2 * Copyright (C) 2012 Tobias Brunner
3 * Copyright (C) 2012 Giuliano Grassi
4 * Copyright (C) 2012 Ralf Sager
5 * Hochschule fuer Technik Rapperswil
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2 of the License, or (at your
10 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
17 #include "android_ipsec.h"
18 #include "../charonservice.h"
20 #include <utils/debug.h>
25 typedef struct private_kernel_android_ipsec_t private_kernel_android_ipsec_t
;
27 struct private_kernel_android_ipsec_t
{
30 * Public kernel interface
32 kernel_android_ipsec_t
public;
35 * Listener for lifetime expire events
37 ipsec_event_listener_t ipsec_listener
;
41 * Callback registrered with libipsec.
43 static void expire(u_int8_t protocol
, u_int32_t spi
, host_t
*dst
, bool hard
)
45 hydra
->kernel_interface
->expire(hydra
->kernel_interface
, protocol
,
49 METHOD(kernel_ipsec_t
, get_spi
, status_t
,
50 private_kernel_android_ipsec_t
*this, host_t
*src
, host_t
*dst
,
51 u_int8_t protocol
, u_int32_t
*spi
)
53 return ipsec
->sas
->get_spi(ipsec
->sas
, src
, dst
, protocol
, spi
);
56 METHOD(kernel_ipsec_t
, get_cpi
, status_t
,
57 private_kernel_android_ipsec_t
*this, host_t
*src
, host_t
*dst
,
63 METHOD(kernel_ipsec_t
, add_sa
, status_t
,
64 private_kernel_android_ipsec_t
*this, host_t
*src
, host_t
*dst
,
65 u_int32_t spi
, u_int8_t protocol
, u_int32_t reqid
, mark_t mark
,
66 u_int32_t tfc
, lifetime_cfg_t
*lifetime
, u_int16_t enc_alg
, chunk_t enc_key
,
67 u_int16_t int_alg
, chunk_t int_key
, ipsec_mode_t mode
,
68 u_int16_t ipcomp
, u_int16_t cpi
, u_int32_t replay_window
,
69 bool initiator
, bool encap
, bool esn
, bool inbound
, bool update
,
70 linked_list_t
*src_ts
, linked_list_t
*dst_ts
)
72 return ipsec
->sas
->add_sa(ipsec
->sas
, src
, dst
, spi
, protocol
, reqid
, mark
,
73 tfc
, lifetime
, enc_alg
, enc_key
, int_alg
, int_key
,
74 mode
, ipcomp
, cpi
, initiator
, encap
, esn
,
78 METHOD(kernel_ipsec_t
, update_sa
, status_t
,
79 private_kernel_android_ipsec_t
*this, u_int32_t spi
, u_int8_t protocol
,
80 u_int16_t cpi
, host_t
*src
, host_t
*dst
, host_t
*new_src
, host_t
*new_dst
,
81 bool encap
, bool new_encap
, mark_t mark
)
83 return ipsec
->sas
->update_sa(ipsec
->sas
, spi
, protocol
, cpi
, src
, dst
,
84 new_src
, new_dst
, encap
, new_encap
, mark
);
87 METHOD(kernel_ipsec_t
, query_sa
, status_t
,
88 private_kernel_android_ipsec_t
*this, host_t
*src
, host_t
*dst
,
89 u_int32_t spi
, u_int8_t protocol
, mark_t mark
,
90 u_int64_t
*bytes
, u_int64_t
*packets
, time_t *time
)
92 return ipsec
->sas
->query_sa(ipsec
->sas
, src
, dst
, spi
, protocol
, mark
,
93 bytes
, packets
, time
);
96 METHOD(kernel_ipsec_t
, del_sa
, status_t
,
97 private_kernel_android_ipsec_t
*this, host_t
*src
, host_t
*dst
,
98 u_int32_t spi
, u_int8_t protocol
, u_int16_t cpi
, mark_t mark
)
100 return ipsec
->sas
->del_sa(ipsec
->sas
, src
, dst
, spi
, protocol
, cpi
, mark
);
103 METHOD(kernel_ipsec_t
, flush_sas
, status_t
,
104 private_kernel_android_ipsec_t
*this)
106 return ipsec
->sas
->flush_sas(ipsec
->sas
);
109 METHOD(kernel_ipsec_t
, add_policy
, status_t
,
110 private_kernel_android_ipsec_t
*this, host_t
*src
, host_t
*dst
,
111 traffic_selector_t
*src_ts
, traffic_selector_t
*dst_ts
,
112 policy_dir_t direction
, policy_type_t type
, ipsec_sa_cfg_t
*sa
, mark_t mark
,
113 policy_priority_t priority
)
115 return ipsec
->policies
->add_policy(ipsec
->policies
, src
, dst
, src_ts
,
116 dst_ts
, direction
, type
, sa
, mark
,
120 METHOD(kernel_ipsec_t
, query_policy
, status_t
,
121 private_kernel_android_ipsec_t
*this, traffic_selector_t
*src_ts
,
122 traffic_selector_t
*dst_ts
, policy_dir_t direction
, mark_t mark
,
125 return NOT_SUPPORTED
;
128 METHOD(kernel_ipsec_t
, del_policy
, status_t
,
129 private_kernel_android_ipsec_t
*this, host_t
*src
, host_t
*dst
,
130 traffic_selector_t
*src_ts
, traffic_selector_t
*dst_ts
,
131 policy_dir_t direction
, policy_type_t type
, ipsec_sa_cfg_t
*sa
,
132 mark_t mark
, policy_priority_t priority
)
134 return ipsec
->policies
->del_policy(ipsec
->policies
, src
, dst
, src_ts
,
135 dst_ts
, direction
, type
, sa
, mark
,
139 METHOD(kernel_ipsec_t
, flush_policies
, status_t
,
140 private_kernel_android_ipsec_t
*this)
142 ipsec
->policies
->flush_policies(ipsec
->policies
);
146 METHOD(kernel_ipsec_t
, bypass_socket
, bool,
147 private_kernel_android_ipsec_t
*this, int fd
, int family
)
149 return charonservice
->bypass_socket(charonservice
, fd
, family
);
152 METHOD(kernel_ipsec_t
, enable_udp_decap
, bool,
153 private_kernel_android_ipsec_t
*this, int fd
, int family
, u_int16_t port
)
155 return NOT_SUPPORTED
;
158 METHOD(kernel_ipsec_t
, destroy
, void,
159 private_kernel_android_ipsec_t
*this)
161 ipsec
->events
->unregister_listener(ipsec
->events
, &this->ipsec_listener
);
166 * Described in header.
168 kernel_android_ipsec_t
*kernel_android_ipsec_create()
170 private_kernel_android_ipsec_t
*this;
178 .update_sa
= _update_sa
,
179 .query_sa
= _query_sa
,
181 .flush_sas
= _flush_sas
,
182 .add_policy
= _add_policy
,
183 .query_policy
= _query_policy
,
184 .del_policy
= _del_policy
,
185 .flush_policies
= _flush_policies
,
186 .bypass_socket
= _bypass_socket
,
187 .enable_udp_decap
= _enable_udp_decap
,
196 ipsec
->events
->register_listener(ipsec
->events
, &this->ipsec_listener
);
198 return &this->public;