fixed CHILD_SA proposal selection when not using DH exchange
[strongswan.git] / src / charon / config / traffic_selector.h
index b611b61..0e798fc 100644 (file)
@@ -6,6 +6,7 @@
  */
 
 /*
+ * Copyright (C) 2007 Tobias Brunner
  * Copyright (C) 2005-2006 Martin Willi
  * Copyright (C) 2005 Jan Hutter
  * Hochschule fuer Technik Rapperswil
@@ -105,7 +106,7 @@ struct traffic_selector_t {
         *
         * Chunk is in network order gets allocated.
         *
-        * @param this          calling object
+        * @param this          called object
         * @return                      chunk containing the address
         */
        chunk_t (*get_from_address) (traffic_selector_t *this);
@@ -115,7 +116,7 @@ struct traffic_selector_t {
         *
         * Chunk is in network order gets allocated.
         *
-        * @param this          calling object
+        * @param this          called object
         * @return                      chunk containing the address
         */
        chunk_t (*get_to_address) (traffic_selector_t *this);
@@ -126,7 +127,7 @@ struct traffic_selector_t {
         * Port is in host order, since the parser converts it.
         * Size depends on protocol.
         *  
-        * @param this          calling object
+        * @param this          called object
         * @return                      port
         */
        u_int16_t (*get_from_port) (traffic_selector_t *this);
@@ -137,7 +138,7 @@ struct traffic_selector_t {
         * Port is in host order, since the parser converts it.
         * Size depends on protocol.
         *
-        * @param this          calling object
+        * @param this          called object
         * @return                      port
         */
        u_int16_t (*get_to_port) (traffic_selector_t *this);
@@ -145,7 +146,7 @@ struct traffic_selector_t {
        /**
         * @brief Get the type of the traffic selector.
         *
-        * @param this          calling obect
+        * @param this          called object
         * @return                      ts_type_t specifying the type
         */
        ts_type_t (*get_type) (traffic_selector_t *this);
@@ -153,7 +154,7 @@ struct traffic_selector_t {
        /**
         * @brief Get the protocol id of this ts.
         *
-        * @param this          calling obect
+        * @param this          called object
         * @return                      protocol id
         */
        u_int8_t (*get_protocol) (traffic_selector_t *this);
@@ -164,8 +165,10 @@ struct traffic_selector_t {
         * Traffic selector may describe the end of *-to-host tunnel. In this
         * case, the address range is a single address equal to the hosts
         * peer address.
+        * If host is NULL, the traffic selector is checked if it is a single host,
+        * but not a specific one.
         *
-        * @param this          calling obect
+        * @param this          called object
         * @param host          host_t specifying the address range
         */
        bool (*is_host) (traffic_selector_t *this, host_t* host);
@@ -173,15 +176,13 @@ struct traffic_selector_t {
        /**
         * @brief Update the address of a traffic selector.
         *
-        * Update the address range of a traffic selector, 
-        * if the current address is 0.0.0.0. The new address range
-        * starts from the supplied address and also ends there 
-        * (which means it is a one-host-address-range ;-).
+        * Update the address range of a traffic selector, if it is
+        * constructed with the traffic_selector_create_dynamic().
         *
-        * @param this          calling obect
-        * @param host          host_t specifying the address range
+        * @param this          called object
+        * @param host          host_t specifying the address
         */
-       void (*update_address_range) (traffic_selector_t *this, host_t* host);
+       void (*set_address) (traffic_selector_t *this, host_t* host);
        
        /**
         * @brief Compare two traffic selectors for equality.
@@ -193,9 +194,29 @@ struct traffic_selector_t {
        bool (*equals) (traffic_selector_t *this, traffic_selector_t *other);
        
        /**
+        * @brief Check if a traffic selector is contained completly in another.
+        *
+        * contains() allows to check if multiple traffic selectors are redundant.
+        *
+        * @param this          ts that is contained in another
+        * @param other         ts that contains this
+        * @return                      TRUE if other contains this completly, FALSE otherwise
+        */
+       bool (*is_contained_in) (traffic_selector_t *this, traffic_selector_t *other);
+
+       /**
+        * @brief Check if a specific host is included in the address range of 
+        * this traffic selector.
+        *
+        * @param this          called object
+        * @param host          the host to check
+        */
+       bool (*includes) (traffic_selector_t *this, host_t *host);
+       
+       /**
         * @brief Destroys the ts object
         *
-        * @param this          calling object
+        * @param this          called object
         */
        void (*destroy) (traffic_selector_t *this);
 };
@@ -233,9 +254,7 @@ traffic_selector_t *traffic_selector_create_from_string(
  * @param from_port            port number, host order
  * @param to_address   end of address range as string, network
  * @param to_port              port number, host order
- * @return
- *                                             - traffic_selector_t object
- *                                             - NULL if invalid address input/protocol
+ * @return                             traffic_selector_t object
  *
  * @ingroup config
  */
@@ -266,4 +285,28 @@ traffic_selector_t *traffic_selector_create_from_subnet(
                                                                        host_t *net, u_int8_t netbits, 
                                                                        u_int8_t protocol, u_int16_t port);
 
+/**
+ * @brief Create a traffic selector for host-to-host cases.
+ * 
+ * For host2host or virtual IP setups, the traffic selectors gets
+ * created at runtime using the external/virtual IP. Using this constructor,
+ * a call to set_address() sets this traffic selector to the supplied host.
+ * 
+ * 
+ * @param protocol             upper layer protocl to allow
+ * @param type                 family type
+ * @param from_port            start of allowed port range
+ * @param to_port              end of range
+ * @return
+ *                                             - traffic_selector_t object
+ *                                             - NULL if type not supported
+ *
+ * @ingroup config
+ */
+traffic_selector_t *traffic_selector_create_dynamic(
+                                                                       u_int8_t protocol, ts_type_t type,
+                                                                       u_int16_t from_port, u_int16_t to_port);
+
 #endif /* TRAFFIC_SELECTOR_H_ */
+
+/* vim: set ts=4 sw=4 noet: */