sync with kame tree as of july00. tons of bug fixes/improvements.

API changes:
- additional IPv6 ioctls
- IPsec PF_KEY API was changed, it is mandatory to upgrade setkey(8).
  (also syntax change)

7 files changed, 53 insertions, 45 deletions

diff --git a/sys/crypto/blowfish/bf_cbc.c b/sys/crypto/blowfish/bf_cbc.c
index 47092cb..6eb6d3b 100644
--- a/sys/crypto/blowfish/bf_cbc.c
+++ b/sys/crypto/blowfish/bf_cbc.c
@@ -1,3 +1,6 @@
+/*	$FreeBSD$	*/
+/*	$KAME: bf_cbc.c,v 1.3 2000/03/27 04:36:25 sumikawa Exp $	*/
+
 /* crypto/bf/bf_cbc.c */
 /* Copyright (C) 1995-1997 Eric Young (eay@mincom.oz.au)
  * All rights reserved.
@@ -54,8 +57,6 @@
  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
- *
- * $FreeBSD$
  */
 
 #include <crypto/blowfish/blowfish.h>
diff --git a/sys/crypto/blowfish/bf_cbc_m.c b/sys/crypto/blowfish/bf_cbc_m.c
index 20df977..088adad 100644
--- a/sys/crypto/blowfish/bf_cbc_m.c
+++ b/sys/crypto/blowfish/bf_cbc_m.c
@@ -1,3 +1,6 @@
+/*	$FreeBSD$	*/
+/*	$KAME: bf_cbc_m.c,v 1.4 2000/06/14 10:41:16 itojun Exp $	*/
+
 /*
  * heavily modified to accept mbuf, by Jun-ichiro itojun Itoh
  * <itojun@itojun.org>, 1997.
@@ -58,8 +61,6 @@
  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
- *
- * $FreeBSD$
  */
 
 #include <sys/param.h>
@@ -69,9 +70,9 @@
 #include <crypto/blowfish/blowfish.h>
 #include <crypto/blowfish/bf_locl.h>
 
-#define	panic(x) {printf(x); return;}
+#define panic(x)	do { printf(x); return EINVAL; } while (0)
 
-void BF_cbc_encrypt_m(m0, skip, length, key, iv, mode)
+int BF_cbc_encrypt_m(m0, skip, length, key, iv, mode)
 	struct mbuf *m0;
 	int skip;
 	int length;
@@ -89,19 +90,19 @@ void BF_cbc_encrypt_m(m0, skip, length, key, iv, mode)
 	/* sanity checks */
 	if (m0->m_pkthdr.len < skip) {
 		printf("mbuf length < skip\n");
-		return;
+		return EINVAL;
 	}
 	if (m0->m_pkthdr.len < length) {
 		printf("mbuf length < encrypt length\n");
-		return;
+		return EINVAL;
 	}
 	if (m0->m_pkthdr.len < skip + length) {
 		printf("mbuf length < skip + encrypt length\n");
-		return;
+		return EINVAL;
 	}
 	if (length % 8) {
 		printf("length is not multiple of 8\n");
-		return;
+		return EINVAL;
 	}
 
 	m = m0;
@@ -155,7 +156,7 @@ void BF_cbc_encrypt_m(m0, skip, length, key, iv, mode)
 				while (in - &inbuf[0] < 8) {
 					if (!p)
 						panic("mbuf chain?\n");
-
+					
 					*in++ = *p++;
 					noff++;
 					if (noff < n->m_len)
@@ -337,4 +338,6 @@ void BF_cbc_encrypt_m(m0, skip, length, key, iv, mode)
 			length -= 8;
 		}
 	}
+
+	return 0;
 }
diff --git a/sys/crypto/blowfish/bf_enc.c b/sys/crypto/blowfish/bf_enc.c
index b24e538..6a3bef6 100644
--- a/sys/crypto/blowfish/bf_enc.c
+++ b/sys/crypto/blowfish/bf_enc.c
@@ -1,3 +1,6 @@
+/*	$FreeBSD$	*/
+/*	$KAME: bf_enc.c,v 1.3 2000/03/27 04:36:26 sumikawa Exp $	*/
+
 /* crypto/bf/bf_enc.c */
 /* Copyright (C) 1995-1997 Eric Young (eay@mincom.oz.au)
  * All rights reserved.
@@ -54,8 +57,6 @@
  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
- *
- * $FreeBSD$
  */
 
 #include <crypto/blowfish/blowfish.h>
diff --git a/sys/crypto/blowfish/bf_locl.h b/sys/crypto/blowfish/bf_locl.h
index e0b62f1..07598d2 100644
--- a/sys/crypto/blowfish/bf_locl.h
+++ b/sys/crypto/blowfish/bf_locl.h
@@ -1,3 +1,6 @@
+/*	$FreeBSD$	*/
+/*	$KAME: bf_locl.h,v 1.3 2000/03/27 04:36:26 sumikawa Exp $	*/
+
 /* crypto/bf/bf_local.h */
 /* Copyright (C) 1995-1997 Eric Young (eay@mincom.oz.au)
  * All rights reserved.
@@ -54,8 +57,6 @@
  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
- *
- * $FreeBSD$
  */
 /* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
  *
@@ -66,14 +67,14 @@
  */
 
 #undef c2l
-#define	c2l(c,l)	(l =((unsigned long)(*((c)++)))    , \
+#define c2l(c,l)	(l =((unsigned long)(*((c)++)))    , \
 			 l|=((unsigned long)(*((c)++)))<< 8L, \
 			 l|=((unsigned long)(*((c)++)))<<16L, \
 			 l|=((unsigned long)(*((c)++)))<<24L)
 
 /* NOTE - c is not incremented as per c2l */
 #undef c2ln
-#define	c2ln(c,l1,l2,n)	{ \
+#define c2ln(c,l1,l2,n)	{ \
 			c+=n; \
 			l1=l2=0; \
 			switch (n) { \
@@ -89,14 +90,14 @@
 			}
 
 #undef l2c
-#define	l2c(l,c)	(*((c)++)=(unsigned char)(((l)     )&0xff), \
+#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)     )&0xff), \
 			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
 			 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
 			 *((c)++)=(unsigned char)(((l)>>24L)&0xff))
 
 /* NOTE - c is not incremented as per l2c */
 #undef l2cn
-#define	l2cn(l1,l2,c,n)	{ \
+#define l2cn(l1,l2,c,n)	{ \
 			c+=n; \
 			switch (n) { \
 			case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
@@ -111,7 +112,7 @@
 			}
 
 /* NOTE - c is not incremented as per n2l */
-#define	n2ln(c,l1,l2,n)	{ \
+#define n2ln(c,l1,l2,n)	{ \
 			c+=n; \
 			l1=l2=0; \
 			switch (n) { \
@@ -127,7 +128,7 @@
 			}
 
 /* NOTE - c is not incremented as per l2n */
-#define	l2nn(l1,l2,c,n)	{ \
+#define l2nn(l1,l2,c,n)	{ \
 			c+=n; \
 			switch (n) { \
 			case 8: *(--(c))=(unsigned char)(((l2)    )&0xff); \
@@ -142,13 +143,13 @@
 			}
 
 #undef n2l
-#define	n2l(c,l)        (l =((unsigned long)(*((c)++)))<<24L, \
+#define n2l(c,l)        (l =((unsigned long)(*((c)++)))<<24L, \
                          l|=((unsigned long)(*((c)++)))<<16L, \
                          l|=((unsigned long)(*((c)++)))<< 8L, \
                          l|=((unsigned long)(*((c)++))))
 
 #undef l2n
-#define	l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+#define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
                          *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
                          *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
                          *((c)++)=(unsigned char)(((l)     )&0xff))
@@ -164,16 +165,16 @@
 #undef BF_PTR
 #endif
 
-#define	BF_M	0x3fc
-#define	BF_0	22L
-#define	BF_1	14L
-#define	BF_2	 6L
-#define	BF_3	 2L /* left shift */
+#define BF_M	0x3fc
+#define BF_0	22L
+#define BF_1	14L
+#define BF_2	 6L
+#define BF_3	 2L /* left shift */
 
 #if defined(BF_PTR2)
 
 /* This is basically a special pentium verson */
-#define	BF_ENC(LL,R,S,P) \
+#define BF_ENC(LL,R,S,P) \
 	{ \
 	BF_LONG t,u,v; \
 	u=R>>BF_0; \
@@ -196,7 +197,7 @@
 
 /* This is normally very good */
 
-#define	BF_ENC(LL,R,S,P) \
+#define BF_ENC(LL,R,S,P) \
 	LL^=P; \
 	LL^= (((*(BF_LONG *)((unsigned char *)&(S[  0])+((R>>BF_0)&BF_M))+ \
 		*(BF_LONG *)((unsigned char *)&(S[256])+((R>>BF_1)&BF_M)))^ \
@@ -208,7 +209,7 @@
  * on the Alpha it is faster than the pointer versions (both 32 and 64
  * versions of BF_LONG) */
 
-#define	BF_ENC(LL,R,S,P) \
+#define BF_ENC(LL,R,S,P) \
 	LL^=P; \
 	LL^=(((	S[        (R>>24L)      ] + \
 		S[0x0100+((R>>16L)&0xff)])^ \
diff --git a/sys/crypto/blowfish/bf_pi.h b/sys/crypto/blowfish/bf_pi.h
index 1a397e8..8982aac 100644
--- a/sys/crypto/blowfish/bf_pi.h
+++ b/sys/crypto/blowfish/bf_pi.h
@@ -1,3 +1,6 @@
+/*	$FreeBSD$	*/
+/*	$KAME: bf_pi.h,v 1.3 2000/03/27 04:36:26 sumikawa Exp $	*/
+
 /* crypto/bf/bf_pi.h */
 /* Copyright (C) 1995-1997 Eric Young (eay@mincom.oz.au)
  * All rights reserved.
@@ -54,8 +57,6 @@
  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
- *
- * $FreeBSD$
  */
 
 static BF_KEY bf_init= {
diff --git a/sys/crypto/blowfish/bf_skey.c b/sys/crypto/blowfish/bf_skey.c
index 04729e1..5717c3f 100644
--- a/sys/crypto/blowfish/bf_skey.c
+++ b/sys/crypto/blowfish/bf_skey.c
@@ -1,3 +1,6 @@
+/*	$FreeBSD$	*/
+/*	$KAME: bf_skey.c,v 1.3 2000/03/27 04:36:27 sumikawa Exp $	*/
+
 /* crypto/bf/bf_skey.c */
 /* Copyright (C) 1995-1997 Eric Young (eay@mincom.oz.au)
  * All rights reserved.
@@ -54,8 +57,6 @@
  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
- *
- * $FreeBSD$
  */
 
 #include <sys/types.h>
diff --git a/sys/crypto/blowfish/blowfish.h b/sys/crypto/blowfish/blowfish.h
index d8e6d91..c96b4ec 100644
--- a/sys/crypto/blowfish/blowfish.h
+++ b/sys/crypto/blowfish/blowfish.h
@@ -1,3 +1,6 @@
+/*	$FreeBSD$	*/
+/*	$KAME: blowfish.h,v 1.4 2000/06/14 10:41:16 itojun Exp $	*/
+
 /* crypto/bf/blowfish.h */
 /* Copyright (C) 1995-1997 Eric Young (eay@mincom.oz.au)
  * All rights reserved.
@@ -54,28 +57,26 @@
  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
- *
- * $FreeBSD$
  */
 
 #ifndef HEADER_BLOWFISH_H
-#define	HEADER_BLOWFISH_H
+#define HEADER_BLOWFISH_H
 
 #ifdef  __cplusplus
 extern "C" {
 #endif
 
-#define	BF_ENCRYPT	1
-#define	BF_DECRYPT	0
+#define BF_ENCRYPT	1
+#define BF_DECRYPT	0
 
 /* If you make this 'unsigned int' the pointer variants will work on
  * the Alpha, otherwise they will not.  Strangly using the '8 byte'
  * BF_LONG and the default 'non-pointer' inner loop is the best configuration
  * for the Alpha */
-#define	BF_LONG unsigned long
+#define BF_LONG unsigned long
 
-#define	BF_ROUNDS	16
-#define	BF_BLOCK	8
+#define BF_ROUNDS	16
+#define BF_BLOCK	8
 
 typedef struct bf_key_st
 	{
@@ -99,8 +100,7 @@ char *BF_options(void);
 
 /* added by itojun */
 struct mbuf;
-void BF_cbc_encrypt_m(struct mbuf *, int, int, BF_KEY *,
-		unsigned char *, int);
+int BF_cbc_encrypt_m(struct mbuf *, int, int, BF_KEY *, unsigned char *, int);
 
 #else