Lines Matching refs:sah
851 struct secashead *sah;
860 LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
863 kdebug_secash(sah, " "));
864 if (sah->saidx.proto != IPPROTO_TCP)
866 if (!key_sockaddrcmp(&saidx->dst.sa, &sah->saidx.dst.sa, 0) &&
867 !key_sockaddrcmp(&saidx->src.sa, &sah->saidx.src.sa, 0))
870 if (sah != NULL) {
872 sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue);
874 sav = TAILQ_FIRST(&sah->savtree_alive);
904 struct secashead *sah;
920 LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
923 kdebug_secash(sah, " "));
924 if (key_cmpsaidx(&sah->saidx, saidx, CMP_MODE_REQID))
928 if (sah != NULL) {
934 sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue);
936 sav = TAILQ_FIRST(&sah->savtree_alive);
1000 sav->sah->saidx.proto == proto &&
1002 &sav->sah->saidx.dst.sa, 0) == 0)
1029 struct secashead *sah;
1040 LIST_FOREACH(sah, SAHADDRHASH_HASH(&saidx), addrhash) {
1041 if (IPSEC_MODE_TUNNEL != sah->saidx.mode)
1043 if (proto != sah->saidx.proto)
1045 if (key_sockaddrcmp(&src->sa, &sah->saidx.src.sa, 0) != 0)
1047 if (key_sockaddrcmp(&dst->sa, &sah->saidx.dst.sa, 0) != 0)
1051 sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue);
1053 sav = TAILQ_FIRST(&sah->savtree_alive);
1248 struct secashead *sah;
1262 TAILQ_REMOVE(&sav->sah->savtree_larval, sav, chain);
1264 TAILQ_REMOVE(&sav->sah->savtree_alive, sav, chain);
1268 sah = sav->sah;
1272 key_freesah(&sah);
2715 struct secashead *sah;
2717 sah = malloc(sizeof(struct secashead), M_IPSEC_SAH,
2719 if (sah == NULL) {
2723 TAILQ_INIT(&sah->savtree_larval);
2724 TAILQ_INIT(&sah->savtree_alive);
2725 sah->saidx = *saidx;
2726 sah->state = SADB_SASTATE_DEAD;
2727 SAH_INITREF(sah);
2730 printf("%s: SAH(%p)\n", __func__, sah));
2731 KEYDBG(KEY_DATA, kdebug_secash(sah, NULL));
2732 return (sah);
2738 struct secashead *sah = *psah;
2740 if (SAH_DELREF(sah) == 0)
2744 printf("%s: last reference to SAH(%p)\n", __func__, sah));
2745 KEYDBG(KEY_DATA, kdebug_secash(sah, NULL));
2748 key_delsah(sah);
2752 key_delsah(struct secashead *sah)
2754 IPSEC_ASSERT(sah != NULL, ("NULL sah"));
2755 IPSEC_ASSERT(sah->state == SADB_SASTATE_DEAD,
2756 ("Attempt to free non DEAD SAH %p", sah));
2757 IPSEC_ASSERT(TAILQ_EMPTY(&sah->savtree_larval),
2758 ("Attempt to free SAH %p with LARVAL SA", sah));
2759 IPSEC_ASSERT(TAILQ_EMPTY(&sah->savtree_alive),
2760 ("Attempt to free SAH %p with ALIVE SA", sah));
2762 free(sah, M_IPSEC_SAH);
2777 struct secashead *sah;
2787 sah = NULL;
2832 sah = key_getsah(saidx);
2833 if (sah == NULL) {
2835 sah = key_newsah(saidx);
2836 if (sah == NULL) {
2846 sav->sah = sah;
2867 if (isnew == 0 && sah->state == SADB_SASTATE_DEAD) {
2869 key_freesah(&sah); /* reference from key_getsah() */
2881 TAILQ_INSERT_HEAD(&V_sahtree, sah, chain);
2883 LIST_INSERT_HEAD(SAHADDRHASH_HASH(saidx), sah, addrhash);
2885 sah->state = SADB_SASTATE_MATURE;
2891 SAH_ADDREF(sah);
2895 TAILQ_INSERT_HEAD(&sah->savtree_alive, sav, chain);
2897 TAILQ_INSERT_HEAD(&sah->savtree_larval, sav, chain);
2913 if (sah != NULL)
2914 key_freesah(&sah);
3014 struct secashead *sah;
3017 LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
3018 if (key_cmpsaidx(&sah->saidx, saidx, CMP_MODE_REQID) != 0) {
3019 SAH_ADDREF(sah);
3024 return (sah);
3172 error = key_setident(sav->sah, mhp);
3460 m = key_setsadbxsa2(sav->sah->saidx.mode, replay_count,
3461 sav->sah->saidx.reqid);
3478 &sav->sah->saidx.src.sa,
3486 &sav->sah->saidx.dst.sa,
4362 struct secashead *sah, *nextsah;
4371 TAILQ_FOREACH(sah, &V_sahtree, chain) {
4373 if (TAILQ_EMPTY(&sah->savtree_larval) &&
4374 TAILQ_EMPTY(&sah->savtree_alive)) {
4375 SAH_ADDREF(sah);
4376 LIST_INSERT_HEAD(&emptyq, sah, drainq);
4380 TAILQ_FOREACH(sav, &sah->savtree_larval, chain) {
4386 TAILQ_FOREACH(sav, &sah->savtree_alive, chain) {
4453 TAILQ_REMOVE(&sav->sah->savtree_larval, sav, chain);
4469 TAILQ_REMOVE(&sav->sah->savtree_alive, sav, chain);
4492 sah = LIST_FIRST(&emptyq);
4493 while (sah != NULL) {
4494 nextsah = LIST_NEXT(sah, drainq);
4496 if (sah->state == SADB_SASTATE_DEAD ||
4497 !TAILQ_EMPTY(&sah->savtree_larval) ||
4498 !TAILQ_EMPTY(&sah->savtree_alive)) {
4499 LIST_REMOVE(sah, drainq);
4500 key_freesah(&sah); /* release extra reference */
4501 sah = nextsah;
4504 TAILQ_REMOVE(&V_sahtree, sah, chain);
4505 LIST_REMOVE(sah, addrhash);
4506 sah->state = SADB_SASTATE_DEAD;
4507 sah = nextsah;
4516 key_freesah(&sav->sah); /* release reference from SAV */
4532 key_freesah(&sav->sah); /* release reference from SAV */
4545 sah = LIST_FIRST(&emptyq);
4546 while (sah != NULL) {
4547 nextsah = LIST_NEXT(sah, drainq);
4548 key_freesah(&sah); /* release extra reference */
4549 key_freesah(&sah); /* release last reference */
4550 sah = nextsah;
4974 struct secashead *sah;
4979 LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
4980 if (sah->saidx.proto != IPPROTO_TCP)
4982 if (!key_sockaddrcmp(&saidx->dst.sa, &sah->saidx.dst.sa, 0) &&
4983 !key_sockaddrcmp(&saidx->src.sa, &sah->saidx.src.sa, 0))
4986 if (sah != NULL) {
4988 sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue);
4990 sav = TAILQ_FIRST(&sah->savtree_alive);
5024 struct secashead *sah;
5053 sah = key_getsah(saidx);
5054 if (sah == NULL) {
5056 sah = key_newsah(saidx);
5057 if (sah == NULL) {
5070 if (sav->sah->saidx.proto != IPPROTO_ESP ||
5080 sah = sav->sah;
5101 newsav->sah = sah;
5122 TAILQ_REMOVE(&sav->sah->savtree_alive, sav, chain);
5130 TAILQ_FOREACH(tmp, &sah->savtree_alive, chain) {
5137 TAILQ_INSERT_TAIL(&sah->savtree_alive, newsav, chain);
5144 TAILQ_INSERT_HEAD(&V_sahtree, sah, chain);
5145 LIST_INSERT_HEAD(SAHADDRHASH_HASH(saidx), sah, addrhash);
5146 sah->state = SADB_SASTATE_MATURE;
5147 SAH_ADDREF(sah); /* newsav references new SAH */
5150 * isnew == 1 -> @sah was referenced by key_getsah().
5151 * isnew == 0 -> we use the same @sah, that was used by @sav,
5180 key_freesah(&sah);
5299 if (key_cmpsaidx(&sav->sah->saidx, &saidx, CMP_MODE_REQID) == 0) {
5339 TAILQ_REMOVE(&sav->sah->savtree_larval, sav, chain);
5340 TAILQ_INSERT_HEAD(&sav->sah->savtree_alive, sav, chain);
5608 if (sav->sah->saidx.proto != IPPROTO_ESP)
5686 if (sav->sah->saidx.mode != IPSEC_MODE_TUNNEL) {
5700 sav->sah->saidx.src.sin.sin_addr.s_addr) {
5704 addr = sav->sah->saidx.src.sin.sin_addr.s_addr;
5724 sav->sah->saidx.dst.sin.sin_addr.s_addr) {
5728 addr = sav->sah->saidx.dst.sin.sin_addr.s_addr;
5742 key_setident(struct secashead *sah, const struct sadb_msghdr *mhp)
5747 IPSEC_ASSERT(sah != NULL, ("null secashead"));
5754 sah->idents = NULL;
5755 sah->identd = NULL;
5782 sah->idents = NULL;
5783 sah->identd = NULL;
5788 sah->idents = malloc(sizeof(struct secident), M_IPSEC_MISC, M_NOWAIT);
5789 if (sah->idents == NULL) {
5793 sah->identd = malloc(sizeof(struct secident), M_IPSEC_MISC, M_NOWAIT);
5794 if (sah->identd == NULL) {
5795 free(sah->idents, M_IPSEC_MISC);
5796 sah->idents = NULL;
5800 sah->idents->type = idsrc->sadb_ident_type;
5801 sah->idents->id = idsrc->sadb_ident_id;
5803 sah->identd->type = iddst->sadb_ident_type;
5804 sah->identd->id = iddst->sadb_ident_id;
5925 if (key_cmpsaidx(&sav->sah->saidx, &saidx, CMP_HEAD) == 0) {
5969 struct secashead *sah;
5974 LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
5975 if (key_cmpsaidx(&sah->saidx, saidx, CMP_HEAD) == 0)
5978 TAILQ_CONCAT(&drainq, &sah->savtree_alive, chain);
5993 key_freesah(&sav->sah); /* release reference from SAV */
6031 struct secashead *sah;
6036 TAILQ_FOREACH(sah, &V_sahtree, chain) {
6037 sav = TAILQ_FIRST(&sah->savtree_alive);
6046 TAILQ_CONCAT(&drainq, &sah->savtree_alive, chain);
6062 key_freesah(&sav->sah); /* release reference from SAV */
6136 if (key_cmpsaidx(&sav->sah->saidx, &saidx, CMP_HEAD) == 0) {
6148 if ((satype = key_proto2satype(sav->sah->saidx.proto)) == 0) {
6856 struct secashead *sah;
6948 LIST_FOREACH(sah, SAHADDRHASH_HASH(&saidx), addrhash) {
6949 if (key_cmpsaidx(&sah->saidx, &saidx, CMP_MODE_REQID))
6953 if (sah != NULL) {
7181 IPSEC_ASSERT (sav->sah != NULL, ("null sa header"));
7188 satype = key_proto2satype(sav->sah->saidx.proto);
7210 m = key_setsadbxsa2(sav->sah->saidx.mode, replay_count,
7211 sav->sah->saidx.reqid);
7265 &sav->sah->saidx.src.sa,
7275 &sav->sah->saidx.dst.sa,
7320 struct secashead *sah, *nextsah;
7323 sah = TAILQ_FIRST(flushq);
7324 while (sah != NULL) {
7325 sav = TAILQ_FIRST(&sah->savtree_larval);
7328 TAILQ_REMOVE(&sah->savtree_larval, sav, chain);
7330 key_freesah(&sah); /* release reference from SAV */
7333 sav = TAILQ_FIRST(&sah->savtree_alive);
7336 TAILQ_REMOVE(&sah->savtree_alive, sav, chain);
7338 key_freesah(&sah); /* release reference from SAV */
7341 nextsah = TAILQ_NEXT(sah, chain);
7342 key_freesah(&sah); /* release last reference */
7343 sah = nextsah;
7364 struct secashead *sah, *nextsah;
7395 TAILQ_FOREACH(sah, &flushq, chain) {
7396 sah->state = SADB_SASTATE_DEAD;
7404 TAILQ_FOREACH(sav, &sah->savtree_larval, chain) {
7407 TAILQ_FOREACH(sav, &sah->savtree_alive, chain) {
7414 sah = TAILQ_FIRST(&V_sahtree);
7415 while (sah != NULL) {
7416 IPSEC_ASSERT(sah->state != SADB_SASTATE_DEAD,
7417 ("DEAD SAH %p in SADB_FLUSH", sah));
7418 nextsah = TAILQ_NEXT(sah, chain);
7419 if (sah->saidx.proto != proto) {
7420 sah = nextsah;
7423 sah->state = SADB_SASTATE_DEAD;
7424 TAILQ_REMOVE(&V_sahtree, sah, chain);
7425 LIST_REMOVE(sah, addrhash);
7427 TAILQ_FOREACH(sav, &sah->savtree_larval, chain) {
7431 TAILQ_FOREACH(sav, &sah->savtree_alive, chain) {
7436 TAILQ_INSERT_HEAD(&flushq, sah, chain);
7437 sah = nextsah;
7477 struct secashead *sah;
7499 TAILQ_FOREACH(sah, &V_sahtree, chain) {
7501 proto != sah->saidx.proto)
7504 TAILQ_FOREACH(sav, &sah->savtree_larval, chain)
7506 TAILQ_FOREACH(sav, &sah->savtree_alive, chain)
7517 TAILQ_FOREACH(sah, &V_sahtree, chain) {
7519 proto != sah->saidx.proto)
7523 if ((satype = key_proto2satype(sah->saidx.proto)) == 0) {
7529 TAILQ_FOREACH(sav, &sah->savtree_larval, chain) {
7538 TAILQ_FOREACH(sav, &sah->savtree_alive, chain) {
8147 struct secashead *sah;
8180 TAILQ_FOREACH(sah, &sahdrainq, chain) {
8181 sah->state = SADB_SASTATE_DEAD;
8182 TAILQ_FOREACH(sav, &sah->savtree_larval, chain) {
8185 TAILQ_FOREACH(sav, &sah->savtree_alive, chain) {