Lines Matching defs:is
34 * This code is referd to RFC 2367
141 u_int32_t key_debug_level = 0; //### our sysctl is not dynamic
592 panic("key_allocsp: NULL pointer is passed.\n");
600 panic("key_allocsp: Invalid direction is passed.\n");
650 struct sockaddr *os, *od, *is, *id;
683 is = (struct sockaddr *)&r1->saidx.src;
685 if (key_sockaddrcmp(is, isrc, 0) ||
714 * ENOENT: policy may be valid, but SA with REQUIRE is on acquiring.
732 panic("key_checkrequest: NULL pointer is passed.\n");
755 /* When there is SA. */
759 /* There is no SA.
814 * This search order is important.
902 /* Which SA is the better ? */
907 "lifetime_current is NULL.\n");
909 /* What the best method is to compare ? */
934 * prepared to delete the SA when there is more
935 * suitable candidate and the lifetime of the SA is not
1025 * A security association is uniquely identified by a triple consisting
1049 panic("key_allocsa: NULL pointer is passed.\n");
1053 * the search order is important even in the inbound case.
1066 * IPsec tunnel packet is received. But ESP tunnel mode is
1071 * the search order is not important.
1222 * This search order is important.
1275 /* Which SA is the better ? */
1280 "lifetime_current is NULL.\n");
1282 /* What the best method is to compare ? */
1318 panic("key_freesp: NULL pointer is passed.\n");
1350 panic("key_freeso: NULL pointer is passed.\n");
1433 * This function is called by key_freesp() to free some SA allocated
1444 panic("key_freesav: NULL pointer is passed.\n");
1473 panic("key_delsp: NULL pointer is passed.\n");
1516 panic("key_getsp: NULL pointer is passed.\n");
1717 /* allocate new reqid id if reqid is zero. */
1859 /* if is the policy for ipsec ? */
1996 panic("key_spdadd: NULL pointer is passed.\n");
2001 ipseclog((LOG_DEBUG, "key_spdadd: invalid message is passed.\n"));
2007 ipseclog((LOG_DEBUG, "key_spdadd: invalid message is passed.\n"));
2013 ipseclog((LOG_DEBUG, "key_spdadd: invalid message is passed.\n"));
2052 /* policy requests are mandatory when action is ipsec. */
2061 * checking there is SP already or not.
2062 * SPDUPDATE doesn't depend on whether there is a SP or not.
2063 * If the type is either SPDADD or SPDSETIDX AND a SP is found,
2217 /* n is already freed */
2257 ipseclog((LOG_DEBUG, "key_getnewspid: to allocate policy id is failed.\n"));
2291 panic("key_spddelete: NULL pointer is passed.\n");
2296 ipseclog((LOG_DEBUG, "key_spddelete: invalid message is passed.\n"));
2302 ipseclog((LOG_DEBUG, "key_spddelete: invalid message is passed.\n"));
2391 panic("key_spddelete2: NULL pointer is passed.\n");
2395 ipseclog((LOG_DEBUG, "key_spddelete2: invalid message is passed.\n"));
2493 panic("key_spdget: NULL pointer is passed.\n");
2497 ipseclog((LOG_DEBUG, "key_spdget: invalid message is passed.\n"));
2529 * policy(*) is without policy requests.
2546 panic("key_spdacquire: NULL pointer is passed.\n");
2548 panic("key_spdacquire: called but there is request.\n");
2550 panic("key_spdacquire: policy mismathed. IPsec is expected.\n");
2605 * NOTE: what to do is only marking SADB_SASTATE_DEAD.
2621 panic("key_spdflush: NULL pointer is passed.\n");
2676 panic("key_spddump: NULL pointer is passed.\n");
2800 /* if is the policy for ipsec ? */
2843 panic("key_spdexpire: NULL pointer is passed.\n");
2949 panic("key_newsaidx: NULL pointer is passed.\n");
3001 panic("key_delsah: NULL pointer is passed.\n");
3053 * When SAD message type is GETSPI:
3076 panic("key_newsa: NULL pointer is passed.\n");
3109 ipseclog((LOG_DEBUG, "key_newsa: invalid message is passed.\n"));
3166 panic("key_delsav: NULL pointer is passed.\n");
3246 * NOTE: this function is too slow due to searching all SAD.
3356 panic("key_setsaval: NULL pointer is passed.\n");
3389 * the nat-traversal flag is set.
3402 * Verify if SADB_X_EXT_NATT_MULTIPLEUSERS flag is set that
3403 * SADB_X_EXT_NATT is set and SADB_X_EXT_NATT_KEEPALIVE is not
4261 panic("key_ismyaddr: NULL pointer is passed.\n");
4296 * NOTE: derived ip6_input() in KAME. This is necessary to modify more.
4378 * If reqid of SPD is non-zero, unique SA is required.
4407 * spidx0: source, it is often in SPD.
4408 * spidx1: object, it is often from PFKEY message.
4444 * spidx0: source, it is often in SPD.
4445 * spidx1: object, it is often from IP header.
4488 * scope_id check. if sin6_scope_id is 0, we regard it
4523 * scope_id check. if sin6_scope_id is 0, we regard it
4611 * at a time, but it is complicated on LSB Endian machines */
4750 * If this is a NAT traversal SA with no activity,
4755 * the list is the one that will be used for sending
4756 * traffic, so this is the one we use for determining
4760 sav = LIST_FIRST(&sah->savtree[SADB_SASTATE_MATURE]); //%%% should we check dying list if this is empty???
4789 "There is no CURRENT time, why?\n"));
4816 * when new SA is installed. Caution when it's
4852 "There is no CURRENT time, why?\n"));
4873 * If there is no SA then sending
5045 /* Our PRNG is based on Yarrow and doesn't need to be seeded */
5100 * if satype == SADB_SATYPE then satype is mapped to ~0.
5149 * SADB_GETSPI processing is to receive
5180 panic("key_getspi: NULL pointer is passed.\n");
5184 ipseclog((LOG_DEBUG, "key_getspi: invalid message is passed.\n"));
5189 ipseclog((LOG_DEBUG, "key_getspi: invalid message is passed.\n"));
5205 ipseclog((LOG_DEBUG, "key_getspi: invalid satype is passed.\n"));
5209 /* make sure if port number is zero. */
5429 ipseclog((LOG_DEBUG, "key_do_getnewspi: to allocate spi is failed.\n"));
5446 * from the ikmpd, and update a secasvar entry whose status is SADB_SASTATE_LARVAL.
5474 panic("key_update: NULL pointer is passed.\n");
5478 ipseclog((LOG_DEBUG, "key_update: invalid satype is passed.\n"));
5493 ipseclog((LOG_DEBUG, "key_update: invalid message is passed.\n"));
5499 ipseclog((LOG_DEBUG, "key_update: invalid message is passed.\n"));
5590 * Verify if SADB_X_EXT_NATT_MULTIPLEUSERS flag is set that
5591 * this SA is for transport mode - otherwise clear it.
5623 * search SAD with sequence for a SA which state is SADB_SASTATE_LARVAL.
5696 panic("key_add: NULL pointer is passed.\n");
5700 ipseclog((LOG_DEBUG, "key_add: invalid satype is passed.\n"));
5715 ipseclog((LOG_DEBUG, "key_add: invalid message is passed.\n"));
5722 ipseclog((LOG_DEBUG, "key_add: invalid message is passed.\n"));
5761 /* We can create new SA only if SPI is different. */
5774 * Verify if SADB_X_EXT_NATT_MULTIPLEUSERS flag is set that
5775 * this SA is for transport mode - otherwise clear it.
5811 /* m is retained */
5825 panic("key_setident: NULL pointer is passed.\n");
5894 * it is caller's responsibility to free the result.
5910 panic("key_getmsgbuf_x1: NULL pointer is passed.\n");
5960 panic("key_delete: NULL pointer is passed.\n");
5964 ipseclog((LOG_DEBUG, "key_delete: invalid satype is passed.\n"));
5970 ipseclog((LOG_DEBUG, "key_delete: invalid message is passed.\n"));
5976 ipseclog((LOG_DEBUG, "key_delete: invalid message is passed.\n"));
5985 * that match the src/dst. This is used during
5993 ipseclog((LOG_DEBUG, "key_delete: invalid message is passed.\n"));
6163 panic("key_get: NULL pointer is passed.\n");
6167 ipseclog((LOG_DEBUG, "key_get: invalid satype is passed.\n"));
6174 ipseclog((LOG_DEBUG, "key_get: invalid message is passed.\n"));
6180 ipseclog((LOG_DEBUG, "key_get: invalid message is passed.\n"));
6311 /* m is already freed */
6500 * XXX x_policy is outside of RFC2367 (KAME extension).
6501 * XXX sensitivity is not supported.
6526 panic("key_acquire: NULL pointer is passed.\n");
6528 panic("key_acquire: invalid proto is passed.\n");
6532 * We never do anything about acquirng SA. There is anather
6633 /* XXX is it correct? */
6649 * the problem is that we have no way to attach it for ipcomp,
6650 * due to the way sadb_comb is declared in RFC2367.
6804 * in first situation, is receiving
6808 * In second situation, is receiving
6831 panic("key_acquire2: NULL pointer is passed.\n");
6836 * message is equal to the size of sadb_msg structure.
6856 * the specified larval SA is already gone, or we got
6875 * This message is from user land.
6881 ipseclog((LOG_DEBUG, "key_acquire2: invalid satype is passed.\n"));
6890 ipseclog((LOG_DEBUG, "key_acquire2: invalid message is passed.\n"));
6898 ipseclog((LOG_DEBUG, "key_acquire2: invalid message is passed.\n"));
6940 * If socket is detached, must free from regnode.
6954 panic("key_register: NULL pointer is passed.\n");
6960 /* When SATYPE_UNSPEC is specified, only return sadb_supported. */
7122 panic("key_freereg: NULL pointer is passed.\n");
7126 * check all type of SA, because there is a potential that
7127 * one socket is registered to multiple type of SA.
7168 panic("key_expire: NULL pointer is passed.\n");
7172 panic("key_expire: invalid proto is passed.\n");
7277 * NOTE: to do is only marking SADB_SASTATE_DEAD.
7296 panic("key_flush: NULL pointer is passed.\n");
7300 ipseclog((LOG_DEBUG, "key_flush: invalid satype is passed.\n"));
7391 panic("key_dump: NULL pointer is passed.\n");
7395 ipseclog((LOG_DEBUG, "key_dump: invalid satype is passed.\n"));
7499 panic("key_promisc: NULL pointer is passed.\n");
7533 /* send packet as is */
7537 /* TODO: if sadb_msg_seq is specified, send to specific pid */
7575 * This is rewrited to response.
7595 panic("key_parse: NULL pointer is passed.\n");
7622 "key_parse: PF_KEY version %u is mismatched.\n",
7630 ipseclog((LOG_DEBUG, "key_parse: invalid type %u is passed.\n",
7727 ipseclog((LOG_DEBUG, "key_parse: invalid type %u is passed.\n",
7816 * prefixlen == 0 is valid because there can be a case when
7871 panic("key_align: NULL pointer is passed.\n");
7882 extlen = end; /*just in case extlen is not updated*/
7886 /* m is already freed */
7919 "is passed.\n", ext->sadb_ext_type));
7927 "key_align: invalid ext_type %u is passed.\n",
7944 /* m is already freed */
8071 * XXX: maybe This function is called after INBOUND IPsec processing.
8112 * XXX Currently, there is a difference of bytes size
8116 /* to check bytes lifetime is done in key_timehandler(). */
8121 * whenever {esp,ah}_{in,out}put is called.
8633 * really goes away when the socket is closed. We must remove IP/IPv6