| /freebsd/sys/netipsec/ |
| H A D | ipsec.c | 1211 check_window(const struct secreplay *replay, uint64_t seq) in check_window() argument
1215 SECREPLAY_ASSERT(replay); in check_window()
1219 & IPSEC_BITMAP_INDEX_MASK(replay->bitmap_size); in check_window()
1222 return ((replay->bitmap)[index] & (1 << bit_location)); in check_window()
1226 advance_window(const struct secreplay *replay, uint64_t seq) in advance_window() argument
1231 SECREPLAY_ASSERT(replay); in advance_window()
1233 index_cur = replay->last >> IPSEC_REDUNDANT_BIT_SHIFTS; in advance_window()
1237 if (diff > replay->bitmap_size) { in advance_window()
1239 diff = replay->bitmap_size; in advance_window()
1243 replay->bitmap[(i + index_cur + 1) in advance_window()
[all …]
|
| H A D | xform_ah.c | 197 if (((sav->flags&SADB_X_EXT_OLD) == 0) ^ (sav->replay != NULL)) { in ah_init0()
201 sav->replay == NULL ? "without" : "with")); in ah_init0()
569 if (sav->replay != NULL && sav->replay->wsize != 0 && in ah_input()
665 sav->replay != NULL && sav->replay->wsize != 0) { in ah_input()
790 if (sav->replay) { in ah_input_cb()
961 if (sav->replay) { in ah_output()
962 SECREPLAY_LOCK(sav->replay); in ah_output()
963 if ((sav->replay->count == ~0 || in ah_output()
965 ((uint32_t)sav->replay->count) == ~0)) && in ah_output()
967 SECREPLAY_UNLOCK(sav->replay); in ah_output()
[all …]
|
| H A D | xform_esp.c | 124 if (sav->tdb_authalgxform != NULL && sav->replay) in esp_hdrsiz()
340 if (esph != NULL && sav->replay != NULL && sav->replay->wsize != 0) { in esp_input()
383 (sav->replay != NULL) && (sav->replay->wsize != 0)) { in esp_input()
411 sav->replay != NULL && sav->replay->wsize != 0) in esp_input()
587 if (sav->replay) { in esp_input_cb()
814 if (sav->replay) { in esp_output()
815 uint32_t replay; in esp_output() local
817 SECREPLAY_LOCK(sav->replay); in esp_output()
822 sav->replay->count++; in esp_output()
823 replay = htonl((uint32_t)sav->replay->count); in esp_output()
[all …]
|
| H A D | key_debug.c | 493 struct sadb_x_sa_replay *replay; in kdebug_sadb_x_sa_replay() local
499 replay = (struct sadb_x_sa_replay *)ext; in kdebug_sadb_x_sa_replay()
501 replay->sadb_x_sa_replay_replay); in kdebug_sadb_x_sa_replay()
887 if (sav->replay != NULL) { in kdebug_secasv()
892 kdebug_secreplay(sav->replay); in kdebug_secasv()
|
| H A D | key.c | 3246 if (sav->replay != NULL) { in key_cleansav()
3247 mtx_destroy(&sav->replay->lock); in key_cleansav()
3248 if (sav->replay->bitmap != NULL) in key_cleansav()
3249 free(sav->replay->bitmap, M_IPSEC_MISC); in key_cleansav()
3250 free(sav->replay, M_IPSEC_MISC); in key_cleansav()
3251 sav->replay = NULL; in key_cleansav()
3456 uint32_t replay; in key_setsaval() local
3489 replay = 0; in key_setsaval()
3491 replay = sa0->sadb_sa_replay; in key_setsaval()
3497 replay = ((const struct sadb_x_sa_replay *) in key_setsaval()
[all …]
|
| H A D | keydb.h | 161 struct secreplay *replay; /* replay prevention */
158 struct secreplay *replay; /* replay prevention */ global() member
|
| /freebsd/sys/ofed/drivers/infiniband/core/ |
| H A D | ib_uverbs_std_types_flow_action.c | 91 static int flow_action_esp_replay_none(struct ib_flow_action_attrs_esp_replays *replay, in flow_action_esp_replay_none() argument
102 static int flow_action_esp_replay_def_ok(struct ib_flow_action_attrs_esp_replays *replay, in flow_action_esp_replay_def_ok() argument
111 …ic int (* const flow_action_esp_replay_validate[])(struct ib_flow_action_attrs_esp_replays *replay,
221 struct ib_flow_action_attrs_esp_replays replay; member
279 esp_attr->replay.protocol = in parse_flow_action_esp()
283 ret = uverbs_copy_from_or_zero(&esp_attr->replay.replay, in parse_flow_action_esp()
289 ret = flow_action_esp_replay_validate[esp_attr->replay.protocol](&esp_attr->replay, in parse_flow_action_esp()
294 esp_attr->hdr.replay = &esp_attr->replay; in parse_flow_action_esp()
|
| /freebsd/sbin/setkey/ |
| H A D | scriptdump.pl | 36 $replay = $2;
39 print " -m $ipsecmode -r $replay" if $replay;
|
| /freebsd/contrib/libxo/xolint/ |
| H A D | xolint.pl | 138 local $ln, $rln, $line, $replay;
174 $replay = $curln . " " . $line;
229 $replay .= $curln . " " . $line;
681 print STDERR $replay . "\n" if $opt_print;
688 print STDERR $replay . "\n" if $opt_print;
695 print STDERR $replay . "\n" if $opt_print;
|
| /freebsd/sys/dev/mlx5/mlx5_accel/ |
| H A D | mlx5_ipsec.c | 227 if (savp->replay) { in mlx5e_ipsec_build_accel_xfrm_attrs()
228 switch (savp->replay->wsize) { in mlx5e_ipsec_build_accel_xfrm_attrs()
307 if (savp->replay && savp->replay->wsize != 0 && savp->replay->wsize != 4 && in mlx5e_xfrm_validate_state()
308 savp->replay->wsize != 8 && savp->replay->wsize != 16 && savp->replay->wsize != 32) { in mlx5e_xfrm_validate_state()
309 mlx5_core_err(mdev, "Unsupported replay window size %d\n", savp->replay->wsize); in mlx5e_xfrm_validate_state()
318 } else if (savp->replay != NULL && savp->replay->wsize != 0) { in mlx5e_xfrm_validate_state()
|
| /freebsd/crypto/heimdal/lib/krb5/ |
| H A D | krb5_err.et | 47 error_code ERR_REPEAT, "Request is a replay"
165 error_code KRB5_RC_MALLOC, "No more memory to allocate (in replay cache code)"
168 error_code KRB5_RC_REPLAY, "Message is a replay"
173 error_code KRB5_RC_IO_EOF, "End-of-file on replay cache I/O"
174 error_code KRB5_RC_IO_MALLOC, "No more memory to allocate (in replay cache I/O code)"
175 error_code KRB5_RC_IO_PERM, "Permission denied in replay cache code"
176 error_code KRB5_RC_IO_IO, "I/O error in replay cache i/o code"
178 error_code KRB5_RC_IO_SPACE, "Insufficient system space to store replay information"
237 error_code KRB5_RCACHE_BADVNO, "Unsupported replay cache format version number"
245 error_code KRB5_RC_REQUIRED, "Message replay detection requires rcache parameter"
|
| /freebsd/crypto/openssl/doc/man3/ |
| H A D | SSL_read_early_data.pod | 69 additional considerations around replay attacks (see L</REPLAY PROTECTION>
206 early data setting for a server is nonzero then replay protection is
231 is accepted or not, for example to mitigate replay risks (see L</REPLAY PROTECTION>
239 in which case this callback will not get called. Notably, the built-in replay
293 mitigation for this issue OpenSSL automatically enables replay protection if the
294 server is configured with a nonzero max early data value. With replay
301 The replay protection mechanism relies on the internal OpenSSL server session
302 cache (see L<SSL_CTX_set_session_cache_mode(3)>). When replay protection is
316 result in an application becoming vulnerable to replay attacks. Note that
322 the possibility of replay attacks.
[all …]
|
| /freebsd/crypto/krb5/src/lib/krb5/error_tables/ |
| H A D | krb5_err.et | 77 error_code KRB5KRB_AP_ERR_REPEAT, "Request is a replay"
219 error_code KRB5_RC_MALLOC, "No more memory to allocate (in replay cache code)"
222 error_code KRB5_RC_REPLAY, "Message is a replay"
227 error_code KRB5_RC_IO_EOF, "End-of-file on replay cache I/O"
228 error_code KRB5_RC_IO_MALLOC, "No more memory to allocate (in replay cache I/O code)"
229 error_code KRB5_RC_IO_PERM, "Permission denied in replay cache code"
230 error_code KRB5_RC_IO_IO, "I/O error in replay cache i/o code"
232 error_code KRB5_RC_IO_SPACE, "Insufficient system space to store replay information"
291 error_code KRB5_RCACHE_BADVNO, "Unsupported replay cache format version number"
299 error_code KRB5_RC_REQUIRED, "Message replay detection requires rcache parameter"
|
| /freebsd/crypto/heimdal/lib/kadm5/ |
| H A D | iprop-commands.in | 74 name = "replay"
78 help = "start replay with this version"
85 help = "end replay with this version"
|
| /freebsd/crypto/krb5/src/lib/krb5/krb/ |
| H A D | chpw.c | 22 krb5_replay_data replay; in krb5int_mk_chpw_req() local
34 &clearpw, &cipherpw, &replay))) in krb5int_mk_chpw_req()
115 krb5_replay_data replay; in get_clear_result() local
179 ret = krb5_rd_priv(context, auth_context, &cipher, &clear, &replay); in get_clear_result()
|
| /freebsd/crypto/krb5/src/kadmin/server/ |
| H A D | schpw.c | 34 krb5_replay_data replay; in process_chpw_request() local
161 ret = krb5_rd_priv(context, auth_context, &cipher, &clear, &replay); in process_chpw_request()
299 &replay); in process_chpw_request()
|
| /freebsd/krb5/libexec/kdc/ |
| H A D | Makefile | 34 replay.c \
|
| /freebsd/contrib/file/magic/Magdir/ |
| H A D | virtual | 103 # LogVersion. If not 0 there is a log to replay
325 # QEMU replay image
327 # URL: https://www.qemu.org/docs/master/system/replay.html
328 # Reference: https://gitlab.com/qemu/qemu/-/blob/master/replay/replay.c
332 >>>12 ulelong <40 QEMU replay
|
| /freebsd/contrib/wpa/wpa_supplicant/doc/docbook/ |
| H A D | wpa_background.sgml | 44 makes attacks easier, there is no replay protection, and non-keyed
52 per-packet RC4 keys. In addition, it implements replay protection,
|
| /freebsd/sys/modules/krpc/ |
| H A D | Makefile | 17 replay.c \
|
| /freebsd/contrib/googletest/googlemock/ |
| H A D | README.md | 24 - Does automatic verification of expectations (no record-and-replay needed).
|
| /freebsd/crypto/heimdal/kdc/ |
| H A D | Makefile.in | 52 noinst_PROGRAMS = kdc-replay$(EXEEXT)
180 kdc_replay_SOURCES = kdc-replay.c
181 kdc_replay_OBJECTS = kdc-replay.$(OBJEXT)
211 $(hprop_SOURCES) $(hpropd_SOURCES) $(kdc_SOURCES) kdc-replay.c \
214 $(hprop_SOURCES) $(hpropd_SOURCES) $(kdc_SOURCES) kdc-replay.c \
779 kdc-replay$(EXEEXT): $(kdc_replay_OBJECTS) $(kdc_replay_DEPENDENCIES)
780 @rm -f kdc-replay$(EXEEXT)
804 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kdc-replay.Po@am__quote@
|
| H A D | Makefile.am | 15 noinst_PROGRAMS = kdc-replay
|
| /freebsd/sys/dev/evdev/ |
| H A D | input.h | 238 struct ff_replay replay; member
|
| /freebsd/crypto/heimdal/doc/ |
| H A D | whatis.texi | 128 It would be possible to add a @dfn{replay cache}
129 @cindex replay cache
|