reduced debbugging level
[strongswan.git] / src / stroke / stroke.h
1 /**
2 * @file stroke.h
3 *
4 * @brief Definition of stroke_msg_t.
5 *
6 */
7
8 /*
9 * Copyright (C) 2006 Martin Willi
10 * Hochschule fuer Technik Rapperswil
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 * for more details.
21 */
22
23 #ifndef STROKE_H_
24 #define STROKE_H_
25
26 #include <sys/types.h>
27
28 /**
29 * Socket which is used to communicate between charon and stroke
30 */
31 #define STROKE_SOCKET "/var/run/charon.ctl"
32
33 #define STROKE_BUF_LEN 2048
34
35 typedef enum list_flag_t list_flag_t;
36
37 /**
38 * Definition of the LIST flags, used for
39 * the various stroke list* commands.
40 */
41 enum list_flag_t {
42 /** don't list anything */
43 LIST_NONE = 0x0000,
44 /** list all host/user certs */
45 LIST_CERTS = 0x0001,
46 /** list all ca certs */
47 LIST_CACERTS = 0x0002,
48 /** list all ocsp signer certs */
49 LIST_OCSPCERTS = 0x0004,
50 /** list all aa certs */
51 LIST_AACERTS = 0x0008,
52 /** list all attribute certs */
53 LIST_ACERTS = 0x0010,
54 /** list all access control groups */
55 LIST_GROUPS = 0x0020,
56 /** list all ca information records */
57 LIST_CAINFOS = 0x0040,
58 /** list all crls */
59 LIST_CRLS = 0x0080,
60 /** list all ocsp cache entries */
61 LIST_OCSP = 0x0100,
62 /** all list options */
63 LIST_ALL = 0x01FF,
64 };
65
66 typedef enum reread_flag_t reread_flag_t;
67
68 /**
69 * Definition of the REREAD flags, used for
70 * the various stroke reread* commands.
71 */
72 enum reread_flag_t {
73 /** don't reread anything */
74 REREAD_NONE = 0x0000,
75 /** reread all secret keys */
76 REREAD_SECRETS = 0x0001,
77 /** reread all ca certs */
78 REREAD_CACERTS = 0x0002,
79 /** reread all ocsp signer certs */
80 REREAD_OCSPCERTS = 0x0004,
81 /** reread all aa certs */
82 REREAD_AACERTS = 0x0008,
83 /** reread all attribute certs */
84 REREAD_ACERTS = 0x0010,
85 /** reread all crls */
86 REREAD_CRLS = 0x0020,
87 /** all reread options */
88 REREAD_ALL = 0x003F,
89 };
90
91 typedef enum purge_flag_t purge_flag_t;
92
93 /**
94 * Definition of the PURGE flags, currently used for
95 * the stroke purgeocsp command.
96 */
97 enum purge_flag_t {
98 /** don't purge anything */
99 PURGE_NONE = 0x0000,
100 /** purge ocsp cache entries */
101 PURGE_OCSP = 0x0001,
102 };
103
104 typedef struct stroke_end_t stroke_end_t;
105
106 /**
107 * definition of a peer in a stroke message
108 */
109 struct stroke_end_t {
110 char *id;
111 char *cert;
112 char *ca;
113 char *groups;
114 char *updown;
115 char *address;
116 char *sourceip;
117 u_int8_t virtual_ip;
118 char *subnet;
119 int subnet_mask;
120 int sendcert;
121 int hostaccess;
122 int tohost;
123 u_int8_t protocol;
124 u_int16_t port;
125 };
126
127 typedef struct stroke_msg_t stroke_msg_t;
128
129 /**
130 * @brief A stroke message sent over the unix socket.
131 */
132 struct stroke_msg_t {
133 /* length of this message with all strings */
134 u_int16_t length;
135
136 /* type of the message */
137 enum {
138 /* initiate a connection */
139 STR_INITIATE,
140 /* install SPD entries for a policy */
141 STR_ROUTE,
142 /* uninstall SPD entries for a policy */
143 STR_UNROUTE,
144 /* add a connection */
145 STR_ADD_CONN,
146 /* delete a connection */
147 STR_DEL_CONN,
148 /* terminate connection */
149 STR_TERMINATE,
150 /* show connection status */
151 STR_STATUS,
152 /* show verbose connection status */
153 STR_STATUS_ALL,
154 /* add a ca information record */
155 STR_ADD_CA,
156 /* delete ca information record */
157 STR_DEL_CA,
158 /* set a log type to log/not log */
159 STR_LOGLEVEL,
160 /* list various objects */
161 STR_LIST,
162 /* reread various objects */
163 STR_REREAD,
164 /* purge various objects */
165 STR_PURGE
166 /* more to come */
167 } type;
168
169 /* verbosity of output returned from charon (-from -1=silent to 4=private)*/
170 int output_verbosity;
171
172 union {
173 /* data for STR_INITIATE, STR_ROUTE, STR_UP, STR_DOWN, ... */
174 struct {
175 char *name;
176 } initiate, route, unroute, terminate, status, del_conn, del_ca;
177
178 /* data for STR_ADD_CONN */
179 struct {
180 char *name;
181 int ikev2;
182 int auth_method;
183 int eap_type;
184 int mode;
185 int mobike;
186 struct {
187 char *ike;
188 char *esp;
189 } algorithms;
190 struct {
191 int reauth;
192 time_t ipsec_lifetime;
193 time_t ike_lifetime;
194 time_t margin;
195 unsigned long tries;
196 unsigned long fuzz;
197 } rekey;
198 struct {
199 time_t delay;
200 int action;
201 } dpd;
202 stroke_end_t me, other;
203 } add_conn;
204
205 /* data for STR_ADD_CA */
206 struct {
207 char *name;
208 char *cacert;
209 char *crluri;
210 char *crluri2;
211 char *ocspuri;
212 char *ocspuri2;
213 } add_ca;
214
215 /* data for STR_LOGLEVEL */
216 struct {
217 char *type;
218 int level;
219 } loglevel;
220
221 /* data for STR_LIST */
222 struct {
223 list_flag_t flags;
224 int utc;
225 } list;
226
227 /* data for STR_REREAD */
228 struct {
229 reread_flag_t flags;
230 } reread;
231
232 /* data for STR_PURGE */
233 struct {
234 purge_flag_t flags;
235 } purge;
236 };
237 char buffer[STROKE_BUF_LEN];
238 };
239
240 #endif /* STROKE_H_ */