summaryrefslogtreecommitdiff
path: root/src/include/linux
diff options
context:
space:
mode:
Diffstat (limited to 'src/include/linux')
-rw-r--r--src/include/linux/ipsec.h5
-rw-r--r--src/include/linux/pfkeyv2.h20
-rw-r--r--src/include/linux/xfrm.h10
3 files changed, 32 insertions, 3 deletions
diff --git a/src/include/linux/ipsec.h b/src/include/linux/ipsec.h
index 81ac63a18..d17a6302a 100644
--- a/src/include/linux/ipsec.h
+++ b/src/include/linux/ipsec.h
@@ -3,7 +3,7 @@
/* The definitions, required to talk to KAME racoon IKE. */
-#include "pfkeyv2.h"
+#include <linux/pfkeyv2.h>
#define IPSEC_PORT_ANY 0
#define IPSEC_ULPROTO_ANY 255
@@ -12,7 +12,8 @@
enum {
IPSEC_MODE_ANY = 0, /* We do not support this for SA */
IPSEC_MODE_TRANSPORT = 1,
- IPSEC_MODE_TUNNEL = 2
+ IPSEC_MODE_TUNNEL = 2,
+ IPSEC_MODE_BEET = 3
};
enum {
diff --git a/src/include/linux/pfkeyv2.h b/src/include/linux/pfkeyv2.h
index 4de9d7761..b4b0712a4 100644
--- a/src/include/linux/pfkeyv2.h
+++ b/src/include/linux/pfkeyv2.h
@@ -226,6 +226,15 @@ struct sadb_x_sec_ctx {
} __attribute__((packed));
/* sizeof(struct sadb_sec_ctx) = 8 */
+/* Used by MIGRATE to pass addresses IKE will use to perform
+ * negotiation with the peer */
+struct sadb_x_kmaddress {
+ uint16_t sadb_x_kmaddress_len;
+ uint16_t sadb_x_kmaddress_exttype;
+ uint32_t sadb_x_kmaddress_reserved;
+} __attribute__((packed));
+/* sizeof(struct sadb_x_kmaddress) == 8 */
+
/* Message types */
#define SADB_RESERVED 0
#define SADB_GETSPI 1
@@ -298,6 +307,13 @@ struct sadb_x_sec_ctx {
#define SADB_X_EALG_BLOWFISHCBC 7
#define SADB_EALG_NULL 11
#define SADB_X_EALG_AESCBC 12
+#define SADB_X_EALG_AESCTR 13
+#define SADB_X_EALG_AES_CCM_ICV8 14
+#define SADB_X_EALG_AES_CCM_ICV12 15
+#define SADB_X_EALG_AES_CCM_ICV16 16
+#define SADB_X_EALG_AES_GCM_ICV8 18
+#define SADB_X_EALG_AES_GCM_ICV12 19
+#define SADB_X_EALG_AES_GCM_ICV16 20
#define SADB_X_EALG_CAMELLIACBC 22
#define SADB_EALG_MAX 253 /* last EALG */
/* private allocations should use 249-255 (RFC2407) */
@@ -339,7 +355,9 @@ struct sadb_x_sec_ctx {
#define SADB_X_EXT_NAT_T_DPORT 22
#define SADB_X_EXT_NAT_T_OA 23
#define SADB_X_EXT_SEC_CTX 24
-#define SADB_EXT_MAX 24
+/* Used with MIGRATE to pass @ to IKE for negotiation */
+#define SADB_X_EXT_KMADDRESS 25
+#define SADB_EXT_MAX 25
/* Identity Extension values */
#define SADB_IDENTTYPE_RESERVED 0
diff --git a/src/include/linux/xfrm.h b/src/include/linux/xfrm.h
index 759885cb6..52f3abd45 100644
--- a/src/include/linux/xfrm.h
+++ b/src/include/linux/xfrm.h
@@ -282,6 +282,7 @@ enum xfrm_attr_type_t {
XFRMA_POLICY_TYPE, /* struct xfrm_userpolicy_type */
XFRMA_MIGRATE,
XFRMA_ALG_AEAD, /* struct xfrm_algo_aead */
+ XFRMA_KMADDRESS, /* struct xfrm_user_kmaddress */
__XFRMA_MAX
#define XFRMA_MAX (__XFRMA_MAX - 1)
@@ -418,6 +419,15 @@ struct xfrm_user_report {
struct xfrm_selector sel;
};
+/* Used by MIGRATE to pass addresses IKE should use to perform
+ * SA negotiation with the peer */
+struct xfrm_user_kmaddress {
+ xfrm_address_t local;
+ xfrm_address_t remote;
+ __u32 reserved;
+ __u16 family;
+};
+
struct xfrm_user_migrate {
xfrm_address_t old_daddr;
xfrm_address_t old_saddr;