How to use this module:

-- Hoogle documentation, generated by Haddock
-- See Hoogle, http://www.haskell.org/hoogle/


-- | Interface library for strongSwan SQL backend
--   
--   Interface library and companion CLI tool to configure strongSwan IPsec
--   over MySQL backend
@package strongswan-sql
@version 1.2.2.0


-- | This library allows for the manipulation of strongSwan connection
--   configuration stored in a MySQL database in a manner that is
--   compatible with the strongSwan SQL plugin for charon.
--   
--   <h1>How to use this module:</h1>
--   
--   The strongSwan IPsec package offers the means to store connection
--   configuration in a SQL database. This module offers some facilities to
--   manipulate these config elements from Haskell code in a simplified
--   abstracted way. This library offers two approaches to manipulating
--   strongswan configuration in an SQL database as expected by the SQL
--   plugin. See <i>Managed</i> vs <i>Manual</i> API below.
module StrongSwan.SQL

-- | Initialize an SQL context. Use the <a>Default</a> instance of
--   <a>Settings</a> and fine tune parameters as needed. For example:
--   
--   <pre>
--   context &lt;- init def { dbName = "acmeDB" }
--   
--   </pre>
mkContext :: (Failable m, MonadIO m) => Settings -> m Context

-- | Pushes an IPsec configuration into the DB specified in the given
--   context. Note that if there are any existing elements in the
--   configuration, they are first released (and their inter relationships
--   in the SQL DB removed), before creating them. As a result the
--   different IDs inside the elements etc will probably change. This is
--   the reason why a <i>new</i> <a>IPSecSettings</a> value is returned as
--   a result of the operation and the value "pushed" to the DB originally
--   should not be used any further.
writeIPSecSettings :: (Failable m, MonadIO m) => IPSecSettings -> Context -> m IPSecSettings

-- | Search for an IPsec connection configuration by its unique name. Take
--   note of the <a>Failable</a> context, which means that unless it is
--   desired that this function throws an asynchronous exception upon not
--   finding a configuration, you probably want to run this inside a
--   monadic transformer such as <a>MaybeT</a> or <tt>ExceptT</tt>
findIPSecSettings :: (Failable m, MonadIO m) => Text -> Context -> m IPSecSettings

-- | Lookup an IPsec connection configuration by its unique name. Returns
--   <tt>Nothing</tt> if the connection is not found. Other errors are
--   reported according to the Failable context the function is called on
--   (<a>MaybeT</a>, <tt>ExceptT</tt>, <a>IO</a>, etc).
lookupIPSecSettings :: (Failable m, MonadIO m) => Text -> Context -> m (Maybe IPSecSettings)

-- | Removes the specified <a>IPSecSettings</a> from the DB, releasing all
--   linked elements. The returned IPSecSettings will contain now
--   "unlinked" elements (i.e. no IDs, etc).
deleteIPSecSettings :: (Failable m, MonadIO m) => IPSecSettings -> Context -> m IPSecSettings

-- | Adds a shared secret to a given identity. If the identity doesn't
--   exist it will get created. If the identity already exists and it
--   already has a secret of the same type, it will be overwritten. This
--   means there can only be one secret of any given type per identity
--   (which makes sense of course from strongswan's perspective).
addSecret :: (Failable m, MonadIO m) => Identity -> SharedSecret -> Context -> m Identity

-- | Removes a secret of the given type (if present) from the specified
--   identity
removeSecret :: (Failable m, MonadIO m) => Identity -> SharedSecretType -> Context -> m ()

-- | Removes an identity and its secrets and related entries altogether
removeIdentity :: (Failable m, MonadIO m) => Identity -> Context -> m ()
writeChild2TSConfig :: (Failable m, MonadIO m) => Child2TSConfig -> Context -> m (Result (Int, Int))
writeChildSAConfig :: (Failable m, MonadIO m) => ChildSAConfig -> Context -> m (Result Int)
writeIdentity :: (Failable m, MonadIO m) => Identity -> Context -> m (Result Int)
writeIKEConfig :: (Failable m, MonadIO m) => IKEConfig -> Context -> m (Result Int)
writePeerConfig :: (Failable m, MonadIO m) => PeerConfig -> Context -> m (Result Int)
writePeer2ChildConfig :: (Failable m, MonadIO m) => Peer2ChildConfig -> Context -> m (Result (Int, Int))
writeSharedSecret :: (Failable m, MonadIO m) => SharedSecret -> Context -> m (Result Int)
writeSSIdentity :: (Failable m, MonadIO m) => SharedSecretIdentity -> Context -> m (Result (Int, Int))
writeTrafficSelector :: (Failable m, MonadIO m) => TrafficSelector -> Context -> m (Result Int)
lookupChild2TSConfig :: (Failable m, MonadIO m) => Int -> Context -> m [Child2TSConfig]
findChildSAConfig :: (Failable m, MonadIO m) => Int -> Context -> m ChildSAConfig
findChildSAConfigByName :: (Failable m, MonadIO m) => Text -> Context -> m [ChildSAConfig]
findIdentity :: (Failable m, MonadIO m) => Int -> Context -> m Identity
findIdentityBySelf :: (Failable m, MonadIO m) => Identity -> Context -> m Identity
findIKEConfig :: (Failable m, MonadIO m) => Int -> Context -> m IKEConfig
findPeerConfig :: (Failable m, MonadIO m) => Int -> Context -> m PeerConfig
findPeerConfigByName :: (Failable m, MonadIO m) => Text -> Context -> m [PeerConfig]
findPeer2ChildConfig :: (Failable m, MonadIO m) => Int -> Int -> Context -> m Peer2ChildConfig
findSharedSecret :: (Failable m, MonadIO m) => Int -> Context -> m SharedSecret
findSSIdentity :: (Failable m, MonadIO m) => Int -> Context -> m [SharedSecretIdentity]
findTrafficSelector :: (Failable m, MonadIO m) => Int -> Context -> m TrafficSelector
lookupChildSAConfig :: (Failable m, MonadIO m) => Int -> Context -> m (Maybe ChildSAConfig)
lookupIdentity :: (Failable m, MonadIO m) => Int -> Context -> m (Maybe Identity)
lookupIdentityBySelf :: (Failable m, MonadIO m) => Identity -> Context -> m (Maybe Identity)
lookupIKEConfig :: (Failable m, MonadIO m) => Int -> Context -> m (Maybe IKEConfig)
lookupPeerConfig :: (Failable m, MonadIO m) => Int -> Context -> m (Maybe PeerConfig)
lookupPeer2ChildConfig :: (Failable m, MonadIO m) => Int -> Int -> Context -> m (Maybe Peer2ChildConfig)
lookupSharedSecret :: (Failable m, MonadIO m) => Int -> Context -> m (Maybe SharedSecret)
lookupTrafficSelector :: (Failable m, MonadIO m) => Int -> Context -> m (Maybe TrafficSelector)
deleteChild2TSConfig :: (Failable m, MonadIO m) => Int -> Context -> m (Result Int)
deleteChildSAConfig :: (Failable m, MonadIO m) => Int -> Context -> m (Result Int)
deleteIdentity :: (Failable m, MonadIO m) => Int -> Context -> m (Result Int)
deleteIKEConfig :: (Failable m, MonadIO m) => Int -> Context -> m (Result Int)
deleteSharedSecret :: (Failable m, MonadIO m) => Int -> Context -> m (Result Int)
deleteSSIdentity :: (Failable m, MonadIO m) => SharedSecretIdentity -> Context -> m (Result (Int, Int))
deletePeer2ChildConfig :: (Failable m, MonadIO m) => Int -> Int -> Context -> m (Result (Int, Int))
deletePeerConfig :: (Failable m, MonadIO m) => Int -> Context -> m (Result Int)
ikeReqCert :: Lens' IKEConfig Bool
ikeRemoteAddress :: Lens' IKEConfig Text
ikeLocalAddress :: Lens' IKEConfig Text
ikeId :: Lens' IKEConfig (Maybe Int)
ikeForceEncap :: Lens' IKEConfig Bool
childSAUpDown :: Lens' ChildSAConfig (Maybe Text)
childSAStartAction :: Lens' ChildSAConfig SAAction
childSAReqID :: Lens' ChildSAConfig Word32
childSARekeyTime :: Lens' ChildSAConfig Word32
childSAName :: Lens' ChildSAConfig Text
childSAMode :: Lens' ChildSAConfig SAMode
childSAMark :: Lens' ChildSAConfig (Maybe Text)
childSALifeTime :: Lens' ChildSAConfig Word32
childSAJitter :: Lens' ChildSAConfig Word32
childSAId :: Lens' ChildSAConfig (Maybe Int)
childSAIPCompression :: Lens' ChildSAConfig Bool
childSAHostAccess :: Lens' ChildSAConfig Bool
childSADPDAction :: Lens' ChildSAConfig SAAction
childSACloseAction :: Lens' ChildSAConfig SAAction
peerCfgVirtual :: Lens' PeerConfig (Maybe Text)
peerCfgUniqueIds :: Lens' PeerConfig Bool
peerCfgRemoteId :: Lens' PeerConfig (Maybe Int)
peerCfgRekeyTime :: Lens' PeerConfig Word32
peerCfgReauthTime :: Lens' PeerConfig Word32
peerCfgPool :: Lens' PeerConfig (Maybe Text)
peerCfgPeerId :: Lens' PeerConfig Int
peerCfgOverTime :: Lens' PeerConfig Word32
peerCfgName :: Lens' PeerConfig Text
peerCfgMobike :: Lens' PeerConfig Bool
peerCfgMediation :: Lens' PeerConfig Bool
peerCfgMediatedBy :: Lens' PeerConfig Int
peerCfgLocalId :: Lens' PeerConfig (Maybe Int)
peerCfgKeyingTries :: Lens' PeerConfig Word8
peerCfgJitter :: Lens' PeerConfig Word32
peerCfgId :: Lens' PeerConfig (Maybe Int)
peerCfgIKEVersion :: Lens' PeerConfig Word8
peerCfgIKEConfigId :: Lens' PeerConfig (Maybe Int)
peerCfgEAPVendor :: Lens' PeerConfig Word16
peerCfgEAPType :: Lens' PeerConfig EAPType
peerCfgDPDDelay :: Lens' PeerConfig Word32
peerCfgCertPolicy :: Lens' PeerConfig CertPolicy
peerCfgAuthMethod :: Lens' PeerConfig AuthMethod
tsType :: Lens' TrafficSelector TrafficSelectorType
tsStartPort :: Lens' TrafficSelector PortNumber
tsStartAddr :: Lens' TrafficSelector IP
tsProtocol :: Lens' TrafficSelector Word16
tsId :: Lens' TrafficSelector (Maybe Int)
tsEndPort :: Lens' TrafficSelector PortNumber
tsEndAddr :: Lens' TrafficSelector IP
ssType :: Lens' SharedSecret SharedSecretType
ssId :: Lens' SharedSecret (Maybe Int)
ssData :: Lens' SharedSecret ByteString
sharedSecretId :: Lens' SharedSecretIdentity Int
identityId :: Lens' SharedSecretIdentity Int
getRemoteTrafficSelector :: Lens' IPSecSettings TrafficSelector
getRemoteIdentity :: Lens' IPSecSettings Identity
getPeerConfig :: Lens' IPSecSettings PeerConfig
getLocalTrafficSelector :: Lens' IPSecSettings TrafficSelector
getLocalIdentity :: Lens' IPSecSettings Identity
getIPSecCfgName :: Lens' IPSecSettings Text
getIKEConfig :: Lens' IPSecSettings IKEConfig
getChildSAConfig :: Lens' IPSecSettings ChildSAConfig
dbHost :: Lens' Settings HostName
dbPort :: Lens' Settings PortNumber
dbName :: Lens' Settings String
dbUser :: Lens' Settings String
dbPassword :: Lens' Settings String
dbCharSet :: Lens' Settings MySQLCharacterEncoding
data AuthMethod
AnyAuth :: AuthMethod
PubKey :: AuthMethod
PSK :: AuthMethod
EAP :: AuthMethod
XAUTH :: AuthMethod
data ChildSAConfig
ChildSAConfig :: Maybe Int -> Text -> Word32 -> Word32 -> Word32 -> Maybe Text -> Bool -> SAMode -> SAAction -> SAAction -> SAAction -> Bool -> Word32 -> Maybe Text -> ChildSAConfig
[_childSAId] :: ChildSAConfig -> Maybe Int
[_childSAName] :: ChildSAConfig -> Text
[_childSALifeTime] :: ChildSAConfig -> Word32
[_childSARekeyTime] :: ChildSAConfig -> Word32
[_childSAJitter] :: ChildSAConfig -> Word32
[_childSAUpDown] :: ChildSAConfig -> Maybe Text
[_childSAHostAccess] :: ChildSAConfig -> Bool
[_childSAMode] :: ChildSAConfig -> SAMode
[_childSAStartAction] :: ChildSAConfig -> SAAction
[_childSADPDAction] :: ChildSAConfig -> SAAction
[_childSACloseAction] :: ChildSAConfig -> SAAction
[_childSAIPCompression] :: ChildSAConfig -> Bool
[_childSAReqID] :: ChildSAConfig -> Word32
[_childSAMark] :: ChildSAConfig -> Maybe Text
data Child2TSConfig
Child2TSConfig :: Int -> Int -> TrafficSelectorKind -> Child2TSConfig
[c2tsChildCfgId] :: Child2TSConfig -> Int
[c2tsTrafficSelectorCfgId] :: Child2TSConfig -> Int
[c2tsTrafficSelectorKind] :: Child2TSConfig -> TrafficSelectorKind
data CertPolicy
AlwaysSend :: CertPolicy
SendIfAsked :: CertPolicy
NeverSend :: CertPolicy
type Context = MVar Context_
data EAPType
EAPUnspecified :: EAPType
EAPMD5 :: EAPType
EAPGTC :: EAPType
EAPTLS :: EAPType
EAPSIM :: EAPType
EAPTTLS :: EAPType
EAPAKA :: EAPType
EAPMSCHAPV2 :: EAPType
EAPTNC :: EAPType
EAPRADIUS :: EAPType
data Error
UnknownCharacterEncoding :: Int -> Error
UnknownSAMode :: Int -> Error
UnknownSAAction :: Int -> Error
UnknownCertPolicy :: Int -> Error
UnknownAuthMethod :: Int -> Error
UnknownEAPType :: Int -> Error
UnknownTrafficSelectorType :: Int -> Error
UnknownTrafficSelectorKind :: Int -> Error
UnknownSharedSecretType :: Int -> Error
InvalidValueForType :: String -> String -> Error
SQLValuesMismatch :: String -> String -> Error
NotFound :: Text -> Error
MultipleResults :: Text -> String -> Error
FailedOperation :: Text -> Error
data Identity
AnyID :: Maybe Int -> Identity
IPv4AddrID :: Maybe Int -> IPv4 -> Identity
NameID :: Maybe Int -> Text -> Identity

-- | RFC 822 Email Address <i>mailbox</i>@<i>domain</i>
EmailID :: Maybe Int -> Text -> Text -> Identity
IPv6AddrID :: Maybe Int -> IPv6 -> Identity
ASN1ID :: Maybe Int -> [ASN1] -> Identity
OpaqueID :: Maybe Int -> ByteString -> Identity
data IKEConfig
IKEConfig :: Maybe Int -> Bool -> Bool -> Text -> Text -> IKEConfig
[_ikeId] :: IKEConfig -> Maybe Int
[_ikeReqCert] :: IKEConfig -> Bool
[_ikeForceEncap] :: IKEConfig -> Bool
[_ikeLocalAddress] :: IKEConfig -> Text
[_ikeRemoteAddress] :: IKEConfig -> Text

-- | The managed IPsec configuration type encompasses a complete set of
--   elements which are pushed and interlinked as necessary by the
--   <i>Managed</i> API (see above). Note that there are lenses available
--   to facilitate accessing all these fields (see
--   <a>StrongSwan.SQL.Lenses</a>)
data IPSecSettings
IPSecSettings :: Text -> IKEConfig -> ChildSAConfig -> PeerConfig -> TrafficSelector -> TrafficSelector -> Identity -> Identity -> IPSecSettings
[_getIPSecCfgName] :: IPSecSettings -> Text
[_getIKEConfig] :: IPSecSettings -> IKEConfig
[_getChildSAConfig] :: IPSecSettings -> ChildSAConfig
[_getPeerConfig] :: IPSecSettings -> PeerConfig
[_getLocalTrafficSelector] :: IPSecSettings -> TrafficSelector
[_getRemoteTrafficSelector] :: IPSecSettings -> TrafficSelector
[_getLocalIdentity] :: IPSecSettings -> Identity
[_getRemoteIdentity] :: IPSecSettings -> Identity
data PeerConfig
PeerConfig :: Maybe Int -> Text -> Word8 -> Maybe Int -> Maybe Int -> Maybe Int -> CertPolicy -> Bool -> AuthMethod -> EAPType -> Word16 -> Word8 -> Word32 -> Word32 -> Word32 -> Word32 -> Bool -> Word32 -> Maybe Text -> Maybe Text -> Bool -> Int -> Int -> PeerConfig
[_peerCfgId] :: PeerConfig -> Maybe Int
[_peerCfgName] :: PeerConfig -> Text
[_peerCfgIKEVersion] :: PeerConfig -> Word8
[_peerCfgIKEConfigId] :: PeerConfig -> Maybe Int
[_peerCfgLocalId] :: PeerConfig -> Maybe Int
[_peerCfgRemoteId] :: PeerConfig -> Maybe Int
[_peerCfgCertPolicy] :: PeerConfig -> CertPolicy
[_peerCfgUniqueIds] :: PeerConfig -> Bool
[_peerCfgAuthMethod] :: PeerConfig -> AuthMethod
[_peerCfgEAPType] :: PeerConfig -> EAPType
[_peerCfgEAPVendor] :: PeerConfig -> Word16
[_peerCfgKeyingTries] :: PeerConfig -> Word8
[_peerCfgRekeyTime] :: PeerConfig -> Word32
[_peerCfgReauthTime] :: PeerConfig -> Word32
[_peerCfgJitter] :: PeerConfig -> Word32
[_peerCfgOverTime] :: PeerConfig -> Word32
[_peerCfgMobike] :: PeerConfig -> Bool
[_peerCfgDPDDelay] :: PeerConfig -> Word32
[_peerCfgVirtual] :: PeerConfig -> Maybe Text
[_peerCfgPool] :: PeerConfig -> Maybe Text
[_peerCfgMediation] :: PeerConfig -> Bool
[_peerCfgMediatedBy] :: PeerConfig -> Int
[_peerCfgPeerId] :: PeerConfig -> Int
data Peer2ChildConfig
Peer2ChildConfig :: Int -> Int -> Peer2ChildConfig
[p2cPeerCfgId] :: Peer2ChildConfig -> Int
[p2cChildCfgId] :: Peer2ChildConfig -> Int
data Result a
Result :: a -> OK -> Result a
[lastModifiedKey] :: Result a -> a
[response] :: Result a -> OK
data SAAction
None :: SAAction
Route :: SAAction
Restart :: SAAction
data SAMode
Transport :: SAMode
Tunnel :: SAMode
Beet :: SAMode
Pass :: SAMode
Drop :: SAMode
data Settings
Settings :: String -> HostName -> PortNumber -> String -> String -> MySQLCharacterEncoding -> Settings

-- | Name of the DB to use
[_dbName] :: Settings -> String

-- | SQL server host (defaults to localhost)
[_dbHost] :: Settings -> HostName

-- | TCP port (defaults to 3306)
[_dbPort] :: Settings -> PortNumber

-- | DB username (defaults to root)
[_dbUser] :: Settings -> String

-- | DB user password
[_dbPassword] :: Settings -> String

-- | Defaults to <a>UTF8MB4</a>
[_dbCharSet] :: Settings -> MySQLCharacterEncoding
data SharedSecret
SharedSecret :: Maybe Int -> SharedSecretType -> ByteString -> SharedSecret
[_ssId] :: SharedSecret -> Maybe Int
[_ssType] :: SharedSecret -> SharedSecretType
[_ssData] :: SharedSecret -> ByteString
data SharedSecretIdentity
SharedSecretIdentity :: Int -> Int -> SharedSecretIdentity
[_sharedSecretId] :: SharedSecretIdentity -> Int
[_identityId] :: SharedSecretIdentity -> Int
data SharedSecretType
SharedIKE :: SharedSecretType
SharedEAP :: SharedSecretType
SharedRSA :: SharedSecretType
SharedPIN :: SharedSecretType

-- | You may get interested in <a>OK</a> packet because it provides
--   information about successful operations.
data OK
OK :: !Int -> !Int -> !Word16 -> !Word16 -> OK

-- | affected row number
[okAffectedRows] :: OK -> !Int

-- | last insert's ID
[okLastInsertID] :: OK -> !Int
[okStatus] :: OK -> !Word16
[okWarningCnt] :: OK -> !Word16
class SQLRow a
data TrafficSelector
TrafficSelector :: Maybe Int -> TrafficSelectorType -> Word16 -> IP -> IP -> PortNumber -> PortNumber -> TrafficSelector
[_tsId] :: TrafficSelector -> Maybe Int
[_tsType] :: TrafficSelector -> TrafficSelectorType
[_tsProtocol] :: TrafficSelector -> Word16
[_tsStartAddr] :: TrafficSelector -> IP
[_tsEndAddr] :: TrafficSelector -> IP
[_tsStartPort] :: TrafficSelector -> PortNumber
[_tsEndPort] :: TrafficSelector -> PortNumber
data TrafficSelectorType
IPv4AddrRange :: TrafficSelectorType
IPv6AddrRange :: TrafficSelectorType
data TrafficSelectorKind
LocalTS :: TrafficSelectorKind
RemoteTS :: TrafficSelectorKind
LocalDynamicTS :: TrafficSelectorKind
RemoteDynamicTS :: TrafficSelectorKind
instance Data.Default.Class.Default StrongSwan.SQL.Settings
instance GHC.Show.Show StrongSwan.SQL.Settings