Convert *_sysctl in ipsec_input.c to sysctl_bounded_arr

The best-guessed limits will be tested by trial.

Make {ah,esp,ipcomp}stat use percpu counters.

OK bluhm@, mpi@

Convert all the fields of {ah,esp,ipcomp}stat to uint64.

This is a preliminary step for using percpu counters with the data.

OK mpi@

IPsec packets could be dropped unaccounted if output after crypto
failed. Add a counter for that case.
OK dhill@

Fix two bugs in IPsec/HMAC-SHA2:
(1) use correct (message) block size of 128 byte (instead of 64
bytes) for HMAC-SHA512/384 (RFC4634).
(2) RFC4868 specifies that HMAC-SHA-{256,384,512} is truncated to
nnn/2 bits, while we still use 96 bits. 96 bits have been
specified in draft-ietf-ipsec-ciph-sha-256-00 while
draft-ietf-ipsec-ciph-sha-256-01 changed it to 128 bits.

WARNING: this change makes IPsec with SHA-256 (the default)
incompatible with older OpenBSD versions and other IPsec-implementations
that share this bug.

ok+tests naddy, fries; requested by reyk/deraadt

add sysctl entry points into various network layers, in particular to
provide netstat(1) with data it needs; ok claudio reyk

switch to sysctl_int_arr(); ok henning, deraadt

Remove commons; inspired by netbsd.

whitespace

branches: 1.28.4;
Copyright.

Inclusion protection.

Lots and lots of changes.

Cryptographic services framework, and software "device driver". The
idea is to support various cryptographic hardware accelerators (which
may be (detachable) cards, secondary/tertiary/etc processors,
software crypto, etc). Supports session migration between crypto
devices. What it doesn't (yet) support:
- multiple instances of the same algorithm used in the same session
- use of multiple crypto drivers in the same session
- asymmetric crypto

No support for a userland device yet.

IPsec code path modified to allow for asynchronous cryptography
(callbacks used in both input and output processing). Some unrelated
code simplification done in the process (especially for AH).

Development of this code kindly supported by Network Security
Technologies (NSTI). The code was writen mostly in Greece, and is
being committed from Montreal.

branches: 1.24.2;
Merge "old" and "new" ESP and AH in two files (one for each).
Fix a couple of buglets with ingress flow deletion.
tcpdump on enc0 should now show all outgoing packets *before* being
processed, and all incoming packets *after* being processed.

Good to be in Canada (land of the free commits).

Add an ip4_input6() for use with IPv6 (just a wrapper for
ip4_input()), add prototype, ifdef include files.

Add ingress ACL for IPsec: after being processed, IPsec packets are
matched against a list of acceptable packet classes, if
sysctl variable net.inet.ip.ipsec-acl is set to 1.

fix IPv6 ipsec template lossage.
- previous code grabbed new nexthdr mistakingly
- parameter passing must follow ip6protows
(actually the code will never get called until in6_proto.c is updated)

the current code assumes that {AH,ESP} is right next to IPv6 header.
the assumption must be removed, but it means that we need to chase
header chain...

Change some function prototypes, dont unnecessarily initialize some
variables.

Add v4/v6 wrapper routine definitions.

New ah_new_input(), protocol-independent processing (still lacking
IPv6-specific protocol header processing).

Get rid of unnecessary third argument in *_output routines of IPsec.

Introduce net.inet.{ah,esp}.enable sysctl controls that are off by default.
If you are going to use either of AH or ESP or both, enable these in
/etc/sysctl.conf. Also correct the IPSec debugging sysctl code, it is now
named net.inet.ip.encdebug. Some corrected function signatures too.

Update copyright; remove a few annoying debugging printfs.

Btw, OpenBSD hit 25000 commits a couple commits ago.

Remove encap.h include; saner debugging printfs; fix buglets; work with
pfkeyv2.

Add checks of packets getting to big after transforms.
Also make sure some more error conditions get told to the caller.

first step to the setsockopt/getsockopt interface as described in
draft-mcdonald-simple-ipsec-api, kernel notifies (EMT_REQUESTSA) signal
userland key management applications when security services are requested.
this is only for outgoing connections at the moment, incoming packets
are not yet checked against the selected socket policy.

add ripemd-160 as authentication function.

make it easier to add additional transforms. add blowfish and cast
encryption. some more info for kernfs/ipsec.

global byte counters.

put old esp/ah and new esp/ah in different files.
generalised way of handling transforms.

hard and soft limits for SPI's per absolute timer, relative since establish,
relative since first use timers, packet and byte counters. notify key mgmt
on soft limits. key mgmt can now specify limits. new encap messages:
EMT_RESERVESPI, EMT_ENABLESPI, EMT_DISABLESPI

ah-sha1 + esp-3des + indentation

no more 2(two) md5 libs in kernel!
tested for rnd(4).... should work for ip too, since it's
the copy of ip_md*.
use sys/md5k.h for protos.... std iface forever!
hurray!

I/O packet counters added.

Beautification.

OpenBSD tags + some prototyping police

IPSEC package by John Ioannidis and Angelos D. Keromytis. Written in
Greece. From ftp.funet.fi:/pub/unix/security/net/ip/BSDipsec.tar.gz

Make {ah,esp,ipcomp}stat use percpu counters.

OK bluhm@, mpi@

Convert all the fields of {ah,esp,ipcomp}stat to uint64.

This is a preliminary step for using percpu counters with the data.

OK mpi@

IPsec packets could be dropped unaccounted if output after crypto
failed. Add a counter for that case.
OK dhill@

Fix two bugs in IPsec/HMAC-SHA2:
(1) use correct (message) block size of 128 byte (instead of 64
bytes) for HMAC-SHA512/384 (RFC4634).
(2) RFC4868 specifies that HMAC-SHA-{256,384,512} is truncated to
nnn/2 bits, while we still use 96 bits. 96 bits have been
specified in draft-ietf-ipsec-ciph-sha-256-00 while
draft-ietf-ipsec-ciph-sha-256-01 changed it to 128 bits.

WARNING: this change makes IPsec with SHA-256 (the default)
incompatible with older OpenBSD versions and other IPsec-implementations
that share this bug.

ok+tests naddy, fries; requested by reyk/deraadt

add sysctl entry points into various network layers, in particular to
provide netstat(1) with data it needs; ok claudio reyk

switch to sysctl_int_arr(); ok henning, deraadt

Remove commons; inspired by netbsd.

whitespace

branches: 1.28.4;
Copyright.

Inclusion protection.

Lots and lots of changes.

Cryptographic services framework, and software "device driver". The
idea is to support various cryptographic hardware accelerators (which
may be (detachable) cards, secondary/tertiary/etc processors,
software crypto, etc). Supports session migration between crypto
devices. What it doesn't (yet) support:
- multiple instances of the same algorithm used in the same session
- use of multiple crypto drivers in the same session
- asymmetric crypto

No support for a userland device yet.

IPsec code path modified to allow for asynchronous cryptography
(callbacks used in both input and output processing). Some unrelated
code simplification done in the process (especially for AH).

Development of this code kindly supported by Network Security
Technologies (NSTI). The code was writen mostly in Greece, and is
being committed from Montreal.

branches: 1.24.2;
Merge "old" and "new" ESP and AH in two files (one for each).
Fix a couple of buglets with ingress flow deletion.
tcpdump on enc0 should now show all outgoing packets *before* being
processed, and all incoming packets *after* being processed.

Good to be in Canada (land of the free commits).

Add an ip4_input6() for use with IPv6 (just a wrapper for
ip4_input()), add prototype, ifdef include files.

Add ingress ACL for IPsec: after being processed, IPsec packets are
matched against a list of acceptable packet classes, if
sysctl variable net.inet.ip.ipsec-acl is set to 1.

fix IPv6 ipsec template lossage.
- previous code grabbed new nexthdr mistakingly
- parameter passing must follow ip6protows
(actually the code will never get called until in6_proto.c is updated)

the current code assumes that {AH,ESP} is right next to IPv6 header.
the assumption must be removed, but it means that we need to chase
header chain...

Change some function prototypes, dont unnecessarily initialize some
variables.

Add v4/v6 wrapper routine definitions.

New ah_new_input(), protocol-independent processing (still lacking
IPv6-specific protocol header processing).

Get rid of unnecessary third argument in *_output routines of IPsec.

Introduce net.inet.{ah,esp}.enable sysctl controls that are off by default.
If you are going to use either of AH or ESP or both, enable these in
/etc/sysctl.conf. Also correct the IPSec debugging sysctl code, it is now
named net.inet.ip.encdebug. Some corrected function signatures too.

Update copyright; remove a few annoying debugging printfs.

Btw, OpenBSD hit 25000 commits a couple commits ago.

Remove encap.h include; saner debugging printfs; fix buglets; work with
pfkeyv2.

Add checks of packets getting to big after transforms.
Also make sure some more error conditions get told to the caller.

first step to the setsockopt/getsockopt interface as described in
draft-mcdonald-simple-ipsec-api, kernel notifies (EMT_REQUESTSA) signal
userland key management applications when security services are requested.
this is only for outgoing connections at the moment, incoming packets
are not yet checked against the selected socket policy.

add ripemd-160 as authentication function.

make it easier to add additional transforms. add blowfish and cast
encryption. some more info for kernfs/ipsec.

global byte counters.

put old esp/ah and new esp/ah in different files.
generalised way of handling transforms.

hard and soft limits for SPI's per absolute timer, relative since establish,
relative since first use timers, packet and byte counters. notify key mgmt
on soft limits. key mgmt can now specify limits. new encap messages:
EMT_RESERVESPI, EMT_ENABLESPI, EMT_DISABLESPI

ah-sha1 + esp-3des + indentation

no more 2(two) md5 libs in kernel!
tested for rnd(4).... should work for ip too, since it's
the copy of ip_md*.
use sys/md5k.h for protos.... std iface forever!
hurray!

I/O packet counters added.

Beautification.

OpenBSD tags + some prototyping police

IPSEC package by John Ioannidis and Angelos D. Keromytis. Written in
Greece. From ftp.funet.fi:/pub/unix/security/net/ip/BSDipsec.tar.gz