Context Navigation

libpfkey.h @ ff36f5e

55-freebsd-126-freebsd-12

Last change on this file since ff36f5e was ff36f5e, checked in by Christian Mauderer <christian.mauderer@…>, on 05/30/18 at 12:27:35

Import ipsec-tools 0.8.2.

Import unchanged ipsec-tools sources in the release version 0.8.2. The
homepage of ipsec-tools is http://ipsec-tools.sourceforge.net/. The
sources can be obtained from there.

Property mode set to 100644

File size: 8.5 KB

Line
1	/* $NetBSD: libpfkey.h,v 1.18 2010/12/03 14:32:52 tteras Exp $ */
2
3	/* Id: libpfkey.h,v 1.13 2005/12/04 20:26:43 manubsd Exp */
4
5	/*
6	* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
7	* All rights reserved.
8	*
9	* Redistribution and use in source and binary forms, with or without
10	* modification, are permitted provided that the following conditions
11	* are met:
12	* 1. Redistributions of source code must retain the above copyright
13	* notice, this list of conditions and the following disclaimer.
14	* 2. Redistributions in binary form must reproduce the above copyright
15	* notice, this list of conditions and the following disclaimer in the
16	* documentation and/or other materials provided with the distribution.
17	* 3. Neither the name of the project nor the names of its contributors
18	* may be used to endorse or promote products derived from this software
19	* without specific prior written permission.
20	*
21	* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
22	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24	* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
25	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31	* SUCH DAMAGE.
32	*/
33
34	#ifndef _LIBPFKEY_H
35	#define _LIBPFKEY_H
36
37	#ifndef KAME_LIBPFKEY_H
38	#define KAME_LIBPFKEY_H
39
40	#define PRIORITY_LOW 0xC0000000
41	#define PRIORITY_DEFAULT 0x80000000
42	#define PRIORITY_HIGH 0x40000000
43
44	#define PRIORITY_OFFSET_POSITIVE_MAX 0x3fffffff
45	#define PRIORITY_OFFSET_NEGATIVE_MAX 0x40000000
46
47	struct sadb_msg;
48	extern void pfkey_sadump __P((struct sadb_msg *));
49	extern void pfkey_sadump_withports __P((struct sadb_msg *));
50	extern void pfkey_spdump __P((struct sadb_msg *));
51	extern void pfkey_spdump_withports __P((struct sadb_msg *));
52
53	struct sockaddr;
54	struct sadb_alg;
55
56	/* Accomodate different prototypes in <netinet6/ipsec.h> */
57	#include <sys/types.h>
58	#include PATH_IPSEC_H
59
60	#ifndef HAVE_IPSEC_POLICY_T
61	typedef caddr_t ipsec_policy_t;
62	#define __ipsec_const
63	#else
64	#define __ipsec_const const
65	#endif
66
67	struct pfkey_send_sa_args {
68	int so; /* socket */
69	u_int type;
70	u_int satype;
71	u_int mode;
72	struct sockaddr src; / IP src address for SA */
73	struct sockaddr dst; / IP dst address for SA */
74	u_int32_t spi; /* SA's spi */
75	u_int32_t reqid;
76	u_int wsize;
77	caddr_t keymat;
78	u_int e_type, e_keylen; /* Encryption alg and keylen */
79	u_int a_type, a_keylen; /* Authentication alg and key */
80	u_int flags;
81	u_int32_t l_alloc;
82	u_int32_t l_bytes;
83	u_int32_t l_addtime;
84	u_int32_t l_usetime;
85	u_int32_t seq;
86	u_int8_t l_natt_type;
87	u_int16_t l_natt_sport, l_natt_dport;
88	struct sockaddr *l_natt_oa;
89	u_int16_t l_natt_frag;
90	u_int8_t ctxdoi, ctxalg; /* Security context DOI and algorithm */
91	caddr_t ctxstr; /* Security context string */
92	u_int16_t ctxstrlen; /* length of security context string */
93	};
94
95	/* The options built into libipsec */
96	extern int libipsec_opt;
97	#define LIBIPSEC_OPT_NATT 0x01
98	#define LIBIPSEC_OPT_FRAG 0x02
99	#define LIBIPSEC_OPT_SEC_CTX 0x04
100
101	/* IPsec Library Routines */
102
103	int ipsec_check_keylen __P((u_int, u_int, u_int));
104	int ipsec_check_keylen2 __P((u_int, u_int, u_int));
105	int ipsec_get_keylen __P((u_int, u_int, struct sadb_alg *));
106	char ipsec_dump_policy_withports __P((void , const char *));
107	void ipsec_hexdump __P((const void *, int));
108	const char *ipsec_strerror __P((void));
109	void kdebug_sadb __P((struct sadb_msg *));
110	ipsec_policy_t ipsec_set_policy __P((__ipsec_const char *, int));
111	int ipsec_get_policylen __P((ipsec_policy_t));
112	char ipsec_dump_policy __P((ipsec_policy_t, __ipsec_const char ));
113
114	/* PFKey Routines */
115
116	u_int pfkey_set_softrate __P((u_int, u_int));
117	u_int pfkey_get_softrate __P((u_int));
118	int pfkey_send_getspi __P((int, u_int, u_int, struct sockaddr *,
119	struct sockaddr *, u_int32_t, u_int32_t, u_int32_t, u_int32_t));
120	int pfkey_send_getspi_nat __P((int, u_int, u_int,
121	struct sockaddr , struct sockaddr , u_int8_t, u_int16_t, u_int16_t,
122	u_int32_t, u_int32_t, u_int32_t, u_int32_t));
123
124	int pfkey_send_update2 __P((struct pfkey_send_sa_args *));
125	int pfkey_send_add2 __P((struct pfkey_send_sa_args *));
126	int pfkey_send_delete __P((int, u_int, u_int,
127	struct sockaddr , struct sockaddr , u_int32_t));
128	int pfkey_send_delete_all __P((int, u_int, u_int,
129	struct sockaddr , struct sockaddr ));
130	int pfkey_send_get __P((int, u_int, u_int,
131	struct sockaddr , struct sockaddr , u_int32_t));
132	int pfkey_send_register __P((int, u_int));
133	int pfkey_recv_register __P((int));
134	int pfkey_set_supported __P((struct sadb_msg *, int));
135	int pfkey_send_flush __P((int, u_int));
136	int pfkey_send_dump __P((int, u_int));
137	int pfkey_send_promisc_toggle __P((int, int));
138	int pfkey_send_spdadd __P((int, struct sockaddr *, u_int,
139	struct sockaddr *, u_int, u_int, caddr_t, int, u_int32_t));
140	int pfkey_send_spdadd2 __P((int, struct sockaddr *, u_int,
141	struct sockaddr *, u_int, u_int, u_int64_t, u_int64_t,
142	caddr_t, int, u_int32_t));
143	int pfkey_send_spdupdate __P((int, struct sockaddr *, u_int,
144	struct sockaddr *, u_int, u_int, caddr_t, int, u_int32_t));
145	int pfkey_send_spdupdate2 __P((int, struct sockaddr *, u_int,
146	struct sockaddr *, u_int, u_int, u_int64_t, u_int64_t,
147	caddr_t, int, u_int32_t));
148	int pfkey_send_spddelete __P((int, struct sockaddr *, u_int,
149	struct sockaddr *, u_int, u_int, caddr_t, int, u_int32_t));
150	int pfkey_send_spddelete2 __P((int, u_int32_t));
151	int pfkey_send_spdget __P((int, u_int32_t));
152	int pfkey_send_spdsetidx __P((int, struct sockaddr *, u_int,
153	struct sockaddr *, u_int, u_int, caddr_t, int, u_int32_t));
154	int pfkey_send_spdflush __P((int));
155	int pfkey_send_spddump __P((int));
156	#ifdef SADB_X_MIGRATE
157	int pfkey_send_migrate __P((int, struct sockaddr , struct sockaddr ,
158	struct sockaddr , u_int, struct sockaddr , u_int, u_int,
159	caddr_t, int, u_int32_t));
160	#endif
161
162	/* XXX should be somewhere else !!!
163	*/
164	#ifdef SADB_X_EXT_NAT_T_TYPE
165	#define PFKEY_ADDR_X_PORT(ext) (ntohs(((struct sadb_x_nat_t_port *)ext)->sadb_x_nat_t_port_port))
166	#define PFKEY_ADDR_X_NATTYPE(ext) ( ext != NULL && ((struct sadb_x_nat_t_type *)ext)->sadb_x_nat_t_type_type )
167	#endif
168
169
170	int pfkey_open __P((void));
171	void pfkey_close __P((int));
172	int pfkey_set_buffer_size __P((int, int));
173	struct sadb_msg *pfkey_recv __P((int));
174	int pfkey_send __P((int, struct sadb_msg *, int));
175	int pfkey_align __P((struct sadb_msg , caddr_t ));
176	int pfkey_check __P((caddr_t *));
177
178	/*
179	* Deprecated, available for backward compatibility with third party
180	* libipsec users. Please use pfkey_send_update2 and pfkey_send_add2 instead
181	*/
182	int pfkey_send_update __P((int, u_int, u_int, struct sockaddr *,
183	struct sockaddr *, u_int32_t, u_int32_t, u_int,
184	caddr_t, u_int, u_int, u_int, u_int, u_int, u_int32_t, u_int64_t,
185	u_int64_t, u_int64_t, u_int32_t));
186	int pfkey_send_update_nat __P((int, u_int, u_int, struct sockaddr *,
187	struct sockaddr *, u_int32_t, u_int32_t, u_int,
188	caddr_t, u_int, u_int, u_int, u_int, u_int, u_int32_t, u_int64_t,
189	u_int64_t, u_int64_t, u_int32_t,
190	u_int8_t, u_int16_t, u_int16_t, struct sockaddr *, u_int16_t));
191	int pfkey_send_add __P((int, u_int, u_int, struct sockaddr *,
192	struct sockaddr *, u_int32_t, u_int32_t, u_int,
193	caddr_t, u_int, u_int, u_int, u_int, u_int, u_int32_t, u_int64_t,
194	u_int64_t, u_int64_t, u_int32_t));
195	int pfkey_send_add_nat __P((int, u_int, u_int, struct sockaddr *,
196	struct sockaddr *, u_int32_t, u_int32_t, u_int,
197	caddr_t, u_int, u_int, u_int, u_int, u_int, u_int32_t, u_int64_t,
198	u_int64_t, u_int64_t, u_int32_t,
199	u_int8_t, u_int16_t, u_int16_t, struct sockaddr *, u_int16_t));
200
201	#ifndef __SYSDEP_SA_LEN__
202	#define __SYSDEP_SA_LEN__
203	#include <netinet/in.h>
204
205	#ifndef IPPROTO_IPV4
206	#define IPPROTO_IPV4 IPPROTO_IPIP
207	#endif
208
209	#ifndef IPPROTO_IPCOMP
210	#define IPPROTO_IPCOMP IPPROTO_COMP
211	#endif
212
213	#ifndef IPPROTO_MH
214	#define IPPROTO_MH 135
215	#endif
216
217	static __inline u_int8_t
218	sysdep_sa_len (const struct sockaddr *sa)
219	{
220	#ifdef __linux__
221	switch (sa->sa_family)
222	{
223	case AF_INET:
224	return sizeof (struct sockaddr_in);
225	case AF_INET6:
226	return sizeof (struct sockaddr_in6);
227	}
228	// log_print ("sysdep_sa_len: unknown sa family %d", sa->sa_family);
229	return sizeof (struct sockaddr_in);
230	#else
231	return sa->sa_len;
232	#endif
233	}
234	#endif
235
236	#endif /* KAME_LIBPFKEY_H */
237
238	#endif /* _LIBPFKEY_H */

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: rtems-libbsd/ipsec-tools/src/libipsec/libpfkey.h @ ff36f5e

Download in other formats: