2
* Copyright (C) 1997 Angelos D. Keromytis.
3
* Copyright (C) 1998-2002 D. Hugh Redelmeier.
5
* This program is free software; you can redistribute it and/or modify it
6
* under the terms of the GNU General Public License as published by the
7
* Free Software Foundation; either version 2 of the License, or (at your
8
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10
* This program is distributed in the hope that it will be useful, but
11
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
15
* RCSID $Id: constants.h,v 1.120.2.2 2004/05/07 03:17:06 ken Exp $
18
extern const char compile_time_interop_options[];
20
extern void init_constants(void);
23
* NOTE:For debugging purposes, constants.c has tables to map numbers back to names.
24
* Any changes here should be reflected there.
27
#define elemsof(array) (sizeof(array) / sizeof(*(array))) /* number of elements in an array */
29
/* Many routines return only success or failure, but wish to describe
30
* the failure in a message. We use the convention that they return
31
* a NULL on success and a pointer to constant string on failure.
32
* The fact that the string is a constant is limiting, but it
33
* avoids storage management issues: the recipient is allowed to assume
34
* that the string will live "long enough" (usually forever).
35
* <openswan.h> defines err_t for this return type.
42
#define NULL_FD (-1) /* NULL file descriptor */
43
#define dup_any(fd) ((fd) == NULL_FD? NULL_FD : dup(fd))
44
#define close_any(fd) { if ((fd) != NULL_FD) { close(fd); (fd) = NULL_FD; } }
46
#define BITS_PER_BYTE 8
47
#define BYTES_FOR_BITS(b) (((b) + BITS_PER_BYTE - 1) / BITS_PER_BYTE)
49
#define streq(a, b) (strcmp((a), (b)) == 0) /* clearer shorthand */
50
#define strcaseeq(a, b) (strcasecmp((a), (b)) == 0) /* clearer shorthand */
52
/* set type with room for at least 32 elements */
54
typedef unsigned long lset_t;
56
#define LELEM(opt) (1UL << (opt))
57
#define LRANGE(lwb, upb) LRANGES(LELEM(lwb), LELEM(upb))
58
#define LRANGES(first, last) (last - first + last)
59
#define LHAS(set, elem) ((LELEM(elem) & (set)) != LEMPTY)
60
#define LIN(subset, set) (((subset) & (set)) == (subset))
61
#define LDISJOINT(a, b) (((a) & (b)) == LEMPTY)
63
/* Control and lock pathnames */
65
#ifndef DEFAULT_CTLBASE
66
# define DEFAULT_CTLBASE "/var/run/pluto"
69
#define CTL_SUFFIX ".ctl" /* for UNIX domain socket pathname */
70
#define LOCK_SUFFIX ".pid" /* for pluto's lock */
71
#define INFO_SUFFIX ".info" /* for UNIX domain socket for apps */
73
/* Routines to check and display values.
75
* An enum_names describes an enumeration.
76
* enum_name() returns the name of an enum value, or NULL if invalid.
77
* enum_show() is like enum_name, except it formats a numeric representation
78
* for any invalid value (in a static area!)
80
* bitnames() formats a display of a set of named bits (in a static area)
83
typedef const struct enum_names enum_names;
85
extern const char *enum_name(enum_names *ed, unsigned long val);
86
extern const char *enum_show(enum_names *ed, unsigned long val);
88
extern bool testset(const char *const table[], lset_t val);
89
extern const char *bitnamesof(const char *const table[], lset_t val);
91
/* sparse_names is much like enum_names, except values are
92
* not known to be contiguous or ordered.
93
* The array of names is ended with one with the name sparse_end
94
* (this avoids having to reserve a value to signify the end).
95
* Often appropriate for enums defined by others.
99
const char *const name;
101
typedef const struct sparse_name sparse_names[];
103
extern const char *sparse_name(sparse_names sd, unsigned long val);
104
extern const char *sparse_val_show(sparse_names sd, unsigned long val);
105
extern const char sparse_end[];
107
#define FULL_INET_ADDRESS_SIZE 6
109
/* Group parameters from draft-ietf-ike-01.txt section 6 */
111
#define MODP_GENERATOR "2"
113
#define MODP768_MODULUS \
114
"FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 " \
115
"29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD " \
116
"EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 " \
117
"E485B576 625E7EC6 F44C42E9 A63A3620 FFFFFFFF FFFFFFFF"
119
#define MODP1024_MODULUS \
120
"FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 " \
121
"29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD " \
122
"EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 " \
123
"E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED " \
124
"EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE65381 " \
127
#define MODP1536_MODULUS \
128
"FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 " \
129
"29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD " \
130
"EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 " \
131
"E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED " \
132
"EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE45B3D " \
133
"C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8 FD24CF5F " \
134
"83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D " \
135
"670C354E 4ABC9804 F1746C08 CA237327 FFFFFFFF FFFFFFFF "
137
#define LOCALSECRETSIZE BYTES_FOR_BITS(256)
139
/* limits on nonce sizes. See RFC2409 "The internet key exchange (IKE)" 5 */
140
#define MINIMUM_NONCE_SIZE 8 /* bytes */
141
#define DEFAULT_NONCE_SIZE 16 /* bytes */
142
#define MAXIMUM_NONCE_SIZE 256 /* bytes */
144
#define COOKIE_SIZE 8
145
#define MAX_ISAKMP_SPI_SIZE 16
147
#define MD2_DIGEST_SIZE BYTES_FOR_BITS(128) /* ought to be supplied by md2.h */
148
#define MD5_DIGEST_SIZE BYTES_FOR_BITS(128) /* ought to be supplied by md5.h */
149
#define SHA1_DIGEST_SIZE BYTES_FOR_BITS(160) /* ought to be supplied by sha1.h */
151
#define DES_CBC_BLOCK_SIZE BYTES_FOR_BITS(64)
153
#define DSS_QBITS 160 /* bits in DSS's "q" (FIPS 186-1) */
155
/* to statically allocate IV, we need max of
156
* MD5_DIGEST_SIZE, SHA1_DIGEST_SIZE, and DES_CBC_BLOCK_SIZE.
157
* To avoid combinatorial explosion, we leave out DES_CBC_BLOCK_SIZE.
159
#define MAX_DIGEST_LEN (MD5_DIGEST_SIZE > SHA1_DIGEST_SIZE? MD5_DIGEST_SIZE : SHA1_DIGEST_SIZE)
161
/* RFC 2404 "HMAC-SHA-1-96" section 3 */
162
#define HMAC_SHA1_KEY_LEN SHA1_DIGEST_SIZE
164
/* RFC 2403 "HMAC-MD5-96" section 3 */
165
#define HMAC_MD5_KEY_LEN MD5_DIGEST_SIZE
167
#define IKE_UDP_PORT 500
171
extern enum_names timer_event_names;
174
EVENT_NULL, /* non-event */
175
EVENT_REINIT_SECRET, /* Refresh cookie secret */
177
EVENT_SHUNT_SCAN, /* scan shunt eroutes known to kernel */
179
EVENT_SO_DISCARD, /* discard unfinished state object */
180
EVENT_RETRANSMIT, /* Retransmit packet */
181
EVENT_SA_REPLACE, /* SA replacement event */
182
EVENT_SA_REPLACE_IF_USED, /* SA replacement event */
183
EVENT_SA_EXPIRE, /* SA expiration event */
184
EVENT_NAT_T_KEEPALIVE,
185
EVENT_LOG_DAILY /* reset certain log events/stats */
188
#define EVENT_REINIT_SECRET_DELAY 3600 /* 1 hour */
189
#define EVENT_RETRANSMIT_DELAY_0 10 /* 10 seconds */
193
#define MAXIMUM_RETRANSMISSIONS 2
194
#define MAXIMUM_RETRANSMISSIONS_INITIAL 20
196
#define MAX_INPUT_UDP_SIZE 65536
197
#define MAX_OUTPUT_UDP_SIZE 65536
199
/* Version numbers */
201
#define ISAKMP_MAJOR_VERSION 0x1
202
#define ISAKMP_MINOR_VERSION 0x0
204
extern enum_names version_names;
206
/* Domain of Interpretation */
208
extern enum_names doi_names;
210
#define ISAKMP_DOI_ISAKMP 0
211
#define ISAKMP_DOI_IPSEC 1
213
/* IPsec DOI things */
215
#define IPSEC_DOI_SITUATION_LENGTH 4
216
#define IPSEC_DOI_LDI_LENGTH 4
217
#define IPSEC_DOI_SPI_SIZE 4
219
/* SPI value 0 is invalid and values 1-255 are reserved to IANA.
220
* ESP: RFC 2402 2.4; AH: RFC 2406 2.1
221
* IPComp RFC 2393 substitutes a CPI in the place of an SPI.
222
* see also draft-shacham-ippcp-rfc2393bis-05.txt.
223
* We (Openswan) reserve 0x100 to 0xFFF for manual keying, so
224
* Pluto won't generate these values.
226
#define IPSEC_DOI_SPI_MIN 0x100
227
#define IPSEC_DOI_SPI_OUR_MIN 0x1000
229
/* debugging settings: a set of selections for reporting
230
* These would be more naturally situated in log.h,
231
* but they are shared with whack.
232
* IMPAIR_* actually change behaviour, usually badly,
233
* to aid in testing. Naturally, these are not included in ALL.
235
* NOTE: changes here must be done in concert with changes to DBGOPT_*
236
* in whack.c. A change to WHACK_MAGIC in whack.h will be required too.
239
extern const char *const debug_bit_names[];
241
#define DBG_RAW LELEM(0) /* raw packet I/O */
242
#define DBG_CRYPT LELEM(1) /* encryption/decryption of messages */
243
#define DBG_PARSING LELEM(2) /* show decoding of messages */
244
#define DBG_EMITTING LELEM(3) /* show encoding of messages */
245
#define DBG_CONTROL LELEM(4) /* control flow within Pluto */
246
#define DBG_LIFECYCLE LELEM(5) /* SA lifecycle */
247
#define DBG_KLIPS LELEM(6) /* messages to KLIPS */
248
#define DBG_DNS LELEM(7) /* DNS activity */
249
#define DBG_OPPO LELEM(8) /* opportunism */
250
#define DBG_CONTROLMORE LELEM(9) /* more detailed debugging */
252
#define DBG_PFKEY LELEM(10) /*turn on the pfkey library debugging*/
253
#define DBG_NATT LELEM(11) /* debugging of NAT-traversal */
254
#define DBG_PRIVATE LELEM(12) /* private information: DANGER! */
256
#define IMPAIR0 13 /* first bit for IMPAIR_* */
258
#define IMPAIR_DELAY_ADNS_KEY_ANSWER LELEM(IMPAIR0+0) /* sleep before answering */
259
#define IMPAIR_DELAY_ADNS_TXT_ANSWER LELEM(IMPAIR0+1) /* sleep before answering */
260
#define IMPAIR_BUST_MI2 LELEM(IMPAIR0+2) /* make MI2 really large */
261
#define IMPAIR_BUST_MR2 LELEM(IMPAIR0+3) /* make MI2 really large */
263
#define DBG_NONE 0 /* no options on, including impairments */
264
#define DBG_ALL LRANGES(DBG_RAW, DBG_NATT) /* all logging options on EXCEPT DBG_PRIVATE */
267
/* State of exchanges
269
* The name of the state describes the last message sent, not the
270
* message currently being input or output (except during retry).
271
* In effect, the state represents the last completed action.
273
* Messages are named [MQ][IR]n where
274
* - M stands for Main Mode (Phase 1);
275
* Q stands for Quick Mode (Phase 2)
276
* - I stands for Initiator;
277
* R stands for Responder
278
* - n, a digit, stands for the number of the message
280
* It would be more convenient if each state accepted a message
281
* and produced one. This is the case for states at the start
282
* or end of an exchange. To fix this, we pretend that there are
283
* MR0 and QR0 messages before the MI1 and QR1 messages. Similarly,
284
* we pretend that there are MR4 and QR2 messages.
286
* STATE_MAIN_R0 and STATE_QUICK_R0 are intermediate states (not
287
* retained between messages) representing the state that accepts the
288
* first message of an exchange has been read but not processed.
290
* state_microcode state_microcode_table in demux.c describes
291
* other important details.
294
extern enum_names state_names;
295
extern const char *const state_story[];
298
STATE_UNDEFINED, /* 0 -- most likely accident */
300
/* Opportunism states: see "Opportunistic Encryption" 2.2 */
302
OPPO_ACQUIRE, /* got an ACQUIRE message for this pair */
303
OPPO_GW_DISCOVERED, /* got TXT specifying gateway */
323
STATE_INFO_PROTECTED,
326
STATE_XAUTH_R0, /* server state has sent request, awaiting reply */
327
STATE_XAUTH_R1, /* server state has sent success/fail, awaiting reply */
332
STATE_XAUTH_I0, /* client state is awaiting request */
333
STATE_XAUTH_I1, /* client state is awaiting result code */
339
#define STATE_IKE_FLOOR STATE_MAIN_R0
341
#define PHASE1_INITIATOR_STATES (LELEM(STATE_MAIN_I1) | LELEM(STATE_MAIN_I2) \
342
| LELEM(STATE_MAIN_I3) | LELEM(STATE_MAIN_I4))
343
#define ISAKMP_SA_ESTABLISHED_STATES (LELEM(STATE_MAIN_R3) | LELEM(STATE_MAIN_I4))
345
#define IS_PHASE1(s) (STATE_MAIN_R0 <= (s) && (s) <= STATE_MAIN_I4)
346
#define IS_QUICK(s) (STATE_QUICK_R0 <= (s) && (s) <= STATE_QUICK_R2)
347
#define IS_ISAKMP_SA_ESTABLISHED(s) ((s) == STATE_MAIN_R3 || (s) == STATE_MAIN_I4 \
348
|| (s) == STATE_XAUTH_R0 || (s) == STATE_XAUTH_R1 \
349
|| (s) == STATE_XAUTH_I0 || (s) == STATE_XAUTH_I1)
350
#define IS_IPSEC_SA_ESTABLISHED(s) ((s) == STATE_QUICK_I2 || (s) == STATE_QUICK_R2)
351
#define IS_ONLY_INBOUND_IPSEC_SA_ESTABLISHED(s) ((s) == STATE_QUICK_R1)
353
#define IS_MODE_CFG_ESTABLISHED(s) ((s) == STATE_MODE_CFG_R2)
356
/* kind of struct connection
357
* Ordered (mostly) by concreteness. Order is exploited.
360
extern enum_names connection_kind_names;
362
enum connection_kind {
363
CK_GROUP, /* policy group: instantiates to template */
364
CK_TEMPLATE, /* abstract connection, with wildcard */
365
CK_PERMANENT, /* normal connection */
366
CK_INSTANCE, /* instance of template, created for a particular attempt */
367
CK_GOING_AWAY /* instance being deleted -- don't delete again */
372
* Note: routing ignores source address, but erouting does not!
373
* Note: a connection can only be routed if it is NEVER_NEGOTIATE
374
* or HAS_IPSEC_POLICY.
377
extern enum_names routing_story;
379
/* note that this is assumed to be ordered! */
381
RT_UNROUTED, /* unrouted */
382
RT_UNROUTED_HOLD, /* unrouted, but HOLD shunt installed */
383
RT_ROUTED_ECLIPSED, /* RT_ROUTED_PROSPECTIVE except bare HOLD or instance has eroute */
384
RT_ROUTED_PROSPECTIVE, /* routed, and prospective shunt installed */
385
RT_ROUTED_HOLD, /* routed, and HOLD shunt installed */
386
RT_ROUTED_FAILURE, /* routed, and failure-context shunt installed */
387
RT_ROUTED_TUNNEL, /* routed, and erouted to an IPSEC SA group */
388
RT_UNROUTED_KEYED /* keyed, but not routed, on purpose */
391
#define routed(rs) ((rs) > RT_UNROUTED_HOLD)
392
#define erouted(rs) ((rs) != RT_UNROUTED)
393
#define shunt_erouted(rs) (erouted(rs) && (rs) != RT_ROUTED_TUNNEL)
395
extern enum_names certpolicy_type_names;
399
cert_sendifasked = 2, /* the default */
407
* RFC2408 Internet Security Association and Key Management Protocol (ISAKMP)
411
* Private USE 128-255
414
extern enum_names payload_names;
415
extern const char *const payload_name[];
417
#define ISAKMP_NEXT_NONE 0 /* No other payload following */
418
#define ISAKMP_NEXT_SA 1 /* Security Association */
419
#define ISAKMP_NEXT_P 2 /* Proposal */
420
#define ISAKMP_NEXT_T 3 /* Transform */
421
#define ISAKMP_NEXT_KE 4 /* Key Exchange */
422
#define ISAKMP_NEXT_ID 5 /* Identification */
423
#define ISAKMP_NEXT_CERT 6 /* Certificate */
424
#define ISAKMP_NEXT_CR 7 /* Certificate Request */
425
#define ISAKMP_NEXT_HASH 8 /* Hash */
426
#define ISAKMP_NEXT_SIG 9 /* Signature */
427
#define ISAKMP_NEXT_NONCE 10 /* Nonce */
428
#define ISAKMP_NEXT_N 11 /* Notification */
429
#define ISAKMP_NEXT_D 12 /* Delete */
430
#define ISAKMP_NEXT_VID 13 /* Vendor ID */
431
#define ISAKMP_NEXT_ATTR 14 /* Mode config Attribute */
432
#define ISAKMP_NEXT_NATD_RFC 15 /* NAT-Traversal: NAT-D (rfc) */
433
#define ISAKMP_NEXT_NATOA_RFC 16 /* NAT-Traversal: NAT-OA (rfc) */
434
#define ISAKMP_NEXT_ROOF 17 /* roof on payload types */
435
#define ISAKMP_NEXT_NATD_DRAFTS 130 /* NAT-Traversal: NAT-D (drafts) */
436
#define ISAKMP_NEXT_NATOA_DRAFTS 131 /* NAT-Traversal: NAT-OA (drafts) */
438
/* These values are to be used within the Type field of an Attribute (14)
440
#define ISAKMP_CFG_REQUEST 1
441
#define ISAKMP_CFG_REPLY 2
442
#define ISAKMP_CFG_SET 3
443
#define ISAKMP_CFG_ACK 4
445
extern enum_names attr_msg_type_names;
447
/* Mode Config attribute values */
448
#define INTERNAL_IP4_ADDRESS 1
449
#define INTERNAL_IP4_NETMASK 2
450
#define INTERNAL_IP4_DNS 3
451
#define INTERNAL_IP4_NBNS 4
452
#define INTERNAL_ADDRESS_EXPIRY 5
453
#define INTERNAL_IP4_DHCP 6
454
#define APPLICATION_VERSION 7
455
#define INTERNAL_IP6_ADDRESS 8
456
#define INTERNAL_IP6_NETMASK 9
457
#define INTERNAL_IP6_DNS 10
458
#define INTERNAL_IP6_NBNS 11
459
#define INTERNAL_IP6_DHCP 12
460
#define INTERNAL_IP4_SUBNET 13
461
#define SUPPORTED_ATTRIBUTES 14
462
#define INTERNAL_IP6_SUBNET 15
464
/* XAUTH attribute values */
465
#define XAUTH_TYPE 16520
466
#define XAUTH_USER_NAME 16521
467
#define XAUTH_USER_PASSWORD 16522
468
#define XAUTH_PASSCODE 16523
469
#define XAUTH_MESSAGE 16524
470
#define XAUTH_CHALLENGE 16525
471
#define XAUTH_DOMAIN 16526
472
#define XAUTH_STATUS 16527
473
#define XAUTH_NEXT_PIN 16528
474
#define XAUTH_ANSWER 16529
476
#define XAUTH_TYPE_GENERIC 0
477
#define XAUTH_TYPE_CHAP 1
478
#define XAUTH_TYPE_OTP 2
479
#define XAUTH_TYPE_SKEY 3
481
extern enum_names modecfg_attr_names;
482
extern enum_names xauth_type_names;
485
* RFC2408 "Internet Security Association and Key Management Protocol (ISAKMP)"
488
* ISAKMP Future Use 6 - 31
489
* DOI Specific Use 32 - 239
490
* Private Use 240 - 255
492
* Note: draft-ietf-ipsec-dhless-enc-mode-00.txt Appendix A
493
* defines "DHless RSA Encryption" as 6.
496
extern enum_names exchange_names;
498
#define ISAKMP_XCHG_NONE 0
499
#define ISAKMP_XCHG_BASE 1
500
#define ISAKMP_XCHG_IDPROT 2 /* ID Protection */
501
#define ISAKMP_XCHG_AO 3 /* Authentication Only */
502
#define ISAKMP_XCHG_AGGR 4 /* Aggressive */
503
#define ISAKMP_XCHG_INFO 5 /* Informational */
504
#define ISAKMP_XCHG_MODE_CFG 6 /* Mode Config */
506
/* Extra exchange types, defined by Oakley
507
* RFC2409 "The Internet Key Exchange (IKE)", near end of Appendix A
509
#define ISAKMP_XCHG_QUICK 32 /* Oakley Quick Mode */
510
#define ISAKMP_XCHG_NGRP 33 /* Oakley New Group Mode */
511
/* added in draft-ietf-ipsec-ike-01.txt, near end of Appendix A */
512
#define ISAKMP_XCHG_ACK_INFO 34 /* Oakley Acknowledged Informational */
516
extern const char *const flag_bit_names[];
518
#define ISAKMP_FLAG_ENCRYPTION 0x1
519
#define ISAKMP_FLAG_COMMIT 0x2
521
/* Situation definition for IPsec DOI */
523
extern const char *const sit_bit_names[];
525
#define SIT_IDENTITY_ONLY 0x01
526
#define SIT_SECRECY 0x02
527
#define SIT_INTEGRITY 0x04
530
* RFC2407 The Internet IP security Domain of Interpretation for ISAKMP 4.4.1
533
extern enum_names protocol_names;
535
#define PROTO_ISAKMP 1
536
#define PROTO_IPSEC_AH 2
537
#define PROTO_IPSEC_ESP 3
538
#define PROTO_IPCOMP 4
540
/* warning: trans_show uses enum_show, so same static buffer is used */
541
#define trans_show(p, t) \
542
((p)==PROTO_IPSEC_AH ? enum_show(&ah_transformid_names, (t)) \
543
: (p)==PROTO_IPSEC_ESP ? enum_show(&esp_transformid_names, (t)) \
544
: (p)==PROTO_IPCOMP ? enum_show(&ipcomp_transformid_names, (t)) \
547
/* many transform values are moved to openswan/ipsec_policy.h */
549
extern enum_names isakmp_transformid_names;
553
extern enum_names ah_transformid_names;
554
extern enum_names esp_transformid_names;
555
extern enum_names ipcomp_transformid_names;
557
/* the following are from RFC 2393/draft-shacham-ippcp-rfc2393bis-05.txt 3.3 */
558
typedef u_int16_t cpi_t;
559
#define IPCOMP_CPI_SIZE 2
560
#define IPCOMP_FIRST_NEGOTIATED 256
561
#define IPCOMP_LAST_NEGOTIATED 61439
563
/* Identification type values
564
* RFC 2407 The Internet IP security Domain of Interpretation for ISAKMP 4.6.2.1
567
extern enum_names ident_names;
568
extern enum_names cert_type_names;
570
/* Policies for establishing an SA
572
* These are used to specify attributes (eg. encryption) and techniques
573
* (eg PFS) for an SA.
574
* Note: certain CD_ definitions in whack.c parallel these -- keep them
578
extern const char *const sa_policy_bit_names[];
579
extern const char *prettypolicy(lset_t policy);
581
/* ISAKMP auth techniques (none means never negotiate) */
582
#define POLICY_PSK LELEM(0)
583
#define POLICY_RSASIG LELEM(1)
585
#define POLICY_ISAKMP_SHIFT 0 /* log2(POLICY_PSK) */
587
/* policies that affect ID types that are acceptable - RSA, PSK, XAUTH */
588
#define POLICY_ID_AUTH_MASK LRANGES(POLICY_PSK, POLICY_RSASIG)
590
/* policies that affect choices of proposal, note, does not include XAUTH */
591
#define POLICY_ISAKMP(x,xs,xc) (((x) & LRANGES(POLICY_PSK, POLICY_RSASIG)) + \
594
/* Quick Mode (IPSEC) attributes */
595
#define POLICY_ENCRYPT LELEM(2) /* must be first of IPSEC policies */
596
#define POLICY_AUTHENTICATE LELEM(3) /* must be second */
597
#define POLICY_COMPRESS LELEM(4) /* must be third */
598
#define POLICY_TUNNEL LELEM(5)
599
#define POLICY_PFS LELEM(6)
600
#define POLICY_DISABLEARRIVALCHECK LELEM(7) /* supress tunnel egress address checking */
602
#define POLICY_IPSEC_SHIFT 2 /* log2(POLICY_ENCRYPT) */
603
#define POLICY_IPSEC_MASK LRANGES(POLICY_ENCRYPT, POLICY_DISABLEARRIVALCHECK)
605
/* shunt attributes: what to do when routed without tunnel (2 bits) */
606
#define POLICY_SHUNT_SHIFT 8 /* log2(POLICY_SHUNT_PASS) */
607
#define POLICY_SHUNT_MASK (03ul << POLICY_SHUNT_SHIFT)
609
#define POLICY_SHUNT_TRAP (0ul << POLICY_SHUNT_SHIFT) /* default: negotiate */
610
#define POLICY_SHUNT_PASS (1ul << POLICY_SHUNT_SHIFT)
611
#define POLICY_SHUNT_DROP (2ul << POLICY_SHUNT_SHIFT)
612
#define POLICY_SHUNT_REJECT (3ul << POLICY_SHUNT_SHIFT)
614
/* fail attributes: what to do with failed negotiation (2 bits) */
616
#define POLICY_FAIL_SHIFT 10 /* log2(POLICY_FAIL_PASS) */
617
#define POLICY_FAIL_MASK (03ul << POLICY_FAIL_SHIFT)
619
#define POLICY_FAIL_NONE (0ul << POLICY_FAIL_SHIFT) /* default */
620
#define POLICY_FAIL_PASS (1ul << POLICY_FAIL_SHIFT)
621
#define POLICY_FAIL_DROP (2ul << POLICY_FAIL_SHIFT)
622
#define POLICY_FAIL_REJECT (3ul << POLICY_FAIL_SHIFT)
625
* Other policies could vary per state object. These live in connection.
627
#define POLICY_DONT_REKEY LELEM(12) /* don't rekey state either Phase */
628
#define POLICY_OPPO LELEM(13) /* is this opportunistic? */
629
#define POLICY_GROUP LELEM(14) /* is this a group template? */
630
#define POLICY_GROUTED LELEM(15) /* do we want this group routed? */
631
#define POLICY_UP LELEM(16) /* do we want this up? */
632
#define POLICY_XAUTH LELEM(17) /* do we offer XAUTH? */
633
#define POLICY_MODE_CFG LELEM(18) /* do we offer mode configuration? */
636
/* Any IPsec policy? If not, a connection description
637
* is only for ISAKMP SA, not IPSEC SA. (A pun, I admit.)
638
* Note: a connection can only be routed if it is NEVER_NEGOTIATE
639
* or HAS_IPSEC_POLICY.
641
#define HAS_IPSEC_POLICY(p) (((p) & POLICY_IPSEC_MASK) != 0)
643
/* Don't allow negotiation? */
644
#define NEVER_NEGOTIATE(p) (LDISJOINT((p), POLICY_PSK | POLICY_RSASIG))
647
/* Oakley transform attributes
648
* draft-ietf-ipsec-ike-01.txt appendix A
651
extern enum_names oakley_attr_names;
652
extern const char *const oakley_attr_bit_names[];
654
#define OAKLEY_ENCRYPTION_ALGORITHM 1
655
#define OAKLEY_HASH_ALGORITHM 2
656
#define OAKLEY_AUTHENTICATION_METHOD 3
657
#define OAKLEY_GROUP_DESCRIPTION 4
658
#define OAKLEY_GROUP_TYPE 5
659
#define OAKLEY_GROUP_PRIME 6 /* B/V */
660
#define OAKLEY_GROUP_GENERATOR_ONE 7 /* B/V */
661
#define OAKLEY_GROUP_GENERATOR_TWO 8 /* B/V */
662
#define OAKLEY_GROUP_CURVE_A 9 /* B/V */
663
#define OAKLEY_GROUP_CURVE_B 10 /* B/V */
664
#define OAKLEY_LIFE_TYPE 11
665
#define OAKLEY_LIFE_DURATION 12 /* B/V */
666
#define OAKLEY_PRF 13
667
#define OAKLEY_KEY_LENGTH 14
668
#define OAKLEY_FIELD_SIZE 15
669
#define OAKLEY_GROUP_ORDER 16 /* B/V */
670
#define OAKLEY_BLOCK_SIZE 17
672
/* for each Oakley attribute, which enum_names describes its values? */
673
extern enum_names *oakley_attr_val_descs[];
675
/* IPsec DOI attributes
676
* RFC2407 The Internet IP security Domain of Interpretation for ISAKMP 4.5
679
extern enum_names ipsec_attr_names;
681
#define SA_LIFE_TYPE 1
682
#define SA_LIFE_DURATION 2 /* B/V */
683
#define GROUP_DESCRIPTION 3
684
#define ENCAPSULATION_MODE 4
685
#define AUTH_ALGORITHM 5
688
#define COMPRESS_DICT_SIZE 8
689
#define COMPRESS_PRIVATE_ALG 9 /* B/V */
691
/* for each IPsec attribute, which enum_names describes its values? */
692
extern enum_names *ipsec_attr_val_descs[];
694
/* SA Lifetime Type attribute
695
* RFC2407 The Internet IP security Domain of Interpretation for ISAKMP 4.5
696
* Default time specified in 4.5
698
* There are two defaults for IPSEC SA lifetime, SA_LIFE_DURATION_DEFAULT,
699
* and PLUTO_SA_LIFE_DURATION_DEFAULT.
700
* SA_LIFE_DURATION_DEFAULT is specified in RFC2407 "The Internet IP
701
* Security Domain of Interpretation for ISAKMP" 4.5. It applies when
702
* an ISAKMP negotiation does not explicitly specify a life duration.
703
* PLUTO_SA_LIFE_DURATION_DEFAULT is specified in pluto(8). It applies
704
* when a connection description does not specify --ipseclifetime.
705
* The value of SA_LIFE_DURATION_MAXIMUM is our local policy.
708
extern enum_names sa_lifetime_names;
710
#define SA_LIFE_TYPE_SECONDS 1
711
#define SA_LIFE_TYPE_KBYTES 2
713
#define SA_LIFE_DURATION_DEFAULT 28800 /* eight hours (RFC2407 4.5) */
714
#define PLUTO_SA_LIFE_DURATION_DEFAULT 28800 /* eight hours (pluto(8)) */
715
#define SA_LIFE_DURATION_MAXIMUM 86400 /* one day */
717
#define SA_REPLACEMENT_MARGIN_DEFAULT 540 /* (IPSEC & IKE) nine minutes */
718
#define SA_REPLACEMENT_FUZZ_DEFAULT 100 /* (IPSEC & IKE) 100% of MARGIN */
719
#define SA_REPLACEMENT_RETRIES_DEFAULT 3 /* (IPSEC & IKE) */
721
#define SA_LIFE_DURATION_K_DEFAULT 0xFFFFFFFFlu
723
/* Encapsulation Mode attribute */
725
extern enum_names enc_mode_names;
727
#define ENCAPSULATION_MODE_UNSPECIFIED 0 /* not legal -- used internally */
728
#define ENCAPSULATION_MODE_TUNNEL 1
729
#define ENCAPSULATION_MODE_TRANSPORT 2
731
#define ENCAPSULATION_MODE_UDP_TUNNEL_DRAFTS 61443
732
#define ENCAPSULATION_MODE_UDP_TRANSPORT_DRAFTS 61444
733
#define ENCAPSULATION_MODE_UDP_TUNNEL_RFC 3
734
#define ENCAPSULATION_MODE_UDP_TRANSPORT_RFC 4
737
#define ENCAPSULATION_MODE_UDP_TUNNEL_DRAFTS 61443
738
#define ENCAPSULATION_MODE_UDP_TRANSPORT_DRAFTS 61444
739
#define ENCAPSULATION_MODE_UDP_TUNNEL_RFC 3
740
#define ENCAPSULATION_MODE_UDP_TRANSPORT_RFC 4
743
/* Auth Algorithm attribute */
745
extern enum_names auth_alg_names, extended_auth_alg_names;
747
#define AUTH_ALGORITHM_NONE 0 /* our private designation */
748
#define AUTH_ALGORITHM_HMAC_MD5 1
749
#define AUTH_ALGORITHM_HMAC_SHA1 2
750
#define AUTH_ALGORITHM_DES_MAC 3
751
#define AUTH_ALGORITHM_KPDK 4
753
/* Oakley Lifetime Type attribute
754
* draft-ietf-ipsec-ike-01.txt appendix A
755
* As far as I can see, there is not specification for
756
* OAKLEY_ISAKMP_SA_LIFETIME_DEFAULT. This could lead to interop problems!
757
* For no particular reason, we chose one hour.
758
* The value of OAKLEY_ISAKMP_SA_LIFETIME_MAXIMUM is our local policy.
760
extern enum_names oakley_lifetime_names;
762
#define OAKLEY_LIFE_SECONDS 1
763
#define OAKLEY_LIFE_KILOBYTES 2
765
#define OAKLEY_ISAKMP_SA_LIFETIME_DEFAULT 3600 /* one hour */
766
#define OAKLEY_ISAKMP_SA_LIFETIME_MAXIMUM 86400 /* 1 day */
768
/* Oakley PRF attribute (none defined)
769
* draft-ietf-ipsec-ike-01.txt appendix A
771
extern enum_names oakley_prf_names;
773
/* HMAC (see rfc2104.txt) */
775
#define HMAC_IPAD 0x36
776
#define HMAC_OPAD 0x5C
777
#define HMAC_BUFSIZE 64
779
/* Oakley Encryption Algorithm attribute
780
* draft-ietf-ipsec-ike-01.txt appendix A
781
* and from http://www.isi.edu/in-notes/iana/assignments/ipsec-registry
784
extern enum_names oakley_enc_names;
786
#define OAKLEY_DES_CBC 1
787
#define OAKLEY_IDEA_CBC 2
788
#define OAKLEY_BLOWFISH_CBC 3
789
#define OAKLEY_RC5_R16_B64_CBC 4
790
#define OAKLEY_3DES_CBC 5
791
#define OAKLEY_CAST_CBC 6
792
#define OAKLEY_AES_CBC 7
794
/* Oakley Hash Algorithm attribute
795
* draft-ietf-ipsec-ike-01.txt appendix A
796
* and from http://www.isi.edu/in-notes/iana/assignments/ipsec-registry
799
extern enum_names oakley_hash_names;
803
#define OAKLEY_TIGER 3
804
#define OAKLEY_SHA2_256 4
805
#define OAKLEY_SHA2_384 5
806
#define OAKLEY_SHA2_512 6
808
/* Oakley Authentication Method attribute
809
* draft-ietf-ipsec-ike-01.txt appendix A
810
* Goofy Hybrid extensions from draft-ietf-ipsec-isakmp-hybrid-auth-05.txt
811
* Goofy XAUTH extensions from draft-ietf-ipsec-isakmp-xauth-06.txt
814
extern enum_names oakley_auth_names;
816
#define OAKLEY_PRESHARED_KEY 1
817
#define OAKLEY_DSS_SIG 2
818
#define OAKLEY_RSA_SIG 3
819
#define OAKLEY_RSA_ENC 4
820
#define OAKLEY_RSA_ENC_REV 5
821
#define OAKLEY_ELGAMAL_ENC 6
822
#define OAKLEY_ELGAMAL_ENC_REV 7
824
#define OAKLEY_AUTH_ROOF 8 /* roof on auth values THAT WE SUPPORT */
826
#define HybridInitRSA 64221
827
#define HybridRespRSA 64222
828
#define HybridInitDSS 64223
829
#define HybridRespDSS 64224
831
/* For XAUTH, store in st->xauth, and set equivalent in st->auth */
832
#define XAUTHInitPreShared 65001
833
#define XAUTHRespPreShared 65002
834
#define XAUTHInitDSS 65003
835
#define XAUTHRespDSS 65004
836
#define XAUTHInitRSA 65005
837
#define XAUTHRespRSA 65006
838
#define XAUTHInitRSAEncryption 65007
839
#define XAUTHRespRSAEncryption 65008
840
#define XAUTHInitRSARevisedEncryption 65009
841
#define XAUTHRespRSARevisedEncryption 65010
845
/* Oakley Group Description attribute
846
* draft-ietf-ipsec-ike-01.txt appendix A
848
extern enum_names oakley_group_names;
850
#define OAKLEY_GROUP_MODP768 1
851
#define OAKLEY_GROUP_MODP1024 2
852
#define OAKLEY_GROUP_GP155 3
853
#define OAKLEY_GROUP_GP185 4
854
#define OAKLEY_GROUP_MODP1536 5
856
/* Oakley Group Type attribute
857
* draft-ietf-ipsec-ike-01.txt appendix A
859
extern enum_names oakley_group_type_names;
861
#define OAKLEY_GROUP_TYPE_MODP 1
862
#define OAKLEY_GROUP_TYPE_ECP 2
863
#define OAKLEY_GROUP_TYPE_EC2N 3
866
/* Notify messages -- error types
867
* See RFC2408 ISAKMP 3.14.1
870
extern enum_names notification_names;
871
extern enum_names ipsec_notification_names;
874
NOTHING_WRONG = 0, /* unofficial! */
876
INVALID_PAYLOAD_TYPE = 1,
877
DOI_NOT_SUPPORTED = 2,
878
SITUATION_NOT_SUPPORTED = 3,
880
INVALID_MAJOR_VERSION = 5,
881
INVALID_MINOR_VERSION = 6,
882
INVALID_EXCHANGE_TYPE = 7,
884
INVALID_MESSAGE_ID = 9,
885
INVALID_PROTOCOL_ID = 10,
887
INVALID_TRANSFORM_ID = 12,
888
ATTRIBUTES_NOT_SUPPORTED = 13,
889
NO_PROPOSAL_CHOSEN = 14,
890
BAD_PROPOSAL_SYNTAX = 15,
891
PAYLOAD_MALFORMED = 16,
892
INVALID_KEY_INFORMATION = 17,
893
INVALID_ID_INFORMATION = 18,
894
INVALID_CERT_ENCODING = 19,
895
INVALID_CERTIFICATE = 20,
896
CERT_TYPE_UNSUPPORTED = 21,
897
INVALID_CERT_AUTHORITY = 22,
898
INVALID_HASH_INFORMATION = 23,
899
AUTHENTICATION_FAILED = 24,
900
INVALID_SIGNATURE = 25,
901
ADDRESS_NOTIFICATION = 26,
902
NOTIFY_SA_LIFETIME = 27,
903
CERTIFICATE_UNAVAILABLE = 28,
904
UNSUPPORTED_EXCHANGE_TYPE = 29,
905
UNEQUAL_PAYLOAD_LENGTHS = 30,
907
/* ISAKMP status type */
910
/* IPSEC DOI additions; status types (RFC2407 IPSEC DOI 4.6.3)
911
* These must be sent under the protection of an ISAKMP SA.
913
IPSEC_RESPONDER_LIFETIME = 24576,
914
IPSEC_REPLAY_STATUS = 24577,
915
IPSEC_INITIAL_CONTACT = 24578
919
/* Public key algorithm number
920
* Same numbering as used in DNSsec
921
* See RFC 2535 DNSsec 3.2 The KEY Algorithm Number Specification.
922
* Also found in BIND 8.2.2 include/isc/dst.h as DST algorithm codes.
931
/* Limits on size of RSA moduli.
932
* The upper bound matches that of DNSsec (see RFC 2537).
933
* The lower bound must be more than 11 octets for certain
934
* the encoding to work, but it must be much larger for any
935
* real security. For now, we require 512 bits.
938
#define RSA_MIN_OCTETS_RFC 12
940
#define RSA_MIN_OCTETS BYTES_FOR_BITS(512)
941
#define RSA_MIN_OCTETS_UGH "RSA modulus too small for security: less than 512 bits"
943
#define RSA_MAX_OCTETS BYTES_FOR_BITS(4096)
944
#define RSA_MAX_OCTETS_UGH "RSA modulus too large: more than 4096 bits"
946
/* Note: RFC 2537 encoding adds a few bytes. If you use a small
947
* modulus like 3, the overhead is only 2 bytes
949
#define RSA_MAX_ENCODING_BYTES (RSA_MAX_OCTETS + 2)
951
/* socket address family info */
960
u_int8_t id_addr, id_subnet, id_range;
961
const ip_address *any;
962
const ip_subnet *none; /* 0.0.0.0/32 or IPv6 equivalent */
963
const ip_subnet *all; /* 0.0.0.0/0 or IPv6 equivalent */
966
extern const struct af_info
970
extern const struct af_info *aftoinfo(int af);
972
extern enum_names af_names;
974
#define subnetisaddr(sn, a) (subnetishost(sn) && addrinsubnet((a), (sn)))
975
extern bool subnetisnone(const ip_subnet *sn);
977
/* BIND enumerated types */
984
/* How authenticated is info that might have come from DNS?
985
* In order of increasing confidence.
987
enum dns_auth_level {
988
DAL_UNSIGNED, /* AD in response, but no signature: no authentication */
989
DAL_NOTSEC, /* no AD in response: authentication impossible */
990
DAL_SIGNED, /* AD and signature in response: authentic */
991
DAL_LOCAL /* locally provided (pretty good) */
995
* define a macro for use in error messages
999
#define RRNAME "TXT or KEY"
1001
#define RRNAME "TXT"
1005
* private key types for keys.h
1007
enum PrivateKeyKind {
1009
/* PPK_DSS, */ /* not implemented */
1013
extern enum_names ppk_names;
1015
/* natt traversal types */
1016
extern const char *const natt_type_bitnames[];