blob: 2740006e235866922de4e88a61c4d3d08141381c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
|
/*
* Copyright (C) 2008-2015 Tobias Brunner
* Copyright (C) 2008 Martin Willi
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
/**
* @defgroup stroke_ca stroke_ca
* @{ @ingroup stroke
*/
#ifndef STROKE_CA_H_
#define STROKE_CA_H_
#include <stroke_msg.h>
#include <credentials/sets/mem_cred.h>
typedef struct stroke_ca_t stroke_ca_t;
/**
* ipsec.conf ca section handling.
*/
struct stroke_ca_t {
/**
* Implements credential_set_t
*/
credential_set_t set;
/**
* Add a CA to the set using a stroke_msg_t.
*
* @param msg stroke message containing CA info
*/
void (*add)(stroke_ca_t *this, stroke_msg_t *msg);
/**
* Remove a CA from the set using a stroke_msg_t.
*
* @param msg stroke message containing CA info
*/
void (*del)(stroke_ca_t *this, stroke_msg_t *msg);
/**
* List CA sections to stroke console.
*
* @param msg stroke message
*/
void (*list)(stroke_ca_t *this, stroke_msg_t *msg, FILE *out);
/**
* Check if a certificate can be made available through hash and URL.
*
* @param cert peer certificate
*/
void (*check_for_hash_and_url)(stroke_ca_t *this, certificate_t* cert);
/**
* Get a reference to a CA certificate if it is already stored,
* otherwise returns the same certificate.
*
* @param cert certificate to check
* @return reference to stored CA certifiate, or original
*/
certificate_t *(*get_cert_ref)(stroke_ca_t *this, certificate_t *cert);
/**
* Reload CA certificates referenced in CA sections. Flushes the certificate
* cache.
*/
void (*reload_certs)(stroke_ca_t *this);
/**
* Replace automatically loaded CA certificates. Flushes the certificate
* cache.
*
* @param certs credential set to take certificates from (not modified)
*/
void (*replace_certs)(stroke_ca_t *this, mem_cred_t *certs);
/**
* Destroy a stroke_ca instance.
*/
void (*destroy)(stroke_ca_t *this);
};
/**
* Create a stroke_ca instance.
*/
stroke_ca_t *stroke_ca_create();
#endif /** STROKE_CA_H_ @}*/
|
