diff options
| author | Martin Willi <martin@strongswan.org> | 2006-05-31 14:23:15 +0000 |
|---|---|---|
| committer | Martin Willi <martin@strongswan.org> | 2006-05-31 14:23:15 +0000 |
| commit | 32b6500fbfe063f3efb5589facd027f4c6cf08ed (patch) | |
| tree | c434114b344ff3a134ebf245a6865ff2794da590 /src/charon/threads/kernel_interface.h | |
| parent | 6f2aba1322ce0061c56b9faeb979c236da926c3f (diff) | |
| download | strongswan-32b6500fbfe063f3efb5589facd027f4c6cf08ed.tar.bz2 strongswan-32b6500fbfe063f3efb5589facd027f4c6cf08ed.tar.xz | |
job management:
moved job code from thread_pool to job, jobs have an "execute" method now
added two new jobs: delete_child_sa & rekey_child_sa
kernel interface:
listens now for ACQUIRE & EXPIRE
supports hard and soft lifetimes
fires jobs for delete and rekey child sa
ike sa manager:
can checkout IKE SAs by requid of owned CHILD SAs
we have now the infrastructure to do the rekeying... :-)
Diffstat (limited to 'src/charon/threads/kernel_interface.h')
| -rw-r--r-- | src/charon/threads/kernel_interface.h | 32 |
1 files changed, 18 insertions, 14 deletions
diff --git a/src/charon/threads/kernel_interface.h b/src/charon/threads/kernel_interface.h index b3ca13faa..6c9a181ed 100644 --- a/src/charon/threads/kernel_interface.h +++ b/src/charon/threads/kernel_interface.h @@ -68,30 +68,34 @@ struct kernel_interface_t { * * add_sa() may update an already allocated * SPI (via get_spi). In this case, the replace - * flag must be set. + * flag must be set. * This function does install a single SA for a * single protocol in one direction. * - * @param this calling object - * @param src source address for this SA - * @param dst destination address for this SA - * @param spi SPI allocated by us or remote peer - * @param protocol protocol for this SA (ESP/AH) - * @param reqid unique ID for this SA - * @param enc_alg Algorithm to use for encryption (ESP only) - * @param enc_key Key to use for encryption - * @param int_alg Algorithm to use for integrity protection - * @param int_key Key for integrity protection - * @param replace Should an already installed SA be updated? + * @param this calling object + * @param src source address for this SA + * @param dst destination address for this SA + * @param spi SPI allocated by us or remote peer + * @param protocol protocol for this SA (ESP/AH) + * @param reqid unique ID for this SA + * @param expire_soft lifetime in seconds before rekeying + * @param expire_hard lieftime in seconds before delete + * @param enc_alg Algorithm to use for encryption (ESP only) + * @param enc_key Key to use for encryption + * @param int_alg Algorithm to use for integrity protection + * @param int_key Key for integrity protection + * @param replace Should an already installed SA be updated? * @return - * - SUCCESS - * - FAILED if kernel comm failed + * - SUCCESS + * - FAILED if kernel comm failed */ status_t (*add_sa)(kernel_interface_t *this, host_t *src, host_t *dst, u_int32_t spi, protocol_id_t protocol, u_int32_t reqid, + u_int64_t expire_soft, + u_int64_t expire_hard, encryption_algorithm_t enc_alg, chunk_t enc_key, integrity_algorithm_t int_alg, |