NetBSD

Author	SHA1	Message	Date
itojun	8453a28003	fixed that the kernel crashed when key_spdacquire() was called because key_spdacquire() had been implemented imcopletely. sync w/kame	2003-07-25 09:04:48 +00:00
itojun	da7d7203a8	fix comments, style	2003-07-22 11:12:15 +00:00
itojun	8f4ef7c537	clear enc/auth key before freeing	2003-07-22 11:01:09 +00:00
itojun	0d84200c22	clear scheduled key before freeing, for safety	2003-07-22 08:54:27 +00:00
itojun	7a78321a15	tighten sanity check on ipsec policy. sync w/kame	2003-06-16 08:11:03 +00:00
itojun	a02a0a383e	don't permit port spec on tunnel mode policy. sync w/kame.	2002-12-09 03:20:45 +00:00
perry	4f27ab21b8	/CONTCOND/ while (0)'ed macros	2002-11-02 07:30:55 +00:00
dan	73aa8b3b5b	warn about the arc4 generator if no NRND, but still use it	2002-10-07 00:40:15 +00:00
tls	0f95ec4fd5	ESP output was drawing down the entropy pool at a ferocious rate, a particular problem on hosts with only wireless interfaces that are definitely not safe to use as entropy sources. Add arc4randbytes() which hands out bytes from the same source used by arc4random(). This is intended to be a _temporary_ interface until we can design and implement a better general PRNG interface that is decoupled from the entropy-pool implementation. Modify key_randomfill() (used only for initialization vectors on SA creation and via key_sa_stir_iv(), which does not "stir", despite its name) to use arc4randbytes() instead of pulling bits directly from the entropy pool. It is my hope that this change will pose minimal integration problems for the KAME folks as the random-pool interface is already different between each BSD variant; this just simplifies the NetBSD case and solves a fairly serious problem. Note that it is generally considered acceptable cryptographic practice to use a fast stream cipher to generate IVs for encryption with stronger block ciphers. For example, the use of "non-Approved" PRNGs to generate IVs for "Approved" block ciphers is explicitly sanctioned by FIPS 140-2.	2002-10-06 08:51:44 +00:00
itojun	61da54e3c0	port spec is not permitted to tunnel mode policy, as we don't reassemble fragments. perform more strict check against af match for tunnels. sync w/kame	2002-10-04 05:45:22 +00:00
provos	0f09ed48a5	remove trailing \n in panic(). approved perry.	2002-09-27 15:35:29 +00:00
itojun	9401012487	KNF - return is not a function. sync w/kame.	2002-09-11 02:46:42 +00:00
itojun	88122ef746	should return error code from key_senderror(). sync w/kame	2002-08-20 08:17:02 +00:00
itojun	ccc183b4d1	fixed that the incorrect time was set to sadb_comb_{hard\|soft}_usetime. sync w/kame	2002-08-20 06:20:26 +00:00
itojun	2169d69bcf	correct %d/%u mismatch. sync w/kame	2002-06-27 14:39:45 +00:00
itojun	c1808f02bf	cache pcb policy as much as possible. in fact, if policy is not IPSEC_POLICY_IPSEC we don't need to compare spidx. sync w/kame	2002-06-14 14:47:24 +00:00
itojun	dc96111483	deep-copy pcb policy if it is an ipsec policy. assign ID field to all SPD entries. make it possible for racoon to grab SPD entry on pcb (racoon side needs some changes). sync w/kame	2002-06-12 17:56:45 +00:00
itojun	cc8fe8c179	make function static	2002-06-12 03:46:16 +00:00
itojun	bad1f500a7	remove unused functions	2002-06-12 03:37:14 +00:00
itojun	3489976392	do not copy policy-on-socket at all. avoid copying packet header value to struct spindex. should reduce memory usage per socket/pcb, and should speedup ipsec processing. sync w/kame	2002-06-12 01:47:34 +00:00
itojun	fa53d749ff	share policy-on-pcb for listening socket. sync w/kame todo: share even more, avoid frequent updates of spidx	2002-06-11 19:39:59 +00:00
itojun	52d0ba15c8	reduce unneeded #ifdef	2002-05-30 05:51:21 +00:00
itojun	d208a22daa	use arc4random() where possible. XXX is it necessary to do microtime() on tcp syn cache?	2002-05-28 10:11:49 +00:00
itojun	12bdf036e2	pull in SPD lifetime management code. fix refcnt for SPD entries. sync w/kame XXX dead SPD entry lifetime - undergoing sakane's review	2002-05-19 08:22:12 +00:00
itojun	9244bd8154	document net.key.* sysctl. provide sysctl MIB for controlling proposal payload on ACQUIRE message. sync w/kame	2002-05-19 08:12:55 +00:00
itojun	691d519c66	remove unneeded decl for __ss_{len,family}	2002-05-19 07:54:05 +00:00
itojun	900347e4d0	comment wording	2002-03-21 02:27:50 +00:00
itojun	8e4fadc28a	missing splx	2002-03-01 04:19:42 +00:00
itojun	88123ecf38	change key_timehandler to take void * as argument. sync with kame. PR 14351	2002-01-31 07:05:43 +00:00
itojun	867ce59a46	use ipseclog() instead of #ifdef IPSEC_DEBUG, to make it possible to turn on/off debugging messages at runtime. sync with kame	2002-01-31 06:35:25 +00:00
itojun	8297f55292	change SPDUPDATE's behavior to meet with the latest KAME kit. (there's no need to have policy before SPDUPDATE)	2002-01-31 06:17:03 +00:00
lukem	2565646230	don't need <sys/types.h> when including <sys/param.h>	2001-11-15 09:47:59 +00:00
lukem	4f2ad95259	add RCSIDs	2001-11-13 00:56:55 +00:00
simonb	5f717f7c33	Don't need to include <uvm/uvm_extern.h> just to include <sys/sysctl.h> anymore.	2001-10-29 07:02:30 +00:00
itojun	07b78861d0	sync with kame: fixed the value of the prefixlen in the sadb_address structure. when pfkey message relative to SA is sent, the prefixlen was incorrect.	2001-10-19 01:57:20 +00:00
wiz	4c99916337	va_{start,end} audit: Make sure that each va_start has one and only one matching va_end, especially in error cases. If the va_list is used multiple times, do multiple va_starts/va_ends. If a function gets va_list as argument, don't let it use va_end (since it's the callers responsibility). Improved by comments from enami and christos -- thanks! Heimdal/krb4/KAME changes already fed back, rest to follow. Inspired by, but not not based on, OpenBSD.	2001-09-24 13:22:25 +00:00
wiz	456dff6cb8	Spell 'occurred' with two 'r's.	2001-09-16 16:34:23 +00:00
itojun	99c5195929	remove "#ifdef IPSEC_DEBUG" conditional from from key_debug.h (headers must have no #if). sync with kame	2001-08-12 11:52:43 +00:00
itojun	984d46bbc4	there is no KEY_DEBBUG. use IPSEC_DEBUG	2001-08-12 11:48:27 +00:00
itojun	57030e2f12	cache IPsec policy on in6?pcb. most of the lookup operations can be bypassed, especially when it is a connected SOCK_STREAM in6?pcb. sync with kame.	2001-08-06 10:25:00 +00:00
itojun	ce781443e0	pass replay sequence number on sadb_x_sa2 (it's outside of PF_KEY standard anyways).	2001-08-02 12:10:14 +00:00
itojun	182b1e5191	do not #ifdef KEY_DEBUG in header. sync with kame	2001-07-27 04:48:13 +00:00
mrg	8a49f07b1b	avoid assigning to policy_id twice. fixes more gcc 3.0 prerelease errors.	2001-06-04 21:38:28 +00:00
jdolecek	522f569810	make some more constant arrays 'const'	2001-02-21 21:39:52 +00:00
thorpej	786149d624	When processing an SADB_DELETE message, allow SADB_EXT_SA to be blank. In this case, we delete all non-LARVAL SAs that match the src/dst/protocol. This is particularly useful in IKE INITIAL-CONTACT processing. Idea from Bill Sommerfeld <sommerfeld@east.sun.com>, who implemented it in post-Solaris8.	2001-02-16 23:53:59 +00:00
itojun	a688af5edf	if 2nd parameter of key_acquire() is NULL it panics. key_acquire () does not really require 2nd argument. 1.179 -> 1.180 on kame.	2001-01-10 18:52:51 +00:00
itojun	8b5ceae516	don't waste entropy by use of key_random(). use key_randomfill() for IV initialization.	2000-10-07 12:08:33 +00:00
itojun	a6f9652adf	always use rnd(4) for IPsec random number source. avoid random(9). if there's no rnd(4), random(9) will be used with one-time warning printf(9). XXX not sure how good rnd_extract_data(RND_EXTRACT_ANY) is, under entropy- starvation situation	2000-10-05 04:49:17 +00:00
itojun	dcfe05e7c1	fix compilation without INET. fix confusion between ipsecstat and ipsec6stat. sync with kame.	2000-10-02 03:55:41 +00:00
itojun	8a9f93dc37	update ip compression algorithm lookup. attach sadb_comb for IP compression (not in RFC2367; discussed on pf_key@inner.net). sync with kame	2000-09-26 08:40:23 +00:00

1 2

86 Commits