updated Doxyfile
[strongswan.git] / src / charon / config / ike_cfg.h
1 /*
2 * Copyright (C) 2005-2007 Martin Willi
3 * Copyright (C) 2005 Jan Hutter
4 * Hochschule fuer Technik Rapperswil
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * for more details.
15 *
16 * $Id$
17 */
18
19 /**
20 * @defgroup ike_cfg ike_cfg
21 * @{ @ingroup config
22 */
23
24 #ifndef IKE_CFG_H_
25 #define IKE_CFG_H_
26
27 typedef struct ike_cfg_t ike_cfg_t;
28
29 #include <library.h>
30 #include <utils/host.h>
31 #include <utils/linked_list.h>
32 #include <utils/identification.h>
33 #include <config/proposal.h>
34 #include <crypto/diffie_hellman.h>
35
36 /**
37 * An ike_cfg_t defines the rules to set up an IKE_SA.
38 *
39 * @see peer_cfg_t to get an overview over the configurations.
40 */
41 struct ike_cfg_t {
42
43 /**
44 * Get own address.
45 *
46 * @return string of address/DNS name
47 */
48 char* (*get_my_addr) (ike_cfg_t *this);
49
50 /**
51 * Get peers address.
52 *
53 * @return string of address/DNS name
54 */
55 char* (*get_other_addr) (ike_cfg_t *this);
56
57 /**
58 * Adds a proposal to the list.
59 *
60 * The first added proposal has the highest priority, the last
61 * added the lowest.
62 *
63 * @param proposal proposal to add
64 */
65 void (*add_proposal) (ike_cfg_t *this, proposal_t *proposal);
66
67 /**
68 * Returns a list of all supported proposals.
69 *
70 * Returned list and its proposals must be destroyed after use.
71 *
72 * @return list containing all the proposals
73 */
74 linked_list_t* (*get_proposals) (ike_cfg_t *this);
75
76 /**
77 * Select a proposed from suggested proposals.
78 *
79 * Returned proposal must be destroyed after use.
80 *
81 * @param proposals list of proposals to select from
82 * @return selected proposal, or NULL if none matches.
83 */
84 proposal_t *(*select_proposal) (ike_cfg_t *this, linked_list_t *proposals);
85
86 /**
87 * Should we send a certificate request in IKE_SA_INIT?
88 *
89 * @return certificate request sending policy
90 */
91 bool (*send_certreq) (ike_cfg_t *this);
92
93 /**
94 * Enforce UDP encapsulation by faking NATD notifies?
95 *
96 * @return TRUE to enfoce UDP encapsulation
97 */
98 bool (*force_encap) (ike_cfg_t *this);
99
100 /**
101 * Get the DH group to use for IKE_SA setup.
102 *
103 * @return dh group to use for initialization
104 */
105 diffie_hellman_group_t (*get_dh_group)(ike_cfg_t *this);
106
107 /**
108 * Check if two IKE configs are equal.
109 *
110 * @param other other to check for equality
111 * @return TRUE if other equal to this
112 */
113 bool (*equals)(ike_cfg_t *this, ike_cfg_t *other);
114
115 /**
116 * Increase reference count.
117 *
118 * @return reference to this
119 */
120 ike_cfg_t* (*get_ref) (ike_cfg_t *this);
121
122 /**
123 * Destroys a ike_cfg_t object.
124 *
125 * Decrements the internal reference counter and
126 * destroys the ike_cfg when it reaches zero.
127 */
128 void (*destroy) (ike_cfg_t *this);
129 };
130
131 /**
132 * Creates a ike_cfg_t object.
133 *
134 * Supplied hosts become owned by ike_cfg, the name gets cloned.
135 *
136 * @param certreq TRUE to send a certificate request
137 * @param force_encap enforce UDP encapsulation by faking NATD notify
138 * @param me address/DNS name of local peer
139 * @param other address/DNS name of remote peer
140 * @return ike_cfg_t object.
141 */
142 ike_cfg_t *ike_cfg_create(bool certreq, bool force_encap,
143 char *me, char *other);
144
145 #endif /** IKE_CFG_H_ @}*/