parent
8668f1cbbe
commit
dd86ba7231
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: ipsec.c,v 1.27 2007/03/04 06:03:28 christos Exp $ */
|
||||
/* $NetBSD: ipsec.c,v 1.28 2007/03/04 21:17:54 degroote Exp $ */
|
||||
/* $FreeBSD: /usr/local/www/cvsroot/FreeBSD/src/sys/netipsec/ipsec.c,v 1.2.2.2 2003/07/01 01:38:13 sam Exp $ */
|
||||
/* $KAME: ipsec.c,v 1.103 2001/05/24 07:14:18 sakane Exp $ */
|
||||
|
||||
|
@ -32,7 +32,7 @@
|
|||
*/
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.27 2007/03/04 06:03:28 christos Exp $");
|
||||
__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.28 2007/03/04 21:17:54 degroote Exp $");
|
||||
|
||||
/*
|
||||
* IPsec controller part.
|
||||
|
@ -888,7 +888,7 @@ ipsec_setspidx(m, spidx, needport)
|
|||
if (m->m_len >= sizeof(*ip))
|
||||
ip = mtod(m, struct ip *);
|
||||
else {
|
||||
m_copydata(m, 0, sizeof(ipbuf), (void *)&ipbuf);
|
||||
m_copydata(m, 0, sizeof(ipbuf), &ipbuf);
|
||||
ip = &ipbuf;
|
||||
}
|
||||
#ifdef _IP_VHL
|
||||
|
@ -951,7 +951,7 @@ ipsec4_get_ulp(struct mbuf *m, struct secpolicyindex *spidx, int needport)
|
|||
} else {
|
||||
struct ip ih;
|
||||
|
||||
m_copydata(m, 0, sizeof (struct ip), (void *) &ih);
|
||||
m_copydata(m, 0, sizeof (struct ip), &ih);
|
||||
if (ih.ip_off & (IP_MF | IP_OFFMASK))
|
||||
goto done;
|
||||
#ifdef _IP_VHL
|
||||
|
@ -974,7 +974,7 @@ ipsec4_get_ulp(struct mbuf *m, struct secpolicyindex *spidx, int needport)
|
|||
goto done_proto;
|
||||
if (off + sizeof(struct tcphdr) > m->m_pkthdr.len)
|
||||
goto done;
|
||||
m_copydata(m, off, sizeof (th), (void *) &th);
|
||||
m_copydata(m, off, sizeof (th), &th);
|
||||
spidx->src.sin.sin_port = th.th_sport;
|
||||
spidx->dst.sin.sin_port = th.th_dport;
|
||||
return;
|
||||
|
@ -984,7 +984,7 @@ ipsec4_get_ulp(struct mbuf *m, struct secpolicyindex *spidx, int needport)
|
|||
goto done_proto;
|
||||
if (off + sizeof(struct udphdr) > m->m_pkthdr.len)
|
||||
goto done;
|
||||
m_copydata(m, off, sizeof (uh), (void *) &uh);
|
||||
m_copydata(m, off, sizeof (uh), &uh);
|
||||
spidx->src.sin.sin_port = uh.uh_sport;
|
||||
spidx->dst.sin.sin_port = uh.uh_dport;
|
||||
return;
|
||||
|
@ -992,7 +992,7 @@ ipsec4_get_ulp(struct mbuf *m, struct secpolicyindex *spidx, int needport)
|
|||
if (m->m_pkthdr.len > off + sizeof(ip6e))
|
||||
goto done;
|
||||
/* XXX sigh, this works but is totally bogus */
|
||||
m_copydata(m, off, sizeof(ip6e), (void *) &ip6e);
|
||||
m_copydata(m, off, sizeof(ip6e), &ip6e);
|
||||
off += (ip6e.ip6e_len + 2) << 2;
|
||||
nxt = ip6e.ip6e_nxt;
|
||||
break;
|
||||
|
@ -1026,10 +1026,10 @@ ipsec4_setspidx_ipaddr(struct mbuf *m, struct secpolicyindex *spidx)
|
|||
if (m->m_len < sizeof (struct ip)) {
|
||||
m_copydata(m, offsetof(struct ip, ip_src),
|
||||
sizeof (struct in_addr),
|
||||
(void *) &spidx->src.sin.sin_addr);
|
||||
&spidx->src.sin.sin_addr);
|
||||
m_copydata(m, offsetof(struct ip, ip_dst),
|
||||
sizeof (struct in_addr),
|
||||
(void *) &spidx->dst.sin.sin_addr);
|
||||
&spidx->dst.sin.sin_addr);
|
||||
} else {
|
||||
struct ip *ip = mtod(m, struct ip *);
|
||||
spidx->src.sin.sin_addr = ip->ip_src;
|
||||
|
@ -1077,7 +1077,7 @@ ipsec6_get_ulp(m, spidx, needport)
|
|||
break;
|
||||
if (off + sizeof(struct tcphdr) > m->m_pkthdr.len)
|
||||
break;
|
||||
m_copydata(m, off, sizeof(th), (void *)&th);
|
||||
m_copydata(m, off, sizeof(th), &th);
|
||||
((struct sockaddr_in6 *)&spidx->src)->sin6_port = th.th_sport;
|
||||
((struct sockaddr_in6 *)&spidx->dst)->sin6_port = th.th_dport;
|
||||
break;
|
||||
|
@ -1087,7 +1087,7 @@ ipsec6_get_ulp(m, spidx, needport)
|
|||
break;
|
||||
if (off + sizeof(struct udphdr) > m->m_pkthdr.len)
|
||||
break;
|
||||
m_copydata(m, off, sizeof(uh), (void *)&uh);
|
||||
m_copydata(m, off, sizeof(uh), &uh);
|
||||
((struct sockaddr_in6 *)&spidx->src)->sin6_port = uh.uh_sport;
|
||||
((struct sockaddr_in6 *)&spidx->dst)->sin6_port = uh.uh_dport;
|
||||
break;
|
||||
|
@ -1112,7 +1112,7 @@ ipsec6_setspidx_ipaddr(m, spidx)
|
|||
if (m->m_len >= sizeof(*ip6))
|
||||
ip6 = mtod(m, struct ip6_hdr *);
|
||||
else {
|
||||
m_copydata(m, 0, sizeof(ip6buf), (void *)&ip6buf);
|
||||
m_copydata(m, 0, sizeof(ip6buf), &ip6buf);
|
||||
ip6 = &ip6buf;
|
||||
}
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: ipsec_input.c,v 1.15 2007/03/04 06:03:29 christos Exp $ */
|
||||
/* $NetBSD: ipsec_input.c,v 1.16 2007/03/04 21:17:54 degroote Exp $ */
|
||||
/* $FreeBSD: /usr/local/www/cvsroot/FreeBSD/src/sys/netipsec/ipsec_input.c,v 1.2.4.2 2003/03/28 20:32:53 sam Exp $ */
|
||||
/* $OpenBSD: ipsec_input.c,v 1.63 2003/02/20 18:35:43 deraadt Exp $ */
|
||||
|
||||
|
@ -39,7 +39,7 @@
|
|||
*/
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
__KERNEL_RCSID(0, "$NetBSD: ipsec_input.c,v 1.15 2007/03/04 06:03:29 christos Exp $");
|
||||
__KERNEL_RCSID(0, "$NetBSD: ipsec_input.c,v 1.16 2007/03/04 21:17:54 degroote Exp $");
|
||||
|
||||
/*
|
||||
* IPsec input processing.
|
||||
|
@ -142,14 +142,12 @@ ipsec_common_input(struct mbuf *m, int skip, int protoff, int af, int sproto)
|
|||
|
||||
/* Retrieve the SPI from the relevant IPsec header */
|
||||
if (sproto == IPPROTO_ESP)
|
||||
m_copydata(m, skip, sizeof(u_int32_t), (void *) &spi);
|
||||
m_copydata(m, skip, sizeof(u_int32_t), &spi);
|
||||
else if (sproto == IPPROTO_AH)
|
||||
m_copydata(m, skip + sizeof(u_int32_t), sizeof(u_int32_t),
|
||||
(void *) &spi);
|
||||
m_copydata(m, skip + sizeof(u_int32_t), sizeof(u_int32_t), &spi);
|
||||
else if (sproto == IPPROTO_IPCOMP) {
|
||||
u_int16_t cpi;
|
||||
m_copydata(m, skip + sizeof(u_int16_t), sizeof(u_int16_t),
|
||||
(void *) &cpi);
|
||||
m_copydata(m, skip + sizeof(u_int16_t), sizeof(u_int16_t), &cpi);
|
||||
spi = ntohl(htons(cpi));
|
||||
}
|
||||
|
||||
|
@ -166,7 +164,7 @@ ipsec_common_input(struct mbuf *m, int skip, int protoff, int af, int sproto)
|
|||
dst_address.sin.sin_len = sizeof(struct sockaddr_in);
|
||||
m_copydata(m, offsetof(struct ip, ip_dst),
|
||||
sizeof(struct in_addr),
|
||||
(void *) &dst_address.sin.sin_addr);
|
||||
&dst_address.sin.sin_addr);
|
||||
break;
|
||||
#endif /* INET */
|
||||
#ifdef INET6
|
||||
|
@ -174,7 +172,7 @@ ipsec_common_input(struct mbuf *m, int skip, int protoff, int af, int sproto)
|
|||
dst_address.sin6.sin6_len = sizeof(struct sockaddr_in6);
|
||||
m_copydata(m, offsetof(struct ip6_hdr, ip6_dst),
|
||||
sizeof(struct in6_addr),
|
||||
(void *) &dst_address.sin6.sin6_addr);
|
||||
&dst_address.sin6.sin6_addr);
|
||||
break;
|
||||
#endif /* INET6 */
|
||||
default:
|
||||
|
@ -315,8 +313,7 @@ ipsec4_common_input_cb(struct mbuf *m, struct secasvar *sav,
|
|||
struct ip ipn;
|
||||
|
||||
/* ipn will now contain the inner IPv4 header */
|
||||
m_copydata(m, ip->ip_hl << 2, sizeof(struct ip),
|
||||
(void *) &ipn);
|
||||
m_copydata(m, ip->ip_hl << 2, sizeof(struct ip), &ipn);
|
||||
|
||||
#ifdef notyet
|
||||
/* XXX PROXY address isn't recorded in SAH */
|
||||
|
@ -354,8 +351,7 @@ ipsec4_common_input_cb(struct mbuf *m, struct secasvar *sav,
|
|||
struct ip6_hdr ip6n;
|
||||
|
||||
/* ip6n will now contain the inner IPv6 header. */
|
||||
m_copydata(m, ip->ip_hl << 2, sizeof(struct ip6_hdr),
|
||||
(void *) &ip6n);
|
||||
m_copydata(m, ip->ip_hl << 2, sizeof(struct ip6_hdr), &ip6n);
|
||||
|
||||
#ifdef notyet
|
||||
/*
|
||||
|
@ -459,8 +455,7 @@ ipsec6_common_input(struct mbuf **mp, int *offp, int proto)
|
|||
|
||||
do {
|
||||
protoff += l;
|
||||
m_copydata(*mp, protoff, sizeof(ip6e),
|
||||
(void *) &ip6e);
|
||||
m_copydata(*mp, protoff, sizeof(ip6e), &ip6e);
|
||||
|
||||
if (ip6e.ip6e_nxt == IPPROTO_AH)
|
||||
l = (ip6e.ip6e_len + 2) << 2;
|
||||
|
@ -524,7 +519,7 @@ esp6_ctlinput(int cmd, struct sockaddr *sa, void *d)
|
|||
*/
|
||||
bzero(&ip6cp1, sizeof(ip6cp1));
|
||||
ip6cp1.ip6c_src = ip6cp->ip6c_src;
|
||||
pfctlinput2(cmd, sa, (void *)&ip6cp1);
|
||||
pfctlinput2(cmd, sa, &ip6cp1);
|
||||
|
||||
/*
|
||||
* Then go to special cases that need ESP header information.
|
||||
|
@ -541,7 +536,7 @@ esp6_ctlinput(int cmd, struct sockaddr *sa, void *d)
|
|||
if (m->m_pkthdr.len < off + sizeof (struct esp))
|
||||
return;
|
||||
m_copydata(m, off + offsetof(struct esp, esp_spi),
|
||||
sizeof(u_int32_t), (void *) &spi);
|
||||
sizeof(u_int32_t), &spi);
|
||||
/*
|
||||
* Check to see if we have a valid SA corresponding to
|
||||
* the address in the ICMP message payload.
|
||||
|
@ -637,7 +632,7 @@ ipsec6_common_input_cb(struct mbuf *m, struct secasvar *sav, int skip, int proto
|
|||
struct ip ipn;
|
||||
|
||||
/* ipn will now contain the inner IPv4 header */
|
||||
m_copydata(m, skip, sizeof(struct ip), (void *) &ipn);
|
||||
m_copydata(m, skip, sizeof(struct ip), &ipn);
|
||||
|
||||
#ifdef notyet
|
||||
/*
|
||||
|
@ -672,8 +667,7 @@ ipsec6_common_input_cb(struct mbuf *m, struct secasvar *sav, int skip, int proto
|
|||
struct ip6_hdr ip6n;
|
||||
|
||||
/* ip6n will now contain the inner IPv6 header. */
|
||||
m_copydata(m, skip, sizeof(struct ip6_hdr),
|
||||
(void *) &ip6n);
|
||||
m_copydata(m, skip, sizeof(struct ip6_hdr), &ip6n);
|
||||
|
||||
#ifdef notyet
|
||||
/*
|
||||
|
@ -738,7 +732,7 @@ ipsec6_common_input_cb(struct mbuf *m, struct secasvar *sav, int skip, int proto
|
|||
key_sa_recordxfer(sav, m);
|
||||
|
||||
/* Retrieve new protocol */
|
||||
m_copydata(m, protoff, sizeof(u_int8_t), (void *) &nxt8);
|
||||
m_copydata(m, protoff, sizeof(u_int8_t), &nxt8);
|
||||
|
||||
/*
|
||||
* See the end of ip6_input for this logic.
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: ipsec_netbsd.c,v 1.23 2007/03/04 19:54:48 degroote Exp $ */
|
||||
/* $NetBSD: ipsec_netbsd.c,v 1.24 2007/03/04 21:17:55 degroote Exp $ */
|
||||
/* $KAME: esp_input.c,v 1.60 2001/09/04 08:43:19 itojun Exp $ */
|
||||
/* $KAME: ah_input.c,v 1.64 2001/09/04 08:43:19 itojun Exp $ */
|
||||
|
||||
|
@ -32,7 +32,7 @@
|
|||
*/
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
__KERNEL_RCSID(0, "$NetBSD: ipsec_netbsd.c,v 1.23 2007/03/04 19:54:48 degroote Exp $");
|
||||
__KERNEL_RCSID(0, "$NetBSD: ipsec_netbsd.c,v 1.24 2007/03/04 21:17:55 degroote Exp $");
|
||||
|
||||
#include "opt_inet.h"
|
||||
#include "opt_ipsec.h"
|
||||
|
@ -236,7 +236,7 @@ ah6_ctlinput(cmd, sa, d)
|
|||
* this should be rare case,
|
||||
* so we compromise on this copy...
|
||||
*/
|
||||
m_copydata(m, off, sizeof(ah), (void *)&ah);
|
||||
m_copydata(m, off, sizeof(ah), &ah);
|
||||
ahp = &ah;
|
||||
} else
|
||||
ahp = (struct newah *)(mtod(m, char *) + off);
|
||||
|
@ -326,7 +326,7 @@ esp6_ctlinput(cmd, sa, d)
|
|||
*/
|
||||
memset(&ip6cp1, 0, sizeof(ip6cp1));
|
||||
ip6cp1.ip6c_src = ip6cp->ip6c_src;
|
||||
pfctlinput2(cmd, sa, (void *)&ip6cp1);
|
||||
pfctlinput2(cmd, sa, &ip6cp1);
|
||||
|
||||
/*
|
||||
* Then go to special cases that need ESP header information.
|
||||
|
@ -343,7 +343,7 @@ esp6_ctlinput(cmd, sa, d)
|
|||
* this should be rare case,
|
||||
* so we compromise on this copy...
|
||||
*/
|
||||
m_copydata(m, off, sizeof(esp), (void *)&esp);
|
||||
m_copydata(m, off, sizeof(esp), &esp);
|
||||
espp = &esp;
|
||||
} else
|
||||
espp = (struct newesp*)(mtod(m, char *) + off);
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: key.c,v 1.39 2007/03/04 19:54:49 degroote Exp $ */
|
||||
/* $NetBSD: key.c,v 1.40 2007/03/04 21:17:55 degroote Exp $ */
|
||||
/* $FreeBSD: src/sys/netipsec/key.c,v 1.3.2.3 2004/02/14 22:23:23 bms Exp $ */
|
||||
/* $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $ */
|
||||
|
||||
|
@ -32,7 +32,7 @@
|
|||
*/
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.39 2007/03/04 19:54:49 degroote Exp $");
|
||||
__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.40 2007/03/04 21:17:55 degroote Exp $");
|
||||
|
||||
/*
|
||||
* This code is referd to RFC 2367
|
||||
|
@ -318,7 +318,7 @@ MALLOC_DEFINE(M_SECA, "key mgmt", "security associations, key management");
|
|||
#define KMALLOC(p, t, n) \
|
||||
((p) = (t) malloc((unsigned long)(n), M_SECA, M_NOWAIT))
|
||||
#define KFREE(p) \
|
||||
free((void *)(p), M_SECA)
|
||||
free((p), M_SECA)
|
||||
#else
|
||||
#define KMALLOC(p, t, n) \
|
||||
do { \
|
||||
|
@ -330,7 +330,7 @@ do { \
|
|||
#define KFREE(p) \
|
||||
do { \
|
||||
printf("%s %d: %p -> KFREE()\n", __FILE__, __LINE__, (p)); \
|
||||
free((void *)(p), M_SECA); \
|
||||
free((p), M_SECA); \
|
||||
} while (0)
|
||||
#endif
|
||||
|
||||
|
@ -2868,7 +2868,7 @@ key_newsav(m, mhp, sah, errp, where, tag)
|
|||
*errp = ENOBUFS;
|
||||
goto done;
|
||||
}
|
||||
bzero((void *)newsav, sizeof(struct secasvar));
|
||||
bzero(newsav, sizeof(struct secasvar));
|
||||
|
||||
switch (mhp->msg->sadb_msg_type) {
|
||||
case SADB_GETSPI:
|
||||
|
@ -3148,7 +3148,7 @@ key_setsaval(sav, m, mhp)
|
|||
goto fail;
|
||||
}
|
||||
if (sa0->sadb_sa_replay != 0)
|
||||
sav->replay->bitmap = (void *)(sav->replay+1);
|
||||
sav->replay->bitmap = (char*)(sav->replay+1);
|
||||
sav->replay->wsize = sa0->sadb_sa_replay;
|
||||
}
|
||||
}
|
||||
|
@ -4485,7 +4485,7 @@ key_timehandler(void* arg)
|
|||
|
||||
#ifndef IPSEC_DEBUG2
|
||||
/* do exchange to tick time !! */
|
||||
callout_reset(&key_timehandler_ch, hz, key_timehandler, (void *)0);
|
||||
callout_reset(&key_timehandler_ch, hz, key_timehandler, NULL);
|
||||
#endif /* IPSEC_DEBUG2 */
|
||||
|
||||
splx(s);
|
||||
|
@ -6292,7 +6292,7 @@ key_register(so, m, mhp)
|
|||
ipseclog((LOG_DEBUG, "key_register: No more memory.\n"));
|
||||
return key_senderror(so, m, ENOBUFS);
|
||||
}
|
||||
bzero((void *)newreg, sizeof(*newreg));
|
||||
bzero(newreg, sizeof(*newreg));
|
||||
|
||||
newreg->so = so;
|
||||
((struct keycb *)sotorawcb(so))->kp_registered++;
|
||||
|
@ -7389,7 +7389,7 @@ key_init()
|
|||
|
||||
|
||||
#ifndef IPSEC_DEBUG2
|
||||
callout_reset(&key_timehandler_ch, hz, key_timehandler, (void *)0);
|
||||
callout_reset(&key_timehandler_ch, hz, key_timehandler, NULL);
|
||||
#endif /*IPSEC_DEBUG2*/
|
||||
|
||||
/* initialize key statistics */
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: key_debug.c,v 1.7 2007/03/04 19:54:49 degroote Exp $ */
|
||||
/* $NetBSD: key_debug.c,v 1.8 2007/03/04 21:17:55 degroote Exp $ */
|
||||
/* $FreeBSD: src/sys/netipsec/key_debug.c,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $ */
|
||||
/* $KAME: key_debug.c,v 1.26 2001/06/27 10:46:50 sakane Exp $ */
|
||||
|
||||
|
@ -33,7 +33,7 @@
|
|||
|
||||
#ifdef _KERNEL
|
||||
#include <sys/cdefs.h>
|
||||
__KERNEL_RCSID(0, "$NetBSD: key_debug.c,v 1.7 2007/03/04 19:54:49 degroote Exp $");
|
||||
__KERNEL_RCSID(0, "$NetBSD: key_debug.c,v 1.8 2007/03/04 21:17:55 degroote Exp $");
|
||||
#endif
|
||||
|
||||
#include "opt_inet.h"
|
||||
|
@ -525,10 +525,10 @@ kdebug_secpolicyindex(spidx)
|
|||
printf("secpolicyindex{ dir=%u prefs=%u prefd=%u ul_proto=%u\n",
|
||||
spidx->dir, spidx->prefs, spidx->prefd, spidx->ul_proto);
|
||||
|
||||
ipsec_hexdump((void *)&spidx->src,
|
||||
ipsec_hexdump((char *)&spidx->src,
|
||||
((struct sockaddr *)&spidx->src)->sa_len);
|
||||
printf("\n");
|
||||
ipsec_hexdump((void *)&spidx->dst,
|
||||
ipsec_hexdump((char *)&spidx->dst,
|
||||
((struct sockaddr *)&spidx->dst)->sa_len);
|
||||
printf("}\n");
|
||||
|
||||
|
@ -546,10 +546,10 @@ kdebug_secasindex(saidx)
|
|||
printf("secasindex{ mode=%u proto=%u\n",
|
||||
saidx->mode, saidx->proto);
|
||||
|
||||
ipsec_hexdump((void *)&saidx->src,
|
||||
ipsec_hexdump((char *)&saidx->src,
|
||||
((struct sockaddr *)&saidx->src)->sa_len);
|
||||
printf("\n");
|
||||
ipsec_hexdump((void *)&saidx->dst,
|
||||
ipsec_hexdump((char *)&saidx->dst,
|
||||
((struct sockaddr *)&saidx->dst)->sa_len);
|
||||
printf("\n");
|
||||
|
||||
|
@ -578,7 +578,7 @@ kdebug_secasv(sav)
|
|||
kdebug_sadb_key((struct sadb_ext *)sav->key_enc);
|
||||
if (sav->iv != NULL) {
|
||||
printf(" iv=");
|
||||
ipsec_hexdump(sav->iv, sav->ivlen ? sav->ivlen : 8);
|
||||
ipsec_hexdump((char *)sav->iv, sav->ivlen ? sav->ivlen : 8);
|
||||
printf("\n");
|
||||
}
|
||||
|
||||
|
@ -702,7 +702,7 @@ kdebug_sockaddr(addr)
|
|||
case AF_INET:
|
||||
sin4 = (struct sockaddr_in *)addr;
|
||||
printf(" port=%u\n", ntohs(sin4->sin_port));
|
||||
ipsec_hexdump((void *)&sin4->sin_addr, sizeof(sin4->sin_addr));
|
||||
ipsec_hexdump((char *)&sin4->sin_addr, sizeof(sin4->sin_addr));
|
||||
break;
|
||||
#ifdef INET6
|
||||
case AF_INET6:
|
||||
|
@ -710,8 +710,7 @@ kdebug_sockaddr(addr)
|
|||
printf(" port=%u\n", ntohs(sin6->sin6_port));
|
||||
printf(" flowinfo=0x%08x, scope_id=0x%08x\n",
|
||||
sin6->sin6_flowinfo, sin6->sin6_scope_id);
|
||||
ipsec_hexdump((void *)&sin6->sin6_addr,
|
||||
sizeof(sin6->sin6_addr));
|
||||
ipsec_hexdump((char *)&sin6->sin6_addr, sizeof(sin6->sin6_addr));
|
||||
break;
|
||||
#endif
|
||||
}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: keysock.c,v 1.12 2007/03/04 06:03:30 christos Exp $ */
|
||||
/* $NetBSD: keysock.c,v 1.13 2007/03/04 21:17:55 degroote Exp $ */
|
||||
/* $FreeBSD: src/sys/netipsec/keysock.c,v 1.3.2.1 2003/01/24 05:11:36 sam Exp $ */
|
||||
/* $KAME: keysock.c,v 1.25 2001/08/13 20:07:41 itojun Exp $ */
|
||||
|
||||
|
@ -32,7 +32,7 @@
|
|||
*/
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
__KERNEL_RCSID(0, "$NetBSD: keysock.c,v 1.12 2007/03/04 06:03:30 christos Exp $");
|
||||
__KERNEL_RCSID(0, "$NetBSD: keysock.c,v 1.13 2007/03/04 21:17:55 degroote Exp $");
|
||||
|
||||
#include "opt_ipsec.h"
|
||||
|
||||
|
@ -284,7 +284,7 @@ key_sendup(so, msg, len, target)
|
|||
}
|
||||
m->m_pkthdr.len = len;
|
||||
m->m_pkthdr.rcvif = NULL;
|
||||
m_copyback(m, 0, len, (void *)msg);
|
||||
m_copyback(m, 0, len, msg);
|
||||
|
||||
/* avoid duplicated statistics */
|
||||
pfkeystat.in_total--;
|
||||
|
@ -468,12 +468,12 @@ key_attach(struct socket *so, int proto, struct proc *td)
|
|||
* eliminate the spl.
|
||||
*/
|
||||
s = splnet(); /* FreeBSD */
|
||||
so->so_pcb = (void *)kp;
|
||||
so->so_pcb = kp;
|
||||
error = raw_usrreqs.pru_attach(so, proto, td);
|
||||
kp = (struct keycb *)sotorawcb(so);
|
||||
if (error) {
|
||||
free(kp, M_PCB);
|
||||
so->so_pcb = (void *) 0;
|
||||
so->so_pcb = NULL;
|
||||
splx(s);
|
||||
return error;
|
||||
}
|
||||
|
@ -634,7 +634,7 @@ key_usrreq(so, req, m, nam, control, l)
|
|||
s = splsoftnet();
|
||||
if (req == PRU_ATTACH) {
|
||||
kp = (struct keycb *)malloc(sizeof(*kp), M_PCB, M_WAITOK);
|
||||
so->so_pcb = (void *)kp;
|
||||
so->so_pcb = kp;
|
||||
if (so->so_pcb)
|
||||
bzero(so->so_pcb, sizeof(*kp));
|
||||
}
|
||||
|
@ -654,8 +654,8 @@ key_usrreq(so, req, m, nam, control, l)
|
|||
int af = kp->kp_raw.rcb_proto.sp_protocol;
|
||||
if (error) {
|
||||
pfkeystat.sockerr++;
|
||||
free((void *)kp, M_PCB);
|
||||
so->so_pcb = (void *) 0;
|
||||
free(kp, M_PCB);
|
||||
so->so_pcb = NULL;
|
||||
splx(s);
|
||||
return (error);
|
||||
}
|
||||
|
@ -709,7 +709,7 @@ struct protosw keysw[] = {
|
|||
static void
|
||||
key_init0(void)
|
||||
{
|
||||
bzero((void *)&key_cb, sizeof(key_cb));
|
||||
bzero(&key_cb, sizeof(key_cb));
|
||||
key_init();
|
||||
}
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: xform_ah.c,v 1.14 2007/03/04 19:54:49 degroote Exp $ */
|
||||
/* $NetBSD: xform_ah.c,v 1.15 2007/03/04 21:17:55 degroote Exp $ */
|
||||
/* $FreeBSD: src/sys/netipsec/xform_ah.c,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $ */
|
||||
/* $OpenBSD: ip_ah.c,v 1.63 2001/06/26 06:18:58 angelos Exp $ */
|
||||
/*
|
||||
|
@ -39,7 +39,7 @@
|
|||
*/
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
__KERNEL_RCSID(0, "$NetBSD: xform_ah.c,v 1.14 2007/03/04 19:54:49 degroote Exp $");
|
||||
__KERNEL_RCSID(0, "$NetBSD: xform_ah.c,v 1.15 2007/03/04 21:17:55 degroote Exp $");
|
||||
|
||||
#include "opt_inet.h"
|
||||
#ifdef __FreeBSD__
|
||||
|
@ -439,7 +439,7 @@ ah_massage_headers(struct mbuf **m0, int proto, int skip, int alg, int out)
|
|||
#ifdef INET6
|
||||
case AF_INET6: /* Ugly... */
|
||||
/* Copy and "cook" the IPv6 header. */
|
||||
m_copydata(m, 0, sizeof(ip6), (void *) &ip6);
|
||||
m_copydata(m, 0, sizeof(ip6), &ip6);
|
||||
|
||||
/* We don't do IPv6 Jumbograms. */
|
||||
if (ip6.ip6_plen == 0) {
|
||||
|
@ -460,7 +460,7 @@ ah_massage_headers(struct mbuf **m0, int proto, int skip, int alg, int out)
|
|||
ip6.ip6_dst.s6_addr16[1] = 0;
|
||||
|
||||
/* Done with IPv6 header. */
|
||||
m_copyback(m, 0, sizeof(struct ip6_hdr), (void *) &ip6);
|
||||
m_copyback(m, 0, sizeof(struct ip6_hdr), &ip6);
|
||||
|
||||
/* Let's deal with the remaining headers (if any). */
|
||||
if (skip - sizeof(struct ip6_hdr) > 0) {
|
||||
|
@ -737,10 +737,10 @@ ah_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff)
|
|||
/* Crypto operation descriptor. */
|
||||
crp->crp_ilen = m->m_pkthdr.len; /* Total input length. */
|
||||
crp->crp_flags = CRYPTO_F_IMBUF;
|
||||
crp->crp_buf = (void *) m;
|
||||
crp->crp_buf = m;
|
||||
crp->crp_callback = ah_input_cb;
|
||||
crp->crp_sid = sav->tdb_cryptoid;
|
||||
crp->crp_opaque = (void *) tc;
|
||||
crp->crp_opaque = tc;
|
||||
|
||||
/* These are passed as-is to the callback. */
|
||||
tc->tc_spi = sav->spi;
|
||||
|
@ -749,7 +749,7 @@ ah_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff)
|
|||
tc->tc_nxt = ah->ah_nxt;
|
||||
tc->tc_protoff = protoff;
|
||||
tc->tc_skip = skip;
|
||||
tc->tc_ptr = (void *) mtag; /* Save the mtag we've identified. */
|
||||
tc->tc_ptr = mtag; /* Save the mtag we've identified. */
|
||||
|
||||
DPRINTF(("ah: hash over %d bytes, skip %d: "
|
||||
"crda len %d skip %d inject %d\n",
|
||||
|
@ -912,7 +912,7 @@ ah_input_cb(struct cryptop *crp)
|
|||
u_int32_t seq;
|
||||
|
||||
m_copydata(m, skip + offsetof(struct newah, ah_seq),
|
||||
sizeof (seq), (void *) &seq);
|
||||
sizeof (seq), &seq);
|
||||
if (ipsec_updatereplay(ntohl(seq), sav)) {
|
||||
ahstat.ahs_replay++;
|
||||
error = ENOBUFS; /*XXX as above*/
|
||||
|
@ -1112,7 +1112,7 @@ ah_output(
|
|||
}
|
||||
|
||||
/* Save the skipped portion of the packet. */
|
||||
m_copydata(m, 0, skip, (void *) (tc + 1));
|
||||
m_copydata(m, 0, skip, (tc + 1));
|
||||
|
||||
/*
|
||||
* Fix IP header length on the header used for
|
||||
|
@ -1124,10 +1124,10 @@ ah_output(
|
|||
case AF_INET:
|
||||
bcopy(((char *)(tc + 1)) +
|
||||
offsetof(struct ip, ip_len),
|
||||
(void *) &iplen, sizeof(u_int16_t));
|
||||
&iplen, sizeof(u_int16_t));
|
||||
iplen = htons(ntohs(iplen) + rplen + authsize);
|
||||
m_copyback(m, offsetof(struct ip, ip_len),
|
||||
sizeof(u_int16_t), (void *) &iplen);
|
||||
sizeof(u_int16_t), &iplen);
|
||||
break;
|
||||
#endif /* INET */
|
||||
|
||||
|
@ -1135,10 +1135,10 @@ ah_output(
|
|||
case AF_INET6:
|
||||
bcopy(((char *)(tc + 1)) +
|
||||
offsetof(struct ip6_hdr, ip6_plen),
|
||||
(void *) &iplen, sizeof(u_int16_t));
|
||||
&iplen, sizeof(u_int16_t));
|
||||
iplen = htons(ntohs(iplen) + rplen + authsize);
|
||||
m_copyback(m, offsetof(struct ip6_hdr, ip6_plen),
|
||||
sizeof(u_int16_t), (void *) &iplen);
|
||||
sizeof(u_int16_t), &iplen);
|
||||
break;
|
||||
#endif /* INET6 */
|
||||
}
|
||||
|
@ -1148,7 +1148,7 @@ ah_output(
|
|||
|
||||
/* Update the Next Protocol field in the IP header. */
|
||||
prot = IPPROTO_AH;
|
||||
m_copyback(m, protoff, sizeof(u_int8_t), (void *) &prot);
|
||||
m_copyback(m, protoff, sizeof(u_int8_t), &prot);
|
||||
|
||||
/* "Massage" the packet headers for crypto processing. */
|
||||
error = ah_massage_headers(&m, sav->sah->saidx.dst.sa.sa_family,
|
||||
|
@ -1163,10 +1163,10 @@ ah_output(
|
|||
/* Crypto operation descriptor. */
|
||||
crp->crp_ilen = m->m_pkthdr.len; /* Total input length. */
|
||||
crp->crp_flags = CRYPTO_F_IMBUF;
|
||||
crp->crp_buf = (void *) m;
|
||||
crp->crp_buf = m;
|
||||
crp->crp_callback = ah_output_cb;
|
||||
crp->crp_sid = sav->tdb_cryptoid;
|
||||
crp->crp_opaque = (void *) tc;
|
||||
crp->crp_opaque = tc;
|
||||
|
||||
/* These are passed as-is to the callback. */
|
||||
tc->tc_isr = isr;
|
||||
|
@ -1201,7 +1201,7 @@ ah_output_cb(struct cryptop *crp)
|
|||
IPSEC_ASSERT(tc != NULL, ("ah_output_cb: null opaque data area!"));
|
||||
skip = tc->tc_skip;
|
||||
protoff = tc->tc_protoff;
|
||||
ptr = (void *) (tc + 1);
|
||||
ptr = (tc + 1);
|
||||
m = (struct mbuf *) crp->crp_buf;
|
||||
|
||||
s = splsoftnet();
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: xform_esp.c,v 1.14 2007/03/04 19:54:49 degroote Exp $ */
|
||||
/* $NetBSD: xform_esp.c,v 1.15 2007/03/04 21:17:55 degroote Exp $ */
|
||||
/* $FreeBSD: src/sys/netipsec/xform_esp.c,v 1.2.2.1 2003/01/24 05:11:36 sam Exp $ */
|
||||
/* $OpenBSD: ip_esp.c,v 1.69 2001/06/26 06:18:59 angelos Exp $ */
|
||||
|
||||
|
@ -39,7 +39,7 @@
|
|||
*/
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.14 2007/03/04 19:54:49 degroote Exp $");
|
||||
__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.15 2007/03/04 21:17:55 degroote Exp $");
|
||||
|
||||
#include "opt_inet.h"
|
||||
#ifdef __FreeBSD__
|
||||
|
@ -204,7 +204,7 @@ esp_init(struct secasvar *sav, struct xformsw *xsp)
|
|||
* compromise is to force it to zero here.
|
||||
*/
|
||||
sav->ivlen = (txform == &enc_xform_null ? 0 : txform->blocksize);
|
||||
sav->iv = (void *) malloc(sav->ivlen, M_SECA, M_WAITOK);
|
||||
sav->iv = malloc(sav->ivlen, M_SECA, M_WAITOK);
|
||||
if (sav->iv == NULL) {
|
||||
DPRINTF(("esp_init: no memory for IV\n"));
|
||||
return EINVAL;
|
||||
|
@ -378,7 +378,7 @@ esp_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff)
|
|||
return ENOBUFS;
|
||||
}
|
||||
|
||||
tc->tc_ptr = (void *) mtag;
|
||||
tc->tc_ptr = mtag;
|
||||
|
||||
if (esph) {
|
||||
struct cryptodesc *crda = crp->crp_desc;
|
||||
|
@ -397,7 +397,7 @@ esp_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff)
|
|||
/* Copy the authenticator */
|
||||
if (mtag == NULL)
|
||||
m_copydata(m, m->m_pkthdr.len - alen, alen,
|
||||
(void *) (tc + 1));
|
||||
(tc + 1));
|
||||
|
||||
/* Chain authentication request */
|
||||
crde = crda->crd_next;
|
||||
|
@ -408,10 +408,10 @@ esp_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff)
|
|||
/* Crypto operation descriptor */
|
||||
crp->crp_ilen = m->m_pkthdr.len; /* Total input length */
|
||||
crp->crp_flags = CRYPTO_F_IMBUF;
|
||||
crp->crp_buf = (void *) m;
|
||||
crp->crp_buf = m;
|
||||
crp->crp_callback = esp_input_cb;
|
||||
crp->crp_sid = sav->tdb_cryptoid;
|
||||
crp->crp_opaque = (void *) tc;
|
||||
crp->crp_opaque = tc;
|
||||
|
||||
/* These are passed as-is to the callback */
|
||||
tc->tc_spi = sav->spi;
|
||||
|
@ -541,7 +541,7 @@ esp_input_cb(struct cryptop *crp)
|
|||
m_copydata(m, m->m_pkthdr.len - esph->authsize,
|
||||
esph->authsize, aalg);
|
||||
|
||||
ptr = (void *) (tc + 1);
|
||||
ptr = (tc + 1);
|
||||
|
||||
/* Verify authenticator */
|
||||
if (bcmp(ptr, aalg, esph->authsize) != 0) {
|
||||
|
@ -575,7 +575,7 @@ esp_input_cb(struct cryptop *crp)
|
|||
u_int32_t seq;
|
||||
|
||||
m_copydata(m, skip + offsetof(struct newesp, esp_seq),
|
||||
sizeof (seq), (void *) &seq);
|
||||
sizeof (seq), &seq);
|
||||
if (ipsec_updatereplay(ntohl(seq), sav)) {
|
||||
DPRINTF(("%s: packet replay check for %s\n", __func__,
|
||||
ipsec_logsastr(sav)));
|
||||
|
@ -776,7 +776,7 @@ esp_output(
|
|||
}
|
||||
|
||||
/* Initialize ESP header. */
|
||||
bcopy((void *) &sav->spi, mtod(mo, char *) + roff, sizeof(u_int32_t));
|
||||
bcopy(&sav->spi, mtod(mo, char *) + roff, sizeof(u_int32_t));
|
||||
if (sav->replay) {
|
||||
u_int32_t replay;
|
||||
|
||||
|
@ -787,7 +787,7 @@ esp_output(
|
|||
sav->replay->count++;
|
||||
|
||||
replay = htonl(sav->replay->count);
|
||||
bcopy((void *) &replay,
|
||||
bcopy(&replay,
|
||||
mtod(mo,char *) + roff + sizeof(u_int32_t),
|
||||
sizeof(u_int32_t));
|
||||
}
|
||||
|
@ -877,9 +877,9 @@ esp_output(
|
|||
/* Crypto operation descriptor. */
|
||||
crp->crp_ilen = m->m_pkthdr.len; /* Total input length. */
|
||||
crp->crp_flags = CRYPTO_F_IMBUF;
|
||||
crp->crp_buf = (void *) m;
|
||||
crp->crp_buf = m;
|
||||
crp->crp_callback = esp_output_cb;
|
||||
crp->crp_opaque = (void *) tc;
|
||||
crp->crp_opaque = tc;
|
||||
crp->crp_sid = sav->tdb_cryptoid;
|
||||
|
||||
if (esph) {
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: xform_ipcomp.c,v 1.12 2007/03/04 19:54:49 degroote Exp $ */
|
||||
/* $NetBSD: xform_ipcomp.c,v 1.13 2007/03/04 21:17:55 degroote Exp $ */
|
||||
/* $FreeBSD: src/sys/netipsec/xform_ipcomp.c,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $ */
|
||||
/* $OpenBSD: ip_ipcomp.c,v 1.1 2001/07/05 12:08:52 jjbg Exp $ */
|
||||
|
||||
|
@ -30,7 +30,7 @@
|
|||
*/
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
__KERNEL_RCSID(0, "$NetBSD: xform_ipcomp.c,v 1.12 2007/03/04 19:54:49 degroote Exp $");
|
||||
__KERNEL_RCSID(0, "$NetBSD: xform_ipcomp.c,v 1.13 2007/03/04 21:17:55 degroote Exp $");
|
||||
|
||||
/* IP payload compression protocol (IPComp), see RFC 2393 */
|
||||
#include "opt_inet.h"
|
||||
|
@ -182,10 +182,10 @@ ipcomp_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff)
|
|||
/* Crypto operation descriptor */
|
||||
crp->crp_ilen = m->m_pkthdr.len - (skip + hlen);
|
||||
crp->crp_flags = CRYPTO_F_IMBUF;
|
||||
crp->crp_buf = (void *) m;
|
||||
crp->crp_buf = m;
|
||||
crp->crp_callback = ipcomp_input_cb;
|
||||
crp->crp_sid = sav->tdb_cryptoid;
|
||||
crp->crp_opaque = (void *) tc;
|
||||
crp->crp_opaque = tc;
|
||||
|
||||
/* These are passed as-is to the callback */
|
||||
tc->tc_spi = sav->spi;
|
||||
|
@ -454,9 +454,9 @@ ipcomp_output(
|
|||
/* Crypto operation descriptor */
|
||||
crp->crp_ilen = m->m_pkthdr.len; /* Total input length */
|
||||
crp->crp_flags = CRYPTO_F_IMBUF;
|
||||
crp->crp_buf = (void *) m;
|
||||
crp->crp_buf = m;
|
||||
crp->crp_callback = ipcomp_output_cb;
|
||||
crp->crp_opaque = (void *) tc;
|
||||
crp->crp_opaque = tc;
|
||||
crp->crp_sid = sav->tdb_cryptoid;
|
||||
|
||||
return crypto_dispatch(crp);
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: xform_ipip.c,v 1.16 2007/03/04 06:03:30 christos Exp $ */
|
||||
/* $NetBSD: xform_ipip.c,v 1.17 2007/03/04 21:17:56 degroote Exp $ */
|
||||
/* $FreeBSD: src/sys/netipsec/xform_ipip.c,v 1.3.2.1 2003/01/24 05:11:36 sam Exp $ */
|
||||
/* $OpenBSD: ip_ipip.c,v 1.25 2002/06/10 18:04:55 itojun Exp $ */
|
||||
|
||||
|
@ -39,7 +39,7 @@
|
|||
*/
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
__KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.16 2007/03/04 06:03:30 christos Exp $");
|
||||
__KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.17 2007/03/04 21:17:56 degroote Exp $");
|
||||
|
||||
/*
|
||||
* IP-inside-IP processing
|
||||
|
@ -499,7 +499,7 @@ ipip_output(
|
|||
/* Save ECN notification */
|
||||
m_copydata(m, sizeof(struct ip) +
|
||||
offsetof(struct ip, ip_tos),
|
||||
sizeof(u_int8_t), (void *) &itos);
|
||||
sizeof(u_int8_t), &itos);
|
||||
|
||||
ipo->ip_p = IPPROTO_IPIP;
|
||||
|
||||
|
@ -509,7 +509,7 @@ ipip_output(
|
|||
*/
|
||||
m_copydata(m, sizeof(struct ip) +
|
||||
offsetof(struct ip, ip_off),
|
||||
sizeof(u_int16_t), (void *) &ipo->ip_off);
|
||||
sizeof(u_int16_t), &ipo->ip_off);
|
||||
ipo->ip_off = ntohs(ipo->ip_off);
|
||||
ipo->ip_off &= ~(IP_DF | IP_MF | IP_OFFMASK);
|
||||
ipo->ip_off = htons(ipo->ip_off);
|
||||
|
@ -521,7 +521,7 @@ ipip_output(
|
|||
/* Save ECN notification. */
|
||||
m_copydata(m, sizeof(struct ip) +
|
||||
offsetof(struct ip6_hdr, ip6_flow),
|
||||
sizeof(u_int32_t), (void *) &itos32);
|
||||
sizeof(u_int32_t), &itos32);
|
||||
itos = ntohl(itos32) >> 20;
|
||||
ipo->ip_p = IPPROTO_IPV6;
|
||||
ipo->ip_off = 0;
|
||||
|
@ -581,7 +581,7 @@ ipip_output(
|
|||
/* Save ECN notification */
|
||||
m_copydata(m, sizeof(struct ip6_hdr) +
|
||||
offsetof(struct ip, ip_tos), sizeof(u_int8_t),
|
||||
(void *) &itos);
|
||||
&itos);
|
||||
|
||||
/* This is really IPVERSION. */
|
||||
ip6o->ip6_nxt = IPPROTO_IPIP;
|
||||
|
@ -593,7 +593,7 @@ ipip_output(
|
|||
/* Save ECN notification. */
|
||||
m_copydata(m, sizeof(struct ip6_hdr) +
|
||||
offsetof(struct ip6_hdr, ip6_flow),
|
||||
sizeof(u_int32_t), (void *) &itos32);
|
||||
sizeof(u_int32_t), &itos32);
|
||||
itos = ntohl(itos32) >> 20;
|
||||
|
||||
ip6o->ip6_nxt = IPPROTO_IPV6;
|
||||
|
|
Loading…
Reference in New Issue