Lines Matching refs:sah
1024 struct secashead *sah; in key_allocsa_tcpmd5() local
1033 LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) { in key_allocsa_tcpmd5()
1036 kdebug_secash(sah, " ")); in key_allocsa_tcpmd5()
1037 if (sah->saidx.proto != IPPROTO_TCP) in key_allocsa_tcpmd5()
1039 if (!key_sockaddrcmp(&saidx->dst.sa, &sah->saidx.dst.sa, 0) && in key_allocsa_tcpmd5()
1040 !key_sockaddrcmp(&saidx->src.sa, &sah->saidx.src.sa, 0)) in key_allocsa_tcpmd5()
1043 if (sah != NULL) { in key_allocsa_tcpmd5()
1045 sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue); in key_allocsa_tcpmd5()
1047 sav = TAILQ_FIRST(&sah->savtree_alive); in key_allocsa_tcpmd5()
1077 struct secashead *sah; in key_allocsa_policy() local
1093 LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) { in key_allocsa_policy()
1096 kdebug_secash(sah, " ")); in key_allocsa_policy()
1097 if (key_cmpsaidx(&sah->saidx, saidx, CMP_MODE_REQID)) in key_allocsa_policy()
1100 if (sah != NULL) { in key_allocsa_policy()
1106 sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue); in key_allocsa_policy()
1108 sav = TAILQ_FIRST(&sah->savtree_alive); in key_allocsa_policy()
1172 sav->sah->saidx.proto == proto && in key_allocsa()
1174 &sav->sah->saidx.dst.sa, 0) == 0) in key_allocsa()
1201 struct secashead *sah; in key_allocsa_tunnel() local
1212 LIST_FOREACH(sah, SAHADDRHASH_HASH(&saidx), addrhash) { in key_allocsa_tunnel()
1213 if (IPSEC_MODE_TUNNEL != sah->saidx.mode) in key_allocsa_tunnel()
1215 if (proto != sah->saidx.proto) in key_allocsa_tunnel()
1217 if (key_sockaddrcmp(&src->sa, &sah->saidx.src.sa, 0) != 0) in key_allocsa_tunnel()
1219 if (key_sockaddrcmp(&dst->sa, &sah->saidx.dst.sa, 0) != 0) in key_allocsa_tunnel()
1223 sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue); in key_allocsa_tunnel()
1225 sav = TAILQ_FIRST(&sah->savtree_alive); in key_allocsa_tunnel()
1443 struct secashead *sah; in key_unlinksav() local
1458 TAILQ_REMOVE(&sav->sah->savtree_larval, sav, chain); in key_unlinksav()
1460 TAILQ_REMOVE(&sav->sah->savtree_alive, sav, chain); in key_unlinksav()
1465 sah = sav->sah; in key_unlinksav()
1469 key_freesah(&sah); in key_unlinksav()
2973 struct secashead *sah; in key_newsah() local
2975 sah = malloc(sizeof(struct secashead), M_IPSEC_SAH, in key_newsah()
2977 if (sah == NULL) { in key_newsah()
2981 TAILQ_INIT(&sah->savtree_larval); in key_newsah()
2982 TAILQ_INIT(&sah->savtree_alive); in key_newsah()
2983 sah->saidx = *saidx; in key_newsah()
2984 sah->state = SADB_SASTATE_DEAD; in key_newsah()
2985 SAH_INITREF(sah); in key_newsah()
2988 printf("%s: SAH(%p)\n", __func__, sah)); in key_newsah()
2989 KEYDBG(KEY_DATA, kdebug_secash(sah, NULL)); in key_newsah()
2990 return (sah); in key_newsah()
2996 struct secashead *sah = *psah; in key_freesah() local
3000 if (SAH_DELREF(sah) == 0) in key_freesah()
3004 printf("%s: last reference to SAH(%p)\n", __func__, sah)); in key_freesah()
3005 KEYDBG(KEY_DATA, kdebug_secash(sah, NULL)); in key_freesah()
3008 key_delsah(sah); in key_freesah()
3012 key_delsah(struct secashead *sah) in key_delsah() argument
3014 IPSEC_ASSERT(sah != NULL, ("NULL sah")); in key_delsah()
3015 IPSEC_ASSERT(sah->state == SADB_SASTATE_DEAD, in key_delsah()
3016 ("Attempt to free non DEAD SAH %p", sah)); in key_delsah()
3017 IPSEC_ASSERT(TAILQ_EMPTY(&sah->savtree_larval), in key_delsah()
3018 ("Attempt to free SAH %p with LARVAL SA", sah)); in key_delsah()
3019 IPSEC_ASSERT(TAILQ_EMPTY(&sah->savtree_alive), in key_delsah()
3020 ("Attempt to free SAH %p with ALIVE SA", sah)); in key_delsah()
3022 free(sah, M_IPSEC_SAH); in key_delsah()
3037 struct secashead *sah; in key_newsav() local
3047 sah = NULL; in key_newsav()
3117 sah = key_getsah(saidx); in key_newsav()
3118 if (sah == NULL) { in key_newsav()
3120 sah = key_newsah(saidx); in key_newsav()
3121 if (sah == NULL) { in key_newsav()
3131 sav->sah = sah; in key_newsav()
3152 if (isnew == 0 && sah->state == SADB_SASTATE_DEAD) { in key_newsav()
3154 key_freesah(&sah); /* reference from key_getsah() */ in key_newsav()
3166 TAILQ_INSERT_HEAD(&V_sahtree, sah, chain); in key_newsav()
3168 LIST_INSERT_HEAD(SAHADDRHASH_HASH(saidx), sah, addrhash); in key_newsav()
3170 sah->state = SADB_SASTATE_MATURE; in key_newsav()
3176 SAH_ADDREF(sah); in key_newsav()
3180 TAILQ_INSERT_HEAD(&sah->savtree_alive, sav, chain); in key_newsav()
3183 TAILQ_INSERT_HEAD(&sah->savtree_larval, sav, chain); in key_newsav()
3206 if (sah != NULL) in key_newsav()
3207 key_freesah(&sah); in key_newsav()
3306 struct secashead *sah; in key_getsah() local
3309 LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) { in key_getsah()
3310 if (key_cmpsaidx(&sah->saidx, saidx, CMP_MODE_REQID) != 0) { in key_getsah()
3311 SAH_ADDREF(sah); in key_getsah()
3316 return (sah); in key_getsah()
3464 error = key_setident(sav->sah, mhp); in key_setsaval()
3762 m = key_setsadbxsa2(sav->sah->saidx.mode, replay_count, in key_setdumpsa()
3763 sav->sah->saidx.reqid); in key_setdumpsa()
3780 &sav->sah->saidx.src.sa, in key_setdumpsa()
3788 &sav->sah->saidx.dst.sa, in key_setdumpsa()
4699 struct secashead *sah, *nextsah; in key_flush_sad() local
4710 TAILQ_FOREACH(sah, &V_sahtree, chain) { in key_flush_sad()
4712 if (TAILQ_EMPTY(&sah->savtree_larval) && in key_flush_sad()
4713 TAILQ_EMPTY(&sah->savtree_alive)) { in key_flush_sad()
4714 SAH_ADDREF(sah); in key_flush_sad()
4715 LIST_INSERT_HEAD(&emptyq, sah, drainq); in key_flush_sad()
4719 TAILQ_FOREACH(sav, &sah->savtree_larval, chain) { in key_flush_sad()
4725 TAILQ_FOREACH(sav, &sah->savtree_alive, chain) { in key_flush_sad()
4796 TAILQ_REMOVE(&sav->sah->savtree_larval, sav, chain); in key_flush_sad()
4813 TAILQ_REMOVE(&sav->sah->savtree_alive, sav, chain); in key_flush_sad()
4837 sah = LIST_FIRST(&emptyq); in key_flush_sad()
4838 while (sah != NULL) { in key_flush_sad()
4839 nextsah = LIST_NEXT(sah, drainq); in key_flush_sad()
4841 if (sah->state == SADB_SASTATE_DEAD || in key_flush_sad()
4842 !TAILQ_EMPTY(&sah->savtree_larval) || in key_flush_sad()
4843 !TAILQ_EMPTY(&sah->savtree_alive)) { in key_flush_sad()
4844 LIST_REMOVE(sah, drainq); in key_flush_sad()
4845 key_freesah(&sah); /* release extra reference */ in key_flush_sad()
4846 sah = nextsah; in key_flush_sad()
4849 TAILQ_REMOVE(&V_sahtree, sah, chain); in key_flush_sad()
4850 LIST_REMOVE(sah, addrhash); in key_flush_sad()
4851 sah->state = SADB_SASTATE_DEAD; in key_flush_sad()
4852 sah = nextsah; in key_flush_sad()
4861 key_freesah(&sav->sah); /* release reference from SAV */ in key_flush_sad()
4877 key_freesah(&sav->sah); /* release reference from SAV */ in key_flush_sad()
4890 sah = LIST_FIRST(&emptyq); in key_flush_sad()
4891 while (sah != NULL) { in key_flush_sad()
4892 nextsah = LIST_NEXT(sah, drainq); in key_flush_sad()
4893 key_freesah(&sah); /* release extra reference */ in key_flush_sad()
4894 key_freesah(&sah); /* release last reference */ in key_flush_sad()
4895 sah = nextsah; in key_flush_sad()
5294 struct secashead *sah; in key_getsav_tcpmd5() local
5299 LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) { in key_getsav_tcpmd5()
5300 if (sah->saidx.proto != IPPROTO_TCP) in key_getsav_tcpmd5()
5302 if (!key_sockaddrcmp(&saidx->dst.sa, &sah->saidx.dst.sa, 0) && in key_getsav_tcpmd5()
5303 !key_sockaddrcmp(&saidx->src.sa, &sah->saidx.src.sa, 0)) in key_getsav_tcpmd5()
5306 if (sah != NULL) { in key_getsav_tcpmd5()
5308 sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue); in key_getsav_tcpmd5()
5310 sav = TAILQ_FIRST(&sah->savtree_alive); in key_getsav_tcpmd5()
5344 struct secashead *sah; in key_updateaddresses() local
5373 sah = key_getsah(saidx); in key_updateaddresses()
5374 if (sah == NULL) { in key_updateaddresses()
5376 sah = key_newsah(saidx); in key_updateaddresses()
5377 if (sah == NULL) { in key_updateaddresses()
5390 if (sav->sah->saidx.proto != IPPROTO_ESP || in key_updateaddresses()
5400 sah = sav->sah; in key_updateaddresses()
5445 newsav->sah = sah; in key_updateaddresses()
5466 TAILQ_REMOVE(&sav->sah->savtree_alive, sav, chain); in key_updateaddresses()
5475 TAILQ_FOREACH(tmp, &sah->savtree_alive, chain) { in key_updateaddresses()
5482 TAILQ_INSERT_TAIL(&sah->savtree_alive, newsav, chain); in key_updateaddresses()
5489 TAILQ_INSERT_HEAD(&V_sahtree, sah, chain); in key_updateaddresses()
5490 LIST_INSERT_HEAD(SAHADDRHASH_HASH(saidx), sah, addrhash); in key_updateaddresses()
5491 sah->state = SADB_SASTATE_MATURE; in key_updateaddresses()
5492 SAH_ADDREF(sah); /* newsav references new SAH */ in key_updateaddresses()
5525 key_freesah(&sah); in key_updateaddresses()
5648 if (key_cmpsaidx(&sav->sah->saidx, &saidx, CMP_MODE_REQID) == 0) { in key_update()
5688 TAILQ_REMOVE(&sav->sah->savtree_larval, sav, chain); in key_update()
5689 TAILQ_INSERT_HEAD(&sav->sah->savtree_alive, sav, chain); in key_update()
5964 if (sav->sah->saidx.proto != IPPROTO_ESP) in key_setnatt()
6042 if (sav->sah->saidx.mode != IPSEC_MODE_TUNNEL) { in key_setnatt()
6057 sav->sah->saidx.src.sin.sin_addr.s_addr) { in key_setnatt()
6061 addr = sav->sah->saidx.src.sin.sin_addr.s_addr; in key_setnatt()
6080 &sav->sah->saidx.src.sin6.sin6_addr.s6_addr, in key_setnatt()
6087 ~sav->sah->saidx.src.sin6.sin6_addr.s6_addr16[i]); in key_setnatt()
6114 sav->sah->saidx.dst.sin.sin_addr.s_addr) { in key_setnatt()
6118 addr = sav->sah->saidx.dst.sin.sin_addr.s_addr; in key_setnatt()
6137 &sav->sah->saidx.dst.sin6.sin6_addr.s6_addr, 16) != 0) { in key_setnatt()
6143 ~sav->sah->saidx.dst.sin6.sin6_addr.s6_addr16[i]); in key_setnatt()
6163 key_setident(struct secashead *sah, const struct sadb_msghdr *mhp) in key_setident() argument
6167 IPSEC_ASSERT(sah != NULL, ("null secashead")); in key_setident()
6174 sah->idents = NULL; in key_setident()
6175 sah->identd = NULL; in key_setident()
6200 sah->idents = NULL; in key_setident()
6201 sah->identd = NULL; in key_setident()
6206 sah->idents = malloc(sizeof(struct secident), M_IPSEC_MISC, M_NOWAIT); in key_setident()
6207 if (sah->idents == NULL) { in key_setident()
6211 sah->identd = malloc(sizeof(struct secident), M_IPSEC_MISC, M_NOWAIT); in key_setident()
6212 if (sah->identd == NULL) { in key_setident()
6213 free(sah->idents, M_IPSEC_MISC); in key_setident()
6214 sah->idents = NULL; in key_setident()
6218 sah->idents->type = idsrc->sadb_ident_type; in key_setident()
6219 sah->idents->id = idsrc->sadb_ident_id; in key_setident()
6221 sah->identd->type = iddst->sadb_ident_type; in key_setident()
6222 sah->identd->id = iddst->sadb_ident_id; in key_setident()
6345 if (key_cmpsaidx(&sav->sah->saidx, &saidx, CMP_HEAD) == 0) { in key_delete()
6389 struct secashead *sah; in key_delete_all() local
6394 LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) { in key_delete_all()
6395 if (key_cmpsaidx(&sah->saidx, saidx, CMP_HEAD) == 0) in key_delete_all()
6398 TAILQ_CONCAT(&drainq, &sah->savtree_alive, chain); in key_delete_all()
6414 key_freesah(&sav->sah); /* release reference from SAV */ in key_delete_all()
6452 struct secashead *sah; in key_delete_xform() local
6457 TAILQ_FOREACH(sah, &V_sahtree, chain) { in key_delete_xform()
6458 sav = TAILQ_FIRST(&sah->savtree_alive); in key_delete_xform()
6467 TAILQ_CONCAT(&drainq, &sah->savtree_alive, chain); in key_delete_xform()
6484 key_freesah(&sav->sah); /* release reference from SAV */ in key_delete_xform()
6560 if (key_cmpsaidx(&sav->sah->saidx, &saidx, CMP_HEAD) == 0) { in key_get()
6572 if ((satype = key_proto2satype(sav->sah->saidx.proto)) == 0) { in key_get()
7277 struct secashead *sah; in key_acquire2() local
7369 LIST_FOREACH(sah, SAHADDRHASH_HASH(&saidx), addrhash) { in key_acquire2()
7370 if (key_cmpsaidx(&sah->saidx, &saidx, CMP_MODE_REQID)) in key_acquire2()
7374 if (sah != NULL) { in key_acquire2()
7598 IPSEC_ASSERT (sav->sah != NULL, ("null sa header")); in key_expire()
7605 satype = key_proto2satype(sav->sah->saidx.proto); in key_expire()
7627 m = key_setsadbxsa2(sav->sah->saidx.mode, replay_count, in key_expire()
7628 sav->sah->saidx.reqid); in key_expire()
7682 &sav->sah->saidx.src.sa, in key_expire()
7692 &sav->sah->saidx.dst.sa, in key_expire()
7737 struct secashead *sah, *nextsah; in key_freesah_flushed() local
7740 sah = TAILQ_FIRST(flushq); in key_freesah_flushed()
7741 while (sah != NULL) { in key_freesah_flushed()
7742 sav = TAILQ_FIRST(&sah->savtree_larval); in key_freesah_flushed()
7745 TAILQ_REMOVE(&sah->savtree_larval, sav, chain); in key_freesah_flushed()
7747 key_freesah(&sah); /* release reference from SAV */ in key_freesah_flushed()
7750 sav = TAILQ_FIRST(&sah->savtree_alive); in key_freesah_flushed()
7753 TAILQ_REMOVE(&sah->savtree_alive, sav, chain); in key_freesah_flushed()
7755 key_freesah(&sah); /* release reference from SAV */ in key_freesah_flushed()
7758 nextsah = TAILQ_NEXT(sah, chain); in key_freesah_flushed()
7759 key_freesah(&sah); /* release last reference */ in key_freesah_flushed()
7760 sah = nextsah; in key_freesah_flushed()
7781 struct secashead *sah, *nextsah; in key_flush() local
7812 TAILQ_FOREACH(sah, &flushq, chain) { in key_flush()
7813 sah->state = SADB_SASTATE_DEAD; in key_flush()
7821 TAILQ_FOREACH(sav, &sah->savtree_larval, chain) { in key_flush()
7825 TAILQ_FOREACH(sav, &sah->savtree_alive, chain) { in key_flush()
7833 sah = TAILQ_FIRST(&V_sahtree); in key_flush()
7834 while (sah != NULL) { in key_flush()
7835 IPSEC_ASSERT(sah->state != SADB_SASTATE_DEAD, in key_flush()
7836 ("DEAD SAH %p in SADB_FLUSH", sah)); in key_flush()
7837 nextsah = TAILQ_NEXT(sah, chain); in key_flush()
7838 if (sah->saidx.proto != proto) { in key_flush()
7839 sah = nextsah; in key_flush()
7842 sah->state = SADB_SASTATE_DEAD; in key_flush()
7843 TAILQ_REMOVE(&V_sahtree, sah, chain); in key_flush()
7844 LIST_REMOVE(sah, addrhash); in key_flush()
7846 TAILQ_FOREACH(sav, &sah->savtree_larval, chain) { in key_flush()
7851 TAILQ_FOREACH(sav, &sah->savtree_alive, chain) { in key_flush()
7857 TAILQ_INSERT_HEAD(&flushq, sah, chain); in key_flush()
7858 sah = nextsah; in key_flush()
7898 struct secashead *sah; in key_dump() local
7920 TAILQ_FOREACH(sah, &V_sahtree, chain) { in key_dump()
7922 proto != sah->saidx.proto) in key_dump()
7925 TAILQ_FOREACH(sav, &sah->savtree_larval, chain) in key_dump()
7927 TAILQ_FOREACH(sav, &sah->savtree_alive, chain) in key_dump()
7938 TAILQ_FOREACH(sah, &V_sahtree, chain) { in key_dump()
7940 proto != sah->saidx.proto) in key_dump()
7944 if ((satype = key_proto2satype(sah->saidx.proto)) == 0) { in key_dump()
7951 TAILQ_FOREACH(sav, &sah->savtree_larval, chain) { in key_dump()
7961 TAILQ_FOREACH(sav, &sah->savtree_alive, chain) { in key_dump()
8669 struct secashead *sah; in key_vnet_destroy() local
8703 TAILQ_FOREACH(sah, &sahdrainq, chain) { in key_vnet_destroy()
8704 sah->state = SADB_SASTATE_DEAD; in key_vnet_destroy()
8705 TAILQ_FOREACH(sav, &sah->savtree_larval, chain) { in key_vnet_destroy()
8709 TAILQ_FOREACH(sav, &sah->savtree_alive, chain) { in key_vnet_destroy()