]> git.ipfire.org Git - thirdparty/strongswan.git/blob - src/libcharon/sa/trap_manager.h
projects / thirdparty / strongswan.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge branch 'tkm-multi-ke'
[thirdparty/strongswan.git] / src / libcharon / sa / trap_manager.h
1 /*
2 * Copyright (C) 2013-2017 Tobias Brunner
3 * Copyright (C) 2009 Martin Willi
4 *
5 * Copyright (C) secunet Security Networks AG
6 *
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2 of the License, or (at your
10 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
11 *
12 * This program is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
15 * for more details.
16 */
17
18 /**
19 * @defgroup trap_manager trap_manager
20 * @{ @ingroup sa
21 */
22
23 #ifndef TRAP_MANAGER_H_
24 #define TRAP_MANAGER_H_
25
26 #include <library.h>
27 #include <collections/enumerator.h>
28 #include <config/peer_cfg.h>
29 #include <sa/child_sa.h>
30
31 typedef struct trap_manager_t trap_manager_t;
32
33 /**
34 * Manage policies to create SAs from traffic.
35 */
36 struct trap_manager_t {
37
38 /**
39 * Install a policy as a trap.
40 *
41 * @param peer peer configuration to initiate on trap
42 * @param child child configuration to install as a trap
43 * @return TRUE if successfully installed
44 */
45 bool (*install)(trap_manager_t *this, peer_cfg_t *peer, child_cfg_t *child);
46
47 /**
48 * Uninstall a trap policy.
49 *
50 * If no peer configuration name is given the first matching child
51 * configuration is uninstalled.
52 *
53 * @param peer peer configuration name or NULL
54 * @param child child configuration name
55 * @return TRUE if uninstalled successfully
56 */
57 bool (*uninstall)(trap_manager_t *this, char *peer, char *child);
58
59 /**
60 * Install and register an externally managed trap policy using the two
61 * lists of local and remote addresses when deriving traffic selectors.
62 *
63 * @param peer peer configuration to register
64 * @param child CHILD_SA to install and register
65 * @param local list of local addresses (virtual or physical)
66 * @param remote list of remote addresses (virtual or physical)
67 * @return TRUE if successfully installed and registered
68 */
69 bool (*install_external)(trap_manager_t *this, peer_cfg_t *peer,
70 child_sa_t *child, linked_list_t *local,
71 linked_list_t *remote);
72
73 /**
74 * Remove and uninstall a previously registered externally managed trap
75 * policy.
76 *
77 * @param child CHILD_SA to remove
78 * @return TRUE if successfully removed
79 */
80 bool (*remove_external)(trap_manager_t *this, child_sa_t *child);
81
82 /**
83 * Create an enumerator over all installed traps (does not include
84 * externally managed trap policies).
85 *
86 * @return enumerator over (peer_cfg_t, child_sa_t)
87 */
88 enumerator_t* (*create_enumerator)(trap_manager_t *this);
89
90 /**
91 * Acquire an SA triggered by an installed trap.
92 *
93 * @param reqid reqid of the triggered policy
94 * @param data data from the acquire
95 */
96 void (*acquire)(trap_manager_t *this, uint32_t reqid,
97 kernel_acquire_data_t *data);
98
99 /**
100 * Clear any installed trap.
101 */
102 void (*flush)(trap_manager_t *this);
103
104 /**
105 * Destroy a trap_manager_t.
106 */
107 void (*destroy)(trap_manager_t *this);
108 };
109
110 /**
111 * Create a trap_manager instance.
112 */
113 trap_manager_t *trap_manager_create();
114
115 #endif /** TRAP_MANAGER_H_ @}*/
Unnamed repository; edit this file 'description' to name the repository.