/* * Create proposal with runtime kernel algos, merging * with passed proposal if not NULL * * for now this function does free() previous returned * malloced pointer (this quirk allows easier spdb.c change) */ struct db_context * kernel_alg_db_new(struct alg_info_esp *alg_info, lset_t policy, bool logit) { int ealg_i, aalg_i; unsigned int tn=0; int i; const struct esp_info *esp_info; struct esp_info tmp_esp_info; struct db_context *ctx_new=NULL; struct db_trans *t; struct db_prop *prop; unsigned int trans_cnt; bool success = TRUE; int protoid; if(policy & POLICY_ENCRYPT) { trans_cnt=(esp_ealg_num*esp_aalg_num); protoid = PROTO_IPSEC_ESP; } else if(policy & POLICY_AUTHENTICATE) { trans_cnt=esp_aalg_num; protoid = PROTO_IPSEC_AH; } DBG(DBG_EMITTING, DBG_log("kernel_alg_db_new() " "initial trans_cnt=%d", trans_cnt)); /* pass aprox. number of transforms and attributes */ ctx_new = db_prop_new(protoid, trans_cnt, trans_cnt * 2); /* * Loop: for each element (struct esp_info) of * alg_info, if kernel support is present then * build the transform (and attrs) * * if NULL alg_info, propose everything ... */ /* passert(alg_info!=0); */ if (alg_info) { ALG_INFO_ESP_FOREACH(alg_info, esp_info, i) { bool thistime; tmp_esp_info = *esp_info; thistime = kernel_alg_db_add(ctx_new , &tmp_esp_info , policy, logit); if(thistime == FALSE) { success=FALSE; } } } else {
/* * Create proposal with runtime kernel algos, merging * with passed proposal if not NULL * * for now this function does free() previous returned * malloced pointer (this quirk allows easier spdb.c change) */ struct db_context * kernel_alg_db_new(struct alg_info_esp *alg_info, lset_t policy, bool logit) { int ealg_i, aalg_i, tn=0; int i; const struct esp_info *esp_info; struct esp_info tmp_esp_info; struct db_context *ctx_new=NULL; struct db_trans *t; struct db_prop *prop; int trans_cnt; bool success = TRUE; if (!(policy & POLICY_ENCRYPT)) { /* possible for AH-only modes */ DBG(DBG_CONTROL , DBG_log("algo code only works for encryption modes")); return NULL; } trans_cnt=(esp_ealg_num*esp_aalg_num); DBG(DBG_EMITTING, DBG_log("kernel_alg_db_new() " "initial trans_cnt=%d", trans_cnt)); /* pass aprox. number of transforms and attributes */ ctx_new = db_prop_new(PROTO_IPSEC_ESP, trans_cnt, trans_cnt * 2); /* * Loop: for each element (struct esp_info) of * alg_info, if kernel support is present then * build the transform (and attrs) * * if NULL alg_info, propose everything ... */ /* passert(alg_info!=0); */ if (alg_info) { ALG_INFO_ESP_FOREACH(alg_info, esp_info, i) { bool thistime; tmp_esp_info = *esp_info; thistime = kernel_alg_db_add(ctx_new , &tmp_esp_info , policy, logit); if(thistime == FALSE) { success=FALSE; } } } else {