| /netbsd-src/crypto/dist/ipsec-tools/src/racoon/ |
| H A D | remoteconf.c | 95 rmconf_match_identity(rmconf, id_p) in rmconf_match_identity() argument 96 struct remoteconf *rmconf; in rmconf_match_identity() 107 if (!genlist_next(rmconf->idvl_p, 0)) 110 for (id = genlist_next(rmconf->idvl_p, &gpb); id; id = genlist_next(0, &gpb)) { 159 if (rmconf->verify_identifier) 166 rmconf_match_etype_and_approval(struct remoteconf *rmconf, int etype, in rmconf_match_etype_and_approval() argument 169 if (check_etypeok(rmconf, (void *) (intptr_t) etype) == 0) in rmconf_match_etype_and_approval() 176 approval->dh_group != rmconf->dh_group) in rmconf_match_etype_and_approval() 179 if (checkisakmpsa(rmconf->pcheck_level, approval, in rmconf_match_etype_and_approval() 180 rmconf->proposal) == NULL) in rmconf_match_etype_and_approval() [all …]
|
| H A D | nattraversal.c | 132 if (iph1->rmconf != NULL && iph1->rmconf->nat_traversal == NATT_FORCE) in natt_hash_addr() 194 if (iph1->rmconf != NULL && in natt_compare_addr_hash() 195 iph1->rmconf->nat_traversal == NATT_FORCE) in natt_compare_addr_hash() 311 natt_is_enabled(struct remoteconf *rmconf, void *args) in natt_is_enabled() argument 313 if (rmconf->nat_traversal) in natt_is_enabled() 321 if (iph1->rmconf == NULL) { in natt_handle_vendorid() 323 struct rmconfselector rmconf; in natt_handle_vendorid() local 324 rmconf_selector_from_ph1(&rmconf, iph1); in natt_handle_vendorid() 325 if (enumrmconf(&rmconf, natt_is_enabled, NULL) == 0) in natt_handle_vendorid() 328 if (!iph1->rmconf->nat_traversal) in natt_handle_vendorid() [all …]
|
| H A D | isakmp_agg.c | 157 iph1->sa = ipsecdoi_setph1proposal(iph1->rmconf, iph1->rmconf->proposal); 162 if (iph1->rmconf->dhgrp == NULL) { 169 if (oakley_dh_generate(iph1->rmconf->dhgrp, 174 iph1->nonce = eay_set_random(iph1->rmconf->nonce_size); 180 switch (iph1->rmconf->proposal->authmethod) { 201 if (iph1->rmconf->ike_frag) { 213 s_oakley_attr_method(iph1->rmconf->proposal->authmethod)); 215 if (iph1->rmconf->proposal->authmethod == OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB) 232 if (iph1->rmconf->proposal->authmethod == OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB) { 242 if (oakley_needcr(iph1->rmconf->proposal->authmethod)) [all …]
|
| H A D | admin.c | 426 struct remoteconf *rmconf; local 443 rmconf = getrmconf(dst, 0); 445 rmconf = getrmconf_by_name(name); 446 if (rmconf == NULL) { 457 if (xauth_rmconf_used(&rmconf->xauth) == -1) 460 if (rmconf->xauth->login != NULL) { 461 vfree(rmconf->xauth->login); 462 rmconf->xauth->login = NULL; 464 if (rmconf->xauth->pass != NULL) { 465 vfree(rmconf->xauth->pass); [all …]
|
| H A D | handler.c | 242 struct remoteconf *rmconf; local 248 rmconf = getrmconf_by_ph1(iph1); 249 if (rmconf == NULL) 251 if (rmconf == RMCONF_ERR_MULTIPLE) 254 if (iph1->rmconf != NULL) { 255 if (rmconf != iph1->rmconf) { 261 iph1->rmconf = rmconf; 521 if (iph1->rmconf == NULL) 523 if (iph1->rmconf->rekey == REKEY_FORCE) 526 if (iph1->rmconf->rekey == REKEY_ON && iph1->dpd_support && [all …]
|
| H A D | remoteconf.h | 167 #define RMCONF_NONCE_SIZE(rmconf) \ argument 168 (rmconf != NULL ? rmconf->nonce_size : DEFAULT_NONCE_SIZE) 189 int (* enum_func)(struct remoteconf *rmconf, void *arg), 197 extern int rmconf_match_identity __P((struct remoteconf *rmconf,
|
| H A D | cfparse.y | 279 struct remoteconf *rmconf; member 2634 insspspec(rmconf, spspec) in insspspec() argument 2635 struct remoteconf *rmconf; in insspspec() 2638 if (rmconf->spspec != NULL) 2639 rmconf->spspec->prev = spspec; 2640 spspec->next = rmconf->spspec; 2641 rmconf->spspec = spspec; 2703 flushspspec(rmconf) in flushspspec() argument 2704 struct remoteconf *rmconf; in flushspspec() 2708 while(rmconf->spspec != NULL) { [all …]
|
| H A D | oakley.c | 1379 certtype = oakley_get_certtype(iph1->rmconf->peerscert); 1389 if (!iph1->rmconf->verify_cert) 1397 if (iph1->rmconf->cacertfile != NULL) { 1400 iph1->rmconf->cacertfile); 1426 if (iph1->rmconf->peerscert == NULL) { 1437 iph1->cert_p = vdup(iph1->rmconf->peerscert); 1463 oakley_get_certtype(iph1->rmconf->peerscert)); 1472 if (iph1->rmconf->verify_cert) { 1503 certtype = oakley_get_certtype(iph1->rmconf->peerscert); 1557 if (iph1->rmconf->xauth) [all …]
|
| H A D | isakmp_base.c | 146 iph1->sa = ipsecdoi_setph1proposal(iph1->rmconf, 147 iph1->rmconf->proposal); 152 iph1->nonce = eay_set_random(iph1->rmconf->nonce_size); 158 switch (iph1->rmconf->proposal->authmethod) { 179 if (iph1->rmconf->ike_frag) { 191 if (iph1->rmconf->nat_traversal) { 235 if (iph1->rmconf->dpd) { 488 if (iph1->cert && iph1->rmconf->send_cert) 931 iph1->nonce = eay_set_random(iph1->rmconf->nonce_size); 978 if (iph1->dpd_support && iph1->rmconf->dpd) { [all …]
|
| H A D | isakmp.c | 889 iph1->rmconf->ini_contact = 0; 892 if (iph1->rmconf->mode_cfg) 902 if(iph1->dpd_support && iph1->rmconf->dpd_interval) 909 && iph1->rmconf->ini_contact && !getcontacted(iph1->remote)) { 932 !iph1->rmconf->mode_cfg) { 950 if ((iph1->rmconf->mode_cfg) && 1042 isakmp_ph1begin_i(rmconf, remote, local) in isakmp_ph1begin_i() argument 1043 struct remoteconf *rmconf; in isakmp_ph1begin_i() 1057 iph1->rmconf = rmconf; 1074 if(rmconf->ike_frag == ISAKMP_FRAG_FORCE) [all …]
|
| H A D | isakmp_xauth.c | 1549 if (!iph1->rmconf->xauth || !iph1->rmconf->xauth->login) { 1555 dlen = iph1->rmconf->xauth->login->l - 1; 1556 iph1->rmconf->xauth->state |= XAUTH_SENT_USERNAME; 1560 if (!iph1->rmconf->xauth || !iph1->rmconf->xauth->login) 1564 usr = vmalloc(iph1->rmconf->xauth->login->l - 1 + skip); 1572 iph1->rmconf->xauth->login->v, 1573 iph1->rmconf->xauth->login->l - 1); 1575 if (iph1->rmconf->xauth->pass) { 1577 pwd = iph1->rmconf->xauth->pass; 1582 iph1->rmconf->xauth->login->v); [all …]
|
| H A D | gssapi.c | 195 if (iph1->rmconf == NULL) { in gssapi_init() 210 if (iph1->rmconf->proposal->gssid != NULL) { in gssapi_init() 211 id_token.length = iph1->rmconf->proposal->gssid->l; in gssapi_init() 212 id_token.value = iph1->rmconf->proposal->gssid->v; in gssapi_init() 697 if (iph1->rmconf->proposal->gssid != NULL) in gssapi_get_id() 698 return (vdup(iph1->rmconf->proposal->gssid)); in gssapi_get_id()
|
| H A D | isakmp_ident.c | 145 iph1->sa = ipsecdoi_setph1proposal(iph1->rmconf, 146 iph1->rmconf->proposal); 155 if (iph1->rmconf->nat_traversal) 160 switch (iph1->rmconf->proposal->authmethod) { 188 if (iph1->rmconf->ike_frag) { 201 if(iph1->rmconf->dpd){ 376 iph1->nonce = eay_set_random(iph1->rmconf->nonce_size); 991 gss_sa = ipsecdoi_setph1proposal(iph1->rmconf, iph1->approval); 1268 iph1->nonce = eay_set_random(RMCONF_NONCE_SIZE(iph1->rmconf)); 1783 if (iph1->cert != NULL && iph1->rmconf->send_cert)
|
| H A D | ipsec_doi.c | 272 if (iph1->rmconf != NULL) { 273 if (get_ph1approvalx(iph1->rmconf, &ctx)) 316 if (iph1->rmconf->proposal->gssid != NULL) 317 iph1->gi_i = vdup(iph1->rmconf->proposal->gssid); 350 get_ph1approvalx(rmconf, ctx) in get_ph1approvalx() argument 351 struct remoteconf *rmconf; in get_ph1approvalx() 358 sa = checkisakmpsa(rmconf->pcheck_level, pctx->sa, rmconf->proposal); 365 switch (rmconf->pcheck_level) { 2602 ipsecdoi_setph1proposal(rmconf, props) in ipsecdoi_setph1proposal() argument 2603 struct remoteconf *rmconf; in ipsecdoi_setph1proposal() [all …]
|
| H A D | vendorid.c | 277 (iph1->rmconf == NULL || iph1->rmconf->dpd)) { in handle_vendorid()
|
| H A D | isakmp_inf.c | 490 if((iph1 == NULL || !iph1->rmconf->weak_phase1_check) && !encrypted) { 801 n->doi = htonl(iph1->rmconf->doitype); 1492 if (iph1->dpd_fails >= iph1->rmconf->dpd_maxfails) { 1548 "rescheduling send_r_u (%d).\n", iph1->rmconf->dpd_retry); 1558 iph1->rmconf == NULL) 1563 iph1->rmconf->dpd_interval == 0) 1567 sched_schedule(&iph1->dpd_r_u, iph1->rmconf->dpd_retry, 1570 sched_schedule(&iph1->dpd_r_u, iph1->rmconf->dpd_interval,
|
| H A D | rsalist.c | 237 list = iph1->rmconf->rsa_private; in rsa_lookup_keys() 239 list = iph1->rmconf->rsa_public; in rsa_lookup_keys()
|
| H A D | pfkey.c | 1197 sa_args.l_natt_frag = iph2->ph1->rmconf->esp_frag; 1484 sa_args.l_natt_frag = iph2->ph1->rmconf->esp_frag; 2883 struct remoteconf *rmconf; local 2903 rmconf = getrmconf(ma->remote, 0); 2904 if (rmconf == NULL || !rmconf->passive) { 2922 isakmp_ph1begin_i(rmconf, ma->local, ma->remote); 3063 struct remoteconf *rmconf; local 3071 if (iph2->ph1 && iph2->ph1->rmconf) 3072 rmconf = iph2->ph1->rmconf; 3074 rmconf = getrmconf(iph2->dst, 0); [all …]
|
| H A D | isakmp_quick.c | 218 iph2->nonce = eay_set_random(iph2->ph1->rmconf->nonce_size); 266 iph2->ph1->rmconf->support_proxy == 0 && 1508 iph2->nonce = eay_set_random(iph2->ph1->rmconf->nonce_size); 2198 iph2->sainfo = getsainfo(idsrc, iddst, iph2->ph1->id_p, client, iph2->ph1->rmconf->ph1id); 2452 if (iph2->ph1->rmconf->gen_policy) { 2472 if (iph2->ph1->rmconf->gen_policy) { 2563 if (iph1 != NULL && iph1->rmconf != NULL) { 2564 check_level = iph1->rmconf->pcheck_level;
|
| H A D | proposal.c | 217 switch (ph1->rmconf->pcheck_level) { 477 if (cmpsatrns(pr1->proto_id, tr1, tr2, ph1->rmconf->pcheck_level) == 0) 1245 if (iph2->ph1->rmconf->gen_policy == GENERATE_POLICY_UNIQUE){
|
| H A D | handler.h | 126 struct remoteconf *rmconf; /* pointer to remote configuration */ member
|
| H A D | TODO | 78 o local address's field in isakmpsa handler must be kicked out to rmconf.
|
| H A D | isakmp_cfg.c | 449 iph1->rmconf->mode_cfg) { 749 if ((iph1 != NULL) && (iph1->rmconf->mode_cfg) && (error == 0))
|
| /netbsd-src/crypto/dist/ipsec-tools/ |
| H A D | ChangeLog.old | 518 - Sets p->rmconf to NULL if no new
|