![[BACK]](/icons/back.gif){kind=icon}
Return to ip_ah.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / sys / netinet|
Return to ip_ah.c CVS log | Up to [local] / sys / netinet |
1.1 ! nbrk 1: /* $OpenBSD: ip_ah.c,v 1.89 2007/02/14 00:53:48 jsg Exp $ */
! 2: /*
! 3: * The authors of this code are John Ioannidis (ji@tla.org),
! 4: * Angelos D. Keromytis (kermit@csd.uch.gr) and
! 5: * Niels Provos (provos@physnet.uni-hamburg.de).
! 6: *
! 7: * The original version of this code was written by John Ioannidis
! 8: * for BSD/OS in Athens, Greece, in November 1995.
! 9: *
! 10: * Ported to OpenBSD and NetBSD, with additional transforms, in December 1996,
! 11: * by Angelos D. Keromytis.
! 12: *
! 13: * Additional transforms and features in 1997 and 1998 by Angelos D. Keromytis
! 14: * and Niels Provos.
! 15: *
! 16: * Additional features in 1999 by Angelos D. Keromytis and Niklas Hallqvist.
! 17: *
! 18: * Copyright (c) 1995, 1996, 1997, 1998, 1999 by John Ioannidis,
! 19: * Angelos D. Keromytis and Niels Provos.
! 20: * Copyright (c) 1999 Niklas Hallqvist.
! 21: * Copyright (c) 2001 Angelos D. Keromytis.
! 22: *
! 23: * Permission to use, copy, and modify this software with or without fee
! 24: * is hereby granted, provided that this entire notice is included in
! 25: * all copies of any software which is or includes a copy or
! 26: * modification of this software.
! 27: * You may use this code under the GNU public license if you so wish. Please
! 28: * contribute changes back to the authors under this freer than GPL license
! 29: * so that we may further the use of strong encryption without limitations to
! 30: * all.
! 31: *
! 32: * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
! 33: * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY
! 34: * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
! 35: * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
! 36: * PURPOSE.
! 37: */
! 38:
! 39: #include "pfsync.h"
! 40:
! 41: #include <sys/param.h>
! 42: #include <sys/systm.h>
! 43: #include <sys/mbuf.h>
! 44: #include <sys/socket.h>
! 45:
! 46: #include <net/if.h>
! 47: #include <net/bpf.h>
! 48:
! 49: #ifdef INET
! 50: #include <netinet/in.h>
! 51: #include <netinet/in_systm.h>
! 52: #include <netinet/ip.h>
! 53: #include <netinet/ip_var.h>
! 54: #endif /* INET */
! 55:
! 56: #ifdef INET6
! 57: #ifndef INET
! 58: #include <netinet/in.h>
! 59: #endif /* INET */
! 60: #include <netinet/ip6.h>
! 61: #endif /* INET6 */
! 62:
! 63: #include <netinet/ip_ipsp.h>
! 64: #include <netinet/ip_ah.h>
! 65: #include <net/pfkeyv2.h>
! 66: #include <net/if_enc.h>
! 67:
! 68: #if NPFSYNC > 0
! 69: #include <net/pfvar.h>
! 70: #include <net/if_pfsync.h>
! 71: #endif /* NPFSYNC > 0 */
! 72:
! 73: #include <crypto/cryptodev.h>
! 74: #include <crypto/xform.h>
! 75:
! 76: #include "bpfilter.h"
! 77:
! 78: #ifdef ENCDEBUG
! 79: #define DPRINTF(x) if (encdebug) printf x
! 80: #else
! 81: #define DPRINTF(x)
! 82: #endif
! 83:
! 84: struct ahstat ahstat;
! 85:
! 86: /*
! 87: * ah_attach() is called from the transformation initialization code.
! 88: */
! 89: int
! 90: ah_attach()
! 91: {
! 92: return 0;
! 93: }
! 94:
! 95: /*
! 96: * ah_init() is called when an SPI is being set up.
! 97: */
! 98: int
! 99: ah_init(struct tdb *tdbp, struct xformsw *xsp, struct ipsecinit *ii)
! 100: {
! 101: struct auth_hash *thash = NULL;
! 102: struct cryptoini cria;
! 103:
! 104: /* Authentication operation. */
! 105: switch (ii->ii_authalg) {
! 106: case SADB_AALG_MD5HMAC:
! 107: thash = &auth_hash_hmac_md5_96;
! 108: break;
! 109:
! 110: case SADB_AALG_SHA1HMAC:
! 111: thash = &auth_hash_hmac_sha1_96;
! 112: break;
! 113:
! 114: case SADB_X_AALG_RIPEMD160HMAC:
! 115: thash = &auth_hash_hmac_ripemd_160_96;
! 116: break;
! 117:
! 118: case SADB_X_AALG_SHA2_256:
! 119: thash = &auth_hash_hmac_sha2_256_96;
! 120: break;
! 121:
! 122: case SADB_X_AALG_SHA2_384:
! 123: thash = &auth_hash_hmac_sha2_384_96;
! 124: break;
! 125:
! 126: case SADB_X_AALG_SHA2_512:
! 127: thash = &auth_hash_hmac_sha2_512_96;
! 128: break;
! 129:
! 130: case SADB_X_AALG_MD5:
! 131: thash = &auth_hash_key_md5;
! 132: break;
! 133:
! 134: case SADB_X_AALG_SHA1:
! 135: thash = &auth_hash_key_sha1;
! 136: break;
! 137:
! 138: default:
! 139: DPRINTF(("ah_init(): unsupported authentication algorithm %d specified\n", ii->ii_authalg));
! 140: return EINVAL;
! 141: }
! 142:
! 143: if (ii->ii_authkeylen != thash->keysize && thash->keysize != 0) {
! 144: DPRINTF(("ah_init(): keylength %d doesn't match algorithm "
! 145: "%s keysize (%d)\n", ii->ii_authkeylen, thash->name,
! 146: thash->keysize));
! 147: return EINVAL;
! 148: }
! 149:
! 150: tdbp->tdb_xform = xsp;
! 151: tdbp->tdb_authalgxform = thash;
! 152: tdbp->tdb_bitmap = 0;
! 153: tdbp->tdb_rpl = AH_HMAC_INITIAL_RPL;
! 154:
! 155: DPRINTF(("ah_init(): initialized TDB with hash algorithm %s\n",
! 156: thash->name));
! 157:
! 158: tdbp->tdb_amxkeylen = ii->ii_authkeylen;
! 159: MALLOC(tdbp->tdb_amxkey, u_int8_t *, tdbp->tdb_amxkeylen, M_XDATA,
! 160: M_WAITOK);
! 161:
! 162: bcopy(ii->ii_authkey, tdbp->tdb_amxkey, tdbp->tdb_amxkeylen);
! 163:
! 164: /* Initialize crypto session. */
! 165: bzero(&cria, sizeof(cria));
! 166: cria.cri_alg = tdbp->tdb_authalgxform->type;
! 167: cria.cri_klen = ii->ii_authkeylen * 8;
! 168: cria.cri_key = ii->ii_authkey;
! 169:
! 170: return crypto_newsession(&tdbp->tdb_cryptoid, &cria, 0);
! 171: }
! 172:
! 173: /*
! 174: * Paranoia.
! 175: */
! 176: int
! 177: ah_zeroize(struct tdb *tdbp)
! 178: {
! 179: int err;
! 180:
! 181: if (tdbp->tdb_amxkey) {
! 182: bzero(tdbp->tdb_amxkey, tdbp->tdb_amxkeylen);
! 183: FREE(tdbp->tdb_amxkey, M_XDATA);
! 184: tdbp->tdb_amxkey = NULL;
! 185: }
! 186:
! 187: err = crypto_freesession(tdbp->tdb_cryptoid);
! 188: tdbp->tdb_cryptoid = 0;
! 189: return err;
! 190: }
! 191:
! 192: /*
! 193: * Massage IPv4/IPv6 headers for AH processing.
! 194: */
! 195: int
! 196: ah_massage_headers(struct mbuf **m0, int proto, int skip, int alg, int out)
! 197: {
! 198: struct mbuf *m = *m0;
! 199: unsigned char *ptr;
! 200: int off, count;
! 201:
! 202: #ifdef INET
! 203: struct ip *ip;
! 204: #endif /* INET */
! 205:
! 206: #ifdef INET6
! 207: struct ip6_ext *ip6e;
! 208: struct ip6_hdr ip6;
! 209: int ad, alloc, nxt;
! 210: #endif /* INET6 */
! 211:
! 212: switch (proto) {
! 213: #ifdef INET
! 214: case AF_INET:
! 215: /*
! 216: * This is the least painful way of dealing with IPv4 header
! 217: * and option processing -- just make sure they're in
! 218: * contiguous memory.
! 219: */
! 220: *m0 = m = m_pullup(m, skip);
! 221: if (m == NULL) {
! 222: DPRINTF(("ah_massage_headers(): m_pullup() failed\n"));
! 223: ahstat.ahs_hdrops++;
! 224: return ENOBUFS;
! 225: }
! 226:
! 227: /* Fix the IP header */
! 228: ip = mtod(m, struct ip *);
! 229: ip->ip_tos = 0;
! 230: ip->ip_ttl = 0;
! 231: ip->ip_sum = 0;
! 232:
! 233: /*
! 234: * On input, fix ip_len which has been byte-swapped
! 235: * at ip_input().
! 236: */
! 237: if (alg == CRYPTO_MD5_KPDK || alg == CRYPTO_SHA1_KPDK)
! 238: ip->ip_off &= htons(IP_DF);
! 239: else
! 240: ip->ip_off = 0;
! 241:
! 242: ptr = mtod(m, unsigned char *) + sizeof(struct ip);
! 243:
! 244: /* IPv4 option processing */
! 245: for (off = sizeof(struct ip); off < skip;) {
! 246: if (ptr[off] == IPOPT_EOL || ptr[off] == IPOPT_NOP ||
! 247: off + 1 < skip)
! 248: ;
! 249: else {
! 250: DPRINTF(("ah_massage_headers(): illegal IPv4 "
! 251: "option length for option %d\n",
! 252: ptr[off]));
! 253:
! 254: ahstat.ahs_hdrops++;
! 255: m_freem(m);
! 256: return EINVAL;
! 257: }
! 258:
! 259: switch (ptr[off]) {
! 260: case IPOPT_EOL:
! 261: off = skip; /* End the loop. */
! 262: break;
! 263:
! 264: case IPOPT_NOP:
! 265: off++;
! 266: break;
! 267:
! 268: case IPOPT_SECURITY: /* 0x82 */
! 269: case 0x85: /* Extended security. */
! 270: case 0x86: /* Commercial security. */
! 271: case 0x94: /* Router alert */
! 272: case 0x95: /* RFC1770 */
! 273: /* Sanity check for option length. */
! 274: if (ptr[off + 1] < 2) {
! 275: DPRINTF(("ah_massage_headers(): "
! 276: "illegal IPv4 option length for "
! 277: "option %d\n", ptr[off]));
! 278:
! 279: ahstat.ahs_hdrops++;
! 280: m_freem(m);
! 281: return EINVAL;
! 282: }
! 283:
! 284: off += ptr[off + 1];
! 285: break;
! 286:
! 287: case IPOPT_LSRR:
! 288: case IPOPT_SSRR:
! 289: /* Sanity check for option length. */
! 290: if (ptr[off + 1] < 2) {
! 291: DPRINTF(("ah_massage_headers(): "
! 292: "illegal IPv4 option length for "
! 293: "option %d\n", ptr[off]));
! 294:
! 295: ahstat.ahs_hdrops++;
! 296: m_freem(m);
! 297: return EINVAL;
! 298: }
! 299:
! 300: /*
! 301: * On output, if we have either of the
! 302: * source routing options, we should
! 303: * swap the destination address of the
! 304: * IP header with the last address
! 305: * specified in the option, as that is
! 306: * what the destination's IP header
! 307: * will look like.
! 308: */
! 309: if (out)
! 310: bcopy(ptr + off + ptr[off + 1] -
! 311: sizeof(struct in_addr),
! 312: &(ip->ip_dst), sizeof(struct in_addr));
! 313:
! 314: /* FALLTHROUGH */
! 315: default:
! 316: /* Sanity check for option length. */
! 317: if (ptr[off + 1] < 2) {
! 318: DPRINTF(("ah_massage_headers(): "
! 319: "illegal IPv4 option length for "
! 320: "option %d\n", ptr[off]));
! 321: ahstat.ahs_hdrops++;
! 322: m_freem(m);
! 323: return EINVAL;
! 324: }
! 325:
! 326: /* Zeroize all other options. */
! 327: count = ptr[off + 1];
! 328: bcopy(ipseczeroes, ptr, count);
! 329: off += count;
! 330: break;
! 331: }
! 332:
! 333: /* Sanity check. */
! 334: if (off > skip) {
! 335: DPRINTF(("ah_massage_headers(): malformed "
! 336: "IPv4 options header\n"));
! 337:
! 338: ahstat.ahs_hdrops++;
! 339: m_freem(m);
! 340: return EINVAL;
! 341: }
! 342: }
! 343:
! 344: break;
! 345: #endif /* INET */
! 346:
! 347: #ifdef INET6
! 348: case AF_INET6: /* Ugly... */
! 349: /* Copy and "cook" the IPv6 header. */
! 350: m_copydata(m, 0, sizeof(ip6), (caddr_t) &ip6);
! 351:
! 352: /* We don't do IPv6 Jumbograms. */
! 353: if (ip6.ip6_plen == 0) {
! 354: DPRINTF(("ah_massage_headers(): unsupported IPv6 "
! 355: "jumbogram"));
! 356: ahstat.ahs_hdrops++;
! 357: m_freem(m);
! 358: return EMSGSIZE;
! 359: }
! 360:
! 361: ip6.ip6_flow = 0;
! 362: ip6.ip6_hlim = 0;
! 363: ip6.ip6_vfc &= ~IPV6_VERSION_MASK;
! 364: ip6.ip6_vfc |= IPV6_VERSION;
! 365:
! 366: /* Scoped address handling. */
! 367: if (IN6_IS_SCOPE_EMBED(&ip6.ip6_src))
! 368: ip6.ip6_src.s6_addr16[1] = 0;
! 369: if (IN6_IS_SCOPE_EMBED(&ip6.ip6_dst))
! 370: ip6.ip6_dst.s6_addr16[1] = 0;
! 371:
! 372: /* Done with IPv6 header. */
! 373: m_copyback(m, 0, sizeof(struct ip6_hdr), &ip6);
! 374:
! 375: /* Let's deal with the remaining headers (if any). */
! 376: if (skip - sizeof(struct ip6_hdr) > 0) {
! 377: if (m->m_len <= skip) {
! 378: MALLOC(ptr, unsigned char *,
! 379: skip - sizeof(struct ip6_hdr),
! 380: M_XDATA, M_NOWAIT);
! 381: if (ptr == NULL) {
! 382: DPRINTF(("ah_massage_headers(): failed to allocate memory for IPv6 headers\n"));
! 383: ahstat.ahs_hdrops++;
! 384: m_freem(m);
! 385: return ENOBUFS;
! 386: }
! 387:
! 388: /*
! 389: * Copy all the protocol headers after
! 390: * the IPv6 header.
! 391: */
! 392: m_copydata(m, sizeof(struct ip6_hdr),
! 393: skip - sizeof(struct ip6_hdr), ptr);
! 394: alloc = 1;
! 395: } else {
! 396: /* No need to allocate memory. */
! 397: ptr = mtod(m, unsigned char *) +
! 398: sizeof(struct ip6_hdr);
! 399: alloc = 0;
! 400: }
! 401: } else
! 402: break;
! 403:
! 404: nxt = ip6.ip6_nxt & 0xff; /* Next header type. */
! 405:
! 406: for (off = 0; off < skip - sizeof(struct ip6_hdr);) {
! 407: switch (nxt) {
! 408: case IPPROTO_HOPOPTS:
! 409: case IPPROTO_DSTOPTS:
! 410: ip6e = (struct ip6_ext *) (ptr + off);
! 411:
! 412: /*
! 413: * Process the mutable/immutable
! 414: * options -- borrows heavily from the
! 415: * KAME code.
! 416: */
! 417: for (count = off + sizeof(struct ip6_ext);
! 418: count < off + ((ip6e->ip6e_len + 1) << 3);) {
! 419: if (ptr[count] == IP6OPT_PAD1) {
! 420: count++;
! 421: continue; /* Skip padding. */
! 422: }
! 423:
! 424: /* Sanity check. */
! 425: if (count > off +
! 426: ((ip6e->ip6e_len + 1) << 3)) {
! 427: ahstat.ahs_hdrops++;
! 428: m_freem(m);
! 429:
! 430: /* Free, if we allocated. */
! 431: if (alloc)
! 432: FREE(ptr, M_XDATA);
! 433: return EINVAL;
! 434: }
! 435:
! 436: ad = ptr[count + 1];
! 437:
! 438: /* If mutable option, zeroize. */
! 439: if (ptr[count] & IP6OPT_MUTABLE)
! 440: bcopy(ipseczeroes, ptr + count,
! 441: ptr[count + 1]);
! 442:
! 443: count += ad;
! 444:
! 445: /* Sanity check. */
! 446: if (count >
! 447: skip - sizeof(struct ip6_hdr)) {
! 448: ahstat.ahs_hdrops++;
! 449: m_freem(m);
! 450:
! 451: /* Free, if we allocated. */
! 452: if (alloc)
! 453: FREE(ptr, M_XDATA);
! 454: return EINVAL;
! 455: }
! 456: }
! 457:
! 458: /* Advance. */
! 459: off += ((ip6e->ip6e_len + 1) << 3);
! 460: nxt = ip6e->ip6e_nxt;
! 461: break;
! 462:
! 463: case IPPROTO_ROUTING:
! 464: /*
! 465: * Always include routing headers in
! 466: * computation.
! 467: */
! 468: {
! 469: struct ip6_rthdr *rh;
! 470:
! 471: ip6e = (struct ip6_ext *) (ptr + off);
! 472: rh = (struct ip6_rthdr *)(ptr + off);
! 473: /*
! 474: * must adjust content to make it look like
! 475: * its final form (as seen at the final
! 476: * destination).
! 477: * we only know how to massage type 0 routing
! 478: * header.
! 479: */
! 480: if (out && rh->ip6r_type == IPV6_RTHDR_TYPE_0) {
! 481: struct ip6_rthdr0 *rh0;
! 482: struct in6_addr *addr, finaldst;
! 483: int i;
! 484:
! 485: rh0 = (struct ip6_rthdr0 *)rh;
! 486: addr = (struct in6_addr *)(rh0 + 1);
! 487:
! 488: for (i = 0; i < rh0->ip6r0_segleft; i++)
! 489: if (IN6_IS_SCOPE_EMBED(&addr[i]))
! 490: addr[i].s6_addr16[1] = 0;
! 491:
! 492: finaldst = addr[rh0->ip6r0_segleft - 1];
! 493: ovbcopy(&addr[0], &addr[1],
! 494: sizeof(struct in6_addr) *
! 495: (rh0->ip6r0_segleft - 1));
! 496:
! 497: m_copydata(m, 0, sizeof(ip6),
! 498: (caddr_t)&ip6);
! 499: addr[0] = ip6.ip6_dst;
! 500: ip6.ip6_dst = finaldst;
! 501: m_copyback(m, 0, sizeof(ip6), &ip6);
! 502:
! 503: rh0->ip6r0_segleft = 0;
! 504: }
! 505:
! 506: /* advance */
! 507: off += ((ip6e->ip6e_len + 1) << 3);
! 508: nxt = ip6e->ip6e_nxt;
! 509: break;
! 510: }
! 511:
! 512: default:
! 513: DPRINTF(("ah_massage_headers(): unexpected "
! 514: "IPv6 header type %d\n", off));
! 515: if (alloc)
! 516: FREE(ptr, M_XDATA);
! 517: ahstat.ahs_hdrops++;
! 518: m_freem(m);
! 519: return EINVAL;
! 520: }
! 521: }
! 522:
! 523: /* Copyback and free, if we allocated. */
! 524: if (alloc) {
! 525: m_copyback(m, sizeof(struct ip6_hdr),
! 526: skip - sizeof(struct ip6_hdr), ptr);
! 527: FREE(ptr, M_XDATA);
! 528: }
! 529:
! 530: break;
! 531: #endif /* INET6 */
! 532: }
! 533:
! 534: return 0;
! 535: }
! 536:
! 537: /*
! 538: * ah_input() gets called to verify that an input packet
! 539: * passes authentication.
! 540: */
! 541: int
! 542: ah_input(struct mbuf *m, struct tdb *tdb, int skip, int protoff)
! 543: {
! 544: struct auth_hash *ahx = (struct auth_hash *) tdb->tdb_authalgxform;
! 545: struct tdb_crypto *tc;
! 546: struct m_tag *mtag;
! 547: u_int32_t btsx;
! 548: u_int8_t hl;
! 549: int rplen;
! 550:
! 551: struct cryptodesc *crda = NULL;
! 552: struct cryptop *crp;
! 553:
! 554: if (!(tdb->tdb_flags & TDBF_NOREPLAY))
! 555: rplen = AH_FLENGTH + sizeof(u_int32_t);
! 556: else
! 557: rplen = AH_FLENGTH;
! 558:
! 559: /* Save the AH header, we use it throughout. */
! 560: m_copydata(m, skip + offsetof(struct ah, ah_hl), sizeof(u_int8_t),
! 561: (caddr_t) &hl);
! 562:
! 563: /* Replay window checking, if applicable. */
! 564: if ((tdb->tdb_wnd > 0) && (!(tdb->tdb_flags & TDBF_NOREPLAY))) {
! 565: m_copydata(m, skip + offsetof(struct ah, ah_rpl),
! 566: sizeof(u_int32_t), (caddr_t) &btsx);
! 567: btsx = ntohl(btsx);
! 568:
! 569: switch (checkreplaywindow32(btsx, 0, &(tdb->tdb_rpl),
! 570: tdb->tdb_wnd, &(tdb->tdb_bitmap), 0)) {
! 571: case 0: /* All's well. */
! 572: break;
! 573:
! 574: case 1:
! 575: DPRINTF(("ah_input(): replay counter wrapped for "
! 576: "SA %s/%08x\n", ipsp_address(tdb->tdb_dst),
! 577: ntohl(tdb->tdb_spi)));
! 578:
! 579: ahstat.ahs_wrap++;
! 580: m_freem(m);
! 581: return ENOBUFS;
! 582:
! 583: case 2:
! 584: case 3:
! 585: DPRINTF(("ah_input(): duplicate packet received in "
! 586: "SA %s/%08x\n", ipsp_address(tdb->tdb_dst),
! 587: ntohl(tdb->tdb_spi)));
! 588:
! 589: m_freem(m);
! 590: return ENOBUFS;
! 591:
! 592: default:
! 593: DPRINTF(("ah_input(): bogus value from "
! 594: "checkreplaywindow32() in SA %s/%08x\n",
! 595: ipsp_address(tdb->tdb_dst), ntohl(tdb->tdb_spi)));
! 596:
! 597: ahstat.ahs_replay++;
! 598: m_freem(m);
! 599: return ENOBUFS;
! 600: }
! 601: }
! 602:
! 603: /* Verify AH header length. */
! 604: if (hl * sizeof(u_int32_t) != ahx->authsize + rplen - AH_FLENGTH) {
! 605: DPRINTF(("ah_input(): bad authenticator length %d for packet "
! 606: "in SA %s/%08x\n", hl * sizeof(u_int32_t),
! 607: ipsp_address(tdb->tdb_dst), ntohl(tdb->tdb_spi)));
! 608:
! 609: ahstat.ahs_badauthl++;
! 610: m_freem(m);
! 611: return EACCES;
! 612: }
! 613:
! 614: /* Update the counters. */
! 615: tdb->tdb_cur_bytes +=
! 616: (m->m_pkthdr.len - skip - hl * sizeof(u_int32_t));
! 617: ahstat.ahs_ibytes += (m->m_pkthdr.len - skip - hl * sizeof(u_int32_t));
! 618:
! 619: /* Hard expiration. */
! 620: if (tdb->tdb_flags & TDBF_BYTES &&
! 621: tdb->tdb_cur_bytes >= tdb->tdb_exp_bytes) {
! 622: pfkeyv2_expire(tdb, SADB_EXT_LIFETIME_HARD);
! 623: tdb_delete(tdb);
! 624: m_freem(m);
! 625: return ENXIO;
! 626: }
! 627:
! 628: /* Notify on expiration. */
! 629: if (tdb->tdb_flags & TDBF_SOFT_BYTES &&
! 630: tdb->tdb_cur_bytes >= tdb->tdb_soft_bytes) {
! 631: pfkeyv2_expire(tdb, SADB_EXT_LIFETIME_SOFT);
! 632: tdb->tdb_flags &= ~TDBF_SOFT_BYTES; /* Turn off checking. */
! 633: }
! 634:
! 635: /* Get crypto descriptors. */
! 636: crp = crypto_getreq(1);
! 637: if (crp == NULL) {
! 638: m_freem(m);
! 639: DPRINTF(("ah_input(): failed to acquire crypto "
! 640: "descriptors\n"));
! 641: ahstat.ahs_crypto++;
! 642: return ENOBUFS;
! 643: }
! 644:
! 645: crda = crp->crp_desc;
! 646:
! 647: crda->crd_skip = 0;
! 648: crda->crd_len = m->m_pkthdr.len;
! 649: crda->crd_inject = skip + rplen;
! 650:
! 651: /* Authentication operation. */
! 652: crda->crd_alg = ahx->type;
! 653: crda->crd_key = tdb->tdb_amxkey;
! 654: crda->crd_klen = tdb->tdb_amxkeylen * 8;
! 655:
! 656: #ifdef notyet
! 657: /* Find out if we've already done crypto. */
! 658: for (mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_CRYPTO_DONE, NULL);
! 659: mtag != NULL;
! 660: mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_CRYPTO_DONE, mtag)) {
! 661: struct tdb_ident *tdbi;
! 662:
! 663: tdbi = (struct tdb_ident *) (mtag + 1);
! 664: if (tdbi->proto == tdb->tdb_sproto &&
! 665: tdbi->spi == tdb->tdb_spi &&
! 666: !bcmp(&tdbi->dst, &tdb->tdb_dst,
! 667: sizeof(union sockaddr_union)))
! 668: break;
! 669: }
! 670: #else
! 671: mtag = NULL;
! 672: #endif
! 673:
! 674: /* Allocate IPsec-specific opaque crypto info. */
! 675: if (mtag == NULL)
! 676: MALLOC(tc, struct tdb_crypto *,
! 677: sizeof(struct tdb_crypto) + skip +
! 678: rplen + ahx->authsize, M_XDATA, M_NOWAIT);
! 679: else /* Hash verification has already been done successfully. */
! 680: MALLOC(tc, struct tdb_crypto *, sizeof(struct tdb_crypto),
! 681: M_XDATA, M_NOWAIT);
! 682: if (tc == NULL) {
! 683: m_freem(m);
! 684: crypto_freereq(crp);
! 685: DPRINTF(("ah_input(): failed to allocate tdb_crypto\n"));
! 686: ahstat.ahs_crypto++;
! 687: return ENOBUFS;
! 688: }
! 689:
! 690: bzero(tc, sizeof(struct tdb_crypto));
! 691:
! 692: /* Only save information if crypto processing is needed. */
! 693: if (mtag == NULL) {
! 694: /*
! 695: * Save the authenticator, the skipped portion of the packet,
! 696: * and the AH header.
! 697: */
! 698: m_copydata(m, 0, skip + rplen + ahx->authsize,
! 699: (caddr_t) (tc + 1));
! 700:
! 701: /* Zeroize the authenticator on the packet. */
! 702: m_copyback(m, skip + rplen, ahx->authsize, ipseczeroes);
! 703:
! 704: /* "Massage" the packet headers for crypto processing. */
! 705: if ((btsx = ah_massage_headers(&m, tdb->tdb_dst.sa.sa_family,
! 706: skip, ahx->type, 0)) != 0) {
! 707: /* mbuf will be free'd by callee. */
! 708: FREE(tc, M_XDATA);
! 709: crypto_freereq(crp);
! 710: return btsx;
! 711: }
! 712: }
! 713:
! 714: /* Crypto operation descriptor. */
! 715: crp->crp_ilen = m->m_pkthdr.len; /* Total input length. */
! 716: crp->crp_flags = CRYPTO_F_IMBUF;
! 717: crp->crp_buf = (caddr_t) m;
! 718: crp->crp_callback = (int (*) (struct cryptop *)) ah_input_cb;
! 719: crp->crp_sid = tdb->tdb_cryptoid;
! 720: crp->crp_opaque = (caddr_t) tc;
! 721:
! 722: /* These are passed as-is to the callback. */
! 723: tc->tc_skip = skip;
! 724: tc->tc_protoff = protoff;
! 725: tc->tc_spi = tdb->tdb_spi;
! 726: tc->tc_proto = tdb->tdb_sproto;
! 727: tc->tc_ptr = (caddr_t) mtag; /* Save the mtag we've identified. */
! 728: bcopy(&tdb->tdb_dst, &tc->tc_dst, sizeof(union sockaddr_union));
! 729:
! 730: if (mtag == NULL)
! 731: return crypto_dispatch(crp);
! 732: else
! 733: return ah_input_cb(crp);
! 734: }
! 735:
! 736: /*
! 737: * AH input callback, called directly by the crypto driver.
! 738: */
! 739: int
! 740: ah_input_cb(void *op)
! 741: {
! 742: int s, roff, rplen, error, skip, protoff;
! 743: unsigned char calc[AH_ALEN_MAX];
! 744: struct mbuf *m1, *m0, *m;
! 745: struct cryptodesc *crd;
! 746: struct auth_hash *ahx;
! 747: struct tdb_crypto *tc;
! 748: struct cryptop *crp;
! 749: struct m_tag *mtag;
! 750: struct tdb *tdb;
! 751: u_int32_t btsx;
! 752: u_int8_t prot;
! 753: caddr_t ptr;
! 754:
! 755: crp = (struct cryptop *) op;
! 756: crd = crp->crp_desc;
! 757:
! 758: tc = (struct tdb_crypto *) crp->crp_opaque;
! 759: skip = tc->tc_skip;
! 760: protoff = tc->tc_protoff;
! 761: mtag = (struct m_tag *) tc->tc_ptr;
! 762:
! 763: m = (struct mbuf *) crp->crp_buf;
! 764: if (m == NULL) {
! 765: /* Shouldn't happen... */
! 766: FREE(tc, M_XDATA);
! 767: crypto_freereq(crp);
! 768: ahstat.ahs_crypto++;
! 769: DPRINTF(("ah_input_cb(): bogus returned buffer from "
! 770: "crypto\n"));
! 771: return (EINVAL);
! 772: }
! 773:
! 774: s = spltdb();
! 775:
! 776: tdb = gettdb(tc->tc_spi, &tc->tc_dst, tc->tc_proto);
! 777: if (tdb == NULL) {
! 778: FREE(tc, M_XDATA);
! 779: ahstat.ahs_notdb++;
! 780: DPRINTF(("ah_input_cb(): TDB is expired while in crypto"));
! 781: error = EPERM;
! 782: goto baddone;
! 783: }
! 784:
! 785: ahx = (struct auth_hash *) tdb->tdb_authalgxform;
! 786:
! 787: /* Check for crypto errors. */
! 788: if (crp->crp_etype) {
! 789: if (crp->crp_etype == EAGAIN) {
! 790: /* Reset the session ID */
! 791: if (tdb->tdb_cryptoid != 0)
! 792: tdb->tdb_cryptoid = crp->crp_sid;
! 793: splx(s);
! 794: return crypto_dispatch(crp);
! 795: }
! 796: FREE(tc, M_XDATA);
! 797: ahstat.ahs_noxform++;
! 798: DPRINTF(("ah_input_cb(): crypto error %d\n", crp->crp_etype));
! 799: error = crp->crp_etype;
! 800: goto baddone;
! 801: } else {
! 802: crypto_freereq(crp); /* No longer needed. */
! 803: crp = NULL;
! 804: }
! 805:
! 806: if (!(tdb->tdb_flags & TDBF_NOREPLAY))
! 807: rplen = AH_FLENGTH + sizeof(u_int32_t);
! 808: else
! 809: rplen = AH_FLENGTH;
! 810:
! 811: /* Copy authenticator off the packet. */
! 812: m_copydata(m, skip + rplen, ahx->authsize, calc);
! 813:
! 814: /*
! 815: * If we have an mtag, we don't need to verify the authenticator --
! 816: * it has been verified by an IPsec-aware NIC.
! 817: */
! 818: if (mtag == NULL) {
! 819: ptr = (caddr_t) (tc + 1);
! 820:
! 821: /* Verify authenticator. */
! 822: if (bcmp(ptr + skip + rplen, calc, ahx->authsize)) {
! 823: FREE(tc, M_XDATA);
! 824:
! 825: DPRINTF(("ah_input(): authentication failed for "
! 826: "packet in SA %s/%08x\n",
! 827: ipsp_address(tdb->tdb_dst), ntohl(tdb->tdb_spi)));
! 828:
! 829: ahstat.ahs_badauth++;
! 830: error = EACCES;
! 831: goto baddone;
! 832: }
! 833:
! 834: /* Fix the Next Protocol field. */
! 835: ((u_int8_t *) ptr)[protoff] = ((u_int8_t *) ptr)[skip];
! 836:
! 837: /* Copyback the saved (uncooked) network headers. */
! 838: m_copyback(m, 0, skip, ptr);
! 839: } else {
! 840: /* Fix the Next Protocol field. */
! 841: m_copydata(m, skip, sizeof(u_int8_t), &prot);
! 842: m_copyback(m, protoff, sizeof(u_int8_t), &prot);
! 843: }
! 844:
! 845: FREE(tc, M_XDATA);
! 846:
! 847: /* Replay window checking, if applicable. */
! 848: if ((tdb->tdb_wnd > 0) && (!(tdb->tdb_flags & TDBF_NOREPLAY))) {
! 849: m_copydata(m, skip + offsetof(struct ah, ah_rpl),
! 850: sizeof(u_int32_t), (caddr_t) &btsx);
! 851: btsx = ntohl(btsx);
! 852:
! 853: switch (checkreplaywindow32(btsx, 0, &(tdb->tdb_rpl),
! 854: tdb->tdb_wnd, &(tdb->tdb_bitmap), 1)) {
! 855: case 0: /* All's well. */
! 856: #if NPFSYNC > 0
! 857: pfsync_update_tdb(tdb,0);
! 858: #endif
! 859: break;
! 860:
! 861: case 1:
! 862: DPRINTF(("ah_input(): replay counter wrapped for "
! 863: "SA %s/%08x\n", ipsp_address(tdb->tdb_dst),
! 864: ntohl(tdb->tdb_spi)));
! 865:
! 866: ahstat.ahs_wrap++;
! 867: error = ENOBUFS;
! 868: goto baddone;
! 869:
! 870: case 2:
! 871: case 3:
! 872: DPRINTF(("ah_input_cb(): duplicate packet received in "
! 873: "SA %s/%08x\n", ipsp_address(tdb->tdb_dst),
! 874: ntohl(tdb->tdb_spi)));
! 875:
! 876: error = ENOBUFS;
! 877: goto baddone;
! 878:
! 879: default:
! 880: DPRINTF(("ah_input_cb(): bogus value from "
! 881: "checkreplaywindow32() in SA %s/%08x\n",
! 882: ipsp_address(tdb->tdb_dst), ntohl(tdb->tdb_spi)));
! 883:
! 884: ahstat.ahs_replay++;
! 885: error = ENOBUFS;
! 886: goto baddone;
! 887: }
! 888: }
! 889:
! 890: /* Record the beginning of the AH header. */
! 891: m1 = m_getptr(m, skip, &roff);
! 892: if (m1 == NULL) {
! 893: ahstat.ahs_hdrops++;
! 894: splx(s);
! 895: m_freem(m);
! 896:
! 897: DPRINTF(("ah_input(): bad mbuf chain for packet in SA "
! 898: "%s/%08x\n", ipsp_address(tdb->tdb_dst),
! 899: ntohl(tdb->tdb_spi)));
! 900:
! 901: return EINVAL;
! 902: }
! 903:
! 904: /* Remove the AH header from the mbuf. */
! 905: if (roff == 0) {
! 906: /*
! 907: * The AH header was conveniently at the beginning of
! 908: * the mbuf.
! 909: */
! 910: m_adj(m1, rplen + ahx->authsize);
! 911: if (!(m1->m_flags & M_PKTHDR))
! 912: m->m_pkthdr.len -= rplen + ahx->authsize;
! 913: } else
! 914: if (roff + rplen + ahx->authsize >= m1->m_len) {
! 915: /*
! 916: * Part or all of the AH header is at the end
! 917: * of this mbuf, so first let's remove the
! 918: * remainder of the AH header from the
! 919: * beginning of the remainder of the mbuf
! 920: * chain, if any.
! 921: */
! 922: if (roff + rplen + ahx->authsize > m1->m_len) {
! 923: /* Adjust the next mbuf by the remainder. */
! 924: m_adj(m1->m_next, roff + rplen +
! 925: ahx->authsize - m1->m_len);
! 926:
! 927: /*
! 928: * The second mbuf is guaranteed not
! 929: * to have a pkthdr...
! 930: */
! 931: m->m_pkthdr.len -=
! 932: (roff + rplen + ahx->authsize - m1->m_len);
! 933: }
! 934:
! 935: /* Now, let's unlink the mbuf chain for a second... */
! 936: m0 = m1->m_next;
! 937: m1->m_next = NULL;
! 938:
! 939: /*
! 940: * ...and trim the end of the first part of
! 941: * the chain...sick
! 942: */
! 943: m_adj(m1, -(m1->m_len - roff));
! 944: if (!(m1->m_flags & M_PKTHDR))
! 945: m->m_pkthdr.len -= (m1->m_len - roff);
! 946:
! 947: /* Finally, let's relink. */
! 948: m1->m_next = m0;
! 949: } else {
! 950: /*
! 951: * The AH header lies in the "middle" of the
! 952: * mbuf...do an overlapping copy of the
! 953: * remainder of the mbuf over the ESP header.
! 954: */
! 955: bcopy(mtod(m1, u_char *) + roff + rplen +
! 956: ahx->authsize, mtod(m1, u_char *) + roff,
! 957: m1->m_len - (roff + rplen + ahx->authsize));
! 958: m1->m_len -= rplen + ahx->authsize;
! 959: m->m_pkthdr.len -= rplen + ahx->authsize;
! 960: }
! 961:
! 962: error = ipsec_common_input_cb(m, tdb, skip, protoff, mtag);
! 963: splx(s);
! 964: return (error);
! 965:
! 966: baddone:
! 967: splx(s);
! 968:
! 969: if (m != NULL)
! 970: m_freem(m);
! 971:
! 972: if (crp != NULL)
! 973: crypto_freereq(crp);
! 974:
! 975: return (error);
! 976: }
! 977:
! 978: /*
! 979: * AH output routine, called by ipsp_process_packet().
! 980: */
! 981: int
! 982: ah_output(struct mbuf *m, struct tdb *tdb, struct mbuf **mp, int skip,
! 983: int protoff)
! 984: {
! 985: struct auth_hash *ahx = (struct auth_hash *) tdb->tdb_authalgxform;
! 986: struct cryptodesc *crda;
! 987: struct tdb_crypto *tc;
! 988: struct mbuf *mo, *mi;
! 989: struct cryptop *crp;
! 990: u_int16_t iplen;
! 991: int len, rplen;
! 992: u_int8_t prot;
! 993: struct ah *ah;
! 994: #if NBPFILTER > 0
! 995: struct ifnet *ifn = &(encif[0].sc_if);
! 996:
! 997: ifn->if_opackets++;
! 998: ifn->if_obytes += m->m_pkthdr.len;
! 999:
! 1000: if (ifn->if_bpf) {
! 1001: struct enchdr hdr;
! 1002:
! 1003: bzero (&hdr, sizeof(hdr));
! 1004:
! 1005: hdr.af = tdb->tdb_dst.sa.sa_family;
! 1006: hdr.spi = tdb->tdb_spi;
! 1007: hdr.flags |= M_AUTH | M_AUTH_AH;
! 1008:
! 1009: bpf_mtap_hdr(ifn->if_bpf, (char *)&hdr, ENC_HDRLEN, m,
! 1010: BPF_DIRECTION_OUT);
! 1011: }
! 1012: #endif
! 1013:
! 1014: ahstat.ahs_output++;
! 1015:
! 1016: /*
! 1017: * Check for replay counter wrap-around in automatic (not
! 1018: * manual) keying.
! 1019: */
! 1020: if ((tdb->tdb_rpl == 0) && (tdb->tdb_wnd > 0) &&
! 1021: (!(tdb->tdb_flags & TDBF_NOREPLAY))) {
! 1022: DPRINTF(("ah_output(): SA %s/%08x should have expired\n",
! 1023: ipsp_address(tdb->tdb_dst), ntohl(tdb->tdb_spi)));
! 1024: m_freem(m);
! 1025: ahstat.ahs_wrap++;
! 1026: return EINVAL;
! 1027: }
! 1028:
! 1029: if (!(tdb->tdb_flags & TDBF_NOREPLAY))
! 1030: rplen = AH_FLENGTH + sizeof(u_int32_t);
! 1031: else
! 1032: rplen = AH_FLENGTH;
! 1033:
! 1034: switch (tdb->tdb_dst.sa.sa_family) {
! 1035: #ifdef INET
! 1036: case AF_INET:
! 1037: /* Check for IP maximum packet size violations. */
! 1038: if (rplen + ahx->authsize + m->m_pkthdr.len > IP_MAXPACKET) {
! 1039: DPRINTF(("ah_output(): packet in SA %s/%08x got too "
! 1040: "big\n",
! 1041: ipsp_address(tdb->tdb_dst), ntohl(tdb->tdb_spi)));
! 1042: m_freem(m);
! 1043: ahstat.ahs_toobig++;
! 1044: return EMSGSIZE;
! 1045: }
! 1046: break;
! 1047: #endif /* INET */
! 1048:
! 1049: #ifdef INET6
! 1050: case AF_INET6:
! 1051: /* Check for IPv6 maximum packet size violations. */
! 1052: if (rplen + ahx->authsize + m->m_pkthdr.len > IPV6_MAXPACKET) {
! 1053: DPRINTF(("ah_output(): packet in SA %s/%08x "
! 1054: "got too big\n", ipsp_address(tdb->tdb_dst),
! 1055: ntohl(tdb->tdb_spi)));
! 1056: m_freem(m);
! 1057: ahstat.ahs_toobig++;
! 1058: return EMSGSIZE;
! 1059: }
! 1060: break;
! 1061: #endif /* INET6 */
! 1062:
! 1063: default:
! 1064: DPRINTF(("ah_output(): unknown/unsupported protocol "
! 1065: "family %d, SA %s/%08x\n", tdb->tdb_dst.sa.sa_family,
! 1066: ipsp_address(tdb->tdb_dst), ntohl(tdb->tdb_spi)));
! 1067: m_freem(m);
! 1068: ahstat.ahs_nopf++;
! 1069: return EPFNOSUPPORT;
! 1070: }
! 1071:
! 1072: /* Update the counters. */
! 1073: tdb->tdb_cur_bytes += m->m_pkthdr.len - skip;
! 1074: ahstat.ahs_obytes += m->m_pkthdr.len - skip;
! 1075:
! 1076: /* Hard expiration. */
! 1077: if (tdb->tdb_flags & TDBF_BYTES &&
! 1078: tdb->tdb_cur_bytes >= tdb->tdb_exp_bytes) {
! 1079: pfkeyv2_expire(tdb, SADB_EXT_LIFETIME_HARD);
! 1080: tdb_delete(tdb);
! 1081: m_freem(m);
! 1082: return EINVAL;
! 1083: }
! 1084:
! 1085: /* Notify on expiration. */
! 1086: if (tdb->tdb_flags & TDBF_SOFT_BYTES &&
! 1087: tdb->tdb_cur_bytes >= tdb->tdb_soft_bytes) {
! 1088: pfkeyv2_expire(tdb, SADB_EXT_LIFETIME_SOFT);
! 1089: tdb->tdb_flags &= ~TDBF_SOFT_BYTES; /* Turn off checking */
! 1090: }
! 1091:
! 1092: /*
! 1093: * Loop through mbuf chain; if we find a readonly mbuf,
! 1094: * replace the rest of the chain.
! 1095: */
! 1096: mo = NULL;
! 1097: mi = m;
! 1098: while (mi != NULL && !M_READONLY(mi)) {
! 1099: mo = mi;
! 1100: mi = mi->m_next;
! 1101: }
! 1102:
! 1103: if (mi != NULL) {
! 1104: /* Replace the rest of the mbuf chain. */
! 1105: struct mbuf *n = m_copym2(mi, 0, M_COPYALL, M_DONTWAIT);
! 1106:
! 1107: if (n == NULL) {
! 1108: ahstat.ahs_hdrops++;
! 1109: m_freem(m);
! 1110: return ENOBUFS;
! 1111: }
! 1112:
! 1113: if (mo != NULL)
! 1114: mo->m_next = n;
! 1115: else
! 1116: m = n;
! 1117:
! 1118: m_freem(mi);
! 1119: }
! 1120:
! 1121: /* Inject AH header. */
! 1122: mi = m_inject(m, skip, rplen + ahx->authsize, M_DONTWAIT);
! 1123: if (mi == NULL) {
! 1124: DPRINTF(("ah_output(): failed to inject AH header for SA "
! 1125: "%s/%08x\n", ipsp_address(tdb->tdb_dst),
! 1126: ntohl(tdb->tdb_spi)));
! 1127:
! 1128: m_freem(m);
! 1129: ahstat.ahs_hdrops++;
! 1130: return ENOBUFS;
! 1131: }
! 1132:
! 1133: /*
! 1134: * The AH header is guaranteed by m_inject() to be in
! 1135: * contiguous memory, at the beginning of the returned mbuf.
! 1136: */
! 1137: ah = mtod(mi, struct ah *);
! 1138:
! 1139: /* Initialize the AH header. */
! 1140: m_copydata(m, protoff, sizeof(u_int8_t), (caddr_t) &ah->ah_nh);
! 1141: ah->ah_hl = (rplen + ahx->authsize - AH_FLENGTH) / sizeof(u_int32_t);
! 1142: ah->ah_rv = 0;
! 1143: ah->ah_spi = tdb->tdb_spi;
! 1144:
! 1145: /* Zeroize authenticator. */
! 1146: m_copyback(m, skip + rplen, ahx->authsize, ipseczeroes);
! 1147:
! 1148: if (!(tdb->tdb_flags & TDBF_NOREPLAY)) {
! 1149: ah->ah_rpl = htonl(tdb->tdb_rpl++);
! 1150: #if NPFSYNC > 0
! 1151: pfsync_update_tdb(tdb,1);
! 1152: #endif
! 1153: }
! 1154:
! 1155: /* Get crypto descriptors. */
! 1156: crp = crypto_getreq(1);
! 1157: if (crp == NULL) {
! 1158: m_freem(m);
! 1159: DPRINTF(("ah_output(): failed to acquire crypto "
! 1160: "descriptors\n"));
! 1161: ahstat.ahs_crypto++;
! 1162: return ENOBUFS;
! 1163: }
! 1164:
! 1165: crda = crp->crp_desc;
! 1166:
! 1167: crda->crd_skip = 0;
! 1168: crda->crd_inject = skip + rplen;
! 1169: crda->crd_len = m->m_pkthdr.len;
! 1170:
! 1171: /* Authentication operation. */
! 1172: crda->crd_alg = ahx->type;
! 1173: crda->crd_key = tdb->tdb_amxkey;
! 1174: crda->crd_klen = tdb->tdb_amxkeylen * 8;
! 1175:
! 1176: /* Allocate IPsec-specific opaque crypto info. */
! 1177: if ((tdb->tdb_flags & TDBF_SKIPCRYPTO) == 0)
! 1178: MALLOC(tc, struct tdb_crypto *,
! 1179: sizeof(struct tdb_crypto) + skip, M_XDATA, M_NOWAIT);
! 1180: else
! 1181: MALLOC(tc, struct tdb_crypto *,
! 1182: sizeof(struct tdb_crypto), M_XDATA, M_NOWAIT);
! 1183: if (tc == NULL) {
! 1184: m_freem(m);
! 1185: crypto_freereq(crp);
! 1186: DPRINTF(("ah_output(): failed to allocate tdb_crypto\n"));
! 1187: ahstat.ahs_crypto++;
! 1188: return ENOBUFS;
! 1189: }
! 1190:
! 1191: bzero(tc, sizeof(struct tdb_crypto));
! 1192:
! 1193: /* Save the skipped portion of the packet. */
! 1194: if ((tdb->tdb_flags & TDBF_SKIPCRYPTO) == 0) {
! 1195: m_copydata(m, 0, skip, (caddr_t) (tc + 1));
! 1196:
! 1197: /*
! 1198: * Fix IP header length on the header used for
! 1199: * authentication. We don't need to fix the original
! 1200: * header length as it will be fixed by our caller.
! 1201: */
! 1202: switch (tdb->tdb_dst.sa.sa_family) {
! 1203: #ifdef INET
! 1204: case AF_INET:
! 1205: bcopy(((caddr_t)(tc + 1)) +
! 1206: offsetof(struct ip, ip_len),
! 1207: (caddr_t) &iplen, sizeof(u_int16_t));
! 1208: iplen = htons(ntohs(iplen) + rplen + ahx->authsize);
! 1209: m_copyback(m, offsetof(struct ip, ip_len),
! 1210: sizeof(u_int16_t), &iplen);
! 1211: break;
! 1212: #endif /* INET */
! 1213:
! 1214: #ifdef INET6
! 1215: case AF_INET6:
! 1216: bcopy(((caddr_t)(tc + 1)) +
! 1217: offsetof(struct ip6_hdr, ip6_plen),
! 1218: (caddr_t) &iplen, sizeof(u_int16_t));
! 1219: iplen = htons(ntohs(iplen) + rplen + ahx->authsize);
! 1220: m_copyback(m, offsetof(struct ip6_hdr, ip6_plen),
! 1221: sizeof(u_int16_t), &iplen);
! 1222: break;
! 1223: #endif /* INET6 */
! 1224: }
! 1225:
! 1226: /* Fix the Next Header field in saved header. */
! 1227: ((u_int8_t *) (tc + 1))[protoff] = IPPROTO_AH;
! 1228:
! 1229: /* Update the Next Protocol field in the IP header. */
! 1230: prot = IPPROTO_AH;
! 1231: m_copyback(m, protoff, sizeof(u_int8_t), &prot);
! 1232:
! 1233: /* "Massage" the packet headers for crypto processing. */
! 1234: if ((len = ah_massage_headers(&m, tdb->tdb_dst.sa.sa_family,
! 1235: skip, ahx->type, 1)) != 0) {
! 1236: /* mbuf will be free'd by callee. */
! 1237: FREE(tc, M_XDATA);
! 1238: crypto_freereq(crp);
! 1239: return len;
! 1240: }
! 1241: } else {
! 1242: /* Update the Next Protocol field in the IP header. */
! 1243: prot = IPPROTO_AH;
! 1244: m_copyback(m, protoff, sizeof(u_int8_t), &prot);
! 1245: }
! 1246:
! 1247: /* Crypto operation descriptor. */
! 1248: crp->crp_ilen = m->m_pkthdr.len; /* Total input length. */
! 1249: crp->crp_flags = CRYPTO_F_IMBUF;
! 1250: crp->crp_buf = (caddr_t) m;
! 1251: crp->crp_callback = (int (*) (struct cryptop *)) ah_output_cb;
! 1252: crp->crp_sid = tdb->tdb_cryptoid;
! 1253: crp->crp_opaque = (caddr_t) tc;
! 1254:
! 1255: /* These are passed as-is to the callback. */
! 1256: tc->tc_skip = skip;
! 1257: tc->tc_protoff = protoff;
! 1258: tc->tc_spi = tdb->tdb_spi;
! 1259: tc->tc_proto = tdb->tdb_sproto;
! 1260: bcopy(&tdb->tdb_dst, &tc->tc_dst, sizeof(union sockaddr_union));
! 1261:
! 1262: if ((tdb->tdb_flags & TDBF_SKIPCRYPTO) == 0)
! 1263: return crypto_dispatch(crp);
! 1264: else
! 1265: return ah_output_cb(crp);
! 1266: }
! 1267:
! 1268: /*
! 1269: * AH output callback, called directly from the crypto handler.
! 1270: */
! 1271: int
! 1272: ah_output_cb(void *op)
! 1273: {
! 1274: int skip, protoff, error;
! 1275: struct tdb_crypto *tc;
! 1276: struct cryptop *crp;
! 1277: struct tdb *tdb;
! 1278: struct mbuf *m;
! 1279: caddr_t ptr;
! 1280: int err, s;
! 1281:
! 1282: crp = (struct cryptop *) op;
! 1283: tc = (struct tdb_crypto *) crp->crp_opaque;
! 1284: skip = tc->tc_skip;
! 1285: protoff = tc->tc_protoff;
! 1286: ptr = (caddr_t) (tc + 1);
! 1287:
! 1288: m = (struct mbuf *) crp->crp_buf;
! 1289: if (m == NULL) {
! 1290: /* Shouldn't happen... */
! 1291: FREE(tc, M_XDATA);
! 1292: crypto_freereq(crp);
! 1293: ahstat.ahs_crypto++;
! 1294: DPRINTF(("ah_output_cb(): bogus returned buffer from "
! 1295: "crypto\n"));
! 1296: return (EINVAL);
! 1297: }
! 1298:
! 1299: s = spltdb();
! 1300:
! 1301: tdb = gettdb(tc->tc_spi, &tc->tc_dst, tc->tc_proto);
! 1302: if (tdb == NULL) {
! 1303: FREE(tc, M_XDATA);
! 1304: ahstat.ahs_notdb++;
! 1305: DPRINTF(("ah_output_cb(): TDB is expired while in crypto\n"));
! 1306: error = EPERM;
! 1307: goto baddone;
! 1308: }
! 1309:
! 1310: /* Check for crypto errors. */
! 1311: if (crp->crp_etype) {
! 1312: if (crp->crp_etype == EAGAIN) {
! 1313: /* Reset the session ID */
! 1314: if (tdb->tdb_cryptoid != 0)
! 1315: tdb->tdb_cryptoid = crp->crp_sid;
! 1316: splx(s);
! 1317: return crypto_dispatch(crp);
! 1318: }
! 1319: FREE(tc, M_XDATA);
! 1320: ahstat.ahs_noxform++;
! 1321: DPRINTF(("ah_output_cb(): crypto error %d\n", crp->crp_etype));
! 1322: error = crp->crp_etype;
! 1323: goto baddone;
! 1324: }
! 1325:
! 1326: /*
! 1327: * Copy original headers (with the new protocol number) back
! 1328: * in place.
! 1329: */
! 1330: if ((tdb->tdb_flags & TDBF_SKIPCRYPTO) == 0)
! 1331: m_copyback(m, 0, skip, ptr);
! 1332:
! 1333: FREE(tc, M_XDATA);
! 1334:
! 1335: /* No longer needed. */
! 1336: crypto_freereq(crp);
! 1337:
! 1338: err = ipsp_process_done(m, tdb);
! 1339: splx(s);
! 1340: return err;
! 1341:
! 1342: baddone:
! 1343: splx(s);
! 1344:
! 1345: if (m != NULL)
! 1346: m_freem(m);
! 1347:
! 1348: crypto_freereq(crp);
! 1349:
! 1350: return error;
! 1351: }