diff options
Diffstat (limited to 'linux/net/ipsec/alg')
21 files changed, 0 insertions, 1557 deletions
diff --git a/linux/net/ipsec/alg/Config.alg_aes.in b/linux/net/ipsec/alg/Config.alg_aes.in deleted file mode 100644 index 4a2f81a0b..000000000 --- a/linux/net/ipsec/alg/Config.alg_aes.in +++ /dev/null @@ -1,3 +0,0 @@ -if [ "$CONFIG_IPSEC_ALG" = "y" ]; then - tristate ' AES encryption algorithm' CONFIG_IPSEC_ALG_AES -fi diff --git a/linux/net/ipsec/alg/Config.alg_blowfish.in b/linux/net/ipsec/alg/Config.alg_blowfish.in deleted file mode 100644 index a4e5709b0..000000000 --- a/linux/net/ipsec/alg/Config.alg_blowfish.in +++ /dev/null @@ -1,3 +0,0 @@ -if [ "$CONFIG_IPSEC_ALG" = "y" ]; then - tristate ' BLOWFISH encryption algorithm' CONFIG_IPSEC_ALG_BLOWFISH -fi diff --git a/linux/net/ipsec/alg/Config.alg_cryptoapi.in b/linux/net/ipsec/alg/Config.alg_cryptoapi.in deleted file mode 100644 index c2c66eed8..000000000 --- a/linux/net/ipsec/alg/Config.alg_cryptoapi.in +++ /dev/null @@ -1,3 +0,0 @@ -if [ "$CONFIG_IPSEC_ALG" = "y" ]; then - dep_tristate ' CRYPTOAPI ciphers support (needs cryptoapi patch)' CONFIG_IPSEC_ALG_CRYPTOAPI $CONFIG_CRYPTO -fi diff --git a/linux/net/ipsec/alg/Config.alg_serpent.in b/linux/net/ipsec/alg/Config.alg_serpent.in deleted file mode 100644 index fb1a88460..000000000 --- a/linux/net/ipsec/alg/Config.alg_serpent.in +++ /dev/null @@ -1,3 +0,0 @@ -if [ "$CONFIG_IPSEC_ALG" = "y" ]; then - tristate ' SERPENT encryption algorithm' CONFIG_IPSEC_ALG_SERPENT -fi diff --git a/linux/net/ipsec/alg/Config.alg_sha2.in b/linux/net/ipsec/alg/Config.alg_sha2.in deleted file mode 100644 index 2d26c814b..000000000 --- a/linux/net/ipsec/alg/Config.alg_sha2.in +++ /dev/null @@ -1,3 +0,0 @@ -if [ "$CONFIG_IPSEC_ALG" = "y" ]; then - tristate ' HMAC_SHA2 auth algorithm' CONFIG_IPSEC_ALG_SHA2 -fi diff --git a/linux/net/ipsec/alg/Config.alg_twofish.in b/linux/net/ipsec/alg/Config.alg_twofish.in deleted file mode 100644 index 13655649d..000000000 --- a/linux/net/ipsec/alg/Config.alg_twofish.in +++ /dev/null @@ -1,3 +0,0 @@ -if [ "$CONFIG_IPSEC_ALG" = "y" ]; then - tristate ' TWOFISH encryption algorithm' CONFIG_IPSEC_ALG_TWOFISH -fi diff --git a/linux/net/ipsec/alg/Config.in b/linux/net/ipsec/alg/Config.in deleted file mode 100644 index be5990e3a..000000000 --- a/linux/net/ipsec/alg/Config.in +++ /dev/null @@ -1,7 +0,0 @@ -#Placeholder -source net/ipsec/alg/Config.alg_aes.in -source net/ipsec/alg/Config.alg_blowfish.in -source net/ipsec/alg/Config.alg_twofish.in -source net/ipsec/alg/Config.alg_serpent.in -source net/ipsec/alg/Config.alg_cryptoapi.in -source net/ipsec/alg/Config.alg_sha2.in diff --git a/linux/net/ipsec/alg/Makefile b/linux/net/ipsec/alg/Makefile deleted file mode 100644 index 2249668f5..000000000 --- a/linux/net/ipsec/alg/Makefile +++ /dev/null @@ -1,112 +0,0 @@ -# $Id: Makefile,v 1.2 2004/03/22 21:53:19 as Exp $ -ifeq ($(strip $(KLIPSMODULE)),) -FREESWANSRCDIR=. -else -FREESWANSRCDIR=../../../.. -endif -ifeq ($(strip $(KLIPS_TOP)),) -KLIPS_TOP=../../.. -override EXTRA_CFLAGS += -I$(KLIPS_TOP)/include -endif - -ifeq ($(CONFIG_IPSEC_DEBUG),y) -override EXTRA_CFLAGS += -g -endif - -# LIBCRYPTO normally comes as an argument from "parent" Makefile -# (this applies both to FS' "make module" and eg. Linux' "make modules" -# But make dep doest follow same evaluations, so we need this default: -LIBCRYPTO=$(TOPDIR)/lib/libcrypto - -override EXTRA_CFLAGS += -I$(LIBCRYPTO)/include -override EXTRA_CFLAGS += -Wall -Wpointer-arith -Wstrict-prototypes - -MOD_LIST_NAME := NET_MISC_MODULES - -#O_TARGET := static_init.o - -subdir- := -subdir-n := -subdir-y := -subdir-m := - -obj-y := static_init.o - -ARCH_ASM-y := -ARCH_ASM-$(CONFIG_M586) := i586 -ARCH_ASM-$(CONFIG_M586TSC) := i586 -ARCH_ASM-$(CONFIG_M586MMX) := i586 -ARCH_ASM-$(CONFIG_MK6) := i586 -ARCH_ASM-$(CONFIG_M686) := i686 -ARCH_ASM-$(CONFIG_MPENTIUMIII) := i686 -ARCH_ASM-$(CONFIG_MPENTIUM4) := i686 -ARCH_ASM-$(CONFIG_MK7) := i686 -ARCH_ASM-$(CONFIG_MCRUSOE) := i586 -ARCH_ASM-$(CONFIG_MWINCHIPC6) := i586 -ARCH_ASM-$(CONFIG_MWINCHIP2) := i586 -ARCH_ASM-$(CONFIG_MWINCHIP3D) := i586 -ARCH_ASM-$(CONFIG_USERMODE) := i586 - -ARCH_ASM :=$(ARCH_ASM-y) -ifdef NO_ASM -ARCH_ASM := -endif - -# The algorithm makefiles may put dependences, short-circuit them -null: - -makefiles=$(filter-out %.preipsec, $(wildcard Makefile.alg_*)) -ifneq ($(makefiles),) -#include Makefile.alg_aes -#include Makefile.alg_aes-opt -include $(makefiles) -endif - -# These rules translate from new to old makefile rules -# Translate to Rules.make lists. -multi-used := $(filter $(list-multi), $(obj-y) $(obj-m)) -multi-objs := $(foreach m, $(multi-used), $($(basename $(m))-objs)) -active-objs := $(sort $(multi-objs) $(obj-y) $(obj-m)) -O_OBJS := $(obj-y) -M_OBJS := $(obj-m) -MIX_OBJS := $(filter $(export-objs), $(active-objs)) -#OX_OBJS := $(export-objs) -SUB_DIRS := $(subdir-y) -ALL_SUB_DIRS := $(subdir-y) $(subdir-m) -MOD_SUB_DIRS := $(subdir-m) - - -static_init_mod.o: $(obj-y) - rm -f $@ - $(LD) $(LD_EXTRAFLAGS) $(obj-y) -r -o $@ - -perlasm: $(LIBCRYPTO)/perlasm - ln -sf $? $@ - -$(obj-y) $(obj-m): $(TOPDIR)/include/linux/config.h $(TOPDIR)/include/linux/autoconf.h $(KLIPS_TOP)/include/freeswan/ipsec_alg.h -$(alg_obj-y) $(alg_obj-m): perlasm $(TOPDIR)/include/linux/config.h $(TOPDIR)/include/linux/autoconf.h $(KLIPS_TOP)/include/freeswan/ipsec_alg.h - - -all_alg_modules: perlasm $(ALG_MODULES) - @echo "ALG_MODULES=$(ALG_MODULES)" - - -# -# Construct alg. init. function: call ipsec_ALGO_init() for every static algo -# Needed when there are static algos (with static or modular ipsec.o) -# -static_init.c: $(TOPDIR)/include/linux/autoconf.h Makefile $(makefiles) scripts/mk-static_init.c.sh - @echo "Re-creating $@" - $(SHELL) scripts/mk-static_init.c.sh $(static_init-func-y) > $@ - -clean: - @for i in $(ALG_SUBDIRS);do test -d $$i && make -C $$i clean;done;exit 0 - @find . -type l -exec rm -f {} \; - -rm -f perlasm - -rm -rf $(ALG_SUBDIRS) - -rm -f *.o .*.o.flags static_init.c - -ifdef TOPDIR -include $(TOPDIR)/Rules.make -endif - diff --git a/linux/net/ipsec/alg/Makefile.alg_aes b/linux/net/ipsec/alg/Makefile.alg_aes deleted file mode 100644 index 75284c47a..000000000 --- a/linux/net/ipsec/alg/Makefile.alg_aes +++ /dev/null @@ -1,23 +0,0 @@ -MOD_AES := ipsec_aes.o - -ALG_MODULES += $(MOD_AES) -ALG_SUBDIRS += libaes - -obj-$(CONFIG_IPSEC_ALG_AES) += $(MOD_AES) -static_init-func-$(CONFIG_IPSEC_ALG_AES)+= ipsec_aes_init -alg_obj-$(CONFIG_IPSEC_ALG_AES) += ipsec_alg_aes.o - -AES_OBJS := ipsec_alg_aes.o libaes/libaes.a - -$(MOD_AES): libaes $(AES_OBJS) - $(LD) $(EXTRA_LDFLAGS) -r $(AES_OBJS) -o $@ - -libaes: $(LIBCRYPTO)/libaes - test -d $@ || mkdir $@ ;exit 0 - test -d $@/asm || mkdir $@/asm;exit 0 - cd $@ && ln -sf $?/Makefile $?/*.[chS] . - cd $@/asm && ln -sf $?/asm/*.S . - -libaes/libaes.a: libaes - ( cd libaes && \ - $(MAKE) CC='$(CC)' 'ARCH_ASM=$(ARCH_ASM)' CFLAGS='$(CFLAGS) $(EXTRA_CFLAGS)' libaes.a ;) diff --git a/linux/net/ipsec/alg/Makefile.alg_blowfish b/linux/net/ipsec/alg/Makefile.alg_blowfish deleted file mode 100644 index 9413a9f1c..000000000 --- a/linux/net/ipsec/alg/Makefile.alg_blowfish +++ /dev/null @@ -1,23 +0,0 @@ -MOD_BLOWFISH := ipsec_blowfish.o - -ALG_MODULES += $(MOD_BLOWFISH) -ALG_SUBDIRS += libblowfish - -obj-$(CONFIG_IPSEC_ALG_BLOWFISH) += $(MOD_BLOWFISH) -static_init-func-$(CONFIG_IPSEC_ALG_BLOWFISH)+= ipsec_blowfish_init -alg_obj-$(CONFIG_IPSEC_ALG_BLOWFISH) += ipsec_alg_blowfish.o - -BLOWFISH_OBJS:= ipsec_alg_blowfish.o libblowfish/libblowfish.a - -$(MOD_BLOWFISH): libblowfish $(BLOWFISH_OBJS) - $(LD) -r $(BLOWFISH_OBJS) -o $@ - -libblowfish : $(LIBCRYPTO)/libblowfish - test -d $@ || mkdir $@ ;exit 0 - test -d $@/asm || mkdir $@/asm;exit 0 - cd $@ && ln -sf $?/Makefile $?/*.[chS] . - cd $@/asm && ln -sf $?/asm/*.pl . - -libblowfish/libblowfish.a: - ( cd libblowfish && \ - $(MAKE) CC='$(CC)' 'ARCH_ASM=$(ARCH_ASM)' CFLAGS='$(CFLAGS) $(EXTRA_CFLAGS)' EXTRA_CFLAGS='$(EXTRA_CFLAGS)' libblowfish.a ;) diff --git a/linux/net/ipsec/alg/Makefile.alg_cryptoapi b/linux/net/ipsec/alg/Makefile.alg_cryptoapi deleted file mode 100644 index 77ee6481f..000000000 --- a/linux/net/ipsec/alg/Makefile.alg_cryptoapi +++ /dev/null @@ -1,14 +0,0 @@ -MOD_CRYPTOAPI := ipsec_cryptoapi.o - -ifneq ($(wildcard $(TOPDIR)/include/linux/crypto.h),) -ALG_MODULES += $(MOD_CRYPTOAPI) -obj-$(CONFIG_IPSEC_ALG_CRYPTOAPI) += $(MOD_CRYPTOAPI) -static_init-func-$(CONFIG_IPSEC_ALG_CRYPTOAPI)+= ipsec_cryptoapi_init -alg_obj-$(CONFIG_IPSEC_ALG_CRYPTOAPI) += ipsec_alg_cryptoapi.o -else -$(warning "Linux CryptoAPI (2.4.22+ or 2.6.x) not found, not building ipsec_cryptoapi.o") -endif - -CRYPTOAPI_OBJS := ipsec_alg_cryptoapi.o -$(MOD_CRYPTOAPI): $(CRYPTOAPI_OBJS) - $(LD) -r $(CRYPTOAPI_OBJS) -o $@ diff --git a/linux/net/ipsec/alg/Makefile.alg_serpent b/linux/net/ipsec/alg/Makefile.alg_serpent deleted file mode 100644 index 1a2383a6a..000000000 --- a/linux/net/ipsec/alg/Makefile.alg_serpent +++ /dev/null @@ -1,21 +0,0 @@ -MOD_SERPENT := ipsec_serpent.o - -ALG_MODULES += $(MOD_SERPENT) -ALG_SUBDIRS += libserpent - -obj-$(CONFIG_IPSEC_ALG_SERPENT) += $(MOD_SERPENT) -static_init-func-$(CONFIG_IPSEC_ALG_SERPENT)+= ipsec_serpent_init -alg_obj-$(CONFIG_IPSEC_ALG_SERPENT) += ipsec_alg_serpent.o - -SERPENT_OBJS=ipsec_alg_serpent.o libserpent/libserpent.a -$(MOD_SERPENT) : libserpent $(SERPENT_OBJS) - $(LD) -r $(SERPENT_OBJS) -o $@ - -libserpent : $(LIBCRYPTO)/libserpent - test -d $@ || mkdir $@ ;exit 0 - test -d $@/asm || mkdir $@/asm;exit 0 - cd $@ && ln -sf $?/Makefile $?/*.[chS] . - -libserpent/libserpent.a: - ( cd libserpent && \ - $(MAKE) CC='$(CC)' CFLAGS='$(CFLAGS) $(EXTRA_CFLAGS)' EXTRA_CFLAGS='$(EXTRA_CFLAGS)' libserpent.a ;) diff --git a/linux/net/ipsec/alg/Makefile.alg_sha2 b/linux/net/ipsec/alg/Makefile.alg_sha2 deleted file mode 100644 index 956a0f1a3..000000000 --- a/linux/net/ipsec/alg/Makefile.alg_sha2 +++ /dev/null @@ -1,22 +0,0 @@ -MOD_SHA2 := ipsec_sha2.o - -ALG_MODULES += $(MOD_SHA2) -ALG_SUBDIRS += libsha2 - -obj-$(CONFIG_IPSEC_ALG_SHA2) += $(MOD_SHA2) -static_init-func-$(CONFIG_IPSEC_ALG_SHA2)+= ipsec_sha2_init -alg_obj-$(CONFIG_IPSEC_ALG_SHA2) += ipsec_alg_sha2.o - -SHA2_OBJS := ipsec_alg_sha2.o libsha2/libsha2.a - -$(MOD_SHA2): libsha2 $(SHA2_OBJS) - $(LD) $(EXTRA_LDFLAGS) -r $(SHA2_OBJS) -o $@ - -libsha2 : $(LIBCRYPTO)/libsha2 - test -d $@ || mkdir $@ ;exit 0 - test -d $@/asm || mkdir $@/asm;exit 0 - cd $@ && ln -sf $?/Makefile $?/*.[chS] . - -libsha2/libsha2.a: - ( cd libsha2 && \ - $(MAKE) CC='$(CC)' CFLAGS='$(CFLAGS) $(EXTRA_CFLAGS)' EXTRA_CFLAGS='$(EXTRA_CFLAGS)' libsha2.a ;) diff --git a/linux/net/ipsec/alg/Makefile.alg_twofish b/linux/net/ipsec/alg/Makefile.alg_twofish deleted file mode 100644 index 559285ddd..000000000 --- a/linux/net/ipsec/alg/Makefile.alg_twofish +++ /dev/null @@ -1,21 +0,0 @@ -MOD_TWOFISH := ipsec_twofish.o - -ALG_MODULES += $(MOD_TWOFISH) -ALG_SUBDIRS += libtwofish - -obj-$(CONFIG_IPSEC_ALG_TWOFISH) += $(MOD_TWOFISH) -static_init-func-$(CONFIG_IPSEC_ALG_TWOFISH)+= ipsec_twofish_init -alg_obj-$(CONFIG_IPSEC_ALG_TWOFISH) += ipsec_alg_twofish.o - -TWOFISH_OBJS := ipsec_alg_twofish.o libtwofish/libtwofish.a -$(MOD_TWOFISH): libtwofish $(TWOFISH_OBJS) - $(LD) -r $(TWOFISH_OBJS) -o $@ - -libtwofish : $(LIBCRYPTO)/libtwofish - test -d $@ || mkdir $@ ;exit 0 - test -d $@/asm || mkdir $@/asm;exit 0 - cd $@ && ln -sf $?/Makefile $?/*.[chS] . - -libtwofish/libtwofish.a: - ( cd libtwofish && \ - $(MAKE) CC='$(CC)' CFLAGS='$(CFLAGS) $(EXTRA_CFLAGS)' EXTRA_CFLAGS='$(EXTRA_CFLAGS)' libtwofish.a ;) diff --git a/linux/net/ipsec/alg/ipsec_alg_aes.c b/linux/net/ipsec/alg/ipsec_alg_aes.c deleted file mode 100644 index c6b390281..000000000 --- a/linux/net/ipsec/alg/ipsec_alg_aes.c +++ /dev/null @@ -1,253 +0,0 @@ -/* - * ipsec_alg AES cipher stubs - * - * Author: JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar> - * - * $Id: ipsec_alg_aes.c,v 1.2 2004/03/22 21:53:19 as Exp $ - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - * - * Fixes by: - * PK: Pawel Krawczyk <kravietz@aba.krakow.pl> - * Fixes list: - * PK: make XCBC comply with latest draft (keylength) - * - */ -#include <linux/config.h> -#include <linux/version.h> - -/* - * special case: ipsec core modular with this static algo inside: - * must avoid MODULE magic for this file - */ -#if CONFIG_IPSEC_MODULE && CONFIG_IPSEC_ALG_AES -#undef MODULE -#endif - -#include <linux/module.h> -#include <linux/init.h> - -#include <linux/kernel.h> /* printk() */ -#include <linux/errno.h> /* error codes */ -#include <linux/types.h> /* size_t */ -#include <linux/string.h> - -/* Check if __exit is defined, if not null it */ -#ifndef __exit -#define __exit -#endif - -/* Low freeswan header coupling */ -#include "freeswan/ipsec_alg.h" -#include "libaes/aes_cbc.h" - -#define CONFIG_IPSEC_ALG_AES_MAC 1 - -#define AES_CONTEXT_T aes_context -MODULE_AUTHOR("JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar>"); -static int debug=0; -MODULE_PARM(debug, "i"); -static int test=0; -MODULE_PARM(test, "i"); -static int excl=0; -MODULE_PARM(excl, "i"); -static int keyminbits=0; -MODULE_PARM(keyminbits, "i"); -static int keymaxbits=0; -MODULE_PARM(keymaxbits, "i"); - -#if CONFIG_IPSEC_ALG_AES_MAC -#include "libaes/aes_xcbc_mac.h" - -/* - * Not IANA number yet (draft-ietf-ipsec-ciph-aes-xcbc-mac-00.txt). - * We use 9 for non-modular algorithm and none for modular, thus - * forcing user to specify one on module load. -kravietz - */ -#ifdef MODULE -static int auth_id=0; -#else -static int auth_id=9; -#endif -MODULE_PARM(auth_id, "i"); -#endif - -#define ESP_AES 12 /* truely _constant_ :) */ - -/* 128, 192 or 256 */ -#define ESP_AES_KEY_SZ_MIN 16 /* 128 bit secret key */ -#define ESP_AES_KEY_SZ_MAX 32 /* 256 bit secret key */ -#define ESP_AES_CBC_BLK_LEN 16 /* AES-CBC block size */ - -/* Values according to draft-ietf-ipsec-ciph-aes-xcbc-mac-02.txt - * -kravietz - */ -#define ESP_AES_MAC_KEY_SZ 16 /* 128 bit MAC key */ -#define ESP_AES_MAC_BLK_LEN 16 /* 128 bit block */ - -static int _aes_set_key(struct ipsec_alg_enc *alg, __u8 * key_e, const __u8 * key, size_t keysize) { - int ret; - AES_CONTEXT_T *ctx=(AES_CONTEXT_T*)key_e; - ret=AES_set_key(ctx, key, keysize)!=0? 0: -EINVAL; - if (debug > 0) - printk(KERN_DEBUG "klips_debug:_aes_set_key:" - "ret=%d key_e=%p key=%p keysize=%d\n", - ret, key_e, key, keysize); - return ret; -} -static int _aes_cbc_encrypt(struct ipsec_alg_enc *alg, __u8 * key_e, __u8 * in, int ilen, const __u8 * iv, int encrypt) { - AES_CONTEXT_T *ctx=(AES_CONTEXT_T*)key_e; - if (debug > 0) - printk(KERN_DEBUG "klips_debug:_aes_cbc_encrypt:" - "key_e=%p in=%p ilen=%d iv=%p encrypt=%d\n", - key_e, in, ilen, iv, encrypt); - return AES_cbc_encrypt(ctx, in, in, ilen, iv, encrypt); -} -#if CONFIG_IPSEC_ALG_AES_MAC -static int _aes_mac_set_key(struct ipsec_alg_auth *alg, __u8 * key_a, const __u8 * key, int keylen) { - aes_context_mac *ctxm=(aes_context_mac *)key_a; - return AES_xcbc_mac_set_key(ctxm, key, keylen)? 0 : -EINVAL; -} -static int _aes_mac_hash(struct ipsec_alg_auth *alg, __u8 * key_a, const __u8 * dat, int len, __u8 * hash, int hashlen) { - int ret; - char hash_buf[16]; - aes_context_mac *ctxm=(aes_context_mac *)key_a; - ret=AES_xcbc_mac_hash(ctxm, dat, len, hash_buf); - memcpy(hash, hash_buf, hashlen); - return ret; -} -static struct ipsec_alg_auth ipsec_alg_AES_MAC = { - ixt_version: IPSEC_ALG_VERSION, - ixt_module: THIS_MODULE, - ixt_refcnt: ATOMIC_INIT(0), - ixt_alg_type: IPSEC_ALG_TYPE_AUTH, - ixt_alg_id: 0, - ixt_name: "aes_mac", - ixt_blocksize: ESP_AES_MAC_BLK_LEN, - ixt_keyminbits: ESP_AES_MAC_KEY_SZ*8, - ixt_keymaxbits: ESP_AES_MAC_KEY_SZ*8, - ixt_a_keylen: ESP_AES_MAC_KEY_SZ, - ixt_a_ctx_size: sizeof(aes_context_mac), - ixt_a_hmac_set_key: _aes_mac_set_key, - ixt_a_hmac_hash:_aes_mac_hash, -}; -#endif /* CONFIG_IPSEC_ALG_AES_MAC */ -static struct ipsec_alg_enc ipsec_alg_AES = { - ixt_version: IPSEC_ALG_VERSION, - ixt_module: THIS_MODULE, - ixt_refcnt: ATOMIC_INIT(0), - ixt_alg_type: IPSEC_ALG_TYPE_ENCRYPT, - ixt_alg_id: ESP_AES, - ixt_name: "aes", - ixt_blocksize: ESP_AES_CBC_BLK_LEN, - ixt_keyminbits: ESP_AES_KEY_SZ_MIN*8, - ixt_keymaxbits: ESP_AES_KEY_SZ_MAX*8, - ixt_e_keylen: ESP_AES_KEY_SZ_MAX, - ixt_e_ctx_size: sizeof(AES_CONTEXT_T), - ixt_e_set_key: _aes_set_key, - ixt_e_cbc_encrypt:_aes_cbc_encrypt, -}; - -IPSEC_ALG_MODULE_INIT( ipsec_aes_init ) -{ - int ret, test_ret; - if (keyminbits) - ipsec_alg_AES.ixt_keyminbits=keyminbits; - if (keymaxbits) { - ipsec_alg_AES.ixt_keymaxbits=keymaxbits; - if (keymaxbits*8>ipsec_alg_AES.ixt_keymaxbits) - ipsec_alg_AES.ixt_e_keylen=keymaxbits*8; - } - if (excl) ipsec_alg_AES.ixt_state |= IPSEC_ALG_ST_EXCL; - ret=register_ipsec_alg_enc(&ipsec_alg_AES); - printk("ipsec_aes_init(alg_type=%d alg_id=%d name=%s): ret=%d\n", - ipsec_alg_AES.ixt_alg_type, - ipsec_alg_AES.ixt_alg_id, - ipsec_alg_AES.ixt_name, - ret); - if (ret==0 && test) { - test_ret=ipsec_alg_test( - ipsec_alg_AES.ixt_alg_type, - ipsec_alg_AES.ixt_alg_id, - test); - printk("ipsec_aes_init(alg_type=%d alg_id=%d): test_ret=%d\n", - ipsec_alg_AES.ixt_alg_type, - ipsec_alg_AES.ixt_alg_id, - test_ret); - } -#if CONFIG_IPSEC_ALG_AES_MAC - if (auth_id!=0){ - int ret; - ipsec_alg_AES_MAC.ixt_alg_id=auth_id; - ret=register_ipsec_alg_auth(&ipsec_alg_AES_MAC); - printk("ipsec_aes_init(alg_type=%d alg_id=%d name=%s): ret=%d\n", - ipsec_alg_AES_MAC.ixt_alg_type, - ipsec_alg_AES_MAC.ixt_alg_id, - ipsec_alg_AES_MAC.ixt_name, - ret); - if (ret==0 && test) { - test_ret=ipsec_alg_test( - ipsec_alg_AES_MAC.ixt_alg_type, - ipsec_alg_AES_MAC.ixt_alg_id, - test); - printk("ipsec_aes_init(alg_type=%d alg_id=%d): test_ret=%d\n", - ipsec_alg_AES_MAC.ixt_alg_type, - ipsec_alg_AES_MAC.ixt_alg_id, - test_ret); - } - } else { - printk(KERN_DEBUG "klips_debug: experimental ipsec_alg_AES_MAC not registered [Ok] (auth_id=%d)\n", auth_id); - } -#endif /* CONFIG_IPSEC_ALG_AES_MAC */ - return ret; -} -IPSEC_ALG_MODULE_EXIT( ipsec_aes_fini ) -{ -#if CONFIG_IPSEC_ALG_AES_MAC - if (auth_id) unregister_ipsec_alg_auth(&ipsec_alg_AES_MAC); -#endif /* CONFIG_IPSEC_ALG_AES_MAC */ - unregister_ipsec_alg_enc(&ipsec_alg_AES); - return; -} -#ifdef MODULE_LICENSE -MODULE_LICENSE("GPL"); -#endif - -#if 0+NOT_YET -#ifndef MODULE -/* - * This is intended for static module setups, currently - * doesn't work for modular ipsec.o with static algos inside - */ -static int setup_keybits(const char *str) -{ - unsigned aux; - char *end; - - aux = simple_strtoul(str,&end,0); - if (aux != 128 && aux != 192 && aux != 256) - return 0; - keyminbits = aux; - - if (*end == 0 || *end != ',') - return 1; - str=end+1; - aux = simple_strtoul(str, NULL, 0); - if (aux != 128 && aux != 192 && aux != 256) - return 0; - if (aux >= keyminbits) - keymaxbits = aux; - return 1; -} -__setup("ipsec_aes_keybits=", setup_keybits); -#endif -#endif -EXPORT_NO_SYMBOLS; diff --git a/linux/net/ipsec/alg/ipsec_alg_blowfish.c b/linux/net/ipsec/alg/ipsec_alg_blowfish.c deleted file mode 100644 index 6adc22b22..000000000 --- a/linux/net/ipsec/alg/ipsec_alg_blowfish.c +++ /dev/null @@ -1,142 +0,0 @@ -/* ipsec_alg BLOWFISH cipher stubs - * - * Author: JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar> - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - * - * RCS ID $Id: ipsec_alg_blowfish.c,v 1.3 2004/09/17 18:57:30 as Exp $ - */ - -#include <linux/config.h> -#include <linux/version.h> - -/* - * special case: ipsec core modular with this static algo inside: - * must avoid MODULE magic for this file - */ -#if CONFIG_IPSEC_MODULE && CONFIG_IPSEC_ALG_BLOWFISH -#undef MODULE -#endif - -#include <linux/module.h> -#include <linux/init.h> - -#include <linux/kernel.h> /* printk() */ -#include <linux/errno.h> /* error codes */ -#include <linux/types.h> /* size_t */ -#include <linux/string.h> - -/* Check if __exit is defined, if not null it */ -#ifndef __exit -#define __exit -#endif - -/* Low freeswan header coupling */ -#include "freeswan/ipsec_alg.h" -#include "libblowfish/blowfish.h" -#define blowfish_context BF_KEY - -#define ESP_BLOWFISH 7 /* truly _constant_ :) */ - -#define ESP_BLOWFISH_KEY_SZ_MIN 16 /* 128 bit secret key min */ -#define ESP_BLOWFISH_KEY_SZ 16 /* 128 bit secret key */ -#define ESP_BLOWFISH_KEY_SZ_MAX 56 /* 448 bit secret key max */ -#define ESP_BLOWFISH_CBC_BLK_LEN 8 /* block size */ - -MODULE_AUTHOR("JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar>"); -static int debug=0; -MODULE_PARM(debug, "i"); -static int test=0; -MODULE_PARM(test, "i"); -static int excl=0; -MODULE_PARM(excl, "i"); -static int keyminbits=0; -MODULE_PARM(keyminbits, "i"); -static int keymaxbits=0; -MODULE_PARM(keymaxbits, "i"); - -static int _blowfish_set_key(struct ipsec_alg_enc *alg, __u8 * key_e, const __u8 * key, size_t keysize) { - blowfish_context *ctx=(blowfish_context*)key_e; - if (debug > 0) - printk(KERN_DEBUG "klips_debug:_blowfish_set_key:" - "key_e=%p key=%p keysize=%d\n", - key_e, key, keysize); - BF_set_key(ctx, keysize, (unsigned char *)key); - return 0; -} -static int _blowfish_cbc_encrypt(struct ipsec_alg_enc *alg, __u8 * key_e, __u8 * in, int ilen, const __u8 *iv, int encrypt) { - /* blowfish toasts passed IV */ - __u8 iv_buf[ESP_BLOWFISH_CBC_BLK_LEN]; - blowfish_context *ctx=(blowfish_context*)key_e; - *((__u32*)&(iv_buf)) = ((__u32*)(iv))[0]; - *((__u32*)&(iv_buf)+1) = ((__u32*)(iv))[1]; - if (debug > 0) - printk(KERN_DEBUG "klips_debug:_blowfish_cbc_encrypt:" - "key_e=%p in=%p ilen=%d iv=%p encrypt=%d\n", - key_e, in, ilen, iv_buf, encrypt); - BF_cbc_encrypt(in, in, ilen, ctx, iv_buf, encrypt); - return ilen; -} -static struct ipsec_alg_enc ipsec_alg_BLOWFISH = { - ixt_version: IPSEC_ALG_VERSION, - ixt_module: THIS_MODULE, - ixt_refcnt: ATOMIC_INIT(0), - ixt_alg_type: IPSEC_ALG_TYPE_ENCRYPT, - ixt_alg_id: ESP_BLOWFISH, - ixt_name: "blowfish", - ixt_blocksize: ESP_BLOWFISH_CBC_BLK_LEN, - ixt_keyminbits: ESP_BLOWFISH_KEY_SZ_MIN*8, - ixt_keymaxbits: ESP_BLOWFISH_KEY_SZ_MAX*8, - ixt_e_keylen: ESP_BLOWFISH_KEY_SZ, - ixt_e_ctx_size: sizeof(blowfish_context), - ixt_e_set_key: _blowfish_set_key, - ixt_e_cbc_encrypt:_blowfish_cbc_encrypt, -}; - -IPSEC_ALG_MODULE_INIT(ipsec_blowfish_init) -{ - int ret, test_ret; - if (keyminbits) - ipsec_alg_BLOWFISH.ixt_keyminbits=keyminbits; - if (keymaxbits) { - ipsec_alg_BLOWFISH.ixt_keymaxbits=keymaxbits; - if (keymaxbits*8>ipsec_alg_BLOWFISH.ixt_keymaxbits) - ipsec_alg_BLOWFISH.ixt_e_keylen=keymaxbits*8; - } - if (excl) ipsec_alg_BLOWFISH.ixt_state |= IPSEC_ALG_ST_EXCL; - ret=register_ipsec_alg_enc(&ipsec_alg_BLOWFISH); - printk("ipsec_blowfish_init(alg_type=%d alg_id=%d name=%s): ret=%d\n", - ipsec_alg_BLOWFISH.ixt_alg_type, - ipsec_alg_BLOWFISH.ixt_alg_id, - ipsec_alg_BLOWFISH.ixt_name, - ret); - if (ret==0 && test) { - test_ret=ipsec_alg_test( - ipsec_alg_BLOWFISH.ixt_alg_type, - ipsec_alg_BLOWFISH.ixt_alg_id, - test); - printk("ipsec_blowfish_init(alg_type=%d alg_id=%d): test_ret=%d\n", - ipsec_alg_BLOWFISH.ixt_alg_type, - ipsec_alg_BLOWFISH.ixt_alg_id, - test_ret); - } - return ret; -} -IPSEC_ALG_MODULE_EXIT(ipsec_blowfish_fini) -{ - unregister_ipsec_alg_enc(&ipsec_alg_BLOWFISH); - return; -} -#ifdef MODULE_LICENSE -MODULE_LICENSE("GPL"); -#endif - -EXPORT_NO_SYMBOLS; diff --git a/linux/net/ipsec/alg/ipsec_alg_cryptoapi.c b/linux/net/ipsec/alg/ipsec_alg_cryptoapi.c deleted file mode 100644 index fc68094c2..000000000 --- a/linux/net/ipsec/alg/ipsec_alg_cryptoapi.c +++ /dev/null @@ -1,421 +0,0 @@ -/* - * ipsec_alg to linux cryptoapi GLUE - * - * Authors: CODE.ar TEAM - * Harpo MAxx <harpo@linuxmendoza.org.ar> - * JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar> - * Luciano Ruete <docemeses@softhome.net> - * - * $Id: ipsec_alg_cryptoapi.c,v 1.3 2004/09/17 18:57:30 as Exp $ - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - * - * Example usage: - * modinfo -p ipsec_cryptoapi (quite useful info, including supported algos) - * modprobe ipsec_cryptoapi - * modprobe ipsec_cryptoapi test=1 - * modprobe ipsec_cryptoapi excl=1 (exclusive cipher/algo) - * modprobe ipsec_cryptoapi noauto=1 aes=1 twofish=1 (only these ciphers) - * modprobe ipsec_cryptoapi aes=128,128 (force these keylens) - * modprobe ipsec_cryptoapi des_ede3=0 (everything but 3DES) - */ -#include <linux/config.h> -#include <linux/version.h> - -/* - * special case: ipsec core modular with this static algo inside: - * must avoid MODULE magic for this file - */ -#if CONFIG_IPSEC_MODULE && CONFIG_IPSEC_ALG_CRYPTOAPI -#undef MODULE -#endif - -#include <linux/module.h> -#include <linux/init.h> - -#include <linux/kernel.h> /* printk() */ -#include <linux/errno.h> /* error codes */ -#include <linux/types.h> /* size_t */ -#include <linux/string.h> - -/* Check if __exit is defined, if not null it */ -#ifndef __exit -#define __exit -#endif - -/* warn the innocent */ -#if !defined (CONFIG_CRYPTO) && !defined (CONFIG_CRYPTO_MODULE) -#warning "No linux CryptoAPI found, install 2.4.22+ or 2.6.x" -#define NO_CRYPTOAPI_SUPPORT -#endif -/* Low freeswan header coupling */ -#include "freeswan/ipsec_alg.h" - -#include <linux/crypto.h> -#ifdef CRYPTO_API_VERSION_CODE -#warning "Old CryptoAPI is not supported. Only linux-2.4.22+ or linux-2.6.x are supported" -#define NO_CRYPTOAPI_SUPPORT -#endif - -#ifdef NO_CRYPTOAPI_SUPPORT -#warning "Building an unusable module :P" -/* Catch old CryptoAPI by not allowing module to load */ -IPSEC_ALG_MODULE_INIT( ipsec_cryptoapi_init ) -{ - printk(KERN_WARNING "ipsec_cryptoapi.o was not built on stock Linux CryptoAPI (2.4.22+ or 2.6.x), not loading.\n"); - return -EINVAL; -} -#else -#include <asm/scatterlist.h> -#include <asm/pgtable.h> -#include <linux/mm.h> - -#define CIPHERNAME_AES "aes" -#define CIPHERNAME_3DES "des3_ede" -#define CIPHERNAME_BLOWFISH "blowfish" -#define CIPHERNAME_CAST "cast5" -#define CIPHERNAME_SERPENT "serpent" -#define CIPHERNAME_TWOFISH "twofish" - -#define ESP_3DES 3 -#define ESP_AES 12 -#define ESP_BLOWFISH 7 /* truly _constant_ :) */ -#define ESP_CAST 6 /* quite constant :) */ -#define ESP_SERPENT 252 /* from ipsec drafts */ -#define ESP_TWOFISH 253 /* from ipsec drafts */ - -#define AH_MD5 2 -#define AH_SHA 3 -#define DIGESTNAME_MD5 "md5" -#define DIGESTNAME_SHA1 "sha1" - -MODULE_AUTHOR("Juanjo Ciarlante, Harpo MAxx, Luciano Ruete"); -static int debug=0; -MODULE_PARM(debug, "i"); -static int test=0; -MODULE_PARM(test, "i"); -static int excl=0; -MODULE_PARM(excl, "i"); - -static int noauto = 0; -MODULE_PARM(noauto,"i"); -MODULE_PARM_DESC(noauto, "Dont try all known algos, just setup enabled ones"); - -static int des_ede3[] = {-1, -1}; -static int aes[] = {-1, -1}; -static int blowfish[] = {-1, -1}; -static int cast[] = {-1, -1}; -static int serpent[] = {-1, -1}; -static int twofish[] = {-1, -1}; - -MODULE_PARM(des_ede3,"1-2i"); -MODULE_PARM(aes,"1-2i"); -MODULE_PARM(blowfish,"1-2i"); -MODULE_PARM(cast,"1-2i"); -MODULE_PARM(serpent,"1-2i"); -MODULE_PARM(twofish,"1-2i"); -MODULE_PARM_DESC(des_ede3, "0: disable | 1: force_enable | min,max: dontuse"); -MODULE_PARM_DESC(aes, "0: disable | 1: force_enable | min,max: keybitlens"); -MODULE_PARM_DESC(blowfish, "0: disable | 1: force_enable | min,max: keybitlens"); -MODULE_PARM_DESC(cast, "0: disable | 1: force_enable | min,max: keybitlens"); -MODULE_PARM_DESC(serpent, "0: disable | 1: force_enable | min,max: keybitlens"); -MODULE_PARM_DESC(twofish, "0: disable | 1: force_enable | min,max: keybitlens"); - -struct ipsec_alg_capi_cipher { - const char *ciphername; /* cryptoapi's ciphername */ - unsigned blocksize; - unsigned short minbits; - unsigned short maxbits; - int *parm; /* lkm param for this cipher */ - struct ipsec_alg_enc alg; /* note it's not a pointer */ -}; -static struct ipsec_alg_capi_cipher alg_capi_carray[] = { - { CIPHERNAME_AES , 16, 128, 256, aes , { ixt_alg_id: ESP_AES, }}, - { CIPHERNAME_TWOFISH , 16, 128, 256, twofish, { ixt_alg_id: ESP_TWOFISH, }}, - { CIPHERNAME_SERPENT , 16, 128, 256, serpent, { ixt_alg_id: ESP_SERPENT, }}, - { CIPHERNAME_CAST , 8, 128, 128, cast , { ixt_alg_id: ESP_CAST, }}, - { CIPHERNAME_BLOWFISH , 8, 128, 448, blowfish,{ ixt_alg_id: ESP_BLOWFISH, }}, - { CIPHERNAME_3DES , 8, 192, 192, des_ede3,{ ixt_alg_id: ESP_3DES, }}, - { NULL, 0, 0, 0, NULL, {} } -}; -#ifdef NOT_YET -struct ipsec_alg_capi_digest { - const char *digestname; /* cryptoapi's digestname */ - struct digest_implementation *di; - struct ipsec_alg_auth alg; /* note it's not a pointer */ -}; -static struct ipsec_alg_capi_cipher alg_capi_darray[] = { - { DIGESTNAME_MD5, NULL, { ixt_alg_id: AH_MD5, }}, - { DIGESTNAME_SHA1, NULL, { ixt_alg_id: AH_SHA, }}, - { NULL, NULL, {} } -}; -#endif -/* - * "generic" linux cryptoapi setup_cipher() function - */ -int setup_cipher(const char *ciphername) -{ - return crypto_alg_available(ciphername, 0); -} - -/* - * setups ipsec_alg_capi_cipher "hyper" struct components, calling - * register_ipsec_alg for cointaned ipsec_alg object - */ -static void _capi_destroy_key (struct ipsec_alg_enc *alg, __u8 *key_e); -static __u8 * _capi_new_key (struct ipsec_alg_enc *alg, const __u8 *key, size_t keylen); -static int _capi_cbc_encrypt(struct ipsec_alg_enc *alg, __u8 * key_e, __u8 * in, int ilen, const __u8 * iv, int encrypt); - -static int -setup_ipsec_alg_capi_cipher(struct ipsec_alg_capi_cipher *cptr) -{ - int ret; - cptr->alg.ixt_version = IPSEC_ALG_VERSION; - cptr->alg.ixt_module = THIS_MODULE; - atomic_set (& cptr->alg.ixt_refcnt, 0); - strncpy (cptr->alg.ixt_name , cptr->ciphername, sizeof (cptr->alg.ixt_name)); - - cptr->alg.ixt_blocksize=cptr->blocksize; - cptr->alg.ixt_keyminbits=cptr->minbits; - cptr->alg.ixt_keymaxbits=cptr->maxbits; - cptr->alg.ixt_state = 0; - if (excl) cptr->alg.ixt_state |= IPSEC_ALG_ST_EXCL; - cptr->alg.ixt_e_keylen=cptr->alg.ixt_keymaxbits/8; - cptr->alg.ixt_e_ctx_size = 0; - cptr->alg.ixt_alg_type = IPSEC_ALG_TYPE_ENCRYPT; - cptr->alg.ixt_e_new_key = _capi_new_key; - cptr->alg.ixt_e_destroy_key = _capi_destroy_key; - cptr->alg.ixt_e_cbc_encrypt = _capi_cbc_encrypt; - cptr->alg.ixt_data = cptr; - - ret=register_ipsec_alg_enc(&cptr->alg); - printk("setup_ipsec_alg_capi_cipher(): " - "alg_type=%d alg_id=%d name=%s " - "keyminbits=%d keymaxbits=%d, ret=%d\n", - cptr->alg.ixt_alg_type, - cptr->alg.ixt_alg_id, - cptr->alg.ixt_name, - cptr->alg.ixt_keyminbits, - cptr->alg.ixt_keymaxbits, - ret); - return ret; -} -/* - * called in ipsec_sa_wipe() time, will destroy key contexts - * and do 1 unbind() - */ -static void -_capi_destroy_key (struct ipsec_alg_enc *alg, __u8 *key_e) -{ - struct crypto_tfm *tfm=(struct crypto_tfm*)key_e; - - if (debug > 0) - printk(KERN_DEBUG "klips_debug: _capi_destroy_key:" - "name=%s key_e=%p \n", - alg->ixt_name, key_e); - if (!key_e) { - printk(KERN_ERR "klips_debug: _capi_destroy_key:" - "name=%s NULL key_e!\n", - alg->ixt_name); - return; - } - crypto_free_tfm(tfm); -} - -/* - * create new key context, need alg->ixt_data to know which - * (of many) cipher inside this module is the target - */ -static __u8 * -_capi_new_key (struct ipsec_alg_enc *alg, const __u8 *key, size_t keylen) -{ - struct ipsec_alg_capi_cipher *cptr; - struct crypto_tfm *tfm=NULL; - - cptr = alg->ixt_data; - if (!cptr) { - printk(KERN_ERR "_capi_new_key(): " - "NULL ixt_data (?!) for \"%s\" algo\n" - , alg->ixt_name); - goto err; - } - if (debug > 0) - printk(KERN_DEBUG "klips_debug:_capi_new_key:" - "name=%s cptr=%p key=%p keysize=%d\n", - alg->ixt_name, cptr, key, keylen); - - /* - * alloc tfm - */ - tfm = crypto_alloc_tfm(cptr->ciphername, CRYPTO_TFM_MODE_CBC); - if (!tfm) { - printk(KERN_ERR "_capi_new_key(): " - "NULL tfm for \"%s\" cryptoapi (\"%s\") algo\n" - , alg->ixt_name, cptr->ciphername); - goto err; - } - if (crypto_cipher_setkey(tfm, key, keylen) < 0) { - printk(KERN_ERR "_capi_new_key(): " - "failed new_key() for \"%s\" cryptoapi algo (keylen=%d)\n" - , alg->ixt_name, keylen); - crypto_free_tfm(tfm); - tfm=NULL; - } -err: - if (debug > 0) - printk(KERN_DEBUG "klips_debug:_capi_new_key:" - "name=%s key=%p keylen=%d tfm=%p\n", - alg->ixt_name, key, keylen, tfm); - return (__u8 *) tfm; -} -/* - * core encryption function: will use cx->ci to call actual cipher's - * cbc function - */ -static int -_capi_cbc_encrypt(struct ipsec_alg_enc *alg, __u8 * key_e, __u8 * in, int ilen, const __u8 * iv, int encrypt) { - int error =0; - struct crypto_tfm *tfm=(struct crypto_tfm *)key_e; - struct scatterlist sg = { - .page = virt_to_page(in), - .offset = (unsigned long)(in) % PAGE_SIZE, - .length=ilen, - }; - if (debug > 1) - printk(KERN_DEBUG "klips_debug:_capi_cbc_encrypt:" - "key_e=%p " - "in=%p out=%p ilen=%d iv=%p encrypt=%d\n" - , key_e - , in, in, ilen, iv, encrypt); - crypto_cipher_set_iv(tfm, iv, crypto_tfm_alg_ivsize(tfm)); - if (encrypt) - error = crypto_cipher_encrypt (tfm, &sg, &sg, ilen); - else - error = crypto_cipher_decrypt (tfm, &sg, &sg, ilen); - if (debug > 1) - printk(KERN_DEBUG "klips_debug:_capi_cbc_encrypt:" - "error=%d\n" - , error); - return (error<0)? error : ilen; -} -/* - * main initialization loop: for each cipher in list, do - * 1) setup cryptoapi cipher else continue - * 2) register ipsec_alg object - */ -static int -setup_cipher_list (struct ipsec_alg_capi_cipher* clist) -{ - struct ipsec_alg_capi_cipher *cptr; - /* foreach cipher in list ... */ - for (cptr=clist;cptr->ciphername;cptr++) { - /* - * see if cipher has been disabled (0) or - * if noauto set and not enabled (1) - */ - if (cptr->parm[0] == 0 || (noauto && cptr->parm[0] < 0)) { - if (debug>0) - printk(KERN_INFO "setup_cipher_list(): " - "ciphername=%s skipped at user request: " - "noauto=%d parm[0]=%d parm[1]=%d\n" - , cptr->ciphername - , noauto - , cptr->parm[0] - , cptr->parm[1]); - continue; - } - /* - * use a local ci to avoid touching cptr->ci, - * if register ipsec_alg success then bind cipher - */ - if( setup_cipher(cptr->ciphername) ) { - if (debug > 0) - printk(KERN_DEBUG "klips_debug:" - "setup_cipher_list():" - "ciphername=%s found\n" - , cptr->ciphername); - if (setup_ipsec_alg_capi_cipher(cptr) == 0) { - - - } else { - printk(KERN_ERR "klips_debug:" - "setup_cipher_list():" - "ciphername=%s failed ipsec_alg_register\n" - , cptr->ciphername); - } - } else { - if (debug>0) - printk(KERN_INFO "setup_cipher_list(): lookup for ciphername=%s: not found \n", - cptr->ciphername); - } - } - return 0; -} -/* - * deregister ipsec_alg objects and unbind ciphers - */ -static int -unsetup_cipher_list (struct ipsec_alg_capi_cipher* clist) -{ - struct ipsec_alg_capi_cipher *cptr; - /* foreach cipher in list ... */ - for (cptr=clist;cptr->ciphername;cptr++) { - if (cptr->alg.ixt_state & IPSEC_ALG_ST_REGISTERED) { - unregister_ipsec_alg_enc(&cptr->alg); - } - } - return 0; -} -/* - * test loop for registered algos - */ -static int -test_cipher_list (struct ipsec_alg_capi_cipher* clist) -{ - int test_ret; - struct ipsec_alg_capi_cipher *cptr; - /* foreach cipher in list ... */ - for (cptr=clist;cptr->ciphername;cptr++) { - if (cptr->alg.ixt_state & IPSEC_ALG_ST_REGISTERED) { - test_ret=ipsec_alg_test( - cptr->alg.ixt_alg_type, - cptr->alg.ixt_alg_id, - test); - printk("test_cipher_list(alg_type=%d alg_id=%d): test_ret=%d\n", - cptr->alg.ixt_alg_type, - cptr->alg.ixt_alg_id, - test_ret); - } - } - return 0; -} - -IPSEC_ALG_MODULE_INIT( ipsec_cryptoapi_init ) -{ - int ret, test_ret; - if ((ret=setup_cipher_list(alg_capi_carray)) < 0) - return -EPROTONOSUPPORT; - if (ret==0 && test) { - test_ret=test_cipher_list(alg_capi_carray); - } - return ret; -} -IPSEC_ALG_MODULE_EXIT( ipsec_cryptoapi_fini ) -{ - unsetup_cipher_list(alg_capi_carray); - return; -} -#ifdef MODULE_LICENSE -MODULE_LICENSE("GPL"); -#endif - -EXPORT_NO_SYMBOLS; -#endif /* NO_CRYPTOAPI_SUPPORT */ diff --git a/linux/net/ipsec/alg/ipsec_alg_serpent.c b/linux/net/ipsec/alg/ipsec_alg_serpent.c deleted file mode 100644 index 1f26b0b01..000000000 --- a/linux/net/ipsec/alg/ipsec_alg_serpent.c +++ /dev/null @@ -1,139 +0,0 @@ -/* - * ipsec_alg SERPENT cipher stubs - * - * Author: JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar> - * - * $Id: ipsec_alg_serpent.c,v 1.2 2004/03/22 21:53:19 as Exp $ - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - * - */ -#include <linux/config.h> -#include <linux/version.h> - -/* - * special case: ipsec core modular with this static algo inside: - * must avoid MODULE magic for this file - */ -#if CONFIG_IPSEC_MODULE && CONFIG_IPSEC_ALG_SERPENT -#undef MODULE -#endif - -#include <linux/module.h> -#include <linux/init.h> - -#include <linux/kernel.h> /* printk() */ -#include <linux/errno.h> /* error codes */ -#include <linux/types.h> /* size_t */ -#include <linux/string.h> - -/* Check if __exit is defined, if not null it */ -#ifndef __exit -#define __exit -#endif - -/* Low freeswan header coupling */ -#include "freeswan/ipsec_alg.h" -#include "libserpent/serpent.h" -#include "libserpent/serpent_cbc.h" - -#define ESP_SERPENT 252 /* from ipsec drafts */ - -/* 128, 192 or 256 */ -#define ESP_SERPENT_KEY_SZ_MIN 16 /* 128 bit secret key */ -#define ESP_SERPENT_KEY_SZ_MAX 32 /* 256 bit secret key */ -#define ESP_SERPENT_CBC_BLK_LEN 16 /* SERPENT-CBC block size */ - -MODULE_AUTHOR("JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar>"); -static int debug=0; -MODULE_PARM(debug, "i"); -static int test=0; -MODULE_PARM(test, "i"); -static int excl=0; -MODULE_PARM(excl, "i"); -static int keyminbits=0; -MODULE_PARM(keyminbits, "i"); -static int keymaxbits=0; -MODULE_PARM(keymaxbits, "i"); - -static int _serpent_set_key(struct ipsec_alg_enc *alg, __u8 * key_e, const __u8 * key, size_t keysize) { - serpent_context *ctx=(serpent_context *)key_e; - if (debug > 0) - printk(KERN_DEBUG "klips_debug:_serpent_set_key:" - "key_e=%p key=%p keysize=%d\n", - key_e, key, keysize); - serpent_set_key(ctx, key, keysize); - return 0; -} -static int _serpent_cbc_encrypt(struct ipsec_alg_enc *alg, __u8 * key_e, __u8 * in, int ilen, const __u8 * iv, int encrypt) { - serpent_context *ctx=(serpent_context *)key_e; - if (debug > 0) - printk(KERN_DEBUG "klips_debug:_serpent_cbc_encrypt:" - "key_e=%p in=%p ilen=%d iv=%p encrypt=%d\n", - key_e, in, ilen, iv, encrypt); - serpent_cbc_encrypt(ctx, in, in, ilen, iv, encrypt); - return ilen; -} -static struct ipsec_alg_enc ipsec_alg_SERPENT = { - ixt_version: IPSEC_ALG_VERSION, - ixt_module: THIS_MODULE, - ixt_refcnt: ATOMIC_INIT(0), - ixt_alg_type: IPSEC_ALG_TYPE_ENCRYPT, - ixt_alg_id: ESP_SERPENT, - ixt_name: "serpent", - ixt_blocksize: ESP_SERPENT_CBC_BLK_LEN, - ixt_keyminbits: ESP_SERPENT_KEY_SZ_MIN * 8, - ixt_keymaxbits: ESP_SERPENT_KEY_SZ_MAX * 8, - ixt_e_keylen: ESP_SERPENT_KEY_SZ_MAX, - ixt_e_ctx_size: sizeof(serpent_context), - ixt_e_set_key: _serpent_set_key, - ixt_e_cbc_encrypt:_serpent_cbc_encrypt, -}; - -IPSEC_ALG_MODULE_INIT(ipsec_serpent_init) -{ - int ret, test_ret; - if (keyminbits) - ipsec_alg_SERPENT.ixt_keyminbits=keyminbits; - if (keymaxbits) { - ipsec_alg_SERPENT.ixt_keymaxbits=keymaxbits; - if (keymaxbits*8>ipsec_alg_SERPENT.ixt_keymaxbits) - ipsec_alg_SERPENT.ixt_e_keylen=keymaxbits*8; - } - if (excl) ipsec_alg_SERPENT.ixt_state |= IPSEC_ALG_ST_EXCL; - ret=register_ipsec_alg_enc(&ipsec_alg_SERPENT); - printk("ipsec_serpent_init(alg_type=%d alg_id=%d name=%s): ret=%d\n", - ipsec_alg_SERPENT.ixt_alg_type, - ipsec_alg_SERPENT.ixt_alg_id, - ipsec_alg_SERPENT.ixt_name, - ret); - if (ret==0 && test) { - test_ret=ipsec_alg_test( - ipsec_alg_SERPENT.ixt_alg_type, - ipsec_alg_SERPENT.ixt_alg_id, - test); - printk("ipsec_serpent_init(alg_type=%d alg_id=%d): test_ret=%d\n", - ipsec_alg_SERPENT.ixt_alg_type, - ipsec_alg_SERPENT.ixt_alg_id, - test_ret); - } - return ret; -} -IPSEC_ALG_MODULE_EXIT(ipsec_serpent_fini) -{ - unregister_ipsec_alg_enc(&ipsec_alg_SERPENT); - return; -} -#ifdef MODULE_LICENSE -MODULE_LICENSE("GPL"); -#endif - -EXPORT_NO_SYMBOLS; diff --git a/linux/net/ipsec/alg/ipsec_alg_sha2.c b/linux/net/ipsec/alg/ipsec_alg_sha2.c deleted file mode 100644 index 548585c16..000000000 --- a/linux/net/ipsec/alg/ipsec_alg_sha2.c +++ /dev/null @@ -1,185 +0,0 @@ -/* - * ipsec_alg SHA2 hash stubs - * - * Author: JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar> - * - * $Id: ipsec_alg_sha2.c,v 1.2 2004/03/22 21:53:19 as Exp $ - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - * - */ -#include <linux/config.h> -#include <linux/version.h> - -/* - * special case: ipsec core modular with this static algo inside: - * must avoid MODULE magic for this file - */ -#if CONFIG_IPSEC_MODULE && CONFIG_IPSEC_ALG_SHA2 -#undef MODULE -#endif - -#include <linux/module.h> -#include <linux/init.h> - -#include <linux/kernel.h> /* printk() */ -#include <linux/errno.h> /* error codes */ -#include <linux/types.h> /* size_t */ -#include <linux/string.h> - -/* Check if __exit is defined, if not null it */ -#ifndef __exit -#define __exit -#endif - -/* Low freeswan header coupling */ -#include "freeswan/ipsec_alg.h" -#include "libsha2/sha2.h" -#include "libsha2/hmac_sha2.h" - -MODULE_AUTHOR("JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar>"); -static int debug=0; -MODULE_PARM(debug, "i"); -static int test=0; -MODULE_PARM(test, "i"); -static int excl=0; -MODULE_PARM(excl, "i"); - -/* almost constants ...: draft-ietf-ipsec-ciph-aes-cbc-03.txt */ -#define AH_SHA2_256 5 -#define AH_SHA2_384 6 -#define AH_SHA2_512 7 - -static int _sha256_hmac_set_key(struct ipsec_alg_auth *alg, __u8 * key_a, const __u8 * key, int keylen) { - sha256_hmac_context *hctx=(sha256_hmac_context*)(key_a); - sha256_hmac_set_key(hctx, key, keylen); - if (debug > 0) - printk(KERN_DEBUG "klips_debug: _sha256_hmac_set_key(): " - "key_a=%p key=%p keysize=%d\n", - key_a, key, keylen); - return 0; -} -static int _sha256_hmac_hash(struct ipsec_alg_auth *alg, __u8 * key_a, const __u8 * dat, int len, __u8 * hash, int hashlen) { - sha256_hmac_context *hctx=(sha256_hmac_context*)(key_a); - if (debug > 0) - printk(KERN_DEBUG "klips_debug: _sha256_hmac_hash(): " - "key_a=%p dat=%p len=%d hash=%p hashlen=%d\n", - key_a, dat, len, hash, hashlen); - sha256_hmac_hash(hctx, dat, len, hash, hashlen); - return 0; -} -static int _sha512_hmac_set_key(struct ipsec_alg_auth *alg, __u8 * key_a, const __u8 * key, int keylen) { - sha512_hmac_context *hctx=(sha512_hmac_context*)(key_a); - sha512_hmac_set_key(hctx, key, keylen); - if (debug > 0) - printk(KERN_DEBUG "klips_debug: _sha512_hmac_set_key(): " - "key_a=%p key=%p keysize=%d\n", - key_a, key, keylen); - return 0; -} -static int _sha512_hmac_hash(struct ipsec_alg_auth *alg, __u8 * key_a, const __u8 * dat, int len, __u8 * hash, int hashlen) { - sha512_hmac_context *hctx=(sha512_hmac_context*)(key_a); - if (debug > 0) - printk(KERN_DEBUG "klips_debug: _sha512_hmac_hash(): " - "key_a=%p dat=%p len=%d hash=%p hashlen=%d\n", - key_a, dat, len, hash, hashlen); - sha512_hmac_hash(hctx, dat, len, hash, hashlen); - return 0; -} -static struct ipsec_alg_auth ipsec_alg_SHA2_256 = { - ixt_version: IPSEC_ALG_VERSION, - ixt_module: THIS_MODULE, - ixt_refcnt: ATOMIC_INIT(0), - ixt_alg_type: IPSEC_ALG_TYPE_AUTH, - ixt_alg_id: AH_SHA2_256, - ixt_name: "sha2_256", - ixt_blocksize: SHA256_BLOCKSIZE, - ixt_keyminbits: 256, - ixt_keymaxbits: 256, - ixt_a_keylen: 256/8, - ixt_a_ctx_size: sizeof(sha256_hmac_context), - ixt_a_hmac_set_key: _sha256_hmac_set_key, - ixt_a_hmac_hash: _sha256_hmac_hash, -}; -static struct ipsec_alg_auth ipsec_alg_SHA2_512 = { - ixt_version: IPSEC_ALG_VERSION, - ixt_module: THIS_MODULE, - ixt_refcnt: ATOMIC_INIT(0), - ixt_alg_type: IPSEC_ALG_TYPE_AUTH, - ixt_alg_id: AH_SHA2_512, - ixt_name: "sha2_512", - ixt_blocksize: SHA512_BLOCKSIZE, - ixt_keyminbits: 512, - ixt_keymaxbits: 512, - ixt_a_keylen: 512/8, - ixt_a_ctx_size: sizeof(sha512_hmac_context), - ixt_a_hmac_set_key: _sha512_hmac_set_key, - ixt_a_hmac_hash: _sha512_hmac_hash, -}; - -IPSEC_ALG_MODULE_INIT( ipsec_sha2_init ) -{ - int ret, test_ret; - if (excl) ipsec_alg_SHA2_256.ixt_state |= IPSEC_ALG_ST_EXCL; - ret=register_ipsec_alg_auth(&ipsec_alg_SHA2_256); - printk("ipsec_sha2_init(alg_type=%d alg_id=%d name=%s): ret=%d\n", - ipsec_alg_SHA2_256.ixt_alg_type, - ipsec_alg_SHA2_256.ixt_alg_id, - ipsec_alg_SHA2_256.ixt_name, - ret); - if (ret != 0) - goto out; - if (ret==0 && test) { - test_ret=ipsec_alg_test( - ipsec_alg_SHA2_256.ixt_alg_type, - ipsec_alg_SHA2_256.ixt_alg_id, - test); - printk("ipsec_sha2_init(alg_type=%d alg_id=%d): test_ret=%d\n", - ipsec_alg_SHA2_256.ixt_alg_type, - ipsec_alg_SHA2_256.ixt_alg_id, - test_ret); - } - if (excl) ipsec_alg_SHA2_512.ixt_state |= IPSEC_ALG_ST_EXCL; - ret=register_ipsec_alg_auth(&ipsec_alg_SHA2_512); - printk("ipsec_sha2_init(alg_type=%d alg_id=%d name=%s): ret=%d\n", - ipsec_alg_SHA2_512.ixt_alg_type, - ipsec_alg_SHA2_512.ixt_alg_id, - ipsec_alg_SHA2_512.ixt_name, - ret); - if (ret != 0) - goto out_256; - if (ret==0 && test) { - test_ret=ipsec_alg_test( - ipsec_alg_SHA2_512.ixt_alg_type, - ipsec_alg_SHA2_512.ixt_alg_id, - test); - printk("ipsec_sha2_init(alg_type=%d alg_id=%d): test_ret=%d\n", - ipsec_alg_SHA2_512.ixt_alg_type, - ipsec_alg_SHA2_512.ixt_alg_id, - test_ret); - } - goto out; -out_256: - unregister_ipsec_alg_auth(&ipsec_alg_SHA2_256); -out: - return ret; -} -IPSEC_ALG_MODULE_EXIT( ipsec_sha2_fini ) -{ - unregister_ipsec_alg_auth(&ipsec_alg_SHA2_512); - unregister_ipsec_alg_auth(&ipsec_alg_SHA2_256); - return; -} -#ifdef MODULE_LICENSE -MODULE_LICENSE("GPL"); -#endif - -EXPORT_NO_SYMBOLS; diff --git a/linux/net/ipsec/alg/ipsec_alg_twofish.c b/linux/net/ipsec/alg/ipsec_alg_twofish.c deleted file mode 100644 index dfeba1f1b..000000000 --- a/linux/net/ipsec/alg/ipsec_alg_twofish.c +++ /dev/null @@ -1,138 +0,0 @@ -/* - * ipsec_alg TWOFISH cipher stubs - * - * Author: JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar> - * - * $Id: ipsec_alg_twofish.c,v 1.2 2004/03/22 21:53:19 as Exp $ - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - * - */ -#include <linux/config.h> -#include <linux/version.h> - -/* - * special case: ipsec core modular with this static algo inside: - * must avoid MODULE magic for this file - */ -#if CONFIG_IPSEC_MODULE && CONFIG_IPSEC_ALG_TWOFISH -#undef MODULE -#endif - -#include <linux/module.h> -#include <linux/init.h> - -#include <linux/kernel.h> /* printk() */ -#include <linux/errno.h> /* error codes */ -#include <linux/types.h> /* size_t */ -#include <linux/string.h> - -/* Check if __exit is defined, if not null it */ -#ifndef __exit -#define __exit -#endif - -/* Low freeswan header coupling */ -#include "freeswan/ipsec_alg.h" -#include "libtwofish/twofish.h" -#include "libtwofish/twofish_cbc.h" - -#define ESP_TWOFISH 253 /* from ipsec drafts */ - -/* 128, 192 or 256 */ -#define ESP_TWOFISH_KEY_SZ_MIN 16 /* 128 bit secret key */ -#define ESP_TWOFISH_KEY_SZ_MAX 32 /* 256 bit secret key */ -#define ESP_TWOFISH_CBC_BLK_LEN 16 /* TWOFISH-CBC block size */ - -MODULE_AUTHOR("JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar>"); -static int debug=0; -MODULE_PARM(debug, "i"); -static int test=0; -MODULE_PARM(test, "i"); -static int excl=0; -MODULE_PARM(excl, "i"); -static int keyminbits=0; -MODULE_PARM(keyminbits, "i"); -static int keymaxbits=0; -MODULE_PARM(keymaxbits, "i"); - -static int _twofish_set_key(struct ipsec_alg_enc *alg, __u8 * key_e, const __u8 * key, size_t keysize) { - twofish_context *ctx=(twofish_context *)key_e; - if (debug > 0) - printk(KERN_DEBUG "klips_debug:_twofish_set_key:" - "key_e=%p key=%p keysize=%d\n", - key_e, key, keysize); - twofish_set_key(ctx, key, keysize); - return 0; -} -static int _twofish_cbc_encrypt(struct ipsec_alg_enc *alg, __u8 * key_e, __u8 * in, int ilen, const __u8 * iv, int encrypt) { - twofish_context *ctx=(twofish_context *)key_e; - if (debug > 0) - printk(KERN_DEBUG "klips_debug:_twofish_cbc_encrypt:" - "key_e=%p in=%p ilen=%d iv=%p encrypt=%d\n", - key_e, in, ilen, iv, encrypt); - twofish_cbc_encrypt(ctx, in, in, ilen, iv, encrypt); - return ilen; -} -static struct ipsec_alg_enc ipsec_alg_TWOFISH = { - ixt_version: IPSEC_ALG_VERSION, - ixt_module: THIS_MODULE, - ixt_refcnt: ATOMIC_INIT(0), - ixt_alg_type: IPSEC_ALG_TYPE_ENCRYPT, - ixt_alg_id: ESP_TWOFISH, - ixt_name: "twofish", - ixt_blocksize: ESP_TWOFISH_CBC_BLK_LEN, - ixt_keyminbits: ESP_TWOFISH_KEY_SZ_MIN * 8, - ixt_keymaxbits: ESP_TWOFISH_KEY_SZ_MAX * 8, - ixt_e_keylen: ESP_TWOFISH_KEY_SZ_MAX, - ixt_e_ctx_size: sizeof(twofish_context), - ixt_e_set_key: _twofish_set_key, - ixt_e_cbc_encrypt:_twofish_cbc_encrypt, -}; - -IPSEC_ALG_MODULE_INIT( ipsec_twofish_init ) -{ - int ret, test_ret; - if (keyminbits) - ipsec_alg_TWOFISH.ixt_keyminbits=keyminbits; - if (keymaxbits) { - ipsec_alg_TWOFISH.ixt_keymaxbits=keymaxbits; - if (keymaxbits*8>ipsec_alg_TWOFISH.ixt_keymaxbits) - ipsec_alg_TWOFISH.ixt_e_keylen=keymaxbits*8; - } - if (excl) ipsec_alg_TWOFISH.ixt_state |= IPSEC_ALG_ST_EXCL; - ret=register_ipsec_alg_enc(&ipsec_alg_TWOFISH); - printk("ipsec_twofish_init(alg_type=%d alg_id=%d name=%s): ret=%d\n", - ipsec_alg_TWOFISH.ixt_alg_type, - ipsec_alg_TWOFISH.ixt_alg_id, - ipsec_alg_TWOFISH.ixt_name, ret); - if (ret==0 && test) { - test_ret=ipsec_alg_test( - ipsec_alg_TWOFISH.ixt_alg_type, - ipsec_alg_TWOFISH.ixt_alg_id, - test); - printk("ipsec_twofish_init(alg_type=%d alg_id=%d): test_ret=%d\n", - ipsec_alg_TWOFISH.ixt_alg_type, - ipsec_alg_TWOFISH.ixt_alg_id, - ret); - } - return ret; -} -IPSEC_ALG_MODULE_EXIT( ipsec_twofish_fini ) -{ - unregister_ipsec_alg_enc(&ipsec_alg_TWOFISH); - return; -} -#ifdef MODULE_LICENSE -MODULE_LICENSE("GPL"); - -EXPORT_NO_SYMBOLS; -#endif diff --git a/linux/net/ipsec/alg/scripts/mk-static_init.c.sh b/linux/net/ipsec/alg/scripts/mk-static_init.c.sh deleted file mode 100644 index 8a17c670e..000000000 --- a/linux/net/ipsec/alg/scripts/mk-static_init.c.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/sh -cat << EOF -#include <linux/kernel.h> -#include <linux/list.h> -#include "freeswan/ipsec_alg.h" -$(for i in $*; do - test -z "$i" && continue - echo "extern int $i(void);" -done) -void ipsec_alg_static_init(void){ - int __attribute__ ((unused)) err=0; -$(for i in $*; do - test -z "$i" && continue - echo " if ((err=$i()) < 0)" - echo " printk(KERN_WARNING \"$i() returned %d\", err);" -done) -} -EOF |