diff options
Diffstat (limited to 'sys/netinet')
-rw-r--r-- | sys/netinet/ip_ah_new.c | 18 | ||||
-rw-r--r-- | sys/netinet/ip_ah_old.c | 18 | ||||
-rw-r--r-- | sys/netinet/ip_esp_new.c | 18 | ||||
-rw-r--r-- | sys/netinet/ip_esp_old.c | 18 | ||||
-rw-r--r-- | sys/netinet/ip_ipsp.c | 24 | ||||
-rw-r--r-- | sys/netinet/ip_output.c | 3 |
6 files changed, 30 insertions, 69 deletions
diff --git a/sys/netinet/ip_ah_new.c b/sys/netinet/ip_ah_new.c index cdb781deb56..c3531efeea1 100644 --- a/sys/netinet/ip_ah_new.c +++ b/sys/netinet/ip_ah_new.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_ah_new.c,v 1.24 1999/02/25 20:14:36 angelos Exp $ */ +/* $OpenBSD: ip_ah_new.c,v 1.25 1999/03/24 17:00:44 niklas Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), @@ -273,9 +273,7 @@ ah_new_input(struct mbuf *m, struct tdb *tdb) if ((tdb->tdb_flags & TDBF_BYTES) && (tdb->tdb_cur_bytes >= tdb->tdb_exp_bytes)) { -/* XXX - encap_sendnotify(NOTIFY_HARD_EXPIRE, tdb, NULL); -*/ + pfkeyv2_expire(tdb, SADB_EXT_LIFETIME_HARD); tdb_delete(tdb, 0); m_freem(m); return NULL; @@ -285,9 +283,7 @@ ah_new_input(struct mbuf *m, struct tdb *tdb) if ((tdb->tdb_flags & TDBF_SOFT_BYTES) && (tdb->tdb_cur_bytes >= tdb->tdb_soft_bytes)) { -/* XXX - encap_sendnotify(NOTIFY_SOFT_EXPIRE, tdb, NULL); -*/ + pfkeyv2_expire(tdb, SADB_EXT_LIFETIME_SOFT); tdb->tdb_flags &= ~TDBF_SOFT_BYTES; /* Turn off checking */ } @@ -504,9 +500,7 @@ ah_new_output(struct mbuf *m, struct sockaddr_encap *gw, struct tdb *tdb, if ((tdb->tdb_flags & TDBF_BYTES) && (tdb->tdb_cur_bytes >= tdb->tdb_exp_bytes)) { -/* XXX - encap_sendnotify(NOTIFY_HARD_EXPIRE, tdb, NULL); -*/ + pfkeyv2_expire(tdb, SADB_EXT_LIFETIME_HARD); tdb_delete(tdb, 0); m_freem(m); return EINVAL; @@ -516,9 +510,7 @@ ah_new_output(struct mbuf *m, struct sockaddr_encap *gw, struct tdb *tdb, if ((tdb->tdb_flags & TDBF_SOFT_BYTES) && (tdb->tdb_cur_bytes >= tdb->tdb_soft_bytes)) { -/* XXX - encap_sendnotify(NOTIFY_SOFT_EXPIRE, tdb, NULL); -*/ + pfkeyv2_expire(tdb, SADB_EXT_LIFETIME_SOFT); tdb->tdb_flags &= ~TDBF_SOFT_BYTES; /* Turn off checking */ } diff --git a/sys/netinet/ip_ah_old.c b/sys/netinet/ip_ah_old.c index 841d954fe8d..2bd432332f2 100644 --- a/sys/netinet/ip_ah_old.c +++ b/sys/netinet/ip_ah_old.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_ah_old.c,v 1.21 1999/02/25 20:14:38 angelos Exp $ */ +/* $OpenBSD: ip_ah_old.c,v 1.22 1999/03/24 17:00:45 niklas Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), @@ -237,9 +237,7 @@ ah_old_input(struct mbuf *m, struct tdb *tdb) if ((tdb->tdb_flags & TDBF_BYTES) && (tdb->tdb_cur_bytes >= tdb->tdb_exp_bytes)) { -/* XXX - encap_sendnotify(NOTIFY_HARD_EXPIRE, tdb, NULL); -*/ + pfkeyv2_expire(tdb, SADB_EXT_LIFETIME_HARD); m_freem(m); tdb_delete(tdb, 0); return NULL; @@ -249,9 +247,7 @@ ah_old_input(struct mbuf *m, struct tdb *tdb) if ((tdb->tdb_flags & TDBF_SOFT_BYTES) && (tdb->tdb_cur_bytes >= tdb->tdb_soft_bytes)) { -/* XXX - encap_sendnotify(NOTIFY_SOFT_EXPIRE, tdb, NULL); -*/ + pfkeyv2_expire(tdb, SADB_EXT_LIFETIME_SOFT); tdb->tdb_flags &= ~TDBF_SOFT_BYTES; /* Turn off checking */ } @@ -431,9 +427,7 @@ ah_old_output(struct mbuf *m, struct sockaddr_encap *gw, struct tdb *tdb, if ((tdb->tdb_flags & TDBF_BYTES) && (tdb->tdb_cur_bytes >= tdb->tdb_exp_bytes)) { -/* XXX - encap_sendnotify(NOTIFY_HARD_EXPIRE, tdb, NULL); -*/ + pfkeyv2_expire(tdb, SADB_EXT_LIFETIME_HARD); tdb_delete(tdb, 0); m_freem(m); return EINVAL; @@ -443,9 +437,7 @@ ah_old_output(struct mbuf *m, struct sockaddr_encap *gw, struct tdb *tdb, if ((tdb->tdb_flags & TDBF_SOFT_BYTES) && (tdb->tdb_cur_bytes >= tdb->tdb_soft_bytes)) { -/* XXX - encap_sendnotify(NOTIFY_SOFT_EXPIRE, tdb, NULL); -*/ + pfkeyv2_expire(tdb, SADB_EXT_LIFETIME_SOFT); tdb->tdb_flags &= ~TDBF_SOFT_BYTES; /* Turn off checking */ } diff --git a/sys/netinet/ip_esp_new.c b/sys/netinet/ip_esp_new.c index 5147490447c..67f87eb5b9e 100644 --- a/sys/netinet/ip_esp_new.c +++ b/sys/netinet/ip_esp_new.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_esp_new.c,v 1.39 1999/02/25 20:23:02 angelos Exp $ */ +/* $OpenBSD: ip_esp_new.c,v 1.40 1999/03/24 17:00:45 niklas Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), @@ -494,9 +494,7 @@ esp_new_input(struct mbuf *m, struct tdb *tdb) if ((tdb->tdb_flags & TDBF_BYTES) && (tdb->tdb_cur_bytes >= tdb->tdb_exp_bytes)) { -/* XXX - encap_sendnotify(NOTIFY_HARD_EXPIRE, tdb, NULL); -*/ + pfkeyv2_expire(tdb, SADB_EXT_LIFETIME_HARD); tdb_delete(tdb, 0); m_freem(m); return NULL; @@ -506,9 +504,7 @@ esp_new_input(struct mbuf *m, struct tdb *tdb) if ((tdb->tdb_flags & TDBF_SOFT_BYTES) && (tdb->tdb_cur_bytes >= tdb->tdb_soft_bytes)) { -/* XXX - encap_sendnotify(NOTIFY_SOFT_EXPIRE, tdb, NULL); -*/ + pfkeyv2_expire(tdb, SADB_EXT_LIFETIME_SOFT); tdb->tdb_flags &= ~TDBF_SOFT_BYTES; /* Turn off checking */ } @@ -836,9 +832,7 @@ esp_new_output(struct mbuf *m, struct sockaddr_encap *gw, struct tdb *tdb, if ((tdb->tdb_flags & TDBF_BYTES) && (tdb->tdb_cur_bytes >= tdb->tdb_exp_bytes)) { -/* XXX - encap_sendnotify(NOTIFY_HARD_EXPIRE, tdb, NULL); -*/ + pfkeyv2_expire(tdb, SADB_EXT_LIFETIME_HARD); tdb_delete(tdb, 0); m_freem(m); return EINVAL; @@ -848,9 +842,7 @@ esp_new_output(struct mbuf *m, struct sockaddr_encap *gw, struct tdb *tdb, if ((tdb->tdb_flags & TDBF_SOFT_BYTES) && (tdb->tdb_cur_bytes >= tdb->tdb_soft_bytes)) { -/* XXX - encap_sendnotify(NOTIFY_SOFT_EXPIRE, tdb, NULL); -*/ + pfkeyv2_expire(tdb, SADB_EXT_LIFETIME_SOFT); tdb->tdb_flags &= ~TDBF_SOFT_BYTES; /* Turn off checking */ } diff --git a/sys/netinet/ip_esp_old.c b/sys/netinet/ip_esp_old.c index 2c51ead6429..92639fe002a 100644 --- a/sys/netinet/ip_esp_old.c +++ b/sys/netinet/ip_esp_old.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_esp_old.c,v 1.30 1999/02/25 20:14:41 angelos Exp $ */ +/* $OpenBSD: ip_esp_old.c,v 1.31 1999/03/24 17:00:46 niklas Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), @@ -291,9 +291,7 @@ esp_old_input(struct mbuf *m, struct tdb *tdb) if ((tdb->tdb_flags & TDBF_BYTES) && (tdb->tdb_cur_bytes >= tdb->tdb_exp_bytes)) { -/* XXX - encap_sendnotify(NOTIFY_HARD_EXPIRE, tdb, NULL); -*/ + pfkeyv2_expire(tdb, SADB_EXT_LIFETIME_HARD); tdb_delete(tdb, 0); m_freem(m); return NULL; @@ -303,9 +301,7 @@ esp_old_input(struct mbuf *m, struct tdb *tdb) if ((tdb->tdb_flags & TDBF_SOFT_BYTES) && (tdb->tdb_cur_bytes >= tdb->tdb_soft_bytes)) { -/* XXX - encap_sendnotify(NOTIFY_SOFT_EXPIRE, tdb, NULL); -*/ + pfkeyv2_expire(tdb, SADB_EXT_LIFETIME_SOFT); tdb->tdb_flags &= ~TDBF_SOFT_BYTES; /* Turn off checking */ } @@ -578,9 +574,7 @@ esp_old_output(struct mbuf *m, struct sockaddr_encap *gw, struct tdb *tdb, if ((tdb->tdb_flags & TDBF_BYTES) && (tdb->tdb_cur_bytes >= tdb->tdb_exp_bytes)) { -/* XXX - encap_sendnotify(NOTIFY_HARD_EXPIRE, tdb, NULL); -*/ + pfkeyv2_expire(tdb, SADB_EXT_LIFETIME_HARD); tdb_delete(tdb, 0); m_freem(m); return EINVAL; @@ -590,9 +584,7 @@ esp_old_output(struct mbuf *m, struct sockaddr_encap *gw, struct tdb *tdb, if ((tdb->tdb_flags & TDBF_SOFT_BYTES) && (tdb->tdb_cur_bytes >= tdb->tdb_soft_bytes)) { -/* XXX - encap_sendnotify(NOTIFY_SOFT_EXPIRE, tdb, NULL); -*/ + pfkeyv2_expire(tdb, SADB_EXT_LIFETIME_SOFT); tdb->tdb_flags &= ~TDBF_SOFT_BYTES; /* Turn off checking */ } diff --git a/sys/netinet/ip_ipsp.c b/sys/netinet/ip_ipsp.c index ffdeff4c5d3..21ba455bca3 100644 --- a/sys/netinet/ip_ipsp.c +++ b/sys/netinet/ip_ipsp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_ipsp.c,v 1.37 1999/03/04 21:51:27 deraadt Exp $ */ +/* $OpenBSD: ip_ipsp.c,v 1.38 1999/03/24 17:00:47 niklas Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), @@ -471,9 +471,7 @@ handle_expirations(void *arg) if ((tdb->tdb_flags & TDBF_TIMER) && (tdb->tdb_exp_timeout <= time.tv_sec)) { -/* XXX - encap_sendnotify(NOTIFY_HARD_EXPIRE, tdb, NULL); -*/ + pfkeyv2_expire(tdb, SADB_EXT_LIFETIME_HARD); tdb_delete(tdb, 0); continue; } @@ -481,9 +479,7 @@ handle_expirations(void *arg) if ((tdb->tdb_flags & TDBF_FIRSTUSE) && (tdb->tdb_first_use + tdb->tdb_exp_first_use <= time.tv_sec)) { -/* XXX - encap_sendnotify(NOTIFY_HARD_EXPIRE, tdb, NULL); -*/ + pfkeyv2_expire(tdb, SADB_EXT_LIFETIME_HARD); tdb_delete(tdb, 0); continue; } @@ -492,9 +488,7 @@ handle_expirations(void *arg) if ((tdb->tdb_flags & TDBF_SOFT_TIMER) && (tdb->tdb_soft_timeout <= time.tv_sec)) { -/* XXX - encap_sendnotify(NOTIFY_SOFT_EXPIRE, tdb, NULL); -*/ + pfkeyv2_expire(tdb, SADB_EXT_LIFETIME_SOFT); tdb->tdb_flags &= ~TDBF_SOFT_TIMER; } else @@ -502,9 +496,7 @@ handle_expirations(void *arg) (tdb->tdb_first_use + tdb->tdb_soft_first_use <= time.tv_sec)) { -/* XXX - encap_sendnotify(NOTIFY_SOFT_EXPIRE, tdb, NULL); -*/ + pfkeyv2_expire(tdb, SADB_EXT_LIFETIME_SOFT); tdb->tdb_flags &= ~TDBF_SOFT_FIRSTUSE; } } @@ -714,7 +706,9 @@ tdb_delete(struct tdb *tdbp, int delchain) ipsec_in_use--; } - cleanup_expirations(&tdbp->tdb_dst, tdbp->tdb_spi, tdbp->tdb_sproto); + /* removal of a larval SA should not remove the mature SA's expirations */ + if ((tdbp->tdb_flags & TDBF_INVALID) == 0) + cleanup_expirations(&tdbp->tdb_dst, tdbp->tdb_spi, tdbp->tdb_sproto); if (tdbp->tdb_srcid) FREE(tdbp->tdb_srcid, M_XDATA); @@ -834,7 +828,7 @@ ipsp_kern(int off, char **bufp, int len) else i = 1; - l += sprintf(buffer + l, "halviv"); + l += sprintf(buffer + l, "halfiv"); } if (tdb->tdb_flags & TDBF_PFS) diff --git a/sys/netinet/ip_output.c b/sys/netinet/ip_output.c index 288e96d6c38..311806ea3d8 100644 --- a/sys/netinet/ip_output.c +++ b/sys/netinet/ip_output.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_output.c,v 1.42 1999/03/06 20:59:41 angelos Exp $ */ +/* $OpenBSD: ip_output.c,v 1.43 1999/03/24 17:00:47 niklas Exp $ */ /* $NetBSD: ip_output.c,v 1.28 1996/02/13 23:43:07 christos Exp $ */ /* @@ -86,7 +86,6 @@ int (*fr_checkp) __P((struct ip *, int, struct ifnet *, int, struct mbuf **)); #endif #ifdef IPSEC -extern void encap_sendnotify __P((int, struct tdb *, void *)); extern int ipsec_auth_default_level; extern int ipsec_esp_trans_default_level; extern int ipsec_esp_network_default_level; |