projects / strongswan.git / blob
? search:


a465a6645590355e980b8649e542e8e8da761ba7
[strongswan.git] / src / charon / plugins / ha_sync / ha_sync_message.h
1 /*
2 * Copyright (C) 2008 Martin Willi
3 * Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 /**
17 * @defgroup ha_sync_message ha_sync_message
18 * @{ @ingroup ha_sync
19 */
20
21 #ifndef HA_SYNC_MESSAGE_H_
22 #define HA_SYNC_MESSAGE_H_
23
24 #include <library.h>
25 #include <utils/host.h>
26 #include <utils/identification.h>
27 #include <sa/ike_sa_id.h>
28 #include <config/traffic_selector.h>
29
30 /**
31 * Protocol version of this implementation
32 */
33 #define HA_SYNC_MESSAGE_VERSION 1
34
35 typedef struct ha_sync_message_t ha_sync_message_t;
36 typedef enum ha_sync_message_type_t ha_sync_message_type_t;
37 typedef enum ha_sync_message_attribute_t ha_sync_message_attribute_t;
38 typedef union ha_sync_message_value_t ha_sync_message_value_t;
39
40 /**
41 * Type of a sync message
42 */
43 enum ha_sync_message_type_t {
44 /** add a completely new IKE_SA */
45 HA_SYNC_IKE_ADD = 1,
46 /** update an existing IKE_SA (message IDs, address update, ...) */
47 HA_SYNC_IKE_UPDATE,
48 /** delete an existing IKE_SA */
49 HA_SYNC_IKE_DELETE,
50 /** add a new CHILD_SA */
51 HA_SYNC_CHILD_ADD,
52 /** delete an existing CHILD_SA */
53 HA_SYNC_CHILD_DELETE,
54 };
55
56 /**
57 * Type of attributes contained in a message
58 */
59 enum ha_sync_message_attribute_t {
60 /** ike_sa_id_t*, to identify IKE_SA */
61 HA_SYNC_IKE_ID = 1,
62 /** ike_Sa_id_t*, identifies IKE_SA which gets rekeyed */
63 HA_SYNC_IKE_REKEY_ID,
64 /** identification_t*, local identity */
65 HA_SYNC_LOCAL_ID,
66 /** identification_t*, remote identity */
67 HA_SYNC_REMOTE_ID,
68 /** identification_t*, EAP identity */
69 HA_SYNC_EAP_ID,
70 /** host_t*, local address */
71 HA_SYNC_LOCAL_ADDR,
72 /** host_t*, remote address */
73 HA_SYNC_REMOTE_ADDR,
74 /** char*, name of configuration */
75 HA_SYNC_CONFIG_NAME,
76 /** u_int32_t, bitset of ike_condition_t */
77 HA_SYNC_CONDITIONS,
78 /** u_int32_t, bitset of ike_extension_t */
79 HA_SYNC_EXTENSIONS,
80 /** host_t*, local virtual IP */
81 HA_SYNC_LOCAL_VIP,
82 /** host_t*, remote virtual IP */
83 HA_SYNC_REMOTE_VIP,
84 /** host_t*, additional MOBIKE peer address */
85 HA_SYNC_ADDITIONAL_ADDR,
86 /** chunk_t, initiators nonce */
87 HA_SYNC_NONCE_I,
88 /** chunk_t, responders nonce */
89 HA_SYNC_NONCE_R,
90 /** chunk_t, diffie hellman shared secret */
91 HA_SYNC_SECRET,
92 /** chunk_t, SKd of old SA if rekeying */
93 HA_SYNC_OLD_SKD,
94 /** u_int16_t, pseudo random function */
95 HA_SYNC_ALG_PRF,
96 /** u_int16_t, old pseudo random function if rekeying */
97 HA_SYNC_ALG_OLD_PRF,
98 /** u_int16_t, encryption algorithm */
99 HA_SYNC_ALG_ENCR,
100 /** u_int16_t, encryption key size in bytes */
101 HA_SYNC_ALG_ENCR_LEN,
102 /** u_int16_t, integrity protection algorithm */
103 HA_SYNC_ALG_INTEG,
104 /** u_int8_t, IPsec mode, TUNNEL|TRANSPORT|... */
105 HA_SYNC_IPSEC_MODE,
106 /** u_int8_t, IPComp protocol */
107 HA_SYNC_IPCOMP,
108 /** u_int32_t, inbound security parameter index */
109 HA_SYNC_INBOUND_SPI,
110 /** u_int32_t, outbound security parameter index */
111 HA_SYNC_OUTBOUND_SPI,
112 /** u_int16_t, inbound security parameter index */
113 HA_SYNC_INBOUND_CPI,
114 /** u_int16_t, outbound security parameter index */
115 HA_SYNC_OUTBOUND_CPI,
116 /** traffic_selector_t*, local traffic selector */
117 HA_SYNC_LOCAL_TS,
118 /** traffic_selector_t*, remote traffic selector */
119 HA_SYNC_REMOTE_TS,
120 /** u_int32_t, initiating message ID */
121 HA_SYNC_INITIATE_MID,
122 /** u_int32_t, responding message ID */
123 HA_SYNC_RESPOND_MID,
124 };
125
126 /**
127 * Union to enumerate typed attributes in a message
128 */
129 union ha_sync_message_value_t {
130 u_int8_t u8;
131 u_int16_t u16;
132 u_int32_t u32;
133 char *str;
134 chunk_t chunk;
135 ike_sa_id_t *ike_sa_id;
136 identification_t *id;
137 host_t *host;
138 traffic_selector_t *ts;
139 };
140
141 /**
142 * Abstracted message passed between nodes in a HA cluster.
143 */
144 struct ha_sync_message_t {
145
146 /**
147 * Get the type of the message.
148 *
149 * @return message type
150 */
151 ha_sync_message_type_t (*get_type)(ha_sync_message_t *this);
152
153 /**
154 * Add an attribute to a message.
155 *
156 * @param attribute attribute type to add
157 * @param ... attribute specific data
158 */
159 void (*add_attribute)(ha_sync_message_t *this,
160 ha_sync_message_attribute_t attribute, ...);
161
162 /**
163 * Create an enumerator over all attributes in a message.
164 *
165 * @return enumerator over attribute, ha_sync_message_value_t
166 */
167 enumerator_t* (*create_attribute_enumerator)(ha_sync_message_t *this);
168
169 /**
170 * Get the message in a encoded form.
171 *
172 * @return chunk pointing to internal data
173 */
174 chunk_t (*get_encoding)(ha_sync_message_t *this);
175
176 /**
177 * Destroy a ha_sync_message_t.
178 */
179 void (*destroy)(ha_sync_message_t *this);
180 };
181
182 /**
183 * Create a new ha_sync_message instance, ready for adding attributes
184 *
185 * @param version protocol version to create a message from
186 * @param type type of the message
187 */
188 ha_sync_message_t *ha_sync_message_create(ha_sync_message_type_t type);
189
190 /**
191 * Create a ha_sync_message from encoded data.
192 *
193 * @param data encoded message data
194 */
195 ha_sync_message_t *ha_sync_message_parse(chunk_t data);
196
197 #endif /* HA_SYNC_MESSAGE_ @}*/
strongSwan - IPsec VPN