- dead end implementation
[strongswan.git] / Source / charon / config / sa_config.h
1 /**
2 * @file sa_config.h
3 *
4 * @brief Interface of sa_config_t.
5 *
6 */
7
8 /*
9 * Copyright (C) 2005 Jan Hutter, Martin Willi
10 * Hochschule fuer Technik Rapperswil
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 * for more details.
21 */
22
23 #ifndef _SA_CONFIG_H_
24 #define _SA_CONFIG_H_
25
26 #include <types.h>
27 #include <utils/identification.h>
28 #include <encoding/payloads/auth_payload.h>
29 #include <encoding/payloads/transform_substructure.h>
30 #include <network/host.h>
31 #include <transforms/crypters/crypter.h>
32 #include <transforms/signers/signer.h>
33 #include <transforms/diffie_hellman.h>
34 #include <config/traffic_selector.h>
35 #include <config/child_proposal.h>
36
37
38
39 typedef struct sa_config_t sa_config_t;
40
41 /**
42 * @brief Stores configuration of an initialized connection.
43 *
44 * During the IKE_AUTH phase, we have enough data to specify a
45 * configuration.
46 *
47 * @warning This config is not thread save.
48 *
49 * @b Constructors:
50 * - sa_config_create()
51 *
52 * @ingroup config
53 */
54 struct sa_config_t {
55
56 /**
57 * @brief Get own id to use for identification.
58 *
59 * Returned object is not getting cloned.
60 *
61 * @param this calling object
62 * @return own id
63 */
64 identification_t *(*get_my_id) (sa_config_t *this);
65
66 /**
67 * @brief Get id of communication partner.
68 *
69 * Returned object is not getting cloned.
70 *
71 * @param this calling object
72 * @return other id
73 */
74 identification_t *(*get_other_id) (sa_config_t *this);
75
76 /**
77 * @brief Get authentication method to use for IKE_AUTH.
78 *
79 * @param this calling object
80 * @return authentication methood
81 */
82 auth_method_t (*get_auth_method) (sa_config_t *this);
83
84 /**
85 * @brief Get lifetime of IKE_SA in milliseconds.
86 *
87 * @return IKE_SA lifetime in milliseconds.
88 */
89 u_int32_t (*get_ike_sa_lifetime) (sa_config_t *this);
90
91 /**
92 * @brief Get configured traffic selectors for initiator site.
93 *
94 * Returns a pointer to an allocated array, in which
95 * pointers to traffic selectors are stored.
96 *
97 * @warning Resulting pointer array must be freed!
98 * @warning Traffic selectors in array must be destroyed!
99 *
100 * @param this calling object
101 * @param[out] traffic_selectors pointer where traffic selectors will be allocated
102 * @return number of returned traffic selectors
103 */
104 size_t (*get_traffic_selectors_initiator) (sa_config_t *this, traffic_selector_t **traffic_selectors[]);
105
106
107 /**
108 * @brief Get configured traffic selectors for responder site.
109 *
110 * Returns a pointer to an allocated array, in which
111 * pointers to traffic selectors are stored.
112 *
113 * @warning Resulting pointer array must be freed!
114 * @warning Traffic selectors in array must be destroyed!
115 *
116 * @param this calling object
117 * @param[out] traffic_selectors pointer where traffic selectors will be allocated
118 * @return number of returned traffic selectors
119 */
120 size_t (*get_traffic_selectors_responder) (sa_config_t *this, traffic_selector_t **traffic_selectors[]);
121
122 /**
123 * @brief Select traffic selectors from a supplied list for initiator.
124 *
125 * Returns a pointer to an allocated array, in which
126 * pointers to traffic selectors are stored.
127 *
128 * @warning Resulting pointer array must be freed!
129 * @warning Traffic selectors in array must be destroyed!
130 *
131 * @param this calling object
132 * @param supplied pointer to an array of ts to select from.
133 * @param count number of ts stored at supplied
134 * @param[out] traffic_selectors pointer where selected traffic selectors will be allocated
135 * @return number of selected traffic selectors
136 */
137 size_t (*select_traffic_selectors_initiator) (sa_config_t *this, traffic_selector_t *supplied[], size_t count, traffic_selector_t **selected[]);
138
139 /**
140 * @brief Select traffic selectors from a supplied list for responder.
141 *
142 * Returns a pointer to an allocated array, in which
143 * pointers to traffic selectors are stored.
144 *
145 * @warning Resulting pointer array must be freed!
146 * @warning Traffic selectors in array must be destroyed!
147 *
148 * @param this calling object
149 * @param supplied pointer to an array of ts to select from.
150 * @param count number of ts stored at supplied
151 * @param[out] traffic_selectors pointer where selected traffic selectors will be allocated
152 * @return number of selected traffic selectors
153 */
154 size_t (*select_traffic_selectors_responder) (sa_config_t *this, traffic_selector_t *supplied[], size_t count, traffic_selector_t **selected[]);
155
156 /**
157 * @brief Get an iterator for the internally stored proposals.
158 *
159 * @warning Items are still owned by sa_config and MUST NOT
160 * be manipulated or freed!
161 *
162 * @param this calling object
163 * @return iterator for the proposals
164 */
165 iterator_t *(*create_proposal_iterator) (sa_config_t *this);
166
167 /**
168 * @brief Select a proposal from a supplied list.
169 *
170 * @param this calling object
171 * @param proposals list from from wich proposals are selected
172 * @return selected proposal, or NULL if nothing matches
173 */
174 child_proposal_t *(*select_proposal) (sa_config_t *this, linked_list_t *proposals);
175
176 /**
177 * @brief Add a traffic selector to the list for initiator.
178 *
179 * Added proposal will be cloned.
180 *
181 * @warning Do not add while other threads are reading.
182 *
183 * @param this calling object
184 * @param traffic_selector traffic_selector to add
185 */
186 void (*add_traffic_selector_initiator) (sa_config_t *this, traffic_selector_t *traffic_selector);
187
188 /**
189 * @brief Add a traffic selector to the list for responder.
190 *
191 * Added proposal will be cloned.
192 *
193 * @warning Do not add while other threads are reading.
194 *
195 * @param this calling object
196 * @param traffic_selector traffic_selector to add
197 */
198 void (*add_traffic_selector_responder) (sa_config_t *this, traffic_selector_t *traffic_selector);
199
200 /**
201 * @brief Add a proposal to the list.
202 *
203 * The proposals are stored by priority, first added
204 * is the most prefered.
205 *
206 * @warning Do not add while other threads are reading.
207 *
208 * @param this calling object
209 * @param proposal proposal to add
210 */
211 void (*add_proposal) (sa_config_t *this, child_proposal_t *proposal);
212
213 /**
214 * @brief Destroys the config object
215 *
216 * @param this calling object
217 */
218 void (*destroy) (sa_config_t *this);
219 };
220
221 /**
222 * @brief Create a configuration object for IKE_AUTH and later.
223 *
224 * @param my_id_type type of my identification
225 * @param my_id my identification as string
226 * @param other_id_type type of other identification
227 * @param other_id other identification as string
228 * @param auth_method Method of authentication
229 * @param ike_sa_lifetime lifetime of this IKE_SA in milliseconds. IKE_SA will be deleted
230 * after this lifetime!
231 * @return sa_config_t object
232 *
233 * @ingroup config
234 */
235 sa_config_t *sa_config_create(id_type_t my_id_type, char *my_id, id_type_t other_id_type, char *other_id, auth_method_t auth_method, u_int32_t ike_sa_lifetime);
236
237 #endif //_SA_CONFIG_H_