- implemented sa_config
[strongswan.git] / Source / charon / config / sa_config.h
1 /**
2 * @file sa_config.h
3 *
4 * @brief Interface of sa_config_t.
5 *
6 */
7
8 /*
9 * Copyright (C) 2005 Jan Hutter, Martin Willi
10 * Hochschule fuer Technik Rapperswil
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 * for more details.
21 */
22
23 #ifndef _SA_CONFIG_H_
24 #define _SA_CONFIG_H_
25
26 #include <types.h>
27 #include <utils/identification.h>
28 #include <encoding/payloads/auth_payload.h>
29 #include <network/host.h>
30 #include <transforms/crypters/crypter.h>
31 #include <transforms/signers/signer.h>
32
33
34 typedef struct child_proposal_t child_proposal_t;
35
36 /**
37 * @brief Storage structure for a proposal for a child sa.
38 *
39 * A proposal for a child sa contains data for
40 * AH, ESP, or both.
41 *
42 * @ingroup config
43 */
44 struct child_proposal_t {
45
46 /**
47 * Data for AH, if set
48 */
49 struct {
50 bool is_set;
51 integrity_algorithm_t integrity_algorithm;
52 size_t key_size;
53 } ah;
54
55 /**
56 * data for ESP, if set
57 */
58 struct {
59 bool is_set;
60 encryption_algorithm_t encryption_algorithm;
61 size_t key_size;
62 } esp;
63 };
64
65
66 typedef struct traffic_selector_t traffic_selector_t;
67
68 /**
69 * @brief Storage structure for a traffic selection.
70 *
71 * Specifies a protocol and a valid IP and port range.
72 *
73 * @ingroup config
74 */
75 struct traffic_selector_t {
76 /**
77 * Protocol for which this ts applies (TCP/UDP/ICMP)
78 */
79 u_int8_t protocol;
80 /**
81 * Start address and port for allowed range
82 */
83 host_t *begin;
84 /**
85 * End address and port for allowed range
86 */
87 host_t *end;
88 };
89
90
91 typedef struct sa_config_t sa_config_t;
92
93 /**
94 * @brief Stores configuration of an initialized connection.
95 *
96 * During the IKE_AUTH phase, we have enought data to specify a
97 * configuration.
98 *
99 * @warning This config is not thread save.
100 *
101 * @ingroup config
102 */
103 struct sa_config_t {
104
105 /**
106 * @brief Get own id to use for identification.
107 *
108 * @param this calling object
109 * @return own id
110 */
111 identification_t (*get_my_id) (sa_config_t *this);
112
113 /**
114 * @brief Get id of communication partner..
115 *
116 * @param this calling object
117 * @return other id
118 */
119 identification_t (*get_other_id) (sa_config_t *this);
120
121 /**
122 * @brief Get authentication method to use for IKE_AUTH.
123 *
124 * @param this calling object
125 * @return authentication methood
126 */
127 auth_method_t (*get_auth_method) (sa_config_t *this);
128
129 /**
130 * @brief Get configured traffic selectors.
131 *
132 * @warning Resulting array must be freed!
133 *
134 * @param this calling object
135 * @param[out]traffic_selectors pointer where traffic selectors will be allocated
136 * @return number of returned traffic selectors
137 */
138 size_t (*get_traffic_selectors) (sa_config_t *this, traffic_selector_t **traffic_selectors);
139
140 /**
141 * @brief Select traffic selectors from a supplied list.
142 *
143 * @warning Resulting array must be freed!
144 *
145 * @param this calling object
146 * @param supplied pointer to an array of ts to select from.
147 * @param count number of ts stored at supplied
148 * @param[out]traffic_selectors pointer where selected traffic selectors will be allocated
149 * @return number of selected traffic selectors
150 */
151 size_t (*select_traffic_selectors) (sa_config_t *this, traffic_selector_t *supplied, size_t count, traffic_selector_t **selected);
152
153 /**
154 * @brief Get the list of proposals for this config.
155 *
156 * @warning Resulting array must be freed!
157 *
158 * @param this calling object
159 * @param[out]traffic_selectors pointer where proposals will be allocated
160 * @return number of allocated proposals
161 */
162 size_t (*get_proposals) (sa_config_t *this, child_proposal_t **proposals);
163
164 /**
165 * @brief Select a proposal from a supplied list
166 *
167 * @warning Resulting array must be freed!
168 *
169 * @param this calling object
170 * @param supplied pointer to an array of proposals to select from.
171 * @param count number of proposals stored at supplied
172 * @return the selected proposal
173 */
174 child_proposal_t* (*select_proposal) (sa_config_t *this, child_proposal_t *supplied, size_t count);
175
176 /**
177 * @brief Add a traffic selector to the list.
178 *
179 * Added proposal will be destroyed with config destruction.
180 *
181 * @warning Do not add while other threads are reading.
182 *
183 * @param this calling object
184 * @param traffic_selector traffic_selector to add
185 */
186 void (*add_traffic_selector) (sa_config_t *this, traffic_selector_t *traffic_selector);
187
188 /**
189 * @brief Add a proposal to the list.
190 *
191 * The proposals are stored by priority, first added
192 * is the most prefered.
193 * Added proposal will be destroyed with config destruction.
194 *
195 * @warning Do not add while other threads are reading.
196 *
197 * @param this calling object
198 * @param proposal proposal to add
199 */
200 void (*add_proposal) (sa_config_t *this, child_proposal_t *proposal);
201
202 /**
203 * @brief Destroys the config object
204 *
205 *
206 * @param this calling object
207 */
208 void (*destroy) (sa_config_t *this);
209 };
210
211 /**
212 * @brief Create a configuration object for IKE_AUTH and later.
213 *
214 * @return created sa_config_t
215 *
216 * @ingroup config
217 */
218 sa_config_t *sa_config_create();
219
220 #endif //_SA_CONFIG_H_