projects / thirdparty / strongswan.git / blame
| Commit | Line | Data |
|---|---|---|
| bd50254c | 1 | /* |
| 4868d1c3 | 2 | * Copyright (C) 2010-2013 Tobias Brunner |
| 19ef2aec TB |
3 | * |
| 4 | * Copyright (C) secunet Security Networks AG | |
| bd50254c TB |
5 | * |
| 6 | * This program is free software; you can redistribute it and/or modify it | |
| 7 | * under the terms of the GNU General Public License as published by the | |
| 8 | * Free Software Foundation; either version 2 of the License, or (at your | |
| 9 | * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. | |
| 10 | * | |
| 11 | * This program is distributed in the hope that it will be useful, but | |
| 12 | * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY | |
| 13 | * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License | |
| 14 | * for more details. | |
| 15 | */ | |
| 16 | ||
| 17 | /** | |
| 18 | * @defgroup kernel_listener kernel_listener | |
| 8394ea2a | 19 | * @{ @ingroup kernel |
| bd50254c TB |
20 | */ |
| 21 | ||
| 22 | #ifndef KERNEL_LISTENER_H_ | |
| 23 | #define KERNEL_LISTENER_H_ | |
| 24 | ||
| 25 | typedef struct kernel_listener_t kernel_listener_t; | |
| 3b699c72 | 26 | typedef struct kernel_acquire_data_t kernel_acquire_data_t; |
| bd50254c | 27 | |
| 2e7cc07e | 28 | #include <networking/host.h> |
| 4868d1c3 TB |
29 | #include <networking/tun_device.h> |
| 30 | #include <selectors/traffic_selector.h> | |
| 31 | #include <kernel/kernel_ipsec.h> | |
| bd50254c | 32 | |
| 3b699c72 TB |
33 | /** |
| 34 | * Data received with a kernel's acquire, has to be cloned/copied by listener. | |
| 35 | */ | |
| 36 | struct kernel_acquire_data_t { | |
| 37 | /** Optional source of the triggering packet */ | |
| 38 | traffic_selector_t *src; | |
| 39 | /** Optional destination of the triggering packet */ | |
| 40 | traffic_selector_t *dst; | |
| 52a05d7f TB |
41 | /** Optional security label of the triggering packet */ |
| 42 | sec_label_t *label; | |
| df7cd8a2 TB |
43 | /** Optional CPU ID of the triggering packet, CPU_ID_MAX if none */ |
| 44 | uint32_t cpu; | |
| 3b699c72 TB |
45 | }; |
| 46 | ||
| bd50254c TB |
47 | /** |
| 48 | * Interface for components interested in kernel events. | |
| f7f3d87e TB |
49 | * |
| 50 | * All hooks are optional. | |
| bd50254c TB |
51 | */ |
| 52 | struct kernel_listener_t { | |
| 53 | ||
| 54 | /** | |
| 55 | * Hook called if an acquire event for a policy is received. | |
| 56 | * | |
| 57 | * @param reqid reqid of the policy to acquire | |
| 3b699c72 | 58 | * @param data data from the acquire |
| bd50254c TB |
59 | * @return TRUE to remain registered, FALSE to unregister |
| 60 | */ | |
| b12c53ce | 61 | bool (*acquire)(kernel_listener_t *this, uint32_t reqid, |
| 3b699c72 | 62 | kernel_acquire_data_t *data); |
| bd50254c TB |
63 | |
| 64 | /** | |
| b3ab7a48 | 65 | * Hook called if an expire event for an IPsec SA is received. |
| bd50254c | 66 | * |
| bd50254c TB |
67 | * @param protocol protocol of the expired SA |
| 68 | * @param spi spi of the expired SA | |
| f81a9497 | 69 | * @param dst destination address of expired SA |
| bd50254c TB |
70 | * @param hard TRUE if it is a hard expire, FALSE otherwise |
| 71 | * @return TRUE to remain registered, FALSE to unregister | |
| 72 | */ | |
| b12c53ce | 73 | bool (*expire)(kernel_listener_t *this, uint8_t protocol, uint32_t spi, |
| f81a9497 | 74 | host_t *dst, bool hard); |
| bd50254c TB |
75 | |
| 76 | /** | |
| 77 | * Hook called if the NAT mappings of an IPsec SA changed. | |
| 78 | * | |
| b125839a | 79 | * @param protocol IPsec protocol of affected SA |
| bd50254c | 80 | * @param spi spi of the SA |
| b3ab7a48 | 81 | * @param dst old destination address of SA |
| bd50254c TB |
82 | * @param remote new remote host |
| 83 | * @return TRUE to remain registered, FALSE to unregister | |
| 84 | */ | |
| b12c53ce | 85 | bool (*mapping)(kernel_listener_t *this, uint8_t protocol, uint32_t spi, |
| b125839a | 86 | host_t *dst, host_t *remote); |
| bd50254c TB |
87 | |
| 88 | /** | |
| 89 | * Hook called if a migrate event for a policy is received. | |
| 90 | * | |
| 91 | * @param reqid reqid of the policy | |
| 92 | * @param src_ts source traffic selector | |
| 93 | * @param dst_ts destination traffic selector | |
| 94 | * @param direction direction of the policy (in|out) | |
| 95 | * @param local local host address to be used in the IKE_SA | |
| 96 | * @param remote remote host address to be used in the IKE_SA | |
| 97 | * @return TRUE to remain registered, FALSE to unregister | |
| 98 | */ | |
| b12c53ce | 99 | bool (*migrate)(kernel_listener_t *this, uint32_t reqid, |
| bd50254c TB |
100 | traffic_selector_t *src_ts, traffic_selector_t *dst_ts, |
| 101 | policy_dir_t direction, host_t *local, host_t *remote); | |
| 102 | ||
| 103 | /** | |
| f3bb1bd0 | 104 | * Hook called if changes in the networking layer occurred (interfaces |
| bd50254c TB |
105 | * up/down, routes added/deleted etc.). |
| 106 | * | |
| 107 | * @param address TRUE if address list, FALSE if routing changed | |
| 108 | * @return TRUE to remain registered, FALSE to unregister | |
| 109 | */ | |
| 110 | bool (*roam)(kernel_listener_t *this, bool address); | |
| 4868d1c3 TB |
111 | |
| 112 | /** | |
| 113 | * Hook called after a TUN device was created for a virtual IP address, or | |
| 114 | * before such a device gets destroyed. | |
| 115 | * | |
| 116 | * @param tun TUN device | |
| 117 | * @param created TRUE if created, FALSE if going to be destroyed | |
| 118 | */ | |
| 119 | bool (*tun)(kernel_listener_t *this, tun_device_t *tun, bool created); | |
| bd50254c TB |
120 | }; |
| 121 | ||
| 122 | #endif /** KERNEL_LISTENER_H_ @}*/ |