1 .TH IPSEC_ATOSA 3 "11 June 2001"
2 .\" RCSID $Id: atosa.3,v 1.9 2002/03/22 00:35:29 henry Exp $
4 ipsec atosa, satoa \- convert IPsec Security Association IDs to and from ASCII
6 .B "#include <freeswan.h>
8 .B "const char *atosa(const char *src, size_t srclen,"
10 .B "struct sa_id *sa);
12 .B "size_t satoa(struct sa_id sa, int format,"
14 .B "char *dst, size_t dstlen);"
18 .B "struct in_addr dst;"
26 These functions are obsolete; see
28 for their replacements.
31 converts an ASCII Security Association (SA) specifier into an
34 a destination-host address
35 in network byte order,
36 an SPI number in network byte order, and
39 does the reverse conversion, back to an ASCII SA specifier.
41 An SA is specified in ASCII with a mail-like syntax, e.g.
43 An SA specifier contains
44 a protocol prefix (currently
49 an unsigned integer SPI number,
51 The SPI number can be decimal or hexadecimal
54 prefix), as accepted by
56 The IP address can be any form accepted by
57 .IR ipsec_atoaddr (3),
58 e.g. dotted-decimal address or DNS name.
60 As a special case, the SA specifier
62 signifies the special SA used to indicate that packets should be
63 passed through unaltered.
64 (At present, this is a synonym for
66 but that is subject to change without notice.)
67 This form is known to both
71 so the internal form of
77 header file supplies the
79 structure, as well as a data type
81 which is an unsigned 32-bit integer.
82 (There is no consistency between kernel and user on what such a type
83 is called, hence the header hides the differences.)
85 The protocol code uses the same numbers that IP does.
86 For user convenience, given the difficulty in acquiring the exact set of
87 protocol names used by the kernel,
94 to have the same values as the kernel names
104 specifies the length of the ASCII string pointed to by
106 it is an error for there to be anything else
107 (e.g., a terminating NUL) within that length.
108 As a convenience for cases where an entire NUL-terminated string is
121 specifies the size of the
124 under no circumstances are more than
128 A result which will not fit is truncated.
130 can be zero, in which case
132 need not be valid and no result is written,
133 but the return value is unaffected;
134 in all other cases, the (possibly truncated) result is NUL-terminated.
137 header file defines a constant,
139 which is the size of a buffer just large enough for worst-case results.
145 specifies what format is to be used for the conversion.
148 (not the ASCII character
151 specifies a reasonable default
153 lowercase protocol prefix, lowercase hexadecimal SPI, dotted-decimal address).
156 causes the SPI to be generated in decimal instead.
162 a pointer to a string-literal error message for failure;
167 for a failure, and otherwise
168 always returns the size of buffer which would
170 accommodate the full conversion result, including terminating NUL;
171 it is the caller's responsibility to check this against the size of
172 the provided buffer to determine whether truncation has occurred.
174 ipsec_atoul(3), ipsec_atoaddr(3), inet(3)
180 input too small to be a legal SA specifier;
184 unknown protocol prefix;
193 unknown format; unknown protocol code.
195 Written for the FreeS/WAN project by Henry Spencer.
199 protocol code is a FreeS/WANism which may eventually disappear.
201 The restriction of ASCII-to-binary error reports to literal strings
202 (so that callers don't need to worry about freeing them or copying them)
203 does limit the precision of error reporting.
205 The ASCII-to-binary error-reporting convention lends itself
206 to slightly obscure code,
207 because many readers will not think of NULL as signifying success.
208 A good way to make it clearer is to write something like:
212 .B "const char *error;"
214 .B "error = atoaddr( /* ... */ );"
215 .B "if (error != NULL) {"
216 .B " /* something went wrong */"