Import initial strongswan 2.7.0 version into SVN.

5 files changed, 668 insertions, 0 deletions

diff --git a/programs/tncfg/.cvsignore b/programs/tncfg/.cvsignore
new file mode 100644
index 000000000..c05ca8d9a
--- /dev/null
+++ b/programs/tncfg/.cvsignore
@@ -0,0 +1 @@
+tncfg
diff --git a/programs/tncfg/Makefile b/programs/tncfg/Makefile
new file mode 100644
index 000000000..ded364dbf
--- /dev/null
+++ b/programs/tncfg/Makefile
@@ -0,0 +1,52 @@
+# Makefile for the KLIPS interface utilities
+# Copyright (C) 1998, 1999  Henry Spencer.
+# Copyright (C) 1999, 2000, 2001  Richard Guy Briggs
+# 
+# This program is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 2 of the License, or (at your
+# option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+# 
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+# or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# for more details.
+#
+# RCSID $Id: Makefile,v 1.1 2004/03/15 20:35:31 as Exp $
+
+FREESWANSRCDIR=../..
+include ${FREESWANSRCDIR}/Makefile.inc
+
+PROGRAM:=tncfg
+EXTRA5PROC=${PROGRAM}.5
+
+LIBS:=${FREESWANLIB}
+
+include ../Makefile.program
+
+#
+# $Log: Makefile,v $
+# Revision 1.1  2004/03/15 20:35:31  as
+# added files from freeswan-2.04-x509-1.5.3
+#
+# Revision 1.4  2002/06/03 20:25:31  mcr
+# 	man page for files actually existant in /proc/net changed back to
+# 	ipsec_foo via new EXTRA5PROC process.
+#
+# Revision 1.3  2002/06/02 21:51:41  mcr
+# 	changed TOPDIR->FREESWANSRCDIR in all Makefiles.
+# 	(note that linux/net/ipsec/Makefile uses TOPDIR because this is the
+# 	kernel sense.)
+#
+# Revision 1.2  2002/04/26 01:21:26  mcr
+# 	while tracking down a missing (not installed) /etc/ipsec.conf,
+# 	MCR has decided that it is not okay for each program subdir to have
+# 	some subset (determined with -f) of possible files.
+# 	Each subdir that defines $PROGRAM, MUST have a PROGRAM.8 file as well as a PROGRAM file.
+# 	Optional PROGRAM.5 files have been added to the makefiles.
+#
+# Revision 1.1  2002/04/24 07:55:32  mcr
+# 	#include patches and Makefiles for post-reorg compilation.
+#
+#
+#
diff --git a/programs/tncfg/tncfg.5 b/programs/tncfg/tncfg.5
new file mode 100644
index 000000000..e4de862c6
--- /dev/null
+++ b/programs/tncfg/tncfg.5
@@ -0,0 +1,109 @@
+.TH IPSEC_TNCFG 5 "27 Jun 2000"
+.\"
+.\" RCSID $Id: tncfg.5,v 1.1 2004/03/15 20:35:31 as Exp $
+.\"
+.SH NAME
+ipsec_tncfg \- lists IPSEC virtual interfaces attached to real interfaces
+.SH SYNOPSIS
+.B ipsec
+.B tncfg
+.PP
+.B cat
+.B /proc/net/ipsec_tncfg
+.SH DESCRIPTION
+.I /proc/net/ipsec_tncfg
+is a read-only file which lists which IPSEC virtual interfaces are
+attached to which real interfaces, through which packets will be
+forwarded once processed by IPSEC.
+.PP
+Each line lists one ipsec I/F.
+A table entry consists of:
+.IP + 3
+an ipsec virtual I/F name
+.IP +
+a visual and machine parsable separator '->', separating the virtual I/F
+and the physical I/F,
+.IP +
+a physical I/F name, to which the ipsec virtual I/F is attached or NULL
+if it is not attached,
+.IP +
+the keyword
+.BR mtu= ,
+.IP +
+the MTU of the ipsec virtual I/F,
+.IP +
+the automatically adjusted effective MTU for PMTU discovery, in brackets,
+.IP +
+a visual and machine parsable separator '->', separating the virtual I/F
+MTU and the physical I/F MTU,
+.IP +
+the MTU of the attached physical I/F.
+.BR 
+.SH EXAMPLES
+.TP
+.B ipsec2 -> eth3 mtu=16260(1443) -> 1500
+.LP
+shows that virtual device
+.B ipsec2
+with an MTU of
+.B 16260
+is connected to physical device
+.B eth3
+with an MTU of
+.B 1500
+and that the effective MTU as a result of PMTU discovery has been
+automatically set to
+.BR 1443.
+.TP
+.B ipsec0 \-> wvlan0 mtu=1400(16260) \-> 1500
+.LP
+shows that virtual device
+.B ipsec0
+with an MTU of
+.B 1400
+is connected to physical device
+.B wvlan0
+with an MTU of
+.B 1500
+and no PMTU packets have gotten far enough to bump down the effective MTU
+from its default of 16260.
+.TP
+.B ipsec3 \-> NULL mtu=0(0) \-> 0
+.LP
+shows that virtual device
+.B ipsec3
+is not connected to any physical device.
+.LP
+.SH "FILES"
+/proc/net/ipsec_tncfg, /usr/local/bin/ipsec
+.SH "SEE ALSO"
+ipsec(8), ipsec_manual(8), ipsec_eroute(5), ipsec_spi(5),
+ipsec_spigrp(5), ipsec_klipsdebug(5), ipsec_tncfg(8), ipsec_version(5),
+ipsec_pf_key(5)
+.SH HISTORY
+Written for the Linux FreeS/WAN project
+<http://www.freeswan.org/>
+by Richard Guy Briggs.
+.\"
+.\" $Log: tncfg.5,v $
+.\" Revision 1.1  2004/03/15 20:35:31  as
+.\" added files from freeswan-2.04-x509-1.5.3
+.\"
+.\" Revision 1.5  2002/04/24 07:35:41  mcr
+.\" Moved from ./klips/utils/tncfg.5,v
+.\"
+.\" Revision 1.4  2001/05/29 05:15:53  rgb
+.\" Added PMTU to output format.
+.\"
+.\" Revision 1.3  2000/06/30 18:21:55  rgb
+.\" Update SEE ALSO sections to include ipsec_version(5) and ipsec_pf_key(5)
+.\" and correct FILES sections to no longer refer to /dev/ipsec which has
+.\" been removed since PF_KEY does not use it.
+.\"
+.\" Revision 1.2  2000/06/28 12:44:12  henry
+.\" format touchup
+.\"
+.\" Revision 1.1  2000/06/28 05:43:01  rgb
+.\" Added manpages for all 5 klips utils.
+.\"
+.\"
diff --git a/programs/tncfg/tncfg.8 b/programs/tncfg/tncfg.8
new file mode 100644
index 000000000..f888f2539
--- /dev/null
+++ b/programs/tncfg/tncfg.8
@@ -0,0 +1,113 @@
+.TH IPSEC_TNCFG 8 "21 Jun 2000"
+.\"
+.\" RCSID $Id: tncfg.8,v 1.1 2004/03/15 20:35:31 as Exp $
+.\"
+.SH NAME
+ipsec tncfg \- associate IPSEC virtual interface with physical interface
+.SH SYNOPSIS
+.B ipsec
+.B tncfg
+.PP
+.B ipsec
+.B tncfg
+.B \-\-attach
+.B \-\-virtual
+virtual
+.B \-\-physical
+physical
+.PP
+.B ipsec
+.B tncfg
+.B \-\-detach
+.B \-\-virtual
+virtual
+.PP
+.B ipsec
+.B tncfg
+.B \-\-clear
+.PP
+.B ipsec
+.B tncfg
+.B \-\-version
+.PP
+.B ipsec
+.B tncfg
+.B \-\-help
+.SH DESCRIPTION
+.I Tncfg
+attaches/detaches IPSEC virtual interfaces to/from
+physical interfaces,
+through which packets will be forwarded once processed by IPSEC.
+.PP
+The form with no additional arguments lists the contents of
+/proc/net/ipsec_tncfg.  The format of /proc/net/ipsec_tncfg is discussed
+in ipsec_tncfg(5).
+The
+.B \-\-attach
+form attaches the
+.I virtual
+interface to the
+.I physical
+one.
+The
+.B \-\-detach
+form detaches the
+.I virtual
+interface from whichever physical interface it is attached to.
+The
+.B \-\-clear
+form clears all the
+.I virtual
+interfaces from whichever physical interfaces they were attached to.
+.PP
+Virtual interfaces typically have names like
+.BR ipsec0 ,
+while physical interfaces typically have names like
+.B eth0
+or
+.BR ppp0 .
+.SH EXAMPLES
+.TP
+.B ipsec tncfg \-\-attach \-\-virtual ipsec0 \-\-physical eth0
+attaches the
+.B ipsec0
+virtual device to the
+.B eth0
+physical device.
+.LP
+.SH "FILES"
+/proc/net/ipsec_tncfg, /usr/local/bin/ipsec
+.SH "SEE ALSO"
+ipsec(8), ipsec_manual(8), ipsec_eroute(8), ipsec_spi(8),
+ipsec_spigrp(8), ipsec_klipsdebug(8), ipsec_tncfg(5)
+.SH HISTORY
+Written for the Linux FreeS/WAN project
+<http://www.freeswan.org/>
+by Richard Guy Briggs.
+.\"
+.\" $Log: tncfg.8,v $
+.\" Revision 1.1  2004/03/15 20:35:31  as
+.\" added files from freeswan-2.04-x509-1.5.3
+.\"
+.\" Revision 1.15  2002/04/24 07:35:41  mcr
+.\" Moved from ./klips/utils/tncfg.8,v
+.\"
+.\" Revision 1.14  2000/09/12 13:09:04  rgb
+.\" Fixed real/physical discrepancy between tncfg.8 and tncfg.c.
+.\"
+.\" Revision 1.13  2000/06/30 18:21:55  rgb
+.\" Update SEE ALSO sections to include ipsec_version(5) and ipsec_pf_key(5)
+.\" and correct FILES sections to no longer refer to /dev/ipsec which has
+.\" been removed since PF_KEY does not use it.
+.\"
+.\" Revision 1.12  2000/06/21 16:54:58  rgb
+.\" Added 'no additional args' text for listing contents of
+.\" /proc/net/ipsec_* files.
+.\"
+.\" Revision 1.11  1999/07/19 18:47:25  henry
+.\" fix slightly-misformed comments
+.\"
+.\" Revision 1.10  1999/04/06 04:54:39  rgb
+.\" Fix/Add RCSID Id: and Log: bits to make PHMDs happy.  This includes
+.\" patch shell fixes.
+.\"
diff --git a/programs/tncfg/tncfg.c b/programs/tncfg/tncfg.c
new file mode 100644
index 000000000..f6aeae0e2
--- /dev/null
+++ b/programs/tncfg/tncfg.c
@@ -0,0 +1,393 @@
+/*
+ * IPSEC interface configuration
+ * Copyright (C) 1996  John Ioannidis.
+ * Copyright (C) 1998, 1999, 2000, 2001  Richard Guy Briggs.
+ * 
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ * 
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+char tncfg_c_version[] = "RCSID $Id: tncfg.c,v 1.1 2004/03/15 20:35:31 as Exp $";
+
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h> /* system(), strtoul() */
+#include <unistd.h> /* getuid() */
+#include <linux/types.h>
+#include <sys/ioctl.h> /* ioctl() */
+
+#include <freeswan.h>
+#ifdef NET_21 /* from freeswan.h */
+#include <linux/sockios.h>
+#include <sys/socket.h>
+#endif /* NET_21 */ /* from freeswan.h */
+
+#if 0
+#include <linux/if.h>
+#else
+#include <net/if.h>
+#endif
+#include <sys/types.h>
+#include <errno.h>
+#include <getopt.h>
+
+#include "freeswan/ipsec_tunnel.h"
+
+static void
+usage(char *name)
+{	
+	fprintf(stdout,"%s --attach --virtual <virtual-device> --physical <physical-device>\n",
+		name);
+	fprintf(stdout,"%s --detach --virtual <virtual-device>\n",
+		name);
+	fprintf(stdout,"%s --clear\n",
+		name);
+	fprintf(stdout,"%s --help\n",
+		name);
+	fprintf(stdout,"%s --version\n",
+		name);
+	fprintf(stdout,"%s\n",
+		name);
+	fprintf(stdout, "        [ --debug ] is optional to any %s command.\n", name);
+	fprintf(stdout, "        [ --label <label> ] is optional to any %s command.\n", name);
+	exit(1);
+}
+
+static struct option const longopts[] =
+{
+	{"virtual", 1, 0, 'V'},
+	{"physical", 1, 0, 'P'},
+	{"attach", 0, 0, 'a'},
+	{"detach", 0, 0, 'd'},
+	{"clear", 0, 0, 'c'},
+	{"help", 0, 0, 'h'},
+	{"version", 0, 0, 'v'},
+	{"label", 1, 0, 'l'},
+	{"optionsfrom", 1, 0, '+'},
+	{"debug", 0, 0, 'g'},
+	{0, 0, 0, 0}
+};
+
+int
+main(int argc, char *argv[])
+{
+	struct ifreq ifr;
+	struct ipsectunnelconf *shc=(struct ipsectunnelconf *)&ifr.ifr_data;
+	int s;
+	int c, previous = -1;
+	char *program_name;
+	int debug = 0;
+	int argcount = argc;
+     
+	memset(&ifr, 0, sizeof(ifr));
+	program_name = argv[0];
+
+	while((c = getopt_long_only(argc, argv, ""/*"adchvV:P:l:+:"*/, longopts, 0)) != EOF) {
+		switch(c) {
+		case 'g':
+			debug = 1;
+			argcount--;
+			break;
+		case 'a':
+			if(shc->cf_cmd) {
+				fprintf(stderr, "%s: exactly one of '--attach', '--detach' or '--clear' options must be specified.\n",	program_name);
+				exit(1);
+			}
+			shc->cf_cmd = IPSEC_SET_DEV;
+			break;
+		case 'd':
+			if(shc->cf_cmd) {
+				fprintf(stderr, "%s: exactly one of '--attach', '--detach' or '--clear' options must be specified.\n",	program_name);
+				exit(1);
+			}
+			shc->cf_cmd = IPSEC_DEL_DEV;
+			break;
+		case 'c':
+			if(shc->cf_cmd) {
+				fprintf(stderr, "%s: exactly one of '--attach', '--detach' or '--clear' options must be specified.\n",	program_name);
+				exit(1);
+			}
+			shc->cf_cmd = IPSEC_CLR_DEV;
+			break;
+		case 'h':
+			usage(program_name);
+			break;
+		case 'v':
+			if(optarg) {
+				fprintf(stderr, "%s: warning; '-v' and '--version' options don't expect arguments, arg '%s' found, perhaps unintended.\n",
+					program_name, optarg);
+			}
+			fprintf(stdout, "%s, %s\n", program_name, tncfg_c_version);
+			exit(1);
+			break;
+		case 'V':
+			strcpy(ifr.ifr_name, optarg);
+			break;
+		case 'P':
+			strcpy(shc->cf_name, optarg);
+			break;
+		case 'l':
+			program_name = malloc(strlen(argv[0])
+					      + 10 /* update this when changing the sprintf() */
+					      + strlen(optarg));
+			sprintf(program_name, "%s --label %s",
+				argv[0],
+				optarg);
+			argcount -= 2;
+			break;
+		case '+': /* optionsfrom */
+			optionsfrom(optarg, &argc, &argv, optind, stderr);
+			/* no return on error */
+			break;
+		default:
+			usage(program_name);
+			break;
+		}
+		previous = c;
+	}
+
+	if(argcount == 1) {
+		system("cat /proc/net/ipsec_tncfg");
+		exit(0);
+	}
+
+	switch(shc->cf_cmd) {
+	case IPSEC_SET_DEV:
+		if(!shc->cf_name) {
+			fprintf(stderr, "%s: physical I/F parameter missing.\n",
+				program_name);
+			exit(1);
+		}
+	case IPSEC_DEL_DEV:
+		if(!ifr.ifr_name) {
+			fprintf(stderr, "%s: virtual I/F parameter missing.\n",
+				program_name);
+			exit(1);
+		}
+		break;
+	case IPSEC_CLR_DEV:
+		strcpy(ifr.ifr_name, "ipsec0");
+		break;
+	default:
+		fprintf(stderr, "%s: exactly one of '--attach', '--detach' or '--clear' options must be specified.\n"
+			"Try %s --help' for usage information.\n",
+			program_name, program_name);
+		exit(1);
+	}
+
+	s=socket(AF_INET, SOCK_DGRAM,0);
+	if(s==-1)
+	{
+		fprintf(stderr, "%s: Socket creation failed -- ", program_name);
+		switch(errno)
+		{
+		case EACCES:
+			if(getuid()==0)
+				fprintf(stderr, "Root denied permission!?!\n");
+			else
+				fprintf(stderr, "Run as root user.\n");
+			break;
+		case EPROTONOSUPPORT:
+			fprintf(stderr, "Internet Protocol not enabled");
+			break;
+		case EMFILE:
+		case ENFILE:
+		case ENOBUFS:
+			fprintf(stderr, "Insufficient system resources.\n");
+			break;
+		case ENODEV:
+			fprintf(stderr, "No such device.  Is the virtual device valid?  Is the ipsec module linked into the kernel or loaded as a module?\n");
+			break;
+		default:
+			fprintf(stderr, "Unknown socket error %d.\n", errno);
+		}
+		exit(1);
+	}
+	if(ioctl(s, shc->cf_cmd, &ifr)==-1)
+	{
+		if(shc->cf_cmd == IPSEC_SET_DEV) {
+			fprintf(stderr, "%s: Socket ioctl failed on attach -- ", program_name);
+			switch(errno)
+			{
+			case EINVAL:
+				fprintf(stderr, "Invalid argument, check kernel log messages for specifics.\n");
+				break;
+			case ENODEV:
+				fprintf(stderr, "No such device.  Is the virtual device valid?  Is the ipsec module linked into the kernel or loaded as a module?\n");
+				break;
+			case ENXIO:
+				fprintf(stderr, "No such device.  Is the physical device valid?\n");
+				break;
+			case EBUSY:
+				fprintf(stderr, "Device busy.  Virtual device %s is already attached to a physical device -- Use detach first.\n",
+				       ifr.ifr_name);
+				break;
+			default:
+				fprintf(stderr, "Unknown socket error %d.\n", errno);
+			}
+			exit(1);
+		}
+		if(shc->cf_cmd == IPSEC_DEL_DEV) {
+			fprintf(stderr, "%s: Socket ioctl failed on detach -- ", program_name);
+			switch(errno)
+			{
+			case EINVAL:
+				fprintf(stderr, "Invalid argument, check kernel log messages for specifics.\n");
+				break;
+			case ENODEV:
+				fprintf(stderr, "No such device.  Is the virtual device valid?  The ipsec module may not be linked into the kernel or loaded as a module.\n");
+				break;
+			case ENXIO:
+				fprintf(stderr, "Device requested is not linked to any physical device.\n");
+				break;
+			default:
+				fprintf(stderr, "Unknown socket error %d.\n", errno);
+			}
+			exit(1);
+		}
+		if(shc->cf_cmd == IPSEC_CLR_DEV) {
+			fprintf(stderr, "%s: Socket ioctl failed on clear -- ", program_name);
+			switch(errno)
+			{
+			case EINVAL:
+				fprintf(stderr, "Invalid argument, check kernel log messages for specifics.\n");
+				break;
+			case ENODEV:
+				fprintf(stderr, "Failed.  Is the ipsec module linked into the kernel or loaded as a module?.\n");
+				break;
+			default:
+				fprintf(stderr, "Unknown socket error %d.\n", errno);
+			}
+			exit(1);
+		}
+	}
+	exit(0);
+}
+	
+/*
+ * $Log: tncfg.c,v $
+ * Revision 1.1  2004/03/15 20:35:31  as
+ * added files from freeswan-2.04-x509-1.5.3
+ *
+ * Revision 1.30  2002/04/24 07:55:32  mcr
+ * 	#include patches and Makefiles for post-reorg compilation.
+ *
+ * Revision 1.29  2002/04/24 07:35:41  mcr
+ * Moved from ./klips/utils/tncfg.c,v
+ *
+ * Revision 1.28  2002/03/08 21:44:05  rgb
+ * Update for all GNU-compliant --version strings.
+ *
+ * Revision 1.27  2001/06/14 19:35:15  rgb
+ * Update copyright date.
+ *
+ * Revision 1.26  2001/05/21 02:02:55  rgb
+ * Eliminate 1-letter options.
+ *
+ * Revision 1.25  2001/05/16 05:07:20  rgb
+ * Fixed --label option in KLIPS manual utils to add the label to the
+ * command name rather than replace it in error text.
+ * Fix 'print table' non-option in KLIPS manual utils to deal with --label
+ * and --debug options.
+ *
+ * Revision 1.24  2000/09/12 13:09:05  rgb
+ * Fixed real/physical discrepancy between tncfg.8 and tncfg.c.
+ *
+ * Revision 1.23  2000/08/27 01:48:30  rgb
+ * Update copyright.
+ *
+ * Revision 1.22  2000/07/26 03:41:46  rgb
+ * Changed all printf's to fprintf's.  Fixed tncfg's usage to stderr.
+ *
+ * Revision 1.21  2000/06/21 16:51:27  rgb
+ * Added no additional argument option to usage text.
+ *
+ * Revision 1.20  2000/01/21 06:26:31  rgb
+ * Added --debug switch to command line.
+ *
+ * Revision 1.19  1999/12/08 20:32:41  rgb
+ * Cleaned out unused cruft.
+ * Changed include file, limiting scope, to avoid conflicts in 2.0.xx
+ * kernels.
+ *
+ * Revision 1.18  1999/12/07 18:27:10  rgb
+ * Added headers to silence fussy compilers.
+ * Converted local functions to static to limit scope.
+ *
+ * Revision 1.17  1999/11/18 04:09:21  rgb
+ * Replaced all kernel version macros to shorter, readable form.
+ *
+ * Revision 1.16  1999/05/25 01:45:36  rgb
+ * Fix version macros for 2.0.x as a module.
+ *
+ * Revision 1.15  1999/05/05 22:02:34  rgb
+ * Add a quick and dirty port to 2.2 kernels by Marc Boucher <marc@mbsi.ca>.
+ *
+ * Revision 1.14  1999/04/15 15:37:28  rgb
+ * Forward check changes from POST1_00 branch.
+ *
+ * Revision 1.10.6.2  1999/04/13 20:58:10  rgb
+ * Add argc==1 --> /proc/net/ipsec_*.
+ *
+ * Revision 1.10.6.1  1999/03/30 17:01:36  rgb
+ * Make main() return type explicit.
+ *
+ * Revision 1.13  1999/04/11 00:12:09  henry
+ * GPL boilerplate
+ *
+ * Revision 1.12  1999/04/06 04:54:39  rgb
+ * Fix/Add RCSID Id: and Log: bits to make PHMDs happy.  This includes
+ * patch shell fixes.
+ *
+ * Revision 1.11  1999/03/17 15:40:54  rgb
+ * Make explicit main() return type of int.
+ *
+ * Revision 1.10  1998/11/12 21:08:04  rgb
+ * Add --label option to identify caller from scripts.
+ *
+ * Revision 1.9  1998/10/09 18:47:30  rgb
+ * Add 'optionfrom' to get more options from a named file.
+ *
+ * Revision 1.8  1998/10/09 04:36:55  rgb
+ * Changed help output from stderr to stdout.
+ * Deleted old commented out cruft.
+ *
+ * Revision 1.7  1998/08/28 03:15:14  rgb
+ * Add some manual long options to the usage text.
+ *
+ * Revision 1.6  1998/08/05 22:29:00  rgb
+ * Change includes to accomodate RH5.x.
+ * Force long option names.
+ * Add ENXIO error return code to narrow down error reporting.
+ *
+ * Revision 1.5  1998/07/29 21:45:28  rgb
+ * Convert to long option names.
+ *
+ * Revision 1.4  1998/07/09 18:14:11  rgb
+ * Added error checking to IP's and keys.
+ * Made most error messages more specific rather than spamming usage text.
+ * Added more descriptive kernel error return codes and messages.
+ * Converted all spi translations to unsigned.
+ * Removed all invocations of perror.
+ *
+ * Revision 1.3  1998/05/27 18:48:20  rgb
+ * Adding --help and --version directives.
+ *
+ * Revision 1.2  1998/04/23 21:11:39  rgb
+ * Fixed 0 argument usage case to prevent sigsegv.
+ *
+ * Revision 1.1.1.1  1998/04/08 05:35:09  henry
+ * RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
+ *
+ * Revision 0.5  1997/06/03 04:31:55  ji
+ * New file.
+ *
+ */