83 lines
3.6 KiB
C
83 lines
3.6 KiB
C
/*
|
|
* embedded IPsec
|
|
* Copyright (c) 2003 Niklaus Schild and Christian Scheurer, HTI Biel/Bienne
|
|
* All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without modification,
|
|
* are permitted provided that the following conditions are met:
|
|
*
|
|
* 1. Redistributions of source code must retain the above copyright notice,
|
|
* this list of conditions and the following disclaimer.
|
|
* 2. Redistributions in binary form must reproduce the above copyright notice,
|
|
* this list of conditions and the following disclaimer in the documentation
|
|
* and/or other materials provided with the distribution.
|
|
* 3. The name of the author may not be used to endorse or promote products
|
|
* derived from this software without specific prior written permission.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
|
|
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
|
|
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
|
|
* SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
|
|
* EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
|
|
* OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
|
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
|
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
|
|
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
|
|
* OF SUCH DAMAGE.
|
|
*
|
|
*/
|
|
|
|
/** @file ipsecdev.h
|
|
* @brief Header of IPsec network adapter for lwIP
|
|
*
|
|
* @author Christian Scheurer <http://www.christianscheurer.ch>
|
|
*
|
|
*
|
|
* This document is part of <EM>embedded IPsec<BR>
|
|
* Copyright (c) 2003 Niklaus Schild and Christian Scheurer, HTI Biel/Bienne<BR>
|
|
* All rights reserved.</EM><HR>
|
|
*/
|
|
|
|
|
|
#ifndef __IPSECDEV_H__
|
|
#define __IPSECDEV_H__
|
|
|
|
#include "ipsec_sa.h"
|
|
|
|
#if LWIP_IPSEC
|
|
|
|
#ifdef __NO_TCPIP_STACK__ /**< define __NO_TCPIP_STACK__ to remove dependencies from the lwIP TCP/IP stack (useful for debugging in the simulator) */
|
|
#define IPSEC_HLEN (80) /**< default room for outer IP header, AH(24 bytes with HMAC-xxx-96)/ESP(8 bytes) data */
|
|
#define IPSEC_MTU (1400) /**< maximum packet size which can be handled by ipsecdev */
|
|
#else
|
|
#include "netif.h"
|
|
#define IPSEC_HLEN (PBUF_IP_HLEN + 24 + PBUF_TRANSPORT_HLEN) /**< Add room for an other IP header and AH(24 bytes with HMAC-xxx-96)/ESP(8 bytes) data */
|
|
#define IPSEC_MTU (PBUF_POOL_BUFSIZE - PBUF_LINK_HLEN - IPSEC_HLEN) /**< maximum packet size which can be handled by ipsecdev */
|
|
|
|
/** Used to gather statistics, etc */
|
|
struct ipsecdev_stats
|
|
{
|
|
u32_t sentbytes; /**< #number of sent bytes */
|
|
};
|
|
|
|
void ipsecdev_service(struct netif *);
|
|
err_t ipsecdev4_input(struct pbuf *, struct netif *);
|
|
err_t ipsecdev4_output(struct netif *, struct pbuf *, struct ip_addr *,spd_entry *spd);
|
|
err_t ipsecdev_netlink_output(struct netif *netif, struct pbuf *p) ;
|
|
#if 0
|
|
err_t ipsecdev_init(struct netif *);
|
|
#endif
|
|
err_t ipsecdev_init(void);
|
|
spd_entry *ipsec6_spd_add(ip6_addr_t *src, ip6_addr_t *dst, __u8 proto, __u16 src_port, __u16 dst_port, __u8 policy, spd_table *table);
|
|
void ipsec_set_tunnel(char *src, char *dst) ;
|
|
err_t ipsecdev6_output(struct netif *netif, struct pbuf *p, ip6_addr_t *ipaddr6,spd_entry *spd);
|
|
err_t ipsec4_out_handle(struct pbuf *p, struct ip_addr *ipaddr, struct netif **inp, struct pbuf **p_new);
|
|
err_t ipsec4_in_handle(struct pbuf *p, struct netif *inp,struct pbuf **p_new);
|
|
err_t ipsec6_out_handle(struct pbuf *p, ip6_addr_t *ipaddr, struct netif **inp, struct pbuf **p_new);
|
|
err_t ipsec6_in_handle(struct pbuf *p, struct netif *inp, struct pbuf **p_new, u8_t nexth);
|
|
#endif
|
|
|
|
#endif
|
|
#endif
|
|
|