network_cmds-245.19.tar.gz

[apple/network_cmds.git] / racoon.tproj / ipsec_doi.h

diff --git a/racoon.tproj/ipsec_doi.h b/racoon.tproj/ipsec_doi.h
index b4af2b3aafd1d311d09962620aef4c0e3f4a4a1b..aabd68103d4522a64d871a5c0e022a9bd9cca5c7 100644 (file)
--- a/racoon.tproj/ipsec_doi.h
+++ b/racoon.tproj/ipsec_doi.h
@@ -103,8 +103,16 @@
 #define   IPSECDOI_ATTR_ENC_MODE_ANY            0      /* NOTE:internal use */
 #define   IPSECDOI_ATTR_ENC_MODE_TUNNEL         1
 #define   IPSECDOI_ATTR_ENC_MODE_TRNS           2
-#define   IPSECDOI_ATTR_ENC_MODE_UDP_TUNNEL            3       /* UDP Encapsulated IPSec, NAT-T */
-#define   IPSECDOI_ATTR_ENC_MODE_UDP_TRNS              4       /* UDP Encapsulated IPSec, NAT-T */
+
+/* NAT-T up to draft-ietf-ipsec-nat-t-ike-04 */
+#define   IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_DRAFT       61443
+#define   IPSECDOI_ATTR_ENC_MODE_UDPTRNS_DRAFT         61444
+
+/* NAT-T draft-ietf-ipsec-nat-t-ike-05 and later */
+#define   IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_RFC 3
+#define   IPSECDOI_ATTR_ENC_MODE_UDPTRNS_RFC   4
+
+
 #define IPSECDOI_ATTR_AUTH                    5 /* B */
        /* 0 means not to use authentication. */
 #define   IPSECDOI_ATTR_AUTH_HMAC_MD5           1
@@ -172,6 +180,7 @@ struct ipsecdoi_pl_id {
 #define IDTYPE_KEYID           2
 #define IDTYPE_ADDRESS         3
 #define IDTYPE_ASN1DN          4
+#define IDTYPE_KEYIDUSE         5
 
 /* shared secret type, it's internal use. */
 #define SECRETTYPE_USE         0
@@ -218,6 +227,7 @@ extern const char *ipsecdoi_id2str __P((const vchar_t *));
 extern vchar_t *ipsecdoi_setph1proposal __P((struct isakmpsa *));
 extern int ipsecdoi_setph2proposal __P((struct ph2handle *));
 extern int ipsecdoi_transportmode __P((struct ph2handle *));
+extern int ipsecdoi_tunnelmode __P((struct ph2handle *));
 extern int ipsecdoi_get_defaultlifetime __P((void));
 extern int ipsecdoi_checkalgtypes __P((int, int, int, int));
 extern int ipproto2doi __P((int));