Lines Matching defs:saidx
218 * - Multiple saves with the same saidx can exist
223 * - The table is used to search an sav without use of saidx.
239 * - First get an sah by saidx and get an sav from either of sah's savlists
360 #define SAHLIST_READER_FOREACH_SAIDX(sah, saidx) \
362 &key_sad.sahlists[key_saidxhash((saidx), \
371 &key_sad.sahlists[key_saidxhash(&(sah)->saidx, \
1020 if (p->saidx.mode != IPSEC_MODE_TUNNEL)
1037 if (!key_sockaddr_match(&r1->saidx.src.sa, isrc, PORT_NONE) ||
1038 !key_sockaddr_match(&r1->saidx.dst.sa, idst, PORT_NONE))
1042 if (!key_sockaddr_match(&r2->saidx.src.sa, osrc, PORT_NONE) ||
1043 !key_sockaddr_match(&r2->saidx.dst.sa, odst, PORT_NONE))
1070 key_checkrequest(const struct ipsecrequest *isr, const struct secasindex *saidx,
1078 KASSERTMSG(saidx->mode == IPSEC_MODE_TRANSPORT ||
1079 saidx->mode == IPSEC_MODE_TUNNEL,
1080 "unexpected policy %u", saidx->mode);
1092 sav = key_lookup_sa_bysaidx(saidx);
1099 error = key_acquire(saidx, isr->sp, M_NOWAIT);
1123 key_lookup_sa_bysaidx(const struct secasindex *saidx)
1133 sah = key_getsah(saidx, CMP_MODE_REQID);
1187 satype = key_proto2satype(sav->sah->saidx.proto);
1196 /* set sadb_address for saidx's. */
1197 m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC, &sav->sah->saidx.src.sa,
1198 _BITS(sav->sah->saidx.src.sa.sa_len), IPSEC_ULPROTO_ANY);
1203 /* set sadb_address for saidx's. */
1204 m = key_setsadbaddr(SADB_EXT_ADDRESS_DST, &sav->sah->saidx.src.sa,
1205 _BITS(sav->sah->saidx.src.sa.sa_len), IPSEC_ULPROTO_ANY);
1323 if (proto != sav->sah->saidx.proto) {
1326 proto, sav->sah->saidx.proto);
1347 if (!key_sockaddr_match(&src->sa, &sav->sah->saidx.src.sa, PORT_NONE))
1353 if (!key_sockaddr_match(&dst->sa, &sav->sah->saidx.dst.sa, chkport))
1910 (*p_isr)->saidx.proto = xisr->sadb_x_ipsecrequest_proto;
1923 (*p_isr)->saidx.mode = xisr->sadb_x_ipsecrequest_mode;
1963 (*p_isr)->saidx.reqid = reqid;
1966 (*p_isr)->saidx.reqid = xisr_reqid;
1999 if (paddr->sa_len > sizeof((*p_isr)->saidx.src)) {
2005 memcpy(&(*p_isr)->saidx.src, paddr, paddr->sa_len);
2011 if (paddr->sa_len > sizeof((*p_isr)->saidx.dst)) {
2017 memcpy(&(*p_isr)->saidx.dst, paddr, paddr->sa_len);
2110 xisr->sadb_x_ipsecrequest_proto = isr->saidx.proto;
2111 xisr->sadb_x_ipsecrequest_mode = isr->saidx.mode;
2113 xisr->sadb_x_ipsecrequest_reqid = isr->saidx.reqid;
2116 memcpy(p, &isr->saidx.src, isr->saidx.src.sa.sa_len);
2117 p += isr->saidx.src.sa.sa_len;
2118 memcpy(p, &isr->saidx.dst, isr->saidx.dst.sa.sa_len);
2119 p += isr->saidx.src.sa.sa_len;
2123 + isr->saidx.src.sa.sa_len
2124 + isr->saidx.dst.sa.sa_len);
3107 + isr->saidx.src.sa.sa_len + isr->saidx.dst.sa.sa_len;
3201 key_newsah(const struct secasindex *saidx)
3206 KASSERT(saidx != NULL);
3211 newsah->saidx = *saidx;
3429 key_getsah(const struct secasindex *saidx, int flag)
3433 SAHLIST_READER_FOREACH_SAIDX(sah, saidx) {
3436 if (key_saidx_match(&sah->saidx, saidx, flag))
3451 key_getsah_ref(const struct secasindex *saidx, int flag)
3457 sah = key_getsah(saidx, flag);
3473 key_checkspidup(const struct secasindex *saidx, u_int32_t spi)
3479 if (saidx->src.sa.sa_family != saidx->dst.sa.sa_family) {
3482 saidx->src.sa.sa_family, saidx->dst.sa.sa_family);
3490 if (!key_ismyaddr((struct sockaddr *)&sah->saidx.dst))
3819 switch (sav->sah->saidx.proto) {
3831 switch (sav->sah->saidx.proto) {
3837 sav->sah->saidx.proto,
3846 sav->sah->saidx.proto,
3856 switch (sav->sah->saidx.proto) {
3934 m = key_setsadbxsa2(sav->sah->saidx.mode,
3936 sav->sah->saidx.reqid);
3941 &sav->sah->saidx.src.sa,
3947 &sav->sah->saidx.dst.sa,
4008 key_portfromsaddr(&sav->sah->saidx.dst),
4016 key_portfromsaddr(&sav->sah->saidx.src),
5310 struct secasindex * saidx)
5321 memset(saidx, 0, sizeof(*saidx));
5322 saidx->proto = proto;
5323 saidx->mode = mode;
5324 saidx->reqid = reqid;
5325 memcpy(&saidx->src, src_u, src_u->sa.sa_len);
5326 memcpy(&saidx->dst, dst_u, dst_u->sa.sa_len);
5328 key_porttosaddr(&((saidx)->src), 0);
5329 key_porttosaddr(&((saidx)->dst), 0);
5375 struct secasindex saidx;
5414 error = key_setsecasidx(proto, mode, reqid, src, dst, &saidx);
5418 error = key_set_natt_ports(&saidx.src, &saidx.dst, mhp);
5423 spi = key_do_getnewspi(mhp->ext[SADB_EXT_SPIRANGE], &saidx);
5428 sah = key_getsah_ref(&saidx, CMP_REQID);
5431 sah = key_newsah(&saidx);
5528 const struct secasindex *saidx)
5543 if (saidx->proto == IPPROTO_IPCOMP) {
5555 if (key_checkspidup(saidx, htonl(spmin))) {
5573 if (!key_checkspidup(saidx, htonl(newspi)))
5656 key_porttosaddr(&sav->sah->saidx.src, sport->sadb_x_nat_t_port_port);
5657 key_porttosaddr(&sav->sah->saidx.dst, dport->sadb_x_nat_t_port_port);
5729 struct secasindex saidx;
5778 error = key_setsecasidx(proto, mode, reqid, src, dst, &saidx);
5782 error = key_set_natt_ports(&saidx.src, &saidx.dst, mhp);
5787 sah = key_getsah_ref(&saidx, CMP_REQID);
5822 if (sav->sah->saidx.proto != proto) {
5824 sav->sah->saidx.proto, proto);
5985 struct secasindex saidx;
6034 error = key_setsecasidx(proto, mode, reqid, src, dst, &saidx);
6038 error = key_set_natt_ports(&saidx.src, &saidx.dst, mhp);
6043 sah = key_getsah_ref(&saidx, CMP_REQID);
6046 sah = key_newsah(&saidx);
6261 struct secasindex saidx;
6303 error = key_setsecasidx(proto, IPSEC_MODE_ANY, 0, src, dst, &saidx);
6307 error = key_set_natt_ports(&saidx.src, &saidx.dst, mhp);
6312 sah = key_getsah_ref(&saidx, CMP_HEAD);
6349 struct secasindex saidx;
6358 error = key_setsecasidx(proto, IPSEC_MODE_ANY, 0, src, dst, &saidx);
6362 error = key_set_natt_ports(&saidx.src, &saidx.dst, mhp);
6366 sah = key_getsah_ref(&saidx, CMP_HEAD);
6416 struct secasindex saidx;
6444 error = key_setsecasidx(proto, IPSEC_MODE_ANY, 0, src, dst, &saidx);
6448 error = key_set_natt_ports(&saidx.src, &saidx.dst, mhp);
6457 sah = key_getsah(&saidx, CMP_HEAD);
6474 satype = key_proto2satype(sav->sah->saidx.proto);
6721 key_getprop(const struct secasindex *saidx, int mflag)
6728 switch (saidx->proto) {
6782 key_acquire(const struct secasindex *saidx, const struct secpolicy *sp, int mflag)
6793 KASSERT(saidx != NULL);
6794 satype = key_proto2satype(saidx->proto);
6795 KASSERTMSG(satype != 0, "null satype, protocol %u", saidx->proto);
6806 newacq = key_getacq(saidx);
6819 newacq = key_newacq(saidx);
6841 /* set sadb_address for saidx's. */
6842 m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC, &saidx->src.sa, FULLMASK,
6850 m = key_setsadbaddr(SADB_EXT_ADDRESS_DST, &saidx->dst.sa, FULLMASK,
6915 m = key_getprop(saidx, mflag);
7037 key_newacq(const struct secasindex *saidx)
7049 memcpy(&newacq->saidx, saidx, sizeof(newacq->saidx));
7058 key_getacq(const struct secasindex *saidx)
7065 if (key_saidx_match(saidx, &acq->saidx, CMP_EXACTLY))
7142 struct secasindex saidx;
7213 error = key_setsecasidx(proto, IPSEC_MODE_ANY, 0, src, dst, &saidx);
7217 error = key_set_natt_ports(&saidx.src, &saidx.dst, mhp);
7226 sah = key_getsah(&saidx, CMP_MODE_REQID);
7235 error = key_acquire(&saidx, NULL, M_WAITOK);
7450 satype = key_proto2satype(sav->sah->saidx.proto);
7463 m = key_setsadbxsa2(sav->sah->saidx.mode,
7464 sav->replay ? sav->replay->count : 0, sav->sah->saidx.reqid);
7489 m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC, &sav->sah->saidx.src.sa,
7494 m = key_setsadbaddr(SADB_EXT_ADDRESS_DST, &sav->sah->saidx.dst.sa,
7561 proto != sah->saidx.proto)
7629 proto != sah->saidx.proto)
7649 proto != sah->saidx.proto)
7653 satype = key_proto2satype(sah->saidx.proto);
8625 proto != sah->saidx.proto)
8644 proto != sah->saidx.proto)
8648 satype = key_proto2satype(sah->saidx.proto);
8766 hash = key_savluthash(&sav->sah->saidx.dst.sa,
8767 sav->sah->saidx.proto, hash_key, key_sad.savlutmask);
8776 * and destination address included in saidx.
8779 key_saidxhash(const struct secasindex *saidx, u_long mask)
8785 hash32 = saidx->proto;
8787 switch (saidx->src.sa.sa_family) {
8789 sin = &saidx->src.sin;
8792 sin = &saidx->dst.sin;
8797 sin6 = &saidx->src.sin6;
8800 sin6 = &saidx->dst.sin6;
Indexes created Tue Sep 30 10:09:55 GMT 2025