~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~ [ freetext search ] ~ [ file search ] ~

Linux Cross Reference
Linux/include/linux/ipsec.h

Version: ~ [ 2.4.0 ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~ 
  1 /*
  2  *      Definitions for the SECurity layer
  3  *
  4  *      Author:
  5  *              Robert Muchsel <muchsel@acm.org>
  6  *
  7  *      This program is free software; you can redistribute it and/or
  8  *      modify it under the terms of the GNU General Public License
  9  *      as published by the Free Software Foundation; either version
 10  *      2 of the License, or (at your option) any later version.
 11  */
 12  
 13 #ifndef _LINUX_IPSEC_H
 14 #define _LINUX_IPSEC_H
 15 
 16 #include <linux/config.h>
 17 #include <linux/socket.h>
 18 #include <net/sock.h>
 19 #include <linux/skbuff.h>
 20 
 21 /* Values for the set/getsockopt calls */
 22 
 23 /* These defines are compatible with NRL IPv6, however their semantics
 24    is different */
 25 
 26 #define IPSEC_LEVEL_NONE        -1      /* send plaintext, accept any */
 27 #define IPSEC_LEVEL_DEFAULT     0       /* encrypt/authenticate if possible */
 28                                         /* the default MUST be 0, because a */
 29                                         /* socket is initialized with 0's */
 30 #define IPSEC_LEVEL_USE         1       /* use outbound, don't require inbound */
 31 #define IPSEC_LEVEL_REQUIRE     2       /* require both directions */
 32 #define IPSEC_LEVEL_UNIQUE      2       /* for compatibility only */
 33 
 34 #ifdef __KERNEL__
 35 
 36 /* skb bit flags set on packet input processing */
 37 
 38 #define RCV_SEC                 0x0f    /* options on receive */
 39 #define RCV_AUTH                0x01    /* was authenticated */
 40 #define RCV_CRYPT               0x02    /* was encrypted */
 41 #define RCV_TUNNEL              0x04    /* was tunneled */
 42 #define SND_SEC                 0xf0    /* options on send, these are */
 43 #define SND_AUTH                0x10    /* currently unused */
 44 #define SND_CRYPT               0x20
 45 #define SND_TUNNEL              0x40
 46 
 47 /*
 48  *      FIXME: ignores network encryption for now..
 49  */
 50  
 51 #ifdef CONFIG_NET_SECURITY
 52 extern __inline__ int ipsec_sk_policy(struct sock *sk, struct sk_buff *skb)
 53 {
 54         return ((sk->authentication < IPSEC_LEVEL_REQUIRE) ||
 55                 (skb->security & RCV_AUTH)) &&
 56                 ((sk->encryption < IPSEC_LEVEL_REQUIRE) ||
 57                 (skb->security & RCV_CRYPT));
 58 }
 59 
 60 #else
 61 
 62 extern __inline__ int ipsec_sk_policy(struct sock *sk, struct sk_buff *skb)
 63 {
 64         return 1;
 65 }
 66 #endif /* CONFIG */
 67 
 68 #endif  /* __KERNEL__ */
 69 #endif  /* _LINUX_IPSEC_H */
 70
~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~ [ freetext search ] ~ [ file search ] ~
This page was automatically generated by the LXR engine.
Visit the LXR main site for more information.