enforce_recommendation inserts TNC group membership rules for IKE_SA
[strongswan.git] / src / libcharon / tnc / imv / imv_manager.h
1 /*
2 * Copyright (C) 2010 Andreas Steffen
3 * HSR Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 /**
17 * @defgroup imv_manager imv_manager
18 * @{ @ingroup imv
19 */
20
21 #ifndef IMV_MANAGER_H_
22 #define IMV_MANAGER_H_
23
24 #include "imv.h"
25
26 #include <library.h>
27
28 typedef struct imv_manager_t imv_manager_t;
29
30 /**
31 * The IMV manager controls all IMV instances.
32 */
33 struct imv_manager_t {
34
35 /**
36 * Add an IMV instance
37 *
38 * @param imv IMV instance
39 * @return TRUE if initialization successful
40 */
41 bool (*add)(imv_manager_t *this, imv_t *imv);
42
43 /**
44 * Remove an IMV instance from the list and return it
45 *
46 * @param id ID of IMV instance
47 * @return removed IMC instance
48 */
49 imv_t* (*remove)(imv_manager_t *this, TNC_IMVID id);
50
51 /**
52 * Return the number of registered IMVs
53 *
54 * @return number of IMVs
55 */
56 int (*get_count)(imv_manager_t *this);
57
58 /**
59 * Enforce the TNC recommendation on the IKE_SA by either inserting an
60 * allow|isolate group membership rule (TRUE) or by blocking access (FALSE)
61 *
62 * @param void TNC action recommendation
63 * @return TRUE for allow|isolate, FALSE for none
64 */
65 bool (*enforce_recommendation)(imv_manager_t *this,
66 TNC_IMV_Action_Recommendation rec);
67
68 /**
69 * Notify all IMV instances
70 *
71 * @param state communicate the state a connection has reached
72 */
73 void (*notify_connection_change)(imv_manager_t *this,
74 TNC_ConnectionID id,
75 TNC_ConnectionState state);
76
77 /**
78 * Sets the supported message types reported by a given IMV
79 *
80 * @param id ID of reporting IMV
81 * @param supported_types list of messages type supported by IMV
82 * @param type_count number of supported message types
83 * @return TNC result code
84 */
85 TNC_Result (*set_message_types)(imv_manager_t *this,
86 TNC_IMVID id,
87 TNC_MessageTypeList supported_types,
88 TNC_UInt32 type_count);
89
90 /**
91 * Solicit recommendations from IMVs that have not yet provided one
92 *
93 * @param id connection ID
94 */
95 void (*solicit_recommendation)(imv_manager_t *this, TNC_ConnectionID id);
96
97 /**
98 * Delivers a message to interested IMVs.
99 *
100 * @param connection_id ID of connection over which message was received
101 * @param message message
102 * @param message_len message length
103 * @param message_type message type
104 */
105 void (*receive_message)(imv_manager_t *this,
106 TNC_ConnectionID connection_id,
107 TNC_BufferReference message,
108 TNC_UInt32 message_len,
109 TNC_MessageType message_type);
110
111 /**
112 * Notify all IMVs that all IMC messages received in a batch have been
113 * delivered and this is the IMVs last chance to send a message in the
114 * batch of IMV messages currently being collected.
115 *
116 * @param id connection ID
117 */
118 void (*batch_ending)(imv_manager_t *this, TNC_ConnectionID id);
119
120 /**
121 * Destroy an IMV manager and all its controlled instances.
122 */
123 void (*destroy)(imv_manager_t *this);
124 };
125
126 #endif /** IMV_MANAGER_H_ @}*/