summaryrefslogtreecommitdiff
path: root/sys/netinet/ip_esp.h
diff options
context:
space:
mode:
authorAngelos D. Keromytis <angelos@cvs.openbsd.org>2000-03-17 10:25:24 +0000
committerAngelos D. Keromytis <angelos@cvs.openbsd.org>2000-03-17 10:25:24 +0000
commit8e443bb412cd99bc42a06075e051d052fd4a22b3 (patch)
tree247821026b0dff878f188e40d6daa0ea0597e0f3 /sys/netinet/ip_esp.h
parentfa4f02f39ae2b2603192374afd1fef211e15b3e3 (diff)
Cryptographic services framework, and software "device driver". The
idea is to support various cryptographic hardware accelerators (which may be (detachable) cards, secondary/tertiary/etc processors, software crypto, etc). Supports session migration between crypto devices. What it doesn't (yet) support: - multiple instances of the same algorithm used in the same session - use of multiple crypto drivers in the same session - asymmetric crypto No support for a userland device yet. IPsec code path modified to allow for asynchronous cryptography (callbacks used in both input and output processing). Some unrelated code simplification done in the process (especially for AH). Development of this code kindly supported by Network Security Technologies (NSTI). The code was writen mostly in Greece, and is being committed from Montreal.
Diffstat (limited to 'sys/netinet/ip_esp.h')
-rw-r--r--sys/netinet/ip_esp.h15
1 files changed, 8 insertions, 7 deletions
diff --git a/sys/netinet/ip_esp.h b/sys/netinet/ip_esp.h
index 2438f1a8c8d..f7cae5bbe6c 100644
--- a/sys/netinet/ip_esp.h
+++ b/sys/netinet/ip_esp.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ip_esp.h,v 1.31 2000/01/27 08:09:10 angelos Exp $ */
+/* $OpenBSD: ip_esp.h,v 1.32 2000/03/17 10:25:22 angelos Exp $ */
/*
* The authors of this code are John Ioannidis (ji@tla.org),
@@ -42,7 +42,7 @@
struct espstat
{
- u_int32_t esps_hdrops; /* packet shorter than header shows */
+ u_int32_t esps_hdrops; /* Packet shorter than header shows */
u_int32_t esps_nopf; /* Protocol family not supported */
u_int32_t esps_notdb;
u_int32_t esps_badkcr;
@@ -55,11 +55,12 @@ struct espstat
u_int32_t esps_replay; /* Possible packet replay detected */
u_int32_t esps_input; /* Input ESP packets */
u_int32_t esps_output; /* Output ESP packets */
- u_int32_t esps_invalid; /* Trying to use an invalid TDB */
- u_int64_t esps_ibytes; /* input bytes */
- u_int64_t esps_obytes; /* output bytes */
- u_int32_t esps_toobig; /* packet got larger than IP_MAXPACKET */
- u_int32_t esps_pdrops; /* packet blocked due to policy */
+ u_int32_t esps_invalid; /* Trying to use an invalid TDB */
+ u_int64_t esps_ibytes; /* Input bytes */
+ u_int64_t esps_obytes; /* Output bytes */
+ u_int32_t esps_toobig; /* Packet got larger than IP_MAXPACKET */
+ u_int32_t esps_pdrops; /* Packet blocked due to policy */
+ u_int32_t esps_crypto; /* Crypto processing failure */
};
/*