4 * @brief Definition of stroke_msg_t.
9 * Copyright (C) 2006 Martin Willi
10 * Hochschule fuer Technik Rapperswil
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
26 #include <sys/types.h>
31 * Socket which is used to communicate between charon and stroke
33 #define STROKE_SOCKET IPSEC_PIDDIR "/charon.ctl"
35 #define STROKE_BUF_LEN 2048
37 typedef enum list_flag_t list_flag_t
;
40 * Definition of the LIST flags, used for
41 * the various stroke list* commands.
44 /** don't list anything */
46 /** list all raw public keys */
47 LIST_PUBKEYS
= 0x0001,
48 /** list all host/user certs */
50 /** list all ca certs */
51 LIST_CACERTS
= 0x0004,
52 /** list all ocsp signer certs */
53 LIST_OCSPCERTS
= 0x0008,
54 /** list all aa certs */
55 LIST_AACERTS
= 0x0010,
56 /** list all attribute certs */
58 /** list all access control groups */
60 /** list all ca information records */
61 LIST_CAINFOS
= 0x0080,
64 /** list all ocsp cache entries */
66 /** list all supported algorithms */
68 /** list plugin information */
69 LIST_PLUGINS
= 0x0800,
70 /** list IKE counters */
71 LIST_COUNTERS
= 0x1000,
72 /** all list options */
76 typedef enum reread_flag_t reread_flag_t
;
79 * Definition of the REREAD flags, used for
80 * the various stroke reread* commands.
83 /** don't reread anything */
85 /** reread all secret keys */
86 REREAD_SECRETS
= 0x0001,
87 /** reread all ca certs */
88 REREAD_CACERTS
= 0x0002,
89 /** reread all ocsp signer certs */
90 REREAD_OCSPCERTS
= 0x0004,
91 /** reread all aa certs */
92 REREAD_AACERTS
= 0x0008,
93 /** reread all attribute certs */
94 REREAD_ACERTS
= 0x0010,
95 /** reread all crls */
97 /** all reread options */
101 typedef enum purge_flag_t purge_flag_t
;
104 * Definition of the PURGE flags, currently used for
105 * the stroke purgeocsp command.
108 /** don't purge anything */
110 /** purge ocsp cache entries */
112 /** purge CRL cache entries */
114 /** purge X509 cache entries */
115 PURGE_CERTS
= 0x0004,
116 /** purge IKE_SAs without a CHILD_SA */
120 typedef enum export_flag_t export_flag_t
;
123 * Definition of the export flags
126 /** export an X509 certificate */
127 EXPORT_X509
= 0x0001,
131 * CRL certificate validation policy
140 typedef struct stroke_end_t stroke_end_t
;
143 * definition of a peer in a stroke message
145 struct stroke_end_t
{
174 typedef struct stroke_msg_t stroke_msg_t
;
177 * @brief A stroke message sent over the unix socket.
179 struct stroke_msg_t
{
180 /* length of this message with all strings */
183 /* type of the message */
185 /* initiate a connection */
187 /* install SPD entries for a policy */
189 /* uninstall SPD entries for a policy */
191 /* add a connection */
193 /* delete a connection */
195 /* terminate connection */
197 /* terminate connection by peers srcip/virtual ip */
199 /* rekey a connection */
201 /* show connection status */
203 /* show verbose connection status */
205 /* show verbose connection status, non-blocking variant */
206 STR_STATUS_ALL_NOBLK
,
207 /* add a ca information record */
209 /* delete ca information record */
211 /* set a log type to log/not log */
213 /* configure global options for stroke */
215 /* list various objects */
217 /* reread various objects */
219 /* purge various objects */
221 /* show pool leases */
223 /* export credentials */
225 /* print memory usage details */
227 /* set username and password for a connection */
232 /* verbosity of output returned from charon (-from -1=silent to 4=private)*/
233 int output_verbosity
;
236 /* data for STR_INITIATE, STR_ROUTE, STR_UP, STR_DOWN, ... */
239 } initiate
, route
, unroute
, terminate
, rekey
, status
, del_conn
, del_ca
;
241 /* data for STR_TERMINATE_SRCIP */
247 /* data for STR_ADD_CONN */
253 char *xauth_identity
;
268 crl_policy_t crl_policy
;
276 time_t ipsec_lifetime
;
279 u_int64_t life_bytes
;
280 u_int64_t margin_bytes
;
281 u_int64_t life_packets
;
282 u_int64_t margin_packets
;
300 stroke_end_t me
, other
;
303 /* data for STR_ADD_CA */
314 /* data for STR_LOGLEVEL */
320 /* data for STR_CONFIG */
325 /* data for STR_LIST */
331 /* data for STR_REREAD */
336 /* data for STR_PURGE */
341 /* data for STR_EXPORT */
347 /* data for STR_LEASES */
353 /* data for STR_USER_CREDS */
360 char buffer
[STROKE_BUF_LEN
];
363 #endif /* STROKE_MSG_H_ */