Home | History | Annotate | Download | only in racoon 
      1 /*	$NetBSD: localconf.h,v 1.4 2006/09/09 16:22:09 manu Exp $	*/
      2 
      3 /* Id: localconf.h,v 1.13 2005/11/06 18:13:18 monas Exp */
      4 
      5 /*
      6  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
      7  * All rights reserved.
      8  *
      9  * Redistribution and use in source and binary forms, with or without
     10  * modification, are permitted provided that the following conditions
     11  * are met:
     12  * 1. Redistributions of source code must retain the above copyright
     13  *    notice, this list of conditions and the following disclaimer.
     14  * 2. Redistributions in binary form must reproduce the above copyright
     15  *    notice, this list of conditions and the following disclaimer in the
     16  *    documentation and/or other materials provided with the distribution.
     17  * 3. Neither the name of the project nor the names of its contributors
     18  *    may be used to endorse or promote products derived from this software
     19  *    without specific prior written permission.
     20  *
     21  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
     22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
     23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
     24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
     25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
     26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
     27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
     28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
     29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
     30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
     31  * SUCH DAMAGE.
     32  */
     33 
     34 #ifndef _LOCALCONF_H
     35 #define _LOCALCONF_H
     36 
     37 /* local configuration */
     38 
     39 #define LC_DEFAULT_CF	SYSCONFDIR "/racoon.conf"
     40 
     41 #define LC_PATHTYPE_INCLUDE	0
     42 #define LC_PATHTYPE_PSK		1
     43 #define LC_PATHTYPE_CERT	2
     44 #define LC_PATHTYPE_BACKUPSA	3
     45 #define LC_PATHTYPE_SCRIPT	4
     46 #define LC_PATHTYPE_PIDFILE	5
     47 #define LC_PATHTYPE_MAX		6
     48 
     49 #define LC_DEFAULT_PAD_MAXSIZE		20
     50 #define LC_DEFAULT_PAD_RANDOM		TRUE
     51 #define LC_DEFAULT_PAD_RANDOMLEN	FALSE
     52 #define LC_DEFAULT_PAD_STRICT		FALSE
     53 #define LC_DEFAULT_PAD_EXCLTAIL		TRUE
     54 #define LC_DEFAULT_RETRY_COUNTER	5
     55 #define LC_DEFAULT_RETRY_INTERVAL	10
     56 #define LC_DEFAULT_COUNT_PERSEND	1
     57 #define LC_DEFAULT_RETRY_CHECKPH1	30
     58 #define LC_DEFAULT_WAIT_PH2COMPLETE	30
     59 #define LC_DEFAULT_NATT_KA_INTERVAL	20
     60 
     61 #define LC_DEFAULT_SECRETSIZE	16	/* 128 bits */
     62 
     63 #define LC_IDENTTYPE_MAX	5	/* XXX */
     64 
     65 #define	LC_GSSENC_UTF16LE	0	/* GSS ID in UTF-16LE */
     66 #define	LC_GSSENC_LATIN1	1	/* GSS ID in ISO-Latin-1 */
     67 #define	LC_GSSENC_MAX		2
     68 
     69 struct localconf {
     70 	char *racoon_conf;		/* configuration filename */
     71 
     72 	uid_t uid;
     73 	gid_t gid;
     74 	char *chroot;			/* chroot path */
     75 	u_int16_t port_isakmp;		/* port for isakmp as default */
     76 	u_int16_t port_isakmp_natt;	/* port for NAT-T use */
     77 	u_int16_t port_admin;		/* port for admin */
     78 	int default_af;			/* default address family */
     79 
     80 	int sock_admin;
     81 	int sock_pfkey;
     82 	int rtsock;			/* routing socket */
     83 
     84 	int autograbaddr;
     85 	struct myaddrs *myaddrs;
     86 
     87 	char *pathinfo[LC_PATHTYPE_MAX];
     88 	vchar_t *ident[LC_IDENTTYPE_MAX]; /* base of Identifier payload. */
     89 
     90 	int pad_random;
     91 	int pad_randomlen;
     92 	int pad_maxsize;
     93 	int pad_strict;
     94 	int pad_excltail;
     95 
     96 	int retry_counter;		/* times to retry. */
     97 	int retry_interval;		/* interval each retry. */
     98 	int count_persend;		/* the number of packets each retry. */
     99 				/* above 3 values are copied into a handler. */
    100 
    101 	int retry_checkph1;
    102 	int wait_ph2complete;
    103 
    104 	int natt_ka_interval;		/* NAT-T keepalive interval. */
    105 
    106 	int secret_size;
    107 	int strict_address;		/* strictly check addresses. */
    108 
    109 	int complex_bundle;
    110 		/*
    111 		 * If we want to make a packet "IP2 AH ESP IP1 ULP",
    112 		 * the SPD in KAME expresses AH transport + ESP tunnel.
    113 		 * So racoon sent the proposal contained such the order.
    114 		 * But lots of implementation interprets AH tunnel + ESP
    115 		 * tunnel in this case.  racoon has changed the format,
    116 		 * usually uses this format.  If the option, 'complex_bundle'
    117 		 * is enable, racoon uses old format.
    118 		 */
    119 
    120 	int gss_id_enc;			/* GSS ID encoding to use */
    121 };
    122 
    123 extern struct localconf *lcconf;
    124 
    125 extern void initlcconf __P((void));
    126 extern void flushlcconf __P((void));
    127 extern vchar_t *getpskbyname __P((vchar_t *));
    128 extern vchar_t *getpskbyaddr __P((struct sockaddr *));
    129 extern void getpathname __P((char *, int, int, const char *));
    130 extern int sittype2doi __P((int));
    131 extern int doitype2doi __P((int));
    132 extern vchar_t *getpsk __P((const char *, const int));
    133 
    134 extern void restore_params __P((void));
    135 extern void save_params __P((void));
    136 
    137 #endif /* _LOCALCONF_H */
    138