Improve compliance for <arpa/inet.h> and <netinet/in.h> to define/declare

all the symbols that POSIX says they must and fewer that they can't and,
most importantly, to not require a specific ordering of headers.

ports testing by naddy@
ok millert@ deraadt@

3 files changed, 38 insertions, 49 deletions

diff --git a/include/arpa/inet.h b/include/arpa/inet.h
index 77ac649f32b..abbd403242f 100644
--- a/include/arpa/inet.h
+++ b/include/arpa/inet.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: inet.h,v 1.11 2008/12/09 19:38:38 otto Exp $	*/
+/*	$OpenBSD: inet.h,v 1.12 2012/06/26 06:39:27 guenther Exp $	*/
 
 /*
  * ++Copyright++ 1983, 1993
@@ -61,16 +61,19 @@
 
 /* External definitions for functions in inet(3) */
 
-#include <sys/param.h>
-#if (!defined(BSD)) || (BSD < 199306)
-# include <sys/bitypes.h>
-#else
-# include <sys/types.h>
-#endif
 #include <sys/cdefs.h>
+#include <sys/types.h>
+#include <netinet/in.h>
+#include <machine/endian.h>
 
 __BEGIN_DECLS
 in_addr_t	 inet_addr(const char *);
+char		*inet_ntoa(struct in_addr);
+const char	*inet_ntop(int, const void *__restrict, char *__restrict,
+		    socklen_t) __attribute__ ((__bounded__(__string__,3,4)));
+int		 inet_pton(int, const char *__restrict, void *__restrict);
+
+#if __BSD_VISIBLE
 int		 inet_aton(const char *, struct in_addr *);
 in_addr_t	 inet_lnaof(struct in_addr);
 struct in_addr	 inet_makeaddr(in_addr_t , in_addr_t);
@@ -82,12 +85,9 @@ char		*inet_net_ntop(int, const void *, int, char *, size_t)
 			__attribute__((__bounded__(__string__,4,5)));
 int		 inet_net_pton(int, const char *, void *, size_t)
 			__attribute__((__bounded__(__string__,3,4)));
-char		*inet_ntoa(struct in_addr);
-int		 inet_pton(int, const char *, void *);
-const char	*inet_ntop(int, const void *, char *, socklen_t)
-			__attribute__ ((__bounded__(__string__,3,4)));
 unsigned int	 inet_nsap_addr(const char *, unsigned char *, int);
 char		*inet_nsap_ntoa(int, const unsigned char *, char *);
+#endif /* __BSD_VISIBLE */
 __END_DECLS
 
 #endif /* !_INET_H_ */
diff --git a/sys/netinet/in.h b/sys/netinet/in.h
index adfd4b31f6f..11ef0ff92f6 100644
--- a/sys/netinet/in.h
+++ b/sys/netinet/in.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: in.h,v 1.90 2011/07/06 01:57:37 dlg Exp $	*/
+/*	$OpenBSD: in.h,v 1.91 2012/06/26 06:39:27 guenther Exp $	*/
 /*	$NetBSD: in.h,v 1.20 1996/02/13 23:41:47 christos Exp $	*/
 
 /*
@@ -40,6 +40,13 @@
 #ifndef _NETINET_IN_H_
 #define	_NETINET_IN_H_
 
+#include <sys/cdefs.h>
+
+#ifndef _KERNEL
+#include <sys/types.h>
+#include <machine/endian.h>
+#endif
+
 /*
  * Protocols
  */
@@ -291,6 +298,8 @@ struct ip_opts {
 
 #define IP_RTABLE		0x1021	/* int; routing table, see SO_RTABLE */
 
+
+#if __BSD_VISIBLE
 /*
  * Security levels - IPsec, not IPSO
  */
@@ -308,6 +317,8 @@ struct ip_opts {
 #define IPSEC_ESP_NETWORK_LEVEL_DEFAULT IPSEC_LEVEL_DEFAULT
 #define IPSEC_IPCOMP_LEVEL_DEFAULT IPSEC_LEVEL_DEFAULT
 
+#endif /* __BSD_VISIBLE */
+
 /*
  * Defaults and limits for options
  */
@@ -342,6 +353,8 @@ struct ip_mreq {
  */
 #define INET_ADDRSTRLEN		16
 
+
+#if __BSD_VISIBLE
 /*
  * Definitions for inet sysctl operations.
  *
@@ -736,6 +749,8 @@ struct ip_mreq {
 	&la_hold_total \
 }
 
+#endif /* __BSD_VISIBLE */
+
 /* INET6 stuff */
 #define __KAME_NETINET_IN_H_INCLUDED_
 #include <netinet6/in6.h>
@@ -743,13 +758,13 @@ struct ip_mreq {
 
 #ifndef _KERNEL
 
-#include <sys/cdefs.h>
-
+#if __BSD_VISIBLE
 __BEGIN_DECLS
 int	   bindresvport(int, struct sockaddr_in *);
 struct sockaddr;
 int	   bindresvport_sa(int, struct sockaddr *);
 __END_DECLS
+#endif
 
 #else
 /*
diff --git a/sys/netinet6/in6.h b/sys/netinet6/in6.h
index 80cca1a9232..72fd35c3139 100644
--- a/sys/netinet6/in6.h
+++ b/sys/netinet6/in6.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: in6.h,v 1.55 2011/11/24 17:39:55 sperreault Exp $	*/
+/*	$OpenBSD: in6.h,v 1.56 2012/06/26 06:39:27 guenther Exp $	*/
 /*	$KAME: in6.h,v 1.83 2001/03/29 02:55:07 jinmei Exp $	*/
 
 /*
@@ -77,40 +77,6 @@
 #define __KAME_VERSION		"OpenBSD-current"
 
 /*
- * Local port number conventions:
- *
- * Ports < IPPORT_RESERVED are reserved for privileged processes (e.g. root),
- * unless a kernel is compiled with IPNOPRIVPORTS defined.
- *
- * When a user does a bind(2) or connect(2) with a port number of zero,
- * a non-conflicting local port address is chosen.
- *
- * The default range is IPPORT_ANONMIN to IPPORT_ANONMAX, although
- * that is settable by sysctl(3); net.inet.ip.anonportmin and
- * net.inet.ip.anonportmax respectively.
- *
- * A user may set the IPPROTO_IP option IP_PORTRANGE to change this
- * default assignment range.
- *
- * The value IP_PORTRANGE_DEFAULT causes the default behavior.
- *
- * The value IP_PORTRANGE_HIGH is the same as IP_PORTRANGE_DEFAULT,
- * and exists only for FreeBSD compatibility purposes.
- *
- * The value IP_PORTRANGE_LOW changes the range to the "low" are
- * that is (by convention) restricted to privileged processes.
- * This convention is based on "vouchsafe" principles only.
- * It is only secure if you trust the remote host to restrict these ports.
- * The range is IPPORT_RESERVEDMIN to IPPORT_RESERVEDMAX.
- */
-
-#define	IPV6PORT_RESERVED	1024
-#define	IPV6PORT_ANONMIN	49152
-#define	IPV6PORT_ANONMAX	65535
-#define	IPV6PORT_RESERVEDMIN	600
-#define	IPV6PORT_RESERVEDMAX	(IPV6PORT_RESERVED-1)
-
-/*
  * IPv6 address
  */
 struct in6_addr {
@@ -414,7 +380,9 @@ struct route_in6 {
 #define IPV6_JOIN_GROUP		12 /* ip6_mreq; join a group membership */
 #define IPV6_LEAVE_GROUP	13 /* ip6_mreq; leave a group membership */
 #define IPV6_PORTRANGE		14 /* int; range to choose for unspec port */
+#if __BSD_VISIBLE
 #define ICMP6_FILTER		18 /* icmp6_filter; icmp6 filter */
+#endif
 
 /* RFC2292 options */
 #ifdef _KERNEL
@@ -469,7 +437,9 @@ struct route_in6 {
 #define IPV6_AUTH_LEVEL		53   /* int; authentication used */
 #define IPV6_ESP_TRANS_LEVEL	54   /* int; transport encryption */
 #define IPV6_ESP_NETWORK_LEVEL	55   /* int; full-packet encryption */
+#if __BSD_VISIBLE
 #define IPSEC6_OUTSA		56   /* set the outbound SA for a socket */
+#endif
 #define IPV6_RECVTCLASS		57   /* bool; recv traffic class values */
 /* 58: reserved */
 #define IPV6_AUTOFLOWLABEL	59   /* bool; attach flowlabel automagically */
@@ -511,6 +481,8 @@ struct in6_pktinfo {
 
 /*
  * Control structure for IPV6_RECVPATHMTU socket option.
+ * XXX Not allowed here by POSIX, but required by RFC 3542, so go
+ * XXX with the code on the pavement.
  */
 struct ip6_mtuinfo {
 	struct sockaddr_in6 ip6m_addr;	/* or sockaddr_storage? */
@@ -794,6 +766,7 @@ int	in6_mask2len(struct in6_addr *, u_char *);
 #define	ifatoia6(ifa)	((struct in6_ifaddr *)(ifa))
 #endif /* _KERNEL */
 
+#if __BSD_VISIBLE
 __BEGIN_DECLS
 struct cmsghdr;
 
@@ -836,5 +809,6 @@ extern int inet6_rth_reverse(const void *, void *);
 extern int inet6_rth_segments(const void *);
 extern struct in6_addr *inet6_rth_getaddr(const void *, int);
 __END_DECLS
+#endif /* __BSD_VISIBLE */
 
 #endif /* !_NETINET6_IN6_H_ */