Module Name: src
Committed By: drochner
Date: Mon May 23 15:17:25 UTC 2011
Modified Files:
src/sys/netipsec: key.c key.h key_debug.c keydb.h xform_esp.c
Log Message:
g/c remainders of IV handling in pfkey code -- this is done in
opencrypto now
To generate a diff of this commit:
cvs rdiff -u -r1.70 -r1.71 src/sys/netipsec/key.c
cvs rdiff -u -r1.9 -r1.10 src/sys/netipsec/key.h src/sys/netipsec/keydb.h
cvs rdiff -u -r1.10 -r1.11 src/sys/netipsec/key_debug.c
cvs rdiff -u -r1.36 -r1.37 src/sys/netipsec/xform_esp.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/netipsec/key.c
diff -u src/sys/netipsec/key.c:1.70 src/sys/netipsec/key.c:1.71
--- src/sys/netipsec/key.c:1.70 Wed May 18 18:56:02 2011
+++ src/sys/netipsec/key.c Mon May 23 15:17:25 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: key.c,v 1.70 2011/05/18 18:56:02 drochner Exp $ */
+/* $NetBSD: key.c,v 1.71 2011/05/23 15:17:25 drochner Exp $ */
/* $FreeBSD: src/sys/netipsec/key.c,v 1.3.2.3 2004/02/14 22:23:23 bms Exp $ */
/* $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $ */
@@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.70 2011/05/18 18:56:02 drochner Exp $");
+__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.71 2011/05/23 15:17:25 drochner Exp $");
/*
* This code is referd to RFC 2367
@@ -3094,10 +3094,6 @@
KFREE(sav->lft_s);
sav->lft_s = NULL;
}
- if (sav->iv != NULL) {
- KFREE(sav->iv);
- sav->iv = NULL;
- }
KFREE(sav);
@@ -3216,7 +3212,6 @@
sav->key_enc = NULL;
sav->sched = NULL;
sav->schedlen = 0;
- sav->iv = NULL;
sav->lft_c = NULL;
sav->lft_h = NULL;
sav->lft_s = NULL;
@@ -3442,10 +3437,6 @@
KFREE(sav->sched);
sav->sched = NULL;
}
- if (sav->iv != NULL) {
- KFREE(sav->iv);
- sav->iv = NULL;
- }
if (sav->lft_c != NULL) {
KFREE(sav->lft_c);
sav->lft_c = NULL;
@@ -8004,15 +7995,6 @@
LIST_INSERT_HEAD(&sav->sah->savtree[state], sav, chain);
}
-void
-key_sa_stir_iv(struct secasvar *sav)
-{
-
- if (!sav->iv)
- panic("key_sa_stir_iv called with sav == NULL");
- key_randomfill(sav->iv, sav->ivlen);
-}
-
/* XXX too much? */
static struct mbuf *
key_alloc_mbuf(int l)
Index: src/sys/netipsec/key.h
diff -u src/sys/netipsec/key.h:1.9 src/sys/netipsec/key.h:1.10
--- src/sys/netipsec/key.h:1.9 Mon Feb 21 22:28:19 2011
+++ src/sys/netipsec/key.h Mon May 23 15:17:25 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: key.h,v 1.9 2011/02/21 22:28:19 drochner Exp $ */
+/* $NetBSD: key.h,v 1.10 2011/05/23 15:17:25 drochner Exp $ */
/* $FreeBSD: src/sys/netipsec/key.h,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $ */
/* $KAME: key.h,v 1.21 2001/07/27 03:51:30 itojun Exp $ */
@@ -106,7 +106,6 @@
void key_init (void);
void key_sa_recordxfer (struct secasvar *, struct mbuf *);
void key_sa_routechange (struct sockaddr *);
-void key_sa_stir_iv (struct secasvar *);
#ifdef IPSEC_NAT_T
u_int16_t key_portfromsaddr (const union sockaddr_union *);
Index: src/sys/netipsec/keydb.h
diff -u src/sys/netipsec/keydb.h:1.9 src/sys/netipsec/keydb.h:1.10
--- src/sys/netipsec/keydb.h:1.9 Mon May 16 10:02:30 2011
+++ src/sys/netipsec/keydb.h Mon May 23 15:17:25 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: keydb.h,v 1.9 2011/05/16 10:02:30 drochner Exp $ */
+/* $NetBSD: keydb.h,v 1.10 2011/05/23 15:17:25 drochner Exp $ */
/* $FreeBSD: src/sys/netipsec/keydb.h,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $ */
/* $KAME: keydb.h,v 1.14 2000/08/02 17:58:26 sakane Exp $ */
@@ -100,7 +100,6 @@
struct sadb_key *key_auth; /* Key for Authentication */
struct sadb_key *key_enc; /* Key for Encryption */
- void *iv; /* Initilization Vector */
u_int ivlen; /* length of IV */
void *sched; /* intermediate encryption key */
size_t schedlen;
Index: src/sys/netipsec/key_debug.c
diff -u src/sys/netipsec/key_debug.c:1.10 src/sys/netipsec/key_debug.c:1.11
--- src/sys/netipsec/key_debug.c:1.10 Mon Feb 21 22:21:40 2011
+++ src/sys/netipsec/key_debug.c Mon May 23 15:17:25 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: key_debug.c,v 1.10 2011/02/21 22:21:40 drochner Exp $ */
+/* $NetBSD: key_debug.c,v 1.11 2011/05/23 15:17:25 drochner Exp $ */
/* $FreeBSD: src/sys/netipsec/key_debug.c,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $ */
/* $KAME: key_debug.c,v 1.26 2001/06/27 10:46:50 sakane Exp $ */
@@ -33,7 +33,7 @@
#ifdef _KERNEL
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: key_debug.c,v 1.10 2011/02/21 22:21:40 drochner Exp $");
+__KERNEL_RCSID(0, "$NetBSD: key_debug.c,v 1.11 2011/05/23 15:17:25 drochner Exp $");
#endif
#include "opt_inet.h"
@@ -562,11 +562,6 @@
kdebug_sadb_key((struct sadb_ext *)sav->key_auth);
if (sav->key_enc != NULL)
kdebug_sadb_key((struct sadb_ext *)sav->key_enc);
- if (sav->iv != NULL) {
- printf(" iv=");
- ipsec_hexdump((char *)sav->iv, sav->ivlen ? sav->ivlen : 8);
- printf("\n");
- }
if (sav->replay != NULL)
kdebug_secreplay(sav->replay);
Index: src/sys/netipsec/xform_esp.c
diff -u src/sys/netipsec/xform_esp.c:1.36 src/sys/netipsec/xform_esp.c:1.37
--- src/sys/netipsec/xform_esp.c:1.36 Mon May 23 13:57:52 2011
+++ src/sys/netipsec/xform_esp.c Mon May 23 15:17:25 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: xform_esp.c,v 1.36 2011/05/23 13:57:52 drochner Exp $ */
+/* $NetBSD: xform_esp.c,v 1.37 2011/05/23 15:17:25 drochner Exp $ */
/* $FreeBSD: src/sys/netipsec/xform_esp.c,v 1.2.2.1 2003/01/24 05:11:36 sam Exp $ */
/* $OpenBSD: ip_esp.c,v 1.69 2001/06/26 06:18:59 angelos Exp $ */
@@ -39,7 +39,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.36 2011/05/23 13:57:52 drochner Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.37 2011/05/23 15:17:25 drochner Exp $");
#include "opt_inet.h"
#ifdef __FreeBSD__
@@ -205,12 +205,6 @@
}
sav->ivlen = txform->ivsize;
- sav->iv = malloc(sav->ivlen, M_SECA, M_WAITOK);
- if (sav->iv == NULL) {
- DPRINTF(("esp_init: no memory for IV\n"));
- return EINVAL;
- }
- key_randomfill(sav->iv, sav->ivlen); /*XXX*/
/*
* Setup AH-related state.
@@ -262,7 +256,6 @@
if (sav->key_enc)
memset(_KEYBUF(sav->key_enc), 0, _KEYLEN(sav->key_enc));
- /* NB: sav->iv is freed elsewhere, even though we malloc it! */
sav->tdb_encalgxform = NULL;
sav->tdb_xform = NULL;
return error;
