libopenikev2: ipseccontroller.h Source File

00001 /***************************************************************************
00002 *   Copyright (C) 2005 by                                                 *
00003 *   Pedro J. Fernandez Ruiz    pedroj.fernandez@dif.um.es                 *
00004 *   Alejandro Perez Mendez     alejandro_perez@dif.um.es                  *
00005 *                                                                         *
00006 *   This library is free software; you can redistribute it and/or         *
00007 *   modify it under the terms of the GNU Lesser General Public            *
00008 *   License as published by the Free Software Foundation; either          *
00009 *   version 2.1 of the License, or (at your option) any later version.    *
00010 *                                                                         *
00011 *   This library is distributed in the hope that it will be useful,       *
00012 *   but WITHOUT ANY WARRANTY; without even the implied warranty of        *
00013 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU     *
00014 *   Lesser General Public License for more details.                       *
00015 *                                                                         *
00016 *   You should have received a copy of the GNU Lesser General Public      *
00017 *   License along with this library; if not, write to the Free Software   *
00018 *   Foundation, Inc., 51 Franklin St, Fifth Floor,                        *
00019 *   Boston, MA  02110-1301  USA                                           *
00020 ***************************************************************************/
00021 #ifndef IPSECCONTROLLER_H
00022 #define IPSECCONTROLLER_H
00023 
00024 #include "runnable.h"
00025 #include "printable.h"
00026 #include "ipaddress.h"
00027 #include "payload_tsi.h"
00028 #include "payload_tsr.h"
00029 #include "payload_sa.h"
00030 #include "enums.h"
00031 #include "ipseccontrollerimpl.h"
00032 
00033 namespace openikev2 {
00034 
00040     class IpsecController {
00041 
00042             /****************************** ATTRIBUTES ******************************/
00043         protected:
00044             static auto_ptr<IpsecControllerImpl> implementation;       
00046             /****************************** METHODS ******************************/
00047         public:
00051             static void startThread();
00052 
00057             static void setImplementation( auto_ptr<IpsecControllerImpl> implementation );
00058 
00067             static bool narrowPayloadTS( const Payload_TSi& received_payload_ts_i, const Payload_TSr& received_payload_ts_r, IkeSaController& ike_sa_controller, ChildSa& child_sa );
00068 
00076             static bool checkNarrowPayloadTS( const Payload_TSi& received_payload_ts_i , const Payload_TSr& received_payload_ts_r, ChildSa& child_sa );
00077 
00085             static uint32_t getSpi( const IpAddress& src, const IpAddress& dst, Enums::PROTOCOL_ID ipsec_protocol );
00086 
00093             static void createIpsecSa( const IpAddress& src, const IpAddress& dst, const ChildSa& childsa );
00094 
00103             static uint32_t deleteIpsecSa( const IpAddress& src, const IpAddress& dst, Enums::PROTOCOL_ID ipsec_protocol, uint32_t spi );
00104 
00116             static void createIpsecPolicy( vector< TrafficSelector*> src_sel, vector< TrafficSelector*> dst_sel, Enums::DIRECTION direction = Enums::DIR_ALL, uint32_t priority = 1000, Enums::PROTOCOL_ID ipsec_protocol = Enums::PROTO_NONE, Enums::IPSEC_MODE mode = Enums::TRANSPORT_MODE, const IpAddress* src_tunnel = NULL, const IpAddress* dst_tunnel = NULL );
00117 
00129             static void createIpsecPolicy( const TrafficSelector& src_sel, const TrafficSelector& dst_sel, Enums::DIRECTION direction = Enums::DIR_ALL, uint32_t priority = 1000, Enums::PROTOCOL_ID ipsec_protocol = Enums::PROTO_NONE, Enums::IPSEC_MODE mode = Enums::TRANSPORT_MODE, const IpAddress* src_tunnel = NULL, const IpAddress* dst_tunnel = NULL );
00130 
00137             static void deleteIpsecPolicy( vector< TrafficSelector*> src_sel, vector< TrafficSelector*> dst_sel, Enums::DIRECTION direction );
00138 
00144             static void updateIpsecAddresses ( const IpAddress& old_address, const IpAddress& new_address);
00145             
00149             static void flushIpsecPolicies();
00150 
00154             static void flushIpsecSas();
00155     };
00156     //*******************************************************************
00157 }
00158 #endif