]> git.saurik.com Git - apple/xnu.git/blob - bsd/netkey/key.c
9db82dcfd084f259596253aea77a061eeee68f5c
[apple/xnu.git] / bsd / netkey / key.c
1 /* $KAME: key.c,v 1.76 2000/03/27 05:11:04 sumikawa Exp $ */
2
3 /*
4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the project nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 */
31
32 /*
33 * This code is referd to RFC 2367
34 */
35
36 #if (defined(__FreeBSD__) && __FreeBSD__ >= 3) || defined(__NetBSD__)
37 #include "opt_inet.h"
38 #ifdef __NetBSD__
39 #include "opt_ipsec.h"
40 #endif
41 #endif
42
43 /* this is for backward compatibility. we should not touch those. */
44 #define ss_len __ss_len
45 #define ss_family __ss_family
46
47 #include <sys/types.h>
48 #include <sys/param.h>
49 #include <sys/systm.h>
50 #include <sys/kernel.h>
51 #include <sys/mbuf.h>
52 #include <sys/domain.h>
53 #include <sys/protosw.h>
54 #include <sys/malloc.h>
55 #include <sys/socket.h>
56 #include <sys/socketvar.h>
57 #if defined(__FreeBSD__) || defined (__APPLE__)
58 #include <sys/sysctl.h>
59 #endif
60 #include <sys/errno.h>
61 #include <sys/proc.h>
62 #include <sys/queue.h>
63
64 #include <net/if.h>
65 #include <net/route.h>
66 #include <net/raw_cb.h>
67
68 #include <netinet/in.h>
69 #include <netinet/in_systm.h>
70 #include <netinet/ip.h>
71 #include <netinet/in_var.h>
72
73 #if INET6
74 #include <netinet/ip6.h>
75 #include <netinet6/in6_var.h>
76 #include <netinet6/ip6_var.h>
77 #endif /* INET6 */
78
79 #if INET
80 #include <netinet/in_pcb.h>
81 #endif
82 #if INET6
83 #if !(defined(__bsdi__) && _BSDI_VERSION >= 199802)
84 #include <netinet6/in6_pcb.h>
85 #endif
86 #endif /* INET6 */
87
88 #include <net/pfkeyv2.h>
89 #include <netkey/keydb.h>
90 #include <netkey/key.h>
91 #include <netkey/keysock.h>
92 #include <netkey/key_debug.h>
93
94 #include <netinet6/ipsec.h>
95 #include <netinet6/ah.h>
96 #if IPSEC_ESP
97 #include <netinet6/esp.h>
98 #endif
99 #include <netinet6/ipcomp.h>
100
101 #include <net/net_osdep.h>
102
103 /*
104 * Note on SA reference counting:
105 * - SAs that are not in DEAD state will have (total external reference + 1)
106 * following value in reference count field. they cannot be freed and are
107 * referenced from SA header.
108 * - SAs that are in DEAD state will have (total external reference)
109 * in reference count field. they are ready to be freed. reference from
110 * SA header will be removed in key_delsav(), when the reference count
111 * field hits 0 (= no external reference other than from SA header.
112 */
113
114 u_int32_t key_debug_level = 0; //### our sysctl is not dynamic
115 static u_int key_spi_trycnt = 1000;
116 static u_int32_t key_spi_minval = 0x100;
117 static u_int32_t key_spi_maxval = 0x0fffffff; /* XXX */
118 static u_int32_t policy_id = 0;
119 static u_int key_int_random = 60; /*interval to initialize randseed,1(m)*/
120 static u_int key_larval_lifetime = 30; /* interval to expire acquiring, 30(s)*/
121 static int key_blockacq_count = 10; /* counter for blocking SADB_ACQUIRE.*/
122 static int key_blockacq_lifetime = 20; /* lifetime for blocking SADB_ACQUIRE.*/
123
124 static u_int32_t acq_seq = 0;
125 static int key_tick_init_random = 0;
126
127 static LIST_HEAD(_sptree, secpolicy) sptree[IPSEC_DIR_MAX]; /* SPD */
128 static LIST_HEAD(_sahtree, secashead) sahtree; /* SAD */
129 static LIST_HEAD(_regtree, secreg) regtree[SADB_SATYPE_MAX + 1];
130 /* registed list */
131 #ifndef IPSEC_NONBLOCK_ACQUIRE
132 static LIST_HEAD(_acqtree, secacq) acqtree; /* acquiring list */
133 #endif
134 static LIST_HEAD(_spacqtree, secspacq) spacqtree; /* SP acquiring list */
135
136 struct key_cb key_cb;
137
138 /* search order for SAs */
139 static u_int saorder_state_valid[] = {
140 SADB_SASTATE_DYING, SADB_SASTATE_MATURE,
141 /*
142 * This order is important because we must select a oldest SA
143 * for outbound processing. For inbound, This is not important.
144 */
145 };
146 static u_int saorder_state_alive[] = {
147 /* except DEAD */
148 SADB_SASTATE_MATURE, SADB_SASTATE_DYING, SADB_SASTATE_LARVAL
149 };
150 static u_int saorder_state_any[] = {
151 SADB_SASTATE_MATURE, SADB_SASTATE_DYING,
152 SADB_SASTATE_LARVAL, SADB_SASTATE_DEAD
153 };
154
155 #if defined(__FreeBSD__) || defined (__APPLE__)
156 SYSCTL_DECL(_net_key);
157 //#if defined(IPSEC_DEBUG)
158 SYSCTL_INT(_net_key, KEYCTL_DEBUG_LEVEL, debug, CTLFLAG_RW, \
159 &key_debug_level, 0, "");
160 //#endif /* defined(IPSEC_DEBUG) */
161
162 /* max count of trial for the decision of spi value */
163 SYSCTL_INT(_net_key, KEYCTL_SPI_TRY, spi_trycnt, CTLFLAG_RW, \
164 &key_spi_trycnt, 0, "");
165
166 /* minimum spi value to allocate automatically. */
167 SYSCTL_INT(_net_key, KEYCTL_SPI_MIN_VALUE, spi_minval, CTLFLAG_RW, \
168 &key_spi_minval, 0, "");
169
170 /* maximun spi value to allocate automatically. */
171 SYSCTL_INT(_net_key, KEYCTL_SPI_MAX_VALUE, spi_maxval, CTLFLAG_RW, \
172 &key_spi_maxval, 0, "");
173
174 /* interval to initialize randseed */
175 SYSCTL_INT(_net_key, KEYCTL_RANDOM_INT, int_random, CTLFLAG_RW, \
176 &key_int_random, 0, "");
177
178 /* lifetime for larval SA */
179 SYSCTL_INT(_net_key, KEYCTL_LARVAL_LIFETIME, larval_lifetime, CTLFLAG_RW, \
180 &key_larval_lifetime, 0, "");
181
182 /* counter for blocking to send SADB_ACQUIRE to IKEd */
183 SYSCTL_INT(_net_key, KEYCTL_BLOCKACQ_COUNT, blockacq_count, CTLFLAG_RW, \
184 &key_blockacq_count, 0, "");
185
186 /* lifetime for blocking to send SADB_ACQUIRE to IKEd */
187 SYSCTL_INT(_net_key, KEYCTL_BLOCKACQ_LIFETIME, blockacq_lifetime, CTLFLAG_RW, \
188 &key_blockacq_lifetime, 0, "");
189
190 #endif /* __FreeBSD__ */
191
192 #ifndef LIST_FOREACH
193 #define LIST_FOREACH(elm, head, field) \
194 for (elm = LIST_FIRST(head); elm; elm = LIST_NEXT(elm, field))
195 #endif
196 #define __LIST_CHAINED(elm) \
197 (!((elm)->chain.le_next == NULL && (elm)->chain.le_prev == NULL))
198 #define LIST_INSERT_TAIL(head, elm, type, field) \
199 do {\
200 struct type *curelm = LIST_FIRST(head); \
201 if (curelm == NULL) {\
202 LIST_INSERT_HEAD(head, elm, field); \
203 } else { \
204 while (LIST_NEXT(curelm, field)) \
205 curelm = LIST_NEXT(curelm, field);\
206 LIST_INSERT_AFTER(curelm, elm, field);\
207 }\
208 } while (0)
209
210 #define KEY_CHKSASTATE(head, sav, name) \
211 do { \
212 if ((head) != (sav)) { \
213 printf("%s: state mismatched (TREE=%d SA=%d)\n", \
214 (name), (head), (sav)); \
215 continue; \
216 } \
217 } while (0)
218
219 #define KEY_CHKSPDIR(head, sp, name) \
220 do { \
221 if ((head) != (sp)) { \
222 printf("%s: direction mismatched (TREE=%d SP=%d), " \
223 "anyway continue.\n", \
224 (name), (head), (sp)); \
225 } \
226 } while (0)
227
228 #if 1
229 #define KMALLOC(p, t, n) \
230 ((p) = (t) _MALLOC((unsigned long)(n), M_SECA, M_NOWAIT))
231 #define KFREE(p) \
232 _FREE((caddr_t)(p), M_SECA);
233 #else
234 #define KMALLOC(p, t, n) \
235 do { \
236 ((p) = (t)_MALLOC((unsigned long)(n), M_SECA, M_NOWAIT)); \
237 printf("%s %d: %p <- KMALLOC(%s, %d)\n", \
238 __FILE__, __LINE__, (p), #t, n); \
239 } while (0)
240
241 #define KFREE(p) \
242 do { \
243 printf("%s %d: %p -> KFREE()\n", __FILE__, __LINE__, (p)); \
244 _FREE((caddr_t)(p), M_SECA); \
245 } while (0)
246 #endif
247
248 /*
249 * set parameters into secpolicyindex buffer.
250 * Must allocate secpolicyindex buffer passed to this function.
251 */
252 #define KEY_SETSECSPIDX(_dir, s, d, ps, pd, ulp, idx) \
253 do { \
254 bzero((idx), sizeof(struct secpolicyindex)); \
255 (idx)->dir = (_dir); \
256 (idx)->prefs = (ps); \
257 (idx)->prefd = (pd); \
258 (idx)->ul_proto = (ulp); \
259 bcopy((s), &(idx)->src, ((struct sockaddr *)(s))->sa_len); \
260 bcopy((d), &(idx)->dst, ((struct sockaddr *)(d))->sa_len); \
261 } while (0)
262
263 /*
264 * set parameters into secasindex buffer.
265 * Must allocate secasindex buffer before calling this function.
266 */
267 #define KEY_SETSECASIDX(p, m, s, d, idx) \
268 do { \
269 bzero((idx), sizeof(struct secasindex)); \
270 (idx)->proto = (p); \
271 (idx)->mode = (m)->sadb_msg_mode; \
272 (idx)->reqid = (m)->sadb_msg_reqid; \
273 bcopy((s), &(idx)->src, ((struct sockaddr *)(s))->sa_len); \
274 bcopy((d), &(idx)->dst, ((struct sockaddr *)(d))->sa_len); \
275 } while (0)
276
277 /* key statistics */
278 struct _keystat {
279 u_long getspi_count; /* the avarage of count to try to get new SPI */
280 } keystat;
281
282 static struct secasvar *key_allocsa_policy __P((struct secasindex *saidx));
283 static void key_freesp_so __P((struct secpolicy **sp));
284 static struct secasvar *key_do_allocsa_policy __P((struct secashead *sah,
285 u_int state));
286 static void key_delsp __P((struct secpolicy *sp));
287 static struct secpolicy *key_getsp __P((struct secpolicyindex *spidx));
288 static struct secpolicy *key_getspbyid __P((u_int32_t id));
289 static u_int32_t key_newreqid __P((void));
290 static struct sadb_msg *key_spdadd __P((caddr_t *mhp));
291 static u_int32_t key_getnewspid __P((void));
292 static struct sadb_msg *key_spddelete __P((caddr_t *mhp));
293 static struct sadb_msg *key_spddelete2 __P((caddr_t *mhp));
294 static int key_spdget __P((caddr_t *mhp, struct socket *so, int target));
295 static struct sadb_msg *key_spdflush __P((caddr_t *mhp));
296 static int key_spddump __P((caddr_t *mhp, struct socket *so, int target));
297 static struct mbuf *key_setdumpsp __P((struct secpolicy *sp,
298 u_int8_t type, u_int32_t seq, u_int32_t pid));
299 static u_int key_getspmsglen __P((struct secpolicy *sp));
300 static u_int key_getspreqmsglen __P((struct secpolicy *sp));
301 static struct secashead *key_newsah __P((struct secasindex *saidx));
302 static void key_delsah __P((struct secashead *sah));
303 static struct secasvar *key_newsav __P((caddr_t *mhp, struct secashead *sah));
304 static void key_delsav __P((struct secasvar *sav));
305 static struct secashead *key_getsah __P((struct secasindex *saidx));
306 static struct secasvar *key_checkspidup __P((struct secasindex *saidx,
307 u_int32_t spi));
308 static struct secasvar *key_getsavbyspi __P((struct secashead *sah,
309 u_int32_t spi));
310 static int key_setsaval __P((struct secasvar *sav, caddr_t *mhp));
311 static u_int key_getmsglen __P((struct secasvar *sav));
312 static int key_mature __P((struct secasvar *sav));
313 static u_int key_setdumpsa __P((struct sadb_msg *newmsg, struct secasvar *sav,
314 u_int8_t type, u_int8_t satype,
315 u_int32_t seq, u_int32_t pid));
316 #if 1
317 static int key_setsadbmsg_m __P((struct mbuf *, u_int8_t type, int tlen,
318 u_int8_t satype, u_int32_t seq, pid_t pid,
319 u_int8_t mode, u_int32_t reqid,
320 u_int8_t reserved1, u_int32_t reserved2));
321 #endif
322 static caddr_t key_setsadbmsg __P((caddr_t buf, u_int8_t type, int tlen,
323 u_int8_t satype, u_int32_t seq, pid_t pid,
324 u_int8_t mode, u_int32_t reqid,
325 u_int8_t reserved1, u_int32_t reserved2));
326 static caddr_t key_setsadbsa __P((caddr_t buf, struct secasvar *sav));
327 #if 1
328 static int key_setsadbaddr_m __P((struct mbuf *m, u_int16_t exttype,
329 struct sockaddr *saddr, u_int8_t prefixlen, u_int16_t ul_proto));
330 #endif
331 static caddr_t key_setsadbaddr __P((caddr_t buf, u_int16_t exttype,
332 struct sockaddr *saddr, u_int8_t prefixlen, u_int16_t ul_proto));
333 static caddr_t key_setsadbident
334 __P((caddr_t buf, u_int16_t exttype, u_int16_t idtype,
335 caddr_t string, int stringlen, u_int64_t id));
336 static caddr_t key_setsadbxpolicy
337 __P((caddr_t buf, u_int16_t type, u_int8_t dir, u_int32_t id));
338 static caddr_t key_setsadbext __P((caddr_t p, caddr_t ext));
339 static void *key_newbuf __P((void *src, u_int len));
340 #if INET6
341 static int key_ismyaddr6 __P((caddr_t addr));
342 #endif
343 #if 0
344 static int key_isloopback __P((u_int family, caddr_t addr));
345 #endif
346 static int key_cmpsaidx_exactly
347 __P((struct secasindex *saidx0, struct secasindex *saidx1));
348 static int key_cmpsaidx_withmode
349 __P((struct secasindex *saidx0, struct secasindex *saidx1));
350 static int key_cmpspidx_exactly
351 __P((struct secpolicyindex *spidx0, struct secpolicyindex *spidx1));
352 static int key_cmpspidx_withmask
353 __P((struct secpolicyindex *spidx0, struct secpolicyindex *spidx1));
354 static int key_bbcmp __P((caddr_t p1, caddr_t p2, u_int bits));
355 static u_int16_t key_satype2proto __P((u_int8_t satype));
356 static u_int8_t key_proto2satype __P((u_int16_t proto));
357
358 static struct sadb_msg *key_getspi __P((caddr_t *mhp));
359 static u_int32_t key_do_getnewspi __P((struct sadb_spirange *spirange,
360 struct secasindex *saidx));
361 static struct sadb_msg *key_update __P((caddr_t *mhp));
362 #ifdef IPSEC_DOSEQCHECK
363 static struct secasvar *key_getsavbyseq __P((struct secashead *sah,
364 u_int32_t seq));
365 #endif
366 static struct sadb_msg *key_add __P((caddr_t *mhp));
367 static int key_setident __P((struct secashead *sah, caddr_t *mhp));
368 static struct sadb_msg *key_getmsgbuf_x1 __P((caddr_t *mhp));
369 static struct sadb_msg *key_delete __P((caddr_t *mhp));
370 static struct sadb_msg *key_get __P((caddr_t *mhp));
371 static int key_acquire __P((struct secasindex *, struct secpolicy *));
372 static struct secacq *key_newacq __P((struct secasindex *saidx));
373 static struct secacq *key_getacq __P((struct secasindex *saidx));
374 static struct secacq *key_getacqbyseq __P((u_int32_t seq));
375 static struct secspacq *key_newspacq __P((struct secpolicyindex *spidx));
376 static struct secspacq *key_getspacq __P((struct secpolicyindex *spidx));
377 static struct sadb_msg *key_acquire2 __P((caddr_t *mhp));
378 static struct sadb_msg *key_register __P((caddr_t *mhp, struct socket *so));
379 static int key_expire __P((struct secasvar *sav));
380 static struct sadb_msg *key_flush __P((caddr_t *mhp));
381 static int key_dump __P((caddr_t *mhp, struct socket *so, int target));
382 static void key_promisc __P((caddr_t *mhp, struct socket *so));
383 static int key_sendall __P((struct sadb_msg *msg, u_int len));
384 static int key_align __P((struct sadb_msg *msg, caddr_t *mhp));
385 #if 0
386 static const char *key_getfqdn __P((void));
387 static const char *key_getuserfqdn __P((void));
388 #endif
389 static void key_sa_chgstate __P((struct secasvar *sav, u_int8_t state));
390 static caddr_t key_appendmbuf __P((struct mbuf *, int));
391
392 /* %%% IPsec policy management */
393 /*
394 * allocating a SP for OUTBOUND or INBOUND packet.
395 * Must call key_freesp() later.
396 * OUT: NULL: not found
397 * others: found and return the pointer.
398 */
399 struct secpolicy *
400 key_allocsp(spidx, dir)
401 struct secpolicyindex *spidx;
402 u_int dir;
403 {
404 struct secpolicy *sp;
405 int s;
406
407 /* sanity check */
408 if (spidx == NULL)
409 panic("key_allocsp: NULL pointer is passed.\n");
410
411 /* check direction */
412 switch (dir) {
413 case IPSEC_DIR_INBOUND:
414 case IPSEC_DIR_OUTBOUND:
415 break;
416 default:
417 panic("key_allocsp: Invalid direction is passed.\n");
418 }
419
420 /* get a SP entry */
421 #ifdef __NetBSD__
422 s = splsoftnet(); /*called from softclock()*/
423 #else
424 s = splnet(); /*called from softclock()*/
425 #endif
426 KEYDEBUG(KEYDEBUG_IPSEC_DATA,
427 printf("*** objects\n");
428 kdebug_secpolicyindex(spidx));
429
430 LIST_FOREACH(sp, &sptree[dir], chain) {
431 KEYDEBUG(KEYDEBUG_IPSEC_DATA,
432 printf("*** in SPD\n");
433 kdebug_secpolicyindex(&sp->spidx));
434
435 if (sp->state == IPSEC_SPSTATE_DEAD)
436 continue;
437 if (key_cmpspidx_withmask(&sp->spidx, spidx))
438 goto found;
439 }
440
441 splx(s);
442 return NULL;
443
444 found:
445 /* sanity check */
446 KEY_CHKSPDIR(sp->spidx.dir, dir, "key_allocsp");
447
448 /* found a SPD entry */
449 sp->refcnt++;
450 splx(s);
451 KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
452 printf("DP key_allocsp cause refcnt++:%d SP:%p\n",
453 sp->refcnt, sp));
454
455 return sp;
456 }
457
458 /*
459 * allocating a SA entry for a *OUTBOUND* packet.
460 * checking each request entries in SP, and acquire SA if need.
461 * OUT: 0: there are valid requests.
462 * ENOENT: policy may be valid, but SA with REQUIRE is on acquiring.
463 */
464 int
465 key_checkrequest(isr, saidx)
466 struct ipsecrequest *isr;
467 struct secasindex *saidx;
468 {
469 u_int level;
470 int error;
471
472 /* sanity check */
473 if (isr == NULL || saidx == NULL)
474 panic("key_checkrequest: NULL pointer is passed.\n");
475
476 /* check mode */
477 switch (saidx->mode) {
478 case IPSEC_MODE_TRANSPORT:
479 case IPSEC_MODE_TUNNEL:
480 break;
481 case IPSEC_MODE_ANY:
482 default:
483 panic("key_checkrequest: Invalid policy defined.\n");
484 }
485
486 /* get current level */
487 level = ipsec_get_reqlevel(isr);
488
489 #if 0
490 /*
491 * We do allocate new SA only if the state of SA in the holder is
492 * SADB_SASTATE_DEAD. The SA for outbound must be the oldest.
493 */
494 if (isr->sav != NULL) {
495 if (isr->sav->sah == NULL)
496 panic("key_checkrequest: sah is null.\n");
497 if (isr->sav == (struct secasvar *)LIST_FIRST(
498 &isr->sav->sah->savtree[SADB_SASTATE_DEAD])) {
499 KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
500 printf("DP checkrequest calls free SA:%p\n",
501 isr->sav));
502 key_freesav(isr->sav);
503 isr->sav = NULL;
504 }
505 }
506 #else
507 /*
508 * we free any SA stashed in the IPsec request because a different
509 * SA may be involved each time this request is checked, either
510 * because new SAs are being configured, or this request is
511 * associated with an unconnected datagram socket, or this request
512 * is associated with a system default policy.
513 *
514 * The operation may have negative impact to performance. We may
515 * want to check cached SA carefully, rather than picking new SA
516 * every time.
517 */
518 if (isr->sav != NULL) {
519 key_freesav(isr->sav);
520 isr->sav = NULL;
521 }
522 #endif
523
524 /*
525 * new SA allocation if no SA found.
526 * key_allocsa_policy should allocate the oldest SA available.
527 * See key_do_allocsa_policy(), and draft-jenkins-ipsec-rekeying-03.txt.
528 */
529 if (isr->sav == NULL)
530 isr->sav = key_allocsa_policy(saidx);
531
532 /* When there is SA. */
533 if (isr->sav != NULL)
534 return 0;
535
536 /* there is no SA */
537 if ((error = key_acquire(saidx, isr->sp)) != 0) {
538 /* XXX What I do ? */
539 #ifdef IPSEC_DEBUG
540 printf("key_checkrequest: error %d returned "
541 "from key_acquire.\n", error);
542 #endif
543 return error;
544 }
545
546 return level == IPSEC_LEVEL_REQUIRE ? ENOENT : 0;
547 }
548
549 /*
550 * allocating a SA for policy entry from SAD.
551 * NOTE: searching SAD of aliving state.
552 * OUT: NULL: not found.
553 * others: found and return the pointer.
554 */
555 static struct secasvar *
556 key_allocsa_policy(saidx)
557 struct secasindex *saidx;
558 {
559 struct secashead *sah;
560 struct secasvar *sav;
561 u_int stateidx, state;
562
563 LIST_FOREACH(sah, &sahtree, chain) {
564 if (sah->state == SADB_SASTATE_DEAD)
565 continue;
566 if (key_cmpsaidx_withmode(&sah->saidx, saidx))
567 goto found;
568 }
569
570 return NULL;
571
572 found:
573
574 /* search valid state */
575 for (stateidx = 0;
576 stateidx < _ARRAYLEN(saorder_state_valid);
577 stateidx++) {
578
579 state = saorder_state_valid[stateidx];
580
581 sav = key_do_allocsa_policy(sah, state);
582 if (sav != NULL)
583 return sav;
584 }
585
586 return NULL;
587 }
588
589 /*
590 * searching SAD with direction, protocol, mode and state.
591 * called by key_allocsa_policy().
592 * OUT:
593 * NULL : not found
594 * others : found, pointer to a SA.
595 */
596 static struct secasvar *
597 key_do_allocsa_policy(sah, state)
598 struct secashead *sah;
599 u_int state;
600 {
601 struct secasvar *sav, *candidate;
602
603 /* initilize */
604 candidate = NULL;
605
606 LIST_FOREACH(sav, &sah->savtree[state], chain) {
607
608 /* sanity check */
609 KEY_CHKSASTATE(sav->state, state, "key_do_allocsa_policy");
610
611 /* initialize */
612 if (candidate == NULL) {
613 candidate = sav;
614 continue;
615 }
616
617 /* Which SA is the better ? */
618
619 /* sanity check 2 */
620 if (candidate->lft_c == NULL || sav->lft_c == NULL)
621 panic("key_do_allocsa_policy: "
622 "lifetime_current is NULL.\n");
623
624 /* XXX What the best method is to compare ? */
625 if (candidate->lft_c->sadb_lifetime_addtime >
626 sav->lft_c->sadb_lifetime_addtime) {
627 candidate = sav;
628 continue;
629 }
630 }
631
632 if (candidate) {
633 candidate->refcnt++;
634 KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
635 printf("DP allocsa_policy cause "
636 "refcnt++:%d SA:%p\n",
637 candidate->refcnt, candidate));
638 }
639 return candidate;
640 }
641
642 /*
643 * allocating a SA entry for a *INBOUND* packet.
644 * Must call key_freesav() later.
645 * OUT: positive: pointer to a sav.
646 * NULL: not found, or error occured.
647 *
648 * In the comparison, source address will be ignored for RFC2401 conformance.
649 * To quote, from section 4.1:
650 * A security association is uniquely identified by a triple consisting
651 * of a Security Parameter Index (SPI), an IP Destination Address, and a
652 * security protocol (AH or ESP) identifier.
653 * Note that, however, we do need to keep source address in IPsec SA.
654 * IPsec SA. IKE specification and PF_KEY specification do assume that we
655 * keep source address in IPsec SA. We see a tricky situation here.
656 */
657 struct secasvar *
658 key_allocsa(family, src, dst, proto, spi)
659 u_int family, proto;
660 caddr_t src, dst;
661 u_int32_t spi;
662 {
663 struct secashead *sah;
664 struct secasvar *sav;
665 u_int stateidx, state;
666 int s;
667
668 /* sanity check */
669 if (src == NULL || dst == NULL)
670 panic("key_allocsa: NULL pointer is passed.\n");
671
672 /*
673 * searching SAD.
674 * XXX: to be checked internal IP header somewhere. Also when
675 * IPsec tunnel packet is received. But ESP tunnel mode is
676 * encrypted so we can't check internal IP header.
677 */
678 #ifdef __NetBSD__
679 s = splsoftnet(); /*called from softclock()*/
680 #else
681 s = splnet(); /*called from softclock()*/
682 #endif
683 LIST_FOREACH(sah, &sahtree, chain) {
684
685 /* search valid state */
686 for (stateidx = 0;
687 stateidx < _ARRAYLEN(saorder_state_valid);
688 stateidx++) {
689
690 state = saorder_state_valid[stateidx];
691 LIST_FOREACH(sav, &sah->savtree[state], chain) {
692
693 /* sanity check */
694 KEY_CHKSASTATE(sav->state, state, "key_allocsav");
695 if (proto != sav->sah->saidx.proto)
696 continue;
697 if (spi != sav->spi)
698 continue;
699
700 #if 0 /* don't check src */
701 if (!key_bbcmp(src,
702 _INADDRBYSA(&sav->sah->saidx.src),
703 _INALENBYAF(sav->sah->saidx.src.ss_family) << 3))
704 continue;
705 #endif
706 if (!key_bbcmp(dst,
707 _INADDRBYSA(&sav->sah->saidx.dst),
708 _INALENBYAF(sav->sah->saidx.dst.ss_family) << 3))
709 continue;
710
711 goto found;
712 }
713 }
714 }
715
716 /* not found */
717 splx(s);
718 return NULL;
719
720 found:
721 sav->refcnt++;
722 splx(s);
723 KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
724 printf("DP allocsa cause refcnt++:%d SA:%p\n",
725 sav->refcnt, sav));
726 return sav;
727 }
728
729 /*
730 * Must be called after calling key_allocsp().
731 * For both the packet without socket and key_freeso().
732 */
733 void
734 key_freesp(sp)
735 struct secpolicy *sp;
736 {
737 /* sanity check */
738 if (sp == NULL)
739 panic("key_freesp: NULL pointer is passed.\n");
740
741 sp->refcnt--;
742 KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
743 printf("DP freesp cause refcnt--:%d SP:%p\n",
744 sp->refcnt, sp));
745
746 if (sp->refcnt == 0)
747 key_delsp(sp);
748
749 return;
750 }
751
752 /*
753 * Must be called after calling key_allocsp().
754 * For the packet with socket.
755 */
756 void
757 key_freeso(so)
758 struct socket *so;
759 {
760 /* sanity check */
761 if (so == NULL)
762 panic("key_freeso: NULL pointer is passed.\n");
763
764 switch (so->so_proto->pr_domain->dom_family) {
765 #if INET
766 case PF_INET:
767 {
768 struct inpcb *pcb = sotoinpcb(so);
769
770 /* Does it have a PCB ? */
771 if (pcb == NULL)
772 return;
773 key_freesp_so(&pcb->inp_sp->sp_in);
774 key_freesp_so(&pcb->inp_sp->sp_out);
775 }
776 break;
777 #endif
778 #if INET6
779 case PF_INET6:
780 {
781 #if HAVE_NRL_INPCB
782 struct inpcb *pcb = sotoinpcb(so);
783
784 /* Does it have a PCB ? */
785 if (pcb == NULL)
786 return;
787 key_freesp_so(&pcb->inp_sp->sp_in);
788 key_freesp_so(&pcb->inp_sp->sp_out);
789 #else
790 struct in6pcb *pcb = sotoin6pcb(so);
791
792 /* Does it have a PCB ? */
793 if (pcb == NULL)
794 return;
795 key_freesp_so(&pcb->in6p_sp->sp_in);
796 key_freesp_so(&pcb->in6p_sp->sp_out);
797 #endif
798 }
799 break;
800 #endif /* INET6 */
801 default:
802 #if IPSEC_DEBUG
803 printf("key_freeso: unknown address family=%d.\n",
804 so->so_proto->pr_domain->dom_family);
805 #endif
806 return;
807 }
808
809 return;
810 }
811
812 static void
813 key_freesp_so(sp)
814 struct secpolicy **sp;
815 {
816 /* sanity check */
817 if (sp == NULL || *sp == NULL)
818 panic("key_freesp_so: sp == NULL\n");
819
820 switch ((*sp)->policy) {
821 case IPSEC_POLICY_IPSEC:
822 KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
823 printf("DP freeso calls free SP:%p\n", *sp));
824 key_freesp(*sp);
825 *sp = NULL;
826 break;
827 case IPSEC_POLICY_ENTRUST:
828 case IPSEC_POLICY_BYPASS:
829 return;
830 default:
831 panic("key_freesp_so: Invalid policy found %d", (*sp)->policy);
832 }
833
834 return;
835 }
836
837 /*
838 * Must be called after calling key_allocsa().
839 * This function is called by key_freesp() to free some SA allocated
840 * for a policy.
841 */
842 void
843 key_freesav(sav)
844 struct secasvar *sav;
845 {
846 /* sanity check */
847 if (sav == NULL)
848 panic("key_freesav: NULL pointer is passed.\n");
849
850 sav->refcnt--;
851 KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
852 printf("DP freesav cause refcnt--:%d SA:%p SPI %d\n",
853 sav->refcnt, sav, (u_int32_t)ntohl(sav->spi)));
854
855 if (sav->refcnt == 0)
856 key_delsav(sav);
857
858 return;
859 }
860
861 /* %%% SPD management */
862 /*
863 * free security policy entry.
864 */
865 static void
866 key_delsp(sp)
867 struct secpolicy *sp;
868 {
869 int s;
870
871 /* sanity check */
872 if (sp == NULL)
873 panic("key_delsp: NULL pointer is passed.\n");
874
875 sp->state = IPSEC_SPSTATE_DEAD;
876
877 if (sp->refcnt > 0)
878 return; /* can't free */
879
880 #if __NetBSD__
881 s = splsoftnet(); /*called from softclock()*/
882 #else
883 s = splnet(); /*called from softclock()*/
884 #endif
885 /* remove from SP index */
886 if (__LIST_CHAINED(sp))
887 LIST_REMOVE(sp, chain);
888
889 {
890 struct ipsecrequest *isr = sp->req, *nextisr;
891
892 while (isr != NULL) {
893 if (isr->sav != NULL) {
894 KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
895 printf("DP delsp calls free SA:%p\n",
896 isr->sav));
897 key_freesav(isr->sav);
898 isr->sav = NULL;
899 }
900
901 nextisr = isr->next;
902 KFREE(isr);
903 isr = nextisr;
904 }
905 }
906
907 keydb_delsecpolicy(sp);
908
909 splx(s);
910
911 return;
912 }
913
914 /*
915 * search SPD
916 * OUT: NULL : not found
917 * others : found, pointer to a SP.
918 */
919 static struct secpolicy *
920 key_getsp(spidx)
921 struct secpolicyindex *spidx;
922 {
923 struct secpolicy *sp;
924
925 /* sanity check */
926 if (spidx == NULL)
927 panic("key_getsp: NULL pointer is passed.\n");
928
929 LIST_FOREACH(sp, &sptree[spidx->dir], chain) {
930 if (sp->state == IPSEC_SPSTATE_DEAD)
931 continue;
932 if (key_cmpspidx_exactly(spidx, &sp->spidx)) {
933 sp->refcnt++;
934 return sp;
935 }
936 }
937
938 return NULL;
939 }
940
941 /*
942 * get SP by index.
943 * OUT: NULL : not found
944 * others : found, pointer to a SP.
945 */
946 static struct secpolicy *
947 key_getspbyid(id)
948 u_int32_t id;
949 {
950 struct secpolicy *sp;
951
952 LIST_FOREACH(sp, &sptree[IPSEC_DIR_INBOUND], chain) {
953 if (sp->state == IPSEC_SPSTATE_DEAD)
954 continue;
955 if (sp->id == id) {
956 sp->refcnt++;
957 return sp;
958 }
959 }
960
961 LIST_FOREACH(sp, &sptree[IPSEC_DIR_OUTBOUND], chain) {
962 if (sp->state == IPSEC_SPSTATE_DEAD)
963 continue;
964 if (sp->id == id) {
965 sp->refcnt++;
966 return sp;
967 }
968 }
969
970 return NULL;
971 }
972
973 struct secpolicy *
974 key_newsp()
975 {
976 struct secpolicy *newsp = NULL;
977
978 newsp = keydb_newsecpolicy();
979 if (!newsp)
980 return newsp;
981
982 newsp->refcnt = 1;
983 newsp->req = NULL;
984
985 return newsp;
986 }
987
988 /*
989 * create secpolicy structure from sadb_x_policy structure.
990 * NOTE: `state', `secpolicyindex' in secpolicy structure are not set,
991 * so must be set properly later.
992 */
993 struct secpolicy *
994 key_msg2sp(xpl0, len, error)
995 struct sadb_x_policy *xpl0;
996 size_t len;
997 int *error;
998 {
999 struct secpolicy *newsp;
1000
1001 /* sanity check */
1002 if (xpl0 == NULL)
1003 panic("key_msg2sp: NULL pointer was passed.\n");
1004 if (len < sizeof(*xpl0))
1005 panic("key_msg2sp: invalid length.\n");
1006 if (len != PFKEY_EXTLEN(xpl0)) {
1007 #if IPSEC_DEBUG
1008 printf("key_msg2sp: Invalid msg length.\n");
1009 #endif
1010 *error = EINVAL;
1011 return NULL;
1012 }
1013
1014 if ((newsp = key_newsp()) == NULL) {
1015 *error = ENOBUFS;
1016 return NULL;
1017 }
1018
1019 newsp->spidx.dir = xpl0->sadb_x_policy_dir;
1020 newsp->policy = xpl0->sadb_x_policy_type;
1021
1022 /* check policy */
1023 switch (xpl0->sadb_x_policy_type) {
1024 case IPSEC_POLICY_DISCARD:
1025 case IPSEC_POLICY_NONE:
1026 case IPSEC_POLICY_ENTRUST:
1027 case IPSEC_POLICY_BYPASS:
1028 newsp->req = NULL;
1029 break;
1030
1031 case IPSEC_POLICY_IPSEC:
1032 {
1033 int tlen;
1034 struct sadb_x_ipsecrequest *xisr;
1035 struct ipsecrequest **p_isr = &newsp->req;
1036
1037 /* validity check */
1038 if (PFKEY_EXTLEN(xpl0) < sizeof(*xpl0)) {
1039 #if IPSEC_DEBUG
1040 printf("key_msg2sp: Invalid msg length.\n");
1041 #endif
1042 key_freesp(newsp);
1043 *error = EINVAL;
1044 return NULL;
1045 }
1046
1047 tlen = PFKEY_EXTLEN(xpl0) - sizeof(*xpl0);
1048 xisr = (struct sadb_x_ipsecrequest *)(xpl0 + 1);
1049
1050 while (tlen > 0) {
1051
1052 /* length check */
1053 if (xisr->sadb_x_ipsecrequest_len < sizeof(*xisr)) {
1054 #if IPSEC_DEBUG
1055 printf("key_msg2sp: "
1056 "invalid ipsecrequest length.\n");
1057 #endif
1058 key_freesp(newsp);
1059 *error = EINVAL;
1060 return NULL;
1061 }
1062
1063 /* allocate request buffer */
1064 KMALLOC(*p_isr, struct ipsecrequest *, sizeof(**p_isr));
1065 if ((*p_isr) == NULL) {
1066 #if IPSEC_DEBUG
1067 printf("key_msg2sp: No more memory.\n");
1068 #endif
1069 key_freesp(newsp);
1070 *error = ENOBUFS;
1071 return NULL;
1072 }
1073 bzero(*p_isr, sizeof(**p_isr));
1074
1075 /* set values */
1076 (*p_isr)->next = NULL;
1077
1078 switch (xisr->sadb_x_ipsecrequest_proto) {
1079 case IPPROTO_ESP:
1080 case IPPROTO_AH:
1081 #if 1 /*nonstandard*/
1082 case IPPROTO_IPCOMP:
1083 #endif
1084 break;
1085 default:
1086 #if IPSEC_DEBUG
1087 printf("key_msg2sp: invalid proto type=%u\n",
1088 xisr->sadb_x_ipsecrequest_proto);
1089 #endif
1090 key_freesp(newsp);
1091 *error = EPROTONOSUPPORT;
1092 return NULL;
1093 }
1094 (*p_isr)->saidx.proto = xisr->sadb_x_ipsecrequest_proto;
1095
1096 switch (xisr->sadb_x_ipsecrequest_mode) {
1097 case IPSEC_MODE_TRANSPORT:
1098 case IPSEC_MODE_TUNNEL:
1099 break;
1100 case IPSEC_MODE_ANY:
1101 default:
1102 #if IPSEC_DEBUG
1103 printf("key_msg2sp: invalid mode=%u\n",
1104 xisr->sadb_x_ipsecrequest_mode);
1105 #endif
1106 key_freesp(newsp);
1107 *error = EINVAL;
1108 return NULL;
1109 }
1110 (*p_isr)->saidx.mode = xisr->sadb_x_ipsecrequest_mode;
1111
1112 switch (xisr->sadb_x_ipsecrequest_level) {
1113 case IPSEC_LEVEL_DEFAULT:
1114 case IPSEC_LEVEL_USE:
1115 case IPSEC_LEVEL_REQUIRE:
1116 break;
1117 case IPSEC_LEVEL_UNIQUE:
1118 /* validity check */
1119 /*
1120 * If range violation of reqid, kernel will
1121 * update it, don't refuse it.
1122 */
1123 if (xisr->sadb_x_ipsecrequest_reqid
1124 > IPSEC_MANUAL_REQID_MAX) {
1125 #if IPSEC_DEBUG
1126 printf("key_msg2sp: reqid=%d "
1127 "range violation, "
1128 "updated by kernel.\n",
1129 xisr->sadb_x_ipsecrequest_reqid);
1130 #endif
1131 xisr->sadb_x_ipsecrequest_reqid = 0;
1132 }
1133
1134 /* allocate new reqid id if reqid is zero. */
1135 if (xisr->sadb_x_ipsecrequest_reqid == 0) {
1136 u_int32_t reqid;
1137 if ((reqid = key_newreqid()) == 0) {
1138 key_freesp(newsp);
1139 *error = ENOBUFS;
1140 return NULL;
1141 }
1142 (*p_isr)->saidx.reqid = reqid;
1143 xisr->sadb_x_ipsecrequest_reqid = reqid;
1144 } else {
1145 /* set it for manual keying. */
1146 (*p_isr)->saidx.reqid =
1147 xisr->sadb_x_ipsecrequest_reqid;
1148 }
1149 break;
1150
1151 default:
1152 #if IPSEC_DEBUG
1153 printf("key_msg2sp: invalid level=%u\n",
1154 xisr->sadb_x_ipsecrequest_level);
1155 #endif
1156 key_freesp(newsp);
1157 *error = EINVAL;
1158 return NULL;
1159 }
1160 (*p_isr)->level = xisr->sadb_x_ipsecrequest_level;
1161
1162 /* set IP addresses if there */
1163 if (xisr->sadb_x_ipsecrequest_len > sizeof(*xisr)) {
1164 struct sockaddr *paddr;
1165
1166 paddr = (struct sockaddr *)(xisr + 1);
1167
1168 /* validity check */
1169 if (paddr->sa_len
1170 > sizeof((*p_isr)->saidx.src)) {
1171 #if IPSEC_DEBUG
1172 printf("key_msg2sp: invalid request "
1173 "address length.\n");
1174 #endif
1175 key_freesp(newsp);
1176 *error = EINVAL;
1177 return NULL;
1178 }
1179 bcopy(paddr, &(*p_isr)->saidx.src,
1180 paddr->sa_len);
1181
1182 paddr = (struct sockaddr *)((caddr_t)paddr
1183 + paddr->sa_len);
1184
1185 /* validity check */
1186 if (paddr->sa_len
1187 > sizeof((*p_isr)->saidx.dst)) {
1188 #if IPSEC_DEBUG
1189 printf("key_msg2sp: invalid request "
1190 "address length.\n");
1191 #endif
1192 key_freesp(newsp);
1193 *error = EINVAL;
1194 return NULL;
1195 }
1196 bcopy(paddr, &(*p_isr)->saidx.dst,
1197 paddr->sa_len);
1198 }
1199
1200 (*p_isr)->sav = NULL;
1201 (*p_isr)->sp = newsp;
1202
1203 /* initialization for the next. */
1204 p_isr = &(*p_isr)->next;
1205 tlen -= xisr->sadb_x_ipsecrequest_len;
1206
1207 /* validity check */
1208 if (tlen < 0) {
1209 #if IPSEC_DEBUG
1210 printf("key_msg2sp: becoming tlen < 0.\n");
1211 #endif
1212 key_freesp(newsp);
1213 *error = EINVAL;
1214 return NULL;
1215 }
1216
1217 xisr = (struct sadb_x_ipsecrequest *)((caddr_t)xisr
1218 + xisr->sadb_x_ipsecrequest_len);
1219 }
1220 }
1221 break;
1222 default:
1223 #if IPSEC_DEBUG
1224 printf("key_msg2sp: invalid policy type.\n");
1225 #endif
1226 key_freesp(newsp);
1227 *error = EINVAL;
1228 return NULL;
1229 }
1230
1231 *error = 0;
1232 return newsp;
1233 }
1234
1235 static u_int32_t
1236 key_newreqid()
1237 {
1238 static u_int32_t auto_reqid = IPSEC_MANUAL_REQID_MAX + 1;
1239
1240 auto_reqid = (auto_reqid == ~0
1241 ? IPSEC_MANUAL_REQID_MAX + 1 : auto_reqid + 1);
1242
1243 /* XXX should be unique check */
1244
1245 return auto_reqid;
1246 }
1247
1248 /*
1249 * copy secpolicy struct to sadb_x_policy structure indicated.
1250 */
1251 struct mbuf *
1252 key_sp2msg(sp)
1253 struct secpolicy *sp;
1254 {
1255 struct sadb_x_policy *xpl;
1256 int tlen;
1257 caddr_t p;
1258 struct mbuf *m;
1259
1260 /* sanity check. */
1261 if (sp == NULL)
1262 panic("key_sp2msg: NULL pointer was passed.\n");
1263
1264 tlen = key_getspreqmsglen(sp);
1265
1266 MGET(m, M_DONTWAIT, MT_DATA);
1267 if (m && MLEN < tlen) {
1268 MCLGET(m, M_DONTWAIT);
1269 if ((m->m_flags & M_EXT) == 0) {
1270 m_free(m);
1271 m = NULL;
1272 }
1273 }
1274 m->m_len = 0;
1275 if (!m || M_TRAILINGSPACE(m) < tlen) {
1276 #if IPSEC_DEBUG
1277 printf("key_sp2msg: No more memory.\n");
1278 #endif
1279 if (m)
1280 m_free(m);
1281 return NULL;
1282 }
1283
1284 m->m_len = tlen;
1285 m->m_next = NULL;
1286 xpl = mtod(m, struct sadb_x_policy *);
1287 bzero(xpl, tlen);
1288
1289 xpl->sadb_x_policy_len = PFKEY_UNIT64(tlen);
1290 xpl->sadb_x_policy_exttype = SADB_X_EXT_POLICY;
1291 xpl->sadb_x_policy_type = sp->policy;
1292 xpl->sadb_x_policy_dir = sp->spidx.dir;
1293 xpl->sadb_x_policy_id = sp->id;
1294 p = (caddr_t)xpl + sizeof(*xpl);
1295
1296 /* if is the policy for ipsec ? */
1297 if (sp->policy == IPSEC_POLICY_IPSEC) {
1298 struct sadb_x_ipsecrequest *xisr;
1299 struct ipsecrequest *isr;
1300
1301 for (isr = sp->req; isr != NULL; isr = isr->next) {
1302
1303 xisr = (struct sadb_x_ipsecrequest *)p;
1304
1305 xisr->sadb_x_ipsecrequest_proto = isr->saidx.proto;
1306 xisr->sadb_x_ipsecrequest_mode = isr->saidx.mode;
1307 xisr->sadb_x_ipsecrequest_level = isr->level;
1308 xisr->sadb_x_ipsecrequest_reqid = isr->saidx.reqid;
1309
1310 p += sizeof(*xisr);
1311 bcopy(&isr->saidx.src, p, isr->saidx.src.ss_len);
1312 p += isr->saidx.src.ss_len;
1313 bcopy(&isr->saidx.dst, p, isr->saidx.dst.ss_len);
1314 p += isr->saidx.src.ss_len;
1315
1316 xisr->sadb_x_ipsecrequest_len =
1317 PFKEY_ALIGN8(sizeof(*xisr)
1318 + isr->saidx.src.ss_len
1319 + isr->saidx.dst.ss_len);
1320 }
1321 }
1322
1323 return m;
1324 }
1325
1326 /*
1327 * SADB_X_SPDADD, SADB_X_SPDSETIDX or SADB_X_SPDUPDATE processing
1328 * add a entry to SP database, when received
1329 * <base, address(SD), policy>
1330 * from the user(?).
1331 * Adding to SP database,
1332 * and send
1333 * <base, address(SD), policy>
1334 * to the socket which was send.
1335 *
1336 * SPDADD set a unique policy entry.
1337 * SPDSETIDX like SPDADD without a part of policy requests.
1338 * SPDUPDATE replace a unique policy entry.
1339 *
1340 * IN: mhp: pointer to the pointer to each header.
1341 * OUT: NULL if fail.
1342 * other if success, return pointer to the message to send.
1343 *
1344 */
1345 static struct sadb_msg *
1346 key_spdadd(mhp)
1347 caddr_t *mhp;
1348 {
1349 struct sadb_msg *msg0;
1350 struct sadb_address *src0, *dst0;
1351 struct sadb_x_policy *xpl0;
1352 struct secpolicyindex spidx;
1353 struct secpolicy *newsp;
1354 int error;
1355
1356 /* sanity check */
1357 if (mhp == NULL || mhp[0] == NULL)
1358 panic("key_spdadd: NULL pointer is passed.\n");
1359
1360 msg0 = (struct sadb_msg *)mhp[0];
1361
1362 if (mhp[SADB_EXT_ADDRESS_SRC] == NULL
1363 || mhp[SADB_EXT_ADDRESS_DST] == NULL
1364 || mhp[SADB_X_EXT_POLICY] == NULL) {
1365 #if IPSEC_DEBUG
1366 printf("key_spdadd: invalid message is passed.\n");
1367 #endif
1368 msg0->sadb_msg_errno = EINVAL;
1369 return NULL;
1370 }
1371
1372 src0 = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_SRC];
1373 dst0 = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_DST];
1374 xpl0 = (struct sadb_x_policy *)mhp[SADB_X_EXT_POLICY];
1375
1376 /* make secindex */
1377 KEY_SETSECSPIDX(xpl0->sadb_x_policy_dir,
1378 src0 + 1,
1379 dst0 + 1,
1380 src0->sadb_address_prefixlen,
1381 dst0->sadb_address_prefixlen,
1382 src0->sadb_address_proto,
1383 &spidx);
1384
1385 /* checking the direciton. */
1386 switch (xpl0->sadb_x_policy_dir) {
1387 case IPSEC_DIR_INBOUND:
1388 case IPSEC_DIR_OUTBOUND:
1389 break;
1390 default:
1391 #if IPSEC_DEBUG
1392 printf("key_spdadd: Invalid SP direction.\n");
1393 #endif
1394 msg0->sadb_msg_errno = EINVAL;
1395 return NULL;
1396 }
1397
1398 /* check policy */
1399 /* key_spdadd() accepts DISCARD, NONE and IPSEC. */
1400 if (xpl0->sadb_x_policy_type == IPSEC_POLICY_ENTRUST
1401 || xpl0->sadb_x_policy_type == IPSEC_POLICY_BYPASS) {
1402 #if IPSEC_DEBUG
1403 printf("key_spdadd: Invalid policy type.\n");
1404 #endif
1405 msg0->sadb_msg_errno = EINVAL;
1406 return NULL;
1407 }
1408
1409 /* policy requests are mandatory when action is ipsec. */
1410 if (msg0->sadb_msg_type != SADB_X_SPDSETIDX
1411 && xpl0->sadb_x_policy_type == IPSEC_POLICY_IPSEC
1412 && PFKEY_EXTLEN(xpl0) <= sizeof(*xpl0)) {
1413 #if IPSEC_DEBUG
1414 printf("key_spdadd: some policy requests part required.\n");
1415 #endif
1416 msg0->sadb_msg_errno = EINVAL;
1417 return NULL;
1418 }
1419
1420 /*
1421 * checking there is SP already or not.
1422 * If type is SPDUPDATE and no SP found, then error.
1423 * If type is either SPDADD or SPDSETIDX and SP found, then error.
1424 */
1425 newsp = key_getsp(&spidx);
1426 if (msg0->sadb_msg_type == SADB_X_SPDUPDATE) {
1427 if (newsp == NULL) {
1428 #if IPSEC_DEBUG
1429 printf("key_spdadd: no SP found.\n");
1430 #endif
1431 msg0->sadb_msg_errno = ENOENT;
1432 return NULL;
1433 }
1434
1435 newsp->state = IPSEC_SPSTATE_DEAD;
1436 key_freesp(newsp);
1437 } else {
1438 if (newsp != NULL) {
1439 key_freesp(newsp);
1440 #if IPSEC_DEBUG
1441 printf("key_spdadd: a SP entry exists already.\n");
1442 #endif
1443 msg0->sadb_msg_errno = EEXIST;
1444 return NULL;
1445 }
1446 }
1447
1448 /* allocation new SP entry */
1449 if ((newsp = key_msg2sp(xpl0, PFKEY_EXTLEN(xpl0), &error)) == NULL) {
1450 msg0->sadb_msg_errno = error;
1451 return NULL;
1452 }
1453
1454 if ((newsp->id = key_getnewspid()) == 0) {
1455 msg0->sadb_msg_errno = ENOBUFS;
1456 keydb_delsecpolicy(newsp);
1457 return NULL;
1458 }
1459
1460 KEY_SETSECSPIDX(xpl0->sadb_x_policy_dir,
1461 src0 + 1,
1462 dst0 + 1,
1463 src0->sadb_address_prefixlen,
1464 dst0->sadb_address_prefixlen,
1465 src0->sadb_address_proto,
1466 &newsp->spidx);
1467
1468 /* sanity check on addr pair */
1469 if (((struct sockaddr *)(src0 + 1))->sa_family !=
1470 ((struct sockaddr *)(dst0+ 1))->sa_family) {
1471 msg0->sadb_msg_errno = EINVAL;
1472 keydb_delsecpolicy(newsp);
1473 return NULL;
1474 }
1475 #if 1
1476 if (newsp->req && newsp->req->saidx.src.ss_family) {
1477 struct sockaddr *sa;
1478 sa = (struct sockaddr *)(src0 + 1);
1479 if (sa->sa_family != newsp->req->saidx.src.ss_family) {
1480 msg0->sadb_msg_errno = EINVAL;
1481 keydb_delsecpolicy(newsp);
1482 return NULL;
1483 }
1484 }
1485 if (newsp->req && newsp->req->saidx.dst.ss_family) {
1486 struct sockaddr *sa;
1487 sa = (struct sockaddr *)(dst0 + 1);
1488 if (sa->sa_family != newsp->req->saidx.dst.ss_family) {
1489 msg0->sadb_msg_errno = EINVAL;
1490 keydb_delsecpolicy(newsp);
1491 return NULL;
1492 }
1493 }
1494 #endif
1495
1496 newsp->refcnt = 1; /* do not reclaim until I say I do */
1497 newsp->state = IPSEC_SPSTATE_ALIVE;
1498 LIST_INSERT_HEAD(&sptree[newsp->spidx.dir], newsp, chain);
1499
1500 /* delete the entry in spacqtree */
1501 if (msg0->sadb_msg_type == SADB_X_SPDUPDATE) {
1502 struct secspacq *spacq;
1503 if ((spacq = key_getspacq(&spidx)) != NULL) {
1504 /* reset counter in order to deletion by timehander. */
1505 spacq->tick = key_blockacq_lifetime;
1506 spacq->count = 0;
1507 }
1508 }
1509
1510 {
1511 struct sadb_msg *newmsg;
1512 u_int len;
1513 caddr_t p;
1514
1515 /* create new sadb_msg to reply. */
1516 len = sizeof(struct sadb_msg)
1517 + PFKEY_EXTLEN(mhp[SADB_X_EXT_POLICY])
1518 + PFKEY_EXTLEN(mhp[SADB_EXT_ADDRESS_SRC])
1519 + PFKEY_EXTLEN(mhp[SADB_EXT_ADDRESS_DST]);
1520
1521 KMALLOC(newmsg, struct sadb_msg *, len);
1522 if (newmsg == NULL) {
1523 #if IPSEC_DEBUG
1524 printf("key_spdadd: No more memory.\n");
1525 #endif
1526 /* newsp persists in the kernel */
1527 msg0->sadb_msg_errno = ENOBUFS;
1528 return NULL;
1529 }
1530 bzero((caddr_t)newmsg, len);
1531
1532 bcopy((caddr_t)msg0, (caddr_t)newmsg, sizeof(*msg0));
1533 newmsg->sadb_msg_errno = 0;
1534 newmsg->sadb_msg_len = PFKEY_UNIT64(len);
1535 p = (caddr_t)newmsg + sizeof(*msg0);
1536
1537 /*
1538 * reqid may had been updated at key_msg2sp() if reqid's
1539 * range violation.
1540 */
1541 ((struct sadb_x_policy *)mhp[SADB_X_EXT_POLICY])->sadb_x_policy_id = newsp->id;
1542 p = key_setsadbext(p, mhp[SADB_X_EXT_POLICY]);
1543
1544 p = key_setsadbext(p, mhp[SADB_EXT_ADDRESS_SRC]);
1545 p = key_setsadbext(p, mhp[SADB_EXT_ADDRESS_DST]);
1546
1547 return newmsg;
1548 }
1549 }
1550
1551 /*
1552 * get new policy id.
1553 * OUT:
1554 * 0: failure.
1555 * others: success.
1556 */
1557 static u_int32_t
1558 key_getnewspid()
1559 {
1560 u_int32_t newid = 0;
1561 int count = key_spi_trycnt; /* XXX */
1562 struct secpolicy *sp;
1563
1564 /* when requesting to allocate spi ranged */
1565 while (count--) {
1566 newid = (policy_id = (policy_id == ~0 ? 1 : ++policy_id));
1567
1568 if ((sp = key_getspbyid(newid)) == NULL)
1569 break;
1570
1571 key_freesp(sp);
1572 }
1573
1574 if (count == 0 || newid == 0) {
1575 #if IPSEC_DEBUG
1576 printf("key_getnewspid: to allocate policy id is failed.\n");
1577 #endif
1578 return 0;
1579 }
1580
1581 return newid;
1582 }
1583
1584 /*
1585 * SADB_SPDDELETE processing
1586 * receive
1587 * <base, address(SD), policy(*)>
1588 * from the user(?), and set SADB_SASTATE_DEAD,
1589 * and send,
1590 * <base, address(SD), policy(*)>
1591 * to the ikmpd.
1592 * policy(*) including direction of policy.
1593 *
1594 * IN: mhp: pointer to the pointer to each header.
1595 * OUT: other if success, return pointer to the message to send.
1596 * 0 if fail.
1597 */
1598 static struct sadb_msg *
1599 key_spddelete(mhp)
1600 caddr_t *mhp;
1601 {
1602 struct sadb_msg *msg0;
1603 struct sadb_address *src0, *dst0;
1604 struct sadb_x_policy *xpl0;
1605 struct secpolicyindex spidx;
1606 struct secpolicy *sp;
1607
1608 /* sanity check */
1609 if (mhp == NULL || mhp[0] == NULL)
1610 panic("key_spddelete: NULL pointer is passed.\n");
1611
1612 msg0 = (struct sadb_msg *)mhp[0];
1613
1614 if (mhp[SADB_EXT_ADDRESS_SRC] == NULL
1615 || mhp[SADB_EXT_ADDRESS_DST] == NULL
1616 || mhp[SADB_X_EXT_POLICY] == NULL) {
1617 #if IPSEC_DEBUG
1618 printf("key_spddelete: invalid message is passed.\n");
1619 #endif
1620 msg0->sadb_msg_errno = EINVAL;
1621 return NULL;
1622 }
1623
1624 src0 = (struct sadb_address *)(mhp[SADB_EXT_ADDRESS_SRC]);
1625 dst0 = (struct sadb_address *)(mhp[SADB_EXT_ADDRESS_DST]);
1626 xpl0 = (struct sadb_x_policy *)mhp[SADB_X_EXT_POLICY];
1627
1628 /* make secindex */
1629 KEY_SETSECSPIDX(xpl0->sadb_x_policy_dir,
1630 src0 + 1,
1631 dst0 + 1,
1632 src0->sadb_address_prefixlen,
1633 dst0->sadb_address_prefixlen,
1634 src0->sadb_address_proto,
1635 &spidx);
1636
1637 /* checking the direciton. */
1638 switch (xpl0->sadb_x_policy_dir) {
1639 case IPSEC_DIR_INBOUND:
1640 case IPSEC_DIR_OUTBOUND:
1641 break;
1642 default:
1643 #if IPSEC_DEBUG
1644 printf("key_spddelete: Invalid SP direction.\n");
1645 #endif
1646 msg0->sadb_msg_errno = EINVAL;
1647 return NULL;
1648 }
1649
1650 /* Is there SP in SPD ? */
1651 if ((sp = key_getsp(&spidx)) == NULL) {
1652 #if IPSEC_DEBUG
1653 printf("key_spddelete: no SP found.\n");
1654 #endif
1655 msg0->sadb_msg_errno = ENOENT;
1656 return NULL;
1657 }
1658
1659 /* save policy id to buffer to be returned. */
1660 xpl0->sadb_x_policy_id = sp->id;
1661
1662 sp->state = IPSEC_SPSTATE_DEAD;
1663 key_freesp(sp);
1664
1665 {
1666 struct sadb_msg *newmsg;
1667 u_int len;
1668 caddr_t p;
1669
1670 /* create new sadb_msg to reply. */
1671 len = sizeof(struct sadb_msg)
1672 + PFKEY_EXTLEN(mhp[SADB_X_EXT_POLICY])
1673 + PFKEY_EXTLEN(mhp[SADB_EXT_ADDRESS_SRC])
1674 + PFKEY_EXTLEN(mhp[SADB_EXT_ADDRESS_DST]);
1675
1676 KMALLOC(newmsg, struct sadb_msg *, len);
1677 if (newmsg == NULL) {
1678 #if IPSEC_DEBUG
1679 printf("key_spddelete: No more memory.\n");
1680 #endif
1681 msg0->sadb_msg_errno = ENOBUFS;
1682 return NULL;
1683 }
1684 bzero((caddr_t)newmsg, len);
1685
1686 bcopy((caddr_t)mhp[0], (caddr_t)newmsg, sizeof(*msg0));
1687 newmsg->sadb_msg_errno = 0;
1688 newmsg->sadb_msg_len = PFKEY_UNIT64(len);
1689 p = (caddr_t)newmsg + sizeof(*msg0);
1690
1691 p = key_setsadbext(p, mhp[SADB_X_EXT_POLICY]);
1692 p = key_setsadbext(p, mhp[SADB_EXT_ADDRESS_SRC]);
1693 p = key_setsadbext(p, mhp[SADB_EXT_ADDRESS_DST]);
1694
1695 return newmsg;
1696 }
1697 }
1698
1699 /*
1700 * SADB_SPDDELETE2 processing
1701 * receive
1702 * <base, policy(*)>
1703 * from the user(?), and set SADB_SASTATE_DEAD,
1704 * and send,
1705 * <base, policy(*)>
1706 * to the ikmpd.
1707 * policy(*) including direction of policy.
1708 *
1709 * IN: mhp: pointer to the pointer to each header.
1710 * OUT: other if success, return pointer to the message to send.
1711 * 0 if fail.
1712 */
1713 static struct sadb_msg *
1714 key_spddelete2(mhp)
1715 caddr_t *mhp;
1716 {
1717 struct sadb_msg *msg0;
1718 u_int32_t id;
1719 struct secpolicy *sp;
1720
1721 /* sanity check */
1722 if (mhp == NULL || mhp[0] == NULL)
1723 panic("key_spddelete2: NULL pointer is passed.\n");
1724
1725 msg0 = (struct sadb_msg *)mhp[0];
1726
1727 if (mhp[SADB_X_EXT_POLICY] == NULL) {
1728 #if IPSEC_DEBUG
1729 printf("key_spddelete2: invalid message is passed.\n");
1730 #endif
1731 msg0->sadb_msg_errno = EINVAL;
1732 return NULL;
1733 }
1734
1735 id = ((struct sadb_x_policy *)mhp[SADB_X_EXT_POLICY])->sadb_x_policy_id;
1736
1737 /* Is there SP in SPD ? */
1738 if ((sp = key_getspbyid(id)) == NULL) {
1739 #if IPSEC_DEBUG
1740 printf("key_spddelete2: no SP found id:%u.\n", id);
1741 #endif
1742 msg0->sadb_msg_errno = ENOENT;
1743 return NULL;
1744 }
1745
1746 sp->state = IPSEC_SPSTATE_DEAD;
1747 key_freesp(sp);
1748
1749 {
1750 struct sadb_msg *newmsg;
1751 u_int len;
1752 caddr_t p;
1753
1754 /* create new sadb_msg to reply. */
1755 len = sizeof(struct sadb_msg)
1756 + PFKEY_EXTLEN(mhp[SADB_X_EXT_POLICY]);
1757
1758 KMALLOC(newmsg, struct sadb_msg *, len);
1759 if (newmsg == NULL) {
1760 #if IPSEC_DEBUG
1761 printf("key_spddelete2: No more memory.\n");
1762 #endif
1763 msg0->sadb_msg_errno = ENOBUFS;
1764 return NULL;
1765 }
1766 bzero((caddr_t)newmsg, len);
1767
1768 bcopy((caddr_t)mhp[0], (caddr_t)newmsg, sizeof(*msg0));
1769 newmsg->sadb_msg_errno = 0;
1770 newmsg->sadb_msg_len = PFKEY_UNIT64(len);
1771 p = (caddr_t)newmsg + sizeof(*msg0);
1772
1773 p = key_setsadbext(p, mhp[SADB_X_EXT_POLICY]);
1774
1775 return newmsg;
1776 }
1777 }
1778
1779 /*
1780 * SADB_X_GET processing
1781 * receive
1782 * <base, policy(*)>
1783 * from the user(?),
1784 * and send,
1785 * <base, address(SD), policy>
1786 * to the ikmpd.
1787 * policy(*) including direction of policy.
1788 *
1789 * IN: mhp: pointer to the pointer to each header.
1790 * OUT: other if success, return pointer to the message to send.
1791 * 0 if fail.
1792 */
1793 static int
1794 key_spdget(mhp, so, target)
1795 caddr_t *mhp;
1796 struct socket *so;
1797 int target;
1798 {
1799 struct sadb_msg *msg0;
1800 u_int32_t id;
1801 struct secpolicy *sp;
1802 struct mbuf *m;
1803
1804 /* sanity check */
1805 if (mhp == NULL || mhp[0] == NULL)
1806 panic("key_spdget: NULL pointer is passed.\n");
1807
1808 msg0 = (struct sadb_msg *)mhp[0];
1809
1810 if (mhp[SADB_X_EXT_POLICY] == NULL) {
1811 #if IPSEC_DEBUG
1812 printf("key_spdget: invalid message is passed.\n");
1813 #endif
1814 return EINVAL;
1815 }
1816
1817 id = ((struct sadb_x_policy *)mhp[SADB_X_EXT_POLICY])->sadb_x_policy_id;
1818
1819 /* Is there SP in SPD ? */
1820 if ((sp = key_getspbyid(id)) == NULL) {
1821 #if IPSEC_DEBUG
1822 printf("key_spdget: no SP found id:%u.\n", id);
1823 #endif
1824 return ENOENT;
1825 }
1826
1827 m = key_setdumpsp(sp, SADB_X_SPDGET, 0, msg0->sadb_msg_pid);
1828 if (m != NULL)
1829 key_sendup_mbuf(so, m, target);
1830
1831 return 0;
1832 }
1833
1834 /*
1835 * SADB_X_SPDACQUIRE processing.
1836 * Acquire policy and SA(s) for a *OUTBOUND* packet.
1837 * send
1838 * <base, policy(*)>
1839 * to KMD, and expect to receive
1840 * <base> with SADB_X_SPDACQUIRE if error occured,
1841 * or
1842 * <base, policy>
1843 * with SADB_X_SPDUPDATE from KMD by PF_KEY.
1844 * policy(*) is without policy requests.
1845 *
1846 * 0 : succeed
1847 * others: error number
1848 */
1849 int
1850 key_spdacquire(sp)
1851 struct secpolicy *sp;
1852 {
1853 struct secspacq *newspacq;
1854 int error;
1855
1856 /* sanity check */
1857 if (sp == NULL)
1858 panic("key_spdacquire: NULL pointer is passed.\n");
1859 if (sp->req != NULL)
1860 panic("key_spdacquire: called but there is request.\n");
1861 if (sp->policy != IPSEC_POLICY_IPSEC)
1862 panic("key_spdacquire: policy mismathed. IPsec is expected.\n");
1863
1864 /* get a entry to check whether sent message or not. */
1865 if ((newspacq = key_getspacq(&sp->spidx)) != NULL) {
1866 if (key_blockacq_count < newspacq->count) {
1867 /* reset counter and do send message. */
1868 newspacq->count = 0;
1869 } else {
1870 /* increment counter and do nothing. */
1871 newspacq->count++;
1872 return 0;
1873 }
1874 } else {
1875 /* make new entry for blocking to send SADB_ACQUIRE. */
1876 if ((newspacq = key_newspacq(&sp->spidx)) == NULL)
1877 return ENOBUFS;
1878
1879 /* add to acqtree */
1880 LIST_INSERT_HEAD(&spacqtree, newspacq, chain);
1881 }
1882
1883 {
1884 struct sadb_msg *newmsg = NULL;
1885 union sadb_x_ident_id id;
1886 u_int len;
1887 caddr_t p;
1888
1889 /* create new sadb_msg to reply. */
1890 len = sizeof(struct sadb_msg)
1891 + sizeof(struct sadb_ident)
1892 + PFKEY_ALIGN8(sp->spidx.src.ss_len)
1893 + sizeof(struct sadb_ident)
1894 + PFKEY_ALIGN8(sp->spidx.dst.ss_len);
1895
1896 KMALLOC(newmsg, struct sadb_msg *, len);
1897 if (newmsg == 0) {
1898 #if IPSEC_DEBUG
1899 printf("key_spdacquire: No more memory.\n");
1900 #endif
1901 return ENOBUFS;
1902 }
1903 bzero((caddr_t)newmsg, len);
1904
1905 newmsg->sadb_msg_version = PF_KEY_V2;
1906 newmsg->sadb_msg_type = SADB_X_SPDACQUIRE;
1907 newmsg->sadb_msg_errno = 0;
1908 newmsg->sadb_msg_satype = 0;
1909 newmsg->sadb_msg_len = PFKEY_UNIT64(len);
1910 newmsg->sadb_msg_mode = 0;
1911 newmsg->sadb_msg_reqid = 0;
1912 newmsg->sadb_msg_seq = 0;
1913 newmsg->sadb_msg_pid = 0;
1914 p = (caddr_t)newmsg + sizeof(struct sadb_msg);
1915
1916 /* set sadb_address for spidx's. */
1917 bzero(&id, sizeof(id));
1918 id.sadb_x_ident_id_addr.prefix = sp->spidx.prefs;
1919 id.sadb_x_ident_id_addr.ul_proto = sp->spidx.ul_proto;
1920 p = key_setsadbident(p,
1921 SADB_EXT_IDENTITY_SRC,
1922 SADB_X_IDENTTYPE_ADDR,
1923 (caddr_t)&sp->spidx.src,
1924 sp->spidx.src.ss_len,
1925 *(u_int64_t *)&id);
1926
1927 bzero(&id, sizeof(id));
1928 id.sadb_x_ident_id_addr.prefix = sp->spidx.prefd;
1929 id.sadb_x_ident_id_addr.ul_proto = sp->spidx.ul_proto;
1930 p = key_setsadbident(p,
1931 SADB_EXT_IDENTITY_DST,
1932 SADB_X_IDENTTYPE_ADDR,
1933 (caddr_t)&sp->spidx.dst,
1934 sp->spidx.dst.ss_len,
1935 *(u_int64_t *)&id);
1936
1937 error = key_sendall(newmsg, len);
1938 #if IPSEC_DEBUG
1939 if (error != 0)
1940 printf("key_spdacquire: key_sendall returned %d\n", error);
1941 #endif
1942 return error;
1943 }
1944
1945 return 0;
1946 }
1947
1948 /*
1949 * SADB_SPDFLUSH processing
1950 * receive
1951 * <base>
1952 * from the user, and free all entries in secpctree.
1953 * and send,
1954 * <base>
1955 * to the user.
1956 * NOTE: what to do is only marking SADB_SASTATE_DEAD.
1957 *
1958 * IN: mhp: pointer to the pointer to each header.
1959 * OUT: other if success, return pointer to the message to send.
1960 * 0 if fail.
1961 */
1962 static struct sadb_msg *
1963 key_spdflush(mhp)
1964 caddr_t *mhp;
1965 {
1966 struct sadb_msg *msg0;
1967 struct secpolicy *sp;
1968 u_int dir;
1969
1970 /* sanity check */
1971 if (mhp == NULL || mhp[0] == NULL)
1972 panic("key_spdflush: NULL pointer is passed.\n");
1973
1974 msg0 = (struct sadb_msg *)mhp[0];
1975
1976 for (dir = 0; dir < IPSEC_DIR_MAX; dir++) {
1977 LIST_FOREACH(sp, &sptree[dir], chain) {
1978 sp->state = IPSEC_SPSTATE_DEAD;
1979 }
1980 }
1981
1982 {
1983 struct sadb_msg *newmsg;
1984 u_int len;
1985
1986 /* create new sadb_msg to reply. */
1987 len = sizeof(struct sadb_msg);
1988
1989 KMALLOC(newmsg, struct sadb_msg *, len);
1990 if (newmsg == NULL) {
1991 #if IPSEC_DEBUG
1992 printf("key_spdflush: No more memory.\n");
1993 #endif
1994 msg0->sadb_msg_errno = ENOBUFS;
1995 return NULL;
1996 }
1997 bzero((caddr_t)newmsg, len);
1998
1999 bcopy((caddr_t)mhp[0], (caddr_t)newmsg, sizeof(*msg0));
2000 newmsg->sadb_msg_errno = 0;
2001 newmsg->sadb_msg_len = PFKEY_UNIT64(len);
2002
2003 return(newmsg);
2004 }
2005 }
2006
2007 /*
2008 * SADB_SPDDUMP processing
2009 * receive
2010 * <base>
2011 * from the user, and dump all SP leaves
2012 * and send,
2013 * <base> .....
2014 * to the ikmpd.
2015 *
2016 * IN: mhp: pointer to the pointer to each header.
2017 * OUT: other if success, return pointer to the message to send.
2018 * 0 if fail.
2019 */
2020 static int
2021 key_spddump(mhp, so, target)
2022 caddr_t *mhp;
2023 struct socket *so;
2024 int target;
2025 {
2026 struct sadb_msg *msg0;
2027 struct secpolicy *sp;
2028 int cnt;
2029 u_int dir;
2030 struct mbuf *m;
2031
2032 /* sanity check */
2033 if (mhp == NULL || mhp[0] == NULL)
2034 panic("key_spddump: NULL pointer is passed.\n");
2035
2036 msg0 = (struct sadb_msg *)mhp[0];
2037
2038 /* search SPD entry and get buffer size. */
2039 cnt = 0;
2040 for (dir = 0; dir < IPSEC_DIR_MAX; dir++) {
2041 LIST_FOREACH(sp, &sptree[dir], chain) {
2042 cnt++;
2043 }
2044 }
2045
2046 if (cnt == 0)
2047 return ENOENT;
2048
2049 for (dir = 0; dir < IPSEC_DIR_MAX; dir++) {
2050 LIST_FOREACH(sp, &sptree[dir], chain) {
2051 --cnt;
2052 m = key_setdumpsp(sp, SADB_X_SPDDUMP,
2053 cnt, msg0->sadb_msg_pid);
2054
2055 if (m)
2056 key_sendup_mbuf(so, m, target);
2057 }
2058 }
2059
2060 return 0;
2061 }
2062
2063 static struct mbuf *
2064 key_setdumpsp(sp, type, seq, pid)
2065 struct secpolicy *sp;
2066 u_int8_t type;
2067 u_int32_t seq, pid;
2068 {
2069 struct mbuf *m;
2070 u_int tlen;
2071
2072 /* XXX it would be better to avoid pre-computing length */
2073 tlen = key_getspmsglen(sp);
2074
2075 /* XXX maybe it's a wrong idea to insist on cluster? */
2076 MGETHDR(m, M_DONTWAIT, MT_DATA);
2077 if (m != NULL) {
2078 MCLGET(m, M_DONTWAIT);
2079 if ((m->m_flags & M_EXT) == 0) {
2080 m_freem(m);
2081 m = NULL;
2082 }
2083 }
2084 if (m == NULL)
2085 return NULL; /*ENOBUFS*/
2086
2087 m->m_pkthdr.len = m->m_len = 0;
2088 m->m_next = NULL;
2089
2090 /* sadb_msg->sadb_msg_len must be filled afterwards */
2091 if (key_setsadbmsg_m(m, type, 0, SADB_SATYPE_UNSPEC, seq, pid,
2092 IPSEC_MODE_ANY, 0, 0, sp->refcnt) != 0) {
2093 m_freem(m);
2094 return NULL;
2095 }
2096
2097 if (key_setsadbaddr_m(m, SADB_EXT_ADDRESS_SRC,
2098 (struct sockaddr *)&sp->spidx.src, sp->spidx.prefs,
2099 sp->spidx.ul_proto) != 0) {
2100 m_freem(m);
2101 return NULL;
2102 }
2103
2104 if (key_setsadbaddr_m(m, SADB_EXT_ADDRESS_DST,
2105 (struct sockaddr *)&sp->spidx.dst, sp->spidx.prefd,
2106 sp->spidx.ul_proto) != 0) {
2107 m_freem(m);
2108 return NULL;
2109 }
2110
2111 {
2112 struct mbuf *n;
2113 struct sadb_x_policy *tmp;
2114
2115 n = key_sp2msg(sp);
2116 if (!n || n->m_len < sizeof(*tmp)) {
2117 #if IPSEC_DEBUG
2118 printf("key_setdumpsp: No more memory.\n");
2119 #endif
2120 m_freem(m);
2121 if (n)
2122 m_freem(n);
2123 return NULL;
2124 }
2125
2126 tmp = mtod(n, struct sadb_x_policy *);
2127
2128 /* validity check */
2129 if (key_getspreqmsglen(sp) != PFKEY_UNUNIT64(tmp->sadb_x_policy_len)
2130 || n->m_len != PFKEY_UNUNIT64(tmp->sadb_x_policy_len))
2131 panic("key_setdumpsp: length mismatch."
2132 "sp:%d msg:%d\n",
2133 key_getspreqmsglen(sp),
2134 PFKEY_UNUNIT64(tmp->sadb_x_policy_len));
2135
2136 m_cat(m, n);
2137 m->m_pkthdr.len += n->m_len;
2138 }
2139
2140 if (m->m_len < sizeof(struct sadb_msg)) {
2141 m = m_pullup(m, sizeof(struct sadb_msg));
2142 if (m == NULL)
2143 return NULL;
2144 }
2145 mtod(m, struct sadb_msg *)->sadb_msg_len =
2146 PFKEY_UNIT64(m->m_pkthdr.len);
2147
2148 return m;
2149 }
2150
2151 /* get sadb message length for a SP. */
2152 static u_int
2153 key_getspmsglen(sp)
2154 struct secpolicy *sp;
2155 {
2156 u_int tlen;
2157
2158 /* sanity check */
2159 if (sp == NULL)
2160 panic("key_getspmsglen: NULL pointer is passed.\n");
2161
2162 tlen = (sizeof(struct sadb_msg)
2163 + sizeof(struct sadb_address)
2164 + PFKEY_ALIGN8(_SALENBYAF(sp->spidx.src.ss_family))
2165 + sizeof(struct sadb_address)
2166 + PFKEY_ALIGN8(_SALENBYAF(sp->spidx.dst.ss_family)));
2167
2168 tlen += key_getspreqmsglen(sp);
2169
2170 return tlen;
2171 }
2172
2173 /*
2174 * get PFKEY message length for security policy and request.
2175 */
2176 static u_int
2177 key_getspreqmsglen(sp)
2178 struct secpolicy *sp;
2179 {
2180 u_int tlen;
2181
2182 tlen = sizeof(struct sadb_x_policy);
2183
2184 /* if is the policy for ipsec ? */
2185 if (sp->policy != IPSEC_POLICY_IPSEC)
2186 return tlen;
2187
2188 /* get length of ipsec requests */
2189 {
2190 struct ipsecrequest *isr;
2191 int len;
2192
2193 for (isr = sp->req; isr != NULL; isr = isr->next) {
2194 len = sizeof(struct sadb_x_ipsecrequest)
2195 + isr->saidx.src.ss_len
2196 + isr->saidx.dst.ss_len;
2197
2198 tlen += PFKEY_ALIGN8(len);
2199 }
2200 }
2201
2202 return tlen;
2203 }
2204
2205 /* %%% SAD management */
2206 /*
2207 * allocating a memory for new SA head, and copy from the values of mhp.
2208 * OUT: NULL : failure due to the lack of memory.
2209 * others : pointer to new SA head.
2210 */
2211 static struct secashead *
2212 key_newsah(saidx)
2213 struct secasindex *saidx;
2214 {
2215 struct secashead *newsah;
2216
2217 /* sanity check */
2218 if (saidx == NULL)
2219 panic("key_newsaidx: NULL pointer is passed.\n");
2220
2221 newsah = keydb_newsecashead();
2222 if (newsah == NULL)
2223 return NULL;
2224
2225 bcopy(saidx, &newsah->saidx, sizeof(newsah->saidx));
2226
2227 /* add to saidxtree */
2228 newsah->state = SADB_SASTATE_MATURE;
2229 LIST_INSERT_HEAD(&sahtree, newsah, chain);
2230
2231 return(newsah);
2232 }
2233
2234 /*
2235 * delete SA index and all SA registerd.
2236 */
2237 static void
2238 key_delsah(sah)
2239 struct secashead *sah;
2240 {
2241 struct secasvar *sav, *nextsav;
2242 u_int stateidx, state;
2243 int s;
2244 int zombie = 0;
2245
2246 /* sanity check */
2247 if (sah == NULL)
2248 panic("key_delsah: NULL pointer is passed.\n");
2249
2250 #ifdef __NetBSD__
2251 s = splsoftnet(); /*called from softclock()*/
2252 #else
2253 s = splnet(); /*called from softclock()*/
2254 #endif
2255
2256 /* searching all SA registerd in the secindex. */
2257 for (stateidx = 0;
2258 stateidx < _ARRAYLEN(saorder_state_any);
2259 stateidx++) {
2260
2261 state = saorder_state_any[stateidx];
2262 for (sav = (struct secasvar *)LIST_FIRST(&sah->savtree[state]);
2263 sav != NULL;
2264 sav = nextsav) {
2265
2266 nextsav = LIST_NEXT(sav, chain);
2267
2268 if (sav->refcnt > 0) {
2269 /* give up to delete this sa */
2270 zombie++;
2271 continue;
2272 }
2273
2274 /* sanity check */
2275 KEY_CHKSASTATE(state, sav->state, "key_delsah");
2276
2277 key_freesav(sav);
2278
2279 /* remove back pointer */
2280 sav->sah = NULL;
2281 sav = NULL;
2282 }
2283 }
2284
2285 /* don't delete sah only if there are savs. */
2286 if (zombie) {
2287 splx(s);
2288 return;
2289 }
2290
2291 if (sah->sa_route.ro_rt) {
2292 RTFREE(sah->sa_route.ro_rt);
2293 sah->sa_route.ro_rt = (struct rtentry *)NULL;
2294 }
2295
2296 /* remove from tree of SA index */
2297 if (__LIST_CHAINED(sah))
2298 LIST_REMOVE(sah, chain);
2299
2300 KFREE(sah);
2301
2302 splx(s);
2303 return;
2304 }
2305
2306 /*
2307 * allocating a new SA with LARVAL state. key_add() and key_getspi() call,
2308 * and copy the values of mhp into new buffer.
2309 * When SAD message type is GETSPI:
2310 * to set sequence number from acq_seq++,
2311 * to set zero to SPI.
2312 * not to call key_setsava().
2313 * OUT: NULL : fail
2314 * others : pointer to new secasvar.
2315 */
2316 static struct secasvar *
2317 key_newsav(mhp, sah)
2318 caddr_t *mhp;
2319 struct secashead *sah;
2320 {
2321 struct secasvar *newsav;
2322 struct sadb_msg *msg0;
2323
2324 /* sanity check */
2325 if (mhp == NULL || mhp[0] == NULL || sah == NULL)
2326 panic("key_newsa: NULL pointer is passed.\n");
2327
2328 msg0 = (struct sadb_msg *)mhp[0];
2329
2330 KMALLOC(newsav, struct secasvar *, sizeof(struct secasvar));
2331 if (newsav == NULL) {
2332 #if IPSEC_DEBUG
2333 printf("key_newsa: No more memory.\n");
2334 #endif
2335 msg0->sadb_msg_errno = ENOBUFS;
2336 return NULL;
2337 }
2338 bzero((caddr_t)newsav, sizeof(struct secasvar));
2339
2340 switch (msg0->sadb_msg_type) {
2341 case SADB_GETSPI:
2342 newsav->spi = 0;
2343
2344 #if IPSEC_DOSEQCHECK
2345 /* sync sequence number */
2346 if (msg0->sadb_msg_seq == 0)
2347 newsav->seq =
2348 (acq_seq = (acq_seq == ~0 ? 1 : ++acq_seq));
2349 else
2350 #endif
2351 newsav->seq = msg0->sadb_msg_seq;
2352 break;
2353
2354 case SADB_ADD:
2355 /* sanity check */
2356 if (mhp[SADB_EXT_SA] == NULL) {
2357 KFREE(newsav);
2358 #if IPSEC_DEBUG
2359 printf("key_newsa: invalid message is passed.\n");
2360 #endif
2361 msg0->sadb_msg_errno = EINVAL;
2362 return NULL;
2363 }
2364 newsav->spi = ((struct sadb_sa *)mhp[SADB_EXT_SA])->sadb_sa_spi;
2365 newsav->seq = msg0->sadb_msg_seq;
2366 break;
2367 default:
2368 KFREE(newsav);
2369 msg0->sadb_msg_errno = EINVAL;
2370 return NULL;
2371 }
2372
2373 /* copy sav values */
2374 if (msg0->sadb_msg_type != SADB_GETSPI && key_setsaval(newsav, mhp)) {
2375 KFREE(newsav);
2376 /* msg0->sadb_msg_errno is set at key_setsaval. */
2377 return NULL;
2378 }
2379
2380 /* reset tick */
2381 newsav->tick = 0;
2382
2383 newsav->pid = msg0->sadb_msg_pid;
2384
2385 /* add to satree */
2386 newsav->sah = sah;
2387 newsav->refcnt = 1;
2388 newsav->state = SADB_SASTATE_LARVAL;
2389 LIST_INSERT_TAIL(&sah->savtree[SADB_SASTATE_LARVAL], newsav,
2390 secasvar, chain);
2391
2392 return newsav;
2393 }
2394
2395 /*
2396 * free() SA variable entry.
2397 */
2398 static void
2399 key_delsav(sav)
2400 struct secasvar *sav;
2401 {
2402 /* sanity check */
2403 if (sav == NULL)
2404 panic("key_delsav: NULL pointer is passed.\n");
2405
2406 if (sav->refcnt > 0)
2407 return; /* can't free */
2408
2409 /* remove from SA header */
2410 if (__LIST_CHAINED(sav))
2411 LIST_REMOVE(sav, chain);
2412
2413 if (sav->key_auth != NULL)
2414 KFREE(sav->key_auth);
2415 if (sav->key_enc != NULL)
2416 KFREE(sav->key_enc);
2417 if (sav->replay != NULL)
2418 keydb_delsecreplay(sav->replay);
2419 if (sav->lft_c != NULL)
2420 KFREE(sav->lft_c);
2421 if (sav->lft_h != NULL)
2422 KFREE(sav->lft_h);
2423 if (sav->lft_s != NULL)
2424 KFREE(sav->lft_s);
2425 if (sav->iv != NULL)
2426 KFREE(sav->iv);
2427 #if notyet
2428 if (sav->misc1 != NULL)
2429 KFREE(sav->misc1);
2430 if (sav->misc2 != NULL)
2431 KFREE(sav->misc2);
2432 if (sav->misc3 != NULL)
2433 KFREE(sav->misc3);
2434 #endif
2435
2436 KFREE(sav);
2437
2438 return;
2439 }
2440
2441 /*
2442 * search SAD.
2443 * OUT:
2444 * NULL : not found
2445 * others : found, pointer to a SA.
2446 */
2447 static struct secashead *
2448 key_getsah(saidx)
2449 struct secasindex *saidx;
2450 {
2451 struct secashead *sah;
2452
2453 LIST_FOREACH(sah, &sahtree, chain) {
2454 if (sah->state == SADB_SASTATE_DEAD)
2455 continue;
2456 if (key_cmpsaidx_exactly(&sah->saidx, saidx))
2457 return(sah);
2458 }
2459
2460 return NULL;
2461 }
2462
2463 /*
2464 * check not to be duplicated SPI.
2465 * NOTE: this function is too slow due to searching all SAD.
2466 * OUT:
2467 * NULL : not found
2468 * others : found, pointer to a SA.
2469 */
2470 static struct secasvar *
2471 key_checkspidup(saidx, spi)
2472 struct secasindex *saidx;
2473 u_int32_t spi;
2474 {
2475 struct secashead *sah;
2476 struct secasvar *sav;
2477
2478 /* check address family */
2479 if (saidx->src.ss_family != saidx->dst.ss_family) {
2480 #if IPSEC_DEBUG
2481 printf("key_checkspidup: address family mismatched.\n");
2482 #endif
2483 return NULL;
2484 }
2485
2486 /* check all SAD */
2487 LIST_FOREACH(sah, &sahtree, chain) {
2488 if (!key_ismyaddr(sah->saidx.dst.ss_family,
2489 _INADDRBYSA(&sah->saidx.dst)))
2490 continue;
2491 sav = key_getsavbyspi(sah, spi);
2492 if (sav != NULL)
2493 return sav;
2494 }
2495
2496 return NULL;
2497 }
2498
2499 /*
2500 * search SAD litmited alive SA, protocol, SPI.
2501 * OUT:
2502 * NULL : not found
2503 * others : found, pointer to a SA.
2504 */
2505 static struct secasvar *
2506 key_getsavbyspi(sah, spi)
2507 struct secashead *sah;
2508 u_int32_t spi;
2509 {
2510 struct secasvar *sav;
2511 u_int stateidx, state;
2512
2513 /* search all status */
2514 for (stateidx = 0;
2515 stateidx < _ARRAYLEN(saorder_state_alive);
2516 stateidx++) {
2517
2518 state = saorder_state_alive[stateidx];
2519 LIST_FOREACH(sav, &sah->savtree[state], chain) {
2520
2521 /* sanity check */
2522 if (sav->state != state) {
2523 #if IPSEC_DEBUG
2524 printf("key_getsavbyspi: "
2525 "invalid sav->state "
2526 "(queue: %d SA: %d)\n",
2527 state, sav->state);
2528 #endif
2529 continue;
2530 }
2531
2532 if (sav->spi == spi)
2533 return sav;
2534 }
2535 }
2536
2537 return NULL;
2538 }
2539
2540 /*
2541 * copy SA values from PF_KEY message except *SPI, SEQ, PID, STATE and TYPE*.
2542 * You must update these if need.
2543 * OUT: 0: success.
2544 * 1: failure. set errno to (mhp[0])->sadb_msg_errno.
2545 */
2546 static int
2547 key_setsaval(sav, mhp)
2548 struct secasvar *sav;
2549 caddr_t *mhp;
2550 {
2551 struct sadb_msg *msg0;
2552 int error = 0;
2553
2554 /* sanity check */
2555 if (mhp == NULL || mhp[0] == NULL)
2556 panic("key_setsaval: NULL pointer is passed.\n");
2557
2558 msg0 = (struct sadb_msg *)mhp[0];
2559
2560 /* initialization */
2561 sav->replay = NULL;
2562 sav->key_auth = NULL;
2563 sav->key_enc = NULL;
2564 sav->iv = NULL;
2565 sav->lft_c = NULL;
2566 sav->lft_h = NULL;
2567 sav->lft_s = NULL;
2568 #if notyet
2569 sav->misc1 = NULL;
2570 sav->misc2 = NULL;
2571 sav->misc3 = NULL;
2572 #endif
2573
2574 /* SA */
2575 if (mhp[SADB_EXT_SA] != NULL) {
2576 struct sadb_sa *sa0 = (struct sadb_sa *)mhp[SADB_EXT_SA];
2577
2578 sav->alg_auth = sa0->sadb_sa_auth;
2579 sav->alg_enc = sa0->sadb_sa_encrypt;
2580 sav->flags = sa0->sadb_sa_flags;
2581
2582 /* replay window */
2583 if ((sa0->sadb_sa_flags & SADB_X_EXT_OLD) == 0) {
2584 sav->replay = keydb_newsecreplay(sa0->sadb_sa_replay);
2585 if (sav->replay == NULL) {
2586 #if IPSEC_DEBUG
2587 printf("key_setsaval: No more memory.\n");
2588 #endif
2589 error = ENOBUFS;
2590 goto err;
2591 }
2592 }
2593 }
2594
2595 /* Authentication keys */
2596 if (mhp[SADB_EXT_KEY_AUTH] != NULL) {
2597 struct sadb_key *key0;
2598 u_int len;
2599
2600 key0 = (struct sadb_key *)mhp[SADB_EXT_KEY_AUTH];
2601 len = PFKEY_UNUNIT64(key0->sadb_key_len);
2602
2603 error = 0;
2604 if (len < sizeof(struct sadb_key))
2605 error = EINVAL;
2606 switch (msg0->sadb_msg_satype) {
2607 case SADB_SATYPE_AH:
2608 case SADB_SATYPE_ESP:
2609 if (len == sizeof(struct sadb_key)
2610 && sav->alg_auth != SADB_AALG_NULL) {
2611 error = EINVAL;
2612 }
2613 break;
2614 case SADB_X_SATYPE_IPCOMP:
2615 error = EINVAL;
2616 break;
2617 default:
2618 error = EINVAL;
2619 break;
2620 }
2621 if (error) {
2622 #if IPSEC_DEBUG
2623 printf("key_setsaval: invalid key_auth values.\n");
2624 #endif
2625 goto err;
2626 }
2627
2628 sav->key_auth = (struct sadb_key *)key_newbuf(key0, len);
2629 if (sav->key_auth == NULL) {
2630 #if IPSEC_DEBUG
2631 printf("key_setsaval: No more memory.\n");
2632 #endif
2633 error = ENOBUFS;
2634 goto err;
2635 }
2636
2637 /* make length shift up for kernel*/
2638 sav->key_auth->sadb_key_len = len;
2639 }
2640
2641 /* Encryption key */
2642 if (mhp[SADB_EXT_KEY_ENCRYPT] != NULL) {
2643 struct sadb_key *key0;
2644 u_int len;
2645
2646 key0 = (struct sadb_key *)mhp[SADB_EXT_KEY_ENCRYPT];
2647 len = PFKEY_UNUNIT64(key0->sadb_key_len);
2648
2649 error = 0;
2650 if (len < sizeof(struct sadb_key))
2651 error = EINVAL;
2652 switch (msg0->sadb_msg_satype) {
2653 case SADB_SATYPE_ESP:
2654 if (len == sizeof(struct sadb_key)
2655 && sav->alg_enc != SADB_EALG_NULL) {
2656 error = EINVAL;
2657 }
2658 break;
2659 case SADB_SATYPE_AH:
2660 error = EINVAL;
2661 break;
2662 case SADB_X_SATYPE_IPCOMP:
2663 break;
2664 default:
2665 error = EINVAL;
2666 break;
2667 }
2668 if (error) {
2669 #if IPSEC_DEBUG
2670 printf("key_setsatval: invalid key_enc value.\n");
2671 #endif
2672 goto err;
2673 }
2674
2675 sav->key_enc = (struct sadb_key *)key_newbuf(key0, len);
2676 if (sav->key_enc == NULL) {
2677 #if IPSEC_DEBUG
2678 printf("key_setsaval: No more memory.\n");
2679 #endif
2680 error = ENOBUFS;
2681 goto err;
2682 }
2683
2684 /* make length shift up for kernel*/
2685 sav->key_enc->sadb_key_len = len;
2686 }
2687
2688 /* set iv */
2689 sav->ivlen = 0;
2690
2691 switch (msg0->sadb_msg_satype) {
2692 case SADB_SATYPE_ESP:
2693 #if IPSEC_ESP
2694 {
2695 struct esp_algorithm *algo;
2696
2697 algo = &esp_algorithms[sav->alg_enc];
2698 if (algo && algo->ivlen)
2699 sav->ivlen = (*algo->ivlen)(sav);
2700 KMALLOC(sav->iv, caddr_t, sav->ivlen);
2701 if (sav->iv == 0) {
2702 #if IPSEC_DEBUG
2703 printf("key_setsaval: No more memory.\n");
2704 #endif
2705 error = ENOBUFS;
2706 goto err;
2707 }
2708 /* initialize ? */
2709 break;
2710 }
2711 #else
2712 break;
2713 #endif
2714 case SADB_SATYPE_AH:
2715 #if 1 /*nonstandard*/
2716 case SADB_X_SATYPE_IPCOMP:
2717 #endif
2718 break;
2719 default:
2720 #if IPSEC_DEBUG
2721 printf("key_setsaval: invalid SA type.\n");
2722 #endif
2723 error = EINVAL;
2724 goto err;
2725 }
2726
2727 /* reset tick */
2728 sav->tick = 0;
2729
2730 /* make lifetime for CURRENT */
2731 {
2732 struct timeval tv;
2733
2734 KMALLOC(sav->lft_c, struct sadb_lifetime *,
2735 sizeof(struct sadb_lifetime));
2736 if (sav->lft_c == NULL) {
2737 #if IPSEC_DEBUG
2738 printf("key_setsaval: No more memory.\n");
2739 #endif
2740 error = ENOBUFS;
2741 goto err;
2742 }
2743
2744 microtime(&tv);
2745
2746 sav->lft_c->sadb_lifetime_len =
2747 PFKEY_UNIT64(sizeof(struct sadb_lifetime));
2748 sav->lft_c->sadb_lifetime_exttype = SADB_EXT_LIFETIME_CURRENT;
2749 sav->lft_c->sadb_lifetime_allocations = 0;
2750 sav->lft_c->sadb_lifetime_bytes = 0;
2751 sav->lft_c->sadb_lifetime_addtime = tv.tv_sec;
2752 sav->lft_c->sadb_lifetime_usetime = 0;
2753 }
2754
2755 /* lifetimes for HARD and SOFT */
2756 {
2757 struct sadb_lifetime *lft0;
2758
2759 lft0 = (struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_HARD];
2760 if (lft0 != NULL) {
2761 sav->lft_h = (struct sadb_lifetime *)key_newbuf(lft0,
2762 sizeof(*lft0));
2763 if (sav->lft_h == NULL) {
2764 #if IPSEC_DEBUG
2765 printf("key_setsaval: No more memory.\n");
2766 #endif
2767 error = ENOBUFS;
2768 goto err;
2769 }
2770 /* to be initialize ? */
2771 }
2772
2773 lft0 = (struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_SOFT];
2774 if (lft0 != NULL) {
2775 sav->lft_s = (struct sadb_lifetime *)key_newbuf(lft0,
2776 sizeof(*lft0));
2777 if (sav->lft_s == NULL) {
2778 #if IPSEC_DEBUG
2779 printf("key_setsaval: No more memory.\n");
2780 #endif
2781 error = ENOBUFS;
2782 goto err;
2783 }
2784 /* to be initialize ? */
2785 }
2786 }
2787
2788 #if notyet
2789 /* pre-processing for DES */
2790 switch (sav->alg_enc) {
2791 case SADB_EALG_DESCBC:
2792 if (des_key_sched((C_Block *)_KEYBUF(sav->key_enc),
2793 (des_key_schedule)sav->misc1) != 0) {
2794 #if IPSEC_DEBUG
2795 printf("key_setsaval: error des_key_sched.\n");
2796 #endif
2797 sav->misc1 = NULL;
2798 /* THROUGH */
2799 }
2800 break;
2801 case SADB_EALG_3DESCBC:
2802 if (des_key_sched((C_Block *)_KEYBUF(sav->key_enc),
2803 (des_key_schedule)sav->misc1) != 0
2804 || des_key_sched((C_Block *)(_KEYBUF(sav->key_enc) + 8),
2805 (des_key_schedule)sav->misc2) != 0
2806 || des_key_sched((C_Block *)(_KEYBUF(sav->key_enc) + 16),
2807 (des_key_schedule)sav->misc3) != 0) {
2808 #if IPSEC_DEBUG
2809 printf("key_setsaval: error des_key_sched.\n");
2810 #endif
2811 sav->misc1 = NULL;
2812 sav->misc2 = NULL;
2813 sav->misc3 = NULL;
2814 /* THROUGH */
2815 }
2816 }
2817 #endif
2818
2819 msg0->sadb_msg_errno = 0;
2820 return 0;
2821
2822 err:
2823 /* initialization */
2824 if (sav->replay != NULL)
2825 keydb_delsecreplay(sav->replay);
2826 if (sav->key_auth != NULL)
2827 KFREE(sav->key_auth);
2828 if (sav->key_enc != NULL)
2829 KFREE(sav->key_enc);
2830 if (sav->iv != NULL)
2831 KFREE(sav->iv);
2832 if (sav->lft_c != NULL)
2833 KFREE(sav->lft_c);
2834 if (sav->lft_h != NULL)
2835 KFREE(sav->lft_h);
2836 if (sav->lft_s != NULL)
2837 KFREE(sav->lft_s);
2838 #if notyet
2839 if (sav->misc1 != NULL)
2840 KFREE(sav->misc1);
2841 if (sav->misc2 != NULL)
2842 KFREE(sav->misc2);
2843 if (sav->misc3 != NULL)
2844 KFREE(sav->misc3);
2845 #endif
2846
2847 msg0->sadb_msg_errno = error;
2848 return 1;
2849 }
2850
2851 /*
2852 * get message buffer length.
2853 */
2854 static u_int
2855 key_getmsglen(sav)
2856 struct secasvar *sav;
2857 {
2858 int len = sizeof(struct sadb_msg);
2859
2860 len += sizeof(struct sadb_sa);
2861 len += (sizeof(struct sadb_address)
2862 + PFKEY_ALIGN8(_SALENBYAF(sav->sah->saidx.src.ss_family)));
2863 len += (sizeof(struct sadb_address)
2864 + PFKEY_ALIGN8(_SALENBYAF(sav->sah->saidx.dst.ss_family)));
2865
2866 if (sav->key_auth != NULL)
2867 len += sav->key_auth->sadb_key_len;
2868 if (sav->key_enc != NULL)
2869 len += sav->key_enc->sadb_key_len;
2870
2871 if (sav->lft_c != NULL)
2872 len += sizeof(struct sadb_lifetime);
2873 if (sav->lft_h != NULL)
2874 len += sizeof(struct sadb_lifetime);
2875 if (sav->lft_s != NULL)
2876 len += sizeof(struct sadb_lifetime);
2877
2878 return len;
2879 }
2880
2881 /*
2882 * validation with a secasvar entry, and set SADB_SATYPE_MATURE.
2883 * OUT: 0: valid
2884 * other: errno
2885 */
2886 static int
2887 key_mature(sav)
2888 struct secasvar *sav;
2889 {
2890 int mature;
2891 int checkmask = 0; /* 2^0: ealg 2^1: aalg 2^2: calg */
2892 int mustmask = 0; /* 2^0: ealg 2^1: aalg 2^2: calg */
2893
2894 mature = 0;
2895
2896 /* check SPI value */
2897 if (ntohl(sav->spi) >= 0 && ntohl(sav->spi) <= 255) {
2898 #if IPSEC_DEBUG
2899 printf("key_mature: illegal range of SPI %d.\n", sav->spi);
2900 #endif
2901 return EINVAL;
2902 }
2903
2904 /* check satype */
2905 switch (sav->sah->saidx.proto) {
2906 case IPPROTO_ESP:
2907 /* check flags */
2908 if ((sav->flags & SADB_X_EXT_OLD)
2909 && (sav->flags & SADB_X_EXT_DERIV)) {
2910 #if IPSEC_DEBUG
2911 printf("key_mature: "
2912 "invalid flag (derived) given to old-esp.\n");
2913 #endif
2914 return EINVAL;
2915 }
2916 checkmask = 3;
2917 mustmask = 1;
2918 break;
2919 case IPPROTO_AH:
2920 /* check flags */
2921 if (sav->flags & SADB_X_EXT_DERIV) {
2922 #if IPSEC_DEBUG
2923 printf("key_mature: "
2924 "invalid flag (derived) given to AH SA.\n");
2925 #endif
2926 return EINVAL;
2927 }
2928 if (sav->alg_enc != SADB_EALG_NONE) {
2929 #if IPSEC_DEBUG
2930 printf("key_mature: "
2931 "protocol and algorithm mismated.\n");
2932 #endif
2933 return(EINVAL);
2934 }
2935 checkmask = 2;
2936 mustmask = 2;
2937 break;
2938 #if 1 /*nonstandard*/
2939 case IPPROTO_IPCOMP:
2940 if (sav->alg_auth != SADB_AALG_NONE) {
2941 #if IPSEC_DEBUG
2942 printf("key_mature: "
2943 "protocol and algorithm mismated.\n");
2944 #endif
2945 return(EINVAL);
2946 }
2947 if ((sav->flags & SADB_X_EXT_RAWCPI) == 0
2948 && ntohl(sav->spi) >= 0x10000) {
2949 #if IPSEC_DEBUG
2950 printf("key_mature: invalid cpi for IPComp.\n");
2951 #endif
2952 return(EINVAL);
2953 }
2954 checkmask = 4;
2955 mustmask = 4;
2956 break;
2957 #endif
2958 default:
2959 #if IPSEC_DEBUG
2960 printf("key_mature: Invalid satype.\n");
2961 #endif
2962 return EPROTONOSUPPORT;
2963 }
2964
2965 /* check authentication algorithm */
2966 if ((checkmask & 2) != 0) {
2967 struct ah_algorithm *algo;
2968 int keylen;
2969
2970 /* XXX: should use algorithm map to check. */
2971 switch (sav->alg_auth) {
2972 case SADB_AALG_NONE:
2973 case SADB_AALG_MD5HMAC:
2974 case SADB_AALG_SHA1HMAC:
2975 case SADB_AALG_MD5:
2976 case SADB_AALG_SHA:
2977 case SADB_AALG_NULL:
2978 break;
2979 default:
2980 #if IPSEC_DEBUG
2981 printf("key_mature: "
2982 "unknown authentication algorithm.\n");
2983 #endif
2984 return EINVAL;
2985 }
2986
2987 /* algorithm-dependent check */
2988 algo = &ah_algorithms[sav->alg_auth];
2989
2990 if (sav->key_auth)
2991 keylen = sav->key_auth->sadb_key_bits;
2992 else
2993 keylen = 0;
2994 if (keylen < algo->keymin || algo->keymax < keylen) {
2995 #if IPSEC_DEBUG
2996 printf("key_mature: invalid AH key length %d "
2997 "(%d-%d allowed)\n", keylen,
2998 algo->keymin, algo->keymax);
2999 #endif
3000 return EINVAL;
3001 }
3002
3003 if (algo->mature) {
3004 if ((*algo->mature)(sav)) {
3005 /* message generated in per-algorithm function*/
3006 return EINVAL;
3007 } else
3008 mature = SADB_SATYPE_AH;
3009 }
3010
3011 if ((mustmask & 2) != 0 && mature != SADB_SATYPE_AH) {
3012 #if IPSEC_DEBUG
3013 printf("key_mature: no satisfy algorithm for AH\n");
3014 #endif
3015 return EINVAL;
3016 }
3017 }
3018
3019 /* check encryption algorithm */
3020 if ((checkmask & 1) != 0) {
3021 #if IPSEC_ESP
3022 struct esp_algorithm *algo;
3023 int keylen;
3024
3025 switch (sav->alg_enc) {
3026 case SADB_EALG_NONE:
3027 case SADB_EALG_DESCBC:
3028 case SADB_EALG_3DESCBC:
3029 case SADB_EALG_NULL:
3030 case SADB_EALG_BLOWFISHCBC:
3031 case SADB_EALG_CAST128CBC:
3032 case SADB_EALG_RC5CBC:
3033 break;
3034 default:
3035 #if IPSEC_DEBUG
3036 printf("key_mature: unknown encryption algorithm.\n");
3037 #endif
3038 return EINVAL;
3039 }
3040
3041 /* algorithm-dependent check */
3042 algo = &esp_algorithms[sav->alg_enc];
3043
3044 if (sav->key_enc)
3045 keylen = sav->key_enc->sadb_key_bits;
3046 else
3047 keylen = 0;
3048 if (keylen < algo->keymin || algo->keymax < keylen) {
3049 #if IPSEC_DEBUG
3050 printf("key_mature: invalid ESP key length %d "
3051 "(%d-%d allowed)\n", keylen,
3052 algo->keymin, algo->keymax);
3053 #endif
3054 return EINVAL;
3055 }
3056
3057 if (algo->mature) {
3058 if ((*algo->mature)(sav)) {
3059 /* message generated in per-algorithm function*/
3060 return EINVAL;
3061 } else
3062 mature = SADB_SATYPE_ESP;
3063 }
3064
3065 if ((mustmask & 1) != 0 && mature != SADB_SATYPE_ESP) {
3066 #if IPSEC_DEBUG
3067 printf("key_mature: no satisfy algorithm for ESP\n");
3068 #endif
3069 return EINVAL;
3070 }
3071 #else /*IPSEC_ESP*/
3072 #if IPSEC_DEBUG
3073 printf("key_mature: ESP not supported in this configuration\n");
3074 #endif
3075 return EINVAL;
3076 #endif
3077 }
3078
3079 /* check compression algorithm */
3080 if ((checkmask & 4) != 0) {
3081 struct ipcomp_algorithm *algo;
3082
3083 switch (sav->alg_enc) {
3084 case SADB_X_CALG_NONE:
3085 case SADB_X_CALG_OUI:
3086 case SADB_X_CALG_DEFLATE:
3087 case SADB_X_CALG_LZS:
3088 break;
3089 default:
3090 #if IPSEC_DEBUG
3091 printf("key_mature: unknown compression algorithm.\n");
3092 #endif
3093 return EINVAL;
3094 }
3095
3096 /* algorithm-dependent check */
3097 algo = &ipcomp_algorithms[sav->alg_enc];
3098
3099 if (!(algo->compress && algo->decompress)) {
3100 #if IPSEC_DEBUG
3101 printf("key_mature: "
3102 "unsupported compression algorithm.\n");
3103 #endif
3104 return EINVAL;
3105 }
3106 }
3107
3108 key_sa_chgstate(sav, SADB_SASTATE_MATURE);
3109
3110 return 0;
3111 }
3112
3113 /*
3114 * subroutine for SADB_GET and SADB_DUMP.
3115 * the buf must be allocated sufficent space.
3116 */
3117 static u_int
3118 key_setdumpsa(newmsg, sav, type, satype, seq, pid)
3119 struct sadb_msg *newmsg;
3120 struct secasvar *sav;
3121 u_int8_t type, satype;
3122 u_int32_t seq, pid;
3123 {
3124 u_int tlen;
3125 caddr_t p;
3126 int i;
3127
3128 tlen = key_getmsglen(sav);
3129
3130 p = key_setsadbmsg((caddr_t)newmsg, type, tlen,
3131 satype, seq, pid,
3132 sav->sah->saidx.mode, sav->sah->saidx.reqid,
3133 0, sav->refcnt);
3134
3135 for (i = 1; i <= SADB_EXT_MAX; i++) {
3136 switch (i) {
3137 case SADB_EXT_SA:
3138 p = key_setsadbsa(p, sav);
3139 break;
3140
3141 case SADB_EXT_ADDRESS_SRC:
3142 p = key_setsadbaddr(p,
3143 SADB_EXT_ADDRESS_SRC,
3144 (struct sockaddr *)&sav->sah->saidx.src,
3145 _INALENBYAF(sav->sah->saidx.src.ss_family) << 3,
3146 IPSEC_ULPROTO_ANY);
3147 break;
3148
3149 case SADB_EXT_ADDRESS_DST:
3150 p = key_setsadbaddr(p,
3151 SADB_EXT_ADDRESS_DST,
3152 (struct sockaddr *)&sav->sah->saidx.dst,
3153 _INALENBYAF(sav->sah->saidx.dst.ss_family) << 3,
3154 IPSEC_ULPROTO_ANY);
3155 break;
3156
3157 case SADB_EXT_KEY_AUTH:
3158 {
3159 u_int len;
3160 if (sav->key_auth == NULL) break;
3161 len = sav->key_auth->sadb_key_len; /* real length */
3162 bcopy((caddr_t)sav->key_auth, p, len);
3163 ((struct sadb_ext *)p)->sadb_ext_len = PFKEY_UNIT64(len);
3164 p += len;
3165 }
3166 break;
3167
3168 case SADB_EXT_KEY_ENCRYPT:
3169 {
3170 u_int len;
3171 if (sav->key_enc == NULL) break;
3172 len = sav->key_enc->sadb_key_len; /* real length */
3173 bcopy((caddr_t)sav->key_enc, p, len);
3174 ((struct sadb_ext *)p)->sadb_ext_len = PFKEY_UNIT64(len);
3175 p += len;
3176 }
3177 break;;
3178
3179 case SADB_EXT_LIFETIME_CURRENT:
3180 if (sav->lft_c == NULL) break;
3181 p = key_setsadbext(p, (caddr_t)sav->lft_c);
3182 break;
3183
3184 case SADB_EXT_LIFETIME_HARD:
3185 if (sav->lft_h == NULL) break;
3186 p = key_setsadbext(p, (caddr_t)sav->lft_h);
3187 break;
3188
3189 case SADB_EXT_LIFETIME_SOFT:
3190 if (sav->lft_s == NULL) break;
3191 p = key_setsadbext(p, (caddr_t)sav->lft_s);
3192 break;
3193
3194 case SADB_EXT_IDENTITY_SRC:
3195 case SADB_EXT_IDENTITY_DST:
3196 /* XXX: should we brought from SPD ? */
3197 case SADB_EXT_SENSITIVITY:
3198 default:
3199 break;
3200 }
3201 }
3202
3203 return tlen;
3204 }
3205
3206 #if 1
3207 static int
3208 key_setsadbmsg_m(m, type, tlen, satype, seq, pid, mode, reqid,
3209 reserved1, reserved2)
3210 struct mbuf *m;
3211 u_int8_t type, satype;
3212 u_int16_t tlen;
3213 u_int32_t seq;
3214 pid_t pid;
3215 u_int8_t mode;
3216 u_int32_t reqid;
3217 u_int8_t reserved1;
3218 u_int32_t reserved2;
3219 {
3220 caddr_t p;
3221 const size_t len = sizeof(struct sadb_msg);
3222
3223 p = key_appendmbuf(m, len);
3224 if (p == NULL)
3225 return ENOBUFS;
3226
3227 if (key_setsadbmsg(p, type, tlen, satype, seq, pid, mode, reqid,
3228 reserved1, reserved2))
3229 return 0;
3230 else
3231 return EINVAL;
3232 }
3233 #endif
3234
3235 /*
3236 * set data into sadb_msg.
3237 * `buf' must has been allocated sufficiently.
3238 */
3239 static caddr_t
3240 key_setsadbmsg(buf, type, tlen, satype, seq, pid, mode, reqid,
3241 reserved1, reserved2)
3242 caddr_t buf;
3243 u_int8_t type, satype;
3244 u_int16_t tlen;
3245 u_int32_t seq;
3246 pid_t pid;
3247 u_int8_t mode;
3248 u_int32_t reqid;
3249 u_int8_t reserved1;
3250 u_int32_t reserved2;
3251 {
3252 struct sadb_msg *p;
3253 u_int len;
3254
3255 p = (struct sadb_msg *)buf;
3256 len = sizeof(struct sadb_msg);
3257
3258 bzero(p, len);
3259 p->sadb_msg_version = PF_KEY_V2;
3260 p->sadb_msg_type = type;
3261 p->sadb_msg_errno = 0;
3262 p->sadb_msg_satype = satype;
3263 p->sadb_msg_len = PFKEY_UNIT64(tlen);
3264 p->sadb_msg_mode = mode;
3265 p->sadb_msg_reserved1 = reserved1;
3266 p->sadb_msg_seq = seq;
3267 p->sadb_msg_pid = (u_int32_t)pid;
3268 p->sadb_msg_reqid = reqid;
3269 p->sadb_msg_reserved2 = reserved2;
3270
3271 return(buf + len);
3272 }
3273
3274 /*
3275 * copy secasvar data into sadb_address.
3276 * `buf' must has been allocated sufficiently.
3277 */
3278 static caddr_t
3279 key_setsadbsa(buf, sav)
3280 caddr_t buf;
3281 struct secasvar *sav;
3282 {
3283 struct sadb_sa *p;
3284 u_int len;
3285
3286 p = (struct sadb_sa *)buf;
3287 len = sizeof(struct sadb_sa);
3288
3289 bzero(p, len);
3290 p->sadb_sa_len = PFKEY_UNIT64(len);
3291 p->sadb_sa_exttype = SADB_EXT_SA;
3292 p->sadb_sa_spi = sav->spi;
3293 p->sadb_sa_replay = (sav->replay != NULL ? sav->replay->wsize : 0);
3294 p->sadb_sa_state = sav->state;
3295 p->sadb_sa_auth = sav->alg_auth;
3296 p->sadb_sa_encrypt = sav->alg_enc;
3297 p->sadb_sa_flags = sav->flags;
3298
3299 return(buf + len);
3300 }
3301
3302 #if 1
3303 static int
3304 key_setsadbaddr_m(m, exttype, saddr, prefixlen, ul_proto)
3305 struct mbuf *m;
3306 u_int16_t exttype;
3307 struct sockaddr *saddr;
3308 u_int8_t prefixlen;
3309 u_int16_t ul_proto;
3310 {
3311 caddr_t p;
3312 const size_t len =
3313 sizeof(struct sadb_address) + PFKEY_ALIGN8(saddr->sa_len);
3314
3315 p = key_appendmbuf(m, len);
3316 if (p == NULL)
3317 return ENOBUFS;
3318
3319 if (key_setsadbaddr(p, exttype, saddr, prefixlen, ul_proto))
3320 return 0;
3321 else
3322 return EINVAL;
3323 }
3324 #endif
3325
3326 /*
3327 * set data into sadb_address.
3328 * `buf' must has been allocated sufficiently.
3329 */
3330 static caddr_t
3331 key_setsadbaddr(buf, exttype, saddr, prefixlen, ul_proto)
3332 caddr_t buf;
3333 u_int16_t exttype;
3334 struct sockaddr *saddr;
3335 u_int8_t prefixlen;
3336 u_int16_t ul_proto;
3337 {
3338 struct sadb_address *p;
3339 size_t len;
3340
3341 p = (struct sadb_address *)buf;
3342 len = sizeof(struct sadb_address) + PFKEY_ALIGN8(saddr->sa_len);
3343
3344 bzero(p, len);
3345 p->sadb_address_len = PFKEY_UNIT64(len);
3346 p->sadb_address_exttype = exttype;
3347 p->sadb_address_proto = ul_proto;
3348 p->sadb_address_prefixlen = prefixlen;
3349 p->sadb_address_reserved = 0;
3350
3351 bcopy(saddr, p + 1, saddr->sa_len);
3352
3353 return(buf + len);
3354 }
3355
3356 /*
3357 * set data into sadb_ident.
3358 * `buf' must has been allocated sufficiently.
3359 */
3360 static caddr_t
3361 key_setsadbident(buf, exttype, idtype, string, stringlen, id)
3362 caddr_t buf;
3363 u_int16_t exttype, idtype;
3364 caddr_t string;
3365 int stringlen;
3366 u_int64_t id;
3367 {
3368 struct sadb_ident *p;
3369 u_int len;
3370
3371 p = (struct sadb_ident *)buf;
3372 len = sizeof(struct sadb_ident) + PFKEY_ALIGN8(stringlen);
3373
3374 bzero(p, len);
3375 p->sadb_ident_len = PFKEY_UNIT64(len);
3376 p->sadb_ident_exttype = exttype;
3377 p->sadb_ident_type = idtype;
3378 p->sadb_ident_reserved = 0;
3379 p->sadb_ident_id = id;
3380
3381 bcopy(string, p + 1, stringlen);
3382
3383 return(buf + len);
3384 }
3385
3386 /*
3387 * set data into sadb_x_policy
3388 * `buf' must has been allocated sufficiently.
3389 */
3390 static caddr_t
3391 key_setsadbxpolicy(buf, type, dir, id)
3392 caddr_t buf;
3393 u_int16_t type;
3394 u_int8_t dir;
3395 u_int32_t id;
3396 {
3397 struct sadb_x_policy *p;
3398 u_int len;
3399
3400 p = (struct sadb_x_policy *)buf;
3401 len = sizeof(struct sadb_x_policy);
3402
3403 bzero(p, len);
3404 p->sadb_x_policy_len = PFKEY_UNIT64(len);
3405 p->sadb_x_policy_exttype = SADB_X_EXT_POLICY;
3406 p->sadb_x_policy_type = type;
3407 p->sadb_x_policy_dir = dir;
3408 p->sadb_x_policy_id = id;
3409
3410 return(buf + len);
3411 }
3412
3413 /*
3414 * copy buffer of any sadb extension type into sadb_ext.
3415 * assume that sadb_ext_len shifted down >> 3.
3416 * i.e. shift length up when setting length of extension.
3417 */
3418 static caddr_t
3419 key_setsadbext(p, ext)
3420 caddr_t p, ext;
3421 {
3422 u_int len;
3423
3424 len = PFKEY_UNUNIT64(((struct sadb_ext *)ext)->sadb_ext_len);
3425
3426 bcopy(ext, p, len);
3427
3428 return(p + len);
3429 }
3430
3431 /* %%% utilities */
3432 /*
3433 * copy a buffer into the new buffer allocated.
3434 */
3435 static void *
3436 key_newbuf(src, len)
3437 void *src;
3438 u_int len;
3439 {
3440 caddr_t new;
3441
3442 KMALLOC(new, caddr_t, len);
3443 if (new == NULL) {
3444 #if IPSEC_DEBUG
3445 printf("key_newbuf: No more memory.\n");
3446 #endif
3447 return NULL;
3448 }
3449 bcopy((caddr_t)src, new, len);
3450
3451 return new;
3452 }
3453
3454 /* compare my own address
3455 * OUT: 1: true, i.e. my address.
3456 * 0: false
3457 */
3458 int
3459 key_ismyaddr(family, addr)
3460 u_int family;
3461 caddr_t addr;
3462 {
3463 /* sanity check */
3464 if (addr == NULL)
3465 panic("key_ismyaddr: NULL pointer is passed.\n");
3466
3467 switch (family) {
3468 case AF_INET:
3469 {
3470 struct in_ifaddr *ia;
3471
3472 #ifdef __NetBSD__
3473 for (ia = in_ifaddr.tqh_first; ia; ia = ia->ia_list.tqe_next)
3474 #elif defined(__FreeBSD__) && __FreeBSD__ >= 3 || defined (__APPLE__)
3475 for (ia = in_ifaddrhead.tqh_first; ia;
3476 ia = ia->ia_link.tqe_next)
3477 #else
3478 for (ia = in_ifaddr; ia; ia = ia->ia_next)
3479 #endif
3480 if (bcmp(addr,
3481 (caddr_t)&ia->ia_addr.sin_addr,
3482 _INALENBYAF(family)) == 0)
3483 return 1;
3484 }
3485 break;
3486 #if INET6
3487 case AF_INET6:
3488 return key_ismyaddr6(addr);
3489 #endif
3490 }
3491
3492 return 0;
3493 }
3494
3495 #if INET6
3496 /*
3497 * compare my own address for IPv6.
3498 * 1: ours
3499 * 0: other
3500 * NOTE: derived ip6_input() in KAME. This is necessary to modify more.
3501 */
3502 #include <netinet6/in6_var.h>
3503
3504 static int
3505 key_ismyaddr6(addr)
3506 caddr_t addr;
3507 {
3508 struct in6_addr *a = (struct in6_addr *)addr;
3509 struct in6_ifaddr *ia;
3510
3511 for (ia = in6_ifaddr; ia; ia = ia->ia_next) {
3512 if (bcmp(addr, (caddr_t)&ia->ia_addr.sin6_addr,
3513 _INALENBYAF(AF_INET6)) == 0) {
3514 return 1;
3515 }
3516
3517 /* XXX Multicast */
3518 {
3519 struct in6_multi *in6m = 0;
3520
3521 #if defined(__FreeBSD__) && __FreeBSD__ >= 3 || defined (__APPLE__)
3522 IN6_LOOKUP_MULTI(*(struct in6_addr *)addr, ia->ia_ifp, in6m);
3523 #else
3524 for ((in6m) = ia->ia6_multiaddrs.lh_first;
3525 (in6m) != NULL &&
3526 !IN6_ARE_ADDR_EQUAL(&(in6m)->in6m_addr, a);
3527 (in6m) = in6m->in6m_entry.le_next)
3528 continue;
3529 #endif
3530 if (in6m)
3531 return 1;
3532 }
3533 }
3534
3535 /* loopback, just for safety */
3536 if (IN6_IS_ADDR_LOOPBACK(a))
3537 return 1;
3538
3539 #if 0
3540 /* FAITH */
3541 if (ip6_keepfaith &&
3542 (a->s6_addr32[0] == ip6_faith_prefix.s6_addr32[0] &&
3543 a->s6_addr32[1] == ip6_faith_prefix.s6_addr32[1] &&
3544 a->s6_addr32[2] == ip6_faith_prefix.s6_addr32[2]))
3545 return 1;
3546 #endif
3547
3548 /* XXX anycast */
3549
3550 return 0;
3551 }
3552 #endif /*INET6*/
3553
3554 #if 0
3555 /* checking address is whether loopback or not.
3556 * OUT: 1: true
3557 * 0: false
3558 */
3559 static int
3560 key_isloopback(family, addr)
3561 u_int family;
3562 caddr_t addr;
3563 {
3564 switch (family) {
3565 case PF_INET:
3566 if (((caddr_t)addr)[0] == IN_LOOPBACKNET)
3567 return 1;
3568 break;
3569 #if INET6
3570 case PF_INET6:
3571 if (IN6_IS_ADDR_LOOPBACK((struct in6_addr *)addr))
3572 return 1;
3573 break;
3574 #endif /* INET6 */
3575 default:
3576 #if IPSEC_DEBUG
3577 printf("key_isloopback: unknown address family=%d.\n", family);
3578 #endif
3579 return 0;
3580 }
3581
3582 return 0;
3583 }
3584 #endif
3585
3586 /*
3587 * compare two secasindex structure exactly.
3588 * IN:
3589 * saidx0: source, it can be in SAD.
3590 * saidx1: object.
3591 * OUT:
3592 * 1 : equal
3593 * 0 : not equal
3594 */
3595 static int
3596 key_cmpsaidx_exactly(saidx0, saidx1)
3597 struct secasindex *saidx0, *saidx1;
3598 {
3599 /* sanity */
3600 if (saidx0 == NULL && saidx1 == NULL)
3601 return 1;
3602
3603 if (saidx0 == NULL || saidx1 == NULL)
3604 return 0;
3605
3606 if (saidx0->proto != saidx1->proto
3607 || saidx0->mode != saidx1->mode
3608 || saidx0->reqid != saidx1->reqid)
3609 return 0;
3610
3611 if (bcmp(&saidx0->src, &saidx1->src, saidx0->src.ss_len) != 0
3612 || bcmp(&saidx0->dst, &saidx1->dst, saidx0->dst.ss_len) != 0)
3613 return 0;
3614
3615 return 1;
3616 }
3617
3618 /*
3619 * compare two secasindex structure with consideration mode.
3620 * don't compare port.
3621 * IN:
3622 * saidx0: source, it is often in SAD.
3623 * saidx1: object, it is often from SPD.
3624 * OUT:
3625 * 1 : equal
3626 * 0 : not equal
3627 */
3628 static int
3629 key_cmpsaidx_withmode(saidx0, saidx1)
3630 struct secasindex *saidx0, *saidx1;
3631 {
3632 /* sanity */
3633 if (saidx0 == NULL && saidx1 == NULL)
3634 return 1;
3635
3636 if (saidx0 == NULL || saidx1 == NULL)
3637 return 0;
3638
3639 if (saidx0->proto != saidx1->proto
3640 || saidx0->src.ss_family != saidx1->src.ss_family
3641 || saidx0->dst.ss_family != saidx1->dst.ss_family)
3642 return 0;
3643
3644 /*
3645 * If reqid of SPD is non-zero, unique SA is required.
3646 * The result must be of same reqid in this case.
3647 */
3648 if (saidx1->reqid != 0
3649 && saidx0->reqid != saidx1->reqid)
3650 return 0;
3651
3652 if (saidx0->mode != IPSEC_MODE_ANY
3653 && saidx0->mode != saidx1->mode)
3654 return 0;
3655
3656 {
3657 int sa_len = _INALENBYAF(saidx0->src.ss_family);
3658
3659 if (bcmp(_INADDRBYSA(&saidx0->src), _INADDRBYSA(&saidx1->src), sa_len)
3660 || bcmp(_INADDRBYSA(&saidx0->dst), _INADDRBYSA(&saidx1->dst), sa_len))
3661 return 0;
3662 }
3663
3664 return 1;
3665 }
3666
3667 /*
3668 * compare two secindex structure exactly.
3669 * IN:
3670 * spidx0: source, it is often in SPD.
3671 * spidx1: object, it is often from PFKEY message.
3672 * OUT:
3673 * 1 : equal
3674 * 0 : not equal
3675 */
3676 static int
3677 key_cmpspidx_exactly(spidx0, spidx1)
3678 struct secpolicyindex *spidx0, *spidx1;
3679 {
3680 /* sanity */
3681 if (spidx0 == NULL && spidx1 == NULL)
3682 return 1;
3683
3684 if (spidx0 == NULL || spidx1 == NULL)
3685 return 0;
3686
3687 if (spidx0->prefs != spidx1->prefs
3688 || spidx0->prefd != spidx1->prefd
3689 || spidx0->ul_proto != spidx1->ul_proto)
3690 return 0;
3691
3692 if (bcmp(&spidx0->src, &spidx1->src, spidx0->src.ss_len) != 0
3693 || bcmp(&spidx0->dst, &spidx1->dst, spidx0->dst.ss_len) != 0)
3694 return 0;
3695
3696 return 1;
3697 }
3698
3699 /*
3700 * compare two secindex structure with mask.
3701 * IN:
3702 * spidx0: source, it is often in SPD.
3703 * spidx1: object, it is often from IP header.
3704 * OUT:
3705 * 1 : equal
3706 * 0 : not equal
3707 */
3708 static int
3709 key_cmpspidx_withmask(spidx0, spidx1)
3710 struct secpolicyindex *spidx0, *spidx1;
3711 {
3712 /* sanity */
3713 if (spidx0 == NULL && spidx1 == NULL)
3714 return 1;
3715
3716 if (spidx0 == NULL || spidx1 == NULL)
3717 return 0;
3718
3719 if (spidx0->src.ss_family != spidx1->src.ss_family
3720 || spidx0->dst.ss_family != spidx1->dst.ss_family)
3721 return 0;
3722
3723 /* if spidx.ul_proto == IPSEC_ULPROTO_ANY, ignore. */
3724 if (spidx0->ul_proto != (u_int16_t)IPSEC_ULPROTO_ANY
3725 && spidx0->ul_proto != spidx1->ul_proto)
3726 return 0;
3727
3728 if (_INPORTBYSA(&spidx0->src) != IPSEC_PORT_ANY
3729 && _INPORTBYSA(&spidx0->src) != _INPORTBYSA(&spidx1->src))
3730 return 0;
3731
3732 if (_INPORTBYSA(&spidx0->dst) != IPSEC_PORT_ANY
3733 && _INPORTBYSA(&spidx0->dst) != _INPORTBYSA(&spidx1->dst))
3734 return 0;
3735
3736 if (!key_bbcmp(_INADDRBYSA(&spidx0->src),
3737 _INADDRBYSA(&spidx1->src),
3738 spidx0->prefs))
3739 return 0;
3740
3741 if (!key_bbcmp(_INADDRBYSA(&spidx0->dst),
3742 _INADDRBYSA(&spidx1->dst),
3743 spidx0->prefd))
3744 return 0;
3745
3746 /* XXX Do we check other field ? e.g. flowinfo, scope_id. */
3747
3748 return 1;
3749 }
3750
3751 /*
3752 * compare two buffers with mask.
3753 * IN:
3754 * addr1: source
3755 * addr2: object
3756 * bits: Number of bits to compare
3757 * OUT:
3758 * 1 : equal
3759 * 0 : not equal
3760 */
3761 static int
3762 key_bbcmp(p1, p2, bits)
3763 register caddr_t p1, p2;
3764 register u_int bits;
3765 {
3766 u_int8_t mask;
3767
3768 /* XXX: This could be considerably faster if we compare a word
3769 * at a time, but it is complicated on LSB Endian machines */
3770
3771 /* Handle null pointers */
3772 if (p1 == NULL || p2 == NULL)
3773 return (p1 == p2);
3774
3775 while (bits >= 8) {
3776 if (*p1++ != *p2++)
3777 return 0;
3778 bits -= 8;
3779 }
3780
3781 if (bits > 0) {
3782 mask = ~((1<<(8-bits))-1);
3783 if ((*p1 & mask) != (*p2 & mask))
3784 return 0;
3785 }
3786 return 1; /* Match! */
3787 }
3788
3789 /*
3790 * time handler.
3791 * scanning SPD and SAD to check status for each entries,
3792 * and do to remove or to expire.
3793 */
3794 void
3795 key_timehandler(void)
3796 {
3797 u_int dir;
3798 int s;
3799
3800 thread_funnel_set(network_flock, TRUE);
3801 #if __NetBSD__
3802 s = splsoftnet(); /*called from softclock()*/
3803 #else
3804 s = splnet(); /*called from softclock()*/
3805 #endif
3806
3807 /* SPD */
3808 {
3809 struct secpolicy *sp, *nextsp;
3810
3811 for (dir = 0; dir < IPSEC_DIR_MAX; dir++) {
3812 for (sp = LIST_FIRST(&sptree[dir]);
3813 sp != NULL;
3814 sp = nextsp) {
3815
3816 nextsp = LIST_NEXT(sp, chain);
3817
3818 if (sp->state == IPSEC_SPSTATE_DEAD)
3819 key_freesp(sp);
3820 }
3821 }
3822 }
3823
3824 /* SAD */
3825 {
3826 struct secashead *sah, *nextsah;
3827 struct secasvar *sav, *nextsav;
3828
3829 for (sah = LIST_FIRST(&sahtree);
3830 sah != NULL;
3831 sah = nextsah) {
3832
3833 nextsah = LIST_NEXT(sah, chain);
3834
3835 /* if sah has been dead, then delete it and process next sah. */
3836 if (sah->state == SADB_SASTATE_DEAD) {
3837 key_delsah(sah);
3838 continue;
3839 }
3840
3841 /* if LARVAL entry doesn't become MATURE, delete it. */
3842 for (sav = LIST_FIRST(&sah->savtree[SADB_SASTATE_LARVAL]);
3843 sav != NULL;
3844 sav = nextsav) {
3845
3846 nextsav = LIST_NEXT(sav, chain);
3847
3848 sav->tick++;
3849
3850 if (key_larval_lifetime < sav->tick) {
3851 key_freesav(sav);
3852 }
3853 }
3854
3855 /*
3856 * check MATURE entry to start to send expire message
3857 * whether or not.
3858 */
3859 for (sav = LIST_FIRST(&sah->savtree[SADB_SASTATE_MATURE]);
3860 sav != NULL;
3861 sav = nextsav) {
3862
3863 nextsav = LIST_NEXT(sav, chain);
3864
3865 sav->tick++;
3866
3867 /* we don't need to check. */
3868 if (sav->lft_s == NULL)
3869 continue;
3870
3871 /* sanity check */
3872 if (sav->lft_c == NULL) {
3873 #if IPSEC_DEBUG
3874 printf("key_timehandler: "
3875 "There is no CURRENT time, why?\n");
3876 #endif
3877 continue;
3878 }
3879
3880 /* compare SOFT lifetime and tick */
3881 if (sav->lft_s->sadb_lifetime_addtime != 0
3882 && sav->lft_s->sadb_lifetime_addtime < sav->tick) {
3883 /*
3884 * check SA to be used whether or not.
3885 * when SA hasn't been used, delete it.
3886 */
3887 if (sav->lft_c->sadb_lifetime_usetime == 0) {
3888 key_sa_chgstate(sav, SADB_SASTATE_DEAD);
3889 key_freesav(sav);
3890 sav = NULL;
3891 } else {
3892 key_sa_chgstate(sav, SADB_SASTATE_DYING);
3893 /*
3894 * XXX If we keep to send expire
3895 * message in the status of
3896 * DYING. Do remove below code.
3897 */
3898 key_expire(sav);
3899 }
3900 }
3901 /* check SOFT lifetime by bytes */
3902 /*
3903 * XXX I don't know the way to delete this SA
3904 * when new SA is installed. Caution when it's
3905 * installed too big lifetime by time.
3906 */
3907 else if (sav->lft_s->sadb_lifetime_bytes != 0
3908 && sav->lft_s->sadb_lifetime_bytes < sav->lft_c->sadb_lifetime_bytes) {
3909
3910 key_sa_chgstate(sav, SADB_SASTATE_DYING);
3911 /*
3912 * XXX If we keep to send expire
3913 * message in the status of
3914 * DYING. Do remove below code.
3915 */
3916 key_expire(sav);
3917 }
3918 }
3919
3920 /* check DYING entry to change status to DEAD. */
3921 for (sav = LIST_FIRST(&sah->savtree[SADB_SASTATE_DYING]);
3922 sav != NULL;
3923 sav = nextsav) {
3924
3925 nextsav = LIST_NEXT(sav, chain);
3926
3927 sav->tick++;
3928
3929 /* we don't need to check. */
3930 if (sav->lft_h == NULL)
3931 continue;
3932
3933 /* sanity check */
3934 if (sav->lft_c == NULL) {
3935 #if IPSEC_DEBUG
3936 printf("key_timehandler: "
3937 "There is no CURRENT time, why?\n");
3938 #endif
3939 continue;
3940 }
3941
3942 /* compare HARD lifetime and tick */
3943 if (sav->lft_h->sadb_lifetime_addtime != 0
3944 && sav->lft_h->sadb_lifetime_addtime < sav->tick) {
3945 key_sa_chgstate(sav, SADB_SASTATE_DEAD);
3946 key_freesav(sav);
3947 sav = NULL;
3948 }
3949 #if 0 /* XXX Should we keep to send expire message until HARD lifetime ? */
3950 else if (sav->lft_s != NULL
3951 && sav->lft_s->sadb_lifetime_addtime != 0
3952 && sav->lft_s->sadb_lifetime_addtime < sav->tick) {
3953 /*
3954 * XXX: should be checked to be
3955 * installed the valid SA.
3956 */
3957
3958 /*
3959 * If there is no SA then sending
3960 * expire message.
3961 */
3962 key_expire(sav);
3963 }
3964 #endif
3965 /* check HARD lifetime by bytes */
3966 else if (sav->lft_h->sadb_lifetime_bytes != 0
3967 && sav->lft_h->sadb_lifetime_bytes < sav->lft_c->sadb_lifetime_bytes) {
3968 key_sa_chgstate(sav, SADB_SASTATE_DEAD);
3969 key_freesav(sav);
3970 sav = NULL;
3971 }
3972 }
3973
3974 /* delete entry in DEAD */
3975 for (sav = LIST_FIRST(&sah->savtree[SADB_SASTATE_DEAD]);
3976 sav != NULL;
3977 sav = nextsav) {
3978
3979 nextsav = LIST_NEXT(sav, chain);
3980
3981 /* sanity check */
3982 if (sav->state != SADB_SASTATE_DEAD) {
3983 #if IPSEC_DEBUG
3984 printf("key_timehandler: "
3985 "invalid sav->state "
3986 "(queue: %d SA: %d): "
3987 "kill it anyway\n",
3988 SADB_SASTATE_DEAD, sav->state);
3989 #endif
3990 }
3991
3992 /*
3993 * do not call key_freesav() here.
3994 * sav should already be freed, and sav->refcnt
3995 * shows other references to sav
3996 * (such as from SPD).
3997 */
3998 }
3999 }
4000 }
4001
4002 #ifndef IPSEC_NONBLOCK_ACQUIRE
4003 /* ACQ tree */
4004 {
4005 struct secacq *acq, *nextacq;
4006
4007 for (acq = LIST_FIRST(&acqtree);
4008 acq != NULL;
4009 acq = nextacq) {
4010
4011 nextacq = LIST_NEXT(acq, chain);
4012
4013 acq->tick++;
4014
4015 if (key_blockacq_lifetime < acq->tick && __LIST_CHAINED(acq)) {
4016 LIST_REMOVE(acq, chain);
4017 KFREE(acq);
4018 }
4019 }
4020 }
4021 #endif
4022
4023 /* SP ACQ tree */
4024 {
4025 struct secspacq *acq, *nextacq;
4026
4027 for (acq = LIST_FIRST(&spacqtree);
4028 acq != NULL;
4029 acq = nextacq) {
4030
4031 nextacq = LIST_NEXT(acq, chain);
4032
4033 acq->tick++;
4034
4035 if (key_blockacq_lifetime < acq->tick && __LIST_CHAINED(acq)) {
4036 LIST_REMOVE(acq, chain);
4037 KFREE(acq);
4038 }
4039 }
4040 }
4041
4042 /* initialize random seed */
4043 if (key_tick_init_random++ > key_int_random) {
4044 key_tick_init_random = 0;
4045 key_srandom();
4046 }
4047
4048 #ifndef IPSEC_DEBUG2
4049 /* do exchange to tick time !! */
4050 (void)timeout((void *)key_timehandler, (void *)0, 100);
4051 #endif /* IPSEC_DEBUG2 */
4052
4053 splx(s);
4054 thread_funnel_set(network_funnel, FALSE);
4055 return;
4056 }
4057
4058 /*
4059 * to initialize a seed for random()
4060 */
4061 void
4062 key_srandom()
4063 {
4064 struct timeval tv;
4065 #ifdef __bsdi__
4066 extern long randseed; /* it's defined at i386/i386/random.s */
4067 #endif /* __bsdi__ */
4068
4069 microtime(&tv);
4070
4071 #if defined(__FreeBSD__)
4072 srandom(tv.tv_usec);
4073 #endif /* __FreeBSD__ */
4074 #if defined(__APPLE__)
4075 random();
4076 #endif
4077 #ifdef __bsdi__
4078 randseed = tv.tv_usec;
4079 #endif /* __bsdi__ */
4080
4081 return;
4082 }
4083
4084 /*
4085 * map SADB_SATYPE_* to IPPROTO_*.
4086 * if satype == SADB_SATYPE then satype is mapped to ~0.
4087 * OUT:
4088 * 0: invalid satype.
4089 */
4090 static u_int16_t
4091 key_satype2proto(satype)
4092 u_int8_t satype;
4093 {
4094 switch (satype) {
4095 case SADB_SATYPE_UNSPEC:
4096 return IPSEC_PROTO_ANY;
4097 case SADB_SATYPE_AH:
4098 return IPPROTO_AH;
4099 case SADB_SATYPE_ESP:
4100 return IPPROTO_ESP;
4101 #if 1 /*nonstandard*/
4102 case SADB_X_SATYPE_IPCOMP:
4103 return IPPROTO_IPCOMP;
4104 break;
4105 #endif
4106 default:
4107 return 0;
4108 }
4109 /* NOTREACHED */
4110 }
4111
4112 /*
4113 * map IPPROTO_* to SADB_SATYPE_*
4114 * OUT:
4115 * 0: invalid protocol type.
4116 */
4117 static u_int8_t
4118 key_proto2satype(proto)
4119 u_int16_t proto;
4120 {
4121 switch (proto) {
4122 case IPPROTO_AH:
4123 return SADB_SATYPE_AH;
4124 case IPPROTO_ESP:
4125 return SADB_SATYPE_ESP;
4126 #if 1 /*nonstandard*/
4127 case IPPROTO_IPCOMP:
4128 return SADB_X_SATYPE_IPCOMP;
4129 break;
4130 #endif
4131 default:
4132 return 0;
4133 }
4134 /* NOTREACHED */
4135 }
4136
4137 /* %%% PF_KEY */
4138 /*
4139 * SADB_GETSPI processing is to receive
4140 * <base, src address, dst address, (SPI range)>
4141 * from the IKMPd, to assign a unique spi value, to hang on the INBOUND
4142 * tree with the status of LARVAL, and send
4143 * <base, SA(*), address(SD)>
4144 * to the IKMPd.
4145 *
4146 * IN: mhp: pointer to the pointer to each header.
4147 * OUT: NULL if fail.
4148 * other if success, return pointer to the message to send.
4149 */
4150 static struct sadb_msg *
4151 key_getspi(mhp)
4152 caddr_t *mhp;
4153 {
4154 struct sadb_msg *msg0;
4155 struct sadb_address *src0, *dst0;
4156 struct secasindex saidx;
4157 struct secashead *newsah;
4158 struct secasvar *newsav;
4159 u_int8_t proto;
4160 u_int32_t spi;
4161
4162 /* sanity check */
4163 if (mhp == NULL || mhp[0] == NULL)
4164 panic("key_getspi: NULL pointer is passed.\n");
4165
4166 msg0 = (struct sadb_msg *)mhp[0];
4167
4168 if (mhp[SADB_EXT_ADDRESS_SRC] == NULL
4169 || mhp[SADB_EXT_ADDRESS_DST] == NULL) {
4170 #if IPSEC_DEBUG
4171 printf("key_getspi: invalid message is passed.\n");
4172 #endif
4173 msg0->sadb_msg_errno = EINVAL;
4174 return NULL;
4175 }
4176
4177 src0 = (struct sadb_address *)(mhp[SADB_EXT_ADDRESS_SRC]);
4178 dst0 = (struct sadb_address *)(mhp[SADB_EXT_ADDRESS_DST]);
4179
4180 /* map satype to proto */
4181 if ((proto = key_satype2proto(msg0->sadb_msg_satype)) == 0) {
4182 #if IPSEC_DEBUG
4183 printf("key_getspi: invalid satype is passed.\n");
4184 #endif
4185 msg0->sadb_msg_errno = EINVAL;
4186 return NULL;
4187 }
4188
4189 KEY_SETSECASIDX(proto, msg0, src0+1, dst0+1, &saidx);
4190
4191 /* SPI allocation */
4192 spi = key_do_getnewspi((struct sadb_spirange *)mhp[SADB_EXT_SPIRANGE],
4193 &saidx);
4194 if (spi == 0) {
4195 msg0->sadb_msg_errno = EEXIST;
4196 return NULL;
4197 }
4198
4199 /* get a SA index */
4200 if ((newsah = key_getsah(&saidx)) == NULL) {
4201
4202 /* create a new SA index */
4203 if ((newsah = key_newsah(&saidx)) == NULL) {
4204 #if IPSEC_DEBUG
4205 printf("key_getspi: No more memory.\n");
4206 #endif
4207 msg0->sadb_msg_errno = ENOBUFS;
4208 return NULL;
4209 }
4210 }
4211
4212 /* get a new SA */
4213 if ((newsav = key_newsav(mhp, newsah)) == NULL) {
4214 msg0->sadb_msg_errno = ENOBUFS;
4215 /* XXX don't free new SA index allocated in above. */
4216 return NULL;
4217 }
4218
4219 /* set spi */
4220 newsav->spi = htonl(spi);
4221
4222 #ifndef IPSEC_NONBLOCK_ACQUIRE
4223 /* delete the entry in acqtree */
4224 if (msg0->sadb_msg_seq != 0) {
4225 struct secacq *acq;
4226 if ((acq = key_getacqbyseq(msg0->sadb_msg_seq)) != NULL) {
4227 /* reset counter in order to deletion by timehander. */
4228 acq->tick = key_blockacq_lifetime;
4229 acq->count = 0;
4230 }
4231 }
4232 #endif
4233
4234 {
4235 struct sadb_msg *newmsg;
4236 u_int len;
4237 caddr_t p;
4238
4239 /* create new sadb_msg to reply. */
4240 len = sizeof(struct sadb_msg)
4241 + sizeof(struct sadb_sa)
4242 + PFKEY_EXTLEN(mhp[SADB_EXT_ADDRESS_SRC])
4243 + PFKEY_EXTLEN(mhp[SADB_EXT_ADDRESS_DST]);
4244
4245 KMALLOC(newmsg, struct sadb_msg *, len);
4246 if (newmsg == NULL) {
4247 #if IPSEC_DEBUG
4248 printf("key_getspi: No more memory.\n");
4249 #endif
4250 msg0->sadb_msg_errno = ENOBUFS;
4251 return NULL;
4252 }
4253 bzero((caddr_t)newmsg, len);
4254
4255 bcopy((caddr_t)mhp[0], (caddr_t)newmsg, sizeof(*msg0));
4256 newmsg->sadb_msg_seq = newsav->seq;
4257 newmsg->sadb_msg_errno = 0;
4258 newmsg->sadb_msg_len = PFKEY_UNIT64(len);
4259 p = (caddr_t)newmsg + sizeof(*msg0);
4260
4261 {
4262 struct sadb_sa *m_sa;
4263 m_sa = (struct sadb_sa *)p;
4264 m_sa->sadb_sa_len = PFKEY_UNIT64(sizeof(struct sadb_sa));
4265 m_sa->sadb_sa_exttype = SADB_EXT_SA;
4266 m_sa->sadb_sa_spi = htonl(spi);
4267 p += sizeof(struct sadb_sa);
4268 }
4269
4270 p = key_setsadbext(p, mhp[SADB_EXT_ADDRESS_SRC]);
4271 p = key_setsadbext(p, mhp[SADB_EXT_ADDRESS_DST]);
4272
4273 return newmsg;
4274 }
4275 }
4276
4277 /*
4278 * allocating new SPI
4279 * called by key_getspi().
4280 * OUT:
4281 * 0: failure.
4282 * others: success.
4283 */
4284 static u_int32_t
4285 key_do_getnewspi(spirange, saidx)
4286 struct sadb_spirange *spirange;
4287 struct secasindex *saidx;
4288 {
4289 u_int32_t newspi;
4290 u_int32_t min, max;
4291 int count = key_spi_trycnt;
4292
4293 /* set spi range to allocate */
4294 if (spirange != NULL) {
4295 min = spirange->sadb_spirange_min;
4296 max = spirange->sadb_spirange_max;
4297 } else {
4298 min = key_spi_minval;
4299 max = key_spi_maxval;
4300 }
4301 /* IPCOMP needs 2-byte SPI */
4302 if (saidx->proto == IPPROTO_IPCOMP) {
4303 u_int32_t t;
4304 if (min >= 0x10000)
4305 min = 0xffff;
4306 if (max >= 0x10000)
4307 max = 0xffff;
4308 if (min > max) {
4309 t = min; min = max; max = t;
4310 }
4311 }
4312
4313 if (min == max) {
4314 if (key_checkspidup(saidx, min) != NULL) {
4315 #if IPSEC_DEBUG
4316 printf("key_do_getnewspi: SPI %u exists already.\n", min);
4317 #endif
4318 return 0;
4319 }
4320
4321 count--; /* taking one cost. */
4322 newspi = min;
4323
4324 } else {
4325
4326 /* init SPI */
4327 newspi = 0;
4328
4329 /* when requesting to allocate spi ranged */
4330 while (count--) {
4331 /* generate pseudo-random SPI value ranged. */
4332 newspi = min + (random() % ( max - min + 1 ));
4333
4334 if (key_checkspidup(saidx, newspi) == NULL)
4335 break;
4336 }
4337
4338 if (count == 0 || newspi == 0) {
4339 #if IPSEC_DEBUG
4340 printf("key_do_getnewspi: to allocate spi is failed.\n");
4341 #endif
4342 return 0;
4343 }
4344 }
4345
4346 /* statistics */
4347 keystat.getspi_count =
4348 (keystat.getspi_count + key_spi_trycnt - count) / 2;
4349
4350 return newspi;
4351 }
4352
4353 /*
4354 * SADB_UPDATE processing
4355 * receive
4356 * <base, SA, (lifetime(HSC),) address(SD), (address(P),)
4357 * key(AE), (identity(SD),) (sensitivity)>
4358 * from the ikmpd, and update a secasvar entry whose status is SADB_SASTATE_LARVAL.
4359 * and send
4360 * <base, SA, (lifetime(HSC),) address(SD), (address(P),)
4361 * (identity(SD),) (sensitivity)>
4362 * to the ikmpd.
4363 *
4364 * IN: mhp: pointer to the pointer to each header.
4365 * OUT: NULL if fail.
4366 * other if success, return pointer to the message to send.
4367 */
4368 static struct sadb_msg *
4369 key_update(mhp)
4370 caddr_t *mhp;
4371 {
4372 struct sadb_msg *msg0;
4373 struct sadb_sa *sa0;
4374 struct sadb_address *src0, *dst0;
4375 struct secasindex saidx;
4376 struct secashead *sah;
4377 struct secasvar *sav;
4378 u_int16_t proto;
4379
4380 /* sanity check */
4381 if (mhp == NULL || mhp[0] == NULL)
4382 panic("key_update: NULL pointer is passed.\n");
4383
4384 msg0 = (struct sadb_msg *)mhp[0];
4385
4386 /* map satype to proto */
4387 if ((proto = key_satype2proto(msg0->sadb_msg_satype)) == 0) {
4388 #if IPSEC_DEBUG
4389 printf("key_update: invalid satype is passed.\n");
4390 #endif
4391 msg0->sadb_msg_errno = EINVAL;
4392 return NULL;
4393 }
4394
4395 if (mhp[SADB_EXT_SA] == NULL
4396 || mhp[SADB_EXT_ADDRESS_SRC] == NULL
4397 || mhp[SADB_EXT_ADDRESS_DST] == NULL
4398 || (msg0->sadb_msg_satype == SADB_SATYPE_ESP
4399 && mhp[SADB_EXT_KEY_ENCRYPT] == NULL)
4400 || (msg0->sadb_msg_satype == SADB_SATYPE_AH
4401 && mhp[SADB_EXT_KEY_AUTH] == NULL)
4402 || (mhp[SADB_EXT_LIFETIME_HARD] != NULL
4403 && mhp[SADB_EXT_LIFETIME_SOFT] == NULL)
4404 || (mhp[SADB_EXT_LIFETIME_HARD] == NULL
4405 && mhp[SADB_EXT_LIFETIME_SOFT] != NULL)) {
4406 #if IPSEC_DEBUG
4407 printf("key_update: invalid message is passed.\n");
4408 #endif
4409 msg0->sadb_msg_errno = EINVAL;
4410 return NULL;
4411 }
4412
4413 sa0 = (struct sadb_sa *)mhp[SADB_EXT_SA];
4414 src0 = (struct sadb_address *)(mhp[SADB_EXT_ADDRESS_SRC]);
4415 dst0 = (struct sadb_address *)(mhp[SADB_EXT_ADDRESS_DST]);
4416
4417 KEY_SETSECASIDX(proto, msg0, src0+1, dst0+1, &saidx);
4418
4419 /* get a SA header */
4420 if ((sah = key_getsah(&saidx)) == NULL) {
4421 #if IPSEC_DEBUG
4422 printf("key_update: no SA index found.\n");
4423 #endif
4424 msg0->sadb_msg_errno = ENOENT;
4425 return NULL;
4426 }
4427
4428 /* set spidx if there */
4429 if (key_setident(sah, mhp) < 0)
4430 return NULL;
4431
4432 /* find a SA with sequence number. */
4433 #if IPSEC_DOSEQCHECK
4434 if (msg0->sadb_msg_seq != 0
4435 && (sav = key_getsavbyseq(sah, msg0->sadb_msg_seq)) == NULL) {
4436 #if IPSEC_DEBUG
4437 printf("key_update: no larval SA with sequence %u exists.\n",
4438 msg0->sadb_msg_seq);
4439 #endif
4440 msg0->sadb_msg_errno = ENOENT;
4441 return NULL;
4442 }
4443 #else
4444 if ((sav = key_getsavbyspi(sah, sa0->sadb_sa_spi)) == NULL) {
4445 #if IPSEC_DEBUG
4446 printf("key_update: no such a SA found (spi:%u)\n",
4447 (u_int32_t)ntohl(sa0->sadb_sa_spi));
4448 #endif
4449 msg0->sadb_msg_errno = EINVAL;
4450 return NULL;
4451 }
4452 #endif
4453
4454 /* validity check */
4455 if (sav->sah->saidx.proto != proto) {
4456 #if IPSEC_DEBUG
4457 printf("key_update: protocol mismatched (DB=%u param=%u)\n",
4458 sav->sah->saidx.proto, proto);
4459 #endif
4460 msg0->sadb_msg_errno = EINVAL;
4461 return NULL;
4462 }
4463 #if IPSEC_DOSEQCHECK
4464 if (sav->spi != sa0->sadb_sa_spi) {
4465 #if IPSEC_DEBUG
4466 printf("key_update: SPI mismatched (DB:%u param:%u)\n",
4467 (u_int32_t)ntohl(sav->spi),
4468 (u_int32_t)ntohl(sa0->sadb_sa_spi));
4469 #endif
4470 msg0->sadb_msg_errno = EINVAL;
4471 return NULL;
4472 }
4473 #endif
4474 if (sav->pid != msg0->sadb_msg_pid) {
4475 #if IPSEC_DEBUG
4476 printf("key_update: pid mismatched (DB:%u param:%u)\n",
4477 sav->pid, msg0->sadb_msg_pid);
4478 #endif
4479 msg0->sadb_msg_errno = EINVAL;
4480 return NULL;
4481 }
4482
4483 /* copy sav values */
4484 if (key_setsaval(sav, mhp)) {
4485 key_freesav(sav);
4486 return NULL;
4487 }
4488
4489 /* check SA values to be mature. */
4490 if ((msg0->sadb_msg_errno = key_mature(sav)) != 0) {
4491 key_freesav(sav);
4492 return NULL;
4493 }
4494
4495 {
4496 struct sadb_msg *newmsg;
4497
4498 /* set msg buf from mhp */
4499 if ((newmsg = key_getmsgbuf_x1(mhp)) == NULL) {
4500 #if IPSEC_DEBUG
4501 printf("key_update: No more memory.\n");
4502 #endif
4503 msg0->sadb_msg_errno = ENOBUFS;
4504 return NULL;
4505 }
4506 return newmsg;
4507 }
4508 }
4509
4510 /*
4511 * search SAD with sequence for a SA which state is SADB_SASTATE_LARVAL.
4512 * only called by key_update().
4513 * OUT:
4514 * NULL : not found
4515 * others : found, pointer to a SA.
4516 */
4517 #if IPSEC_DOSEQCHECK
4518 static struct secasvar *
4519 key_getsavbyseq(sah, seq)
4520 struct secashead *sah;
4521 u_int32_t seq;
4522 {
4523 struct secasvar *sav;
4524 u_int state;
4525
4526 state = SADB_SASTATE_LARVAL;
4527
4528 /* search SAD with sequence number ? */
4529 LIST_FOREACH(sav, &sah->savtree[state], chain) {
4530
4531 KEY_CHKSASTATE(state, sav->state, "key_getsabyseq");
4532
4533 if (sav->seq == seq) {
4534 sav->refcnt++;
4535 KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
4536 printf("DP key_getsavbyseq cause "
4537 "refcnt++:%d SA:%p\n",
4538 sav->refcnt, sav));
4539 return sav;
4540 }
4541 }
4542
4543 return NULL;
4544 }
4545 #endif
4546
4547 /*
4548 * SADB_ADD processing
4549 * add a entry to SA database, when received
4550 * <base, SA, (lifetime(HSC),) address(SD), (address(P),)
4551 * key(AE), (identity(SD),) (sensitivity)>
4552 * from the ikmpd,
4553 * and send
4554 * <base, SA, (lifetime(HSC),) address(SD), (address(P),)
4555 * (identity(SD),) (sensitivity)>
4556 * to the ikmpd.
4557 *
4558 * IGNORE identity and sensitivity messages.
4559 *
4560 * IN: mhp: pointer to the pointer to each header.
4561 * OUT: NULL if fail.
4562 * other if success, return pointer to the message to send.
4563 */
4564 static struct sadb_msg *
4565 key_add(mhp)
4566 caddr_t *mhp;
4567 {
4568 struct sadb_msg *msg0;
4569 struct sadb_sa *sa0;
4570 struct sadb_address *src0, *dst0;
4571 struct secasindex saidx;
4572 struct secashead *newsah;
4573 struct secasvar *newsav;
4574 u_int16_t proto;
4575
4576 /* sanity check */
4577 if (mhp == NULL || mhp[0] == NULL)
4578 panic("key_add: NULL pointer is passed.\n");
4579
4580 msg0 = (struct sadb_msg *)mhp[0];
4581
4582 /* map satype to proto */
4583 if ((proto = key_satype2proto(msg0->sadb_msg_satype)) == 0) {
4584 #if IPSEC_DEBUG
4585 printf("key_add: invalid satype is passed.\n");
4586 #endif
4587 msg0->sadb_msg_errno = EINVAL;
4588 return NULL;
4589 }
4590
4591 if (mhp[SADB_EXT_SA] == NULL
4592 || mhp[SADB_EXT_ADDRESS_SRC] == NULL
4593 || mhp[SADB_EXT_ADDRESS_DST] == NULL
4594 || (msg0->sadb_msg_satype == SADB_SATYPE_ESP
4595 && mhp[SADB_EXT_KEY_ENCRYPT] == NULL)
4596 || (msg0->sadb_msg_satype == SADB_SATYPE_AH
4597 && mhp[SADB_EXT_KEY_AUTH] == NULL)
4598 || (mhp[SADB_EXT_LIFETIME_HARD] != NULL
4599 && mhp[SADB_EXT_LIFETIME_SOFT] == NULL)
4600 || (mhp[SADB_EXT_LIFETIME_HARD] == NULL
4601 && mhp[SADB_EXT_LIFETIME_SOFT] != NULL)) {
4602 #if IPSEC_DEBUG
4603 printf("key_add: invalid message is passed.\n");
4604 #endif
4605 msg0->sadb_msg_errno = EINVAL;
4606 return NULL;
4607 }
4608
4609 sa0 = (struct sadb_sa *)mhp[SADB_EXT_SA];
4610 src0 = (struct sadb_address *)(mhp[SADB_EXT_ADDRESS_SRC]);
4611 dst0 = (struct sadb_address *)(mhp[SADB_EXT_ADDRESS_DST]);
4612
4613 KEY_SETSECASIDX(proto, msg0, src0+1, dst0+1, &saidx);
4614
4615 /* get a SA header */
4616 if ((newsah = key_getsah(&saidx)) == NULL) {
4617
4618 /* create a new SA header */
4619 if ((newsah = key_newsah(&saidx)) == NULL) {
4620 #if IPSEC_DEBUG
4621 printf("key_add: No more memory.\n");
4622 #endif
4623 msg0->sadb_msg_errno = ENOBUFS;
4624 return NULL;
4625 }
4626 }
4627
4628 /* set spidx if there */
4629 if (key_setident(newsah, mhp) < 0)
4630 return NULL;
4631
4632 /* create new SA entry. */
4633 /* We can create new SA only if SPI is differenct. */
4634 if (key_getsavbyspi(newsah, sa0->sadb_sa_spi)) {
4635 #if IPSEC_DEBUG
4636 printf("key_add: SA already exists.\n");
4637 #endif
4638 msg0->sadb_msg_errno = EEXIST;
4639 return NULL;
4640 }
4641 if ((newsav = key_newsav(mhp, newsah)) == NULL)
4642 return NULL;
4643
4644 /* check SA values to be mature. */
4645 if ((msg0->sadb_msg_errno = key_mature(newsav)) != NULL) {
4646 key_freesav(newsav);
4647 return NULL;
4648 }
4649
4650 /*
4651 * don't call key_freesav() here, as we would like to keep the SA
4652 * in the database on success.
4653 */
4654
4655 {
4656 struct sadb_msg *newmsg;
4657
4658 /* set msg buf from mhp */
4659 if ((newmsg = key_getmsgbuf_x1(mhp)) == NULL) {
4660 #if IPSEC_DEBUG
4661 printf("key_add: No more memory.\n");
4662 #endif
4663 msg0->sadb_msg_errno = ENOBUFS;
4664 return NULL;
4665 }
4666
4667 return newmsg;
4668 }
4669 }
4670
4671 static int
4672 key_setident(sah, mhp)
4673 struct secashead *sah;
4674 caddr_t *mhp;
4675 {
4676 struct sadb_msg *msg0;
4677 struct sadb_ident *idsrc, *iddst;
4678 int idsrclen, iddstlen;
4679
4680 /* sanity check */
4681 if (sah == NULL || mhp == NULL || mhp[0] == NULL)
4682 panic("key_setident: NULL pointer is passed.\n");
4683
4684 msg0 = (struct sadb_msg *)mhp[0];
4685
4686 /* don't make buffer if not there */
4687 if (mhp[SADB_EXT_IDENTITY_SRC] == NULL
4688 && mhp[SADB_EXT_IDENTITY_DST] == NULL) {
4689 sah->idents = NULL;
4690 sah->identd = NULL;
4691 return 0;
4692 }
4693
4694 if (mhp[SADB_EXT_IDENTITY_SRC] == NULL
4695 || mhp[SADB_EXT_IDENTITY_DST] == NULL) {
4696 #if IPSEC_DEBUG
4697 printf("key_setident: invalid identity.\n");
4698 #endif
4699 msg0->sadb_msg_errno = EINVAL;
4700 return -1;
4701 }
4702
4703 idsrc = (struct sadb_ident *)mhp[SADB_EXT_IDENTITY_SRC];
4704 iddst = (struct sadb_ident *)mhp[SADB_EXT_IDENTITY_DST];
4705 idsrclen = PFKEY_UNUNIT64(idsrc->sadb_ident_len);
4706 iddstlen = PFKEY_UNUNIT64(idsrc->sadb_ident_len);
4707
4708 /* validity check */
4709 if (idsrc->sadb_ident_type != iddst->sadb_ident_type) {
4710 #if IPSEC_DEBUG
4711 printf("key_setident: ident type mismatch.\n");
4712 #endif
4713 msg0->sadb_msg_errno = EINVAL;
4714 return -1;
4715 }
4716
4717 switch (idsrc->sadb_ident_type) {
4718 case SADB_X_IDENTTYPE_ADDR:
4719 if (idsrclen !=
4720 sizeof(*idsrc) + ((struct sockaddr *)(idsrc + 1))->sa_len
4721 || iddstlen !=
4722 sizeof(*iddst) + ((struct sockaddr *)(iddst + 1))->sa_len) {
4723 #if IPSEC_DEBUG
4724 printf("key_setident: invalid length is passed.\n");
4725 #endif
4726 msg0->sadb_msg_errno = EINVAL;
4727 return -1;
4728 }
4729 if (((struct sockaddr *)(idsrc + 1))->sa_len >
4730 sizeof(struct sockaddr_storage)
4731 || ((struct sockaddr *)(iddst + 1))->sa_len >
4732 sizeof(struct sockaddr_storage)) {
4733 #if IPSEC_DEBUG
4734 printf("key_setident: invalid sa_len is passed.\n");
4735 #endif
4736 msg0->sadb_msg_errno = EINVAL;
4737 return -1;
4738 }
4739 #define __IDENTXID(a) ((union sadb_x_ident_id *)&(a)->sadb_ident_id)
4740 if (__IDENTXID(idsrc)->sadb_x_ident_id_addr.ul_proto
4741 != __IDENTXID(iddst)->sadb_x_ident_id_addr.ul_proto) {
4742 #if IPSEC_DEBUG
4743 printf("key_setident: ul_proto mismatch.\n");
4744 #endif
4745 msg0->sadb_msg_errno = EINVAL;
4746 return -1;
4747 }
4748 #undef __IDENTXID(a)
4749 break;
4750 case SADB_IDENTTYPE_PREFIX:
4751 case SADB_IDENTTYPE_FQDN:
4752 case SADB_IDENTTYPE_USERFQDN:
4753 default:
4754 /* XXX do nothing */
4755 sah->idents = NULL;
4756 sah->identd = NULL;
4757 return 0;
4758 }
4759
4760 /* make structure */
4761 KMALLOC(sah->idents, struct sadb_ident *, idsrclen);
4762 if (sah->idents == NULL) {
4763 #if IPSEC_DEBUG
4764 printf("key_setident: No more memory.\n");
4765 #endif
4766 msg0->sadb_msg_errno = ENOBUFS;
4767 return -1;
4768 }
4769 KMALLOC(sah->identd, struct sadb_ident *, iddstlen);
4770 if (sah->identd == NULL) {
4771 KFREE(sah->idents);
4772 #if IPSEC_DEBUG
4773 printf("key_setident: No more memory.\n");
4774 #endif
4775 msg0->sadb_msg_errno = ENOBUFS;
4776 return -1;
4777 }
4778 bcopy(idsrc, sah->idents, idsrclen);
4779 bcopy(iddst, sah->identd, iddstlen);
4780
4781 return 0;
4782 }
4783
4784 static struct sadb_msg *
4785 key_getmsgbuf_x1(mhp)
4786 caddr_t *mhp;
4787 {
4788 struct sadb_msg *msg0;
4789 struct sadb_msg *newmsg;
4790 u_int len;
4791 caddr_t p;
4792
4793 /* sanity check */
4794 if (mhp == NULL || mhp[0] == NULL)
4795 panic("key_getmsgbuf_x1: NULL pointer is passed.\n");
4796
4797 msg0 = (struct sadb_msg *)mhp[0];
4798
4799 /* create new sadb_msg to reply. */
4800 len = sizeof(struct sadb_msg)
4801 + sizeof(struct sadb_sa)
4802 + PFKEY_EXTLEN(mhp[SADB_EXT_ADDRESS_SRC])
4803 + PFKEY_EXTLEN(mhp[SADB_EXT_ADDRESS_DST])
4804 + (mhp[SADB_EXT_LIFETIME_HARD] == NULL
4805 ? 0 : sizeof(struct sadb_lifetime))
4806 + (mhp[SADB_EXT_LIFETIME_SOFT] == NULL
4807 ? 0 : sizeof(struct sadb_lifetime))
4808 + (mhp[SADB_EXT_IDENTITY_SRC] == NULL
4809 ? 0 : PFKEY_EXTLEN(mhp[SADB_EXT_IDENTITY_SRC]))
4810 + (mhp[SADB_EXT_IDENTITY_DST] == NULL
4811 ? 0 : PFKEY_EXTLEN(mhp[SADB_EXT_IDENTITY_DST]));
4812
4813 KMALLOC(newmsg, struct sadb_msg *, len);
4814 if (newmsg == NULL)
4815 return NULL;
4816 bzero((caddr_t)newmsg, len);
4817
4818 bcopy((caddr_t)mhp[0], (caddr_t)newmsg, sizeof(*msg0));
4819 newmsg->sadb_msg_errno = 0;
4820 newmsg->sadb_msg_len = PFKEY_UNIT64(len);
4821 p = (caddr_t)newmsg + sizeof(*msg0);
4822
4823 p = key_setsadbext(p, mhp[SADB_EXT_SA]);
4824 p = key_setsadbext(p, mhp[SADB_EXT_ADDRESS_SRC]);
4825 p = key_setsadbext(p, mhp[SADB_EXT_ADDRESS_DST]);
4826
4827 if (mhp[SADB_EXT_LIFETIME_HARD] != NULL)
4828 p = key_setsadbext(p, mhp[SADB_EXT_LIFETIME_HARD]);
4829
4830 if (mhp[SADB_EXT_LIFETIME_SOFT] != NULL)
4831 p = key_setsadbext(p, mhp[SADB_EXT_LIFETIME_SOFT]);
4832
4833 if (mhp[SADB_EXT_IDENTITY_SRC] != NULL)
4834 p = key_setsadbext(p, mhp[SADB_EXT_IDENTITY_SRC]);
4835 if (mhp[SADB_EXT_IDENTITY_DST] != NULL)
4836 p = key_setsadbext(p, mhp[SADB_EXT_IDENTITY_DST]);
4837
4838 return newmsg;
4839 }
4840
4841 /*
4842 * SADB_DELETE processing
4843 * receive
4844 * <base, SA(*), address(SD)>
4845 * from the ikmpd, and set SADB_SASTATE_DEAD,
4846 * and send,
4847 * <base, SA(*), address(SD)>
4848 * to the ikmpd.
4849 *
4850 * IN: mhp: pointer to the pointer to each header.
4851 * OUT: NULL if fail.
4852 * other if success, return pointer to the message to send.
4853 */
4854 static struct sadb_msg *
4855 key_delete(mhp)
4856 caddr_t *mhp;
4857 {
4858 struct sadb_msg *msg0;
4859 struct sadb_sa *sa0;
4860 struct sadb_address *src0, *dst0;
4861 struct secasindex saidx;
4862 struct secashead *sah;
4863 struct secasvar *sav;
4864 u_int16_t proto;
4865
4866 /* sanity check */
4867 if (mhp == NULL || mhp[0] == NULL)
4868 panic("key_delete: NULL pointer is passed.\n");
4869
4870 msg0 = (struct sadb_msg *)mhp[0];
4871
4872 /* map satype to proto */
4873 if ((proto = key_satype2proto(msg0->sadb_msg_satype)) == 0) {
4874 #if IPSEC_DEBUG
4875 printf("key_delete: invalid satype is passed.\n");
4876 #endif
4877 msg0->sadb_msg_errno = EINVAL;
4878 return NULL;
4879 }
4880
4881 if (mhp[SADB_EXT_SA] == NULL
4882 || mhp[SADB_EXT_ADDRESS_SRC] == NULL
4883 || mhp[SADB_EXT_ADDRESS_DST] == NULL) {
4884 #if IPSEC_DEBUG
4885 printf("key_delete: invalid message is passed.\n");
4886 #endif
4887 msg0->sadb_msg_errno = EINVAL;
4888 return NULL;
4889 }
4890 sa0 = (struct sadb_sa *)mhp[SADB_EXT_SA];
4891 src0 = (struct sadb_address *)(mhp[SADB_EXT_ADDRESS_SRC]);
4892 dst0 = (struct sadb_address *)(mhp[SADB_EXT_ADDRESS_DST]);
4893
4894 KEY_SETSECASIDX(proto, msg0, src0+1, dst0+1, &saidx);
4895
4896 /* get a SA header */
4897 if ((sah = key_getsah(&saidx)) == NULL) {
4898 #if IPSEC_DEBUG
4899 printf("key_delete: no SA found.\n");
4900 #endif
4901 msg0->sadb_msg_errno = ENOENT;
4902 return NULL;
4903 }
4904
4905 /* get a SA with SPI. */
4906 sav = key_getsavbyspi(sah, sa0->sadb_sa_spi);
4907 if (sav == NULL) {
4908 #if IPSEC_DEBUG
4909 printf("key_delete: no alive SA found.\n");
4910 #endif
4911 msg0->sadb_msg_errno = ENOENT;
4912 return NULL;
4913 }
4914
4915 key_sa_chgstate(sav, SADB_SASTATE_DEAD);
4916 key_freesav(sav);
4917 sav = NULL;
4918
4919 {
4920 struct sadb_msg *newmsg;
4921 u_int len;
4922 caddr_t p;
4923
4924 /* create new sadb_msg to reply. */
4925 len = sizeof(struct sadb_msg)
4926 + sizeof(struct sadb_sa)
4927 + PFKEY_EXTLEN(mhp[SADB_EXT_ADDRESS_SRC])
4928 + PFKEY_EXTLEN(mhp[SADB_EXT_ADDRESS_DST]);
4929
4930 KMALLOC(newmsg, struct sadb_msg *, len);
4931 if (newmsg == NULL) {
4932 #if IPSEC_DEBUG
4933 printf("key_delete: No more memory.\n");
4934 #endif
4935 msg0->sadb_msg_errno = ENOBUFS;
4936 return NULL;
4937 }
4938 bzero((caddr_t)newmsg, len);
4939
4940 bcopy((caddr_t)mhp[0], (caddr_t)newmsg, sizeof(*msg0));
4941 newmsg->sadb_msg_errno = 0;
4942 newmsg->sadb_msg_len = PFKEY_UNIT64(len);
4943 p = (caddr_t)newmsg + sizeof(*msg0);
4944
4945 p = key_setsadbext(p, mhp[SADB_EXT_SA]);
4946 p = key_setsadbext(p, mhp[SADB_EXT_ADDRESS_SRC]);
4947 p = key_setsadbext(p, mhp[SADB_EXT_ADDRESS_DST]);
4948
4949 return newmsg;
4950 }
4951 }
4952
4953 /*
4954 * SADB_GET processing
4955 * receive
4956 * <base, SA(*), address(SD)>
4957 * from the ikmpd, and get a SP and a SA to respond,
4958 * and send,
4959 * <base, SA, (lifetime(HSC),) address(SD), (address(P),) key(AE),
4960 * (identity(SD),) (sensitivity)>
4961 * to the ikmpd.
4962 *
4963 * IN: mhp: pointer to the pointer to each header.
4964 * OUT: NULL if fail.
4965 * other if success, return pointer to the message to send.
4966 */
4967 static struct sadb_msg *
4968 key_get(mhp)
4969 caddr_t *mhp;
4970 {
4971 struct sadb_msg *msg0;
4972 struct sadb_sa *sa0;
4973 struct sadb_address *src0, *dst0;
4974 struct secasindex saidx;
4975 struct secashead *sah;
4976 struct secasvar *sav;
4977 u_int16_t proto;
4978
4979 /* sanity check */
4980 if (mhp == NULL || mhp[0] == NULL)
4981 panic("key_get: NULL pointer is passed.\n");
4982
4983 msg0 = (struct sadb_msg *)mhp[0];
4984
4985 /* map satype to proto */
4986 if ((proto = key_satype2proto(msg0->sadb_msg_satype)) == 0) {
4987 #if IPSEC_DEBUG
4988 printf("key_get: invalid satype is passed.\n");
4989 #endif
4990 msg0->sadb_msg_errno = EINVAL;
4991 return NULL;
4992 }
4993
4994 if (mhp[SADB_EXT_SA] == NULL
4995 || mhp[SADB_EXT_ADDRESS_SRC] == NULL
4996 || mhp[SADB_EXT_ADDRESS_DST] == NULL) {
4997 #if IPSEC_DEBUG
4998 printf("key_get: invalid message is passed.\n");
4999 #endif
5000 msg0->sadb_msg_errno = EINVAL;
5001 return NULL;
5002 }
5003 sa0 = (struct sadb_sa *)mhp[SADB_EXT_SA];
5004 src0 = (struct sadb_address *)(mhp[SADB_EXT_ADDRESS_SRC]);
5005 dst0 = (struct sadb_address *)(mhp[SADB_EXT_ADDRESS_DST]);
5006
5007 KEY_SETSECASIDX(proto, msg0, src0+1, dst0+1, &saidx);
5008
5009 /* get a SA header */
5010 if ((sah = key_getsah(&saidx)) == NULL) {
5011 #if IPSEC_DEBUG
5012 printf("key_get: no SA found.\n");
5013 #endif
5014 msg0->sadb_msg_errno = ENOENT;
5015 return NULL;
5016 }
5017
5018 /* get a SA with SPI. */
5019 sav = key_getsavbyspi(sah, sa0->sadb_sa_spi);
5020 if (sav == NULL) {
5021 #if IPSEC_DEBUG
5022 printf("key_get: no SA with state of mature found.\n");
5023 #endif
5024 msg0->sadb_msg_errno = ENOENT;
5025 return NULL;
5026 }
5027
5028 {
5029 struct sadb_msg *newmsg;
5030 u_int len;
5031 u_int8_t satype;
5032
5033 /* map proto to satype */
5034 if ((satype = key_proto2satype(sah->saidx.proto)) == 0) {
5035 #if IPSEC_DEBUG
5036 printf("key_get: there was invalid proto in SAD.\n");
5037 #endif
5038 msg0->sadb_msg_errno = EINVAL;
5039 return NULL;
5040 }
5041
5042 /* calculate a length of message buffer */
5043 len = key_getmsglen(sav);
5044
5045 KMALLOC(newmsg, struct sadb_msg *, len);
5046 if (newmsg == NULL) {
5047 #if IPSEC_DEBUG
5048 printf("key_get: No more memory.\n");
5049 #endif
5050 msg0->sadb_msg_errno = ENOBUFS;
5051 return NULL;
5052 }
5053
5054 /* create new sadb_msg to reply. */
5055 (void)key_setdumpsa(newmsg, sav, SADB_GET,
5056 satype, msg0->sadb_msg_seq, msg0->sadb_msg_pid);
5057
5058 return newmsg;
5059 }
5060 }
5061
5062 /*
5063 * SADB_ACQUIRE processing called by key_checkrequest() and key_acquire2().
5064 * send
5065 * <base, SA, address(SD), (address(P)),
5066 * (identity(SD),) (sensitivity,) proposal>
5067 * to KMD, and expect to receive
5068 * <base> with SADB_ACQUIRE if error occured,
5069 * or
5070 * <base, src address, dst address, (SPI range)> with SADB_GETSPI
5071 * from KMD by PF_KEY.
5072 *
5073 * sensitivity is not supported.
5074 *
5075 * OUT:
5076 * 0 : succeed
5077 * others: error number
5078 */
5079 static int
5080 key_acquire(saidx, sp)
5081 struct secasindex *saidx;
5082 struct secpolicy *sp;
5083 {
5084 #ifndef IPSEC_NONBLOCK_ACQUIRE
5085 struct secacq *newacq;
5086 #endif
5087 struct secpolicyindex *spidx = NULL;
5088 u_int8_t satype;
5089 int error;
5090
5091 /* sanity check */
5092 if (saidx == NULL || sp == NULL)
5093 panic("key_acquire: NULL pointer is passed.\n");
5094 if ((satype = key_proto2satype(saidx->proto)) == 0)
5095 panic("key_acquire: invalid proto is passed.\n");
5096
5097 spidx = &sp->spidx;
5098
5099 #ifndef IPSEC_NONBLOCK_ACQUIRE
5100 /*
5101 * We never do anything about acquirng SA. There is anather
5102 * solution that kernel blocks to send SADB_ACQUIRE message until
5103 * getting something message from IKEd. In later case, to be
5104 * managed with ACQUIRING list.
5105 */
5106 /* get a entry to check whether sending message or not. */
5107 if ((newacq = key_getacq(saidx)) != NULL) {
5108 if (key_blockacq_count < newacq->count) {
5109 /* reset counter and do send message. */
5110 newacq->count = 0;
5111 } else {
5112 /* increment counter and do nothing. */
5113 newacq->count++;
5114 return 0;
5115 }
5116 } else {
5117 /* make new entry for blocking to send SADB_ACQUIRE. */
5118 if ((newacq = key_newacq(saidx)) == NULL)
5119 return ENOBUFS;
5120
5121 /* add to acqtree */
5122 LIST_INSERT_HEAD(&acqtree, newacq, chain);
5123 }
5124 #endif
5125
5126 {
5127 struct sadb_msg *newmsg = NULL;
5128 union sadb_x_ident_id id;
5129 u_int len;
5130 caddr_t p;
5131
5132 /* create new sadb_msg to reply. */
5133 len = sizeof(struct sadb_msg)
5134 + sizeof(struct sadb_address)
5135 + PFKEY_ALIGN8(saidx->src.ss_len)
5136 + sizeof(struct sadb_address)
5137 + PFKEY_ALIGN8(saidx->dst.ss_len)
5138 + sizeof(struct sadb_x_policy)
5139 + sizeof(struct sadb_ident)
5140 + PFKEY_ALIGN8(spidx->src.ss_len)
5141 + sizeof(struct sadb_ident)
5142 + PFKEY_ALIGN8(spidx->dst.ss_len)
5143 + sizeof(struct sadb_prop)
5144 + sizeof(struct sadb_comb); /* XXX to be multiple */
5145
5146 KMALLOC(newmsg, struct sadb_msg *, len);
5147 if (newmsg == 0) {
5148 #if IPSEC_DEBUG
5149 printf("key_acquire: No more memory.\n");
5150 #endif
5151 return ENOBUFS;
5152 }
5153 bzero((caddr_t)newmsg, len);
5154
5155 newmsg->sadb_msg_version = PF_KEY_V2;
5156 newmsg->sadb_msg_type = SADB_ACQUIRE;
5157 newmsg->sadb_msg_errno = 0;
5158 newmsg->sadb_msg_satype = satype;
5159 newmsg->sadb_msg_len = PFKEY_UNIT64(len);
5160 newmsg->sadb_msg_mode = saidx->mode;
5161 newmsg->sadb_msg_reqid = saidx->reqid;
5162
5163 #ifndef IPSEC_NONBLOCK_ACQUIRE
5164 newmsg->sadb_msg_seq = newacq->seq;
5165 #else
5166 newmsg->sadb_msg_seq = (acq_seq = (acq_seq == ~0 ? 1 : ++acq_seq));
5167 #endif
5168
5169 newmsg->sadb_msg_pid = 0;
5170
5171 p = (caddr_t)newmsg + sizeof(struct sadb_msg);
5172
5173 /* set sadb_address for saidx's. */
5174 p = key_setsadbaddr(p,
5175 SADB_EXT_ADDRESS_SRC,
5176 (struct sockaddr *)&saidx->src,
5177 _INALENBYAF(saidx->src.ss_family) << 3,
5178 IPSEC_ULPROTO_ANY);
5179 p = key_setsadbaddr(p,
5180 SADB_EXT_ADDRESS_DST,
5181 (struct sockaddr *)&saidx->dst,
5182 _INALENBYAF(saidx->dst.ss_family) << 3,
5183 IPSEC_ULPROTO_ANY);
5184
5185 /* set sadb_x_policy */
5186 p = key_setsadbxpolicy(p, sp->policy, sp->spidx.dir, sp->id);
5187
5188 /* set sadb_address for spidx's. */
5189 bzero(&id, sizeof(id));
5190 id.sadb_x_ident_id_addr.prefix = spidx->prefs;
5191 id.sadb_x_ident_id_addr.ul_proto = spidx->ul_proto;
5192 p = key_setsadbident(p,
5193 SADB_EXT_IDENTITY_SRC,
5194 SADB_X_IDENTTYPE_ADDR,
5195 (caddr_t)&spidx->src,
5196 spidx->src.ss_len,
5197 *(u_int64_t *)&id);
5198
5199 bzero(&id, sizeof(id));
5200 id.sadb_x_ident_id_addr.prefix = spidx->prefd;
5201 id.sadb_x_ident_id_addr.ul_proto = spidx->ul_proto;
5202 p = key_setsadbident(p,
5203 SADB_EXT_IDENTITY_DST,
5204 SADB_X_IDENTTYPE_ADDR,
5205 (caddr_t)&spidx->dst,
5206 spidx->dst.ss_len,
5207 *(u_int64_t *)&id);
5208
5209 /* create proposal extension */
5210 /* set combination extension */
5211 /* XXX: to be defined by proposal database */
5212 {
5213 struct sadb_prop *prop;
5214 struct sadb_comb *comb;
5215
5216 prop = (struct sadb_prop *)p;
5217 prop->sadb_prop_len = PFKEY_UNIT64(sizeof(*prop) + sizeof(*comb));
5218 /* XXX to be multiple */
5219 prop->sadb_prop_exttype = SADB_EXT_PROPOSAL;
5220 prop->sadb_prop_replay = 32; /* XXX be variable ? */
5221 p += sizeof(struct sadb_prop);
5222
5223 comb = (struct sadb_comb *)p;
5224 comb->sadb_comb_auth = SADB_AALG_SHA1HMAC; /* XXX ??? */
5225 comb->sadb_comb_encrypt = SADB_EALG_DESCBC; /* XXX ??? */
5226 comb->sadb_comb_flags = 0;
5227 comb->sadb_comb_auth_minbits = 8; /* XXX */
5228 comb->sadb_comb_auth_maxbits = 1024; /* XXX */
5229 comb->sadb_comb_encrypt_minbits = 64; /* XXX */
5230 comb->sadb_comb_encrypt_maxbits = 64; /* XXX */
5231 comb->sadb_comb_soft_allocations = 0;
5232 comb->sadb_comb_hard_allocations = 0;
5233 comb->sadb_comb_soft_bytes = 0;
5234 comb->sadb_comb_hard_bytes = 0;
5235 comb->sadb_comb_soft_addtime = 0;
5236 comb->sadb_comb_hard_addtime = 0;
5237 comb->sadb_comb_soft_usetime = 0;
5238 comb->sadb_comb_hard_usetime = 0;
5239
5240 p += sizeof(*comb);
5241 }
5242
5243 #if 0 /* XXX Do it ?*/
5244 if (idexttype && fqdn) {
5245 /* create identity extension (FQDN) */
5246 struct sadb_ident *id;
5247 int fqdnlen;
5248
5249 fqdnlen = strlen(fqdn) + 1; /* +1 for terminating-NUL */
5250 id = (struct sadb_ident *)p;
5251 bzero(id, sizeof(*id) + PFKEY_ALIGN8(fqdnlen));
5252 id->sadb_ident_len = PFKEY_UNIT64(sizeof(*id) + PFKEY_ALIGN8(fqdnlen));
5253 id->sadb_ident_exttype = idexttype;
5254 id->sadb_ident_type = SADB_IDENTTYPE_FQDN;
5255 bcopy(fqdn, id + 1, fqdnlen);
5256 p += sizeof(struct sadb_ident) + PFKEY_ALIGN8(fqdnlen);
5257 }
5258
5259 if (idexttype) {
5260 /* create identity extension (USERFQDN) */
5261 struct sadb_ident *id;
5262 int userfqdnlen;
5263
5264 if (userfqdn) {
5265 /* +1 for terminating-NUL */
5266 userfqdnlen = strlen(userfqdn) + 1;
5267 } else
5268 userfqdnlen = 0;
5269 id = (struct sadb_ident *)p;
5270 bzero(id, sizeof(*id) + PFKEY_ALIGN8(userfqdnlen));
5271 id->sadb_ident_len = PFKEY_UNIT64(sizeof(*id) + PFKEY_ALIGN8(userfqdnlen));
5272 id->sadb_ident_exttype = idexttype;
5273 id->sadb_ident_type = SADB_IDENTTYPE_USERFQDN;
5274 /* XXX is it correct? */
5275 if (curproc && curproc->p_cred)
5276 id->sadb_ident_id = curproc->p_cred->p_ruid;
5277 if (userfqdn && userfqdnlen)
5278 bcopy(userfqdn, id + 1, userfqdnlen);
5279 p += sizeof(struct sadb_ident) + PFKEY_ALIGN8(userfqdnlen);
5280 }
5281 #endif
5282
5283 error = key_sendall(newmsg, len);
5284 #if IPSEC_DEBUG
5285 if (error != 0)
5286 printf("key_acquire: key_sendall returned %d\n", error);
5287 #endif
5288 return error;
5289 }
5290
5291 return 0;
5292 }
5293
5294 #ifndef IPSEC_NONBLOCK_ACQUIRE
5295 static struct secacq *
5296 key_newacq(saidx)
5297 struct secasindex *saidx;
5298 {
5299 struct secacq *newacq;
5300
5301 /* get new entry */
5302 KMALLOC(newacq, struct secacq *, sizeof(struct secacq));
5303 if (newacq == NULL) {
5304 #if IPSEC_DEBUG
5305 printf("key_newacq: No more memory.\n");
5306 #endif
5307 return NULL;
5308 }
5309 bzero(newacq, sizeof(*newacq));
5310
5311 /* copy secindex */
5312 bcopy(saidx, &newacq->saidx, sizeof(newacq->saidx));
5313 newacq->seq = (acq_seq == ~0 ? 1 : ++acq_seq);
5314 newacq->tick = 0;
5315 newacq->count = 0;
5316
5317 return newacq;
5318 }
5319
5320 static struct secacq *
5321 key_getacq(saidx)
5322 struct secasindex *saidx;
5323 {
5324 struct secacq *acq;
5325
5326 LIST_FOREACH(acq, &acqtree, chain) {
5327 if (key_cmpsaidx_exactly(saidx, &acq->saidx))
5328 return acq;
5329 }
5330
5331 return NULL;
5332 }
5333
5334 static struct secacq *
5335 key_getacqbyseq(seq)
5336 u_int32_t seq;
5337 {
5338 struct secacq *acq;
5339
5340 LIST_FOREACH(acq, &acqtree, chain) {
5341 if (acq->seq == seq)
5342 return acq;
5343 }
5344
5345 return NULL;
5346 }
5347 #endif
5348
5349 static struct secspacq *
5350 key_newspacq(spidx)
5351 struct secpolicyindex *spidx;
5352 {
5353 struct secspacq *acq;
5354
5355 /* get new entry */
5356 KMALLOC(acq, struct secspacq *, sizeof(struct secspacq));
5357 if (acq == NULL) {
5358 #if IPSEC_DEBUG
5359 printf("key_newspacq: No more memory.\n");
5360 #endif
5361 return NULL;
5362 }
5363 bzero(acq, sizeof(*acq));
5364
5365 /* copy secindex */
5366 bcopy(spidx, &acq->spidx, sizeof(acq->spidx));
5367 acq->tick = 0;
5368 acq->count = 0;
5369
5370 return acq;
5371 }
5372
5373 static struct secspacq *
5374 key_getspacq(spidx)
5375 struct secpolicyindex *spidx;
5376 {
5377 struct secspacq *acq;
5378
5379 LIST_FOREACH(acq, &spacqtree, chain) {
5380 if (key_cmpspidx_exactly(spidx, &acq->spidx))
5381 return acq;
5382 }
5383
5384 return NULL;
5385 }
5386
5387 /*
5388 * SADB_ACQUIRE processing,
5389 * in first situation, is receiving
5390 * <base>
5391 * from the ikmpd, and clear sequence of its secasvar entry.
5392 *
5393 * In second situation, is receiving
5394 * <base, address(SD), (address(P),) (identity(SD),) (sensitivity,) proposal>
5395 * from a user land process, and return
5396 * <base, address(SD), (address(P),) (identity(SD),) (sensitivity,) proposal>
5397 * to the socket.
5398 *
5399 * IN: mhp: pointer to the pointer to each header.
5400 * OUT: NULL if fail.
5401 * other if success, return pointer to the message to send.
5402 */
5403 static struct sadb_msg *
5404 key_acquire2(mhp)
5405 caddr_t *mhp;
5406 {
5407 struct sadb_msg *msg0;
5408 struct sadb_address *src0, *dst0;
5409 struct secasindex saidx;
5410 struct secashead *sah;
5411 u_int16_t proto;
5412
5413 /* sanity check */
5414 if (mhp == NULL || mhp[0] == NULL)
5415 panic("key_acquire2: NULL pointer is passed.\n");
5416
5417 msg0 = (struct sadb_msg *)mhp[0];
5418
5419 /*
5420 * Error message from KMd.
5421 * We assume that if error was occured in IKEd, the length of PFKEY
5422 * message is equal to the size of sadb_msg structure.
5423 * We return ~0 even if error occured in this function.
5424 */
5425 if (msg0->sadb_msg_len == PFKEY_UNIT64(sizeof(struct sadb_msg))) {
5426
5427 #ifndef IPSEC_NONBLOCK_ACQUIRE
5428 struct secacq *acq;
5429
5430 /* check sequence number */
5431 if (msg0->sadb_msg_seq == 0) {
5432 #if IPSEC_DEBUG
5433 printf("key_acquire2: must specify sequence number.\n");
5434 #endif
5435 return (struct sadb_msg *)~0;
5436 }
5437
5438 if ((acq = key_getacqbyseq(msg0->sadb_msg_seq)) == NULL) {
5439 #if IPSEC_DEBUG
5440 printf("key_acquire2: "
5441 "invalid sequence number is passed.\n");
5442 #endif
5443 return (struct sadb_msg *)~0;
5444 }
5445
5446 /* reset acq counter in order to deletion by timehander. */
5447 acq->tick = key_blockacq_lifetime;
5448 acq->count = 0;
5449 #endif
5450 return (struct sadb_msg *)~0;
5451 /* NOTREACHED */
5452 }
5453
5454 /*
5455 * This message is from user land.
5456 */
5457
5458 /* map satype to proto */
5459 if ((proto = key_satype2proto(msg0->sadb_msg_satype)) == 0) {
5460 #if IPSEC_DEBUG
5461 printf("key_acquire2: invalid satype is passed.\n");
5462 #endif
5463 msg0->sadb_msg_errno = EINVAL;
5464 return NULL;
5465 }
5466
5467 if (mhp[SADB_EXT_ADDRESS_SRC] == NULL
5468 || mhp[SADB_EXT_ADDRESS_DST] == NULL
5469 || mhp[SADB_EXT_PROPOSAL] == NULL) {
5470 /* error */
5471 #if IPSEC_DEBUG
5472 printf("key_acquire2: invalid message is passed.\n");
5473 #endif
5474 msg0->sadb_msg_errno = EINVAL;
5475 return NULL;
5476 }
5477 src0 = (struct sadb_address *)(mhp[SADB_EXT_ADDRESS_SRC]);
5478 dst0 = (struct sadb_address *)(mhp[SADB_EXT_ADDRESS_DST]);
5479
5480 KEY_SETSECASIDX(proto, msg0, src0+1, dst0+1, &saidx);
5481
5482 /* get a SA index */
5483 if ((sah = key_getsah(&saidx)) != NULL) {
5484 #if IPSEC_DEBUG
5485 printf("key_acquire2: a SA exists already.\n");
5486 #endif
5487 msg0->sadb_msg_errno = EEXIST;
5488 return NULL;
5489 }
5490
5491 msg0->sadb_msg_errno = key_acquire(&saidx, NULL);
5492 if (msg0->sadb_msg_errno != 0) {
5493 #if IPSEC_DEBUG
5494 printf("key_acquire2: error %d returned "
5495 "from key_acquire.\n", msg0->sadb_msg_errno);
5496 #endif
5497 return NULL;
5498 }
5499
5500 {
5501 struct sadb_msg *newmsg;
5502 u_int len;
5503
5504 /* create new sadb_msg to reply. */
5505 len = PFKEY_UNUNIT64(msg0->sadb_msg_len);
5506
5507 KMALLOC(newmsg, struct sadb_msg *, len);
5508 if (newmsg == NULL) {
5509 #if IPSEC_DEBUG
5510 printf("key_acquire2: No more memory.\n");
5511 #endif
5512 msg0->sadb_msg_errno = ENOBUFS;
5513 return NULL;
5514 }
5515 bzero((caddr_t)newmsg, len);
5516
5517 bcopy(mhp[0], (caddr_t)newmsg, len);
5518
5519 return newmsg;
5520 }
5521 }
5522
5523 /*
5524 * SADB_REGISTER processing.
5525 * If SATYPE_UNSPEC has been passed as satype, only return sabd_supported.
5526 * receive
5527 * <base>
5528 * from the ikmpd, and register a socket to send PF_KEY messages,
5529 * and send
5530 * <base, supported>
5531 * to KMD by PF_KEY.
5532 * If socket is detached, must free from regnode.
5533 * OUT:
5534 * 0 : succeed
5535 * others: error number
5536 */
5537 static struct sadb_msg *
5538 key_register(mhp, so)
5539 caddr_t *mhp;
5540 struct socket *so;
5541 {
5542 struct sadb_msg *msg0;
5543 struct secreg *reg, *newreg = 0;
5544
5545 /* sanity check */
5546 if (mhp == NULL || so == NULL || mhp[0] == NULL)
5547 panic("key_register: NULL pointer is passed.\n");
5548
5549 msg0 = (struct sadb_msg *)mhp[0];
5550
5551 /* check for invalid register message */
5552 if (msg0->sadb_msg_satype >= sizeof(regtree)/sizeof(regtree[0])) {
5553 msg0->sadb_msg_errno = EINVAL;
5554 return NULL;
5555 }
5556
5557 /* When SATYPE_UNSPEC is specified, only return sabd_supported. */
5558 if (msg0->sadb_msg_satype == SADB_SATYPE_UNSPEC)
5559 goto setmsg;
5560
5561 /* check whether existing or not */
5562 LIST_FOREACH(reg, &regtree[msg0->sadb_msg_satype], chain) {
5563 if (reg->so == so) {
5564 #if IPSEC_DEBUG
5565 printf("key_register: socket exists already.\n");
5566 #endif
5567 msg0->sadb_msg_errno = EEXIST;
5568 return NULL;
5569 }
5570 }
5571
5572 /* create regnode */
5573 KMALLOC(newreg, struct secreg *, sizeof(struct secreg));
5574 if (newreg == NULL) {
5575 #if IPSEC_DEBUG
5576 printf("key_register: No more memory.\n");
5577 #endif
5578 msg0->sadb_msg_errno = ENOBUFS;
5579 return NULL;
5580 }
5581 bzero((caddr_t)newreg, sizeof(struct secreg));
5582
5583 newreg->so = so;
5584 ((struct keycb *)sotorawcb(so))->kp_registered++;
5585
5586 /* add regnode to regtree. */
5587 LIST_INSERT_HEAD(&regtree[msg0->sadb_msg_satype], newreg, chain);
5588
5589 setmsg:
5590 {
5591 struct sadb_msg *newmsg;
5592 struct sadb_supported *sup;
5593 u_int len, alen, elen;
5594 caddr_t p;
5595
5596 /* create new sadb_msg to reply. */
5597 alen = sizeof(struct sadb_supported)
5598 + ((SADB_AALG_MAX - 1) * sizeof(struct sadb_alg));
5599
5600 #if IPSEC_ESP
5601 elen = sizeof(struct sadb_supported)
5602 + ((SADB_EALG_MAX - 1) * sizeof(struct sadb_alg));
5603 #else
5604 elen = 0;
5605 #endif
5606
5607 len = sizeof(struct sadb_msg)
5608 + alen
5609 + elen;
5610
5611 KMALLOC(newmsg, struct sadb_msg *, len);
5612 if (newmsg == NULL) {
5613 #if IPSEC_DEBUG
5614 printf("key_register: No more memory.\n");
5615 #endif
5616 msg0->sadb_msg_errno = ENOBUFS;
5617 return NULL;
5618 }
5619 bzero((caddr_t)newmsg, len);
5620
5621 bcopy((caddr_t)mhp[0], (caddr_t)newmsg, sizeof(*msg0));
5622 newmsg->sadb_msg_errno = 0;
5623 newmsg->sadb_msg_len = PFKEY_UNIT64(len);
5624 p = (caddr_t)newmsg + sizeof(*msg0);
5625
5626 /* for authentication algorithm */
5627 sup = (struct sadb_supported *)p;
5628 sup->sadb_supported_len = PFKEY_UNIT64(alen);
5629 sup->sadb_supported_exttype = SADB_EXT_SUPPORTED_AUTH;
5630 p += sizeof(*sup);
5631
5632 {
5633 int i;
5634 struct sadb_alg *alg;
5635 struct ah_algorithm *algo;
5636
5637 for (i = 1; i < SADB_AALG_MAX; i++) {
5638 algo = &ah_algorithms[i];
5639 alg = (struct sadb_alg *)p;
5640 alg->sadb_alg_id = i;
5641 alg->sadb_alg_ivlen = 0;
5642 alg->sadb_alg_minbits = algo->keymin;
5643 alg->sadb_alg_maxbits = algo->keymax;
5644 p += sizeof(struct sadb_alg);
5645 }
5646 }
5647
5648 #if IPSEC_ESP
5649 /* for encryption algorithm */
5650 sup = (struct sadb_supported *)p;
5651 sup->sadb_supported_len = PFKEY_UNIT64(elen);
5652 sup->sadb_supported_exttype = SADB_EXT_SUPPORTED_ENCRYPT;
5653 p += sizeof(*sup);
5654
5655 {
5656 int i;
5657 struct sadb_alg *alg;
5658 struct esp_algorithm *algo;
5659
5660 for (i = 1; i < SADB_EALG_MAX; i++) {
5661 algo = &esp_algorithms[i];
5662
5663 alg = (struct sadb_alg *)p;
5664 alg->sadb_alg_id = i;
5665 if (algo && algo->ivlen) {
5666 /*
5667 * give NULL to get the value preferred by algorithm
5668 * XXX SADB_X_EXT_DERIV ?
5669 */
5670 alg->sadb_alg_ivlen = (*algo->ivlen)(NULL);
5671 } else
5672 alg->sadb_alg_ivlen = 0;
5673 alg->sadb_alg_minbits = algo->keymin;
5674 alg->sadb_alg_maxbits = algo->keymax;
5675 p += sizeof(struct sadb_alg);
5676 }
5677 }
5678 #endif
5679
5680 return newmsg;
5681 }
5682 }
5683
5684 /*
5685 * free secreg entry registered.
5686 * XXX: I want to do free a socket marked done SADB_RESIGER to socket.
5687 */
5688 void
5689 key_freereg(so)
5690 struct socket *so;
5691 {
5692 struct secreg *reg;
5693 int i;
5694
5695 /* sanity check */
5696 if (so == NULL)
5697 panic("key_freereg: NULL pointer is passed.\n");
5698
5699 /*
5700 * check whether existing or not.
5701 * check all type of SA, because there is a potential that
5702 * one socket is registered to multiple type of SA.
5703 */
5704 for (i = 0; i <= SADB_SATYPE_MAX; i++) {
5705 LIST_FOREACH(reg, &regtree[i], chain) {
5706 if (reg->so == so
5707 && __LIST_CHAINED(reg)) {
5708 LIST_REMOVE(reg, chain);
5709 KFREE(reg);
5710 break;
5711 }
5712 }
5713 }
5714
5715 return;
5716 }
5717
5718 /*
5719 * SADB_EXPIRE processing
5720 * send
5721 * <base, SA, lifetime(C and one of HS), address(SD)>
5722 * to KMD by PF_KEY.
5723 * NOTE: We send only soft lifetime extension.
5724 *
5725 * OUT: 0 : succeed
5726 * others : error number
5727 */
5728 static int
5729 key_expire(sav)
5730 struct secasvar *sav;
5731 {
5732 int s;
5733 int satype;
5734
5735 /* XXX: Why do we lock ? */
5736 #ifdef __NetBSD__
5737 s = splsoftnet(); /*called from softclock()*/
5738 #else
5739 s = splnet(); /*called from softclock()*/
5740 #endif
5741
5742 /* sanity check */
5743 if (sav == NULL)
5744 panic("key_expire: NULL pointer is passed.\n");
5745 if (sav->sah == NULL)
5746 panic("key_expire: Why was SA index in SA NULL.\n");
5747 if ((satype = key_proto2satype(sav->sah->saidx.proto)) == 0)
5748 panic("key_expire: invalid proto is passed.\n");
5749
5750 {
5751 struct sadb_msg *newmsg = NULL;
5752 u_int len;
5753 caddr_t p;
5754 int error;
5755
5756 /* create new sadb_msg to reply. */
5757 len = sizeof(struct sadb_msg)
5758 + sizeof(struct sadb_sa)
5759 + sizeof(struct sadb_lifetime)
5760 + sizeof(struct sadb_lifetime)
5761 + sizeof(struct sadb_address)
5762 + PFKEY_ALIGN8(sav->sah->saidx.src.ss_len)
5763 + sizeof(struct sadb_address)
5764 + PFKEY_ALIGN8(sav->sah->saidx.dst.ss_len);
5765
5766 KMALLOC(newmsg, struct sadb_msg *, len);
5767 if (newmsg == NULL) {
5768 #if IPSEC_DEBUG
5769 printf("key_expire: No more memory.\n");
5770 #endif
5771 splx(s);
5772 return ENOBUFS;
5773 }
5774 bzero((caddr_t)newmsg, len);
5775
5776 /* set msg header */
5777 p = key_setsadbmsg((caddr_t)newmsg, SADB_EXPIRE, len,
5778 satype, sav->seq, 0,
5779 sav->sah->saidx.mode, sav->sah->saidx.reqid,
5780 0, sav->refcnt);
5781
5782 /* create SA extension */
5783 p = key_setsadbsa(p, sav);
5784
5785 /* create lifetime extension */
5786 {
5787 struct sadb_lifetime *m_lt = (struct sadb_lifetime *)p;
5788
5789 m_lt->sadb_lifetime_len = PFKEY_UNIT64(sizeof(struct sadb_lifetime));
5790 m_lt->sadb_lifetime_exttype = SADB_EXT_LIFETIME_CURRENT;
5791 m_lt->sadb_lifetime_allocations = sav->lft_c->sadb_lifetime_allocations;
5792 m_lt->sadb_lifetime_bytes = sav->lft_c->sadb_lifetime_bytes;
5793 m_lt->sadb_lifetime_addtime = sav->lft_c->sadb_lifetime_addtime;
5794 m_lt->sadb_lifetime_usetime = sav->lft_c->sadb_lifetime_usetime;
5795 p += sizeof(struct sadb_lifetime);
5796
5797 /* copy SOFT lifetime extension. */
5798 bcopy(sav->lft_s, p, sizeof(struct sadb_lifetime));
5799 p += sizeof(struct sadb_lifetime);
5800 }
5801
5802 /* set sadb_address for source */
5803 p = key_setsadbaddr(p,
5804 SADB_EXT_ADDRESS_SRC,
5805 (struct sockaddr *)&sav->sah->saidx.src,
5806 _INALENBYAF(sav->sah->saidx.src.ss_family) << 3,
5807 IPSEC_ULPROTO_ANY);
5808
5809 /* set sadb_address for destination */
5810 p = key_setsadbaddr(p,
5811 SADB_EXT_ADDRESS_DST,
5812 (struct sockaddr *)&sav->sah->saidx.dst,
5813 _INALENBYAF(sav->sah->saidx.dst.ss_family) << 3,
5814 IPSEC_ULPROTO_ANY);
5815
5816 error = key_sendall(newmsg, len);
5817 splx(s);
5818 return error;
5819 }
5820 }
5821
5822 /*
5823 * SADB_FLUSH processing
5824 * receive
5825 * <base>
5826 * from the ikmpd, and free all entries in secastree.
5827 * and send,
5828 * <base>
5829 * to the ikmpd.
5830 * NOTE: to do is only marking SADB_SASTATE_DEAD.
5831 *
5832 * IN: mhp: pointer to the pointer to each header.
5833 * OUT: NULL if fail.
5834 * other if success, return pointer to the message to send.
5835 */
5836 static struct sadb_msg *
5837 key_flush(mhp)
5838 caddr_t *mhp;
5839 {
5840 struct sadb_msg *msg0;
5841 struct secashead *sah, *nextsah;
5842 struct secasvar *sav, *nextsav;
5843 u_int16_t proto;
5844 u_int8_t state;
5845 u_int stateidx;
5846
5847 /* sanity check */
5848 if (mhp == NULL || mhp[0] == NULL)
5849 panic("key_flush: NULL pointer is passed.\n");
5850
5851 msg0 = (struct sadb_msg *)mhp[0];
5852
5853 /* map satype to proto */
5854 if ((proto = key_satype2proto(msg0->sadb_msg_satype)) == 0) {
5855 #if IPSEC_DEBUG
5856 printf("key_flush: invalid satype is passed.\n");
5857 #endif
5858 msg0->sadb_msg_errno = EINVAL;
5859 return NULL;
5860 }
5861
5862 /* no SATYPE specified, i.e. flushing all SA. */
5863 for (sah = LIST_FIRST(&sahtree);
5864 sah != NULL;
5865 sah = nextsah) {
5866
5867 nextsah = LIST_NEXT(sah, chain);
5868
5869 if (msg0->sadb_msg_satype != SADB_SATYPE_UNSPEC
5870 && proto != sah->saidx.proto)
5871 continue;
5872
5873 for (stateidx = 0;
5874 stateidx < _ARRAYLEN(saorder_state_alive);
5875 stateidx++) {
5876
5877 state = saorder_state_any[stateidx];
5878 for (sav = LIST_FIRST(&sah->savtree[state]);
5879 sav != NULL;
5880 sav = nextsav) {
5881
5882 nextsav = LIST_NEXT(sav, chain);
5883
5884 key_sa_chgstate(sav, SADB_SASTATE_DEAD);
5885 key_freesav(sav);
5886 }
5887 }
5888
5889 sah->state = SADB_SASTATE_DEAD;
5890 }
5891
5892 {
5893 struct sadb_msg *newmsg;
5894 u_int len;
5895
5896 /* create new sadb_msg to reply. */
5897 len = sizeof(struct sadb_msg);
5898
5899 KMALLOC(newmsg, struct sadb_msg *, len);
5900 if (newmsg == NULL) {
5901 #if IPSEC_DEBUG
5902 printf("key_flush: No more memory.\n");
5903 #endif
5904 msg0->sadb_msg_errno = ENOBUFS;
5905 return NULL;
5906 }
5907 bzero((caddr_t)newmsg, len);
5908
5909 bcopy((caddr_t)mhp[0], (caddr_t)newmsg, sizeof(*msg0));
5910 newmsg->sadb_msg_errno = 0;
5911 newmsg->sadb_msg_len = PFKEY_UNIT64(len);
5912
5913 return newmsg;
5914 }
5915 }
5916
5917 /*
5918 * SADB_DUMP processing
5919 * dump all entries including status of DEAD in SAD.
5920 * receive
5921 * <base>
5922 * from the ikmpd, and dump all secasvar leaves
5923 * and send,
5924 * <base> .....
5925 * to the ikmpd.
5926 *
5927 * IN: mhp: pointer to the pointer to each header.
5928 * OUT: error code. 0 on success.
5929 */
5930 static int
5931 key_dump(mhp, so, target)
5932 caddr_t *mhp;
5933 struct socket *so;
5934 int target;
5935 {
5936 struct sadb_msg *msg0;
5937 struct secashead *sah;
5938 struct secasvar *sav;
5939 u_int16_t proto;
5940 u_int stateidx;
5941 u_int8_t satype;
5942 u_int8_t state;
5943 int len, cnt;
5944 struct sadb_msg *newmsg;
5945
5946 /* sanity check */
5947 if (mhp == NULL || mhp[0] == NULL)
5948 panic("key_dump: NULL pointer is passed.\n");
5949
5950 msg0 = (struct sadb_msg *)mhp[0];
5951
5952 /* map satype to proto */
5953 if ((proto = key_satype2proto(msg0->sadb_msg_satype)) == 0) {
5954 #if IPSEC_DEBUG
5955 printf("key_dump: invalid satype is passed.\n");
5956 #endif
5957 msg0->sadb_msg_errno = EINVAL;
5958 return NULL;
5959 }
5960
5961 /* count sav entries to be sent to the userland. */
5962 cnt = 0;
5963 LIST_FOREACH(sah, &sahtree, chain) {
5964
5965 if (msg0->sadb_msg_satype != SADB_SATYPE_UNSPEC
5966 && proto != sah->saidx.proto)
5967 continue;
5968
5969 for (stateidx = 0;
5970 stateidx < _ARRAYLEN(saorder_state_any);
5971 stateidx++) {
5972
5973 state = saorder_state_any[stateidx];
5974 LIST_FOREACH(sav, &sah->savtree[state], chain) {
5975 cnt++;
5976 }
5977 }
5978 }
5979
5980 if (cnt == 0)
5981 return ENOENT;
5982
5983 /* send this to the userland, one at a time. */
5984 newmsg = NULL;
5985 LIST_FOREACH(sah, &sahtree, chain) {
5986
5987 if (msg0->sadb_msg_satype != SADB_SATYPE_UNSPEC
5988 && proto != sah->saidx.proto)
5989 continue;
5990
5991 /* map proto to satype */
5992 if ((satype = key_proto2satype(sah->saidx.proto)) == 0) {
5993 #if IPSEC_DEBUG
5994 printf("key_dump: there was invalid proto in SAD.\n");
5995 #endif
5996 msg0->sadb_msg_errno = EINVAL;
5997 return NULL;
5998 }
5999
6000 for (stateidx = 0;
6001 stateidx < _ARRAYLEN(saorder_state_any);
6002 stateidx++) {
6003
6004 state = saorder_state_any[stateidx];
6005 LIST_FOREACH(sav, &sah->savtree[state], chain) {
6006
6007 len = key_getmsglen(sav);
6008 KMALLOC(newmsg, struct sadb_msg *, len);
6009 if (newmsg == NULL) {
6010 #if IPSEC_DEBUG
6011 printf("key_dump: No more memory.\n");
6012 #endif
6013 return ENOBUFS;
6014 }
6015 bzero((caddr_t)newmsg, len);
6016
6017 --cnt;
6018 (void)key_setdumpsa(newmsg, sav, SADB_DUMP,
6019 satype, cnt, msg0->sadb_msg_pid);
6020
6021 key_sendup(so, newmsg, len, target);
6022 KFREE(newmsg);
6023 newmsg = NULL;
6024 }
6025 }
6026 }
6027
6028 return 0;
6029 }
6030
6031 /*
6032 * SADB_X_PROMISC processing
6033 */
6034 static void
6035 key_promisc(mhp, so)
6036 caddr_t *mhp;
6037 struct socket *so;
6038 {
6039 struct sadb_msg *msg0;
6040 int olen;
6041
6042 /* sanity check */
6043 if (mhp == NULL || mhp[0] == NULL)
6044 panic("key_promisc: NULL pointer is passed.\n");
6045
6046 msg0 = (struct sadb_msg *)mhp[0];
6047 olen = PFKEY_UNUNIT64(msg0->sadb_msg_len);
6048
6049 if (olen < sizeof(struct sadb_msg)) {
6050 return;
6051 } else if (olen == sizeof(struct sadb_msg)) {
6052 /* enable/disable promisc mode */
6053 struct keycb *kp;
6054 int target = 0;
6055
6056 target = KEY_SENDUP_ONE;
6057
6058 if (so == NULL) {
6059 return;
6060 }
6061 if ((kp = (struct keycb *)sotorawcb(so)) == NULL) {
6062 msg0->sadb_msg_errno = EINVAL;
6063 goto sendorig;
6064 }
6065 msg0->sadb_msg_errno = 0;
6066 if (msg0->sadb_msg_satype == 1 || msg0->sadb_msg_satype == 0) {
6067 kp->kp_promisc = msg0->sadb_msg_satype;
6068 } else {
6069 msg0->sadb_msg_errno = EINVAL;
6070 goto sendorig;
6071 }
6072
6073 /* send the original message back to everyone */
6074 msg0->sadb_msg_errno = 0;
6075 target = KEY_SENDUP_ALL;
6076 sendorig:
6077 key_sendup(so, msg0, PFKEY_UNUNIT64(msg0->sadb_msg_len), target);
6078 } else {
6079 /* send packet as is */
6080 struct sadb_msg *msg;
6081 int len;
6082
6083 len = olen - sizeof(struct sadb_msg);
6084 KMALLOC(msg, struct sadb_msg *, len);
6085 if (msg == NULL) {
6086 msg0->sadb_msg_errno = ENOBUFS;
6087 key_sendup(so, msg0, PFKEY_UNUNIT64(msg0->sadb_msg_len),
6088 KEY_SENDUP_ONE); /*XXX*/
6089 }
6090
6091 /* XXX if sadb_msg_seq is specified, send to specific pid */
6092 key_sendup(so, msg, len, KEY_SENDUP_ALL);
6093 KFREE(msg);
6094 }
6095 }
6096
6097 /*
6098 * send message to the socket.
6099 * OUT:
6100 * 0 : success
6101 * others : fail
6102 */
6103 static int
6104 key_sendall(msg, len)
6105 struct sadb_msg *msg;
6106 u_int len;
6107 {
6108 struct secreg *reg;
6109 int error = 0;
6110
6111 /* sanity check */
6112 if (msg == NULL)
6113 panic("key_sendall: NULL pointer is passed.\n");
6114
6115 /* search table registerd socket to send a message. */
6116 LIST_FOREACH(reg, &regtree[msg->sadb_msg_satype], chain) {
6117 error = key_sendup(reg->so, msg, len, KEY_SENDUP_ONE);
6118 if (error != 0) {
6119 #if IPSEC_DEBUG
6120 if (error == ENOBUFS)
6121 printf("key_sendall: No more memory.\n");
6122 else {
6123 printf("key_sendall: key_sendup returned %d\n",
6124 error);
6125 }
6126 #endif
6127 KFREE(msg);
6128 return error;
6129 }
6130 }
6131
6132 KFREE(msg);
6133 return 0;
6134 }
6135
6136 /*
6137 * parse sadb_msg buffer to process PFKEYv2,
6138 * and create a data to response if needed.
6139 * I think to be dealed with mbuf directly.
6140 * IN:
6141 * msgp : pointer to pointer to a received buffer pulluped.
6142 * This is rewrited to response.
6143 * so : pointer to socket.
6144 * OUT:
6145 * length for buffer to send to user process.
6146 */
6147 int
6148 key_parse(msgp, so, targetp)
6149 struct sadb_msg **msgp;
6150 struct socket *so;
6151 int *targetp;
6152 {
6153 struct sadb_msg *msg = *msgp, *newmsg = NULL;
6154 caddr_t mhp[SADB_EXT_MAX + 1];
6155 u_int orglen;
6156 int error;
6157
6158 /* sanity check */
6159 if (msg == NULL || so == NULL)
6160 panic("key_parse: NULL pointer is passed.\n");
6161
6162 KEYDEBUG(KEYDEBUG_KEY_DUMP,
6163 printf("key_parse: passed sadb_msg\n");
6164 kdebug_sadb(msg));
6165
6166 orglen = PFKEY_UNUNIT64(msg->sadb_msg_len);
6167
6168 if (targetp)
6169 *targetp = KEY_SENDUP_ONE;
6170
6171 /* check version */
6172 if (msg->sadb_msg_version != PF_KEY_V2) {
6173 #if IPSEC_DEBUG
6174 printf("key_parse: PF_KEY version %u is mismatched.\n",
6175 msg->sadb_msg_version);
6176 #endif
6177 pfkeystat.out_invver++;
6178 msg->sadb_msg_errno = EINVAL;
6179 return orglen;
6180 }
6181
6182 /* check type */
6183 if (msg->sadb_msg_type > SADB_MAX) {
6184 #if IPSEC_DEBUG
6185 printf("key_parse: invalid type %u is passed.\n",
6186 msg->sadb_msg_type);
6187 #endif
6188 msg->sadb_msg_errno = EINVAL;
6189 pfkeystat.out_invmsgtype++;
6190 return orglen;
6191 }
6192
6193 /* align message. */
6194 if (key_align(msg, mhp) != 0) {
6195 msg->sadb_msg_errno = EINVAL;
6196 return orglen;
6197 }
6198
6199 /* check SA type */
6200 switch (msg->sadb_msg_satype) {
6201 case SADB_SATYPE_UNSPEC:
6202 switch (msg->sadb_msg_type) {
6203 case SADB_GETSPI:
6204 case SADB_UPDATE:
6205 case SADB_ADD:
6206 case SADB_DELETE:
6207 case SADB_GET:
6208 case SADB_ACQUIRE:
6209 case SADB_EXPIRE:
6210 #if IPSEC_DEBUG
6211 printf("key_parse: must specify satype "
6212 "when msg type=%u.\n",
6213 msg->sadb_msg_type);
6214 #endif
6215 msg->sadb_msg_errno = EINVAL;
6216 pfkeystat.out_invsatype++;
6217 return orglen;
6218 }
6219 break;
6220 case SADB_SATYPE_AH:
6221 case SADB_SATYPE_ESP:
6222 #if 1 /*nonstandard*/
6223 case SADB_X_SATYPE_IPCOMP:
6224 #endif
6225 switch (msg->sadb_msg_type) {
6226 case SADB_X_SPDADD:
6227 case SADB_X_SPDDELETE:
6228 case SADB_X_SPDGET:
6229 case SADB_X_SPDDUMP:
6230 case SADB_X_SPDFLUSH:
6231 case SADB_X_SPDSETIDX:
6232 case SADB_X_SPDUPDATE:
6233 case SADB_X_SPDDELETE2:
6234 #if IPSEC_DEBUG
6235 printf("key_parse: illegal satype=%u\n",
6236 msg->sadb_msg_type);
6237 #endif
6238 msg->sadb_msg_errno = EINVAL;
6239 pfkeystat.out_invsatype++;
6240 return orglen;
6241 }
6242 break;
6243 case SADB_SATYPE_RSVP:
6244 case SADB_SATYPE_OSPFV2:
6245 case SADB_SATYPE_RIPV2:
6246 case SADB_SATYPE_MIP:
6247 #if IPSEC_DEBUG
6248 printf("key_parse: type %u isn't supported.\n",
6249 msg->sadb_msg_satype);
6250 #endif
6251 msg->sadb_msg_errno = EOPNOTSUPP;
6252 pfkeystat.out_invsatype++;
6253 return orglen;
6254 case 1: /* XXX: What does it do ? */
6255 if (msg->sadb_msg_type == SADB_X_PROMISC)
6256 break;
6257 /*FALLTHROUGH*/
6258 default:
6259 #if IPSEC_DEBUG
6260 printf("key_parse: invalid type %u is passed.\n",
6261 msg->sadb_msg_satype);
6262 #endif
6263 msg->sadb_msg_errno = EINVAL;
6264 pfkeystat.out_invsatype++;
6265 return orglen;
6266 }
6267
6268 /* check field of upper layer protocol and address family */
6269 if (mhp[SADB_EXT_ADDRESS_SRC] != NULL
6270 && mhp[SADB_EXT_ADDRESS_DST] != NULL) {
6271 struct sadb_address *src0, *dst0;
6272 u_int prefix;
6273
6274 src0 = (struct sadb_address *)(mhp[SADB_EXT_ADDRESS_SRC]);
6275 dst0 = (struct sadb_address *)(mhp[SADB_EXT_ADDRESS_DST]);
6276
6277 /* check upper layer protocol */
6278 if (src0->sadb_address_proto != dst0->sadb_address_proto) {
6279 #if IPSEC_DEBUG
6280 printf("key_parse: upper layer protocol mismatched.\n");
6281 #endif
6282 msg->sadb_msg_errno = EINVAL;
6283 pfkeystat.out_invaddr++;
6284 return orglen;
6285 }
6286
6287 /* check family */
6288 if (PFKEY_ADDR_SADDR(src0)->sa_family
6289 != PFKEY_ADDR_SADDR(dst0)->sa_family) {
6290 #if IPSEC_DEBUG
6291 printf("key_parse: address family mismatched.\n");
6292 #endif
6293 msg->sadb_msg_errno = EINVAL;
6294 pfkeystat.out_invaddr++;
6295 return orglen;
6296 }
6297
6298 prefix = _INALENBYAF(PFKEY_ADDR_SADDR(src0)->sa_family) << 3;
6299
6300 /* check max prefixlen */
6301 if (prefix < src0->sadb_address_prefixlen
6302 || prefix < dst0->sadb_address_prefixlen) {
6303 #if IPSEC_DEBUG
6304 printf("key_parse: illegal prefixlen.\n");
6305 #endif
6306 msg->sadb_msg_errno = EINVAL;
6307 pfkeystat.out_invaddr++;
6308 return orglen;
6309 }
6310
6311 switch (PFKEY_ADDR_SADDR(src0)->sa_family) {
6312 case AF_INET:
6313 case AF_INET6:
6314 break;
6315 default:
6316 #if IPSEC_DEBUG
6317 printf("key_parse: invalid address family.\n");
6318 #endif
6319 msg->sadb_msg_errno = EINVAL;
6320 pfkeystat.out_invaddr++;
6321 return orglen;
6322 }
6323
6324 /*
6325 * prefixlen == 0 is valid because there can be a case when
6326 * all addresses are matched.
6327 */
6328 }
6329
6330 switch (msg->sadb_msg_type) {
6331 case SADB_GETSPI:
6332 if ((newmsg = key_getspi(mhp)) == NULL)
6333 return orglen;
6334 if (targetp)
6335 *targetp = KEY_SENDUP_ALL;
6336 break;
6337
6338 case SADB_UPDATE:
6339 if ((newmsg = key_update(mhp)) == NULL)
6340 return orglen;
6341 if (targetp)
6342 *targetp = KEY_SENDUP_ALL;
6343 break;
6344
6345 case SADB_ADD:
6346 if ((newmsg = key_add(mhp)) == NULL)
6347 return orglen;
6348 if (targetp)
6349 *targetp = KEY_SENDUP_ALL;
6350 break;
6351
6352 case SADB_DELETE:
6353 if ((newmsg = key_delete(mhp)) == NULL)
6354 return orglen;
6355 if (targetp)
6356 *targetp = KEY_SENDUP_ALL;
6357 break;
6358
6359 case SADB_GET:
6360 if ((newmsg = key_get(mhp)) == NULL)
6361 return orglen;
6362 break;
6363
6364 case SADB_ACQUIRE:
6365 if ((newmsg = key_acquire2(mhp)) == NULL)
6366 return orglen;
6367
6368 if (newmsg == (struct sadb_msg *)~0) {
6369 /*
6370 * It's not need to reply because of the message
6371 * that was reporting an error occured from the KMd.
6372 */
6373 KFREE(msg);
6374 return 0;
6375 }
6376 break;
6377
6378 case SADB_REGISTER:
6379 if ((newmsg = key_register(mhp, so)) == NULL)
6380 return orglen;
6381 #if 1
6382 if (targetp)
6383 *targetp = KEY_SENDUP_REGISTERED;
6384 #else
6385 /* send result to all registered sockets */
6386 KFREE(msg);
6387 key_sendall(newmsg, PFKEY_UNUNIT64(newmsg->sadb_msg_len));
6388 return 0;
6389 #endif
6390 break;
6391
6392 case SADB_EXPIRE:
6393 #if IPSEC_DEBUG
6394 printf("key_parse: why is SADB_EXPIRE received ?\n");
6395 #endif
6396 msg->sadb_msg_errno = EINVAL;
6397 if (targetp)
6398 *targetp = KEY_SENDUP_ALL;
6399 pfkeystat.out_invmsgtype++;
6400 return orglen;
6401
6402 case SADB_FLUSH:
6403 if ((newmsg = key_flush(mhp)) == NULL)
6404 return orglen;
6405 if (targetp)
6406 *targetp = KEY_SENDUP_ALL;
6407 break;
6408
6409 case SADB_DUMP:
6410 /* key_dump will call key_sendup() on her own */
6411 error = key_dump(mhp, so, KEY_SENDUP_ONE);
6412 if (error) {
6413 msg->sadb_msg_errno = error;
6414 return orglen;
6415 } else {
6416 KFREE(msg);
6417 return 0;
6418 }
6419 break;
6420
6421 case SADB_X_PROMISC:
6422 /* everything is handled in key_promisc() */
6423 key_promisc(mhp, so);
6424 KFREE(msg);
6425 return 0; /*nothing to reply*/
6426
6427 case SADB_X_PCHANGE:
6428 #if IPSEC_DEBUG
6429 printf("key_parse: SADB_X_PCHANGE isn't supported.\n");
6430 #endif
6431 msg->sadb_msg_errno = EINVAL;
6432 pfkeystat.out_invmsgtype++;
6433 return orglen;
6434 #if 0
6435 if (targetp)
6436 *targetp = KEY_SENDUP_REGISTERED;
6437 #endif
6438
6439 case SADB_X_SPDADD:
6440 case SADB_X_SPDSETIDX:
6441 case SADB_X_SPDUPDATE:
6442 if ((newmsg = key_spdadd(mhp)) == NULL)
6443 return orglen;
6444 if (targetp)
6445 *targetp = KEY_SENDUP_ALL;
6446 break;
6447
6448 case SADB_X_SPDDELETE:
6449 if ((newmsg = key_spddelete(mhp)) == NULL)
6450 return orglen;
6451 if (targetp)
6452 *targetp = KEY_SENDUP_ALL;
6453 break;
6454
6455 case SADB_X_SPDDELETE2:
6456 if ((newmsg = key_spddelete2(mhp)) == NULL)
6457 return orglen;
6458 if (targetp)
6459 *targetp = KEY_SENDUP_ALL;
6460 break;
6461
6462 case SADB_X_SPDGET:
6463 /* key_spdget will call key_sendup() on her own */
6464 error = key_spdget(mhp, so, KEY_SENDUP_ONE);
6465 if (error) {
6466 msg->sadb_msg_errno = error;
6467 return orglen;
6468 } else {
6469 KFREE(msg);
6470 return 0;
6471 }
6472 break;
6473
6474 case SADB_X_SPDDUMP:
6475 /* key_spddump will call key_sendup() on her own */
6476 error = key_spddump(mhp, so, KEY_SENDUP_ONE);
6477 if (error) {
6478 msg->sadb_msg_errno = error;
6479 return orglen;
6480 } else {
6481 KFREE(msg);
6482 return 0;
6483 }
6484 break;
6485
6486 case SADB_X_SPDFLUSH:
6487 if ((newmsg = key_spdflush(mhp)) == NULL)
6488 return orglen;
6489 if (targetp)
6490 *targetp = KEY_SENDUP_ALL;
6491 break;
6492
6493 default:
6494 msg->sadb_msg_errno = EOPNOTSUPP;
6495 return orglen;
6496 }
6497
6498 /* switch from old sadb_msg to new one if success. */
6499 KFREE(msg);
6500 *msgp = newmsg;
6501
6502 return PFKEY_UNUNIT64((*msgp)->sadb_msg_len);
6503 }
6504
6505 /*
6506 * set the pointer to each header into message buffer.
6507 * IN: msg: pointer to message buffer.
6508 * mhp: pointer to the buffer allocated like below:
6509 * caddr_t mhp[SADB_EXT_MAX + 1];
6510 * OUT: 0:
6511 * EINVAL:
6512 */
6513 static int
6514 key_align(msg, mhp)
6515 struct sadb_msg *msg;
6516 caddr_t *mhp;
6517 {
6518 struct sadb_ext *ext;
6519 int tlen, extlen;
6520 int i;
6521
6522 /* sanity check */
6523 if (msg == NULL || mhp == NULL)
6524 panic("key_align: NULL pointer is passed.\n");
6525
6526 /* initialize */
6527 for (i = 0; i < SADB_EXT_MAX + 1; i++)
6528 mhp[i] = NULL;
6529
6530 mhp[0] = (caddr_t)msg;
6531
6532 tlen = PFKEY_UNUNIT64(msg->sadb_msg_len) - sizeof(struct sadb_msg);
6533 ext = (struct sadb_ext *)((caddr_t)msg + sizeof(struct sadb_msg));
6534
6535 while (tlen > 0) {
6536 /* set pointer */
6537 switch (ext->sadb_ext_type) {
6538 case SADB_EXT_SA:
6539 case SADB_EXT_LIFETIME_CURRENT:
6540 case SADB_EXT_LIFETIME_HARD:
6541 case SADB_EXT_LIFETIME_SOFT:
6542 case SADB_EXT_ADDRESS_SRC:
6543 case SADB_EXT_ADDRESS_DST:
6544 case SADB_EXT_ADDRESS_PROXY:
6545 case SADB_EXT_KEY_AUTH:
6546 case SADB_EXT_KEY_ENCRYPT:
6547 case SADB_EXT_IDENTITY_SRC:
6548 case SADB_EXT_IDENTITY_DST:
6549 case SADB_EXT_SENSITIVITY:
6550 case SADB_EXT_PROPOSAL:
6551 case SADB_EXT_SUPPORTED_AUTH:
6552 case SADB_EXT_SUPPORTED_ENCRYPT:
6553 case SADB_EXT_SPIRANGE:
6554 case SADB_X_EXT_POLICY:
6555 /* duplicate check */
6556 /*
6557 * XXX Are there duplication payloads of either
6558 * KEY_AUTH or KEY_ENCRYPT ?
6559 */
6560 if (mhp[ext->sadb_ext_type] != NULL) {
6561 #if IPSEC_DEBUG
6562 printf("key_align: duplicate ext_type %u "
6563 "is passed.\n",
6564 ext->sadb_ext_type);
6565 #endif
6566 pfkeystat.out_dupext++;
6567 return EINVAL;
6568 }
6569 mhp[ext->sadb_ext_type] = (caddr_t)ext;
6570 break;
6571 default:
6572 #if IPSEC_DEBUG
6573 printf("key_align: invalid ext_type %u is passed.\n",
6574 ext->sadb_ext_type);
6575 #endif
6576 pfkeystat.out_invexttype++;
6577 return EINVAL;
6578 }
6579
6580 extlen = PFKEY_UNUNIT64(ext->sadb_ext_len);
6581 tlen -= extlen;
6582 ext = (struct sadb_ext *)((caddr_t)ext + extlen);
6583 }
6584
6585 return 0;
6586 }
6587
6588 void
6589 key_init()
6590 {
6591 int i;
6592
6593 bzero((caddr_t)&key_cb, sizeof(key_cb));
6594
6595 for (i = 0; i < IPSEC_DIR_MAX; i++) {
6596 LIST_INIT(&sptree[i]);
6597 }
6598
6599 LIST_INIT(&sahtree);
6600
6601 for (i = 0; i <= SADB_SATYPE_MAX; i++) {
6602 LIST_INIT(&regtree[i]);
6603 }
6604
6605 #ifndef IPSEC_NONBLOCK_ACQUIRE
6606 LIST_INIT(&acqtree);
6607 #endif
6608 LIST_INIT(&spacqtree);
6609
6610 /* system default */
6611 ip4_def_policy.policy = IPSEC_POLICY_NONE;
6612 ip4_def_policy.refcnt++; /*never reclaim this*/
6613 #if INET6
6614 ip6_def_policy.policy = IPSEC_POLICY_NONE;
6615 ip6_def_policy.refcnt++; /*never reclaim this*/
6616 #endif
6617
6618 #ifndef IPSEC_DEBUG2
6619 timeout((void *)key_timehandler, (void *)0, hz);
6620 #endif /*IPSEC_DEBUG2*/
6621
6622 /* initialize key statistics */
6623 keystat.getspi_count = 1;
6624
6625 printf("IPsec: Initialized Security Association Processing.\n");
6626
6627 return;
6628 }
6629
6630 /*
6631 * XXX: maybe This function is called after INBOUND IPsec processing.
6632 *
6633 * Special check for tunnel-mode packets.
6634 * We must make some checks for consistency between inner and outer IP header.
6635 *
6636 * xxx more checks to be provided
6637 */
6638 int
6639 key_checktunnelsanity(sav, family, src, dst)
6640 struct secasvar *sav;
6641 u_int family;
6642 caddr_t src;
6643 caddr_t dst;
6644 {
6645 /* sanity check */
6646 if (sav->sah == NULL)
6647 panic("sav->sah == NULL at key_checktunnelsanity");
6648
6649 /* XXX: check inner IP header */
6650
6651 return 1;
6652 }
6653
6654 #if 0
6655 #ifdef __FreeBSD__
6656 #define hostnamelen strlen(hostname)
6657 #endif
6658
6659 /*
6660 * Get FQDN for the host.
6661 * If the administrator configured hostname (by hostname(1)) without
6662 * domain name, returns nothing.
6663 */
6664 static const char *
6665 key_getfqdn()
6666 {
6667 int i;
6668 int hasdot;
6669 static char fqdn[MAXHOSTNAMELEN + 1];
6670
6671 if (!hostnamelen)
6672 return NULL;
6673
6674 /* check if it comes with domain name. */
6675 hasdot = 0;
6676 for (i = 0; i < hostnamelen; i++) {
6677 if (hostname[i] == '.')
6678 hasdot++;
6679 }
6680 if (!hasdot)
6681 return NULL;
6682
6683 /* NOTE: hostname may not be NUL-terminated. */
6684 bzero(fqdn, sizeof(fqdn));
6685 bcopy(hostname, fqdn, hostnamelen);
6686 fqdn[hostnamelen] = '\0';
6687 return fqdn;
6688 }
6689
6690 /*
6691 * get username@FQDN for the host/user.
6692 */
6693 static const char *
6694 key_getuserfqdn()
6695 {
6696 const char *host;
6697 static char userfqdn[MAXHOSTNAMELEN + MAXLOGNAME + 2];
6698 struct proc *p = curproc;
6699 char *q;
6700
6701 if (!p || !p->p_pgrp || !p->p_pgrp->pg_session)
6702 return NULL;
6703 if (!(host = key_getfqdn()))
6704 return NULL;
6705
6706 /* NOTE: s_login may not be-NUL terminated. */
6707 bzero(userfqdn, sizeof(userfqdn));
6708 bcopy(p->p_pgrp->pg_session->s_login, userfqdn, MAXLOGNAME);
6709 userfqdn[MAXLOGNAME] = '\0'; /* safeguard */
6710 q = userfqdn + strlen(userfqdn);
6711 *q++ = '@';
6712 bcopy(host, q, strlen(host));
6713 q += strlen(host);
6714 *q++ = '\0';
6715
6716 return userfqdn;
6717 }
6718 #endif
6719
6720 /* record data transfer on SA, and update timestamps */
6721 void
6722 key_sa_recordxfer(sav, m)
6723 struct secasvar *sav;
6724 struct mbuf *m;
6725 {
6726 if (!sav)
6727 panic("key_sa_recordxfer called with sav == NULL");
6728 if (!m)
6729 panic("key_sa_recordxfer called with m == NULL");
6730 if (!sav->lft_c)
6731 return;
6732
6733 /*
6734 * XXX Currently, there is a difference of bytes size
6735 * between inbound and outbound processing.
6736 */
6737 sav->lft_c->sadb_lifetime_bytes += m->m_pkthdr.len;
6738 /* to check bytes lifetime is done in key_timehandler(). */
6739
6740 /*
6741 * We use the number of packets as the unit of
6742 * sadb_lifetime_allocations. We increment the variable
6743 * whenever {esp,ah}_{in,out}put is called.
6744 */
6745 sav->lft_c->sadb_lifetime_allocations++;
6746 /* XXX check for expires? */
6747
6748 /*
6749 * NOTE: We record CURRENT sadb_lifetime_usetime by using wall clock,
6750 * in seconds. HARD and SOFT lifetime are measured by the time
6751 * difference (again in seconds) from sadb_lifetime_usetime.
6752 *
6753 * usetime
6754 * v expire expire
6755 * -----+-----+--------+---> t
6756 * <--------------> HARD
6757 * <-----> SOFT
6758 */
6759 {
6760 struct timeval tv;
6761 microtime(&tv);
6762 sav->lft_c->sadb_lifetime_usetime = tv.tv_sec;
6763 /* XXX check for expires? */
6764 }
6765
6766 return;
6767 }
6768
6769 /* dumb version */
6770 void
6771 key_sa_routechange(dst)
6772 struct sockaddr *dst;
6773 {
6774 struct secashead *sah;
6775 struct route *ro;
6776
6777 LIST_FOREACH(sah, &sahtree, chain) {
6778 ro = &sah->sa_route;
6779 if (ro->ro_rt && dst->sa_len == ro->ro_dst.sa_len
6780 && bcmp(dst, &ro->ro_dst, dst->sa_len) == 0) {
6781 RTFREE(ro->ro_rt);
6782 ro->ro_rt = (struct rtentry *)NULL;
6783 }
6784 }
6785
6786 return;
6787 }
6788
6789 static void
6790 key_sa_chgstate(sav, state)
6791 struct secasvar *sav;
6792 u_int8_t state;
6793 {
6794 if (sav == NULL)
6795 panic("key_sa_chgstate called with sav == NULL");
6796
6797 if (sav->state == state)
6798 return;
6799
6800 if (__LIST_CHAINED(sav))
6801 LIST_REMOVE(sav, chain);
6802
6803 sav->state = state;
6804 LIST_INSERT_HEAD(&sav->sah->savtree[state], sav, chain);
6805 }
6806
6807 /* returns NULL on error, m0 will be left unchanged */
6808 static caddr_t
6809 key_appendmbuf(m0, len)
6810 struct mbuf *m0;
6811 int len;
6812 {
6813 caddr_t p;
6814 struct mbuf *m;
6815 struct mbuf *n;
6816
6817 if (!m0 || (m0->m_flags & M_PKTHDR) == 0)
6818 return NULL; /*EINVAL*/
6819 if (len > MCLBYTES)
6820 return NULL; /*EINVAL*/
6821
6822 for (m = m0; m && m->m_next; m = m->m_next)
6823 ;
6824 if (len <= M_TRAILINGSPACE(m)) {
6825 p = mtod(m, caddr_t) + m->m_len;
6826 m->m_len += len;
6827 m0->m_pkthdr.len += len;
6828
6829 return p;
6830 }
6831 MGET(n, M_DONTWAIT, m->m_type);
6832 if (n != NULL) {
6833 MCLGET(n, M_DONTWAIT);
6834 if ((n->m_flags & M_EXT) == 0) {
6835 m_freem(n);
6836 n = NULL;
6837 }
6838 }
6839 if (n == NULL)
6840 return NULL; /*ENOBUFS*/
6841 n->m_next = NULL;
6842 m->m_next = n;
6843 n->m_len = len;
6844 m0->m_pkthdr.len += len;
6845
6846 return mtod(n, caddr_t);
6847 }
6848
6849 #ifdef __bsdi__
6850 #include <sys/user.h>
6851 #include <sys/sysctl.h>
6852
6853 int *key_sysvars[] = KEYCTL_VARS;
6854
6855 int
6856 key_sysctl(name, namelen, oldp, oldlenp, newp, newlen)
6857 int *name;
6858 u_int namelen;
6859 void *oldp;
6860 size_t *oldlenp;
6861 void *newp;
6862 size_t newlen;
6863 {
6864 if (name[0] >= KEYCTL_MAXID)
6865 return EOPNOTSUPP;
6866 switch (name[0]) {
6867 default:
6868 return sysctl_int_arr(key_sysvars, name, namelen,
6869 oldp, oldlenp, newp, newlen);
6870 }
6871 }
6872 #endif /*__bsdi__*/
6873
6874 #ifdef __NetBSD__
6875 #include <vm/vm.h>
6876 #include <sys/sysctl.h>
6877
6878 static int *key_sysvars[] = KEYCTL_VARS;
6879
6880 int
6881 key_sysctl(name, namelen, oldp, oldlenp, newp, newlen)
6882 int *name;
6883 u_int namelen;
6884 void *oldp;
6885 size_t *oldlenp;
6886 void *newp;
6887 size_t newlen;
6888 {
6889 if (name[0] >= KEYCTL_MAXID)
6890 return EOPNOTSUPP;
6891 if (!key_sysvars[name[0]])
6892 return EOPNOTSUPP;
6893 switch (name[0]) {
6894 default:
6895 return sysctl_int(oldp, oldlenp, newp, newlen,
6896 key_sysvars[name[0]]);
6897 }
6898 }
6899 #endif /*__NetBSD__*/