From 914479370ed23aa420a15ef3f19c2c39dce3b133 Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Fri, 13 Jul 2012 13:21:45 +0200 Subject: Added IPsec SA manager --- src/libipsec/ipsec.h | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'src/libipsec/ipsec.h') diff --git a/src/libipsec/ipsec.h b/src/libipsec/ipsec.h index 80bef5426..e4055a8bd 100644 --- a/src/libipsec/ipsec.h +++ b/src/libipsec/ipsec.h @@ -1,4 +1,6 @@ /* + * Copyright (C) 2012 Giuliano Grassi + * Copyright (C) 2012 Ralf Sager * Copyright (C) 2012 Tobias Brunner * Hochschule fuer Technik Rapperswil * @@ -23,15 +25,22 @@ #ifndef IPSEC_H_ #define IPSEC_H_ -typedef struct ipsec_t ipsec_t; +#include "ipsec_sa_mgr.h" #include +typedef struct ipsec_t ipsec_t; + /** * User space IPsec implementation. */ struct ipsec_t { + /** + * IPsec SA manager instance + */ + ipsec_sa_mgr_t *sas; + }; /** -- cgit v1.2.3 From b50f56f326d1e58d13f4287280799236fd239a05 Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Fri, 13 Jul 2012 13:32:27 +0200 Subject: Added class to relay IPsec events (like expiration) to listeners Currently, only expiration of IPsec SAs is supported. Later other events for e.g. acquires or changed NAT endpoints could be added. --- src/libipsec/ipsec.h | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'src/libipsec/ipsec.h') diff --git a/src/libipsec/ipsec.h b/src/libipsec/ipsec.h index e4055a8bd..304738170 100644 --- a/src/libipsec/ipsec.h +++ b/src/libipsec/ipsec.h @@ -26,6 +26,7 @@ #define IPSEC_H_ #include "ipsec_sa_mgr.h" +#include "ipsec_event_relay.h" #include @@ -41,6 +42,11 @@ struct ipsec_t { */ ipsec_sa_mgr_t *sas; + /** + * Event relay instance + */ + ipsec_event_relay_t *events; + }; /** -- cgit v1.2.3 From 7000cf11b1b4e3b2c504951812b48396258e55e2 Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Fri, 13 Jul 2012 14:27:41 +0200 Subject: IPsec policy manager added This version only provides the very simplest management functions. --- src/libipsec/ipsec.h | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'src/libipsec/ipsec.h') diff --git a/src/libipsec/ipsec.h b/src/libipsec/ipsec.h index 304738170..e8e828d25 100644 --- a/src/libipsec/ipsec.h +++ b/src/libipsec/ipsec.h @@ -26,6 +26,7 @@ #define IPSEC_H_ #include "ipsec_sa_mgr.h" +#include "ipsec_policy_mgr.h" #include "ipsec_event_relay.h" #include @@ -42,6 +43,11 @@ struct ipsec_t { */ ipsec_sa_mgr_t *sas; + /** + * IPsec policy manager instance + */ + ipsec_policy_mgr_t *policies; + /** * Event relay instance */ -- cgit v1.2.3 From a113d7f29bd2c4c9f378e3644f9309f44e0a08e8 Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Fri, 13 Jul 2012 15:34:51 +0200 Subject: Added IPsec processor which is responsible for handling in- and outbound packets Two callbacks can be registered that get called when new inbound plaintext and outbound ESP packets have been processed. Inbound ESP and outbound plaintext packets can be queued for processing with two other methods. --- src/libipsec/ipsec.h | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'src/libipsec/ipsec.h') diff --git a/src/libipsec/ipsec.h b/src/libipsec/ipsec.h index e8e828d25..7ee49432a 100644 --- a/src/libipsec/ipsec.h +++ b/src/libipsec/ipsec.h @@ -28,6 +28,7 @@ #include "ipsec_sa_mgr.h" #include "ipsec_policy_mgr.h" #include "ipsec_event_relay.h" +#include "ipsec_processor.h" #include @@ -53,6 +54,11 @@ struct ipsec_t { */ ipsec_event_relay_t *events; + /** + * IPsec processor instance + */ + ipsec_processor_t *processor; + }; /** -- cgit v1.2.3