key.c (108533) | key.c (109623) |
---|---|
1/* $FreeBSD: head/sys/netipsec/key.c 108533 2003-01-01 18:49:04Z schweikh $ */ | 1/* $FreeBSD: head/sys/netipsec/key.c 109623 2003-01-21 08:56:16Z alfred $ */ |
2/* $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $ */ 3 4/* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions --- 1612 unchanged lines hidden (view full) --- 1622 continue; 1623 1624 if (idx == SADB_EXT_RESERVED) { 1625 len = PFKEY_ALIGN8(sizeof(struct sadb_msg)); 1626#ifdef DIAGNOSTIC 1627 if (len > MHLEN) 1628 panic("assumption failed"); 1629#endif | 2/* $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $ */ 3 4/* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions --- 1612 unchanged lines hidden (view full) --- 1622 continue; 1623 1624 if (idx == SADB_EXT_RESERVED) { 1625 len = PFKEY_ALIGN8(sizeof(struct sadb_msg)); 1626#ifdef DIAGNOSTIC 1627 if (len > MHLEN) 1628 panic("assumption failed"); 1629#endif |
1630 MGETHDR(n, M_DONTWAIT, MT_DATA); | 1630 MGETHDR(n, M_NOWAIT, MT_DATA); |
1631 if (!n) 1632 goto fail; 1633 n->m_len = len; 1634 n->m_next = NULL; 1635 m_copydata(m, 0, sizeof(struct sadb_msg), 1636 mtod(n, caddr_t)); 1637 } else if (i < ndeep) { 1638 len = mhp->extlen[idx]; 1639 n = key_alloc_mbuf(len); 1640 if (!n || n->m_next) { /*XXX*/ 1641 if (n) 1642 m_freem(n); 1643 goto fail; 1644 } 1645 m_copydata(m, mhp->extoff[idx], mhp->extlen[idx], 1646 mtod(n, caddr_t)); 1647 } else { 1648 n = m_copym(m, mhp->extoff[idx], mhp->extlen[idx], | 1631 if (!n) 1632 goto fail; 1633 n->m_len = len; 1634 n->m_next = NULL; 1635 m_copydata(m, 0, sizeof(struct sadb_msg), 1636 mtod(n, caddr_t)); 1637 } else if (i < ndeep) { 1638 len = mhp->extlen[idx]; 1639 n = key_alloc_mbuf(len); 1640 if (!n || n->m_next) { /*XXX*/ 1641 if (n) 1642 m_freem(n); 1643 goto fail; 1644 } 1645 m_copydata(m, mhp->extoff[idx], mhp->extlen[idx], 1646 mtod(n, caddr_t)); 1647 } else { 1648 n = m_copym(m, mhp->extoff[idx], mhp->extlen[idx], |
1649 M_DONTWAIT); | 1649 M_NOWAIT); |
1650 } 1651 if (n == NULL) 1652 goto fail; 1653 1654 if (result) 1655 m_cat(result, n); 1656 else 1657 result = n; --- 416 unchanged lines hidden (view full) --- 2074 struct sadb_msg *newmsg; 2075 int off, len; 2076 2077 /* create new sadb_msg to reply. */ 2078 len = PFKEY_ALIGN8(sizeof(struct sadb_msg)); 2079 2080 if (len > MCLBYTES) 2081 return key_senderror(so, m, ENOBUFS); | 1650 } 1651 if (n == NULL) 1652 goto fail; 1653 1654 if (result) 1655 m_cat(result, n); 1656 else 1657 result = n; --- 416 unchanged lines hidden (view full) --- 2074 struct sadb_msg *newmsg; 2075 int off, len; 2076 2077 /* create new sadb_msg to reply. */ 2078 len = PFKEY_ALIGN8(sizeof(struct sadb_msg)); 2079 2080 if (len > MCLBYTES) 2081 return key_senderror(so, m, ENOBUFS); |
2082 MGETHDR(n, M_DONTWAIT, MT_DATA); | 2082 MGETHDR(n, M_NOWAIT, MT_DATA); |
2083 if (n && len > MHLEN) { | 2083 if (n && len > MHLEN) { |
2084 MCLGET(n, M_DONTWAIT); | 2084 MCLGET(n, M_NOWAIT); |
2085 if ((n->m_flags & M_EXT) == 0) { 2086 m_freem(n); 2087 n = NULL; 2088 } 2089 } 2090 if (!n) 2091 return key_senderror(so, m, ENOBUFS); 2092 --- 5 unchanged lines hidden (view full) --- 2098 off += PFKEY_ALIGN8(sizeof(struct sadb_msg)); 2099 2100#ifdef DIAGNOSTIC 2101 if (off != len) 2102 panic("length inconsistency in key_spddelete2"); 2103#endif 2104 2105 n->m_next = m_copym(m, mhp->extoff[SADB_X_EXT_POLICY], | 2085 if ((n->m_flags & M_EXT) == 0) { 2086 m_freem(n); 2087 n = NULL; 2088 } 2089 } 2090 if (!n) 2091 return key_senderror(so, m, ENOBUFS); 2092 --- 5 unchanged lines hidden (view full) --- 2098 off += PFKEY_ALIGN8(sizeof(struct sadb_msg)); 2099 2100#ifdef DIAGNOSTIC 2101 if (off != len) 2102 panic("length inconsistency in key_spddelete2"); 2103#endif 2104 2105 n->m_next = m_copym(m, mhp->extoff[SADB_X_EXT_POLICY], |
2106 mhp->extlen[SADB_X_EXT_POLICY], M_DONTWAIT); | 2106 mhp->extlen[SADB_X_EXT_POLICY], M_NOWAIT); |
2107 if (!n->m_next) { 2108 m_freem(n); 2109 return key_senderror(so, m, ENOBUFS); 2110 } 2111 2112 n->m_pkthdr.len = 0; 2113 for (nn = n; nn; nn = nn->m_next) 2114 n->m_pkthdr.len += nn->m_len; --- 1209 unchanged lines hidden (view full) --- 3324 case SADB_EXT_SENSITIVITY: 3325 default: 3326 continue; 3327 } 3328 3329 if ((!m && !p) || (m && p)) 3330 goto fail; 3331 if (p && tres) { | 2107 if (!n->m_next) { 2108 m_freem(n); 2109 return key_senderror(so, m, ENOBUFS); 2110 } 2111 2112 n->m_pkthdr.len = 0; 2113 for (nn = n; nn; nn = nn->m_next) 2114 n->m_pkthdr.len += nn->m_len; --- 1209 unchanged lines hidden (view full) --- 3324 case SADB_EXT_SENSITIVITY: 3325 default: 3326 continue; 3327 } 3328 3329 if ((!m && !p) || (m && p)) 3330 goto fail; 3331 if (p && tres) { |
3332 M_PREPEND(tres, l, M_DONTWAIT); | 3332 M_PREPEND(tres, l, M_NOWAIT); |
3333 if (!tres) 3334 goto fail; 3335 bcopy(p, mtod(tres, caddr_t), l); 3336 continue; 3337 } 3338 if (p) { 3339 m = key_alloc_mbuf(l); 3340 if (!m) --- 42 unchanged lines hidden (view full) --- 3383{ 3384 struct mbuf *m; 3385 struct sadb_msg *p; 3386 int len; 3387 3388 len = PFKEY_ALIGN8(sizeof(struct sadb_msg)); 3389 if (len > MCLBYTES) 3390 return NULL; | 3333 if (!tres) 3334 goto fail; 3335 bcopy(p, mtod(tres, caddr_t), l); 3336 continue; 3337 } 3338 if (p) { 3339 m = key_alloc_mbuf(l); 3340 if (!m) --- 42 unchanged lines hidden (view full) --- 3383{ 3384 struct mbuf *m; 3385 struct sadb_msg *p; 3386 int len; 3387 3388 len = PFKEY_ALIGN8(sizeof(struct sadb_msg)); 3389 if (len > MCLBYTES) 3390 return NULL; |
3391 MGETHDR(m, M_DONTWAIT, MT_DATA); | 3391 MGETHDR(m, M_NOWAIT, MT_DATA); |
3392 if (m && len > MHLEN) { | 3392 if (m && len > MHLEN) { |
3393 MCLGET(m, M_DONTWAIT); | 3393 MCLGET(m, M_NOWAIT); |
3394 if ((m->m_flags & M_EXT) == 0) { 3395 m_freem(m); 3396 m = NULL; 3397 } 3398 } 3399 if (!m) 3400 return NULL; 3401 m->m_pkthdr.len = m->m_len = len; --- 1092 unchanged lines hidden (view full) --- 4494 int off, len; 4495 4496 /* create new sadb_msg to reply. */ 4497 len = PFKEY_ALIGN8(sizeof(struct sadb_msg)) + 4498 PFKEY_ALIGN8(sizeof(struct sadb_sa)); 4499 if (len > MCLBYTES) 4500 return key_senderror(so, m, ENOBUFS); 4501 | 3394 if ((m->m_flags & M_EXT) == 0) { 3395 m_freem(m); 3396 m = NULL; 3397 } 3398 } 3399 if (!m) 3400 return NULL; 3401 m->m_pkthdr.len = m->m_len = len; --- 1092 unchanged lines hidden (view full) --- 4494 int off, len; 4495 4496 /* create new sadb_msg to reply. */ 4497 len = PFKEY_ALIGN8(sizeof(struct sadb_msg)) + 4498 PFKEY_ALIGN8(sizeof(struct sadb_sa)); 4499 if (len > MCLBYTES) 4500 return key_senderror(so, m, ENOBUFS); 4501 |
4502 MGETHDR(n, M_DONTWAIT, MT_DATA); | 4502 MGETHDR(n, M_NOWAIT, MT_DATA); |
4503 if (len > MHLEN) { | 4503 if (len > MHLEN) { |
4504 MCLGET(n, M_DONTWAIT); | 4504 MCLGET(n, M_NOWAIT); |
4505 if ((n->m_flags & M_EXT) == 0) { 4506 m_freem(n); 4507 n = NULL; 4508 } 4509 } 4510 if (!n) 4511 return key_senderror(so, m, ENOBUFS); 4512 --- 870 unchanged lines hidden (view full) --- 5383 encmin = _BITS(algo->minkey); 5384 5385 if (ipsec_esp_auth) 5386 m = key_getcomb_ah(); 5387 else { 5388 KASSERT(l <= MLEN, 5389 ("key_getcomb_esp: l=%u > MLEN=%lu", 5390 l, (u_long) MLEN)); | 4505 if ((n->m_flags & M_EXT) == 0) { 4506 m_freem(n); 4507 n = NULL; 4508 } 4509 } 4510 if (!n) 4511 return key_senderror(so, m, ENOBUFS); 4512 --- 870 unchanged lines hidden (view full) --- 5383 encmin = _BITS(algo->minkey); 5384 5385 if (ipsec_esp_auth) 5386 m = key_getcomb_ah(); 5387 else { 5388 KASSERT(l <= MLEN, 5389 ("key_getcomb_esp: l=%u > MLEN=%lu", 5390 l, (u_long) MLEN)); |
5391 MGET(m, M_DONTWAIT, MT_DATA); | 5391 MGET(m, M_NOWAIT, MT_DATA); |
5392 if (m) { 5393 M_ALIGN(m, l); 5394 m->m_len = l; 5395 m->m_next = NULL; 5396 bzero(mtod(m, caddr_t), m->m_len); 5397 } 5398 } 5399 if (!m) --- 85 unchanged lines hidden (view full) --- 5485 /* discard algorithms with key size smaller than system min */ 5486 if (_BITS(minkeysize) < ipsec_ah_keymin) 5487 continue; 5488 5489 if (!m) { 5490 KASSERT(l <= MLEN, 5491 ("key_getcomb_ah: l=%u > MLEN=%lu", 5492 l, (u_long) MLEN)); | 5392 if (m) { 5393 M_ALIGN(m, l); 5394 m->m_len = l; 5395 m->m_next = NULL; 5396 bzero(mtod(m, caddr_t), m->m_len); 5397 } 5398 } 5399 if (!m) --- 85 unchanged lines hidden (view full) --- 5485 /* discard algorithms with key size smaller than system min */ 5486 if (_BITS(minkeysize) < ipsec_ah_keymin) 5487 continue; 5488 5489 if (!m) { 5490 KASSERT(l <= MLEN, 5491 ("key_getcomb_ah: l=%u > MLEN=%lu", 5492 l, (u_long) MLEN)); |
5493 MGET(m, M_DONTWAIT, MT_DATA); | 5493 MGET(m, M_NOWAIT, MT_DATA); |
5494 if (m) { 5495 M_ALIGN(m, l); 5496 m->m_len = l; 5497 m->m_next = NULL; 5498 } 5499 } else | 5494 if (m) { 5495 M_ALIGN(m, l); 5496 m->m_len = l; 5497 m->m_next = NULL; 5498 } 5499 } else |
5500 M_PREPEND(m, l, M_DONTWAIT); | 5500 M_PREPEND(m, l, M_NOWAIT); |
5501 if (!m) 5502 return NULL; 5503 5504 comb = mtod(m, struct sadb_comb *); 5505 bzero(comb, sizeof(*comb)); 5506 key_getcomb_setlifetime(comb); 5507 comb->sadb_comb_auth = i; 5508 comb->sadb_comb_auth_minbits = _BITS(minkeysize); --- 21 unchanged lines hidden (view full) --- 5530 algo = ipcomp_algorithm_lookup(i); 5531 if (!algo) 5532 continue; 5533 5534 if (!m) { 5535 KASSERT(l <= MLEN, 5536 ("key_getcomb_ipcomp: l=%u > MLEN=%lu", 5537 l, (u_long) MLEN)); | 5501 if (!m) 5502 return NULL; 5503 5504 comb = mtod(m, struct sadb_comb *); 5505 bzero(comb, sizeof(*comb)); 5506 key_getcomb_setlifetime(comb); 5507 comb->sadb_comb_auth = i; 5508 comb->sadb_comb_auth_minbits = _BITS(minkeysize); --- 21 unchanged lines hidden (view full) --- 5530 algo = ipcomp_algorithm_lookup(i); 5531 if (!algo) 5532 continue; 5533 5534 if (!m) { 5535 KASSERT(l <= MLEN, 5536 ("key_getcomb_ipcomp: l=%u > MLEN=%lu", 5537 l, (u_long) MLEN)); |
5538 MGET(m, M_DONTWAIT, MT_DATA); | 5538 MGET(m, M_NOWAIT, MT_DATA); |
5539 if (m) { 5540 M_ALIGN(m, l); 5541 m->m_len = l; 5542 m->m_next = NULL; 5543 } 5544 } else | 5539 if (m) { 5540 M_ALIGN(m, l); 5541 m->m_len = l; 5542 m->m_next = NULL; 5543 } 5544 } else |
5545 M_PREPEND(m, l, M_DONTWAIT); | 5545 M_PREPEND(m, l, M_NOWAIT); |
5546 if (!m) 5547 return NULL; 5548 5549 comb = mtod(m, struct sadb_comb *); 5550 bzero(comb, sizeof(*comb)); 5551 key_getcomb_setlifetime(comb); 5552 comb->sadb_comb_encrypt = i; 5553 /* what should we set into sadb_comb_*_{min,max}bits? */ --- 27 unchanged lines hidden (view full) --- 5581 m = key_getcomb_ipcomp(); 5582 break; 5583 default: 5584 return NULL; 5585 } 5586 5587 if (!m) 5588 return NULL; | 5546 if (!m) 5547 return NULL; 5548 5549 comb = mtod(m, struct sadb_comb *); 5550 bzero(comb, sizeof(*comb)); 5551 key_getcomb_setlifetime(comb); 5552 comb->sadb_comb_encrypt = i; 5553 /* what should we set into sadb_comb_*_{min,max}bits? */ --- 27 unchanged lines hidden (view full) --- 5581 m = key_getcomb_ipcomp(); 5582 break; 5583 default: 5584 return NULL; 5585 } 5586 5587 if (!m) 5588 return NULL; |
5589 M_PREPEND(m, l, M_DONTWAIT); | 5589 M_PREPEND(m, l, M_NOWAIT); |
5590 if (!m) 5591 return NULL; 5592 5593 totlen = 0; 5594 for (n = m; n; n = n->m_next) 5595 totlen += n->m_len; 5596 5597 prop = mtod(m, struct sadb_prop *); --- 488 unchanged lines hidden (view full) --- 6086 if (elen) 6087 elen += sizeof(struct sadb_supported); 6088 6089 len = sizeof(struct sadb_msg) + alen + elen; 6090 6091 if (len > MCLBYTES) 6092 return key_senderror(so, m, ENOBUFS); 6093 | 5590 if (!m) 5591 return NULL; 5592 5593 totlen = 0; 5594 for (n = m; n; n = n->m_next) 5595 totlen += n->m_len; 5596 5597 prop = mtod(m, struct sadb_prop *); --- 488 unchanged lines hidden (view full) --- 6086 if (elen) 6087 elen += sizeof(struct sadb_supported); 6088 6089 len = sizeof(struct sadb_msg) + alen + elen; 6090 6091 if (len > MCLBYTES) 6092 return key_senderror(so, m, ENOBUFS); 6093 |
6094 MGETHDR(n, M_DONTWAIT, MT_DATA); | 6094 MGETHDR(n, M_NOWAIT, MT_DATA); |
6095 if (len > MHLEN) { | 6095 if (len > MHLEN) { |
6096 MCLGET(n, M_DONTWAIT); | 6096 MCLGET(n, M_NOWAIT); |
6097 if ((n->m_flags & M_EXT) == 0) { 6098 m_freem(n); 6099 n = NULL; 6100 } 6101 } 6102 if (!n) 6103 return key_senderror(so, m, ENOBUFS); 6104 --- 547 unchanged lines hidden (view full) --- 6652 /* for old-fashioned code - should be nuked */ 6653 if (m->m_pkthdr.len > MCLBYTES) { 6654 m_freem(m); 6655 return ENOBUFS; 6656 } 6657 if (m->m_next) { 6658 struct mbuf *n; 6659 | 6097 if ((n->m_flags & M_EXT) == 0) { 6098 m_freem(n); 6099 n = NULL; 6100 } 6101 } 6102 if (!n) 6103 return key_senderror(so, m, ENOBUFS); 6104 --- 547 unchanged lines hidden (view full) --- 6652 /* for old-fashioned code - should be nuked */ 6653 if (m->m_pkthdr.len > MCLBYTES) { 6654 m_freem(m); 6655 return ENOBUFS; 6656 } 6657 if (m->m_next) { 6658 struct mbuf *n; 6659 |
6660 MGETHDR(n, M_DONTWAIT, MT_DATA); | 6660 MGETHDR(n, M_NOWAIT, MT_DATA); |
6661 if (n && m->m_pkthdr.len > MHLEN) { | 6661 if (n && m->m_pkthdr.len > MHLEN) { |
6662 MCLGET(n, M_DONTWAIT); | 6662 MCLGET(n, M_NOWAIT); |
6663 if ((n->m_flags & M_EXT) == 0) { 6664 m_free(n); 6665 n = NULL; 6666 } 6667 } 6668 if (!n) { 6669 m_freem(m); 6670 return ENOBUFS; --- 581 unchanged lines hidden (view full) --- 7252key_alloc_mbuf(l) 7253 int l; 7254{ 7255 struct mbuf *m = NULL, *n; 7256 int len, t; 7257 7258 len = l; 7259 while (len > 0) { | 6663 if ((n->m_flags & M_EXT) == 0) { 6664 m_free(n); 6665 n = NULL; 6666 } 6667 } 6668 if (!n) { 6669 m_freem(m); 6670 return ENOBUFS; --- 581 unchanged lines hidden (view full) --- 7252key_alloc_mbuf(l) 7253 int l; 7254{ 7255 struct mbuf *m = NULL, *n; 7256 int len, t; 7257 7258 len = l; 7259 while (len > 0) { |
7260 MGET(n, M_DONTWAIT, MT_DATA); | 7260 MGET(n, M_NOWAIT, MT_DATA); |
7261 if (n && len > MLEN) | 7261 if (n && len > MLEN) |
7262 MCLGET(n, M_DONTWAIT); | 7262 MCLGET(n, M_NOWAIT); |
7263 if (!n) { 7264 m_freem(m); 7265 return NULL; 7266 } 7267 7268 n->m_next = NULL; 7269 n->m_len = 0; 7270 n->m_len = M_TRAILINGSPACE(n); --- 17 unchanged lines hidden --- | 7263 if (!n) { 7264 m_freem(m); 7265 return NULL; 7266 } 7267 7268 n->m_next = NULL; 7269 n->m_len = 0; 7270 n->m_len = M_TRAILINGSPACE(n); --- 17 unchanged lines hidden --- |