-+check_blocks_bitmap(const reiser4_block_nr * start,
-+ const reiser4_block_nr * len, int desired)
-+{
-+#if REISER4_DEBUG
-+ struct super_block *super = reiser4_get_current_sb();
-+
-+ bmap_nr_t bmap;
-+ bmap_off_t start_offset;
-+ bmap_off_t end_offset;
-+
-+ struct bitmap_node *bnode;
-+ int ret;
-+
-+ assert("zam-622", len != NULL);
-+ check_block_range(start, len);
-+ parse_blocknr(start, &bmap, &start_offset);
-+
-+ end_offset = start_offset + *len;
-+ assert("nikita-2214", end_offset <= bmap_bit_count(super->s_blocksize));
-+
-+ bnode = get_bnode(super, bmap);
-+
-+ assert("nikita-2215", bnode != NULL);
-+
-+ ret = load_and_lock_bnode(bnode);
-+ assert("zam-626", ret == 0);
-+
-+ assert("nikita-2216", jnode_is_loaded(bnode->wjnode));
-+
-+ if (desired) {
-+ assert("zam-623",
-+ reiser4_find_next_zero_bit(bnode_working_data(bnode),
-+ end_offset, start_offset)
-+ >= end_offset);
-+ } else {
-+ assert("zam-624",
-+ reiser4_find_next_set_bit(bnode_working_data(bnode),
-+ end_offset, start_offset)
-+ >= end_offset);
-+ }
-+
-+ release_and_unlock_bnode(bnode);
-+#endif
-+}
-+
-+/* conditional insertion of @node into atom's overwrite set if it was not there */
-+static void cond_add_to_overwrite_set(txn_atom * atom, jnode * node)
-+{
-+ assert("zam-546", atom != NULL);
-+ assert("zam-547", atom->stage == ASTAGE_PRE_COMMIT);
-+ assert("zam-548", node != NULL);
-+
-+ spin_lock_atom(atom);
-+ spin_lock_jnode(node);
-+
-+ if (node->atom == NULL) {
-+ JF_SET(node, JNODE_OVRWR);
-+ insert_into_atom_ovrwr_list(atom, node);
-+ } else {
-+ assert("zam-549", node->atom == atom);
-+ }
-+
-+ spin_unlock_jnode(node);
-+ spin_unlock_atom(atom);
-+}
-+
-+/* an actor which applies delete set to COMMIT bitmap pages and link modified
-+ pages in a single-linked list */
-+static int
-+apply_dset_to_commit_bmap(txn_atom * atom, const reiser4_block_nr * start,
-+ const reiser4_block_nr * len, void *data)
-+{
-+
-+ bmap_nr_t bmap;
-+ bmap_off_t offset;
-+ int ret;
-+
-+ long long *blocks_freed_p = data;
-+
-+ struct bitmap_node *bnode;
-+
-+ struct super_block *sb = reiser4_get_current_sb();
-+
-+ check_block_range(start, len);
-+
-+ parse_blocknr(start, &bmap, &offset);
-+
-+ /* FIXME-ZAM: we assume that all block ranges are allocated by this
-+ bitmap-based allocator and each block range can't go over a zone of
-+ responsibility of one bitmap block; same assumption is used in
-+ other journal hooks in bitmap code. */
-+ bnode = get_bnode(sb, bmap);
-+ assert("zam-448", bnode != NULL);
-+
-+ /* it is safe to unlock atom with is in ASTAGE_PRE_COMMIT */
-+ assert("zam-767", atom->stage == ASTAGE_PRE_COMMIT);
-+ ret = load_and_lock_bnode(bnode);
-+ if (ret)
-+ return ret;
-+
-+ /* put bnode into atom's overwrite set */
-+ cond_add_to_overwrite_set(atom, bnode->cjnode);
-+
-+ data = bnode_commit_data(bnode);
-+
-+ ret = bnode_check_crc(bnode);
-+ if (ret != 0)
-+ return ret;
-+
-+ if (len != NULL) {
-+ /* FIXME-ZAM: a check that all bits are set should be there */
-+ assert("zam-443",
-+ offset + *len <= bmap_bit_count(sb->s_blocksize));
-+ reiser4_clear_bits(data, offset, (bmap_off_t) (offset + *len));
-+
-+ (*blocks_freed_p) += *len;
-+ } else {
-+ reiser4_clear_bit(offset, data);
-+ (*blocks_freed_p)++;
-+ }
-+
-+ bnode_set_commit_crc(bnode, bnode_calc_crc(bnode, sb->s_blocksize));
-+
-+ release_and_unlock_bnode(bnode);
-+
-+ return 0;
-+}
-+
-+/* plugin->u.space_allocator.pre_commit_hook(). */
-+/* It just applies transaction changes to fs-wide COMMIT BITMAP, hoping the
-+ rest is done by transaction manager (allocate wandered locations for COMMIT
-+ BITMAP blocks, copy COMMIT BITMAP blocks data). */
-+/* Only one instance of this function can be running at one given time, because
-+ only one transaction can be committed a time, therefore it is safe to access
-+ some global variables without any locking */
-+
-+int pre_commit_hook_bitmap(void)
-+{
-+ struct super_block *super = reiser4_get_current_sb();
-+ txn_atom *atom;
-+
-+ long long blocks_freed = 0;
-+
-+ atom = get_current_atom_locked();
-+ assert("zam-876", atom->stage == ASTAGE_PRE_COMMIT);
-+ spin_unlock_atom(atom);
-+
-+ { /* scan atom's captured list and find all freshly allocated nodes,
-+ * mark corresponded bits in COMMIT BITMAP as used */
-+ struct list_head *head = ATOM_CLEAN_LIST(atom);
-+ jnode *node = list_entry(head->next, jnode, capture_link);
-+
-+ while (head != &node->capture_link) {
-+ /* we detect freshly allocated jnodes */
-+ if (JF_ISSET(node, JNODE_RELOC)) {
-+ int ret;
-+ bmap_nr_t bmap;
-+
-+ bmap_off_t offset;
-+ bmap_off_t index;
-+ struct bitmap_node *bn;
-+ __u32 size = bmap_size(super->s_blocksize);
-+ __u32 crc;
-+ char byte;
-+
-+ assert("zam-559", !JF_ISSET(node, JNODE_OVRWR));
-+ assert("zam-460",
-+ !blocknr_is_fake(&node->blocknr));
-+
-+ parse_blocknr(&node->blocknr, &bmap, &offset);
-+ bn = get_bnode(super, bmap);
-+
-+ index = offset >> 3;
-+ assert("vpf-276", index < size);
-+
-+ ret = bnode_check_crc(bnode);
-+ if (ret != 0)
-+ return ret;
-+
-+ check_bnode_loaded(bn);
-+ load_and_lock_bnode(bn);
-+
-+ byte = *(bnode_commit_data(bn) + index);
-+ reiser4_set_bit(offset, bnode_commit_data(bn));
-+
-+ crc = adler32_recalc(bnode_commit_crc(bn), byte,
-+ *(bnode_commit_data(bn) +
-+ index),
-+ size - index),
-+ bnode_set_commit_crc(bn, crc);
-+
-+ release_and_unlock_bnode(bn);
-+
-+ ret = bnode_check_crc(bn);
-+ if (ret != 0)
-+ return ret;
-+
-+ /* working of this depends on how it inserts
-+ new j-node into clean list, because we are
-+ scanning the same list now. It is OK, if
-+ insertion is done to the list front */
-+ cond_add_to_overwrite_set(atom, bn->cjnode);
-+ }
-+
-+ node = list_entry(node->capture_link.next, jnode, capture_link);
-+ }
-+ }
-+
-+ blocknr_set_iterator(atom, &atom->delete_set, apply_dset_to_commit_bmap,
-+ &blocks_freed, 0);
-+
-+ blocks_freed -= atom->nr_blocks_allocated;
-+
-+ {
-+ reiser4_super_info_data *sbinfo;
-+
-+ sbinfo = get_super_private(super);
-+
-+ spin_lock_reiser4_super(sbinfo);
-+ sbinfo->blocks_free_committed += blocks_freed;
-+ spin_unlock_reiser4_super(sbinfo);
-+ }
-+
-+ return 0;
-+}
-+
-+/* plugin->u.space_allocator.init_allocator
-+ constructor of reiser4_space_allocator object. It is called on fs mount */
-+int
-+init_allocator_bitmap(reiser4_space_allocator * allocator,
-+ struct super_block *super, void *arg UNUSED_ARG)
-+{
-+ struct bitmap_allocator_data *data = NULL;
-+ bmap_nr_t bitmap_blocks_nr;
-+ bmap_nr_t i;
-+
-+ assert("nikita-3039", schedulable());
-+
-+ /* getting memory for bitmap allocator private data holder */
-+ data =
-+ kmalloc(sizeof(struct bitmap_allocator_data), GFP_KERNEL);
-+
-+ if (data == NULL)
-+ return RETERR(-ENOMEM);
-+
-+ /* allocation and initialization for the array of bnodes */
-+ bitmap_blocks_nr = get_nr_bmap(super);
-+
-+ /* FIXME-ZAM: it is not clear what to do with huge number of bitmaps
-+ which is bigger than 2^32 (= 8 * 4096 * 4096 * 2^32 bytes = 5.76e+17,
-+ may I never meet someone who still uses the ia32 architecture when
-+ storage devices of that size enter the market, and wants to use ia32
-+ with that storage device, much less reiser4. ;-) -Hans). Kmalloc is not possible and,
-+ probably, another dynamic data structure should replace a static
-+ array of bnodes. */
-+ /*data->bitmap = reiser4_kmalloc((size_t) (sizeof (struct bitmap_node) * bitmap_blocks_nr), GFP_KERNEL); */
-+ data->bitmap = vmalloc(sizeof(struct bitmap_node) * bitmap_blocks_nr);
-+ if (data->bitmap == NULL) {
-+ kfree(data);
-+ return RETERR(-ENOMEM);
-+ }
-+
-+ for (i = 0; i < bitmap_blocks_nr; i++)
-+ init_bnode(data->bitmap + i, super, i);
-+
-+ allocator->u.generic = data;
-+
-+#if REISER4_DEBUG
-+ get_super_private(super)->min_blocks_used += bitmap_blocks_nr;
-+#endif
-+
-+ /* Load all bitmap blocks at mount time. */
-+ if (!test_bit
-+ (REISER4_DONT_LOAD_BITMAP, &get_super_private(super)->fs_flags)) {
-+ __u64 start_time, elapsed_time;
-+ struct bitmap_node *bnode;
-+ int ret;
-+
-+ if (REISER4_DEBUG)
-+ printk(KERN_INFO "loading reiser4 bitmap...");
-+ start_time = jiffies;
-+
-+ for (i = 0; i < bitmap_blocks_nr; i++) {
-+ bnode = data->bitmap + i;
-+ ret = load_and_lock_bnode(bnode);
-+ if (ret) {
-+ destroy_allocator_bitmap(allocator, super);
-+ return ret;
-+ }
-+ release_and_unlock_bnode(bnode);
-+ }
-+
-+ elapsed_time = jiffies - start_time;
-+ if (REISER4_DEBUG)
-+ printk("...done (%llu jiffies)\n",
-+ (unsigned long long)elapsed_time);
-+ }
-+
-+ return 0;
-+}
-+
-+/* plugin->u.space_allocator.destroy_allocator
-+ destructor. It is called on fs unmount */
-+int
-+destroy_allocator_bitmap(reiser4_space_allocator * allocator,
-+ struct super_block *super)
-+{
-+ bmap_nr_t bitmap_blocks_nr;
-+ bmap_nr_t i;
-+
-+ struct bitmap_allocator_data *data = allocator->u.generic;
-+
-+ assert("zam-414", data != NULL);
-+ assert("zam-376", data->bitmap != NULL);
-+
-+ bitmap_blocks_nr = get_nr_bmap(super);
-+
-+ for (i = 0; i < bitmap_blocks_nr; i++) {
-+ struct bitmap_node *bnode = data->bitmap + i;
-+
-+ down(&bnode->sema);
-+
-+#if REISER4_DEBUG
-+ if (atomic_read(&bnode->loaded)) {
-+ jnode *wj = bnode->wjnode;
-+ jnode *cj = bnode->cjnode;
-+
-+ assert("zam-480", jnode_page(cj) != NULL);
-+ assert("zam-633", jnode_page(wj) != NULL);
-+
-+ assert("zam-634",
-+ memcmp(jdata(wj), jdata(wj),
-+ bmap_size(super->s_blocksize)) == 0);
-+
-+ }
-+#endif
-+ done_bnode(bnode);
-+ up(&bnode->sema);
-+ }
-+
-+ vfree(data->bitmap);
-+ kfree(data);
-+
-+ allocator->u.generic = NULL;
-+
-+ return 0;
-+}
-+
-+/*
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 80
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/space/bitmap.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/space/bitmap.h
-@@ -0,0 +1,47 @@
-+/* Copyright 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+#if !defined (__REISER4_PLUGIN_SPACE_BITMAP_H__)
-+#define __REISER4_PLUGIN_SPACE_BITMAP_H__
-+
-+#include "../../dformat.h"
-+#include "../../block_alloc.h"
-+
-+#include <linux/types.h> /* for __u?? */
-+#include <linux/fs.h> /* for struct super_block */
-+/* EDWARD-FIXME-HANS: write something as informative as the below for every .h file lacking it. */
-+/* declarations of functions implementing methods of space allocator plugin for
-+ bitmap based allocator. The functions themselves are in bitmap.c */
-+extern int init_allocator_bitmap(reiser4_space_allocator *,
-+ struct super_block *, void *);
-+extern int destroy_allocator_bitmap(reiser4_space_allocator *,
-+ struct super_block *);
-+extern int alloc_blocks_bitmap(reiser4_space_allocator *,
-+ reiser4_blocknr_hint *, int needed,
-+ reiser4_block_nr * start,
-+ reiser4_block_nr * len);
-+extern void check_blocks_bitmap(const reiser4_block_nr *,
-+ const reiser4_block_nr *, int);
-+
-+extern void dealloc_blocks_bitmap(reiser4_space_allocator *, reiser4_block_nr,
-+ reiser4_block_nr);
-+extern int pre_commit_hook_bitmap(void);
-+
-+#define post_commit_hook_bitmap() do{}while(0)
-+#define post_write_back_hook_bitmap() do{}while(0)
-+#define print_info_bitmap(pref, al) do{}while(0)
-+
-+typedef __u64 bmap_nr_t;
-+typedef __u32 bmap_off_t;
-+
-+#endif /* __REISER4_PLUGIN_SPACE_BITMAP_H__ */
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/space/space_allocator.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/space/space_allocator.h
-@@ -0,0 +1,80 @@
-+/* Copyright 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+#ifndef __SPACE_ALLOCATOR_H__
-+#define __SPACE_ALLOCATOR_H__
-+
-+#include "../../forward.h"
-+#include "bitmap.h"
-+/* NIKITA-FIXME-HANS: surely this could use a comment. Something about how bitmap is the only space allocator for now,
-+ * but... */
-+#define DEF_SPACE_ALLOCATOR(allocator) \
-+ \
-+static inline int sa_init_allocator (reiser4_space_allocator * al, struct super_block *s, void * opaque) \
-+{ \
-+ return init_allocator_##allocator (al, s, opaque); \
-+} \
-+ \
-+static inline void sa_destroy_allocator (reiser4_space_allocator *al, struct super_block *s) \
-+{ \
-+ destroy_allocator_##allocator (al, s); \
-+} \
-+ \
-+static inline int sa_alloc_blocks (reiser4_space_allocator *al, reiser4_blocknr_hint * hint, \
-+ int needed, reiser4_block_nr * start, reiser4_block_nr * len) \
-+{ \
-+ return alloc_blocks_##allocator (al, hint, needed, start, len); \
-+} \
-+static inline void sa_dealloc_blocks (reiser4_space_allocator * al, reiser4_block_nr start, reiser4_block_nr len) \
-+{ \
-+ dealloc_blocks_##allocator (al, start, len); \
-+} \
-+ \
-+static inline void sa_check_blocks (const reiser4_block_nr * start, const reiser4_block_nr * end, int desired) \
-+{ \
-+ check_blocks_##allocator (start, end, desired); \
-+} \
-+ \
-+static inline void sa_pre_commit_hook (void) \
-+{ \
-+ pre_commit_hook_##allocator (); \
-+} \
-+ \
-+static inline void sa_post_commit_hook (void) \
-+{ \
-+ post_commit_hook_##allocator (); \
-+} \
-+ \
-+static inline void sa_post_write_back_hook (void) \
-+{ \
-+ post_write_back_hook_##allocator(); \
-+} \
-+ \
-+static inline void sa_print_info(const char * prefix, reiser4_space_allocator * al) \
-+{ \
-+ print_info_##allocator (prefix, al); \
-+}
-+
-+DEF_SPACE_ALLOCATOR(bitmap)
-+
-+/* this object is part of reiser4 private in-core super block */
-+struct reiser4_space_allocator {
-+ union {
-+ /* space allocators might use this pointer to reference their
-+ * data. */
-+ void *generic;
-+ } u;
-+};
-+
-+/* __SPACE_ALLOCATOR_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/plugin/tail_policy.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/plugin/tail_policy.c
-@@ -0,0 +1,113 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* Formatting policy plugins */
-+
-+/*
-+ * Formatting policy plugin is used by object plugin (of regular file) to
-+ * convert file between two representations.
-+ *
-+ * Currently following policies are implemented:
-+ * never store file in formatted nodes
-+ * always store file in formatted nodes
-+ * store file in formatted nodes if file is smaller than 4 blocks (default)
-+ */
-+
-+#include "../tree.h"
-+#include "../inode.h"
-+#include "../super.h"
-+#include "object.h"
-+#include "plugin.h"
-+#include "node/node.h"
-+#include "plugin_header.h"
-+
-+#include <linux/pagemap.h>
-+#include <linux/fs.h> /* For struct inode */
-+
-+/**
-+ * have_formatting_never -
-+ * @inode:
-+ * @size:
-+ *
-+ *
-+ */
-+/* Never store file's tail as direct item */
-+/* Audited by: green(2002.06.12) */
-+static int have_formatting_never(const struct inode *inode UNUSED_ARG
-+ /* inode to operate on */ ,
-+ loff_t size UNUSED_ARG /* new object size */ )
-+{
-+ return 0;
-+}
-+
-+/* Always store file's tail as direct item */
-+/* Audited by: green(2002.06.12) */
-+static int
-+have_formatting_always(const struct inode *inode UNUSED_ARG
-+ /* inode to operate on */ ,
-+ loff_t size UNUSED_ARG /* new object size */ )
-+{
-+ return 1;
-+}
-+
-+/* This function makes test if we should store file denoted @inode as tails only or
-+ as extents only. */
-+static int
-+have_formatting_default(const struct inode *inode UNUSED_ARG
-+ /* inode to operate on */ ,
-+ loff_t size /* new object size */ )
-+{
-+ assert("umka-1253", inode != NULL);
-+
-+ if (size > inode->i_sb->s_blocksize * 4)
-+ return 0;
-+
-+ return 1;
-+}
-+
-+/* tail plugins */
-+formatting_plugin formatting_plugins[LAST_TAIL_FORMATTING_ID] = {
-+ [NEVER_TAILS_FORMATTING_ID] = {
-+ .h = {
-+ .type_id = REISER4_FORMATTING_PLUGIN_TYPE,
-+ .id = NEVER_TAILS_FORMATTING_ID,
-+ .pops = NULL,
-+ .label = "never",
-+ .desc = "Never store file's tail",
-+ .linkage = {NULL, NULL}
-+ },
-+ .have_tail = have_formatting_never
-+ },
-+ [ALWAYS_TAILS_FORMATTING_ID] = {
-+ .h = {
-+ .type_id = REISER4_FORMATTING_PLUGIN_TYPE,
-+ .id = ALWAYS_TAILS_FORMATTING_ID,
-+ .pops = NULL,
-+ .label = "always",
-+ .desc = "Always store file's tail",
-+ .linkage = {NULL, NULL}
-+ },
-+ .have_tail = have_formatting_always
-+ },
-+ [SMALL_FILE_FORMATTING_ID] = {
-+ .h = {
-+ .type_id = REISER4_FORMATTING_PLUGIN_TYPE,
-+ .id = SMALL_FILE_FORMATTING_ID,
-+ .pops = NULL,
-+ .label = "4blocks",
-+ .desc = "store files shorter than 4 blocks in tail items",
-+ .linkage = {NULL, NULL}
-+ },
-+ .have_tail = have_formatting_default
-+ }
-+};
-+
-+/*
-+ * Local variables:
-+ * c-indentation-style: "K&R"
-+ * mode-name: "LC"
-+ * c-basic-offset: 8
-+ * tab-width: 8
-+ * fill-column: 79
-+ * End:
-+ */
-Index: linux-2.6.16/fs/reiser4/pool.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/pool.c
-@@ -0,0 +1,236 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* Fast pool allocation.
-+
-+ There are situations when some sub-system normally asks memory allocator
-+ for only few objects, but under some circumstances could require much
-+ more. Typical and actually motivating example is tree balancing. It needs
-+ to keep track of nodes that were involved into it, and it is well-known
-+ that in reasonable packed balanced tree most (92.938121%) percent of all
-+ balancings end up after working with only few nodes (3.141592 on
-+ average). But in rare cases balancing can involve much more nodes
-+ (3*tree_height+1 in extremal situation).
-+
-+ On the one hand, we don't want to resort to dynamic allocation (slab,
-+ malloc(), etc.) to allocate data structures required to keep track of
-+ nodes during balancing. On the other hand, we cannot statically allocate
-+ required amount of space on the stack, because first: it is useless wastage
-+ of precious resource, and second: this amount is unknown in advance (tree
-+ height can change).
-+
-+ Pools, implemented in this file are solution for this problem:
-+
-+ - some configurable amount of objects is statically preallocated on the
-+ stack
-+
-+ - if this preallocated pool is exhausted and more objects is requested
-+ they are allocated dynamically.
-+
-+ Pools encapsulate distinction between statically and dynamically allocated
-+ objects. Both allocation and recycling look exactly the same.
-+
-+ To keep track of dynamically allocated objects, pool adds its own linkage
-+ to each object.
-+
-+ NOTE-NIKITA This linkage also contains some balancing-specific data. This
-+ is not perfect. On the other hand, balancing is currently the only client
-+ of pool code.
-+
-+ NOTE-NIKITA Another desirable feature is to rewrite all pool manipulation
-+ functions in the style of tslist/tshash, i.e., make them unreadable, but
-+ type-safe.
-+
-+
-+*/
-+
-+#include "debug.h"
-+#include "pool.h"
-+#include "super.h"
-+
-+#include <linux/types.h>
-+#include <linux/err.h>
-+
-+/* initialize new pool object */
-+static void reiser4_init_pool_obj(reiser4_pool_header * h /* pool object to
-+ * initialize */ )
-+{
-+ INIT_LIST_HEAD(&h->usage_linkage);
-+ INIT_LIST_HEAD(&h->level_linkage);
-+ INIT_LIST_HEAD(&h->extra_linkage);
-+}
-+
-+/* initialize new pool */
-+void reiser4_init_pool(reiser4_pool * pool /* pool to initialize */ ,
-+ size_t obj_size /* size of objects in @pool */ ,
-+ int num_of_objs /* number of preallocated objects */ ,
-+ char *data /* area for preallocated objects */ )
-+{
-+ reiser4_pool_header *h;
-+ int i;
-+
-+ assert("nikita-955", pool != NULL);
-+ assert("nikita-1044", obj_size > 0);
-+ assert("nikita-956", num_of_objs >= 0);
-+ assert("nikita-957", data != NULL);
-+
-+ memset(pool, 0, sizeof *pool);
-+ pool->obj_size = obj_size;
-+ pool->data = data;
-+ INIT_LIST_HEAD(&pool->free);
-+ INIT_LIST_HEAD(&pool->used);
-+ INIT_LIST_HEAD(&pool->extra);
-+ memset(data, 0, obj_size * num_of_objs);
-+ for (i = 0; i < num_of_objs; ++i) {
-+ h = (reiser4_pool_header *) (data + i * obj_size);
-+ reiser4_init_pool_obj(h);
-+ /* add pool header to the end of pool's free list */
-+ list_add_tail(&h->usage_linkage, &pool->free);
-+ }
-+}
-+
-+/* release pool resources
-+
-+ Release all resources acquired by this pool, specifically, dynamically
-+ allocated objects.
-+
-+*/
-+void reiser4_done_pool(reiser4_pool * pool UNUSED_ARG /* pool to destroy */ )
-+{
-+}
-+
-+/* allocate carry object from pool
-+
-+ First, try to get preallocated object. If this fails, resort to dynamic
-+ allocation.
-+
-+*/
-+static void *reiser4_pool_alloc(reiser4_pool * pool /* pool to allocate object
-+ * from */ )
-+{
-+ reiser4_pool_header *result;
-+
-+ assert("nikita-959", pool != NULL);
-+
-+ if (!list_empty(&pool->free)) {
-+ struct list_head *linkage;
-+
-+ linkage = pool->free.next;
-+ list_del(linkage);
-+ INIT_LIST_HEAD(linkage);
-+ result = list_entry(linkage, reiser4_pool_header, usage_linkage);
-+ BUG_ON(!list_empty(&result->level_linkage) ||
-+ !list_empty(&result->extra_linkage));
-+ } else {
-+ /* pool is empty. Extra allocations don't deserve dedicated
-+ slab to be served from, as they are expected to be rare. */
-+ result = kmalloc(pool->obj_size, get_gfp_mask());
-+ if (result != 0) {
-+ reiser4_init_pool_obj(result);
-+ list_add(&result->extra_linkage, &pool->extra);
-+ } else
-+ return ERR_PTR(RETERR(-ENOMEM));
-+ BUG_ON(!list_empty(&result->usage_linkage) ||
-+ !list_empty(&result->level_linkage));
-+ }
-+ ++pool->objs;
-+ list_add(&result->usage_linkage, &pool->used);
-+ memset(result + 1, 0, pool->obj_size - sizeof *result);
-+ return result;
-+}
-+
-+/* return object back to the pool */
-+void reiser4_pool_free(reiser4_pool * pool, reiser4_pool_header * h /* pool to return object back
-+ * into */ )
-+{
-+ assert("nikita-961", h != NULL);
-+ assert("nikita-962", pool != NULL);
-+
-+ --pool->objs;
-+ assert("nikita-963", pool->objs >= 0);
-+
-+ list_del_init(&h->usage_linkage);
-+ list_del_init(&h->level_linkage);
-+
-+ if (list_empty(&h->extra_linkage))
-+ /*
-+ * pool header is not an extra one. Push it onto free list
-+ * using usage_linkage
-+ */
-+ list_add(&h->usage_linkage, &pool->free);
-+ else {
-+ /* remove pool header from pool's extra list and kfree it */
-+ list_del(&h->extra_linkage);
-+ kfree(h);
-+ }
-+}
-+
-+/* add new object to the carry level list
-+
-+ Carry level is FIFO most of the time, but not always. Complications arise
-+ when make_space() function tries to go to the left neighbor and thus adds
-+ carry node before existing nodes, and also, when updating delimiting keys
-+ after moving data between two nodes, we want left node to be locked before
-+ right node.
-+
-+ Latter case is confusing at the first glance. Problem is that COP_UPDATE
-+ opration that updates delimiting keys is sometimes called with two nodes
-+ (when data are moved between two nodes) and sometimes with only one node
-+ (when leftmost item is deleted in a node). In any case operation is
-+ supplied with at least node whose left delimiting key is to be updated
-+ (that is "right" node).
-+
-+*/
-+reiser4_pool_header *add_obj(reiser4_pool * pool /* pool from which to
-+ * allocate new object */ ,
-+ struct list_head *list, /* list where to add
-+ * object */
-+ pool_ordering order /* where to add */ ,
-+ reiser4_pool_header * reference /* after (or
-+ * before) which
-+ * existing
-+ * object to
-+ * add */ )
-+{
-+ reiser4_pool_header *result;
-+
-+ assert("nikita-972", pool != NULL);
-+
-+ result = reiser4_pool_alloc(pool);
-+ if (IS_ERR(result))
-+ return result;
-+
-+ assert("nikita-973", result != NULL);
-+
-+ switch (order) {
-+ case POOLO_BEFORE:
-+ __list_add(&result->level_linkage,
-+ reference->level_linkage.prev,
-+ &reference->level_linkage);
-+ break;
-+ case POOLO_AFTER:
-+ __list_add(&result->level_linkage,
-+ &reference->level_linkage,
-+ reference->level_linkage.next);
-+ break;
-+ case POOLO_LAST:
-+ list_add_tail(&result->level_linkage, list);
-+ break;
-+ case POOLO_FIRST:
-+ list_add(&result->level_linkage, list);
-+ break;
-+ default:
-+ wrong_return_value("nikita-927", "order");
-+ }
-+ return result;
-+}
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/pool.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/pool.h
-@@ -0,0 +1,54 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* Fast pool allocation */
-+
-+#ifndef __REISER4_POOL_H__
-+#define __REISER4_POOL_H__
-+
-+#include <linux/types.h>
-+
-+typedef struct reiser4_pool {
-+ size_t obj_size;
-+ int objs;
-+ char *data;
-+ struct list_head free;
-+ struct list_head used;
-+ struct list_head extra;
-+} reiser4_pool;
-+
-+typedef struct reiser4_pool_header {
-+ /* object is either on free or "used" lists */
-+ struct list_head usage_linkage;
-+ struct list_head level_linkage;
-+ struct list_head extra_linkage;
-+} reiser4_pool_header;
-+
-+typedef enum {
-+ POOLO_BEFORE,
-+ POOLO_AFTER,
-+ POOLO_LAST,
-+ POOLO_FIRST
-+} pool_ordering;
-+
-+/* pool manipulation functions */
-+
-+extern void reiser4_init_pool(reiser4_pool * pool, size_t obj_size,
-+ int num_of_objs, char *data);
-+extern void reiser4_done_pool(reiser4_pool * pool);
-+extern void reiser4_pool_free(reiser4_pool * pool, reiser4_pool_header * h);
-+reiser4_pool_header *add_obj(reiser4_pool * pool, struct list_head * list,
-+ pool_ordering order,
-+ reiser4_pool_header * reference);
-+
-+/* __REISER4_POOL_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/readahead.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/readahead.c
-@@ -0,0 +1,138 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+#include "forward.h"
-+#include "tree.h"
-+#include "tree_walk.h"
-+#include "super.h"
-+#include "inode.h"
-+#include "key.h"
-+#include "znode.h"
-+
-+#include <linux/swap.h> /* for totalram_pages */
-+
-+void init_ra_info(ra_info_t * rai)
-+{
-+ rai->key_to_stop = *min_key();
-+}
-+
-+/* global formatted node readahead parameter. It can be set by mount option -o readahead:NUM:1 */
-+static inline int ra_adjacent_only(int flags)
-+{
-+ return flags & RA_ADJACENT_ONLY;
-+}
-+
-+/* this is used by formatted_readahead to decide whether read for right neighbor of node is to be issued. It returns 1
-+ if right neighbor's first key is less or equal to readahead's stop key */
-+static int should_readahead_neighbor(znode * node, ra_info_t * info)
-+{
-+ int result;
-+
-+ read_lock_dk(znode_get_tree(node));
-+ result = keyle(znode_get_rd_key(node), &info->key_to_stop);
-+ read_unlock_dk(znode_get_tree(node));
-+ return result;
-+}
-+
-+#define LOW_MEM_PERCENTAGE (5)
-+
-+static int low_on_memory(void)
-+{
-+ unsigned int freepages;
-+
-+ freepages = nr_free_pages();
-+ return freepages < (totalram_pages * LOW_MEM_PERCENTAGE / 100);
-+}
-+
-+/* start read for @node and for a few of its right neighbors */
-+void formatted_readahead(znode * node, ra_info_t * info)
-+{
-+ ra_params_t *ra_params;
-+ znode *cur;
-+ int i;
-+ int grn_flags;
-+ lock_handle next_lh;
-+
-+ /* do nothing if node block number has not been assigned to node (which means it is still in cache). */
-+ if (blocknr_is_fake(znode_get_block(node)))
-+ return;
-+
-+ ra_params = get_current_super_ra_params();
-+
-+ if (znode_page(node) == NULL)
-+ jstartio(ZJNODE(node));
-+
-+ if (znode_get_level(node) != LEAF_LEVEL)
-+ return;
-+
-+ /* don't waste memory for read-ahead when low on memory */
-+ if (low_on_memory())
-+ return;
-+
-+ /* We can have locked nodes on upper tree levels, in this situation lock
-+ priorities do not help to resolve deadlocks, we have to use TRY_LOCK
-+ here. */
-+ grn_flags = (GN_CAN_USE_UPPER_LEVELS | GN_TRY_LOCK);
-+
-+ i = 0;
-+ cur = zref(node);
-+ init_lh(&next_lh);
-+ while (i < ra_params->max) {
-+ const reiser4_block_nr *nextblk;
-+
-+ if (!should_readahead_neighbor(cur, info))
-+ break;
-+
-+ if (reiser4_get_right_neighbor
-+ (&next_lh, cur, ZNODE_READ_LOCK, grn_flags))
-+ break;
-+
-+ nextblk = znode_get_block(next_lh.node);
-+ if (blocknr_is_fake(nextblk) ||
-+ (ra_adjacent_only(ra_params->flags)
-+ && *nextblk != *znode_get_block(cur) + 1)) {
-+ break;
-+ }
-+
-+ zput(cur);
-+ cur = zref(next_lh.node);
-+ done_lh(&next_lh);
-+ if (znode_page(cur) == NULL)
-+ jstartio(ZJNODE(cur));
-+ else
-+ /* Do not scan read-ahead window if pages already
-+ * allocated (and i/o already started). */
-+ break;
-+
-+ i++;
-+ }
-+ zput(cur);
-+ done_lh(&next_lh);
-+}
-+
-+void reiser4_readdir_readahead_init(struct inode *dir, tap_t * tap)
-+{
-+ reiser4_key *stop_key;
-+
-+ assert("nikita-3542", dir != NULL);
-+ assert("nikita-3543", tap != NULL);
-+
-+ stop_key = &tap->ra_info.key_to_stop;
-+ /* initialize readdir readahead information: include into readahead
-+ * stat data of all files of the directory */
-+ set_key_locality(stop_key, get_inode_oid(dir));
-+ set_key_type(stop_key, KEY_SD_MINOR);
-+ set_key_ordering(stop_key, get_key_ordering(max_key()));
-+ set_key_objectid(stop_key, get_key_objectid(max_key()));
-+ set_key_offset(stop_key, get_key_offset(max_key()));
-+}
-+
-+/*
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 80
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/readahead.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/readahead.h
-@@ -0,0 +1,48 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+#ifndef __READAHEAD_H__
-+#define __READAHEAD_H__
-+
-+#include "key.h"
-+
-+typedef enum {
-+ RA_ADJACENT_ONLY = 1, /* only requests nodes which are adjacent. Default is NO (not only adjacent) */
-+} ra_global_flags;
-+
-+/* reiser4 super block has a field of this type. It controls readahead during tree traversals */
-+typedef struct formatted_read_ahead_params {
-+ unsigned long max; /* request not more than this amount of nodes. Default is totalram_pages / 4 */
-+ int flags;
-+} ra_params_t;
-+
-+typedef struct {
-+ reiser4_key key_to_stop;
-+} ra_info_t;
-+
-+void formatted_readahead(znode *, ra_info_t *);
-+void init_ra_info(ra_info_t * rai);
-+
-+struct reiser4_file_ra_state {
-+ loff_t start; /* Current window */
-+ loff_t size;
-+ loff_t next_size; /* Next window size */
-+ loff_t ahead_start; /* Ahead window */
-+ loff_t ahead_size;
-+ loff_t max_window_size; /* Maximum readahead window */
-+ loff_t slow_start; /* enlarging r/a size algorithm. */
-+};
-+
-+extern void reiser4_readdir_readahead_init(struct inode *dir, tap_t * tap);
-+
-+/* __READAHEAD_H__ */
-+#endif
-+
-+/*
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/reiser4.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/reiser4.h
-@@ -0,0 +1,276 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* definitions of common constants used by reiser4 */
-+
-+#if !defined( __REISER4_H__ )
-+#define __REISER4_H__
-+
-+#include <linux/config.h>
-+#include <asm/param.h> /* for HZ */
-+#include <linux/errno.h>
-+#include <linux/types.h>
-+#include <linux/fs.h>
-+#include <asm/hardirq.h>
-+#include <linux/sched.h>
-+
-+/*
-+ * reiser4 compilation options.
-+ */
-+
-+#if defined(CONFIG_REISER4_DEBUG)
-+/* turn on assertion checks */
-+#define REISER4_DEBUG (1)
-+#else
-+#define REISER4_DEBUG (0)
-+#endif
-+
-+#if defined(CONFIG_ZLIB_INFLATE)
-+/* turn on zlib */
-+#define REISER4_ZLIB (1)
-+#else
-+#define REISER4_ZLIB (0)
-+#endif
-+
-+#if defined(CONFIG_CRYPTO_SHA256)
-+#define REISER4_SHA256 (1)
-+#else
-+#define REISER4_SHA256 (0)
-+#endif
-+
-+#if defined(CONFIG_CRYPTO_AES_586)
-+#define REISER4_AES (1)
-+#else
-+#define REISER4_AES (0)
-+#endif
-+
-+/*
-+ * Turn on large keys mode. In his mode (which is default), reiser4 key has 4
-+ * 8-byte components. In the old "small key" mode, it's 3 8-byte
-+ * components. Additional component, referred to as "ordering" is used to
-+ * order items from which given object is composed of. As such, ordering is
-+ * placed between locality and objectid. For directory item ordering contains
-+ * initial prefix of the file name this item is for. This sorts all directory
-+ * items within given directory lexicographically (but see
-+ * fibration.[ch]). For file body and stat-data, ordering contains initial
-+ * prefix of the name file was initially created with. In the common case
-+ * (files with single name) this allows to order file bodies and stat-datas in
-+ * the same order as their respective directory entries, thus speeding up
-+ * readdir.
-+ *
-+ * Note, that kernel can only mount file system with the same key size as one
-+ * it is compiled for, so flipping this option may render your data
-+ * inaccessible.
-+ */
-+#define REISER4_LARGE_KEY (1)
-+/*#define REISER4_LARGE_KEY (0)*/
-+
-+/*#define GUESS_EXISTS 1*/
-+
-+/*
-+ * PLEASE update fs/reiser4/kattr.c:show_options() when adding new compilation
-+ * option
-+ */
-+
-+extern const char *REISER4_SUPER_MAGIC_STRING;
-+extern const int REISER4_MAGIC_OFFSET; /* offset to magic string from the
-+ * beginning of device */
-+
-+/* here go tunable parameters that are not worth special entry in kernel
-+ configuration */
-+
-+/* default number of slots in coord-by-key caches */
-+#define CBK_CACHE_SLOTS (16)
-+/* how many elementary tree operation to carry on the next level */
-+#define CARRIES_POOL_SIZE (5)
-+/* size of pool of preallocated nodes for carry process. */
-+#define NODES_LOCKED_POOL_SIZE (5)
-+
-+#define REISER4_NEW_NODE_FLAGS (COPI_LOAD_LEFT | COPI_LOAD_RIGHT | COPI_GO_LEFT)
-+#define REISER4_NEW_EXTENT_FLAGS (COPI_LOAD_LEFT | COPI_LOAD_RIGHT | COPI_GO_LEFT)
-+#define REISER4_PASTE_FLAGS (COPI_GO_LEFT)
-+#define REISER4_INSERT_FLAGS (COPI_GO_LEFT)
-+
-+/* we are supporting reservation of disk space on uid basis */
-+#define REISER4_SUPPORT_UID_SPACE_RESERVATION (0)
-+/* we are supporting reservation of disk space for groups */
-+#define REISER4_SUPPORT_GID_SPACE_RESERVATION (0)
-+/* we are supporting reservation of disk space for root */
-+#define REISER4_SUPPORT_ROOT_SPACE_RESERVATION (0)
-+/* we use rapid flush mode, see flush.c for comments. */
-+#define REISER4_USE_RAPID_FLUSH (1)
-+
-+/*
-+ * set this to 0 if you don't want to use wait-for-flush in ->writepage().
-+ */
-+#define REISER4_USE_ENTD (1)
-+
-+/* key allocation is Plan-A */
-+#define REISER4_PLANA_KEY_ALLOCATION (1)
-+/* key allocation follows good old 3.x scheme */
-+#define REISER4_3_5_KEY_ALLOCATION (0)
-+
-+/* size of hash-table for znodes */
-+#define REISER4_ZNODE_HASH_TABLE_SIZE (1 << 13)
-+
-+/* number of buckets in lnode hash-table */
-+#define LNODE_HTABLE_BUCKETS (1024)
-+
-+/* some ridiculously high maximal limit on height of znode tree. This
-+ is used in declaration of various per level arrays and
-+ to allocate stattistics gathering array for per-level stats. */
-+#define REISER4_MAX_ZTREE_HEIGHT (8)
-+
-+#define REISER4_PANIC_MSG_BUFFER_SIZE (1024)
-+
-+/* If array contains less than REISER4_SEQ_SEARCH_BREAK elements then,
-+ sequential search is on average faster than binary. This is because
-+ of better optimization and because sequential search is more CPU
-+ cache friendly. This number (25) was found by experiments on dual AMD
-+ Athlon(tm), 1400MHz.
-+
-+ NOTE: testing in kernel has shown that binary search is more effective than
-+ implied by results of the user level benchmarking. Probably because in the
-+ node keys are separated by other data. So value was adjusted after few
-+ tests. More thorough tuning is needed.
-+*/
-+#define REISER4_SEQ_SEARCH_BREAK (3)
-+
-+/* don't allow tree to be lower than this */
-+#define REISER4_MIN_TREE_HEIGHT (TWIG_LEVEL)
-+
-+/* NOTE NIKITA this is no longer used: maximal atom size is auto-adjusted to
-+ * available memory. */
-+/* Default value of maximal atom size. Can be ovewritten by
-+ tmgr.atom_max_size mount option. By default infinity. */
-+#define REISER4_ATOM_MAX_SIZE ((unsigned)(~0))
-+
-+/* Default value of maximal atom age (in jiffies). After reaching this age
-+ atom will be forced to commit, either synchronously or asynchronously. Can
-+ be overwritten by tmgr.atom_max_age mount option. */
-+#define REISER4_ATOM_MAX_AGE (600 * HZ)
-+
-+/* sleeping period for ktxnmrgd */
-+#define REISER4_TXNMGR_TIMEOUT (5 * HZ)
-+
-+/* timeout to wait for ent thread in writepage. Default: 3 milliseconds. */
-+#define REISER4_ENTD_TIMEOUT (3 * HZ / 1000)
-+
-+/* start complaining after that many restarts in coord_by_key().
-+
-+ This either means incredibly heavy contention for this part of a tree, or
-+ some corruption or bug.
-+*/
-+#define REISER4_CBK_ITERATIONS_LIMIT (100)
-+
-+/* return -EIO after that many iterations in coord_by_key().
-+
-+ I have witnessed more than 800 iterations (in 30 thread test) before cbk
-+ finished. --nikita
-+*/
-+#define REISER4_MAX_CBK_ITERATIONS 500000
-+
-+/* put a per-inode limit on maximal number of directory entries with identical
-+ keys in hashed directory.
-+
-+ Disable this until inheritance interfaces stabilize: we need some way to
-+ set per directory limit.
-+*/
-+#define REISER4_USE_COLLISION_LIMIT (0)
-+
-+/* If flush finds more than FLUSH_RELOCATE_THRESHOLD adjacent dirty leaf-level blocks it
-+ will force them to be relocated. */
-+#define FLUSH_RELOCATE_THRESHOLD 64
-+/* If flush finds can find a block allocation closer than at most FLUSH_RELOCATE_DISTANCE
-+ from the preceder it will relocate to that position. */
-+#define FLUSH_RELOCATE_DISTANCE 64
-+
-+/* If we have written this much or more blocks before encountering busy jnode
-+ in flush list - abort flushing hoping that next time we get called
-+ this jnode will be clean already, and we will save some seeks. */
-+#define FLUSH_WRITTEN_THRESHOLD 50
-+
-+/* The maximum number of nodes to scan left on a level during flush. */
-+#define FLUSH_SCAN_MAXNODES 10000
-+
-+/* per-atom limit of flushers */
-+#define ATOM_MAX_FLUSHERS (1)
-+
-+/* default tracing buffer size */
-+#define REISER4_TRACE_BUF_SIZE (1 << 15)
-+
-+/* what size units of IO we would like cp, etc., to use, in writing to
-+ reiser4. In bytes.
-+
-+ Can be overwritten by optimal_io_size mount option.
-+*/
-+#define REISER4_OPTIMAL_IO_SIZE (64 * 1024)
-+
-+/* see comments in inode.c:oid_to_uino() */
-+#define REISER4_UINO_SHIFT (1 << 30)
-+
-+/* Mark function argument as unused to avoid compiler warnings. */
-+#define UNUSED_ARG __attribute__((unused))
-+
-+#if ((__GNUC__ == 3) && (__GNUC_MINOR__ >= 3)) || (__GNUC__ > 3)
-+#define NONNULL __attribute__((nonnull))
-+#else
-+#define NONNULL
-+#endif
-+
-+/* master super block offset in bytes.*/
-+#define REISER4_MASTER_OFFSET 65536
-+
-+/* size of VFS block */
-+#define VFS_BLKSIZE 512
-+/* number of bits in size of VFS block (512==2^9) */
-+#define VFS_BLKSIZE_BITS 9
-+
-+#define REISER4_I reiser4_inode_data
-+
-+/* implication */
-+#define ergo( antecedent, consequent ) ( !( antecedent ) || ( consequent ) )
-+/* logical equivalence */
-+#define equi( p1, p2 ) ( ergo( ( p1 ), ( p2 ) ) && ergo( ( p2 ), ( p1 ) ) )
-+
-+#define sizeof_array(x) ((int) (sizeof(x) / sizeof(x[0])))
-+
-+#define NOT_YET (0)
-+
-+/** Reiser4 specific error codes **/
-+
-+#define REISER4_ERROR_CODE_BASE 500
-+
-+/* Neighbor is not available (side neighbor or parent) */
-+#define E_NO_NEIGHBOR (REISER4_ERROR_CODE_BASE)
-+
-+/* Node was not found in cache */
-+#define E_NOT_IN_CACHE (REISER4_ERROR_CODE_BASE + 1)
-+
-+/* node has no free space enough for completion of balancing operation */
-+#define E_NODE_FULL (REISER4_ERROR_CODE_BASE + 2)
-+
-+/* repeat operation */
-+#define E_REPEAT (REISER4_ERROR_CODE_BASE + 3)
-+
-+/* deadlock happens */
-+#define E_DEADLOCK (REISER4_ERROR_CODE_BASE + 4)
-+
-+/* operation cannot be performed, because it would block and non-blocking mode
-+ * was requested. */
-+#define E_BLOCK (REISER4_ERROR_CODE_BASE + 5)
-+
-+/* wait some event (depends on context), then repeat */
-+#define E_WAIT (REISER4_ERROR_CODE_BASE + 6)
-+
-+#endif /* __REISER4_H__ */
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/safe_link.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/safe_link.c
-@@ -0,0 +1,351 @@
-+/* Copyright 2003, 2004 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* Safe-links. */
-+
-+/*
-+ * Safe-links are used to maintain file system consistency during operations
-+ * that spawns multiple transactions. For example:
-+ *
-+ * 1. Unlink. UNIX supports "open-but-unlinked" files, that is files
-+ * without user-visible names in the file system, but still opened by some
-+ * active process. What happens here is that unlink proper (i.e., removal
-+ * of the last file name) and file deletion (truncate of file body to zero
-+ * and deletion of stat-data, that happens when last file descriptor is
-+ * closed), may belong to different transactions T1 and T2. If a crash
-+ * happens after T1 commit, but before T2 commit, on-disk file system has
-+ * a file without name, that is, disk space leak.
-+ *
-+ * 2. Truncate. Truncate of large file may spawn multiple transactions. If
-+ * system crashes while truncate was in-progress, file is left partially
-+ * truncated, which violates "atomicity guarantees" of reiser4, viz. that
-+ * every system is atomic.
-+ *
-+ * Safe-links address both above cases. Basically, safe-link is a way post
-+ * some operation to be executed during commit of some other transaction than
-+ * current one. (Another way to look at the safe-link is to interpret it as a
-+ * logical logging.)
-+ *
-+ * Specifically, at the beginning of unlink safe-link in inserted in the
-+ * tree. This safe-link is normally removed by file deletion code (during
-+ * transaction T2 in the above terms). Truncate also inserts safe-link that is
-+ * normally removed when truncate operation is finished.
-+ *
-+ * This means, that in the case of "clean umount" there are no safe-links in
-+ * the tree. If safe-links are observed during mount, it means that (a) system
-+ * was terminated abnormally, and (b) safe-link correspond to the "pending"
-+ * (i.e., not finished) operations that were in-progress during system
-+ * termination. Each safe-link record enough information to complete
-+ * corresponding operation, and mount simply "replays" them (hence, the
-+ * analogy with the logical logging).
-+ *
-+ * Safe-links are implemented as blackbox items (see
-+ * plugin/item/blackbox.[ch]).
-+ *
-+ * For the reference: ext3 also has similar mechanism, it's called "an orphan
-+ * list" there.
-+ */
-+
-+#include "safe_link.h"
-+#include "debug.h"
-+#include "inode.h"
-+
-+#include "plugin/item/blackbox.h"
-+
-+#include <linux/fs.h>
-+
-+/*
-+ * On-disk format of safe-link.
-+ */
-+typedef struct safelink {
-+ reiser4_key sdkey; /* key of stat-data for the file safe-link is
-+ * for */
-+ d64 size; /* size to which file should be truncated */
-+} safelink_t;
-+
-+/*
-+ * locality where safe-link items are stored. Next to the objectid of root
-+ * directory.
-+ */
-+static oid_t safe_link_locality(reiser4_tree * tree)
-+{
-+ return get_key_objectid(get_super_private(tree->super)->df_plug->
-+ root_dir_key(tree->super)) + 1;
-+}
-+
-+/*
-+ Construct a key for the safe-link. Key has the following format:
-+
-+| 60 | 4 | 64 | 4 | 60 | 64 |
-++---------------+---+------------------+---+---------------+------------------+
-+| locality | 0 | 0 | 0 | objectid | link type |
-++---------------+---+------------------+---+---------------+------------------+
-+| | | | |
-+| 8 bytes | 8 bytes | 8 bytes | 8 bytes |
-+
-+ This is in large keys format. In small keys format second 8 byte chunk is
-+ out. Locality is a constant returned by safe_link_locality(). objectid is
-+ an oid of a file on which operation protected by this safe-link is
-+ performed. link-type is used to distinguish safe-links for different
-+ operations.
-+
-+ */
-+static reiser4_key *build_link_key(reiser4_tree * tree, oid_t oid,
-+ reiser4_safe_link_t link, reiser4_key * key)
-+{
-+ reiser4_key_init(key);
-+ set_key_locality(key, safe_link_locality(tree));
-+ set_key_objectid(key, oid);
-+ set_key_offset(key, link);
-+ return key;
-+}
-+
-+/*
-+ * how much disk space is necessary to insert and remove (in the
-+ * error-handling path) safe-link.
-+ */
-+static __u64 safe_link_tograb(reiser4_tree * tree)
-+{
-+ return
-+ /* insert safe link */
-+ estimate_one_insert_item(tree) +
-+ /* remove safe link */
-+ estimate_one_item_removal(tree) +
-+ /* drill to the leaf level during insertion */
-+ 1 + estimate_one_insert_item(tree) +
-+ /*
-+ * possible update of existing safe-link. Actually, if
-+ * safe-link existed already (we failed to remove it), then no
-+ * insertion is necessary, so this term is already "covered",
-+ * but for simplicity let's left it.
-+ */
-+ 1;
-+}
-+
-+/*
-+ * grab enough disk space to insert and remove (in the error-handling path)
-+ * safe-link.
-+ */
-+int safe_link_grab(reiser4_tree * tree, reiser4_ba_flags_t flags)
-+{
-+ int result;
-+
-+ grab_space_enable();
-+ /* The sbinfo->delete semaphore can be taken here.
-+ * safe_link_release() should be called before leaving reiser4
-+ * context. */
-+ result =
-+ reiser4_grab_reserved(tree->super, safe_link_tograb(tree), flags);
-+ grab_space_enable();
-+ return result;
-+}
-+
-+/*
-+ * release unused disk space reserved by safe_link_grab().
-+ */
-+void safe_link_release(reiser4_tree * tree)
-+{
-+ reiser4_release_reserved(tree->super);
-+}
-+
-+/*
-+ * insert into tree safe-link for operation @link on inode @inode.
-+ */
-+int safe_link_add(struct inode *inode, reiser4_safe_link_t link)
-+{
-+ reiser4_key key;
-+ safelink_t sl;
-+ int length;
-+ int result;
-+ reiser4_tree *tree;
-+
-+ build_sd_key(inode, &sl.sdkey);
-+ length = sizeof sl.sdkey;
-+
-+ if (link == SAFE_TRUNCATE) {
-+ /*
-+ * for truncate we have to store final file length also,
-+ * expand item.
-+ */
-+ length += sizeof(sl.size);
-+ put_unaligned(cpu_to_le64(inode->i_size), &sl.size);
-+ }
-+ tree = tree_by_inode(inode);
-+ build_link_key(tree, get_inode_oid(inode), link, &key);
-+
-+ result = store_black_box(tree, &key, &sl, length);
-+ if (result == -EEXIST)
-+ result = update_black_box(tree, &key, &sl, length);
-+ return result;
-+}
-+
-+/*
-+ * remove safe-link corresponding to the operation @link on inode @inode from
-+ * the tree.
-+ */
-+int safe_link_del(reiser4_tree * tree, oid_t oid, reiser4_safe_link_t link)
-+{
-+ reiser4_key key;
-+
-+ return kill_black_box(tree, build_link_key(tree, oid, link, &key));
-+}
-+
-+/*
-+ * in-memory structure to keep information extracted from safe-link. This is
-+ * used to iterate over all safe-links.
-+ */
-+typedef struct {
-+ reiser4_tree *tree; /* internal tree */
-+ reiser4_key key; /* safe-link key */
-+ reiser4_key sdkey; /* key of object stat-data */
-+ reiser4_safe_link_t link; /* safe-link type */
-+ oid_t oid; /* object oid */
-+ __u64 size; /* final size for truncate */
-+} safe_link_context;
-+
-+/*
-+ * start iterating over all safe-links.
-+ */
-+static void safe_link_iter_begin(reiser4_tree * tree, safe_link_context * ctx)
-+{
-+ ctx->tree = tree;
-+ reiser4_key_init(&ctx->key);
-+ set_key_locality(&ctx->key, safe_link_locality(tree));
-+ set_key_objectid(&ctx->key, get_key_objectid(max_key()));
-+ set_key_offset(&ctx->key, get_key_offset(max_key()));
-+}
-+
-+/*
-+ * return next safe-link.
-+ */
-+static int safe_link_iter_next(safe_link_context * ctx)
-+{
-+ int result;
-+ safelink_t sl;
-+
-+ result = load_black_box(ctx->tree, &ctx->key, &sl, sizeof sl, 0);
-+ if (result == 0) {
-+ ctx->oid = get_key_objectid(&ctx->key);
-+ ctx->link = get_key_offset(&ctx->key);
-+ ctx->sdkey = sl.sdkey;
-+ if (ctx->link == SAFE_TRUNCATE)
-+ ctx->size = le64_to_cpu(get_unaligned(&sl.size));
-+ }
-+ return result;
-+}
-+
-+/*
-+ * check are there any more safe-links left in the tree.
-+ */
-+static int safe_link_iter_finished(safe_link_context * ctx)
-+{
-+ return get_key_locality(&ctx->key) != safe_link_locality(ctx->tree);
-+}
-+
-+/*
-+ * finish safe-link iteration.
-+ */
-+static void safe_link_iter_end(safe_link_context * ctx)
-+{
-+ /* nothing special */
-+}
-+
-+/*
-+ * process single safe-link.
-+ */
-+static int process_safelink(struct super_block *super, reiser4_safe_link_t link,
-+ reiser4_key * sdkey, oid_t oid, __u64 size)
-+{
-+ struct inode *inode;
-+ int result;
-+
-+ /*
-+ * obtain object inode by reiser4_iget(), then call object plugin
-+ * ->safelink() method to do actual work, then delete safe-link on
-+ * success.
-+ */
-+ inode = reiser4_iget(super, sdkey, 1);
-+ if (!IS_ERR(inode)) {
-+ file_plugin *fplug;
-+
-+ fplug = inode_file_plugin(inode);
-+ assert("nikita-3428", fplug != NULL);
-+ assert("", oid == get_inode_oid(inode));
-+ if (fplug->safelink != NULL) {
-+ /* txn_restart_current is not necessary because
-+ * mounting is signle thread. However, without it
-+ * deadlock detection code will complain (see
-+ * nikita-3361). */
-+ txn_restart_current();
-+ result = fplug->safelink(inode, link, size);
-+ } else {
-+ warning("nikita-3430",
-+ "Cannot handle safelink for %lli",
-+ (unsigned long long)oid);
-+ print_key("key", sdkey);
-+ result = 0;
-+ }
-+ if (result != 0) {
-+ warning("nikita-3431",
-+ "Error processing safelink for %lli: %i",
-+ (unsigned long long)oid, result);
-+ }
-+ reiser4_iget_complete(inode);
-+ iput(inode);
-+ if (result == 0) {
-+ result = safe_link_grab(get_tree(super), BA_CAN_COMMIT);
-+ if (result == 0)
-+ result =
-+ safe_link_del(get_tree(super), oid, link);
-+ safe_link_release(get_tree(super));
-+ /*
-+ * restart transaction: if there was large number of
-+ * safe-links, their processing may fail to fit into
-+ * single transaction.
-+ */
-+ if (result == 0)
-+ txn_restart_current();
-+ }
-+ } else
-+ result = PTR_ERR(inode);
-+ return result;
-+}
-+
-+/*
-+ * iterate over all safe-links in the file-system processing them one by one.
-+ */
-+int process_safelinks(struct super_block *super)
-+{
-+ safe_link_context ctx;
-+ int result;
-+
-+ if (rofs_super(super))
-+ /* do nothing on the read-only file system */
-+ return 0;
-+ safe_link_iter_begin(&get_super_private(super)->tree, &ctx);
-+ result = 0;
-+ do {
-+ result = safe_link_iter_next(&ctx);
-+ if (safe_link_iter_finished(&ctx) || result == -ENOENT) {
-+ result = 0;
-+ break;
-+ }
-+ if (result == 0)
-+ result = process_safelink(super, ctx.link,
-+ &ctx.sdkey, ctx.oid,
-+ ctx.size);
-+ } while (result == 0);
-+ safe_link_iter_end(&ctx);
-+ return result;
-+}
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/safe_link.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/safe_link.h
-@@ -0,0 +1,29 @@
-+/* Copyright 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* Safe-links. See safe_link.c for details. */
-+
-+#if !defined( __FS_SAFE_LINK_H__ )
-+#define __FS_SAFE_LINK_H__
-+
-+#include "tree.h"
-+
-+int safe_link_grab(reiser4_tree * tree, reiser4_ba_flags_t flags);
-+void safe_link_release(reiser4_tree * tree);
-+int safe_link_add(struct inode *inode, reiser4_safe_link_t link);
-+int safe_link_del(reiser4_tree *, oid_t oid, reiser4_safe_link_t link);
-+
-+int process_safelinks(struct super_block *super);
-+
-+/* __FS_SAFE_LINK_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/seal.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/seal.c
-@@ -0,0 +1,217 @@
-+/* Copyright 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+/* Seals implementation. */
-+/* Seals are "weak" tree pointers. They are analogous to tree coords in
-+ allowing to bypass tree traversal. But normal usage of coords implies that
-+ node pointed to by coord is locked, whereas seals don't keep a lock (or
-+ even a reference) to znode. In stead, each znode contains a version number,
-+ increased on each znode modification. This version number is copied into a
-+ seal when seal is created. Later, one can "validate" seal by calling
-+ seal_validate(). If znode is in cache and its version number is still the
-+ same, seal is "pristine" and coord associated with it can be re-used
-+ immediately.
-+
-+ If, on the other hand, znode is out of cache, or it is obviously different
-+ one from the znode seal was initially attached to (for example, it is on
-+ the different level, or is being removed from the tree), seal is
-+ irreparably invalid ("burned") and tree traversal has to be repeated.
-+
-+ Otherwise, there is some hope, that while znode was modified (and seal was
-+ "broken" as a result), key attached to the seal is still in the node. This
-+ is checked by first comparing this key with delimiting keys of node and, if
-+ key is ok, doing intra-node lookup.
-+
-+ Znode version is maintained in the following way:
-+
-+ there is reiser4_tree.znode_epoch counter. Whenever new znode is created,
-+ znode_epoch is incremented and its new value is stored in ->version field
-+ of new znode. Whenever znode is dirtied (which means it was probably
-+ modified), znode_epoch is also incremented and its new value is stored in
-+ znode->version. This is done so, because just incrementing znode->version
-+ on each update is not enough: it may so happen, that znode get deleted, new
-+ znode is allocated for the same disk block and gets the same version
-+ counter, tricking seal code into false positive.
-+*/
-+
-+#include "forward.h"
-+#include "debug.h"
-+#include "key.h"
-+#include "coord.h"
-+#include "seal.h"
-+#include "plugin/item/item.h"
-+#include "plugin/node/node.h"
-+#include "jnode.h"
-+#include "znode.h"
-+#include "super.h"
-+
-+static znode *seal_node(const seal_t * seal);
-+static int seal_matches(const seal_t * seal, znode * node);
-+
-+/* initialise seal. This can be called several times on the same seal. @coord
-+ and @key can be NULL. */
-+void seal_init(seal_t * seal /* seal to initialise */ ,
-+ const coord_t * coord /* coord @seal will be attached to */ ,
-+ const reiser4_key * key UNUSED_ARG /* key @seal will be
-+ * attached to */ )
-+{
-+ assert("nikita-1886", seal != NULL);
-+ memset(seal, 0, sizeof *seal);
-+ if (coord != NULL) {
-+ znode *node;
-+
-+ node = coord->node;
-+ assert("nikita-1987", node != NULL);
-+ spin_lock_znode(node);
-+ seal->version = node->version;
-+ assert("nikita-1988", seal->version != 0);
-+ seal->block = *znode_get_block(node);
-+#if REISER4_DEBUG
-+ seal->coord1 = *coord;
-+ if (key != NULL)
-+ seal->key = *key;
-+#endif
-+ spin_unlock_znode(node);
-+ }
-+}
-+
-+/* finish with seal */
-+void seal_done(seal_t * seal /* seal to clear */ )
-+{
-+ assert("nikita-1887", seal != NULL);
-+ seal->version = 0;
-+}
-+
-+/* true if seal was initialised */
-+int seal_is_set(const seal_t * seal /* seal to query */ )
-+{
-+ assert("nikita-1890", seal != NULL);
-+ return seal->version != 0;
-+}
-+
-+#if REISER4_DEBUG
-+/* helper function for seal_validate(). It checks that item at @coord has
-+ * expected key. This is to detect cases where node was modified but wasn't
-+ * marked dirty. */
-+static inline int check_seal_match(const coord_t * coord /* coord to check */ ,
-+ const reiser4_key * k /* expected key */ )
-+{
-+ reiser4_key ukey;
-+
-+ return (coord->between != AT_UNIT) ||
-+ /* FIXME-VS: we only can compare keys for items whose units
-+ represent exactly one key */
-+ ((coord_is_existing_unit(coord))
-+ && (item_is_extent(coord)
-+ || keyeq(k, unit_key_by_coord(coord, &ukey))))
-+ || ((coord_is_existing_unit(coord)) && (item_is_ctail(coord))
-+ && keyge(k, unit_key_by_coord(coord, &ukey)));
-+}
-+#endif
-+
-+/* this is used by seal_validate. It accepts return value of
-+ * longterm_lock_znode and returns 1 if it can be interpreted as seal
-+ * validation failure. For instance, when longterm_lock_znode returns -EINVAL,
-+ * seal_validate returns -E_REPEAT and caller will call tre search. We cannot
-+ * do this in longterm_lock_znode(), because sometimes we want to distinguish
-+ * between -EINVAL and -E_REPEAT. */
-+static int should_repeat(int return_code)
-+{
-+ return return_code == -EINVAL;
-+}
-+
-+/* (re-)validate seal.
-+
-+ Checks whether seal is pristine, and try to revalidate it if possible.
-+
-+ If seal was burned, or broken irreparably, return -E_REPEAT.
-+
-+ NOTE-NIKITA currently seal_validate() returns -E_REPEAT if key we are
-+ looking for is in range of keys covered by the sealed node, but item wasn't
-+ found by node ->lookup() method. Alternative is to return -ENOENT in this
-+ case, but this would complicate callers logic.
-+
-+*/
-+int seal_validate(seal_t * seal /* seal to validate */ ,
-+ coord_t * coord /* coord to validate against */ ,
-+ const reiser4_key * key /* key to validate against */ ,
-+ lock_handle * lh /* resulting lock handle */ ,
-+ znode_lock_mode mode /* lock node */ ,
-+ znode_lock_request request /* locking priority */ )
-+{
-+ znode *node;
-+ int result;
-+
-+ assert("nikita-1889", seal != NULL);
-+ assert("nikita-1881", seal_is_set(seal));
-+ assert("nikita-1882", key != NULL);
-+ assert("nikita-1883", coord != NULL);
-+ assert("nikita-1884", lh != NULL);
-+ assert("nikita-1885", keyeq(&seal->key, key));
-+ assert("nikita-1989", coords_equal(&seal->coord1, coord));
-+
-+ /* obtain znode by block number */
-+ node = seal_node(seal);
-+ if (node != NULL) {
-+ /* znode was in cache, lock it */
-+ result = longterm_lock_znode(lh, node, mode, request);
-+ zput(node);
-+ if (result == 0) {
-+ if (seal_matches(seal, node)) {
-+ /* if seal version and znode version
-+ coincide */
-+ ON_DEBUG(coord_update_v(coord));
-+ assert("nikita-1990",
-+ node == seal->coord1.node);
-+ assert("nikita-1898",
-+ WITH_DATA_RET(coord->node, 1,
-+ check_seal_match(coord,
-+ key)));
-+ } else
-+ result = RETERR(-E_REPEAT);
-+ }
-+ if (result != 0) {
-+ if (should_repeat(result))
-+ result = RETERR(-E_REPEAT);
-+ /* unlock node on failure */
-+ done_lh(lh);
-+ }
-+ } else {
-+ /* znode wasn't in cache */
-+ result = RETERR(-E_REPEAT);
-+ }
-+ return result;
-+}
-+
-+/* helpers functions */
-+
-+/* obtain reference to znode seal points to, if in cache */
-+static znode *seal_node(const seal_t * seal /* seal to query */ )
-+{
-+ assert("nikita-1891", seal != NULL);
-+ return zlook(current_tree, &seal->block);
-+}
-+
-+/* true if @seal version and @node version coincide */
-+static int seal_matches(const seal_t * seal /* seal to check */ ,
-+ znode * node /* node to check */ )
-+{
-+ int result;
-+
-+ assert("nikita-1991", seal != NULL);
-+ assert("nikita-1993", node != NULL);
-+
-+ spin_lock_znode(node);
-+ result = (seal->version == node->version);
-+ spin_unlock_znode(node);
-+ return result;
-+}
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/seal.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/seal.h
-@@ -0,0 +1,49 @@
-+/* Copyright 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* Declaration of seals: "weak" tree pointers. See seal.c for comments. */
-+
-+#ifndef __SEAL_H__
-+#define __SEAL_H__
-+
-+#include "forward.h"
-+#include "debug.h"
-+#include "dformat.h"
-+#include "key.h"
-+#include "coord.h"
-+
-+/* for __u?? types */
-+/*#include <linux/types.h>*/
-+
-+/* seal. See comment at the top of seal.c */
-+typedef struct seal_s {
-+ /* version of znode recorder at the time of seal creation */
-+ __u64 version;
-+ /* block number of znode attached to this seal */
-+ reiser4_block_nr block;
-+#if REISER4_DEBUG
-+ /* coord this seal is attached to. For debugging. */
-+ coord_t coord1;
-+ /* key this seal is attached to. For debugging. */
-+ reiser4_key key;
-+#endif
-+} seal_t;
-+
-+extern void seal_init(seal_t *, const coord_t *, const reiser4_key *);
-+extern void seal_done(seal_t *);
-+extern int seal_is_set(const seal_t *);
-+extern int seal_validate(seal_t *, coord_t *,
-+ const reiser4_key *, lock_handle *,
-+ znode_lock_mode mode, znode_lock_request request);
-+
-+/* __SEAL_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/search.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/search.c
-@@ -0,0 +1,1611 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+#include "forward.h"
-+#include "debug.h"
-+#include "dformat.h"
-+#include "key.h"
-+#include "coord.h"
-+#include "seal.h"
-+#include "plugin/item/item.h"
-+#include "plugin/node/node.h"
-+#include "plugin/plugin.h"
-+#include "jnode.h"
-+#include "znode.h"
-+#include "block_alloc.h"
-+#include "tree_walk.h"
-+#include "tree.h"
-+#include "reiser4.h"
-+#include "super.h"
-+#include "inode.h"
-+
-+#include <linux/slab.h>
-+
-+static const char *bias_name(lookup_bias bias);
-+
-+/* tree searching algorithm, intranode searching algorithms are in
-+ plugin/node/ */
-+
-+/* tree lookup cache
-+ *
-+ * The coord by key cache consists of small list of recently accessed nodes
-+ * maintained according to the LRU discipline. Before doing real top-to-down
-+ * tree traversal this cache is scanned for nodes that can contain key
-+ * requested.
-+ *
-+ * The efficiency of coord cache depends heavily on locality of reference for
-+ * tree accesses. Our user level simulations show reasonably good hit ratios
-+ * for coord cache under most loads so far.
-+ */
-+
-+/* Initialise coord cache slot */
-+static void cbk_cache_init_slot(cbk_cache_slot *slot)
-+{
-+ assert("nikita-345", slot != NULL);
-+
-+ INIT_LIST_HEAD(&slot->lru);
-+ slot->node = NULL;
-+}
-+
-+/* Initialize coord cache */
-+int cbk_cache_init(cbk_cache *cache /* cache to init */ )
-+{
-+ int i;
-+
-+ assert("nikita-346", cache != NULL);
-+
-+ cache->slot =
-+ kmalloc(sizeof(cbk_cache_slot) * cache->nr_slots, GFP_KERNEL);
-+ if (cache->slot == NULL)
-+ return RETERR(-ENOMEM);
-+
-+ INIT_LIST_HEAD(&cache->lru);
-+ for (i = 0; i < cache->nr_slots; ++i) {
-+ cbk_cache_init_slot(cache->slot + i);
-+ list_add_tail(&((cache->slot + i)->lru), &cache->lru);
-+ }
-+ rwlock_init(&cache->guard);
-+ return 0;
-+}
-+
-+/* free cbk cache data */
-+void cbk_cache_done(cbk_cache * cache /* cache to release */ )
-+{
-+ assert("nikita-2493", cache != NULL);
-+ if (cache->slot != NULL) {
-+ kfree(cache->slot);
-+ cache->slot = NULL;
-+ }
-+}
-+
-+/* macro to iterate over all cbk cache slots */
-+#define for_all_slots(cache, slot) \
-+ for ((slot) = list_entry((cache)->lru.next, cbk_cache_slot, lru); \
-+ &(cache)->lru != &(slot)->lru; \
-+ (slot) = list_entry(slot->lru.next, cbk_cache_slot, lru))
-+
-+
-+#if REISER4_DEBUG
-+/* this function assures that [cbk-cache-invariant] invariant holds */
-+static int cbk_cache_invariant(const cbk_cache *cache)
-+{
-+ cbk_cache_slot *slot;
-+ int result;
-+ int unused;
-+
-+ if (cache->nr_slots == 0)
-+ return 1;
-+
-+ assert("nikita-2469", cache != NULL);
-+ unused = 0;
-+ result = 1;
-+ read_lock(&((cbk_cache *)cache)->guard);
-+ for_all_slots(cache, slot) {
-+ /* in LRU first go all `used' slots followed by `unused' */
-+ if (unused && (slot->node != NULL))
-+ result = 0;
-+ if (slot->node == NULL)
-+ unused = 1;
-+ else {
-+ cbk_cache_slot *scan;
-+
-+ /* all cached nodes are different */
-+ scan = slot;
-+ while (result) {
-+ scan = list_entry(scan->lru.next, cbk_cache_slot, lru);
-+ if (&cache->lru == &scan->lru)
-+ break;
-+ if (slot->node == scan->node)
-+ result = 0;
-+ }
-+ }
-+ if (!result)
-+ break;
-+ }
-+ read_unlock(&((cbk_cache *)cache)->guard);
-+ return result;
-+}
-+
-+#endif
-+
-+/* Remove references, if any, to @node from coord cache */
-+void cbk_cache_invalidate(const znode * node /* node to remove from cache */ ,
-+ reiser4_tree * tree /* tree to remove node from */ )
-+{
-+ cbk_cache_slot *slot;
-+ cbk_cache *cache;
-+ int i;
-+
-+ assert("nikita-350", node != NULL);
-+ assert("nikita-1479", LOCK_CNT_GTZ(rw_locked_tree));
-+
-+ cache = &tree->cbk_cache;
-+ assert("nikita-2470", cbk_cache_invariant(cache));
-+
-+ write_lock(&(cache->guard));
-+ for (i = 0, slot = cache->slot; i < cache->nr_slots; ++i, ++slot) {
-+ if (slot->node == node) {
-+ list_move_tail(&slot->lru, &cache->lru);
-+ slot->node = NULL;
-+ break;
-+ }
-+ }
-+ write_unlock(&(cache->guard));
-+ assert("nikita-2471", cbk_cache_invariant(cache));
-+}
-+
-+/* add to the cbk-cache in the "tree" information about "node". This
-+ can actually be update of existing slot in a cache. */
-+static void cbk_cache_add(const znode *node /* node to add to the cache */ )
-+{
-+ cbk_cache *cache;
-+ cbk_cache_slot *slot;
-+ int i;
-+
-+ assert("nikita-352", node != NULL);
-+
-+ cache = &znode_get_tree(node)->cbk_cache;
-+ assert("nikita-2472", cbk_cache_invariant(cache));
-+
-+ if (cache->nr_slots == 0)
-+ return;
-+
-+ write_lock(&(cache->guard));
-+ /* find slot to update/add */
-+ for (i = 0, slot = cache->slot; i < cache->nr_slots; ++i, ++slot) {
-+ /* oops, this node is already in a cache */
-+ if (slot->node == node)
-+ break;
-+ }
-+ /* if all slots are used, reuse least recently used one */
-+ if (i == cache->nr_slots) {
-+ slot = list_entry(cache->lru.prev, cbk_cache_slot, lru);
-+ slot->node = (znode *) node;
-+ }
-+ list_move(&slot->lru, &cache->lru);
-+ write_unlock(&(cache->guard));
-+ assert("nikita-2473", cbk_cache_invariant(cache));
-+}
-+
-+static int setup_delimiting_keys(cbk_handle * h);
-+static lookup_result coord_by_handle(cbk_handle * handle);
-+static lookup_result traverse_tree(cbk_handle * h);
-+static int cbk_cache_search(cbk_handle * h);
-+
-+static level_lookup_result cbk_level_lookup(cbk_handle * h);
-+static level_lookup_result cbk_node_lookup(cbk_handle * h);
-+
-+/* helper functions */
-+
-+static void update_stale_dk(reiser4_tree * tree, znode * node);
-+
-+/* release parent node during traversal */
-+static void put_parent(cbk_handle * h);
-+/* check consistency of fields */
-+static int sanity_check(cbk_handle * h);
-+/* release resources in handle */
-+static void hput(cbk_handle * h);
-+
-+static level_lookup_result search_to_left(cbk_handle * h);
-+
-+/* pack numerous (numberous I should say) arguments of coord_by_key() into
-+ * cbk_handle */
-+static cbk_handle *cbk_pack(cbk_handle * handle,
-+ reiser4_tree * tree,
-+ const reiser4_key * key,
-+ coord_t * coord,
-+ lock_handle * active_lh,
-+ lock_handle * parent_lh,
-+ znode_lock_mode lock_mode,
-+ lookup_bias bias,
-+ tree_level lock_level,
-+ tree_level stop_level,
-+ __u32 flags, ra_info_t * info)
-+{
-+ memset(handle, 0, sizeof *handle);
-+
-+ handle->tree = tree;
-+ handle->key = key;
-+ handle->lock_mode = lock_mode;
-+ handle->bias = bias;
-+ handle->lock_level = lock_level;
-+ handle->stop_level = stop_level;
-+ handle->coord = coord;
-+ /* set flags. See comment in tree.h:cbk_flags */
-+ handle->flags = flags | CBK_TRUST_DK | CBK_USE_CRABLOCK;
-+
-+ handle->active_lh = active_lh;
-+ handle->parent_lh = parent_lh;
-+ handle->ra_info = info;
-+ return handle;
-+}
-+
-+/* main tree lookup procedure
-+
-+ Check coord cache. If key we are looking for is not found there, call cbk()
-+ to do real tree traversal.
-+
-+ As we have extents on the twig level, @lock_level and @stop_level can
-+ be different from LEAF_LEVEL and each other.
-+
-+ Thread cannot keep any reiser4 locks (tree, znode, dk spin-locks, or znode
-+ long term locks) while calling this.
-+*/
-+lookup_result coord_by_key(reiser4_tree * tree /* tree to perform search
-+ * in. Usually this tree is
-+ * part of file-system
-+ * super-block */ ,
-+ const reiser4_key * key /* key to look for */ ,
-+ coord_t * coord /* where to store found
-+ * position in a tree. Fields
-+ * in "coord" are only valid if
-+ * coord_by_key() returned
-+ * "CBK_COORD_FOUND" */ ,
-+ lock_handle * lh, /* resulting lock handle */
-+ znode_lock_mode lock_mode /* type of lookup we
-+ * want on node. Pass
-+ * ZNODE_READ_LOCK here
-+ * if you only want to
-+ * read item found and
-+ * ZNODE_WRITE_LOCK if
-+ * you want to modify
-+ * it */ ,
-+ lookup_bias bias /* what to return if coord
-+ * with exactly the @key is
-+ * not in the tree */ ,
-+ tree_level lock_level /* tree level where to start
-+ * taking @lock type of
-+ * locks */ ,
-+ tree_level stop_level /* tree level to stop. Pass
-+ * LEAF_LEVEL or TWIG_LEVEL
-+ * here Item being looked
-+ * for has to be between
-+ * @lock_level and
-+ * @stop_level, inclusive */ ,
-+ __u32 flags /* search flags */ ,
-+ ra_info_t *
-+ info
-+ /* information about desired tree traversal readahead */
-+ )
-+{
-+ cbk_handle handle;
-+ lock_handle parent_lh;
-+ lookup_result result;
-+
-+ init_lh(lh);
-+ init_lh(&parent_lh);
-+
-+ assert("nikita-3023", schedulable());
-+
-+ assert("nikita-353", tree != NULL);
-+ assert("nikita-354", key != NULL);
-+ assert("nikita-355", coord != NULL);
-+ assert("nikita-356", (bias == FIND_EXACT)
-+ || (bias == FIND_MAX_NOT_MORE_THAN));
-+ assert("nikita-357", stop_level >= LEAF_LEVEL);
-+ /* no locks can be held during tree traversal */
-+ assert("nikita-2104", lock_stack_isclean(get_current_lock_stack()));
-+
-+ cbk_pack(&handle,
-+ tree,
-+ key,
-+ coord,
-+ lh,
-+ &parent_lh,
-+ lock_mode, bias, lock_level, stop_level, flags, info);
-+
-+ result = coord_by_handle(&handle);
-+ assert("nikita-3247",
-+ ergo(!IS_CBKERR(result), coord->node == lh->node));
-+ return result;
-+}
-+
-+/* like coord_by_key(), but starts traversal from vroot of @object rather than
-+ * from tree root. */
-+lookup_result
-+object_lookup(struct inode * object,
-+ const reiser4_key * key,
-+ coord_t * coord,
-+ lock_handle * lh,
-+ znode_lock_mode lock_mode,
-+ lookup_bias bias,
-+ tree_level lock_level,
-+ tree_level stop_level, __u32 flags, ra_info_t * info)
-+{
-+ cbk_handle handle;
-+ lock_handle parent_lh;
-+ lookup_result result;
-+
-+ init_lh(lh);
-+ init_lh(&parent_lh);
-+
-+ assert("nikita-3023", schedulable());
-+
-+ assert("nikita-354", key != NULL);
-+ assert("nikita-355", coord != NULL);
-+ assert("nikita-356", (bias == FIND_EXACT)
-+ || (bias == FIND_MAX_NOT_MORE_THAN));
-+ assert("nikita-357", stop_level >= LEAF_LEVEL);
-+ /* no locks can be held during tree search by key */
-+ assert("nikita-2104", lock_stack_isclean(get_current_lock_stack()));
-+
-+ cbk_pack(&handle,
-+ object != NULL ? tree_by_inode(object) : current_tree,
-+ key,
-+ coord,
-+ lh,
-+ &parent_lh,
-+ lock_mode, bias, lock_level, stop_level, flags, info);
-+ handle.object = object;
-+
-+ result = coord_by_handle(&handle);
-+ assert("nikita-3247",
-+ ergo(!IS_CBKERR(result), coord->node == lh->node));
-+ return result;
-+}
-+
-+/* lookup by cbk_handle. Common part of coord_by_key() and object_lookup(). */
-+static lookup_result coord_by_handle(cbk_handle * handle)
-+{
-+ /*
-+ * first check cbk_cache (which is look-aside cache for our tree) and
-+ * of this fails, start traversal.
-+ */
-+ /* first check whether "key" is in cache of recent lookups. */
-+ if (cbk_cache_search(handle) == 0)
-+ return handle->result;
-+ else
-+ return traverse_tree(handle);
-+}
-+
-+/* Execute actor for each item (or unit, depending on @through_units_p),
-+ starting from @coord, right-ward, until either:
-+
-+ - end of the tree is reached
-+ - unformatted node is met
-+ - error occurred
-+ - @actor returns 0 or less
-+
-+ Error code, or last actor return value is returned.
-+
-+ This is used by plugin/dir/hashe_dir.c:find_entry() to move through
-+ sequence of entries with identical keys and alikes.
-+*/
-+int iterate_tree(reiser4_tree * tree /* tree to scan */ ,
-+ coord_t * coord /* coord to start from */ ,
-+ lock_handle * lh /* lock handle to start with and to
-+ * update along the way */ ,
-+ tree_iterate_actor_t actor /* function to call on each
-+ * item/unit */ ,
-+ void *arg /* argument to pass to @actor */ ,
-+ znode_lock_mode mode /* lock mode on scanned nodes */ ,
-+ int through_units_p /* call @actor on each item or on each
-+ * unit */ )
-+{
-+ int result;
-+
-+ assert("nikita-1143", tree != NULL);
-+ assert("nikita-1145", coord != NULL);
-+ assert("nikita-1146", lh != NULL);
-+ assert("nikita-1147", actor != NULL);
-+
-+ result = zload(coord->node);
-+ coord_clear_iplug(coord);
-+ if (result != 0)
-+ return result;
-+ if (!coord_is_existing_unit(coord)) {
-+ zrelse(coord->node);
-+ return -ENOENT;
-+ }
-+ while ((result = actor(tree, coord, lh, arg)) > 0) {
-+ /* move further */
-+ if ((through_units_p && coord_next_unit(coord)) ||
-+ (!through_units_p && coord_next_item(coord))) {
-+ do {
-+ lock_handle couple;
-+
-+ /* move to the next node */
-+ init_lh(&couple);
-+ result =
-+ reiser4_get_right_neighbor(&couple,
-+ coord->node,
-+ (int)mode,
-+ GN_CAN_USE_UPPER_LEVELS);
-+ zrelse(coord->node);
-+ if (result == 0) {
-+
-+ result = zload(couple.node);
-+ if (result != 0) {
-+ done_lh(&couple);
-+ return result;
-+ }
-+
-+ coord_init_first_unit(coord,
-+ couple.node);
-+ done_lh(lh);
-+ move_lh(lh, &couple);
-+ } else
-+ return result;
-+ } while (node_is_empty(coord->node));
-+ }
-+
-+ assert("nikita-1149", coord_is_existing_unit(coord));
-+ }
-+ zrelse(coord->node);
-+ return result;
-+}
-+
-+/* return locked uber znode for @tree */
-+int get_uber_znode(reiser4_tree * tree, znode_lock_mode mode,
-+ znode_lock_request pri, lock_handle * lh)
-+{
-+ int result;
-+
-+ result = longterm_lock_znode(lh, tree->uber, mode, pri);
-+ return result;
-+}
-+
-+/* true if @key is strictly within @node
-+
-+ we are looking for possibly non-unique key and it is item is at the edge of
-+ @node. May be it is in the neighbor.
-+*/
-+static int znode_contains_key_strict(znode * node /* node to check key
-+ * against */ ,
-+ const reiser4_key *
-+ key /* key to check */ ,
-+ int isunique)
-+{
-+ int answer;
-+
-+ assert("nikita-1760", node != NULL);
-+ assert("nikita-1722", key != NULL);
-+
-+ if (keyge(key, &node->rd_key))
-+ return 0;
-+
-+ answer = keycmp(&node->ld_key, key);
-+
-+ if (isunique)
-+ return answer != GREATER_THAN;
-+ else
-+ return answer == LESS_THAN;
-+}
-+
-+/*
-+ * Virtual Root (vroot) code.
-+ *
-+ * For given file system object (e.g., regular file or directory) let's
-+ * define its "virtual root" as lowest in the tree (that is, furtherest
-+ * from the tree root) node such that all body items of said object are
-+ * located in a tree rooted at this node.
-+ *
-+ * Once vroot of object is found all tree lookups for items within body of
-+ * this object ("object lookups") can be started from its vroot rather
-+ * than from real root. This has following advantages:
-+ *
-+ * 1. amount of nodes traversed during lookup (and, hence, amount of
-+ * key comparisons made) decreases, and
-+ *
-+ * 2. contention on tree root is decreased. This latter was actually
-+ * motivating reason behind vroot, because spin lock of root node,
-+ * which is taken when acquiring long-term lock on root node is the
-+ * hottest lock in the reiser4.
-+ *
-+ * How to find vroot.
-+ *
-+ * When vroot of object F is not yet determined, all object lookups start
-+ * from the root of the tree. At each tree level during traversal we have
-+ * a node N such that a key we are looking for (which is the key inside
-+ * object's body) is located within N. In function handle_vroot() called
-+ * from cbk_level_lookup() we check whether N is possible vroot for
-+ * F. Check is trivial---if neither leftmost nor rightmost item of N
-+ * belongs to F (and we already have helpful ->owns_item() method of
-+ * object plugin for this), then N is possible vroot of F. This, of
-+ * course, relies on the assumption that each object occupies contiguous
-+ * range of keys in the tree.
-+ *
-+ * Thus, traversing tree downward and checking each node as we go, we can
-+ * find lowest such node, which, by definition, is vroot.
-+ *
-+ * How to track vroot.
-+ *
-+ * Nohow. If actual vroot changes, next object lookup will just restart
-+ * from the actual tree root, refreshing object's vroot along the way.
-+ *
-+ */
-+
-+/*
-+ * Check whether @node is possible vroot of @object.
-+ */
-+static void handle_vroot(struct inode *object, znode * node)
-+{
-+ file_plugin *fplug;
-+ coord_t coord;
-+
-+ fplug = inode_file_plugin(object);
-+ assert("nikita-3353", fplug != NULL);
-+ assert("nikita-3354", fplug->owns_item != NULL);
-+
-+ if (unlikely(node_is_empty(node)))
-+ return;
-+
-+ coord_init_first_unit(&coord, node);
-+ /*
-+ * if leftmost item of @node belongs to @object, we cannot be sure
-+ * that @node is vroot of @object, because, some items of @object are
-+ * probably in the sub-tree rooted at the left neighbor of @node.
-+ */
-+ if (fplug->owns_item(object, &coord))
-+ return;
-+ coord_init_last_unit(&coord, node);
-+ /* mutatis mutandis for the rightmost item */
-+ if (fplug->owns_item(object, &coord))
-+ return;
-+ /* otherwise, @node is possible vroot of @object */
-+ inode_set_vroot(object, node);
-+}
-+
-+/*
-+ * helper function used by traverse tree to start tree traversal not from the
-+ * tree root, but from @h->object's vroot, if possible.
-+ */
-+static int prepare_object_lookup(cbk_handle * h)
-+{
-+ znode *vroot;
-+ int result;
-+
-+ vroot = inode_get_vroot(h->object);
-+ if (vroot == NULL) {
-+ /*
-+ * object doesn't have known vroot, start from real tree root.
-+ */
-+ return LOOKUP_CONT;
-+ }
-+
-+ h->level = znode_get_level(vroot);
-+ /* take a long-term lock on vroot */
-+ h->result = longterm_lock_znode(h->active_lh, vroot,
-+ cbk_lock_mode(h->level, h),
-+ ZNODE_LOCK_LOPRI);
-+ result = LOOKUP_REST;
-+ if (h->result == 0) {
-+ int isunique;
-+ int inside;
-+
-+ isunique = h->flags & CBK_UNIQUE;
-+ /* check that key is inside vroot */
-+ read_lock_dk(h->tree);
-+ inside = (znode_contains_key_strict(vroot, h->key, isunique) &&
-+ !ZF_ISSET(vroot, JNODE_HEARD_BANSHEE));
-+ read_unlock_dk(h->tree);
-+ if (inside) {
-+ h->result = zload(vroot);
-+ if (h->result == 0) {
-+ /* search for key in vroot. */
-+ result = cbk_node_lookup(h);
-+ zrelse(vroot); /*h->active_lh->node); */
-+ if (h->active_lh->node != vroot) {
-+ result = LOOKUP_REST;
-+ } else if (result == LOOKUP_CONT) {
-+ move_lh(h->parent_lh, h->active_lh);
-+ h->flags &= ~CBK_DKSET;
-+ }
-+ }
-+ }
-+ } else
-+ /* long-term locking failed. Restart. */
-+ ;
-+
-+ zput(vroot);
-+
-+ if (IS_CBKERR(h->result) || result == LOOKUP_REST)
-+ hput(h);
-+ return result;
-+}
-+
-+/* main function that handles common parts of tree traversal: starting
-+ (fake znode handling), restarts, error handling, completion */
-+static lookup_result traverse_tree(cbk_handle * h /* search handle */ )
-+{
-+ int done;
-+ int iterations;
-+ int vroot_used;
-+
-+ assert("nikita-365", h != NULL);
-+ assert("nikita-366", h->tree != NULL);
-+ assert("nikita-367", h->key != NULL);
-+ assert("nikita-368", h->coord != NULL);
-+ assert("nikita-369", (h->bias == FIND_EXACT)
-+ || (h->bias == FIND_MAX_NOT_MORE_THAN));
-+ assert("nikita-370", h->stop_level >= LEAF_LEVEL);
-+ assert("nikita-2949", !(h->flags & CBK_DKSET));
-+ assert("zam-355", lock_stack_isclean(get_current_lock_stack()));
-+
-+ done = 0;
-+ iterations = 0;
-+ vroot_used = 0;
-+
-+ /* loop for restarts */
-+ restart:
-+
-+ assert("nikita-3024", schedulable());
-+
-+ h->result = CBK_COORD_FOUND;
-+ /* connect_znode() needs it */
-+ h->ld_key = *min_key();
-+ h->rd_key = *max_key();
-+ h->flags |= CBK_DKSET;
-+ h->error = NULL;
-+
-+ if (!vroot_used && h->object != NULL) {
-+ vroot_used = 1;
-+ done = prepare_object_lookup(h);
-+ if (done == LOOKUP_REST) {
-+ goto restart;
-+ } else if (done == LOOKUP_DONE)
-+ return h->result;
-+ }
-+ if (h->parent_lh->node == NULL) {
-+ done =
-+ get_uber_znode(h->tree, ZNODE_READ_LOCK, ZNODE_LOCK_LOPRI,
-+ h->parent_lh);
-+
-+ assert("nikita-1637", done != -E_DEADLOCK);
-+
-+ h->block = h->tree->root_block;
-+ h->level = h->tree->height;
-+ h->coord->node = h->parent_lh->node;
-+
-+ if (done != 0)
-+ return done;
-+ }
-+
-+ /* loop descending a tree */
-+ while (!done) {
-+
-+ if (unlikely((iterations > REISER4_CBK_ITERATIONS_LIMIT) &&
-+ IS_POW(iterations))) {
-+ warning("nikita-1481", "Too many iterations: %i",
-+ iterations);
-+ print_key("key", h->key);
-+ ++iterations;
-+ } else if (unlikely(iterations > REISER4_MAX_CBK_ITERATIONS)) {
-+ h->error =
-+ "reiser-2018: Too many iterations. Tree corrupted, or (less likely) starvation occurring.";
-+ h->result = RETERR(-EIO);
-+ break;
-+ }
-+ switch (cbk_level_lookup(h)) {
-+ case LOOKUP_CONT:
-+ move_lh(h->parent_lh, h->active_lh);
-+ continue;
-+ default:
-+ wrong_return_value("nikita-372", "cbk_level");
-+ case LOOKUP_DONE:
-+ done = 1;
-+ break;
-+ case LOOKUP_REST:
-+ hput(h);
-+ /* deadlock avoidance is normal case. */
-+ if (h->result != -E_DEADLOCK)
-+ ++iterations;
-+ preempt_point();
-+ goto restart;
-+ }
-+ }
-+ /* that's all. The rest is error handling */
-+ if (unlikely(h->error != NULL)) {
-+ warning("nikita-373", "%s: level: %i, "
-+ "lock_level: %i, stop_level: %i "
-+ "lock_mode: %s, bias: %s",
-+ h->error, h->level, h->lock_level, h->stop_level,
-+ lock_mode_name(h->lock_mode), bias_name(h->bias));
-+ reiser4_print_address("block", &h->block);
-+ print_key("key", h->key);
-+ print_coord_content("coord", h->coord);
-+ }
-+ /* `unlikely' error case */
-+ if (unlikely(IS_CBKERR(h->result))) {
-+ /* failure. do cleanup */
-+ hput(h);
-+ } else {
-+ assert("nikita-1605", WITH_DATA_RET
-+ (h->coord->node, 1,
-+ ergo((h->result == CBK_COORD_FOUND) &&
-+ (h->bias == FIND_EXACT) &&
-+ (!node_is_empty(h->coord->node)),
-+ coord_is_existing_item(h->coord))));
-+ }
-+ return h->result;
-+}
-+
-+/* find delimiting keys of child
-+
-+ Determine left and right delimiting keys for child pointed to by
-+ @parent_coord.
-+
-+*/
-+static void find_child_delimiting_keys(znode * parent /* parent znode, passed
-+ * locked */ ,
-+ const coord_t * parent_coord /* coord where
-+ * pointer to
-+ * child is
-+ * stored */ ,
-+ reiser4_key * ld /* where to store left
-+ * delimiting key */ ,
-+ reiser4_key * rd /* where to store right
-+ * delimiting key */ )
-+{
-+ coord_t neighbor;
-+
-+ assert("nikita-1484", parent != NULL);
-+ assert_rw_locked(&(znode_get_tree(parent)->dk_lock));
-+
-+ coord_dup(&neighbor, parent_coord);
-+
-+ if (neighbor.between == AT_UNIT)
-+ /* imitate item ->lookup() behavior. */
-+ neighbor.between = AFTER_UNIT;
-+
-+ if (coord_set_to_left(&neighbor) == 0)
-+ unit_key_by_coord(&neighbor, ld);
-+ else {
-+ assert("nikita-14851", 0);
-+ *ld = *znode_get_ld_key(parent);
-+ }
-+
-+ coord_dup(&neighbor, parent_coord);
-+ if (neighbor.between == AT_UNIT)
-+ neighbor.between = AFTER_UNIT;
-+ if (coord_set_to_right(&neighbor) == 0)
-+ unit_key_by_coord(&neighbor, rd);
-+ else
-+ *rd = *znode_get_rd_key(parent);
-+}
-+
-+/*
-+ * setup delimiting keys for a child
-+ *
-+ * @parent parent node
-+ *
-+ * @coord location in @parent where pointer to @child is
-+ *
-+ * @child child node
-+ */
-+int
-+set_child_delimiting_keys(znode * parent, const coord_t * coord, znode * child)
-+{
-+ reiser4_tree *tree;
-+
-+ assert("nikita-2952",
-+ znode_get_level(parent) == znode_get_level(coord->node));
-+
-+ /* fast check without taking dk lock. This is safe, because
-+ * JNODE_DKSET is never cleared once set. */
-+ if (!ZF_ISSET(child, JNODE_DKSET)) {
-+ tree = znode_get_tree(parent);
-+ write_lock_dk(tree);
-+ if (likely(!ZF_ISSET(child, JNODE_DKSET))) {
-+ find_child_delimiting_keys(parent, coord,
-+ &child->ld_key,
-+ &child->rd_key);
-+ ON_DEBUG(child->ld_key_version =
-+ atomic_inc_return(&delim_key_version);
-+ child->rd_key_version =
-+ atomic_inc_return(&delim_key_version););
-+ ZF_SET(child, JNODE_DKSET);
-+ }
-+ write_unlock_dk(tree);
-+ return 1;
-+ }
-+ return 0;
-+}
-+
-+/* Perform tree lookup at one level. This is called from cbk_traverse()
-+ function that drives lookup through tree and calls cbk_node_lookup() to
-+ perform lookup within one node.
-+
-+ See comments in a code.
-+*/
-+static level_lookup_result cbk_level_lookup(cbk_handle * h /* search handle */ )
-+{
-+ int ret;
-+ int setdk;
-+ int ldkeyset = 0;
-+ reiser4_key ldkey;
-+ reiser4_key key;
-+ znode *active;
-+
-+ assert("nikita-3025", schedulable());
-+
-+ /* acquire reference to @active node */
-+ active =
-+ zget(h->tree, &h->block, h->parent_lh->node, h->level, get_gfp_mask());
-+
-+ if (IS_ERR(active)) {
-+ h->result = PTR_ERR(active);
-+ return LOOKUP_DONE;
-+ }
-+
-+ /* lock @active */
-+ h->result = longterm_lock_znode(h->active_lh,
-+ active,
-+ cbk_lock_mode(h->level, h),
-+ ZNODE_LOCK_LOPRI);
-+ /* longterm_lock_znode() acquires additional reference to znode (which
-+ will be later released by longterm_unlock_znode()). Release
-+ reference acquired by zget().
-+ */
-+ zput(active);
-+ if (unlikely(h->result != 0))
-+ goto fail_or_restart;
-+
-+ setdk = 0;
-+ /* if @active is accessed for the first time, setup delimiting keys on
-+ it. Delimiting keys are taken from the parent node. See
-+ setup_delimiting_keys() for details.
-+ */
-+ if (h->flags & CBK_DKSET) {
-+ setdk = setup_delimiting_keys(h);
-+ h->flags &= ~CBK_DKSET;
-+ } else {
-+ znode *parent;
-+
-+ parent = h->parent_lh->node;
-+ h->result = zload(parent);
-+ if (unlikely(h->result != 0))
-+ goto fail_or_restart;
-+
-+ if (!ZF_ISSET(active, JNODE_DKSET))
-+ setdk = set_child_delimiting_keys(parent,
-+ h->coord, active);
-+ else {
-+ read_lock_dk(h->tree);
-+ find_child_delimiting_keys(parent, h->coord, &ldkey,
-+ &key);
-+ read_unlock_dk(h->tree);
-+ ldkeyset = 1;
-+ }
-+ zrelse(parent);
-+ }
-+
-+ /* this is ugly kludge. Reminder: this is necessary, because
-+ ->lookup() method returns coord with ->between field probably set
-+ to something different from AT_UNIT.
-+ */
-+ h->coord->between = AT_UNIT;
-+
-+ if (znode_just_created(active) && (h->coord->node != NULL)) {
-+ write_lock_tree(h->tree);
-+ /* if we are going to load znode right now, setup
-+ ->in_parent: coord where pointer to this node is stored in
-+ parent.
-+ */
-+ coord_to_parent_coord(h->coord, &active->in_parent);
-+ write_unlock_tree(h->tree);
-+ }
-+
-+ /* check connectedness without holding tree lock---false negatives
-+ * will be re-checked by connect_znode(), and false positives are
-+ * impossible---@active cannot suddenly turn into unconnected
-+ * state. */
-+ if (!znode_is_connected(active)) {
-+ h->result = connect_znode(h->coord, active);
-+ if (unlikely(h->result != 0)) {
-+ put_parent(h);
-+ goto fail_or_restart;
-+ }
-+ }
-+
-+ jload_prefetch(ZJNODE(active));
-+
-+ if (setdk)
-+ update_stale_dk(h->tree, active);
-+
-+ /* put_parent() cannot be called earlier, because connect_znode()
-+ assumes parent node is referenced; */
-+ put_parent(h);
-+
-+ if ((!znode_contains_key_lock(active, h->key) &&
-+ (h->flags & CBK_TRUST_DK))
-+ || ZF_ISSET(active, JNODE_HEARD_BANSHEE)) {
-+ /* 1. key was moved out of this node while this thread was
-+ waiting for the lock. Restart. More elaborate solution is
-+ to determine where key moved (to the left, or to the right)
-+ and try to follow it through sibling pointers.
-+
-+ 2. or, node itself is going to be removed from the
-+ tree. Release lock and restart.
-+ */
-+ h->result = -E_REPEAT;
-+ }
-+ if (h->result == -E_REPEAT)
-+ return LOOKUP_REST;
-+
-+ h->result = zload_ra(active, h->ra_info);
-+ if (h->result) {
-+ return LOOKUP_DONE;
-+ }
-+
-+ /* sanity checks */
-+ if (sanity_check(h)) {
-+ zrelse(active);
-+ return LOOKUP_DONE;
-+ }
-+
-+ /* check that key of leftmost item in the @active is the same as in
-+ * its parent */
-+ if (ldkeyset && !node_is_empty(active) &&
-+ !keyeq(leftmost_key_in_node(active, &key), &ldkey)) {
-+ warning("vs-3533", "Keys are inconsistent. Fsck?");
-+ print_key("inparent", &ldkey);
-+ print_key("inchild", &key);
-+ h->result = RETERR(-EIO);
-+ zrelse(active);
-+ return LOOKUP_DONE;
-+ }
-+
-+ if (h->object != NULL)
-+ handle_vroot(h->object, active);
-+
-+ ret = cbk_node_lookup(h);
-+
-+ /* h->active_lh->node might change, but active is yet to be zrelsed */
-+ zrelse(active);
-+
-+ return ret;
-+
-+ fail_or_restart:
-+ if (h->result == -E_DEADLOCK)
-+ return LOOKUP_REST;
-+ return LOOKUP_DONE;
-+}
-+
-+#if REISER4_DEBUG
-+/* check left and right delimiting keys of a znode */
-+void check_dkeys(znode * node)
-+{
-+ znode *left;
-+ znode *right;
-+
-+ read_lock_tree(current_tree);
-+ read_lock_dk(current_tree);
-+
-+ assert("vs-1710", znode_is_any_locked(node));
-+ assert("vs-1197",
-+ !keygt(znode_get_ld_key(node), znode_get_rd_key(node)));
-+
-+ left = node->left;
-+ right = node->right;
-+
-+ if (ZF_ISSET(node, JNODE_LEFT_CONNECTED) && ZF_ISSET(node, JNODE_DKSET)
-+ && left != NULL && ZF_ISSET(left, JNODE_DKSET))
-+ /* check left neighbor. Note that left neighbor is not locked,
-+ so it might get wrong delimiting keys therefore */
-+ assert("vs-1198",
-+ (keyeq(znode_get_rd_key(left), znode_get_ld_key(node))
-+ || ZF_ISSET(left, JNODE_HEARD_BANSHEE)));
-+
-+ if (ZF_ISSET(node, JNODE_RIGHT_CONNECTED) && ZF_ISSET(node, JNODE_DKSET)
-+ && right != NULL && ZF_ISSET(right, JNODE_DKSET))
-+ /* check right neighbor. Note that right neighbor is not
-+ locked, so it might get wrong delimiting keys therefore */
-+ assert("vs-1199",
-+ (keyeq(znode_get_rd_key(node), znode_get_ld_key(right))
-+ || ZF_ISSET(right, JNODE_HEARD_BANSHEE)));
-+
-+ read_unlock_dk(current_tree);
-+ read_unlock_tree(current_tree);
-+}
-+#endif
-+
-+/* true if @key is left delimiting key of @node */
-+static int key_is_ld(znode * node, const reiser4_key * key)
-+{
-+ int ld;
-+
-+ assert("nikita-1716", node != NULL);
-+ assert("nikita-1758", key != NULL);
-+
-+ read_lock_dk(znode_get_tree(node));
-+ assert("nikita-1759", znode_contains_key(node, key));
-+ ld = keyeq(znode_get_ld_key(node), key);
-+ read_unlock_dk(znode_get_tree(node));
-+ return ld;
-+}
-+
-+/* Process one node during tree traversal.
-+
-+ This is called by cbk_level_lookup(). */
-+static level_lookup_result cbk_node_lookup(cbk_handle * h /* search handle */ )
-+{
-+ /* node plugin of @active */
-+ node_plugin *nplug;
-+ /* item plugin of item that was found */
-+ item_plugin *iplug;
-+ /* search bias */
-+ lookup_bias node_bias;
-+ /* node we are operating upon */
-+ znode *active;
-+ /* tree we are searching in */
-+ reiser4_tree *tree;
-+ /* result */
-+ int result;
-+
-+ assert("nikita-379", h != NULL);
-+
-+ active = h->active_lh->node;
-+ tree = h->tree;
-+
-+ nplug = active->nplug;
-+ assert("nikita-380", nplug != NULL);
-+
-+ ON_DEBUG(check_dkeys(active));
-+
-+ /* return item from "active" node with maximal key not greater than
-+ "key" */
-+ node_bias = h->bias;
-+ result = nplug->lookup(active, h->key, node_bias, h->coord);
-+ if (unlikely(result != NS_FOUND && result != NS_NOT_FOUND)) {
-+ /* error occurred */
-+ h->result = result;
-+ return LOOKUP_DONE;
-+ }
-+ if (h->level == h->stop_level) {
-+ /* welcome to the stop level */
-+ assert("nikita-381", h->coord->node == active);
-+ if (result == NS_FOUND) {
-+ /* success of tree lookup */
-+ if (!(h->flags & CBK_UNIQUE)
-+ && key_is_ld(active, h->key)) {
-+ return search_to_left(h);
-+ } else
-+ h->result = CBK_COORD_FOUND;
-+ } else {
-+ h->result = CBK_COORD_NOTFOUND;
-+ }
-+ if (!(h->flags & CBK_IN_CACHE))
-+ cbk_cache_add(active);
-+ return LOOKUP_DONE;
-+ }
-+
-+ if (h->level > TWIG_LEVEL && result == NS_NOT_FOUND) {
-+ h->error = "not found on internal node";
-+ h->result = result;
-+ return LOOKUP_DONE;
-+ }
-+
-+ assert("vs-361", h->level > h->stop_level);
-+
-+ if (handle_eottl(h, &result)) {
-+ assert("vs-1674", (result == LOOKUP_DONE ||
-+ result == LOOKUP_REST));
-+ return result;
-+ }
-+
-+ /* go down to next level */
-+ check_me("vs-12", zload(h->coord->node) == 0);
-+ assert("nikita-2116", item_is_internal(h->coord));
-+ iplug = item_plugin_by_coord(h->coord);
-+ iplug->s.internal.down_link(h->coord, h->key, &h->block);
-+ zrelse(h->coord->node);
-+ --h->level;
-+ return LOOKUP_CONT; /* continue */
-+}
-+
-+/* scan cbk_cache slots looking for a match for @h */
-+static int cbk_cache_scan_slots(cbk_handle * h /* cbk handle */ )
-+{
-+ level_lookup_result llr;
-+ znode *node;
-+ reiser4_tree *tree;
-+ cbk_cache_slot *slot;
-+ cbk_cache *cache;
-+ tree_level level;
-+ int isunique;
-+ const reiser4_key *key;
-+ int result;
-+
-+ assert("nikita-1317", h != NULL);
-+ assert("nikita-1315", h->tree != NULL);
-+ assert("nikita-1316", h->key != NULL);
-+
-+ tree = h->tree;
-+ cache = &tree->cbk_cache;
-+ if (cache->nr_slots == 0)
-+ /* size of cbk cache was set to 0 by mount time option. */
-+ return RETERR(-ENOENT);
-+
-+ assert("nikita-2474", cbk_cache_invariant(cache));
-+ node = NULL; /* to keep gcc happy */
-+ level = h->level;
-+ key = h->key;
-+ isunique = h->flags & CBK_UNIQUE;
-+ result = RETERR(-ENOENT);
-+
-+ /*
-+ * this is time-critical function and dragons had, hence, been settled
-+ * here.
-+ *
-+ * Loop below scans cbk cache slots trying to find matching node with
-+ * suitable range of delimiting keys and located at the h->level.
-+ *
-+ * Scan is done under cbk cache spin lock that protects slot->node
-+ * pointers. If suitable node is found we want to pin it in
-+ * memory. But slot->node can point to the node with x_count 0
-+ * (unreferenced). Such node can be recycled at any moment, or can
-+ * already be in the process of being recycled (within jput()).
-+ *
-+ * As we found node in the cbk cache, it means that jput() hasn't yet
-+ * called cbk_cache_invalidate().
-+ *
-+ * We acquire reference to the node without holding tree lock, and
-+ * later, check node's RIP bit. This avoids races with jput().
-+ */
-+
-+ rcu_read_lock();
-+ read_lock(&((cbk_cache *)cache)->guard);
-+
-+ slot = list_entry(cache->lru.next, cbk_cache_slot, lru);
-+ slot = list_entry(slot->lru.prev, cbk_cache_slot, lru);
-+ BUG_ON(&slot->lru != &cache->lru);/*????*/
-+ while (1) {
-+
-+ slot = list_entry(slot->lru.next, cbk_cache_slot, lru);
-+
-+ if (&cache->lru != &slot->lru)
-+ node = slot->node;
-+ else
-+ node = NULL;
-+
-+ if (unlikely(node == NULL))
-+ break;
-+
-+ /*
-+ * this is (hopefully) the only place in the code where we are
-+ * working with delimiting keys without holding dk lock. This
-+ * is fine here, because this is only "guess" anyway---keys
-+ * are rechecked under dk lock below.
-+ */
-+ if (znode_get_level(node) == level &&
-+ /* min_key < key < max_key */
-+ znode_contains_key_strict(node, key, isunique)) {
-+ zref(node);
-+ result = 0;
-+ spin_lock_prefetch(&tree->tree_lock);
-+ break;
-+ }
-+ }
-+ read_unlock(&((cbk_cache *)cache)->guard);
-+
-+ assert("nikita-2475", cbk_cache_invariant(cache));
-+
-+ if (unlikely(result == 0 && ZF_ISSET(node, JNODE_RIP)))
-+ result = -ENOENT;
-+
-+ rcu_read_unlock();
-+
-+ if (result != 0) {
-+ h->result = CBK_COORD_NOTFOUND;
-+ return RETERR(-ENOENT);
-+ }
-+
-+ result =
-+ longterm_lock_znode(h->active_lh, node, cbk_lock_mode(level, h),
-+ ZNODE_LOCK_LOPRI);
-+ zput(node);
-+ if (result != 0)
-+ return result;
-+ result = zload(node);
-+ if (result != 0)
-+ return result;
-+
-+ /* recheck keys */
-+ read_lock_dk(tree);
-+ result = (znode_contains_key_strict(node, key, isunique) &&
-+ !ZF_ISSET(node, JNODE_HEARD_BANSHEE));
-+ read_unlock_dk(tree);
-+ if (result) {
-+ /* do lookup inside node */
-+ llr = cbk_node_lookup(h);
-+ /* if cbk_node_lookup() wandered to another node (due to eottl
-+ or non-unique keys), adjust @node */
-+ /*node = h->active_lh->node; */
-+
-+ if (llr != LOOKUP_DONE) {
-+ /* restart or continue on the next level */
-+ result = RETERR(-ENOENT);
-+ } else if (IS_CBKERR(h->result))
-+ /* io or oom */
-+ result = RETERR(-ENOENT);
-+ else {
-+ /* good. Either item found or definitely not found. */
-+ result = 0;
-+
-+ write_lock(&(cache->guard));
-+ if (slot->node == h->active_lh->node /*node */ ) {
-+ /* if this node is still in cbk cache---move
-+ its slot to the head of the LRU list. */
-+ list_move(&slot->lru, &cache->lru);
-+ }
-+ write_unlock(&(cache->guard));
-+ }
-+ } else {
-+ /* race. While this thread was waiting for the lock, node was
-+ rebalanced and item we are looking for, shifted out of it
-+ (if it ever was here).
-+
-+ Continuing scanning is almost hopeless: node key range was
-+ moved to, is almost certainly at the beginning of the LRU
-+ list at this time, because it's hot, but restarting
-+ scanning from the very beginning is complex. Just return,
-+ so that cbk() will be performed. This is not that
-+ important, because such races should be rare. Are they?
-+ */
-+ result = RETERR(-ENOENT); /* -ERAUGHT */
-+ }
-+ zrelse(node);
-+ assert("nikita-2476", cbk_cache_invariant(cache));
-+ return result;
-+}
-+
-+/* look for item with given key in the coord cache
-+
-+ This function, called by coord_by_key(), scans "coord cache" (&cbk_cache)
-+ which is a small LRU list of znodes accessed lately. For each znode in
-+ znode in this list, it checks whether key we are looking for fits into key
-+ range covered by this node. If so, and in addition, node lies at allowed
-+ level (this is to handle extents on a twig level), node is locked, and
-+ lookup inside it is performed.
-+
-+ we need a measurement of the cost of this cache search compared to the cost
-+ of coord_by_key.
-+
-+*/
-+static int cbk_cache_search(cbk_handle * h /* cbk handle */ )
-+{
-+ int result = 0;
-+ tree_level level;
-+
-+ /* add CBK_IN_CACHE to the handle flags. This means that
-+ * cbk_node_lookup() assumes that cbk_cache is scanned and would add
-+ * found node to the cache. */
-+ h->flags |= CBK_IN_CACHE;
-+ for (level = h->stop_level; level <= h->lock_level; ++level) {
-+ h->level = level;
-+ result = cbk_cache_scan_slots(h);
-+ if (result != 0) {
-+ done_lh(h->active_lh);
-+ done_lh(h->parent_lh);
-+ } else {
-+ assert("nikita-1319", !IS_CBKERR(h->result));
-+ break;
-+ }
-+ }
-+ h->flags &= ~CBK_IN_CACHE;
-+ return result;
-+}
-+
-+/* type of lock we want to obtain during tree traversal. On stop level
-+ we want type of lock user asked for, on upper levels: read lock. */
-+znode_lock_mode cbk_lock_mode(tree_level level, cbk_handle * h)
-+{
-+ assert("nikita-382", h != NULL);
-+
-+ return (level <= h->lock_level) ? h->lock_mode : ZNODE_READ_LOCK;
-+}
-+
-+/* update outdated delimiting keys */
-+static void stale_dk(reiser4_tree * tree, znode * node)
-+{
-+ znode *right;
-+
-+ read_lock_tree(tree);
-+ write_lock_dk(tree);
-+ right = node->right;
-+
-+ if (ZF_ISSET(node, JNODE_RIGHT_CONNECTED) &&
-+ right && ZF_ISSET(right, JNODE_DKSET) &&
-+ !keyeq(znode_get_rd_key(node), znode_get_ld_key(right)))
-+ znode_set_rd_key(node, znode_get_ld_key(right));
-+
-+ write_unlock_dk(tree);
-+ read_unlock_tree(tree);
-+}
-+
-+/* check for possibly outdated delimiting keys, and update them if
-+ * necessary. */
-+static void update_stale_dk(reiser4_tree * tree, znode * node)
-+{
-+ znode *right;
-+ reiser4_key rd;
-+
-+ read_lock_tree(tree);
-+ read_lock_dk(tree);
-+ rd = *znode_get_rd_key(node);
-+ right = node->right;
-+ if (unlikely(ZF_ISSET(node, JNODE_RIGHT_CONNECTED) &&
-+ right && ZF_ISSET(right, JNODE_DKSET) &&
-+ !keyeq(&rd, znode_get_ld_key(right)))) {
-+ assert("nikita-38211", ZF_ISSET(node, JNODE_DKSET));
-+ read_unlock_dk(tree);
-+ read_unlock_tree(tree);
-+ stale_dk(tree, node);
-+ return;
-+ }
-+ read_unlock_dk(tree);
-+ read_unlock_tree(tree);
-+}
-+
-+/*
-+ * handle searches a the non-unique key.
-+ *
-+ * Suppose that we are looking for an item with possibly non-unique key 100.
-+ *
-+ * Root node contains two pointers: one to a node with left delimiting key 0,
-+ * and another to a node with left delimiting key 100. Item we interested in
-+ * may well happen in the sub-tree rooted at the first pointer.
-+ *
-+ * To handle this search_to_left() is called when search reaches stop
-+ * level. This function checks it is _possible_ that item we are looking for
-+ * is in the left neighbor (this can be done by comparing delimiting keys) and
-+ * if so, tries to lock left neighbor (this is low priority lock, so it can
-+ * deadlock, tree traversal is just restarted if it did) and then checks
-+ * whether left neighbor actually contains items with our key.
-+ *
-+ * Note that this is done on the stop level only. It is possible to try such
-+ * left-check on each level, but as duplicate keys are supposed to be rare
-+ * (very unlikely that more than one node is completely filled with items with
-+ * duplicate keys), it sis cheaper to scan to the left on the stop level once.
-+ *
-+ */
-+static level_lookup_result search_to_left(cbk_handle * h /* search handle */ )
-+{
-+ level_lookup_result result;
-+ coord_t *coord;
-+ znode *node;
-+ znode *neighbor;
-+
-+ lock_handle lh;
-+
-+ assert("nikita-1761", h != NULL);
-+ assert("nikita-1762", h->level == h->stop_level);
-+
-+ init_lh(&lh);
-+ coord = h->coord;
-+ node = h->active_lh->node;
-+ assert("nikita-1763", coord_is_leftmost_unit(coord));
-+
-+ h->result =
-+ reiser4_get_left_neighbor(&lh, node, (int)h->lock_mode,
-+ GN_CAN_USE_UPPER_LEVELS);
-+ neighbor = NULL;
-+ switch (h->result) {
-+ case -E_DEADLOCK:
-+ result = LOOKUP_REST;
-+ break;
-+ case 0:{
-+ node_plugin *nplug;
-+ coord_t crd;
-+ lookup_bias bias;
-+
-+ neighbor = lh.node;
-+ h->result = zload(neighbor);
-+ if (h->result != 0) {
-+ result = LOOKUP_DONE;
-+ break;
-+ }
-+
-+ nplug = neighbor->nplug;
-+
-+ coord_init_zero(&crd);
-+ bias = h->bias;
-+ h->bias = FIND_EXACT;
-+ h->result =
-+ nplug->lookup(neighbor, h->key, h->bias, &crd);
-+ h->bias = bias;
-+
-+ if (h->result == NS_NOT_FOUND) {
-+ case -E_NO_NEIGHBOR:
-+ h->result = CBK_COORD_FOUND;
-+ if (!(h->flags & CBK_IN_CACHE))
-+ cbk_cache_add(node);
-+ default: /* some other error */
-+ result = LOOKUP_DONE;
-+ } else if (h->result == NS_FOUND) {
-+ read_lock_dk(znode_get_tree(neighbor));
-+ h->rd_key = *znode_get_ld_key(node);
-+ leftmost_key_in_node(neighbor, &h->ld_key);
-+ read_unlock_dk(znode_get_tree(neighbor));
-+ h->flags |= CBK_DKSET;
-+
-+ h->block = *znode_get_block(neighbor);
-+ /* clear coord -> node so that cbk_level_lookup()
-+ wouldn't overwrite parent hint in neighbor.
-+
-+ Parent hint was set up by
-+ reiser4_get_left_neighbor()
-+ */
-+ /* FIXME: why do we have to spinlock here? */
-+ write_lock_tree(znode_get_tree(neighbor));
-+ h->coord->node = NULL;
-+ write_unlock_tree(znode_get_tree(neighbor));
-+ result = LOOKUP_CONT;
-+ } else {
-+ result = LOOKUP_DONE;
-+ }
-+ if (neighbor != NULL)
-+ zrelse(neighbor);
-+ }
-+ }
-+ done_lh(&lh);
-+ return result;
-+}
-+
-+/* debugging aid: return symbolic name of search bias */
-+static const char *bias_name(lookup_bias bias /* bias to get name of */ )
-+{
-+ if (bias == FIND_EXACT)
-+ return "exact";
-+ else if (bias == FIND_MAX_NOT_MORE_THAN)
-+ return "left-slant";
-+/* else if( bias == RIGHT_SLANT_BIAS ) */
-+/* return "right-bias"; */
-+ else {
-+ static char buf[30];
-+
-+ sprintf(buf, "unknown: %i", bias);
-+ return buf;
-+ }
-+}
-+
-+#if REISER4_DEBUG
-+/* debugging aid: print human readable information about @p */
-+void print_coord_content(const char *prefix /* prefix to print */ ,
-+ coord_t * p /* coord to print */ )
-+{
-+ reiser4_key key;
-+
-+ if (p == NULL) {
-+ printk("%s: null\n", prefix);
-+ return;
-+ }
-+ if ((p->node != NULL) && znode_is_loaded(p->node)
-+ && coord_is_existing_item(p))
-+ printk("%s: data: %p, length: %i\n", prefix,
-+ item_body_by_coord(p), item_length_by_coord(p));
-+ if (znode_is_loaded(p->node)) {
-+ item_key_by_coord(p, &key);
-+ print_key(prefix, &key);
-+ }
-+}
-+
-+/* debugging aid: print human readable information about @block */
-+void reiser4_print_address(const char *prefix /* prefix to print */ ,
-+ const reiser4_block_nr * block /* block number to print */ )
-+{
-+ printk("%s: %s\n", prefix, sprint_address(block));
-+}
-+#endif
-+
-+/* return string containing human readable representation of @block */
-+char *sprint_address(const reiser4_block_nr *
-+ block /* block number to print */ )
-+{
-+ static char address[30];
-+
-+ if (block == NULL)
-+ sprintf(address, "null");
-+ else if (blocknr_is_fake(block))
-+ sprintf(address, "%llx", (unsigned long long)(*block));
-+ else
-+ sprintf(address, "%llu", (unsigned long long)(*block));
-+ return address;
-+}
-+
-+/* release parent node during traversal */
-+static void put_parent(cbk_handle * h /* search handle */ )
-+{
-+ assert("nikita-383", h != NULL);
-+ if (h->parent_lh->node != NULL) {
-+ longterm_unlock_znode(h->parent_lh);
-+ }
-+}
-+
-+/* helper function used by coord_by_key(): release reference to parent znode
-+ stored in handle before processing its child. */
-+static void hput(cbk_handle * h /* search handle */ )
-+{
-+ assert("nikita-385", h != NULL);
-+ done_lh(h->parent_lh);
-+ done_lh(h->active_lh);
-+}
-+
-+/* Helper function used by cbk(): update delimiting keys of child node (stored
-+ in h->active_lh->node) using key taken from parent on the parent level. */
-+static int setup_delimiting_keys(cbk_handle * h /* search handle */ )
-+{
-+ znode *active;
-+ reiser4_tree *tree;
-+
-+ assert("nikita-1088", h != NULL);
-+
-+ active = h->active_lh->node;
-+
-+ /* fast check without taking dk lock. This is safe, because
-+ * JNODE_DKSET is never cleared once set. */
-+ if (!ZF_ISSET(active, JNODE_DKSET)) {
-+ tree = znode_get_tree(active);
-+ write_lock_dk(tree);
-+ if (!ZF_ISSET(active, JNODE_DKSET)) {
-+ znode_set_ld_key(active, &h->ld_key);
-+ znode_set_rd_key(active, &h->rd_key);
-+ ZF_SET(active, JNODE_DKSET);
-+ }
-+ write_unlock_dk(tree);
-+ return 1;
-+ }
-+ return 0;
-+}
-+
-+/* true if @block makes sense for the @tree. Used to detect corrupted node
-+ * pointers */
-+static int
-+block_nr_is_correct(reiser4_block_nr * block /* block number to check */ ,
-+ reiser4_tree * tree /* tree to check against */ )
-+{
-+ assert("nikita-757", block != NULL);
-+ assert("nikita-758", tree != NULL);
-+
-+ /* check to see if it exceeds the size of the device. */
-+ return reiser4_blocknr_is_sane_for(tree->super, block);
-+}
-+
-+/* check consistency of fields */
-+static int sanity_check(cbk_handle * h /* search handle */ )
-+{
-+ assert("nikita-384", h != NULL);
-+
-+ if (h->level < h->stop_level) {
-+ h->error = "Buried under leaves";
-+ h->result = RETERR(-EIO);
-+ return LOOKUP_DONE;
-+ } else if (!block_nr_is_correct(&h->block, h->tree)) {
-+ h->error = "bad block number";
-+ h->result = RETERR(-EIO);
-+ return LOOKUP_DONE;
-+ } else
-+ return 0;
-+}
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/status_flags.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/status_flags.c
-@@ -0,0 +1,176 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* Functions that deal with reiser4 status block, query status and update it, if needed */
-+
-+#include <linux/bio.h>
-+#include <linux/highmem.h>
-+#include <linux/fs.h>
-+#include <linux/blkdev.h>
-+#include "debug.h"
-+#include "dformat.h"
-+#include "status_flags.h"
-+#include "super.h"
-+
-+/* This is our end I/O handler that marks page uptodate if IO was successful. It also
-+ unconditionally unlocks the page, so we can see that io was done.
-+ We do not free bio, because we hope to reuse that. */
-+static int reiser4_status_endio(struct bio *bio, unsigned int bytes_done,
-+ int err)
-+{
-+ if (bio->bi_size)
-+ return 1;
-+
-+ if (test_bit(BIO_UPTODATE, &bio->bi_flags)) {
-+ SetPageUptodate(bio->bi_io_vec->bv_page);
-+ } else {
-+ ClearPageUptodate(bio->bi_io_vec->bv_page);
-+ SetPageError(bio->bi_io_vec->bv_page);
-+ }
-+ unlock_page(bio->bi_io_vec->bv_page);
-+ return 0;
-+}
-+
-+/* Initialise status code. This is expected to be called from the disk format
-+ code. block paremeter is where status block lives. */
-+int reiser4_status_init(reiser4_block_nr block)
-+{
-+ struct super_block *sb = reiser4_get_current_sb();
-+ struct reiser4_status *statuspage;
-+ struct bio *bio;
-+ struct page *page;
-+
-+
-+ get_super_private(sb)->status_page = NULL;
-+ get_super_private(sb)->status_bio = NULL;
-+
-+ page = alloc_pages(GFP_KERNEL, 0);
-+ if (!page)
-+ return -ENOMEM;
-+
-+ bio = bio_alloc(GFP_KERNEL, 1);
-+ if (bio != NULL) {
-+ bio->bi_sector = block * (sb->s_blocksize >> 9);
-+ bio->bi_bdev = sb->s_bdev;
-+ bio->bi_io_vec[0].bv_page = page;
-+ bio->bi_io_vec[0].bv_len = sb->s_blocksize;
-+ bio->bi_io_vec[0].bv_offset = 0;
-+ bio->bi_vcnt = 1;
-+ bio->bi_size = sb->s_blocksize;
-+ bio->bi_end_io = reiser4_status_endio;
-+ } else {
-+ __free_pages(page, 0);
-+ return -ENOMEM;
-+ }
-+ lock_page(page);
-+ submit_bio(READ, bio);
-+ blk_run_address_space(get_super_fake(sb)->i_mapping);
-+ wait_on_page_locked(page);
-+ if (!PageUptodate(page)) {
-+ warning("green-2007",
-+ "I/O error while tried to read status page\n");
-+ return -EIO;
-+ }
-+
-+ statuspage = (struct reiser4_status *)kmap_atomic(page, KM_USER0);
-+ if (memcmp
-+ (statuspage->magic, REISER4_STATUS_MAGIC,
-+ sizeof(REISER4_STATUS_MAGIC))) {
-+ /* Magic does not match. */
-+ kunmap_atomic((char *)statuspage, KM_USER0);
-+ warning("green-2008", "Wrong magic in status block\n");
-+ __free_pages(page, 0);
-+ bio_put(bio);
-+ return -EINVAL;
-+ }
-+ kunmap_atomic((char *)statuspage, KM_USER0);
-+
-+ get_super_private(sb)->status_page = page;
-+ get_super_private(sb)->status_bio = bio;
-+ return 0;
-+}
-+
-+/* Query the status of fs. Returns if the FS can be safely mounted.
-+ Also if "status" and "extended" parameters are given, it will fill
-+ actual parts of status from disk there. */
-+int reiser4_status_query(u64 * status, u64 * extended)
-+{
-+ struct super_block *sb = reiser4_get_current_sb();
-+ struct reiser4_status *statuspage;
-+ int retval;
-+
-+ if (!get_super_private(sb)->status_page) { // No status page?
-+ return REISER4_STATUS_MOUNT_UNKNOWN;
-+ }
-+ statuspage = (struct reiser4_status *)
-+ kmap_atomic(get_super_private(sb)->status_page, KM_USER0);
-+ switch ((long)le64_to_cpu(get_unaligned(&statuspage->status))) { // FIXME: this cast is a hack for 32 bit arches to work.
-+ case REISER4_STATUS_OK:
-+ retval = REISER4_STATUS_MOUNT_OK;
-+ break;
-+ case REISER4_STATUS_CORRUPTED:
-+ retval = REISER4_STATUS_MOUNT_WARN;
-+ break;
-+ case REISER4_STATUS_DAMAGED:
-+ case REISER4_STATUS_DESTROYED:
-+ case REISER4_STATUS_IOERROR:
-+ retval = REISER4_STATUS_MOUNT_RO;
-+ break;
-+ default:
-+ retval = REISER4_STATUS_MOUNT_UNKNOWN;
-+ break;
-+ }
-+
-+ if (status)
-+ *status = le64_to_cpu(get_unaligned(&statuspage->status));
-+ if (extended)
-+ *extended = le64_to_cpu(get_unaligned(&statuspage->extended_status));
-+
-+ kunmap_atomic((char *)statuspage, KM_USER0);
-+ return retval;
-+}
-+
-+/* This function should be called when something bad happens (e.g. from reiser4_panic).
-+ It fills the status structure and tries to push it to disk. */
-+int reiser4_status_write(__u64 status, __u64 extended_status, char *message)
-+{
-+ struct super_block *sb = reiser4_get_current_sb();
-+ struct reiser4_status *statuspage;
-+ struct bio *bio = get_super_private(sb)->status_bio;
-+
-+ if (!get_super_private(sb)->status_page) { // No status page?
-+ return -1;
-+ }
-+ statuspage = (struct reiser4_status *)
-+ kmap_atomic(get_super_private(sb)->status_page, KM_USER0);
-+
-+ put_unaligned(cpu_to_le64(status), &statuspage->status);
-+ put_unaligned(cpu_to_le64(extended_status), &statuspage->extended_status);
-+ strncpy(statuspage->texterror, message, REISER4_TEXTERROR_LEN);
-+
-+ kunmap_atomic((char *)statuspage, KM_USER0);
-+ bio->bi_bdev = sb->s_bdev;
-+ bio->bi_io_vec[0].bv_page = get_super_private(sb)->status_page;
-+ bio->bi_io_vec[0].bv_len = sb->s_blocksize;
-+ bio->bi_io_vec[0].bv_offset = 0;
-+ bio->bi_vcnt = 1;
-+ bio->bi_size = sb->s_blocksize;
-+ bio->bi_end_io = reiser4_status_endio;
-+ lock_page(get_super_private(sb)->status_page); // Safe as nobody should touch our page.
-+ /* We can block now, but we have no other choice anyway */
-+ submit_bio(WRITE, bio);
-+ blk_run_address_space(get_super_fake(sb)->i_mapping);
-+ return 0; // We do not wait for io to finish.
-+}
-+
-+/* Frees the page with status and bio structure. Should be called by disk format at umount time */
-+int reiser4_status_finish(void)
-+{
-+ struct super_block *sb = reiser4_get_current_sb();
-+
-+ __free_pages(get_super_private(sb)->status_page, 0);
-+ get_super_private(sb)->status_page = NULL;
-+ bio_put(get_super_private(sb)->status_bio);
-+ get_super_private(sb)->status_bio = NULL;
-+ return 0;
-+}
-Index: linux-2.6.16/fs/reiser4/status_flags.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/status_flags.h
-@@ -0,0 +1,43 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* Here we declare structures and flags that store reiser4 status on disk.
-+ The status that helps us to find out if the filesystem is valid or if it
-+ contains some critical, or not so critical errors */
-+
-+#if !defined( __REISER4_STATUS_FLAGS_H__ )
-+#define __REISER4_STATUS_FLAGS_H__
-+
-+#include "dformat.h"
-+/* These are major status flags */
-+#define REISER4_STATUS_OK 0
-+#define REISER4_STATUS_CORRUPTED 0x1
-+#define REISER4_STATUS_DAMAGED 0x2
-+#define REISER4_STATUS_DESTROYED 0x4
-+#define REISER4_STATUS_IOERROR 0x8
-+
-+/* Return values for reiser4_status_query() */
-+#define REISER4_STATUS_MOUNT_OK 0
-+#define REISER4_STATUS_MOUNT_WARN 1
-+#define REISER4_STATUS_MOUNT_RO 2
-+#define REISER4_STATUS_MOUNT_UNKNOWN -1
-+
-+#define REISER4_TEXTERROR_LEN 256
-+
-+#define REISER4_STATUS_MAGIC "ReiSeR4StATusBl"
-+/* We probably need to keep its size under sector size which is 512 bytes */
-+struct reiser4_status {
-+ char magic[16];
-+ d64 status; /* Current FS state */
-+ d64 extended_status; /* Any additional info that might have sense in addition to "status". E.g.
-+ last sector where io error happened if status is "io error encountered" */
-+ d64 stacktrace[10]; /* Last ten functional calls made (addresses) */
-+ char texterror[REISER4_TEXTERROR_LEN]; /* Any error message if appropriate, otherwise filled with zeroes */
-+};
-+
-+int reiser4_status_init(reiser4_block_nr block);
-+int reiser4_status_query(u64 * status, u64 * extended);
-+int reiser4_status_write(u64 status, u64 extended_status, char *message);
-+int reiser4_status_finish(void);
-+
-+#endif
-Index: linux-2.6.16/fs/reiser4/super.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/super.c
-@@ -0,0 +1,313 @@
-+/* Copyright 2001, 2002, 2003, 2004 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* Super-block manipulations. */
-+
-+#include "debug.h"
-+#include "dformat.h"
-+#include "key.h"
-+#include "plugin/security/perm.h"
-+#include "plugin/space/space_allocator.h"
-+#include "plugin/plugin.h"
-+#include "tree.h"
-+#include "vfs_ops.h"
-+#include "super.h"
-+#include "reiser4.h"
-+
-+#include <linux/types.h> /* for __u?? */
-+#include <linux/fs.h> /* for struct super_block */
-+
-+
-+static __u64 reserved_for_gid(const struct super_block *super, gid_t gid);
-+static __u64 reserved_for_uid(const struct super_block *super, uid_t uid);
-+static __u64 reserved_for_root(const struct super_block *super);
-+
-+/* Return reiser4-specific part of super block */
-+reiser4_super_info_data *get_super_private_nocheck(const struct super_block *super /* super block
-+ * queried */ )
-+{
-+ return (reiser4_super_info_data *) super->s_fs_info;
-+}
-+
-+/* Return reiser4 fstype: value that is returned in ->f_type field by statfs() */
-+long statfs_type(const struct super_block *super UNUSED_ARG /* super block
-+ * queried */ )
-+{
-+ assert("nikita-448", super != NULL);
-+ assert("nikita-449", is_reiser4_super(super));
-+ return (long)REISER4_SUPER_MAGIC;
-+}
-+
-+/* functions to read/modify fields of reiser4_super_info_data */
-+
-+/* get number of blocks in file system */
-+__u64 reiser4_block_count(const struct super_block *super /* super block
-+ queried */ )
-+{
-+ assert("vs-494", super != NULL);
-+ assert("vs-495", is_reiser4_super(super));
-+ return get_super_private(super)->block_count;
-+}
-+
-+/*
-+ * number of blocks in the current file system
-+ */
-+__u64 reiser4_current_block_count(void)
-+{
-+ return get_current_super_private()->block_count;
-+}
-+
-+/* set number of block in filesystem */
-+void reiser4_set_block_count(const struct super_block *super, __u64 nr)
-+{
-+ assert("vs-501", super != NULL);
-+ assert("vs-502", is_reiser4_super(super));
-+ get_super_private(super)->block_count = nr;
-+ /*
-+ * The proper calculation of the reserved space counter (%5 of device
-+ * block counter) we need a 64 bit division which is missing in Linux
-+ * on i386 platform. Because we do not need a precise calculation here
-+ * we can replace a div64 operation by this combination of
-+ * multiplication and shift: 51. / (2^10) == .0498 .
-+ * FIXME: this is a bug. It comes up only for very small filesystems
-+ * which probably are never used. Nevertheless, it is a bug. Number of
-+ * reserved blocks must be not less than maximal number of blocks which
-+ * get grabbed with BA_RESERVED.
-+ */
-+ get_super_private(super)->blocks_reserved = ((nr * 51) >> 10);
-+}
-+
-+/* amount of blocks used (allocated for data) in file system */
-+__u64 reiser4_data_blocks(const struct super_block *super /* super block
-+ queried */ )
-+{
-+ assert("nikita-452", super != NULL);
-+ assert("nikita-453", is_reiser4_super(super));
-+ return get_super_private(super)->blocks_used;
-+}
-+
-+/* set number of block used in filesystem */
-+void reiser4_set_data_blocks(const struct super_block *super, __u64 nr)
-+{
-+ assert("vs-503", super != NULL);
-+ assert("vs-504", is_reiser4_super(super));
-+ get_super_private(super)->blocks_used = nr;
-+}
-+
-+/* amount of free blocks in file system */
-+__u64 reiser4_free_blocks(const struct super_block *super /* super block
-+ queried */ )
-+{
-+ assert("nikita-454", super != NULL);
-+ assert("nikita-455", is_reiser4_super(super));
-+ return get_super_private(super)->blocks_free;
-+}
-+
-+/* set number of blocks free in filesystem */
-+void reiser4_set_free_blocks(const struct super_block *super, __u64 nr)
-+{
-+ assert("vs-505", super != NULL);
-+ assert("vs-506", is_reiser4_super(super));
-+ get_super_private(super)->blocks_free = nr;
-+}
-+
-+/* get mkfs unique identifier */
-+__u32 reiser4_mkfs_id(const struct super_block *super /* super block
-+ queried */ )
-+{
-+ assert("vpf-221", super != NULL);
-+ assert("vpf-222", is_reiser4_super(super));
-+ return get_super_private(super)->mkfs_id;
-+}
-+
-+/* amount of free blocks in file system */
-+__u64 reiser4_free_committed_blocks(const struct super_block *super)
-+{
-+ assert("vs-497", super != NULL);
-+ assert("vs-498", is_reiser4_super(super));
-+ return get_super_private(super)->blocks_free_committed;
-+}
-+
-+/* amount of blocks in the file system reserved for @uid and @gid */
-+long reiser4_reserved_blocks(const struct super_block *super /* super block
-+ queried */ ,
-+ uid_t uid /* user id */ ,
-+ gid_t gid /* group id */ )
-+{
-+ long reserved;
-+
-+ assert("nikita-456", super != NULL);
-+ assert("nikita-457", is_reiser4_super(super));
-+
-+ reserved = 0;
-+ if (REISER4_SUPPORT_GID_SPACE_RESERVATION)
-+ reserved += reserved_for_gid(super, gid);
-+ if (REISER4_SUPPORT_UID_SPACE_RESERVATION)
-+ reserved += reserved_for_uid(super, uid);
-+ if (REISER4_SUPPORT_ROOT_SPACE_RESERVATION && (uid == 0))
-+ reserved += reserved_for_root(super);
-+ return reserved;
-+}
-+
-+/* get/set value of/to grabbed blocks counter */
-+__u64 reiser4_grabbed_blocks(const struct super_block * super)
-+{
-+ assert("zam-512", super != NULL);
-+ assert("zam-513", is_reiser4_super(super));
-+
-+ return get_super_private(super)->blocks_grabbed;
-+}
-+
-+__u64 flush_reserved(const struct super_block * super)
-+{
-+ assert("vpf-285", super != NULL);
-+ assert("vpf-286", is_reiser4_super(super));
-+
-+ return get_super_private(super)->blocks_flush_reserved;
-+}
-+
-+/* get/set value of/to counter of fake allocated formatted blocks */
-+__u64 reiser4_fake_allocated(const struct super_block * super)
-+{
-+ assert("zam-516", super != NULL);
-+ assert("zam-517", is_reiser4_super(super));
-+
-+ return get_super_private(super)->blocks_fake_allocated;
-+}
-+
-+/* get/set value of/to counter of fake allocated unformatted blocks */
-+__u64 reiser4_fake_allocated_unformatted(const struct super_block * super)
-+{
-+ assert("zam-516", super != NULL);
-+ assert("zam-517", is_reiser4_super(super));
-+
-+ return get_super_private(super)->blocks_fake_allocated_unformatted;
-+}
-+
-+/* get/set value of/to counter of clustered blocks */
-+__u64 reiser4_clustered_blocks(const struct super_block * super)
-+{
-+ assert("edward-601", super != NULL);
-+ assert("edward-602", is_reiser4_super(super));
-+
-+ return get_super_private(super)->blocks_clustered;
-+}
-+
-+/* space allocator used by this file system */
-+reiser4_space_allocator *get_space_allocator(const struct super_block * super)
-+{
-+ assert("nikita-1965", super != NULL);
-+ assert("nikita-1966", is_reiser4_super(super));
-+ return &get_super_private(super)->space_allocator;
-+}
-+
-+/* return fake inode used to bind formatted nodes in the page cache */
-+struct inode *get_super_fake(const struct super_block *super /* super block
-+ queried */ )
-+{
-+ assert("nikita-1757", super != NULL);
-+ return get_super_private(super)->fake;
-+}
-+
-+/* return fake inode used to bind copied on capture nodes in the page cache */
-+struct inode *get_cc_fake(const struct super_block *super /* super block
-+ queried */ )
-+{
-+ assert("nikita-1757", super != NULL);
-+ return get_super_private(super)->cc;
-+}
-+
-+/* return fake inode used to bind bitmaps and journlal heads */
-+struct inode *get_bitmap_fake(const struct super_block *super)
-+{
-+ assert("nikita-17571", super != NULL);
-+ return get_super_private(super)->bitmap;
-+}
-+
-+/* tree used by this file system */
-+reiser4_tree *get_tree(const struct super_block * super /* super block
-+ * queried */ )
-+{
-+ assert("nikita-460", super != NULL);
-+ assert("nikita-461", is_reiser4_super(super));
-+ return &get_super_private(super)->tree;
-+}
-+
-+/* Check that @super is (looks like) reiser4 super block. This is mainly for
-+ use in assertions. */
-+int is_reiser4_super(const struct super_block *super /* super block
-+ * queried */ )
-+{
-+ return
-+ super != NULL &&
-+ get_super_private(super) != NULL &&
-+ super->s_op == &(get_super_private(super)->ops.super);
-+}
-+
-+int reiser4_is_set(const struct super_block *super, reiser4_fs_flag f)
-+{
-+ return test_bit((int)f, &get_super_private(super)->fs_flags);
-+}
-+
-+/* amount of blocks reserved for given group in file system */
-+static __u64 reserved_for_gid(const struct super_block *super UNUSED_ARG /* super
-+ * block
-+ * queried */ ,
-+ gid_t gid UNUSED_ARG /* group id */ )
-+{
-+ return 0;
-+}
-+
-+/* amount of blocks reserved for given user in file system */
-+static __u64 reserved_for_uid(const struct super_block *super UNUSED_ARG /* super
-+ block
-+ queried */ ,
-+ uid_t uid UNUSED_ARG /* user id */ )
-+{
-+ return 0;
-+}
-+
-+/* amount of blocks reserved for super user in file system */
-+static __u64 reserved_for_root(const struct super_block *super UNUSED_ARG /* super
-+ block
-+ queried */ )
-+{
-+ return 0;
-+}
-+
-+/*
-+ * true if block number @blk makes sense for the file system at @super.
-+ */
-+int
-+reiser4_blocknr_is_sane_for(const struct super_block *super,
-+ const reiser4_block_nr * blk)
-+{
-+ reiser4_super_info_data *sbinfo;
-+
-+ assert("nikita-2957", super != NULL);
-+ assert("nikita-2958", blk != NULL);
-+
-+ if (blocknr_is_fake(blk))
-+ return 1;
-+
-+ sbinfo = get_super_private(super);
-+ return *blk < sbinfo->block_count;
-+}
-+
-+/*
-+ * true, if block number @blk makes sense for the current file system
-+ */
-+int reiser4_blocknr_is_sane(const reiser4_block_nr * blk)
-+{
-+ return reiser4_blocknr_is_sane_for(reiser4_get_current_sb(), blk);
-+}
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/super.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/super.h
-@@ -0,0 +1,468 @@
-+/* Copyright 2001, 2002, 2003, 2004 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* Super-block functions. See super.c for details. */
-+
-+#if !defined( __REISER4_SUPER_H__ )
-+#define __REISER4_SUPER_H__
-+
-+#include "tree.h"
-+#include "entd.h"
-+#include "wander.h"
-+#include "fsdata.h"
-+#include "plugin/object.h"
-+#include "plugin/space/space_allocator.h"
-+
-+/*
-+ * Flush algorithms parameters.
-+ */
-+typedef struct {
-+ unsigned relocate_threshold;
-+ unsigned relocate_distance;
-+ unsigned written_threshold;
-+ unsigned scan_maxnodes;
-+} flush_params;
-+
-+typedef enum {
-+ /*
-+ * True if this file system doesn't support hard-links (multiple names)
-+ * for directories: this is default UNIX behavior.
-+ *
-+ * If hard-links on directoires are not allowed, file system is Acyclic
-+ * Directed Graph (modulo dot, and dotdot, of course).
-+ *
-+ * This is used by reiser4_link().
-+ */
-+ REISER4_ADG = 0,
-+ /*
-+ * set if all nodes in internal tree have the same node layout plugin.
-+ * If so, znode_guess_plugin() will return tree->node_plugin in stead
-+ * of guessing plugin by plugin id stored in the node.
-+ */
-+ REISER4_ONE_NODE_PLUGIN = 1,
-+ /* if set, bsd gid assignment is supported. */
-+ REISER4_BSD_GID = 2,
-+ /* [mac]_time are 32 bit in inode */
-+ REISER4_32_BIT_TIMES = 3,
-+ /* allow concurrent flushes */
-+ REISER4_MTFLUSH = 4,
-+ /* load all bitmap blocks at mount time */
-+ REISER4_DONT_LOAD_BITMAP = 5,
-+ /* enforce atomicity during write(2) */
-+ REISER4_ATOMIC_WRITE = 6,
-+ /* don't use write barriers in the log writer code. */
-+ REISER4_NO_WRITE_BARRIER = 7
-+
-+} reiser4_fs_flag;
-+
-+/*
-+ * VFS related operation vectors.
-+ */
-+typedef struct object_ops {
-+ struct super_operations super;
-+ struct dentry_operations dentry;
-+ struct export_operations export;
-+} object_ops;
-+
-+/* reiser4-specific part of super block
-+
-+ Locking
-+
-+ Fields immutable after mount:
-+
-+ ->oid*
-+ ->space*
-+ ->default_[ug]id
-+ ->mkfs_id
-+ ->trace_flags
-+ ->debug_flags
-+ ->fs_flags
-+ ->df_plug
-+ ->optimal_io_size
-+ ->plug
-+ ->flush
-+ ->u (bad name)
-+ ->txnmgr
-+ ->ra_params
-+ ->fsuid
-+ ->journal_header
-+ ->journal_footer
-+
-+ Fields protected by ->lnode_guard
-+
-+ ->lnode_htable
-+
-+ Fields protected by per-super block spin lock
-+
-+ ->block_count
-+ ->blocks_used
-+ ->blocks_free
-+ ->blocks_free_committed
-+ ->blocks_grabbed
-+ ->blocks_fake_allocated_unformatted
-+ ->blocks_fake_allocated
-+ ->blocks_flush_reserved
-+ ->eflushed
-+ ->blocknr_hint_default
-+
-+ After journal replaying during mount,
-+
-+ ->last_committed_tx
-+
-+ is protected by ->tmgr.commit_semaphore
-+
-+ Invariants involving this data-type:
-+
-+ [sb-block-counts]
-+ [sb-grabbed]
-+ [sb-fake-allocated]
-+*/
-+struct reiser4_super_info_data {
-+ /*
-+ * guard spinlock which protects reiser4 super block fields (currently
-+ * blocks_free, blocks_free_committed)
-+ */
-+ spinlock_t guard;
-+
-+ /* next oid that will be returned by oid_allocate() */
-+ oid_t next_to_use;
-+ /* total number of used oids */
-+ oid_t oids_in_use;
-+
-+ /* space manager plugin */
-+ reiser4_space_allocator space_allocator;
-+
-+ /* reiser4 internal tree */
-+ reiser4_tree tree;
-+
-+ /*
-+ * default user id used for light-weight files without their own
-+ * stat-data.
-+ */
-+ uid_t default_uid;
-+
-+ /*
-+ * default group id used for light-weight files without their own
-+ * stat-data.
-+ */
-+ gid_t default_gid;
-+
-+ /* mkfs identifier generated at mkfs time. */
-+ __u32 mkfs_id;
-+ /* amount of blocks in a file system */
-+ __u64 block_count;
-+
-+ /* inviolable reserve */
-+ __u64 blocks_reserved;
-+
-+ /* amount of blocks used by file system data and meta-data. */
-+ __u64 blocks_used;
-+
-+ /*
-+ * amount of free blocks. This is "working" free blocks counter. It is
-+ * like "working" bitmap, please see block_alloc.c for description.
-+ */
-+ __u64 blocks_free;
-+
-+ /*
-+ * free block count for fs committed state. This is "commit" version of
-+ * free block counter.
-+ */
-+ __u64 blocks_free_committed;
-+
-+ /*
-+ * number of blocks reserved for further allocation, for all
-+ * threads.
-+ */
-+ __u64 blocks_grabbed;
-+
-+ /* number of fake allocated unformatted blocks in tree. */
-+ __u64 blocks_fake_allocated_unformatted;
-+
-+ /* number of fake allocated formatted blocks in tree. */
-+ __u64 blocks_fake_allocated;
-+
-+ /* number of blocks reserved for flush operations. */
-+ __u64 blocks_flush_reserved;
-+
-+ /* number of blocks reserved for cluster operations. */
-+ __u64 blocks_clustered;
-+
-+ /* unique file-system identifier */
-+ __u32 fsuid;
-+
-+ /* file-system wide flags. See reiser4_fs_flag enum */
-+ unsigned long fs_flags;
-+
-+ /* transaction manager */
-+ txn_mgr tmgr;
-+
-+ /* ent thread */
-+ entd_context entd;
-+
-+ /* fake inode used to bind formatted nodes */
-+ struct inode *fake;
-+ /* inode used to bind bitmaps (and journal heads) */
-+ struct inode *bitmap;
-+ /* inode used to bind copied on capture nodes */
-+ struct inode *cc;
-+
-+ /* disk layout plugin */
-+ disk_format_plugin *df_plug;
-+
-+ /* disk layout specific part of reiser4 super info data */
-+ union {
-+ format40_super_info format40;
-+ } u;
-+
-+ /* value we return in st_blksize on stat(2) */
-+ unsigned long optimal_io_size;
-+
-+ /* parameters for the flush algorithm */
-+ flush_params flush;
-+
-+ /* pointers to jnodes for journal header and footer */
-+ jnode *journal_header;
-+ jnode *journal_footer;
-+
-+ journal_location jloc;
-+
-+ /* head block number of last committed transaction */
-+ __u64 last_committed_tx;
-+
-+ /*
-+ * we remember last written location for using as a hint for new block
-+ * allocation
-+ */
-+ __u64 blocknr_hint_default;
-+
-+ /* committed number of files (oid allocator state variable ) */
-+ __u64 nr_files_committed;
-+
-+ ra_params_t ra_params;
-+
-+ /*
-+ * A semaphore for serializing cut tree operation if out-of-free-space:
-+ * the only one cut_tree thread is allowed to grab space from reserved
-+ * area (it is 5% of disk space)
-+ */
-+ struct semaphore delete_sema;
-+ /* task owning ->delete_sema */
-+ struct task_struct *delete_sema_owner;
-+
-+ /* serialize semaphore */
-+ struct semaphore flush_sema;
-+
-+ /* Diskmap's blocknumber */
-+ __u64 diskmap_block;
-+
-+ /* What to do in case of error */
-+ int onerror;
-+
-+ /* operations for objects on this file system */
-+ object_ops ops;
-+
-+ /*
-+ * structure to maintain d_cursors. See plugin/file_ops_readdir.c for
-+ * more details
-+ */
-+ d_cursor_info d_info;
-+
-+#ifdef CONFIG_REISER4_BADBLOCKS
-+ /* Alternative master superblock offset (in bytes) */
-+ unsigned long altsuper;
-+#endif
-+ struct repacker *repacker;
-+ struct page *status_page;
-+ struct bio *status_bio;
-+
-+#if REISER4_DEBUG
-+ /*
-+ * minimum used blocks value (includes super blocks, bitmap blocks and
-+ * other fs reserved areas), depends on fs format and fs size.
-+ */
-+ __u64 min_blocks_used;
-+
-+ /*
-+ * when debugging is on, all jnodes (including znodes, bitmaps, etc.)
-+ * are kept on a list anchored at sbinfo->all_jnodes. This list is
-+ * protected by sbinfo->all_guard spin lock. This lock should be taken
-+ * with _irq modifier, because it is also modified from interrupt
-+ * contexts (by RCU).
-+ */
-+ spinlock_t all_guard;
-+ /* list of all jnodes */
-+ struct list_head all_jnodes;
-+#endif
-+ struct dentry *debugfs_root;
-+};
-+
-+extern reiser4_super_info_data *get_super_private_nocheck(const struct
-+ super_block *super);
-+
-+
-+/* Return reiser4-specific part of super block */
-+static inline reiser4_super_info_data *get_super_private(const struct
-+ super_block *super)
-+{
-+ assert("nikita-447", super != NULL);
-+
-+ return (reiser4_super_info_data *) super->s_fs_info;
-+}
-+
-+/* get ent context for the @super */
-+static inline entd_context *get_entd_context(struct super_block *super)
-+{
-+ return &get_super_private(super)->entd;
-+}
-+
-+
-+/* "Current" super-block: main super block used during current system
-+ call. Reference to this super block is stored in reiser4_context. */
-+static inline struct super_block *reiser4_get_current_sb(void)
-+{
-+ return get_current_context()->super;
-+}
-+
-+/* Reiser4-specific part of "current" super-block: main super block used
-+ during current system call. Reference to this super block is stored in
-+ reiser4_context. */
-+static inline reiser4_super_info_data *get_current_super_private(void)
-+{
-+ return get_super_private(reiser4_get_current_sb());
-+}
-+
-+static inline ra_params_t *get_current_super_ra_params(void)
-+{
-+ return &(get_current_super_private()->ra_params);
-+}
-+
-+/*
-+ * true, if file system on @super is read-only
-+ */
-+static inline int rofs_super(struct super_block *super)
-+{
-+ return super->s_flags & MS_RDONLY;
-+}
-+
-+/*
-+ * true, if @tree represents read-only file system
-+ */
-+static inline int rofs_tree(reiser4_tree * tree)
-+{
-+ return rofs_super(tree->super);
-+}
-+
-+/*
-+ * true, if file system where @inode lives on, is read-only
-+ */
-+static inline int rofs_inode(struct inode *inode)
-+{
-+ return rofs_super(inode->i_sb);
-+}
-+
-+/*
-+ * true, if file system where @node lives on, is read-only
-+ */
-+static inline int rofs_jnode(jnode * node)
-+{
-+ return rofs_tree(jnode_get_tree(node));
-+}
-+
-+extern __u64 reiser4_current_block_count(void);
-+
-+extern void build_object_ops(struct super_block *super, object_ops * ops);
-+
-+#define REISER4_SUPER_MAGIC 0x52345362 /* (*(__u32 *)"R4Sb"); */
-+
-+static inline void spin_lock_reiser4_super(reiser4_super_info_data *sbinfo)
-+{
-+ spin_lock(&(sbinfo->guard));
-+}
-+
-+static inline void spin_unlock_reiser4_super(reiser4_super_info_data *sbinfo)
-+{
-+ assert_spin_locked(&(sbinfo->guard));
-+ spin_unlock(&(sbinfo->guard));
-+}
-+
-+extern __u64 flush_reserved(const struct super_block *);
-+extern int reiser4_is_set(const struct super_block *super, reiser4_fs_flag f);
-+extern long statfs_type(const struct super_block *super);
-+extern __u64 reiser4_block_count(const struct super_block *super);
-+extern void reiser4_set_block_count(const struct super_block *super, __u64 nr);
-+extern __u64 reiser4_data_blocks(const struct super_block *super);
-+extern void reiser4_set_data_blocks(const struct super_block *super, __u64 nr);
-+extern __u64 reiser4_free_blocks(const struct super_block *super);
-+extern void reiser4_set_free_blocks(const struct super_block *super, __u64 nr);
-+extern __u32 reiser4_mkfs_id(const struct super_block *super);
-+
-+extern __u64 reiser4_free_committed_blocks(const struct super_block *super);
-+
-+extern __u64 reiser4_grabbed_blocks(const struct super_block *);
-+extern __u64 reiser4_fake_allocated(const struct super_block *);
-+extern __u64 reiser4_fake_allocated_unformatted(const struct super_block *);
-+extern __u64 reiser4_clustered_blocks(const struct super_block *);
-+
-+extern long reiser4_reserved_blocks(const struct super_block *super, uid_t uid,
-+ gid_t gid);
-+
-+extern reiser4_space_allocator *get_space_allocator(const struct super_block
-+ *super);
-+extern reiser4_oid_allocator *get_oid_allocator(const struct super_block
-+ *super);
-+extern struct inode *get_super_fake(const struct super_block *super);
-+extern struct inode *get_cc_fake(const struct super_block *super);
-+extern struct inode *get_bitmap_fake(const struct super_block *super);
-+extern reiser4_tree *get_tree(const struct super_block *super);
-+extern int is_reiser4_super(const struct super_block *super);
-+
-+extern int reiser4_blocknr_is_sane(const reiser4_block_nr * blk);
-+extern int reiser4_blocknr_is_sane_for(const struct super_block *super,
-+ const reiser4_block_nr * blk);
-+extern int reiser4_fill_super(struct super_block *s, void *data, int silent);
-+extern int reiser4_done_super(struct super_block *s);
-+
-+/* step of fill super */
-+extern int init_fs_info(struct super_block *);
-+extern void done_fs_info(struct super_block *);
-+extern int init_super_data(struct super_block *, char *opt_string);
-+extern int init_read_super(struct super_block *, int silent);
-+extern int init_root_inode(struct super_block *);
-+
-+
-+/* Maximal possible object id. */
-+#define ABSOLUTE_MAX_OID ((oid_t)~0)
-+
-+#define OIDS_RESERVED ( 1 << 16 )
-+int oid_init_allocator(struct super_block *, oid_t nr_files, oid_t next);
-+oid_t oid_allocate(struct super_block *);
-+int oid_release(struct super_block *, oid_t);
-+oid_t oid_next(const struct super_block *);
-+void oid_count_allocated(void);
-+void oid_count_released(void);
-+long oids_used(const struct super_block *);
-+
-+#if REISER4_DEBUG
-+void print_fs_info(const char *prefix, const struct super_block *);
-+#endif
-+
-+extern void destroy_reiser4_cache(kmem_cache_t **);
-+
-+extern struct super_operations reiser4_super_operations;
-+extern struct export_operations reiser4_export_operations;
-+extern struct dentry_operations reiser4_dentry_operations;
-+extern struct dentry *reiser4_debugfs_root;
-+
-+/* __REISER4_SUPER_H__ */
-+#endif
-+
-+/*
-+ * Local variables:
-+ * c-indentation-style: "K&R"
-+ * mode-name: "LC"
-+ * c-basic-offset: 8
-+ * tab-width: 8
-+ * fill-column: 120
-+ * End:
-+ */
-Index: linux-2.6.16/fs/reiser4/super_ops.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/super_ops.c
-@@ -0,0 +1,721 @@
-+/* Copyright 2005 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+#include "inode.h"
-+#include "page_cache.h"
-+#include "ktxnmgrd.h"
-+#include "flush.h"
-+#include "safe_link.h"
-+
-+#include <linux/vfs.h>
-+#include <linux/writeback.h>
-+#include <linux/mount.h>
-+#include <linux/seq_file.h>
-+#include <linux/debugfs.h>
-+
-+/* slab cache for inodes */
-+static kmem_cache_t *inode_cache;
-+
-+/**
-+ * init_once - constructor for reiser4 inodes
-+ * @obj: inode to be initialized
-+ * @cache: cache @obj belongs to
-+ * @flags: SLAB flags
-+ *
-+ * Initialization function to be called when new page is allocated by reiser4
-+ * inode cache. It is set on inode cache creation.
-+ */
-+static void init_once(void *obj, kmem_cache_t *cache, unsigned long flags)
-+{
-+ reiser4_inode_object *info;
-+
-+ info = obj;
-+
-+ if ((flags & (SLAB_CTOR_VERIFY | SLAB_CTOR_CONSTRUCTOR)) ==
-+ SLAB_CTOR_CONSTRUCTOR) {
-+ /* initialize vfs inode */
-+ inode_init_once(&info->vfs_inode);
-+
-+ /*
-+ * initialize reiser4 specific part fo inode.
-+ * NOTE-NIKITA add here initializations for locks, list heads,
-+ * etc. that will be added to our private inode part.
-+ */
-+ INIT_LIST_HEAD(get_readdir_list(&info->vfs_inode));
-+ /* init semaphore which is used during inode loading */
-+ loading_init_once(&info->p);
-+ INIT_RADIX_TREE(jnode_tree_by_reiser4_inode(&info->p),
-+ GFP_ATOMIC);
-+#if REISER4_DEBUG
-+ info->p.nr_jnodes = 0;
-+#endif
-+ }
-+}
-+
-+/**
-+ * init_inodes - create znode cache
-+ *
-+ * Initializes slab cache of inodes. It is part of reiser4 module initialization.
-+ */
-+static int init_inodes(void)
-+{
-+ inode_cache = kmem_cache_create("reiser4_inode",
-+ sizeof(reiser4_inode_object),
-+ 0,
-+ SLAB_HWCACHE_ALIGN |
-+ SLAB_RECLAIM_ACCOUNT, init_once, NULL);
-+ if (inode_cache == NULL)
-+ return RETERR(-ENOMEM);
-+ return 0;
-+}
-+
-+/**
-+ * done_inodes - delete inode cache
-+ *
-+ * This is called on reiser4 module unloading or system shutdown.
-+ */
-+static void done_inodes(void)
-+{
-+ destroy_reiser4_cache(&inode_cache);
-+}
-+
-+/**
-+ * reiser4_alloc_inode - alloc_inode of super operations
-+ * @super: super block new inode is allocated for
-+ *
-+ * Allocates new inode, initializes reiser4 specific part of it.
-+ */
-+static struct inode *reiser4_alloc_inode(struct super_block *super)
-+{
-+ reiser4_inode_object *obj;
-+
-+ assert("nikita-1696", super != NULL);
-+ obj = kmem_cache_alloc(inode_cache, SLAB_KERNEL);
-+ if (obj != NULL) {
-+ reiser4_inode *info;
-+
-+ info = &obj->p;
-+
-+ info->hset = info->pset = plugin_set_get_empty();
-+ info->extmask = 0;
-+ info->locality_id = 0ull;
-+ info->plugin_mask = 0;
-+#if !REISER4_INO_IS_OID
-+ info->oid_hi = 0;
-+#endif
-+ seal_init(&info->sd_seal, NULL, NULL);
-+ coord_init_invalid(&info->sd_coord, NULL);
-+ info->flags = 0;
-+ spin_lock_init(&info->guard);
-+ /* this deals with info's loading semaphore */
-+ loading_alloc(info);
-+ info->vroot = UBER_TREE_ADDR;
-+ return &obj->vfs_inode;
-+ } else
-+ return NULL;
-+}
-+
-+/**
-+ * reiser4_destroy_inode - destroy_inode of super operations
-+ * @inode: inode being destroyed
-+ *
-+ * Puts reiser4 specific portion of inode, frees memory occupied by inode.
-+ */
-+static void reiser4_destroy_inode(struct inode *inode)
-+{
-+ reiser4_inode *info;
-+
-+ info = reiser4_inode_data(inode);
-+
-+ assert("vs-1220", inode_has_no_jnodes(info));
-+
-+ if (!is_bad_inode(inode) && is_inode_loaded(inode)) {
-+ file_plugin *fplug = inode_file_plugin(inode);
-+ if (fplug->destroy_inode != NULL)
-+ fplug->destroy_inode(inode);
-+ }
-+ dispose_cursors(inode);
-+ if (info->pset)
-+ plugin_set_put(info->pset);
-+
-+ /*
-+ * cannot add similar assertion about ->i_list as prune_icache return
-+ * inode into slab with dangling ->list.{next,prev}. This is safe,
-+ * because they are re-initialized in the new_inode().
-+ */
-+ assert("nikita-2895", list_empty(&inode->i_dentry));
-+ assert("nikita-2896", hlist_unhashed(&inode->i_hash));
-+ assert("nikita-2898", list_empty_careful(get_readdir_list(inode)));
-+
-+ /* this deals with info's loading semaphore */
-+ loading_destroy(info);
-+
-+ kmem_cache_free(inode_cache,
-+ container_of(info, reiser4_inode_object, p));
-+}
-+
-+/**
-+ * reiser4_dirty_inode - dirty_inode of super operations
-+ * @inode: inode being dirtied
-+ *
-+ * Updates stat data.
-+ */
-+static void reiser4_dirty_inode(struct inode *inode)
-+{
-+ int result;
-+
-+ if (!is_in_reiser4_context())
-+ return;
-+ assert("", !IS_RDONLY(inode));
-+ assert("", (inode_file_plugin(inode)->estimate.update(inode) <=
-+ get_current_context()->grabbed_blocks));
-+
-+ result = reiser4_update_sd(inode);
-+ if (result)
-+ warning("", "failed to dirty inode for %llu: %d",
-+ get_inode_oid(inode), result);
-+}
-+
-+/**
-+ * reiser4_delete_inode - delete_inode of super operations
-+ * @inode: inode to delete
-+ *
-+ * Calls file plugin's delete_object method to delete object items from
-+ * filesystem tree and calls clear_inode.
-+ */
-+static void reiser4_delete_inode(struct inode *inode)
-+{
-+ reiser4_context *ctx;
-+ file_plugin *fplug;
-+
-+ ctx = init_context(inode->i_sb);
-+ if (IS_ERR(ctx)) {
-+ warning("vs-15", "failed to init context");
-+ return;
-+ }
-+
-+ if (is_inode_loaded(inode)) {
-+ fplug = inode_file_plugin(inode);
-+ if (fplug != NULL && fplug->delete_object != NULL)
-+ fplug->delete_object(inode);
-+ }
-+
-+ inode->i_blocks = 0;
-+ clear_inode(inode);
-+ reiser4_exit_context(ctx);
-+}
-+
-+/**
-+ * reiser4_put_super - put_super of super operations
-+ * @super: super block to free
-+ *
-+ * Stops daemons, release resources, umounts in short.
-+ */
-+static void reiser4_put_super(struct super_block *super)
-+{
-+ reiser4_super_info_data *sbinfo;
-+ reiser4_context *ctx;
-+
-+ sbinfo = get_super_private(super);
-+ assert("vs-1699", sbinfo);
-+
-+ debugfs_remove(sbinfo->tmgr.debugfs_atom_count);
-+ debugfs_remove(sbinfo->tmgr.debugfs_id_count);
-+ debugfs_remove(sbinfo->debugfs_root);
-+
-+ ctx = init_context(super);
-+ if (IS_ERR(ctx)) {
-+ warning("vs-17", "failed to init context");
-+ return;
-+ }
-+
-+ /* have disk format plugin to free its resources */
-+ if (get_super_private(super)->df_plug->release)
-+ get_super_private(super)->df_plug->release(super);
-+
-+ done_formatted_fake(super);
-+
-+ /* stop daemons: ktxnmgr and entd */
-+ done_entd(super);
-+ done_ktxnmgrd(super);
-+ done_txnmgr(&sbinfo->tmgr);
-+
-+ done_fs_info(super);
-+ reiser4_exit_context(ctx);
-+}
-+
-+/**
-+ * reiser4_write_super - write_super of super operations
-+ * @super: super block to write
-+ *
-+ * Captures znode associated with super block, comit all transactions.
-+ */
-+static void reiser4_write_super(struct super_block *super)
-+{
-+ int ret;
-+ reiser4_context *ctx;
-+
-+ assert("vs-1700", !rofs_super(super));
-+
-+ ctx = init_context(super);
-+ if (IS_ERR(ctx)) {
-+ warning("vs-16", "failed to init context");
-+ return;
-+ }
-+
-+ ret = capture_super_block(super);
-+ if (ret != 0)
-+ warning("vs-1701",
-+ "capture_super_block failed in write_super: %d", ret);
-+ ret = txnmgr_force_commit_all(super, 0);
-+ if (ret != 0)
-+ warning("jmacd-77113",
-+ "txn_force failed in write_super: %d", ret);
-+
-+ super->s_dirt = 0;
-+
-+ reiser4_exit_context(ctx);
-+}
-+
-+/**
-+ * reiser4_statfs - statfs of super operations
-+ * @super: super block of file system in queried
-+ * @stafs: buffer to fill with statistics
-+ *
-+ * Returns information about filesystem.
-+ */
-+static int reiser4_statfs(struct super_block *super, struct kstatfs *statfs)
-+{
-+ sector_t total;
-+ sector_t reserved;
-+ sector_t free;
-+ sector_t forroot;
-+ sector_t deleted;
-+ reiser4_context *ctx;
-+
-+ assert("nikita-408", super != NULL);
-+ assert("nikita-409", statfs != NULL);
-+
-+ ctx = init_context(super);
-+ if (IS_ERR(ctx))
-+ return PTR_ERR(ctx);
-+
-+ statfs->f_type = statfs_type(super);
-+ statfs->f_bsize = super->s_blocksize;
-+
-+ /*
-+ * 5% of total block space is reserved. This is needed for flush and
-+ * for truncates (so that we are able to perform truncate/unlink even
-+ * on the otherwise completely full file system). If this reservation
-+ * is hidden from statfs(2), users will mistakenly guess that they
-+ * have enough free space to complete some operation, which is
-+ * frustrating.
-+ *
-+ * Another possible solution is to subtract ->blocks_reserved from
-+ * ->f_bfree, but changing available space seems less intrusive than
-+ * letting user to see 5% of disk space to be used directly after
-+ * mkfs.
-+ */
-+ total = reiser4_block_count(super);
-+ reserved = get_super_private(super)->blocks_reserved;
-+ deleted = txnmgr_count_deleted_blocks();
-+ free = reiser4_free_blocks(super) + deleted;
-+ forroot = reiser4_reserved_blocks(super, 0, 0);
-+
-+ /*
-+ * These counters may be in inconsistent state because we take the
-+ * values without keeping any global spinlock. Here we do a sanity
-+ * check that free block counter does not exceed the number of all
-+ * blocks.
-+ */
-+ if (free > total)
-+ free = total;
-+ statfs->f_blocks = total - reserved;
-+ /* make sure statfs->f_bfree is never larger than statfs->f_blocks */
-+ if (free > reserved)
-+ free -= reserved;
-+ else
-+ free = 0;
-+ statfs->f_bfree = free;
-+
-+ if (free > forroot)
-+ free -= forroot;
-+ else
-+ free = 0;
-+ statfs->f_bavail = free;
-+
-+ statfs->f_files = 0;
-+ statfs->f_ffree = 0;
-+
-+ /* maximal acceptable name length depends on directory plugin. */
-+ assert("nikita-3351", super->s_root->d_inode != NULL);
-+ statfs->f_namelen = reiser4_max_filename_len(super->s_root->d_inode);
-+ reiser4_exit_context(ctx);
-+ return 0;
-+}
-+
-+/**
-+ * reiser4_clear_inode - clear_inode of super operation
-+ * @inode: inode about to destroy
-+ *
-+ * Does sanity checks: being destroyed should have all jnodes detached.
-+ */
-+static void reiser4_clear_inode(struct inode *inode)
-+{
-+#if REISER4_DEBUG
-+ reiser4_inode *r4_inode;
-+
-+ r4_inode = reiser4_inode_data(inode);
-+ if (!inode_has_no_jnodes(r4_inode))
-+ warning("vs-1732", "reiser4 inode has %ld jnodes\n",
-+ r4_inode->nr_jnodes);
-+#endif
-+}
-+
-+/**
-+ * reiser4_sync_inodes - sync_inodes of super operations
-+ * @super:
-+ * @wbc:
-+ *
-+ * This method is called by background and non-backgound writeback. Reiser4's
-+ * implementation uses generic_sync_sb_inodes to call reiser4_writepages for
-+ * each of dirty inodes. Reiser4_writepages handles pages dirtied via shared
-+ * mapping - dirty pages get into atoms. Writeout is called to flush some
-+ * atoms.
-+ */
-+static void reiser4_sync_inodes(struct super_block *super,
-+ struct writeback_control *wbc)
-+{
-+ reiser4_context *ctx;
-+ long to_write;
-+
-+ if (wbc->for_kupdate)
-+ /* reiser4 has its own means of periodical write-out */
-+ return;
-+
-+ to_write = wbc->nr_to_write;
-+ assert("vs-49", wbc->older_than_this == NULL);
-+
-+ ctx = init_context(super);
-+ if (IS_ERR(ctx)) {
-+ warning("vs-13", "failed to init context");
-+ return;
-+ }
-+
-+ /*
-+ * call reiser4_writepages for each of dirty inodes to turn dirty pages
-+ * into transactions if they were not yet.
-+ */
-+ generic_sync_sb_inodes(super, wbc);
-+
-+ /* flush goes here */
-+ wbc->nr_to_write = to_write;
-+ writeout(super, wbc);
-+
-+ /* avoid recursive calls to ->sync_inodes */
-+ context_set_commit_async(ctx);
-+ reiser4_exit_context(ctx);
-+}
-+
-+/**
-+ * reiser4_show_options - show_options of super operations
-+ * @m: file where to write information
-+ * @mnt: mount structure
-+ *
-+ * Makes reiser4 mount options visible in /proc/mounts.
-+ */
-+static int reiser4_show_options(struct seq_file *m, struct vfsmount *mnt)
-+{
-+ struct super_block *super;
-+ reiser4_super_info_data *sbinfo;
-+
-+ super = mnt->mnt_sb;
-+ sbinfo = get_super_private(super);
-+
-+ seq_printf(m, ",atom_max_size=0x%x", sbinfo->tmgr.atom_max_size);
-+ seq_printf(m, ",atom_max_age=0x%x", sbinfo->tmgr.atom_max_age);
-+ seq_printf(m, ",atom_min_size=0x%x", sbinfo->tmgr.atom_min_size);
-+ seq_printf(m, ",atom_max_flushers=0x%x",
-+ sbinfo->tmgr.atom_max_flushers);
-+ seq_printf(m, ",cbk_cache_slots=0x%x",
-+ sbinfo->tree.cbk_cache.nr_slots);
-+
-+ return 0;
-+}
-+
-+struct super_operations reiser4_super_operations = {
-+ .alloc_inode = reiser4_alloc_inode,
-+ .destroy_inode = reiser4_destroy_inode,
-+ .dirty_inode = reiser4_dirty_inode,
-+ .delete_inode = reiser4_delete_inode,
-+ .put_super = reiser4_put_super,
-+ .write_super = reiser4_write_super,
-+ .statfs = reiser4_statfs,
-+ .clear_inode = reiser4_clear_inode,
-+ .sync_inodes = reiser4_sync_inodes,
-+ .show_options = reiser4_show_options
-+};
-+
-+/**
-+ * fill_super - initialize super block on mount
-+ * @super: super block to fill
-+ * @data: reiser4 specific mount option
-+ * @silent:
-+ *
-+ * This is to be called by reiser4_get_sb. Mounts filesystem.
-+ */
-+static int fill_super(struct super_block *super, void *data, int silent)
-+{
-+ reiser4_context ctx;
-+ int result;
-+ reiser4_super_info_data *sbinfo;
-+
-+ assert("zam-989", super != NULL);
-+
-+ super->s_op = NULL;
-+ init_stack_context(&ctx, super);
-+
-+ /* allocate reiser4 specific super block */
-+ if ((result = init_fs_info(super)) != 0)
-+ goto failed_init_sinfo;
-+
-+ sbinfo = get_super_private(super);
-+ /* initialize various reiser4 parameters, parse mount options */
-+ if ((result = init_super_data(super, data)) != 0)
-+ goto failed_init_super_data;
-+
-+ /* read reiser4 master super block, initialize disk format plugin */
-+ if ((result = init_read_super(super, silent)) != 0)
-+ goto failed_init_read_super;
-+
-+ /* initialize transaction manager */
-+ init_txnmgr(&sbinfo->tmgr);
-+
-+ /* initialize ktxnmgrd context and start kernel thread ktxnmrgd */
-+ if ((result = init_ktxnmgrd(super)) != 0)
-+ goto failed_init_ktxnmgrd;
-+
-+ /* initialize entd context and start kernel thread entd */
-+ if ((result = init_entd(super)) != 0)
-+ goto failed_init_entd;
-+
-+ /* initialize address spaces for formatted nodes and bitmaps */
-+ if ((result = init_formatted_fake(super)) != 0)
-+ goto failed_init_formatted_fake;
-+
-+ /* initialize disk format plugin */
-+ if ((result = get_super_private(super)->df_plug->init_format(super, data)) != 0 )
-+ goto failed_init_disk_format;
-+
-+ /*
-+ * There are some 'committed' versions of reiser4 super block counters,
-+ * which correspond to reiser4 on-disk state. These counters are
-+ * initialized here
-+ */
-+ sbinfo->blocks_free_committed = sbinfo->blocks_free;
-+ sbinfo->nr_files_committed = oids_used(super);
-+
-+ /* get inode of root directory */
-+ if ((result = init_root_inode(super)) != 0)
-+ goto failed_init_root_inode;
-+
-+ process_safelinks(super);
-+ reiser4_exit_context(&ctx);
-+
-+ sbinfo->debugfs_root = debugfs_create_dir(super->s_id,
-+ reiser4_debugfs_root);
-+ if (sbinfo->debugfs_root) {
-+ sbinfo->tmgr.debugfs_atom_count =
-+ debugfs_create_u32("atom_count", S_IFREG|S_IRUSR,
-+ sbinfo->debugfs_root,
-+ &sbinfo->tmgr.atom_count);
-+ sbinfo->tmgr.debugfs_id_count =
-+ debugfs_create_u32("id_count", S_IFREG|S_IRUSR,
-+ sbinfo->debugfs_root,
-+ &sbinfo->tmgr.id_count);
-+ }
-+ return 0;
-+
-+ failed_init_root_inode:
-+ if (sbinfo->df_plug->release)
-+ sbinfo->df_plug->release(super);
-+ failed_init_disk_format:
-+ done_formatted_fake(super);
-+ failed_init_formatted_fake:
-+ done_entd(super);
-+ failed_init_entd:
-+ done_ktxnmgrd(super);
-+ failed_init_ktxnmgrd:
-+ done_txnmgr(&sbinfo->tmgr);
-+ failed_init_read_super:
-+ failed_init_super_data:
-+ done_fs_info(super);
-+ failed_init_sinfo:
-+ reiser4_exit_context(&ctx);
-+ return result;
-+}
-+
-+/**
-+ * reiser4_get_sb - get_sb of file_system_type operations
-+ * @fs_type:
-+ * @flags: mount flags MS_RDONLY, MS_VERBOSE, etc
-+ * @dev_name: block device file name
-+ * @data: specific mount options
-+ *
-+ * Reiser4 mount entry.
-+ */
-+static struct super_block *reiser4_get_sb(struct file_system_type *fs_type,
-+ int flags,
-+ const char *dev_name,
-+ void *data)
-+{
-+ return get_sb_bdev(fs_type, flags, dev_name, data, fill_super);
-+}
-+
-+/* structure describing the reiser4 filesystem implementation */
-+static struct file_system_type reiser4_fs_type = {
-+ .owner = THIS_MODULE,
-+ .name = "reiser4",
-+ .fs_flags = FS_REQUIRES_DEV,
-+ .get_sb = reiser4_get_sb,
-+ .kill_sb = kill_block_super,
-+ .next = NULL
-+};
-+
-+void destroy_reiser4_cache(kmem_cache_t **cachep)
-+{
-+ int result;
-+
-+ BUG_ON(*cachep == NULL);
-+ result = kmem_cache_destroy(*cachep);
-+ BUG_ON(result != 0);
-+ *cachep = NULL;
-+}
-+
-+struct dentry *reiser4_debugfs_root = NULL;
-+
-+/**
-+ * init_reiser4 - reiser4 initialization entry point
-+ *
-+ * Initializes reiser4 slabs, registers reiser4 filesystem type. It is called
-+ * on kernel initialization or during reiser4 module load.
-+ */
-+static int __init init_reiser4(void)
-+{
-+ int result;
-+
-+ printk(KERN_INFO
-+ "Loading Reiser4. "
-+ "See www.namesys.com for a description of Reiser4.\n");
-+
-+ /* initialize slab cache of inodes */
-+ if ((result = init_inodes()) != 0)
-+ goto failed_inode_cache;
-+
-+ /* initialize cache of znodes */
-+ if ((result = init_znodes()) != 0)
-+ goto failed_init_znodes;
-+
-+ /* initialize all plugins */
-+ if ((result = init_plugins()) != 0)
-+ goto failed_init_plugins;
-+
-+ /* initialize cache of plugin_set-s and plugin_set's hash table */
-+ if ((result = init_plugin_set()) != 0)
-+ goto failed_init_plugin_set;
-+
-+ /* initialize caches of txn_atom-s and txn_handle-s */
-+ if ((result = init_txnmgr_static()) != 0)
-+ goto failed_init_txnmgr_static;
-+
-+ /* initialize cache of jnodes */
-+ if ((result = init_jnodes()) != 0)
-+ goto failed_init_jnodes;
-+
-+ /* initialize cache of flush queues */
-+ if ((result = init_fqs()) != 0)
-+ goto failed_init_fqs;
-+
-+ /* initialize cache of structures attached to dentry->d_fsdata */
-+ if ((result = init_dentry_fsdata()) != 0)
-+ goto failed_init_dentry_fsdata;
-+
-+ /* initialize cache of structures attached to file->private_data */
-+ if ((result = init_file_fsdata()) != 0)
-+ goto failed_init_file_fsdata;
-+
-+ /*
-+ * initialize cache of d_cursors. See plugin/file_ops_readdir.c for
-+ * more details
-+ */
-+ if ((result = init_d_cursor()) != 0)
-+ goto failed_init_d_cursor;
-+
-+ if ((result = register_filesystem(&reiser4_fs_type)) == 0) {
-+ reiser4_debugfs_root = debugfs_create_dir("reiser4", NULL);
-+ return 0;
-+ }
-+
-+ done_d_cursor();
-+ failed_init_d_cursor:
-+ done_file_fsdata();
-+ failed_init_file_fsdata:
-+ done_dentry_fsdata();
-+ failed_init_dentry_fsdata:
-+ done_fqs();
-+ failed_init_fqs:
-+ done_jnodes();
-+ failed_init_jnodes:
-+ done_txnmgr_static();
-+ failed_init_txnmgr_static:
-+ done_plugin_set();
-+ failed_init_plugin_set:
-+ failed_init_plugins:
-+ done_znodes();
-+ failed_init_znodes:
-+ done_inodes();
-+ failed_inode_cache:
-+ return result;
-+}
-+
-+/**
-+ * done_reiser4 - reiser4 exit entry point
-+ *
-+ * Unregister reiser4 filesystem type, deletes caches. It is called on shutdown
-+ * or at module unload.
-+ */
-+static void __exit done_reiser4(void)
-+{
-+ int result;
-+
-+ debugfs_remove(reiser4_debugfs_root);
-+ result = unregister_filesystem(&reiser4_fs_type);
-+ BUG_ON(result != 0);
-+ done_d_cursor();
-+ done_file_fsdata();
-+ done_dentry_fsdata();
-+ done_fqs();
-+ done_jnodes();
-+ done_txnmgr_static();
-+ done_plugin_set();
-+ done_znodes();
-+ destroy_reiser4_cache(&inode_cache);
-+}
-+
-+module_init(init_reiser4);
-+module_exit(done_reiser4);
-+
-+MODULE_DESCRIPTION("Reiser4 filesystem");
-+MODULE_AUTHOR("Hans Reiser <Reiser@Namesys.COM>");
-+
-+MODULE_LICENSE("GPL");
-+
-+/*
-+ * Local variables:
-+ * c-indentation-style: "K&R"
-+ * mode-name: "LC"
-+ * c-basic-offset: 8
-+ * tab-width: 8
-+ * fill-column: 79
-+ * End:
-+ */
-Index: linux-2.6.16/fs/reiser4/tap.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/tap.c
-@@ -0,0 +1,377 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/*
-+ Tree Access Pointer (tap).
-+
-+ tap is data structure combining coord and lock handle (mostly). It is
-+ useful when one has to scan tree nodes (for example, in readdir, or flush),
-+ for tap functions allow to move tap in either direction transparently
-+ crossing unit/item/node borders.
-+
-+ Tap doesn't provide automatic synchronization of its fields as it is
-+ supposed to be per-thread object.
-+*/
-+
-+#include "forward.h"
-+#include "debug.h"
-+#include "coord.h"
-+#include "tree.h"
-+#include "context.h"
-+#include "tap.h"
-+#include "znode.h"
-+#include "tree_walk.h"
-+
-+#if REISER4_DEBUG
-+static int tap_invariant(const tap_t * tap);
-+static void tap_check(const tap_t * tap);
-+#else
-+#define tap_check(tap) noop
-+#endif
-+
-+/** load node tap is pointing to, if not loaded already */
-+int tap_load(tap_t * tap)
-+{
-+ tap_check(tap);
-+ if (tap->loaded == 0) {
-+ int result;
-+
-+ result = zload_ra(tap->coord->node, &tap->ra_info);
-+ if (result != 0)
-+ return result;
-+ coord_clear_iplug(tap->coord);
-+ }
-+ ++tap->loaded;
-+ tap_check(tap);
-+ return 0;
-+}
-+
-+/** release node tap is pointing to. Dual to tap_load() */
-+void tap_relse(tap_t * tap)
-+{
-+ tap_check(tap);
-+ if (tap->loaded > 0) {
-+ --tap->loaded;
-+ if (tap->loaded == 0) {
-+ zrelse(tap->coord->node);
-+ }
-+ }
-+ tap_check(tap);
-+}
-+
-+/**
-+ * init tap to consist of @coord and @lh. Locks on nodes will be acquired with
-+ * @mode
-+ */
-+void
-+tap_init(tap_t * tap, coord_t * coord, lock_handle * lh, znode_lock_mode mode)
-+{
-+ tap->coord = coord;
-+ tap->lh = lh;
-+ tap->mode = mode;
-+ tap->loaded = 0;
-+ INIT_LIST_HEAD(&tap->linkage);
-+ init_ra_info(&tap->ra_info);
-+}
-+
-+/** add @tap to the per-thread list of all taps */
-+void tap_monitor(tap_t * tap)
-+{
-+ assert("nikita-2623", tap != NULL);
-+ tap_check(tap);
-+ list_add(&tap->linkage, taps_list());
-+ tap_check(tap);
-+}
-+
-+/* duplicate @src into @dst. Copy lock handle. @dst is not initially
-+ * loaded. */
-+void tap_copy(tap_t * dst, tap_t * src)
-+{
-+ assert("nikita-3193", src != NULL);
-+ assert("nikita-3194", dst != NULL);
-+
-+ *dst->coord = *src->coord;
-+ if (src->lh->node)
-+ copy_lh(dst->lh, src->lh);
-+ dst->mode = src->mode;
-+ dst->loaded = 0;
-+ INIT_LIST_HEAD(&dst->linkage);
-+ dst->ra_info = src->ra_info;
-+}
-+
-+/** finish with @tap */
-+void tap_done(tap_t * tap)
-+{
-+ assert("nikita-2565", tap != NULL);
-+ tap_check(tap);
-+ if (tap->loaded > 0)
-+ zrelse(tap->coord->node);
-+ done_lh(tap->lh);
-+ tap->loaded = 0;
-+ list_del_init(&tap->linkage);
-+ tap->coord->node = NULL;
-+}
-+
-+/**
-+ * move @tap to the new node, locked with @target. Load @target, if @tap was
-+ * already loaded.
-+ */
-+int tap_move(tap_t * tap, lock_handle * target)
-+{
-+ int result = 0;
-+
-+ assert("nikita-2567", tap != NULL);
-+ assert("nikita-2568", target != NULL);
-+ assert("nikita-2570", target->node != NULL);
-+ assert("nikita-2569", tap->coord->node == tap->lh->node);
-+
-+ tap_check(tap);
-+ if (tap->loaded > 0)
-+ result = zload_ra(target->node, &tap->ra_info);
-+
-+ if (result == 0) {
-+ if (tap->loaded > 0)
-+ zrelse(tap->coord->node);
-+ done_lh(tap->lh);
-+ copy_lh(tap->lh, target);
-+ tap->coord->node = target->node;
-+ coord_clear_iplug(tap->coord);
-+ }
-+ tap_check(tap);
-+ return result;
-+}
-+
-+/**
-+ * move @tap to @target. Acquire lock on @target, if @tap was already
-+ * loaded.
-+ */
-+static int tap_to(tap_t * tap, znode * target)
-+{
-+ int result;
-+
-+ assert("nikita-2624", tap != NULL);
-+ assert("nikita-2625", target != NULL);
-+
-+ tap_check(tap);
-+ result = 0;
-+ if (tap->coord->node != target) {
-+ lock_handle here;
-+
-+ init_lh(&here);
-+ result = longterm_lock_znode(&here, target,
-+ tap->mode, ZNODE_LOCK_HIPRI);
-+ if (result == 0) {
-+ result = tap_move(tap, &here);
-+ done_lh(&here);
-+ }
-+ }
-+ tap_check(tap);
-+ return result;
-+}
-+
-+/**
-+ * move @tap to given @target, loading and locking @target->node if
-+ * necessary
-+ */
-+int tap_to_coord(tap_t * tap, coord_t * target)
-+{
-+ int result;
-+
-+ tap_check(tap);
-+ result = tap_to(tap, target->node);
-+ if (result == 0)
-+ coord_dup(tap->coord, target);
-+ tap_check(tap);
-+ return result;
-+}
-+
-+/** return list of all taps */
-+struct list_head *taps_list(void)
-+{
-+ return &get_current_context()->taps;
-+}
-+
-+/** helper function for go_{next,prev}_{item,unit,node}() */
-+int go_dir_el(tap_t * tap, sideof dir, int units_p)
-+{
-+ coord_t dup;
-+ coord_t *coord;
-+ int result;
-+
-+ int (*coord_dir) (coord_t *);
-+ int (*get_dir_neighbor) (lock_handle *, znode *, int, int);
-+ void (*coord_init) (coord_t *, const znode *);
-+ ON_DEBUG(int (*coord_check) (const coord_t *));
-+
-+ assert("nikita-2556", tap != NULL);
-+ assert("nikita-2557", tap->coord != NULL);
-+ assert("nikita-2558", tap->lh != NULL);
-+ assert("nikita-2559", tap->coord->node != NULL);
-+
-+ tap_check(tap);
-+ if (dir == LEFT_SIDE) {
-+ coord_dir = units_p ? coord_prev_unit : coord_prev_item;
-+ get_dir_neighbor = reiser4_get_left_neighbor;
-+ coord_init = coord_init_last_unit;
-+ } else {
-+ coord_dir = units_p ? coord_next_unit : coord_next_item;
-+ get_dir_neighbor = reiser4_get_right_neighbor;
-+ coord_init = coord_init_first_unit;
-+ }
-+ ON_DEBUG(coord_check =
-+ units_p ? coord_is_existing_unit : coord_is_existing_item);
-+ assert("nikita-2560", coord_check(tap->coord));
-+
-+ coord = tap->coord;
-+ coord_dup(&dup, coord);
-+ if (coord_dir(&dup) != 0) {
-+ do {
-+ /* move to the left neighboring node */
-+ lock_handle dup;
-+
-+ init_lh(&dup);
-+ result =
-+ get_dir_neighbor(&dup, coord->node, (int)tap->mode,
-+ GN_CAN_USE_UPPER_LEVELS);
-+ if (result == 0) {
-+ result = tap_move(tap, &dup);
-+ if (result == 0)
-+ coord_init(tap->coord, dup.node);
-+ done_lh(&dup);
-+ }
-+ /* skip empty nodes */
-+ } while ((result == 0) && node_is_empty(coord->node));
-+ } else {
-+ result = 0;
-+ coord_dup(coord, &dup);
-+ }
-+ assert("nikita-2564", ergo(!result, coord_check(tap->coord)));
-+ tap_check(tap);
-+ return result;
-+}
-+
-+/**
-+ * move @tap to the next unit, transparently crossing item and node
-+ * boundaries
-+ */
-+int go_next_unit(tap_t * tap)
-+{
-+ return go_dir_el(tap, RIGHT_SIDE, 1);
-+}
-+
-+/**
-+ * move @tap to the previous unit, transparently crossing item and node
-+ * boundaries
-+ */
-+int go_prev_unit(tap_t * tap)
-+{
-+ return go_dir_el(tap, LEFT_SIDE, 1);
-+}
-+
-+/**
-+ * @shift times apply @actor to the @tap. This is used to move @tap by
-+ * @shift units (or items, or nodes) in either direction.
-+ */
-+static int rewind_to(tap_t * tap, go_actor_t actor, int shift)
-+{
-+ int result;
-+
-+ assert("nikita-2555", shift >= 0);
-+ assert("nikita-2562", tap->coord->node == tap->lh->node);
-+
-+ tap_check(tap);
-+ result = tap_load(tap);
-+ if (result != 0)
-+ return result;
-+
-+ for (; shift > 0; --shift) {
-+ result = actor(tap);
-+ assert("nikita-2563", tap->coord->node == tap->lh->node);
-+ if (result != 0)
-+ break;
-+ }
-+ tap_relse(tap);
-+ tap_check(tap);
-+ return result;
-+}
-+
-+/** move @tap @shift units rightward */
-+int rewind_right(tap_t * tap, int shift)
-+{
-+ return rewind_to(tap, go_next_unit, shift);
-+}
-+
-+/** move @tap @shift units leftward */
-+int rewind_left(tap_t * tap, int shift)
-+{
-+ return rewind_to(tap, go_prev_unit, shift);
-+}
-+
-+#if REISER4_DEBUG
-+/** debugging function: print @tap content in human readable form */
-+static void print_tap(const char *prefix, const tap_t * tap)
-+{
-+ if (tap == NULL) {
-+ printk("%s: null tap\n", prefix);
-+ return;
-+ }
-+ printk("%s: loaded: %i, in-list: %i, node: %p, mode: %s\n", prefix,
-+ tap->loaded, (&tap->linkage == tap->linkage.next &&
-+ &tap->linkage == tap->linkage.prev),
-+ tap->lh->node,
-+ lock_mode_name(tap->mode));
-+ print_coord("\tcoord", tap->coord, 0);
-+}
-+
-+/** check [tap-sane] invariant */
-+static int tap_invariant(const tap_t * tap)
-+{
-+ /* [tap-sane] invariant */
-+
-+ if (tap == NULL)
-+ return 1;
-+ /* tap->mode is one of
-+ *
-+ * {ZNODE_NO_LOCK, ZNODE_READ_LOCK, ZNODE_WRITE_LOCK}, and
-+ */
-+ if (tap->mode != ZNODE_NO_LOCK &&
-+ tap->mode != ZNODE_READ_LOCK && tap->mode != ZNODE_WRITE_LOCK)
-+ return 2;
-+ /* tap->coord != NULL, and */
-+ if (tap->coord == NULL)
-+ return 3;
-+ /* tap->lh != NULL, and */
-+ if (tap->lh == NULL)
-+ return 4;
-+ /* tap->loaded > 0 => znode_is_loaded(tap->coord->node), and */
-+ if (!ergo(tap->loaded, znode_is_loaded(tap->coord->node)))
-+ return 5;
-+ /* tap->coord->node == tap->lh->node if tap->lh->node is not 0 */
-+ if (tap->lh->node != NULL && tap->coord->node != tap->lh->node)
-+ return 6;
-+ return 0;
-+}
-+
-+/** debugging function: check internal @tap consistency */
-+static void tap_check(const tap_t * tap)
-+{
-+ int result;
-+
-+ result = tap_invariant(tap);
-+ if (result != 0) {
-+ print_tap("broken", tap);
-+ reiser4_panic("nikita-2831", "tap broken: %i\n", result);
-+ }
-+}
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/tap.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/tap.h
-@@ -0,0 +1,69 @@
-+/* Copyright 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* Tree Access Pointers. See tap.c for more details. */
-+
-+#if !defined( __REISER4_TAP_H__ )
-+#define __REISER4_TAP_H__
-+
-+#include "forward.h"
-+#include "readahead.h"
-+
-+/**
-+ tree_access_pointer aka tap. Data structure combining coord_t and lock
-+ handle.
-+ Invariants involving this data-type, see doc/lock-ordering for details:
-+
-+ [tap-sane]
-+ */
-+struct tree_access_pointer {
-+ /* coord tap is at */
-+ coord_t *coord;
-+ /* lock handle on ->coord->node */
-+ lock_handle *lh;
-+ /* mode of lock acquired by this tap */
-+ znode_lock_mode mode;
-+ /* incremented by tap_load(). Decremented by tap_relse(). */
-+ int loaded;
-+ /* list of taps */
-+ struct list_head linkage;
-+ /* read-ahead hint */
-+ ra_info_t ra_info;
-+};
-+
-+typedef int (*go_actor_t) (tap_t * tap);
-+
-+extern int tap_load(tap_t * tap);
-+extern void tap_relse(tap_t * tap);
-+extern void tap_init(tap_t * tap, coord_t * coord, lock_handle * lh,
-+ znode_lock_mode mode);
-+extern void tap_monitor(tap_t * tap);
-+extern void tap_copy(tap_t * dst, tap_t * src);
-+extern void tap_done(tap_t * tap);
-+extern int tap_move(tap_t * tap, lock_handle * target);
-+extern int tap_to_coord(tap_t * tap, coord_t * target);
-+
-+extern int go_dir_el(tap_t * tap, sideof dir, int units_p);
-+extern int go_next_unit(tap_t * tap);
-+extern int go_prev_unit(tap_t * tap);
-+extern int rewind_right(tap_t * tap, int shift);
-+extern int rewind_left(tap_t * tap, int shift);
-+
-+extern struct list_head *taps_list(void);
-+
-+#define for_all_taps(tap) \
-+ for (tap = list_entry(taps_list()->next, tap_t, linkage); \
-+ taps_list() != &tap->linkage; \
-+ tap = list_entry(tap->linkage.next, tap_t, linkage))
-+
-+/* __REISER4_TAP_H__ */
-+#endif
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/tree.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/tree.c
-@@ -0,0 +1,1875 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/*
-+ * KEYS IN A TREE.
-+ *
-+ * The tree consists of nodes located on the disk. Node in the tree is either
-+ * formatted or unformatted. Formatted node is one that has structure
-+ * understood by the tree balancing and traversal code. Formatted nodes are
-+ * further classified into leaf and internal nodes. Latter distinctions is
-+ * (almost) of only historical importance: general structure of leaves and
-+ * internal nodes is the same in Reiser4. Unformatted nodes contain raw data
-+ * that are part of bodies of ordinary files and attributes.
-+ *
-+ * Each node in the tree spawns some interval in the key space. Key ranges for
-+ * all nodes in the tree are disjoint. Actually, this only holds in some weak
-+ * sense, because of the non-unique keys: intersection of key ranges for
-+ * different nodes is either empty, or consists of exactly one key.
-+ *
-+ * Formatted node consists of a sequence of items. Each item spawns some
-+ * interval in key space. Key ranges for all items in a tree are disjoint,
-+ * modulo non-unique keys again. Items within nodes are ordered in the key
-+ * order of the smallest key in a item.
-+ *
-+ * Particular type of item can be further split into units. Unit is piece of
-+ * item that can be cut from item and moved into another item of the same
-+ * time. Units are used by balancing code to repack data during balancing.
-+ *
-+ * Unit can be further split into smaller entities (for example, extent unit
-+ * represents several pages, and it is natural for extent code to operate on
-+ * particular pages and even bytes within one unit), but this is of no
-+ * relevance to the generic balancing and lookup code.
-+ *
-+ * Although item is said to "spawn" range or interval of keys, it is not
-+ * necessary that item contains piece of data addressable by each and every
-+ * key in this range. For example, compound directory item, consisting of
-+ * units corresponding to directory entries and keyed by hashes of file names,
-+ * looks more as having "discrete spectrum": only some disjoint keys inside
-+ * range occupied by this item really address data.
-+ *
-+ * No than less, each item always has well-defined least (minimal) key, that
-+ * is recorded in item header, stored in the node this item is in. Also, item
-+ * plugin can optionally define method ->max_key_inside() returning maximal
-+ * key that can _possibly_ be located within this item. This method is used
-+ * (mainly) to determine when given piece of data should be merged into
-+ * existing item, in stead of creating new one. Because of this, even though
-+ * ->max_key_inside() can be larger that any key actually located in the item,
-+ * intervals
-+ *
-+ * [ min_key( item ), ->max_key_inside( item ) ]
-+ *
-+ * are still disjoint for all items within the _same_ node.
-+ *
-+ * In memory node is represented by znode. It plays several roles:
-+ *
-+ * . something locks are taken on
-+ *
-+ * . something tracked by transaction manager (this is going to change)
-+ *
-+ * . something used to access node data
-+ *
-+ * . something used to maintain tree structure in memory: sibling and
-+ * parental linkage.
-+ *
-+ * . something used to organize nodes into "slums"
-+ *
-+ * More on znodes see in znode.[ch]
-+ *
-+ * DELIMITING KEYS
-+ *
-+ * To simplify balancing, allow some flexibility in locking and speed up
-+ * important coord cache optimization, we keep delimiting keys of nodes in
-+ * memory. Depending on disk format (implemented by appropriate node plugin)
-+ * node on disk can record both left and right delimiting key, only one of
-+ * them, or none. Still, our balancing and tree traversal code keep both
-+ * delimiting keys for a node that is in memory stored in the znode. When
-+ * node is first brought into memory during tree traversal, its left
-+ * delimiting key is taken from its parent, and its right delimiting key is
-+ * either next key in its parent, or is right delimiting key of parent if
-+ * node is the rightmost child of parent.
-+ *
-+ * Physical consistency of delimiting key is protected by special dk
-+ * read-write lock. That is, delimiting keys can only be inspected or
-+ * modified under this lock. But dk lock is only sufficient for fast
-+ * "pessimistic" check, because to simplify code and to decrease lock
-+ * contention, balancing (carry) only updates delimiting keys right before
-+ * unlocking all locked nodes on the given tree level. For example,
-+ * coord-by-key cache scans LRU list of recently accessed znodes. For each
-+ * node it first does fast check under dk spin lock. If key looked for is
-+ * not between delimiting keys for this node, next node is inspected and so
-+ * on. If key is inside of the key range, long term lock is taken on node
-+ * and key range is rechecked.
-+ *
-+ * COORDINATES
-+ *
-+ * To find something in the tree, you supply a key, and the key is resolved
-+ * by coord_by_key() into a coord (coordinate) that is valid as long as the
-+ * node the coord points to remains locked. As mentioned above trees
-+ * consist of nodes that consist of items that consist of units. A unit is
-+ * the smallest and indivisible piece of tree as far as balancing and tree
-+ * search are concerned. Each node, item, and unit can be addressed by
-+ * giving its level in the tree and the key occupied by this entity. A node
-+ * knows what the key ranges are of the items within it, and how to find its
-+ * items and invoke their item handlers, but it does not know how to access
-+ * individual units within its items except through the item handlers.
-+ * coord is a structure containing a pointer to the node, the ordinal number
-+ * of the item within this node (a sort of item offset), and the ordinal
-+ * number of the unit within this item.
-+ *
-+ * TREE LOOKUP
-+ *
-+ * There are two types of access to the tree: lookup and modification.
-+ *
-+ * Lookup is a search for the key in the tree. Search can look for either
-+ * exactly the key given to it, or for the largest key that is not greater
-+ * than the key given to it. This distinction is determined by "bias"
-+ * parameter of search routine (coord_by_key()). coord_by_key() either
-+ * returns error (key is not in the tree, or some kind of external error
-+ * occurred), or successfully resolves key into coord.
-+ *
-+ * This resolution is done by traversing tree top-to-bottom from root level
-+ * to the desired level. On levels above twig level (level one above the
-+ * leaf level) nodes consist exclusively of internal items. Internal item is
-+ * nothing more than pointer to the tree node on the child level. On twig
-+ * level nodes consist of internal items intermixed with extent
-+ * items. Internal items form normal search tree structure used by traversal
-+ * to descent through the tree.
-+ *
-+ * TREE LOOKUP OPTIMIZATIONS
-+ *
-+ * Tree lookup described above is expensive even if all nodes traversed are
-+ * already in the memory: for each node binary search within it has to be
-+ * performed and binary searches are CPU consuming and tend to destroy CPU
-+ * caches.
-+ *
-+ * Several optimizations are used to work around this:
-+ *
-+ * . cbk_cache (look-aside cache for tree traversals, see search.c for
-+ * details)
-+ *
-+ * . seals (see seal.[ch])
-+ *
-+ * . vroot (see search.c)
-+ *
-+ * General search-by-key is layered thusly:
-+ *
-+ * [check seal, if any] --ok--> done
-+ * |
-+ * failed
-+ * |
-+ * V
-+ * [vroot defined] --no--> node = tree_root
-+ * | |
-+ * yes |
-+ * | |
-+ * V |
-+ * node = vroot |
-+ * | |
-+ * | |
-+ * | |
-+ * V V
-+ * [check cbk_cache for key] --ok--> done
-+ * |
-+ * failed
-+ * |
-+ * V
-+ * [start tree traversal from node]
-+ *
-+ */
-+
-+#include "forward.h"
-+#include "debug.h"
-+#include "dformat.h"
-+#include "key.h"
-+#include "coord.h"
-+#include "plugin/item/static_stat.h"
-+#include "plugin/item/item.h"
-+#include "plugin/node/node.h"
-+#include "plugin/plugin.h"
-+#include "txnmgr.h"
-+#include "jnode.h"
-+#include "znode.h"
-+#include "block_alloc.h"
-+#include "tree_walk.h"
-+#include "carry.h"
-+#include "carry_ops.h"
-+#include "tap.h"
-+#include "tree.h"
-+#include "vfs_ops.h"
-+#include "page_cache.h"
-+#include "super.h"
-+#include "reiser4.h"
-+#include "inode.h"
-+
-+#include <linux/fs.h> /* for struct super_block */
-+#include <linux/spinlock.h>
-+
-+/* Disk address (block number) never ever used for any real tree node. This is
-+ used as block number of "uber" znode.
-+
-+ Invalid block addresses are 0 by tradition.
-+
-+*/
-+const reiser4_block_nr UBER_TREE_ADDR = 0ull;
-+
-+#define CUT_TREE_MIN_ITERATIONS 64
-+
-+static int find_child_by_addr(znode * parent, znode * child, coord_t * result);
-+
-+/* return node plugin of coord->node */
-+node_plugin *node_plugin_by_coord(const coord_t * coord)
-+{
-+ assert("vs-1", coord != NULL);
-+ assert("vs-2", coord->node != NULL);
-+
-+ return coord->node->nplug;
-+}
-+
-+/* insert item into tree. Fields of @coord are updated so that they can be
-+ * used by consequent insert operation. */
-+insert_result insert_by_key(reiser4_tree * tree /* tree to insert new item
-+ * into */ ,
-+ const reiser4_key * key /* key of new item */ ,
-+ reiser4_item_data * data /* parameters for item
-+ * creation */ ,
-+ coord_t * coord /* resulting insertion coord */ ,
-+ lock_handle * lh /* resulting lock
-+ * handle */ ,
-+ tree_level stop_level /** level where to insert */ ,
-+ __u32 flags /* insertion flags */ )
-+{
-+ int result;
-+
-+ assert("nikita-358", tree != NULL);
-+ assert("nikita-360", coord != NULL);
-+
-+ result = coord_by_key(tree, key, coord, lh, ZNODE_WRITE_LOCK,
-+ FIND_EXACT, stop_level, stop_level,
-+ flags | CBK_FOR_INSERT, NULL /*ra_info */ );
-+ switch (result) {
-+ default:
-+ break;
-+ case CBK_COORD_FOUND:
-+ result = IBK_ALREADY_EXISTS;
-+ break;
-+ case CBK_COORD_NOTFOUND:
-+ assert("nikita-2017", coord->node != NULL);
-+ result = insert_by_coord(coord, data, key, lh, 0 /*flags */ );
-+ break;
-+ }
-+ return result;
-+}
-+
-+/* insert item by calling carry. Helper function called if short-cut
-+ insertion failed */
-+static insert_result insert_with_carry_by_coord(coord_t * coord, /* coord where to insert */
-+ lock_handle * lh, /* lock handle of insertion
-+ * node */
-+ reiser4_item_data * data, /* parameters of new
-+ * item */
-+ const reiser4_key * key, /* key of new item */
-+ carry_opcode cop, /* carry operation to perform */
-+ cop_insert_flag flags
-+ /* carry flags */ )
-+{
-+ int result;
-+ carry_pool *pool;
-+ carry_level *lowest_level;
-+ carry_insert_data *cdata;
-+ carry_op *op;
-+
-+ assert("umka-314", coord != NULL);
-+
-+ /* allocate carry_pool and 3 carry_level-s */
-+ pool =
-+ init_carry_pool(sizeof(*pool) + 3 * sizeof(*lowest_level) +
-+ sizeof(*cdata));
-+ if (IS_ERR(pool))
-+ return PTR_ERR(pool);
-+ lowest_level = (carry_level *) (pool + 1);
-+ init_carry_level(lowest_level, pool);
-+
-+ op = post_carry(lowest_level, cop, coord->node, 0);
-+ if (IS_ERR(op) || (op == NULL)) {
-+ done_carry_pool(pool);
-+ return RETERR(op ? PTR_ERR(op) : -EIO);
-+ }
-+ cdata = (carry_insert_data *) (lowest_level + 3);
-+ cdata->coord = coord;
-+ cdata->data = data;
-+ cdata->key = key;
-+ op->u.insert.d = cdata;
-+ if (flags == 0)
-+ flags = znode_get_tree(coord->node)->carry.insert_flags;
-+ op->u.insert.flags = flags;
-+ op->u.insert.type = COPT_ITEM_DATA;
-+ op->u.insert.child = NULL;
-+ if (lh != NULL) {
-+ assert("nikita-3245", lh->node == coord->node);
-+ lowest_level->track_type = CARRY_TRACK_CHANGE;
-+ lowest_level->tracked = lh;
-+ }
-+
-+ result = carry(lowest_level, NULL);
-+ done_carry_pool(pool);
-+
-+ return result;
-+}
-+
-+/* form carry queue to perform paste of @data with @key at @coord, and launch
-+ its execution by calling carry().
-+
-+ Instruct carry to update @lh it after balancing insertion coord moves into
-+ different block.
-+
-+*/
-+static int paste_with_carry(coord_t * coord, /* coord of paste */
-+ lock_handle * lh, /* lock handle of node
-+ * where item is
-+ * pasted */
-+ reiser4_item_data * data, /* parameters of new
-+ * item */
-+ const reiser4_key * key, /* key of new item */
-+ unsigned flags /* paste flags */ )
-+{
-+ int result;
-+ carry_pool *pool;
-+ carry_level *lowest_level;
-+ carry_insert_data *cdata;
-+ carry_op *op;
-+
-+ assert("umka-315", coord != NULL);
-+ assert("umka-316", key != NULL);
-+
-+ pool =
-+ init_carry_pool(sizeof(*pool) + 3 * sizeof(*lowest_level) +
-+ sizeof(*cdata));
-+ if (IS_ERR(pool))
-+ return PTR_ERR(pool);
-+ lowest_level = (carry_level *) (pool + 1);
-+ init_carry_level(lowest_level, pool);
-+
-+ op = post_carry(lowest_level, COP_PASTE, coord->node, 0);
-+ if (IS_ERR(op) || (op == NULL)) {
-+ done_carry_pool(pool);
-+ return RETERR(op ? PTR_ERR(op) : -EIO);
-+ }
-+ cdata = (carry_insert_data *) (lowest_level + 3);
-+ cdata->coord = coord;
-+ cdata->data = data;
-+ cdata->key = key;
-+ op->u.paste.d = cdata;
-+ if (flags == 0)
-+ flags = znode_get_tree(coord->node)->carry.paste_flags;
-+ op->u.paste.flags = flags;
-+ op->u.paste.type = COPT_ITEM_DATA;
-+ if (lh != NULL) {
-+ lowest_level->track_type = CARRY_TRACK_CHANGE;
-+ lowest_level->tracked = lh;
-+ }
-+
-+ result = carry(lowest_level, NULL);
-+ done_carry_pool(pool);
-+
-+ return result;
-+}
-+
-+/* insert item at the given coord.
-+
-+ First try to skip carry by directly calling ->create_item() method of node
-+ plugin. If this is impossible (there is not enough free space in the node,
-+ or leftmost item in the node is created), call insert_with_carry_by_coord()
-+ that will do full carry().
-+
-+*/
-+insert_result insert_by_coord(coord_t * coord /* coord where to
-+ * insert. coord->node has
-+ * to be write locked by
-+ * caller */ ,
-+ reiser4_item_data * data /* data to be
-+ * inserted */ ,
-+ const reiser4_key * key /* key of new item */ ,
-+ lock_handle * lh /* lock handle of write
-+ * lock on node */ ,
-+ __u32 flags /* insertion flags */ )
-+{
-+ unsigned item_size;
-+ int result;
-+ znode *node;
-+
-+ assert("vs-247", coord != NULL);
-+ assert("vs-248", data != NULL);
-+ assert("vs-249", data->length >= 0);
-+ assert("nikita-1191", znode_is_write_locked(coord->node));
-+
-+ node = coord->node;
-+ coord_clear_iplug(coord);
-+ result = zload(node);
-+ if (result != 0)
-+ return result;
-+
-+ item_size = space_needed(node, NULL, data, 1);
-+ if (item_size > znode_free_space(node) &&
-+ (flags & COPI_DONT_SHIFT_LEFT) && (flags & COPI_DONT_SHIFT_RIGHT)
-+ && (flags & COPI_DONT_ALLOCATE)) {
-+ /* we are forced to use free space of coord->node and new item
-+ does not fit into it.
-+
-+ Currently we get here only when we allocate and copy units
-+ of extent item from a node to its left neighbor during
-+ "squalloc"-ing. If @node (this is left neighbor) does not
-+ have enough free space - we do not want to attempt any
-+ shifting and allocations because we are in squeezing and
-+ everything to the left of @node is tightly packed.
-+ */
-+ result = -E_NODE_FULL;
-+ } else if ((item_size <= znode_free_space(node)) &&
-+ !coord_is_before_leftmost(coord) &&
-+ (node_plugin_by_node(node)->fast_insert != NULL)
-+ && node_plugin_by_node(node)->fast_insert(coord)) {
-+ /* shortcut insertion without carry() overhead.
-+
-+ Only possible if:
-+
-+ - there is enough free space
-+
-+ - insertion is not into the leftmost position in a node
-+ (otherwise it would require updating of delimiting key in a
-+ parent)
-+
-+ - node plugin agrees with this
-+
-+ */
-+ result =
-+ node_plugin_by_node(node)->create_item(coord, key, data,
-+ NULL);
-+ znode_make_dirty(node);
-+ } else {
-+ /* otherwise do full-fledged carry(). */
-+ result =
-+ insert_with_carry_by_coord(coord, lh, data, key, COP_INSERT,
-+ flags);
-+ }
-+ zrelse(node);
-+ return result;
-+}
-+
-+/* @coord is set to leaf level and @data is to be inserted to twig level */
-+insert_result
-+insert_extent_by_coord(coord_t *
-+ coord
-+ /* coord where to insert. coord->node * has to be write * locked by caller */
-+ ,
-+ reiser4_item_data * data /* data to be inserted */ ,
-+ const reiser4_key * key /* key of new item */ ,
-+ lock_handle *
-+ lh /* lock handle of write lock on * node */ )
-+{
-+ assert("vs-405", coord != NULL);
-+ assert("vs-406", data != NULL);
-+ assert("vs-407", data->length > 0);
-+ assert("vs-408", znode_is_write_locked(coord->node));
-+ assert("vs-409", znode_get_level(coord->node) == LEAF_LEVEL);
-+
-+ return insert_with_carry_by_coord(coord, lh, data, key, COP_EXTENT,
-+ 0 /*flags */ );
-+}
-+
-+/* Insert into the item at the given coord.
-+
-+ First try to skip carry by directly calling ->paste() method of item
-+ plugin. If this is impossible (there is not enough free space in the node,
-+ or we are pasting into leftmost position in the node), call
-+ paste_with_carry() that will do full carry().
-+
-+*/
-+/* paste_into_item */
-+int insert_into_item(coord_t * coord /* coord of pasting */ ,
-+ lock_handle * lh /* lock handle on node involved */ ,
-+ const reiser4_key * key /* key of unit being pasted */ ,
-+ reiser4_item_data * data /* parameters for new unit */ ,
-+ unsigned flags /* insert/paste flags */ )
-+{
-+ int result;
-+ int size_change;
-+ node_plugin *nplug;
-+ item_plugin *iplug;
-+
-+ assert("umka-317", coord != NULL);
-+ assert("umka-318", key != NULL);
-+
-+ iplug = item_plugin_by_coord(coord);
-+ nplug = node_plugin_by_coord(coord);
-+
-+ assert("nikita-1480", iplug == data->iplug);
-+
-+ size_change = space_needed(coord->node, coord, data, 0);
-+ if (size_change > (int)znode_free_space(coord->node) &&
-+ (flags & COPI_DONT_SHIFT_LEFT) && (flags & COPI_DONT_SHIFT_RIGHT)
-+ && (flags & COPI_DONT_ALLOCATE)) {
-+ /* we are forced to use free space of coord->node and new data
-+ does not fit into it. */
-+ return -E_NODE_FULL;
-+ }
-+
-+ /* shortcut paste without carry() overhead.
-+
-+ Only possible if:
-+
-+ - there is enough free space
-+
-+ - paste is not into the leftmost unit in a node (otherwise
-+ it would require updating of delimiting key in a parent)
-+
-+ - node plugin agrees with this
-+
-+ - item plugin agrees with us
-+ */
-+ if (size_change <= (int)znode_free_space(coord->node) &&
-+ (coord->item_pos != 0 ||
-+ coord->unit_pos != 0 || coord->between == AFTER_UNIT) &&
-+ coord->unit_pos != 0 && nplug->fast_paste != NULL &&
-+ nplug->fast_paste(coord) &&
-+ iplug->b.fast_paste != NULL && iplug->b.fast_paste(coord)) {
-+ if (size_change > 0)
-+ nplug->change_item_size(coord, size_change);
-+ /* NOTE-NIKITA: huh? where @key is used? */
-+ result = iplug->b.paste(coord, data, NULL);
-+ if (size_change < 0)
-+ nplug->change_item_size(coord, size_change);
-+ znode_make_dirty(coord->node);
-+ } else
-+ /* otherwise do full-fledged carry(). */
-+ result = paste_with_carry(coord, lh, data, key, flags);
-+ return result;
-+}
-+
-+/* this either appends or truncates item @coord */
-+int resize_item(coord_t * coord /* coord of item being resized */ ,
-+ reiser4_item_data * data /* parameters of resize */ ,
-+ reiser4_key * key /* key of new unit */ ,
-+ lock_handle * lh /* lock handle of node
-+ * being modified */ ,
-+ cop_insert_flag flags /* carry flags */ )
-+{
-+ int result;
-+ znode *node;
-+
-+ assert("nikita-362", coord != NULL);
-+ assert("nikita-363", data != NULL);
-+ assert("vs-245", data->length != 0);
-+
-+ node = coord->node;
-+ coord_clear_iplug(coord);
-+ result = zload(node);
-+ if (result != 0)
-+ return result;
-+
-+ if (data->length < 0)
-+ result = node_plugin_by_coord(coord)->shrink_item(coord,
-+ -data->length);
-+ else
-+ result = insert_into_item(coord, lh, key, data, flags);
-+
-+ zrelse(node);
-+ return result;
-+}
-+
-+/* insert flow @f */
-+int insert_flow(coord_t * coord, lock_handle * lh, flow_t * f)
-+{
-+ int result;
-+ carry_pool *pool;
-+ carry_level *lowest_level;
-+ reiser4_item_data *data;
-+ carry_op *op;
-+
-+ pool =
-+ init_carry_pool(sizeof(*pool) + 3 * sizeof(*lowest_level) +
-+ sizeof(*data));
-+ if (IS_ERR(pool))
-+ return PTR_ERR(pool);
-+ lowest_level = (carry_level *) (pool + 1);
-+ init_carry_level(lowest_level, pool);
-+
-+ op = post_carry(lowest_level, COP_INSERT_FLOW, coord->node,
-+ 0 /* operate directly on coord -> node */ );
-+ if (IS_ERR(op) || (op == NULL)) {
-+ done_carry_pool(pool);
-+ return RETERR(op ? PTR_ERR(op) : -EIO);
-+ }
-+
-+ /* these are permanent during insert_flow */
-+ data = (reiser4_item_data *) (lowest_level + 3);
-+ data->user = 1;
-+ data->iplug = item_plugin_by_id(FORMATTING_ID);
-+ data->arg = NULL;
-+ /* data.length and data.data will be set before calling paste or
-+ insert */
-+ data->length = 0;
-+ data->data = NULL;
-+
-+ op->u.insert_flow.flags = 0;
-+ op->u.insert_flow.insert_point = coord;
-+ op->u.insert_flow.flow = f;
-+ op->u.insert_flow.data = data;
-+ op->u.insert_flow.new_nodes = 0;
-+
-+ lowest_level->track_type = CARRY_TRACK_CHANGE;
-+ lowest_level->tracked = lh;
-+
-+ result = carry(lowest_level, NULL);
-+ done_carry_pool(pool);
-+
-+ return result;
-+}
-+
-+/* Given a coord in parent node, obtain a znode for the corresponding child */
-+znode *child_znode(const coord_t * parent_coord /* coord of pointer to
-+ * child */ ,
-+ znode * parent /* parent of child */ ,
-+ int incore_p /* if !0 only return child if already in
-+ * memory */ ,
-+ int setup_dkeys_p /* if !0 update delimiting keys of
-+ * child */ )
-+{
-+ znode *child;
-+
-+ assert("nikita-1374", parent_coord != NULL);
-+ assert("nikita-1482", parent != NULL);
-+#if REISER4_DEBUG
-+ if (setup_dkeys_p)
-+ assert_rw_not_locked(&(znode_get_tree(parent)->dk_lock));
-+#endif
-+ assert("nikita-2947", znode_is_any_locked(parent));
-+
-+ if (znode_get_level(parent) <= LEAF_LEVEL) {
-+ /* trying to get child of leaf node */
-+ warning("nikita-1217", "Child of maize?");
-+ return ERR_PTR(RETERR(-EIO));
-+ }
-+ if (item_is_internal(parent_coord)) {
-+ reiser4_block_nr addr;
-+ item_plugin *iplug;
-+ reiser4_tree *tree;
-+
-+ iplug = item_plugin_by_coord(parent_coord);
-+ assert("vs-512", iplug->s.internal.down_link);
-+ iplug->s.internal.down_link(parent_coord, NULL, &addr);
-+
-+ tree = znode_get_tree(parent);
-+ if (incore_p)
-+ child = zlook(tree, &addr);
-+ else
-+ child =
-+ zget(tree, &addr, parent,
-+ znode_get_level(parent) - 1, get_gfp_mask());
-+ if ((child != NULL) && !IS_ERR(child) && setup_dkeys_p)
-+ set_child_delimiting_keys(parent, parent_coord, child);
-+ } else {
-+ warning("nikita-1483", "Internal item expected");
-+ child = ERR_PTR(RETERR(-EIO));
-+ }
-+ return child;
-+}
-+
-+/* remove znode from transaction */
-+static void uncapture_znode(znode * node)
-+{
-+ struct page *page;
-+
-+ assert("zam-1001", ZF_ISSET(node, JNODE_HEARD_BANSHEE));
-+
-+ if (!blocknr_is_fake(znode_get_block(node))) {
-+ int ret;
-+
-+ /* An already allocated block goes right to the atom's delete set. */
-+ ret =
-+ reiser4_dealloc_block(znode_get_block(node), 0,
-+ BA_DEFER | BA_FORMATTED);
-+ if (ret)
-+ warning("zam-942",
-+ "can\'t add a block (%llu) number to atom's delete set\n",
-+ (unsigned long long)(*znode_get_block(node)));
-+
-+ spin_lock_znode(node);
-+ /* Here we return flush reserved block which was reserved at the
-+ * moment when this allocated node was marked dirty and still
-+ * not used by flush in node relocation procedure. */
-+ if (ZF_ISSET(node, JNODE_FLUSH_RESERVED)) {
-+ txn_atom *atom;
-+
-+ atom = jnode_get_atom(ZJNODE(node));
-+ assert("zam-939", atom != NULL);
-+ spin_unlock_znode(node);
-+ flush_reserved2grabbed(atom, (__u64) 1);
-+ spin_unlock_atom(atom);
-+ } else
-+ spin_unlock_znode(node);
-+ } else {
-+ /* znode has assigned block which is counted as "fake
-+ allocated". Return it back to "free blocks") */
-+ fake_allocated2free((__u64) 1, BA_FORMATTED);
-+ }
-+
-+ /*
-+ * uncapture page from transaction. There is a possibility of a race
-+ * with ->releasepage(): reiser4_releasepage() detaches page from this
-+ * jnode and we have nothing to uncapture. To avoid this, get
-+ * reference of node->pg under jnode spin lock. uncapture_page() will
-+ * deal with released page itself.
-+ */
-+ spin_lock_znode(node);
-+ page = znode_page(node);
-+ if (likely(page != NULL)) {
-+ /*
-+ * uncapture_page() can only be called when we are sure that
-+ * znode is pinned in memory, which we are, because
-+ * forget_znode() is only called from longterm_unlock_znode().
-+ */
-+ page_cache_get(page);
-+ spin_unlock_znode(node);
-+ lock_page(page);
-+ uncapture_page(page);
-+ unlock_page(page);
-+ page_cache_release(page);
-+ } else {
-+ txn_atom *atom;
-+
-+ /* handle "flush queued" znodes */
-+ while (1) {
-+ atom = jnode_get_atom(ZJNODE(node));
-+ assert("zam-943", atom != NULL);
-+
-+ if (!ZF_ISSET(node, JNODE_FLUSH_QUEUED)
-+ || !atom->nr_running_queues)
-+ break;
-+
-+ spin_unlock_znode(node);
-+ atom_wait_event(atom);
-+ spin_lock_znode(node);
-+ }
-+
-+ uncapture_block(ZJNODE(node));
-+ spin_unlock_atom(atom);
-+ zput(node);
-+ }
-+}
-+
-+/* This is called from longterm_unlock_znode() when last lock is released from
-+ the node that has been removed from the tree. At this point node is removed
-+ from sibling list and its lock is invalidated. */
-+void forget_znode(lock_handle * handle)
-+{
-+ znode *node;
-+ reiser4_tree *tree;
-+
-+ assert("umka-319", handle != NULL);
-+
-+ node = handle->node;
-+ tree = znode_get_tree(node);
-+
-+ assert("vs-164", znode_is_write_locked(node));
-+ assert("nikita-1280", ZF_ISSET(node, JNODE_HEARD_BANSHEE));
-+ assert_rw_locked(&(node->lock.guard));
-+
-+ /* We assume that this node was detached from its parent before
-+ * unlocking, it gives no way to reach this node from parent through a
-+ * down link. The node should have no children and, thereby, can't be
-+ * reached from them by their parent pointers. The only way to obtain a
-+ * reference to the node is to use sibling pointers from its left and
-+ * right neighbors. In the next several lines we remove the node from
-+ * the sibling list. */
-+
-+ write_lock_tree(tree);
-+ sibling_list_remove(node);
-+ znode_remove(node, tree);
-+ write_unlock_tree(tree);
-+
-+ /* Here we set JNODE_DYING and cancel all pending lock requests. It
-+ * forces all lock requestor threads to repeat iterations of getting
-+ * lock on a child, neighbor or parent node. But, those threads can't
-+ * come to this node again, because this node is no longer a child,
-+ * neighbor or parent of any other node. This order of znode
-+ * invalidation does not allow other threads to waste cpu time is a busy
-+ * loop, trying to lock dying object. The exception is in the flush
-+ * code when we take node directly from atom's capture list.*/
-+ invalidate_lock(handle);
-+ uncapture_znode(node);
-+}
-+
-+/* Check that internal item at @pointer really contains pointer to @child. */
-+int check_tree_pointer(const coord_t * pointer /* would-be pointer to
-+ * @child */ ,
-+ const znode * child /* child znode */ )
-+{
-+ assert("nikita-1016", pointer != NULL);
-+ assert("nikita-1017", child != NULL);
-+ assert("nikita-1018", pointer->node != NULL);
-+
-+ assert("nikita-1325", znode_is_any_locked(pointer->node));
-+
-+ assert("nikita-2985",
-+ znode_get_level(pointer->node) == znode_get_level(child) + 1);
-+
-+ coord_clear_iplug((coord_t *) pointer);
-+
-+ if (coord_is_existing_unit(pointer)) {
-+ item_plugin *iplug;
-+ reiser4_block_nr addr;
-+
-+ if (item_is_internal(pointer)) {
-+ iplug = item_plugin_by_coord(pointer);
-+ assert("vs-513", iplug->s.internal.down_link);
-+ iplug->s.internal.down_link(pointer, NULL, &addr);
-+ /* check that cached value is correct */
-+ if (disk_addr_eq(&addr, znode_get_block(child))) {
-+ return NS_FOUND;
-+ }
-+ }
-+ }
-+ /* warning ("jmacd-1002", "tree pointer incorrect"); */
-+ return NS_NOT_FOUND;
-+}
-+
-+/* find coord of pointer to new @child in @parent.
-+
-+ Find the &coord_t in the @parent where pointer to a given @child will
-+ be in.
-+
-+*/
-+int find_new_child_ptr(znode * parent /* parent znode, passed locked */ ,
-+ znode *
-+ child UNUSED_ARG /* child znode, passed locked */ ,
-+ znode * left /* left brother of new node */ ,
-+ coord_t * result /* where result is stored in */ )
-+{
-+ int ret;
-+
-+ assert("nikita-1486", parent != NULL);
-+ assert("nikita-1487", child != NULL);
-+ assert("nikita-1488", result != NULL);
-+
-+ ret = find_child_ptr(parent, left, result);
-+ if (ret != NS_FOUND) {
-+ warning("nikita-1489", "Cannot find brother position: %i", ret);
-+ return RETERR(-EIO);
-+ } else {
-+ result->between = AFTER_UNIT;
-+ return RETERR(NS_NOT_FOUND);
-+ }
-+}
-+
-+/* find coord of pointer to @child in @parent.
-+
-+ Find the &coord_t in the @parent where pointer to a given @child is in.
-+
-+*/
-+int find_child_ptr(znode * parent /* parent znode, passed locked */ ,
-+ znode * child /* child znode, passed locked */ ,
-+ coord_t * result /* where result is stored in */ )
-+{
-+ int lookup_res;
-+ node_plugin *nplug;
-+ /* left delimiting key of a child */
-+ reiser4_key ld;
-+ reiser4_tree *tree;
-+
-+ assert("nikita-934", parent != NULL);
-+ assert("nikita-935", child != NULL);
-+ assert("nikita-936", result != NULL);
-+ assert("zam-356", znode_is_loaded(parent));
-+
-+ coord_init_zero(result);
-+ result->node = parent;
-+
-+ nplug = parent->nplug;
-+ assert("nikita-939", nplug != NULL);
-+
-+ tree = znode_get_tree(parent);
-+ /* NOTE-NIKITA taking read-lock on tree here assumes that @result is
-+ * not aliased to ->in_parent of some znode. Otherwise,
-+ * parent_coord_to_coord() below would modify data protected by tree
-+ * lock. */
-+ read_lock_tree(tree);
-+ /* fast path. Try to use cached value. Lock tree to keep
-+ node->pos_in_parent and pos->*_blocknr consistent. */
-+ if (child->in_parent.item_pos + 1 != 0) {
-+ parent_coord_to_coord(&child->in_parent, result);
-+ if (check_tree_pointer(result, child) == NS_FOUND) {
-+ read_unlock_tree(tree);
-+ return NS_FOUND;
-+ }
-+
-+ child->in_parent.item_pos = (unsigned short)~0;
-+ }
-+ read_unlock_tree(tree);
-+
-+ /* is above failed, find some key from @child. We are looking for the
-+ least key in a child. */
-+ read_lock_dk(tree);
-+ ld = *znode_get_ld_key(child);
-+ read_unlock_dk(tree);
-+ /*
-+ * now, lookup parent with key just found. Note, that left delimiting
-+ * key doesn't identify node uniquely, because (in extremely rare
-+ * case) two nodes can have equal left delimiting keys, if one of them
-+ * is completely filled with directory entries that all happened to be
-+ * hash collision. But, we check block number in check_tree_pointer()
-+ * and, so, are safe.
-+ */
-+ lookup_res = nplug->lookup(parent, &ld, FIND_EXACT, result);
-+ /* update cached pos_in_node */
-+ if (lookup_res == NS_FOUND) {
-+ write_lock_tree(tree);
-+ coord_to_parent_coord(result, &child->in_parent);
-+ write_unlock_tree(tree);
-+ lookup_res = check_tree_pointer(result, child);
-+ }
-+ if (lookup_res == NS_NOT_FOUND)
-+ lookup_res = find_child_by_addr(parent, child, result);
-+ return lookup_res;
-+}
-+
-+/* find coord of pointer to @child in @parent by scanning
-+
-+ Find the &coord_t in the @parent where pointer to a given @child
-+ is in by scanning all internal items in @parent and comparing block
-+ numbers in them with that of @child.
-+
-+*/
-+static int find_child_by_addr(znode * parent /* parent znode, passed locked */ ,
-+ znode * child /* child znode, passed locked */ ,
-+ coord_t * result /* where result is stored in */ )
-+{
-+ int ret;
-+
-+ assert("nikita-1320", parent != NULL);
-+ assert("nikita-1321", child != NULL);
-+ assert("nikita-1322", result != NULL);
-+
-+ ret = NS_NOT_FOUND;
-+
-+ for_all_units(result, parent) {
-+ if (check_tree_pointer(result, child) == NS_FOUND) {
-+ write_lock_tree(znode_get_tree(parent));
-+ coord_to_parent_coord(result, &child->in_parent);
-+ write_unlock_tree(znode_get_tree(parent));
-+ ret = NS_FOUND;
-+ break;
-+ }
-+ }
-+ return ret;
-+}
-+
-+/* true, if @addr is "unallocated block number", which is just address, with
-+ highest bit set. */
-+int is_disk_addr_unallocated(const reiser4_block_nr * addr /* address to
-+ * check */ )
-+{
-+ assert("nikita-1766", addr != NULL);
-+ cassert(sizeof(reiser4_block_nr) == 8);
-+ return (*addr & REISER4_BLOCKNR_STATUS_BIT_MASK) ==
-+ REISER4_UNALLOCATED_STATUS_VALUE;
-+}
-+
-+/* returns true if removing bytes of given range of key [from_key, to_key]
-+ causes removing of whole item @from */
-+static int
-+item_removed_completely(coord_t * from, const reiser4_key * from_key,
-+ const reiser4_key * to_key)
-+{
-+ item_plugin *iplug;
-+ reiser4_key key_in_item;
-+
-+ assert("umka-325", from != NULL);
-+ assert("", item_is_extent(from));
-+
-+ /* check first key just for case */
-+ item_key_by_coord(from, &key_in_item);
-+ if (keygt(from_key, &key_in_item))
-+ return 0;
-+
-+ /* check last key */
-+ iplug = item_plugin_by_coord(from);
-+ assert("vs-611", iplug && iplug->s.file.append_key);
-+
-+ iplug->s.file.append_key(from, &key_in_item);
-+ set_key_offset(&key_in_item, get_key_offset(&key_in_item) - 1);
-+
-+ if (keylt(to_key, &key_in_item))
-+ /* last byte is not removed */
-+ return 0;
-+ return 1;
-+}
-+
-+/* helper function for prepare_twig_kill(): @left and @right are formatted
-+ * neighbors of extent item being completely removed. Load and lock neighbors
-+ * and store lock handles into @cdata for later use by kill_hook_extent() */
-+static int
-+prepare_children(znode * left, znode * right, carry_kill_data * kdata)
-+{
-+ int result;
-+ int left_loaded;
-+ int right_loaded;
-+
-+ result = 0;
-+ left_loaded = right_loaded = 0;
-+
-+ if (left != NULL) {
-+ result = zload(left);
-+ if (result == 0) {
-+ left_loaded = 1;
-+ result = longterm_lock_znode(kdata->left, left,
-+ ZNODE_READ_LOCK,
-+ ZNODE_LOCK_LOPRI);
-+ }
-+ }
-+ if (result == 0 && right != NULL) {
-+ result = zload(right);
-+ if (result == 0) {
-+ right_loaded = 1;
-+ result = longterm_lock_znode(kdata->right, right,
-+ ZNODE_READ_LOCK,
-+ ZNODE_LOCK_HIPRI |
-+ ZNODE_LOCK_NONBLOCK);
-+ }
-+ }
-+ if (result != 0) {
-+ done_lh(kdata->left);
-+ done_lh(kdata->right);
-+ if (left_loaded != 0)
-+ zrelse(left);
-+ if (right_loaded != 0)
-+ zrelse(right);
-+ }
-+ return result;
-+}
-+
-+static void done_children(carry_kill_data * kdata)
-+{
-+ if (kdata->left != NULL && kdata->left->node != NULL) {
-+ zrelse(kdata->left->node);
-+ done_lh(kdata->left);
-+ }
-+ if (kdata->right != NULL && kdata->right->node != NULL) {
-+ zrelse(kdata->right->node);
-+ done_lh(kdata->right);
-+ }
-+}
-+
-+/* part of cut_node. It is called when cut_node is called to remove or cut part
-+ of extent item. When head of that item is removed - we have to update right
-+ delimiting of left neighbor of extent. When item is removed completely - we
-+ have to set sibling link between left and right neighbor of removed
-+ extent. This may return -E_DEADLOCK because of trying to get left neighbor
-+ locked. So, caller should repeat an attempt
-+*/
-+/* Audited by: umka (2002.06.16) */
-+static int
-+prepare_twig_kill(carry_kill_data * kdata, znode * locked_left_neighbor)
-+{
-+ int result;
-+ reiser4_key key;
-+ lock_handle left_lh;
-+ lock_handle right_lh;
-+ coord_t left_coord;
-+ coord_t *from;
-+ znode *left_child;
-+ znode *right_child;
-+ reiser4_tree *tree;
-+ int left_zloaded_here, right_zloaded_here;
-+
-+ from = kdata->params.from;
-+ assert("umka-326", from != NULL);
-+ assert("umka-327", kdata->params.to != NULL);
-+
-+ /* for one extent item only yet */
-+ assert("vs-591", item_is_extent(from));
-+ assert("vs-592", from->item_pos == kdata->params.to->item_pos);
-+
-+ if ((kdata->params.from_key
-+ && keygt(kdata->params.from_key, item_key_by_coord(from, &key)))
-+ || from->unit_pos != 0) {
-+ /* head of item @from is not removed, there is nothing to
-+ worry about */
-+ return 0;
-+ }
-+
-+ result = 0;
-+ left_zloaded_here = 0;
-+ right_zloaded_here = 0;
-+
-+ left_child = right_child = NULL;
-+
-+ coord_dup(&left_coord, from);
-+ init_lh(&left_lh);
-+ init_lh(&right_lh);
-+ if (coord_prev_unit(&left_coord)) {
-+ /* @from is leftmost item in its node */
-+ if (!locked_left_neighbor) {
-+ result =
-+ reiser4_get_left_neighbor(&left_lh, from->node,
-+ ZNODE_READ_LOCK,
-+ GN_CAN_USE_UPPER_LEVELS);
-+ switch (result) {
-+ case 0:
-+ break;
-+ case -E_NO_NEIGHBOR:
-+ /* there is no formatted node to the left of
-+ from->node */
-+ warning("vs-605",
-+ "extent item has smallest key in "
-+ "the tree and it is about to be removed");
-+ return 0;
-+ case -E_DEADLOCK:
-+ /* need to restart */
-+ default:
-+ return result;
-+ }
-+
-+ /* we have acquired left neighbor of from->node */
-+ result = zload(left_lh.node);
-+ if (result)
-+ goto done;
-+
-+ locked_left_neighbor = left_lh.node;
-+ } else {
-+ /* squalloc_right_twig_cut should have supplied locked
-+ * left neighbor */
-+ assert("vs-834",
-+ znode_is_write_locked(locked_left_neighbor));
-+ result = zload(locked_left_neighbor);
-+ if (result)
-+ return result;
-+ }
-+
-+ left_zloaded_here = 1;
-+ coord_init_last_unit(&left_coord, locked_left_neighbor);
-+ }
-+
-+ if (!item_is_internal(&left_coord)) {
-+ /* what else but extent can be on twig level */
-+ assert("vs-606", item_is_extent(&left_coord));
-+
-+ /* there is no left formatted child */
-+ if (left_zloaded_here)
-+ zrelse(locked_left_neighbor);
-+ done_lh(&left_lh);
-+ return 0;
-+ }
-+
-+ tree = znode_get_tree(left_coord.node);
-+ left_child = child_znode(&left_coord, left_coord.node, 1, 0);
-+
-+ if (IS_ERR(left_child)) {
-+ result = PTR_ERR(left_child);
-+ goto done;
-+ }
-+
-+ /* left child is acquired, calculate new right delimiting key for it
-+ and get right child if it is necessary */
-+ if (item_removed_completely
-+ (from, kdata->params.from_key, kdata->params.to_key)) {
-+ /* try to get right child of removed item */
-+ coord_t right_coord;
-+
-+ assert("vs-607",
-+ kdata->params.to->unit_pos ==
-+ coord_last_unit_pos(kdata->params.to));
-+ coord_dup(&right_coord, kdata->params.to);
-+ if (coord_next_unit(&right_coord)) {
-+ /* @to is rightmost unit in the node */
-+ result =
-+ reiser4_get_right_neighbor(&right_lh, from->node,
-+ ZNODE_READ_LOCK,
-+ GN_CAN_USE_UPPER_LEVELS);
-+ switch (result) {
-+ case 0:
-+ result = zload(right_lh.node);
-+ if (result)
-+ goto done;
-+
-+ right_zloaded_here = 1;
-+ coord_init_first_unit(&right_coord,
-+ right_lh.node);
-+ item_key_by_coord(&right_coord, &key);
-+ break;
-+
-+ case -E_NO_NEIGHBOR:
-+ /* there is no formatted node to the right of
-+ from->node */
-+ read_lock_dk(tree);
-+ key = *znode_get_rd_key(from->node);
-+ read_unlock_dk(tree);
-+ right_coord.node = NULL;
-+ result = 0;
-+ break;
-+ default:
-+ /* real error */
-+ goto done;
-+ }
-+ } else {
-+ /* there is an item to the right of @from - take its key */
-+ item_key_by_coord(&right_coord, &key);
-+ }
-+
-+ /* try to get right child of @from */
-+ if (right_coord.node && /* there is right neighbor of @from */
-+ item_is_internal(&right_coord)) { /* it is internal item */
-+ right_child = child_znode(&right_coord,
-+ right_coord.node, 1, 0);
-+
-+ if (IS_ERR(right_child)) {
-+ result = PTR_ERR(right_child);
-+ goto done;
-+ }
-+
-+ }
-+ /* whole extent is removed between znodes left_child and right_child. Prepare them for linking and
-+ update of right delimiting key of left_child */
-+ result = prepare_children(left_child, right_child, kdata);
-+ } else {
-+ /* head of item @to is removed. left_child has to get right delimting key update. Prepare it for that */
-+ result = prepare_children(left_child, NULL, kdata);
-+ }
-+
-+ done:
-+ if (right_child)
-+ zput(right_child);
-+ if (right_zloaded_here)
-+ zrelse(right_lh.node);
-+ done_lh(&right_lh);
-+
-+ if (left_child)
-+ zput(left_child);
-+ if (left_zloaded_here)
-+ zrelse(locked_left_neighbor);
-+ done_lh(&left_lh);
-+ return result;
-+}
-+
-+/* this is used to remove part of node content between coordinates @from and @to. Units to which @from and @to are set
-+ are to be cut completely */
-+/* for try_to_merge_with_left, delete_copied, delete_node */
-+int cut_node_content(coord_t * from, coord_t * to, const reiser4_key * from_key, /* first key to be removed */
-+ const reiser4_key * to_key, /* last key to be removed */
-+ reiser4_key *
-+ smallest_removed /* smallest key actually removed */ )
-+{
-+ int result;
-+ carry_pool *pool;
-+ carry_level *lowest_level;
-+ carry_cut_data *cut_data;
-+ carry_op *op;
-+
-+ assert("vs-1715", coord_compare(from, to) != COORD_CMP_ON_RIGHT);
-+
-+ pool =
-+ init_carry_pool(sizeof(*pool) + 3 * sizeof(*lowest_level) +
-+ sizeof(*cut_data));
-+ if (IS_ERR(pool))
-+ return PTR_ERR(pool);
-+ lowest_level = (carry_level *) (pool + 1);
-+ init_carry_level(lowest_level, pool);
-+
-+ op = post_carry(lowest_level, COP_CUT, from->node, 0);
-+ assert("vs-1509", op != 0);
-+ if (IS_ERR(op)) {
-+ done_carry_pool(pool);
-+ return PTR_ERR(op);
-+ }
-+
-+ cut_data = (carry_cut_data *) (lowest_level + 3);
-+ cut_data->params.from = from;
-+ cut_data->params.to = to;
-+ cut_data->params.from_key = from_key;
-+ cut_data->params.to_key = to_key;
-+ cut_data->params.smallest_removed = smallest_removed;
-+
-+ op->u.cut_or_kill.is_cut = 1;
-+ op->u.cut_or_kill.u.cut = cut_data;
-+
-+ result = carry(lowest_level, NULL);
-+ done_carry_pool(pool);
-+
-+ return result;
-+}
-+
-+/* cut part of the node
-+
-+ Cut part or whole content of node.
-+
-+ cut data between @from and @to of @from->node and call carry() to make
-+ corresponding changes in the tree. @from->node may become empty. If so -
-+ pointer to it will be removed. Neighboring nodes are not changed. Smallest
-+ removed key is stored in @smallest_removed
-+
-+*/
-+int kill_node_content(coord_t * from, /* coord of the first unit/item that will be eliminated */
-+ coord_t * to, /* coord of the last unit/item that will be eliminated */
-+ const reiser4_key * from_key, /* first key to be removed */
-+ const reiser4_key * to_key, /* last key to be removed */
-+ reiser4_key * smallest_removed, /* smallest key actually removed */
-+ znode * locked_left_neighbor, /* this is set when kill_node_content is called with left neighbor
-+ * locked (in squalloc_right_twig_cut, namely) */
-+ struct inode *inode, /* inode of file whose item (or its part) is to be killed. This is necessary to
-+ invalidate pages together with item pointing to them */
-+ int truncate)
-+{ /* this call is made for file truncate) */
-+ int result;
-+ carry_pool *pool;
-+ carry_level *lowest_level;
-+ carry_kill_data *kdata;
-+ lock_handle *left_child;
-+ lock_handle *right_child;
-+ carry_op *op;
-+
-+ assert("umka-328", from != NULL);
-+ assert("vs-316", !node_is_empty(from->node));
-+ assert("nikita-1812", coord_is_existing_unit(from)
-+ && coord_is_existing_unit(to));
-+
-+ /* allocate carry_pool, 3 carry_level-s, carry_kill_data and structures for kill_hook_extent */
-+ pool = init_carry_pool(sizeof(*pool) + 3 * sizeof(*lowest_level) +
-+ sizeof(carry_kill_data) +
-+ 2 * sizeof(lock_handle) +
-+ 5 * sizeof(reiser4_key) + 2 * sizeof(coord_t));
-+ if (IS_ERR(pool))
-+ return PTR_ERR(pool);
-+
-+ lowest_level = (carry_level *) (pool + 1);
-+ init_carry_level(lowest_level, pool);
-+
-+ kdata = (carry_kill_data *) (lowest_level + 3);
-+ left_child = (lock_handle *) (kdata + 1);
-+ right_child = left_child + 1;
-+
-+ init_lh(left_child);
-+ init_lh(right_child);
-+
-+ kdata->params.from = from;
-+ kdata->params.to = to;
-+ kdata->params.from_key = from_key;
-+ kdata->params.to_key = to_key;
-+ kdata->params.smallest_removed = smallest_removed;
-+ kdata->params.truncate = truncate;
-+ kdata->flags = 0;
-+ kdata->inode = inode;
-+ kdata->left = left_child;
-+ kdata->right = right_child;
-+ /* memory for 5 reiser4_key and 2 coord_t will be used in kill_hook_extent */
-+ kdata->buf = (char *)(right_child + 1);
-+
-+ if (znode_get_level(from->node) == TWIG_LEVEL && item_is_extent(from)) {
-+ /* left child of extent item may have to get updated right
-+ delimiting key and to get linked with right child of extent
-+ @from if it will be removed completely */
-+ result = prepare_twig_kill(kdata, locked_left_neighbor);
-+ if (result) {
-+ done_children(kdata);
-+ done_carry_pool(pool);
-+ return result;
-+ }
-+ }
-+
-+ op = post_carry(lowest_level, COP_CUT, from->node, 0);
-+ if (IS_ERR(op) || (op == NULL)) {
-+ done_children(kdata);
-+ done_carry_pool(pool);
-+ return RETERR(op ? PTR_ERR(op) : -EIO);
-+ }
-+
-+ op->u.cut_or_kill.is_cut = 0;
-+ op->u.cut_or_kill.u.kill = kdata;
-+
-+ result = carry(lowest_level, NULL);
-+
-+ done_children(kdata);
-+ done_carry_pool(pool);
-+ return result;
-+}
-+
-+void
-+fake_kill_hook_tail(struct inode *inode, loff_t start, loff_t end, int truncate)
-+{
-+ if (inode_get_flag(inode, REISER4_HAS_MMAP)) {
-+ pgoff_t start_pg, end_pg;
-+
-+ start_pg = start >> PAGE_CACHE_SHIFT;
-+ end_pg = (end - 1) >> PAGE_CACHE_SHIFT;
-+
-+ if ((start & (PAGE_CACHE_SIZE - 1)) == 0) {
-+ /*
-+ * kill up to the page boundary.
-+ */
-+ assert("vs-123456", start_pg == end_pg);
-+ reiser4_invalidate_pages(inode->i_mapping, start_pg, 1,
-+ truncate);
-+ } else if (start_pg != end_pg) {
-+ /*
-+ * page boundary is within killed portion of node.
-+ */
-+ assert("vs-654321", end_pg - start_pg == 1);
-+ reiser4_invalidate_pages(inode->i_mapping, end_pg,
-+ end_pg - start_pg, 1);
-+ }
-+ }
-+ inode_sub_bytes(inode, end - start);
-+}
-+
-+/**
-+ * Delete whole @node from the reiser4 tree without loading it.
-+ *
-+ * @left: locked left neighbor,
-+ * @node: node to be deleted,
-+ * @smallest_removed: leftmost key of deleted node,
-+ * @object: inode pointer, if we truncate a file body.
-+ * @truncate: true if called for file truncate.
-+ *
-+ * @return: 0 if success, error code otherwise.
-+ *
-+ * NOTE: if @object!=NULL we assume that @smallest_removed != NULL and it
-+ * contains the right value of the smallest removed key from the previous
-+ * cut_worker() iteration. This is needed for proper accounting of
-+ * "i_blocks" and "i_bytes" fields of the @object.
-+ */
-+int delete_node(znode * node, reiser4_key * smallest_removed,
-+ struct inode *object, int truncate)
-+{
-+ lock_handle parent_lock;
-+ coord_t cut_from;
-+ coord_t cut_to;
-+ reiser4_tree *tree;
-+ int ret;
-+
-+ assert("zam-937", node != NULL);
-+ assert("zam-933", znode_is_write_locked(node));
-+ assert("zam-999", smallest_removed != NULL);
-+
-+ init_lh(&parent_lock);
-+
-+ ret = reiser4_get_parent(&parent_lock, node, ZNODE_WRITE_LOCK);
-+ if (ret)
-+ return ret;
-+
-+ assert("zam-934", !znode_above_root(parent_lock.node));
-+
-+ ret = zload(parent_lock.node);
-+ if (ret)
-+ goto failed_nozrelse;
-+
-+ ret = find_child_ptr(parent_lock.node, node, &cut_from);
-+ if (ret)
-+ goto failed;
-+
-+ /* decrement child counter and set parent pointer to NULL before
-+ deleting the list from parent node because of checks in
-+ internal_kill_item_hook (we can delete the last item from the parent
-+ node, the parent node is going to be deleted and its c_count should
-+ be zero). */
-+
-+ tree = znode_get_tree(node);
-+ write_lock_tree(tree);
-+ init_parent_coord(&node->in_parent, NULL);
-+ --parent_lock.node->c_count;
-+ write_unlock_tree(tree);
-+
-+ assert("zam-989", item_is_internal(&cut_from));
-+
-+ /* @node should be deleted after unlocking. */
-+ ZF_SET(node, JNODE_HEARD_BANSHEE);
-+
-+ /* remove a pointer from the parent node to the node being deleted. */
-+ coord_dup(&cut_to, &cut_from);
-+ /* FIXME: shouldn't this be kill_node_content */
-+ ret = cut_node_content(&cut_from, &cut_to, NULL, NULL, NULL);
-+ if (ret)
-+ /* FIXME(Zam): Should we re-connect the node to its parent if
-+ * cut_node fails? */
-+ goto failed;
-+
-+ {
-+ reiser4_tree *tree = current_tree;
-+ __u64 start_offset = 0, end_offset = 0;
-+
-+ read_lock_tree(tree);
-+ write_lock_dk(tree);
-+ if (object) {
-+ /* We use @smallest_removed and the left delimiting of
-+ * the current node for @object->i_blocks, i_bytes
-+ * calculation. We assume that the items after the
-+ * *@smallest_removed key have been deleted from the
-+ * file body. */
-+ start_offset = get_key_offset(znode_get_ld_key(node));
-+ end_offset = get_key_offset(smallest_removed);
-+ }
-+
-+ assert("zam-1021", znode_is_connected(node));
-+ if (node->left)
-+ znode_set_rd_key(node->left, znode_get_rd_key(node));
-+
-+ *smallest_removed = *znode_get_ld_key(node);
-+
-+ write_unlock_dk(tree);
-+ read_unlock_tree(tree);
-+
-+ if (object) {
-+ /* we used to perform actions which are to be performed on items on their removal from tree in
-+ special item method - kill_hook. Here for optimization reasons we avoid reading node
-+ containing item we remove and can not call item's kill hook. Instead we call function which
-+ does exactly the same things as tail kill hook in assumption that node we avoid reading
-+ contains only one item and that item is a tail one. */
-+ fake_kill_hook_tail(object, start_offset, end_offset,
-+ truncate);
-+ }
-+ }
-+ failed:
-+ zrelse(parent_lock.node);
-+ failed_nozrelse:
-+ done_lh(&parent_lock);
-+
-+ return ret;
-+}
-+
-+static int can_delete(const reiser4_key *key, znode *node)
-+{
-+ int result;
-+
-+ read_lock_dk(current_tree);
-+ result = keyle(key, znode_get_ld_key(node));
-+ read_unlock_dk(current_tree);
-+ return result;
-+}
-+
-+/**
-+ * This subroutine is not optimal but implementation seems to
-+ * be easier).
-+ *
-+ * @tap: the point deletion process begins from,
-+ * @from_key: the beginning of the deleted key range,
-+ * @to_key: the end of the deleted key range,
-+ * @smallest_removed: the smallest removed key,
-+ * @truncate: true if called for file truncate.
-+ * @progress: return true if a progress in file items deletions was made,
-+ * @smallest_removed value is actual in that case.
-+ *
-+ * @return: 0 if success, error code otherwise, -E_REPEAT means that long cut_tree
-+ * operation was interrupted for allowing atom commit .
-+ */
-+int
-+cut_tree_worker_common(tap_t * tap, const reiser4_key * from_key,
-+ const reiser4_key * to_key,
-+ reiser4_key * smallest_removed, struct inode *object,
-+ int truncate, int *progress)
-+{
-+ lock_handle next_node_lock;
-+ coord_t left_coord;
-+ int result;
-+
-+ assert("zam-931", tap->coord->node != NULL);
-+ assert("zam-932", znode_is_write_locked(tap->coord->node));
-+
-+ *progress = 0;
-+ init_lh(&next_node_lock);
-+
-+ while (1) {
-+ znode *node; /* node from which items are cut */
-+ node_plugin *nplug; /* node plugin for @node */
-+
-+ node = tap->coord->node;
-+
-+ /* Move next_node_lock to the next node on the left. */
-+ result =
-+ reiser4_get_left_neighbor(&next_node_lock, node,
-+ ZNODE_WRITE_LOCK,
-+ GN_CAN_USE_UPPER_LEVELS);
-+ if (result != 0 && result != -E_NO_NEIGHBOR)
-+ break;
-+ /* Check can we delete the node as a whole. */
-+ if (*progress && znode_get_level(node) == LEAF_LEVEL &&
-+ can_delete(from_key, node)) {
-+ result = delete_node(node, smallest_removed, object,
-+ truncate);
-+ } else {
-+ result = tap_load(tap);
-+ if (result)
-+ return result;
-+
-+ /* Prepare the second (right) point for cut_node() */
-+ if (*progress)
-+ coord_init_last_unit(tap->coord, node);
-+
-+ else if (item_plugin_by_coord(tap->coord)->b.lookup ==
-+ NULL)
-+ /* set rightmost unit for the items without lookup method */
-+ tap->coord->unit_pos =
-+ coord_last_unit_pos(tap->coord);
-+
-+ nplug = node->nplug;
-+
-+ assert("vs-686", nplug);
-+ assert("vs-687", nplug->lookup);
-+
-+ /* left_coord is leftmost unit cut from @node */
-+ result = nplug->lookup(node, from_key,
-+ FIND_MAX_NOT_MORE_THAN,
-+ &left_coord);
-+
-+ if (IS_CBKERR(result))
-+ break;
-+
-+ /* adjust coordinates so that they are set to existing units */
-+ if (coord_set_to_right(&left_coord)
-+ || coord_set_to_left(tap->coord)) {
-+ result = 0;
-+ break;
-+ }
-+
-+ if (coord_compare(&left_coord, tap->coord) ==
-+ COORD_CMP_ON_RIGHT) {
-+ /* keys from @from_key to @to_key are not in the tree */
-+ result = 0;
-+ break;
-+ }
-+
-+ if (left_coord.item_pos != tap->coord->item_pos) {
-+ /* do not allow to cut more than one item. It is added to solve problem of truncating
-+ partially converted files. If file is partially converted there may exist a twig node
-+ containing both internal item or items pointing to leaf nodes with formatting items
-+ and extent item. We do not want to kill internal items being at twig node here
-+ because cut_tree_worker assumes killing them from level level */
-+ coord_dup(&left_coord, tap->coord);
-+ assert("vs-1652",
-+ coord_is_existing_unit(&left_coord));
-+ left_coord.unit_pos = 0;
-+ }
-+
-+ /* cut data from one node */
-+ // *smallest_removed = *min_key();
-+ result =
-+ kill_node_content(&left_coord, tap->coord, from_key,
-+ to_key, smallest_removed,
-+ next_node_lock.node, object,
-+ truncate);
-+ tap_relse(tap);
-+ }
-+ if (result)
-+ break;
-+
-+ ++(*progress);
-+
-+ /* Check whether all items with keys >= from_key were removed
-+ * from the tree. */
-+ if (keyle(smallest_removed, from_key))
-+ /* result = 0; */
-+ break;
-+
-+ if (next_node_lock.node == NULL)
-+ break;
-+
-+ result = tap_move(tap, &next_node_lock);
-+ done_lh(&next_node_lock);
-+ if (result)
-+ break;
-+
-+ /* Break long cut_tree operation (deletion of a large file) if
-+ * atom requires commit. */
-+ if (*progress > CUT_TREE_MIN_ITERATIONS
-+ && current_atom_should_commit()) {
-+ result = -E_REPEAT;
-+ break;
-+ }
-+ }
-+ done_lh(&next_node_lock);
-+ // assert("vs-301", !keyeq(&smallest_removed, min_key()));
-+ return result;
-+}
-+
-+/* there is a fundamental problem with optimizing deletes: VFS does it
-+ one file at a time. Another problem is that if an item can be
-+ anything, then deleting items must be done one at a time. It just
-+ seems clean to writes this to specify a from and a to key, and cut
-+ everything between them though. */
-+
-+/* use this function with care if deleting more than what is part of a single file. */
-+/* do not use this when cutting a single item, it is suboptimal for that */
-+
-+/* You are encouraged to write plugin specific versions of this. It
-+ cannot be optimal for all plugins because it works item at a time,
-+ and some plugins could sometimes work node at a time. Regular files
-+ however are not optimizable to work node at a time because of
-+ extents needing to free the blocks they point to.
-+
-+ Optimizations compared to v3 code:
-+
-+ It does not balance (that task is left to memory pressure code).
-+
-+ Nodes are deleted only if empty.
-+
-+ Uses extents.
-+
-+ Performs read-ahead of formatted nodes whose contents are part of
-+ the deletion.
-+*/
-+
-+/**
-+ * Delete everything from the reiser4 tree between two keys: @from_key and
-+ * @to_key.
-+ *
-+ * @from_key: the beginning of the deleted key range,
-+ * @to_key: the end of the deleted key range,
-+ * @smallest_removed: the smallest removed key,
-+ * @object: owner of cutting items.
-+ * @truncate: true if called for file truncate.
-+ * @progress: return true if a progress in file items deletions was made,
-+ * @smallest_removed value is actual in that case.
-+ *
-+ * @return: 0 if success, error code otherwise, -E_REPEAT means that long cut_tree
-+ * operation was interrupted for allowing atom commit .
-+ */
-+
-+int
-+cut_tree_object(reiser4_tree * tree, const reiser4_key * from_key,
-+ const reiser4_key * to_key, reiser4_key * smallest_removed_p,
-+ struct inode *object, int truncate, int *progress)
-+{
-+ lock_handle lock;
-+ int result;
-+ tap_t tap;
-+ coord_t right_coord;
-+ reiser4_key smallest_removed;
-+ int (*cut_tree_worker) (tap_t *, const reiser4_key *,
-+ const reiser4_key *, reiser4_key *,
-+ struct inode *, int, int *);
-+ STORE_COUNTERS;
-+
-+ assert("umka-329", tree != NULL);
-+ assert("umka-330", from_key != NULL);
-+ assert("umka-331", to_key != NULL);
-+ assert("zam-936", keyle(from_key, to_key));
-+
-+ if (smallest_removed_p == NULL)
-+ smallest_removed_p = &smallest_removed;
-+
-+ init_lh(&lock);
-+
-+ do {
-+ /* Find rightmost item to cut away from the tree. */
-+ result = object_lookup(object, to_key, &right_coord, &lock,
-+ ZNODE_WRITE_LOCK, FIND_MAX_NOT_MORE_THAN,
-+ TWIG_LEVEL, LEAF_LEVEL, CBK_UNIQUE,
-+ NULL /*ra_info */ );
-+ if (result != CBK_COORD_FOUND)
-+ break;
-+ if (object == NULL
-+ || inode_file_plugin(object)->cut_tree_worker == NULL)
-+ cut_tree_worker = cut_tree_worker_common;
-+ else
-+ cut_tree_worker =
-+ inode_file_plugin(object)->cut_tree_worker;
-+ tap_init(&tap, &right_coord, &lock, ZNODE_WRITE_LOCK);
-+ result =
-+ cut_tree_worker(&tap, from_key, to_key, smallest_removed_p,
-+ object, truncate, progress);
-+ tap_done(&tap);
-+
-+ preempt_point();
-+
-+ } while (0);
-+
-+ done_lh(&lock);
-+
-+ if (result) {
-+ switch (result) {
-+ case -E_NO_NEIGHBOR:
-+ result = 0;
-+ break;
-+ case -E_DEADLOCK:
-+ result = -E_REPEAT;
-+ case -E_REPEAT:
-+ case -ENOMEM:
-+ case -ENOENT:
-+ break;
-+ default:
-+ warning("nikita-2861", "failure: %i", result);
-+ }
-+ }
-+
-+ CHECK_COUNTERS;
-+ return result;
-+}
-+
-+/* repeat cut_tree_object until everything is deleted. unlike cut_file_items, it
-+ * does not end current transaction if -E_REPEAT is returned by
-+ * cut_tree_object. */
-+int
-+cut_tree(reiser4_tree * tree, const reiser4_key * from, const reiser4_key * to,
-+ struct inode *inode, int truncate)
-+{
-+ int result;
-+ int progress;
-+
-+ do {
-+ result =
-+ cut_tree_object(tree, from, to, NULL, inode, truncate,
-+ &progress);
-+ } while (result == -E_REPEAT);
-+
-+ return result;
-+}
-+
-+/* finishing reiser4 initialization */
-+int init_tree(reiser4_tree * tree /* pointer to structure being
-+ * initialized */ ,
-+ const reiser4_block_nr * root_block /* address of a root block
-+ * on a disk */ ,
-+ tree_level height /* height of a tree */ ,
-+ node_plugin * nplug /* default node plugin */ )
-+{
-+ int result;
-+
-+ assert("nikita-306", tree != NULL);
-+ assert("nikita-307", root_block != NULL);
-+ assert("nikita-308", height > 0);
-+ assert("nikita-309", nplug != NULL);
-+ assert("zam-587", tree->super != NULL);
-+
-+ tree->root_block = *root_block;
-+ tree->height = height;
-+ tree->estimate_one_insert = calc_estimate_one_insert(height);
-+ tree->nplug = nplug;
-+
-+ tree->znode_epoch = 1ull;
-+
-+ cbk_cache_init(&tree->cbk_cache);
-+
-+ result = znodes_tree_init(tree);
-+ if (result == 0)
-+ result = jnodes_tree_init(tree);
-+ if (result == 0) {
-+ tree->uber = zget(tree, &UBER_TREE_ADDR, NULL, 0, get_gfp_mask());
-+ if (IS_ERR(tree->uber)) {
-+ result = PTR_ERR(tree->uber);
-+ tree->uber = NULL;
-+ }
-+ }
-+ return result;
-+}
-+
-+/* release resources associated with @tree */
-+void done_tree(reiser4_tree * tree /* tree to release */ )
-+{
-+ if (tree == NULL)
-+ return;
-+
-+ if (tree->uber != NULL) {
-+ zput(tree->uber);
-+ tree->uber = NULL;
-+ }
-+ znodes_tree_done(tree);
-+ jnodes_tree_done(tree);
-+ cbk_cache_done(&tree->cbk_cache);
-+}
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/tree.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/tree.h
-@@ -0,0 +1,579 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* Tree operations. See fs/reiser4/tree.c for comments */
-+
-+#if !defined( __REISER4_TREE_H__ )
-+#define __REISER4_TREE_H__
-+
-+#include "forward.h"
-+#include "debug.h"
-+#include "dformat.h"
-+#include "plugin/node/node.h"
-+#include "plugin/plugin.h"
-+#include "znode.h"
-+#include "tap.h"
-+
-+#include <linux/types.h> /* for __u?? */
-+#include <linux/fs.h> /* for struct super_block */
-+#include <linux/spinlock.h>
-+#include <linux/sched.h> /* for struct task_struct */
-+
-+/* fictive block number never actually used */
-+extern const reiser4_block_nr UBER_TREE_ADDR;
-+
-+/* &cbk_cache_slot - entry in a coord cache.
-+
-+ This is entry in a coord_by_key (cbk) cache, represented by
-+ &cbk_cache.
-+
-+*/
-+typedef struct cbk_cache_slot {
-+ /* cached node */
-+ znode *node;
-+ /* linkage to the next cbk cache slot in a LRU order */
-+ struct list_head lru;
-+} cbk_cache_slot;
-+
-+/* &cbk_cache - coord cache. This is part of reiser4_tree.
-+
-+ cbk_cache is supposed to speed up tree lookups by caching results of recent
-+ successful lookups (we don't cache negative results as dentry cache
-+ does). Cache consists of relatively small number of entries kept in a LRU
-+ order. Each entry (&cbk_cache_slot) contains a pointer to znode, from
-+ which we can obtain a range of keys that covered by this znode. Before
-+ embarking into real tree traversal we scan cbk_cache slot by slot and for
-+ each slot check whether key we are looking for is between minimal and
-+ maximal keys for node pointed to by this slot. If no match is found, real
-+ tree traversal is performed and if result is successful, appropriate entry
-+ is inserted into cache, possibly pulling least recently used entry out of
-+ it.
-+
-+ Tree spin lock is used to protect coord cache. If contention for this
-+ lock proves to be too high, more finer grained locking can be added.
-+
-+ Invariants involving parts of this data-type:
-+
-+ [cbk-cache-invariant]
-+*/
-+typedef struct cbk_cache {
-+ /* serializator */
-+ rwlock_t guard;
-+ int nr_slots;
-+ /* head of LRU list of cache slots */
-+ struct list_head lru;
-+ /* actual array of slots */
-+ cbk_cache_slot *slot;
-+} cbk_cache;
-+
-+
-+/* level_lookup_result - possible outcome of looking up key at some level.
-+ This is used by coord_by_key when traversing tree downward. */
-+typedef enum {
-+ /* continue to the next level */
-+ LOOKUP_CONT,
-+ /* done. Either required item was found, or we can prove it
-+ doesn't exist, or some error occurred. */
-+ LOOKUP_DONE,
-+ /* restart traversal from the root. Infamous "repetition". */
-+ LOOKUP_REST
-+} level_lookup_result;
-+
-+/* This is representation of internal reiser4 tree where all file-system
-+ data and meta-data are stored. This structure is passed to all tree
-+ manipulation functions. It's different from the super block because:
-+ we don't want to limit ourselves to strictly one to one mapping
-+ between super blocks and trees, and, because they are logically
-+ different: there are things in a super block that have no relation to
-+ the tree (bitmaps, journalling area, mount options, etc.) and there
-+ are things in a tree that bear no relation to the super block, like
-+ tree of znodes.
-+
-+ At this time, there is only one tree
-+ per filesystem, and this struct is part of the super block. We only
-+ call the super block the super block for historical reasons (most
-+ other filesystems call the per filesystem metadata the super block).
-+*/
-+
-+struct reiser4_tree {
-+ /* block_nr == 0 is fake znode. Write lock it, while changing
-+ tree height. */
-+ /* disk address of root node of a tree */
-+ reiser4_block_nr root_block;
-+
-+ /* level of the root node. If this is 1, tree consists of root
-+ node only */
-+ tree_level height;
-+
-+ /*
-+ * this is cached here avoid calling plugins through function
-+ * dereference all the time.
-+ */
-+ __u64 estimate_one_insert;
-+
-+ /* cache of recent tree lookup results */
-+ cbk_cache cbk_cache;
-+
-+ /* hash table to look up znodes by block number. */
-+ z_hash_table zhash_table;
-+ z_hash_table zfake_table;
-+ /* hash table to look up jnodes by inode and offset. */
-+ j_hash_table jhash_table;
-+
-+ /* lock protecting:
-+ - parent pointers,
-+ - sibling pointers,
-+ - znode hash table
-+ - coord cache
-+ */
-+ /* NOTE: The "giant" tree lock can be replaced by more spin locks,
-+ hoping they will be less contented. We can use one spin lock per one
-+ znode hash bucket. With adding of some code complexity, sibling
-+ pointers can be protected by both znode spin locks. However it looks
-+ more SMP scalable we should test this locking change on n-ways (n >
-+ 4) SMP machines. Current 4-ways machine test does not show that tree
-+ lock is contented and it is a bottleneck (2003.07.25). */
-+
-+ rwlock_t tree_lock;
-+
-+ /* lock protecting delimiting keys */
-+ rwlock_t dk_lock;
-+
-+ /* spin lock protecting znode_epoch */
-+ spinlock_t epoch_lock;
-+ /* version stamp used to mark znode updates. See seal.[ch] for more
-+ * information. */
-+ __u64 znode_epoch;
-+
-+ znode *uber;
-+ node_plugin *nplug;
-+ struct super_block *super;
-+ struct {
-+ /* carry flags used for insertion of new nodes */
-+ __u32 new_node_flags;
-+ /* carry flags used for insertion of new extents */
-+ __u32 new_extent_flags;
-+ /* carry flags used for paste operations */
-+ __u32 paste_flags;
-+ /* carry flags used for insert operations */
-+ __u32 insert_flags;
-+ } carry;
-+};
-+
-+extern int init_tree(reiser4_tree * tree,
-+ const reiser4_block_nr * root_block, tree_level height,
-+ node_plugin * default_plugin);
-+extern void done_tree(reiser4_tree * tree);
-+
-+/* cbk flags: options for coord_by_key() */
-+typedef enum {
-+ /* coord_by_key() is called for insertion. This is necessary because
-+ of extents being located at the twig level. For explanation, see
-+ comment just above is_next_item_internal().
-+ */
-+ CBK_FOR_INSERT = (1 << 0),
-+ /* coord_by_key() is called with key that is known to be unique */
-+ CBK_UNIQUE = (1 << 1),
-+ /* coord_by_key() can trust delimiting keys. This options is not user
-+ accessible. coord_by_key() will set it automatically. It will be
-+ only cleared by special-case in extents-on-the-twig-level handling
-+ where it is necessary to insert item with a key smaller than
-+ leftmost key in a node. This is necessary because of extents being
-+ located at the twig level. For explanation, see comment just above
-+ is_next_item_internal().
-+ */
-+ CBK_TRUST_DK = (1 << 2),
-+ CBK_READA = (1 << 3), /* original: readahead leaves which contain items of certain file */
-+ CBK_READDIR_RA = (1 << 4), /* readdir: readahead whole directory and all its stat datas */
-+ CBK_DKSET = (1 << 5),
-+ CBK_EXTENDED_COORD = (1 << 6), /* coord_t is actually */
-+ CBK_IN_CACHE = (1 << 7), /* node is already in cache */
-+ CBK_USE_CRABLOCK = (1 << 8) /* use crab_lock in stead of long term
-+ * lock */
-+} cbk_flags;
-+
-+/* insertion outcome. IBK = insert by key */
-+typedef enum {
-+ IBK_INSERT_OK = 0,
-+ IBK_ALREADY_EXISTS = -EEXIST,
-+ IBK_IO_ERROR = -EIO,
-+ IBK_NO_SPACE = -E_NODE_FULL,
-+ IBK_OOM = -ENOMEM
-+} insert_result;
-+
-+#define IS_CBKERR(err) ((err) != CBK_COORD_FOUND && (err) != CBK_COORD_NOTFOUND)
-+
-+typedef int (*tree_iterate_actor_t) (reiser4_tree * tree, coord_t * coord,
-+ lock_handle * lh, void *arg);
-+extern int iterate_tree(reiser4_tree * tree, coord_t * coord, lock_handle * lh,
-+ tree_iterate_actor_t actor, void *arg,
-+ znode_lock_mode mode, int through_units_p);
-+extern int get_uber_znode(reiser4_tree * tree, znode_lock_mode mode,
-+ znode_lock_request pri, lock_handle * lh);
-+
-+/* return node plugin of @node */
-+static inline node_plugin *node_plugin_by_node(const znode *
-+ node /* node to query */ )
-+{
-+ assert("vs-213", node != NULL);
-+ assert("vs-214", znode_is_loaded(node));
-+
-+ return node->nplug;
-+}
-+
-+/* number of items in @node */
-+static inline pos_in_node_t node_num_items(const znode * node)
-+{
-+ assert("nikita-2754", znode_is_loaded(node));
-+ assert("nikita-2468",
-+ node_plugin_by_node(node)->num_of_items(node) == node->nr_items);
-+
-+ return node->nr_items;
-+}
-+
-+/* Return the number of items at the present node. Asserts coord->node !=
-+ NULL. */
-+static inline unsigned coord_num_items(const coord_t * coord)
-+{
-+ assert("jmacd-9805", coord->node != NULL);
-+
-+ return node_num_items(coord->node);
-+}
-+
-+/* true if @node is empty */
-+static inline int node_is_empty(const znode * node)
-+{
-+ return node_num_items(node) == 0;
-+}
-+
-+typedef enum {
-+ SHIFTED_SOMETHING = 0,
-+ SHIFT_NO_SPACE = -E_NODE_FULL,
-+ SHIFT_IO_ERROR = -EIO,
-+ SHIFT_OOM = -ENOMEM,
-+} shift_result;
-+
-+extern node_plugin *node_plugin_by_coord(const coord_t * coord);
-+extern int is_coord_in_node(const coord_t * coord);
-+extern int key_in_node(const reiser4_key *, const coord_t *);
-+extern void coord_item_move_to(coord_t * coord, int items);
-+extern void coord_unit_move_to(coord_t * coord, int units);
-+
-+/* there are two types of repetitive accesses (ra): intra-syscall
-+ (local) and inter-syscall (global). Local ra is used when
-+ during single syscall we add/delete several items and units in the
-+ same place in a tree. Note that plan-A fragments local ra by
-+ separating stat-data and file body in key-space. Global ra is
-+ used when user does repetitive modifications in the same place in a
-+ tree.
-+
-+ Our ra implementation serves following purposes:
-+ 1 it affects balancing decisions so that next operation in a row
-+ can be performed faster;
-+ 2 it affects lower-level read-ahead in page-cache;
-+ 3 it allows to avoid unnecessary lookups by maintaining some state
-+ across several operations (this is only for local ra);
-+ 4 it leaves room for lazy-micro-balancing: when we start a sequence of
-+ operations they are performed without actually doing any intra-node
-+ shifts, until we finish sequence or scope of sequence leaves
-+ current node, only then we really pack node (local ra only).
-+*/
-+
-+/* another thing that can be useful is to keep per-tree and/or
-+ per-process cache of recent lookups. This cache can be organised as a
-+ list of block numbers of formatted nodes sorted by starting key in
-+ this node. Balancings should invalidate appropriate parts of this
-+ cache.
-+*/
-+
-+lookup_result coord_by_key(reiser4_tree * tree, const reiser4_key * key,
-+ coord_t * coord, lock_handle * handle,
-+ znode_lock_mode lock, lookup_bias bias,
-+ tree_level lock_level, tree_level stop_level,
-+ __u32 flags, ra_info_t *);
-+
-+lookup_result object_lookup(struct inode *object,
-+ const reiser4_key * key,
-+ coord_t * coord,
-+ lock_handle * lh,
-+ znode_lock_mode lock_mode,
-+ lookup_bias bias,
-+ tree_level lock_level,
-+ tree_level stop_level,
-+ __u32 flags, ra_info_t * info);
-+
-+insert_result insert_by_key(reiser4_tree * tree, const reiser4_key * key,
-+ reiser4_item_data * data, coord_t * coord,
-+ lock_handle * lh,
-+ tree_level stop_level, __u32 flags);
-+insert_result insert_by_coord(coord_t * coord,
-+ reiser4_item_data * data, const reiser4_key * key,
-+ lock_handle * lh, __u32);
-+insert_result insert_extent_by_coord(coord_t * coord,
-+ reiser4_item_data * data,
-+ const reiser4_key * key, lock_handle * lh);
-+int cut_node_content(coord_t * from, coord_t * to, const reiser4_key * from_key,
-+ const reiser4_key * to_key,
-+ reiser4_key * smallest_removed);
-+int kill_node_content(coord_t * from, coord_t * to,
-+ const reiser4_key * from_key, const reiser4_key * to_key,
-+ reiser4_key * smallest_removed,
-+ znode * locked_left_neighbor, struct inode *inode,
-+ int truncate);
-+
-+int resize_item(coord_t * coord, reiser4_item_data * data,
-+ reiser4_key * key, lock_handle * lh, cop_insert_flag);
-+int insert_into_item(coord_t * coord, lock_handle * lh, const reiser4_key * key,
-+ reiser4_item_data * data, unsigned);
-+int insert_flow(coord_t * coord, lock_handle * lh, flow_t * f);
-+int find_new_child_ptr(znode * parent, znode * child, znode * left,
-+ coord_t * result);
-+
-+int shift_right_of_but_excluding_insert_coord(coord_t * insert_coord);
-+int shift_left_of_and_including_insert_coord(coord_t * insert_coord);
-+
-+void fake_kill_hook_tail(struct inode *, loff_t start, loff_t end, int);
-+
-+extern int cut_tree_worker_common(tap_t *, const reiser4_key *,
-+ const reiser4_key *, reiser4_key *,
-+ struct inode *, int, int *);
-+extern int cut_tree_object(reiser4_tree *, const reiser4_key *,
-+ const reiser4_key *, reiser4_key *, struct inode *,
-+ int, int *);
-+extern int cut_tree(reiser4_tree * tree, const reiser4_key * from,
-+ const reiser4_key * to, struct inode *, int);
-+
-+extern int delete_node(znode * node, reiser4_key *, struct inode *, int);
-+extern int check_tree_pointer(const coord_t * pointer, const znode * child);
-+extern int find_new_child_ptr(znode * parent, znode * child UNUSED_ARG,
-+ znode * left, coord_t * result);
-+extern int find_child_ptr(znode * parent, znode * child, coord_t * result);
-+extern int set_child_delimiting_keys(znode * parent, const coord_t * in_parent,
-+ znode * child);
-+extern znode *child_znode(const coord_t * in_parent, znode * parent,
-+ int incore_p, int setup_dkeys_p);
-+
-+extern int cbk_cache_init(cbk_cache * cache);
-+extern void cbk_cache_done(cbk_cache * cache);
-+extern void cbk_cache_invalidate(const znode * node, reiser4_tree * tree);
-+
-+extern char *sprint_address(const reiser4_block_nr * block);
-+
-+#if REISER4_DEBUG
-+extern void print_coord_content(const char *prefix, coord_t * p);
-+extern void reiser4_print_address(const char *prefix,
-+ const reiser4_block_nr * block);
-+extern void print_tree_rec(const char *prefix, reiser4_tree * tree,
-+ __u32 flags);
-+extern void check_dkeys(znode *node);
-+#else
-+#define print_coord_content(p, c) noop
-+#define reiser4_print_address(p, b) noop
-+#endif
-+
-+extern void forget_znode(lock_handle * handle);
-+extern int deallocate_znode(znode * node);
-+
-+extern int is_disk_addr_unallocated(const reiser4_block_nr * addr);
-+
-+/* struct used internally to pack all numerous arguments of tree lookup.
-+ Used to avoid passing a lot of arguments to helper functions. */
-+typedef struct cbk_handle {
-+ /* tree we are in */
-+ reiser4_tree *tree;
-+ /* key we are going after */
-+ const reiser4_key *key;
-+ /* coord we will store result in */
-+ coord_t *coord;
-+ /* type of lock to take on target node */
-+ znode_lock_mode lock_mode;
-+ /* lookup bias. See comments at the declaration of lookup_bias */
-+ lookup_bias bias;
-+ /* lock level: level starting from which tree traversal starts taking
-+ * write locks. */
-+ tree_level lock_level;
-+ /* level where search will stop. Either item will be found between
-+ lock_level and stop_level, or CBK_COORD_NOTFOUND will be
-+ returned.
-+ */
-+ tree_level stop_level;
-+ /* level we are currently at */
-+ tree_level level;
-+ /* block number of @active node. Tree traversal operates on two
-+ nodes: active and parent. */
-+ reiser4_block_nr block;
-+ /* put here error message to be printed by caller */
-+ const char *error;
-+ /* result passed back to caller */
-+ lookup_result result;
-+ /* lock handles for active and parent */
-+ lock_handle *parent_lh;
-+ lock_handle *active_lh;
-+ reiser4_key ld_key;
-+ reiser4_key rd_key;
-+ /* flags, passed to the cbk routine. Bits of this bitmask are defined
-+ in tree.h:cbk_flags enum. */
-+ __u32 flags;
-+ ra_info_t *ra_info;
-+ struct inode *object;
-+} cbk_handle;
-+
-+extern znode_lock_mode cbk_lock_mode(tree_level level, cbk_handle * h);
-+
-+/* eottl.c */
-+extern int handle_eottl(cbk_handle *h, int *outcome);
-+
-+int lookup_multikey(cbk_handle * handle, int nr_keys);
-+int lookup_couple(reiser4_tree * tree,
-+ const reiser4_key * key1, const reiser4_key * key2,
-+ coord_t * coord1, coord_t * coord2,
-+ lock_handle * lh1, lock_handle * lh2,
-+ znode_lock_mode lock_mode, lookup_bias bias,
-+ tree_level lock_level, tree_level stop_level, __u32 flags,
-+ int *result1, int *result2);
-+
-+
-+static inline void read_lock_tree(reiser4_tree *tree)
-+{
-+ /* check that tree is not locked */
-+ assert("", (LOCK_CNT_NIL(rw_locked_tree) &&
-+ LOCK_CNT_NIL(read_locked_tree) &&
-+ LOCK_CNT_NIL(write_locked_tree)));
-+ /* check that spinlocks of lower priorities are not held */
-+ assert("", (LOCK_CNT_NIL(spin_locked_txnh) &&
-+ LOCK_CNT_NIL(rw_locked_dk) &&
-+ LOCK_CNT_NIL(spin_locked_stack)));
-+
-+ read_lock(&(tree->tree_lock));
-+
-+ LOCK_CNT_INC(read_locked_tree);
-+ LOCK_CNT_INC(rw_locked_tree);
-+ LOCK_CNT_INC(spin_locked);
-+}
-+
-+static inline void read_unlock_tree(reiser4_tree *tree)
-+{
-+ assert("nikita-1375", LOCK_CNT_GTZ(read_locked_tree));
-+ assert("nikita-1376", LOCK_CNT_GTZ(rw_locked_tree));
-+ assert("nikita-1376", LOCK_CNT_GTZ(spin_locked));
-+
-+ LOCK_CNT_DEC(read_locked_tree);
-+ LOCK_CNT_DEC(rw_locked_tree);
-+ LOCK_CNT_DEC(spin_locked);
-+
-+ read_unlock(&(tree->tree_lock));
-+}
-+
-+static inline void write_lock_tree(reiser4_tree *tree)
-+{
-+ /* check that tree is not locked */
-+ assert("", (LOCK_CNT_NIL(rw_locked_tree) &&
-+ LOCK_CNT_NIL(read_locked_tree) &&
-+ LOCK_CNT_NIL(write_locked_tree)));
-+ /* check that spinlocks of lower priorities are not held */
-+ assert("", (LOCK_CNT_NIL(spin_locked_txnh) &&
-+ LOCK_CNT_NIL(rw_locked_dk) &&
-+ LOCK_CNT_NIL(spin_locked_stack)));
-+
-+ write_lock(&(tree->tree_lock));
-+
-+ LOCK_CNT_INC(write_locked_tree);
-+ LOCK_CNT_INC(rw_locked_tree);
-+ LOCK_CNT_INC(spin_locked);
-+}
-+
-+static inline void write_unlock_tree(reiser4_tree *tree)
-+{
-+ assert("nikita-1375", LOCK_CNT_GTZ(write_locked_tree));
-+ assert("nikita-1376", LOCK_CNT_GTZ(rw_locked_tree));
-+ assert("nikita-1376", LOCK_CNT_GTZ(spin_locked));
-+
-+ LOCK_CNT_DEC(write_locked_tree);
-+ LOCK_CNT_DEC(rw_locked_tree);
-+ LOCK_CNT_DEC(spin_locked);
-+
-+ write_unlock(&(tree->tree_lock));
-+}
-+
-+static inline void read_lock_dk(reiser4_tree *tree)
-+{
-+ /* check that dk is not locked */
-+ assert("", (LOCK_CNT_NIL(rw_locked_dk) &&
-+ LOCK_CNT_NIL(read_locked_dk) &&
-+ LOCK_CNT_NIL(write_locked_dk)));
-+ /* check that spinlocks of lower priorities are not held */
-+ assert("", LOCK_CNT_NIL(spin_locked_stack));
-+
-+ read_lock(&((tree)->dk_lock));
-+
-+ LOCK_CNT_INC(read_locked_dk);
-+ LOCK_CNT_INC(rw_locked_dk);
-+ LOCK_CNT_INC(spin_locked);
-+}
-+
-+static inline void read_unlock_dk(reiser4_tree *tree)
-+{
-+ assert("nikita-1375", LOCK_CNT_GTZ(read_locked_dk));
-+ assert("nikita-1376", LOCK_CNT_GTZ(rw_locked_dk));
-+ assert("nikita-1376", LOCK_CNT_GTZ(spin_locked));
-+
-+ LOCK_CNT_DEC(read_locked_dk);
-+ LOCK_CNT_DEC(rw_locked_dk);
-+ LOCK_CNT_DEC(spin_locked);
-+
-+ read_unlock(&(tree->dk_lock));
-+}
-+
-+static inline void write_lock_dk(reiser4_tree *tree)
-+{
-+ /* check that dk is not locked */
-+ assert("", (LOCK_CNT_NIL(rw_locked_dk) &&
-+ LOCK_CNT_NIL(read_locked_dk) &&
-+ LOCK_CNT_NIL(write_locked_dk)));
-+ /* check that spinlocks of lower priorities are not held */
-+ assert("", LOCK_CNT_NIL(spin_locked_stack));
-+
-+ write_lock(&((tree)->dk_lock));
-+
-+ LOCK_CNT_INC(write_locked_dk);
-+ LOCK_CNT_INC(rw_locked_dk);
-+ LOCK_CNT_INC(spin_locked);
-+}
-+
-+static inline void write_unlock_dk(reiser4_tree *tree)
-+{
-+ assert("nikita-1375", LOCK_CNT_GTZ(write_locked_dk));
-+ assert("nikita-1376", LOCK_CNT_GTZ(rw_locked_dk));
-+ assert("nikita-1376", LOCK_CNT_GTZ(spin_locked));
-+
-+ LOCK_CNT_DEC(write_locked_dk);
-+ LOCK_CNT_DEC(rw_locked_dk);
-+ LOCK_CNT_DEC(spin_locked);
-+
-+ write_unlock(&(tree->dk_lock));
-+}
-+
-+/* estimate api. Implementation is in estimate.c */
-+reiser4_block_nr estimate_one_insert_item(reiser4_tree *);
-+reiser4_block_nr estimate_one_insert_into_item(reiser4_tree *);
-+reiser4_block_nr estimate_insert_flow(tree_level);
-+reiser4_block_nr estimate_one_item_removal(reiser4_tree *);
-+reiser4_block_nr calc_estimate_one_insert(tree_level);
-+reiser4_block_nr estimate_dirty_cluster(struct inode *);
-+reiser4_block_nr estimate_insert_cluster(struct inode *);
-+reiser4_block_nr estimate_update_cluster(struct inode *);
-+
-+
-+/* __REISER4_TREE_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/tree_mod.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/tree_mod.c
-@@ -0,0 +1,383 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/*
-+ * Functions to add/delete new nodes to/from the tree.
-+ *
-+ * Functions from this file are used by carry (see carry*) to handle:
-+ *
-+ * . insertion of new formatted node into tree
-+ *
-+ * . addition of new tree root, increasing tree height
-+ *
-+ * . removing tree root, decreasing tree height
-+ *
-+ */
-+
-+#include "forward.h"
-+#include "debug.h"
-+#include "dformat.h"
-+#include "key.h"
-+#include "coord.h"
-+#include "plugin/plugin.h"
-+#include "jnode.h"
-+#include "znode.h"
-+#include "tree_mod.h"
-+#include "block_alloc.h"
-+#include "tree_walk.h"
-+#include "tree.h"
-+#include "super.h"
-+
-+#include <linux/err.h>
-+
-+static int add_child_ptr(znode * parent, znode * child);
-+/* warning only issued if error is not -E_REPEAT */
-+#define ewarning( error, ... ) \
-+ if( ( error ) != -E_REPEAT ) \
-+ warning( __VA_ARGS__ )
-+
-+/* allocate new node on the @level and immediately on the right of @brother. */
-+znode *new_node(znode * brother /* existing left neighbor of new node */ ,
-+ tree_level level /* tree level at which new node is to
-+ * be allocated */ )
-+{
-+ znode *result;
-+ int retcode;
-+ reiser4_block_nr blocknr;
-+
-+ assert("nikita-930", brother != NULL);
-+ assert("umka-264", level < REAL_MAX_ZTREE_HEIGHT);
-+
-+ retcode = assign_fake_blocknr_formatted(&blocknr);
-+ if (retcode == 0) {
-+ result =
-+ zget(znode_get_tree(brother), &blocknr, NULL, level,
-+ get_gfp_mask());
-+ if (IS_ERR(result)) {
-+ ewarning(PTR_ERR(result), "nikita-929",
-+ "Cannot allocate znode for carry: %li",
-+ PTR_ERR(result));
-+ return result;
-+ }
-+ /* cheap test, can be executed even when debugging is off */
-+ if (!znode_just_created(result)) {
-+ warning("nikita-2213",
-+ "Allocated already existing block: %llu",
-+ (unsigned long long)blocknr);
-+ zput(result);
-+ return ERR_PTR(RETERR(-EIO));
-+ }
-+
-+ assert("nikita-931", result != NULL);
-+ result->nplug = znode_get_tree(brother)->nplug;
-+ assert("nikita-933", result->nplug != NULL);
-+
-+ retcode = zinit_new(result, get_gfp_mask());
-+ if (retcode == 0) {
-+ ZF_SET(result, JNODE_CREATED);
-+ zrelse(result);
-+ } else {
-+ zput(result);
-+ result = ERR_PTR(retcode);
-+ }
-+ } else {
-+ /* failure to allocate new node during balancing.
-+ This should never happen. Ever. Returning -E_REPEAT
-+ is not viable solution, because "out of disk space"
-+ is not transient error that will go away by itself.
-+ */
-+ ewarning(retcode, "nikita-928",
-+ "Cannot allocate block for carry: %i", retcode);
-+ result = ERR_PTR(retcode);
-+ }
-+ assert("nikita-1071", result != NULL);
-+ return result;
-+}
-+
-+/* allocate new root and add it to the tree
-+
-+ This helper function is called by add_new_root().
-+
-+*/
-+znode *add_tree_root(znode * old_root /* existing tree root */ ,
-+ znode * fake /* "fake" znode */ )
-+{
-+ reiser4_tree *tree = znode_get_tree(old_root);
-+ znode *new_root = NULL; /* to shut gcc up */
-+ int result;
-+
-+ assert("nikita-1069", old_root != NULL);
-+ assert("umka-262", fake != NULL);
-+ assert("umka-263", tree != NULL);
-+
-+ /* "fake" znode---one always hanging just above current root. This
-+ node is locked when new root is created or existing root is
-+ deleted. Downward tree traversal takes lock on it before taking
-+ lock on a root node. This avoids race conditions with root
-+ manipulations.
-+
-+ */
-+ assert("nikita-1348", znode_above_root(fake));
-+ assert("nikita-1211", znode_is_root(old_root));
-+
-+ result = 0;
-+ if (tree->height >= REAL_MAX_ZTREE_HEIGHT) {
-+ warning("nikita-1344", "Tree is too tall: %i", tree->height);
-+ /* ext2 returns -ENOSPC when it runs out of free inodes with a
-+ following comment (fs/ext2/ialloc.c:441): Is it really
-+ ENOSPC?
-+
-+ -EXFULL? -EINVAL?
-+ */
-+ result = RETERR(-ENOSPC);
-+ } else {
-+ /* Allocate block for new root. It's not that
-+ important where it will be allocated, as root is
-+ almost always in memory. Moreover, allocate on
-+ flush can be going here.
-+ */
-+ assert("nikita-1448", znode_is_root(old_root));
-+ new_root = new_node(fake, tree->height + 1);
-+ if (!IS_ERR(new_root) && (result = zload(new_root)) == 0) {
-+ lock_handle rlh;
-+
-+ init_lh(&rlh);
-+ result =
-+ longterm_lock_znode(&rlh, new_root,
-+ ZNODE_WRITE_LOCK,
-+ ZNODE_LOCK_LOPRI);
-+ if (result == 0) {
-+ parent_coord_t *in_parent;
-+
-+ znode_make_dirty(fake);
-+
-+ /* new root is a child of "fake" node */
-+ write_lock_tree(tree);
-+
-+ ++tree->height;
-+
-+ /* recalculate max balance overhead */
-+ tree->estimate_one_insert =
-+ estimate_one_insert_item(tree);
-+
-+ tree->root_block = *znode_get_block(new_root);
-+ in_parent = &new_root->in_parent;
-+ init_parent_coord(in_parent, fake);
-+ /* manually insert new root into sibling
-+ * list. With this all nodes involved into
-+ * balancing are connected after balancing is
-+ * done---useful invariant to check. */
-+ sibling_list_insert_nolock(new_root, NULL);
-+ write_unlock_tree(tree);
-+
-+ /* insert into new root pointer to the
-+ @old_root. */
-+ assert("nikita-1110",
-+ WITH_DATA(new_root,
-+ node_is_empty(new_root)));
-+ write_lock_dk(tree);
-+ znode_set_ld_key(new_root, min_key());
-+ znode_set_rd_key(new_root, max_key());
-+ write_unlock_dk(tree);
-+ if (REISER4_DEBUG) {
-+ ZF_CLR(old_root, JNODE_LEFT_CONNECTED);
-+ ZF_CLR(old_root, JNODE_RIGHT_CONNECTED);
-+ ZF_SET(old_root, JNODE_ORPHAN);
-+ }
-+ result = add_child_ptr(new_root, old_root);
-+ done_lh(&rlh);
-+ }
-+ zrelse(new_root);
-+ }
-+ }
-+ if (result != 0)
-+ new_root = ERR_PTR(result);
-+ return new_root;
-+}
-+
-+/* build &reiser4_item_data for inserting child pointer
-+
-+ Build &reiser4_item_data that can be later used to insert pointer to @child
-+ in its parent.
-+
-+*/
-+void build_child_ptr_data(znode * child /* node pointer to which will be
-+ * inserted */ ,
-+ reiser4_item_data * data /* where to store result */ )
-+{
-+ assert("nikita-1116", child != NULL);
-+ assert("nikita-1117", data != NULL);
-+
-+ /*
-+ * NOTE: use address of child's blocknr as address of data to be
-+ * inserted. As result of this data gets into on-disk structure in cpu
-+ * byte order. internal's create_hook converts it to little endian byte
-+ * order.
-+ */
-+ data->data = (char *)znode_get_block(child);
-+ /* data -> data is kernel space */
-+ data->user = 0;
-+ data->length = sizeof(reiser4_block_nr);
-+ /* FIXME-VS: hardcoded internal item? */
-+
-+ /* AUDIT: Is it possible that "item_plugin_by_id" may find nothing? */
-+ data->iplug = item_plugin_by_id(NODE_POINTER_ID);
-+}
-+
-+/* add pointer to @child into empty @parent.
-+
-+ This is used when pointer to old root is inserted into new root which is
-+ empty.
-+*/
-+static int add_child_ptr(znode * parent, znode * child)
-+{
-+ coord_t coord;
-+ reiser4_item_data data;
-+ int result;
-+ reiser4_key key;
-+
-+ assert("nikita-1111", parent != NULL);
-+ assert("nikita-1112", child != NULL);
-+ assert("nikita-1115",
-+ znode_get_level(parent) == znode_get_level(child) + 1);
-+
-+ result = zload(parent);
-+ if (result != 0)
-+ return result;
-+ assert("nikita-1113", node_is_empty(parent));
-+ coord_init_first_unit(&coord, parent);
-+
-+ build_child_ptr_data(child, &data);
-+ data.arg = NULL;
-+
-+ read_lock_dk(znode_get_tree(parent));
-+ key = *znode_get_ld_key(child);
-+ read_unlock_dk(znode_get_tree(parent));
-+
-+ result = node_plugin_by_node(parent)->create_item(&coord, &key, &data,
-+ NULL);
-+ znode_make_dirty(parent);
-+ zrelse(parent);
-+ return result;
-+}
-+
-+/* actually remove tree root */
-+static int kill_root(reiser4_tree * tree /* tree from which root is being
-+ * removed */ ,
-+ znode * old_root /* root node that is being removed */ ,
-+ znode * new_root /* new root---sole child of *
-+ * @old_root */ ,
-+ const reiser4_block_nr * new_root_blk /* disk address of
-+ * @new_root */ )
-+{
-+ znode *uber;
-+ int result;
-+ lock_handle handle_for_uber;
-+
-+ assert("umka-265", tree != NULL);
-+ assert("nikita-1198", new_root != NULL);
-+ assert("nikita-1199",
-+ znode_get_level(new_root) + 1 == znode_get_level(old_root));
-+
-+ assert("nikita-1201", znode_is_write_locked(old_root));
-+
-+ assert("nikita-1203",
-+ disk_addr_eq(new_root_blk, znode_get_block(new_root)));
-+
-+ init_lh(&handle_for_uber);
-+ /* obtain and lock "fake" znode protecting changes in tree height. */
-+ result = get_uber_znode(tree, ZNODE_WRITE_LOCK, ZNODE_LOCK_HIPRI,
-+ &handle_for_uber);
-+ if (result == 0) {
-+ uber = handle_for_uber.node;
-+
-+ znode_make_dirty(uber);
-+
-+ /* don't take long term lock a @new_root. Take spinlock. */
-+
-+ write_lock_tree(tree);
-+
-+ tree->root_block = *new_root_blk;
-+ --tree->height;
-+
-+ /* recalculate max balance overhead */
-+ tree->estimate_one_insert = estimate_one_insert_item(tree);
-+
-+ assert("nikita-1202",
-+ tree->height == znode_get_level(new_root));
-+
-+ /* new root is child on "fake" node */
-+ init_parent_coord(&new_root->in_parent, uber);
-+ ++uber->c_count;
-+
-+ /* sibling_list_insert_nolock(new_root, NULL); */
-+ write_unlock_tree(tree);
-+
-+ /* reinitialise old root. */
-+ result = node_plugin_by_node(old_root)->init(old_root);
-+ znode_make_dirty(old_root);
-+ if (result == 0) {
-+ assert("nikita-1279", node_is_empty(old_root));
-+ ZF_SET(old_root, JNODE_HEARD_BANSHEE);
-+ old_root->c_count = 0;
-+ }
-+ }
-+ done_lh(&handle_for_uber);
-+
-+ return result;
-+}
-+
-+/* remove tree root
-+
-+ This function removes tree root, decreasing tree height by one. Tree root
-+ and its only child (that is going to become new tree root) are write locked
-+ at the entry.
-+
-+ To remove tree root we need to take lock on special "fake" znode that
-+ protects changes of tree height. See comments in add_tree_root() for more
-+ on this.
-+
-+ Also parent pointers have to be updated in
-+ old and new root. To simplify code, function is split into two parts: outer
-+ kill_tree_root() collects all necessary arguments and calls kill_root()
-+ to do the actual job.
-+
-+*/
-+int kill_tree_root(znode * old_root /* tree root that we are removing */ )
-+{
-+ int result;
-+ coord_t down_link;
-+ znode *new_root;
-+ reiser4_tree *tree;
-+
-+ assert("umka-266", current_tree != NULL);
-+ assert("nikita-1194", old_root != NULL);
-+ assert("nikita-1196", znode_is_root(old_root));
-+ assert("nikita-1200", node_num_items(old_root) == 1);
-+ assert("nikita-1401", znode_is_write_locked(old_root));
-+
-+ coord_init_first_unit(&down_link, old_root);
-+
-+ tree = znode_get_tree(old_root);
-+ new_root = child_znode(&down_link, old_root, 0, 1);
-+ if (!IS_ERR(new_root)) {
-+ result =
-+ kill_root(tree, old_root, new_root,
-+ znode_get_block(new_root));
-+ zput(new_root);
-+ } else
-+ result = PTR_ERR(new_root);
-+
-+ return result;
-+}
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/tree_mod.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/tree_mod.h
-@@ -0,0 +1,29 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* Functions to add/delete new nodes to/from the tree. See tree_mod.c for
-+ * comments. */
-+
-+#if !defined( __REISER4_TREE_MOD_H__ )
-+#define __REISER4_TREE_MOD_H__
-+
-+#include "forward.h"
-+
-+znode *new_node(znode * brother, tree_level level);
-+znode *add_tree_root(znode * old_root, znode * fake);
-+int kill_tree_root(znode * old_root);
-+void build_child_ptr_data(znode * child, reiser4_item_data * data);
-+
-+/* __REISER4_TREE_MOD_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/tree_walk.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/tree_walk.c
-@@ -0,0 +1,926 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* Routines and macros to:
-+
-+ get_left_neighbor()
-+
-+ get_right_neighbor()
-+
-+ get_parent()
-+
-+ get_first_child()
-+
-+ get_last_child()
-+
-+ various routines to walk the whole tree and do things to it like
-+ repack it, or move it to tertiary storage. Please make them as
-+ generic as is reasonable.
-+
-+*/
-+
-+#include "forward.h"
-+#include "debug.h"
-+#include "dformat.h"
-+#include "coord.h"
-+#include "plugin/item/item.h"
-+#include "jnode.h"
-+#include "znode.h"
-+#include "tree_walk.h"
-+#include "tree.h"
-+#include "super.h"
-+
-+/* These macros are used internally in tree_walk.c in attempt to make
-+ lock_neighbor() code usable to build lock_parent(), lock_right_neighbor,
-+ lock_left_neighbor */
-+#define GET_NODE_BY_PTR_OFFSET(node, off) (*(znode**)(((unsigned long)(node)) + (off)))
-+#define FIELD_OFFSET(name) offsetof(znode, name)
-+#define PARENT_PTR_OFFSET FIELD_OFFSET(in_parent.node)
-+#define LEFT_PTR_OFFSET FIELD_OFFSET(left)
-+#define RIGHT_PTR_OFFSET FIELD_OFFSET(right)
-+
-+/* This is the generic procedure to get and lock `generic' neighbor (left or
-+ right neighbor or parent). It implements common algorithm for all cases of
-+ getting lock on neighbor node, only znode structure field is different in
-+ each case. This is parameterized by ptr_offset argument, which is byte
-+ offset for the pointer to the desired neighbor within the current node's
-+ znode structure. This function should be called with the tree lock held */
-+static int lock_neighbor(
-+ /* resulting lock handle */
-+ lock_handle * result,
-+ /* znode to lock */
-+ znode * node,
-+ /* pointer to neighbor (or parent) znode field offset, in bytes from
-+ the base address of znode structure */
-+ int ptr_offset,
-+ /* lock mode for longterm_lock_znode call */
-+ znode_lock_mode mode,
-+ /* lock request for longterm_lock_znode call */
-+ znode_lock_request req,
-+ /* GN_* flags */
-+ int flags, int rlocked)
-+{
-+ reiser4_tree *tree = znode_get_tree(node);
-+ znode *neighbor;
-+ int ret;
-+
-+ assert("umka-236", node != NULL);
-+ assert("umka-237", tree != NULL);
-+ assert_rw_locked(&(tree->tree_lock));
-+
-+ if (flags & GN_TRY_LOCK)
-+ req |= ZNODE_LOCK_NONBLOCK;
-+ if (flags & GN_SAME_ATOM)
-+ req |= ZNODE_LOCK_DONT_FUSE;
-+
-+ /* get neighbor's address by using of sibling link, quit while loop
-+ (and return) if link is not available. */
-+ while (1) {
-+ neighbor = GET_NODE_BY_PTR_OFFSET(node, ptr_offset);
-+
-+ /* return -E_NO_NEIGHBOR if parent or side pointer is NULL or if
-+ * node pointed by it is not connected.
-+ *
-+ * However, GN_ALLOW_NOT_CONNECTED option masks "connected"
-+ * check and allows passing reference to not connected znode to
-+ * subsequent longterm_lock_znode() call. This kills possible
-+ * busy loop if we are trying to get longterm lock on locked but
-+ * not yet connected parent node. */
-+ if (neighbor == NULL || !((flags & GN_ALLOW_NOT_CONNECTED)
-+ || znode_is_connected(neighbor))) {
-+ return RETERR(-E_NO_NEIGHBOR);
-+ }
-+
-+ /* protect it from deletion. */
-+ zref(neighbor);
-+
-+ rlocked ? read_unlock_tree(tree) : write_unlock_tree(tree);
-+
-+ ret = longterm_lock_znode(result, neighbor, mode, req);
-+
-+ /* The lock handle obtains its own reference, release the one from above. */
-+ zput(neighbor);
-+
-+ rlocked ? read_lock_tree(tree) : write_lock_tree(tree);
-+
-+ /* restart if node we got reference to is being
-+ invalidated. we should not get reference to this node
-+ again. */
-+ if (ret == -EINVAL)
-+ continue;
-+ if (ret)
-+ return ret;
-+
-+ /* check if neighbor link still points to just locked znode;
-+ the link could have been changed while the process slept. */
-+ if (neighbor == GET_NODE_BY_PTR_OFFSET(node, ptr_offset))
-+ return 0;
-+
-+ /* znode was locked by mistake; unlock it and restart locking
-+ process from beginning. */
-+ rlocked ? read_unlock_tree(tree) : write_unlock_tree(tree);
-+ longterm_unlock_znode(result);
-+ rlocked ? read_lock_tree(tree) : write_lock_tree(tree);
-+ }
-+}
-+
-+/* get parent node with longterm lock, accepts GN* flags. */
-+int reiser4_get_parent_flags(lock_handle * lh /* resulting lock handle */ ,
-+ znode * node /* child node */ ,
-+ znode_lock_mode mode
-+ /* type of lock: read or write */ ,
-+ int flags /* GN_* flags */ )
-+{
-+ int result;
-+
-+ read_lock_tree(znode_get_tree(node));
-+ result = lock_neighbor(lh, node, PARENT_PTR_OFFSET, mode,
-+ ZNODE_LOCK_HIPRI, flags, 1);
-+ read_unlock_tree(znode_get_tree(node));
-+ return result;
-+}
-+
-+/* wrapper function to lock right or left neighbor depending on GN_GO_LEFT
-+ bit in @flags parameter */
-+/* Audited by: umka (2002.06.14) */
-+static inline int
-+lock_side_neighbor(lock_handle * result,
-+ znode * node, znode_lock_mode mode, int flags, int rlocked)
-+{
-+ int ret;
-+ int ptr_offset;
-+ znode_lock_request req;
-+
-+ if (flags & GN_GO_LEFT) {
-+ ptr_offset = LEFT_PTR_OFFSET;
-+ req = ZNODE_LOCK_LOPRI;
-+ } else {
-+ ptr_offset = RIGHT_PTR_OFFSET;
-+ req = ZNODE_LOCK_HIPRI;
-+ }
-+
-+ ret =
-+ lock_neighbor(result, node, ptr_offset, mode, req, flags, rlocked);
-+
-+ if (ret == -E_NO_NEIGHBOR) /* if we walk left or right -E_NO_NEIGHBOR does not
-+ * guarantee that neighbor is absent in the
-+ * tree; in this case we return -ENOENT --
-+ * means neighbor at least not found in
-+ * cache */
-+ return RETERR(-ENOENT);
-+
-+ return ret;
-+}
-+
-+#if REISER4_DEBUG
-+
-+int check_sibling_list(znode * node)
-+{
-+ znode *scan;
-+ znode *next;
-+
-+ assert("nikita-3283", LOCK_CNT_GTZ(write_locked_tree));
-+
-+ if (node == NULL)
-+ return 1;
-+
-+ if (ZF_ISSET(node, JNODE_RIP))
-+ return 1;
-+
-+ assert("nikita-3270", node != NULL);
-+ assert_rw_write_locked(&(znode_get_tree(node)->tree_lock));
-+
-+ for (scan = node; znode_is_left_connected(scan); scan = next) {
-+ next = scan->left;
-+ if (next != NULL && !ZF_ISSET(next, JNODE_RIP)) {
-+ assert("nikita-3271", znode_is_right_connected(next));
-+ assert("nikita-3272", next->right == scan);
-+ } else
-+ break;
-+ }
-+ for (scan = node; znode_is_right_connected(scan); scan = next) {
-+ next = scan->right;
-+ if (next != NULL && !ZF_ISSET(next, JNODE_RIP)) {
-+ assert("nikita-3273", znode_is_left_connected(next));
-+ assert("nikita-3274", next->left == scan);
-+ } else
-+ break;
-+ }
-+ return 1;
-+}
-+
-+#endif
-+
-+/* Znode sibling pointers maintenence. */
-+
-+/* Znode sibling pointers are established between any neighbored nodes which are
-+ in cache. There are two znode state bits (JNODE_LEFT_CONNECTED,
-+ JNODE_RIGHT_CONNECTED), if left or right sibling pointer contains actual
-+ value (even NULL), corresponded JNODE_*_CONNECTED bit is set.
-+
-+ Reiser4 tree operations which may allocate new znodes (CBK, tree balancing)
-+ take care about searching (hash table lookup may be required) of znode
-+ neighbors, establishing sibling pointers between them and setting
-+ JNODE_*_CONNECTED state bits. */
-+
-+/* adjusting of sibling pointers and `connected' states for two
-+ neighbors; works if one neighbor is NULL (was not found). */
-+
-+/* FIXME-VS: this is unstatic-ed to use in tree.c in prepare_twig_cut */
-+void link_left_and_right(znode * left, znode * right)
-+{
-+ assert("nikita-3275", check_sibling_list(left));
-+ assert("nikita-3275", check_sibling_list(right));
-+
-+ if (left != NULL) {
-+ if (left->right == NULL) {
-+ left->right = right;
-+ ZF_SET(left, JNODE_RIGHT_CONNECTED);
-+
-+ ON_DEBUG(left->right_version =
-+ atomic_inc_return(&delim_key_version);
-+ );
-+
-+ } else if (ZF_ISSET(left->right, JNODE_HEARD_BANSHEE)
-+ && left->right != right) {
-+
-+ ON_DEBUG(left->right->left_version =
-+ atomic_inc_return(&delim_key_version);
-+ left->right_version =
-+ atomic_inc_return(&delim_key_version););
-+
-+ left->right->left = NULL;
-+ left->right = right;
-+ ZF_SET(left, JNODE_RIGHT_CONNECTED);
-+ } else
-+ /*
-+ * there is a race condition in renew_sibling_link()
-+ * and assertions below check that it is only one
-+ * there. Thread T1 calls renew_sibling_link() without
-+ * GN_NO_ALLOC flag. zlook() doesn't find neighbor
-+ * node, but before T1 gets to the
-+ * link_left_and_right(), another thread T2 creates
-+ * neighbor node and connects it. check for
-+ * left->right == NULL above protects T1 from
-+ * overwriting correct left->right pointer installed
-+ * by T2.
-+ */
-+ assert("nikita-3302",
-+ right == NULL || left->right == right);
-+ }
-+ if (right != NULL) {
-+ if (right->left == NULL) {
-+ right->left = left;
-+ ZF_SET(right, JNODE_LEFT_CONNECTED);
-+
-+ ON_DEBUG(right->left_version =
-+ atomic_inc_return(&delim_key_version);
-+ );
-+
-+ } else if (ZF_ISSET(right->left, JNODE_HEARD_BANSHEE)
-+ && right->left != left) {
-+
-+ ON_DEBUG(right->left->right_version =
-+ atomic_inc_return(&delim_key_version);
-+ right->left_version =
-+ atomic_inc_return(&delim_key_version););
-+
-+ right->left->right = NULL;
-+ right->left = left;
-+ ZF_SET(right, JNODE_LEFT_CONNECTED);
-+
-+ } else
-+ assert("nikita-3303",
-+ left == NULL || right->left == left);
-+ }
-+ assert("nikita-3275", check_sibling_list(left));
-+ assert("nikita-3275", check_sibling_list(right));
-+}
-+
-+/* Audited by: umka (2002.06.14) */
-+static void link_znodes(znode * first, znode * second, int to_left)
-+{
-+ if (to_left)
-+ link_left_and_right(second, first);
-+ else
-+ link_left_and_right(first, second);
-+}
-+
-+/* getting of next (to left or to right, depend on gn_to_left bit in flags)
-+ coord's unit position in horizontal direction, even across node
-+ boundary. Should be called under tree lock, it protects nonexistence of
-+ sibling link on parent level, if lock_side_neighbor() fails with
-+ -ENOENT. */
-+static int far_next_coord(coord_t * coord, lock_handle * handle, int flags)
-+{
-+ int ret;
-+ znode *node;
-+ reiser4_tree *tree;
-+
-+ assert("umka-243", coord != NULL);
-+ assert("umka-244", handle != NULL);
-+ assert("zam-1069", handle->node == NULL);
-+
-+ ret =
-+ (flags & GN_GO_LEFT) ? coord_prev_unit(coord) :
-+ coord_next_unit(coord);
-+ if (!ret)
-+ return 0;
-+
-+ ret =
-+ lock_side_neighbor(handle, coord->node, ZNODE_READ_LOCK, flags, 0);
-+ if (ret)
-+ return ret;
-+
-+ node = handle->node;
-+ tree = znode_get_tree(node);
-+ write_unlock_tree(tree);
-+
-+ coord_init_zero(coord);
-+
-+ /* We avoid synchronous read here if it is specified by flag. */
-+ if ((flags & GN_ASYNC) && znode_page(handle->node) == NULL) {
-+ ret = jstartio(ZJNODE(handle->node));
-+ if (!ret)
-+ ret = -E_REPEAT;
-+ goto error_locked;
-+ }
-+
-+ /* corresponded zrelse() should be called by the clients of
-+ far_next_coord(), in place when this node gets unlocked. */
-+ ret = zload(handle->node);
-+ if (ret)
-+ goto error_locked;
-+
-+ if (flags & GN_GO_LEFT)
-+ coord_init_last_unit(coord, node);
-+ else
-+ coord_init_first_unit(coord, node);
-+
-+ if (0) {
-+ error_locked:
-+ longterm_unlock_znode(handle);
-+ }
-+ write_lock_tree(tree);
-+ return ret;
-+}
-+
-+/* Very significant function which performs a step in horizontal direction
-+ when sibling pointer is not available. Actually, it is only function which
-+ does it.
-+ Note: this function does not restore locking status at exit,
-+ caller should does care about proper unlocking and zrelsing */
-+static int
-+renew_sibling_link(coord_t * coord, lock_handle * handle, znode * child,
-+ tree_level level, int flags, int *nr_locked)
-+{
-+ int ret;
-+ int to_left = flags & GN_GO_LEFT;
-+ reiser4_block_nr da;
-+ /* parent of the neighbor node; we set it to parent until not sharing
-+ of one parent between child and neighbor node is detected */
-+ znode *side_parent = coord->node;
-+ reiser4_tree *tree = znode_get_tree(child);
-+ znode *neighbor = NULL;
-+
-+ assert("umka-245", coord != NULL);
-+ assert("umka-246", handle != NULL);
-+ assert("umka-247", child != NULL);
-+ assert("umka-303", tree != NULL);
-+
-+ init_lh(handle);
-+ write_lock_tree(tree);
-+ ret = far_next_coord(coord, handle, flags);
-+
-+ if (ret) {
-+ if (ret != -ENOENT) {
-+ write_unlock_tree(tree);
-+ return ret;
-+ }
-+ } else {
-+ item_plugin *iplug;
-+
-+ if (handle->node != NULL) {
-+ (*nr_locked)++;
-+ side_parent = handle->node;
-+ }
-+
-+ /* does coord object points to internal item? We do not
-+ support sibling pointers between znode for formatted and
-+ unformatted nodes and return -E_NO_NEIGHBOR in that case. */
-+ iplug = item_plugin_by_coord(coord);
-+ if (!item_is_internal(coord)) {
-+ link_znodes(child, NULL, to_left);
-+ write_unlock_tree(tree);
-+ /* we know there can't be formatted neighbor */
-+ return RETERR(-E_NO_NEIGHBOR);
-+ }
-+ write_unlock_tree(tree);
-+
-+ iplug->s.internal.down_link(coord, NULL, &da);
-+
-+ if (flags & GN_NO_ALLOC) {
-+ neighbor = zlook(tree, &da);
-+ } else {
-+ neighbor =
-+ zget(tree, &da, side_parent, level, get_gfp_mask());
-+ }
-+
-+ if (IS_ERR(neighbor)) {
-+ ret = PTR_ERR(neighbor);
-+ return ret;
-+ }
-+
-+ if (neighbor)
-+ /* update delimiting keys */
-+ set_child_delimiting_keys(coord->node, coord, neighbor);
-+
-+ write_lock_tree(tree);
-+ }
-+
-+ if (likely(neighbor == NULL ||
-+ (znode_get_level(child) == znode_get_level(neighbor)
-+ && child != neighbor)))
-+ link_znodes(child, neighbor, to_left);
-+ else {
-+ warning("nikita-3532",
-+ "Sibling nodes on the different levels: %i != %i\n",
-+ znode_get_level(child), znode_get_level(neighbor));
-+ ret = RETERR(-EIO);
-+ }
-+
-+ write_unlock_tree(tree);
-+
-+ /* if GN_NO_ALLOC isn't set we keep reference to neighbor znode */
-+ if (neighbor != NULL && (flags & GN_NO_ALLOC))
-+ /* atomic_dec(&ZJNODE(neighbor)->x_count); */
-+ zput(neighbor);
-+
-+ return ret;
-+}
-+
-+/* This function is for establishing of one side relation. */
-+/* Audited by: umka (2002.06.14) */
-+static int connect_one_side(coord_t * coord, znode * node, int flags)
-+{
-+ coord_t local;
-+ lock_handle handle;
-+ int nr_locked;
-+ int ret;
-+
-+ assert("umka-248", coord != NULL);
-+ assert("umka-249", node != NULL);
-+
-+ coord_dup_nocheck(&local, coord);
-+
-+ init_lh(&handle);
-+
-+ ret =
-+ renew_sibling_link(&local, &handle, node, znode_get_level(node),
-+ flags | GN_NO_ALLOC, &nr_locked);
-+
-+ if (handle.node != NULL) {
-+ /* complementary operations for zload() and lock() in far_next_coord() */
-+ zrelse(handle.node);
-+ longterm_unlock_znode(&handle);
-+ }
-+
-+ /* we catch error codes which are not interesting for us because we
-+ run renew_sibling_link() only for znode connection. */
-+ if (ret == -ENOENT || ret == -E_NO_NEIGHBOR)
-+ return 0;
-+
-+ return ret;
-+}
-+
-+/* if @child is not in `connected' state, performs hash searches for left and
-+ right neighbor nodes and establishes horizontal sibling links */
-+/* Audited by: umka (2002.06.14), umka (2002.06.15) */
-+int connect_znode(coord_t * parent_coord, znode * child)
-+{
-+ reiser4_tree *tree = znode_get_tree(child);
-+ int ret = 0;
-+
-+ assert("zam-330", parent_coord != NULL);
-+ assert("zam-331", child != NULL);
-+ assert("zam-332", parent_coord->node != NULL);
-+ assert("umka-305", tree != NULL);
-+
-+ /* it is trivial to `connect' root znode because it can't have
-+ neighbors */
-+ if (znode_above_root(parent_coord->node)) {
-+ child->left = NULL;
-+ child->right = NULL;
-+ ZF_SET(child, JNODE_LEFT_CONNECTED);
-+ ZF_SET(child, JNODE_RIGHT_CONNECTED);
-+
-+ ON_DEBUG(child->left_version =
-+ atomic_inc_return(&delim_key_version);
-+ child->right_version =
-+ atomic_inc_return(&delim_key_version););
-+
-+ return 0;
-+ }
-+
-+ /* load parent node */
-+ coord_clear_iplug(parent_coord);
-+ ret = zload(parent_coord->node);
-+
-+ if (ret != 0)
-+ return ret;
-+
-+ /* protect `connected' state check by tree_lock */
-+ read_lock_tree(tree);
-+
-+ if (!znode_is_right_connected(child)) {
-+ read_unlock_tree(tree);
-+ /* connect right (default is right) */
-+ ret = connect_one_side(parent_coord, child, GN_NO_ALLOC);
-+ if (ret)
-+ goto zrelse_and_ret;
-+
-+ read_lock_tree(tree);
-+ }
-+
-+ ret = znode_is_left_connected(child);
-+
-+ read_unlock_tree(tree);
-+
-+ if (!ret) {
-+ ret =
-+ connect_one_side(parent_coord, child,
-+ GN_NO_ALLOC | GN_GO_LEFT);
-+ } else
-+ ret = 0;
-+
-+ zrelse_and_ret:
-+ zrelse(parent_coord->node);
-+
-+ return ret;
-+}
-+
-+/* this function is like renew_sibling_link() but allocates neighbor node if
-+ it doesn't exist and `connects' it. It may require making two steps in
-+ horizontal direction, first one for neighbor node finding/allocation,
-+ second one is for finding neighbor of neighbor to connect freshly allocated
-+ znode. */
-+/* Audited by: umka (2002.06.14), umka (2002.06.15) */
-+static int
-+renew_neighbor(coord_t * coord, znode * node, tree_level level, int flags)
-+{
-+ coord_t local;
-+ lock_handle empty[2];
-+ reiser4_tree *tree = znode_get_tree(node);
-+ znode *neighbor = NULL;
-+ int nr_locked = 0;
-+ int ret;
-+
-+ assert("umka-250", coord != NULL);
-+ assert("umka-251", node != NULL);
-+ assert("umka-307", tree != NULL);
-+ assert("umka-308", level <= tree->height);
-+
-+ /* umka (2002.06.14)
-+ Here probably should be a check for given "level" validness.
-+ Something like assert("xxx-yyy", level < REAL_MAX_ZTREE_HEIGHT);
-+ */
-+
-+ coord_dup(&local, coord);
-+
-+ ret =
-+ renew_sibling_link(&local, &empty[0], node, level,
-+ flags & ~GN_NO_ALLOC, &nr_locked);
-+ if (ret)
-+ goto out;
-+
-+ /* tree lock is not needed here because we keep parent node(s) locked
-+ and reference to neighbor znode incremented */
-+ neighbor = (flags & GN_GO_LEFT) ? node->left : node->right;
-+
-+ read_lock_tree(tree);
-+ ret = znode_is_connected(neighbor);
-+ read_unlock_tree(tree);
-+ if (ret) {
-+ ret = 0;
-+ goto out;
-+ }
-+
-+ ret =
-+ renew_sibling_link(&local, &empty[nr_locked], neighbor, level,
-+ flags | GN_NO_ALLOC, &nr_locked);
-+ /* second renew_sibling_link() call is used for znode connection only,
-+ so we can live with these errors */
-+ if (-ENOENT == ret || -E_NO_NEIGHBOR == ret)
-+ ret = 0;
-+
-+ out:
-+
-+ for (--nr_locked; nr_locked >= 0; --nr_locked) {
-+ zrelse(empty[nr_locked].node);
-+ longterm_unlock_znode(&empty[nr_locked]);
-+ }
-+
-+ if (neighbor != NULL)
-+ /* decrement znode reference counter without actually
-+ releasing it. */
-+ atomic_dec(&ZJNODE(neighbor)->x_count);
-+
-+ return ret;
-+}
-+
-+/*
-+ reiser4_get_neighbor() -- lock node's neighbor.
-+
-+ reiser4_get_neighbor() locks node's neighbor (left or right one, depends on
-+ given parameter) using sibling link to it. If sibling link is not available
-+ (i.e. neighbor znode is not in cache) and flags allow read blocks, we go one
-+ level up for information about neighbor's disk address. We lock node's
-+ parent, if it is common parent for both 'node' and its neighbor, neighbor's
-+ disk address is in next (to left or to right) down link from link that points
-+ to original node. If not, we need to lock parent's neighbor, read its content
-+ and take first(last) downlink with neighbor's disk address. That locking
-+ could be done by using sibling link and lock_neighbor() function, if sibling
-+ link exists. In another case we have to go level up again until we find
-+ common parent or valid sibling link. Then go down
-+ allocating/connecting/locking/reading nodes until neighbor of first one is
-+ locked.
-+
-+ @neighbor: result lock handle,
-+ @node: a node which we lock neighbor of,
-+ @lock_mode: lock mode {LM_READ, LM_WRITE},
-+ @flags: logical OR of {GN_*} (see description above) subset.
-+
-+ @return: 0 if success, negative value if lock was impossible due to an error
-+ or lack of neighbor node.
-+*/
-+
-+/* Audited by: umka (2002.06.14), umka (2002.06.15) */
-+int
-+reiser4_get_neighbor(lock_handle * neighbor, znode * node,
-+ znode_lock_mode lock_mode, int flags)
-+{
-+ reiser4_tree *tree = znode_get_tree(node);
-+ lock_handle path[REAL_MAX_ZTREE_HEIGHT];
-+
-+ coord_t coord;
-+
-+ tree_level base_level;
-+ tree_level h = 0;
-+ int ret;
-+
-+ assert("umka-252", tree != NULL);
-+ assert("umka-253", neighbor != NULL);
-+ assert("umka-254", node != NULL);
-+
-+ base_level = znode_get_level(node);
-+
-+ assert("umka-310", base_level <= tree->height);
-+
-+ coord_init_zero(&coord);
-+
-+ again:
-+ /* first, we try to use simple lock_neighbor() which requires sibling
-+ link existence */
-+ read_lock_tree(tree);
-+ ret = lock_side_neighbor(neighbor, node, lock_mode, flags, 1);
-+ read_unlock_tree(tree);
-+ if (!ret) {
-+ /* load znode content if it was specified */
-+ if (flags & GN_LOAD_NEIGHBOR) {
-+ ret = zload(node);
-+ if (ret)
-+ longterm_unlock_znode(neighbor);
-+ }
-+ return ret;
-+ }
-+
-+ /* only -ENOENT means we may look upward and try to connect
-+ @node with its neighbor (if @flags allow us to do it) */
-+ if (ret != -ENOENT || !(flags & GN_CAN_USE_UPPER_LEVELS))
-+ return ret;
-+
-+ /* before establishing of sibling link we lock parent node; it is
-+ required by renew_neighbor() to work. */
-+ init_lh(&path[0]);
-+ ret = reiser4_get_parent(&path[0], node, ZNODE_READ_LOCK);
-+ if (ret)
-+ return ret;
-+ if (znode_above_root(path[0].node)) {
-+ longterm_unlock_znode(&path[0]);
-+ return RETERR(-E_NO_NEIGHBOR);
-+ }
-+
-+ while (1) {
-+ znode *child = (h == 0) ? node : path[h - 1].node;
-+ znode *parent = path[h].node;
-+
-+ ret = zload(parent);
-+ if (ret)
-+ break;
-+
-+ ret = find_child_ptr(parent, child, &coord);
-+
-+ if (ret) {
-+ zrelse(parent);
-+ break;
-+ }
-+
-+ /* try to establish missing sibling link */
-+ ret = renew_neighbor(&coord, child, h + base_level, flags);
-+
-+ zrelse(parent);
-+
-+ switch (ret) {
-+ case 0:
-+ /* unlocking of parent znode prevents simple
-+ deadlock situation */
-+ done_lh(&path[h]);
-+
-+ /* depend on tree level we stay on we repeat first
-+ locking attempt ... */
-+ if (h == 0)
-+ goto again;
-+
-+ /* ... or repeat establishing of sibling link at
-+ one level below. */
-+ --h;
-+ break;
-+
-+ case -ENOENT:
-+ /* sibling link is not available -- we go
-+ upward. */
-+ init_lh(&path[h + 1]);
-+ ret =
-+ reiser4_get_parent(&path[h + 1], parent,
-+ ZNODE_READ_LOCK);
-+ if (ret)
-+ goto fail;
-+ ++h;
-+ if (znode_above_root(path[h].node)) {
-+ ret = RETERR(-E_NO_NEIGHBOR);
-+ goto fail;
-+ }
-+ break;
-+
-+ case -E_DEADLOCK:
-+ /* there was lock request from hi-pri locker. if
-+ it is possible we unlock last parent node and
-+ re-lock it again. */
-+ for (; check_deadlock(); h--) {
-+ done_lh(&path[h]);
-+ if (h == 0)
-+ goto fail;
-+ }
-+
-+ break;
-+
-+ default: /* other errors. */
-+ goto fail;
-+ }
-+ }
-+ fail:
-+ ON_DEBUG(check_lock_node_data(node));
-+ ON_DEBUG(check_lock_data());
-+
-+ /* unlock path */
-+ do {
-+ /* FIXME-Zam: when we get here from case -E_DEADLOCK's goto
-+ fail; path[0] is already done_lh-ed, therefore
-+ longterm_unlock_znode(&path[h]); is not applicable */
-+ done_lh(&path[h]);
-+ --h;
-+ } while (h + 1 != 0);
-+
-+ return ret;
-+}
-+
-+/* remove node from sibling list */
-+/* Audited by: umka (2002.06.14) */
-+void sibling_list_remove(znode * node)
-+{
-+ reiser4_tree *tree;
-+
-+ tree = znode_get_tree(node);
-+ assert("umka-255", node != NULL);
-+ assert_rw_write_locked(&(tree->tree_lock));
-+ assert("nikita-3275", check_sibling_list(node));
-+
-+ write_lock_dk(tree);
-+ if (znode_is_right_connected(node) && node->right != NULL &&
-+ znode_is_left_connected(node) && node->left != NULL) {
-+ assert("zam-32245",
-+ keyeq(znode_get_rd_key(node),
-+ znode_get_ld_key(node->right)));
-+ znode_set_rd_key(node->left, znode_get_ld_key(node->right));
-+ }
-+ write_unlock_dk(tree);
-+
-+ if (znode_is_right_connected(node) && node->right != NULL) {
-+ assert("zam-322", znode_is_left_connected(node->right));
-+ node->right->left = node->left;
-+ ON_DEBUG(node->right->left_version =
-+ atomic_inc_return(&delim_key_version);
-+ );
-+ }
-+ if (znode_is_left_connected(node) && node->left != NULL) {
-+ assert("zam-323", znode_is_right_connected(node->left));
-+ node->left->right = node->right;
-+ ON_DEBUG(node->left->right_version =
-+ atomic_inc_return(&delim_key_version);
-+ );
-+ }
-+
-+ ZF_CLR(node, JNODE_LEFT_CONNECTED);
-+ ZF_CLR(node, JNODE_RIGHT_CONNECTED);
-+ ON_DEBUG(node->left = node->right = NULL;
-+ node->left_version = atomic_inc_return(&delim_key_version);
-+ node->right_version = atomic_inc_return(&delim_key_version););
-+ assert("nikita-3276", check_sibling_list(node));
-+}
-+
-+/* disconnect node from sibling list */
-+void sibling_list_drop(znode * node)
-+{
-+ znode *right;
-+ znode *left;
-+
-+ assert("nikita-2464", node != NULL);
-+ assert("nikita-3277", check_sibling_list(node));
-+
-+ right = node->right;
-+ if (right != NULL) {
-+ assert("nikita-2465", znode_is_left_connected(right));
-+ right->left = NULL;
-+ ON_DEBUG(right->left_version =
-+ atomic_inc_return(&delim_key_version);
-+ );
-+ }
-+ left = node->left;
-+ if (left != NULL) {
-+ assert("zam-323", znode_is_right_connected(left));
-+ left->right = NULL;
-+ ON_DEBUG(left->right_version =
-+ atomic_inc_return(&delim_key_version);
-+ );
-+ }
-+ ZF_CLR(node, JNODE_LEFT_CONNECTED);
-+ ZF_CLR(node, JNODE_RIGHT_CONNECTED);
-+ ON_DEBUG(node->left = node->right = NULL;
-+ node->left_version = atomic_inc_return(&delim_key_version);
-+ node->right_version = atomic_inc_return(&delim_key_version););
-+}
-+
-+/* Insert new node into sibling list. Regular balancing inserts new node
-+ after (at right side) existing and locked node (@before), except one case
-+ of adding new tree root node. @before should be NULL in that case. */
-+void sibling_list_insert_nolock(znode * new, znode * before)
-+{
-+ assert("zam-334", new != NULL);
-+ assert("nikita-3298", !znode_is_left_connected(new));
-+ assert("nikita-3299", !znode_is_right_connected(new));
-+ assert("nikita-3300", new->left == NULL);
-+ assert("nikita-3301", new->right == NULL);
-+ assert("nikita-3278", check_sibling_list(new));
-+ assert("nikita-3279", check_sibling_list(before));
-+
-+ if (before != NULL) {
-+ assert("zam-333", znode_is_connected(before));
-+ new->right = before->right;
-+ new->left = before;
-+ ON_DEBUG(new->right_version =
-+ atomic_inc_return(&delim_key_version);
-+ new->left_version =
-+ atomic_inc_return(&delim_key_version););
-+ if (before->right != NULL) {
-+ before->right->left = new;
-+ ON_DEBUG(before->right->left_version =
-+ atomic_inc_return(&delim_key_version);
-+ );
-+ }
-+ before->right = new;
-+ ON_DEBUG(before->right_version =
-+ atomic_inc_return(&delim_key_version);
-+ );
-+ } else {
-+ new->right = NULL;
-+ new->left = NULL;
-+ ON_DEBUG(new->right_version =
-+ atomic_inc_return(&delim_key_version);
-+ new->left_version =
-+ atomic_inc_return(&delim_key_version););
-+ }
-+ ZF_SET(new, JNODE_LEFT_CONNECTED);
-+ ZF_SET(new, JNODE_RIGHT_CONNECTED);
-+ assert("nikita-3280", check_sibling_list(new));
-+ assert("nikita-3281", check_sibling_list(before));
-+}
-+
-+/*
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 80
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/tree_walk.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/tree_walk.h
-@@ -0,0 +1,125 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+/* definitions of reiser4 tree walk functions */
-+
-+#ifndef __FS_REISER4_TREE_WALK_H__
-+#define __FS_REISER4_TREE_WALK_H__
-+
-+#include "debug.h"
-+#include "forward.h"
-+
-+/* establishes horizontal links between cached znodes */
-+int connect_znode(coord_t * coord, znode * node);
-+
-+/* tree traversal functions (reiser4_get_parent(), reiser4_get_neighbor())
-+ have the following common arguments:
-+
-+ return codes:
-+
-+ @return : 0 - OK,
-+
-+ZAM-FIXME-HANS: wrong return code name. Change them all.
-+ -ENOENT - neighbor is not in cache, what is detected by sibling
-+ link absence.
-+
-+ -E_NO_NEIGHBOR - we are sure that neighbor (or parent) node cannot be
-+ found (because we are left-/right- most node of the
-+ tree, for example). Also, this return code is for
-+ reiser4_get_parent() when we see no parent link -- it
-+ means that our node is root node.
-+
-+ -E_DEADLOCK - deadlock detected (request from high-priority process
-+ received), other error codes are conformed to
-+ /usr/include/asm/errno.h .
-+*/
-+
-+int
-+reiser4_get_parent_flags(lock_handle * result, znode * node,
-+ znode_lock_mode mode, int flags);
-+
-+/* bits definition for reiser4_get_neighbor function `flags' arg. */
-+typedef enum {
-+ /* If sibling pointer is NULL, this flag allows get_neighbor() to try to
-+ * find not allocated not connected neigbor by going though upper
-+ * levels */
-+ GN_CAN_USE_UPPER_LEVELS = 0x1,
-+ /* locking left neighbor instead of right one */
-+ GN_GO_LEFT = 0x2,
-+ /* automatically load neighbor node content */
-+ GN_LOAD_NEIGHBOR = 0x4,
-+ /* return -E_REPEAT if can't lock */
-+ GN_TRY_LOCK = 0x8,
-+ /* used internally in tree_walk.c, causes renew_sibling to not
-+ allocate neighbor znode, but only search for it in znode cache */
-+ GN_NO_ALLOC = 0x10,
-+ /* do not go across atom boundaries */
-+ GN_SAME_ATOM = 0x20,
-+ /* allow to lock not connected nodes */
-+ GN_ALLOW_NOT_CONNECTED = 0x40,
-+ /* Avoid synchronous jload, instead, call jstartio() and return -E_REPEAT. */
-+ GN_ASYNC = 0x80
-+} znode_get_neigbor_flags;
-+
-+/* A commonly used wrapper for reiser4_get_parent_flags(). */
-+static inline int reiser4_get_parent(lock_handle * result, znode * node,
-+ znode_lock_mode mode)
-+{
-+ return reiser4_get_parent_flags(result, node, mode,
-+ GN_ALLOW_NOT_CONNECTED);
-+}
-+
-+int reiser4_get_neighbor(lock_handle * neighbor, znode * node,
-+ znode_lock_mode lock_mode, int flags);
-+
-+/* there are wrappers for most common usages of reiser4_get_neighbor() */
-+static inline int
-+reiser4_get_left_neighbor(lock_handle * result, znode * node, int lock_mode,
-+ int flags)
-+{
-+ return reiser4_get_neighbor(result, node, lock_mode,
-+ flags | GN_GO_LEFT);
-+}
-+
-+static inline int
-+reiser4_get_right_neighbor(lock_handle * result, znode * node, int lock_mode,
-+ int flags)
-+{
-+ ON_DEBUG(check_lock_node_data(node));
-+ ON_DEBUG(check_lock_data());
-+ return reiser4_get_neighbor(result, node, lock_mode,
-+ flags & (~GN_GO_LEFT));
-+}
-+
-+extern void sibling_list_remove(znode * node);
-+extern void sibling_list_drop(znode * node);
-+extern void sibling_list_insert_nolock(znode * new, znode * before);
-+extern void link_left_and_right(znode * left, znode * right);
-+
-+/* Functions called by tree_walk() when tree_walk() ... */
-+struct tree_walk_actor {
-+ /* ... meets a formatted node, */
-+ int (*process_znode) (tap_t *, void *);
-+ /* ... meets an extent, */
-+ int (*process_extent) (tap_t *, void *);
-+ /* ... begins tree traversal or repeats it after -E_REPEAT was returned by
-+ * node or extent processing functions. */
-+ int (*before) (void *);
-+};
-+
-+#if REISER4_DEBUG
-+int check_sibling_list(znode * node);
-+#else
-+#define check_sibling_list(n) (1)
-+#endif
-+
-+#endif /* __FS_REISER4_TREE_WALK_H__ */
-+
-+/*
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/txnmgr.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/txnmgr.c
-@@ -0,0 +1,3158 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* Joshua MacDonald wrote the first draft of this code. */
-+
-+/* ZAM-LONGTERM-FIXME-HANS: The locking in this file is badly designed, and a
-+filesystem scales only as well as its worst locking design. You need to
-+substantially restructure this code. Josh was not as experienced a programmer
-+as you. Particularly review how the locking style differs from what you did
-+for znodes usingt hi-lo priority locking, and present to me an opinion on
-+whether the differences are well founded. */
-+
-+/* I cannot help but to disagree with the sentiment above. Locking of
-+ * transaction manager is _not_ badly designed, and, at the very least, is not
-+ * the scaling bottleneck. Scaling bottleneck is _exactly_ hi-lo priority
-+ * locking on znodes, especially on the root node of the tree. --nikita,
-+ * 2003.10.13 */
-+
-+/* The txnmgr is a set of interfaces that keep track of atoms and transcrash handles. The
-+ txnmgr processes capture_block requests and manages the relationship between jnodes and
-+ atoms through the various stages of a transcrash, and it also oversees the fusion and
-+ capture-on-copy processes. The main difficulty with this task is maintaining a
-+ deadlock-free lock ordering between atoms and jnodes/handles. The reason for the
-+ difficulty is that jnodes, handles, and atoms contain pointer circles, and the cycle
-+ must be broken. The main requirement is that atom-fusion be deadlock free, so once you
-+ hold the atom_lock you may then wait to acquire any jnode or handle lock. This implies
-+ that any time you check the atom-pointer of a jnode or handle and then try to lock that
-+ atom, you must use trylock() and possibly reverse the order.
-+
-+ This code implements the design documented at:
-+
-+ http://namesys.com/txn-doc.html
-+
-+ZAM-FIXME-HANS: update v4.html to contain all of the information present in the above (but updated), and then remove the
-+above document and reference the new. Be sure to provide some credit to Josh. I already have some writings on this
-+topic in v4.html, but they are lacking in details present in the above. Cure that. Remember to write for the bright 12
-+year old --- define all technical terms used.
-+
-+*/
-+
-+/* Thoughts on the external transaction interface:
-+
-+ In the current code, a TRANSCRASH handle is created implicitly by init_context() (which
-+ creates state that lasts for the duration of a system call and is called at the start
-+ of ReiserFS methods implementing VFS operations), and closed by reiser4_exit_context(),
-+ occupying the scope of a single system call. We wish to give certain applications an
-+ interface to begin and close (commit) transactions. Since our implementation of
-+ transactions does not yet support isolation, allowing an application to open a
-+ transaction implies trusting it to later close the transaction. Part of the
-+ transaction interface will be aimed at enabling that trust, but the interface for
-+ actually using transactions is fairly narrow.
-+
-+ BEGIN_TRANSCRASH: Returns a transcrash identifier. It should be possible to translate
-+ this identifier into a string that a shell-script could use, allowing you to start a
-+ transaction by issuing a command. Once open, the transcrash should be set in the task
-+ structure, and there should be options (I suppose) to allow it to be carried across
-+ fork/exec. A transcrash has several options:
-+
-+ - READ_FUSING or WRITE_FUSING: The default policy is for txn-capture to capture only
-+ on writes (WRITE_FUSING) and allow "dirty reads". If the application wishes to
-+ capture on reads as well, it should set READ_FUSING.
-+
-+ - TIMEOUT: Since a non-isolated transcrash cannot be undone, every transcrash must
-+ eventually close (or else the machine must crash). If the application dies an
-+ unexpected death with an open transcrash, for example, or if it hangs for a long
-+ duration, one solution (to avoid crashing the machine) is to simply close it anyway.
-+ This is a dangerous option, but it is one way to solve the problem until isolated
-+ transcrashes are available for untrusted applications.
-+
-+ It seems to be what databases do, though it is unclear how one avoids a DoS attack
-+ creating a vulnerability based on resource starvation. Guaranteeing that some
-+ minimum amount of computational resources are made available would seem more correct
-+ than guaranteeing some amount of time. When we again have someone to code the work,
-+ this issue should be considered carefully. -Hans
-+
-+ RESERVE_BLOCKS: A running transcrash should indicate to the transaction manager how
-+ many dirty blocks it expects. The reserve_blocks interface should be called at a point
-+ where it is safe for the application to fail, because the system may not be able to
-+ grant the allocation and the application must be able to back-out. For this reason,
-+ the number of reserve-blocks can also be passed as an argument to BEGIN_TRANSCRASH, but
-+ the application may also wish to extend the allocation after beginning its transcrash.
-+
-+ CLOSE_TRANSCRASH: The application closes the transcrash when it is finished making
-+ modifications that require transaction protection. When isolated transactions are
-+ supported the CLOSE operation is replaced by either COMMIT or ABORT. For example, if a
-+ RESERVE_BLOCKS call fails for the application, it should "abort" by calling
-+ CLOSE_TRANSCRASH, even though it really commits any changes that were made (which is
-+ why, for safety, the application should call RESERVE_BLOCKS before making any changes).
-+
-+ For actually implementing these out-of-system-call-scopped transcrashes, the
-+ reiser4_context has a "txn_handle *trans" pointer that may be set to an open
-+ transcrash. Currently there are no dynamically-allocated transcrashes, but there is a
-+ "kmem_cache_t *_txnh_slab" created for that purpose in this file.
-+*/
-+
-+/* Extending the other system call interfaces for future transaction features:
-+
-+ Specialized applications may benefit from passing flags to the ordinary system call
-+ interface such as read(), write(), or stat(). For example, the application specifies
-+ WRITE_FUSING by default but wishes to add that a certain read() command should be
-+ treated as READ_FUSING. But which read? Is it the directory-entry read, the stat-data
-+ read, or the file-data read? These issues are straight-forward, but there are a lot of
-+ them and adding the necessary flags-passing code will be tedious.
-+
-+ When supporting isolated transactions, there is a corresponding READ_MODIFY_WRITE (RMW)
-+ flag, which specifies that although it is a read operation being requested, a
-+ write-lock should be taken. The reason is that read-locks are shared while write-locks
-+ are exclusive, so taking a read-lock when a later-write is known in advance will often
-+ leads to deadlock. If a reader knows it will write later, it should issue read
-+ requests with the RMW flag set.
-+*/
-+
-+/*
-+ The znode/atom deadlock avoidance.
-+
-+ FIXME(Zam): writing of this comment is in progress.
-+
-+ The atom's special stage ASTAGE_CAPTURE_WAIT introduces a kind of atom's
-+ long-term locking, which makes reiser4 locking scheme more complex. It had
-+ deadlocks until we implement deadlock avoidance algorithms. That deadlocks
-+ looked as the following: one stopped thread waits for a long-term lock on
-+ znode, the thread who owns that lock waits when fusion with another atom will
-+ be allowed.
-+
-+ The source of the deadlocks is an optimization of not capturing index nodes
-+ for read. Let's prove it. Suppose we have dumb node capturing scheme which
-+ unconditionally captures each block before locking it.
-+
-+ That scheme has no deadlocks. Let's begin with the thread which stage is
-+ ASTAGE_CAPTURE_WAIT and it waits for a znode lock. The thread can't wait for
-+ a capture because it's stage allows fusion with any atom except which are
-+ being committed currently. A process of atom commit can't deadlock because
-+ atom commit procedure does not acquire locks and does not fuse with other
-+ atoms. Reiser4 does capturing right before going to sleep inside the
-+ longtertm_lock_znode() function, it means the znode which we want to lock is
-+ already captured and its atom is in ASTAGE_CAPTURE_WAIT stage. If we
-+ continue the analysis we understand that no one process in the sequence may
-+ waits atom fusion. Thereby there are no deadlocks of described kind.
-+
-+ The capturing optimization makes the deadlocks possible. A thread can wait a
-+ lock which owner did not captured that node. The lock owner's current atom
-+ is not fused with the first atom and it does not get a ASTAGE_CAPTURE_WAIT
-+ state. A deadlock is possible when that atom meets another one which is in
-+ ASTAGE_CAPTURE_WAIT already.
-+
-+ The deadlock avoidance scheme includes two algorithms:
-+
-+ First algorithm is used when a thread captures a node which is locked but not
-+ captured by another thread. Those nodes are marked MISSED_IN_CAPTURE at the
-+ moment we skip their capturing. If such a node (marked MISSED_IN_CAPTURE) is
-+ being captured by a thread with current atom is in ASTAGE_CAPTURE_WAIT, the
-+ routine which forces all lock owners to join with current atom is executed.
-+
-+ Second algorithm does not allow to skip capturing of already captured nodes.
-+
-+ Both algorithms together prevent waiting a longterm lock without atom fusion
-+ with atoms of all lock owners, which is a key thing for getting atom/znode
-+ locking deadlocks.
-+*/
-+
-+/*
-+ * Transactions and mmap(2).
-+ *
-+ * 1. Transactions are not supported for accesses through mmap(2), because
-+ * this would effectively amount to user-level transactions whose duration
-+ * is beyond control of the kernel.
-+ *
-+ * 2. That said, we still want to preserve some decency with regard to
-+ * mmap(2). During normal write(2) call, following sequence of events
-+ * happens:
-+ *
-+ * 1. page is created;
-+ *
-+ * 2. jnode is created, dirtied and captured into current atom.
-+ *
-+ * 3. extent is inserted and modified.
-+ *
-+ * Steps (2) and (3) take place under long term lock on the twig node.
-+ *
-+ * When file is accessed through mmap(2) page is always created during
-+ * page fault. After this (in reiser4_readpage()->readpage_extent()):
-+ *
-+ * 1. if access is made to non-hole page new jnode is created, (if
-+ * necessary)
-+ *
-+ * 2. if access is made to the hole page, jnode is not created (XXX
-+ * not clear why).
-+ *
-+ * Also, even if page is created by write page fault it is not marked
-+ * dirty immediately by handle_mm_fault(). Probably this is to avoid races
-+ * with page write-out.
-+ *
-+ * Dirty bit installed by hardware is only transferred to the struct page
-+ * later, when page is unmapped (in zap_pte_range(), or
-+ * try_to_unmap_one()).
-+ *
-+ * So, with mmap(2) we have to handle following irksome situations:
-+ *
-+ * 1. there exists modified page (clean or dirty) without jnode
-+ *
-+ * 2. there exists modified page (clean or dirty) with clean jnode
-+ *
-+ * 3. clean page which is a part of atom can be transparently modified
-+ * at any moment through mapping without becoming dirty.
-+ *
-+ * (1) and (2) can lead to the out-of-memory situation: ->writepage()
-+ * doesn't know what to do with such pages and ->sync_sb()/->writepages()
-+ * don't see them, because these methods operate on atoms.
-+ *
-+ * (3) can lead to the loss of data: suppose we have dirty page with dirty
-+ * captured jnode captured by some atom. As part of early flush (for
-+ * example) page was written out. Dirty bit was cleared on both page and
-+ * jnode. After this page is modified through mapping, but kernel doesn't
-+ * notice and just discards page and jnode as part of commit. (XXX
-+ * actually it doesn't, because to reclaim page ->releasepage() has to be
-+ * called and before this dirty bit will be transferred to the struct
-+ * page).
-+ *
-+ */
-+
-+#include "debug.h"
-+#include "txnmgr.h"
-+#include "jnode.h"
-+#include "znode.h"
-+#include "block_alloc.h"
-+#include "tree.h"
-+#include "wander.h"
-+#include "ktxnmgrd.h"
-+#include "super.h"
-+#include "page_cache.h"
-+#include "reiser4.h"
-+#include "vfs_ops.h"
-+#include "inode.h"
-+#include "flush.h"
-+
-+#include <asm/atomic.h>
-+#include <linux/types.h>
-+#include <linux/fs.h>
-+#include <linux/mm.h>
-+#include <linux/slab.h>
-+#include <linux/pagemap.h>
-+#include <linux/writeback.h>
-+#include <linux/swap.h> /* for totalram_pages */
-+
-+static void atom_free(txn_atom * atom);
-+
-+static int commit_txnh(txn_handle * txnh);
-+
-+static void wakeup_atom_waitfor_list(txn_atom * atom);
-+static void wakeup_atom_waiting_list(txn_atom * atom);
-+
-+static void capture_assign_txnh_nolock(txn_atom * atom, txn_handle * txnh);
-+
-+static void capture_assign_block_nolock(txn_atom * atom, jnode * node);
-+
-+static void fuse_not_fused_lock_owners(txn_handle * txnh, znode * node);
-+
-+static int capture_init_fusion(jnode * node, txn_handle * txnh,
-+ txn_capture mode);
-+
-+static int capture_fuse_wait(txn_handle *, txn_atom *, txn_atom *, txn_capture);
-+
-+static void capture_fuse_into(txn_atom * small, txn_atom * large);
-+
-+void invalidate_list(struct list_head *);
-+
-+/* GENERIC STRUCTURES */
-+
-+typedef struct _txn_wait_links txn_wait_links;
-+
-+struct _txn_wait_links {
-+ lock_stack *_lock_stack;
-+ struct list_head _fwaitfor_link;
-+ struct list_head _fwaiting_link;
-+ int (*waitfor_cb) (txn_atom * atom, struct _txn_wait_links * wlinks);
-+ int (*waiting_cb) (txn_atom * atom, struct _txn_wait_links * wlinks);
-+};
-+
-+/* FIXME: In theory, we should be using the slab cache init & destructor
-+ methods instead of, e.g., jnode_init, etc. */
-+static kmem_cache_t *_atom_slab = NULL;
-+/* this is for user-visible, cross system-call transactions. */
-+static kmem_cache_t *_txnh_slab = NULL;
-+
-+/**
-+ * init_txnmgr_static - create transaction manager slab caches
-+ *
-+ * Initializes caches of txn-atoms and txn_handle. It is part of reiser4 module
-+ * initialization.
-+ */
-+int init_txnmgr_static(void)
-+{
-+ assert("jmacd-600", _atom_slab == NULL);
-+ assert("jmacd-601", _txnh_slab == NULL);
-+
-+ ON_DEBUG(atomic_set(&flush_cnt, 0));
-+
-+ _atom_slab = kmem_cache_create("txn_atom", sizeof(txn_atom), 0,
-+ SLAB_HWCACHE_ALIGN |
-+ SLAB_RECLAIM_ACCOUNT, NULL, NULL);
-+ if (_atom_slab == NULL)
-+ return RETERR(-ENOMEM);
-+
-+ _txnh_slab = kmem_cache_create("txn_handle", sizeof(txn_handle), 0,
-+ SLAB_HWCACHE_ALIGN, NULL, NULL);
-+ if (_txnh_slab == NULL) {
-+ kmem_cache_destroy(_atom_slab);
-+ _atom_slab = NULL;
-+ return RETERR(-ENOMEM);
-+ }
-+
-+ return 0;
-+}
-+
-+/**
-+ * done_txnmgr_static - delete txn_atom and txn_handle caches
-+ *
-+ * This is called on reiser4 module unloading or system shutdown.
-+ */
-+void done_txnmgr_static(void)
-+{
-+ destroy_reiser4_cache(&_atom_slab);
-+ destroy_reiser4_cache(&_txnh_slab);
-+}
-+
-+/**
-+ * init_txnmgr - initialize a new transaction manager
-+ * @mgr: pointer to transaction manager embedded in reiser4 super block
-+ *
-+ * This is called on mount. Makes necessary initializations.
-+ */
-+void init_txnmgr(txn_mgr *mgr)
-+{
-+ assert("umka-169", mgr != NULL);
-+
-+ mgr->atom_count = 0;
-+ mgr->id_count = 1;
-+ INIT_LIST_HEAD(&mgr->atoms_list);
-+ spin_lock_init(&mgr->tmgr_lock);
-+ sema_init(&mgr->commit_semaphore, 1);
-+}
-+
-+/**
-+ * done_txnmgr - stop transaction manager
-+ * @mgr: pointer to transaction manager embedded in reiser4 super block
-+ *
-+ * This is called on umount. Does sanity checks.
-+ */
-+void done_txnmgr(txn_mgr *mgr)
-+{
-+ assert("umka-170", mgr != NULL);
-+ assert("umka-1701", list_empty_careful(&mgr->atoms_list));
-+ assert("umka-1702", mgr->atom_count == 0);
-+}
-+
-+/* Initialize a transaction handle. */
-+/* Audited by: umka (2002.06.13) */
-+static void txnh_init(txn_handle * txnh, txn_mode mode)
-+{
-+ assert("umka-171", txnh != NULL);
-+
-+ txnh->mode = mode;
-+ txnh->atom = NULL;
-+ set_gfp_mask();
-+ txnh->flags = 0;
-+ spin_lock_init(&txnh->hlock);
-+ INIT_LIST_HEAD(&txnh->txnh_link);
-+}
-+
-+#if REISER4_DEBUG
-+/* Check if a transaction handle is clean. */
-+static int txnh_isclean(txn_handle * txnh)
-+{
-+ assert("umka-172", txnh != NULL);
-+ return txnh->atom == NULL &&
-+ LOCK_CNT_NIL(spin_locked_txnh);
-+}
-+#endif
-+
-+/* Initialize an atom. */
-+static void atom_init(txn_atom * atom)
-+{
-+ int level;
-+
-+ assert("umka-173", atom != NULL);
-+
-+ memset(atom, 0, sizeof(txn_atom));
-+
-+ atom->stage = ASTAGE_FREE;
-+ atom->start_time = jiffies;
-+
-+ for (level = 0; level < REAL_MAX_ZTREE_HEIGHT + 1; level += 1)
-+ INIT_LIST_HEAD(ATOM_DIRTY_LIST(atom, level));
-+
-+ INIT_LIST_HEAD(ATOM_CLEAN_LIST(atom));
-+ INIT_LIST_HEAD(ATOM_OVRWR_LIST(atom));
-+ INIT_LIST_HEAD(ATOM_WB_LIST(atom));
-+ INIT_LIST_HEAD(&atom->inodes);
-+ spin_lock_init(&atom->alock);
-+ /* list of transaction handles */
-+ INIT_LIST_HEAD(&atom->txnh_list);
-+ /* link to transaction manager's list of atoms */
-+ INIT_LIST_HEAD(&atom->atom_link);
-+ INIT_LIST_HEAD(&atom->fwaitfor_list);
-+ INIT_LIST_HEAD(&atom->fwaiting_list);
-+ blocknr_set_init(&atom->delete_set);
-+ blocknr_set_init(&atom->wandered_map);
-+
-+ init_atom_fq_parts(atom);
-+}
-+
-+#if REISER4_DEBUG
-+/* Check if an atom is clean. */
-+static int atom_isclean(txn_atom * atom)
-+{
-+ int level;
-+
-+ assert("umka-174", atom != NULL);
-+
-+ for (level = 0; level < REAL_MAX_ZTREE_HEIGHT + 1; level += 1) {
-+ if (!list_empty_careful(ATOM_DIRTY_LIST(atom, level))) {
-+ return 0;
-+ }
-+ }
-+
-+ return atom->stage == ASTAGE_FREE &&
-+ atom->txnh_count == 0 &&
-+ atom->capture_count == 0 &&
-+ atomic_read(&atom->refcount) == 0 &&
-+ (&atom->atom_link == atom->atom_link.next &&
-+ &atom->atom_link == atom->atom_link.prev) &&
-+ list_empty_careful(&atom->txnh_list) &&
-+ list_empty_careful(ATOM_CLEAN_LIST(atom)) &&
-+ list_empty_careful(ATOM_OVRWR_LIST(atom)) &&
-+ list_empty_careful(ATOM_WB_LIST(atom)) &&
-+ list_empty_careful(&atom->fwaitfor_list) &&
-+ list_empty_careful(&atom->fwaiting_list) &&
-+ atom_fq_parts_are_clean(atom);
-+}
-+#endif
-+
-+/* Begin a transaction in this context. Currently this uses the reiser4_context's
-+ trans_in_ctx, which means that transaction handles are stack-allocated. Eventually
-+ this will be extended to allow transaction handles to span several contexts. */
-+/* Audited by: umka (2002.06.13) */
-+void txn_begin(reiser4_context * context)
-+{
-+ assert("jmacd-544", context->trans == NULL);
-+
-+ context->trans = &context->trans_in_ctx;
-+
-+ /* FIXME_LATER_JMACD Currently there's no way to begin a TXN_READ_FUSING
-+ transcrash. Default should be TXN_WRITE_FUSING. Also, the _trans variable is
-+ stack allocated right now, but we would like to allow for dynamically allocated
-+ transcrashes that span multiple system calls.
-+ */
-+ txnh_init(context->trans, TXN_WRITE_FUSING);
-+}
-+
-+/* Finish a transaction handle context. */
-+int txn_end(reiser4_context * context)
-+{
-+ long ret = 0;
-+ txn_handle *txnh;
-+
-+ assert("umka-283", context != NULL);
-+ assert("nikita-3012", schedulable());
-+ assert("vs-24", context == get_current_context());
-+ assert("nikita-2967", lock_stack_isclean(get_current_lock_stack()));
-+
-+ txnh = context->trans;
-+ if (txnh != NULL) {
-+ if (txnh->atom != NULL)
-+ ret = commit_txnh(txnh);
-+ assert("jmacd-633", txnh_isclean(txnh));
-+ context->trans = NULL;
-+ }
-+ return ret;
-+}
-+
-+void txn_restart(reiser4_context * context)
-+{
-+ txn_end(context);
-+ preempt_point();
-+ txn_begin(context);
-+}
-+
-+void txn_restart_current(void)
-+{
-+ txn_restart(get_current_context());
-+}
-+
-+/* TXN_ATOM */
-+
-+/* Get the atom belonging to a txnh, which is not locked. Return txnh locked. Locks atom, if atom
-+ is not NULL. This performs the necessary spin_trylock to break the lock-ordering cycle. May
-+ return NULL. */
-+static txn_atom *txnh_get_atom(txn_handle * txnh)
-+{
-+ txn_atom *atom;
-+
-+ assert("umka-180", txnh != NULL);
-+ assert_spin_not_locked(&(txnh->hlock));
-+
-+ while (1) {
-+ spin_lock_txnh(txnh);
-+ atom = txnh->atom;
-+
-+ if (atom == NULL)
-+ break;
-+
-+ if (spin_trylock_atom(atom))
-+ break;
-+
-+ atomic_inc(&atom->refcount);
-+
-+ spin_unlock_txnh(txnh);
-+ spin_lock_atom(atom);
-+ spin_lock_txnh(txnh);
-+
-+ if (txnh->atom == atom) {
-+ atomic_dec(&atom->refcount);
-+ break;
-+ }
-+
-+ spin_unlock_txnh(txnh);
-+ atom_dec_and_unlock(atom);
-+ }
-+
-+ return atom;
-+}
-+
-+/* Get the current atom and spinlock it if current atom present. May return NULL */
-+txn_atom *get_current_atom_locked_nocheck(void)
-+{
-+ reiser4_context *cx;
-+ txn_atom *atom;
-+ txn_handle *txnh;
-+
-+ cx = get_current_context();
-+ assert("zam-437", cx != NULL);
-+
-+ txnh = cx->trans;
-+ assert("zam-435", txnh != NULL);
-+
-+ atom = txnh_get_atom(txnh);
-+
-+ spin_unlock_txnh(txnh);
-+ return atom;
-+}
-+
-+/* Get the atom belonging to a jnode, which is initially locked. Return with
-+ both jnode and atom locked. This performs the necessary spin_trylock to
-+ break the lock-ordering cycle. Assumes the jnode is already locked, and
-+ returns NULL if atom is not set. */
-+txn_atom *jnode_get_atom(jnode * node)
-+{
-+ txn_atom *atom;
-+
-+ assert("umka-181", node != NULL);
-+
-+ while (1) {
-+ assert_spin_locked(&(node->guard));
-+
-+ atom = node->atom;
-+ /* node is not in any atom */
-+ if (atom == NULL)
-+ break;
-+
-+ /* If atom is not locked, grab the lock and return */
-+ if (spin_trylock_atom(atom))
-+ break;
-+
-+ /* At least one jnode belongs to this atom it guarantees that
-+ * atom->refcount > 0, we can safely increment refcount. */
-+ atomic_inc(&atom->refcount);
-+ spin_unlock_jnode(node);
-+
-+ /* re-acquire spin locks in the right order */
-+ spin_lock_atom(atom);
-+ spin_lock_jnode(node);
-+
-+ /* check if node still points to the same atom. */
-+ if (node->atom == atom) {
-+ atomic_dec(&atom->refcount);
-+ break;
-+ }
-+
-+ /* releasing of atom lock and reference requires not holding
-+ * locks on jnodes. */
-+ spin_unlock_jnode(node);
-+
-+ /* We do not sure that this atom has extra references except our
-+ * one, so we should call proper function which may free atom if
-+ * last reference is released. */
-+ atom_dec_and_unlock(atom);
-+
-+ /* lock jnode again for getting valid node->atom pointer
-+ * value. */
-+ spin_lock_jnode(node);
-+ }
-+
-+ return atom;
-+}
-+
-+/* Returns true if @node is dirty and part of the same atom as one of its neighbors. Used
-+ by flush code to indicate whether the next node (in some direction) is suitable for
-+ flushing. */
-+int
-+same_slum_check(jnode * node, jnode * check, int alloc_check, int alloc_value)
-+{
-+ int compat;
-+ txn_atom *atom;
-+
-+ assert("umka-182", node != NULL);
-+ assert("umka-183", check != NULL);
-+
-+ /* Not sure what this function is supposed to do if supplied with @check that is
-+ neither formatted nor unformatted (bitmap or so). */
-+ assert("nikita-2373", jnode_is_znode(check)
-+ || jnode_is_unformatted(check));
-+
-+ /* Need a lock on CHECK to get its atom and to check various state bits.
-+ Don't need a lock on NODE once we get the atom lock. */
-+ /* It is not enough to lock two nodes and check (node->atom ==
-+ check->atom) because atom could be locked and being fused at that
-+ moment, jnodes of the atom of that state (being fused) can point to
-+ different objects, but the atom is the same. */
-+ spin_lock_jnode(check);
-+
-+ atom = jnode_get_atom(check);
-+
-+ if (atom == NULL) {
-+ compat = 0;
-+ } else {
-+ compat = (node->atom == atom && JF_ISSET(check, JNODE_DIRTY));
-+
-+ if (compat && jnode_is_znode(check)) {
-+ compat &= znode_is_connected(JZNODE(check));
-+ }
-+
-+ if (compat && alloc_check) {
-+ compat &= (alloc_value == jnode_is_flushprepped(check));
-+ }
-+
-+ spin_unlock_atom(atom);
-+ }
-+
-+ spin_unlock_jnode(check);
-+
-+ return compat;
-+}
-+
-+/* Decrement the atom's reference count and if it falls to zero, free it. */
-+void atom_dec_and_unlock(txn_atom * atom)
-+{
-+ txn_mgr *mgr = &get_super_private(reiser4_get_current_sb())->tmgr;
-+
-+ assert("umka-186", atom != NULL);
-+ assert_spin_locked(&(atom->alock));
-+ assert("zam-1039", atomic_read(&atom->refcount) > 0);
-+
-+ if (atomic_dec_and_test(&atom->refcount)) {
-+ /* take txnmgr lock and atom lock in proper order. */
-+ if (!spin_trylock_txnmgr(mgr)) {
-+ /* This atom should exist after we re-acquire its
-+ * spinlock, so we increment its reference counter. */
-+ atomic_inc(&atom->refcount);
-+ spin_unlock_atom(atom);
-+ spin_lock_txnmgr(mgr);
-+ spin_lock_atom(atom);
-+
-+ if (!atomic_dec_and_test(&atom->refcount)) {
-+ spin_unlock_atom(atom);
-+ spin_unlock_txnmgr(mgr);
-+ return;
-+ }
-+ }
-+ assert_spin_locked(&(mgr->tmgr_lock));
-+ atom_free(atom);
-+ spin_unlock_txnmgr(mgr);
-+ } else
-+ spin_unlock_atom(atom);
-+}
-+
-+/* Create new atom and connect it to given transaction handle. This adds the
-+ atom to the transaction manager's list and sets its reference count to 1, an
-+ artificial reference which is kept until it commits. We play strange games
-+ to avoid allocation under jnode & txnh spinlocks.*/
-+
-+static int atom_begin_and_assign_to_txnh(txn_atom ** atom_alloc, txn_handle * txnh)
-+{
-+ txn_atom *atom;
-+ txn_mgr *mgr;
-+
-+ if (REISER4_DEBUG && rofs_tree(current_tree)) {
-+ warning("nikita-3366", "Creating atom on rofs");
-+ dump_stack();
-+ }
-+
-+ if (*atom_alloc == NULL) {
-+ (*atom_alloc) = kmem_cache_alloc(_atom_slab, get_gfp_mask());
-+
-+ if (*atom_alloc == NULL)
-+ return RETERR(-ENOMEM);
-+ }
-+
-+ /* and, also, txnmgr spin lock should be taken before jnode and txnh
-+ locks. */
-+ mgr = &get_super_private(reiser4_get_current_sb())->tmgr;
-+ spin_lock_txnmgr(mgr);
-+ spin_lock_txnh(txnh);
-+
-+ /* Check whether new atom still needed */
-+ if (txnh->atom != NULL) {
-+ /* NOTE-NIKITA probably it is rather better to free
-+ * atom_alloc here than thread it up to try_capture(). */
-+
-+ spin_unlock_txnh(txnh);
-+ spin_unlock_txnmgr(mgr);
-+
-+ return -E_REPEAT;
-+ }
-+
-+ atom = *atom_alloc;
-+ *atom_alloc = NULL;
-+
-+ atom_init(atom);
-+
-+ assert("jmacd-17", atom_isclean(atom));
-+
-+ /*
-+ * do not use spin_lock_atom because we have broken lock ordering here
-+ * which is ok, as long as @atom is new and inaccessible for others.
-+ */
-+ spin_lock(&(atom->alock));
-+
-+ /* add atom to the end of transaction manager's list of atoms */
-+ list_add_tail(&atom->atom_link, &mgr->atoms_list);
-+ atom->atom_id = mgr->id_count++;
-+ mgr->atom_count += 1;
-+
-+ /* Release txnmgr lock */
-+ spin_unlock_txnmgr(mgr);
-+
-+ /* One reference until it commits. */
-+ atomic_inc(&atom->refcount);
-+ atom->stage = ASTAGE_CAPTURE_FUSE;
-+ atom->super = reiser4_get_current_sb();
-+ capture_assign_txnh_nolock(atom, txnh);
-+
-+ spin_unlock(&(atom->alock));
-+ spin_unlock_txnh(txnh);
-+
-+ return -E_REPEAT;
-+}
-+
-+/* Return true if an atom is currently "open". */
-+static int atom_isopen(const txn_atom * atom)
-+{
-+ assert("umka-185", atom != NULL);
-+
-+ return atom->stage > 0 && atom->stage < ASTAGE_PRE_COMMIT;
-+}
-+
-+/* Return the number of pointers to this atom that must be updated during fusion. This
-+ approximates the amount of work to be done. Fusion chooses the atom with fewer
-+ pointers to fuse into the atom with more pointers. */
-+static int atom_pointer_count(const txn_atom * atom)
-+{
-+ assert("umka-187", atom != NULL);
-+
-+ /* This is a measure of the amount of work needed to fuse this atom
-+ * into another. */
-+ return atom->txnh_count + atom->capture_count;
-+}
-+
-+/* Called holding the atom lock, this removes the atom from the transaction manager list
-+ and frees it. */
-+static void atom_free(txn_atom * atom)
-+{
-+ txn_mgr *mgr = &get_super_private(reiser4_get_current_sb())->tmgr;
-+
-+ assert("umka-188", atom != NULL);
-+ assert_spin_locked(&(atom->alock));
-+
-+ /* Remove from the txn_mgr's atom list */
-+ assert_spin_locked(&(mgr->tmgr_lock));
-+ mgr->atom_count -= 1;
-+ list_del_init(&atom->atom_link);
-+
-+ /* Clean the atom */
-+ assert("jmacd-16",
-+ (atom->stage == ASTAGE_INVALID || atom->stage == ASTAGE_DONE));
-+ atom->stage = ASTAGE_FREE;
-+
-+ blocknr_set_destroy(&atom->delete_set);
-+ blocknr_set_destroy(&atom->wandered_map);
-+
-+ assert("jmacd-16", atom_isclean(atom));
-+
-+ spin_unlock_atom(atom);
-+
-+ kmem_cache_free(_atom_slab, atom);
-+}
-+
-+static int atom_is_dotard(const txn_atom * atom)
-+{
-+ return time_after(jiffies, atom->start_time +
-+ get_current_super_private()->tmgr.atom_max_age);
-+}
-+
-+static int atom_can_be_committed(txn_atom * atom)
-+{
-+ assert_spin_locked(&(atom->alock));
-+ assert("zam-885", atom->txnh_count > atom->nr_waiters);
-+ return atom->txnh_count == atom->nr_waiters + 1;
-+}
-+
-+/* Return true if an atom should commit now. This is determined by aging, atom
-+ size or atom flags. */
-+static int atom_should_commit(const txn_atom * atom)
-+{
-+ assert("umka-189", atom != NULL);
-+ return
-+ (atom->flags & ATOM_FORCE_COMMIT) ||
-+ ((unsigned)atom_pointer_count(atom) >
-+ get_current_super_private()->tmgr.atom_max_size)
-+ || atom_is_dotard(atom);
-+}
-+
-+/* return 1 if current atom exists and requires commit. */
-+int current_atom_should_commit(void)
-+{
-+ txn_atom *atom;
-+ int result = 0;
-+
-+ atom = get_current_atom_locked_nocheck();
-+ if (atom) {
-+ result = atom_should_commit(atom);
-+ spin_unlock_atom(atom);
-+ }
-+ return result;
-+}
-+
-+static int atom_should_commit_asap(const txn_atom * atom)
-+{
-+ unsigned int captured;
-+ unsigned int pinnedpages;
-+
-+ assert("nikita-3309", atom != NULL);
-+
-+ captured = (unsigned)atom->capture_count;
-+ pinnedpages = (captured >> PAGE_CACHE_SHIFT) * sizeof(znode);
-+
-+ return (pinnedpages > (totalram_pages >> 3)) || (atom->flushed > 100);
-+}
-+
-+static jnode *find_first_dirty_in_list(struct list_head *head, int flags)
-+{
-+ jnode *first_dirty;
-+
-+ list_for_each_entry(first_dirty, head, capture_link) {
-+ if (!(flags & JNODE_FLUSH_COMMIT)) {
-+ /*
-+ * skip jnodes which "heard banshee" or having active
-+ * I/O
-+ */
-+ if (JF_ISSET(first_dirty, JNODE_HEARD_BANSHEE) ||
-+ JF_ISSET(first_dirty, JNODE_WRITEBACK))
-+ continue;
-+ }
-+ return first_dirty;
-+ }
-+ return NULL;
-+}
-+
-+/* Get first dirty node from the atom's dirty_nodes[n] lists; return NULL if atom has no dirty
-+ nodes on atom's lists */
-+jnode *find_first_dirty_jnode(txn_atom * atom, int flags)
-+{
-+ jnode *first_dirty;
-+ tree_level level;
-+
-+ assert_spin_locked(&(atom->alock));
-+
-+ /* The flush starts from LEAF_LEVEL (=1). */
-+ for (level = 1; level < REAL_MAX_ZTREE_HEIGHT + 1; level += 1) {
-+ if (list_empty_careful(ATOM_DIRTY_LIST(atom, level)))
-+ continue;
-+
-+ first_dirty =
-+ find_first_dirty_in_list(ATOM_DIRTY_LIST(atom, level),
-+ flags);
-+ if (first_dirty)
-+ return first_dirty;
-+ }
-+
-+ /* znode-above-root is on the list #0. */
-+ return find_first_dirty_in_list(ATOM_DIRTY_LIST(atom, 0), flags);
-+}
-+
-+static void dispatch_wb_list(txn_atom * atom, flush_queue_t * fq)
-+{
-+ jnode *cur;
-+
-+ assert("zam-905", atom_is_protected(atom));
-+
-+ cur = list_entry(ATOM_WB_LIST(atom)->next, jnode, capture_link);
-+ while (ATOM_WB_LIST(atom) != &cur->capture_link) {
-+ jnode *next = list_entry(cur->capture_link.next, jnode, capture_link);
-+
-+ spin_lock_jnode(cur);
-+ if (!JF_ISSET(cur, JNODE_WRITEBACK)) {
-+ if (JF_ISSET(cur, JNODE_DIRTY)) {
-+ queue_jnode(fq, cur);
-+ } else {
-+ /* move jnode to atom's clean list */
-+ list_move_tail(&cur->capture_link,
-+ ATOM_CLEAN_LIST(atom));
-+ }
-+ }
-+ spin_unlock_jnode(cur);
-+
-+ cur = next;
-+ }
-+}
-+
-+/* Scan current atom->writeback_nodes list, re-submit dirty and !writeback
-+ * jnodes to disk. */
-+static int submit_wb_list(void)
-+{
-+ int ret;
-+ flush_queue_t *fq;
-+
-+ fq = get_fq_for_current_atom();
-+ if (IS_ERR(fq))
-+ return PTR_ERR(fq);
-+
-+ dispatch_wb_list(fq->atom, fq);
-+ spin_unlock_atom(fq->atom);
-+
-+ ret = write_fq(fq, NULL, 1);
-+ fq_put(fq);
-+
-+ return ret;
-+}
-+
-+/* Wait completion of all writes, re-submit atom writeback list if needed. */
-+static int current_atom_complete_writes(void)
-+{
-+ int ret;
-+
-+ /* Each jnode from that list was modified and dirtied when it had i/o
-+ * request running already. After i/o completion we have to resubmit
-+ * them to disk again.*/
-+ ret = submit_wb_list();
-+ if (ret < 0)
-+ return ret;
-+
-+ /* Wait all i/o completion */
-+ ret = current_atom_finish_all_fq();
-+ if (ret)
-+ return ret;
-+
-+ /* Scan wb list again; all i/o should be completed, we re-submit dirty
-+ * nodes to disk */
-+ ret = submit_wb_list();
-+ if (ret < 0)
-+ return ret;
-+
-+ /* Wait all nodes we just submitted */
-+ return current_atom_finish_all_fq();
-+}
-+
-+#define TOOMANYFLUSHES (1 << 13)
-+
-+/* Called with the atom locked and no open "active" transaction handlers except
-+ ours, this function calls flush_current_atom() until all dirty nodes are
-+ processed. Then it initiates commit processing.
-+
-+ Called by the single remaining open "active" txnh, which is closing. Other
-+ open txnhs belong to processes which wait atom commit in commit_txnh()
-+ routine. They are counted as "waiters" in atom->nr_waiters. Therefore as
-+ long as we hold the atom lock none of the jnodes can be captured and/or
-+ locked.
-+
-+ Return value is an error code if commit fails.
-+*/
-+static int commit_current_atom(long *nr_submitted, txn_atom ** atom)
-+{
-+ reiser4_super_info_data *sbinfo = get_current_super_private();
-+ long ret = 0;
-+ /* how many times jnode_flush() was called as a part of attempt to
-+ * commit this atom. */
-+ int flushiters;
-+
-+ assert("zam-888", atom != NULL && *atom != NULL);
-+ assert_spin_locked(&((*atom)->alock));
-+ assert("zam-887", get_current_context()->trans->atom == *atom);
-+ assert("jmacd-151", atom_isopen(*atom));
-+
-+ /* lock ordering: delete_sema and commit_sema are unordered */
-+ assert("nikita-3184",
-+ get_current_super_private()->delete_sema_owner != current);
-+
-+ for (flushiters = 0;; ++flushiters) {
-+ ret =
-+ flush_current_atom(JNODE_FLUSH_WRITE_BLOCKS |
-+ JNODE_FLUSH_COMMIT,
-+ LONG_MAX /* nr_to_write */ ,
-+ nr_submitted, atom, NULL);
-+ if (ret != -E_REPEAT)
-+ break;
-+
-+ /* if atom's dirty list contains one znode which is
-+ HEARD_BANSHEE and is locked we have to allow lock owner to
-+ continue and uncapture that znode */
-+ preempt_point();
-+
-+ *atom = get_current_atom_locked();
-+ if (flushiters > TOOMANYFLUSHES && IS_POW(flushiters)) {
-+ warning("nikita-3176",
-+ "Flushing like mad: %i", flushiters);
-+ info_atom("atom", *atom);
-+ DEBUGON(flushiters > (1 << 20));
-+ }
-+ }
-+
-+ if (ret)
-+ return ret;
-+
-+ assert_spin_locked(&((*atom)->alock));
-+
-+ if (!atom_can_be_committed(*atom)) {
-+ spin_unlock_atom(*atom);
-+ return RETERR(-E_REPEAT);
-+ }
-+
-+ if ((*atom)->capture_count == 0)
-+ goto done;
-+
-+ /* Up to this point we have been flushing and after flush is called we
-+ return -E_REPEAT. Now we can commit. We cannot return -E_REPEAT
-+ at this point, commit should be successful. */
-+ atom_set_stage(*atom, ASTAGE_PRE_COMMIT);
-+ ON_DEBUG(((*atom)->committer = current));
-+ spin_unlock_atom(*atom);
-+
-+ ret = current_atom_complete_writes();
-+ if (ret)
-+ return ret;
-+
-+ assert("zam-906", list_empty(ATOM_WB_LIST(*atom)));
-+
-+ /* isolate critical code path which should be executed by only one
-+ * thread using tmgr semaphore */
-+ down(&sbinfo->tmgr.commit_semaphore);
-+
-+ ret = reiser4_write_logs(nr_submitted);
-+ if (ret < 0)
-+ reiser4_panic("zam-597", "write log failed (%ld)\n", ret);
-+
-+ /* The atom->ovrwr_nodes list is processed under commit semaphore held
-+ because of bitmap nodes which are captured by special way in
-+ bitmap_pre_commit_hook(), that way does not include
-+ capture_fuse_wait() as a capturing of other nodes does -- the commit
-+ semaphore is used for transaction isolation instead. */
-+ invalidate_list(ATOM_OVRWR_LIST(*atom));
-+ up(&sbinfo->tmgr.commit_semaphore);
-+
-+ invalidate_list(ATOM_CLEAN_LIST(*atom));
-+ invalidate_list(ATOM_WB_LIST(*atom));
-+ assert("zam-927", list_empty(&(*atom)->inodes));
-+
-+ spin_lock_atom(*atom);
-+ done:
-+ atom_set_stage(*atom, ASTAGE_DONE);
-+ ON_DEBUG((*atom)->committer = NULL);
-+
-+ /* Atom's state changes, so wake up everybody waiting for this
-+ event. */
-+ wakeup_atom_waiting_list(*atom);
-+
-+ /* Decrement the "until commit" reference, at least one txnh (the caller) is
-+ still open. */
-+ atomic_dec(&(*atom)->refcount);
-+
-+ assert("jmacd-1070", atomic_read(&(*atom)->refcount) > 0);
-+ assert("jmacd-1062", (*atom)->capture_count == 0);
-+ BUG_ON((*atom)->capture_count != 0);
-+ assert_spin_locked(&((*atom)->alock));
-+
-+ return ret;
-+}
-+
-+/* TXN_TXNH */
-+
-+/**
-+ * force_commit_atom - commit current atom and wait commit completion
-+ * @txnh:
-+ *
-+ * Commits current atom and wait commit completion; current atom and @txnh have
-+ * to be spinlocked before call, this function unlocks them on exit.
-+ */
-+int force_commit_atom(txn_handle *txnh)
-+{
-+ txn_atom *atom;
-+
-+ assert("zam-837", txnh != NULL);
-+ assert_spin_locked(&(txnh->hlock));
-+ assert("nikita-2966", lock_stack_isclean(get_current_lock_stack()));
-+
-+ atom = txnh->atom;
-+
-+ assert("zam-834", atom != NULL);
-+ assert_spin_locked(&(atom->alock));
-+
-+ /*
-+ * Set flags for atom and txnh: forcing atom commit and waiting for
-+ * commit completion
-+ */
-+ txnh->flags |= TXNH_WAIT_COMMIT;
-+ atom->flags |= ATOM_FORCE_COMMIT;
-+
-+ spin_unlock_txnh(txnh);
-+ spin_unlock_atom(atom);
-+
-+ /* commit is here */
-+ txn_restart_current();
-+ return 0;
-+}
-+
-+/* Called to force commit of any outstanding atoms. @commit_all_atoms controls
-+ * should we commit all atoms including new ones which are created after this
-+ * functions is called. */
-+int txnmgr_force_commit_all(struct super_block *super, int commit_all_atoms)
-+{
-+ int ret;
-+ txn_atom *atom;
-+ txn_mgr *mgr;
-+ txn_handle *txnh;
-+ unsigned long start_time = jiffies;
-+ reiser4_context *ctx = get_current_context();
-+
-+ assert("nikita-2965", lock_stack_isclean(get_current_lock_stack()));
-+ assert("nikita-3058", commit_check_locks());
-+
-+ txn_restart_current();
-+
-+ mgr = &get_super_private(super)->tmgr;
-+
-+ txnh = ctx->trans;
-+
-+ again:
-+
-+ spin_lock_txnmgr(mgr);
-+
-+ list_for_each_entry(atom, &mgr->atoms_list, atom_link) {
-+ spin_lock_atom(atom);
-+
-+ /* Commit any atom which can be committed. If @commit_new_atoms
-+ * is not set we commit only atoms which were created before
-+ * this call is started. */
-+ if (commit_all_atoms
-+ || time_before_eq(atom->start_time, start_time)) {
-+ if (atom->stage <= ASTAGE_POST_COMMIT) {
-+ spin_unlock_txnmgr(mgr);
-+
-+ if (atom->stage < ASTAGE_PRE_COMMIT) {
-+ spin_lock_txnh(txnh);
-+ /* Add force-context txnh */
-+ capture_assign_txnh_nolock(atom, txnh);
-+ ret = force_commit_atom(txnh);
-+ if (ret)
-+ return ret;
-+ } else
-+ /* wait atom commit */
-+ atom_wait_event(atom);
-+
-+ goto again;
-+ }
-+ }
-+
-+ spin_unlock_atom(atom);
-+ }
-+
-+#if REISER4_DEBUG
-+ if (commit_all_atoms) {
-+ reiser4_super_info_data *sbinfo = get_super_private(super);
-+ spin_lock_reiser4_super(sbinfo);
-+ assert("zam-813",
-+ sbinfo->blocks_fake_allocated_unformatted == 0);
-+ assert("zam-812", sbinfo->blocks_fake_allocated == 0);
-+ spin_unlock_reiser4_super(sbinfo);
-+ }
-+#endif
-+
-+ spin_unlock_txnmgr(mgr);
-+
-+ return 0;
-+}
-+
-+/* check whether commit_some_atoms() can commit @atom. Locking is up to the
-+ * caller */
-+static int atom_is_committable(txn_atom * atom)
-+{
-+ return
-+ atom->stage < ASTAGE_PRE_COMMIT &&
-+ atom->txnh_count == atom->nr_waiters && atom_should_commit(atom);
-+}
-+
-+/* called periodically from ktxnmgrd to commit old atoms. Releases ktxnmgrd spin
-+ * lock at exit */
-+int commit_some_atoms(txn_mgr * mgr)
-+{
-+ int ret = 0;
-+ txn_atom *atom;
-+ txn_handle *txnh;
-+ reiser4_context *ctx;
-+ struct list_head *pos, *tmp;
-+
-+ ctx = get_current_context();
-+ assert("nikita-2444", ctx != NULL);
-+
-+ txnh = ctx->trans;
-+ spin_lock_txnmgr(mgr);
-+
-+ /*
-+ * this is to avoid gcc complain that atom might be used
-+ * uninitialized
-+ */
-+ atom = NULL;
-+
-+ /* look for atom to commit */
-+ list_for_each_safe(pos, tmp, &mgr->atoms_list) {
-+ atom = list_entry(pos, txn_atom, atom_link);
-+ /*
-+ * first test without taking atom spin lock, whether it is
-+ * eligible for committing at all
-+ */
-+ if (atom_is_committable(atom)) {
-+ /* now, take spin lock and re-check */
-+ spin_lock_atom(atom);
-+ if (atom_is_committable(atom))
-+ break;
-+ spin_unlock_atom(atom);
-+ }
-+ }
-+
-+ ret = (&mgr->atoms_list == pos);
-+ spin_unlock_txnmgr(mgr);
-+
-+ if (ret) {
-+ /* nothing found */
-+ spin_unlock(&mgr->daemon->guard);
-+ return 0;
-+ }
-+
-+ spin_lock_txnh(txnh);
-+
-+ BUG_ON(atom == NULL);
-+ /* Set the atom to force committing */
-+ atom->flags |= ATOM_FORCE_COMMIT;
-+
-+ /* Add force-context txnh */
-+ capture_assign_txnh_nolock(atom, txnh);
-+
-+ spin_unlock_txnh(txnh);
-+ spin_unlock_atom(atom);
-+
-+ /* we are about to release daemon spin lock, notify daemon it
-+ has to rescan atoms */
-+ mgr->daemon->rescan = 1;
-+ spin_unlock(&mgr->daemon->guard);
-+ txn_restart_current();
-+ return 0;
-+}
-+
-+static int txn_try_to_fuse_small_atom(txn_mgr * tmgr, txn_atom * atom)
-+{
-+ int atom_stage;
-+ txn_atom *atom_2;
-+ int repeat;
-+
-+ assert("zam-1051", atom->stage < ASTAGE_PRE_COMMIT);
-+
-+ atom_stage = atom->stage;
-+ repeat = 0;
-+
-+ if (!spin_trylock_txnmgr(tmgr)) {
-+ atomic_inc(&atom->refcount);
-+ spin_unlock_atom(atom);
-+ spin_lock_txnmgr(tmgr);
-+ spin_lock_atom(atom);
-+ repeat = 1;
-+ if (atom->stage != atom_stage) {
-+ spin_unlock_txnmgr(tmgr);
-+ atom_dec_and_unlock(atom);
-+ return -E_REPEAT;
-+ }
-+ atomic_dec(&atom->refcount);
-+ }
-+
-+ list_for_each_entry(atom_2, &tmgr->atoms_list, atom_link) {
-+ if (atom == atom_2)
-+ continue;
-+ /*
-+ * if trylock does not succeed we just do not fuse with that
-+ * atom.
-+ */
-+ if (spin_trylock_atom(atom_2)) {
-+ if (atom_2->stage < ASTAGE_PRE_COMMIT) {
-+ spin_unlock_txnmgr(tmgr);
-+ capture_fuse_into(atom_2, atom);
-+ /* all locks are lost we can only repeat here */
-+ return -E_REPEAT;
-+ }
-+ spin_unlock_atom(atom_2);
-+ }
-+ }
-+ atom->flags |= ATOM_CANCEL_FUSION;
-+ spin_unlock_txnmgr(tmgr);
-+ if (repeat) {
-+ spin_unlock_atom(atom);
-+ return -E_REPEAT;
-+ }
-+ return 0;
-+}
-+
-+/* Calls jnode_flush for current atom if it exists; if not, just take another
-+ atom and call jnode_flush() for him. If current transaction handle has
-+ already assigned atom (current atom) we have to close current transaction
-+ prior to switch to another atom or do something with current atom. This
-+ code tries to flush current atom.
-+
-+ flush_some_atom() is called as part of memory clearing process. It is
-+ invoked from balance_dirty_pages(), pdflushd, and entd.
-+
-+ If we can flush no nodes, atom is committed, because this frees memory.
-+
-+ If atom is too large or too old it is committed also.
-+*/
-+int
-+flush_some_atom(jnode * start, long *nr_submitted, const struct writeback_control *wbc,
-+ int flags)
-+{
-+ reiser4_context *ctx = get_current_context();
-+ txn_mgr *tmgr = &get_super_private(ctx->super)->tmgr;
-+ txn_handle *txnh = ctx->trans;
-+ txn_atom *atom;
-+ int ret;
-+
-+ BUG_ON(wbc->nr_to_write == 0);
-+ BUG_ON(*nr_submitted != 0);
-+ assert("zam-1042", txnh != NULL);
-+ repeat:
-+ if (txnh->atom == NULL) {
-+ /* current atom is not available, take first from txnmgr */
-+ spin_lock_txnmgr(tmgr);
-+
-+ /* traverse the list of all atoms */
-+ list_for_each_entry(atom, &tmgr->atoms_list, atom_link) {
-+ /* lock atom before checking its state */
-+ spin_lock_atom(atom);
-+
-+ /*
-+ * we need an atom which is not being committed and
-+ * which has no flushers (jnode_flush() add one flusher
-+ * at the beginning and subtract one at the end).
-+ */
-+ if (atom->stage < ASTAGE_PRE_COMMIT &&
-+ atom->nr_flushers == 0) {
-+ spin_lock_txnh(txnh);
-+ capture_assign_txnh_nolock(atom, txnh);
-+ spin_unlock_txnh(txnh);
-+
-+ goto found;
-+ }
-+
-+ spin_unlock_atom(atom);
-+ }
-+
-+ /*
-+ * Write throttling is case of no one atom can be
-+ * flushed/committed.
-+ */
-+ if (!current_is_pdflush() && !wbc->nonblocking) {
-+ list_for_each_entry(atom, &tmgr->atoms_list, atom_link) {
-+ spin_lock_atom(atom);
-+ /* Repeat the check from the above. */
-+ if (atom->stage < ASTAGE_PRE_COMMIT
-+ && atom->nr_flushers == 0) {
-+ spin_lock_txnh(txnh);
-+ capture_assign_txnh_nolock(atom, txnh);
-+ spin_unlock_txnh(txnh);
-+
-+ goto found;
-+ }
-+ if (atom->stage <= ASTAGE_POST_COMMIT) {
-+ spin_unlock_txnmgr(tmgr);
-+ /*
-+ * we just wait until atom's flusher
-+ * makes a progress in flushing or
-+ * committing the atom
-+ */
-+ atom_wait_event(atom);
-+ goto repeat;
-+ }
-+ spin_unlock_atom(atom);
-+ }
-+ }
-+ spin_unlock_txnmgr(tmgr);
-+ return 0;
-+ found:
-+ spin_unlock_txnmgr(tmgr);
-+ } else
-+ atom = get_current_atom_locked();
-+
-+ BUG_ON(atom->super != ctx->super);
-+ assert("vs-35", atom->super == ctx->super);
-+ if (start) {
-+ spin_lock_jnode(start);
-+ ret = (atom == start->atom) ? 1 : 0;
-+ spin_unlock_jnode(start);
-+ if (ret == 0)
-+ start = NULL;
-+ }
-+ ret = flush_current_atom(flags, wbc->nr_to_write, nr_submitted, &atom, start);
-+ if (ret == 0) {
-+ /* flush_current_atom returns 0 only if it submitted for write
-+ nothing */
-+ BUG_ON(*nr_submitted != 0);
-+ if (*nr_submitted == 0 || atom_should_commit_asap(atom)) {
-+ if (atom->capture_count < tmgr->atom_min_size &&
-+ !(atom->flags & ATOM_CANCEL_FUSION)) {
-+ ret = txn_try_to_fuse_small_atom(tmgr, atom);
-+ if (ret == -E_REPEAT) {
-+ preempt_point();
-+ goto repeat;
-+ }
-+ }
-+ /* if early flushing could not make more nodes clean,
-+ * or atom is too old/large,
-+ * we force current atom to commit */
-+ /* wait for commit completion but only if this
-+ * wouldn't stall pdflushd and ent thread. */
-+ if (!wbc->nonblocking && !ctx->entd)
-+ txnh->flags |= TXNH_WAIT_COMMIT;
-+ atom->flags |= ATOM_FORCE_COMMIT;
-+ }
-+ spin_unlock_atom(atom);
-+ } else if (ret == -E_REPEAT) {
-+ if (*nr_submitted == 0) {
-+ /* let others who hampers flushing (hold longterm locks,
-+ for instance) to free the way for flush */
-+ preempt_point();
-+ goto repeat;
-+ }
-+ ret = 0;
-+ }
-+/*
-+ if (*nr_submitted > wbc->nr_to_write)
-+ warning("", "asked for %ld, written %ld\n", wbc->nr_to_write, *nr_submitted);
-+*/
-+ txn_restart(ctx);
-+
-+ return ret;
-+}
-+
-+/* Remove processed nodes from atom's clean list (thereby remove them from transaction). */
-+void invalidate_list(struct list_head *head)
-+{
-+ while (!list_empty(head)) {
-+ jnode *node;
-+
-+ node = list_entry(head->next, jnode, capture_link);
-+ spin_lock_jnode(node);
-+ uncapture_block(node);
-+ jput(node);
-+ }
-+}
-+
-+static void init_wlinks(txn_wait_links * wlinks)
-+{
-+ wlinks->_lock_stack = get_current_lock_stack();
-+ INIT_LIST_HEAD(&wlinks->_fwaitfor_link);
-+ INIT_LIST_HEAD(&wlinks->_fwaiting_link);
-+ wlinks->waitfor_cb = NULL;
-+ wlinks->waiting_cb = NULL;
-+}
-+
-+/* Add atom to the atom's waitfor list and wait for somebody to wake us up; */
-+void atom_wait_event(txn_atom * atom)
-+{
-+ txn_wait_links _wlinks;
-+
-+ assert_spin_locked(&(atom->alock));
-+ assert("nikita-3156",
-+ lock_stack_isclean(get_current_lock_stack()) ||
-+ atom->nr_running_queues > 0);
-+
-+ init_wlinks(&_wlinks);
-+ list_add_tail(&_wlinks._fwaitfor_link, &atom->fwaitfor_list);
-+ atomic_inc(&atom->refcount);
-+ spin_unlock_atom(atom);
-+
-+ prepare_to_sleep(_wlinks._lock_stack);
-+ go_to_sleep(_wlinks._lock_stack);
-+
-+ spin_lock_atom(atom);
-+ list_del(&_wlinks._fwaitfor_link);
-+ atom_dec_and_unlock(atom);
-+}
-+
-+void atom_set_stage(txn_atom * atom, txn_stage stage)
-+{
-+ assert("nikita-3535", atom != NULL);
-+ assert_spin_locked(&(atom->alock));
-+ assert("nikita-3536", ASTAGE_FREE <= stage && stage <= ASTAGE_INVALID);
-+ /* Excelsior! */
-+ assert("nikita-3537", stage >= atom->stage);
-+ if (atom->stage != stage) {
-+ atom->stage = stage;
-+ atom_send_event(atom);
-+ }
-+}
-+
-+/* wake all threads which wait for an event */
-+void atom_send_event(txn_atom * atom)
-+{
-+ assert_spin_locked(&(atom->alock));
-+ wakeup_atom_waitfor_list(atom);
-+}
-+
-+/* Informs txn manager code that owner of this txn_handle should wait atom commit completion (for
-+ example, because it does fsync(2)) */
-+static int should_wait_commit(txn_handle * h)
-+{
-+ return h->flags & TXNH_WAIT_COMMIT;
-+}
-+
-+typedef struct commit_data {
-+ txn_atom *atom;
-+ txn_handle *txnh;
-+ long nr_written;
-+ /* as an optimization we start committing atom by first trying to
-+ * flush it few times without switching into ASTAGE_CAPTURE_WAIT. This
-+ * allows to reduce stalls due to other threads waiting for atom in
-+ * ASTAGE_CAPTURE_WAIT stage. ->preflush is counter of these
-+ * preliminary flushes. */
-+ int preflush;
-+ /* have we waited on atom. */
-+ int wait;
-+ int failed;
-+ int wake_ktxnmgrd_up;
-+} commit_data;
-+
-+/*
-+ * Called from commit_txnh() repeatedly, until either error happens, or atom
-+ * commits successfully.
-+ */
-+static int try_commit_txnh(commit_data * cd)
-+{
-+ int result;
-+
-+ assert("nikita-2968", lock_stack_isclean(get_current_lock_stack()));
-+
-+ /* Get the atom and txnh locked. */
-+ cd->atom = txnh_get_atom(cd->txnh);
-+ assert("jmacd-309", cd->atom != NULL);
-+ spin_unlock_txnh(cd->txnh);
-+
-+ if (cd->wait) {
-+ cd->atom->nr_waiters--;
-+ cd->wait = 0;
-+ }
-+
-+ if (cd->atom->stage == ASTAGE_DONE)
-+ return 0;
-+
-+ if (cd->failed)
-+ return 0;
-+
-+ if (atom_should_commit(cd->atom)) {
-+ /* if atom is _very_ large schedule it for commit as soon as
-+ * possible. */
-+ if (atom_should_commit_asap(cd->atom)) {
-+ /*
-+ * When atom is in PRE_COMMIT or later stage following
-+ * invariant (encoded in atom_can_be_committed())
-+ * holds: there is exactly one non-waiter transaction
-+ * handle opened on this atom. When thread wants to
-+ * wait until atom commits (for example sync()) it
-+ * waits on atom event after increasing
-+ * atom->nr_waiters (see blow in this function). It
-+ * cannot be guaranteed that atom is already committed
-+ * after receiving event, so loop has to be
-+ * re-started. But if atom switched into PRE_COMMIT
-+ * stage and became too large, we cannot change its
-+ * state back to CAPTURE_WAIT (atom stage can only
-+ * increase monotonically), hence this check.
-+ */
-+ if (cd->atom->stage < ASTAGE_CAPTURE_WAIT)
-+ atom_set_stage(cd->atom, ASTAGE_CAPTURE_WAIT);
-+ cd->atom->flags |= ATOM_FORCE_COMMIT;
-+ }
-+ if (cd->txnh->flags & TXNH_DONT_COMMIT) {
-+ /*
-+ * this thread (transaction handle that is) doesn't
-+ * want to commit atom. Notify waiters that handle is
-+ * closed. This can happen, for example, when we are
-+ * under VFS directory lock and don't want to commit
-+ * atom right now to avoid stalling other threads
-+ * working in the same directory.
-+ */
-+
-+ /* Wake the ktxnmgrd up if the ktxnmgrd is needed to
-+ * commit this atom: no atom waiters and only one
-+ * (our) open transaction handle. */
-+ cd->wake_ktxnmgrd_up =
-+ cd->atom->txnh_count == 1 &&
-+ cd->atom->nr_waiters == 0;
-+ atom_send_event(cd->atom);
-+ result = 0;
-+ } else if (!atom_can_be_committed(cd->atom)) {
-+ if (should_wait_commit(cd->txnh)) {
-+ /* sync(): wait for commit */
-+ cd->atom->nr_waiters++;
-+ cd->wait = 1;
-+ atom_wait_event(cd->atom);
-+ result = RETERR(-E_REPEAT);
-+ } else {
-+ result = 0;
-+ }
-+ } else if (cd->preflush > 0 && !is_current_ktxnmgrd()) {
-+ /*
-+ * optimization: flush atom without switching it into
-+ * ASTAGE_CAPTURE_WAIT.
-+ *
-+ * But don't do this for ktxnmgrd, because ktxnmgrd
-+ * should never block on atom fusion.
-+ */
-+ result = flush_current_atom(JNODE_FLUSH_WRITE_BLOCKS,
-+ LONG_MAX, &cd->nr_written,
-+ &cd->atom, NULL);
-+ if (result == 0) {
-+ spin_unlock_atom(cd->atom);
-+ cd->preflush = 0;
-+ result = RETERR(-E_REPEAT);
-+ } else /* Atoms wasn't flushed
-+ * completely. Rinse. Repeat. */
-+ --cd->preflush;
-+ } else {
-+ /* We change atom state to ASTAGE_CAPTURE_WAIT to
-+ prevent atom fusion and count ourself as an active
-+ flusher */
-+ atom_set_stage(cd->atom, ASTAGE_CAPTURE_WAIT);
-+ cd->atom->flags |= ATOM_FORCE_COMMIT;
-+
-+ result =
-+ commit_current_atom(&cd->nr_written, &cd->atom);
-+ if (result != 0 && result != -E_REPEAT)
-+ cd->failed = 1;
-+ }
-+ } else
-+ result = 0;
-+
-+#if REISER4_DEBUG
-+ if (result == 0)
-+ assert_spin_locked(&(cd->atom->alock));
-+#endif
-+
-+ /* perfectly valid assertion, except that when atom/txnh is not locked
-+ * fusion can take place, and cd->atom points nowhere. */
-+ /*
-+ assert("jmacd-1028", ergo(result != 0, spin_atom_is_not_locked(cd->atom)));
-+ */
-+ return result;
-+}
-+
-+/* Called to commit a transaction handle. This decrements the atom's number of open
-+ handles and if it is the last handle to commit and the atom should commit, initiates
-+ atom commit. if commit does not fail, return number of written blocks */
-+static int commit_txnh(txn_handle * txnh)
-+{
-+ commit_data cd;
-+ assert("umka-192", txnh != NULL);
-+
-+ memset(&cd, 0, sizeof cd);
-+ cd.txnh = txnh;
-+ cd.preflush = 10;
-+
-+ /* calls try_commit_txnh() until either atom commits, or error
-+ * happens */
-+ while (try_commit_txnh(&cd) != 0)
-+ preempt_point();
-+
-+ spin_lock_txnh(txnh);
-+
-+ cd.atom->txnh_count -= 1;
-+ txnh->atom = NULL;
-+ /* remove transaction handle from atom's list of transaction handles */
-+ list_del_init(&txnh->txnh_link);
-+
-+ spin_unlock_txnh(txnh);
-+ atom_dec_and_unlock(cd.atom);
-+ /* if we don't want to do a commit (TXNH_DONT_COMMIT is set, probably
-+ * because it takes time) by current thread, we do that work
-+ * asynchronously by ktxnmgrd daemon. */
-+ if (cd.wake_ktxnmgrd_up)
-+ ktxnmgrd_kick(&get_current_super_private()->tmgr);
-+
-+ return 0;
-+}
-+
-+/* TRY_CAPTURE */
-+
-+/* This routine attempts a single block-capture request. It may return -E_REPEAT if some
-+ condition indicates that the request should be retried, and it may block if the
-+ txn_capture mode does not include the TXN_CAPTURE_NONBLOCKING request flag.
-+
-+ This routine encodes the basic logic of block capturing described by:
-+
-+ http://namesys.com/v4/v4.html
-+
-+ Our goal here is to ensure that any two blocks that contain dependent modifications
-+ should commit at the same time. This function enforces this discipline by initiating
-+ fusion whenever a transaction handle belonging to one atom requests to read or write a
-+ block belonging to another atom (TXN_CAPTURE_WRITE or TXN_CAPTURE_READ_ATOMIC).
-+
-+ In addition, this routine handles the initial assignment of atoms to blocks and
-+ transaction handles. These are possible outcomes of this function:
-+
-+ 1. The block and handle are already part of the same atom: return immediate success
-+
-+ 2. The block is assigned but the handle is not: call capture_assign_txnh to assign
-+ the handle to the block's atom.
-+
-+ 3. The handle is assigned but the block is not: call capture_assign_block to assign
-+ the block to the handle's atom.
-+
-+ 4. Both handle and block are assigned, but to different atoms: call capture_init_fusion
-+ to fuse atoms.
-+
-+ 5. Neither block nor handle are assigned: create a new atom and assign them both.
-+
-+ 6. A read request for a non-captured block: return immediate success.
-+
-+ This function acquires and releases the handle's spinlock. This function is called
-+ under the jnode lock and if the return value is 0, it returns with the jnode lock still
-+ held. If the return is -E_REPEAT or some other error condition, the jnode lock is
-+ released. The external interface (try_capture) manages re-aquiring the jnode lock
-+ in the failure case.
-+*/
-+static int try_capture_block(
-+ txn_handle * txnh, jnode * node, txn_capture mode,
-+ txn_atom ** atom_alloc)
-+{
-+ txn_atom *block_atom;
-+ txn_atom *txnh_atom;
-+
-+ /* Should not call capture for READ_NONCOM requests, handled in try_capture. */
-+ assert("jmacd-567", CAPTURE_TYPE(mode) != TXN_CAPTURE_READ_NONCOM);
-+
-+ /* FIXME-ZAM-HANS: FIXME_LATER_JMACD Should assert that atom->tree ==
-+ * node->tree somewhere. */
-+ assert("umka-194", txnh != NULL);
-+ assert("umka-195", node != NULL);
-+
-+ /* The jnode is already locked! Being called from try_capture(). */
-+ assert_spin_locked(&(node->guard));
-+ block_atom = node->atom;
-+
-+ /* Get txnh spinlock, this allows us to compare txn_atom pointers but it doesn't
-+ let us touch the atoms themselves. */
-+ spin_lock_txnh(txnh);
-+ txnh_atom = txnh->atom;
-+ /* Process of capturing continues into one of four branches depends on
-+ which atoms from (block atom (node->atom), current atom (txnh->atom))
-+ exist. */
-+ if (txnh_atom == NULL) {
-+ if (block_atom == NULL) {
-+ spin_unlock_txnh(txnh);
-+ spin_unlock_jnode(node);
-+ /* assign empty atom to the txnh and repeat */
-+ return atom_begin_and_assign_to_txnh(atom_alloc, txnh);
-+ } else {
-+ atomic_inc(&block_atom->refcount);
-+ /* node spin-lock isn't needed anymore */
-+ spin_unlock_jnode(node);
-+ if (!spin_trylock_atom(block_atom)) {
-+ spin_unlock_txnh(txnh);
-+ spin_lock_atom(block_atom);
-+ spin_lock_txnh(txnh);
-+ }
-+ /* re-check state after getting txnh and the node
-+ * atom spin-locked */
-+ if (node->atom != block_atom || txnh->atom != NULL) {
-+ spin_unlock_txnh(txnh);
-+ atom_dec_and_unlock(block_atom);
-+ return RETERR(-E_REPEAT);
-+ }
-+ atomic_dec(&block_atom->refcount);
-+ if (block_atom->stage > ASTAGE_CAPTURE_WAIT ||
-+ (block_atom->stage == ASTAGE_CAPTURE_WAIT &&
-+ block_atom->txnh_count != 0))
-+ return capture_fuse_wait(txnh, block_atom, NULL, mode);
-+ capture_assign_txnh_nolock(block_atom, txnh);
-+ spin_unlock_txnh(txnh);
-+ spin_unlock_atom(block_atom);
-+ return RETERR(-E_REPEAT);
-+ }
-+ } else {
-+ /* It is time to perform deadlock prevention check over the
-+ node we want to capture. It is possible this node was locked
-+ for read without capturing it. The optimization which allows
-+ to do it helps us in keeping atoms independent as long as
-+ possible but it may cause lock/fuse deadlock problems.
-+
-+ A number of similar deadlock situations with locked but not
-+ captured nodes were found. In each situation there are two
-+ or more threads: one of them does flushing while another one
-+ does routine balancing or tree lookup. The flushing thread
-+ (F) sleeps in long term locking request for node (N), another
-+ thread (A) sleeps in trying to capture some node already
-+ belonging the atom F, F has a state which prevents
-+ immediately fusion .
-+
-+ Deadlocks of this kind cannot happen if node N was properly
-+ captured by thread A. The F thread fuse atoms before locking
-+ therefore current atom of thread F and current atom of thread
-+ A became the same atom and thread A may proceed. This does
-+ not work if node N was not captured because the fusion of
-+ atom does not happens.
-+
-+ The following scheme solves the deadlock: If
-+ longterm_lock_znode locks and does not capture a znode, that
-+ znode is marked as MISSED_IN_CAPTURE. A node marked this way
-+ is processed by the code below which restores the missed
-+ capture and fuses current atoms of all the node lock owners
-+ by calling the fuse_not_fused_lock_owners() function. */
-+ if (JF_ISSET(node, JNODE_MISSED_IN_CAPTURE)) {
-+ JF_CLR(node, JNODE_MISSED_IN_CAPTURE);
-+ if (jnode_is_znode(node) && znode_is_locked(JZNODE(node))) {
-+ spin_unlock_txnh(txnh);
-+ spin_unlock_jnode(node);
-+ fuse_not_fused_lock_owners(txnh, JZNODE(node));
-+ return RETERR(-E_REPEAT);
-+ }
-+ }
-+ if (block_atom == NULL) {
-+ atomic_inc(&txnh_atom->refcount);
-+ spin_unlock_txnh(txnh);
-+ if (!spin_trylock_atom(txnh_atom)) {
-+ spin_unlock_jnode(node);
-+ spin_lock_atom(txnh_atom);
-+ spin_lock_jnode(node);
-+ }
-+ if (txnh->atom != txnh_atom || node->atom != NULL
-+ || JF_ISSET(node, JNODE_IS_DYING)) {
-+ spin_unlock_jnode(node);
-+ atom_dec_and_unlock(txnh_atom);
-+ return RETERR(-E_REPEAT);
-+ }
-+ atomic_dec(&txnh_atom->refcount);
-+ capture_assign_block_nolock(txnh_atom, node);
-+ spin_unlock_atom(txnh_atom);
-+ } else {
-+ if (txnh_atom != block_atom) {
-+ if (mode & TXN_CAPTURE_DONT_FUSE) {
-+ spin_unlock_txnh(txnh);
-+ spin_unlock_jnode(node);
-+ /* we are in a "no-fusion" mode and @node is
-+ * already part of transaction. */
-+ return RETERR(-E_NO_NEIGHBOR);
-+ }
-+ return capture_init_fusion(node, txnh, mode);
-+ }
-+ spin_unlock_txnh(txnh);
-+ }
-+ }
-+ return 0;
-+}
-+
-+static txn_capture
-+build_capture_mode(jnode * node, znode_lock_mode lock_mode, txn_capture flags)
-+{
-+ txn_capture cap_mode;
-+
-+ assert_spin_locked(&(node->guard));
-+
-+ /* FIXME_JMACD No way to set TXN_CAPTURE_READ_MODIFY yet. */
-+
-+ if (lock_mode == ZNODE_WRITE_LOCK) {
-+ cap_mode = TXN_CAPTURE_WRITE;
-+ } else if (node->atom != NULL) {
-+ cap_mode = TXN_CAPTURE_WRITE;
-+ } else if (0 && /* txnh->mode == TXN_READ_FUSING && */
-+ jnode_get_level(node) == LEAF_LEVEL) {
-+ /* NOTE-NIKITA TXN_READ_FUSING is not currently used */
-+ /* We only need a READ_FUSING capture at the leaf level. This
-+ is because the internal levels of the tree (twigs included)
-+ are redundant from the point of the user that asked for a
-+ read-fusing transcrash. The user only wants to read-fuse
-+ atoms due to reading uncommitted data that another user has
-+ written. It is the file system that reads/writes the
-+ internal tree levels, the user only reads/writes leaves. */
-+ cap_mode = TXN_CAPTURE_READ_ATOMIC;
-+ } else {
-+ /* In this case (read lock at a non-leaf) there's no reason to
-+ * capture. */
-+ /* cap_mode = TXN_CAPTURE_READ_NONCOM; */
-+ return 0;
-+ }
-+
-+ cap_mode |= (flags & (TXN_CAPTURE_NONBLOCKING | TXN_CAPTURE_DONT_FUSE));
-+ assert("nikita-3186", cap_mode != 0);
-+ return cap_mode;
-+}
-+
-+/* This is an external interface to try_capture_block(), it calls
-+ try_capture_block() repeatedly as long as -E_REPEAT is returned.
-+
-+ @node: node to capture,
-+ @lock_mode: read or write lock is used in capture mode calculation,
-+ @flags: see txn_capture flags enumeration,
-+ @can_coc : can copy-on-capture
-+
-+ @return: 0 - node was successfully captured, -E_REPEAT - capture request
-+ cannot be processed immediately as it was requested in flags,
-+ < 0 - other errors.
-+*/
-+int try_capture(jnode *node, znode_lock_mode lock_mode,
-+ txn_capture flags)
-+{
-+ txn_atom *atom_alloc = NULL;
-+ txn_capture cap_mode;
-+ txn_handle *txnh = get_current_context()->trans;
-+ int ret;
-+
-+ assert_spin_locked(&(node->guard));
-+
-+ repeat:
-+ if (JF_ISSET(node, JNODE_IS_DYING))
-+ return RETERR(-EINVAL);
-+ if (node->atom != NULL && txnh->atom == node->atom)
-+ return 0;
-+ cap_mode = build_capture_mode(node, lock_mode, flags);
-+ if (cap_mode == 0 ||
-+ (!(cap_mode & TXN_CAPTURE_WTYPES) && node->atom == NULL)) {
-+ /* Mark this node as "MISSED". It helps in further deadlock
-+ * analysis */
-+ if (jnode_is_znode(node))
-+ JF_SET(node, JNODE_MISSED_IN_CAPTURE);
-+ return 0;
-+ }
-+ /* Repeat try_capture as long as -E_REPEAT is returned. */
-+ ret = try_capture_block(txnh, node, cap_mode, &atom_alloc);
-+ /* Regardless of non_blocking:
-+
-+ If ret == 0 then jnode is still locked.
-+ If ret != 0 then jnode is unlocked.
-+ */
-+#if REISER4_DEBUG
-+ if (ret == 0)
-+ assert_spin_locked(&(node->guard));
-+ else
-+ assert_spin_not_locked(&(node->guard));
-+#endif
-+ assert_spin_not_locked(&(txnh->guard));
-+
-+ if (ret == -E_REPEAT) {
-+ /* E_REPEAT implies all locks were released, therefore we need
-+ to take the jnode's lock again. */
-+ spin_lock_jnode(node);
-+
-+ /* Although this may appear to be a busy loop, it is not.
-+ There are several conditions that cause E_REPEAT to be
-+ returned by the call to try_capture_block, all cases
-+ indicating some kind of state change that means you should
-+ retry the request and will get a different result. In some
-+ cases this could be avoided with some extra code, but
-+ generally it is done because the necessary locks were
-+ released as a result of the operation and repeating is the
-+ simplest thing to do (less bug potential). The cases are:
-+ atom fusion returns E_REPEAT after it completes (jnode and
-+ txnh were unlocked); race conditions in assign_block,
-+ assign_txnh, and init_fusion return E_REPEAT (trylock
-+ failure); after going to sleep in capture_fuse_wait
-+ (request was blocked but may now succeed). I'm not quite
-+ sure how capture_copy works yet, but it may also return
-+ E_REPEAT. When the request is legitimately blocked, the
-+ requestor goes to sleep in fuse_wait, so this is not a busy
-+ loop. */
-+ /* NOTE-NIKITA: still don't understand:
-+
-+ try_capture_block->capture_assign_txnh->spin_trylock_atom->E_REPEAT
-+
-+ looks like busy loop?
-+ */
-+ goto repeat;
-+ }
-+
-+ /* free extra atom object that was possibly allocated by
-+ try_capture_block().
-+
-+ Do this before acquiring jnode spin lock to
-+ minimize time spent under lock. --nikita */
-+ if (atom_alloc != NULL) {
-+ kmem_cache_free(_atom_slab, atom_alloc);
-+ }
-+
-+ if (ret != 0) {
-+ if (ret == -E_BLOCK) {
-+ assert("nikita-3360",
-+ cap_mode & TXN_CAPTURE_NONBLOCKING);
-+ ret = -E_REPEAT;
-+ }
-+
-+ /* Failure means jnode is not locked. FIXME_LATER_JMACD May
-+ want to fix the above code to avoid releasing the lock and
-+ re-acquiring it, but there are cases were failure occurs
-+ when the lock is not held, and those cases would need to be
-+ modified to re-take the lock. */
-+ spin_lock_jnode(node);
-+ }
-+
-+ /* Jnode is still locked. */
-+ assert_spin_locked(&(node->guard));
-+ return ret;
-+}
-+
-+static void release_two_atoms(txn_atom *one, txn_atom *two)
-+{
-+ spin_unlock_atom(one);
-+ atom_dec_and_unlock(two);
-+ spin_lock_atom(one);
-+ atom_dec_and_unlock(one);
-+}
-+
-+/* This function sets up a call to try_capture_block and repeats as long as -E_REPEAT is
-+ returned by that routine. The txn_capture request mode is computed here depending on
-+ the transaction handle's type and the lock request. This is called from the depths of
-+ the lock manager with the jnode lock held and it always returns with the jnode lock
-+ held.
-+*/
-+
-+/* fuse all 'active' atoms of lock owners of given node. */
-+static void fuse_not_fused_lock_owners(txn_handle * txnh, znode * node)
-+{
-+ lock_handle *lh;
-+ int repeat;
-+ txn_atom *atomh, *atomf;
-+ reiser4_context *me = get_current_context();
-+ reiser4_context *ctx = NULL;
-+
-+ assert_spin_not_locked(&(ZJNODE(node)->guard));
-+ assert_spin_not_locked(&(txnh->hlock));
-+
-+ repeat:
-+ repeat = 0;
-+ atomh = txnh_get_atom(txnh);
-+ spin_unlock_txnh(txnh);
-+ assert("zam-692", atomh != NULL);
-+
-+ spin_lock_zlock(&node->lock);
-+ /* inspect list of lock owners */
-+ list_for_each_entry(lh, &node->lock.owners, owners_link) {
-+ ctx = get_context_by_lock_stack(lh->owner);
-+ if (ctx == me)
-+ continue;
-+ /* below we use two assumptions to avoid addition spin-locks
-+ for checking the condition :
-+
-+ 1) if the lock stack has lock, the transaction should be
-+ opened, i.e. ctx->trans != NULL;
-+
-+ 2) reading of well-aligned ctx->trans->atom is atomic, if it
-+ equals to the address of spin-locked atomh, we take that
-+ the atoms are the same, nothing has to be captured. */
-+ if (atomh != ctx->trans->atom) {
-+ reiser4_wake_up(lh->owner);
-+ repeat = 1;
-+ break;
-+ }
-+ }
-+ if (repeat) {
-+ if (!spin_trylock_txnh(ctx->trans)) {
-+ spin_unlock_zlock(&node->lock);
-+ spin_unlock_atom(atomh);
-+ goto repeat;
-+ }
-+ atomf = ctx->trans->atom;
-+ if (atomf == NULL) {
-+ capture_assign_txnh_nolock(atomh, ctx->trans);
-+ /* release zlock lock _after_ assigning the atom to the
-+ * transaction handle, otherwise the lock owner thread
-+ * may unlock all znodes, exit kernel context and here
-+ * we would access an invalid transaction handle. */
-+ spin_unlock_zlock(&node->lock);
-+ spin_unlock_atom(atomh);
-+ spin_unlock_txnh(ctx->trans);
-+ goto repeat;
-+ }
-+ assert("zam-1059", atomf != atomh);
-+ spin_unlock_zlock(&node->lock);
-+ atomic_inc(&atomh->refcount);
-+ atomic_inc(&atomf->refcount);
-+ spin_unlock_txnh(ctx->trans);
-+ if (atomf > atomh) {
-+ spin_lock_atom(atomf);
-+ } else {
-+ spin_unlock_atom(atomh);
-+ spin_lock_atom(atomf);
-+ spin_lock_atom(atomh);
-+ }
-+ if (atomh == atomf || !atom_isopen(atomh) || !atom_isopen(atomf)) {
-+ release_two_atoms(atomf, atomh);
-+ goto repeat;
-+ }
-+ atomic_dec(&atomh->refcount);
-+ atomic_dec(&atomf->refcount);
-+ capture_fuse_into(atomf, atomh);
-+ goto repeat;
-+ }
-+ spin_unlock_zlock(&node->lock);
-+ spin_unlock_atom(atomh);
-+}
-+
-+/* This is the interface to capture unformatted nodes via their struct page
-+ reference. Currently it is only used in reiser4_invalidatepage */
-+int try_capture_page_to_invalidate(struct page *pg)
-+{
-+ int ret;
-+ jnode *node;
-+
-+ assert("umka-292", pg != NULL);
-+ assert("nikita-2597", PageLocked(pg));
-+
-+ if (IS_ERR(node = jnode_of_page(pg))) {
-+ return PTR_ERR(node);
-+ }
-+
-+ spin_lock_jnode(node);
-+ unlock_page(pg);
-+
-+ ret = try_capture(node, ZNODE_WRITE_LOCK, 0);
-+ spin_unlock_jnode(node);
-+ jput(node);
-+ lock_page(pg);
-+ return ret;
-+}
-+
-+/* This informs the transaction manager when a node is deleted. Add the block to the
-+ atom's delete set and uncapture the block.
-+
-+VS-FIXME-HANS: this E_REPEAT paradigm clutters the code and creates a need for
-+explanations. find all the functions that use it, and unless there is some very
-+good reason to use it (I have not noticed one so far and I doubt it exists, but maybe somewhere somehow....),
-+move the loop to inside the function.
-+
-+VS-FIXME-HANS: can this code be at all streamlined? In particular, can you lock and unlock the jnode fewer times?
-+ */
-+void uncapture_page(struct page *pg)
-+{
-+ jnode *node;
-+ txn_atom *atom;
-+
-+ assert("umka-199", pg != NULL);
-+ assert("nikita-3155", PageLocked(pg));
-+
-+ clear_page_dirty_for_io(pg);
-+
-+ reiser4_wait_page_writeback(pg);
-+
-+ node = jprivate(pg);
-+ BUG_ON(node == NULL);
-+
-+ spin_lock_jnode(node);
-+
-+ atom = jnode_get_atom(node);
-+ if (atom == NULL) {
-+ assert("jmacd-7111", !JF_ISSET(node, JNODE_DIRTY));
-+ spin_unlock_jnode(node);
-+ return;
-+ }
-+
-+ /* We can remove jnode from transaction even if it is on flush queue
-+ * prepped list, we only need to be sure that flush queue is not being
-+ * written by write_fq(). write_fq() does not use atom spin lock for
-+ * protection of the prepped nodes list, instead write_fq() increments
-+ * atom's nr_running_queues counters for the time when prepped list is
-+ * not protected by spin lock. Here we check this counter if we want
-+ * to remove jnode from flush queue and, if the counter is not zero,
-+ * wait all write_fq() for this atom to complete. This is not
-+ * significant overhead. */
-+ while (JF_ISSET(node, JNODE_FLUSH_QUEUED) && atom->nr_running_queues) {
-+ spin_unlock_jnode(node);
-+ /*
-+ * at this moment we want to wait for "atom event", viz. wait
-+ * until @node can be removed from flush queue. But
-+ * atom_wait_event() cannot be called with page locked, because
-+ * it deadlocks with jnode_extent_write(). Unlock page, after
-+ * making sure (through page_cache_get()) that it cannot be
-+ * released from memory.
-+ */
-+ page_cache_get(pg);
-+ unlock_page(pg);
-+ atom_wait_event(atom);
-+ lock_page(pg);
-+ /*
-+ * page may has been detached by ->writepage()->releasepage().
-+ */
-+ reiser4_wait_page_writeback(pg);
-+ spin_lock_jnode(node);
-+ page_cache_release(pg);
-+ atom = jnode_get_atom(node);
-+/* VS-FIXME-HANS: improve the commenting in this function */
-+ if (atom == NULL) {
-+ spin_unlock_jnode(node);
-+ return;
-+ }
-+ }
-+ uncapture_block(node);
-+ spin_unlock_atom(atom);
-+ jput(node);
-+}
-+
-+/* this is used in extent's kill hook to uncapture and unhash jnodes attached to
-+ * inode's tree of jnodes */
-+void uncapture_jnode(jnode * node)
-+{
-+ txn_atom *atom;
-+
-+ assert_spin_locked(&(node->guard));
-+ assert("", node->pg == 0);
-+
-+ atom = jnode_get_atom(node);
-+ if (atom == NULL) {
-+ assert("jmacd-7111", !JF_ISSET(node, JNODE_DIRTY));
-+ spin_unlock_jnode(node);
-+ return;
-+ }
-+
-+ uncapture_block(node);
-+ spin_unlock_atom(atom);
-+ jput(node);
-+}
-+
-+/* No-locking version of assign_txnh. Sets the transaction handle's atom pointer,
-+ increases atom refcount and txnh_count, adds to txnh_list. */
-+static void capture_assign_txnh_nolock(txn_atom *atom, txn_handle *txnh)
-+{
-+ assert("umka-200", atom != NULL);
-+ assert("umka-201", txnh != NULL);
-+
-+ assert_spin_locked(&(txnh->hlock));
-+ assert_spin_locked(&(atom->alock));
-+ assert("jmacd-824", txnh->atom == NULL);
-+ assert("nikita-3540", atom_isopen(atom));
-+ BUG_ON(txnh->atom != NULL);
-+
-+ atomic_inc(&atom->refcount);
-+ txnh->atom = atom;
-+ set_gfp_mask();
-+ list_add_tail(&txnh->txnh_link, &atom->txnh_list);
-+ atom->txnh_count += 1;
-+}
-+
-+/* No-locking version of assign_block. Sets the block's atom pointer, references the
-+ block, adds it to the clean or dirty capture_jnode list, increments capture_count. */
-+static void capture_assign_block_nolock(txn_atom *atom, jnode *node)
-+{
-+ assert("umka-202", atom != NULL);
-+ assert("umka-203", node != NULL);
-+ assert_spin_locked(&(node->guard));
-+ assert_spin_locked(&(atom->alock));
-+ assert("jmacd-323", node->atom == NULL);
-+ BUG_ON(!list_empty_careful(&node->capture_link));
-+ assert("nikita-3470", !JF_ISSET(node, JNODE_DIRTY));
-+
-+ /* Pointer from jnode to atom is not counted in atom->refcount. */
-+ node->atom = atom;
-+
-+ list_add_tail(&node->capture_link, ATOM_CLEAN_LIST(atom));
-+ atom->capture_count += 1;
-+ /* reference to jnode is acquired by atom. */
-+ jref(node);
-+
-+ ON_DEBUG(count_jnode(atom, node, NOT_CAPTURED, CLEAN_LIST, 1));
-+
-+ LOCK_CNT_INC(t_refs);
-+}
-+
-+/* common code for dirtying both unformatted jnodes and formatted znodes. */
-+static void do_jnode_make_dirty(jnode * node, txn_atom * atom)
-+{
-+ assert_spin_locked(&(node->guard));
-+ assert_spin_locked(&(atom->alock));
-+ assert("jmacd-3981", !JF_ISSET(node, JNODE_DIRTY));
-+
-+ JF_SET(node, JNODE_DIRTY);
-+
-+ get_current_context()->nr_marked_dirty++;
-+
-+ /* We grab2flush_reserve one additional block only if node was
-+ not CREATED and jnode_flush did not sort it into neither
-+ relocate set nor overwrite one. If node is in overwrite or
-+ relocate set we assume that atom's flush reserved counter was
-+ already adjusted. */
-+ if (!JF_ISSET(node, JNODE_CREATED) && !JF_ISSET(node, JNODE_RELOC)
-+ && !JF_ISSET(node, JNODE_OVRWR) && jnode_is_leaf(node)
-+ && !jnode_is_cluster_page(node)) {
-+ assert("vs-1093", !blocknr_is_fake(&node->blocknr));
-+ assert("vs-1506", *jnode_get_block(node) != 0);
-+ grabbed2flush_reserved_nolock(atom, (__u64) 1);
-+ JF_SET(node, JNODE_FLUSH_RESERVED);
-+ }
-+
-+ if (!JF_ISSET(node, JNODE_FLUSH_QUEUED)) {
-+ /* If the atom is not set yet, it will be added to the appropriate list in
-+ capture_assign_block_nolock. */
-+ /* Sometimes a node is set dirty before being captured -- the case for new
-+ jnodes. In that case the jnode will be added to the appropriate list
-+ in capture_assign_block_nolock. Another reason not to re-link jnode is
-+ that jnode is on a flush queue (see flush.c for details) */
-+
-+ int level = jnode_get_level(node);
-+
-+ assert("nikita-3152", !JF_ISSET(node, JNODE_OVRWR));
-+ assert("zam-654", atom->stage < ASTAGE_PRE_COMMIT);
-+ assert("nikita-2607", 0 <= level);
-+ assert("nikita-2606", level <= REAL_MAX_ZTREE_HEIGHT);
-+
-+ /* move node to atom's dirty list */
-+ list_move_tail(&node->capture_link, ATOM_DIRTY_LIST(atom, level));
-+ ON_DEBUG(count_jnode
-+ (atom, node, NODE_LIST(node), DIRTY_LIST, 1));
-+ }
-+}
-+
-+/* Set the dirty status for this (spin locked) jnode. */
-+void jnode_make_dirty_locked(jnode * node)
-+{
-+ assert("umka-204", node != NULL);
-+ assert_spin_locked(&(node->guard));
-+
-+ if (REISER4_DEBUG && rofs_jnode(node)) {
-+ warning("nikita-3365", "Dirtying jnode on rofs");
-+ dump_stack();
-+ }
-+
-+ /* Fast check for already dirty node */
-+ if (!JF_ISSET(node, JNODE_DIRTY)) {
-+ txn_atom *atom;
-+
-+ atom = jnode_get_atom(node);
-+ assert("vs-1094", atom);
-+ /* Check jnode dirty status again because node spin lock might
-+ * be released inside jnode_get_atom(). */
-+ if (likely(!JF_ISSET(node, JNODE_DIRTY)))
-+ do_jnode_make_dirty(node, atom);
-+ spin_unlock_atom(atom);
-+ }
-+}
-+
-+/* Set the dirty status for this znode. */
-+void znode_make_dirty(znode * z)
-+{
-+ jnode *node;
-+ struct page *page;
-+
-+ assert("umka-204", z != NULL);
-+ assert("nikita-3290", znode_above_root(z) || znode_is_loaded(z));
-+ assert("nikita-3560", znode_is_write_locked(z));
-+
-+ node = ZJNODE(z);
-+ /* znode is longterm locked, we can check dirty bit without spinlock */
-+ if (JF_ISSET(node, JNODE_DIRTY)) {
-+ /* znode is dirty already. All we have to do is to change znode version */
-+ z->version = znode_build_version(jnode_get_tree(node));
-+ return;
-+ }
-+
-+ spin_lock_jnode(node);
-+ jnode_make_dirty_locked(node);
-+ page = jnode_page(node);
-+ if (page != NULL) {
-+ /* this is useful assertion (allows one to check that no
-+ * modifications are lost due to update of in-flight page),
-+ * but it requires locking on page to check PG_writeback
-+ * bit. */
-+ /* assert("nikita-3292",
-+ !PageWriteback(page) || ZF_ISSET(z, JNODE_WRITEBACK)); */
-+ page_cache_get(page);
-+
-+ /* jnode lock is not needed for the rest of
-+ * znode_set_dirty(). */
-+ spin_unlock_jnode(node);
-+ /* reiser4 file write code calls set_page_dirty for
-+ * unformatted nodes, for formatted nodes we do it here. */
-+ set_page_dirty_internal(page);
-+ page_cache_release(page);
-+ /* bump version counter in znode */
-+ z->version = znode_build_version(jnode_get_tree(node));
-+ } else {
-+ assert("zam-596", znode_above_root(JZNODE(node)));
-+ spin_unlock_jnode(node);
-+ }
-+
-+ assert("nikita-1900", znode_is_write_locked(z));
-+ assert("jmacd-9777", node->atom != NULL);
-+}
-+
-+int sync_atom(txn_atom * atom)
-+{
-+ int result;
-+ txn_handle *txnh;
-+
-+ txnh = get_current_context()->trans;
-+
-+ result = 0;
-+ if (atom != NULL) {
-+ if (atom->stage < ASTAGE_PRE_COMMIT) {
-+ spin_lock_txnh(txnh);
-+ capture_assign_txnh_nolock(atom, txnh);
-+ result = force_commit_atom(txnh);
-+ } else if (atom->stage < ASTAGE_POST_COMMIT) {
-+ /* wait atom commit */
-+ atom_wait_event(atom);
-+ /* try once more */
-+ result = RETERR(-E_REPEAT);
-+ } else
-+ spin_unlock_atom(atom);
-+ }
-+ return result;
-+}
-+
-+#if REISER4_DEBUG
-+
-+/* move jnode form one list to another
-+ call this after atom->capture_count is updated */
-+void
-+count_jnode(txn_atom * atom, jnode * node, atom_list old_list,
-+ atom_list new_list, int check_lists)
-+{
-+ struct list_head *pos;
-+
-+ assert("zam-1018", atom_is_protected(atom));
-+ assert_spin_locked(&(node->guard));
-+ assert("", NODE_LIST(node) == old_list);
-+
-+ switch (NODE_LIST(node)) {
-+ case NOT_CAPTURED:
-+ break;
-+ case DIRTY_LIST:
-+ assert("", atom->dirty > 0);
-+ atom->dirty--;
-+ break;
-+ case CLEAN_LIST:
-+ assert("", atom->clean > 0);
-+ atom->clean--;
-+ break;
-+ case FQ_LIST:
-+ assert("", atom->fq > 0);
-+ atom->fq--;
-+ break;
-+ case WB_LIST:
-+ assert("", atom->wb > 0);
-+ atom->wb--;
-+ break;
-+ case OVRWR_LIST:
-+ assert("", atom->ovrwr > 0);
-+ atom->ovrwr--;
-+ break;
-+ default:
-+ impossible("", "");
-+ }
-+
-+ switch (new_list) {
-+ case NOT_CAPTURED:
-+ break;
-+ case DIRTY_LIST:
-+ atom->dirty++;
-+ break;
-+ case CLEAN_LIST:
-+ atom->clean++;
-+ break;
-+ case FQ_LIST:
-+ atom->fq++;
-+ break;
-+ case WB_LIST:
-+ atom->wb++;
-+ break;
-+ case OVRWR_LIST:
-+ atom->ovrwr++;
-+ break;
-+ default:
-+ impossible("", "");
-+ }
-+ ASSIGN_NODE_LIST(node, new_list);
-+ if (0 && check_lists) {
-+ int count;
-+ tree_level level;
-+
-+ count = 0;
-+
-+ /* flush queue list */
-+ /*check_fq(atom); */
-+
-+ /* dirty list */
-+ count = 0;
-+ for (level = 0; level < REAL_MAX_ZTREE_HEIGHT + 1; level += 1) {
-+ list_for_each(pos, ATOM_DIRTY_LIST(atom, level))
-+ count++;
-+ }
-+ if (count != atom->dirty)
-+ warning("", "dirty counter %d, real %d\n", atom->dirty,
-+ count);
-+
-+ /* clean list */
-+ count = 0;
-+ list_for_each(pos, ATOM_CLEAN_LIST(atom))
-+ count++;
-+ if (count != atom->clean)
-+ warning("", "clean counter %d, real %d\n", atom->clean,
-+ count);
-+
-+ /* wb list */
-+ count = 0;
-+ list_for_each(pos, ATOM_WB_LIST(atom))
-+ count++;
-+ if (count != atom->wb)
-+ warning("", "wb counter %d, real %d\n", atom->wb,
-+ count);
-+
-+ /* overwrite list */
-+ count = 0;
-+ list_for_each(pos, ATOM_OVRWR_LIST(atom))
-+ count++;
-+
-+ if (count != atom->ovrwr)
-+ warning("", "ovrwr counter %d, real %d\n", atom->ovrwr,
-+ count);
-+ }
-+ assert("vs-1624", atom->num_queued == atom->fq);
-+ if (atom->capture_count !=
-+ atom->dirty + atom->clean + atom->ovrwr + atom->wb + atom->fq) {
-+ printk
-+ ("count %d, dirty %d clean %d ovrwr %d wb %d fq %d\n",
-+ atom->capture_count, atom->dirty, atom->clean, atom->ovrwr,
-+ atom->wb, atom->fq);
-+ assert("vs-1622",
-+ atom->capture_count ==
-+ atom->dirty + atom->clean + atom->ovrwr + atom->wb +
-+ atom->fq);
-+ }
-+}
-+
-+#endif
-+
-+/* Make node OVRWR and put it on atom->overwrite_nodes list, atom lock and jnode
-+ * lock should be taken before calling this function. */
-+void jnode_make_wander_nolock(jnode * node)
-+{
-+ txn_atom *atom;
-+
-+ assert("nikita-2431", node != NULL);
-+ assert("nikita-2432", !JF_ISSET(node, JNODE_RELOC));
-+ assert("nikita-3153", JF_ISSET(node, JNODE_DIRTY));
-+ assert("zam-897", !JF_ISSET(node, JNODE_FLUSH_QUEUED));
-+ assert("nikita-3367", !blocknr_is_fake(jnode_get_block(node)));
-+
-+ atom = node->atom;
-+
-+ assert("zam-895", atom != NULL);
-+ assert("zam-894", atom_is_protected(atom));
-+
-+ JF_SET(node, JNODE_OVRWR);
-+ /* move node to atom's overwrite list */
-+ list_move_tail(&node->capture_link, ATOM_OVRWR_LIST(atom));
-+ ON_DEBUG(count_jnode(atom, node, DIRTY_LIST, OVRWR_LIST, 1));
-+}
-+
-+/* Same as jnode_make_wander_nolock, but all necessary locks are taken inside
-+ * this function. */
-+void jnode_make_wander(jnode * node)
-+{
-+ txn_atom *atom;
-+
-+ spin_lock_jnode(node);
-+ atom = jnode_get_atom(node);
-+ assert("zam-913", atom != NULL);
-+ assert("zam-914", !JF_ISSET(node, JNODE_RELOC));
-+
-+ jnode_make_wander_nolock(node);
-+ spin_unlock_atom(atom);
-+ spin_unlock_jnode(node);
-+}
-+
-+/* this just sets RELOC bit */
-+static void jnode_make_reloc_nolock(flush_queue_t * fq, jnode * node)
-+{
-+ assert_spin_locked(&(node->guard));
-+ assert("zam-916", JF_ISSET(node, JNODE_DIRTY));
-+ assert("zam-917", !JF_ISSET(node, JNODE_RELOC));
-+ assert("zam-918", !JF_ISSET(node, JNODE_OVRWR));
-+ assert("zam-920", !JF_ISSET(node, JNODE_FLUSH_QUEUED));
-+ assert("nikita-3367", !blocknr_is_fake(jnode_get_block(node)));
-+ jnode_set_reloc(node);
-+}
-+
-+/* Make znode RELOC and put it on flush queue */
-+void znode_make_reloc(znode * z, flush_queue_t * fq)
-+{
-+ jnode *node;
-+ txn_atom *atom;
-+
-+ node = ZJNODE(z);
-+ spin_lock_jnode(node);
-+
-+ atom = jnode_get_atom(node);
-+ assert("zam-919", atom != NULL);
-+
-+ jnode_make_reloc_nolock(fq, node);
-+ queue_jnode(fq, node);
-+
-+ spin_unlock_atom(atom);
-+ spin_unlock_jnode(node);
-+
-+}
-+
-+/* Make unformatted node RELOC and put it on flush queue */
-+void unformatted_make_reloc(jnode *node, flush_queue_t *fq)
-+{
-+ assert("vs-1479", jnode_is_unformatted(node));
-+
-+ jnode_make_reloc_nolock(fq, node);
-+ queue_jnode(fq, node);
-+}
-+
-+int capture_super_block(struct super_block *s)
-+{
-+ int result;
-+ znode *uber;
-+ lock_handle lh;
-+
-+ init_lh(&lh);
-+ result = get_uber_znode(get_tree(s),
-+ ZNODE_WRITE_LOCK, ZNODE_LOCK_LOPRI, &lh);
-+ if (result)
-+ return result;
-+
-+ uber = lh.node;
-+ /* Grabbing one block for superblock */
-+ result = reiser4_grab_space_force((__u64) 1, BA_RESERVED);
-+ if (result != 0)
-+ return result;
-+
-+ znode_make_dirty(uber);
-+
-+ done_lh(&lh);
-+ return 0;
-+}
-+
-+/* Wakeup every handle on the atom's WAITFOR list */
-+static void wakeup_atom_waitfor_list(txn_atom * atom)
-+{
-+ txn_wait_links *wlinks;
-+
-+ assert("umka-210", atom != NULL);
-+
-+ /* atom is locked */
-+ list_for_each_entry(wlinks, &atom->fwaitfor_list, _fwaitfor_link) {
-+ if (wlinks->waitfor_cb == NULL ||
-+ wlinks->waitfor_cb(atom, wlinks))
-+ /* Wake up. */
-+ reiser4_wake_up(wlinks->_lock_stack);
-+ }
-+}
-+
-+/* Wakeup every handle on the atom's WAITING list */
-+static void wakeup_atom_waiting_list(txn_atom * atom)
-+{
-+ txn_wait_links *wlinks;
-+
-+ assert("umka-211", atom != NULL);
-+
-+ /* atom is locked */
-+ list_for_each_entry(wlinks, &atom->fwaiting_list, _fwaiting_link) {
-+ if (wlinks->waiting_cb == NULL ||
-+ wlinks->waiting_cb(atom, wlinks))
-+ /* Wake up. */
-+ reiser4_wake_up(wlinks->_lock_stack);
-+ }
-+}
-+
-+/* helper function used by capture_fuse_wait() to avoid "spurious wake-ups" */
-+static int wait_for_fusion(txn_atom * atom, txn_wait_links * wlinks)
-+{
-+ assert("nikita-3330", atom != NULL);
-+ assert_spin_locked(&(atom->alock));
-+
-+ /* atom->txnh_count == 1 is for waking waiters up if we are releasing
-+ * last transaction handle. */
-+ return atom->stage != ASTAGE_CAPTURE_WAIT || atom->txnh_count == 1;
-+}
-+
-+/* The general purpose of this function is to wait on the first of two possible events.
-+ The situation is that a handle (and its atom atomh) is blocked trying to capture a
-+ block (i.e., node) but the node's atom (atomf) is in the CAPTURE_WAIT state. The
-+ handle's atom (atomh) is not in the CAPTURE_WAIT state. However, atomh could fuse with
-+ another atom or, due to age, enter the CAPTURE_WAIT state itself, at which point it
-+ needs to unblock the handle to avoid deadlock. When the txnh is unblocked it will
-+ proceed and fuse the two atoms in the CAPTURE_WAIT state.
-+
-+ In other words, if either atomh or atomf change state, the handle will be awakened,
-+ thus there are two lists per atom: WAITING and WAITFOR.
-+
-+ This is also called by capture_assign_txnh with (atomh == NULL) to wait for atomf to
-+ close but it is not assigned to an atom of its own.
-+
-+ Lock ordering in this method: all four locks are held: JNODE_LOCK, TXNH_LOCK,
-+ BOTH_ATOM_LOCKS. Result: all four locks are released.
-+*/
-+static int capture_fuse_wait(txn_handle * txnh, txn_atom * atomf,
-+ txn_atom * atomh, txn_capture mode)
-+{
-+ int ret;
-+ txn_wait_links wlinks;
-+
-+ assert("umka-213", txnh != NULL);
-+ assert("umka-214", atomf != NULL);
-+
-+ if ((mode & TXN_CAPTURE_NONBLOCKING) != 0) {
-+ spin_unlock_txnh(txnh);
-+ spin_unlock_atom(atomf);
-+
-+ if (atomh) {
-+ spin_unlock_atom(atomh);
-+ }
-+
-+ return RETERR(-E_BLOCK);
-+ }
-+
-+ /* Initialize the waiting list links. */
-+ init_wlinks(&wlinks);
-+
-+ /* Add txnh to atomf's waitfor list, unlock atomf. */
-+ list_add_tail(&wlinks._fwaitfor_link, &atomf->fwaitfor_list);
-+ wlinks.waitfor_cb = wait_for_fusion;
-+ atomic_inc(&atomf->refcount);
-+ spin_unlock_atom(atomf);
-+
-+ if (atomh) {
-+ /* Add txnh to atomh's waiting list, unlock atomh. */
-+ list_add_tail(&wlinks._fwaiting_link, &atomh->fwaiting_list);
-+ atomic_inc(&atomh->refcount);
-+ spin_unlock_atom(atomh);
-+ }
-+
-+ /* Go to sleep. */
-+ spin_unlock_txnh(txnh);
-+
-+ ret = prepare_to_sleep(wlinks._lock_stack);
-+ if (ret == 0) {
-+ go_to_sleep(wlinks._lock_stack);
-+ ret = RETERR(-E_REPEAT);
-+ }
-+
-+ /* Remove from the waitfor list. */
-+ spin_lock_atom(atomf);
-+
-+ list_del(&wlinks._fwaitfor_link);
-+ atom_dec_and_unlock(atomf);
-+
-+ if (atomh) {
-+ /* Remove from the waiting list. */
-+ spin_lock_atom(atomh);
-+ list_del(&wlinks._fwaiting_link);
-+ atom_dec_and_unlock(atomh);
-+ }
-+ return ret;
-+}
-+
-+static void lock_two_atoms(txn_atom * one, txn_atom * two)
-+{
-+ assert("zam-1067", one != two);
-+
-+ /* lock the atom with lesser address first */
-+ if (one < two) {
-+ spin_lock_atom(one);
-+ spin_lock_atom(two);
-+ } else {
-+ spin_lock_atom(two);
-+ spin_lock_atom(one);
-+ }
-+}
-+
-+
-+/* Perform the necessary work to prepare for fusing two atoms, which involves
-+ * acquiring two atom locks in the proper order. If one of the node's atom is
-+ * blocking fusion (i.e., it is in the CAPTURE_WAIT stage) and the handle's
-+ * atom is not then the handle's request is put to sleep. If the node's atom
-+ * is committing, then the node can be copy-on-captured. Otherwise, pick the
-+ * atom with fewer pointers to be fused into the atom with more pointer and
-+ * call capture_fuse_into.
-+ */
-+static int capture_init_fusion(jnode *node, txn_handle *txnh, txn_capture mode)
-+{
-+ txn_atom * txnh_atom = txnh->atom;
-+ txn_atom * block_atom = node->atom;
-+
-+ atomic_inc(&txnh_atom->refcount);
-+ atomic_inc(&block_atom->refcount);
-+
-+ spin_unlock_txnh(txnh);
-+ spin_unlock_jnode(node);
-+
-+ lock_two_atoms(txnh_atom, block_atom);
-+
-+ if (txnh->atom != txnh_atom || node->atom != block_atom ) {
-+ release_two_atoms(txnh_atom, block_atom);
-+ return RETERR(-E_REPEAT);
-+ }
-+
-+ atomic_dec(&txnh_atom->refcount);
-+ atomic_dec(&block_atom->refcount);
-+
-+ assert ("zam-1066", atom_isopen(txnh_atom));
-+
-+ if (txnh_atom->stage >= block_atom->stage ||
-+ (block_atom->stage == ASTAGE_CAPTURE_WAIT && block_atom->txnh_count == 0)) {
-+ capture_fuse_into(txnh_atom, block_atom);
-+ return RETERR(-E_REPEAT);
-+ }
-+ spin_lock_txnh(txnh);
-+ return capture_fuse_wait(txnh, block_atom, txnh_atom, mode);
-+}
-+
-+/* This function splices together two jnode lists (small and large) and sets all jnodes in
-+ the small list to point to the large atom. Returns the length of the list. */
-+static int
-+capture_fuse_jnode_lists(txn_atom *large, struct list_head *large_head,
-+ struct list_head *small_head)
-+{
-+ int count = 0;
-+ jnode *node;
-+
-+ assert("umka-218", large != NULL);
-+ assert("umka-219", large_head != NULL);
-+ assert("umka-220", small_head != NULL);
-+ /* small atom should be locked also. */
-+ assert_spin_locked(&(large->alock));
-+
-+ /* For every jnode on small's capture list... */
-+ list_for_each_entry(node, small_head, capture_link) {
-+ count += 1;
-+
-+ /* With the jnode lock held, update atom pointer. */
-+ spin_lock_jnode(node);
-+ node->atom = large;
-+ spin_unlock_jnode(node);
-+ }
-+
-+ /* Splice the lists. */
-+ list_splice_init(small_head, large_head->prev);
-+
-+ return count;
-+}
-+
-+/* This function splices together two txnh lists (small and large) and sets all txn handles in
-+ the small list to point to the large atom. Returns the length of the list. */
-+static int
-+capture_fuse_txnh_lists(txn_atom *large, struct list_head *large_head,
-+ struct list_head *small_head)
-+{
-+ int count = 0;
-+ txn_handle *txnh;
-+
-+ assert("umka-221", large != NULL);
-+ assert("umka-222", large_head != NULL);
-+ assert("umka-223", small_head != NULL);
-+
-+ /* Adjust every txnh to the new atom. */
-+ list_for_each_entry(txnh, small_head, txnh_link) {
-+ count += 1;
-+
-+ /* With the txnh lock held, update atom pointer. */
-+ spin_lock_txnh(txnh);
-+ txnh->atom = large;
-+ spin_unlock_txnh(txnh);
-+ }
-+
-+ /* Splice the txn_handle list. */
-+ list_splice_init(small_head, large_head->prev);
-+
-+ return count;
-+}
-+
-+/* This function fuses two atoms. The captured nodes and handles belonging to SMALL are
-+ added to LARGE and their ->atom pointers are all updated. The associated counts are
-+ updated as well, and any waiting handles belonging to either are awakened. Finally the
-+ smaller atom's refcount is decremented.
-+*/
-+static void capture_fuse_into(txn_atom * small, txn_atom * large)
-+{
-+ int level;
-+ unsigned zcount = 0;
-+ unsigned tcount = 0;
-+
-+ assert("umka-224", small != NULL);
-+ assert("umka-225", small != NULL);
-+
-+ assert_spin_locked(&(large->alock));
-+ assert_spin_locked(&(small->alock));
-+
-+ assert("jmacd-201", atom_isopen(small));
-+ assert("jmacd-202", atom_isopen(large));
-+
-+ /* Splice and update the per-level dirty jnode lists */
-+ for (level = 0; level < REAL_MAX_ZTREE_HEIGHT + 1; level += 1) {
-+ zcount +=
-+ capture_fuse_jnode_lists(large,
-+ ATOM_DIRTY_LIST(large, level),
-+ ATOM_DIRTY_LIST(small, level));
-+ }
-+
-+ /* Splice and update the [clean,dirty] jnode and txnh lists */
-+ zcount +=
-+ capture_fuse_jnode_lists(large, ATOM_CLEAN_LIST(large),
-+ ATOM_CLEAN_LIST(small));
-+ zcount +=
-+ capture_fuse_jnode_lists(large, ATOM_OVRWR_LIST(large),
-+ ATOM_OVRWR_LIST(small));
-+ zcount +=
-+ capture_fuse_jnode_lists(large, ATOM_WB_LIST(large),
-+ ATOM_WB_LIST(small));
-+ zcount +=
-+ capture_fuse_jnode_lists(large, &large->inodes, &small->inodes);
-+ tcount +=
-+ capture_fuse_txnh_lists(large, &large->txnh_list,
-+ &small->txnh_list);
-+
-+ /* Check our accounting. */
-+ assert("jmacd-1063",
-+ zcount + small->num_queued == small->capture_count);
-+ assert("jmacd-1065", tcount == small->txnh_count);
-+
-+ /* sum numbers of waiters threads */
-+ large->nr_waiters += small->nr_waiters;
-+ small->nr_waiters = 0;
-+
-+ /* splice flush queues */
-+ fuse_fq(large, small);
-+
-+ /* update counter of jnode on every atom' list */
-+ ON_DEBUG(large->dirty += small->dirty;
-+ small->dirty = 0;
-+ large->clean += small->clean;
-+ small->clean = 0;
-+ large->ovrwr += small->ovrwr;
-+ small->ovrwr = 0;
-+ large->wb += small->wb;
-+ small->wb = 0;
-+ large->fq += small->fq;
-+ small->fq = 0;);
-+
-+ /* count flushers in result atom */
-+ large->nr_flushers += small->nr_flushers;
-+ small->nr_flushers = 0;
-+
-+ /* update counts of flushed nodes */
-+ large->flushed += small->flushed;
-+ small->flushed = 0;
-+
-+ /* Transfer list counts to large. */
-+ large->txnh_count += small->txnh_count;
-+ large->capture_count += small->capture_count;
-+
-+ /* Add all txnh references to large. */
-+ atomic_add(small->txnh_count, &large->refcount);
-+ atomic_sub(small->txnh_count, &small->refcount);
-+
-+ /* Reset small counts */
-+ small->txnh_count = 0;
-+ small->capture_count = 0;
-+
-+ /* Assign the oldest start_time, merge flags. */
-+ large->start_time = min(large->start_time, small->start_time);
-+ large->flags |= small->flags;
-+
-+ /* Merge blocknr sets. */
-+ blocknr_set_merge(&small->delete_set, &large->delete_set);
-+ blocknr_set_merge(&small->wandered_map, &large->wandered_map);
-+
-+ /* Merge allocated/deleted file counts */
-+ large->nr_objects_deleted += small->nr_objects_deleted;
-+ large->nr_objects_created += small->nr_objects_created;
-+
-+ small->nr_objects_deleted = 0;
-+ small->nr_objects_created = 0;
-+
-+ /* Merge allocated blocks counts */
-+ large->nr_blocks_allocated += small->nr_blocks_allocated;
-+
-+ large->nr_running_queues += small->nr_running_queues;
-+ small->nr_running_queues = 0;
-+
-+ /* Merge blocks reserved for overwrite set. */
-+ large->flush_reserved += small->flush_reserved;
-+ small->flush_reserved = 0;
-+
-+ if (large->stage < small->stage) {
-+ /* Large only needs to notify if it has changed state. */
-+ atom_set_stage(large, small->stage);
-+ wakeup_atom_waiting_list(large);
-+ }
-+
-+ atom_set_stage(small, ASTAGE_INVALID);
-+
-+ /* Notify any waiters--small needs to unload its wait lists. Waiters
-+ actually remove themselves from the list before returning from the
-+ fuse_wait function. */
-+ wakeup_atom_waiting_list(small);
-+
-+ /* Unlock atoms */
-+ spin_unlock_atom(large);
-+ atom_dec_and_unlock(small);
-+}
-+
-+/* TXNMGR STUFF */
-+
-+/* Release a block from the atom, reversing the effects of being captured,
-+ do not release atom's reference to jnode due to holding spin-locks.
-+ Currently this is only called when the atom commits.
-+
-+ NOTE: this function does not release a (journal) reference to jnode
-+ due to locking optimizations, you should call jput() somewhere after
-+ calling uncapture_block(). */
-+void uncapture_block(jnode * node)
-+{
-+ txn_atom *atom;
-+
-+ assert("umka-226", node != NULL);
-+ atom = node->atom;
-+ assert("umka-228", atom != NULL);
-+
-+ assert("jmacd-1021", node->atom == atom);
-+ assert_spin_locked(&(node->guard));
-+ assert("jmacd-1023", atom_is_protected(atom));
-+
-+ JF_CLR(node, JNODE_DIRTY);
-+ JF_CLR(node, JNODE_RELOC);
-+ JF_CLR(node, JNODE_OVRWR);
-+ JF_CLR(node, JNODE_CREATED);
-+ JF_CLR(node, JNODE_WRITEBACK);
-+ JF_CLR(node, JNODE_REPACK);
-+
-+ list_del_init(&node->capture_link);
-+ if (JF_ISSET(node, JNODE_FLUSH_QUEUED)) {
-+ assert("zam-925", atom_isopen(atom));
-+ assert("vs-1623", NODE_LIST(node) == FQ_LIST);
-+ ON_DEBUG(atom->num_queued--);
-+ JF_CLR(node, JNODE_FLUSH_QUEUED);
-+ }
-+ atom->capture_count -= 1;
-+ ON_DEBUG(count_jnode(atom, node, NODE_LIST(node), NOT_CAPTURED, 1));
-+ node->atom = NULL;
-+
-+ spin_unlock_jnode(node);
-+ LOCK_CNT_DEC(t_refs);
-+}
-+
-+/* Unconditional insert of jnode into atom's overwrite list. Currently used in
-+ bitmap-based allocator code for adding modified bitmap blocks the
-+ transaction. @atom and @node are spin locked */
-+void insert_into_atom_ovrwr_list(txn_atom * atom, jnode * node)
-+{
-+ assert("zam-538", atom_is_protected(atom));
-+ assert_spin_locked(&(node->guard));
-+ assert("zam-899", JF_ISSET(node, JNODE_OVRWR));
-+ assert("zam-543", node->atom == NULL);
-+ assert("vs-1433", !jnode_is_unformatted(node) && !jnode_is_znode(node));
-+
-+ list_add(&node->capture_link, ATOM_OVRWR_LIST(atom));
-+ jref(node);
-+ node->atom = atom;
-+ atom->capture_count++;
-+ ON_DEBUG(count_jnode(atom, node, NODE_LIST(node), OVRWR_LIST, 1));
-+}
-+
-+
-+#if REISER4_DEBUG
-+
-+void info_atom(const char *prefix, const txn_atom * atom)
-+{
-+ if (atom == NULL) {
-+ printk("%s: no atom\n", prefix);
-+ return;
-+ }
-+
-+ printk("%s: refcount: %i id: %i flags: %x txnh_count: %i"
-+ " capture_count: %i stage: %x start: %lu, flushed: %i\n", prefix,
-+ atomic_read(&atom->refcount), atom->atom_id, atom->flags,
-+ atom->txnh_count, atom->capture_count, atom->stage,
-+ atom->start_time, atom->flushed);
-+}
-+
-+#endif
-+
-+static int count_deleted_blocks_actor(txn_atom * atom,
-+ const reiser4_block_nr * a,
-+ const reiser4_block_nr * b, void *data)
-+{
-+ reiser4_block_nr *counter = data;
-+
-+ assert("zam-995", data != NULL);
-+ assert("zam-996", a != NULL);
-+ if (b == NULL)
-+ *counter += 1;
-+ else
-+ *counter += *b;
-+ return 0;
-+}
-+
-+reiser4_block_nr txnmgr_count_deleted_blocks(void)
-+{
-+ reiser4_block_nr result;
-+ txn_mgr *tmgr = &get_super_private(reiser4_get_current_sb())->tmgr;
-+ txn_atom *atom;
-+
-+ result = 0;
-+
-+ spin_lock_txnmgr(tmgr);
-+ list_for_each_entry(atom, &tmgr->atoms_list, atom_link) {
-+ spin_lock_atom(atom);
-+ if (atom_isopen(atom))
-+ blocknr_set_iterator(
-+ atom, &atom->delete_set,
-+ count_deleted_blocks_actor, &result, 0);
-+ spin_unlock_atom(atom);
-+ }
-+ spin_unlock_txnmgr(tmgr);
-+
-+ return result;
-+}
-+
-+/*
-+ * Local variables:
-+ * c-indentation-style: "K&R"
-+ * mode-name: "LC"
-+ * c-basic-offset: 8
-+ * tab-width: 8
-+ * fill-column: 79
-+ * End:
-+ */
-Index: linux-2.6.16/fs/reiser4/txnmgr.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/txnmgr.h
-@@ -0,0 +1,704 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* data-types and function declarations for transaction manager. See txnmgr.c
-+ * for details. */
-+
-+#ifndef __REISER4_TXNMGR_H__
-+#define __REISER4_TXNMGR_H__
-+
-+#include "forward.h"
-+#include "dformat.h"
-+
-+#include <linux/fs.h>
-+#include <linux/mm.h>
-+#include <linux/types.h>
-+#include <linux/spinlock.h>
-+#include <asm/atomic.h>
-+#include <asm/semaphore.h>
-+
-+/* TYPE DECLARATIONS */
-+
-+/* This enumeration describes the possible types of a capture request (try_capture).
-+ A capture request dynamically assigns a block to the calling thread's transaction
-+ handle. */
-+typedef enum {
-+ /* A READ_ATOMIC request indicates that a block will be read and that the caller's
-+ atom should fuse in order to ensure that the block commits atomically with the
-+ caller. */
-+ TXN_CAPTURE_READ_ATOMIC = (1 << 0),
-+
-+ /* A READ_NONCOM request indicates that a block will be read and that the caller is
-+ willing to read a non-committed block without causing atoms to fuse. */
-+ TXN_CAPTURE_READ_NONCOM = (1 << 1),
-+
-+ /* A READ_MODIFY request indicates that a block will be read but that the caller
-+ wishes for the block to be captured as it will be written. This capture request
-+ mode is not currently used, but eventually it will be useful for preventing
-+ deadlock in read-modify-write cycles. */
-+ TXN_CAPTURE_READ_MODIFY = (1 << 2),
-+
-+ /* A WRITE capture request indicates that a block will be modified and that atoms
-+ should fuse to make the commit atomic. */
-+ TXN_CAPTURE_WRITE = (1 << 3),
-+
-+ /* CAPTURE_TYPES is a mask of the four above capture types, used to separate the
-+ exclusive type designation from extra bits that may be supplied -- see
-+ below. */
-+ TXN_CAPTURE_TYPES = (TXN_CAPTURE_READ_ATOMIC |
-+ TXN_CAPTURE_READ_NONCOM | TXN_CAPTURE_READ_MODIFY |
-+ TXN_CAPTURE_WRITE),
-+
-+ /* A subset of CAPTURE_TYPES, CAPTURE_WTYPES is a mask of request types that
-+ indicate modification will occur. */
-+ TXN_CAPTURE_WTYPES = (TXN_CAPTURE_READ_MODIFY | TXN_CAPTURE_WRITE),
-+
-+ /* An option to try_capture, NONBLOCKING indicates that the caller would
-+ prefer not to sleep waiting for an aging atom to commit. */
-+ TXN_CAPTURE_NONBLOCKING = (1 << 4),
-+
-+ /* An option to try_capture to prevent atom fusion, just simple capturing is allowed */
-+ TXN_CAPTURE_DONT_FUSE = (1 << 5)
-+
-+ /* This macro selects only the exclusive capture request types, stripping out any
-+ options that were supplied (i.e., NONBLOCKING). */
-+#define CAPTURE_TYPE(x) ((x) & TXN_CAPTURE_TYPES)
-+} txn_capture;
-+
-+/* There are two kinds of transaction handle: WRITE_FUSING and READ_FUSING, the only
-+ difference is in the handling of read requests. A WRITE_FUSING transaction handle
-+ defaults read capture requests to TXN_CAPTURE_READ_NONCOM whereas a READ_FUSIONG
-+ transaction handle defaults to TXN_CAPTURE_READ_ATOMIC. */
-+typedef enum {
-+ TXN_WRITE_FUSING = (1 << 0),
-+ TXN_READ_FUSING = (1 << 1) | TXN_WRITE_FUSING, /* READ implies WRITE */
-+} txn_mode;
-+
-+/* Every atom has a stage, which is one of these exclusive values: */
-+typedef enum {
-+ /* Initially an atom is free. */
-+ ASTAGE_FREE = 0,
-+
-+ /* An atom begins by entering the CAPTURE_FUSE stage, where it proceeds to capture
-+ blocks and fuse with other atoms. */
-+ ASTAGE_CAPTURE_FUSE = 1,
-+
-+ /* We need to have a ASTAGE_CAPTURE_SLOW in which an atom fuses with one node for every X nodes it flushes to disk where X > 1. */
-+
-+ /* When an atom reaches a certain age it must do all it can to commit. An atom in
-+ the CAPTURE_WAIT stage refuses new transaction handles and prevents fusion from
-+ atoms in the CAPTURE_FUSE stage. */
-+ ASTAGE_CAPTURE_WAIT = 2,
-+
-+ /* Waiting for I/O before commit. Copy-on-capture (see
-+ http://namesys.com/v4/v4.html). */
-+ ASTAGE_PRE_COMMIT = 3,
-+
-+ /* Post-commit overwrite I/O. Steal-on-capture. */
-+ ASTAGE_POST_COMMIT = 4,
-+
-+ /* Atom which waits for the removal of the last reference to (it? ) to
-+ * be deleted from memory */
-+ ASTAGE_DONE = 5,
-+
-+ /* invalid atom. */
-+ ASTAGE_INVALID = 6,
-+
-+} txn_stage;
-+
-+/* Certain flags may be set in the txn_atom->flags field. */
-+typedef enum {
-+ /* Indicates that the atom should commit as soon as possible. */
-+ ATOM_FORCE_COMMIT = (1 << 0),
-+ /* to avoid endless loop, mark the atom (which was considered as too
-+ * small) after failed attempt to fuse it. */
-+ ATOM_CANCEL_FUSION = (1 << 1)
-+} txn_flags;
-+
-+/* Flags for controlling commit_txnh */
-+typedef enum {
-+ /* Wait commit atom completion in commit_txnh */
-+ TXNH_WAIT_COMMIT = 0x2,
-+ /* Don't commit atom when this handle is closed */
-+ TXNH_DONT_COMMIT = 0x4
-+} txn_handle_flags_t;
-+
-+/* TYPE DEFINITIONS */
-+
-+/* A note on lock ordering: the handle & jnode spinlock protects reading of their ->atom
-+ fields, so typically an operation on the atom through either of these objects must (1)
-+ lock the object, (2) read the atom pointer, (3) lock the atom.
-+
-+ During atom fusion, the process holds locks on both atoms at once. Then, it iterates
-+ through the list of handles and pages held by the smaller of the two atoms. For each
-+ handle and page referencing the smaller atom, the fusing process must: (1) lock the
-+ object, and (2) update the atom pointer.
-+
-+ You can see that there is a conflict of lock ordering here, so the more-complex
-+ procedure should have priority, i.e., the fusing process has priority so that it is
-+ guaranteed to make progress and to avoid restarts.
-+
-+ This decision, however, means additional complexity for aquiring the atom lock in the
-+ first place.
-+
-+ The general original procedure followed in the code was:
-+
-+ TXN_OBJECT *obj = ...;
-+ TXN_ATOM *atom;
-+
-+ spin_lock (& obj->_lock);
-+
-+ atom = obj->_atom;
-+
-+ if (! spin_trylock_atom (atom))
-+ {
-+ spin_unlock (& obj->_lock);
-+ RESTART OPERATION, THERE WAS A RACE;
-+ }
-+
-+ ELSE YOU HAVE BOTH ATOM AND OBJ LOCKED
-+
-+ It has however been found that this wastes CPU a lot in a manner that is
-+ hard to profile. So, proper refcounting was added to atoms, and new
-+ standard locking sequence is like following:
-+
-+ TXN_OBJECT *obj = ...;
-+ TXN_ATOM *atom;
-+
-+ spin_lock (& obj->_lock);
-+
-+ atom = obj->_atom;
-+
-+ if (! spin_trylock_atom (atom))
-+ {
-+ atomic_inc (& atom->refcount);
-+ spin_unlock (& obj->_lock);
-+ spin_lock (&atom->_lock);
-+ atomic_dec (& atom->refcount);
-+ // HERE atom is locked
-+ spin_unlock (&atom->_lock);
-+ RESTART OPERATION, THERE WAS A RACE;
-+ }
-+
-+ ELSE YOU HAVE BOTH ATOM AND OBJ LOCKED
-+
-+ (core of this is implemented in trylock_throttle() function)
-+
-+ See the jnode_get_atom() function for a common case.
-+
-+ As an additional (and important) optimization allowing to avoid restarts,
-+ it is possible to re-check required pre-conditions at the HERE point in
-+ code above and proceed without restarting if they are still satisfied.
-+*/
-+
-+/* A block number set consists of only the list head. */
-+struct blocknr_set {
-+ struct list_head entries;
-+};
-+
-+/* An atomic transaction: this is the underlying system representation
-+ of a transaction, not the one seen by clients.
-+
-+ Invariants involving this data-type:
-+
-+ [sb-fake-allocated]
-+*/
-+struct txn_atom {
-+ /* The spinlock protecting the atom, held during fusion and various other state
-+ changes. */
-+ spinlock_t alock;
-+
-+ /* The atom's reference counter, increasing (in case of a duplication
-+ of an existing reference or when we are sure that some other
-+ reference exists) may be done without taking spinlock, decrementing
-+ of the ref. counter requires a spinlock to be held.
-+
-+ Each transaction handle counts in ->refcount. All jnodes count as
-+ one reference acquired in atom_begin_andlock(), released in
-+ commit_current_atom().
-+ */
-+ atomic_t refcount;
-+
-+ /* The atom_id identifies the atom in persistent records such as the log. */
-+ __u32 atom_id;
-+
-+ /* Flags holding any of the txn_flags enumerated values (e.g.,
-+ ATOM_FORCE_COMMIT). */
-+ __u32 flags;
-+
-+ /* Number of open handles. */
-+ __u32 txnh_count;
-+
-+ /* The number of znodes captured by this atom. Equal to the sum of lengths of the
-+ dirty_nodes[level] and clean_nodes lists. */
-+ __u32 capture_count;
-+
-+#if REISER4_DEBUG
-+ int clean;
-+ int dirty;
-+ int ovrwr;
-+ int wb;
-+ int fq;
-+#endif
-+
-+ __u32 flushed;
-+
-+ /* Current transaction stage. */
-+ txn_stage stage;
-+
-+ /* Start time. */
-+ unsigned long start_time;
-+
-+ /* The atom's delete set. It collects block numbers of the nodes
-+ which were deleted during the transaction. */
-+ blocknr_set delete_set;
-+
-+ /* The atom's wandered_block mapping. */
-+ blocknr_set wandered_map;
-+
-+ /* The transaction's list of dirty captured nodes--per level. Index
-+ by (level). dirty_nodes[0] is for znode-above-root */
-+ struct list_head dirty_nodes[REAL_MAX_ZTREE_HEIGHT + 1];
-+
-+ /* The transaction's list of clean captured nodes. */
-+ struct list_head clean_nodes;
-+
-+ /* The atom's overwrite set */
-+ struct list_head ovrwr_nodes;
-+
-+ /* nodes which are being written to disk */
-+ struct list_head writeback_nodes;
-+
-+ /* list of inodes */
-+ struct list_head inodes;
-+
-+ /* List of handles associated with this atom. */
-+ struct list_head txnh_list;
-+
-+ /* Transaction list link: list of atoms in the transaction manager. */
-+ struct list_head atom_link;
-+
-+ /* List of handles waiting FOR this atom: see 'capture_fuse_wait' comment. */
-+ struct list_head fwaitfor_list;
-+
-+ /* List of this atom's handles that are waiting: see 'capture_fuse_wait' comment. */
-+ struct list_head fwaiting_list;
-+
-+ /* Numbers of objects which were deleted/created in this transaction
-+ thereby numbers of objects IDs which were released/deallocated. */
-+ int nr_objects_deleted;
-+ int nr_objects_created;
-+ /* number of blocks allocated during the transaction */
-+ __u64 nr_blocks_allocated;
-+ /* All atom's flush queue objects are on this list */
-+ struct list_head flush_queues;
-+#if REISER4_DEBUG
-+ /* number of flush queues for this atom. */
-+ int nr_flush_queues;
-+ /* Number of jnodes which were removed from atom's lists and put
-+ on flush_queue */
-+ int num_queued;
-+#endif
-+ /* number of threads who wait for this atom to complete commit */
-+ int nr_waiters;
-+ /* number of threads which do jnode_flush() over this atom */
-+ int nr_flushers;
-+ /* number of flush queues which are IN_USE and jnodes from fq->prepped
-+ are submitted to disk by the write_fq() routine. */
-+ int nr_running_queues;
-+ /* A counter of grabbed unformatted nodes, see a description of the
-+ * reiser4 space reservation scheme at block_alloc.c */
-+ reiser4_block_nr flush_reserved;
-+#if REISER4_DEBUG
-+ void *committer;
-+#endif
-+ struct super_block *super;
-+};
-+
-+#define ATOM_DIRTY_LIST(atom, level) (&(atom)->dirty_nodes[level])
-+#define ATOM_CLEAN_LIST(atom) (&(atom)->clean_nodes)
-+#define ATOM_OVRWR_LIST(atom) (&(atom)->ovrwr_nodes)
-+#define ATOM_WB_LIST(atom) (&(atom)->writeback_nodes)
-+#define ATOM_FQ_LIST(fq) (&(fq)->prepped)
-+
-+#define NODE_LIST(node) (node)->list
-+#define ASSIGN_NODE_LIST(node, list) ON_DEBUG(NODE_LIST(node) = list)
-+ON_DEBUG(void
-+ count_jnode(txn_atom *, jnode *, atom_list old_list,
-+ atom_list new_list, int check_lists));
-+
-+typedef struct protected_jnodes {
-+ struct list_head inatom; /* link to atom's list these structures */
-+ struct list_head nodes; /* head of list of protected nodes */
-+} protected_jnodes;
-+
-+/* A transaction handle: the client obtains and commits this handle which is assigned by
-+ the system to a txn_atom. */
-+struct txn_handle {
-+ /* Spinlock protecting ->atom pointer */
-+ spinlock_t hlock;
-+
-+ /* Flags for controlling commit_txnh() behavior */
-+ /* from txn_handle_flags_t */
-+ txn_handle_flags_t flags;
-+
-+ /* Whether it is READ_FUSING or WRITE_FUSING. */
-+ txn_mode mode;
-+
-+ /* If assigned, the atom it is part of. */
-+ txn_atom *atom;
-+
-+ /* Transaction list link. Head is in txn_atom. */
-+ struct list_head txnh_link;
-+};
-+
-+/* The transaction manager: one is contained in the reiser4_super_info_data */
-+struct txn_mgr {
-+ /* A spinlock protecting the atom list, id_count, flush_control */
-+ spinlock_t tmgr_lock;
-+
-+ /* List of atoms. */
-+ struct list_head atoms_list;
-+
-+ /* Number of atoms. */
-+ int atom_count;
-+
-+ /* A counter used to assign atom->atom_id values. */
-+ __u32 id_count;
-+
-+ /* a semaphore object for commit serialization */
-+ struct semaphore commit_semaphore;
-+
-+ /* a list of all txnmrgs served by particular daemon. */
-+ struct list_head linkage;
-+
-+ /* description of daemon for this txnmgr */
-+ ktxnmgrd_context *daemon;
-+
-+ /* parameters. Adjustable through mount options. */
-+ unsigned int atom_max_size;
-+ unsigned int atom_max_age;
-+ unsigned int atom_min_size;
-+ /* max number of concurrent flushers for one atom, 0 - unlimited. */
-+ unsigned int atom_max_flushers;
-+ struct dentry *debugfs_atom_count;
-+ struct dentry *debugfs_id_count;
-+};
-+
-+/* FUNCTION DECLARATIONS */
-+
-+/* These are the externally (within Reiser4) visible transaction functions, therefore they
-+ are prefixed with "txn_". For comments, see txnmgr.c. */
-+
-+extern int init_txnmgr_static(void);
-+extern void done_txnmgr_static(void);
-+
-+extern void init_txnmgr(txn_mgr *);
-+extern void done_txnmgr(txn_mgr *);
-+
-+extern int txn_reserve(int reserved);
-+
-+extern void txn_begin(reiser4_context * context);
-+extern int txn_end(reiser4_context * context);
-+
-+extern void txn_restart(reiser4_context * context);
-+extern void txn_restart_current(void);
-+
-+extern int txnmgr_force_commit_all(struct super_block *, int);
-+extern int current_atom_should_commit(void);
-+
-+extern jnode *find_first_dirty_jnode(txn_atom *, int);
-+
-+extern int commit_some_atoms(txn_mgr *);
-+extern int force_commit_atom(txn_handle *);
-+extern int flush_current_atom(int, long, long *, txn_atom **, jnode *);
-+
-+extern int flush_some_atom(jnode *, long *, const struct writeback_control *, int);
-+
-+extern void atom_set_stage(txn_atom * atom, txn_stage stage);
-+
-+extern int same_slum_check(jnode * base, jnode * check, int alloc_check,
-+ int alloc_value);
-+extern void atom_dec_and_unlock(txn_atom * atom);
-+
-+extern int try_capture(jnode * node, znode_lock_mode mode, txn_capture flags);
-+extern int try_capture_page_to_invalidate(struct page *pg);
-+
-+extern void uncapture_page(struct page *pg);
-+extern void uncapture_block(jnode *);
-+extern void uncapture_jnode(jnode *);
-+
-+extern int capture_inode(struct inode *);
-+extern int uncapture_inode(struct inode *);
-+
-+extern txn_atom *get_current_atom_locked_nocheck(void);
-+
-+#if REISER4_DEBUG
-+
-+/**
-+ * atom_is_protected - make sure that nobody but us can do anything with atom
-+ * @atom: atom to be checked
-+ *
-+ * This is used to assert that atom either entered commit stages or is spin
-+ * locked.
-+ */
-+static inline int atom_is_protected(txn_atom *atom)
-+{
-+ if (atom->stage >= ASTAGE_PRE_COMMIT)
-+ return 1;
-+ assert_spin_locked(&(atom->alock));
-+ return 1;
-+}
-+
-+#endif
-+
-+/* Get the current atom and spinlock it if current atom present. May not return NULL */
-+static inline txn_atom *get_current_atom_locked(void)
-+{
-+ txn_atom *atom;
-+
-+ atom = get_current_atom_locked_nocheck();
-+ assert("zam-761", atom != NULL);
-+
-+ return atom;
-+}
-+
-+extern txn_atom *jnode_get_atom(jnode *);
-+
-+extern void atom_wait_event(txn_atom *);
-+extern void atom_send_event(txn_atom *);
-+
-+extern void insert_into_atom_ovrwr_list(txn_atom * atom, jnode * node);
-+extern int capture_super_block(struct super_block *s);
-+int capture_bulk(jnode **, int count);
-+
-+/* See the comment on the function blocknrset.c:blocknr_set_add for the
-+ calling convention of these three routines. */
-+extern void blocknr_set_init(blocknr_set * bset);
-+extern void blocknr_set_destroy(blocknr_set * bset);
-+extern void blocknr_set_merge(blocknr_set * from, blocknr_set * into);
-+extern int blocknr_set_add_extent(txn_atom * atom,
-+ blocknr_set * bset,
-+ blocknr_set_entry ** new_bsep,
-+ const reiser4_block_nr * start,
-+ const reiser4_block_nr * len);
-+extern int blocknr_set_add_pair(txn_atom * atom, blocknr_set * bset,
-+ blocknr_set_entry ** new_bsep,
-+ const reiser4_block_nr * a,
-+ const reiser4_block_nr * b);
-+
-+typedef int (*blocknr_set_actor_f) (txn_atom *, const reiser4_block_nr *,
-+ const reiser4_block_nr *, void *);
-+
-+extern int blocknr_set_iterator(txn_atom * atom, blocknr_set * bset,
-+ blocknr_set_actor_f actor, void *data,
-+ int delete);
-+
-+/* flush code takes care about how to fuse flush queues */
-+extern void flush_init_atom(txn_atom * atom);
-+extern void flush_fuse_queues(txn_atom * large, txn_atom * small);
-+
-+static inline void spin_lock_atom(txn_atom *atom)
-+{
-+ /* check that spinlocks of lower priorities are not held */
-+ assert("", (LOCK_CNT_NIL(spin_locked_txnh) &&
-+ LOCK_CNT_NIL(spin_locked_jnode) &&
-+ LOCK_CNT_NIL(spin_locked_zlock) &&
-+ LOCK_CNT_NIL(rw_locked_dk) &&
-+ LOCK_CNT_NIL(rw_locked_tree)));
-+
-+ spin_lock(&(atom->alock));
-+
-+ LOCK_CNT_INC(spin_locked_atom);
-+ LOCK_CNT_INC(spin_locked);
-+}
-+
-+static inline int spin_trylock_atom(txn_atom *atom)
-+{
-+ if (spin_trylock(&(atom->alock))) {
-+ LOCK_CNT_INC(spin_locked_atom);
-+ LOCK_CNT_INC(spin_locked);
-+ return 1;
-+ }
-+ return 0;
-+}
-+
-+static inline void spin_unlock_atom(txn_atom *atom)
-+{
-+ assert_spin_locked(&(atom->alock));
-+ assert("nikita-1375", LOCK_CNT_GTZ(spin_locked_atom));
-+ assert("nikita-1376", LOCK_CNT_GTZ(spin_locked));
-+
-+ LOCK_CNT_DEC(spin_locked_atom);
-+ LOCK_CNT_DEC(spin_locked);
-+
-+ spin_unlock(&(atom->alock));
-+}
-+
-+static inline void spin_lock_txnh(txn_handle *txnh)
-+{
-+ /* check that spinlocks of lower priorities are not held */
-+ assert("", (LOCK_CNT_NIL(rw_locked_dk) &&
-+ LOCK_CNT_NIL(spin_locked_zlock) &&
-+ LOCK_CNT_NIL(rw_locked_tree)));
-+
-+ spin_lock(&(txnh->hlock));
-+
-+ LOCK_CNT_INC(spin_locked_txnh);
-+ LOCK_CNT_INC(spin_locked);
-+}
-+
-+static inline int spin_trylock_txnh(txn_handle *txnh)
-+{
-+ if (spin_trylock(&(txnh->hlock))) {
-+ LOCK_CNT_INC(spin_locked_txnh);
-+ LOCK_CNT_INC(spin_locked);
-+ return 1;
-+ }
-+ return 0;
-+}
-+
-+static inline void spin_unlock_txnh(txn_handle *txnh)
-+{
-+ assert_spin_locked(&(txnh->hlock));
-+ assert("nikita-1375", LOCK_CNT_GTZ(spin_locked_txnh));
-+ assert("nikita-1376", LOCK_CNT_GTZ(spin_locked));
-+
-+ LOCK_CNT_DEC(spin_locked_txnh);
-+ LOCK_CNT_DEC(spin_locked);
-+
-+ spin_unlock(&(txnh->hlock));
-+}
-+
-+#define spin_ordering_pred_txnmgr(tmgr) \
-+ ( LOCK_CNT_NIL(spin_locked_atom) && \
-+ LOCK_CNT_NIL(spin_locked_txnh) && \
-+ LOCK_CNT_NIL(spin_locked_jnode) && \
-+ LOCK_CNT_NIL(rw_locked_zlock) && \
-+ LOCK_CNT_NIL(rw_locked_dk) && \
-+ LOCK_CNT_NIL(rw_locked_tree) )
-+
-+static inline void spin_lock_txnmgr(txn_mgr *mgr)
-+{
-+ /* check that spinlocks of lower priorities are not held */
-+ assert("", (LOCK_CNT_NIL(spin_locked_atom) &&
-+ LOCK_CNT_NIL(spin_locked_txnh) &&
-+ LOCK_CNT_NIL(spin_locked_jnode) &&
-+ LOCK_CNT_NIL(spin_locked_zlock) &&
-+ LOCK_CNT_NIL(rw_locked_dk) &&
-+ LOCK_CNT_NIL(rw_locked_tree)));
-+
-+ spin_lock(&(mgr->tmgr_lock));
-+
-+ LOCK_CNT_INC(spin_locked_txnmgr);
-+ LOCK_CNT_INC(spin_locked);
-+}
-+
-+static inline int spin_trylock_txnmgr(txn_mgr *mgr)
-+{
-+ if (spin_trylock(&(mgr->tmgr_lock))) {
-+ LOCK_CNT_INC(spin_locked_txnmgr);
-+ LOCK_CNT_INC(spin_locked);
-+ return 1;
-+ }
-+ return 0;
-+}
-+
-+static inline void spin_unlock_txnmgr(txn_mgr *mgr)
-+{
-+ assert_spin_locked(&(mgr->tmgr_lock));
-+ assert("nikita-1375", LOCK_CNT_GTZ(spin_locked_txnmgr));
-+ assert("nikita-1376", LOCK_CNT_GTZ(spin_locked));
-+
-+ LOCK_CNT_DEC(spin_locked_txnmgr);
-+ LOCK_CNT_DEC(spin_locked);
-+
-+ spin_unlock(&(mgr->tmgr_lock));
-+}
-+
-+typedef enum {
-+ FQ_IN_USE = 0x1
-+} flush_queue_state_t;
-+
-+typedef struct flush_queue flush_queue_t;
-+
-+/* This is an accumulator for jnodes prepared for writing to disk. A flush queue
-+ is filled by the jnode_flush() routine, and written to disk under memory
-+ pressure or at atom commit time. */
-+/* LOCKING: fq state and fq->atom are protected by guard spinlock, fq->nr_queued
-+ field and fq->prepped list can be modified if atom is spin-locked and fq
-+ object is "in-use" state. For read-only traversal of the fq->prepped list
-+ and reading of the fq->nr_queued field it is enough to keep fq "in-use" or
-+ only have atom spin-locked. */
-+struct flush_queue {
-+ /* linkage element is the first in this structure to make debugging
-+ easier. See field in atom struct for description of list. */
-+ struct list_head alink;
-+ /* A spinlock to protect changes of fq state and fq->atom pointer */
-+ spinlock_t guard;
-+ /* flush_queue state: [in_use | ready] */
-+ flush_queue_state_t state;
-+ /* A list which contains queued nodes, queued nodes are removed from any
-+ * atom's list and put on this ->prepped one. */
-+ struct list_head prepped;
-+ /* number of submitted i/o requests */
-+ atomic_t nr_submitted;
-+ /* number of i/o errors */
-+ atomic_t nr_errors;
-+ /* An atom this flush queue is attached to */
-+ txn_atom *atom;
-+ /* A semaphore for waiting on i/o completion */
-+ struct semaphore io_sem;
-+#if REISER4_DEBUG
-+ /* A thread which took this fq in exclusive use, NULL if fq is free,
-+ * used for debugging. */
-+ struct task_struct *owner;
-+#endif
-+};
-+
-+extern int fq_by_atom(txn_atom *, flush_queue_t **);
-+extern void fq_put_nolock(flush_queue_t *);
-+extern void fq_put(flush_queue_t *);
-+extern void fuse_fq(txn_atom * to, txn_atom * from);
-+extern void queue_jnode(flush_queue_t *, jnode *);
-+extern void mark_jnode_queued(flush_queue_t *, jnode *);
-+
-+extern int write_fq(flush_queue_t *, long *, int);
-+extern int current_atom_finish_all_fq(void);
-+extern void init_atom_fq_parts(txn_atom *);
-+
-+extern reiser4_block_nr txnmgr_count_deleted_blocks(void);
-+
-+extern void znode_make_dirty(znode * node);
-+extern void jnode_make_dirty_locked(jnode * node);
-+
-+extern int sync_atom(txn_atom * atom);
-+
-+#if REISER4_DEBUG
-+extern int atom_fq_parts_are_clean(txn_atom *);
-+#endif
-+
-+extern void add_fq_to_bio(flush_queue_t *, struct bio *);
-+extern flush_queue_t *get_fq_for_current_atom(void);
-+
-+void protected_jnodes_init(protected_jnodes * list);
-+void protected_jnodes_done(protected_jnodes * list);
-+void invalidate_list(struct list_head * head);
-+
-+#if REISER4_DEBUG
-+void info_atom(const char *prefix, const txn_atom * atom);
-+#else
-+#define info_atom(p,a) noop
-+#endif
-+
-+# endif /* __REISER4_TXNMGR_H__ */
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/type_safe_hash.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/type_safe_hash.h
-@@ -0,0 +1,320 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* A hash table class that uses hash chains (singly-linked) and is
-+ parametrized to provide type safety. */
-+
-+#ifndef __REISER4_TYPE_SAFE_HASH_H__
-+#define __REISER4_TYPE_SAFE_HASH_H__
-+
-+#include "debug.h"
-+
-+#include <asm/errno.h>
-+/* Step 1: Use TYPE_SAFE_HASH_DECLARE() to define the TABLE and LINK objects
-+ based on the object type. You need to declare the item type before
-+ this definition, define it after this definition. */
-+#define TYPE_SAFE_HASH_DECLARE(PREFIX,ITEM_TYPE) \
-+ \
-+typedef struct PREFIX##_hash_table_ PREFIX##_hash_table; \
-+typedef struct PREFIX##_hash_link_ PREFIX##_hash_link; \
-+ \
-+struct PREFIX##_hash_table_ \
-+{ \
-+ ITEM_TYPE **_table; \
-+ __u32 _buckets; \
-+}; \
-+ \
-+struct PREFIX##_hash_link_ \
-+{ \
-+ ITEM_TYPE *_next; \
-+}
-+
-+/* Step 2: Define the object type of the hash: give it field of type
-+ PREFIX_hash_link. */
-+
-+/* Step 3: Use TYPE_SAFE_HASH_DEFINE to define the hash table interface using
-+ the type and field name used in step 3. The arguments are:
-+
-+ ITEM_TYPE The item type being hashed
-+ KEY_TYPE The type of key being hashed
-+ KEY_NAME The name of the key field within the item
-+ LINK_NAME The name of the link field within the item, which you must make type PREFIX_hash_link)
-+ HASH_FUNC The name of the hash function (or macro, takes const pointer to key)
-+ EQ_FUNC The name of the equality function (or macro, takes const pointer to two keys)
-+
-+ It implements these functions:
-+
-+ prefix_hash_init Initialize the table given its size.
-+ prefix_hash_insert Insert an item
-+ prefix_hash_insert_index Insert an item w/ precomputed hash_index
-+ prefix_hash_find Find an item by key
-+ prefix_hash_find_index Find an item w/ precomputed hash_index
-+ prefix_hash_remove Remove an item, returns 1 if found, 0 if not found
-+ prefix_hash_remove_index Remove an item w/ precomputed hash_index
-+
-+ If you'd like something to be done differently, feel free to ask me
-+ for modifications. Additional features that could be added but
-+ have not been:
-+
-+ prefix_hash_remove_key Find and remove an item by key
-+ prefix_hash_remove_key_index Find and remove an item by key w/ precomputed hash_index
-+
-+ The hash_function currently receives only the key as an argument,
-+ meaning it must somehow know the number of buckets. If this is a
-+ problem let me know.
-+
-+ This hash table uses a single-linked hash chain. This means
-+ insertion is fast but deletion requires searching the chain.
-+
-+ There is also the doubly-linked hash chain approach, under which
-+ deletion requires no search but the code is longer and it takes two
-+ pointers per item.
-+
-+ The circularly-linked approach has the shortest code but requires
-+ two pointers per bucket, doubling the size of the bucket array (in
-+ addition to two pointers per item).
-+*/
-+#define TYPE_SAFE_HASH_DEFINE(PREFIX,ITEM_TYPE,KEY_TYPE,KEY_NAME,LINK_NAME,HASH_FUNC,EQ_FUNC) \
-+ \
-+static __inline__ void \
-+PREFIX##_check_hash (PREFIX##_hash_table *table UNUSED_ARG, \
-+ __u32 hash UNUSED_ARG) \
-+{ \
-+ assert("nikita-2780", hash < table->_buckets); \
-+} \
-+ \
-+static __inline__ int \
-+PREFIX##_hash_init (PREFIX##_hash_table *hash, \
-+ __u32 buckets) \
-+{ \
-+ hash->_table = (ITEM_TYPE**) KMALLOC (sizeof (ITEM_TYPE*) * buckets); \
-+ hash->_buckets = buckets; \
-+ if (hash->_table == NULL) \
-+ { \
-+ return RETERR(-ENOMEM); \
-+ } \
-+ memset (hash->_table, 0, sizeof (ITEM_TYPE*) * buckets); \
-+ ON_DEBUG(printk(#PREFIX "_hash_table: %i buckets\n", buckets)); \
-+ return 0; \
-+} \
-+ \
-+static __inline__ void \
-+PREFIX##_hash_done (PREFIX##_hash_table *hash) \
-+{ \
-+ if (REISER4_DEBUG && hash->_table != NULL) { \
-+ __u32 i; \
-+ for (i = 0 ; i < hash->_buckets ; ++ i) \
-+ assert("nikita-2905", hash->_table[i] == NULL); \
-+ } \
-+ if (hash->_table != NULL) \
-+ KFREE (hash->_table, sizeof (ITEM_TYPE*) * hash->_buckets); \
-+ hash->_table = NULL; \
-+} \
-+ \
-+static __inline__ void \
-+PREFIX##_hash_prefetch_next (ITEM_TYPE *item) \
-+{ \
-+ prefetch(item->LINK_NAME._next); \
-+} \
-+ \
-+static __inline__ void \
-+PREFIX##_hash_prefetch_bucket (PREFIX##_hash_table *hash, \
-+ __u32 index) \
-+{ \
-+ prefetch(hash->_table[index]); \
-+} \
-+ \
-+static __inline__ ITEM_TYPE* \
-+PREFIX##_hash_find_index (PREFIX##_hash_table *hash, \
-+ __u32 hash_index, \
-+ KEY_TYPE const *find_key) \
-+{ \
-+ ITEM_TYPE *item; \
-+ \
-+ PREFIX##_check_hash(hash, hash_index); \
-+ \
-+ for (item = hash->_table[hash_index]; \
-+ item != NULL; \
-+ item = item->LINK_NAME._next) \
-+ { \
-+ prefetch(item->LINK_NAME._next); \
-+ prefetch(item->LINK_NAME._next + offsetof(ITEM_TYPE, KEY_NAME)); \
-+ if (EQ_FUNC (& item->KEY_NAME, find_key)) \
-+ { \
-+ return item; \
-+ } \
-+ } \
-+ \
-+ return NULL; \
-+} \
-+ \
-+static __inline__ ITEM_TYPE* \
-+PREFIX##_hash_find_index_lru (PREFIX##_hash_table *hash, \
-+ __u32 hash_index, \
-+ KEY_TYPE const *find_key) \
-+{ \
-+ ITEM_TYPE ** item = &hash->_table[hash_index]; \
-+ \
-+ PREFIX##_check_hash(hash, hash_index); \
-+ \
-+ while (*item != NULL) { \
-+ prefetch(&(*item)->LINK_NAME._next); \
-+ if (EQ_FUNC (&(*item)->KEY_NAME, find_key)) { \
-+ ITEM_TYPE *found; \
-+ \
-+ found = *item; \
-+ *item = found->LINK_NAME._next; \
-+ found->LINK_NAME._next = hash->_table[hash_index]; \
-+ hash->_table[hash_index] = found; \
-+ return found; \
-+ } \
-+ item = &(*item)->LINK_NAME._next; \
-+ } \
-+ return NULL; \
-+} \
-+ \
-+static __inline__ int \
-+PREFIX##_hash_remove_index (PREFIX##_hash_table *hash, \
-+ __u32 hash_index, \
-+ ITEM_TYPE *del_item) \
-+{ \
-+ ITEM_TYPE ** hash_item_p = &hash->_table[hash_index]; \
-+ \
-+ PREFIX##_check_hash(hash, hash_index); \
-+ \
-+ while (*hash_item_p != NULL) { \
-+ prefetch(&(*hash_item_p)->LINK_NAME._next); \
-+ if (*hash_item_p == del_item) { \
-+ *hash_item_p = (*hash_item_p)->LINK_NAME._next; \
-+ return 1; \
-+ } \
-+ hash_item_p = &(*hash_item_p)->LINK_NAME._next; \
-+ } \
-+ return 0; \
-+} \
-+ \
-+static __inline__ void \
-+PREFIX##_hash_insert_index (PREFIX##_hash_table *hash, \
-+ __u32 hash_index, \
-+ ITEM_TYPE *ins_item) \
-+{ \
-+ PREFIX##_check_hash(hash, hash_index); \
-+ \
-+ ins_item->LINK_NAME._next = hash->_table[hash_index]; \
-+ hash->_table[hash_index] = ins_item; \
-+} \
-+ \
-+static __inline__ void \
-+PREFIX##_hash_insert_index_rcu (PREFIX##_hash_table *hash, \
-+ __u32 hash_index, \
-+ ITEM_TYPE *ins_item) \
-+{ \
-+ PREFIX##_check_hash(hash, hash_index); \
-+ \
-+ ins_item->LINK_NAME._next = hash->_table[hash_index]; \
-+ smp_wmb(); \
-+ hash->_table[hash_index] = ins_item; \
-+} \
-+ \
-+static __inline__ ITEM_TYPE* \
-+PREFIX##_hash_find (PREFIX##_hash_table *hash, \
-+ KEY_TYPE const *find_key) \
-+{ \
-+ return PREFIX##_hash_find_index (hash, HASH_FUNC(hash, find_key), find_key); \
-+} \
-+ \
-+static __inline__ ITEM_TYPE* \
-+PREFIX##_hash_find_lru (PREFIX##_hash_table *hash, \
-+ KEY_TYPE const *find_key) \
-+{ \
-+ return PREFIX##_hash_find_index_lru (hash, HASH_FUNC(hash, find_key), find_key); \
-+} \
-+ \
-+static __inline__ int \
-+PREFIX##_hash_remove (PREFIX##_hash_table *hash, \
-+ ITEM_TYPE *del_item) \
-+{ \
-+ return PREFIX##_hash_remove_index (hash, \
-+ HASH_FUNC(hash, &del_item->KEY_NAME), del_item); \
-+} \
-+ \
-+static __inline__ int \
-+PREFIX##_hash_remove_rcu (PREFIX##_hash_table *hash, \
-+ ITEM_TYPE *del_item) \
-+{ \
-+ return PREFIX##_hash_remove (hash, del_item); \
-+} \
-+ \
-+static __inline__ void \
-+PREFIX##_hash_insert (PREFIX##_hash_table *hash, \
-+ ITEM_TYPE *ins_item) \
-+{ \
-+ return PREFIX##_hash_insert_index (hash, \
-+ HASH_FUNC(hash, &ins_item->KEY_NAME), ins_item); \
-+} \
-+ \
-+static __inline__ void \
-+PREFIX##_hash_insert_rcu (PREFIX##_hash_table *hash, \
-+ ITEM_TYPE *ins_item) \
-+{ \
-+ return PREFIX##_hash_insert_index_rcu (hash, HASH_FUNC(hash, &ins_item->KEY_NAME), \
-+ ins_item); \
-+} \
-+ \
-+static __inline__ ITEM_TYPE * \
-+PREFIX##_hash_first (PREFIX##_hash_table *hash, __u32 ind) \
-+{ \
-+ ITEM_TYPE *first; \
-+ \
-+ for (first = NULL; ind < hash->_buckets; ++ ind) { \
-+ first = hash->_table[ind]; \
-+ if (first != NULL) \
-+ break; \
-+ } \
-+ return first; \
-+} \
-+ \
-+static __inline__ ITEM_TYPE * \
-+PREFIX##_hash_next (PREFIX##_hash_table *hash, \
-+ ITEM_TYPE *item) \
-+{ \
-+ ITEM_TYPE *next; \
-+ \
-+ if (item == NULL) \
-+ return NULL; \
-+ next = item->LINK_NAME._next; \
-+ if (next == NULL) \
-+ next = PREFIX##_hash_first (hash, HASH_FUNC(hash, &item->KEY_NAME) + 1); \
-+ return next; \
-+} \
-+ \
-+typedef struct {} PREFIX##_hash_dummy
-+
-+#define for_all_ht_buckets(table, head) \
-+for ((head) = &(table) -> _table[ 0 ] ; \
-+ (head) != &(table) -> _table[ (table) -> _buckets ] ; ++ (head))
-+
-+#define for_all_in_bucket(bucket, item, next, field) \
-+for ((item) = *(bucket), (next) = (item) ? (item) -> field._next : NULL ; \
-+ (item) != NULL ; \
-+ (item) = (next), (next) = (item) ? (item) -> field._next : NULL )
-+
-+#define for_all_in_htable(table, prefix, item, next) \
-+for ((item) = prefix ## _hash_first ((table), 0), \
-+ (next) = prefix ## _hash_next ((table), (item)) ; \
-+ (item) != NULL ; \
-+ (item) = (next), \
-+ (next) = prefix ## _hash_next ((table), (item)))
-+
-+/* __REISER4_TYPE_SAFE_HASH_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/vfs_ops.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/vfs_ops.c
-@@ -0,0 +1,267 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* Interface to VFS. Reiser4 {super|export|dentry}_operations are defined
-+ here. */
-+
-+#include "forward.h"
-+#include "debug.h"
-+#include "dformat.h"
-+#include "coord.h"
-+#include "plugin/item/item.h"
-+#include "plugin/file/file.h"
-+#include "plugin/security/perm.h"
-+#include "plugin/disk_format/disk_format.h"
-+#include "plugin/plugin.h"
-+#include "plugin/plugin_set.h"
-+#include "plugin/object.h"
-+#include "txnmgr.h"
-+#include "jnode.h"
-+#include "znode.h"
-+#include "block_alloc.h"
-+#include "tree.h"
-+#include "vfs_ops.h"
-+#include "inode.h"
-+#include "page_cache.h"
-+#include "ktxnmgrd.h"
-+#include "super.h"
-+#include "reiser4.h"
-+#include "entd.h"
-+#include "status_flags.h"
-+#include "flush.h"
-+#include "dscale.h"
-+
-+#include <linux/profile.h>
-+#include <linux/types.h>
-+#include <linux/mount.h>
-+#include <linux/vfs.h>
-+#include <linux/mm.h>
-+#include <linux/buffer_head.h>
-+#include <linux/dcache.h>
-+#include <linux/list.h>
-+#include <linux/pagemap.h>
-+#include <linux/slab.h>
-+#include <linux/seq_file.h>
-+#include <linux/init.h>
-+#include <linux/module.h>
-+#include <linux/writeback.h>
-+#include <linux/blkdev.h>
-+#include <linux/quotaops.h>
-+#include <linux/security.h>
-+#include <linux/reboot.h>
-+#include <linux/rcupdate.h>
-+
-+
-+/* update inode stat-data by calling plugin */
-+int reiser4_update_sd(struct inode *object)
-+{
-+ file_plugin *fplug;
-+
-+ assert("nikita-2338", object != NULL);
-+ /* check for read-only file system. */
-+ if (IS_RDONLY(object))
-+ return 0;
-+
-+ fplug = inode_file_plugin(object);
-+ assert("nikita-2339", fplug != NULL);
-+ return fplug->write_sd_by_inode(object);
-+}
-+
-+/* helper function: increase inode nlink count and call plugin method to save
-+ updated stat-data.
-+
-+ Used by link/create and during creation of dot and dotdot in mkdir
-+*/
-+int reiser4_add_nlink(struct inode *object /* object to which link is added */ ,
-+ struct inode *parent /* parent where new entry will be */
-+ ,
-+ int write_sd_p /* true if stat-data has to be
-+ * updated */ )
-+{
-+ file_plugin *fplug;
-+ int result;
-+
-+ assert("nikita-1351", object != NULL);
-+
-+ fplug = inode_file_plugin(object);
-+ assert("nikita-1445", fplug != NULL);
-+
-+ /* ask plugin whether it can add yet another link to this
-+ object */
-+ if (!fplug->can_add_link(object))
-+ return RETERR(-EMLINK);
-+
-+ assert("nikita-2211", fplug->add_link != NULL);
-+ /* call plugin to do actual addition of link */
-+ result = fplug->add_link(object, parent);
-+
-+ /* optionally update stat data */
-+ if (result == 0 && write_sd_p)
-+ result = fplug->write_sd_by_inode(object);
-+ return result;
-+}
-+
-+/* helper function: decrease inode nlink count and call plugin method to save
-+ updated stat-data.
-+
-+ Used by unlink/create
-+*/
-+int reiser4_del_nlink(struct inode *object /* object from which link is
-+ * removed */ ,
-+ struct inode *parent /* parent where entry was */ ,
-+ int write_sd_p /* true is stat-data has to be
-+ * updated */ )
-+{
-+ file_plugin *fplug;
-+ int result;
-+
-+ assert("nikita-1349", object != NULL);
-+
-+ fplug = inode_file_plugin(object);
-+ assert("nikita-1350", fplug != NULL);
-+ assert("nikita-1446", object->i_nlink > 0);
-+ assert("nikita-2210", fplug->rem_link != NULL);
-+
-+ /* call plugin to do actual deletion of link */
-+ result = fplug->rem_link(object, parent);
-+
-+ /* optionally update stat data */
-+ if (result == 0 && write_sd_p)
-+ result = fplug->write_sd_by_inode(object);
-+ return result;
-+}
-+
-+
-+
-+
-+/* Release reiser4 dentry. This is d_op->d_release() method. */
-+static void reiser4_d_release(struct dentry *dentry /* dentry released */ )
-+{
-+ reiser4_free_dentry_fsdata(dentry);
-+}
-+
-+/*
-+ * Called by reiser4_sync_inodes(), during speculative write-back (through
-+ * pdflush, or balance_dirty_pages()).
-+ */
-+void writeout(struct super_block *sb, struct writeback_control *wbc)
-+{
-+ long written = 0;
-+ int repeats = 0;
-+ int result;
-+ struct address_space *mapping;
-+
-+ /*
-+ * Performs early flushing, trying to free some memory. If there is
-+ * nothing to flush, commits some atoms.
-+ */
-+
-+ /* Commit all atoms if reiser4_writepages() is called from sys_sync() or
-+ sys_fsync(). */
-+ if (wbc->sync_mode != WB_SYNC_NONE) {
-+ txnmgr_force_commit_all(sb, 0);
-+ return;
-+ }
-+
-+ BUG_ON(get_super_fake(sb) == NULL);
-+ mapping = get_super_fake(sb)->i_mapping;
-+ do {
-+ long nr_submitted = 0;
-+ jnode *node = NULL;
-+
-+ /* do not put more requests to overload write queue */
-+ if (wbc->nonblocking &&
-+ bdi_write_congested(mapping->backing_dev_info)) {
-+ blk_run_address_space(mapping);
-+ wbc->encountered_congestion = 1;
-+ break;
-+ }
-+ repeats++;
-+ BUG_ON(wbc->nr_to_write <= 0);
-+
-+ if (get_current_context()->entd) {
-+ entd_context *ent = get_entd_context(sb);
-+
-+ if (ent->cur_request->node)
-+ /*
-+ * this is ent thread and it managed to capture
-+ * requested page itself - start flush from
-+ * that page
-+ */
-+ node = jref(ent->cur_request->node);
-+ }
-+
-+ result = flush_some_atom(node, &nr_submitted, wbc,
-+ JNODE_FLUSH_WRITE_BLOCKS);
-+ if (result != 0)
-+ warning("nikita-31001", "Flush failed: %i", result);
-+ if (node)
-+ jput(node);
-+ if (!nr_submitted)
-+ break;
-+
-+ wbc->nr_to_write -= nr_submitted;
-+ written += nr_submitted;
-+ } while (wbc->nr_to_write > 0);
-+}
-+
-+
-+void reiser4_throttle_write(struct inode *inode)
-+{
-+ txn_restart_current();
-+ balance_dirty_pages_ratelimited(inode->i_mapping);
-+}
-+
-+const char *REISER4_SUPER_MAGIC_STRING = "ReIsEr4";
-+const int REISER4_MAGIC_OFFSET = 16 * 4096; /* offset to magic string from the
-+ * beginning of device */
-+
-+
-+
-+/*
-+ * Reiser4 initialization/shutdown.
-+ *
-+ * Code below performs global reiser4 initialization that is done either as
-+ * part of kernel initialization (when reiser4 is statically built-in), or
-+ * during reiser4 module load (when compiled as module).
-+ */
-+
-+
-+void reiser4_handle_error(void)
-+{
-+ struct super_block *sb = reiser4_get_current_sb();
-+
-+ if (!sb)
-+ return;
-+ reiser4_status_write(REISER4_STATUS_DAMAGED, 0,
-+ "Filesystem error occured");
-+ switch (get_super_private(sb)->onerror) {
-+ case 0:
-+ reiser4_panic("foobar-42", "Filesystem error occured\n");
-+ case 1:
-+ default:
-+ if (sb->s_flags & MS_RDONLY)
-+ return;
-+ sb->s_flags |= MS_RDONLY;
-+ break;
-+ }
-+}
-+
-+struct dentry_operations reiser4_dentry_operations = {
-+ .d_revalidate = NULL,
-+ .d_hash = NULL,
-+ .d_compare = NULL,
-+ .d_delete = NULL,
-+ .d_release = reiser4_d_release,
-+ .d_iput = NULL,
-+};
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/vfs_ops.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/vfs_ops.h
-@@ -0,0 +1,58 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* vfs_ops.c's exported symbols */
-+
-+#if !defined( __FS_REISER4_VFS_OPS_H__ )
-+#define __FS_REISER4_VFS_OPS_H__
-+
-+#include "forward.h"
-+#include "coord.h"
-+#include "seal.h"
-+#include "plugin/file/file.h"
-+#include "super.h"
-+#include "readahead.h"
-+
-+#include <linux/types.h> /* for loff_t */
-+#include <linux/fs.h> /* for struct address_space */
-+#include <linux/dcache.h> /* for struct dentry */
-+#include <linux/mm.h>
-+#include <linux/backing-dev.h>
-+
-+/* address space operations */
-+int reiser4_writepage(struct page *, struct writeback_control *);
-+int reiser4_set_page_dirty(struct page *);
-+int reiser4_readpages(struct file *, struct address_space *,
-+ struct list_head *pages, unsigned nr_pages);
-+int reiser4_invalidatepage(struct page *, unsigned long offset);
-+int reiser4_releasepage(struct page *, gfp_t);
-+
-+extern int reiser4_update_sd(struct inode *);
-+extern int reiser4_add_nlink(struct inode *, struct inode *, int);
-+extern int reiser4_del_nlink(struct inode *, struct inode *, int);
-+
-+
-+extern int reiser4_start_up_io(struct page *page);
-+extern void reiser4_throttle_write(struct inode *);
-+extern int jnode_is_releasable(jnode *);
-+
-+#define CAPTURE_APAGE_BURST (1024l)
-+void writeout(struct super_block *, struct writeback_control *);
-+
-+
-+extern void reiser4_handle_error(void);
-+
-+
-+/* __FS_REISER4_VFS_OPS_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/wander.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/wander.c
-@@ -0,0 +1,1799 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* Reiser4 Wandering Log */
-+
-+/* You should read http://www.namesys.com/txn-doc.html
-+
-+ That describes how filesystem operations are performed as atomic
-+ transactions, and how we try to arrange it so that we can write most of the
-+ data only once while performing the operation atomically.
-+
-+ For the purposes of this code, it is enough for it to understand that it
-+ has been told a given block should be written either once, or twice (if
-+ twice then once to the wandered location and once to the real location).
-+
-+ This code guarantees that those blocks that are defined to be part of an
-+ atom either all take effect or none of them take effect.
-+
-+ Relocate set nodes are submitted to write by the jnode_flush() routine, and
-+ the overwrite set is submitted by reiser4_write_log(). This is because with
-+ the overwrite set we seek to optimize writes, and with the relocate set we
-+ seek to cause disk order to correlate with the parent first pre-order.
-+
-+ reiser4_write_log() allocates and writes wandered blocks and maintains
-+ additional on-disk structures of the atom as wander records (each wander
-+ record occupies one block) for storing of the "wandered map" (a table which
-+ contains a relation between wandered and real block numbers) and other
-+ information which might be needed at transaction recovery time.
-+
-+ The wander records are unidirectionally linked into a circle: each wander
-+ record contains a block number of the next wander record, the last wander
-+ record points to the first one.
-+
-+ One wander record (named "tx head" in this file) has a format which is
-+ different from the other wander records. The "tx head" has a reference to the
-+ "tx head" block of the previously committed atom. Also, "tx head" contains
-+ fs information (the free blocks counter, and the oid allocator state) which
-+ is logged in a special way .
-+
-+ There are two journal control blocks, named journal header and journal
-+ footer which have fixed on-disk locations. The journal header has a
-+ reference to the "tx head" block of the last committed atom. The journal
-+ footer points to the "tx head" of the last flushed atom. The atom is
-+ "played" when all blocks from its overwrite set are written to disk the
-+ second time (i.e. written to their real locations).
-+
-+ NOTE: People who know reiserfs internals and its journal structure might be
-+ confused with these terms journal footer and journal header. There is a table
-+ with terms of similar semantics in reiserfs (reiser3) and reiser4:
-+
-+ REISER3 TERM | REISER4 TERM | DESCRIPTION
-+ --------------------+-----------------------+----------------------------
-+ commit record | journal header | atomic write of this record
-+ | | ends transaction commit
-+ --------------------+-----------------------+----------------------------
-+ journal header | journal footer | atomic write of this record
-+ | | ends post-commit writes.
-+ | | After successful
-+ | | writing of this journal
-+ | | blocks (in reiser3) or
-+ | | wandered blocks/records are
-+ | | free for re-use.
-+ --------------------+-----------------------+----------------------------
-+
-+ The atom commit process is the following:
-+
-+ 1. The overwrite set is taken from atom's clean list, and its size is
-+ counted.
-+
-+ 2. The number of necessary wander records (including tx head) is calculated,
-+ and the wander record blocks are allocated.
-+
-+ 3. Allocate wandered blocks and populate wander records by wandered map.
-+
-+ 4. submit write requests for wander records and wandered blocks.
-+
-+ 5. wait until submitted write requests complete.
-+
-+ 6. update journal header: change the pointer to the block number of just
-+ written tx head, submit an i/o for modified journal header block and wait
-+ for i/o completion.
-+
-+ NOTE: The special logging for bitmap blocks and some reiser4 super block
-+ fields makes processes of atom commit, flush and recovering a bit more
-+ complex (see comments in the source code for details).
-+
-+ The atom playing process is the following:
-+
-+ 1. Write atom's overwrite set in-place.
-+
-+ 2. Wait on i/o.
-+
-+ 3. Update journal footer: change the pointer to block number of tx head
-+ block of the atom we currently flushing, submit an i/o, wait on i/o
-+ completion.
-+
-+ 4. Free disk space which was used for wandered blocks and wander records.
-+
-+ After the freeing of wandered blocks and wander records we have that journal
-+ footer points to the on-disk structure which might be overwritten soon.
-+ Neither the log writer nor the journal recovery procedure use that pointer
-+ for accessing the data. When the journal recovery procedure finds the oldest
-+ transaction it compares the journal footer pointer value with the "prev_tx"
-+ pointer value in tx head, if values are equal the oldest not flushed
-+ transaction is found.
-+
-+ NOTE on disk space leakage: the information about of what blocks and how many
-+ blocks are allocated for wandered blocks, wandered records is not written to
-+ the disk because of special logging for bitmaps and some super blocks
-+ counters. After a system crash we the reiser4 does not remember those
-+ objects allocation, thus we have no such a kind of disk space leakage.
-+*/
-+
-+/* Special logging of reiser4 super block fields. */
-+
-+/* There are some reiser4 super block fields (free block count and OID allocator
-+ state (number of files and next free OID) which are logged separately from
-+ super block to avoid unnecessary atom fusion.
-+
-+ So, the reiser4 super block can be not captured by a transaction with
-+ allocates/deallocates disk blocks or create/delete file objects. Moreover,
-+ the reiser4 on-disk super block is not touched when such a transaction is
-+ committed and flushed. Those "counters logged specially" are logged in "tx
-+ head" blocks and in the journal footer block.
-+
-+ A step-by-step description of special logging:
-+
-+ 0. The per-atom information about deleted or created files and allocated or
-+ freed blocks is collected during the transaction. The atom's
-+ ->nr_objects_created and ->nr_objects_deleted are for object
-+ deletion/creation tracking, the numbers of allocated and freed blocks are
-+ calculated using atom's delete set and atom's capture list -- all new and
-+ relocated nodes should be on atom's clean list and should have JNODE_RELOC
-+ bit set.
-+
-+ 1. The "logged specially" reiser4 super block fields have their "committed"
-+ versions in the reiser4 in-memory super block. They get modified only at
-+ atom commit time. The atom's commit thread has an exclusive access to those
-+ "committed" fields because the log writer implementation supports only one
-+ atom commit a time (there is a per-fs "commit" semaphore). At
-+ that time "committed" counters are modified using per-atom information
-+ collected during the transaction. These counters are stored on disk as a
-+ part of tx head block when atom is committed.
-+
-+ 2. When the atom is flushed the value of the free block counter and the OID
-+ allocator state get written to the journal footer block. A special journal
-+ procedure (journal_recover_sb_data()) takes those values from the journal
-+ footer and updates the reiser4 in-memory super block.
-+
-+ NOTE: That means free block count and OID allocator state are logged
-+ separately from the reiser4 super block regardless of the fact that the
-+ reiser4 super block has fields to store both the free block counter and the
-+ OID allocator.
-+
-+ Writing the whole super block at commit time requires knowing true values of
-+ all its fields without changes made by not yet committed transactions. It is
-+ possible by having their "committed" version of the super block like the
-+ reiser4 bitmap blocks have "committed" and "working" versions. However,
-+ another scheme was implemented which stores special logged values in the
-+ unused free space inside transaction head block. In my opinion it has an
-+ advantage of not writing whole super block when only part of it was
-+ modified. */
-+
-+#include "debug.h"
-+#include "dformat.h"
-+#include "txnmgr.h"
-+#include "jnode.h"
-+#include "znode.h"
-+#include "block_alloc.h"
-+#include "page_cache.h"
-+#include "wander.h"
-+#include "reiser4.h"
-+#include "super.h"
-+#include "vfs_ops.h"
-+#include "writeout.h"
-+#include "inode.h"
-+#include "entd.h"
-+
-+#include <linux/types.h>
-+#include <linux/fs.h> /* for struct super_block */
-+#include <linux/mm.h> /* for struct page */
-+#include <linux/pagemap.h>
-+#include <linux/bio.h> /* for struct bio */
-+#include <linux/blkdev.h>
-+
-+static int write_jnodes_to_disk_extent(
-+ jnode *, int, const reiser4_block_nr *, flush_queue_t *, int);
-+
-+/* The commit_handle is a container for objects needed at atom commit time */
-+struct commit_handle {
-+ /* A pointer to atom's list of OVRWR nodes */
-+ struct list_head *overwrite_set;
-+ /* atom's overwrite set size */
-+ int overwrite_set_size;
-+ /* jnodes for wander record blocks */
-+ struct list_head tx_list;
-+ /* number of wander records */
-+ __u32 tx_size;
-+ /* 'committed' sb counters are saved here until atom is completely
-+ flushed */
-+ __u64 free_blocks;
-+ __u64 nr_files;
-+ __u64 next_oid;
-+ /* A pointer to the atom which is being committed */
-+ txn_atom *atom;
-+ /* A pointer to current super block */
-+ struct super_block *super;
-+ /* The counter of modified bitmaps */
-+ reiser4_block_nr nr_bitmap;
-+};
-+
-+static void init_commit_handle(struct commit_handle *ch, txn_atom *atom)
-+{
-+ memset(ch, 0, sizeof(struct commit_handle));
-+ INIT_LIST_HEAD(&ch->tx_list);
-+
-+ ch->atom = atom;
-+ ch->super = reiser4_get_current_sb();
-+}
-+
-+static void done_commit_handle(struct commit_handle *ch)
-+{
-+ assert("zam-690", list_empty(&ch->tx_list));
-+}
-+
-+static inline int reiser4_use_write_barrier(struct super_block * s)
-+{
-+ return !reiser4_is_set(s, REISER4_NO_WRITE_BARRIER);
-+}
-+
-+static void disable_write_barrier(struct super_block * s)
-+{
-+ notice("zam-1055", "%s does not support write barriers,"
-+ " using synchronous write instead.", s->s_id);
-+ set_bit((int)REISER4_NO_WRITE_BARRIER, &get_super_private(s)->fs_flags);
-+}
-+
-+
-+/* fill journal header block data */
-+static void format_journal_header(struct commit_handle *ch)
-+{
-+ struct reiser4_super_info_data *sbinfo;
-+ struct journal_header *header;
-+ jnode *txhead;
-+
-+ sbinfo = get_super_private(ch->super);
-+ assert("zam-479", sbinfo != NULL);
-+ assert("zam-480", sbinfo->journal_header != NULL);
-+
-+ txhead = list_entry(ch->tx_list.next, jnode, capture_link);
-+
-+ jload(sbinfo->journal_header);
-+
-+ header = (struct journal_header *)jdata(sbinfo->journal_header);
-+ assert("zam-484", header != NULL);
-+
-+ put_unaligned(cpu_to_le64(*jnode_get_block(txhead)),
-+ &header->last_committed_tx);
-+
-+ jrelse(sbinfo->journal_header);
-+}
-+
-+/* fill journal footer block data */
-+static void format_journal_footer(struct commit_handle *ch)
-+{
-+ struct reiser4_super_info_data *sbinfo;
-+ struct journal_footer *footer;
-+ jnode *tx_head;
-+
-+ sbinfo = get_super_private(ch->super);
-+
-+ tx_head = list_entry(ch->tx_list.next, jnode, capture_link);
-+
-+ assert("zam-493", sbinfo != NULL);
-+ assert("zam-494", sbinfo->journal_header != NULL);
-+
-+ check_me("zam-691", jload(sbinfo->journal_footer) == 0);
-+
-+ footer = (struct journal_footer *)jdata(sbinfo->journal_footer);
-+ assert("zam-495", footer != NULL);
-+
-+ put_unaligned(cpu_to_le64(*jnode_get_block(tx_head)),
-+ &footer->last_flushed_tx);
-+ put_unaligned(cpu_to_le64(ch->free_blocks), &footer->free_blocks);
-+
-+ put_unaligned(cpu_to_le64(ch->nr_files), &footer->nr_files);
-+ put_unaligned(cpu_to_le64(ch->next_oid), &footer->next_oid);
-+
-+ jrelse(sbinfo->journal_footer);
-+}
-+
-+/* wander record capacity depends on current block size */
-+static int wander_record_capacity(const struct super_block *super)
-+{
-+ return (super->s_blocksize -
-+ sizeof(struct wander_record_header)) /
-+ sizeof(struct wander_entry);
-+}
-+
-+/* Fill first wander record (tx head) in accordance with supplied given data */
-+static void format_tx_head(struct commit_handle *ch)
-+{
-+ jnode *tx_head;
-+ jnode *next;
-+ struct tx_header *header;
-+
-+ tx_head = list_entry(ch->tx_list.next, jnode, capture_link);
-+ assert("zam-692", &ch->tx_list != &tx_head->capture_link);
-+
-+ next = list_entry(tx_head->capture_link.next, jnode, capture_link);
-+ if (&ch->tx_list == &next->capture_link)
-+ next = tx_head;
-+
-+ header = (struct tx_header *)jdata(tx_head);
-+
-+ assert("zam-460", header != NULL);
-+ assert("zam-462", ch->super->s_blocksize >= sizeof(struct tx_header));
-+
-+ memset(jdata(tx_head), 0, (size_t) ch->super->s_blocksize);
-+ memcpy(jdata(tx_head), TX_HEADER_MAGIC, TX_HEADER_MAGIC_SIZE);
-+
-+ put_unaligned(cpu_to_le32(ch->tx_size), &header->total);
-+ put_unaligned(cpu_to_le64(get_super_private(ch->super)->last_committed_tx),
-+ &header->prev_tx);
-+ put_unaligned(cpu_to_le64(*jnode_get_block(next)), &header->next_block);
-+ put_unaligned(cpu_to_le64(ch->free_blocks), &header->free_blocks);
-+ put_unaligned(cpu_to_le64(ch->nr_files), &header->nr_files);
-+ put_unaligned(cpu_to_le64(ch->next_oid), &header->next_oid);
-+}
-+
-+/* prepare ordinary wander record block (fill all service fields) */
-+static void
-+format_wander_record(struct commit_handle *ch, jnode *node, __u32 serial)
-+{
-+ struct wander_record_header *LRH;
-+ jnode *next;
-+
-+ assert("zam-464", node != NULL);
-+
-+ LRH = (struct wander_record_header *)jdata(node);
-+ next = list_entry(node->capture_link.next, jnode, capture_link);
-+
-+ if (&ch->tx_list == &next->capture_link)
-+ next = list_entry(ch->tx_list.next, jnode, capture_link);
-+
-+ assert("zam-465", LRH != NULL);
-+ assert("zam-463",
-+ ch->super->s_blocksize > sizeof(struct wander_record_header));
-+
-+ memset(jdata(node), 0, (size_t) ch->super->s_blocksize);
-+ memcpy(jdata(node), WANDER_RECORD_MAGIC, WANDER_RECORD_MAGIC_SIZE);
-+
-+ put_unaligned(cpu_to_le32(ch->tx_size), &LRH->total);
-+ put_unaligned(cpu_to_le32(serial), &LRH->serial);
-+ put_unaligned(cpu_to_le64(*jnode_get_block(next)), &LRH->next_block);
-+}
-+
-+/* add one wandered map entry to formatted wander record */
-+static void
-+store_entry(jnode * node, int index, const reiser4_block_nr * a,
-+ const reiser4_block_nr * b)
-+{
-+ char *data;
-+ struct wander_entry *pairs;
-+
-+ data = jdata(node);
-+ assert("zam-451", data != NULL);
-+
-+ pairs =
-+ (struct wander_entry *)(data + sizeof(struct wander_record_header));
-+
-+ put_unaligned(cpu_to_le64(*a), &pairs[index].original);
-+ put_unaligned(cpu_to_le64(*b), &pairs[index].wandered);
-+}
-+
-+/* currently, wander records contains contain only wandered map, which depend on
-+ overwrite set size */
-+static void get_tx_size(struct commit_handle *ch)
-+{
-+ assert("zam-440", ch->overwrite_set_size != 0);
-+ assert("zam-695", ch->tx_size == 0);
-+
-+ /* count all ordinary wander records
-+ (<overwrite_set_size> - 1) / <wander_record_capacity> + 1 and add one
-+ for tx head block */
-+ ch->tx_size =
-+ (ch->overwrite_set_size - 1) / wander_record_capacity(ch->super) +
-+ 2;
-+}
-+
-+/* A special structure for using in store_wmap_actor() for saving its state
-+ between calls */
-+struct store_wmap_params {
-+ jnode *cur; /* jnode of current wander record to fill */
-+ int idx; /* free element index in wander record */
-+ int capacity; /* capacity */
-+
-+#if REISER4_DEBUG
-+ struct list_head *tx_list;
-+#endif
-+};
-+
-+/* an actor for use in blocknr_set_iterator routine which populates the list
-+ of pre-formatted wander records by wandered map info */
-+static int
-+store_wmap_actor(txn_atom * atom UNUSED_ARG, const reiser4_block_nr * a,
-+ const reiser4_block_nr * b, void *data)
-+{
-+ struct store_wmap_params *params = data;
-+
-+ if (params->idx >= params->capacity) {
-+ /* a new wander record should be taken from the tx_list */
-+ params->cur = list_entry(params->cur->capture_link.next, jnode, capture_link);
-+ assert("zam-454",
-+ params->tx_list != ¶ms->cur->capture_link);
-+
-+ params->idx = 0;
-+ }
-+
-+ store_entry(params->cur, params->idx, a, b);
-+ params->idx++;
-+
-+ return 0;
-+}
-+
-+/* This function is called after Relocate set gets written to disk, Overwrite
-+ set is written to wandered locations and all wander records are written
-+ also. Updated journal header blocks contains a pointer (block number) to
-+ first wander record of the just written transaction */
-+static int update_journal_header(struct commit_handle *ch, int use_barrier)
-+{
-+ struct reiser4_super_info_data *sbinfo = get_super_private(ch->super);
-+ jnode *jh = sbinfo->journal_header;
-+ jnode *head = list_entry(ch->tx_list.next, jnode, capture_link);
-+ int ret;
-+
-+ format_journal_header(ch);
-+
-+ ret = write_jnodes_to_disk_extent(jh, 1, jnode_get_block(jh), NULL,
-+ use_barrier ? WRITEOUT_BARRIER : 0);
-+ if (ret)
-+ return ret;
-+
-+ // blk_run_address_space(sbinfo->fake->i_mapping);
-+ /*blk_run_queues(); */
-+
-+ ret = jwait_io(jh, WRITE);
-+
-+ if (ret)
-+ return ret;
-+
-+ sbinfo->last_committed_tx = *jnode_get_block(head);
-+
-+ return 0;
-+}
-+
-+/* This function is called after write-back is finished. We update journal
-+ footer block and free blocks which were occupied by wandered blocks and
-+ transaction wander records */
-+static int update_journal_footer(struct commit_handle *ch, int use_barrier)
-+{
-+ reiser4_super_info_data *sbinfo = get_super_private(ch->super);
-+
-+ jnode *jf = sbinfo->journal_footer;
-+
-+ int ret;
-+
-+ format_journal_footer(ch);
-+
-+ ret = write_jnodes_to_disk_extent(jf, 1, jnode_get_block(jf), NULL,
-+ use_barrier ? WRITEOUT_BARRIER : 0);
-+ if (ret)
-+ return ret;
-+
-+ // blk_run_address_space(sbinfo->fake->i_mapping);
-+ /*blk_run_queue(); */
-+
-+ ret = jwait_io(jf, WRITE);
-+ if (ret)
-+ return ret;
-+
-+ return 0;
-+}
-+
-+/* free block numbers of wander records of already written in place transaction */
-+static void dealloc_tx_list(struct commit_handle *ch)
-+{
-+ while (!list_empty(&ch->tx_list)) {
-+ jnode *cur = list_entry(ch->tx_list.next, jnode, capture_link);
-+ list_del(&cur->capture_link);
-+ ON_DEBUG(INIT_LIST_HEAD(&cur->capture_link));
-+ reiser4_dealloc_block(jnode_get_block(cur), BLOCK_NOT_COUNTED,
-+ BA_FORMATTED);
-+
-+ unpin_jnode_data(cur);
-+ drop_io_head(cur);
-+ }
-+}
-+
-+/* An actor for use in block_nr_iterator() routine which frees wandered blocks
-+ from atom's overwrite set. */
-+static int
-+dealloc_wmap_actor(txn_atom * atom UNUSED_ARG,
-+ const reiser4_block_nr * a UNUSED_ARG,
-+ const reiser4_block_nr * b, void *data UNUSED_ARG)
-+{
-+
-+ assert("zam-499", b != NULL);
-+ assert("zam-500", *b != 0);
-+ assert("zam-501", !blocknr_is_fake(b));
-+
-+ reiser4_dealloc_block(b, BLOCK_NOT_COUNTED, BA_FORMATTED);
-+ return 0;
-+}
-+
-+/* free wandered block locations of already written in place transaction */
-+static void dealloc_wmap(struct commit_handle *ch)
-+{
-+ assert("zam-696", ch->atom != NULL);
-+
-+ blocknr_set_iterator(ch->atom, &ch->atom->wandered_map,
-+ dealloc_wmap_actor, NULL, 1);
-+}
-+
-+/* helper function for alloc wandered blocks, which refill set of block
-+ numbers needed for wandered blocks */
-+static int
-+get_more_wandered_blocks(int count, reiser4_block_nr * start, int *len)
-+{
-+ reiser4_blocknr_hint hint;
-+ int ret;
-+
-+ reiser4_block_nr wide_len = count;
-+
-+ /* FIXME-ZAM: A special policy needed for allocation of wandered blocks
-+ ZAM-FIXME-HANS: yes, what happened to our discussion of using a fixed
-+ reserved allocation area so as to get the best qualities of fixed
-+ journals? */
-+ blocknr_hint_init(&hint);
-+ hint.block_stage = BLOCK_GRABBED;
-+
-+ ret = reiser4_alloc_blocks(&hint, start, &wide_len,
-+ BA_FORMATTED | BA_USE_DEFAULT_SEARCH_START);
-+ *len = (int)wide_len;
-+
-+ return ret;
-+}
-+
-+/*
-+ * roll back changes made before issuing BIO in the case of IO error.
-+ */
-+static void undo_bio(struct bio *bio)
-+{
-+ int i;
-+
-+ for (i = 0; i < bio->bi_vcnt; ++i) {
-+ struct page *pg;
-+ jnode *node;
-+
-+ pg = bio->bi_io_vec[i].bv_page;
-+ ClearPageWriteback(pg);
-+ node = jprivate(pg);
-+ spin_lock_jnode(node);
-+ JF_CLR(node, JNODE_WRITEBACK);
-+ JF_SET(node, JNODE_DIRTY);
-+ spin_unlock_jnode(node);
-+ }
-+ bio_put(bio);
-+}
-+
-+/* put overwrite set back to atom's clean list */
-+static void put_overwrite_set(struct commit_handle *ch)
-+{
-+ jnode *cur;
-+
-+ list_for_each_entry(cur, ch->overwrite_set, capture_link)
-+ jrelse_tail(cur);
-+}
-+
-+/* Count overwrite set size, grab disk space for wandered blocks allocation.
-+ Since we have a separate list for atom's overwrite set we just scan the list,
-+ count bitmap and other not leaf nodes which wandered blocks allocation we
-+ have to grab space for. */
-+static int get_overwrite_set(struct commit_handle *ch)
-+{
-+ int ret;
-+ jnode *cur;
-+ __u64 nr_not_leaves = 0;
-+#if REISER4_DEBUG
-+ __u64 nr_formatted_leaves = 0;
-+ __u64 nr_unformatted_leaves = 0;
-+#endif
-+
-+ assert("zam-697", ch->overwrite_set_size == 0);
-+
-+ ch->overwrite_set = ATOM_OVRWR_LIST(ch->atom);
-+ cur = list_entry(ch->overwrite_set->next, jnode, capture_link);
-+
-+ while (ch->overwrite_set != &cur->capture_link) {
-+ jnode *next = list_entry(cur->capture_link.next, jnode, capture_link);
-+
-+ /* Count bitmap locks for getting correct statistics what number
-+ * of blocks were cleared by the transaction commit. */
-+ if (jnode_get_type(cur) == JNODE_BITMAP)
-+ ch->nr_bitmap++;
-+
-+ assert("zam-939", JF_ISSET(cur, JNODE_OVRWR)
-+ || jnode_get_type(cur) == JNODE_BITMAP);
-+
-+ if (jnode_is_znode(cur) && znode_above_root(JZNODE(cur))) {
-+ /* we replace fake znode by another (real)
-+ znode which is suggested by disk_layout
-+ plugin */
-+
-+ /* FIXME: it looks like fake znode should be
-+ replaced by jnode supplied by
-+ disk_layout. */
-+
-+ struct super_block *s = reiser4_get_current_sb();
-+ reiser4_super_info_data *sbinfo =
-+ get_current_super_private();
-+
-+ if (sbinfo->df_plug->log_super) {
-+ jnode *sj = sbinfo->df_plug->log_super(s);
-+
-+ assert("zam-593", sj != NULL);
-+
-+ if (IS_ERR(sj))
-+ return PTR_ERR(sj);
-+
-+ spin_lock_jnode(sj);
-+ JF_SET(sj, JNODE_OVRWR);
-+ insert_into_atom_ovrwr_list(ch->atom, sj);
-+ spin_unlock_jnode(sj);
-+
-+ /* jload it as the rest of overwrite set */
-+ jload_gfp(sj, get_gfp_mask(), 0);
-+
-+ ch->overwrite_set_size++;
-+ }
-+ spin_lock_jnode(cur);
-+ uncapture_block(cur);
-+ jput(cur);
-+
-+ } else {
-+ int ret;
-+ ch->overwrite_set_size++;
-+ ret = jload_gfp(cur, get_gfp_mask(), 0);
-+ if (ret)
-+ reiser4_panic("zam-783",
-+ "cannot load e-flushed jnode back (ret = %d)\n",
-+ ret);
-+ }
-+
-+ /* Count not leaves here because we have to grab disk space
-+ * for wandered blocks. They were not counted as "flush
-+ * reserved". Counting should be done _after_ nodes are pinned
-+ * into memory by jload(). */
-+ if (!jnode_is_leaf(cur))
-+ nr_not_leaves++;
-+ else {
-+#if REISER4_DEBUG
-+ /* at this point @cur either has JNODE_FLUSH_RESERVED
-+ * or is eflushed. Locking is not strong enough to
-+ * write an assertion checking for this. */
-+ if (jnode_is_znode(cur))
-+ nr_formatted_leaves++;
-+ else
-+ nr_unformatted_leaves++;
-+#endif
-+ JF_CLR(cur, JNODE_FLUSH_RESERVED);
-+ }
-+
-+ cur = next;
-+ }
-+
-+ /* Grab space for writing (wandered blocks) of not leaves found in
-+ * overwrite set. */
-+ ret = reiser4_grab_space_force(nr_not_leaves, BA_RESERVED);
-+ if (ret)
-+ return ret;
-+
-+ /* Disk space for allocation of wandered blocks of leaf nodes already
-+ * reserved as "flush reserved", move it to grabbed space counter. */
-+ spin_lock_atom(ch->atom);
-+ assert("zam-940",
-+ nr_formatted_leaves + nr_unformatted_leaves <=
-+ ch->atom->flush_reserved);
-+ flush_reserved2grabbed(ch->atom, ch->atom->flush_reserved);
-+ spin_unlock_atom(ch->atom);
-+
-+ return ch->overwrite_set_size;
-+}
-+
-+/**
-+ * write_jnodes_to_disk_extent - submit write request
-+ * @head:
-+ * @first: first jnode of the list
-+ * @nr: number of jnodes on the list
-+ * @block_p:
-+ * @fq:
-+ * @flags: used to decide whether page is to get PG_reclaim flag
-+ *
-+ * Submits a write request for @nr jnodes beginning from the @first, other
-+ * jnodes are after the @first on the double-linked "capture" list. All jnodes
-+ * will be written to the disk region of @nr blocks starting with @block_p block
-+ * number. If @fq is not NULL it means that waiting for i/o completion will be
-+ * done more efficiently by using flush_queue_t objects.
-+ * This function is the one which writes list of jnodes in batch mode. It does
-+ * all low-level things as bio construction and page states manipulation.
-+ *
-+ * ZAM-FIXME-HANS: brief me on why this function exists, and why bios are
-+ * aggregated in this function instead of being left to the layers below
-+ *
-+ * FIXME: ZAM->HANS: What layer are you talking about? Can you point me to that?
-+ * Why that layer needed? Why BIOs cannot be constructed here?
-+ */
-+static int write_jnodes_to_disk_extent(
-+ jnode *first, int nr, const reiser4_block_nr *block_p,
-+ flush_queue_t *fq, int flags)
-+{
-+ struct super_block *super = reiser4_get_current_sb();
-+ int write_op = ( flags & WRITEOUT_BARRIER ) ? WRITE_BARRIER : WRITE;
-+ int max_blocks;
-+ jnode *cur = first;
-+ reiser4_block_nr block;
-+
-+ assert("zam-571", first != NULL);
-+ assert("zam-572", block_p != NULL);
-+ assert("zam-570", nr > 0);
-+
-+ block = *block_p;
-+ max_blocks = min(bio_get_nr_vecs(super->s_bdev), BIO_MAX_PAGES);
-+
-+ while (nr > 0) {
-+ struct bio *bio;
-+ int nr_blocks = min(nr, max_blocks);
-+ int i;
-+ int nr_used;
-+
-+ bio = bio_alloc(GFP_NOIO, nr_blocks);
-+ if (!bio)
-+ return RETERR(-ENOMEM);
-+
-+ bio->bi_bdev = super->s_bdev;
-+ bio->bi_sector = block * (super->s_blocksize >> 9);
-+ for (nr_used = 0, i = 0; i < nr_blocks; i++) {
-+ struct page *pg;
-+
-+ pg = jnode_page(cur);
-+ assert("zam-573", pg != NULL);
-+
-+ page_cache_get(pg);
-+
-+ lock_and_wait_page_writeback(pg);
-+
-+ if (!bio_add_page(bio, pg, super->s_blocksize, 0)) {
-+ /*
-+ * underlying device is satiated. Stop adding
-+ * pages to the bio.
-+ */
-+ unlock_page(pg);
-+ page_cache_release(pg);
-+ break;
-+ }
-+
-+ spin_lock_jnode(cur);
-+ assert("nikita-3166",
-+ pg->mapping == jnode_get_mapping(cur));
-+ assert("zam-912", !JF_ISSET(cur, JNODE_WRITEBACK));
-+#if REISER4_DEBUG
-+ spin_lock(&cur->load);
-+ assert("nikita-3165", !jnode_is_releasable(cur));
-+ spin_unlock(&cur->load);
-+#endif
-+ JF_SET(cur, JNODE_WRITEBACK);
-+ JF_CLR(cur, JNODE_DIRTY);
-+ ON_DEBUG(cur->written++);
-+ spin_unlock_jnode(cur);
-+
-+ ClearPageError(pg);
-+ set_page_writeback(pg);
-+
-+ if (get_current_context()->entd) {
-+ /* this is ent thread */
-+ entd_context *ent = get_entd_context(super);
-+ struct wbq *rq, *next;
-+
-+ spin_lock(&ent->guard);
-+
-+ if (pg == ent->cur_request->page) {
-+ /*
-+ * entd is called for this page. This
-+ * request is not in th etodo list
-+ */
-+ ent->cur_request->written = 1;
-+ } else {
-+ /*
-+ * if we have written a page for which writepage
-+ * is called for - move request to another list.
-+ */
-+ list_for_each_entry_safe(rq, next, &ent->todo_list, link) {
-+ assert("", rq->magic == WBQ_MAGIC);
-+ if (pg == rq->page) {
-+ /*
-+ * remove request from
-+ * entd's queue, but do
-+ * not wake up a thread
-+ * which put this
-+ * request
-+ */
-+ list_del_init(&rq->link);
-+ ent->nr_todo_reqs --;
-+ list_add_tail(&rq->link, &ent->done_list);
-+ ent->nr_done_reqs ++;
-+ rq->written = 1;
-+ break;
-+ }
-+ }
-+ }
-+ spin_unlock(&ent->guard);
-+ }
-+
-+ clear_page_dirty_for_io(pg);
-+
-+ unlock_page(pg);
-+
-+ cur = list_entry(cur->capture_link.next, jnode, capture_link);
-+ nr_used++;
-+ }
-+ if (nr_used > 0) {
-+ assert("nikita-3453",
-+ bio->bi_size == super->s_blocksize * nr_used);
-+ assert("nikita-3454", bio->bi_vcnt == nr_used);
-+
-+ /* Check if we are allowed to write at all */
-+ if (super->s_flags & MS_RDONLY)
-+ undo_bio(bio);
-+ else {
-+ int not_supported;
-+
-+ add_fq_to_bio(fq, bio);
-+ bio_get(bio);
-+ reiser4_submit_bio(write_op, bio);
-+ not_supported = bio_flagged(bio, BIO_EOPNOTSUPP);
-+ bio_put(bio);
-+ if (not_supported)
-+ return -EOPNOTSUPP;
-+ }
-+
-+ block += nr_used - 1;
-+ update_blocknr_hint_default(super, &block);
-+ block += 1;
-+ } else {
-+ bio_put(bio);
-+ }
-+ nr -= nr_used;
-+ }
-+
-+ return 0;
-+}
-+
-+/* This is a procedure which recovers a contiguous sequences of disk block
-+ numbers in the given list of j-nodes and submits write requests on this
-+ per-sequence basis */
-+int
-+write_jnode_list(struct list_head *head, flush_queue_t *fq,
-+ long *nr_submitted, int flags)
-+{
-+ int ret;
-+ jnode *beg = list_entry(head->next, jnode, capture_link);
-+
-+ while (head != &beg->capture_link) {
-+ int nr = 1;
-+ jnode *cur = list_entry(beg->capture_link.next, jnode, capture_link);
-+
-+ while (head != &cur->capture_link) {
-+ if (*jnode_get_block(cur) != *jnode_get_block(beg) + nr)
-+ break;
-+ ++nr;
-+ cur = list_entry(cur->capture_link.next, jnode, capture_link);
-+ }
-+
-+ ret = write_jnodes_to_disk_extent(
-+ beg, nr, jnode_get_block(beg), fq, flags);
-+ if (ret)
-+ return ret;
-+
-+ if (nr_submitted)
-+ *nr_submitted += nr;
-+
-+ beg = cur;
-+ }
-+
-+ return 0;
-+}
-+
-+/* add given wandered mapping to atom's wandered map */
-+static int
-+add_region_to_wmap(jnode * cur, int len, const reiser4_block_nr * block_p)
-+{
-+ int ret;
-+ blocknr_set_entry *new_bsep = NULL;
-+ reiser4_block_nr block;
-+
-+ txn_atom *atom;
-+
-+ assert("zam-568", block_p != NULL);
-+ block = *block_p;
-+ assert("zam-569", len > 0);
-+
-+ while ((len--) > 0) {
-+ do {
-+ atom = get_current_atom_locked();
-+ assert("zam-536",
-+ !blocknr_is_fake(jnode_get_block(cur)));
-+ ret =
-+ blocknr_set_add_pair(atom, &atom->wandered_map,
-+ &new_bsep,
-+ jnode_get_block(cur), &block);
-+ } while (ret == -E_REPEAT);
-+
-+ if (ret) {
-+ /* deallocate blocks which were not added to wandered
-+ map */
-+ reiser4_block_nr wide_len = len;
-+
-+ reiser4_dealloc_blocks(&block, &wide_len,
-+ BLOCK_NOT_COUNTED,
-+ BA_FORMATTED
-+ /* formatted, without defer */ );
-+
-+ return ret;
-+ }
-+
-+ spin_unlock_atom(atom);
-+
-+ cur = list_entry(cur->capture_link.next, jnode, capture_link);
-+ ++block;
-+ }
-+
-+ return 0;
-+}
-+
-+/* Allocate wandered blocks for current atom's OVERWRITE SET and immediately
-+ submit IO for allocated blocks. We assume that current atom is in a stage
-+ when any atom fusion is impossible and atom is unlocked and it is safe. */
-+static int alloc_wandered_blocks(struct commit_handle *ch, flush_queue_t *fq)
-+{
-+ reiser4_block_nr block;
-+
-+ int rest;
-+ int len;
-+ int ret;
-+
-+ jnode *cur;
-+
-+ assert("zam-534", ch->overwrite_set_size > 0);
-+
-+ rest = ch->overwrite_set_size;
-+
-+ cur = list_entry(ch->overwrite_set->next, jnode, capture_link);
-+ while (ch->overwrite_set != &cur->capture_link) {
-+ assert("zam-567", JF_ISSET(cur, JNODE_OVRWR));
-+
-+ ret = get_more_wandered_blocks(rest, &block, &len);
-+ if (ret)
-+ return ret;
-+
-+ rest -= len;
-+
-+ ret = add_region_to_wmap(cur, len, &block);
-+ if (ret)
-+ return ret;
-+
-+ ret = write_jnodes_to_disk_extent(cur, len, &block, fq, 0);
-+ if (ret)
-+ return ret;
-+
-+ while ((len--) > 0) {
-+ assert("zam-604",
-+ ch->overwrite_set != &cur->capture_link);
-+ cur = list_entry(cur->capture_link.next, jnode, capture_link);
-+ }
-+ }
-+
-+ return 0;
-+}
-+
-+/* allocate given number of nodes over the journal area and link them into a
-+ list, return pointer to the first jnode in the list */
-+static int alloc_tx(struct commit_handle *ch, flush_queue_t * fq)
-+{
-+ reiser4_blocknr_hint hint;
-+ reiser4_block_nr allocated = 0;
-+ reiser4_block_nr first, len;
-+ jnode *cur;
-+ jnode *txhead;
-+ int ret;
-+ reiser4_context *ctx;
-+ reiser4_super_info_data *sbinfo;
-+
-+ assert("zam-698", ch->tx_size > 0);
-+ assert("zam-699", list_empty_careful(&ch->tx_list));
-+
-+ ctx = get_current_context();
-+ sbinfo = get_super_private(ctx->super);
-+
-+ while (allocated < (unsigned)ch->tx_size) {
-+ len = (ch->tx_size - allocated);
-+
-+ blocknr_hint_init(&hint);
-+
-+ hint.block_stage = BLOCK_GRABBED;
-+
-+ /* FIXME: there should be some block allocation policy for
-+ nodes which contain wander records */
-+
-+ /* We assume that disk space for wandered record blocks can be
-+ * taken from reserved area. */
-+ ret = reiser4_alloc_blocks(&hint, &first, &len,
-+ BA_FORMATTED | BA_RESERVED |
-+ BA_USE_DEFAULT_SEARCH_START);
-+ blocknr_hint_done(&hint);
-+
-+ if (ret)
-+ return ret;
-+
-+ allocated += len;
-+
-+ /* create jnodes for all wander records */
-+ while (len--) {
-+ cur = alloc_io_head(&first);
-+
-+ if (cur == NULL) {
-+ ret = RETERR(-ENOMEM);
-+ goto free_not_assigned;
-+ }
-+
-+ ret = jinit_new(cur, get_gfp_mask());
-+
-+ if (ret != 0) {
-+ jfree(cur);
-+ goto free_not_assigned;
-+ }
-+
-+ pin_jnode_data(cur);
-+
-+ list_add_tail(&cur->capture_link, &ch->tx_list);
-+
-+ first++;
-+ }
-+ }
-+
-+ { /* format a on-disk linked list of wander records */
-+ int serial = 1;
-+
-+ txhead = list_entry(ch->tx_list.next, jnode, capture_link);
-+ format_tx_head(ch);
-+
-+ cur = list_entry(txhead->capture_link.next, jnode, capture_link);
-+ while (&ch->tx_list != &cur->capture_link) {
-+ format_wander_record(ch, cur, serial++);
-+ cur = list_entry(cur->capture_link.next, jnode, capture_link);
-+ }
-+ }
-+
-+ { /* Fill wander records with Wandered Set */
-+ struct store_wmap_params params;
-+ txn_atom *atom;
-+
-+ params.cur = list_entry(txhead->capture_link.next, jnode, capture_link);
-+
-+ params.idx = 0;
-+ params.capacity =
-+ wander_record_capacity(reiser4_get_current_sb());
-+
-+ atom = get_current_atom_locked();
-+ blocknr_set_iterator(atom, &atom->wandered_map,
-+ &store_wmap_actor, ¶ms, 0);
-+ spin_unlock_atom(atom);
-+ }
-+
-+ { /* relse all jnodes from tx_list */
-+ cur = list_entry(ch->tx_list.next, jnode, capture_link);
-+ while (&ch->tx_list != &cur->capture_link) {
-+ jrelse(cur);
-+ cur = list_entry(cur->capture_link.next, jnode, capture_link);
-+ }
-+ }
-+
-+ ret = write_jnode_list(&ch->tx_list, fq, NULL, 0);
-+
-+ return ret;
-+
-+ free_not_assigned:
-+ /* We deallocate blocks not yet assigned to jnodes on tx_list. The
-+ caller takes care about invalidating of tx list */
-+ reiser4_dealloc_blocks(&first, &len, BLOCK_NOT_COUNTED, BA_FORMATTED);
-+
-+ return ret;
-+}
-+
-+static int commit_tx(struct commit_handle *ch)
-+{
-+ flush_queue_t *fq;
-+ int barrier;
-+ int ret;
-+
-+ /* Grab more space for wandered records. */
-+ ret = reiser4_grab_space_force((__u64) (ch->tx_size), BA_RESERVED);
-+ if (ret)
-+ return ret;
-+
-+ fq = get_fq_for_current_atom();
-+ if (IS_ERR(fq))
-+ return PTR_ERR(fq);
-+
-+ spin_unlock_atom(fq->atom);
-+ do {
-+ ret = alloc_wandered_blocks(ch, fq);
-+ if (ret)
-+ break;
-+ ret = alloc_tx(ch, fq);
-+ if (ret)
-+ break;
-+ } while (0);
-+
-+ fq_put(fq);
-+ if (ret)
-+ return ret;
-+ repeat_wo_barrier:
-+ barrier = reiser4_use_write_barrier(ch->super);
-+ if (!barrier) {
-+ ret = current_atom_finish_all_fq();
-+ if (ret)
-+ return ret;
-+ }
-+ ret = update_journal_header(ch, barrier);
-+ if (barrier) {
-+ if (ret) {
-+ if (ret == -EOPNOTSUPP) {
-+ disable_write_barrier(ch->super);
-+ goto repeat_wo_barrier;
-+ }
-+ return ret;
-+ }
-+ ret = current_atom_finish_all_fq();
-+ }
-+ return ret;
-+}
-+
-+
-+static int write_tx_back(struct commit_handle * ch)
-+{
-+ flush_queue_t *fq;
-+ int ret;
-+ int barrier;
-+
-+ post_commit_hook();
-+ fq = get_fq_for_current_atom();
-+ if (IS_ERR(fq))
-+ return PTR_ERR(fq);
-+ spin_unlock_atom(fq->atom);
-+ ret = write_jnode_list(
-+ ch->overwrite_set, fq, NULL, WRITEOUT_FOR_PAGE_RECLAIM);
-+ fq_put(fq);
-+ if (ret)
-+ return ret;
-+ repeat_wo_barrier:
-+ barrier = reiser4_use_write_barrier(ch->super);
-+ if (!barrier) {
-+ ret = current_atom_finish_all_fq();
-+ if (ret)
-+ return ret;
-+ }
-+ ret = update_journal_footer(ch, barrier);
-+ if (barrier) {
-+ if (ret) {
-+ if (ret == -EOPNOTSUPP) {
-+ disable_write_barrier(ch->super);
-+ goto repeat_wo_barrier;
-+ }
-+ return ret;
-+ }
-+ ret = current_atom_finish_all_fq();
-+ }
-+ if (ret)
-+ return ret;
-+ post_write_back_hook();
-+ return 0;
-+}
-+
-+/* We assume that at this moment all captured blocks are marked as RELOC or
-+ WANDER (belong to Relocate o Overwrite set), all nodes from Relocate set
-+ are submitted to write.
-+*/
-+
-+int reiser4_write_logs(long *nr_submitted)
-+{
-+ txn_atom *atom;
-+ struct super_block *super = reiser4_get_current_sb();
-+ reiser4_super_info_data *sbinfo = get_super_private(super);
-+ struct commit_handle ch;
-+ int ret;
-+
-+ writeout_mode_enable();
-+
-+ /* block allocator may add j-nodes to the clean_list */
-+ ret = pre_commit_hook();
-+ if (ret)
-+ return ret;
-+
-+ /* No locks are required if we take atom which stage >=
-+ * ASTAGE_PRE_COMMIT */
-+ atom = get_current_context()->trans->atom;
-+ assert("zam-965", atom != NULL);
-+
-+ /* relocate set is on the atom->clean_nodes list after
-+ * current_atom_complete_writes() finishes. It can be safely
-+ * uncaptured after commit_semaphore is taken, because any atom that
-+ * captures these nodes is guaranteed to commit after current one.
-+ *
-+ * This can only be done after pre_commit_hook(), because it is where
-+ * early flushed jnodes with CREATED bit are transferred to the
-+ * overwrite list. */
-+ invalidate_list(ATOM_CLEAN_LIST(atom));
-+ spin_lock_atom(atom);
-+ /* There might be waiters for the relocate nodes which we have
-+ * released, wake them up. */
-+ atom_send_event(atom);
-+ spin_unlock_atom(atom);
-+
-+ if (REISER4_DEBUG) {
-+ int level;
-+
-+ for (level = 0; level < REAL_MAX_ZTREE_HEIGHT + 1; ++level)
-+ assert("nikita-3352",
-+ list_empty_careful(ATOM_DIRTY_LIST(atom, level)));
-+ }
-+
-+ sbinfo->nr_files_committed += (unsigned)atom->nr_objects_created;
-+ sbinfo->nr_files_committed -= (unsigned)atom->nr_objects_deleted;
-+
-+ init_commit_handle(&ch, atom);
-+
-+ ch.free_blocks = sbinfo->blocks_free_committed;
-+ ch.nr_files = sbinfo->nr_files_committed;
-+ /* ZAM-FIXME-HANS: email me what the contention level is for the super
-+ * lock. */
-+ ch.next_oid = oid_next(super);
-+
-+ /* count overwrite set and place it in a separate list */
-+ ret = get_overwrite_set(&ch);
-+
-+ if (ret <= 0) {
-+ /* It is possible that overwrite set is empty here, it means
-+ all captured nodes are clean */
-+ goto up_and_ret;
-+ }
-+
-+ /* Inform the caller about what number of dirty pages will be
-+ * submitted to disk. */
-+ *nr_submitted += ch.overwrite_set_size - ch.nr_bitmap;
-+
-+ /* count all records needed for storing of the wandered set */
-+ get_tx_size(&ch);
-+
-+ ret = commit_tx(&ch);
-+ if (ret)
-+ goto up_and_ret;
-+
-+ spin_lock_atom(atom);
-+ atom_set_stage(atom, ASTAGE_POST_COMMIT);
-+ spin_unlock_atom(atom);
-+
-+ ret = write_tx_back(&ch);
-+ post_write_back_hook();
-+
-+ up_and_ret:
-+ if (ret) {
-+ /* there could be fq attached to current atom; the only way to
-+ remove them is: */
-+ current_atom_finish_all_fq();
-+ }
-+
-+ /* free blocks of flushed transaction */
-+ dealloc_tx_list(&ch);
-+ dealloc_wmap(&ch);
-+
-+ put_overwrite_set(&ch);
-+
-+ done_commit_handle(&ch);
-+
-+ writeout_mode_disable();
-+
-+ return ret;
-+}
-+
-+/* consistency checks for journal data/control blocks: header, footer, log
-+ records, transactions head blocks. All functions return zero on success. */
-+
-+static int check_journal_header(const jnode * node UNUSED_ARG)
-+{
-+ /* FIXME: journal header has no magic field yet. */
-+ return 0;
-+}
-+
-+/* wait for write completion for all jnodes from given list */
-+static int wait_on_jnode_list(struct list_head *head)
-+{
-+ jnode *scan;
-+ int ret = 0;
-+
-+ list_for_each_entry(scan, head, capture_link) {
-+ struct page *pg = jnode_page(scan);
-+
-+ if (pg) {
-+ if (PageWriteback(pg))
-+ wait_on_page_writeback(pg);
-+
-+ if (PageError(pg))
-+ ret++;
-+ }
-+ }
-+
-+ return ret;
-+}
-+
-+static int check_journal_footer(const jnode * node UNUSED_ARG)
-+{
-+ /* FIXME: journal footer has no magic field yet. */
-+ return 0;
-+}
-+
-+static int check_tx_head(const jnode * node)
-+{
-+ struct tx_header *header = (struct tx_header *)jdata(node);
-+
-+ if (memcmp(&header->magic, TX_HEADER_MAGIC, TX_HEADER_MAGIC_SIZE) != 0) {
-+ warning("zam-627", "tx head at block %s corrupted\n",
-+ sprint_address(jnode_get_block(node)));
-+ return RETERR(-EIO);
-+ }
-+
-+ return 0;
-+}
-+
-+static int check_wander_record(const jnode * node)
-+{
-+ struct wander_record_header *RH =
-+ (struct wander_record_header *)jdata(node);
-+
-+ if (memcmp(&RH->magic, WANDER_RECORD_MAGIC, WANDER_RECORD_MAGIC_SIZE) !=
-+ 0) {
-+ warning("zam-628", "wander record at block %s corrupted\n",
-+ sprint_address(jnode_get_block(node)));
-+ return RETERR(-EIO);
-+ }
-+
-+ return 0;
-+}
-+
-+/* fill commit_handler structure by everything what is needed for update_journal_footer */
-+static int restore_commit_handle(struct commit_handle *ch, jnode *tx_head)
-+{
-+ struct tx_header *TXH;
-+ int ret;
-+
-+ ret = jload(tx_head);
-+ if (ret)
-+ return ret;
-+
-+ TXH = (struct tx_header *)jdata(tx_head);
-+
-+ ch->free_blocks = le64_to_cpu(get_unaligned(&TXH->free_blocks));
-+ ch->nr_files = le64_to_cpu(get_unaligned(&TXH->nr_files));
-+ ch->next_oid = le64_to_cpu(get_unaligned(&TXH->next_oid));
-+
-+ jrelse(tx_head);
-+
-+ list_add(&tx_head->capture_link, &ch->tx_list);
-+
-+ return 0;
-+}
-+
-+/* replay one transaction: restore and write overwrite set in place */
-+static int replay_transaction(const struct super_block *s,
-+ jnode * tx_head,
-+ const reiser4_block_nr * log_rec_block_p,
-+ const reiser4_block_nr * end_block,
-+ unsigned int nr_wander_records)
-+{
-+ reiser4_block_nr log_rec_block = *log_rec_block_p;
-+ struct commit_handle ch;
-+ LIST_HEAD(overwrite_set);
-+ jnode *log;
-+ int ret;
-+
-+ init_commit_handle(&ch, NULL);
-+ ch.overwrite_set = &overwrite_set;
-+
-+ restore_commit_handle(&ch, tx_head);
-+
-+ while (log_rec_block != *end_block) {
-+ struct wander_record_header *header;
-+ struct wander_entry *entry;
-+
-+ int i;
-+
-+ if (nr_wander_records == 0) {
-+ warning("zam-631",
-+ "number of wander records in the linked list"
-+ " greater than number stored in tx head.\n");
-+ ret = RETERR(-EIO);
-+ goto free_ow_set;
-+ }
-+
-+ log = alloc_io_head(&log_rec_block);
-+ if (log == NULL)
-+ return RETERR(-ENOMEM);
-+
-+ ret = jload(log);
-+ if (ret < 0) {
-+ drop_io_head(log);
-+ return ret;
-+ }
-+
-+ ret = check_wander_record(log);
-+ if (ret) {
-+ jrelse(log);
-+ drop_io_head(log);
-+ return ret;
-+ }
-+
-+ header = (struct wander_record_header *)jdata(log);
-+ log_rec_block = le64_to_cpu(get_unaligned(&header->next_block));
-+
-+ entry = (struct wander_entry *)(header + 1);
-+
-+ /* restore overwrite set from wander record content */
-+ for (i = 0; i < wander_record_capacity(s); i++) {
-+ reiser4_block_nr block;
-+ jnode *node;
-+
-+ block = le64_to_cpu(get_unaligned(&entry->wandered));
-+ if (block == 0)
-+ break;
-+
-+ node = alloc_io_head(&block);
-+ if (node == NULL) {
-+ ret = RETERR(-ENOMEM);
-+ /*
-+ * FIXME-VS:???
-+ */
-+ jrelse(log);
-+ drop_io_head(log);
-+ goto free_ow_set;
-+ }
-+
-+ ret = jload(node);
-+
-+ if (ret < 0) {
-+ drop_io_head(node);
-+ /*
-+ * FIXME-VS:???
-+ */
-+ jrelse(log);
-+ drop_io_head(log);
-+ goto free_ow_set;
-+ }
-+
-+ block = le64_to_cpu(get_unaligned(&entry->original));
-+
-+ assert("zam-603", block != 0);
-+
-+ jnode_set_block(node, &block);
-+
-+ list_add_tail(&node->capture_link, ch.overwrite_set);
-+
-+ ++entry;
-+ }
-+
-+ jrelse(log);
-+ drop_io_head(log);
-+
-+ --nr_wander_records;
-+ }
-+
-+ if (nr_wander_records != 0) {
-+ warning("zam-632", "number of wander records in the linked list"
-+ " less than number stored in tx head.\n");
-+ ret = RETERR(-EIO);
-+ goto free_ow_set;
-+ }
-+
-+ { /* write wandered set in place */
-+ write_jnode_list(ch.overwrite_set, NULL, NULL, 0);
-+ ret = wait_on_jnode_list(ch.overwrite_set);
-+
-+ if (ret) {
-+ ret = RETERR(-EIO);
-+ goto free_ow_set;
-+ }
-+ }
-+
-+ ret = update_journal_footer(&ch, 0);
-+
-+ free_ow_set:
-+
-+ while (!list_empty(ch.overwrite_set)) {
-+ jnode *cur = list_entry(ch.overwrite_set->next, jnode, capture_link);
-+ list_del_init(&cur->capture_link);
-+ jrelse(cur);
-+ drop_io_head(cur);
-+ }
-+
-+ list_del_init(&tx_head->capture_link);
-+
-+ done_commit_handle(&ch);
-+
-+ return ret;
-+}
-+
-+/* find oldest committed and not played transaction and play it. The transaction
-+ * was committed and journal header block was updated but the blocks from the
-+ * process of writing the atom's overwrite set in-place and updating of journal
-+ * footer block were not completed. This function completes the process by
-+ * recovering the atom's overwrite set from their wandered locations and writes
-+ * them in-place and updating the journal footer. */
-+static int replay_oldest_transaction(struct super_block *s)
-+{
-+ reiser4_super_info_data *sbinfo = get_super_private(s);
-+ jnode *jf = sbinfo->journal_footer;
-+ unsigned int total;
-+ struct journal_footer *F;
-+ struct tx_header *T;
-+
-+ reiser4_block_nr prev_tx;
-+ reiser4_block_nr last_flushed_tx;
-+ reiser4_block_nr log_rec_block = 0;
-+
-+ jnode *tx_head;
-+
-+ int ret;
-+
-+ if ((ret = jload(jf)) < 0)
-+ return ret;
-+
-+ F = (struct journal_footer *)jdata(jf);
-+
-+ last_flushed_tx = le64_to_cpu(get_unaligned(&F->last_flushed_tx));
-+
-+ jrelse(jf);
-+
-+ if (sbinfo->last_committed_tx == last_flushed_tx) {
-+ /* all transactions are replayed */
-+ return 0;
-+ }
-+
-+ prev_tx = sbinfo->last_committed_tx;
-+
-+ /* searching for oldest not flushed transaction */
-+ while (1) {
-+ tx_head = alloc_io_head(&prev_tx);
-+ if (!tx_head)
-+ return RETERR(-ENOMEM);
-+
-+ ret = jload(tx_head);
-+ if (ret < 0) {
-+ drop_io_head(tx_head);
-+ return ret;
-+ }
-+
-+ ret = check_tx_head(tx_head);
-+ if (ret) {
-+ jrelse(tx_head);
-+ drop_io_head(tx_head);
-+ return ret;
-+ }
-+
-+ T = (struct tx_header *)jdata(tx_head);
-+
-+ prev_tx = le64_to_cpu(get_unaligned(&T->prev_tx));
-+
-+ if (prev_tx == last_flushed_tx)
-+ break;
-+
-+ jrelse(tx_head);
-+ drop_io_head(tx_head);
-+ }
-+
-+ total = le32_to_cpu(get_unaligned(&T->total));
-+ log_rec_block = le64_to_cpu(get_unaligned(&T->next_block));
-+
-+ pin_jnode_data(tx_head);
-+ jrelse(tx_head);
-+
-+ ret =
-+ replay_transaction(s, tx_head, &log_rec_block,
-+ jnode_get_block(tx_head), total - 1);
-+
-+ unpin_jnode_data(tx_head);
-+ drop_io_head(tx_head);
-+
-+ if (ret)
-+ return ret;
-+ return -E_REPEAT;
-+}
-+
-+/* The reiser4 journal current implementation was optimized to not to capture
-+ super block if certain super blocks fields are modified. Currently, the set
-+ is (<free block count>, <OID allocator>). These fields are logged by
-+ special way which includes storing them in each transaction head block at
-+ atom commit time and writing that information to journal footer block at
-+ atom flush time. For getting info from journal footer block to the
-+ in-memory super block there is a special function
-+ reiser4_journal_recover_sb_data() which should be called after disk format
-+ plugin re-reads super block after journal replaying.
-+*/
-+
-+/* get the information from journal footer in-memory super block */
-+int reiser4_journal_recover_sb_data(struct super_block *s)
-+{
-+ reiser4_super_info_data *sbinfo = get_super_private(s);
-+ struct journal_footer *jf;
-+ int ret;
-+
-+ assert("zam-673", sbinfo->journal_footer != NULL);
-+
-+ ret = jload(sbinfo->journal_footer);
-+ if (ret != 0)
-+ return ret;
-+
-+ ret = check_journal_footer(sbinfo->journal_footer);
-+ if (ret != 0)
-+ goto out;
-+
-+ jf = (struct journal_footer *)jdata(sbinfo->journal_footer);
-+
-+ /* was there at least one flushed transaction? */
-+ if (jf->last_flushed_tx) {
-+
-+ /* restore free block counter logged in this transaction */
-+ reiser4_set_free_blocks(s, le64_to_cpu(get_unaligned(&jf->free_blocks)));
-+
-+ /* restore oid allocator state */
-+ oid_init_allocator(s,
-+ le64_to_cpu(get_unaligned(&jf->nr_files)),
-+ le64_to_cpu(get_unaligned(&jf->next_oid)));
-+ }
-+ out:
-+ jrelse(sbinfo->journal_footer);
-+ return ret;
-+}
-+
-+/* reiser4 replay journal procedure */
-+int reiser4_journal_replay(struct super_block *s)
-+{
-+ reiser4_super_info_data *sbinfo = get_super_private(s);
-+ jnode *jh, *jf;
-+ struct journal_header *header;
-+ int nr_tx_replayed = 0;
-+ int ret;
-+
-+ assert("zam-582", sbinfo != NULL);
-+
-+ jh = sbinfo->journal_header;
-+ jf = sbinfo->journal_footer;
-+
-+ if (!jh || !jf) {
-+ /* it is possible that disk layout does not support journal
-+ structures, we just warn about this */
-+ warning("zam-583",
-+ "journal control blocks were not loaded by disk layout plugin. "
-+ "journal replaying is not possible.\n");
-+ return 0;
-+ }
-+
-+ /* Take free block count from journal footer block. The free block
-+ counter value corresponds the last flushed transaction state */
-+ ret = jload(jf);
-+ if (ret < 0)
-+ return ret;
-+
-+ ret = check_journal_footer(jf);
-+ if (ret) {
-+ jrelse(jf);
-+ return ret;
-+ }
-+
-+ jrelse(jf);
-+
-+ /* store last committed transaction info in reiser4 in-memory super
-+ block */
-+ ret = jload(jh);
-+ if (ret < 0)
-+ return ret;
-+
-+ ret = check_journal_header(jh);
-+ if (ret) {
-+ jrelse(jh);
-+ return ret;
-+ }
-+
-+ header = (struct journal_header *)jdata(jh);
-+ sbinfo->last_committed_tx = le64_to_cpu(get_unaligned(&header->last_committed_tx));
-+
-+ jrelse(jh);
-+
-+ /* replay committed transactions */
-+ while ((ret = replay_oldest_transaction(s)) == -E_REPEAT)
-+ nr_tx_replayed++;
-+
-+ return ret;
-+}
-+
-+/* load journal control block (either journal header or journal footer block) */
-+static int
-+load_journal_control_block(jnode ** node, const reiser4_block_nr * block)
-+{
-+ int ret;
-+
-+ *node = alloc_io_head(block);
-+ if (!(*node))
-+ return RETERR(-ENOMEM);
-+
-+ ret = jload(*node);
-+
-+ if (ret) {
-+ drop_io_head(*node);
-+ *node = NULL;
-+ return ret;
-+ }
-+
-+ pin_jnode_data(*node);
-+ jrelse(*node);
-+
-+ return 0;
-+}
-+
-+/* unload journal header or footer and free jnode */
-+static void unload_journal_control_block(jnode ** node)
-+{
-+ if (*node) {
-+ unpin_jnode_data(*node);
-+ drop_io_head(*node);
-+ *node = NULL;
-+ }
-+}
-+
-+/* release journal control blocks */
-+void done_journal_info(struct super_block *s)
-+{
-+ reiser4_super_info_data *sbinfo = get_super_private(s);
-+
-+ assert("zam-476", sbinfo != NULL);
-+
-+ unload_journal_control_block(&sbinfo->journal_header);
-+ unload_journal_control_block(&sbinfo->journal_footer);
-+ rcu_barrier();
-+}
-+
-+/* load journal control blocks */
-+int init_journal_info(struct super_block *s)
-+{
-+ reiser4_super_info_data *sbinfo = get_super_private(s);
-+ journal_location *loc;
-+ int ret;
-+
-+ loc = &sbinfo->jloc;
-+
-+ assert("zam-651", loc != NULL);
-+ assert("zam-652", loc->header != 0);
-+ assert("zam-653", loc->footer != 0);
-+
-+ ret = load_journal_control_block(&sbinfo->journal_header, &loc->header);
-+
-+ if (ret)
-+ return ret;
-+
-+ ret = load_journal_control_block(&sbinfo->journal_footer, &loc->footer);
-+
-+ if (ret) {
-+ unload_journal_control_block(&sbinfo->journal_header);
-+ }
-+
-+ return ret;
-+}
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 80
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/wander.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/wander.h
-@@ -0,0 +1,135 @@
-+/* Copyright 2002, 2003 by Hans Reiser, licensing governed by reiser4/README */
-+
-+#if !defined (__FS_REISER4_WANDER_H__)
-+#define __FS_REISER4_WANDER_H__
-+
-+#include "dformat.h"
-+
-+#include <linux/fs.h> /* for struct super_block */
-+
-+/* REISER4 JOURNAL ON-DISK DATA STRUCTURES */
-+
-+#define TX_HEADER_MAGIC "TxMagic4"
-+#define WANDER_RECORD_MAGIC "LogMagc4"
-+
-+#define TX_HEADER_MAGIC_SIZE (8)
-+#define WANDER_RECORD_MAGIC_SIZE (8)
-+
-+/* journal header block format */
-+struct journal_header {
-+ /* last written transaction head location */
-+ d64 last_committed_tx;
-+};
-+
-+typedef struct journal_location {
-+ reiser4_block_nr footer;
-+ reiser4_block_nr header;
-+} journal_location;
-+
-+/* The wander.c head comment describes usage and semantic of all these structures */
-+/* journal footer block format */
-+struct journal_footer {
-+ /* last flushed transaction location. */
-+ /* This block number is no more valid after the transaction it points
-+ to gets flushed, this number is used only at journal replaying time
-+ for detection of the end of on-disk list of committed transactions
-+ which were not flushed completely */
-+ d64 last_flushed_tx;
-+
-+ /* free block counter is written in journal footer at transaction
-+ flushing , not in super block because free blocks counter is logged
-+ by another way than super block fields (root pointer, for
-+ example). */
-+ d64 free_blocks;
-+
-+ /* number of used OIDs and maximal used OID are logged separately from
-+ super block */
-+ d64 nr_files;
-+ d64 next_oid;
-+};
-+
-+/* Each wander record (except the first one) has unified format with wander
-+ record header followed by an array of log entries */
-+struct wander_record_header {
-+ /* when there is no predefined location for wander records, this magic
-+ string should help reiser4fsck. */
-+ char magic[WANDER_RECORD_MAGIC_SIZE];
-+
-+ /* transaction id */
-+ d64 id;
-+
-+ /* total number of wander records in current transaction */
-+ d32 total;
-+
-+ /* this block number in transaction */
-+ d32 serial;
-+
-+ /* number of previous block in commit */
-+ d64 next_block;
-+};
-+
-+/* The first wander record (transaction head) of written transaction has the
-+ special format */
-+struct tx_header {
-+ /* magic string makes first block in transaction different from other
-+ logged blocks, it should help fsck. */
-+ char magic[TX_HEADER_MAGIC_SIZE];
-+
-+ /* transaction id */
-+ d64 id;
-+
-+ /* total number of records (including this first tx head) in the
-+ transaction */
-+ d32 total;
-+
-+ /* align next field to 8-byte boundary; this field always is zero */
-+ d32 padding;
-+
-+ /* block number of previous transaction head */
-+ d64 prev_tx;
-+
-+ /* next wander record location */
-+ d64 next_block;
-+
-+ /* committed versions of free blocks counter */
-+ d64 free_blocks;
-+
-+ /* number of used OIDs (nr_files) and maximal used OID are logged
-+ separately from super block */
-+ d64 nr_files;
-+ d64 next_oid;
-+};
-+
-+/* A transaction gets written to disk as a set of wander records (each wander
-+ record size is fs block) */
-+
-+/* As it was told above a wander The rest of wander record is filled by these log entries, unused space filled
-+ by zeroes */
-+struct wander_entry {
-+ d64 original; /* block original location */
-+ d64 wandered; /* block wandered location */
-+};
-+
-+/* REISER4 JOURNAL WRITER FUNCTIONS */
-+
-+extern int reiser4_write_logs(long *);
-+extern int reiser4_journal_replay(struct super_block *);
-+extern int reiser4_journal_recover_sb_data(struct super_block *);
-+
-+extern int init_journal_info(struct super_block *);
-+extern void done_journal_info(struct super_block *);
-+
-+extern int write_jnode_list(struct list_head *, flush_queue_t *, long *, int);
-+
-+#endif /* __FS_REISER4_WANDER_H__ */
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 80
-+ scroll-step: 1
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/writeout.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/writeout.h
-@@ -0,0 +1,21 @@
-+/* Copyright 2002, 2003, 2004 by Hans Reiser, licensing governed by reiser4/README */
-+
-+#if !defined (__FS_REISER4_WRITEOUT_H__)
-+
-+#define WRITEOUT_SINGLE_STREAM (0x1)
-+#define WRITEOUT_FOR_PAGE_RECLAIM (0x2)
-+#define WRITEOUT_BARRIER (0x4)
-+
-+extern int get_writeout_flags(void);
-+
-+#endif /* __FS_REISER4_WRITEOUT_H__ */
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 80
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/znode.c
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/znode.c
-@@ -0,0 +1,1028 @@
-+/* Copyright 2001, 2002, 2003 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+/* Znode manipulation functions. */
-+/* Znode is the in-memory header for a tree node. It is stored
-+ separately from the node itself so that it does not get written to
-+ disk. In this respect znode is like buffer head or page head. We
-+ also use znodes for additional reiser4 specific purposes:
-+
-+ . they are organized into tree structure which is a part of whole
-+ reiser4 tree.
-+ . they are used to implement node grained locking
-+ . they are used to keep additional state associated with a
-+ node
-+ . they contain links to lists used by the transaction manager
-+
-+ Znode is attached to some variable "block number" which is instance of
-+ fs/reiser4/tree.h:reiser4_block_nr type. Znode can exist without
-+ appropriate node being actually loaded in memory. Existence of znode itself
-+ is regulated by reference count (->x_count) in it. Each time thread
-+ acquires reference to znode through call to zget(), ->x_count is
-+ incremented and decremented on call to zput(). Data (content of node) are
-+ brought in memory through call to zload(), which also increments ->d_count
-+ reference counter. zload can block waiting on IO. Call to zrelse()
-+ decreases this counter. Also, ->c_count keeps track of number of child
-+ znodes and prevents parent znode from being recycled until all of its
-+ children are. ->c_count is decremented whenever child goes out of existence
-+ (being actually recycled in zdestroy()) which can be some time after last
-+ reference to this child dies if we support some form of LRU cache for
-+ znodes.
-+
-+*/
-+/* EVERY ZNODE'S STORY
-+
-+ 1. His infancy.
-+
-+ Once upon a time, the znode was born deep inside of zget() by call to
-+ zalloc(). At the return from zget() znode had:
-+
-+ . reference counter (x_count) of 1
-+ . assigned block number, marked as used in bitmap
-+ . pointer to parent znode. Root znode parent pointer points
-+ to its father: "fake" znode. This, in turn, has NULL parent pointer.
-+ . hash table linkage
-+ . no data loaded from disk
-+ . no node plugin
-+ . no sibling linkage
-+
-+ 2. His childhood
-+
-+ Each node is either brought into memory as a result of tree traversal, or
-+ created afresh, creation of the root being a special case of the latter. In
-+ either case it's inserted into sibling list. This will typically require
-+ some ancillary tree traversing, but ultimately both sibling pointers will
-+ exist and JNODE_LEFT_CONNECTED and JNODE_RIGHT_CONNECTED will be true in
-+ zjnode.state.
-+
-+ 3. His youth.
-+
-+ If znode is bound to already existing node in a tree, its content is read
-+ from the disk by call to zload(). At that moment, JNODE_LOADED bit is set
-+ in zjnode.state and zdata() function starts to return non null for this
-+ znode. zload() further calls zparse() that determines which node layout
-+ this node is rendered in, and sets ->nplug on success.
-+
-+ If znode is for new node just created, memory for it is allocated and
-+ zinit_new() function is called to initialise data, according to selected
-+ node layout.
-+
-+ 4. His maturity.
-+
-+ After this point, znode lingers in memory for some time. Threads can
-+ acquire references to znode either by blocknr through call to zget(), or by
-+ following a pointer to unallocated znode from internal item. Each time
-+ reference to znode is obtained, x_count is increased. Thread can read/write
-+ lock znode. Znode data can be loaded through calls to zload(), d_count will
-+ be increased appropriately. If all references to znode are released
-+ (x_count drops to 0), znode is not recycled immediately. Rather, it is
-+ still cached in the hash table in the hope that it will be accessed
-+ shortly.
-+
-+ There are two ways in which znode existence can be terminated:
-+
-+ . sudden death: node bound to this znode is removed from the tree
-+ . overpopulation: znode is purged out of memory due to memory pressure
-+
-+ 5. His death.
-+
-+ Death is complex process.
-+
-+ When we irrevocably commit ourselves to decision to remove node from the
-+ tree, JNODE_HEARD_BANSHEE bit is set in zjnode.state of corresponding
-+ znode. This is done either in ->kill_hook() of internal item or in
-+ kill_root() function when tree root is removed.
-+
-+ At this moment znode still has:
-+
-+ . locks held on it, necessary write ones
-+ . references to it
-+ . disk block assigned to it
-+ . data loaded from the disk
-+ . pending requests for lock
-+
-+ But once JNODE_HEARD_BANSHEE bit set, last call to unlock_znode() does node
-+ deletion. Node deletion includes two phases. First all ways to get
-+ references to that znode (sibling and parent links and hash lookup using
-+ block number stored in parent node) should be deleted -- it is done through
-+ sibling_list_remove(), also we assume that nobody uses down link from
-+ parent node due to its nonexistence or proper parent node locking and
-+ nobody uses parent pointers from children due to absence of them. Second we
-+ invalidate all pending lock requests which still are on znode's lock
-+ request queue, this is done by invalidate_lock(). Another JNODE_IS_DYING
-+ znode status bit is used to invalidate pending lock requests. Once it set
-+ all requesters are forced to return -EINVAL from
-+ longterm_lock_znode(). Future locking attempts are not possible because all
-+ ways to get references to that znode are removed already. Last, node is
-+ uncaptured from transaction.
-+
-+ When last reference to the dying znode is just about to be released,
-+ block number for this lock is released and znode is removed from the
-+ hash table.
-+
-+ Now znode can be recycled.
-+
-+ [it's possible to free bitmap block and remove znode from the hash
-+ table when last lock is released. This will result in having
-+ referenced but completely orphaned znode]
-+
-+ 6. Limbo
-+
-+ As have been mentioned above znodes with reference counter 0 are
-+ still cached in a hash table. Once memory pressure increases they are
-+ purged out of there [this requires something like LRU list for
-+ efficient implementation. LRU list would also greatly simplify
-+ implementation of coord cache that would in this case morph to just
-+ scanning some initial segment of LRU list]. Data loaded into
-+ unreferenced znode are flushed back to the durable storage if
-+ necessary and memory is freed. Znodes themselves can be recycled at
-+ this point too.
-+
-+*/
-+
-+#include "debug.h"
-+#include "dformat.h"
-+#include "key.h"
-+#include "coord.h"
-+#include "plugin/plugin_header.h"
-+#include "plugin/node/node.h"
-+#include "plugin/plugin.h"
-+#include "txnmgr.h"
-+#include "jnode.h"
-+#include "znode.h"
-+#include "block_alloc.h"
-+#include "tree.h"
-+#include "tree_walk.h"
-+#include "super.h"
-+#include "reiser4.h"
-+
-+#include <linux/pagemap.h>
-+#include <linux/spinlock.h>
-+#include <linux/slab.h>
-+#include <linux/err.h>
-+
-+static z_hash_table *get_htable(reiser4_tree *,
-+ const reiser4_block_nr * const blocknr);
-+static z_hash_table *znode_get_htable(const znode *);
-+static void zdrop(znode *);
-+
-+/* hash table support */
-+
-+/* compare two block numbers for equality. Used by hash-table macros */
-+static inline int
-+blknreq(const reiser4_block_nr * b1, const reiser4_block_nr * b2)
-+{
-+ assert("nikita-534", b1 != NULL);
-+ assert("nikita-535", b2 != NULL);
-+
-+ return *b1 == *b2;
-+}
-+
-+/* Hash znode by block number. Used by hash-table macros */
-+/* Audited by: umka (2002.06.11) */
-+static inline __u32
-+blknrhashfn(z_hash_table * table, const reiser4_block_nr * b)
-+{
-+ assert("nikita-536", b != NULL);
-+
-+ return *b & (REISER4_ZNODE_HASH_TABLE_SIZE - 1);
-+}
-+
-+/* The hash table definition */
-+#define KMALLOC(size) kmalloc((size), GFP_KERNEL)
-+#define KFREE(ptr, size) kfree(ptr)
-+TYPE_SAFE_HASH_DEFINE(z, znode, reiser4_block_nr, zjnode.key.z, zjnode.link.z,
-+ blknrhashfn, blknreq);
-+#undef KFREE
-+#undef KMALLOC
-+
-+/* slab for znodes */
-+static kmem_cache_t *znode_cache;
-+
-+int znode_shift_order;
-+
-+/**
-+ * init_znodes - create znode cache
-+ *
-+ * Initializes slab cache of znodes. It is part of reiser4 module initialization.
-+ */
-+int init_znodes(void)
-+{
-+ znode_cache = kmem_cache_create("znode", sizeof(znode), 0,
-+ SLAB_HWCACHE_ALIGN |
-+ SLAB_RECLAIM_ACCOUNT, NULL, NULL);
-+ if (znode_cache == NULL)
-+ return RETERR(-ENOMEM);
-+
-+ for (znode_shift_order = 0; (1 << znode_shift_order) < sizeof(znode);
-+ ++znode_shift_order);
-+ --znode_shift_order;
-+ return 0;
-+}
-+
-+/**
-+ * done_znodes - delete znode cache
-+ *
-+ * This is called on reiser4 module unloading or system shutdown.
-+ */
-+void done_znodes(void)
-+{
-+ destroy_reiser4_cache(&znode_cache);
-+}
-+
-+/* call this to initialise tree of znodes */
-+int znodes_tree_init(reiser4_tree * tree /* tree to initialise znodes for */ )
-+{
-+ int result;
-+ assert("umka-050", tree != NULL);
-+
-+ rwlock_init(&tree->dk_lock);
-+
-+ result = z_hash_init(&tree->zhash_table, REISER4_ZNODE_HASH_TABLE_SIZE);
-+ if (result != 0)
-+ return result;
-+ result = z_hash_init(&tree->zfake_table, REISER4_ZNODE_HASH_TABLE_SIZE);
-+ return result;
-+}
-+
-+/* free this znode */
-+void zfree(znode * node /* znode to free */ )
-+{
-+ assert("nikita-465", node != NULL);
-+ assert("nikita-2120", znode_page(node) == NULL);
-+ assert("nikita-2301", list_empty_careful(&node->lock.owners));
-+ assert("nikita-2302", list_empty_careful(&node->lock.requestors));
-+ assert("nikita-2663", (list_empty_careful(&ZJNODE(node)->capture_link) &&
-+ NODE_LIST(ZJNODE(node)) == NOT_CAPTURED));
-+ assert("nikita-3220", list_empty(&ZJNODE(node)->jnodes));
-+ assert("nikita-3293", !znode_is_right_connected(node));
-+ assert("nikita-3294", !znode_is_left_connected(node));
-+ assert("nikita-3295", node->left == NULL);
-+ assert("nikita-3296", node->right == NULL);
-+
-+ /* not yet phash_jnode_destroy(ZJNODE(node)); */
-+
-+ kmem_cache_free(znode_cache, node);
-+}
-+
-+/* call this to free tree of znodes */
-+void znodes_tree_done(reiser4_tree * tree /* tree to finish with znodes of */ )
-+{
-+ znode *node;
-+ znode *next;
-+ z_hash_table *ztable;
-+
-+ /* scan znode hash-tables and kill all znodes, then free hash tables
-+ * themselves. */
-+
-+ assert("nikita-795", tree != NULL);
-+
-+ ztable = &tree->zhash_table;
-+
-+ if (ztable->_table != NULL) {
-+ for_all_in_htable(ztable, z, node, next) {
-+ node->c_count = 0;
-+ node->in_parent.node = NULL;
-+ assert("nikita-2179", atomic_read(&ZJNODE(node)->x_count) == 0);
-+ zdrop(node);
-+ }
-+
-+ z_hash_done(&tree->zhash_table);
-+ }
-+
-+ ztable = &tree->zfake_table;
-+
-+ if (ztable->_table != NULL) {
-+ for_all_in_htable(ztable, z, node, next) {
-+ node->c_count = 0;
-+ node->in_parent.node = NULL;
-+ assert("nikita-2179", atomic_read(&ZJNODE(node)->x_count) == 0);
-+ zdrop(node);
-+ }
-+
-+ z_hash_done(&tree->zfake_table);
-+ }
-+}
-+
-+/* ZNODE STRUCTURES */
-+
-+/* allocate fresh znode */
-+znode *zalloc(gfp_t gfp_flag /* allocation flag */ )
-+{
-+ znode *node;
-+
-+ node = kmem_cache_alloc(znode_cache, gfp_flag);
-+ return node;
-+}
-+
-+/* Initialize fields of znode
-+ @node: znode to initialize;
-+ @parent: parent znode;
-+ @tree: tree we are in. */
-+void zinit(znode * node, const znode * parent, reiser4_tree * tree)
-+{
-+ assert("nikita-466", node != NULL);
-+ assert("umka-268", current_tree != NULL);
-+
-+ memset(node, 0, sizeof *node);
-+
-+ assert("umka-051", tree != NULL);
-+
-+ jnode_init(&node->zjnode, tree, JNODE_FORMATTED_BLOCK);
-+ reiser4_init_lock(&node->lock);
-+ init_parent_coord(&node->in_parent, parent);
-+}
-+
-+/*
-+ * remove znode from indices. This is called jput() when last reference on
-+ * znode is released.
-+ */
-+void znode_remove(znode * node /* znode to remove */ , reiser4_tree * tree)
-+{
-+ assert("nikita-2108", node != NULL);
-+ assert("nikita-470", node->c_count == 0);
-+ assert_rw_write_locked(&(tree->tree_lock));
-+
-+ /* remove reference to this znode from cbk cache */
-+ cbk_cache_invalidate(node, tree);
-+
-+ /* update c_count of parent */
-+ if (znode_parent(node) != NULL) {
-+ assert("nikita-472", znode_parent(node)->c_count > 0);
-+ /* father, onto your hands I forward my spirit... */
-+ znode_parent(node)->c_count--;
-+ node->in_parent.node = NULL;
-+ } else {
-+ /* orphaned znode?! Root? */
-+ }
-+
-+ /* remove znode from hash-table */
-+ z_hash_remove_rcu(znode_get_htable(node), node);
-+}
-+
-+/* zdrop() -- Remove znode from the tree.
-+
-+ This is called when znode is removed from the memory. */
-+static void zdrop(znode * node /* znode to finish with */ )
-+{
-+ jdrop(ZJNODE(node));
-+}
-+
-+/*
-+ * put znode into right place in the hash table. This is called by relocate
-+ * code.
-+ */
-+int znode_rehash(znode * node /* node to rehash */ ,
-+ const reiser4_block_nr * new_block_nr /* new block number */ )
-+{
-+ z_hash_table *oldtable;
-+ z_hash_table *newtable;
-+ reiser4_tree *tree;
-+
-+ assert("nikita-2018", node != NULL);
-+
-+ tree = znode_get_tree(node);
-+ oldtable = znode_get_htable(node);
-+ newtable = get_htable(tree, new_block_nr);
-+
-+ write_lock_tree(tree);
-+ /* remove znode from hash-table */
-+ z_hash_remove_rcu(oldtable, node);
-+
-+ /* assertion no longer valid due to RCU */
-+ /* assert("nikita-2019", z_hash_find(newtable, new_block_nr) == NULL); */
-+
-+ /* update blocknr */
-+ znode_set_block(node, new_block_nr);
-+ node->zjnode.key.z = *new_block_nr;
-+
-+ /* insert it into hash */
-+ z_hash_insert_rcu(newtable, node);
-+ write_unlock_tree(tree);
-+ return 0;
-+}
-+
-+/* ZNODE LOOKUP, GET, PUT */
-+
-+/* zlook() - get znode with given block_nr in a hash table or return NULL
-+
-+ If result is non-NULL then the znode's x_count is incremented. Internal version
-+ accepts pre-computed hash index. The hash table is accessed under caller's
-+ tree->hash_lock.
-+*/
-+znode *zlook(reiser4_tree * tree, const reiser4_block_nr * const blocknr)
-+{
-+ znode *result;
-+ __u32 hash;
-+ z_hash_table *htable;
-+
-+ assert("jmacd-506", tree != NULL);
-+ assert("jmacd-507", blocknr != NULL);
-+
-+ htable = get_htable(tree, blocknr);
-+ hash = blknrhashfn(htable, blocknr);
-+
-+ rcu_read_lock();
-+ result = z_hash_find_index(htable, hash, blocknr);
-+
-+ if (result != NULL) {
-+ add_x_ref(ZJNODE(result));
-+ result = znode_rip_check(tree, result);
-+ }
-+ rcu_read_unlock();
-+
-+ return result;
-+}
-+
-+/* return hash table where znode with block @blocknr is (or should be)
-+ * stored */
-+static z_hash_table *get_htable(reiser4_tree * tree,
-+ const reiser4_block_nr * const blocknr)
-+{
-+ z_hash_table *table;
-+ if (is_disk_addr_unallocated(blocknr))
-+ table = &tree->zfake_table;
-+ else
-+ table = &tree->zhash_table;
-+ return table;
-+}
-+
-+/* return hash table where znode @node is (or should be) stored */
-+static z_hash_table *znode_get_htable(const znode * node)
-+{
-+ return get_htable(znode_get_tree(node), znode_get_block(node));
-+}
-+
-+/* zget() - get znode from hash table, allocating it if necessary.
-+
-+ First a call to zlook, locating a x-referenced znode if one
-+ exists. If znode is not found, allocate new one and return. Result
-+ is returned with x_count reference increased.
-+
-+ LOCKS TAKEN: TREE_LOCK, ZNODE_LOCK
-+ LOCK ORDERING: NONE
-+*/
-+znode *zget(reiser4_tree * tree,
-+ const reiser4_block_nr * const blocknr,
-+ znode * parent, tree_level level, gfp_t gfp_flag)
-+{
-+ znode *result;
-+ __u32 hashi;
-+
-+ z_hash_table *zth;
-+
-+ assert("jmacd-512", tree != NULL);
-+ assert("jmacd-513", blocknr != NULL);
-+ assert("jmacd-514", level < REISER4_MAX_ZTREE_HEIGHT);
-+
-+ zth = get_htable(tree, blocknr);
-+ hashi = blknrhashfn(zth, blocknr);
-+
-+ /* NOTE-NIKITA address-as-unallocated-blocknr still is not
-+ implemented. */
-+
-+ z_hash_prefetch_bucket(zth, hashi);
-+
-+ rcu_read_lock();
-+ /* Find a matching BLOCKNR in the hash table. If the znode is found,
-+ we obtain an reference (x_count) but the znode remains unlocked.
-+ Have to worry about race conditions later. */
-+ result = z_hash_find_index(zth, hashi, blocknr);
-+ /* According to the current design, the hash table lock protects new
-+ znode references. */
-+ if (result != NULL) {
-+ add_x_ref(ZJNODE(result));
-+ /* NOTE-NIKITA it should be so, but special case during
-+ creation of new root makes such assertion highly
-+ complicated. */
-+ assert("nikita-2131", 1 || znode_parent(result) == parent ||
-+ (ZF_ISSET(result, JNODE_ORPHAN)
-+ && (znode_parent(result) == NULL)));
-+ result = znode_rip_check(tree, result);
-+ }
-+
-+ rcu_read_unlock();
-+
-+ if (!result) {
-+ znode *shadow;
-+
-+ result = zalloc(gfp_flag);
-+ if (!result) {
-+ return ERR_PTR(RETERR(-ENOMEM));
-+ }
-+
-+ zinit(result, parent, tree);
-+ ZJNODE(result)->blocknr = *blocknr;
-+ ZJNODE(result)->key.z = *blocknr;
-+ result->level = level;
-+
-+ write_lock_tree(tree);
-+
-+ shadow = z_hash_find_index(zth, hashi, blocknr);
-+ if (unlikely(shadow != NULL && !ZF_ISSET(shadow, JNODE_RIP))) {
-+ jnode_list_remove(ZJNODE(result));
-+ zfree(result);
-+ result = shadow;
-+ } else {
-+ result->version = znode_build_version(tree);
-+ z_hash_insert_index_rcu(zth, hashi, result);
-+
-+ if (parent != NULL)
-+ ++parent->c_count;
-+ }
-+
-+ add_x_ref(ZJNODE(result));
-+
-+ write_unlock_tree(tree);
-+ }
-+#if REISER4_DEBUG
-+ if (!blocknr_is_fake(blocknr) && *blocknr != 0)
-+ reiser4_check_block(blocknr, 1);
-+#endif
-+ /* Check for invalid tree level, return -EIO */
-+ if (unlikely(znode_get_level(result) != level)) {
-+ warning("jmacd-504",
-+ "Wrong level for cached block %llu: %i expecting %i",
-+ (unsigned long long)(*blocknr), znode_get_level(result),
-+ level);
-+ zput(result);
-+ return ERR_PTR(RETERR(-EIO));
-+ }
-+
-+ assert("nikita-1227", znode_invariant(result));
-+
-+ return result;
-+}
-+
-+/* ZNODE PLUGINS/DATA */
-+
-+/* "guess" plugin for node loaded from the disk. Plugin id of node plugin is
-+ stored at the fixed offset from the beginning of the node. */
-+static node_plugin *znode_guess_plugin(const znode * node /* znode to guess
-+ * plugin of */ )
-+{
-+ reiser4_tree *tree;
-+
-+ assert("nikita-1053", node != NULL);
-+ assert("nikita-1055", zdata(node) != NULL);
-+
-+ tree = znode_get_tree(node);
-+ assert("umka-053", tree != NULL);
-+
-+ if (reiser4_is_set(tree->super, REISER4_ONE_NODE_PLUGIN)) {
-+ return tree->nplug;
-+ } else {
-+ return node_plugin_by_disk_id
-+ (tree, &((common_node_header *) zdata(node))->plugin_id);
-+#ifdef GUESS_EXISTS
-+ reiser4_plugin *plugin;
-+
-+ /* NOTE-NIKITA add locking here when dynamic plugins will be
-+ * implemented */
-+ for_all_plugins(REISER4_NODE_PLUGIN_TYPE, plugin) {
-+ if ((plugin->u.node.guess != NULL)
-+ && plugin->u.node.guess(node))
-+ return plugin;
-+ }
-+ warning("nikita-1057", "Cannot guess node plugin");
-+ print_znode("node", node);
-+ return NULL;
-+#endif
-+ }
-+}
-+
-+/* parse node header and install ->node_plugin */
-+int zparse(znode * node /* znode to parse */ )
-+{
-+ int result;
-+
-+ assert("nikita-1233", node != NULL);
-+ assert("nikita-2370", zdata(node) != NULL);
-+
-+ if (node->nplug == NULL) {
-+ node_plugin *nplug;
-+
-+ nplug = znode_guess_plugin(node);
-+ if (likely(nplug != NULL)) {
-+ result = nplug->parse(node);
-+ if (likely(result == 0))
-+ node->nplug = nplug;
-+ } else {
-+ result = RETERR(-EIO);
-+ }
-+ } else
-+ result = 0;
-+ return result;
-+}
-+
-+/* zload with readahead */
-+int zload_ra(znode * node /* znode to load */ , ra_info_t * info)
-+{
-+ int result;
-+
-+ assert("nikita-484", node != NULL);
-+ assert("nikita-1377", znode_invariant(node));
-+ assert("jmacd-7771", !znode_above_root(node));
-+ assert("nikita-2125", atomic_read(&ZJNODE(node)->x_count) > 0);
-+ assert("nikita-3016", schedulable());
-+
-+ if (info)
-+ formatted_readahead(node, info);
-+
-+ result = jload(ZJNODE(node));
-+ assert("nikita-1378", znode_invariant(node));
-+ return result;
-+}
-+
-+/* load content of node into memory */
-+int zload(znode * node)
-+{
-+ return zload_ra(node, NULL);
-+}
-+
-+/* call node plugin to initialise newly allocated node. */
-+int zinit_new(znode * node /* znode to initialise */ , gfp_t gfp_flags)
-+{
-+ return jinit_new(ZJNODE(node), gfp_flags);
-+}
-+
-+/* drop reference to node data. When last reference is dropped, data are
-+ unloaded. */
-+void zrelse(znode * node /* znode to release references to */ )
-+{
-+ assert("nikita-1381", znode_invariant(node));
-+
-+ jrelse(ZJNODE(node));
-+}
-+
-+/* returns free space in node */
-+unsigned znode_free_space(znode * node /* znode to query */ )
-+{
-+ assert("nikita-852", node != NULL);
-+ return node_plugin_by_node(node)->free_space(node);
-+}
-+
-+/* left delimiting key of znode */
-+reiser4_key *znode_get_rd_key(znode * node /* znode to query */ )
-+{
-+ assert("nikita-958", node != NULL);
-+ assert_rw_locked(&(znode_get_tree(node)->dk_lock));
-+ assert("nikita-3067", LOCK_CNT_GTZ(rw_locked_dk));
-+ assert("nikita-30671", node->rd_key_version != 0);
-+ return &node->rd_key;
-+}
-+
-+/* right delimiting key of znode */
-+reiser4_key *znode_get_ld_key(znode * node /* znode to query */ )
-+{
-+ assert("nikita-974", node != NULL);
-+ assert_rw_locked(&(znode_get_tree(node)->dk_lock));
-+ assert("nikita-3068", LOCK_CNT_GTZ(rw_locked_dk));
-+ assert("nikita-30681", node->ld_key_version != 0);
-+ return &node->ld_key;
-+}
-+
-+ON_DEBUG(atomic_t delim_key_version = ATOMIC_INIT(0);
-+ )
-+
-+/* update right-delimiting key of @node */
-+reiser4_key *znode_set_rd_key(znode * node, const reiser4_key * key)
-+{
-+ assert("nikita-2937", node != NULL);
-+ assert("nikita-2939", key != NULL);
-+ assert_rw_write_locked(&(znode_get_tree(node)->dk_lock));
-+ assert("nikita-3069", LOCK_CNT_GTZ(write_locked_dk));
-+ assert("nikita-2944",
-+ znode_is_any_locked(node) ||
-+ znode_get_level(node) != LEAF_LEVEL ||
-+ keyge(key, &node->rd_key) ||
-+ keyeq(&node->rd_key, min_key()) ||
-+ ZF_ISSET(node, JNODE_HEARD_BANSHEE));
-+
-+ node->rd_key = *key;
-+ ON_DEBUG(node->rd_key_version = atomic_inc_return(&delim_key_version));
-+ return &node->rd_key;
-+}
-+
-+/* update left-delimiting key of @node */
-+reiser4_key *znode_set_ld_key(znode * node, const reiser4_key * key)
-+{
-+ assert("nikita-2940", node != NULL);
-+ assert("nikita-2941", key != NULL);
-+ assert_rw_write_locked(&(znode_get_tree(node)->dk_lock));
-+ assert("nikita-3070", LOCK_CNT_GTZ(write_locked_dk));
-+ assert("nikita-2943",
-+ znode_is_any_locked(node) || keyeq(&node->ld_key, min_key()));
-+
-+ node->ld_key = *key;
-+ ON_DEBUG(node->ld_key_version = atomic_inc_return(&delim_key_version));
-+ return &node->ld_key;
-+}
-+
-+/* true if @key is inside key range for @node */
-+int znode_contains_key(znode * node /* znode to look in */ ,
-+ const reiser4_key * key /* key to look for */ )
-+{
-+ assert("nikita-1237", node != NULL);
-+ assert("nikita-1238", key != NULL);
-+
-+ /* left_delimiting_key <= key <= right_delimiting_key */
-+ return keyle(znode_get_ld_key(node), key)
-+ && keyle(key, znode_get_rd_key(node));
-+}
-+
-+/* same as znode_contains_key(), but lock dk lock */
-+int znode_contains_key_lock(znode * node /* znode to look in */ ,
-+ const reiser4_key * key /* key to look for */ )
-+{
-+ int result;
-+
-+ assert("umka-056", node != NULL);
-+ assert("umka-057", key != NULL);
-+
-+ read_lock_dk(znode_get_tree(node));
-+ result = znode_contains_key(node, key);
-+ read_unlock_dk(znode_get_tree(node));
-+ return result;
-+}
-+
-+/* get parent pointer, assuming tree is not locked */
-+znode *znode_parent_nolock(const znode * node /* child znode */ )
-+{
-+ assert("nikita-1444", node != NULL);
-+ return node->in_parent.node;
-+}
-+
-+/* get parent pointer of znode */
-+znode *znode_parent(const znode * node /* child znode */ )
-+{
-+ assert("nikita-1226", node != NULL);
-+ assert("nikita-1406", LOCK_CNT_GTZ(rw_locked_tree));
-+ return znode_parent_nolock(node);
-+}
-+
-+/* detect uber znode used to protect in-superblock tree root pointer */
-+int znode_above_root(const znode * node /* znode to query */ )
-+{
-+ assert("umka-059", node != NULL);
-+
-+ return disk_addr_eq(&ZJNODE(node)->blocknr, &UBER_TREE_ADDR);
-+}
-+
-+/* check that @node is root---that its block number is recorder in the tree as
-+ that of root node */
-+#if REISER4_DEBUG
-+static int znode_is_true_root(const znode * node /* znode to query */ )
-+{
-+ assert("umka-060", node != NULL);
-+ assert("umka-061", current_tree != NULL);
-+
-+ return disk_addr_eq(znode_get_block(node),
-+ &znode_get_tree(node)->root_block);
-+}
-+#endif
-+
-+/* check that @node is root */
-+int znode_is_root(const znode * node /* znode to query */ )
-+{
-+ assert("nikita-1206", node != NULL);
-+
-+ return znode_get_level(node) == znode_get_tree(node)->height;
-+}
-+
-+/* Returns true is @node was just created by zget() and wasn't ever loaded
-+ into memory. */
-+/* NIKITA-HANS: yes */
-+int znode_just_created(const znode * node)
-+{
-+ assert("nikita-2188", node != NULL);
-+ return (znode_page(node) == NULL);
-+}
-+
-+/* obtain updated ->znode_epoch. See seal.c for description. */
-+__u64 znode_build_version(reiser4_tree * tree)
-+{
-+ __u64 result;
-+
-+ spin_lock(&tree->epoch_lock);
-+ result = ++tree->znode_epoch;
-+ spin_unlock(&tree->epoch_lock);
-+ return result;
-+}
-+
-+void init_load_count(load_count * dh)
-+{
-+ assert("nikita-2105", dh != NULL);
-+ memset(dh, 0, sizeof *dh);
-+}
-+
-+void done_load_count(load_count * dh)
-+{
-+ assert("nikita-2106", dh != NULL);
-+ if (dh->node != NULL) {
-+ for (; dh->d_ref > 0; --dh->d_ref)
-+ zrelse(dh->node);
-+ dh->node = NULL;
-+ }
-+}
-+
-+static int incr_load_count(load_count * dh)
-+{
-+ int result;
-+
-+ assert("nikita-2110", dh != NULL);
-+ assert("nikita-2111", dh->node != NULL);
-+
-+ result = zload(dh->node);
-+ if (result == 0)
-+ ++dh->d_ref;
-+ return result;
-+}
-+
-+int incr_load_count_znode(load_count * dh, znode * node)
-+{
-+ assert("nikita-2107", dh != NULL);
-+ assert("nikita-2158", node != NULL);
-+ assert("nikita-2109",
-+ ergo(dh->node != NULL, (dh->node == node) || (dh->d_ref == 0)));
-+
-+ dh->node = node;
-+ return incr_load_count(dh);
-+}
-+
-+int incr_load_count_jnode(load_count * dh, jnode * node)
-+{
-+ if (jnode_is_znode(node)) {
-+ return incr_load_count_znode(dh, JZNODE(node));
-+ }
-+ return 0;
-+}
-+
-+void copy_load_count(load_count * new, load_count * old)
-+{
-+ int ret = 0;
-+ done_load_count(new);
-+ new->node = old->node;
-+ new->d_ref = 0;
-+
-+ while ((new->d_ref < old->d_ref) && (ret = incr_load_count(new)) == 0) {
-+ }
-+
-+ assert("jmacd-87589", ret == 0);
-+}
-+
-+void move_load_count(load_count * new, load_count * old)
-+{
-+ done_load_count(new);
-+ new->node = old->node;
-+ new->d_ref = old->d_ref;
-+ old->node = NULL;
-+ old->d_ref = 0;
-+}
-+
-+/* convert parent pointer into coord */
-+void parent_coord_to_coord(const parent_coord_t * pcoord, coord_t * coord)
-+{
-+ assert("nikita-3204", pcoord != NULL);
-+ assert("nikita-3205", coord != NULL);
-+
-+ coord_init_first_unit_nocheck(coord, pcoord->node);
-+ coord_set_item_pos(coord, pcoord->item_pos);
-+ coord->between = AT_UNIT;
-+}
-+
-+/* pack coord into parent_coord_t */
-+void coord_to_parent_coord(const coord_t * coord, parent_coord_t * pcoord)
-+{
-+ assert("nikita-3206", pcoord != NULL);
-+ assert("nikita-3207", coord != NULL);
-+
-+ pcoord->node = coord->node;
-+ pcoord->item_pos = coord->item_pos;
-+}
-+
-+/* Initialize a parent hint pointer. (parent hint pointer is a field in znode,
-+ look for comments there) */
-+void init_parent_coord(parent_coord_t * pcoord, const znode * node)
-+{
-+ pcoord->node = (znode *) node;
-+ pcoord->item_pos = (unsigned short)~0;
-+}
-+
-+#if REISER4_DEBUG
-+
-+/* debugging aid: znode invariant */
-+static int znode_invariant_f(const znode * node /* znode to check */ ,
-+ char const **msg /* where to store error
-+ * message, if any */ )
-+{
-+#define _ergo(ant, con) \
-+ ((*msg) = "{" #ant "} ergo {" #con "}", ergo((ant), (con)))
-+
-+#define _equi(e1, e2) \
-+ ((*msg) = "{" #e1 "} <=> {" #e2 "}", equi((e1), (e2)))
-+
-+#define _check(exp) ((*msg) = #exp, (exp))
-+
-+ return jnode_invariant_f(ZJNODE(node), msg) &&
-+ /* [znode-fake] invariant */
-+ /* fake znode doesn't have a parent, and */
-+ _ergo(znode_get_level(node) == 0, znode_parent(node) == NULL) &&
-+ /* there is another way to express this very check, and */
-+ _ergo(znode_above_root(node), znode_parent(node) == NULL) &&
-+ /* it has special block number, and */
-+ _ergo(znode_get_level(node) == 0,
-+ disk_addr_eq(znode_get_block(node), &UBER_TREE_ADDR)) &&
-+ /* it is the only znode with such block number, and */
-+ _ergo(!znode_above_root(node) && znode_is_loaded(node),
-+ !disk_addr_eq(znode_get_block(node), &UBER_TREE_ADDR)) &&
-+ /* it is parent of the tree root node */
-+ _ergo(znode_is_true_root(node),
-+ znode_above_root(znode_parent(node))) &&
-+ /* [znode-level] invariant */
-+ /* level of parent znode is one larger than that of child,
-+ except for the fake znode, and */
-+ _ergo(znode_parent(node) && !znode_above_root(znode_parent(node)),
-+ znode_get_level(znode_parent(node)) ==
-+ znode_get_level(node) + 1) &&
-+ /* left neighbor is at the same level, and */
-+ _ergo(znode_is_left_connected(node) && node->left != NULL,
-+ znode_get_level(node) == znode_get_level(node->left)) &&
-+ /* right neighbor is at the same level */
-+ _ergo(znode_is_right_connected(node) && node->right != NULL,
-+ znode_get_level(node) == znode_get_level(node->right)) &&
-+ /* [znode-connected] invariant */
-+ _ergo(node->left != NULL, znode_is_left_connected(node)) &&
-+ _ergo(node->right != NULL, znode_is_right_connected(node)) &&
-+ _ergo(!znode_is_root(node) && node->left != NULL,
-+ znode_is_right_connected(node->left) &&
-+ node->left->right == node) &&
-+ _ergo(!znode_is_root(node) && node->right != NULL,
-+ znode_is_left_connected(node->right) &&
-+ node->right->left == node) &&
-+ /* [znode-c_count] invariant */
-+ /* for any znode, c_count of its parent is greater than 0 */
-+ _ergo(znode_parent(node) != NULL &&
-+ !znode_above_root(znode_parent(node)),
-+ znode_parent(node)->c_count > 0) &&
-+ /* leaves don't have children */
-+ _ergo(znode_get_level(node) == LEAF_LEVEL,
-+ node->c_count == 0) &&
-+ _check(node->zjnode.jnodes.prev != NULL) &&
-+ _check(node->zjnode.jnodes.next != NULL) &&
-+ /* orphan doesn't have a parent */
-+ _ergo(ZF_ISSET(node, JNODE_ORPHAN), znode_parent(node) == 0) &&
-+ /* [znode-modify] invariant */
-+ /* if znode is not write-locked, its checksum remains
-+ * invariant */
-+ /* unfortunately, zlock is unordered w.r.t. jnode_lock, so we
-+ * cannot check this. */
-+ /* [znode-refs] invariant */
-+ /* only referenced znode can be long-term locked */
-+ _ergo(znode_is_locked(node),
-+ atomic_read(&ZJNODE(node)->x_count) != 0);
-+}
-+
-+/* debugging aid: check znode invariant and panic if it doesn't hold */
-+int znode_invariant(znode * node /* znode to check */ )
-+{
-+ char const *failed_msg;
-+ int result;
-+
-+ assert("umka-063", node != NULL);
-+ assert("umka-064", current_tree != NULL);
-+
-+ spin_lock_znode(node);
-+ read_lock_tree(znode_get_tree(node));
-+ result = znode_invariant_f(node, &failed_msg);
-+ if (!result) {
-+ /* print_znode("corrupted node", node); */
-+ warning("jmacd-555", "Condition %s failed", failed_msg);
-+ }
-+ read_unlock_tree(znode_get_tree(node));
-+ spin_unlock_znode(node);
-+ return result;
-+}
-+
-+/* return non-0 iff data are loaded into znode */
-+int znode_is_loaded(const znode * node /* znode to query */ )
-+{
-+ assert("nikita-497", node != NULL);
-+ return jnode_is_loaded(ZJNODE(node));
-+}
-+
-+unsigned long znode_times_locked(const znode * z)
-+{
-+ return z->times_locked;
-+}
-+
-+#endif /* REISER4_DEBUG */
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/fs/reiser4/znode.h
-===================================================================
---- /dev/null
-+++ linux-2.6.16/fs/reiser4/znode.h
-@@ -0,0 +1,434 @@
-+/* Copyright 2001, 2002, 2003, 2004 by Hans Reiser, licensing governed by
-+ * reiser4/README */
-+
-+/* Declaration of znode (Zam's node). See znode.c for more details. */
-+
-+#ifndef __ZNODE_H__
-+#define __ZNODE_H__
-+
-+#include "forward.h"
-+#include "debug.h"
-+#include "dformat.h"
-+#include "key.h"
-+#include "coord.h"
-+#include "plugin/node/node.h"
-+#include "jnode.h"
-+#include "lock.h"
-+#include "readahead.h"
-+
-+#include <linux/types.h>
-+#include <linux/spinlock.h>
-+#include <linux/pagemap.h> /* for PAGE_CACHE_SIZE */
-+#include <asm/atomic.h>
-+#include <asm/semaphore.h>
-+
-+/* znode tracks its position within parent (internal item in a parent node,
-+ * that contains znode's block number). */
-+typedef struct parent_coord {
-+ znode *node;
-+ pos_in_node_t item_pos;
-+} parent_coord_t;
-+
-+/* &znode - node in a reiser4 tree.
-+
-+ NOTE-NIKITA fields in this struct have to be rearranged (later) to reduce
-+ cacheline pressure.
-+
-+ Locking:
-+
-+ Long term: data in a disk node attached to this znode are protected
-+ by long term, deadlock aware lock ->lock;
-+
-+ Spin lock: the following fields are protected by the spin lock:
-+
-+ ->lock
-+
-+ Following fields are protected by the global tree lock:
-+
-+ ->left
-+ ->right
-+ ->in_parent
-+ ->c_count
-+
-+ Following fields are protected by the global delimiting key lock (dk_lock):
-+
-+ ->ld_key (to update ->ld_key long-term lock on the node is also required)
-+ ->rd_key
-+
-+ Following fields are protected by the long term lock:
-+
-+ ->nr_items
-+
-+ ->node_plugin is never changed once set. This means that after code made
-+ itself sure that field is valid it can be accessed without any additional
-+ locking.
-+
-+ ->level is immutable.
-+
-+ Invariants involving this data-type:
-+
-+ [znode-fake]
-+ [znode-level]
-+ [znode-connected]
-+ [znode-c_count]
-+ [znode-refs]
-+ [jnode-refs]
-+ [jnode-queued]
-+ [znode-modify]
-+
-+ For this to be made into a clustering or NUMA filesystem, we would want to eliminate all of the global locks.
-+ Suggestions for how to do that are desired.*/
-+struct znode {
-+ /* Embedded jnode. */
-+ jnode zjnode;
-+
-+ /* contains three subfields, node, pos_in_node, and pos_in_unit.
-+
-+ pos_in_node and pos_in_unit are only hints that are cached to
-+ speed up lookups during balancing. They are not required to be up to
-+ date. Synched in find_child_ptr().
-+
-+ This value allows us to avoid expensive binary searches.
-+
-+ in_parent->node points to the parent of this node, and is NOT a
-+ hint.
-+ */
-+ parent_coord_t in_parent;
-+
-+ /*
-+ * sibling list pointers
-+ */
-+
-+ /* left-neighbor */
-+ znode *left;
-+ /* right-neighbor */
-+ znode *right;
-+
-+ /* long term lock on node content. This lock supports deadlock
-+ detection. See lock.c
-+ */
-+ zlock lock;
-+
-+ /* You cannot remove from memory a node that has children in
-+ memory. This is because we rely on the fact that parent of given
-+ node can always be reached without blocking for io. When reading a
-+ node into memory you must increase the c_count of its parent, when
-+ removing it from memory you must decrease the c_count. This makes
-+ the code simpler, and the cases where it is suboptimal are truly
-+ obscure.
-+ */
-+ int c_count;
-+
-+ /* plugin of node attached to this znode. NULL if znode is not
-+ loaded. */
-+ node_plugin *nplug;
-+
-+ /* version of znode data. This is increased on each modification. This
-+ * is necessary to implement seals (see seal.[ch]) efficiently. */
-+ __u64 version;
-+
-+ /* left delimiting key. Necessary to efficiently perform
-+ balancing with node-level locking. Kept in memory only. */
-+ reiser4_key ld_key;
-+ /* right delimiting key. */
-+ reiser4_key rd_key;
-+
-+ /* znode's tree level */
-+ __u16 level;
-+ /* number of items in this node. This field is modified by node
-+ * plugin. */
-+ __u16 nr_items;
-+
-+#if REISER4_DEBUG
-+ void *creator;
-+ reiser4_key first_key;
-+ unsigned long times_locked;
-+ int left_version; /* when node->left was updated */
-+ int right_version; /* when node->right was updated */
-+ int ld_key_version; /* when node->ld_key was updated */
-+ int rd_key_version; /* when node->rd_key was updated */
-+#endif
-+
-+} __attribute__ ((aligned(16)));
-+
-+ON_DEBUG(extern atomic_t delim_key_version;
-+ )
-+
-+/* In general I think these macros should not be exposed. */
-+#define znode_is_locked(node) (lock_is_locked(&node->lock))
-+#define znode_is_rlocked(node) (lock_is_rlocked(&node->lock))
-+#define znode_is_wlocked(node) (lock_is_wlocked(&node->lock))
-+#define znode_is_wlocked_once(node) (lock_is_wlocked_once(&node->lock))
-+#define znode_can_be_rlocked(node) (lock_can_be_rlocked(&node->lock))
-+#define is_lock_compatible(node, mode) (lock_mode_compatible(&node->lock, mode))
-+/* Macros for accessing the znode state. */
-+#define ZF_CLR(p,f) JF_CLR (ZJNODE(p), (f))
-+#define ZF_ISSET(p,f) JF_ISSET(ZJNODE(p), (f))
-+#define ZF_SET(p,f) JF_SET (ZJNODE(p), (f))
-+extern znode *zget(reiser4_tree * tree, const reiser4_block_nr * const block,
-+ znode * parent, tree_level level, gfp_t gfp_flag);
-+extern znode *zlook(reiser4_tree * tree, const reiser4_block_nr * const block);
-+extern int zload(znode * node);
-+extern int zload_ra(znode * node, ra_info_t * info);
-+extern int zinit_new(znode * node, gfp_t gfp_flags);
-+extern void zrelse(znode * node);
-+extern void znode_change_parent(znode * new_parent, reiser4_block_nr * block);
-+
-+/* size of data in znode */
-+static inline unsigned
-+znode_size(const znode * node UNUSED_ARG /* znode to query */ )
-+{
-+ assert("nikita-1416", node != NULL);
-+ return PAGE_CACHE_SIZE;
-+}
-+
-+extern void parent_coord_to_coord(const parent_coord_t * pcoord,
-+ coord_t * coord);
-+extern void coord_to_parent_coord(const coord_t * coord,
-+ parent_coord_t * pcoord);
-+extern void init_parent_coord(parent_coord_t * pcoord, const znode * node);
-+
-+extern unsigned znode_free_space(znode * node);
-+
-+extern reiser4_key *znode_get_rd_key(znode * node);
-+extern reiser4_key *znode_get_ld_key(znode * node);
-+
-+extern reiser4_key *znode_set_rd_key(znode * node, const reiser4_key * key);
-+extern reiser4_key *znode_set_ld_key(znode * node, const reiser4_key * key);
-+
-+/* `connected' state checks */
-+static inline int znode_is_right_connected(const znode * node)
-+{
-+ return ZF_ISSET(node, JNODE_RIGHT_CONNECTED);
-+}
-+
-+static inline int znode_is_left_connected(const znode * node)
-+{
-+ return ZF_ISSET(node, JNODE_LEFT_CONNECTED);
-+}
-+
-+static inline int znode_is_connected(const znode * node)
-+{
-+ return znode_is_right_connected(node) && znode_is_left_connected(node);
-+}
-+
-+extern int znode_shift_order;
-+extern int znode_rehash(znode * node, const reiser4_block_nr * new_block_nr);
-+extern void znode_remove(znode *, reiser4_tree *);
-+extern znode *znode_parent(const znode * node);
-+extern znode *znode_parent_nolock(const znode * node);
-+extern int znode_above_root(const znode * node);
-+extern int init_znodes(void);
-+extern void done_znodes(void);
-+extern int znodes_tree_init(reiser4_tree * ztree);
-+extern void znodes_tree_done(reiser4_tree * ztree);
-+extern int znode_contains_key(znode * node, const reiser4_key * key);
-+extern int znode_contains_key_lock(znode * node, const reiser4_key * key);
-+extern unsigned znode_save_free_space(znode * node);
-+extern unsigned znode_recover_free_space(znode * node);
-+extern znode *zalloc(gfp_t gfp_flag);
-+extern void zinit(znode *, const znode * parent, reiser4_tree *);
-+extern int zparse(znode * node);
-+
-+
-+extern int znode_just_created(const znode * node);
-+
-+extern void zfree(znode * node);
-+
-+#if REISER4_DEBUG
-+extern void print_znode(const char *prefix, const znode * node);
-+#else
-+#define print_znode( p, n ) noop
-+#endif
-+
-+/* Make it look like various znode functions exist instead of treating znodes as
-+ jnodes in znode-specific code. */
-+#define znode_page(x) jnode_page ( ZJNODE(x) )
-+#define zdata(x) jdata ( ZJNODE(x) )
-+#define znode_get_block(x) jnode_get_block ( ZJNODE(x) )
-+#define znode_created(x) jnode_created ( ZJNODE(x) )
-+#define znode_set_created(x) jnode_set_created ( ZJNODE(x) )
-+#define znode_convertible(x) jnode_convertible (ZJNODE(x))
-+#define znode_set_convertible(x) jnode_set_convertible (ZJNODE(x))
-+
-+#define znode_is_dirty(x) jnode_is_dirty ( ZJNODE(x) )
-+#define znode_check_dirty(x) jnode_check_dirty ( ZJNODE(x) )
-+#define znode_make_clean(x) jnode_make_clean ( ZJNODE(x) )
-+#define znode_set_block(x, b) jnode_set_block ( ZJNODE(x), (b) )
-+
-+#define spin_lock_znode(x) spin_lock_jnode ( ZJNODE(x) )
-+#define spin_unlock_znode(x) spin_unlock_jnode ( ZJNODE(x) )
-+#define spin_trylock_znode(x) spin_trylock_jnode ( ZJNODE(x) )
-+#define spin_znode_is_locked(x) spin_jnode_is_locked ( ZJNODE(x) )
-+#define spin_znode_is_not_locked(x) spin_jnode_is_not_locked ( ZJNODE(x) )
-+
-+#if REISER4_DEBUG
-+extern int znode_x_count_is_protected(const znode * node);
-+extern int znode_invariant(znode * node);
-+#endif
-+
-+/* acquire reference to @node */
-+static inline znode *zref(znode * node)
-+{
-+ /* change of x_count from 0 to 1 is protected by tree spin-lock */
-+ return JZNODE(jref(ZJNODE(node)));
-+}
-+
-+/* release reference to @node */
-+static inline void zput(znode * node)
-+{
-+ assert("nikita-3564", znode_invariant(node));
-+ jput(ZJNODE(node));
-+}
-+
-+/* get the level field for a znode */
-+static inline tree_level znode_get_level(const znode * node)
-+{
-+ return node->level;
-+}
-+
-+/* get the level field for a jnode */
-+static inline tree_level jnode_get_level(const jnode * node)
-+{
-+ if (jnode_is_znode(node))
-+ return znode_get_level(JZNODE(node));
-+ else
-+ /* unformatted nodes are all at the LEAF_LEVEL and for
-+ "semi-formatted" nodes like bitmaps, level doesn't matter. */
-+ return LEAF_LEVEL;
-+}
-+
-+/* true if jnode is on leaf level */
-+static inline int jnode_is_leaf(const jnode * node)
-+{
-+ if (jnode_is_znode(node))
-+ return (znode_get_level(JZNODE(node)) == LEAF_LEVEL);
-+ if (jnode_get_type(node) == JNODE_UNFORMATTED_BLOCK)
-+ return 1;
-+ return 0;
-+}
-+
-+/* return znode's tree */
-+static inline reiser4_tree *znode_get_tree(const znode * node)
-+{
-+ assert("nikita-2692", node != NULL);
-+ return jnode_get_tree(ZJNODE(node));
-+}
-+
-+/* resolve race with zput */
-+static inline znode *znode_rip_check(reiser4_tree * tree, znode * node)
-+{
-+ jnode *j;
-+
-+ j = jnode_rip_sync(tree, ZJNODE(node));
-+ if (likely(j != NULL))
-+ node = JZNODE(j);
-+ else
-+ node = NULL;
-+ return node;
-+}
-+
-+#if defined(REISER4_DEBUG)
-+int znode_is_loaded(const znode * node /* znode to query */ );
-+#endif
-+
-+extern __u64 znode_build_version(reiser4_tree * tree);
-+
-+/* Data-handles. A data handle object manages pairing calls to zload() and zrelse(). We
-+ must load the data for a node in many places. We could do this by simply calling
-+ zload() everywhere, the difficulty arises when we must release the loaded data by
-+ calling zrelse. In a function with many possible error/return paths, it requires extra
-+ work to figure out which exit paths must call zrelse and those which do not. The data
-+ handle automatically calls zrelse for every zload that it is responsible for. In that
-+ sense, it acts much like a lock_handle.
-+*/
-+typedef struct load_count {
-+ znode *node;
-+ int d_ref;
-+} load_count;
-+
-+extern void init_load_count(load_count * lc); /* Initialize a load_count set the current node to NULL. */
-+extern void done_load_count(load_count * dh); /* Finalize a load_count: call zrelse() if necessary */
-+extern int incr_load_count_znode(load_count * dh, znode * node); /* Set the argument znode to the current node, call zload(). */
-+extern int incr_load_count_jnode(load_count * dh, jnode * node); /* If the argument jnode is formatted, do the same as
-+ * incr_load_count_znode, otherwise do nothing (unformatted nodes
-+ * don't require zload/zrelse treatment). */
-+extern void move_load_count(load_count * new, load_count * old); /* Move the contents of a load_count. Old handle is released. */
-+extern void copy_load_count(load_count * new, load_count * old); /* Copy the contents of a load_count. Old handle remains held. */
-+
-+/* Variable initializers for load_count. */
-+#define INIT_LOAD_COUNT ( load_count * ){ .node = NULL, .d_ref = 0 }
-+#define INIT_LOAD_COUNT_NODE( n ) ( load_count ){ .node = ( n ), .d_ref = 0 }
-+/* A convenience macro for use in assertions or debug-only code, where loaded
-+ data is only required to perform the debugging check. This macro
-+ encapsulates an expression inside a pair of calls to zload()/zrelse(). */
-+#define WITH_DATA( node, exp ) \
-+({ \
-+ long __with_dh_result; \
-+ znode *__with_dh_node; \
-+ \
-+ __with_dh_node = ( node ); \
-+ __with_dh_result = zload( __with_dh_node ); \
-+ if( __with_dh_result == 0 ) { \
-+ __with_dh_result = ( long )( exp ); \
-+ zrelse( __with_dh_node ); \
-+ } \
-+ __with_dh_result; \
-+})
-+
-+/* Same as above, but accepts a return value in case zload fails. */
-+#define WITH_DATA_RET( node, ret, exp ) \
-+({ \
-+ int __with_dh_result; \
-+ znode *__with_dh_node; \
-+ \
-+ __with_dh_node = ( node ); \
-+ __with_dh_result = zload( __with_dh_node ); \
-+ if( __with_dh_result == 0 ) { \
-+ __with_dh_result = ( int )( exp ); \
-+ zrelse( __with_dh_node ); \
-+ } else \
-+ __with_dh_result = ( ret ); \
-+ __with_dh_result; \
-+})
-+
-+#define WITH_COORD(coord, exp) \
-+({ \
-+ coord_t *__coord; \
-+ \
-+ __coord = (coord); \
-+ coord_clear_iplug(__coord); \
-+ WITH_DATA(__coord->node, exp); \
-+})
-+
-+#if REISER4_DEBUG
-+#define STORE_COUNTERS \
-+ lock_counters_info __entry_counters = *lock_counters()
-+#define CHECK_COUNTERS \
-+ON_DEBUG_CONTEXT( \
-+({ \
-+ __entry_counters.x_refs = lock_counters() -> x_refs; \
-+ __entry_counters.t_refs = lock_counters() -> t_refs; \
-+ __entry_counters.d_refs = lock_counters() -> d_refs; \
-+ assert("nikita-2159", \
-+ !memcmp(&__entry_counters, lock_counters(), \
-+ sizeof __entry_counters)); \
-+}) )
-+
-+#else
-+#define STORE_COUNTERS
-+#define CHECK_COUNTERS noop
-+#endif
-+
-+/* __ZNODE_H__ */
-+#endif
-+
-+/* Make Linus happy.
-+ Local variables:
-+ c-indentation-style: "K&R"
-+ mode-name: "LC"
-+ c-basic-offset: 8
-+ tab-width: 8
-+ fill-column: 120
-+ End:
-+*/
-Index: linux-2.6.16/include/linux/fs.h
-===================================================================
---- linux-2.6.16.orig/include/linux/fs.h
-+++ linux-2.6.16/include/linux/fs.h
-@@ -1085,6 +1085,8 @@ struct super_operations {
- void (*clear_inode) (struct inode *);
- void (*umount_begin) (struct super_block *);
-
-+ void (*sync_inodes) (struct super_block *sb,
-+ struct writeback_control *wbc);
- int (*show_options)(struct seq_file *, struct vfsmount *);
-
- ssize_t (*quota_read)(struct super_block *, int, char *, size_t, loff_t);
-@@ -1449,6 +1451,7 @@ extern int invalidate_inode_pages2(struc
- extern int invalidate_inode_pages2_range(struct address_space *mapping,
- pgoff_t start, pgoff_t end);
- extern int write_inode_now(struct inode *, int);
-+extern void generic_sync_sb_inodes(struct super_block *, struct writeback_control *);
- extern int filemap_fdatawrite(struct address_space *);
- extern int filemap_flush(struct address_space *);
- extern int filemap_fdatawait(struct address_space *);
-Index: linux-2.6.16/lib/radix-tree.c
-===================================================================
---- linux-2.6.16.orig/lib/radix-tree.c
-+++ linux-2.6.16/lib/radix-tree.c
-@@ -139,6 +139,7 @@ static inline void tag_set(struct radix_
- {
- __set_bit(offset, node->tags[tag]);
- }
-+EXPORT_SYMBOL(radix_tree_preload);
-
- static inline void tag_clear(struct radix_tree_node *node, int tag, int offset)
- {
-Index: linux-2.6.16/mm/filemap.c
-===================================================================
---- linux-2.6.16.orig/mm/filemap.c
-+++ linux-2.6.16/mm/filemap.c
-@@ -119,6 +119,7 @@ void __remove_from_page_cache(struct pag
- mapping->nrpages--;
- pagecache_acct(-1);
- }
-+EXPORT_SYMBOL(__remove_from_page_cache);
-
- void remove_from_page_cache(struct page *page)
- {
-@@ -130,6 +131,7 @@ void remove_from_page_cache(struct page
- __remove_from_page_cache(page);
- write_unlock_irq(&mapping->tree_lock);
- }
-+EXPORT_SYMBOL(remove_from_page_cache);
-
- static int sync_page(void *word)
- {
-@@ -272,6 +274,7 @@ static int wait_on_page_writeback_range(
-
- return ret;
- }
-+EXPORT_SYMBOL(add_to_page_cache_lru);
-
- /*
- * Write and wait upon all the pages in the passed range. This is a "data
-@@ -632,7 +635,6 @@ repeat:
- page_cache_release(cached_page);
- return page;
- }
--
- EXPORT_SYMBOL(find_or_create_page);
-
- /**
-@@ -665,6 +667,7 @@ unsigned find_get_pages(struct address_s
- read_unlock_irq(&mapping->tree_lock);
- return ret;
- }
-+EXPORT_SYMBOL(find_get_pages);
-
- /*
- * Like find_get_pages, except we only return pages which are tagged with
-@@ -686,6 +689,7 @@ unsigned find_get_pages_tag(struct addre
- read_unlock_irq(&mapping->tree_lock);
- return ret;
- }
-+EXPORT_SYMBOL(find_get_pages_tag);
-
- /*
- * Same as grab_cache_page, but do not wait if the page is unavailable.
-Index: linux-2.6.16/mm/page-writeback.c
-===================================================================
---- linux-2.6.16.orig/mm/page-writeback.c
-+++ linux-2.6.16/mm/page-writeback.c
-@@ -187,7 +187,7 @@ get_dirty_limits(struct writeback_state
- * If we're over `background_thresh' then pdflush is woken to perform some
- * writeout.
- */
--static void balance_dirty_pages(struct address_space *mapping)
-+void balance_dirty_pages(struct address_space *mapping)
- {
- struct writeback_state wbs;
- long nr_reclaimable;
-@@ -253,6 +253,7 @@ static void balance_dirty_pages(struct a
- (!laptop_mode && (nr_reclaimable > background_thresh)))
- pdflush_operation(background_writeout, 0);
- }
-+EXPORT_SYMBOL(balance_dirty_pages);
-
- /**
- * balance_dirty_pages_ratelimited - balance dirty memory state
-Index: linux-2.6.16/mm/readahead.c
-===================================================================
---- linux-2.6.16.orig/mm/readahead.c
-+++ linux-2.6.16/mm/readahead.c
-@@ -541,6 +541,7 @@ page_cache_readahead(struct address_spac
- out:
- return ra->prev_page + 1;
- }
-+EXPORT_SYMBOL_GPL(page_cache_readahead);
-
- /*
- * handle_ra_miss() is called when it is known that a page which should have
-@@ -558,6 +559,7 @@ void handle_ra_miss(struct address_space
- ra->flags &= ~RA_FLAG_INCACHE;
- ra->cache_hit = 0;
- }
-+EXPORT_SYMBOL_GPL(handle_ra_miss);
-
- /*
- * Given a desired number of PAGE_CACHE_SIZE readahead pages, return a
+++ /dev/null
-diff -urN squidGuard-1.2.0_orig/configure.in squidGuard-1.2.0/configure.in
---- squidGuard-1.2.0_orig/configure.in 2001-12-18 10:16:36.000000000 +0000
-+++ squidGuard-1.2.0/configure.in 2006-06-10 12:29:26.000000000 +0000
-@@ -71,7 +71,12 @@
-
- dnl Checks for libraries.
-
--AC_CHECK_LIB(db,db_version,,[
-+AC_CHECK_LIB(db,db_version,,
-+AC_CHECK_LIB(db,db_version_4000,,
-+AC_CHECK_LIB(db,db_version_4001,,
-+AC_CHECK_LIB(db,db_version_4002,,
-+AC_CHECK_LIB(db,db_version_4003,,
-+AC_CHECK_LIB(db,db_version_4004,,[
- echo
- echo "** The Berkley DB library is required for squidGuard"
- echo " to compile. Get it from http://www.sleepycat.com"
-@@ -79,7 +84,7 @@
- echo " its location. (default is $dbprefix/BerkeleyDB)"
- echo
- exit 1
-- ])
-+ ]))))))
-
- dnl Checks for header files.
- AC_HEADER_STDC
-diff -urN squidGuard-1.2.0_orig/src/sgDb.c squidGuard-1.2.0/src/sgDb.c
---- squidGuard-1.2.0_orig/src/sgDb.c 2001-05-14 13:40:12.000000000 +0000
-+++ squidGuard-1.2.0/src/sgDb.c 2006-06-10 12:27:04.000000000 +0000
-@@ -98,13 +98,21 @@
- if(createdb)
- flag = flag | DB_TRUNCATE;
- if ((ret =
-+#if DB_VERSION_MINOR == 1 || DB_VERSION_MINOR == 2 || DB_VERSION_MINOR == 3 || DB_VERSION_MINOR == 4
-+ Db->dbp->open(Db->dbp, NULL, dbfile, NULL, DB_BTREE, flag, 0664)) != 0) {
-+#else
- Db->dbp->open(Db->dbp, dbfile, NULL, DB_BTREE, flag, 0664)) != 0) {
-+#endif
- (void) Db->dbp->close(Db->dbp, 0);
- sgLogFatalError("Error db_open: %s", strerror(ret));
- }
- } else {
- if ((ret =
-+#if DB_VERSION_MINOR == 1 || DB_VERSION_MINOR == 2 || DB_VERSION_MINOR == 3 || DB_VERSION_MINOR == 4
-+ Db->dbp->open(Db->dbp, NULL, dbfile, NULL, DB_BTREE, DB_CREATE, 0664)) != 0) {
-+#else
- Db->dbp->open(Db->dbp, dbfile, NULL, DB_BTREE, DB_CREATE, 0664)) != 0) {
-+#endif
- sgLogFatalError("Error db_open: %s", strerror(ret));
- }
- }
+++ /dev/null
-borrowed from gentoo
---- syslinux/com32/libutil/Makefile
-+++ syslinux/com32/libutil/Makefile
-@@ -40,7 +40,7 @@
- AR = ar
- NASM = nasm
- RANLIB = ranlib
--CFLAGS = $(M32) -mregparm=3 -DREGPARM=3 -D__COM32__ -W -Wall -march=i386 -Os -fomit-frame-pointer -I./include -I../include $(call gcc_ok,-fno-stack-protector,)
-+CFLAGS = $(M32) -mregparm=3 -DREGPARM=3 -D__COM32__ -W -Wall -march=i386 -Os -fomit-frame-pointer -I./include -I../include $(call gcc_ok,-fno-stack-protector,) $(call gcc_ok,-nopie,)
- SFLAGS = $(M32) -D__COM32__ -march=i386
- LDFLAGS = -T ../lib/com32.ld
- LNXCFLAGS = -I./include -W -Wall -fno-stack-protector -O -g
---- syslinux/dos/Makefile
-+++ syslinux/dos/Makefile
-@@ -3,7 +3,7 @@
- OBJCOPY = objcopy
- OPTFLAGS = -g -Os -march=i386 -falign-functions=0 -falign-jumps=0 -falign-loops=0 -fomit-frame-pointer
- INCLUDES = -include code16.h -I. -I.. -I../libfat
--CFLAGS = -W -Wall -fno-stack-protector -ffreestanding -msoft-float $(OPTFLAGS) $(INCLUDES)
-+CFLAGS = -W -Wall -nopie -fno-stack-protector -ffreestanding -msoft-float $(OPTFLAGS) $(INCLUDES)
- LDFLAGS = -T com16.ld
- AR = ar
- RANLIB = ranlib
+++ /dev/null
-borrowed from gentoo
---- syslinux/Makefile
-+++ syslinux/Makefile
-@@ -18,7 +18,7 @@
- OSTYPE = $(shell uname -msr)
- CC = gcc
- INCLUDE =
--CFLAGS = -W -Wall -Os -fomit-frame-pointer -D_FILE_OFFSET_BITS=64
-+CFLAGS = -W -Wall -fno-stack-protector -Os -fomit-frame-pointer -D_FILE_OFFSET_BITS=64
- PIC = -fPIC
- LDFLAGS = -O2 -s
- AR = ar
-@@ -194,9 +194,8 @@ libsyslinux.a: bootsect_bin.o ldlinux_bi
- $(LIB_SO): bootsect_bin.o ldlinux_bin.o syslxmod.o
- $(CC) $(LDFLAGS) -shared -Wl,-soname,$(LIB_SONAME) -o $@ $^
-
--gethostip.o: gethostip.c
--
--gethostip: gethostip.o
-+gethostip: gethostip.c
-+ $(CC) $(LDFLAGS) gethostip.c -o gethostip -fno-stack-protector
-
- mkdiskimage: mkdiskimage.in mbr.bin bin2hex.pl
- $(PERL) bin2hex.pl < mbr.bin | cat mkdiskimage.in - > $@
---- syslinux/com32/lib/MCONFIG
-+++ syslinux/com32/lib/MCONFIG
-@@ -18,7 +18,7 @@ LIBFLAGS = -DDYNAMIC_CRC_TABLE -DPNG_NO_
-
- REQFLAGS = -g -m32 -mregparm=3 -DREGPARM=3 -D__COM32__ -I. -I./sys -I../include
- OPTFLAGS = -Os -march=i386 -falign-functions=0 -falign-jumps=0 \
-- -falign-labels=0
-+ -falign-labels=0 -fno-stack-protector
- WARNFLAGS = -W -Wall -Wpointer-arith -Wwrite-strings -Wstrict-prototypes -Winline
-
- CFLAGS = -Wp,-MT,$@,-MD,$(dir $@).$(notdir $@).d $(OPTFLAGS) \
---- syslinux/com32/libutil/Makefile
-+++ syslinux/com32/libutil/Makefile
-@@ -40,10 +40,10 @@ LD = ld -m elf_i386
- AR = ar
- NASM = nasm
- RANLIB = ranlib
--CFLAGS = $(M32) -mregparm=3 -DREGPARM=3 -D__COM32__ -W -Wall -march=i386 -Os -fomit-frame-pointer -I./include -I../include
-+CFLAGS = $(M32) -mregparm=3 -DREGPARM=3 -D__COM32__ -W -Wall -march=i386 -Os -fomit-frame-pointer -I./include -I../include $(call gcc_ok,-fno-stack-protector,)
- SFLAGS = $(M32) -D__COM32__ -march=i386
- LDFLAGS = -T ../lib/com32.ld
--LNXCFLAGS = -I./include -W -Wall -O -g
-+LNXCFLAGS = -I./include -W -Wall -O -g $(call gcc_ok,-fno-stack-protector,)
- LNXSFLAGS = -g
- LNXLDFLAGS = -g
- OBJCOPY = objcopy
---- syslinux/com32/modules/Makefile
-+++ syslinux/com32/modules/Makefile
-@@ -25,8 +25,8 @@ LD = ld -m elf_i386
- AR = ar
- NASM = nasm
- RANLIB = ranlib
--CFLAGS = $(M32) -mregparm=3 -DREGPARM=3 -W -Wall -march=i386 -Os -fomit-frame-pointer -I../libutil/include -I../include -D__COM32__
--LNXCFLAGS = -W -Wall -O -g -I../libutil/include
-+CFLAGS = $(M32) -mregparm=3 -DREGPARM=3 -W -Wall -march=i386 -Os -fomit-frame-pointer -I../libutil/include -I../include -D__COM32__ $(call gcc_ok,-fno-stack-protector,)
-+LNXCFLAGS = -W -Wall -O -g -I../libutil/include $(call gcc_ok,-fno-stack-protector,)
- LNXSFLAGS = -g
- LNXLDFLAGS = -g
- SFLAGS = -D__COM32__ -march=i386
---- syslinux/com32/samples/Makefile
-+++ syslinux/com32/samples/Makefile
-@@ -25,8 +25,8 @@ LD = ld -m elf_i386
- AR = ar
- NASM = nasm
- RANLIB = ranlib
--CFLAGS = $(M32) -mregparm=3 -DREGPARM=3 -W -Wall -march=i386 -Os -fomit-frame-pointer -I../libutil/include -I../include -D__COM32__
--LNXCFLAGS = -W -Wall -O -g -I../libutil/include
-+CFLAGS = $(M32) -mregparm=3 -DREGPARM=3 -W -Wall -march=i386 -Os -fomit-frame-pointer -I../libutil/include -I../include -D__COM32__ $(call gcc_ok,-fno-stack-protector,)
-+LNXCFLAGS = -W -Wall -O -g -I../libutil/include $(call gcc_ok,-fno-stack-protector,)
- LNXSFLAGS = -g
- LNXLDFLAGS = -g
- SFLAGS = -D__COM32__ -march=i386
---- syslinux/dos/Makefile
-+++ syslinux/dos/Makefile
-@@ -3,7 +3,7 @@ LD = ld -m elf_i386
- OBJCOPY = objcopy
- OPTFLAGS = -g -Os -march=i386 -falign-functions=0 -falign-jumps=0 -falign-loops=0 -fomit-frame-pointer
- INCLUDES = -include code16.h -I. -I.. -I../libfat
--CFLAGS = -W -Wall -ffreestanding -msoft-float $(OPTFLAGS) $(INCLUDES)
-+CFLAGS = -W -Wall -fno-stack-protector -ffreestanding -msoft-float $(OPTFLAGS) $(INCLUDES)
- LDFLAGS = -T com16.ld
- AR = ar
- RANLIB = ranlib
---- syslinux/extlinux/Makefile
-+++ syslinux/extlinux/Makefile
-@@ -1,7 +1,7 @@
- CC = gcc
- OPTFLAGS = -g -Os
- INCLUDES = -I. -I.. -I../libfat
--CFLAGS = -W -Wall -Wno-sign-compare -D_FILE_OFFSET_BITS=64 $(OPTFLAGS) $(INCLUDES)
-+CFLAGS = -W -Wall -fno-stack-protector -Wno-sign-compare -D_FILE_OFFSET_BITS=64 $(OPTFLAGS) $(INCLUDES)
- LDFLAGS = -s
-
- SRCS = extlinux.c ../extlinux_bss_bin.c ../extlinux_sys_bin.c
---- syslinux/memdisk/Makefile
-+++ syslinux/memdisk/Makefile
-@@ -20,7 +20,7 @@ M32 := $(call gcc_ok,-m32,)
- FREE := $(call gcc_ok,-ffreestanding,)
-
- CC = gcc $(M32) $(FREE)
--CFLAGS = -g -W -Wall -Wno-sign-compare \
-+CFLAGS = -g -W -Wall -Wno-sign-compare $(call gcc_ok,-fno-stack-protector,) \
- -Os -fomit-frame-pointer -march=i386 $(ALIGN) \
- -DVERSION='"$(VERSION)"' -DDATE='"$(DATE)"'
- LDFLAGS = -g
---- syslinux/menu/Makefile
-+++ syslinux/menu/Makefile
-@@ -5,7 +5,7 @@ M32 := $(call gcc_ok,-m32,)
- COM32DIR = ../com32
- LUDIR = $(COM32DIR)/libutil
- LDIR = $(COM32DIR)/lib
--CFLAGS = $(M32) -mregparm=3 -DREGPARM=3 -W -Wall -march=i386 -Os -fomit-frame-pointer -I$(LUDIR)/include -I$(COM32DIR)/include -Ilibmenu -D__COM32__
-+CFLAGS = $(M32) -mregparm=3 -DREGPARM=3 -W -Wall -march=i386 -Os -fomit-frame-pointer -I$(LUDIR)/include -I$(COM32DIR)/include -Ilibmenu -D__COM32__ $(call gcc_ok,-fno-stack-protector,)
- SFLAGS = -D__COM32__ -march=i386
- LDFLAGS = -T $(LDIR)/com32.ld
- OBJCOPY = objcopy
---- syslinux/mtools/Makefile
-+++ syslinux/mtools/Makefile
-@@ -1,7 +1,7 @@
- CC = gcc
- OPTFLAGS = -g -Os
- INCLUDES = -I. -I.. -I../libfat
--CFLAGS = -W -Wall -D_FILE_OFFSET_BITS=64 $(OPTFLAGS) $(INCLUDES)
-+CFLAGS = -W -Wall -fno-stack-protector -D_FILE_OFFSET_BITS=64 $(OPTFLAGS) $(INCLUDES)
- LDFLAGS = -s
-
- SRCS = syslinux.c ../syslxmod.c ../bootsect_bin.c ../ldlinux_bin.c $(wildcard ../libfat/*.c)
---- syslinux/sample/Makefile
-+++ syslinux/sample/Makefile
-@@ -25,7 +25,7 @@ LD = ld -m elf_i386
- AR = ar
- NASM = nasm
- RANLIB = ranlib
--CFLAGS = -W -Wall -march=i386 -Os -fomit-frame-pointer -I../com32/include
-+CFLAGS = -W -Wall -march=i386 -Os -fomit-frame-pointer -I../com32/include $(call gcc_ok,-fno-stack-protector,)
- SFLAGS = -march=i386
- LDFLAGS = -s
- OBJCOPY = objcopy
---- syslinux/unix/Makefile
-+++ syslinux/unix/Makefile
-@@ -1,7 +1,7 @@
- CC = gcc
- OPTFLAGS = -g -Os
- INCLUDES = -I. -I.. -I../libfat
--CFLAGS = -W -Wall -D_FILE_OFFSET_BITS=64 $(OPTFLAGS) $(INCLUDES)
-+CFLAGS = -W -Wall -fno-stack-protector -D_FILE_OFFSET_BITS=64 $(OPTFLAGS) $(INCLUDES)
- LDFLAGS = -s
-
- SRCS = syslinux.c ../syslxmod.c ../bootsect_bin.c ../ldlinux_bin.c $(wildcard ../libfat/*.c)
---- syslinux/win32/Makefile
-+++ syslinux/win32/Makefile
-@@ -23,7 +23,7 @@ ifeq ($(findstring CYGWIN,$(OSTYPE)),CYG
- CC = gcc
- AR = ar
- RANLIB = ranlib
--CFLAGS = -mno-cygwin -W -Wall -Os -fomit-frame-pointer -D_FILE_OFFSET_BITS=64
-+CFLAGS = -mno-cygwin -W -Wall -fno-stack-protector -Os -fomit-frame-pointer -D_FILE_OFFSET_BITS=64
- PIC =
- LDFLAGS = -mno-cygwin -Os -s
- else
-@@ -37,7 +37,7 @@ AR = mingw-ar
- RANLIB = mingw-ranlib
- endif
-
--CFLAGS = -W -Wall -Wno-sign-compare -Os -fomit-frame-pointer -D_FILE_OFFSET_BITS=64
-+CFLAGS = -W -Wall -fno-stack-protector -Wno-sign-compare -Os -fomit-frame-pointer -D_FILE_OFFSET_BITS=64
- PIC =
- LDFLAGS = -Os -s
- endif
+++ /dev/null
---- Makefile.bak 2006-10-24 00:56:23.000000000 +0000
-+++ Makefile 2006-10-23 19:57:49.000000000 +0000
-@@ -32,7 +32,7 @@
- ./gen_wc8bit `cat codesets.txt`
-
- gen_wctype: gen_wctype.c
-- $(HOSTCC) $(HOSTCFLAGS) $(NATIVE_LDFLAGS) -D__UCLIBC_GEN_LOCALE $^ -o $@
-+ $(HOSTCC) $(HOSTCFLAGS) $(NATIVE_LDFLAGS) -O1 -D__UCLIBC_GEN_LOCALE $^ -o $@
-
- # Warning! Beware tr_TR toupper/tolower exceptions!
- wctables.h: gen_wctype
+++ /dev/null
-diff -Naur v4l-dvb-4c4fd6b8755c.org/linux/drivers/media/video/videodev.c v4l-dvb/linux/drivers/media/video/videodev.c
---- v4l-dvb-4c4fd6b8755c.org/linux/drivers/media/video/videodev.c 2008-05-02 12:51:27.000000000 +0200
-+++ v4l-dvb/linux/drivers/media/video/videodev.c 2008-05-10 14:40:07.000000000 +0200
-@@ -492,7 +492,7 @@
-
- static struct class video_class = {
- .name = VIDEO_NAME,
--#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,13)
-+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
- .release = video_release,
- #else
- .dev_attrs = video_device_attrs,
-@@ -2102,28 +2102,28 @@
-
- /* sysfs class */
- memset(&vfd->class_dev, 0x00, sizeof(vfd->class_dev));
--#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,13)
-- if (vfd->dev)
-- vfd->class_dev.dev = vfd->dev;
-+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
-+// if (vfd->dev)
-+// vfd->class_dev.dev = vfd->dev;
- #else
- if (vfd->dev)
- vfd->class_dev.parent = vfd->dev;
- #endif
-- vfd->class_dev.class = &video_class;
-+// vfd->class_dev.class = &video_class;
- #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,12)
-- vfd->class_dev.devt = MKDEV(VIDEO_MAJOR, vfd->minor);
-+// vfd->class_dev.devt = MKDEV(VIDEO_MAJOR, vfd->minor);
- #endif
--#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,13)
-- sprintf(vfd->class_dev.class_id, "%s%d", name_base, i - base);
-+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
-+// sprintf(vfd->class_dev.class_id, "%s%d", name_base, i - base);
- #else
- sprintf(vfd->class_dev.bus_id, "%s%d", name_base, i - base);
- #endif
-- ret = device_register(&vfd->class_dev);
-- if (ret < 0) {
-- printk(KERN_ERR "%s: device_register failed\n",
-+// ret = device_register(&vfd->class_dev);
-+// if (ret < 0) {
-+ printk(KERN_ERR "%s: device_register disabled\n",
- __func__);
-- goto fail_minor;
-- }
-+// goto fail_minor;
-+// }
- #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,13)
- ret = class_device_create_file(&vfd->class_dev, &class_device_attr_name);
- if (ret < 0) {
-@@ -2176,7 +2176,7 @@
- panic("videodev: bad unregister");
-
- video_device[vfd->minor]=NULL;
-- device_unregister(&vfd->class_dev);
-+// device_unregister(&vfd->class_dev);
- mutex_unlock(&videodev_lock);
- }
- EXPORT_SYMBOL(video_unregister_device);
projects / ipfire-2.x.git / commitdiff
