X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/2d21ac55c334faf3a56e5634905ed6987fc787d4..813fb2f63a553c957e917ede5f119b021d6ce391:/bsd/net/pfkeyv2.h diff --git a/bsd/net/pfkeyv2.h b/bsd/net/pfkeyv2.h index ccb5bbaa8..97d6280fa 100644 --- a/bsd/net/pfkeyv2.h +++ b/bsd/net/pfkeyv2.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000 Apple Computer, Inc. All rights reserved. + * Copyright (c) 2000-2011 Apple Computer, Inc. All rights reserved. * * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ * @@ -65,6 +65,7 @@ #ifndef _NET_PFKEYV2_H_ #define _NET_PFKEYV2_H_ #include +#include /* This file defines structures and symbols for the PF_KEY Version 2 @@ -102,7 +103,11 @@ you leave this credit intact on any copies of this file. #define SADB_X_SPDSETIDX 20 #define SADB_X_SPDEXPIRE 21 #define SADB_X_SPDDELETE2 22 /* by policy id */ -#define SADB_MAX 22 +#define SADB_GETSASTAT 23 +#define SADB_X_SPDENABLE 24 /* by policy id */ +#define SADB_X_SPDDISABLE 25 /* by policy id */ +#define SADB_MIGRATE 26 +#define SADB_MAX 26 struct sadb_msg { u_int8_t sadb_msg_version; @@ -135,8 +140,15 @@ struct sadb_sa { struct sadb_sa_2 { struct sadb_sa sa; u_int16_t sadb_sa_natt_port; - u_int16_t sadb_reserved0; - u_int32_t sadb_reserved1; + union { + u_int16_t sadb_reserved0; + u_int16_t sadb_sa_natt_interval; + }; + + union { + u_int32_t sadb_reserved1; + u_int16_t sadb_sa_natt_offload_interval; + }; }; #endif /* PRIVATE */ @@ -247,8 +259,18 @@ struct sadb_x_sa2 { u_int16_t sadb_x_sa2_len; u_int16_t sadb_x_sa2_exttype; u_int8_t sadb_x_sa2_mode; - u_int8_t sadb_x_sa2_reserved1; - u_int16_t sadb_x_sa2_reserved2; + union { + u_int8_t sadb_x_sa2_reserved1; +#ifdef PRIVATE + u_int8_t sadb_x_sa2_alwaysexpire; +#endif + }; + union { + u_int16_t sadb_x_sa2_reserved2; +#ifdef PRIVATE + u_int16_t sadb_x_sa2_flags; +#endif + }; u_int32_t sadb_x_sa2_sequence; u_int32_t sadb_x_sa2_reqid; }; @@ -270,7 +292,22 @@ struct sadb_x_policy { * [total length of ipsec policy requests] * = (sadb_x_policy_len * sizeof(uint64_t) - sizeof(struct sadb_x_policy)) */ - +#ifdef PRIVATE +/* IPSec Interface Extension: + * IPSec interface can be specified alone, or all three + * of internal, outgoing, and IPSec interfaces must be + * specified. + */ +struct sadb_x_ipsecif { + u_int16_t sadb_x_ipsecif_len; + u_int16_t sadb_x_ipsecif_exttype; + char sadb_x_ipsecif_internal_if[IFXNAMSIZ]; /* Steal packets from this interface */ + char sadb_x_ipsecif_outgoing_if[IFXNAMSIZ]; /* Send packets out on this interface */ + char sadb_x_ipsecif_ipsec_if[IFXNAMSIZ]; /* Direct packets through ipsec interface */ + u_int16_t sadb_x_ipsecif_init_disabled; /* 0 or 1, flag to ignore policy */ + u_int16_t reserved; +}; +#endif /* XXX IPsec Policy Request Extension */ /* * This structure is aligned 8 bytes. @@ -293,6 +330,30 @@ struct sadb_x_ipsecrequest { */ }; +struct sadb_session_id { + u_int16_t sadb_session_id_len; + u_int16_t sadb_session_id_exttype; + /* [0] is an arbitrary handle that means something only for requester + * [1] is a global session id for lookups in the kernel and racoon. + */ + u_int64_t sadb_session_id_v[2]; +} __attribute__ ((aligned(8))); + +struct sastat { + u_int32_t spi; /* SPI Value, network byte order */ + u_int32_t created; /* for lifetime */ + struct sadb_lifetime lft_c; /* CURRENT lifetime. */ +}; // no need to align + +struct sadb_sastat { + u_int16_t sadb_sastat_len; + u_int16_t sadb_sastat_exttype; + u_int32_t sadb_sastat_dir; + u_int32_t sadb_sastat_reserved; + u_int32_t sadb_sastat_list_len; + /* list of struct sastat comes after */ +} __attribute__ ((aligned(8))); + #define SADB_EXT_RESERVED 0 #define SADB_EXT_SA 1 #define SADB_EXT_LIFETIME_CURRENT 2 @@ -313,7 +374,17 @@ struct sadb_x_ipsecrequest { #define SADB_X_EXT_KMPRIVATE 17 #define SADB_X_EXT_POLICY 18 #define SADB_X_EXT_SA2 19 -#define SADB_EXT_MAX 19 +#define SADB_EXT_SESSION_ID 20 +#define SADB_EXT_SASTAT 21 +#define SADB_X_EXT_IPSECIF 22 +#define SADB_X_EXT_ADDR_RANGE_SRC_START 23 +#define SADB_X_EXT_ADDR_RANGE_SRC_END 24 +#define SADB_X_EXT_ADDR_RANGE_DST_START 25 +#define SADB_X_EXT_ADDR_RANGE_DST_END 26 +#define SADB_EXT_MIGRATE_ADDRESS_SRC 27 +#define SADB_EXT_MIGRATE_ADDRESS_DST 28 +#define SADB_X_EXT_MIGRATE_IPSECIF 29 +#define SADB_EXT_MAX 29 #define SADB_SATYPE_UNSPEC 0 #define SADB_SATYPE_AH 2 @@ -360,6 +431,7 @@ struct sadb_x_ipsecrequest { #define SADB_X_EALG_RIJNDAELCBC 12 #define SADB_X_EALG_AESCBC 12 #define SADB_X_EALG_AES 12 +#define SADB_X_EALG_AES_GCM 13 /* private allocations should use 249-255 (RFC2407) */ #if 1 /*nonstandard */ @@ -398,11 +470,26 @@ struct sadb_x_ipsecrequest { #define SADB_X_EXT_PZERO 0x0200 /* zero padding for ESP */ #define SADB_X_EXT_PMASK 0x0300 /* mask for padding flag */ +#ifdef PRIVATE +#define SADB_X_EXT_NATT_DETECTED_PEER 0x1000 +#define SADB_X_EXT_ESP_KEEPALIVE 0x2000 +#define SADB_X_EXT_PUNT_RX_KEEPALIVE 0x4000 +#define SADB_X_EXT_NATT_KEEPALIVE_OFFLOAD 0x8000 +#endif /* PRIVATE */ + +#ifdef PRIVATE +#define NATT_KEEPALIVE_OFFLOAD_INTERVAL 0x1 +#endif + #if 1 #define SADB_X_EXT_RAWCPI 0x0080 /* use well known CPI (IPComp) */ #endif -#define SADB_KEY_FLAGS_MAX 0x0fff +#define SADB_KEY_FLAGS_MAX 0x7fff + +#ifdef PRIVATE +#define SADB_X_EXT_SA2_DELETE_ON_DETACH 0x0001 +#endif /* SPI size for PF_KEYv2 */ #define PFKEY_SPI_SIZE sizeof(u_int32_t)