a2e8fa932f7d2ecfbfe3da7a217688dc834dbfab
[strongswan.git] / src / libcharon / plugins / vici / python / vici / command_wrappers.py
1 class CommandWrappers(object):
2 def version(self):
3 """Retrieve daemon and system specific version information.
4
5 :return: daemon and system specific version information
6 :rtype: dict
7 """
8 return self.request("version")
9
10 def stats(self):
11 """Retrieve IKE daemon statistics and load information.
12
13 :return: IKE daemon statistics and load information
14 :rtype: dict
15 """
16 return self.request("stats")
17
18 def reload_settings(self):
19 """Reload strongswan.conf settings and any plugins supporting reload.
20 """
21 self.request("reload-settings")
22
23 def initiate(self, sa):
24 """Initiate an SA.
25
26 :param sa: the SA to initiate
27 :type sa: dict
28 :return: generator for logs emitted as dict
29 :rtype: generator
30 """
31 return self.streamed_request("initiate", "control-log", sa)
32
33 def terminate(self, sa):
34 """Terminate an SA.
35
36 :param sa: the SA to terminate
37 :type sa: dict
38 :return: generator for logs emitted as dict
39 :rtype: generator
40 """
41 return self.streamed_request("terminate", "control-log", sa)
42
43 def rekey(self, sa):
44 """Initiate the rekeying of an SA.
45
46 .. versionadded:: 5.5.2
47
48 :param sa: the SA to rekey
49 :type sa: dict
50 :return: number of matched SAs
51 :rtype: dict
52 """
53 return self.request("rekey", sa)
54
55 def redirect(self, sa):
56 """Redirect an IKE_SA.
57
58 .. versionchanged:: 5.5.2
59 The number of matched SAs is returned.
60
61 :param sa: the SA to redirect
62 :type sa: dict
63 :return: number of matched SAs
64 :rtype: dict
65 """
66 return self.request("redirect", sa)
67
68 def install(self, policy):
69 """Install a trap, drop or bypass policy defined by a CHILD_SA config.
70
71 :param policy: policy to install
72 :type policy: dict
73 """
74 self.request("install", policy)
75
76 def uninstall(self, policy):
77 """Uninstall a trap, drop or bypass policy defined by a CHILD_SA config.
78
79 :param policy: policy to uninstall
80 :type policy: dict
81 """
82 self.request("uninstall", policy)
83
84 def list_sas(self, filters=None):
85 """Retrieve active IKE_SAs and associated CHILD_SAs.
86
87 :param filters: retrieve only matching IKE_SAs (optional)
88 :type filters: dict
89 :return: generator for active IKE_SAs and associated CHILD_SAs as dict
90 :rtype: generator
91 """
92 return self.streamed_request("list-sas", "list-sa", filters)
93
94 def list_policies(self, filters=None):
95 """Retrieve installed trap, drop and bypass policies.
96
97 :param filters: retrieve only matching policies (optional)
98 :type filters: dict
99 :return: generator for installed trap, drop and bypass policies as dict
100 :rtype: generator
101 """
102 return self.streamed_request("list-policies", "list-policy",
103 filters)
104
105 def list_conns(self, filters=None):
106 """Retrieve loaded connections.
107
108 :param filters: retrieve only matching configuration names (optional)
109 :type filters: dict
110 :return: generator for loaded connections as dict
111 :rtype: generator
112 """
113 return self.streamed_request("list-conns", "list-conn",
114 filters)
115
116 def get_conns(self):
117 """Retrieve connection names loaded exclusively over vici.
118
119 :return: connection names
120 :rtype: dict
121 """
122 return self.request("get-conns")
123
124 def list_certs(self, filters=None):
125 """Retrieve loaded certificates.
126
127 :param filters: retrieve only matching certificates (optional)
128 :type filters: dict
129 :return: generator for loaded certificates as dict
130 :rtype: generator
131 """
132 return self.streamed_request("list-certs", "list-cert", filters)
133
134 def list_authorities(self, filters=None):
135 """Retrieve loaded certification authority information.
136
137 .. versionadded:: 5.3.3
138
139 :param filters: retrieve only matching CAs (optional)
140 :type filters: dict
141 :return: generator for loaded CAs as dict
142 :rtype: generator
143 """
144 return self.streamed_request("list-authorities", "list-authority",
145 filters)
146
147 def get_authorities(self):
148 """Retrieve certification authority names loaded exclusively over vici.
149
150 :return: CA names
151 :rtype: dict
152 """
153 return self.request("get-authorities")
154
155 def load_conn(self, connection):
156 """Load a connection definition into the daemon.
157
158 :param connection: connection definition
159 :type connection: dict
160 """
161 self.request("load-conn", connection)
162
163 def unload_conn(self, name):
164 """Unload a connection definition.
165
166 :param name: connection definition name
167 :type name: dict
168 """
169 self.request("unload-conn", name)
170
171 def load_cert(self, certificate):
172 """Load a certificate into the daemon.
173
174 :param certificate: PEM or DER encoded certificate
175 :type certificate: dict
176 """
177 self.request("load-cert", certificate)
178
179 def load_key(self, private_key):
180 """Load a private key into the daemon.
181
182 .. versionchanged:: 5.5.3
183 The key identifier of the loaded key is returned.
184
185 :param private_key: PEM or DER encoded key
186 :type private_key: dict
187 :return: key identifier
188 :rtype: dict
189 """
190 return self.request("load-key", private_key)
191
192 def unload_key(self, key_id):
193 """Unload the private key with the given key identifier.
194
195 .. versionadded:: 5.5.2
196
197 :param key_id: key identifier
198 :type key_id: dict
199 """
200 self.request("unload-key", key_id)
201
202 def get_keys(self):
203 """Retrieve identifiers of private keys loaded exclusively over vici.
204
205 .. versionadded:: 5.5.2
206
207 :return: key identifiers
208 :rtype: dict
209 """
210 return self.request("get-keys")
211
212 def load_token(self, token):
213 """Load a private key located on a token into the daemon.
214
215 .. versionadded:: 5.5.2
216
217 :param token: token details
218 :type token: dict
219 :return: key identifier
220 :rtype: dict
221 """
222 return self.request("load-token", token)
223
224 def load_shared(self, secret):
225 """Load a shared IKE PSK, EAP or XAuth secret into the daemon.
226
227 .. versionchanged:: 5.5.2
228 A unique identifier may be associated with the secret.
229
230 :param secret: shared IKE PSK, EAP or XAuth secret
231 :type secret: dict
232 """
233 self.request("load-shared", secret)
234
235 def unload_shared(self, identifier):
236 """Unload a previously loaded shared secret by its unique identifier.
237
238 .. versionadded:: 5.5.2
239
240 :param identifier: unique identifier
241 :type secret: dict
242 """
243 self.request("unload-shared", identifier)
244
245 def get_shared(self):
246 """Retrieve identifiers of shared keys loaded exclusively over vici.
247
248 .. versionadded:: 5.5.2
249
250 :return: identifiers
251 :rtype: dict
252 """
253 return self.request("get-shared")
254
255 def flush_certs(self, filter=None):
256 """Flush the volatile certificate cache.
257
258 Flush the certificate stored temporarily in the cache. The filter
259 allows to flush only a certain type of certificates, e.g. CRLs.
260
261 :param filter: flush only certificates of a given type (optional)
262 :type filter: dict
263 """
264 self.request("flush-certs", filter)
265
266 def clear_creds(self):
267 """Clear credentials loaded over vici.
268
269 Clear all loaded certificate, private key and shared key credentials.
270 This affects only credentials loaded over vici, but additionally
271 flushes the credential cache.
272 """
273 self.request("clear-creds")
274
275 def load_authority(self, ca):
276 """Load a certification authority definition into the daemon.
277
278 :param ca: certification authority definition
279 :type ca: dict
280 """
281 self.request("load-authority", ca)
282
283 def unload_authority(self, ca):
284 """Unload a previously loaded certification authority by name.
285
286 :param ca: certification authority name
287 :type ca: dict
288 """
289 self.request("unload-authority", ca)
290
291 def load_pool(self, pool):
292 """Load a virtual IP pool.
293
294 Load an in-memory virtual IP and configuration attribute pool.
295 Existing pools with the same name get updated, if possible.
296
297 :param pool: virtual IP and configuration attribute pool
298 :type pool: dict
299 """
300 return self.request("load-pool", pool)
301
302 def unload_pool(self, pool_name):
303 """Unload a virtual IP pool.
304
305 Unload a previously loaded virtual IP and configuration attribute pool.
306 Unloading fails for pools with leases currently online.
307
308 :param pool_name: pool by name
309 :type pool_name: dict
310 """
311 self.request("unload-pool", pool_name)
312
313 def get_pools(self, options):
314 """Retrieve loaded pools.
315
316 :param options: filter by name and/or retrieve leases (optional)
317 :type options: dict
318 :return: loaded pools
319 :rtype: dict
320 """
321 return self.request("get-pools", options)
322
323 def get_algorithms(self):
324 """List of currently loaded algorithms and their implementation.
325
326 .. versionadded:: 5.4.0
327
328 :return: algorithms
329 :rtype: dict
330 """
331 return self.request("get-algorithms")
332
333 def get_counters(self, options=None):
334 """List global or connection-specific counters for several IKE events.
335
336 .. versionadded:: 5.6.1
337
338 :param options: get global counters or those of all or one connection
339 :type options: dict
340 :return: counters
341 :rtype: dict
342 """
343 return self.request("get-counters", options)
344
345 def reset_counters(self, options=None):
346 """Reset global or connection-specific IKE event counters.
347
348 .. versionadded:: 5.6.1
349
350 :param options: reset global counters or those of all or one connection
351 :type options: dict
352 """
353 self.request("reset-counters", options)