/* * Import authentication information into the TDB. */ void import_auth(struct tdb *tdb, struct sadb_x_cred *sadb_auth, int dstauth) { struct ipsec_ref **ipr; if (!sadb_auth) return; if (dstauth == PFKEYV2_AUTH_REMOTE) ipr = &tdb->tdb_remote_auth; else ipr = &tdb->tdb_local_auth; *ipr = malloc(EXTLEN(sadb_auth) - sizeof(struct sadb_x_cred) + sizeof(struct ipsec_ref), M_CREDENTIALS, M_WAITOK); (*ipr)->ref_len = EXTLEN(sadb_auth) - sizeof(struct sadb_x_cred); switch (sadb_auth->sadb_x_cred_type) { case SADB_X_AUTHTYPE_PASSPHRASE: (*ipr)->ref_type = IPSP_AUTH_PASSPHRASE; break; case SADB_X_AUTHTYPE_RSA: (*ipr)->ref_type = IPSP_AUTH_RSA; break; default: free(*ipr, M_CREDENTIALS); *ipr = NULL; return; } (*ipr)->ref_count = 1; (*ipr)->ref_malloctype = M_CREDENTIALS; bcopy((void *) sadb_auth + sizeof(struct sadb_x_cred), (*ipr) + 1, (*ipr)->ref_len); }
/* * Import a set of credentials into the TDB. */ void import_credentials(struct tdb *tdb, struct sadb_x_cred *sadb_cred, int dstcred) { struct ipsec_ref **ipr; if (!sadb_cred) return; if (dstcred == PFKEYV2_CRED_REMOTE) ipr = &tdb->tdb_remote_cred; else ipr = &tdb->tdb_local_cred; *ipr = malloc(EXTLEN(sadb_cred) - sizeof(struct sadb_x_cred) + sizeof(struct ipsec_ref), M_CREDENTIALS, M_WAITOK); (*ipr)->ref_len = EXTLEN(sadb_cred) - sizeof(struct sadb_x_cred); switch (sadb_cred->sadb_x_cred_type) { case SADB_X_CREDTYPE_X509: (*ipr)->ref_type = IPSP_CRED_X509; break; case SADB_X_CREDTYPE_KEYNOTE: (*ipr)->ref_type = IPSP_CRED_KEYNOTE; break; default: free(*ipr, M_CREDENTIALS); *ipr = NULL; return; } (*ipr)->ref_count = 1; (*ipr)->ref_malloctype = M_CREDENTIALS; bcopy((void *) sadb_cred + sizeof(struct sadb_x_cred), (*ipr) + 1, (*ipr)->ref_len); }
/* * Import an identity payload into the TDB. */ static void import_identity(struct ipsec_id **id, struct sadb_ident *sadb_ident) { if (!sadb_ident) { *id = NULL; return; } *id = malloc(EXTLEN(sadb_ident) - sizeof(struct sadb_ident) + sizeof(struct ipsec_id), M_CREDENTIALS, M_WAITOK); (*id)->len = EXTLEN(sadb_ident) - sizeof(struct sadb_ident); switch (sadb_ident->sadb_ident_type) { case SADB_IDENTTYPE_PREFIX: (*id)->type = IPSP_IDENTITY_PREFIX; break; case SADB_IDENTTYPE_FQDN: (*id)->type = IPSP_IDENTITY_FQDN; break; case SADB_IDENTTYPE_USERFQDN: (*id)->type = IPSP_IDENTITY_USERFQDN; break; default: free(*id, M_CREDENTIALS, 0); *id = NULL; return; } bcopy((void *) sadb_ident + sizeof(struct sadb_ident), (*id) + 1, (*id)->len); }
/* * Import an identity payload into the TDB. */ void import_identity(struct tdb *tdb, struct sadb_ident *sadb_ident, int type) { struct ipsec_ref **ipr; if (!sadb_ident) return; if (type == PFKEYV2_IDENTITY_SRC) ipr = &tdb->tdb_srcid; else ipr = &tdb->tdb_dstid; *ipr = malloc(EXTLEN(sadb_ident) - sizeof(struct sadb_ident) + sizeof(struct ipsec_ref), M_CREDENTIALS, M_WAITOK); (*ipr)->ref_len = EXTLEN(sadb_ident) - sizeof(struct sadb_ident); switch (sadb_ident->sadb_ident_type) { case SADB_IDENTTYPE_PREFIX: (*ipr)->ref_type = IPSP_IDENTITY_PREFIX; break; case SADB_IDENTTYPE_FQDN: (*ipr)->ref_type = IPSP_IDENTITY_FQDN; break; case SADB_IDENTTYPE_USERFQDN: (*ipr)->ref_type = IPSP_IDENTITY_USERFQDN; break; case SADB_X_IDENTTYPE_CONNECTION: (*ipr)->ref_type = IPSP_IDENTITY_CONNECTION; break; default: free(*ipr, M_CREDENTIALS); *ipr = NULL; return; } (*ipr)->ref_count = 1; (*ipr)->ref_malloctype = M_CREDENTIALS; bcopy((void *) sadb_ident + sizeof(struct sadb_ident), (*ipr) + 1, (*ipr)->ref_len); }