Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys/netipsec g/c remainders of IV handling in pfkey code -- ...
details: https://anonhg.NetBSD.org/src/rev/63f81434c785
branches: trunk
changeset: 765254:63f81434c785
user: drochner <drochner%NetBSD.org@localhost>
date: Mon May 23 15:17:25 2011 +0000
description:
g/c remainders of IV handling in pfkey code -- this is done in
opencrypto now
diffstat:
sys/netipsec/key.c | 22 ++--------------------
sys/netipsec/key.h | 3 +--
sys/netipsec/key_debug.c | 9 ++-------
sys/netipsec/keydb.h | 3 +--
sys/netipsec/xform_esp.c | 11 ++---------
5 files changed, 8 insertions(+), 40 deletions(-)
diffs (167 lines):
diff -r 035ac37719b8 -r 63f81434c785 sys/netipsec/key.c
--- a/sys/netipsec/key.c Mon May 23 15:16:27 2011 +0000
+++ b/sys/netipsec/key.c Mon May 23 15:17:25 2011 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: key.c,v 1.70 2011/05/18 18:56:02 drochner Exp $ */
+/* $NetBSD: key.c,v 1.71 2011/05/23 15:17:25 drochner Exp $ */
/* $FreeBSD: src/sys/netipsec/key.c,v 1.3.2.3 2004/02/14 22:23:23 bms Exp $ */
/* $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $ */
@@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.70 2011/05/18 18:56:02 drochner Exp $");
+__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.71 2011/05/23 15:17:25 drochner Exp $");
/*
* This code is referd to RFC 2367
@@ -3094,10 +3094,6 @@
KFREE(sav->lft_s);
sav->lft_s = NULL;
}
- if (sav->iv != NULL) {
- KFREE(sav->iv);
- sav->iv = NULL;
- }
KFREE(sav);
@@ -3216,7 +3212,6 @@
sav->key_enc = NULL;
sav->sched = NULL;
sav->schedlen = 0;
- sav->iv = NULL;
sav->lft_c = NULL;
sav->lft_h = NULL;
sav->lft_s = NULL;
@@ -3442,10 +3437,6 @@
KFREE(sav->sched);
sav->sched = NULL;
}
- if (sav->iv != NULL) {
- KFREE(sav->iv);
- sav->iv = NULL;
- }
if (sav->lft_c != NULL) {
KFREE(sav->lft_c);
sav->lft_c = NULL;
@@ -8004,15 +7995,6 @@
LIST_INSERT_HEAD(&sav->sah->savtree[state], sav, chain);
}
-void
-key_sa_stir_iv(struct secasvar *sav)
-{
-
- if (!sav->iv)
- panic("key_sa_stir_iv called with sav == NULL");
- key_randomfill(sav->iv, sav->ivlen);
-}
-
/* XXX too much? */
static struct mbuf *
key_alloc_mbuf(int l)
diff -r 035ac37719b8 -r 63f81434c785 sys/netipsec/key.h
--- a/sys/netipsec/key.h Mon May 23 15:16:27 2011 +0000
+++ b/sys/netipsec/key.h Mon May 23 15:17:25 2011 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: key.h,v 1.9 2011/02/21 22:28:19 drochner Exp $ */
+/* $NetBSD: key.h,v 1.10 2011/05/23 15:17:25 drochner Exp $ */
/* $FreeBSD: src/sys/netipsec/key.h,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $ */
/* $KAME: key.h,v 1.21 2001/07/27 03:51:30 itojun Exp $ */
@@ -106,7 +106,6 @@
void key_init (void);
void key_sa_recordxfer (struct secasvar *, struct mbuf *);
void key_sa_routechange (struct sockaddr *);
-void key_sa_stir_iv (struct secasvar *);
#ifdef IPSEC_NAT_T
u_int16_t key_portfromsaddr (const union sockaddr_union *);
diff -r 035ac37719b8 -r 63f81434c785 sys/netipsec/key_debug.c
--- a/sys/netipsec/key_debug.c Mon May 23 15:16:27 2011 +0000
+++ b/sys/netipsec/key_debug.c Mon May 23 15:17:25 2011 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: key_debug.c,v 1.10 2011/02/21 22:21:40 drochner Exp $ */
+/* $NetBSD: key_debug.c,v 1.11 2011/05/23 15:17:25 drochner Exp $ */
/* $FreeBSD: src/sys/netipsec/key_debug.c,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $ */
/* $KAME: key_debug.c,v 1.26 2001/06/27 10:46:50 sakane Exp $ */
@@ -33,7 +33,7 @@
#ifdef _KERNEL
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: key_debug.c,v 1.10 2011/02/21 22:21:40 drochner Exp $");
+__KERNEL_RCSID(0, "$NetBSD: key_debug.c,v 1.11 2011/05/23 15:17:25 drochner Exp $");
#endif
#include "opt_inet.h"
@@ -562,11 +562,6 @@
kdebug_sadb_key((struct sadb_ext *)sav->key_auth);
if (sav->key_enc != NULL)
kdebug_sadb_key((struct sadb_ext *)sav->key_enc);
- if (sav->iv != NULL) {
- printf(" iv=");
- ipsec_hexdump((char *)sav->iv, sav->ivlen ? sav->ivlen : 8);
- printf("\n");
- }
if (sav->replay != NULL)
kdebug_secreplay(sav->replay);
diff -r 035ac37719b8 -r 63f81434c785 sys/netipsec/keydb.h
--- a/sys/netipsec/keydb.h Mon May 23 15:16:27 2011 +0000
+++ b/sys/netipsec/keydb.h Mon May 23 15:17:25 2011 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: keydb.h,v 1.9 2011/05/16 10:02:30 drochner Exp $ */
+/* $NetBSD: keydb.h,v 1.10 2011/05/23 15:17:25 drochner Exp $ */
/* $FreeBSD: src/sys/netipsec/keydb.h,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $ */
/* $KAME: keydb.h,v 1.14 2000/08/02 17:58:26 sakane Exp $ */
@@ -100,7 +100,6 @@
struct sadb_key *key_auth; /* Key for Authentication */
struct sadb_key *key_enc; /* Key for Encryption */
- void *iv; /* Initilization Vector */
u_int ivlen; /* length of IV */
void *sched; /* intermediate encryption key */
size_t schedlen;
diff -r 035ac37719b8 -r 63f81434c785 sys/netipsec/xform_esp.c
--- a/sys/netipsec/xform_esp.c Mon May 23 15:16:27 2011 +0000
+++ b/sys/netipsec/xform_esp.c Mon May 23 15:17:25 2011 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: xform_esp.c,v 1.36 2011/05/23 13:57:52 drochner Exp $ */
+/* $NetBSD: xform_esp.c,v 1.37 2011/05/23 15:17:25 drochner Exp $ */
/* $FreeBSD: src/sys/netipsec/xform_esp.c,v 1.2.2.1 2003/01/24 05:11:36 sam Exp $ */
/* $OpenBSD: ip_esp.c,v 1.69 2001/06/26 06:18:59 angelos Exp $ */
@@ -39,7 +39,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.36 2011/05/23 13:57:52 drochner Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.37 2011/05/23 15:17:25 drochner Exp $");
#include "opt_inet.h"
#ifdef __FreeBSD__
@@ -205,12 +205,6 @@
}
sav->ivlen = txform->ivsize;
- sav->iv = malloc(sav->ivlen, M_SECA, M_WAITOK);
- if (sav->iv == NULL) {
- DPRINTF(("esp_init: no memory for IV\n"));
- return EINVAL;
- }
- key_randomfill(sav->iv, sav->ivlen); /*XXX*/
/*
* Setup AH-related state.
@@ -262,7 +256,6 @@
if (sav->key_enc)
memset(_KEYBUF(sav->key_enc), 0, _KEYLEN(sav->key_enc));
- /* NB: sav->iv is freed elsewhere, even though we malloc it! */
sav->tdb_encalgxform = NULL;
sav->tdb_xform = NULL;
return error;
Home |
Main Index |
Thread Index |
Old Index