introduced printf() specifiers for:
[strongswan.git] / src / charon / daemon.h
1 /**
2 * @file daemon.h
3 *
4 * @brief Interface of daemon_t.
5 *
6 */
7
8 /*
9 * Copyright (C) 2006 Tobias Brunner, Daniel Roethlisberger
10 * Copyright (C) 2005-2006 Martin Willi
11 * Copyright (C) 2005 Jan Hutter
12 * Hochschule fuer Technik Rapperswil
13 *
14 * This program is free software; you can redistribute it and/or modify it
15 * under the terms of the GNU General Public License as published by the
16 * Free Software Foundation; either version 2 of the License, or (at your
17 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
18 *
19 * This program is distributed in the hope that it will be useful, but
20 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
21 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
22 * for more details.
23 */
24
25 #ifndef DAEMON_H_
26 #define DAEMON_H_
27
28 #include <threads/sender.h>
29 #include <threads/receiver.h>
30 #include <threads/scheduler.h>
31 #include <threads/kernel_interface.h>
32 #include <threads/thread_pool.h>
33 #include <threads/stroke_interface.h>
34 #include <network/socket.h>
35 #include <bus/bus.h>
36 #include <bus/listeners/file_logger.h>
37 #include <bus/listeners/sys_logger.h>
38 #include <sa/ike_sa_manager.h>
39 #include <queues/send_queue.h>
40 #include <queues/job_queue.h>
41 #include <queues/event_queue.h>
42 #include <utils/logger_manager.h>
43 #include <config/configuration.h>
44 #include <config/connections/connection_store.h>
45 #include <config/policies/policy_store.h>
46 #include <config/credentials/credential_store.h>
47
48 /**
49 * @defgroup charon charon
50 *
51 * @brief IKEv2 keying daemon.
52 *
53 * @section Architecture
54 *
55 * All IKEv2 stuff is handled in charon. It uses a newer and more flexible
56 * architecture than pluto. Charon uses a thread-pool, which allows parallel
57 * execution SA-management. Beside the thread-pool, there are some special purpose
58 * threads which do their job for the common health of the daemon.
59 @verbatim
60 +------+
61 | E Q |
62 | v u |---+ +------+ +------+
63 | e e | | | | | IKE- |
64 | n u | +-----------+ | |--| SA |
65 | t e | | | | I M | +------+
66 +------------+ | - | | Scheduler | | K a |
67 | receiver | +------+ | | | E n | +------+
68 +----+-------+ +-----------+ | - a | | IKE- |
69 | | +------+ | | S g |--| SA |
70 +-------+--+ +-----| J Q |---+ +------------+ | A e | +------+
71 -| socket | | o u | | | | - r |
72 +-------+--+ | b e | | Thread- | | |
73 | | - u | | Pool | | |
74 +----+-------+ | e |------| |---| |
75 | sender | +------+ +------------+ +------+
76 +----+-------+
77 | +------+
78 | | S Q |
79 | | e u |
80 | | n e |
81 +------------| d u |
82 | - e |
83 +--+---+
84 @endverbatim
85 * The thread-pool is the heart of the architecture. It processes jobs from a
86 * (fully synchronized) job-queue. Mostly, a job is associated with a specific
87 * IKE SA. These IKE SAs are synchronized, only one thread can work one an IKE SA.
88 * This makes it unnecesary to use further synchronisation methods once a IKE SA
89 * is checked out. The (rather complex) synchronization of IKE SAs is completely
90 * done in the IKE SA manager.
91 * The sceduler is responsible for event firing. It waits until a event in the
92 * (fully synchronized) event-queue is ready for processing and pushes the event
93 * down to the job-queue. A thread form the pool will pick it up as quick as
94 * possible. Every thread can queue events or jobs. Furter, an event can place a
95 * packet in the send-queue. The sender thread waits for those packets and sends
96 * them over the wire, via the socket. The receiver does exactly the opposite of
97 * the sender. It waits on the socket, reads in packets an places them on the
98 * job-queue for further processing by a thread from the pool.
99 * There are even more threads, not drawn in the upper scheme. The stroke thread
100 * is responsible for reading and processessing commands from another process. The
101 * kernel interface thread handles communication from and to the kernel via a
102 * netlink socket. It waits for kernel events and processes them appropriately.
103 */
104
105 /**
106 * @defgroup config config
107 *
108 * Classes implementing configuration related things.
109 *
110 * @ingroup charon
111 */
112
113 /**
114 * @defgroup encoding encoding
115 *
116 * Classes used to encode and decode IKEv2 messages.
117 *
118 * @ingroup charon
119 */
120
121 /**
122 * @defgroup payloads payloads
123 *
124 * Classes representing specific IKEv2 payloads.
125 *
126 * @ingroup encoding
127 */
128
129 /**
130 * @defgroup network network
131 *
132 * Classes for network relevant stuff.
133 *
134 * @ingroup charon
135 */
136
137 /**
138 * @defgroup queues queues
139 *
140 * Different kind of queues
141 * (thread save lists).
142 *
143 * @ingroup charon
144 */
145
146 /**
147 * @defgroup jobs jobs
148 *
149 * Jobs used in job queue and event queue.
150 *
151 * @ingroup queues
152 */
153
154 /**
155 * @defgroup sa sa
156 *
157 * Security associations for IKE and IPSec,
158 * and some helper classes.
159 *
160 * @ingroup charon
161 */
162
163 /**
164 * @defgroup transactions transactions
165 *
166 * Transactions represent a request/response
167 * message exchange to implement the IKEv2
168 * protocol exchange scenarios.
169 *
170 * @ingroup sa
171 */
172
173 /**
174 * @defgroup threads threads
175 *
176 * Threaded classes, which will do their job alone.
177 *
178 * @ingroup charon
179 */
180
181 /**
182 * @defgroup bus bus
183 *
184 * Signaling bus and its listeners.
185 *
186 * @ingroup charon
187 */
188
189 /**
190 * Name of the daemon.
191 *
192 * @ingroup charon
193 */
194 #define DAEMON_NAME "charon"
195
196 /**
197 * @brief Number of threads in the thread pool.
198 *
199 * There are several other threads, this defines
200 * only the number of threads in thread_pool_t.
201 *
202 * @ingroup charon
203 */
204 #define NUMBER_OF_WORKING_THREADS 4
205
206 /**
207 * UDP Port on which the daemon will listen for incoming traffic.
208 *
209 * @ingroup charon
210 */
211 #define IKEV2_UDP_PORT 500
212
213 /**
214 * UDP Port to which the daemon will float to if NAT is detected.
215 *
216 * @ingroup charon
217 */
218 #define IKEV2_NATT_PORT 4500
219
220 /**
221 * PID file, in which charon stores its process id
222 *
223 * @ingroup charon
224 */
225 #define PID_FILE IPSEC_PIDDIR "/charon.pid"
226
227 /**
228 * Configuration directory
229 *
230 * @ingroup charon
231 */
232 #define CONFIG_DIR IPSEC_CONFDIR
233
234 /**
235 * Directory of IPsec relevant files
236 *
237 * @ingroup charon
238 */
239 #define IPSEC_D_DIR CONFIG_DIR "/ipsec.d"
240
241 /**
242 * Default directory for private keys
243 *
244 * @ingroup charon
245 */
246 #define PRIVATE_KEY_DIR IPSEC_D_DIR "/private"
247
248 /**
249 * Default directory for end entity certificates
250 *
251 * @ingroup charon
252 */
253 #define CERTIFICATE_DIR IPSEC_D_DIR "/certs"
254
255 /**
256 * Default directory for trusted CA certificates
257 *
258 * @ingroup charon
259 */
260 #define CA_CERTIFICATE_DIR IPSEC_D_DIR "/cacerts"
261
262 /**
263 * Default directory for CRLs
264 *
265 * @ingroup charon
266 */
267 #define CRL_DIR IPSEC_D_DIR "/crls"
268
269 /**
270 * Secrets files
271 *
272 * @ingroup charon
273 */
274 #define SECRETS_FILE CONFIG_DIR "/ipsec.secrets"
275
276
277 typedef struct daemon_t daemon_t;
278
279 /**
280 * @brief Main class of daemon, contains some globals.
281 *
282 * @ingroup charon
283 */
284 struct daemon_t {
285 /**
286 * A socket_t instance.
287 */
288 socket_t *socket;
289
290 /**
291 * A send_queue_t instance.
292 */
293 send_queue_t *send_queue;
294
295 /**
296 * A job_queue_t instance.
297 */
298 job_queue_t *job_queue;
299
300 /**
301 * A event_queue_t instance.
302 */
303 event_queue_t *event_queue;
304
305 /**
306 * A ike_sa_manager_t instance.
307 */
308 ike_sa_manager_t *ike_sa_manager;
309
310 /**
311 * A configuration_t instance.
312 */
313 configuration_t *configuration;
314
315 /**
316 * A connection_store_t instance.
317 */
318 connection_store_t *connections;
319
320 /**
321 * A policy_store_t instance.
322 */
323 policy_store_t *policies;
324
325 /**
326 * A credential_store_t instance.
327 */
328 credential_store_t *credentials;
329
330 /**
331 * The Sender-Thread.
332 */
333 sender_t *sender;
334
335 /**
336 * The Receiver-Thread.
337 */
338 receiver_t *receiver;
339
340 /**
341 * The Scheduler-Thread.
342 */
343 scheduler_t *scheduler;
344
345 /**
346 * The Thread pool managing the worker threads.
347 */
348 thread_pool_t *thread_pool;
349
350 /**
351 * The signaling bus.
352 */
353 bus_t *bus;
354
355 /**
356 * A bus listener logging to stdout
357 */
358 file_logger_t *outlog;
359
360 /**
361 * A bus listener logging to syslog
362 */
363 sys_logger_t *syslog;
364
365 /**
366 * Kernel Interface to communicate with kernel
367 */
368 kernel_interface_t *kernel_interface;
369
370 /**
371 * IPC interface, as whack in pluto
372 */
373 stroke_t *stroke;
374
375 /**
376 * @brief Shut down the daemon.
377 *
378 * @param this the daemon to kill
379 * @param reason describtion why it will be killed
380 */
381 void (*kill) (daemon_t *this, char *reason);
382 };
383
384 /**
385 * The one and only instance of the daemon.
386 */
387 extern daemon_t *charon;
388
389 #endif /*DAEMON_H_*/