Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
117,114 Commits 606 Branches 0 Tags 3.1 GiB
c1ae398301
Commit Graph

94 Commits

Author SHA1 Message Date
itojun
c1ae398301 correct hashed SPI lookup. reported by Greg Troxel 2003-09-09 21:58:26 +00:00
itojun
8ca90bd4e4 add /kern/ipsecsa and /kern/ipsecsp, which can be inspected by setkey(8). 
it allows easier access to ipsecsa/sp.  it works around problem where
setkey -D does not work with large number of ipsec SAs due to socket buffer
size.
 2003-09-08 06:51:53 +00:00
itojun
bc1d89af4f splsoftnet in key_setspi 2003-09-08 01:55:09 +00:00
itojun
fdbe07d467 revisit spihash logic 2003-09-07 20:41:27 +00:00
itojun
800fe5d178 - prepare for RFC2401bis 64bit sequence number (no behavior change yet) 
- use hash for SPI-based SAD entry lookup (should be faster, i hope)
- cleanup keydb.c and key.c.  key.c is responsible for refcounting secasvar,
  keydb.c is responsible for alloc/free.
 2003-09-07 15:59:36 +00:00
itojun
52f8075c5a allow userland to specify SPD ID. more readable debugging messages. 2003-08-22 06:22:21 +00:00
itojun
616adf38ee backout; committed by mistake 2003-08-22 05:48:27 +00:00
itojun
190b098134 do not quit from key_sendup() even if writes to non-target socket fails. 
from SEIL team
 2003-08-22 05:46:37 +00:00
itojun
8453a28003 fixed that the kernel crashed when key_spdacquire() was called 
because key_spdacquire() had been implemented imcopletely.
sync w/kame
 2003-07-25 09:04:48 +00:00
itojun
da7d7203a8 fix comments, style 2003-07-22 11:12:15 +00:00
itojun
8f4ef7c537 clear enc/auth key before freeing 2003-07-22 11:01:09 +00:00
itojun
0d84200c22 clear scheduled key before freeing, for safety 2003-07-22 08:54:27 +00:00
itojun
7a78321a15 tighten sanity check on ipsec policy. sync w/kame 2003-06-16 08:11:03 +00:00
itojun
a02a0a383e don't permit port spec on tunnel mode policy. sync w/kame. 2002-12-09 03:20:45 +00:00
perry
4f27ab21b8 /*CONTCOND*/ while (0)'ed macros 2002-11-02 07:30:55 +00:00
dan
73aa8b3b5b warn about the arc4 generator if no NRND, but still use it 2002-10-07 00:40:15 +00:00
tls
0f95ec4fd5 ESP output was drawing down the entropy pool at a ferocious rate, a 
particular problem on hosts with only wireless interfaces that are
definitely not safe to use as entropy sources.

Add arc4randbytes() which hands out bytes from the same source used
by arc4random().  This is intended to be a _temporary_ interface
until we can design and implement a better general PRNG interface
that is decoupled from the entropy-pool implementation.

Modify key_randomfill() (used only for initialization vectors on
SA creation and via key_sa_stir_iv(), which does not "stir",
despite its name) to use arc4randbytes() instead of pulling bits
directly from the entropy pool.  It is my hope that this change
will pose minimal integration problems for the KAME folks as the
random-pool interface is *already* different between each BSD
variant; this just simplifies the NetBSD case and solves a
fairly serious problem.

Note that it is generally considered acceptable cryptographic
practice to use a fast stream cipher to generate IVs for encryption
with stronger block ciphers.  For example, the use of "non-Approved"
PRNGs to generate IVs for "Approved" block ciphers is explicitly
sanctioned by FIPS 140-2.
 2002-10-06 08:51:44 +00:00
itojun
61da54e3c0 port spec is not permitted to tunnel mode policy, as we don't reassemble 
fragments.  perform more strict check against af match for tunnels.  sync w/kame
 2002-10-04 05:45:22 +00:00
provos
0f09ed48a5 remove trailing \n in panic(). approved perry. 2002-09-27 15:35:29 +00:00
itojun
9401012487 KNF - return is not a function. sync w/kame. 2002-09-11 02:46:42 +00:00
itojun
88122ef746 should return error code from key_senderror(). sync w/kame 2002-08-20 08:17:02 +00:00
itojun
ccc183b4d1 fixed that the incorrect time was set to sadb_comb_{hard|soft}_usetime. 
sync w/kame
 2002-08-20 06:20:26 +00:00
itojun
2169d69bcf correct %d/%u mismatch. sync w/kame 2002-06-27 14:39:45 +00:00
itojun
c1808f02bf cache pcb policy as much as possible. in fact, if policy is not 
IPSEC_POLICY_IPSEC we don't need to compare spidx.  sync w/kame
 2002-06-14 14:47:24 +00:00
itojun
dc96111483 deep-copy pcb policy if it is an ipsec policy. assign ID field to all 
SPD entries.  make it possible for racoon to grab SPD entry on pcb
(racoon side needs some changes).  sync w/kame
 2002-06-12 17:56:45 +00:00
itojun
cc8fe8c179 make function static 2002-06-12 03:46:16 +00:00
itojun
bad1f500a7 remove unused functions 2002-06-12 03:37:14 +00:00
itojun
3489976392 do not copy policy-on-socket at all. avoid copying packet header value to 
struct spindex.  should reduce memory usage per socket/pcb, and should speedup
ipsec processing.  sync w/kame
 2002-06-12 01:47:34 +00:00
itojun
fa53d749ff share policy-on-pcb for listening socket. sync w/kame 
todo: share even more, avoid frequent updates of spidx
 2002-06-11 19:39:59 +00:00
itojun
52d0ba15c8 reduce unneeded #ifdef 2002-05-30 05:51:21 +00:00
itojun
d208a22daa use arc4random() where possible. 
XXX is it necessary to do microtime() on tcp syn cache?
 2002-05-28 10:11:49 +00:00
itojun
12bdf036e2 pull in SPD lifetime management code. fix refcnt for SPD entries. 
sync w/kame
XXX dead SPD entry lifetime - undergoing sakane's review
 2002-05-19 08:22:12 +00:00
itojun
9244bd8154 document net.key.* sysctl. provide sysctl MIB for controlling 
proposal payload on ACQUIRE message.  sync w/kame
 2002-05-19 08:12:55 +00:00
itojun
691d519c66 remove unneeded decl for __ss_{len,family} 2002-05-19 07:54:05 +00:00
itojun
900347e4d0 comment wording 2002-03-21 02:27:50 +00:00
itojun
8e4fadc28a missing splx 2002-03-01 04:19:42 +00:00
itojun
88123ecf38 change key_timehandler to take void * as argument. sync with kame. 
PR 14351
 2002-01-31 07:05:43 +00:00
itojun
867ce59a46 use ipseclog() instead of #ifdef IPSEC_DEBUG, to make it possible to 
turn on/off debugging messages at runtime.  sync with kame
 2002-01-31 06:35:25 +00:00
itojun
8297f55292 change SPDUPDATE's behavior to meet with the latest KAME kit. 
(there's no need to have policy before SPDUPDATE)
 2002-01-31 06:17:03 +00:00
lukem
2565646230 don't need <sys/types.h> when including <sys/param.h> 2001-11-15 09:47:59 +00:00
lukem
4f2ad95259 add RCSIDs 2001-11-13 00:56:55 +00:00
simonb
5f717f7c33 Don't need to include <uvm/uvm_extern.h> just to include <sys/sysctl.h> 
anymore.
 2001-10-29 07:02:30 +00:00
itojun
07b78861d0 sync with kame: 
fixed the value of the prefixlen in the sadb_address structure.
when pfkey message relative to SA is sent, the prefixlen was incorrect.
 2001-10-19 01:57:20 +00:00
wiz
4c99916337 va_{start,end} audit: 
Make sure that each va_start has one and only one matching va_end,
especially in error cases.
If the va_list is used multiple times, do multiple va_starts/va_ends.
If a function gets va_list as argument, don't let it use va_end (since
it's the callers responsibility).

Improved by comments from enami and christos -- thanks!

Heimdal/krb4/KAME changes already fed back, rest to follow.

Inspired by, but not not based on, OpenBSD.
 2001-09-24 13:22:25 +00:00
wiz
456dff6cb8 Spell 'occurred' with two 'r's. 2001-09-16 16:34:23 +00:00
itojun
99c5195929 remove "#ifdef IPSEC_DEBUG" conditional from from key_debug.h 
(headers must have no #if).  sync with kame
 2001-08-12 11:52:43 +00:00
itojun
984d46bbc4 there is no KEY_DEBBUG. use IPSEC_DEBUG 2001-08-12 11:48:27 +00:00
itojun
57030e2f12 cache IPsec policy on in6?pcb. most of the lookup operations can be bypassed, 
especially when it is a connected SOCK_STREAM in6?pcb.  sync with kame.
 2001-08-06 10:25:00 +00:00
itojun
ce781443e0 pass replay sequence number on sadb_x_sa2 (it's outside of PF_KEY standard 
anyways).
 2001-08-02 12:10:14 +00:00
itojun
182b1e5191 do not #ifdef KEY_DEBUG in header. sync with kame 2001-07-27 04:48:13 +00:00