openikev2::IpsecControllerImpl

openikev2::IpsecControllerImpl Class Reference

This abstract class represents a IPsec controller concrete implementation. More...

#include <ipseccontrollerimpl.h>

Inheritance diagram for openikev2::IpsecControllerImpl:

Inheritance graph
[legend]
List of all members.

Public Member Functions

virtual void initialize ()=0
 Initializes the IPsec Controller.
virtual bool narrowPayloadTS (const Payload_TSi &received_payload_ts_i, const Payload_TSr &received_payload_ts_r, IkeSaController &ike_sa_controller, ChildSa &child_sa)=0
 Determines if received TS Payloads are acceptable, making narrowing if needed (executed in the responder).
virtual bool checkNarrowPayloadTS (const Payload_TSi &received_payload_ts_i, const Payload_TSr &received_payload_ts_r, ChildSa &child_sa)=0
 Checks if responder narrowing is valid (executed in the initiator).
virtual uint32_t getSpi (const IpAddress &src, const IpAddress &dst, Enums::PROTOCOL_ID protocol)=0
 Request an SPI value.
virtual void createIpsecSa (const IpAddress &src, const IpAddress &dst, const ChildSa &childsa)=0
 Creates an IPSEC SA.
virtual uint32_t deleteIpsecSa (const IpAddress &src, const IpAddress &dst, Enums::PROTOCOL_ID protocol, uint32_t spi)=0
 Deletes an IPSEC SA.
virtual void createIpsecPolicy (vector< TrafficSelector * > src_sel, vector< TrafficSelector * > dst_sel, Enums::DIRECTION direction, uint32_t priority, Enums::PROTOCOL_ID ipsec_protocol, Enums::IPSEC_MODE mode, const IpAddress *src_tunnel, const IpAddress *dst_tunnel)=0
 Creates an IPSEC policy indicating all its parameters.
virtual void deleteIpsecPolicy (vector< TrafficSelector * > src_sel, vector< TrafficSelector * > dst_sel, Enums::DIRECTION direction)=0
 Deletes an IPSEC policy.
virtual void flushIpsecPolicies ()=0
 Deletes all the IPsec policies.
virtual void flushIpsecSas ()=0
 Deletes all the IPSEC SAs.
void processExpire (const IpAddress &src, const IpAddress &dst, uint32_t rekeyed_spi, bool hard)
 Process an EXPIRE event from IPSEC system.
virtual void updateIpsecAddresses (const IpAddress &old_address, const IpAddress &new_address)=0
 Updates all the IPsec SA and policies with the specified new address.
virtual void run ()
 Main execution method of the thread.

Public Attributes

string name
 Name of the IpsecController implementation.

Detailed Description

This abstract class represents a IPsec controller concrete implementation.

Author:
Alejandro Perez Mendez, Pedro J. Fernandez Ruiz <alejandro_perez@dif.um.es, pedroj.fernandez@dif.um.es>

Member Function Documentation

virtual bool openikev2::IpsecControllerImpl::narrowPayloadTS ( const Payload_TSi received_payload_ts_i,
const Payload_TSr received_payload_ts_r,
IkeSaController ike_sa_controller,
ChildSa child_sa 
) [pure virtual]

Determines if received TS Payloads are acceptable, making narrowing if needed (executed in the responder).

Parameters:
received_payload_ts_i Received PAYLOAD_TSi
received_payload_ts_r Reveived PAYLOAD_TSr
ike_sa_controller IKE_SA controller
child_sa ChildSa object to be updated
Returns:
TRUE if narrowing has been possible. FALSE otherwise.

virtual bool openikev2::IpsecControllerImpl::checkNarrowPayloadTS ( const Payload_TSi received_payload_ts_i,
const Payload_TSr received_payload_ts_r,
ChildSa child_sa 
) [pure virtual]

Checks if responder narrowing is valid (executed in the initiator).

Parameters:
received_payload_ts_i Received PAYLOAD_TSi
received_payload_ts_r Received PAYLOLAD_TSr
child_sa ChildSa beign created
Returns:
TRUE if responder narrowing is valid. FALSE otherwise.

virtual uint32_t openikev2::IpsecControllerImpl::getSpi ( const IpAddress src,
const IpAddress dst,
Enums::PROTOCOL_ID  protocol 
) [pure virtual]

Request an SPI value.

Parameters:
src Source address of the CHILD SA
dst Destination address of the CHILD SA
protocol Protocol of the CHILD SA
Returns:
The SPI value

virtual void openikev2::IpsecControllerImpl::createIpsecSa ( const IpAddress src,
const IpAddress dst,
const ChildSa childsa 
) [pure virtual]

Creates an IPSEC SA.

Parameters:
src Source address of the IPSEC SA
dst Destionation address of the IPSEC SA
childsa ChildSa object with the values of the IPSEC SA

virtual uint32_t openikev2::IpsecControllerImpl::deleteIpsecSa ( const IpAddress src,
const IpAddress dst,
Enums::PROTOCOL_ID  protocol,
uint32_t  spi 
) [pure virtual]

Deletes an IPSEC SA.

Parameters:
src Source address of the IPSEC SA
dst Destionation address of the IPSEC SA
protocol IPsec protocol of the IPSEC SA
spi SPI value of the IPSEC SA
Returns:
The SPI value of the updated IPSEC SA. 0 if an error was found

virtual void openikev2::IpsecControllerImpl::createIpsecPolicy ( vector< TrafficSelector * >  src_sel,
vector< TrafficSelector * >  dst_sel,
Enums::DIRECTION  direction,
uint32_t  priority,
Enums::PROTOCOL_ID  ipsec_protocol,
Enums::IPSEC_MODE  mode,
const IpAddress src_tunnel,
const IpAddress dst_tunnel 
) [pure virtual]

Creates an IPSEC policy indicating all its parameters.

Parameters:
src_sel Source selector collection
dst_sel Destination selector collection
direction Direction of the policy
priority Policy priority. This value is dependet of the concrete implementation.
ipsec_protocol IPsec protocol
mode IPsec mode
src_tunnel Source tunnel address
dst_tunnel Destination tunnel address

virtual void openikev2::IpsecControllerImpl::deleteIpsecPolicy ( vector< TrafficSelector * >  src_sel,
vector< TrafficSelector * >  dst_sel,
Enums::DIRECTION  direction 
) [pure virtual]

Deletes an IPSEC policy.

Parameters:
src_sel Source selector
dst_sel Destination selector
direction Direction of the policy

void openikev2::IpsecControllerImpl::processExpire ( const IpAddress src,
const IpAddress dst,
uint32_t  rekeyed_spi,
bool  hard 
)

Process an EXPIRE event from IPSEC system.

Parameters:
src Source IP address in the EXPIRE
dst Destination IP address in the EXPIRE
rekeyed_spi 
hard 

virtual void openikev2::IpsecControllerImpl::updateIpsecAddresses ( const IpAddress old_address,
const IpAddress new_address 
) [pure virtual]

Updates all the IPsec SA and policies with the specified new address.

Parameters:
old_address Address to be updated
new_address New address

void openikev2::IpsecControllerImpl::run (  )  [virtual]

Main execution method of the thread.

This method is executed allways when executeRunnable() is called. Each concrete Thread musts implement this method

Implements openikev2::Runnable.

Generated on Fri Jul 27 11:04:51 2007 for libopenikev2 by  doxygen 1.5.1