X-Git-Url: https://git.strongswan.org/?p=strongswan.git;a=blobdiff_plain;f=src%2Fcharon%2Fconfig%2Fchild_cfg.h;h=228f0d888acbbe2e58f6bfbac627a2b7aa112edf;hp=c7401d623c4f61513add949e88b3139d0bbeab26;hb=68ac3b44d14357148ad9d45b577ab8074e79a5cc;hpb=552cc11b1f017ce4962fca741f567d098f768574 diff --git a/src/charon/config/child_cfg.h b/src/charon/config/child_cfg.h index c7401d6..228f0d8 100644 --- a/src/charon/config/child_cfg.h +++ b/src/charon/config/child_cfg.h @@ -1,4 +1,5 @@ /* + * Copyright (C) 2008 Tobias Brunner * Copyright (C) 2005-2007 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil @@ -25,6 +26,8 @@ #define CHILD_CFG_H_ typedef enum mode_t mode_t; +typedef enum action_t action_t; +typedef enum ipcomp_transform_t ipcomp_transform_t; typedef struct child_cfg_t child_cfg_t; #include @@ -51,6 +54,39 @@ enum mode_t { extern enum_name_t *mode_names; /** + * Action to take when DPD detected/connection gets closed by peer. + */ +enum action_t { + /** No action */ + ACTION_NONE, + /** Route config to reestablish on demand */ + ACTION_ROUTE, + /** Restart config immediately */ + ACTION_RESTART, +}; + +/** + * enum names for action_t. + */ +extern enum_name_t *action_names; + +/** + * IPComp transform IDs, as in RFC 4306 + */ +enum ipcomp_transform_t { + IPCOMP_NONE = 241, + IPCOMP_OUI = 1, + IPCOMP_DEFLATE = 2, + IPCOMP_LZS = 3, + IPCOMP_LZJH = 4, +}; + +/** + * enum strings for ipcomp_transform_t. + */ +extern enum_name_t *ipcomp_transform_names; + +/** * A child_cfg_t defines the config template for a CHILD_SA. * * After creation, proposals and traffic selectors may be added to the config. @@ -170,11 +206,25 @@ struct child_cfg_t { * The mode is either tunnel, transport or BEET. The peer must agree * on the method, fallback is tunnel mode. * - * @return lifetime in seconds + * @return ipsec mode */ mode_t (*get_mode) (child_cfg_t *this); /** + * Action to take on DPD. + * + * @return DPD action + */ + action_t (*get_dpd_action) (child_cfg_t *this); + + /** + * Action to take if CHILD_SA gets closed. + * + * @return close action + */ + action_t (*get_close_action) (child_cfg_t *this); + + /** * Get the DH group to use for CHILD_SA setup. * * @return dh group to use @@ -182,15 +232,19 @@ struct child_cfg_t { diffie_hellman_group_t (*get_dh_group)(child_cfg_t *this); /** - * Get a new reference. + * Check whether IPComp should be used, if the other peer supports it. + * + * @return TRUE, if IPComp should be used + * FALSE, otherwise + */ + bool (*use_ipcomp)(child_cfg_t *this); + + /** + * Increase the reference count. * - * Get a new reference to this child_cfg by increasing - * it's internal reference counter. - * Do not call get_ref or any other function until you - * already have a reference. Otherwise the object may get - * destroyed while calling get_ref(), + * @return reference to this */ - void (*get_ref) (child_cfg_t *this); + child_cfg_t* (*get_ref) (child_cfg_t *this); /** * Destroys the child_cfg object. @@ -218,10 +272,15 @@ struct child_cfg_t { * @param updown updown script to execute on up/down event * @param hostaccess TRUE to allow access to the local host * @param mode mode to propose for CHILD_SA, transport, tunnel or BEET + * @param dpd_action DPD action + * @param close_action close action + * @param ipcomp use IPComp, if peer supports it * @return child_cfg_t object */ child_cfg_t *child_cfg_create(char *name, u_int32_t lifetime, u_int32_t rekeytime, u_int32_t jitter, - char *updown, bool hostaccess, mode_t mode); + char *updown, bool hostaccess, mode_t mode, + action_t dpd_action, action_t close_action, + bool ipcomp); #endif /* CHILD_CFG_H_ @} */