iked_sa
sa_stateok(const struct iked_sa *a, int b)
sa_state(struct iked * a, struct iked_sa *b, int c)
ikev2_disable_rekeying(struct iked *a, struct iked_sa *b)
ca_setreq(struct iked *env, struct iked_sa *sh, struct iked_static_id *localid,
ikev2_msg_decrypt(struct iked *env, struct iked_sa *sa,
int eap_parse(struct iked *, const struct iked_sa *,
ikev2_ike_sa_setreason(struct iked_sa *sa, char *r)
int ikev2_send_ike_e(struct iked *, struct iked_sa *, struct ibuf *,
void ikev2_ikesa_recv_delete(struct iked *, struct iked_sa *);
childsa_lookup(struct iked_sa *, uint64_t, uint8_t);
int ikev2_childsa_delete(struct iked *, struct iked_sa *,
int sa_stateok(const struct iked_sa *, int);
void sa_state(struct iked *, struct iked_sa *, int);
void ikev2_disable_rekeying(struct iked *, struct iked_sa *);
int ca_setreq(struct iked *, struct iked_sa *, struct iked_static_id *,
ikev2_msg_decrypt(struct iked *, struct iked_sa *, struct ibuf *,
eap_parse(struct iked *env, const struct iked_sa *sa, struct iked_message *msg,
ikev2_send_ike_e(struct iked *env, struct iked_sa *sa, struct ibuf *buf,
ikev2_ikesa_recv_delete(struct iked *env, struct iked_sa *sa)
childsa_lookup(struct iked_sa *a, uint64_t b, uint8_t c)
ikev2_childsa_delete(struct iked *a, struct iked_sa *b, uint8_t c,
static struct iked_sa sa;
ca_setreq(struct iked *env, struct iked_sa *sa,
ca_setauth(struct iked *env, struct iked_sa *sa,
struct iked_sa sa;
config_free_sa(struct iked *env, struct iked_sa *sa)
struct iked_sa *sa;
struct iked_sa *
struct iked_sa *sa;
struct iked_sa *sa;
eap_challenge_request(struct iked *env, struct iked_sa *sa,
eap_message_send(struct iked *env, struct iked_sa *sa, int eap_code, int eap_id)
eap_success(struct iked *env, struct iked_sa *sa, int eap_id)
eap_mschap_challenge(struct iked *env, struct iked_sa *sa, int eap_id,
eap_mschap_success(struct iked *env, struct iked_sa *sa, int eap_id)
eap_mschap(struct iked *env, const struct iked_sa *sa,
eap_parse(struct iked *env, const struct iked_sa *sa, struct iked_message *msg,
int eap_message_send(struct iked *, struct iked_sa *, int, int);
int eap_mschap(struct iked *, const struct iked_sa *,
eap_identity_request(struct iked *env, struct iked_sa *sa)
int policy_lookup_sa(struct iked *, struct iked_sa *);
void sa_state(struct iked *, struct iked_sa *, int);
void sa_stateflags(struct iked_sa *, unsigned int);
int sa_stateok(const struct iked_sa *, int);
struct iked_sa *
void sa_free(struct iked *, struct iked_sa *);
int sa_configure_iface(struct iked *, struct iked_sa *, int);
int sa_address(struct iked_sa *, struct iked_addr *, struct sockaddr *);
childsa_lookup(struct iked_sa *, uint64_t, uint8_t);
struct iked_sa *
struct iked_sa *
sa_dstid_lookup(struct iked *, struct iked_sa *);
struct iked_sa *
sa_dstid_insert(struct iked *, struct iked_sa *);
void sa_dstid_remove(struct iked *, struct iked_sa *);
RB_PROTOTYPE(iked_sas, iked_sa, sa_entry, sa_cmp);
RB_PROTOTYPE(iked_dstid_sas, iked_sa, sa_dstid_entry, sa_dstid_cmp);
RB_PROTOTYPE(iked_addrpool, iked_sa, sa_addrpool_entry, sa_addrpool_cmp);
RB_PROTOTYPE(iked_addrpool6, iked_sa, sa_addrpool6_entry, sa_addrpool6_cmp);
int ikev2_childsa_enable(struct iked *, struct iked_sa *);
int ikev2_childsa_delete(struct iked *, struct iked_sa *,
void ikev2_ikesa_recv_delete(struct iked *, struct iked_sa *);
void ikev2_ike_sa_setreason(struct iked_sa *, char *);
int ikev2_ike_sa_delete(struct iked *, struct iked_sa *);
ssize_t ikev2_psk(struct iked_sa *, uint8_t *, size_t, uint8_t **);
void ikev2_enable_natt(struct iked *, struct iked_sa *,
int ikev2_send_ike_e(struct iked *, struct iked_sa *, struct ibuf *,
ikev2_add_header(struct ibuf *, struct iked_sa *,
void ikev2_disable_rekeying(struct iked *, struct iked_sa *);
ikev2_msg_id(struct iked *, struct iked_sa *);
*ikev2_msg_auth(struct iked *, struct iked_sa *, int);
int ikev2_msg_authsign(struct iked *, struct iked_sa *,
int ikev2_msg_authverify(struct iked *, struct iked_sa *,
int ikev2_msg_send_encrypt(struct iked *, struct iked_sa *,
*ikev2_msg_encrypt(struct iked *, struct iked_sa *, struct ibuf *,
ikev2_msg_decrypt(struct iked *, struct iked_sa *,
int ikev2_msg_integr(struct iked *, struct iked_sa *, struct ibuf *);
int ikev2_msg_retransmit_response(struct iked *, struct iked_sa *,
int eap_parse(struct iked *, const struct iked_sa *, struct iked_message*,
int eap_success(struct iked *, struct iked_sa *, int);
int eap_identity_request(struct iked *, struct iked_sa *);
int eap_mschap_challenge(struct iked *, struct iked_sa *, int, int,
int eap_mschap_success(struct iked *, struct iked_sa *, int);
int eap_challenge_request(struct iked *, struct iked_sa *, int);
int iked_radius_request(struct iked *, struct iked_sa *,
void iked_radius_acct_start(struct iked *, struct iked_sa *);
void iked_radius_acct_stop(struct iked *, struct iked_sa *);
int ca_setreq(struct iked *, struct iked_sa *, struct iked_static_id *,
int ca_setauth(struct iked *, struct iked_sa *,
struct iked_sa *flow_ikesa; /* parent SA */
struct iked_sa *csa_ikesa; /* parent SA */
TAILQ_HEAD(iked_sapeers, iked_sa);
struct iked_sa *sa_nexti; /* initiated IKE SA */
struct iked_sa *sa_previ; /* matching back pointer */
struct iked_sa *sa_nextr; /* simultaneous rekey */
struct iked_sa *sa_prevr; /* matching back pointer */
TAILQ_ENTRY(iked_sa) sa_peer_entry;
RB_ENTRY(iked_sa) sa_entry; /* all SAs */
RB_ENTRY(iked_sa) sa_dstid_entry; /* SAs by DSTID */
RB_ENTRY(iked_sa) sa_addrpool_entry; /* pool entries */
RB_ENTRY(iked_sa) sa_addrpool6_entry; /* pool entries */
RB_HEAD(iked_sas, iked_sa);
RB_HEAD(iked_dstid_sas, iked_sa);
RB_HEAD(iked_addrpool, iked_sa);
RB_HEAD(iked_addrpool6, iked_sa);
struct iked_sa *msg_sa;
struct iked_sa *rr_sa;
void config_free_sa(struct iked *, struct iked_sa *);
struct iked_sa *
int ikev2_resp_ike_auth(struct iked *, struct iked_sa *);
int ikev2_send_auth_failed(struct iked *, struct iked_sa *);
int ikev2_send_error(struct iked *, struct iked_sa *,
int ikev2_send_create_child_sa(struct iked *, struct iked_sa *,
int ikev2_ikesa_enable(struct iked *, struct iked_sa *, struct iked_sa *);
void ikev2_ikesa_delete(struct iked *, struct iked_sa *, int);
ikev2_ike_auth(struct iked *env, struct iked_sa *sa)
struct iked_sa *sa;
void ikev2_ike_sa_rekey_schedule(struct iked *, struct iked_sa *);
void ikev2_ike_sa_rekey_schedule_fast(struct iked *, struct iked_sa *);
int ikev2_sa_negotiate_common(struct iked *, struct iked_sa *,
int ikev2_sa_initiator(struct iked *, struct iked_sa *,
struct iked_sa *, struct iked_message *);
int ikev2_sa_responder(struct iked *, struct iked_sa *, struct iked_sa *,
int ikev2_sa_initiator_dh(struct iked_sa *, struct iked_message *,
ikev2_enable_natt(struct iked *env, struct iked_sa *sa,
unsigned int, struct iked_sa *);
void ikev2_sa_cleanup_dh(struct iked_sa *);
int ikev2_sa_keys(struct iked *, struct iked_sa *, struct ibuf *);
int ikev2_sa_tag(struct iked_sa *, struct iked_id *);
struct iked_sa *sa = arg;
int ikev2_set_sa_proposal(struct iked_sa *, struct iked_policy *,
struct iked_sa *sa = NULL;
int ikev2_childsa_negotiate(struct iked *, struct iked_sa *,
int ikev2_childsa_delete_proposed(struct iked *, struct iked_sa *,
ssize_t ikev2_add_proposals(struct iked *, struct iked_sa *, struct ibuf *,
ssize_t ikev2_add_cp(struct iked *, struct iked_sa *, int, struct ibuf *);
ssize_t ikev2_init_add_cp(struct iked *, struct iked_sa *, struct ibuf *);
ssize_t ikev2_resp_add_cp(struct iked *, struct iked_sa *, struct ibuf *);
struct iked_sa *sa = msg->msg_sa;
struct iked_sa *, int);
ikev2_init_ike_auth(struct iked *env, struct iked_sa *sa)
struct ikev2_payload **, ssize_t, struct iked_sa *, int);
ssize_t ikev2_add_ts_payload(struct ibuf *, unsigned int, struct iked_sa *);
int ikev2_cp_setaddr(struct iked *, struct iked_sa *, sa_family_t);
int ikev2_cp_setaddr_pool(struct iked *, struct iked_sa *,
int ikev2_cp_fixaddr(struct iked_sa *, struct iked_addr *,
int ikev2_cp_fixflow(struct iked_sa *, struct iked_flow *,
int ikev2_cp_request_configured(struct iked_sa *);
ikev2_enable_timer(struct iked *env, struct iked_sa *sa)
struct iked_sa *sa;
ikev2_disable_timer(struct iked *env, struct iked_sa *sa)
ikev2_init_done(struct iked *env, struct iked_sa *sa)
struct ikev2_payload **, ssize_t, struct iked_sa *);
int ikev2_update_sa_addresses(struct iked *, struct iked_sa *);
int ikev2_resp_informational(struct iked *, struct iked_sa *,
ikev2_add_header(struct ibuf *buf, struct iked_sa *sa,
ikev2_add_ts_payload(struct ibuf *buf, unsigned int type, struct iked_sa *sa)
struct iked_sa *sa, int reverse)
struct ikev2_payload **pld, ssize_t len, struct iked_sa *sa,
struct ikev2_payload **pld, ssize_t len, struct iked_sa *sa)
struct iked_sa *sa = msg->msg_sa;
struct iked_sa *sa, *satmp;
ikev2_add_cp(struct iked *env, struct iked_sa *sa, int type, struct ibuf *buf)
ikev2_init_add_cp(struct iked *env, struct iked_sa *sa, struct ibuf *buf)
ikev2_resp_add_cp(struct iked *env, struct iked_sa *sa, struct ibuf *buf)
ikev2_add_proposals(struct iked *env, struct iked_sa *sa, struct ibuf *buf,
ikev2_resp_informational(struct iked *env, struct iked_sa *sa,
struct iked_sa *sa;
struct iked_sa *sa = msg->msg_sa;
struct iked_sa *sa;
struct iked_sa *sa;
struct iked_sa *sa = msg->msg_sa;
ikev2_send_auth_failed(struct iked *env, struct iked_sa *sa)
ikev2_record_dstid(struct iked *env, struct iked_sa *sa)
struct iked_sa *osa;
ikev2_send_error(struct iked *env, struct iked_sa *sa,
struct iked_sa *sa = msg->msg_sa;
struct iked_sa *sa;
ikev2_resp_ike_eap_mschap(struct iked *env, struct iked_sa *sa,
ikev2_resp_ike_eap(struct iked *env, struct iked_sa *sa,
ikev2_resp_ike_auth(struct iked *env, struct iked_sa *sa)
ikev2_send_ike_e(struct iked *env, struct iked_sa *sa, struct ibuf *buf,
ikev2_set_sa_proposal(struct iked_sa *sa, struct iked_policy *pol,
ikev2_send_create_child_sa(struct iked *env, struct iked_sa *sa,
struct iked_sa *sa = arg;
struct iked_sa *nsa = NULL;
struct iked_sa *sa = msg->msg_sa;
struct iked_sa *nsa, *dsa;
ikev2_ikesa_enable(struct iked *env, struct iked_sa *sa, struct iked_sa *nsa)
ikev2_ikesa_delete(struct iked *env, struct iked_sa *sa, int initiator)
ikev2_ikesa_recv_delete(struct iked *env, struct iked_sa *sa)
struct iked_sa *nsa = NULL, *sa = msg->msg_sa;
ikev2_ike_sa_setreason(struct iked_sa *sa, char *reason)
struct iked_sa *sa = arg;
struct iked_sa *sa = arg;
ikev2_ike_sa_rekey_schedule(struct iked *env, struct iked_sa *sa)
ikev2_ike_sa_rekey_schedule_fast(struct iked *env, struct iked_sa *sa)
struct iked_sa *sa = arg;
struct iked_sa *sa = arg;
struct iked_sa *sa = msg->msg_sa, sah;
struct iked_sa *);
ikev2_psk(struct iked_sa *sa, uint8_t *data, size_t length,
ikev2_sa_initiator_dh(struct iked_sa *sa, struct iked_message *msg,
unsigned int proto, struct iked_sa *osa)
ikev2_ike_sa_delete(struct iked *env, struct iked_sa *sa)
ikev2_sa_negotiate_common(struct iked *env, struct iked_sa *sa,
ikev2_sa_initiator(struct iked *env, struct iked_sa *sa,
struct iked_sa *osa, struct iked_message *msg)
struct iked_sa *sa;
ikev2_sa_responder(struct iked *env, struct iked_sa *sa, struct iked_sa *osa,
ikev2_sa_keys(struct iked *env, struct iked_sa *sa, struct ibuf *key)
void ikev2_log_established(struct iked_sa *);
ikev2_sa_cleanup_dh(struct iked_sa *sa)
void ikev2_log_proposal(struct iked_sa *, struct iked_proposals *);
ikev2_sa_tag(struct iked_sa *sa, struct iked_id *id)
struct iked_sa *
struct iked_sa *sa;
ikev2_childsa_delete_proposed(struct iked *env, struct iked_sa *sa,
ikev2_childsa_negotiate(struct iked *env, struct iked_sa *sa,
ikev2_childsa_enable(struct iked *env, struct iked_sa *sa)
struct iked_sa *sa;
ikev2_childsa_delete(struct iked *env, struct iked_sa *sa, uint8_t saproto,
struct iked_sa *sa;
ikev2_disable_rekeying(struct iked *env, struct iked_sa *sa)
struct iked_sa *sa;
struct iked_sa *
struct iked_sa *sa;
ikev2_cp_setaddr(struct iked *env, struct iked_sa *sa, sa_family_t family)
ikev2_cp_setaddr_pool(struct iked *env, struct iked_sa *sa,
struct iked_sa key;
struct iked_sa *osa;
int ikev2_ike_auth_compatible(struct iked_sa *, uint8_t, uint8_t);
ikev2_cp_request_configured(struct iked_sa *sa)
int ikev2_ike_auth_recv(struct iked *, struct iked_sa *,
ikev2_cp_fixaddr(struct iked_sa *sa, struct iked_addr *addr,
ikev2_cp_fixflow(struct iked_sa *sa, struct iked_flow *flow,
ikev2_update_sa_addresses(struct iked *env, struct iked_sa *sa)
struct iked_sa *sa)
int ikev2_ike_auth(struct iked *, struct iked_sa *);
struct iked_sa *sa;
int ikev2_auth_verify(struct iked *, struct iked_sa *);
ikev2_log_established(struct iked_sa *sa)
ikev2_log_proposal(struct iked_sa *sa, struct iked_proposals *proposals)
ikev2_ike_auth_compatible(struct iked_sa *sa, uint8_t policy, uint8_t wire)
int ikev2_init_ike_auth(struct iked *, struct iked_sa *);
ikev2_auth_verify(struct iked *env, struct iked_sa *sa)
int ikev2_init_done(struct iked *, struct iked_sa *);
int ikev2_record_dstid(struct iked *, struct iked_sa *);
void ikev2_enable_timer(struct iked *, struct iked_sa *);
void ikev2_disable_timer(struct iked *, struct iked_sa *);
ikev2_ike_auth_recv(struct iked *env, struct iked_sa *sa,
int ikev2_resp_ike_eap(struct iked *, struct iked_sa *,
int ikev2_resp_ike_eap_mschap(struct iked *, struct iked_sa *,
ikev2_msg_authverify(struct iked *env, struct iked_sa *sa,
ikev2_msg_authsign(struct iked *env, struct iked_sa *sa,
struct iked_sa *sa = msg->msg_sa;
ikev2_msg_retransmit_response(struct iked *env, struct iked_sa *sa,
struct iked_sa *sa;
struct iked_sa *sa = msg->msg_sa;
struct iked_sa *sa = msg->msg_sa;
ikev2_msg_id(struct iked *env, struct iked_sa *sa)
ikev2_msg_encrypt_prepare(struct iked_sa *sa, struct ikev2_payload *pld,
ikev2_msg_encrypt(struct iked *env, struct iked_sa *sa, struct ibuf *src,
int ikev2_check_frag_oversize(struct iked_sa *, struct ibuf *);
ikev2_msg_integr(struct iked *env, struct iked_sa *sa, struct ibuf *src)
int ikev2_send_encrypted_fragments(struct iked *, struct iked_sa *,
int ikev2_msg_encrypt_prepare(struct iked_sa *, struct ikev2_payload *,
ikev2_msg_decrypt(struct iked *env, struct iked_sa *sa,
ikev2_check_frag_oversize(struct iked_sa *sa, struct ibuf *buf) {
ikev2_msg_send_encrypt(struct iked *env, struct iked_sa *sa, struct ibuf **ep,
ikev2_send_encrypted_fragments(struct iked *env, struct iked_sa *sa,
ikev2_msg_auth(struct iked *env, struct iked_sa *sa, int response)
const struct iked_sa *sa = msg->msg_sa;
struct iked_sa *sa = msg->msg_sa;
struct iked_sa *sa = msg->msg_sa;
const struct iked_sa *sa = msg->msg_sa;
const struct iked_sa *sa = msg->msg_sa;
const struct iked_sa *sa = msg->msg_sa;
struct iked_sa *sa;
RB_GENERATE(iked_sas, iked_sa, sa_entry, sa_cmp);
RB_GENERATE(iked_dstid_sas, iked_sa, sa_dstid_entry, sa_dstid_cmp);
RB_GENERATE(iked_addrpool, iked_sa, sa_addrpool_entry, sa_addrpool_cmp);
RB_GENERATE(iked_addrpool6, iked_sa, sa_addrpool6_entry, sa_addrpool6_cmp);
policy_lookup_sa(struct iked *env, struct iked_sa *sa)
struct iked_sa *tmp;
sa_state(struct iked *env, struct iked_sa *sa, int state)
sa_cmp(struct iked_sa *, struct iked_sa *);
sa_dstid_cmp(struct iked_sa *, struct iked_sa *);
sa_stateflags(struct iked_sa *sa, unsigned int flags)
sa_stateok(const struct iked_sa *sa, int state)
struct iked_sa *
struct iked_sa *sa;
struct iked_sa *old;
sa_free(struct iked *env, struct iked_sa *sa)
struct iked_sa *osa;
sa_address(struct iked_sa *sa, struct iked_addr *addr, struct sockaddr *peer)
sa_configure_iface(struct iked *env, struct iked_sa *sa, int add)
childsa_lookup(struct iked_sa *sa, uint64_t spi, uint8_t protoid)
struct iked_sa *
struct iked_sa *sa, key;
sa_cmp(struct iked_sa *a, struct iked_sa *b)
sa_dstid_checked(struct iked_sa *sa)
struct iked_sa *
sa_dstid_lookup(struct iked *env, struct iked_sa *key)
struct iked_sa *sa;
struct iked_sa *
sa_dstid_insert(struct iked *env, struct iked_sa *sa)
struct iked_sa *osa;
sa_dstid_remove(struct iked *env, struct iked_sa *sa)
sa_dstid_cmp(struct iked_sa *a, struct iked_sa *b)
sa_addrpool_cmp(struct iked_sa *a, struct iked_sa *b)
sa_addrpool6_cmp(struct iked_sa *a, struct iked_sa *b)
void iked_radius_fill_attributes(struct iked_sa *, RADIUS_PACKET *);
void iked_radius_acct_request(struct iked *, struct iked_sa *, uint8_t);
iked_radius_fill_attributes(struct iked_sa *sa, RADIUS_PACKET *pkt)
struct iked_sa *sa = req->rr_sa;
iked_radius_request(struct iked *env, struct iked_sa *sa,
iked_radius_acct_start(struct iked *env, struct iked_sa *sa)
iked_radius_acct_stop(struct iked *env, struct iked_sa *sa)
iked_radius_acct_request(struct iked *env, struct iked_sa *sa, uint8_t stype)
struct iked_sa *sa = NULL;