Annotation of embedaddon/strongswan/src/libcharon/plugins/ha/ha_message.h, revision 1.1.1.1
1.1 misho 1: /*
2: * Copyright (C) 2008 Martin Willi
3: * HSR Hochschule fuer Technik Rapperswil
4: *
5: * This program is free software; you can redistribute it and/or modify it
6: * under the terms of the GNU General Public License as published by the
7: * Free Software Foundation; either version 2 of the License, or (at your
8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9: *
10: * This program is distributed in the hope that it will be useful, but
11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13: * for more details.
14: */
15:
16: /**
17: * @defgroup ha_message ha_message
18: * @{ @ingroup ha
19: */
20:
21: #ifndef HA_MESSAGE_H_
22: #define HA_MESSAGE_H_
23:
24: #include <library.h>
25: #include <networking/host.h>
26: #include <utils/identification.h>
27: #include <sa/ike_sa_id.h>
28: #include <selectors/traffic_selector.h>
29:
30: /**
31: * Protocol version of this implementation
32: */
33: #define HA_MESSAGE_VERSION 3
34:
35: typedef struct ha_message_t ha_message_t;
36: typedef enum ha_message_type_t ha_message_type_t;
37: typedef enum ha_message_attribute_t ha_message_attribute_t;
38: typedef union ha_message_value_t ha_message_value_t;
39:
40: /**
41: * Type of a HA message
42: */
43: enum ha_message_type_t {
44: /** add a completely new IKE_SA */
45: HA_IKE_ADD = 1,
46: /** update an existing IKE_SA (identities, address update, ...) */
47: HA_IKE_UPDATE,
48: /** update initiator message id */
49: HA_IKE_MID_INITIATOR,
50: /** update responder message id */
51: HA_IKE_MID_RESPONDER,
52: /** delete an existing IKE_SA */
53: HA_IKE_DELETE,
54: /** add a new CHILD_SA */
55: HA_CHILD_ADD,
56: /** delete an existing CHILD_SA */
57: HA_CHILD_DELETE,
58: /** segments the sending node is giving up */
59: HA_SEGMENT_DROP,
60: /** segments the sending node is taking over */
61: HA_SEGMENT_TAKE,
62: /** status with the segments the sending node is currently serving */
63: HA_STATUS,
64: /** segments the receiving node is requested to resync */
65: HA_RESYNC,
66: /** IV synchronization for IKEv1 Main/Aggressive mode */
67: HA_IKE_IV,
68: };
69:
70: /**
71: * Enum names for message types
72: */
73: extern enum_name_t *ha_message_type_names;
74:
75: /**
76: * Type of attributes contained in a message
77: */
78: enum ha_message_attribute_t {
79: /** ike_sa_id_t*, to identify IKE_SA */
80: HA_IKE_ID = 1,
81: /** ike_sa_id_t*, identifies IKE_SA which gets rekeyed */
82: HA_IKE_REKEY_ID,
83: /** identification_t*, local identity */
84: HA_LOCAL_ID,
85: /** identification_t*, remote identity */
86: HA_REMOTE_ID,
87: /** identification_t*, remote EAP identity */
88: HA_REMOTE_EAP_ID,
89: /** host_t*, local address */
90: HA_LOCAL_ADDR,
91: /** host_t*, remote address */
92: HA_REMOTE_ADDR,
93: /** char*, name of configuration */
94: HA_CONFIG_NAME,
95: /** uint32_t, bitset of ike_condition_t */
96: HA_CONDITIONS,
97: /** uint32_t, bitset of ike_extension_t */
98: HA_EXTENSIONS,
99: /** host_t*, local virtual IP */
100: HA_LOCAL_VIP,
101: /** host_t*, remote virtual IP */
102: HA_REMOTE_VIP,
103: /** host_t*, known peer addresses (used for MOBIKE) */
104: HA_PEER_ADDR,
105: /** uint8_t, initiator of an exchange, TRUE for local */
106: HA_INITIATOR,
107: /** chunk_t, initiators nonce */
108: HA_NONCE_I,
109: /** chunk_t, responders nonce */
110: HA_NONCE_R,
111: /** chunk_t, diffie hellman shared secret */
112: HA_SECRET,
113: /** chunk_t, SKd of old SA if rekeying */
114: HA_OLD_SKD,
115: /** uint16_t, pseudo random function */
116: HA_ALG_PRF,
117: /** uint16_t, old pseudo random function if rekeying */
118: HA_ALG_OLD_PRF,
119: /** uint16_t, encryption algorithm */
120: HA_ALG_ENCR,
121: /** uint16_t, encryption key size in bytes */
122: HA_ALG_ENCR_LEN,
123: /** uint16_t, integrity protection algorithm */
124: HA_ALG_INTEG,
125: /** uint16_t, DH group */
126: HA_ALG_DH,
127: /** uint8_t, IPsec mode, TUNNEL|TRANSPORT|... */
128: HA_IPSEC_MODE,
129: /** uint8_t, IPComp protocol */
130: HA_IPCOMP,
131: /** uint32_t, inbound security parameter index */
132: HA_INBOUND_SPI,
133: /** uint32_t, outbound security parameter index */
134: HA_OUTBOUND_SPI,
135: /** uint16_t, inbound security parameter index */
136: HA_INBOUND_CPI,
137: /** uint16_t, outbound security parameter index */
138: HA_OUTBOUND_CPI,
139: /** traffic_selector_t*, local traffic selector */
140: HA_LOCAL_TS,
141: /** traffic_selector_t*, remote traffic selector */
142: HA_REMOTE_TS,
143: /** uint32_t, message ID */
144: HA_MID,
145: /** uint16_t, HA segment */
146: HA_SEGMENT,
147: /** uint16_t, Extended Sequence numbers */
148: HA_ESN,
149: /** uint8_t, IKE version */
150: HA_IKE_VERSION,
151: /** chunk_t, own DH public value */
152: HA_LOCAL_DH,
153: /** chunk_t, remote DH public value */
154: HA_REMOTE_DH,
155: /** chunk_t, shared secret for IKEv1 key derivation */
156: HA_PSK,
157: /** chunk_t, IV for next IKEv1 message */
158: HA_IV,
159: /** uint16_t, auth_method_t for IKEv1 key derivation */
160: HA_AUTH_METHOD,
161: };
162:
163: /**
164: * Union to enumerate typed attributes in a message
165: */
166: union ha_message_value_t {
167: uint8_t u8;
168: uint16_t u16;
169: uint32_t u32;
170: char *str;
171: chunk_t chunk;
172: ike_sa_id_t *ike_sa_id;
173: identification_t *id;
174: host_t *host;
175: traffic_selector_t *ts;
176: };
177:
178: /**
179: * Abstracted message passed between nodes in a HA cluster.
180: */
181: struct ha_message_t {
182:
183: /**
184: * Get the type of the message.
185: *
186: * @return message type
187: */
188: ha_message_type_t (*get_type)(ha_message_t *this);
189:
190: /**
191: * Add an attribute to a message.
192: *
193: * @param attribute attribute type to add
194: * @param ... attribute specific data
195: */
196: void (*add_attribute)(ha_message_t *this,
197: ha_message_attribute_t attribute, ...);
198:
199: /**
200: * Create an enumerator over all attributes in a message.
201: *
202: * @return enumerator over attribute, ha_message_value_t
203: */
204: enumerator_t* (*create_attribute_enumerator)(ha_message_t *this);
205:
206: /**
207: * Get the message in a encoded form.
208: *
209: * @return chunk pointing to internal data
210: */
211: chunk_t (*get_encoding)(ha_message_t *this);
212:
213: /**
214: * Destroy a ha_message_t.
215: */
216: void (*destroy)(ha_message_t *this);
217: };
218:
219: /**
220: * Create a new ha_message instance, ready for adding attributes
221: *
222: * @param type type of the message
223: */
224: ha_message_t *ha_message_create(ha_message_type_t type);
225:
226: /**
227: * Create a ha_message from encoded data.
228: *
229: * @param data encoded message data
230: */
231: ha_message_t *ha_message_parse(chunk_t data);
232:
233: #endif /** HA_MESSAGE_ @}*/
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>