Commit Graph

118 Commits

Author SHA1 Message Date
bz
e1cf25141c Fix a bug that when getting/dumping the soft lifetime we reported
the hard lifetime instead.

MFC after:	3 days
2008-03-24 15:01:20 +00:00
bz
42fbad307b Import change from KAME, rev. 1.362 kame/kame/sys/netkey/key.c
In case of "new SA", we must check the hard lifetime of the old SA
to find out if it is not permanent and we can delete it.

Submitted by:	sakane via gnn
MFC after:	3 days
2008-03-24 14:55:09 +00:00
bz
418e4a564c Add ';' missed with the SYSINIT changes.
Not noticed by tb as TCP_SIGNATURE is not in LINT.

MFC after:	1 month
2008-03-21 18:31:42 +00:00
rwatson
877d7c65ba In keeping with style(9)'s recommendations on macros, use a ';'
after each SYSINIT() macro invocation.  This makes a number of
lightweight C parsers much happier with the FreeBSD kernel
source, including cflow's prcc and lxr.

MFC after:	1 month
Discussed with:	imp, rink
2008-03-16 10:58:09 +00:00
bz
33dfb1706b Correct IPsec behaviour with a 'use' level in SP but no SA available.
In that case return an continue processing the packet without IPsec.

PR:		121384
MFC after:	5 days
Reported by:	Cyrus Rahman (crahman gmail.com)
Tested by:	Cyrus Rahman (crahman gmail.com) [slightly older version]
2008-03-14 16:38:11 +00:00
bz
ee90b5b6c8 Remove the "Fast " from the
"Fast IPsec: Initialized Security Association Processing." printf.
People kept asking questions about this after the IPsec shuffle.

This still is the Fast IPsec implementation so no worries that it would
be any slower now. There are no functional changes.

Discussed with:	sam
MFC after:	4 days
2008-03-14 16:25:40 +00:00
bz
767a2621f0 Fix bugs when allocating and passing information of current lifetime and
soft lifetime [1] introduced in rev. 1.21 of key.c.

Along with that, fix a related problem in key_debug
printing the correct data.
While there replace a printf by panic in a sanity check.

PR:		120751
Submitted by:	Kazuaki ODA (kazuaki aliceblue.jp) [1]
MFC after:	5 days
2008-03-02 17:12:28 +00:00
bz
cfb85f0c07 Rather than passing around a cached 'priv', pass in an ucred to
ipsec*_set_policy and do the privilege check only if needed.

Try to assimilate both ip*_ctloutput code blocks calling ipsec*_set_policy.

Reviewed by:	rwatson
2008-02-02 14:11:31 +00:00
bz
05fda2a0bf Add sysctls to if_enc(4) to control whether the firewalls or
bpf will see inner and outer headers or just inner or outer
headers for incoming and outgoing IPsec packets.

This is useful in bpf to not have over long lines for debugging
or selcting packets based on the inner headers.
It also properly defines the behavior of what the firewalls see.

Last but not least it gives you if_enc(4) for IPv6 as well.

[ As some auxiliary state was not available in the later
  input path we save it in the tdbi. That way tcpdump can give a
  consistent view of either of (authentic,confidential) for both
  before and after states. ]

Discussed with:	thompsa (2007-04-25, basic idea of unifying paths)
Reviewed by:	thompsa, gnn
2007-11-28 22:33:53 +00:00
bz
0e9e73cbd0 Adjust a comment that suggest that we might consider a panic.
Make clear that this is not a good idea when called from
tcp_output()->ipsec_hdrsiz_tcp()->ipsec4_hdrsize_tcp()
as we do not know if IPsec processing is needed at that point.
2007-11-28 21:48:21 +00:00
bz
a7318bd80c Move the priv check before the malloc call for so_pcb.
In case attach fails because of the priv check we leaked the
memory and left so_pcb as fodder for invariants.

Reported  by:	Pawel Worach
Reviewed by:	rwatson
2007-11-16 22:35:33 +00:00
bz
5c6a60df9f Add a missing priv check in key_attach to prevent non-su users
from messing with the spdb and sadb.

Problem sneaked in with the fast_ipsec+v6->ipsec merger by no
longer going via raw_usrreqs.pr_attach.

Reported by:	Pawel Worach
Identified by:	rwatson
Reviewed by:	rwatson
MFC after:	3 days
2007-11-12 23:47:48 +00:00
gnn
a2ad10dc87 Fix for an infinite loop in processing ESP, IPv6 packets.
The control input routine passes a NULL as its void argument when it
has reached the innermost header, which terminates the loop.

Reported by: Pawel Worach <pawel.worach@gmail.com>
Approved by: re
2007-09-12 05:54:53 +00:00
rwatson
23574c8673 Remove the now-unused NET_{LOCK,UNLOCK,ASSERT}_GIANT() macros, which
previously conditionally acquired Giant based on debug.mpsafenet.  As that
has now been removed, they are no longer required.  Removing them
significantly simplifies error-handling in the socket layer, eliminated
quite a bit of unwinding of locking in error cases.

While here clean up the now unneeded opt_net.h, which previously was used
for the NET_WITH_GIANT kernel option.  Clean up some related gotos for
consistency.

Reviewed by:	bz, csjp
Tested by:	kris
Approved by:	re (kensmith)
2007-08-06 14:26:03 +00:00
bz
ee4925e857 Replace hard coded options by their defined PFIL_{IN,OUT} names.
Approved by:	re (hrs)
2007-07-19 09:57:54 +00:00
gnn
aeca69ded5 Commit the change from FAST_IPSEC to IPSEC. The FAST_IPSEC
option is now deprecated, as well as the KAME IPsec code.
What was FAST_IPSEC is now IPSEC.

Approved by: re
Sponsored by: Secure Computing
2007-07-03 12:13:45 +00:00
gnn
0cd74db89b Commit IPv6 support for FAST_IPSEC to the tree.
This commit includes only the kernel files, the rest of the files
will follow in a second commit.

Reviewed by:    bz
Approved by:    re
Supported by:   Secure Computing
2007-07-01 11:41:27 +00:00
bz
028d7c7c98 'spi' and the return value of ntohl are unsigned. Remove the extra >=0
check which was always true.
Document the special meaning of spi values of 0 and 1-255 with a comment.

Found with:	Coverity Prevent(tm)
CID:		2047
2007-06-16 09:25:23 +00:00
bz
e1f2e76904 In case of failure we can directly return ENOBUFS because
'result' is still NULL and we do not need to free anything.
That allows us to gc the entire goto parts and a now unused variable.

Found with:	Coverity Prevent(tm)
CID:		2519
2007-06-16 00:15:14 +00:00
bz
e622d327e5 Add a missing return so that we drop out in case of an error and
do not continue with a NULL pointer. [1]

While here change the return of the error handling code path above.
I cannot see why we should always return 0 there. Neither does KAME
nor do we in here for the similar check in all the other functions.

Found with:	Coverity Prevent(tm) [1]
CID:		2521
2007-06-15 23:45:39 +00:00
bz
3a2d39f8a2 With the current code 'src' is never NULL. Nevertheless move the check for
NULL before dereferencing the pointer.

Found with:	Coverity Prevent(tm)
CID:		2528
2007-06-15 22:35:59 +00:00
bz
28982ea6ee Looking at {ah,esp}_input_cb it seems we might be able to end up
without an mtag in ipsec4_common_input_cb.
So in case of !IPCOMP (AH,ESP) only change the m_tag_id if an mtag
was passed to ipsec4_common_input_cb.

Found with:	Coverity Prevent(tm)
CID:		2523
2007-06-15 22:23:33 +00:00
bz
77956753fe s,#,*, in a multi-line comment. This is C.
No functional change.
2007-06-15 21:34:12 +00:00
bz
9868265580 Though we are only called for the three security protocols we can
handle, document those sprotos using an IPSEC_ASSERT so that it will
be clear that 'spi' will always be initialized when used the first time.

Found with:	Coverity Prevent(tm)
CID:		2533
2007-06-15 21:32:51 +00:00
rwatson
00b02345d4 Eliminate now-unused SUSER_ALLOWJAIL arguments to priv_check_cred(); in
some cases, move to priv_check() if it was an operation on a thread and
no other flags were present.

Eliminate caller-side jail exception checking (also now-unused); jail
privilege exception code now goes solely in kern_jail.c.

We can't yet eliminate suser() due to some cases in the KAME code where
a privilege check is performed and then used in many different deferred
paths.  Do, however, move those prototypes to priv.h.

Reviewed by:	csjp
Obtained from:	TrustedBSD Project
2007-06-12 00:12:01 +00:00
bz
7bbae86575 In ipsec6_output_tunnel() make sure that the SA contents do not change.
The same would apply to ipsec6_output_trans() but there is a larger patch
around which already corrected that case. Do not interfere with that one.
2007-05-29 22:44:24 +00:00
bz
c255051269 fix typo: s,applyed,applied,g 2007-05-29 22:34:58 +00:00
bz
183fd7a84a Implement ICMPv6 support in ipsec6_get_ulp().
This is needed to make security policies work correctly if ICMPv6 type
and/or code are given. See setkey(8) 'upperspec' para. for details.
2007-05-29 22:32:12 +00:00
bz
4662f48b4e Add missing
break;
so when comparing AF_INET6 addresses, scope and ports we do not run into
the default case and return 'no match' instead of 'match'.
2007-05-29 22:18:44 +00:00
gnn
38b76f0623 Integrate the Camellia Block Cipher. For more information see RFC 4132
and its bibliography.

Submitted by:   Tomoyuki Okazaki <okazaki at kick dot gr dot jp>
MFC after:      1 month
2007-05-09 19:37:02 +00:00
rwatson
922d6e13fa Update comment regarding how we check privilege on FreeBSD: we now use
priv_check().
2007-04-10 16:09:00 +00:00
sam
19daed61a7 add include now required for crypto flags 2007-03-22 22:25:25 +00:00
sam
f96ba7ffda Overhaul driver/subsystem api's:
o make all crypto drivers have a device_t; pseudo drivers like the s/w
  crypto driver synthesize one
o change the api between the crypto subsystem and drivers to use kobj;
  cryptodev_if.m defines this api
o use the fact that all crypto drivers now have a device_t to add support
  for specifying which of several potential devices to use when doing
  crypto operations
o add new ioctls that allow user apps to select a specific crypto device
  to use (previous ioctls maintained for compatibility)
o overhaul crypto subsystem code to eliminate lots of cruft and hide
  implementation details from drivers
o bring in numerous fixes from Michale Richardson/hifn; mostly for
  795x parts
o add an optional mechanism for mmap'ing the hifn 795x public key h/w
  to user space for use by openssl (not enabled by default)
o update crypto test tools to use new ioctl's and add cmd line options
  to specify a device to use for tests

These changes will also enable much future work on improving the core
crypto subsystem; including proper load balancing and interposing code
between the core and drivers to dispatch small operations to the s/w
driver as appropriate.

These changes were instigated by the work of Michael Richardson.

Reviewed by:	pjd
Approved by:	re
2007-03-21 03:42:51 +00:00
bz
762d6693b6 s,#if INET6,#ifdef INET6,
This unbreaks the build for FAST_IPSEC && !INET6 and was wrong anyway.

Reported by:	Dmitry Pryanishnikov <dmitry atlantis.dp.ua>
2006-12-14 17:33:46 +00:00
bz
297206ec2a MFp4: 92972, 98913 + one more change
In ip6_sprintf no longer use and return one of eight static buffers
for printing/logging ipv6 addresses.
The caller now has to hand in a sufficiently large buffer as first
argument.
2006-12-12 12:17:58 +00:00
rwatson
f52cf260f1 Add priv.h include required to build FAST_IPSEC, which is not present in
LINT due to a conflict with KAME IPSEC.

Submitted by:	Pawel Worach <pawel dot worach at gmail dot com>
2006-11-07 08:58:06 +00:00
rwatson
10d0d9cf47 Sweep kernel replacing suser(9) calls with priv(9) calls, assigning
specific privilege names to a broad range of privileges.  These may
require some future tweaking.

Sponsored by:           nCircle Network Security, Inc.
Obtained from:          TrustedBSD Project
Discussed on:           arch@
Reviewed (at least in part) by: mlaier, jmg, pjd, bde, ceri,
                        Alex Lyashkov <umka at sevcity dot net>,
                        Skip Ford <skip dot ford at verizon dot net>,
                        Antoine Brodin <antoine dot brodin at laposte dot net>
2006-11-06 13:42:10 +00:00
gnn
ecb3559b0b Fix build breakage from previous commit which confused key_abort and key_close. 2006-07-22 09:18:02 +00:00
rwatson
720efebbba Change semantics of socket close and detach. Add a new protocol switch
function, pru_close, to notify protocols that the file descriptor or
other consumer of a socket is closing the socket.  pru_abort is now a
notification of close also, and no longer detaches.  pru_detach is no
longer used to notify of close, and will be called during socket
tear-down by sofree() when all references to a socket evaporate after
an earlier call to abort or close the socket.  This means detach is now
an unconditional teardown of a socket, whereas previously sockets could
persist after detach of the protocol retained a reference.

This faciliates sharing mutexes between layers of the network stack as
the mutex is required during the checking and removal of references at
the head of sofree().  With this change, pru_detach can now assume that
the mutex will no longer be required by the socket layer after
completion, whereas before this was not necessarily true.

Reviewed by:	gnn
2006-07-21 17:11:15 +00:00
pjd
963e56be5a - Use suser_cred(9) instead of directly comparing cr_uid.
- Compare pointer with NULL.

Reviewed by:	rwatson
2006-06-27 11:41:21 +00:00
thompsa
320c8e5164 Add a pseudo interface for packet filtering IPSec connections before or after
encryption. There are two functions, a bpf tap which has a basic header with
the SPI number which our current tcpdump knows how to display, and handoff to
pfil(9) for packet filtering.

Obtained from:	OpenBSD
Based on:	kern/94829
No objections:	arch, net
MFC after:	1 month
2006-06-26 22:30:08 +00:00
pjd
501751fbc7 Change '#if INET' and '#if INET6' to '#ifdef INET' and '#ifdef INET6'.
This unbreaks compiling a kernel with FAST_IPSEC and no INET6.
2006-06-04 19:32:32 +00:00
gnn
fe27631048 Extend the notdef #ifdef to cover the packet copy as there is no point in doing that if we're not doing the rest of the work.
Submitted by:	thompsa
MFC after: 1 week
2006-06-04 03:11:09 +00:00
pjd
c1590119a6 Prevent disappearing SAD entries by implementing MPsafe refcounting.
"Why didn't he use SECASVAR_LOCK()/SECASVAR_UNLOCK() macros to
 synchronize access to the secasvar structure's fields?" one may ask.
There were two reasons:
1. refcount(9) is faster then mutex(9) synchronization (one atomic
   operation instead of two).
2. Those macros are not used now at all, so at some point we may decide
   to remove them entirely.

OK'ed by:	gnn
MFC after:	2 weeks
2006-05-20 15:35:36 +00:00
pjd
1f7868c704 - The authsize field from auth_hash structure was removed.
- Define that we want to receive only 96 bits of HMAC.
- Names of the structues have no longer _96 suffix.

Reviewed by:	sam
2006-05-17 18:30:28 +00:00
pjd
98fc9938af Hide net.inet.ipsec.test_{replay,integrity} sysctls under #ifdef REGRESSION.
Requested by:	sam, rwatson
2006-04-10 15:04:36 +00:00
pjd
0501edbc66 Introduce two new sysctls:
net.inet.ipsec.test_replay - When set to 1, IPsec will send packets with
	the same sequence number. This allows to verify if the other side
	has proper replay attacks detection.

net.inet.ipsec.test_integrity - When set 1, IPsec will send packets with
	corrupted HMAC. This allows to verify if the other side properly
	detects modified packets.

I used the first one to discover that we don't have proper replay attacks
detection in ESP (in fast_ipsec(4)).
2006-04-09 19:11:45 +00:00
pjd
b9b788a576 Be consistent with the rest of the code. 2006-04-09 19:00:23 +00:00
dd
264a13426d Remove unused variables s and error in key_detach. The previous
revision removed their usage but did not remove the declaration. This
caused a warning in my build, which was fatal with -Werror.
2006-04-04 10:11:15 +00:00
gnn
60609380bc Remove unintended DEBUG flag setting. 2006-04-04 03:12:21 +00:00