Lines Matching defs:sah
1024 struct secashead *sah;
1033 LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
1036 kdebug_secash(sah, " "));
1037 if (sah->saidx.proto != IPPROTO_TCP)
1039 if (!key_sockaddrcmp(&saidx->dst.sa, &sah->saidx.dst.sa, 0) &&
1040 !key_sockaddrcmp(&saidx->src.sa, &sah->saidx.src.sa, 0))
1043 if (sah != NULL) {
1045 sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue);
1047 sav = TAILQ_FIRST(&sah->savtree_alive);
1077 struct secashead *sah;
1093 LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
1096 kdebug_secash(sah, " "));
1097 if (key_cmpsaidx(&sah->saidx, saidx, CMP_MODE_REQID))
1100 if (sah != NULL) {
1106 sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue);
1108 sav = TAILQ_FIRST(&sah->savtree_alive);
1172 sav->sah->saidx.proto == proto &&
1174 &sav->sah->saidx.dst.sa, 0) == 0)
1201 struct secashead *sah;
1212 LIST_FOREACH(sah, SAHADDRHASH_HASH(&saidx), addrhash) {
1213 if (IPSEC_MODE_TUNNEL != sah->saidx.mode)
1215 if (proto != sah->saidx.proto)
1217 if (key_sockaddrcmp(&src->sa, &sah->saidx.src.sa, 0) != 0)
1219 if (key_sockaddrcmp(&dst->sa, &sah->saidx.dst.sa, 0) != 0)
1223 sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue);
1225 sav = TAILQ_FIRST(&sah->savtree_alive);
1443 struct secashead *sah;
1458 TAILQ_REMOVE(&sav->sah->savtree_larval, sav, chain);
1460 TAILQ_REMOVE(&sav->sah->savtree_alive, sav, chain);
1465 sah = sav->sah;
1469 key_freesah(&sah);
2973 struct secashead *sah;
2975 sah = malloc(sizeof(struct secashead), M_IPSEC_SAH,
2977 if (sah == NULL) {
2981 TAILQ_INIT(&sah->savtree_larval);
2982 TAILQ_INIT(&sah->savtree_alive);
2983 sah->saidx = *saidx;
2984 sah->state = SADB_SASTATE_DEAD;
2985 SAH_INITREF(sah);
2988 printf("%s: SAH(%p)\n", __func__, sah));
2989 KEYDBG(KEY_DATA, kdebug_secash(sah, NULL));
2990 return (sah);
2996 struct secashead *sah = *psah;
3000 if (SAH_DELREF(sah) == 0)
3004 printf("%s: last reference to SAH(%p)\n", __func__, sah));
3005 KEYDBG(KEY_DATA, kdebug_secash(sah, NULL));
3008 key_delsah(sah);
3012 key_delsah(struct secashead *sah)
3014 IPSEC_ASSERT(sah != NULL, ("NULL sah"));
3015 IPSEC_ASSERT(sah->state == SADB_SASTATE_DEAD,
3016 ("Attempt to free non DEAD SAH %p", sah));
3017 IPSEC_ASSERT(TAILQ_EMPTY(&sah->savtree_larval),
3018 ("Attempt to free SAH %p with LARVAL SA", sah));
3019 IPSEC_ASSERT(TAILQ_EMPTY(&sah->savtree_alive),
3020 ("Attempt to free SAH %p with ALIVE SA", sah));
3022 free(sah, M_IPSEC_SAH);
3037 struct secashead *sah;
3047 sah = NULL;
3117 sah = key_getsah(saidx);
3118 if (sah == NULL) {
3120 sah = key_newsah(saidx);
3121 if (sah == NULL) {
3131 sav->sah = sah;
3152 if (isnew == 0 && sah->state == SADB_SASTATE_DEAD) {
3154 key_freesah(&sah); /* reference from key_getsah() */
3166 TAILQ_INSERT_HEAD(&V_sahtree, sah, chain);
3168 LIST_INSERT_HEAD(SAHADDRHASH_HASH(saidx), sah, addrhash);
3170 sah->state = SADB_SASTATE_MATURE;
3176 SAH_ADDREF(sah);
3180 TAILQ_INSERT_HEAD(&sah->savtree_alive, sav, chain);
3183 TAILQ_INSERT_HEAD(&sah->savtree_larval, sav, chain);
3206 if (sah != NULL)
3207 key_freesah(&sah);
3306 struct secashead *sah;
3309 LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
3310 if (key_cmpsaidx(&sah->saidx, saidx, CMP_MODE_REQID) != 0) {
3311 SAH_ADDREF(sah);
3316 return (sah);
3464 error = key_setident(sav->sah, mhp);
3762 m = key_setsadbxsa2(sav->sah->saidx.mode, replay_count,
3763 sav->sah->saidx.reqid);
3780 &sav->sah->saidx.src.sa,
3788 &sav->sah->saidx.dst.sa,
4699 struct secashead *sah, *nextsah;
4710 TAILQ_FOREACH(sah, &V_sahtree, chain) {
4712 if (TAILQ_EMPTY(&sah->savtree_larval) &&
4713 TAILQ_EMPTY(&sah->savtree_alive)) {
4714 SAH_ADDREF(sah);
4715 LIST_INSERT_HEAD(&emptyq, sah, drainq);
4719 TAILQ_FOREACH(sav, &sah->savtree_larval, chain) {
4725 TAILQ_FOREACH(sav, &sah->savtree_alive, chain) {
4796 TAILQ_REMOVE(&sav->sah->savtree_larval, sav, chain);
4813 TAILQ_REMOVE(&sav->sah->savtree_alive, sav, chain);
4837 sah = LIST_FIRST(&emptyq);
4838 while (sah != NULL) {
4839 nextsah = LIST_NEXT(sah, drainq);
4841 if (sah->state == SADB_SASTATE_DEAD ||
4842 !TAILQ_EMPTY(&sah->savtree_larval) ||
4843 !TAILQ_EMPTY(&sah->savtree_alive)) {
4844 LIST_REMOVE(sah, drainq);
4845 key_freesah(&sah); /* release extra reference */
4846 sah = nextsah;
4849 TAILQ_REMOVE(&V_sahtree, sah, chain);
4850 LIST_REMOVE(sah, addrhash);
4851 sah->state = SADB_SASTATE_DEAD;
4852 sah = nextsah;
4861 key_freesah(&sav->sah); /* release reference from SAV */
4877 key_freesah(&sav->sah); /* release reference from SAV */
4890 sah = LIST_FIRST(&emptyq);
4891 while (sah != NULL) {
4892 nextsah = LIST_NEXT(sah, drainq);
4893 key_freesah(&sah); /* release extra reference */
4894 key_freesah(&sah); /* release last reference */
4895 sah = nextsah;
5294 struct secashead *sah;
5299 LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
5300 if (sah->saidx.proto != IPPROTO_TCP)
5302 if (!key_sockaddrcmp(&saidx->dst.sa, &sah->saidx.dst.sa, 0) &&
5303 !key_sockaddrcmp(&saidx->src.sa, &sah->saidx.src.sa, 0))
5306 if (sah != NULL) {
5308 sav = TAILQ_LAST(&sah->savtree_alive, secasvar_queue);
5310 sav = TAILQ_FIRST(&sah->savtree_alive);
5344 struct secashead *sah;
5373 sah = key_getsah(saidx);
5374 if (sah == NULL) {
5376 sah = key_newsah(saidx);
5377 if (sah == NULL) {
5390 if (sav->sah->saidx.proto != IPPROTO_ESP ||
5400 sah = sav->sah;
5445 newsav->sah = sah;
5466 TAILQ_REMOVE(&sav->sah->savtree_alive, sav, chain);
5475 TAILQ_FOREACH(tmp, &sah->savtree_alive, chain) {
5482 TAILQ_INSERT_TAIL(&sah->savtree_alive, newsav, chain);
5489 TAILQ_INSERT_HEAD(&V_sahtree, sah, chain);
5490 LIST_INSERT_HEAD(SAHADDRHASH_HASH(saidx), sah, addrhash);
5491 sah->state = SADB_SASTATE_MATURE;
5492 SAH_ADDREF(sah); /* newsav references new SAH */
5495 * isnew == 1 -> @sah was referenced by key_getsah().
5496 * isnew == 0 -> we use the same @sah, that was used by @sav,
5525 key_freesah(&sah);
5648 if (key_cmpsaidx(&sav->sah->saidx, &saidx, CMP_MODE_REQID) == 0) {
5688 TAILQ_REMOVE(&sav->sah->savtree_larval, sav, chain);
5689 TAILQ_INSERT_HEAD(&sav->sah->savtree_alive, sav, chain);
5964 if (sav->sah->saidx.proto != IPPROTO_ESP)
6042 if (sav->sah->saidx.mode != IPSEC_MODE_TUNNEL) {
6057 sav->sah->saidx.src.sin.sin_addr.s_addr) {
6061 addr = sav->sah->saidx.src.sin.sin_addr.s_addr;
6080 &sav->sah->saidx.src.sin6.sin6_addr.s6_addr,
6087 ~sav->sah->saidx.src.sin6.sin6_addr.s6_addr16[i]);
6114 sav->sah->saidx.dst.sin.sin_addr.s_addr) {
6118 addr = sav->sah->saidx.dst.sin.sin_addr.s_addr;
6137 &sav->sah->saidx.dst.sin6.sin6_addr.s6_addr, 16) != 0) {
6143 ~sav->sah->saidx.dst.sin6.sin6_addr.s6_addr16[i]);
6163 key_setident(struct secashead *sah, const struct sadb_msghdr *mhp)
6167 IPSEC_ASSERT(sah != NULL, ("null secashead"));
6174 sah->idents = NULL;
6175 sah->identd = NULL;
6200 sah->idents = NULL;
6201 sah->identd = NULL;
6206 sah->idents = malloc(sizeof(struct secident), M_IPSEC_MISC, M_NOWAIT);
6207 if (sah->idents == NULL) {
6211 sah->identd = malloc(sizeof(struct secident), M_IPSEC_MISC, M_NOWAIT);
6212 if (sah->identd == NULL) {
6213 free(sah->idents, M_IPSEC_MISC);
6214 sah->idents = NULL;
6218 sah->idents->type = idsrc->sadb_ident_type;
6219 sah->idents->id = idsrc->sadb_ident_id;
6221 sah->identd->type = iddst->sadb_ident_type;
6222 sah->identd->id = iddst->sadb_ident_id;
6345 if (key_cmpsaidx(&sav->sah->saidx, &saidx, CMP_HEAD) == 0) {
6389 struct secashead *sah;
6394 LIST_FOREACH(sah, SAHADDRHASH_HASH(saidx), addrhash) {
6395 if (key_cmpsaidx(&sah->saidx, saidx, CMP_HEAD) == 0)
6398 TAILQ_CONCAT(&drainq, &sah->savtree_alive, chain);
6414 key_freesah(&sav->sah); /* release reference from SAV */
6452 struct secashead *sah;
6457 TAILQ_FOREACH(sah, &V_sahtree, chain) {
6458 sav = TAILQ_FIRST(&sah->savtree_alive);
6467 TAILQ_CONCAT(&drainq, &sah->savtree_alive, chain);
6484 key_freesah(&sav->sah); /* release reference from SAV */
6560 if (key_cmpsaidx(&sav->sah->saidx, &saidx, CMP_HEAD) == 0) {
6572 if ((satype = key_proto2satype(sav->sah->saidx.proto)) == 0) {
7277 struct secashead *sah;
7369 LIST_FOREACH(sah, SAHADDRHASH_HASH(&saidx), addrhash) {
7370 if (key_cmpsaidx(&sah->saidx, &saidx, CMP_MODE_REQID))
7374 if (sah != NULL) {
7598 IPSEC_ASSERT (sav->sah != NULL, ("null sa header"));
7605 satype = key_proto2satype(sav->sah->saidx.proto);
7627 m = key_setsadbxsa2(sav->sah->saidx.mode, replay_count,
7628 sav->sah->saidx.reqid);
7682 &sav->sah->saidx.src.sa,
7692 &sav->sah->saidx.dst.sa,
7737 struct secashead *sah, *nextsah;
7740 sah = TAILQ_FIRST(flushq);
7741 while (sah != NULL) {
7742 sav = TAILQ_FIRST(&sah->savtree_larval);
7745 TAILQ_REMOVE(&sah->savtree_larval, sav, chain);
7747 key_freesah(&sah); /* release reference from SAV */
7750 sav = TAILQ_FIRST(&sah->savtree_alive);
7753 TAILQ_REMOVE(&sah->savtree_alive, sav, chain);
7755 key_freesah(&sah); /* release reference from SAV */
7758 nextsah = TAILQ_NEXT(sah, chain);
7759 key_freesah(&sah); /* release last reference */
7760 sah = nextsah;
7781 struct secashead *sah, *nextsah;
7812 TAILQ_FOREACH(sah, &flushq, chain) {
7813 sah->state = SADB_SASTATE_DEAD;
7821 TAILQ_FOREACH(sav, &sah->savtree_larval, chain) {
7825 TAILQ_FOREACH(sav, &sah->savtree_alive, chain) {
7833 sah = TAILQ_FIRST(&V_sahtree);
7834 while (sah != NULL) {
7835 IPSEC_ASSERT(sah->state != SADB_SASTATE_DEAD,
7836 ("DEAD SAH %p in SADB_FLUSH", sah));
7837 nextsah = TAILQ_NEXT(sah, chain);
7838 if (sah->saidx.proto != proto) {
7839 sah = nextsah;
7842 sah->state = SADB_SASTATE_DEAD;
7843 TAILQ_REMOVE(&V_sahtree, sah, chain);
7844 LIST_REMOVE(sah, addrhash);
7846 TAILQ_FOREACH(sav, &sah->savtree_larval, chain) {
7851 TAILQ_FOREACH(sav, &sah->savtree_alive, chain) {
7857 TAILQ_INSERT_HEAD(&flushq, sah, chain);
7858 sah = nextsah;
7898 struct secashead *sah;
7920 TAILQ_FOREACH(sah, &V_sahtree, chain) {
7922 proto != sah->saidx.proto)
7925 TAILQ_FOREACH(sav, &sah->savtree_larval, chain)
7927 TAILQ_FOREACH(sav, &sah->savtree_alive, chain)
7938 TAILQ_FOREACH(sah, &V_sahtree, chain) {
7940 proto != sah->saidx.proto)
7944 if ((satype = key_proto2satype(sah->saidx.proto)) == 0) {
7951 TAILQ_FOREACH(sav, &sah->savtree_larval, chain) {
7961 TAILQ_FOREACH(sav, &sah->savtree_alive, chain) {
8669 struct secashead *sah;
8703 TAILQ_FOREACH(sah, &sahdrainq, chain) {
8704 sah->state = SADB_SASTATE_DEAD;
8705 TAILQ_FOREACH(sav, &sah->savtree_larval, chain) {
8709 TAILQ_FOREACH(sav, &sah->savtree_alive, chain) {