From 5dc075539fec7c8017e6d9176f47858f5823a8a7 Mon Sep 17 00:00:00 2001
From: angelos <angelos@openbsd.org>
Date: Fri, 28 Feb 1997 02:03:33 +0000
Subject: [PATCH] IPsec socket API.

---
 sys/sys/socket.h    | 14 +++++---------
 sys/sys/socketvar.h |  6 +++++-
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/sys/sys/socket.h b/sys/sys/socket.h
index baf0818a058..0f968c2f6ce 100644
--- a/sys/sys/socket.h
+++ b/sys/sys/socket.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: socket.h,v 1.10 1997/02/22 07:24:25 angelos Exp $	*/
+/*	$OpenBSD: socket.h,v 1.11 1997/02/28 02:03:33 angelos Exp $	*/
 /*	$NetBSD: socket.h,v 1.14 1996/02/09 18:25:36 christos Exp $	*/
 
 /*
@@ -66,6 +66,10 @@
 #define	SO_OOBINLINE	0x0100		/* leave received OOB data in line */
 #define	SO_REUSEPORT	0x0200		/* allow local address & port reuse */
 
+#define SO_IPSEC_AUTH_LEVEL           0x0400  /* Authentication used */
+#define SO_IPSEC_ESP_TRANS_LEVEL      0x0800  /* Transport encryption */
+#define SO_IPSEC_ESP_NETWORK_LEVEL    0x1000  /* Full-packet encryption */
+
 /*
  * Additional options, not kept in so_options.
  */
@@ -90,14 +94,6 @@
 #define IPSEC_LEVEL_UNIQUE	0x04	/* Use outbound SA that is unique */
 #define IPSEC_LEVEL_DEFAULT	IPSEC_LEVEL_NONE
 
-/*
- * Security categories
- */
-
-#define IP_AUTH_LEVEL		0x00
-#define IP_ESP_TRANS_LEVEL	0x01
-#define IP_ESP_NETWORK_LEVEL	0x02
-
 /*
  * Structure used for manipulating linger option.
  */
diff --git a/sys/sys/socketvar.h b/sys/sys/socketvar.h
index 2b89eb987fa..07982450547 100644
--- a/sys/sys/socketvar.h
+++ b/sys/sys/socketvar.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: socketvar.h,v 1.7 1996/08/24 04:56:40 deraadt Exp $	*/
+/*	$OpenBSD: socketvar.h,v 1.8 1997/02/28 02:03:33 angelos Exp $	*/
 /*	$NetBSD: socketvar.h,v 1.18 1996/02/09 18:25:38 christos Exp $	*/
 
 /*-
@@ -98,6 +98,10 @@ struct socket {
 	void	(*so_upcall) __P((struct socket *so, caddr_t arg, int waitf));
 	caddr_t	so_upcallarg;		/* Arg for above */
 	uid_t	so_uid;			/* who opened the socket */
+        u_char  so_seclevel[4];         /* security levels XXX unused byte 3 */
+#define SL_AUTH       0                 /* Authentication level */
+#define SL_ESP        1                 /* ESP transport level */
+#define SL_NET_ESP    2                 /* ESP network (encapsulation) level */
 };
 
 /*
-- 
2.20.1