diff options
Diffstat (limited to 'src/libstrongswan/utils/identification.h')
| -rw-r--r-- | src/libstrongswan/utils/identification.h | 70 |
1 files changed, 45 insertions, 25 deletions
diff --git a/src/libstrongswan/utils/identification.h b/src/libstrongswan/utils/identification.h index f6b82e97f..5b13d02a0 100644 --- a/src/libstrongswan/utils/identification.h +++ b/src/libstrongswan/utils/identification.h @@ -25,9 +25,10 @@ #ifndef IDENTIFICATION_H_ #define IDENTIFICATION_H_ - #include "types.h" +#define MAX_WILDCARDS 14 + typedef enum id_type_t id_type_t; /** @@ -36,7 +37,7 @@ typedef enum id_type_t id_type_t; * @ingroup utils */ enum id_type_t { - + /** * private type which matches any other id. */ @@ -49,40 +50,58 @@ enum id_type_t { /** * ID data is a fully-qualified domain name string. - * An example of a ID_FQDN is, "example.com". + * An example of a ID_FQDN is "example.com". * The string MUST not contain any terminators (e.g., NULL, CR, etc.). */ ID_FQDN = 2, - + /** - * ID data is a fully-qualified RFC822 email address string, An example of - * a ID_RFC822_ADDR is, "jsmith@example.com". The string MUST - * not contain any terminators. + * ID data is a fully-qualified RFC822 email address string. + * An example of an ID_RFC822_ADDR is "jsmith@example.com". + * The string MUST NOT contain any terminators. */ ID_RFC822_ADDR = 3, - + + /** + * ID data is an IPv4 subnet (IKEv1 only) + */ + ID_IPV4_ADDR_SUBNET = 4, + /** * ID data is a single sixteen (16) octet IPv6 address. */ ID_IPV6_ADDR = 5, - + /** - * ID data is the binary DER encoding of an ASN.1 X.500 Distinguished Name - * [X.501]. - */ + * ID data is an IPv6 subnet (IKEv1 only) + */ + ID_IPV6_ADDR_SUBNET = 6, + + /** + * ID data is an IPv4 address range (IKEv1 only) + */ + ID_IPV4_ADDR_RANGE = 7, + + /** + * ID data is an IPv6 address range (IKEv1 only) + */ + ID_IPV6_ADDR_RANGE = 8, + + /** + * ID data is the binary DER encoding of an ASN.1 X.501 Distinguished Name + */ ID_DER_ASN1_DN = 9, - + /** - * ID data is the binary DER encoding of an ASN.1 X.500 GeneralName - * [X.509]. - */ + * ID data is the binary DER encoding of an ASN.1 X.509 GeneralName + */ ID_DER_ASN1_GN = 10, - + /** * ID data is an opaque octet stream which may be used to pass vendor- - * specific information necessary to do certain proprietary - * types of identification. - */ + * specific information necessary to do certain proprietary + * types of identification. + */ ID_KEY_ID = 11, /** @@ -95,7 +114,7 @@ enum id_type_t { /** * String mappings for id_type_t. */ -extern mapping_t id_type_m[]; +extern enum_names id_type_names; typedef struct identification_t identification_t; @@ -162,7 +181,7 @@ struct identification_t { bool (*equals) (identification_t *this, identification_t *other); /** - * @brief Check if an ID belongs to a wildcard ID. + * @brief Check if an ID matches a wildcard ID. * * An identification_t may contain wildcards, such as * *@strongswan.org. This call checks if a given ID @@ -174,9 +193,10 @@ struct identification_t { * * @param this the ID without wildcard * @param other the ID containing a wildcard - * @return TRUE if other belongs to this + * @param wildcards returns the number of wildcards + * @return TRUE if match is found */ - bool (*belongs_to) (identification_t *this, identification_t *other); + bool (*matches) (identification_t *this, identification_t *other, int *wildcards); /** * @brief Check if an ID is a wildcard ID. @@ -243,7 +263,7 @@ identification_t * identification_create_from_string(char *string); * @return identification_t object * * In contrast to identification_create_from_string(), this constructor never - * returns NULL, even when the conversion to a sring representation fails. + * returns NULL, even when the conversion to a string representation fails. * * @ingroup utils */ |