From owner-p4-projects@FreeBSD.ORG Mon Jan 9 08:40:20 2006 Return-Path: X-Original-To: p4-projects@freebsd.org Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 8387116A423; Mon, 9 Jan 2006 08:40:20 +0000 (GMT) X-Original-To: perforce@freebsd.org Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 575F316A420 for ; Mon, 9 Jan 2006 08:40:20 +0000 (GMT) (envelope-from gnn@neville-neil.com) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id E972643D46 for ; Mon, 9 Jan 2006 08:40:19 +0000 (GMT) (envelope-from gnn@neville-neil.com) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id k098eJJB011575 for ; Mon, 9 Jan 2006 08:40:19 GMT (envelope-from gnn@neville-neil.com) Received: (from perforce@localhost) by repoman.freebsd.org (8.13.1/8.13.1/Submit) id k098eJ35011572 for perforce@freebsd.org; Mon, 9 Jan 2006 08:40:19 GMT (envelope-from gnn@neville-neil.com) Date: Mon, 9 Jan 2006 08:40:19 GMT Message-Id: <200601090840.k098eJ35011572@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to gnn@neville-neil.com using -f From: "George V. Neville-Neil" To: Perforce Change Reviews Cc: Subject: PERFORCE change 89406 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Jan 2006 08:40:21 -0000 http://perforce.freebsd.org/chv.cgi?CH=89406 Change 89406 by gnn@gnn_laptop_fast_ipsec on 2006/01/09 08:39:19 An initial restructuring of data-structures to break the PF_KEY/keydb dependency. Affected files ... .. //depot/projects/fast_ipsec/src/sys/netipsec/keydb.h#2 edit Differences ... ==== //depot/projects/fast_ipsec/src/sys/netipsec/keydb.h#2 (text+ko) ==== @@ -60,14 +60,40 @@ /* see IPSEC_MANUAL_REQID_MAX. */ }; +/* As part of decoupling the kernel implementation from the key socket + * messaging system we define three structures that are present in the + * messaging system, but put them privately in the kernel and remove + * the bits that are necessary when building packets, like the length, + * type and reserved entries in the structs. + */ + +/* The secident structure parallels the sadb_ident structure. */ +struct secident { + u_int16_t type; + u_int64_t id; +}; + +/* A security key which parallels sadb_key. */ +struct seckey { + u_int16_t bits; +}; + +/* A lifetime structure which parallels sadb_lifetime. */ +struct seclifetime { + u_int32_t allocations; + u_int64_t bytes; + u_int64_t addtime; + u_int64_t usetime; +}; + /* Security Association Data Base */ struct secashead { LIST_ENTRY(secashead) chain; struct secasindex saidx; - struct sadb_ident *idents; /* source identity */ - struct sadb_ident *identd; /* destination identity */ + struct secasident *idents; /* source identity */ + struct secasident *identd; /* destination identity */ /* XXX I don't know how to use them. */ u_int8_t state; /* MATURE or DEAD. */ @@ -97,8 +123,8 @@ u_int32_t spi; /* SPI Value, network byte order */ u_int32_t flags; /* holder for SADB_KEY_FLAGS */ - struct sadb_key *key_auth; /* Key for Authentication */ - struct sadb_key *key_enc; /* Key for Encryption */ + struct seckey *key_auth; /* Key for Authentication */ + struct seckey *key_enc; /* Key for Encryption */ caddr_t iv; /* Initilization Vector */ u_int ivlen; /* length of IV */ void *sched; /* intermediate encryption key */ @@ -107,9 +133,9 @@ struct secreplay *replay; /* replay prevention */ time_t created; /* for lifetime */ - struct sadb_lifetime *lft_c; /* CURRENT lifetime, it's constant. */ - struct sadb_lifetime *lft_h; /* HARD lifetime */ - struct sadb_lifetime *lft_s; /* SOFT lifetime */ + struct seclifetime *lft_c; /* CURRENT lifetime, it's constant. */ + struct seclifetime *lft_h; /* HARD lifetime */ + struct seclifetime *lft_s; /* SOFT lifetime */ u_int32_t seq; /* sequence number */ pid_t pid; /* message's pid */