Commit Graph

74 Commits

Author SHA1 Message Date
Hajimu UMEMOTO
b1a6f1d8a2 SADB_UPDATE did not return an error when key length is invalid.
Obtained from:	KAME
2005-08-22 07:05:14 +00:00
Hajimu UMEMOTO
e1d274a25d fix build without option INET6.
Reported by:	Philip M. Gollucci <pgollucci__at__p6m7g8.com>
2005-07-30 20:10:31 +00:00
Hajimu UMEMOTO
a1f7e5f8ee scope cleanup. with this change
- most of the kernel code will not care about the actual encoding of
  scope zone IDs and won't touch "s6_addr16[1]" directly.
- similarly, most of the kernel code will not care about link-local
  scoped addresses as a special case.
- scope boundary check will be stricter.  For example, the current
  *BSD code allows a packet with src=::1 and dst=(some global IPv6
  address) to be sent outside of the node, if the application do:
    s = socket(AF_INET6);
    bind(s, "::1");
    sendto(s, some_global_IPv6_addr);
  This is clearly wrong, since ::1 is only meaningful within a single
  node, but the current implementation of the *BSD kernel cannot
  reject this attempt.

Submitted by:	JINMEI Tatuya <jinmei__at__isl.rdc.toshiba.co.jp>
Obtained from:	KAME
2005-07-25 12:31:43 +00:00
SUZUKI Shinsuke
6910b9ebdb fixed an unexpected addr/port matching failure in IPv6 SA management
PR: kern/72393
MFC after: 3 days
2005-01-10 13:06:42 +00:00
Warner Losh
c398230b64 /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
SUZUKI Shinsuke
3d54848fc2 support TCP-MD5(IPv4) in KAME-IPSEC, too.
MFC after: 3 week
2004-11-08 18:49:51 +00:00
Robert Watson
dbfb9a4ee6 Merge netipsec/key.c:1.17 into KAME pfkey implementation:
date: 2004/09/26 02:01:27;  author: sam;  state: Exp;  lines: +0 -5
  Correct handling of SADB_UPDATE and SADB_ADD requests.  key_align may
  split the mbuf due to use of m_pulldown.  Discarding the result because
  of this does not make sense as no subsequent code depends on the entire
  msg being linearized (only the individual pieces).  It's likely
  something else is wrong here but for now this appears to get things back
  to a working state.

  Submitted by:   Roselyn Lee

This change was also made in the KAME CVS repository as key.c:1.337 by
itojun.
2004-09-30 00:49:55 +00:00
Robert Watson
71182fbeb6 The KAME IPSEC implementation at one point used its own pseudo-random
number generator, which was re-seeded via a timeout.  Now centralized
randomness/entropy is used, we can garbage collect the timeout and
re-seeding code (which was largely a no-op).

Discussed with:	itojun, suz, JINMEI Tatuya < jinmei at isl dot rdc dot toshiba dot co dot jp >
2004-09-02 20:14:03 +00:00
Robert Watson
3713458b99 Diff reduce against KAME: minor white space synchronization to KAME
tree.
2004-08-27 18:24:59 +00:00
Hajimu UMEMOTO
a8938746a3 avoid duplicate free.
(though KAME doesn't decide how to fix it yet, I once commit it
to be in time for 5.2.1-RELEASE.)

Submitted by:	itojun
2004-01-25 17:18:12 +00:00
Hajimu UMEMOTO
3b0105ca30 invalidate secpolicy pcb cache on key_timehandler. part of
http://sources.zabbadoz.net/freebsd/patchset/110-ipsec-netkey-key.diff

Submitted by:	"Bjoern A. Zeeb" <bzeeb+freebsd@zabbadoz.net>
Reviewed by:	itojun
2004-01-14 04:39:40 +00:00
Hajimu UMEMOTO
e9c8752e56 add missing key_freesp()s. part of
http://sources.zabbadoz.net/freebsd/patchset/110-ipsec-netkey-key.diff
with some modification.

Submitted by:	"Bjoern A. Zeeb" <bzeeb+freebsd@zabbadoz.net>
Reviewed by:	itojun
Obtained from:	KAME
2004-01-14 04:10:28 +00:00
Hajimu UMEMOTO
869a467690 don't touch after free. 2003-12-10 05:01:41 +00:00
Hajimu UMEMOTO
7c1da7529a use callout_*() rather than timeout(). 2003-12-07 11:23:59 +00:00
Hajimu UMEMOTO
dd8b0111cb missing splx.
this is a NOOP change, and primarily merged for consistency with
-STABLE.

Approved by:	re (rwatson)
2003-11-28 14:34:42 +00:00
Hajimu UMEMOTO
313ab6b4d5 add sysctl MIB net.key.esp_auth which was wrongly dropped
during recent KAME merge.
2003-11-13 12:26:55 +00:00
Hajimu UMEMOTO
331bf4e6f7 ipsec_esp_auth is unused when IPSEC_ESP is not defined.
Reported by:	Andre Oppermann <oppermann@pipeline.ch>
2003-11-11 17:25:45 +00:00
Hajimu UMEMOTO
0f9ade718d - cleanup SP refcnt issue.
- share policy-on-socket for listening socket.
- don't copy policy-on-socket at all.  secpolicy no longer contain
  spidx, which saves a lot of memory.
- deep-copy pcb policy if it is an ipsec policy.  assign ID field to
  all SPD entries.  make it possible for racoon to grab SPD entry on
  pcb.
- fixed the order of searching SA table for packets.
- fixed to get a security association header.  a mode is always needed
  to compare them.
- fixed that the incorrect time was set to
  sadb_comb_{hard|soft}_usetime.
- disallow port spec for tunnel mode policy (as we don't reassemble).
- an user can define a policy-id.
- clear enc/auth key before freeing.
- fixed that the kernel crashed when key_spdacquire() was called
  because key_spdacquire() had been implemented imcopletely.
- preparation for 64bit sequence number.
- maintain ordered list of SA, based on SA id.
- cleanup secasvar management; refcnt is key.c responsibility;
  alloc/free is keydb.c responsibility.
- cleanup, avoid double-loop.
- use hash for spi-based lookup.
- mark persistent SP "persistent".
  XXX in theory refcnt should do the right thing, however, we have
  "spdflush" which would touch all SPs.  another solution would be to
  de-register persistent SPs from sptree.
- u_short -> u_int16_t
- reduce kernel stack usage by auto variable secasindex.
- clarify function name confusion.  ipsec_*_policy ->
  ipsec_*_pcbpolicy.
- avoid variable name confusion.
  (struct inpcbpolicy *)pcb_sp, spp (struct secpolicy **), sp (struct
  secpolicy *)
- count number of ipsec encapsulations on ipsec4_output, so that we
  can tell ip_output() how to handle the packet further.
- When the value of the ul_proto is ICMP or ICMPV6, the port field in
  "src" of the spidx specifies ICMP type, and the port field in "dst"
  of the spidx specifies ICMP code.
- avoid from applying IPsec transport mode to the packets when the
  kernel forwards the packets.

Tested by:	nork
Obtained from:	KAME
2003-11-04 16:02:05 +00:00
Hajimu UMEMOTO
2dc334e089 correct %d/%u mismatch.
Obtained from:	KAME
2003-11-02 12:28:04 +00:00
Hajimu UMEMOTO
9712142383 cleanup secasvar management; refcnt is key.c responsibility;
alloc/free is keydb.c responsibility.

Obtained from:	KAME
2003-11-02 10:49:47 +00:00
Hajimu UMEMOTO
46b35e11be mib name was changed by fixing a spelling.
net.key.prefered_oldsa -> net.key.preferred_oldsa

Obtained from:	KAME
2003-10-28 16:16:04 +00:00
Hajimu UMEMOTO
66bb118edd drop the code of HAVE_NRL_INPCB part. our system doesn't
use NRL style INPCB.
2003-10-22 18:52:57 +00:00
Hajimu UMEMOTO
386caafbf7 Reduce diffs against KAME. No functional change.
Obtained from:	KAME
2003-09-30 10:52:49 +00:00
Hajimu UMEMOTO
aa73b85dc8 Sync style and comments with latest KAME to reduce diffs.
No functional change.

Obtained from:	KAME
2003-09-30 07:57:05 +00:00
Hajimu UMEMOTO
5c6ebad8f6 add /*CONSTCOND*/ to reduce diffs against latest KAME.
Obtained from:	KAME
2003-09-25 13:40:06 +00:00
Hajimu UMEMOTO
4bcf9f8e6f panic() doesn't need `\n'.
Obtained from:	KAME
2003-09-25 13:36:51 +00:00
David E. O'Brien
ab0de15baf Use __FBSDID(). 2003-06-11 05:37:42 +00:00
Warner Losh
a163d034fa Back out M_* changes, per decision of the TRB.
Approved by: trb
2003-02-19 05:47:46 +00:00
Andrey A. Chernov
24a701b269 Comment out srandom():
1) Already called in init_main.c:proc0_post()
2) Seed is bad
2003-02-05 15:32:24 +00:00
Alfred Perlstein
44956c9863 Remove M_TRYWAIT/M_WAITOK/M_WAIT. Callers should use 0.
Merge M_NOWAIT/M_DONTWAIT into a single flag M_NOWAIT.
2003-01-21 08:56:16 +00:00
Jens Schweikhardt
9d5abbddbf Correct typos, mostly s/ a / an / where appropriate. Some whitespace cleanup,
especially in troff files.
2003-01-01 18:49:04 +00:00
Hajimu UMEMOTO
1116a8c98e - fixed the order of searching SA table for packets.
- comment about deletion of SA that has not been used by reaching
  soft lifetime.

Obtained from:	KAME
MFC after:	2 week
2002-07-10 16:39:38 +00:00
Peter Wemm
3b688a9484 pacify gcc-3.1's -Wunused checking. 2002-05-24 05:53:57 +00:00
Alfred Perlstein
96abb1618a Remove __P. 2002-03-20 02:39:27 +00:00
Hajimu UMEMOTO
e4c606a0ca missing splx
Obtained from:	KAME
MFC after:	1 week
2002-03-01 13:13:17 +00:00
Hajimu UMEMOTO
ab101c5598 (when new sa is preferred than old sa)
even if we fail to send pfkey message, remove the old sa.

Obtained from:	KAME
MFC after:	1 week
2002-03-01 12:17:21 +00:00
Peter Wemm
d5362546cf Fix warnings 2002-02-28 02:56:29 +00:00
Seigo Tanimura
f591779bb5 Lock struct pgrp, session and sigio.
New locks are:

- pgrpsess_lock which locks the whole pgrps and sessions,
- pg_mtx which protects the pgrp members, and
- s_mtx which protects the session members.

Please refer to sys/proc.h for the coverage of these locks.

Changes on the pgrp/session interface:

- pgfind() needs the pgrpsess_lock held.

- The caller of enterpgrp() is responsible to allocate a new pgrp and
  session.

- Call enterthispgrp() in order to enter an existing pgrp.

- pgsignal() requires a pgrp lock held.

Reviewed by:	jhb, alfred
Tested on:	cvsup.jp.FreeBSD.org
		(which is a quad-CPU machine running -current)
2002-02-23 11:12:57 +00:00
Hajimu UMEMOTO
8d6337d059 Newer SA is prefered for a out-bound packet than old one
when net.key.prefered_oldsa is set to zero.

Obtained from:	KAME
MFC after:	1 week
2001-12-05 05:40:49 +00:00
Hajimu UMEMOTO
e9d3164d29 Fixed the behavior when there is no inbound policy for the ipsec
tunneled packet.
When there is no suitable inbound policy for the packet of the ipsec
tunnel mode, the kernel never decapsulate the tunneled packet
as the ipsec tunnel mode even when the system wide policy is "none".
Then the kernel leaves the generic tunnel module to process this
packet.  If there is no rule of the generic tunnel, the packet
is rejected and the statistics will be counted up.

Obtained from:	KAME
MFC after:	1 week
2001-11-06 22:45:29 +00:00
Hajimu UMEMOTO
3bc1038274 - net.inet.ipsec.esp_auth hasn't been there
- nuke all debug printfs, which are unneeded by now.
- get rid of #ifdef IPSEC_DEBUG in headers
- now that key_debug_level is always defined, there's no need for
  #ifdef IPSEC_DEBUG around sysctl MIB code (net.key.debug).
- switch all debug printf() to ipseclog().

Obtained from:	KAME
MFC after:	1 week
2001-11-05 16:46:24 +00:00
Hajimu UMEMOTO
794ffde89e Unbreak build without INET6.
Reported by:	Christopher N . Harrell <cnh@netvmg.com>
MFC after:	1 week
2001-11-03 20:47:50 +00:00
Hajimu UMEMOTO
af109ffd14 System wide policy should be returned when no policy found in the SPD.
The packet was rejected in ipsec[46]_tunnel_validate().

Obtained from:	KAME
MFC after:	1 week
2001-10-29 16:29:41 +00:00
Hajimu UMEMOTO
9f833c5b5a Fixed the value of the prefixlen in the sadb_address structure.
When pfkey message relative to SA is sent, the prefixlen was incorrect.

Obtained from:	KAME
MFC after:	1 week
2001-10-22 20:19:47 +00:00
Hajimu UMEMOTO
56a87de33f The behavior of SPDUPDATE has been changed.
SPDUPDATE doesn't depend on whether there is a SP or not.
This change makes `generate_policy on' of racoon work.

Obtained from:	KAME
MFC after:	1 week
2001-10-17 13:01:39 +00:00
Hajimu UMEMOTO
232bdaf61f printed current sequence number of the SA. accordingly, changed
into sadb_x_sa2_sequence from sadb_x_sa2_reserved3 in the sadb_x_sa2
structure.  Also the output of setkey is changed.  sequence number
of the sadb is replaced to the end of the output.

Obtained from:	KAME
2001-08-06 19:40:01 +00:00
Hajimu UMEMOTO
e51e1807bd do not play too much trick with evaluation order. from netbsd
Obtained from:	KAME
2001-08-06 19:34:41 +00:00
Hajimu UMEMOTO
910e7df8bb fixed to make a response in key_spdadd(). reported by <R.P.Koster@kpn.com>
Obtained from:	KAME
2001-08-06 19:32:47 +00:00
Hajimu UMEMOTO
b8f2e55112 merged key_cmpsaidx_*.
Obtained from:	KAME
2001-08-06 19:31:13 +00:00
Hajimu UMEMOTO
3384154590 Sync with recent KAME.
This work was based on kame-20010528-freebsd43-snap.tgz and some
critical problem after the snap was out were fixed.
There are many many changes since last KAME merge.

TODO:
  - The definitions of SADB_* in sys/net/pfkeyv2.h are still different
    from RFC2407/IANA assignment because of binary compatibility
    issue.  It should be fixed under 5-CURRENT.
  - ip6po_m member of struct ip6_pktopts is no longer used.  But, it
    is still there because of binary compatibility issue.  It should
    be removed under 5-CURRENT.

Reviewed by:	itojun
Obtained from:	KAME
MFC after:	3 weeks
2001-06-11 12:39:29 +00:00