Support multiple virtual IPs on peer_cfg and ike_sa classes
[strongswan.git] / src / libcharon / sa / child_sa.h
index e6c6035..dae3f2c 100644 (file)
@@ -208,6 +208,34 @@ struct child_sa_t {
        void (*set_ipcomp)(child_sa_t *this, ipcomp_transform_t ipcomp);
 
        /**
+        * Get the action to enforce if the remote peer closes the CHILD_SA.
+        *
+        * @return                      close action
+        */
+       action_t (*get_close_action)(child_sa_t *this);
+
+       /**
+        * Override the close action specified by the CHILD_SA config.
+        *
+        * @param                       close action to enforce
+        */
+       void (*set_close_action)(child_sa_t *this, action_t action);
+
+       /**
+        * Get the action to enforce if the peer is considered dead.
+        *
+        * @return                      dpd action
+        */
+       action_t (*get_dpd_action)(child_sa_t *this);
+
+       /**
+        * Override the DPD action specified by the CHILD_SA config.
+        *
+        * @param                       close action to enforce
+        */
+       void (*set_dpd_action)(child_sa_t *this, action_t action);
+
+       /**
         * Get the selected proposal.
         *
         * @return                      selected proposal
@@ -247,6 +275,14 @@ struct child_sa_t {
                                                 u_int64_t *bytes);
 
        /**
+        * Get the mark used with this CHILD_SA.
+        *
+        * @param inbound               TRUE to get inbound mark, FALSE for outbound
+        * @return                              mark used with this CHILD_SA
+        */
+       mark_t (*get_mark)(child_sa_t *this, bool inbound);
+
+       /**
         * Get the traffic selectors list added for one side.
         *
         * @param local         TRUE for own traffic selectors, FALSE for remote
@@ -285,12 +321,13 @@ struct child_sa_t {
         * @param spi           SPI to use, allocated for inbound
         * @param cpi           CPI to use, allocated for outbound
         * @param inbound       TRUE to install an inbound SA, FALSE for outbound
+        * @param tfcv3         TRUE if peer supports ESPv3 TFC
         * @param my_ts         negotiated local traffic selector list
         * @param other_ts      negotiated remote traffic selector list
         * @return                      SUCCESS or FAILED
         */
        status_t (*install)(child_sa_t *this, chunk_t encr, chunk_t integ,
-                                               u_int32_t spi, u_int16_t cpi, bool inbound,
+                                               u_int32_t spi, u_int16_t cpi, bool inbound, bool tfcv3,
                                                linked_list_t *my_ts, linked_list_t *other_ts);
        /**
         * Install the policies using some traffic selectors.
@@ -309,12 +346,12 @@ struct child_sa_t {
         *
         * @param me            the new local host
         * @param other         the new remote host
-        * @param vip           virtual IP, if any
+        * @param vips          list of local virtual IPs
         * @param                       TRUE to use UDP encapsulation for NAT traversal
         * @return                      SUCCESS or FAILED
         */
        status_t (*update)(child_sa_t *this, host_t *me, host_t *other,
-                                          host_t *vip, bool encap);
+                                          linked_list_t *vips, bool encap);
        /**
         * Destroys a child_sa.
         */