tfPolicyAddWithUserData

Jump to: navigation, search

Table of Contents >> IPsec/IKE Programmer's Reference >> IPsec/IKE Function Reference


#include <trsocket.h>


ttPolicyEntryPtr tfPolicyAddWithUserData (
ttIpsecSelectorPtr selectorPtr,
ttPolicyContentPtr contentPtr,
ttUser8Bit direction,
ttUser16Bit ikePolicy,
ttUser16Bit priority,
ttUser16Bit manual,
int * errorPtr
ttUserVoidPtr userDataPtr,
ttUser32Bit userDataLen)
The highlighted parameters are conditional.
See the Parameters section for more details.


Warning Warning: To enable this feature, you must define TM_IPSEC_POLICY_USER_DATA in <trsystem.h>.


Function Description

This function adds an IPsec Policy that carries additional user-defined Opaque Data. The Opaque Data is never modified. The kernel makes a copy of this information and keeps the reference with the IPsec Policy throughout its lifetime. When integrating the kernel with external systems, this provides a way to extend the IPsec Policy definition to carry higher-level configuration information specific to the target environment's needs. Note that this is similar to tfPolicyAdd()but it includes two new parameters: userDataPtr and userDataLen.


Usage

tfPolicyAddWithUserData() calls tfPolicyAdd() to add an IPsec Policy to the database. The kernel makes a copy of the user-allocated data. At the completion of the call, the caller can free the allocated as required. If the call succeeds, the kernel will have a copy of the information which is stored in two new data members of the ttPolicyEntry (kernel) structure:

plcyUserDataPtr: This is a kernel copy of the userDataPtr content.
plcyUserDataLen: This is the length of plcyUserDataPtr.



Parameters

  • selectorPtr
    A pointer to a ttIpsecSelector structure that specifies the selector to use for this policy. Notice that selectorPtr is of type ttIpsecSelectorPtr, not of type ttIpsecSelectorInString pointer.
  • contentPtr
    A pointer to a ttPolicyContent structure that specifies the content of this policy. Notice that contentPtr is of type ttPolicyContentPtr, not of type ttPolicyContentInString pointer.
  • direction
    Specifies which direction this policy applies to. Valid value could be TM_IPSEC_INBOUND, TM_IPSEC_OUTBOUND, or TM_IPSEC_BOTH_DIRECTION.
  • ikePolicy
    The IKE policy specified by its unique priority. NOTE: This parameter is conditional and only present when TM_USE_IKE_POLICIES is defined at compile time.
  • priority
    IPsec policy priority.NOTE: This parameter is conditional and only present when TM_USE_PRIORITIES is defined at compile time.
  • manual
    Specify whether the policy is a manual policy (TM_8BIT_YES) or automatic policy (TM_8BIT_NO). Automatic policies use IKE. NOTE: This parameter is conditional and only present when TM_USE_MULTIPLE_PROPOSALS is defined at compile time.
  • errorPtr
    A pointer to an integer to store the error code in.
  • userDataPtr
    This is a pointer to user-allocated data that is carried with the IPsec Policy.
  • userDataLen
    This is the length of userDataPtr.


Returns

  • Valid ttPolicyEntryPtr
    Success.
  • NULL
    Error code is stored in *errorPtr.


Table of Contents >> IPsec/IKE Programmer's Reference >> IPsec/IKE Function Reference