11edba515SAndy Fiddaman /* 21edba515SAndy Fiddaman * This file and its contents are supplied under the terms of the 31edba515SAndy Fiddaman * Common Development and Distribution License ("CDDL"), version 1.0. 41edba515SAndy Fiddaman * You may only use this file in accordance with the terms of version 51edba515SAndy Fiddaman * 1.0 of the CDDL. 61edba515SAndy Fiddaman * 71edba515SAndy Fiddaman * A full copy of the text of the CDDL should have accompanied this 81edba515SAndy Fiddaman * source. A copy of the CDDL is also available via the Internet at 91edba515SAndy Fiddaman * http://www.illumos.org/license/CDDL. 101edba515SAndy Fiddaman */ 111edba515SAndy Fiddaman 121edba515SAndy Fiddaman /* 131edba515SAndy Fiddaman * Copyright 2024 Oxide Computer Company 141edba515SAndy Fiddaman */ 151edba515SAndy Fiddaman 161edba515SAndy Fiddaman #ifndef _INET_TCPSIG_H 171edba515SAndy Fiddaman #define _INET_TCPSIG_H 181edba515SAndy Fiddaman 191edba515SAndy Fiddaman #include <sys/stdbool.h> 201edba515SAndy Fiddaman #include <inet/keysock.h> 211edba515SAndy Fiddaman #include <inet/sadb.h> 221edba515SAndy Fiddaman 231edba515SAndy Fiddaman #ifdef __cplusplus 241edba515SAndy Fiddaman extern "C" { 251edba515SAndy Fiddaman #endif 261edba515SAndy Fiddaman 271edba515SAndy Fiddaman typedef struct tcpsig_sa { 281edba515SAndy Fiddaman list_node_t ts_link; 291edba515SAndy Fiddaman 301edba515SAndy Fiddaman tcp_stack_t *ts_stack; 311edba515SAndy Fiddaman 321edba515SAndy Fiddaman sa_family_t ts_family; 331edba515SAndy Fiddaman struct sockaddr_storage ts_src; 341edba515SAndy Fiddaman struct sockaddr_storage ts_dst; 351edba515SAndy Fiddaman 361edba515SAndy Fiddaman ipsa_key_t ts_key; 371edba515SAndy Fiddaman 381edba515SAndy Fiddaman kmutex_t ts_lock; 39*c2cbc6b8SAndy Fiddaman 40*c2cbc6b8SAndy Fiddaman /* All of the following are protected by ts_lock */ 41*c2cbc6b8SAndy Fiddaman 42*c2cbc6b8SAndy Fiddaman time_t ts_addtime; /* Time added */ 43*c2cbc6b8SAndy Fiddaman time_t ts_usetime; /* Time of first use */ 44*c2cbc6b8SAndy Fiddaman time_t ts_lastuse; /* Time of last use */ 45*c2cbc6b8SAndy Fiddaman time_t ts_softexpiretime; /* First soft exp */ 46*c2cbc6b8SAndy Fiddaman time_t ts_hardexpiretime; /* First hard exp */ 47*c2cbc6b8SAndy Fiddaman 48*c2cbc6b8SAndy Fiddaman /* Configured lifetimes */ 49*c2cbc6b8SAndy Fiddaman uint64_t ts_softaddlt; 50*c2cbc6b8SAndy Fiddaman uint64_t ts_softuselt; 51*c2cbc6b8SAndy Fiddaman uint64_t ts_hardaddlt; 52*c2cbc6b8SAndy Fiddaman uint64_t ts_harduselt; 53*c2cbc6b8SAndy Fiddaman 541edba515SAndy Fiddaman uint64_t ts_refcnt; 551edba515SAndy Fiddaman bool ts_tombstoned; 56*c2cbc6b8SAndy Fiddaman uint_t ts_state; 571edba515SAndy Fiddaman } tcpsig_sa_t; 581edba515SAndy Fiddaman 591edba515SAndy Fiddaman typedef struct tcpsig_db { 601edba515SAndy Fiddaman krwlock_t td_lock; 611edba515SAndy Fiddaman list_t td_salist; 621edba515SAndy Fiddaman } tcpsig_db_t; 631edba515SAndy Fiddaman 641edba515SAndy Fiddaman extern void tcpsig_init(tcp_stack_t *); 651edba515SAndy Fiddaman extern void tcpsig_fini(tcp_stack_t *); 661edba515SAndy Fiddaman extern void tcpsig_sa_handler(keysock_t *, mblk_t *, sadb_msg_t *, 671edba515SAndy Fiddaman sadb_ext_t **); 681edba515SAndy Fiddaman 691edba515SAndy Fiddaman extern void tcpsig_sa_rele(tcpsig_sa_t *); 7054819d46SAndy Fiddaman extern bool tcpsig_sa_exists(tcp_t *, bool, tcpsig_sa_t **); 711edba515SAndy Fiddaman extern bool tcpsig_signature(mblk_t *, tcp_t *, tcpha_t *, int, uint8_t *, 721edba515SAndy Fiddaman bool); 731edba515SAndy Fiddaman extern bool tcpsig_verify(mblk_t *, tcp_t *, tcpha_t *, ip_recv_attr_t *, 741edba515SAndy Fiddaman uint8_t *); 751edba515SAndy Fiddaman 761edba515SAndy Fiddaman #ifdef __cplusplus 771edba515SAndy Fiddaman } 781edba515SAndy Fiddaman #endif 791edba515SAndy Fiddaman 801edba515SAndy Fiddaman #endif /* _INET_TCPSIG_H */ 81