/*
ipsec_attach
Memory Allcate
*/
int ipsec_attach( void* Adapter )
{
PIPSEC pIpsec=&((pADAPTER)Adapter)->Ipsec_SL.Ipsec;
int i;
DBG_ENTER(ipsec_attach);
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add start */
#ifdef BUILD_ANDROID
TNC_LOGOUT("Call ipsec_attach \n");
#endif /* BUILD_ANDROID */
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add end */
/* Version Display */
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add start */
#ifdef BUILD_ANDROID
TNC_LOGOUT("<IPsec Ver.0.50 (2003.06.06)>\n");
#else /* BUILD_ANDROID */
printk("<IPsec Ver.0.50 (2003.06.06)>\n");
#endif /* BUILD_ANDROID */
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add end */
bzero( (char*)pIpsec, sizeof(IPSEC));
pIpsec->hash_buf = (u_char*)kmalloc(HASHB_LEN,GFP_KERNEL);
if(pIpsec->hash_buf == NULL){
return IPSEC_ERROR;
}
pIpsec->hash_mbuf = (u_char*)kmalloc(HASHM_LEN,GFP_KERNEL);
if(pIpsec->hash_mbuf == NULL){
return IPSEC_ERROR;
}
for( i=0; i<4; i++ ) {
pIpsec->sched[i] = (u_char*)kmalloc(DESKS_LEN,GFP_KERNEL);
if(pIpsec->sched[i] == NULL){
return IPSEC_ERROR;
}
}
pIpsec->MBuf = (struct mbuf*)kmalloc(sizeof(struct mbuf)*MB_MAX,GFP_KERNEL);
if(pIpsec->MBuf == NULL){
return IPSEC_ERROR;
}
init_timer(&pIpsec->Key_LifeTimer[FIRST_OUT]);
pIpsec->Key_LifeTimer[FIRST_OUT].function = ipsec_Timeup0;
pIpsec->Key_LifeTimer[FIRST_OUT].data = (unsigned long)pIpsec;
init_timer(&pIpsec->Key_LifeTimer[SECOND_OUT]);
pIpsec->Key_LifeTimer[SECOND_OUT].function = ipsec_Timeup1;
pIpsec->Key_LifeTimer[SECOND_OUT].data = (unsigned long)pIpsec;
init_timer(&pIpsec->Key_LifeTimer[FIRST_IN]);
pIpsec->Key_LifeTimer[FIRST_IN].function = ipsec_Timeup0_in;
pIpsec->Key_LifeTimer[FIRST_IN].data = (unsigned long)pIpsec;
init_timer(&pIpsec->Key_LifeTimer[SECOND_IN]);
pIpsec->Key_LifeTimer[SECOND_IN].function = ipsec_Timeup1_in;
pIpsec->Key_LifeTimer[SECOND_IN].data = (unsigned long)pIpsec;
return( ipsec_init( Adapter ));
}
struct mbuf *
mget( PIPSEC pIpsec )
{
int i;
struct mbuf *ret=NULL;
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add start */
#ifdef BUILD_ANDROID
TNC_LOGOUT("Call mget \n");
#endif /* BUILD_ANDROID */
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add end */
spin_lock(&GlobalLock);
for(i=0; i<MB_MAX; i++ ) {
if( !pIpsec->MBuf[i].use ) {
pIpsec->MBuf[i].m_data = (u_char *)&(pIpsec->MBuf[i].buf[10]);
pIpsec->MBuf[i].offset = 10;
pIpsec->MBuf[i].m_len = 0;
pIpsec->MBuf[i].m_next = 0;
pIpsec->MBuf[i].use = 1;
ret = (struct mbuf *)&pIpsec->MBuf[i];
break;
}
}
spin_unlock(&GlobalLock);
return ret;
}
void
init_mbuf( void *p )
{
PIPSEC pIpsec=(PIPSEC)p;
int i;
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add start */
#ifdef BUILD_ANDROID
TNC_LOGOUT("Call init_mbuf \n");
#endif /* BUILD_ANDROID */
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add end */
for(i=0; i<MB_MAX; i++ ) {
pIpsec->MBuf[i].use = 0;
pIpsec->MBuf[i].flg = 0;
}
for(i=0; i<BM_SEND_BUFF; i++) {
pIpsec->bm_buff[i].use = 0;
pIpsec->bm_buff[i].flg = 0;
}
for(i=0; i<BM_RECV_BUFF; i++) {
pIpsec->bm_buff2[i].use = 0;
pIpsec->bm_buff2[i].flg = 0;
}
}
/*
ipsec_detach
Memory Free
*/
void ipsec_detach( void* Adapter )
{
PIPSEC pIpsec=&((pADAPTER)Adapter)->Ipsec_SL.Ipsec;
int i;
DBG_ENTER(ipsec_detach);
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add start */
#ifdef BUILD_ANDROID
TNC_LOGOUT("Call ipsec_detach \n");
#endif /* BUILD_ANDROID */
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add end */
/* Timer Cancel */
for(i=0; i<KEY_NUM; i++){
if( pIpsec->life_timer[i] )
del_timer(&pIpsec->Key_LifeTimer[i]);
}
/* Memory Free */
kfree(pIpsec->hash_buf);
kfree(pIpsec->hash_mbuf);
for( i=0; i<4; i++ ) {
kfree(pIpsec->sched[i]);
}
kfree(pIpsec->MBuf);
pIpsec->init = 0;
}
/*
ipsec_input()
from driver-core
*/
int
ipsec_input( void* Adapter, struct pkt_buff *pktb )
{
PIPSEC pIpsec=&((pADAPTER)Adapter)->Ipsec_SL.Ipsec;
struct mbuf *m=0;
struct ip_packet *ip;
struct udp_packet *udp;
u_char *buf;
/*printk(KERN_ERR "-----------------------ipsec_input-----------------------------\n");*/
DBG_ENTER(ipsec_input);
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add start */
#ifdef BUILD_ANDROID
TNC_LOGOUT("Call ipsec_input \n");
#endif /* BUILD_ANDROID */
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add end */
if( !pIpsec->init ) {
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add start */
#ifdef BUILD_ANDROID
TNC_LOGOUT(KERN_ERR "ipsec_core Don't initialize\n");
#else /* BUILD_ANDROID */
printk(KERN_ERR "ipsec_core Don't initialize\n");
#endif /* BUILD_ANDROID */
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add end */
return(-1);
}
/* IPsec */
ip = (struct ip_packet *)pktb->data;
udp = (struct udp_packet *)&ip->udp;
if((IPPROTO_UDP == ip->head.ip_p )&&
/* for DIGA @yoshino */
#ifdef TNC_KERNEL_2_6
( udp->head.source == htons(PORT_ISAKMP))) {
#else
( udp->head.uh_sport == htons(PORT_ISAKMP))) {
#endif
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add start */
#ifdef BUILD_ANDROID
TNC_LOGOUT(KERN_ERR "recv IKE packet\n");
#else /* BUILD_ANDROID */
printk(KERN_ERR "recv IKE packet\n");
#endif /* BUILD_ANDROID */
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add end */
return(-1);
}
/* printk(KERN_ERR "-----------------------before in_mbuf_set start-----------------------------\n"); */
/* hex_dump(pktb->data,pktb->len); */
/* printk(KERN_ERR "-----------------------before in_mbuf_set end-----------------------------\n"); */
m = in_mbuf_set( pIpsec, pktb->data, pktb->len ); /* mbuf set */
if( !m )
return(-1);
/* printk(KERN_ERR "-----------------------before esp_input start disp m----------------------------\n"); */
/* hex_dump(m->m_data,m->m_len); */
/* printk(KERN_ERR "-----------------------before esp_input end disp m------------------------------\n"); */
if( IPPROTO_AH == ip->head.ip_p ) {
if( ah_input( pIpsec, m ) ) { /* AH */
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add start */
#ifdef BUILD_ANDROID
TNC_LOGOUT(KERN_ERR "ah_in err\n");
#else /* BUILD_ANDROID */
printk(KERN_ERR "ah_in err\n");
#endif /* BUILD_ANDROID */
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add end */
mfree_m(m);
return(-1);
}
}
else if( IPPROTO_ESP == ip->head.ip_p ) {
if( esp_input( pIpsec, m ) ) { /* ESP */
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add start */
#ifdef BUILD_ANDROID
TNC_LOGOUT(KERN_ERR "esp_in err\n");
#else /* BUILD_ANDROID */
printk(KERN_ERR "esp_in err\n");
#endif /* BUILD_ANDROID */
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add end */
mfree_m(m);
return(-1);
}
}
else if( pIpsec->ip4_def_policy.policy == IPSEC_POLICY_IPSEC ) {
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add start */
#ifdef BUILD_ANDROID
TNC_LOGOUT(KERN_ERR "none esp,ah\n");
#else /* BUILD_ANDROID */
printk(KERN_ERR "none esp,ah\n");
#endif /* BUILD_ANDROID */
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add end */
mfree_m(m);
return(-1);
}
if( pIpsec->ip4_def_policy.policy == IPSEC_POLICY_IPSEC ) {
buf = mtod( m, u_char *);
pktb->len = m->m_total;
pktb->data = buf;
pktb->tail = pktb->data+pktb->len;
/* printk(KERN_ERR "-----------------------ipsec_input in case IPSEC_POLICY_IPSEC start-----------------------------\n"); */
/* hex_dump(pktb->data,pktb->len); */
mfree_m(m);
/* printk(KERN_ERR "-----------------------ipsec_input in case IPSEC_POLICY_IPSEC end-----------------------------\n"); */
return(1);
}
/*
ipsec_output()
from driver-core
*/
int
ipsec_output( void* Adapter, struct pkt_buff *pktb )
{
PIPSEC pIpsec=&((pADAPTER)Adapter)->Ipsec_SL.Ipsec;
struct ipsec_output_state state;
struct ip *ip;
int ret;
u_char *buf;
int out_len;
/*printk(KERN_ERR "-----------------ipsec_output-------------------\n");*/
DBG_ENTER(ipsec_output);
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add start */
#ifdef BUILD_ANDROID
TNC_LOGOUT("Call ipsec_output \n");
#endif /* BUILD_ANDROID */
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add end */
if( !pIpsec->init ) {
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add start */
#ifdef BUILD_ANDROID
TNC_LOGOUT(KERN_ERR "ipsec_core Don't initialize\n");
#else /* BUILD_ANDROID */
printk(KERN_ERR "ipsec_core Don't initialize\n");
#endif /* BUILD_ANDROID */
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add end */
return(0);
}
ip = (struct ip *)pktb->data;
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add start */
#ifdef BUILD_ANDROID
TNC_LOGOUT(KERN_ERR "Call ipsec_output \n");
TNC_LOGOUT(KERN_ERR "host: 0x%x\n",(u_int)ip->ip_dst.s_addr);
TNC_LOGOUT(KERN_ERR "pIpsec->dst_ip: 0x%x\n",(u_int)pIpsec->dst_ip);
#endif /* BUILD_ANDROID */
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add end */
if( pIpsec->dst_ip != (ip->ip_dst.s_addr & pIpsec->dst_mask) ) {
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add start */
#ifdef BUILD_ANDROID
TNC_LOGOUT(KERN_ERR "Unknown host: IPSEC_DST=0x%x IP_DST=0x%x IPSEC_MASK=0x%x\n", (u_int)pIpsec->dst_ip, (u_int)ip->ip_dst.s_addr, (u_int)pIpsec->dst_mask);
#else /* BUILD_ANDROID */
printk(KERN_ERR "Unknown host: IPSEC_DST=0x%x IP_DST=0x%x IPSEC_MASK=0x%x\n", (u_int)pIpsec->dst_ip, (u_int)ip->ip_dst.s_addr, (u_int)pIpsec->dst_mask);
#endif /* BUILD_ANDROID */
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add end */
/* そのまま送信するのか?
それともエラーとして捨てるのか?*/
return(-1);
}
state.m = out_state_set( pIpsec, pktb->data, pktb->len, &state );
if(state.m == NULL) {
DBGPRINT(("Faile to get mbuf at out_state_set\n"));
return -1;
}
ret = ipsec4_output( pIpsec, &state );
if( ret < 0 ) {
return( ret );
}
if( ret == 1 ) {
buf = restore_mbuf( state.m, &out_len );
#ifdef notdef /* AH Tunnel bug -> move */
ip = (struct ip *)buf;
if (pIpsec->def_isr.saidx.mode == IPSEC_MODE_TUNNEL) {
ip->ip_dst.s_addr = pIpsec->tun_dst;
ip->ip_src.s_addr = pIpsec->tun_src;
}
hlen = ip->ip_hl << 2;
ip->ip_sum = 0;
/* make ip checksum */
sum = libnet_in_cksum((u_short *)ip, hlen);
ip->ip_sum = (u_short)(LIBNET_CKSUM_CARRY(sum));
#endif
if(((UINT)out_len > pktb->buff_len) || ((UINT)(buf + out_len) > (UINT)pktb->end)) {
DbgPrint("out_len:%d,pktb->buff_len:%d, (buf + out_len):%x,pktb->end:%x\n",
out_len, pktb->buff_len, (UINT)(buf + out_len), (u_int)pktb->end);
return -1;
}
if(pktb->head > buf) {
DBGPRINT("pktb->head:%x,buf:%x\n", (u_int)pktb->head, (u_int)buf);
return -1;
}
pktb->len = out_len;
pktb->data = buf;
pktb->tail = pktb->data+pktb->len;
}
return( ret );
}
/*
ipsec_key_set
Key Set
*/
int ipsec_key_set( void* Adapter, struct set_ipsec *set )
{
PIPSEC pIpsec=&((pADAPTER)Adapter)->Ipsec_SL.Ipsec;
u_short pro;
u_char mode;
struct ipsecrequest *isr;
#ifdef TNC_TANTAI_TEST
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add start */
#ifdef BUILD_ANDROID
TNC_LOGOUT(KERN_ERR "===== Kernel SA Info [ipsec_key_set] =====\n");
#else /* BUILD_ANDROID */
printk(KERN_ERR "===== Kernel SA Info [ipsec_key_set] =====\n");
#endif /* BUILD_ANDROID */
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add end */
#endif
/* Version Display */
DBG_ENTER(ipsec_key_set);
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add start */
#ifdef BUILD_ANDROID
TNC_LOGOUT("Call ipsec_key_set \n");
#endif /* BUILD_ANDROID */
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add end */
mode = (u_char)set->mode; /* IPSec mode */
pro = (u_short)set->protocol; /* IPSec Protocol */
if(set->direction == OUT_KEY){
/* now_key_noはkey_setsavalで変更されるので
ここでは1の場合は1番目の鍵を、0の場合は2番目の鍵を変更する */
if(pIpsec->now_key_no){
pIpsec->now_key_no = 0;
isr = &pIpsec->def_isr[FIRST_OUT];
((pADAPTER)Adapter)->Ipsec_SL.key_lifetime[FIRST_OUT] = set->lifeTime;
#ifdef TNC_TANTAI_TEST
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add start */
#ifdef BUILD_ANDROID
TNC_LOGOUT(KERN_ERR "SA set FIRST_OUT erea!!\n");
#else /* BUILD_ANDROID */
printk(KERN_ERR "SA set FIRST_OUT erea!!\n");
#endif /* BUILD_ANDROID */
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add end */
#endif
}
else{
pIpsec->now_key_no = 1;
isr = &pIpsec->def_isr[SECOND_OUT];
((pADAPTER)Adapter)->Ipsec_SL.key_lifetime[SECOND_OUT] = set->lifeTime;
#ifdef TNC_TANTAI_TEST
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add start */
#ifdef BUILD_ANDROID
TNC_LOGOUT(KERN_ERR "SA set SECOND_OUT erea!!\n");
#else /* BUILD_ANDROID */
printk(KERN_ERR "SA set SECOND_OUT erea!!\n");
#endif /* BUILD_ANDROID */
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add end */
#endif
}
}
else{
if(pIpsec->def_isr[FIRST_IN].sav->spi == 0 ||
pIpsec->def_isr[FIRST_IN].sav->spi == htonl(set->key.spi)){
isr = &pIpsec->def_isr[FIRST_IN];
((pADAPTER)Adapter)->Ipsec_SL.key_lifetime[FIRST_IN] = set->lifeTime;
#ifdef TNC_TANTAI_TEST
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add start */
#ifdef BUILD_ANDROID
TNC_LOGOUT(KERN_ERR "SA set FIRST_IN erea!!\n");
#else /* BUILD_ANDROID */
printk(KERN_ERR "SA set FIRST_IN erea!!\n");
#endif /* BUILD_ANDROID */
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add end */
#endif
}
else if(pIpsec->def_isr[SECOND_IN].sav->spi == 0 ||
pIpsec->def_isr[SECOND_IN].sav->spi == htonl(set->key.spi)){
isr = &pIpsec->def_isr[SECOND_IN];
((pADAPTER)Adapter)->Ipsec_SL.key_lifetime[SECOND_IN] = set->lifeTime;
#ifdef TNC_TANTAI_TEST
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add start */
#ifdef BUILD_ANDROID
TNC_LOGOUT(KERN_ERR "SA set SECOND_IN erea!!\n");
#else /* BUILD_ANDROID */
printk(KERN_ERR "SA set SECOND_IN erea!!\n");
#endif /* BUILD_ANDROID */
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add end */
#endif
}
else{
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add start */
#ifdef BUILD_ANDROID
TNC_LOGOUT(KERN_ERR "rcv SA full \n");
#else /* BUILD_ANDROID */
printk(KERN_ERR "rcv SA full \n");
#endif /* BUILD_ANDROID */
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add end */
return IPSEC_ERROR;
}
}
/* Default Security Policy Data Base */
pIpsec->ip4_def_policy.refcnt = 0;
pIpsec->ip4_def_policy.spidx.dir = 0;
#ifdef TNC_TANTAI_TEST
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add start */
#ifdef BUILD_ANDROID
TNC_LOGOUT(KERN_ERR "mode: %d\n",mode);
TNC_LOGOUT(KERN_ERR "protocol: %d\n",pro);
#else /* BUILD_ANDROID */
printk(KERN_ERR "mode: %d\n",mode);
printk(KERN_ERR "protocol: %d\n",pro);
#endif /* BUILD_ANDROID */
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add end */
#endif
isr->saidx.src.s_addr = set->tun_src;
isr->saidx.dst.s_addr = set->tun_dst;
/* pIpsec->tun_src = set->tun_src; */
/* pIpsec->tun_dst = set->tun_dst; */
if(set->direction == OUT_KEY){
pIpsec->dst_ip = (set->dst_ip & set->ip_mask);
pIpsec->dst_mask = set->ip_mask;
}
#ifdef TNC_TANTAI_TEST
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add start */
#ifdef BUILD_ANDROID
TNC_LOGOUT(KERN_ERR "tun src: 0x%x\n",(u_int)isr->saidx.src.s_addr);
TNC_LOGOUT(KERN_ERR "tun dst: 0x%x\n",(u_int)isr->saidx.dst.s_addr);
TNC_LOGOUT(KERN_ERR "dst ip: 0x%x\n",(u_int)pIpsec->dst_ip);
TNC_LOGOUT(KERN_ERR "dst mask: 0x%x\n",(u_int)pIpsec->dst_mask);
#else /* BUILD_ANDROID */
printk(KERN_ERR "tun src: 0x%x\n",(u_int)isr->saidx.src.s_addr);
printk(KERN_ERR "tun dst: 0x%x\n",(u_int)isr->saidx.dst.s_addr);
printk(KERN_ERR "dst ip: 0x%x\n",(u_int)pIpsec->dst_ip);
printk(KERN_ERR "dst mask: 0x%x\n",(u_int)pIpsec->dst_mask);
#endif /* BUILD_ANDROID */
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add end */
#endif
pIpsec->ip4_def_policy.spidx.prefs = (sizeof(struct in_addr) << 3);
pIpsec->ip4_def_policy.spidx.prefd = (sizeof(struct in_addr) << 3);
pIpsec->ip4_def_policy.spidx.ul_proto = IPSEC_ULPROTO_ANY;
if( pro )
pIpsec->ip4_def_policy.policy = IPSEC_POLICY_IPSEC;
else {
pIpsec->ip4_def_policy.policy = IPSEC_POLICY_NONE;
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add start */
#ifdef BUILD_ANDROID
TNC_LOGOUT(KERN_ERR "key set: IPSEC_POLICY_NONE");
#else /* BUILD_ANDROID */
printk(KERN_ERR "key set: IPSEC_POLICY_NONE");
#endif /* BUILD_ANDROID */
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add end */
return(IPSEC_SUCCESS);
}
/* Manual-Key or IKE */
pIpsec->ip4_def_policy.key_mode = set->key_mode;
#ifdef TNC_TANTAI_TEST
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add start */
#ifdef BUILD_ANDROID
TNC_LOGOUT(KERN_ERR "key-mode: %d\n",pIpsec->ip4_def_policy.key_mode);
#else /* BUILD_ANDROID */
printk(KERN_ERR "key-mode: %d\n",pIpsec->ip4_def_policy.key_mode);
#endif /* BUILD_ANDROID */
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add end */
#endif
/* Request for IPsec */
isr->level = 0;
isr->saidx.proto = pro;
isr->saidx.mode = mode;
/* key set */
if(key_setsaval( pIpsec, set ))
return IPSEC_ERROR;
return(IPSEC_SUCCESS);
}
/*
ipsec_init
Initialize, Reset
*/
int ipsec_init( void* Adapter )
{
PIPSEC pIpsec=&((pADAPTER)Adapter)->Ipsec_SL.Ipsec;
int i;
DBG_ENTER(ipsec_init);
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add start */
#ifdef BUILD_ANDROID
TNC_LOGOUT("Call ipsec_init \n");
#endif /* BUILD_ANDROID */
/* PMC-Viana-011-カーネルログ出力有効/無効切り替え対応 add end */
pIpsec->ip4_ah_cleartos = 1;
pIpsec->ip4_ah_offsetmask = 0;
pIpsec->ip4_ipsec_dfbit = 0;
pIpsec->ip4_ipsec_ecn = ECN_NOCARE; /* ? */
pIpsec->ip4_def_policy.policy = IPSEC_POLICY_NONE;
pIpsec->ip4_def_policy.key_mode = IPSEC_KEY_MANUAL;
pIpsec->ip4_def_policy.req = (struct ipsecrequest *)&pIpsec->def_isr[0];
/* Request for IPsec */
for(i=0; i<KEY_NUM; i++){
if(i == KEY_NUM - 1)
pIpsec->def_isr[i].next = 0; /* AH, ESP 両方はなし */
else
pIpsec->def_isr[i].next = &pIpsec->def_isr[i+1];
pIpsec->def_isr[i].level = 0;
pIpsec->def_isr[i].saidx.proto = 0;
pIpsec->def_isr[i].saidx.mode = IPSEC_MODE_ANY;
pIpsec->def_isr[i].sav = (struct secasvar *)&pIpsec->def_sa[i]; /* SA */
pIpsec->def_isr[i].sp = (struct secpolicy *)&pIpsec->ip4_def_policy;
}
/* pIpsec->tun_src = 0; */
/* pIpsec->tun_dst = 0; */
memset( pIpsec->def_sa, 0, sizeof(struct secasvar)*4);
/* SA */
/* recv 1 */
pIpsec->def_sa[0].refcnt = 0;
pIpsec->def_sa[0].sa_next = (struct secasvar *)&pIpsec->def_sa[1];
/* send 1 */
pIpsec->def_sa[1].refcnt = 1;
pIpsec->def_sa[1].sa_next = (struct secasvar *)&pIpsec->def_sa[2];
/* recv 2 */
pIpsec->def_sa[2].refcnt = 2;
pIpsec->def_sa[2].sa_next = (struct secasvar *)&pIpsec->def_sa[3];
pIpsec->def_sa[3].refcnt = 3;
pIpsec->def_sa[3].sa_next = 0;
pIpsec->now_key_no = -1;
init_mbuf( (void *)pIpsec );
/* Timer Cancel */
for(i=0; i<KEY_NUM; i++){
if( pIpsec->life_timer[i] ) {
del_timer(&pIpsec->Key_LifeTimer[i]);
pIpsec->life_timer[i] = 0;
}
}
pIpsec->init = 1;
return(IPSEC_SUCCESS);
}
