/*
* Import authentication information into the TDB.
*/
void
import_auth(struct tdb *tdb, struct sadb_x_cred *sadb_auth, int dstauth)
{
struct ipsec_ref **ipr;
if (!sadb_auth)
return;
if (dstauth == PFKEYV2_AUTH_REMOTE)
ipr = &tdb->tdb_remote_auth;
else
ipr = &tdb->tdb_local_auth;
*ipr = malloc(EXTLEN(sadb_auth) - sizeof(struct sadb_x_cred) +
sizeof(struct ipsec_ref), M_CREDENTIALS, M_WAITOK);
(*ipr)->ref_len = EXTLEN(sadb_auth) - sizeof(struct sadb_x_cred);
switch (sadb_auth->sadb_x_cred_type) {
case SADB_X_AUTHTYPE_PASSPHRASE:
(*ipr)->ref_type = IPSP_AUTH_PASSPHRASE;
break;
case SADB_X_AUTHTYPE_RSA:
(*ipr)->ref_type = IPSP_AUTH_RSA;
break;
default:
free(*ipr, M_CREDENTIALS);
*ipr = NULL;
return;
}
(*ipr)->ref_count = 1;
(*ipr)->ref_malloctype = M_CREDENTIALS;
bcopy((void *) sadb_auth + sizeof(struct sadb_x_cred),
(*ipr) + 1, (*ipr)->ref_len);
}
/*
* Import a set of credentials into the TDB.
*/
void
import_credentials(struct tdb *tdb, struct sadb_x_cred *sadb_cred, int dstcred)
{
struct ipsec_ref **ipr;
if (!sadb_cred)
return;
if (dstcred == PFKEYV2_CRED_REMOTE)
ipr = &tdb->tdb_remote_cred;
else
ipr = &tdb->tdb_local_cred;
*ipr = malloc(EXTLEN(sadb_cred) - sizeof(struct sadb_x_cred) +
sizeof(struct ipsec_ref), M_CREDENTIALS, M_WAITOK);
(*ipr)->ref_len = EXTLEN(sadb_cred) - sizeof(struct sadb_x_cred);
switch (sadb_cred->sadb_x_cred_type) {
case SADB_X_CREDTYPE_X509:
(*ipr)->ref_type = IPSP_CRED_X509;
break;
case SADB_X_CREDTYPE_KEYNOTE:
(*ipr)->ref_type = IPSP_CRED_KEYNOTE;
break;
default:
free(*ipr, M_CREDENTIALS);
*ipr = NULL;
return;
}
(*ipr)->ref_count = 1;
(*ipr)->ref_malloctype = M_CREDENTIALS;
bcopy((void *) sadb_cred + sizeof(struct sadb_x_cred),
(*ipr) + 1, (*ipr)->ref_len);
}
/*
* Import an identity payload into the TDB.
*/
static void
import_identity(struct ipsec_id **id, struct sadb_ident *sadb_ident)
{
if (!sadb_ident) {
*id = NULL;
return;
}
*id = malloc(EXTLEN(sadb_ident) - sizeof(struct sadb_ident) +
sizeof(struct ipsec_id), M_CREDENTIALS, M_WAITOK);
(*id)->len = EXTLEN(sadb_ident) - sizeof(struct sadb_ident);
switch (sadb_ident->sadb_ident_type) {
case SADB_IDENTTYPE_PREFIX:
(*id)->type = IPSP_IDENTITY_PREFIX;
break;
case SADB_IDENTTYPE_FQDN:
(*id)->type = IPSP_IDENTITY_FQDN;
break;
case SADB_IDENTTYPE_USERFQDN:
(*id)->type = IPSP_IDENTITY_USERFQDN;
break;
default:
free(*id, M_CREDENTIALS, 0);
*id = NULL;
return;
}
bcopy((void *) sadb_ident + sizeof(struct sadb_ident), (*id) + 1,
(*id)->len);
}
/*
* Import an identity payload into the TDB.
*/
void
import_identity(struct tdb *tdb, struct sadb_ident *sadb_ident, int type)
{
struct ipsec_ref **ipr;
if (!sadb_ident)
return;
if (type == PFKEYV2_IDENTITY_SRC)
ipr = &tdb->tdb_srcid;
else
ipr = &tdb->tdb_dstid;
*ipr = malloc(EXTLEN(sadb_ident) - sizeof(struct sadb_ident) +
sizeof(struct ipsec_ref), M_CREDENTIALS, M_WAITOK);
(*ipr)->ref_len = EXTLEN(sadb_ident) - sizeof(struct sadb_ident);
switch (sadb_ident->sadb_ident_type) {
case SADB_IDENTTYPE_PREFIX:
(*ipr)->ref_type = IPSP_IDENTITY_PREFIX;
break;
case SADB_IDENTTYPE_FQDN:
(*ipr)->ref_type = IPSP_IDENTITY_FQDN;
break;
case SADB_IDENTTYPE_USERFQDN:
(*ipr)->ref_type = IPSP_IDENTITY_USERFQDN;
break;
case SADB_X_IDENTTYPE_CONNECTION:
(*ipr)->ref_type = IPSP_IDENTITY_CONNECTION;
break;
default:
free(*ipr, M_CREDENTIALS);
*ipr = NULL;
return;
}
(*ipr)->ref_count = 1;
(*ipr)->ref_malloctype = M_CREDENTIALS;
bcopy((void *) sadb_ident + sizeof(struct sadb_ident), (*ipr) + 1,
(*ipr)->ref_len);
}
