8254c019111c95fbd79d4710da30b92564b9e8f3
[strongswan.git] / src / frontends / android / jni / libandroidbridge / kernel / android_ipsec.c
1 /*
2 * Copyright (C) 2012 Tobias Brunner
3 * Copyright (C) 2012 Giuliano Grassi
4 * Copyright (C) 2012 Ralf Sager
5 * Hochschule fuer Technik Rapperswil
6 *
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2 of the License, or (at your
10 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * for more details.
15 */
16
17 #include "android_ipsec.h"
18
19 #include <debug.h>
20 #include <library.h>
21 #include <hydra.h>
22 #include <ipsec.h>
23
24 typedef struct private_kernel_android_ipsec_t private_kernel_android_ipsec_t;
25
26 struct private_kernel_android_ipsec_t {
27
28 /**
29 * Public kernel interface
30 */
31 kernel_android_ipsec_t public;
32
33 /**
34 * Listener for lifetime expire events
35 */
36 ipsec_event_listener_t ipsec_listener;
37 };
38
39 /**
40 * Callback registrered with libipsec.
41 */
42 void expire(u_int32_t reqid, u_int8_t protocol, u_int32_t spi, bool hard)
43 {
44 hydra->kernel_interface->expire(hydra->kernel_interface, reqid, protocol,
45 spi, hard);
46 }
47
48 METHOD(kernel_ipsec_t, get_spi, status_t,
49 private_kernel_android_ipsec_t *this, host_t *src, host_t *dst,
50 u_int8_t protocol, u_int32_t reqid, u_int32_t *spi)
51 {
52 return ipsec->sas->get_spi(ipsec->sas, src, dst, protocol, reqid, spi);
53 }
54
55 METHOD(kernel_ipsec_t, get_cpi, status_t,
56 private_kernel_android_ipsec_t *this, host_t *src, host_t *dst,
57 u_int32_t reqid, u_int16_t *cpi)
58 {
59 return NOT_SUPPORTED;
60 }
61
62 METHOD(kernel_ipsec_t, add_sa, status_t,
63 private_kernel_android_ipsec_t *this, host_t *src, host_t *dst,
64 u_int32_t spi, u_int8_t protocol, u_int32_t reqid, mark_t mark,
65 u_int32_t tfc, lifetime_cfg_t *lifetime, u_int16_t enc_alg, chunk_t enc_key,
66 u_int16_t int_alg, chunk_t int_key, ipsec_mode_t mode, u_int16_t ipcomp,
67 u_int16_t cpi, bool encap, bool esn, bool inbound,
68 traffic_selector_t *src_ts, traffic_selector_t *dst_ts)
69 {
70 return ipsec->sas->add_sa(ipsec->sas, src, dst, spi, protocol, reqid, mark,
71 tfc, lifetime, enc_alg, enc_key, int_alg, int_key,
72 mode, ipcomp, cpi, encap, esn, inbound, src_ts,
73 dst_ts);
74 }
75
76 METHOD(kernel_ipsec_t, update_sa, status_t,
77 private_kernel_android_ipsec_t *this, u_int32_t spi, u_int8_t protocol,
78 u_int16_t cpi, host_t *src, host_t *dst, host_t *new_src, host_t *new_dst,
79 bool encap, bool new_encap, mark_t mark)
80 {
81 return NOT_SUPPORTED;
82 }
83
84 METHOD(kernel_ipsec_t, query_sa, status_t,
85 private_kernel_android_ipsec_t *this, host_t *src, host_t *dst,
86 u_int32_t spi, u_int8_t protocol, mark_t mark, u_int64_t *bytes)
87 {
88 return NOT_SUPPORTED;
89 }
90
91 METHOD(kernel_ipsec_t, del_sa, status_t,
92 private_kernel_android_ipsec_t *this, host_t *src, host_t *dst,
93 u_int32_t spi, u_int8_t protocol, u_int16_t cpi, mark_t mark)
94 {
95 return ipsec->sas->del_sa(ipsec->sas, src, dst, spi, protocol, cpi, mark);
96 }
97
98 METHOD(kernel_ipsec_t, flush_sas, status_t,
99 private_kernel_android_ipsec_t *this)
100 {
101 return ipsec->sas->flush_sas(ipsec->sas);
102 }
103
104 METHOD(kernel_ipsec_t, add_policy, status_t,
105 private_kernel_android_ipsec_t *this, host_t *src, host_t *dst,
106 traffic_selector_t *src_ts, traffic_selector_t *dst_ts,
107 policy_dir_t direction, policy_type_t type, ipsec_sa_cfg_t *sa, mark_t mark,
108 policy_priority_t priority)
109 {
110 return ipsec->policies->add_policy(ipsec->policies, src, dst, src_ts,
111 dst_ts, direction, type, sa, mark,
112 priority);
113 }
114
115 METHOD(kernel_ipsec_t, query_policy, status_t,
116 private_kernel_android_ipsec_t *this, traffic_selector_t *src_ts,
117 traffic_selector_t *dst_ts, policy_dir_t direction, mark_t mark,
118 u_int32_t *use_time)
119 {
120 return NOT_SUPPORTED;
121 }
122
123 METHOD(kernel_ipsec_t, del_policy, status_t,
124 private_kernel_android_ipsec_t *this, traffic_selector_t *src_ts,
125 traffic_selector_t *dst_ts, policy_dir_t direction, u_int32_t reqid,
126 mark_t mark, policy_priority_t priority)
127 {
128 return ipsec->policies->del_policy(ipsec->policies, src_ts, dst_ts,
129 direction, reqid, mark, priority);
130 }
131
132 METHOD(kernel_ipsec_t, flush_policies, status_t,
133 private_kernel_android_ipsec_t *this)
134 {
135 ipsec->policies->flush_policies(ipsec->policies);
136 return SUCCESS;
137 }
138
139 METHOD(kernel_ipsec_t, bypass_socket, bool,
140 private_kernel_android_ipsec_t *this, int fd, int family)
141 {
142 return NOT_SUPPORTED;
143 }
144
145 METHOD(kernel_ipsec_t, enable_udp_decap, bool,
146 private_kernel_android_ipsec_t *this, int fd, int family, u_int16_t port)
147 {
148 return NOT_SUPPORTED;
149 }
150
151 METHOD(kernel_ipsec_t, destroy, void,
152 private_kernel_android_ipsec_t *this)
153 {
154 ipsec->events->unregister_listener(ipsec->events, &this->ipsec_listener);
155 free(this);
156 }
157
158 /*
159 * Described in header.
160 */
161 kernel_android_ipsec_t *kernel_android_ipsec_create()
162 {
163 private_kernel_android_ipsec_t *this;
164
165 INIT(this,
166 .public = {
167 .interface = {
168 .get_spi = _get_spi,
169 .get_cpi = _get_cpi,
170 .add_sa = _add_sa,
171 .update_sa = _update_sa,
172 .query_sa = _query_sa,
173 .del_sa = _del_sa,
174 .flush_sas = _flush_sas,
175 .add_policy = _add_policy,
176 .query_policy = _query_policy,
177 .del_policy = _del_policy,
178 .flush_policies = _flush_policies,
179 .bypass_socket = _bypass_socket,
180 .enable_udp_decap = _enable_udp_decap,
181 .destroy = _destroy,
182 },
183 },
184 .ipsec_listener = {
185 .expire = expire,
186 },
187 );
188
189 ipsec->events->register_listener(ipsec->events, &this->ipsec_listener);
190
191 return &this->public;
192 }