key.c (125508) | key.c (125680) |
---|---|
1/* $FreeBSD: head/sys/netipsec/key.c 125508 2004-02-05 23:19:17Z sam $ */ | 1/* $FreeBSD: head/sys/netipsec/key.c 125680 2004-02-11 04:26:04Z bms $ */ |
2/* $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $ */ 3 4/* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions --- 2988 unchanged lines hidden (view full) --- 2998 error = 0; 2999 if (len < sizeof(*key0)) { 3000 error = EINVAL; 3001 goto fail; 3002 } 3003 switch (mhp->msg->sadb_msg_satype) { 3004 case SADB_SATYPE_AH: 3005 case SADB_SATYPE_ESP: | 2/* $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $ */ 3 4/* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions --- 2988 unchanged lines hidden (view full) --- 2998 error = 0; 2999 if (len < sizeof(*key0)) { 3000 error = EINVAL; 3001 goto fail; 3002 } 3003 switch (mhp->msg->sadb_msg_satype) { 3004 case SADB_SATYPE_AH: 3005 case SADB_SATYPE_ESP: |
3006 case SADB_X_SATYPE_TCPSIGNATURE: |
|
3006 if (len == PFKEY_ALIGN8(sizeof(struct sadb_key)) && 3007 sav->alg_auth != SADB_X_AALG_NULL) 3008 error = EINVAL; 3009 break; 3010 case SADB_X_SATYPE_IPCOMP: 3011 default: 3012 error = EINVAL; 3013 break; --- 41 unchanged lines hidden (view full) --- 3055 } 3056 break; 3057 case SADB_X_SATYPE_IPCOMP: 3058 if (len != PFKEY_ALIGN8(sizeof(struct sadb_key))) 3059 error = EINVAL; 3060 sav->key_enc = NULL; /*just in case*/ 3061 break; 3062 case SADB_SATYPE_AH: | 3007 if (len == PFKEY_ALIGN8(sizeof(struct sadb_key)) && 3008 sav->alg_auth != SADB_X_AALG_NULL) 3009 error = EINVAL; 3010 break; 3011 case SADB_X_SATYPE_IPCOMP: 3012 default: 3013 error = EINVAL; 3014 break; --- 41 unchanged lines hidden (view full) --- 3056 } 3057 break; 3058 case SADB_X_SATYPE_IPCOMP: 3059 if (len != PFKEY_ALIGN8(sizeof(struct sadb_key))) 3060 error = EINVAL; 3061 sav->key_enc = NULL; /*just in case*/ 3062 break; 3063 case SADB_SATYPE_AH: |
3064 case SADB_X_SATYPE_TCPSIGNATURE: |
|
3063 default: 3064 error = EINVAL; 3065 break; 3066 } 3067 if (error) { 3068 ipseclog((LOG_DEBUG, "%s: invalid key_enc value.\n", 3069 __func__)); 3070 goto fail; --- 8 unchanged lines hidden (view full) --- 3079 error = xform_init(sav, XF_AH); 3080 break; 3081 case SADB_SATYPE_ESP: 3082 error = xform_init(sav, XF_ESP); 3083 break; 3084 case SADB_X_SATYPE_IPCOMP: 3085 error = xform_init(sav, XF_IPCOMP); 3086 break; | 3065 default: 3066 error = EINVAL; 3067 break; 3068 } 3069 if (error) { 3070 ipseclog((LOG_DEBUG, "%s: invalid key_enc value.\n", 3071 __func__)); 3072 goto fail; --- 8 unchanged lines hidden (view full) --- 3081 error = xform_init(sav, XF_AH); 3082 break; 3083 case SADB_SATYPE_ESP: 3084 error = xform_init(sav, XF_ESP); 3085 break; 3086 case SADB_X_SATYPE_IPCOMP: 3087 error = xform_init(sav, XF_IPCOMP); 3088 break; |
3089 case SADB_X_SATYPE_TCPSIGNATURE: 3090 error = xform_init(sav, XF_TCPSIGNATURE); 3091 break; |
|
3087 } 3088 if (error) { 3089 ipseclog((LOG_DEBUG, "%s: unable to initialize SA type %u.\n", 3090 __func__, mhp->msg->sadb_msg_satype)); 3091 goto fail; 3092 } 3093 3094 /* reset created */ --- 116 unchanged lines hidden (view full) --- 3211 if ((sav->flags & SADB_X_EXT_RAWCPI) == 0 3212 && ntohl(sav->spi) >= 0x10000) { 3213 ipseclog((LOG_DEBUG, "%s: invalid cpi for IPComp.\n", 3214 __func__)); 3215 return(EINVAL); 3216 } 3217 error = xform_init(sav, XF_IPCOMP); 3218 break; | 3092 } 3093 if (error) { 3094 ipseclog((LOG_DEBUG, "%s: unable to initialize SA type %u.\n", 3095 __func__, mhp->msg->sadb_msg_satype)); 3096 goto fail; 3097 } 3098 3099 /* reset created */ --- 116 unchanged lines hidden (view full) --- 3216 if ((sav->flags & SADB_X_EXT_RAWCPI) == 0 3217 && ntohl(sav->spi) >= 0x10000) { 3218 ipseclog((LOG_DEBUG, "%s: invalid cpi for IPComp.\n", 3219 __func__)); 3220 return(EINVAL); 3221 } 3222 error = xform_init(sav, XF_IPCOMP); 3223 break; |
3224 case IPPROTO_TCP: 3225 if (sav->alg_enc != SADB_EALG_NONE) { 3226 ipseclog((LOG_DEBUG, "%s: protocol and algorithm " 3227 "mismated.\n", __func__)); 3228 return(EINVAL); 3229 } 3230 error = xform_init(sav, XF_TCPSIGNATURE); 3231 break; |
|
3219 default: 3220 ipseclog((LOG_DEBUG, "%s: Invalid satype.\n", __func__)); 3221 error = EPROTONOSUPPORT; 3222 break; 3223 } 3224 if (error == 0) { 3225 SAHTREE_LOCK(); 3226 key_sa_chgstate(sav, SADB_SASTATE_MATURE); --- 1019 unchanged lines hidden (view full) --- 4246 case SADB_SATYPE_UNSPEC: 4247 return IPSEC_PROTO_ANY; 4248 case SADB_SATYPE_AH: 4249 return IPPROTO_AH; 4250 case SADB_SATYPE_ESP: 4251 return IPPROTO_ESP; 4252 case SADB_X_SATYPE_IPCOMP: 4253 return IPPROTO_IPCOMP; | 3232 default: 3233 ipseclog((LOG_DEBUG, "%s: Invalid satype.\n", __func__)); 3234 error = EPROTONOSUPPORT; 3235 break; 3236 } 3237 if (error == 0) { 3238 SAHTREE_LOCK(); 3239 key_sa_chgstate(sav, SADB_SASTATE_MATURE); --- 1019 unchanged lines hidden (view full) --- 4259 case SADB_SATYPE_UNSPEC: 4260 return IPSEC_PROTO_ANY; 4261 case SADB_SATYPE_AH: 4262 return IPPROTO_AH; 4263 case SADB_SATYPE_ESP: 4264 return IPPROTO_ESP; 4265 case SADB_X_SATYPE_IPCOMP: 4266 return IPPROTO_IPCOMP; |
4267 case SADB_X_SATYPE_TCPSIGNATURE: 4268 return IPPROTO_TCP; |
|
4254 default: 4255 return 0; 4256 } 4257 /* NOTREACHED */ 4258} 4259 4260/* 4261 * map IPPROTO_* to SADB_SATYPE_* --- 6 unchanged lines hidden (view full) --- 4268{ 4269 switch (proto) { 4270 case IPPROTO_AH: 4271 return SADB_SATYPE_AH; 4272 case IPPROTO_ESP: 4273 return SADB_SATYPE_ESP; 4274 case IPPROTO_IPCOMP: 4275 return SADB_X_SATYPE_IPCOMP; | 4269 default: 4270 return 0; 4271 } 4272 /* NOTREACHED */ 4273} 4274 4275/* 4276 * map IPPROTO_* to SADB_SATYPE_* --- 6 unchanged lines hidden (view full) --- 4283{ 4284 switch (proto) { 4285 case IPPROTO_AH: 4286 return SADB_SATYPE_AH; 4287 case IPPROTO_ESP: 4288 return SADB_SATYPE_ESP; 4289 case IPPROTO_IPCOMP: 4290 return SADB_X_SATYPE_IPCOMP; |
4291 case IPPROTO_TCP: 4292 return SADB_X_SATYPE_TCPSIGNATURE; |
|
4276 default: 4277 return 0; 4278 } 4279 /* NOTREACHED */ 4280} 4281 4282/* %%% PF_KEY */ 4283/* --- 2385 unchanged lines hidden (view full) --- 6669 pfkeystat.out_invsatype++; 6670 error = EINVAL; 6671 goto senderror; 6672 } 6673 break; 6674 case SADB_SATYPE_AH: 6675 case SADB_SATYPE_ESP: 6676 case SADB_X_SATYPE_IPCOMP: | 4293 default: 4294 return 0; 4295 } 4296 /* NOTREACHED */ 4297} 4298 4299/* %%% PF_KEY */ 4300/* --- 2385 unchanged lines hidden (view full) --- 6686 pfkeystat.out_invsatype++; 6687 error = EINVAL; 6688 goto senderror; 6689 } 6690 break; 6691 case SADB_SATYPE_AH: 6692 case SADB_SATYPE_ESP: 6693 case SADB_X_SATYPE_IPCOMP: |
6694 case SADB_X_SATYPE_TCPSIGNATURE: |
|
6677 switch (msg->sadb_msg_type) { 6678 case SADB_X_SPDADD: 6679 case SADB_X_SPDDELETE: 6680 case SADB_X_SPDGET: 6681 case SADB_X_SPDDUMP: 6682 case SADB_X_SPDFLUSH: 6683 case SADB_X_SPDSETIDX: 6684 case SADB_X_SPDUPDATE: --- 500 unchanged lines hidden --- | 6695 switch (msg->sadb_msg_type) { 6696 case SADB_X_SPDADD: 6697 case SADB_X_SPDDELETE: 6698 case SADB_X_SPDGET: 6699 case SADB_X_SPDDUMP: 6700 case SADB_X_SPDFLUSH: 6701 case SADB_X_SPDSETIDX: 6702 case SADB_X_SPDUPDATE: --- 500 unchanged lines hidden --- |