src/libcharon/plugins/ha/ha_message.h

   1 /*
   2  * Copyright (C) 2008 Martin Willi
   3  * HSR Hochschule fuer Technik Rapperswil
   4  *
   5  * This program is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License as published by the
   7  * Free Software Foundation; either version 2 of the License, or (at your
   8  * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
   9  *
  10  * This program is distributed in the hope that it will be useful, but
  11  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  12  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  13  * for more details.
  14  */
  15
  16 /**
  17  * @defgroup ha_message ha_message
  18  * @{ @ingroup ha
  19  */
  20
  21 #ifndef HA_MESSAGE_H_
  22 #define HA_MESSAGE_H_
  23
  24 #include <library.h>
  25 #include <networking/host.h>
  26 #include <utils/identification.h>
  27 #include <sa/ike_sa_id.h>
  28 #include <selectors/traffic_selector.h>
  29
  30 /**
  31  * Protocol version of this implementation
  32  */
  33 #define HA_MESSAGE_VERSION 3
  34
  35 typedef struct ha_message_t ha_message_t;
  36 typedef enum ha_message_type_t ha_message_type_t;
  37 typedef enum ha_message_attribute_t ha_message_attribute_t;
  38 typedef union ha_message_value_t ha_message_value_t;
  39
  40 /**
  41  * Type of a HA message
  42  */
  43 enum ha_message_type_t {
  44         /** add a completely new IKE_SA */
  45         HA_IKE_ADD = 1,
  46         /** update an existing IKE_SA (identities, address update, ...) */
  47         HA_IKE_UPDATE,
  48         /** update initiator message id */
  49         HA_IKE_MID_INITIATOR,
  50         /** update responder message id */
  51         HA_IKE_MID_RESPONDER,
  52         /** delete an existing IKE_SA */
  53         HA_IKE_DELETE,
  54         /** add a new CHILD_SA */
  55         HA_CHILD_ADD,
  56         /** delete an existing CHILD_SA */
  57         HA_CHILD_DELETE,
  58         /** segments the sending node is giving up */
  59         HA_SEGMENT_DROP,
  60         /** segments the sending node is taking over */
  61         HA_SEGMENT_TAKE,
  62         /** status with the segments the sending node is currently serving */
  63         HA_STATUS,
  64         /** segments the receiving node is requested to resync */
  65         HA_RESYNC,
  66         /** IV synchronization for IKEv1 Main/Aggressive mode */
  67         HA_IKE_IV,
  68 };
  69
  70 /**
  71  * Enum names for message types
  72  */
  73 extern enum_name_t *ha_message_type_names;
  74
  75 /**
  76  * Type of attributes contained in a message
  77  */
  78 enum ha_message_attribute_t {
  79         /** ike_sa_id_t*, to identify IKE_SA */
  80         HA_IKE_ID = 1,
  81         /** ike_sa_id_t*, identifies IKE_SA which gets rekeyed */
  82         HA_IKE_REKEY_ID,
  83         /** identification_t*, local identity */
  84         HA_LOCAL_ID,
  85         /** identification_t*, remote identity */
  86         HA_REMOTE_ID,
  87         /** identification_t*, remote EAP identity */
  88         HA_REMOTE_EAP_ID,
  89         /** host_t*, local address */
  90         HA_LOCAL_ADDR,
  91         /** host_t*, remote address */
  92         HA_REMOTE_ADDR,
  93         /** char*, name of configuration */
  94         HA_CONFIG_NAME,
  95         /** uint32_t, bitset of ike_condition_t */
  96         HA_CONDITIONS,
  97         /** uint32_t, bitset of ike_extension_t */
  98         HA_EXTENSIONS,
  99         /** host_t*, local virtual IP */
 100         HA_LOCAL_VIP,
 101         /** host_t*, remote virtual IP */
 102         HA_REMOTE_VIP,
 103         /** host_t*, known peer addresses (used for MOBIKE) */
 104         HA_PEER_ADDR,
 105         /** uint8_t, initiator of an exchange, TRUE for local */
 106         HA_INITIATOR,
 107         /** chunk_t, initiators nonce */
 108         HA_NONCE_I,
 109         /** chunk_t, responders nonce */
 110         HA_NONCE_R,
 111         /** chunk_t, diffie hellman shared secret */
 112         HA_SECRET,
 113         /** chunk_t, SKd of old SA if rekeying */
 114         HA_OLD_SKD,
 115         /** uint16_t, pseudo random function */
 116         HA_ALG_PRF,
 117         /** uint16_t, old pseudo random function if rekeying */
 118         HA_ALG_OLD_PRF,
 119         /** uint16_t, encryption algorithm */
 120         HA_ALG_ENCR,
 121         /** uint16_t, encryption key size in bytes */
 122         HA_ALG_ENCR_LEN,
 123         /** uint16_t, integrity protection algorithm */
 124         HA_ALG_INTEG,
 125         /** uint16_t, DH group */
 126         HA_ALG_DH,
 127         /** uint8_t, IPsec mode, TUNNEL|TRANSPORT|... */
 128         HA_IPSEC_MODE,
 129         /** uint8_t, IPComp protocol */
 130         HA_IPCOMP,
 131         /** uint32_t, inbound security parameter index */
 132         HA_INBOUND_SPI,
 133         /** uint32_t, outbound security parameter index */
 134         HA_OUTBOUND_SPI,
 135         /** uint16_t, inbound security parameter index */
 136         HA_INBOUND_CPI,
 137         /** uint16_t, outbound security parameter index */
 138         HA_OUTBOUND_CPI,
 139         /** traffic_selector_t*, local traffic selector */
 140         HA_LOCAL_TS,
 141         /** traffic_selector_t*, remote traffic selector */
 142         HA_REMOTE_TS,
 143         /** uint32_t, message ID */
 144         HA_MID,
 145         /** uint16_t, HA segment */
 146         HA_SEGMENT,
 147         /** uint16_t, Extended Sequence numbers */
 148         HA_ESN,
 149         /** uint8_t, IKE version */
 150         HA_IKE_VERSION,
 151         /** chunk_t, own DH public value */
 152         HA_LOCAL_DH,
 153         /** chunk_t, remote DH public value */
 154         HA_REMOTE_DH,
 155         /** chunk_t, shared secret for IKEv1 key derivation */
 156         HA_PSK,
 157         /** chunk_t, IV for next IKEv1 message */
 158         HA_IV,
 159         /** uint16_t, auth_method_t for IKEv1 key derivation */
 160         HA_AUTH_METHOD,
 161 };
 162
 163 /**
 164  * Union to enumerate typed attributes in a message
 165  */
 166 union ha_message_value_t {
 167         uint8_t u8;
 168         uint16_t u16;
 169         uint32_t u32;
 170         char *str;
 171         chunk_t chunk;
 172         ike_sa_id_t *ike_sa_id;
 173         identification_t *id;
 174         host_t *host;
 175         traffic_selector_t *ts;
 176 };
 177
 178 /**
 179  * Abstracted message passed between nodes in a HA cluster.
 180  */
 181 struct ha_message_t {
 182
 183         /**
 184          * Get the type of the message.
 185          *
 186          * @return              message type
 187          */
 188         ha_message_type_t (*get_type)(ha_message_t *this);
 189
 190         /**
 191          * Add an attribute to a message.
 192          *
 193          * @param attribute             attribute type to add
 194          * @param ...                   attribute specific data
 195          */
 196         void (*add_attribute)(ha_message_t *this,
 197                                                   ha_message_attribute_t attribute, ...);
 198
 199         /**
 200          * Create an enumerator over all attributes in a message.
 201          *
 202          * @return                              enumerator over attribute, ha_message_value_t
 203          */
 204         enumerator_t* (*create_attribute_enumerator)(ha_message_t *this);
 205
 206         /**
 207          * Get the message in a encoded form.
 208          *
 209          * @return                              chunk pointing to internal data
 210          */
 211         chunk_t (*get_encoding)(ha_message_t *this);
 212
 213         /**
 214          * Destroy a ha_message_t.
 215          */
 216         void (*destroy)(ha_message_t *this);
 217 };
 218
 219 /**
 220  * Create a new ha_message instance, ready for adding attributes
 221  *
 222  * @param type                          type of the message
 223  */
 224 ha_message_t *ha_message_create(ha_message_type_t type);
 225
 226 /**
 227  * Create a ha_message from encoded data.
 228  *
 229  * @param data                          encoded message data
 230  */
 231 ha_message_t *ha_message_parse(chunk_t data);
 232
 233 #endif /** HA_MESSAGE_ @}*/