804 lines
18 KiB
C
804 lines
18 KiB
C
/*
|
|
* RFC2367 PF_KEYv2 Key management API message parser
|
|
* Copyright (C) 1999, 2000, 2001 Richard Guy Briggs.
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify it
|
|
* under the terms of the GNU General Public License as published by the
|
|
* Free Software Foundation; either version 2 of the License, or (at your
|
|
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
|
*
|
|
* This program is distributed in the hope that it will be useful, but
|
|
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
|
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
|
* for more details.
|
|
*
|
|
* RCSID $Id: pfkey_v2_ext_bits.c,v 1.2 2004/03/22 21:53:18 as Exp $
|
|
*/
|
|
|
|
/*
|
|
* Template from klips/net/ipsec/ipsec/ipsec_parse.c.
|
|
*/
|
|
|
|
char pfkey_v2_ext_bits_c_version[] = "$Id: pfkey_v2_ext_bits.c,v 1.2 2004/03/22 21:53:18 as Exp $";
|
|
|
|
/*
|
|
* Some ugly stuff to allow consistent debugging code for use in the
|
|
* kernel and in user space
|
|
*/
|
|
|
|
#ifdef __KERNEL__
|
|
|
|
# include <linux/kernel.h> /* for printk */
|
|
|
|
# include "freeswan/ipsec_kversion.h" /* for malloc switch */
|
|
# ifdef MALLOC_SLAB
|
|
# include <linux/slab.h> /* kmalloc() */
|
|
# else /* MALLOC_SLAB */
|
|
# include <linux/malloc.h> /* kmalloc() */
|
|
# endif /* MALLOC_SLAB */
|
|
# include <linux/errno.h> /* error codes */
|
|
# include <linux/types.h> /* size_t */
|
|
# include <linux/interrupt.h> /* mark_bh */
|
|
|
|
# include <linux/netdevice.h> /* struct device, and other headers */
|
|
# include <linux/etherdevice.h> /* eth_type_trans */
|
|
# include <linux/ip.h> /* struct iphdr */
|
|
# if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
|
|
# include <linux/ipv6.h>
|
|
# endif /* defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) */
|
|
|
|
#else /* __KERNEL__ */
|
|
|
|
# include <sys/types.h>
|
|
# include <linux/types.h>
|
|
# include <linux/errno.h>
|
|
#endif
|
|
|
|
#include <freeswan.h>
|
|
#include <pfkeyv2.h>
|
|
#include <pfkey.h>
|
|
|
|
unsigned int extensions_bitmaps[2/*in/out*/][2/*perm/req*/][SADB_MAX + 1/*ext*/] = {
|
|
|
|
/* INBOUND EXTENSIONS */
|
|
{
|
|
|
|
/* PERMITTED IN */
|
|
{
|
|
/* SADB_RESERVED */
|
|
0
|
|
,
|
|
/* SADB_GETSPI */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
| 1<<SADB_EXT_ADDRESS_PROXY
|
|
| 1<<SADB_EXT_SPIRANGE
|
|
,
|
|
/* SADB_UPDATE */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_LIFETIME_CURRENT
|
|
| 1<<SADB_EXT_LIFETIME_HARD
|
|
| 1<<SADB_EXT_LIFETIME_SOFT
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
| 1<<SADB_EXT_ADDRESS_PROXY
|
|
| 1<<SADB_EXT_KEY_AUTH
|
|
| 1<<SADB_EXT_KEY_ENCRYPT
|
|
| 1<<SADB_EXT_IDENTITY_SRC
|
|
| 1<<SADB_EXT_IDENTITY_DST
|
|
| 1<<SADB_EXT_SENSITIVITY
|
|
#ifdef NAT_TRAVERSAL
|
|
| 1<<SADB_X_EXT_NAT_T_SPORT
|
|
| 1<<SADB_X_EXT_NAT_T_DPORT
|
|
#endif
|
|
,
|
|
/* SADB_ADD */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_LIFETIME_HARD
|
|
| 1<<SADB_EXT_LIFETIME_SOFT
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
| 1<<SADB_EXT_ADDRESS_PROXY
|
|
| 1<<SADB_EXT_KEY_AUTH
|
|
| 1<<SADB_EXT_KEY_ENCRYPT
|
|
| 1<<SADB_EXT_IDENTITY_SRC
|
|
| 1<<SADB_EXT_IDENTITY_DST
|
|
| 1<<SADB_EXT_SENSITIVITY
|
|
#ifdef NAT_TRAVERSAL
|
|
| 1<<SADB_X_EXT_NAT_T_TYPE
|
|
| 1<<SADB_X_EXT_NAT_T_SPORT
|
|
| 1<<SADB_X_EXT_NAT_T_DPORT
|
|
| 1<<SADB_X_EXT_NAT_T_OA
|
|
#endif
|
|
,
|
|
/* SADB_DELETE */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
,
|
|
/* SADB_GET */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
,
|
|
/* SADB_ACQUIRE */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
| 1<<SADB_EXT_ADDRESS_PROXY
|
|
| 1<<SADB_EXT_IDENTITY_SRC
|
|
| 1<<SADB_EXT_IDENTITY_DST
|
|
| 1<<SADB_EXT_SENSITIVITY
|
|
| 1<<SADB_EXT_PROPOSAL
|
|
,
|
|
/* SADB_REGISTER */
|
|
1<<SADB_EXT_RESERVED
|
|
,
|
|
/* SADB_EXPIRE */
|
|
0
|
|
,
|
|
/* SADB_FLUSH */
|
|
1<<SADB_EXT_RESERVED
|
|
,
|
|
/* SADB_DUMP */
|
|
1<<SADB_EXT_RESERVED
|
|
,
|
|
/* SADB_X_PROMISC */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_LIFETIME_CURRENT
|
|
| 1<<SADB_EXT_LIFETIME_HARD
|
|
| 1<<SADB_EXT_LIFETIME_SOFT
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
| 1<<SADB_EXT_ADDRESS_PROXY
|
|
| 1<<SADB_EXT_KEY_AUTH
|
|
| 1<<SADB_EXT_KEY_ENCRYPT
|
|
| 1<<SADB_EXT_IDENTITY_SRC
|
|
| 1<<SADB_EXT_IDENTITY_DST
|
|
| 1<<SADB_EXT_SENSITIVITY
|
|
| 1<<SADB_EXT_PROPOSAL
|
|
| 1<<SADB_EXT_SUPPORTED_AUTH
|
|
| 1<<SADB_EXT_SUPPORTED_ENCRYPT
|
|
| 1<<SADB_EXT_SPIRANGE
|
|
| 1<<SADB_X_EXT_KMPRIVATE
|
|
| 1<<SADB_X_EXT_SATYPE2
|
|
| 1<<SADB_X_EXT_SA2
|
|
| 1<<SADB_X_EXT_ADDRESS_DST2
|
|
,
|
|
/* SADB_X_PCHANGE */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_LIFETIME_CURRENT
|
|
| 1<<SADB_EXT_LIFETIME_HARD
|
|
| 1<<SADB_EXT_LIFETIME_SOFT
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
| 1<<SADB_EXT_ADDRESS_PROXY
|
|
| 1<<SADB_EXT_KEY_AUTH
|
|
| 1<<SADB_EXT_KEY_ENCRYPT
|
|
| 1<<SADB_EXT_IDENTITY_SRC
|
|
| 1<<SADB_EXT_IDENTITY_DST
|
|
| 1<<SADB_EXT_SENSITIVITY
|
|
| 1<<SADB_EXT_PROPOSAL
|
|
| 1<<SADB_EXT_SUPPORTED_AUTH
|
|
| 1<<SADB_EXT_SUPPORTED_ENCRYPT
|
|
| 1<<SADB_EXT_SPIRANGE
|
|
| 1<<SADB_X_EXT_KMPRIVATE
|
|
| 1<<SADB_X_EXT_SATYPE2
|
|
| 1<<SADB_X_EXT_SA2
|
|
| 1<<SADB_X_EXT_ADDRESS_DST2
|
|
,
|
|
/* SADB_X_GRPSA */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
| 1<<SADB_X_EXT_SATYPE2
|
|
| 1<<SADB_X_EXT_SA2
|
|
| 1<<SADB_X_EXT_ADDRESS_DST2
|
|
,
|
|
/* SADB_X_ADDFLOW */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
| 1<<SADB_X_EXT_ADDRESS_SRC_FLOW
|
|
| 1<<SADB_X_EXT_ADDRESS_DST_FLOW
|
|
| 1<<SADB_X_EXT_ADDRESS_SRC_MASK
|
|
| 1<<SADB_X_EXT_ADDRESS_DST_MASK
|
|
| 1<<SADB_EXT_IDENTITY_SRC
|
|
| 1<<SADB_EXT_IDENTITY_DST
|
|
| 1<<SADB_X_EXT_PROTOCOL
|
|
,
|
|
/* SADB_X_DELFLOW */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_X_EXT_ADDRESS_SRC_FLOW
|
|
| 1<<SADB_X_EXT_ADDRESS_DST_FLOW
|
|
| 1<<SADB_X_EXT_ADDRESS_SRC_MASK
|
|
| 1<<SADB_X_EXT_ADDRESS_DST_MASK
|
|
| 1<<SADB_EXT_IDENTITY_SRC
|
|
| 1<<SADB_EXT_IDENTITY_DST
|
|
| 1<<SADB_X_EXT_PROTOCOL
|
|
,
|
|
/* SADB_X_DEBUG */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_X_EXT_DEBUG
|
|
#ifdef NAT_TRAVERSAL
|
|
,
|
|
/* SADB_X_NAT_T_NEW_MAPPING */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
| 1<<SADB_X_EXT_NAT_T_SPORT
|
|
| 1<<SADB_X_EXT_NAT_T_DPORT
|
|
#endif
|
|
},
|
|
|
|
/* REQUIRED IN */
|
|
{
|
|
/* SADB_RESERVED */
|
|
0
|
|
,
|
|
/* SADB_GETSPI */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
| 1<<SADB_EXT_SPIRANGE
|
|
,
|
|
/* SADB_UPDATE */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
/*| 1<<SADB_EXT_KEY_AUTH*/
|
|
/*| 1<<SADB_EXT_KEY_ENCRYPT*/
|
|
,
|
|
/* SADB_ADD */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
/*| 1<<SADB_EXT_KEY_AUTH*/
|
|
/*| 1<<SADB_EXT_KEY_ENCRYPT*/
|
|
,
|
|
/* SADB_DELETE */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
,
|
|
/* SADB_GET */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
,
|
|
/* SADB_ACQUIRE */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
| 1<<SADB_EXT_PROPOSAL
|
|
,
|
|
/* SADB_REGISTER */
|
|
1<<SADB_EXT_RESERVED
|
|
,
|
|
/* SADB_EXPIRE */
|
|
0
|
|
,
|
|
/* SADB_FLUSH */
|
|
1<<SADB_EXT_RESERVED
|
|
,
|
|
/* SADB_DUMP */
|
|
1<<SADB_EXT_RESERVED
|
|
,
|
|
/* SADB_X_PROMISC */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_LIFETIME_CURRENT
|
|
| 1<<SADB_EXT_LIFETIME_HARD
|
|
| 1<<SADB_EXT_LIFETIME_SOFT
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
| 1<<SADB_EXT_ADDRESS_PROXY
|
|
| 1<<SADB_EXT_KEY_AUTH
|
|
| 1<<SADB_EXT_KEY_ENCRYPT
|
|
| 1<<SADB_EXT_IDENTITY_SRC
|
|
| 1<<SADB_EXT_IDENTITY_DST
|
|
| 1<<SADB_EXT_SENSITIVITY
|
|
| 1<<SADB_EXT_PROPOSAL
|
|
| 1<<SADB_EXT_SUPPORTED_AUTH
|
|
| 1<<SADB_EXT_SUPPORTED_ENCRYPT
|
|
| 1<<SADB_EXT_SPIRANGE
|
|
| 1<<SADB_X_EXT_KMPRIVATE
|
|
| 1<<SADB_X_EXT_SATYPE2
|
|
| 1<<SADB_X_EXT_SA2
|
|
| 1<<SADB_X_EXT_ADDRESS_DST2
|
|
,
|
|
/* SADB_X_PCHANGE */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_LIFETIME_CURRENT
|
|
| 1<<SADB_EXT_LIFETIME_HARD
|
|
| 1<<SADB_EXT_LIFETIME_SOFT
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
| 1<<SADB_EXT_ADDRESS_PROXY
|
|
| 1<<SADB_EXT_KEY_AUTH
|
|
| 1<<SADB_EXT_KEY_ENCRYPT
|
|
| 1<<SADB_EXT_IDENTITY_SRC
|
|
| 1<<SADB_EXT_IDENTITY_DST
|
|
| 1<<SADB_EXT_SENSITIVITY
|
|
| 1<<SADB_EXT_PROPOSAL
|
|
| 1<<SADB_EXT_SUPPORTED_AUTH
|
|
| 1<<SADB_EXT_SUPPORTED_ENCRYPT
|
|
| 1<<SADB_EXT_SPIRANGE
|
|
| 1<<SADB_X_EXT_KMPRIVATE
|
|
| 1<<SADB_X_EXT_SATYPE2
|
|
| 1<<SADB_X_EXT_SA2
|
|
| 1<<SADB_X_EXT_ADDRESS_DST2
|
|
,
|
|
/* SADB_X_GRPSA */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
/*| 1<<SADB_X_EXT_SATYPE2*/
|
|
/*| 1<<SADB_X_EXT_SA2*/
|
|
/*| 1<<SADB_X_EXT_ADDRESS_DST2*/
|
|
,
|
|
/* SADB_X_ADDFLOW */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
| 1<<SADB_X_EXT_ADDRESS_SRC_FLOW
|
|
| 1<<SADB_X_EXT_ADDRESS_DST_FLOW
|
|
| 1<<SADB_X_EXT_ADDRESS_SRC_MASK
|
|
| 1<<SADB_X_EXT_ADDRESS_DST_MASK
|
|
,
|
|
/* SADB_X_DELFLOW */
|
|
1<<SADB_EXT_RESERVED
|
|
/*| 1<<SADB_EXT_SA*/
|
|
#if 0 /* SADB_X_CLREROUTE doesn't need all these... */
|
|
| 1<<SADB_X_EXT_ADDRESS_SRC_FLOW
|
|
| 1<<SADB_X_EXT_ADDRESS_DST_FLOW
|
|
| 1<<SADB_X_EXT_ADDRESS_SRC_MASK
|
|
| 1<<SADB_X_EXT_ADDRESS_DST_MASK
|
|
#endif
|
|
,
|
|
/* SADB_X_DEBUG */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_X_EXT_DEBUG
|
|
#ifdef NAT_TRAVERSAL
|
|
,
|
|
/* SADB_X_NAT_T_NEW_MAPPING */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
| 1<<SADB_X_EXT_NAT_T_SPORT
|
|
| 1<<SADB_X_EXT_NAT_T_DPORT
|
|
#endif
|
|
}
|
|
|
|
},
|
|
|
|
/* OUTBOUND EXTENSIONS */
|
|
{
|
|
|
|
/* PERMITTED OUT */
|
|
{
|
|
/* SADB_RESERVED */
|
|
0
|
|
,
|
|
/* SADB_GETSPI */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
,
|
|
/* SADB_UPDATE */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_LIFETIME_CURRENT
|
|
| 1<<SADB_EXT_LIFETIME_HARD
|
|
| 1<<SADB_EXT_LIFETIME_SOFT
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
| 1<<SADB_EXT_ADDRESS_PROXY
|
|
| 1<<SADB_EXT_IDENTITY_SRC
|
|
| 1<<SADB_EXT_IDENTITY_DST
|
|
| 1<<SADB_EXT_SENSITIVITY
|
|
,
|
|
/* SADB_ADD */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_LIFETIME_HARD
|
|
| 1<<SADB_EXT_LIFETIME_SOFT
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
| 1<<SADB_EXT_IDENTITY_SRC
|
|
| 1<<SADB_EXT_IDENTITY_DST
|
|
| 1<<SADB_EXT_SENSITIVITY
|
|
#ifdef NAT_TRAVERSAL
|
|
| 1<<SADB_X_EXT_NAT_T_TYPE
|
|
| 1<<SADB_X_EXT_NAT_T_SPORT
|
|
| 1<<SADB_X_EXT_NAT_T_DPORT
|
|
| 1<<SADB_X_EXT_NAT_T_OA
|
|
#endif
|
|
,
|
|
/* SADB_DELETE */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
,
|
|
/* SADB_GET */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_LIFETIME_CURRENT
|
|
| 1<<SADB_EXT_LIFETIME_HARD
|
|
| 1<<SADB_EXT_LIFETIME_SOFT
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
| 1<<SADB_EXT_ADDRESS_PROXY
|
|
| 1<<SADB_EXT_KEY_AUTH
|
|
| 1<<SADB_EXT_KEY_ENCRYPT
|
|
| 1<<SADB_EXT_IDENTITY_SRC
|
|
| 1<<SADB_EXT_IDENTITY_DST
|
|
| 1<<SADB_EXT_SENSITIVITY
|
|
,
|
|
/* SADB_ACQUIRE */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
| 1<<SADB_EXT_ADDRESS_PROXY
|
|
| 1<<SADB_EXT_IDENTITY_SRC
|
|
| 1<<SADB_EXT_IDENTITY_DST
|
|
| 1<<SADB_EXT_SENSITIVITY
|
|
| 1<<SADB_EXT_PROPOSAL
|
|
,
|
|
/* SADB_REGISTER */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SUPPORTED_AUTH
|
|
| 1<<SADB_EXT_SUPPORTED_ENCRYPT
|
|
,
|
|
/* SADB_EXPIRE */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_LIFETIME_CURRENT
|
|
| 1<<SADB_EXT_LIFETIME_HARD
|
|
| 1<<SADB_EXT_LIFETIME_SOFT
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
,
|
|
/* SADB_FLUSH */
|
|
1<<SADB_EXT_RESERVED
|
|
,
|
|
/* SADB_DUMP */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_LIFETIME_CURRENT
|
|
| 1<<SADB_EXT_LIFETIME_HARD
|
|
| 1<<SADB_EXT_LIFETIME_SOFT
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
| 1<<SADB_EXT_ADDRESS_PROXY
|
|
| 1<<SADB_EXT_KEY_AUTH
|
|
| 1<<SADB_EXT_KEY_ENCRYPT
|
|
| 1<<SADB_EXT_IDENTITY_SRC
|
|
| 1<<SADB_EXT_IDENTITY_DST
|
|
| 1<<SADB_EXT_SENSITIVITY
|
|
,
|
|
/* SADB_X_PROMISC */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_LIFETIME_CURRENT
|
|
| 1<<SADB_EXT_LIFETIME_HARD
|
|
| 1<<SADB_EXT_LIFETIME_SOFT
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
| 1<<SADB_EXT_ADDRESS_PROXY
|
|
| 1<<SADB_EXT_KEY_AUTH
|
|
| 1<<SADB_EXT_KEY_ENCRYPT
|
|
| 1<<SADB_EXT_IDENTITY_SRC
|
|
| 1<<SADB_EXT_IDENTITY_DST
|
|
| 1<<SADB_EXT_SENSITIVITY
|
|
| 1<<SADB_EXT_PROPOSAL
|
|
| 1<<SADB_EXT_SUPPORTED_AUTH
|
|
| 1<<SADB_EXT_SUPPORTED_ENCRYPT
|
|
| 1<<SADB_EXT_SPIRANGE
|
|
| 1<<SADB_X_EXT_KMPRIVATE
|
|
| 1<<SADB_X_EXT_SATYPE2
|
|
| 1<<SADB_X_EXT_SA2
|
|
| 1<<SADB_X_EXT_ADDRESS_DST2
|
|
,
|
|
/* SADB_X_PCHANGE */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_LIFETIME_CURRENT
|
|
| 1<<SADB_EXT_LIFETIME_HARD
|
|
| 1<<SADB_EXT_LIFETIME_SOFT
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
| 1<<SADB_EXT_ADDRESS_PROXY
|
|
| 1<<SADB_EXT_KEY_AUTH
|
|
| 1<<SADB_EXT_KEY_ENCRYPT
|
|
| 1<<SADB_EXT_IDENTITY_SRC
|
|
| 1<<SADB_EXT_IDENTITY_DST
|
|
| 1<<SADB_EXT_SENSITIVITY
|
|
| 1<<SADB_EXT_PROPOSAL
|
|
| 1<<SADB_EXT_SUPPORTED_AUTH
|
|
| 1<<SADB_EXT_SUPPORTED_ENCRYPT
|
|
| 1<<SADB_EXT_SPIRANGE
|
|
| 1<<SADB_X_EXT_KMPRIVATE
|
|
| 1<<SADB_X_EXT_SATYPE2
|
|
| 1<<SADB_X_EXT_SA2
|
|
| 1<<SADB_X_EXT_ADDRESS_DST2
|
|
,
|
|
/* SADB_X_GRPSA */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
| 1<<SADB_X_EXT_SATYPE2
|
|
| 1<<SADB_X_EXT_SA2
|
|
| 1<<SADB_X_EXT_ADDRESS_DST2
|
|
,
|
|
/* SADB_X_ADDFLOW */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
| 1<<SADB_X_EXT_ADDRESS_SRC_FLOW
|
|
| 1<<SADB_X_EXT_ADDRESS_DST_FLOW
|
|
| 1<<SADB_X_EXT_ADDRESS_SRC_MASK
|
|
| 1<<SADB_X_EXT_ADDRESS_DST_MASK
|
|
| 1<<SADB_X_EXT_PROTOCOL
|
|
,
|
|
/* SADB_X_DELFLOW */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_X_EXT_ADDRESS_SRC_FLOW
|
|
| 1<<SADB_X_EXT_ADDRESS_DST_FLOW
|
|
| 1<<SADB_X_EXT_ADDRESS_SRC_MASK
|
|
| 1<<SADB_X_EXT_ADDRESS_DST_MASK
|
|
| 1<<SADB_X_EXT_PROTOCOL
|
|
,
|
|
/* SADB_X_DEBUG */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_X_EXT_DEBUG
|
|
#ifdef NAT_TRAVERSAL
|
|
,
|
|
/* SADB_X_NAT_T_NEW_MAPPING */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
| 1<<SADB_X_EXT_NAT_T_SPORT
|
|
| 1<<SADB_X_EXT_NAT_T_DPORT
|
|
#endif
|
|
},
|
|
|
|
/* REQUIRED OUT */
|
|
{
|
|
/* SADB_RESERVED */
|
|
0
|
|
,
|
|
/* SADB_GETSPI */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
,
|
|
/* SADB_UPDATE */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
,
|
|
/* SADB_ADD */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
,
|
|
/* SADB_DELETE */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
,
|
|
/* SADB_GET */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
/* | 1<<SADB_EXT_KEY_AUTH */
|
|
/* | 1<<SADB_EXT_KEY_ENCRYPT */
|
|
,
|
|
/* SADB_ACQUIRE */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
| 1<<SADB_EXT_PROPOSAL
|
|
,
|
|
/* SADB_REGISTER */
|
|
1<<SADB_EXT_RESERVED
|
|
/* | 1<<SADB_EXT_SUPPORTED_AUTH
|
|
| 1<<SADB_EXT_SUPPORTED_ENCRYPT */
|
|
,
|
|
/* SADB_EXPIRE */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_LIFETIME_CURRENT
|
|
/* | 1<<SADB_EXT_LIFETIME_HARD
|
|
| 1<<SADB_EXT_LIFETIME_SOFT */
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
,
|
|
/* SADB_FLUSH */
|
|
1<<SADB_EXT_RESERVED
|
|
,
|
|
/* SADB_DUMP */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
| 1<<SADB_EXT_KEY_AUTH
|
|
| 1<<SADB_EXT_KEY_ENCRYPT
|
|
,
|
|
/* SADB_X_PROMISC */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_LIFETIME_CURRENT
|
|
| 1<<SADB_EXT_LIFETIME_HARD
|
|
| 1<<SADB_EXT_LIFETIME_SOFT
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
| 1<<SADB_EXT_ADDRESS_PROXY
|
|
| 1<<SADB_EXT_KEY_AUTH
|
|
| 1<<SADB_EXT_KEY_ENCRYPT
|
|
| 1<<SADB_EXT_IDENTITY_SRC
|
|
| 1<<SADB_EXT_IDENTITY_DST
|
|
| 1<<SADB_EXT_SENSITIVITY
|
|
| 1<<SADB_EXT_PROPOSAL
|
|
| 1<<SADB_EXT_SUPPORTED_AUTH
|
|
| 1<<SADB_EXT_SUPPORTED_ENCRYPT
|
|
| 1<<SADB_EXT_SPIRANGE
|
|
| 1<<SADB_X_EXT_KMPRIVATE
|
|
| 1<<SADB_X_EXT_SATYPE2
|
|
| 1<<SADB_X_EXT_SA2
|
|
| 1<<SADB_X_EXT_ADDRESS_DST2
|
|
,
|
|
/* SADB_X_PCHANGE */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_LIFETIME_CURRENT
|
|
| 1<<SADB_EXT_LIFETIME_HARD
|
|
| 1<<SADB_EXT_LIFETIME_SOFT
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
| 1<<SADB_EXT_ADDRESS_PROXY
|
|
| 1<<SADB_EXT_KEY_AUTH
|
|
| 1<<SADB_EXT_KEY_ENCRYPT
|
|
| 1<<SADB_EXT_IDENTITY_SRC
|
|
| 1<<SADB_EXT_IDENTITY_DST
|
|
| 1<<SADB_EXT_SENSITIVITY
|
|
| 1<<SADB_EXT_PROPOSAL
|
|
| 1<<SADB_EXT_SUPPORTED_AUTH
|
|
| 1<<SADB_EXT_SUPPORTED_ENCRYPT
|
|
| 1<<SADB_EXT_SPIRANGE
|
|
| 1<<SADB_X_EXT_KMPRIVATE
|
|
| 1<<SADB_X_EXT_SATYPE2
|
|
| 1<<SADB_X_EXT_SA2
|
|
| 1<<SADB_X_EXT_ADDRESS_DST2
|
|
,
|
|
/* SADB_X_GRPSA */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
,
|
|
/* SADB_X_ADDFLOW */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
| 1<<SADB_X_EXT_ADDRESS_SRC_FLOW
|
|
| 1<<SADB_X_EXT_ADDRESS_DST_FLOW
|
|
| 1<<SADB_X_EXT_ADDRESS_SRC_MASK
|
|
| 1<<SADB_X_EXT_ADDRESS_DST_MASK
|
|
,
|
|
/* SADB_X_DELFLOW */
|
|
1<<SADB_EXT_RESERVED
|
|
/*| 1<<SADB_EXT_SA*/
|
|
| 1<<SADB_X_EXT_ADDRESS_SRC_FLOW
|
|
| 1<<SADB_X_EXT_ADDRESS_DST_FLOW
|
|
| 1<<SADB_X_EXT_ADDRESS_SRC_MASK
|
|
| 1<<SADB_X_EXT_ADDRESS_DST_MASK
|
|
,
|
|
/* SADB_X_DEBUG */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_X_EXT_DEBUG
|
|
#ifdef NAT_TRAVERSAL
|
|
,
|
|
/* SADB_X_NAT_T_NEW_MAPPING */
|
|
1<<SADB_EXT_RESERVED
|
|
| 1<<SADB_EXT_SA
|
|
| 1<<SADB_EXT_ADDRESS_SRC
|
|
| 1<<SADB_EXT_ADDRESS_DST
|
|
| 1<<SADB_X_EXT_NAT_T_SPORT
|
|
| 1<<SADB_X_EXT_NAT_T_DPORT
|
|
#endif
|
|
}
|
|
}
|
|
};
|
|
|
|
/*
|
|
* $Log: pfkey_v2_ext_bits.c,v $
|
|
* Revision 1.2 2004/03/22 21:53:18 as
|
|
* merged alg-0.8.1 branch with HEAD
|
|
*
|
|
* Revision 1.1.2.1 2004/03/15 22:30:06 as
|
|
* nat-0.6c patch merged
|
|
*
|
|
* Revision 1.1 2004/03/15 20:35:26 as
|
|
* added files from freeswan-2.04-x509-1.5.3
|
|
*
|
|
* Revision 1.15 2002/04/24 07:55:32 mcr
|
|
* #include patches and Makefiles for post-reorg compilation.
|
|
*
|
|
* Revision 1.14 2002/04/24 07:36:40 mcr
|
|
* Moved from ./lib/pfkey_v2_ext_bits.c,v
|
|
*
|
|
* Revision 1.13 2002/01/29 22:25:36 rgb
|
|
* Re-add ipsec_kversion.h to keep MALLOC happy.
|
|
*
|
|
* Revision 1.12 2002/01/29 01:59:10 mcr
|
|
* removal of kversions.h - sources that needed it now use ipsec_param.h.
|
|
* updating of IPv6 structures to match latest in6.h version.
|
|
* removed dead code from freeswan.h that also duplicated kversions.h
|
|
* code.
|
|
*
|
|
* Revision 1.11 2001/10/18 04:45:24 rgb
|
|
* 2.4.9 kernel deprecates linux/malloc.h in favour of linux/slab.h,
|
|
* lib/freeswan.h version macros moved to lib/kversions.h.
|
|
* Other compiler directive cleanups.
|
|
*
|
|
* Revision 1.10 2001/09/08 21:13:35 rgb
|
|
* Added pfkey ident extension support for ISAKMPd. (NetCelo)
|
|
*
|
|
* Revision 1.9 2001/06/14 19:35:16 rgb
|
|
* Update copyright date.
|
|
*
|
|
* Revision 1.8 2001/03/26 23:07:36 rgb
|
|
* Remove requirement for auth and enc key from UPDATE.
|
|
*
|
|
* Revision 1.7 2000/09/12 22:35:37 rgb
|
|
* Restructured to remove unused extensions from CLEARFLOW messages.
|
|
*
|
|
* Revision 1.6 2000/09/09 06:39:01 rgb
|
|
* Added comments for clarity.
|
|
*
|
|
* Revision 1.5 2000/06/02 22:54:14 rgb
|
|
* Added Gerhard Gessler's struct sockaddr_storage mods for IPv6 support.
|
|
*
|
|
* Revision 1.4 2000/01/21 06:27:56 rgb
|
|
* Added address cases for eroute flows.
|
|
* Added comments for each message type.
|
|
* Added klipsdebug switching capability.
|
|
* Fixed GRPSA bitfields.
|
|
*
|
|
* Revision 1.3 1999/12/01 22:20:27 rgb
|
|
* Remove requirement for a proxy address in an incoming getspi message.
|
|
*
|
|
* Revision 1.2 1999/11/27 11:57:06 rgb
|
|
* Consolidated the 4 1-d extension bitmap arrays into one 4-d array.
|
|
* Add CVS log entry to bottom of file.
|
|
* Cleaned out unused bits.
|
|
*
|
|
*/
|