xref: /freebsd/lib/libipsec/pfkey.c (revision ca987d4641cdcd7f27e153db17c5bf064934faf5)
1 /*	$KAME: pfkey.c,v 1.46 2003/08/26 03:37:06 itojun Exp $	*/
2 
3 /*
4  * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
5  * All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  * 2. Redistributions in binary form must reproduce the above copyright
13  *    notice, this list of conditions and the following disclaimer in the
14  *    documentation and/or other materials provided with the distribution.
15  * 3. Neither the name of the project nor the names of its contributors
16  *    may be used to endorse or promote products derived from this software
17  *    without specific prior written permission.
18  *
19  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
20  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
23  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29  * SUCH DAMAGE.
30  */
31 
32 #include <sys/cdefs.h>
33 __FBSDID("$FreeBSD$");
34 
35 #include <sys/types.h>
36 #include <sys/param.h>
37 #include <sys/socket.h>
38 #include <net/pfkeyv2.h>
39 #include <netipsec/key_var.h>
40 #include <netinet/in.h>
41 #include <netipsec/ipsec.h>
42 
43 #include <stdlib.h>
44 #include <stdint.h>
45 #include <unistd.h>
46 #include <string.h>
47 #include <errno.h>
48 
49 #include "ipsec_strerror.h"
50 #include "libpfkey.h"
51 
52 #define CALLOC(size, cast) (cast)calloc(1, (size))
53 
54 static int findsupportedmap(int);
55 static int setsupportedmap(struct sadb_supported *);
56 static struct sadb_alg *findsupportedalg(u_int, u_int);
57 static int pfkey_send_x1(int, u_int, u_int, u_int, struct sockaddr *,
58 	struct sockaddr *, u_int32_t, u_int32_t, u_int, caddr_t,
59 	u_int, u_int, u_int, u_int, u_int, u_int32_t, u_int32_t,
60 	u_int32_t, u_int32_t, u_int32_t);
61 static int pfkey_send_x2(int, u_int, u_int, u_int,
62 	struct sockaddr *, struct sockaddr *, u_int32_t);
63 static int pfkey_send_x3(int, u_int, u_int);
64 static int pfkey_send_x4(int, u_int, struct sockaddr *, u_int,
65 	struct sockaddr *, u_int, u_int, u_int64_t, u_int64_t,
66 	char *, int, u_int32_t);
67 static int pfkey_send_x5(int, u_int, u_int32_t);
68 
69 static caddr_t pfkey_setsadbmsg(caddr_t, caddr_t, u_int, u_int,
70 	u_int, u_int32_t, pid_t);
71 static caddr_t pfkey_setsadbsa(caddr_t, caddr_t, u_int32_t, u_int,
72 	u_int, u_int, u_int32_t);
73 static caddr_t pfkey_setsadbxreplay(caddr_t, caddr_t, uint32_t);
74 static caddr_t pfkey_setsadbaddr(caddr_t, caddr_t, u_int,
75 	struct sockaddr *, u_int, u_int);
76 static caddr_t pfkey_setsadbkey(caddr_t, caddr_t, u_int, caddr_t, u_int);
77 static caddr_t pfkey_setsadblifetime(caddr_t, caddr_t, u_int, u_int32_t,
78 	u_int32_t, u_int32_t, u_int32_t);
79 static caddr_t pfkey_setsadbxsa2(caddr_t, caddr_t, u_int32_t, u_int32_t);
80 
81 /*
82  * make and search supported algorithm structure.
83  */
84 static struct sadb_supported *ipsec_supported[] = { NULL, NULL, NULL, NULL };
85 
86 static int supported_map[] = {
87 	SADB_SATYPE_AH,
88 	SADB_SATYPE_ESP,
89 	SADB_X_SATYPE_IPCOMP,
90 	SADB_X_SATYPE_TCPSIGNATURE
91 };
92 
93 static int
94 findsupportedmap(satype)
95 	int satype;
96 {
97 	int i;
98 
99 	for (i = 0; i < sizeof(supported_map)/sizeof(supported_map[0]); i++)
100 		if (supported_map[i] == satype)
101 			return i;
102 	return -1;
103 }
104 
105 static struct sadb_alg *
106 findsupportedalg(satype, alg_id)
107 	u_int satype, alg_id;
108 {
109 	int algno;
110 	int tlen;
111 	caddr_t p;
112 
113 	/* validity check */
114 	algno = findsupportedmap(satype);
115 	if (algno == -1) {
116 		__ipsec_errcode = EIPSEC_INVAL_ARGUMENT;
117 		return NULL;
118 	}
119 	if (ipsec_supported[algno] == NULL) {
120 		__ipsec_errcode = EIPSEC_DO_GET_SUPP_LIST;
121 		return NULL;
122 	}
123 
124 	tlen = ipsec_supported[algno]->sadb_supported_len
125 		- sizeof(struct sadb_supported);
126 	p = (caddr_t)(ipsec_supported[algno] + 1);
127 	while (tlen > 0) {
128 		if (tlen < sizeof(struct sadb_alg)) {
129 			/* invalid format */
130 			break;
131 		}
132 		if (((struct sadb_alg *)p)->sadb_alg_id == alg_id)
133 			return (struct sadb_alg *)p;
134 
135 		tlen -= sizeof(struct sadb_alg);
136 		p += sizeof(struct sadb_alg);
137 	}
138 
139 	__ipsec_errcode = EIPSEC_NOT_SUPPORTED;
140 	return NULL;
141 }
142 
143 static int
144 setsupportedmap(sup)
145 	struct sadb_supported *sup;
146 {
147 	struct sadb_supported **ipsup;
148 
149 	switch (sup->sadb_supported_exttype) {
150 	case SADB_EXT_SUPPORTED_AUTH:
151 		ipsup = &ipsec_supported[findsupportedmap(SADB_SATYPE_AH)];
152 		break;
153 	case SADB_EXT_SUPPORTED_ENCRYPT:
154 		ipsup = &ipsec_supported[findsupportedmap(SADB_SATYPE_ESP)];
155 		break;
156 	default:
157 		__ipsec_errcode = EIPSEC_INVAL_SATYPE;
158 		return -1;
159 	}
160 
161 	if (*ipsup)
162 		free(*ipsup);
163 
164 	*ipsup = malloc(sup->sadb_supported_len);
165 	if (!*ipsup) {
166 		__ipsec_set_strerror(strerror(errno));
167 		return -1;
168 	}
169 	memcpy(*ipsup, sup, sup->sadb_supported_len);
170 
171 	return 0;
172 }
173 
174 /*
175  * check key length against algorithm specified.
176  * This function is called with SADB_EXT_SUPPORTED_{AUTH,ENCRYPT} as the
177  * augument, and only calls to ipsec_check_keylen2();
178  * keylen is the unit of bit.
179  * OUT:
180  *	-1: invalid.
181  *	 0: valid.
182  */
183 int
184 ipsec_check_keylen(supported, alg_id, keylen)
185 	u_int supported;
186 	u_int alg_id;
187 	u_int keylen;
188 {
189 	int satype;
190 
191 	/* validity check */
192 	switch (supported) {
193 	case SADB_EXT_SUPPORTED_AUTH:
194 		satype = SADB_SATYPE_AH;
195 		break;
196 	case SADB_EXT_SUPPORTED_ENCRYPT:
197 		satype = SADB_SATYPE_ESP;
198 		break;
199 	default:
200 		__ipsec_errcode = EIPSEC_INVAL_ARGUMENT;
201 		return -1;
202 	}
203 
204 	return ipsec_check_keylen2(satype, alg_id, keylen);
205 }
206 
207 /*
208  * check key length against algorithm specified.
209  * satype is one of satype defined at pfkeyv2.h.
210  * keylen is the unit of bit.
211  * OUT:
212  *	-1: invalid.
213  *	 0: valid.
214  */
215 int
216 ipsec_check_keylen2(satype, alg_id, keylen)
217 	u_int satype;
218 	u_int alg_id;
219 	u_int keylen;
220 {
221 	struct sadb_alg *alg;
222 
223 	alg = findsupportedalg(satype, alg_id);
224 	if (!alg)
225 		return -1;
226 
227 	if (keylen < alg->sadb_alg_minbits || keylen > alg->sadb_alg_maxbits) {
228 		__ipsec_errcode = EIPSEC_INVAL_KEYLEN;
229 		return -1;
230 	}
231 
232 	__ipsec_errcode = EIPSEC_NO_ERROR;
233 	return 0;
234 }
235 
236 /*
237  * get max/min key length against algorithm specified.
238  * satype is one of satype defined at pfkeyv2.h.
239  * keylen is the unit of bit.
240  * OUT:
241  *	-1: invalid.
242  *	 0: valid.
243  */
244 int
245 ipsec_get_keylen(supported, alg_id, alg0)
246 	u_int supported, alg_id;
247 	struct sadb_alg *alg0;
248 {
249 	struct sadb_alg *alg;
250 	u_int satype;
251 
252 	/* validity check */
253 	if (!alg0) {
254 		__ipsec_errcode = EIPSEC_INVAL_ARGUMENT;
255 		return -1;
256 	}
257 
258 	switch (supported) {
259 	case SADB_EXT_SUPPORTED_AUTH:
260 		satype = SADB_SATYPE_AH;
261 		break;
262 	case SADB_EXT_SUPPORTED_ENCRYPT:
263 		satype = SADB_SATYPE_ESP;
264 		break;
265 	default:
266 		__ipsec_errcode = EIPSEC_INVAL_ARGUMENT;
267 		return -1;
268 	}
269 
270 	alg = findsupportedalg(satype, alg_id);
271 	if (!alg)
272 		return -1;
273 
274 	memcpy(alg0, alg, sizeof(*alg0));
275 
276 	__ipsec_errcode = EIPSEC_NO_ERROR;
277 	return 0;
278 }
279 
280 /*
281  * set the rate for SOFT lifetime against HARD one.
282  * If rate is more than 100 or equal to zero, then set to 100.
283  */
284 static u_int soft_lifetime_allocations_rate = PFKEY_SOFT_LIFETIME_RATE;
285 static u_int soft_lifetime_bytes_rate = PFKEY_SOFT_LIFETIME_RATE;
286 static u_int soft_lifetime_addtime_rate = PFKEY_SOFT_LIFETIME_RATE;
287 static u_int soft_lifetime_usetime_rate = PFKEY_SOFT_LIFETIME_RATE;
288 
289 u_int
290 pfkey_set_softrate(type, rate)
291 	u_int type, rate;
292 {
293 	__ipsec_errcode = EIPSEC_NO_ERROR;
294 
295 	if (rate > 100 || rate == 0)
296 		rate = 100;
297 
298 	switch (type) {
299 	case SADB_X_LIFETIME_ALLOCATIONS:
300 		soft_lifetime_allocations_rate = rate;
301 		return 0;
302 	case SADB_X_LIFETIME_BYTES:
303 		soft_lifetime_bytes_rate = rate;
304 		return 0;
305 	case SADB_X_LIFETIME_ADDTIME:
306 		soft_lifetime_addtime_rate = rate;
307 		return 0;
308 	case SADB_X_LIFETIME_USETIME:
309 		soft_lifetime_usetime_rate = rate;
310 		return 0;
311 	}
312 
313 	__ipsec_errcode = EIPSEC_INVAL_ARGUMENT;
314 	return 1;
315 }
316 
317 /*
318  * get current rate for SOFT lifetime against HARD one.
319  * ATTENTION: ~0 is returned if invalid type was passed.
320  */
321 u_int
322 pfkey_get_softrate(type)
323 	u_int type;
324 {
325 	switch (type) {
326 	case SADB_X_LIFETIME_ALLOCATIONS:
327 		return soft_lifetime_allocations_rate;
328 	case SADB_X_LIFETIME_BYTES:
329 		return soft_lifetime_bytes_rate;
330 	case SADB_X_LIFETIME_ADDTIME:
331 		return soft_lifetime_addtime_rate;
332 	case SADB_X_LIFETIME_USETIME:
333 		return soft_lifetime_usetime_rate;
334 	}
335 
336 	return ~0;
337 }
338 
339 /*
340  * sending SADB_GETSPI message to the kernel.
341  * OUT:
342  *	positive: success and return length sent.
343  *	-1	: error occured, and set errno.
344  */
345 int
346 pfkey_send_getspi(so, satype, mode, src, dst, min, max, reqid, seq)
347 	int so;
348 	u_int satype, mode;
349 	struct sockaddr *src, *dst;
350 	u_int32_t min, max, reqid, seq;
351 {
352 	struct sadb_msg *newmsg;
353 	caddr_t ep;
354 	int len;
355 	int need_spirange = 0;
356 	caddr_t p;
357 	int plen;
358 
359 	/* validity check */
360 	if (src == NULL || dst == NULL) {
361 		__ipsec_errcode = EIPSEC_INVAL_ARGUMENT;
362 		return -1;
363 	}
364 	if (src->sa_family != dst->sa_family) {
365 		__ipsec_errcode = EIPSEC_FAMILY_MISMATCH;
366 		return -1;
367 	}
368 	if (min > max || (min > 0 && min <= 255)) {
369 		__ipsec_errcode = EIPSEC_INVAL_SPI;
370 		return -1;
371 	}
372 	switch (src->sa_family) {
373 	case AF_INET:
374 		plen = sizeof(struct in_addr) << 3;
375 		break;
376 	case AF_INET6:
377 		plen = sizeof(struct in6_addr) << 3;
378 		break;
379 	default:
380 		__ipsec_errcode = EIPSEC_INVAL_FAMILY;
381 		return -1;
382 	}
383 
384 	/* create new sadb_msg to send. */
385 	len = sizeof(struct sadb_msg)
386 		+ sizeof(struct sadb_x_sa2)
387 		+ sizeof(struct sadb_address)
388 		+ PFKEY_ALIGN8(src->sa_len)
389 		+ sizeof(struct sadb_address)
390 		+ PFKEY_ALIGN8(dst->sa_len);
391 
392 	if (min > 255 && max < ~0) {
393 		need_spirange++;
394 		len += sizeof(struct sadb_spirange);
395 	}
396 
397 	if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) {
398 		__ipsec_set_strerror(strerror(errno));
399 		return -1;
400 	}
401 	ep = ((caddr_t)newmsg) + len;
402 
403 	p = pfkey_setsadbmsg((caddr_t)newmsg, ep, SADB_GETSPI,
404 	    len, satype, seq, getpid());
405 	if (!p) {
406 		free(newmsg);
407 		return -1;
408 	}
409 
410 	p = pfkey_setsadbxsa2(p, ep, mode, reqid);
411 	if (!p) {
412 		free(newmsg);
413 		return -1;
414 	}
415 
416 	/* set sadb_address for source */
417 	p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_SRC, src, plen,
418 	    IPSEC_ULPROTO_ANY);
419 	if (!p) {
420 		free(newmsg);
421 		return -1;
422 	}
423 
424 	/* set sadb_address for destination */
425 	p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_DST, dst, plen,
426 	    IPSEC_ULPROTO_ANY);
427 	if (!p) {
428 		free(newmsg);
429 		return -1;
430 	}
431 
432 	/* proccessing spi range */
433 	if (need_spirange) {
434 		struct sadb_spirange spirange;
435 
436 		if (p + sizeof(spirange) > ep) {
437 			free(newmsg);
438 			return -1;
439 		}
440 
441 		memset(&spirange, 0, sizeof(spirange));
442 		spirange.sadb_spirange_len = PFKEY_UNIT64(sizeof(spirange));
443 		spirange.sadb_spirange_exttype = SADB_EXT_SPIRANGE;
444 		spirange.sadb_spirange_min = min;
445 		spirange.sadb_spirange_max = max;
446 
447 		memcpy(p, &spirange, sizeof(spirange));
448 
449 		p += sizeof(spirange);
450 	}
451 	if (p != ep) {
452 		free(newmsg);
453 		return -1;
454 	}
455 
456 	/* send message */
457 	len = pfkey_send(so, newmsg, len);
458 	free(newmsg);
459 
460 	if (len < 0)
461 		return -1;
462 
463 	__ipsec_errcode = EIPSEC_NO_ERROR;
464 	return len;
465 }
466 
467 /*
468  * sending SADB_UPDATE message to the kernel.
469  * The length of key material is a_keylen + e_keylen.
470  * OUT:
471  *	positive: success and return length sent.
472  *	-1	: error occured, and set errno.
473  */
474 int
475 pfkey_send_update(so, satype, mode, src, dst, spi, reqid, wsize,
476 		keymat, e_type, e_keylen, a_type, a_keylen, flags,
477 		l_alloc, l_bytes, l_addtime, l_usetime, seq)
478 	int so;
479 	u_int satype, mode, wsize;
480 	struct sockaddr *src, *dst;
481 	u_int32_t spi, reqid;
482 	caddr_t keymat;
483 	u_int e_type, e_keylen, a_type, a_keylen, flags;
484 	u_int32_t l_alloc;
485 	u_int64_t l_bytes, l_addtime, l_usetime;
486 	u_int32_t seq;
487 {
488 	int len;
489 	if ((len = pfkey_send_x1(so, SADB_UPDATE, satype, mode, src, dst, spi,
490 			reqid, wsize,
491 			keymat, e_type, e_keylen, a_type, a_keylen, flags,
492 			l_alloc, l_bytes, l_addtime, l_usetime, seq)) < 0)
493 		return -1;
494 
495 	return len;
496 }
497 
498 /*
499  * sending SADB_ADD message to the kernel.
500  * The length of key material is a_keylen + e_keylen.
501  * OUT:
502  *	positive: success and return length sent.
503  *	-1	: error occured, and set errno.
504  */
505 int
506 pfkey_send_add(so, satype, mode, src, dst, spi, reqid, wsize,
507 		keymat, e_type, e_keylen, a_type, a_keylen, flags,
508 		l_alloc, l_bytes, l_addtime, l_usetime, seq)
509 	int so;
510 	u_int satype, mode, wsize;
511 	struct sockaddr *src, *dst;
512 	u_int32_t spi, reqid;
513 	caddr_t keymat;
514 	u_int e_type, e_keylen, a_type, a_keylen, flags;
515 	u_int32_t l_alloc;
516 	u_int64_t l_bytes, l_addtime, l_usetime;
517 	u_int32_t seq;
518 {
519 	int len;
520 	if ((len = pfkey_send_x1(so, SADB_ADD, satype, mode, src, dst, spi,
521 			reqid, wsize,
522 			keymat, e_type, e_keylen, a_type, a_keylen, flags,
523 			l_alloc, l_bytes, l_addtime, l_usetime, seq)) < 0)
524 		return -1;
525 
526 	return len;
527 }
528 
529 /*
530  * sending SADB_DELETE message to the kernel.
531  * OUT:
532  *	positive: success and return length sent.
533  *	-1	: error occured, and set errno.
534  */
535 int
536 pfkey_send_delete(so, satype, mode, src, dst, spi)
537 	int so;
538 	u_int satype, mode;
539 	struct sockaddr *src, *dst;
540 	u_int32_t spi;
541 {
542 	int len;
543 	if ((len = pfkey_send_x2(so, SADB_DELETE, satype, mode, src, dst, spi)) < 0)
544 		return -1;
545 
546 	return len;
547 }
548 
549 /*
550  * sending SADB_DELETE without spi to the kernel.  This is
551  * the "delete all" request (an extension also present in
552  * Solaris).
553  *
554  * OUT:
555  *	positive: success and return length sent
556  *	-1	: error occured, and set errno
557  */
558 int
559 pfkey_send_delete_all(so, satype, mode, src, dst)
560 	int so;
561 	u_int satype, mode;
562 	struct sockaddr *src, *dst;
563 {
564 	struct sadb_msg *newmsg;
565 	int len;
566 	caddr_t p;
567 	int plen;
568 	caddr_t ep;
569 
570 	/* validity check */
571 	if (src == NULL || dst == NULL) {
572 		__ipsec_errcode = EIPSEC_INVAL_ARGUMENT;
573 		return -1;
574 	}
575 	if (src->sa_family != dst->sa_family) {
576 		__ipsec_errcode = EIPSEC_FAMILY_MISMATCH;
577 		return -1;
578 	}
579 	switch (src->sa_family) {
580 	case AF_INET:
581 		plen = sizeof(struct in_addr) << 3;
582 		break;
583 	case AF_INET6:
584 		plen = sizeof(struct in6_addr) << 3;
585 		break;
586 	default:
587 		__ipsec_errcode = EIPSEC_INVAL_FAMILY;
588 		return -1;
589 	}
590 
591 	/* create new sadb_msg to reply. */
592 	len = sizeof(struct sadb_msg)
593 		+ sizeof(struct sadb_address)
594 		+ PFKEY_ALIGN8(src->sa_len)
595 		+ sizeof(struct sadb_address)
596 		+ PFKEY_ALIGN8(dst->sa_len);
597 
598 	if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) {
599 		__ipsec_set_strerror(strerror(errno));
600 		return -1;
601 	}
602 	ep = ((caddr_t)newmsg) + len;
603 
604 	p = pfkey_setsadbmsg((caddr_t)newmsg, ep, SADB_DELETE, len, satype, 0,
605 	    getpid());
606 	if (!p) {
607 		free(newmsg);
608 		return -1;
609 	}
610 	p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_SRC, src, plen,
611 	    IPSEC_ULPROTO_ANY);
612 	if (!p) {
613 		free(newmsg);
614 		return -1;
615 	}
616 	p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_DST, dst, plen,
617 	    IPSEC_ULPROTO_ANY);
618 	if (!p || p != ep) {
619 		free(newmsg);
620 		return -1;
621 	}
622 
623 	/* send message */
624 	len = pfkey_send(so, newmsg, len);
625 	free(newmsg);
626 
627 	if (len < 0)
628 		return -1;
629 
630 	__ipsec_errcode = EIPSEC_NO_ERROR;
631 	return len;
632 }
633 
634 /*
635  * sending SADB_GET message to the kernel.
636  * OUT:
637  *	positive: success and return length sent.
638  *	-1	: error occured, and set errno.
639  */
640 int
641 pfkey_send_get(so, satype, mode, src, dst, spi)
642 	int so;
643 	u_int satype, mode;
644 	struct sockaddr *src, *dst;
645 	u_int32_t spi;
646 {
647 	int len;
648 	if ((len = pfkey_send_x2(so, SADB_GET, satype, mode, src, dst, spi)) < 0)
649 		return -1;
650 
651 	return len;
652 }
653 
654 /*
655  * sending SADB_REGISTER message to the kernel.
656  * OUT:
657  *	positive: success and return length sent.
658  *	-1	: error occured, and set errno.
659  */
660 int
661 pfkey_send_register(so, satype)
662 	int so;
663 	u_int satype;
664 {
665 	int len, algno;
666 
667 	if (satype == SADB_SATYPE_UNSPEC) {
668 		for (algno = 0;
669 		     algno < sizeof(supported_map)/sizeof(supported_map[0]);
670 		     algno++) {
671 			if (ipsec_supported[algno]) {
672 				free(ipsec_supported[algno]);
673 				ipsec_supported[algno] = NULL;
674 			}
675 		}
676 	} else {
677 		algno = findsupportedmap(satype);
678 		if (algno == -1) {
679 			__ipsec_errcode = EIPSEC_INVAL_ARGUMENT;
680 			return -1;
681 		}
682 
683 		if (ipsec_supported[algno]) {
684 			free(ipsec_supported[algno]);
685 			ipsec_supported[algno] = NULL;
686 		}
687 	}
688 
689 	if ((len = pfkey_send_x3(so, SADB_REGISTER, satype)) < 0)
690 		return -1;
691 
692 	return len;
693 }
694 
695 /*
696  * receiving SADB_REGISTER message from the kernel, and copy buffer for
697  * sadb_supported returned into ipsec_supported.
698  * OUT:
699  *	 0: success and return length sent.
700  *	-1: error occured, and set errno.
701  */
702 int
703 pfkey_recv_register(so)
704 	int so;
705 {
706 	pid_t pid = getpid();
707 	struct sadb_msg *newmsg;
708 	int error = -1;
709 
710 	/* receive message */
711 	for (;;) {
712 		if ((newmsg = pfkey_recv(so)) == NULL)
713 			return -1;
714 		if (newmsg->sadb_msg_type == SADB_REGISTER &&
715 		    newmsg->sadb_msg_pid == pid)
716 			break;
717 		free(newmsg);
718 	}
719 
720 	/* check and fix */
721 	newmsg->sadb_msg_len = PFKEY_UNUNIT64(newmsg->sadb_msg_len);
722 
723 	error = pfkey_set_supported(newmsg, newmsg->sadb_msg_len);
724 	free(newmsg);
725 
726 	if (error == 0)
727 		__ipsec_errcode = EIPSEC_NO_ERROR;
728 
729 	return error;
730 }
731 
732 /*
733  * receiving SADB_REGISTER message from the kernel, and copy buffer for
734  * sadb_supported returned into ipsec_supported.
735  * NOTE: sadb_msg_len must be host order.
736  * IN:
737  *	tlen: msg length, it's to makeing sure.
738  * OUT:
739  *	 0: success and return length sent.
740  *	-1: error occured, and set errno.
741  */
742 int
743 pfkey_set_supported(msg, tlen)
744 	struct sadb_msg *msg;
745 	int tlen;
746 {
747 	struct sadb_supported *sup;
748 	caddr_t p;
749 	caddr_t ep;
750 
751 	/* validity */
752 	if (msg->sadb_msg_len != tlen) {
753 		__ipsec_errcode = EIPSEC_INVAL_ARGUMENT;
754 		return -1;
755 	}
756 
757 	p = (caddr_t)msg;
758 	ep = p + tlen;
759 
760 	p += sizeof(struct sadb_msg);
761 
762 	while (p < ep) {
763 		sup = (struct sadb_supported *)p;
764 		if (ep < p + sizeof(*sup) ||
765 		    PFKEY_EXTLEN(sup) < sizeof(*sup) ||
766 		    ep < p + sup->sadb_supported_len) {
767 			/* invalid format */
768 			break;
769 		}
770 
771 		switch (sup->sadb_supported_exttype) {
772 		case SADB_EXT_SUPPORTED_AUTH:
773 		case SADB_EXT_SUPPORTED_ENCRYPT:
774 			break;
775 		default:
776 			__ipsec_errcode = EIPSEC_INVAL_SATYPE;
777 			return -1;
778 		}
779 
780 		/* fixed length */
781 		sup->sadb_supported_len = PFKEY_EXTLEN(sup);
782 
783 		/* set supported map */
784 		if (setsupportedmap(sup) != 0)
785 			return -1;
786 
787 		p += sup->sadb_supported_len;
788 	}
789 
790 	if (p != ep) {
791 		__ipsec_errcode = EIPSEC_INVAL_SATYPE;
792 		return -1;
793 	}
794 
795 	__ipsec_errcode = EIPSEC_NO_ERROR;
796 
797 	return 0;
798 }
799 
800 /*
801  * sending SADB_FLUSH message to the kernel.
802  * OUT:
803  *	positive: success and return length sent.
804  *	-1	: error occured, and set errno.
805  */
806 int
807 pfkey_send_flush(so, satype)
808 	int so;
809 	u_int satype;
810 {
811 	int len;
812 
813 	if ((len = pfkey_send_x3(so, SADB_FLUSH, satype)) < 0)
814 		return -1;
815 
816 	return len;
817 }
818 
819 /*
820  * sending SADB_DUMP message to the kernel.
821  * OUT:
822  *	positive: success and return length sent.
823  *	-1	: error occured, and set errno.
824  */
825 int
826 pfkey_send_dump(so, satype)
827 	int so;
828 	u_int satype;
829 {
830 	int len;
831 
832 	if ((len = pfkey_send_x3(so, SADB_DUMP, satype)) < 0)
833 		return -1;
834 
835 	return len;
836 }
837 
838 /*
839  * sending SADB_X_PROMISC message to the kernel.
840  * NOTE that this function handles promisc mode toggle only.
841  * IN:
842  *	flag:	set promisc off if zero, set promisc on if non-zero.
843  * OUT:
844  *	positive: success and return length sent.
845  *	-1	: error occured, and set errno.
846  *	0     : error occured, and set errno.
847  *	others: a pointer to new allocated buffer in which supported
848  *	        algorithms is.
849  */
850 int
851 pfkey_send_promisc_toggle(so, flag)
852 	int so;
853 	int flag;
854 {
855 	int len;
856 
857 	if ((len = pfkey_send_x3(so, SADB_X_PROMISC, (flag ? 1 : 0))) < 0)
858 		return -1;
859 
860 	return len;
861 }
862 
863 /*
864  * sending SADB_X_SPDADD message to the kernel.
865  * OUT:
866  *	positive: success and return length sent.
867  *	-1	: error occured, and set errno.
868  */
869 int
870 pfkey_send_spdadd(so, src, prefs, dst, prefd, proto, policy, policylen, seq)
871 	int so;
872 	struct sockaddr *src, *dst;
873 	u_int prefs, prefd, proto;
874 	caddr_t policy;
875 	int policylen;
876 	u_int32_t seq;
877 {
878 	int len;
879 
880 	if ((len = pfkey_send_x4(so, SADB_X_SPDADD,
881 				src, prefs, dst, prefd, proto,
882 				0, 0,
883 				policy, policylen, seq)) < 0)
884 		return -1;
885 
886 	return len;
887 }
888 
889 /*
890  * sending SADB_X_SPDADD message to the kernel.
891  * OUT:
892  *	positive: success and return length sent.
893  *	-1	: error occured, and set errno.
894  */
895 int
896 pfkey_send_spdadd2(so, src, prefs, dst, prefd, proto, ltime, vtime,
897 		policy, policylen, seq)
898 	int so;
899 	struct sockaddr *src, *dst;
900 	u_int prefs, prefd, proto;
901 	u_int64_t ltime, vtime;
902 	caddr_t policy;
903 	int policylen;
904 	u_int32_t seq;
905 {
906 	int len;
907 
908 	if ((len = pfkey_send_x4(so, SADB_X_SPDADD,
909 				src, prefs, dst, prefd, proto,
910 				ltime, vtime,
911 				policy, policylen, seq)) < 0)
912 		return -1;
913 
914 	return len;
915 }
916 
917 /*
918  * sending SADB_X_SPDUPDATE message to the kernel.
919  * OUT:
920  *	positive: success and return length sent.
921  *	-1	: error occured, and set errno.
922  */
923 int
924 pfkey_send_spdupdate(so, src, prefs, dst, prefd, proto, policy, policylen, seq)
925 	int so;
926 	struct sockaddr *src, *dst;
927 	u_int prefs, prefd, proto;
928 	caddr_t policy;
929 	int policylen;
930 	u_int32_t seq;
931 {
932 	int len;
933 
934 	if ((len = pfkey_send_x4(so, SADB_X_SPDUPDATE,
935 				src, prefs, dst, prefd, proto,
936 				0, 0,
937 				policy, policylen, seq)) < 0)
938 		return -1;
939 
940 	return len;
941 }
942 
943 /*
944  * sending SADB_X_SPDUPDATE message to the kernel.
945  * OUT:
946  *	positive: success and return length sent.
947  *	-1	: error occured, and set errno.
948  */
949 int
950 pfkey_send_spdupdate2(so, src, prefs, dst, prefd, proto, ltime, vtime,
951 		policy, policylen, seq)
952 	int so;
953 	struct sockaddr *src, *dst;
954 	u_int prefs, prefd, proto;
955 	u_int64_t ltime, vtime;
956 	caddr_t policy;
957 	int policylen;
958 	u_int32_t seq;
959 {
960 	int len;
961 
962 	if ((len = pfkey_send_x4(so, SADB_X_SPDUPDATE,
963 				src, prefs, dst, prefd, proto,
964 				ltime, vtime,
965 				policy, policylen, seq)) < 0)
966 		return -1;
967 
968 	return len;
969 }
970 
971 /*
972  * sending SADB_X_SPDDELETE message to the kernel.
973  * OUT:
974  *	positive: success and return length sent.
975  *	-1	: error occured, and set errno.
976  */
977 int
978 pfkey_send_spddelete(so, src, prefs, dst, prefd, proto, policy, policylen, seq)
979 	int so;
980 	struct sockaddr *src, *dst;
981 	u_int prefs, prefd, proto;
982 	caddr_t policy;
983 	int policylen;
984 	u_int32_t seq;
985 {
986 	int len;
987 
988 	if (policylen != sizeof(struct sadb_x_policy)) {
989 		__ipsec_errcode = EIPSEC_INVAL_ARGUMENT;
990 		return -1;
991 	}
992 
993 	if ((len = pfkey_send_x4(so, SADB_X_SPDDELETE,
994 				src, prefs, dst, prefd, proto,
995 				0, 0,
996 				policy, policylen, seq)) < 0)
997 		return -1;
998 
999 	return len;
1000 }
1001 
1002 /*
1003  * sending SADB_X_SPDDELETE message to the kernel.
1004  * OUT:
1005  *	positive: success and return length sent.
1006  *	-1	: error occured, and set errno.
1007  */
1008 int
1009 pfkey_send_spddelete2(so, spid)
1010 	int so;
1011 	u_int32_t spid;
1012 {
1013 	int len;
1014 
1015 	if ((len = pfkey_send_x5(so, SADB_X_SPDDELETE2, spid)) < 0)
1016 		return -1;
1017 
1018 	return len;
1019 }
1020 
1021 /*
1022  * sending SADB_X_SPDGET message to the kernel.
1023  * OUT:
1024  *	positive: success and return length sent.
1025  *	-1	: error occured, and set errno.
1026  */
1027 int
1028 pfkey_send_spdget(so, spid)
1029 	int so;
1030 	u_int32_t spid;
1031 {
1032 	int len;
1033 
1034 	if ((len = pfkey_send_x5(so, SADB_X_SPDGET, spid)) < 0)
1035 		return -1;
1036 
1037 	return len;
1038 }
1039 
1040 /*
1041  * sending SADB_X_SPDSETIDX message to the kernel.
1042  * OUT:
1043  *	positive: success and return length sent.
1044  *	-1	: error occured, and set errno.
1045  */
1046 int
1047 pfkey_send_spdsetidx(so, src, prefs, dst, prefd, proto, policy, policylen, seq)
1048 	int so;
1049 	struct sockaddr *src, *dst;
1050 	u_int prefs, prefd, proto;
1051 	caddr_t policy;
1052 	int policylen;
1053 	u_int32_t seq;
1054 {
1055 	int len;
1056 
1057 	if (policylen != sizeof(struct sadb_x_policy)) {
1058 		__ipsec_errcode = EIPSEC_INVAL_ARGUMENT;
1059 		return -1;
1060 	}
1061 
1062 	if ((len = pfkey_send_x4(so, SADB_X_SPDSETIDX,
1063 				src, prefs, dst, prefd, proto,
1064 				0, 0,
1065 				policy, policylen, seq)) < 0)
1066 		return -1;
1067 
1068 	return len;
1069 }
1070 
1071 /*
1072  * sending SADB_SPDFLUSH message to the kernel.
1073  * OUT:
1074  *	positive: success and return length sent.
1075  *	-1	: error occured, and set errno.
1076  */
1077 int
1078 pfkey_send_spdflush(so)
1079 	int so;
1080 {
1081 	int len;
1082 
1083 	if ((len = pfkey_send_x3(so, SADB_X_SPDFLUSH, SADB_SATYPE_UNSPEC)) < 0)
1084 		return -1;
1085 
1086 	return len;
1087 }
1088 
1089 /*
1090  * sending SADB_SPDDUMP message to the kernel.
1091  * OUT:
1092  *	positive: success and return length sent.
1093  *	-1	: error occured, and set errno.
1094  */
1095 int
1096 pfkey_send_spddump(so)
1097 	int so;
1098 {
1099 	int len;
1100 
1101 	if ((len = pfkey_send_x3(so, SADB_X_SPDDUMP, SADB_SATYPE_UNSPEC)) < 0)
1102 		return -1;
1103 
1104 	return len;
1105 }
1106 
1107 /* sending SADB_ADD or SADB_UPDATE message to the kernel */
1108 static int
1109 pfkey_send_x1(so, type, satype, mode, src, dst, spi, reqid, wsize,
1110 		keymat, e_type, e_keylen, a_type, a_keylen, flags,
1111 		l_alloc, l_bytes, l_addtime, l_usetime, seq)
1112 	int so;
1113 	u_int type, satype, mode;
1114 	struct sockaddr *src, *dst;
1115 	u_int32_t spi, reqid;
1116 	u_int wsize;
1117 	caddr_t keymat;
1118 	u_int e_type, e_keylen, a_type, a_keylen, flags;
1119 	u_int32_t l_alloc, l_bytes, l_addtime, l_usetime, seq;
1120 {
1121 	struct sadb_msg *newmsg;
1122 	int len;
1123 	caddr_t p;
1124 	int plen;
1125 	caddr_t ep;
1126 
1127 	/* validity check */
1128 	if (src == NULL || dst == NULL) {
1129 		__ipsec_errcode = EIPSEC_INVAL_ARGUMENT;
1130 		return -1;
1131 	}
1132 	if (src->sa_family != dst->sa_family) {
1133 		__ipsec_errcode = EIPSEC_FAMILY_MISMATCH;
1134 		return -1;
1135 	}
1136 	switch (src->sa_family) {
1137 	case AF_INET:
1138 		plen = sizeof(struct in_addr) << 3;
1139 		break;
1140 	case AF_INET6:
1141 		plen = sizeof(struct in6_addr) << 3;
1142 		break;
1143 	default:
1144 		__ipsec_errcode = EIPSEC_INVAL_FAMILY;
1145 		return -1;
1146 	}
1147 
1148 	switch (satype) {
1149 	case SADB_SATYPE_ESP:
1150 		if (e_type == SADB_EALG_NONE) {
1151 			__ipsec_errcode = EIPSEC_NO_ALGS;
1152 			return -1;
1153 		}
1154 		break;
1155 	case SADB_SATYPE_AH:
1156 		if (e_type != SADB_EALG_NONE) {
1157 			__ipsec_errcode = EIPSEC_INVAL_ALGS;
1158 			return -1;
1159 		}
1160 		if (a_type == SADB_AALG_NONE) {
1161 			__ipsec_errcode = EIPSEC_NO_ALGS;
1162 			return -1;
1163 		}
1164 		break;
1165 	case SADB_X_SATYPE_IPCOMP:
1166 		if (e_type == SADB_X_CALG_NONE) {
1167 			__ipsec_errcode = EIPSEC_INVAL_ALGS;
1168 			return -1;
1169 		}
1170 		if (a_type != SADB_AALG_NONE) {
1171 			__ipsec_errcode = EIPSEC_NO_ALGS;
1172 			return -1;
1173 		}
1174 		break;
1175 	case SADB_X_SATYPE_TCPSIGNATURE:
1176 		if (e_type != SADB_EALG_NONE) {
1177 			__ipsec_errcode = EIPSEC_INVAL_ALGS;
1178 			return -1;
1179 		}
1180 		if (a_type != SADB_X_AALG_TCP_MD5) {
1181 			__ipsec_errcode = EIPSEC_INVAL_ALGS;
1182 			return -1;
1183 		}
1184 		break;
1185 	default:
1186 		__ipsec_errcode = EIPSEC_INVAL_SATYPE;
1187 		return -1;
1188 	}
1189 
1190 	/* create new sadb_msg to reply. */
1191 	len = sizeof(struct sadb_msg)
1192 		+ sizeof(struct sadb_sa)
1193 		+ sizeof(struct sadb_x_sa2)
1194 		+ sizeof(struct sadb_address)
1195 		+ PFKEY_ALIGN8(src->sa_len)
1196 		+ sizeof(struct sadb_address)
1197 		+ PFKEY_ALIGN8(dst->sa_len)
1198 		+ sizeof(struct sadb_lifetime)
1199 		+ sizeof(struct sadb_lifetime);
1200 
1201 	if (wsize > UINT8_MAX) {
1202 		if (wsize > (UINT32_MAX - 32) >> 3) {
1203 			__ipsec_errcode = EIPSEC_INVAL_ARGUMENT;
1204 			return (-1);
1205 		}
1206 		len += sizeof(struct sadb_x_sa_replay);
1207 	}
1208 	if (e_type != SADB_EALG_NONE)
1209 		len += (sizeof(struct sadb_key) + PFKEY_ALIGN8(e_keylen));
1210 	if (a_type != SADB_AALG_NONE)
1211 		len += (sizeof(struct sadb_key) + PFKEY_ALIGN8(a_keylen));
1212 
1213 	if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) {
1214 		__ipsec_set_strerror(strerror(errno));
1215 		return -1;
1216 	}
1217 	ep = ((caddr_t)newmsg) + len;
1218 
1219 	p = pfkey_setsadbmsg((caddr_t)newmsg, ep, type, len,
1220 	                     satype, seq, getpid());
1221 	if (!p) {
1222 		free(newmsg);
1223 		return -1;
1224 	}
1225 	p = pfkey_setsadbsa(p, ep, spi, wsize, a_type, e_type, flags);
1226 	if (!p) {
1227 		free(newmsg);
1228 		return -1;
1229 	}
1230 	p = pfkey_setsadbxsa2(p, ep, mode, reqid);
1231 	if (!p) {
1232 		free(newmsg);
1233 		return -1;
1234 	}
1235 	if (wsize > UINT8_MAX) {
1236 		p = pfkey_setsadbxreplay(p, ep, wsize);
1237 		if (!p) {
1238 			free(newmsg);
1239 			return (-1);
1240 		}
1241 	}
1242 	p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_SRC, src, plen,
1243 	    IPSEC_ULPROTO_ANY);
1244 	if (!p) {
1245 		free(newmsg);
1246 		return -1;
1247 	}
1248 	p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_DST, dst, plen,
1249 	    IPSEC_ULPROTO_ANY);
1250 	if (!p) {
1251 		free(newmsg);
1252 		return -1;
1253 	}
1254 
1255 	if (e_type != SADB_EALG_NONE) {
1256 		p = pfkey_setsadbkey(p, ep, SADB_EXT_KEY_ENCRYPT,
1257 		                   keymat, e_keylen);
1258 		if (!p) {
1259 			free(newmsg);
1260 			return -1;
1261 		}
1262 	}
1263 	if (a_type != SADB_AALG_NONE) {
1264 		p = pfkey_setsadbkey(p, ep, SADB_EXT_KEY_AUTH,
1265 		                   keymat + e_keylen, a_keylen);
1266 		if (!p) {
1267 			free(newmsg);
1268 			return -1;
1269 		}
1270 	}
1271 
1272 	/* set sadb_lifetime for destination */
1273 	p = pfkey_setsadblifetime(p, ep, SADB_EXT_LIFETIME_HARD,
1274 			l_alloc, l_bytes, l_addtime, l_usetime);
1275 	if (!p) {
1276 		free(newmsg);
1277 		return -1;
1278 	}
1279 	p = pfkey_setsadblifetime(p, ep, SADB_EXT_LIFETIME_SOFT,
1280 			l_alloc, l_bytes, l_addtime, l_usetime);
1281 	if (!p || p != ep) {
1282 		free(newmsg);
1283 		return -1;
1284 	}
1285 
1286 	/* send message */
1287 	len = pfkey_send(so, newmsg, len);
1288 	free(newmsg);
1289 
1290 	if (len < 0)
1291 		return -1;
1292 
1293 	__ipsec_errcode = EIPSEC_NO_ERROR;
1294 	return len;
1295 }
1296 
1297 /* sending SADB_DELETE or SADB_GET message to the kernel */
1298 static int
1299 pfkey_send_x2(so, type, satype, mode, src, dst, spi)
1300 	int so;
1301 	u_int type, satype, mode;
1302 	struct sockaddr *src, *dst;
1303 	u_int32_t spi;
1304 {
1305 	struct sadb_msg *newmsg;
1306 	int len;
1307 	caddr_t p;
1308 	int plen;
1309 	caddr_t ep;
1310 
1311 	/* validity check */
1312 	if (src == NULL || dst == NULL) {
1313 		__ipsec_errcode = EIPSEC_INVAL_ARGUMENT;
1314 		return -1;
1315 	}
1316 	if (src->sa_family != dst->sa_family) {
1317 		__ipsec_errcode = EIPSEC_FAMILY_MISMATCH;
1318 		return -1;
1319 	}
1320 	switch (src->sa_family) {
1321 	case AF_INET:
1322 		plen = sizeof(struct in_addr) << 3;
1323 		break;
1324 	case AF_INET6:
1325 		plen = sizeof(struct in6_addr) << 3;
1326 		break;
1327 	default:
1328 		__ipsec_errcode = EIPSEC_INVAL_FAMILY;
1329 		return -1;
1330 	}
1331 
1332 	/* create new sadb_msg to reply. */
1333 	len = sizeof(struct sadb_msg)
1334 		+ sizeof(struct sadb_sa)
1335 		+ sizeof(struct sadb_address)
1336 		+ PFKEY_ALIGN8(src->sa_len)
1337 		+ sizeof(struct sadb_address)
1338 		+ PFKEY_ALIGN8(dst->sa_len);
1339 
1340 	if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) {
1341 		__ipsec_set_strerror(strerror(errno));
1342 		return -1;
1343 	}
1344 	ep = ((caddr_t)newmsg) + len;
1345 
1346 	p = pfkey_setsadbmsg((caddr_t)newmsg, ep, type, len, satype, 0,
1347 	    getpid());
1348 	if (!p) {
1349 		free(newmsg);
1350 		return -1;
1351 	}
1352 	p = pfkey_setsadbsa(p, ep, spi, 0, 0, 0, 0);
1353 	if (!p) {
1354 		free(newmsg);
1355 		return -1;
1356 	}
1357 	p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_SRC, src, plen,
1358 	    IPSEC_ULPROTO_ANY);
1359 	if (!p) {
1360 		free(newmsg);
1361 		return -1;
1362 	}
1363 	p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_DST, dst, plen,
1364 	    IPSEC_ULPROTO_ANY);
1365 	if (!p || p != ep) {
1366 		free(newmsg);
1367 		return -1;
1368 	}
1369 
1370 	/* send message */
1371 	len = pfkey_send(so, newmsg, len);
1372 	free(newmsg);
1373 
1374 	if (len < 0)
1375 		return -1;
1376 
1377 	__ipsec_errcode = EIPSEC_NO_ERROR;
1378 	return len;
1379 }
1380 
1381 /*
1382  * sending SADB_REGISTER, SADB_FLUSH, SADB_DUMP or SADB_X_PROMISC message
1383  * to the kernel
1384  */
1385 static int
1386 pfkey_send_x3(so, type, satype)
1387 	int so;
1388 	u_int type, satype;
1389 {
1390 	struct sadb_msg *newmsg;
1391 	int len;
1392 	caddr_t p;
1393 	caddr_t ep;
1394 
1395 	/* validity check */
1396 	switch (type) {
1397 	case SADB_X_PROMISC:
1398 		if (satype != 0 && satype != 1) {
1399 			__ipsec_errcode = EIPSEC_INVAL_SATYPE;
1400 			return -1;
1401 		}
1402 		break;
1403 	default:
1404 		switch (satype) {
1405 		case SADB_SATYPE_UNSPEC:
1406 		case SADB_SATYPE_AH:
1407 		case SADB_SATYPE_ESP:
1408 		case SADB_X_SATYPE_IPCOMP:
1409 		case SADB_X_SATYPE_TCPSIGNATURE:
1410 			break;
1411 		default:
1412 			__ipsec_errcode = EIPSEC_INVAL_SATYPE;
1413 			return -1;
1414 		}
1415 	}
1416 
1417 	/* create new sadb_msg to send. */
1418 	len = sizeof(struct sadb_msg);
1419 
1420 	if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) {
1421 		__ipsec_set_strerror(strerror(errno));
1422 		return -1;
1423 	}
1424 	ep = ((caddr_t)newmsg) + len;
1425 
1426 	p = pfkey_setsadbmsg((caddr_t)newmsg, ep, type, len, satype, 0,
1427 	    getpid());
1428 	if (!p || p != ep) {
1429 		free(newmsg);
1430 		return -1;
1431 	}
1432 
1433 	/* send message */
1434 	len = pfkey_send(so, newmsg, len);
1435 	free(newmsg);
1436 
1437 	if (len < 0)
1438 		return -1;
1439 
1440 	__ipsec_errcode = EIPSEC_NO_ERROR;
1441 	return len;
1442 }
1443 
1444 /* sending SADB_X_SPDADD message to the kernel */
1445 static int
1446 pfkey_send_x4(so, type, src, prefs, dst, prefd, proto,
1447 		ltime, vtime, policy, policylen, seq)
1448 	int so;
1449 	struct sockaddr *src, *dst;
1450 	u_int type, prefs, prefd, proto;
1451 	u_int64_t ltime, vtime;
1452 	char *policy;
1453 	int policylen;
1454 	u_int32_t seq;
1455 {
1456 	struct sadb_msg *newmsg;
1457 	int len;
1458 	caddr_t p;
1459 	int plen;
1460 	caddr_t ep;
1461 
1462 	/* validity check */
1463 	if (src == NULL || dst == NULL) {
1464 		__ipsec_errcode = EIPSEC_INVAL_ARGUMENT;
1465 		return -1;
1466 	}
1467 	if (src->sa_family != dst->sa_family) {
1468 		__ipsec_errcode = EIPSEC_FAMILY_MISMATCH;
1469 		return -1;
1470 	}
1471 
1472 	switch (src->sa_family) {
1473 	case AF_INET:
1474 		plen = sizeof(struct in_addr) << 3;
1475 		break;
1476 	case AF_INET6:
1477 		plen = sizeof(struct in6_addr) << 3;
1478 		break;
1479 	default:
1480 		__ipsec_errcode = EIPSEC_INVAL_FAMILY;
1481 		return -1;
1482 	}
1483 	if (prefs > plen || prefd > plen) {
1484 		__ipsec_errcode = EIPSEC_INVAL_PREFIXLEN;
1485 		return -1;
1486 	}
1487 
1488 	/* create new sadb_msg to reply. */
1489 	len = sizeof(struct sadb_msg)
1490 		+ sizeof(struct sadb_address)
1491 		+ PFKEY_ALIGN8(src->sa_len)
1492 		+ sizeof(struct sadb_address)
1493 		+ PFKEY_ALIGN8(src->sa_len)
1494 		+ sizeof(struct sadb_lifetime)
1495 		+ policylen;
1496 
1497 	if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) {
1498 		__ipsec_set_strerror(strerror(errno));
1499 		return -1;
1500 	}
1501 	ep = ((caddr_t)newmsg) + len;
1502 
1503 	p = pfkey_setsadbmsg((caddr_t)newmsg, ep, type, len,
1504 	    SADB_SATYPE_UNSPEC, seq, getpid());
1505 	if (!p) {
1506 		free(newmsg);
1507 		return -1;
1508 	}
1509 	p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_SRC, src, prefs, proto);
1510 	if (!p) {
1511 		free(newmsg);
1512 		return -1;
1513 	}
1514 	p = pfkey_setsadbaddr(p, ep, SADB_EXT_ADDRESS_DST, dst, prefd, proto);
1515 	if (!p) {
1516 		free(newmsg);
1517 		return -1;
1518 	}
1519 	p = pfkey_setsadblifetime(p, ep, SADB_EXT_LIFETIME_HARD,
1520 			0, 0, ltime, vtime);
1521 	if (!p || p + policylen != ep) {
1522 		free(newmsg);
1523 		return -1;
1524 	}
1525 	memcpy(p, policy, policylen);
1526 
1527 	/* send message */
1528 	len = pfkey_send(so, newmsg, len);
1529 	free(newmsg);
1530 
1531 	if (len < 0)
1532 		return -1;
1533 
1534 	__ipsec_errcode = EIPSEC_NO_ERROR;
1535 	return len;
1536 }
1537 
1538 /* sending SADB_X_SPDGET or SADB_X_SPDDELETE message to the kernel */
1539 static int
1540 pfkey_send_x5(so, type, spid)
1541 	int so;
1542 	u_int type;
1543 	u_int32_t spid;
1544 {
1545 	struct sadb_msg *newmsg;
1546 	struct sadb_x_policy xpl;
1547 	int len;
1548 	caddr_t p;
1549 	caddr_t ep;
1550 
1551 	/* create new sadb_msg to reply. */
1552 	len = sizeof(struct sadb_msg)
1553 		+ sizeof(xpl);
1554 
1555 	if ((newmsg = CALLOC(len, struct sadb_msg *)) == NULL) {
1556 		__ipsec_set_strerror(strerror(errno));
1557 		return -1;
1558 	}
1559 	ep = ((caddr_t)newmsg) + len;
1560 
1561 	p = pfkey_setsadbmsg((caddr_t)newmsg, ep, type, len,
1562 	    SADB_SATYPE_UNSPEC, 0, getpid());
1563 	if (!p) {
1564 		free(newmsg);
1565 		return -1;
1566 	}
1567 
1568 	if (p + sizeof(xpl) != ep) {
1569 		free(newmsg);
1570 		return -1;
1571 	}
1572 	memset(&xpl, 0, sizeof(xpl));
1573 	xpl.sadb_x_policy_len = PFKEY_UNIT64(sizeof(xpl));
1574 	xpl.sadb_x_policy_exttype = SADB_X_EXT_POLICY;
1575 	xpl.sadb_x_policy_id = spid;
1576 	memcpy(p, &xpl, sizeof(xpl));
1577 
1578 	/* send message */
1579 	len = pfkey_send(so, newmsg, len);
1580 	free(newmsg);
1581 
1582 	if (len < 0)
1583 		return -1;
1584 
1585 	__ipsec_errcode = EIPSEC_NO_ERROR;
1586 	return len;
1587 }
1588 
1589 /*
1590  * open a socket.
1591  * OUT:
1592  *	-1: fail.
1593  *	others : success and return value of socket.
1594  */
1595 int
1596 pfkey_open()
1597 {
1598 	int so;
1599 	const int bufsiz = 128 * 1024;	/*is 128K enough?*/
1600 
1601 	if ((so = socket(PF_KEY, SOCK_RAW, PF_KEY_V2)) < 0) {
1602 		__ipsec_set_strerror(strerror(errno));
1603 		return -1;
1604 	}
1605 
1606 	/*
1607 	 * This is a temporary workaround for KAME PR 154.
1608 	 * Don't really care even if it fails.
1609 	 */
1610 	(void)setsockopt(so, SOL_SOCKET, SO_SNDBUF, &bufsiz, sizeof(bufsiz));
1611 	(void)setsockopt(so, SOL_SOCKET, SO_RCVBUF, &bufsiz, sizeof(bufsiz));
1612 
1613 	__ipsec_errcode = EIPSEC_NO_ERROR;
1614 	return so;
1615 }
1616 
1617 /*
1618  * close a socket.
1619  * OUT:
1620  *	 0: success.
1621  *	-1: fail.
1622  */
1623 void
1624 pfkey_close(so)
1625 	int so;
1626 {
1627 	(void)close(so);
1628 
1629 	__ipsec_errcode = EIPSEC_NO_ERROR;
1630 	return;
1631 }
1632 
1633 /*
1634  * receive sadb_msg data, and return pointer to new buffer allocated.
1635  * Must free this buffer later.
1636  * OUT:
1637  *	NULL	: error occured.
1638  *	others	: a pointer to sadb_msg structure.
1639  *
1640  * XXX should be rewritten to pass length explicitly
1641  */
1642 struct sadb_msg *
1643 pfkey_recv(so)
1644 	int so;
1645 {
1646 	struct sadb_msg buf, *newmsg;
1647 	int len, reallen;
1648 
1649 	while ((len = recv(so, (caddr_t)&buf, sizeof(buf), MSG_PEEK)) < 0) {
1650 		if (errno == EINTR)
1651 			continue;
1652 		__ipsec_set_strerror(strerror(errno));
1653 		return NULL;
1654 	}
1655 
1656 	if (len < sizeof(buf)) {
1657 		recv(so, (caddr_t)&buf, sizeof(buf), 0);
1658 		__ipsec_errcode = EIPSEC_MAX;
1659 		return NULL;
1660 	}
1661 
1662 	/* read real message */
1663 	reallen = PFKEY_UNUNIT64(buf.sadb_msg_len);
1664 	if ((newmsg = CALLOC(reallen, struct sadb_msg *)) == NULL) {
1665 		__ipsec_set_strerror(strerror(errno));
1666 		return NULL;
1667 	}
1668 
1669 	while ((len = recv(so, (caddr_t)newmsg, reallen, 0)) < 0) {
1670 		if (errno == EINTR)
1671 			continue;
1672 		__ipsec_set_strerror(strerror(errno));
1673 		free(newmsg);
1674 		return NULL;
1675 	}
1676 
1677 	if (len != reallen) {
1678 		__ipsec_errcode = EIPSEC_SYSTEM_ERROR;
1679 		free(newmsg);
1680 		return NULL;
1681 	}
1682 
1683 	/* don't trust what the kernel says, validate! */
1684 	if (PFKEY_UNUNIT64(newmsg->sadb_msg_len) != len) {
1685 		__ipsec_errcode = EIPSEC_SYSTEM_ERROR;
1686 		free(newmsg);
1687 		return NULL;
1688 	}
1689 
1690 	__ipsec_errcode = EIPSEC_NO_ERROR;
1691 	return newmsg;
1692 }
1693 
1694 /*
1695  * send message to a socket.
1696  * OUT:
1697  *	 others: success and return length sent.
1698  *	-1     : fail.
1699  */
1700 int
1701 pfkey_send(so, msg, len)
1702 	int so;
1703 	struct sadb_msg *msg;
1704 	int len;
1705 {
1706 	if ((len = send(so, (caddr_t)msg, len, 0)) < 0) {
1707 		__ipsec_set_strerror(strerror(errno));
1708 		return -1;
1709 	}
1710 
1711 	__ipsec_errcode = EIPSEC_NO_ERROR;
1712 	return len;
1713 }
1714 
1715 /*
1716  * %%% Utilities
1717  * NOTE: These functions are derived from netkey/key.c in KAME.
1718  */
1719 /*
1720  * set the pointer to each header in this message buffer.
1721  * IN:	msg: pointer to message buffer.
1722  *	mhp: pointer to the buffer initialized like below:
1723  *		caddr_t mhp[SADB_EXT_MAX + 1];
1724  * OUT:	-1: invalid.
1725  *	 0: valid.
1726  *
1727  * XXX should be rewritten to obtain length explicitly
1728  */
1729 int
1730 pfkey_align(msg, mhp)
1731 	struct sadb_msg *msg;
1732 	caddr_t *mhp;
1733 {
1734 	struct sadb_ext *ext;
1735 	int i;
1736 	caddr_t p;
1737 	caddr_t ep;	/* XXX should be passed from upper layer */
1738 
1739 	/* validity check */
1740 	if (msg == NULL || mhp == NULL) {
1741 		__ipsec_errcode = EIPSEC_INVAL_ARGUMENT;
1742 		return -1;
1743 	}
1744 
1745 	/* initialize */
1746 	for (i = 0; i < SADB_EXT_MAX + 1; i++)
1747 		mhp[i] = NULL;
1748 
1749 	mhp[0] = (caddr_t)msg;
1750 
1751 	/* initialize */
1752 	p = (caddr_t) msg;
1753 	ep = p + PFKEY_UNUNIT64(msg->sadb_msg_len);
1754 
1755 	/* skip base header */
1756 	p += sizeof(struct sadb_msg);
1757 
1758 	while (p < ep) {
1759 		ext = (struct sadb_ext *)p;
1760 		if (ep < p + sizeof(*ext) || PFKEY_EXTLEN(ext) < sizeof(*ext) ||
1761 		    ep < p + PFKEY_EXTLEN(ext)) {
1762 			/* invalid format */
1763 			break;
1764 		}
1765 
1766 		/* duplicate check */
1767 		/* XXX Are there duplication either KEY_AUTH or KEY_ENCRYPT ?*/
1768 		if (mhp[ext->sadb_ext_type] != NULL) {
1769 			__ipsec_errcode = EIPSEC_INVAL_EXTTYPE;
1770 			return -1;
1771 		}
1772 
1773 		/* set pointer */
1774 		switch (ext->sadb_ext_type) {
1775 		case SADB_EXT_SA:
1776 		case SADB_EXT_LIFETIME_CURRENT:
1777 		case SADB_EXT_LIFETIME_HARD:
1778 		case SADB_EXT_LIFETIME_SOFT:
1779 		case SADB_EXT_ADDRESS_SRC:
1780 		case SADB_EXT_ADDRESS_DST:
1781 		case SADB_EXT_ADDRESS_PROXY:
1782 		case SADB_EXT_KEY_AUTH:
1783 			/* XXX should to be check weak keys. */
1784 		case SADB_EXT_KEY_ENCRYPT:
1785 			/* XXX should to be check weak keys. */
1786 		case SADB_EXT_IDENTITY_SRC:
1787 		case SADB_EXT_IDENTITY_DST:
1788 		case SADB_EXT_SENSITIVITY:
1789 		case SADB_EXT_PROPOSAL:
1790 		case SADB_EXT_SUPPORTED_AUTH:
1791 		case SADB_EXT_SUPPORTED_ENCRYPT:
1792 		case SADB_EXT_SPIRANGE:
1793 		case SADB_X_EXT_POLICY:
1794 		case SADB_X_EXT_SA2:
1795 		case SADB_X_EXT_NAT_T_TYPE:
1796 		case SADB_X_EXT_NAT_T_SPORT:
1797 		case SADB_X_EXT_NAT_T_DPORT:
1798 		case SADB_X_EXT_NAT_T_OAI:
1799 		case SADB_X_EXT_NAT_T_OAR:
1800 		case SADB_X_EXT_NAT_T_FRAG:
1801 		case SADB_X_EXT_SA_REPLAY:
1802 		case SADB_X_EXT_NEW_ADDRESS_SRC:
1803 		case SADB_X_EXT_NEW_ADDRESS_DST:
1804 			mhp[ext->sadb_ext_type] = (caddr_t)ext;
1805 			break;
1806 		default:
1807 			__ipsec_errcode = EIPSEC_INVAL_EXTTYPE;
1808 			return -1;
1809 		}
1810 
1811 		p += PFKEY_EXTLEN(ext);
1812 	}
1813 
1814 	if (p != ep) {
1815 		__ipsec_errcode = EIPSEC_INVAL_SADBMSG;
1816 		return -1;
1817 	}
1818 
1819 	__ipsec_errcode = EIPSEC_NO_ERROR;
1820 	return 0;
1821 }
1822 
1823 /*
1824  * check basic usage for sadb_msg,
1825  * NOTE: This routine is derived from netkey/key.c in KAME.
1826  * IN:	msg: pointer to message buffer.
1827  *	mhp: pointer to the buffer initialized like below:
1828  *
1829  *		caddr_t mhp[SADB_EXT_MAX + 1];
1830  *
1831  * OUT:	-1: invalid.
1832  *	 0: valid.
1833  */
1834 int
1835 pfkey_check(mhp)
1836 	caddr_t *mhp;
1837 {
1838 	struct sadb_msg *msg;
1839 
1840 	/* validity check */
1841 	if (mhp == NULL || mhp[0] == NULL) {
1842 		__ipsec_errcode = EIPSEC_INVAL_ARGUMENT;
1843 		return -1;
1844 	}
1845 
1846 	msg = (struct sadb_msg *)mhp[0];
1847 
1848 	/* check version */
1849 	if (msg->sadb_msg_version != PF_KEY_V2) {
1850 		__ipsec_errcode = EIPSEC_INVAL_VERSION;
1851 		return -1;
1852 	}
1853 
1854 	/* check type */
1855 	if (msg->sadb_msg_type > SADB_MAX) {
1856 		__ipsec_errcode = EIPSEC_INVAL_MSGTYPE;
1857 		return -1;
1858 	}
1859 
1860 	/* check SA type */
1861 	switch (msg->sadb_msg_satype) {
1862 	case SADB_SATYPE_UNSPEC:
1863 		switch (msg->sadb_msg_type) {
1864 		case SADB_GETSPI:
1865 		case SADB_UPDATE:
1866 		case SADB_ADD:
1867 		case SADB_DELETE:
1868 		case SADB_GET:
1869 		case SADB_ACQUIRE:
1870 		case SADB_EXPIRE:
1871 			__ipsec_errcode = EIPSEC_INVAL_SATYPE;
1872 			return -1;
1873 		}
1874 		break;
1875 	case SADB_SATYPE_ESP:
1876 	case SADB_SATYPE_AH:
1877 	case SADB_X_SATYPE_IPCOMP:
1878 	case SADB_X_SATYPE_TCPSIGNATURE:
1879 		switch (msg->sadb_msg_type) {
1880 		case SADB_X_SPDADD:
1881 		case SADB_X_SPDDELETE:
1882 		case SADB_X_SPDGET:
1883 		case SADB_X_SPDDUMP:
1884 		case SADB_X_SPDFLUSH:
1885 			__ipsec_errcode = EIPSEC_INVAL_SATYPE;
1886 			return -1;
1887 		}
1888 		break;
1889 	case SADB_SATYPE_RSVP:
1890 	case SADB_SATYPE_OSPFV2:
1891 	case SADB_SATYPE_RIPV2:
1892 	case SADB_SATYPE_MIP:
1893 		__ipsec_errcode = EIPSEC_NOT_SUPPORTED;
1894 		return -1;
1895 	case 1:	/* XXX: What does it do ? */
1896 		if (msg->sadb_msg_type == SADB_X_PROMISC)
1897 			break;
1898 		/*FALLTHROUGH*/
1899 	default:
1900 		__ipsec_errcode = EIPSEC_INVAL_SATYPE;
1901 		return -1;
1902 	}
1903 
1904 	/* check field of upper layer protocol and address family */
1905 	if (mhp[SADB_EXT_ADDRESS_SRC] != NULL
1906 	 && mhp[SADB_EXT_ADDRESS_DST] != NULL) {
1907 		struct sadb_address *src0, *dst0;
1908 
1909 		src0 = (struct sadb_address *)(mhp[SADB_EXT_ADDRESS_SRC]);
1910 		dst0 = (struct sadb_address *)(mhp[SADB_EXT_ADDRESS_DST]);
1911 
1912 		if (src0->sadb_address_proto != dst0->sadb_address_proto) {
1913 			__ipsec_errcode = EIPSEC_PROTO_MISMATCH;
1914 			return -1;
1915 		}
1916 
1917 		if (PFKEY_ADDR_SADDR(src0)->sa_family
1918 		 != PFKEY_ADDR_SADDR(dst0)->sa_family) {
1919 			__ipsec_errcode = EIPSEC_FAMILY_MISMATCH;
1920 			return -1;
1921 		}
1922 
1923 		switch (PFKEY_ADDR_SADDR(src0)->sa_family) {
1924 		case AF_INET:
1925 		case AF_INET6:
1926 			break;
1927 		default:
1928 			__ipsec_errcode = EIPSEC_INVAL_FAMILY;
1929 			return -1;
1930 		}
1931 
1932 		/*
1933 		 * prefixlen == 0 is valid because there must be the case
1934 		 * all addresses are matched.
1935 		 */
1936 	}
1937 
1938 	__ipsec_errcode = EIPSEC_NO_ERROR;
1939 	return 0;
1940 }
1941 
1942 /*
1943  * set data into sadb_msg.
1944  * `buf' must has been allocated sufficiently.
1945  */
1946 static caddr_t
1947 pfkey_setsadbmsg(buf, lim, type, tlen, satype, seq, pid)
1948 	caddr_t buf;
1949 	caddr_t lim;
1950 	u_int type, satype;
1951 	u_int tlen;
1952 	u_int32_t seq;
1953 	pid_t pid;
1954 {
1955 	struct sadb_msg *p;
1956 	u_int len;
1957 
1958 	p = (struct sadb_msg *)buf;
1959 	len = sizeof(struct sadb_msg);
1960 
1961 	if (buf + len > lim)
1962 		return NULL;
1963 
1964 	memset(p, 0, len);
1965 	p->sadb_msg_version = PF_KEY_V2;
1966 	p->sadb_msg_type = type;
1967 	p->sadb_msg_errno = 0;
1968 	p->sadb_msg_satype = satype;
1969 	p->sadb_msg_len = PFKEY_UNIT64(tlen);
1970 	p->sadb_msg_reserved = 0;
1971 	p->sadb_msg_seq = seq;
1972 	p->sadb_msg_pid = (u_int32_t)pid;
1973 
1974 	return(buf + len);
1975 }
1976 
1977 /*
1978  * copy secasvar data into sadb_address.
1979  * `buf' must has been allocated sufficiently.
1980  */
1981 static caddr_t
1982 pfkey_setsadbsa(buf, lim, spi, wsize, auth, enc, flags)
1983 	caddr_t buf;
1984 	caddr_t lim;
1985 	u_int32_t spi, flags;
1986 	u_int wsize, auth, enc;
1987 {
1988 	struct sadb_sa *p;
1989 	u_int len;
1990 
1991 	p = (struct sadb_sa *)buf;
1992 	len = sizeof(struct sadb_sa);
1993 
1994 	if (buf + len > lim)
1995 		return NULL;
1996 
1997 	memset(p, 0, len);
1998 	p->sadb_sa_len = PFKEY_UNIT64(len);
1999 	p->sadb_sa_exttype = SADB_EXT_SA;
2000 	p->sadb_sa_spi = spi;
2001 	p->sadb_sa_replay = wsize > UINT8_MAX ? UINT8_MAX: wsize;
2002 	p->sadb_sa_state = SADB_SASTATE_LARVAL;
2003 	p->sadb_sa_auth = auth;
2004 	p->sadb_sa_encrypt = enc;
2005 	p->sadb_sa_flags = flags;
2006 
2007 	return(buf + len);
2008 }
2009 
2010 /*
2011  * Set data into sadb_x_sa_replay.
2012  * `buf' must has been allocated sufficiently.
2013  */
2014 static caddr_t
2015 pfkey_setsadbxreplay(caddr_t buf, caddr_t lim, uint32_t wsize)
2016 {
2017 	struct sadb_x_sa_replay *p;
2018 	u_int len;
2019 
2020 	p = (struct sadb_x_sa_replay *)buf;
2021 	len = sizeof(struct sadb_x_sa_replay);
2022 
2023 	if (buf + len > lim)
2024 		return (NULL);
2025 
2026 	memset(p, 0, len);
2027 	p->sadb_x_sa_replay_len = PFKEY_UNIT64(len);
2028 	p->sadb_x_sa_replay_exttype = SADB_X_EXT_SA_REPLAY;
2029 	/* Convert wsize from bytes to number of packets. */
2030 	p->sadb_x_sa_replay_replay = wsize << 3;
2031 
2032 	return (buf + len);
2033 }
2034 
2035 /*
2036  * set data into sadb_address.
2037  * `buf' must has been allocated sufficiently.
2038  * prefixlen is in bits.
2039  */
2040 static caddr_t
2041 pfkey_setsadbaddr(buf, lim, exttype, saddr, prefixlen, ul_proto)
2042 	caddr_t buf;
2043 	caddr_t lim;
2044 	u_int exttype;
2045 	struct sockaddr *saddr;
2046 	u_int prefixlen;
2047 	u_int ul_proto;
2048 {
2049 	struct sadb_address *p;
2050 	u_int len;
2051 
2052 	p = (struct sadb_address *)buf;
2053 	len = sizeof(struct sadb_address) + PFKEY_ALIGN8(saddr->sa_len);
2054 
2055 	if (buf + len > lim)
2056 		return NULL;
2057 
2058 	memset(p, 0, len);
2059 	p->sadb_address_len = PFKEY_UNIT64(len);
2060 	p->sadb_address_exttype = exttype & 0xffff;
2061 	p->sadb_address_proto = ul_proto & 0xff;
2062 	p->sadb_address_prefixlen = prefixlen;
2063 	p->sadb_address_reserved = 0;
2064 
2065 	memcpy(p + 1, saddr, saddr->sa_len);
2066 
2067 	return(buf + len);
2068 }
2069 
2070 /*
2071  * set sadb_key structure after clearing buffer with zero.
2072  * OUT: the pointer of buf + len.
2073  */
2074 static caddr_t
2075 pfkey_setsadbkey(buf, lim, type, key, keylen)
2076 	caddr_t buf;
2077 	caddr_t lim;
2078 	caddr_t key;
2079 	u_int type, keylen;
2080 {
2081 	struct sadb_key *p;
2082 	u_int len;
2083 
2084 	p = (struct sadb_key *)buf;
2085 	len = sizeof(struct sadb_key) + PFKEY_ALIGN8(keylen);
2086 
2087 	if (buf + len > lim)
2088 		return NULL;
2089 
2090 	memset(p, 0, len);
2091 	p->sadb_key_len = PFKEY_UNIT64(len);
2092 	p->sadb_key_exttype = type;
2093 	p->sadb_key_bits = keylen << 3;
2094 	p->sadb_key_reserved = 0;
2095 
2096 	memcpy(p + 1, key, keylen);
2097 
2098 	return buf + len;
2099 }
2100 
2101 /*
2102  * set sadb_lifetime structure after clearing buffer with zero.
2103  * OUT: the pointer of buf + len.
2104  */
2105 static caddr_t
2106 pfkey_setsadblifetime(buf, lim, type, l_alloc, l_bytes, l_addtime, l_usetime)
2107 	caddr_t buf;
2108 	caddr_t lim;
2109 	u_int type;
2110 	u_int32_t l_alloc, l_bytes, l_addtime, l_usetime;
2111 {
2112 	struct sadb_lifetime *p;
2113 	u_int len;
2114 
2115 	p = (struct sadb_lifetime *)buf;
2116 	len = sizeof(struct sadb_lifetime);
2117 
2118 	if (buf + len > lim)
2119 		return NULL;
2120 
2121 	memset(p, 0, len);
2122 	p->sadb_lifetime_len = PFKEY_UNIT64(len);
2123 	p->sadb_lifetime_exttype = type;
2124 
2125 	switch (type) {
2126 	case SADB_EXT_LIFETIME_SOFT:
2127 		p->sadb_lifetime_allocations
2128 			= (l_alloc * soft_lifetime_allocations_rate) /100;
2129 		p->sadb_lifetime_bytes
2130 			= (l_bytes * soft_lifetime_bytes_rate) /100;
2131 		p->sadb_lifetime_addtime
2132 			= (l_addtime * soft_lifetime_addtime_rate) /100;
2133 		p->sadb_lifetime_usetime
2134 			= (l_usetime * soft_lifetime_usetime_rate) /100;
2135 		break;
2136 	case SADB_EXT_LIFETIME_HARD:
2137 		p->sadb_lifetime_allocations = l_alloc;
2138 		p->sadb_lifetime_bytes = l_bytes;
2139 		p->sadb_lifetime_addtime = l_addtime;
2140 		p->sadb_lifetime_usetime = l_usetime;
2141 		break;
2142 	}
2143 
2144 	return buf + len;
2145 }
2146 
2147 /*
2148  * copy secasvar data into sadb_address.
2149  * `buf' must has been allocated sufficiently.
2150  */
2151 static caddr_t
2152 pfkey_setsadbxsa2(buf, lim, mode0, reqid)
2153 	caddr_t buf;
2154 	caddr_t lim;
2155 	u_int32_t mode0;
2156 	u_int32_t reqid;
2157 {
2158 	struct sadb_x_sa2 *p;
2159 	u_int8_t mode = mode0 & 0xff;
2160 	u_int len;
2161 
2162 	p = (struct sadb_x_sa2 *)buf;
2163 	len = sizeof(struct sadb_x_sa2);
2164 
2165 	if (buf + len > lim)
2166 		return NULL;
2167 
2168 	memset(p, 0, len);
2169 	p->sadb_x_sa2_len = PFKEY_UNIT64(len);
2170 	p->sadb_x_sa2_exttype = SADB_X_EXT_SA2;
2171 	p->sadb_x_sa2_mode = mode;
2172 	p->sadb_x_sa2_reqid = reqid;
2173 
2174 	return(buf + len);
2175 }
2176