![[BACK]](/icons/back.gif){kind=icon}
Return to if_gre.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / sys / net|
Return to if_gre.c CVS log | Up to [local] / sys / net |
1.1 nbrk 1: /* $OpenBSD: if_gre.c,v 1.41 2006/05/28 04:30:16 claudio Exp $ */
2: /* $NetBSD: if_gre.c,v 1.9 1999/10/25 19:18:11 drochner Exp $ */
3:
4: /*
5: * Copyright (c) 1998 The NetBSD Foundation, Inc.
6: * All rights reserved.
7: *
8: * This code is derived from software contributed to The NetBSD Foundation
9: * by Heiko W.Rupp <hwr@pilhuhn.de>
10: *
11: * IPv6-over-GRE contributed by Gert Doering <gert@greenie.muc.de>
12: *
13: * Redistribution and use in source and binary forms, with or without
14: * modification, are permitted provided that the following conditions
15: * are met:
16: * 1. Redistributions of source code must retain the above copyright
17: * notice, this list of conditions and the following disclaimer.
18: * 2. Redistributions in binary form must reproduce the above copyright
19: * notice, this list of conditions and the following disclaimer in the
20: * documentation and/or other materials provided with the distribution.
21: * 3. All advertising materials mentioning features or use of this software
22: * must display the following acknowledgement:
23: * This product includes software developed by the NetBSD
24: * Foundation, Inc. and its contributors.
25: * 4. Neither the name of The NetBSD Foundation nor the names of its
26: * contributors may be used to endorse or promote products derived
27: * from this software without specific prior written permission.
28: *
29: * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
30: * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
31: * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
32: * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
33: * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
34: * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
35: * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
36: * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
37: * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
38: * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
39: * POSSIBILITY OF SUCH DAMAGE.
40: */
41:
42: /*
43: * Encapsulate L3 protocols into IP, per RFC 1701 and 1702.
44: * See gre(4) for more details.
45: * Also supported: IP in IP encapsulation (proto 55) per RFC 2004.
46: */
47:
48: #include "gre.h"
49: #if NGRE > 0
50:
51: #include "bpfilter.h"
52:
53: #include <sys/param.h>
54: #include <sys/proc.h>
55: #include <sys/mbuf.h>
56: #include <sys/socket.h>
57: #include <sys/sockio.h>
58: #include <sys/kernel.h>
59: #include <sys/systm.h>
60:
61: #include <net/if.h>
62: #include <net/if_types.h>
63: #include <net/netisr.h>
64: #include <net/route.h>
65:
66: #ifdef INET
67: #include <netinet/in.h>
68: #include <netinet/in_systm.h>
69: #include <netinet/in_var.h>
70: #include <netinet/ip.h>
71: #include <netinet/ip_var.h>
72: #include <netinet/if_ether.h>
73: #else
74: #error "if_gre used without inet"
75: #endif
76:
77: #ifdef NETATALK
78: #include <netatalk/at.h>
79: #include <netatalk/at_var.h>
80: #include <netatalk/at_extern.h>
81: #endif
82:
83: #if NBPFILTER > 0
84: #include <net/bpf.h>
85: #endif
86:
87: #include <net/if_gre.h>
88:
89: #ifndef GRE_RECURSION_LIMIT
90: #define GRE_RECURSION_LIMIT 3 /* How many levels of recursion allowed */
91: #endif /* GRE_RECURSION_LIMIT */
92:
93: /*
94: * It is not easy to calculate the right value for a GRE MTU.
95: * We leave this task to the admin and use the same default that
96: * other vendors use.
97: */
98: #define GREMTU 1476
99:
100: int gre_clone_create(struct if_clone *, int);
101: int gre_clone_destroy(struct ifnet *);
102:
103: struct gre_softc_head gre_softc_list;
104: struct if_clone gre_cloner =
105: IF_CLONE_INITIALIZER("gre", gre_clone_create, gre_clone_destroy);
106:
107: /*
108: * We can control the acceptance of GRE and MobileIP packets by
109: * altering the sysctl net.inet.gre.allow and net.inet.mobileip.allow values
110: * respectively. Zero means drop them, all else is acceptance. We can also
111: * control acceptance of WCCPv1-style GRE packets through the
112: * net.inet.gre.wccp value, but be aware it depends upon normal GRE being
113: * allowed as well.
114: *
115: */
116: int gre_allow = 0;
117: int gre_wccp = 0;
118: int ip_mobile_allow = 0;
119:
120: static void gre_compute_route(struct gre_softc *sc);
121:
122: void
123: greattach(int n)
124: {
125: LIST_INIT(&gre_softc_list);
126: if_clone_attach(&gre_cloner);
127: }
128:
129: int
130: gre_clone_create(struct if_clone *ifc, int unit)
131: {
132: struct gre_softc *sc;
133: int s;
134:
135: sc = malloc(sizeof(*sc), M_DEVBUF, M_NOWAIT);
136: if (!sc)
137: return (ENOMEM);
138: bzero(sc, sizeof(*sc));
139: snprintf(sc->sc_if.if_xname, sizeof sc->sc_if.if_xname, "%s%d",
140: ifc->ifc_name, unit);
141: sc->sc_if.if_softc = sc;
142: sc->sc_if.if_type = IFT_TUNNEL;
143: sc->sc_if.if_addrlen = 0;
144: sc->sc_if.if_hdrlen = 24; /* IP + GRE */
145: sc->sc_if.if_mtu = GREMTU;
146: sc->sc_if.if_flags = IFF_POINTOPOINT|IFF_MULTICAST;
147: sc->sc_if.if_output = gre_output;
148: sc->sc_if.if_ioctl = gre_ioctl;
149: sc->sc_if.if_collisions = 0;
150: sc->sc_if.if_ierrors = 0;
151: sc->sc_if.if_oerrors = 0;
152: sc->sc_if.if_ipackets = 0;
153: sc->sc_if.if_opackets = 0;
154: sc->g_dst.s_addr = sc->g_src.s_addr = INADDR_ANY;
155: sc->g_proto = IPPROTO_GRE;
156: sc->sc_if.if_flags |= IFF_LINK0;
157:
158: if_attach(&sc->sc_if);
159: if_alloc_sadl(&sc->sc_if);
160:
161: #if NBPFILTER > 0
162: bpfattach(&sc->sc_if.if_bpf, &sc->sc_if, DLT_NULL,
163: sizeof(u_int32_t));
164: #endif
165: s = splnet();
166: LIST_INSERT_HEAD(&gre_softc_list, sc, sc_list);
167: splx(s);
168:
169: return (0);
170: }
171:
172: int
173: gre_clone_destroy(struct ifnet *ifp)
174: {
175: struct gre_softc *sc = ifp->if_softc;
176: int s;
177:
178: s = splnet();
179: LIST_REMOVE(sc, sc_list);
180: splx(s);
181:
182: if_detach(ifp);
183:
184: free(sc, M_DEVBUF);
185: return (0);
186: }
187:
188: /*
189: * The output routine. Takes a packet and encapsulates it in the protocol
190: * given by sc->g_proto. See also RFC 1701 and RFC 2004.
191: */
192:
193: int
194: gre_output(struct ifnet *ifp, struct mbuf *m, struct sockaddr *dst,
195: struct rtentry *rt)
196: {
197: int error = 0;
198: struct gre_softc *sc = (struct gre_softc *) (ifp->if_softc);
199: struct greip *gh = NULL;
200: struct ip *inp = NULL;
201: u_int8_t ip_tos = 0;
202: u_int16_t etype = 0;
203: struct mobile_h mob_h;
204: struct m_tag *mtag;
205:
206: if ((ifp->if_flags & IFF_UP) == 0 ||
207: sc->g_src.s_addr == INADDR_ANY || sc->g_dst.s_addr == INADDR_ANY) {
208: m_freem(m);
209: error = ENETDOWN;
210: goto end;
211: }
212:
213: /* Try to limit infinite recursion through misconfiguration. */
214: for (mtag = m_tag_find(m, PACKET_TAG_GRE, NULL); mtag;
215: mtag = m_tag_find(m, PACKET_TAG_GRE, mtag)) {
216: if (!bcmp((caddr_t)(mtag + 1), &ifp, sizeof(struct ifnet *))) {
217: IF_DROP(&ifp->if_snd);
218: m_freem(m);
219: error = EIO;
220: goto end;
221: }
222: }
223:
224: mtag = m_tag_get(PACKET_TAG_GRE, sizeof(struct ifnet *), M_NOWAIT);
225: if (mtag == NULL) {
226: IF_DROP(&ifp->if_snd);
227: m_freem(m);
228: error = ENOBUFS;
229: goto end;
230: }
231: bcopy(&ifp, (caddr_t)(mtag + 1), sizeof(struct ifnet *));
232: m_tag_prepend(m, mtag);
233:
234: m->m_flags &= ~(M_BCAST|M_MCAST);
235:
236: #if NBPFILTER >0
237: if (ifp->if_bpf)
238: bpf_mtap_af(ifp->if_bpf, dst->sa_family, m, BPF_DIRECTION_OUT);
239: #endif
240:
241: if (sc->g_proto == IPPROTO_MOBILE) {
242: if (ip_mobile_allow == 0) {
243: IF_DROP(&ifp->if_snd);
244: m_freem(m);
245: error = EACCES;
246: goto end;
247: }
248:
249: if (dst->sa_family == AF_INET) {
250: struct mbuf *m0;
251: int msiz;
252:
253: /*
254: * Make sure the complete IP header (with options)
255: * is in the first mbuf.
256: */
257: if (m->m_len < sizeof(struct ip)) {
258: m = m_pullup(m, sizeof(struct ip));
259: if (m == NULL) {
260: IF_DROP(&ifp->if_snd);
261: error = ENOBUFS;
262: goto end;
263: } else
264: inp = mtod(m, struct ip *);
265:
266: if (m->m_len < inp->ip_hl << 2) {
267: m = m_pullup(m, inp->ip_hl << 2);
268: if (m == NULL) {
269: IF_DROP(&ifp->if_snd);
270: error = ENOBUFS;
271: goto end;
272: }
273: }
274: }
275:
276: inp = mtod(m, struct ip *);
277:
278: bzero(&mob_h, MOB_H_SIZ_L);
279: mob_h.proto = (inp->ip_p) << 8;
280: mob_h.odst = inp->ip_dst.s_addr;
281: inp->ip_dst.s_addr = sc->g_dst.s_addr;
282:
283: /*
284: * If the packet comes from our host, we only change
285: * the destination address in the IP header.
286: * Otherwise we need to save and change the source.
287: */
288: if (inp->ip_src.s_addr == sc->g_src.s_addr) {
289: msiz = MOB_H_SIZ_S;
290: } else {
291: mob_h.proto |= MOB_H_SBIT;
292: mob_h.osrc = inp->ip_src.s_addr;
293: inp->ip_src.s_addr = sc->g_src.s_addr;
294: msiz = MOB_H_SIZ_L;
295: }
296:
297: HTONS(mob_h.proto);
298: mob_h.hcrc = gre_in_cksum((u_int16_t *) &mob_h, msiz);
299:
300: /* Squeeze in the mobility header */
301: if ((m->m_data - msiz) < m->m_pktdat) {
302: /* Need new mbuf */
303: MGETHDR(m0, M_DONTWAIT, MT_HEADER);
304: if (m0 == NULL) {
305: IF_DROP(&ifp->if_snd);
306: m_freem(m);
307: error = ENOBUFS;
308: goto end;
309: }
310: M_MOVE_HDR(m0, m);
311:
312: m0->m_len = msiz + (inp->ip_hl << 2);
313: m0->m_data += max_linkhdr;
314: m0->m_pkthdr.len = m->m_pkthdr.len + msiz;
315: m->m_data += inp->ip_hl << 2;
316: m->m_len -= inp->ip_hl << 2;
317:
318: bcopy((caddr_t) inp, mtod(m0, caddr_t),
319: sizeof(struct ip));
320:
321: m0->m_next = m;
322: m = m0;
323: } else { /* we have some space left in the old one */
324: m->m_data -= msiz;
325: m->m_len += msiz;
326: m->m_pkthdr.len += msiz;
327: bcopy(inp, mtod(m, caddr_t),
328: inp->ip_hl << 2);
329: }
330:
331: /* Copy Mobility header */
332: inp = mtod(m, struct ip *);
333: bcopy(&mob_h, (caddr_t)(inp + 1), (unsigned) msiz);
334: inp->ip_len = htons(ntohs(inp->ip_len) + msiz);
335: } else { /* AF_INET */
336: IF_DROP(&ifp->if_snd);
337: m_freem(m);
338: error = EINVAL;
339: goto end;
340: }
341: } else if (sc->g_proto == IPPROTO_GRE) {
342: if (gre_allow == 0) {
343: IF_DROP(&ifp->if_snd);
344: m_freem(m);
345: error = EACCES;
346: goto end;
347: }
348:
349: switch(dst->sa_family) {
350: case AF_INET:
351: if (m->m_len < sizeof(struct ip)) {
352: m = m_pullup(m, sizeof(struct ip));
353: if (m == NULL) {
354: IF_DROP(&ifp->if_snd);
355: error = ENOBUFS;
356: goto end;
357: }
358: }
359:
360: inp = mtod(m, struct ip *);
361: ip_tos = inp->ip_tos;
362: etype = ETHERTYPE_IP;
363: break;
364: #ifdef NETATALK
365: case AF_APPLETALK:
366: etype = ETHERTYPE_AT;
367: break;
368: #endif
369: #ifdef INET6
370: case AF_INET6:
371: etype = ETHERTYPE_IPV6;
372: break;
373: #endif
374: default:
375: IF_DROP(&ifp->if_snd);
376: m_freem(m);
377: error = EAFNOSUPPORT;
378: goto end;
379: }
380:
381: M_PREPEND(m, sizeof(struct greip), M_DONTWAIT);
382: } else {
383: IF_DROP(&ifp->if_snd);
384: m_freem(m);
385: error = EINVAL;
386: goto end;
387: }
388:
389: if (m == NULL) {
390: IF_DROP(&ifp->if_snd);
391: error = ENOBUFS;
392: goto end;
393: }
394:
395: gh = mtod(m, struct greip *);
396: if (sc->g_proto == IPPROTO_GRE) {
397: /* We don't support any GRE flags for now */
398:
399: bzero((void *) &gh->gi_g, sizeof(struct gre_h));
400: gh->gi_ptype = htons(etype);
401: }
402:
403: gh->gi_pr = sc->g_proto;
404: if (sc->g_proto != IPPROTO_MOBILE) {
405: gh->gi_src = sc->g_src;
406: gh->gi_dst = sc->g_dst;
407: ((struct ip *) gh)->ip_hl = (sizeof(struct ip)) >> 2;
408: ((struct ip *) gh)->ip_ttl = ip_defttl;
409: ((struct ip *) gh)->ip_tos = ip_tos;
410: gh->gi_len = htons(m->m_pkthdr.len);
411: }
412:
413: ifp->if_opackets++;
414: ifp->if_obytes += m->m_pkthdr.len;
415:
416: /* Send it off */
417: error = ip_output(m, (void *)NULL, &sc->route, 0, (void *)NULL, (void *)NULL);
418: end:
419: if (error)
420: ifp->if_oerrors++;
421: return (error);
422: }
423:
424: int
425: gre_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
426: {
427:
428: struct ifreq *ifr = (struct ifreq *) data;
429: struct if_laddrreq *lifr = (struct if_laddrreq *)data;
430: struct gre_softc *sc = ifp->if_softc;
431: int s;
432: struct sockaddr_in si;
433: struct sockaddr *sa = NULL;
434: int error = 0;
435: struct proc *prc = curproc; /* XXX */
436:
437: s = splnet();
438: switch(cmd) {
439: case SIOCSIFADDR:
440: ifp->if_flags |= IFF_UP;
441: break;
442: case SIOCSIFDSTADDR:
443: break;
444: case SIOCSIFFLAGS:
445: if ((ifr->ifr_flags & IFF_LINK0) != 0)
446: sc->g_proto = IPPROTO_GRE;
447: else
448: sc->g_proto = IPPROTO_MOBILE;
449: break;
450: case SIOCSIFMTU:
451: if (ifr->ifr_mtu < 576) {
452: error = EINVAL;
453: break;
454: }
455: ifp->if_mtu = ifr->ifr_mtu;
456: break;
457: case SIOCGIFMTU:
458: ifr->ifr_mtu = sc->sc_if.if_mtu;
459: break;
460: case SIOCADDMULTI:
461: case SIOCDELMULTI:
462: if (ifr == 0) {
463: error = EAFNOSUPPORT;
464: break;
465: }
466: switch (ifr->ifr_addr.sa_family) {
467: #ifdef INET
468: case AF_INET:
469: break;
470: #endif
471: #ifdef INET6
472: case AF_INET6:
473: break;
474: #endif
475: default:
476: error = EAFNOSUPPORT;
477: break;
478: }
479: break;
480: case GRESPROTO:
481: /* Check for superuser */
482: if ((error = suser(prc, 0)) != 0)
483: break;
484:
485: sc->g_proto = ifr->ifr_flags;
486: switch (sc->g_proto) {
487: case IPPROTO_GRE:
488: ifp->if_flags |= IFF_LINK0;
489: break;
490: case IPPROTO_MOBILE:
491: ifp->if_flags &= ~IFF_LINK0;
492: break;
493: default:
494: error = EPROTONOSUPPORT;
495: break;
496: }
497: break;
498: case GREGPROTO:
499: ifr->ifr_flags = sc->g_proto;
500: break;
501: case GRESADDRS:
502: case GRESADDRD:
503: /* Check for superuser */
504: if ((error = suser(prc, 0)) != 0)
505: break;
506:
507: /*
508: * set tunnel endpoints, compute a less specific route
509: * to the remote end and mark if as up
510: */
511: sa = &ifr->ifr_addr;
512: if (cmd == GRESADDRS )
513: sc->g_src = (satosin(sa))->sin_addr;
514: if (cmd == GRESADDRD )
515: sc->g_dst = (satosin(sa))->sin_addr;
516: recompute:
517: if ((sc->g_src.s_addr != INADDR_ANY) &&
518: (sc->g_dst.s_addr != INADDR_ANY)) {
519: if (sc->route.ro_rt != 0) {
520: /* free old route */
521: RTFREE(sc->route.ro_rt);
522: sc->route.ro_rt = (struct rtentry *) 0;
523: }
524: gre_compute_route(sc);
525: ifp->if_flags |= IFF_UP;
526: }
527: break;
528: case GREGADDRS:
529: bzero(&si, sizeof(si));
530: si.sin_family = AF_INET;
531: si.sin_len = sizeof(struct sockaddr_in);
532: si.sin_addr.s_addr = sc->g_src.s_addr;
533: sa = sintosa(&si);
534: ifr->ifr_addr = *sa;
535: break;
536: case GREGADDRD:
537: bzero(&si, sizeof(si));
538: si.sin_family = AF_INET;
539: si.sin_len = sizeof(struct sockaddr_in);
540: si.sin_addr.s_addr = sc->g_dst.s_addr;
541: sa = sintosa(&si);
542: ifr->ifr_addr = *sa;
543: break;
544: case SIOCSLIFPHYADDR:
545: if ((error = suser(prc, 0)) != 0)
546: break;
547: if (lifr->addr.ss_family != AF_INET ||
548: lifr->dstaddr.ss_family != AF_INET) {
549: error = EAFNOSUPPORT;
550: break;
551: }
552: if (lifr->addr.ss_len != sizeof(si) ||
553: lifr->dstaddr.ss_len != sizeof(si)) {
554: error = EINVAL;
555: break;
556: }
557: sc->g_src = (satosin((struct sockadrr *)&lifr->addr))->sin_addr;
558: sc->g_dst =
559: (satosin((struct sockadrr *)&lifr->dstaddr))->sin_addr;
560: goto recompute;
561: case SIOCDIFPHYADDR:
562: if ((error = suser(prc, 0)) != 0)
563: break;
564: sc->g_src.s_addr = INADDR_ANY;
565: sc->g_dst.s_addr = INADDR_ANY;
566: break;
567: case SIOCGLIFPHYADDR:
568: if (sc->g_src.s_addr == INADDR_ANY ||
569: sc->g_dst.s_addr == INADDR_ANY) {
570: error = EADDRNOTAVAIL;
571: break;
572: }
573: bzero(&si, sizeof(si));
574: si.sin_family = AF_INET;
575: si.sin_len = sizeof(struct sockaddr_in);
576: si.sin_addr.s_addr = sc->g_src.s_addr;
577: memcpy(&lifr->addr, &si, sizeof(si));
578: si.sin_addr.s_addr = sc->g_dst.s_addr;
579: memcpy(&lifr->dstaddr, &si, sizeof(si));
580: break;
581: default:
582: error = EINVAL;
583: }
584:
585: splx(s);
586: return (error);
587: }
588:
589: /*
590: * computes a route to our destination that is not the one
591: * which would be taken by ip_output(), as this one will loop back to
592: * us. If the interface is p2p as a--->b, then a routing entry exists
593: * If we now send a packet to b (e.g. ping b), this will come down here
594: * gets src=a, dst=b tacked on and would from ip_output() sent back to
595: * if_gre.
596: * Goal here is to compute a route to b that is less specific than
597: * a-->b. We know that this one exists as in normal operation we have
598: * at least a default route which matches.
599: */
600:
601: static void
602: gre_compute_route(struct gre_softc *sc)
603: {
604: struct route *ro;
605: u_int32_t a, b, c;
606:
607: ro = &sc->route;
608:
609: bzero(ro, sizeof(struct route));
610: ((struct sockaddr_in *) &ro->ro_dst)->sin_addr = sc->g_dst;
611: ro->ro_dst.sa_family = AF_INET;
612: ro->ro_dst.sa_len = sizeof(ro->ro_dst);
613:
614: /*
615: * toggle last bit, so our interface is not found, but a less
616: * specific route. I'd rather like to specify a shorter mask,
617: * but this is not possible. Should work though. XXX
618: * there is a simpler way ...
619: */
620: if ((sc->sc_if.if_flags & IFF_LINK1) == 0) {
621: a = ntohl(sc->g_dst.s_addr);
622: b = a & 0x01;
623: c = a & 0xfffffffe;
624: b = b ^ 0x01;
625: a = b | c;
626: ((struct sockaddr_in *) &ro->ro_dst)->sin_addr.s_addr = htonl(a);
627: }
628:
629: rtalloc(ro);
630: if (ro->ro_rt == 0)
631: return;
632:
633: /*
634: * Check whether we just created a loop. An even more paranoid
635: * check would be against all GRE interfaces, but that would
636: * not allow people to link GRE tunnels.
637: */
638: if (ro->ro_rt->rt_ifp == &sc->sc_if) {
639: RTFREE(ro->ro_rt);
640: ro->ro_rt = (struct rtentry *) 0;
641: return;
642: }
643:
644: /*
645: * now change it back - else ip_output will just drop
646: * the route and search one to this interface ...
647: */
648: if ((sc->sc_if.if_flags & IFF_LINK1) == 0)
649: ((struct sockaddr_in *) &ro->ro_dst)->sin_addr = sc->g_dst;
650: }
651:
652: /*
653: * do a checksum of a buffer - much like in_cksum, which operates on
654: * mbufs.
655: */
656: u_int16_t
657: gre_in_cksum(u_int16_t *p, u_int len)
658: {
659: u_int32_t sum = 0;
660: int nwords = len >> 1;
661:
662: while (nwords-- != 0)
663: sum += *p++;
664:
665: if (len & 1) {
666: union {
667: u_short w;
668: u_char c[2];
669: } u;
670: u.c[0] = *(u_char *) p;
671: u.c[1] = 0;
672: sum += u.w;
673: }
674:
675: /* end-around-carry */
676: sum = (sum >> 16) + (sum & 0xffff);
677: sum += (sum >> 16);
678: return (~sum);
679: }
680: #endif