Annotation of embedaddon/strongswan/src/libcharon/sa/redirect_manager.h, revision 1.1
1.1 ! misho 1: /*
! 2: * Copyright (C) 2015 Tobias Brunner
! 3: * HSR Hochschule fuer Technik Rapperswil
! 4: *
! 5: * This program is free software; you can redistribute it and/or modify it
! 6: * under the terms of the GNU General Public License as published by the
! 7: * Free Software Foundation; either version 2 of the License, or (at your
! 8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
! 9: *
! 10: * This program is distributed in the hope that it will be useful, but
! 11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
! 12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
! 13: * for more details.
! 14: */
! 15:
! 16: /**
! 17: * @defgroup redirect_manager redirect_manager
! 18: * @{ @ingroup sa
! 19: */
! 20:
! 21: #ifndef REDIRECT_MANAGER_H_
! 22: #define REDIRECT_MANAGER_H_
! 23:
! 24: typedef struct redirect_manager_t redirect_manager_t;
! 25:
! 26: #include <sa/redirect_provider.h>
! 27:
! 28: /**
! 29: * Manages redirect providers.
! 30: */
! 31: struct redirect_manager_t {
! 32:
! 33: /**
! 34: * Add a redirect provider.
! 35: *
! 36: * All registered providers are queried until one of them decides to
! 37: * redirect a client.
! 38: *
! 39: * A provider may be called concurrently for different IKE_SAs.
! 40: *
! 41: * @param provider provider to register
! 42: */
! 43: void (*add_provider)(redirect_manager_t *this,
! 44: redirect_provider_t *provider);
! 45:
! 46: /**
! 47: * Remove a redirect provider.
! 48: *
! 49: * @param provider provider to unregister
! 50: */
! 51: void (*remove_provider)(redirect_manager_t *this,
! 52: redirect_provider_t *provider);
! 53:
! 54: /**
! 55: * Determine whether a client should be redirected upon receipt of the
! 56: * IKE_SA_INIT message.
! 57: *
! 58: * @param ike_sa IKE_SA for which this is called
! 59: * @param gateway[out] new IKE gateway (IP or FQDN)
! 60: * @return TRUE if client should be redirected, FALSE otherwise
! 61: */
! 62: bool (*redirect_on_init)(redirect_manager_t *this, ike_sa_t *ike_sa,
! 63: identification_t **gateway);
! 64:
! 65: /**
! 66: * Determine whether a client should be redirected after the IKE_AUTH has
! 67: * been handled. Should be called after the client is authenticated and
! 68: * when the server authenticates itself.
! 69: *
! 70: * @param ike_sa IKE_SA for which this is called
! 71: * @param gateway[out] new IKE gateway (IP or FQDN)
! 72: * @return TRUE if client should be redirected, FALSE otherwise
! 73: */
! 74: bool (*redirect_on_auth)(redirect_manager_t *this, ike_sa_t *ike_sa,
! 75: identification_t **gateway);
! 76:
! 77: /**
! 78: * Destroy this instance.
! 79: */
! 80: void (*destroy)(redirect_manager_t *this);
! 81: };
! 82:
! 83: /**
! 84: * Create a redirect manager instance.
! 85: *
! 86: * @return manager instance
! 87: */
! 88: redirect_manager_t *redirect_manager_create();
! 89:
! 90: /**
! 91: * Create notification data of a REDIRECT or REDIRECT_FROM payload using the
! 92: * given gateway identity and optional nonce (only used during IKE_SA_INIT).
! 93: *
! 94: * @param gw gateway identity (IP or FQDN), gets cloned
! 95: * @param nonce nonce value, or chunk_empty, gets cloned
! 96: * @return notify data, chunk_empty if ID type is not supported
! 97: */
! 98: chunk_t redirect_data_create(identification_t *gw, chunk_t nonce);
! 99:
! 100: /**
! 101: * Parse notification data of a REDIRECT or REDIRECTED_FROM notify payload.
! 102: *
! 103: * @param data notification data to parse
! 104: * @param[out] nonce nonce data (allocated), if any was provided
! 105: * @return gateway identity, NULL if data is invalid
! 106: */
! 107: identification_t *redirect_data_parse(chunk_t data, chunk_t *nonce);
! 108:
! 109: #endif /** REDIRECT_MANAGER_H_ @}*/
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>