diff options
| author | Martin Willi <martin@revosec.ch> | 2014-11-12 17:22:45 +0100 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2015-02-20 13:34:49 +0100 |
| commit | cc08ce83f06d2158b5306b6f15a2701873fd8c3f (patch) | |
| tree | 980ca44325d87d816a8933486b7a01c7964c9fff /src/libhydra/kernel/kernel_interface.h | |
| parent | 6d4649573ec2d8d89ef1130d63192c672c4b707b (diff) | |
| download | strongswan-cc08ce83f06d2158b5306b6f15a2701873fd8c3f.tar.bz2 strongswan-cc08ce83f06d2158b5306b6f15a2701873fd8c3f.tar.xz | |
kernel-interface: Add reqid allocation and release functions
To reassign reqids where appropriate, we explicitly allocate or confirm them
centrally on the kernel-interface.
Currently the state is stored in the kernel-interface wrapper for all
backends, but we may add appropriate methods to each backend to implement
a custom reqid allocation logic, if required.
Diffstat (limited to 'src/libhydra/kernel/kernel_interface.h')
| -rw-r--r-- | src/libhydra/kernel/kernel_interface.h | 38 |
1 files changed, 37 insertions, 1 deletions
diff --git a/src/libhydra/kernel/kernel_interface.h b/src/libhydra/kernel/kernel_interface.h index a94c58a64..f25c10830 100644 --- a/src/libhydra/kernel/kernel_interface.h +++ b/src/libhydra/kernel/kernel_interface.h @@ -122,6 +122,42 @@ struct kernel_interface_t { u_int16_t *cpi); /** + * Allocate or confirm a reqid to use for a given SA pair. + * + * Each returned reqid by a successful call to alloc_reqid() must be + * released using release_reqid(). + * + * The reqid parameter is an in/out parameter. If it points to non-zero, + * the reqid is confirmed and registered for use. If it points to zero, + * a reqid is allocated for the given selectors, and returned to reqid. + * + * The passed mark values get updated to the reqid value if they are set + * to the magic value MARK_REQID. + * + * @param local_ts traffic selectors of local side for SA + * @param remote_ts traffic selectors of remote side for SA + * @param mark_in inbound mark on SA + * @param mark_out outbound mark on SA + * @param reqid allocated reqid + * @return SUCCESS if reqid allocated + */ + status_t (*alloc_reqid)(kernel_interface_t *this, + linked_list_t *local_ts, linked_list_t *remote_ts, + mark_t *mark_in, mark_t *mark_out, + u_int32_t *reqid); + + /** + * Release a previously allocated reqid. + * + * @param reqid reqid to release + * @param mark_in inbound mark on SA + * @param mark_out outbound mark on SA + * @return SUCCESS if reqid released + */ + status_t (*release_reqid)(kernel_interface_t *this, u_int32_t reqid, + mark_t mark_in, mark_t mark_out); + + /** * Add an SA to the SAD. * * This function does install a single SA for a single protocol in one @@ -131,7 +167,7 @@ struct kernel_interface_t { * @param dst destination address for this SA * @param spi SPI allocated by us or remote peer * @param protocol protocol for this SA (ESP/AH) - * @param reqid unique ID for this SA + * @param reqid reqid for this SA * @param mark optional mark for this SA * @param tfc Traffic Flow Confidentiality padding for this SA * @param lifetime lifetime_cfg_t for this SA |