- fixed equals for new struct definition
[strongswan.git] / Source / charon / config / sa_config.h
1 /**
2 * @file sa_config.h
3 *
4 * @brief Interface of sa_config_t.
5 *
6 */
7
8 /*
9 * Copyright (C) 2005 Jan Hutter, Martin Willi
10 * Hochschule fuer Technik Rapperswil
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 * for more details.
21 */
22
23 #ifndef _SA_CONFIG_H_
24 #define _SA_CONFIG_H_
25
26 #include <types.h>
27 #include <utils/identification.h>
28 #include <encoding/payloads/auth_payload.h>
29 #include <encoding/payloads/transform_substructure.h>
30 #include <network/host.h>
31 #include <transforms/crypters/crypter.h>
32 #include <transforms/signers/signer.h>
33 #include <transforms/diffie_hellman.h>
34
35
36 typedef struct child_proposal_t child_proposal_t;
37
38 /**
39 * @brief Storage structure for a proposal for a child sa.
40 *
41 * A proposal for a child sa contains data for
42 * AH, ESP, or both.
43 *
44 * @ingroup config
45 */
46 struct child_proposal_t {
47
48 /**
49 * Data for AH, if set
50 */
51 struct {
52 bool is_set;
53 integrity_algorithm_t integrity_algorithm;
54 size_t integrity_algorithm_key_size;
55 diffie_hellman_group_t diffie_hellman_group;
56 extended_sequence_numbers_t extended_sequence_numbers;
57 } ah;
58
59 /**
60 * data for ESP, if set
61 */
62 struct {
63 bool is_set;
64 encryption_algorithm_t encryption_algorithm;
65 size_t encryption_algorithm_key_size;
66 integrity_algorithm_t integrity_algorithm;
67 size_t integrity_algorithm_key_size;
68 diffie_hellman_group_t diffie_hellman_group;
69 extended_sequence_numbers_t extended_sequence_numbers;
70 } esp;
71 };
72
73
74 typedef struct traffic_selector_t traffic_selector_t;
75
76 /**
77 * @brief Storage structure for a traffic selection.
78 *
79 * Specifies a protocol and a valid IP and port range.
80 *
81 * @ingroup config
82 */
83 struct traffic_selector_t {
84 /**
85 * Protocol for which this ts applies (TCP/UDP/ICMP)
86 */
87 u_int8_t protocol;
88 /**
89 * Start address and port for allowed range
90 */
91 host_t *begin;
92 /**
93 * End address and port for allowed range
94 */
95 host_t *end;
96 };
97
98
99 typedef struct sa_config_t sa_config_t;
100
101 /**
102 * @brief Stores configuration of an initialized connection.
103 *
104 * During the IKE_AUTH phase, we have enought data to specify a
105 * configuration.
106 *
107 * @warning This config is not thread save.
108 *
109 * @ingroup config
110 */
111 struct sa_config_t {
112
113 /**
114 * @brief Get own id to use for identification.
115 *
116 * @param this calling object
117 * @return own id
118 */
119 identification_t (*get_my_id) (sa_config_t *this);
120
121 /**
122 * @brief Get id of communication partner..
123 *
124 * @param this calling object
125 * @return other id
126 */
127 identification_t (*get_other_id) (sa_config_t *this);
128
129 /**
130 * @brief Get authentication method to use for IKE_AUTH.
131 *
132 * @param this calling object
133 * @return authentication methood
134 */
135 auth_method_t (*get_auth_method) (sa_config_t *this);
136
137 /**
138 * @brief Get configured traffic selectors.
139 *
140 * @warning Resulting array must be freed!
141 *
142 * @param this calling object
143 * @param[out]traffic_selectors pointer where traffic selectors will be allocated
144 * @return number of returned traffic selectors
145 */
146 size_t (*get_traffic_selectors) (sa_config_t *this, traffic_selector_t **traffic_selectors);
147
148 /**
149 * @brief Select traffic selectors from a supplied list.
150 *
151 * @warning Resulting array must be freed!
152 *
153 * @param this calling object
154 * @param supplied pointer to an array of ts to select from.
155 * @param count number of ts stored at supplied
156 * @param[out]traffic_selectors pointer where selected traffic selectors will be allocated
157 * @return number of selected traffic selectors
158 */
159 size_t (*select_traffic_selectors) (sa_config_t *this, traffic_selector_t *supplied, size_t count, traffic_selector_t **selected);
160
161 /**
162 * @brief Get the list of proposals for this config.
163 *
164 * @warning Resulting array must be freed!
165 *
166 * @param this calling object
167 * @param[out]traffic_selectors pointer where proposals will be allocated
168 * @return number of allocated proposals
169 */
170 size_t (*get_proposals) (sa_config_t *this, child_proposal_t **proposals);
171
172 /**
173 * @brief Select a proposal from a supplied list
174 *
175 * @warning Resulting array must be freed!
176 *
177 * @param this calling object
178 * @param supplied pointer to an array of proposals to select from.
179 * @param count number of proposals stored at supplied
180 * @return the selected proposal
181 */
182 child_proposal_t* (*select_proposal) (sa_config_t *this, child_proposal_t *supplied, size_t count);
183
184 /**
185 * @brief Add a traffic selector to the list.
186 *
187 * Added proposal will be cloned.
188 *
189 * @warning Do not add while other threads are reading.
190 *
191 * @param this calling object
192 * @param traffic_selector traffic_selector to add
193 */
194 void (*add_traffic_selector) (sa_config_t *this, traffic_selector_t *traffic_selector);
195
196 /**
197 * @brief Add a proposal to the list.
198 *
199 * The proposals are stored by priority, first added
200 * is the most prefered.
201 * Added proposal will be cloned.
202 *
203 * @warning Do not add while other threads are reading.
204 *
205 * @param this calling object
206 * @param proposal proposal to add
207 */
208 void (*add_proposal) (sa_config_t *this, child_proposal_t *proposal);
209
210 /**
211 * @brief Destroys the config object
212 *
213 *
214 * @param this calling object
215 */
216 void (*destroy) (sa_config_t *this);
217 };
218
219 /**
220 * @brief Create a configuration object for IKE_AUTH and later.
221 *
222 * @return created sa_config_t
223 *
224 * @ingroup config
225 */
226 sa_config_t *sa_config_create();
227
228 #endif //_SA_CONFIG_H_