fxr.watson.org: OPENBSD sys/net/pfkeyv2.h

FreeBSD/Linux Kernel Cross Reference
sys/net/pfkeyv2.h

Version: - FREEBSD - FREEBSD-13-STABLE - FREEBSD-13-0 - FREEBSD-12-STABLE - FREEBSD-12-0 - FREEBSD-11-STABLE - FREEBSD-11-0 - FREEBSD-10-STABLE - FREEBSD-10-0 - FREEBSD-9-STABLE - FREEBSD-9-0 - FREEBSD-8-STABLE - FREEBSD-8-0 - FREEBSD-7-STABLE - FREEBSD-7-0 - FREEBSD-6-STABLE - FREEBSD-6-0 - FREEBSD-5-STABLE - FREEBSD-5-0 - FREEBSD-4-STABLE - FREEBSD-3-STABLE - FREEBSD22 - l41 - OPENBSD - linux-2.6 - MK84 - PLAN9 - xnu-8792
SearchContext: - none - 3 - 10

1 /* $OpenBSD: pfkeyv2.h,v 1.93 2022/08/27 20:28:01 mvs Exp $ */ 2 /* 3 * @(#)COPYRIGHT 1.1 (NRL) January 1998 4 * 5 * NRL grants permission for redistribution and use in source and binary 6 * forms, with or without modification, of the software and documentation 7 * created at NRL provided that the following conditions are met: 8 * 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 3. All advertising materials mentioning features or use of this software 15 * must display the following acknowledgements: 16 * This product includes software developed by the University of 17 * California, Berkeley and its contributors. 18 * This product includes software developed at the Information 19 * Technology Division, US Naval Research Laboratory. 20 * 4. Neither the name of the NRL nor the names of its contributors 21 * may be used to endorse or promote products derived from this software 22 * without specific prior written permission. 23 * 24 * THE SOFTWARE PROVIDED BY NRL IS PROVIDED BY NRL AND CONTRIBUTORS ``AS 25 * IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 26 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A 27 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL NRL OR 28 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 29 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 30 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 31 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 32 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 33 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 34 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35 * 36 * The views and conclusions contained in the software and documentation 37 * are those of the authors and should not be interpreted as representing 38 * official policies, either expressed or implied, of the US Naval 39 * Research Laboratory (NRL). 40 */ 41 42 #ifndef _NET_PFKEY_V2_H_ 43 #define _NET_PFKEY_V2_H_ 44 45 #define PF_KEY_V2 2 46 #define PFKEYV2_REVISION 199806L 47 48 /* This should be updated whenever the API is altered. */ 49 #define _OPENBSD_IPSEC_API_VERSION 2 50 51 #define SADB_RESERVED 0 52 #define SADB_GETSPI 1 53 #define SADB_UPDATE 2 54 #define SADB_ADD 3 55 #define SADB_DELETE 4 56 #define SADB_GET 5 57 #define SADB_ACQUIRE 6 58 #define SADB_REGISTER 7 59 #define SADB_EXPIRE 8 60 #define SADB_FLUSH 9 61 #define SADB_DUMP 10 62 #define SADB_X_PROMISC 11 63 #define SADB_X_ADDFLOW 12 64 #define SADB_X_DELFLOW 13 65 #define SADB_X_GRPSPIS 14 66 #define SADB_X_ASKPOLICY 15 67 #define SADB_X_SPDDUMP 16 68 #define SADB_MAX 16 69 70 struct sadb_msg { 71 uint8_t sadb_msg_version; 72 uint8_t sadb_msg_type; 73 uint8_t sadb_msg_errno; 74 uint8_t sadb_msg_satype; 75 uint16_t sadb_msg_len; 76 uint16_t sadb_msg_reserved; 77 uint32_t sadb_msg_seq; 78 uint32_t sadb_msg_pid; 79 }; 80 81 struct sadb_ext { 82 uint16_t sadb_ext_len; 83 uint16_t sadb_ext_type; 84 }; 85 86 struct sadb_sa { 87 uint16_t sadb_sa_len; 88 uint16_t sadb_sa_exttype; 89 uint32_t sadb_sa_spi; 90 uint8_t sadb_sa_replay; 91 uint8_t sadb_sa_state; 92 uint8_t sadb_sa_auth; 93 uint8_t sadb_sa_encrypt; 94 uint32_t sadb_sa_flags; 95 }; 96 97 struct sadb_lifetime { 98 uint16_t sadb_lifetime_len; 99 uint16_t sadb_lifetime_exttype; 100 uint32_t sadb_lifetime_allocations; 101 uint64_t sadb_lifetime_bytes; 102 uint64_t sadb_lifetime_addtime; 103 uint64_t sadb_lifetime_usetime; 104 }; 105 106 struct sadb_address { 107 uint16_t sadb_address_len; 108 uint16_t sadb_address_exttype; 109 uint32_t sadb_address_reserved; 110 }; 111 112 struct sadb_key { 113 uint16_t sadb_key_len; 114 uint16_t sadb_key_exttype; 115 uint16_t sadb_key_bits; 116 uint16_t sadb_key_reserved; 117 }; 118 119 struct sadb_ident { 120 uint16_t sadb_ident_len; 121 uint16_t sadb_ident_exttype; 122 uint16_t sadb_ident_type; 123 uint16_t sadb_ident_reserved; 124 uint64_t sadb_ident_id; 125 }; 126 127 struct sadb_sens { 128 uint16_t sadb_sens_len; 129 uint16_t sadb_sens_exttype; 130 uint32_t sadb_sens_dpd; 131 uint8_t sadb_sens_sens_level; 132 uint8_t sadb_sens_sens_len; 133 uint8_t sadb_sens_integ_level; 134 uint8_t sadb_sens_integ_len; 135 uint32_t sadb_sens_reserved; 136 }; 137 138 struct sadb_prop { 139 uint16_t sadb_prop_len; 140 uint16_t sadb_prop_exttype; 141 uint8_t sadb_prop_num; 142 uint8_t sadb_prop_replay; 143 uint16_t sadb_prop_reserved; 144 }; 145 146 struct sadb_comb { 147 uint8_t sadb_comb_auth; 148 uint8_t sadb_comb_encrypt; 149 uint16_t sadb_comb_flags; 150 uint16_t sadb_comb_auth_minbits; 151 uint16_t sadb_comb_auth_maxbits; 152 uint16_t sadb_comb_encrypt_minbits; 153 uint16_t sadb_comb_encrypt_maxbits; 154 uint32_t sadb_comb_reserved; 155 uint32_t sadb_comb_soft_allocations; 156 uint32_t sadb_comb_hard_allocations; 157 uint64_t sadb_comb_soft_bytes; 158 uint64_t sadb_comb_hard_bytes; 159 uint64_t sadb_comb_soft_addtime; 160 uint64_t sadb_comb_hard_addtime; 161 uint64_t sadb_comb_soft_usetime; 162 uint64_t sadb_comb_hard_usetime; 163 }; 164 165 struct sadb_supported { 166 uint16_t sadb_supported_len; 167 uint16_t sadb_supported_exttype; 168 uint32_t sadb_supported_reserved; 169 }; 170 171 struct sadb_alg { 172 uint8_t sadb_alg_id; 173 uint8_t sadb_alg_ivlen; 174 uint16_t sadb_alg_minbits; 175 uint16_t sadb_alg_maxbits; 176 uint16_t sadb_alg_reserved; 177 }; 178 179 struct sadb_spirange { 180 uint16_t sadb_spirange_len; 181 uint16_t sadb_spirange_exttype; 182 uint32_t sadb_spirange_min; 183 uint32_t sadb_spirange_max; 184 uint32_t sadb_spirange_reserved; 185 }; 186 187 struct sadb_protocol { 188 uint16_t sadb_protocol_len; 189 uint16_t sadb_protocol_exttype; 190 uint8_t sadb_protocol_proto; 191 uint8_t sadb_protocol_direction; 192 uint8_t sadb_protocol_flags; 193 uint8_t sadb_protocol_reserved2; 194 }; 195 196 struct sadb_x_policy { 197 uint16_t sadb_x_policy_len; 198 uint16_t sadb_x_policy_exttype; 199 uint32_t sadb_x_policy_seq; 200 }; 201 202 struct sadb_x_udpencap { 203 uint16_t sadb_x_udpencap_len; 204 uint16_t sadb_x_udpencap_exttype; 205 uint16_t sadb_x_udpencap_port; 206 uint16_t sadb_x_udpencap_reserved; 207 }; 208 209 struct sadb_x_tag { 210 uint16_t sadb_x_tag_len; 211 uint16_t sadb_x_tag_exttype; 212 uint32_t sadb_x_tag_taglen; 213 }; 214 215 struct sadb_x_replay { 216 uint16_t sadb_x_replay_len; 217 uint16_t sadb_x_replay_exttype; 218 uint32_t sadb_x_replay_reserved; 219 uint64_t sadb_x_replay_count; 220 }; 221 222 struct sadb_x_rdomain { 223 uint16_t sadb_x_rdomain_len; 224 uint16_t sadb_x_rdomain_exttype; 225 uint16_t sadb_x_rdomain_dom1; 226 uint16_t sadb_x_rdomain_dom2; 227 }; 228 229 struct sadb_x_tap { 230 uint16_t sadb_x_tap_len; 231 uint16_t sadb_x_tap_exttype; 232 uint32_t sadb_x_tap_unit; 233 }; 234 235 struct sadb_x_counter { 236 uint16_t sadb_x_counter_len; 237 uint16_t sadb_x_counter_exttype; 238 uint32_t sadb_x_counter_pad; 239 uint64_t sadb_x_counter_ipackets; /* Input IPsec packets */ 240 uint64_t sadb_x_counter_opackets; /* Output IPsec packets */ 241 uint64_t sadb_x_counter_ibytes; /* Input bytes */ 242 uint64_t sadb_x_counter_obytes; /* Output bytes */ 243 uint64_t sadb_x_counter_idrops; /* Dropped on input */ 244 uint64_t sadb_x_counter_odrops; /* Dropped on output */ 245 uint64_t sadb_x_counter_idecompbytes; /* Input bytes, decompressed */ 246 uint64_t sadb_x_counter_ouncompbytes; /* Output bytes, uncompressed */ 247 }; 248 249 struct sadb_x_mtu { 250 uint16_t sadb_x_mtu_len; 251 uint16_t sadb_x_mtu_exttype; 252 uint32_t sadb_x_mtu_mtu; 253 }; 254 255 #ifdef _KERNEL 256 #define SADB_X_GETSPROTO(x) \ 257 ( (x) == SADB_SATYPE_AH ? IPPROTO_AH :\ 258 (x) == SADB_SATYPE_ESP ? IPPROTO_ESP :\ 259 (x) == SADB_X_SATYPE_TCPSIGNATURE ? IPPROTO_TCP :\ 260 (x) == SADB_X_SATYPE_IPCOMP ? IPPROTO_IPCOMP: IPPROTO_IPIP ) 261 #endif 262 263 #define SADB_EXT_RESERVED 0 264 #define SADB_EXT_SA 1 265 #define SADB_EXT_LIFETIME_CURRENT 2 266 #define SADB_EXT_LIFETIME_HARD 3 267 #define SADB_EXT_LIFETIME_SOFT 4 268 #define SADB_EXT_ADDRESS_SRC 5 269 #define SADB_EXT_ADDRESS_DST 6 270 #define SADB_EXT_ADDRESS_PROXY 7 271 #define SADB_EXT_KEY_AUTH 8 272 #define SADB_EXT_KEY_ENCRYPT 9 273 #define SADB_EXT_IDENTITY_SRC 10 274 #define SADB_EXT_IDENTITY_DST 11 275 #define SADB_EXT_SENSITIVITY 12 276 #define SADB_EXT_PROPOSAL 13 277 #define SADB_EXT_SUPPORTED_AUTH 14 278 #define SADB_EXT_SUPPORTED_ENCRYPT 15 279 #define SADB_EXT_SPIRANGE 16 280 #define SADB_X_EXT_SRC_MASK 17 281 #define SADB_X_EXT_DST_MASK 18 282 #define SADB_X_EXT_PROTOCOL 19 283 #define SADB_X_EXT_FLOW_TYPE 20 284 #define SADB_X_EXT_SRC_FLOW 21 285 #define SADB_X_EXT_DST_FLOW 22 286 #define SADB_X_EXT_SA2 23 287 #define SADB_X_EXT_DST2 24 288 #define SADB_X_EXT_POLICY 25 289 #define SADB_X_EXT_LOCAL_CREDENTIALS 26 290 #define SADB_X_EXT_REMOTE_CREDENTIALS 27 291 #define SADB_X_EXT_LOCAL_AUTH 28 292 #define SADB_X_EXT_REMOTE_AUTH 29 293 #define SADB_X_EXT_SUPPORTED_COMP 30 294 #define SADB_X_EXT_UDPENCAP 31 295 #define SADB_X_EXT_LIFETIME_LASTUSE 32 296 #define SADB_X_EXT_TAG 33 297 #define SADB_X_EXT_TAP 34 298 #define SADB_X_EXT_SATYPE2 35 299 #define SADB_X_EXT_COUNTER 36 300 #define SADB_X_EXT_RDOMAIN 37 301 #define SADB_X_EXT_MTU 38 302 #define SADB_X_EXT_REPLAY 39 303 #define SADB_EXT_MAX 39 304 305 /* Fix pfkeyv2.c struct pfkeyv2_socket if SATYPE_MAX > 31 */ 306 #define SADB_SATYPE_UNSPEC 0 307 #define SADB_SATYPE_AH 1 308 #define SADB_SATYPE_ESP 2 309 #define SADB_SATYPE_RSVP 3 310 #define SADB_SATYPE_OSPFV2 4 311 #define SADB_SATYPE_RIPV2 5 312 #define SADB_SATYPE_MIP 6 313 #define SADB_X_SATYPE_IPIP 7 314 #define SADB_X_SATYPE_TCPSIGNATURE 8 315 #define SADB_X_SATYPE_IPCOMP 9 316 #define SADB_SATYPE_MAX 9 317 318 #define SADB_SASTATE_LARVAL 0 319 #define SADB_SASTATE_MATURE 1 320 #define SADB_SASTATE_DYING 2 321 #define SADB_SASTATE_DEAD 3 322 #define SADB_SASTATE_MAX 3 323 324 #define SADB_AALG_NONE 0 325 #define SADB_AALG_MD5HMAC 2 326 #define SADB_AALG_SHA1HMAC 3 327 #define SADB_X_AALG_SHA2_256 5 328 #define SADB_X_AALG_SHA2_384 6 329 #define SADB_X_AALG_SHA2_512 7 330 #define SADB_X_AALG_RIPEMD160HMAC 8 331 #define SADB_X_AALG_AES128GMAC 9 332 #define SADB_X_AALG_AES192GMAC 10 333 #define SADB_X_AALG_AES256GMAC 11 334 #define SADB_X_AALG_CHACHA20POLY1305 12 335 #define SADB_AALG_MAX 12 336 337 #define SADB_EALG_NONE 0 338 #define SADB_EALG_3DESCBC 3 339 #define SADB_X_EALG_CAST 6 340 #define SADB_X_EALG_BLF 7 341 #define SADB_EALG_NULL 11 342 #define SADB_X_EALG_AES 12 343 #define SADB_X_EALG_AESCTR 13 344 #define SADB_X_EALG_AESGCM8 18 345 #define SADB_X_EALG_AESGCM12 19 346 #define SADB_X_EALG_AESGCM16 20 347 #define SADB_X_EALG_AESGMAC 21 348 #define SADB_X_EALG_CHACHA20POLY1305 22 349 #define SADB_EALG_MAX 22 350 351 #define SADB_X_CALG_NONE 0 352 #define SADB_X_CALG_OUI 1 353 #define SADB_X_CALG_DEFLATE 2 354 #define SADB_X_CALG_MAX 2 355 356 #define SADB_SAFLAGS_PFS 0x001 /* perfect forward secrecy */ 357 #define SADB_X_SAFLAGS_TUNNEL 0x004 /* Force tunneling */ 358 #define SADB_X_SAFLAGS_CHAINDEL 0x008 /* Delete whole SA chain */ 359 #define SADB_X_SAFLAGS_UDPENCAP 0x200 /* ESP in UDP */ 360 #define SADB_X_SAFLAGS_ESN 0x400 /* Extended Sequence Number */ 361 362 #define SADB_X_POLICYFLAGS_POLICY 0x0001 /* This is a static policy */ 363 364 #define SADB_IDENTTYPE_RESERVED 0 365 #define SADB_IDENTTYPE_PREFIX 1 366 #define SADB_IDENTTYPE_FQDN 2 367 #define SADB_IDENTTYPE_USERFQDN 3 368 #define SADB_IDENTTYPE_ASN1_DN 4 369 #define SADB_IDENTTYPE_MAX 4 370 371 #define SADB_KEY_FLAGS_MAX 0 372 373 #ifdef _KERNEL 374 #define PFKEYV2_LIFETIME_HARD 0 375 #define PFKEYV2_LIFETIME_SOFT 1 376 #define PFKEYV2_LIFETIME_CURRENT 2 377 #define PFKEYV2_LIFETIME_LASTUSE 3 378 379 #define PFKEYV2_IDENTITY_SRC 0 380 #define PFKEYV2_IDENTITY_DST 1 381 382 #define PFKEYV2_ENCRYPTION_KEY 0 383 #define PFKEYV2_AUTHENTICATION_KEY 1 384 385 #define PFKEYV2_SOCKETFLAGS_REGISTERED 1 386 #define PFKEYV2_SOCKETFLAGS_PROMISC 2 387 388 #define PFKEYV2_SENDMESSAGE_UNICAST 1 389 #define PFKEYV2_SENDMESSAGE_REGISTERED 2 390 #define PFKEYV2_SENDMESSAGE_BROADCAST 3 391 #endif /* _KERNEL */ 392 393 #define SADB_X_FLOW_TYPE_USE 1 394 #define SADB_X_FLOW_TYPE_ACQUIRE 2 395 #define SADB_X_FLOW_TYPE_REQUIRE 3 396 #define SADB_X_FLOW_TYPE_BYPASS 4 397 #define SADB_X_FLOW_TYPE_DENY 5 398 #define SADB_X_FLOW_TYPE_DONTACQ 6 399 400 #ifdef _KERNEL 401 struct tdb; 402 struct socket; 403 struct mbuf; 404 405 #define EXTLEN(x) (((struct sadb_ext *)(x))->sadb_ext_len * sizeof(uint64_t)) 406 #define PADUP(x) (((x) + sizeof(uint64_t) - 1) & ~(sizeof(uint64_t) - 1)) 407 408 int pfkeyv2_parsemessage(void *, int, void **); 409 int pfkeyv2_expire(struct tdb *, u_int16_t); 410 int pfkeyv2_acquire(struct ipsec_policy *, union sockaddr_union *, 411 union sockaddr_union *, u_int32_t *, struct sockaddr_encap *); 412 413 int pfkeyv2_get(struct tdb *, void **, void **, int *, int *); 414 int pfkeyv2_policy(struct ipsec_acquire *, void **, void **, int *); 415 int pfkeyv2_dosend(struct socket *, void *, int); 416 int pfkeyv2_sendmessage(void **, int, struct socket *, u_int8_t, int, u_int); 417 int pfkeyv2_dump_policy(struct ipsec_policy *, void **, void **, int *); 418 int pfkeyv2_dump_walker(struct tdb *, void *, int); 419 int pfkeyv2_get_proto_alg(u_int8_t, u_int8_t *, int *); 420 int pfkeyv2_sysctl(int *, u_int, void *, size_t *, void *, size_t); 421 int pfkeyv2_sysctl_walker(struct tdb *, void *, int); 422 int pfkeyv2_sysctl_dump(void *); 423 424 int pfdatatopacket(void *, int, struct mbuf **); 425 426 void export_address(void **, struct sockaddr *); 427 void export_identities(void **, struct ipsec_ids *, int, void **); 428 void export_lifetime(void **, struct tdb *, int); 429 void export_sa(void **, struct tdb *); 430 void export_flow(void **, u_int8_t, struct sockaddr_encap *, 431 struct sockaddr_encap *, void **); 432 void export_key(void **, struct tdb *, int); 433 void export_udpencap(void **, struct tdb *); 434 void export_tag(void **, struct tdb *); 435 void export_replay(void **, struct tdb *); 436 void export_rdomain(void **, struct tdb *); 437 void export_mtu(void **, struct tdb *); 438 void export_tap(void **, struct tdb *); 439 void export_satype(void **, struct tdb *); 440 void export_counter(void **, struct tdb *); 441 442 void import_address(struct sockaddr *, struct sadb_address *); 443 void import_identities(struct ipsec_ids **, int, struct sadb_ident *, 444 struct sadb_ident *); 445 void import_key(struct ipsecinit *, struct sadb_key *, int); 446 void import_lifetime(struct tdb *, struct sadb_lifetime *, int); 447 void import_sa(struct tdb *, struct sadb_sa *, struct ipsecinit *); 448 int import_flow(struct sockaddr_encap *, struct sockaddr_encap *, 449 struct sadb_address *, struct sadb_address *, struct sadb_address *, 450 struct sadb_address *, struct sadb_protocol *, struct sadb_protocol *); 451 void import_udpencap(struct tdb *, struct sadb_x_udpencap *); 452 void import_tag(struct tdb *, struct sadb_x_tag *); 453 void import_rdomain(struct tdb *, struct sadb_x_rdomain *); 454 void import_tap(struct tdb *, struct sadb_x_tap *); 455 456 extern const uint64_t sadb_exts_allowed_out[SADB_MAX+1]; 457 extern const uint64_t sadb_exts_required_out[SADB_MAX+1]; 458 459 extern struct pool ipsec_policy_pool; 460 extern struct pool ipsec_acquire_pool; 461 #endif /* _KERNEL */ 462 463 #endif /* _NET_PFKEY_V2_H_ */

Cache object: 3f0617313880f6c7a6b3b7bd1fe6db64

FreeBSD/Linux Kernel Cross Reference sys/net/pfkeyv2.h

FreeBSD/Linux Kernel Cross Reference
sys/net/pfkeyv2.h