f5c2aa04b0
splsoftnet() on spd/sad-dump-via-sysctl to ensure no 2 threads to go into
...
the function, or entries being removed during the dump operation.
suenaga@iij
2003-11-10 10:52:13 +00:00
57b5c736df
suppress -Wuninitialized
2003-11-04 05:50:54 +00:00
e4e2331f07
fixed uninitialized variable
2003-10-25 08:27:12 +00:00
e6d129819b
update m_pkthdr.len
2003-10-13 08:55:59 +00:00
ec5e739b46
extra blank line
2003-09-23 00:03:05 +00:00
cd71ebe2f7
mark security policy that should persist in the system "persistent".
...
this should prevent recently-reported kernel panic when "spdflush" is issued.
2003-09-22 04:47:43 +00:00
17dc15d92a
unifdef -UFAST_IPSEC
2003-09-20 05:12:45 +00:00
782cbb14c5
2^n hash table is better in the kernel. advise by perry@netbsd
2003-09-14 07:30:32 +00:00
d669285a77
use prime number to hash SPI
2003-09-14 03:11:31 +00:00
72bcf50f26
no need for netipsec/key*, they are almost identical to netkey/key*
2003-09-12 11:09:32 +00:00
6371ddf557
make it possible to SADB_DUMP via sysctl. request by mrg
2003-09-12 07:38:10 +00:00
49fa1efdc6
remove #define for bsdi
2003-09-12 00:27:59 +00:00
14756c7d6d
kill unneeded variable
2003-09-12 00:10:25 +00:00
c1ae398301
correct hashed SPI lookup. reported by Greg Troxel
2003-09-09 21:58:26 +00:00
8ca90bd4e4
add /kern/ipsecsa and /kern/ipsecsp, which can be inspected by setkey(8).
...
it allows easier access to ipsecsa/sp. it works around problem where
setkey -D does not work with large number of ipsec SAs due to socket buffer
size.
2003-09-08 06:51:53 +00:00
bc1d89af4f
splsoftnet in key_setspi
2003-09-08 01:55:09 +00:00
fdbe07d467
revisit spihash logic
2003-09-07 20:41:27 +00:00
800fe5d178
- prepare for RFC2401bis 64bit sequence number (no behavior change yet)
...
- use hash for SPI-based SAD entry lookup (should be faster, i hope)
- cleanup keydb.c and key.c. key.c is responsible for refcounting secasvar,
keydb.c is responsible for alloc/free.
2003-09-07 15:59:36 +00:00
52f8075c5a
allow userland to specify SPD ID. more readable debugging messages.
2003-08-22 06:22:21 +00:00
80e0659dae
KNF
2003-08-22 06:21:09 +00:00
616adf38ee
backout; committed by mistake
2003-08-22 05:48:27 +00:00
190b098134
do not quit from key_sendup() even if writes to non-target socket fails.
...
from SEIL team
2003-08-22 05:46:37 +00:00
8453a28003
fixed that the kernel crashed when key_spdacquire() was called
...
because key_spdacquire() had been implemented imcopletely.
sync w/kame
2003-07-25 09:04:48 +00:00
da7d7203a8
fix comments, style
2003-07-22 11:12:15 +00:00
8f4ef7c537
clear enc/auth key before freeing
2003-07-22 11:01:09 +00:00
0d84200c22
clear scheduled key before freeing, for safety
2003-07-22 08:54:27 +00:00
d5aece61d6
Back out the lwp/ktrace changes. They contained a lot of colateral damage,
...
and need to be examined and discussed more.
2003-06-29 22:28:00 +00:00
d1c5820781
malloc() returns "void *", we don't need to cast the return value.
2003-06-28 14:33:39 +00:00
960df3c8d1
Pass lwp pointers throughtout the kernel, as required, so that the lwpid can
...
be inserted into ktrace records. The general change has been to replace
"struct proc *" with "struct lwp *" in various function prototypes, pass
the lwp through and use l_proc to get the process pointer when needed.
Bump the kernel rev up to 1.6V
2003-06-28 14:20:43 +00:00
7a78321a15
tighten sanity check on ipsec policy. sync w/kame
2003-06-16 08:11:03 +00:00
b193480908
Add extensible malloc types, adapted from FreeBSD. This turns
...
malloc types into a structure, a pointer to which is passed around,
instead of an int constant. Allow the limit to be adjusted when the
malloc type is defined, or with a function call, as suggested by
Jonathan Stone.
2003-02-01 06:23:35 +00:00
177ed24b8b
allocate route_in6 in struct secashead, to avoid mistakenly overrun
...
the end of secashead. Fixes PR18751.
2003-01-08 05:46:49 +00:00
a02a0a383e
don't permit port spec on tunnel mode policy. sync w/kame.
2002-12-09 03:20:45 +00:00
0635de35a3
Remove KDIR=, since SYS_INCLUDE=symlinks and KDIR are not supported any more.
2002-11-26 23:30:07 +00:00
4f27ab21b8
/*CONTCOND*/ while (0)'ed macros
2002-11-02 07:30:55 +00:00
73aa8b3b5b
warn about the arc4 generator if no NRND, but still use it
2002-10-07 00:40:15 +00:00
0f95ec4fd5
ESP output was drawing down the entropy pool at a ferocious rate, a
...
particular problem on hosts with only wireless interfaces that are
definitely not safe to use as entropy sources.
Add arc4randbytes() which hands out bytes from the same source used
by arc4random(). This is intended to be a _temporary_ interface
until we can design and implement a better general PRNG interface
that is decoupled from the entropy-pool implementation.
Modify key_randomfill() (used only for initialization vectors on
SA creation and via key_sa_stir_iv(), which does not "stir",
despite its name) to use arc4randbytes() instead of pulling bits
directly from the entropy pool. It is my hope that this change
will pose minimal integration problems for the KAME folks as the
random-pool interface is *already* different between each BSD
variant; this just simplifies the NetBSD case and solves a
fairly serious problem.
Note that it is generally considered acceptable cryptographic
practice to use a fast stream cipher to generate IVs for encryption
with stronger block ciphers. For example, the use of "non-Approved"
PRNGs to generate IVs for "Approved" block ciphers is explicitly
sanctioned by FIPS 140-2.
2002-10-06 08:51:44 +00:00
61da54e3c0
port spec is not permitted to tunnel mode policy, as we don't reassemble
...
fragments. perform more strict check against af match for tunnels. sync w/kame
2002-10-04 05:45:22 +00:00
0f09ed48a5
remove trailing \n in panic(). approved perry.
2002-09-27 15:35:29 +00:00
01965cd2e0
fix signed/unsigned pointer mixup
2002-09-23 13:43:42 +00:00
9401012487
KNF - return is not a function. sync w/kame.
2002-09-11 02:46:42 +00:00
6dedde045a
correct signedness mixup in pointer passing. sync w/kame
2002-09-11 02:41:19 +00:00
88122ef746
should return error code from key_senderror(). sync w/kame
2002-08-20 08:17:02 +00:00
ccc183b4d1
fixed that the incorrect time was set to sadb_comb_{hard|soft}_usetime.
...
sync w/kame
2002-08-20 06:20:26 +00:00
2169d69bcf
correct %d/%u mismatch. sync w/kame
2002-06-27 14:39:45 +00:00
c1808f02bf
cache pcb policy as much as possible. in fact, if policy is not
...
IPSEC_POLICY_IPSEC we don't need to compare spidx. sync w/kame
2002-06-14 14:47:24 +00:00
dc96111483
deep-copy pcb policy if it is an ipsec policy. assign ID field to all
...
SPD entries. make it possible for racoon to grab SPD entry on pcb
(racoon side needs some changes). sync w/kame
2002-06-12 17:56:45 +00:00
cc8fe8c179
make function static
2002-06-12 03:46:16 +00:00
bad1f500a7
remove unused functions
2002-06-12 03:37:14 +00:00
3489976392
do not copy policy-on-socket at all. avoid copying packet header value to
...
struct spindex. should reduce memory usage per socket/pcb, and should speedup
ipsec processing. sync w/kame
2002-06-12 01:47:34 +00:00
fa53d749ff
share policy-on-pcb for listening socket. sync w/kame
...
todo: share even more, avoid frequent updates of spidx
2002-06-11 19:39:59 +00:00
52d0ba15c8
reduce unneeded #ifdef
2002-05-30 05:51:21 +00:00
d208a22daa
use arc4random() where possible.
...
XXX is it necessary to do microtime() on tcp syn cache?
2002-05-28 10:11:49 +00:00
12bdf036e2
pull in SPD lifetime management code. fix refcnt for SPD entries.
...
sync w/kame
XXX dead SPD entry lifetime - undergoing sakane's review
2002-05-19 08:22:12 +00:00
9244bd8154
document net.key.* sysctl. provide sysctl MIB for controlling
...
proposal payload on ACQUIRE message. sync w/kame
2002-05-19 08:12:55 +00:00
691d519c66
remove unneeded decl for __ss_{len,family}
2002-05-19 07:54:05 +00:00
0c85427e40
remove unneeded #if
2002-03-21 04:41:03 +00:00
53a52c0ad8
pfkey statistics was presented in wrong direction.
2002-03-21 04:23:36 +00:00
418fefdef0
remove a function no longer in use
2002-03-21 04:10:21 +00:00
900347e4d0
comment wording
2002-03-21 02:27:50 +00:00
8e4fadc28a
missing splx
2002-03-01 04:19:42 +00:00
3edb75b9d5
unifdef -D__NetBSD__
2002-03-01 04:16:38 +00:00
88123ecf38
change key_timehandler to take void * as argument. sync with kame.
...
PR 14351
2002-01-31 07:05:43 +00:00
867ce59a46
use ipseclog() instead of #ifdef IPSEC_DEBUG, to make it possible to
...
turn on/off debugging messages at runtime. sync with kame
2002-01-31 06:35:25 +00:00
8297f55292
change SPDUPDATE's behavior to meet with the latest KAME kit.
...
(there's no need to have policy before SPDUPDATE)
2002-01-31 06:17:03 +00:00
2565646230
don't need <sys/types.h> when including <sys/param.h>
2001-11-15 09:47:59 +00:00
4f2ad95259
add RCSIDs
2001-11-13 00:56:55 +00:00
5f717f7c33
Don't need to include <uvm/uvm_extern.h> just to include <sys/sysctl.h>
...
anymore.
2001-10-29 07:02:30 +00:00
07b78861d0
sync with kame:
...
fixed the value of the prefixlen in the sadb_address structure.
when pfkey message relative to SA is sent, the prefixlen was incorrect.
2001-10-19 01:57:20 +00:00
4c99916337
va_{start,end} audit:
...
Make sure that each va_start has one and only one matching va_end,
especially in error cases.
If the va_list is used multiple times, do multiple va_starts/va_ends.
If a function gets va_list as argument, don't let it use va_end (since
it's the callers responsibility).
Improved by comments from enami and christos -- thanks!
Heimdal/krb4/KAME changes already fed back, rest to follow.
Inspired by, but not not based on, OpenBSD.
2001-09-24 13:22:25 +00:00
456dff6cb8
Spell 'occurred' with two 'r's.
2001-09-16 16:34:23 +00:00
fd048b8ff1
avoid symbol conflict with "sin()".
2001-08-16 14:28:54 +00:00
99c5195929
remove "#ifdef IPSEC_DEBUG" conditional from from key_debug.h
...
(headers must have no #if). sync with kame
2001-08-12 11:52:43 +00:00
984d46bbc4
there is no KEY_DEBBUG. use IPSEC_DEBUG
2001-08-12 11:48:27 +00:00
57030e2f12
cache IPsec policy on in6?pcb. most of the lookup operations can be bypassed,
...
especially when it is a connected SOCK_STREAM in6?pcb. sync with kame.
2001-08-06 10:25:00 +00:00
ce781443e0
pass replay sequence number on sadb_x_sa2 (it's outside of PF_KEY standard
...
anyways).
2001-08-02 12:10:14 +00:00
b26591525e
remove "register" variable specifier. sync with kame
2001-08-02 11:32:14 +00:00
182b1e5191
do not #ifdef KEY_DEBUG in header. sync with kame
2001-07-27 04:48:13 +00:00
8a49f07b1b
avoid assigning to policy_id twice. fixes more gcc 3.0 prerelease errors.
2001-06-04 21:38:28 +00:00
c13e3a6693
use _KERNEL_OPT
2001-05-30 11:40:35 +00:00
14dbdf5518
Negative exit code cleanup: Replace exit(-x) with exit(x).
...
As seen on tech-userlevel.
2001-04-06 11:13:45 +00:00
522f569810
make some more constant arrays 'const'
2001-02-21 21:39:52 +00:00
786149d624
When processing an SADB_DELETE message, allow SADB_EXT_SA to be
...
blank. In this case, we delete all non-LARVAL SAs that match the
src/dst/protocol. This is particularly useful in IKE INITIAL-CONTACT
processing. Idea from Bill Sommerfeld <sommerfeld@east.sun.com>, who
implemented it in post-Solaris8.
2001-02-16 23:53:59 +00:00
a688af5edf
if 2nd parameter of key_acquire() is NULL it panics.
...
key_acquire () does not really require 2nd argument.
1.179 -> 1.180 on kame.
2001-01-10 18:52:51 +00:00
8b5ceae516
don't waste entropy by use of key_random(). use key_randomfill() for
...
IV initialization.
2000-10-07 12:08:33 +00:00
a6f9652adf
always use rnd(4) for IPsec random number source. avoid random(9).
...
if there's no rnd(4), random(9) will be used with one-time warning printf(9).
XXX not sure how good rnd_extract_data(RND_EXTRACT_ANY) is, under entropy-
starvation situation
2000-10-05 04:49:17 +00:00
dcfe05e7c1
fix compilation without INET. fix confusion between ipsecstat and ipsec6stat.
...
sync with kame.
2000-10-02 03:55:41 +00:00
8a9f93dc37
update ip compression algorithm lookup.
...
attach sadb_comb for IP compression (not in RFC2367;
discussed on pf_key@inner.net ). sync with kame
2000-09-26 08:40:23 +00:00
89f53512af
use real wallclock (got by microtime) to compute IPsec database lifetimes.
...
previous code used interval timers, and had problem with suspend/resume.
sync with KAME.
2000-09-22 16:55:04 +00:00
fd5d3908d3
wake up socket even with socket recieve buffer is full. otherwise,
...
we will have lots of pending mbufs on heavy SADB_ACQUIRE traffic.
KAME 1.22 -> 1.23
2000-09-22 08:28:56 +00:00
5f3d7ea2b5
suppress debugging message in key_acquire2(). this is purely for debugging,
...
not useful/no interest from normal use. KAME 1.155 -> 1.156
2000-09-21 20:35:09 +00:00
6aadfa317f
on SADB_UPDATE, check SPI range only for AH/ESP, not IPComp.
...
endian/signedness fix for debug messages.
KAME 1.154 -> 1.155
2000-09-20 19:55:05 +00:00
1e79c22464
repair SADB_ADD/UPDATE for ipcomp. no encryption key will be attached to
...
ipcomp. (KAME 1.53 -> 1.54)
2000-09-20 00:42:47 +00:00
6a4cd1c5f9
make proposal/combination PF_KEY message on SADB_ACQUIRE optional, to
...
support ipcomp ACQUIRE messages (again).
it violates RFC2367 slightly. RFC2367 does not suport ipcomp at all
so we have no choice.
(KAME 1.151 -> 1.152)
do not leave dangling pointer after KFREE(). caused kernel panic with
certain PF_KEY message (error case) - only root can open PF_KEY socket
so it is not security issue.
(KAME 1.152 -> 1.153)
2000-09-20 00:08:42 +00:00
bb8d535cc5
use per-block cipher function + esp_cbc_{de,en}crypt. do not use
...
cbc-over-mbuf functions in sys/crypto.
the change should make it much easier to switch crypto function to
machine-dependent ones (like assembly code under sys/arch/i386/crypto?).
also it should be much easier to import AES algorithms.
XXX: it looks that past blowfish-cbc code was buggy. i ran some test pattern,
and new blowfish-cbc code looks more correct. there's no interoperability
between the old code (before the commit) and the new code (after the commit).
XXX: need serious interop tests before move it into 1.5 branch
2000-08-29 09:08:42 +00:00
e101febc8f
make sure to stir ESP IV. pool allocator gives me almost constant
...
value. we may need to do an advisory...
2000-08-27 17:41:12 +00:00
9e0a696a8a
remove #ifdef notdef part. sync with kame.
2000-07-26 07:40:52 +00:00
411ff12b27
pre-compute and cache intermediate crypto key. suggestion from sommerfeld,
...
sync with kame.
loopback, blowfish-cbc transport mode, 128bit key
before: 86588496 bytes received in 00:42 (1.94 MB/s)
after: 86588496 bytes received in 00:31 (2.58 MB/s)
2000-07-23 05:23:04 +00:00
65d37eff7f
correct RFC2367 PF_KEY conformance (SADB_[AE]ALG_xx values and namespaces).
...
sync from kame.
WARNING: need recompilation of setkey(8) and pkgsrc/security/racoon.
(no ipsec-ready netbsd was released as official release)
2000-07-18 14:56:42 +00:00
aa0b8be4f4
move ipsec_{hex,bin}dump() into #ifdef wrapper.
...
libipsec: remove unnecessary #include key_debug.h.
2000-07-04 04:41:54 +00:00
itojun