anonfunc/xtables-addons
1
0
Fork 0
mirror of git://git.code.sf.net/p/xtables-addons/xtables-addons synced 2025-09-21 20:14:56 +02:00
Code Issues Releases Wiki Activity

pknock: remove unneeded braces

Browse Source
This commit is contained in:
Jan Engelhardt
2009-10-03 01:09:35 +02:00
parent ba9a3efec1
commit 13c73af796
2 changed files with 8 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
extensions/libxt_pknock.c
View File

@@ -245,40 +245,31 @@ static void pknock_check(unsigned int flags)
"--name option is required.\n"); "--name option is required.\n");
if (flags & XT_PKNOCK_KNOCKPORT) { if (flags & XT_PKNOCK_KNOCKPORT) {
if (flags & XT_PKNOCK_CHECKIP) { if (flags & XT_PKNOCK_CHECKIP)
xtables_error(PARAMETER_PROBLEM, PKNOCK xtables_error(PARAMETER_PROBLEM, PKNOCK
"cannot specify --knockports with --checkip.\n"); "cannot specify --knockports with --checkip.\n");
}
if ((flags & XT_PKNOCK_OPENSECRET) if ((flags & XT_PKNOCK_OPENSECRET)
&& !(flags & XT_PKNOCK_CLOSESECRET)) && !(flags & XT_PKNOCK_CLOSESECRET))
{
xtables_error(PARAMETER_PROBLEM, PKNOCK xtables_error(PARAMETER_PROBLEM, PKNOCK
"--opensecret must go with --closesecret.\n"); "--opensecret must go with --closesecret.\n");
}
if ((flags & XT_PKNOCK_CLOSESECRET) if ((flags & XT_PKNOCK_CLOSESECRET)
&& !(flags & XT_PKNOCK_OPENSECRET)) && !(flags & XT_PKNOCK_OPENSECRET))
{
xtables_error(PARAMETER_PROBLEM, PKNOCK xtables_error(PARAMETER_PROBLEM, PKNOCK
"--closesecret must go with --opensecret.\n"); "--closesecret must go with --opensecret.\n");
}
} }
if (flags & XT_PKNOCK_CHECKIP) { if (flags & XT_PKNOCK_CHECKIP) {
if (flags & XT_PKNOCK_KNOCKPORT) { if (flags & XT_PKNOCK_KNOCKPORT)
xtables_error(PARAMETER_PROBLEM, PKNOCK xtables_error(PARAMETER_PROBLEM, PKNOCK
"cannot specify --checkip with --knockports.\n"); "cannot specify --checkip with --knockports.\n");
}
if ((flags & XT_PKNOCK_OPENSECRET) if ((flags & XT_PKNOCK_OPENSECRET)
|| (flags & XT_PKNOCK_CLOSESECRET)) || (flags & XT_PKNOCK_CLOSESECRET))
{
xtables_error(PARAMETER_PROBLEM, PKNOCK xtables_error(PARAMETER_PROBLEM, PKNOCK
"cannot specify --opensecret and" "cannot specify --opensecret and"
" --closesecret with --checkip.\n"); " --closesecret with --checkip.\n");
} if (flags & XT_PKNOCK_TIME)
if (flags & XT_PKNOCK_TIME) {
xtables_error(PARAMETER_PROBLEM, PKNOCK xtables_error(PARAMETER_PROBLEM, PKNOCK
"cannot specify --time with --checkip.\n"); "cannot specify --time with --checkip.\n");
}
} }
} }

24
extensions/xt_pknock.c
View File

@@ -796,11 +796,10 @@ has_secret(const unsigned char *secret, unsigned int secret_len, uint32_t ipsrc,
crypt_to_hex(hexresult, result, crypto.size); crypt_to_hex(hexresult, result, crypto.size);
if (memcmp(hexresult, payload, hexa_size) != 0) { if (memcmp(hexresult, payload, hexa_size) != 0)
pr_debug("secret match failed\n"); pr_debug("secret match failed\n");
} else { else
fret = true; fret = true;
}
out: out:
kfree(hexresult); kfree(hexresult);
@@ -832,9 +831,8 @@ pass_security(struct peer *peer, const struct xt_pknock_mtinfo *info,
if (!has_secret(info->open_secret, if (!has_secret(info->open_secret,
info->open_secret_len, htonl(peer->ip), info->open_secret_len, htonl(peer->ip),
payload, payload_len)) payload, payload_len))
{
return false; return false;
}
return true; return true;
} }
#endif /* PK_CRYPTO */ #endif /* PK_CRYPTO */
@@ -870,9 +868,8 @@ update_peer(struct peer *peer, const struct xt_pknock_mtinfo *info,
if (hdr->proto != IPPROTO_UDP) if (hdr->proto != IPPROTO_UDP)
return false; return false;
if (!pass_security(peer, info, hdr->payload, hdr->payload_len)) { if (!pass_security(peer, info, hdr->payload, hdr->payload_len))
return false; return false;
}
} }
#endif #endif
@@ -1068,35 +1065,26 @@ static bool pknock_mt_check(const struct xt_mtchk_param *par)
#endif #endif
if (info->option & XT_PKNOCK_KNOCKPORT) { if (info->option & XT_PKNOCK_KNOCKPORT) {
if (info->option & XT_PKNOCK_CHECKIP) { if (info->option & XT_PKNOCK_CHECKIP)
RETURN_ERR("Can't specify --knockports with --checkip.\n"); RETURN_ERR("Can't specify --knockports with --checkip.\n");
}
#ifdef PK_CRYPTO #ifdef PK_CRYPTO
if ((info->option & XT_PKNOCK_OPENSECRET) && if ((info->option & XT_PKNOCK_OPENSECRET) &&
!(info->option & XT_PKNOCK_CLOSESECRET)) !(info->option & XT_PKNOCK_CLOSESECRET))
{
RETURN_ERR("--opensecret must go with --closesecret.\n"); RETURN_ERR("--opensecret must go with --closesecret.\n");
}
if ((info->option & XT_PKNOCK_CLOSESECRET) && if ((info->option & XT_PKNOCK_CLOSESECRET) &&
!(info->option & XT_PKNOCK_OPENSECRET)) !(info->option & XT_PKNOCK_OPENSECRET))
{
RETURN_ERR("--closesecret must go with --opensecret.\n"); RETURN_ERR("--closesecret must go with --opensecret.\n");
}
#endif #endif
} }
if (info->option & XT_PKNOCK_CHECKIP) { if (info->option & XT_PKNOCK_CHECKIP) {
if (info->option & XT_PKNOCK_KNOCKPORT) if (info->option & XT_PKNOCK_KNOCKPORT)
{
RETURN_ERR("Can't specify --checkip with --knockports.\n"); RETURN_ERR("Can't specify --checkip with --knockports.\n");
}
#ifdef PK_CRYPTO #ifdef PK_CRYPTO
if ((info->option & XT_PKNOCK_OPENSECRET) || if ((info->option & XT_PKNOCK_OPENSECRET) ||
(info->option & XT_PKNOCK_CLOSESECRET)) (info->option & XT_PKNOCK_CLOSESECRET))
{
RETURN_ERR("Can't specify --opensecret and --closesecret" RETURN_ERR("Can't specify --opensecret and --closesecret"
" with --checkip.\n"); " with --checkip.\n");
}
#endif #endif
if (info->option & XT_PKNOCK_TIME) if (info->option & XT_PKNOCK_TIME)
RETURN_ERR("Can't specify --time with --checkip.\n"); RETURN_ERR("Can't specify --time with --checkip.\n");
@@ -1107,9 +1095,7 @@ static bool pknock_mt_check(const struct xt_mtchk_param *par)
if (info->open_secret_len == info->close_secret_len) { if (info->open_secret_len == info->close_secret_len) {
if (memcmp(info->open_secret, info->close_secret, if (memcmp(info->open_secret, info->close_secret,
info->open_secret_len) == 0) info->open_secret_len) == 0)
{
RETURN_ERR("opensecret & closesecret cannot be equal.\n"); RETURN_ERR("opensecret & closesecret cannot be equal.\n");
}
} }
} }
#endif #endif