Annotation of embedaddon/strongswan/src/libcharon/sa/redirect_manager.h, revision 1.1.1.1
1.1 misho 1: /*
2: * Copyright (C) 2015 Tobias Brunner
3: * HSR Hochschule fuer Technik Rapperswil
4: *
5: * This program is free software; you can redistribute it and/or modify it
6: * under the terms of the GNU General Public License as published by the
7: * Free Software Foundation; either version 2 of the License, or (at your
8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9: *
10: * This program is distributed in the hope that it will be useful, but
11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13: * for more details.
14: */
15:
16: /**
17: * @defgroup redirect_manager redirect_manager
18: * @{ @ingroup sa
19: */
20:
21: #ifndef REDIRECT_MANAGER_H_
22: #define REDIRECT_MANAGER_H_
23:
24: typedef struct redirect_manager_t redirect_manager_t;
25:
26: #include <sa/redirect_provider.h>
27:
28: /**
29: * Manages redirect providers.
30: */
31: struct redirect_manager_t {
32:
33: /**
34: * Add a redirect provider.
35: *
36: * All registered providers are queried until one of them decides to
37: * redirect a client.
38: *
39: * A provider may be called concurrently for different IKE_SAs.
40: *
41: * @param provider provider to register
42: */
43: void (*add_provider)(redirect_manager_t *this,
44: redirect_provider_t *provider);
45:
46: /**
47: * Remove a redirect provider.
48: *
49: * @param provider provider to unregister
50: */
51: void (*remove_provider)(redirect_manager_t *this,
52: redirect_provider_t *provider);
53:
54: /**
55: * Determine whether a client should be redirected upon receipt of the
56: * IKE_SA_INIT message.
57: *
58: * @param ike_sa IKE_SA for which this is called
59: * @param gateway[out] new IKE gateway (IP or FQDN)
60: * @return TRUE if client should be redirected, FALSE otherwise
61: */
62: bool (*redirect_on_init)(redirect_manager_t *this, ike_sa_t *ike_sa,
63: identification_t **gateway);
64:
65: /**
66: * Determine whether a client should be redirected after the IKE_AUTH has
67: * been handled. Should be called after the client is authenticated and
68: * when the server authenticates itself.
69: *
70: * @param ike_sa IKE_SA for which this is called
71: * @param gateway[out] new IKE gateway (IP or FQDN)
72: * @return TRUE if client should be redirected, FALSE otherwise
73: */
74: bool (*redirect_on_auth)(redirect_manager_t *this, ike_sa_t *ike_sa,
75: identification_t **gateway);
76:
77: /**
78: * Destroy this instance.
79: */
80: void (*destroy)(redirect_manager_t *this);
81: };
82:
83: /**
84: * Create a redirect manager instance.
85: *
86: * @return manager instance
87: */
88: redirect_manager_t *redirect_manager_create();
89:
90: /**
91: * Create notification data of a REDIRECT or REDIRECT_FROM payload using the
92: * given gateway identity and optional nonce (only used during IKE_SA_INIT).
93: *
94: * @param gw gateway identity (IP or FQDN), gets cloned
95: * @param nonce nonce value, or chunk_empty, gets cloned
96: * @return notify data, chunk_empty if ID type is not supported
97: */
98: chunk_t redirect_data_create(identification_t *gw, chunk_t nonce);
99:
100: /**
101: * Parse notification data of a REDIRECT or REDIRECTED_FROM notify payload.
102: *
103: * @param data notification data to parse
104: * @param[out] nonce nonce data (allocated), if any was provided
105: * @return gateway identity, NULL if data is invalid
106: */
107: identification_t *redirect_data_parse(chunk_t data, chunk_t *nonce);
108:
109: #endif /** REDIRECT_MANAGER_H_ @}*/
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>