Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/sys/netipsec Calculate ah_max_authsize on initialization as ...



details:   https://anonhg.NetBSD.org/src/rev/ec213d82b116
branches:  trunk
changeset: 355192:ec213d82b116
user:      ozaki-r <ozaki-r%NetBSD.org@localhost>
date:      Tue Jul 18 04:01:04 2017 +0000

description:
Calculate ah_max_authsize on initialization as well as esp_max_ivlen

diffstat:

 sys/netipsec/xform_ah.c |  37 +++++++++++++++++++++++++++++++++----
 1 files changed, 33 insertions(+), 4 deletions(-)

diffs (71 lines):

diff -r 3f83b69fc3c5 -r ec213d82b116 sys/netipsec/xform_ah.c
--- a/sys/netipsec/xform_ah.c   Tue Jul 18 02:16:07 2017 +0000
+++ b/sys/netipsec/xform_ah.c   Tue Jul 18 04:01:04 2017 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: xform_ah.c,v 1.61 2017/07/14 12:26:26 ozaki-r Exp $    */
+/*     $NetBSD: xform_ah.c,v 1.62 2017/07/18 04:01:04 ozaki-r Exp $    */
 /*     $FreeBSD: src/sys/netipsec/xform_ah.c,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $   */
 /*     $OpenBSD: ip_ah.c,v 1.63 2001/06/26 06:18:58 angelos Exp $ */
 /*
@@ -39,7 +39,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform_ah.c,v 1.61 2017/07/14 12:26:26 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform_ah.c,v 1.62 2017/07/18 04:01:04 ozaki-r Exp $");
 
 #if defined(_KERNEL_OPT)
 #include "opt_inet.h"
@@ -114,6 +114,8 @@
 
 static unsigned char ipseczeroes[256]; /* larger than an ip6 extension hdr */
 
+static int ah_max_authsize;            /* max authsize over all algorithms */
+
 static int ah_input_cb(struct cryptop *);
 static int ah_output_cb(struct cryptop *);
 
@@ -164,8 +166,7 @@
                size = roundup(authsize, sizeof(uint32_t)) + HDRSIZE(sav);
        } else {
                /* default guess */
-               size = sizeof(struct ah) + sizeof(uint32_t) +
-                   32 /* XXX need to update when max authsize is changed */;
+               size = sizeof(struct ah) + sizeof(uint32_t) + ah_max_authsize;
        }
        return size;
 }
@@ -1286,5 +1287,33 @@
 ah_attach(void)
 {
        ahstat_percpu = percpu_alloc(sizeof(uint64_t) * AH_NSTATS);
+
+#define MAXAUTHSIZE(name)                                              \
+       if ((auth_hash_ ## name).authsize > ah_max_authsize)            \
+               ah_max_authsize = (auth_hash_ ## name).authsize
+
+       ah_max_authsize = 0;
+       MAXAUTHSIZE(null);
+       MAXAUTHSIZE(md5);
+       MAXAUTHSIZE(sha1);
+       MAXAUTHSIZE(key_md5);
+       MAXAUTHSIZE(key_sha1);
+       MAXAUTHSIZE(hmac_md5);
+       MAXAUTHSIZE(hmac_sha1);
+       MAXAUTHSIZE(hmac_ripemd_160);
+       MAXAUTHSIZE(hmac_md5_96);
+       MAXAUTHSIZE(hmac_sha1_96);
+       MAXAUTHSIZE(hmac_ripemd_160_96);
+       MAXAUTHSIZE(hmac_sha2_256);
+       MAXAUTHSIZE(hmac_sha2_384);
+       MAXAUTHSIZE(hmac_sha2_512);
+       MAXAUTHSIZE(aes_xcbc_mac_96);
+       MAXAUTHSIZE(gmac_aes_128);
+       MAXAUTHSIZE(gmac_aes_192);
+       MAXAUTHSIZE(gmac_aes_256);
+       IPSECLOG(LOG_DEBUG, "ah_max_authsize=%d\n", ah_max_authsize);
+
+#undef MAXAUTHSIZE
+
        xform_register(&ah_xformsw);
 }



Home | Main Index | Thread Index | Old Index