Changeset View
Changeset View
Standalone View
Standalone View
head/sys/netipsec/xform_ah.c
Show First 20 Lines • Show All 955 Lines • ▼ Show 20 Lines | #endif /* INET6 */ | ||||
ah->ah_reserve = 0; | ah->ah_reserve = 0; | ||||
ah->ah_spi = sav->spi; | ah->ah_spi = sav->spi; | ||||
/* Zeroize authenticator. */ | /* Zeroize authenticator. */ | ||||
m_copyback(m, skip + rplen, authsize, ipseczeroes); | m_copyback(m, skip + rplen, authsize, ipseczeroes); | ||||
/* Insert packet replay counter, as requested. */ | /* Insert packet replay counter, as requested. */ | ||||
if (sav->replay) { | if (sav->replay) { | ||||
SECASVAR_LOCK(sav); | |||||
if (sav->replay->count == ~0 && | if (sav->replay->count == ~0 && | ||||
(sav->flags & SADB_X_EXT_CYCSEQ) == 0) { | (sav->flags & SADB_X_EXT_CYCSEQ) == 0) { | ||||
SECASVAR_UNLOCK(sav); | |||||
DPRINTF(("%s: replay counter wrapped for SA %s/%08lx\n", | DPRINTF(("%s: replay counter wrapped for SA %s/%08lx\n", | ||||
__func__, ipsec_address(&sav->sah->saidx.dst, buf, | __func__, ipsec_address(&sav->sah->saidx.dst, buf, | ||||
sizeof(buf)), (u_long) ntohl(sav->spi))); | sizeof(buf)), (u_long) ntohl(sav->spi))); | ||||
AHSTAT_INC(ahs_wrap); | AHSTAT_INC(ahs_wrap); | ||||
error = EINVAL; | error = EINVAL; | ||||
goto bad; | goto bad; | ||||
} | } | ||||
#ifdef REGRESSION | #ifdef REGRESSION | ||||
/* Emulate replay attack when ipsec_replay is TRUE. */ | /* Emulate replay attack when ipsec_replay is TRUE. */ | ||||
if (!V_ipsec_replay) | if (!V_ipsec_replay) | ||||
#endif | #endif | ||||
sav->replay->count++; | sav->replay->count++; | ||||
ah->ah_seq = htonl(sav->replay->count); | ah->ah_seq = htonl(sav->replay->count); | ||||
SECASVAR_UNLOCK(sav); | |||||
} | } | ||||
/* Get crypto descriptors. */ | /* Get crypto descriptors. */ | ||||
crp = crypto_getreq(1); | crp = crypto_getreq(1); | ||||
if (crp == NULL) { | if (crp == NULL) { | ||||
DPRINTF(("%s: failed to acquire crypto descriptors\n", | DPRINTF(("%s: failed to acquire crypto descriptors\n", | ||||
__func__)); | __func__)); | ||||
AHSTAT_INC(ahs_crypto); | AHSTAT_INC(ahs_crypto); | ||||
▲ Show 20 Lines • Show All 213 Lines • Show Last 20 Lines |