+/*
+ * Copyright (c) 2008-2011 Apple Inc. All rights reserved.
+ *
+ * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. The rights granted to you under the License
+ * may not be used to create, or enable the creation or redistribution of,
+ * unlawful or unlicensed copies of an Apple operating system, or to
+ * circumvent, violate, or enable the circumvention or violation of, any
+ * terms of an Apple operating system software license agreement.
+ *
+ * Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
+ */
+
/* $FreeBSD: src/sys/netkey/key.c,v 1.16.2.13 2002/07/24 18:17:40 ume Exp $ */
/* $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $ */
#include <sys/proc.h>
#include <sys/queue.h>
#include <sys/syslog.h>
+#include <sys/mcache.h>
#include <kern/locks.h>
#include <net/net_osdep.h>
-#ifndef satosin
-#define satosin(s) ((struct sockaddr_in *)s)
-#endif
-
#define FULLMASK 0xff
lck_grp_t *sadb_mutex_grp;
lck_grp_attr_t *sadb_mutex_grp_attr;
lck_attr_t *sadb_mutex_attr;
-lck_mtx_t *sadb_mutex;
+decl_lck_mtx_data(, sadb_mutex_data);
+lck_mtx_t *sadb_mutex = &sadb_mutex_data;
lck_grp_t *pfkey_stat_mutex_grp;
lck_grp_attr_t *pfkey_stat_mutex_grp_attr;
lck_attr_t *pfkey_stat_mutex_attr;
-lck_mtx_t *pfkey_stat_mutex;
-
-
-extern lck_mtx_t *nd6_mutex;
+decl_lck_mtx_data(, pfkey_stat_mutex_data);
+lck_mtx_t *pfkey_stat_mutex = &pfkey_stat_mutex_data;
/*
* Note on SA reference counting:
static int key_blockacq_count = 10; /* counter for blocking SADB_ACQUIRE.*/
static int key_blockacq_lifetime = 20; /* lifetime for blocking SADB_ACQUIRE.*/
static int key_preferred_oldsa = 0; /* preferred old sa rather than new sa.*/
-static int natt_keepalive_interval = 20; /* interval between natt keepalives.*/
-static int ipsec_policy_count = 0;
+__private_extern__ int natt_keepalive_interval = 20; /* interval between natt keepalives.*/
+__private_extern__ int ipsec_policy_count = 0;
static int ipsec_sav_count = 0;
static u_int32_t acq_seq = 0;
0, /* SADB_X_EXT_KMPRIVATE */
sizeof(struct sadb_x_policy), /* SADB_X_EXT_POLICY */
sizeof(struct sadb_x_sa2), /* SADB_X_SA2 */
+ sizeof(struct sadb_session_id), /* SADB_EXT_SESSION_ID */
+ sizeof(struct sadb_sastat), /* SADB_EXT_SASTAT */
};
static const int maxsize[] = {
sizeof(struct sadb_msg), /* SADB_EXT_RESERVED */
0, /* SADB_X_EXT_KMPRIVATE */
0, /* SADB_X_EXT_POLICY */
sizeof(struct sadb_x_sa2), /* SADB_X_SA2 */
+ 0, /* SADB_EXT_SESSION_ID */
+ 0, /* SADB_EXT_SASTAT */
};
static int ipsec_esp_keymin = 256;
static int ipsec_ah_keymin = 128;
SYSCTL_DECL(_net_key);
-
-SYSCTL_INT(_net_key, KEYCTL_DEBUG_LEVEL, debug, CTLFLAG_RW, \
+/* Thread safe: no accumulated state */
+SYSCTL_INT(_net_key, KEYCTL_DEBUG_LEVEL, debug, CTLFLAG_RW | CTLFLAG_LOCKED, \
&key_debug_level, 0, "");
/* max count of trial for the decision of spi value */
-SYSCTL_INT(_net_key, KEYCTL_SPI_TRY, spi_trycnt, CTLFLAG_RW, \
+SYSCTL_INT(_net_key, KEYCTL_SPI_TRY, spi_trycnt, CTLFLAG_RW | CTLFLAG_LOCKED, \
&key_spi_trycnt, 0, "");
/* minimum spi value to allocate automatically. */
-SYSCTL_INT(_net_key, KEYCTL_SPI_MIN_VALUE, spi_minval, CTLFLAG_RW, \
+SYSCTL_INT(_net_key, KEYCTL_SPI_MIN_VALUE, spi_minval, CTLFLAG_RW | CTLFLAG_LOCKED, \
&key_spi_minval, 0, "");
/* maximun spi value to allocate automatically. */
-SYSCTL_INT(_net_key, KEYCTL_SPI_MAX_VALUE, spi_maxval, CTLFLAG_RW, \
+SYSCTL_INT(_net_key, KEYCTL_SPI_MAX_VALUE, spi_maxval, CTLFLAG_RW | CTLFLAG_LOCKED, \
&key_spi_maxval, 0, "");
/* interval to initialize randseed */
-SYSCTL_INT(_net_key, KEYCTL_RANDOM_INT, int_random, CTLFLAG_RW, \
+SYSCTL_INT(_net_key, KEYCTL_RANDOM_INT, int_random, CTLFLAG_RW | CTLFLAG_LOCKED, \
&key_int_random, 0, "");
-/* lifetime for larval SA */
-SYSCTL_INT(_net_key, KEYCTL_LARVAL_LIFETIME, larval_lifetime, CTLFLAG_RW, \
+/* lifetime for larval SA; thread safe due to > compare */
+SYSCTL_INT(_net_key, KEYCTL_LARVAL_LIFETIME, larval_lifetime, CTLFLAG_RW | CTLFLAG_LOCKED, \
&key_larval_lifetime, 0, "");
/* counter for blocking to send SADB_ACQUIRE to IKEd */
-SYSCTL_INT(_net_key, KEYCTL_BLOCKACQ_COUNT, blockacq_count, CTLFLAG_RW, \
+SYSCTL_INT(_net_key, KEYCTL_BLOCKACQ_COUNT, blockacq_count, CTLFLAG_RW | CTLFLAG_LOCKED, \
&key_blockacq_count, 0, "");
-/* lifetime for blocking to send SADB_ACQUIRE to IKEd */
-SYSCTL_INT(_net_key, KEYCTL_BLOCKACQ_LIFETIME, blockacq_lifetime, CTLFLAG_RW, \
+/* lifetime for blocking to send SADB_ACQUIRE to IKEd: Thread safe, > compare */
+SYSCTL_INT(_net_key, KEYCTL_BLOCKACQ_LIFETIME, blockacq_lifetime, CTLFLAG_RW | CTLFLAG_LOCKED, \
&key_blockacq_lifetime, 0, "");
/* ESP auth */
-SYSCTL_INT(_net_key, KEYCTL_ESP_AUTH, esp_auth, CTLFLAG_RW, \
+SYSCTL_INT(_net_key, KEYCTL_ESP_AUTH, esp_auth, CTLFLAG_RW | CTLFLAG_LOCKED, \
&ipsec_esp_auth, 0, "");
/* minimum ESP key length */
-SYSCTL_INT(_net_key, KEYCTL_ESP_KEYMIN, esp_keymin, CTLFLAG_RW, \
+SYSCTL_INT(_net_key, KEYCTL_ESP_KEYMIN, esp_keymin, CTLFLAG_RW | CTLFLAG_LOCKED, \
&ipsec_esp_keymin, 0, "");
/* minimum AH key length */
-SYSCTL_INT(_net_key, KEYCTL_AH_KEYMIN, ah_keymin, CTLFLAG_RW, \
+SYSCTL_INT(_net_key, KEYCTL_AH_KEYMIN, ah_keymin, CTLFLAG_RW | CTLFLAG_LOCKED, \
&ipsec_ah_keymin, 0, "");
/* perfered old SA rather than new SA */
-SYSCTL_INT(_net_key, KEYCTL_PREFERED_OLDSA, prefered_oldsa, CTLFLAG_RW,\
+SYSCTL_INT(_net_key, KEYCTL_PREFERED_OLDSA, prefered_oldsa, CTLFLAG_RW | CTLFLAG_LOCKED,\
&key_preferred_oldsa, 0, "");
/* time between NATT keepalives in seconds, 0 disabled */
-SYSCTL_INT(_net_key, KEYCTL_NATT_KEEPALIVE_INTERVAL, natt_keepalive_interval, CTLFLAG_RW,\
+SYSCTL_INT(_net_key, KEYCTL_NATT_KEEPALIVE_INTERVAL, natt_keepalive_interval, CTLFLAG_RW | CTLFLAG_LOCKED,\
&natt_keepalive_interval, 0, "");
/* PF_KEY statistics */
-SYSCTL_STRUCT(_net_key, KEYCTL_PFKEYSTAT, pfkeystat, CTLFLAG_RD,\
+SYSCTL_STRUCT(_net_key, KEYCTL_PFKEYSTAT, pfkeystat, CTLFLAG_RD | CTLFLAG_LOCKED,\
&pfkeystat, pfkeystat, "");
#ifndef LIST_FOREACH
#if 1
#define KMALLOC_WAIT(p, t, n) \
- ((p) = (t) _MALLOC((unsigned long)(n), M_SECA, M_WAITOK))
+ ((p) = (t) _MALLOC((u_int32_t)(n), M_SECA, M_WAITOK))
#define KMALLOC_NOWAIT(p, t, n) \
- ((p) = (t) _MALLOC((unsigned long)(n), M_SECA, M_NOWAIT))
+ ((p) = (t) _MALLOC((u_int32_t)(n), M_SECA, M_NOWAIT))
#define KFREE(p) \
_FREE((caddr_t)(p), M_SECA);
#else
#define KMALLOC_WAIT(p, t, n) \
do { \
- ((p) = (t)_MALLOC((unsigned long)(n), M_SECA, M_WAITOK)); \
+ ((p) = (t)_MALLOC((u_int32_t)(n), M_SECA, M_WAITOK)); \
printf("%s %d: %p <- KMALLOC_WAIT(%s, %d)\n", \
__FILE__, __LINE__, (p), #t, n); \
} while (0)
#define KMALLOC_NOWAIT(p, t, n) \
do { \
- ((p) = (t)_MALLOC((unsigned long)(n), M_SECA, M_NOWAIT)); \
+ ((p) = (t)_MALLOC((u_int32_t)(n), M_SECA, M_NOWAIT)); \
printf("%s %d: %p <- KMALLOC_NOWAIT(%s, %d)\n", \
__FILE__, __LINE__, (p), #t, n); \
} while (0)
(idx)->proto = (p); \
(idx)->mode = (m); \
(idx)->reqid = (r); \
- bcopy((s), &(idx)->src, ((struct sockaddr *)(s))->sa_len); \
- bcopy((d), &(idx)->dst, ((struct sockaddr *)(d))->sa_len); \
+ bcopy((s), &(idx)->src, ((const struct sockaddr *)(s))->sa_len); \
+ bcopy((d), &(idx)->dst, ((const struct sockaddr *)(d))->sa_len); \
} while (0)
/* key statistics */
struct _keystat {
- u_long getspi_count; /* the avarage of count to try to get new SPI */
+ u_int32_t getspi_count; /* the avarage of count to try to get new SPI */
} keystat;
struct sadb_msghdr {
u_int8_t, u_int32_t, u_int32_t);
static u_int key_getspreqmsglen(struct secpolicy *);
static int key_spdexpire(struct secpolicy *);
-static struct secashead *key_newsah(struct secasindex *);
-static void key_delsah(struct secashead *);
+static struct secashead *key_newsah(struct secasindex *, u_int8_t);
static struct secasvar *key_newsav(struct mbuf *,
const struct sadb_msghdr *, struct secashead *, int *);
-static void key_delsav(struct secasvar *);
static struct secashead *key_getsah(struct secasindex *);
static struct secasvar *key_checkspidup(struct secasindex *, u_int32_t);
static void key_setspi __P((struct secasvar *, u_int32_t));
#if INET6
static int key_ismyaddr6(struct sockaddr_in6 *);
#endif
+static void key_update_natt_keepalive_timestamp(struct secasvar *, struct secasvar *);
/* flags for key_cmpsaidx() */
#define CMP_HEAD 0x1 /* protocol, addresses. */
static int key_senderror(struct socket *, struct mbuf *, int);
static int key_validate_ext(const struct sadb_ext *, int);
static int key_align(struct mbuf *, struct sadb_msghdr *);
-static void key_sa_chgstate(struct secasvar *, u_int8_t);
static struct mbuf *key_alloc_mbuf(int);
+static int key_getsastat (struct socket *, struct mbuf *, const struct sadb_msghdr *);
+static int key_setsaval2(struct secasvar *sav,
+ u_int8_t satype,
+ u_int8_t alg_auth,
+ u_int8_t alg_enc,
+ u_int32_t flags,
+ u_int8_t replay,
+ struct sadb_key *key_auth,
+ u_int16_t key_auth_len,
+ struct sadb_key *key_enc,
+ u_int16_t key_enc_len,
+ u_int16_t natt_port,
+ u_int32_t seq,
+ u_int32_t spi,
+ u_int32_t pid,
+ struct sadb_lifetime *lifetime_hard,
+ struct sadb_lifetime *lifetime_soft);
extern int ipsec_bypass;
-void ipsec_send_natt_keepalive(struct secasvar *sav);
+extern int esp_udp_encap_port;
+int ipsec_send_natt_keepalive(struct secasvar *sav);
void key_init(void);
+
/*
* PF_KEY init
- * setup locks and call raw_init()
+ * setup locks, call raw_init(), and then init timer and associated data
*
*/
void
{
int i;
-
+
+ _CASSERT(PFKEY_ALIGN8(sizeof(struct sadb_msg)) <= _MHLEN);
+
sadb_mutex_grp_attr = lck_grp_attr_alloc_init();
sadb_mutex_grp = lck_grp_alloc_init("sadb", sadb_mutex_grp_attr);
sadb_mutex_attr = lck_attr_alloc_init();
- if ((sadb_mutex = lck_mtx_alloc_init(sadb_mutex_grp, sadb_mutex_attr)) == NULL) {
- printf("key_init: can't alloc sadb_mutex\n");
- return;
- }
+ lck_mtx_init(sadb_mutex, sadb_mutex_grp, sadb_mutex_attr);
pfkey_stat_mutex_grp_attr = lck_grp_attr_alloc_init();
pfkey_stat_mutex_grp = lck_grp_alloc_init("pfkey_stat", pfkey_stat_mutex_grp_attr);
pfkey_stat_mutex_attr = lck_attr_alloc_init();
- if ((pfkey_stat_mutex = lck_mtx_alloc_init(pfkey_stat_mutex_grp, pfkey_stat_mutex_attr)) == NULL) {
- printf("key_init: can't alloc pfkey_stat_mutex\n");
- return;
- }
+ lck_mtx_init(pfkey_stat_mutex, pfkey_stat_mutex_grp, pfkey_stat_mutex_attr);
for (i = 0; i < SPIHASHSIZE; i++)
LIST_INIT(&spihash[i]);
raw_init();
+
+ bzero((caddr_t)&key_cb, sizeof(key_cb));
+
+ for (i = 0; i < IPSEC_DIR_MAX; i++) {
+ LIST_INIT(&sptree[i]);
+ }
+ ipsec_policy_count = 0;
+
+ LIST_INIT(&sahtree);
+
+ for (i = 0; i <= SADB_SATYPE_MAX; i++) {
+ LIST_INIT(®tree[i]);
+ }
+ ipsec_sav_count = 0;
+
+#ifndef IPSEC_NONBLOCK_ACQUIRE
+ LIST_INIT(&acqtree);
+#endif
+ LIST_INIT(&spacqtree);
+
+ /* system default */
+#if INET
+ ip4_def_policy.policy = IPSEC_POLICY_NONE;
+ ip4_def_policy.refcnt++; /*never reclaim this*/
+#endif
+#if INET6
+ ip6_def_policy.policy = IPSEC_POLICY_NONE;
+ ip6_def_policy.refcnt++; /*never reclaim this*/
+#endif
+
+#ifndef IPSEC_DEBUG2
+ timeout((void *)key_timehandler, (void *)0, hz);
+#endif /*IPSEC_DEBUG2*/
+
+ /* initialize key statistics */
+ keystat.getspi_count = 1;
+
+#ifndef __APPLE__
+ printf("IPsec: Initialized Security Association Processing.\n");
+#endif
}
* others: found and return the pointer.
*/
struct secpolicy *
-key_allocsp(spidx, dir)
- struct secpolicyindex *spidx;
- u_int dir;
+key_allocsp(
+ struct secpolicyindex *spidx,
+ u_int dir)
{
struct secpolicy *sp;
struct timeval tv;
* XXX slow
*/
struct secpolicy *
-key_gettunnel(osrc, odst, isrc, idst)
- struct sockaddr *osrc, *odst, *isrc, *idst;
+key_gettunnel(
+ struct sockaddr *osrc,
+ struct sockaddr *odst,
+ struct sockaddr *isrc,
+ struct sockaddr *idst)
{
struct secpolicy *sp;
const int dir = IPSEC_DIR_INBOUND;
* ENOENT: policy may be valid, but SA with REQUIRE is on acquiring.
*/
int
-key_checkrequest(isr, saidx, sav)
- struct ipsecrequest *isr;
- struct secasindex *saidx;
- struct secasvar **sav;
+key_checkrequest(
+ struct ipsecrequest *isr,
+ struct secasindex *saidx,
+ struct secasvar **sav)
{
u_int level;
int error;
* OUT: NULL: not found.
* others: found and return the pointer.
*/
+u_int32_t sah_search_calls = 0;
+u_int32_t sah_search_count = 0;
struct secasvar *
-key_allocsa_policy(saidx)
- struct secasindex *saidx;
+key_allocsa_policy(
+ struct secasindex *saidx)
{
struct secashead *sah;
struct secasvar *sav;
u_int16_t dstport;
lck_mtx_lock(sadb_mutex);
+ sah_search_calls++;
LIST_FOREACH(sah, &sahtree, chain) {
+ sah_search_count++;
if (sah->state == SADB_SASTATE_DEAD)
continue;
if (key_cmpsaidx(&sah->saidx, saidx, CMP_MODE | CMP_REQID))
* others : found, pointer to a SA.
*/
static struct secasvar *
-key_do_allocsa_policy(sah, state, dstport)
- struct secashead *sah;
- u_int state;
- u_int16_t dstport;
+key_do_allocsa_policy(
+ struct secashead *sah,
+ u_int state,
+ u_int16_t dstport)
{
struct secasvar *sav, *nextsav, *candidate, *natt_candidate, *no_natt_candidate, *d;
* keep source address in IPsec SA. We see a tricky situation here.
*/
struct secasvar *
-key_allocsa(family, src, dst, proto, spi)
- u_int family, proto;
- caddr_t src, dst;
- u_int32_t spi;
+key_allocsa(
+ u_int family,
+ caddr_t src,
+ caddr_t dst,
+ u_int proto,
+ u_int32_t spi)
{
struct secasvar *sav, *match;
u_int stateidx, state, tmpidx, matchidx;
}
u_int16_t
-key_natt_get_translated_port(outsav)
- struct secasvar *outsav;
+key_natt_get_translated_port(
+ struct secasvar *outsav)
{
struct secasindex saidx;
}
static int
-key_do_get_translated_port(sah, outsav, state)
- struct secashead *sah;
- struct secasvar *outsav;
- u_int state;
+key_do_get_translated_port(
+ struct secashead *sah,
+ struct secasvar *outsav,
+ u_int state)
{
struct secasvar *currsav, *nextsav, *candidate;
* For both the packet without socket and key_freeso().
*/
void
-key_freesp(sp, locked)
- struct secpolicy *sp;
- int locked;
+key_freesp(
+ struct secpolicy *sp,
+ int locked)
{
/* sanity check */
* For the packet with socket.
*/
void
-key_freeso(so)
- struct socket *so;
+key_freeso(
+ struct socket *so)
{
/* sanity check */
}
static void
-key_freesp_so(sp)
- struct secpolicy **sp;
+key_freesp_so(
+ struct secpolicy **sp)
{
/* sanity check */
* for a policy.
*/
void
-key_freesav(sav, locked)
- struct secasvar *sav;
- int locked;
+key_freesav(
+ struct secasvar *sav,
+ int locked)
{
/* sanity check */
* free security policy entry.
*/
static void
-key_delsp(sp)
- struct secpolicy *sp;
+key_delsp(
+ struct secpolicy *sp)
{
/* sanity check */
* others : found, pointer to a SP.
*/
static struct secpolicy *
-key_getsp(spidx)
- struct secpolicyindex *spidx;
+key_getsp(
+ struct secpolicyindex *spidx)
{
struct secpolicy *sp;
* others : found, pointer to a SP.
*/
static struct secpolicy *
-key_getspbyid(id)
- u_int32_t id;
+key_getspbyid(
+ u_int32_t id)
{
struct secpolicy *sp;
}
struct secpolicy *
-key_newsp()
+key_newsp(void)
{
struct secpolicy *newsp = NULL;
* so must be set properly later.
*/
struct secpolicy *
-key_msg2sp(xpl0, len, error)
- struct sadb_x_policy *xpl0;
- size_t len;
- int *error;
+key_msg2sp(
+ struct sadb_x_policy *xpl0,
+ size_t len,
+ int *error)
{
struct secpolicy *newsp;
return NULL;
}
- xisr = (struct sadb_x_ipsecrequest *)((caddr_t)xisr
- + xisr->sadb_x_ipsecrequest_len);
+ xisr = (struct sadb_x_ipsecrequest *)(void *)
+ ((caddr_t)xisr + xisr->sadb_x_ipsecrequest_len);
}
}
break;
}
static u_int32_t
-key_newreqid()
+key_newreqid(void)
{
lck_mtx_lock(sadb_mutex);
static u_int32_t auto_reqid = IPSEC_MANUAL_REQID_MAX + 1;
+ int done = 0;
- auto_reqid = (auto_reqid == ~0
- ? IPSEC_MANUAL_REQID_MAX + 1 : auto_reqid + 1);
- lck_mtx_unlock(sadb_mutex);
+ /* The reqid must be limited to 16 bits because the PF_KEY message format only uses
+ 16 bits for this field. Once it becomes larger than 16 bits - ipsec fails to
+ work anymore. Changing the PF_KEY message format would introduce compatibility
+ issues. This code now tests to see if the tentative reqid is in use */
+
+ while (!done) {
+ struct secpolicy *sp;
+ struct ipsecrequest *isr;
+ int dir;
+
+ auto_reqid = (auto_reqid == 0xFFFF
+ ? IPSEC_MANUAL_REQID_MAX + 1 : auto_reqid + 1);
- /* XXX should be unique check */
+ /* check for uniqueness */
+ done = 1;
+ for (dir = 0; dir < IPSEC_DIR_MAX; dir++) {
+ LIST_FOREACH(sp, &sptree[dir], chain) {
+ for (isr = sp->req; isr != NULL; isr = isr->next) {
+ if (isr->saidx.reqid == auto_reqid) {
+ done = 0;
+ break;
+ }
+ }
+ if (done == 0)
+ break;
+ }
+ if (done == 0)
+ break;
+ }
+ }
+ lck_mtx_unlock(sadb_mutex);
return auto_reqid;
}
* copy secpolicy struct to sadb_x_policy structure indicated.
*/
struct mbuf *
-key_sp2msg(sp)
- struct secpolicy *sp;
+key_sp2msg(
+ struct secpolicy *sp)
{
struct sadb_x_policy *xpl;
int tlen;
for (isr = sp->req; isr != NULL; isr = isr->next) {
- xisr = (struct sadb_x_ipsecrequest *)p;
+ xisr = (struct sadb_x_ipsecrequest *)(void *)p;
xisr->sadb_x_ipsecrequest_proto = isr->saidx.proto;
xisr->sadb_x_ipsecrequest_mode = isr->saidx.mode;
if (len > MHLEN)
panic("assumption failed");
#endif
- MGETHDR(n, M_DONTWAIT, MT_DATA);
+ MGETHDR(n, M_WAITOK, MT_DATA);
if (!n)
goto fail;
n->m_len = len;
mtod(n, caddr_t));
} else {
n = m_copym(m, mhp->extoff[idx], mhp->extlen[idx],
- M_DONTWAIT);
+ M_WAITOK);
}
if (n == NULL)
goto fail;
* m will always be freed.
*/
static int
-key_spdadd(so, m, mhp)
- struct socket *so;
- struct mbuf *m;
- const struct sadb_msghdr *mhp;
+key_spdadd(
+ struct socket *so,
+ struct mbuf *m,
+ const struct sadb_msghdr *mhp)
{
struct sadb_address *src0, *dst0;
struct sadb_x_policy *xpl0, *xpl;
ipseclog((LOG_DEBUG, "key_spdadd: invalid message is passed.\n"));
return key_senderror(so, m, EINVAL);
}
- lft = (struct sadb_lifetime *)mhp->ext[SADB_EXT_LIFETIME_HARD];
+ lft = (struct sadb_lifetime *)
+ (void *)mhp->ext[SADB_EXT_LIFETIME_HARD];
}
src0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_SRC];
dst0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_DST];
- xpl0 = (struct sadb_x_policy *)mhp->ext[SADB_X_EXT_POLICY];
+ xpl0 = (struct sadb_x_policy *)(void *)mhp->ext[SADB_X_EXT_POLICY];
/* make secindex */
/* XXX boundary check against sa_len */
/* n is already freed */
return key_senderror(so, m, ENOBUFS);
}
- xpl = (struct sadb_x_policy *)(mtod(mpolicy, caddr_t) + off);
+ xpl = (struct sadb_x_policy *)(void *)(mtod(mpolicy, caddr_t) + off);
if (xpl->sadb_x_policy_exttype != SADB_X_EXT_POLICY) {
m_freem(n);
return key_senderror(so, m, EINVAL);
* others: success.
*/
static u_int32_t
-key_getnewspid()
+key_getnewspid(void)
{
u_int32_t newid = 0;
int count = key_spi_trycnt; /* XXX */
* m will always be freed.
*/
static int
-key_spddelete(so, m, mhp)
- struct socket *so;
- struct mbuf *m;
- const struct sadb_msghdr *mhp;
+key_spddelete(
+ struct socket *so,
+ struct mbuf *m,
+ const struct sadb_msghdr *mhp)
{
struct sadb_address *src0, *dst0;
struct sadb_x_policy *xpl0;
src0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_SRC];
dst0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_DST];
- xpl0 = (struct sadb_x_policy *)mhp->ext[SADB_X_EXT_POLICY];
+ xpl0 = (struct sadb_x_policy *)(void *)mhp->ext[SADB_X_EXT_POLICY];
/* make secindex */
/* XXX boundary check against sa_len */
* m will always be freed.
*/
static int
-key_spddelete2(so, m, mhp)
- struct socket *so;
- struct mbuf *m;
- const struct sadb_msghdr *mhp;
+key_spddelete2(
+ struct socket *so,
+ struct mbuf *m,
+ const struct sadb_msghdr *mhp)
{
u_int32_t id;
struct secpolicy *sp;
return 0;
}
- id = ((struct sadb_x_policy *)mhp->ext[SADB_X_EXT_POLICY])->sadb_x_policy_id;
+ id = ((struct sadb_x_policy *)
+ (void *)mhp->ext[SADB_X_EXT_POLICY])->sadb_x_policy_id;
/* Is there SP in SPD ? */
lck_mtx_lock(sadb_mutex);
if (len > MCLBYTES)
return key_senderror(so, m, ENOBUFS);
- MGETHDR(n, M_DONTWAIT, MT_DATA);
+ MGETHDR(n, M_WAITOK, MT_DATA);
if (n && len > MHLEN) {
- MCLGET(n, M_DONTWAIT);
+ MCLGET(n, M_WAITOK);
if ((n->m_flags & M_EXT) == 0) {
m_freem(n);
n = NULL;
#endif
n->m_next = m_copym(m, mhp->extoff[SADB_X_EXT_POLICY],
- mhp->extlen[SADB_X_EXT_POLICY], M_DONTWAIT);
+ mhp->extlen[SADB_X_EXT_POLICY], M_WAITOK);
if (!n->m_next) {
m_freem(n);
return key_senderror(so, m, ENOBUFS);
* m will always be freed.
*/
static int
-key_spdget(so, m, mhp)
- struct socket *so;
- struct mbuf *m;
- const struct sadb_msghdr *mhp;
+key_spdget(
+ struct socket *so,
+ struct mbuf *m,
+ const struct sadb_msghdr *mhp)
{
u_int32_t id;
struct secpolicy *sp;
return key_senderror(so, m, EINVAL);
}
- id = ((struct sadb_x_policy *)mhp->ext[SADB_X_EXT_POLICY])->sadb_x_policy_id;
+ id = ((struct sadb_x_policy *)
+ (void *)mhp->ext[SADB_X_EXT_POLICY])->sadb_x_policy_id;
/* Is there SP in SPD ? */
lck_mtx_lock(sadb_mutex);
* others: error number
*/
int
-key_spdacquire(sp)
- struct secpolicy *sp;
+key_spdacquire(
+ struct secpolicy *sp)
{
struct mbuf *result = NULL, *m;
struct secspacq *newspacq;
* m will always be freed.
*/
static int
-key_spdflush(so, m, mhp)
- struct socket *so;
- struct mbuf *m;
- const struct sadb_msghdr *mhp;
+key_spdflush(
+ struct socket *so,
+ struct mbuf *m,
+ const struct sadb_msghdr *mhp)
{
struct sadb_msg *newmsg;
struct secpolicy *sp;
*/
static int
-key_spddump(so, m, mhp)
- struct socket *so;
- struct mbuf *m;
- const struct sadb_msghdr *mhp;
+key_spddump(
+ struct socket *so,
+ struct mbuf *m,
+ const struct sadb_msghdr *mhp)
{
struct secpolicy *sp, **spbuf = NULL, **sp_ptr;
int cnt = 0, bufcount;
}
static struct mbuf *
-key_setdumpsp(sp, type, seq, pid)
- struct secpolicy *sp;
- u_int8_t type;
- u_int32_t seq, pid;
+key_setdumpsp(
+ struct secpolicy *sp,
+ u_int8_t type,
+ u_int32_t seq,
+ u_int32_t pid)
{
struct mbuf *result = NULL, *m;
* get PFKEY message length for security policy and request.
*/
static u_int
-key_getspreqmsglen(sp)
- struct secpolicy *sp;
+key_getspreqmsglen(
+ struct secpolicy *sp)
{
u_int tlen;
* others : error number
*/
static int
-key_spdexpire(sp)
- struct secpolicy *sp;
+key_spdexpire(
+ struct secpolicy *sp)
{
struct mbuf *result = NULL, *m;
int len;
- int error = -1;
+ int error = EINVAL;
struct sadb_lifetime *lt;
lck_mtx_assert(sadb_mutex, LCK_MTX_ASSERT_NOTOWNED);
lt->sadb_lifetime_bytes = 0;
lt->sadb_lifetime_addtime = sp->created;
lt->sadb_lifetime_usetime = sp->lastused;
- lt = (struct sadb_lifetime *)(mtod(m, caddr_t) + len / 2);
+ lt = (struct sadb_lifetime *)(void *)(mtod(m, caddr_t) + len / 2);
lt->sadb_lifetime_len = PFKEY_UNIT64(sizeof(struct sadb_lifetime));
lt->sadb_lifetime_exttype = SADB_EXT_LIFETIME_HARD;
lt->sadb_lifetime_allocations = 0;
* others : pointer to new SA head.
*/
static struct secashead *
-key_newsah(saidx)
- struct secasindex *saidx;
+key_newsah(
+ struct secasindex *saidx,
+ u_int8_t dir)
{
struct secashead *newsah;
break;
}
+ newsah->dir = dir;
/* add to saidxtree */
newsah->state = SADB_SASTATE_MATURE;
LIST_INSERT_HEAD(&sahtree, newsah, chain);
/*
* delete SA index and all SA registerd.
*/
-static void
-key_delsah(sah)
- struct secashead *sah;
+void
+key_delsah(
+ struct secashead *sah)
{
struct secasvar *sav, *nextsav;
u_int stateidx, state;
* does not modify mbuf. does not free mbuf on error.
*/
static struct secasvar *
-key_newsav(m, mhp, sah, errp)
- struct mbuf *m;
- const struct sadb_msghdr *mhp;
- struct secashead *sah;
- int *errp;
+key_newsav(
+ struct mbuf *m,
+ const struct sadb_msghdr *mhp,
+ struct secashead *sah,
+ int *errp)
{
struct secasvar *newsav;
const struct sadb_sa *xsa;
*errp = EINVAL;
return NULL;
}
- xsa = (const struct sadb_sa *)mhp->ext[SADB_EXT_SA];
+ xsa = (struct sadb_sa *)(void *)mhp->ext[SADB_EXT_SA];
key_setspi(newsav, xsa->sadb_sa_spi);
newsav->seq = mhp->msg->sadb_msg_seq;
break;
return newsav;
}
+/*
+ * allocating a new SA with LARVAL state. key_add() and key_getspi() call,
+ * and copy the values passed into new buffer.
+ * When SAD message type is GETSPI:
+ * to set sequence number from acq_seq++,
+ * to set zero to SPI.
+ * not to call key_setsava().
+ * OUT: NULL : fail
+ * others : pointer to new secasvar.
+ */
+struct secasvar *
+key_newsav2(struct secashead *sah,
+ u_int8_t satype,
+ u_int8_t alg_auth,
+ u_int8_t alg_enc,
+ u_int32_t flags,
+ u_int8_t replay,
+ struct sadb_key *key_auth,
+ u_int16_t key_auth_len,
+ struct sadb_key *key_enc,
+ u_int16_t key_enc_len,
+ u_int16_t natt_port,
+ u_int32_t seq,
+ u_int32_t spi,
+ u_int32_t pid,
+ struct sadb_lifetime *lifetime_hard,
+ struct sadb_lifetime *lifetime_soft)
+{
+ struct secasvar *newsav;
+
+ lck_mtx_assert(sadb_mutex, LCK_MTX_ASSERT_OWNED);
+
+ /* sanity check */
+ if (sah == NULL)
+ panic("key_newsa: NULL pointer is passed.\n");
+
+ KMALLOC_NOWAIT(newsav, struct secasvar *, sizeof(struct secasvar));
+ if (newsav == NULL) {
+ lck_mtx_unlock(sadb_mutex);
+ KMALLOC_WAIT(newsav, struct secasvar *, sizeof(struct secasvar));
+ lck_mtx_lock(sadb_mutex);
+ if (newsav == NULL) {
+ ipseclog((LOG_DEBUG, "key_newsa: No more memory.\n"));
+ return NULL;
+ }
+ }
+ bzero((caddr_t)newsav, sizeof(struct secasvar));
+
+#if IPSEC_DOSEQCHECK
+ /* sync sequence number */
+ if (seq == 0)
+ newsav->seq = (acq_seq = (acq_seq == ~0 ? 1 : ++acq_seq));
+ else
+#endif
+ newsav->seq = seq;
+ key_setspi(newsav, spi);
+
+ if (key_setsaval2(newsav,
+ satype,
+ alg_auth,
+ alg_enc,
+ flags,
+ replay,
+ key_auth,
+ key_auth_len,
+ key_enc,
+ key_enc_len,
+ natt_port,
+ seq,
+ spi,
+ pid,
+ lifetime_hard,
+ lifetime_soft)) {
+ if (newsav->spihash.le_prev || newsav->spihash.le_next)
+ LIST_REMOVE(newsav, spihash);
+ KFREE(newsav);
+ return NULL;
+ }
+
+ /* reset created */
+ {
+ struct timeval tv;
+ microtime(&tv);
+ newsav->created = tv.tv_sec;
+ }
+
+ newsav->pid = pid;
+
+ /* add to satree */
+ newsav->sah = sah;
+ newsav->refcnt = 1;
+ if (spi && key_auth && key_auth_len && key_enc && key_enc_len) {
+ newsav->state = SADB_SASTATE_MATURE;
+ LIST_INSERT_TAIL(&sah->savtree[SADB_SASTATE_MATURE], newsav,
+ secasvar, chain);
+ } else {
+ newsav->state = SADB_SASTATE_LARVAL;
+ LIST_INSERT_TAIL(&sah->savtree[SADB_SASTATE_LARVAL], newsav,
+ secasvar, chain);
+ }
+ ipsec_sav_count++;
+
+ return newsav;
+}
+
/*
* free() SA variable entry.
*/
-static void
-key_delsav(sav)
- struct secasvar *sav;
+void
+key_delsav(
+ struct secasvar *sav)
{
lck_mtx_assert(sadb_mutex, LCK_MTX_ASSERT_OWNED);
* others : found, pointer to a SA.
*/
static struct secashead *
-key_getsah(saidx)
- struct secasindex *saidx;
+key_getsah(
+ struct secasindex *saidx)
{
struct secashead *sah;
return NULL;
}
+struct secashead *
+key_newsah2 (struct secasindex *saidx,
+ u_int8_t dir)
+{
+ struct secashead *sah;
+
+ lck_mtx_assert(sadb_mutex, LCK_MTX_ASSERT_OWNED);
+
+ sah = key_getsah(saidx);
+ if (!sah) {
+ return(key_newsah(saidx, dir));
+ }
+ return sah;
+}
+
/*
* check not to be duplicated SPI.
* NOTE: this function is too slow due to searching all SAD.
* others : found, pointer to a SA.
*/
static struct secasvar *
-key_checkspidup(saidx, spi)
- struct secasindex *saidx;
- u_int32_t spi;
+key_checkspidup(
+ struct secasindex *saidx,
+ u_int32_t spi)
{
struct secasvar *sav;
u_int stateidx, state;
}
static void
-key_setspi(sav, spi)
- struct secasvar *sav;
- u_int32_t spi;
+key_setspi(
+ struct secasvar *sav,
+ u_int32_t spi)
{
lck_mtx_assert(sadb_mutex, LCK_MTX_ASSERT_OWNED);
sav->spi = spi;
* others : found, pointer to a SA.
*/
static struct secasvar *
-key_getsavbyspi(sah, spi)
- struct secashead *sah;
- u_int32_t spi;
+key_getsavbyspi(
+ struct secashead *sah,
+ u_int32_t spi)
{
struct secasvar *sav, *match;
u_int stateidx, state, matchidx;
* does not modify mbuf. does not free mbuf on error.
*/
static int
-key_setsaval(sav, m, mhp)
- struct secasvar *sav;
- struct mbuf *m;
- const struct sadb_msghdr *mhp;
+key_setsaval(
+ struct secasvar *sav,
+ struct mbuf *m,
+ const struct sadb_msghdr *mhp)
{
#if IPSEC_ESP
const struct esp_algorithm *algo;
if (mhp->ext[SADB_EXT_SA] != NULL) {
const struct sadb_sa *sa0;
- sa0 = (const struct sadb_sa *)mhp->ext[SADB_EXT_SA];
+ sa0 = (struct sadb_sa *)(void *)mhp->ext[SADB_EXT_SA];
if (mhp->extlen[SADB_EXT_SA] < sizeof(*sa0)) {
ipseclog((LOG_DEBUG, "key_setsaval: invalid message size.\n"));
error = EINVAL;
*/
if ((sav->flags & SADB_X_EXT_NATT) != 0) {
if (mhp->extlen[SADB_EXT_SA] < sizeof(struct sadb_sa_2) ||
- ((struct sadb_sa_2*)(sa0))->sadb_sa_natt_port == 0) {
+ ((const struct sadb_sa_2*)(sa0))->sadb_sa_natt_port == 0) {
ipseclog((LOG_DEBUG, "key_setsaval: natt port not set.\n"));
error = EINVAL;
goto fail;
}
- sav->remote_ike_port = ((struct sadb_sa_2*)(sa0))->sadb_sa_natt_port;
+ sav->remote_ike_port = ((const struct sadb_sa_2*)(sa0))->sadb_sa_natt_port;
}
/*
{
const struct sadb_lifetime *lft0;
- lft0 = (struct sadb_lifetime *)mhp->ext[SADB_EXT_LIFETIME_HARD];
+ lft0 = (struct sadb_lifetime *)
+ (void *)mhp->ext[SADB_EXT_LIFETIME_HARD];
if (lft0 != NULL) {
if (mhp->extlen[SADB_EXT_LIFETIME_HARD] < sizeof(*lft0)) {
ipseclog((LOG_DEBUG, "key_setsaval: invalid hard lifetime ext len.\n"));
/* to be initialize ? */
}
- lft0 = (struct sadb_lifetime *)mhp->ext[SADB_EXT_LIFETIME_SOFT];
+ lft0 = (struct sadb_lifetime *)
+ (void *)mhp->ext[SADB_EXT_LIFETIME_SOFT];
if (lft0 != NULL) {
if (mhp->extlen[SADB_EXT_LIFETIME_SOFT] < sizeof(*lft0)) {
ipseclog((LOG_DEBUG, "key_setsaval: invalid soft lifetime ext len.\n"));
}
/*
- * validation with a secasvar entry, and set SADB_SATYPE_MATURE.
- * OUT: 0: valid
- * other: errno
+ * copy SA values from PF_KEY message except *SPI, SEQ, PID, STATE and TYPE*.
+ * You must update these if need.
+ * OUT: 0: success.
+ * !0: failure.
+ *
+ * does not modify mbuf. does not free mbuf on error.
*/
-static int
-key_mature(sav)
- struct secasvar *sav;
+int
+key_setsaval2(struct secasvar *sav,
+ u_int8_t satype,
+ u_int8_t alg_auth,
+ u_int8_t alg_enc,
+ u_int32_t flags,
+ u_int8_t replay,
+ struct sadb_key *key_auth,
+ u_int16_t key_auth_len,
+ struct sadb_key *key_enc,
+ u_int16_t key_enc_len,
+ u_int16_t natt_port,
+ u_int32_t seq,
+ u_int32_t spi,
+ u_int32_t pid,
+ struct sadb_lifetime *lifetime_hard,
+ struct sadb_lifetime *lifetime_soft)
{
- int mature;
- int checkmask = 0; /* 2^0: ealg 2^1: aalg 2^2: calg */
- int mustmask = 0; /* 2^0: ealg 2^1: aalg 2^2: calg */
-
- mature = 0;
+#if IPSEC_ESP
+ const struct esp_algorithm *algo;
+#endif
+ int error = 0;
+ struct timeval tv;
lck_mtx_assert(sadb_mutex, LCK_MTX_ASSERT_OWNED);
- /* check SPI value */
- switch (sav->sah->saidx.proto) {
- case IPPROTO_ESP:
- case IPPROTO_AH:
- if (ntohl(sav->spi) >= 0 && ntohl(sav->spi) <= 255) {
- ipseclog((LOG_DEBUG,
- "key_mature: illegal range of SPI %u.\n",
- (u_int32_t)ntohl(sav->spi)));
- return EINVAL;
+ /* initialization */
+ sav->replay = NULL;
+ sav->key_auth = NULL;
+ sav->key_enc = NULL;
+ sav->sched = NULL;
+ sav->schedlen = 0;
+ sav->iv = NULL;
+ sav->lft_c = NULL;
+ sav->lft_h = NULL;
+ sav->lft_s = NULL;
+ sav->remote_ike_port = 0;
+ sav->natt_last_activity = natt_now;
+ sav->natt_encapsulated_src_port = 0;
+
+ sav->alg_auth = alg_auth;
+ sav->alg_enc = alg_enc;
+ sav->flags = flags;
+ sav->pid = pid;
+ sav->seq = seq;
+ key_setspi(sav, htonl(spi));
+
+ /*
+ * Verify that a nat-traversal port was specified if
+ * the nat-traversal flag is set.
+ */
+ if ((sav->flags & SADB_X_EXT_NATT) != 0) {
+ if (natt_port == 0) {
+ ipseclog((LOG_DEBUG, "key_setsaval2: natt port not set.\n"));
+ error = EINVAL;
+ goto fail;
}
- break;
+ sav->remote_ike_port = natt_port;
}
- /* check satype */
- switch (sav->sah->saidx.proto) {
- case IPPROTO_ESP:
- /* check flags */
- if ((sav->flags & SADB_X_EXT_OLD)
- && (sav->flags & SADB_X_EXT_DERIV)) {
- ipseclog((LOG_DEBUG, "key_mature: "
- "invalid flag (derived) given to old-esp.\n"));
- return EINVAL;
- }
- if (sav->alg_auth == SADB_AALG_NONE)
- checkmask = 1;
- else
- checkmask = 3;
- mustmask = 1;
- break;
- case IPPROTO_AH:
- /* check flags */
- if (sav->flags & SADB_X_EXT_DERIV) {
- ipseclog((LOG_DEBUG, "key_mature: "
- "invalid flag (derived) given to AH SA.\n"));
- return EINVAL;
+ /*
+ * Verify if SADB_X_EXT_NATT_MULTIPLEUSERS flag is set that
+ * SADB_X_EXT_NATT is set and SADB_X_EXT_NATT_KEEPALIVE is not
+ * set (we're not behind nat) - otherwise clear it.
+ */
+ if ((sav->flags & SADB_X_EXT_NATT_MULTIPLEUSERS) != 0)
+ if ((sav->flags & SADB_X_EXT_NATT) == 0 ||
+ (sav->flags & SADB_X_EXT_NATT_KEEPALIVE) != 0)
+ sav->flags &= ~SADB_X_EXT_NATT_MULTIPLEUSERS;
+
+ /* replay window */
+ if ((flags & SADB_X_EXT_OLD) == 0) {
+ sav->replay = keydb_newsecreplay(replay);
+ if (sav->replay == NULL) {
+ ipseclog((LOG_DEBUG, "key_setsaval: No more memory.\n"));
+ error = ENOBUFS;
+ goto fail;
}
- if (sav->alg_enc != SADB_EALG_NONE) {
- ipseclog((LOG_DEBUG, "key_mature: "
- "protocol and algorithm mismated.\n"));
+ }
+
+ /* Authentication keys */
+ sav->key_auth = (__typeof__(sav->key_auth))key_newbuf(key_auth, key_auth_len);
+ if (sav->key_auth == NULL) {
+ ipseclog((LOG_DEBUG, "key_setsaval: No more memory.\n"));
+ error = ENOBUFS;
+ goto fail;
+ }
+
+ /* Encryption key */
+ sav->key_enc = (__typeof__(sav->key_enc))key_newbuf(key_enc, key_enc_len);
+ if (sav->key_enc == NULL) {
+ ipseclog((LOG_DEBUG, "key_setsaval: No more memory.\n"));
+ error = ENOBUFS;
+ goto fail;
+ }
+
+ /* set iv */
+ sav->ivlen = 0;
+
+ if (satype == SADB_SATYPE_ESP) {
+#if IPSEC_ESP
+ algo = esp_algorithm_lookup(sav->alg_enc);
+ if (algo && algo->ivlen)
+ sav->ivlen = (*algo->ivlen)(algo, sav);
+ if (sav->ivlen != 0) {
+ KMALLOC_NOWAIT(sav->iv, caddr_t, sav->ivlen);
+ if (sav->iv == 0) {
+ lck_mtx_unlock(sadb_mutex);
+ KMALLOC_WAIT(sav->iv, caddr_t, sav->ivlen);
+ lck_mtx_lock(sadb_mutex);
+ if (sav->iv == 0) {
+ ipseclog((LOG_DEBUG, "key_setsaval: No more memory.\n"));
+ error = ENOBUFS;
+ goto fail;
+ }
+ }
+ /* initialize */
+ key_randomfill(sav->iv, sav->ivlen);
+ }
+#endif
+ }
+
+ /* reset created */
+ microtime(&tv);
+ sav->created = tv.tv_sec;
+
+ /* make lifetime for CURRENT */
+ KMALLOC_NOWAIT(sav->lft_c, struct sadb_lifetime *,
+ sizeof(struct sadb_lifetime));
+ if (sav->lft_c == NULL) {
+ lck_mtx_unlock(sadb_mutex);
+ KMALLOC_WAIT(sav->lft_c, struct sadb_lifetime *,
+ sizeof(struct sadb_lifetime));
+ lck_mtx_lock(sadb_mutex);
+ if (sav->lft_c == NULL) {
+ ipseclog((LOG_DEBUG, "key_setsaval: No more memory.\n"));
+ error = ENOBUFS;
+ goto fail;
+ }
+ }
+
+ microtime(&tv);
+
+ sav->lft_c->sadb_lifetime_len =
+ PFKEY_UNIT64(sizeof(struct sadb_lifetime));
+ sav->lft_c->sadb_lifetime_exttype = SADB_EXT_LIFETIME_CURRENT;
+ sav->lft_c->sadb_lifetime_allocations = 0;
+ sav->lft_c->sadb_lifetime_bytes = 0;
+ sav->lft_c->sadb_lifetime_addtime = tv.tv_sec;
+ sav->lft_c->sadb_lifetime_usetime = 0;
+
+ /* lifetimes for HARD and SOFT */
+ sav->lft_h = (__typeof__(sav->lft_h))key_newbuf(lifetime_hard,
+ sizeof(*lifetime_hard));
+ if (sav->lft_h == NULL) {
+ ipseclog((LOG_DEBUG, "key_setsaval: No more memory.\n"));
+ error = ENOBUFS;
+ goto fail;
+ }
+ sav->lft_s = (__typeof__(sav->lft_s))key_newbuf(lifetime_soft,
+ sizeof(*lifetime_soft));
+ if (sav->lft_s == NULL) {
+ ipseclog((LOG_DEBUG, "key_setsaval: No more memory.\n"));
+ error = ENOBUFS;
+ goto fail;
+ }
+
+ return 0;
+
+fail:
+ /* initialization */
+ if (sav->replay != NULL) {
+ keydb_delsecreplay(sav->replay);
+ sav->replay = NULL;
+ }
+ if (sav->key_auth != NULL) {
+ bzero(_KEYBUF(sav->key_auth), _KEYLEN(sav->key_auth));
+ KFREE(sav->key_auth);
+ sav->key_auth = NULL;
+ }
+ if (sav->key_enc != NULL) {
+ bzero(_KEYBUF(sav->key_enc), _KEYLEN(sav->key_enc));
+ KFREE(sav->key_enc);
+ sav->key_enc = NULL;
+ }
+ if (sav->sched) {
+ bzero(sav->sched, sav->schedlen);
+ KFREE(sav->sched);
+ sav->sched = NULL;
+ }
+ if (sav->iv != NULL) {
+ KFREE(sav->iv);
+ sav->iv = NULL;
+ }
+ if (sav->lft_c != NULL) {
+ KFREE(sav->lft_c);
+ sav->lft_c = NULL;
+ }
+ if (sav->lft_h != NULL) {
+ KFREE(sav->lft_h);
+ sav->lft_h = NULL;
+ }
+ if (sav->lft_s != NULL) {
+ KFREE(sav->lft_s);
+ sav->lft_s = NULL;
+ }
+
+ return error;
+}
+
+/*
+ * validation with a secasvar entry, and set SADB_SATYPE_MATURE.
+ * OUT: 0: valid
+ * other: errno
+ */
+static int
+key_mature(
+ struct secasvar *sav)
+{
+ int mature;
+ int checkmask = 0; /* 2^0: ealg 2^1: aalg 2^2: calg */
+ int mustmask = 0; /* 2^0: ealg 2^1: aalg 2^2: calg */
+
+ mature = 0;
+
+ lck_mtx_assert(sadb_mutex, LCK_MTX_ASSERT_OWNED);
+
+ /* check SPI value */
+ switch (sav->sah->saidx.proto) {
+ case IPPROTO_ESP:
+ case IPPROTO_AH:
+
+ /* No reason to test if this is >= 0, because ntohl(sav->spi) is unsigned. */
+ if (ntohl(sav->spi) <= 255) {
+ ipseclog((LOG_DEBUG,
+ "key_mature: illegal range of SPI %u.\n",
+ (u_int32_t)ntohl(sav->spi)));
+ return EINVAL;
+ }
+ break;
+ }
+
+ /* check satype */
+ switch (sav->sah->saidx.proto) {
+ case IPPROTO_ESP:
+ /* check flags */
+ if ((sav->flags & SADB_X_EXT_OLD)
+ && (sav->flags & SADB_X_EXT_DERIV)) {
+ ipseclog((LOG_DEBUG, "key_mature: "
+ "invalid flag (derived) given to old-esp.\n"));
+ return EINVAL;
+ }
+ if (sav->alg_auth == SADB_AALG_NONE)
+ checkmask = 1;
+ else
+ checkmask = 3;
+ mustmask = 1;
+ break;
+ case IPPROTO_AH:
+ /* check flags */
+ if (sav->flags & SADB_X_EXT_DERIV) {
+ ipseclog((LOG_DEBUG, "key_mature: "
+ "invalid flag (derived) given to AH SA.\n"));
+ return EINVAL;
+ }
+ if (sav->alg_enc != SADB_EALG_NONE) {
+ ipseclog((LOG_DEBUG, "key_mature: "
+ "protocol and algorithm mismated.\n"));
return(EINVAL);
}
checkmask = 2;
* subroutine for SADB_GET and SADB_DUMP.
*/
static struct mbuf *
-key_setdumpsa(sav, type, satype, seq, pid)
- struct secasvar *sav;
- u_int8_t type, satype;
- u_int32_t seq, pid;
+key_setdumpsa(
+ struct secasvar *sav,
+ u_int8_t type,
+ u_int8_t satype,
+ u_int32_t seq,
+ u_int32_t pid)
{
struct mbuf *result = NULL, *tres = NULL, *m;
int l = 0;
if ((!m && !p) || (m && p))
goto fail;
if (p && tres) {
- M_PREPEND(tres, l, M_DONTWAIT);
+ M_PREPEND(tres, l, M_WAITOK);
if (!tres)
goto fail;
bcopy(p, mtod(tres, caddr_t), l);
* set data into sadb_msg.
*/
static struct mbuf *
-key_setsadbmsg(type, tlen, satype, seq, pid, reserved)
- u_int8_t type, satype;
- u_int16_t tlen;
- u_int32_t seq;
- pid_t pid;
- u_int16_t reserved;
+key_setsadbmsg(
+ u_int8_t type,
+ u_int16_t tlen,
+ u_int8_t satype,
+ u_int32_t seq,
+ pid_t pid,
+ u_int16_t reserved)
{
struct mbuf *m;
struct sadb_msg *p;
* copy secasvar data into sadb_address.
*/
static struct mbuf *
-key_setsadbsa(sav)
- struct secasvar *sav;
+key_setsadbsa(
+ struct secasvar *sav)
{
struct mbuf *m;
struct sadb_sa *p;
* set data into sadb_address.
*/
static struct mbuf *
-key_setsadbaddr(exttype, saddr, prefixlen, ul_proto)
- u_int16_t exttype;
- struct sockaddr *saddr;
- u_int8_t prefixlen;
- u_int16_t ul_proto;
+key_setsadbaddr(
+ u_int16_t exttype,
+ struct sockaddr *saddr,
+ u_int8_t prefixlen,
+ u_int16_t ul_proto)
{
struct mbuf *m;
struct sadb_address *p;
return m;
}
+/*
+ * set data into sadb_session_id
+ */
+static struct mbuf *
+key_setsadbsession_id (u_int64_t session_ids[])
+{
+ struct mbuf *m;
+ struct sadb_session_id *p;
+ size_t len;
+
+ len = PFKEY_ALIGN8(sizeof(*p));
+ m = key_alloc_mbuf(len);
+ if (!m || m->m_next) { /*XXX*/
+ if (m)
+ m_freem(m);
+ return NULL;
+ }
+
+ p = mtod(m, __typeof__(p));
+
+ bzero(p, len);
+ p->sadb_session_id_len = PFKEY_UNIT64(len);
+ p->sadb_session_id_exttype = SADB_EXT_SESSION_ID;
+ p->sadb_session_id_v[0] = session_ids[0];
+ p->sadb_session_id_v[1] = session_ids[1];
+
+ return m;
+}
+
+/*
+ * copy stats data into sadb_sastat type.
+ */
+static struct mbuf *
+key_setsadbsastat (u_int32_t dir,
+ struct sastat *stats,
+ u_int32_t max_stats)
+{
+ struct mbuf *m;
+ struct sadb_sastat *p;
+ int list_len, len;
+
+ if (!stats) {
+ return NULL;
+ }
+
+ list_len = sizeof(*stats) * max_stats;
+ len = PFKEY_ALIGN8(sizeof(*p)) + PFKEY_ALIGN8(list_len);
+ m = key_alloc_mbuf(len);
+ if (!m || m->m_next) { /*XXX*/
+ if (m)
+ m_freem(m);
+ return NULL;
+ }
+
+ p = mtod(m, __typeof__(p));
+
+ bzero(p, len);
+ p->sadb_sastat_len = PFKEY_UNIT64(len);
+ p->sadb_sastat_exttype = SADB_EXT_SASTAT;
+ p->sadb_sastat_dir = dir;
+ p->sadb_sastat_list_len = max_stats;
+ if (list_len) {
+ bcopy(stats,
+ mtod(m, caddr_t) + PFKEY_ALIGN8(sizeof(*p)),
+ list_len);
+ }
+
+ return m;
+}
+
#if 0
/*
* set data into sadb_ident.
*/
static struct mbuf *
-key_setsadbident(exttype, idtype, string, stringlen, id)
- u_int16_t exttype, idtype;
- caddr_t string;
- int stringlen;
- u_int64_t id;
+key_setsadbident(
+ u_int16_t exttype,
+ u_int16_t idtype,
+ caddr_t string,
+ int stringlen,
+ u_int64_t id)
{
struct mbuf *m;
struct sadb_ident *p;
* set data into sadb_x_sa2.
*/
static struct mbuf *
-key_setsadbxsa2(mode, seq, reqid)
- u_int8_t mode;
- u_int32_t seq, reqid;
+key_setsadbxsa2(
+ u_int8_t mode,
+ u_int32_t seq,
+ u_int32_t reqid)
{
struct mbuf *m;
struct sadb_x_sa2 *p;
* set data into sadb_x_policy
*/
static struct mbuf *
-key_setsadbxpolicy(type, dir, id)
- u_int16_t type;
- u_int8_t dir;
- u_int32_t id;
+key_setsadbxpolicy(
+ u_int16_t type,
+ u_int8_t dir,
+ u_int32_t id)
{
struct mbuf *m;
struct sadb_x_policy *p;
* copy a buffer into the new buffer allocated.
*/
static void *
-key_newbuf(src, len)
- const void *src;
- u_int len;
+key_newbuf(
+ const void *src,
+ u_int len)
{
caddr_t new;
* 0: false
*/
int
-key_ismyaddr(sa)
- struct sockaddr *sa;
+key_ismyaddr(
+ struct sockaddr *sa)
{
#if INET
struct sockaddr_in *sin;
switch (sa->sa_family) {
#if INET
case AF_INET:
- lck_mtx_lock(rt_mtx);
- sin = (struct sockaddr_in *)sa;
+ lck_rw_lock_shared(in_ifaddr_rwlock);
+ sin = (struct sockaddr_in *)(void *)sa;
for (ia = in_ifaddrhead.tqh_first; ia;
- ia = ia->ia_link.tqe_next)
- {
+ ia = ia->ia_link.tqe_next) {
+ IFA_LOCK_SPIN(&ia->ia_ifa);
if (sin->sin_family == ia->ia_addr.sin_family &&
sin->sin_len == ia->ia_addr.sin_len &&
sin->sin_addr.s_addr == ia->ia_addr.sin_addr.s_addr)
{
- lck_mtx_unlock(rt_mtx);
+ IFA_UNLOCK(&ia->ia_ifa);
+ lck_rw_done(in_ifaddr_rwlock);
return 1;
}
+ IFA_UNLOCK(&ia->ia_ifa);
}
- lck_mtx_unlock(rt_mtx);
+ lck_rw_done(in_ifaddr_rwlock);
break;
#endif
#if INET6
case AF_INET6:
- return key_ismyaddr6((struct sockaddr_in6 *)sa);
+ return key_ismyaddr6((struct sockaddr_in6 *)(void *)sa);
#endif
}
#include <netinet6/in6_var.h>
static int
-key_ismyaddr6(sin6)
- struct sockaddr_in6 *sin6;
+key_ismyaddr6(
+ struct sockaddr_in6 *sin6)
{
struct in6_ifaddr *ia;
struct in6_multi *in6m;
- lck_mtx_lock(nd6_mutex);
+ lck_rw_lock_shared(&in6_ifaddr_rwlock);
for (ia = in6_ifaddrs; ia; ia = ia->ia_next) {
+ IFA_LOCK(&ia->ia_ifa);
if (key_sockaddrcmp((struct sockaddr *)&sin6,
(struct sockaddr *)&ia->ia_addr, 0) == 0) {
- lck_mtx_unlock(nd6_mutex);
+ IFA_UNLOCK(&ia->ia_ifa);
+ lck_rw_done(&in6_ifaddr_rwlock);
return 1;
}
+ IFA_UNLOCK(&ia->ia_ifa);
/*
* XXX Multicast
* XXX scope
*/
in6m = NULL;
- IN6_LOOKUP_MULTI(sin6->sin6_addr, ia->ia_ifp, in6m);
- if (in6m) {
- lck_mtx_unlock(nd6_mutex);
+ in6_multihead_lock_shared();
+ IN6_LOOKUP_MULTI(&sin6->sin6_addr, ia->ia_ifp, in6m);
+ in6_multihead_lock_done();
+ if (in6m != NULL) {
+ lck_rw_done(&in6_ifaddr_rwlock);
+ IN6M_REMREF(in6m);
return 1;
}
}
- lck_mtx_unlock(nd6_mutex);
+ lck_rw_done(&in6_ifaddr_rwlock);
/* loopback, just for safety */
if (IN6_IS_ADDR_LOOPBACK(&sin6->sin6_addr))
* 0 : not equal
*/
static int
-key_cmpsaidx(saidx0, saidx1, flag)
- struct secasindex *saidx0, *saidx1;
- int flag;
+key_cmpsaidx(
+ struct secasindex *saidx0,
+ struct secasindex *saidx1,
+ int flag)
{
/* sanity */
if (saidx0 == NULL && saidx1 == NULL)
* 0 : not equal
*/
static int
-key_cmpspidx_exactly(spidx0, spidx1)
- struct secpolicyindex *spidx0, *spidx1;
+key_cmpspidx_exactly(
+ struct secpolicyindex *spidx0,
+ struct secpolicyindex *spidx1)
{
/* sanity */
if (spidx0 == NULL && spidx1 == NULL)
* 0 : not equal
*/
static int
-key_cmpspidx_withmask(spidx0, spidx1)
- struct secpolicyindex *spidx0, *spidx1;
+key_cmpspidx_withmask(
+ struct secpolicyindex *spidx0,
+ struct secpolicyindex *spidx1)
{
/* sanity */
if (spidx0 == NULL && spidx1 == NULL)
/* returns 0 on match */
static int
-key_sockaddrcmp(sa1, sa2, port)
- struct sockaddr *sa1;
- struct sockaddr *sa2;
- int port;
+key_sockaddrcmp(
+ struct sockaddr *sa1,
+ struct sockaddr *sa2,
+ int port)
{
if (sa1->sa_family != sa2->sa_family || sa1->sa_len != sa2->sa_len)
return 1;
* 0 : not equal
*/
static int
-key_bbcmp(p1, p2, bits)
- caddr_t p1, p2;
- u_int bits;
+key_bbcmp(
+ caddr_t p1,
+ caddr_t p2,
+ u_int bits)
{
u_int8_t mask;
* and do to remove or to expire.
* XXX: year 2038 problem may remain.
*/
-
+int key_timehandler_debug = 0;
+u_int32_t spd_count = 0, sah_count = 0, dead_sah_count = 0, empty_sah_count = 0, larval_sav_count = 0, mature_sav_count = 0, dying_sav_count = 0, dead_sav_count = 0;
+u_int64_t total_sav_count = 0;
void
key_timehandler(void)
{
sp != NULL;
sp = nextsp) {
+ spd_count++;
nextsp = LIST_NEXT(sp, chain);
if (sp->state == IPSEC_SPSTATE_DEAD) {
sah != NULL;
sah = nextsah) {
+ sah_count++;
nextsah = LIST_NEXT(sah, chain);
/* if sah has been dead, then delete it and process next sah. */
if (sah->state == SADB_SASTATE_DEAD) {
key_delsah(sah);
+ dead_sah_count++;
continue;
}
-
+
+ if (LIST_FIRST(&sah->savtree[SADB_SASTATE_LARVAL]) == NULL &&
+ LIST_FIRST(&sah->savtree[SADB_SASTATE_MATURE]) == NULL &&
+ LIST_FIRST(&sah->savtree[SADB_SASTATE_DYING]) == NULL &&
+ LIST_FIRST(&sah->savtree[SADB_SASTATE_DEAD]) == NULL) {
+ key_delsah(sah);
+ empty_sah_count++;
+ continue;
+ }
+
/* if LARVAL entry doesn't become MATURE, delete it. */
for (sav = LIST_FIRST(&sah->savtree[SADB_SASTATE_LARVAL]);
sav != NULL;
sav = nextsav) {
+ larval_sav_count++;
+ total_sav_count++;
nextsav = LIST_NEXT(sav, chain);
if (tv.tv_sec - sav->created > key_larval_lifetime) {
*/
if (savkabuf && savkacount < savbufcount) {
sav = LIST_FIRST(&sah->savtree[SADB_SASTATE_MATURE]); //%%% should we check dying list if this is empty???
- if (natt_keepalive_interval && sav && (sav->flags & SADB_X_EXT_NATT_KEEPALIVE) != 0 &&
- (natt_now - sav->natt_last_activity) >= natt_keepalive_interval) {
- //ipsec_send_natt_keepalive(sav);
+ if (natt_keepalive_interval && sav &&
+ (sav->flags & (SADB_X_EXT_NATT_KEEPALIVE | SADB_X_EXT_ESP_KEEPALIVE)) != 0) {
sav->refcnt++;
*savkaptr++ = sav;
savkacount++;
sav != NULL;
sav = nextsav) {
+ mature_sav_count++;
+ total_sav_count++;
nextsav = LIST_NEXT(sav, chain);
/* we don't need to check. */
savexcount++;
}
}
-
+
/* check DYING entry to change status to DEAD. */
for (sav = LIST_FIRST(&sah->savtree[SADB_SASTATE_DYING]);
sav != NULL;
sav = nextsav) {
+ dying_sav_count++;
+ total_sav_count++;
nextsav = LIST_NEXT(sav, chain);
/* we don't need to check. */
sav != NULL;
sav = nextsav) {
+ dead_sav_count++;
+ total_sav_count++;
nextsav = LIST_NEXT(sav, chain);
/* sanity check */
}
}
+ if (++key_timehandler_debug >= 300) {
+ if (key_debug_level) {
+ printf("%s: total stats for %u calls\n", __FUNCTION__, key_timehandler_debug);
+ printf("%s: walked %u SPDs\n", __FUNCTION__, spd_count);
+ printf("%s: walked %llu SAs: LARVAL SAs %u, MATURE SAs %u, DYING SAs %u, DEAD SAs %u\n", __FUNCTION__,
+ total_sav_count, larval_sav_count, mature_sav_count, dying_sav_count, dead_sav_count);
+ printf("%s: walked %u SAHs: DEAD SAHs %u, EMPTY SAHs %u\n", __FUNCTION__,
+ sah_count, dead_sah_count, empty_sah_count);
+ if (sah_search_calls) {
+ printf("%s: SAH search cost %d iters per call\n", __FUNCTION__,
+ (sah_search_count/sah_search_calls));
+ }
+ }
+ spd_count = 0;
+ sah_count = 0;
+ dead_sah_count = 0;
+ empty_sah_count = 0;
+ larval_sav_count = 0;
+ mature_sav_count = 0;
+ dying_sav_count = 0;
+ dead_sav_count = 0;
+ total_sav_count = 0;
+ sah_search_count = 0;
+ sah_search_calls = 0;
+ key_timehandler_debug = 0;
+ }
#ifndef IPSEC_NONBLOCK_ACQUIRE
/* ACQ tree */
{
key_spdexpire(*(--spptr));
}
if (savkabuf && savkacount > 0) {
- cnt = savkacount;
- while (cnt--)
- ipsec_send_natt_keepalive(*(--savkaptr));
+ struct secasvar **savkaptr_sav = savkaptr;
+ int cnt_send = savkacount;
+
+ while (cnt_send--) {
+ if (ipsec_send_natt_keepalive(*(--savkaptr))) {
+ // <rdar://6768487> iterate (all over again) and update timestamps
+ struct secasvar **savkaptr_update = savkaptr_sav;
+ int cnt_update = savkacount;
+ while (cnt_update--) {
+ key_update_natt_keepalive_timestamp(*savkaptr,
+ *(--savkaptr_update));
+ }
+ }
+ }
}
if (savexbuf && savexcount > 0) {
cnt = savexcount;
* to initialize a seed for random()
*/
static void
-key_srandom()
+key_srandom(void)
{
#ifdef __APPLE__
/* Our PRNG is based on Yarrow and doesn't need to be seeded */
return;
}
-u_long
-key_random()
+u_int32_t
+key_random(void)
{
- u_long value;
+ u_int32_t value;
key_randomfill(&value, sizeof(value));
return value;
}
void
-key_randomfill(p, l)
- void *p;
- size_t l;
+key_randomfill(
+ void *p,
+ size_t l)
{
#ifdef __APPLE__
read_random(p, (u_int)l);
#else
size_t n;
- u_long v;
+ u_int32_t v;
static int warn = 1;
n = 0;
* 0: invalid satype.
*/
static u_int16_t
-key_satype2proto(satype)
- u_int8_t satype;
+key_satype2proto(
+ u_int8_t satype)
{
switch (satype) {
case SADB_SATYPE_UNSPEC:
* 0: invalid protocol type.
*/
static u_int8_t
-key_proto2satype(proto)
- u_int16_t proto;
+key_proto2satype(
+ u_int16_t proto)
{
switch (proto) {
case IPPROTO_AH:
* other if success, return pointer to the message to send.
*/
static int
-key_getspi(so, m, mhp)
- struct socket *so;
- struct mbuf *m;
- const struct sadb_msghdr *mhp;
+key_getspi(
+ struct socket *so,
+ struct mbuf *m,
+ const struct sadb_msghdr *mhp)
{
struct sadb_address *src0, *dst0;
struct secasindex saidx;
return key_senderror(so, m, EINVAL);
}
if (mhp->ext[SADB_X_EXT_SA2] != NULL) {
- mode = ((struct sadb_x_sa2 *)mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_mode;
- reqid = ((struct sadb_x_sa2 *)mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_reqid;
+ mode = ((struct sadb_x_sa2 *)
+ (void *)mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_mode;
+ reqid = ((struct sadb_x_sa2 *)
+ (void *)mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_reqid;
} else {
mode = IPSEC_MODE_ANY;
reqid = 0;
if (((struct sockaddr *)(src0 + 1))->sa_len !=
sizeof(struct sockaddr_in))
return key_senderror(so, m, EINVAL);
- ((struct sockaddr_in *)(src0 + 1))->sin_port = 0;
+ ((struct sockaddr_in *)(void *)(src0 + 1))->sin_port = 0;
break;
case AF_INET6:
if (((struct sockaddr *)(src0 + 1))->sa_len !=
sizeof(struct sockaddr_in6))
return key_senderror(so, m, EINVAL);
- ((struct sockaddr_in6 *)(src0 + 1))->sin6_port = 0;
+ ((struct sockaddr_in6 *)(void *)(src0 + 1))->sin6_port = 0;
break;
default:
; /*???*/
if (((struct sockaddr *)(dst0 + 1))->sa_len !=
sizeof(struct sockaddr_in))
return key_senderror(so, m, EINVAL);
- ((struct sockaddr_in *)(dst0 + 1))->sin_port = 0;
+ ((struct sockaddr_in *)(void *)(dst0 + 1))->sin_port = 0;
break;
case AF_INET6:
if (((struct sockaddr *)(dst0 + 1))->sa_len !=
sizeof(struct sockaddr_in6))
return key_senderror(so, m, EINVAL);
- ((struct sockaddr_in6 *)(dst0 + 1))->sin6_port = 0;
+ ((struct sockaddr_in6 *)(void *)(dst0 + 1))->sin6_port = 0;
break;
default:
; /*???*/
KEY_SETSECASIDX(proto, mode, reqid, src0 + 1, dst0 + 1, &saidx);
lck_mtx_lock(sadb_mutex);
-
+
/* SPI allocation */
- spi = key_do_getnewspi((struct sadb_spirange *)mhp->ext[SADB_EXT_SPIRANGE],
- &saidx);
+ spi = key_do_getnewspi((struct sadb_spirange *)
+ (void *)mhp->ext[SADB_EXT_SPIRANGE], &saidx);
if (spi == 0) {
lck_mtx_unlock(sadb_mutex);
return key_senderror(so, m, EINVAL);
/* get a SA index */
if ((newsah = key_getsah(&saidx)) == NULL) {
- /* create a new SA index */
- if ((newsah = key_newsah(&saidx)) == NULL) {
+ /* create a new SA index: key_addspi is always used for inbound spi */
+ if ((newsah = key_newsah(&saidx, IPSEC_DIR_INBOUND)) == NULL) {
lck_mtx_unlock(sadb_mutex);
ipseclog((LOG_DEBUG, "key_getspi: No more memory.\n"));
return key_senderror(so, m, ENOBUFS);
if (len > MCLBYTES)
return key_senderror(so, m, ENOBUFS);
- MGETHDR(n, M_DONTWAIT, MT_DATA);
- if (len > MHLEN) {
- MCLGET(n, M_DONTWAIT);
+ MGETHDR(n, M_WAITOK, MT_DATA);
+ if (n && len > MHLEN) {
+ MCLGET(n, M_WAITOK);
if ((n->m_flags & M_EXT) == 0) {
m_freem(n);
n = NULL;
m_copydata(m, 0, sizeof(struct sadb_msg), mtod(n, caddr_t) + off);
off += PFKEY_ALIGN8(sizeof(struct sadb_msg));
- m_sa = (struct sadb_sa *)(mtod(n, caddr_t) + off);
+ m_sa = (struct sadb_sa *)(void *)(mtod(n, caddr_t) + off);
m_sa->sadb_sa_len = PFKEY_UNIT64(sizeof(struct sadb_sa));
m_sa->sadb_sa_exttype = SADB_EXT_SA;
m_sa->sadb_sa_spi = htonl(spi);
}
}
+u_int32_t
+key_getspi2(struct sockaddr *src,
+ struct sockaddr *dst,
+ u_int8_t proto,
+ u_int8_t mode,
+ u_int32_t reqid,
+ struct sadb_spirange *spirange)
+{
+ u_int32_t spi;
+ struct secasindex saidx;
+
+ lck_mtx_assert(sadb_mutex, LCK_MTX_ASSERT_NOTOWNED);
+
+ /* XXX boundary check against sa_len */
+ KEY_SETSECASIDX(proto, mode, reqid, src, dst, &saidx);
+
+ /* make sure if port number is zero. */
+ switch (((struct sockaddr *)&saidx.src)->sa_family) {
+ case AF_INET:
+ if (((struct sockaddr *)&saidx.src)->sa_len != sizeof(struct sockaddr_in))
+ return 0;
+ ((struct sockaddr_in *)&saidx.src)->sin_port = 0;
+ break;
+ case AF_INET6:
+ if (((struct sockaddr *)&saidx.src)->sa_len != sizeof(struct sockaddr_in6))
+ return 0;
+ ((struct sockaddr_in6 *)&saidx.src)->sin6_port = 0;
+ break;
+ default:
+ ; /*???*/
+ }
+ switch (((struct sockaddr *)&saidx.dst)->sa_family) {
+ case AF_INET:
+ if (((struct sockaddr *)&saidx.dst)->sa_len != sizeof(struct sockaddr_in))
+ return 0;
+ ((struct sockaddr_in *)&saidx.dst)->sin_port = 0;
+ break;
+ case AF_INET6:
+ if (((struct sockaddr *)&saidx.dst)->sa_len != sizeof(struct sockaddr_in6))
+ return 0;
+ ((struct sockaddr_in6 *)&saidx.dst)->sin6_port = 0;
+ break;
+ default:
+ ; /*???*/
+ }
+
+ lck_mtx_lock(sadb_mutex);
+
+ /* SPI allocation */
+ spi = key_do_getnewspi(spirange, &saidx);
+
+ lck_mtx_unlock(sadb_mutex);
+
+ return spi;
+}
+
/*
* allocating new SPI
- * called by key_getspi().
+ * called by key_getspi() and key_getspi2().
* OUT:
* 0: failure.
* others: success.
*/
static u_int32_t
-key_do_getnewspi(spirange, saidx)
- struct sadb_spirange *spirange;
- struct secasindex *saidx;
+key_do_getnewspi(
+ struct sadb_spirange *spirange,
+ struct secasindex *saidx)
{
u_int32_t newspi;
u_int32_t keymin, keymax;
} else {
- u_long range = keymax - keymin + 1; /* overflow value of zero means full range */
+ u_int32_t range = keymax - keymin + 1; /* overflow value of zero means full range */
/* init SPI */
newspi = 0;
/* when requesting to allocate spi ranged */
while (count--) {
- u_long rand_val = key_random();
+ u_int32_t rand_val = key_random();
/* generate pseudo-random SPI value ranged. */
newspi = (range == 0 ? rand_val : keymin + (rand_val % range));
* m will always be freed.
*/
static int
-key_update(so, m, mhp)
- struct socket *so;
- struct mbuf *m;
- const struct sadb_msghdr *mhp;
+key_update(
+ struct socket *so,
+ struct mbuf *m,
+ const struct sadb_msghdr *mhp)
{
struct sadb_sa *sa0;
struct sadb_address *src0, *dst0;
return key_senderror(so, m, EINVAL);
}
if (mhp->ext[SADB_X_EXT_SA2] != NULL) {
- mode = ((struct sadb_x_sa2 *)mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_mode;
- reqid = ((struct sadb_x_sa2 *)mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_reqid;
+ mode = ((struct sadb_x_sa2 *)
+ (void *)mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_mode;
+ reqid = ((struct sadb_x_sa2 *)
+ (void *)mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_reqid;
} else {
mode = IPSEC_MODE_ANY;
reqid = 0;
}
/* XXX boundary checking for other extensions */
- sa0 = (struct sadb_sa *)mhp->ext[SADB_EXT_SA];
+ sa0 = (struct sadb_sa *)(void *)mhp->ext[SADB_EXT_SA];
src0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_SRC]);
dst0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_DST]);
KEY_SETSECASIDX(proto, mode, reqid, src0 + 1, dst0 + 1, &saidx);
lck_mtx_lock(sadb_mutex);
-
+
/* get a SA header */
if ((sah = key_getsah(&saidx)) == NULL) {
lck_mtx_unlock(sadb_mutex);
*/
#if IPSEC_DOSEQCHECK
static struct secasvar *
-key_getsavbyseq(sah, seq)
- struct secashead *sah;
- u_int32_t seq;
+key_getsavbyseq(
+ struct secashead *sah,
+ u_int32_t seq)
{
struct secasvar *sav;
u_int state;
* m will always be freed.
*/
static int
-key_add(so, m, mhp)
- struct socket *so;
- struct mbuf *m;
- const struct sadb_msghdr *mhp;
+key_add(
+ struct socket *so,
+ struct mbuf *m,
+ const struct sadb_msghdr *mhp)
{
struct sadb_sa *sa0;
struct sadb_address *src0, *dst0;
return key_senderror(so, m, EINVAL);
}
if (mhp->ext[SADB_X_EXT_SA2] != NULL) {
- mode = ((struct sadb_x_sa2 *)mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_mode;
- reqid = ((struct sadb_x_sa2 *)mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_reqid;
+ mode = ((struct sadb_x_sa2 *)
+ (void *)mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_mode;
+ reqid = ((struct sadb_x_sa2 *)
+ (void *)mhp->ext[SADB_X_EXT_SA2])->sadb_x_sa2_reqid;
} else {
mode = IPSEC_MODE_ANY;
reqid = 0;
}
- sa0 = (struct sadb_sa *)mhp->ext[SADB_EXT_SA];
+ sa0 = (struct sadb_sa *)(void *)mhp->ext[SADB_EXT_SA];
src0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_SRC];
dst0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_DST];
KEY_SETSECASIDX(proto, mode, reqid, src0 + 1, dst0 + 1, &saidx);
lck_mtx_lock(sadb_mutex);
-
+
/* get a SA header */
if ((newsah = key_getsah(&saidx)) == NULL) {
- /* create a new SA header */
- if ((newsah = key_newsah(&saidx)) == NULL) {
+ /* create a new SA header: key_addspi is always used for outbound spi */
+ if ((newsah = key_newsah(&saidx, IPSEC_DIR_OUTBOUND)) == NULL) {
lck_mtx_unlock(sadb_mutex);
ipseclog((LOG_DEBUG, "key_add: No more memory.\n"));
return key_senderror(so, m, ENOBUFS);
/* m is retained */
static int
-key_setident(sah, m, mhp)
- struct secashead *sah;
- struct mbuf *m;
- const struct sadb_msghdr *mhp;
+key_setident(
+ struct secashead *sah,
+ struct mbuf *m,
+ const struct sadb_msghdr *mhp)
{
const struct sadb_ident *idsrc, *iddst;
int idsrclen, iddstlen;
return EINVAL;
}
- idsrc = (const struct sadb_ident *)mhp->ext[SADB_EXT_IDENTITY_SRC];
- iddst = (const struct sadb_ident *)mhp->ext[SADB_EXT_IDENTITY_DST];
+ idsrc = (const struct sadb_ident *)
+ (void *)mhp->ext[SADB_EXT_IDENTITY_SRC];
+ iddst = (const struct sadb_ident *)
+ (void *)mhp->ext[SADB_EXT_IDENTITY_DST];
idsrclen = mhp->extlen[SADB_EXT_IDENTITY_SRC];
iddstlen = mhp->extlen[SADB_EXT_IDENTITY_DST];
* it is caller's responsibility to free the result.
*/
static struct mbuf *
-key_getmsgbuf_x1(m, mhp)
- struct mbuf *m;
- const struct sadb_msghdr *mhp;
+key_getmsgbuf_x1(
+ struct mbuf *m,
+ const struct sadb_msghdr *mhp)
{
struct mbuf *n;
int mbufItems[] = {SADB_EXT_RESERVED, SADB_EXT_SA,
* m will always be freed.
*/
static int
-key_delete(so, m, mhp)
- struct socket *so;
- struct mbuf *m;
- const struct sadb_msghdr *mhp;
+key_delete(
+ struct socket *so,
+ struct mbuf *m,
+ const struct sadb_msghdr *mhp)
{
struct sadb_sa *sa0;
struct sadb_address *src0, *dst0;
return key_senderror(so, m, EINVAL);
}
- sa0 = (struct sadb_sa *)mhp->ext[SADB_EXT_SA];
+ sa0 = (struct sadb_sa *)(void *)mhp->ext[SADB_EXT_SA];
src0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_SRC]);
dst0 = (struct sadb_address *)(mhp->ext[SADB_EXT_ADDRESS_DST]);
* delete all SAs for src/dst. Called from key_delete().
*/
static int
-key_delete_all(so, m, mhp, proto)
- struct socket *so;
- struct mbuf *m;
- const struct sadb_msghdr *mhp;
- u_int16_t proto;
+key_delete_all(
+ struct socket *so,
+ struct mbuf *m,
+ const struct sadb_msghdr *mhp,
+ u_int16_t proto)
{
struct sadb_address *src0, *dst0;
struct secasindex saidx;
* m will always be freed.
*/
static int
-key_get(so, m, mhp)
- struct socket *so;
- struct mbuf *m;
- const struct sadb_msghdr *mhp;
+key_get(
+ struct socket *so,
+ struct mbuf *m,
+ const struct sadb_msghdr *mhp)
{
struct sadb_sa *sa0;
struct sadb_address *src0, *dst0;
return key_senderror(so, m, EINVAL);
}
- sa0 = (struct sadb_sa *)mhp->ext[SADB_EXT_SA];
+ sa0 = (struct sadb_sa *)(void *)mhp->ext[SADB_EXT_SA];
src0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_SRC];
dst0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_DST];
}
}
+/*
+ * get SA stats by spi.
+ * OUT: -1 : not found
+ * 0 : found, arg pointer to a SA stats is updated.
+ */
+static int
+key_getsastatbyspi_one (u_int32_t spi,
+ struct sastat *stat)
+{
+ struct secashead *sah;
+ struct secasvar *sav = NULL;
+
+ if ((void *)stat == NULL) {
+ return -1;
+ }
+
+ lck_mtx_lock(sadb_mutex);
+
+ /* get a SA header */
+ LIST_FOREACH(sah, &sahtree, chain) {
+ if (sah->state == SADB_SASTATE_DEAD)
+ continue;
+
+ /* get a SA with SPI. */
+ sav = key_getsavbyspi(sah, spi);
+ if (sav) {
+ stat->spi = sav->spi;
+ stat->created = sav->created;
+ if (sav->lft_c) {
+ bcopy(sav->lft_c,&stat->lft_c, sizeof(stat->lft_c));
+ } else {
+ bzero(&stat->lft_c, sizeof(stat->lft_c));
+ }
+ lck_mtx_unlock(sadb_mutex);
+ return 0;
+ }
+ }
+
+ lck_mtx_unlock(sadb_mutex);
+
+ return -1;
+}
+
+/*
+ * get SA stats collection by indices.
+ * OUT: -1 : not found
+ * 0 : found, arg pointers to a SA stats and 'maximum stats' are updated.
+ */
+static int
+key_getsastatbyspi (struct sastat *stat_arg,
+ u_int32_t max_stat_arg,
+ struct sastat *stat_res,
+ u_int32_t *max_stat_res)
+{
+ int cur, found = 0;
+
+ if (stat_arg == NULL ||
+ stat_res == NULL ||
+ max_stat_res == NULL) {
+ return -1;
+ }
+
+ for (cur = 0; cur < max_stat_arg; cur++) {
+ if (key_getsastatbyspi_one(stat_arg[cur].spi,
+ &stat_res[found]) == 0) {
+ found++;
+ }
+ }
+ *max_stat_res = found;
+
+ if (found) {
+ return 0;
+ }
+ return -1;
+}
+
/* XXX make it sysctl-configurable? */
static void
-key_getcomb_setlifetime(comb)
- struct sadb_comb *comb;
+key_getcomb_setlifetime(
+ struct sadb_comb *comb)
{
comb->sadb_comb_soft_allocations = 1;
* XXX no idea if the user wants ESP authentication or not
*/
static struct mbuf *
-key_getcomb_esp()
+key_getcomb_esp(void)
{
struct sadb_comb *comb;
const struct esp_algorithm *algo;
if (l > MLEN)
panic("assumption failed in key_getcomb_esp");
#endif
- MGET(m, M_DONTWAIT, MT_DATA);
+ MGET(m, M_WAITOK, MT_DATA);
if (m) {
M_ALIGN(m, l);
m->m_len = l;
/* m is already freed */
goto fail;
}
- comb = (struct sadb_comb *)(mtod(n, caddr_t) + o);
+ comb = (struct sadb_comb *)
+ (void *)(mtod(n, caddr_t) + o);
bzero(comb, sizeof(*comb));
key_getcomb_setlifetime(comb);
comb->sadb_comb_encrypt = i;
* XXX reorder combinations by preference
*/
static struct mbuf *
-key_getcomb_ah()
+key_getcomb_ah(void)
{
struct sadb_comb *comb;
const struct ah_algorithm *algo;
if (l > MLEN)
panic("assumption failed in key_getcomb_ah");
#endif
- MGET(m, M_DONTWAIT, MT_DATA);
+ MGET(m, M_WAITOK, MT_DATA);
if (m) {
M_ALIGN(m, l);
m->m_len = l;
m->m_next = NULL;
}
} else
- M_PREPEND(m, l, M_DONTWAIT);
+ M_PREPEND(m, l, M_WAITOK);
if (!m)
return NULL;
* XXX reorder combinations by preference
*/
static struct mbuf *
-key_getcomb_ipcomp()
+key_getcomb_ipcomp(void)
{
struct sadb_comb *comb;
const struct ipcomp_algorithm *algo;
if (l > MLEN)
panic("assumption failed in key_getcomb_ipcomp");
#endif
- MGET(m, M_DONTWAIT, MT_DATA);
+ MGET(m, M_WAITOK, MT_DATA);
if (m) {
M_ALIGN(m, l);
m->m_len = l;
m->m_next = NULL;
}
} else
- M_PREPEND(m, l, M_DONTWAIT);
+ M_PREPEND(m, l, M_WAITOK);
if (!m)
return NULL;
* XXX sysctl interface to ipsec_{ah,esp}_keymin
*/
static struct mbuf *
-key_getprop(saidx)
- const struct secasindex *saidx;
+key_getprop(
+ const struct secasindex *saidx)
{
struct sadb_prop *prop;
struct mbuf *m, *n;
if (!m)
return NULL;
- M_PREPEND(m, l, M_DONTWAIT);
+ M_PREPEND(m, l, M_WAITOK);
if (!m)
return NULL;
* others: error number
*/
static int
-key_acquire(saidx, sp)
- struct secasindex *saidx;
- struct secpolicy *sp;
+key_acquire(
+ struct secasindex *saidx,
+ struct secpolicy *sp)
{
struct mbuf *result = NULL, *m;
#ifndef IPSEC_NONBLOCK_ACQUIRE
}
m_cat(result, m);
}
-
+
/* XXX identity (optional) */
#if 0
if (idexttype && fqdn) {
#ifndef IPSEC_NONBLOCK_ACQUIRE
static struct secacq *
-key_newacq(saidx)
- struct secasindex *saidx;
+key_newacq(
+ struct secasindex *saidx)
{
struct secacq *newacq;
struct timeval tv;
}
static struct secacq *
-key_getacq(saidx)
- struct secasindex *saidx;
+key_getacq(
+ struct secasindex *saidx)
{
struct secacq *acq;
}
static struct secacq *
-key_getacqbyseq(seq)
- u_int32_t seq;
+key_getacqbyseq(
+ u_int32_t seq)
{
struct secacq *acq;
#endif
static struct secspacq *
-key_newspacq(spidx)
- struct secpolicyindex *spidx;
+key_newspacq(
+ struct secpolicyindex *spidx)
{
struct secspacq *acq;
struct timeval tv;
}
static struct secspacq *
-key_getspacq(spidx)
- struct secpolicyindex *spidx;
+key_getspacq(
+ struct secpolicyindex *spidx)
{
struct secspacq *acq;
* m will always be freed.
*/
static int
-key_acquire2(so, m, mhp)
- struct socket *so;
- struct mbuf *m;
- const struct sadb_msghdr *mhp;
+key_acquire2(
+ struct socket *so,
+ struct mbuf *m,
+ const struct sadb_msghdr *mhp)
{
const struct sadb_address *src0, *dst0;
struct secasindex saidx;
return key_senderror(so, m, EINVAL);
}
- src0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_SRC];
- dst0 = (struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_DST];
+ src0 = (const struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_SRC];
+ dst0 = (const struct sadb_address *)mhp->ext[SADB_EXT_ADDRESS_DST];
/* XXX boundary check against sa_len */
+ /* cast warnings */
KEY_SETSECASIDX(proto, IPSEC_MODE_ANY, 0, src0 + 1, dst0 + 1, &saidx);
/* get a SA index */
* m will always be freed.
*/
static int
-key_register(so, m, mhp)
- struct socket *so;
- struct mbuf *m;
- const struct sadb_msghdr *mhp;
+key_register(
+ struct socket *so,
+ struct mbuf *m,
+ const struct sadb_msghdr *mhp)
{
struct secreg *reg, *newreg = 0;
if (len > MCLBYTES)
return key_senderror(so, m, ENOBUFS);
- MGETHDR(n, M_DONTWAIT, MT_DATA);
- if (len > MHLEN) {
- MCLGET(n, M_DONTWAIT);
+ MGETHDR(n, M_WAITOK, MT_DATA);
+ if (n && len > MHLEN) {
+ MCLGET(n, M_WAITOK);
if ((n->m_flags & M_EXT) == 0) {
m_freem(n);
n = NULL;
/* for authentication algorithm */
if (alen) {
- sup = (struct sadb_supported *)(mtod(n, caddr_t) + off);
+ sup = (struct sadb_supported *)(void *)(mtod(n, caddr_t) + off);
sup->sadb_supported_len = PFKEY_UNIT64(alen);
sup->sadb_supported_exttype = SADB_EXT_SUPPORTED_AUTH;
off += PFKEY_ALIGN8(sizeof(*sup));
aalgo = ah_algorithm_lookup(i);
if (!aalgo)
continue;
- alg = (struct sadb_alg *)(mtod(n, caddr_t) + off);
+ alg = (struct sadb_alg *)
+ (void *)(mtod(n, caddr_t) + off);
alg->sadb_alg_id = i;
alg->sadb_alg_ivlen = 0;
alg->sadb_alg_minbits = aalgo->keymin;
#if IPSEC_ESP
/* for encryption algorithm */
if (elen) {
- sup = (struct sadb_supported *)(mtod(n, caddr_t) + off);
+ sup = (struct sadb_supported *)(void *)(mtod(n, caddr_t) + off);
sup->sadb_supported_len = PFKEY_UNIT64(elen);
sup->sadb_supported_exttype = SADB_EXT_SUPPORTED_ENCRYPT;
off += PFKEY_ALIGN8(sizeof(*sup));
ealgo = esp_algorithm_lookup(i);
if (!ealgo)
continue;
- alg = (struct sadb_alg *)(mtod(n, caddr_t) + off);
+ alg = (struct sadb_alg *)
+ (void *)(mtod(n, caddr_t) + off);
alg->sadb_alg_id = i;
if (ealgo && ealgo->ivlen) {
/*
* XXX: I want to do free a socket marked done SADB_RESIGER to socket.
*/
void
-key_freereg(so)
- struct socket *so;
+key_freereg(
+ struct socket *so)
{
struct secreg *reg;
int i;
* others : error number
*/
static int
-key_expire(sav)
- struct secasvar *sav;
+key_expire(
+ struct secasvar *sav)
{
int satype;
struct mbuf *result = NULL, *m;
lt->sadb_lifetime_bytes = sav->lft_c->sadb_lifetime_bytes;
lt->sadb_lifetime_addtime = sav->lft_c->sadb_lifetime_addtime;
lt->sadb_lifetime_usetime = sav->lft_c->sadb_lifetime_usetime;
- lt = (struct sadb_lifetime *)(mtod(m, caddr_t) + len / 2);
+ lt = (struct sadb_lifetime *)(void *)(mtod(m, caddr_t) + len / 2);
bcopy(sav->lft_s, lt, sizeof(*lt));
m_cat(result, m);
* m will always be freed.
*/
static int
-key_flush(so, m, mhp)
- struct socket *so;
- struct mbuf *m;
- const struct sadb_msghdr *mhp;
+key_flush(
+ struct socket *so,
+ struct mbuf *m,
+ const struct sadb_msghdr *mhp)
{
struct sadb_msg *newmsg;
struct secashead *sah, *nextsah;
};
static int
-key_dump(so, m, mhp)
- struct socket *so;
- struct mbuf *m;
- const struct sadb_msghdr *mhp;
+key_dump(
+ struct socket *so,
+ struct mbuf *m,
+ const struct sadb_msghdr *mhp)
{
struct secashead *sah;
struct secasvar *sav;
* m will always be freed.
*/
static int
-key_promisc(so, m, mhp)
- struct socket *so;
- struct mbuf *m;
- const struct sadb_msghdr *mhp;
+key_promisc(
+ struct socket *so,
+ struct mbuf *m,
+ const struct sadb_msghdr *mhp)
{
int olen;
key_spdadd, /* SADB_X_SPDSETIDX */
NULL, /* SADB_X_SPDEXPIRE */
key_spddelete2, /* SADB_X_SPDDELETE2 */
+ key_getsastat, /* SADB_GETSASTAT */
};
/*
* length for buffer to send to user process.
*/
int
-key_parse(m, so)
- struct mbuf *m;
- struct socket *so;
+key_parse(
+ struct mbuf *m,
+ struct socket *so)
{
struct sadb_msg *msg;
struct sadb_msghdr mh;
if (m->m_next) {
struct mbuf *n;
- MGETHDR(n, M_DONTWAIT, MT_DATA);
+ MGETHDR(n, M_WAITOK, MT_DATA);
if (n && m->m_pkthdr.len > MHLEN) {
- MCLGET(n, M_DONTWAIT);
+ MCLGET(n, M_WAITOK);
if ((n->m_flags & M_EXT) == 0) {
m_free(n);
n = NULL;
}
static int
-key_senderror(so, m, code)
- struct socket *so;
- struct mbuf *m;
- int code;
+key_senderror(
+ struct socket *so,
+ struct mbuf *m,
+ int code)
{
struct sadb_msg *msg;
* XXX larger-than-MCLBYTES extension?
*/
static int
-key_align(m, mhp)
- struct mbuf *m;
- struct sadb_msghdr *mhp;
+key_align(
+ struct mbuf *m,
+ struct sadb_msghdr *mhp)
{
struct mbuf *n;
struct sadb_ext *ext;
/* m is already freed */
return ENOBUFS;
}
- ext = (struct sadb_ext *)(mtod(n, caddr_t) + toff);
+ ext = (struct sadb_ext *)(void *)(mtod(n, caddr_t) + toff);
/* set pointer */
switch (ext->sadb_ext_type) {
case SADB_EXT_SPIRANGE:
case SADB_X_EXT_POLICY:
case SADB_X_EXT_SA2:
+ case SADB_EXT_SESSION_ID:
+ case SADB_EXT_SASTAT:
/* duplicate check */
/*
* XXX Are there duplication payloads of either
/* m is already freed */
return ENOBUFS;
}
- ext = (struct sadb_ext *)(mtod(n, caddr_t) + toff);
+ ext = (struct sadb_ext *)(void *)(mtod(n, caddr_t) + toff);
mhp->ext[ext->sadb_ext_type] = ext;
mhp->extoff[ext->sadb_ext_type] = off;
}
static int
-key_validate_ext(ext, len)
- const struct sadb_ext *ext;
- int len;
+key_validate_ext(
+ const struct sadb_ext *ext,
+ int len)
{
struct sockaddr *sa;
enum { NONE, ADDR } checktype = NONE;
break;
case SADB_EXT_IDENTITY_SRC:
case SADB_EXT_IDENTITY_DST:
- if (((struct sadb_ident *)ext)->sadb_ident_type ==
- SADB_X_IDENTTYPE_ADDR) {
+ if (((struct sadb_ident *)(uintptr_t)(size_t)ext)->
+ sadb_ident_type == SADB_X_IDENTTYPE_ADDR) {
baselen = PFKEY_ALIGN8(sizeof(struct sadb_ident));
checktype = ADDR;
} else
case NONE:
break;
case ADDR:
- sa = (struct sockaddr *)((caddr_t)ext + baselen);
+ sa = (struct sockaddr *)((caddr_t)(uintptr_t)ext + baselen);
+
if (len < baselen + sal)
return EINVAL;
if (baselen + PFKEY_ALIGN8(sa->sa_len) != len)
}
void
-key_domain_init()
+key_domain_init(void)
{
- int i;
-
- bzero((caddr_t)&key_cb, sizeof(key_cb));
-
- for (i = 0; i < IPSEC_DIR_MAX; i++) {
- LIST_INIT(&sptree[i]);
- }
- ipsec_policy_count = 0;
-
- LIST_INIT(&sahtree);
-
- for (i = 0; i <= SADB_SATYPE_MAX; i++) {
- LIST_INIT(®tree[i]);
- }
- ipsec_sav_count = 0;
-
-#ifndef IPSEC_NONBLOCK_ACQUIRE
- LIST_INIT(&acqtree);
-#endif
- LIST_INIT(&spacqtree);
-
- /* system default */
-#if INET
- ip4_def_policy.policy = IPSEC_POLICY_NONE;
- ip4_def_policy.refcnt++; /*never reclaim this*/
-#endif
-#if INET6
- ip6_def_policy.policy = IPSEC_POLICY_NONE;
- ip6_def_policy.refcnt++; /*never reclaim this*/
-#endif
-
-#ifndef IPSEC_DEBUG2
- timeout((void *)key_timehandler, (void *)0, hz);
-#endif /*IPSEC_DEBUG2*/
-
- /* initialize key statistics */
- keystat.getspi_count = 1;
-
-#ifndef __APPLE__
- printf("IPsec: Initialized Security Association Processing.\n");
-#endif
-
return;
}
/* record data transfer on SA, and update timestamps */
void
-key_sa_recordxfer(sav, m)
- struct secasvar *sav;
- struct mbuf *m;
+key_sa_recordxfer(
+ struct secasvar *sav,
+ struct mbuf *m)
{
/* dumb version */
void
-key_sa_routechange(dst)
- struct sockaddr *dst;
+key_sa_routechange(
+ struct sockaddr *dst)
{
struct secashead *sah;
struct route *ro;
return;
}
-static void
-key_sa_chgstate(sav, state)
- struct secasvar *sav;
- u_int8_t state;
+void
+key_sa_chgstate(
+ struct secasvar *sav,
+ u_int8_t state)
{
if (sav == NULL)
}
void
-key_sa_stir_iv(sav)
- struct secasvar *sav;
+key_sa_stir_iv(
+ struct secasvar *sav)
{
lck_mtx_lock(sadb_mutex);
if (!sav->iv)
/* XXX too much? */
static struct mbuf *
-key_alloc_mbuf(l)
- int l;
+key_alloc_mbuf(
+ int l)
{
struct mbuf *m = NULL, *n;
int len, t;
return m;
}
+
+static struct mbuf *
+key_setdumpsastats (u_int32_t dir,
+ struct sastat *stats,
+ u_int32_t max_stats,
+ u_int64_t session_ids[],
+ u_int32_t seq,
+ u_int32_t pid)
+{
+ struct mbuf *result = NULL, *m = NULL;
+
+ m = key_setsadbmsg(SADB_GETSASTAT, 0, 0, seq, pid, 0);
+ if (!m) {
+ goto fail;
+ }
+ result = m;
+
+ m = key_setsadbsession_id(session_ids);
+ if (!m) {
+ goto fail;
+ }
+ m_cat(result, m);
+
+ m = key_setsadbsastat(dir,
+ stats,
+ max_stats);
+ if (!m) {
+ goto fail;
+ }
+ m_cat(result, m);
+
+ if ((result->m_flags & M_PKTHDR) == 0) {
+ goto fail;
+ }
+
+ if (result->m_len < sizeof(struct sadb_msg)) {
+ result = m_pullup(result, sizeof(struct sadb_msg));
+ if (result == NULL) {
+ goto fail;
+ }
+ }
+
+ result->m_pkthdr.len = 0;
+ for (m = result; m; m = m->m_next) {
+ result->m_pkthdr.len += m->m_len;
+ }
+
+ mtod(result, struct sadb_msg *)->sadb_msg_len =
+ PFKEY_UNIT64(result->m_pkthdr.len);
+
+ return result;
+
+ fail:
+ if (result) {
+ m_freem(result);
+ }
+ return NULL;
+}
+
+/*
+ * SADB_GETSASTAT processing
+ * dump all stats for matching entries in SAD.
+ *
+ * m will always be freed.
+ */
+
+static int
+key_getsastat (struct socket *so,
+ struct mbuf *m,
+ const struct sadb_msghdr *mhp)
+{
+ struct sadb_session_id *session_id;
+ u_int32_t bufsize, arg_count, res_count;
+ struct sadb_sastat *sa_stats_arg;
+ struct sastat *sa_stats_sav = NULL;
+ struct mbuf *n;
+ int error = 0;
+
+ /* sanity check */
+ if (so == NULL || m == NULL || mhp == NULL || mhp->msg == NULL)
+ panic("%s: NULL pointer is passed.\n", __FUNCTION__);
+
+ if (mhp->ext[SADB_EXT_SESSION_ID] == NULL) {
+ printf("%s: invalid message is passed. missing session-id.\n", __FUNCTION__);
+ return key_senderror(so, m, EINVAL);
+ }
+ if (mhp->extlen[SADB_EXT_SESSION_ID] < sizeof(struct sadb_session_id)) {
+ printf("%s: invalid message is passed. short session-id.\n", __FUNCTION__);
+ return key_senderror(so, m, EINVAL);
+ }
+ if (mhp->ext[SADB_EXT_SASTAT] == NULL) {
+ printf("%s: invalid message is passed. missing stat args.\n", __FUNCTION__);
+ return key_senderror(so, m, EINVAL);
+ }
+ if (mhp->extlen[SADB_EXT_SASTAT] < sizeof(*sa_stats_arg)) {
+ printf("%s: invalid message is passed. short stat args.\n", __FUNCTION__);
+ return key_senderror(so, m, EINVAL);
+ }
+
+ lck_mtx_assert(sadb_mutex, LCK_MTX_ASSERT_NOTOWNED);
+
+ // exit early if there are no active SAs
+ if (ipsec_sav_count <= 0) {
+ printf("%s: No active SAs.\n", __FUNCTION__);
+ error = ENOENT;
+ goto end;
+ }
+ bufsize = (ipsec_sav_count + 1) * sizeof(*sa_stats_sav);
+
+ KMALLOC_WAIT(sa_stats_sav, __typeof__(sa_stats_sav), bufsize);
+ if (sa_stats_sav == NULL) {
+ printf("%s: No more memory.\n", __FUNCTION__);
+ error = ENOMEM;
+ goto end;
+ }
+ bzero(sa_stats_sav, bufsize);
+
+ sa_stats_arg = (__typeof__(sa_stats_arg))
+ (void *)mhp->ext[SADB_EXT_SASTAT];
+ arg_count = sa_stats_arg->sadb_sastat_list_len;
+ // exit early if there are no requested SAs
+ if (arg_count == 0) {
+ printf("%s: No SAs requested.\n", __FUNCTION__);
+ error = ENOENT;
+ goto end;
+ }
+ res_count = 0;
+
+ if (key_getsastatbyspi((struct sastat *)(sa_stats_arg + 1),
+ arg_count,
+ sa_stats_sav,
+ &res_count)) {
+ printf("%s: Error finding SAs.\n", __FUNCTION__);
+ error = ENOENT;
+ goto end;
+ }
+ if (!res_count) {
+ printf("%s: No SAs found.\n", __FUNCTION__);
+ error = ENOENT;
+ goto end;
+ }
+
+ session_id = (__typeof__(session_id))
+ (void *)mhp->ext[SADB_EXT_SESSION_ID];
+
+ /* send this to the userland. */
+ n = key_setdumpsastats(sa_stats_arg->sadb_sastat_dir,
+ sa_stats_sav,
+ res_count,
+ session_id->sadb_session_id_v,
+ mhp->msg->sadb_msg_seq,
+ mhp->msg->sadb_msg_pid);
+ if (!n) {
+ printf("%s: No bufs to dump stats.\n", __FUNCTION__);
+ error = ENOBUFS;
+ goto end;
+ }
+
+ key_sendup_mbuf(so, n, KEY_SENDUP_ALL);
+end:
+ if (sa_stats_sav) {
+ KFREE(sa_stats_sav);
+ }
+
+ if (error)
+ return key_senderror(so, m, error);
+
+ m_freem(m);
+ return 0;
+}
+
+static void
+key_update_natt_keepalive_timestamp (struct secasvar *sav_sent,
+ struct secasvar *sav_update)
+{
+ struct secasindex saidx_swap_sent_addr;
+
+ // exit early if two SAs are identical, or if sav_update is current
+ if (sav_sent == sav_update ||
+ sav_update->natt_last_activity == natt_now) {
+ return;
+ }
+
+ // assuming that (sav_update->remote_ike_port != 0 && (esp_udp_encap_port & 0xFFFF) != 0)
+
+ bzero(&saidx_swap_sent_addr, sizeof(saidx_swap_sent_addr));
+ memcpy(&saidx_swap_sent_addr.src, &sav_sent->sah->saidx.dst, sizeof(saidx_swap_sent_addr.src));
+ memcpy(&saidx_swap_sent_addr.dst, &sav_sent->sah->saidx.src, sizeof(saidx_swap_sent_addr.dst));
+ saidx_swap_sent_addr.proto = sav_sent->sah->saidx.proto;
+ saidx_swap_sent_addr.mode = sav_sent->sah->saidx.mode;
+ // we ignore reqid for split-tunnel setups
+
+ if (key_cmpsaidx(&sav_sent->sah->saidx, &sav_update->sah->saidx, CMP_MODE | CMP_PORT) ||
+ key_cmpsaidx(&saidx_swap_sent_addr, &sav_update->sah->saidx, CMP_MODE | CMP_PORT)) {
+ sav_update->natt_last_activity = natt_now;
+ }
+}
projects / apple / xnu.git / blobdiff