4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
24 */
25
26 #ifndef _INET_IPSECAH_H
27 #define _INET_IPSECAH_H
28
29 #include <inet/ip.h>
30 #include <inet/ipdrop.h>
31
32 #ifdef __cplusplus
33 extern "C" {
34 #endif
35
36 #include <sys/note.h>
37
38 #ifdef _KERNEL
39 /* Named Dispatch Parameter Management Structure */
40 typedef struct ipsecahparam_s {
41 uint_t ipsecah_param_min;
42 uint_t ipsecah_param_max;
43 uint_t ipsecah_param_value;
97
98 sadbp_t ah_sadb;
99
100 /* Packet dropper for AH drops. */
101 ipdropper_t ah_dropper;
102
103 kstat_t *ah_ksp;
104 ah_kstats_t *ah_kstats;
105
106 /*
107 * Keysock instance of AH. There can be only one per stack instance.
108 * Use atomic_cas_ptr() on this because I don't set it until
109 * KEYSOCK_HELLO comes down.
110 * Paired up with the ah_pfkey_q is the ah_event, which will age SAs.
111 */
112 queue_t *ah_pfkey_q;
113 timeout_id_t ah_event;
114 };
115 typedef struct ipsecah_stack ipsecah_stack_t;
116
117 #endif /* _KERNEL */
118
119 /*
120 * For now, only provide "aligned" version of header.
121 * If aligned version is needed, we'll go with the naming conventions then.
122 */
123
124 typedef struct ah {
125 uint8_t ah_nexthdr;
126 uint8_t ah_length;
127 uint16_t ah_reserved;
128 uint32_t ah_spi;
129 uint32_t ah_replay;
130 } ah_t;
131
132 #define AH_BASELEN 12
133 #define AH_TOTAL_LEN(ah) (((ah)->ah_length << 2) + AH_BASELEN - \
134 sizeof ((ah)->ah_replay))
135
136 /* "Old" AH, without replay. For 1827-29 compatibility. */
|
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
24 * Copyright (c) 2012 Nexenta Systems, Inc. All rights reserved.
25 */
26
27 #ifndef _INET_IPSECAH_H
28 #define _INET_IPSECAH_H
29
30 #include <inet/ip.h>
31 #include <inet/ipdrop.h>
32
33 #ifdef __cplusplus
34 extern "C" {
35 #endif
36
37 #include <sys/note.h>
38
39 #ifdef _KERNEL
40 /* Named Dispatch Parameter Management Structure */
41 typedef struct ipsecahparam_s {
42 uint_t ipsecah_param_min;
43 uint_t ipsecah_param_max;
44 uint_t ipsecah_param_value;
98
99 sadbp_t ah_sadb;
100
101 /* Packet dropper for AH drops. */
102 ipdropper_t ah_dropper;
103
104 kstat_t *ah_ksp;
105 ah_kstats_t *ah_kstats;
106
107 /*
108 * Keysock instance of AH. There can be only one per stack instance.
109 * Use atomic_cas_ptr() on this because I don't set it until
110 * KEYSOCK_HELLO comes down.
111 * Paired up with the ah_pfkey_q is the ah_event, which will age SAs.
112 */
113 queue_t *ah_pfkey_q;
114 timeout_id_t ah_event;
115 };
116 typedef struct ipsecah_stack ipsecah_stack_t;
117
118 #define ipsecah_debug ipsecah_params[0].ipsecah_param_value
119 #define ipsecah_age_interval ipsecah_params[1].ipsecah_param_value
120 #define ipsecah_age_int_max ipsecah_params[1].ipsecah_param_max
121 #define ipsecah_reap_delay ipsecah_params[2].ipsecah_param_value
122 #define ipsecah_replay_size ipsecah_params[3].ipsecah_param_value
123 #define ipsecah_acquire_timeout ipsecah_params[4].ipsecah_param_value
124 #define ipsecah_larval_timeout ipsecah_params[5].ipsecah_param_value
125 #define ipsecah_default_soft_bytes ipsecah_params[6].ipsecah_param_value
126 #define ipsecah_default_hard_bytes ipsecah_params[7].ipsecah_param_value
127 #define ipsecah_default_soft_addtime ipsecah_params[8].ipsecah_param_value
128 #define ipsecah_default_hard_addtime ipsecah_params[9].ipsecah_param_value
129 #define ipsecah_default_soft_usetime ipsecah_params[10].ipsecah_param_value
130 #define ipsecah_default_hard_usetime ipsecah_params[11].ipsecah_param_value
131 #define ipsecah_log_unknown_spi ipsecah_params[12].ipsecah_param_value
132
133 #endif /* _KERNEL */
134
135 /*
136 * For now, only provide "aligned" version of header.
137 * If aligned version is needed, we'll go with the naming conventions then.
138 */
139
140 typedef struct ah {
141 uint8_t ah_nexthdr;
142 uint8_t ah_length;
143 uint16_t ah_reserved;
144 uint32_t ah_spi;
145 uint32_t ah_replay;
146 } ah_t;
147
148 #define AH_BASELEN 12
149 #define AH_TOTAL_LEN(ah) (((ah)->ah_length << 2) + AH_BASELEN - \
150 sizeof ((ah)->ah_replay))
151
152 /* "Old" AH, without replay. For 1827-29 compatibility. */
|