2
* @(#) Initialization code.
3
* Copyright (C) 1996, 1997 John Ioannidis.
4
* Copyright (C) 1998, 1999, 2000, 2001, 2002 Richard Guy Briggs <rgb@freeswan.org>
5
* 2001 Michael Richardson <mcr@freeswan.org>
7
* This program is free software; you can redistribute it and/or modify it
8
* under the terms of the GNU General Public License as published by the
9
* Free Software Foundation; either version 2 of the License, or (at your
10
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
12
* This program is distributed in the hope that it will be useful, but
13
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
17
* /proc system code was split out into ipsec_proc.c after rev. 1.70.
21
char ipsec_init_c_version[] = "RCSID $Id: ipsec_init.c,v 1.90.6.1 2004/04/18 23:00:23 ken Exp $";
23
#include <linux/config.h>
24
#include <linux/version.h>
25
#include <linux/module.h>
26
#include <linux/kernel.h> /* printk() */
28
#include "freeswan/ipsec_param.h"
31
# include <linux/slab.h> /* kmalloc() */
32
#else /* MALLOC_SLAB */
33
# include <linux/malloc.h> /* kmalloc() */
34
#endif /* MALLOC_SLAB */
35
#include <linux/errno.h> /* error codes */
36
#include <linux/types.h> /* size_t */
37
#include <linux/interrupt.h> /* mark_bh */
39
#include <linux/netdevice.h> /* struct device, and other headers */
40
#include <linux/etherdevice.h> /* eth_type_trans */
41
#include <linux/ip.h> /* struct iphdr */
42
#include <linux/in.h> /* struct sockaddr_in */
43
#include <linux/skbuff.h>
44
#include <linux/random.h> /* get_random_bytes() */
49
# include <linux/spinlock.h> /* *lock* */
50
# else /* 23_SPINLOCK */
51
# include <asm/spinlock.h> /* *lock* */
52
# endif /* 23_SPINLOCK */
56
# include <asm/uaccess.h>
57
# include <linux/in6.h>
60
#include <asm/checksum.h>
64
# include <linux/proc_fs.h>
65
#endif /* CONFIG_PROC_FS */
68
# include <linux/netlink.h>
70
# include <net/netlink.h>
73
#include "freeswan/radij.h"
75
#include "freeswan/ipsec_life.h"
76
#include "freeswan/ipsec_stats.h"
77
#include "freeswan/ipsec_sa.h"
79
#include "freeswan/ipsec_encap.h"
80
#include "freeswan/ipsec_radij.h"
81
#include "freeswan/ipsec_xform.h"
82
#include "freeswan/ipsec_tunnel.h"
84
#include "freeswan/ipsec_rcv.h"
85
#include "freeswan/ipsec_ah.h"
86
#include "freeswan/ipsec_esp.h"
88
#ifdef CONFIG_IPSEC_IPCOMP
89
# include "freeswan/ipcomp.h"
90
#endif /* CONFIG_IPSEC_IPCOMP */
92
#include "freeswan/ipsec_proto.h"
97
#if !defined(CONFIG_IPSEC_ESP) && !defined(CONFIG_IPSEC_AH)
98
#error "kernel configuration must include ESP or AH"
102
* seems to be present in 2.4.10 (Linus), but also in some RH and other
103
* distro kernels of a lower number.
105
#ifdef MODULE_LICENSE
106
MODULE_LICENSE("GPL");
109
#ifdef CONFIG_IPSEC_DEBUG
110
int debug_eroute = 0;
112
int debug_netlink = 0;
113
#endif /* CONFIG_IPSEC_DEBUG */
115
struct prng ipsec_prng;
117
extern int ipsec_device_event(struct notifier_block *dnot, unsigned long event, void *ptr);
119
* the following structure is required so that we receive
120
* event notifications when network devices are enabled and
121
* disabled (ifconfig up and down).
123
static struct notifier_block ipsec_dev_notifier={
130
extern int ipsec_sysctl_register(void);
131
extern void ipsec_sysctl_unregister(void);
135
freeswan_inet_add_protocol(struct inet_protocol *prot, unsigned protocol)
138
return inet_add_protocol(prot, protocol);
140
inet_add_protocol(prot);
146
freeswan_inet_del_protocol(struct inet_protocol *prot, unsigned protocol)
149
return inet_del_protocol(prot, protocol);
151
inet_del_protocol(prot);
161
extern int des_check_key;
162
unsigned char seed[256];
164
/* turn off checking of keys */
167
KLIPS_PRINT(1, "klips_info:ipsec_init: "
168
"KLIPS startup, Openswan IPsec version: %s\n",
169
ipsec_version_code());
171
error |= ipsec_proc_init();
174
ipsec_sadb.sadb_lock = SPIN_LOCK_UNLOCKED;
176
ipsec_sadb.sadb_lock = 0;
177
#endif /* SPINLOCK */
181
eroute_lock.lock = 0;
182
#endif /* !SPINLOCK */
184
error |= ipsec_sadb_init();
185
error |= ipsec_radijinit();
187
error |= pfkey_init();
189
error |= register_netdevice_notifier(&ipsec_dev_notifier);
191
#ifdef CONFIG_IPSEC_ESP
192
freeswan_inet_add_protocol(&esp_protocol, IPPROTO_ESP);
193
#endif /* CONFIG_IPSEC_ESP */
195
#ifdef CONFIG_IPSEC_AH
196
freeswan_inet_add_protocol(&ah_protocol, IPPROTO_AH);
197
#endif /* CONFIG_IPSEC_AH */
199
/* we never actually link IPCOMP to the stack */
200
#ifdef IPCOMP_USED_ALONE
201
#ifdef CONFIG_IPSEC_IPCOMP
202
freeswan_inet_add_protocol(&comp_protocol, IPPROTO_COMP);
203
#endif /* CONFIG_IPSEC_IPCOMP */
206
error |= ipsec_tunnel_init_devices();
210
error |= ipsec_sysctl_register();
213
get_random_bytes((void *)seed, sizeof(seed));
214
prng_init(&ipsec_prng, seed, sizeof(seed));
227
ipsec_sysctl_unregister();
229
KLIPS_PRINT(debug_netlink, /* debug_tunnel & DB_TN_INIT, */
230
"klips_debug:ipsec_cleanup: "
231
"calling ipsec_tunnel_cleanup_devices.\n");
232
error |= ipsec_tunnel_cleanup_devices();
234
KLIPS_PRINT(debug_netlink, "called ipsec_tunnel_cleanup_devices");
236
/* we never actually link IPCOMP to the stack */
237
#ifdef IPCOMP_USED_ALONE
238
#ifdef CONFIG_IPSEC_IPCOMP
239
if (freeswan_inet_del_protocol(&comp_protocol, IPPROTO_COMP) < 0)
240
printk(KERN_INFO "klips_debug:ipsec_cleanup: "
241
"comp close: can't remove protocol\n");
242
#endif /* CONFIG_IPSEC_IPCOMP */
243
#endif /* IPCOMP_USED_ALONE */
245
#ifdef CONFIG_IPSEC_AH
246
if (freeswan_inet_del_protocol(&ah_protocol, IPPROTO_AH) < 0)
247
printk(KERN_INFO "klips_debug:ipsec_cleanup: "
248
"ah close: can't remove protocol\n");
249
#endif /* CONFIG_IPSEC_AH */
251
#ifdef CONFIG_IPSEC_ESP
252
if (freeswan_inet_del_protocol(&esp_protocol, IPPROTO_ESP) < 0)
253
printk(KERN_INFO "klips_debug:ipsec_cleanup: "
254
"esp close: can't remove protocol\n");
255
#endif /* CONFIG_IPSEC_ESP */
257
error |= unregister_netdevice_notifier(&ipsec_dev_notifier);
259
KLIPS_PRINT(debug_netlink, /* debug_tunnel & DB_TN_INIT, */
260
"klips_debug:ipsec_cleanup: "
261
"calling ipsec_sadb_cleanup.\n");
262
error |= ipsec_sadb_cleanup(0);
263
error |= ipsec_sadb_free();
265
KLIPS_PRINT(debug_netlink, /* debug_tunnel & DB_TN_INIT, */
266
"klips_debug:ipsec_cleanup: "
267
"calling ipsec_radijcleanup.\n");
268
error |= ipsec_radijcleanup();
270
KLIPS_PRINT(debug_pfkey, /* debug_tunnel & DB_TN_INIT, */
271
"klips_debug:ipsec_cleanup: "
272
"calling pfkey_cleanup.\n");
273
error |= pfkey_cleanup();
275
ipsec_proc_cleanup();
277
prng_final(&ipsec_prng);
288
error |= ipsec_init();
298
KLIPS_PRINT(debug_netlink, /* debug_tunnel & DB_TN_INIT, */
299
"klips_debug:cleanup_module: "
300
"calling ipsec_cleanup.\n");
302
error |= ipsec_cleanup();
304
KLIPS_PRINT(1, "klips_info:cleanup_module: "
305
"ipsec module unloaded.\n");
312
* $Log: ipsec_init.c,v $
313
* Revision 1.90.6.1 2004/04/18 23:00:23 ken
314
* Change some remenents of FreeS/WAN -> Openswan
316
* Revision 1.90 2003/10/31 02:27:55 mcr
317
* pulled up port-selector patches and sa_id elimination.
319
* Revision 1.89.4.1 2003/10/29 01:30:41 mcr
320
* elimited "struct sa_id".
322
* Revision 1.89 2003/07/31 22:47:16 mcr
323
* preliminary (untested by FS-team) 2.5 patches.
325
* Revision 1.88 2003/06/22 20:05:36 mcr
326
* clarified why IPCOMP was not being registered, and put a new
327
* #ifdef in rather than #if 0.
329
* Revision 1.87 2002/09/20 15:40:51 rgb
330
* Added a lock to the global ipsec_sadb struct for future use.
331
* Split ipsec_sadb_cleanup from new funciton ipsec_sadb_free to avoid problem
332
* of freeing newly created structures when clearing the reftable upon startup
333
* to start from a known state.
335
* Revision 1.86 2002/08/15 18:39:15 rgb
336
* Move ipsec_prng outside debug code.
338
* Revision 1.85 2002/05/14 02:35:29 rgb
339
* Change reference to tdb to ipsa.
341
* Revision 1.84 2002/04/24 07:55:32 mcr
342
* #include patches and Makefiles for post-reorg compilation.
344
* Revision 1.83 2002/04/24 07:36:28 mcr
345
* Moved from ./klips/net/ipsec/ipsec_init.c,v
347
* Revision 1.82 2002/04/20 00:12:25 rgb
348
* Added esp IV CBC attack fix, disabled.
350
* Revision 1.81 2002/04/09 16:13:32 mcr
351
* switch license to straight GPL.
353
* Revision 1.80 2002/03/24 07:34:08 rgb
354
* Sanity check for at least one of AH or ESP configured.
356
* Revision 1.79 2002/02/05 22:55:15 mcr
357
* added MODULE_LICENSE declaration.
358
* This macro does not appear in all kernel versions (see comment).
360
* Revision 1.78 2002/01/29 17:17:55 mcr
361
* moved include of ipsec_param.h to after include of linux/kernel.h
362
* otherwise, it seems that some option that is set in ipsec_param.h
363
* screws up something subtle in the include path to kernel.h, and
364
* it complains on the snprintf() prototype.
366
* Revision 1.77 2002/01/29 04:00:51 mcr
367
* more excise of kversions.h header.
369
* Revision 1.76 2002/01/29 02:13:17 mcr
370
* introduction of ipsec_kversion.h means that include of
371
* ipsec_param.h must preceed any decisions about what files to
372
* include to deal with differences in kernel source.
374
* Revision 1.75 2001/11/26 09:23:48 rgb
375
* Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
377
* Revision 1.74 2001/11/22 05:44:11 henry
380
* Revision 1.71.2.2 2001/10/22 20:51:00 mcr
381
* explicitely set des_check_key.
383
* Revision 1.71.2.1 2001/09/25 02:19:39 mcr
384
* /proc manipulation code moved to new ipsec_proc.c
386
* Revision 1.73 2001/11/06 19:47:17 rgb
387
* Changed lifetime_packets to uint32 from uint64.
389
* Revision 1.72 2001/10/18 04:45:19 rgb
390
* 2.4.9 kernel deprecates linux/malloc.h in favour of linux/slab.h,
391
* lib/freeswan.h version macros moved to lib/kversions.h.
392
* Other compiler directive cleanups.
394
* Revision 1.71 2001/09/20 15:32:45 rgb
395
* Minor pfkey lifetime fixes.
397
* Revision 1.70 2001/07/06 19:51:21 rgb
398
* Added inbound policy checking code for IPIP SAs.
400
* Revision 1.69 2001/06/14 19:33:26 rgb
401
* Silence startup message for console, but allow it to be logged.
402
* Update copyright date.
404
* Revision 1.68 2001/05/29 05:14:36 rgb
405
* Added PMTU to /proc/net/ipsec_tncfg output. See 'man 5 ipsec_tncfg'.
407
* Revision 1.67 2001/05/04 16:34:52 rgb
408
* Rremove erroneous checking of return codes for proc_net_* in 2.4.
410
* Revision 1.66 2001/05/03 19:40:34 rgb
411
* Check error return codes in startup and shutdown.
413
* Revision 1.65 2001/02/28 05:03:27 rgb
414
* Clean up and rationalise startup messages.
416
* Revision 1.64 2001/02/27 22:24:53 rgb
417
* Re-formatting debug output (line-splitting, joining, 1arg/line).
418
* Check for satoa() return codes.
420
* Revision 1.63 2000/11/29 20:14:06 rgb
421
* Add src= to the output of /proc/net/ipsec_spi and delete dst from IPIP.
423
* Revision 1.62 2000/11/06 04:31:24 rgb
424
* Ditched spin_lock_irqsave in favour of spin_lock_bh.
425
* Fixed longlong for pre-2.4 kernels (Svenning).
426
* Add Svenning's adaptive content compression.
427
* Disabled registration of ipcomp handler.
429
* Revision 1.61 2000/10/11 13:37:54 rgb
430
* #ifdef out debug print that causes proc/net/ipsec_version to oops.
432
* Revision 1.60 2000/09/20 03:59:01 rgb
433
* Change static info functions to DEBUG_NO_STATIC to reveal function names
436
* Revision 1.59 2000/09/16 01:06:26 rgb
437
* Added cast of var to silence compiler warning about long fed to int
440
* Revision 1.58 2000/09/15 11:37:01 rgb
441
* Merge in heavily modified Svenning Soerensen's <svenning@post5.tele.dk>
442
* IPCOMP zlib deflate code.
444
* Revision 1.57 2000/09/12 03:21:50 rgb
445
* Moved radij_c_version printing to ipsec_version_get_info().
446
* Reformatted ipsec_version_get_info().
447
* Added sysctl_{,un}register() calls.
449
* Revision 1.56 2000/09/08 19:16:50 rgb
450
* Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
451
* Removed all references to CONFIG_IPSEC_PFKEYv2.
453
* Revision 1.55 2000/08/30 05:19:03 rgb
454
* Cleaned up no longer used spi_next, netlink register/unregister, other
456
* Removed cruft replaced by TDB_XFORM_NAME.
457
* Removed all the rest of the references to tdb_spi, tdb_proto, tdb_dst.
458
* Moved debug version strings to printk when /proc/net/ipsec_version is
461
* Revision 1.54 2000/08/20 18:31:05 rgb
462
* Changed cosmetic alignment in spi_info.
463
* Changed addtime and usetime to use actual value which is relative
464
* anyways, as intended. (Momchil)
466
* Revision 1.53 2000/08/18 17:37:03 rgb
467
* Added an (int) cast to shut up the compiler...
469
* Revision 1.52 2000/08/01 14:51:50 rgb
470
* Removed _all_ remaining traces of DES.
472
* Revision 1.51 2000/07/25 20:41:22 rgb
473
* Removed duplicate parameter in spi_getinfo.
475
* Revision 1.50 2000/07/17 03:21:45 rgb
476
* Removed /proc/net/ipsec_spinew.
478
* Revision 1.49 2000/06/28 05:46:51 rgb
479
* Renamed ivlen to iv_bits for consistency.
480
* Changed output of add and use times to be relative to now.
482
* Revision 1.48 2000/05/11 18:26:10 rgb
483
* Commented out calls to netlink_attach/detach to avoid activating netlink
484
* in the kenrel config.
486
* Revision 1.47 2000/05/10 22:35:26 rgb
487
* Comment out most of the startup version information.
489
* Revision 1.46 2000/03/22 16:15:36 rgb
490
* Fixed renaming of dev_get (MB).
492
* Revision 1.45 2000/03/16 06:40:48 rgb
493
* Hardcode PF_KEYv2 support.
495
* Revision 1.44 2000/01/22 23:19:20 rgb
496
* Simplified code to use existing macro TDB_XFORM_NAME().
498
* Revision 1.43 2000/01/21 06:14:04 rgb
499
* Print individual stats only if non-zero.
500
* Removed 'bits' from each keylength for brevity.
501
* Shortened lifetimes legend for brevity.
502
* Changed wording from 'last_used' to the clearer 'idle'.
504
* Revision 1.42 1999/12/31 14:57:19 rgb
505
* MB fix for new dummy-less proc_get_info in 2.3.35.
507
* Revision 1.41 1999/11/23 23:04:03 rgb
508
* Use provided macro ADDRTOA_BUF instead of hardcoded value.
509
* Sort out pfkey and freeswan headers, putting them in a library path.
511
* Revision 1.40 1999/11/18 18:47:01 rgb
512
* Added dynamic proc registration for 2.3.25+.
513
* Changed all device registrations for static linking to
514
* dynamic to reduce the number and size of patches.
515
* Changed all protocol registrations for static linking to
516
* dynamic to reduce the number and size of patches.
518
* Revision 1.39 1999/11/18 04:12:07 rgb
519
* Replaced all kernel version macros to shorter, readable form.
520
* Added Marc Boucher's 2.3.25 proc patches.
521
* Converted all PROC_FS entries to dynamic to reduce kernel patching.
522
* Added CONFIG_PROC_FS compiler directives in case it is shut off.
524
* Revision 1.38 1999/11/17 15:53:38 rgb
525
* Changed all occurrences of #include "../../../lib/freeswan.h"
526
* to #include <freeswan.h> which works due to -Ilibfreeswan in the
527
* klips/net/ipsec/Makefile.
529
* Revision 1.37 1999/10/16 04:23:06 rgb
530
* Add stats for replaywin_errs, replaywin_max_sequence_difference,
531
* authentication errors, encryption size errors, encryption padding
532
* errors, and time since last packet.
534
* Revision 1.36 1999/10/16 00:30:47 rgb
535
* Added SA lifetime counting.
537
* Revision 1.35 1999/10/15 22:14:00 rgb
540
* Revision 1.34 1999/10/03 18:46:28 rgb
541
* Spinlock fixes for 2.0.xx and 2.3.xx.
543
* Revision 1.33 1999/10/01 17:08:10 rgb
544
* Disable spinlock init.
546
* Revision 1.32 1999/10/01 16:22:24 rgb
547
* Switch from assignment init. to functional init. of spinlocks.
549
* Revision 1.31 1999/10/01 15:44:52 rgb
550
* Move spinlock header include to 2.1> scope.
552
* Revision 1.30 1999/10/01 00:00:16 rgb
553
* Added eroute structure locking.
554
* Added tdb structure locking.
555
* Minor formatting changes.
556
* Add call to initialize tdb hash table.
558
* Revision 1.29 1999/09/23 20:22:40 rgb
559
* Enable, tidy and fix network notifier code.
561
* Revision 1.28 1999/09/18 11:39:56 rgb
562
* Start to add (disabled) netdevice notifier code.
564
* Revision 1.27 1999/08/28 08:24:47 rgb
565
* Add compiler directives to compile cleanly without debugging.
567
* Revision 1.26 1999/08/06 16:03:22 rgb
568
* Correct error messages on failure to unload /proc entries.
570
* Revision 1.25 1999/08/03 17:07:25 rgb
571
* Report device MTU, not private MTU.
573
* Revision 1.24 1999/05/25 22:24:37 rgb
574
* /PROC/NET/ipsec* init problem fix.
576
* Revision 1.23 1999/05/25 02:16:38 rgb
577
* Make modular proc_fs entries dynamic and fix for 2.2.x.
579
* Revision 1.22 1999/05/09 03:25:35 rgb
580
* Fix bug introduced by 2.2 quick-and-dirty patch.
582
* Revision 1.21 1999/05/05 22:02:30 rgb
583
* Add a quick and dirty port to 2.2 kernels by Marc Boucher <marc@mbsi.ca>.
585
* Revision 1.20 1999/04/29 15:15:50 rgb
586
* Fix undetected iv_len reporting bug.
587
* Add sanity checking for null pointer to private data space.
588
* Add return values to init and cleanup functions.
590
* Revision 1.19 1999/04/27 19:24:44 rgb
591
* Added /proc/net/ipsec_klipsdebug support for reading the current debug
593
* Instrument module load/init/unload.
595
* Revision 1.18 1999/04/15 15:37:24 rgb
596
* Forward check changes from POST1_00 branch.
598
* Revision 1.15.2.3 1999/04/13 20:29:19 rgb
599
* /proc/net/ipsec_* cleanup.
601
* Revision 1.15.2.2 1999/04/02 04:28:23 rgb
602
* /proc/net/ipsec_* formatting enhancements.
604
* Revision 1.15.2.1 1999/03/30 17:08:33 rgb
605
* Add pfkey initialisation.
607
* Revision 1.17 1999/04/11 00:28:57 henry
610
* Revision 1.16 1999/04/06 04:54:25 rgb
611
* Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
614
* Revision 1.15 1999/02/24 20:15:07 rgb
615
* Update output format.
617
* Revision 1.14 1999/02/17 16:49:39 rgb
618
* Convert DEBUG_IPSEC to KLIPS_PRINT
619
* Ditch NET_IPIP dependancy.
621
* Revision 1.13 1999/01/26 02:06:37 rgb
622
* Remove ah/esp switching on include files.
623
* Removed CONFIG_IPSEC_ALGO_SWITCH macro.
625
* Remove references to INET_GET_PROTOCOL.
627
* Revision 1.12 1999/01/22 06:19:18 rgb
630
* Added algorithm switch code.
632
* Revision 1.11 1998/12/01 05:54:53 rgb
633
* Cleanup and order debug version output.
635
* Revision 1.10 1998/11/30 13:22:54 rgb
636
* Rationalised all the klips kernel file headers. They are much shorter
637
* now and won't conflict under RH5.2.
639
* Revision 1.9 1998/11/10 05:35:13 rgb
640
* Print direction in/out flag from /proc/net/ipsec_spi.
642
* Revision 1.8 1998/10/27 13:48:10 rgb
643
* Cleaned up /proc/net/ipsec_* filesystem for easy parsing by scripts.
644
* Fixed less(1) truncated output bug.
647
* Revision 1.7 1998/10/22 06:43:16 rgb
648
* Convert to use satoa for printk.
650
* Revision 1.6 1998/10/19 14:24:35 rgb
651
* Added inclusion of freeswan.h.
653
* Revision 1.5 1998/10/09 04:43:35 rgb
654
* Added 'klips_debug' prefix to all klips printk debug statements.
656
* Revision 1.4 1998/07/27 21:50:22 rgb
657
* Not necessary to traverse mask tree for /proc/net/ipsec_eroute.
659
* Revision 1.3 1998/06/25 19:51:20 rgb
660
* Clean up #endif comments.
661
* Shift debugging comment control for procfs to debug_tunnel.
662
* Make proc_dir_entries visible to rest of kernel for static link.
663
* Replace hardwired fileperms with macros.
664
* Use macros for procfs inode numbers.
665
* Rearrange initialisations between ipsec_init and module_init as appropriate
666
* for static loading.
668
* Revision 1.2 1998/06/23 02:55:43 rgb
669
* Slightly quieted init-time messages.
670
* Re-introduced inet_add_protocol after it mysteriously disappeared...
671
* Check for and warn of absence of IPIP protocol on install of module.
672
* Move tdbcleanup to ipsec_xform.c.
674
* Revision 1.10 1998/06/18 21:29:04 henry
675
* move sources from klips/src to klips/net/ipsec, to keep stupid kernel
676
* build scripts happier in presence of symbolic links
678
* Revision 1.9 1998/06/14 23:49:40 rgb
679
* Clarify version reporting on module loading.
681
* Revision 1.8 1998/06/11 05:54:23 rgb
682
* Added /proc/net/ipsec_version to report freeswan and transform versions.
683
* Added /proc/net/ipsec_spinew to generate new and unique spi's..
684
* Fixed /proc/net/ipsec_tncfg bug.
686
* Revision 1.7 1998/05/25 20:23:13 rgb
687
* proc_register changed to dynamic registration to avoid arbitrary inode
690
* Implement memory recovery from tdb and eroute tables.
692
* Revision 1.6 1998/05/21 13:08:58 rgb
693
* Rewrote procinfo subroutines to avoid *bad things* when more that 3k of
694
* information is available for printout.
696
* Revision 1.5 1998/05/18 21:29:48 rgb
697
* Cleaned up /proc/net/ipsec_* output, including a title line, algorithm
698
* names instead of numbers, standard format for numerical output base,
699
* whitespace for legibility, and the names themselves for consistency.
701
* Added /proc/net/ipsec_spigrp and /proc/net/ipsec_tncfg.
703
* Revision 1.4 1998/04/30 15:42:24 rgb
704
* Silencing attach for normal operations with #ifdef IPSEC_DEBUG.
706
* Revision 1.3 1998/04/21 21:28:58 rgb
707
* Rearrange debug switches to change on the fly debug output from user
708
* space. Only kernel changes checked in at this time. radij.c was also
709
* changed to temporarily remove buggy debugging code in rj_delete causing
710
* an OOPS and hence, netlink device open errors.
712
* Revision 1.2 1998/04/12 22:03:22 rgb
713
* Updated ESP-3DES-HMAC-MD5-96,
714
* ESP-DES-HMAC-MD5-96,
716
* AH-HMAC-SHA1-96 since Henry started freeswan cvs repository
717
* from old standards (RFC182[5-9] to new (as of March 1998) drafts.
719
* Fixed eroute references in /proc/net/ipsec*.
721
* Started to patch module unloading memory leaks in ipsec_netlink and
722
* radij tree unloading.
724
* Revision 1.1 1998/04/09 03:06:05 henry
725
* sources moved up from linux/net/ipsec
727
* Revision 1.1.1.1 1998/04/08 05:35:02 henry
728
* RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
730
* Revision 0.4 1997/01/15 01:28:15 ji
733
* Revision 0.3 1996/11/20 14:39:04 ji
734
* Fixed problem with node names of /proc/net entries.
735
* Other minor cleanups.
736
* Rationalized debugging code.
738
* Revision 0.2 1996/11/02 00:18:33 ji
739
* First limited release.
742
* c-file-style: "linux"