add generic 2.6.28 patches

[openwrt.git] / target / linux / generic-2.6 / patches-2.6.26 / 101-netfilter_layer7_pktmatch.patch

diff --git a/target/linux/generic-2.6/patches-2.6.26/101-netfilter_layer7_pktmatch.patch b/target/linux/generic-2.6/patches-2.6.26/101-netfilter_layer7_pktmatch.patch
index 167d578cf1535efce1e16260b57008664d6f721c..ad0fdb823fbe62d1686666959e75d452e1823d8a 100644 (file)
--- a/target/linux/generic-2.6/patches-2.6.26/101-netfilter_layer7_pktmatch.patch
+++ b/target/linux/generic-2.6/patches-2.6.26/101-netfilter_layer7_pktmatch.patch
@@ -1,6 +1,6 @@
 --- a/include/linux/netfilter/xt_layer7.h
 +++ b/include/linux/netfilter/xt_layer7.h
-@@ -8,6 +8,7 @@
+@@ -8,6 +8,7 @@ struct xt_layer7_info {
      char protocol[MAX_PROTOCOL_LEN];
      char pattern[MAX_PATTERN_LEN];
      u_int8_t invert;
@@ -10,7 +10,7 @@
  #endif /* _XT_LAYER7_H */
 --- a/net/netfilter/xt_layer7.c
 +++ b/net/netfilter/xt_layer7.c
-@@ -297,34 +297,36 @@
+@@ -297,34 +297,36 @@ static int match_no_append(struct nf_con
  }
  
  /* add the new app data to the conntrack.  Return number of bytes added. */
@@ -20,13 +20,12 @@
  {
        int length = 0, i;
 -      int oldlength = master_conntrack->layer7.app_data_len;
--
--      /* This is a fix for a race condition by Deti Fliegl. However, I'm not 
--         clear on whether the race condition exists or whether this really 
--         fixes it.  I might just be being dense... Anyway, if it's not really 
+ 
+-      /* This is a fix for a race condition by Deti Fliegl. However, I'm not
+-         clear on whether the race condition exists or whether this really
+-         fixes it.  I might just be being dense... Anyway, if it's not really
 -         a fix, all it does is waste a very small amount of time. */
 -      if(!master_conntrack->layer7.app_data) return 0;
-+      
 +      if (!target) return 0;
  
        /* Strip nulls. Make everything lower case (our regex lib doesn't
@@ -38,13 +37,13 @@
                        /* the kernel version of tolower mungs 'upper ascii' */
 -                      master_conntrack->layer7.app_data[length+oldlength] =
 +                      target[length+offset] =
-                               isascii(app_data[i])? 
+                               isascii(app_data[i])?
                                        tolower(app_data[i]) : app_data[i];
                        length++;
                }
        }
 +      target[length+offset] = '\0';
-+      
++
 +      return length;
 +}
  
@@ -61,7 +60,7 @@
        return length;
  }
  
-@@ -411,7 +413,7 @@
+@@ -411,7 +413,7 @@ match(const struct sk_buff *skbin,
        const struct xt_layer7_info * info = matchinfo;
        enum ip_conntrack_info master_ctinfo, ctinfo;
        struct nf_conn *master_conntrack, *conntrack;
@@ -70,7 +69,7 @@
        unsigned int pattern_result, appdatalen;
        regexp * comppattern;
  
-@@ -439,8 +441,8 @@
+@@ -439,8 +441,8 @@ match(const struct sk_buff *skbin,
                master_conntrack = master_ct(master_conntrack);
  
        /* if we've classified it or seen too many packets */
@@ -79,9 +78,9 @@
 +      if(!info->pkt && (TOTAL_PACKETS > num_packets ||
 +         master_conntrack->layer7.app_proto)) {
  
-               pattern_result = match_no_append(conntrack, master_conntrack, 
+               pattern_result = match_no_append(conntrack, master_conntrack,
                                                 ctinfo, master_ctinfo, info);
-@@ -473,6 +475,25 @@
+@@ -473,6 +475,25 @@ match(const struct sk_buff *skbin,
        /* the return value gets checked later, when we're ready to use it */
        comppattern = compile_and_cache(info->pattern, info->protocol);
  
@@ -105,5 +104,5 @@
 +      }
 +
        /* On the first packet of a connection, allocate space for app data */
-       if(TOTAL_PACKETS == 1 && !skb->cb[0] && 
+       if(TOTAL_PACKETS == 1 && !skb->cb[0] &&
           !master_conntrack->layer7.app_data){