Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/android-openjdk-build-multiarch
 Path: blob/buildjre8/ios-missing-include/netinet6/ipsec.h
861 views
1
/*	$FreeBSD: src/sys/netinet6/ipsec.h,v 1.4.2.2 2001/07/03 11:01:54 ume Exp $	*/

2
/*	$KAME: ipsec.h,v 1.44 2001/03/23 08:08:47 itojun Exp $	*/

3


4
/*

5
 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.

6
 * All rights reserved.

7
 *

8
 * Redistribution and use in source and binary forms, with or without

9
 * modification, are permitted provided that the following conditions

10
 * are met:

11
 * 1. Redistributions of source code must retain the above copyright

12
 *    notice, this list of conditions and the following disclaimer.

13
 * 2. Redistributions in binary form must reproduce the above copyright

14
 *    notice, this list of conditions and the following disclaimer in the

15
 *    documentation and/or other materials provided with the distribution.

16
 * 3. Neither the name of the project nor the names of its contributors

17
 *    may be used to endorse or promote products derived from this software

18
 *    without specific prior written permission.

19
 *

20
 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND

21
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

22
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

23
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE

24
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

25
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

26
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

27
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

28
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

29
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

30
 * SUCH DAMAGE.

31
 */

32


33
/*

34
 * IPsec controller part.

35
 */

36


37
#ifndef _NETINET6_IPSEC_H_

38
#define _NETINET6_IPSEC_H_

39
#include <sys/cdefs.h>

40
#include <sys/appleapiopts.h>

41


42
#include <net/pfkeyv2.h>

43
#include <uuid/uuid.h>

44


45
/* according to IANA assignment, port 0x0000 and proto 0xff are reserved. */

46
#define IPSEC_PORT_ANY          0

47
#define IPSEC_ULPROTO_ANY       255

48
#define IPSEC_PROTO_ANY         255

49


50
/* mode of security protocol */

51
/* NOTE: DON'T use IPSEC_MODE_ANY at SPD.  It's only use in SAD */

52
#define IPSEC_MODE_ANY          0       /* i.e. wildcard. */

53
#define IPSEC_MODE_TRANSPORT    1

54
#define IPSEC_MODE_TUNNEL       2

55


56
/*

57
 * Direction of security policy.

58
 * NOTE: Since INVALID is used just as flag.

59
 * The other are used for loop counter too.

60
 */

61
#define IPSEC_DIR_ANY           0

62
#define IPSEC_DIR_INBOUND       1

63
#define IPSEC_DIR_OUTBOUND      2

64
#define IPSEC_DIR_MAX           3

65
#define IPSEC_DIR_INVALID       4

66


67
/* Policy level */

68
/*

69
 * IPSEC, ENTRUST and BYPASS are allowed for setsockopt() in PCB,

70
 * DISCARD, IPSEC and NONE are allowed for setkey() in SPD.

71
 * DISCARD and NONE are allowed for system default.

72
 */

73
#define IPSEC_POLICY_DISCARD    0       /* discarding packet */

74
#define IPSEC_POLICY_NONE       1       /* through IPsec engine */

75
#define IPSEC_POLICY_IPSEC      2       /* do IPsec */

76
#define IPSEC_POLICY_ENTRUST    3       /* consulting SPD if present. */

77
#define IPSEC_POLICY_BYPASS     4       /* only for privileged socket. */

78
#define IPSEC_POLICY_GENERATE   5       /* same as discard - IKE daemon can override with generated policy */

79


80
/* Security protocol level */

81
#define IPSEC_LEVEL_DEFAULT     0       /* reference to system default */

82
#define IPSEC_LEVEL_USE         1       /* use SA if present. */

83
#define IPSEC_LEVEL_REQUIRE     2       /* require SA. */

84
#define IPSEC_LEVEL_UNIQUE      3       /* unique SA. */

85


86
#define IPSEC_MANUAL_REQID_MAX  0x3fff

87
/*

88
 * if security policy level == unique, this id

89
 * indicate to a relative SA for use, else is

90
 * zero.

91
 * 1 - 0x3fff are reserved for manual keying.

92
 * 0 are reserved for above reason.  Others is

93
 * for kernel use.

94
 * Note that this id doesn't identify SA

95
 * by only itself.

96
 */

97
#define IPSEC_REPLAYWSIZE  32

98


99
/* statistics for ipsec processing */

100
struct ipsecstat {

101
	u_quad_t in_success __attribute__ ((aligned(8)));  /* succeeded inbound process */

102
	u_quad_t in_polvio __attribute__ ((aligned(8)));

103
	/* security policy violation for inbound process */

104
	u_quad_t in_nosa __attribute__ ((aligned(8)));      /* inbound SA is unavailable */

105
	u_quad_t in_inval __attribute__ ((aligned(8)));     /* inbound processing failed due to EINVAL */

106
	u_quad_t in_nomem __attribute__ ((aligned(8)));     /* inbound processing failed due to ENOBUFS */

107
	u_quad_t in_badspi __attribute__ ((aligned(8)));    /* failed getting a SPI */

108
	u_quad_t in_ahreplay __attribute__ ((aligned(8)));  /* AH replay check failed */

109
	u_quad_t in_espreplay __attribute__ ((aligned(8)));  /* ESP replay check failed */

110
	u_quad_t in_ahauthsucc __attribute__ ((aligned(8)));  /* AH authentication success */

111
	u_quad_t in_ahauthfail __attribute__ ((aligned(8)));  /* AH authentication failure */

112
	u_quad_t in_espauthsucc __attribute__ ((aligned(8)));  /* ESP authentication success */

113
	u_quad_t in_espauthfail __attribute__ ((aligned(8)));  /* ESP authentication failure */

114
	u_quad_t in_esphist[256] __attribute__ ((aligned(8)));

115
	u_quad_t in_ahhist[256] __attribute__ ((aligned(8)));

116
	u_quad_t in_comphist[256] __attribute__ ((aligned(8)));

117
	u_quad_t out_success __attribute__ ((aligned(8)));  /* succeeded outbound process */

118
	u_quad_t out_polvio __attribute__ ((aligned(8)));

119
	/* security policy violation for outbound process */

120
	u_quad_t out_nosa __attribute__ ((aligned(8)));     /* outbound SA is unavailable */

121
	u_quad_t out_inval __attribute__ ((aligned(8)));    /* outbound process failed due to EINVAL */

122
	u_quad_t out_nomem __attribute__ ((aligned(8)));     /* inbound processing failed due to ENOBUFS */

123
	u_quad_t out_noroute __attribute__ ((aligned(8)));  /* there is no route */

124
	u_quad_t out_esphist[256] __attribute__ ((aligned(8)));

125
	u_quad_t out_ahhist[256] __attribute__ ((aligned(8)));

126
	u_quad_t out_comphist[256] __attribute__ ((aligned(8)));

127
};

128


129
#define IPSEC_MAX_WAKE_PKT_LEN  100

130
struct ipsec_wake_pkt_info {

131
	u_int8_t wake_pkt[IPSEC_MAX_WAKE_PKT_LEN];

132
	uuid_string_t wake_uuid;

133
	u_int32_t wake_pkt_spi;

134
	u_int32_t wake_pkt_seq;

135
	u_int16_t wake_pkt_len;

136
};

137


138
struct ipsec_wake_pkt_event_data {

139
	uuid_string_t wake_uuid;

140
};

141


142


143
__BEGIN_DECLS

144
extern caddr_t ipsec_set_policy(char *, int);

145
extern int ipsec_get_policylen(caddr_t);

146
extern char *ipsec_dump_policy(caddr_t, char *);

147


148
extern const char *ipsec_strerror(void);

149
__END_DECLS

150


151
#endif /* _NETINET6_IPSEC_H_ */

152


153