19.2 Reading and Writing

All messages on a key management socket have the same basic header, shown in Figure 19.1. Each message may be followed by various extensions, depending on what additional information is available or required. All the appropriate structures are defined by including <net/pfkeyv2.h>. Each message and extension is 64-bit-aligned and is a multiple of 64 bits in length. All length fields are in units of 64 bits, that is, a length of 1 means 8 bytes. Any extension that does not require enough data to be a multiple of 64 bits in length is padded to the next multiple of 64 bits. The value of this padding is not defined.

Figure 19.1 Key management message header.

struct sadb_msg {
  u_int8_t sadb_msg_version;     /* PF_KEY_V2 */
  u_int8_t sadb_msg_type;        /* see Figure 19.2 */
  u_int8_t sadb_msg_errno;       /* error indication */
  u_int8_t sadb_msg_satype;      /* see Figure 19.3 */
  u_int16_t sadb_msg_len;        /* length of header + extensions / 8 */
  u_int16_t sadb_msg_reserved;   /* zero on transmit, ignored on receive */
  u_int32_t sadb_msg_seq;        /* sequence number */
  u_int32_t sadb_msg_pid;        /* process ID of source or dest */
};

The sadb_msg_type value determines which of the 10 key management commands is being invoked. These message types are listed in Figure 19.2. Each sadb_msg header will be followed by zero or more extensions. Most message types have required and optional extensions; we will describe these as we describe each message type. The 16 types of extensions, along with the name of the structure that defines each extension, are listed in Figure 19.4.

We now show several examples and the messages and extensions involved in several common operations on key management sockets.