version 1.41, 2017/07/07 01:37:34 |
version 1.42, 2017/07/14 01:24:23 |
Line 144 ipcomp_zeroize(struct secasvar *sav) |
|
Line 144 ipcomp_zeroize(struct secasvar *sav) |
|
* ipcomp_input() gets called to uncompress an input packet |
* ipcomp_input() gets called to uncompress an input packet |
*/ |
*/ |
static int |
static int |
ipcomp_input(struct mbuf *m, const struct secasvar *sav, int skip, int protoff) |
ipcomp_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff) |
{ |
{ |
struct tdb_crypto *tc; |
struct tdb_crypto *tc; |
struct cryptodesc *crdc; |
struct cryptodesc *crdc; |
Line 205 ipcomp_input(struct mbuf *m, const struc |
|
Line 205 ipcomp_input(struct mbuf *m, const struc |
|
tc->tc_proto = sav->sah->saidx.proto; |
tc->tc_proto = sav->sah->saidx.proto; |
tc->tc_protoff = protoff; |
tc->tc_protoff = protoff; |
tc->tc_skip = skip; |
tc->tc_skip = skip; |
|
tc->tc_sav = sav; |
|
KEY_SA_REF(sav); |
|
|
return crypto_dispatch(crp); |
return crypto_dispatch(crp); |
} |
} |
Line 252 ipcomp_input_cb(struct cryptop *crp) |
|
Line 254 ipcomp_input_cb(struct cryptop *crp) |
|
s = splsoftnet(); |
s = splsoftnet(); |
mutex_enter(softnet_lock); |
mutex_enter(softnet_lock); |
|
|
sav = KEY_LOOKUP_SA(&tc->tc_dst, tc->tc_proto, tc->tc_spi, sport, dport); |
sav = tc->tc_sav; |
if (sav == NULL) { |
if (__predict_false(!SADB_SASTATE_USABLE_P(sav))) { |
IPCOMP_STATINC(IPCOMP_STAT_NOTDB); |
KEY_FREESAV(&sav); |
DPRINTF(("%s: SA expired while in crypto\n", __func__)); |
sav = KEY_LOOKUP_SA(&tc->tc_dst, tc->tc_proto, tc->tc_spi, |
error = ENOBUFS; /*XXX*/ |
sport, dport); |
goto bad; |
if (sav == NULL) { |
|
IPCOMP_STATINC(IPCOMP_STAT_NOTDB); |
|
DPRINTF(("%s: SA expired while in crypto\n", __func__)); |
|
error = ENOBUFS; /*XXX*/ |
|
goto bad; |
|
} |
} |
} |
|
|
saidx = &sav->sah->saidx; |
saidx = &sav->sah->saidx; |
|
|
) |
) |
{ |
{ |
char buf[IPSEC_ADDRSTRLEN]; |
char buf[IPSEC_ADDRSTRLEN]; |
const struct secasvar *sav; |
struct secasvar *sav; |
const struct comp_algo *ipcompx; |
const struct comp_algo *ipcompx; |
int error, ralen, hlen, maxpacketsize; |
int error, ralen, hlen, maxpacketsize; |
struct cryptodesc *crdc; |
struct cryptodesc *crdc; |
|
|
tc->tc_proto = sav->sah->saidx.proto; |
tc->tc_proto = sav->sah->saidx.proto; |
tc->tc_skip = skip; |
tc->tc_skip = skip; |
tc->tc_protoff = protoff; |
tc->tc_protoff = protoff; |
|
tc->tc_sav = sav; |
|
KEY_SA_REF(sav); |
|
|
/* Crypto operation descriptor */ |
/* Crypto operation descriptor */ |
crp->crp_ilen = m->m_pkthdr.len; /* Total input length */ |
crp->crp_ilen = m->m_pkthdr.len; /* Total input length */ |
Line 527 ipcomp_output_cb(struct cryptop *crp) |
|
Line 536 ipcomp_output_cb(struct cryptop *crp) |
|
mutex_enter(softnet_lock); |
mutex_enter(softnet_lock); |
|
|
isr = tc->tc_isr; |
isr = tc->tc_isr; |
sav = KEY_LOOKUP_SA(&tc->tc_dst, tc->tc_proto, tc->tc_spi, 0, 0); |
sav = tc->tc_sav; |
if (sav == NULL) { |
if (__predict_false(!SADB_SASTATE_USABLE_P(sav))) { |
IPCOMP_STATINC(IPCOMP_STAT_NOTDB); |
KEY_FREESAV(&sav); |
DPRINTF(("%s: SA expired while in crypto\n", __func__)); |
sav = KEY_LOOKUP_SA(&tc->tc_dst, tc->tc_proto, tc->tc_spi, 0, 0); |
error = ENOBUFS; /*XXX*/ |
if (sav == NULL) { |
goto bad; |
IPCOMP_STATINC(IPCOMP_STAT_NOTDB); |
|
DPRINTF(("%s: SA expired while in crypto\n", __func__)); |
|
error = ENOBUFS; /*XXX*/ |
|
goto bad; |
|
} |
} |
} |
KASSERTMSG(isr->sav == sav, "SA changed"); |
KASSERTMSG(isr->sav == sav, "SA changed"); |
|
|