Symbol: exchange
lib/libc/asr/asr_debug.c
94
print_dname(rr->rr.mx.exchange, tmp, sizeof tmp));
lib/libc/asr/asr_private.h
75
char exchange[MAXDNAME];
lib/libc/asr/asr_utils.c
309
unpack_dname(p, rr->rr.mx.exchange, sizeof(rr->rr.mx.exchange));
regress/lib/libc/asr/bin/common.c
603
unpack_dname(p, rr->rr.mx.exchange, sizeof(rr->rr.mx.exchange));
regress/lib/libc/asr/bin/common.h
103
char exchange[MAXDNAME];
regress/lib/libc/asr/bin/res_mkquery.c
227
print_dname(rr->rr.mx.exchange, tmp, sizeof tmp));
regress/lib/libc/asr/bin/res_query.c
263
print_dname(rr->rr.mx.exchange, tmp, sizeof tmp));
regress/sbin/iked/parser/common.c
219
struct iked_message *msg, uint8_t exchange)
regress/sbin/iked/parser/common.c
70
uint8_t firstpayload, uint8_t exchange, int response)
sbin/iked/dh.c
319
group->exchange = modp_create_exchange;
sbin/iked/dh.c
326
group->exchange = ec_create_exchange;
sbin/iked/dh.c
332
group->exchange = ec25519_create_exchange;
sbin/iked/dh.c
403
return (group->exchange(group, ibuf_data(buf)));
sbin/iked/dh.c
407
dh_create_shared(struct dh_group *group, struct ibuf **secretp, struct ibuf *exchange)
sbin/iked/dh.c
413
return (group->shared2(group, secretp, exchange));
sbin/iked/dh.c
414
if (exchange == NULL ||
sbin/iked/dh.c
415
(ssize_t)ibuf_size(exchange) != dh_getlen(group))
sbin/iked/dh.c
421
return (group->shared(group, ibuf_data(buf), ibuf_data(exchange)));
sbin/iked/dh.c
484
modp_create_shared(struct dh_group *group, uint8_t *secret, uint8_t *exchange)
sbin/iked/dh.c
491
if ((ex = BN_bin2bn(exchange, len, NULL)) == NULL)
sbin/iked/dh.c
556
ec_create_shared(struct dh_group *group, uint8_t *secret, uint8_t *exchange)
sbin/iked/dh.c
569
ec_raw2point(group, exchange, ec_getlen(group))) == NULL)
sbin/iked/dh.c
836
struct ibuf *exchange)
sbin/iked/dh.c
850
if (exchange == NULL)
sbin/iked/dh.c
853
have = ibuf_size(exchange);
sbin/iked/dh.c
854
cp = ibuf_data(exchange);
sbin/iked/dh.h
51
int (*exchange)(struct dh_group *, uint8_t *);
sbin/iked/ikev2.c
1905
uint8_t exchange, uint8_t flags)
sbin/iked/ikev2.c
1918
hdr->ike_exchange = exchange;
sbin/iked/ikev2.c
3525
int ret = -1, exchange, response;
sbin/iked/ikev2.c
3545
exchange = IKEV2_EXCHANGE_INFORMATIONAL;
sbin/iked/ikev2.c
3548
exchange = IKEV2_EXCHANGE_IKE_AUTH;
sbin/iked/ikev2.c
3552
exchange, response);
sbin/iked/ikev2.c
3553
if (exchange == IKEV2_EXCHANGE_INFORMATIONAL)
sbin/iked/ikev2.c
3676
struct iked_message *msg, uint8_t exchange)
sbin/iked/ikev2.c
3688
exchange, 1);
sbin/iked/ikev2.c
4078
uint8_t firstpayload, uint8_t exchange, int response)
sbin/iked/ikev2.c
4100
ret = ikev2_msg_send_encrypt(env, sa, &e, exchange, firstpayload,
sbin/iked/ikev2_msg.c
1265
struct iked_message *msg, uint8_t exchange)
sbin/iked/ikev2_msg.c
1272
TAILQ_FIRST(&mr->mrt_frags)->msg_exchange == exchange)
sbin/iked/ikev2_msg.c
278
uint8_t exchange, flags;
sbin/iked/ikev2_msg.c
288
exchange = hdr->ike_exchange;
sbin/iked/ikev2_msg.c
290
logit(exchange == IKEV2_EXCHANGE_INFORMATIONAL ? LOG_DEBUG : LOG_INFO,
sbin/iked/ikev2_msg.c
293
print_map(exchange, ikev2_exchange_map),
sbin/iked/ikev2_msg.c
338
m->msg_exchange = exchange;
sbin/iked/ikev2_msg.c
750
uint8_t exchange, uint8_t firstpayload, int response)
sbin/iked/ikev2_msg.c
760
return ikev2_send_encrypted_fragments(env, sa, e, exchange,
sbin/iked/ikev2_msg.c
773
exchange, response ? IKEV2_FLAG_RESPONSE : 0)) == NULL)
sbin/iked/ikev2_msg.c
815
struct ibuf *in, uint8_t exchange, uint8_t firstpayload, int response) {
sbin/iked/ikev2_msg.c
864
IKEV2_PAYLOAD_SKF, exchange, response ? IKEV2_FLAG_RESPONSE
sbin/isakmpd/cookie.c
54
cookie_gen(struct transport *t, struct exchange *exchange, u_int8_t *buf,
sbin/isakmpd/cookie.c
66
if (exchange->initiator == 0)
sbin/isakmpd/cookie.c
67
hash->Update(hash->ctx, exchange->cookies +
sbin/isakmpd/cookie.h
38
struct exchange;
sbin/isakmpd/cookie.h
41
extern void cookie_gen(struct transport *, struct exchange *, u_int8_t *,
sbin/isakmpd/dh.c
278
group->exchange = modp_create_exchange;
sbin/isakmpd/dh.c
288
group->exchange = ec_create_exchange;
sbin/isakmpd/dh.c
328
return (group->exchange(group, buf));
sbin/isakmpd/dh.c
332
dh_create_shared(struct group *group, u_int8_t *secret, u_int8_t *exchange)
sbin/isakmpd/dh.c
334
return (group->shared(group, secret, exchange));
sbin/isakmpd/dh.c
395
modp_create_shared(struct group *group, u_int8_t *secret, u_int8_t *exchange)
sbin/isakmpd/dh.c
402
if ((ex = BN_bin2bn(exchange, len, NULL)) == NULL)
sbin/isakmpd/dh.c
467
ec_create_shared(struct group *group, u_int8_t *secret, u_int8_t *exchange)
sbin/isakmpd/dh.c
480
ec_raw2point(group, exchange, ec_getlen(group))) == NULL)
sbin/isakmpd/dh.h
47
int (*exchange)(struct group *, u_int8_t *);
sbin/isakmpd/dnssec.c
66
struct exchange *exchange = msg->exchange;
sbin/isakmpd/dnssec.c
96
id = exchange->initiator ? exchange->id_r : exchange->id_i;
sbin/isakmpd/dnssec.c
97
id_len = exchange->initiator ? exchange->id_r_len : exchange->id_i_len;
sbin/isakmpd/doi.h
38
struct exchange;
sbin/isakmpd/doi.h
83
u_int8_t *, size_t, struct exchange *);
sbin/isakmpd/dpd.c
103
if (msg->exchange->flags & EXCHANGE_FLAG_DPD_CAP_PEER) {
sbin/isakmpd/dpd.c
120
msg->exchange->flags |= EXCHANGE_FLAG_DPD_CAP_PEER;
sbin/isakmpd/exchange.c
1050
exchange = exchange_create(1, 0, doi, type);
sbin/isakmpd/exchange.c
1051
if (!exchange)
sbin/isakmpd/exchange.c
1054
exchange->name = name ? strdup(name) : 0;
sbin/isakmpd/exchange.c
1055
if (name && !exchange->name) {
sbin/isakmpd/exchange.c
1057
exchange_free(exchange);
sbin/isakmpd/exchange.c
1060
exchange->policy = policy;
sbin/isakmpd/exchange.c
1073
exchange_free(exchange);
sbin/isakmpd/exchange.c
1083
exchange_add_finalization(exchange,
sbin/isakmpd/exchange.c
1090
cookie_gen(msg->transport, exchange, exchange->cookies +
sbin/isakmpd/exchange.c
1092
GET_ISAKMP_HDR_ICOOKIE(msg->iov[0].iov_base, exchange->cookies);
sbin/isakmpd/exchange.c
1093
exchange_enter(exchange);
sbin/isakmpd/exchange.c
1094
exchange_dump("exchange_setup_p1", exchange);
sbin/isakmpd/exchange.c
1095
return exchange;
sbin/isakmpd/exchange.c
1099
struct exchange *
sbin/isakmpd/exchange.c
1102
struct exchange *exchange;
sbin/isakmpd/exchange.c
1105
exchange = exchange_create(2, 0, doi, GET_ISAKMP_HDR_EXCH_TYPE(buf));
sbin/isakmpd/exchange.c
1106
if (!exchange)
sbin/isakmpd/exchange.c
1108
GET_ISAKMP_HDR_ICOOKIE(buf, exchange->cookies);
sbin/isakmpd/exchange.c
1110
exchange->cookies + ISAKMP_HDR_ICOOKIE_LEN);
sbin/isakmpd/exchange.c
1111
GET_ISAKMP_HDR_MESSAGE_ID(buf, exchange->message_id);
sbin/isakmpd/exchange.c
1113
exchange->flags |= EXCHANGE_FLAG_NAT_T_ENABLE;
sbin/isakmpd/exchange.c
1115
exchange->flags |= EXCHANGE_FLAG_NAT_T_KEEPALIVE;
sbin/isakmpd/exchange.c
1116
exchange_enter(exchange);
sbin/isakmpd/exchange.c
1117
exchange_dump("exchange_setup_p2", exchange);
sbin/isakmpd/exchange.c
1118
return exchange;
sbin/isakmpd/exchange.c
1123
exchange_dump_real(char *header, struct exchange *exchange, int class,
sbin/isakmpd/exchange.c
1133
header, exchange, exchange->name ? exchange->name : "<unnamed>",
sbin/isakmpd/exchange.c
1134
exchange->policy ? exchange->policy : "<no policy>",
sbin/isakmpd/exchange.c
1135
exchange->initiator ? "initiator" : "responder", exchange->phase,
sbin/isakmpd/exchange.c
1136
exchange->doi->id, exchange->type, exchange->step));
sbin/isakmpd/exchange.c
1138
decode_32(exchange->cookies), decode_32(exchange->cookies + 4),
sbin/isakmpd/exchange.c
1139
decode_32(exchange->cookies + 8),
sbin/isakmpd/exchange.c
1140
decode_32(exchange->cookies + 12)));
sbin/isakmpd/exchange.c
1143
if (exchange->phase == 2) {
sbin/isakmpd/exchange.c
1145
for (sa = TAILQ_FIRST(&exchange->sa_list);
sbin/isakmpd/exchange.c
1155
decode_32(exchange->message_id), buf));
sbin/isakmpd/exchange.c
1159
exchange_dump(char *header, struct exchange *exchange)
sbin/isakmpd/exchange.c
1161
exchange_dump_real(header, exchange, LOG_EXCHANGE, 10);
sbin/isakmpd/exchange.c
1167
struct exchange *exchange;
sbin/isakmpd/exchange.c
1171
for (exchange = LIST_FIRST(&exchange_tab[i]); exchange;
sbin/isakmpd/exchange.c
1172
exchange = LIST_NEXT(exchange, link))
sbin/isakmpd/exchange.c
1173
exchange_dump_real("exchange_report", exchange,
sbin/isakmpd/exchange.c
1185
struct exchange *exchange = v_exch;
sbin/isakmpd/exchange.c
1190
exchange));
sbin/isakmpd/exchange.c
1192
if (exchange->last_received)
sbin/isakmpd/exchange.c
1193
message_free(exchange->last_received);
sbin/isakmpd/exchange.c
1194
if (exchange->last_sent)
sbin/isakmpd/exchange.c
1195
message_free(exchange->last_sent);
sbin/isakmpd/exchange.c
1196
if (exchange->in_transit &&
sbin/isakmpd/exchange.c
1197
exchange->in_transit != exchange->last_sent)
sbin/isakmpd/exchange.c
1198
message_free(exchange->in_transit);
sbin/isakmpd/exchange.c
1199
free(exchange->nonce_i);
sbin/isakmpd/exchange.c
1200
free(exchange->nonce_r);
sbin/isakmpd/exchange.c
1201
free(exchange->id_i);
sbin/isakmpd/exchange.c
1202
free(exchange->id_r);
sbin/isakmpd/exchange.c
1203
free(exchange->keystate);
sbin/isakmpd/exchange.c
1204
if (exchange->data) {
sbin/isakmpd/exchange.c
1205
if (exchange->doi && exchange->doi->free_exchange_data)
sbin/isakmpd/exchange.c
1206
exchange->doi->free_exchange_data(exchange->data);
sbin/isakmpd/exchange.c
1207
free(exchange->data);
sbin/isakmpd/exchange.c
1209
free(exchange->name);
sbin/isakmpd/exchange.c
1210
if (exchange->recv_cert) {
sbin/isakmpd/exchange.c
1211
handler = cert_get(exchange->recv_certtype);
sbin/isakmpd/exchange.c
1213
handler->cert_free(exchange->recv_cert);
sbin/isakmpd/exchange.c
1215
if (exchange->sent_cert) {
sbin/isakmpd/exchange.c
1216
handler = cert_get(exchange->sent_certtype);
sbin/isakmpd/exchange.c
1218
handler->cert_free(exchange->sent_cert);
sbin/isakmpd/exchange.c
1220
if (exchange->recv_key)
sbin/isakmpd/exchange.c
1221
key_free(exchange->recv_keytype, ISAKMP_KEYTYPE_PUBLIC,
sbin/isakmpd/exchange.c
1222
exchange->recv_key);
sbin/isakmpd/exchange.c
1223
free(exchange->keynote_key); /* This is just a string */
sbin/isakmpd/exchange.c
1225
if (exchange->policy_id != -1)
sbin/isakmpd/exchange.c
1226
kn_close(exchange->policy_id);
sbin/isakmpd/exchange.c
1228
exchange_free_aca_list(exchange);
sbin/isakmpd/exchange.c
1229
if (exchange->linked) {
sbin/isakmpd/exchange.c
1230
LIST_REMOVE(exchange, link);
sbin/isakmpd/exchange.c
1231
exchange->linked = 0;
sbin/isakmpd/exchange.c
1235
if (exchange->finalize)
sbin/isakmpd/exchange.c
1236
exchange->finalize(exchange, exchange->finalize_arg, 1);
sbin/isakmpd/exchange.c
1239
for (sa = TAILQ_FIRST(&exchange->sa_list); sa; sa = next_sa) {
sbin/isakmpd/exchange.c
1247
free(exchange);
sbin/isakmpd/exchange.c
1252
exchange_free(struct exchange *exchange)
sbin/isakmpd/exchange.c
1254
if (exchange->death)
sbin/isakmpd/exchange.c
1255
timer_remove_event(exchange->death);
sbin/isakmpd/exchange.c
1256
exchange_free_aux(exchange);
sbin/isakmpd/exchange.c
1266
struct exchange *exchange = msg->exchange;
sbin/isakmpd/exchange.c
1268
LIST_REMOVE(exchange, link);
sbin/isakmpd/exchange.c
1269
exchange->linked = 0;
sbin/isakmpd/exchange.c
1270
GET_ISAKMP_HDR_RCOOKIE(msg->iov[0].iov_base, exchange->cookies +
sbin/isakmpd/exchange.c
1272
exchange_enter(exchange);
sbin/isakmpd/exchange.c
1311
struct exchange *exchange = msg->exchange;
sbin/isakmpd/exchange.c
1320
exchange_dump("exchange_finalize", exchange);
sbin/isakmpd/exchange.c
1324
if (exchange->id_i && exchange->id_r) {
sbin/isakmpd/exchange.c
1326
&msg->isakmp_sa->id_i_len, exchange->id_i,
sbin/isakmpd/exchange.c
1327
exchange->id_i_len);
sbin/isakmpd/exchange.c
1329
&msg->isakmp_sa->id_r_len, exchange->id_r,
sbin/isakmpd/exchange.c
1330
exchange->id_r_len);
sbin/isakmpd/exchange.c
1332
ipsec_clone_id(&exchange->id_i, &exchange->id_i_len,
sbin/isakmpd/exchange.c
1334
ipsec_clone_id(&exchange->id_r, &exchange->id_r_len,
sbin/isakmpd/exchange.c
1345
for (sa = TAILQ_FIRST(&exchange->sa_list); sa;
sbin/isakmpd/exchange.c
1348
sa->name = exchange->name ? strdup(exchange->name) : 0;
sbin/isakmpd/exchange.c
1350
if (exchange->flags & EXCHANGE_FLAG_I_COMMITTED) {
sbin/isakmpd/exchange.c
1354
message_send_notification(exchange->last_received,
sbin/isakmpd/exchange.c
1363
sa->initiator = exchange->initiator;
sbin/isakmpd/exchange.c
1369
if (exchange->name) {
sbin/isakmpd/exchange.c
1370
attrs = conf_get_list(exchange->name, "Flags");
sbin/isakmpd/exchange.c
1378
if (connection_exist(exchange->name)) {
sbin/isakmpd/exchange.c
1385
if (exchange->phase == 2 && msg->isakmp_sa)
sbin/isakmpd/exchange.c
1390
sa->seq = exchange->seq;
sbin/isakmpd/exchange.c
1391
sa->exch_type = exchange->type;
sbin/isakmpd/exchange.c
1400
if (exchange->phase == 1 && msg->isakmp_sa) {
sbin/isakmpd/exchange.c
1401
msg->isakmp_sa->keystate = exchange->keystate;
sbin/isakmpd/exchange.c
1402
exchange->keystate = 0;
sbin/isakmpd/exchange.c
1404
msg->isakmp_sa->recv_certtype = exchange->recv_certtype;
sbin/isakmpd/exchange.c
1405
msg->isakmp_sa->sent_certtype = exchange->sent_certtype;
sbin/isakmpd/exchange.c
1406
msg->isakmp_sa->recv_keytype = exchange->recv_keytype;
sbin/isakmpd/exchange.c
1407
msg->isakmp_sa->recv_key = exchange->recv_key;
sbin/isakmpd/exchange.c
1408
msg->isakmp_sa->keynote_key = exchange->keynote_key;
sbin/isakmpd/exchange.c
1410
exchange->recv_key = 0;
sbin/isakmpd/exchange.c
1411
exchange->keynote_key = 0;
sbin/isakmpd/exchange.c
1412
msg->isakmp_sa->policy_id = exchange->policy_id;
sbin/isakmpd/exchange.c
1413
exchange->policy_id = -1;
sbin/isakmpd/exchange.c
1414
msg->isakmp_sa->initiator = exchange->initiator;
sbin/isakmpd/exchange.c
1416
if (exchange->recv_certtype && exchange->recv_cert) {
sbin/isakmpd/exchange.c
1417
handler = cert_get(exchange->recv_certtype);
sbin/isakmpd/exchange.c
1420
handler->cert_dup(exchange->recv_cert);
sbin/isakmpd/exchange.c
1422
if (exchange->sent_certtype) {
sbin/isakmpd/exchange.c
1423
handler = cert_get(exchange->sent_certtype);
sbin/isakmpd/exchange.c
1426
handler->cert_dup(exchange->sent_cert);
sbin/isakmpd/exchange.c
1428
if (exchange->doi)
sbin/isakmpd/exchange.c
1429
id_doi = exchange->doi->decode_ids(
sbin/isakmpd/exchange.c
1431
exchange->id_i, exchange->id_i_len,
sbin/isakmpd/exchange.c
1432
exchange->id_r, exchange->id_r_len, 0);
sbin/isakmpd/exchange.c
1442
if (exchange->flags & EXCHANGE_FLAG_NAT_T_ENABLE)
sbin/isakmpd/exchange.c
1444
if (exchange->flags & EXCHANGE_FLAG_NAT_T_KEEPALIVE)
sbin/isakmpd/exchange.c
1452
(exchange->initiator == 0) ? " (as responder)" : "",
sbin/isakmpd/exchange.c
1455
exchange->doi->finalize_exchange(msg);
sbin/isakmpd/exchange.c
1456
if (exchange->finalize)
sbin/isakmpd/exchange.c
1457
exchange->finalize(exchange, exchange->finalize_arg, 0);
sbin/isakmpd/exchange.c
1458
exchange->finalize = 0;
sbin/isakmpd/exchange.c
1466
while (TAILQ_FIRST(&exchange->sa_list)) {
sbin/isakmpd/exchange.c
1467
sa = TAILQ_FIRST(&exchange->sa_list);
sbin/isakmpd/exchange.c
1469
if (exchange->id_i && exchange->id_r) {
sbin/isakmpd/exchange.c
1471
exchange->id_i, exchange->id_i_len);
sbin/isakmpd/exchange.c
1473
exchange->id_r, exchange->id_r_len);
sbin/isakmpd/exchange.c
1475
TAILQ_REMOVE(&exchange->sa_list, sa, next);
sbin/isakmpd/exchange.c
1483
if (exchange->phase == 1 && msg->isakmp_sa &&
sbin/isakmpd/exchange.c
1484
(exchange->flags & EXCHANGE_FLAG_DPD_CAP_PEER))
sbin/isakmpd/exchange.c
1488
if (!exchange->last_sent)
sbin/isakmpd/exchange.c
1489
exchange_free(exchange);
sbin/isakmpd/exchange.c
1494
exchange_nonce(struct exchange *exchange, int peer, size_t nonce_sz,
sbin/isakmpd/exchange.c
1499
int initiator = exchange->initiator ^ peer;
sbin/isakmpd/exchange.c
1514
nonce = initiator ? &exchange->nonce_i : &exchange->nonce_r;
sbin/isakmpd/exchange.c
1516
initiator ? &exchange->nonce_i_len : &exchange->nonce_r_len;
sbin/isakmpd/exchange.c
1535
struct exchange *exchange = msg->exchange;
sbin/isakmpd/exchange.c
1550
return exchange_nonce(exchange, 0, nonce_sz,
sbin/isakmpd/exchange.c
1559
struct exchange *exchange = msg->exchange;
sbin/isakmpd/exchange.c
1563
return exchange_nonce(exchange, 1, GET_ISAKMP_GEN_LENGTH(noncep->p) -
sbin/isakmpd/exchange.c
1572
struct exchange *exchange = msg->exchange;
sbin/isakmpd/exchange.c
1581
TAILQ_INSERT_TAIL(&exchange->aca_list, aca, link);
sbin/isakmpd/exchange.c
1589
exchange_free_aca_list(struct exchange *exchange)
sbin/isakmpd/exchange.c
1593
for (aca = TAILQ_FIRST(&exchange->aca_list); aca;
sbin/isakmpd/exchange.c
1594
aca = TAILQ_FIRST(&exchange->aca_list)) {
sbin/isakmpd/exchange.c
1601
TAILQ_REMOVE(&exchange->aca_list, aca, link);
sbin/isakmpd/exchange.c
1610
struct exchange *exchange = msg->exchange;
sbin/isakmpd/exchange.c
1622
for (aca = TAILQ_FIRST(&exchange->aca_list); aca;
sbin/isakmpd/exchange.c
166
exchange_script(struct exchange *exchange)
sbin/isakmpd/exchange.c
1662
struct exchange *exchange = msg->exchange;
sbin/isakmpd/exchange.c
1669
id = exchange->initiator ? exchange->id_r : exchange->id_i;
sbin/isakmpd/exchange.c
1670
id_len = exchange->initiator ? exchange->id_r_len : exchange->id_i_len;
sbin/isakmpd/exchange.c
168
switch (exchange->type) {
sbin/isakmpd/exchange.c
1682
for (aca = TAILQ_FIRST(&exchange->aca_list); aca;
sbin/isakmpd/exchange.c
1717
exchange_free_aca_list(exchange);
sbin/isakmpd/exchange.c
1723
exchange_establish_finalize(struct exchange *exchange, void *arg, int fail)
sbin/isakmpd/exchange.c
1729
exchange, arg, name ? name : "<unnamed>", fail));
sbin/isakmpd/exchange.c
1741
exchange_establish(char *name, void (*finalize)(struct exchange *, void *,
sbin/isakmpd/exchange.c
1746
struct exchange *exchange;
sbin/isakmpd/exchange.c
1765
exchange = exchange_lookup_by_name(name, phase);
sbin/isakmpd/exchange.c
1766
if (exchange) {
sbin/isakmpd/exchange.c
1769
name, exchange));
sbin/isakmpd/exchange.c
1770
exchange_add_finalization(exchange, finalize, arg);
sbin/isakmpd/exchange.c
182
if (exchange->type >= ISAKMP_EXCH_DOI_MIN)
sbin/isakmpd/exchange.c
183
return exchange->doi->exchange_script(exchange->type);
sbin/isakmpd/exchange.c
1832
exchange = exchange_lookup_by_name(peer, 1);
sbin/isakmpd/exchange.c
1838
if (exchange)
sbin/isakmpd/exchange.c
1839
exchange_add_finalization(exchange, finalize,
sbin/isakmpd/exchange.c
196
struct exchange *exchange = msg->exchange;
sbin/isakmpd/exchange.c
197
int16_t *pc = exchange->exch_pc;
sbin/isakmpd/exchange.c
237
struct exchange *exchange = msg->exchange;
sbin/isakmpd/exchange.c
238
struct doi *doi = exchange->doi;
sbin/isakmpd/exchange.c
269
struct exchange *exchange = msg->exchange;
sbin/isakmpd/exchange.c
270
struct doi *doi = exchange->doi;
sbin/isakmpd/exchange.c
271
int (*handler)(struct message *) = exchange->initiator ?
sbin/isakmpd/exchange.c
280
if (exchange->initiator ^ (exchange->step % 2)) {
sbin/isakmpd/exchange.c
282
if (exchange->step)
sbin/isakmpd/exchange.c
284
message_setup_header(msg, exchange->type, 0,
sbin/isakmpd/exchange.c
285
exchange->message_id);
sbin/isakmpd/exchange.c
298
exchange->initiator ? "initiator" :
sbin/isakmpd/exchange.c
313
if (exchange->step > 0) {
sbin/isakmpd/exchange.c
314
if (exchange->last_sent)
sbin/isakmpd/exchange.c
315
message_free(exchange->last_sent);
sbin/isakmpd/exchange.c
316
exchange->last_sent = msg;
sbin/isakmpd/exchange.c
335
if ((exchange->type == ISAKMP_EXCH_ID_PROT ||
sbin/isakmpd/exchange.c
336
exchange->type == ISAKMP_EXCH_AGGRESSIVE) &&
sbin/isakmpd/exchange.c
337
exchange->phase == 1 && exchange->step == 1)
sbin/isakmpd/exchange.c
347
exchange_free(exchange);
sbin/isakmpd/exchange.c
378
if (exchange->last_received)
sbin/isakmpd/exchange.c
379
message_free(exchange->last_received);
sbin/isakmpd/exchange.c
380
exchange->last_received = msg;
sbin/isakmpd/exchange.c
381
if (exchange->flags & EXCHANGE_FLAG_ENCRYPT)
sbin/isakmpd/exchange.c
382
crypto_update_iv(exchange->keystate);
sbin/isakmpd/exchange.c
405
exchange, exchange->step));
sbin/isakmpd/exchange.c
406
exchange->step++;
sbin/isakmpd/exchange.c
407
while (*exchange->exch_pc != EXCHANGE_SCRIPT_SWITCH &&
sbin/isakmpd/exchange.c
408
*exchange->exch_pc != EXCHANGE_SCRIPT_END)
sbin/isakmpd/exchange.c
409
exchange->exch_pc++;
sbin/isakmpd/exchange.c
410
exchange->exch_pc++;
sbin/isakmpd/exchange.c
428
struct exchange *
sbin/isakmpd/exchange.c
431
struct exchange *exchange;
sbin/isakmpd/exchange.c
435
for (exchange = LIST_FIRST(&exchange_tab[i]); exchange;
sbin/isakmpd/exchange.c
436
exchange = LIST_NEXT(exchange, link))
sbin/isakmpd/exchange.c
437
if (memcmp(exchange->cookies, cookie,
sbin/isakmpd/exchange.c
439
exchange->phase == 1)
sbin/isakmpd/exchange.c
440
return exchange;
sbin/isakmpd/exchange.c
445
struct exchange *
sbin/isakmpd/exchange.c
448
struct exchange *exchange;
sbin/isakmpd/exchange.c
456
for (exchange = LIST_FIRST(&exchange_tab[i]); exchange;
sbin/isakmpd/exchange.c
457
exchange = LIST_NEXT(exchange, link)) {
sbin/isakmpd/exchange.c
460
name, exchange->name ? exchange->name :
sbin/isakmpd/exchange.c
461
"<unnamed>", phase, exchange->phase));
sbin/isakmpd/exchange.c
467
if (exchange->name &&
sbin/isakmpd/exchange.c
468
strcasecmp(exchange->name, name) == 0 &&
sbin/isakmpd/exchange.c
469
exchange->phase == phase &&
sbin/isakmpd/exchange.c
470
(!exchange->last_sent ||
sbin/isakmpd/exchange.c
471
(exchange->last_sent->flags & MSG_LAST) == 0))
sbin/isakmpd/exchange.c
472
return exchange;
sbin/isakmpd/exchange.c
478
static struct exchange *
sbin/isakmpd/exchange.c
481
struct exchange *exchange;
sbin/isakmpd/exchange.c
490
for (exchange = LIST_FIRST(&exchange_tab[i]); exchange;
sbin/isakmpd/exchange.c
491
exchange = LIST_NEXT(exchange, link)) {
sbin/isakmpd/exchange.c
494
name, exchange->name ? exchange->name :
sbin/isakmpd/exchange.c
495
"<unnamed>", phase, exchange->phase));
sbin/isakmpd/exchange.c
496
if (exchange->name &&
sbin/isakmpd/exchange.c
497
strcasecmp(exchange->name, name) == 0 &&
sbin/isakmpd/exchange.c
498
exchange->phase == phase) {
sbin/isakmpd/exchange.c
499
if (exchange->step > 1)
sbin/isakmpd/exchange.c
500
return exchange;
sbin/isakmpd/exchange.c
505
exchange));
sbin/isakmpd/exchange.c
512
exchange_enter(struct exchange *exchange)
sbin/isakmpd/exchange.c
521
cp = exchange->cookies + i;
sbin/isakmpd/exchange.c
526
cp = exchange->message_id + i;
sbin/isakmpd/exchange.c
531
LIST_INSERT_HEAD(&exchange_tab[bucket], exchange, link);
sbin/isakmpd/exchange.c
532
exchange->linked = 1;
sbin/isakmpd/exchange.c
539
struct exchange *
sbin/isakmpd/exchange.c
542
struct exchange *exchange;
sbin/isakmpd/exchange.c
566
for (exchange = LIST_FIRST(&exchange_tab[bucket]);
sbin/isakmpd/exchange.c
567
exchange && (memcmp(msg + ISAKMP_HDR_COOKIES_OFF,
sbin/isakmpd/exchange.c
568
exchange->cookies, ISAKMP_HDR_COOKIES_LEN) != 0 ||
sbin/isakmpd/exchange.c
570
exchange->message_id, ISAKMP_HDR_MESSAGE_ID_LEN) != 0) ||
sbin/isakmpd/exchange.c
573
exchange = LIST_NEXT(exchange, link))
sbin/isakmpd/exchange.c
576
return exchange;
sbin/isakmpd/exchange.c
586
static struct exchange *
sbin/isakmpd/exchange.c
589
struct exchange *exchange;
sbin/isakmpd/exchange.c
597
exchange = calloc(1, sizeof *exchange);
sbin/isakmpd/exchange.c
598
if (!exchange) {
sbin/isakmpd/exchange.c
600
(unsigned long)sizeof *exchange);
sbin/isakmpd/exchange.c
603
exchange->phase = phase;
sbin/isakmpd/exchange.c
604
exchange->step = 0;
sbin/isakmpd/exchange.c
605
exchange->initiator = initiator;
sbin/isakmpd/exchange.c
606
bzero(exchange->cookies, ISAKMP_HDR_COOKIES_LEN);
sbin/isakmpd/exchange.c
607
bzero(exchange->message_id, ISAKMP_HDR_MESSAGE_ID_LEN);
sbin/isakmpd/exchange.c
608
exchange->doi = doi_lookup(doi);
sbin/isakmpd/exchange.c
609
exchange->type = type;
sbin/isakmpd/exchange.c
610
exchange->policy_id = -1;
sbin/isakmpd/exchange.c
611
exchange->exch_pc = exchange_script(exchange);
sbin/isakmpd/exchange.c
612
exchange->last_sent = exchange->last_received = 0;
sbin/isakmpd/exchange.c
613
TAILQ_INIT(&exchange->sa_list);
sbin/isakmpd/exchange.c
614
TAILQ_INIT(&exchange->aca_list);
sbin/isakmpd/exchange.c
617
if (exchange->doi->exchange_size) {
sbin/isakmpd/exchange.c
618
exchange->data = calloc(1, exchange->doi->exchange_size);
sbin/isakmpd/exchange.c
619
if (!exchange->data) {
sbin/isakmpd/exchange.c
621
(unsigned long)exchange->doi->exchange_size);
sbin/isakmpd/exchange.c
622
exchange_free(exchange);
sbin/isakmpd/exchange.c
630
exchange->death = timer_add_event("exchange_free_aux",
sbin/isakmpd/exchange.c
631
exchange_free_aux, exchange, &expiration);
sbin/isakmpd/exchange.c
632
if (!exchange->death) {
sbin/isakmpd/exchange.c
634
exchange_free_aux(exchange);
sbin/isakmpd/exchange.c
637
return exchange;
sbin/isakmpd/exchange.c
641
void (*first)(struct exchange *, void *, int);
sbin/isakmpd/exchange.c
643
void (*second)(struct exchange *, void *, int);
sbin/isakmpd/exchange.c
649
exchange_run_finalizations(struct exchange *exchange, void *arg, int fail)
sbin/isakmpd/exchange.c
653
node->first(exchange, node->first_arg, fail);
sbin/isakmpd/exchange.c
654
node->second(exchange, node->second_arg, fail);
sbin/isakmpd/exchange.c
663
exchange_add_finalization(struct exchange *exchange,
sbin/isakmpd/exchange.c
664
void (*finalize)(struct exchange *, void *, int), void *arg)
sbin/isakmpd/exchange.c
671
if (!exchange->finalize) {
sbin/isakmpd/exchange.c
672
exchange->finalize = finalize;
sbin/isakmpd/exchange.c
673
exchange->finalize_arg = arg;
sbin/isakmpd/exchange.c
683
node->first = exchange->finalize;
sbin/isakmpd/exchange.c
684
node->first_arg = exchange->finalize_arg;
sbin/isakmpd/exchange.c
687
exchange->finalize = exchange_run_finalizations;
sbin/isakmpd/exchange.c
688
exchange->finalize_arg = node;
sbin/isakmpd/exchange.c
692
exchange_establish_transaction(struct exchange *exchange, void *arg, int fail)
sbin/isakmpd/exchange.c
709
char *name, void *args, void (*finalize)(struct exchange *, void *, int),
sbin/isakmpd/exchange.c
712
struct exchange *exchange;
sbin/isakmpd/exchange.c
76
static void exchange_dump(char *, struct exchange *);
sbin/isakmpd/exchange.c
761
exchange = exchange_create(1, 1, doi, type);
sbin/isakmpd/exchange.c
762
if (!exchange) {
sbin/isakmpd/exchange.c
766
exchange->name = strdup(name);
sbin/isakmpd/exchange.c
767
if (!exchange->name) {
sbin/isakmpd/exchange.c
770
exchange_free(exchange);
sbin/isakmpd/exchange.c
774
exchange->policy = name ? conf_get_str(name, "Configuration") : 0;
sbin/isakmpd/exchange.c
775
if (!exchange->policy && name)
sbin/isakmpd/exchange.c
776
exchange->policy = CONF_DFLT_TAG_PHASE1_CONFIG;
sbin/isakmpd/exchange.c
78
static struct exchange *exchange_lookup_active(char *, int);
sbin/isakmpd/exchange.c
789
exchange_free(exchange);
sbin/isakmpd/exchange.c
799
exchange_add_finalization(exchange,
sbin/isakmpd/exchange.c
807
exchange_add_finalization(exchange, finalize, arg);
sbin/isakmpd/exchange.c
808
cookie_gen(t, exchange, exchange->cookies, ISAKMP_HDR_ICOOKIE_LEN);
sbin/isakmpd/exchange.c
809
exchange_enter(exchange);
sbin/isakmpd/exchange.c
81
LIST_HEAD(exchange_list, exchange) *exchange_tab;
sbin/isakmpd/exchange.c
810
exchange_dump("exchange_establish_p1", exchange);
sbin/isakmpd/exchange.c
815
exchange_free(exchange);
sbin/isakmpd/exchange.c
818
msg->exchange = exchange;
sbin/isakmpd/exchange.c
821
if (exchange->type != ISAKMP_EXCH_INFO &&
sbin/isakmpd/exchange.c
822
exchange->type != ISAKMP_EXCH_TRANSACTION) {
sbin/isakmpd/exchange.c
828
sa_create(exchange, 0);
sbin/isakmpd/exchange.c
829
msg->isakmp_sa = TAILQ_FIRST(&exchange->sa_list);
sbin/isakmpd/exchange.c
832
exchange_free(exchange);
sbin/isakmpd/exchange.c
849
void *args, void (*finalize)(struct exchange *, void *, int), void *arg)
sbin/isakmpd/exchange.c
851
struct exchange *exchange;
sbin/isakmpd/exchange.c
901
exchange = exchange_create(2, 1, doi, type);
sbin/isakmpd/exchange.c
902
if (!exchange) {
sbin/isakmpd/exchange.c
906
exchange->name = strdup(name);
sbin/isakmpd/exchange.c
907
if (!exchange->name) {
sbin/isakmpd/exchange.c
910
exchange_free(exchange);
sbin/isakmpd/exchange.c
914
exchange->policy = name ? conf_get_str(name, "Configuration") : 0;
sbin/isakmpd/exchange.c
915
exchange->finalize = finalize;
sbin/isakmpd/exchange.c
916
exchange->finalize_arg = arg;
sbin/isakmpd/exchange.c
917
exchange->seq = seq;
sbin/isakmpd/exchange.c
918
memcpy(exchange->cookies, isakmp_sa->cookies, ISAKMP_HDR_COOKIES_LEN);
sbin/isakmpd/exchange.c
919
arc4random_buf(exchange->message_id, ISAKMP_HDR_MESSAGE_ID_LEN);
sbin/isakmpd/exchange.c
920
exchange->flags |= EXCHANGE_FLAG_ENCRYPT;
sbin/isakmpd/exchange.c
922
exchange->flags |= EXCHANGE_FLAG_NAT_T_ENABLE;
sbin/isakmpd/exchange.c
924
exchange->flags |= EXCHANGE_FLAG_NAT_T_KEEPALIVE;
sbin/isakmpd/exchange.c
925
exchange_enter(exchange);
sbin/isakmpd/exchange.c
926
exchange_dump("exchange_establish_p2", exchange);
sbin/isakmpd/exchange.c
932
if (exchange->type != ISAKMP_EXCH_INFO &&
sbin/isakmpd/exchange.c
933
exchange->type != ISAKMP_EXCH_TRANSACTION) {
sbin/isakmpd/exchange.c
936
if (sa_create(exchange, isakmp_sa->transport)) {
sbin/isakmpd/exchange.c
937
exchange_free(exchange);
sbin/isakmpd/exchange.c
948
msg->exchange = exchange;
sbin/isakmpd/exchange.c
956
struct exchange *
sbin/isakmpd/exchange.c
960
struct exchange *exchange;
sbin/isakmpd/exchange.c
991
exchange = exchange_lookup_active(name, 1);
sbin/isakmpd/exchange.c
992
if (exchange) {
sbin/isakmpd/exchange.c
995
"exists as %p", name, exchange));
sbin/isakmpd/exchange.h
231
extern void exchange_free(struct exchange *);
sbin/isakmpd/exchange.h
232
extern void exchange_free_aca_list(struct exchange *);
sbin/isakmpd/exchange.h
233
extern void exchange_establish(char *name, void (*)(struct exchange *,
sbin/isakmpd/exchange.h
236
char *, void *, void (*)(struct exchange *, void *, int),
sbin/isakmpd/exchange.h
239
void (*)(struct exchange *, void *, int), void *);
sbin/isakmpd/exchange.h
242
extern struct exchange *exchange_lookup(u_int8_t *, int);
sbin/isakmpd/exchange.h
243
extern struct exchange *exchange_lookup_by_name(char *, int);
sbin/isakmpd/exchange.h
244
extern struct exchange *exchange_lookup_from_icookie(u_int8_t *);
sbin/isakmpd/exchange.h
249
extern int16_t *exchange_script(struct exchange *);
sbin/isakmpd/exchange.h
250
extern struct exchange *exchange_setup_p1(struct message *, u_int32_t);
sbin/isakmpd/exchange.h
251
extern struct exchange *exchange_setup_p2(struct message *, u_int8_t);
sbin/isakmpd/exchange.h
56
LIST_ENTRY(exchange) link;
sbin/isakmpd/exchange.h
76
void (*finalize)(struct exchange *, void *, int);
sbin/isakmpd/ike_aggressive.c
108
msg->exchange->flags |= EXCHANGE_FLAG_ENCRYPT;
sbin/isakmpd/ike_aggressive.c
154
if (ike_phase_1_send_KE_NONCE(msg, msg->exchange->nonce_i_len))
sbin/isakmpd/ike_aggressive.c
174
if (msg->exchange->flags & EXCHANGE_FLAG_NAT_T_CAP_PEER)
sbin/isakmpd/ike_auth.c
1024
if (ike_auth_hash(exchange, buf) == -1) {
sbin/isakmpd/ike_auth.c
1078
ike_auth_hash(struct exchange *exchange, u_int8_t *buf)
sbin/isakmpd/ike_auth.c
1080
struct ipsec_exch *ie = exchange->data;
sbin/isakmpd/ike_auth.c
1083
int initiator = exchange->initiator;
sbin/isakmpd/ike_auth.c
1088
id = initiator ? exchange->id_i : exchange->id_r;
sbin/isakmpd/ike_auth.c
1089
id_len = initiator ? exchange->id_i_len : exchange->id_r_len;
sbin/isakmpd/ike_auth.c
1099
prf->Update(prf->prfctx, exchange->cookies +
sbin/isakmpd/ike_auth.c
1102
prf->Update(prf->prfctx, exchange->cookies +
sbin/isakmpd/ike_auth.c
338
pre_shared_gen_skeyid(struct exchange *exchange, size_t *sz)
sbin/isakmpd/ike_auth.c
341
struct ipsec_exch *ie = exchange->data;
sbin/isakmpd/ike_auth.c
352
if (!exchange->initiator && exchange->id_i) {
sbin/isakmpd/ike_auth.c
353
switch (exchange->id_i[0]) {
sbin/isakmpd/ike_auth.c
357
exchange->id_i[0] == IPSEC_ID_IPV4_ADDR ? AF_INET :
sbin/isakmpd/ike_auth.c
358
AF_INET6, exchange->id_i + ISAKMP_ID_DATA_OFF -
sbin/isakmpd/ike_auth.c
366
buf = calloc(exchange->id_i_len - ISAKMP_ID_DATA_OFF +
sbin/isakmpd/ike_auth.c
371
(unsigned long)exchange->id_i_len -
sbin/isakmpd/ike_auth.c
376
exchange->id_i + ISAKMP_ID_DATA_OFF -
sbin/isakmpd/ike_auth.c
378
exchange->id_i_len - ISAKMP_ID_DATA_OFF +
sbin/isakmpd/ike_auth.c
391
key = ike_auth_get_key(IKE_AUTH_PRE_SHARED, exchange->name,
sbin/isakmpd/ike_auth.c
400
exchange->recv_key = calloc(keylen + 1, sizeof(char));
sbin/isakmpd/ike_auth.c
401
exchange->recv_keytype = ISAKMP_KEY_PASSPHRASE;
sbin/isakmpd/ike_auth.c
402
if (!exchange->recv_key) {
sbin/isakmpd/ike_auth.c
408
memcpy(exchange->recv_key, key, keylen);
sbin/isakmpd/ike_auth.c
409
exchange->recv_certtype = ISAKMP_CERTENC_NONE;
sbin/isakmpd/ike_auth.c
412
prf = prf_alloc(ie->prf_type, ie->hash->type, exchange->recv_key,
sbin/isakmpd/ike_auth.c
426
prf->Update(prf->prfctx, exchange->nonce_i, exchange->nonce_i_len);
sbin/isakmpd/ike_auth.c
427
prf->Update(prf->prfctx, exchange->nonce_r, exchange->nonce_r_len);
sbin/isakmpd/ike_auth.c
435
sig_gen_skeyid(struct exchange *exchange, size_t *sz)
sbin/isakmpd/ike_auth.c
438
struct ipsec_exch *ie = exchange->data;
sbin/isakmpd/ike_auth.c
442
key = malloc(exchange->nonce_i_len + exchange->nonce_r_len);
sbin/isakmpd/ike_auth.c
445
memcpy(key, exchange->nonce_i, exchange->nonce_i_len);
sbin/isakmpd/ike_auth.c
446
memcpy(key + exchange->nonce_i_len, exchange->nonce_r,
sbin/isakmpd/ike_auth.c
447
exchange->nonce_r_len);
sbin/isakmpd/ike_auth.c
453
(u_int8_t *)key, exchange->nonce_i_len + exchange->nonce_r_len));
sbin/isakmpd/ike_auth.c
456
exchange->nonce_i_len + exchange->nonce_r_len);
sbin/isakmpd/ike_auth.c
487
enc_gen_skeyid(struct exchange *exchange, size_t *sz)
sbin/isakmpd/ike_auth.c
490
struct ipsec_exch *ie = exchange->data;
sbin/isakmpd/ike_auth.c
495
hash->Update(hash->ctx, exchange->nonce_i, exchange->nonce_i_len);
sbin/isakmpd/ike_auth.c
496
hash->Update(hash->ctx, exchange->nonce_r, exchange->nonce_r_len);
sbin/isakmpd/ike_auth.c
510
prf->Update(prf->prfctx, exchange->cookies, ISAKMP_HDR_COOKIES_LEN);
sbin/isakmpd/ike_auth.c
520
struct exchange *exchange = msg->exchange;
sbin/isakmpd/ike_auth.c
521
struct ipsec_exch *ie = exchange->data;
sbin/isakmpd/ike_auth.c
525
int initiator = exchange->initiator;
sbin/isakmpd/ike_auth.c
561
struct exchange *exchange = msg->exchange;
sbin/isakmpd/ike_auth.c
562
struct ipsec_exch *ie = exchange->data;
sbin/isakmpd/ike_auth.c
570
int len, initiator = exchange->initiator;
sbin/isakmpd/ike_auth.c
579
id = initiator ? exchange->id_r : exchange->id_i;
sbin/isakmpd/ike_auth.c
580
id_len = initiator ? exchange->id_r_len : exchange->id_i_len;
sbin/isakmpd/ike_auth.c
605
exchange->policy_id = kn_init();
sbin/isakmpd/ike_auth.c
606
if (exchange->policy_id == -1) {
sbin/isakmpd/ike_auth.c
629
exchange->recv_cert = cert;
sbin/isakmpd/ike_auth.c
630
exchange->recv_certtype = handler->id;
sbin/isakmpd/ike_auth.c
631
x509_generate_kn(exchange->policy_id,
sbin/isakmpd/ike_auth.c
636
handler->cert_insert(exchange->policy_id, rawcert);
sbin/isakmpd/ike_auth.c
709
handler->cert_insert(exchange->policy_id, cert);
sbin/isakmpd/ike_auth.c
71
static u_int8_t *enc_gen_skeyid(struct exchange *, size_t *);
sbin/isakmpd/ike_auth.c
711
exchange->recv_cert = cert;
sbin/isakmpd/ike_auth.c
712
exchange->recv_certtype = GET_ISAKMP_CERT_ENCODING(p->p);
sbin/isakmpd/ike_auth.c
714
if (exchange->recv_certtype == ISAKMP_CERTENC_KEYNOTE) {
sbin/isakmpd/ike_auth.c
729
if (asprintf(&exchange->keynote_key, "rsa-hex:%s",
sbin/isakmpd/ike_auth.c
73
static u_int8_t *pre_shared_gen_skeyid(struct exchange *, size_t *);
sbin/isakmpd/ike_auth.c
78
static u_int8_t *sig_gen_skeyid(struct exchange *, size_t *);
sbin/isakmpd/ike_auth.c
798
exchange->recv_key = key;
sbin/isakmpd/ike_auth.c
799
exchange->recv_keytype = ISAKMP_KEY_RSA;
sbin/isakmpd/ike_auth.c
819
struct exchange *exchange = msg->exchange;
sbin/isakmpd/ike_auth.c
820
struct ipsec_exch *ie = exchange->data;
sbin/isakmpd/ike_auth.c
823
int initiator = exchange->initiator;
sbin/isakmpd/ike_auth.c
830
if (ike_auth_hash(exchange, buf + ISAKMP_HASH_DATA_OFF) == -1)
sbin/isakmpd/ike_auth.c
84
static int ike_auth_hash(struct exchange *, u_int8_t *);
sbin/isakmpd/ike_auth.c
844
struct exchange *exchange = msg->exchange;
sbin/isakmpd/ike_auth.c
845
struct ipsec_exch *ie = exchange->data;
sbin/isakmpd/ike_auth.c
849
int initiator = exchange->initiator, idtype;
sbin/isakmpd/ike_auth.c
855
id = initiator ? exchange->id_i : exchange->id_r;
sbin/isakmpd/ike_auth.c
856
id_len = initiator ? exchange->id_i_len : exchange->id_r_len;
sbin/isakmpd/ike_auth.c
859
buf = (u_int8_t *)conf_get_str(exchange->name, "Credentials");
sbin/isakmpd/ike_auth.c
860
if (buf && (idtype = conf_get_num(exchange->name, "Credential_Type",
sbin/isakmpd/ike_auth.c
862
exchange->sent_certtype = idtype;
sbin/isakmpd/ike_auth.c
869
exchange->sent_cert =
sbin/isakmpd/ike_auth.c
871
if (!exchange->sent_cert) {
sbin/isakmpd/ike_auth.c
876
handler->cert_serialize(exchange->sent_cert, &data, &datalen);
sbin/isakmpd/ike_auth.c
922
exchange->sent_certtype = idtype;
sbin/isakmpd/ike_auth.c
923
exchange->sent_cert = handler->cert_get(data, datalen);
sbin/isakmpd/ike_auth.c
924
if (!exchange->sent_cert) {
sbin/isakmpd/ike_auth.c
949
buf = (u_int8_t *)conf_get_str(exchange->name, "PKAuthentication");
sbin/isakmpd/ike_auth.c
998
sent_key = ike_auth_get_key(IKE_AUTH_RSA_SIG, exchange->name,
sbin/isakmpd/ike_auth.h
37
struct exchange;
sbin/isakmpd/ike_auth.h
41
u_int8_t *(*gen_skeyid) (struct exchange *, size_t *);
sbin/isakmpd/ike_main_mode.c
115
msg->exchange->flags |= EXCHANGE_FLAG_ENCRYPT;
sbin/isakmpd/ike_main_mode.c
83
msg->exchange->flags |= EXCHANGE_FLAG_ENCRYPT;
sbin/isakmpd/ike_main_mode.c
99
if (ike_phase_1_send_KE_NONCE(msg, msg->exchange->nonce_i_len))
sbin/isakmpd/ike_phase_1.c
1082
id = initiator ? &exchange->id_r : &exchange->id_i;
sbin/isakmpd/ike_phase_1.c
1083
id_len = initiator ? &exchange->id_r_len : &exchange->id_i_len;
sbin/isakmpd/ike_phase_1.c
1106
struct exchange *exchange = msg->exchange;
sbin/isakmpd/ike_phase_1.c
1107
struct ipsec_exch *ie = exchange->data;
sbin/isakmpd/ike_phase_1.c
1112
int initiator = exchange->initiator;
sbin/isakmpd/ike_phase_1.c
1118
id = initiator ? exchange->id_r : exchange->id_i;
sbin/isakmpd/ike_phase_1.c
1119
id_len = initiator ? exchange->id_r_len : exchange->id_i_len;
sbin/isakmpd/ike_phase_1.c
1136
prf->Update(prf->prfctx, exchange->cookies +
sbin/isakmpd/ike_phase_1.c
1139
prf->Update(prf->prfctx, exchange->cookies +
sbin/isakmpd/ike_phase_1.c
1175
ike_phase_1_validate_prop(struct exchange *exchange, struct sa *sa,
sbin/isakmpd/ike_phase_1.c
1185
conf = conf_get_list(exchange->policy, "Transforms");
sbin/isakmpd/ike_phase_1.c
225
if (exchange->type == ISAKMP_EXCH_AGGRESSIVE) {
sbin/isakmpd/ike_phase_1.c
250
exchange->doi->is_attribute_incompatible, msg)) {
sbin/isakmpd/ike_phase_1.c
259
if (exchange->type == ISAKMP_EXCH_AGGRESSIVE)
sbin/isakmpd/ike_phase_1.c
283
proto->sa = TAILQ_FIRST(&exchange->sa_list);
sbin/isakmpd/ike_phase_1.c
299
TAILQ_INSERT_TAIL(&TAILQ_FIRST(&exchange->sa_list)->protos, proto,
sbin/isakmpd/ike_phase_1.c
395
struct exchange *exchange = msg->exchange;
sbin/isakmpd/ike_phase_1.c
396
struct sa *sa = TAILQ_FIRST(&exchange->sa_list);
sbin/isakmpd/ike_phase_1.c
397
struct ipsec_exch *ie = exchange->data;
sbin/isakmpd/ike_phase_1.c
424
if (exchange->type != ISAKMP_EXCH_AGGRESSIVE)
sbin/isakmpd/ike_phase_1.c
437
struct ipsec_exch *ie = msg->exchange->data;
sbin/isakmpd/ike_phase_1.c
462
struct exchange *exchange = msg->exchange;
sbin/isakmpd/ike_phase_1.c
463
struct sa *sa = TAILQ_FIRST(&exchange->sa_list);
sbin/isakmpd/ike_phase_1.c
467
struct ipsec_exch *ie = exchange->data;
sbin/isakmpd/ike_phase_1.c
496
if (!exchange->crypto || !ie->hash || !ie->ike_auth || !ie->group) {
sbin/isakmpd/ike_phase_1.c
560
if (msg->exchange->flags & EXCHANGE_FLAG_NAT_T_CAP_PEER)
sbin/isakmpd/ike_phase_1.c
588
if (msg->exchange->type == ISAKMP_EXCH_ID_PROT &&
sbin/isakmpd/ike_phase_1.c
589
msg->exchange->flags & EXCHANGE_FLAG_NAT_T_CAP_PEER)
sbin/isakmpd/ike_phase_1.c
602
struct exchange *exchange = msg->exchange;
sbin/isakmpd/ike_phase_1.c
603
struct ipsec_exch *ie = exchange->data;
sbin/isakmpd/ike_phase_1.c
618
exchange->initiator ? ie->g_xr : ie->g_xi)) {
sbin/isakmpd/ike_phase_1.c
628
ie->skeyid = ie->ike_auth->gen_skeyid(exchange, &ie->skeyid_len);
sbin/isakmpd/ike_phase_1.c
65
static int ike_phase_1_validate_prop(struct exchange *, struct sa *,
sbin/isakmpd/ike_phase_1.c
652
prf->Update(prf->prfctx, exchange->cookies, ISAKMP_HDR_COOKIES_LEN);
sbin/isakmpd/ike_phase_1.c
670
prf->Update(prf->prfctx, exchange->cookies, ISAKMP_HDR_COOKIES_LEN);
sbin/isakmpd/ike_phase_1.c
689
prf->Update(prf->prfctx, exchange->cookies, ISAKMP_HDR_COOKIES_LEN);
sbin/isakmpd/ike_phase_1.c
698
if (!exchange->key_length)
sbin/isakmpd/ike_phase_1.c
699
exchange->key_length = exchange->crypto->keymax;
sbin/isakmpd/ike_phase_1.c
702
if (ie->skeyid_len < exchange->key_length) {
sbin/isakmpd/ike_phase_1.c
713
keylen = exchange->key_length;
sbin/isakmpd/ike_phase_1.c
72
struct exchange *exchange = msg->exchange;
sbin/isakmpd/ike_phase_1.c
729
for (len = prf->blocksize, p = key; len < exchange->key_length;
sbin/isakmpd/ike_phase_1.c
73
struct ipsec_exch *ie = exchange->data;
sbin/isakmpd/ike_phase_1.c
738
exchange->keystate = crypto_init(exchange->crypto, key,
sbin/isakmpd/ike_phase_1.c
739
exchange->key_length, &err);
sbin/isakmpd/ike_phase_1.c
744
exchange->keystate = crypto_init(exchange->crypto,
sbin/isakmpd/ike_phase_1.c
745
ie->skeyid_e, exchange->key_length, &err);
sbin/isakmpd/ike_phase_1.c
748
if (!exchange->keystate && err == EWEAKKEY &&
sbin/isakmpd/ike_phase_1.c
749
(exchange->key_length << 1) <= ie->skeyid_len) {
sbin/isakmpd/ike_phase_1.c
752
exchange->keystate = crypto_init(exchange->crypto,
sbin/isakmpd/ike_phase_1.c
753
ie->skeyid_e + exchange->key_length,
sbin/isakmpd/ike_phase_1.c
754
exchange->key_length, &err);
sbin/isakmpd/ike_phase_1.c
756
if (!exchange->keystate) {
sbin/isakmpd/ike_phase_1.c
771
crypto_init_iv(exchange->keystate, hash->digest,
sbin/isakmpd/ike_phase_1.c
772
exchange->crypto->blocksize);
sbin/isakmpd/ike_phase_1.c
788
struct exchange *exchange = msg->exchange;
sbin/isakmpd/ike_phase_1.c
793
int initiator = exchange->initiator;
sbin/isakmpd/ike_phase_1.c
801
id = initiator ? &exchange->id_i : &exchange->id_r;
sbin/isakmpd/ike_phase_1.c
802
id_len = initiator ? &exchange->id_i_len : &exchange->id_r_len;
sbin/isakmpd/ike_phase_1.c
804
if (exchange->name)
sbin/isakmpd/ike_phase_1.c
805
my_id = conf_get_str(exchange->name, "ID");
sbin/isakmpd/ike_phase_1.c
88
conf = conf_get_list(exchange->policy, "Transforms");
sbin/isakmpd/ike_phase_1.c
952
struct exchange *exchange = msg->exchange;
sbin/isakmpd/ike_phase_1.c
953
struct ipsec_exch *ie = exchange->data;
sbin/isakmpd/ike_phase_1.c
964
if ((exchange->flags & EXCHANGE_FLAG_COMMITTED) == 0)
sbin/isakmpd/ike_phase_1.c
965
exchange->flags |= EXCHANGE_FLAG_I_COMMITTED;
sbin/isakmpd/ike_phase_1.c
985
struct exchange *exchange = msg->exchange;
sbin/isakmpd/ike_phase_1.c
988
int initiator = exchange->initiator;
sbin/isakmpd/ike_phase_1.c
997
if (exchange->name)
sbin/isakmpd/ike_phase_1.c
998
rs = conf_get_str(exchange->name, "Remote-ID");
sbin/isakmpd/ike_quick_mode.c
1039
struct exchange *exchange = msg->exchange;
sbin/isakmpd/ike_quick_mode.c
1040
struct ipsec_exch *ie = exchange->data;
sbin/isakmpd/ike_quick_mode.c
1066
exchange->message_id, ISAKMP_HDR_MESSAGE_ID_LEN));
sbin/isakmpd/ike_quick_mode.c
1067
prf->Update(prf->prfctx, exchange->message_id,
sbin/isakmpd/ike_quick_mode.c
1070
"NONCE_I_b", exchange->nonce_i, exchange->nonce_i_len));
sbin/isakmpd/ike_quick_mode.c
1071
prf->Update(prf->prfctx, exchange->nonce_i, exchange->nonce_i_len);
sbin/isakmpd/ike_quick_mode.c
1107
sa = TAILQ_FIRST(&exchange->sa_list);
sbin/isakmpd/ike_quick_mode.c
1252
if (sa_add_transform(sa, xf, exchange->initiator, &proto))
sbin/isakmpd/ike_quick_mode.c
1267
if (!check_policy(exchange, sa, msg->isakmp_sa)) {
sbin/isakmpd/ike_quick_mode.c
1297
struct exchange *exchange = msg->exchange;
sbin/isakmpd/ike_quick_mode.c
1298
struct ipsec_exch *ie = exchange->data;
sbin/isakmpd/ike_quick_mode.c
1330
exchange->message_id, ISAKMP_HDR_MESSAGE_ID_LEN));
sbin/isakmpd/ike_quick_mode.c
1331
prf->Update(prf->prfctx, exchange->message_id,
sbin/isakmpd/ike_quick_mode.c
1334
exchange->nonce_i, exchange->nonce_i_len));
sbin/isakmpd/ike_quick_mode.c
1335
prf->Update(prf->prfctx, exchange->nonce_i, exchange->nonce_i_len);
sbin/isakmpd/ike_quick_mode.c
1337
exchange->nonce_r, exchange->nonce_r_len));
sbin/isakmpd/ike_quick_mode.c
1338
prf->Update(prf->prfctx, exchange->nonce_r, exchange->nonce_r_len);
sbin/isakmpd/ike_quick_mode.c
1357
struct exchange *exchange = msg->exchange;
sbin/isakmpd/ike_quick_mode.c
1358
struct ipsec_exch *ie = exchange->data;
sbin/isakmpd/ike_quick_mode.c
1370
for (sa = TAILQ_FIRST(&exchange->sa_list); sa;
sbin/isakmpd/ike_quick_mode.c
142
policy_exchange = exchange;
sbin/isakmpd/ike_quick_mode.c
1452
exchange->nonce_i,
sbin/isakmpd/ike_quick_mode.c
1453
exchange->nonce_i_len));
sbin/isakmpd/ike_quick_mode.c
1455
exchange->nonce_i,
sbin/isakmpd/ike_quick_mode.c
1456
exchange->nonce_i_len);
sbin/isakmpd/ike_quick_mode.c
1459
exchange->nonce_r,
sbin/isakmpd/ike_quick_mode.c
1460
exchange->nonce_r_len));
sbin/isakmpd/ike_quick_mode.c
1462
exchange->nonce_r,
sbin/isakmpd/ike_quick_mode.c
1463
exchange->nonce_r_len);
sbin/isakmpd/ike_quick_mode.c
1475
(exchange->initiator == 0) ? " (as responder)" : "",
sbin/isakmpd/ike_quick_mode.c
1493
struct exchange *exchange = msg->exchange;
sbin/isakmpd/ike_quick_mode.c
1494
struct ipsec_exch *ie = exchange->data;
sbin/isakmpd/ike_quick_mode.c
1535
exchange->message_id, ISAKMP_HDR_MESSAGE_ID_LEN));
sbin/isakmpd/ike_quick_mode.c
1536
prf->Update(prf->prfctx, exchange->message_id,
sbin/isakmpd/ike_quick_mode.c
1688
for (sa = TAILQ_FIRST(&exchange->sa_list); sa;
sbin/isakmpd/ike_quick_mode.c
1775
exchange->name = strdup(name);
sbin/isakmpd/ike_quick_mode.c
1776
if (!exchange->name) {
sbin/isakmpd/ike_quick_mode.c
1786
(exchange->doi->decode_ids("initiator id %s, responder"
sbin/isakmpd/ike_quick_mode.c
1798
for (sa = TAILQ_FIRST(&exchange->sa_list); sa;
sbin/isakmpd/ike_quick_mode.c
1814
struct exchange *exchange = msg->exchange;
sbin/isakmpd/ike_quick_mode.c
1815
struct ipsec_exch *ie = exchange->data;
sbin/isakmpd/ike_quick_mode.c
1820
size_t nonce_sz = exchange->nonce_i_len;
sbin/isakmpd/ike_quick_mode.c
1822
int initiator = exchange->initiator;
sbin/isakmpd/ike_quick_mode.c
1901
exchange->message_id, ISAKMP_HDR_MESSAGE_ID_LEN));
sbin/isakmpd/ike_quick_mode.c
1902
prf->Update(prf->prfctx, exchange->message_id,
sbin/isakmpd/ike_quick_mode.c
1905
"NONCE_I_b", exchange->nonce_i, exchange->nonce_i_len));
sbin/isakmpd/ike_quick_mode.c
1906
prf->Update(prf->prfctx, exchange->nonce_i, exchange->nonce_i_len);
sbin/isakmpd/ike_quick_mode.c
1935
struct exchange *exchange = msg->exchange;
sbin/isakmpd/ike_quick_mode.c
1936
struct ipsec_exch *ie = exchange->data;
sbin/isakmpd/ike_quick_mode.c
1947
exchange->initiator ? ie->g_xr : ie->g_xi)) {
sbin/isakmpd/ike_quick_mode.c
1958
struct exchange *exchange = msg->exchange;
sbin/isakmpd/ike_quick_mode.c
1989
exchange->message_id, ISAKMP_HDR_MESSAGE_ID_LEN));
sbin/isakmpd/ike_quick_mode.c
1990
prf->Update(prf->prfctx, exchange->message_id,
sbin/isakmpd/ike_quick_mode.c
1993
exchange->nonce_i, exchange->nonce_i_len));
sbin/isakmpd/ike_quick_mode.c
1994
prf->Update(prf->prfctx, exchange->nonce_i, exchange->nonce_i_len);
sbin/isakmpd/ike_quick_mode.c
1996
exchange->nonce_r, exchange->nonce_r_len));
sbin/isakmpd/ike_quick_mode.c
1997
prf->Update(prf->prfctx, exchange->nonce_r, exchange->nonce_r_len);
sbin/isakmpd/ike_quick_mode.c
388
struct exchange *exchange = msg->exchange;
sbin/isakmpd/ike_quick_mode.c
389
struct doi *doi = exchange->doi;
sbin/isakmpd/ike_quick_mode.c
390
struct ipsec_exch *ie = exchange->data;
sbin/isakmpd/ike_quick_mode.c
420
suite_conf = conf_get_list(exchange->policy, "Suites");
sbin/isakmpd/ike_quick_mode.c
627
(exchange->flags &
sbin/isakmpd/ike_quick_mode.c
637
value = exchange->flags & EXCHANGE_FLAG_NAT_T_DRAFT ?
sbin/isakmpd/ike_quick_mode.c
642
value = exchange->flags & EXCHANGE_FLAG_NAT_T_DRAFT ?
sbin/isakmpd/ike_quick_mode.c
69
static int check_policy(struct exchange *, struct sa *, struct sa *);
sbin/isakmpd/ike_quick_mode.c
787
proto->sa = TAILQ_FIRST(&exchange->sa_list);
sbin/isakmpd/ike_quick_mode.c
809
TAILQ_INSERT_TAIL(&TAILQ_FIRST(&exchange->sa_list)->protos,
sbin/isakmpd/ike_quick_mode.c
907
local_id = conf_get_str(exchange->name, "Local-ID");
sbin/isakmpd/ike_quick_mode.c
908
remote_id = conf_get_str(exchange->name, "Remote-ID");
sbin/isakmpd/ike_quick_mode.c
91
check_policy(struct exchange *exchange, struct sa *sa, struct sa *isakmp_sa)
sbin/isakmpd/ike_quick_mode.c
933
exchange->name);
sbin/isakmpd/ike_quick_mode.c
944
exchange->name);
sbin/isakmpd/ipsec.c
1063
struct exchange *exchange = msg->exchange;
sbin/isakmpd/ipsec.c
1067
if (exchange->type != ISAKMP_EXCH_TRANSACTION &&
sbin/isakmpd/ipsec.c
1068
((exchange->phase == 1 && exchange->type != ISAKMP_EXCH_ID_PROT &&
sbin/isakmpd/ipsec.c
1069
exchange->type != ISAKMP_EXCH_AGGRESSIVE &&
sbin/isakmpd/ipsec.c
1070
exchange->type != ISAKMP_EXCH_INFO) ||
sbin/isakmpd/ipsec.c
1071
(exchange->phase == 2 && exchange->type != IKE_EXCH_QUICK_MODE &&
sbin/isakmpd/ipsec.c
1072
exchange->type != ISAKMP_EXCH_INFO))) {
sbin/isakmpd/ipsec.c
1074
"in phase %d", exchange->type, exchange->phase);
sbin/isakmpd/ipsec.c
1077
switch (exchange->type) {
sbin/isakmpd/ipsec.c
1094
exchange->type);
sbin/isakmpd/ipsec.c
1100
return script[exchange->step] (msg);
sbin/isakmpd/ipsec.c
1169
struct exchange *exchange = msg->exchange;
sbin/isakmpd/ipsec.c
1175
if (exchange->step == 0 && exchange->type != ISAKMP_EXCH_TRANSACTION &&
sbin/isakmpd/ipsec.c
1176
((exchange->phase == 1 && exchange->type != ISAKMP_EXCH_ID_PROT &&
sbin/isakmpd/ipsec.c
1177
exchange->type != ISAKMP_EXCH_AGGRESSIVE &&
sbin/isakmpd/ipsec.c
1178
exchange->type != ISAKMP_EXCH_INFO) ||
sbin/isakmpd/ipsec.c
1179
(exchange->phase == 2 && exchange->type != IKE_EXCH_QUICK_MODE &&
sbin/isakmpd/ipsec.c
1180
exchange->type != ISAKMP_EXCH_INFO))) {
sbin/isakmpd/ipsec.c
1186
exchange->phase, exchange->type, exchange->step));
sbin/isakmpd/ipsec.c
1187
switch (exchange->type) {
sbin/isakmpd/ipsec.c
1238
return script[exchange->step] (msg);
sbin/isakmpd/ipsec.c
126
size_t, struct exchange *);
sbin/isakmpd/ipsec.c
1288
if (msg->exchange->phase == 1) {
sbin/isakmpd/ipsec.c
134
static int ipsec_sa_tag(struct exchange *, struct sa *, struct sa *);
sbin/isakmpd/ipsec.c
135
static int ipsec_sa_iface(struct exchange *, struct sa *, struct sa *);
sbin/isakmpd/ipsec.c
1397
constant_name(msg->exchange->phase == 1 ? ike_attr_cst :
sbin/isakmpd/ipsec.c
1417
struct exchange *exchange = msg->exchange;
sbin/isakmpd/ipsec.c
1418
struct ipsec_exch *ie = exchange->data;
sbin/isakmpd/ipsec.c
1421
if (exchange->phase == 1) {
sbin/isakmpd/ipsec.c
1425
exchange->crypto = crypto_get(from_ike_crypto(
sbin/isakmpd/ipsec.c
1490
exchange->key_length = decode_16(value) / 8;
sbin/isakmpd/ipsec.c
1575
struct ipsec_exch *ie = msg->exchange->data;
sbin/isakmpd/ipsec.c
1649
struct exchange *exchange = msg->exchange;
sbin/isakmpd/ipsec.c
1650
struct ipsec_exch *ie = exchange->data;
sbin/isakmpd/ipsec.c
1652
int initiator = exchange->initiator ^ peer;
sbin/isakmpd/ipsec.c
1673
struct exchange *exchange = msg->exchange;
sbin/isakmpd/ipsec.c
1674
struct ipsec_exch *ie = exchange->data;
sbin/isakmpd/ipsec.c
1700
struct exchange *exchange = msg->exchange;
sbin/isakmpd/ipsec.c
1701
struct ipsec_exch *ie = exchange->data;
sbin/isakmpd/ipsec.c
1727
if (msg->exchange->phase == 1) {
sbin/isakmpd/ipsec.c
1736
msg->exchange->seq);
sbin/isakmpd/ipsec.c
1807
if (msg->exchange->type == ISAKMP_EXCH_AGGRESSIVE) {
sbin/isakmpd/ipsec.c
1812
if ((msg->exchange->flags & EXCHANGE_FLAG_ENCRYPT)
sbin/isakmpd/ipsec.c
2425
struct exchange *exchange = msg->exchange;
sbin/isakmpd/ipsec.c
2456
exchange->message_id, ISAKMP_HDR_MESSAGE_ID_LEN));
sbin/isakmpd/ipsec.c
2457
prf->Update(prf->prfctx, exchange->message_id,
sbin/isakmpd/ipsec.c
314
ipsec_sa_tag(struct exchange *exchange, struct sa *sa, struct sa *isakmp_sa)
sbin/isakmpd/ipsec.c
323
if (exchange->name == NULL ||
sbin/isakmpd/ipsec.c
324
(section = exchange->name) == NULL ||
sbin/isakmpd/ipsec.c
391
ipsec_sa_iface(struct exchange *exchange, struct sa *sa, struct sa *isakmp_sa)
sbin/isakmpd/ipsec.c
396
if (exchange->name == NULL ||
sbin/isakmpd/ipsec.c
397
(section = exchange->name) == NULL ||
sbin/isakmpd/ipsec.c
421
struct exchange *exchange = msg->exchange;
sbin/isakmpd/ipsec.c
422
struct ipsec_exch *ie = exchange->data;
sbin/isakmpd/ipsec.c
427
switch (exchange->phase) {
sbin/isakmpd/ipsec.c
429
switch (exchange->type) {
sbin/isakmpd/ipsec.c
455
switch (exchange->type) {
sbin/isakmpd/ipsec.c
461
for (sa = TAILQ_FIRST(&exchange->sa_list); sa;
sbin/isakmpd/ipsec.c
465
if (exchange->initiator) {
sbin/isakmpd/ipsec.c
493
if (ipsec_sa_tag(exchange, sa, isakmp_sa) == -1)
sbin/isakmpd/ipsec.c
496
if (ipsec_sa_iface(exchange, sa, isakmp_sa) == -1)
sbin/isakmpd/ipsec.c
855
if (msg->exchange && msg->exchange->keystate) {
sbin/isakmpd/ipsec.c
862
memcpy(ks, msg->exchange->keystate, sizeof *ks);
sbin/isakmpd/ipsec.c
920
if (msg->exchange->phase == 1 &&
sbin/isakmpd/ipsec.c
923
if (msg->exchange->phase == 2 &&
sbin/isakmpd/ipsec.c
937
size_t sz, struct exchange *exchange)
sbin/isakmpd/ipsec.c
977
if (exchange->phase == 1 &&
sbin/isakmpd/isakmp_cfg.c
108
if (msg->exchange->phase == 2) {
sbin/isakmpd/isakmp_cfg.c
340
if (msg->exchange->phase == 2)
sbin/isakmpd/isakmp_cfg.c
359
struct ipsec_exch *ie = msg->exchange->data;
sbin/isakmpd/isakmp_cfg.c
366
if (msg->exchange->phase == 2)
sbin/isakmpd/isakmp_cfg.c
468
struct ipsec_exch *ie = msg->exchange->data;
sbin/isakmpd/isakmp_cfg.c
474
if (msg->exchange->phase == 2)
sbin/isakmpd/isakmp_cfg.c
548
struct ipsec_exch *ie = msg->exchange->data;
sbin/isakmpd/isakmp_cfg.c
554
if (msg->exchange->phase == 2) {
sbin/isakmpd/isakmp_cfg.c
583
if (msg->exchange->phase == 2)
sbin/isakmpd/isakmp_cfg.c
624
prf->Update(prf->prfctx, msg->exchange->message_id,
sbin/isakmpd/isakmp_cfg.c
663
prf->Update(prf->prfctx, msg->exchange->message_id,
sbin/isakmpd/isakmp_cfg.c
98
struct ipsec_exch *ie = msg->exchange->data;
sbin/isakmpd/isakmp_doi.c
165
size_t sz, struct exchange *exchange)
sbin/isakmpd/isakmp_doi.c
209
if (msg->exchange->type != ISAKMP_EXCH_INFO) {
sbin/isakmpd/isakmp_doi.c
211
"in phase %d", msg->exchange->type, msg->exchange->phase);
sbin/isakmpd/isakmp_doi.c
223
switch (msg->exchange->type) {
sbin/isakmpd/isakmp_doi.c
64
u_int8_t *, size_t, struct exchange *);
sbin/isakmpd/message.c
1009
if (!exchange) {
sbin/isakmpd/message.c
1012
exchange = exchange_setup_p1(msg, doi_id);
sbin/isakmpd/message.c
1014
exchange = exchange_setup_p2(msg, doi_id);
sbin/isakmpd/message.c
1020
if (!exchange) {
sbin/isakmpd/message.c
1026
msg->exchange = exchange;
sbin/isakmpd/message.c
1032
if (exchange->initiator) {
sbin/isakmpd/message.c
1034
} else if (sa_create(exchange, msg->transport)) {
sbin/isakmpd/message.c
1039
if (exchange->phase == 1) {
sbin/isakmpd/message.c
1040
msg->isakmp_sa = TAILQ_FIRST(&exchange->sa_list);
sbin/isakmpd/message.c
1048
if (exchange->doi->validate_situation(p->p + ISAKMP_SA_SIT_OFF, &len,
sbin/isakmpd/message.c
1077
if (!msg->exchange) {
sbin/isakmpd/message.c
1094
if (!msg->exchange) {
sbin/isakmpd/message.c
1101
if (msg->exchange->doi
sbin/isakmpd/message.c
1127
msg->exchange->doi->validate_attribute, msg)) {
sbin/isakmpd/message.c
1139
if (!msg->exchange) {
sbin/isakmpd/message.c
1146
if (msg->exchange->phase != 1) {
sbin/isakmpd/message.c
1297
msg->exchange = exchange_lookup_from_icookie(buf +
sbin/isakmpd/message.c
1299
if (msg->exchange && msg->exchange->phase == 1 &&
sbin/isakmpd/message.c
1300
zero_test(msg->exchange->cookies +
sbin/isakmpd/message.c
1327
msg->exchange = exchange_lookup(buf, 1);
sbin/isakmpd/message.c
1400
msg->exchange = exchange_lookup(buf, 0);
sbin/isakmpd/message.c
1401
if (!msg->exchange) {
sbin/isakmpd/message.c
1406
} else if (msg->exchange->last_sent) {
sbin/isakmpd/message.c
1409
message_send(msg->exchange->last_sent);
sbin/isakmpd/message.c
1463
if (!msg->exchange) {
sbin/isakmpd/message.c
1474
if (msg->isakmp_sa && msg->exchange->phase == 1) {
sbin/isakmpd/message.c
1486
msg->exchange->doi->validate_exchange(exch_type)) {
sbin/isakmpd/message.c
1496
if (!msg->exchange->keystate) {
sbin/isakmpd/message.c
1497
msg->exchange->keystate = ks;
sbin/isakmpd/message.c
1498
msg->exchange->crypto = ks->xf;
sbin/isakmpd/message.c
1504
msg->exchange->flags |= EXCHANGE_FLAG_ENCRYPT;
sbin/isakmpd/message.c
1505
if ((msg->exchange->flags & EXCHANGE_FLAG_COMMITTED) == 0 &&
sbin/isakmpd/message.c
1507
msg->exchange->flags |= EXCHANGE_FLAG_HE_COMMITTED;
sbin/isakmpd/message.c
1514
(msg->exchange->phase == 2 ||
sbin/isakmpd/message.c
1515
(msg->exchange->keystate &&
sbin/isakmpd/message.c
1516
msg->exchange->type != ISAKMP_EXCH_AGGRESSIVE))) {
sbin/isakmpd/message.c
1518
msg->exchange->phase);
sbin/isakmpd/message.c
1541
struct exchange *exchange = msg->exchange;
sbin/isakmpd/message.c
1558
exchange->flags & EXCHANGE_FLAG_ENCRYPT) {
sbin/isakmpd/message.c
1559
if (!exchange->keystate) {
sbin/isakmpd/message.c
1560
exchange->keystate = exchange->doi->get_keystate(msg);
sbin/isakmpd/message.c
1561
if (!exchange->keystate)
sbin/isakmpd/message.c
1563
exchange->crypto = exchange->keystate->xf;
sbin/isakmpd/message.c
1564
exchange->flags |= EXCHANGE_FLAG_ENCRYPT;
sbin/isakmpd/message.c
1572
if (exchange->flags & EXCHANGE_FLAG_COMMITTED)
sbin/isakmpd/message.c
1579
exchange->in_transit = msg;
sbin/isakmpd/message.c
1602
message_setup_header(struct message *msg, u_int8_t exchange, u_int8_t flags,
sbin/isakmpd/message.c
1607
SET_ISAKMP_HDR_ICOOKIE(buf, msg->exchange->cookies);
sbin/isakmpd/message.c
1608
SET_ISAKMP_HDR_RCOOKIE(buf, msg->exchange->cookies +
sbin/isakmpd/message.c
1612
SET_ISAKMP_HDR_EXCH_TYPE(buf, exchange);
sbin/isakmpd/message.c
165
reply->exchange = msg->exchange;
sbin/isakmpd/message.c
1723
msg->exchange ? msg->exchange->doi->id : ISAKMP_DOI_ISAKMP,
sbin/isakmpd/message.c
1803
if (msg->exchange->doi->informational_pre_hook)
sbin/isakmpd/message.c
1804
if (msg->exchange->doi->informational_pre_hook(msg))
sbin/isakmpd/message.c
1863
if (msg->exchange->doi->informational_post_hook)
sbin/isakmpd/message.c
1864
if (msg->exchange->doi->informational_post_hook(msg)) {
sbin/isakmpd/message.c
1956
if (msg->exchange && msg->exchange->flags & EXCHANGE_FLAG_NAT_T_ENABLE)
sbin/isakmpd/message.c
1960
if (msg->exchange &&
sbin/isakmpd/message.c
1961
msg->exchange->initiator ^ (msg->exchange->step % 2)) {
sbin/isakmpd/message.c
1981
struct exchange *exchange = msg->exchange;
sbin/isakmpd/message.c
1996
sz = ((sz + exchange->crypto->blocksize - 1) /
sbin/isakmpd/message.c
1997
exchange->crypto->blocksize) * exchange->crypto->blocksize;
sbin/isakmpd/message.c
2020
crypto_encrypt(exchange->keystate, buf, msg->iov[1].iov_len);
sbin/isakmpd/message.c
2024
crypto_update_iv(exchange->keystate);
sbin/isakmpd/message.c
2036
struct exchange *exchange = msg->exchange;
sbin/isakmpd/message.c
2041
if (!exchange)
sbin/isakmpd/message.c
2045
exchange->last_received));
sbin/isakmpd/message.c
2046
if (exchange->last_received) {
sbin/isakmpd/message.c
2049
exchange->last_received->orig,
sbin/isakmpd/message.c
2050
exchange->last_received->orig_sz));
sbin/isakmpd/message.c
2052
if (sz == exchange->last_received->orig_sz &&
sbin/isakmpd/message.c
2053
memcmp(pkt, exchange->last_received->orig, sz) == 0) {
sbin/isakmpd/message.c
2062
if (exchange->last_sent && (exchange->last_sent->flags
sbin/isakmpd/message.c
2064
message_send(exchange->last_sent);
sbin/isakmpd/message.c
2073
if (exchange->last_sent) {
sbin/isakmpd/message.c
2074
if (exchange->last_sent == exchange->in_transit) {
sbin/isakmpd/message.c
2075
struct message *m = exchange->in_transit;
sbin/isakmpd/message.c
2078
exchange->in_transit = 0;
sbin/isakmpd/message.c
2080
message_free(exchange->last_sent);
sbin/isakmpd/message.c
2081
exchange->last_sent = 0;
sbin/isakmpd/message.c
2104
message_negotiate_sa(struct message *msg, int (*validate)(struct exchange *,
sbin/isakmpd/message.c
2112
struct exchange *exchange = msg->exchange;
sbin/isakmpd/message.c
2135
sa = TAILQ_FIRST(&exchange->sa_list);
sbin/isakmpd/message.c
2147
exchange->doi->is_attribute_incompatible, msg)) {
sbin/isakmpd/message.c
2153
if (sa_add_transform(sa, tp, exchange->initiator,
sbin/isakmpd/message.c
2213
if (!validate || validate(exchange, sa,
sbin/isakmpd/message.c
2285
struct exchange *exchange = msg->exchange;
sbin/isakmpd/message.c
2293
struct doi *doi = exchange->doi;
sbin/isakmpd/message.c
2300
for (sa = TAILQ_FIRST(&exchange->sa_list); sa;
sbin/isakmpd/message.c
374
msg->exchange->doi->debug_attribute, msg);
sbin/isakmpd/message.c
535
if (!msg->exchange) {
sbin/isakmpd/message.c
538
msg->exchange = exchange_setup_p1(msg,
sbin/isakmpd/message.c
541
msg->exchange = exchange_setup_p2(msg,
sbin/isakmpd/message.c
543
if (!msg->exchange) {
sbin/isakmpd/message.c
623
if (!msg->exchange) {
sbin/isakmpd/message.c
626
msg->exchange = exchange_setup_p1(msg, doi->id);
sbin/isakmpd/message.c
628
msg->exchange = exchange_setup_p2(msg, doi->id);
sbin/isakmpd/message.c
629
if (!msg->exchange) {
sbin/isakmpd/message.c
637
if (msg->exchange->type != ISAKMP_EXCH_INFO) {
sbin/isakmpd/message.c
640
msg->exchange->type));
sbin/isakmpd/message.c
712
if (msg->exchange && (msg->exchange->type != ISAKMP_EXCH_INFO))
sbin/isakmpd/message.c
774
struct exchange *exchange = msg->exchange;
sbin/isakmpd/message.c
777
if (!exchange) {
sbin/isakmpd/message.c
783
if (exchange->doi &&
sbin/isakmpd/message.c
784
exchange->doi->validate_id_information(GET_ISAKMP_ID_TYPE(p->p),
sbin/isakmpd/message.c
786
len - ISAKMP_ID_DATA_OFF, exchange)) {
sbin/isakmpd/message.c
798
struct exchange *exchange = msg->exchange;
sbin/isakmpd/message.c
801
if (!exchange) {
sbin/isakmpd/message.c
808
if (exchange->doi && exchange->doi->validate_key_information(p->p +
sbin/isakmpd/message.c
821
struct exchange *exchange = msg->exchange;
sbin/isakmpd/message.c
823
if (!exchange) {
sbin/isakmpd/message.c
830
if (exchange->phase != 1) {
sbin/isakmpd/message.c
847
struct exchange *exchange = msg->exchange;
sbin/isakmpd/message.c
849
if (!exchange) {
sbin/isakmpd/message.c
868
if (!msg->exchange) {
sbin/isakmpd/message.c
896
if (!msg->exchange) {
sbin/isakmpd/message.c
899
msg->exchange = exchange_setup_p1(msg, doi->id);
sbin/isakmpd/message.c
901
msg->exchange = exchange_setup_p2(msg, doi->id);
sbin/isakmpd/message.c
902
if (!msg->exchange) {
sbin/isakmpd/message.c
951
if (!msg->exchange) {
sbin/isakmpd/message.c
959
msg->exchange->doi->validate_proto(proto)) {
sbin/isakmpd/message.c
994
struct exchange *exchange = msg->exchange;
sbin/isakmpd/message.h
103
struct exchange *exchange;
sbin/isakmpd/message.h
186
int (*)(struct exchange *, struct sa *, struct sa *));
sbin/isakmpd/nat_traversal.c
200
msg->exchange->flags |= EXCHANGE_FLAG_NAT_T_CAP_PEER;
sbin/isakmpd/nat_traversal.c
201
msg->exchange->flags |= isakmp_nat_t_cap[i].flags;
sbin/isakmpd/nat_traversal.c
217
struct ipsec_exch *ie = (struct ipsec_exch *)msg->exchange->data;
sbin/isakmpd/nat_traversal.c
242
hash->Update(hash->ctx, msg->exchange->cookies,
sbin/isakmpd/nat_traversal.c
243
sizeof msg->exchange->cookies);
sbin/isakmpd/nat_traversal.c
277
if (msg->exchange->flags & EXCHANGE_FLAG_NAT_T_RFC)
sbin/isakmpd/nat_traversal.c
280
else if (msg->exchange->flags & EXCHANGE_FLAG_NAT_T_DRAFT)
sbin/isakmpd/nat_traversal.c
373
msg->exchange->flags |= EXCHANGE_FLAG_NAT_T_ENABLE;
sbin/isakmpd/nat_traversal.c
376
msg->exchange->flags |= EXCHANGE_FLAG_NAT_T_KEEPALIVE;
sbin/isakmpd/pf_key_v2.c
2137
pf_key_v2_stayalive(struct exchange *exchange, void *vconn, int fail)
sbin/isakmpd/pf_key_v2.c
2151
if (fail && (!exchange || exchange->name)) {
sbin/isakmpd/policy.c
69
struct exchange *policy_exchange = 0;
sbin/isakmpd/policy.h
42
extern struct exchange *policy_exchange;
sbin/isakmpd/sa.c
407
sa_create(struct exchange *exchange, struct transport *t)
sbin/isakmpd/sa.c
424
sa->phase = exchange->phase;
sbin/isakmpd/sa.c
425
memcpy(sa->cookies, exchange->cookies, ISAKMP_HDR_COOKIES_LEN);
sbin/isakmpd/sa.c
426
memcpy(sa->message_id, exchange->message_id,
sbin/isakmpd/sa.c
428
sa->doi = exchange->doi;
sbin/isakmpd/sa.c
447
TAILQ_INSERT_TAIL(&exchange->sa_list, sa, next);
sbin/isakmpd/sa.c
452
sa->phase, exchange,
sbin/isakmpd/sa.c
453
exchange->name ? exchange->name : "<unnamed>"));
sbin/isakmpd/sa.c
927
struct sa *sa = TAILQ_FIRST(&msg->exchange->sa_list);
sbin/isakmpd/sa.h
256
extern int sa_create(struct exchange *, struct transport *);
sbin/isakmpd/sa.h
48
struct exchange;
sbin/isakmpd/transport.c
258
struct exchange *exchange;
sbin/isakmpd/transport.c
289
exchange = msg->exchange;
sbin/isakmpd/transport.c
290
exchange->in_transit = 0;
sbin/isakmpd/transport.c
315
exchange->last_sent = 0;
sbin/isakmpd/transport.c
328
exchange->name ? exchange->name :
sbin/isakmpd/transport.c
331
exchange->last_sent = 0;
sbin/isakmpd/transport.c
333
exchange_free(exchange);
sbin/isakmpd/transport.c
334
exchange = 0;
sbin/isakmpd/transport.c
361
exchange->last_sent =
sbin/isakmpd/transport.c
365
exchange->last_sent =
sbin/isakmpd/transport.c
366
exchange->last_received ? msg : 0;
sbin/isakmpd/transport.c
375
ok_to_drop_message = exchange->last_sent == 0;
sbin/isakmpd/vendor.c
116
if (msg->exchange->flags & EXCHANGE_FLAG_OPENBSD) {
sbin/isakmpd/vendor.c
133
msg->exchange->flags |= EXCHANGE_FLAG_OPENBSD;
sbin/isakmpd/virtual.c
677
msg->exchange->flags |= EXCHANGE_FLAG_NAT_T_ENABLE;
sbin/isakmpd/virtual.c
678
msg->exchange->flags |= EXCHANGE_FLAG_NAT_T_CAP_PEER;
sbin/isakmpd/virtual.c
682
(msg->exchange->flags & EXCHANGE_FLAG_NAT_T_ENABLE) &&
sbin/isakmpd/virtual.c
683
(msg->exchange->type != ISAKMP_EXCH_ID_PROT ||
sbin/isakmpd/virtual.c
684
msg->exchange->step > 4)) || (msg->flags & MSG_NATT)) {
usr.sbin/nsd/rdata.c
1667
struct dname_buffer exchange;
usr.sbin/nsd/rdata.c
1675
if (!dname_make_from_packet_buffered(&exchange, packet, 1, 1))
usr.sbin/nsd/rdata.c
1682
domain = domain_table_insert(domains, (void*)&exchange);
usr.sbin/smtpd/dns.c
263
print_dname(rr.rr.mx.exchange, buf, sizeof(buf));
usr.sbin/smtpd/dns.c
320
print_dname(rr.rr.mx.exchange, buf, sizeof(buf));
usr.sbin/smtpd/spfwalk.c
280
print_dname(rr->rr.mx.exchange, buf, sizeof(buf));
usr.sbin/smtpd/unpack_dns.c
94
unpack_dname(p, rr->rr.mx.exchange, sizeof(rr->rr.mx.exchange));
usr.sbin/smtpd/unpack_dns.h
58
char exchange[MAXDNAME];