Cross Reference: /freebsd-11.0-release/sys/netipsec/key.c

Deleted Added

sdiff udiff text old ( 125508 ) new ( 125680 )

full compact

key.c (125508)	key.c (125680)
1/* $FreeBSD: head/sys/netipsec/key.c 125508 2004-02-05 23:19:17Z sam $ */	1/* $FreeBSD: head/sys/netipsec/key.c 125680 2004-02-11 04:26:04Z bms $ */
2/* $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $ / 3 4/ 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions --- 2988 unchanged lines hidden (view full) --- 2998 error = 0; 2999 if (len < sizeof(key0)) { 3000* error = EINVAL; 3001 goto fail; 3002 } 3003 switch (mhp->msg->sadb_msg_satype) { 3004 case SADB_SATYPE_AH: 3005 case SADB_SATYPE_ESP:	2/* $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $ / 3 4/ 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions --- 2988 unchanged lines hidden (view full) --- 2998 error = 0; 2999 if (len < sizeof(key0)) { 3000* error = EINVAL; 3001 goto fail; 3002 } 3003 switch (mhp->msg->sadb_msg_satype) { 3004 case SADB_SATYPE_AH: 3005 case SADB_SATYPE_ESP:
	3006 case SADB_X_SATYPE_TCPSIGNATURE:
3006 if (len == PFKEY_ALIGN8(sizeof(struct sadb_key)) && 3007 sav->alg_auth != SADB_X_AALG_NULL) 3008 error = EINVAL; 3009 break; 3010 case SADB_X_SATYPE_IPCOMP: 3011 default: 3012 error = EINVAL; 3013 break; --- 41 unchanged lines hidden (view full) --- 3055 } 3056 break; 3057 case SADB_X_SATYPE_IPCOMP: 3058 if (len != PFKEY_ALIGN8(sizeof(struct sadb_key))) 3059 error = EINVAL; 3060 sav->key_enc = NULL; /just in case/ 3061 break; 3062 case SADB_SATYPE_AH:	3007 if (len == PFKEY_ALIGN8(sizeof(struct sadb_key)) && 3008 sav->alg_auth != SADB_X_AALG_NULL) 3009 error = EINVAL; 3010 break; 3011 case SADB_X_SATYPE_IPCOMP: 3012 default: 3013 error = EINVAL; 3014 break; --- 41 unchanged lines hidden (view full) --- 3056 } 3057 break; 3058 case SADB_X_SATYPE_IPCOMP: 3059 if (len != PFKEY_ALIGN8(sizeof(struct sadb_key))) 3060 error = EINVAL; 3061 sav->key_enc = NULL; /just in case/ 3062 break; 3063 case SADB_SATYPE_AH:
	3064 case SADB_X_SATYPE_TCPSIGNATURE:
3063 default: 3064 error = EINVAL; 3065 break; 3066 } 3067 if (error) { 3068 ipseclog((LOG_DEBUG, "%s: invalid key_enc value.\n", 3069 __func__)); 3070 goto fail; --- 8 unchanged lines hidden (view full) --- 3079 error = xform_init(sav, XF_AH); 3080 break; 3081 case SADB_SATYPE_ESP: 3082 error = xform_init(sav, XF_ESP); 3083 break; 3084 case SADB_X_SATYPE_IPCOMP: 3085 error = xform_init(sav, XF_IPCOMP); 3086 break;	3065 default: 3066 error = EINVAL; 3067 break; 3068 } 3069 if (error) { 3070 ipseclog((LOG_DEBUG, "%s: invalid key_enc value.\n", 3071 __func__)); 3072 goto fail; --- 8 unchanged lines hidden (view full) --- 3081 error = xform_init(sav, XF_AH); 3082 break; 3083 case SADB_SATYPE_ESP: 3084 error = xform_init(sav, XF_ESP); 3085 break; 3086 case SADB_X_SATYPE_IPCOMP: 3087 error = xform_init(sav, XF_IPCOMP); 3088 break;
	3089 case SADB_X_SATYPE_TCPSIGNATURE: 3090 error = xform_init(sav, XF_TCPSIGNATURE); 3091 break;
3087 } 3088 if (error) { 3089 ipseclog((LOG_DEBUG, "%s: unable to initialize SA type %u.\n", 3090 __func__, mhp->msg->sadb_msg_satype)); 3091 goto fail; 3092 } 3093 3094 /* reset created / --- 116 unchanged lines hidden* (view full) --- 3211 if ((sav->flags & SADB_X_EXT_RAWCPI) == 0 3212 && ntohl(sav->spi) >= 0x10000) { 3213 ipseclog((LOG_DEBUG, "%s: invalid cpi for IPComp.\n", 3214 __func__)); 3215 return(EINVAL); 3216 } 3217 error = xform_init(sav, XF_IPCOMP); 3218 break;	3092 } 3093 if (error) { 3094 ipseclog((LOG_DEBUG, "%s: unable to initialize SA type %u.\n", 3095 __func__, mhp->msg->sadb_msg_satype)); 3096 goto fail; 3097 } 3098 3099 /* reset created / --- 116 unchanged lines hidden* (view full) --- 3216 if ((sav->flags & SADB_X_EXT_RAWCPI) == 0 3217 && ntohl(sav->spi) >= 0x10000) { 3218 ipseclog((LOG_DEBUG, "%s: invalid cpi for IPComp.\n", 3219 __func__)); 3220 return(EINVAL); 3221 } 3222 error = xform_init(sav, XF_IPCOMP); 3223 break;
	3224 case IPPROTO_TCP: 3225 if (sav->alg_enc != SADB_EALG_NONE) { 3226 ipseclog((LOG_DEBUG, "%s: protocol and algorithm " 3227 "mismated.\n", __func__)); 3228 return(EINVAL); 3229 } 3230 error = xform_init(sav, XF_TCPSIGNATURE); 3231 break;
3219 default: 3220 ipseclog((LOG_DEBUG, "%s: Invalid satype.\n", __func__)); 3221 error = EPROTONOSUPPORT; 3222 break; 3223 } 3224 if (error == 0) { 3225 SAHTREE_LOCK(); 3226 key_sa_chgstate(sav, SADB_SASTATE_MATURE); --- 1019 unchanged lines hidden (view full) --- 4246 case SADB_SATYPE_UNSPEC: 4247 return IPSEC_PROTO_ANY; 4248 case SADB_SATYPE_AH: 4249 return IPPROTO_AH; 4250 case SADB_SATYPE_ESP: 4251 return IPPROTO_ESP; 4252 case SADB_X_SATYPE_IPCOMP: 4253 return IPPROTO_IPCOMP;	3232 default: 3233 ipseclog((LOG_DEBUG, "%s: Invalid satype.\n", __func__)); 3234 error = EPROTONOSUPPORT; 3235 break; 3236 } 3237 if (error == 0) { 3238 SAHTREE_LOCK(); 3239 key_sa_chgstate(sav, SADB_SASTATE_MATURE); --- 1019 unchanged lines hidden (view full) --- 4259 case SADB_SATYPE_UNSPEC: 4260 return IPSEC_PROTO_ANY; 4261 case SADB_SATYPE_AH: 4262 return IPPROTO_AH; 4263 case SADB_SATYPE_ESP: 4264 return IPPROTO_ESP; 4265 case SADB_X_SATYPE_IPCOMP: 4266 return IPPROTO_IPCOMP;
	4267 case SADB_X_SATYPE_TCPSIGNATURE: 4268 return IPPROTO_TCP;
4254 default: 4255 return 0; 4256 } 4257 /* NOTREACHED / 4258} 4259* 4260/* 4261 * map IPPROTO_* to SADB_SATYPE_* --- 6 unchanged lines hidden (view full) --- 4268{ 4269 switch (proto) { 4270 case IPPROTO_AH: 4271 return SADB_SATYPE_AH; 4272 case IPPROTO_ESP: 4273 return SADB_SATYPE_ESP; 4274 case IPPROTO_IPCOMP: 4275 return SADB_X_SATYPE_IPCOMP;	4269 default: 4270 return 0; 4271 } 4272 /* NOTREACHED / 4273} 4274* 4275/* 4276 * map IPPROTO_* to SADB_SATYPE_* --- 6 unchanged lines hidden (view full) --- 4283{ 4284 switch (proto) { 4285 case IPPROTO_AH: 4286 return SADB_SATYPE_AH; 4287 case IPPROTO_ESP: 4288 return SADB_SATYPE_ESP; 4289 case IPPROTO_IPCOMP: 4290 return SADB_X_SATYPE_IPCOMP;
	4291 case IPPROTO_TCP: 4292 return SADB_X_SATYPE_TCPSIGNATURE;
4276 default: 4277 return 0; 4278 } 4279 /* NOTREACHED / 4280} 4281* 4282/* %%% PF_KEY / 4283/ --- 2385 unchanged lines hidden (view full) --- 6669 pfkeystat.out_invsatype++; 6670 error = EINVAL; 6671 goto senderror; 6672 } 6673 break; 6674 case SADB_SATYPE_AH: 6675 case SADB_SATYPE_ESP: 6676 case SADB_X_SATYPE_IPCOMP:	4293 default: 4294 return 0; 4295 } 4296 /* NOTREACHED / 4297} 4298* 4299/* %%% PF_KEY / 4300/ --- 2385 unchanged lines hidden (view full) --- 6686 pfkeystat.out_invsatype++; 6687 error = EINVAL; 6688 goto senderror; 6689 } 6690 break; 6691 case SADB_SATYPE_AH: 6692 case SADB_SATYPE_ESP: 6693 case SADB_X_SATYPE_IPCOMP:
	6694 case SADB_X_SATYPE_TCPSIGNATURE:
6677 switch (msg->sadb_msg_type) { 6678 case SADB_X_SPDADD: 6679 case SADB_X_SPDDELETE: 6680 case SADB_X_SPDGET: 6681 case SADB_X_SPDDUMP: 6682 case SADB_X_SPDFLUSH: 6683 case SADB_X_SPDSETIDX: 6684 case SADB_X_SPDUPDATE: --- 500 unchanged lines hidden ---	6695 switch (msg->sadb_msg_type) { 6696 case SADB_X_SPDADD: 6697 case SADB_X_SPDDELETE: 6698 case SADB_X_SPDGET: 6699 case SADB_X_SPDDUMP: 6700 case SADB_X_SPDFLUSH: 6701 case SADB_X_SPDSETIDX: 6702 case SADB_X_SPDUPDATE: --- 500 unchanged lines hidden ---