Lines Matching defs:sav
344 #define KEY_CHKSASTATE(head, sav, name) \
346 if ((head) != (sav)) { \
348 (name), (head), (sav))); \
551 static int key_setsaval2(struct secasvar *sav,
570 int ipsec_send_natt_keepalive(struct secasvar *sav);
797 struct secasvar **sav)
805 *sav = NULL;
829 if (*sav == NULL)
830 *sav = key_allocsa_policy(saidx);
833 if (*sav != NULL)
868 struct secasvar *sav;
911 sav = key_do_allocsa_policy(sah, state, dstport);
912 if (sav != NULL) {
914 return sav;
934 struct secasvar *sav, *nextsav, *candidate, *natt_candidate, *no_natt_candidate, *d;
943 for (sav = LIST_FIRST(&sah->savtree[state]);
944 sav != NULL;
945 sav = nextsav) {
947 nextsav = LIST_NEXT(sav, chain);
950 KEY_CHKSASTATE(sav->state, state, "key_do_allocsa_policy");
953 ((sav->flags & SADB_X_EXT_NATT) != 0) &&
954 ntohs(dstport) != sav->remote_ike_port)
958 ((sav->flags & SADB_X_EXT_NATT_MULTIPLEUSERS) != 0) &&
959 ntohs(dstport) != sav->remote_ike_port)
963 ((sav->flags & SADB_X_EXT_NATT) != 0)) ||
965 ((sav->flags & SADB_X_EXT_NATT_MULTIPLEUSERS) != 0))) {
967 natt_candidate = sav;
973 no_natt_candidate = sav;
982 if (candidate->lft_c == NULL || sav->lft_c == NULL)
989 sav->lft_c->sadb_lifetime_addtime) {
990 if ((sav->flags & SADB_X_EXT_NATT_MULTIPLEUSERS) != 0)
991 natt_candidate = sav;
993 no_natt_candidate = sav;
1001 sav->lft_c->sadb_lifetime_addtime) {
1003 if ((sav->flags & SADB_X_EXT_NATT_MULTIPLEUSERS) != 0)
1004 natt_candidate = sav;
1006 no_natt_candidate = sav;
1008 d = sav;
1097 * OUT: positive: pointer to a sav.
1117 struct secasvar *sav, *match;
1155 LIST_FOREACH(sav, &spihash[SPIHASH(spi)], spihash) {
1156 if (sav->spi != spi)
1158 if (proto != sav->sah->saidx.proto)
1160 if (family != sav->sah->saidx.src.ss_family ||
1161 family != sav->sah->saidx.dst.ss_family)
1166 if (sav->state == state) {
1184 (struct sockaddr *)&sav->sah->saidx.src, 0) != 0)
1200 (struct sockaddr *)&sav->sah->saidx.src, 0) != 0)
1220 (struct sockaddr *)&sav->sah->saidx.dst, 0) != 0)
1237 (struct sockaddr *)&sav->sah->saidx.dst, 0) != 0)
1246 match = sav;
1297 * sav->natt_encapsulated_src_port and return the port.
1517 struct secasvar *sav,
1522 if (sav == NULL)
1529 sav->refcnt--;
1532 sav->refcnt, sav, (u_int32_t)ntohl(sav->spi)));
1534 if (sav->refcnt == 0)
1535 key_delsav(sav);
3105 struct secasvar *sav, *nextsav;
3121 for (sav = (struct secasvar *)LIST_FIRST(&sah->savtree[state]);
3122 sav != NULL;
3123 sav = nextsav) {
3125 nextsav = LIST_NEXT(sav, chain);
3127 if (sav->refcnt > 0) {
3134 KEY_CHKSASTATE(state, sav->state, "key_delsah");
3136 key_freesav(sav, KEY_SADB_LOCKED);
3139 sav->sah = NULL;
3140 sav = NULL;
3235 /* copy sav values */
3376 struct secasvar *sav)
3382 if (sav == NULL)
3385 if (sav->refcnt > 0)
3389 if (__LIST_CHAINED(sav))
3390 LIST_REMOVE(sav, chain);
3393 if (sav->spihash.le_prev || sav->spihash.le_next)
3394 LIST_REMOVE(sav, spihash);
3396 if (sav->key_auth != NULL) {
3397 bzero(_KEYBUF(sav->key_auth), _KEYLEN(sav->key_auth));
3398 KFREE(sav->key_auth);
3399 sav->key_auth = NULL;
3401 if (sav->key_enc != NULL) {
3402 bzero(_KEYBUF(sav->key_enc), _KEYLEN(sav->key_enc));
3403 KFREE(sav->key_enc);
3404 sav->key_enc = NULL;
3406 if (sav->sched) {
3407 bzero(sav->sched, sav->schedlen);
3408 KFREE(sav->sched);
3409 sav->sched = NULL;
3411 if (sav->replay != NULL) {
3412 keydb_delsecreplay(sav->replay);
3413 sav->replay = NULL;
3415 if (sav->lft_c != NULL) {
3416 KFREE(sav->lft_c);
3417 sav->lft_c = NULL;
3419 if (sav->lft_h != NULL) {
3420 KFREE(sav->lft_h);
3421 sav->lft_h = NULL;
3423 if (sav->lft_s != NULL) {
3424 KFREE(sav->lft_s);
3425 sav->lft_s = NULL;
3427 if (sav->iv != NULL) {
3428 KFREE(sav->iv);
3429 sav->iv = NULL;
3432 KFREE(sav);
3488 struct secasvar *sav;
3500 LIST_FOREACH(sav, &spihash[SPIHASH(spi)], spihash) {
3501 if (sav->spi != spi)
3507 if (sav->state == state &&
3508 key_ismyaddr((struct sockaddr *)&sav->sah->saidx.dst))
3509 return sav;
3518 struct secasvar *sav,
3522 sav->spi = spi;
3523 if (sav->spihash.le_prev || sav->spihash.le_next)
3524 LIST_REMOVE(sav, spihash);
3525 LIST_INSERT_HEAD(&spihash[SPIHASH(spi)], sav, spihash);
3540 struct secasvar *sav, *match;
3546 LIST_FOREACH(sav, &spihash[SPIHASH(spi)], spihash) {
3547 if (sav->spi != spi)
3549 if (sav->sah != sah)
3553 if (sav->state == state) {
3554 match = sav;
3574 struct secasvar *sav,
3591 sav->replay = NULL;
3592 sav->key_auth = NULL;
3593 sav->key_enc = NULL;
3594 sav->sched = NULL;
3595 sav->schedlen = 0;
3596 sav->iv = NULL;
3597 sav->lft_c = NULL;
3598 sav->lft_h = NULL;
3599 sav->lft_s = NULL;
3600 sav->remote_ike_port = 0;
3601 sav->natt_last_activity = natt_now;
3602 sav->natt_encapsulated_src_port = 0;
3615 sav->alg_auth = sa0->sadb_sa_auth;
3616 sav->alg_enc = sa0->sadb_sa_encrypt;
3617 sav->flags = sa0->sadb_sa_flags;
3623 if ((sav->flags & SADB_X_EXT_NATT) != 0) {
3630 sav->remote_ike_port = ((const struct sadb_sa_2*)(sa0))->sadb_sa_natt_port;
3638 if ((sav->flags & SADB_X_EXT_NATT_MULTIPLEUSERS) != 0)
3639 if ((sav->flags & SADB_X_EXT_NATT) == 0 ||
3640 (sav->flags & SADB_X_EXT_NATT_KEEPALIVE) != 0)
3641 sav->flags &= ~SADB_X_EXT_NATT_MULTIPLEUSERS;
3645 sav->replay = keydb_newsecreplay(sa0->sadb_sa_replay);
3646 if (sav->replay == NULL) {
3672 sav->alg_auth != SADB_X_AALG_NULL)
3685 sav->key_auth = (struct sadb_key *)key_newbuf(key0, len);
3686 if (sav->key_auth == NULL) {
3710 sav->alg_enc != SADB_EALG_NULL) {
3715 sav->key_enc = (struct sadb_key *)key_newbuf(key0, len);
3716 if (sav->key_enc == NULL) {
3725 sav->key_enc = NULL; /*just in case*/
3739 sav->ivlen = 0;
3744 algo = esp_algorithm_lookup(sav->alg_enc);
3746 sav->ivlen = (*algo->ivlen)(algo, sav);
3747 if (sav->ivlen == 0)
3749 KMALLOC_NOWAIT(sav->iv, caddr_t, sav->ivlen);
3750 if (sav->iv == 0) {
3752 KMALLOC_WAIT(sav->iv, caddr_t, sav->ivlen);
3754 if (sav->iv == 0) {
3762 key_randomfill(sav->iv, sav->ivlen);
3776 sav->created = tv.tv_sec;
3779 KMALLOC_NOWAIT(sav->lft_c, struct sadb_lifetime *,
3781 if (sav->lft_c == NULL) {
3783 KMALLOC_WAIT(sav->lft_c, struct sadb_lifetime *,
3786 if (sav->lft_c == NULL) {
3795 sav->lft_c->sadb_lifetime_len =
3797 sav->lft_c->sadb_lifetime_exttype = SADB_EXT_LIFETIME_CURRENT;
3798 sav->lft_c->sadb_lifetime_allocations = 0;
3799 sav->lft_c->sadb_lifetime_bytes = 0;
3800 sav->lft_c->sadb_lifetime_addtime = tv.tv_sec;
3801 sav->lft_c->sadb_lifetime_usetime = 0;
3815 sav->lft_h = (struct sadb_lifetime *)key_newbuf(lft0,
3817 if (sav->lft_h == NULL) {
3833 sav->lft_s = (struct sadb_lifetime *)key_newbuf(lft0,
3835 if (sav->lft_s == NULL) {
3848 if (sav->replay != NULL) {
3849 keydb_delsecreplay(sav->replay);
3850 sav->replay = NULL;
3852 if (sav->key_auth != NULL) {
3853 bzero(_KEYBUF(sav->key_auth), _KEYLEN(sav->key_auth));
3854 KFREE(sav->key_auth);
3855 sav->key_auth = NULL;
3857 if (sav->key_enc != NULL) {
3858 bzero(_KEYBUF(sav->key_enc), _KEYLEN(sav->key_enc));
3859 KFREE(sav->key_enc);
3860 sav->key_enc = NULL;
3862 if (sav->sched) {
3863 bzero(sav->sched, sav->schedlen);
3864 KFREE(sav->sched);
3865 sav->sched = NULL;
3867 if (sav->iv != NULL) {
3868 KFREE(sav->iv);
3869 sav->iv = NULL;
3871 if (sav->lft_c != NULL) {
3872 KFREE(sav->lft_c);
3873 sav->lft_c = NULL;
3875 if (sav->lft_h != NULL) {
3876 KFREE(sav->lft_h);
3877 sav->lft_h = NULL;
3879 if (sav->lft_s != NULL) {
3880 KFREE(sav->lft_s);
3881 sav->lft_s = NULL;
3896 key_setsaval2(struct secasvar *sav,
3922 sav->replay = NULL;
3923 sav->key_auth = NULL;
3924 sav->key_enc = NULL;
3925 sav->sched = NULL;
3926 sav->schedlen = 0;
3927 sav->iv = NULL;
3928 sav->lft_c = NULL;
3929 sav->lft_h = NULL;
3930 sav->lft_s = NULL;
3931 sav->remote_ike_port = 0;
3932 sav->natt_last_activity = natt_now;
3933 sav->natt_encapsulated_src_port = 0;
3935 sav->alg_auth = alg_auth;
3936 sav->alg_enc = alg_enc;
3937 sav->flags = flags;
3938 sav->pid = pid;
3939 sav->seq = seq;
3940 key_setspi(sav, htonl(spi));
3946 if ((sav->flags & SADB_X_EXT_NATT) != 0) {
3952 sav->remote_ike_port = natt_port;
3960 if ((sav->flags & SADB_X_EXT_NATT_MULTIPLEUSERS) != 0)
3961 if ((sav->flags & SADB_X_EXT_NATT) == 0 ||
3962 (sav->flags & SADB_X_EXT_NATT_KEEPALIVE) != 0)
3963 sav->flags &= ~SADB_X_EXT_NATT_MULTIPLEUSERS;
3967 sav->replay = keydb_newsecreplay(replay);
3968 if (sav->replay == NULL) {
3976 sav->key_auth = (__typeof__(sav->key_auth))key_newbuf(key_auth, key_auth_len);
3977 if (sav->key_auth == NULL) {
3984 sav->key_enc = (__typeof__(sav->key_enc))key_newbuf(key_enc, key_enc_len);
3985 if (sav->key_enc == NULL) {
3992 sav->ivlen = 0;
3996 algo = esp_algorithm_lookup(sav->alg_enc);
3998 sav->ivlen = (*algo->ivlen)(algo, sav);
3999 if (sav->ivlen != 0) {
4000 KMALLOC_NOWAIT(sav->iv, caddr_t, sav->ivlen);
4001 if (sav->iv == 0) {
4003 KMALLOC_WAIT(sav->iv, caddr_t, sav->ivlen);
4005 if (sav->iv == 0) {
4012 key_randomfill(sav->iv, sav->ivlen);
4019 sav->created = tv.tv_sec;
4022 KMALLOC_NOWAIT(sav->lft_c, struct sadb_lifetime *,
4024 if (sav->lft_c == NULL) {
4026 KMALLOC_WAIT(sav->lft_c, struct sadb_lifetime *,
4029 if (sav->lft_c == NULL) {
4038 sav->lft_c->sadb_lifetime_len =
4040 sav->lft_c->sadb_lifetime_exttype = SADB_EXT_LIFETIME_CURRENT;
4041 sav->lft_c->sadb_lifetime_allocations = 0;
4042 sav->lft_c->sadb_lifetime_bytes = 0;
4043 sav->lft_c->sadb_lifetime_addtime = tv.tv_sec;
4044 sav->lft_c->sadb_lifetime_usetime = 0;
4047 sav->lft_h = (__typeof__(sav->lft_h))key_newbuf(lifetime_hard,
4049 if (sav->lft_h == NULL) {
4054 sav->lft_s = (__typeof__(sav->lft_s))key_newbuf(lifetime_soft,
4056 if (sav->lft_s == NULL) {
4066 if (sav->replay != NULL) {
4067 keydb_delsecreplay(sav->replay);
4068 sav->replay = NULL;
4070 if (sav->key_auth != NULL) {
4071 bzero(_KEYBUF(sav->key_auth), _KEYLEN(sav->key_auth));
4072 KFREE(sav->key_auth);
4073 sav->key_auth = NULL;
4075 if (sav->key_enc != NULL) {
4076 bzero(_KEYBUF(sav->key_enc), _KEYLEN(sav->key_enc));
4077 KFREE(sav->key_enc);
4078 sav->key_enc = NULL;
4080 if (sav->sched) {
4081 bzero(sav->sched, sav->schedlen);
4082 KFREE(sav->sched);
4083 sav->sched = NULL;
4085 if (sav->iv != NULL) {
4086 KFREE(sav->iv);
4087 sav->iv = NULL;
4089 if (sav->lft_c != NULL) {
4090 KFREE(sav->lft_c);
4091 sav->lft_c = NULL;
4093 if (sav->lft_h != NULL) {
4094 KFREE(sav->lft_h);
4095 sav->lft_h = NULL;
4097 if (sav->lft_s != NULL) {
4098 KFREE(sav->lft_s);
4099 sav->lft_s = NULL;
4112 struct secasvar *sav)
4123 switch (sav->sah->saidx.proto) {
4127 /* No reason to test if this is >= 0, because ntohl(sav->spi) is unsigned. */
4128 if (ntohl(sav->spi) <= 255) {
4131 (u_int32_t)ntohl(sav->spi)));
4138 switch (sav->sah->saidx.proto) {
4141 if ((sav->flags & SADB_X_EXT_OLD)
4142 && (sav->flags & SADB_X_EXT_DERIV)) {
4147 if (sav->alg_auth == SADB_AALG_NONE)
4155 if (sav->flags & SADB_X_EXT_DERIV) {
4160 if (sav->alg_enc != SADB_EALG_NONE) {
4169 if (sav->alg_auth != SADB_AALG_NONE) {
4174 if ((sav->flags & SADB_X_EXT_RAWCPI) == 0
4175 && ntohl(sav->spi) >= 0x10000) {
4192 algo = ah_algorithm_lookup(sav->alg_auth);
4200 if (sav->key_auth)
4201 keylen = sav->key_auth->sadb_key_bits;
4213 if ((*algo->mature)(sav)) {
4232 algo = esp_algorithm_lookup(sav->alg_enc);
4239 if (sav->key_enc)
4240 keylen = sav->key_enc->sadb_key_bits;
4252 if ((*algo->mature)(sav)) {
4274 algo = ipcomp_algorithm_lookup(sav->alg_enc);
4281 key_sa_chgstate(sav, SADB_SASTATE_MATURE);
4291 struct secasvar *sav,
4310 m = key_setsadbmsg(type, 0, satype, seq, pid, sav->refcnt);
4320 m = key_setsadbsa(sav);
4326 m = key_setsadbxsa2(sav->sah->saidx.mode,
4327 sav->replay ? sav->replay->count : 0,
4328 sav->sah->saidx.reqid);
4335 (struct sockaddr *)&sav->sah->saidx.src,
4343 (struct sockaddr *)&sav->sah->saidx.dst,
4350 if (!sav->key_auth)
4352 l = PFKEY_UNUNIT64(sav->key_auth->sadb_key_len);
4353 p = sav->key_auth;
4357 if (!sav->key_enc)
4359 l = PFKEY_UNUNIT64(sav->key_enc->sadb_key_len);
4360 p = sav->key_enc;
4364 if (!sav->lft_c)
4366 l = PFKEY_UNUNIT64(((struct sadb_ext *)sav->lft_c)->sadb_ext_len);
4367 p = sav->lft_c;
4371 if (!sav->lft_h)
4373 l = PFKEY_UNUNIT64(((struct sadb_ext *)sav->lft_h)->sadb_ext_len);
4374 p = sav->lft_h;
4378 if (!sav->lft_s)
4380 l = PFKEY_UNUNIT64(((struct sadb_ext *)sav->lft_s)->sadb_ext_len);
4381 p = sav->lft_s;
4489 struct secasvar *sav)
4508 p->sadb_sa_spi = sav->spi;
4509 p->sadb_sa_replay = (sav->replay != NULL ? sav->replay->wsize : 0);
4510 p->sadb_sa_state = sav->state;
4511 p->sadb_sa_auth = sav->alg_auth;
4512 p->sadb_sa_encrypt = sav->alg_enc;
4513 p->sadb_sa_flags = sav->flags;
5251 struct secasvar *sav, *nextsav;
5277 for (sav = LIST_FIRST(&sah->savtree[SADB_SASTATE_LARVAL]);
5278 sav != NULL;
5279 sav = nextsav) {
5283 nextsav = LIST_NEXT(sav, chain);
5285 if (tv.tv_sec - sav->created > key_larval_lifetime) {
5286 key_freesav(sav, KEY_SADB_LOCKED);
5301 sav = LIST_FIRST(&sah->savtree[SADB_SASTATE_MATURE]); //%%% should we check dying list if this is empty???
5302 if (natt_keepalive_interval && sav &&
5303 (sav->flags & (SADB_X_EXT_NATT_KEEPALIVE | SADB_X_EXT_ESP_KEEPALIVE)) != 0) {
5304 sav->refcnt++;
5305 *savkaptr++ = sav;
5314 for (sav = LIST_FIRST(&sah->savtree[SADB_SASTATE_MATURE]);
5315 sav != NULL;
5316 sav = nextsav) {
5320 nextsav = LIST_NEXT(sav, chain);
5323 if (sav->lft_s == NULL)
5327 if (sav->lft_c == NULL) {
5334 if (sav->lft_s->sadb_lifetime_addtime != 0
5335 && tv.tv_sec - sav->created > sav->lft_s->sadb_lifetime_addtime) {
5341 if (sav->lft_c->sadb_lifetime_usetime == 0) {
5342 key_sa_chgstate(sav, SADB_SASTATE_DEAD);
5343 key_freesav(sav, KEY_SADB_LOCKED);
5344 sav = NULL;
5346 key_sa_chgstate(sav, SADB_SASTATE_DYING);
5347 sav->refcnt++;
5348 *savexptr++ = sav;
5360 && sav->lft_s->sadb_lifetime_bytes != 0
5361 && sav->lft_s->sadb_lifetime_bytes < sav->lft_c->sadb_lifetime_bytes) {
5368 //key_expire(sav);
5369 key_sa_chgstate(sav, SADB_SASTATE_DYING);
5370 sav->refcnt++;
5371 *savexptr++ = sav;
5377 for (sav = LIST_FIRST(&sah->savtree[SADB_SASTATE_DYING]);
5378 sav != NULL;
5379 sav = nextsav) {
5383 nextsav = LIST_NEXT(sav, chain);
5386 if (sav->lft_h == NULL)
5390 if (sav->lft_c == NULL) {
5396 if (sav->lft_h->sadb_lifetime_addtime != 0
5397 && tv.tv_sec - sav->created > sav->lft_h->sadb_lifetime_addtime) {
5398 key_sa_chgstate(sav, SADB_SASTATE_DEAD);
5399 key_freesav(sav, KEY_SADB_LOCKED);
5400 sav = NULL;
5404 && sav->lft_s != NULL
5405 && sav->lft_s->sadb_lifetime_addtime != 0
5406 && tv.tv_sec - sav->created > sav->lft_s->sadb_lifetime_addtime) {
5416 //key_expire(sav);
5417 sav->refcnt++;
5418 *savexptr++ = sav;
5423 else if (sav->lft_h->sadb_lifetime_bytes != 0
5424 && sav->lft_h->sadb_lifetime_bytes < sav->lft_c->sadb_lifetime_bytes) {
5425 key_sa_chgstate(sav, SADB_SASTATE_DEAD);
5426 key_freesav(sav, KEY_SADB_LOCKED);
5427 sav = NULL;
5432 for (sav = LIST_FIRST(&sah->savtree[SADB_SASTATE_DEAD]);
5433 sav != NULL;
5434 sav = nextsav) {
5438 nextsav = LIST_NEXT(sav, chain);
5441 if (sav->state != SADB_SASTATE_DEAD) {
5443 "invalid sav->state "
5446 SADB_SASTATE_DEAD, sav->state));
5451 * sav should already be freed, and sav->refcnt
5452 * shows other references to sav
6073 struct secasvar *sav;
6149 && (sav = key_getsavbyseq(sah, mhp->msg->sadb_msg_seq)) == NULL) {
6157 if ((sav = key_getsavbyspi(sah, sa0->sadb_sa_spi)) == NULL) {
6167 if (sav->sah->saidx.proto != proto) {
6171 sav->sah->saidx.proto, proto));
6175 if (sav->spi != sa0->sadb_sa_spi) {
6179 (u_int32_t)ntohl(sav->spi),
6184 if (sav->pid != mhp->msg->sadb_msg_pid) {
6188 sav->pid, mhp->msg->sadb_msg_pid));
6192 /* copy sav values */
6193 error = key_setsaval(sav, m, mhp);
6195 key_freesav(sav, KEY_SADB_LOCKED);
6204 if ((sav->flags & SADB_X_EXT_NATT_MULTIPLEUSERS) != 0 &&
6205 (sav->sah->saidx.mode != IPSEC_MODE_TRANSPORT ||
6206 sav->sah->saidx.src.ss_family != AF_INET))
6207 sav->flags &= ~SADB_X_EXT_NATT_MULTIPLEUSERS;
6210 if ((error = key_mature(sav)) != 0) {
6211 key_freesav(sav, KEY_SADB_LOCKED);
6246 struct secasvar *sav;
6254 LIST_FOREACH(sav, &sah->savtree[state], chain) {
6256 KEY_CHKSASTATE(state, sav->state, "key_getsabyseq");
6258 if (sav->seq == seq) {
6259 sav->refcnt++;
6263 sav->refcnt, sav));
6264 return sav;
6568 struct secasvar *sav = NULL;
6627 sav = key_getsavbyspi(sah, sa0->sadb_sa_spi);
6628 if (sav)
6637 key_sa_chgstate(sav, SADB_SASTATE_DEAD);
6638 key_freesav(sav, KEY_SADB_LOCKED);
6641 sav = NULL;
6681 struct secasvar *sav, *nextsav;
6705 for (sav = LIST_FIRST(&sah->savtree[state]);
6706 sav != NULL; sav = nextsav) {
6707 nextsav = LIST_NEXT(sav, chain);
6709 if (sav->state != state) {
6711 "invalid sav->state "
6713 state, sav->state));
6717 key_sa_chgstate(sav, SADB_SASTATE_DEAD);
6718 key_freesav(sav, KEY_SADB_LOCKED);
6771 struct secasvar *sav = NULL;
6816 sav = key_getsavbyspi(sah, sa0->sadb_sa_spi);
6817 if (sav)
6839 n = key_setdumpsa(sav, SADB_GET, satype, mhp->msg->sadb_msg_seq,
6862 struct secasvar *sav = NULL;
6876 sav = key_getsavbyspi(sah, spi);
6877 if (sav) {
6878 stat->spi = sav->spi;
6879 stat->created = sav->created;
6880 if (sav->lft_c) {
6881 bcopy(sav->lft_c,&stat->lft_c, sizeof(stat->lft_c));
7851 struct secasvar *sav)
7862 if (sav == NULL)
7864 if (sav->sah == NULL)
7866 if ((satype = key_proto2satype(sav->sah->saidx.proto)) == 0)
7870 m = key_setsadbmsg(SADB_EXPIRE, 0, satype, sav->seq, 0, sav->refcnt);
7878 m = key_setsadbsa(sav);
7886 m = key_setsadbxsa2(sav->sah->saidx.mode,
7887 sav->replay ? sav->replay->count : 0,
7888 sav->sah->saidx.reqid);
7908 lt->sadb_lifetime_allocations = sav->lft_c->sadb_lifetime_allocations;
7909 lt->sadb_lifetime_bytes = sav->lft_c->sadb_lifetime_bytes;
7910 lt->sadb_lifetime_addtime = sav->lft_c->sadb_lifetime_addtime;
7911 lt->sadb_lifetime_usetime = sav->lft_c->sadb_lifetime_usetime;
7913 bcopy(sav->lft_s, lt, sizeof(*lt));
7918 (struct sockaddr *)&sav->sah->saidx.src,
7928 (struct sockaddr *)&sav->sah->saidx.dst,
7984 struct secasvar *sav, *nextsav;
8015 for (sav = LIST_FIRST(&sah->savtree[state]);
8016 sav != NULL;
8017 sav = nextsav) {
8019 nextsav = LIST_NEXT(sav, chain);
8021 key_sa_chgstate(sav, SADB_SASTATE_DEAD);
8022 key_freesav(sav, KEY_SADB_LOCKED);
8061 struct secasvar *sav;
8072 struct secasvar *sav;
8106 /* count sav entries to be sent to the userland. */
8126 LIST_FOREACH(sav, &sah->savtree[state], chain) {
8129 elem_ptr->sav = sav;
8131 sav->refcnt++;
8148 n = key_setdumpsa(elem_ptr->sav, SADB_DUMP, elem_ptr->satype,
8166 key_freesav((elem_ptr++)->sav, KEY_SADB_LOCKED);
8737 struct secasvar *sav,
8744 if (sav->sah == NULL)
8745 panic("sav->sah == NULL at key_checktunnelsanity");
8755 struct secasvar *sav,
8760 if (!sav)
8761 panic("key_sa_recordxfer called with sav == NULL");
8764 if (!sav->lft_c)
8772 sav->lft_c->sadb_lifetime_bytes += m->m_pkthdr.len;
8780 sav->lft_c->sadb_lifetime_allocations++;
8797 sav->lft_c->sadb_lifetime_usetime = tv.tv_sec;
8829 struct secasvar *sav,
8833 if (sav == NULL)
8834 panic("key_sa_chgstate called with sav == NULL");
8836 if (sav->state == state)
8841 if (__LIST_CHAINED(sav))
8842 LIST_REMOVE(sav, chain);
8844 sav->state = state;
8845 LIST_INSERT_HEAD(&sav->sah->savtree[state], sav, chain);
8851 struct secasvar *sav)
8854 if (!sav->iv)
8855 panic("key_sa_stir_iv called with sav == NULL");
8856 key_randomfill(sav->iv, sav->ivlen);