2014-09-01 03:27:34 +00:00
|
|
|
package netlink
|
|
|
|
|
|
|
|
import (
|
|
|
|
"net"
|
|
|
|
)
|
|
|
|
|
|
|
|
// XfrmStateAlgo represents the algorithm to use for the ipsec encryption.
|
|
|
|
type XfrmStateAlgo struct {
|
|
|
|
Name string
|
|
|
|
Key []byte
|
|
|
|
TruncateLen int // Auth only
|
|
|
|
}
|
|
|
|
|
2014-09-16 00:04:48 +00:00
|
|
|
// EncapType is an enum representing an ipsec template direction.
|
|
|
|
type EncapType uint8
|
|
|
|
|
|
|
|
const (
|
2015-02-12 19:16:19 +00:00
|
|
|
XFRM_ENCAP_ESPINUDP_NONIKE EncapType = iota + 1
|
|
|
|
XFRM_ENCAP_ESPINUDP
|
2014-09-16 00:04:48 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
func (e EncapType) String() string {
|
|
|
|
switch e {
|
|
|
|
case XFRM_ENCAP_ESPINUDP_NONIKE:
|
|
|
|
return "espinudp-nonike"
|
|
|
|
case XFRM_ENCAP_ESPINUDP:
|
|
|
|
return "espinudp"
|
|
|
|
}
|
|
|
|
return "unknown"
|
|
|
|
}
|
|
|
|
|
|
|
|
// XfrmEncap represents the encapsulation to use for the ipsec encryption.
|
|
|
|
type XfrmStateEncap struct {
|
|
|
|
Type EncapType
|
|
|
|
SrcPort int
|
|
|
|
DstPort int
|
|
|
|
OriginalAddress net.IP
|
|
|
|
}
|
|
|
|
|
2014-09-01 03:27:34 +00:00
|
|
|
// XfrmState represents the state of an ipsec policy. It optionally
|
|
|
|
// contains an XfrmStateAlgo for encryption and one for authentication.
|
|
|
|
type XfrmState struct {
|
2014-09-16 00:04:48 +00:00
|
|
|
Dst net.IP
|
|
|
|
Src net.IP
|
|
|
|
Proto Proto
|
|
|
|
Mode Mode
|
|
|
|
Spi int
|
|
|
|
Reqid int
|
2014-09-15 23:13:06 +00:00
|
|
|
ReplayWindow int
|
2014-09-16 00:04:48 +00:00
|
|
|
Auth *XfrmStateAlgo
|
|
|
|
Crypt *XfrmStateAlgo
|
|
|
|
Encap *XfrmStateEncap
|
2014-09-01 03:27:34 +00:00
|
|
|
}
|