Home | History | Annotate | Download | only in racoon 
      1 /*	$NetBSD: localconf.h,v 1.7 2008/12/23 14:04:42 tteras Exp $	*/
      2 
      3 /* Id: localconf.h,v 1.13 2005/11/06 18:13:18 monas Exp */
      4 
      5 /*
      6  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
      7  * All rights reserved.
      8  *
      9  * Redistribution and use in source and binary forms, with or without
     10  * modification, are permitted provided that the following conditions
     11  * are met:
     12  * 1. Redistributions of source code must retain the above copyright
     13  *    notice, this list of conditions and the following disclaimer.
     14  * 2. Redistributions in binary form must reproduce the above copyright
     15  *    notice, this list of conditions and the following disclaimer in the
     16  *    documentation and/or other materials provided with the distribution.
     17  * 3. Neither the name of the project nor the names of its contributors
     18  *    may be used to endorse or promote products derived from this software
     19  *    without specific prior written permission.
     20  *
     21  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
     22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
     23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
     24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
     25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
     26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
     27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
     28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
     29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
     30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
     31  * SUCH DAMAGE.
     32  */
     33 
     34 #ifndef _LOCALCONF_H
     35 #define _LOCALCONF_H
     36 
     37 /* local configuration */
     38 
     39 #define LC_DEFAULT_CF	SYSCONFDIR "/racoon.conf"
     40 
     41 #define LC_PATHTYPE_INCLUDE	0
     42 #define LC_PATHTYPE_PSK		1
     43 #define LC_PATHTYPE_CERT	2
     44 #define LC_PATHTYPE_BACKUPSA	3
     45 #define LC_PATHTYPE_SCRIPT	4
     46 #define LC_PATHTYPE_PIDFILE	5
     47 #define LC_PATHTYPE_MAX		6
     48 
     49 #define LC_DEFAULT_PAD_MAXSIZE		20
     50 #define LC_DEFAULT_PAD_RANDOM		TRUE
     51 #define LC_DEFAULT_PAD_RANDOMLEN	FALSE
     52 #define LC_DEFAULT_PAD_STRICT		FALSE
     53 #define LC_DEFAULT_PAD_EXCLTAIL		TRUE
     54 #define LC_DEFAULT_RETRY_COUNTER	5
     55 #define LC_DEFAULT_RETRY_INTERVAL	10
     56 #define LC_DEFAULT_COUNT_PERSEND	1
     57 #define LC_DEFAULT_RETRY_CHECKPH1	30
     58 #define LC_DEFAULT_WAIT_PH2COMPLETE	30
     59 #define LC_DEFAULT_NATT_KA_INTERVAL	20
     60 #define LC_DEFAULT_PFKEY_BUFFER_SIZE	0
     61 
     62 #define LC_DEFAULT_SECRETSIZE	16	/* 128 bits */
     63 
     64 #define	LC_GSSENC_UTF16LE	0	/* GSS ID in UTF-16LE */
     65 #define	LC_GSSENC_LATIN1	1	/* GSS ID in ISO-Latin-1 */
     66 #define	LC_GSSENC_MAX		2
     67 
     68 struct localconf {
     69 	char *racoon_conf;		/* configuration filename */
     70 
     71 	uid_t uid;
     72 	gid_t gid;
     73 	char *chroot;			/* chroot path */
     74 	u_int16_t port_isakmp;		/* port for isakmp as default */
     75 	u_int16_t port_isakmp_natt;	/* port for NAT-T use */
     76 	int default_af;			/* default address family */
     77 
     78 	int sock_admin;
     79 	int sock_pfkey;
     80 	int rtsock;			/* routing socket */
     81 
     82 	char *pathinfo[LC_PATHTYPE_MAX];
     83 
     84 	int pad_random;
     85 	int pad_randomlen;
     86 	int pad_maxsize;
     87 	int pad_strict;
     88 	int pad_excltail;
     89 
     90 	int retry_counter;		/* times to retry. */
     91 	int retry_interval;		/* interval each retry. */
     92 	int count_persend;		/* the number of packets each retry. */
     93 				/* above 3 values are copied into a handler. */
     94 
     95 	int retry_checkph1;
     96 	int wait_ph2complete;
     97 
     98 	int natt_ka_interval;		/* NAT-T keepalive interval. */
     99 
    100 	int secret_size;
    101 	int strict_address;		/* strictly check addresses. */
    102 
    103 	int complex_bundle;
    104 		/*
    105 		 * If we want to make a packet "IP2 AH ESP IP1 ULP",
    106 		 * the SPD in KAME expresses AH transport + ESP tunnel.
    107 		 * So racoon sent the proposal contained such the order.
    108 		 * But lots of implementation interprets AH tunnel + ESP
    109 		 * tunnel in this case.  racoon has changed the format,
    110 		 * usually uses this format.  If the option, 'complex_bundle'
    111 		 * is enable, racoon uses old format.
    112 		 */
    113 
    114 	int gss_id_enc;			/* GSS ID encoding to use */
    115 	int pfkey_buffer_size;		/* Set socket buffer size for pfkey */
    116 };
    117 
    118 extern struct localconf *lcconf;
    119 
    120 extern void initlcconf __P((void));
    121 extern void flushlcconf __P((void));
    122 extern vchar_t *getpskbyname __P((vchar_t *));
    123 extern vchar_t *getpskbyaddr __P((struct sockaddr *));
    124 extern void getpathname __P((char *, int, int, const char *));
    125 extern int sittype2doi __P((int));
    126 extern int doitype2doi __P((int));
    127 extern vchar_t *getpsk __P((const char *, const int));
    128 
    129 extern void restore_params __P((void));
    130 extern void save_params __P((void));
    131 
    132 #endif /* _LOCALCONF_H */
    133