/*
* Create proposal with runtime kernel algos, merging
* with passed proposal if not NULL
*
* for now this function does free() previous returned
* malloced pointer (this quirk allows easier spdb.c change)
*/
struct db_context *
kernel_alg_db_new(struct alg_info_esp *alg_info, lset_t policy, bool logit)
{
int ealg_i, aalg_i;
unsigned int tn=0;
int i;
const struct esp_info *esp_info;
struct esp_info tmp_esp_info;
struct db_context *ctx_new=NULL;
struct db_trans *t;
struct db_prop *prop;
unsigned int trans_cnt;
bool success = TRUE;
int protoid;
if(policy & POLICY_ENCRYPT) {
trans_cnt=(esp_ealg_num*esp_aalg_num);
protoid = PROTO_IPSEC_ESP;
} else if(policy & POLICY_AUTHENTICATE) {
trans_cnt=esp_aalg_num;
protoid = PROTO_IPSEC_AH;
}
DBG(DBG_EMITTING, DBG_log("kernel_alg_db_new() "
"initial trans_cnt=%d",
trans_cnt));
/* pass aprox. number of transforms and attributes */
ctx_new = db_prop_new(protoid, trans_cnt, trans_cnt * 2);
/*
* Loop: for each element (struct esp_info) of
* alg_info, if kernel support is present then
* build the transform (and attrs)
*
* if NULL alg_info, propose everything ...
*/
/* passert(alg_info!=0); */
if (alg_info) {
ALG_INFO_ESP_FOREACH(alg_info, esp_info, i) {
bool thistime;
tmp_esp_info = *esp_info;
thistime = kernel_alg_db_add(ctx_new
, &tmp_esp_info
, policy, logit);
if(thistime == FALSE) {
success=FALSE;
}
}
} else {
/*
* Create proposal with runtime kernel algos, merging
* with passed proposal if not NULL
*
* for now this function does free() previous returned
* malloced pointer (this quirk allows easier spdb.c change)
*/
struct db_context *
kernel_alg_db_new(struct alg_info_esp *alg_info, lset_t policy, bool logit)
{
int ealg_i, aalg_i, tn=0;
int i;
const struct esp_info *esp_info;
struct esp_info tmp_esp_info;
struct db_context *ctx_new=NULL;
struct db_trans *t;
struct db_prop *prop;
int trans_cnt;
bool success = TRUE;
if (!(policy & POLICY_ENCRYPT)) { /* possible for AH-only modes */
DBG(DBG_CONTROL
, DBG_log("algo code only works for encryption modes"));
return NULL;
}
trans_cnt=(esp_ealg_num*esp_aalg_num);
DBG(DBG_EMITTING, DBG_log("kernel_alg_db_new() "
"initial trans_cnt=%d",
trans_cnt));
/* pass aprox. number of transforms and attributes */
ctx_new = db_prop_new(PROTO_IPSEC_ESP, trans_cnt, trans_cnt * 2);
/*
* Loop: for each element (struct esp_info) of
* alg_info, if kernel support is present then
* build the transform (and attrs)
*
* if NULL alg_info, propose everything ...
*/
/* passert(alg_info!=0); */
if (alg_info) {
ALG_INFO_ESP_FOREACH(alg_info, esp_info, i) {
bool thistime;
tmp_esp_info = *esp_info;
thistime = kernel_alg_db_add(ctx_new
, &tmp_esp_info
, policy, logit);
if(thistime == FALSE) {
success=FALSE;
}
}
} else {
