Annotation of embedaddon/strongswan/src/include/linux/pfkeyv2.h, revision 1.1
1.1 ! misho 1: /* PF_KEY user interface, this is defined by rfc2367 so
! 2: * do not make arbitrary modifications or else this header
! 3: * file will not be compliant.
! 4: */
! 5:
! 6: #ifndef _LINUX_PFKEY2_H
! 7: #define _LINUX_PFKEY2_H
! 8:
! 9: #include <linux/types.h>
! 10:
! 11: #define PF_KEY_V2 2
! 12: #define PFKEYV2_REVISION 199806L
! 13:
! 14: struct sadb_msg {
! 15: uint8_t sadb_msg_version;
! 16: uint8_t sadb_msg_type;
! 17: uint8_t sadb_msg_errno;
! 18: uint8_t sadb_msg_satype;
! 19: uint16_t sadb_msg_len;
! 20: uint16_t sadb_msg_reserved;
! 21: uint32_t sadb_msg_seq;
! 22: uint32_t sadb_msg_pid;
! 23: } __attribute__((packed));
! 24: /* sizeof(struct sadb_msg) == 16 */
! 25:
! 26: struct sadb_ext {
! 27: uint16_t sadb_ext_len;
! 28: uint16_t sadb_ext_type;
! 29: } __attribute__((packed));
! 30: /* sizeof(struct sadb_ext) == 4 */
! 31:
! 32: struct sadb_sa {
! 33: uint16_t sadb_sa_len;
! 34: uint16_t sadb_sa_exttype;
! 35: uint32_t sadb_sa_spi;
! 36: uint8_t sadb_sa_replay;
! 37: uint8_t sadb_sa_state;
! 38: uint8_t sadb_sa_auth;
! 39: uint8_t sadb_sa_encrypt;
! 40: uint32_t sadb_sa_flags;
! 41: } __attribute__((packed));
! 42: /* sizeof(struct sadb_sa) == 16 */
! 43:
! 44: struct sadb_lifetime {
! 45: uint16_t sadb_lifetime_len;
! 46: uint16_t sadb_lifetime_exttype;
! 47: uint32_t sadb_lifetime_allocations;
! 48: uint64_t sadb_lifetime_bytes;
! 49: uint64_t sadb_lifetime_addtime;
! 50: uint64_t sadb_lifetime_usetime;
! 51: } __attribute__((packed));
! 52: /* sizeof(struct sadb_lifetime) == 32 */
! 53:
! 54: struct sadb_address {
! 55: uint16_t sadb_address_len;
! 56: uint16_t sadb_address_exttype;
! 57: uint8_t sadb_address_proto;
! 58: uint8_t sadb_address_prefixlen;
! 59: uint16_t sadb_address_reserved;
! 60: } __attribute__((packed));
! 61: /* sizeof(struct sadb_address) == 8 */
! 62:
! 63: struct sadb_key {
! 64: uint16_t sadb_key_len;
! 65: uint16_t sadb_key_exttype;
! 66: uint16_t sadb_key_bits;
! 67: uint16_t sadb_key_reserved;
! 68: } __attribute__((packed));
! 69: /* sizeof(struct sadb_key) == 8 */
! 70:
! 71: struct sadb_ident {
! 72: uint16_t sadb_ident_len;
! 73: uint16_t sadb_ident_exttype;
! 74: uint16_t sadb_ident_type;
! 75: uint16_t sadb_ident_reserved;
! 76: uint64_t sadb_ident_id;
! 77: } __attribute__((packed));
! 78: /* sizeof(struct sadb_ident) == 16 */
! 79:
! 80: struct sadb_sens {
! 81: uint16_t sadb_sens_len;
! 82: uint16_t sadb_sens_exttype;
! 83: uint32_t sadb_sens_dpd;
! 84: uint8_t sadb_sens_sens_level;
! 85: uint8_t sadb_sens_sens_len;
! 86: uint8_t sadb_sens_integ_level;
! 87: uint8_t sadb_sens_integ_len;
! 88: uint32_t sadb_sens_reserved;
! 89: } __attribute__((packed));
! 90: /* sizeof(struct sadb_sens) == 16 */
! 91:
! 92: /* followed by:
! 93: uint64_t sadb_sens_bitmap[sens_len];
! 94: uint64_t sadb_integ_bitmap[integ_len]; */
! 95:
! 96: struct sadb_prop {
! 97: uint16_t sadb_prop_len;
! 98: uint16_t sadb_prop_exttype;
! 99: uint8_t sadb_prop_replay;
! 100: uint8_t sadb_prop_reserved[3];
! 101: } __attribute__((packed));
! 102: /* sizeof(struct sadb_prop) == 8 */
! 103:
! 104: /* followed by:
! 105: struct sadb_comb sadb_combs[(sadb_prop_len +
! 106: sizeof(uint64_t) - sizeof(struct sadb_prop)) /
! 107: sizeof(struct sadb_comb)]; */
! 108:
! 109: struct sadb_comb {
! 110: uint8_t sadb_comb_auth;
! 111: uint8_t sadb_comb_encrypt;
! 112: uint16_t sadb_comb_flags;
! 113: uint16_t sadb_comb_auth_minbits;
! 114: uint16_t sadb_comb_auth_maxbits;
! 115: uint16_t sadb_comb_encrypt_minbits;
! 116: uint16_t sadb_comb_encrypt_maxbits;
! 117: uint32_t sadb_comb_reserved;
! 118: uint32_t sadb_comb_soft_allocations;
! 119: uint32_t sadb_comb_hard_allocations;
! 120: uint64_t sadb_comb_soft_bytes;
! 121: uint64_t sadb_comb_hard_bytes;
! 122: uint64_t sadb_comb_soft_addtime;
! 123: uint64_t sadb_comb_hard_addtime;
! 124: uint64_t sadb_comb_soft_usetime;
! 125: uint64_t sadb_comb_hard_usetime;
! 126: } __attribute__((packed));
! 127: /* sizeof(struct sadb_comb) == 72 */
! 128:
! 129: struct sadb_supported {
! 130: uint16_t sadb_supported_len;
! 131: uint16_t sadb_supported_exttype;
! 132: uint32_t sadb_supported_reserved;
! 133: } __attribute__((packed));
! 134: /* sizeof(struct sadb_supported) == 8 */
! 135:
! 136: /* followed by:
! 137: struct sadb_alg sadb_algs[(sadb_supported_len +
! 138: sizeof(uint64_t) - sizeof(struct sadb_supported)) /
! 139: sizeof(struct sadb_alg)]; */
! 140:
! 141: struct sadb_alg {
! 142: uint8_t sadb_alg_id;
! 143: uint8_t sadb_alg_ivlen;
! 144: uint16_t sadb_alg_minbits;
! 145: uint16_t sadb_alg_maxbits;
! 146: uint16_t sadb_alg_reserved;
! 147: } __attribute__((packed));
! 148: /* sizeof(struct sadb_alg) == 8 */
! 149:
! 150: struct sadb_spirange {
! 151: uint16_t sadb_spirange_len;
! 152: uint16_t sadb_spirange_exttype;
! 153: uint32_t sadb_spirange_min;
! 154: uint32_t sadb_spirange_max;
! 155: uint32_t sadb_spirange_reserved;
! 156: } __attribute__((packed));
! 157: /* sizeof(struct sadb_spirange) == 16 */
! 158:
! 159: struct sadb_x_kmprivate {
! 160: uint16_t sadb_x_kmprivate_len;
! 161: uint16_t sadb_x_kmprivate_exttype;
! 162: uint32_t sadb_x_kmprivate_reserved;
! 163: } __attribute__((packed));
! 164: /* sizeof(struct sadb_x_kmprivate) == 8 */
! 165:
! 166: struct sadb_x_sa2 {
! 167: uint16_t sadb_x_sa2_len;
! 168: uint16_t sadb_x_sa2_exttype;
! 169: uint8_t sadb_x_sa2_mode;
! 170: uint8_t sadb_x_sa2_reserved1;
! 171: uint16_t sadb_x_sa2_reserved2;
! 172: uint32_t sadb_x_sa2_sequence;
! 173: uint32_t sadb_x_sa2_reqid;
! 174: } __attribute__((packed));
! 175: /* sizeof(struct sadb_x_sa2) == 16 */
! 176:
! 177: struct sadb_x_policy {
! 178: uint16_t sadb_x_policy_len;
! 179: uint16_t sadb_x_policy_exttype;
! 180: uint16_t sadb_x_policy_type;
! 181: uint8_t sadb_x_policy_dir;
! 182: uint8_t sadb_x_policy_reserved;
! 183: uint32_t sadb_x_policy_id;
! 184: uint32_t sadb_x_policy_priority;
! 185: } __attribute__((packed));
! 186: /* sizeof(struct sadb_x_policy) == 16 */
! 187:
! 188: struct sadb_x_ipsecrequest {
! 189: uint16_t sadb_x_ipsecrequest_len;
! 190: uint16_t sadb_x_ipsecrequest_proto;
! 191: uint8_t sadb_x_ipsecrequest_mode;
! 192: uint8_t sadb_x_ipsecrequest_level;
! 193: uint16_t sadb_x_ipsecrequest_reserved1;
! 194: uint32_t sadb_x_ipsecrequest_reqid;
! 195: uint32_t sadb_x_ipsecrequest_reserved2;
! 196: } __attribute__((packed));
! 197: /* sizeof(struct sadb_x_ipsecrequest) == 16 */
! 198:
! 199: /* This defines the TYPE of Nat Traversal in use. Currently only one
! 200: * type of NAT-T is supported, draft-ietf-ipsec-udp-encaps-06
! 201: */
! 202: struct sadb_x_nat_t_type {
! 203: uint16_t sadb_x_nat_t_type_len;
! 204: uint16_t sadb_x_nat_t_type_exttype;
! 205: uint8_t sadb_x_nat_t_type_type;
! 206: uint8_t sadb_x_nat_t_type_reserved[3];
! 207: } __attribute__((packed));
! 208: /* sizeof(struct sadb_x_nat_t_type) == 8 */
! 209:
! 210: /* Pass a NAT Traversal port (Source or Dest port) */
! 211: struct sadb_x_nat_t_port {
! 212: uint16_t sadb_x_nat_t_port_len;
! 213: uint16_t sadb_x_nat_t_port_exttype;
! 214: uint16_t sadb_x_nat_t_port_port;
! 215: uint16_t sadb_x_nat_t_port_reserved;
! 216: } __attribute__((packed));
! 217: /* sizeof(struct sadb_x_nat_t_port) == 8 */
! 218:
! 219: /* Generic LSM security context */
! 220: struct sadb_x_sec_ctx {
! 221: uint16_t sadb_x_sec_len;
! 222: uint16_t sadb_x_sec_exttype;
! 223: uint8_t sadb_x_ctx_alg; /* LSMs: e.g., selinux == 1 */
! 224: uint8_t sadb_x_ctx_doi;
! 225: uint16_t sadb_x_ctx_len;
! 226: } __attribute__((packed));
! 227: /* sizeof(struct sadb_sec_ctx) = 8 */
! 228:
! 229: /* Used by MIGRATE to pass addresses IKE will use to perform
! 230: * negotiation with the peer */
! 231: struct sadb_x_kmaddress {
! 232: uint16_t sadb_x_kmaddress_len;
! 233: uint16_t sadb_x_kmaddress_exttype;
! 234: uint32_t sadb_x_kmaddress_reserved;
! 235: } __attribute__((packed));
! 236: /* sizeof(struct sadb_x_kmaddress) == 8 */
! 237:
! 238: /* Message types */
! 239: #define SADB_RESERVED 0
! 240: #define SADB_GETSPI 1
! 241: #define SADB_UPDATE 2
! 242: #define SADB_ADD 3
! 243: #define SADB_DELETE 4
! 244: #define SADB_GET 5
! 245: #define SADB_ACQUIRE 6
! 246: #define SADB_REGISTER 7
! 247: #define SADB_EXPIRE 8
! 248: #define SADB_FLUSH 9
! 249: #define SADB_DUMP 10
! 250: #define SADB_X_PROMISC 11
! 251: #define SADB_X_PCHANGE 12
! 252: #define SADB_X_SPDUPDATE 13
! 253: #define SADB_X_SPDADD 14
! 254: #define SADB_X_SPDDELETE 15
! 255: #define SADB_X_SPDGET 16
! 256: #define SADB_X_SPDACQUIRE 17
! 257: #define SADB_X_SPDDUMP 18
! 258: #define SADB_X_SPDFLUSH 19
! 259: #define SADB_X_SPDSETIDX 20
! 260: #define SADB_X_SPDEXPIRE 21
! 261: #define SADB_X_SPDDELETE2 22
! 262: #define SADB_X_NAT_T_NEW_MAPPING 23
! 263: #define SADB_X_MIGRATE 24
! 264: #define SADB_MAX 24
! 265:
! 266: /* Security Association flags */
! 267: #define SADB_SAFLAGS_PFS 1
! 268: #define SADB_SAFLAGS_NOPMTUDISC 0x20000000
! 269: #define SADB_SAFLAGS_DECAP_DSCP 0x40000000
! 270: #define SADB_SAFLAGS_NOECN 0x80000000
! 271:
! 272: /* Security Association states */
! 273: #define SADB_SASTATE_LARVAL 0
! 274: #define SADB_SASTATE_MATURE 1
! 275: #define SADB_SASTATE_DYING 2
! 276: #define SADB_SASTATE_DEAD 3
! 277: #define SADB_SASTATE_MAX 3
! 278:
! 279: /* Security Association types */
! 280: #define SADB_SATYPE_UNSPEC 0
! 281: #define SADB_SATYPE_AH 2
! 282: #define SADB_SATYPE_ESP 3
! 283: #define SADB_SATYPE_RSVP 5
! 284: #define SADB_SATYPE_OSPFV2 6
! 285: #define SADB_SATYPE_RIPV2 7
! 286: #define SADB_SATYPE_MIP 8
! 287: #define SADB_X_SATYPE_IPCOMP 9
! 288: #define SADB_SATYPE_MAX 9
! 289:
! 290: /* Authentication algorithms */
! 291: #define SADB_AALG_NONE 0
! 292: #define SADB_AALG_MD5HMAC 2
! 293: #define SADB_AALG_SHA1HMAC 3
! 294: #define SADB_X_AALG_SHA2_256HMAC 5
! 295: #define SADB_X_AALG_SHA2_384HMAC 6
! 296: #define SADB_X_AALG_SHA2_512HMAC 7
! 297: #define SADB_X_AALG_RIPEMD160HMAC 8
! 298: #define SADB_X_AALG_AES_XCBC_MAC 9
! 299: #define SADB_X_AALG_NULL 251 /* kame */
! 300: #define SADB_AALG_MAX 251
! 301:
! 302: /* Encryption algorithms */
! 303: #define SADB_EALG_NONE 0
! 304: #define SADB_EALG_DESCBC 2
! 305: #define SADB_EALG_3DESCBC 3
! 306: #define SADB_X_EALG_CASTCBC 6
! 307: #define SADB_X_EALG_BLOWFISHCBC 7
! 308: #define SADB_EALG_NULL 11
! 309: #define SADB_X_EALG_AESCBC 12
! 310: #define SADB_X_EALG_AESCTR 13
! 311: #define SADB_X_EALG_AES_CCM_ICV8 14
! 312: #define SADB_X_EALG_AES_CCM_ICV12 15
! 313: #define SADB_X_EALG_AES_CCM_ICV16 16
! 314: #define SADB_X_EALG_AES_GCM_ICV8 18
! 315: #define SADB_X_EALG_AES_GCM_ICV12 19
! 316: #define SADB_X_EALG_AES_GCM_ICV16 20
! 317: #define SADB_X_EALG_CAMELLIACBC 22
! 318: #define SADB_X_EALG_NULL_AES_GMAC 23
! 319: #define SADB_EALG_MAX 253 /* last EALG */
! 320: /* private allocations should use 249-255 (RFC2407) */
! 321: #define SADB_X_EALG_SERPENTCBC 252 /* draft-ietf-ipsec-ciph-aes-cbc-00 */
! 322: #define SADB_X_EALG_TWOFISHCBC 253 /* draft-ietf-ipsec-ciph-aes-cbc-00 */
! 323:
! 324: /* Compression algorithms */
! 325: #define SADB_X_CALG_NONE 0
! 326: #define SADB_X_CALG_OUI 1
! 327: #define SADB_X_CALG_DEFLATE 2
! 328: #define SADB_X_CALG_LZS 3
! 329: #define SADB_X_CALG_LZJH 4
! 330: #define SADB_X_CALG_MAX 4
! 331:
! 332: /* Extension Header values */
! 333: #define SADB_EXT_RESERVED 0
! 334: #define SADB_EXT_SA 1
! 335: #define SADB_EXT_LIFETIME_CURRENT 2
! 336: #define SADB_EXT_LIFETIME_HARD 3
! 337: #define SADB_EXT_LIFETIME_SOFT 4
! 338: #define SADB_EXT_ADDRESS_SRC 5
! 339: #define SADB_EXT_ADDRESS_DST 6
! 340: #define SADB_EXT_ADDRESS_PROXY 7
! 341: #define SADB_EXT_KEY_AUTH 8
! 342: #define SADB_EXT_KEY_ENCRYPT 9
! 343: #define SADB_EXT_IDENTITY_SRC 10
! 344: #define SADB_EXT_IDENTITY_DST 11
! 345: #define SADB_EXT_SENSITIVITY 12
! 346: #define SADB_EXT_PROPOSAL 13
! 347: #define SADB_EXT_SUPPORTED_AUTH 14
! 348: #define SADB_EXT_SUPPORTED_ENCRYPT 15
! 349: #define SADB_EXT_SPIRANGE 16
! 350: #define SADB_X_EXT_KMPRIVATE 17
! 351: #define SADB_X_EXT_POLICY 18
! 352: #define SADB_X_EXT_SA2 19
! 353: /* The next four entries are for setting up NAT Traversal */
! 354: #define SADB_X_EXT_NAT_T_TYPE 20
! 355: #define SADB_X_EXT_NAT_T_SPORT 21
! 356: #define SADB_X_EXT_NAT_T_DPORT 22
! 357: #define SADB_X_EXT_NAT_T_OA 23
! 358: #define SADB_X_EXT_SEC_CTX 24
! 359: /* Used with MIGRATE to pass @ to IKE for negotiation */
! 360: #define SADB_X_EXT_KMADDRESS 25
! 361: #define SADB_EXT_MAX 25
! 362:
! 363: /* Identity Extension values */
! 364: #define SADB_IDENTTYPE_RESERVED 0
! 365: #define SADB_IDENTTYPE_PREFIX 1
! 366: #define SADB_IDENTTYPE_FQDN 2
! 367: #define SADB_IDENTTYPE_USERFQDN 3
! 368: #define SADB_IDENTTYPE_MAX 3
! 369:
! 370: #endif /* !(_LINUX_PFKEY2_H) */
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to pfkeyv2.h CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / include / linux