version 1.1.1.1, 2012/02/21 22:39:10
|
version 1.1.1.3, 2016/11/02 10:45:58
|
Line 1
|
Line 1
|
/* $NetBSD: isakmp_inf.c,v 1.47 2011/03/15 13:20:14 vanhu Exp $ */ | /* $NetBSD: isakmp_inf.c,v 1.47.2.3 2013/04/12 09:53:52 tteras Exp $ */ |
|
|
/* Id: isakmp_inf.c,v 1.44 2006/05/06 20:45:52 manubsd Exp */ |
/* Id: isakmp_inf.c,v 1.44 2006/05/06 20:45:52 manubsd Exp */ |
|
|
Line 492 isakmp_info_recv_d(iph1, delete, msgid, encrypted)
|
Line 492 isakmp_info_recv_d(iph1, delete, msgid, encrypted)
|
"delete payload for protocol %s\n", |
"delete payload for protocol %s\n", |
s_ipsecdoi_proto(delete->proto_id)); |
s_ipsecdoi_proto(delete->proto_id)); |
|
|
if(!iph1->rmconf->weak_phase1_check && !encrypted) { | if((iph1 == NULL || !iph1->rmconf->weak_phase1_check) && !encrypted) { |
plog(LLV_WARNING, LOCATION, iph1->remote, |
plog(LLV_WARNING, LOCATION, iph1->remote, |
"Ignoring unencrypted delete payload " |
"Ignoring unencrypted delete payload " |
"(check the weak_phase1_check option)\n"); |
"(check the weak_phase1_check option)\n"); |
Line 1116 purge_ipsec_spi(dst0, proto, spi, n)
|
Line 1116 purge_ipsec_spi(dst0, proto, spi, n)
|
u_int64_t created; |
u_int64_t created; |
size_t i; |
size_t i; |
caddr_t mhp[SADB_EXT_MAX + 1]; |
caddr_t mhp[SADB_EXT_MAX + 1]; |
|
unsigned num_purged = 0; |
|
|
plog(LLV_DEBUG2, LOCATION, NULL, |
plog(LLV_DEBUG2, LOCATION, NULL, |
"purge_ipsec_spi:\n"); |
"purge_ipsec_spi:\n"); |
Line 1172 purge_ipsec_spi(dst0, proto, spi, n)
|
Line 1173 purge_ipsec_spi(dst0, proto, spi, n)
|
|
|
plog(LLV_DEBUG2, LOCATION, NULL, "src: %s\n", saddr2str(src)); |
plog(LLV_DEBUG2, LOCATION, NULL, "src: %s\n", saddr2str(src)); |
plog(LLV_DEBUG2, LOCATION, NULL, "dst: %s\n", saddr2str(dst)); |
plog(LLV_DEBUG2, LOCATION, NULL, "dst: %s\n", saddr2str(dst)); |
|
plog(LLV_DEBUG2, LOCATION, NULL, "spi: %u\n", ntohl(sa->sadb_sa_spi)); |
|
|
/* XXX n^2 algorithm, inefficient */ |
/* XXX n^2 algorithm, inefficient */ |
|
|
Line 1210 purge_ipsec_spi(dst0, proto, spi, n)
|
Line 1212 purge_ipsec_spi(dst0, proto, spi, n)
|
"purged IPsec-SA proto_id=%s spi=%u.\n", |
"purged IPsec-SA proto_id=%s spi=%u.\n", |
s_ipsecdoi_proto(proto), |
s_ipsecdoi_proto(proto), |
ntohl(spi[i])); |
ntohl(spi[i])); |
|
num_purged++; |
} |
} |
|
|
msg = next; |
msg = next; |
Line 1217 purge_ipsec_spi(dst0, proto, spi, n)
|
Line 1220 purge_ipsec_spi(dst0, proto, spi, n)
|
|
|
if (buf) |
if (buf) |
vfree(buf); |
vfree(buf); |
|
|
|
plog(LLV_DEBUG, LOCATION, NULL, "purged %u SAs.\n", num_purged); |
} |
} |
|
|
/* |
/* |
Line 1465 isakmp_info_recv_r_u_ack (iph1, ru, msgid)
|
Line 1470 isakmp_info_recv_r_u_ack (iph1, ru, msgid)
|
return 0; |
return 0; |
} |
} |
|
|
if (memcmp(ru->i_ck, iph1->index.i_ck, sizeof(cookie_t)) || | /* accept cookies in original or reversed order */ |
memcmp(ru->r_ck, iph1->index.r_ck, sizeof(cookie_t))) { | if ((memcmp(ru->i_ck, iph1->index.i_ck, sizeof(cookie_t)) || |
| memcmp(ru->r_ck, iph1->index.r_ck, sizeof(cookie_t))) && |
| (memcmp(ru->r_ck, iph1->index.i_ck, sizeof(cookie_t)) || |
| memcmp(ru->i_ck, iph1->index.r_ck, sizeof(cookie_t)))) { |
plog(LLV_ERROR, LOCATION, iph1->remote, |
plog(LLV_ERROR, LOCATION, iph1->remote, |
"Cookie mismatch in DPD ACK!.\n"); |
"Cookie mismatch in DPD ACK!.\n"); |
return 0; |
return 0; |
Line 1477 isakmp_info_recv_r_u_ack (iph1, ru, msgid)
|
Line 1485 isakmp_info_recv_r_u_ack (iph1, ru, msgid)
|
sched_cancel(&iph1->dpd_r_u); |
sched_cancel(&iph1->dpd_r_u); |
isakmp_sched_r_u(iph1, 0); |
isakmp_sched_r_u(iph1, 0); |
|
|
plog(LLV_DEBUG, LOCATION, NULL, "received an R-U-THERE-ACK\n"); | plog(LLV_DEBUG, LOCATION, iph1->remote, "received an R-U-THERE-ACK\n"); |
|
|
return 0; |
return 0; |
} |
} |