xref: /netbsd-src/crypto/dist/ipsec-tools/src/libipsec/libpfkey.h (revision 86811edb37e43f44504b192591c863c5d48f5e08) 
1 /*	$NetBSD: libpfkey.h,v 1.9 2005/12/04 20:46:40 manu Exp $	*/
2 
3 /* Id: libpfkey.h,v 1.8.2.3 2005/06/29 13:01:28 manubsd Exp */
4 
5 /*
6  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
7  * All rights reserved.
8  *
9  * Redistribution and use in source and binary forms, with or without
10  * modification, are permitted provided that the following conditions
11  * are met:
12  * 1. Redistributions of source code must retain the above copyright
13  *    notice, this list of conditions and the following disclaimer.
14  * 2. Redistributions in binary form must reproduce the above copyright
15  *    notice, this list of conditions and the following disclaimer in the
16  *    documentation and/or other materials provided with the distribution.
17  * 3. Neither the name of the project nor the names of its contributors
18  *    may be used to endorse or promote products derived from this software
19  *    without specific prior written permission.
20  *
21  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31  * SUCH DAMAGE.
32  */
33 
34 #ifndef _LIBPFKEY_H
35 #define _LIBPFKEY_H
36 
37 #ifndef KAME_LIBPFKEY_H
38 #define KAME_LIBPFKEY_H
39 
40 #define PRIORITY_LOW        0xC0000000
41 #define PRIORITY_DEFAULT    0x80000000
42 #define PRIORITY_HIGH       0x40000000
43 
44 #define PRIORITY_OFFSET_POSITIVE_MAX	0x3fffffff
45 #define PRIORITY_OFFSET_NEGATIVE_MAX	0x40000000
46 
47 struct sadb_msg;
48 extern void pfkey_sadump __P((struct sadb_msg *));
49 extern void pfkey_sadump_withports __P((struct sadb_msg *));
50 extern void pfkey_spdump __P((struct sadb_msg *));
51 extern void pfkey_spdump_withports __P((struct sadb_msg *));
52 
53 struct sockaddr;
54 struct sadb_alg;
55 
56 /* Accomodate different prototypes in <netinet6/ipsec.h> */
57 #include <sys/types.h>
58 #ifdef HAVE_NETINET6_IPSEC
59 #  include <netinet6/ipsec.h>
60 #else
61 #  include <netinet/ipsec.h>
62 #endif
63 
64 #ifndef HAVE_IPSEC_POLICY_T
65 typedef caddr_t ipsec_policy_t;
66 #define __ipsec_const
67 #else
68 #define __ipsec_const const
69 #endif
70 
71 /* IPsec Library Routines */
72 
73 int ipsec_check_keylen __P((u_int, u_int, u_int));
74 int ipsec_check_keylen2 __P((u_int, u_int, u_int));
75 int ipsec_get_keylen __P((u_int, u_int, struct sadb_alg *));
76 char *ipsec_dump_policy_withports __P((void *, const char *));
77 void ipsec_hexdump __P((const void *, int));
78 const char *ipsec_strerror __P((void));
79 void kdebug_sadb __P((struct sadb_msg *));
80 ipsec_policy_t ipsec_set_policy __P((__ipsec_const char *, int));
81 int  ipsec_get_policylen __P((ipsec_policy_t));
82 char *ipsec_dump_policy __P((ipsec_policy_t, __ipsec_const char *));
83 
84 /* PFKey Routines */
85 
86 u_int pfkey_set_softrate __P((u_int, u_int));
87 u_int pfkey_get_softrate __P((u_int));
88 int pfkey_send_getspi __P((int, u_int, u_int, struct sockaddr *,
89 	struct sockaddr *, u_int32_t, u_int32_t, u_int32_t, u_int32_t));
90 int pfkey_send_update __P((int, u_int, u_int, struct sockaddr *,
91 	struct sockaddr *, u_int32_t, u_int32_t, u_int,
92 	caddr_t, u_int, u_int, u_int, u_int, u_int, u_int32_t, u_int64_t,
93 	u_int64_t, u_int64_t, u_int32_t));
94 int pfkey_send_update_nat __P((int, u_int, u_int, struct sockaddr *,
95 	struct sockaddr *, u_int32_t, u_int32_t, u_int,
96 	caddr_t, u_int, u_int, u_int, u_int, u_int, u_int32_t, u_int64_t,
97 	u_int64_t, u_int64_t, u_int32_t,
98 	u_int8_t, u_int16_t, u_int16_t, struct sockaddr *, u_int16_t));
99 int pfkey_send_add __P((int, u_int, u_int, struct sockaddr *,
100 	struct sockaddr *, u_int32_t, u_int32_t, u_int,
101 	caddr_t, u_int, u_int, u_int, u_int, u_int, u_int32_t, u_int64_t,
102 	u_int64_t, u_int64_t, u_int32_t));
103 int pfkey_send_add_nat __P((int, u_int, u_int, struct sockaddr *,
104 	struct sockaddr *, u_int32_t, u_int32_t, u_int,
105 	caddr_t, u_int, u_int, u_int, u_int, u_int, u_int32_t, u_int64_t,
106 	u_int64_t, u_int64_t, u_int32_t,
107 	u_int8_t, u_int16_t, u_int16_t, struct sockaddr *, u_int16_t));
108 int pfkey_send_delete __P((int, u_int, u_int,
109 	struct sockaddr *, struct sockaddr *, u_int32_t));
110 int pfkey_send_delete_all __P((int, u_int, u_int,
111 	struct sockaddr *, struct sockaddr *));
112 int pfkey_send_get __P((int, u_int, u_int,
113 	struct sockaddr *, struct sockaddr *, u_int32_t));
114 int pfkey_send_register __P((int, u_int));
115 int pfkey_recv_register __P((int));
116 int pfkey_set_supported __P((struct sadb_msg *, int));
117 int pfkey_send_flush __P((int, u_int));
118 int pfkey_send_dump __P((int, u_int));
119 int pfkey_send_promisc_toggle __P((int, int));
120 int pfkey_send_spdadd __P((int, struct sockaddr *, u_int,
121 	struct sockaddr *, u_int, u_int, caddr_t, int, u_int32_t));
122 int pfkey_send_spdadd2 __P((int, struct sockaddr *, u_int,
123 	struct sockaddr *, u_int, u_int, u_int64_t, u_int64_t,
124 	caddr_t, int, u_int32_t));
125 int pfkey_send_spdupdate __P((int, struct sockaddr *, u_int,
126 	struct sockaddr *, u_int, u_int, caddr_t, int, u_int32_t));
127 int pfkey_send_spdupdate2 __P((int, struct sockaddr *, u_int,
128 	struct sockaddr *, u_int, u_int, u_int64_t, u_int64_t,
129 	caddr_t, int, u_int32_t));
130 int pfkey_send_spddelete __P((int, struct sockaddr *, u_int,
131 	struct sockaddr *, u_int, u_int, caddr_t, int, u_int32_t));
132 int pfkey_send_spddelete2 __P((int, u_int32_t));
133 int pfkey_send_spdget __P((int, u_int32_t));
134 int pfkey_send_spdsetidx __P((int, struct sockaddr *, u_int,
135 	struct sockaddr *, u_int, u_int, caddr_t, int, u_int32_t));
136 int pfkey_send_spdflush __P((int));
137 int pfkey_send_spddump __P((int));
138 
139 int pfkey_open __P((void));
140 void pfkey_close __P((int));
141 struct sadb_msg *pfkey_recv __P((int));
142 int pfkey_send __P((int, struct sadb_msg *, int));
143 int pfkey_align __P((struct sadb_msg *, caddr_t *));
144 int pfkey_check __P((caddr_t *));
145 
146 #ifndef __SYSDEP_SA_LEN__
147 #define __SYSDEP_SA_LEN__
148 #include <netinet/in.h>
149 
150 #ifndef IPPROTO_IPV4
151 #define IPPROTO_IPV4 IPPROTO_IPIP
152 #endif
153 
154 #ifndef IPPROTO_IPCOMP
155 #define IPPROTO_IPCOMP IPPROTO_COMP
156 #endif
157 
158 static __inline u_int8_t
159 sysdep_sa_len (const struct sockaddr *sa)
160 {
161 #ifdef __linux__
162   switch (sa->sa_family)
163     {
164     case AF_INET:
165       return sizeof (struct sockaddr_in);
166     case AF_INET6:
167       return sizeof (struct sockaddr_in6);
168     }
169   // log_print ("sysdep_sa_len: unknown sa family %d", sa->sa_family);
170   return sizeof (struct sockaddr_in);
171 #else
172   return sa->sa_len;
173 #endif
174 }
175 #endif
176 
177 #endif /* KAME_LIBPFKEY_H */
178 
179 #endif /* _LIBPFKEY_H */
180