constify and unshadow.

sys/netipsec/ipsec.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: ipsec.c,v 1.16 2005/05/08 18:44:40 christos Exp $	*/
+/*	$NetBSD: ipsec.c,v 1.17 2005/06/10 13:22:42 christos Exp $	*/
 /*	$FreeBSD: /usr/local/www/cvsroot/FreeBSD/src/sys/netipsec/ipsec.c,v 1.2.2.2 2003/07/01 01:38:13 sam Exp $	*/
 /*	$KAME: ipsec.c,v 1.103 2001/05/24 07:14:18 sakane Exp $	*/
 
@@ -32,7 +32,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.16 2005/05/08 18:44:40 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.17 2005/06/10 13:22:42 christos Exp $");
 
 /*
  * IPsec controller part.
@@ -2078,7 +2078,7 @@ inet_ntoa4(struct in_addr ina)
 }
 
 /* Return a printable string for the address. */
-char *
+const char *
 ipsec_address(union sockaddr_union* sa)
 {
 	switch (sa->sa.sa_family) {

sys/netipsec/ipsec.h

@@ -1,4 +1,4 @@
-/*	$NetBSD: ipsec.h,v 1.10 2004/05/07 00:55:14 jonathan Exp $	*/
+/*	$NetBSD: ipsec.h,v 1.11 2005/06/10 13:22:42 christos Exp $	*/
 /*	$FreeBSD: /usr/local/www/cvsroot/FreeBSD/src/sys/netipsec/ipsec.h,v 1.2.4.2 2004/02/14 22:23:23 bms Exp $	*/
 /*	$KAME: ipsec.h,v 1.53 2001/11/20 08:32:38 itojun Exp $	*/
 
@@ -302,7 +302,7 @@ extern size_t ipsec4_hdrsiz_tcp __P((struct tcpcb *));
 #endif
 
 union sockaddr_union;
-extern char * ipsec_address(union sockaddr_union* sa);
+extern const char *ipsec_address(union sockaddr_union* sa);
 extern const char *ipsec_logsastr __P((struct secasvar *));
 
 extern void ipsec_dumpmbuf __P((struct mbuf *));

sys/netipsec/key.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: key.c,v 1.24 2005/05/08 18:44:40 christos Exp $	*/
+/*	$NetBSD: key.c,v 1.25 2005/06/10 13:22:42 christos Exp $	*/
 /*	$FreeBSD: src/sys/netipsec/key.c,v 1.3.2.3 2004/02/14 22:23:23 bms Exp $	*/
 /*	$KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $	*/
 
@@ -32,7 +32,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.24 2005/05/08 18:44:40 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.25 2005/06/10 13:22:42 christos Exp $");
 
 /*
  * This code is referd to RFC 2367
@@ -4802,37 +4802,37 @@ key_do_getnewspi(spirange, saidx)
 	struct secasindex *saidx;
 {
 	u_int32_t newspi;
-	u_int32_t min, max;
+	u_int32_t spmin, spmax;
 	int count = key_spi_trycnt;
 
 	/* set spi range to allocate */
 	if (spirange != NULL) {
-		min = spirange->sadb_spirange_min;
+		spmin = spirange->sadb_spirange_min;
-		max = spirange->sadb_spirange_max;
+		spmax = spirange->sadb_spirange_max;
 	} else {
-		min = key_spi_minval;
+		spmin = key_spi_minval;
-		max = key_spi_maxval;
+		spmax = key_spi_maxval;
 	}
 	/* IPCOMP needs 2-byte SPI */
 	if (saidx->proto == IPPROTO_IPCOMP) {
 		u_int32_t t;
-		if (min >= 0x10000)
+		if (spmin >= 0x10000)
-			min = 0xffff;
+			spmin = 0xffff;
-		if (max >= 0x10000)
+		if (spmax >= 0x10000)
-			max = 0xffff;
+			spmax = 0xffff;
-		if (min > max) {
+		if (spmin > spmax) {
-			t = min; min = max; max = t;
+			t = spmin; spmin = spmax; spmax = t;
 		}
 	}
 
-	if (min == max) {
+	if (spmin == spmax) {
-		if (key_checkspidup(saidx, min) != NULL) {
+		if (key_checkspidup(saidx, spmin) != NULL) {
-			ipseclog((LOG_DEBUG, "key_do_getnewspi: SPI %u exists already.\n", min));
+			ipseclog((LOG_DEBUG, "key_do_getnewspi: SPI %u exists already.\n", spmin));
 			return 0;
 		}
 
 		count--; /* taking one cost. */
-		newspi = min;
+		newspi = spmin;
 
 	} else {
 
@@ -4842,7 +4842,7 @@ key_do_getnewspi(spirange, saidx)
 		/* when requesting to allocate spi ranged */
 		while (count--) {
 			/* generate pseudo-random SPI value ranged. */
-			newspi = min + (key_random() % (max - min + 1));
+			newspi = spmin + (key_random() % (spmax - spmin + 1));
 
 			if (key_checkspidup(saidx, newspi) == NULL)
 				break;
@@ -5671,19 +5671,19 @@ static void
 key_getsizes_ah(
 	const struct auth_hash *ah,
 	int alg,
-	u_int16_t* min,
+	u_int16_t* ksmin,
-	u_int16_t* max)
+	u_int16_t* ksmax)
 {
-	*min = *max = ah->keysize;
+	*ksmin = *ksmax = ah->keysize;
 	if (ah->keysize == 0) {
 		/*
 		 * Transform takes arbitrary key size but algorithm
 		 * key size is restricted.  Enforce this here.
 		 */
 		switch (alg) {
-		case SADB_X_AALG_MD5:	*min = *max = 16; break;
+		case SADB_X_AALG_MD5:	*ksmin = *ksmax = 16; break;
-		case SADB_X_AALG_SHA:	*min = *max = 20; break;
+		case SADB_X_AALG_SHA:	*ksmin = *ksmax = 20; break;
-		case SADB_X_AALG_NULL:	*min = 1; *max = 256; break;
+		case SADB_X_AALG_NULL:	*ksmin = 1; *ksmax = 256; break;
 		default:
 			DPRINTF(("key_getsizes_ah: unknown AH algorithm %u\n",
 				alg));

sys/netipsec/xform.h

@@ -1,4 +1,4 @@
-/*	$NetBSD: xform.h,v 1.1 2003/08/13 20:06:51 jonathan Exp $	*/
+/*	$NetBSD: xform.h,v 1.2 2005/06/10 13:22:42 christos Exp $	*/
 /*	$FreeBSD: src/sys/netipsec/xform.h,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $	*/
 /*	$OpenBSD: ip_ipsp.h,v 1.119 2002/03/14 01:27:11 millert Exp $	*/
 /*
@@ -88,7 +88,7 @@ struct xformsw {
 #define	XFT_AUTH	0x0001
 #define	XFT_CONF	0x0100
 #define	XFT_COMP	0x1000
-	char	*xf_name;			/* human-readable name */
+	const char	*xf_name;		/* human-readable name */
 	int	(*xf_init)(struct secasvar*, struct xformsw*);	/* setup */
 	int	(*xf_zeroize)(struct secasvar*);		/* cleanup */
 	int	(*xf_input)(struct mbuf*, struct secasvar*,	/* input */