#include <sys/param.h>
#include <sys/systm.h>
#include <sys/malloc.h>
#include <sys/mbuf.h>
#include <sys/domain.h>
#include <sys/protosw.h>
#include <sys/socket.h>
#include <sys/errno.h>
#include <sys/time.h>
#include <sys/kernel.h>
#include <sys/syslog.h>
#include <net/if.h>
#include <net/route.h>
#include <libkern/zlib.h>
#include <kern/cpu_number.h>
#include <kern/locks.h>
#include <netinet/in.h>
#include <netinet/in_systm.h>
#include <netinet/in_var.h>
#include <netinet/ip.h>
#include <netinet/ip_var.h>
#include <netinet/ip_ecn.h>
#if INET6
#include <netinet/ip6.h>
#include <netinet6/ip6_var.h>
#endif
#include <netinet6/ipcomp.h>
#if INET6
#include <netinet6/ipcomp6.h>
#endif
#include <netinet6/ipsec.h>
#if INET6
#include <netinet6/ipsec6.h>
#endif
#include <netkey/key.h>
#include <netkey/keydb.h>
#include <net/net_osdep.h>
static int ipcomp_output(struct mbuf *, u_char *, struct mbuf *,
int, struct secasvar *sav);
static int
ipcomp_output(m, nexthdrp, md, af, sav)
struct mbuf *m;
u_char *nexthdrp;
struct mbuf *md;
int af;
struct secasvar *sav;
{
struct mbuf *n;
struct mbuf *md0;
struct mbuf *mcopy;
struct mbuf *mprev;
struct ipcomp *ipcomp;
const struct ipcomp_algorithm *algo;
u_int16_t cpi;
size_t plen0, plen;
size_t compoff;
int afnumber;
int error = 0;
struct ipsecstat *stat;
switch (af) {
#if INET
case AF_INET:
afnumber = 4;
stat = &ipsecstat;
break;
#endif
#if INET6
case AF_INET6:
afnumber = 6;
stat = &ipsec6stat;
break;
#endif
default:
ipseclog((LOG_ERR, "ipcomp_output: unsupported af %d\n", af));
return 0;
}
algo = ipcomp_algorithm_lookup(sav->alg_enc);
if ((ntohl(sav->spi) & ~0xffff) != 0 || !algo) {
IPSEC_STAT_INCREMENT(stat->out_inval);
m_freem(m);
return EINVAL;
}
if ((sav->flags & SADB_X_EXT_RAWCPI) == 0)
cpi = sav->alg_enc;
else
cpi = ntohl(sav->spi) & 0xffff;
plen = 0;
for (n = md; n; n = n->m_next)
plen += n->m_len;
if (plen < algo->minplen)
return 0;
mcopy = m_copym(m, 0, M_COPYALL, M_NOWAIT);
if (mcopy == NULL) {
error = ENOBUFS;
return 0;
}
md0 = m_copym(md, 0, M_COPYALL, M_NOWAIT);
if (md0 == NULL) {
m_freem(mcopy);
error = ENOBUFS;
return 0;
}
plen0 = plen;
for (mprev = m; mprev && mprev->m_next != md; mprev = mprev->m_next)
;
if (mprev == NULL || mprev->m_next != md) {
ipseclog((LOG_DEBUG, "ipcomp%d_output: md is not in chain\n",
afnumber));
IPSEC_STAT_INCREMENT(stat->out_inval);
m_freem(m);
m_freem(md0);
m_freem(mcopy);
return EINVAL;
}
mprev->m_next = NULL;
if ((md = ipsec_copypkt(md)) == NULL) {
m_freem(m);
m_freem(md0);
m_freem(mcopy);
error = ENOBUFS;
goto fail;
}
mprev->m_next = md;
if ((*algo->compress)(m, md, &plen) || mprev->m_next == NULL) {
ipseclog((LOG_ERR, "packet compression failure\n"));
m = NULL;
m_freem(md0);
m_freem(mcopy);
IPSEC_STAT_INCREMENT(stat->out_inval);
error = EINVAL;
goto fail;
}
IPSEC_STAT_INCREMENT(stat->out_comphist[sav->alg_enc]);
md = mprev->m_next;
if (plen0 < plen) {
m_freem(md);
m_freem(mcopy);
mprev->m_next = md0;
return 0;
}
m_freem(md0);
md0 = NULL;
m->m_pkthdr.len -= plen0;
m->m_pkthdr.len += plen;
{
#if INET
struct ip *ip = NULL;
#endif
#if INET6
struct ip6_hdr *ip6 = NULL;
#endif
size_t hlen = 0;
size_t complen = sizeof(struct ipcomp);
switch (af) {
#if INET
case AF_INET:
ip = mtod(m, struct ip *);
#ifdef _IP_VHL
hlen = IP_VHL_HL(ip->ip_vhl) << 2;
#else
hlen = ip->ip_hl << 2;
#endif
break;
#endif
#if INET6
case AF_INET6:
ip6 = mtod(m, struct ip6_hdr *);
hlen = sizeof(*ip6);
break;
#endif
}
compoff = m->m_pkthdr.len - plen;
if (M_LEADINGSPACE(md) < complen) {
MGET(n, M_DONTWAIT, MT_DATA);
if (!n) {
m_freem(m);
error = ENOBUFS;
goto fail;
}
n->m_len = complen;
mprev->m_next = n;
n->m_next = md;
m->m_pkthdr.len += complen;
ipcomp = mtod(n, struct ipcomp *);
} else {
md->m_len += complen;
md->m_data -= complen;
m->m_pkthdr.len += complen;
ipcomp = mtod(md, struct ipcomp *);
}
bzero(ipcomp, sizeof(*ipcomp));
ipcomp->comp_nxt = *nexthdrp;
*nexthdrp = IPPROTO_IPCOMP;
ipcomp->comp_cpi = htons(cpi);
switch (af) {
#if INET
case AF_INET:
if (compoff + complen + plen < IP_MAXPACKET)
ip->ip_len = htons(compoff + complen + plen);
else {
ipseclog((LOG_ERR,
"IPv4 ESP output: size exceeds limit\n"));
IPSEC_STAT_INCREMENT(ipsecstat.out_inval);
m_freem(m);
error = EMSGSIZE;
goto fail;
}
break;
#endif
#if INET6
case AF_INET6:
break;
#endif
}
}
if (!m) {
ipseclog((LOG_DEBUG,
"NULL mbuf after compression in ipcomp%d_output",
afnumber));
IPSEC_STAT_INCREMENT(stat->out_inval);
}
IPSEC_STAT_INCREMENT(stat->out_success);
key_sa_recordxfer(sav, mcopy);
m_freem(mcopy);
return 0;
fail:
#if 1
return error;
#else
panic("something bad in ipcomp_output");
#endif
}
#if INET
int
ipcomp4_output(m, sav)
struct mbuf *m;
struct secasvar *sav;
{
struct ip *ip;
if (m->m_len < sizeof(struct ip)) {
ipseclog((LOG_DEBUG, "ipcomp4_output: first mbuf too short\n"));
IPSEC_STAT_INCREMENT(ipsecstat.out_inval);
m_freem(m);
return 0;
}
ip = mtod(m, struct ip *);
return ipcomp_output(m, &ip->ip_p, m->m_next, AF_INET, sav);
}
#endif
#if INET6
int
ipcomp6_output(m, nexthdrp, md, sav)
struct mbuf *m;
u_char *nexthdrp;
struct mbuf *md;
struct secasvar *sav;
{
if (m->m_len < sizeof(struct ip6_hdr)) {
ipseclog((LOG_DEBUG, "ipcomp6_output: first mbuf too short\n"));
IPSEC_STAT_INCREMENT(ipsec6stat.out_inval);
m_freem(m);
return 0;
}
return ipcomp_output(m, nexthdrp, md, AF_INET6, sav);
}
#endif