1c91307af2622f6625525f3c1f9c954376df950adChia-chi Yeh/* $NetBSD: localconf.h,v 1.4 2006/09/09 16:22:09 manu Exp $ */ 20a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 30a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* Id: localconf.h,v 1.13 2005/11/06 18:13:18 monas Exp */ 40a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 50a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* 60a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 70a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * All rights reserved. 80a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * 90a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * Redistribution and use in source and binary forms, with or without 100a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * modification, are permitted provided that the following conditions 110a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * are met: 120a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * 1. Redistributions of source code must retain the above copyright 130a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * notice, this list of conditions and the following disclaimer. 140a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * 2. Redistributions in binary form must reproduce the above copyright 150a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * notice, this list of conditions and the following disclaimer in the 160a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * documentation and/or other materials provided with the distribution. 170a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * 3. Neither the name of the project nor the names of its contributors 180a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * may be used to endorse or promote products derived from this software 190a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * without specific prior written permission. 200a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * 210a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 220a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 230a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 240a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 250a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 260a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 270a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 280a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 290a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 300a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 310a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * SUCH DAMAGE. 320a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang */ 330a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 340a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#ifndef _LOCALCONF_H 350a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define _LOCALCONF_H 360a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 370a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* local configuration */ 380a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 390a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define LC_DEFAULT_CF SYSCONFDIR "/racoon.conf" 400a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 410a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define LC_PATHTYPE_INCLUDE 0 420a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define LC_PATHTYPE_PSK 1 430a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define LC_PATHTYPE_CERT 2 440a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define LC_PATHTYPE_BACKUPSA 3 450a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define LC_PATHTYPE_SCRIPT 4 460a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define LC_PATHTYPE_PIDFILE 5 470a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define LC_PATHTYPE_MAX 6 480a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 490a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define LC_DEFAULT_PAD_MAXSIZE 20 500a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define LC_DEFAULT_PAD_RANDOM TRUE 510a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define LC_DEFAULT_PAD_RANDOMLEN FALSE 520a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define LC_DEFAULT_PAD_STRICT FALSE 530a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define LC_DEFAULT_PAD_EXCLTAIL TRUE 540a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define LC_DEFAULT_RETRY_COUNTER 5 550a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define LC_DEFAULT_RETRY_INTERVAL 10 560a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define LC_DEFAULT_COUNT_PERSEND 1 570a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define LC_DEFAULT_RETRY_CHECKPH1 30 580a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define LC_DEFAULT_WAIT_PH2COMPLETE 30 590a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define LC_DEFAULT_NATT_KA_INTERVAL 20 600a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 610a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define LC_DEFAULT_SECRETSIZE 16 /* 128 bits */ 620a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 63c91307af2622f6625525f3c1f9c954376df950adChia-chi Yeh#define LC_IDENTTYPE_MAX 5 /* XXX */ 64c91307af2622f6625525f3c1f9c954376df950adChia-chi Yeh 650a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define LC_GSSENC_UTF16LE 0 /* GSS ID in UTF-16LE */ 660a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define LC_GSSENC_LATIN1 1 /* GSS ID in ISO-Latin-1 */ 670a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define LC_GSSENC_MAX 2 680a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 690a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangstruct localconf { 700a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang char *racoon_conf; /* configuration filename */ 710a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 720a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang uid_t uid; 730a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang gid_t gid; 740a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang char *chroot; /* chroot path */ 750a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int16_t port_isakmp; /* port for isakmp as default */ 760a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int16_t port_isakmp_natt; /* port for NAT-T use */ 77c91307af2622f6625525f3c1f9c954376df950adChia-chi Yeh u_int16_t port_admin; /* port for admin */ 780a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang int default_af; /* default address family */ 790a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 800a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang int sock_admin; 810a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang int sock_pfkey; 820a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang int rtsock; /* routing socket */ 830a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 84c91307af2622f6625525f3c1f9c954376df950adChia-chi Yeh int autograbaddr; 85c91307af2622f6625525f3c1f9c954376df950adChia-chi Yeh struct myaddrs *myaddrs; 86c91307af2622f6625525f3c1f9c954376df950adChia-chi Yeh 870a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang char *pathinfo[LC_PATHTYPE_MAX]; 88c91307af2622f6625525f3c1f9c954376df950adChia-chi Yeh vchar_t *ident[LC_IDENTTYPE_MAX]; /* base of Identifier payload. */ 890a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 900a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang int pad_random; 910a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang int pad_randomlen; 920a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang int pad_maxsize; 930a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang int pad_strict; 940a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang int pad_excltail; 950a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 960a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang int retry_counter; /* times to retry. */ 970a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang int retry_interval; /* interval each retry. */ 980a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang int count_persend; /* the number of packets each retry. */ 990a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang /* above 3 values are copied into a handler. */ 1000a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1010a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang int retry_checkph1; 1020a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang int wait_ph2complete; 1030a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1040a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang int natt_ka_interval; /* NAT-T keepalive interval. */ 1050a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1060a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang int secret_size; 1070a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang int strict_address; /* strictly check addresses. */ 1080a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1090a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang int complex_bundle; 1100a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang /* 1110a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * If we want to make a packet "IP2 AH ESP IP1 ULP", 1120a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * the SPD in KAME expresses AH transport + ESP tunnel. 1130a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * So racoon sent the proposal contained such the order. 1140a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * But lots of implementation interprets AH tunnel + ESP 1150a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * tunnel in this case. racoon has changed the format, 1160a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * usually uses this format. If the option, 'complex_bundle' 1170a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * is enable, racoon uses old format. 1180a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang */ 1190a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1200a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang int gss_id_enc; /* GSS ID encoding to use */ 1210a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang}; 1220a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1230a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangextern struct localconf *lcconf; 1240a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1250a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangextern void initlcconf __P((void)); 1260a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangextern void flushlcconf __P((void)); 1270a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangextern vchar_t *getpskbyname __P((vchar_t *)); 1280a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangextern vchar_t *getpskbyaddr __P((struct sockaddr *)); 1290a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangextern void getpathname __P((char *, int, int, const char *)); 1300a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangextern int sittype2doi __P((int)); 1310a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangextern int doitype2doi __P((int)); 1320a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangextern vchar_t *getpsk __P((const char *, const int)); 1330a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1340a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangextern void restore_params __P((void)); 1350a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangextern void save_params __P((void)); 1360a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1370a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#endif /* _LOCALCONF_H */ 138