removed NAT_TRAVERSAL compile option
[strongswan.git] / src / libfreeswan / pfkeyv2.h
1 /*
2 * RCSID $Id: pfkeyv2.h,v 1.5 2004/10/04 22:43:56 as Exp $
3 */
4
5 /*
6 RFC 2367 PF_KEY Key Management API July 1998
7
8
9 Appendix D: Sample Header File
10
11 This file defines structures and symbols for the PF_KEY Version 2
12 key management interface. It was written at the U.S. Naval Research
13 Laboratory. This file is in the public domain. The authors ask that
14 you leave this credit intact on any copies of this file.
15 */
16 #ifndef __PFKEY_V2_H
17 #define __PFKEY_V2_H 1
18
19 #define PF_KEY_V2 2
20 #define PFKEYV2_REVISION 199806L
21
22 #define SADB_RESERVED 0
23 #define SADB_GETSPI 1
24 #define SADB_UPDATE 2
25 #define SADB_ADD 3
26 #define SADB_DELETE 4
27 #define SADB_GET 5
28 #define SADB_ACQUIRE 6
29 #define SADB_REGISTER 7
30 #define SADB_EXPIRE 8
31 #define SADB_FLUSH 9
32 #define SADB_DUMP 10
33 #define SADB_X_PROMISC 11
34 #define SADB_X_PCHANGE 12
35 #define SADB_X_GRPSA 13
36 #define SADB_X_ADDFLOW 14
37 #define SADB_X_DELFLOW 15
38 #define SADB_X_DEBUG 16
39 #define SADB_X_NAT_T_NEW_MAPPING 17
40 #define SADB_MAX 17
41
42 struct sadb_msg {
43 uint8_t sadb_msg_version;
44 uint8_t sadb_msg_type;
45 uint8_t sadb_msg_errno;
46 uint8_t sadb_msg_satype;
47 uint16_t sadb_msg_len;
48 uint16_t sadb_msg_reserved;
49 uint32_t sadb_msg_seq;
50 uint32_t sadb_msg_pid;
51 };
52
53 struct sadb_ext {
54 uint16_t sadb_ext_len;
55 uint16_t sadb_ext_type;
56 };
57
58 struct sadb_sa {
59 uint16_t sadb_sa_len;
60 uint16_t sadb_sa_exttype;
61 uint32_t sadb_sa_spi;
62 uint8_t sadb_sa_replay;
63 uint8_t sadb_sa_state;
64 uint8_t sadb_sa_auth;
65 uint8_t sadb_sa_encrypt;
66 uint32_t sadb_sa_flags;
67 uint32_t /*IPsecSAref_t*/ sadb_x_sa_ref; /* 32 bits */
68 uint8_t sadb_x_reserved[4];
69 };
70
71 struct sadb_sa_v1 {
72 uint16_t sadb_sa_len;
73 uint16_t sadb_sa_exttype;
74 uint32_t sadb_sa_spi;
75 uint8_t sadb_sa_replay;
76 uint8_t sadb_sa_state;
77 uint8_t sadb_sa_auth;
78 uint8_t sadb_sa_encrypt;
79 uint32_t sadb_sa_flags;
80 };
81
82 struct sadb_lifetime {
83 uint16_t sadb_lifetime_len;
84 uint16_t sadb_lifetime_exttype;
85 uint32_t sadb_lifetime_allocations;
86 uint64_t sadb_lifetime_bytes;
87 uint64_t sadb_lifetime_addtime;
88 uint64_t sadb_lifetime_usetime;
89 uint32_t sadb_x_lifetime_packets;
90 uint32_t sadb_x_lifetime_reserved;
91 };
92
93 struct sadb_address {
94 uint16_t sadb_address_len;
95 uint16_t sadb_address_exttype;
96 uint8_t sadb_address_proto;
97 uint8_t sadb_address_prefixlen;
98 uint16_t sadb_address_reserved;
99 };
100
101 struct sadb_key {
102 uint16_t sadb_key_len;
103 uint16_t sadb_key_exttype;
104 uint16_t sadb_key_bits;
105 uint16_t sadb_key_reserved;
106 };
107
108 struct sadb_ident {
109 uint16_t sadb_ident_len;
110 uint16_t sadb_ident_exttype;
111 uint16_t sadb_ident_type;
112 uint16_t sadb_ident_reserved;
113 uint64_t sadb_ident_id;
114 };
115
116 struct sadb_sens {
117 uint16_t sadb_sens_len;
118 uint16_t sadb_sens_exttype;
119 uint32_t sadb_sens_dpd;
120 uint8_t sadb_sens_sens_level;
121 uint8_t sadb_sens_sens_len;
122 uint8_t sadb_sens_integ_level;
123 uint8_t sadb_sens_integ_len;
124 uint32_t sadb_sens_reserved;
125 };
126
127 struct sadb_prop {
128 uint16_t sadb_prop_len;
129 uint16_t sadb_prop_exttype;
130 uint8_t sadb_prop_replay;
131 uint8_t sadb_prop_reserved[3];
132 };
133
134 struct sadb_comb {
135 uint8_t sadb_comb_auth;
136 uint8_t sadb_comb_encrypt;
137 uint16_t sadb_comb_flags;
138 uint16_t sadb_comb_auth_minbits;
139 uint16_t sadb_comb_auth_maxbits;
140 uint16_t sadb_comb_encrypt_minbits;
141 uint16_t sadb_comb_encrypt_maxbits;
142 uint32_t sadb_comb_reserved;
143 uint32_t sadb_comb_soft_allocations;
144 uint32_t sadb_comb_hard_allocations;
145 uint64_t sadb_comb_soft_bytes;
146 uint64_t sadb_comb_hard_bytes;
147 uint64_t sadb_comb_soft_addtime;
148 uint64_t sadb_comb_hard_addtime;
149 uint64_t sadb_comb_soft_usetime;
150 uint64_t sadb_comb_hard_usetime;
151 uint32_t sadb_x_comb_soft_packets;
152 uint32_t sadb_x_comb_hard_packets;
153 };
154
155 struct sadb_supported {
156 uint16_t sadb_supported_len;
157 uint16_t sadb_supported_exttype;
158 uint32_t sadb_supported_reserved;
159 };
160
161 struct sadb_alg {
162 uint8_t sadb_alg_id;
163 uint8_t sadb_alg_ivlen;
164 uint16_t sadb_alg_minbits;
165 uint16_t sadb_alg_maxbits;
166 uint16_t sadb_alg_reserved;
167 };
168
169 struct sadb_spirange {
170 uint16_t sadb_spirange_len;
171 uint16_t sadb_spirange_exttype;
172 uint32_t sadb_spirange_min;
173 uint32_t sadb_spirange_max;
174 uint32_t sadb_spirange_reserved;
175 };
176
177 struct sadb_x_kmprivate {
178 uint16_t sadb_x_kmprivate_len;
179 uint16_t sadb_x_kmprivate_exttype;
180 uint32_t sadb_x_kmprivate_reserved;
181 };
182
183 struct sadb_x_satype {
184 uint16_t sadb_x_satype_len;
185 uint16_t sadb_x_satype_exttype;
186 uint8_t sadb_x_satype_satype;
187 uint8_t sadb_x_satype_reserved[3];
188 };
189
190 struct sadb_x_policy {
191 uint16_t sadb_x_policy_len;
192 uint16_t sadb_x_policy_exttype;
193 uint16_t sadb_x_policy_type;
194 uint8_t sadb_x_policy_dir;
195 uint8_t sadb_x_policy_reserved;
196 uint32_t sadb_x_policy_id;
197 uint32_t sadb_x_policy_reserved2;
198 };
199
200 struct sadb_x_debug {
201 uint16_t sadb_x_debug_len;
202 uint16_t sadb_x_debug_exttype;
203 uint32_t sadb_x_debug_tunnel;
204 uint32_t sadb_x_debug_netlink;
205 uint32_t sadb_x_debug_xform;
206 uint32_t sadb_x_debug_eroute;
207 uint32_t sadb_x_debug_spi;
208 uint32_t sadb_x_debug_radij;
209 uint32_t sadb_x_debug_esp;
210 uint32_t sadb_x_debug_ah;
211 uint32_t sadb_x_debug_rcv;
212 uint32_t sadb_x_debug_pfkey;
213 uint32_t sadb_x_debug_ipcomp;
214 uint32_t sadb_x_debug_verbose;
215 uint8_t sadb_x_debug_reserved[4];
216 };
217
218 struct sadb_x_nat_t_type {
219 uint16_t sadb_x_nat_t_type_len;
220 uint16_t sadb_x_nat_t_type_exttype;
221 uint8_t sadb_x_nat_t_type_type;
222 uint8_t sadb_x_nat_t_type_reserved[3];
223 };
224 struct sadb_x_nat_t_port {
225 uint16_t sadb_x_nat_t_port_len;
226 uint16_t sadb_x_nat_t_port_exttype;
227 uint16_t sadb_x_nat_t_port_port;
228 uint16_t sadb_x_nat_t_port_reserved;
229 };
230
231 /*
232 * A protocol structure for passing through the transport level
233 * protocol. It contains more fields than are actually used/needed
234 * but it is this way to be compatible with the structure used in
235 * OpenBSD (http://www.openbsd.org/cgi-bin/cvsweb/src/sys/net/pfkeyv2.h)
236 */
237 struct sadb_protocol {
238 uint16_t sadb_protocol_len;
239 uint16_t sadb_protocol_exttype;
240 uint8_t sadb_protocol_proto;
241 uint8_t sadb_protocol_direction;
242 uint8_t sadb_protocol_flags;
243 uint8_t sadb_protocol_reserved2;
244 };
245
246 #define SADB_EXT_RESERVED 0
247 #define SADB_EXT_SA 1
248 #define SADB_EXT_LIFETIME_CURRENT 2
249 #define SADB_EXT_LIFETIME_HARD 3
250 #define SADB_EXT_LIFETIME_SOFT 4
251 #define SADB_EXT_ADDRESS_SRC 5
252 #define SADB_EXT_ADDRESS_DST 6
253 #define SADB_EXT_ADDRESS_PROXY 7
254 #define SADB_EXT_KEY_AUTH 8
255 #define SADB_EXT_KEY_ENCRYPT 9
256 #define SADB_EXT_IDENTITY_SRC 10
257 #define SADB_EXT_IDENTITY_DST 11
258 #define SADB_EXT_SENSITIVITY 12
259 #define SADB_EXT_PROPOSAL 13
260 #define SADB_EXT_SUPPORTED_AUTH 14
261 #define SADB_EXT_SUPPORTED_ENCRYPT 15
262 #define SADB_EXT_SPIRANGE 16
263 #define SADB_X_EXT_KMPRIVATE 17
264 #define SADB_X_EXT_SATYPE2 18
265 #ifdef KERNEL26_HAS_KAME_DUPLICATES
266 #define SADB_X_EXT_POLICY 18
267 #endif
268 #define SADB_X_EXT_SA2 19
269 #define SADB_X_EXT_ADDRESS_DST2 20
270 #define SADB_X_EXT_ADDRESS_SRC_FLOW 21
271 #define SADB_X_EXT_ADDRESS_DST_FLOW 22
272 #define SADB_X_EXT_ADDRESS_SRC_MASK 23
273 #define SADB_X_EXT_ADDRESS_DST_MASK 24
274 #define SADB_X_EXT_DEBUG 25
275 #define SADB_X_EXT_PROTOCOL 26
276 #define SADB_X_EXT_NAT_T_TYPE 27
277 #define SADB_X_EXT_NAT_T_SPORT 28
278 #define SADB_X_EXT_NAT_T_DPORT 29
279 #define SADB_X_EXT_NAT_T_OA 30
280 #define SADB_EXT_MAX 30
281
282 /* SADB_X_DELFLOW required over and above SADB_X_SAFLAGS_CLEARFLOW */
283 #define SADB_X_EXT_ADDRESS_DELFLOW \
284 ( (1<<SADB_X_EXT_ADDRESS_SRC_FLOW) \
285 | (1<<SADB_X_EXT_ADDRESS_DST_FLOW) \
286 | (1<<SADB_X_EXT_ADDRESS_SRC_MASK) \
287 | (1<<SADB_X_EXT_ADDRESS_DST_MASK))
288
289 #define SADB_SATYPE_UNSPEC 0
290 #define SADB_SATYPE_AH 2
291 #define SADB_SATYPE_ESP 3
292 #define SADB_SATYPE_RSVP 5
293 #define SADB_SATYPE_OSPFV2 6
294 #define SADB_SATYPE_RIPV2 7
295 #define SADB_SATYPE_MIP 8
296 #define SADB_X_SATYPE_IPIP 9
297 #ifdef KERNEL26_HAS_KAME_DUPLICATES
298 #define SADB_X_SATYPE_IPCOMP 9 /* ICK! */
299 #endif
300 #define SADB_X_SATYPE_COMP 10
301 #define SADB_X_SATYPE_INT 11
302 #define SADB_SATYPE_MAX 11
303
304 #define SADB_SASTATE_LARVAL 0
305 #define SADB_SASTATE_MATURE 1
306 #define SADB_SASTATE_DYING 2
307 #define SADB_SASTATE_DEAD 3
308 #define SADB_SASTATE_MAX 3
309
310 #define SADB_SAFLAGS_PFS 1
311 #define SADB_X_SAFLAGS_REPLACEFLOW 2
312 #define SADB_X_SAFLAGS_CLEARFLOW 4
313 #define SADB_X_SAFLAGS_INFLOW 8
314
315 /* not obvious, but these are the same values as used in isakmp,
316 * and in freeswan/ipsec_policy.h. If you need to add any, they
317 * should be added as according to
318 * http://www.iana.org/assignments/isakmp-registry
319 *
320 * and if not, then please try to use a private-use value, and
321 * consider asking IANA to assign a value.
322 */
323 #define SADB_AALG_NONE 0
324 #define SADB_AALG_MD5_HMAC 2
325 #define SADB_AALG_SHA1_HMAC 3
326 #define SADB_AALG_DES_MAC 4
327 #define SADB_AALG_SHA2_256_HMAC 5
328 #define SADB_AALG_SHA2_384_HMAC 6
329 #define SADB_AALG_SHA2_512_HMAC 7
330 #define SADB_AALG_RIPEMD_160_HMAC 8
331 #define SADB_AALG_AES_XCBC_MAC 9
332 #define SADB_X_AALG_NULL 251 /* kame */
333 #define SADB_AALG_MAX 251
334
335 #define SADB_EALG_NONE 0
336 #define SADB_EALG_DES_CBC 2
337 #define SADB_EALG_3DES_CBC 3
338 #define SADB_EALG_RC5_CBC 4
339 #define SADB_EALG_IDEA_CBC 5
340 #define SADB_EALG_CAST_CBC 6
341 #define SADB_EALG_BLOWFISH_CBC 7
342 #define SADB_EALG_NULL 11
343 #define SADB_EALG_AES_CBC 12
344 #define SADB_EALG_AES_CTR 13
345 #define SADB_X_EALG_SERPENT_CBC 252
346 #define SADB_X_EALG_TWOFISH_CBC 253
347 #define SADB_EALG_MAX 253
348
349 #define SADB_X_CALG_NONE 0
350 #define SADB_X_CALG_OUI 1
351 #define SADB_X_CALG_DEFLATE 2
352 #define SADB_X_CALG_LZS 3
353 #define SADB_X_CALG_V42BIS 4
354 #ifdef KERNEL26_HAS_KAME_DUPLICATES
355 #define SADB_X_CALG_LZJH 4
356 #endif
357 #define SADB_X_CALG_MAX 4
358
359 #define SADB_X_TALG_NONE 0
360 #define SADB_X_TALG_IPv4_in_IPv4 1
361 #define SADB_X_TALG_IPv6_in_IPv4 2
362 #define SADB_X_TALG_IPv4_in_IPv6 3
363 #define SADB_X_TALG_IPv6_in_IPv6 4
364 #define SADB_X_TALG_MAX 4
365
366
367 #define SADB_IDENTTYPE_RESERVED 0
368 #define SADB_IDENTTYPE_PREFIX 1
369 #define SADB_IDENTTYPE_FQDN 2
370 #define SADB_IDENTTYPE_USERFQDN 3
371 #define SADB_X_IDENTTYPE_CONNECTION 4
372 #define SADB_IDENTTYPE_MAX 4
373
374 #define SADB_KEY_FLAGS_MAX 0
375 #endif /* __PFKEY_V2_H */