From 13c73af79619296db1dd01443fd0dfee7f00cfc6 Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Sat, 3 Oct 2009 01:09:35 +0200 Subject: [PATCH] pknock: remove unneeded braces --- extensions/libxt_pknock.c | 15 +++------------ extensions/xt_pknock.c | 24 +++++------------------- 2 files changed, 8 insertions(+), 31 deletions(-) diff --git a/extensions/libxt_pknock.c b/extensions/libxt_pknock.c index 149a43a..eef8f71 100644 --- a/extensions/libxt_pknock.c +++ b/extensions/libxt_pknock.c @@ -245,40 +245,31 @@ static void pknock_check(unsigned int flags) "--name option is required.\n"); if (flags & XT_PKNOCK_KNOCKPORT) { - if (flags & XT_PKNOCK_CHECKIP) { + if (flags & XT_PKNOCK_CHECKIP) xtables_error(PARAMETER_PROBLEM, PKNOCK "cannot specify --knockports with --checkip.\n"); - } if ((flags & XT_PKNOCK_OPENSECRET) && !(flags & XT_PKNOCK_CLOSESECRET)) - { xtables_error(PARAMETER_PROBLEM, PKNOCK "--opensecret must go with --closesecret.\n"); - } if ((flags & XT_PKNOCK_CLOSESECRET) && !(flags & XT_PKNOCK_OPENSECRET)) - { xtables_error(PARAMETER_PROBLEM, PKNOCK "--closesecret must go with --opensecret.\n"); - } } if (flags & XT_PKNOCK_CHECKIP) { - if (flags & XT_PKNOCK_KNOCKPORT) { + if (flags & XT_PKNOCK_KNOCKPORT) xtables_error(PARAMETER_PROBLEM, PKNOCK "cannot specify --checkip with --knockports.\n"); - } if ((flags & XT_PKNOCK_OPENSECRET) || (flags & XT_PKNOCK_CLOSESECRET)) - { xtables_error(PARAMETER_PROBLEM, PKNOCK "cannot specify --opensecret and" " --closesecret with --checkip.\n"); - } - if (flags & XT_PKNOCK_TIME) { + if (flags & XT_PKNOCK_TIME) xtables_error(PARAMETER_PROBLEM, PKNOCK "cannot specify --time with --checkip.\n"); - } } } diff --git a/extensions/xt_pknock.c b/extensions/xt_pknock.c index 6949908..5ad962c 100644 --- a/extensions/xt_pknock.c +++ b/extensions/xt_pknock.c @@ -796,11 +796,10 @@ has_secret(const unsigned char *secret, unsigned int secret_len, uint32_t ipsrc, crypt_to_hex(hexresult, result, crypto.size); - if (memcmp(hexresult, payload, hexa_size) != 0) { + if (memcmp(hexresult, payload, hexa_size) != 0) pr_debug("secret match failed\n"); - } else { + else fret = true; - } out: kfree(hexresult); @@ -832,9 +831,8 @@ pass_security(struct peer *peer, const struct xt_pknock_mtinfo *info, if (!has_secret(info->open_secret, info->open_secret_len, htonl(peer->ip), payload, payload_len)) - { return false; - } + return true; } #endif /* PK_CRYPTO */ @@ -870,9 +868,8 @@ update_peer(struct peer *peer, const struct xt_pknock_mtinfo *info, if (hdr->proto != IPPROTO_UDP) return false; - if (!pass_security(peer, info, hdr->payload, hdr->payload_len)) { + if (!pass_security(peer, info, hdr->payload, hdr->payload_len)) return false; - } } #endif @@ -1068,35 +1065,26 @@ static bool pknock_mt_check(const struct xt_mtchk_param *par) #endif if (info->option & XT_PKNOCK_KNOCKPORT) { - if (info->option & XT_PKNOCK_CHECKIP) { + if (info->option & XT_PKNOCK_CHECKIP) RETURN_ERR("Can't specify --knockports with --checkip.\n"); - } #ifdef PK_CRYPTO if ((info->option & XT_PKNOCK_OPENSECRET) && !(info->option & XT_PKNOCK_CLOSESECRET)) - { RETURN_ERR("--opensecret must go with --closesecret.\n"); - } if ((info->option & XT_PKNOCK_CLOSESECRET) && !(info->option & XT_PKNOCK_OPENSECRET)) - { RETURN_ERR("--closesecret must go with --opensecret.\n"); - } #endif } if (info->option & XT_PKNOCK_CHECKIP) { if (info->option & XT_PKNOCK_KNOCKPORT) - { RETURN_ERR("Can't specify --checkip with --knockports.\n"); - } #ifdef PK_CRYPTO if ((info->option & XT_PKNOCK_OPENSECRET) || (info->option & XT_PKNOCK_CLOSESECRET)) - { RETURN_ERR("Can't specify --opensecret and --closesecret" " with --checkip.\n"); - } #endif if (info->option & XT_PKNOCK_TIME) RETURN_ERR("Can't specify --time with --checkip.\n"); @@ -1107,9 +1095,7 @@ static bool pknock_mt_check(const struct xt_mtchk_param *par) if (info->open_secret_len == info->close_secret_len) { if (memcmp(info->open_secret, info->close_secret, info->open_secret_len) == 0) - { RETURN_ERR("opensecret & closesecret cannot be equal.\n"); - } } } #endif