| key.c (206659) | key.c (207369) |
|---|---|
| 1/* $FreeBSD: head/sys/netipsec/key.c 206659 2010-04-15 12:40:33Z vanhu $ */ | 1/* $FreeBSD: head/sys/netipsec/key.c 207369 2010-04-29 11:52:42Z bz $ */ |
| 2/* $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $ */ 3 4/*- 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions --- 99 unchanged lines hidden (view full) --- 109 * - SAs that are in DEAD state will have (total external reference) 110 * in reference count field. they are ready to be freed. reference from 111 * SA header will be removed in key_delsav(), when the reference count 112 * field hits 0 (= no external reference other than from SA header. 113 */ 114 115VNET_DEFINE(u_int32_t, key_debug_level) = 0; 116static VNET_DEFINE(u_int, key_spi_trycnt) = 1000; | 2/* $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $ */ 3 4/*- 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions --- 99 unchanged lines hidden (view full) --- 109 * - SAs that are in DEAD state will have (total external reference) 110 * in reference count field. they are ready to be freed. reference from 111 * SA header will be removed in key_delsav(), when the reference count 112 * field hits 0 (= no external reference other than from SA header. 113 */ 114 115VNET_DEFINE(u_int32_t, key_debug_level) = 0; 116static VNET_DEFINE(u_int, key_spi_trycnt) = 1000; |
| 117#define V_key_spi_trycnt VNET(key_spi_trycnt) | |
| 118static VNET_DEFINE(u_int32_t, key_spi_minval) = 0x100; | 117static VNET_DEFINE(u_int32_t, key_spi_minval) = 0x100; |
| 119#define V_key_spi_minval VNET(key_spi_minval) | |
| 120static VNET_DEFINE(u_int32_t, key_spi_maxval) = 0x0fffffff; /* XXX */ | 118static VNET_DEFINE(u_int32_t, key_spi_maxval) = 0x0fffffff; /* XXX */ |
| 121#define V_key_spi_maxval VNET(key_spi_maxval) | |
| 122static VNET_DEFINE(u_int32_t, policy_id) = 0; | 119static VNET_DEFINE(u_int32_t, policy_id) = 0; |
| 123#define V_policy_id VNET(policy_id) | |
| 124/*interval to initialize randseed,1(m)*/ 125static VNET_DEFINE(u_int, key_int_random) = 60; | 120/*interval to initialize randseed,1(m)*/ 121static VNET_DEFINE(u_int, key_int_random) = 60; |
| 126#define V_key_int_random VNET(key_int_random) | |
| 127/* interval to expire acquiring, 30(s)*/ 128static VNET_DEFINE(u_int, key_larval_lifetime) = 30; | 122/* interval to expire acquiring, 30(s)*/ 123static VNET_DEFINE(u_int, key_larval_lifetime) = 30; |
| 129#define V_key_larval_lifetime VNET(key_larval_lifetime) | |
| 130/* counter for blocking SADB_ACQUIRE.*/ 131static VNET_DEFINE(int, key_blockacq_count) = 10; | 124/* counter for blocking SADB_ACQUIRE.*/ 125static VNET_DEFINE(int, key_blockacq_count) = 10; |
| 132#define V_key_blockacq_count VNET(key_blockacq_count) | |
| 133/* lifetime for blocking SADB_ACQUIRE.*/ 134static VNET_DEFINE(int, key_blockacq_lifetime) = 20; | 126/* lifetime for blocking SADB_ACQUIRE.*/ 127static VNET_DEFINE(int, key_blockacq_lifetime) = 20; |
| 135#define V_key_blockacq_lifetime VNET(key_blockacq_lifetime) | |
| 136/* preferred old sa rather than new sa.*/ 137static VNET_DEFINE(int, key_preferred_oldsa) = 1; | 128/* preferred old sa rather than new sa.*/ 129static VNET_DEFINE(int, key_preferred_oldsa) = 1; |
| 130#define V_key_spi_trycnt VNET(key_spi_trycnt) 131#define V_key_spi_minval VNET(key_spi_minval) 132#define V_key_spi_maxval VNET(key_spi_maxval) 133#define V_policy_id VNET(policy_id) 134#define V_key_int_random VNET(key_int_random) 135#define V_key_larval_lifetime VNET(key_larval_lifetime) 136#define V_key_blockacq_count VNET(key_blockacq_count) 137#define V_key_blockacq_lifetime VNET(key_blockacq_lifetime) |
|
| 138#define V_key_preferred_oldsa VNET(key_preferred_oldsa) 139 140static VNET_DEFINE(u_int32_t, acq_seq) = 0; 141#define V_acq_seq VNET(acq_seq) 142 143 /* SPD */ 144static VNET_DEFINE(LIST_HEAD(_sptree, secpolicy), sptree[IPSEC_DIR_MAX]); 145#define V_sptree VNET(sptree) --- 119 unchanged lines hidden (view full) --- 265 sizeof(struct sadb_x_nat_t_port),/* SADB_X_EXT_NAT_T_SPORT */ 266 sizeof(struct sadb_x_nat_t_port),/* SADB_X_EXT_NAT_T_DPORT */ 267 0, /* SADB_X_EXT_NAT_T_OAI */ 268 0, /* SADB_X_EXT_NAT_T_OAR */ 269 sizeof(struct sadb_x_nat_t_frag),/* SADB_X_EXT_NAT_T_FRAG */ 270}; 271 272static VNET_DEFINE(int, ipsec_esp_keymin) = 256; | 138#define V_key_preferred_oldsa VNET(key_preferred_oldsa) 139 140static VNET_DEFINE(u_int32_t, acq_seq) = 0; 141#define V_acq_seq VNET(acq_seq) 142 143 /* SPD */ 144static VNET_DEFINE(LIST_HEAD(_sptree, secpolicy), sptree[IPSEC_DIR_MAX]); 145#define V_sptree VNET(sptree) --- 119 unchanged lines hidden (view full) --- 265 sizeof(struct sadb_x_nat_t_port),/* SADB_X_EXT_NAT_T_SPORT */ 266 sizeof(struct sadb_x_nat_t_port),/* SADB_X_EXT_NAT_T_DPORT */ 267 0, /* SADB_X_EXT_NAT_T_OAI */ 268 0, /* SADB_X_EXT_NAT_T_OAR */ 269 sizeof(struct sadb_x_nat_t_frag),/* SADB_X_EXT_NAT_T_FRAG */ 270}; 271 272static VNET_DEFINE(int, ipsec_esp_keymin) = 256; |
| 273#define V_ipsec_esp_keymin VNET(ipsec_esp_keymin) | |
| 274static VNET_DEFINE(int, ipsec_esp_auth) = 0; | 273static VNET_DEFINE(int, ipsec_esp_auth) = 0; |
| 275#define V_ipsec_esp_auth VNET(ipsec_esp_auth) | |
| 276static VNET_DEFINE(int, ipsec_ah_keymin) = 128; | 274static VNET_DEFINE(int, ipsec_ah_keymin) = 128; |
| 275 276#define V_ipsec_esp_keymin VNET(ipsec_esp_keymin) 277#define V_ipsec_esp_auth VNET(ipsec_esp_auth) |
|
| 277#define V_ipsec_ah_keymin VNET(ipsec_ah_keymin) 278 279#ifdef SYSCTL_DECL 280SYSCTL_DECL(_net_key); 281#endif 282 283SYSCTL_VNET_INT(_net_key, KEYCTL_DEBUG_LEVEL, debug, 284 CTLFLAG_RW, &VNET_NAME(key_debug_level), 0, ""); --- 7791 unchanged lines hidden --- | 278#define V_ipsec_ah_keymin VNET(ipsec_ah_keymin) 279 280#ifdef SYSCTL_DECL 281SYSCTL_DECL(_net_key); 282#endif 283 284SYSCTL_VNET_INT(_net_key, KEYCTL_DEBUG_LEVEL, debug, 285 CTLFLAG_RW, &VNET_NAME(key_debug_level), 0, ""); --- 7791 unchanged lines hidden --- |