From: Gabor Juhos Date: Sun, 5 Oct 2008 09:21:12 +0000 (+0000) Subject: 2.6.27: revert case insensitive match support in xt_string while we are using iptable... X-Git-Tag: reboot~25451 X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=eed889b77b94c7d0a22a5d2e3fc3f2956386f5b9;p=openwrt%2Fstaging%2Flynxis.git 2.6.27: revert case insensitive match support in xt_string while we are using iptables-1.4.0 SVN-Revision: 12862 --- diff --git a/target/linux/generic-2.6/patches-2.6.27/952-revert_xt_string_case_insensitive_match.patch b/target/linux/generic-2.6/patches-2.6.27/952-revert_xt_string_case_insensitive_match.patch new file mode 100644 index 0000000000..4902db1585 --- /dev/null +++ b/target/linux/generic-2.6/patches-2.6.27/952-revert_xt_string_case_insensitive_match.patch @@ -0,0 +1,112 @@ +--- a/include/linux/netfilter/xt_string.h ++++ b/include/linux/netfilter/xt_string.h +@@ -4,11 +4,6 @@ + #define XT_STRING_MAX_PATTERN_SIZE 128 + #define XT_STRING_MAX_ALGO_NAME_SIZE 16 + +-enum { +- XT_STRING_FLAG_INVERT = 0x01, +- XT_STRING_FLAG_IGNORECASE = 0x02 +-}; +- + struct xt_string_info + { + u_int16_t from_offset; +@@ -16,15 +11,7 @@ + char algo[XT_STRING_MAX_ALGO_NAME_SIZE]; + char pattern[XT_STRING_MAX_PATTERN_SIZE]; + u_int8_t patlen; +- union { +- struct { +- u_int8_t invert; +- } v0; +- +- struct { +- u_int8_t flags; +- } v1; +- } u; ++ u_int8_t invert; + + /* Used internally by the kernel */ + struct ts_config __attribute__((aligned(8))) *config; +--- a/net/netfilter/xt_string.c ++++ b/net/netfilter/xt_string.c +@@ -29,16 +29,12 @@ + { + const struct xt_string_info *conf = matchinfo; + struct ts_state state; +- int invert; + + memset(&state, 0, sizeof(struct ts_state)); + +- invert = (match->revision == 0 ? conf->u.v0.invert : +- conf->u.v1.flags & XT_STRING_FLAG_INVERT); +- + return (skb_find_text((struct sk_buff *)skb, conf->from_offset, + conf->to_offset, conf->config, &state) +- != UINT_MAX) ^ invert; ++ != UINT_MAX) ^ conf->invert; + } + + #define STRING_TEXT_PRIV(m) ((struct xt_string_info *)(m)) +@@ -50,7 +46,6 @@ + { + struct xt_string_info *conf = matchinfo; + struct ts_config *ts_conf; +- int flags = TS_AUTOLOAD; + + /* Damn, can't handle this case properly with iptables... */ + if (conf->from_offset > conf->to_offset) +@@ -59,15 +54,8 @@ + return false; + if (conf->patlen > XT_STRING_MAX_PATTERN_SIZE) + return false; +- if (match->revision == 1) { +- if (conf->u.v1.flags & +- ~(XT_STRING_FLAG_IGNORECASE | XT_STRING_FLAG_INVERT)) +- return false; +- if (conf->u.v1.flags & XT_STRING_FLAG_IGNORECASE) +- flags |= TS_IGNORECASE; +- } + ts_conf = textsearch_prepare(conf->algo, conf->pattern, conf->patlen, +- GFP_KERNEL, flags); ++ GFP_KERNEL, TS_AUTOLOAD); + if (IS_ERR(ts_conf)) + return false; + +@@ -84,17 +72,6 @@ + static struct xt_match string_mt_reg[] __read_mostly = { + { + .name = "string", +- .revision = 0, +- .family = AF_INET, +- .checkentry = string_mt_check, +- .match = string_mt, +- .destroy = string_mt_destroy, +- .matchsize = sizeof(struct xt_string_info), +- .me = THIS_MODULE +- }, +- { +- .name = "string", +- .revision = 1, + .family = AF_INET, + .checkentry = string_mt_check, + .match = string_mt, +@@ -104,17 +81,6 @@ + }, + { + .name = "string", +- .revision = 0, +- .family = AF_INET6, +- .checkentry = string_mt_check, +- .match = string_mt, +- .destroy = string_mt_destroy, +- .matchsize = sizeof(struct xt_string_info), +- .me = THIS_MODULE +- }, +- { +- .name = "string", +- .revision = 1, + .family = AF_INET6, + .checkentry = string_mt_check, + .match = string_mt,