[people/ms/strongswan.git] / src / libfreeswan / ipsec_xform.h

/*
 * Definitions relevant to IPSEC transformations
 * Copyright (C) 1996, 1997  John Ioannidis.
 * Copyright (C) 1998, 1999, 2000, 2001  Richard Guy Briggs.
 * 
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation; either version 2 of the License, or (at your
 * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
 * 
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * for more details.
 *
 * RCSID $Id: ipsec_xform.h,v 1.3 2004/09/29 22:26:13 as Exp $
 */

#ifndef _IPSEC_XFORM_H_

#include <freeswan.h>
#include "ipsec_policy.h"

#define XF_NONE			0	/* No transform set */
#define XF_IP4			1	/* IPv4 inside IPv4 */
#define XF_AHMD5		2	/* AH MD5 */
#define XF_AHSHA		3	/* AH SHA */
#define XF_ESP3DES		5	/* ESP DES3-CBC */
#define XF_AHHMACMD5		6	/* AH-HMAC-MD5 with opt replay prot */
#define XF_AHHMACSHA1		7	/* AH-HMAC-SHA1 with opt replay prot */
#define XF_ESP3DESMD5		9	/* triple DES, HMAC-MD-5, 128-bits of authentication */
#define	XF_ESP3DESMD596		10	/* triple DES, HMAC-MD-5, 96-bits of authentication */
#define	XF_ESPNULLMD596		12	/* NULL, HMAC-MD-5 with 96-bits of authentication */
#define	XF_ESPNULLSHA196	13	/* NULL, HMAC-SHA-1 with 96-bits of authentication */
#define	XF_ESP3DESSHA196	14	/* triple DES, HMAC-SHA-1, 96-bits of authentication */
#define XF_IP6			15	/* IPv6 inside IPv6 */
#define XF_COMPDEFLATE		16	/* IPCOMP deflate */

#define XF_CLR			126	/* Clear SA table */
#define XF_DEL			127	/* Delete SA */

#define XFT_AUTH		0x0001
#define XFT_CONF		0x0100

/* available if CONFIG_IPSEC_DEBUG is defined */
#define DB_XF_INIT		0x0001

#define PROTO2TXT(x) \
	(x) == IPPROTO_AH ? "AH" : \
	(x) == IPPROTO_ESP ? "ESP" : \
	(x) == IPPROTO_IPIP ? "IPIP" : \
	(x) == IPPROTO_COMP ? "COMP" : \
	"UNKNOWN_proto"
static inline const char *enc_name_id (unsigned id) {
	static char buf[16];
	snprintf(buf, sizeof(buf), "_ID%d", id);
	return buf;
}
static inline const char *auth_name_id (unsigned id) {
	static char buf[16];
	snprintf(buf, sizeof(buf), "_ID%d", id);
	return buf;
}
#define IPS_XFORM_NAME(x) \
	PROTO2TXT((x)->ips_said.proto), \
	(x)->ips_said.proto == IPPROTO_COMP ? \
		((x)->ips_encalg == SADB_X_CALG_DEFLATE ? \
		 "_DEFLATE" : "_UNKNOWN_comp") : \
	(x)->ips_encalg == ESP_NONE ? "" : \
	(x)->ips_encalg == ESP_3DES ? "_3DES" : \
	(x)->ips_encalg == ESP_AES ? "_AES" : \
	(x)->ips_encalg == ESP_SERPENT ? "_SERPENT" : \
	(x)->ips_encalg == ESP_TWOFISH ? "_TWOFISH" : \
	enc_name_id(x->ips_encalg)/* "_UNKNOWN_encr" */, \
	(x)->ips_authalg == AH_NONE ? "" : \
	(x)->ips_authalg == AH_MD5 ? "_HMAC_MD5" : \
	(x)->ips_authalg == AH_SHA ? "_HMAC_SHA1" : \
	(x)->ips_authalg == AH_SHA2_256 ? "_HMAC_SHA2_256" : \
	(x)->ips_authalg == AH_SHA2_384 ? "_HMAC_SHA2_384" : \
	(x)->ips_authalg == AH_SHA2_512 ? "_HMAC_SHA2_512" : \
	auth_name_id(x->ips_authalg) /* "_UNKNOWN_auth" */ \

#define _IPSEC_XFORM_H_
#endif /* _IPSEC_XFORM_H_ */

/*
 * $Log: ipsec_xform.h,v $
 * Revision 1.3  2004/09/29 22:26:13  as
 * included ipsec_policy.h
 *
 * Revision 1.2  2004/03/22 21:53:18  as
 * merged alg-0.8.1 branch with HEAD
 *
 * Revision 1.1.4.1  2004/03/16 09:48:18  as
 * alg-0.8.1rc12 patch merged
 *
 * Revision 1.1  2004/03/15 20:35:25  as
 * added files from freeswan-2.04-x509-1.5.3
 *
 * Revision 1.36  2002/04/24 07:36:48  mcr
 * Moved from ./klips/net/ipsec/ipsec_xform.h,v
 *
 * Revision 1.35  2001/11/26 09:23:51  rgb
 * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
 *
 * Revision 1.33.2.1  2001/09/25 02:24:58  mcr
 * 	struct tdb -> struct ipsec_sa.
 * 	sa(tdb) manipulation functions renamed and moved to ipsec_sa.c
 * 	ipsec_xform.c removed. header file still contains useful things.
 *
 * Revision 1.34  2001/11/06 19:47:17  rgb
 * Changed lifetime_packets to uint32 from uint64.
 *
 * Revision 1.33  2001/09/08 21:13:34  rgb
 * Added pfkey ident extension support for ISAKMPd. (NetCelo)
 *
 * Revision 1.32  2001/07/06 07:40:01  rgb
 * Reformatted for readability.
 * Added inbound policy checking fields for use with IPIP SAs.
 *
 * Revision 1.31  2001/06/14 19:35:11  rgb
 * Update copyright date.
 *
 * Revision 1.30  2001/05/30 08:14:03  rgb
 * Removed vestiges of esp-null transforms.
 *
 * Revision 1.29  2001/01/30 23:42:47  rgb
 * Allow pfkey msgs from pid other than user context required for ACQUIRE
 * and subsequent ADD or UDATE.
 *
 * Revision 1.28  2000/11/06 04:30:40  rgb
 * Add Svenning's adaptive content compression.
 *
 * Revision 1.27  2000/09/19 00:38:25  rgb
 * Fixed algorithm name bugs introduced for ipcomp.
 *
 * Revision 1.26  2000/09/17 21:36:48  rgb
 * Added proto2txt macro.
 *
 * Revision 1.25  2000/09/17 18:56:47  rgb
 * Added IPCOMP support.
 *
 * Revision 1.24  2000/09/12 19:34:12  rgb
 * Defined XF_IP6 from Gerhard for ipv6 tunnel support.
 *
 * Revision 1.23  2000/09/12 03:23:14  rgb
 * Cleaned out now unused tdb_xform and tdb_xdata members of struct tdb.
 *
 * Revision 1.22  2000/09/08 19:12:56  rgb
 * Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
 *
 * Revision 1.21  2000/09/01 18:32:43  rgb
 * Added (disabled) sensitivity members to tdb struct.
 *
 * Revision 1.20  2000/08/30 05:31:01  rgb
 * Removed all the rest of the references to tdb_spi, tdb_proto, tdb_dst.
 * Kill remainder of tdb_xform, tdb_xdata, xformsw.
 *
 * Revision 1.19  2000/08/01 14:51:52  rgb
 * Removed _all_ remaining traces of DES.
 *
 * Revision 1.18  2000/01/21 06:17:45  rgb
 * Tidied up spacing.
 *
 * Revision 1.17  1999/11/17 15:53:40  rgb
 * Changed all occurrences of #include "../../../lib/freeswan.h"
 * to #include <freeswan.h> which works due to -Ilibfreeswan in the
 * klips/net/ipsec/Makefile.
 *
 * Revision 1.16  1999/10/16 04:23:07  rgb
 * Add stats for replaywin_errs, replaywin_max_sequence_difference,
 * authentication errors, encryption size errors, encryption padding
 * errors, and time since last packet.
 *
 * Revision 1.15  1999/10/16 00:29:11  rgb
 * Added SA lifetime packet counting variables.
 *
 * Revision 1.14  1999/10/01 00:04:14  rgb
 * Added tdb structure locking.
 * Add function to initialize tdb hash table.
 *
 * Revision 1.13  1999/04/29 15:20:57  rgb
 * dd return values to init and cleanup functions.
 * Eliminate unnessessary usage of tdb_xform member to further switch
 * away from the transform switch to the algorithm switch.
 * Change gettdb parameter to a pointer to reduce stack loading and
 * facilitate parameter sanity checking.
 * Add a parameter to tdbcleanup to be able to delete a class of SAs.
 *
 * Revision 1.12  1999/04/15 15:37:25  rgb
 * Forward check changes from POST1_00 branch.
 *
 * Revision 1.9.2.2  1999/04/13 20:35:57  rgb
 * Fix spelling mistake in comment.
 *
 * Revision 1.9.2.1  1999/03/30 17:13:52  rgb
 * Extend struct tdb to support pfkey.
 *
 * Revision 1.11  1999/04/11 00:29:01  henry
 * GPL boilerplate
 *
 * Revision 1.10  1999/04/06 04:54:28  rgb
 * Fix/Add RCSID Id: and Log: bits to make PHMDs happy.  This includes
 * patch shell fixes.
 *
 * Revision 1.9  1999/01/26 02:09:31  rgb
 * Removed CONFIG_IPSEC_ALGO_SWITCH macro.
 * Removed dead code.
 *
 * Revision 1.8  1999/01/22 06:29:35  rgb
 * Added algorithm switch code.
 * Cruft clean-out.
 *
 * Revision 1.7  1998/11/10 05:37:35  rgb
 * Add support for SA direction flag.
 *
 * Revision 1.6  1998/10/19 14:44:29  rgb
 * Added inclusion of freeswan.h.
 * sa_id structure implemented and used: now includes protocol.
 *
 * Revision 1.5  1998/08/12 00:12:30  rgb
 * Added macros for new xforms.  Added prototypes for new xforms.
 *
 * Revision 1.4  1998/07/28 00:04:20  rgb
 * Add macro for clearing the SA table.
 *
 * Revision 1.3  1998/07/14 18:06:46  rgb
 * Added #ifdef __KERNEL__ directives to restrict scope of header.
 *
 * Revision 1.2  1998/06/23 03:02:19  rgb
 * Created a prototype for ipsec_tdbcleanup when it was moved from
 * ipsec_init.c.
 *
 * Revision 1.1  1998/06/18 21:27:51  henry
 * move sources from klips/src to klips/net/ipsec, to keep stupid
 * kernel-build scripts happier in the presence of symlinks
 *
 * Revision 1.4  1998/06/11 05:55:31  rgb
 * Added transform version string pointer to xformsw structure definition.
 * Added extern declarations for transform version strings.
 *
 * Revision 1.3  1998/05/18 22:02:54  rgb
 * Modify the *_zeroize function prototypes to include one parameter.
 *
 * Revision 1.2  1998/04/21 21:29:08  rgb
 * Rearrange debug switches to change on the fly debug output from user
 * space.  Only kernel changes checked in at this time.  radij.c was also
 * changed to temporarily remove buggy debugging code in rj_delete causing
 * an OOPS and hence, netlink device open errors.
 *
 * Revision 1.1  1998/04/09 03:06:14  henry
 * sources moved up from linux/net/ipsec
 *
 * Revision 1.1.1.1  1998/04/08 05:35:06  henry
 * RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
 *
 * Revision 0.5  1997/06/03 04:24:48  ji
 * Added ESP-3DES-MD5-96
 *
 * Revision 0.4  1997/01/15 01:28:15  ji
 * Added new transforms.
 *
 * Revision 0.3  1996/11/20 14:39:04  ji
 * Minor cleanups.
 * Rationalized debugging code.
 *
 * Revision 0.2  1996/11/02 00:18:33  ji
 * First limited release.
 *
 * Local variables:
 * c-file-style: "linux"
 * End:
 *
 */
Commit	Line	Data
0fecac98 MW	1	/*
	2	* Definitions relevant to IPSEC transformations
	3	* Copyright (C) 1996, 1997 John Ioannidis.
	4	* Copyright (C) 1998, 1999, 2000, 2001 Richard Guy Briggs.
	5	*
	6	* This program is free software; you can redistribute it and/or modify it
	7	* under the terms of the GNU General Public License as published by the
	8	* Free Software Foundation; either version 2 of the License, or (at your
	9	* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
	10	*
	11	* This program is distributed in the hope that it will be useful, but
	12	* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
	13	* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
	14	* for more details.
	15	*
	16	* RCSID $Id: ipsec_xform.h,v 1.3 2004/09/29 22:26:13 as Exp $
	17	*/
	18
	19	#ifndef _IPSEC_XFORM_H_
	20
	21	#include <freeswan.h>
	22	#include "ipsec_policy.h"
	23
	24	#define XF_NONE 0 /* No transform set */
	25	#define XF_IP4 1 /* IPv4 inside IPv4 */
	26	#define XF_AHMD5 2 /* AH MD5 */
	27	#define XF_AHSHA 3 /* AH SHA */
	28	#define XF_ESP3DES 5 /* ESP DES3-CBC */
	29	#define XF_AHHMACMD5 6 /* AH-HMAC-MD5 with opt replay prot */
	30	#define XF_AHHMACSHA1 7 /* AH-HMAC-SHA1 with opt replay prot */
	31	#define XF_ESP3DESMD5 9 /* triple DES, HMAC-MD-5, 128-bits of authentication */
	32	#define XF_ESP3DESMD596 10 /* triple DES, HMAC-MD-5, 96-bits of authentication */
	33	#define XF_ESPNULLMD596 12 /* NULL, HMAC-MD-5 with 96-bits of authentication */
	34	#define XF_ESPNULLSHA196 13 /* NULL, HMAC-SHA-1 with 96-bits of authentication */
	35	#define XF_ESP3DESSHA196 14 /* triple DES, HMAC-SHA-1, 96-bits of authentication */
	36	#define XF_IP6 15 /* IPv6 inside IPv6 */
	37	#define XF_COMPDEFLATE 16 /* IPCOMP deflate */
	38
	39	#define XF_CLR 126 /* Clear SA table */
	40	#define XF_DEL 127 /* Delete SA */
	41
	42	#define XFT_AUTH 0x0001
	43	#define XFT_CONF 0x0100
	44
	45	/* available if CONFIG_IPSEC_DEBUG is defined */
	46	#define DB_XF_INIT 0x0001
	47
	48	#define PROTO2TXT(x) \
	49	(x) == IPPROTO_AH ? "AH" : \
	50	(x) == IPPROTO_ESP ? "ESP" : \
	51	(x) == IPPROTO_IPIP ? "IPIP" : \
	52	(x) == IPPROTO_COMP ? "COMP" : \
	53	"UNKNOWN_proto"
	54	static inline const char *enc_name_id (unsigned id) {
	55	static char buf[16];
	56	snprintf(buf, sizeof(buf), "_ID%d", id);
	57	return buf;
	58	}
	59	static inline const char *auth_name_id (unsigned id) {
	60	static char buf[16];
	61	snprintf(buf, sizeof(buf), "_ID%d", id);
	62	return buf;
	63	}
	64	#define IPS_XFORM_NAME(x) \
65	PROTO2TXT((x)->ips_said.proto), \
66	(x)->ips_said.proto == IPPROTO_COMP ? \
67	((x)->ips_encalg == SADB_X_CALG_DEFLATE ? \
68	"_DEFLATE" : "_UNKNOWN_comp") : \
69	(x)->ips_encalg == ESP_NONE ? "" : \
70	(x)->ips_encalg == ESP_3DES ? "_3DES" : \
71	(x)->ips_encalg == ESP_AES ? "_AES" : \
72	(x)->ips_encalg == ESP_SERPENT ? "_SERPENT" : \
73	(x)->ips_encalg == ESP_TWOFISH ? "_TWOFISH" : \
74	enc_name_id(x->ips_encalg)/* "_UNKNOWN_encr" */, \
75	(x)->ips_authalg == AH_NONE ? "" : \
76	(x)->ips_authalg == AH_MD5 ? "_HMAC_MD5" : \
77	(x)->ips_authalg == AH_SHA ? "_HMAC_SHA1" : \
78	(x)->ips_authalg == AH_SHA2_256 ? "_HMAC_SHA2_256" : \
79	(x)->ips_authalg == AH_SHA2_384 ? "_HMAC_SHA2_384" : \
80	(x)->ips_authalg == AH_SHA2_512 ? "_HMAC_SHA2_512" : \
81	auth_name_id(x->ips_authalg) /* "_UNKNOWN_auth" */ \
82
83	#define _IPSEC_XFORM_H_
84	#endif /* _IPSEC_XFORM_H_ */
85
86	/*
87	* $Log: ipsec_xform.h,v $
88	* Revision 1.3 2004/09/29 22:26:13 as
89	* included ipsec_policy.h
90	*
91	* Revision 1.2 2004/03/22 21:53:18 as
92	* merged alg-0.8.1 branch with HEAD
93	*
94	* Revision 1.1.4.1 2004/03/16 09:48:18 as
95	* alg-0.8.1rc12 patch merged
96	*
97	* Revision 1.1 2004/03/15 20:35:25 as
98	* added files from freeswan-2.04-x509-1.5.3
99	*
100	* Revision 1.36 2002/04/24 07:36:48 mcr
101	* Moved from ./klips/net/ipsec/ipsec_xform.h,v
102	*
103	* Revision 1.35 2001/11/26 09:23:51 rgb
104	* Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
105	*
106	* Revision 1.33.2.1 2001/09/25 02:24:58 mcr
107	* struct tdb -> struct ipsec_sa.
108	* sa(tdb) manipulation functions renamed and moved to ipsec_sa.c
109	* ipsec_xform.c removed. header file still contains useful things.
110	*
111	* Revision 1.34 2001/11/06 19:47:17 rgb
112	* Changed lifetime_packets to uint32 from uint64.
113	*
114	* Revision 1.33 2001/09/08 21:13:34 rgb
115	* Added pfkey ident extension support for ISAKMPd. (NetCelo)
116	*
117	* Revision 1.32 2001/07/06 07:40:01 rgb
118	* Reformatted for readability.
119	* Added inbound policy checking fields for use with IPIP SAs.
120	*
121	* Revision 1.31 2001/06/14 19:35:11 rgb
122	* Update copyright date.
123	*
124	* Revision 1.30 2001/05/30 08:14:03 rgb
125	* Removed vestiges of esp-null transforms.
126	*
127	* Revision 1.29 2001/01/30 23:42:47 rgb
128	* Allow pfkey msgs from pid other than user context required for ACQUIRE
129	* and subsequent ADD or UDATE.
130	*
131	* Revision 1.28 2000/11/06 04:30:40 rgb
132	* Add Svenning's adaptive content compression.
133	*
134	* Revision 1.27 2000/09/19 00:38:25 rgb
135	* Fixed algorithm name bugs introduced for ipcomp.
136	*
137	* Revision 1.26 2000/09/17 21:36:48 rgb
138	* Added proto2txt macro.
139	*
140	* Revision 1.25 2000/09/17 18:56:47 rgb
141	* Added IPCOMP support.
142	*
143	* Revision 1.24 2000/09/12 19:34:12 rgb
144	* Defined XF_IP6 from Gerhard for ipv6 tunnel support.
145	*
146	* Revision 1.23 2000/09/12 03:23:14 rgb
147	* Cleaned out now unused tdb_xform and tdb_xdata members of struct tdb.
148	*
149	* Revision 1.22 2000/09/08 19:12:56 rgb
150	* Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG.
151	*
152	* Revision 1.21 2000/09/01 18:32:43 rgb
153	* Added (disabled) sensitivity members to tdb struct.
154	*
155	* Revision 1.20 2000/08/30 05:31:01 rgb
156	* Removed all the rest of the references to tdb_spi, tdb_proto, tdb_dst.
157	* Kill remainder of tdb_xform, tdb_xdata, xformsw.
158	*
159	* Revision 1.19 2000/08/01 14:51:52 rgb
160	* Removed _all_ remaining traces of DES.
161	*
162	* Revision 1.18 2000/01/21 06:17:45 rgb
163	* Tidied up spacing.
164	*
165	* Revision 1.17 1999/11/17 15:53:40 rgb
166	* Changed all occurrences of #include "../../../lib/freeswan.h"
167	* to #include <freeswan.h> which works due to -Ilibfreeswan in the
168	* klips/net/ipsec/Makefile.
169	*
170	* Revision 1.16 1999/10/16 04:23:07 rgb
171	* Add stats for replaywin_errs, replaywin_max_sequence_difference,
172	* authentication errors, encryption size errors, encryption padding
173	* errors, and time since last packet.
174	*
175	* Revision 1.15 1999/10/16 00:29:11 rgb
176	* Added SA lifetime packet counting variables.
177	*
178	* Revision 1.14 1999/10/01 00:04:14 rgb
179	* Added tdb structure locking.
180	* Add function to initialize tdb hash table.
181	*
182	* Revision 1.13 1999/04/29 15:20:57 rgb
183	* dd return values to init and cleanup functions.
184	* Eliminate unnessessary usage of tdb_xform member to further switch
185	* away from the transform switch to the algorithm switch.
186	* Change gettdb parameter to a pointer to reduce stack loading and
187	* facilitate parameter sanity checking.
188	* Add a parameter to tdbcleanup to be able to delete a class of SAs.
189	*
190	* Revision 1.12 1999/04/15 15:37:25 rgb
191	* Forward check changes from POST1_00 branch.
192	*
193	* Revision 1.9.2.2 1999/04/13 20:35:57 rgb
194	* Fix spelling mistake in comment.
195	*
196	* Revision 1.9.2.1 1999/03/30 17:13:52 rgb
197	* Extend struct tdb to support pfkey.
198	*
199	* Revision 1.11 1999/04/11 00:29:01 henry
200	* GPL boilerplate
201	*
202	* Revision 1.10 1999/04/06 04:54:28 rgb
203	* Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
204	* patch shell fixes.
205	*
206	* Revision 1.9 1999/01/26 02:09:31 rgb
207	* Removed CONFIG_IPSEC_ALGO_SWITCH macro.
208	* Removed dead code.
209	*
210	* Revision 1.8 1999/01/22 06:29:35 rgb
211	* Added algorithm switch code.
212	* Cruft clean-out.
213	*
214	* Revision 1.7 1998/11/10 05:37:35 rgb
215	* Add support for SA direction flag.
216	*
217	* Revision 1.6 1998/10/19 14:44:29 rgb
218	* Added inclusion of freeswan.h.
219	* sa_id structure implemented and used: now includes protocol.
220	*
221	* Revision 1.5 1998/08/12 00:12:30 rgb
222	* Added macros for new xforms. Added prototypes for new xforms.
223	*
224	* Revision 1.4 1998/07/28 00:04:20 rgb
225	* Add macro for clearing the SA table.
226	*
227	* Revision 1.3 1998/07/14 18:06:46 rgb
228	* Added #ifdef __KERNEL__ directives to restrict scope of header.
229	*
230	* Revision 1.2 1998/06/23 03:02:19 rgb
231	* Created a prototype for ipsec_tdbcleanup when it was moved from
232	* ipsec_init.c.
233	*
234	* Revision 1.1 1998/06/18 21:27:51 henry
235	* move sources from klips/src to klips/net/ipsec, to keep stupid
236	* kernel-build scripts happier in the presence of symlinks
237	*
238	* Revision 1.4 1998/06/11 05:55:31 rgb
239	* Added transform version string pointer to xformsw structure definition.
240	* Added extern declarations for transform version strings.
241	*
242	* Revision 1.3 1998/05/18 22:02:54 rgb
243	* Modify the *_zeroize function prototypes to include one parameter.
244	*
245	* Revision 1.2 1998/04/21 21:29:08 rgb
246	* Rearrange debug switches to change on the fly debug output from user
247	* space. Only kernel changes checked in at this time. radij.c was also
248	* changed to temporarily remove buggy debugging code in rj_delete causing
249	* an OOPS and hence, netlink device open errors.
250	*
251	* Revision 1.1 1998/04/09 03:06:14 henry
252	* sources moved up from linux/net/ipsec
253	*
254	* Revision 1.1.1.1 1998/04/08 05:35:06 henry
255	* RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
256	*
257	* Revision 0.5 1997/06/03 04:24:48 ji
258	* Added ESP-3DES-MD5-96
259	*
260	* Revision 0.4 1997/01/15 01:28:15 ji
261	* Added new transforms.
262	*
263	* Revision 0.3 1996/11/20 14:39:04 ji
264	* Minor cleanups.
265	* Rationalized debugging code.
266	*
267	* Revision 0.2 1996/11/02 00:18:33 ji
268	* First limited release.
269	*
270	* Local variables:
271	* c-file-style: "linux"
272	* End:
273	*
274	*/