- avoid hardcoded values.
- correct signedness mixups. - log fix. - preparation for 64bit sequence number. introduce SA id (unique ID for SA - SPI is useless as duplicated SPI is allowed) - no need to malloc/free cksum buffer. Obtained from: KAME
This commit is contained in:
Hajimu UMEMOTO
parent
5197cdc1aa
commit
7128815095
@ -108,11 +108,10 @@ ah4_input(m, off)
|
||||
const struct ah_algorithm *algo;
|
||||
size_t siz;
|
||||
size_t siz1;
|
||||
u_char *cksum;
|
||||
u_int8_t cksum[AH_MAXSUMSIZE];
|
||||
struct secasvar *sav = NULL;
|
||||
u_int16_t nxt;
|
||||
size_t hlen;
|
||||
int proto;
|
||||
size_t stripsiz = 0;
|
||||
|
||||
#ifndef PULLDOWN_TEST
|
||||
@ -127,11 +126,9 @@ ah4_input(m, off)
|
||||
}
|
||||
|
||||
ip = mtod(m, struct ip *);
|
||||
proto = ip->ip_p;
|
||||
ah = (struct ah *)(((caddr_t)ip) + off);
|
||||
#else
|
||||
ip = mtod(m, struct ip *);
|
||||
proto = ip->ip_p;
|
||||
IP6_EXTHDR_GET(ah, struct ah *, m, off, sizeof(struct newah));
|
||||
if (ah == NULL) {
|
||||
ipseclog((LOG_DEBUG, "IPv4 AH input: can't pullup;"
|
||||
@ -227,6 +224,12 @@ ah4_input(m, off)
|
||||
ipsecstat.in_inval++;
|
||||
goto fail;
|
||||
}
|
||||
if (siz1 > sizeof(cksum)) {
|
||||
ipseclog((LOG_NOTICE, "sum length too large: %s\n",
|
||||
ipsec4_logpacketstr(ip, spi)));
|
||||
ipsecstat.in_inval++;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
#ifndef PULLDOWN_TEST
|
||||
if (m->m_len < off + sizeof(struct ah) + sizoff + siz1) {
|
||||
@ -270,22 +273,14 @@ ah4_input(m, off)
|
||||
* alright, it seems sane. now we are going to check the
|
||||
* cryptographic checksum.
|
||||
*/
|
||||
cksum = malloc(siz1, M_TEMP, M_NOWAIT);
|
||||
if (!cksum) {
|
||||
ipseclog((LOG_DEBUG, "IPv4 AH input: "
|
||||
"couldn't alloc temporary region for cksum\n"));
|
||||
ipsecstat.in_inval++;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* some of IP header fields are flipped to the host endian.
|
||||
* convert them back to network endian. VERY stupid.
|
||||
*/
|
||||
ip->ip_len = htons(ip->ip_len + hlen);
|
||||
ip->ip_off = htons(ip->ip_off);
|
||||
if (ah4_calccksum(m, (caddr_t)cksum, siz1, algo, sav)) {
|
||||
free(cksum, M_TEMP);
|
||||
if (ah4_calccksum(m, cksum, siz1, algo, sav)) {
|
||||
ipsecstat.in_inval++;
|
||||
goto fail;
|
||||
}
|
||||
@ -311,14 +306,11 @@ ah4_input(m, off)
|
||||
ipseclog((LOG_WARNING,
|
||||
"checksum mismatch in IPv4 AH input: %s %s\n",
|
||||
ipsec4_logpacketstr(ip, spi), ipsec_logsastr(sav)));
|
||||
free(cksum, M_TEMP);
|
||||
ipsecstat.in_ahauthfail++;
|
||||
goto fail;
|
||||
}
|
||||
}
|
||||
|
||||
free(cksum, M_TEMP);
|
||||
|
||||
m->m_flags |= M_AUTHIPHDR;
|
||||
m->m_flags |= M_AUTHIPDGM;
|
||||
|
||||
@ -573,7 +565,7 @@ ah6_input(mp, offp, proto)
|
||||
const struct ah_algorithm *algo;
|
||||
size_t siz;
|
||||
size_t siz1;
|
||||
u_char *cksum;
|
||||
u_int8_t cksum[AH_MAXSUMSIZE];
|
||||
struct secasvar *sav = NULL;
|
||||
u_int16_t nxt;
|
||||
size_t stripsiz = 0;
|
||||
@ -662,6 +654,13 @@ ah6_input(mp, offp, proto)
|
||||
ipsec6stat.in_inval++;
|
||||
goto fail;
|
||||
}
|
||||
if (siz1 > sizeof(cksum)) {
|
||||
ipseclog((LOG_NOTICE, "sum length too large: %s\n",
|
||||
ipsec6_logpacketstr(ip6, spi)));
|
||||
ipsec6stat.in_inval++;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
#ifndef PULLDOWN_TEST
|
||||
IP6_EXTHDR_CHECK(m, off, sizeof(struct ah) + sizoff + siz1, IPPROTO_DONE);
|
||||
#else
|
||||
@ -696,16 +695,8 @@ ah6_input(mp, offp, proto)
|
||||
* alright, it seems sane. now we are going to check the
|
||||
* cryptographic checksum.
|
||||
*/
|
||||
cksum = malloc(siz1, M_TEMP, M_NOWAIT);
|
||||
if (!cksum) {
|
||||
ipseclog((LOG_DEBUG, "IPv6 AH input: "
|
||||
"couldn't alloc temporary region for cksum\n"));
|
||||
ipsec6stat.in_inval++;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
if (ah6_calccksum(m, (caddr_t)cksum, siz1, algo, sav)) {
|
||||
free(cksum, M_TEMP);
|
||||
|
||||
if (ah6_calccksum(m, cksum, siz1, algo, sav)) {
|
||||
ipsec6stat.in_inval++;
|
||||
goto fail;
|
||||
}
|
||||
@ -726,14 +717,11 @@ ah6_input(mp, offp, proto)
|
||||
ipseclog((LOG_WARNING,
|
||||
"checksum mismatch in IPv6 AH input: %s %s\n",
|
||||
ipsec6_logpacketstr(ip6, spi), ipsec_logsastr(sav)));
|
||||
free(cksum, M_TEMP);
|
||||
ipsec6stat.in_ahauthfail++;
|
||||
goto fail;
|
||||
}
|
||||
}
|
||||
|
||||
free(cksum, M_TEMP);
|
||||
|
||||
m->m_flags |= M_AUTHIPHDR;
|
||||
m->m_flags |= M_AUTHIPDGM;
|
||||
|
||||
@ -862,7 +850,7 @@ ah6_input(mp, offp, proto)
|
||||
/*
|
||||
* strip off AH.
|
||||
*/
|
||||
char *prvnxtp;
|
||||
u_int8_t *prvnxtp;
|
||||
|
||||
/*
|
||||
* Copy the value of the next header field of AH to the
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
/* $FreeBSD$ */
|
||||
/* $KAME: ah_output.c,v 1.31 2001/07/26 06:53:15 jinmei Exp $ */
|
||||
/* $KAME: ah_output.c,v 1.38 2003/09/06 05:15:43 itojun Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
|
||||
@ -128,9 +128,9 @@ ah_hdrsiz(isr)
|
||||
estimate:
|
||||
/* ASSUMING:
|
||||
* sizeof(struct newah) > sizeof(struct ah).
|
||||
* 16 = (16 + 3) & ~(4 - 1).
|
||||
* AH_MAXSUMSIZE is multiple of 4.
|
||||
*/
|
||||
return sizeof(struct newah) + 16;
|
||||
return sizeof(struct newah) + AH_MAXSUMSIZE;
|
||||
}
|
||||
|
||||
#ifdef INET
|
||||
@ -150,7 +150,7 @@ ah4_output(m, isr)
|
||||
const struct ah_algorithm *algo;
|
||||
u_int32_t spi;
|
||||
u_char *ahdrpos;
|
||||
u_char *ahsumpos = NULL;
|
||||
u_int8_t *ahsumpos = NULL;
|
||||
size_t hlen = 0; /* IP header+option in bytes */
|
||||
size_t plen = 0; /* AH payload size in bytes */
|
||||
size_t ahlen = 0; /* plen + sizeof(ah) */
|
||||
@ -270,7 +270,7 @@ ah4_output(m, isr)
|
||||
* XXX sequence number must not be cycled, if the SA is
|
||||
* installed by IKE daemon.
|
||||
*/
|
||||
ahdr->ah_seq = htonl(sav->replay->count);
|
||||
ahdr->ah_seq = htonl(sav->replay->count & 0xffffffff);
|
||||
bzero(ahdr + 1, plen);
|
||||
}
|
||||
|
||||
@ -304,7 +304,7 @@ ah4_output(m, isr)
|
||||
* calcurate the checksum, based on security association
|
||||
* and the algorithm specified.
|
||||
*/
|
||||
error = ah4_calccksum(m, (caddr_t)ahsumpos, plen, algo, sav);
|
||||
error = ah4_calccksum(m, ahsumpos, plen, algo, sav);
|
||||
if (error) {
|
||||
ipseclog((LOG_ERR,
|
||||
"error after ah4_calccksum, called from ah4_output"));
|
||||
@ -366,7 +366,7 @@ ah6_output(m, nexthdrp, md, isr)
|
||||
struct secasvar *sav = isr->sav;
|
||||
const struct ah_algorithm *algo;
|
||||
u_int32_t spi;
|
||||
u_char *ahsumpos = NULL;
|
||||
u_int8_t *ahsumpos = NULL;
|
||||
size_t plen; /* AH payload size in bytes */
|
||||
int error = 0;
|
||||
int ahlen;
|
||||
@ -411,7 +411,7 @@ ah6_output(m, nexthdrp, md, isr)
|
||||
/* fix plen */
|
||||
if (m->m_pkthdr.len - sizeof(struct ip6_hdr) > IPV6_MAXPACKET) {
|
||||
ipseclog((LOG_ERR,
|
||||
"ip6_output: AH with IPv6 jumbogram is not supported\n"));
|
||||
"ah6_output: AH with IPv6 jumbogram is not supported\n"));
|
||||
m_freem(m);
|
||||
return EINVAL;
|
||||
}
|
||||
@ -485,7 +485,7 @@ ah6_output(m, nexthdrp, md, isr)
|
||||
* calcurate the checksum, based on security association
|
||||
* and the algorithm specified.
|
||||
*/
|
||||
error = ah6_calccksum(m, (caddr_t)ahsumpos, plen, algo, sav);
|
||||
error = ah6_calccksum(m, ahsumpos, plen, algo, sav);
|
||||
if (error) {
|
||||
ipsec6stat.out_inval++;
|
||||
m_freem(m);
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user