ip_ipsp.h revision 1.2 
1/*
2 * The author of this code is John Ioannidis, ji@tla.org,
3 * 	(except when noted otherwise).
4 *
5 * This code was written for BSD/OS in Athens, Greece, in November 1995.
6 *
7 * Ported to OpenBSD and NetBSD, with additional transforms, in December 1996,
8 * by Angelos D. Keromytis, kermit@forthnet.gr.
9 *
10 * Copyright (C) 1995, 1996, 1997 by John Ioannidis and Angelos D. Keromytis.
11 *
12 * Permission to use, copy, and modify this software without fee
13 * is hereby granted, provided that this entire notice is included in
14 * all copies of any software which is or includes a copy or
15 * modification of this software.
16 *
17 * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
18 * IMPLIED WARRANTY. IN PARTICULAR, NEITHER AUTHOR MAKES ANY
19 * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
20 * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
21 * PURPOSE.
22 */
23
24/*
25 * IPSP global definitions.
26 */
27
28struct tdb				/* tunnel descriptor block */
29{
30	struct tdb	*tdb_hnext;	/* next in hash chain */
31	struct tdb	*tdb_onext;	/* next in output */
32	struct tdb	*tdb_inext;	/* next in input (prev!) */
33	u_long		tdb_spi;	/* SPI to use */
34	struct in_addr	tdb_dst;	/* dest address for this SPI */
35	struct ifnet	*tdb_rcvif;	/* related rcv encap interface */
36	struct xformsw	*tdb_xform;	/* transformation to use */
37	caddr_t		tdb_xdata;	/* transformation data (opaque) */
38};
39
40#define TDB_HASHMOD	257
41
42struct xformsw
43{
44	u_short		xf_type;	/* Unique ID of xform */
45	u_short		xf_flags;	/* flags (see below) */
46	char		*xf_name;	/* human-readable name */
47	int		(*xf_attach)(void);	/* called at config time */
48	int		(*xf_init)(struct tdb *, struct xformsw *, struct mbuf *);	/* xform initialization */
49	int		(*xf_zeroize)(struct tdb *); /* termination */
50	struct mbuf 	*(*xf_input)(struct mbuf *, struct tdb *);	/* called when packet received */
51	int		(*xf_output)(struct mbuf *, struct sockaddr_encap *, struct tdb *, struct mbuf **);	/* called when packet sent */
52};
53
54#define XF_IP4		1		/* IP inside IP */
55#define XF_AHMD5	2		/* AH MD5 */
56#define XF_AHSHA1	3		/* AH SHA */
57#define XF_ESPDES	4		/* ESP DES-CBC */
58#define XF_ESP3DES	5		/* ESP DES3-CBC */
59#define XF_AHHMACMD5	6		/* AH-HMAC-MD5 with opt replay prot */
60#define XF_AHHMACSHA1	7		/* AH-HMAC-SHA1 with opt replay prot */
61#define XF_ESPDESMD5	8		/* ESP DES-CBC + MD5 */
62#define XF_ESP3DESMD5	9		/* ESP 3DES-CBC + MD5 */
63
64#define XFT_AUTH	0x0001
65#define XFT_CONF	0x0100
66
67#define IPSEC_ZEROES_SIZE	64
68
69#if BYTE_ORDER == LITTLE_ENDIAN
70static __inline u_int64_t
71htonq(u_int64_t q)
72{
73        register u_int32_t u, l;
74        u = q >> 32;
75        l = (u_int32_t) q;
76
77        return htonl(u) | ((u_int64_t)htonl(l) << 32);
78}
79
80#define ntohq(_x) htonq(_x)
81
82#elif BYTE_ORDER == BIG_ENDIAN
83
84#define htonq(_x) (_x)
85#define ntohq(_x) htonq(_x)
86
87#else
88#error  "Please fix <machine/endian.h>"
89#endif
90
91extern unsigned char ipseczeroes[];
92
93#ifdef _KERNEL
94#undef ENCDEBUG
95extern int encdebug;
96
97struct tdb *tdbh[TDB_HASHMOD];
98extern struct xformsw xformsw[], *xformswNXFORMSW;
99
100extern struct tdb *gettdb(u_long, struct in_addr);
101extern void puttdb(struct tdb *);
102extern int tdb_delete(struct tdb *, int);
103
104extern int ipe4_attach(void), ipe4_init(struct tdb *, struct xformsw *, struct mbuf *), ipe4_zeroize(struct tdb *);
105extern int ipe4_output(struct mbuf *, struct sockaddr_encap *, struct tdb *, struct mbuf **);
106extern void ipe4_input __P((struct mbuf *, ...));
107
108extern int ahmd5_attach(void), ahmd5_init(struct tdb *, struct xformsw *, struct mbuf *), ahmd5_zeroize(struct tdb *);
109extern int ahmd5_output(struct mbuf *, struct sockaddr_encap *, struct tdb *, struct mbuf **);
110extern struct mbuf *ahmd5_input(struct mbuf *, struct tdb *);
111
112extern int ahhmacmd5_attach(void), ahhmacmd5_init(struct tdb *, struct xformsw *, struct mbuf *), ahhmacmd5_zeroize(struct tdb *);
113extern int ahhmacmd5_output(struct mbuf *, struct sockaddr_encap *, struct tdb *, struct mbuf **);
114extern struct mbuf *ahhmacmd5_input(struct mbuf *, struct tdb *);
115
116extern int ahhmacsha1_attach(void), ahhmacsha1_init(struct tdb *, struct xformsw *, struct mbuf *), ahhmacsha1_zeroize(struct tdb *);
117extern int ahhmacsha1_output(struct mbuf *, struct sockaddr_encap *, struct tdb *, struct mbuf **);
118extern struct mbuf *ahhmacsha1_input(struct mbuf *, struct tdb *);
119
120extern int espdes_attach(void), espdes_init(struct tdb *, struct xformsw *, struct mbuf *), espdes_zeroize(struct tdb *);
121extern int espdes_output(struct mbuf *, struct sockaddr_encap *, struct tdb *, struct mbuf **);
122extern struct mbuf *espdes_input(struct mbuf *, struct tdb *);
123
124extern int espdesmd5_attach(void), espdesmd5_init(struct tdb *, struct xformsw *, struct mbuf *), espdesmd5_zeroize(struct tdb *);
125extern int espdesmd5_output(struct mbuf *, struct sockaddr_encap *, struct tdb *, struct mbuf **);
126extern struct mbuf *espdesmd5_input(struct mbuf *, struct tdb *);
127
128extern int esp3desmd5_attach(void), esp3desmd5_init(struct tdb *, struct xformsw *, struct mbuf *), esp3desmd5_zeroize(struct tdb *);
129extern int esp3desmd5_output(struct mbuf *, struct sockaddr_encap *, struct tdb *, struct mbuf **);
130extern struct mbuf *esp3desmd5_input(struct mbuf *, struct tdb *);
131
132extern caddr_t m_pad(struct mbuf *, int);
133extern int checkreplaywindow32(u_int32_t, u_int32_t, u_int32_t *, u_int32_t, u_int32_t *);
134extern int checkreplaywindow64(u_int64_t, u_int64_t *, u_int64_t, u_int64_t *);
135#endif
136