diff options
Diffstat (limited to 'Source/charon/config/init_config.h')
| -rw-r--r-- | Source/charon/config/init_config.h | 120 |
1 files changed, 40 insertions, 80 deletions
diff --git a/Source/charon/config/init_config.h b/Source/charon/config/init_config.h index 14ffeeee8..f63df61cf 100644 --- a/Source/charon/config/init_config.h +++ b/Source/charon/config/init_config.h @@ -25,60 +25,14 @@ #include <types.h> #include <network/host.h> -#include <utils/iterator.h> +#include <utils/linked_list.h> +#include <config/proposal.h> #include <transforms/crypters/crypter.h> #include <transforms/prfs/prf.h> #include <transforms/signers/signer.h> #include <transforms/diffie_hellman.h> -typedef struct ike_proposal_t ike_proposal_t; - -/** - * @brief Represents a Proposal used in IKE_SA_INIT phase. - * - * @todo Currently the amount of tranforms with same type in a IKE proposal is limited to 1. - * Support of more transforms with same type has to be added. - * - * @ingroup config - */ -struct ike_proposal_t { - /** - * Encryption algorithm. - */ - encryption_algorithm_t encryption_algorithm; - - /** - * Key length of encryption algorithm in bytes. - */ - u_int16_t encryption_algorithm_key_length; - - /** - * Integrity algorithm. - */ - integrity_algorithm_t integrity_algorithm; - - /** - * Key length of integrity algorithm. - */ - u_int16_t integrity_algorithm_key_length; - - /** - * Pseudo random function (prf). - */ - pseudo_random_function_t pseudo_random_function; - - /** - * Key length of prf. - */ - u_int16_t pseudo_random_function_key_length; - - /** - * Diffie hellman group. - */ - diffie_hellman_group_t diffie_hellman_group; -}; - typedef struct init_config_t init_config_t; @@ -100,7 +54,7 @@ struct init_config_t { * @param this calling object * @return host information as host_t object */ - host_t * (*get_my_host) (init_config_t *this); + host_t *(*get_my_host) (init_config_t *this); /** * @brief Get other host information as host_t object. @@ -110,7 +64,7 @@ struct init_config_t { * @param this calling object * @return host information as host_t object */ - host_t * (*get_other_host) (init_config_t *this); + host_t *(*get_other_host) (init_config_t *this); /** * @brief Get my host information as host_t object. @@ -120,7 +74,7 @@ struct init_config_t { * @param this calling object * @return host information as host_t object */ - host_t * (*get_my_host_clone) (init_config_t *this); + host_t *(*get_my_host_clone) (init_config_t *this); /** * @brief Get other host information as host_t object. @@ -130,54 +84,60 @@ struct init_config_t { * @param this calling object * @return host information as host_t object */ - host_t * (*get_other_host_clone) (init_config_t *this); + host_t *(*get_other_host_clone) (init_config_t *this); /** - * @brief Get the diffie hellman group to use as initiator with given priority. + * @brief Returns a list of all supported proposals. * - * @param this calling object - * @param priority priority of dh group number (starting at 1) - * @return diffie hellman group number for given priority or - * MODP_UNDEFINED for not supported priorities - */ - diffie_hellman_group_t (*get_dh_group_number) (init_config_t *this,size_t priority); - - /** - * @brief Returns a list of all supported ike_proposals of type ike_proposal_t *. - * - * Returned array of ike_proposal_t has to get destroyed by the caller. + * Returned list is still owned by init_config and MUST NOT + * modified or destroyed. * * @param this calling object - * @param proposals first proposal in a array - * @return number of proposals in array + * @return list containing all the proposals */ - size_t (*get_proposals) (init_config_t *this,ike_proposal_t **proposals); + linked_list_t *(*get_proposals) (init_config_t *this); /** - * @brief Adds a proposal with given priority to the current stored proposals. + * @brief Adds a proposal to the list.. * - * If allready a proposal with given priority is stored the other one is - * moved one priority back. If priority is higher then all other stored - * proposals, it is inserted as last one. + * The first added proposal has the highest priority, the last + * added the lowest. * * @param this calling object * @param priority priority of adding proposal * @param proposal proposal to add */ - void (*add_proposal) (init_config_t *this,size_t priority, ike_proposal_t proposal); + void (*add_proposal) (init_config_t *this, proposal_t *proposal); /** * @brief Select a proposed from suggested proposals. * + * Returned proposal must be destroyed after usage. + * + * @param this calling object + * @param proposals list of proposals to select from + * @return selected proposal, or NULL if none matches. + */ + proposal_t *(*select_proposal) (init_config_t *this, linked_list_t *proposals); + + /** + * @brief Get the DH group to use for connection initialization. + * + * @param this calling object + * @return dh group to use for initialization + */ + diffie_hellman_group_t (*get_dh_group) (init_config_t *this); + + /** + * @brief Check if a suggested dh group is acceptable. + * + * If we guess a wrong DH group for IKE_SA_INIT, the other + * peer will send us a offer. But is this acceptable for us? + * * @param this calling object - * @param suggested_proposals first proposal in a array - * @param proposal_count number of suggested proposals in array - * @param selected_proposal the ike_proposal_t pointing to is set - * @return - * - SUCCESS if a proposal was selected - * - NOT_FOUND if none of suggested proposals is supported + * @return dh group to use for initialization */ - status_t (*select_proposal) (init_config_t *this, ike_proposal_t *proposals, size_t proposal_count, ike_proposal_t *selected_proposal); + bool (*check_dh_group) (init_config_t *this, diffie_hellman_group_t dh_group); /** * @brief Destroys a init_config_t object. @@ -194,6 +154,6 @@ struct init_config_t { * * @ingroup config */ -init_config_t * init_config_create(char * my_ip, char *other_ip, u_int16_t my_port, u_int16_t other_port); +init_config_t * init_config_create(char *my_ip, char *other_ip, u_int16_t my_port, u_int16_t other_port); #endif //_INIT_CONFIG_H_ |