Changeset View
Changeset View
Standalone View
Standalone View
sys/netipsec/key.c
Show First 20 Lines • Show All 5,720 Lines • ▼ Show 20 Lines | key_setnatt(struct secasvar *sav, const struct sadb_msghdr *mhp) | ||||
} | } | ||||
return (0); | return (0); | ||||
} | } | ||||
static int | static int | ||||
key_setident(struct secashead *sah, const struct sadb_msghdr *mhp) | key_setident(struct secashead *sah, const struct sadb_msghdr *mhp) | ||||
{ | { | ||||
const struct sadb_ident *idsrc, *iddst; | const struct sadb_ident *idsrc, *iddst; | ||||
int idsrclen, iddstlen; | |||||
IPSEC_ASSERT(sah != NULL, ("null secashead")); | IPSEC_ASSERT(sah != NULL, ("null secashead")); | ||||
IPSEC_ASSERT(mhp != NULL, ("null msghdr")); | IPSEC_ASSERT(mhp != NULL, ("null msghdr")); | ||||
IPSEC_ASSERT(mhp->msg != NULL, ("null msg")); | IPSEC_ASSERT(mhp->msg != NULL, ("null msg")); | ||||
/* don't make buffer if not there */ | /* don't make buffer if not there */ | ||||
if (SADB_CHECKHDR(mhp, SADB_EXT_IDENTITY_SRC) && | if (SADB_CHECKHDR(mhp, SADB_EXT_IDENTITY_SRC) && | ||||
SADB_CHECKHDR(mhp, SADB_EXT_IDENTITY_DST)) { | SADB_CHECKHDR(mhp, SADB_EXT_IDENTITY_DST)) { | ||||
sah->idents = NULL; | sah->idents = NULL; | ||||
sah->identd = NULL; | sah->identd = NULL; | ||||
return (0); | return (0); | ||||
} | } | ||||
if (SADB_CHECKHDR(mhp, SADB_EXT_IDENTITY_SRC) || | if (SADB_CHECKHDR(mhp, SADB_EXT_IDENTITY_SRC) || | ||||
SADB_CHECKHDR(mhp, SADB_EXT_IDENTITY_DST)) { | SADB_CHECKHDR(mhp, SADB_EXT_IDENTITY_DST)) { | ||||
ipseclog((LOG_DEBUG, "%s: invalid identity.\n", __func__)); | ipseclog((LOG_DEBUG, "%s: invalid identity.\n", __func__)); | ||||
return (EINVAL); | return (EINVAL); | ||||
} | } | ||||
idsrc = (const struct sadb_ident *)mhp->ext[SADB_EXT_IDENTITY_SRC]; | idsrc = (const struct sadb_ident *)mhp->ext[SADB_EXT_IDENTITY_SRC]; | ||||
iddst = (const struct sadb_ident *)mhp->ext[SADB_EXT_IDENTITY_DST]; | iddst = (const struct sadb_ident *)mhp->ext[SADB_EXT_IDENTITY_DST]; | ||||
idsrclen = mhp->extlen[SADB_EXT_IDENTITY_SRC]; | |||||
iddstlen = mhp->extlen[SADB_EXT_IDENTITY_DST]; | |||||
/* validity check */ | /* validity check */ | ||||
if (idsrc->sadb_ident_type != iddst->sadb_ident_type) { | if (idsrc->sadb_ident_type != iddst->sadb_ident_type) { | ||||
ipseclog((LOG_DEBUG, "%s: ident type mismatch.\n", __func__)); | ipseclog((LOG_DEBUG, "%s: ident type mismatch.\n", __func__)); | ||||
return EINVAL; | return EINVAL; | ||||
} | } | ||||
switch (idsrc->sadb_ident_type) { | switch (idsrc->sadb_ident_type) { | ||||
▲ Show 20 Lines • Show All 1,680 Lines • ▼ Show 20 Lines | |||||
* m will always be freed. | * m will always be freed. | ||||
*/ | */ | ||||
static int | static int | ||||
key_dump(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp) | key_dump(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp) | ||||
{ | { | ||||
SAHTREE_RLOCK_TRACKER; | SAHTREE_RLOCK_TRACKER; | ||||
struct secashead *sah; | struct secashead *sah; | ||||
struct secasvar *sav; | struct secasvar *sav; | ||||
struct sadb_msg *newmsg; | |||||
struct mbuf *n; | struct mbuf *n; | ||||
uint32_t cnt; | uint32_t cnt; | ||||
uint8_t proto, satype; | uint8_t proto, satype; | ||||
IPSEC_ASSERT(so != NULL, ("null socket")); | IPSEC_ASSERT(so != NULL, ("null socket")); | ||||
IPSEC_ASSERT(m != NULL, ("null mbuf")); | IPSEC_ASSERT(m != NULL, ("null mbuf")); | ||||
IPSEC_ASSERT(mhp != NULL, ("null msghdr")); | IPSEC_ASSERT(mhp != NULL, ("null msghdr")); | ||||
IPSEC_ASSERT(mhp->msg != NULL, ("null msg")); | IPSEC_ASSERT(mhp->msg != NULL, ("null msg")); | ||||
Show All 20 Lines | key_dump(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp) | ||||
} | } | ||||
if (cnt == 0) { | if (cnt == 0) { | ||||
SAHTREE_RUNLOCK(); | SAHTREE_RUNLOCK(); | ||||
return key_senderror(so, m, ENOENT); | return key_senderror(so, m, ENOENT); | ||||
} | } | ||||
/* send this to the userland, one at a time. */ | /* send this to the userland, one at a time. */ | ||||
newmsg = NULL; | |||||
TAILQ_FOREACH(sah, &V_sahtree, chain) { | TAILQ_FOREACH(sah, &V_sahtree, chain) { | ||||
if (mhp->msg->sadb_msg_satype != SADB_SATYPE_UNSPEC && | if (mhp->msg->sadb_msg_satype != SADB_SATYPE_UNSPEC && | ||||
proto != sah->saidx.proto) | proto != sah->saidx.proto) | ||||
continue; | continue; | ||||
/* map proto to satype */ | /* map proto to satype */ | ||||
if ((satype = key_proto2satype(sah->saidx.proto)) == 0) { | if ((satype = key_proto2satype(sah->saidx.proto)) == 0) { | ||||
SAHTREE_RUNLOCK(); | SAHTREE_RUNLOCK(); | ||||
▲ Show 20 Lines • Show All 923 Lines • Show Last 20 Lines |