moved typedefs to beginning of files to solve some include problems
[strongswan.git] / src / charon / daemon.h
1 /**
2 * @file daemon.h
3 *
4 * @brief Interface of daemon_t.
5 *
6 */
7
8 /*
9 * Copyright (C) 2006 Tobias Brunner, Daniel Roethlisberger
10 * Copyright (C) 2005-2006 Martin Willi
11 * Copyright (C) 2005 Jan Hutter
12 * Hochschule fuer Technik Rapperswil
13 *
14 * This program is free software; you can redistribute it and/or modify it
15 * under the terms of the GNU General Public License as published by the
16 * Free Software Foundation; either version 2 of the License, or (at your
17 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
18 *
19 * This program is distributed in the hope that it will be useful, but
20 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
21 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
22 * for more details.
23 */
24
25 #ifndef DAEMON_H_
26 #define DAEMON_H_
27
28 typedef struct daemon_t daemon_t;
29
30 #include <threads/sender.h>
31 #include <threads/receiver.h>
32 #include <threads/scheduler.h>
33 #include <threads/kernel_interface.h>
34 #include <threads/thread_pool.h>
35 #include <threads/stroke_interface.h>
36 #include <network/socket.h>
37 #include <bus/bus.h>
38 #include <bus/listeners/file_logger.h>
39 #include <bus/listeners/sys_logger.h>
40 #include <sa/ike_sa_manager.h>
41 #include <queues/send_queue.h>
42 #include <queues/job_queue.h>
43 #include <queues/event_queue.h>
44 #include <config/configuration.h>
45 #include <config/connections/connection_store.h>
46 #include <config/policies/policy_store.h>
47 #include <config/credentials/credential_store.h>
48
49 /**
50 * @defgroup charon charon
51 *
52 * @brief IKEv2 keying daemon.
53 *
54 * @section Architecture
55 *
56 * All IKEv2 stuff is handled in charon. It uses a newer and more flexible
57 * architecture than pluto. Charon uses a thread-pool, which allows parallel
58 * execution SA-management. Beside the thread-pool, there are some special purpose
59 * threads which do their job for the common health of the daemon.
60 @verbatim
61 +------+
62 | E Q |
63 | v u |---+ +------+ +------+
64 | e e | | | | | IKE- |
65 | n u | +-----------+ | |--| SA |
66 | t e | | | | I M | +------+
67 +------------+ | - | | Scheduler | | K a |
68 | receiver | +------+ | | | E n | +------+
69 +----+-------+ +-----------+ | - a | | IKE- |
70 | | +------+ | | S g |--| SA |
71 +-------+--+ +-----| J Q |---+ +------------+ | A e | +------+
72 -| socket | | o u | | | | - r |
73 +-------+--+ | b e | | Thread- | | |
74 | | - u | | Pool | | |
75 +----+-------+ | e |------| |---| |
76 | sender | +------+ +------------+ +------+
77 +----+-------+
78 | +------+
79 | | S Q |
80 | | e u |
81 | | n e |
82 +------------| d u |
83 | - e |
84 +--+---+
85 @endverbatim
86 * The thread-pool is the heart of the architecture. It processes jobs from a
87 * (fully synchronized) job-queue. Mostly, a job is associated with a specific
88 * IKE SA. These IKE SAs are synchronized, only one thread can work one an IKE SA.
89 * This makes it unnecesary to use further synchronisation methods once a IKE SA
90 * is checked out. The (rather complex) synchronization of IKE SAs is completely
91 * done in the IKE SA manager.
92 * The sceduler is responsible for event firing. It waits until a event in the
93 * (fully synchronized) event-queue is ready for processing and pushes the event
94 * down to the job-queue. A thread form the pool will pick it up as quick as
95 * possible. Every thread can queue events or jobs. Furter, an event can place a
96 * packet in the send-queue. The sender thread waits for those packets and sends
97 * them over the wire, via the socket. The receiver does exactly the opposite of
98 * the sender. It waits on the socket, reads in packets an places them on the
99 * job-queue for further processing by a thread from the pool.
100 * There are even more threads, not drawn in the upper scheme. The stroke thread
101 * is responsible for reading and processessing commands from another process. The
102 * kernel interface thread handles communication from and to the kernel via a
103 * netlink socket. It waits for kernel events and processes them appropriately.
104 */
105
106 /**
107 * @defgroup config config
108 *
109 * Classes implementing configuration related things.
110 *
111 * @ingroup charon
112 */
113
114 /**
115 * @defgroup encoding encoding
116 *
117 * Classes used to encode and decode IKEv2 messages.
118 *
119 * @ingroup charon
120 */
121
122 /**
123 * @defgroup payloads payloads
124 *
125 * Classes representing specific IKEv2 payloads.
126 *
127 * @ingroup encoding
128 */
129
130 /**
131 * @defgroup network network
132 *
133 * Classes for network relevant stuff.
134 *
135 * @ingroup charon
136 */
137
138 /**
139 * @defgroup queues queues
140 *
141 * Different kind of queues
142 * (thread save lists).
143 *
144 * @ingroup charon
145 */
146
147 /**
148 * @defgroup jobs jobs
149 *
150 * Jobs used in job queue and event queue.
151 *
152 * @ingroup queues
153 */
154
155 /**
156 * @defgroup sa sa
157 *
158 * Security associations for IKE and IPSec,
159 * and some helper classes.
160 *
161 * @ingroup charon
162 */
163
164 /**
165 * @defgroup transactions transactions
166 *
167 * Transactions represent a request/response
168 * message exchange to implement the IKEv2
169 * protocol exchange scenarios.
170 *
171 * @ingroup sa
172 */
173
174 /**
175 * @defgroup threads threads
176 *
177 * Threaded classes, which will do their job alone.
178 *
179 * @ingroup charon
180 */
181
182 /**
183 * @defgroup bus bus
184 *
185 * Signaling bus and its listeners.
186 *
187 * @ingroup charon
188 */
189
190 /**
191 * Name of the daemon.
192 *
193 * @ingroup charon
194 */
195 #define DAEMON_NAME "charon"
196
197 /**
198 * @brief Number of threads in the thread pool.
199 *
200 * There are several other threads, this defines
201 * only the number of threads in thread_pool_t.
202 *
203 * @ingroup charon
204 */
205 #define NUMBER_OF_WORKING_THREADS 4
206
207 /**
208 * UDP Port on which the daemon will listen for incoming traffic.
209 *
210 * @ingroup charon
211 */
212 #define IKEV2_UDP_PORT 500
213
214 /**
215 * UDP Port to which the daemon will float to if NAT is detected.
216 *
217 * @ingroup charon
218 */
219 #define IKEV2_NATT_PORT 4500
220
221 /**
222 * PID file, in which charon stores its process id
223 *
224 * @ingroup charon
225 */
226 #define PID_FILE IPSEC_PIDDIR "/charon.pid"
227
228 /**
229 * Configuration directory
230 *
231 * @ingroup charon
232 */
233 #define CONFIG_DIR IPSEC_CONFDIR
234
235 /**
236 * Directory of IPsec relevant files
237 *
238 * @ingroup charon
239 */
240 #define IPSEC_D_DIR CONFIG_DIR "/ipsec.d"
241
242 /**
243 * Default directory for private keys
244 *
245 * @ingroup charon
246 */
247 #define PRIVATE_KEY_DIR IPSEC_D_DIR "/private"
248
249 /**
250 * Default directory for end entity certificates
251 *
252 * @ingroup charon
253 */
254 #define CERTIFICATE_DIR IPSEC_D_DIR "/certs"
255
256 /**
257 * Default directory for trusted CA certificates
258 *
259 * @ingroup charon
260 */
261 #define CA_CERTIFICATE_DIR IPSEC_D_DIR "/cacerts"
262
263 /**
264 * Default directory for CRLs
265 *
266 * @ingroup charon
267 */
268 #define CRL_DIR IPSEC_D_DIR "/crls"
269
270 /**
271 * Secrets files
272 *
273 * @ingroup charon
274 */
275 #define SECRETS_FILE CONFIG_DIR "/ipsec.secrets"
276
277 /**
278 * @brief Main class of daemon, contains some globals.
279 *
280 * @ingroup charon
281 */
282 struct daemon_t {
283 /**
284 * A socket_t instance.
285 */
286 socket_t *socket;
287
288 /**
289 * A send_queue_t instance.
290 */
291 send_queue_t *send_queue;
292
293 /**
294 * A job_queue_t instance.
295 */
296 job_queue_t *job_queue;
297
298 /**
299 * A event_queue_t instance.
300 */
301 event_queue_t *event_queue;
302
303 /**
304 * A ike_sa_manager_t instance.
305 */
306 ike_sa_manager_t *ike_sa_manager;
307
308 /**
309 * A configuration_t instance.
310 */
311 configuration_t *configuration;
312
313 /**
314 * A connection_store_t instance.
315 */
316 connection_store_t *connections;
317
318 /**
319 * A policy_store_t instance.
320 */
321 policy_store_t *policies;
322
323 /**
324 * A credential_store_t instance.
325 */
326 credential_store_t *credentials;
327
328 /**
329 * The Sender-Thread.
330 */
331 sender_t *sender;
332
333 /**
334 * The Receiver-Thread.
335 */
336 receiver_t *receiver;
337
338 /**
339 * The Scheduler-Thread.
340 */
341 scheduler_t *scheduler;
342
343 /**
344 * The Thread pool managing the worker threads.
345 */
346 thread_pool_t *thread_pool;
347
348 /**
349 * The signaling bus.
350 */
351 bus_t *bus;
352
353 /**
354 * A bus listener logging to stdout
355 */
356 file_logger_t *outlog;
357
358 /**
359 * A bus listener logging to syslog
360 */
361 sys_logger_t *syslog;
362
363 /**
364 * A bus listener logging most important events
365 */
366 sys_logger_t *authlog;
367
368 /**
369 * Kernel Interface to communicate with kernel
370 */
371 kernel_interface_t *kernel_interface;
372
373 /**
374 * IPC interface, as whack in pluto
375 */
376 stroke_t *stroke;
377
378 /**
379 * @brief Shut down the daemon.
380 *
381 * @param this the daemon to kill
382 * @param reason describtion why it will be killed
383 */
384 void (*kill) (daemon_t *this, char *reason);
385 };
386
387 /**
388 * The one and only instance of the daemon.
389 */
390 extern daemon_t *charon;
391
392 #endif /*DAEMON_H_*/