1/* $FreeBSD: head/sys/netipsec/ipsec.h 119643 2003-09-01 05:35:55Z sam $ */ |
2/* $KAME: ipsec.h,v 1.53 2001/11/20 08:32:38 itojun Exp $ */ 3 4/* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions --- 56 unchanged lines hidden (view full) --- 66 gid_t gids; 67 gid_t gidd; 68#endif 69}; 70 71/* Security Policy Data Base */ 72struct secpolicy { 73 LIST_ENTRY(secpolicy) chain; |
74 struct mtx lock; |
75 76 u_int refcnt; /* reference count */ 77 struct secpolicyindex spidx; /* selector */ 78 u_int32_t id; /* It's unique number on the system. */ 79 u_int state; /* 0: dead, others: alive */ 80#define IPSEC_SPSTATE_DEAD 0 81#define IPSEC_SPSTATE_ALIVE 1 82 --- 21 unchanged lines hidden (view full) --- 104 /* pointer to next structure */ 105 /* If NULL, it means the end of chain. */ 106 struct secasindex saidx;/* hint for search proper SA */ 107 /* if __ss_len == 0 then no address specified.*/ 108 u_int level; /* IPsec level defined below. */ 109 110 struct secasvar *sav; /* place holder of SA for use */ 111 struct secpolicy *sp; /* back pointer to SP */ |
112 struct mtx lock; /* to interlock updates */ |
113}; 114 115/* security policy in PCB */ 116struct inpcbpolicy { 117 struct secpolicy *sp_in; 118 struct secpolicy *sp_out; 119 int priv; /* privileged socket ? */ 120}; --- 198 unchanged lines hidden (view full) --- 319extern int ip4_ipsec_ecn; 320extern int ip4_esp_randpad; 321extern int crypto_support; 322 323#define ipseclog(x) do { if (ipsec_debug) log x; } while (0) 324/* for openbsd compatibility */ 325#define DPRINTF(x) do { if (ipsec_debug) printf x; } while (0) 326 |
327extern struct ipsecrequest *ipsec_newisr(void); 328extern void ipsec_delisr(struct ipsecrequest *); 329 |
330struct tdb_ident; 331extern struct secpolicy *ipsec_getpolicy __P((struct tdb_ident*, u_int)); 332struct inpcb; 333extern struct secpolicy *ipsec4_checkpolicy __P((struct mbuf *, u_int, u_int, 334 int *, struct inpcb *)); 335extern struct secpolicy *ipsec_getpolicybysock(struct mbuf *, u_int, 336 struct inpcb *, int *); 337extern struct secpolicy * ipsec_getpolicybyaddr(struct mbuf *, u_int, --- 60 unchanged lines hidden --- |