1/* 2 * Copyright (c) 2004 Apple Computer, Inc. All rights reserved. 3 * 4 * @APPLE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. Please obtain a copy of the License at 10 * http://www.opensource.apple.com/apsl/ and read it before using this 11 * file. 12 * 13 * The Original Code and all software distributed under the License are 14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 18 * Please see the License for the specific language governing rights and 19 * limitations under the License. 20 * 21 * @APPLE_LICENSE_HEADER_END@ 22 */ 23 24#ifndef __IPSEC_UTILS_H__ 25#define __IPSEC_UTILS_H__ 26 27#include <sys/kern_event.h> 28#include "scnc_main.h" 29 30/* IKE Configuration */ 31void IPSecConfigureVerboseLogging(CFMutableDictionaryRef ipsec_dict, int verbose_logging); 32int IPSecValidateConfiguration(CFDictionaryRef ipsec_dict, char **error_text); 33int IPSecApplyConfiguration(CFDictionaryRef ipsec_dict, char **error_text); 34int IPSecRemoveConfiguration(CFDictionaryRef ipsec_dict, char **error_text); 35int IPSecRemoveConfigurationFile(CFDictionaryRef ipsec_dict, char **error_text); 36int IPSecKickConfiguration(); 37 38int IPSecSelfRepair(); 39int IPSecFlushAll(); 40 41/* Kernel Policies */ 42int IPSecCountPolicies(CFDictionaryRef ipsec_dict); 43int IPSecInstallPolicies(CFDictionaryRef ipsec_dict, CFIndex index, char **error_text); 44int IPSecRemovePolicies(CFDictionaryRef ipsec_dict, CFIndex index, char **error_text); 45int IPSecInstallRoutes(struct service *serv, CFDictionaryRef ipsec_dict, CFIndex index, char **error_text, struct in_addr gateway); 46int IPSecRemoveRoutes(struct service *serv, CFDictionaryRef ipsec_dict, CFIndex index, char **error_text, struct in_addr gateway); 47 48/* Kernel Security Associations */ 49int IPSecRemoveSecurityAssociations(struct sockaddr *src, struct sockaddr *dst); 50int IPSecSetSecurityAssociationsPreference(int *oldval, int newval); 51 52/* Functions to manipulate well known configurations */ 53CFMutableDictionaryRef 54IPSecCreateL2TPDefaultConfiguration(struct sockaddr_in *src, struct sockaddr_in *dst, char *dst_hostName, 55 CFStringRef authenticationMethod, int isClient, int natt_multiple_users, CFStringRef identifierVerification); 56CFMutableDictionaryRef 57IPSecCreateCiscoDefaultConfiguration(struct sockaddr_in *src, struct sockaddr_in *dst, CFStringRef dst_hostName, 58 CFStringRef authenticationMethod, int isClient, int natt_multiple_users, CFStringRef identifierVerification); 59 60/* Miscellaneous */ 61int get_src_address(struct sockaddr *src, const struct sockaddr *dst, char *if_name); 62u_int32_t get_if_media(char *if_name); 63u_int32_t get_if_baudrate(char *if_name); 64u_int32_t get_if_mtu(char *if_name); 65 66void IPSecLogVPNInterfaceAddressEvent (const char *location, 67 struct kern_event_msg *ev_msg, 68 int wait_interface_timeout, 69 char *interface, 70 struct in_addr *our_address); 71 72void update_service_route (struct service *serv, 73 in_addr_t local_addr, 74 in_addr_t local_mask, 75 in_addr_t dest_addr, 76 in_addr_t dest_mask, 77 in_addr_t gtwy_addr, 78 uint16_t flags, 79 int installed); 80void free_service_routes (struct service *serv); 81 82/* creates a directory path from string */ 83int makepath( char *path); 84 85int racoon_validate_cfg_str (char *str_buf); 86 87#endif 88