diff options
author | gnn <gnn@FreeBSD.org> | 2007-07-01 11:41:27 +0000 |
---|---|---|
committer | gnn <gnn@FreeBSD.org> | 2007-07-01 11:41:27 +0000 |
commit | 0cd74db89b7c7ca5bface8b05ae8263c0a54217b (patch) | |
tree | 2bcfb09751e29be8d172ae9e835bab3e5c5699f2 /sys/netkey | |
parent | 384e40af76655727c82190f4d5dc6c857583206e (diff) | |
download | FreeBSD-src-0cd74db89b7c7ca5bface8b05ae8263c0a54217b.zip FreeBSD-src-0cd74db89b7c7ca5bface8b05ae8263c0a54217b.tar.gz |
Commit IPv6 support for FAST_IPSEC to the tree.
This commit includes only the kernel files, the rest of the files
will follow in a second commit.
Reviewed by: bz
Approved by: re
Supported by: Secure Computing
Diffstat (limited to 'sys/netkey')
-rw-r--r-- | sys/netkey/key.h | 96 | ||||
-rw-r--r-- | sys/netkey/key_debug.h | 88 | ||||
-rw-r--r-- | sys/netkey/key_var.h | 58 | ||||
-rw-r--r-- | sys/netkey/keydb.h | 184 | ||||
-rw-r--r-- | sys/netkey/keysock.h | 81 |
5 files changed, 0 insertions, 507 deletions
diff --git a/sys/netkey/key.h b/sys/netkey/key.h deleted file mode 100644 index e4cfe4b..0000000 --- a/sys/netkey/key.h +++ /dev/null @@ -1,96 +0,0 @@ -/* $FreeBSD$ */ -/* $KAME: key.h,v 1.32 2003/09/07 05:25:20 itojun Exp $ */ - -/*- - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef _NETKEY_KEY_H_ -#define _NETKEY_KEY_H_ - -#ifdef _KERNEL - -#include <sys/queue.h> - -extern struct key_cb key_cb; - -extern TAILQ_HEAD(_satailq, secasvar) satailq; -extern TAILQ_HEAD(_sptailq, secpolicy) sptailq; - -struct secpolicy; -struct secpolicyindex; -struct ipsecrequest; -struct secasvar; -struct sockaddr; -struct socket; -struct sadb_msg; -struct sadb_x_policy; -union sockaddr_union; - -extern struct secpolicy *key_allocsp(u_int16_t, struct secpolicyindex *, - u_int); -extern struct secpolicy *key_gettunnel(struct sockaddr *, - struct sockaddr *, struct sockaddr *, struct sockaddr *); -extern int key_checkrequest - (struct ipsecrequest *isr, struct secasindex *); -extern struct secasvar *key_allocsa(u_int, caddr_t, caddr_t, u_int, u_int32_t); -extern void key_freesp(struct secpolicy *); -extern void key_freesav(struct secasvar *); -extern struct secpolicy *key_newsp(u_int32_t); -extern struct secpolicy *key_msg2sp(struct sadb_x_policy *, size_t, int *); -extern struct mbuf *key_sp2msg(struct secpolicy *); -extern int key_cmpspidx_exactly - (struct secpolicyindex *, struct secpolicyindex *); -extern int key_cmpspidx_withmask - (struct secpolicyindex *, struct secpolicyindex *); -extern int key_spdacquire(struct secpolicy *); -extern void key_timehandler(void *); -extern void key_randomfill(void *, size_t); -extern void key_freereg(struct socket *); -extern int key_parse(struct mbuf *, struct socket *); -extern void key_init(void); -extern int key_checktunnelsanity(struct secasvar *, u_int, caddr_t, caddr_t); -extern void key_sa_recordxfer(struct secasvar *, struct mbuf *); -extern void key_sa_routechange(struct sockaddr *); -extern void key_sa_stir_iv(struct secasvar *); - -/* to keep compatibility with FAST_IPSEC */ -#define KEY_ALLOCSA(dst, proto, spi) \ - key_allocsa(((struct sockaddr *)(dst))->sa_family,\ - (caddr_t)&(((struct sockaddr_in *)(dst))->sin_addr),\ - (caddr_t)&(((struct sockaddr_in *)(dst))->sin_addr),\ - proto, spi) -#define KEY_FREESAV(psav) \ - key_freesav(*psav) - -#ifdef MALLOC_DECLARE -MALLOC_DECLARE(M_SECA); -#endif /* MALLOC_DECLARE */ - -#endif /* defined(_KERNEL) */ -#endif /* _NETKEY_KEY_H_ */ diff --git a/sys/netkey/key_debug.h b/sys/netkey/key_debug.h deleted file mode 100644 index 435d923..0000000 --- a/sys/netkey/key_debug.h +++ /dev/null @@ -1,88 +0,0 @@ -/* $FreeBSD$ */ -/* $KAME: key_debug.h,v 1.11 2002/11/05 03:48:34 itojun Exp $ */ - -/*- - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef _NETKEY_KEY_DEBUG_H_ -#define _NETKEY_KEY_DEBUG_H_ - -#ifdef _KERNEL -/* debug flags */ -#define KEYDEBUG_STAMP 0x00000001 /* path */ -#define KEYDEBUG_DATA 0x00000002 /* data */ -#define KEYDEBUG_DUMP 0x00000004 /* dump */ - -#define KEYDEBUG_KEY 0x00000010 /* key processing */ -#define KEYDEBUG_ALG 0x00000020 /* ciph & auth algorithm */ -#define KEYDEBUG_IPSEC 0x00000040 /* ipsec processing */ - -#define KEYDEBUG_KEY_STAMP (KEYDEBUG_KEY | KEYDEBUG_STAMP) -#define KEYDEBUG_KEY_DATA (KEYDEBUG_KEY | KEYDEBUG_DATA) -#define KEYDEBUG_KEY_DUMP (KEYDEBUG_KEY | KEYDEBUG_DUMP) -#define KEYDEBUG_ALG_STAMP (KEYDEBUG_ALG | KEYDEBUG_STAMP) -#define KEYDEBUG_ALG_DATA (KEYDEBUG_ALG | KEYDEBUG_DATA) -#define KEYDEBUG_ALG_DUMP (KEYDEBUG_ALG | KEYDEBUG_DUMP) -#define KEYDEBUG_IPSEC_STAMP (KEYDEBUG_IPSEC | KEYDEBUG_STAMP) -#define KEYDEBUG_IPSEC_DATA (KEYDEBUG_IPSEC | KEYDEBUG_DATA) -#define KEYDEBUG_IPSEC_DUMP (KEYDEBUG_IPSEC | KEYDEBUG_DUMP) - -#define KEYDEBUG(lev,arg) \ - do { if ((key_debug_level & (lev)) == (lev)) { arg; } } while (/*CONSTCOND*/ 0) - -extern u_int32_t key_debug_level; -#endif /*_KERNEL*/ - -struct sadb_msg; -struct sadb_ext; -extern void kdebug_sadb(struct sadb_msg *); -extern void kdebug_sadb_x_policy(struct sadb_ext *); - -#ifdef _KERNEL -struct secpolicy; -struct secpolicyindex; -struct secasindex; -struct secasvar; -struct secreplay; -struct mbuf; -extern void kdebug_secpolicy(struct secpolicy *); -extern void kdebug_secpolicyindex(struct secpolicyindex *); -extern void kdebug_secasindex(struct secasindex *); -extern void kdebug_secasv(struct secasvar *); -extern void kdebug_mbufhdr(struct mbuf *); -extern void kdebug_mbuf(struct mbuf *); -#endif /*_KERNEL*/ - -struct sockaddr; -extern void kdebug_sockaddr(struct sockaddr *); - -extern void ipsec_hexdump(caddr_t, int); -extern void ipsec_bindump(caddr_t, int); - -#endif /* _NETKEY_KEY_DEBUG_H_ */ diff --git a/sys/netkey/key_var.h b/sys/netkey/key_var.h deleted file mode 100644 index 91b5d3b..0000000 --- a/sys/netkey/key_var.h +++ /dev/null @@ -1,58 +0,0 @@ -/* $FreeBSD$ */ -/* $KAME: key_var.h,v 1.12 2001/11/06 03:48:29 itojun Exp $ */ - -/*- - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef _NETKEY_KEY_VAR_H_ -#define _NETKEY_KEY_VAR_H_ - -/* sysctl */ -#define KEYCTL_DEBUG_LEVEL 1 -#define KEYCTL_SPI_TRY 2 -#define KEYCTL_SPI_MIN_VALUE 3 -#define KEYCTL_SPI_MAX_VALUE 4 -#define KEYCTL_RANDOM_INT 5 -#define KEYCTL_LARVAL_LIFETIME 6 -#define KEYCTL_BLOCKACQ_COUNT 7 -#define KEYCTL_BLOCKACQ_LIFETIME 8 -#define KEYCTL_ESP_KEYMIN 9 -#define KEYCTL_ESP_AUTH 10 -#define KEYCTL_AH_KEYMIN 11 -#define KEYCTL_PREFERED_OLDSA 12 -#define KEYCTL_MAXID 13 - -#ifdef _KERNEL -#define _ARRAYLEN(p) (sizeof(p)/sizeof(p[0])) -#define _KEYLEN(key) ((u_int)((key)->sadb_key_bits >> 3)) -#define _KEYBITS(key) ((u_int)((key)->sadb_key_bits)) -#define _KEYBUF(key) ((caddr_t)((caddr_t)(key) + sizeof(struct sadb_key))) -#endif /*_KERNEL*/ - -#endif /* _NETKEY_KEY_VAR_H_ */ diff --git a/sys/netkey/keydb.h b/sys/netkey/keydb.h deleted file mode 100644 index b325362..0000000 --- a/sys/netkey/keydb.h +++ /dev/null @@ -1,184 +0,0 @@ -/* $FreeBSD$ */ -/* $KAME: keydb.h,v 1.24 2003/09/07 15:12:10 itojun Exp $ */ - -/*- - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef _NETKEY_KEYDB_H_ -#define _NETKEY_KEYDB_H_ - -#ifdef _KERNEL - -#include <netkey/key_var.h> - -#ifndef _SOCKADDR_UNION_DEFINED -#define _SOCKADDR_UNION_DEFINED -/* - * The union of all possible address formats we handle. - */ -union sockaddr_union { - struct sockaddr sa; - struct sockaddr_in sin; - struct sockaddr_in6 sin6; -}; -#endif /* _SOCKADDR_UNION_DEFINED */ - -/* Security Assocciation Index */ -/* NOTE: Ensure to be same address family */ -struct secasindex { - struct sockaddr_storage src; /* srouce address for SA */ - struct sockaddr_storage dst; /* destination address for SA */ - u_int16_t proto; /* IPPROTO_ESP or IPPROTO_AH */ - u_int8_t mode; /* mode of protocol, see ipsec.h */ - u_int32_t reqid; /* reqid id who owned this SA */ - /* see IPSEC_MANUAL_REQID_MAX. */ -}; - -/* Security Association Data Base */ -struct secashead { - LIST_ENTRY(secashead) chain; - - struct secasindex saidx; - - struct sadb_ident *idents; /* source identity */ - struct sadb_ident *identd; /* destination identity */ - /* XXX I don't know how to use them. */ - - u_int8_t state; /* MATURE or DEAD. */ - LIST_HEAD(_satree, secasvar) savtree[SADB_SASTATE_MAX+1]; - /* SA chain */ - /* The first of this list is newer SA */ - - union { - struct route sau_route; - struct route_in6 sau_route6; - } sa_u; -#define sa_route sa_u.sau_route -}; - -/* Security Association */ -struct secasvar { - TAILQ_ENTRY(secasvar) tailq; - LIST_ENTRY(secasvar) chain; - LIST_ENTRY(secasvar) spihash; - - int refcnt; /* reference count */ - u_int8_t state; /* Status of this Association */ - - u_int8_t alg_auth; /* Authentication Algorithm Identifier*/ - u_int8_t alg_enc; /* Cipher Algorithm Identifier */ - u_int32_t spi; /* SPI Value, network byte order */ - u_int32_t flags; /* holder for SADB_KEY_FLAGS */ - - struct sadb_key *key_auth; /* Key for Authentication */ - struct sadb_key *key_enc; /* Key for Encryption */ - caddr_t iv; /* Initilization Vector */ - u_int ivlen; /* length of IV */ - void *sched; /* intermediate encryption key */ - size_t schedlen; - - struct secreplay *replay; /* replay prevention */ - long created; /* for lifetime */ - - struct sadb_lifetime *lft_c; /* CURRENT lifetime, it's constant. */ - struct sadb_lifetime *lft_h; /* HARD lifetime */ - struct sadb_lifetime *lft_s; /* SOFT lifetime */ - - u_int64_t seq; /* sequence number */ - pid_t pid; /* message's pid */ - - struct secashead *sah; /* back pointer to the secashead */ - - u_int32_t id; /* SA id */ -}; - -/* replay prevention */ -struct secreplay { - u_int64_t count; - u_int wsize; /* window size, i.g. 4 bytes */ - u_int64_t seq; /* used by sender */ - u_int64_t lastseq; /* used by receiver */ - u_int8_t *bitmap; /* used by receiver */ - int overflow; /* what round does the counter take. */ -}; - -/* socket table due to send PF_KEY messages. */ -struct secreg { - LIST_ENTRY(secreg) chain; - - struct socket *so; -}; - -#ifndef IPSEC_NONBLOCK_ACQUIRE -/* acquiring list table. */ -struct secacq { - LIST_ENTRY(secacq) chain; - - struct secasindex saidx; - - u_int32_t seq; /* sequence number */ - long created; /* for lifetime */ - int count; /* for lifetime */ -}; -#endif - -/* Sensitivity Level Specification */ -/* nothing */ - -#define SADB_KILL_INTERVAL 600 /* six seconds */ - -struct key_cb { - int key_count; - int any_count; -}; - -/* secpolicy */ -struct secpolicy; -struct secpolicyindex; -extern struct secpolicy *keydb_newsecpolicy(void); -extern u_int32_t keydb_newspid(void); -extern void keydb_delsecpolicy(struct secpolicy *); -extern int keydb_setsecpolicyindex - (struct secpolicy *, struct secpolicyindex *); -/* secashead */ -extern struct secashead *keydb_newsecashead(void); -extern void keydb_delsecashead(struct secashead *); -/* secasvar */ -extern struct secasvar *keydb_newsecasvar(void); -extern void keydb_delsecasvar(struct secasvar *); -/* secreplay */ -extern struct secreplay *keydb_newsecreplay(size_t); -extern void keydb_delsecreplay(struct secreplay *); -/* secreg */ -extern struct secreg *keydb_newsecreg(void); -extern void keydb_delsecreg(struct secreg *); - -#endif /* _KERNEL */ - -#endif /* _NETKEY_KEYDB_H_ */ diff --git a/sys/netkey/keysock.h b/sys/netkey/keysock.h deleted file mode 100644 index 0422517..0000000 --- a/sys/netkey/keysock.h +++ /dev/null @@ -1,81 +0,0 @@ -/* $FreeBSD$ */ -/* $KAME: keysock.h,v 1.9 2002/03/21 14:00:14 itojun Exp $ */ - -/*- - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef _NETKEY_KEYSOCK_H_ -#define _NETKEY_KEYSOCK_H_ - -/* statistics for pfkey socket */ -struct pfkeystat { - /* userland -> kernel */ - u_quad_t out_total; /* # of total calls */ - u_quad_t out_bytes; /* total bytecount */ - u_quad_t out_msgtype[256]; /* message type histogram */ - u_quad_t out_invlen; /* invalid length field */ - u_quad_t out_invver; /* invalid version field */ - u_quad_t out_invmsgtype; /* invalid message type field */ - u_quad_t out_tooshort; /* msg too short */ - u_quad_t out_nomem; /* memory allocation failure */ - u_quad_t out_dupext; /* duplicate extension */ - u_quad_t out_invexttype; /* invalid extension type */ - u_quad_t out_invsatype; /* invalid sa type */ - u_quad_t out_invaddr; /* invalid address extension */ - /* kernel -> userland */ - u_quad_t in_total; /* # of total calls */ - u_quad_t in_bytes; /* total bytecount */ - u_quad_t in_msgtype[256]; /* message type histogram */ - u_quad_t in_msgtarget[3]; /* one/all/registered */ - u_quad_t in_nomem; /* memory allocation failure */ - /* others */ - u_quad_t sockerr; /* # of socket related errors */ -}; - -#define KEY_SENDUP_ONE 0 -#define KEY_SENDUP_ALL 1 -#define KEY_SENDUP_REGISTERED 2 - -#ifdef _KERNEL -struct keycb { - struct rawcb kp_raw; /* rawcb */ - int kp_promisc; /* promiscuous mode */ - int kp_registered; /* registered socket */ -}; - -extern struct pfkeystat pfkeystat; - -extern int key_output(struct mbuf *m, struct socket *so); -extern int key_usrreq(struct socket *, - int, struct mbuf *, struct mbuf *, struct mbuf *); - -extern int key_sendup_mbuf(struct socket *, struct mbuf *, int); -#endif /* _KERNEL */ - -#endif /*_NETKEY_KEYSOCK_H_*/ |