removed prng.c from libfreeswan
[strongswan.git] / src / libfreeswan / freeswan.h
1 #ifndef _FREESWAN_H
2 /*
3 * header file for FreeS/WAN library functions
4 * Copyright (C) 1998, 1999, 2000 Henry Spencer.
5 * Copyright (C) 1999, 2000, 2001 Richard Guy Briggs
6 *
7 * This library is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU Library General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or (at your
10 * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
11 *
12 * This library is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
15 * License for more details.
16 */
17 #define _FREESWAN_H /* seen it, no need to see it again */
18
19 # include <sys/types.h>
20 # include <stdio.h>
21 # include <netinet/in.h>
22
23 # define DEBUG_NO_STATIC static
24
25 #include <ipsec_param.h>
26 #include <utils.h>
27
28 /*
29 * We assume header files have IPv6 (i.e. kernel version >= 2.1.0)
30 */
31 #define NET_21
32
33 #ifndef IPPROTO_COMP
34 # define IPPROTO_COMP 108
35 #endif /* !IPPROTO_COMP */
36
37 #ifndef IPPROTO_INT
38 # define IPPROTO_INT 61
39 #endif /* !IPPROTO_INT */
40
41 #ifdef CONFIG_IPSEC_DEBUG
42 # define DEBUG_NO_STATIC
43 #else /* CONFIG_IPSEC_DEBUG */
44 # define DEBUG_NO_STATIC static
45 #endif /* CONFIG_IPSEC_DEBUG */
46
47 #define ESPINUDP_WITH_NON_IKE 1 /* draft-ietf-ipsec-nat-t-ike-00/01 */
48 #define ESPINUDP_WITH_NON_ESP 2 /* draft-ietf-ipsec-nat-t-ike-02 */
49
50 /*
51 * Basic data types for the address-handling functions.
52 * ip_address and ip_subnet are supposed to be opaque types; do not
53 * use their definitions directly, they are subject to change!
54 */
55
56 /* then the main types */
57 typedef struct {
58 union {
59 struct sockaddr_in v4;
60 struct sockaddr_in6 v6;
61 } u;
62 } ip_address;
63 typedef struct {
64 ip_address addr;
65 int maskbits;
66 } ip_subnet;
67
68 /* and the SA ID stuff */
69 typedef u_int32_t ipsec_spi_t;
70 typedef struct { /* to identify an SA, we need: */
71 ip_address dst; /* A. destination host */
72 ipsec_spi_t spi; /* B. 32-bit SPI, assigned by dest. host */
73 # define SPI_PASS 256 /* magic values... */
74 # define SPI_DROP 257 /* ...for use... */
75 # define SPI_REJECT 258 /* ...with SA_INT */
76 # define SPI_HOLD 259
77 # define SPI_TRAP 260
78 # define SPI_TRAPSUBNET 261
79 int proto; /* C. protocol */
80 # define SA_ESP 50 /* IPPROTO_ESP */
81 # define SA_AH 51 /* IPPROTO_AH */
82 # define SA_IPIP 4 /* IPPROTO_IPIP */
83 # define SA_COMP 108 /* IPPROTO_COMP */
84 # define SA_INT 61 /* IANA reserved for internal use */
85 } ip_said;
86 struct sa_id { /* old v4-only version */
87 struct in_addr dst;
88 ipsec_spi_t spi;
89 int proto;
90 };
91
92 /* misc */
93 struct prng { /* pseudo-random-number-generator guts */
94 unsigned char sbox[256];
95 int i, j;
96 unsigned long count;
97 };
98
99
100 /*
101 * definitions for user space, taken from freeswan/ipsec_sa.h
102 */
103 typedef uint32_t IPsecSAref_t;
104
105 #define IPSEC_SA_REF_TABLE_NUM_ENTRIES (1 << IPSEC_SA_REF_TABLE_IDX_WIDTH)
106
107 #define IPSEC_SA_REF_FIELD_WIDTH (8 * sizeof(IPsecSAref_t))
108
109 #define IPsecSAref2NFmark(x) ((x) << (IPSEC_SA_REF_FIELD_WIDTH - IPSEC_SA_REF_TABLE_IDX_WIDTH))
110 #define NFmark2IPsecSAref(x) ((x) >> (IPSEC_SA_REF_FIELD_WIDTH - IPSEC_SA_REF_TABLE_IDX_WIDTH))
111
112 #define IPSEC_SAREF_NULL (~((IPsecSAref_t)0))
113
114 /* GCC magic for use in function definitions! */
115 #ifdef GCC_LINT
116 # define PRINTF_LIKE(n) __attribute__ ((format(printf, n, n+1)))
117 # define NEVER_RETURNS __attribute__ ((noreturn))
118 # define UNUSED __attribute__ ((unused))
119 # define BLANK_FORMAT " " /* GCC_LINT whines about empty formats */
120 #else
121 # define PRINTF_LIKE(n) /* ignore */
122 # define NEVER_RETURNS /* ignore */
123 # define UNUSED /* ignore */
124 # define BLANK_FORMAT ""
125 #endif
126
127
128
129
130
131 /*
132 * new IPv6-compatible functions
133 */
134
135 /* text conversions */
136 err_t ttoul(const char *src, size_t srclen, int format, unsigned long *dst);
137 size_t ultot(unsigned long src, int format, char *buf, size_t buflen);
138 #define ULTOT_BUF (22+1) /* holds 64 bits in octal */
139 err_t ttoaddr(const char *src, size_t srclen, int af, ip_address *dst);
140 err_t tnatoaddr(const char *src, size_t srclen, int af, ip_address *dst);
141 size_t addrtot(const ip_address *src, int format, char *buf, size_t buflen);
142 /* RFC 1886 old IPv6 reverse-lookup format is the bulkiest */
143 #define ADDRTOT_BUF (32*2 + 3 + 1 + 3 + 1 + 1)
144 err_t ttosubnet(const char *src, size_t srclen, int af, ip_subnet *dst);
145 size_t subnettot(const ip_subnet *src, int format, char *buf, size_t buflen);
146 #define SUBNETTOT_BUF (ADDRTOT_BUF + 1 + 3)
147 err_t ttosa(const char *src, size_t srclen, ip_said *dst);
148 size_t satot(const ip_said *src, int format, char *bufptr, size_t buflen);
149 #define SATOT_BUF (5 + ULTOA_BUF + 1 + ADDRTOT_BUF)
150 err_t ttodata(const char *src, size_t srclen, int base, char *buf,
151 size_t buflen, size_t *needed);
152 err_t ttodatav(const char *src, size_t srclen, int base,
153 char *buf, size_t buflen, size_t *needed,
154 char *errp, size_t errlen, unsigned int flags);
155 #define TTODATAV_BUF 40 /* ttodatav's largest non-literal message */
156 #define TTODATAV_IGNORESPACE (1<<1) /* ignore spaces in base64 encodings*/
157 #define TTODATAV_SPACECOUNTS 0 /* do not ignore spaces in base64 */
158
159 size_t datatot(const char *src, size_t srclen, int format, char *buf,
160 size_t buflen);
161 size_t keyblobtoid(const unsigned char *src, size_t srclen, char *dst,
162 size_t dstlen);
163 size_t splitkeytoid(const unsigned char *e, size_t elen, const unsigned char *m,
164 size_t mlen, char *dst, size_t dstlen);
165 #define KEYID_BUF 10 /* up to 9 text digits plus NUL */
166 err_t ttoprotoport(char *src, size_t src_len, u_int8_t *proto, u_int16_t *port,
167 bool *has_port_wildcard);
168
169 /* initializations */
170 void initsaid(const ip_address *addr, ipsec_spi_t spi, int proto, ip_said *dst);
171 err_t loopbackaddr(int af, ip_address *dst);
172 err_t unspecaddr(int af, ip_address *dst);
173 err_t anyaddr(int af, ip_address *dst);
174 err_t initaddr(const unsigned char *src, size_t srclen, int af, ip_address *dst);
175 err_t initsubnet(const ip_address *addr, int maskbits, int clash, ip_subnet *dst);
176 err_t addrtosubnet(const ip_address *addr, ip_subnet *dst);
177
178 /* misc. conversions and related */
179 err_t rangetosubnet(const ip_address *from, const ip_address *to, ip_subnet *dst);
180 int addrtypeof(const ip_address *src);
181 int subnettypeof(const ip_subnet *src);
182 size_t addrlenof(const ip_address *src);
183 size_t addrbytesptr(const ip_address *src, const unsigned char **dst);
184 size_t addrbytesof(const ip_address *src, unsigned char *dst, size_t dstlen);
185 int masktocount(const ip_address *src);
186 void networkof(const ip_subnet *src, ip_address *dst);
187 void maskof(const ip_subnet *src, ip_address *dst);
188
189 /* tests */
190 int sameaddr(const ip_address *a, const ip_address *b);
191 int addrcmp(const ip_address *a, const ip_address *b);
192 int samesubnet(const ip_subnet *a, const ip_subnet *b);
193 int addrinsubnet(const ip_address *a, const ip_subnet *s);
194 int subnetinsubnet(const ip_subnet *a, const ip_subnet *b);
195 int subnetishost(const ip_subnet *s);
196 int samesaid(const ip_said *a, const ip_said *b);
197 int sameaddrtype(const ip_address *a, const ip_address *b);
198 int samesubnettype(const ip_subnet *a, const ip_subnet *b);
199 int isanyaddr(const ip_address *src);
200 int isunspecaddr(const ip_address *src);
201 int isloopbackaddr(const ip_address *src);
202
203 /* low-level grot */
204 int portof(const ip_address *src);
205 void setportof(int port, ip_address *dst);
206 struct sockaddr *sockaddrof(ip_address *src);
207 size_t sockaddrlenof(const ip_address *src);
208
209 /* odds and ends */
210 const char **ipsec_copyright_notice(void);
211
212 const char *dns_string_rr(int rr, char *buf, int bufsize);
213 const char *dns_string_datetime(time_t seconds,
214 char *buf,
215 int bufsize);
216
217
218 /*
219 * old functions, to be deleted eventually
220 */
221
222 /* unsigned long */
223 const char * /* NULL for success, else string literal */
224 atoul(
225 const char *src,
226 size_t srclen, /* 0 means strlen(src) */
227 int base, /* 0 means figure it out */
228 unsigned long *resultp
229 );
230 size_t /* space needed for full conversion */
231 ultoa(
232 unsigned long n,
233 int base,
234 char *dst,
235 size_t dstlen
236 );
237 #define ULTOA_BUF 21 /* just large enough for largest result, */
238 /* assuming 64-bit unsigned long! */
239
240 /* Internet addresses */
241 const char * /* NULL for success, else string literal */
242 atoaddr(
243 const char *src,
244 size_t srclen, /* 0 means strlen(src) */
245 struct in_addr *addr
246 );
247 size_t /* space needed for full conversion */
248 addrtoa(
249 struct in_addr addr,
250 int format, /* character; 0 means default */
251 char *dst,
252 size_t dstlen
253 );
254 #define ADDRTOA_BUF 16 /* just large enough for largest result */
255
256 /* subnets */
257 const char * /* NULL for success, else string literal */
258 atosubnet(
259 const char *src,
260 size_t srclen, /* 0 means strlen(src) */
261 struct in_addr *addr,
262 struct in_addr *mask
263 );
264 size_t /* space needed for full conversion */
265 subnettoa(
266 struct in_addr addr,
267 struct in_addr mask,
268 int format, /* character; 0 means default */
269 char *dst,
270 size_t dstlen
271 );
272 #define SUBNETTOA_BUF 32 /* large enough for worst case result */
273
274 /* ranges */
275 const char * /* NULL for success, else string literal */
276 atoasr(
277 const char *src,
278 size_t srclen, /* 0 means strlen(src) */
279 char *type, /* 'a', 's', 'r' */
280 struct in_addr *addrs /* two-element array */
281 );
282 size_t /* space needed for full conversion */
283 rangetoa(
284 struct in_addr *addrs, /* two-element array */
285 int format, /* character; 0 means default */
286 char *dst,
287 size_t dstlen
288 );
289 #define RANGETOA_BUF 34 /* large enough for worst case result */
290
291 /* data types for SA conversion functions */
292
293 /* SAs */
294 const char * /* NULL for success, else string literal */
295 atosa(
296 const char *src,
297 size_t srclen, /* 0 means strlen(src) */
298 struct sa_id *sa
299 );
300 size_t /* space needed for full conversion */
301 satoa(
302 struct sa_id sa,
303 int format, /* character; 0 means default */
304 char *dst,
305 size_t dstlen
306 );
307 #define SATOA_BUF (3+ULTOA_BUF+ADDRTOA_BUF)
308
309 /* generic data, e.g. keys */
310 const char * /* NULL for success, else string literal */
311 atobytes(
312 const char *src,
313 size_t srclen, /* 0 means strlen(src) */
314 char *dst,
315 size_t dstlen,
316 size_t *lenp /* NULL means don't bother telling me */
317 );
318 size_t /* 0 failure, else true size */
319 bytestoa(
320 const char *src,
321 size_t srclen,
322 int format, /* character; 0 means default */
323 char *dst,
324 size_t dstlen
325 );
326
327 /* old versions of generic-data functions; deprecated */
328 size_t /* 0 failure, else true size */
329 atodata(
330 const char *src,
331 size_t srclen, /* 0 means strlen(src) */
332 char *dst,
333 size_t dstlen
334 );
335 size_t /* 0 failure, else true size */
336 datatoa(
337 const char *src,
338 size_t srclen,
339 int format, /* character; 0 means default */
340 char *dst,
341 size_t dstlen
342 );
343
344 /* part extraction and special addresses */
345 struct in_addr
346 subnetof(
347 struct in_addr addr,
348 struct in_addr mask
349 );
350 struct in_addr
351 hostof(
352 struct in_addr addr,
353 struct in_addr mask
354 );
355 struct in_addr
356 broadcastof(
357 struct in_addr addr,
358 struct in_addr mask
359 );
360
361 /* mask handling */
362 int
363 goodmask(
364 struct in_addr mask
365 );
366 int
367 masktobits(
368 struct in_addr mask
369 );
370 struct in_addr
371 bitstomask(
372 int n
373 );
374
375 /*
376 * Debugging levels for pfkey_lib_debug
377 */
378 #define PF_KEY_DEBUG_PARSE_NONE 0
379 #define PF_KEY_DEBUG_PARSE_PROBLEM 1
380 #define PF_KEY_DEBUG_PARSE_STRUCT 2
381 #define PF_KEY_DEBUG_PARSE_FLOW 4
382 #define PF_KEY_DEBUG_PARSE_MAX 7
383
384 extern unsigned int pfkey_lib_debug; /* bits selecting what to report */
385
386 /*
387 * pluto and lwdnsq need to know the maximum size of the commands to,
388 * and replies from lwdnsq.
389 */
390
391 #define LWDNSQ_CMDBUF_LEN 1024
392 #define LWDNSQ_RESULT_LEN_MAX 4096
393
394 #endif /* _FREESWAN_H */