Annotation of sys/netinet/ip_ah.h, Revision 1.1
1.1 ! nbrk 1: /* $OpenBSD: ip_ah.h,v 1.31 2004/02/17 12:07:45 markus Exp $ */
! 2: /*
! 3: * The authors of this code are John Ioannidis (ji@tla.org),
! 4: * Angelos D. Keromytis (kermit@csd.uch.gr) and
! 5: * Niels Provos (provos@physnet.uni-hamburg.de).
! 6: *
! 7: * The original version of this code was written by John Ioannidis
! 8: * for BSD/OS in Athens, Greece, in November 1995.
! 9: *
! 10: * Ported to OpenBSD and NetBSD, with additional transforms, in December 1996,
! 11: * by Angelos D. Keromytis.
! 12: *
! 13: * Additional transforms and features in 1997 and 1998 by Angelos D. Keromytis
! 14: * and Niels Provos.
! 15: *
! 16: * Additional features in 1999 by Angelos D. Keromytis.
! 17: *
! 18: * Copyright (C) 1995, 1996, 1997, 1998, 1999 John Ioannidis,
! 19: * Angelos D. Keromytis and Niels Provos.
! 20: * Copyright (c) 2001 Angelos D. Keromytis.
! 21: *
! 22: * Permission to use, copy, and modify this software with or without fee
! 23: * is hereby granted, provided that this entire notice is included in
! 24: * all copies of any software which is or includes a copy or
! 25: * modification of this software.
! 26: * You may use this code under the GNU public license if you so wish. Please
! 27: * contribute changes back to the authors under this freer than GPL license
! 28: * so that we may further the use of strong encryption without limitations to
! 29: * all.
! 30: *
! 31: * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
! 32: * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY
! 33: * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
! 34: * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
! 35: * PURPOSE.
! 36: */
! 37:
! 38: #ifndef _NETINET_IP_AH_H_
! 39: #define _NETINET_IP_AH_H_
! 40:
! 41: struct ahstat
! 42: {
! 43: u_int32_t ahs_hdrops; /* Packet shorter than header shows */
! 44: u_int32_t ahs_nopf; /* Protocol family not supported */
! 45: u_int32_t ahs_notdb;
! 46: u_int32_t ahs_badkcr;
! 47: u_int32_t ahs_badauth;
! 48: u_int32_t ahs_noxform;
! 49: u_int32_t ahs_qfull;
! 50: u_int32_t ahs_wrap;
! 51: u_int32_t ahs_replay;
! 52: u_int32_t ahs_badauthl; /* Bad authenticator length */
! 53: u_int32_t ahs_input; /* Input AH packets */
! 54: u_int32_t ahs_output; /* Output AH packets */
! 55: u_int32_t ahs_invalid; /* Trying to use an invalid TDB */
! 56: u_int64_t ahs_ibytes; /* Input bytes */
! 57: u_int64_t ahs_obytes; /* Output bytes */
! 58: u_int32_t ahs_toobig; /* Packet got larger than IP_MAXPACKET */
! 59: u_int32_t ahs_pdrops; /* Packet blocked due to policy */
! 60: u_int32_t ahs_crypto; /* Crypto processing failure */
! 61: };
! 62:
! 63: struct ah
! 64: {
! 65: u_int8_t ah_nh;
! 66: u_int8_t ah_hl;
! 67: u_int16_t ah_rv;
! 68: u_int32_t ah_spi;
! 69: u_int32_t ah_rpl; /* We may not use this, if we're using old xforms */
! 70: };
! 71:
! 72: /* Length of base AH header */
! 73: #define AH_FLENGTH 8
! 74:
! 75: /* Size of the largest hash function output used in AH-new, in bytes */
! 76: #define AH_MAX_HASHLEN 20
! 77:
! 78: /*
! 79: * Names for AH sysctl objects
! 80: */
! 81: #define AHCTL_ENABLE 1 /* Enable AH processing */
! 82: #define AHCTL_MAXID 2
! 83:
! 84: #define AHCTL_NAMES { \
! 85: { 0, 0 }, \
! 86: { "enable", CTLTYPE_INT }, \
! 87: }
! 88:
! 89: #define AHCTL_VARS { \
! 90: NULL, \
! 91: &ah_enable, \
! 92: }
! 93:
! 94: #ifdef _KERNEL
! 95: extern int ah_enable;
! 96: extern struct ahstat ahstat;
! 97: #endif /* _KERNEL */
! 98: #endif /* _NETINET_IP_AH_H_ */
CVSweb