$Id: libracoon.ja.txt,v 1.43 2006/08/21 12:39:55 mk Exp $

ΥɥȤ racoon2ζ̥饤֥ libracoon.aˤĤƵҤ롣

o ̥饤֥공 (libracoon)

	̥饤֥ libracoonϡǡμưפˤ뤿
	ͥȤΥ󥿡եեβɤʤɤζ̽
	饤֥ؿȤ󶡤롣

	̥饤֥ϡ˰ʲΥ⥸塼ʬ롣

		- SADB/SPDB󥿡ե
		- ե
		- spmd󥿡ե
		- 
		- ѥХåե rbuf ˴ؤ桼ƥƥ
		- ͥåȥ˴ؤ桼ƥƥ
		- ¾桼ƥƥ

o RCT

	libracoonǤϡŹ楢르ꥺƥפμˤ㤤
	ۼ뤿ַ(RCT)Ƥ롣饤֥Ǥ
	RCTǰͥȤϤƸץȥ˽ä
	Ѵ롣
	ʲRCTΤ̤ʿͽ󤵤ƤꥹȤǤ롣

	
		RCT_BOOL_OFF   = 0
		RCT_BOOL_ON    = 1
		RCT_ADDR_INET  = 0x1000
		RCT_ADDR_FQDN  = 0x2000
		RCT_ADDR_MACRO = 0x4000
		RCT_ADDR_FILE  = 0x8000

o SADB/SPDB󥿡ե

	libracoonϡSADBSPDBAPI󶡤Ƥ롣
	ؿϥͥȤΥ󥿡եȤPF_KEYv2ȤäƤơ
	ѤؿѰդƤ롣
	ͥ뤫ͤϡ줾ΥåбХåؿ
	뤳ȤǡץꥱѤǤ褦ˤƤ롣
	ޤץꥱȥѥ᡼μϤϹ¤ rcpfk_msgȤ

	struct rcpfk_msg {
		int so;
		char errstr[RCPFK_ERRSTRBUFSIZE];
		int eno;

		u_int32_t seq;
		struct sockaddr *sa_src;
		struct sockaddr *sa_dst;
		u_int32_t spi;
		u_int32_t reqid;
		u_int8_t satype;
		u_int8_t samode;
		u_int8_t enctype;
		u_int8_t authtype;
		size_t enckeylen;
		size_t authkeylen;
		caddr_t enckey;
		caddr_t authkey;
		u_int64_t lft_hard_time;
		u_int64_t lft_hard_bytes;
		u_int64_t lft_soft_time;
		u_int64_t lft_soft_bytes;
		u_int8_t expired;
		u_int8_t wsize;
		u_int32_t saflags;
		u_int32_t flags;

		u_int32_t slid;
		struct sockaddr *sp_src;
		struct sockaddr *sp_dst;
		u_int8_t pref_src;
		u_int8_t pref_dst;
		u_int8_t ul_proto;
		u_int8_t dir;
	};

	ʲǳƥѥ᡼롣

	so
		PF_KEYǻȤå
	errstr
		顼ʸ
	eno
		顼ֹ
	seq
		PE_KEYǻȤ sequence number
	sa_src
		SAɥ쥹
	sa_dst
		SAμ襢ɥ쥹
	spi
		SPI (network order)
	reqid
		SAդ줿ֹ
	satype
		SAΥ
	samode
		SAΥ⡼
	enctype
		沽르ꥺΥ
	authtype
		ǧڥ르ꥺΥ
	enckeylen
		沽르ꥺθĹ
	authkeylen
		ǧڥ르ꥺθĹ
	enckey
		沽르ꥺθ
	authkey
		ǧڥ르ꥺθ
	lft_hard_time
		hard lifetime of time
	lft_hard_bytes
		hard lifetime of bytes
	lft_soft_time
		soft lifetime of time
	lft_soft_bytes
		soft lifetime of bytes
	expired
		SAƤ뤫ɤΥե饰
	wsize
		duplication check Τ window size
	saflags
		PF_KEYǻȤSAΥե饰
	flags
		APIǻȤե饰
		rcpfk_init()ꤹ롣
	slid
		쥯ǥå
	sp_src
		ɥ쥹쥯
	sp_dst
		襢ɥ쥹쥯
	pref_src
		ץեĹ
	pref_dst
		ץեĹ
	ul_proto
		̥ץȥֹ
	dir
		ѥåȤθ

	ʹߡι¤Τ rc ǻȤ롣

	PFKEY API ֤ͤȤơsa_src, sa_dst, sp_src, sp_dst ͤ
	֤硢Υݥ󥿤 rcpfk_msg ΥХåեؤ
	롣 rcpfk ƤӽФ򤳤ͤѤϡ
	ƽ¦ǥԡƤɬפ롣

	ʲˡAPIδؿ򼨤ʤäɬפʤϡ
	ƥѥ᡼Ͼά롣

	int rcpfk_init __P((struct rcpfk_msg *rc, struct rcpfk_cb *cb));
		APIȤɬǽ˥뤷ʤФʤʤ
		PF_KEYåȤΥץȳPF_KEYåcallbackؿ
		롣 NULLϡХåʤȤ̣롣

		callbackؿ¤
		struct rcpfk_cb {
			int (*cb_getspi) __P((struct rcpfk_msg *));
			int (*cb_update) __P((struct rcpfk_msg *));
			int (*cb_add) __P((struct rcpfk_msg *));
			int (*cb_expire) __P((struct rcpfk_msg *));
			int (*cb_acquire) __P((struct rcpfk_msg *));
			int (*cb_delete) __P((struct rcpfk_msg *));
			int (*cb_spdupdate) __P((struct rcpfk_msg *));
			int (*cb_spdadd) __P((struct rcpfk_msg *));
			int (*cb_spddelete) __P((struct rcpfk_msg *));
			int (*cb_spdexpire) __P((struct rcpfk_msg *));
			int (*cb_spdget) __P((struct rcpfk_msg *));
		};

		:
			rc.flags
				PFK_FLAG_NOHARM
				PFK_FLAG_DEBUG
			callbackؿꤷcb

		: 0 or -1
		: rc.so

	int rcpfk_clean(struct rcpfk_msg *rc);
		λ

	int rcpfk_handler(struct rcpfk_msg *rc)
		ץȥǡ󤫤ƤӽФPF_KEY I/FΥᥤ롼

	ƥåؿ
		
			 0: ｪλ
			-1: ۾ｪλ
				rc->estr
				rc->eno

	int rcpfk_send_getspi(struct rcpfk_msg *rc)
		so
			rcpfk_init()ꤵ줿 so
		seq
			acquireå줿 rc->seq
		satype
		samode
		reqid
			 0
		sa_src
		pref_src
			sa_src.sa_len
		sa_dst
		pref_dst
			sa_dst.sa_len
		ul_proto
			 0

	int rcpfk_send_update(struct rcpfk_msg *rc)
		so
			rcpfk_init()ꤵ줿 so
		seq
			acquireå줿 rc->seq
		satype
		spi
		wsize
		authtype
		enctype
		saflags
		samode
		reqid
			 0
		lft_soft_time
		lft_soft_bytes
		lft_hard_time
		lft_hard_bytes
		sa_src
			ݡֹ (sin_port, sin6_port) ̾0
			UDP encapsulated ESPꤹΤߤϡUDP
			ݡֹꤹ롣
		pref_src
			sa_src.sa_len
		sa_dst
			sa_srcƱ͡
		pref_dst
			sa_dst.sa_len
		ul_proto
			 0
		enctype
		enckey
		enckeylen
		authtype
		authkey
		authkeylen

	int rcpfk_send_add(struct rcpfk_msg *rc)
		so
			rcpfk_init()ꤵ줿 so
		seq
			 0
		satype
		spi
		wsize
		authtype
		enctype
		saflags
		samode
		reqid
			 0
		lft_soft_time
		lft_soft_bytes
		lft_hard_time
		lft_hard_bytes
		sa_src
			ݡֹ (sin_port, sin6_port) ̾0
			UDP encapsulated ESPꤹΤߤϡUDP
			ݡֹꤹ롣
		pref_src
			sa_src.sa_len
		sa_dst
			sa_srcƱ͡
		pref_dst
			sa_dst.sa_len
		ul_proto
			 0
		enctype
		enckey
		enckeylen
		authtype
		authkey
		authkeylen

	int rcpfk_send_delete(struct rcpfk_msg *rc)
		so
			rcpfk_init()ꤵ줿 so
		seq
		eno
			kernelϤ顼
		satype
		spi
		sa_src
		pref_src
		sa_dst
		pref_dst

	int rcpfk_send_acquire(struct rcpfk_msg *rc)
		so
			rcpfk_init()ꤵ줿 so
		seq
			 0
		satype

	int rcpfk_send_register(struct rcpfk_msg *rc)
		so
			rcpfk_init()ꤵ줿 so
		satype

	int rcpfk_send_spdadd(struct rcpfk_msg *rc)
		so
			rcpfk_init()ꤵ줿 so
		slid
			kernelǴƤ policy_id
		satype
		samode
		lft_hard_time
		lft_hard_bytes
		sa_src
		sa_dst
		sp_src
		pref_src
		sp_dst
		pref_dst
		ul_proto
			 0

	int rcpfk_send_spddelete2(struct rcpfk_msg *rc)
		so
			rcpfk_init()ꤵ줿 so
		slid
			kernelǴƤ policy_id

	int rcpfk_supported_auth(int algtype);
	int rcpfk_supported_enc(int algtype)
		ͥ뤬ݡȤƤ륢르ꥺθ
		IPCOMP˴ؤƤPF_KEYǥݡȤƤʤΤǸԲǽ

	int rcpfk_send_spdupdate(struct rcpfk_msg *rc)
		so
			rcpfk_init()ꤵ줿 so
		slid
			kernelǴƤ policy_id
		satype
		samode
		lft_hard_time
		lft_hard_bytes
		sa_src
		sa_dst
		sp_src
		pref_src
		sp_dst
		pref_dst
		ul_proto
			 0

	int rcpfk_send_spdadd(struct rcpfk_msg *rc)
	    ꤬ɬפʰrcΥФϰʲ
	    satype        : RCT_SATYPE_*
	    lft_hard_time : ݥꥷ饤ե
	    flags         :  0
	    sa_src        : SAsrcɥ쥹(tunnel⡼ɻΤ߻ꤹФ褤)
	    sa_dst        : SAdstɥ쥹(tunnel⡼ɻΤ߻ꤹФ褤)
	    slid          : kernelǴƤ policy_id
	    sp_src        : ݥꥷsrcɥ쥹
	    pref_src      : sp_srcprefixĹ
	    sp_dst        : ݥꥷdstɥ쥹
	    pref_dst      : sp_dstprefixĹ
	    ul_proto      : ̥ץȥ
	    dir           : 

            tunnel⡼ɤΤȤsa_src/sa_dstˤtunnelüΥɥ쥹
	    sp_src/sp_dst˥ɥ쥹(selector)ꤹ롣
	    transport⡼ɤΤȤsp_src/sp_dstξüΥɥ쥹ꤷ
	    sa_src/sa_dstꤹɬפϤʤ

	int rcpfk_send_spddelete(struct rcpfk_msg *rc)
	    ꤬ɬפʰrcΥФrcpfk_send_spdadd()Ʊ

o ե

	racoon2ǤѤ路ڸ뤿ե̲
	ƥǡƱեɤ߹ࡣΤ libracoonϡƥǡ
	ե򻲾Ȥ뤿API󶡤Ƥ롣

	ʲˡAPIδؿ򼨤

	int rcf_read(const char *file, int flag)
		եѡƥ¸롣
		ϰʲѿ̾ǻȤǤ롣
		ޤ̤δؿǤ⻲Ȥ뤳ȤǤ롣

		struct rcf_setval *rcf_setval_head;
		struct rcf_default *rcf_default_head;
		struct rcf_interface *rcf_interface_head;
		struct rcf_resolver *rcf_resolver_head;
		struct rcf_remote *rcf_remote_head;
		struct rcf_selector *rcf_selector_head;

		flag
			RCF_PARSE_DEBUG
				ǥХåꤹ

		OUT:
			0:ｪλ or -1:۾ｪ

		rcf_read() ϡ(rcf_clean() ƤӽФȤʤ) Ϣ³
		ƤӽФȤǤ롣ܰʹߤ˸ƤФ줿ϡ
		ե뤫ɤľ
		- ѡ˥顼ȯʤä硢
		  롣
		- ѡ˥顼ȯ硢꤬Τޤ
		  ݻ롣

	int rcf_clean(void)
		¸Ƥ롣

	int rcf_get_remotebyindex(vchar_t *rm_index, struct rcf_remote **rm)
		rm_index remote_indexӤƥޥå
		rcf_remoteΥԡ֤
		ˤ rcf_free_remote()ƤФʤФʤʤ

	int rcf_get_remotebyaddr(struct sockaddr *peers_ipaddr,
	    rcf_type kmp_type, struct rcf_remote **rm)
		IPɥ쥹γpeers_ipaddrӤƥޥå
		rcf_remoteΥԡ֤
		ˤ rcf_free_remote()ƤФʤФʤʤ

	int rcf_get_remotebypeersid(rc_type id_type, vchar_t *id_val,
	    rcf_type kmp_type, struct rcf_remote **rm, rc_type kmp_type)
		IDγpeers_idӤƥޥå
		rcf_remoteΥԡ֤
		ˤ rcf_free_remote()ƤФʤФʤʤ

	void rcf_free_remote(struct rcf_remote *rm)
		rcf_remote롣

	int rcf_get_selectorlist(struct rcf_selector **sl)
		selectorΥꥹȤΥԡ֤
		ˤ rcf_free_selector()ƤФʤФʤʤ

	int rcf_get_selector(int sl_index, struct rcf_selector **sl)
		sl_index selector_indexӤƥޥå
		selectorΥꥹȤΥԡ֤
		ˤ rcf_free_selector()ƤФʤФʤʤ

	void rcf_free_selector(struct rcf_selector *sl)
		rcf_selector롣

	int rcf_spmd_resolver(void)
		 resolver_enable֤
			1: resolverȤư
			0: resolverȤưʤ

	int rcf_get_resolvers(struct rc_addrlist **addrlist)
		 nameserverΥԡ֤
		ˤ rcs_free_addrlist()ƤФʤФʤʤ

	int rcf_get_dns_queries(struct rc_addrlist **addrlist)
		queryդ륢ɥ쥹ΥꥹȤե뤫롣
		 dns_queryΥԡ֤
		ˤ rcs_free_addrlist()ƤФʤФʤʤ

	int rcf_get_spmd_interfaces(struct rc_addrlist **addrlist)
		spmd I/F˻Ȥɥ쥹ΥꥹȤ

o spmd󥿡ե

	racoon2Ǥϡƥǡϥƥݥꥷ
	spmd˰ꤹ롣libracoonϡAPI󶡤Ƥ롣

	ХåؿϤ硢NULLϡХåʤȤ̣롣
	Хåؿͤϡ̵뤵롣
	XXX  file scope static ѿȤäƤΤǡʣspmd
	󥿡ե򥪡ץ󤹤뤳ȤϤǤʤ
	XXX spmdФwriteϥ֥åʤȸΥ󥿡ե
	ˤʤäƤ

	int spmif_init(void);
		spmd󥿡ե֤ spmd³롣
		٤Ƥspmd󥿡եؿΩäơ
		δؿƤФʤФʤʤ

		:
			>=0: ｪλ (spmd󥿡եdescriptor)
			-1:  ۾ｪλ

		XXX configΥѥɤμϤޤƤʤ

	void spmif_clean(int fd);
		fdͿspmd󥿡եåȤĤ
		֤롣
		QUITޥɤϡֹԤʤʤס

	int spmif_post_policy_add(int fd,
	    int (*callback)(void *, int), void *tag,
	    uint32_t spid, time_t lifetime, rc_type samode,
	    struct sockaddr *sp_src, struct sockaddr *sp_dst,
	    struct sockaddr *sa_src, struct sockaddr *sa_dst);
		spmdPOLICY ADDޥɤ롣
		sp_src/sp_dstsa_src/sa_dstϡspidǻꤵ
		쥯directionˤ碌ɬפ롣
		ֿ뤿ΥХåؿꤹ롣
		callback 1: tag
			 2: =0, =-1

	int spmif_post_fqdn_query(int fd, int (*callback)(void *, const char *),
	    void *tag, struct sockaddr *sa);
		spmdFQDN QUERYޥɤ
		ֿ뤿ΥХåؿꤹ롣
		callback 1: tag
			 2: FQDNʸ (=NULL)

	int spmif_post_slid(int fd, int (*callback)(void *, int),
	    void *tag, u_int32_t spid);
		spmdSLIDޥɤ
		ֿ뤿ΥХåؿꤹ롣
		callback 1: tag
			 2: selector index (=-1)

	int spmif_post_quit(int fd);
		spmdQUITޥɤ롣
		δؿƤӽФϡspmif_clean()ʳδؿ
		Ƥ֤٤ǤϤʤ

	void spmif_cancel_callback(void *tag);
		̤ХåֿΤtagΰפΤ
		Хå򥭥󥻥뤹롣
		(ޥɤΤ󥻥뤵櫓ǤϤʤ)

	int spmif_handler(int fd);
		ץȥǡ󤫤ƤӽФspmd󥿡ե
		ϥɥ顣
		spmdֿб륳Хåؿ
		ꤵƤиƤӽФ

o  plog

	libracoonϥϤΤζ̴ؿ plog󶡤Ƥ롣
	plogϻꤷåϥפsyslog()ѤƽϤꡢ
	եɸϤؽϤǤ롣ޤ̤˽ѹǤ롣

	ѥХåե rbuf()ȤäƤ뤿ˡ
	ޤrbuf_init()򥳡뤷ʤФʤʤ

	void plog_setmode(int logmode, char *logfile, char *progname,
	    int need_output, int f_stdout)
		logmode:  ǥХå⡼ɤʤ
			RCT_LOGMODE_DEBUG
			RCT_LOGMODE_NORMAL (ǥե)
		logfile:  եꡣά
			NULLλ syslog()Ȥ(ǥե)
			syslog()ξ硢˰ʲΥե饰ȤäƽϤ롣
				logopt = LOG_NDELAY
				facility = LOG_DAEMON
		progname: ƽиΥץ̾ά
		need_output: plog()εư
			0: å (ǥե)
			1: ꤵ줿˽Ϥ
		f_stdout: ɸϤˤФɤ
			need_output == 1 λˤΤͭ
			0: Фʤ (ǥե)
			1: Ф

	const char *plog(int tag, const char *location, struct rc_log *plog,
	    const char *msg, ...)
	const char *plogv(int tag, const char *location, struct rc_log *plog,
	    const char *msg, va_list)
	const char *plogdump(int tag, const char *location, struct rc_log *plog,
	    void *ptr, size_t len)
		˽Ϥå֤
		plog_init() need_outputˤưѤ롣

		tag
			RC_LOG_INFO
				[INFO]
				Ūʾ
			RC_LOG_PROTO_ERR
				[PROTO_ERR]
				IKEKINKΥ磻ήץȥΥ顼
					եޥåȤ
					åब
					ǧڤ˼
			RC_LOG_PROTO_WARN
				[PROTO_WARN]
				磻ή줿ץȥΥ顼ǽ
				Ǥʤ
			RC_LOG_INTERNAL_ERR
				[INTERNAL_ERR]
				PF_KEYsystem call˴ؤ륨顼
					PF_KEYΥ顼
					malloc˼
					DB˥ȥ꡼ʤ
			RC_LOG_INTERNAL_WARN
				[INTERNAL_WARN]
				˴ؤ륨顼ǽǤʤ
			RC_LOG_DEBUG
				[DEBUG]
				ǥХå
			RC_LOG_CRITICAL
				[CRITICAL]
				exit(-1)

		location
			³ʸ롣
			NULLϾά̣롣
			ɤξ򼨤ޥPLOGLOCѰդƤ롣

		plog
			νꤹ롣
			NULLξ plog_init()˽

		msg
			ʸ롣

o ѥХåե rbuf ˴ؤ桼ƥƥ

	libracoonϡǳƤ줿Хåեΰ缡Ѥؿ rbuf
	󶡤Ƥ롣
	rbufϡĤθꥵХåե򣱤ĤβĹХåե鹽졢
	ˤΥȸĿꤹ롣
	ѤɬפʥХåե˱ؿƤӽФ
	Ѹ free()ɬפϤʤ缡Ѥ롣
	äƱ˻ѤĿͽḫѤäƤɬפ롣

	int rbuf_init(int snum, int slen, int lnum, int llen, int vnum)
		small, lerge, variableХåեƤ
		snum: smallХåեο
		slen: smallХåեĹ
		lnum: largeХåեο
		llen: largeХåեĹ
		vnum: ĹХåեο

	void rbuf_clean(void)
		λ򤹤

	vchar_t *rbuf_getsb()
		smallХåեΥݥ󥿤֤

	vchar_t *rbuf_getlb()
		largeХåեΥݥ󥿤֤

	vchar_t *rbuf_getvb(int len)
		ĹХåեΥݥ󥿤֤

o ͥåȥ˴ؤ桼ƥƥ

	libracoonϡͥåȥ˴ؤؿ󶡤Ƥ롣
	racoon2Ǥϡ󥿡եˤĤɥ쥹ɽޥ
	ѰդƤ롣ޤΥޥ䥤󥿡ͥåȥɥ쥹FQDN
	층뤿 rc_addrlist¤ΤȤäƤ롣

	ʲ rc_addrlist¤ΤǤ롣

		struct rc_addrlist {
			struct rc_addrlist *next;
			rc_type type;
			int port;
			int prefixlen;
			union {
				struct sockaddr *ipaddr;
				vchar_t *vstr;
			} a;
		};

		type
			RCT_ADDR_INET
				IPɥ쥹ޤϥͥåȥɥ쥹
			RCT_ADDR_FQDN
				ʸ
			RCT_ADDR_MACRO
				ѤǤޥϰʲ̤
				MY_IP
				MY_IPV6
				MY_IPV6_GLOBAL
				MY_IPV6_LINKLOCAL
				MY_IPV4

				ʾ '%'򶴤ǥ󥿡ե̾Ǥ
					. MY_IP%(interface name)

				MY_HOA: ̤
				IP_ANY: ::  0.0.0.0 

			RCT_ADDR_FILE
				UNIXɥᥤΥե̾
		port
			type == RCT_ADDR_INET λ a.ipaddr
			ݡֹ椬ԡ

		RCT_ADDR_INETλ a.ipaddrǻȤǤ롣
		typeʳλ a.vstrǻȤǤ롣

	int rcs_is_addrmacro(vchar_t *macro);
		macroIPɥ쥹ޥå롣
		IPɥ쥹ޥʤ 1 ֤

	int rcs_getaddrlistbymacro(vchar_t *macro, struct rc_addrlist **alist);
		macroŸIPɥ쥹ΥꥹȤ֤

	void rcs_free_addrlist(struct rc_addrlist *alist);
		rc_addrlist롣
		
	int rcs_getifaddrlist(struct rc_addrlist **alist);
		󥿡եˤĤƤȤʥɥ쥹Ƽ롣

		Ȥʥɥ쥹ϰʲΥե饰ΩäƤʤɥ쥹Ǥ롣
			IN6_IFF_DUPLICATED
			IN6_IFF_DETACHED
			IN6_IFF_ANYCAST

	int rcs_getaddrlist(char *addr, char *port, rc_type flag,
	    struct rc_addrlist **alist);
		flag =:
			RCT_ADDR_INET or 0
				ɥ쥹Ÿ addrlist֤
			RCT_ADDR_FQDN
				addrŸʤǥåȤ addrlist֤
			RCT_ADDR_MACRO
				addrŸʤǥåȤ addrlist֤
				MACROǤʤХ顼֤

	int rcs_extend_addrlist(struct rc_addrlist *src, struct rc_addrlist *dst);
		srcMACROޤޤŸƤdst˥ԡ롣

	struct sockaddr *rcs_sadup(struct sockaddr *);
		sockaddr * Υԡ֤

	int rcs_getsaport(struct sockaddr *);
		sockaddr * ݡֹhost byte orderǼФ

	int rcs_getsalen(struct sockaddr *);
		sockaddr *  sa_lenͤФ

		#ifdef HAVE_SA_LEN
		#define SA_LEN(sa) ((sa)->sa_len)
		#else
		#define SA_LEN(sa) (rcs_getsalen(sa))
		#endif

	const char *rcs_sa2str(struct sockaddr *);
		sockaddr * "ipaddress[port]"ʸѴ롣
		֤ʸɬפϤʤ

	int rcs_cmpsa_wop(struct sockaddr *, struct sockaddr *);
		sockaddr * ΥݡֹʳӤƥޥå 1 ֤

	int rcs_cmpsa(struct sockaddr *, struct sockaddr *);
		sockaddr * Ӥƥޥå 1 ֤

	int ike_rcfpolicy2sapayload(struct rcf_policy *pl, vchar_t **)
		rcf_policy¤Τ IKE SAڥɤ
		̤

	int ike_sapayload2rcfpolicy(vchar_t *, struct rcf_policy **pl)
		IKE SAڥɤ rcf_policy¤Τ
		̤

	int ike_checksapayload(struct rcf_policy *pl1, struct rcf_policy *pl2)
		2Ĥrcf_policyӤ
		̤

o pidfile 桼ƥƥ

	int rc_make_pidfile(const char *filename)
		filename Ȥ pidfile flock() ȤǤС
		λǤ pid 񤭹ߡ0 ֤
		flock() ˼Ԥȡ¾ instance ưȸʤ
		-1 ֤ƼԤ롣

	int rc_make_pidfile_on_dir(const char *dirname, const char *progname)
		dirname/progname.pid Ȥ pidfile 뤳Ȱʳϡ
		rc_make_pidfile() Ʊ

	void rc_cleanup_pidfile(void)
		rc_make_pidfile() ˤäƺ줿 pidfile 롣

	int rc_read_pidfile(pid_t *pid, const char *filename);
		filename ǻꤵ pidfile  pid ɤ߹ࡣ

o ¾桼ƥƥ

	const char *rc_version(void)
		racoon2ΥСʸ֤

	const char *rc_startmsg(void)
		ư˻Ȥåʸ֤

	int rc_pcap_init(char *fname, char *fmode)
		pcapǥפեꤹ롣
		fmode[0] == 'w' ʤХե롣

	void rc_pcap_push(struct sockaddr *src, struct sockaddr *dst,
	    vchar_t *data)
		pcap rc_pcap_init()ǻꤵ줿ե˽񤭹ࡣ
		data->v  UDPΥڥɤؤΥݥ
