Print this page 
8927 sadb_x_kmc_t's KM cookie should be 64-bits
Reviewed by: Jason King <jason.king@joyent.com>
Reviewed by: Robert Mustacchi <rm@joyent.com>
Reviewed by: Yuri Pankov <yuripv@gmx.com>


 219 
 220 typedef struct ipsec_prot
 221 {
 222         unsigned int
 223                 ipp_use_ah : 1,
 224                 ipp_use_esp : 1,
 225                 ipp_use_se : 1,
 226                 ipp_use_unique : 1,
 227                 ipp_use_espa : 1,
 228                 ipp_pad : 27;
 229         uint8_t         ipp_auth_alg;            /* DOI number */
 230         uint8_t         ipp_encr_alg;            /* DOI number */
 231         uint8_t         ipp_esp_auth_alg;        /* DOI number */
 232         uint16_t        ipp_ah_minbits;          /* AH: min keylen */
 233         uint16_t        ipp_ah_maxbits;          /* AH: max keylen */
 234         uint16_t        ipp_espe_minbits;        /* ESP encr: min keylen */
 235         uint16_t        ipp_espe_maxbits;        /* ESP encr: max keylen */
 236         uint16_t        ipp_espa_minbits;        /* ESP auth: min keylen */
 237         uint16_t        ipp_espa_maxbits;        /* ESP auth: max keylen */
 238         uint32_t        ipp_km_proto;            /* key mgmt protocol */
 239         uint32_t        ipp_km_cookie;           /* key mgmt cookie */
 240         uint32_t        ipp_replay_depth;        /* replay window */
 241         /* XXX add lifetimes */
 242 } ipsec_prot_t;
 243 
 244 #define IPSEC_MAX_KEYBITS (0xffff)
 245 
 246 /*
 247  * An individual policy action, possibly a member of a chain.
 248  *
 249  * Action chains may be shared between multiple policy rules.
 250  *
 251  * With one exception (IPSEC_POLICY_LOG), a chain consists of an
 252  * ordered list of alternative ways to handle a packet.
 253  *
 254  * All actions are also "interned" into a hash table (to allow
 255  * multiple rules with the same action chain to share one copy in
 256  * memory).
 257  */
 258 
 259 typedef struct ipsec_act




 219 
 220 typedef struct ipsec_prot
 221 {
 222         unsigned int
 223                 ipp_use_ah : 1,
 224                 ipp_use_esp : 1,
 225                 ipp_use_se : 1,
 226                 ipp_use_unique : 1,
 227                 ipp_use_espa : 1,
 228                 ipp_pad : 27;
 229         uint8_t         ipp_auth_alg;            /* DOI number */
 230         uint8_t         ipp_encr_alg;            /* DOI number */
 231         uint8_t         ipp_esp_auth_alg;        /* DOI number */
 232         uint16_t        ipp_ah_minbits;          /* AH: min keylen */
 233         uint16_t        ipp_ah_maxbits;          /* AH: max keylen */
 234         uint16_t        ipp_espe_minbits;        /* ESP encr: min keylen */
 235         uint16_t        ipp_espe_maxbits;        /* ESP encr: max keylen */
 236         uint16_t        ipp_espa_minbits;        /* ESP auth: min keylen */
 237         uint16_t        ipp_espa_maxbits;        /* ESP auth: max keylen */
 238         uint32_t        ipp_km_proto;            /* key mgmt protocol */
 239         uint64_t        ipp_km_cookie;           /* key mgmt cookie */
 240         uint32_t        ipp_replay_depth;        /* replay window */
 241         /* XXX add lifetimes */
 242 } ipsec_prot_t;
 243 
 244 #define IPSEC_MAX_KEYBITS (0xffff)
 245 
 246 /*
 247  * An individual policy action, possibly a member of a chain.
 248  *
 249  * Action chains may be shared between multiple policy rules.
 250  *
 251  * With one exception (IPSEC_POLICY_LOG), a chain consists of an
 252  * ordered list of alternative ways to handle a packet.
 253  *
 254  * All actions are also "interned" into a hash table (to allow
 255  * multiple rules with the same action chain to share one copy in
 256  * memory).
 257  */
 258 
 259 typedef struct ipsec_act