[apple/network_cmds.git] / racoon.tproj / ipsec_doi.h

/*	$KAME: ipsec_doi.h,v 1.34 2001/08/16 06:20:35 itojun Exp $	*/

/*
 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
 * All rights reserved.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. Neither the name of the project nor the names of its contributors
 *    may be used to endorse or promote products derived from this software
 *    without specific prior written permission.
 * 
 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 */

/* refered to RFC2407 */

#define IPSEC_DOI 1

/* 4.2 IPSEC Situation Definition */
#define IPSECDOI_SIT_IDENTITY_ONLY           0x00000001
#define IPSECDOI_SIT_SECRECY                 0x00000002
#define IPSECDOI_SIT_INTEGRITY               0x00000004

/* 4.4.1 IPSEC Security Protocol Identifiers */
  /* 4.4.2 IPSEC ISAKMP Transform Values */
#define IPSECDOI_PROTO_ISAKMP                        1
#define   IPSECDOI_KEY_IKE                             1

/* 4.4.1 IPSEC Security Protocol Identifiers */
#define IPSECDOI_PROTO_IPSEC_AH                      2
  /* 4.4.3 IPSEC AH Transform Values */
#define   IPSECDOI_AH_MD5                              2
#define   IPSECDOI_AH_SHA                              3
#define   IPSECDOI_AH_DES                              4
#define   IPSECDOI_AH_SHA2_256                         5
#define   IPSECDOI_AH_SHA2_384                         6
#define   IPSECDOI_AH_SHA2_512                         7

/* 4.4.1 IPSEC Security Protocol Identifiers */
#define IPSECDOI_PROTO_IPSEC_ESP                     3
  /* 4.4.4 IPSEC ESP Transform Identifiers */
#define   IPSECDOI_ESP_DES_IV64                        1
#define   IPSECDOI_ESP_DES                             2
#define   IPSECDOI_ESP_3DES                            3
#define   IPSECDOI_ESP_RC5                             4
#define   IPSECDOI_ESP_IDEA                            5
#define   IPSECDOI_ESP_CAST                            6
#define   IPSECDOI_ESP_BLOWFISH				7
#define   IPSECDOI_ESP_3IDEA                           8
#define   IPSECDOI_ESP_DES_IV32                        9
#define   IPSECDOI_ESP_RC4                            10
#define   IPSECDOI_ESP_NULL                           11
#define   IPSECDOI_ESP_RIJNDAEL				12
#define   IPSECDOI_ESP_AES				12
#if 1
  /* draft-ietf-ipsec-ciph-aes-cbc-00.txt */
#define   IPSECDOI_ESP_TWOFISH				253
#else
  /* SSH uses these value for now */
#define   IPSECDOI_ESP_TWOFISH				250
#endif

/* 4.4.1 IPSEC Security Protocol Identifiers */
#define IPSECDOI_PROTO_IPCOMP                        4
  /* 4.4.5 IPSEC IPCOMP Transform Identifiers */
#define   IPSECDOI_IPCOMP_OUI                          1
#define   IPSECDOI_IPCOMP_DEFLATE                      2
#define   IPSECDOI_IPCOMP_LZS                          3

/* 4.5 IPSEC Security Association Attributes */
/* NOTE: default value is not included in a packet. */
#define IPSECDOI_ATTR_SA_LD_TYPE              1 /* B */
#define   IPSECDOI_ATTR_SA_LD_TYPE_DEFAULT      1
#define   IPSECDOI_ATTR_SA_LD_TYPE_SEC          1
#define   IPSECDOI_ATTR_SA_LD_TYPE_KB           2
#define   IPSECDOI_ATTR_SA_LD_TYPE_MAX          3
#define IPSECDOI_ATTR_SA_LD                   2 /* V */
#define   IPSECDOI_ATTR_SA_LD_SEC_DEFAULT      28800 /* 8 hours */
#define   IPSECDOI_ATTR_SA_LD_KB_MAX  (~(1 << ((sizeof(int) << 3) - 1)))
#define IPSECDOI_ATTR_GRP_DESC                3 /* B */
#define IPSECDOI_ATTR_ENC_MODE                4 /* B */
	/* default value: host dependent */
#define   IPSECDOI_ATTR_ENC_MODE_ANY            0	/* NOTE:internal use */
#define   IPSECDOI_ATTR_ENC_MODE_TUNNEL         1
#define   IPSECDOI_ATTR_ENC_MODE_TRNS           2
#define   IPSECDOI_ATTR_ENC_MODE_UDP_TUNNEL		3	/* UDP Encapsulated IPSec, NAT-T */
#define   IPSECDOI_ATTR_ENC_MODE_UDP_TRNS		4	/* UDP Encapsulated IPSec, NAT-T */
#define IPSECDOI_ATTR_AUTH                    5 /* B */
	/* 0 means not to use authentication. */
#define   IPSECDOI_ATTR_AUTH_HMAC_MD5           1
#define   IPSECDOI_ATTR_AUTH_HMAC_SHA1          2
#define   IPSECDOI_ATTR_AUTH_DES_MAC            3
#define   IPSECDOI_ATTR_AUTH_KPDK               4 /*RFC-1826(Key/Pad/Data/Key)*/
#define   IPSECDOI_ATTR_SHA2_256                5
#define   IPSECDOI_ATTR_SHA2_384                6
#define   IPSECDOI_ATTR_SHA2_512                7
#define   IPSECDOI_ATTR_AUTH_NONE               254	/* NOTE:internal use */
	/*
	 * When negotiating ESP without authentication, the Auth
	 * Algorithm attribute MUST NOT be included in the proposal.
	 * When negotiating ESP without confidentiality, the Auth
	 * Algorithm attribute MUST be included in the proposal and
	 * the ESP transform ID must be ESP_NULL.
	*/
#define IPSECDOI_ATTR_KEY_LENGTH              6 /* B */
#define IPSECDOI_ATTR_KEY_ROUNDS              7 /* B */
#define IPSECDOI_ATTR_COMP_DICT_SIZE          8 /* B */
#define IPSECDOI_ATTR_COMP_PRIVALG            9 /* V */

/* 4.6.1 Security Association Payload */
struct ipsecdoi_pl_sa {
	struct isakmp_gen h;
	struct ipsecdoi_sa_b {
		u_int32_t doi; /* Domain of Interpretation */
		u_int32_t sit; /* Situation */
	} b;
	/* followed by Leveled Domain Identifier and so on. */
} __attribute__((__packed__));

struct ipsecdoi_secrecy_h {
	u_int16_t len;
	u_int16_t reserved;
	/* followed by the value */
} __attribute__((__packed__));

/* 4.6.2 Identification Payload Content */
struct ipsecdoi_pl_id {
	struct isakmp_gen h;
	struct ipsecdoi_id_b {
		u_int8_t type;		/* ID Type */
		u_int8_t proto_id;	/* Protocol ID */
		u_int16_t port;		/* Port */
	} b;
	/* followed by Identification Data */
} __attribute__((__packed__));

#define IPSECDOI_ID_IPV4_ADDR                        1
#define IPSECDOI_ID_FQDN                             2
#define IPSECDOI_ID_USER_FQDN                        3
#define IPSECDOI_ID_IPV4_ADDR_SUBNET                 4
#define IPSECDOI_ID_IPV6_ADDR                        5
#define IPSECDOI_ID_IPV6_ADDR_SUBNET                 6
#define IPSECDOI_ID_IPV4_ADDR_RANGE                  7
#define IPSECDOI_ID_IPV6_ADDR_RANGE                  8
#define IPSECDOI_ID_DER_ASN1_DN                      9
#define IPSECDOI_ID_DER_ASN1_GN                      10
#define IPSECDOI_ID_KEY_ID                           11

/* compressing doi type, it's internal use. */
#define IDTYPE_FQDN		0
#define IDTYPE_USERFQDN		1
#define IDTYPE_KEYID		2
#define IDTYPE_ADDRESS		3
#define IDTYPE_ASN1DN		4

/* shared secret type, it's internal use. */
#define SECRETTYPE_USE		0
#define SECRETTYPE_KEY		1
#define SECRETTYPE_KEYCHAIN	2

/* The use for checking proposal payload. This is not exchange type. */
#define IPSECDOI_TYPE_PH1	0
#define IPSECDOI_TYPE_PH2	1

struct isakmpsa;
struct ipsecdoi_pl_sa;
struct saprop;
struct saproto;
struct satrns;
struct prop_pair;

extern int ipsecdoi_checkph1proposal __P((vchar_t *, struct ph1handle *));
extern int ipsecdoi_selectph2proposal __P((struct ph2handle *));
extern int ipsecdoi_checkph2proposal __P((struct ph2handle *));

extern struct prop_pair **get_proppair __P((vchar_t *, int));
extern vchar_t *get_sabyproppair __P((struct prop_pair *, struct ph1handle *));
extern int ipsecdoi_updatespi __P((struct ph2handle *iph2));
extern vchar_t *get_sabysaprop __P((struct saprop *, vchar_t *));
extern int ipsecdoi_checkid1 __P((struct ph1handle *));
extern int ipsecdoi_setid1 __P((struct ph1handle *));
extern int set_identifier __P((vchar_t **, int, vchar_t *));
extern int ipsecdoi_setid2 __P((struct ph2handle *));
extern vchar_t *ipsecdoi_sockaddr2id __P((struct sockaddr *, u_int, u_int));
extern int ipsecdoi_id2sockaddr __P((vchar_t *, struct sockaddr *,
	u_int8_t *, u_int16_t *));
extern const char *ipsecdoi_id2str __P((const vchar_t *));

extern vchar_t *ipsecdoi_setph1proposal __P((struct isakmpsa *));
extern int ipsecdoi_setph2proposal __P((struct ph2handle *));
extern int ipsecdoi_transportmode __P((struct ph2handle *));
extern int ipsecdoi_get_defaultlifetime __P((void));
extern int ipsecdoi_checkalgtypes __P((int, int, int, int));
extern int ipproto2doi __P((int));
extern int doi2ipproto __P((int));

extern int ipsecdoi_t2satrns __P((struct isakmp_pl_t *,
	struct saprop *, struct saproto *, struct satrns *));
extern int ipsecdoi_authalg2trnsid __P((int));
extern int idtype2doi __P((int));
extern int doi2idtype __P((int));
Commit	Line	Data
ac2f15b3	1	/* $KAME: ipsec_doi.h,v 1.34 2001/08/16 06:20:35 itojun Exp $ */
7ba0088d A	2
	3	/*
	4	* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
	5	* All rights reserved.
	6	*
	7	* Redistribution and use in source and binary forms, with or without
	8	* modification, are permitted provided that the following conditions
	9	* are met:
	10	* 1. Redistributions of source code must retain the above copyright
	11	* notice, this list of conditions and the following disclaimer.
	12	* 2. Redistributions in binary form must reproduce the above copyright
	13	* notice, this list of conditions and the following disclaimer in the
	14	* documentation and/or other materials provided with the distribution.
	15	* 3. Neither the name of the project nor the names of its contributors
	16	* may be used to endorse or promote products derived from this software
	17	* without specific prior written permission.
	18	*
	19	* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
	20	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	21	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	22	* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
	23	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	24	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	25	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	26	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	27	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	28	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	29	* SUCH DAMAGE.
	30	*/
	31
	32	/* refered to RFC2407 */
	33
	34	#define IPSEC_DOI 1
	35
	36	/* 4.2 IPSEC Situation Definition */
	37	#define IPSECDOI_SIT_IDENTITY_ONLY 0x00000001
	38	#define IPSECDOI_SIT_SECRECY 0x00000002
	39	#define IPSECDOI_SIT_INTEGRITY 0x00000004
	40
	41	/* 4.4.1 IPSEC Security Protocol Identifiers */
	42	/* 4.4.2 IPSEC ISAKMP Transform Values */
	43	#define IPSECDOI_PROTO_ISAKMP 1
	44	#define IPSECDOI_KEY_IKE 1
	45
	46	/* 4.4.1 IPSEC Security Protocol Identifiers */
	47	#define IPSECDOI_PROTO_IPSEC_AH 2
	48	/* 4.4.3 IPSEC AH Transform Values */
	49	#define IPSECDOI_AH_MD5 2
	50	#define IPSECDOI_AH_SHA 3
	51	#define IPSECDOI_AH_DES 4
	52	#define IPSECDOI_AH_SHA2_256 5
	53	#define IPSECDOI_AH_SHA2_384 6
	54	#define IPSECDOI_AH_SHA2_512 7
	55
	56	/* 4.4.1 IPSEC Security Protocol Identifiers */
	57	#define IPSECDOI_PROTO_IPSEC_ESP 3
	58	/* 4.4.4 IPSEC ESP Transform Identifiers */
	59	#define IPSECDOI_ESP_DES_IV64 1
	60	#define IPSECDOI_ESP_DES 2
	61	#define IPSECDOI_ESP_3DES 3
	62	#define IPSECDOI_ESP_RC5 4
	63	#define IPSECDOI_ESP_IDEA 5
	64	#define IPSECDOI_ESP_CAST 6
	65	#define IPSECDOI_ESP_BLOWFISH 7
66	#define IPSECDOI_ESP_3IDEA 8
67	#define IPSECDOI_ESP_DES_IV32 9
68	#define IPSECDOI_ESP_RC4 10
69	#define IPSECDOI_ESP_NULL 11
70	#define IPSECDOI_ESP_RIJNDAEL 12
71	#define IPSECDOI_ESP_AES 12
72	#if 1
73	/* draft-ietf-ipsec-ciph-aes-cbc-00.txt */
74	#define IPSECDOI_ESP_TWOFISH 253
75	#else
76	/* SSH uses these value for now */
77	#define IPSECDOI_ESP_TWOFISH 250
78	#endif
79
80	/* 4.4.1 IPSEC Security Protocol Identifiers */
81	#define IPSECDOI_PROTO_IPCOMP 4
82	/* 4.4.5 IPSEC IPCOMP Transform Identifiers */
83	#define IPSECDOI_IPCOMP_OUI 1
84	#define IPSECDOI_IPCOMP_DEFLATE 2
85	#define IPSECDOI_IPCOMP_LZS 3
86
87	/* 4.5 IPSEC Security Association Attributes */
88	/* NOTE: default value is not included in a packet. */
89	#define IPSECDOI_ATTR_SA_LD_TYPE 1 /* B */
90	#define IPSECDOI_ATTR_SA_LD_TYPE_DEFAULT 1
91	#define IPSECDOI_ATTR_SA_LD_TYPE_SEC 1
92	#define IPSECDOI_ATTR_SA_LD_TYPE_KB 2
93	#define IPSECDOI_ATTR_SA_LD_TYPE_MAX 3
94	#define IPSECDOI_ATTR_SA_LD 2 /* V */
95	#define IPSECDOI_ATTR_SA_LD_SEC_DEFAULT 28800 /* 8 hours */
96	#define IPSECDOI_ATTR_SA_LD_KB_MAX (~(1 << ((sizeof(int) << 3) - 1)))
97	#define IPSECDOI_ATTR_GRP_DESC 3 /* B */
98	#define IPSECDOI_ATTR_ENC_MODE 4 /* B */
99	/* default value: host dependent */
100	#define IPSECDOI_ATTR_ENC_MODE_ANY 0 /* NOTE:internal use */
101	#define IPSECDOI_ATTR_ENC_MODE_TUNNEL 1
102	#define IPSECDOI_ATTR_ENC_MODE_TRNS 2
ac2f15b3 A	103	#define IPSECDOI_ATTR_ENC_MODE_UDP_TUNNEL 3 /* UDP Encapsulated IPSec, NAT-T */
ac2f15b3 A	104	#define IPSECDOI_ATTR_ENC_MODE_UDP_TRNS 4 /* UDP Encapsulated IPSec, NAT-T */
7ba0088d A	105	#define IPSECDOI_ATTR_AUTH 5 /* B */
	106	/* 0 means not to use authentication. */
	107	#define IPSECDOI_ATTR_AUTH_HMAC_MD5 1
	108	#define IPSECDOI_ATTR_AUTH_HMAC_SHA1 2
	109	#define IPSECDOI_ATTR_AUTH_DES_MAC 3
	110	#define IPSECDOI_ATTR_AUTH_KPDK 4 /RFC-1826(Key/Pad/Data/Key)/
	111	#define IPSECDOI_ATTR_SHA2_256 5
	112	#define IPSECDOI_ATTR_SHA2_384 6
	113	#define IPSECDOI_ATTR_SHA2_512 7
	114	#define IPSECDOI_ATTR_AUTH_NONE 254 /* NOTE:internal use */
	115	/*
	116	* When negotiating ESP without authentication, the Auth
	117	* Algorithm attribute MUST NOT be included in the proposal.
	118	* When negotiating ESP without confidentiality, the Auth
	119	* Algorithm attribute MUST be included in the proposal and
	120	* the ESP transform ID must be ESP_NULL.
	121	*/
	122	#define IPSECDOI_ATTR_KEY_LENGTH 6 /* B */
	123	#define IPSECDOI_ATTR_KEY_ROUNDS 7 /* B */
	124	#define IPSECDOI_ATTR_COMP_DICT_SIZE 8 /* B */
	125	#define IPSECDOI_ATTR_COMP_PRIVALG 9 /* V */
	126
	127	/* 4.6.1 Security Association Payload */
	128	struct ipsecdoi_pl_sa {
	129	struct isakmp_gen h;
	130	struct ipsecdoi_sa_b {
	131	u_int32_t doi; /* Domain of Interpretation */
	132	u_int32_t sit; /* Situation */
	133	} b;
	134	/* followed by Leveled Domain Identifier and so on. */
	135	} __attribute__((__packed__));
	136
	137	struct ipsecdoi_secrecy_h {
	138	u_int16_t len;
	139	u_int16_t reserved;
	140	/* followed by the value */
	141	} __attribute__((__packed__));
	142
	143	/* 4.6.2 Identification Payload Content */
	144	struct ipsecdoi_pl_id {
	145	struct isakmp_gen h;
	146	struct ipsecdoi_id_b {
	147	u_int8_t type; /* ID Type */
	148	u_int8_t proto_id; /* Protocol ID */
	149	u_int16_t port; /* Port */
	150	} b;
	151	/* followed by Identification Data */
	152	} __attribute__((__packed__));
	153
	154	#define IPSECDOI_ID_IPV4_ADDR 1
	155	#define IPSECDOI_ID_FQDN 2
	156	#define IPSECDOI_ID_USER_FQDN 3
	157	#define IPSECDOI_ID_IPV4_ADDR_SUBNET 4
	158	#define IPSECDOI_ID_IPV6_ADDR 5
	159	#define IPSECDOI_ID_IPV6_ADDR_SUBNET 6
	160	#define IPSECDOI_ID_IPV4_ADDR_RANGE 7
	161	#define IPSECDOI_ID_IPV6_ADDR_RANGE 8
	162	#define IPSECDOI_ID_DER_ASN1_DN 9
	163	#define IPSECDOI_ID_DER_ASN1_GN 10
	164	#define IPSECDOI_ID_KEY_ID 11
	165
	166	/* compressing doi type, it's internal use. */
	167	#define IDTYPE_FQDN 0
	168	#define IDTYPE_USERFQDN 1
169	#define IDTYPE_KEYID 2
170	#define IDTYPE_ADDRESS 3
171	#define IDTYPE_ASN1DN 4
172
ac2f15b3 A	173	/* shared secret type, it's internal use. */
	174	#define SECRETTYPE_USE 0
	175	#define SECRETTYPE_KEY 1
	176	#define SECRETTYPE_KEYCHAIN 2
	177
7ba0088d A	178	/* The use for checking proposal payload. This is not exchange type. */
	179	#define IPSECDOI_TYPE_PH1 0
	180	#define IPSECDOI_TYPE_PH2 1
	181
	182	struct isakmpsa;
	183	struct ipsecdoi_pl_sa;
	184	struct saprop;
	185	struct saproto;
	186	struct satrns;
	187	struct prop_pair;
	188
	189	extern int ipsecdoi_checkph1proposal __P((vchar_t , struct ph1handle ));
	190	extern int ipsecdoi_selectph2proposal __P((struct ph2handle *));
	191	extern int ipsecdoi_checkph2proposal __P((struct ph2handle *));
	192
	193	extern struct prop_pair *get_proppair __P((vchar_t , int));
	194	extern vchar_t get_sabyproppair __P((struct prop_pair , struct ph1handle *));
	195	extern int ipsecdoi_updatespi __P((struct ph2handle *iph2));
	196	extern vchar_t get_sabysaprop __P((struct saprop , vchar_t *));
	197	extern int ipsecdoi_checkid1 __P((struct ph1handle *));
	198	extern int ipsecdoi_setid1 __P((struct ph1handle *));
	199	extern int set_identifier __P((vchar_t *, int, vchar_t ));
	200	extern int ipsecdoi_setid2 __P((struct ph2handle *));
	201	extern vchar_t ipsecdoi_sockaddr2id __P((struct sockaddr , u_int, u_int));
	202	extern int ipsecdoi_id2sockaddr __P((vchar_t , struct sockaddr ,
	203	u_int8_t , u_int16_t ));
	204	extern const char ipsecdoi_id2str __P((const vchar_t ));
	205
	206	extern vchar_t ipsecdoi_setph1proposal __P((struct isakmpsa ));
	207	extern int ipsecdoi_setph2proposal __P((struct ph2handle *));
	208	extern int ipsecdoi_transportmode __P((struct ph2handle *));
	209	extern int ipsecdoi_get_defaultlifetime __P((void));
	210	extern int ipsecdoi_checkalgtypes __P((int, int, int, int));
	211	extern int ipproto2doi __P((int));
	212	extern int doi2ipproto __P((int));
	213
	214	extern int ipsecdoi_t2satrns __P((struct isakmp_pl_t *,
	215	struct saprop , struct saproto , struct satrns *));
	216	extern int ipsecdoi_authalg2trnsid __P((int));
	217	extern int idtype2doi __P((int));
	218	extern int doi2idtype __P((int));
	219