Accept and ignore SADB_X_EXT_REPLAY and SADB_X_EXT_COUNTER payloads for
incoming SADB_ADD and SADB_UPDATE message. Since we send them as part of
the SADB_GET reply we must also accept them on SADB_AD

Accept and ignore SADB_X_EXT_REPLAY and SADB_X_EXT_COUNTER payloads for
incoming SADB_ADD and SADB_UPDATE message. Since we send them as part of
the SADB_GET reply we must also accept them on SADB_ADD/UPDATE as sasyncd
will forward payloads previously received in SADB_GET. Fixes a bug where
sasync can't restore SAs because pfkey returns EINVAL.

From Rafa\xc5\x82 Ramocki
ok bluhm@

show more ...

Make sure pfkeyv2_parsemessage() only returns 0 if the message was
successfully validated. Decline all messages from userland that contain
errnos and remove unneeded special handling for type SADB_X

Make sure pfkeyv2_parsemessage() only returns 0 if the message was
successfully validated. Decline all messages from userland that contain
errnos and remove unneeded special handling for type SADB_X_PROMISC.

ok bluhm@

show more ...

add a struct sadb_x_iface message for interface SAs

this allows userland to install (and see) security associations for
route-based ipsec vpns. if this message is part of an SA, it causes
the TDBF_I

add a struct sadb_x_iface message for interface SAs

this allows userland to install (and see) security associations for
route-based ipsec vpns. if this message is part of an SA, it causes
the TDBF_IFACE flag and associated fields in a tdb to be set.

the interface unit field in this message maps to minor number of
the sec(4) interface you want to the SA to work with. ie, set the
sadb_x_iface_unit field in struct sadb_x_iface to 1 to set up an
SA for use with sec1. the sadb_x_iface_direction in the message
uses IPSP_DIRECTION_IN and IPSP_DIRECTION_OUT to specify in which
direction that SA is supposed to process traffic.

support from many including markus@ tobhe@ claudio@ sthen@ patrick@
now is a good time deraadt@

show more ...

Export SA replay counters via pfkey and print with ipsecctl.
This is useful for debugging replay window issues with 64 bit
sequence numbers in IPsec.

ok bluhm@

Debug printfs in encdebug were inconsistent, some missing newlines
produced ugly output. Move the function name and the newline into
the DPRINTF macro. This simplifies the debug statements.
OK tobh

Debug printfs in encdebug were inconsistent, some missing newlines
produced ugly output. Move the function name and the newline into
the DPRINTF macro. This simplifies the debug statements.
OK tobhe@

show more ...

Export tdb MTU to userland via SADB_GET. This helps debug path MTU
discovery issues with ESP in UDP.

ok bluhm@ sthen@ mpi@

The arrays sadb_exts_allowed_out and sadb_exts_required_out are
constant. Put global variable declarations into header file.
OK mvs@ mpi@

Kill pfkeyv2_parsemessage() declaration which is absolutely useless
here since it's declared in net/pfkeyv2.h.

Also kill unused RETURN_EINVAL() macro.

ok mpi@

Add support for autmatically moving traffic between rdomains on ipsec(4)
encryption or decryption. This allows us to keep plaintext and encrypted
network traffic seperated and reduces the attack sur

Add support for autmatically moving traffic between rdomains on ipsec(4)
encryption or decryption. This allows us to keep plaintext and encrypted
network traffic seperated and reduces the attack surface for network
sidechannel attacks.

The only way to reach the inner rdomain from outside is by successful
decryption and integrity verification through the responsible Security
Association (SA).
The only way for internal traffic to get out is getting encrypted and
moved through the outgoing SA.
Multiple plaintext rdomains can share the same encrypted rdomain while
the unencrypted packets are still kept seperate.
The encrypted and unencrypted rdomains can have different default routes.

The rdomains can be configured with the new SADB_X_EXT_RDOMAIN pfkey
extension. Each SA (tdb) gets a new attribute 'tdb_rdomain_post'.
If this differs from 'tdb_rdomain' then the packet is moved to
'tdb_rdomain_post' afer IPsec processing.

Flows and outgoing IPsec SAs are installed in the plaintext rdomain,
incoming IPsec SAs are installed in the encrypted rdomain.
IPCOMP SAs are always installed in the plaintext rdomain.
They can be viewed with 'route -T X exec ipsecctl -sa' where X is the
rdomain ID.

As the kernel does not create encX devices automatically when creating
rdomains they have to be added by hand with ifconfig for IPsec to work
in non-default rdomains.

discussed with chris@ and kn@
ok markus@, patrick@

show more ...

Export per-TDB counters to userland.

This time add the counter extention to SADB_GET's whitelist.

ok bluhm@, visa@

kernels don't build without MROUTING because ip_var.h only sometimes
introduces a forward decl for socket. turns out the affected file doesn't
need ip_var.h, so remove it. then move the decl to the b

kernels don't build without MROUTING because ip_var.h only sometimes
introduces a forward decl for socket. turns out the affected file doesn't
need ip_var.h, so remove it. then move the decl to the bottom to prevent
the problem from recurring.
bug report by Nick Briggs
ok mpi

show more ...

Allow updating the destination address of an existing TDB. Since the
destination address is used as an index when looking for a TDB, we need
to supply the new destination address in a different memb

Allow updating the destination address of an existing TDB. Since the
destination address is used as an index when looking for a TDB, we need
to supply the new destination address in a different member. For this,
re-use the proxy address, that so far no one else has been using. It
would make sense to rename this member in the future.

ok claudio@

show more ...

Depending on the addresses, ipsecctl(8) automatically groups sa
bundles together. Extend the kernel interface to export the bundle
information to userland. Then ipsecctl -ss -v can show the interna

Depending on the addresses, ipsecctl(8) automatically groups sa
bundles together. Extend the kernel interface to export the bundle
information to userland. Then ipsecctl -ss -v can show the internal
relations. Unfortunately the header SADB_X_EXT_PROTOCOL was reused
by SADB_X_GRPSPIS, so it cannot be used to transfer the second sa
type with sysctl. Introduce a new SADB_X_EXT_SATYPE2 and use it
consistently.
OK hshoexer@ markus@

show more ...

A space here, a space there. Soon we're talking real whitespace
rectification.

Remove support for storing credentials and auth information in the kernel.

This code is largely unfinished and is not used for anything. The change
leaves identities as only objects referenced by i

Remove support for storing credentials and auth information in the kernel.

This code is largely unfinished and is not used for anything. The change
leaves identities as only objects referenced by ipsec_ref structure and
their handling requires some changes to support more advanced matching of
IPsec connections.

No objections from reyk and hshoexer, with and OK markus.

show more ...

Remove bits of unfinished IPsec proxy support. DNS' KX records, anyone?
ok markus, hshoexer

Remove various external variable declaration from sources files and
move them to the corresponding header with an appropriate comment if
necessary.

ok guenther@

Add support for the Extended (64-bit) Sequence Number as defined
in RFC4302 and RFC4303. Right now only software crypto engine is
capable of doing it.

Replay check was rewritten to implement algori

Add support for the Extended (64-bit) Sequence Number as defined
in RFC4302 and RFC4303. Right now only software crypto engine is
capable of doing it.

Replay check was rewritten to implement algorithm described in the
Appendix A of RFC4303 and the window size was increased to 64.

Tested against OpenBSD, Linux (strongswan) and Windows.

No objection from the usual suspects.

show more ...

pfkey needs some p_p->ps_pid too. OK deraadt@ guenther@

Allow to specify an alternative enc(4) interface for an SA. All
traffic for this SA will appear on the specified enc interface instead
of enc0 and can be filtered and monitored separately. This will

Allow to specify an alternative enc(4) interface for an SA. All
traffic for this SA will appear on the specified enc interface instead
of enc0 and can be filtered and monitored separately. This will allow
to group individual ipsec policies to virtual interfaces and
simplifies monitoring and pf filtering with many ipsec policies a lot.

This diff includes the following changes:
- Store the enc interface unit (default 0) in the TDB of an SA and pass
it to the enc_getif() lookup when running the bpf or pf_test() handlers.
- Add the pfkey SADB_X_EXT_TAP extension to communicate the encX
interface unit for a specified SA between userland and kernel.
- Update enc(4) again to use an allocate array instead of the TAILQ to
lookup the matching enc interface in enc_getif() quickly.

Discussed with many, tested by a few, will need more testing & review.

ok deraadt@

show more ...

#if INET => #ifdef INET
#if INET6 => #ifdef INET6

With adding ipsec tags and exporting flow filters via sysctl SADB_GET
needs to be allowed to export that information too. Thus, adjust
sadb_exts_allowed_out[] accordingly.

This fixes isakmpd not be

With adding ipsec tags and exporting flow filters via sysctl SADB_GET
needs to be allowed to export that information too. Thus, adjust
sadb_exts_allowed_out[] accordingly.

This fixes isakmpd not being able to get the in-kernel last-used-counters
of SAs, which are needed for DPD.

ok ho@

show more ...

add support to tag ipsec traffic belonging to specific IKE-initiated
phase 2 traffic. this allows policy-based filtering of encrypted and
unencrypted ipsec traffic with pf(4). see ipsec.conf(5) and
i

add support to tag ipsec traffic belonging to specific IKE-initiated
phase 2 traffic. this allows policy-based filtering of encrypted and
unencrypted ipsec traffic with pf(4). see ipsec.conf(5) and
isakmpd.conf(5) for details and examples.

this is work in progress and still needs some testing and feedback,
but it is safe to put it in now.

ok hshoexer@

show more ...

Add SA replay counter synchronization to pfsync(4). Required for IPsec
failover gateways. ok mcbride@, "looks good" hshoexer@

Add SADB_X_EXT_LIFETIME_LASTUSE for use with isakmpd/DPD, adding this
extends the bitmap to 64bits. Also repair SADB_GET. hshoexer@ ok.