2 * Copyright (c) 2008-2016 Apple Inc. All rights reserved.
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
29 /* $FreeBSD: src/sys/netinet6/esp_output.c,v 1.1.2.3 2002/04/28 05:40:26 suz Exp $ */
30 /* $KAME: esp_output.c,v 1.44 2001/07/26 06:53:15 jinmei Exp $ */
33 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
34 * All rights reserved.
36 * Redistribution and use in source and binary forms, with or without
37 * modification, are permitted provided that the following conditions
39 * 1. Redistributions of source code must retain the above copyright
40 * notice, this list of conditions and the following disclaimer.
41 * 2. Redistributions in binary form must reproduce the above copyright
42 * notice, this list of conditions and the following disclaimer in the
43 * documentation and/or other materials provided with the distribution.
44 * 3. Neither the name of the project nor the names of its contributors
45 * may be used to endorse or promote products derived from this software
46 * without specific prior written permission.
48 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
51 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
64 * RFC1827/2406 Encapsulated Security Payload.
67 #include <sys/param.h>
68 #include <sys/systm.h>
69 #include <sys/malloc.h>
71 #include <sys/domain.h>
72 #include <sys/protosw.h>
73 #include <sys/socket.h>
74 #include <sys/socketvar.h>
75 #include <sys/errno.h>
77 #include <sys/kernel.h>
78 #include <sys/syslog.h>
81 #include <net/route.h>
83 #include <netinet/in.h>
84 #include <netinet/in_systm.h>
85 #include <netinet/ip.h>
86 #include <netinet/in_var.h>
87 #include <netinet/udp.h> /* for nat traversal */
90 #include <netinet/ip6.h>
91 #include <netinet6/ip6_var.h>
92 #include <netinet/icmp6.h>
95 #include <netinet6/ipsec.h>
97 #include <netinet6/ipsec6.h>
99 #include <netinet6/ah.h>
101 #include <netinet6/ah6.h>
103 #include <netinet6/esp.h>
105 #include <netinet6/esp6.h>
107 #include <netkey/key.h>
108 #include <netkey/keydb.h>
110 #include <net/net_osdep.h>
112 #include <sys/kdebug.h>
113 #define DBG_LAYER_BEG NETDBG_CODE(DBG_NETIPSEC, 1)
114 #define DBG_LAYER_END NETDBG_CODE(DBG_NETIPSEC, 3)
115 #define DBG_FNC_ESPOUT NETDBG_CODE(DBG_NETIPSEC, (4 << 8))
116 #define DBG_FNC_ENCRYPT NETDBG_CODE(DBG_NETIPSEC, (5 << 8))
118 static int esp_output(struct mbuf
*, u_char
*, struct mbuf
*,
119 int, struct secasvar
*sav
);
121 extern int esp_udp_encap_port
;
122 extern u_int64_t natt_now
;
124 extern lck_mtx_t
*sadb_mutex
;
127 * compute ESP header size.
130 esp_hdrsiz(__unused
struct ipsecrequest
*isr
)
136 panic("esp_hdrsiz: NULL was passed.\n");
139 lck_mtx_lock(sadb_mutex
);
141 struct secasvar
*sav
;
142 const struct esp_algorithm
*algo
;
143 const struct ah_algorithm
*aalgo
;
149 /*%%%% this needs to change - no sav in ipsecrequest any more */
152 if (isr
->saidx
.proto
!= IPPROTO_ESP
)
153 panic("unsupported mode passed to esp_hdrsiz");
157 if (sav
->state
!= SADB_SASTATE_MATURE
158 && sav
->state
!= SADB_SASTATE_DYING
)
161 /* we need transport mode ESP. */
162 algo
= esp_algorithm_lookup(sav
->alg_enc
);
170 maxpad
= algo
->padbound
;
173 maxpad
+= 1; /* maximum 'extendsiz' is padbound + 1, see esp_output */
175 if (sav
->flags
& SADB_X_EXT_OLD
) {
177 hdrsiz
= sizeof(struct esp
) + ivlen
+ maxpad
;
180 aalgo
= ah_algorithm_lookup(sav
->alg_auth
);
181 if (aalgo
&& sav
->replay
&& sav
->key_auth
)
182 authlen
= (aalgo
->sumsiz
)(sav
);
185 hdrsiz
= sizeof(struct newesp
) + ivlen
+ maxpad
+ authlen
;
189 * If the security association indicates that NATT is required,
190 * add the size of the NATT encapsulation header:
192 if ((sav
->flags
& SADB_X_EXT_NATT
) != 0) hdrsiz
+= sizeof(struct udphdr
) + 4;
194 lck_mtx_unlock(sadb_mutex
);
198 lck_mtx_unlock(sadb_mutex
);
202 * sizeof(struct newesp) > sizeof(struct esp). (8)
203 * esp_max_ivlen() = max ivlen for CBC mode
204 * 17 = (maximum padding length without random padding length)
205 * + (Pad Length field) + (Next Header field).
206 * 64 = maximum ICV we support.
207 * sizeof(struct udphdr) in case NAT traversal is used
209 return sizeof(struct newesp
) + esp_max_ivlen() + 17 + AH_MAXSUMSIZE
+ sizeof(struct udphdr
);
213 * Modify the packet so that the payload is encrypted.
214 * The mbuf (m) must start with IPv4 or IPv6 header.
215 * On failure, free the given mbuf and return NULL.
220 * IP ......... payload
221 * during the encryption:
222 * m nexthdrp mprev md
224 * IP ............... esp iv payload pad padlen nxthdr
225 * <--><-><------><--------------->
226 * esplen plen extendsiz
230 * <-----------------> espoff
238 struct secasvar
*sav
)
243 struct esptail
*esptail
;
244 const struct esp_algorithm
*algo
;
247 size_t plen
; /*payload length to be encrypted*/
249 size_t esphlen
; /* sizeof(struct esp/newesp) + ivlen */
254 struct ipsecstat
*stat
;
255 struct udphdr
*udp
= NULL
;
256 int udp_encapsulate
= (sav
->flags
& SADB_X_EXT_NATT
&& (af
== AF_INET
|| af
== AF_INET6
) &&
257 (esp_udp_encap_port
& 0xFFFF) != 0);
259 KERNEL_DEBUG(DBG_FNC_ESPOUT
| DBG_FUNC_START
, sav
->ivlen
,0,0,0,0);
274 ipseclog((LOG_ERR
, "esp_output: unsupported af %d\n", af
));
275 KERNEL_DEBUG(DBG_FNC_ESPOUT
| DBG_FUNC_END
, 1,0,0,0,0);
276 return 0; /* no change at all */
279 /* some sanity check */
280 if ((sav
->flags
& SADB_X_EXT_OLD
) == 0 && !sav
->replay
) {
287 ip
= mtod(m
, struct ip
*);
288 ipseclog((LOG_DEBUG
, "esp4_output: internal error: "
289 "sav->replay is null: %x->%x, SPI=%u\n",
290 (u_int32_t
)ntohl(ip
->ip_src
.s_addr
),
291 (u_int32_t
)ntohl(ip
->ip_dst
.s_addr
),
292 (u_int32_t
)ntohl(sav
->spi
)));
293 IPSEC_STAT_INCREMENT(ipsecstat
.out_inval
);
299 ipseclog((LOG_DEBUG
, "esp6_output: internal error: "
300 "sav->replay is null: SPI=%u\n",
301 (u_int32_t
)ntohl(sav
->spi
)));
302 IPSEC_STAT_INCREMENT(ipsec6stat
.out_inval
);
306 panic("esp_output: should not reach here");
309 KERNEL_DEBUG(DBG_FNC_ESPOUT
| DBG_FUNC_END
, 2,0,0,0,0);
313 algo
= esp_algorithm_lookup(sav
->alg_enc
);
315 ipseclog((LOG_ERR
, "esp_output: unsupported algorithm: "
316 "SPI=%u\n", (u_int32_t
)ntohl(sav
->spi
)));
318 KERNEL_DEBUG(DBG_FNC_ESPOUT
| DBG_FUNC_END
, 3,0,0,0,0);
325 panic("invalid ivlen");
331 * XXX inserts ESP header right after IPv4 header. should
332 * chase the header chain.
333 * XXX sequential number
336 struct ip
*ip
= NULL
;
339 struct ip6_hdr
*ip6
= NULL
;
341 size_t esplen
; /* sizeof(struct esp/newesp) */
342 size_t hlen
= 0; /* ip header len */
344 if (sav
->flags
& SADB_X_EXT_OLD
) {
346 esplen
= sizeof(struct esp
);
349 if (sav
->flags
& SADB_X_EXT_DERIV
)
350 esplen
= sizeof(struct esp
);
352 esplen
= sizeof(struct newesp
);
354 esphlen
= esplen
+ ivlen
;
356 for (mprev
= m
; mprev
&& mprev
->m_next
!= md
; mprev
= mprev
->m_next
)
358 if (mprev
== NULL
|| mprev
->m_next
!= md
) {
359 ipseclog((LOG_DEBUG
, "esp%d_output: md is not in chain\n",
362 KERNEL_DEBUG(DBG_FNC_ESPOUT
| DBG_FUNC_END
, 4,0,0,0,0);
367 for (n
= md
; n
; n
= n
->m_next
)
373 ip
= mtod(m
, struct ip
*);
375 hlen
= IP_VHL_HL(ip
->ip_vhl
) << 2;
377 hlen
= ip
->ip_hl
<< 2;
383 ip6
= mtod(m
, struct ip6_hdr
*);
389 /* make the packet over-writable */
390 mprev
->m_next
= NULL
;
391 if ((md
= ipsec_copypkt(md
)) == NULL
) {
399 * Translate UDP source port back to its original value.
400 * SADB_X_EXT_NATT_MULTIPLEUSERS is only set for transort mode.
402 if ((sav
->flags
& SADB_X_EXT_NATT_MULTIPLEUSERS
) != 0) {
403 /* if not UDP - drop it */
404 if (ip
->ip_p
!= IPPROTO_UDP
) {
405 IPSEC_STAT_INCREMENT(ipsecstat
.out_inval
);
411 udp
= mtod(md
, struct udphdr
*);
413 /* if src port not set in sav - find it */
414 if (sav
->natt_encapsulated_src_port
== 0)
415 if (key_natt_get_translated_port(sav
) == 0) {
420 if (sav
->remote_ike_port
== htons(udp
->uh_dport
)) {
421 /* translate UDP port */
422 udp
->uh_dport
= sav
->natt_encapsulated_src_port
;
423 udp
->uh_sum
= 0; /* don't need checksum with ESP auth */
425 /* drop the packet - can't translate the port */
426 IPSEC_STAT_INCREMENT(ipsecstat
.out_inval
);
434 espoff
= m
->m_pkthdr
.len
- plen
;
436 if (udp_encapsulate
) {
437 esphlen
+= sizeof(struct udphdr
);
438 espoff
+= sizeof(struct udphdr
);
442 * grow the mbuf to accomodate ESP header.
443 * before: IP ... payload
444 * after: IP ... [UDP] ESP IV payload
446 if (M_LEADINGSPACE(md
) < esphlen
|| (md
->m_flags
& M_EXT
) != 0) {
447 MGET(n
, M_DONTWAIT
, MT_DATA
);
456 m
->m_pkthdr
.len
+= esphlen
;
457 if (udp_encapsulate
) {
458 udp
= mtod(n
, struct udphdr
*);
459 esp
= (struct esp
*)(void *)((caddr_t
)udp
+ sizeof(struct udphdr
));
461 esp
= mtod(n
, struct esp
*);
464 md
->m_len
+= esphlen
;
465 md
->m_data
-= esphlen
;
466 m
->m_pkthdr
.len
+= esphlen
;
467 esp
= mtod(md
, struct esp
*);
468 if (udp_encapsulate
) {
469 udp
= mtod(md
, struct udphdr
*);
470 esp
= (struct esp
*)(void *)((caddr_t
)udp
+ sizeof(struct udphdr
));
472 esp
= mtod(md
, struct esp
*);
479 if (esphlen
< (IP_MAXPACKET
- ntohs(ip
->ip_len
)))
480 ip
->ip_len
= htons(ntohs(ip
->ip_len
) + esphlen
);
483 "IPv4 ESP output: size exceeds limit\n"));
484 IPSEC_STAT_INCREMENT(ipsecstat
.out_inval
);
493 /* total packet length will be computed in ip6_output() */
499 /* initialize esp header. */
501 if ((sav
->flags
& SADB_X_EXT_OLD
) == 0) {
503 nesp
= (struct newesp
*)esp
;
504 if (sav
->replay
->count
== ~0) {
505 if ((sav
->flags
& SADB_X_EXT_CYCSEQ
) == 0) {
506 /* XXX Is it noisy ? */
507 ipseclog((LOG_WARNING
,
508 "replay counter overflowed. %s\n",
509 ipsec_logsastr(sav
)));
510 IPSEC_STAT_INCREMENT(stat
->out_inval
);
512 KERNEL_DEBUG(DBG_FNC_ESPOUT
| DBG_FUNC_END
, 5,0,0,0,0);
516 lck_mtx_lock(sadb_mutex
);
517 sav
->replay
->count
++;
518 lck_mtx_unlock(sadb_mutex
);
520 * XXX sequence number must not be cycled, if the SA is
521 * installed by IKE daemon.
523 nesp
->esp_seq
= htonl(sav
->replay
->count
);
528 * find the last mbuf. make some room for ESP trailer.
531 struct ip
*ip
= NULL
;
539 padbound
= algo
->padbound
;
542 /* ESP packet, including nxthdr field, must be length of 4n */
546 extendsiz
= padbound
- (plen
% padbound
);
548 extendsiz
= padbound
+ 1;
554 randpadmax
= ip4_esp_randpad
;
559 randpadmax
= ip6_esp_randpad
;
566 if (randpadmax
< 0 || plen
+ extendsiz
>= randpadmax
)
572 randpadmax
= (randpadmax
/ padbound
) * padbound
;
573 pad
= (randpadmax
- plen
+ extendsiz
) / padbound
;
576 pad
= (random() % pad
) * padbound
;
581 * make sure we do not pad too much.
582 * MLEN limitation comes from the trailer attachment
584 * 256 limitation comes from sequential padding.
585 * also, the 1-octet length field in ESP trailer imposes
586 * limitation (but is less strict than sequential padding
587 * as length field do not count the last 2 octets).
589 if (extendsiz
+ pad
<= MLEN
&& extendsiz
+ pad
< 256)
594 if (extendsiz
> MLEN
|| extendsiz
>= 256)
595 panic("extendsiz too big in esp_output");
603 * if M_EXT, the external mbuf data may be shared among
604 * two consequtive TCP packets, and it may be unsafe to use the
607 if (!(n
->m_flags
& M_EXT
) && extendsiz
< M_TRAILINGSPACE(n
)) {
608 extend
= mtod(n
, u_char
*) + n
->m_len
;
609 n
->m_len
+= extendsiz
;
610 m
->m_pkthdr
.len
+= extendsiz
;
614 MGET(nn
, M_DONTWAIT
, MT_DATA
);
616 ipseclog((LOG_DEBUG
, "esp%d_output: can't alloc mbuf",
622 extend
= mtod(nn
, u_char
*);
623 nn
->m_len
= extendsiz
;
627 m
->m_pkthdr
.len
+= extendsiz
;
629 switch (sav
->flags
& SADB_X_EXT_PMASK
) {
630 case SADB_X_EXT_PRAND
:
631 key_randomfill(extend
, extendsiz
);
633 case SADB_X_EXT_PZERO
:
634 bzero(extend
, extendsiz
);
636 case SADB_X_EXT_PSEQ
:
637 for (i
= 0; i
< extendsiz
; i
++)
638 extend
[i
] = (i
+ 1) & 0xff;
643 if (udp_encapsulate
) {
644 *nexthdrp
= IPPROTO_UDP
;
646 /* Fill out the UDP header */
647 udp
->uh_sport
= ntohs((u_short
)esp_udp_encap_port
);
648 udp
->uh_dport
= ntohs(sav
->remote_ike_port
);
649 // udp->uh_len set later, after all length tweaks are complete
652 /* Update last sent so we know if we need to send keepalive */
653 sav
->natt_last_activity
= natt_now
;
655 *nexthdrp
= IPPROTO_ESP
;
658 /* initialize esp trailer. */
659 esptail
= (struct esptail
*)
660 (mtod(n
, u_int8_t
*) + n
->m_len
- sizeof(struct esptail
));
661 esptail
->esp_nxt
= nxt
;
662 esptail
->esp_padlen
= extendsiz
- 2;
664 /* modify IP header (for ESP header part only) */
668 ip
= mtod(m
, struct ip
*);
669 if (extendsiz
< (IP_MAXPACKET
- ntohs(ip
->ip_len
)))
670 ip
->ip_len
= htons(ntohs(ip
->ip_len
) + extendsiz
);
673 "IPv4 ESP output: size exceeds limit\n"));
674 IPSEC_STAT_INCREMENT(ipsecstat
.out_inval
);
683 /* total packet length will be computed in ip6_output() */
690 * pre-compute and cache intermediate key
692 error
= esp_schedule(algo
, sav
);
695 IPSEC_STAT_INCREMENT(stat
->out_inval
);
700 * encrypt the packet, based on security association
701 * and the algorithm specified.
704 panic("internal error: no encrypt function");
705 KERNEL_DEBUG(DBG_FNC_ENCRYPT
| DBG_FUNC_START
, 0,0,0,0,0);
706 if ((*algo
->encrypt
)(m
, espoff
, plen
+ extendsiz
, sav
, algo
, ivlen
)) {
707 /* m is already freed */
708 ipseclog((LOG_ERR
, "packet encryption failure\n"));
709 IPSEC_STAT_INCREMENT(stat
->out_inval
);
711 KERNEL_DEBUG(DBG_FNC_ENCRYPT
| DBG_FUNC_END
, 1,error
,0,0,0);
714 KERNEL_DEBUG(DBG_FNC_ENCRYPT
| DBG_FUNC_END
, 2,0,0,0,0);
717 * calculate ICV if required.
720 u_char authbuf
[AH_MAXSUMSIZE
] __attribute__((aligned(4)));
722 if (algo
->finalizeencrypt
) {
724 if ((*algo
->finalizeencrypt
)(sav
, authbuf
, siz
)) {
725 ipseclog((LOG_ERR
, "packet encryption ICV failure\n"));
726 IPSEC_STAT_INCREMENT(stat
->out_inval
);
728 KERNEL_DEBUG(DBG_FNC_ENCRYPT
| DBG_FUNC_END
, 1,error
,0,0,0);
738 if (sav
->key_auth
== SADB_AALG_NONE
)
742 const struct ah_algorithm
*aalgo
;
744 aalgo
= ah_algorithm_lookup(sav
->alg_auth
);
747 siz
= ((aalgo
->sumsiz
)(sav
) + 3) & ~(4 - 1);
748 if (AH_MAXSUMSIZE
< siz
)
749 panic("assertion failed for AH_MAXSUMSIZE");
751 if (esp_auth(m
, espoff
, m
->m_pkthdr
.len
- espoff
, sav
, authbuf
)) {
752 ipseclog((LOG_ERR
, "ESP checksum generation failure\n"));
755 IPSEC_STAT_INCREMENT(stat
->out_inval
);
769 if (!(n
->m_flags
& M_EXT
) && siz
< M_TRAILINGSPACE(n
)) { /* XXX */
771 m
->m_pkthdr
.len
+= siz
;
772 p
= mtod(n
, u_char
*) + n
->m_len
- siz
;
776 MGET(nn
, M_DONTWAIT
, MT_DATA
);
778 ipseclog((LOG_DEBUG
, "can't alloc mbuf in esp%d_output",
788 m
->m_pkthdr
.len
+= siz
;
789 p
= mtod(nn
, u_char
*);
791 bcopy(authbuf
, p
, siz
);
793 /* modify IP header (for ESP header part only) */
797 ip
= mtod(m
, struct ip
*);
798 if (siz
< (IP_MAXPACKET
- ntohs(ip
->ip_len
)))
799 ip
->ip_len
= htons(ntohs(ip
->ip_len
) + siz
);
802 "IPv4 ESP output: size exceeds limit\n"));
803 IPSEC_STAT_INCREMENT(ipsecstat
.out_inval
);
812 /* total packet length will be computed in ip6_output() */
818 if (udp_encapsulate
) {
824 ip
= mtod(m
, struct ip
*);
825 udp
->uh_ulen
= htons(ntohs(ip
->ip_len
) - (IP_VHL_HL(ip
->ip_vhl
) << 2));
828 ip6
= mtod(m
, struct ip6_hdr
*);
829 udp
->uh_ulen
= htons(plen
+ siz
+ extendsiz
+ esphlen
);
830 udp
->uh_sum
= in6_pseudo(&ip6
->ip6_src
, &ip6
->ip6_dst
, htonl(ntohs(udp
->uh_ulen
) + IPPROTO_UDP
));
831 m
->m_pkthdr
.csum_flags
= CSUM_UDPIPV6
;
832 m
->m_pkthdr
.csum_data
= offsetof(struct udphdr
, uh_sum
);
838 lck_mtx_lock(sadb_mutex
);
841 "NULL mbuf after encryption in esp%d_output", afnumber
));
844 stat
->out_esphist
[sav
->alg_enc
]++;
845 lck_mtx_unlock(sadb_mutex
);
846 key_sa_recordxfer(sav
, m
);
847 KERNEL_DEBUG(DBG_FNC_ESPOUT
| DBG_FUNC_END
, 6,0,0,0,0);
852 KERNEL_DEBUG(DBG_FNC_ESPOUT
| DBG_FUNC_END
, 7,error
,0,0,0);
855 panic("something bad in esp_output");
863 struct secasvar
*sav
)
866 if (m
->m_len
< sizeof(struct ip
)) {
867 ipseclog((LOG_DEBUG
, "esp4_output: first mbuf too short\n"));
871 ip
= mtod(m
, struct ip
*);
872 /* XXX assumes that m->m_next points to payload */
873 return esp_output(m
, &ip
->ip_p
, m
->m_next
, AF_INET
, sav
);
883 struct secasvar
*sav
)
885 if (m
->m_len
< sizeof(struct ip6_hdr
)) {
886 ipseclog((LOG_DEBUG
, "esp6_output: first mbuf too short\n"));
890 return esp_output(m
, nexthdrp
, md
, AF_INET6
, sav
);